On Wed, Sep 16, 2020 at 1:24 PM Jiri Olsa <jolsa@xxxxxxxxxx> wrote: > > Some kernels builds might inline vfs_getattr call within fstat > syscall code path, so fentry/vfs_getattr trampoline is not called. > > Alexei suggested [1] we should use security_inode_getattr instead, > because it's less likely to get inlined. > > Adding security_inode_getattr to the d_path allowed list and > switching the stat trampoline to security_inode_getattr. > > Adding flags that indicate trampolines were called and failing > the test if any of them got missed, so it's easier to identify > the issue next time. > > [1] https://lore.kernel.org/bpf/CAADnVQJ0FchoPqNWm+dEppyij-MOvvEG_trEfyrHdabtcEuZGg@xxxxxxxxxxxxxx/ > Fixes: e4d1af4b16f8 ("selftests/bpf: Add test for d_path helper") > Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx> Acked-by: KP Singh <kpsingh@xxxxxxxxxx> > --- > kernel/trace/bpf_trace.c | 1 + > tools/testing/selftests/bpf/prog_tests/d_path.c | 6 ++++++ > tools/testing/selftests/bpf/progs/test_d_path.c | 9 ++++++++- > 3 files changed, 15 insertions(+), 1 deletion(-) > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index b2a5380eb187..1001c053ebb3 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -1122,6 +1122,7 @@ BTF_ID(func, vfs_truncate) > BTF_ID(func, vfs_fallocate) > BTF_ID(func, dentry_open) > BTF_ID(func, vfs_getattr) > +BTF_ID(func, security_inode_getattr) > BTF_ID(func, filp_close) > BTF_SET_END(btf_allowlist_d_path) > > diff --git a/tools/testing/selftests/bpf/prog_tests/d_path.c b/tools/testing/selftests/bpf/prog_tests/d_path.c > index fc12e0d445ff..f507f1a6fa3a 100644 > --- a/tools/testing/selftests/bpf/prog_tests/d_path.c > +++ b/tools/testing/selftests/bpf/prog_tests/d_path.c > @@ -120,6 +120,12 @@ void test_d_path(void) > if (err < 0) > goto cleanup; > > + if (CHECK(!bss->called_stat || !bss->called_close, > + "check", > + "failed to call trampolines called_stat %d, bss->called_close %d\n", > + bss->called_stat, bss->called_close)) optional: maybe it's better to add two separate checks with specific error messages? "stat", "trampoline for security_inode_getattr was not called\n" "close", "trampoline for filp_close was not called\n" I think this would make the output more readable. - KP > + goto cleanup; > + > for (int i = 0; i < MAX_FILES; i++) { > CHECK(strncmp(src.paths[i], bss->paths_stat[i], MAX_PATH_LEN), > "check", [...] > if (pid != my_pid) > return 0; > > -- > 2.26.2 >
