Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 1 | /* |
| 2 | * eBPF user space agent part |
| 3 | * |
| 4 | * Simple, _self-contained_ user space agent for the eBPF kernel |
| 5 | * ebpf_prog.c program, which gets all map fds passed from tc via unix |
| 6 | * domain socket in one transaction and can thus keep referencing |
| 7 | * them from user space in order to read out (or possibly modify) |
| 8 | * map data. Here, just as a minimal example to display counters. |
| 9 | * |
| 10 | * The agent only uses the bpf(2) syscall API to read or possibly |
| 11 | * write to eBPF maps, it doesn't need to be aware of the low-level |
| 12 | * bytecode parts and/or ELF parsing bits. |
| 13 | * |
| 14 | * ! For more details, see header comment in bpf_prog.c ! |
| 15 | * |
| 16 | * gcc bpf_agent.c -o bpf_agent -Wall -O2 |
| 17 | * |
| 18 | * For example, a more complex user space agent could run on each |
| 19 | * host, reading and writing into eBPF maps used by tc classifier |
| 20 | * and actions. It would thus allow for implementing a distributed |
| 21 | * tc architecture, for example, which would push down central |
| 22 | * policies into eBPF maps, and thus altering run-time behaviour. |
| 23 | * |
| 24 | * -- Happy eBPF hacking! ;) |
| 25 | */ |
| 26 | |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 27 | #define _GNU_SOURCE |
| 28 | |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 29 | #include <stdio.h> |
| 30 | #include <stdlib.h> |
| 31 | #include <string.h> |
| 32 | #include <errno.h> |
| 33 | #include <unistd.h> |
| 34 | #include <stdint.h> |
| 35 | #include <assert.h> |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 36 | |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 37 | #include <sys/un.h> |
| 38 | #include <sys/types.h> |
| 39 | #include <sys/stat.h> |
| 40 | #include <sys/socket.h> |
| 41 | |
| 42 | /* Just some misc macros as min(), offsetof(), etc. */ |
| 43 | #include "../../include/utils.h" |
| 44 | /* Common code from fd passing. */ |
| 45 | #include "../../include/bpf_scm.h" |
| 46 | /* Common, shared definitions with ebpf_prog.c */ |
| 47 | #include "bpf_shared.h" |
| 48 | /* Mini syscall wrapper */ |
| 49 | #include "bpf_sys.h" |
| 50 | |
| 51 | static void bpf_dump_drops(int fd) |
| 52 | { |
| 53 | int cpu, max; |
| 54 | |
| 55 | max = sysconf(_SC_NPROCESSORS_ONLN); |
| 56 | |
| 57 | printf(" `- number of drops:"); |
| 58 | for (cpu = 0; cpu < max; cpu++) { |
| 59 | long drops; |
| 60 | |
| 61 | assert(bpf_lookup_elem(fd, &cpu, &drops) == 0); |
| 62 | printf("\tcpu%d: %5ld", cpu, drops); |
| 63 | } |
| 64 | printf("\n"); |
| 65 | } |
| 66 | |
| 67 | static void bpf_dump_queue(int fd) |
| 68 | { |
| 69 | /* Just for the same of the example. */ |
| 70 | int max_queue = 4, i; |
| 71 | |
| 72 | printf(" | nic queues:"); |
| 73 | for (i = 0; i < max_queue; i++) { |
| 74 | struct count_queue cq; |
| 75 | int ret; |
| 76 | |
| 77 | memset(&cq, 0, sizeof(cq)); |
| 78 | ret = bpf_lookup_elem(fd, &i, &cq); |
| 79 | assert(ret == 0 || (ret < 0 && errno == ENOENT)); |
| 80 | |
| 81 | printf("\tq%d:[pkts: %ld, mis: %ld]", |
