review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Daniel T. Lee <danieltimlee@gmail.com>
	Sat, 16 May 2020 04:06:05 +0000 (13:06 +0900)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Tue, 19 May 2020 15:12:53 +0000 (17:12 +0200)
commit	63841bc0833623ecd4f758ec055b543cf1bc56ba
tree	c1a534f8aaa1f3ce52712e752fdfd425d77a1eb7	tree \| snapshot
parent	0efdcefb00d768442efef21560ea4c44d481fa5c	commit \| diff

samples, bpf: Refactor kprobe tracing user progs with libbpf

Currently, the kprobe BPF program attachment method for bpf_load is
quite old. The implementation of bpf_load "directly" controls and
manages(create, delete) the kprobe events of DEBUGFS. On the other hand,
using using the libbpf automatically manages the kprobe event.
(under bpf_link interface)

By calling bpf_program__attach(_kprobe) in libbpf, the corresponding
kprobe is created and the BPF program will be attached to this kprobe.
To remove this, by simply invoking bpf_link__destroy will clean up the
event.

This commit refactors kprobe tracing programs (tracex{1~7}_user.c) with
libbpf using bpf_link interface and bpf_program__attach.

tracex2_kern.c, which tracks system calls (sys_*), has been modified to
append prefix depending on architecture.

Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/20200516040608.1377876-3-danieltimlee@gmail.com

samples/bpf/Makefile		diff \| blob \| history
samples/bpf/trace_common.h	[new file with mode: 0644]	blob
samples/bpf/tracex1_user.c		diff \| blob \| history
samples/bpf/tracex2_kern.c		diff \| blob \| history
samples/bpf/tracex2_user.c		diff \| blob \| history
samples/bpf/tracex3_user.c		diff \| blob \| history
samples/bpf/tracex4_user.c		diff \| blob \| history
samples/bpf/tracex6_user.c		diff \| blob \| history
samples/bpf/tracex7_user.c		diff \| blob \| history