[PATCH 2/5] tracing/probes: Support BTF field access from retval

From: Masami Hiramatsu (Google)
Date: Sat Jun 17 2023 - 05:47:36 EST

From: Masami Hiramatsu (Google) <mhiramat@xxxxxxxxxx>

Introduce 'retval' (Not '$retval') BTF argument for function return events
including kretprobe and fprobe for accessing the return value. This also
allows user to access its fields if the return value is a pointer of a
data structure.

E.g.
# echo 'f getname_flags%return +0(retval->name):string' \
> dynamic_events
# echo 1 > events/fprobes/getname_flags__exit/enable
# ls > /dev/null
# head -n 40 trace | tail
ls-87 [000] ...1. 8067.616101: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./function_profile_enabled"
ls-87 [000] ...1. 8067.616108: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./trace_stat"
ls-87 [000] ...1. 8067.616115: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./set_graph_notrace"
ls-87 [000] ...1. 8067.616122: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./set_graph_function"
ls-87 [000] ...1. 8067.616129: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./set_ftrace_notrace"
ls-87 [000] ...1. 8067.616135: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./set_ftrace_filter"
ls-87 [000] ...1. 8067.616143: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./touched_functions"
ls-87 [000] ...1. 8067.616237: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./enabled_functions"
ls-87 [000] ...1. 8067.616245: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./available_filter_functions"
ls-87 [000] ...1. 8067.616253: getname_flags__exit: (vfs_fstatat+0x3c/0x70 <- getname_flags) arg1="./set_ftrace_notrace_pid"


Signed-off-by: Masami Hiramatsu (Google) <mhiramat@xxxxxxxxxx>
---
kernel/trace/trace_probe.c | 54 +++++++++++++++++---------------------------
kernel/trace/trace_probe.h | 7 ++++++
2 files changed, 28 insertions(+), 33 deletions(-)

diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
index 1f05c819633f..0149d0abb5fd 100644
--- a/kernel/trace/trace_probe.c
+++ b/kernel/trace/trace_probe.c
@@ -585,6 +585,21 @@ static int parse_btf_arg(char *varname,
return -EOPNOTSUPP;
}

+ if (ctx->flags & TPARG_FL_RETURN) {
+ if (strcmp(varname, "retval") != 0) {
+ trace_probe_log_err(ctx->offset, NO_BTFARG);
+ return -ENOENT;
+ }
+ type = find_btf_func_proto(ctx->funcname);
+ if (type->type == 0) {
+ trace_probe_log_err(ctx->offset, NO_RETVAL);
+ return -ENOENT;
+ }
+ code->op = FETCH_OP_RETVAL;
+ tid = type->type;
+ goto found;
+ }
+
if (!ctx->params) {
params = find_btf_func_param(ctx->funcname, &ctx->nr_params,
ctx->flags & TPARG_FL_TPOINT);
@@ -605,7 +620,6 @@ static int parse_btf_arg(char *varname,
code->param = i + 1;
else
code->param = i;
-
tid = params[i].type;
goto found;
}
@@ -630,7 +644,7 @@ static int parse_btf_arg(char *varname,
return 0;
}

-static const struct fetch_type *parse_btf_arg_type(
+static const struct fetch_type *find_fetch_type_from_btf_type(
struct traceprobe_parse_context *ctx)
{
struct btf *btf = traceprobe_get_btf();
@@ -642,26 +656,6 @@ static const struct fetch_type *parse_btf_arg_type(
return find_fetch_type(typestr, ctx->flags);
}

-static const struct fetch_type *parse_btf_retval_type(
- struct traceprobe_parse_context *ctx)
-{
- struct btf *btf = traceprobe_get_btf();
- const char *typestr = NULL;
- const struct btf_type *type;
- s32 tid;
-
- if (btf && ctx->funcname) {
- type = find_btf_func_proto(ctx->funcname);
- if (!IS_ERR(type)) {
- type = btf_type_skip_modifiers(btf, type->type, &tid);
- if (type)
- typestr = fetch_type_from_btf_type(btf, type, ctx);
- }
- }
-
- return find_fetch_type(typestr, ctx->flags);
-}
-
static int parse_btf_bitfield(struct fetch_insn **pcode,
struct traceprobe_parse_context *ctx)
{
@@ -721,10 +715,7 @@ static int parse_btf_bitfield(struct fetch_insn **pcode,
return -EOPNOTSUPP;
}

-#define parse_btf_arg_type(ctx) \
- find_fetch_type(NULL, ctx->flags)
-
-#define parse_btf_retval_type(ctx) \
+#define find_fetch_type_from_btf_type(ctx) \
find_fetch_type(NULL, ctx->flags)

#define is_btf_retval_void(funcname) (false)
@@ -1010,7 +1001,7 @@ parse_probe_arg(char *arg, const struct fetch_type *type,
break;
default:
if (isalpha(arg[0]) || arg[0] == '_') { /* BTF variable */
- if (!tparg_is_function_entry(ctx->flags)) {
+ if (!tparg_is_btf_available(ctx->flags)) {
trace_probe_log_err(ctx->offset, NOSUP_BTFARG);
return -EINVAL;
}
@@ -1167,12 +1158,9 @@ static int traceprobe_parse_probe_arg_body(const char *argv, ssize_t *size,
goto fail;

/* Update storing type if BTF is available */
- if (IS_ENABLED(CONFIG_PROBE_EVENTS_BTF_ARGS) && !t) {
- if (ctx->last_type)
- parg->type = parse_btf_arg_type(ctx);
- else if (ctx->flags & TPARG_FL_RETURN)
- parg->type = parse_btf_retval_type(ctx);
- }
+ if (IS_ENABLED(CONFIG_PROBE_EVENTS_BTF_ARGS) &&
+ !t && ctx->last_type)
+ parg->type = find_fetch_type_from_btf_type(ctx);

ret = -EINVAL;
/* Store operation */
diff --git a/kernel/trace/trace_probe.h b/kernel/trace/trace_probe.h
index 050909aaaa1b..7aae50633819 100644
--- a/kernel/trace/trace_probe.h
+++ b/kernel/trace/trace_probe.h
@@ -381,6 +381,13 @@ static inline bool tparg_is_function_entry(unsigned int flags)
return (flags & TPARG_FL_LOC_MASK) == (TPARG_FL_KERNEL | TPARG_FL_FENTRY);
}

+/* BTF is available at the kernel function entry and exit */
+static inline bool tparg_is_btf_available(unsigned int flags)
+{
+ return (flags & TPARG_FL_KERNEL) &&
+ (flags & (TPARG_FL_FENTRY | TPARG_FL_RETURN));
+}
+
struct traceprobe_parse_context {
struct trace_event_call *event;
const struct btf_param *params;