eddyz87/tetragon-inline-asm-polymorphic-r.patch Secret

## tetragon-inline-asm-polymorphic-r.patch
diff --git a/bpf/process/bpf_process_event.h b/bpf/process/bpf_process_event.h
index 550a76f..67bb9b1 100644
--- a/bpf/process/bpf_process_event.h
+++ b/bpf/process/bpf_process_event.h
@@ -108,7 +108,7 @@ d_unlinked(struct dentry *dentry)
 }

 static inline __attribute__((always_inline)) int
-prepend_name(char *bf, char **buffer, int *buflen, const char *name, u32 dlen)
+prepend_name(char *bf, char **buffer, int *buflen, const char *name, u64 dlen)
 {
 	char slash = '/';
 	u64 buffer_offset = (u64)(*buffer) - (u64)bf;
@@ -152,7 +152,7 @@ prepend_name(char *bf, char **buffer, int *buflen, const char *name, u32 dlen)
  * For this reason I will never return -ENAMETOOLONG.
  */
 static inline __attribute__((always_inline)) int
-prepend(char **buffer, int *buflen, const char *str, int namelen)
+prepend(char **buffer, long *buflen, const char *str, int namelen)
 {
 	*buflen -= namelen;
 	if (*buflen < 0) // will never happen - check function comment
@@ -234,7 +234,7 @@ static long cwd_read_v61(__u32 index, void *data)

 static inline __attribute__((always_inline)) int
 prepend_path(const struct path *path, const struct path *root, char *bf,
-	     char **buffer, int *buflen)
+	     char **buffer, long *buflen)
 {
 	struct cwd_read_data data = {
 		.bf = bf,
@@ -273,7 +273,7 @@ prepend_path(const struct path *path, const struct path *root, char *bf,

 static inline __attribute__((always_inline)) int
 path_with_deleted(const struct path *path, const struct path *root, char *bf,
-		  char **buf, int *buflen)
+		  char **buf, long *buflen)
 {
 	struct dentry *dentry;

@@ -322,7 +322,7 @@ path_with_deleted(const struct path *path, const struct path *root, char *bf,
  * ps. The size of the path will be (initial value of buflen) - (return value of buflen) if (buflen != 0)
  */
 static inline __attribute__((always_inline)) char *
-__d_path_local(const struct path *path, char *buf, int *buflen, int *error)
+__d_path_local(const struct path *path, char *buf, long *buflen, int *error)
 {
 	char *res = buf + *buflen;
 	struct task_struct *task;
@@ -348,7 +348,7 @@ __d_path_local(const struct path *path, char *buf, int *buflen, int *error)
  * where the path is larger than the provided buffer.
  */
 static inline __attribute__((always_inline)) char *
-d_path_local(const struct path *path, int *buflen, int *error)
+d_path_local(const struct path *path, long *buflen, int *error)
 {
 	int zero = 0;
 	char *buffer = 0;
@@ -366,12 +366,13 @@ d_path_local(const struct path *path, int *buflen, int *error)
 }

 static inline __attribute__((always_inline)) __u32
-getcwd(struct msg_process *curr, __u32 offset, __u32 proc_pid)
+getcwd(struct msg_process *curr, __u64 offset, __u32 proc_pid)
 {
 	struct task_struct *task = get_task_from_pid(proc_pid);
 	struct fs_struct *fs;
-	int flags = 0, size;
+	int flags = 0;
 	char *buffer;
+        long size;

 	probe_read(&fs, sizeof(fs), _(&task->fs));
 	if (!fs) {
diff --git a/bpf/process/generic_calls.h b/bpf/process/generic_calls.h
index 39a90e8..7ee573c 100644
--- a/bpf/process/generic_calls.h
+++ b/bpf/process/generic_calls.h
@@ -16,7 +16,7 @@ generic_process_event(void *ctx, struct bpf_map_def *heap_map,
 {
 	struct msg_generic_kprobe *e;
 	struct event_config *config;
-	int index, zero = 0;
+	long index, zero = 0;
 	unsigned long a;
 	long ty, total;

