Skip to content

Commit

Permalink
update(bpf): introduce the BPF commands name
Browse files Browse the repository at this point in the history 
Signed-off-by: rohith-raju <rohithraju488@gmail.com>
  • Loading branch information
@Rohith-Raju
Rohith-Raju committed Dec 5, 2023
1 parent 98410bc commit 9387e6d
Show file tree
Hide file tree
Showing 7 changed files with 47 additions and 8 deletions.
4 changes: 2 additions & 2 deletions driver/bpf/fillers.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5795,8 +5795,8 @@ FILLER(sys_bpf_x, true)
bpf_push_s64_to_ring(data, fd);

/* Parameter 2: cmd (type: PT_INT32) */
int32_t cmd = (int32_t)bpf_syscall_get_argument(data, 0);
return bpf_push_s32_to_ring(data, cmd);
unsigned long cmd = bpf_syscall_get_argument(data, 0);
return bpf_push_s32_to_ring(data, (int32_t)bpf_cmd_to_scap(cmd));
}

FILLER(sys_unlinkat_x, true)
Expand Down
8 changes: 8 additions & 0 deletions driver/flags_table.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -709,3 +709,11 @@ const struct ppm_name_value mknod_mode[] = {
{0, 0},
};

const struct ppm_name_value bpf_commands[] = {
{"BPF_MAP_CREATE", PPM_BPF_MAP_CREATE},
{"BPF_MAP_LOOKUP_ELEM", PPM_BPF_MAP_LOOKUP_ELEM},
{"BPF_MAP_UPDATE_ELEM", PPM_BPF_MAP_UPDATE_ELEM},
{"BPF_MAP_DELETE_ELEM", PPM_BPF_MAP_DELETE_ELEM},
{"BPF_MAP_GET_NEXT_KEY", PPM_BPF_MAP_GET_NEXT_KEY},
{"BPF_PROG_LOAD", PPM_BPF_PROG_LOAD}
};
4 changes: 2 additions & 2 deletions driver/modern_bpf/programs/tail_called/events/syscall_dispatched_events/bpf.bpf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,8 @@ int BPF_PROG(bpf_x,
ringbuf__store_s64(&ringbuf, ret);

/* Parameter 2: cmd (type: PT_INT32) */
int32_t cmd = (int32_t)extract__syscall_argument(regs, 0);
ringbuf__store_s32(&ringbuf, cmd);
unsigned long cmd = extract__syscall_argument(regs, 0);
ringbuf__store_s32(&ringbuf,(int32_t)bpf_cmd_to_scap(cmd));


/*=============================== COLLECT PARAMETERS ===========================*/
Expand Down
12 changes: 11 additions & 1 deletion driver/ppm_events_public.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -798,6 +798,16 @@ or GPL2.txt for full copies of the license.
#define PPM_MODULE_INIT_IGNORE_VERMAGIC 2
#define PPM_MODULE_INIT_COMPRESSED_FILE 4

/*
* bpf_commands
*/
#define PPM_BPF_MAP_CREATE (1<<0)
#define PPM_BPF_MAP_LOOKUP_ELEM (1<<1)
#define PPM_BPF_MAP_UPDATE_ELEM (1<<2)
#define PPM_BPF_MAP_DELETE_ELEM (1<<3)
#define PPM_BPF_MAP_GET_NEXT_KEY (1<<4)
#define PPM_BPF_PROG_LOAD (1<<5)

/*
* Get/set the timerslack as used by poll/select/nanosleep
* A value of 0 means "use default"
Expand Down Expand Up @@ -2154,10 +2164,10 @@ extern const struct ppm_name_value fchownat_flags[];
extern const struct ppm_name_value prctl_options[];
extern const struct ppm_name_value memfd_create_flags[];
extern const struct ppm_name_value pidfd_open_flags[];
extern const struct ppm_name_value bpf_commands[];
extern const struct ppm_param_info sockopt_dynamic_param[];
extern const struct ppm_param_info ptrace_dynamic_param[];
extern const struct ppm_param_info bpf_dynamic_param[];

/*!
\brief Process information as returned by the PPM_IOCTL_GET_PROCLIST IOCTL.
*/
Expand Down
2 changes: 1 addition & 1 deletion driver/ppm_fillers.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6732,7 +6732,7 @@ int f_sys_bpf_x(struct event_filler_arguments *args)

/* Parameter 2: cmd (type: PT_INT64) */
syscall_get_arguments_deprecated(args, 0, 1, &val);
cmd = (int32_t)val;
cmd = (int32_t)bpf_cmd_to_scap(val);
res = val_to_ring(args, cmd, 0, false, 0);
CHECK_RES(res);
return add_sentinel(args);
Expand Down
21 changes: 21 additions & 0 deletions driver/ppm_flag_helpers.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2201,4 +2201,25 @@ static __always_inline uint32_t mknod_mode_to_scap(uint32_t modes)
return res;
}

static __always_inline uint32_t bpf_cmd_to_scap (unsigned long cmd){
switch (cmd)
{
case BPF_MAP_CREATE:
return PPM_BPF_MAP_CREATE;
case BPF_MAP_LOOKUP_ELEM:
return PPM_BPF_MAP_LOOKUP_ELEM;
case BPF_MAP_UPDATE_ELEM:
return PPM_BPF_MAP_UPDATE_ELEM;
case BPF_MAP_DELETE_ELEM:
return PPM_BPF_MAP_DELETE_ELEM;
case BPF_MAP_GET_NEXT_KEY:
return PPM_BPF_MAP_GET_NEXT_KEY;
case BPF_PROG_LOAD:
return PPM_BPF_PROG_LOAD;
default:
// if commmand name is not used (when cmd is 1 insted of BPF_MAP_CREATE)
return cmd;
}
}

#endif /* PPM_FLAG_HELPERS_H_ */
4 changes: 2 additions & 2 deletions test/drivers/test_suites/syscall_exit_suite/bpf_x.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ TEST(SyscallExit, bpfX_MAP_CREATE)

/*=============================== TRIGGER SYSCALL ===========================*/

int32_t cmd = 1;
int32_t cmd = BPF_MAP_CREATE;
union bpf_attr *attr = NULL;


Expand Down Expand Up @@ -148,7 +148,7 @@ TEST(SyscallExit, bpfX_MAP_CREATE)
/* Parameter 1: fd (type: PT_FD) */
evt_test->assert_numeric_param(1, errno_value);
/* Parameter 2: cmd (type: PT_INT32)*/
evt_test->assert_numeric_param(2, cmd);
evt_test->assert_numeric_param(2, PPM_BPF_MAP_CREATE);

/*=============================== ASSERT PARAMETERS ===========================*/

Expand Down

0 comments on commit 9387e6d

Please sign in to comment.