Commit Graph

59 Commits (4efc2061a8aa0c25cb648a86cdc39ca44784de94)

Author SHA1 Message Date
Alessandro Decina 923cd9b767
Merge pull request #142 from vadorovsky/args-mut-ptr
aya-bpf: Add bpf_probe_write_user helper
3 years ago
Michal Rostecki 1df3b17d29 aya-bpf: Add bpf_probe_write_user helper
This helper allows to write to mutable pointers in the userspace, which
come from userspace functions that uprobes attach to.

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
3 years ago
William Findlay df26fd94a7
bpf/program_array: use never type, add unsafe flag, and document safety 3 years ago
William Findlay ff14493751
bpf/maps: implement ProgramArray
This PR implements the ProgramArray map type in aya-bpf. Includes a convenient tail_call
method that wraps the bpf_tail_call helper.
3 years ago
Michal Rostecki 54377b6140 aya-bpf: Allow to convert probe arguments to mutable pointers
Before this change, arguments fetched with `arg` from `ProbeContext`
could be only fetched as const pointers. This change allows to get mut
pointers as well.

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
3 years ago
Michal Rostecki 7e2fcd1d6d Support for fentry and fexit programs
fentry and fexit programs are similar to kprobe and kretprobe, but they
are newer and they have practically zero overhead to call before or
after kernel function. Also, fexit programs are focused on access to
arguments rather than the return value.

Those kind of programs were introduced in the following patchset:

https://lwn.net/Articles/804112/

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
3 years ago
Thia Wyrod b655cf973f
aya-bpf: remove unnecessary unsafe markers on map functions.
Map lookup and deletion can yield stale keys and values by virtue of
sharing a data structure with userspace programs and other BPF programs
which can modify it. However, all accesses remain perfectly safe and will
not cause memory corruption or data races.
3 years ago
Alessandro Decina 8043451973 bpf: re-export Lru hash maps from aya_bpf::maps 3 years ago
Alessandro Decina c0f695c4b6 bpf: Add LruHashMap and LruPerCpuHashMap 3 years ago
Thia Wyrod d280b856bd
aya-bpf: expose xdp_md of XdpContext and add metadata functions. 3 years ago
Dan Everton fa23052e34
Add wrapper and docs for for bpf_get_current_uid_gid 3 years ago
Alessandro Decina 170e98e71e bpf: fix doc tests 3 years ago
Alessandro Decina 31f96450d4 bpf: add bpf_probe_read_buf, bpf_probe_read_user_buf and bpf_probe_read_kernel_buf 3 years ago
Dave Tucker 8a6fe4a640 bpf: Rename SkSkbContext to SkBuffContext
This is necessary since the context is used in many other program types
and not just in SK_SKB programs.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
3 years ago
Dave Tucker 2a8ba55b7e bpf: Implement redirect for skbs on sockmap/sockhash
This implements redirect_skb and renames redirect to redirect_msg

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
3 years ago
William Findlay 89dee1a114
aya-bpf: implement argument coercion for pt_regs and BTF programs
Implements argument and return value coercion helpers for:
    - LSM programs
    - BTF tracepoints
    - [ku]{ret}probes

Signed-off-by: William Findlay <william@williamfindlay.com>
3 years ago
William Findlay 4a02d0038f
aya-bpf/helpers: add documentation and implement all bpf_probe_read_* wrappers
This patch adds some documentation to aya-bpf/helpers and adds documentation
for the module itself and for all of the wrappers currently defined in the module.

It also implements the rest of the bpf_probe_read_* wrappers that were missing from this
file. In the future, it probably also makes sense to add some bpf_probe_read_* wrappers
that can read directly into a map pointer, avoiding the BPF stack altogether. I'm going to
call this out of scope for this PR, but plan to submit a subsequent one that addresses
this use case.

Signed-off-by: William Findlay <william@williamfindlay.com>
3 years ago
William Findlay b30fd424ef
aya-bpf/helpers: expose raw bindings through helpers::gen
Until we add another set of bpf_probe_read_* wrappers for reading into a map pointer,
users need access to the underlying bpf_probe_read helper, which is clobbered by this
module. This patch enables direct access to the underlying helpers::gen module to support
such use cases.

In my view, it would also probably make sense to just not export helpers::gen::* and force
the user to opt into helpers::gen, but this can be decided on later.