@@ -40,7 +40,7 @@ generic_process_event(void *ctx, struct bpf_map_def *heap_map,
 	ty = (&config->arg0)[index];
 	if (total < MAX_TOTAL) {
 		long errv;
-		int am;
+		long am;

 		am = (&config->arg0m)[index];
 		asm volatile("%[am] &= 0xffff;\n" ::[am] "+r"(am)
diff --git a/bpf/process/pfilter.h b/bpf/process/pfilter.h
index 5da326b..78cda50 100644
--- a/bpf/process/pfilter.h
+++ b/bpf/process/pfilter.h
@@ -541,7 +541,7 @@ generic_process_filter(struct msg_selector_data *sel,
 	struct execve_map_value *enter;
 	bool walker = 0;
 	__u32 ppid;
-	int curr;
+	long curr;

 	enter = event_find_curr(&ppid, &walker);
 	if (enter) {
diff --git a/bpf/process/types/basic.h b/bpf/process/types/basic.h
index e06da92..f7d3d44 100644
--- a/bpf/process/types/basic.h
+++ b/bpf/process/types/basic.h
@@ -232,7 +232,7 @@ args_off(struct msg_generic_kprobe *e, unsigned long off)
  * clang from omitting some checks and applying code motion on us.
  */
 static inline __attribute__((always_inline)) int
-return_stack_error(char *args, int orig, int err)
+return_stack_error(char *args, long orig, long err)
 {
 	asm volatile("%[orig] &= 0xfff;\n"
 		     "r1 = *(u64 *)%[args];\n"
@@ -378,7 +378,8 @@ parse_iovec_array(long off, unsigned long arg, int i, unsigned long max,
 static inline __attribute__((always_inline)) int rcmpbytes(char *s1, char *s2,
 							   u64 n1, u64 n2)
 {
-	char c1 = 0, c2 = 0, *t;
+	u64 c1 = 0, c2 = 0;
+	char *t;

 #ifdef __LARGE_BPF_PROG
 	ASM_RCMP50
@@ -411,7 +412,8 @@ static inline __attribute__((always_inline)) long
 copy_path(char *args, const struct path *arg)
 {
 	int *s = (int *)args;
-	int size = 0, flags = 0;
+	int flags = 0;
+        long size = 0;
 	char *buffer;
 	void *curr = &args[4];

@@ -697,7 +699,7 @@ filter_char_buf_equal(struct selector_arg_filter *filter, char *arg_str, uint or
 	__u32 *map_ids = (__u32 *)&filter->value;
 	void *string_map;
 	__u32 map_idx;
-	__u8 len;
+	__u64 len;
 	__u8 padded_len;
 	int index;
 	char *heap, *zero_heap;
@@ -773,7 +775,7 @@ filter_char_buf_equal(struct selector_arg_filter *filter, char *arg_str, uint or
 }

 static inline __attribute__((always_inline)) long
-filter_char_buf_prefix(struct selector_arg_filter *filter, char *arg_str, uint arg_len)
+filter_char_buf_prefix(struct selector_arg_filter *filter, char *arg_str, ulong arg_len)
 {
 	void *addrmap;
 	__u32 map_idx = *(__u32 *)&filter->value;
@@ -1603,7 +1605,8 @@ selector_arg_offset(__u8 *f, struct msg_generic_kprobe *e, __u32 selidx,
 	struct selector_arg_filters *filters;
 	struct selector_arg_filter *filter;
 	long seloff, argoff, argsoff, pass = 1, margsoff;
-	__u32 i = 0, index;
+	__u32 i = 0;
+        __u64 index;
 	char *args;

 	seloff = 4; /* start of the relative offsets */
@@ -1755,7 +1758,7 @@ struct {
 } fdinstall_map SEC(".maps");

 static inline __attribute__((always_inline)) int
-installfd(struct msg_generic_kprobe *e, int fd, int name, bool follow)
+installfd(struct msg_generic_kprobe *e, long fd, long name, bool follow)
 {
 	struct fdinstall_value val = { 0 };
 	struct fdinstall_key key = { 0 };
@@ -1780,7 +1783,7 @@ installfd(struct msg_generic_kprobe *e, int fd, int name, bool follow)
 	key.tid = get_current_pid_tgid() >> 32;

