1 // SPDX-License-Identifier: GPL-2.0 2 3 #include <stdio.h> 4 #include <stdlib.h> 5 #include <signal.h> 6 #include <unistd.h> 7 #include <stdbool.h> 8 #include <string.h> 9 #include <stdint.h> 10 #include <fcntl.h> 11 #include <linux/bpf.h> 12 #include <sys/ioctl.h> 13 #include <sys/resource.h> 14 #include <sys/types.h> 15 #include <sys/stat.h> 16 17 #include "libbpf.h" 18 #include "bpf_load.h" 19 #include "bpf_util.h" 20 #include "perf-sys.h" 21 #include "trace_helpers.h" 22 23 #define CHECK_PERROR_RET(condition) ({ \ 24 int __ret = !!(condition); \ 25 if (__ret) { \ 26 printf("FAIL: %s:\n", __func__); \ 27 perror(" "); \ 28 return -1; \ 29 } \ 30 }) 31 32 #define CHECK_AND_RET(condition) ({ \ 33 int __ret = !!(condition); \ 34 if (__ret) \ 35 return -1; \ 36 }) 37 38 static __u64 ptr_to_u64(void *ptr) 39 { 40 return (__u64) (unsigned long) ptr; 41 } 42 43 #define PMU_TYPE_FILE "/sys/bus/event_source/devices/%s/type" 44 static int bpf_find_probe_type(const char *event_type) 45 { 46 char buf[256]; 47 int fd, ret; 48 49 ret = snprintf(buf, sizeof(buf), PMU_TYPE_FILE, event_type); 50 CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf)); 51 52 fd = open(buf, O_RDONLY); 53 CHECK_PERROR_RET(fd < 0); 54 55 ret = read(fd, buf, sizeof(buf)); 56 close(fd); 57 CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf)); 58 59 errno = 0; 60 ret = (int)strtol(buf, NULL, 10); 61 CHECK_PERROR_RET(errno); 62 return ret; 63 } 64 65 #define PMU_RETPROBE_FILE "/sys/bus/event_source/devices/%s/format/retprobe" 66 static int bpf_get_retprobe_bit(const char *event_type) 67 { 68 char buf[256]; 69 int fd, ret; 70 71 ret = snprintf(buf, sizeof(buf), PMU_RETPROBE_FILE, event_type); 72 CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf)); 73 74 fd = open(buf, O_RDONLY); 75 CHECK_PERROR_RET(fd < 0); 76 77 ret = read(fd, buf, sizeof(buf)); 78 close(fd); 79 CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf)); 80 CHECK_PERROR_RET(strlen(buf) < strlen("config:")); 81 82 errno = 0; 83 ret = (int)strtol(buf + strlen("config:"), NULL, 10); 84 CHECK_PERROR_RET(errno); 85 return ret; 86 } 87 88 static int test_debug_fs_kprobe(int prog_fd_idx, const char *fn_name, 89 __u32 expected_fd_type) 90 { 91 __u64 probe_offset, probe_addr; 92 __u32 len, prog_id, fd_type; 93 char buf[256]; 94 int err; 95 96 len = sizeof(buf); 97 err = bpf_task_fd_query(getpid(), event_fd[prog_fd_idx], 0, buf, &len, 98 &prog_id, &fd_type, &probe_offset, 99 &probe_addr); 100 if (err < 0) { 101 printf("FAIL: %s, for event_fd idx %d, fn_name %s\n", 102 __func__, prog_fd_idx, fn_name); 103 perror(" :"); 104 return -1; 105 } 106 if (strcmp(buf, fn_name) != 0 || 107 fd_type != expected_fd_type || 108 probe_offset != 0x0 || probe_addr != 0x0) { 109 printf("FAIL: bpf_trace_event_query(event_fd[%d]):\n", 110 prog_fd_idx); 111 printf("buf: %s, fd_type: %u, probe_offset: 0x%llx," 112 " probe_addr: 0x%llx\n", 113 buf, fd_type, probe_offset, probe_addr); 114 return -1; 115 } 116 return 0; 117 } 118 119 static int test_nondebug_fs_kuprobe_common(const char *event_type, 120 const char *name, __u64 offset, __u64 addr, bool is_return, 121 char *buf, __u32 *buf_len, __u32 *prog_id, __u32 *fd_type, 122 __u64 *probe_offset, __u64 *probe_addr) 123 { 124 int is_return_bit = bpf_get_retprobe_bit(event_type); 125 int type = bpf_find_probe_type(event_type); 126 struct perf_event_attr attr = {}; 127 int fd; 128 129 if (type < 0 || is_return_bit < 0) { 130 printf("FAIL: %s incorrect type (%d) or is_return_bit (%d)\n", 131 __func__, type, is_return_bit); 132 return -1; 133 } 134 135 attr.sample_period = 1; 136 attr.wakeup_events = 1; 137 if (is_return) 138 attr.config |= 1 << is_return_bit; 139 140 if (name) { 141 attr.config1 = ptr_to_u64((void *)name); 142 