search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'for-linus-20190706' of git://git.kernel.dk/linux-block
[linux/fpc-iii.git] / kernel / trace / bpf_trace.c
blob1c9a4745e596d91bde5fc5910fc4f8bcb318529e
1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (c) 2011-2015 PLUMgrid, http://plumgrid.com
3 * Copyright (c) 2016 Facebook
4 */
5 #include <linux/kernel.h>
6 #include <linux/types.h>
7 #include <linux/slab.h>
8 #include <linux/bpf.h>
9 #include <linux/bpf_perf_event.h>
10 #include <linux/filter.h>
11 #include <linux/uaccess.h>
12 #include <linux/ctype.h>
13 #include <linux/kprobes.h>
14 #include <linux/syscalls.h>
15 #include <linux/error-injection.h>
16
17 #include <asm/tlb.h>
18
19 #include "trace_probe.h"
20 #include "trace.h"
21
22 #ifdef CONFIG_MODULES
23 struct bpf_trace_module {
24 struct module *module;
25 struct list_head list;
26 };
27
28 static LIST_HEAD(bpf_trace_modules);
29 static DEFINE_MUTEX(bpf_module_mutex);
30
31 static struct bpf_raw_event_map *bpf_get_raw_tracepoint_module(const char *name)
32 {
33 struct bpf_raw_event_map *btp, *ret = NULL;
34 struct bpf_trace_module *btm;
35 unsigned int i;
36
37 mutex_lock(&bpf_module_mutex);
38 list_for_each_entry(btm, &bpf_trace_modules, list) {
39 for (i = 0; i < btm->module->num_bpf_raw_events; ++i) {
40 btp = &btm->module->bpf_raw_events[i];
41 if (!strcmp(btp->tp->name, name)) {
42 if (try_module_get(btm->module))
43 ret = btp;
44 goto out;
45 }
46 }
47 }
48 out:
49 mutex_unlock(&bpf_module_mutex);
50 return ret;
51 }
52 #else
53 static struct bpf_raw_event_map *bpf_get_raw_tracepoint_module(const char *name)
54 {
55 return NULL;
56 }
57 #endif /* CONFIG_MODULES */
58
59 u64 bpf_get_stackid(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5);
60 u64 bpf_get_stack(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5);
61
62 /**
63 * trace_call_bpf - invoke BPF program
64 * @call: tracepoint event
65 * @ctx: opaque context pointer
66 *
67 * kprobe handlers execute BPF programs via this helper.
68 * Can be used from static tracepoints in the future.
69 *
70 * Return: BPF programs always return an integer which is interpreted by
71 * kprobe handler as:
72 * 0 - return from kprobe (event is filtered out)
73 * 1 - store kprobe event into ring buffer
74 * Other values are reserved and currently alias to 1
75 */
76 unsigned int trace_call_bpf(struct trace_event_call *call, void *ctx)
77 {
78 unsigned int ret;
79
80 if (in_nmi()) /* not supported yet */
81 return 1;
82
83 preempt_disable();
84
85 if (unlikely(__this_cpu_inc_return(bpf_prog_active) != 1)) {
86 /*
87 * since some bpf program is already running on this cpu,
88 * don't call into another bpf program (same or different)
89 * and don't send kprobe event into ring-buffer,
90 * so return zero here
91 */
92 ret = 0;
93 goto out;
94 }
95
96 /*
97 * Instead of moving rcu_read_lock/rcu_dereference/rcu_read_unlock
98 * to all call sites, we did a bpf_prog_array_valid() there to check
99 * whether call->prog_array is empty or not, which is
100 * a heurisitc to speed up execution.
101 *
102 * If bpf_prog_array_valid() fetched prog_array was
103 * non-NULL, we go into trace_call_bpf() and do the actual
104 * proper rcu_dereference() under RCU lock.
105 * If it turns out that prog_array is NULL then, we bail out.
106 * For the opposite, if the bpf_prog_array_valid() fetched pointer
107 * was NULL, you'll skip the prog_array with the risk of missing
108 * out of events when it was updated in between this and the
109 * rcu_dereference() which is accepted risk.
110 */
111 ret = BPF_PROG_RUN_ARRAY_CHECK(call->prog_array, ctx, BPF_PROG_RUN);
112
113 out:
114 __this_cpu_dec(bpf_prog_active);
115 preempt_enable();
116
117 return ret;
118 }
119 EXPORT_SYMBOL_GPL(trace_call_bpf);
120
121 #ifdef CONFIG_BPF_KPROBE_OVERRIDE
122 BPF_CALL_2(bpf_override_return, struct pt_regs *, regs, unsigned long, rc)
123 {
124 regs_set_return_value(regs, rc);
125 override_function_with_return(regs);
126 return 0;
127 }
128
129 static const struct bpf_func_proto bpf_override_return_proto = {
130 .func = bpf_override_return,
131 .gpl_only = true,
132 .ret_type = RET_INTEGER,
133 .arg1_type = ARG_PTR_TO_CTX,
134 .arg2_type = ARG_ANYTHING,
135 };
136 #endif
137
138 BPF_CALL_3(bpf_probe_read, void *, dst, u32, size, const void *, unsafe_ptr)
139 {
140 int ret;
141
142 ret = probe_kernel_read(dst, unsafe_ptr, size);
143 if (unlikely(ret < 0))
144 memset(dst, 0, size);
145
146 return ret;
147 }
148
149 static const struct bpf_func_proto bpf_probe_read_proto = {
150 .func = bpf_probe_read,
151 .gpl_only = true,
152 .ret_type = RET_INTEGER,
153 .arg1_type = ARG_PTR_TO_UNINIT_MEM,
154 .arg2_type = ARG_CONST_SIZE_OR_ZERO,
155 .arg3_type = ARG_ANYTHING,
156 };
157
158 BPF_CALL_3(bpf_probe_write_user, void *, unsafe_ptr, const void *, src,
159 u32, size)
160 {
161 /*
162 * Ensure we're in user context which is safe for the helper to
163 * run. This helper has no business in a kthread.
164 *
165 * access_ok() should prevent writing to non-user memory, but in
166 * some situations (nommu, temporary switch, etc) access_ok() does
167 * not provide enough validation, hence the check on KERNEL_DS.
168 *
169 * nmi_uaccess_okay() ensures the probe is not run in an interim
170 * state, when the task or mm are switched. This is specifically
171 * required to prevent the use of temporary mm.
172 */
173
174 if (unlikely(in_interrupt() ||
175 current->flags & (PF_KTHREAD | PF_EXITING)))
176 return -EPERM;
177 if (unlikely(uaccess_kernel()))
178 return -EPERM;
179 if (unlikely(!nmi_uaccess_okay()))
180 return -EPERM;
181 if (!access_ok(unsafe_ptr, size))
182 return -EPERM;
183
184 return probe_kernel_write(unsafe_ptr, src, size);
185 }
186
187 static const struct bpf_func_proto bpf_probe_write_user_proto = {
188 .func = bpf_probe_write_user,
189 .gpl_only = true,
190 .ret_type = RET_INTEGER,
191 .arg1_type = ARG_ANYTHING,
192 .arg2_type = ARG_PTR_TO_MEM,
193 .arg3_type = ARG_CONST_SIZE,
194 };
195
196 static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
197 {
198 pr_warn_ratelimited("%s[%d] is installing a program with bpf_probe_write_user helper that may corrupt user memory!",
199 current->comm, task_pid_nr(current));
200
201 return &bpf_probe_write_user_proto;
202 }
203
204 /*
205 * Only limited trace_printk() conversion specifiers allowed:
206 * %d %i %u %x %ld %li %lu %lx %lld %lli %llu %llx %p %s
207 */
208 BPF_CALL_5(bpf_trace_printk, char *, fmt, u32, fmt_size, u64, arg1,
209 u64, arg2, u64, arg3)
210 {
211 bool str_seen = false;
212 int mod[3] = {};
213 int fmt_cnt = 0;
214 u64 unsafe_addr;
215 char buf[64];
216 int i;
217
218 /*
219 * bpf_check()->check_func_arg()->check_stack_boundary()
220 * guarantees that fmt points to bpf program stack,
221 * fmt_size bytes of it were initialized and fmt_size > 0
222 */
223 if (fmt[--fmt_size] != 0)
224 return -EINVAL;
225
226 /* check format string for allowed specifiers */
227 for (i = 0; i < fmt_size; i++) {
228 if ((!isprint(fmt[i]) && !isspace(fmt[i])) || !isascii(fmt[i]))
229 return -EINVAL;
230
231 if (fmt[i] != '%')
232 continue;
233
234 if (fmt_cnt >= 3)
235 return -EINVAL;
236
237 /* fmt[i] != 0 && fmt[last] == 0, so we can access fmt[i + 1] */
238 i++;
239 if (fmt[i] == 'l') {
240 mod[fmt_cnt]++;
241 i++;
242 } else if (fmt[i] == 'p' || fmt[i] == 's') {
243 mod[fmt_cnt]++;
244 /* disallow any further format extensions */
245 if (fmt[i + 1] != 0 &&
246 !isspace(fmt[i + 1]) &&
247 !ispunct(fmt[i + 1]))
248 return -EINVAL;
249 fmt_cnt++;
250 if (fmt[i] == 's') {
251 if (str_seen)
252 /* allow only one '%s' per fmt string */
253 return -EINVAL;
254 str_seen = true;
255
256 switch (fmt_cnt) {
257 case 1:
258 unsafe_addr = arg1;
259 arg1 = (long) buf;
260 break;
261 case 2:
262 unsafe_addr = arg2;
263 arg2 = (long) buf;
264 break;
265 case 3:
266 unsafe_addr = arg3;
267 arg3 = (long) buf;
268 break;
269 }
270 buf[0] = 0;
271 strncpy_from_unsafe(buf,
272 (void *) (long) unsafe_addr,
273 sizeof(buf));
274 }
275 continue;
276 }
277
278 if (fmt[i] == 'l') {
279 mod[fmt_cnt]++;
280 i++;
281 }
282
283 if (fmt[i] != 'i' && fmt[i] != 'd' &&
284 fmt[i] != 'u' && fmt[i] != 'x')
285 return -EINVAL;
286 fmt_cnt++;
287 }
288
289 /* Horrid workaround for getting va_list handling working with different
290 * argument type combinations generically for 32 and 64 bit archs.
291 */
292 #define __BPF_TP_EMIT() __BPF_ARG3_TP()
293 #define __BPF_TP(...) \
294 __trace_printk(0 /* Fake ip */, \
295 fmt, ##__VA_ARGS__)
296
297 #define __BPF_ARG1_TP(...) \
298 ((mod[0] == 2 || (mod[0] == 1 && __BITS_PER_LONG == 64)) \
299 ? __BPF_TP(arg1, ##__VA_ARGS__) \
300 : ((mod[0] == 1 || (mod[0] == 0 && __BITS_PER_LONG == 32)) \
301 ? __BPF_TP((long)arg1, ##__VA_ARGS__) \
302 : __BPF_TP((u32)arg1, ##__VA_ARGS__)))
303
304 #define __BPF_ARG2_TP(...) \
305 ((mod[1] == 2 || (mod[1] == 1 && __BITS_PER_LONG == 64)) \
306 ? __BPF_ARG1_TP(arg2, ##__VA_ARGS__) \
307 : ((mod[1] == 1 || (mod[1] == 0 && __BITS_PER_LONG == 32)) \
308 ? __BPF_ARG1_TP((long)arg2, ##__VA_ARGS__) \
309 : __BPF_ARG1_TP((u32)arg2, ##__VA_ARGS__)))
310
311 #define __BPF_ARG3_TP(...) \
312 ((mod[2] == 2 || (mod[2] == 1 && __BITS_PER_LONG == 64)) \
313 ? __BPF_ARG2_TP(arg3, ##__VA_ARGS__) \
314 : ((mod[2] == 1 || (mod[2] == 0 && __BITS_PER_LONG == 32)) \
315 ? __BPF_ARG2_TP((long)arg3, ##__VA_ARGS__) \
316 : __BPF_ARG2_TP((u32)arg3, ##__VA_ARGS__)))
317
318 return __BPF_TP_EMIT();
319 }
320
321 static const struct bpf_func_proto bpf_trace_printk_proto = {
322 .func = bpf_trace_printk,
323 .gpl_only = true,
324 .ret_type = RET_INTEGER,
325 .arg1_type = ARG_PTR_TO_MEM,
326 .arg2_type = ARG_CONST_SIZE,
327 };
328
329 const struct bpf_func_proto *bpf_get_trace_printk_proto(void)
330 {
331 /*
332 * this program might be calling bpf_trace_printk,
333 * so allocate per-cpu printk buffers
334 */
335 trace_printk_init_buffers();
336
337 return &bpf_trace_printk_proto;
338 }
339
340 static __always_inline int
341 get_map_perf_counter(struct bpf_map *map, u64 flags,
342 u64 *value, u64 *enabled, u64 *running)
343 {
344 struct bpf_array *array = container_of(map, struct bpf_array, map);
345 unsigned int cpu = smp_processor_id();
346 u64 index = flags & BPF_F_INDEX_MASK;
347 struct bpf_event_entry *ee;
348
349 if (unlikely(flags & ~(BPF_F_INDEX_MASK)))
350 return -EINVAL;
351 if (index == BPF_F_CURRENT_CPU)
352 index = cpu;
353 if (unlikely(index >= array->map.max_entries))
354 return -E2BIG;
355
356 ee = READ_ONCE(array->ptrs[index]);
357 if (!ee)
358 return -ENOENT;
359
360 return perf_event_read_local(ee->event, value, enabled, running);
361 }
362
363 BPF_CALL_2(bpf_perf_event_read, struct bpf_map *, map, u64, flags)
364 {
365 u64 value = 0;
366 int err;
367
368 err = get_map_perf_counter(map, flags, &value, NULL, NULL);
369 /*
370 * this api is ugly since we miss [-22..-2] range of valid
371 * counter values, but that's uapi
372 */
373 if (err)
374 return err;
375 return value;
376 }
377
378 static const struct bpf_func_proto bpf_perf_event_read_proto = {
