Eric Lee / smarc-ti-linux-kernel

06 Dec, 2014

4 commits

  • fbe331084   samples: bpf: large eBPF program in C ... Browse Code »

    sockex2_kern.c is purposefully large eBPF program in C.
    llvm compiles ~200 lines of C code into ~300 eBPF instructions.

    It's similar to __skb_flow_dissect() to demonstrate that complex packet parsing
    can be done by eBPF.
    Then it uses (struct flow_keys)->dst IP address (or hash of ipv6 dst) to keep
    stats of number of packets per IP.
    User space loads eBPF program, attaches it to loopback interface and prints
    dest_ip->#packets stats every second.

    Usage:
    $sudo samples/bpf/sockex2
    ip 127.0.0.1 count 19
    ip 127.0.0.1 count 178115
    ip 127.0.0.1 count 369437
    ip 127.0.0.1 count 559841
    ip 127.0.0.1 count 750539

    Signed-off-by: Alexei Starovoitov
    Signed-off-by: David S. Miller

    Alexei Starovoitov
     
  • a80857822   samples: bpf: trivial eBPF program in C ... Browse Code »
    5

    this example does the same task as previous socket example
    in assembler, but this one does it in C.

    eBPF program in kernel does:
    /* assume that packet is IPv4, load one byte of IP->proto */
    int index = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol));
    long *value;

    value = bpf_map_lookup_elem(&my_map, &index);
    if (value)
    __sync_fetch_and_add(value, 1);

    Corresponding user space reads map[tcp], map[udp], map[icmp]
    and prints protocol stats every second

    Signed-off-by: Alexei Starovoitov
    Signed-off-by: David S. Miller

    Alexei Starovoitov
     
  • 249b812d8   samples: bpf: elf_bpf file loader ... Browse Code »

    simple .o parser and loader using BPF syscall.
    .o is a standard ELF generated by LLVM backend

    It parses elf file compiled by llvm .c->.o
    - parses 'maps' section and creates maps via BPF syscall
    - parses 'license' section and passes it to syscall
    - parses elf relocations for BPF maps and adjusts BPF_LD_IMM64 insns
    by storing map_fd into insn->imm and marking such insns as BPF_PSEUDO_MAP_FD
    - loads eBPF programs via BPF syscall

    One ELF file can contain multiple BPF programs.

    int load_bpf_file(char *path);
    populates prog_fd[] and map_fd[] with FDs received from bpf syscall

    bpf_helpers.h - helper functions available to eBPF programs written in C

    Signed-off-by: Alexei Starovoitov
    Signed-off-by: David S. Miller

    Alexei Starovoitov
     
  • 03f4723ed   samples: bpf: example of stateful socket filtering ... Browse Code »

    this socket filter example does:
    - creates arraymap in kernel with key 4 bytes and value 8 bytes

    - loads eBPF program which assumes that packet is IPv4 and loads one byte of
    IP->proto from the packet and uses it as a key in a map

    r0 = skb->data[ETH_HLEN + offsetof(struct iphdr, protocol)];
    *(u32*)(fp - 4) = r0;
    value = bpf_map_lookup_elem(map_fd, fp - 4);
    if (value)
    (*(u64*)value) += 1;

    - attaches this program to raw socket

    - every second user space reads map[IPPROTO_TCP], map[IPPROTO_UDP], map[IPPROTO_ICMP]
    to see how many packets of given protocol were seen on loopback interface

    Usage:
    $sudo samples/bpf/sock_example
    TCP 0 UDP 0 ICMP 0 packets
    TCP 187600 UDP 0 ICMP 4 packets
    TCP 376504 UDP 0 ICMP 8 packets
    TCP 563116 UDP 0 ICMP 12 packets
    TCP 753144 UDP 0 ICMP 16 packets

    Signed-off-by: Alexei Starovoitov
    Signed-off-by: David S. Miller

    Alexei Starovoitov
     

19 Nov, 2014

2 commits

31 Oct, 2014

1 commit

  • 342ded409   samples: bpf: add a verifier test and summary line ... Browse Code »

    - add a test specifically targeting verifier state pruning.
    It checks state propagation between registers, storing that
    state into stack and state pruning algorithm recognizing
    equivalent stack and register states.

    - add summary line to spot failures easier

    Signed-off-by: Alexei Starovoitov
    Signed-off-by: David S. Miller

    Alexei Starovoitov
     

22 Oct, 2014

1 commit

  • 32bf08a62   bpf: fix bug in eBPF verifier ... Browse Code »

    while comparing for verifier state equivalency the comparison
    was missing a check for uninitialized register.
    Make sure it does so and add a testcase.

    Fixes: f1bca824dabb ("bpf: add search pruning optimization to verifier")
    Cc: Hannes Frederic Sowa
    Signed-off-by: Alexei Starovoitov
    Acked-by: Hannes Frederic Sowa
    Signed-off-by: David S. Miller

    Alexei Starovoitov
     

02 Oct, 2014

1 commit

27 Sep, 2014

1 commit

  • 3c731eba4   bpf: mini eBPF library, test stubs and verifier testsuite ... Browse Code »

    1.
    the library includes a trivial set of BPF syscall wrappers:
    int bpf_create_map(int key_size, int value_size, int max_entries);
    int bpf_update_elem(int fd, void *key, void *value);
    int bpf_lookup_elem(int fd, void *key, void *value);
    int bpf_delete_elem(int fd, void *key);
    int bpf_get_next_key(int fd, void *key, void *next_key);
    int bpf_prog_load(enum bpf_prog_type prog_type,
    const struct sock_filter_int *insns, int insn_len,
    const char *license);
    bpf_prog_load() stores verifier log into global bpf_log_buf[] array

    and BPF_*() macros to build instructions

    2.
    test stubs configure eBPF infra with 'unspec' map and program types.
    These are fake types used by user space testsuite only.

    3.
    verifier tests valid and invalid programs and expects predefined
    error log messages from kernel.
    40 tests so far.

    $ sudo ./test_verifier
    #0 add+sub+mul OK
    #1 unreachable OK
    #2 unreachable2 OK
    #3 out of range jump OK
    #4 out of range jump2 OK
    #5 test1 ld_imm64 OK
    ...

    Signed-off-by: Alexei Starovoitov
    Signed-off-by: David S. Miller

    Alexei Starovoitov