Compare commits

..

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

12 changed files with 136 additions and 1315 deletions

View File

@ -1,2 +1,2 @@
90dc7733b42f9eca714d2d87a4577c9b0a232293 SOURCES/bpftrace-0.16.0.tar.gz
dd96c1972002288a6a1105020e16391ff81f3641 SOURCES/bpftrace-0.21.1.tar.gz
974ee680e1eb103c415832d69742e194b661da5c SOURCES/cereal-1.3.2.tar.gz

4
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/bpftrace-0.16.0.tar.gz
SOURCES/cereal-1.3.2.tar.gz
SOURCES/bpftrace-0.21.1.tar.gz
SOURCES/cereal-1.3.2.tar.gz

View File

@ -1,90 +0,0 @@
From 45f0302773923accd7cc324d839b733c27c92f38 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Thu, 6 Jul 2023 08:59:41 -0700
Subject: [PATCH] Adjust to build with llvm 17
- PassManagerBuilder has been removed
- itaniumDemangle() API signature has changed
- update MAX_LLVM_MAJOR in CMakeLists.txt
- update bcc and libbpf submodules to their latest versions to allow
building bcc with llvm 17
- replaced JITEvaluatedSymbol by ExecutorSymbolDef in ORC
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Viktor Malik <viktor.malik@gmail.com>
---
CMakeLists.txt | 2 +-
src/ast/bpforc/bpforc.h | 2 +-
src/ast/passes/codegen_llvm.cpp | 4 ++++
src/cxxdemangler/cxxdemangler_llvm.cpp | 4 ++++
4 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 433153be..a11a5c36 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -169,7 +169,7 @@ else()
endif()
set(MIN_LLVM_MAJOR 6)
- set(MAX_LLVM_MAJOR 16)
+ set(MAX_LLVM_MAJOR 17)
if((${LLVM_VERSION_MAJOR} VERSION_LESS ${MIN_LLVM_MAJOR}) OR (${LLVM_VERSION_MAJOR} VERSION_GREATER ${MAX_LLVM_MAJOR}))
message(SEND_ERROR "Unsupported LLVM version found via ${LLVM_INCLUDE_DIRS}: ${LLVM_VERSION_MAJOR}")
diff --git a/src/ast/bpforc/bpforc.h b/src/ast/bpforc/bpforc.h
index 58914419..8d2f1e63 100644
--- a/src/ast/bpforc/bpforc.h
+++ b/src/ast/bpforc/bpforc.h
@@ -157,7 +157,7 @@ public:
}
#ifdef LLVM_ORC_V2
- Expected<JITEvaluatedSymbol> lookup(StringRef Name)
+ Expected<ExecutorSymbolDef> lookup(StringRef Name)
{
return ES->lookup({ &MainJD }, Mangle(Name.str()));
}
diff --git a/src/ast/passes/codegen_llvm.cpp b/src/ast/passes/codegen_llvm.cpp
index 2b888087..a75a0fd1 100644
--- a/src/ast/passes/codegen_llvm.cpp
+++ b/src/ast/passes/codegen_llvm.cpp
@@ -7,7 +7,9 @@
#include <ctime>
#include <fstream>
+#if LLVM_VERSION_MAJOR <= 16
#include <llvm-c/Transforms/IPO.h>
+#endif
#include <llvm/IR/Constants.h>
#include <llvm/IR/LLVMContext.h>
#include <llvm/IR/LegacyPassManager.h>
@@ -17,7 +19,9 @@
#include <llvm/Passes/PassBuilder.h>
#endif
#include <llvm/Transforms/IPO.h>
+#if LLVM_VERSION_MAJOR <= 16
#include <llvm/Transforms/IPO/PassManagerBuilder.h>
+#endif
#include "arch/arch.h"
#include "ast.h"
diff --git a/src/cxxdemangler/cxxdemangler_llvm.cpp b/src/cxxdemangler/cxxdemangler_llvm.cpp
index e9a9db24..1b0bf7ea 100644
--- a/src/cxxdemangler/cxxdemangler_llvm.cpp
+++ b/src/cxxdemangler/cxxdemangler_llvm.cpp
@@ -6,7 +6,11 @@ namespace bpftrace {
char* cxxdemangle(const char* mangled)
{
+#if LLVM_VERSION_MAJOR <= 16
return llvm::itaniumDemangle(mangled, nullptr, nullptr, nullptr);
+#else
+ return llvm::itaniumDemangle(mangled);
+#endif
}
} // namespace bpftrace
--
2.41.0

