diff options
| author | Paul Chaignon <paul.chaignon@gmail.com> | 2023-09-06 15:36:33 +0200 |
|---|---|---|
| committer | Aleksandr Nogikh <nogikh@google.com> | 2023-09-13 07:31:19 +0000 |
| commit | dc09fcecccc26b37679492360a81e9601e7643cb (patch) | |
| tree | 428b3fc001133a2019fb941e1018be89ab9563eb /sys | |
| parent | 1589dac7cc47bd39a9102b93f335207e1973a968 (diff) | |
sys/linux: cover multi-kprobes in BPF_LINK_CREATE
Commit [1] upstream added support for multi-kprobes to BPF link, to
allow attaching many kprobes BPF programs at once. In doing so, the
BPF_LINK_CREATE command was extended with attachment information for
kprobes.
This commit covers this in syzkaller's description. We have two cases to
cover: kprobes are either attached by symbols (resolved by the kernel)
or directly by kernel addresses.
1 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0dcac272540613d41
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/linux/bpf.txt | 23 | ||||
| -rw-r--r-- | sys/linux/bpf.txt.const | 1 |
2 files changed, 24 insertions, 0 deletions
diff --git a/sys/linux/bpf.txt b/sys/linux/bpf.txt index 90a8e8c6c..a56d745af 100644 --- a/sys/linux/bpf.txt +++ b/sys/linux/bpf.txt @@ -198,10 +198,32 @@ link_create_perf_event { bpf_cookie int64 } +link_create_kprobe_multi_addrs { + flags flags[bpf_link_create_kprobe_multi_flags, int32] + cnt len[addrs, int32] + syms const[0, int64] + addrs ptr64[in, array[int64]] + cookies int64 +} + +link_create_kprobe_multi_symbols { + flags flags[bpf_link_create_kprobe_multi_flags, int32] + cnt len[syms, int32] + syms ptr64[in, array[ptr[in, string]]] + addrs const[0, int64] + cookies int64 +} + +link_create_kprobe_multi [ + addrs link_create_kprobe_multi_addrs + syms link_create_kprobe_multi_symbols +] + link_create_arg_extra [ target_btf_id bpf_btf_id iter link_create_iter perf_event link_create_perf_event + kprobe_multi link_create_kprobe_multi ] type bpf_link_create_arg_t[PROG_FD, TARGET_FD, ATTACH_TYPE, FLAGS] { @@ -1002,3 +1024,4 @@ bpf_stat_types = BPF_STATS_RUN_TIME bpf_core_relo_kind = BPF_CORE_FIELD_BYTE_OFFSET, BPF_CORE_FIELD_BYTE_SIZE, BPF_CORE_FIELD_EXISTS, BPF_CORE_FIELD_SIGNED, BPF_CORE_FIELD_LSHIFT_U64, BPF_CORE_FIELD_RSHIFT_U64, BPF_CORE_TYPE_ID_LOCAL, BPF_CORE_TYPE_ID_TARGET, BPF_CORE_TYPE_EXISTS, BPF_CORE_TYPE_SIZE, BPF_CORE_ENUMVAL_EXISTS, BPF_CORE_ENUMVAL_VALUE, BPF_CORE_TYPE_MATCHES bpf_obj_get_flags = BPF_F_PATH_FD, BPF_F_RDONLY, BPF_F_WRONLY bpf_cgroup_iter_order = BPF_CGROUP_ITER_SELF_ONLY, BPF_CGROUP_ITER_DESCENDANTS_PRE, BPF_CGROUP_ITER_DESCENDANTS_POST, BPF_CGROUP_ITER_ANCESTORS_UP +bpf_link_create_kprobe_multi_flags = BPF_F_KPROBE_MULTI_RETURN diff --git a/sys/linux/bpf.txt.const b/sys/linux/bpf.txt.const index ced4f2134..18e669d7a 100644 --- a/sys/linux/bpf.txt.const +++ b/sys/linux/bpf.txt.const @@ -69,6 +69,7 @@ BPF_F_BEFORE = 8 BPF_F_CLONE = 512 BPF_F_ID = 32 BPF_F_INNER_MAP = 4096 +BPF_F_KPROBE_MULTI_RETURN = 1 BPF_F_LINK = 8192 BPF_F_LOCK = 4 BPF_F_MMAPABLE = 1024 |