| 82 | i, cq.total, cq.mismatch); |
| 83 | } |
| 84 | printf("\n"); |
| 85 | } |
| 86 | |
| 87 | static void bpf_dump_proto(int fd) |
| 88 | { |
| 89 | uint8_t protos[] = { IPPROTO_TCP, IPPROTO_UDP, IPPROTO_ICMP }; |
| 90 | char *names[] = { "tcp", "udp", "icmp" }; |
| 91 | int i; |
| 92 | |
| 93 | printf(" ` protos:"); |
| 94 | for (i = 0; i < ARRAY_SIZE(protos); i++) { |
| 95 | struct count_tuple ct; |
| 96 | int ret; |
| 97 | |
| 98 | memset(&ct, 0, sizeof(ct)); |
| 99 | ret = bpf_lookup_elem(fd, &protos[i], &ct); |
| 100 | assert(ret == 0 || (ret < 0 && errno == ENOENT)); |
| 101 | |
| 102 | printf("\t%s:[pkts: %ld, bytes: %ld]", |
| 103 | names[i], ct.packets, ct.bytes); |
| 104 | } |
| 105 | printf("\n"); |
| 106 | } |
| 107 | |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 108 | static void bpf_dump_map_data(int *tfd) |
| 109 | { |
| 110 | int i; |
| 111 | |
| 112 | for (i = 0; i < 30; i++) { |
| 113 | const int period = 5; |
| 114 | |
| 115 | printf("data, period: %dsec\n", period); |
| 116 | |
| 117 | bpf_dump_drops(tfd[BPF_MAP_ID_DROPS]); |
| 118 | bpf_dump_queue(tfd[BPF_MAP_ID_QUEUE]); |
| 119 | bpf_dump_proto(tfd[BPF_MAP_ID_PROTO]); |
| 120 | |
| 121 | sleep(period); |
| 122 | } |
| 123 | } |
| 124 | |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 125 | static void bpf_info_loop(int *fds, struct bpf_map_aux *aux) |
| 126 | { |
| 127 | int i, tfd[BPF_MAP_ID_MAX]; |
| 128 | |
| 129 | printf("ver: %d\nobj: %s\ndev: %lu\nino: %lu\nmaps: %u\n", |
| 130 | aux->uds_ver, aux->obj_name, aux->obj_st.st_dev, |
| 131 | aux->obj_st.st_ino, aux->num_ent); |
| 132 | |
| 133 | for (i = 0; i < aux->num_ent; i++) { |
| 134 | printf("map%d:\n", i); |
| 135 | printf(" `- fd: %u\n", fds[i]); |
| 136 | printf(" | serial: %u\n", aux->ent[i].id); |
| 137 | printf(" | type: %u\n", aux->ent[i].type); |
| 138 | printf(" | max elem: %u\n", aux->ent[i].max_elem); |
| 139 | printf(" | size key: %u\n", aux->ent[i].size_key); |
| 140 | printf(" ` size val: %u\n", aux->ent[i].size_value); |
| 141 | |
| 142 | tfd[aux->ent[i].id] = fds[i]; |
| 143 | } |
| 144 | |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 145 | bpf_dump_map_data(tfd); |
| 146 | } |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 147 | |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 148 | static void bpf_map_get_from_env(int *tfd) |
| 149 | { |
| 150 | char key[64], *val; |
| 151 | int i; |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 152 | |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 153 | for (i = 0; i < BPF_MAP_ID_MAX; i++) { |
| 154 | memset(key, 0, sizeof(key)); |
| 155 | snprintf(key, sizeof(key), "BPF_MAP%d", i); |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 156 | |
Nicolas Dichtel | 611f70b | 2015-07-23 09:17:41 +0200 | [diff] [blame] | 157 | val = getenv(key); |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 158 | assert(val != NULL); |
| 159 | |
| 160 | tfd[i] = atoi(val); |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 161 | } |
| 162 | } |
| 163 | |
| 164 | static int bpf_map_set_recv(int fd, int *fds, struct bpf_map_aux *aux, |