View File

@ -1,236 +0,0 @@
From 84cdf2a78199910642c6f8d78d906eb41e865529 Mon Sep 17 00:00:00 2001
From: Jordan Rome <jordalgo@meta.com>
Date: Wed, 15 May 2024 10:21:30 -0600
Subject: [PATCH] Don't unpack kernel headers or look in tmp (#3156)
Looking in shared writeable locations for kernel
headers is inherently risky even bpftrace does
the unpacking. Remove this functionality and let
the user specify the path to these headers if
we can't find them in known locations.
References:
https://github.com/bpftrace/bpftrace/pull/3033
https://github.com/bpftrace/bpftrace/pull/3154
Co-authored-by: Jordan Rome <jordalgo@fedoraproject.org>
---
src/fuzz_main.cpp | 2 +-
src/main.cpp | 2 +-
src/utils.cpp | 105 +---------------------------------------------
src/utils.h | 3 +-
tests/utils.cpp | 21 ----------
5 files changed, 4 insertions(+), 129 deletions(-)
diff --git a/src/fuzz_main.cpp b/src/fuzz_main.cpp
index e168b8d9..a538ece1 100644
--- a/src/fuzz_main.cpp
+++ b/src/fuzz_main.cpp
@@ -135,7 +135,7 @@ int fuzz_main(const char* data, size_t sz)
struct utsname utsname;
uname(&utsname);
std::string ksrc, kobj;
- auto kdirs = get_kernel_dirs(utsname, !bpftrace.feature_->has_btf());
+ auto kdirs = get_kernel_dirs(utsname);
ksrc = std::get<0>(kdirs);
kobj = std::get<1>(kdirs);
diff --git a/src/main.cpp b/src/main.cpp
index 8f543038..61ecc2d4 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -362,7 +362,7 @@ static std::optional<struct timespec> get_boottime()
struct utsname utsname;
uname(&utsname);
std::string ksrc, kobj;
- auto kdirs = get_kernel_dirs(utsname, !bpftrace.feature_->has_btf());
+ auto kdirs = get_kernel_dirs(utsname);
ksrc = std::get<0>(kdirs);
kobj = std::get<1>(kdirs);
diff --git a/src/utils.cpp b/src/utils.cpp
index 872014ad..2bf489a6 100644
--- a/src/utils.cpp
+++ b/src/utils.cpp
@@ -111,8 +111,6 @@ const struct vmlinux_location vmlinux_locs[] = {
{ nullptr, false },
};
-constexpr std::string_view PROC_KHEADERS_PATH = "/sys/kernel/kheaders.tar.xz";
-
static bool pid_in_different_mountns(int pid);
static std::vector<std::string>
resolve_binary_path(const std::string &cmd, const char *env_paths, int pid);
@@ -505,100 +503,6 @@ bool is_dir(const std::string& path)
return std_filesystem::is_directory(buf, ec);
}
-bool file_exists_and_ownedby_root(const char *f)
-{
- struct stat st;
- if (stat(f, &st) == 0) {
- if (st.st_uid != 0) {
- LOG(ERROR) << "header file ownership expected to be root: "
- << std::string(f);
- return false;
- }
- return true;
- }
- return false;
-}
-
-namespace {
- struct KernelHeaderTmpDir {
- KernelHeaderTmpDir(const std::string& prefix) : path{prefix + "XXXXXX"}
- {
- if (::mkdtemp(&path[0]) == nullptr) {
- throw std::runtime_error("creating temporary path for kheaders.tar.xz failed");
- }
- }
-
- ~KernelHeaderTmpDir()
- {
- if (path.size() > 0) {
- // move_to either did not succeed or did not run, so clean up after ourselves
- exec_system(("rm -rf " + path).c_str());
- }
- }
-
- void move_to(const std::string& new_path)
- {
- int err = ::rename(path.c_str(), new_path.c_str());
- if (err == 0) {
- path = "";
- }
- }
-
- std::string path;
- };
-
- std::string unpack_kheaders_tar_xz(const struct utsname& utsname)
- {
- std::error_code ec;
- std_filesystem::path path_prefix{ "/tmp" };
- std_filesystem::path path_kheaders{ PROC_KHEADERS_PATH };
- if (const char* tmpdir = ::getenv("TMPDIR")) {
- path_prefix = tmpdir;
- }
- path_prefix /= "kheaders-";
- std_filesystem::path shared_path{ path_prefix.string() + utsname.release };
-
- if (file_exists_and_ownedby_root(shared_path.c_str()))
- {
- // already unpacked
- return shared_path.string();
- }
-
- if (!std_filesystem::exists(path_kheaders, ec))
- {
- StderrSilencer silencer;
- silencer.silence();
-
- FILE* modprobe = ::popen("modprobe kheaders", "w");
- if (modprobe == nullptr || pclose(modprobe) != 0) {
- return "";
- }
-
- if (!std_filesystem::exists(path_kheaders, ec))
- {
- return "";
- }
- }
-
- KernelHeaderTmpDir tmpdir{path_prefix};
- FILE *tar = ::popen(("tar xf " + std::string(PROC_KHEADERS_PATH) + " -C " +
- tmpdir.path)
- .c_str(),
- "w");
- if (!tar) {
- return "";
- }
-
- int rc = ::pclose(tar);
- if (rc == 0) {
- tmpdir.move_to(shared_path);
- return shared_path;
- }
-
- return "";
- }
-} // namespace
-
// get_kernel_dirs returns {ksrc, kobj} - directories for pristine and
// generated kernel sources.
//
@@ -616,8 +520,7 @@ namespace {
// {"", ""} is returned if no trace of kernel headers was found at all.
// Both ksrc and kobj are guaranteed to be != "", if at least some trace of kernel sources was found.
std::tuple<std::string, std::string> get_kernel_dirs(
- const struct utsname &utsname,
- bool unpack_kheaders)
+ const struct utsname &utsname)
{
#ifdef KERNEL_HEADERS_DIR
return {KERNEL_HEADERS_DIR, KERNEL_HEADERS_DIR};
@@ -647,12 +550,6 @@ std::tuple<std::string, std::string> get_kernel_dirs(
}
if (ksrc.empty() && kobj.empty())
{
- if (unpack_kheaders)
- {
- const auto kheaders_tar_xz_path = unpack_kheaders_tar_xz(utsname);
- if (kheaders_tar_xz_path.size() > 0)
- return std::make_tuple(kheaders_tar_xz_path, kheaders_tar_xz_path);
- }
return std::make_tuple("", "");
}
if (ksrc.empty())
diff --git a/src/utils.h b/src/utils.h
index 103af0d3..c3503676 100644
--- a/src/utils.h
+++ b/src/utils.h
@@ -158,8 +158,7 @@ std::vector<int> get_possible_cpus();
bool is_dir(const std::string &path);
bool file_exists_and_ownedby_root(const char *f);
std::tuple<std::string, std::string> get_kernel_dirs(
- const struct utsname &utsname,
- bool unpack_kheaders);
+ const struct utsname &utsname);
std::vector<std::string> get_kernel_cflags(const char *uname_machine,
const std::string &ksrc,
const std::string &kobj);
diff --git a/tests/utils.cpp b/tests/utils.cpp
index 5244874f..9ca4ace5 100644
--- a/tests/utils.cpp
+++ b/tests/utils.cpp
@@ -222,27 +222,6 @@ TEST(utils, get_cgroup_path_in_hierarchy)
}
}
-TEST(utils, file_exists_and_ownedby_root)
-{
- std::string tmpdir = "/tmp/bpftrace-test-utils-XXXXXX";
- std::string file1 = "/ownedby-user";
- std::string file2 = "/no-exists";
- if (::mkdtemp(tmpdir.data()) == nullptr) {
- throw std::runtime_error("creating temporary path for tests failed");
- }
-
- int fd;
- fd = open((tmpdir + file1).c_str(), O_CREAT, S_IRUSR);
- close(fd);
- ASSERT_GE(fd, 0);
-
- EXPECT_FALSE(file_exists_and_ownedby_root((tmpdir + file1).c_str()));
- EXPECT_FALSE(file_exists_and_ownedby_root((tmpdir + file2).c_str()));
- EXPECT_TRUE(file_exists_and_ownedby_root("/proc/1/maps"));
-
- EXPECT_GT(std_filesystem::remove_all(tmpdir), 0);
-}
-
} // namespace utils
} // namespace test
} // namespace bpftrace
--
2.45.0

View File

@ -1,127 +0,0 @@
From 6d659a5283da67837e0b0ea81991d71ae068ac1c Mon Sep 17 00:00:00 2001
From: Jordan Rome <jordalgo@meta.com>
Date: Wed, 6 Mar 2024 13:59:05 -0500
Subject: [PATCH] Fix security hole checking unpacked kernel headers (#3033)
Make sure to check that the unpacked kheaders tar
is owned by root to prevent bpftrace from loading
compromised linux headers.
Co-authored-by: Jordan Rome <jordalgo@fedoraproject.org>
---
src/utils.cpp | 26 ++++++++++++++++++++++----
src/utils.h | 1 +
tests/utils.cpp | 21 +++++++++++++++++++++
3 files changed, 44 insertions(+), 4 deletions(-)
diff --git a/src/utils.cpp b/src/utils.cpp
index 426644e8..872014ad 100644
--- a/src/utils.cpp
+++ b/src/utils.cpp
@@ -111,6 +111,8 @@ const struct vmlinux_location vmlinux_locs[] = {
{ nullptr, false },
};
+constexpr std::string_view PROC_KHEADERS_PATH = "/sys/kernel/kheaders.tar.xz";
+
static bool pid_in_different_mountns(int pid);
static std::vector<std::string>
resolve_binary_path(const std::string &cmd, const char *env_paths, int pid);
@@ -503,6 +505,20 @@ bool is_dir(const std::string& path)
return std_filesystem::is_directory(buf, ec);
}
+bool file_exists_and_ownedby_root(const char *f)
+{
+ struct stat st;
+ if (stat(f, &st) == 0) {
+ if (st.st_uid != 0) {
+ LOG(ERROR) << "header file ownership expected to be root: "
+ << std::string(f);
+ return false;
+ }
+ return true;
+ }
+ return false;
+}
+
namespace {
struct KernelHeaderTmpDir {
KernelHeaderTmpDir(const std::string& prefix) : path{prefix + "XXXXXX"}
@@ -535,14 +551,14 @@ namespace {
{
std::error_code ec;
std_filesystem::path path_prefix{ "/tmp" };
- std_filesystem::path path_kheaders{ "/sys/kernel/kheaders.tar.xz" };
+ std_filesystem::path path_kheaders{ PROC_KHEADERS_PATH };
if (const char* tmpdir = ::getenv("TMPDIR")) {
path_prefix = tmpdir;
}
path_prefix /= "kheaders-";
std_filesystem::path shared_path{ path_prefix.string() + utsname.release };
- if (std_filesystem::exists(shared_path, ec))
+ if (file_exists_and_ownedby_root(shared_path.c_str()))
{
// already unpacked
return shared_path.string();
@@ -565,8 +581,10 @@ namespace {
}
KernelHeaderTmpDir tmpdir{path_prefix};
-
- FILE* tar = ::popen(("tar xf /sys/kernel/kheaders.tar.xz -C " + tmpdir.path).c_str(), "w");
+ FILE *tar = ::popen(("tar xf " + std::string(PROC_KHEADERS_PATH) + " -C " +
+ tmpdir.path)
+ .c_str(),
+ "w");
if (!tar) {
return "";
}
diff --git a/src/utils.h b/src/utils.h
index 9b96be9f..103af0d3 100644
--- a/src/utils.h
+++ b/src/utils.h
@@ -156,6 +156,7 @@ std::vector<std::string> get_wildcard_tokens(const std::string &input,
std::vector<int> get_online_cpus();
std::vector<int> get_possible_cpus();
bool is_dir(const std::string &path);
+bool file_exists_and_ownedby_root(const char *f);
std::tuple<std::string, std::string> get_kernel_dirs(
const struct utsname &utsname,
bool unpack_kheaders);
diff --git a/tests/utils.cpp b/tests/utils.cpp
index 9ca4ace5..5244874f 100644
--- a/tests/utils.cpp
+++ b/tests/utils.cpp
@@ -222,6 +222,27 @@ TEST(utils, get_cgroup_path_in_hierarchy)
}
}
+TEST(utils, file_exists_and_ownedby_root)
+{
+ std::string tmpdir = "/tmp/bpftrace-test-utils-XXXXXX";
+ std::string file1 = "/ownedby-user";
+ std::string file2 = "/no-exists";
+ if (::mkdtemp(tmpdir.data()) == nullptr) {
+ throw std::runtime_error("creating temporary path for tests failed");
+ }
+
+ int fd;
+ fd = open((tmpdir + file1).c_str(), O_CREAT, S_IRUSR);
+ close(fd);
+ ASSERT_GE(fd, 0);
+
+ EXPECT_FALSE(file_exists_and_ownedby_root((tmpdir + file1).c_str()));
+ EXPECT_FALSE(file_exists_and_ownedby_root((tmpdir + file2).c_str()));
+ EXPECT_TRUE(file_exists_and_ownedby_root("/proc/1/maps"));
+
+ EXPECT_GT(std_filesystem::remove_all(tmpdir), 0);
+}
+
} // namespace utils
} // namespace test
} // namespace bpftrace
--
2.44.0

