[RFC] bpf: tracing: refuse kprobe override without dynamic ftrace

Commit Message

Dominique Martinet Nov. 6, 2020, 4:03 p.m. UTC

The override itself apparently silently fails if CONFIG_DYNAMIC_FTRACE
is unset - it's better to refuse the probe early

Signed-off-by: Dominique Martinet <asmadeus@codewreck.org>
---
I'm actually not sure WHAT fails exactly, but I've been playing with
bpftrace in small VMs and one of these make override() not working:
$ diff -U0 ../linux-test/.config .config | grep -E '[+-]C'
+CONFIG_KPROBES_ON_FTRACE=y
+CONFIG_DYNAMIC_FTRACE=y
+CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
+CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
+CONFIG_FTRACE_MCOUNT_RECORD=y

with this test command:
# bpftrace -e 'k:__x64_sys_getuid { printf("test\n"); override(10); }' --unsafe -c /bin/id


I'm a bit confused because now I'm testing the print now longer works
either and I'm pretty sure I had some configuration where the print
worked without the override hmm.. full non-working .config attached
if someone wants to have a look.


So anyway I'm probably checking the wrong thing at the wrong place, and
the lack of error message annoys me, but if we can save the next person
like me some time to investigate why override() doesn't work please
advise on what to check and I'll be glad to send a better patch -- I
don't think we should allow non-working probes to be attached.


 kernel/trace/bpf_trace.c | 5 +++++
 1 file changed, 5 insertions(+)

Patch

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 4517c8b66518..18e3178c1568 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -1909,6 +1909,11 @@  int perf_event_attach_bpf_prog(struct perf_event *event,
 	struct bpf_prog_array *new_array;
 	int ret = -EEXIST;
 
+#ifndef CONFIG_DYNAMIC_FTRACE
+       if (prog->kprobe_override)
+               return -EINVAL;
+#endif
+
 	/*
 	 * Kprobe override only works if they are on the function entry,
 	 * and only if they are on the opt-in list.