Commit df073470 authored by Song Liu's avatar Song Liu Committed by Daniel Borkmann

bpf: show real jited prog address in /proc/kallsyms

Currently, /proc/kallsyms shows page address of jited bpf program. The
main reason here is to not expose randomized start address. However,
This is not ideal for detailed profiling (find hot instructions from
stack traces). This patch replaces the page address with real prog start
address.

This change is OK because these addresses are still protected by sysctl
kptr_restrict (see kallsyms_show_value()), and only programs loaded by
root are added to kallsyms (see bpf_prog_kallsyms_add()).
Signed-off-by: default avatarSong Liu <songliubraving@fb.com>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
parent 7de414a9
...@@ -553,7 +553,6 @@ bool is_bpf_text_address(unsigned long addr) ...@@ -553,7 +553,6 @@ bool is_bpf_text_address(unsigned long addr)
int bpf_get_kallsym(unsigned int symnum, unsigned long *value, char *type, int bpf_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
char *sym) char *sym)
{ {
unsigned long symbol_start, symbol_end;
struct bpf_prog_aux *aux; struct bpf_prog_aux *aux;
unsigned int it = 0; unsigned int it = 0;
int ret = -ERANGE; int ret = -ERANGE;
...@@ -566,10 +565,9 @@ int bpf_get_kallsym(unsigned int symnum, unsigned long *value, char *type, ...@@ -566,10 +565,9 @@ int bpf_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
if (it++ != symnum) if (it++ != symnum)
continue; continue;
bpf_get_prog_addr_region(aux->prog, &symbol_start, &symbol_end);
bpf_get_prog_name(aux->prog, sym); bpf_get_prog_name(aux->prog, sym);
*value = symbol_start; *value = (unsigned long)aux->prog->bpf_func;
*type = BPF_SYM_ELF_TYPE; *type = BPF_SYM_ELF_TYPE;
ret = 0; ret = 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment