Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

new(driver/bpf): added bpf configure system similar to the kmod one. #1729

Merged
merged 3 commits into from
Mar 11, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion driver/Makefile.in
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ ifeq ($(FIRST_MAKEFILE_DIRNAME)/$(FIRST_MAKEFILE_FILENAME), scripts/Makefile.bui
# Build phase
MODULE_MAKEFILE_DIR := $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
MAKEFILE_INC_FILES := $(shell find $(MODULE_MAKEFILE_DIR)/configure -type f -name Makefile.inc)
$(info [configure] Including $(MAKEFILE_INC_FILES))
$(info [configure-kmod] Including $(MAKEFILE_INC_FILES))
include $(MAKEFILE_INC_FILES)
endif
endif # $(strip $(MAKEFILE_LIST)),Makefile
29 changes: 25 additions & 4 deletions driver/bpf/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@ set(BPF_SOURCES
types.h
)

if(NOT DEFINED DRIVER_BPF_COMPONENT_NAME)
set(DRIVER_BPF_COMPONENT_NAME ${DRIVER_COMPONENT_NAME})
endif()

# Append driver headers too since they are used by bpf headers
file(GLOB DRIVER_HEADERS ${CMAKE_CURRENT_SOURCE_DIR}/../*.h)
list(APPEND BPF_SOURCES ${DRIVER_HEADERS})
Expand All @@ -55,12 +59,29 @@ foreach(SOURCE IN LISTS BPF_SOURCES)
list(APPEND INSTALL_SET ${CMAKE_CURRENT_BINARY_DIR}/src/${FILENAME})
endforeach()

if(NOT DEFINED DRIVER_BPF_COMPONENT_NAME)
set(DRIVER_BPF_COMPONENT_NAME ${DRIVER_COMPONENT_NAME})
endif()

install(FILES
${INSTALL_SET}
DESTINATION "src/${DRIVER_PACKAGE_NAME}-${DRIVER_VERSION}/bpf"
COMPONENT ${DRIVER_BPF_COMPONENT_NAME}
)

#
# Copy all the "configure" modules
#
file(GLOB configure_modules "${CMAKE_CURRENT_SOURCE_DIR}/configure/*")
foreach(subdir ${configure_modules})
if(IS_DIRECTORY "${subdir}")
file(RELATIVE_PATH CONFIGURE_MODULE "${CMAKE_CURRENT_SOURCE_DIR}/configure" "${subdir}")
configure_file(configure/${CONFIGURE_MODULE}/test.c src/configure/${CONFIGURE_MODULE}/test.c COPYONLY)
configure_file(configure/Makefile src/configure/${CONFIGURE_MODULE}/Makefile COPYONLY)
configure_file(configure/build.sh src/configure/${CONFIGURE_MODULE}/build.sh COPYONLY)
configure_file(configure/Makefile.inc.in src/configure/${CONFIGURE_MODULE}/Makefile.inc)
install(FILES
"${CMAKE_CURRENT_BINARY_DIR}/src/configure/${CONFIGURE_MODULE}/build.sh"
"${CMAKE_CURRENT_BINARY_DIR}/src/configure/${CONFIGURE_MODULE}/test.c"
"${CMAKE_CURRENT_BINARY_DIR}/src/configure/${CONFIGURE_MODULE}/Makefile"
"${CMAKE_CURRENT_BINARY_DIR}/src/configure/${CONFIGURE_MODULE}/Makefile.inc"
DESTINATION "src/${DRIVER_PACKAGE_NAME}-${DRIVER_VERSION}/bpf/configure/${CONFIGURE_MODULE}"
COMPONENT ${DRIVER_BPF_COMPONENT_NAME})
endif()
endforeach()
21 changes: 21 additions & 0 deletions driver/bpf/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ always = $(always-y)
LLC ?= llc
CLANG ?= clang

ifeq ($(strip $(MAKEFILE_LIST)),Makefile)

KERNELDIR ?= /lib/modules/$(shell uname -r)/build

# DEBUG = -DBPF_DEBUG
Expand Down Expand Up @@ -42,6 +44,23 @@ clean:
$(MAKE) -C $(KERNELDIR) M=$$PWD clean
@rm -f *~

else

KERNELDIR ?= $(CURDIR)
#
# Get the path of the module sources
#
FIRST_MAKEFILE := $(firstword $(MAKEFILE_LIST))
FIRST_MAKEFILE_FILENAME := $(notdir $(FIRST_MAKEFILE))
FIRST_MAKEFILE_DIRNAME := $(shell basename $(dir $(FIRST_MAKEFILE)))
ifeq ($(FIRST_MAKEFILE_DIRNAME)/$(FIRST_MAKEFILE_FILENAME), scripts/Makefile.build)
# Build phase
MODULE_MAKEFILE_DIR := $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
MAKEFILE_INC_FILES := $(shell find $(MODULE_MAKEFILE_DIR)/configure -type f -name Makefile.inc)
$(info [configure-bpf] Including $(MAKEFILE_INC_FILES))
include $(MAKEFILE_INC_FILES)
endif

$(obj)/probe.o: $(src)/probe.c \
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

probe.o target must be visible when our makefile is called by kernel's makefile, ie: when we fall in the else branch now.

