From nobody Sat Oct 4 14:36:14 2025 Received: from m16.mail.163.com (m16.mail.163.com [220.197.31.2]) by smtp.subspace.kernel.org (Postfix) with ESMTP id ED256291C2D; Fri, 15 Aug 2025 02:53:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=220.197.31.2 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755226399; cv=none; b=iTZCLdL/usb/TOohAi1x1GVqZmr1lfVG84n9Qx/H+vIxcbD+ILR+/plGsYPzWSqgiuzic7qIAUd9vUom5lIZbf7PvcJlTxWEe4az3fd2oAmw4l9PXr9U8xqdAIvZwjnFZ6hNDKQ7xeWnc+j4FT1/vAdb+zhR6T1EL0s4lkK7g3Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755226399; c=relaxed/simple; bh=Bbcu1m0flpjmK26MgmyjM+c786Kfvt2oVaIP44MAlQM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=m+rLwG0Adzo25SHFLrpmX8PddJOiqRf9ZFbFlqGOwSQ5UOBsPQMKN/n6+Be7G7L108m35I8udJU//uCUfxFoEcSzKWbBULZDWq09TodVSHjOlrytOJjELrdxg/KNtSncNY07jpib/ztAPAh8CFM7Kzy2tFEUtfihO8WJX1HQ/rE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=163.com; spf=pass smtp.mailfrom=163.com; dkim=pass (1024-bit key) header.d=163.com header.i=@163.com header.b=Qw2d0Nr7; arc=none smtp.client-ip=220.197.31.2 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=163.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=163.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=163.com header.i=@163.com header.b="Qw2d0Nr7" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=From:To:Subject:Date:Message-Id:MIME-Version; bh=2d 9W8qmudwvDnN1OXDiZN8AeTof1uFS9/qSDeSl+dRw=; b=Qw2d0Nr7WCDoozx48b +1oiLkHUf/NxCxXZTr8oJA9BSJTQb3Bl4dbs2RbxHdLJFY8kJOi3QrBhebGvG1nn MWOTG2uVG0HetE2LRhCVQPNhIKjAt5Dmx5KY54PyNgJUNGB+vkX9YEJW+JIynAr/ fmyCGocGUxAiLhtii0HMC5bsk= Received: from 163.com (unknown []) by gzga-smtp-mtada-g0-0 (Coremail) with SMTP id _____wBnIl_toJ5oqDUKCA--.29342S3; Fri, 15 Aug 2025 10:52:50 +0800 (CST) From: chenyuan_fl@163.com To: yonghong.song@linux.dev, olsajiri@gmail.com Cc: aef2617b-ce03-4830-96a7-39df0c93aaad@kernel.org, andrii@kernel.org, ast@kernel.org, bpf@vger.kernel.org, chenyuan@kylinos.cn, daniel@iogearbox.net, linux-kernel@vger.kernel.org, qmo@kernel.org Subject: [PATCH v6 1/2] bpftool: Refactor kernel config reading into common helper Date: Fri, 15 Aug 2025 03:52:26 +0100 Message-Id: <20250815025227.6204-2-chenyuan_fl@163.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250815025227.6204-1-chenyuan_fl@163.com> References: <74709a08-4536-4c5a-8140-12d8b42e97c0@linux.dev> <20250815025227.6204-1-chenyuan_fl@163.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-CM-TRANSID: _____wBnIl_toJ5oqDUKCA--.29342S3 X-Coremail-Antispam: 1Uf129KBjvJXoW3Jw1xCF43GF48JF1UJr15CFg_yoW3Jr43pF Z5Ga45Jry8XF1fuw4xtFs5CrWrGwn7J3yUKrZrW3yrZrnFyryqva18KFnaqFy3ZrWvgr17 ZrZY9Fyq9w4UXr7anT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x07jxAwxUUUUU= X-CM-SenderInfo: xfkh05pxdqswro6rljoofrz/xtbBSQSlvWiX9VwW2wACsM Content-Type: text/plain; charset="utf-8" From: Yuan Chen Extract the kernel configuration file parsing logic from feature.c into a new read_kernel_config() function in common.c. This includes: 1. Moving the config file handling and option parsing code 2. Adding required headers and struct definition 3. Keeping all existing