View File

@ -1,457 +0,0 @@
From dfc1f92653707c8d11bdb3be98e68f8297b9bc71 Mon Sep 17 00:00:00 2001
From: Viktor Malik <viktor.malik@gmail.com>
Date: Mon, 10 Oct 2022 14:26:38 +0200
Subject: [PATCH] IR builder: get rid of getPointerElementType calls
Usage of Value::getPointerElementType is deprecated and will be dropped
in LLVM 16 [1].
There are several places where we use this method:
- function (value) calls - the called function type is usually
available, so just pass it to createCall, the only exception is
CreateProbeReadStr which must have been refactored
- getting the type of alloca instruction - there is a dedicated
AllocaInst::getAllocatedType method that can be used instead
- strncmp - pass sizes of the strings to CreateStrncmp to be able to get
the correct string type (which is array of uint8)
[1] https://llvm.org/docs/OpaquePointers.html
---
src/ast/irbuilderbpf.cpp | 143 ++++++++++++--------------------
src/ast/irbuilderbpf.h | 23 +++--
src/ast/passes/codegen_llvm.cpp | 30 +++++--
3 files changed, 86 insertions(+), 110 deletions(-)
diff --git a/src/ast/irbuilderbpf.cpp b/src/ast/irbuilderbpf.cpp
index d49883f7..4036b2df 100644
--- a/src/ast/irbuilderbpf.cpp
+++ b/src/ast/irbuilderbpf.cpp
@@ -288,17 +288,16 @@ CallInst *IRBuilderBPF::CreateHelperCall(libbpf::bpf_func_id func_id,
Constant *helper_func = ConstantExpr::getCast(Instruction::IntToPtr,
getInt64(func_id),
helper_ptr_type);
- return createCall(helper_func, args, Name);
+ return createCall(helper_type, helper_func, args, Name);
}
-CallInst *IRBuilderBPF::createCall(Value *callee,
+CallInst *IRBuilderBPF::createCall(FunctionType *callee_type,
+ Value *callee,
ArrayRef<Value *> args,
const Twine &Name)
{
#if LLVM_VERSION_MAJOR >= 11
- auto *calleePtrType = cast<PointerType>(callee->getType());
- auto *calleeType = cast<FunctionType>(calleePtrType->getPointerElementType());
- return CreateCall(calleeType, callee, args, Name);
+ return CreateCall(callee_type, callee, args, Name);
#else
return CreateCall(callee, args, Name);
#endif
@@ -307,7 +306,7 @@ CallInst *IRBuilderBPF::createCall(Value *callee,
CallInst *IRBuilderBPF::CreateBpfPseudoCallId(int mapid)
{
Function *pseudo_func = module_.getFunction("llvm.bpf.pseudo");
- return createCall(pseudo_func,
+ return CreateCall(pseudo_func,
{ getInt64(BPF_PSEUDO_MAP_FD), getInt64(mapid) },
"pseudo");
}
@@ -346,7 +345,8 @@ CallInst *IRBuilderBPF::createMapLookup(int mapid, Value *key)
Instruction::IntToPtr,
getInt64(libbpf::BPF_FUNC_map_lookup_elem),
lookup_func_ptr_type);
- return createCall(lookup_func, { map_ptr, key }, "lookup_elem");
+ return createCall(
+ lookup_func_type, lookup_func, { map_ptr, key }, "lookup_elem");
}
CallInst *IRBuilderBPF::CreateGetJoinMap(Value *ctx, const location &loc)
@@ -397,8 +397,7 @@ Value *IRBuilderBPF::CreateMapLookupElem(Value *ctx,
CREATE_MEMCPY(value, call, type.GetSize(), 1);
else
{
- assert(value->getType()->isPointerTy() &&
- (value->getType()->getPointerElementType() == getInt64Ty()));
+ assert(value->getAllocatedType() == getInt64Ty());
// createMapLookup returns an u8*
auto *cast = CreatePointerCast(call, value->getType(), "cast");
CreateStore(CreateLoad(getInt64Ty(), cast), value);
@@ -448,7 +447,8 @@ void IRBuilderBPF::CreateMapUpdateElem(Value *ctx,
Instruction::IntToPtr,
getInt64(libbpf::BPF_FUNC_map_update_elem),
update_func_ptr_type);
- CallInst *call = createCall(update_func,
+ CallInst *call = createCall(update_func_type,
+ update_func,
{ map_ptr, key, val, flags },
"update_elem");
CreateHelperErrorCond(ctx, call, libbpf::BPF_FUNC_map_update_elem, loc);
@@ -472,7 +472,8 @@ void IRBuilderBPF::CreateMapDeleteElem(Value *ctx,
Instruction::IntToPtr,
getInt64(libbpf::BPF_FUNC_map_delete_elem),
delete_func_ptr_type);
- CallInst *call = createCall(delete_func, { map_ptr, key }, "delete_elem");
+ CallInst *call = createCall(
+ delete_func_type, delete_func, { map_ptr, key }, "delete_elem");
CreateHelperErrorCond(ctx, call, libbpf::BPF_FUNC_map_delete_elem, loc);
}
@@ -508,72 +509,53 @@ void IRBuilderBPF::CreateProbeRead(Value *ctx,
Constant *proberead_func = ConstantExpr::getCast(Instruction::IntToPtr,
getInt64(read_fn),
proberead_func_ptr_type);
- CallInst *call = createCall(proberead_func,
+ CallInst *call = createCall(proberead_func_type,
+ proberead_func,
{ dst, size, src },
probeReadHelperName(read_fn));
CreateHelperErrorCond(ctx, call, read_fn, loc);
}
-Constant *IRBuilderBPF::createProbeReadStrFn(llvm::Type *dst,
- llvm::Type *src,
- AddrSpace as)
-{
- assert(src && (src->isIntegerTy() || src->isPointerTy()));
- // int bpf_probe_read_str(void *dst, int size, const void *unsafe_ptr)
- FunctionType *probereadstr_func_type = FunctionType::get(
- getInt64Ty(), { dst, getInt32Ty(), src }, false);
- PointerType *probereadstr_func_ptr_type = PointerType::get(
- probereadstr_func_type, 0);
- return ConstantExpr::getCast(Instruction::IntToPtr,
- getInt64(selectProbeReadHelper(as, true)),
- probereadstr_func_ptr_type);
-}
-
CallInst *IRBuilderBPF::CreateProbeReadStr(Value *ctx,
- AllocaInst *dst,
+ Value *dst,
size_t size,
Value *src,
AddrSpace as,
const location &loc)
{
- assert(ctx && ctx->getType() == getInt8PtrTy());
return CreateProbeReadStr(ctx, dst, getInt32(size), src, as, loc);
}
CallInst *IRBuilderBPF::CreateProbeReadStr(Value *ctx,
Value *dst,
- size_t size,
- Value *src,
- AddrSpace as,
- const location &loc)
-{
- assert(ctx && ctx->getType() == getInt8PtrTy());
- Constant *fn = createProbeReadStrFn(dst->getType(), src->getType(), as);
- auto read_fn = selectProbeReadHelper(as, true);
- CallInst *call = createCall(fn,
- { dst, getInt32(size), src },
- probeReadHelperName(read_fn));
- CreateHelperErrorCond(ctx, call, read_fn, loc);
- return call;
-}
-
-CallInst *IRBuilderBPF::CreateProbeReadStr(Value *ctx,
- AllocaInst *dst,
llvm::Value *size,
Value *src,
AddrSpace as,
const location &loc)
{
assert(ctx && ctx->getType() == getInt8PtrTy());
- assert(dst && dst->getAllocatedType()->isArrayTy() &&
- dst->getAllocatedType()->getArrayElementType() == getInt8Ty());
assert(size && size->getType()->isIntegerTy());
+ if (auto *dst_alloca = dyn_cast<AllocaInst>(dst))
+ {
+ assert(dst_alloca->getAllocatedType()->isArrayTy() &&
+ dst_alloca->getAllocatedType()->getArrayElementType() ==
+ getInt8Ty());
+ }
- auto *size_i32 = CreateIntCast(size, getInt32Ty(), false);
+ auto *size_i32 = size;
+ if (size_i32->getType()->getScalarSizeInBits() != 32)
+ size_i32 = CreateIntCast(size_i32, getInt32Ty(), false);
- Constant *fn = createProbeReadStrFn(dst->getType(), src->getType(), as);
auto read_fn = selectProbeReadHelper(as, true);
- CallInst *call = createCall(fn,
+ // int bpf_probe_read_str(void *dst, int size, const void *unsafe_ptr)
+ FunctionType *probereadstr_func_type = FunctionType::get(
+ getInt64Ty(), { dst->getType(), getInt32Ty(), src->getType() }, false);
+ PointerType *probereadstr_func_ptr_type = PointerType::get(
+ probereadstr_func_type, 0);
+ Constant *probereadstr_callee = ConstantExpr::getCast(
+ Instruction::IntToPtr, getInt64(read_fn), probereadstr_func_ptr_type);
+ CallInst *call = createCall(probereadstr_func_type,
+ probereadstr_callee,
{ dst, size_i32, src },
probeReadHelperName(read_fn));
CreateHelperErrorCond(ctx, call, read_fn, loc);
@@ -732,8 +714,10 @@ Value *IRBuilderBPF::CreateUSDTReadArgument(Value *ctx,
return result;
}
-Value *IRBuilderBPF::CreateStrncmp(Value *val1,
- Value *val2,
+Value *IRBuilderBPF::CreateStrncmp(Value *str1,
+ uint64_t str1_size,
+ Value *str2,
+ uint64_t str2_size,
uint64_t n,
bool inverse)
{
@@ -762,40 +746,21 @@ Value *IRBuilderBPF::CreateStrncmp(Value *val1,
// Check if the compared strings are literals.
// If so, we can avoid storing the literal in memory.
std::optional<std::string> literal1;
- if (auto constString1 = dyn_cast<ConstantDataArray>(val1))
+ if (auto constString1 = dyn_cast<ConstantDataArray>(str1))