379 .func = bpf_perf_event_read,
380 .gpl_only = true,
381 .ret_type = RET_INTEGER,
382 .arg1_type = ARG_CONST_MAP_PTR,
383 .arg2_type = ARG_ANYTHING,
384 };
385
386 BPF_CALL_4(bpf_perf_event_read_value, struct bpf_map *, map, u64, flags,
387 struct bpf_perf_event_value *, buf, u32, size)
388 {
389 int err = -EINVAL;
390
391 if (unlikely(size != sizeof(struct bpf_perf_event_value)))
392 goto clear;
393 err = get_map_perf_counter(map, flags, &buf->counter, &buf->enabled,
394 &buf->running);
395 if (unlikely(err))
396 goto clear;
397 return 0;
398 clear:
399 memset(buf, 0, size);
400 return err;
401 }
402
403 static const struct bpf_func_proto bpf_perf_event_read_value_proto = {
404 .func = bpf_perf_event_read_value,
405 .gpl_only = true,
406 .ret_type = RET_INTEGER,
407 .arg1_type = ARG_CONST_MAP_PTR,
408 .arg2_type = ARG_ANYTHING,
409 .arg3_type = ARG_PTR_TO_UNINIT_MEM,
410 .arg4_type = ARG_CONST_SIZE,
411 };
412
413 static __always_inline u64
414 __bpf_perf_event_output(struct pt_regs *regs, struct bpf_map *map,
415 u64 flags, struct perf_sample_data *sd)
416 {
417 struct bpf_array *array = container_of(map, struct bpf_array, map);
418 unsigned int cpu = smp_processor_id();
419 u64 index = flags & BPF_F_INDEX_MASK;
420 struct bpf_event_entry *ee;
421 struct perf_event *event;
422
423 if (index == BPF_F_CURRENT_CPU)
424 index = cpu;
425 if (unlikely(index >= array->map.max_entries))
426 return -E2BIG;
427
428 ee = READ_ONCE(array->ptrs[index]);
429 if (!ee)
430 return -ENOENT;
431
432 event = ee->event;
433 if (unlikely(event->attr.type != PERF_TYPE_SOFTWARE ||
434 event->attr.config != PERF_COUNT_SW_BPF_OUTPUT))
435 return -EINVAL;
436
437 if (unlikely(event->oncpu != cpu))
438 return -EOPNOTSUPP;
439
440 return perf_event_output(event, sd, regs);
441 }
442
443 /*
444 * Support executing tracepoints in normal, irq, and nmi context that each call
445 * bpf_perf_event_output
446 */
447 struct bpf_trace_sample_data {
448 struct perf_sample_data sds[3];
449 };
450
451 static DEFINE_PER_CPU(struct bpf_trace_sample_data, bpf_trace_sds);
452 static DEFINE_PER_CPU(int, bpf_trace_nest_level);
453 BPF_CALL_5(bpf_perf_event_output, struct pt_regs *, regs, struct bpf_map *, map,
454 u64, flags, void *, data, u64, size)
455 {
456 struct bpf_trace_sample_data *sds = this_cpu_ptr(&bpf_trace_sds);
457 int nest_level = this_cpu_inc_return(bpf_trace_nest_level);
458 struct perf_raw_record raw = {
459 .frag = {
460 .size = size,
461 .data = data,
462 },
463 };
464 struct perf_sample_data *sd;
465 int err;
466
467 if (WARN_ON_ONCE(nest_level > ARRAY_SIZE(sds->sds))) {
468 err = -EBUSY;
469 goto out;
470 }
471
472 sd = &sds->sds[nest_level - 1];
473
474 if (unlikely(flags & ~(BPF_F_INDEX_MASK))) {
475 err = -EINVAL;
476 goto out;
477 }
478
479 perf_sample_data_init(sd, 0, 0);
480 sd->raw = &raw;
481
482 err = __bpf_perf_event_output(regs, map, flags, sd);
483
484 out:
485 this_cpu_dec(bpf_trace_nest_level);
486 return err;
487 }
488
489 static const struct bpf_func_proto bpf_perf_event_output_proto = {
490 .func = bpf_perf_event_output,
491 .gpl_only = true,
492 .ret_type = RET_INTEGER,
493 .arg1_type = ARG_PTR_TO_CTX,
494 .arg2_type = ARG_CONST_MAP_PTR,
495 .arg3_type = ARG_ANYTHING,
496 .arg4_type = ARG_PTR_TO_MEM,
497 .arg5_type = ARG_CONST_SIZE_OR_ZERO,
498 };
499
500 static DEFINE_PER_CPU(struct pt_regs, bpf_pt_regs);
501 static DEFINE_PER_CPU(struct perf_sample_data, bpf_misc_sd);
502
503 u64 bpf_event_output(struct bpf_map *map, u64 flags, void *meta, u64 meta_size,
504 void *ctx, u64 ctx_size, bpf_ctx_copy_t ctx_copy)
505 {
506 struct perf_sample_data *sd = this_cpu_ptr(&bpf_misc_sd);
507 struct pt_regs *regs = this_cpu_ptr(&bpf_pt_regs);
508 struct perf_raw_frag frag = {
509 .copy = ctx_copy,
510 .size = ctx_size,
511 .data = ctx,
512 };
513 struct perf_raw_record raw = {
514 .frag = {
515 {
516 .next = ctx_size ? &frag : NULL,
517 },
518 .size = meta_size,
519 .data = meta,
520 },
521 };
522
523 perf_fetch_caller_regs(regs);
524 perf_sample_data_init(sd, 0, 0);
525 sd->raw = &raw;
526
527 return __bpf_perf_event_output(regs, map, flags, sd);
528 }
529
530 BPF_CALL_0(bpf_get_current_task)
531 {
532 return (long) current;
533 }
534
535 static const struct bpf_func_proto bpf_get_current_task_proto = {
536 .func = bpf_get_current_task,
537 .gpl_only = true,
538 .ret_type = RET_INTEGER,
539 };
540
541 BPF_CALL_2(bpf_current_task_under_cgroup, struct bpf_map *, map, u32, idx)
542 {
543 struct bpf_array *array = container_of(map, struct bpf_array, map);
544 struct cgroup *cgrp;
545
546 if (unlikely(idx >= array->map.max_entries))
547 return -E2BIG;
548
549 cgrp = READ_ONCE(array->ptrs[idx]);
550 if (unlikely(!cgrp))
551 return -EAGAIN;
552
553 return task_under_cgroup_hierarchy(current, cgrp);
554 }
555
556 static const struct bpf_func_proto bpf_current_task_under_cgroup_proto = {
557 .func = bpf_current_task_under_cgroup,
558 .gpl_only = false,
559 .ret_type = RET_INTEGER,
560 .arg1_type = ARG_CONST_MAP_PTR,
561 .arg2_type = ARG_ANYTHING,
562 };
563
564 BPF_CALL_3(bpf_probe_read_str, void *, dst, u32, size,
565 const void *, unsafe_ptr)
566 {
567 int ret;
568
569 /*
570 * The strncpy_from_unsafe() call will likely not fill the entire
571 * buffer, but that's okay in this circumstance as we're probing
572 * arbitrary memory anyway similar to bpf_probe_read() and might
573 * as well probe the stack. Thus, memory is explicitly cleared
574 * only in error case, so that improper users ignoring return
575 * code altogether don't copy garbage; otherwise length of string
576 * is returned that can be used for bpf_perf_event_output() et al.
