tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / samples / bpf / bpf_load.c
at v4.20-rc3 670 lines 16 kB view raw
1// SPDX-License-Identifier: GPL-2.0 2#include <stdio.h> 3#include <sys/types.h> 4#include <sys/stat.h> 5#include <fcntl.h> 6#include <libelf.h> 7#include <gelf.h> 8#include <errno.h> 9#include <unistd.h> 10#include <string.h> 11#include <stdbool.h> 12#include <stdlib.h> 13#include <linux/bpf.h> 14#include <linux/filter.h> 15#include <linux/perf_event.h> 16#include <linux/netlink.h> 17#include <linux/rtnetlink.h> 18#include <linux/types.h> 19#include <sys/socket.h> 20#include <sys/syscall.h> 21#include <sys/ioctl.h> 22#include <sys/mman.h> 23#include <poll.h> 24#include <ctype.h> 25#include <assert.h> 26#include <bpf/bpf.h> 27#include "bpf_load.h" 28#include "perf-sys.h" 29 30#define DEBUGFS "/sys/kernel/debug/tracing/" 31 32static char license[128]; 33static int kern_version; 34static bool processed_sec[128]; 35char bpf_log_buf[BPF_LOG_BUF_SIZE]; 36int map_fd[MAX_MAPS]; 37int prog_fd[MAX_PROGS]; 38int event_fd[MAX_PROGS]; 39int prog_cnt; 40int prog_array_fd = -1; 41 42struct bpf_map_data map_data[MAX_MAPS]; 43int map_data_count = 0; 44 45static int populate_prog_array(const char *event, int prog_fd) 46{ 47 int ind = atoi(event), err; 48 49 err = bpf_map_update_elem(prog_array_fd, &ind, &prog_fd, BPF_ANY); 50 if (err < 0) { 51 printf("failed to store prog_fd in prog_array\n"); 52 return -1; 53 } 54 return 0; 55} 56 57static int load_and_attach(const char *event, struct bpf_insn *prog, int size) 58{ 59 bool is_socket = strncmp(event, "socket", 6) == 0; 60 bool is_kprobe = strncmp(event, "kprobe/", 7) == 0; 61 bool is_kretprobe = strncmp(event, "kretprobe/", 10) == 0; 62 bool is_tracepoint = strncmp(event, "tracepoint/", 11) == 0; 63 bool is_raw_tracepoint = strncmp(event, "raw_tracepoint/", 15) == 0; 64 bool is_xdp = strncmp(event, "xdp", 3) == 0; 65 bool is_perf_event = strncmp(event, "perf_event", 10) == 0; 66 bool is_cgroup_skb = strncmp(event, "cgroup/skb", 10) == 0; 67 bool is_cgroup_sk = strncmp(event, "cgroup/sock", 11) == 0; 68 bool is_sockops = strncmp(event, "sockops", 7) == 0; 69 bool is_sk_skb = strncmp(event, "sk_skb", 6) == 0; 70 bool is_sk_msg = strncmp(event, "sk_msg", 6) == 0; 71 size_t insns_cnt = size / sizeof(struct bpf_insn); 72 enum bpf_prog_type prog_type; 73 char buf[256]; 74 int fd, efd, err, id; 75 struct perf_event_attr attr = {}; 76 77 attr.type = PERF_TYPE_TRACEPOINT; 78 attr.sample_type = PERF_SAMPLE_RAW; 79 attr.sample_period = 1; 80 attr.wakeup_events = 1; 81 82 if (is_socket) { 83 prog_type = BPF_PROG_TYPE_SOCKET_FILTER; 84 } else if (is_kprobe || is_kretprobe) { 85 prog_type = BPF_PROG_TYPE_KPROBE; 86 } else if (is_tracepoint) { 87 prog_type = BPF_PROG_TYPE_TRACEPOINT; 88 } else if (is_raw_tracepoint) { 89 prog_type = BPF_PROG_TYPE_RAW_TRACEPOINT; 90 } else if (is_xdp) { 91 prog_type = BPF_PROG_TYPE_XDP; 92 } else if (is_perf_event) { 93 prog_type = BPF_PROG_TYPE_PERF_EVENT; 