This change allows multiple BPF programs to attach to a cgroup (via the option
`CgroupAttachMode::AllowMultiple`), and allows a program to specify that it can be
overridden by one in a sub-cgroup (via the option `CgroupAttachMode::AllowOverride`).
Adds detection for whether a field is available in `MapInfo`:
- For `map_type()`, we treturn new enum `MapType` instead of the integer
representation.
- For fields that can't be zero, we return `Option<NonZero*>` type.
- For `name_as_str()`, it now uses the feature probe `bpf_name()` to
detect if field is available.
Although the feature probe checks for program name, it can also be
used for map name since they were both introduced in the same commit.
Purpose of this commit is to add detections for whether a field is
available in `ProgramInfo`.
- For `program_type()`, we return the new enum `ProgramType` instead of
the integer representation.
- For fields that we know cannot be zero, we return `Option<NonZero*>`
type.
- For `name_as_str()`, it now also uses the feature probe `bpf_name()`
to detect if field is available or not.
- Two additional feature probes are added for the fields:
- `prog_info_map_ids()` probe -> `map_ids()` field
- `prog_info_gpl_compatible()` probe -> `gpl_compatible()` field
With the `prog_info_map_ids()` probe, the previous implementation that
I had for `bpf_prog_get_info_by_fd()` is shortened to use the probe
instead of having to make 2 potential syscalls.
The `test_loaded_at()` test is also moved into info tests since it is
better related to the info tests.
`aya::programs::Programs::prog_type(&self)` now returns `ProgramType`
instead of the generated FFI from aya-obj.
Also previously, `loaded_programs()` could be accessed either through
`aya` or `aya::programs`. To avoid confusion and duplicate export of
the item, the function should now only be exposed through
`aya::programs`.
Add conversion from u32 to program type, link type, and attach type.
Additionally, remove duplicate match statement for u32 conversion to
`BPF_MAP_TYPE_BLOOM_FILTER` & `BPF_MAP_TYPE_CGRP_STORAGE`.
New error `InvalidTypeBinding<T>` is created to represent when a
parsed/received value binding to a type is invalid.
This is used in the new conversions added here, and also replaces
`InvalidMapTypeError` in `TryFrom` for `bpf_map_type`.
Improves the existing integraiton tests for `loaded_programs()` and
`loaded_maps()` in consideration for older kernels:
- Opt for `SocketFilter` program in tests since XDP requires v4.8 and
fragments requires v5.18.
- For assertion tests, first perform the assertion, if the assertion
fails, then it checks the host kernel version to see if it is above
the minimum version requirement. If not, then continue with test,
otherwise fail.
For assertions that are skipped, they're logged in stderr which can
be observed with `-- --nocapture`.
This also fixes the `bpf_prog_get_info_by_fd()` call for kernels below
v4.15. If calling syscall on kernels below v4.15, it can produce an
`E2BIG` error because `check_uarg_tail_zero()` expects the entire
struct to all-zero bytes (which is caused from the map info).
Instead, we first attempt the syscall with the map info filled, if it
returns `E2BIG`, then perform syscall again with empty closure.
Also adds doc for which version a kernel feature was introduced for
better awareness.
The tests have been verified kernel versions:
- 4.13.0
- 4.15.0
- 6.1.0
Where possible, replace the hardcoded byte arrays in the tests with the
structs they represent, then convert the structs to byte arrays.
Signed-off-by: Billy McFall <22157057+Billy99@users.noreply.github.com>
In aya/src/sys/bpf.rs, there are several simple bpf programs written as
byte arrays. These need to be adjusted to account for big endian.
Signed-off-by: Billy McFall <22157057+Billy99@users.noreply.github.com>
bpfman, a project using aya, has a requirement to support powerpc64 and
s390x architectures. Adding these two architectures to aya.
Signed-off-by: Billy McFall <22157057+Billy99@users.noreply.github.com>
Adding support for s390x (big endian architecture) and found that some
of the unit tests have structures and files implemented as byte arrays.
They are all coded as little endian and need a bug endian version to
work properly.
Signed-off-by: Billy McFall <22157057+Billy99@users.noreply.github.com>
```
error: first doc comment paragraph is too long
--> aya/src/programs/raw_trace_point.rs:12:1
|
12 | / /// A program that can be attached at a pre-defined kernel trace point, but also
13 | | /// has an access to kernel internal arguments of trace points, which
14 | | /// differentiates them from traditional tracepoint eBPF programs.
15 | | ///
16 | | /// The kernel provides a set of pre-defined trace points that eBPF programs can
| |_
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_long_first_doc_paragraph
error: first doc comment paragraph is too long
--> ebpf/aya-ebpf/src/helpers.rs:1:1
|
1 | / //! This module contains kernel helper functions that may be exposed to specific BPF
2 | | //! program types. These helpers can be used to perform common tasks, query and operate on
3 | | //! data exposed by the kernel, and perform some operations that would normally be denied
4 | | //! by the BPF verifier.
5 | | //!
6 | | //! Here, we provide some higher-level wrappers around the underlying kernel helpers, but
| |_
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_long_first_doc_paragraph
```
Ensure we download multiple kernel versions to run
our virtualized CI against.
Bump xdpilone version to fix bug on latest kernel.
Signed-off-by: astoycos <astoycos@gmail.com>
Add bpf syscall function for BPF_ENABLE_STATS to enable stats tracking
for benchmarking purposes.
Additionally, move `#[cfg(test)]` annotation around the `Drop` trait
instead. Having separate functions causes some complications when
needing ownership/moving of the inner value `OwnedFd` when `Drop` is
manually implemented.
Files changed:
M ebpf/aya-ebpf-bindings/src/aarch64/bindings.rs
M ebpf/aya-ebpf-bindings/src/armv7/bindings.rs
M ebpf/aya-ebpf-bindings/src/powerpc64/bindings.rs
M ebpf/aya-ebpf-bindings/src/riscv64/bindings.rs
M ebpf/aya-ebpf-bindings/src/s390x/bindings.rs
M ebpf/aya-ebpf-bindings/src/x86_64/bindings.rs
There was a logic bug in the previously merged patch where we
set the correctly calculated max_entries size with the original.
To fix this and prevent regressions a unit test was added.
This highlighted that the original map definition needs to be
mutated in order for the max_entries change to be properly applied.
As such, this resize logic moved out of aya::sys into aya::maps
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Both libbpf and cilium/ebpf have will set the max_entries of a
BPF_MAP_TYPE_PERF_EVENT_ARRAY to the number of online CPUs if
it was omitted at map definition time. This adds that same
logic to Aya.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
This API doesn't make sense as the max_entries needs to be set to the
number of online CPUs by the loader.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
`brew` seems to be breaking the rustup installed by rust-toolchain:
```
==> Migrating formula rustup-init to rustup
==> Unlinking rustup-init
==> Moving rustup-init versions to /opt/homebrew/Cellar/rustup
==> Relinking rustup
```
Let's see if this fixes it.
IP address types are available in `core`, so they can be used also in
eBPF programs. This change adds support of these types in aya-log.
* Add implementation of `WriteTuBuf` to these types.
* Support these types in `Ipv4Formatter` and `Ipv6Formatter`.
* Support them with `DisplayHint::Ip`.
* Add support for formatting `[u8; 4]`, to be able to handle
`Ipv4Addr::octets`.
Alessandro Decina
Davide Bertola
Zero King
tyrone-wu
Harvo Jones
Billy McFall
Tamir Duberstein
Andrew Stoycos
dependabot[bot]
Dave Tucker
dave-tucker
Michal Rostecki
ajwerner