577 */
578 ret = strncpy_from_unsafe(dst, unsafe_ptr, size);
579 if (unlikely(ret < 0))
580 memset(dst, 0, size);
581
582 return ret;
583 }
584
585 static const struct bpf_func_proto bpf_probe_read_str_proto = {
586 .func = bpf_probe_read_str,
587 .gpl_only = true,
588 .ret_type = RET_INTEGER,
589 .arg1_type = ARG_PTR_TO_UNINIT_MEM,
590 .arg2_type = ARG_CONST_SIZE_OR_ZERO,
591 .arg3_type = ARG_ANYTHING,
592 };
593
594 static const struct bpf_func_proto *
595 tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
596 {
597 switch (func_id) {
598 case BPF_FUNC_map_lookup_elem:
599 return &bpf_map_lookup_elem_proto;
600 case BPF_FUNC_map_update_elem:
601 return &bpf_map_update_elem_proto;
602 case BPF_FUNC_map_delete_elem:
603 return &bpf_map_delete_elem_proto;
604 case BPF_FUNC_map_push_elem:
605 return &bpf_map_push_elem_proto;
606 case BPF_FUNC_map_pop_elem:
607 return &bpf_map_pop_elem_proto;
608 case BPF_FUNC_map_peek_elem:
609 return &bpf_map_peek_elem_proto;
610 case BPF_FUNC_probe_read:
611 return &bpf_probe_read_proto;
612 case BPF_FUNC_ktime_get_ns:
613 return &bpf_ktime_get_ns_proto;
614 case BPF_FUNC_tail_call:
615 return &bpf_tail_call_proto;
616 case BPF_FUNC_get_current_pid_tgid:
617 return &bpf_get_current_pid_tgid_proto;
618 case BPF_FUNC_get_current_task:
619 return &bpf_get_current_task_proto;
620 case BPF_FUNC_get_current_uid_gid:
621 return &bpf_get_current_uid_gid_proto;
622 case BPF_FUNC_get_current_comm:
623 return &bpf_get_current_comm_proto;
624 case BPF_FUNC_trace_printk:
625 return bpf_get_trace_printk_proto();
626 case BPF_FUNC_get_smp_processor_id:
627 return &bpf_get_smp_processor_id_proto;
628 case BPF_FUNC_get_numa_node_id:
629 return &bpf_get_numa_node_id_proto;
630 case BPF_FUNC_perf_event_read:
631 return &bpf_perf_event_read_proto;
632 case BPF_FUNC_probe_write_user:
633 return bpf_get_probe_write_proto();
634 case BPF_FUNC_current_task_under_cgroup:
635 return &bpf_current_task_under_cgroup_proto;
636 case BPF_FUNC_get_prandom_u32:
637 return &bpf_get_prandom_u32_proto;
638 case BPF_FUNC_probe_read_str:
639 return &bpf_probe_read_str_proto;
640 #ifdef CONFIG_CGROUPS
641 case BPF_FUNC_get_current_cgroup_id:
642 return &bpf_get_current_cgroup_id_proto;
643 #endif
644 default:
645 return NULL;
646 }
647 }
648
649 static const struct bpf_func_proto *
650 kprobe_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
651 {
652 switch (func_id) {
653 case BPF_FUNC_perf_event_output:
654 return &bpf_perf_event_output_proto;
655 case BPF_FUNC_get_stackid:
656 return &bpf_get_stackid_proto;
657 case BPF_FUNC_get_stack:
658 return &bpf_get_stack_proto;
659 case BPF_FUNC_perf_event_read_value:
660 return &bpf_perf_event_read_value_proto;
661 #ifdef CONFIG_BPF_KPROBE_OVERRIDE
662 case BPF_FUNC_override_return:
663 return &bpf_override_return_proto;
664 #endif
665 default:
666 return tracing_func_proto(func_id, prog);
667 }
668 }
669
670 /* bpf+kprobe programs can access fields of 'struct pt_regs' */
671 static bool kprobe_prog_is_valid_access(int off, int size, enum bpf_access_type type,
672 const struct bpf_prog *prog,
673 struct bpf_insn_access_aux *info)
674 {
675 if (off < 0 || off >= sizeof(struct pt_regs))
676 return false;
677 if (type != BPF_READ)
678 return false;
679 if (off % size != 0)
680 return false;
681 /*
682 * Assertion for 32 bit to make sure last 8 byte access
683 * (BPF_DW) to the last 4 byte member is disallowed.
684 */
685 if (off + size > sizeof(struct pt_regs))
686 return false;
687
688 return true;
689 }
690
691 const struct bpf_verifier_ops kprobe_verifier_ops = {
692 .get_func_proto = kprobe_prog_func_proto,
693 .is_valid_access = kprobe_prog_is_valid_access,
694 };
695
696 const struct bpf_prog_ops kprobe_prog_ops = {
697 };
698
699 BPF_CALL_5(bpf_perf_event_output_tp, void *, tp_buff, struct bpf_map *, map,
700 u64, flags, void *, data, u64, size)
701 {
702 struct pt_regs *regs = *(struct pt_regs **)tp_buff;
703
704 /*
705 * r1 points to perf tracepoint buffer where first 8 bytes are hidden
706 * from bpf program and contain a pointer to 'struct pt_regs'. Fetch it
707 * from there and call the same bpf_perf_event_output() helper inline.
708 */
709 return ____bpf_perf_event_output(regs, map, flags, data, size);
710 }
711
712 static const struct bpf_func_proto bpf_perf_event_output_proto_tp = {
713 .func = bpf_perf_event_output_tp,
714 .gpl_only = true,
715 .ret_type = RET_INTEGER,
716 .arg1_type = ARG_PTR_TO_CTX,
717 .arg2_type = ARG_CONST_MAP_PTR,
718 .arg3_type = ARG_ANYTHING,
719 .arg4_type = ARG_PTR_TO_MEM,
720 .arg5_type = ARG_CONST_SIZE_OR_ZERO,
721 };
722
723 BPF_CALL_3(bpf_get_stackid_tp, void *, tp_buff, struct bpf_map *, map,
724 u64, flags)
725 {
726 struct pt_regs *regs = *(struct pt_regs **)tp_buff;
727
728 /*
729 * Same comment as in bpf_perf_event_output_tp(), only that this time
730 * the other helper's function body cannot be inlined due to being
731 * external, thus we need to call raw helper function.
