1. 23 5月, 2018 1 次提交
  2. 17 5月, 2018 1 次提交
  3. 11 5月, 2018 2 次提交
  4. 25 4月, 2018 1 次提交
    • J
      bpf: sockmap, add selftests · 16962b24
      John Fastabend 提交于
      This adds a new test program test_sockmap which is the old sample
      sockmap program. By moving the sample program here we can now run it
      as part of the self tests suite. To support this a populate_progs()
      routine is added to load programs and maps which was previously done
      with load_bpf_file(). This is needed because self test libs do not
      provide a similar routine. Also we now use the cgroup_helpers
      routines to manage cgroup use instead of manually creating one and
      supplying it to the CLI.
      
      Notice we keep the CLI around though because it is useful for dbg
      and specialized testing.
      
      To run use ./test_sockmap and the result should be,
      
      Summary 660 PASSED, 0 SKIPPED, 0 FAILED
      Signed-off-by: NJohn Fastabend <john.fastabend@gmail.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      16962b24
  5. 20 4月, 2018 1 次提交
  6. 18 4月, 2018 2 次提交
  7. 31 3月, 2018 3 次提交
    • A
      selftests/bpf: Selftest for sys_connect hooks · 622adafb
      Andrey Ignatov 提交于
      Add selftest for BPF_CGROUP_INET4_CONNECT and BPF_CGROUP_INET6_CONNECT
      attach types.
      
      Try to connect(2) to specified IP:port and test that:
      * remote IP:port pair is overridden;
      * local end of connection is bound to specified IP.
      
      All combinations of IPv4/IPv6 and TCP/UDP are tested.
      
      Example:
        # tcpdump -pn -i lo -w connect.pcap 2>/dev/null &
        [1] 478
        # strace -qqf -e connect -o connect.trace ./test_sock_addr.sh
        Wait for testing IPv4/IPv6 to become available ... OK
        Load bind4 with invalid type (can pollute stderr) ... REJECTED
        Load bind4 with valid type ... OK
        Attach bind4 with invalid type ... REJECTED
        Attach bind4 with valid type ... OK
        Load connect4 with invalid type (can pollute stderr) libbpf: load bpf \
          program failed: Permission denied
        libbpf: -- BEGIN DUMP LOG ---
        libbpf:
        0: (b7) r2 = 23569
        1: (63) *(u32 *)(r1 +24) = r2
        2: (b7) r2 = 16777343
        3: (63) *(u32 *)(r1 +4) = r2
        invalid bpf_context access off=4 size=4
        [ 1518.404609] random: crng init done
      
        libbpf: -- END LOG --
        libbpf: failed to load program 'cgroup/connect4'
        libbpf: failed to load object './connect4_prog.o'
        ... REJECTED
        Load connect4 with valid type ... OK
        Attach connect4 with invalid type ... REJECTED
        Attach connect4 with valid type ... OK
        Test case #1 (IPv4/TCP):
                Requested: bind(192.168.1.254, 4040) ..
                   Actual: bind(127.0.0.1, 4444)
                Requested: connect(192.168.1.254, 4040) from (*, *) ..
                   Actual: connect(127.0.0.1, 4444) from (127.0.0.4, 56068)
        Test case #2 (IPv4/UDP):
                Requested: bind(192.168.1.254, 4040) ..
                   Actual: bind(127.0.0.1, 4444)
                Requested: connect(192.168.1.254, 4040) from (*, *) ..
                   Actual: connect(127.0.0.1, 4444) from (127.0.0.4, 56447)
        Load bind6 with invalid type (can pollute stderr) ... REJECTED
        Load bind6 with valid type ... OK
        Attach bind6 with invalid type ... REJECTED
        Attach bind6 with valid type ... OK
        Load connect6 with invalid type (can pollute stderr) libbpf: load bpf \
          program failed: Permission denied
        libbpf: -- BEGIN DUMP LOG ---
        libbpf:
        0: (b7) r6 = 0
        1: (63) *(u32 *)(r1 +12) = r6
        invalid bpf_context access off=12 size=4
      
