samples/bpf: Use BPF_KSYSCALL macro in syscall tracing programs

This commit enhances the syscall tracing programs by using the
BPF_SYSCALL macro to reduce the inconvenience of parsing arguments from
pt_regs. By simplifying argument extraction, bpf program will become
clear to understand.

Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20221224071527.2292-6-danieltimlee@gmail.com
This commit is contained in:
Daniel T. Lee 2022-12-24 16:15:26 +09:00 committed by Andrii Nakryiko
parent 2e5c4dd7f8
commit c5ffb26375
3 changed files with 19 additions and 23 deletions

View File

@ -101,7 +101,7 @@ struct {
} lru_hash_lookup_map SEC(".maps");
SEC("ksyscall/getuid")
int stress_hmap(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_hmap)
{
u32 key = bpf_get_current_pid_tgid();
long init_val = 1;
@ -119,7 +119,7 @@ int stress_hmap(struct pt_regs *ctx)
}
SEC("ksyscall/geteuid")
int stress_percpu_hmap(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_percpu_hmap)
{
u32 key = bpf_get_current_pid_tgid();
long init_val = 1;
@ -136,7 +136,7 @@ int stress_percpu_hmap(struct pt_regs *ctx)
}
SEC("ksyscall/getgid")
int stress_hmap_alloc(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_hmap_alloc)
{
u32 key = bpf_get_current_pid_tgid();
long init_val = 1;
@ -153,7 +153,7 @@ int stress_hmap_alloc(struct pt_regs *ctx)
}
SEC("ksyscall/getegid")
int stress_percpu_hmap_alloc(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_percpu_hmap_alloc)
{
u32 key = bpf_get_current_pid_tgid();
long init_val = 1;
@ -168,11 +168,10 @@ int stress_percpu_hmap_alloc(struct pt_regs *ctx)
}
return 0;
}
SEC("ksyscall/connect")
int stress_lru_hmap_alloc(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_lru_hmap_alloc, int fd, struct sockaddr_in *uservaddr,
int addrlen)
{
struct pt_regs *real_regs = (struct pt_regs *)PT_REGS_PARM1_CORE(ctx);
char fmt[] = "Failed at stress_lru_hmap_alloc. ret:%dn";
union {
u16 dst6[8];
@ -185,14 +184,11 @@ int stress_lru_hmap_alloc(struct pt_regs *ctx)
u32 key;
};
} test_params;
struct sockaddr_in6 *in6;
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)uservaddr;
u16 test_case;
int addrlen, ret;
long val = 1;
u32 key = 0;
in6 = (struct sockaddr_in6 *)PT_REGS_PARM2_CORE(real_regs);
addrlen = (int)PT_REGS_PARM3_CORE(real_regs);
int ret;
if (addrlen != sizeof(*in6))
return 0;
@ -250,7 +246,7 @@ int stress_lru_hmap_alloc(struct pt_regs *ctx)
}
SEC("ksyscall/gettid")
int stress_lpm_trie_map_alloc(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_lpm_trie_map_alloc)
{
union {
u32 b32[2];
@ -272,7 +268,7 @@ int stress_lpm_trie_map_alloc(struct pt_regs *ctx)
}
SEC("ksyscall/getpgid")
int stress_hash_map_lookup(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_hash_map_lookup)
{
u32 key = 1, i;
long *value;
@ -285,7 +281,7 @@ int stress_hash_map_lookup(struct pt_regs *ctx)
}
SEC("ksyscall/getppid")
int stress_array_map_lookup(struct pt_regs *ctx)
int BPF_KSYSCALL(stress_array_map_lookup)
{
u32 key = 1, i;
long *value;

View File

@ -8,6 +8,8 @@
#include "vmlinux.h"
#include <linux/version.h>
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_tracing.h>
#include <bpf/bpf_core_read.h>
struct {
__uint(type, BPF_MAP_TYPE_CGROUP_ARRAY);
@ -25,7 +27,7 @@ struct {
/* Writes the last PID that called sync to a map at index 0 */
SEC("ksyscall/sync")
int bpf_prog1(struct pt_regs *ctx)
int BPF_KSYSCALL(bpf_prog1)
{
u64 pid = bpf_get_current_pid_tgid();
int idx = 0;

View File

@ -27,24 +27,22 @@ struct {
* of course, across platforms, and over time, the ABI may change.
*/
SEC("ksyscall/connect")
int bpf_prog1(struct pt_regs *ctx)
int BPF_KSYSCALL(bpf_prog1, int fd, struct sockaddr_in *uservaddr,
int addrlen)
{
struct pt_regs *real_regs = (struct pt_regs *)PT_REGS_PARM1_CORE(ctx);
void *sockaddr_arg = (void *)PT_REGS_PARM2_CORE(real_regs);
int sockaddr_len = (int)PT_REGS_PARM3_CORE(real_regs);
struct sockaddr_in new_addr, orig_addr = {};
struct sockaddr_in *mapped_addr;
if (sockaddr_len > sizeof(orig_addr))
if (addrlen > sizeof(orig_addr))
return 0;
if (bpf_probe_read_user(&orig_addr, sizeof(orig_addr), sockaddr_arg) != 0)
if (bpf_probe_read_user(&orig_addr, sizeof(orig_addr), uservaddr) != 0)
return 0;
mapped_addr = bpf_map_lookup_elem(&dnat_map, &orig_addr);
if (mapped_addr != NULL) {
memcpy(&new_addr, mapped_addr, sizeof(new_addr));
bpf_probe_write_user(sockaddr_arg, &new_addr,
bpf_probe_write_user(uservaddr, &new_addr,
sizeof(new_addr));
}
return 0;