Add path builtin function #1492
Conversation
| if (has_d_path_.has_value()) | ||
| return *has_d_path_; | ||
|
|
||
| struct bpf_insn insns[] = { |
There was a problem hiding this comment.
Why does this need a custom program? doesn't the helper detection work here?
There was a problem hiding this comment.
aah, I try to load the working program and check that try_load succeeds,
but I did not noticed that the detection stuff checks for 'invalid' string,
so the load can fail for other reasons but still detect the helper.. that might
actually work.. I'll try it ;-)
thanks
There was a problem hiding this comment.
hm, the tracing program fails earlier with:
Tracing programs must provide btf_id
so we need to have special function for that
|
Nice! Glad this helper finally landed |
|
Couple things:
|
Personally, I appreciated it being called "dpath" when I saw this pull request. It helped me quickly understand that this function is like d_path() of the Linux kernel's filesystem API. Just my two cents. |
Yeah, I buy that. @olsajiri also made a good point in the IRC that fd_path() might still come one day. |
|
If possible, we shouldn't wed functions to Linux internals. There's already interest to see bpftrace on BSD and other OSes. For example, I think an fdpath() function makes sense across kernels, since they all have a notion of an FD (POSIX). This is trickier since it's for Linux struct dentry. I guess options are: A) We go with dpath() and the docs say "this is a Linux specific function." BSD might add a vpath() to its port, etc. B) We go with path() and the docs say "On Linux, this turns a dentry to a path; on BSD, this tuns a vnode to a path." etc. C) The docs say "dpath() is an internal function that you should not use directly," and then we add a fdpath() wrapper that maps to code for doing the FD to dentry and then dpath() call (I'm sure I have examples of FD->dentry in the BPF book). Then we document fdpath() and it should work once other OSes have their own implementation. D) We turn this PR into fdpath() with the FD->dentry code built in. :) (C/D) Solves the problem of forking scripts and documentation over something trivial: path lookups, which will be used by a bunch of one-liners. It would be nice if basic scripts/documentation didn't fork so quickly (it will be necessary for deeper things of course). Just thinking of a one-liner one might see in a hello-world-level tutorial: (probe types [t for tracepoint] and their arguments are of course currently Linux-influenced; although if other OSes just use the abbreviations it mostly works: k: for kernel dynamic instrumentation, u: for user-level dynamic instrumentation, U: for user-level static instrumentation, and t: for...hang on, perhaps we should add a K: alternate alias for for kernel static instrumentation, and then we have an OS-agnostic set!). @olsajiri what ended up in the whitelist? syscall tracepoints, ...? |
hm, for the sake of scripts I think maybe we should use just 'path' we will overload path's argument to be different type,
I might have confused things when mentioning dentry.. it was the answer for
vfs_truncate not much ;-) I recall we discussed that at some point you could provide list the kernel change is just matter of adding line like: I think we could add support for tracepoints as well, |
|
This is very exciting! 😄 cc @tyroguru |
|
The latest version renames 'dpath' to 'path', could you please check? thanks @fbs @danobi @brendangregg |
|
Looks ok 👍 Can you add a runtime test for this? By doing something like 5441336 you can limit the tests to systems that support it: |
ah, did not see REQUIRES_FEATURE, nice.. will add |
|
@brendangregg @mmisono @danobi . Code looks ok (but I don't have a good btf test system atm). Any thoughts on this one? |
|
BPF_FUNC_d_path is not merged in mainline yet, is it?
|
|
@olsajiri |
sure, will fix that, thnx |
tests/semantic_analyser.cpp
Outdated
| @@ -791,6 +791,24 @@ TEST(semantic_analyser, call_stack) | |||
| test("kprobe:f { @x = 3; ustack(perf, @x) }", 10); | |||
| } | |||
|
|
|||
| TEST(semantic_analyser, call_path) | |||
| { | |||
| BPFfeature feature; | |||
There was a problem hiding this comment.
| BPFfeature feature; |
MockBPFFeature handles this part. Allows us to run tests without root.