94 } else if (is_cgroup_skb) { 95 prog_type = BPF_PROG_TYPE_CGROUP_SKB; 96 } else if (is_cgroup_sk) { 97 prog_type = BPF_PROG_TYPE_CGROUP_SOCK; 98 } else if (is_sockops) { 99 prog_type = BPF_PROG_TYPE_SOCK_OPS; 100 } else if (is_sk_skb) { 101 prog_type = BPF_PROG_TYPE_SK_SKB; 102 } else if (is_sk_msg) { 103 prog_type = BPF_PROG_TYPE_SK_MSG; 104 } else { 105 printf("Unknown event '%s'\n", event); 106 return -1; 107 } 108 109 if (prog_cnt == MAX_PROGS) 110 return -1; 111 112 fd = bpf_load_program(prog_type, prog, insns_cnt, license, kern_version, 113 bpf_log_buf, BPF_LOG_BUF_SIZE); 114 if (fd < 0) { 115 printf("bpf_load_program() err=%d\n%s", errno, bpf_log_buf); 116 return -1; 117 } 118 119 prog_fd[prog_cnt++] = fd; 120 121 if (is_xdp || is_perf_event || is_cgroup_skb || is_cgroup_sk) 122 return 0; 123 124 if (is_socket || is_sockops || is_sk_skb || is_sk_msg) { 125 if (is_socket) 126 event += 6; 127 else 128 event += 7; 129 if (*event != '/') 130 return 0; 131 event++; 132 if (!isdigit(*event)) { 133 printf("invalid prog number\n"); 134 return -1; 135 } 136 return populate_prog_array(event, fd); 137 } 138 139 if (is_raw_tracepoint) { 140 efd = bpf_raw_tracepoint_open(event + 15, fd); 141 if (efd < 0) { 142 printf("tracepoint %s %s\n", event + 15, strerror(errno)); 143 return -1; 144 } 145 event_fd[prog_cnt - 1] = efd; 146 return 0; 147 } 148 149 if (is_kprobe || is_kretprobe) { 150 bool need_normal_check = true; 151 const char *event_prefix = ""; 152 153 if (is_kprobe) 154 event += 7; 155 else 156 event += 10; 157 158 if (*event == 0) { 159 printf("event name cannot be empty\n"); 160 return -1; 161 } 162 163 if (isdigit(*event)) 164 return populate_prog_array(event, fd); 165 166#ifdef __x86_64__ 167 if (strncmp(event, "sys_", 4) == 0) { 168 snprintf(buf, sizeof(buf), 169 "echo '%c:__x64_%s __x64_%s' >> /sys/kernel/debug/tracing/kprobe_events", 170 is_kprobe ? 'p' : 'r', event, event); 171 err = system(buf); 172 if (err >= 0) { 173 need_normal_check = false; 174 event_prefix = "__x64_"; 175 } 176 } 177#endif 178 if (need_normal_check) { 179 snprintf(buf, sizeof(buf), 180 "echo '%c:%s %s' >> /sys/kernel/debug/tracing/kprobe_events", 181 is_kprobe ? 'p' : 'r', event, event); 182 err = system(buf); 183 if (err < 0) { 184 printf("failed to create kprobe '%s' error '%s'\n", 185 event, strerror(errno)); 186 return -1; 187 } 188 } 189 190 strcpy(buf, DEBUGFS); 191 strcat(buf, "events/kprobes/"); 192 strcat(buf, event_prefix); 193 strcat(buf, event); 194 strcat(buf, "/id"); 195 } else if (is_tracepoint) { 196 event += 11; 197 198 if (*event == 0) { 199 printf("event name cannot be empty\n"); 200 return -1; 201 } 202 strcpy(buf, DEBUGFS); 203 strcat(buf, "events/"); 204 strcat(buf, event); 205 strcat(buf, "/id"); 206 } 207 208 efd = open(buf, O_RDONLY, 0); 209 if (efd < 0) { 210 printf("failed to open event %s\n", event); 211 return -1; 212 } 213 214 err = read(efd, buf, sizeof(buf)); 215 if (err < 0 || err >= sizeof(buf)) { 216 printf("read from '%s' failed '%s'\n", event, strerror(errno)); 217 return -1; 218 } 219 220 close(efd); 221 222 buf[err] = 0; 223 id = atoi(buf); 224 attr.config = id; 225 226 efd = sys_perf_event_open(&attr, -1/*pid*/, 0/*cpu*/, -1/*group_fd*/, 0); 227 if (efd < 0) { 228 printf("event %d fd %d err %s\n", id, efd, strerror(errno)); 229 return -1; 230 } 231 event_fd[prog_cnt - 1] = efd; 232 err = ioctl(efd, PERF_EVENT_IOC_ENABLE, 0); 233 if (err < 0) { 234 printf("ioctl PERF_EVENT_IOC_ENABLE failed err %s\n", 235 strerror(errno)); 236 return -1; 237 } 238 err = ioctl(efd, PERF_EVENT_IOC_SET_BPF, fd); 239 if (err < 0) { 240 printf("ioctl PERF_EVENT_IOC_SET_BPF failed err %s\n", 241 strerror(errno)); 242 return -1; 243 } 244 245 return 0; 246} 247 248static int load_maps(struct bpf_map_data *maps, int nr_maps, 249 fixup_map_cb fixup_map) 250{ 251 int i, numa_node; 252 253 for (i = 0; i < nr_maps; i++) { 254 if (fixup_map) { 255 fixup_map(&maps[i], i); 256 /* Allow userspace to assign map FD prior to creation */ 257 if (maps[i].fd != -1) { 258 map_fd[i] = maps[i].fd; 259 continue; 260 } 261 } 262 263 numa_node = maps[i].def.map_flags & BPF_F_NUMA_NODE ? 264 maps[i].def.numa_node : -1; 265 266 if (maps[i].def.type == BPF_MAP_TYPE_ARRAY_OF_MAPS || 267 maps[i].def.type == BPF_MAP_TYPE_HASH_OF_MAPS) { 268 int inner_map_fd = map_fd[maps[i].def.inner_map_idx]; 269 270 map_fd[i] = bpf_create_map_in_map_node(maps[i].def.type, 271 maps[i].name, 272 maps[i].def.key_size, 273 inner_map_fd, 274 maps[i].def.max_entries, 275 maps[i].def.map_flags, 276 numa_node); 277 } else { 278 map_fd[i] = bpf_create_map_node(maps[i].def.type, 279 maps[i].name, 280 maps[i].def.key_size, 281 maps[i].def.value_size, 282 maps[i].def.max_entries, 283 maps[i].def.map_flags, 284 numa_node); 285 } 286 if (map_fd[i] < 0) { 287 printf("failed to create a map: %d %s\n", 288 errno, strerror(errno)); 289 return 1; 290 } 291 maps[i].fd = map_fd[i]; 292 293 if (maps[i].def.type == BPF_MAP_TYPE_PROG_ARRAY) 294 prog_array_fd = map_fd[i]; 295 } 296 return 0; 297} 298 299static int get_sec(Elf *elf, int i, GElf_Ehdr *ehdr, char **shname, 300 GElf_Shdr *shdr, Elf_Data **data) 301{ 302 Elf_Scn *scn; 303 304 scn = elf_getscn(elf, i); 305 if (!scn) 306 return 1; 307 308 if (gelf_getshdr(scn, shdr) != shdr) 309 return 2; 310 311 *shname = elf_strptr(elf, ehdr->e_shstrndx, shdr->sh_name); 312 if (!*shname || !shdr->sh_size) 313 return 3; 314 315 *data = elf_getdata(scn, 0); 316 if (!*data || elf_getdata(scn, *data) != NULL) 317 return 4; 318 319 return 0; 320} 321 322static int parse_relo_and_apply(Elf_Data *data, Elf_Data *symbols, 323 GElf_Shdr *shdr, struct bpf_insn *insn, 324 struct bpf_map_data *maps, int nr_maps) 325{ 326 int i, nrels; 327 328 nrels = shdr->sh_size / shdr->sh_entsize; 329 330 for (i = 0; i < nrels; i++) { 331 GElf_Sym sym; 332 GElf_Rel rel; 333 unsigned int insn_idx; 334 bool match = false; 335 int j, map_idx; 336 337 