functionality The refactoring enables sharing this logic with other components while maintaining current behavior. This will be used by subsequent patches that need to check kernel config options. Signed-off-by: Yuan Chen --- tools/bpf/bpftool/common.c | 93 +++++++++++++++++++++++++++++++++++++ tools/bpf/bpftool/feature.c | 86 ++-------------------------------- tools/bpf/bpftool/main.h | 9 ++++ 3 files changed, 106 insertions(+), 82 deletions(-) diff --git a/tools/bpf/bpftool/common.c b/tools/bpf/bpftool/common.c index b07317d2842f..e8daf963ecef 100644 --- a/tools/bpf/bpftool/common.c +++ b/tools/bpf/bpftool/common.c @@ -21,6 +21,7 @@ #include #include #include +#include =20 #include #include @@ -31,6 +32,7 @@ #include #include /* libbpf_num_possible_cpus */ #include +#include =20 #include "main.h" =20 @@ -1208,3 +1210,94 @@ int pathname_concat(char *buf, int buf_sz, const cha= r *path, =20 return 0; } + +static bool read_next_kernel_config_option(gzFile file, char *buf, size_t = n, + char **value) +{ + char *sep; + + while (gzgets(file, buf, n)) { + if (strncmp(buf, "CONFIG_", 7)) + continue; + + sep =3D strchr(buf, '=3D'); + if (!sep) + continue; + + /* Trim ending '\n' */ + buf[strlen(buf) - 1] =3D '\0'; + + /* Split on '=3D' and ensure that a value is present. */ + *sep =3D '\0'; + if (!sep[1]) + continue; + + *value =3D sep + 1; + return true; + } + + return false; +} + +int read_kernel_config(const struct kernel_config_option *requested_option= s, + size_t num_options, char **out_values, + const char *define_prefix) +{ + struct utsname utsn; + char path[PATH_MAX]; + gzFile file =3D NULL; + char buf[4096]; + char *value; + size_t i; + int ret =3D 0; + + if (!requested_options || !out_values || num_options =3D=3D 0) + return -1; + + if (!uname(&utsn)) { + snprintf(path, sizeof(path), "/boot/config-%s", utsn.release); + + /* gzopen also accepts uncompressed files. */ + file =3D gzopen(path, "r"); + } + + if (!file) { + /* Some distributions build with CONFIG_IKCONFIG=3Dy and put the + * config file at /proc/config.gz. + */ + file =3D gzopen("/proc/config.gz", "r"); + } + + if (!file) { + p_info("skipping kernel config, can't open file: %s", + strerror(errno)); + return -1; + } + + if (!gzgets(file, buf, sizeof(buf)) || !gzgets(file, buf, sizeof(buf))) { + p_info("skipping kernel config, can't read from file: %s", + strerror(errno)); + ret =3D -1; + goto end_parse; + } + + if (strcmp(buf, "# Automatically generated file; DO NOT EDIT.\n")) { + p_info("skipping kernel config, can't find correct file"); + ret =3D -1; + goto end_parse; + } + + while (read_next_kernel_config_option(file, buf, sizeof(buf), &value)) { + for (i =3D 0; i < num_options; i++) { + if ((define_prefix && !requested_options[i].macro_dump) || + out_values[i] || strcmp(buf, requested_options[i].name)) + continue; + + out_values[i] =3D strdup(value); + } + } + +end_parse: + gzclose(file); + return ret; +} diff --git a/tools/bpf/bpftool/feature.c b/tools/bpf/bpftool/feature.c index 24fecdf8e430..0f6070a0c8e7 100644 --- a/tools/bpf/bpftool/feature.c +++ b/tools/bpf/bpftool/feature.c @@ -10,7 +10,6 @@ #ifdef