[216] Add Support For Flow Dissector Programs

aya-rs · Oct 1, 2023 · 0ab5fe6 · 0ab5fe6
1 parent c547dd7
commit 0ab5fe6
Show file tree

Hide file tree

Showing 10 changed files with 300 additions and 54 deletions.
diff --git a/aya-bpf-macros/src/flow_dissector.rs b/aya-bpf-macros/src/flow_dissector.rs
@@ -0,0 +1,66 @@
+use proc_macro2::TokenStream;
+use proc_macro_error::abort;
+use quote::quote;
+use syn::{ItemFn, Result};
+
+pub(crate) struct FlowDissector {
+    item: ItemFn,
+}
+
+impl FlowDissector {
+    pub(crate) fn parse(attrs: TokenStream, item: TokenStream) -> Result<Self> {
+        if !attrs.is_empty() {
+            abort!(attrs, "unexpected attribute")
+        }
+        let item = syn::parse2(item)?;
+        Ok(FlowDissector { item })
+    }
+
+    pub(crate) fn expand(&self) -> Result<TokenStream> {
+        let fn_name = self.item.sig.ident.clone();
+        let fn_vis = &self.item.vis;
+        let item = &self.item;
+        Ok(quote! {
+            #[no_mangle]
+            #[link_section = "flow_dissector"]
+            #fn_vis fn #fn_name(ctx: *mut ::aya_bpf::bindings::__sk_buff) -> u32 {
+                return #fn_name(::aya_bpf::programs::FlowDissectorContext::new(ctx));
+
+                #item
+            }
+        })
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use syn::parse_quote;
+
+    use super::*;
+
+    #[test]
+    fn test_flow_dissector() {
+        let prog = FlowDissector::parse(
+            parse_quote! {},
+            parse_quote! {
+                fn prog(ctx: &mut ::aya_bpf::programs::FlowDissectorContext) -> u32 {
+                    0
+                }
+            },
+        )
+        .unwrap();
+        let expanded = prog.expand().unwrap();
+        let expected = quote! {
+            #[no_mangle]
+            #[link_section = "flow_dissector"]
+            fn prog(ctx: *mut ::aya_bpf::bindings::__sk_buff) -> u32 {
+                return prog(::aya_bpf::programs::FlowDissectorContext::new(ctx));
+
+                fn prog(ctx: &mut ::aya_bpf::programs::FlowDissectorContext) -> u32 {
+                    0
+                }
+            }
+        };
+        assert_eq!(expected.to_string(), expanded.to_string());
+    }
+}
diff --git a/aya-bpf-macros/src/lib.rs b/aya-bpf-macros/src/lib.rs
@@ -8,6 +8,7 @@ mod cgroup_sockopt;
 mod cgroup_sysctl;
 mod fentry;
 mod fexit;
+mod flow_dissector;
 mod kprobe;
 mod lsm;
 mod map;
@@ -32,6 +33,7 @@ use cgroup_sockopt::CgroupSockopt;
 use cgroup_sysctl::CgroupSysctl;
 use fentry::FEntry;
 use fexit::FExit;
+use flow_dissector::FlowDissector;
 use kprobe::{KProbe, KProbeKind};
 use lsm::Lsm;
 use map::Map;
@@ -605,6 +607,21 @@ pub fn fexit(attrs: TokenStream, item: TokenStream) -> TokenStream {
     }
 }
 
+/// Marks a function as an eBPF Flow Dissector program that can be attached to
+/// a network namespace.
+///
+#[proc_macro_error]
+#[proc_macro_attribute]
+pub fn flow_dissector(attrs: TokenStream, item: TokenStream) -> TokenStream {
+    match FlowDissector::parse(attrs.into(), item.into()) {
+        Ok(prog) => prog
+            .expand()
+            .unwrap_or_else(|err| abort!(err.span(), "{}", err))
+            .into(),
+        Err(err) => abort!(err.span(), "{}", err),
+    }
+}
+
 /// Marks a function as an eBPF Socket Lookup program that can be attached to
 /// a network namespace.
 ///

diff --git a/aya-obj/src/generated/btf_internal_bindings.rs b/aya-obj/src/generated/btf_internal_bindings.rs
@@ -1,4 +1,4 @@
-/* automatically generated by rust-bindgen 0.65.1 */
+/* automatically generated by rust-bindgen 0.68.1 */
 
 pub type __u8 = ::core::ffi::c_uchar;
 pub type __u16 = ::core::ffi::c_ushort;

diff --git a/aya-obj/src/generated/linux_bindings_x86_64.rs b/aya-obj/src/generated/linux_bindings_x86_64.rs
@@ -1,4 +1,4 @@
-/* automatically generated by rust-bindgen 0.65.1 */
+/* automatically generated by rust-bindgen 0.68.1 */
 
