Commit Graph

2163 Commits (c2fb7fed6c4cc2b75a0188cddd8480789e99e0d5)
 

Author SHA1 Message Date
Andres fc69a06972
aya: fix is_probe_read_kernel_supported in aarch64 kernels 5.5 (#1235)
In aarch64, with kernel 5.5, my programs that use `bpf_probe_read_user`
don't work successfully because `aya` is mistakenly re-writting it
`bpf_probe_read` because it falsely detects that the kernel doesn't
support `bpf_probe_read_user`.

I hadn't updated my `aya` version in a while, but while updating it to
fix a separate issue (panics when parsing kernel versions of PVE
kernels) and running my test suite I saw tests failing on aarch64 5.5
kernels. A git bisect led me to this commit:
942ea51906 and further investigation in the
difference of the new and old assembly showed that the only difference
was subtracting 8 vs adding -8. When I put it back as adding 8 (but
without handwritten assembly) then things work as expected. Since it
used to be `BPF_ADD` and the commit that changed it was just about no
longer handwriting assembly without any reason for the switch to
`BPF_SUB` putting it back as `BPF_ADD` seems reasonable. 

When using `BPF_SUB` 8, the handwritten program in this function
returns a permission error which is treated by this function as
`bpf_probe_read_kernel` not being supported when it is but for some
reason `BPF_SUB` is not. My guess is that it might be an early verifier
error but I am not 100% sure as I thought verifier errors are normally
`EINVAL` not `EPERM` but I have a vague memory of seeing `EPERM` in the
past for errors that happened very early in the verifier.

Fixes: #1233
7 months ago
Michal Rostecki e229231d88 xtask: Move libbpf header installation logic to a helper function
Before that, the same code was repeated twice in different places.
7 months ago
Thomas Eizinger 6d36fe13d3 aya-build: Allow setting Rust nightly version
At present, `aya_build` will always use `+nightly` to build the
eBPF kernel. This is problematic in environments such as CI, where
tools always need to be installed first. Installing the current
nightly Rust toolchain gives you a new toolchain every day. This
poisones caches and makes CI jobs non-deterministic.

Resolves: #1226
7 months ago
Dave Tucker 816f6d8a25
Merge pull request #1234 from dave-tucker/fix-clippy-warn
chore: Fix clippy panic_handler warnings
7 months ago
Dave Tucker 3078e5aba0 chore: Fix clippy panic_handler warnings
Working with aya in vscode will currently show a number of warnings
along the lines of:

```
found duplicate lang item `panic_impl`
the lang item is first defined in crate `std` (which `aya` depends on)
...
second definition in the local crate (`bpf_probe_read`)
```

This comes from feature unification.
integration-test requires the integration-common user feature, which
requires aya, which in turn brings in std.

For this same reason we avoid running clippy across the whole workspace.

We can avoid this issue by using the panic handler from the another
crate, which implements the same loop {} panic handler we use today.
It seems rustc is happy to conditionally link the panic handler
from an external crate without issuing warnings.

Therefore, we add our own crate - ebpf-panic - for this purpose.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
7 months ago
Dave Tucker da3f09e28b chore: move network-types to workspace dep
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
7 months ago
Dave Tucker 1db534defa
Merge pull request #1209 from dave-tucker/from_prog_info
feat: Allow conversions to Program from ProgramInfo
7 months ago
Dave Tucker d9ef2df2f0
Merge pull request #1225 from dave-tucker/fix-clippy
chore(aya): Fix clippy unused cfg_attr
7 months ago
Dave Tucker e8e268ba76 chore(aya): Fix clippy unused cfg_attr
clippy complained that cfg_attr is applied to the macro invocation and
therefore will not be expanded. This was a false-positive, however
when playing with cargo expand I did notice that the cfg and cfg_attr
section weren't propagating as I would expect them to.

Adding a meta matcher to the impl_try_from_map macro allows us to
remove the need for AsyncPerfEventArray to be in a separate invocation
of the macro while also making sure that attributes do get propagated
to the generated functions.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
7 months ago
Dave Tucker 2b0dcfbd09 feat: Allow conversions to Program from ProgramInfo
Allow for a ProgramInfo to be converted into one of the program types
that we support. This allows for a user of Aya access to reattach,
pin or unload a program that was either, previously loaded, or was
loaded by another process.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
7 months ago
tamird e96431f07a public-api: regenerate 7 months ago
Dave Tucker 9eecbe9d0e
Merge pull request #1224 from dave-tucker/unused_trait_names
chore(*): set clippy unused_trait_names = warn
7 months ago
Tamir Duberstein 77b1c6194c Add support for Flow Dissector programs
Closes #216.

Co-authored-by: Zenna Allwein <zrallwein@gmail.com>
Signed-off-by: Tamir Duberstein <tamird@gmail.com>
7 months ago
Dave Tucker f6c5cb2ad2 chore(*): set clippy unused_trait_names = warn
We have previously tried to import traits anonymously where possible but
enforcing this manually was hard.

Since Rust 1.83 clippy can now enforce this for us.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
7 months ago
x0rw 34a3d6c27b Update README.md
CgroupSkb::attach() requires three parameters
7 months ago
Dave Tucker 29f4f2b780
Merge pull request #1160 from dave-tucker/modprobe 7 months ago
Dave Tucker abe5f743a3 feat: Refactor init into test-distro
The init module contains a small init system for running our integration
tests against a kernel. While we don't need a full-blown linux distro,
we do need some utilities.

Once such utility is `modprobe` which allows us to load kernel modules.
Rather than create a new module for this utility, I've instead
refactored `init` into `test-distro` which is a module that contains
multiple binaries.

