tracing, perf: Implement BPF programs attached to kprobes

BPF programs, attached to kprobes, provide a safe way to execute user-defined BPF byte-code programs without being able to crash or hang the kernel in any way. The BPF engine makes sure that such programs have a finite execution time and that they cannot break out of their sandbox. The user interface is to attach to a kprobe via the perf syscall: struct perf_event_attr attr = { .type = PERF_TYPE_TRACEPOINT, .config = event_id, ... }; event_fd = perf_event_open(&attr,...); ioctl(event_fd, PERF_EVENT_IOC_SET_BPF, prog_fd); 'prog_fd' is a file descriptor associated with BPF program previously loaded. 'event_id' is an ID of the kprobe created. Closing 'event_fd': close(event_fd); ... automatically detaches BPF program from it. BPF programs can call in-kernel helper functions to: - lookup/update/delete elements in maps - probe_read - wraper of probe_kernel_read() used to access any kernel data structures BPF programs receive 'struct pt_regs *' as an input ('struct pt_regs' is architecture dependent) and return 0 to ignore the event and 1 to store kprobe event into the ring buffer. Note, kprobes are a fundamentally _not_ a stable kernel ABI, so BPF programs attached to kprobes must be recompiled for every kernel version and user must supply correct LINUX_VERSION_CODE in attr.kern_version during bpf_prog_load() call. Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Reviewed-by: Steven Rostedt <rostedt@goodmis.org> Reviewed-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Arnaldo Carvalho de Melo <acme@infradead.org> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: David S. Miller <davem@davemloft.net> Cc: Jiri Olsa <jolsa@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Namhyung Kim <namhyung@kernel.org> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Peter Zijlstra <peterz@infradead.org> Link: http://lkml.kernel.org/r/1427312966-8434-4-git-send-email-ast@plumgrid.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Alexei Starovoitov <ast@plumgrid.com> 2015-03-25 15:49:20 -0400
committer: Ingo Molnar <mingo@kernel.org> 2015-04-02 07:25:49 -0400
commit: 2541517c32be2531e0da59dfd7efc1ce844644f5 (patch)
tree: a69f215a0bbc2f5db1a5d7aff83a465940e40e01 /kernel
parent: 72cbbc8994242b5b43753738c01bf07bf29cb70d (diff)
5 files changed, 204 insertions, 1 deletions
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 536edc2be307..504c10b990ef 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -16,6 +16,7 @@
 #include <linux/file.h>
 #include <linux/license.h>
 #include <linux/filter.h>
+#include <linux/version.h>
 static LIST_HEAD(bpf_map_types);
@@ -467,7 +468,7 @@ struct bpf_prog *bpf_prog_get(u32 ufd)
 }
 /* last field in 'union bpf_attr' used by this command */
-#define BPF_PROG_LOAD_LAST_FIELD log_buf
+#define BPF_PROG_LOAD_LAST_FIELD kern_version
 static int bpf_prog_load(union bpf_attr *attr)
 {
@@ -492,6 +493,10 @@ static int bpf_prog_load(union bpf_attr *attr)
        if (attr->insn_cnt >= BPF_MAXINSNS)
                return -EINVAL;
+        if (type == BPF_PROG_TYPE_KPROBE &&
+            attr->kern_version != LINUX_VERSION_CODE)
+                return -EINVAL;
        /* plain bpf_prog allocation */
        prog = bpf_prog_alloc(bpf_prog_size(attr->insn_cnt), GFP_USER);
        if (!prog)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index c40c2cac2d8e..5c13862d3e85 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -42,6 +42,8 @@
 #include <linux/module.h>
 #include <linux/mman.h>
 #include <linux/compat.h>
+#include <linux/bpf.h>
+#include <linux/filter.h>
 #include "internal.h"
@@ -3407,6 +3409,7 @@ errout:
 }
 static void perf_event_free_filter(struct perf_event *event);
+static void perf_event_free_bpf_prog(struct perf_event *event);
 static void free_event_rcu(struct rcu_head *head)
 {
@@ -3416,6 +3419,7 @@ static void free_event_rcu(struct rcu_head *head)
