bpf: tracing session supporting #10096
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Upstream branch: e758657 |
|
At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=1015831 expired. Closing PR. |
|
Upstream branch: ff88079 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1015831=>bpf-next
branch
from
09b84ad to
0d8752a
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
10ce4bd to
e5828a2
Compare
|
Upstream branch: f9db3a3 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1015831=>bpf-next
branch
from
0d8752a to
94184af
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
e5828a2 to
13927c8
Compare
|
Upstream branch: 8842732 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1015831=>bpf-next
branch
from
94184af to
22bcd61
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
13927c8 to
9b73883
Compare
The tracing session is something that similar to kprobe session. It allow to attach a single BPF program to both the entry and the exit of the target functions. While a non-zero value is returned by the fentry, the fexit will be skipped, which is similar to kprobe session. Signed-off-by: Menglong Dong <[email protected]> Co-developed-by: Leon Hwang <[email protected]> Signed-off-by: Leon Hwang <[email protected]>
If TRACE_SESSION exists, we will use extra 8-bytes in the stack of the trampoline to store the flags that we needed, and the 8-bytes lie after the return value, which means ctx[nr_args + 1]. And we will store the flag "is_exit" to the first bit of it. Introduce the kfunc bpf_tracing_is_exit(), which is used to tell if it is fexit currently. Meanwhile, inline it in the verifier. Add the kfunc bpf_fsession_cookie(), which is similar to bpf_session_cookie() and return the address of the session cookie. The address of the session cookie is stored after session flags, which means ctx[nr_args + 2]. Inline this kfunc in the verifier too. Signed-off-by: Menglong Dong <[email protected]> Co-developed-by: Leon Hwang <[email protected]> Signed-off-by: Leon Hwang <[email protected]>
|
Upstream branch: 23f852d |
For now, the offset of the return value in trampoline is fixed 8-bytes. In this commit, we introduce the variable "ret_off" to represent the offset of the return value. For now, the "ret_off" is just 8. And in the following patch, we will make it something else to use the room after it. Signed-off-by: Menglong Dong <[email protected]>
Add BPF_TRACE_SESSION supporting to x86_64. invoke_bpf_session_entry and invoke_bpf_session_exit is introduced for this purpose. In invoke_bpf_session_entry(), we will check if the return value of the fentry is 0, and set the corresponding session flag if not. And in invoke_bpf_session_exit(), we will check if the corresponding flag is set. If set, the fexit will be skipped. As designed, the session flags and session cookie address is stored after the return value, and the stack look like this: cookie ptr -> 8 bytes session flags -> 8 bytes return value -> 8 bytes argN -> 8 bytes ... arg1 -> 8 bytes nr_args -> 8 bytes ... cookieN -> 8 bytes cookie1 -> 8 bytes In the entry of the session, we will clear the return value, so the fentry will always get 0 with ctx[nr_args] or bpf_get_func_ret(). Before the execution of the BPF prog, the "cookie ptr" will be filled with the corresponding cookie address, which is done in invoke_bpf_session_entry() and invoke_bpf_session_exit(). Signed-off-by: Menglong Dong <[email protected]> Co-developed-by: Leon Hwang <[email protected]> Signed-off-by: Leon Hwang <[email protected]>
Add BPF_TRACE_SESSION to libbpf and bpftool. Signed-off-by: Menglong Dong <[email protected]>
Add testcases for BPF_TRACE_SESSION. The function arguments and return value are tested both in the entry and exit. And the kfunc bpf_tracing_is_exit() is also tested. As the layout of the stack changed for fsession, so we also test bpf_get_func_ip() for it. Session cookie for fsession is also tested. Multiple fsession BPF progs is attached to bpf_fentry_test1() and session cookie is read and write in the testcase. Signed-off-by: Menglong Dong <[email protected]>
Test the fsession when it is used together with fentry, fexit. Signed-off-by: Menglong Dong <[email protected]>
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1015831=>bpf-next
branch
from
22bcd61 to
ba257cb
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
9b73883 to
3cfe497
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: bpf: tracing session supporting
version: 3
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1015831