1. 26 Jan, 2019 8 commits
  2. 25 Jan, 2019 5 commits
  3. 24 Jan, 2019 15 commits
  4. 23 Jan, 2019 12 commits
    • Stanislav Fomichev's avatar
      selftests/bpf: don't hardcode iptables/nc path in test_tcpnotify_user · bbebce8e
      Stanislav Fomichev authored
      system() is calling shell which should find the appropriate full path
      via $PATH. On some systems, full path to iptables and/or nc might be
      different that we one we have hardcoded.
      Signed-off-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      bbebce8e
    • Taeung Song's avatar
      libbpf: Show supported ELF section names when failing to guess prog/attach type · c76e4c22
      Taeung Song authored
      We need to let users check their wrong ELF section name with proper
      ELF section names when they fail to get a prog/attach type from it.
      Because users can't realize libbpf guess prog/attach types from given
      ELF section names. For example, when a 'cgroup' section name of a
      BPF program is used, show available ELF section names(types).
      
      Before:
      
          $ bpftool prog load bpf-prog.o /sys/fs/bpf/prog1
          Error: failed to guess program type based on ELF section name cgroup
      
      After:
      
          libbpf: failed to guess program type based on ELF section name 'cgroup'
          libbpf: supported section(type) names are: socket kprobe/ kretprobe/ classifier action tracepoint/ raw_tracepoint/ xdp perf_event lwt_in lwt_out lwt_xmit lwt_seg6local cgroup_skb/ingress cgroup_skb/egress cgroup/skb cgroup/sock cgroup/post_bind4 cgroup/post_bind6 cgroup/dev sockops sk_skb/stream_parser sk_skb/stream_verdict sk_skb sk_msg lirc_mode2 flow_dissector cgroup/bind4 cgroup/bind6 cgroup/connect4 cgroup/connect6 cgroup/sendmsg4 cgroup/sendmsg6
      Signed-off-by: default avatarTaeung Song <treeze.taeung@gmail.com>
      Cc: Quentin Monnet <quentin.monnet@netronome.com>
      Cc: Jakub Kicinski <jakub.kicinski@netronome.com>
      Cc: Andrey Ignatov <rdna@fb.com>
      Reviewed-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Acked-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      c76e4c22
    • Yonghong Song's avatar
      bpf: btf: add btf documentation · ffcf7ce9
      Yonghong Song authored
      This patch added documentation for BTF (BPF Debug Format).
      The document is placed under linux:Documentation/bpf directory.
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      ffcf7ce9
    • Alexei Starovoitov's avatar
      Merge branch 'bpftool-probes' · cbeaad90
      Alexei Starovoitov authored
      Quentin Monnet says:
      
      ====================
      Hi,
      This set adds a new command to bpftool in order to dump a list of
      eBPF-related parameters for the system (or for a specific network
      device) to the console. Once again, this is based on a suggestion from
      Daniel.
      
      At this time, output includes:
      
          - Availability of bpf() system call
          - Availability of bpf() system call for unprivileged users
          - JIT status (enabled or not, with or without debugging traces)
          - JIT hardening status
          - JIT kallsyms exports status
          - Global memory limit for JIT compiler for unprivileged users
          - Status of kernel compilation options related to BPF features
          - Availability of known eBPF program types
          - Availability of known eBPF map types
          - Availability of known eBPF helper functions
      
      There are three different ways to dump this information at this time:
      
          - Plain output dumps probe results in plain text. It is the most
            flexible options for providing descriptive output to the user, but
            should not be relied upon for parsing the output.
          - JSON output is supported.
          - A third mode, available through the "macros" keyword appended to the
            command line, dumps some of those parameters (not all) as a series of
            "#define" directives, that can be included into a C header file for
            example.
      
      Probes for supported program and map types, and supported helpers, are
      directly added to libbpf, so that other applications (or selftests) can
      reuse them as necessary.
      
