Users should opt in into `unsafe` when performing particular unsafe
actions (accesing raw pointers, interacting with maps etc.), but
assuming that the whole eBPF program code is unsafe is quite an
exaggeration.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
That new context type exposes `data` and `data_end` fields for direct
access to the packet payload.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
Use `aya = ">=0.11"` and therefore the Aya version picked by
Cargo will be bounded by the latest version supported in
`aya-log = "0.1"` - once it's been released again.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
This time we need to switch to git again, because of this unreleased
change:
aya-rs/aya@d1f2215193
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
structopt was merged into clap (starting from clap 3.0), therefore
becoming a deprecated project.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
structopt was merged into clap (starting from clap 3.0), therefore
becoming a deprecated project.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
eBPF programs cannot be debugged and those ones built with the default
dev profile are often annoying the verifier. Therefore it doesn't make
sense to compile not optimized eBPF objects.
However, we still want to let people to use the dev profile, especially
in the future when we want to get rid of xtask by using cargo binary
dependencies[0]. The trick is to have no real difference between dev and
release profile in eBPF.
This change doesn't affect the userspace part which still is going to
contain debug symbols when built with dev profile.
[0] https://rust-lang.github.io/rfcs/3028-cargo-binary-dependencies.html
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
Current `[a-z_]+` regex allows upper case such as `NET_dev`, `netDev`
or even `NET_DEV` when one of `a-z` or `_` contains in the string. It
should be disallowed.
This patch fixes it.
This change removes the differentiation between release and dev profiles
for eBPF programs. There is no way eBPF programs can be debugged and
building them with dev profile just makes them slower and often unable
to be verified. They should be always built with the release profile.
After this change, `cargo xtask build-ebpf` is going to build eBPF
programs with release profile. And the userspace program is going to
include eBPF program bytes from target/release/. Regardless of which
profile is being used in the userspace program.
`cargo xtask build-ebpf` has the --profile argument which can be
optionally used (i.e. for user-defined profiles), but by default the
value of that option is `release`.
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>