diff --git a/{{project-name}}-common/Cargo.toml b/{{project-name}}-common/Cargo.toml index dff716c..84a8ae2 100644 --- a/{{project-name}}-common/Cargo.toml +++ b/{{project-name}}-common/Cargo.toml @@ -8,7 +8,7 @@ default = [] user = [ "aya" ] [dependencies] -aya = { git = "https://github.com/aya-rs/aya", branch="main", optional=true } +aya = { version = "0.10", optional=true } [lib] path = "src/lib.rs" \ No newline at end of file diff --git a/{{project-name}}-ebpf/Cargo.toml b/{{project-name}}-ebpf/Cargo.toml index b83f4cc..93ecc69 100644 --- a/{{project-name}}-ebpf/Cargo.toml +++ b/{{project-name}}-ebpf/Cargo.toml @@ -5,6 +5,7 @@ edition = "2021" [dependencies] aya-bpf = { git = "https://github.com/aya-rs/aya", branch = "main" } +aya-log-ebpf = { git = "https://github.com/aya-rs/aya-log", branch = "main" } {{ project-name }}-common = { path = "../{{ project-name }}-common" } [[bin]] diff --git a/{{project-name}}-ebpf/src/main.rs b/{{project-name}}-ebpf/src/main.rs index f676e99..154461b 100644 --- a/{{project-name}}-ebpf/src/main.rs +++ b/{{project-name}}-ebpf/src/main.rs @@ -6,6 +6,7 @@ use aya_bpf::{ macros::kprobe, programs::ProbeContext, }; +use aya_log_ebpf::info; #[kprobe(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { @@ -15,7 +16,8 @@ pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: ProbeContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: ProbeContext) -> Result { + info!(&ctx, "function {{kprobe}} called"); Ok(0) } {%- when "kretprobe" %} @@ -23,6 +25,7 @@ use aya_bpf::{ macros::kretprobe, programs::ProbeContext, }; +use aya_log_ebpf::info; #[kretprobe(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { @@ -32,7 +35,8 @@ pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: ProbeContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: ProbeContext) -> Result { + info!(&ctx, "function {{kprobe}} called"); Ok(0) } {%- when "fentry" %} @@ -40,6 +44,7 @@ use aya_bpf::{ macros::fentry, programs::FEntryContext, }; +use aya_log_ebpf::info; #[fentry(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: FEntryContext) -> u32 { @@ -49,7 +54,8 @@ pub fn {{crate_name}}(ctx: FEntryContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: FEntryContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: FEntryContext) -> Result { + info!(&ctx, "function {{fn_name}} called"); Ok(0) } {%- when "fexit" %} @@ -57,6 +63,7 @@ use aya_bpf::{ macros::fexit, programs::FExitContext, }; +use aya_log_ebpf::info; #[fexit(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: FExitContext) -> u32 { @@ -66,7 +73,8 @@ pub fn {{crate_name}}(ctx: FExitContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: FExitContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: FExitContext) -> Result { + info!(&ctx, "function {{fn_name}} called"); Ok(0) } {%- when "uprobe" %} @@ -74,6 +82,7 @@ use aya_bpf::{ macros::uprobe, programs::ProbeContext, }; +use aya_log_ebpf::info; #[uprobe(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { @@ -83,7 +92,8 @@ pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: ProbeContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: ProbeContext) -> Result { + info!(&ctx, "function {{uprobe_fn_name}} called by {{uprobe_target}}"); Ok(0) } {%- when "uretprobe" %} @@ -91,6 +101,7 @@ use aya_bpf::{ macros::uretprobe, programs::ProbeContext, }; +use aya_log_ebpf::info; #[uretprobe(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { @@ -100,7 +111,8 @@ pub fn {{crate_name}}(ctx: ProbeContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: ProbeContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: ProbeContext) -> Result { + info!(&ctx, "function {{uprobe_fn_name}} called by {{uprobe_target}}"); Ok(0) } {%- when "sock_ops" %} @@ -108,6 +120,7 @@ use aya_bpf::{ macros::sock_ops, programs::SockOpsContext, }; +use aya_log_ebpf::info; #[sock_ops(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: SockOpsContext) -> u32 { @@ -117,7 +130,8 @@ pub fn {{crate_name}}(ctx: SockOpsContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: SockOpsContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: SockOpsContext) -> Result { + info!(&ctx, "received TCP connection"); Ok(0) } {%- when "sk_msg" %} @@ -126,6 +140,8 @@ use aya_bpf::{ maps::SockHash, programs::SkMsgContext, }; +use aya_log_ebpf::info; + use {{crate_name}}_common::SockKey; #[map(name="{{sock_map}}")] @@ -139,7 +155,8 @@ pub fn {{crate_name}}(ctx: SkMsgContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: SkMsgContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: SkMsgContext) -> Result { + info!