2 * Copyright (c) 2015-2017 Dmitry V. Levin <ldv@altlinux.org>
3 * Copyright (c) 2017 Quentin Monnet <quentin.monnet@6wind.com>
4 * Copyright (c) 2015-2018 The strace developers.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 #include "print_fields.h"
33 #ifdef HAVE_LINUX_BPF_H
34 # include <linux/bpf.h>
36 #include <linux/filter.h>
40 #include "xlat/bpf_commands.h"
41 #include "xlat/bpf_file_mode_flags.h"
42 #include "xlat/bpf_map_types.h"
43 #include "xlat/bpf_map_flags.h"
44 #include "xlat/bpf_prog_types.h"
45 #include "xlat/bpf_prog_flags.h"
46 #include "xlat/bpf_map_update_elem_flags.h"
47 #include "xlat/bpf_attach_type.h"
48 #include "xlat/bpf_attach_flags.h"
49 #include "xlat/bpf_query_flags.h"
50 #include "xlat/ebpf_regs.h"
51 #include "xlat/numa_node.h"
53 #define DECL_BPF_CMD_DECODER(bpf_cmd_decoder) \
55 bpf_cmd_decoder(struct tcb *const tcp, \
56 const kernel_ulong_t addr, \
57 const unsigned int size, \
59 /* End of DECL_BPF_CMD_DECODER definition. */
61 #define BEGIN_BPF_CMD_DECODER(bpf_cmd) \
62 static DECL_BPF_CMD_DECODER(decode_ ## bpf_cmd) \
64 struct bpf_cmd ## _struct attr = {}; \
65 const size_t attr_size = bpf_cmd ## _struct_size; \
66 const unsigned int len = MIN(size, attr_size); \
67 memcpy(&attr, data, len); \
69 /* End of BEGIN_BPF_CMD_DECODER definition. */
71 #define END_BPF_CMD_DECODER(rval) \
72 decode_attr_extra_data(tcp, data, size, attr_size); \
77 /* End of END_BPF_CMD_DECODER definition. */
79 #define BPF_CMD_ENTRY(bpf_cmd) \
80 [bpf_cmd] = decode_ ## bpf_cmd
82 typedef DECL_BPF_CMD_DECODER((*bpf_cmd_decoder_t));
85 * A note about bpf syscall decoder: it doesn't perform any size sanity checks,
86 * so even if it leads to partial copying of one of the fields, the command
87 * handler will still use the (partially-copied-from-userspace, partially
88 * zeroed) field value. That's why we stop decoding and check for known sizes
89 * that correspond to released versions of the structure used by the specific
90 * command - it looks like the most sensible way to parse this insanity.
94 decode_attr_extra_data(struct tcb *const tcp,
97 const size_t attr_size)
99 if (size <= attr_size)
106 for (i = 0; i < size; ++i) {
112 tprintf("/* bytes %zu..%zu */ ",
113 attr_size, attr_size + size - 1);
114 print_quoted_string(data, size,
132 struct ebpf_insns_data {
137 print_ebpf_insn(struct tcb * const tcp, void * const elem_buf,
138 const size_t elem_size, void * const data)
140 struct ebpf_insns_data *eid = data;
141 struct ebpf_insn *insn = elem_buf;
143 if (eid->count++ >= BPF_MAXINSNS) {
149 print_bpf_filter_code(insn->code, true);
151 /* We can't use PRINT_FIELD_XVAL on bit fields */
152 tprints(", dst_reg=");
153 printxval_index(ebpf_regs, insn->dst_reg, "BPF_REG_???");
154 tprints(", src_reg=");
155 printxval_index(ebpf_regs, insn->src_reg, "BPF_REG_???");
157 PRINT_FIELD_D(", ", *insn, off);
158 PRINT_FIELD_X(", ", *insn, imm);
165 print_ebpf_prog(struct tcb *const tcp, const uint64_t addr, const uint32_t len)
167 print_big_u64_addr(addr);
171 struct ebpf_insns_data eid = {};
172 struct ebpf_insn insn;
174 print_array(tcp, addr, len, &insn, sizeof(insn),
175 tfetch_mem, print_ebpf_insn, &eid);
179 BEGIN_BPF_CMD_DECODER(BPF_MAP_CREATE)
181 PRINT_FIELD_XVAL_INDEX("{", attr, map_type, bpf_map_types,
183 PRINT_FIELD_U(", ", attr, key_size);
184 PRINT_FIELD_U(", ", attr, value_size);
185 PRINT_FIELD_U(", ", attr, max_entries);
187 /* map_flags field was added in Linux commit v4.6-rc1~91^2~108^2~6. */
188 if (len <= offsetof(struct BPF_MAP_CREATE_struct, map_flags))
190 PRINT_FIELD_FLAGS(", ", attr, map_flags, bpf_map_flags, "BPF_F_???");
193 * inner_map_fd field was added in Linux commit
194 * v4.12-rc1~64^3~373^2~2.