732 */
733 return bpf_get_stackid((unsigned long) regs, (unsigned long) map,
734 flags, 0, 0);
735 }
736
737 static const struct bpf_func_proto bpf_get_stackid_proto_tp = {
738 .func = bpf_get_stackid_tp,
739 .gpl_only = true,
740 .ret_type = RET_INTEGER,
741 .arg1_type = ARG_PTR_TO_CTX,
742 .arg2_type = ARG_CONST_MAP_PTR,
743 .arg3_type = ARG_ANYTHING,
744 };
745
746 BPF_CALL_4(bpf_get_stack_tp, void *, tp_buff, void *, buf, u32, size,
747 u64, flags)
748 {
749 struct pt_regs *regs = *(struct pt_regs **)tp_buff;
750
751 return bpf_get_stack((unsigned long) regs, (unsigned long) buf,
752 (unsigned long) size, flags, 0);
753 }
754
755 static const struct bpf_func_proto bpf_get_stack_proto_tp = {
756 .func = bpf_get_stack_tp,
757 .gpl_only = true,
758 .ret_type = RET_INTEGER,
759 .arg1_type = ARG_PTR_TO_CTX,
760 .arg2_type = ARG_PTR_TO_UNINIT_MEM,
761 .arg3_type = ARG_CONST_SIZE_OR_ZERO,
762 .arg4_type = ARG_ANYTHING,
763 };
764
765 static const struct bpf_func_proto *
766 tp_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
767 {
768 switch (func_id) {
769 case BPF_FUNC_perf_event_output:
770 return &bpf_perf_event_output_proto_tp;
771 case BPF_FUNC_get_stackid:
772 return &bpf_get_stackid_proto_tp;
773 case BPF_FUNC_get_stack:
774 return &bpf_get_stack_proto_tp;
775 default:
776 return tracing_func_proto(func_id, prog);
777 }
778 }
779
780 static bool tp_prog_is_valid_access(int off, int size, enum bpf_access_type type,
781 const struct bpf_prog *prog,
782 struct bpf_insn_access_aux *info)
783 {
784 if (off < sizeof(void *) || off >= PERF_MAX_TRACE_SIZE)
785 return false;
786 if (type != BPF_READ)
787 return false;
788 if (off % size != 0)
789 return false;
790
791 BUILD_BUG_ON(PERF_MAX_TRACE_SIZE % sizeof(__u64));
792 return true;
793 }
794
795 const struct bpf_verifier_ops tracepoint_verifier_ops = {
796 .get_func_proto = tp_prog_func_proto,
797 .is_valid_access = tp_prog_is_valid_access,
798 };
799
800 const struct bpf_prog_ops tracepoint_prog_ops = {
801 };
802
803 BPF_CALL_3(bpf_perf_prog_read_value, struct bpf_perf_event_data_kern *, ctx,
804 struct bpf_perf_event_value *, buf, u32, size)
805 {
806 int err = -EINVAL;
807
808 if (unlikely(size != sizeof(struct bpf_perf_event_value)))
809 goto clear;
810 err = perf_event_read_local(ctx->event, &buf->counter, &buf->enabled,
811 &buf->running);
812 if (unlikely(err))
813 goto clear;
814 return 0;
815 clear:
816 memset(buf, 0, size);
817 return err;
818 }
819
820 static const struct bpf_func_proto bpf_perf_prog_read_value_proto = {
821 .func = bpf_perf_prog_read_value,
822 .gpl_only = true,
823 .ret_type = RET_INTEGER,
824 .arg1_type = ARG_PTR_TO_CTX,
825 .arg2_type = ARG_PTR_TO_UNINIT_MEM,
826 .arg3_type = ARG_CONST_SIZE,
827 };
828
829 static const struct bpf_func_proto *
830 pe_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
831 {
832 switch (func_id) {
833 case BPF_FUNC_perf_event_output:
834 return &bpf_perf_event_output_proto_tp;
835 case BPF_FUNC_get_stackid:
836 return &bpf_get_stackid_proto_tp;
837 case BPF_FUNC_get_stack:
838 return &bpf_get_stack_proto_tp;
839 case BPF_FUNC_perf_prog_read_value:
840 return &bpf_perf_prog_read_value_proto;
841 default:
842 return tracing_func_proto(func_id, prog);
843 }
844 }
845
846 /*
847 * bpf_raw_tp_regs are separate from bpf_pt_regs used from skb/xdp
848 * to avoid potential recursive reuse issue when/if tracepoints are added
849 * inside bpf_*_event_output, bpf_get_stackid and/or bpf_get_stack.
850 *
851 * Since raw tracepoints run despite bpf_prog_active, support concurrent usage
852 * in normal, irq, and nmi context.
