review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Daniel T. Lee <danieltimlee@gmail.com>
	Sat, 24 Dec 2022 07:15:22 +0000 (16:15 +0900)
committer	Andrii Nakryiko <andrii@kernel.org>
	Thu, 29 Dec 2022 22:22:34 +0000 (14:22 -0800)
commit	1d0c5f6f3d1387ec9c3a379fb232c078f5838d55
tree	3e4c4447088e9a1124e6e5ebe447479d1f094d2e	tree \| snapshot
parent	30465003ad776a922c32b2dac58db14f120f037e	commit \| diff

samples/bpf: Use kyscall instead of kprobe in syscall tracing program

Syscall tracing using kprobe is quite unstable. Since it uses the exact
name of the kernel function, the program might broke due to the rename
of a function. The problem can also be caused by a changes in the
arguments of the function to which the kprobe connects.

In this commit, ksyscall is used instead of kprobe. By using ksyscall,
libbpf will detect the appropriate kernel function name.
(e.g. sys_write -> __s390_sys_write). This eliminates the need to worry
about which wrapper function to attach in order to parse arguments.

In addition, ksyscall provides more fine method with attaching system
call, the coarse SYSCALL helper at trace_common.h can be removed.

Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20221224071527.2292-2-danieltimlee@gmail.com

samples/bpf/map_perf_test_kern.c		diff \| blob \| history
samples/bpf/test_current_task_under_cgroup_kern.c		diff \| blob \| history
samples/bpf/test_map_in_map_kern.c		diff \| blob \| history
samples/bpf/test_probe_write_user_kern.c		diff \| blob \| history
samples/bpf/trace_common.h	[deleted file]	blob \| history
samples/bpf/trace_output_kern.c		diff \| blob \| history
samples/bpf/tracex2_kern.c		diff \| blob \| history