On Fri, Sep 09, 2022 at 12:12:44PM +0200, Jiri Olsa wrote:
> Changing return value of kprobe's version of bpf_get_func_ip
> to return zero if the attach address is not on the function's
> entry point.
>
> For kprobes attached in the middle of the function we can't easily
> get to the function address especially now with the CONFIG_X86_KERNEL_IBT
> support.
>
> If user cares about current IP for kprobes attached within the
> function body, they can get it with PT_REGS_IP(ctx).
>
> Suggested-by: Andrii Nakryiko <andrii@xxxxxxxxxx>
> Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx>
> ---
> kernel/trace/bpf_trace.c | 11 ++++++++++-
> tools/testing/selftests/bpf/progs/get_func_ip_test.c | 4 ++--
> 2 files changed, 12 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index bcada91b0b3b..027abc38faab 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -1029,8 +1029,17 @@ static const struct bpf_func_proto bpf_get_func_ip_proto_tracing = {
> BPF_CALL_1(bpf_get_func_ip_kprobe, struct pt_regs *, regs)
> {
> struct kprobe *kp = kprobe_running();
> + uintptr_t addr;
>
> - return kp ? (uintptr_t)kp->addr : 0;
> + if (!kp || !(kp->flags & KPROBE_FLAG_ON_FUNC_ENTRY))
> + return 0;
> +
> + addr = (uintptr_t)kp->addr;
> +#ifdef CONFIG_X86_KERNEL_IBT
> + if (is_endbr(*((u32 *) addr - 1)))
> + addr -= ENDBR_INSN_SIZE;
> +#endif
This has the same problem; -1 might not be a valid address. But since
this it not he multi stuff, I think you can more easily store state if
this correction is needed or not.
