Perf event array map kernel-side implementation

[mikeagun]

Description

Implements the kernel side of perf event array maps.

This includes the core and kernel changes for #658, with part of the user-side API skeleton.

Testing

Includes platform and execution context tests.

Documentation

Documented in code and PerfEventArray.md.

Installation

N/A

[mikeagun]

Moving to draft until the ring buffer refactoring is merged in #4204

[mikeagun]

This is currently blocked on #4204, as it uses the new ring buffer for wait-free reserve (at dispatch) in the per-cpu rings. Most of the refactoring to use the new ring buffer has been done, but after the new ring buffer implementation is merged I'll update+publish this again.

[mikeagun]

I split the context header support requirement out into #4267. After that passes all CICD tests I'll rebase this PR split into two commits - context header support then perf event array impl.

[mikeagun]

Comment to track porting the necessary platform unit tests over to execution context unit tests using the new ebpf_maps based definition (vs. the old ebpf_perf_event_array based implementation).

[dthaler]

From lines 1608 and 1610, it looks like this PR should still be in Draft?

[shankarseal]

bind context already has app_id_start and app_id_end as data begin and data end, which bpf_perf_event_output should prepend (assuming thats what the flags does). Why not add another random event payload?

[mikeagun]

It now passes the ctxlen flag to copy the app id and outputs a random value for the data argument.

[shankarseal]

Are these rings "pinned" to a specific core?

[mikeagun]

Yes.

There is one ring per core and the whole reserve_exclusive+memcpy+submit is done at dispatch to the ring for the current cpu -- so there can only be one producer writing to a single ring at a time.

I followed the linux flag semantics - below dispatch you must specify the EBPF_MAP_FLAG_CURRENT_CPU flag, and at dispatch you can either use auto-cpu or manually specify the cpu you are currently running on.

[shankarseal]

I would suggest updating the routine description to reflect that - what the word "exclusive" means.

[shankarseal]

Please consider:

Suggested change

	typedef struct _ebpf_core_ring_buffer_map
	typedef struct _ebpf_core_perf_ring
	{
	ebpf_ring_buffer_t ring;
	ebpf_core_map_async_contexts_t async;
	} ebpf_core_ring_t;
	typedef struct _ebpf_core_ring_buffer_map
	{
	ebpf_core_map_t core_map;
	ebpf_core_ring_t ring;
	} ebpf_core_ring_buffer_map_t;

[mikeagun]

I did try that out, but it doesn't currently save any lines of code, just adds a few lines/makes lines longer.

With some higher level restructuring it could maybe save a few lines, but the common functionality between perf array and ringbuf already uses shared code so the extra nesting doesn't simplify things.

[shankarseal]

Its just that it will look more symmetrical. I suggest you create an issue with these nit-pickish comments to be resolved a later time.

[saxena-anurag]

Can user mode write into perf_event_array map?

[mikeagun]

We don't support this yet via the libbpf interface (for ringbuf or perf array).

We already had the core functionality though for ringbuf, so I added the corresponding code for perf array.

[saxena-anurag]

nit: EBPF_OBJECT_RELEASE_REFERENCE already handles nullptr, do we need this check in that case?

[mikeagun]

No. I saw that some of the existing code used that pattern -- so I added it for the other updated ioctls. If there wasn't a perf/analyze reason for that though I can remove the reference_taken bool and checks.

[dthaler]

The recommended pattern is to not add if checks here, to reduce the number of code paths. I.e., reduce code complexity and improve code coverage.

[mikeagun]

Note: Try again to update SAL to cover locking.

[shankarseal]

since the cancel context is cast to the same type ebpf_core_map_async_query_context_t* both here and in line 2273, why not change the parameter type to ebpf_core_map_async_query_context_t* ?

[shankarseal]

non blocking: consider creating a issue to make this struct opaque with "getter" functions. You can resolve this comment.

[shankarseal]

Consider ebpf_perf_event_array_map_output calling ebpf_perf_event_array_map_output_simple.

[shankarseal]

Consider not using the word simple, and if you must, the routing description must explain what this means.

[shankarseal]

Suggested change

	ebpf_perf_event_array_map_output(
	ebpf_perf_event_array_map_output_with_capture(

[shankarseal]

Suggested change

	ebpf_perf_event_array_map_output_simple(
	ebpf_perf_event_array_map_output(

[dthaler]

If it's required, why do we need a flag? When would the flag be false?

[dthaler]

if it's only "in progress" then can you reference an issue number here that tracks the completion of it?
Want to make sure this line gets updated by the time it's complete.

[dthaler]

Suggested change

	/* BPF_FUNC_perf_event_output flags for program types with data pointer in context */
	/* BPF_FUNC_perf_event_output flags for program types with data pointer in context. */

nit: For consistency with line 417

[dthaler]

The recommended pattern is to not add if checks here, to reduce the number of code paths. I.e., reduce code complexity and improve code coverage.

[dthaler]

Suggested change

	* - EBPF_MAP_FLAG_CURRENT_CPU - Select current cpu.
	* - EBPF_MAP_FLAG_CURRENT_CPU - Select current cpu.

[dthaler]

Why is "LEN" abbreviated when (say) "length" is spelled out as an argument?
The coding style guidelines in this project say to avoid abbreviations (unless it's for parity with Linux or to match abbreviations in the language or a library being called).

[dthaler]

Suggested change

	* @note Extension must support context headers.
	* @note Extension must support context headers.

Make doxygen line up. Also in line 495 and perhaps elsewhere.

[dthaler]

From lines 1608 and 1610, it looks like this PR should still be in Draft?