(&ctx, "received a message on the socket"); Ok(0) } {%- when "xdp" %} @@ -148,6 +165,7 @@ use aya_bpf::{ macros::xdp, programs::XdpContext, }; +use aya_log_ebpf::info; #[xdp(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: XdpContext) -> u32 { @@ -157,7 +175,8 @@ pub fn {{crate_name}}(ctx: XdpContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: XdpContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: XdpContext) -> Result { + info!(&ctx, "received a packet"); Ok(xdp_action::XDP_PASS) } {%- when "classifier" %} @@ -165,6 +184,7 @@ use aya_bpf::{ macros::classifier, programs::SkBuffContext, }; +use aya_log_ebpf::info; #[classifier(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: SkBuffContext) -> i32 { @@ -174,7 +194,8 @@ pub fn {{crate_name}}(ctx: SkBuffContext) -> i32 { } } -unsafe fn try_{{crate_name}}(_ctx: SkBuffContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: SkBuffContext) -> Result { + info!(&ctx, "received a packet"); Ok(0) } {%- when "cgroup_skb" %} @@ -182,6 +203,7 @@ use aya_bpf::{ macros::cgroup_skb, programs::SkBuffContext, }; +use aya_log_ebpf::info; #[cgroup_skb(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: SkBuffContext) -> i32 { @@ -191,7 +213,8 @@ pub fn {{crate_name}}(ctx: SkBuffContext) -> i32 { } } -unsafe fn try_{{crate_name}}(_ctx: SkBuffContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: SkBuffContext) -> Result { + info!(&ctx, "received a packet"); Ok(0) } {%- when "tracepoint" %} @@ -199,6 +222,7 @@ use aya_bpf::{ macros::tracepoint, programs::TracePointContext, }; +use aya_log_ebpf::info; #[tracepoint(name="{{crate_name}}")] pub fn {{crate_name}}(ctx: TracePointContext) -> u32 { @@ -208,7 +232,8 @@ pub fn {{crate_name}}(ctx: TracePointContext) -> u32 { } } -unsafe fn try_{{crate_name}}(_ctx: TracePointContext) -> Result { +unsafe fn try_{{crate_name}}(ctx: TracePointContext) -> Result { + info!(&ctx, "tracepoint {{tracepoint_name}} called"); Ok(0) } {%- when "lsm" %} @@ -216,6 +241,7 @@ use aya_bpf::{ macros::lsm, programs::LsmContext, }; +use aya_log_ebpf::info; #[lsm(name="{{lsm_hook}}")] pub fn {{lsm_hook}}(ctx: LsmContext) -> i32 { @@ -225,7 +251,8 @@ pub fn {{lsm_hook}}(ctx: LsmContext) -> i32 { } } -unsafe fn try_{{lsm_hook}}(_ctx: LsmContext) -> Result { +unsafe fn try_{{lsm_hook}}(ctx: LsmContext) -> Result { + info!(&ctx, "lsm hook {{lsm_hook}} called"); Ok(0) } {%- when "tp_btf" %} @@ -233,6 +260,7 @@ use aya_bpf::{ macros::btf_tracepoint, programs::BtfTracePointContext, }; +use aya_log_ebpf::info; #[btf_tracepoint(name="{{tracepoint_name}}")] pub fn {{tracepoint_name}}(ctx: BtfTracePointContext) -> i32 { @@ -242,7 +270,8 @@ pub fn {{tracepoint_name}}(ctx: BtfTracePointContext) -> i32 { } } -unsafe fn try_{{tracepoint_name}}(_ctx: BtfTracePointContext) -> Result { +unsafe fn try_{{tracepoint_name}}(ctx: BtfTracePointContext) -> Result { + info!(&ctx, "tracepoint {{tracepoint_name}} called"); Ok(0) } {%- endcase %} diff --git a/{{project-name}}/Cargo.toml b/{{project-name}}/Cargo.toml index f56c4a0..0b69e2c 100644 --- a/{{project-name}}/Cargo.toml +++ b/{{project-name}}/Cargo.toml @@ -5,7 +5,8 @@ edition = "2021" publish = false [dependencies] -aya = { git = "https://github.com/aya-rs/aya", branch="main" } +aya = "0.10" +aya-log = "0.1" {{project-name}}-common = { path = "../{{project-name}}-common", features=["user"] } anyhow = "1.0.42" clap = { version = "3.1", features = ["derive"] } diff --git a/{{project-name}}/src/main.rs b/{{project-name}}/src/main.rs index d023fcb..ba8eae3 100644 --- a/{{project-name}}/src/main.rs +++ b/{{project-name}}/src/main.rs @@ -28,6 +28,7 @@ use aya::{programs::Lsm, Btf}; {%- when "tp_btf" -%} use aya::{programs::BtfTracePoint, Btf}; {%- endcase %} +use aya_log::BpfLogger; use clap::Parser; use log::info; use simplelog::{ColorChoice, ConfigBuilder, LevelFilter, TermLogger, TerminalMode}; @@ -73,6 +74,7 @@ async fn main() -> Result<(), anyhow::Error> { let mut bpf = Bpf::load(include_bytes_aligned!( "../../target/bpfel-unknown-none/release/{{project-name}}" ))?; + BpfLogger::init(&mut bpf)?; {% case program_type -%} {%- when "kprobe", "kretprobe" -%} let program: &mut KProbe = bpf.program_mut("{{crate_name}}").unwrap().try_into()?;