| commit | 7561b06a007412e9dc20a470ee848d14e533996d | [log] [tgz] |
|---|---|---|
| author | Yafang Shao <laoar.shao@gmail.com> | Sun Jul 09 02:56:30 2023 +0000 |
| committer | Quentin Monnet <qmonnet+github@qoba.lt> | Tue Aug 29 12:34:13 2023 +0100 |
| tree | 9d2fd27af19bc76a68e6b6d448088d72c2e1bfd6 | |
| parent | bd2f4d6c5c58707aa949ae9d28d44ef124c83ba9 [diff] |
bpftool: Show perf link info
Enhance bpftool to display comprehensive information about exposed
perf_event links, covering uprobe, kprobe, tracepoint, and generic perf
event. The resulting output will include the following details:
$ tools/bpf/bpftool/bpftool link show
3: perf_event prog 14
event software:cpu-clock
bpf_cookie 0
pids perf_event(19483)
4: perf_event prog 14
event hw-cache:LLC-load-misses
bpf_cookie 0
pids perf_event(19483)
5: perf_event prog 14
event hardware:cpu-cycles
bpf_cookie 0
pids perf_event(19483)
6: perf_event prog 19
tracepoint sched_switch
bpf_cookie 0
pids tracepoint(20947)
7: perf_event prog 26
uprobe /home/dev/waken/bpf/uprobe/a.out+0x1338
bpf_cookie 0
pids uprobe(21973)
8: perf_event prog 27
uretprobe /home/dev/waken/bpf/uprobe/a.out+0x1338
bpf_cookie 0
pids uprobe(21973)
10: perf_event prog 43
kprobe ffffffffb70a9660 kernel_clone
bpf_cookie 0
pids kprobe(35275)
11: perf_event prog 41
kretprobe ffffffffb70a9660 kernel_clone
bpf_cookie 0
pids kprobe(35275)
$ tools/bpf/bpftool/bpftool link show -j
[{"id":3,"type":"perf_event","prog_id":14,"event_type":"software","event_config":"cpu-clock","bpf_cookie":0,"pids":[{"pid":19483,"comm":"perf_event"}]},{"id":4,"type":"perf_event","prog_id":14,"event_type":"hw-cache","event_config":"LLC-load-misses","bpf_cookie":0,"pids":[{"pid":19483,"comm":"perf_event"}]},{"id":5,"type":"perf_event","prog_id":14,"event_type":"hardware","event_config":"cpu-cycles","bpf_cookie":0,"pids":[{"pid":19483,"comm":"perf_event"}]},{"id":6,"type":"perf_event","prog_id":19,"tracepoint":"sched_switch","bpf_cookie":0,"pids":[{"pid":20947,"comm":"tracepoint"}]},{"id":7,"type":"perf_event","prog_id":26,"retprobe":false,"file":"/home/dev/waken/bpf/uprobe/a.out","offset":4920,"bpf_cookie":0,"pids":[{"pid":21973,"comm":"uprobe"}]},{"id":8,"type":"perf_event","prog_id":27,"retprobe":true,"file":"/home/dev/waken/bpf/uprobe/a.out","offset":4920,"bpf_cookie":0,"pids":[{"pid":21973,"comm":"uprobe"}]},{"id":10,"type":"perf_event","prog_id":43,"retprobe":false,"addr":18446744072485508704,"func":"kernel_clone","offset":0,"bpf_cookie":0,"pids":[{"pid":35275,"comm":"kprobe"}]},{"id":11,"type":"perf_event","prog_id":41,"retprobe":true,"addr":18446744072485508704,"func":"kernel_clone","offset":0,"bpf_cookie":0,"pids":[{"pid":35275,"comm":"kprobe"}]}]
For generic perf events, the displayed information in bpftool is limited to
the type and configuration, while other attributes such as sample_period,
sample_freq, etc., are not included.
The kernel function address won't be exposed if it is not permitted by
kptr_restrict. The result as follows when kptr_restrict is 2.
