From 4d68a526b318d981a1f62c32ace01fc52c13eb6e Mon Sep 17 00:00:00 2001
From: Serhei Makarov <smakarov@redhat.com>
Date: Wed, 24 Oct 2018 12:46:55 -0400
Subject: [PATCH] stapbpf assembler WIP #7 :: fixed kernel_string() tapset and
 testcase

* tapset/bpf/conversions.stp (kernel_string_n): enable error path.
* tapset/logging.stp (abort): note future work.
* testsuite/systemtap.bpf/bpf_tests/context_vars3.stp: new testcase.
---
 tapset/bpf/conversions.stp                        | 14 ++++++++------
 tapset/logging.stp                                |  4 ++--
 .../systemtap.bpf/bpf_tests/context_vars3.stp     | 15 +++++++++++++++
 3 files changed, 25 insertions(+), 8 deletions(-)
 create mode 100644 testsuite/systemtap.bpf/bpf_tests/context_vars3.stp

diff --git a/tapset/bpf/conversions.stp b/tapset/bpf/conversions.stp
index d741ec584..1140a6875 100644
--- a/tapset/bpf/conversions.stp
+++ b/tapset/bpf/conversions.stp
@@ -44,8 +44,10 @@ function kernel_string:string (addr:long, err_msg:string)
   0xa5, rc, 0, _err, -; /* jlt $rc, 0, _err */
   0xbf, $$, $buf, -, -; /* mov $$, $buf */
   0x05, -, -, _done, -; /* ja _done; */
+
   label, _err;
   0xbf, $$, $err_msg, -, -; /* mov $$, $err_msg */
+
   label, _done;
 %}
 function kernel_string2:string (addr:long, err_msg:string) {
@@ -67,21 +69,21 @@ function kernel_string_n:string (addr:long, n:long)
   /* if (n > BPF_MAXSTRINGLEN) n = BPF_MAXSTRINGLEN; */
   0xb5, $n, -, _skip, BPF_MAXSTRINGLEN; /* jle n, BPF_MAXSTRINGLEN, _skip */
   0xb7, $n, -, -, BPF_MAXSTRINGLEN; /* mov $n, BPF_MAXSTRINGLEN */
-  label, _skip;
 
+  label, _skip;
   /* buf = bpf_stk_alloc(BPF_MAXSTRINGLEN);
      buf[0] = 0x0; // guarantee NUL byte
      rc = bpf_probe_read_str(buf, n, addr); */
   alloc, $buf, BPF_MAXSTRINGLEN;
   0x62, $buf, -, -, 0x0; /* stw [buf+0], 0 -- guarantee NUL byte */
-  call, $rc, probe_read_str, $buf, $n, $addr; /* TODO: should work with bpf_probe_read_str too */
+  call, $rc, probe_read_str, $buf, $n, $addr; /* TODO: should work if the helper is named bpf_probe_read_str() too */
 
-  /* TODO pending implementation of error */
   /* if (rc < 0) error("...", addr); */
-  /*0x35, $rc, 0, _done, -; /* jge rc, 0, _done */
-  /*error, "kernel string copy fault at 0x%p [man error::fault]", $addr; /* TODO document bpf version of error::fault */
-  /*label, _done;*/
+  0x35, $rc, 0, _done, -; /* jge rc, 0, _done */
+  call, -, printf, "ERROR: kernel string copy fault at 0x%p [man error::fault]", $addr; /* TODO document stapbpf version of error::fault */
+  call, -, exit;
 
+  label, _done;
   /* return buf; */
   0xbf, $$, $buf, -, -; /* mov $$, buf */
 %}
diff --git a/tapset/logging.stp b/tapset/logging.stp
index aff3b8c98..956de0b72 100644
--- a/tapset/logging.stp
+++ b/tapset/logging.stp
@@ -95,8 +95,8 @@ function abort ()
 %:
   { /* unprivileged */ /* bpf */
     _set_exit_status()
-    printf("ERROR: abort() not supported yet\n")
-    exit()  /* TODO: need to abort the execution flow immediately */
+    printf("ERROR: abort() not supported in eBPF backend\n")
+    exit()  /* TODO: need to abort the execution flow immediately -- could be handled with a special assembly operation */
   }
 %)
 %)
diff --git a/testsuite/systemtap.bpf/bpf_tests/context_vars3.stp b/testsuite/systemtap.bpf/bpf_tests/context_vars3.stp
new file mode 100644
index 000000000..97cd338d6
--- /dev/null
+++ b/testsuite/systemtap.bpf/bpf_tests/context_vars3.stp
@@ -0,0 +1,15 @@
+probe begin {
+	printf("BEGIN\n")
+}
+
+probe kernel.function("vfs_read") {
+	if ($file != 0 && $file->f_cred->usage->counter > 0 && $buf != 0) {
+		filename = kernel_string($file->f_path->dentry->d_name->name)
+		printf("found %s\n", filename)
+		exit()
+	}
+}
+
+probe end {
+	printf("END PASS\n")
+}
-- 
2.43.5