853 */
854 struct bpf_raw_tp_regs {
855 struct pt_regs regs[3];
856 };
857 static DEFINE_PER_CPU(struct bpf_raw_tp_regs, bpf_raw_tp_regs);
858 static DEFINE_PER_CPU(int, bpf_raw_tp_nest_level);
859 static struct pt_regs *get_bpf_raw_tp_regs(void)
860 {
861 struct bpf_raw_tp_regs *tp_regs = this_cpu_ptr(&bpf_raw_tp_regs);
862 int nest_level = this_cpu_inc_return(bpf_raw_tp_nest_level);
863
864 if (WARN_ON_ONCE(nest_level > ARRAY_SIZE(tp_regs->regs))) {
865 this_cpu_dec(bpf_raw_tp_nest_level);
866 return ERR_PTR(-EBUSY);
867 }
868
869 return &tp_regs->regs[nest_level - 1];
870 }
871
872 static void put_bpf_raw_tp_regs(void)
873 {
874 this_cpu_dec(bpf_raw_tp_nest_level);
875 }
876
877 BPF_CALL_5(bpf_perf_event_output_raw_tp, struct bpf_raw_tracepoint_args *, args,
878 struct bpf_map *, map, u64, flags, void *, data, u64, size)
879 {
880 struct pt_regs *regs = get_bpf_raw_tp_regs();
881 int ret;
882
883 if (IS_ERR(regs))
884 return PTR_ERR(regs);
885
886 perf_fetch_caller_regs(regs);
887 ret = ____bpf_perf_event_output(regs, map, flags, data, size);
888
889 put_bpf_raw_tp_regs();
890 return ret;
891 }
892
893 static const struct bpf_func_proto bpf_perf_event_output_proto_raw_tp = {
894 .func = bpf_perf_event_output_raw_tp,
895 .gpl_only = true,
896 .ret_type = RET_INTEGER,
897 .arg1_type = ARG_PTR_TO_CTX,
898 .arg2_type = ARG_CONST_MAP_PTR,
899 .arg3_type = ARG_ANYTHING,
900 .arg4_type = ARG_PTR_TO_MEM,
901 .arg5_type = ARG_CONST_SIZE_OR_ZERO,
902 };
903
904 BPF_CALL_3(bpf_get_stackid_raw_tp, struct bpf_raw_tracepoint_args *, args,
905 struct bpf_map *, map, u64, flags)
906 {
907 struct pt_regs *regs = get_bpf_raw_tp_regs();
908 int ret;
909
910 if (IS_ERR(regs))
911 return PTR_ERR(regs);
912
913 perf_fetch_caller_regs(regs);
914 /* similar to bpf_perf_event_output_tp, but pt_regs fetched differently */
915 ret = bpf_get_stackid((unsigned long) regs, (unsigned long) map,
916 flags, 0, 0);
917 put_bpf_raw_tp_regs();
918 return ret;
919 }
920
921 static const struct bpf_func_proto bpf_get_stackid_proto_raw_tp = {
922 .func = bpf_get_stackid_raw_tp,
923 .gpl_only = true,
924 .ret_type = RET_INTEGER,
925 .arg1_type = ARG_PTR_TO_CTX,
926 .arg2_type = ARG_CONST_MAP_PTR,
927 .arg3_type = ARG_ANYTHING,
928 };
929
930 BPF_CALL_4(bpf_get_stack_raw_tp, struct bpf_raw_tracepoint_args *, args,
931 void *, buf, u32, size, u64, flags)
932 {
933 struct pt_regs *regs = get_bpf_raw_tp_regs();
934 int ret;
935
936 if (IS_ERR(regs))
937 return PTR_ERR(regs);
938
939 perf_fetch_caller_regs(regs);
940 ret = bpf_get_stack((unsigned long) regs, (unsigned long) buf,
941 (unsigned long) size, flags, 0);
942 put_bpf_raw_tp_regs();
943 return ret;
944 }
945
946 static const struct bpf_func_proto bpf_get_stack_proto_raw_tp = {
947 .func = bpf_get_stack_raw_tp,
948 .gpl_only = true,
949 .ret_type = RET_INTEGER,
950 .arg1_type = ARG_PTR_TO_CTX,
951 .arg2_type = ARG_PTR_TO_MEM,
952 .arg3_type = ARG_CONST_SIZE_OR_ZERO,
953 .arg4_type = ARG_ANYTHING,
954 };
955
956 static const struct bpf_func_proto *
957 raw_tp_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
958 {
959 switch (func_id) {
960 case BPF_FUNC_perf_event_output:
961 return &bpf_perf_event_output_proto_raw_tp;
962 case BPF_FUNC_get_stackid:
963 return &bpf_get_stackid_proto_raw_tp;
964 case BPF_FUNC_get_stack:
965 return &bpf_get_stack_proto_raw_tp;
966 default:
967 return tracing_func_proto(func_id, prog);
968 }
969 }
970
971 static bool raw_tp_prog_is_valid_access(int off, int size,
972 enum bpf_access_type type,
973 const struct bpf_prog *prog,
974 struct bpf_insn_access_aux *info)
975 {
976 /* largest tracepoint in the kernel has 12 args */
977 if (off < 0 || off >= sizeof(__u64) * 12)
978 return false;
979 if (type != BPF_READ)
980 return false;
981 if (off % size != 0)
982 return false;
983 return true;
984 }
985
986 const struct bpf_verifier_ops raw_tracepoint_verifier_ops = {
987 .get_func_proto = raw_tp_prog_func_proto,
988 .is_valid_access = raw_tp_prog_is_valid_access,
989 };
990
991 const struct bpf_prog_ops raw_tracepoint_prog_ops = {
992 };
993
994 static bool raw_tp_writable_prog_is_valid_access(int off, int size,
995 enum bpf_access_type type,
996 const struct bpf_prog *prog,
997 struct bpf_insn_access_aux *info)
998 {
999 if (off == 0) {
1000 if (size != sizeof(u64) || type != BPF_READ)
1001 return false;
1002 info->reg_type = PTR_TO_TP_BUFFER;
1003 }
1004 return raw_tp_prog_is_valid_access(off, size, type, prog, info);
1005 }
1006
1007 const struct bpf_verifier_ops raw_tracepoint_writable_verifier_ops = {
1008 .get_func_proto = raw_tp_prog_func_proto,
1009 .is_valid_access = raw_tp_writable_prog_is_valid_access,
1010 };
1011
1012 const struct bpf_prog_ops raw_tracepoint_writable_prog_ops = {
1013 };
1014
1015 static bool pe_prog_is_valid_access(int off, int size, enum bpf_access_type type,
1016 const struct bpf_prog *prog,
1017 struct bpf_insn_access_aux *info)
1018 {
1019 const int size_u64 = sizeof(u64);
1020
1021 if (off < 0 || off >= sizeof(struct bpf_perf_event_data))
1022 return false;
1023 if (type != BPF_READ)
1024 return false;
1025 if (off % size != 0) {
1026 if (sizeof(unsigned long) != 4)
1027 return false;
1028 if (size != 8)
1029 return false;
1030 if (off % size != 4)
1031 return false;
1032 }
1033
1034 switch (off) {
1035 case bpf_ctx_range(struct bpf_perf_event_data, sample_period):
1036 bpf_ctx_record_field_size(info, size_u64);
1037 if (!bpf_ctx_narrow_access_ok(off, size, size_u64))
1038 return false;
1039 break;
1040 case bpf_ctx_range(struct bpf_perf_event_data, addr):
1041 bpf_ctx_record_field_size(info, size_u64);
1042 if (!bpf_ctx_narrow_access_ok(off, size, size_u64))
1043 return false;
1044 break;
1045 default:
1046 if (size != sizeof(long))
1047 return false;
1048 }
1049
1050 return true;
1051 }
1052
1053 static u32 pe_prog_convert_ctx_access(enum bpf_access_type type,
1054 const struct bpf_insn *si,
1055 struct bpf_insn *insn_buf,
1056 struct bpf_prog *prog, u32 *target_size)
1057 {
1058 struct bpf_insn *insn = insn_buf;
1059
1060 switch (si->off) {
1061 case offsetof(struct bpf_perf_event_data, sample_period):
1062 *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_perf_event_data_kern,
1063 data), si->dst_reg, si->src_reg,
1064 offsetof(struct bpf_perf_event_data_kern, data));
1065 *insn++ = BPF_LDX_MEM(BPF_DW, si->dst_reg, si->dst_reg,
1066 bpf_target_off(struct perf_sample_data, period, 8,
1067 target_size));
1068 break;
1069 case offsetof(struct bpf_perf_event_data, addr):
1070 *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_perf_event_data_kern,
1071 data), si->dst_reg, si->src_reg,
1072 offsetof(struct bpf_perf_event_data_kern, data));
1073 *insn++ = BPF_LDX_MEM(BPF_DW, si->dst_reg, si->dst_reg,
1074 bpf_target_off(struct perf_sample_data, addr, 8,
1075 target_size));
1076 break;
1077 default:
1078 *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_perf_event_data_kern,
1079 regs), si->dst_reg, si->src_reg,
1080 offsetof(struct bpf_perf_event_data_kern, regs));
1081 *insn++ = BPF_LDX_MEM(BPF_SIZEOF(long), si->dst_reg, si->dst_reg,
1082 si->off);
1083 break;
1084 }
1085
1086 return insn - insn_buf;
1087 }
1088
1089 const struct bpf_verifier_ops perf_event_verifier_ops = {
1090 .get_func_proto = pe_prog_func_proto,
1091 .is_valid_access = pe_prog_is_valid_access,
1092 .convert_ctx_access = pe_prog_convert_ctx_access,
1093 };
1094
1095 const struct bpf_prog_ops perf_event_prog_ops = {
1096 };
1097
1098 static DEFINE_MUTEX(bpf_event_mutex);
1099
1100 #define BPF_TRACE_MAX_PROGS 64
1101
1102 int perf_event_attach_bpf_prog(struct perf_event *event,
1103 struct bpf_prog *prog)
1104 {
1105 struct bpf_prog_array __rcu *old_array;
1106 struct bpf_prog_array *new_array;
1107 int ret = -EEXIST;
1108
1109 /*
1110 * Kprobe override only works if they are on the function entry,
1111 * and only if they are on the opt-in list.
1112 */
1113 if (prog->kprobe_override &&
1114 (!trace_kprobe_on_func_entry(event->tp_event) ||
1115 !trace_kprobe_error_injectable(event->tp_event)))
1116 return -EINVAL;
1117
1118 mutex_lock(&bpf_event_mutex);
1119
1120 if (event->prog)
1121 goto unlock;
1122
1123 old_array = event->tp_event->prog_array;
1124 if (old_array &&
1125 bpf_prog_array_length(old_array) >= BPF_TRACE_MAX_PROGS) {
1126 ret = -E2BIG;
1127 goto unlock;
1128 }
1129
1130 ret = bpf_prog_array_copy(old_array, NULL, prog, &new_array);
1131 if (ret < 0)
1132 goto unlock;
1133
1134 /* set the new array to event->tp_event and set event->prog */
1135 event->prog = prog;
1136 rcu_assign_pointer(event->tp_event->prog_array, new_array);
1137 bpf_prog_array_free(old_array);
1138
1139 unlock:
1140 mutex_unlock(&bpf_event_mutex);
1141 return ret;
1142 }
1143
1144 void perf_event_detach_bpf_prog(struct perf_event *event)
1145 {
1146 struct bpf_prog_array __rcu *old_array;
1147 struct bpf_prog_array *new_array;
1148 int ret;
1149
1150 mutex_lock(&bpf_event_mutex);
1151
1152 if (!event->prog)
1153 goto unlock;
1154
1155 old_array = event->tp_event->prog_array;
1156 ret = bpf_prog_array_copy(old_array, event->prog, NULL, &new_array);
1157 if (ret == -ENOENT)
1158 goto unlock;
1159 if (ret < 0) {
1160 bpf_prog_array_delete_safe(old_array, event->prog);
1161 } else {
1162 rcu_assign_pointer(event->tp_event->prog_array, new_array);
1163 bpf_prog_array_free(old_array);
1164 }
1165
1166 bpf_prog_put(event->prog);
1167 event->prog = NULL;
1168
1169 unlock:
1170 mutex_unlock(&bpf_event_mutex);
1171 }
1172
1173 int perf_event_query_prog_array(struct perf_event *event, void __user *info)
1174 {
1175 struct perf_event_query_bpf __user *uquery = info;
1176 struct perf_event_query_bpf query = {};
1177 u32 *ids, prog_cnt, ids_len;
1178 int ret;
1179
1180 if (!capable(CAP_SYS_ADMIN))
1181 return -EPERM;
1182 if (event->attr.type != PERF_TYPE_TRACEPOINT)
1183 return -EINVAL;
1184 if (copy_from_user(&query, uquery, sizeof(query)))
1185 return -EFAULT;
1186
1187 ids_len = query.ids_len;
1188 if (ids_len > BPF_TRACE_MAX_PROGS)
1189 return -E2BIG;
1190 ids = kcalloc(ids_len, sizeof(u32), GFP_USER | __GFP_NOWARN);
1191 if (!ids)
1192 return -ENOMEM;
1193 /*
1194 * The above kcalloc returns ZERO_SIZE_PTR when ids_len = 0, which
1195 * is required when user only wants to check for uquery->prog_cnt.
1196 * There is no need to check for it since the case is handled
1197 * gracefully in bpf_prog_array_copy_info.
1198 */
1199
1200 mutex_lock(&bpf_event_mutex);
1201 ret = bpf_prog_array_copy_info(event->tp_event->prog_array,
1202 ids,
1203 ids_len,
1204 &prog_cnt);
1205 mutex_unlock(&bpf_event_mutex);
1206
1207 if (copy_to_user(&uquery->prog_cnt, &prog_cnt, sizeof(prog_cnt)) ||
1208 copy_to_user(uquery->ids, ids, ids_len * sizeof(u32)))
1209 ret = -EFAULT;
1210
1211 kfree(ids);
1212 return ret;
1213 }
1214
1215 extern struct bpf_raw_event_map __start__bpf_raw_tp[];
1216 extern struct bpf_raw_event_map __stop__bpf_raw_tp[];
1217
1218 struct bpf_raw_event_map *bpf_get_raw_tracepoint(const char *name)
1219 {
1220 struct bpf_raw_event_map *btp = __start__bpf_raw_tp;
1221
1222 for (; btp < __stop__bpf_raw_tp; btp++) {
1223 if (!strcmp(btp->tp->name, name))
1224 return btp;
1225 }
1226
1227 return bpf_get_raw_tracepoint_module(name);
1228 }
1229
1230 void bpf_put_raw_tracepoint(struct bpf_raw_event_map *btp)
1231 {
1232 struct module *mod = __module_address((unsigned long)btp);
1233
1234 if (mod)
1235 module_put(mod);
1236 }
1237
1238 static __always_inline
1239 void __bpf_trace_run(struct bpf_prog *prog, u64 *args)
1240 {
1241 rcu_read_lock();
1242 preempt_disable();
1243 (void) BPF_PROG_RUN(prog, args);
1244 preempt_enable();
1245 rcu_read_unlock();
1246 }
1247
1248 #define UNPACK(...) __VA_ARGS__
1249 #define REPEAT_1(FN, DL, X, ...) FN(X)
1250 #define REPEAT_2(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_1(FN, DL, __VA_ARGS__)
1251 #define REPEAT_3(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_2(FN, DL, __VA_ARGS__)
1252 #define REPEAT_4(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_3(FN, DL, __VA_ARGS__)
1253 #define REPEAT_5(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_4(FN, DL, __VA_ARGS__)
1254 #define REPEAT_6(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_5(FN, DL, __VA_ARGS__)
1255 #define REPEAT_7(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_6(FN, DL, __VA_ARGS__)
1256 #define REPEAT_8(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_7(FN, DL, __VA_ARGS__)
1257 #define REPEAT_9(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_8(FN, DL, __VA_ARGS__)
