Implements TryFrom for FdLink for CgroupSkb, CgroupSock, CgroupSockAddr
and SockOps program types. This allows support for link pinning for
these program types, aligning with the documentation for FdLink.
Fixes: #739
Co-authored-by: Benjamin Barzen <bbarzen@amazon.com>
Short-circuits `CACHE` to true if the field is non-zero.
This saves from executing the probing logic since the logic essentially
checks if the field can process (or doesn't error) non-zero value.
Cached probed for ProgramInfo fields instead of exposing it through
global FEATURE. Probing occurs on cache miss, which happens when first
accessing the field, *and* if the field is 0.
We have had loaded_links in the API as `#[doc(hidden)]` for a while.
I've been using it in bpfman and it's been fine. This commit does the
minimal work required to make the API stable.
We expose a `LinkInfo` type - similar to `ProgInfo` - which wraps the
generated type. In this case, `bpf_link_info`.
A few accessor functions have been added for `id`, `link_type` and
`program_id`. There are many more fields that could be (eventually)
made public.
As a convenience, `LinkInfo` can be retrieved from an existing FdLink
by using `FdLink::info()`.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Allow for a ProgramInfo to be converted into one of the program types
that we support. This allows for a user of Aya access to reattach,
pin or unload a program that was either, previously loaded, or was
loaded by another process.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
We have previously tried to import traits anonymously where possible but
enforcing this manually was hard.
Since Rust 1.83 clippy can now enforce this for us.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Change FromRawTracepointArgs::arg to return T rather than *const T which
seems to have been returning a dangling pointer.
Arguably this is not strictly necessary; edition 2024 seems to be
focused on increased strictness around unsafe code which doesn't unlock
new functionality for our users. That said, this work revealed an
apparent bug (see above) that we wouldn't otherwise catch due to
allow-by-default lints.
Per man 2 perf_event_open:
> RETURN VALUE
> On success, perf_event_open() returns the new file descriptor. On
> error, -1 is returned and errno is set to indicate the error.
Bake this into our syscalls so we stop using `_` so much which can hide
information loss. Remove the type parameter to SysResult.
Per man 2 bpf:
> RETURN VALUE
> For a successful call, the return value depends on the operation:
>
> BPF_MAP_CREATE
> The new file descriptor associated with the eBPF map.
>
> BPF_PROG_LOAD
> The new file descriptor associated with the eBPF program.
>
> All other commands
> Zero.
>
> On error, -1 is returned, and errno is set to indicate the error.
Bake this into our syscalls so we stop using `_` so much which can hide
information loss.
When `aya::obj` was migrated to be its own crate `aya-obj`, the `obj`
alias was created to preserve existing imports that relied on
`crate::obj`.
This resulted in 3 ways to import `aya-obj` objects:
- `use aya_obj::*`
- `use obj::*`
- `use crate::obj::*`
The `obj` alias is now removed to avoid confusion, and all `obj` imports
are funneled through `aya_obj`.
This returns error strings from netlink since they are more informative
than the raw os error. For example:
"Device or Resource Busy" vs. "XDP program already attached".
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
```
error: called `Iterator::last` on a `DoubleEndedIterator`; this will needlessly iterate the entire iterator
--> aya/src/programs/uprobe.rs:282:64
|
282 | let path = line.split(|b| b.is_ascii_whitespace()).last()?;
| ^^^^^^ help: try: `next_back()`
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#double_ended_iterator_last
```
Fixes#1132.
Note that this change does not add support in the public API for kprobes
or tracepoints, but it's a trivial matter of plumbing.
Along the way, the Uprobe::attach API is cleaned up to make the
attachment location more coherent. The logic being: if we're going to be
breaking the API anyway, may as well clean it up a bit.
Furthermore, the aya::sys::bpf_link_attach function is cleaned up by
properly modeling the the union in the final field with a rust enum.
BPF iterators[0] are a way to dump kernel data into user-space and an
alternative to `/proc` filesystem.
This change adds support for BPF iterators on the user-space side. It
provides a possibility to retrieve the outputs of BPF iterator programs
both from sync and async Rust code.
[0] https://docs.kernel.org/bpf/bpf_iterators.html
This commit adds the initial support for TCX
bpf links. This is a new, multi-program, attachment
type allows for the caller to specify where
they would like to be attached relative to other
programs at the attachment point using the LinkOrder
type.
Signed-off-by: astoycos <astoycos@redhat.com>
Co-authored-by: Andre Fredette <afredette@redhat.com>
Co-authored-by: Dave Tucker <dave@dtucker.co.uk>
Co-authored-by: Tamir Duberstein <tamird@gmail.com>
This change allows multiple BPF programs to attach to a cgroup (via the option
`CgroupAttachMode::AllowMultiple`), and allows a program to specify that it can be
overridden by one in a sub-cgroup (via the option `CgroupAttachMode::AllowOverride`).
Purpose of this commit is to add detections for whether a field is
available in `ProgramInfo`.
- For `program_type()`, we return the new enum `ProgramType` instead of
the integer representation.
- For fields that we know cannot be zero, we return `Option<NonZero*>`
type.
- For `name_as_str()`, it now also uses the feature probe `bpf_name()`
to detect if field is available or not.
- Two additional feature probes are added for the fields:
- `prog_info_map_ids()` probe -> `map_ids()` field
- `prog_info_gpl_compatible()` probe -> `gpl_compatible()` field
With the `prog_info_map_ids()` probe, the previous implementation that
I had for `bpf_prog_get_info_by_fd()` is shortened to use the probe
instead of having to make 2 potential syscalls.
The `test_loaded_at()` test is also moved into info tests since it is
better related to the info tests.
`aya::programs::Programs::prog_type(&self)` now returns `ProgramType`
instead of the generated FFI from aya-obj.
Also previously, `loaded_programs()` could be accessed either through
`aya` or `aya::programs`. To avoid confusion and duplicate export of
the item, the function should now only be exposed through
`aya::programs`.
Improves the existing integraiton tests for `loaded_programs()` and
`loaded_maps()` in consideration for older kernels:
- Opt for `SocketFilter` program in tests since XDP requires v4.8 and
fragments requires v5.18.
- For assertion tests, first perform the assertion, if the assertion
fails, then it checks the host kernel version to see if it is above
the minimum version requirement. If not, then continue with test,
otherwise fail.
For assertions that are skipped, they're logged in stderr which can
be observed with `-- --nocapture`.
This also fixes the `bpf_prog_get_info_by_fd()` call for kernels below
v4.15. If calling syscall on kernels below v4.15, it can produce an
`E2BIG` error because `check_uarg_tail_zero()` expects the entire
struct to all-zero bytes (which is caused from the map info).
Instead, we first attempt the syscall with the map info filled, if it
returns `E2BIG`, then perform syscall again with empty closure.
Also adds doc for which version a kernel feature was introduced for
better awareness.
The tests have been verified kernel versions:
- 4.13.0
- 4.15.0
- 6.1.0
Mehnaz Yunus
Tyrone Wu
Dave Tucker
Omri Steiner
Tamir Duberstein
Andrew Werner
Michal Rostecki
astoycos
Zero King
Harvo Jones
Alessandro Decina