lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170530142437.656ec63d@redhat.com> Date: Tue, 30 May 2017 14:24:37 +0200 From: Jesper Dangaard Brouer <brouer@...hat.com> To: Adel Fuchs <adelfuchs@...il.com> Cc: brouer@...hat.com, netdev@...r.kernel.org, "xdp-newbies@...r.kernel.org" <xdp-newbies@...r.kernel.org>, "iovisor-dev@...ts.iovisor.org" <iovisor-dev@...ts.iovisor.org> Subject: Re: Error with printk and bpf_trace_printk Notice, there are two mailing lists (Cc'ed) that you should likely ask these kind of questions on (instead of netdev), depending on if this is mostly related to bpf (iovisor-dev@...ts.iovisor.org) or somehow related to XDP (xdp-newbies@...r.kernel.org). See my answer inlined below: On Sun, 28 May 2017 17:48:20 +0300 Adel Fuchs <adelfuchs@...il.com> wrote: > I have a working eBPF program, and I'm trying to add outputs to it. > I'm not able to use both printk and bpf_trace_printk functions. I get > this error: > > ELF contains non-map related relo data in entry 0 pointing to section > 8! Compiler bug?! > > Prog section 'ingress' rejected: Invalid argument (22)! > - Type: 3 > - Instructions: 16 (0 over limit) > - License: GPL > > Verifier analysis: > > 0: (bf) r6 = r1 > 1: (18) r1 = 0x0 > 3: (85) call bpf_unspec#0 > unknown func bpf_unspec#0 > > Error fetching program/map! > Failed to retrieve (e)BPF data! > > Are there certain "includes" that I need to add? > In addition, I'm not sure I'm using the function correctly. I just > wrote: printk("hi") You obviously cannot call printk directly from and eBPF program. I wonder how you got this compiling... As you hinted yourself, you should be using: bpf_trace_printk(). But it is actually tricky to use... and not much help is around to figure this out. First of all the output end-up in this file: /sys/kernel/debug/tracing/trace_pipe Remember to read the output use 'cat' like: sudo cat /sys/kernel/debug/tracing/trace_pipe And only the first process to read the output gets the output... I deduct you are using the TC/iproute2 examples: https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git/tree/examples/bpf Next gotcha is that, you need to provide the char* string in a very special way to make this compile correctly. The iproute2 provide a helper define called "printt()" in include/bpf_api.h for this: #ifndef printt # define printt(fmt, ...) \ ({ \ char ____fmt[] = fmt; \ trace_printk(____fmt, sizeof(____fmt), ##__VA_ARGS__); \ }) #endif Or see my solution here: [1] https://github.com/netoptimizer/prototype-kernel/blob/master/kernel/samples/bpf/xdp_ddos01_blacklist_kern.c#L86:L99 Another gotcha I've experienced is that if you format the string incorrectly, or use a modifier like %X, which bpf_trace_printk() does not seem to understand, then you "hear-nothing"... Also experienced if using more than 3 arguments, then it fails or also go silent. Be careful when using this somewhat "flaky" debug facility. Do remember these bpf_trace_printk() should only be used for debugging, as it is very slow... -- Best regards, Jesper Dangaard Brouer MSc.CS, Principal Kernel Engineer at Red Hat LinkedIn: http://www.linkedin.com/in/brouer
Powered by blists - more mailing lists