| 165 | unsigned int entries) |
| 166 | { |
| 167 | struct bpf_map_set_msg msg; |
| 168 | int *cmsg_buf, min_fd, i; |
| 169 | char *amsg_buf, *mmsg_buf; |
| 170 | |
| 171 | cmsg_buf = bpf_map_set_init(&msg, NULL, 0); |
| 172 | amsg_buf = (char *)msg.aux.ent; |
| 173 | mmsg_buf = (char *)&msg.aux; |
| 174 | |
| 175 | for (i = 0; i < entries; i += min_fd) { |
| 176 | struct cmsghdr *cmsg; |
| 177 | int ret; |
| 178 | |
| 179 | min_fd = min(BPF_SCM_MAX_FDS * 1U, entries - i); |
| 180 | |
| 181 | bpf_map_set_init_single(&msg, min_fd); |
| 182 | |
| 183 | ret = recvmsg(fd, &msg.hdr, 0); |
| 184 | if (ret <= 0) |
| 185 | return ret ? : -1; |
| 186 | |
| 187 | cmsg = CMSG_FIRSTHDR(&msg.hdr); |
| 188 | if (!cmsg || cmsg->cmsg_type != SCM_RIGHTS) |
| 189 | return -EINVAL; |
| 190 | if (msg.hdr.msg_flags & MSG_CTRUNC) |
| 191 | return -EIO; |
| 192 | |
| 193 | min_fd = (cmsg->cmsg_len - sizeof(*cmsg)) / sizeof(fd); |
| 194 | if (min_fd > entries || min_fd <= 0) |
| 195 | return -1; |
| 196 | |
| 197 | memcpy(&fds[i], cmsg_buf, sizeof(fds[0]) * min_fd); |
| 198 | memcpy(&aux->ent[i], amsg_buf, sizeof(aux->ent[0]) * min_fd); |
| 199 | memcpy(aux, mmsg_buf, offsetof(struct bpf_map_aux, ent)); |
| 200 | |
| 201 | if (i + min_fd == aux->num_ent) |
| 202 | break; |
| 203 | } |
| 204 | |
| 205 | return 0; |
| 206 | } |
| 207 | |
| 208 | int main(int argc, char **argv) |
| 209 | { |
| 210 | int fds[BPF_SCM_MAX_FDS]; |
| 211 | struct bpf_map_aux aux; |
| 212 | struct sockaddr_un addr; |
| 213 | int fd, ret, i; |
| 214 | |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 215 | /* When arguments are being passed, we take it as a path |
| 216 | * to a Unix domain socket, otherwise we grab the fds |
| 217 | * from the environment to demonstrate both possibilities. |
| 218 | */ |
| 219 | if (argc == 1) { |
| 220 | int tfd[BPF_MAP_ID_MAX]; |
| 221 | |
| 222 | bpf_map_get_from_env(tfd); |
| 223 | bpf_dump_map_data(tfd); |
| 224 | |
| 225 | return 0; |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 226 | } |
| 227 | |
| 228 | fd = socket(AF_UNIX, SOCK_DGRAM, 0); |
| 229 | if (fd < 0) { |
| 230 | fprintf(stderr, "Cannot open socket: %s\n", |
| 231 | strerror(errno)); |
| 232 | exit(1); |
| 233 | } |
| 234 | |
| 235 | memset(&addr, 0, sizeof(addr)); |
| 236 | addr.sun_family = AF_UNIX; |
| 237 | strncpy(addr.sun_path, argv[argc - 1], sizeof(addr.sun_path)); |
| 238 | |
| 239 | ret = bind(fd, (struct sockaddr *)&addr, sizeof(addr)); |
| 240 | if (ret < 0) { |
| 241 | fprintf(stderr, "Cannot bind to socket: %s\n", |
| 242 | strerror(errno)); |
| 243 | exit(1); |
| 244 | } |
| 245 | |
| 246 | memset(fds, 0, sizeof(fds)); |
| 247 | memset(&aux, 0, sizeof(aux)); |
| 248 | |
| 249 | ret = bpf_map_set_recv(fd, fds, &aux, BPF_SCM_MAX_FDS); |
| 250 | if (ret >= 0) |
| 251 | bpf_info_loop(fds, &aux); |
| 252 | |
| 253 | for (i = 0; i < aux.num_ent; i++) |
| 254 | close(fds[i]); |
Daniel Borkmann | 4bd6244 | 2015-04-16 21:20:06 +0200 | [diff] [blame] | 255 | |
Daniel Borkmann | 6256f8c | 2015-04-01 17:57:44 +0200 | [diff] [blame] | 256 | close(fd); |
| 257 | return 0; |
| 258 | } |