Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S938048AbdLSGiN (ORCPT ); Tue, 19 Dec 2017 01:38:13 -0500 Received: from mail.kernel.org ([198.145.29.99]:58604 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933272AbdLSGiL (ORCPT ); Tue, 19 Dec 2017 01:38:11 -0500 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C119E20853 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=mhiramat@kernel.org Date: Tue, 19 Dec 2017 15:38:08 +0900 From: Masami Hiramatsu To: Daniel Borkmann Cc: Josef Bacik , rostedt@goodmis.org, mingo@redhat.com, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, ast@kernel.org, kernel-team@fb.com, linux-btrfs@vger.kernel.org, darrick.wong@oracle.com, Josef Bacik Subject: Re: [PATCH v10 3/5] bpf: add a bpf_override_function helper Message-Id: <20171219153808.83bb43e8a9b206e0e034fc6b@kernel.org> In-Reply-To: <73e451e0-64ce-6f77-5f8b-bde39a181941@iogearbox.net> References: <1513365176-6744-1-git-send-email-josef@toxicpanda.com> <1513365176-6744-4-git-send-email-josef@toxicpanda.com> <20171218185100.4a8174488dfebf93d28899c3@kernel.org> <73e451e0-64ce-6f77-5f8b-bde39a181941@iogearbox.net> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; x86_64-redhat-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2826 Lines: 71 On Mon, 18 Dec 2017 16:09:30 +0100 Daniel Borkmann wrote: > On 12/18/2017 10:51 AM, Masami Hiramatsu wrote: > > On Fri, 15 Dec 2017 14:12:54 -0500 > > Josef Bacik wrote: > >> From: Josef Bacik > >> > >> Error injection is sloppy and very ad-hoc. BPF could fill this niche > >> perfectly with it's kprobe functionality. We could make sure errors are > >> only triggered in specific call chains that we care about with very > >> specific situations. Accomplish this with the bpf_override_funciton > >> helper. This will modify the probe'd callers return value to the > >> specified value and set the PC to an override function that simply > >> returns, bypassing the originally probed function. This gives us a nice > >> clean way to implement systematic error injection for all of our code > >> paths. > > > > OK, got it. I think the error_injectable function list should be defined > > in kernel/trace/bpf_trace.c because only bpf calls it and needs to care > > the "safeness". > > > > [...] > >> diff --git a/arch/x86/kernel/kprobes/ftrace.c b/arch/x86/kernel/kprobes/ftrace.c > >> index 8dc0161cec8f..1ea748d682fd 100644 > >> --- a/arch/x86/kernel/kprobes/ftrace.c > >> +++ b/arch/x86/kernel/kprobes/ftrace.c > >> @@ -97,3 +97,17 @@ int arch_prepare_kprobe_ftrace(struct kprobe *p) > >> p->ainsn.boostable = false; > >> return 0; > >> } > >> + > >> +asmlinkage void override_func(void); > >> +asm( > >> + ".type override_func, @function\n" > >> + "override_func:\n" > >> + " ret\n" > >> + ".size override_func, .-override_func\n" > >> +); > >> + > >> +void arch_ftrace_kprobe_override_function(struct pt_regs *regs) > >> +{ > >> + regs->ip = (unsigned long)&override_func; > >> +} > >> +NOKPROBE_SYMBOL(arch_ftrace_kprobe_override_function); > > > > Calling this as "override_function" is meaningless. This is a function > > which just return. So I think combination of just_return_func() and > > arch_bpf_override_func_just_return() will be better. > > > > Moreover, this arch/x86/kernel/kprobes/ftrace.c is an archtecture > > dependent implementation of kprobes, not bpf. > > Josef, please work out any necessary cleanups that would still need > to be addressed based on Masami's feedback and send them as follow-up > patches, thanks. > > > Hmm, arch/x86/net/bpf_jit_comp.c will be better place? > > (No, it's JIT only and I'd really prefer to keep it that way, mixing > this would result in a huge mess.) OK, that is same to kprobes. kernel/kprobes.c and arch/x86/kernel/kprobe/* are for instrumentation code. And kernel/trace/trace_kprobe.c is ftrace's kprobe user interface, just one implementation of kprobe usage. So please do not mix it up. It will result in a huge mess to me. Thank you, -- Masami Hiramatsu