        if (event->ns)
                put_pid_ns(event->ns);
        perf_event_free_filter(event);
+        perf_event_free_bpf_prog(event);
        kfree(event);
 }
@@ -3928,6 +3932,7 @@ static inline int perf_fget_light(int fd, struct fd *p)
 static int perf_event_set_output(struct perf_event *event,
                                 struct perf_event *output_event);
 static int perf_event_set_filter(struct perf_event *event, void __user *arg);
+static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd);
 static long _perf_ioctl(struct perf_event *event, unsigned int cmd, unsigned long arg)
 {
@@ -3981,6 +3986,9 @@ static long _perf_ioctl(struct perf_event *event, unsigned int cmd, unsigned lon
        case PERF_EVENT_IOC_SET_FILTER:
                return perf_event_set_filter(event, (void __user *)arg);
+        case PERF_EVENT_IOC_SET_BPF:
+                return perf_event_set_bpf_prog(event, arg);
        default:
                return -ENOTTY;
        }
@@ -6455,6 +6463,49 @@ static void perf_event_free_filter(struct perf_event *event)
        ftrace_profile_free_filter(event);
 }
+static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd)
+{
+        struct bpf_prog *prog;
+        if (event->attr.type != PERF_TYPE_TRACEPOINT)
+                return -EINVAL;
+        if (event->tp_event->prog)
+                return -EEXIST;
+        if (!(event->tp_event->flags & TRACE_EVENT_FL_KPROBE))
+                /* bpf programs can only be attached to kprobes */
+                return -EINVAL;
+        prog = bpf_prog_get(prog_fd);
+        if (IS_ERR(prog))
+                return PTR_ERR(prog);
+        if (prog->aux->prog_type != BPF_PROG_TYPE_KPROBE) {
+                /* valid fd, but invalid bpf program type */
+                bpf_prog_put(prog);
+                return -EINVAL;
+        }
+        event->tp_event->prog = prog;
+        return 0;
+}
+static void perf_event_free_bpf_prog(struct perf_event *event)
+{
+        struct bpf_prog *prog;
+        if (!event->tp_event)
+                return;
+        prog = event->tp_event->prog;
+        if (prog) {
+                event->tp_event->prog = NULL;
+                bpf_prog_put(prog);
+        }
+}
 #else
 static inline void perf_tp_register(void)
@@ -6470,6 +6521,14 @@ static void perf_event_free_filter(struct perf_event *event)
 {
 }
+static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd)
+{
+        return -ENOENT;
+}
+static void perf_event_free_bpf_prog(struct perf_event *event)
+{
+}
 #endif /* CONFIG_EVENT_TRACING */
 #ifdef CONFIG_HAVE_HW_BREAKPOINT
diff --git a/kernel/trace/Makefile b/kernel/trace/Makefile
index 98f26588255e..c575a300103b 100644
--- a/kernel/trace/Makefile
+++ b/kernel/trace/Makefile
@@ -53,6 +53,7 @@ obj-$(CONFIG_EVENT_TRACING) += trace_event_perf.o
 endif
 obj-$(CONFIG_EVENT_TRACING) += trace_events_filter.o
 obj-$(CONFIG_EVENT_TRACING) += trace_events_trigger.o
+obj-$(CONFIG_BPF_SYSCALL) += bpf_trace.o
 obj-$(CONFIG_KPROBE_EVENT) += trace_kprobe.o
 obj-$(CONFIG_TRACEPOINTS) += power-traces.o
 ifeq ($(CONFIG_PM),y)
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
new file mode 100644
index 000000000000..f1e87da91da3
--- /dev/null
+++ b/kernel/trace/bpf_trace.c
@@ -0,0 +1,130 @@
+/* Copyright (c) 2011-2015 PLUMgrid, http://plumgrid.com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of version 2 of the GNU General Public
+ * License as published by the Free Software Foundation.
+ */
+#include <linux/kernel.h>
+#include <linux/types.h>
+#include <linux/slab.h>
+#include <linux/bpf.h>
+#include <linux/filter.h>
+#include <linux/uaccess.h>
+#include "trace.h"
+static DEFINE_PER_CPU(int, bpf_prog_active);
+/**
+ * trace_call_bpf - invoke BPF program
+ * @prog: BPF program
+ * @ctx: opaque context pointer
+ *
+ * kprobe handlers execute BPF programs via this helper.
+ * Can be used from static tracepoints in the future.
+ *
+ * Return: BPF programs always return an integer which is interpreted by
+ * kprobe handler as:
+ * 0 - return from kprobe (event is filtered out)
+ * 1 - store kprobe event into ring buffer
+ * Other values are reserved and currently alias to 1
+ */
+unsigned int trace_call_bpf(struct bpf_prog *prog, void *ctx)
+{
+        unsigned int ret;
+        if (in_nmi()) /* not supported yet */
+                return 1;
+        preempt_disable();
+        if (unlikely(__this_cpu_inc_return(bpf_prog_active) != 1)) {
+                /*
+                 * since some bpf program is already running on this cpu,
+                 * don't call into another bpf program (same or different)
+                 * and don't send kprobe event into ring-buffer,
+                 * so return zero here
+                 */
+                ret = 0;
+                goto out;
+        }
+        rcu_read_lock();
+        ret = BPF_PROG_RUN(prog, ctx);
+        rcu_read_unlock();
+ out:
+        __this_cpu_dec(bpf_prog_active);
+        preempt_enable();
+        return ret;
+}
+EXPORT_SYMBOL_GPL(trace_call_bpf);
+static u64 bpf_probe_read(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5)
+{
+        void *dst = (void *) (long) r1;
+        int size = (int) r2;
+        void *unsafe_ptr = (void *) (long) r3;
+        return probe_kernel_read(dst, unsafe_ptr, size);
+}
+static const struct bpf_func_proto bpf_probe_read_proto = {
+        .func           = bpf_probe_read,
+        .gpl_only       = true,
+        .ret_type       = RET_INTEGER,
+        .arg1_type      = ARG_PTR_TO_STACK,
+        .arg2_type      = ARG_CONST_STACK_SIZE,
+        .arg3_type      = ARG_ANYTHING,
+};
+static const struct bpf_func_proto *kprobe_prog_func_proto(enum bpf_func_id func_id)
+{
+        switch (func_id) {
+        case BPF_FUNC_map_lookup_elem:
+                return &bpf_map_lookup_elem_proto;
+        case BPF_FUNC_map_update_elem:
+                return &bpf_map_update_elem_proto;
+        case BPF_FUNC_map_delete_elem:
+                return &bpf_map_delete_elem_proto;
+        case BPF_FUNC_probe_read:
+                return &bpf_probe_read_proto;
+        default:
+                return NULL;
+        }
+}
+/* bpf+kprobe programs can access fields of 'struct pt_regs' */
+static bool kprobe_prog_is_valid_access(int off, int size, enum bpf_access_type type)
+{
+        /* check bounds */
+        if (off < 0 || off >= sizeof(struct pt_regs))
+                return false;
+        /* only read is allowed */
+        if (type != BPF_READ)
+                return false;
+        /* disallow misaligned access */
+        if (off % size != 0)
+                return false;
+        return true;
+}
+static struct bpf_verifier_ops kprobe_prog_ops = {
+        .get_func_proto  = kprobe_prog_func_proto,
+        .is_valid_access = kprobe_prog_is_valid_access,
+};
+static struct bpf_prog_type_list kprobe_tl = {
+        .ops    = &kprobe_prog_ops,
+        .type   = BPF_PROG_TYPE_KPROBE,
+};
+static int __init register_kprobe_prog_ops(void)
+{
+        bpf_register_prog_type(&kprobe_tl);
+        return 0;
+}
+late_initcall(register_kprobe_prog_ops);
diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
index 8fa549f6f528..dc3462507d7c 100644
--- a/kernel/trace/trace_kprobe.c
+++ b/kernel/trace/trace_kprobe.c
