Handle duplicate kprobe symbols#11253
Closed
kernel-patches-daemon-bpf[bot] wants to merge 2 commits intobpf-next_basefrom
Closed
Handle duplicate kprobe symbols#11253kernel-patches-daemon-bpf[bot] wants to merge 2 commits intobpf-next_basefrom
kernel-patches-daemon-bpf[bot] wants to merge 2 commits intobpf-next_basefrom
Conversation
Author
|
Upstream branch: 309d880 |
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
73579ec to
9848291
Compare
Author
|
Upstream branch: 44dd647 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1060295=>bpf-next
branch
from
41278d8 to
e221391
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
9848291 to
c7dcbca
Compare
Author
|
Upstream branch: 05c9b2e |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1060295=>bpf-next
branch
from
e221391 to
ea72fd8
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
c7dcbca to
69a44ca
Compare
Author
|
Upstream branch: 4faa189 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1060295=>bpf-next
branch
from
ea72fd8 to
125e009
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
69a44ca to
f264dc7
Compare
Author
|
Upstream branch: 748f9c6 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1060295=>bpf-next
branch
from
125e009 to
86fad50
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
f264dc7 to
59120bd
Compare
When a kernel module exports a symbol with the same name as an existing vmlinux symbol, kprobe attachment via bpf_program__attach_kprobe_opts() fails with EADDRNOTAVAIL (perf_event_open path) or EINVAL (legacy tracefs path). Implement a fallback mechanism that, on such failures, resolves the vmlinux address through /proc/kallsyms - filtering out module symbols - and retries probe attachment using the absolute address, bypassing kernel symbol name validation. Changes: - Restructure libbpf_kallsyms_parse() to accept a bool skip_if_module parameter that filters module symbols before invoking the callback. - Add find_kaddr_cb() callback and find_kaddr_ctx struct to resolve vmlinux text symbol addresses from /proc/kallsyms. - Detect duplicate symbol errors (-EADDRNOTAVAIL for perf_event_open, -EINVAL for legacy tracefs) and retry with resolved KADDR. - Fix NULL pointer in gen_probe_legacy_event_name() when using absolute address by passing func_name instead of optional_func_name. - Fix NULL pointer in pr_warn() calls within perf_event_kprobe_open_legacy() by using ternary fallback. - Fix memory leak of legacy_probe buffer on retry path. Signed-off-by: Andrey Grodzovsky <andrey.grodzovsky@crowdstrike.com>
Add bpf_testmod_dup_sym.ko test module that creates a duplicate nanosleep symbols to test kprobe attachment when a module exports a symbol with the same name as a vmlinux symbol. Add test_attach_probe_dup_sym() to attach_probe tests that loads the duplicate symbol module and validates kprobe attachment across all four attach modes: auto-attach, explicit symbol, legacy with offset, and perf_event_open with offset. Signed-off-by: Andrey Grodzovsky <andrey.grodzovsky@crowdstrike.com> Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com>
Author
|
Upstream branch: 6dd780f |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1060295=>bpf-next
branch
from
86fad50 to
0fca78c
Compare
Author
|
At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=1060295 expired. Closing PR. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: Handle duplicate kprobe symbols
version: 5
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1060295