Signed-off-by: William Findlay <william@williamfindlay.com>
3 years ago
William Findlay 6539cbb555
aya/aya-bpf: implement btf tracepoint programs 3 years ago
William Findlay 169478c863 Add support for raw tracepoint and LSM programs
This change adds support for the following program types:

* raw tracepoint
* LSM

Supporting LSM programs involved a necessity of supporting more
load_attrs for the BPF_PROG_LOAD operation, concretely:

* expected_attach_type - for LSM programs, it has always to be set to
  BPF_LSM_MAC
* attach_btf_obj_fd - it's often used to reference the file descriptor of
  program's BTF info, altough in case of LSM programs, it only has to
  contain the value 0, which means the vmlinux object file (usually
  /sys/kernel/btf/vmlinux)
* attach_btf_id - ID of the BTF object, which in case of LSM programs is
  the ID of the function (the LSM hook)

The example of LSM program using that functionality can be found here:

https://github.com/vadorovsky/aya-example-lsm

Fixes: #9
Signed-off-by: William Findlay <william@williamfindlay.com>
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
3 years ago
Alessandro Decina 1f3acbcfe0 bpf: add override for bpf_probe_read_user_str 3 years ago
Alessandro Decina 4116442cda bpf: PerfEventByteArray: remove unused import 3 years ago
Alessandro Decina 0220a4192c bpf: add PerfEventByteArray
Similar to PerfEventArray but allows to output variable length byte
slices
3 years ago
Alessandro Decina 23a70382b2 bpf: PerfEventArray: tweak output API 3 years ago
Alessandro Decina ea91fe08d3 bpf: rename PerfMap to PerfEventArray 3 years ago
Alessandro Decina 32350f81b7 bpf: add memset impl that doesn't trip the verifier
Add a verifier proof memset implementation. This is a quick hack until
we fix compiler-builtins for the bpf target.
3 years ago
Dave Tucker 69041954cb bpf: Added pinned constructor to maps
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
3 years ago
Markus Stange c39dff6025 Add support for PerfEvent programs. 3 years ago
Alessandro Decina 269be03a89 bpf: add PerCpuArray 3 years ago
Alessandro Decina a68ff47246 aya-bpf, aya-bpf-bindings: fix clippy lints 4 years ago
Tw 55ba0538f2
bpf: add support for tracepoint program (#29)
This patch add initial support for tracepoint program type.
Hope you enjoy.

Signed-off-by: Tw <wei.tan@intel.com>
4 years ago
Alessandro Decina 5dfd27dbd0 bpf: fix some clippy warnings 4 years ago
Tw d1b7b024dc bpf: fix a minor bug due to stackid allocation
The type casting introduces an allocation, this will cause compiling failure when linking final bpf target.
So remove this casting to fix this issue.

BTW, the following is the failure I met:

= note: 07:24:12 [ERROR] fatal error: "unable to allocate function return #1"
          PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace.
          Stack dump:
          0.    Running pass 'Function Pass Manager' on module 'trace_bpf-001a275b17e9eb12'.
          1.    Running pass 'BPF DAG->DAG Pattern Instruction Selection' on function '@_ZN7aya_bpf4maps11stack_trace10StackTrace11get_stackid17h32b649bc3780c0aaE'

Signed-off-by: Tw <wei.tan@intel.com>
4 years ago
Alessandro Decina 7eddffb962
Merge pull request #25 from tw4452852/stacktrace
bpf: add support for STACK_TRACE map
4 years ago
Tw fd20bd5e23 bpf: add support for STACK_TRACE map
This path support initial support for BPF_MAP_TYPE_STACK_TRACE.

Signed-off-by: Tw <wei.tan@intel.com>
4 years ago
Alessandro Decina ef39e0ebd2 bpf: sk_skb: add ::cb() and ::cb_mut() to work with skb->cb 4 years ago
Alessandro Decina ec5822d78e bpf: sk_skb: wrap more helpers 4 years ago
Alessandro Decina 122a5306e7 aya, aya-bpf-bindings: regenerate bindings 4 years ago
Alessandro Decina 8cd669ca9a xtask: fix include paths for kernel headers bundled with libbpf 4 years ago
Alessandro Decina 67d35cc1d3 bpf: fix PerfMap::output() API when appending context data
map.output(&ctx, &data, nr_bytes) can be used to append nr_bytes from
the current context to the &data event.
4 years ago
Alessandro Decina 73c48a5029 bpf: add support for BPF_PROG_TYPE_CGROUP_SKB programs
Example:

fn cgroup_skb_egress(skb: SkSkbContext) -> i32 {
    // allow data to go through
    1
}
4 years ago
Arnabjyoti Kalita 6974d349e8
programs: add support for attaching and detaching TC programs
This change adds support for attaching TC programs directly from aya, without
having to use iproute2/tc.
4 years ago
Alessandro Decina 240c65507b bpf: add HashMap::remove() 4 years ago
Alessandro Decina 696ae6079c bpf: Add HashMap::pinned API 4 years ago
Alessandro Decina 97c96383bd bpf: improve SockOpsContext API 4 years ago
Alessandro Decina cb3d71429c bpf: improve SkMsgContext API 4 years ago
Alessandro Decina bf4892d0db bpf: add support for Queue and SockMap maps 4 years ago
Alessandro Decina 575e85c412 bpf: add id and pinning fields to bpf_map_def 4 years ago
Alessandro Decina ab8d512b60 bpf: add HashMap::insert 4 years ago
Alessandro Decina 8f55cd728c bpf: SkSkbContext: add ::l3_csum_replace 4 years ago