      If the user does not have root privileges (or more precisely, the
      CAP_SYS_ADMIN capability) detection will be erroneous for most
      parameters. Therefore, forbid non-root users to run the command.
      
      v5:
      - Move exported symbols to a new LIBBPF_0.0.2 section in libbpf.map
        (patches 4 to 6).
      - Minor fixes on patches 3 and 4.
      
      v4:
      - Probe bpf_jit_limit parameter (patch 2).
      - Probe some additional kernel config options (patch 3).
      - Minor fixes on patch 6.
      
      v3:
      - Do not probe kernel version in bpftool (just retrieve it to probe support
        for kprobes in libbpf).
      - Change the way results for helper support is displayed: now one list of
        compatible helpers for each program type (and C-style output gets a
        HAVE_PROG_TYPE_HELPER(prog_type, helper) macro to help with tests. See
        patches 6, 7.
      - Address other comments from feedback from v2 (please refer to individual
        patches' history).
      
      v2 (please also refer to individual patches' history):
      - Move probes for prog/map types, helpers, from bpftool to libbpf.
      - Move C-style output as a separate patch, and restrict it to a subset of
        collected information (bpf() availability, prog/map types, helpers).
      - Now probe helpers with all supported program types, and display a list of
        compatible program types (as supported on the system) for each helper.
      - NOT addressed: grouping compilation options for kernel into subsections
        (patch 3) (I don't see an easy way of grouping them at the moment, please
        see also the discussion on v1 thread).
      ====================
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      cbeaad90
    • Quentin Monnet's avatar
      tools: bpftool: add bash completion for bpftool probes · 948703e8
      Quentin Monnet authored
      Add the bash completion related to the newly introduced "bpftool feature
      probe" command.
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      948703e8
    • Quentin Monnet's avatar
      tools: bpftool: add probes for a network device · f9499fed
      Quentin Monnet authored
      bpftool gained support for probing the current system in order to see
      what program and map types, and what helpers are available on that
      system. This patch adds the possibility to pass an interface index to
      libbpf (and hence to the kernel) when trying to load the programs or to
      create the maps, in order to see what items a given network device can
      support.
      
      A new keyword "dev <ifname>" can be used as an alternative to "kernel"
      to indicate that the given device should be tested. If no target ("dev"
      or "kernel") is specified bpftool defaults to probing the kernel.
      
      Sample output:
      
          # bpftool -p feature probe dev lo
          {
              "syscall_config": {
                  "have_bpf_syscall": true
              },
              "program_types": {
                  "have_sched_cls_prog_type": false,
                  "have_xdp_prog_type": false
              },
              ...
          }
      
      As the target is a network device, /proc/ parameters and kernel
      configuration are NOT dumped. Availability of the bpf() syscall is
      still probed, so we can return early if that syscall is not usable
      (since there is no point in attempting the remaining probes in this
      case).
      
      Among the program types, only the ones that can be offloaded are probed.
      All map types are probed, as there is no specific rule telling which one
      could or could not be supported by a device in the future. All helpers
      are probed (but only for offload-able program types).
      
      Caveat: as bpftool does not attempt to attach programs to the device at
      the moment, probes do not entirely reflect what the device accepts:
      typically, for Netronome's nfp, results will announce that TC cls
      offload is available even if support has been deactivated (with e.g.
      ethtool -K eth1 hw-tc-offload off).
      
      v2:
      - All helpers are probed, whereas previous version would only probe the
        ones compatible with an offload-able program type. This is because we
        do not keep a default compatible program type for each helper anymore.
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      f9499fed
    • Quentin Monnet's avatar
      tools: bpftool: add C-style "#define" output for probes · d267cff4
      Quentin Monnet authored
      Make bpftool able to dump a subset of the parameters collected by
      probing the system as a listing of C-style #define macros, so that
      external projects can reuse the result of this probing and build
      BPF-based project in accordance with the features available on the
      system.
      
      The new "macros" keyword is used to select this output. An additional
      "prefix" keyword is added so that users can select a custom prefix for
      macro names, in order to avoid any namespace conflict.
      
      Sample output:
      
          # bpftool feature probe kernel macros prefix FOO_
          /*** System call availability ***/
          #define FOO_HAVE_BPF_SYSCALL
      
          /*** eBPF program types ***/
          #define FOO_HAVE_SOCKET_FILTER_PROG_TYPE
          #define FOO_HAVE_KPROBE_PROG_TYPE
          #define FOO_HAVE_SCHED_CLS_PROG_TYPE
          ...
      
          /*** eBPF map types ***/
          #define FOO_HAVE_HASH_MAP_TYPE
          #define FOO_HAVE_ARRAY_MAP_TYPE
          #define FOO_HAVE_PROG_ARRAY_MAP_TYPE
          ...
      
