We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
It seems the current docs surrounding BPF_PROG_TYPE_RAW_TRACEPOINT and https://docs.ebpf.io/linux/program-type/BPF_PROG_TYPE_TRACING/#raw-tracepoint is not quite accurate. The tp_raw elf section in fact is a fentry program that attaches like a tracepoint and its arguments are BTF aware.
BPF_PROG_TYPE_RAW_TRACEPOINT
tp_raw
This ties into kernel pointers(__kptr) / trusted pointer (__arg_trusted) such as the one returned by bpf_get_current_task_btf or bpf_cpumask_create.
__kptr
__arg_trusted
bpf_get_current_task_btf
bpf_cpumask_create
And the arguments to certain program types being trusted and thus not requiring the usage of bpf_probe_read_kernel
bpf_probe_read_kernel
static bool prog_args_trusted(const struct bpf_prog *prog) { enum bpf_attach_type atype = prog->expected_attach_type; switch (prog->type) { case BPF_PROG_TYPE_TRACING: return atype == BPF_TRACE_RAW_TP || atype == BPF_TRACE_ITER; case BPF_PROG_TYPE_LSM: return bpf_lsm_is_trusted(prog); case BPF_PROG_TYPE_STRUCT_OPS: return true; default: return false; } }
https://mozillazg.com/2022/06/ebpf-libbpf-btf-powered-enabled-raw-tracepoint-common-questions-en.html
We should make a concept page for the concept of these trusted pointers and correct some incorrect and missing info on related pages.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
It seems the current docs surrounding
BPF_PROG_TYPE_RAW_TRACEPOINTand https://docs.ebpf.io/linux/program-type/BPF_PROG_TYPE_TRACING/#raw-tracepoint is not quite accurate. Thetp_rawelf section in fact is a fentry program that attaches like a tracepoint and its arguments are BTF aware.This ties into kernel pointers(
__kptr) / trusted pointer (__arg_trusted) such as the one returned bybpf_get_current_task_btforbpf_cpumask_create.And the arguments to certain program types being trusted and thus not requiring the usage of
bpf_probe_read_kernelhttps://mozillazg.com/2022/06/ebpf-libbpf-btf-powered-enabled-raw-tracepoint-common-questions-en.html
We should make a concept page for the concept of these trusted pointers and correct some incorrect and missing info on related pages.
The text was updated successfully, but these errors were encountered: