From af6f5122689170e86c370c7960f37a7265e65b3e Mon Sep 17 00:00:00 2001
From: Teng Qin <qinteng@fb.com>
Date: Tue, 9 May 2017 02:31:32 -0700
Subject: [PATCH] Add bpf_probe_read_str helper

Also use it in the RecordMySQLQuery example and updated documentation
---
 docs/reference_guide.md          | 35 +++++++++++++++++++++++---------
 examples/cpp/RecordMySQLQuery.cc |  2 +-
 src/cc/export/helpers.h          |  2 ++
 3 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/docs/reference_guide.md b/docs/reference_guide.md
index 2c5d3be768da..b5846fc6044a 100644
--- a/docs/reference_guide.md
+++ b/docs/reference_guide.md
@@ -16,11 +16,12 @@ This guide is incomplete. If something feels missing, check the bcc and kernel s
         - [6. USDT probes](#6-usdt-probes)
     - [Data](#data)
         - [1. bpf_probe_read()](#1-bpf_probe_read)
-        - [2. bpf_ktime_get_ns()](#2-bpf_ktime_get_ns)
-        - [3. bpf_get_current_pid_tgid()](#3-bpf_get_current_pid_tgid)
-        - [4. bpf_get_current_uid_gid()](#4-bpf_get_current_uid_gid)
-        - [5. bpf_get_current_comm()](#5-bpf_get_current_comm)
-        - [6. bpf_log2l()](#6-bpflog2l)
+        - [2. bpf_probe_read_str()](#2-bpf_probe_read_str)
+        - [3. bpf_ktime_get_ns()](#3-bpf_ktime_get_ns)
+        - [4. bpf_get_current_pid_tgid()](#4-bpf_get_current_pid_tgid)
+        - [5. bpf_get_current_uid_gid()](#5-bpf_get_current_uid_gid)
+        - [6. bpf_get_current_comm()](#6-bpf_get_current_comm)
+        - [7. bpf_log2l()](#7-bpflog2l)
     - [Output](#output)
         - [1. bpf_trace_printk()](#1-bpf_trace_printk)
         - [2. BPF_PERF_OUTPUT](#2-bpf_perf_output)
@@ -239,7 +240,21 @@ Examples in situ:
 [search /examples](https://github.com/iovisor/bcc/search?q=bpf_probe_read+path%3Aexamples&type=Code),
 [search /tools](https://github.com/iovisor/bcc/search?q=bpf_probe_read+path%3Atools&type=Code)
 
-### 2. bpf_ktime_get_ns()
+### 2. bpf_probe_read_str()
+
+Syntax: ```int bpf_probe_read_str(void *dst, int size, void *src)```
+
+Return:
+  - \> 0 length of the string including the trailing NUL on success
+  - \< 0 error
+
+This copies a `NULL` terminated string from memory location to BPF stack, so that BPF can later operate on it. In case the string length is smaller than size, the target is not padded with further `NULL` bytes. In case the string length is larger than size, just `size - 1` bytes are copied and the last byte is set to `NULL`.
+
+Examples in situ:
+[search /examples](https://github.com/iovisor/bcc/search?q=bpf_probe_read_str+path%3Aexamples&type=Code),
+[search /tools](https://github.com/iovisor/bcc/search?q=bpf_probe_read_str+path%3Atools&type=Code)
+
+### 3. bpf_ktime_get_ns()
 
 Syntax: ```u64 bpf_ktime_get_ns(void)```
 
@@ -249,7 +264,7 @@ Examples in situ:
 [search /examples](https://github.com/iovisor/bcc/search?q=bpf_ktime_get_ns+path%3Aexamples&type=Code),
 [search /tools](https://github.com/iovisor/bcc/search?q=bpf_ktime_get_ns+path%3Atools&type=Code)
 
-### 3. bpf_get_current_pid_tgid()
+### 4. bpf_get_current_pid_tgid()
 
 Syntax: ```u64 bpf_get_current_pid_tgid(void)```
 
@@ -261,7 +276,7 @@ Examples in situ:
 [search /examples](https://github.com/iovisor/bcc/search?q=bpf_get_current_pid_tgid+path%3Aexamples&type=Code),
 [search /tools](https://github.com/iovisor/bcc/search?q=bpf_get_current_pid_tgid+path%3Atools&type=Code)
 
-### 4. bpf_get_current_uid_gid()
+### 5. bpf_get_current_uid_gid()
 
 Syntax: ```u64 bpf_get_current_uid_gid(void)```
 
@@ -273,7 +288,7 @@ Examples in situ:
 [search /examples](https://github.com/iovisor/bcc/search?q=bpf_get_current_uid_gid+path%3Aexamples&type=Code),
 [search /tools](https://github.com/iovisor/bcc/search?q=bpf_get_current_uid_gid+path%3Atools&type=Code)
 
-### 5. bpf_get_current_comm()
+### 6. bpf_get_current_comm()
 
 Syntax: ```bpf_get_current_comm(char *buf, int size_of_buf)```
 
@@ -294,7 +309,7 @@ Examples in situ:
 [search /examples](https://github.com/iovisor/bcc/search?q=bpf_get_current_comm+path%3Aexamples&type=Code),
 [search /tools](https://github.com/iovisor/bcc/search?q=bpf_get_current_comm+path%3Atools&type=Code)
 
-### 6. bpf_log2l()
+### 7. bpf_log2l()
 
 Syntax: ```unsigned int bpf_log2l(unsigned long v)```
 
diff --git a/examples/cpp/RecordMySQLQuery.cc b/examples/cpp/RecordMySQLQuery.cc
index 9173cb411e4c..deb1cf235022 100644
--- a/examples/cpp/RecordMySQLQuery.cc
+++ b/examples/cpp/RecordMySQLQuery.cc
@@ -34,7 +34,7 @@ int probe_mysql_query(struct pt_regs *ctx, void* thd, char* query, size_t len) {
     key.ts = bpf_ktime_get_ns();
     key.pid = bpf_get_current_pid_tgid();
 
-    bpf_probe_read(&key.query, sizeof(key.query), query);
+    bpf_probe_read_str(&key.query, sizeof(key.query), query);
 
     int one = 1;
     queries.update(&key, &one);
diff --git a/src/cc/export/helpers.h b/src/cc/export/helpers.h
index 2c51aa2dc5b3..c6529ef608d4 100644
--- a/src/cc/export/helpers.h
+++ b/src/cc/export/helpers.h
@@ -165,6 +165,8 @@ static u32 (*bpf_get_prandom_u32)(void) =
   (void *) BPF_FUNC_get_prandom_u32;
 static int (*bpf_trace_printk_)(const char *fmt, u64 fmt_size, ...) =
   (void *) BPF_FUNC_trace_printk;
+static int (*bpf_probe_read_str)(void *dst, u64 size, void *unsafe_ptr) =
+  (void *) BPF_FUNC_probe_read_str;
 int bpf_trace_printk(const char *fmt, ...) asm("llvm.bpf.extra");
 static inline __attribute__((always_inline))
 void bpf_tail_call_(u64 map_fd, void *ctx, int index) {