Re: [Ext] Re: [iovisor-dev] Questions about current eBPF usages
Yonghong Song
On Thu, Oct 15, 2020 at 11:03 PM Jiada Tu <jtu3@...> wrote:
e.g., in kernel/events/core.c, for perf event overflow handler, we have rcu_read_lock(); ret = BPF_PROG_RUN(event->prog, &ctx); rcu_read_unlock(); out: __this_cpu_dec(bpf_prog_active); if (!ret) return; event->orig_overflow_handler(event, data, regs); The above `ret` is the return value from the bpf program. The article is 2005, I am not sure whether this serialization of kprobes across all CPUs still true or not. bpf subsystem won't prevent from executing on all cpus in parallelism if kprobe subsystem allows it. We recently have kfunc based probing, this is trampoline based, much faster and does not have this restriction.
|
|