From a793a34d238c76b1268e09b14dc9e417e2e82b2e Mon Sep 17 00:00:00 2001 From: cfc4n Date: Sat, 14 Oct 2023 22:59:10 +0800 Subject: [PATCH 1/2] improve: add missing parameters. Signed-off-by: cfc4n --- kern/bash_kern.c | 3 +++ kern/boringssl_masterkey.h | 3 +++ kern/gnutls_kern.c | 3 +++ kern/gotls_kern.c | 6 ++++++ kern/mysqld_kern.c | 3 +++ kern/nspr_kern.c | 3 +++ kern/postgres_kern.c | 3 +++ 7 files changed, 24 insertions(+) diff --git a/kern/bash_kern.c b/kern/bash_kern.c index 67a4129d5..c789061c8 100644 --- a/kern/bash_kern.c +++ b/kern/bash_kern.c @@ -24,6 +24,9 @@ struct event { struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } events SEC(".maps"); struct { diff --git a/kern/boringssl_masterkey.h b/kern/boringssl_masterkey.h index fc383614b..fe8ae03bf 100644 --- a/kern/boringssl_masterkey.h +++ b/kern/boringssl_masterkey.h @@ -83,6 +83,9 @@ struct ssl3_handshake_st { // bpf map struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } mastersecret_events SEC(".maps"); struct { diff --git a/kern/gnutls_kern.c b/kern/gnutls_kern.c index 9fe68fb0c..ecf98a0ea 100644 --- a/kern/gnutls_kern.c +++ b/kern/gnutls_kern.c @@ -28,6 +28,9 @@ struct ssl_data_event_t { struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } gnutls_events SEC(".maps"); /*********************************************************** diff --git a/kern/gotls_kern.c b/kern/gotls_kern.c index 307ddf267..f109d8fc2 100644 --- a/kern/gotls_kern.c +++ b/kern/gotls_kern.c @@ -52,10 +52,16 @@ struct mastersecret_gotls_t { // bpf map struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } mastersecret_go_events SEC(".maps"); struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } events SEC(".maps"); struct { diff --git a/kern/mysqld_kern.c b/kern/mysqld_kern.c index e5974683b..a11bf13bf 100644 --- a/kern/mysqld_kern.c +++ b/kern/mysqld_kern.c @@ -35,6 +35,9 @@ struct { struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } events SEC(".maps"); SEC("uprobe/dispatch_command") diff --git a/kern/nspr_kern.c b/kern/nspr_kern.c index 5bd7cfcd3..594eefed6 100644 --- a/kern/nspr_kern.c +++ b/kern/nspr_kern.c @@ -28,6 +28,9 @@ struct ssl_data_event_t { struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } nspr_events SEC(".maps"); /*********************************************************** diff --git a/kern/postgres_kern.c b/kern/postgres_kern.c index 7ec791578..64f1a6137 100644 --- a/kern/postgres_kern.c +++ b/kern/postgres_kern.c @@ -23,6 +23,9 @@ struct data_t { struct { __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY); + __uint(key_size, sizeof(u32)); + __uint(value_size, sizeof(u32)); + __uint(max_entries, 1024); } events SEC(".maps"); // https://github.com/postgres/postgres/blob/7b7ed046cb2ad9f6efac90380757d5977f0f563f/src/backend/tcop/postgres.c#L987-L992 From c9980842628b853dc4f5bdcd48fd0539eed3f19a Mon Sep 17 00:00:00 2001 From: cfc4n Date: Sat, 14 Oct 2023 23:28:42 +0800 Subject: [PATCH 2/2] fix veristat test failed. unrecognized ELF section name 'classifier/egress' Signed-off-by: cfc4n --- kern/tc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kern/tc.h b/kern/tc.h index 184f9da8b..832a4b200 100644 --- a/kern/tc.h +++ b/kern/tc.h @@ -223,13 +223,13 @@ static __always_inline int capture_packets(struct __sk_buff *skb, bool is_ingres } // egress_cls_func is called for packets that are going out of the network -SEC("classifier/egress") +SEC("classifier") int egress_cls_func(struct __sk_buff *skb) { return capture_packets(skb, false); }; // ingress_cls_func is called for packets that are coming into the network -SEC("classifier/ingress") +SEC("classifier") int ingress_cls_func(struct __sk_buff *skb) { return capture_packets(skb, true); };