 	if (follow) {
-		__u32 size;
+		__u64 size;

 		asm volatile("%[name] &= 0xf;\n"
 			     : [name] "+r"(name)
@@ -1807,11 +1810,11 @@ installfd(struct msg_generic_kprobe *e, int fd, int name, bool follow)
 }

 static inline __attribute__((always_inline)) int
-copyfd(struct msg_generic_kprobe *e, int oldfd, int newfd)
+copyfd(struct msg_generic_kprobe *e, long oldfd, long newfd)
 {
 	struct fdinstall_key key = { 0 };
 	struct fdinstall_value *val;
-	int oldfdoff, newfdoff;
+	long oldfdoff, newfdoff;
 	int err = 0;

 	asm volatile("%[oldfd] &= 0xf;\n"
@@ -1912,7 +1915,7 @@ rate_limit(__u64 ratelimit_interval, struct msg_generic_kprobe *e)
 	__u32 zero = 0;
 	__u32 index = 0;
 	__u32 key_index = 0;
-	int arg_size;
+	long arg_size;
 	int i;
 	__u8 *dst;

@@ -1982,7 +1985,7 @@ struct {
 } socktrack_map SEC(".maps");

 static inline __attribute__((always_inline)) int
-tracksock(struct msg_generic_kprobe *e, int socki, bool track)
+tracksock(struct msg_generic_kprobe *e, long socki, bool track)
 {
 	long sockoff;
 	__u64 sockaddr;
@@ -2245,7 +2248,7 @@ generic_actions(void *ctx, struct bpf_map_def *heap,
 	struct selector_arg_filters *arg;
 	struct selector_action *actions;
 	struct msg_generic_kprobe *e;
-	int actoff, pass, zero = 0;
+	long actoff, pass, zero = 0;
 	bool postit;
 	__u8 *f;

@@ -2397,7 +2400,7 @@ read_call_arg(void *ctx, struct msg_generic_kprobe *e, int index, int type,

 		val = map_lookup_elem(&fdinstall_map, &key);
 		if (val) {
-			__u32 bytes = (__u32)val->file[0];
+			__u64 bytes = (__u32)val->file[0];

 			probe_read(&args[0], sizeof(__u32), &fd);
 			asm volatile("%[bytes] &= 0xff;\n"
	diff --git a/bpf/process/bpf_process_event.h b/bpf/process/bpf_process_event.h
	index 550a76f..67bb9b1 100644
	--- a/bpf/process/bpf_process_event.h
	+++ b/bpf/process/bpf_process_event.h
	@@ -108,7 +108,7 @@ d_unlinked(struct dentry *dentry)
	}

	static inline __attribute__((always_inline)) int
	-prepend_name(char bf, char buffer, int buflen, const char *name, u32 dlen)
	+prepend_name(char bf, char buffer, int buflen, const char *name, u64 dlen)
	{
	char slash = '/';
	u64 buffer_offset = (u64)(*buffer) - (u64)bf;
	@@ -152,7 +152,7 @@ prepend_name(char bf, char buffer, int buflen, const char *name, u32 dlen)
	* For this reason I will never return -ENAMETOOLONG.
	*/
	static inline __attribute__((always_inline)) int
	-prepend(char *buffer, int buflen, const char *str, int namelen)
	+prepend(char *buffer, long buflen, const char *str, int namelen)
	{
	*buflen -= namelen;
	if (*buflen < 0) // will never happen - check function comment
	@@ -234,7 +234,7 @@ static long cwd_read_v61(__u32 index, void *data)

	static inline __attribute__((always_inline)) int
	prepend_path(const struct path path, const struct path root, char *bf,
	- char *buffer, int buflen)
	+ char *buffer, long buflen)
	{
	struct cwd_read_data data = {
	.bf = bf,
	@@ -273,7 +273,7 @@ prepend_path(const struct path path, const struct path root, char *bf,

	static inline __attribute__((always_inline)) int
	path_with_deleted(const struct path path, const struct path root, char *bf,
	- char *buf, int buflen)
	+ char *buf, long buflen)
	{
	struct dentry *dentry;