        libbpf: -- END LOG --
        libbpf: failed to load program 'cgroup/connect6'
        libbpf: failed to load object './connect6_prog.o'
        ... REJECTED
        Load connect6 with valid type ... OK
        Attach connect6 with invalid type ... REJECTED
        Attach connect6 with valid type ... OK
        Test case #3 (IPv6/TCP):
                Requested: bind(face:b00c:1234:5678::abcd, 6060) ..
                   Actual: bind(::1, 6666)
                Requested: connect(face:b00c:1234:5678::abcd, 6060) from (*, *)
                   Actual: connect(::1, 6666) from (::6, 37458)
        Test case #4 (IPv6/UDP):
                Requested: bind(face:b00c:1234:5678::abcd, 6060) ..
                   Actual: bind(::1, 6666)
                Requested: connect(face:b00c:1234:5678::abcd, 6060) from (*, *)
                   Actual: connect(::1, 6666) from (::6, 39315)
        ### SUCCESS
        # egrep 'connect\(.*AF_INET' connect.trace | \
        > egrep -vw 'htons\(1025\)' | fold -b -s -w 72
        502   connect(7, {sa_family=AF_INET, sin_port=htons(4040),
        sin_addr=inet_addr("192.168.1.254")}, 128) = 0
        502   connect(8, {sa_family=AF_INET, sin_port=htons(4040),
        sin_addr=inet_addr("192.168.1.254")}, 128) = 0
        502   connect(9, {sa_family=AF_INET6, sin6_port=htons(6060),
        inet_pton(AF_INET6, "face:b00c:1234:5678::abcd", &sin6_addr),
        sin6_flowinfo=0, sin6_scope_id=0}, 128) = 0
        502   connect(10, {sa_family=AF_INET6, sin6_port=htons(6060),
        inet_pton(AF_INET6, "face:b00c:1234:5678::abcd", &sin6_addr),
        sin6_flowinfo=0, sin6_scope_id=0}, 128) = 0
        # fg
        tcpdump -pn -i lo -w connect.pcap 2> /dev/null
        # tcpdump -r connect.pcap -n tcp | cut -c 1-72
        reading from file connect.pcap, link-type EN10MB (Ethernet)
        17:57:40.383533 IP 127.0.0.4.56068 > 127.0.0.1.4444: Flags [S], seq 1333
        17:57:40.383566 IP 127.0.0.1.4444 > 127.0.0.4.56068: Flags [S.], seq 112
        17:57:40.383589 IP 127.0.0.4.56068 > 127.0.0.1.4444: Flags [.], ack 1, w
        17:57:40.384578 IP 127.0.0.1.4444 > 127.0.0.4.56068: Flags [R.], seq 1,
        17:57:40.403327 IP6 ::6.37458 > ::1.6666: Flags [S], seq 406513443, win
        17:57:40.403357 IP6 ::1.6666 > ::6.37458: Flags [S.], seq 2448389240, ac
        17:57:40.403376 IP6 ::6.37458 > ::1.6666: Flags [.], ack 1, win 342, opt
        17:57:40.404263 IP6 ::1.6666 > ::6.37458: Flags [R.], seq 1, ack 1, win
      Signed-off-by: NAndrey Ignatov <rdna@fb.com>
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      622adafb
    • A
      selftests/bpf: Selftest for sys_bind hooks · e50b0a6f
      Andrey Ignatov 提交于
      Add selftest to work with bpf_sock_addr context from
      `BPF_PROG_TYPE_CGROUP_SOCK_ADDR` programs.
      
      Try to bind(2) on IP:port and apply:
      * loads to make sure context can be read correctly, including narrow
        loads (byte, half) for IP and full-size loads (word) for all fields;
      * stores to those fields allowed by verifier.
      
      All combination from IPv4/IPv6 and TCP/UDP are tested.
      
      Both scenarios are tested:
      * valid programs can be loaded and attached;
      * invalid programs can be neither loaded nor attached.
      
      Test passes when expected data can be read from context in the
      BPF-program, and after the call to bind(2) socket is bound to IP:port
      pair that was written by BPF-program to the context.
      
      Example:
        # ./test_sock_addr
        Attached bind4 program.
        Test case #1 (IPv4/TCP):
                Requested: bind(192.168.1.254, 4040) ..
                   Actual: bind(127.0.0.1, 4444)
        Test case #2 (IPv4/UDP):
                Requested: bind(192.168.1.254, 4040) ..
                   Actual: bind(127.0.0.1, 4444)
        Attached bind6 program.
        Test case #3 (IPv6/TCP):
                Requested: bind(face:b00c:1234:5678::abcd, 6060) ..
                   Actual: bind(::1, 6666)
        Test case #4 (IPv6/UDP):
                Requested: bind(face:b00c:1234:5678::abcd, 6060) ..
                   Actual: bind(::1, 6666)
        ### SUCCESS
      Signed-off-by: NAndrey Ignatov <rdna@fb.com>
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      e50b0a6f
    • A
      libbpf: Support expected_attach_type at prog load · d7be143b
      Andrey Ignatov 提交于
      Support setting `expected_attach_type` at prog load time in both
      `bpf/bpf.h` and `bpf/libbpf.h`.
      
      Since both headers already have API to load programs, new functions are
      added not to break backward compatibility for existing ones:
      * `bpf_load_program_xattr()` is added to `bpf/bpf.h`;
      * `bpf_prog_load_xattr()` is added to `bpf/libbpf.h`.
      
      Both new functions accept structures, `struct bpf_load_program_attr` and
      `struct bpf_prog_load_attr` correspondingly, where new fields can be
      added in the future w/o changing the API.
      
      Standard `_xattr` suffix is used to name the new API functions.
      
      Since `bpf_load_program_name()` is not used as heavily as
      `bpf_load_program()`, it was removed in favor of more generic
      `bpf_load_program_xattr()`.
      Signed-off-by: NAndrey Ignatov <rdna@fb.com>
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      d7be143b
  8. 20 3月, 2018 1 次提交
  9. 21 2月, 2018 1 次提交
  10. 09 2月, 2018 2 次提交
    • J
      tools/libbpf: handle issues with bpf ELF objects containing .eh_frames · e3d91b0c
      Jesper Dangaard Brouer 提交于
      V3: More generic skipping of relo-section (suggested by Daniel)
      
      If clang >= 4.0.1 is missing the option '-target bpf', it will cause
      llc/llvm to create two ELF sections for "Exception Frames", with
      section names '.eh_frame' and '.rel.eh_frame'.
      
      The BPF ELF loader library libbpf fails when loading files with these
      sections.  The other in-kernel BPF ELF loader in samples/bpf/bpf_load.c,
      handle this gracefully. And iproute2 loader also seems to work with these
      "eh" sections.
      
      The issue in libbpf is caused by bpf_object__elf_collect() skipping
      some sections, and later when performing relocation it will be
      pointing to a skipped section, as these sections cannot be found by
      bpf_object__find_prog_by_idx() in bpf_object__collect_reloc().
      
      This is a general issue that also occurs for other sections, like
      debug sections which are also skipped and can have relo section.
      
      As suggested by Daniel.  To avoid keeping state about all skipped
      sections, instead perform a direct qlookup in the ELF object.  Lookup
      the section that the relo-section points to and check if it contains
      executable machine instructions (denoted by the sh_flags
      SHF_EXECINSTR).  Use this check to also skip irrelevant relo-sections.
      
