mirror of https://gitee.com/openkylin/linux.git
samples, bpf: Refactor tail call user progs with libbpf
BPF tail call uses the BPF_MAP_TYPE_PROG_ARRAY type map for calling into other BPF programs and this PROG_ARRAY should be filled prior to use. Currently, samples with the PROG_ARRAY type MAP fill this program array with bpf_load. For bpf_load to fill this map, kernel BPF program must specify the section with specific format of <prog_type>/<array_idx> (e.g. SEC("socket/0")) But by using libbpf instead of bpf_load, user program can specify which programs should be added to PROG_ARRAY. The advantage of this approach is that you can selectively add only the programs you want, rather than adding all of them to PROG_ARRAY, and it's much more intuitive than the traditional approach. This commit refactors user programs with the PROG_ARRAY type MAP with libbpf instead of using bpf_load. Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Yonghong Song <yhs@fb.com> Link: https://lore.kernel.org/bpf/20200516040608.1377876-4-danieltimlee@gmail.com
This commit is contained in:
parent
63841bc083
commit
bc1a85977b
|
@ -63,12 +63,12 @@ TRACE_HELPERS := ../../tools/testing/selftests/bpf/trace_helpers.o
|
||||||
fds_example-objs := fds_example.o
|
fds_example-objs := fds_example.o
|
||||||
sockex1-objs := sockex1_user.o
|
sockex1-objs := sockex1_user.o
|
||||||
sockex2-objs := sockex2_user.o
|
sockex2-objs := sockex2_user.o
|
||||||
sockex3-objs := bpf_load.o sockex3_user.o
|
sockex3-objs := sockex3_user.o
|
||||||
tracex1-objs := tracex1_user.o $(TRACE_HELPERS)
|
tracex1-objs := tracex1_user.o $(TRACE_HELPERS)
|
||||||
tracex2-objs := tracex2_user.o
|
tracex2-objs := tracex2_user.o
|
||||||
tracex3-objs := tracex3_user.o
|
tracex3-objs := tracex3_user.o
|
||||||
tracex4-objs := tracex4_user.o
|
tracex4-objs := tracex4_user.o
|
||||||
tracex5-objs := bpf_load.o tracex5_user.o $(TRACE_HELPERS)
|
tracex5-objs := tracex5_user.o $(TRACE_HELPERS)
|
||||||
tracex6-objs := tracex6_user.o
|
tracex6-objs := tracex6_user.o
|
||||||
tracex7-objs := tracex7_user.o
|
tracex7-objs := tracex7_user.o
|
||||||
test_probe_write_user-objs := bpf_load.o test_probe_write_user_user.o
|
test_probe_write_user-objs := bpf_load.o test_probe_write_user_user.o
|
||||||
|
|
|
@ -1,18 +1,13 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <linux/bpf.h>
|
|
||||||
#include <bpf/bpf.h>
|
#include <bpf/bpf.h>
|
||||||
#include "bpf_load.h"
|
#include <bpf/libbpf.h>
|
||||||
#include "sock_example.h"
|
#include "sock_example.h"
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
#include <sys/resource.h>
|
#include <sys/resource.h>
|
||||||
|
|
||||||
#define PARSE_IP 3
|
|
||||||
#define PARSE_IP_PROG_FD (prog_fd[0])
|
|
||||||
#define PROG_ARRAY_FD (map_fd[0])
|
|
||||||
|
|
||||||
struct flow_key_record {
|
struct flow_key_record {
|
||||||
__be32 src;
|
__be32 src;
|
||||||
__be32 dst;
|
__be32 dst;
|
||||||
|
@ -30,31 +25,55 @@ struct pair {
|
||||||
|
|
||||||
int main(int argc, char **argv)
|
int main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
|
int i, sock, key, fd, main_prog_fd, jmp_table_fd, hash_map_fd;
|
||||||
struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
|
struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
|
||||||
|
struct bpf_program *prog;
|
||||||
|
struct bpf_object *obj;
|
||||||
char filename[256];
|
char filename[256];
|
||||||
|
const char *title;
|
||||||
FILE *f;
|
FILE *f;