 #[repr(C)]
 #[derive(Copy, Clone, Debug, Default, Eq, Hash, Ord, PartialEq, PartialOrd)]
@@ -110,6 +110,8 @@ impl<T> ::core::fmt::Debug for __IncompleteArrayField<T> {
         fmt.write_str("__IncompleteArrayField")
     }
 }
+pub const SO_ATTACH_BPF: u32 = 50;
+pub const SO_DETACH_BPF: u32 = 27;
 pub const BPF_LD: u32 = 0;
 pub const BPF_LDX: u32 = 1;
 pub const BPF_ST: u32 = 2;
@@ -148,12 +150,6 @@ pub const BPF_F_TEST_XDP_LIVE_FRAMES: u32 = 2;
 pub const BTF_INT_SIGNED: u32 = 1;
 pub const BTF_INT_CHAR: u32 = 2;
 pub const BTF_INT_BOOL: u32 = 4;
-pub const PERF_MAX_STACK_DEPTH: u32 = 127;
-pub const PERF_MAX_CONTEXTS_PER_STACK: u32 = 8;
-pub const PERF_FLAG_FD_NO_GROUP: u32 = 1;
-pub const PERF_FLAG_FD_OUTPUT: u32 = 2;
-pub const PERF_FLAG_PID_CGROUP: u32 = 4;
-pub const PERF_FLAG_FD_CLOEXEC: u32 = 8;
 pub const NLMSG_ALIGNTO: u32 = 4;
 pub const XDP_FLAGS_UPDATE_IF_NOEXIST: u32 = 1;
 pub const XDP_FLAGS_SKB_MODE: u32 = 2;
@@ -162,8 +158,12 @@ pub const XDP_FLAGS_HW_MODE: u32 = 8;
 pub const XDP_FLAGS_REPLACE: u32 = 16;
 pub const XDP_FLAGS_MODES: u32 = 14;
 pub const XDP_FLAGS_MASK: u32 = 31;
-pub const SO_ATTACH_BPF: u32 = 50;
-pub const SO_DETACH_BPF: u32 = 27;
+pub const PERF_MAX_STACK_DEPTH: u32 = 127;
+pub const PERF_MAX_CONTEXTS_PER_STACK: u32 = 8;
+pub const PERF_FLAG_FD_NO_GROUP: u32 = 1;
+pub const PERF_FLAG_FD_OUTPUT: u32 = 2;
+pub const PERF_FLAG_PID_CGROUP: u32 = 4;
+pub const PERF_FLAG_FD_CLOEXEC: u32 = 8;
 pub const TC_H_MAJ_MASK: u32 = 4294901760;
 pub const TC_H_MIN_MASK: u32 = 65535;
 pub const TC_H_UNSPEC: u32 = 0;
@@ -402,7 +402,8 @@ pub enum bpf_attach_type {
     BPF_TRACE_KPROBE_MULTI = 42,
     BPF_LSM_CGROUP = 43,
     BPF_STRUCT_OPS = 44,
-    __MAX_BPF_ATTACH_TYPE = 45,
+    BPF_NETFILTER = 45,
+    __MAX_BPF_ATTACH_TYPE = 46,
 }
 #[repr(u32)]
 #[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
@@ -1150,6 +1151,17 @@ pub struct btf_var_secinfo {
 pub struct btf_decl_tag {
     pub component_idx: __s32,
 }
+pub const IFLA_XDP_UNSPEC: _bindgen_ty_84 = 0;
+pub const IFLA_XDP_FD: _bindgen_ty_84 = 1;
+pub const IFLA_XDP_ATTACHED: _bindgen_ty_84 = 2;
+pub const IFLA_XDP_FLAGS: _bindgen_ty_84 = 3;
+pub const IFLA_XDP_PROG_ID: _bindgen_ty_84 = 4;
+pub const IFLA_XDP_DRV_PROG_ID: _bindgen_ty_84 = 5;
+pub const IFLA_XDP_SKB_PROG_ID: _bindgen_ty_84 = 6;
+pub const IFLA_XDP_HW_PROG_ID: _bindgen_ty_84 = 7;
+pub const IFLA_XDP_EXPECTED_FD: _bindgen_ty_84 = 8;
+pub const __IFLA_XDP_MAX: _bindgen_ty_84 = 9;
+pub type _bindgen_ty_84 = ::core::ffi::c_uint;
 #[repr(u32)]
 #[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
 pub enum perf_type_id {
@@ -2121,17 +2133,20 @@ pub enum perf_event_type {
     PERF_RECORD_AUX_OUTPUT_HW_ID = 21,
     PERF_RECORD_MAX = 22,
 }
-pub const IFLA_XDP_UNSPEC: _bindgen_ty_90 = 0;
-pub const IFLA_XDP_FD: _bindgen_ty_90 = 1;
-pub const IFLA_XDP_ATTACHED: _bindgen_ty_90 = 2;
-pub const IFLA_XDP_FLAGS: _bindgen_ty_90 = 3;
-pub const IFLA_XDP_PROG_ID: _bindgen_ty_90 = 4;
-pub const IFLA_XDP_DRV_PROG_ID: _bindgen_ty_90 = 5;
-pub const IFLA_XDP_SKB_PROG_ID: _bindgen_ty_90 = 6;
-pub const IFLA_XDP_HW_PROG_ID: _bindgen_ty_90 = 7;
-pub const IFLA_XDP_EXPECTED_FD: _bindgen_ty_90 = 8;
-pub const __IFLA_XDP_MAX: _bindgen_ty_90 = 9;
-pub type _bindgen_ty_90 = ::core::ffi::c_uint;
+pub const TCA_BPF_UNSPEC: _bindgen_ty_148 = 0;
+pub const TCA_BPF_ACT: _bindgen_ty_148 = 1;
+pub const TCA_BPF_POLICE: _bindgen_ty_148 = 2;
+pub const TCA_BPF_CLASSID: _bindgen_ty_148 = 3;
+pub const TCA_BPF_OPS_LEN: _bindgen_ty_148 = 4;
+pub const TCA_BPF_OPS: _bindgen_ty_148 = 5;
+pub const TCA_BPF_FD: _bindgen_ty_148 = 6;
