Currently errors can occur if the verifier output is > buffer as we get
ENOMEM. We should only provide a log_buf if initial load failed, then
retry up to 10 times to get full verifier output.
To DRY this logic it has been moved to a function so its shared with
program loading
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
one verifier loop to rule them all
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
This requires loading the BTF to kernel when loading all programs as
well as implementing Extension program type
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
fentry and fexit programs are similar to kprobe and kretprobe, but they
are newer and they have practically zero overhead to call before or
after kernel function. Also, fexit programs are focused on access to
arguments rather than the return value.
Those kind of programs were introduced in the following patchset:
https://lwn.net/Articles/804112/
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
Map and ProgramData objects had unnecessarily cloned strings for their
names, despite them being just as easily available to external users via
bpf.maps() and bpf.programs().
When a BPF program doesn't specify the target kernel version, the
most compatible option is to set the program kernel version to match
the currently running kernel.
This change adds support for the following program types:
* raw tracepoint
* LSM
Supporting LSM programs involved a necessity of supporting more
load_attrs for the BPF_PROG_LOAD operation, concretely:
* expected_attach_type - for LSM programs, it has always to be set to
BPF_LSM_MAC
* attach_btf_obj_fd - it's often used to reference the file descriptor of
program's BTF info, altough in case of LSM programs, it only has to
contain the value 0, which means the vmlinux object file (usually
/sys/kernel/btf/vmlinux)
* attach_btf_id - ID of the BTF object, which in case of LSM programs is
the ID of the function (the LSM hook)
The example of LSM program using that functionality can be found here:
https://github.com/vadorovsky/aya-example-lsmFixes: #9
Signed-off-by: William Findlay <william@williamfindlay.com>
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
This commit adds 2 new methods to aya::sys
- bpf_pin_object
- bpf_get_object
Which allow the pinning and retrieval of programs/maps to bpffs.
It adds a `Program.pin` API, such that a loaded program can be pinned.
For map pinning, the user must ensure the `pinning u32` in the
`bpf_map_def` is set to 1, maps will be pinned using a new builder API.
BpfLoader::new().map_pin_path("/sys/fs/bpf/myapp").load_file("myapp.o")
This will pin all maps whose definition requests pinning to path + name.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
qdisc_detach_program can be used to detach all the programs that have
the given name. It's useful when you want to detach programs that were
attached by some other process (eg. iproute2), or when you want to
detach programs that were previously left attached because the program
that attached them was killed.
Dave Tucker
Alessandro Decina
Michal Rostecki
Thia Wyrod
Dan Everton
William Findlay
Markus Stange
Sean Young
Arnabjyoti Kalita