The implementation changed since the original commit was written, and
some mistakes went in:
- missing bpf_redirect_map wrapper
- extra bpf_map_lookup_elem on maps for which it is forbidden
Implements running integration tests on multiple VMs with arbitrary
kernel images using `cargo xtask integration-test vm ...`.
This changes our coverage from 6.2 to 6.1 and 6.4.
This feature is equivalent to async_tokio || async_std; removing it
avoids warnings emitted during `cargo hack check --feature-powerset`
where async is selected without either of the other features.
Use cargo hack to ensure clippy runs on the powerset of features.
This slightly changes the site layout: crate documentation is now flat
rather than being nested under "user" and "bpf".
- Run `cargo clean --doc` before generating docs to ensure hermiticity.
- Generate header.html into a temporary directory.
- Remove "site" on each run to ensure hermiticity.
- Invoke cargo only once.
- Avoid editing sources.
So to build/check things using the bpf target one can:
cd bpf && cargo check && cargo build
without having to manually pass --target=bpfel-unknown-none -Z
build-std=core.
It also fixes cargo xtask docs, since the command relies on bpf docs
being built with the bpfel-unknown-none target.
Replace all `assert!(matches!(..))` with `assert_matches!(..)`.
Remove the now-unused build-integration-test xtask command whose logic
doesn't match that of the build-and-run command.
This change does a few things:
- it fixes a bug in the wrappers, where we were expecting the kernel to
return len=1 for b"\0" where it instead returns 0 and doesn't write
out the NULL terminator
- it makes the helpers more robust by hardcoding bound checks in
assembly so that LLVM optimizations can't transform the checks in a
way that the verifier can't understand.
- it adds integration tests
This patch introduces `pt_regs` handling in aya-bpf/args.rs
for the riscv64 architecture. The current CI is disabled
for riscv64 because this implementation is missing.
Files changed:
M aya-obj/src/generated/btf_internal_bindings.rs
M aya-obj/src/generated/linux_bindings_aarch64.rs
M aya-obj/src/generated/linux_bindings_armv7.rs
M aya-obj/src/generated/linux_bindings_riscv64.rs
M aya-obj/src/generated/linux_bindings_x86_64.rs
M bpf/aya-bpf-bindings/src/aarch64/bindings.rs
M bpf/aya-bpf-bindings/src/armv7/bindings.rs
M bpf/aya-bpf-bindings/src/riscv64/bindings.rs
M bpf/aya-bpf-bindings/src/x86_64/bindings.rs
aya-log-ebpf-macros was failing to compile because it was referencing
a couple of `DisplayHint` variants that no longer exist. These were
removed in #599.
```
Compiling aya-log-ebpf-macros v0.1.0 (/home/robert/aya/aya-log-ebpf-macros)
error[E0599]: no variant or associated item named `Ipv4` found for enum `DisplayHint` in the current scope
--> aya-log-ebpf-macros/src/expand.rs:93:22
|
93 | DisplayHint::Ipv4 => parse_str("::aya_log_ebpf::macro_support::check_impl_ipv4"),
| ^^^^ variant or associated item not found in `DisplayHint`
error[E0599]: no variant or associated item named `Ipv6` found for enum `DisplayHint` in the current scope
--> aya-log-ebpf-macros/src/expand.rs:94:22
|
94 | DisplayHint::Ipv6 => parse_str("::aya_log_ebpf::macro_support::check_impl_ipv6"),
| ^^^^ variant or associated item not found in `DisplayHint`
For more information about this error, try `rustc --explain E0599`.
