Serhei Makarov [Fri, 9 Nov 2018 21:24:09 +0000 (16:24 -0500)]
PR23860: reduce stack pressure from format strings
Reduce stack pressure created by the earlier commits by allocating
format strings in a predictable location in the top half of the stack
[-BPF_MAXSTRINGLEN*2..0) as long as they fit in there. This works
since only one format string is active at a time and no ordinary
strings are being allocated in that region of the stack now.
* bpf-opt.cxx (alloc_literal_str): Store format_str in top half.
Serhei Makarov [Fri, 9 Nov 2018 19:36:19 +0000 (14:36 -0500)]
PR23860: additional ugly stack/clobber protection for strings
In addition to prior commit, emit_string_copy() does not work for
overlapping source/destination. So, make sure strings are not
allocated in a way which overlaps map key/value arguments.
This increases space pressure, inducing a couple of bpf-asm.exp
testcase failures.
* bpf-internal.h (value::format_str): New flag.
(value::value): Take format_str flag.
(value::mk_str): Take format_str flag.
(program::format_map): New field, caches format_str separately.
(program::new_str): Take format_str flag.
* bpf-base.cxx (program::new_str): Cache format_str separately.
* bpf-opt.cxx (alloc_literal_str): Store non-format str in lower half.
* bpf-translate.cxx (emit_string_copy): Comment -- doesn't support overlap.
(emit_string_copy): DEBUG_CODEGEN -- identify if zero-padding was done.
(emit_print_format): Set format_str flag.
Serhei Makarov [Thu, 8 Nov 2018 21:40:40 +0000 (16:40 -0500)]
PR23860: additional stack protection for strings
Fixes for verifier rejection of some cases requiring string copy,
since the verifier would reject string copy code extending beyond the
end of the string even if it was not reachable.
* bpf-opt.cxx (alloc_literal_str): make sure the offset for a short
string is at least BPF_MAXSTRINGLEN.
(zero_stack): New function.
(program::generate): Use zero_stack() to zero temporary area and
prevent verifier complaints.
* testsuite/systemtap.bpf/asm_tests/pr23860.stp: New testcase.
Serhei Makarov [Wed, 7 Nov 2018 18:07:51 +0000 (13:07 -0500)]
pr23860 verifier workaround :: be sure to delete all mov rN,rN
An apparent bug in the eBPF verifier fails to preserve register state
when MOVing a register to itself, marking rN as 'unknown scalar'.
Previously bpf-opt.cxx failed to remove spurious MOVs if they were the
final instruction in a basic block. This would fail verification if
the register holds a pointer.
Jafeer Uddin [Wed, 7 Nov 2018 14:41:45 +0000 (09:41 -0500)]
PR23761: generalized @entry
With the changes to the syscall tapset for kernel 4.17+, it is now
possible for non-[uk]retprobes to trap return events. This means that
the @entry mechanism to access entry probe target variables in return
probes is not guaranteed to work. To get around this issue, a collection
of 8 global variables have been added to the tapset which can be used
to save variables in the entry probe and retrieve them later in return
probes. The global variables can be accessed using the @this1, .., @this8
macros.
standardize ktime_get_ns() across lkm, bpf runtimes
Make sure ktime_get_ns() is available across runtimes. In the case of
bpf, add a userspace helper to implement the function. Add test case.
Add a systemtap.bpf/nobpf.exp test driver, which runs all the
bpf_tests but specifically without "--bpf", in the hope that all those
scripts should run on the normal backend too. PR23866 blocks some of
that at the moment.
Stan Cox [Tue, 6 Nov 2018 17:09:58 +0000 (12:09 -0500)]
Always use nssInit for http and nss server.
* nsscommon.h (db_init_types): Add db_init_types
* nsscommon.cxx (add_client_cert): Use it to differentiate type of
db init. Change all callers.
* client-http.cxx (fill_in_server_info): Use http server default
port if none specified.