+pub const TCA_BPF_NAME: _bindgen_ty_148 = 7;
+pub const TCA_BPF_FLAGS: _bindgen_ty_148 = 8;
+pub const TCA_BPF_FLAGS_GEN: _bindgen_ty_148 = 9;
+pub const TCA_BPF_TAG: _bindgen_ty_148 = 10;
+pub const TCA_BPF_ID: _bindgen_ty_148 = 11;
+pub const __TCA_BPF_MAX: _bindgen_ty_148 = 12;
+pub type _bindgen_ty_148 = ::core::ffi::c_uint;
 #[repr(C)]
 #[derive(Debug, Copy, Clone)]
 pub struct ifinfomsg {
@@ -2153,37 +2168,25 @@ pub struct tcmsg {
     pub tcm_parent: __u32,
     pub tcm_info: __u32,
 }
-pub const TCA_UNSPEC: _bindgen_ty_103 = 0;
-pub const TCA_KIND: _bindgen_ty_103 = 1;
-pub const TCA_OPTIONS: _bindgen_ty_103 = 2;
-pub const TCA_STATS: _bindgen_ty_103 = 3;
-pub const TCA_XSTATS: _bindgen_ty_103 = 4;
-pub const TCA_RATE: _bindgen_ty_103 = 5;
-pub const TCA_FCNT: _bindgen_ty_103 = 6;
-pub const TCA_STATS2: _bindgen_ty_103 = 7;
-pub const TCA_STAB: _bindgen_ty_103 = 8;
-pub const TCA_PAD: _bindgen_ty_103 = 9;
-pub const TCA_DUMP_INVISIBLE: _bindgen_ty_103 = 10;
-pub const TCA_CHAIN: _bindgen_ty_103 = 11;
-pub const TCA_HW_OFFLOAD: _bindgen_ty_103 = 12;
-pub const TCA_INGRESS_BLOCK: _bindgen_ty_103 = 13;
-pub const TCA_EGRESS_BLOCK: _bindgen_ty_103 = 14;
-pub const __TCA_MAX: _bindgen_ty_103 = 15;
-pub type _bindgen_ty_103 = ::core::ffi::c_uint;
-pub const TCA_BPF_UNSPEC: _bindgen_ty_159 = 0;
-pub const TCA_BPF_ACT: _bindgen_ty_159 = 1;
-pub const TCA_BPF_POLICE: _bindgen_ty_159 = 2;
-pub const TCA_BPF_CLASSID: _bindgen_ty_159 = 3;
-pub const TCA_BPF_OPS_LEN: _bindgen_ty_159 = 4;
-pub const TCA_BPF_OPS: _bindgen_ty_159 = 5;
-pub const TCA_BPF_FD: _bindgen_ty_159 = 6;
-pub const TCA_BPF_NAME: _bindgen_ty_159 = 7;
-pub const TCA_BPF_FLAGS: _bindgen_ty_159 = 8;
-pub const TCA_BPF_FLAGS_GEN: _bindgen_ty_159 = 9;
-pub const TCA_BPF_TAG: _bindgen_ty_159 = 10;
-pub const TCA_BPF_ID: _bindgen_ty_159 = 11;
-pub const __TCA_BPF_MAX: _bindgen_ty_159 = 12;
-pub type _bindgen_ty_159 = ::core::ffi::c_uint;
+pub const TCA_UNSPEC: _bindgen_ty_168 = 0;
+pub const TCA_KIND: _bindgen_ty_168 = 1;
+pub const TCA_OPTIONS: _bindgen_ty_168 = 2;
+pub const TCA_STATS: _bindgen_ty_168 = 3;
+pub const TCA_XSTATS: _bindgen_ty_168 = 4;
+pub const TCA_RATE: _bindgen_ty_168 = 5;
+pub const TCA_FCNT: _bindgen_ty_168 = 6;
+pub const TCA_STATS2: _bindgen_ty_168 = 7;
+pub const TCA_STAB: _bindgen_ty_168 = 8;
+pub const TCA_PAD: _bindgen_ty_168 = 9;
+pub const TCA_DUMP_INVISIBLE: _bindgen_ty_168 = 10;
+pub const TCA_CHAIN: _bindgen_ty_168 = 11;
+pub const TCA_HW_OFFLOAD: _bindgen_ty_168 = 12;
+pub const TCA_INGRESS_BLOCK: _bindgen_ty_168 = 13;
+pub const TCA_EGRESS_BLOCK: _bindgen_ty_168 = 14;
+pub const TCA_DUMP_FLAGS: _bindgen_ty_168 = 15;
+pub const TCA_EXT_WARN_MSG: _bindgen_ty_168 = 16;
+pub const __TCA_MAX: _bindgen_ty_168 = 17;
+pub type _bindgen_ty_168 = ::core::ffi::c_uint;
 pub const AYA_PERF_EVENT_IOC_ENABLE: ::core::ffi::c_int = 9216;
 pub const AYA_PERF_EVENT_IOC_DISABLE: ::core::ffi::c_int = 9217;
 pub const AYA_PERF_EVENT_IOC_SET_BPF: ::core::ffi::c_int = 1074013192;
diff --git a/aya-obj/src/obj.rs b/aya-obj/src/obj.rs
@@ -264,6 +264,7 @@ pub enum ProgramSection {
     FExit {
         sleepable: bool,
     },
+    FlowDissector,
     Extension,
     SkLookup,
     CgroupSock {
@@ -419,6 +420,7 @@ impl FromStr for ProgramSection {
             "fentry.s" => FEntry { sleepable: true },
             "fexit" => FExit { sleepable: false },
             "fexit.s" => FExit { sleepable: true },
+            "flow_dissector" => FlowDissector,
             "freplace" => Extension,
             "sk_lookup" => SkLookup,
             _ => {

