Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bcc tools fixes #2894

Merged
merged 4 commits into from
May 5, 2020
Merged

Bcc tools fixes #2894

merged 4 commits into from
May 5, 2020

Conversation

sumanthkorikkar
Copy link
Contributor

This pull request provides the following:

  • Add bpf_probe_read_user support to trace.py and argdist.py
  • Refactoring of STRCMP probe generation code
  • Fix bpf_has_kernel_btf

Thank you

@sumanthkorikkar
bcc/utils: Avoid code duplication of __generate_streq_function
99739b2 
bcc tools like trace.py and argdist.py uses _generate_streq_function()
functions to convert char * read to bpf_probe_read/bpf_probe_read_user.
Refactor it and move the common functionality to utils.py.

Signed-off-by: Sumanth Korikkar <[email protected]>
Acked-by: Ilya Leoshkevich <[email protected]>
@sumanthkorikkar
bcc: Add __user attribute to support bpf_probe_read_user in argdist
306080b 
argdist traces probe functions and its parameter values.

Add functionality to convert:
- All userspace probes char * read to bpf_probe_read_user()
- Syscall/kprobes char* params with __user attribute to bpf_probe_read_user()

Signed-off-by: Sumanth Korikkar <[email protected]>
Acked-by: Ilya Leoshkevich <[email protected]>
@sumanthkorikkar
bcc: Support bpf_probe_read_user in trace.py
7cbd074 
Arguments of a probe point can be either user pointer or kernel
pointer.

Previously:
- tools/trace.py 'do_sys_open "%s", arg2'
  When reading arg2 as char *, it would resolve to bpf_probe_read.

Now:
- tools/trace.py 'do_sys_open "%s", arg2@user'
  - When reading arg2 as char *, it is resolved to bpf_probe_read_user.
- tools/trace.py 'do_sys_open (STRCMP("test.txt", arg2@user)) "%s", arg2'
  - For arg2 char * read, bpf_probe_read_user is utilized

To distinguish this, add arg@user.
- All userspace probes char *read converted to bpf_probe_read_user
- Syscall/kprobes with arg[1-6]@user attribute are converted to
  bpf_probe_read_user.

Signed-off-by: Sumanth Korikkar <[email protected]>
Acked-by: Ilya Leoshkevich <[email protected]>
@sumanthkorikkar
bcc/libbpf: Fix bpf_has_kernel_btf return status
09be5b5 
bool returns True for negative integers. Hence bcc tools
tries to switch to kfunc instead of kprobes, even when the
btf data is not found.

For libbpf_find_vmlinux_btf_id, When err <= 0 , btf is not found.

Signed-off-by: Sumanth Korikkar <[email protected]>
Acked-by: Ilya Leoshkevich <[email protected]>
@yonghong-song
Copy link
Collaborator

[buildbot, test this please]

@yonghong-song
Copy link
Collaborator

[buildbot, ok to test]

@yonghong-song yonghong-song merged commit 1b03643 into iovisor:master May 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@4ast 4ast Awaiting requested review from 4ast 4ast is a code owner

@brendangregg brendangregg Awaiting requested review from brendangregg brendangregg is a code owner

@drzaeus77 drzaeus77 Awaiting requested review from drzaeus77 drzaeus77 is a code owner

@goldshtn goldshtn Awaiting requested review from goldshtn goldshtn is a code owner

@yonghong-song yonghong-song Awaiting requested review from yonghong-song yonghong-song is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@sumanthkorikkar @yonghong-song