cf9b1199de
This example shows using a kprobe to act as a dnat mechanism to divert traffic for arbitrary endpoints. It rewrite the arguments to a syscall while they're still in userspace, and before the syscall has a chance to copy the argument into kernel space. Although this is an example, it also acts as a test because the mapped address is 255.255.255.255:555 -> real address, and that's not a legal address to connect to. If the helper is broken, the example will fail on the intermediate steps, as well as the final step to verify the rewrite of userspace memory succeeded. Signed-off-by: Sargun Dhillon <sargun@sargun.me> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
142 lines
4.7 KiB
Makefile
142 lines
4.7 KiB
Makefile
# kbuild trick to avoid linker error. Can be omitted if a module is built.
|
|
obj- := dummy.o
|
|
|
|
# List of programs to build
|
|
hostprogs-y := test_verifier test_maps
|
|
hostprogs-y += sock_example
|
|
hostprogs-y += fds_example
|
|
hostprogs-y += sockex1
|
|
hostprogs-y += sockex2
|
|
hostprogs-y += sockex3
|
|
hostprogs-y += tracex1
|
|
hostprogs-y += tracex2
|
|
hostprogs-y += tracex3
|
|
hostprogs-y += tracex4
|
|
hostprogs-y += tracex5
|
|
hostprogs-y += tracex6
|
|
hostprogs-y += test_probe_write_user
|
|
hostprogs-y += trace_output
|
|
hostprogs-y += lathist
|
|
hostprogs-y += offwaketime
|
|
hostprogs-y += spintest
|
|
hostprogs-y += map_perf_test
|
|
hostprogs-y += test_overhead
|
|
hostprogs-y += test_cgrp2_array_pin
|
|
hostprogs-y += xdp1
|
|
hostprogs-y += xdp2
|
|
|
|
test_verifier-objs := test_verifier.o libbpf.o
|
|
test_maps-objs := test_maps.o libbpf.o
|
|
sock_example-objs := sock_example.o libbpf.o
|
|
fds_example-objs := bpf_load.o libbpf.o fds_example.o
|
|
sockex1-objs := bpf_load.o libbpf.o sockex1_user.o
|
|
sockex2-objs := bpf_load.o libbpf.o sockex2_user.o
|
|
sockex3-objs := bpf_load.o libbpf.o sockex3_user.o
|
|
tracex1-objs := bpf_load.o libbpf.o tracex1_user.o
|
|
tracex2-objs := bpf_load.o libbpf.o tracex2_user.o
|
|
tracex3-objs := bpf_load.o libbpf.o tracex3_user.o
|
|
tracex4-objs := bpf_load.o libbpf.o tracex4_user.o
|
|
tracex5-objs := bpf_load.o libbpf.o tracex5_user.o
|
|
tracex6-objs := bpf_load.o libbpf.o tracex6_user.o
|
|
test_probe_write_user-objs := bpf_load.o libbpf.o test_probe_write_user_user.o
|
|
trace_output-objs := bpf_load.o libbpf.o trace_output_user.o
|
|
lathist-objs := bpf_load.o libbpf.o lathist_user.o
|
|
offwaketime-objs := bpf_load.o libbpf.o offwaketime_user.o
|
|
spintest-objs := bpf_load.o libbpf.o spintest_user.o
|
|
map_perf_test-objs := bpf_load.o libbpf.o map_perf_test_user.o
|
|
test_overhead-objs := bpf_load.o libbpf.o test_overhead_user.o
|
|
test_cgrp2_array_pin-objs := libbpf.o test_cgrp2_array_pin.o
|
|
xdp1-objs := bpf_load.o libbpf.o xdp1_user.o
|
|
# reuse xdp1 source intentionally
|
|
xdp2-objs := bpf_load.o libbpf.o xdp1_user.o
|
|
|
|
# Tell kbuild to always build the programs
|
|
always := $(hostprogs-y)
|
|
always += sockex1_kern.o
|
|
always += sockex2_kern.o
|
|
always += sockex3_kern.o
|
|
always += tracex1_kern.o
|
|
always += tracex2_kern.o
|
|
always += tracex3_kern.o
|
|
always += tracex4_kern.o
|
|
always += tracex5_kern.o
|
|
always += tracex6_kern.o
|
|
always += test_probe_write_user_kern.o
|
|
always += trace_output_kern.o
|
|
always += tcbpf1_kern.o
|
|
always += lathist_kern.o
|
|
always += offwaketime_kern.o
|
|
always += spintest_kern.o
|
|
always += map_perf_test_kern.o
|
|
always += test_overhead_tp_kern.o
|
|
always += test_overhead_kprobe_kern.o
|
|
always += parse_varlen.o parse_simple.o parse_ldabs.o
|
|
always += test_cgrp2_tc_kern.o
|
|
always += xdp1_kern.o
|
|
always += xdp2_kern.o
|
|
|
|
HOSTCFLAGS += -I$(objtree)/usr/include
|
|
|
|
HOSTCFLAGS_bpf_load.o += -I$(objtree)/usr/include -Wno-unused-variable
|
|
HOSTLOADLIBES_fds_example += -lelf
|
|
HOSTLOADLIBES_sockex1 += -lelf
|
|
HOSTLOADLIBES_sockex2 += -lelf
|
|
HOSTLOADLIBES_sockex3 += -lelf
|
|
HOSTLOADLIBES_tracex1 += -lelf
|
|
HOSTLOADLIBES_tracex2 += -lelf
|
|
HOSTLOADLIBES_tracex3 += -lelf
|
|
HOSTLOADLIBES_tracex4 += -lelf -lrt
|
|
HOSTLOADLIBES_tracex5 += -lelf
|
|
HOSTLOADLIBES_tracex6 += -lelf
|
|
HOSTLOADLIBES_test_probe_write_user += -lelf
|
|
HOSTLOADLIBES_trace_output += -lelf -lrt
|
|
HOSTLOADLIBES_lathist += -lelf
|
|
HOSTLOADLIBES_offwaketime += -lelf
|
|
HOSTLOADLIBES_spintest += -lelf
|
|
HOSTLOADLIBES_map_perf_test += -lelf -lrt
|
|
HOSTLOADLIBES_test_overhead += -lelf -lrt
|
|
HOSTLOADLIBES_xdp1 += -lelf
|
|
HOSTLOADLIBES_xdp2 += -lelf
|
|
|
|
# Allows pointing LLC/CLANG to a LLVM backend with bpf support, redefine on cmdline:
|
|
# make samples/bpf/ LLC=~/git/llvm/build/bin/llc CLANG=~/git/llvm/build/bin/clang
|
|
LLC ?= llc
|
|
CLANG ?= clang
|
|
|
|
# Trick to allow make to be run from this directory
|
|
all:
|
|
$(MAKE) -C ../../ $$PWD/
|
|
|
|
clean:
|
|
$(MAKE) -C ../../ M=$$PWD clean
|
|
@rm -f *~
|
|
|
|
# Verify LLVM compiler tools are available and bpf target is supported by llc
|
|
.PHONY: verify_cmds verify_target_bpf $(CLANG) $(LLC)
|
|
|
|
verify_cmds: $(CLANG) $(LLC)
|
|
@for TOOL in $^ ; do \
|
|
if ! (which -- "$${TOOL}" > /dev/null 2>&1); then \
|
|
echo "*** ERROR: Cannot find LLVM tool $${TOOL}" ;\
|
|
exit 1; \
|
|
else true; fi; \
|
|
done
|
|
|
|
verify_target_bpf: verify_cmds
|
|
@if ! (${LLC} -march=bpf -mattr=help > /dev/null 2>&1); then \
|
|
echo "*** ERROR: LLVM (${LLC}) does not support 'bpf' target" ;\
|
|
echo " NOTICE: LLVM version >= 3.7.1 required" ;\
|
|
exit 2; \
|
|
else true; fi
|
|
|
|
$(src)/*.c: verify_target_bpf
|
|
|
|
# asm/sysreg.h - inline assembly used by it is incompatible with llvm.
|
|
# But, there is no easy way to fix it, so just exclude it since it is
|
|
# useless for BPF samples.
|
|
$(obj)/%.o: $(src)/%.c
|
|
$(CLANG) $(NOSTDINC_FLAGS) $(LINUXINCLUDE) $(EXTRA_CFLAGS) \
|
|
-D__KERNEL__ -D__ASM_SYSREG_H -Wno-unused-value -Wno-pointer-sign \
|
|
-Wno-compare-distinct-pointer-types \
|
|
-O2 -emit-llvm -c $< -o -| $(LLC) -march=bpf -filetype=obj -o $@
|