samples/bpf/task_fd_query_user.c

   1 // SPDX-License-Identifier: GPL-2.0
   2
   3 #include <stdio.h>
   4 #include <stdlib.h>
   5 #include <signal.h>
   6 #include <unistd.h>
   7 #include <stdbool.h>
   8 #include <string.h>
   9 #include <stdint.h>
  10 #include <fcntl.h>
  11 #include <linux/bpf.h>
  12 #include <sys/ioctl.h>
  13 #include <sys/resource.h>
  14 #include <sys/types.h>
  15 #include <sys/stat.h>
  16
  17 #include "libbpf.h"
  18 #include "bpf_load.h"
  19 #include "bpf_util.h"
  20 #include "perf-sys.h"
  21 #include "trace_helpers.h"
  22
  23 #define CHECK_PERROR_RET(condition) ({                  \
  24         int __ret = !!(condition);                      \
  25         if (__ret) {                                    \
  26                 printf("FAIL: %s:\n", __func__);        \
  27                 perror("    ");                 \
  28                 return -1;                              \
  29         }                                               \
  30 })
  31
  32 #define CHECK_AND_RET(condition) ({                     \
  33         int __ret = !!(condition);                      \
  34         if (__ret)                                      \
  35                 return -1;                              \
  36 })
  37
  38 static __u64 ptr_to_u64(void *ptr)
  39 {
  40         return (__u64) (unsigned long) ptr;
  41 }
  42
  43 #define PMU_TYPE_FILE "/sys/bus/event_source/devices/%s/type"
  44 static int bpf_find_probe_type(const char *event_type)
  45 {
  46         char buf[256];
  47         int fd, ret;
  48
  49         ret = snprintf(buf, sizeof(buf), PMU_TYPE_FILE, event_type);
  50         CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf));
  51
  52         fd = open(buf, O_RDONLY);
  53         CHECK_PERROR_RET(fd < 0);
  54
  55         ret = read(fd, buf, sizeof(buf));
  56         close(fd);
  57         CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf));
  58
  59         errno = 0;
  60         ret = (int)strtol(buf, NULL, 10);
  61         CHECK_PERROR_RET(errno);
  62         return ret;
  63 }
  64
  65 #define PMU_RETPROBE_FILE "/sys/bus/event_source/devices/%s/format/retprobe"
  66 static int bpf_get_retprobe_bit(const char *event_type)
  67 {
  68         char buf[256];
  69         int fd, ret;
  70
  71         ret = snprintf(buf, sizeof(buf), PMU_RETPROBE_FILE, event_type);
  72         CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf));
  73
  74         fd = open(buf, O_RDONLY);
  75         CHECK_PERROR_RET(fd < 0);
  76
  77         ret = read(fd, buf, sizeof(buf));
  78         close(fd);
  79         CHECK_PERROR_RET(ret < 0 || ret >= sizeof(buf));
  80         CHECK_PERROR_RET(strlen(buf) < strlen("config:"));
  81
  82         errno = 0;
  83         ret = (int)strtol(buf + strlen("config:"), NULL, 10);
  84         CHECK_PERROR_RET(errno);
  85         return ret;
  86 }
  87
  88 static int test_debug_fs_kprobe(int prog_fd_idx, const char *fn_name,
  89                                 __u32 expected_fd_type)
  90 {
  91         __u64 probe_offset, probe_addr;
  92         __u32 len, prog_id, fd_type;
  93         char buf[256];
  94         int err;
  95
  96         len = sizeof(buf);
  97         err = bpf_task_fd_query(getpid(), event_fd[prog_fd_idx], 0, buf, &len,
  98                                 &prog_id, &fd_type, &probe_offset,
  99                                 &probe_addr);
 100         if (err < 0) {
 101                 printf("FAIL: %s, for event_fd idx %d, fn_name %s\n",
 102                        __func__, prog_fd_idx, fn_name);
 103                 perror("    :");
 104                 return -1;
 105         }
 106         if (strcmp(buf, fn_name) != 0 ||
 107             fd_type != expected_fd_type ||
 108             probe_offset != 0x0 || probe_addr != 0x0) {
 109                 printf("FAIL: bpf_trace_event_query(event_fd[%d]):\n",
 110                        prog_fd_idx);
 111                 printf("buf: %s, fd_type: %u, probe_offset: 0x%llx,"
 112                        " probe_addr: 0x%llx\n",
 113                        buf, fd_type, probe_offset, probe_addr);
 114                 return -1;
 115         }
