fprobe, samples: Add use_trace option and show hit/missed counter

Add use_trace option to use trace_printk() instead of pr_info()
so that the handler doesn't involve the RCU operations.
And show the hit and missed counter so that the user can check
how many times the probe handler hit and missed.

Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/bpf/165461826247.280167.11939123218334322352.stgit@devnote2
This commit is contained in:
Masami Hiramatsu (Google) 2022-06-08 01:11:02 +09:00 committed by Daniel Borkmann
parent 63ce81d1c4
commit c88dbbcd88
1 changed files with 25 additions and 4 deletions

View File

@ -21,6 +21,7 @@
#define BACKTRACE_DEPTH 16 #define BACKTRACE_DEPTH 16
#define MAX_SYMBOL_LEN 4096 #define MAX_SYMBOL_LEN 4096
struct fprobe sample_probe; struct fprobe sample_probe;
static unsigned long nhit;
static char symbol[MAX_SYMBOL_LEN] = "kernel_clone"; static char symbol[MAX_SYMBOL_LEN] = "kernel_clone";
module_param_string(symbol, symbol, sizeof(symbol), 0644); module_param_string(symbol, symbol, sizeof(symbol), 0644);
@ -28,6 +29,8 @@ static char nosymbol[MAX_SYMBOL_LEN] = "";
module_param_string(nosymbol, nosymbol, sizeof(nosymbol), 0644); module_param_string(nosymbol, nosymbol, sizeof(nosymbol), 0644);
static bool stackdump = true; static bool stackdump = true;
module_param(stackdump, bool, 0644); module_param(stackdump, bool, 0644);
static bool use_trace = false;
module_param(use_trace, bool, 0644);
static void show_backtrace(void) static void show_backtrace(void)
{ {
@ -40,7 +43,15 @@ static void show_backtrace(void)
static void sample_entry_handler(struct fprobe *fp, unsigned long ip, struct pt_regs *regs) static void sample_entry_handler(struct fprobe *fp, unsigned long ip, struct pt_regs *regs)
{ {
if (use_trace)
/*
* This is just an example, no kernel code should call
* trace_printk() except when actively debugging.
*/
trace_printk("Enter <%pS> ip = 0x%p\n", (void *)ip, (void *)ip);
else
pr_info("Enter <%pS> ip = 0x%p\n", (void *)ip, (void *)ip); pr_info("Enter <%pS> ip = 0x%p\n", (void *)ip, (void *)ip);
nhit++;
if (stackdump) if (stackdump)
show_backtrace(); show_backtrace();
} }
@ -49,8 +60,17 @@ static void sample_exit_handler(struct fprobe *fp, unsigned long ip, struct pt_r
{ {
unsigned long rip = instruction_pointer(regs); unsigned long rip = instruction_pointer(regs);
if (use_trace)
/*
* This is just an example, no kernel code should call
* trace_printk() except when actively debugging.
*/
trace_printk("Return from <%pS> ip = 0x%p to rip = 0x%p (%pS)\n",
(void *)ip, (void *)ip, (void *)rip, (void *)rip);
else
pr_info("Return from <%pS> ip = 0x%p to rip = 0x%p (%pS)\n", pr_info("Return from <%pS> ip = 0x%p to rip = 0x%p (%pS)\n",
(void *)ip, (void *)ip, (void *)rip, (void *)rip); (void *)ip, (void *)ip, (void *)rip, (void *)rip);
nhit++;
if (stackdump) if (stackdump)
show_backtrace(); show_backtrace();
} }
@ -112,7 +132,8 @@ static void __exit fprobe_exit(void)
{ {
unregister_fprobe(&sample_probe); unregister_fprobe(&sample_probe);
pr_info("fprobe at %s unregistered\n", symbol); pr_info("fprobe at %s unregistered. %ld times hit, %ld times missed\n",
symbol, nhit, sample_probe.nmissed);
} }
module_init(fprobe_init) module_init(fprobe_init)