[PATCHv3,bpf-next,02/26] bpf: Add multi uprobe link

Message ID	20230630083344.984305-3-jolsa@kernel.org (mailing list archive)
State	Changes Requested
Delegated to:	BPF
Headers	show Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1C26D1FB8 for <bpf@vger.kernel.org>; Fri, 30 Jun 2023 08:34:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6996DC433C8; Fri, 30 Jun 2023 08:34:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1688114053; bh=PtLxYB5fmh1uPRleGoQ2V2j4VL+x1kMGrQEAszyuV1Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=k7oi9f/6qZ81BNp3G5uzPCPysXJSzfUBybC1fIcEneGBKawwSgiA0qp7O9+dwdsP2 /VkRcJq4EssaJ3DMvShIK6IajSsMSOzIct6j4diKYHPOyfk6l/FcuU6f4/JDwC0hft xtOQDl/QZd3bBv5QHpfjZADaPDev535uk7zGZ5W/po/71l5fER+BGIfMlN9NQ1ceF7 Dol9tslyOoTyPi5lQ6CcOGOxDyP3hanNtH+6L5k1mIdBuAjCyP3t5xzf9i/oWhVGxH fZtStFNyywnoC1EL31WgcdmcDoD0yzNzLchWcArX+VHLq+0yHphrG1rDOwv4ypBlKo DleMxlbg443Ww== From: Jiri Olsa <jolsa@kernel.org> To: Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Andrii Nakryiko <andrii@kernel.org> Cc: bpf@vger.kernel.org, Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>, John Fastabend <john.fastabend@gmail.com>, KP Singh <kpsingh@chromium.org>, Stanislav Fomichev <sdf@google.com>, Hao Luo <haoluo@google.com> Subject: [PATCHv3 bpf-next 02/26] bpf: Add multi uprobe link Date: Fri, 30 Jun 2023 10:33:20 +0200 Message-ID: <20230630083344.984305-3-jolsa@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230630083344.984305-1-jolsa@kernel.org> References: <20230630083344.984305-1-jolsa@kernel.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: <bpf.vger.kernel.org> List-Subscribe: <mailto:bpf+subscribe@vger.kernel.org> List-Unsubscribe: <mailto:bpf+unsubscribe@vger.kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Delegate: bpf@iogearbox.net
Series	bpf: Add multi uprobe link \| expand [PATCHv3,bpf-next,00/26] bpf: Add multi uprobe link [PATCHv3,bpf-next,01/26] bpf: Add attach_type checks under bpf_prog_attach_check_attach_type [PATCHv3,bpf-next,02/26] bpf: Add multi uprobe link [PATCHv3,bpf-next,03/26] bpf: Add cookies support for uprobe_multi link [PATCHv3,bpf-next,04/26] bpf: Add pid filter support for uprobe_multi link [PATCHv3,bpf-next,05/26] bpf: Add bpf_get_func_ip helper support for uprobe link [PATCHv3,bpf-next,06/26] libbpf: Add uprobe_multi attach type and link names [PATCHv3,bpf-next,07/26] libbpf: Move elf_find_func_offset* functions to elf object [PATCHv3,bpf-next,08/26] libbpf: Add elf_open/elf_close functions [PATCHv3,bpf-next,09/26] libbpf: Add elf symbol iterator [PATCHv3,bpf-next,10/26] libbpf: Add elf_resolve_syms_offsets function [PATCHv3,bpf-next,11/26] libbpf: Add elf_resolve_pattern_offsets function [PATCHv3,bpf-next,12/26] libbpf: Add bpf_link_create support for multi uprobes [PATCHv3,bpf-next,13/26] libbpf: Add bpf_program__attach_uprobe_multi function [PATCHv3,bpf-next,14/26] libbpf: Add support for u[ret]probe.multi[.s] program sections [PATCHv3,bpf-next,15/26] libbpf: Add uprobe multi link detection [PATCHv3,bpf-next,16/26] libbpf: Add uprobe multi link support to bpf_program__attach_usdt [PATCHv3,bpf-next,17/26] selftests/bpf: Add uprobe_multi skel test [PATCHv3,bpf-next,18/26] selftests/bpf: Add uprobe_multi api test [PATCHv3,bpf-next,19/26] selftests/bpf: Add uprobe_multi link test [PATCHv3,bpf-next,20/26] selftests/bpf: Add uprobe_multi test program [PATCHv3,bpf-next,21/26] selftests/bpf: Add uprobe_multi bench test [PATCHv3,bpf-next,22/26] selftests/bpf: Add usdt_multi test program [PATCHv3,bpf-next,23/26] selftests/bpf: Add usdt_multi bench test [PATCHv3,bpf-next,24/26] selftests/bpf: Add uprobe_multi cookie test [PATCHv3,bpf-next,25/26] selftests/bpf: Add uprobe_multi pid filter tests [PATCHv3,bpf-next,26/26] selftests/bpf: Add extra link to uprobe_multi tests

Context	Check	Description
netdev/series_format	fail	Series longer than 15 patches (and no cover letter)
netdev/tree_selection	success	Clearly marked for bpf-next, async
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	fail	Errors and warnings before: 2944 this patch: 2945
netdev/cc_maintainers	warning	6 maintainers not CCed: linux-trace-kernel@vger.kernel.org kpsingh@kernel.org mhiramat@kernel.org martin.lau@linux.dev song@kernel.org rostedt@goodmis.org
netdev/build_clang	fail	Errors and warnings before: 364 this patch: 364
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	fail	Errors and warnings before: 3092 this patch: 3093
netdev/checkpatch	warning	CHECK: Please use a blank line after function/struct/union/enum declarations CHECK: Prefer using the BIT macro WARNING: line length of 100 exceeds 80 columns WARNING: line length of 81 exceeds 80 columns WARNING: line length of 83 exceeds 80 columns WARNING: line length of 84 exceeds 80 columns WARNING: line length of 86 exceeds 80 columns WARNING: line length of 88 exceeds 80 columns WARNING: line length of 90 exceeds 80 columns WARNING: line length of 91 exceeds 80 columns WARNING: line length of 95 exceeds 80 columns
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0
bpf/vmtest-bpf-next-PR	success	PR summary
bpf/vmtest-bpf-next-VM_Test-1	success	Logs for ${{ matrix.test }} on ${{ matrix.arch }} with ${{ matrix.toolchain_full }}
bpf/vmtest-bpf-next-VM_Test-2	success	Logs for ShellCheck
bpf/vmtest-bpf-next-VM_Test-3	success	Logs for build for aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-4	success	Logs for build for s390x with gcc
bpf/vmtest-bpf-next-VM_Test-5	success	Logs for build for x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-6	fail	Logs for build for x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-7	success	Logs for set-matrix
bpf/vmtest-bpf-next-VM_Test-8	success	Logs for veristat

Jiri Olsa June 30, 2023, 8:33 a.m. UTC

Adding new multi uprobe link that allows to attach bpf program
to multiple uprobes.

Uprobes to attach are specified via new link_create uprobe_multi
union:

  struct {
          __u32           flags;
          __u32           cnt;
          __aligned_u64   path;
          __aligned_u64   offsets;
          __aligned_u64   ref_ctr_offsets;
  } uprobe_multi;

Uprobes are defined for single binary specified in path and multiple
calling sites specified in offsets array with optional reference
counters specified in ref_ctr_offsets array. All specified arrays
have length of 'cnt'.

The 'flags' supports single bit for now that marks the uprobe as
return probe.

