The helpers always return a signed 64-bit r0 value, but the JIT that
translates eBPF into native instructions differs by architecture. On
x86_64 the generated code writes the helper result into a 64-bit
register, so the CPU sign-extends negative errnos automatically. On
aarch64 the JIT frequently uses 32-bit operations (w0) when copying the
helper return and only zero-extends into the upper half of x0.
That results in broken errno codes on aarch64. For example, when a map
operation returns `-ENOENT`, which is supposed to be -2, the i64
representation yields something like `0x0000_0000_FFFF_FFFE`
(4294967294) instead of -2. In short: the ARM64 JIT doesn’t preserve the
sign in the upper half of the 64-bit register, and the error code has to
be cast to a 32-bit integer to make the sign visible.
This makes it awkward for users, because that behavior prevents simply
comparing helper error codes with constants like `libc::ENOENT` without
manual casts.
Given that the maximum error code limit `MAX_ERRNO` in the kernel is
4095, which fits in a 32-bit integer, coerce the error codes to be `i32`
and make all helpers return `Result<T, i32>`.
Add integration tests to verify that btf_maps generated with the
generalized btf_map_def macro are compatible with libbpf's bpf_map_def.
Also add CI infrastructure for macOS cross-compilation to Linux musl,
including stub headers and autoconf cache variables for libbpf-sys
vendored dependencies.
Override ring buffer value_size to 0 to allow slightly malformed
programs to load. This is the same approach taken by Cillium.
Signed-off-by: Lukas Hoehl <lukas.hoehl@stackit.cloud>
Add documentation and integration test for SchedClassifier link pinning,
which enables zero-downtime program updates in production environments.
- Add link pinning example to SchedClassifier::attach_with_options()
showing atomic replacement workflow for TCX mode (kernel >= 6.6).
- Add pin_tcx_link() integration test verifying link persistence
across program unload and atomic replacement capability.
This follows the #1417 review discussion: by bundling location
+ cookie into a UProbeAttachPoint we get a more idiomatic Into<_>
entry point, keep the one-to-one relationship enforced by the type
system, and make it easier to extend attach with multi-location
support without introducing parallel arrays or a brand new API.
Implement `PerfEventConfig::Breakpoint`, allowing users to attach
hardware breakpoints. Generate `HW_BREAKPOINT_*` and `struct
bpf_perf_event_data` in support of this feature and update the type of
`PerfEventContext` accordingly.
Add a test exercising R, W, RW, and X breakpoints. Note that R
breakpoints are unsupported on x86, and this is asserted in the test.
Extend the VM integration test harness and supporting infrastructure
(e.g. `download_kernel_images.sh`) to download kernel debug packages and
mount `System.map` in initramfs. This is needed (at least) on the aarch
6.1 Debian kernel which was not compiled with `CONFIG_KALLSYMS_ALL=y`
for some reason, and the locations of globals are not available in
kallsyms. To attach breakpoints to these symbols in the test pipeline,
we need to read them from System.map and apply the KASLR offset to get
their real address. The `System.map` file is not provided in the kernel
package by default, so we need to extract it from the corresponding
debug package. The KASLR offset is computed using `gunzip` which appears
in kallsyms on all Debian kernels tested.
Co-authored-by: Tamir Duberstein <tamird@gmail.com>
The traits `FromBtfArgument`, `FromRawTracepointArgs`, `FromPtRegs` are
all fancy ways of saying `Argument` - so replace these traits with it.
This also removes the use of `bpf_probe_read` which was introduced in
05c1586202 because I can't reproduce the
need for it.
This crate uses a very old version of `nix` which is preventing us from
adding support for loongarch64.
Make panic-in-panic more uniform while I'm here.
The RingBuf caches the last value it read of the producer so it doesn't
need to constantly contend on the actual producer cache line if lots of
messages have yet to be consumed. It was bogus to initialize this cache
at 0. This patch initializes it properly and adds testing.
Fixes: #1309
When preparing the VM initramfs detect the `config-*` file that ships alongside
the vmlinuz/modules in each kernel archive and install it under `/boot` (both
as `/boot/config` and `/boot/config-<version>`). This makes the running
kernel’s configuration available inside the guest for the integration tests.
