From deaba90e3122e4c4b3849b384cb7a251a0e07ed4 Mon Sep 17 00:00:00 2001 From: He Zhe Date: Mon, 15 Jun 2020 09:57:34 +0000 Subject: bcc: Make opensnoop compatible with kernel v5.6 and later Since kernel v5.6, fddb5d430ad9 ("open: introduce openat2(2) syscall"), do_sys_openat2 instead of do_sys_open has been used as entry function for open. Signed-off-by: He Zhe --- ...noop-snoop-do_sys_openat2-for-kernel-v5.6.patch | 51 ++++++++++++++++++++++ .../recipes-devtools/bcc/bcc_0.13.0.bb | 3 +- 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc/0001-tools-opensnoop-snoop-do_sys_openat2-for-kernel-v5.6.patch diff --git a/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc/0001-tools-opensnoop-snoop-do_sys_openat2-for-kernel-v5.6.patch b/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc/0001-tools-opensnoop-snoop-do_sys_openat2-for-kernel-v5.6.patch new file mode 100644 index 0000000..f2b1495 --- /dev/null +++ b/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc/0001-tools-opensnoop-snoop-do_sys_openat2-for-kernel-v5.6.patch @@ -0,0 +1,51 @@ +From 935f7e47f54df1af30f4a1cdfd2f385863ab9dec Mon Sep 17 00:00:00 2001 +From: He Zhe +Date: Mon, 15 Jun 2020 07:05:24 +0000 +Subject: [PATCH] tools: opensnoop: snoop do_sys_openat2 for kernel v5.6 and + later + +Since kernel v5.6, fddb5d430ad9 ("open: introduce openat2(2) syscall"), +do_sys_openat2 instead of do_sys_open has been used as entry function for open. + +Upstream-Status: Inappropriate, upstream context has changed and needs more + tweak. + +Signed-off-by: He Zhe +--- + tools/opensnoop.py | 13 +++++++++++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/tools/opensnoop.py b/tools/opensnoop.py +index 6d1388b3..3f7e48a3 100755 +--- a/tools/opensnoop.py ++++ b/tools/opensnoop.py +@@ -21,6 +21,8 @@ from bcc.utils import printb + import argparse + from datetime import datetime, timedelta + import os ++import platform ++from pkg_resources import parse_version + + # arguments + examples = """examples: +@@ -195,8 +197,15 @@ if debug or args.ebpf: + + # initialize BPF + b = BPF(text=bpf_text) +-b.attach_kprobe(event="do_sys_open", fn_name="trace_entry") +-b.attach_kretprobe(event="do_sys_open", fn_name="trace_return") ++ ++# Since kernel v5.6, do_sys_openat2 instead of do_sys_open has been used as entry function for open ++if parse_version(platform.uname().release.split('-')[0]) > parse_version('5.6.0'): ++ entry = "do_sys_openat2" ++else: ++ entry = "do_sys_open" ++ ++b.attach_kprobe(event=entry, fn_name="trace_entry") ++b.attach_kretprobe(event=entry, fn_name="trace_return") + + initial_ts = 0 + +-- +2.24.1 + diff --git a/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc_0.13.0.bb b/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc_0.13.0.bb index b4b5a92..563c6cc 100644 --- a/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc_0.13.0.bb +++ b/dynamic-layers/openembedded-layer/recipes-devtools/bcc/bcc_0.13.0.bb @@ -12,10 +12,11 @@ DEPENDS += "bison-native \ clang \ " -RDEPENDS_${PN} += "bash python3 python3-core xz" +RDEPENDS_${PN} += "bash python3 python3-core python3-setuptools xz" SRC_URI = "gitsm://github.com/iovisor/bcc \ file://0001-python-CMakeLists.txt-Remove-check-for-host-etc-debi.patch \ + file://0001-tools-opensnoop-snoop-do_sys_openat2-for-kernel-v5.6.patch \ " SRCREV = "942227484d3207f6a42103674001ef01fb5335a0" -- cgit v1.2.3-54-g00ecf