Sys-Ebpf
view release on metacpan or search on metacpan
lib/Sys/Ebpf/Loader.pm view on Meta::CPAN
};
return $self->load_bpf_program($bpf_attrs);
}
sub load_bpf_program {
my ( $self, $bpf_attrs ) = @_;
my $defaults = {
prog_type => 0,
insn_cnt => 0,
insns => "",
license => "",
log_level => 1,
log_size => 1024 * 10,
log_buf => "\0" x ( 1024 * 10 ),
kern_version => 0,
prog_flags => 0,
};
my $attrs = { %$defaults, %$bpf_attrs, };
# bpf_attræ§‹é€ ä½“ã®ãƒ‘ック
my $attr = pack(
"L L Q Q L L Q L L",
$attrs->{prog_type},
$attrs->{insn_cnt},
unpack( "Q", pack( "P", $attrs->{insns} ) ),
unpack( "Q", pack( "P", $attrs->{license} ) ),
$attrs->{log_level},
$attrs->{log_size},
unpack( "Q", pack( "P", $attrs->{log_buf} ) ),
$attrs->{kern_version},
$attrs->{prog_flags}
);
# syscallã®å®Ÿè¡Œ
my $fd = syscall( Sys::Ebpf::Syscall::SYS_bpf(),
BPF_PROG_LOAD, $attr, length($attr) );
if ( $fd < 0 ) {
my $errno = $!;
warn "Errno: $errno\n";
if ( $errno == EACCES || $errno == EPERM ) {
warn "Permission denied. Are you running as root?\n";
}
warn "Log buffer content:\n", $attrs->{log_buf}, "\n";
die "BPF program load failed: $!\n";
}
return $fd;
}
# リãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’é©ç”¨
# args:
# prob_section: プãƒã‚°ãƒ©ãƒ セクション
# reloc_sections: リãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚»ã‚¯ã‚·ãƒ§ãƒ³
# elf: ELFデータ
# map_hash_ref: マップデータã®ãƒªãƒ•ã‚¡ãƒ¬ãƒ³ã‚¹
# r_offsetを使ã£ã¦ã€ä¿®æ£ã™ã¹ã命令(インストラクション)をkprobe/sys_execveセクション内ã‹ã‚‰ç‰¹å®šã—ã¾ã™ã€‚
# r_infoã‹ã‚‰ã‚·ãƒ³ãƒœãƒ«ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã‚’å–å¾—ã—ã€ãã®ã‚·ãƒ³ãƒœãƒ«ã®ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’シンボルテーブル(.symtab)ã‹ã‚‰å–å¾—ã—ã¾ã™ã€‚
# ä¿®æ£ã™ã¹ãインストラクションã«ã€ã‚·ãƒ³ãƒœãƒ«ã®ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’é©ç”¨ã—ã¦ã€æ£ã—ã„マップã¸ã®å‚ç…§ã«æ›¸ãæ›ãˆã¾ã™ã€‚
sub apply_map_relocations {
my ( $self, $prob_section, $reloc_sections, $elf, $map_hash_ref ) = @_;
my $symbols_section = $elf->{symbols};
for my $reloc_section (@$reloc_sections) {
my $r_info = $reloc_section->{r_info};
my $r_offset
= $reloc_section->{r_offset} + $prob_section->{sh_offset};
my $sym_index = $r_info >> 32; # シンボルインデックスをå–å¾—
my $reloc_type = $r_info & 0xFFFFFFFF; # リãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚¿ã‚¤ãƒ—ã‚’å–å¾—
# シンボルテーブルã‹ã‚‰relocation対象ã«ãªã‚Šå¾—るシンボルåã‚’å–å¾—
my $symbol = $symbols_section->[$sym_index] // undef;
if ( !$symbol ) {
print "Symbol Table not found for index: $sym_index\n";
next;
}