          /*** eBPF helper functions ***/
          /*
           * Use FOO_HAVE_PROG_TYPE_HELPER(prog_type_name, helper_name)
           * to determine if <helper_name> is available for <prog_type_name>,
           * e.g.
           *      #if FOO_HAVE_PROG_TYPE_HELPER(xdp, bpf_redirect)
           *              // do stuff with this helper
           *      #elif
           *              // use a workaround
           *      #endif
           */
          #define FOO_HAVE_PROG_TYPE_HELPER(prog_type, helper)        \
                  FOO_BPF__PROG_TYPE_ ## prog_type ## __HELPER_ ## helper
          ...
          #define FOO_BPF__PROG_TYPE_socket_filter__HELPER_bpf_probe_read 0
          #define FOO_BPF__PROG_TYPE_socket_filter__HELPER_bpf_ktime_get_ns 1
          #define FOO_BPF__PROG_TYPE_socket_filter__HELPER_bpf_trace_printk 1
          ...
      
      v3:
      - Change output for helpers again: add a
        HAVE_PROG_TYPE_HELPER(type, helper) macro that can be used to tell
        if <helper> is available for program <type>.
      
      v2:
      - #define-based output added as a distinct patch.
      - "HAVE_" prefix appended to macro names.
      - Output limited to bpf() syscall availability, BPF prog and map types,
        helper functions. In this version kernel config options, procfs
        parameter or kernel version are intentionally left aside.
      - Following the change on helper probes, format for helper probes in
        this output style has changed (now a list of compatible program
        types).
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      d267cff4
    • Quentin Monnet's avatar
      tools: bpftool: add probes for eBPF helper functions · 2d3ea5e8
      Quentin Monnet authored
      Similarly to what was done for program types and map types, add a set of
      probes to test the availability of the different eBPF helper functions
      on the current system.
      
      For each known program type, all known helpers are tested, in order to
      establish a compatibility matrix. Output is provided as a set of lists
      of available helpers, one per program type.
      
      Sample output:
      
          # bpftool feature probe kernel
          ...
          Scanning eBPF helper functions...
          eBPF helpers supported for program type socket_filter:
                  - bpf_map_lookup_elem
                  - bpf_map_update_elem
                  - bpf_map_delete_elem
          ...
          eBPF helpers supported for program type kprobe:
                  - bpf_map_lookup_elem
                  - bpf_map_update_elem
                  - bpf_map_delete_elem
          ...
      
          # bpftool --json --pretty feature probe kernel
          {
              ...
              "helpers": {
                  "socket_filter_available_helpers": ["bpf_map_lookup_elem", \
                          "bpf_map_update_elem","bpf_map_delete_elem", ...
                  ],
                  "kprobe_available_helpers": ["bpf_map_lookup_elem", \
                          "bpf_map_update_elem","bpf_map_delete_elem", ...
                  ],
                  ...
              }
          }
      
      v5:
      - In libbpf.map, move global symbol to the new LIBBPF_0.0.2 section.
      
      v4:
      - Use "enum bpf_func_id" instead of "__u32" in bpf_probe_helper()
        declaration for the type of the argument used to pass the id of
        the helper to probe.
      - Undef BPF_HELPER_MAKE_ENTRY after using it.
      
      v3:
      - Do not pass kernel version from bpftool to libbpf probes (kernel
        version for testing program with kprobes is retrieved directly from
        libbpf).
      - Dump one list of available helpers per program type (instead of one
        list of compatible program types per helper).
      
      v2:
      - Move probes from bpftool to libbpf.
      - Test all program types for each helper, print a list of working prog
        types for each helper.
      - Fall back on include/uapi/linux/bpf.h for names and ids of helpers.
      - Remove C-style macros output from this patch.
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      2d3ea5e8
    • Quentin Monnet's avatar
      tools: bpftool: add probes for eBPF map types · f99e1663
      Quentin Monnet authored
      Add new probes for eBPF map types, to detect what are the ones available
      on the system. Try creating one map of each type, and see if the kernel
      complains.
      
      Sample output:
      
          # bpftool feature probe kernel
          ...
          Scanning eBPF map types...
          eBPF map_type hash is available
          eBPF map_type array is available
          eBPF map_type prog_array is available
          ...
      
          # bpftool --json --pretty feature probe kernel
          {
              ...
              "map_types": {
                  "have_hash_map_type": true,
                  "have_array_map_type": true,
                  "have_prog_array_map_type": true,
                  ...
              }
          }
      
      v5:
      - In libbpf.map, move global symbol to the new LIBBPF_0.0.2 section.
      
      v3:
      - Use a switch with all enum values for setting specific map parameters,
        so that gcc complains at compile time (-Wswitch-enum) if new map types
        were added to the kernel but libbpf was not updated.
      
      v2:
      - Move probes from bpftool to libbpf.
      - Remove C-style macros output from this patch.
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      f99e1663
    • Quentin Monnet's avatar
      tools: bpftool: add probes for eBPF program types · 1bf4b058
      Quentin Monnet authored
      Introduce probes for supported BPF program types in libbpf, and call it
      from bpftool to test what types are available on the system. The probe
      simply consists in loading a very basic program of that type and see if
      the verifier complains or not.
      