      Note, for samples/bpf/ the '-target bpf' parameter to clang cannot be used
      due to incompatibility with asm embedded headers, that some of the samples
      include. This is explained in more details by Yonghong Song in bpf_devel_QA.
      Signed-off-by: NJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      e3d91b0c
    • J
      tools/libbpf: improve the pr_debug statements to contain section numbers · 077c066a
      Jesper Dangaard Brouer 提交于
      While debugging a bpf ELF loading issue, I needed to correlate the
      ELF section number with the failed relocation section reference.
      Thus, add section numbers/index to the pr_debug.
      
      In debug mode, also print section that were skipped.  This helped
      me identify that a section (.eh_frame) was skipped, and this was
      the reason the relocation section (.rel.eh_frame) could not find
      that section number.
      
      The section numbers corresponds to the readelf tools Section Headers [Nr].
      Signed-off-by: NJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      077c066a
  11. 08 2月, 2018 1 次提交
  12. 03 2月, 2018 2 次提交
  13. 17 1月, 2018 1 次提交
    • Q
      libbpf: fix string comparison for guessing eBPF program type · d77be689
      Quentin Monnet 提交于
      libbpf is able to deduce the type of a program from the name of the ELF
      section in which it is located. However, the comparison is made on the
      first n characters, n being determined with sizeof() applied to the
      reference string (e.g. "xdp"). When such section names are supposed to
      receive a suffix separated with a slash (e.g. "kprobe/"), using sizeof()
      takes the final NUL character of the reference string into account,
      which implies that both strings must be equal. Instead, the desired
      behaviour would consist in taking the length of the string, *without*
      accounting for the ending NUL character, and to make sure the reference
      string is a prefix to the ELF section name.
      
      Subtract 1 to the total size of the string for obtaining the length for
      the comparison.
      
      Fixes: 583c9009 ("libbpf: add ability to guess program type based on section name")
      Signed-off-by: NQuentin Monnet <quentin.monnet@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      d77be689
  14. 20 12月, 2017 1 次提交
  15. 18 12月, 2017 1 次提交
    • A
      libbpf: add support for bpf_call · 48cca7e4
      Alexei Starovoitov 提交于
      - recognize relocation emitted by llvm
      - since all regular function will be kept in .text section and llvm
        takes care of pc-relative offsets in bpf_call instruction
        simply copy all of .text to relevant program section while adjusting
        bpf_call instructions in program section to point to newly copied
        body of instructions from .text
      - do so for all programs in the elf file
      - set all programs types to the one passed to bpf_prog_load()
      
      Note for elf files with multiple programs that use different
      functions in .text section we need to do 'linker' style logic.
      This work is still TBD
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      Acked-by: NDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      48cca7e4
  16. 14 12月, 2017 2 次提交
    • R
      libbpf: prefer global symbols as bpf program name source · fe4d44b2
      Roman Gushchin 提交于
      Libbpf picks the name of the first symbol in the corresponding
      elf section to use as a program name. But without taking symbol's
      scope into account it may end's up with some local label
      as a program name. E.g.:
      
      $ bpftool prog
      1: type 15  name LBB0_10    tag 0390a5136ba23f5c
      	loaded_at Dec 07/17:22  uid 0
      	xlated 456B  not jited  memlock 4096B
      
      Fix this by preferring global symbols as program name.
      
