1. 06 Apr, 2017 4 commits
  2. 05 Apr, 2017 9 commits
    • Marek Vavruša's avatar
      lua/bpf: cleanup, nicer code dump format · 67bb1502
      Marek Vavruša authored
      67bb1502
    • Marek Vavruša's avatar
      lua/bpf: implement explicit PTR[0] operation · d28957ef
      Marek Vavruša authored
      the BPF maps and pointers were previously
      implicitly dereferenced whenever an operation
      on them required a value and not a pointer.
      the upside is that accessing map element data
      didn’t require an explicit operation, the downside
      is that it wasn’t possible to get the value
      explicitly.
      
      this makes it possible to dereference any pointer
      and materialize the value in the register as long
      as it’s shorter than register width using `ptr[0]`
      element access operator.
      d28957ef
    • Marek Vavruša's avatar
      lua/bpf: implemented emulated LD_ABS64 · fefaf32b
      Marek Vavruša authored
      the DW LD_ABS|IND is prohibited, so it is
      implemented as a double W load with shift.
      this is slow as it also has to undo the ntohl
      semantics of W loads, but makes dissection of
      64bit fields with absolute addressing possible 
      fefaf32b
    • Marek Vavruša's avatar
      lua/bpf: implemented packet direct access · 7addb8ac
      Marek Vavruša authored
      the direct access to packet is implemented as
      a `load_bytes(off, var)` built-in for basic support,
      there is no implicit data loader using it yet
      7addb8ac
    • Marek Vavruša's avatar
      lua/bpf: support for NET_OFF for dissector · 9704add7
      Marek Vavruša authored
      the packet can now use indirect addressing mode
      using NET_OFF to read from network protocol off
      
      it has convenience dissectors for IPv4 and IPv6,
      that can be used like:
      
      ```
      local net = pkt.net_off
      if net.ver == 4 then
          local ip = net.ip
      else
          local ip6 = net.ip6
      end
      ```
      9704add7
    • 4ast's avatar
      Merge pull request #1093 from palmtenor/symfree · f762df56
      4ast authored
      Free demangle_name after use
      f762df56
    • 4ast's avatar
      Merge pull request #1096 from qmonnet/kernelfeatures · 0e96bd8d
      4ast authored
      docs: update list of XDP compatible drivers
      0e96bd8d
    • Quentin Monnet's avatar
      docs: update list of XDP compatible drivers · bcf7e3ad
      Quentin Monnet authored
      Add missing nfp driver to the list.
      
      While we're at it, add name and pointers for other drivers for which XDP
      support is known to exist, but has not yet been pushed to the main
      kernel branch.
      
      Note that e1000e is not available online at this date, the link points
      to an email stating that the patch could be provided upon request.
      bcf7e3ad
    • Teng Qin's avatar
      Free demangle_name after use · 9f066e40
      Teng Qin authored
      9f066e40
  3. 04 Apr, 2017 6 commits
  4. 03 Apr, 2017 6 commits
  5. 02 Apr, 2017 3 commits
  6. 01 Apr, 2017 8 commits
  7. 31 Mar, 2017 2 commits
  8. 30 Mar, 2017 2 commits
    • Iago López Galeiras's avatar
      tools: add tcptracer (#762) · f37434bd
      Iago López Galeiras authored
      * tools: add tcptracer
      
      This allows tracking TCP connections by tracking TCP connects, closes
      and accepts.
      
      This is different from existing tools like tcpconnect or tcpaccept in
      that:
      
      * It includes more information like network namespace or source ports
      for tcpconnects or remote ports for tcpaccepts
      * It traces tcp_close allowing to see when a connection ends
      * It only shows information about established connections
      
      * tcptracer: add to README
      
      * tcptracer: add example
      
      * tcptracer: add man page
      f37434bd
    • Paul Chaignon's avatar
      u* tools: automatically detect the language (#1067) · 4bb6d7fe
      Paul Chaignon authored
      * cc: bcc function to detect the language of a process
      
      bcc_procutils_language looks into /proc/$pid/cmdline, /proc/$pid/exe,
      and /proc/$pid/maps to determine the language.
      Python wrapper takes a list of candidate languages; if the detected
      language is not part of the list, None is returned.
      
      * u* tools: automatically detect the language
      
      Uses the detect_language bcc helper. -l switch can override the
      detected language. In uthreads and ucalls, the language can be
      overwritten to 'none' to trace pthreads and syscalls respectively.
      
      All tools use the -l switch to set the language, for consistency.
      4bb6d7fe