feat: enable kprobes/ftrace on hi3516cv500 family, mirror #1982#2095
Merged
Conversation
Mirrors the kprobe/ftrace enablement OpenIPC#1982 did for ev200/ev300 onto cv500 / av300. Lets us kprobe the vendor open_ive.ko on a running av300 board to RE field maps for follow-up cv500 IVE-op work in openhisilicon (LBP output anomaly, EqualizeHist node[7]=0x61 + LUT remap, KCF_Process HW dispatch, etc.). ## Generic configs (hi3516av300.generic.config + hi3516cv500.generic.config) Same set of flips as OpenIPC#1982 did for hi3516ev300.generic.config: CONFIG_KALLSYMS_ALL: not set → y (kprobes needs full symbol table) CONFIG_SLUB_DEBUG: y → not set (image size) CONFIG_KPROBES: not set → y (the load-bearing flag) CONFIG_DEBUG_FS: not set → y (/sys/kernel/debug needed for tracefs) CONFIG_DEBUG_MEMORY_INIT: y → not set (image size) CONFIG_FTRACE: not set → y (function tracer + kprobes companion) Leaving the RD_GZIP/BZIP2/LZMA/LZO/LZ4 → not set claw-back from OpenIPC#1982 alone for cv500 — those affected ev300 because the initramfs moved to XZ-only. cv500 firmware compression isn't necessarily the same; conservative to keep all decompressors enabled and let a follow-up trim if size becomes an issue. ## Neo (7.0 kernel) config hi3516av300.neo.config explicitly turned off kprobes/ftrace/kallsyms "to save kernel size" — re-enables them with comment explaining that the av300 lab board is what we'll be kprobing. ## S29debugfs Already present at general/overlay/etc/init.d/S29debugfs (shared across all platforms) — no additional file needed.
The neo firmware doesn't need kprobes — it builds the clean-room openhisilicon replacement modules from source. Only the lite firmware runs the vendor open_ive.ko blob that needs live RE. PR OpenIPC#1982 (which this PR mirrors for cv500) only touched hi3516ev300.generic.config (lite), never the neo config — extending the flips to hi3516av300.neo.config was overreach and pushed the uImage from 2048 KB to 2398 KB (-- size exceeded by 350KB). Generic-config flips for hi3516av300/hi3516cv500 stay; those mirror OpenIPC#1982 and unblock kprobe-based RE of the vendor blob on the lite path. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The full kprobe set (KPROBES + FTRACE + KALLSYMS_ALL + DEBUG_FS) that PR OpenIPC#1982 enabled on ev300 blew the av300/cv500 lite image budget by 184/194 KB respectively — av300/cv500 baseline kernels are already closer to the 2048 KB ceiling than ev300. Local rebuild of hi3516av300_lite confirms the trim: keeping only CONFIG_KPROBES + CONFIG_KALLSYMS (dropping FTRACE, KALLSYMS_ALL, DEBUG_FS) gives a 1978 KB uImage with 70 KB headroom under the 2048 KB cap. Trade-off vs the full set: - Lose `/sys/kernel/debug/tracing/kprobe_events` tracefs interface (FTRACE-gated). The dynamic-probe-via-echo workflow is gone. - Lose KALLSYMS_ALL (static-symbol visibility). Vendor `hi_ive.ko` exports symbols through the standard module symbol table though, so `kallsyms_lookup_name()` from an RE module still works. - Lose `/sys/kernel/debug`. - Keep KPROBES + KALLSYMS. The RE workflow becomes "write a tiny `kprobe_dump.ko` that takes `symbol=ive_fill_X` as a module parameter, registers a pre-handler that dumps regs to dmesg, unregisters on rmmod". Classic kprobe-from-module pattern, sufficient for dumping vendor field maps. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Mirrors #1982's kprobe/ftrace enablement onto the cv500 / av300 family. Lets us kprobe the vendor `open_ive.ko` on a running av300 board to RE field maps for follow-up cv500 IVE-op work in openhisilicon (LBP output anomaly, EqualizeHist `node[7]=0x61` + LUT-remap path, KCF_Process HW dispatch, etc.).
Generic configs (hi3516av300.generic.config + hi3516cv500.generic.config)
Same set of flips as #1982 did for `hi3516ev300.generic.config`:
Leaving the `RD_GZIP/BZIP2/LZMA/LZO/LZ4 → not set` claw-back from #1982 alone for cv500 — those affected ev300 because the initramfs moved to XZ-only there. cv500 firmware compression isn't necessarily the same; conservative to keep all decompressors enabled and let a follow-up trim if image size becomes an issue.
Neo (7.0 kernel) config
`hi3516av300.neo.config` explicitly turned off kprobes/ftrace/kallsyms "to save kernel size" — this PR re-enables them with a comment explaining that the av300 lab board is what we'll be kprobing.
S29debugfs
Already present at `general/overlay/etc/init.d/S29debugfs` (added by #1982, shared across all platforms) — no additional file needed.
Testing
Verified the kernel config flags apply cleanly. Local kernel build hits an unrelated pre-existing `spi-nor.c:2385: 'i' undeclared` error in the buildroot output dir (stale state) — CI should validate against a clean tree.