@@ -1134,11 +1134,15 @@ static void
 kprobe_perf_func(struct trace_kprobe *tk, struct pt_regs *regs)
 {
        struct ftrace_event_call *call = &tk->tp.call;
+        struct bpf_prog *prog = call->prog;
        struct kprobe_trace_entry_head *entry;
        struct hlist_head *head;
        int size, __size, dsize;
        int rctx;
+        if (prog && !trace_call_bpf(prog, regs))
+                return;
        head = this_cpu_ptr(call->perf_events);
        if (hlist_empty(head))
                return;
@@ -1165,11 +1169,15 @@ kretprobe_perf_func(struct trace_kprobe *tk, struct kretprobe_instance *ri,
                    struct pt_regs *regs)
 {
        struct ftrace_event_call *call = &tk->tp.call;
+        struct bpf_prog *prog = call->prog;
        struct kretprobe_trace_entry_head *entry;
        struct hlist_head *head;
        int size, __size, dsize;
        int rctx;
+        if (prog && !trace_call_bpf(prog, regs))
+                return;
        head = this_cpu_ptr(call->perf_events);
        if (hlist_empty(head))
                return;
author	Alexei Starovoitov <ast@plumgrid.com>	2015-03-25 15:49:20 -0400
committer	Ingo Molnar <mingo@kernel.org>	2015-04-02 07:25:49 -0400
commit	2541517c32be2531e0da59dfd7efc1ce844644f5 (patch)
tree	a69f215a0bbc2f5db1a5d7aff83a465940e40e01 /kernel
parent	72cbbc8994242b5b43753738c01bf07bf29cb70d (diff)

diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 536edc2be307..504c10b990ef 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c
@@ -16,6 +16,7 @@
16	#include <linux/file.h>	16	#include <linux/file.h>
17	#include <linux/license.h>	17	#include <linux/license.h>
18	#include <linux/filter.h>	18	#include <linux/filter.h>
		19	#include <linux/version.h>
19		20
20	static LIST_HEAD(bpf_map_types);	21	static LIST_HEAD(bpf_map_types);
21		22
@@ -467,7 +468,7 @@ struct bpf_prog *bpf_prog_get(u32 ufd)
467	}	468	}
468		469
469	/* last field in 'union bpf_attr' used by this command */	470	/* last field in 'union bpf_attr' used by this command */
470	#define BPF_PROG_LOAD_LAST_FIELD log_buf	471	#define BPF_PROG_LOAD_LAST_FIELD kern_version
471		472
472	static int bpf_prog_load(union bpf_attr *attr)	473	static int bpf_prog_load(union bpf_attr *attr)
473	{	474	{
@@ -492,6 +493,10 @@ static int bpf_prog_load(union bpf_attr *attr)
492	if (attr->insn_cnt >= BPF_MAXINSNS)	493	if (attr->insn_cnt >= BPF_MAXINSNS)
493	return -EINVAL;	494	return -EINVAL;
494		495
		496	if (type == BPF_PROG_TYPE_KPROBE &&
		497	attr->kern_version != LINUX_VERSION_CODE)
		498	return -EINVAL;
		499
495	/* plain bpf_prog allocation */	500	/* plain bpf_prog allocation */
496	prog = bpf_prog_alloc(bpf_prog_size(attr->insn_cnt), GFP_USER);	501	prog = bpf_prog_alloc(bpf_prog_size(attr->insn_cnt), GFP_USER);
497	if (!prog)	502	if (!prog)


diff --git a/kernel/events/core.c b/kernel/events/core.c index c40c2cac2d8e..5c13862d3e85 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c
@@ -42,6 +42,8 @@
42	#include <linux/module.h>	42	#include <linux/module.h>
43	#include <linux/mman.h>	43	#include <linux/mman.h>
44	#include <linux/compat.h>	44	#include <linux/compat.h>
		45	#include <linux/bpf.h>
		46	#include <linux/filter.h>
45		47
46	#include "internal.h"	48	#include "internal.h"
47		49
@@ -3407,6 +3409,7 @@ errout:
3407	}	3409	}
3408		3410
3409	static void perf_event_free_filter(struct perf_event *event);	3411	static void perf_event_free_filter(struct perf_event *event);
