The existing tracing programs have been developed for a considerable period of time and, as a result, do not properly incorporate the features of the current libbpf, such as CO-RE. This is evident in frequent usage of functions like PT_REGS* and the persistence of "hack" methods using underscore-style bpf_probe_read_kernel from the past. These programs are far behind the current level of libbpf and can potentially confuse users. The kernel has undergone significant changes, and some of these changes have broken these programs, but on the other hand, more robust APIs have been developed for increased stableness. To list some of the kernel changes that this patch set is focusing on, - symbol mismatch occurs due to compiler optimization [1] - inline of blk_account_io* breaks BPF kprobe program [2] - new tracepoints for the block_io_start/done are introduced [3] - map lookup probes can't be triggered (bpf_disable_instrumentation)[4] - BPF_KSYSCALL has been introduced to simplify argument fetching [5] - convert to vmlinux.h and use tp argument structure within it - make tracing programs to be more CO-RE centric In this regard, this patch set aims not only to integrate the latest features of libbpf into BPF programs but also to reduce confusion and clarify the BPF programs. This will help with the potential confusion among users and make the programs more intutitive. [1]: https://github.com/iovisor/bcc/issues/1754 [2]: https://github.com/iovisor/bcc/issues/4261 [3]: commit 5a80bd075f3b ("block: introduce block_io_start/block_io_done tracepoints") [4]: commit 7c4cd051add3 ("bpf: Fix syscall's stackmap lookup potential deadlock") [5]: commit 6f5d467d55f0 ("libbpf: improve BPF_KPROBE_SYSCALL macro and rename it to BPF_KSYSCALL") Daniel T. Lee (9): samples/bpf: fix warning with ignored-attributes samples/bpf: convert to vmlinux.h with tracing programs samples/bpf: unify bpf program suffix to .bpf with tracing programs samples/bpf: fix symbol mismatch by compiler optimization samples/bpf: make tracing programs to be more CO-RE centric samples/bpf: fix bio latency check with tracepoint samples/bpf: fix broken map lookup probe samples/bpf: refactor syscall tracing programs using BPF_KSYSCALL macro samples/bpf: simplify spintest with kprobe.multi samples/bpf/Makefile | 20 +++++----- samples/bpf/net_shared.h | 2 + .../{offwaketime_kern.c => offwaketime.bpf.c} | 39 +++++------------- samples/bpf/offwaketime_user.c | 2 +- .../bpf/{spintest_kern.c => spintest.bpf.c} | 27 +++++-------- samples/bpf/spintest_user.c | 24 ++++------- samples/bpf/test_map_in_map.bpf.c | 10 ++--- samples/bpf/test_overhead_kprobe.bpf.c | 20 ++++------ samples/bpf/test_overhead_tp.bpf.c | 29 +------------- samples/bpf/{tracex1_kern.c => tracex1.bpf.c} | 25 +++++------- samples/bpf/tracex1_user.c | 2 +- samples/bpf/{tracex3_kern.c => tracex3.bpf.c} | 40 ++++++++++++------- samples/bpf/tracex3_user.c | 2 +- samples/bpf/{tracex4_kern.c => tracex4.bpf.c} | 3 +- samples/bpf/tracex4_user.c | 2 +- samples/bpf/{tracex5_kern.c => tracex5.bpf.c} | 12 +++--- samples/bpf/tracex5_user.c | 2 +- samples/bpf/{tracex6_kern.c => tracex6.bpf.c} | 20 ++++++++-- samples/bpf/tracex6_user.c | 2 +- samples/bpf/{tracex7_kern.c => tracex7.bpf.c} | 3 +- samples/bpf/tracex7_user.c | 2 +- 21 files changed, 117 insertions(+), 171 deletions(-) rename samples/bpf/{offwaketime_kern.c => offwaketime.bpf.c} (76%) rename samples/bpf/{spintest_kern.c => spintest.bpf.c} (67%) rename samples/bpf/{tracex1_kern.c => tracex1.bpf.c} (60%) rename samples/bpf/{tracex3_kern.c => tracex3.bpf.c} (70%) rename samples/bpf/{tracex4_kern.c => tracex4.bpf.c} (95%) rename samples/bpf/{tracex5_kern.c => tracex5.bpf.c} (90%) rename samples/bpf/{tracex6_kern.c => tracex6.bpf.c} (71%) rename samples/bpf/{tracex7_kern.c => tracex7.bpf.c} (82%) -- 2.34.1