diff --git a/aya/src/bpf.rs b/aya/src/bpf.rs
@@ -31,7 +31,7 @@ use crate::{
     },
     programs::{
         BtfTracePoint, CgroupDevice, CgroupSkb, CgroupSkbAttachType, CgroupSock, CgroupSockAddr,
-        CgroupSockopt, CgroupSysctl, Extension, FEntry, FExit, KProbe, LircMode2, Lsm, PerfEvent,
+        CgroupSockopt, CgroupSysctl, Extension, FEntry, FExit, FlowDissector, KProbe, LircMode2, Lsm, PerfEvent,
         ProbeKind, Program, ProgramData, ProgramError, RawTracePoint, SchedClassifier, SkLookup,
         SkMsg, SkSkb, SkSkbKind, SockOps, SocketFilter, TracePoint, UProbe, Xdp,
     },
@@ -434,6 +434,7 @@ impl<'a> BpfLoader<'a> {
                                 | ProgramSection::PerfEvent
                                 | ProgramSection::RawTracePoint
                                 | ProgramSection::SkLookup
+                                | ProgramSection::FlowDissector
                                 | ProgramSection::CgroupSock { attach_type: _ }
                                 | ProgramSection::CgroupDevice => {}
                             }
@@ -666,6 +667,9 @@ impl<'a> BpfLoader<'a> {
                             }
                             Program::FExit(FExit { data })
                         }
+                        ProgramSection::FlowDissector => Program::FlowDissector(FlowDissector {
+                            data: ProgramData::new(prog_name, obj, btf_fd, *verifier_log_level)
+                        }),
                         ProgramSection::Extension => Program::Extension(Extension {
                             data: ProgramData::new(prog_name, obj, btf_fd, *verifier_log_level),
                         }),