template: add a new template for LSM programs

pull/12/head
William Findlay 3 years ago
parent 53906e4b13
commit 7ffb47cc6b
No known key found for this signature in database
GPG Key ID: 7162B44E9E560373

@ -4,7 +4,7 @@ on:
push:
branches:
- main
pull_request:
branches:
- main
@ -29,6 +29,7 @@ jobs:
- classifier
- cgroup_skb
- tracepoint
- lsm
steps:
- uses: actions/checkout@v2

@ -5,7 +5,7 @@ ignore = [".github", "test.sh"]
[placeholders.program_type]
type = "string"
prompt = "Which type of eBPF program?"
choices = ["kprobe", "kretprobe", "uprobe", "uretprobe", "sock_ops", "sk_msg", "xdp", "classifier", "cgroup_skb", "tracepoint"]
choices = ["kprobe", "kretprobe", "uprobe", "uretprobe", "sock_ops", "sk_msg", "xdp", "classifier", "cgroup_skb", "tracepoint", "lsm"]
default = "xdp"
[conditional.'program_type == "kprobe" || program_type == "kretprobe"'.placeholders.kprobe]
@ -38,4 +38,9 @@ regex = "[a-z]+"
[conditional.'program_type == "tracepoint"'.placeholders.tracepoint_name]
type = "string"
prompt = "Which tracepoint name? (e.g sched_switch, net_dev_queue)"
regex = "[a-z]+"
regex = "[a-z]+"
[conditional.'program_type == "lsm"'.placeholders.lsm_hook]
type = "string"
prompt = "Which lsm hook? (e.g file_open, task_alloc) You can find a list of hooks in include/linux/lsm_hooks.h in the kernel source tree."
regex = "[a-z]+"

@ -30,6 +30,9 @@ case "$PROG_TYPE" in
"sk_msg")
ADDITIONAL_ARGS="-d sock_map=TEST"
;;
"lsm")
ADDITIONAL_ARGS="-d lsm_hook=file_open"
;;
*)
ADDITIONAL_ARGS=''
esac

@ -177,9 +177,26 @@ pub fn {{crate_name}}(ctx: TracePointContext) -> u32 {
unsafe fn try_{{crate_name}}(_ctx: TracePointContext) -> Result<u32, u32> {
Ok(0)
}
{%- when "lsm" %}
use aya_bpf::{
macros::lsm,
programs::LsmContext,
};
#[lsm(name="{{lsm_hook}}")]
pub fn {{lsm_hook}}(ctx: LsmContext) -> i32 {
match unsafe { try_{{lsm_hook}}(ctx) } {
Ok(ret) => ret,
Err(ret) => ret,
}
}
unsafe fn try_{{lsm_hook}}(_ctx: LsmContext) -> Result<i32, i32> {
Ok(0)
}
{%- endcase %}
#[panic_handler]
fn panic(_info: &core::panic::PanicInfo) -> ! {
unsafe { core::hint::unreachable_unchecked() }
}
}

@ -18,6 +18,8 @@ use aya::programs::{tc, SchedClassifier, TcAttachType};
use aya::programs::{CgroupSkb, CgroupSkbAttachType};
{%- when "tracepoint" -%}
use aya::programs::TracePoint;
{%- when "lsm" -%}
use aya::programs::Lsm;
{%- endcase %}
use std::{
convert::{TryFrom,TryInto},
@ -91,8 +93,12 @@ fn try_main() -> Result<(), anyhow::Error> {
let program: &mut TracePoint = bpf.program_mut("{{crate_name}}")?.try_into()?;
program.load()?;
program.attach("{{tracepoint_category}}", "{{tracepoint_name}}")?;
{%- when "lsm" -%}
let program: &mut Lsm = bpf.program_mut("{{lsm_hook}}")?.try_into()?;
program.load("{{lsm_hook}}")?;
program.attach()?;
{%- endcase %}
let running = Arc::new(AtomicBool::new(true));
let r = running.clone();
@ -107,4 +113,4 @@ fn try_main() -> Result<(), anyhow::Error> {
println!("Exiting...");
Ok(())
}
}

Loading…
Cancel
Save