Signed-off-by: Jiri Olsa <jolsa@kernel.org>
---
 include/linux/trace_events.h   |   6 +
 include/uapi/linux/bpf.h       |  14 ++
 kernel/bpf/syscall.c           |  14 +-
 kernel/trace/bpf_trace.c       | 237 +++++++++++++++++++++++++++++++++
 tools/include/uapi/linux/bpf.h |  14 ++
 5 files changed, 282 insertions(+), 3 deletions(-)

Andrii Nakryiko July 6, 2023, 10:34 p.m. UTC | #1

On Fri, Jun 30, 2023 at 1:34 AM Jiri Olsa <jolsa@kernel.org> wrote:
>
> Adding new multi uprobe link that allows to attach bpf program
> to multiple uprobes.
>
> Uprobes to attach are specified via new link_create uprobe_multi
> union:
>
>   struct {
>           __u32           flags;
>           __u32           cnt;
>           __aligned_u64   path;
>           __aligned_u64   offsets;
>           __aligned_u64   ref_ctr_offsets;
>   } uprobe_multi;
>
> Uprobes are defined for single binary specified in path and multiple
> calling sites specified in offsets array with optional reference
> counters specified in ref_ctr_offsets array. All specified arrays
> have length of 'cnt'.
>
> The 'flags' supports single bit for now that marks the uprobe as
> return probe.
>
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>
> ---
>  include/linux/trace_events.h   |   6 +
>  include/uapi/linux/bpf.h       |  14 ++
>  kernel/bpf/syscall.c           |  14 +-
>  kernel/trace/bpf_trace.c       | 237 +++++++++++++++++++++++++++++++++
>  tools/include/uapi/linux/bpf.h |  14 ++
>  5 files changed, 282 insertions(+), 3 deletions(-)
>

overall LGTM, but I think there is path leak, please fix that and add my ack

Acked-by: Andrii Nakryiko <andrii@kernel.org>

> diff --git a/include/linux/trace_events.h b/include/linux/trace_events.h
> index 7c4a0b72334e..c71845e9d40a 100644
> --- a/include/linux/trace_events.h
> +++ b/include/linux/trace_events.h
> @@ -749,6 +749,7 @@ int bpf_get_perf_event_info(const struct perf_event *event, u32 *prog_id,
>                             u32 *fd_type, const char **buf,
>                             u64 *probe_offset, u64 *probe_addr);
>  int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog);
> +int bpf_uprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog);
>  #else
>  static inline unsigned int trace_call_bpf(struct trace_event_call *call, void *ctx)
>  {
> @@ -795,6 +796,11 @@ bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
>  {
>         return -EOPNOTSUPP;
>  }
> +static inline int
> +bpf_uprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
> +{
> +       return -EOPNOTSUPP;
> +}
>  #endif
>
>  enum {
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index 60a9d59beeab..a236139f08ce 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -1036,6 +1036,7 @@ enum bpf_attach_type {
>         BPF_LSM_CGROUP,
>         BPF_STRUCT_OPS,
>         BPF_NETFILTER,
> +       BPF_TRACE_UPROBE_MULTI,
>         __MAX_BPF_ATTACH_TYPE
>  };
>
> @@ -1053,6 +1054,7 @@ enum bpf_link_type {
>         BPF_LINK_TYPE_KPROBE_MULTI = 8,
>         BPF_LINK_TYPE_STRUCT_OPS = 9,
>         BPF_LINK_TYPE_NETFILTER = 10,
> +       BPF_LINK_TYPE_UPROBE_MULTI = 11,
>
>         MAX_BPF_LINK_TYPE,
>  };
> @@ -1170,6 +1172,11 @@ enum bpf_link_type {
>   */
>  #define BPF_F_KPROBE_MULTI_RETURN      (1U << 0)
>
> +/* link_create.uprobe_multi.flags used in LINK_CREATE command for
> + * BPF_TRACE_UPROBE_MULTI attach type to create return probe.
> + */
> +#define BPF_F_UPROBE_MULTI_RETURN      (1U << 0)
> +

any reason why we don't use anonymous ENUMs for all these UAPI
constants? When we need to use these flags from BPF side (e.g., for
BPF LSM), having them as #defines will be a PITA, as they won't be
present in vmlinux.h


