Re: [PATCH 5/7] samples/bpf/test_overhead_kprobe_kern: make it adopt to task comm size change
From: David Hildenbrand
Date: Thu Nov 11 2021 - 05:08:04 EST
On 08.11.21 09:38, Yafang Shao wrote:
> bpf_probe_read_kernel_str() will add a nul terminator to the dst, then
> we don't care about if the dst size is big enough. This patch also
> replaces the hard-coded 16 with TASK_COMM_LEN to make it adopt to task
> comm size change.
>
> Signed-off-by: Yafang Shao <laoar.shao@xxxxxxxxx>
> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
> Cc: Arnaldo Carvalho de Melo <arnaldo.melo@xxxxxxxxx>
> Cc: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
> Cc: Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx>
> Cc: Michal Miroslaw <mirq-linux@xxxxxxxxxxxx>
> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> Cc: Steven Rostedt <rostedt@xxxxxxxxxxx>
> Cc: Matthew Wilcox <willy@xxxxxxxxxxxxx>
> Cc: David Hildenbrand <david@xxxxxxxxxx>
> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Petr Mladek <pmladek@xxxxxxxx>
> ---
> samples/bpf/offwaketime_kern.c | 4 ++--
> samples/bpf/test_overhead_kprobe_kern.c | 11 ++++++-----
> samples/bpf/test_overhead_tp_kern.c | 5 +++--
> 3 files changed, 11 insertions(+), 9 deletions(-)
>
> diff --git a/samples/bpf/offwaketime_kern.c b/samples/bpf/offwaketime_kern.c
> index 4866afd054da..eb4d94742e6b 100644
> --- a/samples/bpf/offwaketime_kern.c
> +++ b/samples/bpf/offwaketime_kern.c
> @@ -113,11 +113,11 @@ static inline int update_counts(void *ctx, u32 pid, u64 delta)
> /* taken from /sys/kernel/debug/tracing/events/sched/sched_switch/format */
> struct sched_switch_args {
> unsigned long long pad;
> - char prev_comm[16];
> + char prev_comm[TASK_COMM_LEN];
> int prev_pid;
> int prev_prio;
> long long prev_state;
> - char next_comm[16];
> + char next_comm[TASK_COMM_LEN];
> int next_pid;
> int next_prio;
> };
> diff --git a/samples/bpf/test_overhead_kprobe_kern.c b/samples/bpf/test_overhead_kprobe_kern.c
> index f6d593e47037..8fdd2c9c56b2 100644
> --- a/samples/bpf/test_overhead_kprobe_kern.c
> +++ b/samples/bpf/test_overhead_kprobe_kern.c
> @@ -6,6 +6,7 @@
> */
> #include <linux/version.h>
> #include <linux/ptrace.h>
> +#include <linux/sched.h>
> #include <uapi/linux/bpf.h>
> #include <bpf/bpf_helpers.h>
> #include <bpf/bpf_tracing.h>
> @@ -22,17 +23,17 @@ int prog(struct pt_regs *ctx)
> {
> struct signal_struct *signal;
> struct task_struct *tsk;
> - char oldcomm[16] = {};
> - char newcomm[16] = {};
> + char oldcomm[TASK_COMM_LEN] = {};
> + char newcomm[TASK_COMM_LEN] = {};
> u16 oom_score_adj;
> u32 pid;
>
> tsk = (void *)PT_REGS_PARM1(ctx);
>
> pid = _(tsk->pid);
> - bpf_probe_read_kernel(oldcomm, sizeof(oldcomm), &tsk->comm);
> - bpf_probe_read_kernel(newcomm, sizeof(newcomm),
> - (void *)PT_REGS_PARM2(ctx));
> + bpf_probe_read_kernel_str(oldcomm, sizeof(oldcomm), &tsk->comm);
> + bpf_probe_read_kernel_str(newcomm, sizeof(newcomm),
> + (void *)PT_REGS_PARM2(ctx));
It's a shame we have to do a manual copy here ...
Changes LGTM
Reviewed-by: David Hildenbrand <david@xxxxxxxxxx>
--
Thanks,
David / dhildenb