196 if (len <= offsetof(struct BPF_MAP_CREATE_struct, inner_map_fd))
198 PRINT_FIELD_FD(", ", attr, inner_map_fd, tcp);
200 /* numa_node field was added in Linux commit v4.14-rc1~130^2~196^2~1. */
201 if (len <= offsetof(struct BPF_MAP_CREATE_struct, numa_node))
203 if (attr.map_flags & BPF_F_NUMA_NODE) {
205 * Kernel uses the value of -1 as a designation for "no NUMA
206 * node specified", and even uses NUMA_NO_NODE constant;
207 * however, the constant definition is not a part of UAPI
208 * headers, thus we can't simply print this named constant
209 * instead of the value. Let's force verbose xlat style instead
210 * in order to provide the information for the user while
211 * not hampering the availability to derive the actual value
212 * without the access to the kernel headers.
214 tprints(", numa_node=");
215 printxvals_ex(attr.numa_node, NULL,
216 XLAT_STYLE_FMT_U | XLAT_STYLE_VERBOSE,
220 /* map_name field was added in Linux commit v4.15-rc1~84^2~605^2~3. */
221 if (len <= offsetof(struct BPF_MAP_CREATE_struct, map_name))
223 PRINT_FIELD_CSTRING_SZ(", ", attr, map_name,
224 MIN(sizeof(attr.map_name),
225 len - offsetof(struct BPF_MAP_CREATE_struct,
229 * map_ifindex field was added in Linux commit
230 * v4.16-rc1~123^2~145^2~5^2~8.
232 if (len <= offsetof(struct BPF_MAP_CREATE_struct, map_ifindex))
234 PRINT_FIELD_IFINDEX(", ", attr, map_ifindex);
236 END_BPF_CMD_DECODER(RVAL_DECODED | RVAL_FD)
238 BEGIN_BPF_CMD_DECODER(BPF_MAP_LOOKUP_ELEM)
240 PRINT_FIELD_FD("{", attr, map_fd, tcp);
241 PRINT_FIELD_ADDR64(", ", attr, key);
242 PRINT_FIELD_ADDR64(", ", attr, value);
244 END_BPF_CMD_DECODER(RVAL_DECODED)
246 BEGIN_BPF_CMD_DECODER(BPF_MAP_UPDATE_ELEM)
248 PRINT_FIELD_FD("{", attr, map_fd, tcp);
249 PRINT_FIELD_ADDR64(", ", attr, key);
250 PRINT_FIELD_ADDR64(", ", attr, value);
251 PRINT_FIELD_XVAL_INDEX(", ", attr, flags, bpf_map_update_elem_flags,
254 END_BPF_CMD_DECODER(RVAL_DECODED)
256 BEGIN_BPF_CMD_DECODER(BPF_MAP_DELETE_ELEM)
258 PRINT_FIELD_FD("{", attr, map_fd, tcp);
259 PRINT_FIELD_ADDR64(", ", attr, key);