literal1 = constString1->getAsString();
- else if (isa<ConstantAggregateZero>(val1))
+ else if (isa<ConstantAggregateZero>(str1))
literal1 = "";
else
literal1 = std::nullopt;
std::optional<std::string> literal2;
- if (auto constString2 = dyn_cast<ConstantDataArray>(val2))
+ if (auto constString2 = dyn_cast<ConstantDataArray>(str2))
literal2 = constString2->getAsString();
- else if (isa<ConstantAggregateZero>(val2))
+ else if (isa<ConstantAggregateZero>(str2))
literal2 = "";
else
literal2 = std::nullopt;
- auto *val1p = dyn_cast<PointerType>(val1->getType());
- auto *val2p = dyn_cast<PointerType>(val2->getType());
-#ifndef NDEBUG
- if (!literal1)
- {
- assert(val1p);
- assert(val1p->getPointerElementType()->isArrayTy() &&
- val1p->getPointerElementType()->getArrayElementType() ==
- getInt8Ty());
- }
- if (!literal2)
- {
- assert(val2p);
- assert(val2p->getPointerElementType()->isArrayTy() &&
- val2p->getPointerElementType()->getArrayElementType() ==
- getInt8Ty());
- }
-#endif
-
Function *parent = GetInsertBlock()->getParent();
AllocaInst *store = CreateAllocaBPF(getInt1Ty(), "strcmp.result");
BasicBlock *str_ne = BasicBlock::Create(module_.getContext(),
@@ -822,8 +787,8 @@ Value *IRBuilderBPF::CreateStrncmp(Value *val1,
l = getInt8(literal1->c_str()[i]);
else
{
- auto *ptr_l = CreateGEP(val1p->getPointerElementType(),
- val1,
+ auto *ptr_l = CreateGEP(ArrayType::get(getInt8Ty(), str1_size),
+ str1,
{ getInt32(0), getInt32(i) });
l = CreateLoad(getInt8Ty(), ptr_l);
}
@@ -833,8 +798,8 @@ Value *IRBuilderBPF::CreateStrncmp(Value *val1,
r = getInt8(literal2->c_str()[i]);
else
{
- auto *ptr_r = CreateGEP(val2p->getPointerElementType(),
- val2,
+ auto *ptr_r = CreateGEP(ArrayType::get(getInt8Ty(), str2_size),
+ str2,
{ getInt32(0), getInt32(i) });
r = CreateLoad(getInt8Ty(), ptr_r);
}
@@ -994,11 +959,9 @@ void IRBuilderBPF::CreateGetCurrentComm(Value *ctx,
size_t size,
const location &loc)
{
- assert(buf->getType()->getPointerElementType()->isArrayTy() &&
- buf->getType()->getPointerElementType()->getArrayNumElements() >=
- size &&
- buf->getType()->getPointerElementType()->getArrayElementType() ==
- getInt8Ty());
+ assert(buf->getAllocatedType()->isArrayTy() &&
+ buf->getAllocatedType()->getArrayNumElements() >= size &&
+ buf->getAllocatedType()->getArrayElementType() == getInt8Ty());
// long bpf_get_current_comm(char *buf, int size_of_buf)
// Return: 0 on success or negative error
@@ -1077,7 +1040,7 @@ void IRBuilderBPF::CreateSignal(Value *ctx, Value *sig, const location &loc)
Instruction::IntToPtr,
getInt64(libbpf::BPF_FUNC_send_signal),
signal_func_ptr_type);
- CallInst *call = createCall(signal_func, { sig }, "signal");
+ CallInst *call = createCall(signal_func_type, signal_func, { sig }, "signal");
CreateHelperErrorCond(ctx, call, libbpf::BPF_FUNC_send_signal, loc);
}
@@ -1091,7 +1054,7 @@ void IRBuilderBPF::CreateOverrideReturn(Value *ctx, Value *rc)
Constant *override_func = ConstantExpr::getCast(Instruction::IntToPtr,
getInt64(libbpf::BPF_FUNC_override_return),
override_func_ptr_type);
- createCall(override_func, { ctx, rc }, "override");
+ createCall(override_func_type, override_func, { ctx, rc }, "override");
}
CallInst *IRBuilderBPF::CreateSkbOutput(Value *skb,
@@ -1126,7 +1089,8 @@ CallInst *IRBuilderBPF::CreateSkbOutput(Value *skb,
Instruction::IntToPtr,
getInt64(libbpf::BPF_FUNC_skb_output),
skb_output_func_ptr_type);
- CallInst *call = createCall(skb_output_func,
+ CallInst *call = createCall(skb_output_func_type,
+ skb_output_func,
{ skb, map_ptr, flags, data, size_val },
"skb_output");
return call;
@@ -1320,7 +1284,8 @@ void IRBuilderBPF::CreateSeqPrintf(Value *ctx,
CreateGEP(getInt64Ty(), meta, getInt64(0)),
"seq");
- CallInst *call = createCall(seq_printf_func,
+ CallInst *call = createCall(seq_printf_func_type,
+ seq_printf_func,
{ seq, fmt, fmt_size, data, data_len },
"seq_printf");
CreateHelperErrorCond(ctx, call, libbpf::BPF_FUNC_seq_printf, loc);
diff --git a/src/ast/irbuilderbpf.h b/src/ast/irbuilderbpf.h
index e124911b..c9ffb545 100644
--- a/src/ast/irbuilderbpf.h
+++ b/src/ast/irbuilderbpf.h
@@ -90,17 +90,11 @@ public:
AddrSpace as,
const location &loc);
CallInst *CreateProbeReadStr(Value *ctx,
- AllocaInst *dst,
+ Value *dst,
llvm::Value *size,
Value *src,
AddrSpace as,
const location &loc);
- CallInst *CreateProbeReadStr(Value *ctx,
- AllocaInst *dst,
- size_t size,
- Value *src,
- AddrSpace as,
- const location &loc);
CallInst *CreateProbeReadStr(Value *ctx,
Value *dst,
size_t size,
@@ -115,7 +109,12 @@ public:
pid_t pid,
AddrSpace as,
const location &loc);
- Value *CreateStrncmp(Value *val1, Value *val2, uint64_t n, bool inverse);
+ Value *CreateStrncmp(Value *str1,
+ uint64_t str1_size,
+ Value *str2,
+ uint64_t str2_size,
+ uint64_t n,
+ bool inverse);
CallInst *CreateGetNs(bool boot_time, const location &loc);
CallInst *CreateGetPidTgid(const location &loc);
CallInst *CreateGetCurrentCgroupId(const location &loc);
@@ -131,7 +130,10 @@ public:
ArrayRef<Value *> args,
const Twine &Name,
const location *loc = nullptr);
- CallInst *createCall(Value *callee, ArrayRef<Value *> args, const Twine &Name);
+ CallInst *createCall(FunctionType *callee_type,
+ Value *callee,
+ ArrayRef<Value *> args,
+ const Twine &Name);
void CreateGetCurrentComm(Value *ctx, AllocaInst *buf, size_t size, const location& loc);
void CreatePerfEventOutput(Value *ctx,
Value *data,
@@ -185,9 +187,6 @@ private:
AddrSpace as,
const location &loc);
CallInst *createMapLookup(int mapid, Value *key);
- Constant *createProbeReadStrFn(llvm::Type *dst,
- llvm::Type *src,
- AddrSpace as);
libbpf::bpf_func_id selectProbeReadHelper(AddrSpace as, bool str);
std::map<std::string, StructType *> structs_;
diff --git a/src/ast/passes/codegen_llvm.cpp b/src/ast/passes/codegen_llvm.cpp
index a818ca0b..2b888087 100644
--- a/src/ast/passes/codegen_llvm.cpp
+++ b/src/ast/passes/codegen_llvm.cpp
@@ -1133,8 +1133,12 @@ void CodegenLLVM::visit(Call &call)
auto left_string = getString(left_arg);
auto right_string = getString(right_arg);
- expr_ = b_.CreateStrncmp(
- left_string.first, right_string.first, size, false);
+ expr_ = b_.CreateStrncmp(left_string.first,
+ left_string.second,
+ right_string.first,
+ right_string.second,
+ size,
+ false);
}
else if (call.func == "override")
{
@@ -1269,8 +1273,7 @@ void CodegenLLVM::visit(Variable &var)
else
{
auto *var_alloca = variables_[var.ident];
- expr_ = b_.CreateLoad(var_alloca->getType()->getPointerElementType(),
- var_alloca);
+ expr_ = b_.CreateLoad(var_alloca->getAllocatedType(), var_alloca);
}
}
@@ -1310,7 +1313,12 @@ void CodegenLLVM::binop_string(Binop &binop)
auto right_string = getString(binop.right);
size_t len = std::min(left_string.second, right_string.second);
- expr_ = b_.CreateStrncmp(left_string.first, right_string.first, len, inverse);
+ expr_ = b_.CreateStrncmp(left_string.first,
+ left_string.second,
+ right_string.first,
+ right_string.second,
+ len,
+ inverse);
}
void CodegenLLVM::binop_buf(Binop &binop)
@@ -1334,7 +1342,12 @@ void CodegenLLVM::binop_buf(Binop &binop)
size_t len = std::min(binop.left->type.GetSize(),
binop.right->type.GetSize());
- expr_ = b_.CreateStrncmp(left_string, right_string, len, inverse);
+ expr_ = b_.CreateStrncmp(left_string,
+ binop.left->type.GetSize(),
+ right_string,
+ binop.right->type.GetSize(),
+ len,
+ inverse);
}
void CodegenLLVM::binop_int(Binop &binop)
@@ -3528,9 +3541,8 @@ void CodegenLLVM::createIncDec(Unop &unop)
else if (unop.expr->is_variable)
{
Variable &var = static_cast<Variable &>(*unop.expr);
- Value *oldval = b_.CreateLoad(
- variables_[var.ident]->getType()->getPointerElementType(),
- variables_[var.ident]);
+ Value *oldval = b_.CreateLoad(variables_[var.ident]->getAllocatedType(),
+ variables_[var.ident]);
Value *newval;
if (is_increment)
newval = b_.CreateAdd(oldval, b_.GetIntSameSize(step, oldval));
--
2.38.1

