On Thu, Sep 22, 2022 at 2:04 PM Jiri Olsa <jolsa@xxxxxxxxxx> wrote:
>
> Changing return value of kprobe's version of bpf_get_func_ip
> to return zero if the attach address is not on the function's
> entry point.
>
> For kprobes attached in the middle of the function we can't easily
> get to the function address especially now with the CONFIG_X86_KERNEL_IBT
> support.
>
> If user cares about current IP for kprobes attached within the
> function body, they can get it with PT_REGS_IP(ctx).
>
> Suggested-by: Andrii Nakryiko <andrii@xxxxxxxxxx>
> Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx>
> ---
> kernel/trace/bpf_trace.c | 5 ++++-
> tools/testing/selftests/bpf/progs/get_func_ip_test.c | 4 ++--
> 2 files changed, 6 insertions(+), 3 deletions(-)
>
Can you please add a note in bpf_get_func_ip() description in
uapi/linux/bpf.h that this function returns zero for kprobes in the
middle of the function?
With that:
Acked-by: Andrii Nakryiko <andrii@xxxxxxxxxx>
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index ebd1b348beb3..688552df95ca 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -1048,7 +1048,10 @@ BPF_CALL_1(bpf_get_func_ip_kprobe, struct pt_regs *, regs)
> {
> struct kprobe *kp = kprobe_running();
>
> - return kp ? (uintptr_t)kp->addr : 0;
> + if (!kp || !(kp->flags & KPROBE_FLAG_ON_FUNC_ENTRY))
> + return 0;
> +
> + return get_entry_ip((uintptr_t)kp->addr);
> }
[...]