gelf_getrel(data, i, &rel); 338 339 insn_idx = rel.r_offset / sizeof(struct bpf_insn); 340 341 gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym); 342 343 if (insn[insn_idx].code != (BPF_LD | BPF_IMM | BPF_DW)) { 344 printf("invalid relo for insn[%d].code 0x%x\n", 345 insn_idx, insn[insn_idx].code); 346 return 1; 347 } 348 insn[insn_idx].src_reg = BPF_PSEUDO_MAP_FD; 349 350 /* Match FD relocation against recorded map_data[] offset */ 351 for (map_idx = 0; map_idx < nr_maps; map_idx++) { 352 if (maps[map_idx].elf_offset == sym.st_value) { 353 match = true; 354 break; 355 } 356 } 357 if (match) { 358 insn[insn_idx].imm = maps[map_idx].fd; 359 } else { 360 printf("invalid relo for insn[%d] no map_data match\n", 361 insn_idx); 362 return 1; 363 } 364 } 365 366 return 0; 367} 368 369static int cmp_symbols(const void *l, const void *r) 370{ 371 const GElf_Sym *lsym = (const GElf_Sym *)l; 372 const GElf_Sym *rsym = (const GElf_Sym *)r; 373 374 if (lsym->st_value < rsym->st_value) 375 return -1; 376 else if (lsym->st_value > rsym->st_value) 377 return 1; 378 else 379 return 0; 380} 381 382static int load_elf_maps_section(struct bpf_map_data *maps, int maps_shndx, 383 Elf *elf, Elf_Data *symbols, int strtabidx) 384{ 385 int map_sz_elf, map_sz_copy; 386 bool validate_zero = false; 387 Elf_Data *data_maps; 388 int i, nr_maps; 389 GElf_Sym *sym; 390 Elf_Scn *scn; 391 int copy_sz; 392 393 if (maps_shndx < 0) 394 return -EINVAL; 395 if (!symbols) 396 return -EINVAL; 397 398 /* Get data for maps section via elf index */ 399 scn = elf_getscn(elf, maps_shndx); 400 if (scn) 401 data_maps = elf_getdata(scn, NULL); 402 if (!scn || !data_maps) { 403 printf("Failed to get Elf_Data from maps section %d\n", 404 maps_shndx); 405 return -EINVAL; 406 } 407 408 /* For each map get corrosponding symbol table entry */ 409 sym = calloc(MAX_MAPS+1, sizeof(GElf_Sym)); 410 for (i = 0, nr_maps = 0; i < symbols->d_size / sizeof(GElf_Sym); i++) { 411 assert(nr_maps < MAX_MAPS+1); 412 if (!gelf_getsym(symbols, i, &sym[nr_maps])) 413 continue; 414 if (sym[nr_maps].st_shndx != maps_shndx) 415 continue; 416 /* Only increment iif maps section */ 417 nr_maps++; 418 } 419 420 /* Align to map_fd[] order, via sort on offset in sym.st_value */ 421 qsort(sym, nr_maps, sizeof(GElf_Sym), cmp_symbols); 422 423 /* Keeping compatible with ELF maps section changes 424 * ------------------------------------------------ 425 * The program size of struct bpf_load_map_def is known by loader 426 * code, but struct stored in ELF file can be different. 427 * 428 * Unfortunately sym[i].st_size is zero. To calculate the 429 * struct size stored in the ELF file, assume all struct have 430 * the same size, and simply divide with number of map 431 * symbols. 