		3412	static void perf_event_free_bpf_prog(struct perf_event *event);
3410		3413
3411	static void free_event_rcu(struct rcu_head *head)	3414	static void free_event_rcu(struct rcu_head *head)
3412	{	3415	{
@@ -3416,6 +3419,7 @@ static void free_event_rcu(struct rcu_head *head)
3416	if (event->ns)	3419	if (event->ns)
3417	put_pid_ns(event->ns);	3420	put_pid_ns(event->ns);
3418	perf_event_free_filter(event);	3421	perf_event_free_filter(event);
		3422	perf_event_free_bpf_prog(event);
3419	kfree(event);	3423	kfree(event);
3420	}	3424	}
3421		3425
@@ -3928,6 +3932,7 @@ static inline int perf_fget_light(int fd, struct fd *p)
3928	static int perf_event_set_output(struct perf_event *event,	3932	static int perf_event_set_output(struct perf_event *event,
3929	struct perf_event *output_event);	3933	struct perf_event *output_event);
3930	static int perf_event_set_filter(struct perf_event event, void __user arg);	3934	static int perf_event_set_filter(struct perf_event event, void __user arg);
		3935	static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd);
3931		3936
3932	static long _perf_ioctl(struct perf_event *event, unsigned int cmd, unsigned long arg)	3937	static long _perf_ioctl(struct perf_event *event, unsigned int cmd, unsigned long arg)
3933	{	3938	{
@@ -3981,6 +3986,9 @@ static long _perf_ioctl(struct perf_event *event, unsigned int cmd, unsigned lon
3981	case PERF_EVENT_IOC_SET_FILTER:	3986	case PERF_EVENT_IOC_SET_FILTER:
3982	return perf_event_set_filter(event, (void __user *)arg);	3987	return perf_event_set_filter(event, (void __user *)arg);
3983		3988
		3989	case PERF_EVENT_IOC_SET_BPF:
		3990	return perf_event_set_bpf_prog(event, arg);
		3991
3984	default:	3992	default:
3985	return -ENOTTY;	3993	return -ENOTTY;
3986	}	3994	}
@@ -6455,6 +6463,49 @@ static void perf_event_free_filter(struct perf_event *event)
6455	ftrace_profile_free_filter(event);	6463	ftrace_profile_free_filter(event);
6456	}	6464	}
6457		6465
		6466	static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd)
		6467	{
		6468	struct bpf_prog *prog;
		6469
		6470	if (event->attr.type != PERF_TYPE_TRACEPOINT)
		6471	return -EINVAL;
		6472
		6473	if (event->tp_event->prog)
		6474	return -EEXIST;
		6475
		6476	if (!(event->tp_event->flags & TRACE_EVENT_FL_KPROBE))
		6477	/* bpf programs can only be attached to kprobes */
		6478	return -EINVAL;
		6479
		6480	prog = bpf_prog_get(prog_fd);
		6481	if (IS_ERR(prog))
		6482	return PTR_ERR(prog);
		6483
		6484	if (prog->aux->prog_type != BPF_PROG_TYPE_KPROBE) {
		6485	/* valid fd, but invalid bpf program type */
		6486	bpf_prog_put(prog);
		6487	return -EINVAL;
		6488	}
		6489
		6490	event->tp_event->prog = prog;
		6491
		6492	return 0;
		6493	}
		6494
		6495	static void perf_event_free_bpf_prog(struct perf_event *event)
		6496	{
		6497	struct bpf_prog *prog;
		6498
		6499	if (!event->tp_event)
		6500	return;
		6501
		6502	prog = event->tp_event->prog;
		6503	if (prog) {
		6504	event->tp_event->prog = NULL;
		6505	bpf_prog_put(prog);
		6506	}
		6507	}
		6508
6458	#else	6509	#else
6459		6510
6460	static inline void perf_tp_register(void)	6511	static inline void perf_tp_register(void)
@@ -6470,6 +6521,14 @@ static void perf_event_free_filter(struct perf_event *event)
6470	{	6521	{
6471	}	6522	}
6472		6523
		6524	static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd)
		6525	{