$(src)/bpf_helpers.h \
$(src)/filler_helpers.h \
Expand All @@ -66,3 +85,5 @@ $(obj)/probe.o: $(src)/probe.c \
-Wno-unknown-attributes \
-O2 -g -emit-llvm -c $< -o $(patsubst %.o,%.ll,$@)
$(LLC) -march=bpf -filetype=obj -o $@ $(patsubst %.o,%.ll,$@)

endif # $(strip $(MAKEFILE_LIST)),Makefile
45 changes: 45 additions & 0 deletions driver/bpf/configure/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# SPDX-License-Identifier: GPL-2.0-only OR MIT
#
# Copyright (C) 2023 The Falco Authors.
#
# This file is dual licensed under either the MIT or GPL 2. See
# MIT.txt or GPL.txt for full copies of the license.
#

always-y += test.o
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this makefile we want to build a stupidly simple bpf probe.

# kept for compatibility with kernels < 5.11
always = $(always-y)

LLC ?= llc
CLANG ?= clang

KERNELDIR ?= /lib/modules/$(shell uname -r)/build

# -fmacro-prefix-map is not supported on version of clang older than 10
# so remove it if necessary.
IS_CLANG_OLDER_THAN_10 := $(shell expr `$(CLANG) -dumpversion | cut -f1 -d.` \<= 10)
ifeq ($(IS_CLANG_OLDER_THAN_10), 1)
KBUILD_CPPFLAGS := $(filter-out -fmacro-prefix-map=%,$(KBUILD_CPPFLAGS))
endif

all:
$(MAKE) -C $(KERNELDIR) M=$$PWD

clean:
$(MAKE) -C $(KERNELDIR) M=$$PWD clean
@rm -f *~

$(obj)/test.o: $(src)/test.c
$(CLANG) $(LINUXINCLUDE) \
$(KBUILD_CPPFLAGS) \
$(KBUILD_EXTRA_CPPFLAGS) \
-D__KERNEL__ \
-D__BPF_TRACING__ \
-Wno-gnu-variable-sized-type-not-at-end \
-Wno-address-of-packed-member \
-fno-jump-tables \
-fno-stack-protector \
-Wno-tautological-compare \
-Wno-unknown-attributes \
-O2 -g -emit-llvm -c $< -o $(patsubst %.o,%.ll,$@)
$(LLC) -march=bpf -filetype=obj -o $@ $(patsubst %.o,%.ll,$@)
13 changes: 13 additions & 0 deletions driver/bpf/configure/Makefile.inc.in
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
MODULE_MAKEFILE_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))

# Run the module build.sh (wrapper for make) script with an empty environment, but PATH
HAS_@CONFIGURE_MODULE@ := $(shell env -i PATH="$(PATH)" KERNELDIR="$(KERNELDIR)" sh $(MODULE_MAKEFILE_DIR)/build.sh ; echo $$?)

ifeq ($(HAS_@CONFIGURE_MODULE@),0)
$(info [configure-bpf] Setting HAS_@CONFIGURE_MODULE@ flag)
KBUILD_CPPFLAGS += -DHAS_@CONFIGURE_MODULE@
else
HAS_@CONFIGURE_MODULE@_OUT := $(shell cat $(MODULE_MAKEFILE_DIR)/build.log)
$(info [configure-bpf] Build output for HAS_@CONFIGURE_MODULE@:)
$(info [configure-bpf] $(HAS_@CONFIGURE_MODULE@_OUT))
endif
31 changes: 31 additions & 0 deletions driver/bpf/configure/RSS_STAT_ARRAY/test.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
// SPDX-License-Identifier: GPL-2.0-only OR MIT
/*

Copyright (C) 2023 The Falco Authors.

This file is dual licensed under either the MIT or GPL 2. See MIT.txt
or GPL2.txt for full copies of the license.