attr.config2 = offset; 143 } else { 144 attr.config1 = 0; 145 attr.config2 = addr; 146 } 147 attr.size = sizeof(attr); 148 attr.type = type; 149 150 fd = sys_perf_event_open(&attr, -1, 0, -1, 0); 151 CHECK_PERROR_RET(fd < 0); 152 153 CHECK_PERROR_RET(ioctl(fd, PERF_EVENT_IOC_ENABLE, 0) < 0); 154 CHECK_PERROR_RET(ioctl(fd, PERF_EVENT_IOC_SET_BPF, prog_fd[0]) < 0); 155 CHECK_PERROR_RET(bpf_task_fd_query(getpid(), fd, 0, buf, buf_len, 156 prog_id, fd_type, probe_offset, probe_addr) < 0); 157 158 return 0; 159 } 160 161 static int test_nondebug_fs_probe(const char *event_type, const char *name, 162 __u64 offset, __u64 addr, bool is_return, 163 __u32 expected_fd_type, 164 __u32 expected_ret_fd_type, 165 char *buf, __u32 buf_len) 166 { 167 __u64 probe_offset, probe_addr; 168 __u32 prog_id, fd_type; 169 int err; 170 171 err = test_nondebug_fs_kuprobe_common(event_type, name, 172 offset, addr, is_return, 173 buf, &buf_len, &prog_id, 174 &fd_type, &probe_offset, 175 &probe_addr); 176 if (err < 0) { 177 printf("FAIL: %s, " 178 "for name %s, offset 0x%llx, addr 0x%llx, is_return %d\n", 179 __func__, name ? name : "", offset, addr, is_return); 180 perror(" :"); 181 return -1; 182 } 183 if ((is_return && fd_type != expected_ret_fd_type) || 184 (!is_return && fd_type != expected_fd_type)) { 185 printf("FAIL: %s, incorrect fd_type %u\n", 186 __func__, fd_type); 187 return -1; 188 } 189 if (name) { 190 if (strcmp(name, buf) != 0) { 191 printf("FAIL: %s, incorrect buf %s\n", __func__, buf); 192 return -1; 193 } 194 if (probe_offset != offset) { 195 printf("FAIL: %s, incorrect probe_offset 0x%llx\n", 196 __func__, probe_offset); 197 return -1; 198 } 199 } else { 200 if (buf_len != 0) { 201 printf("FAIL: %s, incorrect buf %p\n", 202 __func__, buf); 203 return -1; 204 } 205 206 if (probe_addr != addr) { 207 printf("FAIL: %s, incorrect probe_addr 0x%llx\n", 208 __func__, probe_addr); 209 return -1; 210 } 211 } 212 return 0; 213 } 214 215 static int test_debug_fs_uprobe(char *binary_path, long offset, bool is_return) 216 { 217 const char *event_type = "uprobe"; 218 struct perf_event_attr attr = {}; 219 char buf[256], event_alias[256]; 220 __u64 probe_offset, probe_addr; 221 __u32 len, prog_id, fd_type; 222 int err, res, kfd, efd; 223 ssize_t bytes; 224 225 snprintf(buf, sizeof(buf), "/sys/kernel/debug/tracing/%s_events", 226 event_type); 227 kfd = open(buf, O_WRONLY | O_APPEND, 0); 228 CHECK_PERROR_RET(kfd < 0); 229 230 res = snprintf(event_alias, sizeof(event_alias), "test_%d", getpid()); 231 CHECK_PERROR_RET(res < 0 || res >= sizeof(event_alias)); 232 233 res = snprintf(buf, sizeof(buf), "%c:%ss/%s %s:0x%lx", 234 is_return ? 'r' : 'p', event_type, event_alias, 235 binary_path, offset); 236 CHECK_PERROR_RET(res < 0 || res >= sizeof(buf)); 237 CHECK_PERROR_RET(write(kfd, buf, strlen(buf)) < 0); 238 239 close(kfd); 240 kfd = -1; 241 242 snprintf(buf, sizeof(buf), "/sys/kernel/debug/tracing/events/%ss/%s/id", 243 event_type, event_alias); 244 efd = open(buf, O_RDONLY, 0); 245 CHECK_PERROR_RET(efd < 0); 246 247 bytes = read(efd, buf, sizeof(buf)); 248 CHECK_PERROR_RET(bytes <= 0 || bytes >= sizeof(buf)); 249 close(efd); 250 buf[bytes] = '\0'; 251 252 attr.config = strtol(buf, NULL, 0); 253 attr.type = PERF_TYPE_TRACEPOINT; 254 attr.sample_period = 1; 255 attr.wakeup_events = 1; 256 kfd = sys_perf_event_open(&attr, -1, 0, -1, PERF_FLAG_FD_CLOEXEC); 257 CHECK_PERROR_RET(kfd < 0); 258 CHECK_PERROR_RET(ioctl(kfd, PERF_EVENT_IOC_SET_BPF, prog_fd[0]) < 0); 259 CHECK_PERROR_RET(ioctl(kfd, PERF_EVENT_IOC_ENABLE, 0) < 0); 260 261 len = sizeof(buf); 262 err = bpf_task_fd_query(getpid(), kfd, 0, buf, &len, 263 &prog_id, &fd_type, &probe_offset, 264 &probe_addr); 265 if (err < 0) { 266 printf("FAIL: %s, binary_path %s\n", __func__, binary_path); 267 perror(" :"); 268 return -1; 269 } 270 if ((is_return && fd_type != BPF_FD_TYPE_URETPROBE) || 271 (!is_return && fd_type != BPF_FD_TYPE_UPROBE)) { 272 printf("FAIL: %s, incorrect fd_type %u\n", __func__, 273 fd_type); 274 return -1; 275 } 276 if (strcmp(binary_path, buf) != 0) { 277 printf("FAIL: %s, incorrect buf %s\n", __func__, buf); 278 return -1; 279 } 280 if (probe_offset != offset) { 281 printf("FAIL: %s, incorrect probe_offset 0x%llx\n", __func__, 282 probe_offset); 283 return -1; 284 } 285 286 close(kfd); 287 return 0; 288 } 289 290 int main(int argc, char **argv) 291 { 292 struct rlimit r = {1024*1024, RLIM_INFINITY}; 293 extern char __executable_start; 294 char filename[256], buf[256]; 295 __u64 uprobe_file_offset; 296 297 snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]); 298 if (setrlimit(RLIMIT_MEMLOCK, &r)) { 299 perror("setrlimit(RLIMIT_MEMLOCK)"); 300 return 1; 301 } 302 303 if (load_kallsyms()) { 304 printf("failed to process /proc/kallsyms\n"); 305 return 1; 306 } 307 308 if (load_bpf_file(filename)) { 309 printf("%s", bpf_log_buf); 310 return 1; 311 } 312 313 /* test two functions in the corresponding *_kern.c file */ 314 CHECK_AND_RET(test_debug_fs_kprobe(0, "blk_mq_start_request", 315 BPF_FD_TYPE_KPROBE)); 316 CHECK_AND_RET(test_debug_fs_kprobe(1, "blk_account_io_completion", 317 BPF_FD_TYPE_KRETPROBE)); 318 319 /* test nondebug fs kprobe */ 320 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", "bpf_check", 0x0, 0x0, 321 false, BPF_FD_TYPE_KPROBE, 322 BPF_FD_TYPE_KRETPROBE, 323 buf, sizeof(buf))); 324 #ifdef __x86_64__ 325 /* set a kprobe on "bpf_check + 0x5", which is x64 specific */ 326 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", "bpf_check", 0x5, 0x0, 327 false, BPF_FD_TYPE_KPROBE, 328 BPF_FD_TYPE_KRETPROBE, 329 buf, sizeof(buf))); 330 #endif 331 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", "bpf_check", 0x0, 0x0, 332 true, BPF_FD_TYPE_KPROBE, 333 BPF_FD_TYPE_KRETPROBE, 334 buf, sizeof(buf))); 335 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0, 336 ksym_get_addr("bpf_check"), false, 337 BPF_FD_TYPE_KPROBE, 338 BPF_FD_TYPE_KRETPROBE, 339 buf, sizeof(buf))); 340 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0, 341 ksym_get_addr("bpf_check"), false, 342 BPF_FD_TYPE_KPROBE, 343 BPF_FD_TYPE_KRETPROBE, 344 NULL, 0)); 345 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0, 346 ksym_get_addr("bpf_check"), true, 347 BPF_FD_TYPE_KPROBE, 348 BPF_FD_TYPE_KRETPROBE, 349 buf, sizeof(buf))); 350 CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0, 351 ksym_get_addr("bpf_check"), true, 352 BPF_FD_TYPE_KPROBE, 353 BPF_FD_TYPE_KRETPROBE, 354 0, 0)); 355 356 /* test nondebug fs uprobe */ 357 /* the calculation of uprobe file offset is based on gcc 7.3.1 on x64 358 * and the default linker script, which defines __executable_start as 359 * the start of the .text section. The calculation could be different 360 * on different systems with different compilers. The right way is 361 * to parse the ELF file. We took a shortcut here. 362 */ 363 uprobe_file_offset = (__u64)main - (__u64)&__executable_start; 364 CHECK_AND_RET(test_nondebug_fs_probe("uprobe", (char *)argv[0], 365 uprobe_file_offset, 0x0, false, 366 BPF_FD_TYPE_UPROBE, 367 BPF_FD_TYPE_URETPROBE, 368 buf, sizeof(buf))); 369 CHECK_AND_RET(test_nondebug_fs_probe("uprobe", (char *)argv[0], 370 uprobe_file_offset, 0x0, true, 371 BPF_FD_TYPE_UPROBE, 372 BPF_FD_TYPE_URETPROBE, 373 buf, sizeof(buf))); 374 375 /* test debug fs uprobe */ 376 CHECK_AND_RET(test_debug_fs_uprobe((char *)argv[0], uprobe_file_offset, 377 false)); 378 CHECK_AND_RET(test_debug_fs_uprobe((char *)argv[0], uprobe_file_offset, 379 true)); 380 381 return 0; 382 } 383