1258 #define REPEAT_10(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_9(FN, DL, __VA_ARGS__)
1259 #define REPEAT_11(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_10(FN, DL, __VA_ARGS__)
1260 #define REPEAT_12(FN, DL, X, ...) FN(X) UNPACK DL REPEAT_11(FN, DL, __VA_ARGS__)
1261 #define REPEAT(X, FN, DL, ...) REPEAT_##X(FN, DL, __VA_ARGS__)
1262
1263 #define SARG(X) u64 arg##X
1264 #define COPY(X) args[X] = arg##X
1265
1266 #define __DL_COM (,)
1267 #define __DL_SEM (;)
1268
1269 #define __SEQ_0_11 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
1270
1271 #define BPF_TRACE_DEFN_x(x) \
1272 void bpf_trace_run##x(struct bpf_prog *prog, \
1273 REPEAT(x, SARG, __DL_COM, __SEQ_0_11)) \
1274 { \
1275 u64 args[x]; \
1276 REPEAT(x, COPY, __DL_SEM, __SEQ_0_11); \
1277 __bpf_trace_run(prog, args); \
1278 } \
1279 EXPORT_SYMBOL_GPL(bpf_trace_run##x)
1280 BPF_TRACE_DEFN_x(1);
1281 BPF_TRACE_DEFN_x(2);
1282 BPF_TRACE_DEFN_x(3);
1283 BPF_TRACE_DEFN_x(4);
1284 BPF_TRACE_DEFN_x(5);
1285 BPF_TRACE_DEFN_x(6);
1286 BPF_TRACE_DEFN_x(7);
1287 BPF_TRACE_DEFN_x(8);
1288 BPF_TRACE_DEFN_x(9);
1289 BPF_TRACE_DEFN_x(10);
1290 BPF_TRACE_DEFN_x(11);
1291 BPF_TRACE_DEFN_x(12);
1292
1293 static int __bpf_probe_register(struct bpf_raw_event_map *btp, struct bpf_prog *prog)
1294 {
1295 struct tracepoint *tp = btp->tp;
1296
1297 /*
1298 * check that program doesn't access arguments beyond what's
1299 * available in this tracepoint
1300 */
1301 if (prog->aux->max_ctx_offset > btp->num_args * sizeof(u64))
1302 return -EINVAL;
1303
1304 if (prog->aux->max_tp_access > btp->writable_size)
1305 return -EINVAL;
1306
1307 return tracepoint_probe_register(tp, (void *)btp->bpf_func, prog);
1308 }
1309
1310 int bpf_probe_register(struct bpf_raw_event_map *btp, struct bpf_prog *prog)
1311 {
1312 return __bpf_probe_register(btp, prog);
1313 }
1314
1315 int bpf_probe_unregister(struct bpf_raw_event_map *btp, struct bpf_prog *prog)
1316 {
1317 return tracepoint_probe_unregister(btp->tp, (void *)btp->bpf_func, prog);
1318 }
1319
1320 int bpf_get_perf_event_info(const struct perf_event *event, u32 *prog_id,
1321 u32 *fd_type, const char **buf,
1322 u64 *probe_offset, u64 *probe_addr)
1323 {
1324 bool is_tracepoint, is_syscall_tp;
1325 struct bpf_prog *prog;
1326 int flags, err = 0;
1327
1328 prog = event->prog;
1329 if (!prog)
1330 return -ENOENT;
1331
1332 /* not supporting BPF_PROG_TYPE_PERF_EVENT yet */
1333 if (prog->type == BPF_PROG_TYPE_PERF_EVENT)
1334 return -EOPNOTSUPP;
1335
1336 *prog_id = prog->aux->id;
1337 flags = event->tp_event->flags;
1338 is_tracepoint = flags & TRACE_EVENT_FL_TRACEPOINT;
1339 is_syscall_tp = is_syscall_trace_event(event->tp_event);
1340
1341 if (is_tracepoint || is_syscall_tp) {
1342 *buf = is_tracepoint ? event->tp_event->tp->name
1343 : event->tp_event->name;
1344 *fd_type = BPF_FD_TYPE_TRACEPOINT;
1345 *probe_offset = 0x0;
1346 *probe_addr = 0x0;
1347 } else {
1348 /* kprobe/uprobe */
1349 err = -EOPNOTSUPP;
1350 #ifdef CONFIG_KPROBE_EVENTS
1351 if (flags & TRACE_EVENT_FL_KPROBE)
1352 err = bpf_get_kprobe_info(event, fd_type, buf,
1353 probe_offset, probe_addr,
1354 event->attr.type == PERF_TYPE_TRACEPOINT);
1355 #endif
1356 #ifdef CONFIG_UPROBE_EVENTS
1357 if (flags & TRACE_EVENT_FL_UPROBE)
1358 err = bpf_get_uprobe_info(event, fd_type, buf,
1359 probe_offset,
1360 event->attr.type == PERF_TYPE_TRACEPOINT);
1361 #endif
1362 }
1363
1364 return err;
1365 }
1366
1367 #ifdef CONFIG_MODULES
1368 static int bpf_event_notify(struct notifier_block *nb, unsigned long op,
1369 void *module)
1370 {
1371 struct bpf_trace_module *btm, *tmp;
1372 struct module *mod = module;
1373
1374 if (mod->num_bpf_raw_events == 0 ||
1375 (op != MODULE_STATE_COMING && op != MODULE_STATE_GOING))
1376 return 0;
1377
1378 mutex_lock(&bpf_module_mutex);
1379
1380 switch (op) {
1381 case MODULE_STATE_COMING:
1382 btm = kzalloc(sizeof(*btm), GFP_KERNEL);
1383 if (btm) {
1384 btm->module = module;
1385 list_add(&btm->list, &bpf_trace_modules);
1386 }
1387 break;
1388 case MODULE_STATE_GOING:
1389 list_for_each_entry_safe(btm, tmp, &bpf_trace_modules, list) {
1390 if (btm->module == module) {
1391 list_del(&btm->list);
1392 kfree(btm);
1393 break;
1394 }
1395 }
1396 break;
1397 }
1398
1399 mutex_unlock(&bpf_module_mutex);
1400
1401 return 0;
1402 }
1403
1404 static struct notifier_block bpf_module_nb = {
1405 .notifier_call = bpf_event_notify,
1406 };
1407
1408 static int __init bpf_event_init(void)
1409 {
1410 register_module_notifier(&bpf_module_nb);
1411 return 0;
1412 }
1413
1414 fs_initcall(bpf_event_init);
1415 #endif /* CONFIG_MODULES */
Linux with added FPC-III support