| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEf4BzaQOfGOvGnzqGRoQmnysoWZrEo=ZBS4RreV3OfcKB3uQQ@mail.gmail.com>
Date: Tue, 17 Nov 2020 18:58:38 -0800
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: "Daniel T. Lee" <danieltimlee@...il.com>
Cc: Daniel Borkmann <daniel@...earbox.net>,
Alexei Starovoitov <ast@...nel.org>,
Andrii Nakryiko <andrii@...nel.org>, brakmo <brakmo@...com>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Lorenzo Bianconi <lorenzo@...nel.org>,
David Ahern <dsa@...ulusnetworks.com>,
Yonghong Song <yhs@...com>,
Toke Høiland-Jørgensen <toke@...hat.com>,
Ira Weiny <ira.weiny@...el.com>, Thomas Graf <tgraf@...g.ch>,
Jakub Kicinski <kuba@...nel.org>,
Martin KaFai Lau <kafai@...com>,
John Fastabend <john.fastabend@...il.com>,
bpf <bpf@...r.kernel.org>, Networking <netdev@...r.kernel.org>,
Xdp <xdp-newbies@...r.kernel.org>
Subject: Re: [PATCH bpf-next 4/9] samples: bpf: refactor task_fd_query program
with libbpf
On Tue, Nov 17, 2020 at 6:57 AM Daniel T. Lee <danieltimlee@...il.com> wrote:
>
> This commit refactors the existing kprobe program with libbpf bpf
> loader. To attach bpf program, this uses generic bpf_program__attach()
> approach rather than using bpf_load's load_bpf_file().
>
> To attach bpf to perf_event, instead of using previous ioctl method,
> this commit uses bpf_program__attach_perf_event since it manages the
> enable of perf_event and attach of BPF programs to it, which is much
> more intuitive way to achieve.
>
> Also, explicit close(fd) has been removed since event will be closed
> inside bpf_link__destroy() automatically.
>
> DEBUGFS macro from trace_helpers has been used to control uprobe events.
> Furthermore, to prevent conflict of same named uprobe events, O_TRUNC
> flag has been used to clear 'uprobe_events' interface.
>
> Signed-off-by: Daniel T. Lee <danieltimlee@...il.com>
> ---
> samples/bpf/Makefile | 2 +-
> samples/bpf/task_fd_query_user.c | 101 ++++++++++++++++++++++---------
> 2 files changed, 74 insertions(+), 29 deletions(-)
>
[...]
> static int test_debug_fs_uprobe(char *binary_path, long offset, bool is_return)
> {
> + char buf[256], event_alias[sizeof("test_1234567890")];
> const char *event_type = "uprobe";
> struct perf_event_attr attr = {};
> - char buf[256], event_alias[sizeof("test_1234567890")];
> __u64 probe_offset, probe_addr;
> __u32 len, prog_id, fd_type;
> - int err, res, kfd, efd;
> + int err = -1, res, kfd, efd;
> + struct bpf_link *link;
> ssize_t bytes;
>
> - snprintf(buf, sizeof(buf), "/sys/kernel/debug/tracing/%s_events",
> - event_type);
> - kfd = open(buf, O_WRONLY | O_APPEND, 0);
> + snprintf(buf, sizeof(buf), DEBUGFS "%s_events", event_type);
> + kfd = open(buf, O_WRONLY | O_TRUNC, 0);
O_TRUNC will also remove other events, created by users. Not a great
experience. Let's leave the old behavior?
> CHECK_PERROR_RET(kfd < 0);
>
> res = snprintf(event_alias, sizeof(event_alias), "test_%d", getpid());
> @@ -240,8 +252,8 @@ static int test_debug_fs_uprobe(char *binary_path, long offset, bool is_return)
> close(kfd);
> kfd = -1;
>
> - snprintf(buf, sizeof(buf), "/sys/kernel/debug/tracing/events/%ss/%s/id",
> - event_type, event_alias);
> + snprintf(buf, sizeof(buf), DEBUGFS "events/%ss/%s/id", event_type,
I'd leave the string verbatim here (and above), I think it's better
that way and easier to figure out what's written where. And then no
need to expose DEBUGFS.
> + event_alias);
> efd = open(buf, O_RDONLY, 0);
> CHECK_PERROR_RET(efd < 0);
>
[...]
Powered by blists - more mailing lists