Summary: | Support bpf syscall in amd64 Linux | ||
---|---|---|---|
Product: | [Developer tools] valgrind | Reporter: | spacewanderlzx <spacewanderlzx> |
Component: | memcheck | Assignee: | Julian Seward <jseward> |
Status: | RESOLVED FIXED | ||
Severity: | task | CC: | fche, qmo+kdebugzilla, spacewanderlzx, tom |
Priority: | NOR | ||
Version: | 3.14 SVN | ||
Target Milestone: | --- | ||
Platform: | unspecified | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Attachments: |
Tha patch for supporting bpf syscall in amd64 Linux
[PATCH valgrind 1/3] Linux: Get pre_check for ASCII string out of PRE(sys_prctl) [PATCH valgrind 2/3] Linux: amd64: Add support for bpf() syscall. [PATCH valgrind 3/3] Linux: Add file descriptors tracking in wrappers for bpf() system call. [PATCH valgrind v2 1/3] Linux: Get pre_check for ASCII string out of PRE(sys_prctl) [PATCH valgrind v2 2/3] Linux: amd64: Add support for bpf() syscall. [PATCH valgrind v2 3/3] Linux: Add file descriptors tracking in wrappers for bpf() system call. |
Description
spacewanderlzx@gmail.com
2018-01-10 15:44:03 UTC
Created attachment 112113 [details]
[PATCH valgrind 1/3] Linux: Get pre_check for ASCII string out of PRE(sys_prctl)
Hi,
I am interested as well in getting support for the bpf() sytem call in Valgrind, and would like to help getting this bug resolved.
I also have a series that implements support for the syscall. I do not want to steal the spotlight from spacewanderlzx, it simply happens that I started to develop it before that bug was created, got distracted, then finished it and only realised that this bug existed after my patches were ready. Since my version seems more complete to me, I thought I would post it anyway. I hope this is not a problem, please tell me if that was inappropriate.
So this series is a set of three patches for supporting bpf() syscall on amd64 (as was the original patch). As far as I know, the syscall is not platform-specific and it should be trivial to later extend it to other architectures.
First patch is a minor refactoring of a snippet used to process and run pre-checks for ASCII strings to read from the parameters of a system call. It is extracted from PRE(sys_prctl) and moved to a static function, as it is reused in a later patch with PRE(sys_bpf) wrapper.
The second patch is the main one, and adds the PRE() and POST() wrappers for the bpf() system call. Since bpf() uses a set of subcommands, and process its arguments in different ways depending on the selected subcommand, the wrappers reflect this and add relevant pre- and post-checks for read and write operations for each of the available subcommands.
To make review easier, validation and tracking for file descriptors are only added in a third patch. It could be squashed with the previous patch, depending on maintainers' preferences.
For me as well, this is the first attempt at adding support for a system call to Valgrind, hence there is a number of implementation details I am unsure of. Please see in particular the notes I appended to the commit log of the second patch.
The patches compile and run. I tried to run valgrind on a program using bpf() syscalls, and everything goes fine. Tracking the file descriptors works too. However, I do not use valgrind so often and I do not know how to test the wrappers in-depth. For example, how could I validate that I used the correct sizes for pre- and post- read/write checks in the wrappers? On my simple tests, Valgrind would show no output difference when I would change the sizes or even remove some pre- or post-checks from the wrappers.
Created attachment 112114 [details]
[PATCH valgrind 2/3] Linux: amd64: Add support for bpf() syscall.
Created attachment 112115 [details]
[PATCH valgrind 3/3] Linux: Add file descriptors tracking in wrappers for bpf() system call.
Created attachment 114213 [details]
[PATCH valgrind v2 1/3] Linux: Get pre_check for ASCII string out of PRE(sys_prctl)
Hi,
There has been additional work on the kernel side regarding the BPF subsystem in general and the bpf() system call in particular.
I am attaching an updated version of the patches (v2), which includes BPF definitions taken from kernel 4.18 (and relevant processing of system call arguments in the PRE and POST hooks). The patches have also been rebased on valgrind's current master branch.
Created attachment 114214 [details]
[PATCH valgrind v2 2/3] Linux: amd64: Add support for bpf() syscall.
Created attachment 114215 [details]
[PATCH valgrind v2 3/3] Linux: Add file descriptors tracking in wrappers for bpf() system call.
Quentin's patches have now been committed, along with an extra patch to improve the argument checking. Awesome, thank you Tom! I'm reading your patch carefully, it is nice to see what I missed. I will follow up these patches if the bpf() syscall changes again. *** Bug 400878 has been marked as a duplicate of this bug. *** |