The xtask code has been adjusted to ensure these binaries are inserted
into the correct places in our cpio archive, as well as bringing in the
kernel modules.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
7 months ago
Tamir Duberstein 3edc36af9d aya: remove unhelpful comment 7 months ago
Tamir Duberstein f890bb3dce integration-test: kernel_assert anti-condition
Rather than emitting a warning, assert the inverse of the condition when
the current kernel version is lower than required. This strengthens the
assertions made by our tests (provided we run them over kernel versions
before and after the listed version, which is not yet the case).
7 months ago
Tamir Duberstein 509032f195 integration-test: use scopeguard over panic hook 7 months ago
Tamir Duberstein b8f0c56d15 integration-test: avoid Option::is_some_and
These are just pointless.
7 months ago
Tamir Duberstein 1320aa1a28 integration-test: fix typo 7 months ago
Tamir Duberstein 49a828ec56 taplo: reorder-keys
Group non-workspace keys before workspace ones for readability.
7 months ago
Tamir Duberstein 1ff2c0a2d2 Cargo.toml: sort dependencies 7 months ago
Tamir Duberstein 0153bdd950 github: update dependabot docs link 7 months ago
tamird 75aac18f8a public-api: regenerate 7 months ago
WANG Rui e3aa47f0db Update octorust to 0.10 7 months ago
Michal Rostecki f48b5a4a84 aya: Ensure that truncated map names are NULL terminated
Limit of map names in eBPF is 16 bytes and they have to be NULL
terminated.

Before this change, long names were truncated to 16 bytes.
`MAP_WITH_LOOOONG_NAAAAAAAAME` would become `MAP_WITH_LOOOONG`, which
doesn't contain the NULL byte.

This change fixes that by truncating the name to 15 bytes, ensuring
that the 16th byte is NULL. `MAP_WITH_LOOOONG_NAAAAAAAAME` is truncated
to `MAP_WITH_LOOOON\0`.
8 months ago
tamird dcf66db845 public-api: regenerate 8 months ago
Tamir Duberstein a43e40ae1d introduce workspace lints, warn on unused crates
In practice this will forbid unused dependencies because we run clippy
with `--deny warnings`.

Workspace lints is a nice place to ratchet up lints through the codebase
all at once and consistently.
8 months ago
Dave Tucker 65489e1d4c
Merge pull request #1210 from dave-tucker/no-mergify-dependabot
chore: Disable mergify on dependabot PRs
8 months ago
Tamir Duberstein 22c8f783e7 programs: allow program names to be static strings 8 months ago
Dave Tucker 00b5cc5aaf chore: Disable mergify on dependabot PRs
Merging via comment isn't possible. We could merge this automatically on
green, however we'd prefer to use @dependabot merge or merge manually.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
8 months ago
arctic-alpaca 73a34e1571 aya: Add `XskMap::unset` 8 months ago
Dave Tucker ea76e0f62d aya: parse complete entries from /proc/$pid/maps
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Signed-off-by: Tamir Duberstein <tamird@gmail.com>
8 months ago
Tamir Duberstein de0b7cee8d Destructure 8 months ago
Tamir Duberstein 7084df68aa Add punctuation 8 months ago
Tamir Duberstein 50ae0ee099 Avoid allocations when parsing /proc/{pid}/maps 8 months ago
Tamir Duberstein 6252b4c972 aya-obj,aya-ebpf-*: hook up loongarch64
This causes rustfmt to format those files.

Squish some other conditional compilation to get rustfmt sorting.
8 months ago
Tamir Duberstein 9916092f5c codegen: tidy up
- Document the need for external rustfmt invocation.
- Remove reexports.
- Remove `write_to_file`.
- Avoid allocating strings when using bindgen to write bindings.
8 months ago
Tamir Duberstein e16f0482f8 Revert "ci: remove cross toolchain"
Turns out this was actually being used through magic.

Remove mips since it is a tier 3 target that is only supported on
nightly and dtolnay/rust-toolchain doesn't seem to handle installing
targets without std.

Exclude xtask since it depends on `ring` which doesn't build on all
targets.

Fix compilation on armv7 which had rotted.

This reverts commit d92fc95c39.
8 months ago
Tamir Duberstein 34319cba12 ci,xtask: sort architectures 8 months ago
Tamir Duberstein b18b4f7369 ci: use output rather than env
This appeases my IDE and removes annoying yellow squiggles.
8 months ago
Tamir Duberstein 56ebe1406e aya-tool: do not attempt to run rustfmt
This can be done externally. Do so in CI.

This is an attempt to resolve the inconsistency between CI and local
rustfmt in the generated bindings.

Restore running CI on generated branches; the presence of a PR is
apparently not enough.
8 months ago
tamird 2bb2302d1d aya-obj, aya-ebpf-bindings: regenerate
libbpf commit: 20ea95b4505c477af3b6ff6ce9d19cee868ddc5d
8 months ago
Tamir Duberstein f0a9f19ddc Bump edition to 2024
Change FromRawTracepointArgs::arg to return T rather than *const T which
seems to have been returning a dangling pointer.

Arguably this is not strictly necessary; edition 2024 seems to be
focused on increased strictness around unsafe code which doesn't unlock
new functionality for our users. That said, this work revealed an
apparent bug (see above) that we wouldn't otherwise catch due to
allow-by-default lints.
8 months ago
Tamir Duberstein ea5f7e3015 Reduce the scope of expected warnings
This fixes a few safety comments to avoid the warnings.
8 months ago
Tamir Duberstein 4101a5a55d Use #[expect(...)] rather than #[allow(...)]
This is stricter, and revealed a few unused allowances.
8 months ago
arctic-alpaca 015443776c replace hard-coded queue ID with queried queue ID 8 months ago
arctic-alpaca e1cb4237bd tests: add queue ID matching to AF_XDP test 8 months ago