linux/samples/bpf
Daniel T. Lee 5a86381321 samples: bpf: fix: error handling regarding kprobe_events
Currently, kprobe_events failure won't be handled properly.
Due to calling system() indirectly to write to kprobe_events,
it can't be identified whether an error is derived from kprobe or system.

    // buf = "echo '%c:%s %s' >> /s/k/d/t/kprobe_events"
    err = system(buf);
    if (err < 0) {
        printf("failed to create kprobe ..");
        return -1;
    }

For example, running ./tracex7 sample in ext4 partition,
"echo p:open_ctree open_ctree >> /s/k/d/t/kprobe_events"
gets 256 error code system() failure.
=> The error comes from kprobe, but it's not handled correctly.

According to man of system(3), it's return value
just passes the termination status of the child shell
rather than treating the error as -1. (don't care success)

Which means, currently it's not working as desired.
(According to the upper code snippet)

    ex) running ./tracex7 with ext4 env.
    # Current Output
    sh: echo: I/O error
    failed to open event open_ctree

    # Desired Output
    failed to create kprobe 'open_ctree' error 'No such file or directory'

The problem is, error can't be verified whether from child ps
or system. But using write() directly can verify the command
failure, and it will treat all error as -1. So I suggest using
write() directly to 'kprobe_events' rather than calling system().

Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-11-23 22:39:09 +01:00
..
.gitignore samples/bpf: add .gitignore file 2018-07-05 09:58:53 +02:00
bpf_insn.h samples: bpf: rename libbpf.h to bpf_insn.h 2018-05-14 22:52:10 -07:00
bpf_load.c samples: bpf: fix: error handling regarding kprobe_events 2018-11-23 22:39:09 +01:00
bpf_load.h samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
cookie_uid_helper_example.c samples: bpf: rename libbpf.h to bpf_insn.h 2018-05-14 22:52:10 -07:00
cpustat_kern.c samples/bpf: Add program for CPU state statistics 2018-02-26 10:54:02 +01:00
cpustat_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
fds_example.c samples: bpf: rename libbpf.h to bpf_insn.h 2018-05-14 22:52:10 -07:00
hash_func01.h samples/bpf: add Paul Hsieh's (LGPL 2.1) hash function SuperFastHash 2018-08-10 16:07:49 +02:00
lathist_kern.c bpf: BPF based latency tracing 2015-06-23 06:09:58 -07:00
lathist_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
load_sock_ops.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
lwt_len_hist_kern.c bpf: Add tests and samples for LWT-BPF 2016-12-02 10:52:00 -05:00
lwt_len_hist_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
lwt_len_hist.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Makefile tools/bpf: do not use pahole if clang/llvm can generate BTF sections 2018-11-20 10:54:39 -08:00
map_perf_test_kern.c samples/bpf: Use getppid instead of getpgrp for array map stress 2017-09-21 11:59:16 -07:00
map_perf_test_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
offwaketime_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
offwaketime_user.c samples/bpf: move common-purpose trace functions to selftests 2018-04-29 08:45:54 -07:00
parse_ldabs.c bpf: fix samples to add fake KBUILD_MODNAME 2016-10-29 14:46:12 -04:00
parse_simple.c bpf: fix samples to add fake KBUILD_MODNAME 2016-10-29 14:46:12 -04:00
parse_varlen.c samples/bpf: add missing <linux/if_vlan.h> 2018-07-05 09:58:52 +02:00
README.rst samples/bpf: Add documentation on cross compilation 2017-09-21 11:59:16 -07:00
run_cookie_uid_helper_example.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sampleip_kern.c bpf/samples: Fix PT_REGS_IP on s390x and use it 2016-11-28 16:26:46 -05:00
sampleip_user.c samples/bpf: remove duplicated includes 2018-09-18 17:49:33 +02:00
sock_example.c samples: bpf: rename libbpf.h to bpf_insn.h 2018-05-14 22:52:10 -07:00
sock_example.h samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
sock_flags_kern.c samples/bpf: Update cgroup socket examples to use uid gid helper 2017-09-01 06:05:15 +01:00
sockex1_kern.c samples: bpf: add skb->field examples and tests 2015-03-15 22:02:28 -04:00
sockex1_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
sockex2_kern.c samples/bpf: fix compilation failure 2018-09-21 22:51:16 +02:00
sockex2_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
sockex3_kern.c samples/bpf: fix compilation failure 2018-09-21 22:51:16 +02:00
sockex3_user.c samples/bpf: fix compilation failure 2018-09-21 22:51:16 +02:00
spintest_kern.c samples/bpf: Enable powerpc support 2016-04-06 16:01:29 -04:00
spintest_user.c samples/bpf: move common-purpose trace functions to selftests 2018-04-29 08:45:54 -07:00
syscall_nrs.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
syscall_tp_kern.c bpf: add a test case for syscalls/sys_{enter|exit}_* tracepoints 2017-08-07 14:09:48 -07:00
syscall_tp_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
task_fd_query_kern.c samples/bpf: add a samples/bpf test for BPF_TASK_FD_QUERY 2018-05-24 18:18:20 -07:00
task_fd_query_user.c samples/bpf: add a samples/bpf test for BPF_TASK_FD_QUERY 2018-05-24 18:18:20 -07:00
tc_l2_redirect_kern.c bpf: fix samples xdp_tx_iptunnel and tc_l2_redirect with fake KBUILD_MODNAME 2017-01-20 12:04:07 -05:00
tc_l2_redirect_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tc_l2_redirect.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcbpf1_kern.c bpf: fix samples to add fake KBUILD_MODNAME 2016-10-29 14:46:12 -04:00
tcp_basertt_kern.c bpf: sample BPF_SOCKET_OPS_BASE_RTT program 2017-10-22 03:12:05 +01:00
tcp_bpf.readme bpf: Rename tcp_bbf.readme to tcp_bpf.readme 2017-11-08 12:13:41 +09:00
tcp_bufs_kern.c bpf: Fix tcp_bufs_kern.c sample program 2017-11-11 15:52:41 +09:00
tcp_clamp_kern.c bpf: Fix tcp_clamp_kern.c sample program 2017-11-11 15:52:41 +09:00
tcp_cong_kern.c bpf: Fix tcp_cong_kern.c sample program 2017-11-11 15:52:41 +09:00
tcp_iw_kern.c bpf: Fix tcp_iw_kern.c sample program 2017-11-11 15:52:41 +09:00
tcp_rwnd_kern.c bpf: Fix tcp_rwnd_kern.c sample program 2017-11-11 15:52:41 +09:00
tcp_synrto_kern.c bpf: Fix tcp_synrto_kern.c sample program 2017-11-11 15:52:41 +09:00
tcp_tos_reflect_kern.c bpf: add TCP_SAVE_SYN/TCP_SAVED_SYN sample program 2018-09-01 01:36:04 +02:00
test_cgrp2_array_pin.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
test_cgrp2_attach2.c samples/bpf: extend test_cgrp2_attach2 test to use per-cpu cgroup storage 2018-10-01 16:18:33 +02:00
test_cgrp2_attach.c samples: bpf: rename libbpf.h to bpf_insn.h 2018-05-14 22:52:10 -07:00
test_cgrp2_sock2.c samples/bpf: test_cgrp2_sock2: fix an off by one 2018-07-16 15:01:09 -07:00
test_cgrp2_sock2.sh samples/bpf: detach prog from cgroup 2018-03-02 00:16:36 +01:00
test_cgrp2_sock.c samples: bpf: rename libbpf.h to bpf_insn.h 2018-05-14 22:52:10 -07:00
test_cgrp2_sock.sh samples/bpf: detach prog from cgroup 2018-03-02 00:16:36 +01:00
test_cgrp2_tc_kern.c bpf: fix samples to add fake KBUILD_MODNAME 2016-10-29 14:46:12 -04:00
test_cgrp2_tc.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
test_cls_bpf.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