      For instance:
      $ bpftool prog
      1: type 15  name bpf_prog1  tag 0390a5136ba23f5c
      	loaded_at Dec 07/17:26  uid 0
      	xlated 456B  not jited  memlock 4096B
      Signed-off-by: NRoman Gushchin <guro@fb.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Jakub Kicinski <jakub.kicinski@netronome.com>
      Cc: Martin KaFai Lau <kafai@fb.com>
      Cc: Quentin Monnet <quentin.monnet@netronome.com>
      Cc: David Ahern <dsahern@gmail.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      fe4d44b2
    • R
      libbpf: add ability to guess program type based on section name · 583c9009
      Roman Gushchin 提交于
      The bpf_prog_load() function will guess program type if it's not
      specified explicitly. This functionality will be used to implement
      loading of different programs without asking a user to specify
      the program type. In first order it will be used by bpftool.
      Signed-off-by: NRoman Gushchin <guro@fb.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Jakub Kicinski <jakub.kicinski@netronome.com>
      Cc: Martin KaFai Lau <kafai@fb.com>
      Cc: Quentin Monnet <quentin.monnet@netronome.com>
      Cc: David Ahern <dsahern@gmail.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      583c9009
  17. 06 10月, 2017 2 次提交
  18. 29 9月, 2017 1 次提交
    • M
      bpf: libbpf: Provide basic API support to specify BPF obj name · 88cda1c9
      Martin KaFai Lau 提交于
      This patch extends the libbpf to provide API support to
      allow specifying BPF object name.
      
      In tools/lib/bpf/libbpf, the C symbol of the function
      and the map is used.  Regarding section name, all maps are
      under the same section named "maps".  Hence, section name
      is not a good choice for map's name.  To be consistent with
      map, bpf_prog also follows and uses its function symbol as
      the prog's name.
      
      This patch adds logic to collect function's symbols in libbpf.
      There is existing codes to collect the map's symbols and no change
      is needed.
      
      The bpf_load_program_name() and bpf_map_create_name() are
      added to take the name argument.  For the other bpf_map_create_xxx()
      variants, a name argument is directly added to them.
      
      In samples/bpf, bpf_load.c in particular, the symbol is also
      used as the map's name and the map symbols has already been
      collected in the existing code.  For bpf_prog, bpf_load.c does
      not collect the function symbol name.  We can consider to collect
      them later if there is a need to continue supporting the bpf_load.c.
      Signed-off-by: NMartin KaFai Lau <kafai@fb.com>
      Acked-by: NAlexei Starovoitov <ast@fb.com>
      Acked-by: NDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      88cda1c9
  19. 21 8月, 2017 1 次提交
  20. 17 8月, 2017 1 次提交
  21. 02 4月, 2017 1 次提交
  22. 01 2月, 2017 3 次提交
    • J
      tools lib bpf: Add bpf_object__pin() · d5148d85
      Joe Stringer 提交于
      Add a new API to pin a BPF object to the filesystem. The user can
      specify the path within a BPF filesystem to pin the object.
      Programs will be pinned under a subdirectory named the same as the
      program, with each instance appearing as a numbered file under that
      directory, and maps will be pinned under the path using the name of
      the map as the file basename.
      
      For example, with the directory '/sys/fs/bpf/foo' and a BPF object which
      contains two instances of a program named 'bar', and a map named 'baz':
      
      /sys/fs/bpf/foo/bar/0
      /sys/fs/bpf/foo/bar/1
      /sys/fs/bpf/foo/baz
      Signed-off-by: NJoe Stringer <joe@ovn.org>
      Cc: Alexei Starovoitov <ast@fb.com>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Wang Nan <wangnan0@huawei.com>
      Cc: netdev@vger.kernel.org
      Link: http://lkml.kernel.org/r/20170126212001.14103-4-joe@ovn.org
      [ Check snprintf >= for truncation, as snprintf(bf, size, ...) == size also means truncation ]
      Signed-off-by: NArnaldo Carvalho de Melo <acme@redhat.com>
      d5148d85
    • J
      tools lib bpf: Add bpf_map__pin() · b6989f35
      Joe Stringer 提交于
      Add a new API to pin a BPF map to the filesystem. The user can specify
      the path full path within a BPF filesystem to pin the map.
      Signed-off-by: NJoe Stringer <joe@ovn.org>
      Cc: Alexei Starovoitov <ast@fb.com>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Wang Nan <wangnan0@huawei.com>
      Cc: netdev@vger.kernel.org
      Link: http://lkml.kernel.org/r/20170126212001.14103-3-joe@ovn.orgSigned-off-by: NArnaldo Carvalho de Melo <acme@redhat.com>
      b6989f35
    • J
      tools lib bpf: Add BPF program pinning APIs · f367540c
      Joe Stringer 提交于
      Add new APIs to pin a BPF program (or specific instances) to the
      filesystem.  The user can specify the path full path within a BPF
      filesystem to pin the program.
      
