- Adds new `maps_mut()` API to the BpfManager to allow us to iterate though
and pin all of maps at the same time.
- Adds new pin(Path)/unpin(Path) api to Maps so they
can be generically pinned AFTER load.
- Adds macro for pinning explicit map types in aya.
Convert all explicit map types "inner" field to be
pub crate in order to facilitate this.
Signed-off-by: astoycos <astoycos@redhat.com>
Aligns with libbpf for the special LIBBPF_PIN_BY_NAME
map flag. Specifically if the flag is provided without a pin path
default to "/sys/fs/bpf".
Signed-off-by: astoycos <astoycos@redhat.com>
Using the prefix only for the host architecture is often not enough,
kernels usually provide symbols for more architectures, which are
used by multilib applications. Handling them might or might not be
necessary depending on the use case. Due to that complexity, we
decided to let the callers to handle prefixes the way they prefer.
Time since boot is defined as the UNIX_EPOCH plus the duration
since boot. which is realtime - boottime NOT boottime - realtime.
Add a integration test to ensure this doesn't happen again.
Signed-off-by: astoycos <astoycos@redhat.com>
On startup, the kernel is probed for support of chained program ids for
CpuMap, DevMap and DevMapHash, and will patch maps at load time to have
the proper size. Then, at runtime, the support is checked and will error
out if a program id is passed when the kernel does not support it.
This commit adds implementations for:
- xskmap
- devmap
- devmap_hash
- cpumap
Which can all be used to redirect XDP packets to various different
locations
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
This is to solve a use-case where a user (in this case bpfd) may want
to:
- MapData::from_pin to open a pinned map from bpffs
- MapData::pin to pin that object into another bpffs
Both operations should be easily accomplished without needing to cast
a MapData into a concrete Map type - e.g aya::maps::HashMap.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
BPF objects can be pinned multiple times, to multiple different places.
Tracking whether or not a map is pinned in a bool is therefore not sufficient.
We could track this in a HashSet<PathBuf>, but there is really no reason
to track it at all.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
`MapData::fd` is now a `MapFd`. This means that `MapData` now closes the
file descriptor on drop. In the future we might consider making `MapFd`
hold a `BorrowedFd` but this requires API design work due to overlapping
borrows.
Since `SockMapFd` is no longer `Copy`, attach methods to take it by
reference to allow callers to use it multiple times as they are
accustomed to doing.
`SockMapFd` implements `try_clone`. `MapFd` and `SockMapFd` are now
returned by reference to allow callers to avoid file descriptor cloning
when desired.
This is an API breaking change.
Updates #612.
Add a new api to the outer level `Program` structure which
allows users to get the program's kernel info before casting
it to an explicit program variant.
Signed-off-by: astoycos <astoycos@redhat.com>
The macro to implement TryFrom for MapData didn't have the ability to
specify that more than one variant of MapData can be valid for a single
map implementation. Support for new syntax was added to the macro so that
the implementation can succeed for both valid variants in the HashMap
and PerCpuHashMap impl.
Fixes#636
The old macros were repetitive and inflexible. This unifies the various
macros used to generate TryFrom implementations for map implementations
from the relevant map enum variants.
Cleanup in anticipation of fixing #636.
The API changes are just about renaming the return to Self and
Self::Error; they are not real changes.
This is a breaking change but adds another level of safety to ensure
the file descriptor we receive is valid. Additionally, this allows
aya to internally easily duplicate this file descriptor using std
library methods instead of manually calling `dup` which doesn't
duplicate with the CLOSE_ON_EXEC flag that is standard pratice to
avoid leaking the file descriptor when exec'ing.
This commit reveals but does not address a file descriptor leak in
LircLink2::query. This function returns a list of `LircLink`s where
each of them have a program file descriptor that is not going to be
closed. This commit does not add this leak; it merely makes it louder
in the code.
Notably:
- clippy::use_self: replaced many T with Self.
- single_use_lifetimes: removed some single use lifetimes.
- unreachable_pub: removed some unreachable pub items.
- unused_crate_dependencies: removed unused futures,parking_lot deps.
- unused_qualifications: found a potential `crate` vs `$crate` bug.
- let_underscore_drop: not enabled, seems to trigger false positives.
- missing_copy_implementations: not enabled, unclear if we want this.
- unsafe_op_in_unsafe_fn: not enabled, unclear if we want this.
- unused_results: not enabled, needs many fixes (but I think wanted).
The primary driver of change here is that `MapData::create` is now a
factory function that returns `Result<Self, _>` rather than mutating
`&mut self`. The remaining changes are consequences of that change, the
most notable of which is the removal of several errors which are no
longer possible.
`ProgramData::fd` is now a `ProgramFd`. This means that `ProgramData`
now closes the file descriptor on drop. In the future we might consider
making `ProgramFd` hold a `BorrowedFd` but this requires API design work
due to overlapping borrows.
Since `ProgramFd` is no longer `Copy`, update methods to take it by
reference to allow callers to use it multiple times as they are
accustomed to doing.
`ProgramFd` is now returned by reference and implements `try_clone` to
allow callers to avoid file descriptor cloning when desired.
This is an API breaking change.
Updates #612.
- Add helper methods to get useful information from the ProgramInfo
object which is returned by the `loaded_programs()` API. Specifically
this code mirrors the `bpftool prog` command in terms of useful fields.
- Add a new API macro to each aya `Program` type to allow us to fetch
its accompanying `ProgramInfo` metadata after its been loaded.
- Add a new ProgramInfo constructor that builds a new instance using
a raw fd.
- Add a smoke test for the loaded_programs() API as well as
all the relevant methods on the ProgramInfo type.
Signed-off-by: Andrew Stoycos <astoycos@redhat.com>
This commit adds:
- A probe to see if the ENUM64 feature is supported
- Fixups for the use of signed enums, or enum64 types
on systems where enum64 is not supported
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
The function is extracted so that a test could be written. This test is
valid on linux-gnu targets, and it doesn't need any special privileges.
This is in anticipation of removing the code that uses this functionality
(seemingly incidentally) from integration tests.
For tests that do networking operations, this allows to have a
clean-state network namespace and interfaces for each test. Mainly, this
avoids "device or resource busy" errors when reusing the loopback
interface across tests.
Wrap verifier logs in a newtype whose `Debug` impl emits unescaped
newlines. This improves ergonomics in tests where we `Result::unwrap()`
those load errors; when these fail today they emit the errors with
newlines escaped, making them incredibly difficult to read.
This fixes an existing file descriptor leak when there is BTF data in
the loaded object.
To avoid lifetime issues while having minimal impact to UX the
`OwnedFd` returned from the BPF_BTF_LOAD syscall will be wrapped in an
`Arc` and shared accross the programs and maps of the loaded BPF
file.
This is just taking https://github.com/aya-rs/aya/pull/633 to its
logical conclusion. Because `std::os::fd` was only introduced as a
module in Rust v1.66.0 I have also updated the `Cargo.toml` of the
`aya` package to reflect the true MSRV. Note that this commit is *not*
the cause for this MSRV bump, that was done by a previous commit, this
commit is just making it explicit in the `Cargo.toml`
The matches crate has been archived now that `matches!` is in std.
However `assert_matches!` is still unstable in std, and the
assert_matches crate provides a more expressive form:
```
assert_matches!(foo, Ok(bar) => {
assert_eq!(bar, baz);
});
```
This feature is equivalent to async_tokio || async_std; removing it
avoids warnings emitted during `cargo hack check --feature-powerset`
where async is selected without either of the other features.
Use cargo hack to ensure clippy runs on the powerset of features.
Andrew Werner
Tamir Duberstein
astoycos
Mike Rostecki
Andrés Medina
Alessandro Decina
Tuetuopay
Dave Tucker
Addison Crump
Addison Crump
Mary