	@@ -322,7 +322,7 @@ path_with_deleted(const struct path path, const struct path root, char *bf,
	* ps. The size of the path will be (initial value of buflen) - (return value of buflen) if (buflen != 0)
	*/
	static inline __attribute__((always_inline)) char *
	-__d_path_local(const struct path path, char buf, int buflen, int error)
	+__d_path_local(const struct path path, char buf, long buflen, int error)
	{
	char res = buf + buflen;
	struct task_struct *task;
	@@ -348,7 +348,7 @@ __d_path_local(const struct path path, char buf, int buflen, int error)
	* where the path is larger than the provided buffer.
	*/
	static inline __attribute__((always_inline)) char *
	-d_path_local(const struct path path, int buflen, int *error)
	+d_path_local(const struct path path, long buflen, int *error)
	{
	int zero = 0;
	char *buffer = 0;
	@@ -366,12 +366,13 @@ d_path_local(const struct path path, int buflen, int *error)
	}

	static inline __attribute__((always_inline)) __u32
	-getcwd(struct msg_process *curr, __u32 offset, __u32 proc_pid)
	+getcwd(struct msg_process *curr, __u64 offset, __u32 proc_pid)
	{
	struct task_struct *task = get_task_from_pid(proc_pid);
	struct fs_struct *fs;
	- int flags = 0, size;
	+ int flags = 0;
	char *buffer;
	+ long size;

	probe_read(&fs, sizeof(fs), _(&task->fs));
	if (!fs) {
	diff --git a/bpf/process/generic_calls.h b/bpf/process/generic_calls.h
	index 39a90e8..7ee573c 100644
	--- a/bpf/process/generic_calls.h
	+++ b/bpf/process/generic_calls.h
	@@ -16,7 +16,7 @@ generic_process_event(void ctx, struct bpf_map_def heap_map,
	{
	struct msg_generic_kprobe *e;
	struct event_config *config;
	- int index, zero = 0;
	+ long index, zero = 0;
	unsigned long a;
	long ty, total;

	@@ -40,7 +40,7 @@ generic_process_event(void ctx, struct bpf_map_def heap_map,
	ty = (&config->arg0)[index];
	if (total < MAX_TOTAL) {
	long errv;
	- int am;
	+ long am;

	am = (&config->arg0m)[index];
	asm volatile("%[am] &= 0xffff;\n" ::[am] "+r"(am)
	diff --git a/bpf/process/pfilter.h b/bpf/process/pfilter.h
	index 5da326b..78cda50 100644
	--- a/bpf/process/pfilter.h
	+++ b/bpf/process/pfilter.h
	@@ -541,7 +541,7 @@ generic_process_filter(struct msg_selector_data *sel,
	struct execve_map_value *enter;
	bool walker = 0;
	__u32 ppid;
	- int curr;
	+ long curr;

	enter = event_find_curr(&ppid, &walker);
	if (enter) {
	diff --git a/bpf/process/types/basic.h b/bpf/process/types/basic.h
	index e06da92..f7d3d44 100644
	--- a/bpf/process/types/basic.h
	+++ b/bpf/process/types/basic.h
	@@ -232,7 +232,7 @@ args_off(struct msg_generic_kprobe *e, unsigned long off)
	* clang from omitting some checks and applying code motion on us.
	*/
	static inline __attribute__((always_inline)) int
	-return_stack_error(char *args, int orig, int err)
	+return_stack_error(char *args, long orig, long err)
	{
	asm volatile("%[orig] &= 0xfff;\n"
	"r1 = (u64 )%[args];\n"
	@@ -378,7 +378,8 @@ parse_iovec_array(long off, unsigned long arg, int i, unsigned long max,
	static inline __attribute__((always_inline)) int rcmpbytes(char s1, char s2,
	u64 n1, u64 n2)
	{
	- char c1 = 0, c2 = 0, *t;
	+ u64 c1 = 0, c2 = 0;
	+ char *t;

	#ifdef __LARGE_BPF_PROG
	ASM_RCMP50
	@@ -411,7 +412,8 @@ static inline __attribute__((always_inline)) long
	copy_path(char args, const struct path arg)
	{
	int s = (int )args;
	- int size = 0, flags = 0;
	+ int flags = 0;
	+ long size = 0;
	char *buffer;
	void *curr = &args[4];