      bpf_program__pin_instance(prog, path, n) will pin the nth instance of
      'prog' to the specified path.
      
      bpf_program__pin(prog, path) will create the directory 'path' (if it
      does not exist) and pin each instance within that directory. For
      instance, path/0, path/1, path/2.
      
      Committer notes:
      
      - Add missing headers for mkdir()
      
      - Check strdup() for failure
      
      - Check snprintf >= size, not >, as == also means truncated, see 'man
        snprintf', return value.
      
      - Conditionally define BPF_FS_MAGIC, as it isn't in magic.h in older
        systems and we're not yet having a tools/include/uapi/linux/magic.h
        copy.
      
      - Do not include linux/magic.h, not present in older distros.
      Signed-off-by: NJoe Stringer <joe@ovn.org>
      Cc: Alexei Starovoitov <ast@fb.com>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Wang Nan <wangnan0@huawei.com>
      Cc: netdev@vger.kernel.org
      Link: http://lkml.kernel.org/r/20170126212001.14103-2-joe@ovn.orgSigned-off-by: NArnaldo Carvalho de Melo <acme@redhat.com>
      f367540c
  23. 26 1月, 2017 4 次提交
  24. 16 12月, 2016 1 次提交
  25. 29 11月, 2016 2 次提交
  26. 25 11月, 2016 1 次提交
    • E
      tools lib bpf: Fix maps resolution · 4708bbda
      Eric Leblond 提交于
      It is not correct to assimilate the elf data of the maps section to an
      array of map definition. In fact the sizes differ. The offset provided
      in the symbol section has to be used instead.
      
      This patch fixes a bug causing a elf with two maps not to load
      correctly.
      
      Wang Nan added:
      
      This patch requires a name for each BPF map, so array of BPF maps is not
      allowed. This restriction is reasonable, because kernel verifier forbid
      indexing BPF map from such array unless the index is a fixed value, but
      if the index is fixed why not merging it into name?
      
      For example:
      
      Program like this:
        ...
        unsigned long cpu = get_smp_processor_id();
        int *pval = map_lookup_elem(&map_array[cpu], &key);
        ...
      
      Generates bytecode like this:
      
      0: (b7) r1 = 0
      1: (63) *(u32 *)(r10 -4) = r1
      2: (b7) r1 = 680997
      3: (63) *(u32 *)(r10 -8) = r1
      4: (85) call 8
      5: (67) r0 <<= 4
      6: (18) r1 = 0x112dd000
      8: (0f) r0 += r1
      9: (bf) r2 = r10
      10: (07) r2 += -4
      11: (bf) r1 = r0
      12: (85) call 1
      
      Where instruction 8 is the computation, 8 and 11 render r1 to an invalid
      value for function map_lookup_elem, causes verifier report error.
      Signed-off-by: NEric Leblond <eric@regit.org>
      Cc: Alexei Starovoitov <ast@fb.com>
      Cc: He Kuang <hekuang@huawei.com>
      Cc: Wang Nan <wangnan0@huawei.com>
      [ Merge bpf_object__init_maps_name into bpf_object__init_maps.
        Fix segfault for buggy BPF script Validate obj->maps ]
      Cc: Zefan Li <lizefan@huawei.com>
      Cc: pi3orama@163.com
      Link: http://lkml.kernel.org/r/20161115040617.69788-5-wangnan0@huawei.comSigned-off-by: NWang Nan <wangnan0@huawei.com>
      Signed-off-by: NArnaldo Carvalho de Melo <acme@redhat.com>
      4708bbda