my $sym_name = $symbol->{st_name};
if ( $symbol->{st_shndx} == 0 ) {
print "Symbol Name Table not found for index: $sym_index\n";
next;
}
# `$map_data` ã®ä¸ã®ã‚¿ãƒ—ルを確èªã—ã¦ã€æœŸå¾…ã—ã¦ã‚‹ãƒžãƒƒãƒ—åãŒå˜åœ¨ã™ã‚‹ã‹ãƒã‚§ãƒƒã‚¯(fdã‚’å–å¾—)
my $map_fd = undef;
for my $map_name ( keys %$map_hash_ref ) {
my $map = $map_hash_ref->{$map_name};
if ( $sym_name eq $map_name ) {
$map_fd = $map->{map_fd};
last; # マップãŒè¦‹ã¤ã‹ã£ãŸã‚‰ãƒ«ãƒ¼ãƒ—を抜ã‘ã‚‹
}
}
if ( defined $map_fd ) {
# 指定ã•ã‚ŒãŸã‚ªãƒ•ã‚»ãƒƒãƒˆä½ç½®ã«ã‚ã‚‹ `lddw` 命令(16ãƒã‚¤ãƒˆï¼‰ã‚’å–å¾—
my $bpf_insn
= substr( $self->{reader}->{raw_elf_data}, $r_offset, 16 )
; # 16ãƒã‚¤ãƒˆã‚’å–å¾—
my $bpf_insn_len = length($bpf_insn);
my ( $high, $low )
= Sys::Ebpf::Asm::deserialize_128bit_instruction($bpf_insn);
# å³å€¤ (64ビット) ã«ãƒžãƒƒãƒ—FDã‚’è¨å®š
$high->set_imm($map_fd);
$low->set_imm( $map_fd >> 32 );
# src_reg ã« PSEUDO_MAP_FD (1) ã‚’è¨å®š
$high->set_src_reg(1);
# ä¿®æ£å¾Œã®å‘½ä»¤ã‚’パックã—ã¦ã€å…ƒã®å ´æ‰€ã«æ›¸ã戻ã™
my $new_bpf_insn
= Sys::Ebpf::Asm::serialize_128bit_instruction( $high, $low );
substr( $self->{reader}->{raw_elf_data},
$r_offset, 16, $new_bpf_insn );
# 書ãæ›ãˆãŸå¾Œã®å‘½ä»¤ã‚’出力
my $after_bpf_insn
= substr( $self->{reader}->{raw_elf_data}, $r_offset, 16 );
}
}
}
# BPF プãƒã‚°ãƒ©ãƒ ã¨ãƒžãƒƒãƒ—ã‚’ãƒãƒ¼ãƒ‰
# args:
# section_name: BPF プãƒã‚°ãƒ©ãƒ ã®ã‚»ã‚¯ã‚·ãƒ§ãƒ³å
# return:
# map_collection: マップåã¨FDã®çµ„ã«ãªã£ãŸhashã®ãƒªãƒ•ã‚¡ãƒ¬ãƒ³ã‚¹
# prog_fd: プãƒã‚°ãƒ©ãƒ FD
sub load_bpf {
my ( $self, $section_name ) = @_;
my $bpfelf = $self->{bpfelf};
my $maps = $self->extract_bpf_map_attributes('maps');
my %map_collection;
# map_attr_refã®å„ã‚ー(マップå)ã«å¯¾ã—ã¦å‡¦ç†ã‚’実行
for my $map (@$maps) {
my $map_name = $map->{map_name};
my $map_instance = Sys::Ebpf::Map->create($map);
my $map_fd = $map_instance->{map_fd};
if ( $map_fd < 0 ) {
die "Failed to load BPF map: $map_name (FD: $map_fd})\n";
}
$map_collection{$map_name} = $map_instance;
}
# リãƒã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’é©ç”¨
my $reloc_section = $bpfelf->{relocations}{ ".rel" . $section_name };
my $prob_section
= find_symbol_table_from_name( $bpfelf->{sections}, $section_name );
if ( defined $reloc_section ) {
$self->apply_map_relocations( $prob_section, $reloc_section, $bpfelf,
\%map_collection );
}
# todo: bpfprobãŒè¤‡æ•°ã‚るケースã«ã‚‚対応ã™ã‚‹
# BPF プãƒã‚°ãƒ©ãƒ ã‚’ãƒãƒ¼ãƒ‰
my $prog_fd = $self->load_bpf_program_from_elf($section_name);
return ( \%map_collection, $prog_fd );
}
1;
( run in 0.517 second using v1.01-cache-2.11-cpan-71847e10f99 )