USE_LIBCAP #include #endif -#include #include =20 #include @@ -18,7 +17,6 @@ =20 #include #include -#include =20 #include "main.h" =20 @@ -327,40 +325,9 @@ static void probe_jit_limit(void) } } =20 -static bool read_next_kernel_config_option(gzFile file, char *buf, size_t = n, - char **value) -{ - char *sep; - - while (gzgets(file, buf, n)) { - if (strncmp(buf, "CONFIG_", 7)) - continue; - - sep =3D strchr(buf, '=3D'); - if (!sep) - continue; - - /* Trim ending '\n' */ - buf[strlen(buf) - 1] =3D '\0'; - - /* Split on '=3D' and ensure that a value is present. */ - *sep =3D '\0'; - if (!sep[1]) - continue; - - *value =3D sep + 1; - return true; - } - - return false; -} - static void probe_kernel_image_config(const char *define_prefix) { - static const struct { - const char * const name; - bool macro_dump; - } options[] =3D { + struct kernel_config_option options[] =3D { /* Enable BPF */ { "CONFIG_BPF", }, /* Enable bpf() syscall */ @@ -435,52 +402,11 @@ static void probe_kernel_image_config(const char *def= ine_prefix) { "CONFIG_HZ", true, } }; char *values[ARRAY_SIZE(options)] =3D { }; - struct utsname utsn; - char path[PATH_MAX]; - gzFile file =3D NULL; - char buf[4096]; - char *value; size_t i; =20 - if (!uname(&utsn)) { - snprintf(path, sizeof(path), "/boot/config-%s", utsn.release); - - /* gzopen also accepts uncompressed files. */ - file =3D gzopen(path, "r"); - } - - if (!file) { - /* Some distributions build with CONFIG_IKCONFIG=3Dy and put the - * config file at /proc/config.gz. - */ - file =3D gzopen("/proc/config.gz", "r"); - } - if (!file) { - p_info("skipping kernel config, can't open file: %s", - strerror(errno)); - goto end_parse; - } - /* Sanity checks */ - if (!gzgets(file, buf, sizeof(buf)) || - !gzgets(file, buf, sizeof(buf))) { - p_info("skipping kernel config, can't read from file: %s", - strerror(errno)); - goto end_parse; - } - if (strcmp(buf, "# Automatically generated file; DO NOT EDIT.\n")) { - p_info("skipping kernel config, can't find correct file"); - goto end_parse; - } - - while (read_next_kernel_config_option(file, buf, sizeof(buf), &value)) { - for (i =3D 0; i < ARRAY_SIZE(options); i++) { - if ((define_prefix && !options[i].macro_dump) || - values[i] || strcmp(buf, options[i].name)) - continue; - - values[i] =3D strdup(value); - } - } + if (read_kernel_config(options, ARRAY_SIZE(options), values, + define_prefix)) + return; =20 for (i =3D 0; i < ARRAY_SIZE(options); i++) { if (define_prefix && !options[i].macro_dump) @@ -488,10 +414,6 @@ static void probe_kernel_image_config(const char *defi= ne_prefix) print_kernel_option(options[i].name, values[i], define_prefix); free(values[i]); } - -end_parse: - if (file) - gzclose(file); } =20 static bool probe_bpf_syscall(const char *define_prefix) diff --git a/tools/bpf/bpftool/main.h b/tools/bpf/bpftool/main.h index a2bb0714b3d6..374cac2a8c66 100644 --- a/tools/bpf/bpftool/main.h +++ b/tools/bpf/bpftool/main.h @@ -275,4 +275,13 @@ int pathname_concat(char *buf, int buf_sz, const char = *path, /* print netfilter bpf_link info */ void netfilter_dump_plain(const struct bpf_link_info *info); void