test_current_task_under_cgroup_kern.c samples/bpf: Add test_current_task_under_cgroup test 2016-08-12 21:49:42 -07:00
test_current_task_under_cgroup_user.c samples/bpf: remove duplicated includes 2018-09-18 17:49:33 +02:00
test_ipip.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
test_lru_dist.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
test_lwt_bpf.c bpf: Add tests and samples for LWT-BPF 2016-12-02 10:52:00 -05:00
test_lwt_bpf.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
test_map_in_map_kern.c bpf: Add tests for map-in-map 2017-03-22 15:45:45 -07:00
test_map_in_map_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
test_overhead_kprobe_kern.c samples/bpf: add tracepoint vs kprobe performance tests 2016-04-07 21:04:27 -04:00
test_overhead_raw_tp_kern.c samples/bpf: raw tracepoint test 2018-03-28 22:55:19 +02:00
test_overhead_tp_kern.c samples/bpf: add tracepoint vs kprobe performance tests 2016-04-07 21:04:27 -04:00
test_overhead_user.c samples/bpf: Check the error of write() and read() 2018-07-05 09:58:52 +02:00
test_override_return.sh samples/bpf: add a test for bpf_override_return 2017-12-12 09:02:40 -08:00
test_probe_write_user_kern.c samples/bpf: Add test/example of using bpf_probe_write_user bpf helper 2016-07-25 18:07:48 -07:00
test_probe_write_user_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
trace_event_kern.c samples/bpf: add example to test reading address 2018-03-08 02:22:34 +01:00
trace_event_user.c samples/bpf: Check the result of system() 2018-07-05 09:58:52 +02:00
trace_output_kern.c samples/bpf: fix trace_output example 2016-04-28 17:29:45 -04:00
trace_output_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tracex1_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
tracex1_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tracex2_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
tracex2_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tracex3_kern.c samples/bpf: update tracex[23] examples to use per-cpu maps 2016-02-06 03:34:36 -05:00
tracex3_user.c bpf, tracex3_user: erase "ARRAY_SIZE" redefined 2018-10-04 16:31:57 +02:00
tracex4_kern.c samples/bpf: Enable powerpc support 2016-04-06 16:01:29 -04:00
tracex4_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tracex5_kern.c samples/bpf: Fix tracex5 to work with MIPS syscalls. 2017-06-14 15:03:23 -04:00
tracex5_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tracex6_kern.c bpf: add a test case for helper bpf_perf_event_read_value 2017-10-07 23:05:57 +01:00
tracex6_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
tracex7_kern.c samples/bpf: add a test for bpf_override_return 2017-12-12 09:02:40 -08:00
tracex7_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
xdp1_kern.c bpf: make xdp sample variable names more meaningful 2016-07-20 22:07:24 -07:00
xdp1_user.c samples: bpf: convert some XDP samples from bpf_load to libbpf 2018-05-11 01:44:17 +02:00
xdp2_kern.c bpf: make xdp sample variable names more meaningful 2016-07-20 22:07:24 -07:00
xdp2skb_meta_kern.c samples/bpf: xdp2skb_meta comment explain why pkt-data pointers are invalidated 2018-01-18 01:49:09 +01:00
xdp2skb_meta.sh samples/bpf: Fix tc and ip paths in xdp2skb_meta.sh 2018-07-10 09:19:01 +02:00
xdp_adjust_tail_kern.c bpf: add bpf_xdp_adjust_tail sample prog 2018-04-18 23:34:17 +02:00
xdp_adjust_tail_user.c samples: bpf: convert some XDP samples from bpf_load to libbpf 2018-05-11 01:44:17 +02:00
xdp_fwd_kern.c bpf: Change bpf_fib_lookup to return lookup status 2018-06-29 00:02:02 +02:00
xdp_fwd_user.c samples: bpf: convert xdp_fwd_user.c to libbpf 2018-07-27 07:18:44 +02:00
xdp_monitor_kern.c samples/bpf: xdp_monitor use err code from tracepoint xdp:xdp_devmap_xmit 2018-05-24 18:36:15 -07:00
xdp_monitor_user.c samples/bpf: xdp_monitor use err code from tracepoint xdp:xdp_devmap_xmit 2018-05-24 18:36:15 -07:00
xdp_redirect_cpu_kern.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2018-08-13 10:07:23 -07:00
xdp_redirect_cpu_user.c samples/bpf: all XDP samples should unload xdp/bpf prog on SIGTERM 2018-08-16 21:55:32 +02:00
xdp_redirect_kern.c samples/bpf: Fix compilation issue in redirect dummy program 2017-08-31 11:56:57 -07:00
xdp_redirect_map_kern.c samples/bpf: Fix compilation issue in redirect dummy program 2017-08-31 11:56:57 -07:00
xdp_redirect_map_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
xdp_redirect_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
xdp_router_ipv4_kern.c xdp: Sample xdp program implementing ip forward 2017-11-08 10:39:41 +09:00
xdp_router_ipv4_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
xdp_rxq_info_kern.c samples/bpf: xdp_rxq_info action XDP_TX must adjust MAC-addrs 2018-06-28 23:50:20 +02:00
xdp_rxq_info_user.c samples/bpf: all XDP samples should unload xdp/bpf prog on SIGTERM 2018-08-16 21:55:32 +02:00
xdp_sample_pkts_kern.c samples/bpf: Add xdp_sample_pkts example 2018-06-27 11:01:03 +02:00
xdp_sample_pkts_user.c samples/bpf: Add xdp_sample_pkts example 2018-06-27 11:01:03 +02:00
xdp_tx_iptunnel_common.h bpf: xdp: Add XDP example for head adjustment 2016-12-08 14:25:13 -05:00
xdp_tx_iptunnel_kern.c bpf: fix samples xdp_tx_iptunnel and tc_l2_redirect with fake KBUILD_MODNAME 2017-01-20 12:04:07 -05:00
xdp_tx_iptunnel_user.c samples: bpf: include bpf/bpf.h instead of local libbpf.h 2018-05-14 22:52:10 -07:00
xdpsock_kern.c samples/bpf: xdpsock, minor fixes 2018-09-01 01:36:08 +02:00
xdpsock_user.c samples/bpf: xdpsock, minor fixes 2018-09-01 01:36:08 +02:00
xdpsock.h samples/bpf: sample application and documentation for AF_XDP sockets 2018-05-03 15:55:25 -07:00

