Message ID | 20190910115527.5235-5-kpsingh@chromium.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Kernel Runtime Security Instrumentation | expand |
On 9/10/19 12:55 PM, KP Singh wrote: > From: KP Singh <kpsingh@google.com> > > Update the libbpf library with functionality to load and > attach a program type BPF_PROG_TYPE_KRSI. > > Since the bpf_prog_load does not allow the specification of an > expected attach type, it's recommended to use bpf_prog_load_xattr and > set the expected attach type as KRSI. > > Signed-off-by: KP Singh <kpsingh@google.com> > --- > tools/lib/bpf/libbpf.c | 4 ++++ > tools/lib/bpf/libbpf.h | 2 ++ > tools/lib/bpf/libbpf.map | 2 ++ > tools/lib/bpf/libbpf_probes.c | 1 + > 4 files changed, 9 insertions(+) > > diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c > index 2b57d7ea7836..3cc86bbc68cd 100644 > --- a/tools/lib/bpf/libbpf.c > +++ b/tools/lib/bpf/libbpf.c > @@ -2676,6 +2676,7 @@ static bool bpf_prog_type__needs_kver(enum bpf_prog_type type) > case BPF_PROG_TYPE_PERF_EVENT: > case BPF_PROG_TYPE_CGROUP_SYSCTL: > case BPF_PROG_TYPE_CGROUP_SOCKOPT: > + case BPF_PROG_TYPE_KRSI: > return false; > case BPF_PROG_TYPE_KPROBE: > default: > @@ -3536,6 +3537,7 @@ bool bpf_program__is_##NAME(const struct bpf_program *prog) \ > } \ > > BPF_PROG_TYPE_FNS(socket_filter, BPF_PROG_TYPE_SOCKET_FILTER); > +BPF_PROG_TYPE_FNS(krsi, BPF_PROG_TYPE_KRSI); > BPF_PROG_TYPE_FNS(kprobe, BPF_PROG_TYPE_KPROBE); > BPF_PROG_TYPE_FNS(sched_cls, BPF_PROG_TYPE_SCHED_CLS); > BPF_PROG_TYPE_FNS(sched_act, BPF_PROG_TYPE_SCHED_ACT); > @@ -3590,6 +3592,8 @@ static const struct { > BPF_PROG_SEC("lwt_out", BPF_PROG_TYPE_LWT_OUT), > BPF_PROG_SEC("lwt_xmit", BPF_PROG_TYPE_LWT_XMIT), > BPF_PROG_SEC("lwt_seg6local", BPF_PROG_TYPE_LWT_SEG6LOCAL), > + BPF_APROG_SEC("krsi", BPF_PROG_TYPE_KRSI, > + BPF_KRSI), > BPF_APROG_SEC("cgroup_skb/ingress", BPF_PROG_TYPE_CGROUP_SKB, > BPF_CGROUP_INET_INGRESS), > BPF_APROG_SEC("cgroup_skb/egress", BPF_PROG_TYPE_CGROUP_SKB, > diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h > index 5cbf459ece0b..8781d29b4035 100644 > --- a/tools/lib/bpf/libbpf.h > +++ b/tools/lib/bpf/libbpf.h > @@ -261,6 +261,7 @@ LIBBPF_API int bpf_program__set_sched_cls(struct bpf_program *prog); > LIBBPF_API int bpf_program__set_sched_act(struct bpf_program *prog); > LIBBPF_API int bpf_program__set_xdp(struct bpf_program *prog); > LIBBPF_API int bpf_program__set_perf_event(struct bpf_program *prog); > +LIBBPF_API int bpf_program__set_krsi(struct bpf_program *prog); > LIBBPF_API void bpf_program__set_type(struct bpf_program *prog, > enum bpf_prog_type type); > LIBBPF_API void > @@ -275,6 +276,7 @@ LIBBPF_API bool bpf_program__is_sched_cls(const struct bpf_program *prog); > LIBBPF_API bool bpf_program__is_sched_act(const struct bpf_program *prog); > LIBBPF_API bool bpf_program__is_xdp(const struct bpf_program *prog); > LIBBPF_API bool bpf_program__is_perf_event(const struct bpf_program *prog); > +LIBBPF_API bool bpf_program__is_krsi(const struct bpf_program *prog); > > /* > * No need for __attribute__((packed)), all members of 'bpf_map_def' > diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map > index f9d316e873d8..75b8fe419c11 100644 > --- a/tools/lib/bpf/libbpf.map > +++ b/tools/lib/bpf/libbpf.map > @@ -68,6 +68,7 @@ LIBBPF_0.0.1 { > bpf_prog_test_run_xattr; > bpf_program__fd; > bpf_program__is_kprobe; > + bpf_program__is_krsi; > bpf_program__is_perf_event; > bpf_program__is_raw_tracepoint; > bpf_program__is_sched_act; > @@ -85,6 +86,7 @@ LIBBPF_0.0.1 { > bpf_program__set_expected_attach_type; > bpf_program__set_ifindex; > bpf_program__set_kprobe; > + bpf_program__set_krsi; > bpf_program__set_perf_event; > bpf_program__set_prep; > bpf_program__set_priv; Please put the above two new API functions in version LIBBPF_0.0.5. > diff --git a/tools/lib/bpf/libbpf_probes.c b/tools/lib/bpf/libbpf_probes.c > index ace1a0708d99..cc515a36794d 100644 > --- a/tools/lib/bpf/libbpf_probes.c > +++ b/tools/lib/bpf/libbpf_probes.c > @@ -102,6 +102,7 @@ probe_load(enum bpf_prog_type prog_type, const struct bpf_insn *insns, > case BPF_PROG_TYPE_FLOW_DISSECTOR: > case BPF_PROG_TYPE_CGROUP_SYSCTL: > case BPF_PROG_TYPE_CGROUP_SOCKOPT: > + case BPF_PROG_TYPE_KRSI: > default: > break; > } >