 116         return 0;
 117 }
 118
 119 static int test_nondebug_fs_kuprobe_common(const char *event_type,
 120         const char *name, __u64 offset, __u64 addr, bool is_return,
 121         char *buf, __u32 *buf_len, __u32 *prog_id, __u32 *fd_type,
 122         __u64 *probe_offset, __u64 *probe_addr)
 123 {
 124         int is_return_bit = bpf_get_retprobe_bit(event_type);
 125         int type = bpf_find_probe_type(event_type);
 126         struct perf_event_attr attr = {};
 127         int fd;
 128
 129         if (type < 0 || is_return_bit < 0) {
 130                 printf("FAIL: %s incorrect type (%d) or is_return_bit (%d)\n",
 131                         __func__, type, is_return_bit);
 132                 return -1;
 133         }
 134
 135         attr.sample_period = 1;
 136         attr.wakeup_events = 1;
 137         if (is_return)
 138                 attr.config |= 1 << is_return_bit;
 139
 140         if (name) {
 141                 attr.config1 = ptr_to_u64((void *)name);
 142                 attr.config2 = offset;
 143         } else {
 144                 attr.config1 = 0;
 145                 attr.config2 = addr;
 146         }
 147         attr.size = sizeof(attr);
 148         attr.type = type;
 149
 150         fd = sys_perf_event_open(&attr, -1, 0, -1, 0);
 151         CHECK_PERROR_RET(fd < 0);
 152
 153         CHECK_PERROR_RET(ioctl(fd, PERF_EVENT_IOC_ENABLE, 0) < 0);
 154         CHECK_PERROR_RET(ioctl(fd, PERF_EVENT_IOC_SET_BPF, prog_fd[0]) < 0);
 155         CHECK_PERROR_RET(bpf_task_fd_query(getpid(), fd, 0, buf, buf_len,
 156                          prog_id, fd_type, probe_offset, probe_addr) < 0);
 157
 158         return 0;
 159 }
 160
 161 static int test_nondebug_fs_probe(const char *event_type, const char *name,
 162                                   __u64 offset, __u64 addr, bool is_return,
 163                                   __u32 expected_fd_type,
 164                                   __u32 expected_ret_fd_type,
 165                                   char *buf, __u32 buf_len)
 166 {
 167         __u64 probe_offset, probe_addr;
 168         __u32 prog_id, fd_type;
 169         int err;
 170
 171         err = test_nondebug_fs_kuprobe_common(event_type, name,
 172                                               offset, addr, is_return,
 173                                               buf, &buf_len, &prog_id,
 174                                               &fd_type, &probe_offset,
 175                                               &probe_addr);
 176         if (err < 0) {
 177                 printf("FAIL: %s, "
 178                        "for name %s, offset 0x%llx, addr 0x%llx, is_return %d\n",
 179                        __func__, name ? name : "", offset, addr, is_return);
 180                 perror("    :");
 181                 return -1;
 182         }
 183         if ((is_return && fd_type != expected_ret_fd_type) ||
 184             (!is_return && fd_type != expected_fd_type)) {
 185                 printf("FAIL: %s, incorrect fd_type %u\n",
 186                        __func__, fd_type);
 187                 return -1;
 188         }
 189         if (name) {
 190                 if (strcmp(name, buf) != 0) {
 191                         printf("FAIL: %s, incorrect buf %s\n", __func__, buf);
 192                         return -1;
 193                 }
 194                 if (probe_offset != offset) {
 195                         printf("FAIL: %s, incorrect probe_offset 0x%llx\n",
 196                                __func__, probe_offset);
 197                         return -1;
 198                 }
 199         } else {
 200                 if (buf_len != 0) {
 201                         printf("FAIL: %s, incorrect buf %p\n",
 202                                __func__, buf);
 203                         return -1;
 204                 }
 205
 206                 if (probe_addr != addr) {
 207                         printf("FAIL: %s, incorrect probe_addr 0x%llx\n",
 208                                __func__, probe_addr);
 209                         return -1;
 210                 }
 211         }
 212         return 0;
 213 }
 214