eBPF sample programs
====================

This directory contains a test stubs, verifier test-suite and examples
for using eBPF. The examples use libbpf from tools/lib/bpf.

Build dependencies
==================

Compiling requires having installed:
 * clang >= version 3.4.0
 * llvm >= version 3.7.1

Note that LLVM's tool 'llc' must support target 'bpf', list version
and supported targets with command: ``llc --version``

Kernel headers
--------------

There are usually dependencies to header files of the current kernel.
To avoid installing devel kernel headers system wide, as a normal
user, simply call::

 make headers_install

This will creates a local "usr/include" directory in the git/build top
level directory, that the make system automatically pickup first.

Compiling
=========

For building the BPF samples, issue the below command from the kernel
top level directory::

 make samples/bpf/

Do notice the "/" slash after the directory name.

It is also possible to call make from this directory.  This will just
hide the the invocation of make as above with the appended "/".

Manually compiling LLVM with 'bpf' support
------------------------------------------

Since version 3.7.0, LLVM adds a proper LLVM backend target for the
BPF bytecode architecture.

By default llvm will build all non-experimental backends including bpf.
To generate a smaller llc binary one can use::

 -DLLVM_TARGETS_TO_BUILD="BPF"

Quick sniplet for manually compiling LLVM and clang
(build dependencies are cmake and gcc-c++)::

 $ git clone http://llvm.org/git/llvm.git
 $ cd llvm/tools
 $ git clone --depth 1 http://llvm.org/git/clang.git
 $ cd ..; mkdir build; cd build
 $ cmake .. -DLLVM_TARGETS_TO_BUILD="BPF;X86"
 $ make -j $(getconf _NPROCESSORS_ONLN)

It is also possible to point make to the newly compiled 'llc' or
'clang' command via redefining LLC or CLANG on the make command line::

 make samples/bpf/ LLC=~/git/llvm/build/bin/llc CLANG=~/git/llvm/build/bin/clang

Cross compiling samples
-----------------------
In order to cross-compile, say for arm64 targets, export CROSS_COMPILE and ARCH
environment variables before calling make. This will direct make to build
samples for the cross target.

export ARCH=arm64
export CROSS_COMPILE="aarch64-linux-gnu-"
make samples/bpf/ LLC=~/git/llvm/build/bin/llc CLANG=~/git/llvm/build/bin/clang