samples/bpf: Fix tracex5 to work with MIPS syscalls.

There are two problems: 1) In MIPS the __NR_* macros expand to an expression, this causes the sections of the object file to be named like: . . . [ 5] kprobe/(5000 + 1) PROGBITS 0000000000000000 000160 ... [ 6] kprobe/(5000 + 0) PROGBITS 0000000000000000 000258 ... [ 7] kprobe/(5000 + 9) PROGBITS 0000000000000000 000348 ... . . . The fix here is to use the "asm_offsets" trick to evaluate the macros in the C compiler and generate a header file with a usable form of the macros. 2) MIPS syscall numbers start at 5000, so we need a bigger map to hold the sub-programs. Signed-off-by: David Daney <david.daney@cavium.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-13 16:49:38 -07:00 · 2017-06-13 16:49:38 -07:00 · 4b7190e841
--- a/samples/bpf/Makefile
+++ b/samples/bpf/Makefile
@ -160,6 +160,17 @@ clean:
 	$(MAKE) -C ../../ M=$(CURDIR) clean
 	@rm -f *~

+$(obj)/syscall_nrs.s:	$(src)/syscall_nrs.c
+	$(call if_changed_dep,cc_s_c)
+
+$(obj)/syscall_nrs.h:	$(obj)/syscall_nrs.s FORCE
+	$(call filechk,offsets,__SYSCALL_NRS_H__)
+
+clean-files += syscall_nrs.h
+
+FORCE:
+
+
 # Verify LLVM compiler tools are available and bpf target is supported by llc
 .PHONY: verify_cmds verify_target_bpf $(CLANG) $(LLC)

@ -180,6 +191,8 @@ verify_target_bpf: verify_cmds

 $(src)/*.c: verify_target_bpf

+$(obj)/tracex5_kern.o: $(obj)/syscall_nrs.h
+
 # asm/sysreg.h - inline assembly used by it is incompatible with llvm.
 # But, there is no easy way to fix it, so just exclude it since it is
 # useless for BPF samples.
--- a/samples/bpf/syscall_nrs.c
+++ b/samples/bpf/syscall_nrs.c
@ -0,0 +1,12 @@
+#include <uapi/linux/unistd.h>
+#include <linux/kbuild.h>
+
+#define SYSNR(_NR) DEFINE(SYS ## _NR, _NR)
+
+void syscall_defines(void)
+{
+	COMMENT("Linux system call numbers.");
+	SYSNR(__NR_write);
+	SYSNR(__NR_read);
+	SYSNR(__NR_mmap);
+}
--- a/samples/bpf/tracex5_kern.c
+++ b/samples/bpf/tracex5_kern.c
@ -9,6 +9,7 @@
 #include <uapi/linux/bpf.h>
 #include <uapi/linux/seccomp.h>
 #include <uapi/linux/unistd.h>
+#include "syscall_nrs.h"
 #include "bpf_helpers.h"

 #define PROG(F) SEC("kprobe/"__stringify(F)) int bpf_func_##F
@ -17,7 +18,11 @@ struct bpf_map_def SEC("maps") progs = {
 	.type = BPF_MAP_TYPE_PROG_ARRAY,
 	.key_size = sizeof(u32),
 	.value_size = sizeof(u32),
+#ifdef __mips__
+	.max_entries = 6000, /* MIPS n64 syscalls start at 5000 */
+#else
 	.max_entries = 1024,
+#endif
 };

 SEC("kprobe/__seccomp_filter")
@ -37,7 +42,7 @@ int bpf_prog1(struct pt_regs *ctx)
 }

 /* we jump here when syscall number == __NR_write */
-PROG(__NR_write)(struct pt_regs *ctx)
+PROG(SYS__NR_write)(struct pt_regs *ctx)
 {
 	struct seccomp_data sd;

@ -50,7 +55,7 @@ PROG(__NR_write)(struct pt_regs *ctx)
 	return 0;
 }

-PROG(__NR_read)(struct pt_regs *ctx)
+PROG(SYS__NR_read)(struct pt_regs *ctx)
 {
 	struct seccomp_data sd;

@ -63,7 +68,7 @@ PROG(__NR_read)(struct pt_regs *ctx)
 	return 0;
 }

-PROG(__NR_mmap)(struct pt_regs *ctx)
+PROG(SYS__NR_mmap)(struct pt_regs *ctx)
 {
 	char fmt[] = "mmap\n";
 	bpf_trace_printk(fmt, sizeof(fmt));