		6526	return -ENOENT;
		6527	}
		6528
		6529	static void perf_event_free_bpf_prog(struct perf_event *event)
		6530	{
		6531	}
6473	#endif /* CONFIG_EVENT_TRACING */	6532	#endif /* CONFIG_EVENT_TRACING */
6474		6533
6475	#ifdef CONFIG_HAVE_HW_BREAKPOINT	6534	#ifdef CONFIG_HAVE_HW_BREAKPOINT


diff --git a/kernel/trace/Makefile b/kernel/trace/Makefile index 98f26588255e..c575a300103b 100644 --- a/kernel/trace/Makefile +++ b/kernel/trace/Makefile
@@ -53,6 +53,7 @@ obj-$(CONFIG_EVENT_TRACING) += trace_event_perf.o
53	endif	53	endif
54	obj-$(CONFIG_EVENT_TRACING) += trace_events_filter.o	54	obj-$(CONFIG_EVENT_TRACING) += trace_events_filter.o
55	obj-$(CONFIG_EVENT_TRACING) += trace_events_trigger.o	55	obj-$(CONFIG_EVENT_TRACING) += trace_events_trigger.o
		56	obj-$(CONFIG_BPF_SYSCALL) += bpf_trace.o
56	obj-$(CONFIG_KPROBE_EVENT) += trace_kprobe.o	57	obj-$(CONFIG_KPROBE_EVENT) += trace_kprobe.o
57	obj-$(CONFIG_TRACEPOINTS) += power-traces.o	58	obj-$(CONFIG_TRACEPOINTS) += power-traces.o
58	ifeq ($(CONFIG_PM),y)	59	ifeq ($(CONFIG_PM),y)


diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c new file mode 100644 index 000000000000..f1e87da91da3 --- /dev/null +++ b/kernel/trace/bpf_trace.c
@@ -0,0 +1,130 @@
		1	/* Copyright (c) 2011-2015 PLUMgrid, http://plumgrid.com
		2	*
		3	* This program is free software; you can redistribute it and/or
		4	* modify it under the terms of version 2 of the GNU General Public
		5	* License as published by the Free Software Foundation.
		6	*/
		7	#include <linux/kernel.h>
		8	#include <linux/types.h>
		9	#include <linux/slab.h>
		10	#include <linux/bpf.h>
		11	#include <linux/filter.h>
		12	#include <linux/uaccess.h>
		13	#include "trace.h"
		14
		15	static DEFINE_PER_CPU(int, bpf_prog_active);
		16
		17	/**
		18	* trace_call_bpf - invoke BPF program
		19	* @prog: BPF program
		20	* @ctx: opaque context pointer
		21	*
		22	* kprobe handlers execute BPF programs via this helper.
		23	* Can be used from static tracepoints in the future.
		24	*
		25	* Return: BPF programs always return an integer which is interpreted by
		26	* kprobe handler as:
		27	* 0 - return from kprobe (event is filtered out)
		28	* 1 - store kprobe event into ring buffer
		29	* Other values are reserved and currently alias to 1
		30	*/
		31	unsigned int trace_call_bpf(struct bpf_prog prog, void ctx)
		32	{
		33	unsigned int ret;
		34
		35	if (in_nmi()) /* not supported yet */
		36	return 1;
		37
		38	preempt_disable();
		39
		40	if (unlikely(__this_cpu_inc_return(bpf_prog_active) != 1)) {
		41	/*
		42	* since some bpf program is already running on this cpu,
		43	* don't call into another bpf program (same or different)
		44	* and don't send kprobe event into ring-buffer,
		45	* so return zero here
		46	*/
		47	ret = 0;
		48	goto out;
		49	}
		50
		51	rcu_read_lock();
		52	ret = BPF_PROG_RUN(prog, ctx);
		53	rcu_read_unlock();
		54
		55	out:
		56	__this_cpu_dec(bpf_prog_active);
		57	preempt_enable();
		58
		59	return ret;
		60	}
		61	EXPORT_SYMBOL_GPL(trace_call_bpf);
		62
		63	static u64 bpf_probe_read(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5)
		64	{
		65	void dst = (void ) (long) r1;
		66	int size = (int) r2;
		67	void unsafe_ptr = (void ) (long) r3;
		68
		69	return probe_kernel_read(dst, unsafe_ptr, size);
		70	}
		71
		72	static const struct bpf_func_proto bpf_probe_read_proto = {
		73	.func = bpf_probe_read,