View File

@ -1,82 +0,0 @@
From 7e813d0e3048f52781199384a120f5e5cbad22ae Mon Sep 17 00:00:00 2001
From: Viktor Malik <viktor.malik@gmail.com>
Date: Mon, 5 Dec 2022 13:31:25 +0100
Subject: [PATCH] RHEL8: remove not existing attachpoints from tools
tools/bio* attempt to attach each probe to multiple kprobes to cover all
possible systems. Remove probes which do not exist in RHEL8 to remove
unnecessary warnings.
---
tools/biolatency.bt | 6 ++----
tools/biostacks.bt | 4 +---
tools/old/biosnoop.bt | 6 ++----
3 files changed, 5 insertions(+), 11 deletions(-)
diff --git a/tools/biolatency.bt b/tools/biolatency.bt
index d5af1f29..4ea910b4 100755
--- a/tools/biolatency.bt
+++ b/tools/biolatency.bt
@@ -16,14 +16,12 @@ BEGIN
printf("Tracing block device I/O... Hit Ctrl-C to end.\n");
}
-kprobe:blk_account_io_start,
-kprobe:__blk_account_io_start
+kprobe:blk_account_io_start
{
@start[arg0] = nsecs;
}
-kprobe:blk_account_io_done,
-kprobe:__blk_account_io_done
+kprobe:blk_account_io_done
/@start[arg0]/
{
@usecs = hist((nsecs - @start[arg0]) / 1000);
diff --git a/tools/biostacks.bt b/tools/biostacks.bt
index 1bc9f819..80d8cb9e 100755
--- a/tools/biostacks.bt
+++ b/tools/biostacks.bt
@@ -18,14 +18,12 @@ BEGIN
printf("Tracing block I/O with init stacks. Hit Ctrl-C to end.\n");
}
-kprobe:blk_account_io_start,
-kprobe:__blk_account_io_start
+kprobe:blk_account_io_start
{
@reqstack[arg0] = kstack;
@reqts[arg0] = nsecs;
}
-kprobe:blk_start_request,
kprobe:blk_mq_start_request
/@reqts[arg0]/
{
diff --git a/tools/old/biosnoop.bt b/tools/old/biosnoop.bt
index 1a99643a..327251e3 100755
--- a/tools/old/biosnoop.bt
+++ b/tools/old/biosnoop.bt
@@ -22,8 +22,7 @@ BEGIN
printf("%-12s %-7s %-16s %-6s %7s\n", "TIME(ms)", "DISK", "COMM", "PID", "LAT(ms)");
}
-kprobe:blk_account_io_start,
-kprobe:__blk_account_io_start
+kprobe:blk_account_io_start
{
@start[arg0] = nsecs;
@iopid[arg0] = pid;
@@ -31,8 +30,7 @@ kprobe:__blk_account_io_start
@disk[arg0] = ((struct request *)arg0)->rq_disk->disk_name;
}
-kprobe:blk_account_io_done,
-kprobe:__blk_account_io_done
+kprobe:blk_account_io_done
/@start[arg0] != 0 && @iopid[arg0] != 0 && @iocomm[arg0] != ""/
{
--
2.38.1

View File

@ -1,26 +0,0 @@
From b74ab9e00b4628e0d8607c6ead8a674bedf280b9 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 10 Mar 2023 00:08:27 -0800
Subject: [PATCH] cmake: Raise max llvm major version to 16
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
CMakeLists.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index e63bc83c..433153be 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -169,7 +169,7 @@ else()
endif()
set(MIN_LLVM_MAJOR 6)
- set(MAX_LLVM_MAJOR 15)
+ set(MAX_LLVM_MAJOR 16)
if((${LLVM_VERSION_MAJOR} VERSION_LESS ${MIN_LLVM_MAJOR}) OR (${LLVM_VERSION_MAJOR} VERSION_GREATER ${MAX_LLVM_MAJOR}))
message(SEND_ERROR "Unsupported LLVM version found via ${LLVM_INCLUDE_DIRS}: ${LLVM_VERSION_MAJOR}")
--
2.40.1