261 END_BPF_CMD_DECODER(RVAL_DECODED)
263 BEGIN_BPF_CMD_DECODER(BPF_MAP_GET_NEXT_KEY)
265 PRINT_FIELD_FD("{", attr, map_fd, tcp);
266 PRINT_FIELD_ADDR64(", ", attr, key);
267 PRINT_FIELD_ADDR64(", ", attr, next_key);
269 END_BPF_CMD_DECODER(RVAL_DECODED)
271 BEGIN_BPF_CMD_DECODER(BPF_PROG_LOAD)
273 PRINT_FIELD_XVAL_INDEX("{", attr, prog_type, bpf_prog_types,
274 "BPF_PROG_TYPE_???");
275 PRINT_FIELD_U(", ", attr, insn_cnt);
277 print_ebpf_prog(tcp, attr.insns, attr.insn_cnt);
279 tprintf(", license=");
280 print_big_u64_addr(attr.license);
281 printstr(tcp, attr.license);
283 /* log_* fields were added in Linux commit v3.18-rc1~52^2~1^2~4. */
284 if (len <= offsetof(struct BPF_PROG_LOAD_struct, log_level))
286 PRINT_FIELD_U(", ", attr, log_level);
287 PRINT_FIELD_U(", ", attr, log_size);
288 tprintf(", log_buf=");
289 print_big_u64_addr(attr.log_buf);
290 printstr_ex(tcp, attr.log_buf, attr.log_size, QUOTE_0_TERMINATED);
292 /* kern_version field was added in Linux commit v4.1-rc1~84^2~50. */
293 if (len <= offsetof(struct BPF_PROG_LOAD_struct, kern_version))
295 tprintf(", kern_version=KERNEL_VERSION(%u, %u, %u)",
296 attr.kern_version >> 16,
297 (attr.kern_version >> 8) & 0xFF,
298 attr.kern_version & 0xFF);
300 /* prog_flags field was added in Linux commit v4.12-rc2~34^2~29^2~2. */
301 if (len <= offsetof(struct BPF_PROG_LOAD_struct, prog_flags))
303 PRINT_FIELD_FLAGS(", ", attr, prog_flags, bpf_prog_flags, "BPF_F_???");
305 /* prog_name field was added in Linux commit v4.15-rc1~84^2~605^2~4. */
306 if (len <= offsetof(struct BPF_PROG_LOAD_struct, prog_name))
308 PRINT_FIELD_CSTRING_SZ(", ", attr, prog_name,
309 MIN(sizeof(attr.prog_name),
310 len - offsetof(struct BPF_PROG_LOAD_struct,
314 * prog_ifindex field was added as prog_target_ifindex in Linux commit
315 * v4.15-rc1~84^2~127^2~13 and renamed to its current name in
316 * v4.15-rc1~15^2~5^2~3^2~7.
318 if (len <= offsetof(struct BPF_PROG_LOAD_struct, prog_ifindex))
320 PRINT_FIELD_IFINDEX(", ", attr, prog_ifindex);
323 * expected_attach_type was added in Linux commit
324 * v4.17-rc1~148^2~19^2^2~8.