netfilter_dump_json(const struct bpf_link_info *info, json_writer_t *= wtr); + +struct kernel_config_option { + const char *name; + bool macro_dump; +}; + +int read_kernel_config(const struct kernel_config_option *requested_option= s, + size_t num_options, char **out_values, + const char *define_prefix); #endif --=20 2.39.5 From nobody Sat Oct 4 14:36:14 2025 Received: from m16.mail.163.com (m16.mail.163.com [220.197.31.5]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CED7D29CB4A; Fri, 15 Aug 2025 02:53:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=220.197.31.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755226401; cv=none; b=QwV1ETnl2XouoWq/jt3Rj4s0Kx4tluP0GcdsljtH1lxU2BBz74iiSIstsrnI0UfnjupA+q5gTYFgvKryNCQW6NeXsFLti137pEfqcS7RCfzWFLG+3wxPPeiE2irTsJc0Ht2AZBahGE+/filbrSLze8bbf3meZ43imjqBx4TsWn4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755226401; c=relaxed/simple; bh=f9NJzUrhCOM9KilhriBKA/T6jjoYILPLXQjI1+nqMZw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ZFkLzHeLFciGj7gnL8MP302V0VzeKHtxbB2HrR9qS4zx6swWHvpGgSAd7vN6C3qsQeX3LzOAsR9KWp3KihPByveycRGQ4QICd6v4MLM1i2Z9PUOxj+k0/VwtlGuT33WJr2+m7Qk8rd9OeSeFk/7bOc2nRBc7o2q+emmGeOxkiUM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=163.com; spf=pass smtp.mailfrom=163.com; dkim=pass (1024-bit key) header.d=163.com header.i=@163.com header.b=fE2MBgIb; arc=none smtp.client-ip=220.197.31.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=163.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=163.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=163.com header.i=@163.com header.b="fE2MBgIb" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=From:To:Subject:Date:Message-Id:MIME-Version; bh=ir oJxSNUvK7lBdPM6Ibdm0a9Y1ycJgleUpcpGhBKzPk=; b=fE2MBgIb7U6L7YSBLH YMZg62SX3fAzFr1TEUsVMweqenNuDbIUZldSL6haZQMbH90PGxF8brA72dNRJAB1 5LD1OB0idLLxQ7orpd4vDyrGIrOCZm4eVaVhVM3UC8gxR2SjoUf3XeRqVgU6HIdh 7RLHsHyzrNnXiq5THgSktpu0c= Received: from 163.com (unknown []) by gzga-smtp-mtada-g0-0 (Coremail) with SMTP id _____wBnIl_toJ5oqDUKCA--.29342S4; Fri, 15 Aug 2025 10:52:52 +0800 (CST) From: chenyuan_fl@163.com To: yonghong.song@linux.dev, olsajiri@gmail.com Cc: aef2617b-ce03-4830-96a7-39df0c93aaad@kernel.org, andrii@kernel.org, ast@kernel.org, bpf@vger.kernel.org, chenyuan@kylinos.cn, daniel@iogearbox.net, linux-kernel@vger.kernel.org, qmo@kernel.org Subject: [PATCH v6 2/2] bpftool: Add CET-aware symbol matching for x86_64 architectures Date: Fri, 15 Aug 2025 03:52:27 +0100 Message-Id: <20250815025227.6204-3-chenyuan_fl@163.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250815025227.6204-1-chenyuan_fl@163.com> References: <74709a08-4536-4c5a-8140-12d8b42e97c0@linux.dev> <20250815025227.6204-1-chenyuan_fl@163.