5a86381321
Currently, kprobe_events failure won't be handled properly. Due to calling system() indirectly to write to kprobe_events, it can't be identified whether an error is derived from kprobe or system. // buf = "echo '%c:%s %s' >> /s/k/d/t/kprobe_events" err = system(buf); if (err < 0) { printf("failed to create kprobe .."); return -1; } For example, running ./tracex7 sample in ext4 partition, "echo p:open_ctree open_ctree >> /s/k/d/t/kprobe_events" gets 256 error code system() failure. => The error comes from kprobe, but it's not handled correctly. According to man of system(3), it's return value just passes the termination status of the child shell rather than treating the error as -1. (don't care success) Which means, currently it's not working as desired. (According to the upper code snippet) ex) running ./tracex7 with ext4 env. # Current Output sh: echo: I/O error failed to open event open_ctree # Desired Output failed to create kprobe 'open_ctree' error 'No such file or directory' The problem is, error can't be verified whether from child ps or system. But using write() directly can verify the command failure, and it will treat all error as -1. So I suggest using write() directly to 'kprobe_events' rather than calling system(). Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> |
||
---|---|---|
.. | ||
.gitignore | ||
bpf_insn.h | ||
bpf_load.c | ||
bpf_load.h | ||
cookie_uid_helper_example.c | ||
cpustat_kern.c | ||
cpustat_user.c | ||
fds_example.c | ||
hash_func01.h | ||
lathist_kern.c | ||
lathist_user.c | ||
load_sock_ops.c | ||
lwt_len_hist_kern.c | ||
lwt_len_hist_user.c | ||
lwt_len_hist.sh | ||
Makefile | ||
map_perf_test_kern.c | ||
map_perf_test_user.c | ||
offwaketime_kern.c | ||
offwaketime_user.c | ||
parse_ldabs.c | ||
parse_simple.c | ||
parse_varlen.c | ||
README.rst | ||
run_cookie_uid_helper_example.sh | ||
sampleip_kern.c | ||
sampleip_user.c | ||
sock_example.c | ||
sock_example.h | ||
sock_flags_kern.c | ||
sockex1_kern.c | ||
sockex1_user.c | ||
sockex2_kern.c | ||
sockex2_user.c | ||
sockex3_kern.c | ||
sockex3_user.c | ||
spintest_kern.c | ||
spintest_user.c | ||
syscall_nrs.c | ||
syscall_tp_kern.c | ||
syscall_tp_user.c | ||
task_fd_query_kern.c | ||
task_fd_query_user.c | ||
tc_l2_redirect_kern.c | ||
tc_l2_redirect_user.c | ||
tc_l2_redirect.sh | ||
tcbpf1_kern.c | ||
tcp_basertt_kern.c | ||
tcp_bpf.readme | ||
tcp_bufs_kern.c | ||
tcp_clamp_kern.c | ||
tcp_cong_kern.c | ||
tcp_iw_kern.c | ||
tcp_rwnd_kern.c | ||
tcp_synrto_kern.c | ||
tcp_tos_reflect_kern.c | ||
test_cgrp2_array_pin.c | ||
test_cgrp2_attach2.c | ||
test_cgrp2_attach.c | ||
test_cgrp2_sock2.c | ||
test_cgrp2_sock2.sh | ||
test_cgrp2_sock.c | ||
test_cgrp2_sock.sh | ||
test_cgrp2_tc_kern.c | ||
test_cgrp2_tc.sh | ||
test_cls_bpf.sh | ||
test_current_task_under_cgroup_kern.c | ||
test_current_task_under_cgroup_user.c | ||
test_ipip.sh | ||
test_lru_dist.c | ||
test_lwt_bpf.c | ||
test_lwt_bpf.sh | ||
test_map_in_map_kern.c | ||
test_map_in_map_user.c | ||
test_overhead_kprobe_kern.c | ||
test_overhead_raw_tp_kern.c | ||
test_overhead_tp_kern.c | ||
test_overhead_user.c | ||
test_override_return.sh | ||
test_probe_write_user_kern.c | ||
test_probe_write_user_user.c | ||
trace_event_kern.c | ||
trace_event_user.c | ||
trace_output_kern.c | ||
