tracing/eprobe: Fix eprobe filter to make a filter correctly

Message ID 166823166395.1385292.8931770640212414483.stgit@devnote3
State New
Headers
Series tracing/eprobe: Fix eprobe filter to make a filter correctly |

Commit Message

Masami Hiramatsu (Google) Nov. 12, 2022, 5:41 a.m. UTC
  From: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Since the eprobe filter was defined based on the eprobe's trace event
itself, it doesn't work correctly. Use the original trace event of
the eprobe when making the filter so that the filter works correctly.

Without this fix:

 # echo 'e syscalls/sys_enter_openat \
	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
 # echo 1 > events/eprobes/sys_enter_openat/enable
[  114.551550] event trace: Could not enable event sys_enter_openat
-bash: echo: write error: Invalid argument

With this fix:
 # echo 'e syscalls/sys_enter_openat \
	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
 # echo 1 > events/eprobes/sys_enter_openat/enable
 # tail trace
cat-241     [000] ...1.   266.498449: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
cat-242     [000] ...1.   266.977640: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0

Fixes: 752be5c5c910 ("tracing/eprobe: Add eprobe filter support")
Reported-by: Rafael Mendonca <rafaelmendsr@gmail.com>
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
---
 kernel/trace/trace_eprobe.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
  

Comments

Masami Hiramatsu (Google) Nov. 14, 2022, 1:50 a.m. UTC | #1
Hi Rafael,

Can you give me your Tested-by on this?

Thank you,

On Sat, 12 Nov 2022 14:41:04 +0900
"Masami Hiramatsu (Google)" <mhiramat@kernel.org> wrote:

> From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> 
> Since the eprobe filter was defined based on the eprobe's trace event
> itself, it doesn't work correctly. Use the original trace event of
> the eprobe when making the filter so that the filter works correctly.
> 
> Without this fix:
> 
>  # echo 'e syscalls/sys_enter_openat \
> 	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
>  # echo 1 > events/eprobes/sys_enter_openat/enable
> [  114.551550] event trace: Could not enable event sys_enter_openat
> -bash: echo: write error: Invalid argument
> 
> With this fix:
>  # echo 'e syscalls/sys_enter_openat \
> 	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
>  # echo 1 > events/eprobes/sys_enter_openat/enable
>  # tail trace
> cat-241     [000] ...1.   266.498449: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
> cat-242     [000] ...1.   266.977640: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
> 
> Fixes: 752be5c5c910 ("tracing/eprobe: Add eprobe filter support")
> Reported-by: Rafael Mendonca <rafaelmendsr@gmail.com>
> Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> ---
>  kernel/trace/trace_eprobe.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_eprobe.c b/kernel/trace/trace_eprobe.c
> index fe4833a7b7b3..1c3096ab2fe7 100644
> --- a/kernel/trace/trace_eprobe.c
> +++ b/kernel/trace/trace_eprobe.c
> @@ -643,7 +643,7 @@ new_eprobe_trigger(struct trace_eprobe *ep, struct trace_event_file *file)
>  	INIT_LIST_HEAD(&trigger->list);
>  
>  	if (ep->filter_str) {
> -		ret = create_event_filter(file->tr, file->event_call,
> +		ret = create_event_filter(file->tr, ep->event,
>  					ep->filter_str, false, &filter);
>  		if (ret)
>  			goto error;
>
  
Rafael Mendonca Nov. 14, 2022, 2:24 p.m. UTC | #2
On Sat, Nov 12, 2022 at 02:41:04PM +0900, Masami Hiramatsu (Google) wrote:
> From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> 
> Since the eprobe filter was defined based on the eprobe's trace event
> itself, it doesn't work correctly. Use the original trace event of
> the eprobe when making the filter so that the filter works correctly.
> 
> Without this fix:
> 
>  # echo 'e syscalls/sys_enter_openat \
> 	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
>  # echo 1 > events/eprobes/sys_enter_openat/enable
> [  114.551550] event trace: Could not enable event sys_enter_openat
> -bash: echo: write error: Invalid argument
> 
> With this fix:
>  # echo 'e syscalls/sys_enter_openat \
> 	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
>  # echo 1 > events/eprobes/sys_enter_openat/enable
>  # tail trace
> cat-241     [000] ...1.   266.498449: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
> cat-242     [000] ...1.   266.977640: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
> 
> Fixes: 752be5c5c910 ("tracing/eprobe: Add eprobe filter support")
> Reported-by: Rafael Mendonca <rafaelmendsr@gmail.com>
> Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> ---
>  kernel/trace/trace_eprobe.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Hi Masami,

Tested this on top of v6.1-rc5 and the event filtering seems to be
working fine now. Tested with multiple events and conditions. Thanks.