```
Files changed:
M aya-obj/src/generated/btf_internal_bindings.rs
M aya-obj/src/generated/linux_bindings_aarch64.rs
M aya-obj/src/generated/linux_bindings_armv7.rs
M aya-obj/src/generated/linux_bindings_riscv64.rs
M aya-obj/src/generated/linux_bindings_x86_64.rs
M bpf/aya-bpf-bindings/src/aarch64/bindings.rs
M bpf/aya-bpf-bindings/src/armv7/bindings.rs
M bpf/aya-bpf-bindings/src/riscv64/bindings.rs
M bpf/aya-bpf-bindings/src/x86_64/bindings.rs
Files changed:
M aya-obj/src/generated/linux_bindings_aarch64.rs
M aya-obj/src/generated/linux_bindings_armv7.rs
M aya-obj/src/generated/linux_bindings_riscv64.rs
M aya-obj/src/generated/linux_bindings_x86_64.rs
M bpf/aya-bpf-bindings/src/aarch64/bindings.rs
M bpf/aya-bpf-bindings/src/aarch64/helpers.rs
M bpf/aya-bpf-bindings/src/armv7/bindings.rs
M bpf/aya-bpf-bindings/src/armv7/helpers.rs
M bpf/aya-bpf-bindings/src/riscv64/bindings.rs
M bpf/aya-bpf-bindings/src/riscv64/helpers.rs
M bpf/aya-bpf-bindings/src/x86_64/bindings.rs
M bpf/aya-bpf-bindings/src/x86_64/helpers.rs
Such an assignment in two parts (first deref in `unsafe`, then field
access outside of `unsafe`) is bogus: the deref "returned" by the
`unsafe` block actually creates a copy of the `__sk_buff` struct because
it implements `Copy`. The mark value is written to the `mark` field of
the copy, and not the real `__sk_buff`.
Change it to do it all in the `unsafe` block.
The same is done for the `.len()` getter to avoid copying the whole
`__sk_buff` struct for a 32 bit field. Although such a copy should be
optimized out by the compiler, it's better to help it do so.
Kernel 4.15 added a new eBPF program that can
be used with cgroup v2 to control & observe device
access (e.g. read, write, mknod) - `BPF_PROG_TYPE_CGROUP_DEVICE`.
We add the ability to create these programs with the `cgroup_device`
proc macro which creates the `cgroup/dev` link section. Device
details are available to the eBPF program in `DeviceContext`.
The userspace representation is provided with the `CgroupDevice`
structure.
Fixes: #212
Signed-off-by: Milan <milan@mdaverde.com>
Files changed:\nM aya/src/generated/btf_internal_bindings.rs
M aya/src/generated/linux_bindings_aarch64.rs
M aya/src/generated/linux_bindings_armv7.rs
M aya/src/generated/linux_bindings_riscv64.rs
M aya/src/generated/linux_bindings_x86_64.rs
M bpf/aya-bpf-bindings/src/aarch64/bindings.rs
M bpf/aya-bpf-bindings/src/aarch64/helpers.rs
M bpf/aya-bpf-bindings/src/armv7/bindings.rs
M bpf/aya-bpf-bindings/src/armv7/helpers.rs
M bpf/aya-bpf-bindings/src/riscv64/bindings.rs
M bpf/aya-bpf-bindings/src/riscv64/helpers.rs
M bpf/aya-bpf-bindings/src/x86_64/bindings.rs
M bpf/aya-bpf-bindings/src/x86_64/helpers.rs
This change separates the previous `SkBuffContext` into three structs:
* `SkBuff` which is a wrapper around `__sk_buff` which contains all
possible methods operating on it.
* `SkBuffContext` which is a program context for programs which
**cannot** access `__sk_buff` directly and instead can only use
`load_bytes`.
* `TcContext` which is a classifier context which can access `__sk_buff`
directly, hence exposes `data` and `data_end`.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
This change adds optional display hints:
* `{:x}`, `{:X}` - for hex representation of numbers
* `{:ipv4}`, `{:IPv4}` - for IPv4 addresses
* `{:ipv6}`, `{:IPv6}` - for IPv6 addresses
It also gets rid of dyn-fmt and instead comes with our own parser
implementation.
Tested on: https://github.com/vadorovsky/aya-examples/tree/main/tc
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
The pull_data method is used to ensure that all the required bytes
are available in the linear portion of the skb.
Signed-off-by: Hengqi Chen <chenhengqi@outlook.com>
This commit moves the aya-log projects from the subtree and adds them to
the main cargo workspace. It also brings the BPF crates into the
workspace and moves the macro crates up a level since they aren't BPF
code.
Miri was disabled for aya-bpf as the previous config wasn't actually
checking anything.
CI, clippy, fmt and release configurations have all been adjusted
appropriately.
CI was not properly running for other supported arches which was also
ixed here.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Tuetuopay
Dave Tucker
Tamir Duberstein
Andrew Werner
Alessandro Decina
Kenjiro Nakayama
alessandrod
Robert Bartlensky
Hanaasagi
Kabir Kwatra
Quentin JEROME
dave-tucker
Michal Rostecki
Milan
Dmitry Savintsev
tiann
Ricky Han
abhijeetbhagat
Hengqi Chen
Gabi