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-CM-TRANSID: _____wBnIl_toJ5oqDUKCA--.29342S4 X-Coremail-Antispam: 1Uf129KBjvJXoWxGr1DtF47WFWUKr1xKr15Jwb_yoW5urWrpr Z8Jws0yFW8XrWfWwsxAayUAF1akFs7Zw4UAF9rG3yI9w15Zr1DZr4xKF10vF1avr1kJw47 AFna9FZ0kFWayrUanT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x07jIWlkUUUUU= X-CM-SenderInfo: xfkh05pxdqswro6rljoofrz/xtbBSQSlvWiX9VwW2wADsN Content-Type: text/plain; charset="utf-8" From: Yuan Chen Adjust symbol matching logic to account for Control-flow Enforcement Technology (CET) on x86_64 systems. CET prefixes functions with a 4-byte 'endbr' instruction, shifting the actual hook entry point to symbol + 4. Signed-off-by: Yuan Chen --- tools/bpf/bpftool/link.c | 50 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/tools/bpf/bpftool/link.c b/tools/bpf/bpftool/link.c index a773e05d5ade..6787971d3167 100644 --- a/tools/bpf/bpftool/link.c +++ b/tools/bpf/bpftool/link.c @@ -282,11 +282,52 @@ get_addr_cookie_array(__u64 *addrs, __u64 *cookies, _= _u32 count) return data; } =20 +static bool is_x86_ibt_enabled(void) +{ +#if defined(__x86_64__) + struct kernel_config_option options[] =3D { + { "CONFIG_X86_KERNEL_IBT", }, + }; + char *values[ARRAY_SIZE(options)] =3D { }; + bool ret; + + if (read_kernel_config(options, ARRAY_SIZE(options), values, NULL)) + return false; + + ret =3D !!values[0]; + free(values[0]); + return ret; +#else + return false; +#endif +} + +static bool +symbol_matches_target(__u64 sym_addr, __u64 target_addr, bool is_ibt_enabl= ed) +{ + if (sym_addr =3D=3D target_addr) + return true; + + /* + * On x86_64 architectures with CET (Control-flow Enforcement Technology), + * function entry points have a 4-byte 'endbr' instruction prefix. + * This causes kprobe hooks to target the address *after* 'endbr' + * (symbol address + 4), preserving the CET instruction. + * Here we check if the symbol address matches the hook target address + * minus 4, indicating a CET-enabled function entry point. + */ + if (is_ibt_enabled && sym_addr =3D=3D target_addr - 4) + return true; + + return false; +} + static void show_kprobe_multi_json(struct bpf_link_info *info, json_writer_t *wtr) { struct addr_cookie *data; __u32 i, j =3D 0; + bool is_ibt_enabled; =20 jsonw_bool_field(json_wtr, "retprobe", info->kprobe_multi.flags & BPF_F_KPROBE_MULTI_RETURN); @@ -306,8 +347,10 @@ show_kprobe_multi_json(struct bpf_link_info *info, jso= n_writer_t *wtr) if (!dd.sym_count) goto error; =20 + is_ibt_enabled =3D is_x86_ibt_enabled(); for (i =3D 0; i < dd.sym_count; i++) { - if (dd.sym_mapping[i].address !=3D data[j].addr) + if (!symbol_matches_target(dd.sym_mapping[i].address, + data[j].addr, is_ibt_enabled)) continue; jsonw_start_object(json_wtr); jsonw_uint_field(json_wtr, "addr", dd.sym_mapping[i].address); @@ -719,6 +762,7 @@ static void show_kprobe_multi_plain(struct bpf_link_inf= o *info) { struct addr_cookie *data; __u32 i, j =3D 0; + bool is_ibt_enabled; =20 if (!info->kprobe_multi.count) return; @@ -742,9 +786,11 @@ static void show_kprobe_multi_plain(struct bpf_link_in= fo *info) if (!dd.sym_count) goto error; =20 + is_ibt_enabled =3D is_x86_ibt_enabled(); printf("\n\t%-16s %-16s %s", "addr", "cookie", "func [module]"); for (i =3D 0; i < dd.sym_count; i++) { - if (dd.sym_mapping[i].address !=3D data[j].addr) + if (!symbol_matches_target(dd.sym_mapping[i].address, + data[j].addr, is_ibt_enabled)) continue; printf("\n\t%016lx %-16llx %s", dd.sym_mapping[i].address, data[j].cookie, dd.sym_mapping[i].name= ); --=20 2.39.5