From 8621ea7d5f05247b0ca01d959a51095f6edd8dc9 Mon Sep 17 00:00:00 2001 From: Kenjiro Nakayama Date: Sun, 22 May 2022 17:44:07 +0900 Subject: [PATCH] Add cgroup_sockopt template for BPF_PROG_TYPE_CGROUP_SOCKOPT --- .github/workflows/ci.yml | 1 + cargo-generate.toml | 6 ++++++ {{project-name}}-ebpf/src/main.rs | 19 +++++++++++++++++++ {{project-name}}/src/main.rs | 11 +++++++++-- 4 files changed, 35 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ed4d27e..f06bf15 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,6 +32,7 @@ jobs: - classifier - cgroup_skb - cgroup_sysctl + - cgroup_sockopt - tracepoint - lsm - tp_btf diff --git a/cargo-generate.toml b/cargo-generate.toml index 422f068..567397a 100644 --- a/cargo-generate.toml +++ b/cargo-generate.toml @@ -19,6 +19,7 @@ choices = [ "classifier", "cgroup_skb", "cgroup_sysctl", + "cgroup_sockopt", "tracepoint", "lsm", "tp_btf" @@ -46,6 +47,11 @@ type = "string" prompt = "Attach direction?" choices = [ "Ingress", "Egress" ] +[conditional.'program_type == "cgroup_sockopt"'.placeholders.sockopt_target] +type = "string" +prompt = "Which socket option?" +choices = [ "getsockopt", "setsockopt" ] + [conditional.'program_type == "sk_msg"'.placeholders.sock_map] type = "string" prompt = "Map Name (UPPER_CASE)?" diff --git a/{{project-name}}-ebpf/src/main.rs b/{{project-name}}-ebpf/src/main.rs index 906db02..9774bf9 100644 --- a/{{project-name}}-ebpf/src/main.rs +++ b/{{project-name}}-ebpf/src/main.rs @@ -303,6 +303,25 @@ unsafe fn try_{{crate_name}}(ctx: SysctlContext) -> Result { info!(&ctx, "sysctl operation called"); Ok(0) } +{%- when "cgroup_sockopt" %} +use aya_bpf::{ + macros::cgroup_sockopt, + programs::SockoptContext, +}; +use aya_log_ebpf::info; + +#[cgroup_sockopt({{sockopt_target}},name="{{crate_name}}")] +pub fn {{crate_name}}(ctx: SockoptContext) -> i32 { + match unsafe { try_{{crate_name}}(ctx) } { + Ok(ret) => ret, + Err(ret) => ret, + } +} + +unsafe fn try_{{crate_name}}(ctx: SockoptContext) -> Result { + info!(&ctx, "{{sockopt_target}} called"); + Ok(0) +} {%- endcase %} #[panic_handler] diff --git a/{{project-name}}/src/main.rs b/{{project-name}}/src/main.rs index f0eaab6..30f02ee 100644 --- a/{{project-name}}/src/main.rs +++ b/{{project-name}}/src/main.rs @@ -22,7 +22,9 @@ use aya::programs::{tc, SchedClassifier, TcAttachType}; {%- when "cgroup_skb" -%} use aya::programs::{CgroupSkb, CgroupSkbAttachType}; {%- when "cgroup_sysctl" -%} -use aya::programs::{CgroupSysctl}; +use aya::programs::CgroupSysctl; +{%- when "cgroup_sockopt" -%} +use aya::programs::CgroupSockopt; {%- when "tracepoint" -%} use aya::programs::TracePoint; {%- when "lsm" -%} @@ -45,7 +47,7 @@ struct Opt { {% if program_type == "xdp" or program_type == "classifier" -%} #[clap(short, long, default_value = "eth0")] iface: String, - {%- elsif program_type == "sock_ops" or program_type == "cgroup_skb" or program_type == "cgroup_sysctl" -%} + {%- elsif program_type == "sock_ops" or program_type == "cgroup_skb" or program_type == "cgroup_sysctl" or "cgroup_sockopt" -%} #[clap(short, long, default_value = "/sys/fs/cgroup/unified")] cgroup_path: String, {%- elsif program_type == "uprobe" or program_type == "uretprobe" -%} @@ -152,6 +154,11 @@ async fn main() -> Result<(), anyhow::Error> { let cgroup = std::fs::File::open(opt.cgroup_path)?; program.load()?; program.attach(cgroup)?; + {%- when "cgroup_sockopt" -%} + let program: &mut CgroupSockopt = bpf.program_mut("{{crate_name}}").unwrap().try_into()?; + let cgroup = std::fs::File::open(opt.cgroup_path)?; + program.load()?; + program.attach(cgroup)?; {%- endcase %} info!("Waiting for Ctrl-C...");