At present, `aya_build` will always use `+nightly` to build the
eBPF kernel. This is problematic in environments such as CI, where
tools always need to be installed first. Installing the current
nightly Rust toolchain gives you a new toolchain every day. This
poisones caches and makes CI jobs non-deterministic.
Resolves: #1226
Working with aya in vscode will currently show a number of warnings
along the lines of:
```
found duplicate lang item `panic_impl`
the lang item is first defined in crate `std` (which `aya` depends on)
...
second definition in the local crate (`bpf_probe_read`)
```
This comes from feature unification.
integration-test requires the integration-common user feature, which
requires aya, which in turn brings in std.
For this same reason we avoid running clippy across the whole workspace.
We can avoid this issue by using the panic handler from the another
crate, which implements the same loop {} panic handler we use today.
It seems rustc is happy to conditionally link the panic handler
from an external crate without issuing warnings.
Therefore, we add our own crate - ebpf-panic - for this purpose.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Allow for a ProgramInfo to be converted into one of the program types
that we support. This allows for a user of Aya access to reattach,
pin or unload a program that was either, previously loaded, or was
loaded by another process.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
We have previously tried to import traits anonymously where possible but
enforcing this manually was hard.
Since Rust 1.83 clippy can now enforce this for us.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
The init module contains a small init system for running our integration
tests against a kernel. While we don't need a full-blown linux distro,
we do need some utilities.
Once such utility is `modprobe` which allows us to load kernel modules.
Rather than create a new module for this utility, I've instead
refactored `init` into `test-distro` which is a module that contains
multiple binaries.
The xtask code has been adjusted to ensure these binaries are inserted
into the correct places in our cpio archive, as well as bringing in the
kernel modules.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Rather than emitting a warning, assert the inverse of the condition when
the current kernel version is lower than required. This strengthens the
assertions made by our tests (provided we run them over kernel versions
before and after the listed version, which is not yet the case).
Limit of map names in eBPF is 16 bytes and they have to be NULL
terminated.
Before this change, long names were truncated to 16 bytes.
`MAP_WITH_LOOOONG_NAAAAAAAAME` would become `MAP_WITH_LOOOONG`, which
doesn't contain the NULL byte.
This change fixes that by truncating the name to 15 bytes, ensuring
that the 16th byte is NULL. `MAP_WITH_LOOOONG_NAAAAAAAAME` is truncated
to `MAP_WITH_LOOOON\0`.
In practice this will forbid unused dependencies because we run clippy
with `--deny warnings`.
Workspace lints is a nice place to ratchet up lints through the codebase
all at once and consistently.
Change FromRawTracepointArgs::arg to return T rather than *const T which
seems to have been returning a dangling pointer.
Arguably this is not strictly necessary; edition 2024 seems to be
focused on increased strictness around unsafe code which doesn't unlock
new functionality for our users. That said, this work revealed an
apparent bug (see above) that we wouldn't otherwise catch due to
allow-by-default lints.
Fixes#1132.
Note that this change does not add support in the public API for kprobes
or tracepoints, but it's a trivial matter of plumbing.
Along the way, the Uprobe::attach API is cleaned up to make the
attachment location more coherent. The logic being: if we're going to be
breaking the API anyway, may as well clean it up a bit.
Furthermore, the aya::sys::bpf_link_attach function is cleaned up by
properly modeling the the union in the final field with a rust enum.
Provide an `arg()` method in `RawTracepointArgs` wrapper of
`bpf_raw_tracepoint_args` and also in `RawTracepointContext`, so
it's directly available in raw tracepoint programs.
The methods and traits implemented here are unsafe. There is no
way to reliably check the number of available arguments, so
requesting a non-existing one leads to undefined behavior.
We're seeing 429 from Github trying to download gen_init_cpio, so cache
it using actions cache. Since I'm here add this for kernel images as
well to save time waiting on slow Debian servers.
Unwinding gives us more information, so we shouldn't disable it
globally. It is already disabled for BPF targets via the target configs
in rustc itself.
This complicates the clippy invocation somewhat, so put it in a shell
script for developer as well as CI use.
BPF iterators[0] are a way to dump kernel data into user-space and an
alternative to `/proc` filesystem.
This change adds support for BPF iterators on the user-space side. It
provides a possibility to retrieve the outputs of BPF iterator programs
both from sync and async Rust code.
[0] https://docs.kernel.org/bpf/bpf_iterators.html
Users have reported issues with programs failing the verifier when they
are attempting to read or write to variables that the compiler places in
the .bss section. Add a test that places variables in each section and
exercises read and write operations on them.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
This commit adds the initial support for TCX
bpf links. This is a new, multi-program, attachment
type allows for the caller to specify where
they would like to be attached relative to other
programs at the attachment point using the LinkOrder
type.
Signed-off-by: astoycos <astoycos@redhat.com>
Co-authored-by: Andre Fredette <afredette@redhat.com>
Co-authored-by: Dave Tucker <dave@dtucker.co.uk>
Co-authored-by: Tamir Duberstein <tamird@gmail.com>
Michal Rostecki
Thomas Eizinger
Dave Tucker
Tamir Duberstein
Michal Rostecki
arctic-alpaca
Ignacy
dependabot[bot]
Andrew Werner
astoycos