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c index 2b57d7ea7836..3cc86bbc68cd 100644 --- a/tools/lib/bpf/libbpf.c +++ b/tools/lib/bpf/libbpf.c @@ -2676,6 +2676,7 @@ static bool bpf_prog_type__needs_kver(enum bpf_prog_type type) case BPF_PROG_TYPE_PERF_EVENT: case BPF_PROG_TYPE_CGROUP_SYSCTL: case BPF_PROG_TYPE_CGROUP_SOCKOPT: + case BPF_PROG_TYPE_KRSI: return false; case BPF_PROG_TYPE_KPROBE: default: @@ -3536,6 +3537,7 @@ bool bpf_program__is_##NAME(const struct bpf_program *prog) \ } \ BPF_PROG_TYPE_FNS(socket_filter, BPF_PROG_TYPE_SOCKET_FILTER); +BPF_PROG_TYPE_FNS(krsi, BPF_PROG_TYPE_KRSI); BPF_PROG_TYPE_FNS(kprobe, BPF_PROG_TYPE_KPROBE); BPF_PROG_TYPE_FNS(sched_cls, BPF_PROG_TYPE_SCHED_CLS); BPF_PROG_TYPE_FNS(sched_act, BPF_PROG_TYPE_SCHED_ACT); @@ -3590,6 +3592,8 @@ static const struct { BPF_PROG_SEC("lwt_out", BPF_PROG_TYPE_LWT_OUT), BPF_PROG_SEC("lwt_xmit", BPF_PROG_TYPE_LWT_XMIT), BPF_PROG_SEC("lwt_seg6local", BPF_PROG_TYPE_LWT_SEG6LOCAL), + BPF_APROG_SEC("krsi", BPF_PROG_TYPE_KRSI, + BPF_KRSI), BPF_APROG_SEC("cgroup_skb/ingress", BPF_PROG_TYPE_CGROUP_SKB, BPF_CGROUP_INET_INGRESS), BPF_APROG_SEC("cgroup_skb/egress", BPF_PROG_TYPE_CGROUP_SKB, diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h index 5cbf459ece0b..8781d29b4035 100644 --- a/tools/lib/bpf/libbpf.h +++ b/tools/lib/bpf/libbpf.h @@ -261,6 +261,7 @@ LIBBPF_API int bpf_program__set_sched_cls(struct bpf_program *prog); LIBBPF_API int bpf_program__set_sched_act(struct bpf_program *prog); LIBBPF_API int bpf_program__set_xdp(struct bpf_program *prog); LIBBPF_API int bpf_program__set_perf_event(struct bpf_program *prog); +LIBBPF_API int bpf_program__set_krsi(struct bpf_program *prog); LIBBPF_API void bpf_program__set_type(struct bpf_program *prog, enum bpf_prog_type type); LIBBPF_API void @@ -275,6 +276,7 @@ LIBBPF_API bool bpf_program__is_sched_cls(const struct bpf_program *prog); LIBBPF_API bool bpf_program__is_sched_act(const struct bpf_program *prog); LIBBPF_API bool bpf_program__is_xdp(const struct bpf_program *prog); LIBBPF_API bool bpf_program__is_perf_event(const struct bpf_program *prog); +LIBBPF_API bool bpf_program__is_krsi(const struct bpf_program *prog); /* * No need for __attribute__((packed)), all members of 'bpf_map_def' diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map index f9d316e873d8..75b8fe419c11 100644 --- a/tools/lib/bpf/libbpf.map +++ b/tools/lib/bpf/libbpf.map @@ -68,6 +68,7 @@ LIBBPF_0.0.1 { bpf_prog_test_run_xattr; bpf_program__fd; bpf_program__is_kprobe; + bpf_program__is_krsi; bpf_program__is_perf_event; bpf_program__is_raw_tracepoint; bpf_program__is_sched_act; @@ -85,6 +86,7 @@ LIBBPF_0.0.1 { bpf_program__set_expected_attach_type; bpf_program__set_ifindex; bpf_program__set_kprobe; + bpf_program__set_krsi; bpf_program__set_perf_event; bpf_program__set_prep; bpf_program__set_priv; diff --git a/tools/lib/bpf/libbpf_probes.c b/tools/lib/bpf/libbpf_probes.c index ace1a0708d99..cc515a36794d 100644 --- a/tools/lib/bpf/libbpf_probes.c +++ b/tools/lib/bpf/libbpf_probes.c @@ -102,6 +102,7 @@ probe_load(enum bpf_prog_type prog_type, const struct bpf_insn *insns, case BPF_PROG_TYPE_FLOW_DISSECTOR: case BPF_PROG_TYPE_CGROUP_SYSCTL: case BPF_PROG_TYPE_CGROUP_SOCKOPT: + case BPF_PROG_TYPE_KRSI: default: break; }