 215 static int test_debug_fs_uprobe(char *binary_path, long offset, bool is_return)
 216 {
 217         const char *event_type = "uprobe";
 218         struct perf_event_attr attr = {};
 219         char buf[256], event_alias[256];
 220         __u64 probe_offset, probe_addr;
 221         __u32 len, prog_id, fd_type;
 222         int err, res, kfd, efd;
 223         ssize_t bytes;
 224
 225         snprintf(buf, sizeof(buf), "/sys/kernel/debug/tracing/%s_events",
 226                  event_type);
 227         kfd = open(buf, O_WRONLY | O_APPEND, 0);
 228         CHECK_PERROR_RET(kfd < 0);
 229
 230         res = snprintf(event_alias, sizeof(event_alias), "test_%d", getpid());
 231         CHECK_PERROR_RET(res < 0 || res >= sizeof(event_alias));
 232
 233         res = snprintf(buf, sizeof(buf), "%c:%ss/%s %s:0x%lx",
 234                        is_return ? 'r' : 'p', event_type, event_alias,
 235                        binary_path, offset);
 236         CHECK_PERROR_RET(res < 0 || res >= sizeof(buf));
 237         CHECK_PERROR_RET(write(kfd, buf, strlen(buf)) < 0);
 238
 239         close(kfd);
 240         kfd = -1;
 241
 242         snprintf(buf, sizeof(buf), "/sys/kernel/debug/tracing/events/%ss/%s/id",
 243                  event_type, event_alias);
 244         efd = open(buf, O_RDONLY, 0);
 245         CHECK_PERROR_RET(efd < 0);
 246
 247         bytes = read(efd, buf, sizeof(buf));
 248         CHECK_PERROR_RET(bytes <= 0 || bytes >= sizeof(buf));
 249         close(efd);
 250         buf[bytes] = '\0';
 251
 252         attr.config = strtol(buf, NULL, 0);
 253         attr.type = PERF_TYPE_TRACEPOINT;
 254         attr.sample_period = 1;
 255         attr.wakeup_events = 1;
 256         kfd = sys_perf_event_open(&attr, -1, 0, -1, PERF_FLAG_FD_CLOEXEC);
 257         CHECK_PERROR_RET(kfd < 0);
 258         CHECK_PERROR_RET(ioctl(kfd, PERF_EVENT_IOC_SET_BPF, prog_fd[0]) < 0);
 259         CHECK_PERROR_RET(ioctl(kfd, PERF_EVENT_IOC_ENABLE, 0) < 0);
 260
 261         len = sizeof(buf);
 262         err = bpf_task_fd_query(getpid(), kfd, 0, buf, &len,
 263                                 &prog_id, &fd_type, &probe_offset,
 264                                 &probe_addr);
 265         if (err < 0) {
 266                 printf("FAIL: %s, binary_path %s\n", __func__, binary_path);
 267                 perror("    :");
 268                 return -1;
 269         }
 270         if ((is_return && fd_type != BPF_FD_TYPE_URETPROBE) ||
 271             (!is_return && fd_type != BPF_FD_TYPE_UPROBE)) {
 272                 printf("FAIL: %s, incorrect fd_type %u\n", __func__,
 273                        fd_type);
 274                 return -1;
 275         }
 276         if (strcmp(binary_path, buf) != 0) {
 277                 printf("FAIL: %s, incorrect buf %s\n", __func__, buf);
 278                 return -1;
 279         }
 280         if (probe_offset != offset) {
 281                 printf("FAIL: %s, incorrect probe_offset 0x%llx\n", __func__,
 282                        probe_offset);
 283                 return -1;
 284         }
 285
 286         close(kfd);
 287         return 0;
 288 }
 289
 290 int main(int argc, char **argv)
 291 {
 292         struct rlimit r = {1024*1024, RLIM_INFINITY};
 293         extern char __executable_start;
 294         char filename[256], buf[256];
 295         __u64 uprobe_file_offset;
 296
 297         snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
 298         if (setrlimit(RLIMIT_MEMLOCK, &r)) {
 299                 perror("setrlimit(RLIMIT_MEMLOCK)");
 300                 return 1;
 301         }
 302
 303         if (load_kallsyms()) {
 304                 printf("failed to process /proc/kallsyms\n");
 305                 return 1;
 306         }
 307
 308         if (load_bpf_file(filename)) {
 309                 printf("%s", bpf_log_buf);
 310                 return 1;
 311         }
 312
 313         /* test two functions in the corresponding *_kern.c file */
 314         CHECK_AND_RET(test_debug_fs_kprobe(0, "blk_start_request",
 315                                            BPF_FD_TYPE_KPROBE));
 316         CHECK_AND_RET(test_debug_fs_kprobe(1, "blk_account_io_completion",
 317                                            BPF_FD_TYPE_KRETPROBE));