|
||||||
int i, sock, err, id, key = PARSE_IP;
|
|
||||||
struct bpf_prog_info info = {};
|
|
||||||
uint32_t info_len = sizeof(info);
|
|
||||||
|
|
||||||
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
|
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
|
||||||
setrlimit(RLIMIT_MEMLOCK, &r);
|
setrlimit(RLIMIT_MEMLOCK, &r);
|
||||||
|
|
||||||
if (load_bpf_file(filename)) {
|
obj = bpf_object__open_file(filename, NULL);
|
||||||
printf("%s", bpf_log_buf);
|
if (libbpf_get_error(obj)) {
|
||||||
return 1;
|
fprintf(stderr, "ERROR: opening BPF object file failed\n");
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Test fd array lookup which returns the id of the bpf_prog */
|
/* load BPF program */
|
||||||
err = bpf_obj_get_info_by_fd(PARSE_IP_PROG_FD, &info, &info_len);
|
if (bpf_object__load(obj)) {
|
||||||
assert(!err);
|
fprintf(stderr, "ERROR: loading BPF object file failed\n");
|
||||||
err = bpf_map_lookup_elem(PROG_ARRAY_FD, &key, &id);
|
goto cleanup;
|
||||||
assert(!err);
|
}
|
||||||
assert(id == info.id);
|
|
||||||
|
jmp_table_fd = bpf_object__find_map_fd_by_name(obj, "jmp_table");
|
||||||
|
hash_map_fd = bpf_object__find_map_fd_by_name(obj, "hash_map");
|
||||||
|
if (jmp_table_fd < 0 || hash_map_fd < 0) {
|
||||||
|
fprintf(stderr, "ERROR: finding a map in obj file failed\n");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
bpf_object__for_each_program(prog, obj) {
|
||||||
|
fd = bpf_program__fd(prog);
|
||||||
|
|
||||||
|
title = bpf_program__title(prog, false);
|
||||||
|
if (sscanf(title, "socket/%d", &key) != 1) {
|
||||||
|
fprintf(stderr, "ERROR: finding prog failed\n");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (key == 0)
|
||||||
|
main_prog_fd = fd;
|
||||||
|
else
|
||||||
|
bpf_map_update_elem(jmp_table_fd, &key, &fd, BPF_ANY);
|
||||||
|
}
|
||||||
|
|
||||||
sock = open_raw_sock("lo");
|
sock = open_raw_sock("lo");
|
||||||
|
|
||||||
assert(setsockopt(sock, SOL_SOCKET, SO_ATTACH_BPF, &prog_fd[4],
|
/* attach BPF program to socket */
|
||||||
|
assert(setsockopt(sock, SOL_SOCKET, SO_ATTACH_BPF, &main_prog_fd,
|
||||||
sizeof(__u32)) == 0);
|
sizeof(__u32)) == 0);
|
||||||
|
|
||||||
if (argc > 1)
|
if (argc > 1)
|
||||||
|
@ -69,8 +88,8 @@ int main(int argc, char **argv)
|
||||||
|
|
||||||
sleep(1);
|
sleep(1);
|
||||||
printf("IP src.port -> dst.port bytes packets\n");
|
printf("IP src.port -> dst.port bytes packets\n");
|
||||||
while (bpf_map_get_next_key(map_fd[2], &key, &next_key) == 0) {
|
while (bpf_map_get_next_key(hash_map_fd, &key, &next_key) == 0) {
|
||||||
bpf_map_lookup_elem(map_fd[2], &next_key, &value);
|
bpf_map_lookup_elem(hash_map_fd, &next_key, &value);
|
||||||
printf("%s.%05d -> %s.%05d %12lld %12lld\n",
|
printf("%s.%05d -> %s.%05d %12lld %12lld\n",
|
||||||
inet_ntoa((struct in_addr){htonl(next_key.src)}),
|
inet_ntoa((struct in_addr){htonl(next_key.src)}),
|
||||||
next_key.port16[0],
|
next_key.port16[0],
|
||||||
|
@ -80,5 +99,8 @@ int main(int argc, char **argv)
|
||||||
key = next_key;
|
key = next_key;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
bpf_object__close(obj);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,21 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <linux/bpf.h>
|
#include <stdlib.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <linux/filter.h>
|
#include <linux/filter.h>
|
||||||
#include <linux/seccomp.h>
|
#include <linux/seccomp.h>
|