I checked and we don't check for error in there, it returns void, |
The commit is for reporting helper errors if any (the functionality introduced in #1276.) Or do you mean |
ah I misunderstood, sry.. yes, it's good change, I'll add it, thanks |
docs/reference_guide.md
Outdated
| ## 23. `path()`: Returns full path referenced by struct path pointer in argument | ||
|
|
||
| Syntax: `path(struct path *path)` | ||
| # bpftrace -e 'kfunc:filp_close { printf("%s\n", path(args->filp->f_path)); }' | ||
| Attaching 1 probe... | ||
| /proc/sys/net/ipv6/conf/eno2/disable_ipv6 | ||
| /proc/sys/net/ipv6/conf/eno2/use_tempaddr | ||
| socket:[23276] | ||
| /proc/sys/net/ipv6/conf/eno2/disable_ipv6 | ||
| socket:[17655] | ||
| /sys/devices/pci0000:00/0000:00:1c.5/0000:04:00.1/net/eno2/type | ||
| socket:[38745] | ||
| /proc/sys/net/ipv6/conf/eno2/disable_ipv6 | ||
|
|
||
| # bpftrace -e 'kretfunc:dentry_open { printf("%s\n", path(retval->f_path)); }' | ||
| Attaching 1 probe... | ||
| /dev/pts/1 -> /dev/pts/1 |
There was a problem hiding this comment.
This ends up in the example codeblock of sizeof(). Also this should probably go at the end as number 25 (instead of reusing number 23)
There was a problem hiding this comment.
right, I reformatted it, thanks
|
Can you rebase this on master? The addrspace stuff just landed. |
| Syntax: | ||
| - `path(struct path *path)` | ||
|
|
||
| Return full path referenced by struct path pointer in argument. |
There was a problem hiding this comment.
One more thing: maybe it'd be good to document there's a whilelist of kernel functions you can use this on. Could be confusing for users who get load errors when they have a correct handle to struct path.
There was a problem hiding this comment.
right, I added a sentence about that.. I think we need some way to get the whitelist info from kernel, I'll try to add something
When processing pointer attach point arguments we also need
to add pointer record to the BTF set, se we are able to
dereference it later on. This will allow to resolve f_path
member in dpath call (added in following patches):
# bpftrace -e 'kfunc:filp_close { printf("%s\n", dpath(args->filp->f_path)); }'
Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Adding fail argument to check_arg so we can have it failed, but still give a chance for other type. It will be used in following patch for d_path check, that allows both pointer and record types in the argument. Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Adding BPFfeature::has_d_path function to test
if dpath helper is available.
Display it for --info option:
# bpftrace --info
...
Kernel helpers
...
get_current_cgroup_id: yes
send_signal: yes
override_return: no
dpath: yes
Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Adding path builtin function that returns full path
referenced by struct path pointer in argument.
path(struct path *path)
Example:
# bpftrace -e 'kfunc:filp_close { printf("%s\n", path(args->filp->f_path)); }'
Attaching 1 probe...
/proc/sys/net/ipv6/conf/eno2/disable_ipv6
/proc/sys/net/ipv6/conf/eno2/use_tempaddr
socket:[23276]
/proc/sys/net/ipv6/conf/eno2/disable_ipv6
socket:[17655]
/sys/devices/pci0000:00/0000:00:1c.5/0000:04:00.1/net/eno2/type
socket:[38745]
/proc/sys/net/ipv6/conf/eno2/disable_ipv6
The path returns the string with the path or empty string
on error. I don't think it's necessary to return error code
at the moment, however it can be added later in the second
optional argument.
Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Adding semantic_analyser test. Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Adding path runtime test that checks on close being called on file within './testprogs/syscall read' test prog. Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Signed-off-by: Masanori Misono <m.misono760@gmail.com>
Adding dpath builtin function that returns full path
referenced by struct path pointer in argument.
dpath(struct path *path)Example:
The dpath returns the string with the path or empty string
on error. I don't think it's necessary to return error code
at the moment, however it can be added later in the second
optional argument.