 318
 319         /* test nondebug fs kprobe */
 320         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", "bpf_check", 0x0, 0x0,
 321                                              false, BPF_FD_TYPE_KPROBE,
 322                                              BPF_FD_TYPE_KRETPROBE,
 323                                              buf, sizeof(buf)));
 324 #ifdef __x86_64__
 325         /* set a kprobe on "bpf_check + 0x5", which is x64 specific */
 326         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", "bpf_check", 0x5, 0x0,
 327                                              false, BPF_FD_TYPE_KPROBE,
 328                                              BPF_FD_TYPE_KRETPROBE,
 329                                              buf, sizeof(buf)));
 330 #endif
 331         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", "bpf_check", 0x0, 0x0,
 332                                              true, BPF_FD_TYPE_KPROBE,
 333                                              BPF_FD_TYPE_KRETPROBE,
 334                                              buf, sizeof(buf)));
 335         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0,
 336                                              ksym_get_addr("bpf_check"), false,
 337                                              BPF_FD_TYPE_KPROBE,
 338                                              BPF_FD_TYPE_KRETPROBE,
 339                                              buf, sizeof(buf)));
 340         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0,
 341                                              ksym_get_addr("bpf_check"), false,
 342                                              BPF_FD_TYPE_KPROBE,
 343                                              BPF_FD_TYPE_KRETPROBE,
 344                                              NULL, 0));
 345         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0,
 346                                              ksym_get_addr("bpf_check"), true,
 347                                              BPF_FD_TYPE_KPROBE,
 348                                              BPF_FD_TYPE_KRETPROBE,
 349                                              buf, sizeof(buf)));
 350         CHECK_AND_RET(test_nondebug_fs_probe("kprobe", NULL, 0x0,
 351                                              ksym_get_addr("bpf_check"), true,
 352                                              BPF_FD_TYPE_KPROBE,
 353                                              BPF_FD_TYPE_KRETPROBE,
 354                                              0, 0));
 355
 356         /* test nondebug fs uprobe */
 357         /* the calculation of uprobe file offset is based on gcc 7.3.1 on x64
 358          * and the default linker script, which defines __executable_start as
 359          * the start of the .text section. The calculation could be different
 360          * on different systems with different compilers. The right way is
 361          * to parse the ELF file. We took a shortcut here.
 362          */
 363         uprobe_file_offset = (__u64)main - (__u64)&__executable_start;
 364         CHECK_AND_RET(test_nondebug_fs_probe("uprobe", (char *)argv[0],
 365                                              uprobe_file_offset, 0x0, false,
 366                                              BPF_FD_TYPE_UPROBE,
 367                                              BPF_FD_TYPE_URETPROBE,
 368                                              buf, sizeof(buf)));
 369         CHECK_AND_RET(test_nondebug_fs_probe("uprobe", (char *)argv[0],
 370                                              uprobe_file_offset, 0x0, true,
 371                                              BPF_FD_TYPE_UPROBE,
 372                                              BPF_FD_TYPE_URETPROBE,
 373                                              buf, sizeof(buf)));
 374
 375         /* test debug fs uprobe */
 376         CHECK_AND_RET(test_debug_fs_uprobe((char *)argv[0], uprobe_file_offset,
 377                                            false));
 378         CHECK_AND_RET(test_debug_fs_uprobe((char *)argv[0], uprobe_file_offset,
 379                                            true));
 380
 381         return 0;
 382 }