326 if (len <= offsetof(struct BPF_PROG_LOAD_struct, expected_attach_type))
328 PRINT_FIELD_XVAL(", ", attr, expected_attach_type, bpf_attach_type,
331 END_BPF_CMD_DECODER(RVAL_DECODED | RVAL_FD)
333 BEGIN_BPF_CMD_DECODER(BPF_OBJ_PIN)
335 tprintf("{pathname=");
336 print_big_u64_addr(attr.pathname);
337 printpath(tcp, attr.pathname);
339 PRINT_FIELD_FD(", ", attr, bpf_fd, tcp);
341 /* file_flags field was added in Linux v4.15-rc1~84^2~384^2~4 */
342 if (len <= offsetof(struct BPF_OBJ_PIN_struct, file_flags))
344 PRINT_FIELD_FLAGS(", ", attr, file_flags, bpf_file_mode_flags,
347 END_BPF_CMD_DECODER(RVAL_DECODED | RVAL_FD)
349 #define decode_BPF_OBJ_GET decode_BPF_OBJ_PIN
351 BEGIN_BPF_CMD_DECODER(BPF_PROG_ATTACH)
353 PRINT_FIELD_FD("{", attr, target_fd, tcp);
354 PRINT_FIELD_FD(", ", attr, attach_bpf_fd, tcp);
355 PRINT_FIELD_XVAL_INDEX(", ", attr, attach_type, bpf_attach_type,
357 PRINT_FIELD_FLAGS(", ", attr, attach_flags, bpf_attach_flags,
360 END_BPF_CMD_DECODER(RVAL_DECODED)
362 BEGIN_BPF_CMD_DECODER(BPF_PROG_DETACH)
364 PRINT_FIELD_FD("{", attr, target_fd, tcp);
365 PRINT_FIELD_XVAL_INDEX(", ", attr, attach_type, bpf_attach_type,
368 END_BPF_CMD_DECODER(RVAL_DECODED)
370 BEGIN_BPF_CMD_DECODER(BPF_PROG_TEST_RUN)
372 PRINT_FIELD_FD("{test={", attr, prog_fd, tcp);
373 PRINT_FIELD_U(", ", attr, retval);
374 PRINT_FIELD_U(", ", attr, data_size_in);
375 PRINT_FIELD_U(", ", attr, data_size_out);
376 PRINT_FIELD_ADDR64(", ", attr, data_in);
377 PRINT_FIELD_ADDR64(", ", attr, data_out);
378 PRINT_FIELD_U(", ", attr, repeat);
379 PRINT_FIELD_U(", ", attr, duration);
382 END_BPF_CMD_DECODER(RVAL_DECODED)
384 BEGIN_BPF_CMD_DECODER(BPF_PROG_GET_NEXT_ID)
386 PRINT_FIELD_U("{", attr, start_id);
387 PRINT_FIELD_U(", ", attr, next_id);
389 /* open_flags field has been added in Linux v4.15-rc1~84^2~384^2~4 */
390 if (len <= offsetof(struct BPF_PROG_GET_NEXT_ID_struct, open_flags))
392 PRINT_FIELD_FLAGS(", ", attr, open_flags, bpf_file_mode_flags,
395 END_BPF_CMD_DECODER(RVAL_DECODED)
397 #define decode_BPF_MAP_GET_NEXT_ID decode_BPF_PROG_GET_NEXT_ID
399 BEGIN_BPF_CMD_DECODER(BPF_PROG_GET_FD_BY_ID)
401 PRINT_FIELD_U("{", attr, prog_id);
402 PRINT_FIELD_U(", ", attr, next_id);
404 /* open_flags field has been added in Linux v4.15-rc1~84^2~384^2~4 */
405 if (len <= offsetof(struct BPF_PROG_GET_FD_BY_ID_struct, open_flags))
407 PRINT_FIELD_FLAGS(", ", attr, open_flags, bpf_file_mode_flags,
410 END_BPF_CMD_DECODER(RVAL_DECODED)
412 BEGIN_BPF_CMD_DECODER(BPF_MAP_GET_FD_BY_ID)
414 PRINT_FIELD_U("{", attr, map_id);
415 PRINT_FIELD_U(", ", attr, next_id);
417 /* open_flags field has been added in Linux v4.15-rc1~84^2~384^2~4 */
418 if (len <= offsetof(struct BPF_MAP_GET_FD_BY_ID_struct, open_flags))
420 PRINT_FIELD_FLAGS(", ", attr, open_flags, bpf_file_mode_flags,
423 END_BPF_CMD_DECODER(RVAL_DECODED)
425 struct obj_get_info_saved;
426 typedef void (*print_bpf_obj_info_fn)(struct tcb *,
428 const char *info_buf,
430 struct obj_get_info_saved *saved);
432 struct obj_get_info_saved {
433 print_bpf_obj_info_fn print_fn;
437 uint32_t jited_prog_len;
438 uint32_t xlated_prog_len;
443 print_bpf_map_info(struct tcb * const tcp, uint32_t bpf_fd,
444 const char *info_buf, uint32_t size,
445 struct obj_get_info_saved *saved)
450 struct bpf_map_info_struct info = { 0 };
451 const unsigned int len = MIN(size, bpf_map_info_struct_size);
453 memcpy(&info, info_buf, len);
455 PRINT_FIELD_XVAL("{", info, type, bpf_map_types, "BPF_MAP_TYPE_???");
456 PRINT_FIELD_U(", ", info, id);
457 PRINT_FIELD_U(", ", info, key_size);
458 PRINT_FIELD_U(", ", info, value_size);
459 PRINT_FIELD_U(", ", info, max_entries);
460 PRINT_FIELD_FLAGS(", ", info, map_flags, bpf_map_flags, "BPF_F_???");
463 * "name" field was introduced by Linux commit v4.15-rc1~84^2~605^2~3.
465 if (len <= offsetof(struct bpf_map_info_struct, name))
466 goto print_bpf_map_info_end;
467 PRINT_FIELD_CSTRING(", ", info, name);
470 * ifindex, netns_dev, and netns_ino fields were introduced
471 * by Linux commit v4.16-rc1~123^2~109^2~5^2~4.
473 if (len <= offsetof(struct bpf_map_info_struct, ifindex))
474 goto print_bpf_map_info_end;
475 PRINT_FIELD_IFINDEX(", ", info, ifindex);
476 PRINT_FIELD_DEV(", ", info, netns_dev);
477 PRINT_FIELD_U(", ", info, netns_ino);
479 decode_attr_extra_data(tcp, info_buf, size, bpf_map_info_struct_size);
481 print_bpf_map_info_end:
486 print_bpf_prog_info(struct tcb * const tcp, uint32_t bpf_fd,
487 const char *info_buf, uint32_t size,
488 struct obj_get_info_saved *saved)
490 struct bpf_prog_info_struct info = { 0 };
491 const unsigned int len = MIN(size, bpf_prog_info_struct_size);
494 memcpy(&info, info_buf, len);
497 saved->jited_prog_len = info.jited_prog_len;
498 saved->xlated_prog_len = info.xlated_prog_len;
499 saved->nr_map_ids = info.nr_map_ids;
504 PRINT_FIELD_XVAL("{", info, type, bpf_prog_types, "BPF_PROG_TYPE_???");
505 PRINT_FIELD_U(", ", info, id);
506 PRINT_FIELD_HEX_ARRAY(", ", info, tag);
508 tprints(", jited_prog_len=");
509 if (saved->jited_prog_len != info.jited_prog_len)
510 tprintf("%" PRIu32 " => ", saved->jited_prog_len);
511 tprintf("%" PRIu32, info.jited_prog_len);
513 tprints(", jited_prog_insns=");
514 print_big_u64_addr(info.jited_prog_insns);
515 printstr_ex(tcp, info.jited_prog_insns, info.jited_prog_len,
518 tprints(", xlated_prog_len=");
519 if (saved->xlated_prog_len != info.xlated_prog_len)
520 tprintf("%" PRIu32 " => ", saved->xlated_prog_len);
521 tprintf("%" PRIu32, info.xlated_prog_len);
523 tprints(", xlated_prog_insns=");
524 print_ebpf_prog(tcp, info.xlated_prog_insns,
525 MIN(saved->xlated_prog_len, info.xlated_prog_len) / 8);
528 * load_time, created_by_uid, nr_map_ids, map_ids, and name fields
529 * were introduced by Linux commit v4.15-rc1~84^2~605^2~4.