>  /* When BPF ldimm64's insn[0].src_reg != 0 then this can have
>   * the following extensions:
>   *
> @@ -1579,6 +1586,13 @@ union bpf_attr {
>                                 __s32           priority;
>                                 __u32           flags;
>                         } netfilter;
> +                       struct {
> +                               __u32           flags;
> +                               __u32           cnt;

total nit, but I'd move it after path/offsets/ref_ctr_offsets, and
make the order cnt (as it applies to previous two
offsets/ref_ctr_offsets) and then flags last. Seems like more logical
order, but totally subjective

> +                               __aligned_u64   path;
> +                               __aligned_u64   offsets;
> +                               __aligned_u64   ref_ctr_offsets;
> +                       } uprobe_multi;
>                 };
>         } link_create;
>
> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> index 9046ad0f9b4e..3b0582a64ce4 100644
> --- a/kernel/bpf/syscall.c
> +++ b/kernel/bpf/syscall.c
> @@ -2813,10 +2813,12 @@ static void bpf_link_free_id(int id)
>
>  /* Clean up bpf_link and corresponding anon_inode file and FD. After
>   * anon_inode is created, bpf_link can't be just kfree()'d due to deferred
> - * anon_inode's release() call. This helper marksbpf_link as
> + * anon_inode's release() call. This helper marks bpf_link as
>   * defunct, releases anon_inode file and puts reserved FD. bpf_prog's refcnt
>   * is not decremented, it's the responsibility of a calling code that failed
>   * to complete bpf_link initialization.
> + * This helper eventually calls link's dealloc callback, but does not call
> + * link's release callback.

Thanks for clarifying comments!

>   */
>  void bpf_link_cleanup(struct bpf_link_primer *primer)
>  {
> @@ -3589,8 +3591,12 @@ static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog,
>                 if (prog->expected_attach_type == BPF_TRACE_KPROBE_MULTI &&
>                     attach_type != BPF_TRACE_KPROBE_MULTI)
>                         return -EINVAL;
> +               if (prog->expected_attach_type == BPF_TRACE_UPROBE_MULTI &&
> +                   attach_type != BPF_TRACE_UPROBE_MULTI)
> +                       return -EINVAL;
>                 if (attach_type != BPF_PERF_EVENT &&
> -                   attach_type != BPF_TRACE_KPROBE_MULTI)
> +                   attach_type != BPF_TRACE_KPROBE_MULTI &&
> +                   attach_type != BPF_TRACE_UPROBE_MULTI)

if this keeps growing, we should think about having a switch in a
switch to not repeat BPF_TRACE_UPROBE_MULTI and BPF_TRACE_KPROBE_MULTI
twice

>                         return -EINVAL;
>                 return 0;
>         case BPF_PROG_TYPE_EXT:

[...]

> +       for (i = 0; i < cnt; i++) {
> +               if (uref_ctr_offsets && __get_user(ref_ctr_offsets[i], uref_ctr_offsets + i)) {
> +                       err = -EFAULT;
> +                       goto error_free;
> +               }
> +               if (__get_user(uprobes[i].offset, uoffsets + i)) {
> +                       err = -EFAULT;
> +                       goto error_free;
> +               }
> +
> +               uprobes[i].link = link;
> +
> +               if (flags & BPF_F_UPROBE_MULTI_RETURN)
> +                       uprobes[i].consumer.ret_handler = uprobe_multi_link_ret_handler;
> +               else
> +                       uprobes[i].consumer.handler = uprobe_multi_link_handler;
> +       }
> +
> +       link->cnt = cnt;
> +       link->uprobes = uprobes;
> +       link->path = path;
> +
> +       bpf_link_init(&link->link, BPF_LINK_TYPE_UPROBE_MULTI,
> +                     &bpf_uprobe_multi_link_lops, prog);
> +
> +       err = bpf_link_prime(&link->link, &link_primer);
> +       if (err)
> +               goto error_free;
> +
> +       for (i = 0; i < cnt; i++) {
> +               err = uprobe_register_refctr(d_real_inode(link->path.dentry),
> +                                            uprobes[i].offset,
> +                                            ref_ctr_offsets ? ref_ctr_offsets[i] : 0,
> +                                            &uprobes[i].consumer);
> +               if (err) {
> +                       bpf_uprobe_unregister(&path, uprobes, i);
> +                       bpf_link_cleanup(&link_primer);
> +                       kvfree(ref_ctr_offsets);

are we missing path_put() in this error handling path? so maybe goto
error_path_put here instead of return?