View File

@ -1,173 +0,0 @@
From e661f2a043f8b6548e0bb3e0cc5992d7c0ff3b0f Mon Sep 17 00:00:00 2001
From: Rong Tao <rongtao@cestc.cn>
Date: Sat, 1 Oct 2022 16:15:27 +0800
Subject: [PATCH] tcpdrop: Fix: ERROR: Error attaching probe: 'kprobe:tcp_drop'
kernel commit 8fbf195798b5('tcp_drop() is no longer needed.') remove
the kprobe:tcp_drop, bcc commit 16eab39171eb('Add
tracepoint:skb:kfree_skb if no tcp_drop() kprobe.') already fix this
problem.
CI old kernel is too old and not support the 'reason' field, move the
old tools/tcpdrop.bt into tools/old/tcpdrop.bt and set the CI to use
it.
Since 5.17 support trace_kfree_skb(skb, ..., reason) 'reason' field.
Since 5.19 remove tcp_drop() function.
ERROR log:
$ sudo ./tcpdrop.bt
./tcpdrop.bt:49-51: WARNING: tcp_drop is not traceable (either non-existing, inlined, or marked as "notrace"); attaching to it will likely fail
Attaching 3 probes...
cannot attach kprobe, probe entry may not exist
ERROR: Error attaching probe: 'kprobe:tcp_drop'
Link: https://github.com/iovisor/bpftrace/pull/2379
Signed-off-by: Rong Tao <rongtao@cestc.cn>
---
tools/old/tcpdrop.bt | 85 ++++++++++++++++++++++++++++++++++++++++++++
tools/tcpdrop.bt | 22 ++++++------
2 files changed, 97 insertions(+), 10 deletions(-)
create mode 100755 tools/old/tcpdrop.bt
diff --git a/tools/old/tcpdrop.bt b/tools/old/tcpdrop.bt
new file mode 100755
index 00000000..685a5f6a
--- /dev/null
+++ b/tools/old/tcpdrop.bt
@@ -0,0 +1,85 @@
+#!/usr/bin/env bpftrace
+/*
+ * tcpdrop.bt Trace TCP kernel-dropped packets/segments.
+ * For Linux, uses bpftrace and eBPF.
+ *
+ * USAGE: tcpdrop.bt
+ *
+ * This is a bpftrace version of the bcc tool of the same name.
+ * It is limited to ipv4 addresses, and cannot show tcp flags.
+ *
+ * This provides information such as packet details, socket state, and kernel
+ * stack trace for packets/segments that were dropped via tcp_drop().
+
+ * WARNING: this script attaches to the tcp_drop kprobe which is likely inlined
+ * on newer kernels and not replaced by anything else, therefore
+ * the script will stop working
+ *
+ * For Linux <= 5.18.
+ *
+ * Copyright (c) 2018 Dale Hamel.
+ * Licensed under the Apache License, Version 2.0 (the "License")
+ *
+ * 23-Nov-2018 Dale Hamel created this.
+ */
+
+#ifndef BPFTRACE_HAVE_BTF
+#include <linux/socket.h>
+#include <net/sock.h>
+#else
+#include <sys/socket.h>
+#endif
+
+BEGIN
+{
+ printf("Tracing tcp drops. Hit Ctrl-C to end.\n");
+ printf("%-8s %-8s %-16s %-21s %-21s %-8s\n", "TIME", "PID", "COMM", "SADDR:SPORT", "DADDR:DPORT", "STATE");
+
+ // See https://github.com/torvalds/linux/blob/master/include/net/tcp_states.h
+ @tcp_states[1] = "ESTABLISHED";
+ @tcp_states[2] = "SYN_SENT";
+ @tcp_states[3] = "SYN_RECV";
+ @tcp_states[4] = "FIN_WAIT1";
+ @tcp_states[5] = "FIN_WAIT2";
+ @tcp_states[6] = "TIME_WAIT";
+ @tcp_states[7] = "CLOSE";
+ @tcp_states[8] = "CLOSE_WAIT";
+ @tcp_states[9] = "LAST_ACK";
+ @tcp_states[10] = "LISTEN";
+ @tcp_states[11] = "CLOSING";
+ @tcp_states[12] = "NEW_SYN_RECV";
+}
+
+kprobe:tcp_drop
+{
+ $sk = ((struct sock *) arg0);
+ $inet_family = $sk->__sk_common.skc_family;
+
+ if ($inet_family == AF_INET || $inet_family == AF_INET6) {
+ if ($inet_family == AF_INET) {
+ $daddr = ntop($sk->__sk_common.skc_daddr);
+ $saddr = ntop($sk->__sk_common.skc_rcv_saddr);
+ } else {
+ $daddr = ntop($sk->__sk_common.skc_v6_daddr.in6_u.u6_addr8);
+ $saddr = ntop($sk->__sk_common.skc_v6_rcv_saddr.in6_u.u6_addr8);
+ }
+ $lport = $sk->__sk_common.skc_num;
+ $dport = $sk->__sk_common.skc_dport;
+
+ // Destination port is big endian, it must be flipped
+ $dport = bswap($dport);
+
+ $state = $sk->__sk_common.skc_state;
+ $statestr = @tcp_states[$state];
+
+ time("%H:%M:%S ");
+ printf("%-8d %-16s ", pid, comm);
+ printf("%39s:%-6d %39s:%-6d %-10s\n", $saddr, $lport, $daddr, $dport, $statestr);
+ printf("%s\n", kstack);
+ }
+}
+
+END
+{
+ clear(@tcp_states);
+}
diff --git a/tools/tcpdrop.bt b/tools/tcpdrop.bt
index 3450a533..bb31107f 100755
--- a/tools/tcpdrop.bt
+++ b/tools/tcpdrop.bt
@@ -9,16 +9,15 @@
* It is limited to ipv4 addresses, and cannot show tcp flags.
*
* This provides information such as packet details, socket state, and kernel
- * stack trace for packets/segments that were dropped via tcp_drop().
-
- * WARNING: this script attaches to the tcp_drop kprobe which is likely inlined
- * on newer kernels and not replaced by anything else, therefore
- * the script will stop working
-
+ * stack trace for packets/segments that were dropped via kfree_skb.
+ *
+ * For Linux 5.17+ (see tools/old for script for lower versions).
+ *
* Copyright (c) 2018 Dale Hamel.
* Licensed under the Apache License, Version 2.0 (the "License")
-
+ *
* 23-Nov-2018 Dale Hamel created this.
+ * 01-Oct-2022 Rong Tao use tracepoint:skb:kfree_skb
*/
#ifndef BPFTRACE_HAVE_BTF
@@ -48,12 +47,15 @@ BEGIN
@tcp_states[12] = "NEW_SYN_RECV";
}
-kprobe:tcp_drop
+tracepoint:skb:kfree_skb
{
- $sk = ((struct sock *) arg0);
+ $reason = args->reason;
+ $skb = (struct sk_buff *)args->skbaddr;
+ $sk = ((struct sock *) $skb->sk);
$inet_family = $sk->__sk_common.skc_family;
- if ($inet_family == AF_INET || $inet_family == AF_INET6) {
+ if ($reason > SKB_DROP_REASON_NOT_SPECIFIED &&
+ ($inet_family == AF_INET || $inet_family == AF_INET6)) {
if ($inet_family == AF_INET) {
$daddr = ntop($sk->__sk_common.skc_daddr);
$saddr = ntop($sk->__sk_common.skc_rcv_saddr);
--
2.38.1

View File

@ -1,27 +0,0 @@
From 31a42a47b90f97a2a8c2446101c0007cf09288bc Mon Sep 17 00:00:00 2001
From: Viktor Malik <viktor.malik@gmail.com>
Date: Mon, 5 Dec 2022 11:57:24 +0100
Subject: [PATCH] tools/old/mdflush.bt: fix BPFTRACE_HAVE_BTF macro
The correct macro to use is called BPFTRACE_HAVE_BTF, not
__BPFTRACE_HAVE_BTF.
---
tools/old/mdflush.bt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/old/mdflush.bt b/tools/old/mdflush.bt
index 921c8f1b..23c7dd51 100755
--- a/tools/old/mdflush.bt
+++ b/tools/old/mdflush.bt
@@ -15,7 +15,7 @@
* 08-Sep-2018 Brendan Gregg Created this.
*/
-#ifndef __BPFTRACE_HAVE_BTF
+#ifndef BPFTRACE_HAVE_BTF
#include <linux/genhd.h>
#include <linux/bio.h>
#endif
--
2.38.1