Frank Ch. Eigler [Fri, 26 Oct 2018 15:24:05 +0000 (11:24 -0400)]
prometheus-exporter samples: change reported metric name
When prometheus scrapes metrics, by default it'll simply preserve
the incoming names. This doesn't work well when many different
stap scripts use the same metric name ("count"), or if the name
happens to be a reserved keyword in the promql language ("count").
Victor Kamensky [Wed, 31 Oct 2018 06:15:15 +0000 (23:15 -0700)]
aarch64: add missing system call defines
A set of system call defines like __NR_alarm, __NR_ioperm,
__NR_modify_ldt, __NR_time, __NR_utime is missing in aarch64
kernel as of 4.18 kernel version.
Add corresponding definitions so system call related probes
would compile. Tested with nd_syscalls-all-probes.stp.
Signed-off-by: Victor Kamensky <kamensky@cisco.com>
Jafeer Uddin [Tue, 30 Oct 2018 20:07:05 +0000 (16:07 -0400)]
Fix miscellaneous errors/typos in syscall tapset
* tapset/linux/sysc_pkey_*.stp: properly cast target variables in dw_syscall probe
* runtime/linux/compat_unistd.h: fix typos and errors in __NR_* definitions
* testsuite/systemtap.syscall/pkey.c: remove empty first line in file
Victor Kamensky [Tue, 30 Oct 2018 19:58:24 +0000 (15:58 -0400)]
On aarch64 Linux system calls related SystemTap scripts
compilation fail with "__NR_compat_[exit|read|write] redefined"
errors after following two commits:
7abf0aee9 PR23160,PR14690: remove references to ia32 and x86 to make sysc_* files as arch-independent as possible cd84aedca PR23160,PR14690: adapt 13 more syscalls for 4.17 __ARCH_sys_FOO and sys_enter/exit
aarch64 kernel defines __NR_compat_[exit|read|write] after a1ae65b21941 arm64: add seccomp support
aarch64 kernel define __NR_compat_restart_syscall after f3e5c847ec3d arm64: Add __NR_* definitions for compat syscalls
Fix by adding proper conditional compilation based on current
architecture and kernel version.
William Cohen [Tue, 30 Oct 2018 18:20:46 +0000 (14:20 -0400)]
Adjust the BPF translate error report formatting to work on 32-bit architectures
The 32-bit architectures such as arm and i686 had arguments in the
error reporting that did not match up with the %lu or %ld formatting.
Used type casting and %llu and %lld to avoid variation between 32-bit
and 64-bit architectures.
Serhei Makarov [Wed, 24 Oct 2018 20:04:30 +0000 (16:04 -0400)]
Merge branch 'serhei/bpf_asm' -- kernel_string() tapset and experimental bpf assembler
Note the big comment in bpf-translate.cxx explaining the new assembler.
Major changes:
- Embedded-code assembler
- TODO Embedded-code tapset function call support is incomplete, only enabled for exit()
- TODO Token adjustment for assembler diagnostics needs work.
- Refactor bpf_unparser
- Improved metadata about helpers
- String handling changes
- Misc cleanup/notes
Tapset for kernel_string:
* tapset/bpf/conversions.stp: New file.
(kernel_string): New function.
(kernel_string): New function (err_msg version), in assembly.
(kernel_string_n): New function, in assembly.
* testsuite/systemtap.bpf/bpf_tests/context_vars3.stp: New testcase.
Embedded-code assembler:
* bpf-translate.cxx (bpf_unparser::parse_imm): New function.
(bpf_unparser::parse_asm_stmt): New function.
(bpf_unparser::emit_asm_arg): New function.
(bpf_unparser::parse_reg): Removed.
(bpf_unparser::emit_asm_reg): New function.
(bpf_unparser::get_asm_reg): New function.
(bpf_unparser::emit_asm_opcode): New function.