531 if (len <= offsetof(struct bpf_prog_info_struct, load_time))
532 goto print_bpf_prog_info_end;
533 PRINT_FIELD_U(", ", info, load_time);
534 PRINT_FIELD_UID(", ", info, created_by_uid);
536 tprints(", nr_map_ids=");
537 if (saved->nr_map_ids != info.nr_map_ids)
538 tprintf("%" PRIu32 " => ", saved->nr_map_ids);
539 tprintf("%" PRIu32, info.nr_map_ids);
541 tprints(", map_ids=");
542 print_big_u64_addr(info.map_ids);
543 print_array(tcp, info.map_ids, MIN(saved->nr_map_ids, info.nr_map_ids),
544 &map_id_buf, sizeof(map_id_buf),
545 tfetch_mem, print_uint32_array_member, 0);
547 PRINT_FIELD_CSTRING(", ", info, name);
550 * ifindex, netns_dev, and netns_ino fields were introduced
551 * by Linux commit v4.16-rc1~123^2~227^2~5^2~2.
553 if (len <= offsetof(struct bpf_prog_info_struct, ifindex))
554 goto print_bpf_prog_info_end;
555 PRINT_FIELD_IFINDEX(", ", info, ifindex);
556 PRINT_FIELD_DEV(", ", info, netns_dev);
557 PRINT_FIELD_U(", ", info, netns_ino);
559 decode_attr_extra_data(tcp, info_buf, size, bpf_prog_info_struct_size);
561 print_bpf_prog_info_end:
566 fetch_bpf_obj_info(struct tcb * const tcp, uint64_t info, uint32_t size)
568 static char *info_buf;
571 info_buf = xmalloc(get_pagesize());
573 memset(info_buf, 0, get_pagesize());
575 if (size > 0 && size <= get_pagesize()
576 && !umoven(tcp, info, size, info_buf))
583 print_bpf_obj_info_addr(struct tcb * const tcp, uint64_t addr)
590 print_bpf_obj_info(struct tcb * const tcp, uint32_t bpf_fd, uint64_t info,
591 uint32_t size, struct obj_get_info_saved *saved)
594 print_bpf_obj_info_addr(tcp, info);
600 print_bpf_obj_info_fn print_fn;
602 { "anon_inode:bpf-map", print_bpf_map_info },
603 { "anon_inode:bpf-prog", print_bpf_prog_info }
607 char path[PATH_MAX + 1];
609 if (getfdpath(tcp, bpf_fd, path, sizeof(path)) > 0) {
610 for (size_t i = 0; i < ARRAY_SIZE(obj_printers); ++i) {
611 if (!strcmp(path, obj_printers[i].id)) {
613 obj_printers[i].print_fn;
620 if (!saved || !saved->print_fn) {
621 print_bpf_obj_info_addr(tcp, info);
625 const char *info_buf = fetch_bpf_obj_info(tcp, info, size);
628 saved->print_fn(tcp, bpf_fd, info_buf, size, saved);
630 print_bpf_obj_info_addr(tcp, info);
633 BEGIN_BPF_CMD_DECODER(BPF_OBJ_GET_INFO_BY_FD)
635 struct obj_get_info_saved *saved;
638 saved = xcalloc(1, sizeof(*saved));
639 saved->info_len = attr.info_len;
640 set_tcb_priv_data(tcp, saved, free);
642 PRINT_FIELD_FD("{info={", attr, bpf_fd, tcp);
643 PRINT_FIELD_U(", ", attr, info_len);
645 saved = get_tcb_priv_data(tcp);
647 if (saved && (saved->info_len != attr.info_len))
648 tprintf(" => %u", attr.info_len);
653 print_bpf_obj_info(tcp, attr.bpf_fd, attr.info, attr.info_len, saved);
660 END_BPF_CMD_DECODER(RVAL_DECODED)
662 BEGIN_BPF_CMD_DECODER(BPF_PROG_QUERY)
664 uint32_t prog_id_buf;
667 PRINT_FIELD_FD("{query={", attr, target_fd, tcp);
668 PRINT_FIELD_XVAL_INDEX(", ", attr, attach_type, bpf_attach_type,
670 PRINT_FIELD_FLAGS(", ", attr, query_flags, bpf_query_flags,
672 PRINT_FIELD_FLAGS(", ", attr, attach_flags, bpf_attach_flags,
675 tprints(", prog_ids=");
677 set_tcb_priv_ulong(tcp, attr.prog_cnt);
682 print_big_u64_addr(attr.prog_ids);
683 print_array(tcp, attr.prog_ids, attr.prog_cnt, &prog_id_buf,
684 sizeof(prog_id_buf), tfetch_mem,
685 print_uint32_array_member, 0);
687 tprints(", prog_cnt=");
688 const uint32_t prog_cnt_entering = get_tcb_priv_ulong(tcp);
689 if (prog_cnt_entering != attr.prog_cnt)
690 tprintf("%" PRIu32 " => ", prog_cnt_entering);
691 tprintf("%" PRIu32, attr.prog_cnt);
694 END_BPF_CMD_DECODER(RVAL_DECODED)
696 BEGIN_BPF_CMD_DECODER(BPF_RAW_TRACEPOINT_OPEN)
698 enum { TP_NAME_SIZE = 128 };
700 tprintf("{raw_tracepoint={name=");
701 print_big_u64_addr(attr.name);
702 printstr_ex(tcp, attr.name, TP_NAME_SIZE, QUOTE_0_TERMINATED);
704 PRINT_FIELD_FD(", ", attr, prog_fd, tcp);
708 END_BPF_CMD_DECODER(RVAL_DECODED)
712 static const bpf_cmd_decoder_t bpf_cmd_decoders[] = {
713 BPF_CMD_ENTRY(BPF_MAP_CREATE),
714 BPF_CMD_ENTRY(BPF_MAP_LOOKUP_ELEM),
715 BPF_CMD_ENTRY(BPF_MAP_UPDATE_ELEM),
716 BPF_CMD_ENTRY(BPF_MAP_DELETE_ELEM),
717 BPF_CMD_ENTRY(BPF_MAP_GET_NEXT_KEY),
718 BPF_CMD_ENTRY(BPF_PROG_LOAD),
719 BPF_CMD_ENTRY(BPF_OBJ_PIN),
720 BPF_CMD_ENTRY(BPF_OBJ_GET),
721 BPF_CMD_ENTRY(BPF_PROG_ATTACH),
722 BPF_CMD_ENTRY(BPF_PROG_DETACH),
723 BPF_CMD_ENTRY(BPF_PROG_TEST_RUN),
724 BPF_CMD_ENTRY(BPF_PROG_GET_NEXT_ID),
725 BPF_CMD_ENTRY(BPF_MAP_GET_NEXT_ID),
726 BPF_CMD_ENTRY(BPF_PROG_GET_FD_BY_ID),
727 BPF_CMD_ENTRY(BPF_MAP_GET_FD_BY_ID),
728 BPF_CMD_ENTRY(BPF_OBJ_GET_INFO_BY_FD),
729 BPF_CMD_ENTRY(BPF_PROG_QUERY),
730 BPF_CMD_ENTRY(BPF_RAW_TRACEPOINT_OPEN),
733 const unsigned int cmd = tcp->u_arg[0];
734 const kernel_ulong_t addr = tcp->u_arg[1];
735 const unsigned int size = tcp->u_arg[2];
736 int rc = RVAL_DECODED;
739 printxval_index(bpf_commands, cmd, "BPF_???");
744 && size <= get_pagesize()
745 && cmd < ARRAY_SIZE(bpf_cmd_decoders)
746 && bpf_cmd_decoders[cmd]) {
750 buf = xmalloc(get_pagesize());
752 if (!umoven_or_printaddr_ignore_syserror(tcp, addr, size, buf))
753 rc = bpf_cmd_decoders[cmd](tcp, addr, size, buf);
758 if (exiting(tcp) || (rc & RVAL_DECODED))
759 tprintf(", %u", size);