struct pt_regs missing in /usr/include/ tree for eBPF program compile

Wed, 02 Aug 2017 04:23:40 -0700 

I work on the perf tool and its bpf support for IBM s390 and came across a
strange issue compiling tools/testing/selftests/bpf/test_verifier.c on s390x.

This is the compile error:
gcc -Wall -O2 -I../../../include/uapi -I../../../lib 
-I../../../../include/generated
  -DHAVE_GENHDR -I../../../include    test_verifier.c
  /root/linux-devel/tools/testing/selftests/bpf/libbpf.a -lcap -lelf -o
  /root/linux-devel/tools/testing/selftests/bpf/test_verifier
In file included from test_verifier.c:63:0:
../../../include/uapi/linux/bpf_perf_event.h:14:17: error: field ‘regs’ has
  incomplete type struct pt_regs regs;

This shows up in test case "unpriv: spill/fill of different pointers ldx"
at line 1811.
This issue is located in file /usr/include/linux/bpf_perf_event.h which is a
copy of the linux kernels include/uapi/linux/bpf_perf_event.h.

It contains:
struct bpf_perf_event_data {
        struct pt_regs regs;
        __u64 sample_period;
};

On s390 struct pt_regs is not exported to user space and does not appear
anywhere in /usr/include.
How about other architectures beside Intel?
As far as I know 
1. the struct pt_regs contains only kernel registers, no user space registers?
2. Is part of the kernel API and should not be exported at all?

When I investigated the kernel side of the bpf() system call, the test case ends
up in functions pe_prog_is_valid_access() and pe_prog_convert_ctx_access()
via syscall(bpf)
    +--> bpf_prog_load()
         +--> find_prog_type() to load eBPF type specific verifiers
         |       pe_prog_is_valid_access() and pe_prog_convert_ctx_access()
         +--> bpf_check() to verify (and modify) the eBPF
              +--> check_vfg()
                   +--> do_check()
                        +--> check_xadd()
                             +--> check_mem_access()
                                  +--> check_ctx_access()
                                       +--> env->prog->aux->ops->is_valid_access
                                            which is set to
                                            pe_prog_is_valid_access()

Now this last function expects and verifies struct pt_regs via struct member
offsets which needs a correct struct pt_regs previously setup by user space
eBPF program.

This also requires a correct struct pt_regs in 
/usr/include/linux/bpf_perf_event.h
(which includes /usr/include/{linux,asm,sym}/ptrace.h

How to achieve this on a platform which does not export struct pt_regs to the
user?

Thanks a lot for your help.

-- 
Thomas Richter, Dept 3303, IBM LTC Boeblingen Germany
--
Vorsitzende des Aufsichtsrats: Martina Koederitz 
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 
243294

Reply via email to