	@@ -697,7 +699,7 @@ filter_char_buf_equal(struct selector_arg_filter filter, char arg_str, uint or
	__u32 map_ids = (__u32 )&filter->value;
	void *string_map;
	__u32 map_idx;
	- __u8 len;
	+ __u64 len;
	__u8 padded_len;
	int index;
	char heap, zero_heap;
	@@ -773,7 +775,7 @@ filter_char_buf_equal(struct selector_arg_filter filter, char arg_str, uint or
	}

	static inline __attribute__((always_inline)) long
	-filter_char_buf_prefix(struct selector_arg_filter filter, char arg_str, uint arg_len)
	+filter_char_buf_prefix(struct selector_arg_filter filter, char arg_str, ulong arg_len)
	{
	void *addrmap;
	__u32 map_idx = (__u32 )&filter->value;
	@@ -1603,7 +1605,8 @@ selector_arg_offset(__u8 f, struct msg_generic_kprobe e, __u32 selidx,
	struct selector_arg_filters *filters;
	struct selector_arg_filter *filter;
	long seloff, argoff, argsoff, pass = 1, margsoff;
	- __u32 i = 0, index;
	+ __u32 i = 0;
	+ __u64 index;
	char *args;

	seloff = 4; /* start of the relative offsets */
	@@ -1755,7 +1758,7 @@ struct {
	} fdinstall_map SEC(".maps");

	static inline __attribute__((always_inline)) int
	-installfd(struct msg_generic_kprobe *e, int fd, int name, bool follow)
	+installfd(struct msg_generic_kprobe *e, long fd, long name, bool follow)
	{
	struct fdinstall_value val = { 0 };
	struct fdinstall_key key = { 0 };
	@@ -1780,7 +1783,7 @@ installfd(struct msg_generic_kprobe *e, int fd, int name, bool follow)
	key.tid = get_current_pid_tgid() >> 32;

	if (follow) {
	- __u32 size;
	+ __u64 size;

	asm volatile("%[name] &= 0xf;\n"
	: [name] "+r"(name)
	@@ -1807,11 +1810,11 @@ installfd(struct msg_generic_kprobe *e, int fd, int name, bool follow)
	}

	static inline __attribute__((always_inline)) int
	-copyfd(struct msg_generic_kprobe *e, int oldfd, int newfd)
	+copyfd(struct msg_generic_kprobe *e, long oldfd, long newfd)
	{
	struct fdinstall_key key = { 0 };
	struct fdinstall_value *val;
	- int oldfdoff, newfdoff;
	+ long oldfdoff, newfdoff;
	int err = 0;

	asm volatile("%[oldfd] &= 0xf;\n"
	@@ -1912,7 +1915,7 @@ rate_limit(__u64 ratelimit_interval, struct msg_generic_kprobe *e)
	__u32 zero = 0;
	__u32 index = 0;
	__u32 key_index = 0;
	- int arg_size;
	+ long arg_size;
	int i;
	__u8 *dst;

	@@ -1982,7 +1985,7 @@ struct {
	} socktrack_map SEC(".maps");

	static inline __attribute__((always_inline)) int
	-tracksock(struct msg_generic_kprobe *e, int socki, bool track)
	+tracksock(struct msg_generic_kprobe *e, long socki, bool track)
	{
	long sockoff;
	__u64 sockaddr;
	@@ -2245,7 +2248,7 @@ generic_actions(void ctx, struct bpf_map_def heap,
	struct selector_arg_filters *arg;
	struct selector_action *actions;
	struct msg_generic_kprobe *e;
	- int actoff, pass, zero = 0;
	+ long actoff, pass, zero = 0;
	bool postit;
	__u8 *f;

	@@ -2397,7 +2400,7 @@ read_call_arg(void ctx, struct msg_generic_kprobe e, int index, int type,

	val = map_lookup_elem(&fdinstall_map, &key);
	if (val) {
	- __u32 bytes = (__u32)val->file[0];
	+ __u64 bytes = (__u32)val->file[0];

	probe_read(&args[0], sizeof(__u32), &fd);
	asm volatile("%[bytes] &= 0xff;\n"