(bpf_unparser::visit_embeddedcode): Process new assembly format.
(BPF_ASM_DEBUG): New (disabled) macro for diagnostics.
(struct asm_stmt): New structure.
(operator <<): New function -- print logic for asm_stmt.
(is_numeric): New function.
* testsuite/systemtap.bpf/asm_tests/*: New testcases for embedded-code assembler.
* testsuite/systemtap.bpf/bpf-asm.exp: TODO Initial test driver for embedded-code assembler.
TODO Embedded-code tapset function call support is incomplete, only enabled for exit():
* bpf-translate.cxx (translate_bpf_pass): Pass systemtap_session to assembler globals.
* bpf-internal.h (globals::session): New field to pass systemtap_session to assembler.
TODO Token adjustment for assembler diagnostics needs work:
* parse.h (token::adjust_location): New function.
Refactor bpf_unparser:
* bpf-translate.cxx (bpf_unparser::emit_functioncall): New function.
(bpf_unparser::visit_functioncall): Use emit_functioncall.
(print_format_add_tag): New function on std::string.
(bpf_unparser::emit_print_format): New function.
(bpf_unparser::visit_print_format): Use print_format_add_tag, emit_print_format.
Improved metadata about helpers:
* bpf-base.cxx (bpf_func_name_map): New structure -- id->name map.
(bpf_func_id_map): New structure -- name->id map.
(init_bpf_helper_tables): New function -- populate name->id and id->name map.
(bpf_function_name): Change to use the maps.
(bpf_function_id): New function -- map from name to helper id.
(bpf_function_nargs): TODO Still need to expand the list of helpers.
* bpf-translate.cxx (translate_bpf_pass): Call init_bpf_helper_tables to populate info.
* bpf-internal.h (init_bpf_helper_table): New function.
(bpf_function_id): New function.
(__STAPBPF_FUNC_MAPPER): New macro -- like __BPF_FUNC_MAPPER for userspace-only helpers.
String handling changes:
* bpf-translate.cxx (bpf_unparser::emit_literal_str): New function.
(bpf_unparser::visit_literal_str): Use emit_literal_str.
(emit_simple_literal_str): Renamed from emit_literal_str.
(bpf_unparser::emit_string_copy): Renamed from emit_copied_str;
rename emit_literal_str to emit_simple_literal_str.
(bpf_unparser::emit_str_arg): Rename emit_copied_str to emit_string_copy.
(translate_escapes): Takes a const string now.
* bpf-opt.cxx (alloc_literal_str): Rename emit_literal_str to emit_simple_literal_str.
* bpf-internal.h (emit_simple_literal_str): Renamed from emit_literal_str.
Misc cleanup/notes:
* bpf-internal.h (BPF_MAXSTRINGLEN): TODO Someday this will be increased.
(program::use_tmp_space): Assert to catch miscalulations.
* tapset/logging.stp (abort): TODO Could abort immediately with assembly in future.
Serhei Makarov [Tue, 23 Oct 2018 17:35:08 +0000 (13:35 -0400)]
stapbpf assembler WIP #6 :: other call functions ({s}printf and tapset)
Only very limited support for tapset functions (restricted to exit()
for now) due to the difficulty of resolving symbols after the semantic
pass is already completed. Could address this in the future.
* bpf_internal.h (program::use_tmp_space): check for overflow.
(globals::session): new field for systemtap_session (used by function lookup).
* bpf_translate.cxx (asm_stmt::has_jmp_target): new field.
(operator <<): printing rules for alloc, call.
(bpf_unparser::parse_asm_stmt): remove printf/error, BUGFIX alloc, call, string literal.
Also calculate has_jmp_target in the resulting stmt.
(bpf_unparser::visit_embeddedcode): handle printf, sprintf and exit().
Also fix the way fallthrough fields are populated to avoid spurious extra jump.
(bpf_unparser::emit_functioncall): new function. Factors out non-staptree code.
(bpf_unparser::visit_functioncall): use new emit_functioncall().
(print_format_add_tag): new function on std::string. Factors out string operations.
(bpf_unparser::emit_print_format): new function. Factors out non-staptree code.
(bpf_unparser::visit_print_format): use new emit_print_format().
(translate_bpf_pass): store session in globals.
Jafeer Uddin [Tue, 23 Oct 2018 19:19:29 +0000 (15:19 -0400)]
PR21080: support added for new pkey_* syscalls
* sysc_pkey_*.stp: new syscall probes
* aux_syscalls.stp: add new function to convert init_val to PKEY_DISABLE_[ACCESS|WRITE]
* compat_unistd.h: add new syscall numbers
* pkey.c: tests for new syscall
Stan Cox [Tue, 23 Oct 2018 02:29:32 +0000 (22:29 -0400)]
Use NSS_InitContext instead of NSS_Init.
* nsscommon.cxx (nssInitContext): New function which allows
multiple nss invocations. Change all callers except where
write access is required.
(nssCleanup): Add context parameter. Change all callers.
* client-http.cxx (download): Add cleanup parameter to choose
curl_easy_cleanup. Change all callers.
(download_pem_cert): If CURLINFO_CERTINFO fails then retrieve cert from server.
(find_and_connect_to_server): If the database cert fails then try again
with retrieved server cert.
(fill_in_server_info): Likewise.
* testsuite/systemtap.http_server/server_trust.exp: New test.
For demos like also_ran.stp, the incoming strings are usually already
quoted. Re-quoting them for prometheus labeling is counterproductive,
so we now offer an option to bypass that string_quoted() wrapping.
also_ran.stp updated.
William Cohen [Fri, 19 Oct 2018 18:59:27 +0000 (14:59 -0400)]
Use cast to make c->cycles_sum aways match the %lld format.
On aarch64 and ppc64le cycles_t is a slightly different type from the
x86_64 and does not match up with the %lld format. Cast c->cyles_sum
to always be (long long) to avoid the compile failing on aarch64 and
ppc64le with the following message:
**** failed systemtap kernel-devel smoke test:
/tmp/stapzubPmR/stap_e418199b88a6f8adf13a14e064ae79da_1403_src.c: In function '_stp_hrtimer_notify_function':
/tmp/stapzubPmR/stap_e418199b88a6f8adf13a14e064ae79da_1403_src.c:477:45: error: format '%lld' expects argument of type 'long long int', but argument 2 has type 'cycles_t' {aka 'long unsigned int'} [-Werror=format=]
_stp_error ("probe overhead (%lld cycles) exceeded threshold (%lld cycles) in last %lld cycles", c->cycles_sum, STP_OVERLOAD_THRESHOLD, STP_OVERLOAD_INTERVAL);
~~~^ ~~~~~~~~~~~~~
%ld
cc1: all warnings being treated as errors
Hou Tao [Mon, 10 Sep 2018 11:46:27 +0000 (19:46 +0800)]
Fix searching of kernel_source_tree for kernel built with O option
When generating kernel module for a systemtap script that uses trace-point
probe, if the vanilla kernel is built by using O=build_path option and
r=build_path option is passed to stap, stap will not be able to find
kernel_source_tree and will fail on pass-2.
Linux kernel will create a symlink named source to the source tree
for out-of-source build since (399b835be30e "kbuild: add a symlink
to the source for separate objdirs"), so fix the problem by checking
whether or not the symlink exists and using it as the kernel_source_tree.
Also using a new helper dir_exists() instead of file_exists() to
ensure the existence of the directory of source tree.
William Cohen [Fri, 12 Oct 2018 19:02:03 +0000 (15:02 -0400)]
Add fallback __NR_fork define
The aarch64 architecture doesn't have a fork syscall, so the code
needs to have a fallback __NR_fork define for the code to be
successfully compiled on aarch64.