*/

/*
* Check that mm_struct's field `rss_stat` is an array.
* See 6.2 kernel commit: https://github.com/torvalds/linux/commit/f1a7941243c102a44e8847e3b94ff4ff3ec56f25
*/

#include "../../quirks.h"
#include "../../ppm_events_public.h"
#include "../../types.h"

// struct mm_struct declaration
#include <linux/mm_types.h>

BPF_PROBE("signal/", signal_deliver, signal_deliver_args)
{
long val;
struct mm_struct *mm;
val = mm->rss_stat[0].count;
return 0;
}

char __license[] __bpf_section("license") = "Dual MIT/GPL";
13 changes: 13 additions & 0 deletions driver/bpf/configure/build.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/bin/sh

#
# Copyright (C) 2023 The Falco Authors.
#
# This file is dual licensed under either the MIT or GPL 2. See
# MIT.txt or GPL.txt for full copies of the license.
#

SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname ${SCRIPT})

make -C ${SCRIPT_DIR} > ${SCRIPT_DIR}/build.log 2>&1
7 changes: 3 additions & 4 deletions driver/bpf/fillers.h
Original file line number Diff line number Diff line change
Expand Up @@ -854,11 +854,10 @@ static __always_inline unsigned long bpf_get_mm_counter(struct mm_struct *mm,
{
long val;

// See 6.2 kernel commit: https://github.com/torvalds/linux/commit/f1a7941243c102a44e8847e3b94ff4ff3ec56f25
#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 2, 0)
bpf_probe_read_kernel(&val, sizeof(val), &mm->rss_stat.count[member]);
#else
#ifdef HAS_RSS_STAT_ARRAY
bpf_probe_read_kernel(&val, sizeof(val), &mm->rss_stat[member].count);
#else
bpf_probe_read_kernel(&val, sizeof(val), &mm->rss_stat.count[member]);
#endif
if (val < 0)
val = 0;
Expand Down
10 changes: 0 additions & 10 deletions driver/bpf/probe.c
Original file line number Diff line number Diff line change
Expand Up @@ -27,16 +27,6 @@ or GPL2.txt for full copies of the license.
#include "fillers.h"
#include "builtins.h"

#ifdef BPF_SUPPORTS_RAW_TRACEPOINTS
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved to types.h.

#define BPF_PROBE(prefix, event, type) \
__bpf_section(TP_NAME #event) \
int bpf_##event(struct type *ctx)
#else
#define BPF_PROBE(prefix, event, type) \
__bpf_section(TP_NAME prefix #event) \
int bpf_##event(struct type *ctx)
#endif

#define __NR_ia32_socketcall 102

BPF_PROBE("raw_syscalls/", sys_enter, sys_enter_args)
Expand Down
10 changes: 10 additions & 0 deletions driver/bpf/types.h
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,16 @@ or GPL2.txt for full copies of the license.
#define TP_NAME "tracepoint/"
#endif

#ifdef BPF_SUPPORTS_RAW_TRACEPOINTS
#define BPF_PROBE(prefix, event, type) \
__bpf_section(TP_NAME #event) \
int bpf_##event(struct type *ctx)
#else
#define BPF_PROBE(prefix, event, type) \
__bpf_section(TP_NAME prefix #event) \
int bpf_##event(struct type *ctx)
#endif

#ifdef BPF_SUPPORTS_RAW_TRACEPOINTS
struct sys_enter_args {
unsigned long regs;
Expand Down
6 changes: 3 additions & 3 deletions driver/configure/Makefile.inc.in
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@ MODULE_MAKEFILE_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
HAS_@CONFIGURE_MODULE@ := $(shell env -i PATH="$(PATH)" KERNELDIR="$(KERNELDIR)" sh $(MODULE_MAKEFILE_DIR)/build.sh ; echo $$?)

ifeq ($(HAS_@CONFIGURE_MODULE@),0)
$(info [configure] Setting HAS_@CONFIGURE_MODULE@ flag)
$(info [configure-kmod] Setting HAS_@CONFIGURE_MODULE@ flag)
ccflags-y += -DHAS_@CONFIGURE_MODULE@
else
HAS_@CONFIGURE_MODULE@_OUT := $(shell cat $(MODULE_MAKEFILE_DIR)/build.log)
$(info [configure] Build output for HAS_@CONFIGURE_MODULE@:)
$(info [configure] $(HAS_@CONFIGURE_MODULE@_OUT))
$(info [configure-kmod] Build output for HAS_@CONFIGURE_MODULE@:)
$(info [configure-kmod] $(HAS_@CONFIGURE_MODULE@_OUT))
endif
Loading