View File

@ -1,7 +1,7 @@
From 7598b2b918835ab71e48bd7617812bde3a2537a7 Mon Sep 17 00:00:00 2001
From cae27a1842c038bb59fb8e3ee48018d0e69f2a3c Mon Sep 17 00:00:00 2001
From: Jerome Marchand <jmarchan@redhat.com>
Date: Thu, 11 Jun 2020 14:56:36 +0200
Subject: [PATCH 4/6] RHEL-8: aarch64: fixes statsnoop and opensnoop
Subject: [PATCH] RHEL: aarch64: fixes statsnoop and opensnoop
On aarch64 the open syscall has been dropped. Only openat remains,
wich is called by libc open() function.
@ -12,13 +12,15 @@ instance, new(l)stat are missing from aarch64.
The only way I can think of fixing thess is RHEL-8 only arch specific
patches.
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
---
tools/opensnoop.bt | 2 --
tools/statsnoop.bt | 8 ++------
2 files changed, 2 insertions(+), 8 deletions(-)
diff --git a/tools/opensnoop.bt b/tools/opensnoop.bt
index a7de8026..d99db93e 100755
index bbb26419..95185e5f 100755
--- a/tools/opensnoop.bt
+++ b/tools/opensnoop.bt
@@ -21,13 +21,11 @@ BEGIN
@ -28,7 +30,7 @@ index a7de8026..d99db93e 100755
-tracepoint:syscalls:sys_enter_open,
tracepoint:syscalls:sys_enter_openat
{
@filename[tid] = args->filename;
@filename[tid] = args.filename;
}
-tracepoint:syscalls:sys_exit_open,
@ -36,11 +38,11 @@ index a7de8026..d99db93e 100755
/@filename[tid]/
{
diff --git a/tools/statsnoop.bt b/tools/statsnoop.bt
index b2d529e2..f612ea94 100755
index a76b2bcc..89c2c8ea 100755
--- a/tools/statsnoop.bt
+++ b/tools/statsnoop.bt
@@ -30,17 +30,13 @@ tracepoint:syscalls:sys_enter_statfs
@filename[tid] = args->pathname;
@filename[tid] = args.pathname;
}
-tracepoint:syscalls:sys_enter_statx,
@ -48,7 +50,7 @@ index b2d529e2..f612ea94 100755
-tracepoint:syscalls:sys_enter_newlstat
+tracepoint:syscalls:sys_enter_statx
{
@filename[tid] = args->filename;
@filename[tid] = args.filename;
}
tracepoint:syscalls:sys_exit_statfs,
@ -58,7 +60,7 @@ index b2d529e2..f612ea94 100755
+tracepoint:syscalls:sys_exit_statx
/@filename[tid]/
{
$ret = args->ret;
$ret = args.ret;
--
2.35.3
2.45.0

