On Fri, Jan 10, 2020 at 01:16:34PM -0800, Andrii Nakryiko wrote:
> Streamline BPF_TRACE_x macro by moving out return type and section attribute
> definition out of macro itself. That makes those function look in source code
> similar to other BPF programs. Additionally, simplify its usage by determining
> number of arguments automatically (so just single BPF_TRACE vs a family of
> BPF_TRACE_1, BPF_TRACE_2, etc). Also, allow more natural function argument
> syntax without commas inbetween argument type and name.
>
> Given this helper is useful not only for tracing tp_btf/fenty/fexit programs,
> but could be used for LSM programs and others following the same pattern,
> rename BPF_TRACE macro into more generic BPF_PROG. Existing BPF_TRACE_x
> usages in selftests are converted to new BPF_PROG macro.
>
> Following the same pattern, define BPF_KPROBE and BPF_KRETPROBE macros for
> nicer usage of kprobe/kretprobe arguments, respectively. BPF_KRETPROBE, adopts
> same convention used by fexit programs, that last defined argument is probed
> function's return result.
...
> SEC("kretprobe/__set_task_comm")
> -int prog2(struct pt_regs *ctx)
> +int BPF_KRETPROBE(prog2,
> + struct task_struct *tsk, const char *buf, bool exec,
> + int ret)
> {
> - return 0;
> + return PT_REGS_PARM1(ctx) == 0 && ret != 0;
> }
>
> SEC("raw_tp/task_rename")
> int prog3(struct bpf_raw_tracepoint_args *ctx)
> {
> - return 0;
> + return ctx->args[0] == 0;;
I've corrected this typo
and converted != 0 and == 0 to more traditional checks for null.
And applied.