trace_output_user.c | ||
tracex1_kern.c | ||
tracex1_user.c | ||
tracex2_kern.c | ||
tracex2_user.c | ||
tracex3_kern.c | ||
tracex3_user.c | ||
tracex4_kern.c | ||
tracex4_user.c | ||
tracex5_kern.c | ||
tracex5_user.c | ||
tracex6_kern.c | ||
tracex6_user.c | ||
tracex7_kern.c | ||
tracex7_user.c | ||
xdp1_kern.c | ||
xdp1_user.c | ||
xdp2_kern.c | ||
xdp2skb_meta_kern.c | ||
xdp2skb_meta.sh | ||
xdp_adjust_tail_kern.c | ||
xdp_adjust_tail_user.c | ||
xdp_fwd_kern.c | ||
xdp_fwd_user.c | ||
xdp_monitor_kern.c | ||
xdp_monitor_user.c | ||
xdp_redirect_cpu_kern.c | ||
xdp_redirect_cpu_user.c | ||
xdp_redirect_kern.c | ||
xdp_redirect_map_kern.c | ||
xdp_redirect_map_user.c | ||
xdp_redirect_user.c | ||
xdp_router_ipv4_kern.c | ||
xdp_router_ipv4_user.c | ||
xdp_rxq_info_kern.c | ||
xdp_rxq_info_user.c | ||
xdp_sample_pkts_kern.c | ||
xdp_sample_pkts_user.c | ||
xdp_tx_iptunnel_common.h | ||
xdp_tx_iptunnel_kern.c | ||
xdp_tx_iptunnel_user.c | ||
xdpsock_kern.c | ||
xdpsock_user.c | ||
xdpsock.h |
eBPF sample programs ==================== This directory contains a test stubs, verifier test-suite and examples for using eBPF. The examples use libbpf from tools/lib/bpf. Build dependencies ================== Compiling requires having installed: * clang >= version 3.4.0 * llvm >= version 3.7.1 Note that LLVM's tool 'llc' must support target 'bpf', list version and supported targets with command: ``llc --version`` Kernel headers -------------- There are usually dependencies to header files of the current kernel. To avoid installing devel kernel headers system wide, as a normal user, simply call:: make headers_install This will creates a local "usr/include" directory in the git/build top level directory, that the make system automatically pickup first. Compiling ========= For building the BPF samples, issue the below command from the kernel top level directory:: make samples/bpf/ Do notice the "/" slash after the directory name. It is also possible to call make from this directory. This will just hide the the invocation of make as above with the appended "/". Manually compiling LLVM with 'bpf' support ------------------------------------------ Since version 3.7.0, LLVM adds a proper LLVM backend target for the BPF bytecode architecture. By default llvm will build all non-experimental backends including bpf. To generate a smaller llc binary one can use:: -DLLVM_TARGETS_TO_BUILD="BPF" Quick sniplet for manually compiling LLVM and clang (build dependencies are cmake and gcc-c++):: $ git clone http://llvm.org/git/llvm.git $ cd llvm/tools $ git clone --depth 1 http://llvm.org/git/clang.git $ cd ..; mkdir build; cd build $ cmake .. -DLLVM_TARGETS_TO_BUILD="BPF;X86" $ make -j $(getconf _NPROCESSORS_ONLN) It is also possible to point make to the newly compiled 'llc' or 'clang' command via redefining LLC or CLANG on the make command line:: make samples/bpf/ LLC=~/git/llvm/build/bin/llc CLANG=~/git/llvm/build/bin/clang Cross compiling samples ----------------------- In order to cross-compile, say for arm64 targets, export CROSS_COMPILE and ARCH environment variables before calling make. This will direct make to build samples for the cross target. export ARCH=arm64 export CROSS_COMPILE="aarch64-linux-gnu-" make samples/bpf/ LLC=~/git/llvm/build/bin/llc CLANG=~/git/llvm/build/bin/clang