View File

@ -1,8 +1,6 @@
%bcond_without llvm_static
Name: bpftrace
Version: 0.16.0
Release: 6%{?dist}
Version: 0.21.1
Release: 1%{?dist}
Summary: High-level tracing language for Linux eBPF
License: ASL 2.0
@ -11,19 +9,11 @@ License: ASL 2.0
URL: https://github.com/iovisor/bpftrace
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
# Cereal is a header-only serialization library which is not packaged into
# RHEL8, so we download it manually. This is ok to do as it is only necessary
# RHEL9, so we download it manually. This is ok to do as it is only necessary
# for build.
Source1: https://github.com/USCiLab/cereal/archive/v%{cereal_version}/cereal-%{cereal_version}.tar.gz
Patch0: %{name}-%{version}-IR-builder-get-rid-of-getPointerElementType-calls.patch
Patch1: %{name}-%{version}-tools-old-mdflush.bt-fix-BPFTRACE_HAVE_BTF-macro.patch
Patch2: %{name}-%{version}-tcpdrop-Fix-ERROR-Error-attaching-probe-kprobe-tcp_d.patch
Patch3: %{name}-%{version}-RHEL8-remove-not-existing-attachpoints-from-tools.patch
Patch4: %{name}-%{version}-cmake-Raise-max-llvm-major-version-to-16.patch
Patch5: %{name}-%{version}-Adjust-to-build-with-llvm-17.patch
Patch6: %{name}-%{version}-Fix-security-hole-checking-unpacked-kernel-headers-3.patch
Patch7: %{name}-%{version}-Don-t-unpack-kernel-headers-or-look-in-tmp-3156.patch
Patch10: %{name}-%{version}-RHEL-8-aarch64-fixes-statsnoop-and-opensnoop.patch
Patch10: %{name}-%{version}-RHEL-aarch64-fixes-statsnoop-and-opensnoop.patch
# Arches will be included as upstream support is added and dependencies are
# satisfied in the respective arches
@ -37,17 +27,12 @@ BuildRequires: elfutils-libelf-devel
BuildRequires: zlib-devel
BuildRequires: llvm-devel
BuildRequires: clang-devel
BuildRequires: bcc-devel
BuildRequires: bcc-devel >= 0.19.0-8
BuildRequires: libbpf-devel
BuildRequires: libbpf-static
BuildRequires: binutils-devel
BuildRequires: lldb-devel
%if %{with llvm_static}
BuildRequires: llvm-static
%endif
# We don't need kernel-devel to use bpftrace, but some tools need it
Recommends: kernel-devel
%description
BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet
@ -73,9 +58,10 @@ CPATH=$PWD/cereal-%{cereal_version}/include:$CPATH
export CPATH
%cmake . \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DUSE_SYSTEM_BPF_BCC=ON \
-DBUILD_TESTING:BOOL=OFF \
-DBUILD_SHARED_LIBS:BOOL=OFF
%make_build
%cmake_build
%install
@ -85,16 +71,12 @@ export CPATH
%global __os_install_post %{nil}
%global _find_debuginfo_opts -g
%make_install
%cmake_install
# Fix shebangs (https://fedoraproject.org/wiki/Packaging:Guidelines#Shebang_lines)
find %{buildroot}%{_datadir}/%{name}/tools -type f -exec \
sed -i -e '1s=^#!/usr/bin/env %{name}\([0-9.]\+\)\?$=#!%{_bindir}/%{name}=' {} \;
# Some tools require old versions for RHEL8
cp %{buildroot}/%{_datadir}/%{name}/tools/old/biosnoop.bt %{buildroot}/%{_datadir}/%{name}/tools
cp %{buildroot}/%{_datadir}/%{name}/tools/old/mdflush.bt %{buildroot}/%{_datadir}/%{name}/tools
%files
%doc README.md CONTRIBUTING-TOOLS.md
@ -103,94 +85,149 @@ cp %{buildroot}/%{_datadir}/%{name}/tools/old/mdflush.bt %{buildroot}/%{_datadir
%dir %{_datadir}/%{name}
%dir %{_datadir}/%{name}/tools
%dir %{_datadir}/%{name}/tools/doc
%dir %{_datadir}/%{name}/tools/old
%{_bindir}/%{name}
%{_bindir}/%{name}-aotrt
%{_mandir}/man8/*
%attr(0755,-,-) %{_datadir}/%{name}/tools/*.bt
%{_datadir}/%{name}/tools/doc/*.txt
# Do not include old versions of tools.
# Those that are needed were already installed as normal tools.
# Do not include old versions of tools, they do not work on RHEL 9
%exclude %{_datadir}/%{name}/tools/old
%changelog
* Thu May 30 2024 Viktor Malik <vmalik@redhat.com> - 0.16.0-6
- Fix security hole checking unpacked kernel headers (CVE-2024-2313)
- Resolves: RHEL-28764
* Thu Jun 27 2024 Viktor Malik <vmalik@redhat.com> - 0.21.1-1
- Rebase on bpftrace 0.21.1
- Add LLVM 18 support (RHEL-28685)
* Mon Nov 06 2023 - 0.16.0-5
- Rebuild for LLVM17
- Resolves: RHEL-10690
* Thu May 30 2024 Viktor Malik <vmalik@redhat.com> - 0.20.4-3
- Fix latest build (not built in side tag)
* Fri Jun 09 2023 Viktor Malik <vmalik@redhat.com> - 0.16.0-3
- Add forgotten patch raising LLVM version in CMake
- Resolves: rhbz#2192950
* Thu May 30 2024 Viktor Malik <vmalik@redhat.com> - 0.20.4-2
- Rebuild for bcc 0.30.0-4
* Fri Jun 09 2023 Viktor Malik <vmalik@redhat.com> - 0.16.0-2
- Rebuild for LLVM16
- Resolves: rhbz#2192950
* Thu May 30 2024 Viktor Malik <vmalik@redhat.com> - 0.20.4-1
- Rebase on bpftrace 0.20.4
- Fix CVE allowing unprivileged users loading of compromised linux headers
(RHEL-28765, CVE-2024-2313)
* Wed Nov 30 2022 Viktor Malik <vmalik@redhat.com> - 0.16.0-1
- Rebase on bpftrace 0.16.0
- Rebuild for LLVM15
- Download the cereal library (not packaged into RHEL8)
* Fri May 03 2024 Viktor Malik <vmalik@redhat.com> - 0.20.3-1
- Rebase on bpftrace 0.20.3 (RHEL-30779)
- Fix CVE allowing unprivileged users loading of compromised linux headers
(RHEL-28765, CVE-2024-2313)
- Fix bpftrace creating BPF programs with truncated names (RHEL-8502)
* Thu Jun 02 2022 Jerome Marchand <jmarchan@redhat.com> - 0.13.1-1
- Rebase on bpftrace 0.13.1
- Rebuild on LLVM14
* Mon Nov 06 2023 Viktor Malik <vmalik@redhat.com> - 0.19.1-1
- Rebase on bpftrace 0.19.1 (RHEL-10693)
- Rebuild for LLVM 17 (RHEL-10592)
- Enhancements and fixes for PowerPC (RHEL-3690, RHEL-11476)
* Thu Dec 02 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1-4
* Mon May 15 2023 Viktor Malik <vmalik@redhat.com> - 0.17.0-2
- Rebuild for LLVM 16 (rhbz#2192953)
* Tue Mar 14 2023 Viktor Malik <vmalik@redhat.com> - 0.17.0-1
- Rebase on bpftrace 0.17.0 (RHEL-286)
- Fix runqlat.bt, tcpdrop.bt, and undump.bt on aarch64 (rhbz#2170838)
* Tue Jan 03 2023 Viktor Malik <vmalik@redhat.com> - 0.16.0-2
- Fix missing kprobe attachpoints for bio* tools (s390x, ppc64le)
- Rebuild for libbpf 1.0.0
- Resolves: rhbz#2157829
- Related: rhbz#2157592
* Fri Dec 16 2022 Viktor Malik <vmalik@redhat.com> - 0.16.0-1
- Rebase on bpftrace 0.16.0 (rhbz#2121920)
- Rebuild for LLVM 15 (rhbz#2118995)
- Download the cereal library (not packaged into RHEL9)
- Fixed several tools (rhbz#1975148, rhbz#2088577, rhbz#2128208, rhbz#2073675,
rhbz#2073770)
- Resolve conflicts between bpftrace and bcc manpages (rhbz#2075076)
* Mon May 16 2022 Jerome Marchand <jmarchan@redhat.com> - 0.13.1-1
- Rebase to bpftrace 0.13.1
- Rebuild for LLVM14
* Mon Feb 21 2022 Viktor Malik <vmalik@redhat.com> - 0.12.1-8
- Fix wildcard listing bug
- Fix bio* tools
* Thu Dec 02 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1.7
- Bump up required bcc version.
* Thu Dec 02 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1.6
- Rebuild on LLVM13
- Small spec cleanup
* Thu Jun 24 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1-3
- Have threadsnoop points to libpthread.so.0
* Mon Oct 18 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1.5
- threadsnoop: probe libpthread.so.0
- Fix aarch64 failures
* Wed Jun 09 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1-2
- Rebuild on LLVM12
* Mon Oct 18 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1.4
- Fix gating
* Fri Apr 30 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1-1
- Rebase on bpftrace 0.12.1
* Fri Oct 15 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.1-3
- Fix mdflush (rhbz#1967567)
* Thu Jan 28 2021 Jerome Marchand <jmarchan@redhat.com> - 0.11.1-3
- Add missing libbpf and binutils-dev dependencies
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.12.1-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Nov 11 2020 Jerome Marchand <jmarchan@redhat.com> - 0.11.1-2
- Fix statsnoop and opensnoop on aarch64 again
* Thu May 27 2021 Jerome Marchand <jmarchan@redhat.com> - 0.12.0-1
- Rebase to bpftrace 0.12.1
* Fri Nov 06 2020 Jerome Marchand <jmarchan@redhat.com> - 0.11.1-1
- Rebase on bpftrace 0.11.1
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.11.0-10
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Oct 27 2020 Jerome Marchand <jmarchan@redhat.com> - 0.10.0-5
- Rebuild for bcc 0.16.0
* Fri Feb 12 2021 Jerome Marchand <jmarchan@redhat.com> - 0.11.0-9
- Last build failed: rebuild.
* Thu Jun 11 2020 Jerome Marchand <jmarchan@redhat.com> - 0.10.0-4
- Fix KBUILD_MODNAME
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jun 11 2020 Jerome Marchand <jmarchan@redhat.com> - 0.10.0-3
- Fix ENOMEM issue on arm64 machine with many cpus
- Fix statsnoop and opensnoop on aarch64
- Drop tcpdrop on ppc64
* Fri Jan 22 2021 Tom Stellard <tstellar@redhat.com> - 0.11.0-7
- Rebuild for clang-11.1.0
* Tue May 05 2020 Jerome Marchand <jmarchan@redhat.com> - 0.10.0-2
- Fix libpthread path in threadsnoop
* Fri Dec 04 2020 Jeff Law <law@redhat.com> - 0.11.0-6
- Fix missing #include for gcc-11
* Wed Apr 22 2020 Jerome Marchand <jmarchan@redhat.com> - 0.10.0-1
- Rebase on bpftrace 0.10.0
* Fri Nov 13 2020 Jerome Marchand <jmarchan@redhat.com> - 0.11.0-5
- Rebuilt for LLVM 11
* Fri Nov 08 2019 Jerome Marchand <jmarchan@redhat.com> - 0.9.2-1
- Rebase on bpftrace 0.9.2
* Tue Aug 04 2020 Augusto Caringi <acaringi@redhat.com> - 0.11.0-4
- Fix FTBFS due to cmake wide changes #1863295
- Fix 'bpftrace symbols are stripped' #1865787
* Tue Jun 18 2019 Jerome Marchand <jmarchan@redhat.com> - 0.9-3
- Don't allow to raw_spin_lock* kprobes that can deadlock the kernel.
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.0-3
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jun 12 2019 Jerome Marchand <jmarchan@redhat.com> - 0.9-2
- Fixes gethostlatency
- Fixes a struct definition issue that made several tools fail
- Add CI gating
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed May 15 2019 Jerome Marchand <jmarchan@redhat.com> - 0.9.1
- Original build on RHEL 8
* Thu Jul 16 2020 Augusto Caringi <acaringi@redhat.com> - 0.11.0-1
* Rebased to version 0.11.0
* Tue May 19 2020 Augusto Caringi <acaringi@redhat.com> - 0.10.0-2
- Rebuilt for new bcc/libbpf versions
* Tue Apr 14 2020 Augusto Caringi <acaringi@redhat.com> - 0.10.0-1
- Rebased to version 0.10.0
- Dropped support for s390x temporaly due to build error
* Thu Feb 06 2020 Augusto Caringi <acaringi@redhat.com> - 0.9.4-1
- Rebased to version 0.9.4
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Nov 21 2019 Augusto Caringi <acaringi@redhat.com> - 0.9.3-1
- Rebased to version 0.9.3
* Thu Aug 01 2019 Augusto Caringi <acaringi@redhat.com> - 0.9.2-1
- Rebased to version 0.9.2
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jun 26 2019 Augusto Caringi <acaringi@redhat.com> - 0.9.1-1
- Rebased to version 0.9.1
* Thu Apr 25 2019 Augusto Caringi <acaringi@redhat.com> - 0.9-3
- Rebuilt for bcc 0.9.0