On Mon, Aug 18, 2025 at 7:50 AM Daniel Borkmann <daniel@xxxxxxxxxxxxx> wrote: > > On 8/8/25 5:49 PM, Quentin Monnet wrote: > > Please run ./scripts/get_maintainer.pl and Cc all maintainers for your > > future submissions, in this case: all BPF maintainers/reviewers. > > > > On 08/08/2025 15:51, Vincent Li wrote: > >> from bpftool github repo issue [0], when Linux distribution > >> kernel.kptr_restrict is set to 2, bpftool prog dump jited returns "no > >> instructions returned", this message can be puzzling to bpftool users > >> who is not familiar with kernel BPF internal, so add small hint for > >> bpftool users to check kernel.kptr_restrict setting. Set > >> kernel.kptr_restrict to expose kernel address to allow bpftool prog > >> dump jited to dump the jited bpf program instructions. > >> > >> [0]: https://github.com/libbpf/bpftool/issues/184 > >> > >> Signed-off-by: Vincent Li <vincent.mc.li@xxxxxxxxx. > >> --- > >> tools/bpf/bpftool/prog.c | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/tools/bpf/bpftool/prog.c b/tools/bpf/bpftool/prog.c > >> index 9722d841abc0..7d2337511284 100644 > >> --- a/tools/bpf/bpftool/prog.c > >> +++ b/tools/bpf/bpftool/prog.c > >> @@ -714,7 +714,7 @@ prog_dump(struct bpf_prog_info *info, enum dump_mode mode, > >> > >> if (mode == DUMP_JITED) { > >> if (info->jited_prog_len == 0 || !info->jited_prog_insns) { > >> - p_info("no instructions returned"); > >> + p_info("no instructions returned: set kernel.kptr_restrict to expose kernel addresses"); > > Can we align this to sth similar as we have further below in that same function? > > p_err("error retrieving jit dump: no instructions returned or kernel.kptr_restrict set?"); Ok. > > (I presume the former we'll see for interpreter-only case.) > > >> return -1; > >> } > >> buf = u64_to_ptr(info->jited_prog_insns); > > > > > > Thank you Vincent! > > > > We have the same hint for the xlated dump some 7 lines further in the > > file. As we discussed off-list, this hint was initially printed for both > > cases, JITed and xlated dump, since commit 7105e828c087 ("bpf: allow for > > correlation of maps and helpers in dump") from Daniel, back in 2017. It > > was kept for the xlated dump only after commit cae73f233923 ("bpftool: > > use bpf_program__get_prog_info_linear() in prog.c:do_dump()"), I believe > > by accident. > > > > From what I understand, the kptr restriction should not be relevant in > > the case of xlated dump (it does change the information we can print - > > it prevents us from retrieving __bpf_call_base from ksyms - but should > > not prevent bpftool from retrieving instructions entirely). Daniel, it's > > been a while, but do you remember why you printed it for xlated dumps > > too? If not, we should probably just keep the hint for the JITed case. > > Indeed been a while - my understanding is that we don't return xlated in > case of not having the right capabilities or when the program got constant > blinded so we don't want to expose the latter from the kernel back to user > space when kptr_restrict is set. So my understanding is to keep the error log for xlated then. will send the suggested patch. Thanks!