432 */ 433 map_sz_elf = data_maps->d_size / nr_maps; 434 map_sz_copy = sizeof(struct bpf_load_map_def); 435 if (map_sz_elf < map_sz_copy) { 436 /* 437 * Backward compat, loading older ELF file with 438 * smaller struct, keeping remaining bytes zero. 439 */ 440 map_sz_copy = map_sz_elf; 441 } else if (map_sz_elf > map_sz_copy) { 442 /* 443 * Forward compat, loading newer ELF file with larger 444 * struct with unknown features. Assume zero means 445 * feature not used. Thus, validate rest of struct 446 * data is zero. 447 */ 448 validate_zero = true; 449 } 450 451 /* Memcpy relevant part of ELF maps data to loader maps */ 452 for (i = 0; i < nr_maps; i++) { 453 struct bpf_load_map_def *def; 454 unsigned char *addr, *end; 455 const char *map_name; 456 size_t offset; 457 458 map_name = elf_strptr(elf, strtabidx, sym[i].st_name); 459 maps[i].name = strdup(map_name); 460 if (!maps[i].name) { 461 printf("strdup(%s): %s(%d)\n", map_name, 462 strerror(errno), errno); 463 free(sym); 464 return -errno; 465 } 466 467 /* Symbol value is offset into ELF maps section data area */ 468 offset = sym[i].st_value; 469 def = (struct bpf_load_map_def *)(data_maps->d_buf + offset); 470 maps[i].elf_offset = offset; 471 memset(&maps[i].def, 0, sizeof(struct bpf_load_map_def)); 472 memcpy(&maps[i].def, def, map_sz_copy); 473 474 /* Verify no newer features were requested */ 475 if (validate_zero) { 476 addr = (unsigned char*) def + map_sz_copy; 477 end = (unsigned char*) def + map_sz_elf; 478 for (; addr < end; addr++) { 479 if (*addr != 0) { 480 free(sym); 481 return -EFBIG; 482 } 483 } 484 } 485 } 486 487 free(sym); 488 return nr_maps; 489} 490 491static int do_load_bpf_file(const char *path, fixup_map_cb fixup_map) 492{ 493 int fd, i, ret, maps_shndx = -1, strtabidx = -1; 494 Elf *elf; 495 GElf_Ehdr ehdr; 496 GElf_Shdr shdr, shdr_prog; 497 Elf_Data *data, *data_prog, *data_maps = NULL, *symbols = NULL; 498 char *shname, *shname_prog; 499 int nr_maps = 0; 500 501 /* reset global variables */ 502 kern_version = 0; 503 memset(license, 0, sizeof(license)); 504 memset(processed_sec, 0, sizeof(processed_sec)); 505 506 if (elf_version(EV_CURRENT) == EV_NONE) 507 return 1; 508 509 fd = open(path, O_RDONLY, 0); 510 if (fd < 0) 511 return 1; 512 513 elf = elf_begin(fd, ELF_C_READ, NULL); 514 515 if (!elf) 516 return 1; 517 518 if (gelf_getehdr(elf, &ehdr) != &ehdr) 519 return 1; 520 521 /* clear all kprobes */ 522 i = system("echo \"\" > /sys/kernel/debug/tracing/kprobe_events"); 523 524 /* scan over all elf sections to get license and map info */ 525 for (i = 1; i < ehdr.e_shnum; i++) { 526 527 if (get_sec(elf, i, &ehdr, &shname, &shdr, &data)) 528 continue; 529 530 if (0) /* helpful for llvm debugging */ 531 printf("section %d:%s data %p size %zd link %d flags %d\n", 532 i, shname, data->d_buf, data->d_size, 533 shdr.sh_link, (int) shdr.sh_flags); 534 535 if (strcmp(shname, "license") == 0) { 536 processed_sec[i] = true; 537 memcpy(license, data->d_buf, data->d_size); 538 } else if (strcmp(shname, "version") == 0) { 539 processed_sec[i] = true; 540 if (data->d_size != sizeof(int)) { 541 printf("invalid size of version section %zd\n", 542 data->d_size); 543 return 1; 544 } 545 memcpy(&kern_version, data->d_buf, sizeof(int)); 546 } else if (strcmp(shname, "maps") == 0) { 547 int j; 548 549 maps_shndx = i; 550 data_maps = data; 551 for (j = 0; j < MAX_MAPS; j++) 552 map_data[j].fd = -1; 553 } else if (shdr.sh_type == SHT_SYMTAB) { 554 strtabidx = shdr.sh_link; 555 symbols = data; 556 } 557 } 558 559 ret = 1; 560 561 if (!symbols) { 562 printf("missing SHT_SYMTAB section\n"); 563 goto done; 564 } 565 566 if (data_maps) { 567 nr_maps = load_elf_maps_section(map_data, maps_shndx, 568 elf, symbols, strtabidx); 569 if (nr_maps < 0) { 570 printf("Error: Failed loading ELF maps (errno:%d):%s\n", 571 nr_maps, strerror(-nr_maps)); 572 goto done; 573 } 574 if (load_maps(map_data, nr_maps, fixup_map)) 575 goto done; 576 map_data_count = nr_maps; 577 578 processed_sec[maps_shndx] = true; 579 } 580 581 /* process all relo sections, and rewrite bpf insns for maps */ 582 for (i = 1; i < ehdr.e_shnum; i++) { 583 if (processed_sec[i]) 584 continue; 585 586 if (get_sec(elf, i, &ehdr, &shname, &shdr, &data)) 587 continue; 588 589 if (shdr.sh_type == SHT_REL) { 590 struct bpf_insn *insns; 591 592 /* locate prog sec that need map fixup (relocations) */ 593 if (get_sec(elf, shdr.sh_info, &ehdr, &shname_prog, 594 &shdr_prog, &data_prog)) 595 continue; 596 597 if (shdr_prog.sh_type != SHT_PROGBITS || 598 !(shdr_prog.sh_flags & SHF_EXECINSTR)) 599 continue; 600 601 insns = (struct bpf_insn *) data_prog->d_buf; 602 processed_sec[i] = true; /* relo section */ 603 604 if (parse_relo_and_apply(data, symbols, &shdr, insns, 605 map_data, nr_maps)) 606 continue; 607 } 608 } 609 610 /* load programs */ 611 for (i = 1; i < ehdr.e_shnum; i++) { 612 613 if (processed_sec[i]) 614 continue; 615 616 if (get_sec(elf, i, &ehdr, &shname, &shdr, &data)) 617 continue; 618 619 if (memcmp(shname, "kprobe/", 7) == 0 || 620 memcmp(shname, "kretprobe/", 10) == 0 || 621 memcmp(shname, "tracepoint/", 11) == 0 || 622 memcmp(shname, "raw_tracepoint/", 15) == 0 || 623 memcmp(shname, "xdp", 3) == 0 || 624 memcmp(shname, "perf_event", 10) == 0 || 625 memcmp(shname, "socket", 6) == 0 || 626 memcmp(shname, "cgroup/", 7) == 0 || 627 memcmp(shname, "sockops", 7) == 0 || 628 memcmp(shname, "sk_skb", 6) == 0 || 629 memcmp(shname, "sk_msg", 6) == 0) { 630 ret = load_and_attach(shname, data->d_buf, 631 data->d_size); 632 if (ret != 0) 633 goto done; 634 } 635 } 636 637done: 638 close(fd); 639 return ret; 640} 641 642int load_bpf_file(char *path) 643{ 644 return do_load_bpf_file(path, NULL); 645} 646 647int load_bpf_file_fixup_map(const char *path, fixup_map_cb fixup_map) 648{ 649 return do_load_bpf_file(path, fixup_map); 650} 651 652void read_trace_pipe(void) 653{ 654 int trace_fd; 655 656 trace_fd = open(DEBUGFS "trace_pipe", O_RDONLY, 0); 657 if (trace_fd < 0) 658 return; 659 660 while (1) { 661 static char buf[4096]; 662 ssize_t sz; 663 664 sz = read(trace_fd, buf, sizeof(buf)); 665 if (sz > 0) { 666 buf[sz] = 0; 667 puts(buf); 668 } 669 } 670}