		74	.gpl_only = true,
		75	.ret_type = RET_INTEGER,
		76	.arg1_type = ARG_PTR_TO_STACK,
		77	.arg2_type = ARG_CONST_STACK_SIZE,
		78	.arg3_type = ARG_ANYTHING,
		79	};
		80
		81	static const struct bpf_func_proto *kprobe_prog_func_proto(enum bpf_func_id func_id)
		82	{
		83	switch (func_id) {
		84	case BPF_FUNC_map_lookup_elem:
		85	return &bpf_map_lookup_elem_proto;
		86	case BPF_FUNC_map_update_elem:
		87	return &bpf_map_update_elem_proto;
		88	case BPF_FUNC_map_delete_elem:
		89	return &bpf_map_delete_elem_proto;
		90	case BPF_FUNC_probe_read:
		91	return &bpf_probe_read_proto;
		92	default:
		93	return NULL;
		94	}
		95	}
		96
		97	/* bpf+kprobe programs can access fields of 'struct pt_regs' */
		98	static bool kprobe_prog_is_valid_access(int off, int size, enum bpf_access_type type)
		99	{
		100	/* check bounds */
		101	if (off < 0 \|\| off >= sizeof(struct pt_regs))
		102	return false;
		103
		104	/* only read is allowed */
		105	if (type != BPF_READ)
		106	return false;
		107
		108	/* disallow misaligned access */
		109	if (off % size != 0)
		110	return false;
		111
		112	return true;
		113	}
		114
		115	static struct bpf_verifier_ops kprobe_prog_ops = {
		116	.get_func_proto = kprobe_prog_func_proto,
		117	.is_valid_access = kprobe_prog_is_valid_access,
		118	};
		119
		120	static struct bpf_prog_type_list kprobe_tl = {
		121	.ops = &kprobe_prog_ops,
		122	.type = BPF_PROG_TYPE_KPROBE,
		123	};
		124
		125	static int __init register_kprobe_prog_ops(void)
		126	{
		127	bpf_register_prog_type(&kprobe_tl);
		128	return 0;
		129	}
		130	late_initcall(register_kprobe_prog_ops);


diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c index 8fa549f6f528..dc3462507d7c 100644 --- a/kernel/trace/trace_kprobe.c +++ b/kernel/trace/trace_kprobe.c
@@ -1134,11 +1134,15 @@ static void
1134	kprobe_perf_func(struct trace_kprobe tk, struct pt_regs regs)	1134	kprobe_perf_func(struct trace_kprobe tk, struct pt_regs regs)
1135	{	1135	{
1136	struct ftrace_event_call *call = &tk->tp.call;	1136	struct ftrace_event_call *call = &tk->tp.call;
		1137	struct bpf_prog *prog = call->prog;
1137	struct kprobe_trace_entry_head *entry;	1138	struct kprobe_trace_entry_head *entry;
1138	struct hlist_head *head;	1139	struct hlist_head *head;
1139	int size, __size, dsize;	1140	int size, __size, dsize;
1140	int rctx;	1141	int rctx;
1141		1142
		1143	if (prog && !trace_call_bpf(prog, regs))
		1144	return;
		1145
1142	head = this_cpu_ptr(call->perf_events);	1146	head = this_cpu_ptr(call->perf_events);
1143	if (hlist_empty(head))	1147	if (hlist_empty(head))
1144	return;	1148	return;
@@ -1165,11 +1169,15 @@ kretprobe_perf_func(struct trace_kprobe tk, struct kretprobe_instance ri,
1165	struct pt_regs *regs)	1169	struct pt_regs *regs)
1166	{	1170	{
1167	struct ftrace_event_call *call = &tk->tp.call;	1171	struct ftrace_event_call *call = &tk->tp.call;
		1172	struct bpf_prog *prog = call->prog;
1168	struct kretprobe_trace_entry_head *entry;	1173	struct kretprobe_trace_entry_head *entry;
1169	struct hlist_head *head;	1174	struct hlist_head *head;
1170	int size, __size, dsize;	1175	int size, __size, dsize;
1171	int rctx;	1176	int rctx;
1172		1177
		1178	if (prog && !trace_call_bpf(prog, regs))
		1179	return;
		1180
1173	head = this_cpu_ptr(call->perf_events);	1181	head = this_cpu_ptr(call->perf_events);
1174	if (hlist_empty(head))	1182	if (hlist_empty(head))
1175	return;	1183	return;