> +                       return err;
> +               }
> +       }
> +
> +       kvfree(ref_ctr_offsets);
> +       return bpf_link_settle(&link_primer);
> +
> +error_free:
> +       kvfree(ref_ctr_offsets);
> +       kvfree(uprobes);
> +       kfree(link);
> +error_path_put:
> +       path_put(&path);
> +       return err;
> +}

[...]

Andrii Nakryiko July 7, 2023, 4:22 a.m. UTC | #2

On Fri, Jun 30, 2023 at 1:34 AM Jiri Olsa <jolsa@kernel.org> wrote:
>
> Adding new multi uprobe link that allows to attach bpf program
> to multiple uprobes.
>
> Uprobes to attach are specified via new link_create uprobe_multi
> union:
>
>   struct {
>           __u32           flags;
>           __u32           cnt;
>           __aligned_u64   path;
>           __aligned_u64   offsets;
>           __aligned_u64   ref_ctr_offsets;
>   } uprobe_multi;
>
> Uprobes are defined for single binary specified in path and multiple
> calling sites specified in offsets array with optional reference
> counters specified in ref_ctr_offsets array. All specified arrays
> have length of 'cnt'.
>
> The 'flags' supports single bit for now that marks the uprobe as
> return probe.
>
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>
> ---
>  include/linux/trace_events.h   |   6 +
>  include/uapi/linux/bpf.h       |  14 ++
>  kernel/bpf/syscall.c           |  14 +-
>  kernel/trace/bpf_trace.c       | 237 +++++++++++++++++++++++++++++++++
>  tools/include/uapi/linux/bpf.h |  14 ++
>  5 files changed, 282 insertions(+), 3 deletions(-)
>

[...]

> +       flags = attr->link_create.uprobe_multi.flags;
> +       if (flags & ~BPF_F_UPROBE_MULTI_RETURN)
> +               return -EINVAL;
> +
> +       /*
> +        * path, offsets and cnt are mandatory,
> +        * ref_ctr_offsets is optional
> +        */
> +       upath = u64_to_user_ptr(attr->link_create.uprobe_multi.path);
> +       uoffsets = u64_to_user_ptr(attr->link_create.uprobe_multi.offsets);
> +       cnt = attr->link_create.uprobe_multi.cnt;
> +
> +       if (!upath || !uoffsets || !cnt)
> +               return -EINVAL;

see below for -EBADF, but we can also, additionally, return -EPROTO
here, for example?

> +
> +       uref_ctr_offsets = u64_to_user_ptr(attr->link_create.uprobe_multi.ref_ctr_offsets);
> +
> +       name = strndup_user(upath, PATH_MAX);
> +       if (IS_ERR(name)) {
> +               err = PTR_ERR(name);
> +               return err;
> +       }
> +
> +       err = kern_path(name, LOOKUP_FOLLOW, &path);
> +       kfree(name);
> +       if (err)
> +               return err;
> +
> +       if (!d_is_reg(path.dentry)) {
> +               err = -EINVAL;

as I mentioned in another patch, -EBADF here for feature detection
(and it makes sense by itself, probably)

> +               goto error_path_put;
> +       }
> +
> +       err = -ENOMEM;
> +
> +       link = kzalloc(sizeof(*link), GFP_KERNEL);
> +       uprobes = kvcalloc(cnt, sizeof(*uprobes), GFP_KERNEL);
> +
> +       if (!uprobes || !link)
> +               goto error_free;
> +
> +       if (uref_ctr_offsets) {
> +               ref_ctr_offsets = kvcalloc(cnt, sizeof(*ref_ctr_offsets), GFP_KERNEL);
> +               if (!ref_ctr_offsets)
> +                       goto error_free;
> +       }
> +

[...]