Frank Ch. Eigler [Fri, 12 Oct 2018 18:33:04 +0000 (14:33 -0400)]
RHBZ1638874 workaround: let $SYSTEMTAP_SIGN override missing secureboot hint
On some Fedora kernels, EFI SecureBoot involves activating a lockdown
mode that prevents unsigned .ko's from loading. It doesn't appear to
give any userlevel sign that this is happening, so stap couldn't
activate its secureboot / stap-server machinery.
Until the kernel does inform us properly, we let users set an
environment variable to force UEFI MOK module signing.
William Cohen [Thu, 11 Oct 2018 18:05:46 +0000 (14:05 -0400)]
Adjust eatkmydata.stp to work with the newer Linux kernels and tapsets
The revised tapsets generally do not use the dwarf-based kprobes and
kretprobes for syscalls on newer 4.17 Linux kernels. As a result
target variables are not available and guru mode will not work with
them. The eatmydata.stp example has been modified to instrument the
common do_fsync function that both syscall.fsync and syscall.fdatasync
call. The target variable and guru mode will work on this function.
William Cohen [Thu, 11 Oct 2018 17:41:20 +0000 (13:41 -0400)]
Adjust iotime.stp to work with newer Linux kernels and sysetmtap tapset
Newer systems may use the openat syscall instead of the open syscall,
so need to monitor openat syscall. The probe points used by systemtap
for the syscalls do not have the target variable available via
@entry(), so need to code up iotime.stp to explicitly store values
available on syscall entry in associative arrays to have them
available for the syscall return probes.
William Cohen [Wed, 10 Oct 2018 18:08:19 +0000 (14:08 -0400)]
Avoid using target variable and @entry() in syscall.*.return for futex examples
The update to the syscall tapsets causes SystemTap to use non-dwarf
based probe points for syscalls on linux-4.17 and newer. The
non-dwarf based syscall instrumentation does not have the target
variables available, so the @entry() operation is not going to work.
The futex examples are revised to store the needed data into
associative arrays at syscall entry and accessed that data in the
syscall return.
rhbz1629623: adapt to CONFIG_HAVE_ARCH_PREL32_RELOCATIONS tracepoint enumeration
Kernel commit 46e0c9be206fa7b (4.19-rc1) makes the mod->tracepoints_ptrs[]
contain pointer-relative-offsets instead of normal pointers.
We must follow suit to avoid a crash.
William Cohen [Thu, 27 Sep 2018 14:48:14 +0000 (10:48 -0400)]
Change the tapset file name to get matching tapset::syscall_any manpage
The automated generation of man pages uses the file name to generate
the manpage names. Adjusted the name to get a matching tapset man
page for syscall_any{.return} probe points.
William Cohen [Fri, 21 Sep 2018 02:50:16 +0000 (22:50 -0400)]
Convert the various systemtap examples to use the syscall any tapset
To make the examples cleaner use the new syscall any tapset. This avoids
exposing the systemtap internal function _stp_syscall_nr() and makes the
instrumentation look a bit more like the traditional syscall.* probe points.
William Cohen [Fri, 21 Sep 2018 00:33:17 +0000 (20:33 -0400)]
Add the syscall_any and syscall_any.return probe points
The syscall.*{.return} and np_syscall.*.{.return} end up expanding to
large amount of code that takes a signficant amount of time to
compile. The resulting kernel module also takes a fair amount of time
to install and remove the instrumentation when it starts and shuts
down. For instrumentation don't really care about the details of the
syscall arguments it would be preferable to use the sys_enter and sys_exit
tracepoints to more efficiently probe the one or two places.
Using tp_syscall.*{.return} end up generating a lot of code to
determine which of the hundreds of syscall is being used and then runs
the same handler. The syscall_any and syscall_any.return eliminate
that undesired overhead by just looking up the syscall name in a
table.