Tested-by: Rafael Mendonca <rafaelmendsr@gmail.com>

> 
> diff --git a/kernel/trace/trace_eprobe.c b/kernel/trace/trace_eprobe.c
> index fe4833a7b7b3..1c3096ab2fe7 100644
> --- a/kernel/trace/trace_eprobe.c
> +++ b/kernel/trace/trace_eprobe.c
> @@ -643,7 +643,7 @@ new_eprobe_trigger(struct trace_eprobe *ep, struct trace_event_file *file)
>  	INIT_LIST_HEAD(&trigger->list);
>  
>  	if (ep->filter_str) {
> -		ret = create_event_filter(file->tr, file->event_call,
> +		ret = create_event_filter(file->tr, ep->event,
>  					ep->filter_str, false, &filter);
>  		if (ret)
>  			goto error;
>
  
Masami Hiramatsu (Google) Nov. 14, 2022, 3:02 p.m. UTC | #3
On Mon, 14 Nov 2022 11:24:32 -0300
Rafael Mendonca <rafaelmendsr@gmail.com> wrote:

> On Sat, Nov 12, 2022 at 02:41:04PM +0900, Masami Hiramatsu (Google) wrote:
> > From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> > 
> > Since the eprobe filter was defined based on the eprobe's trace event
> > itself, it doesn't work correctly. Use the original trace event of
> > the eprobe when making the filter so that the filter works correctly.
> > 
> > Without this fix:
> > 
> >  # echo 'e syscalls/sys_enter_openat \
> > 	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
> >  # echo 1 > events/eprobes/sys_enter_openat/enable
> > [  114.551550] event trace: Could not enable event sys_enter_openat
> > -bash: echo: write error: Invalid argument
> > 
> > With this fix:
> >  # echo 'e syscalls/sys_enter_openat \
> > 	flags_rename=$flags:u32 if flags < 1000' >> dynamic_events
> >  # echo 1 > events/eprobes/sys_enter_openat/enable
> >  # tail trace
> > cat-241     [000] ...1.   266.498449: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
> > cat-242     [000] ...1.   266.977640: sys_enter_openat: (syscalls.sys_enter_openat) flags_rename=0
> > 
> > Fixes: 752be5c5c910 ("tracing/eprobe: Add eprobe filter support")
> > Reported-by: Rafael Mendonca <rafaelmendsr@gmail.com>
> > Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> > ---
> >  kernel/trace/trace_eprobe.c |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> Hi Masami,
> 
> Tested this on top of v6.1-rc5 and the event filtering seems to be
> working fine now. Tested with multiple events and conditions. Thanks.
> 
> Tested-by: Rafael Mendonca <rafaelmendsr@gmail.com>

Thanks a lot!

> 
> > 
> > diff --git a/kernel/trace/trace_eprobe.c b/kernel/trace/trace_eprobe.c
> > index fe4833a7b7b3..1c3096ab2fe7 100644
> > --- a/kernel/trace/trace_eprobe.c
> > +++ b/kernel/trace/trace_eprobe.c
> > @@ -643,7 +643,7 @@ new_eprobe_trigger(struct trace_eprobe *ep, struct trace_event_file *file)
> >  	INIT_LIST_HEAD(&trigger->list);
> >  
> >  	if (ep->filter_str) {
> > -		ret = create_event_filter(file->tr, file->event_call,
> > +		ret = create_event_filter(file->tr, ep->event,
> >  					ep->filter_str, false, &filter);
> >  		if (ret)
> >  			goto error;
> >
  

Patch

diff --git a/kernel/trace/trace_eprobe.c b/kernel/trace/trace_eprobe.c
index fe4833a7b7b3..1c3096ab2fe7 100644
--- a/kernel/trace/trace_eprobe.c
+++ b/kernel/trace/trace_eprobe.c
@@ -643,7 +643,7 @@  new_eprobe_trigger(struct trace_eprobe *ep, struct trace_event_file *file)
 	INIT_LIST_HEAD(&trigger->list);
 
 	if (ep->filter_str) {
-		ret = create_event_filter(file->tr, file->event_call,
+		ret = create_event_filter(file->tr, ep->event,
 					ep->filter_str, false, &filter);
 		if (ret)
 			goto error;