$ tools/bpf/bpftool/bpftool link show
3: perf_event prog 14
event software:cpu-clock
4: perf_event prog 14
event hw-cache:LLC-load-misses
5: perf_event prog 14
event hardware:cpu-cycles
6: perf_event prog 19
tracepoint sched_switch
7: perf_event prog 26
uprobe /home/dev/waken/bpf/uprobe/a.out+0x1338
8: perf_event prog 27
uretprobe /home/dev/waken/bpf/uprobe/a.out+0x1338
10: perf_event prog 43
kprobe kernel_clone
11: perf_event prog 41
kretprobe kernel_clone
Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Reviewed-by: Quentin Monnet <quentin@isovalent.com>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230709025630.3735-11-laoar.shao@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
- .github/
- bash-completion/
- docs/
- include/
- scripts/
- src/
- libbpf
- .gitattributes
- .gitmodules
- BPF-CHECKPOINT-COMMIT
- CHECKPOINT-COMMIT
- Dockerfile
- LICENSE
- LICENSE.BSD-2-Clause
- LICENSE.GPL-2.0
- README.md
bpftool
This is a mirror of bpf-next Linux source tree's tools/bpf/bpftool directory, plus its few dependencies from under kernel/bpf/, and its supporting header files.
All the gory details of syncing can be found in scripts/sync-kernel.sh script.
Some header files in this repo (include/linux/*.h) are reduced versions of their counterpart files at bpf-next's tools/include/linux/*.h to make compilation successful.
BPF/bpftool usage and questions
Please check out the manual pages for documentation about bpftool. A number of example invocations are also displayed in this blog post.
All general BPF questions, including kernel functionality, bpftool features and usage, should be sent to bpf@vger.kernel.org mailing list. You can subscribe to it here and search its archive here. Please search the archive before asking new questions. It very well might be that this was already addressed or answered before.
bpf@vger.kernel.org is monitored by many more people and they will happily try to help you with whatever issue you have. This repository's PRs and issues should be opened only for dealing with issues pertaining to specific way this bpftool mirror repo is set up and organized.
Dependencies
Required:
- libelf
- zlib
Optional:
- libbfd (for dumping JIT-compiled program instructions)
- libcap (for better feature probing)
- kernel BTF information (for profiling programs or showing PIDs of processes referencing BPF objects)
- clang/LLVM (idem)
Build 
Initialize libbpf submodule
This repository uses libbpf as a submodule. You can initialize it when cloning bpftool:
$ git clone --recurse-submodules https://github.com/libbpf/bpftool.git
Alternatively, if you have already cloned the repository, you can initialize the submodule by running the following command from within the repository:
$ git submodule update --init
Build bpftool
To build bpftool:
$ cd src
$ make
To build and install bpftool on the system:
$ cd src # make install
Building bpftool in a separate directory is supported via the OUTPUT variable:
$ mkdir /tmp/bpftool $ cd src $ OUTPUT=/tmp/bpftool make
Most of the output is suppressed by default, but detailed building logs can be displayed by passing V=1:
$ cd src $ make V=1
Additional compilation flags can be passed to the command line if required. For example, we can create a static build with the following commands:
$ cd src $ EXTRA_CFLAGS=--static make
Note that to use the LLVM disassembler with static builds, we need a static version of the LLVM library installed on the system:
Download a precompiled LLVM release or build it locally.
Download the appropriate release of LLVM for your platform, for example on x86_64 with LLVM 15.0.0:
$ curl -LO https://github.com/llvm/llvm-project/releases/download/llvmorg-15.0.0/clang+llvm-15.0.0-x86_64-linux-gnu-rhel-8.4.tar.xz $ tar xvf clang+llvm-15.0.0-x86_64-linux-gnu-rhel-8.4.tar.xz $ mv clang+llvm-15.0.0-x86_64-linux-gnu-rhel-8.4 llvm_build
Alternatively, clone and build the LLVM libraries locally.
$ git clone https://github.com/llvm/llvm-project.git $ mkdir llvm_build $ cmake -S llvm-project/llvm -B llvm_build -DCMAKE_BUILD_TYPE=Release $ make -j -C llvm_build llvm-config llvm-libraries
Build bpftool with
EXTRA_CFLAGSset to--static, and by passing the path to the relevantllvm-config.$ cd bpftool $ LLVM_CONFIG=../../llvm_build/bin/llvm-config EXTRA_CFLAGS=--static make -j -C src
Build bpftool's man pages
The man pages for bpftool can be built with:
$ cd docs
$ make
They can be installed on the system with:
$ cd docs # make install
License
This work is dual-licensed under the GNU GPL v2.0 (only) license and the BSD 2-clause license. You can choose between one of them if you use this work.
SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)