Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support module BTF and lots of log improvements #60

Merged
merged 10 commits into from
Feb 14, 2024
Merged

Support module BTF and lots of log improvements #60

merged 10 commits into from
Feb 14, 2024

Commits on Feb 8, 2024

  1. mass_attach: eliminate vmlinux BTF assumption in func info 

    Store `struct btf *`for each function explicitly. This opens up ability
to have module BTF as a source of BTF information for some functions.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 8, 2024
    Configuration menu
    Copy the full SHA
    a781889 View commit details
    Browse the repository at this point in the history

Commits on Feb 14, 2024

  1. mass_attacher: filter out kprobes according to globs early 

    Refactor how retsnoop collects kprobe information. Apply glob rules
early on so that resulting set of attachable kprobes are small. We'll
use this to figure out all kernel modules that are relevant when loading
module BTFs.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    4926e48 View commit details
    Browse the repository at this point in the history

  2. mass_attacher: fetch module BTFs and use them for function flags 

    Now that we know minimal set of module BTFs we need, try to fetch them,
and if successful, use BTF information to augment kprobe information.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    d514b8a View commit details
    Browse the repository at this point in the history

  3. mass_attacher: remove duplicate feature calibration output 

    We already emit this information from retsnoop.c, no need to duplicate
code and pollute output.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    229118e View commit details
    Browse the repository at this point in the history

  4. retsnoop: normalize func/glob display name output 

    Add NAME_MOD() macro that formats glob or function spec as either
'<name>' if it's not module-specific or '<name> [<module>]' if it is
module-specific. Normalize all the output code to use this approach and
not have to do ad-hoc work arounds to minimize conditional logic just to
output this information consistently.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    9a0d42f View commit details
    Browse the repository at this point in the history

  5. mass_attacher: encapsulate globs management into glob_set struct 

    Extract internal API for working with a set of allow/deny globs.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    6a7f4c8 View commit details
    Browse the repository at this point in the history

  6. globs: abstract away glob set matching logic 

    This allows to keep reporting and stats counting separate from the (now
reusable) logic of matching a given set of allow/deny globs.

There are 4 possible outcomes for any given glob set. It could allow
(match) or deny (mismatch), and do it either explicitly (there is
a matching allow/deny glob) or implicitly (no glob matched, but match or
mismatch is implicit, depending on whether there is an explicit
GLOB_ALLOW glob).

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    68cc4de View commit details
    Browse the repository at this point in the history

  7. mass_attacher: don't report internally added globs unless debug_extra… 

    … is set

Mass attacher adds a few extra globs to prevent attaching to dangerous
functions. Don't report their stats unless debug-extra verboseness is set.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    ebdd1bb View commit details
    Browse the repository at this point in the history

  8. mass_attacher: format function flags as human-readable symbolic values 

    Emit a set of function flags as symbolic names to ease validation and
debugging.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    c8a516f View commit details
    Browse the repository at this point in the history

  9. mass_attacher: only log non-attachable kprobes if they pass globs 

    Instead of logging every BTF FUNC record that doesn't match globs *or*
doesn't have a corresponding attachable kprobes, filter out all the
records that don't satisfy globs first, so that we can log high signal
message about functions that are not attachable, but were requested by
user through globs.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
    @anakryiko
    anakryiko committed Feb 14, 2024
    Configuration menu
    Copy the full SHA
    9bf1985 View commit details
    Browse the repository at this point in the history