-
Notifications
You must be signed in to change notification settings - Fork 2
/
kernel_module.go
85 lines (72 loc) · 2.08 KB
/
kernel_module.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package main
import (
"fmt"
"os"
"os/exec"
"path/filepath"
"github.com/cilium/ebpf"
)
const bpffsRoot = "/sys/fs/bpf/iptables-trace"
func b2int(b bool) int {
if b {
return 1
}
return 0
}
func pinProg(p *ebpf.Program, name string) (string, error) {
pinPath := filepath.Join(bpffsRoot, name)
err := p.Pin(pinPath)
return pinPath, err
}
func unpinAll(progs ...*ebpf.Program) {
for _, p := range progs {
p.Unpin()
}
}
// func insmod(isKernelVersionGte_5_16 bool, kprobe, kretprobe, trace *ebpf.Program) error {
// out, err := exec.Command("insmod",
// "./kernel/iptables-trace.ko",
// fmt.Sprintf("bpf_prog_entry_fd=%d", kprobe.FD()),
// fmt.Sprintf("bpf_prog_exit_fd=%d", kretprobe.FD()),
// fmt.Sprintf("bpf_prog_trace_fd=%d", trace.FD()),
// fmt.Sprintf("version_gte_5_16=%d", b2int(isKernelVersionGte_5_16)),
// ).CombinedOutput()
// if err != nil {
// return fmt.Errorf("failed to insmod iptables-trace.ko: %w\n%s", err, string(out))
// }
// return nil
// }
func insmod(isKernelVersionGte_5_16 bool, kprobe, kretprobe, trace *ebpf.Program) error {
_ = os.MkdirAll(bpffsRoot, 0o755)
entryPath, err := pinProg(kprobe, "entry")
if err != nil {
return fmt.Errorf("failed to pin entry bpf prog: %w", err)
}
exitPath, err := pinProg(kretprobe, "exit")
if err != nil {
unpinAll(kprobe)
return fmt.Errorf("failed to pin exit bpf prog: %w", err)
}
tracePath, err := pinProg(trace, "trace")
if err != nil {
unpinAll(kprobe, kretprobe)
return fmt.Errorf("failed to pin trace bpf prog: %w", err)
}
os.Chdir("kernel")
defer os.Chdir("..")
out, err := exec.Command("insmod",
"iptables-trace.ko",
fmt.Sprintf("bpf_prog_entry_path=%s", entryPath),
fmt.Sprintf("bpf_prog_exit_path=%s", exitPath),
fmt.Sprintf("bpf_prog_trace_path=%s", tracePath),
fmt.Sprintf("version_gte_5_16=%d", b2int(isKernelVersionGte_5_16)),
).CombinedOutput()
if err != nil {
unpinAll(kprobe, kretprobe, trace)
return fmt.Errorf("failed to insmod iptables-trace.ko: %w\n%s", err, string(out))
}
return nil
}
func rmmod() error {
return exec.Command("rmmod", "iptables-trace").Run()
}