      Sample output:
      
          # bpftool feature probe kernel
          ...
          Scanning eBPF program types...
          eBPF program_type socket_filter is available
          eBPF program_type kprobe is available
          eBPF program_type sched_cls is available
          ...
      
          # bpftool --json --pretty feature probe kernel
          {
              ...
              "program_types": {
                  "have_socket_filter_prog_type": true,
                  "have_kprobe_prog_type": true,
                  "have_sched_cls_prog_type": true,
                  ...
              }
          }
      
      v5:
      - In libbpf.map, move global symbol to a new LIBBPF_0.0.2 section.
      - Rename (non-API function) prog_load() as probe_load().
      
      v3:
      - Get kernel version for checking kprobes availability from libbpf
        instead of from bpftool. Do not pass kernel_version as an argument
        when calling libbpf probes.
      - Use a switch with all enum values for setting specific program
        parameters just before probing, so that gcc complains at compile time
        (-Wswitch-enum) if new prog types were added to the kernel but libbpf
        was not updated.
      - Add a comment in libbpf.h about setrlimit() usage to allow many
        consecutive probe attempts.
      
      v2:
      - Move probes from bpftool to libbpf.
      - Remove C-style macros output from this patch.
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      1bf4b058
    • Quentin Monnet's avatar
      tools: bpftool: add probes for kernel configuration options · 4567b983
      Quentin Monnet authored
      Add probes to dump a number of options set (or not set) for compiling
      the kernel image. These parameters provide information about what BPF
      components should be available on the system. A number of them are not
      directly related to eBPF, but are in fact used in the kernel as
      conditions on which to compile, or not to compile, some of the eBPF
      helper functions.
      
      Sample output:
      
          # bpftool feature probe kernel
          Scanning system configuration...
          ...
          CONFIG_BPF is set to y
          CONFIG_BPF_SYSCALL is set to y
          CONFIG_HAVE_EBPF_JIT is set to y
          ...
      
          # bpftool --pretty --json feature probe kernel
          {
              "system_config": {
                  ...
                  "CONFIG_BPF": "y",
                  "CONFIG_BPF_SYSCALL": "y",
                  "CONFIG_HAVE_EBPF_JIT": "y",
                  ...
              }
          }
      
      v5:
      - Declare options[] array in probe_kernel_image_config() as static.
      
      v4:
      - Add some options to the list:
          - CONFIG_TRACING
          - CONFIG_KPROBE_EVENTS
          - CONFIG_UPROBE_EVENTS
          - CONFIG_FTRACE_SYSCALLS
      - Add comments about those options in the source code.
      
      v3:
      - Add a comment about /proc/config.gz not being supported as a path for
        the config file at this time.
      - Use p_info() instead of p_err() on failure to get options from config
        file, as bpftool keeps probing other parameters and that would
        possibly create duplicate "error" entries for JSON.
      
      v2:
      - Remove C-style macros output from this patch.
      - NOT addressed: grouping of those config options into subsections
        (I don't see an easy way of grouping them at the moment, please see
        also the discussion on v1 thread).
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      4567b983
    • Quentin Monnet's avatar
      tools: bpftool: add probes for /proc/ eBPF parameters · 7a4522bb
      Quentin Monnet authored
      Add a set of probes to dump the eBPF-related parameters available from
      /proc/: availability of bpf() syscall for unprivileged users,
      JIT compiler status and hardening status, kallsyms exports status.
      
      Sample output:
      
          # bpftool feature probe kernel
          Scanning system configuration...
          bpf() syscall for unprivileged users is enabled
          JIT compiler is disabled
          JIT compiler hardening is disabled
          JIT compiler kallsyms exports are disabled
          Global memory limit for JIT compiler for unprivileged users \
                  is 264241152 bytes
          ...
      
          # bpftool --json --pretty feature probe kernel
          {
              "system_config": {
                  "unprivileged_bpf_disabled": 0,
                  "bpf_jit_enable": 0,
                  "bpf_jit_harden": 0,
                  "bpf_jit_kallsyms": 0,
                  "bpf_jit_limit": 264241152
              },
              ...
          }
      
      These probes are skipped if procfs is not mounted.
      
      v4:
      - Add bpf_jit_limit parameter.
      
      v2:
      - Remove C-style macros output from this patch.
      Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      7a4522bb