From 57a97928388a8d5cd3dd7d16da7c200028f54ccc Mon Sep 17 00:00:00 2001 From: Robert O'Callahan Date: Wed, 28 Aug 2024 01:04:36 +1200 Subject: [PATCH] Use `RR_BPF_` constants for all BPF command values New commands keep appearing and we need their definitions, but we can't rely on them being present in the build machine's `linux/bpf.h`. They are enum values, so we can't conditionally define `BPF_` values using #ifdef. --- src/kernel_supplement.h | 72 ++++++++++++++++++++--------------------- src/record_syscall.cc | 24 +++++++------- src/test/bpf.c | 2 +- src/test/bpf_map.c | 8 ++--- src/test/bpf_query.c | 10 +++--- src/test/util.h | 39 ++++++++++++++++++++++ 6 files changed, 97 insertions(+), 58 deletions(-) diff --git a/src/kernel_supplement.h b/src/kernel_supplement.h index 45eaf66c88a..d100e8e744c 100644 --- a/src/kernel_supplement.h +++ b/src/kernel_supplement.h @@ -424,42 +424,42 @@ struct rr_input_mask { #endif enum { - BPF_MAP_CREATE, - BPF_MAP_LOOKUP_ELEM, - BPF_MAP_UPDATE_ELEM, - BPF_MAP_DELETE_ELEM, - BPF_MAP_GET_NEXT_KEY, - BPF_PROG_LOAD, - BPF_OBJ_PIN, - BPF_OBJ_GET, - BPF_PROG_ATTACH, - BPF_PROG_DETACH, - BPF_PROG_TEST_RUN, - BPF_PROG_GET_NEXT_ID, - BPF_MAP_GET_NEXT_ID, - BPF_PROG_GET_FD_BY_ID, - BPF_MAP_GET_FD_BY_ID, - BPF_OBJ_GET_INFO_BY_FD, - BPF_PROG_QUERY, - BPF_RAW_TRACEPOINT_OPEN, - BPF_BTF_LOAD, - BPF_BTF_GET_FD_BY_ID, - BPF_TASK_FD_QUERY, - BPF_MAP_LOOKUP_AND_DELETE_ELEM, - BPF_MAP_FREEZE, - BPF_BTF_GET_NEXT_ID, - BPF_MAP_LOOKUP_BATCH, - BPF_MAP_LOOKUP_AND_DELETE_BATCH, - BPF_MAP_UPDATE_BATCH, - BPF_MAP_DELETE_BATCH, - BPF_LINK_CREATE, - BPF_LINK_UPDATE, - BPF_LINK_GET_FD_BY_ID, - BPF_LINK_GET_NEXT_ID, - BPF_ENABLE_STATS, - BPF_ITER_CREATE, - BPF_LINK_DETACH, - BPF_PROG_BIND_MAP, + RR_BPF_MAP_CREATE, + RR_BPF_MAP_LOOKUP_ELEM, + RR_BPF_MAP_UPDATE_ELEM, + RR_BPF_MAP_DELETE_ELEM, + RR_BPF_MAP_GET_NEXT_KEY, + RR_BPF_PROG_LOAD, + RR_BPF_OBJ_PIN, + RR_BPF_OBJ_GET, + RR_BPF_PROG_ATTACH, + RR_BPF_PROG_DETACH, + RR_BPF_PROG_TEST_RUN, + RR_BPF_PROG_GET_NEXT_ID, + RR_BPF_MAP_GET_NEXT_ID, + RR_BPF_PROG_GET_FD_BY_ID, + RR_BPF_MAP_GET_FD_BY_ID, + RR_BPF_OBJ_GET_INFO_BY_FD, + RR_BPF_PROG_QUERY, + RR_BPF_RAW_TRACEPOINT_OPEN, + RR_BPF_BTF_LOAD, + RR_BPF_BTF_GET_FD_BY_ID, + RR_BPF_TASK_FD_QUERY, + RR_BPF_MAP_LOOKUP_AND_DELETE_ELEM, + RR_BPF_MAP_FREEZE, + RR_BPF_BTF_GET_NEXT_ID, + RR_BPF_MAP_LOOKUP_BATCH, + RR_BPF_MAP_LOOKUP_AND_DELETE_BATCH, + RR_BPF_MAP_UPDATE_BATCH, + RR_BPF_MAP_DELETE_BATCH, + RR_BPF_LINK_CREATE, + RR_BPF_LINK_UPDATE, + RR_BPF_LINK_GET_FD_BY_ID, + RR_BPF_LINK_GET_NEXT_ID, + RR_BPF_ENABLE_STATS, + RR_BPF_ITER_CREATE, + RR_BPF_LINK_DETACH, + RR_BPF_PROG_BIND_MAP, }; #ifndef O_PATH diff --git a/src/record_syscall.cc b/src/record_syscall.cc index 78f8504035c..e60d5cd6211 100644 --- a/src/record_syscall.cc +++ b/src/record_syscall.cc @@ -2170,16 +2170,16 @@ static Switchable prepare_bpf(RecordTask* t, TaskSyscallState& syscall_state) { int cmd = t->regs().arg1(); switch (cmd) { - case BPF_MAP_CREATE: - case BPF_MAP_UPDATE_ELEM: - case BPF_MAP_DELETE_ELEM: - case BPF_BTF_LOAD: - case BPF_PROG_DETACH: - case BPF_PROG_ATTACH: + case RR_BPF_MAP_CREATE: + case RR_BPF_MAP_UPDATE_ELEM: + case RR_BPF_MAP_DELETE_ELEM: + case RR_BPF_BTF_LOAD: + case RR_BPF_PROG_DETACH: + case RR_BPF_PROG_ATTACH: break; - case BPF_OBJ_GET: + case RR_BPF_OBJ_GET: return ALLOW_SWITCH; - case BPF_PROG_LOAD: { + case RR_BPF_PROG_LOAD: { auto argsp = syscall_state.reg_parameter(2, IN); auto args = t->read_mem(argsp); @@ -2187,21 +2187,21 @@ static Switchable prepare_bpf(RecordTask* t, args.log_size); break; } - case BPF_MAP_LOOKUP_ELEM: { + case RR_BPF_MAP_LOOKUP_ELEM: { remote_ptr argsp; BpfMapMonitor* monitor = bpf_map_monitor(t, syscall_state, &argsp); syscall_state.mem_ptr_parameter(REMOTE_PTR_FIELD(argsp, value), monitor->value_size()); break; } - case BPF_MAP_GET_NEXT_KEY: { + case RR_BPF_MAP_GET_NEXT_KEY: { remote_ptr argsp; BpfMapMonitor* monitor = bpf_map_monitor(t, syscall_state, &argsp); syscall_state.mem_ptr_parameter(REMOTE_PTR_FIELD(argsp, next_key), monitor->key_size()); break; } - case BPF_PROG_QUERY: { + case RR_BPF_PROG_QUERY: { auto attr_size = t->regs().arg3(); auto attr_begin = syscall_state.reg_parameter(2, attr_size, IN_OUT); auto attr_buf = MemoryRange(attr_begin, attr_size); @@ -6706,7 +6706,7 @@ static void rec_process_syscall_arch(RecordTask* t, case Arch::bpf: if (!t->regs().syscall_failed()) { switch ((int)t->regs().orig_arg1()) { - case BPF_MAP_CREATE: { + case RR_BPF_MAP_CREATE: { int fd = t->regs().syscall_result_signed(); auto attr = t->read_mem(remote_ptr(t->regs().arg2())); t->fd_table()->add_monitor(t, fd, new BpfMapMonitor(attr.key_size, attr.value_size)); diff --git a/src/test/bpf.c b/src/test/bpf.c index 36ee190d82e..e72ad16ac8c 100644 --- a/src/test/bpf.c +++ b/src/test/bpf.c @@ -15,7 +15,7 @@ int main(void) { const char* filename = "foo"; memset(&attr, 0, sizeof(attr)); attr.pathname = (__u64)(uintptr_t)filename; - bpf(BPF_OBJ_GET, &attr, 1); + bpf(RR_BPF_OBJ_GET, &attr, 1); } atomic_puts("EXIT-SUCCESS"); diff --git a/src/test/bpf_map.c b/src/test/bpf_map.c index d183ea3bedc..745df07d875 100644 --- a/src/test/bpf_map.c +++ b/src/test/bpf_map.c @@ -23,7 +23,7 @@ int main(void) { attr.key_size = sizeof(key); attr.value_size = sizeof(value); attr.max_entries = 10; - map_fd = bpf(BPF_MAP_CREATE, &attr, sizeof(attr)); + map_fd = bpf(RR_BPF_MAP_CREATE, &attr, sizeof(attr)); if (map_fd < 0) { if (errno == ENOSYS) { atomic_puts("bpf syscall not supported"); @@ -42,11 +42,11 @@ int main(void) { attr.key = (uintptr_t)&key; attr.value = (uintptr_t)&value; attr.flags = BPF_ANY; - ret = bpf(BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr)); + ret = bpf(RR_BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr)); ALLOCATE_GUARD(value_out, 'a'); attr.value = (uintptr_t)value_out; - ret = bpf(BPF_MAP_LOOKUP_ELEM, &attr, sizeof(attr)); + ret = bpf(RR_BPF_MAP_LOOKUP_ELEM, &attr, sizeof(attr)); test_assert(0 == ret); VERIFY_GUARD(value_out); test_assert(value == *value_out); @@ -54,7 +54,7 @@ int main(void) { ALLOCATE_GUARD(next_key, 'b'); attr.key = (uintptr_t)&unknown_key; attr.next_key = (uintptr_t)next_key; - ret = bpf(BPF_MAP_GET_NEXT_KEY, &attr, sizeof(attr)); + ret = bpf(RR_BPF_MAP_GET_NEXT_KEY, &attr, sizeof(attr)); test_assert(0 == ret); VERIFY_GUARD(next_key); test_assert(key == *next_key); diff --git a/src/test/bpf_query.c b/src/test/bpf_query.c index ffb1969c88a..8a08a0ba1f4 100644 --- a/src/test/bpf_query.c +++ b/src/test/bpf_query.c @@ -45,7 +45,7 @@ int main(void) { // query cgroups bpf programs. at first, no programs are attached query_attr.query.prog_cnt = 2; query_attr.query.attach_type = ATTACH_TYPE; - if (bpf(BPF_PROG_QUERY, &query_attr, sizeof(query_attr.query)) != 0) { + if (bpf(RR_BPF_PROG_QUERY, &query_attr, sizeof(query_attr.query)) != 0) { if (errno == ENOSYS) { atomic_puts("Skipping test because bpf is not supported"); atomic_puts("EXIT-SUCCESS"); @@ -58,7 +58,7 @@ int main(void) { atomic_puts("EXIT-SUCCESS"); return 0; } - test_assert(0 && "bpf(BPF_PROG_QUERY) failed"); + test_assert(0 && "bpf(RR_BPF_PROG_QUERY) failed"); } test_assert(query_attr.query.prog_cnt == 0); @@ -75,7 +75,7 @@ int main(void) { }; const int offset_of_attach_prog_fd = 112; size_t prog_attr_size = offset_of_attach_prog_fd + sizeof(__u32); - int prog = bpf(BPF_PROG_LOAD, &prog_attr, prog_attr_size); + int prog = bpf(RR_BPF_PROG_LOAD, &prog_attr, prog_attr_size); if (prog < 0) { atomic_puts(log_buf); test_assert(0 && "failed to load program"); @@ -88,12 +88,12 @@ int main(void) { const int offset_of_replace_bpf_fd = 112; size_t attach_attr_size = offset_of_replace_bpf_fd + sizeof(__u32); attach_attr.attach_bpf_fd = prog; - test_assert(bpf(BPF_PROG_ATTACH, &attach_attr, attach_attr_size) == 0); + test_assert(bpf(RR_BPF_PROG_ATTACH, &attach_attr, attach_attr_size) == 0); // query again query_attr.query.prog_cnt = 1; query_attr.query.attach_type = ATTACH_TYPE; - test_assert(bpf(BPF_PROG_QUERY, &query_attr, sizeof(query_attr.query)) == 0); + test_assert(bpf(RR_BPF_PROG_QUERY, &query_attr, sizeof(query_attr.query)) == 0); test_assert(query_attr.query.prog_cnt == 1); // the kernel sets this field atomic_puts("EXIT-SUCCESS"); diff --git a/src/test/util.h b/src/test/util.h index cab6cda1be2..f54a31759eb 100644 --- a/src/test/util.h +++ b/src/test/util.h @@ -600,4 +600,43 @@ struct rseq_cs { uint64_t abort_ip; } __attribute__((aligned(32))); +enum { + RR_BPF_MAP_CREATE, + RR_BPF_MAP_LOOKUP_ELEM, + RR_BPF_MAP_UPDATE_ELEM, + RR_BPF_MAP_DELETE_ELEM, + RR_BPF_MAP_GET_NEXT_KEY, + RR_BPF_PROG_LOAD, + RR_BPF_OBJ_PIN, + RR_BPF_OBJ_GET, + RR_BPF_PROG_ATTACH, + RR_BPF_PROG_DETACH, + RR_BPF_PROG_TEST_RUN, + RR_BPF_PROG_GET_NEXT_ID, + RR_BPF_MAP_GET_NEXT_ID, + RR_BPF_PROG_GET_FD_BY_ID, + RR_BPF_MAP_GET_FD_BY_ID, + RR_BPF_OBJ_GET_INFO_BY_FD, + RR_BPF_PROG_QUERY, + RR_BPF_RAW_TRACEPOINT_OPEN, + RR_BPF_BTF_LOAD, + RR_BPF_BTF_GET_FD_BY_ID, + RR_BPF_TASK_FD_QUERY, + RR_BPF_MAP_LOOKUP_AND_DELETE_ELEM, + RR_BPF_MAP_FREEZE, + RR_BPF_BTF_GET_NEXT_ID, + RR_BPF_MAP_LOOKUP_BATCH, + RR_BPF_MAP_LOOKUP_AND_DELETE_BATCH, + RR_BPF_MAP_UPDATE_BATCH, + RR_BPF_MAP_DELETE_BATCH, + RR_BPF_LINK_CREATE, + RR_BPF_LINK_UPDATE, + RR_BPF_LINK_GET_FD_BY_ID, + RR_BPF_LINK_GET_NEXT_ID, + RR_BPF_ENABLE_STATS, + RR_BPF_ITER_CREATE, + RR_BPF_LINK_DETACH, + RR_BPF_PROG_BIND_MAP, +}; + #endif /* RRUTIL_H */