Jiri Olsa July 11, 2023, 9 a.m. UTC | #3

On Thu, Jul 06, 2023 at 03:34:10PM -0700, Andrii Nakryiko wrote:

SNIP

> > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> > index 60a9d59beeab..a236139f08ce 100644
> > --- a/include/uapi/linux/bpf.h
> > +++ b/include/uapi/linux/bpf.h
> > @@ -1036,6 +1036,7 @@ enum bpf_attach_type {
> >         BPF_LSM_CGROUP,
> >         BPF_STRUCT_OPS,
> >         BPF_NETFILTER,
> > +       BPF_TRACE_UPROBE_MULTI,
> >         __MAX_BPF_ATTACH_TYPE
> >  };
> >
> > @@ -1053,6 +1054,7 @@ enum bpf_link_type {
> >         BPF_LINK_TYPE_KPROBE_MULTI = 8,
> >         BPF_LINK_TYPE_STRUCT_OPS = 9,
> >         BPF_LINK_TYPE_NETFILTER = 10,
> > +       BPF_LINK_TYPE_UPROBE_MULTI = 11,
> >
> >         MAX_BPF_LINK_TYPE,
> >  };
> > @@ -1170,6 +1172,11 @@ enum bpf_link_type {
> >   */
> >  #define BPF_F_KPROBE_MULTI_RETURN      (1U << 0)
> >
> > +/* link_create.uprobe_multi.flags used in LINK_CREATE command for
> > + * BPF_TRACE_UPROBE_MULTI attach type to create return probe.
> > + */
> > +#define BPF_F_UPROBE_MULTI_RETURN      (1U << 0)
> > +
> 
> any reason why we don't use anonymous ENUMs for all these UAPI
> constants? When we need to use these flags from BPF side (e.g., for
> BPF LSM), having them as #defines will be a PITA, as they won't be
> present in vmlinux.h

ugh right, we already did that before.. will change

> 
> 
> >  /* When BPF ldimm64's insn[0].src_reg != 0 then this can have
> >   * the following extensions:
> >   *
> > @@ -1579,6 +1586,13 @@ union bpf_attr {
> >                                 __s32           priority;
> >                                 __u32           flags;
> >                         } netfilter;
> > +                       struct {
> > +                               __u32           flags;
> > +                               __u32           cnt;
> 
> total nit, but I'd move it after path/offsets/ref_ctr_offsets, and
> make the order cnt (as it applies to previous two
> offsets/ref_ctr_offsets) and then flags last. Seems like more logical
> order, but totally subjective

ok

> 
> > +                               __aligned_u64   path;
> > +                               __aligned_u64   offsets;
> > +                               __aligned_u64   ref_ctr_offsets;
> > +                       } uprobe_multi;
> >                 };
> >         } link_create;
> >
> > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > index 9046ad0f9b4e..3b0582a64ce4 100644
> > --- a/kernel/bpf/syscall.c
> > +++ b/kernel/bpf/syscall.c
> > @@ -2813,10 +2813,12 @@ static void bpf_link_free_id(int id)
> >
> >  /* Clean up bpf_link and corresponding anon_inode file and FD. After
> >   * anon_inode is created, bpf_link can't be just kfree()'d due to deferred
> > - * anon_inode's release() call. This helper marksbpf_link as
> > + * anon_inode's release() call. This helper marks bpf_link as
> >   * defunct, releases anon_inode file and puts reserved FD. bpf_prog's refcnt
> >   * is not decremented, it's the responsibility of a calling code that failed
> >   * to complete bpf_link initialization.
> > + * This helper eventually calls link's dealloc callback, but does not call
> > + * link's release callback.
> 
> Thanks for clarifying comments!
> 
> >   */
> >  void bpf_link_cleanup(struct bpf_link_primer *primer)
> >  {
> > @@ -3589,8 +3591,12 @@ static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog,
> >                 if (prog->expected_attach_type == BPF_TRACE_KPROBE_MULTI &&
> >                     attach_type != BPF_TRACE_KPROBE_MULTI)
> >                         return -EINVAL;
> > +               if (prog->expected_attach_type == BPF_TRACE_UPROBE_MULTI &&
> > +                   attach_type != BPF_TRACE_UPROBE_MULTI)
> > +                       return -EINVAL;
> >                 if (attach_type != BPF_PERF_EVENT &&
> > -                   attach_type != BPF_TRACE_KPROBE_MULTI)
> > +                   attach_type != BPF_TRACE_KPROBE_MULTI &&
> > +                   attach_type != BPF_TRACE_UPROBE_MULTI)
> 
> if this keeps growing, we should think about having a switch in a
> switch to not repeat BPF_TRACE_UPROBE_MULTI and BPF_TRACE_KPROBE_MULTI
> twice