||||||
#include <sys/prctl.h>
|
#include <sys/prctl.h>
|
||||||
#include <bpf/bpf.h>
|
#include <bpf/bpf.h>
|
||||||
#include "bpf_load.h"
|
#include <bpf/libbpf.h>
|
||||||
#include <sys/resource.h>
|
#include <sys/resource.h>
|
||||||
#include "trace_helpers.h"
|
#include "trace_helpers.h"
|
||||||
|
|
||||||
|
#ifdef __mips__
|
||||||
|
#define MAX_ENTRIES 6000 /* MIPS n64 syscalls start at 5000 */
|
||||||
|
#else
|
||||||
|
#define MAX_ENTRIES 1024
|
||||||
|
#endif
|
||||||
|
|
||||||
/* install fake seccomp program to enable seccomp code path inside the kernel,
|
/* install fake seccomp program to enable seccomp code path inside the kernel,
|
||||||
* so that our kprobe attached to seccomp_phase1() can be triggered
|
* so that our kprobe attached to seccomp_phase1() can be triggered
|
||||||
*/
|
*/
|
||||||
|
@ -28,16 +34,57 @@ static void install_accept_all_seccomp(void)
|
||||||
|
|
||||||
int main(int ac, char **argv)
|
int main(int ac, char **argv)
|
||||||
{
|
{
|
||||||
FILE *f;
|
|
||||||
char filename[256];
|
|
||||||
struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
|
struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
|
||||||
|
struct bpf_link *link = NULL;
|
||||||
|
struct bpf_program *prog;
|
||||||
|
struct bpf_object *obj;
|
||||||
|
int key, fd, progs_fd;
|
||||||
|
char filename[256];
|
||||||
|
const char *title;
|
||||||
|
FILE *f;
|
||||||
|
|
||||||
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
|
|
||||||
setrlimit(RLIMIT_MEMLOCK, &r);
|
setrlimit(RLIMIT_MEMLOCK, &r);
|
||||||
|
|
||||||
if (load_bpf_file(filename)) {
|
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
|
||||||
printf("%s", bpf_log_buf);
|
obj = bpf_object__open_file(filename, NULL);
|
||||||
return 1;
|
if (libbpf_get_error(obj)) {
|
||||||
|
fprintf(stderr, "ERROR: opening BPF object file failed\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
prog = bpf_object__find_program_by_name(obj, "bpf_prog1");
|
||||||
|
if (!prog) {
|
||||||
|
printf("finding a prog in obj file failed\n");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* load BPF program */
|
||||||
|
if (bpf_object__load(obj)) {
|
||||||
|
fprintf(stderr, "ERROR: loading BPF object file failed\n");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
link = bpf_program__attach(prog);
|
||||||
|
if (libbpf_get_error(link)) {
|
||||||
|
fprintf(stderr, "ERROR: bpf_program__attach failed\n");
|
||||||
|
link = NULL;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
progs_fd = bpf_object__find_map_fd_by_name(obj, "progs");
|
||||||
|
if (progs_fd < 0) {
|
||||||
|
fprintf(stderr, "ERROR: finding a map in obj file failed\n");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
bpf_object__for_each_program(prog, obj) {
|
||||||
|
title = bpf_program__title(prog, false);
|
||||||
|
/* register only syscalls to PROG_ARRAY */
|
||||||
|
if (sscanf(title, "kprobe/%d", &key) != 1)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
fd = bpf_program__fd(prog);
|
||||||
|
bpf_map_update_elem(progs_fd, &key, &fd, BPF_ANY);
|
||||||
}
|
}
|
||||||
|
|
||||||
install_accept_all_seccomp();
|
install_accept_all_seccomp();
|
||||||
|
@ -47,5 +94,8 @@ int main(int ac, char **argv)
|
||||||
|
|
||||||
read_trace_pipe();
|
read_trace_pipe();
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
bpf_link__destroy(link);
|
||||||
|
bpf_object__close(obj);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue