Support module BTF and lots of log improvements #60
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Store `struct btf *`for each function explicitly. This opens up ability to have module BTF as a source of BTF information for some functions. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Refactor how retsnoop collects kprobe information. Apply glob rules early on so that resulting set of attachable kprobes are small. We'll use this to figure out all kernel modules that are relevant when loading module BTFs. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Now that we know minimal set of module BTFs we need, try to fetch them, and if successful, use BTF information to augment kprobe information. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
We already emit this information from retsnoop.c, no need to duplicate code and pollute output. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Add NAME_MOD() macro that formats glob or function spec as either '<name>' if it's not module-specific or '<name> [<module>]' if it is module-specific. Normalize all the output code to use this approach and not have to do ad-hoc work arounds to minimize conditional logic just to output this information consistently. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Extract internal API for working with a set of allow/deny globs. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
This allows to keep reporting and stats counting separate from the (now reusable) logic of matching a given set of allow/deny globs. There are 4 possible outcomes for any given glob set. It could allow (match) or deny (mismatch), and do it either explicitly (there is a matching allow/deny glob) or implicitly (no glob matched, but match or mismatch is implicit, depending on whether there is an explicit GLOB_ALLOW glob). Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
… is set Mass attacher adds a few extra globs to prevent attaching to dangerous functions. Don't report their stats unless debug-extra verboseness is set. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Emit a set of function flags as symbolic names to ease validation and debugging. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Instead of logging every BTF FUNC record that doesn't match globs *or* doesn't have a corresponding attachable kprobes, filter out all the records that don't satisfy globs first, so that we can log high signal message about functions that are not attachable, but were requested by user through globs. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.