ok

SNIP

> > +       for (i = 0; i < cnt; i++) {
> > +               err = uprobe_register_refctr(d_real_inode(link->path.dentry),
> > +                                            uprobes[i].offset,
> > +                                            ref_ctr_offsets ? ref_ctr_offsets[i] : 0,
> > +                                            &uprobes[i].consumer);
> > +               if (err) {
> > +                       bpf_uprobe_unregister(&path, uprobes, i);
> > +                       bpf_link_cleanup(&link_primer);
> > +                       kvfree(ref_ctr_offsets);
> 
> are we missing path_put() in this error handling path? so maybe goto
> error_path_put here instead of return?

aaaah right path_put needs to go to dealloc callback :-\ will change, thanks

jirka

Jiri Olsa July 11, 2023, 9:01 a.m. UTC | #4

On Thu, Jul 06, 2023 at 09:22:29PM -0700, Andrii Nakryiko wrote:

SNIP

> > +       flags = attr->link_create.uprobe_multi.flags;
> > +       if (flags & ~BPF_F_UPROBE_MULTI_RETURN)
> > +               return -EINVAL;
> > +
> > +       /*
> > +        * path, offsets and cnt are mandatory,
> > +        * ref_ctr_offsets is optional
> > +        */
> > +       upath = u64_to_user_ptr(attr->link_create.uprobe_multi.path);
> > +       uoffsets = u64_to_user_ptr(attr->link_create.uprobe_multi.offsets);
> > +       cnt = attr->link_create.uprobe_multi.cnt;
> > +
> > +       if (!upath || !uoffsets || !cnt)
> > +               return -EINVAL;
> 
> see below for -EBADF, but we can also, additionally, return -EPROTO
> here, for example?
> 
> > +
> > +       uref_ctr_offsets = u64_to_user_ptr(attr->link_create.uprobe_multi.ref_ctr_offsets);
> > +
> > +       name = strndup_user(upath, PATH_MAX);
> > +       if (IS_ERR(name)) {
> > +               err = PTR_ERR(name);
> > +               return err;
> > +       }
> > +
> > +       err = kern_path(name, LOOKUP_FOLLOW, &path);
> > +       kfree(name);
> > +       if (err)
> > +               return err;
> > +
> > +       if (!d_is_reg(path.dentry)) {
> > +               err = -EINVAL;
> 
> as I mentioned in another patch, -EBADF here for feature detection
> (and it makes sense by itself, probably)

yes, I like this place better, also -EBADF error makes more sense in here

thanks,
jirka

> 
> > +               goto error_path_put;
> > +       }
> > +
> > +       err = -ENOMEM;
> > +
> > +       link = kzalloc(sizeof(*link), GFP_KERNEL);
> > +       uprobes = kvcalloc(cnt, sizeof(*uprobes), GFP_KERNEL);
> > +
> > +       if (!uprobes || !link)
> > +               goto error_free;
> > +
> > +       if (uref_ctr_offsets) {
> > +               ref_ctr_offsets = kvcalloc(cnt, sizeof(*ref_ctr_offsets), GFP_KERNEL);
> > +               if (!ref_ctr_offsets)
> > +                       goto error_free;
> > +       }
> > +
> 
> [...]

[PATCHv3,bpf-next,02/26] bpf: Add multi uprobe link

Checks

Commit Message

Comments

Patch