mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 13:45:38 +00:00
util: introduce virbpf helpers
In order to implement devices controller with cgroup v2 we need to add support for BPF programs, cgroup v2 doesn't have devices controller. This introduces required helpers wrapping linux syscalls. Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
parent
9e4445ebc3
commit
07946d6e39
@ -881,6 +881,11 @@ AC_CHECK_DECLS([clock_serv_t, host_get_clock_service, clock_get_time],
|
||||
#include <mach/mach.h>
|
||||
])
|
||||
|
||||
# Check if we have new enough kernel to support BPF devices for cgroups v2
|
||||
if test "$with_linux" = "yes"; then
|
||||
AC_CHECK_DECLS([BPF_PROG_QUERY], [], [], [#include <linux/bpf.h>])
|
||||
fi
|
||||
|
||||
# Check if we need to look for ifconfig
|
||||
if test "$want_ifconfig" = "yes"; then
|
||||
AC_PATH_PROG([IFCONFIG_PATH], [ifconfig])
|
||||
|
@ -135,6 +135,7 @@ typedef enum {
|
||||
VIR_FROM_DOMAIN_CHECKPOINT = 69, /* Error from domain checkpoint */
|
||||
|
||||
VIR_FROM_TPM = 70, /* Error from TPM */
|
||||
VIR_FROM_BPF = 71, /* Error from BPF code */
|
||||
|
||||
# ifdef VIR_ENUM_SENTINELS
|
||||
VIR_ERR_DOMAIN_LAST
|
||||
|
@ -224,6 +224,7 @@
|
||||
@SRCDIR@/src/util/virauth.c
|
||||
@SRCDIR@/src/util/virauthconfig.c
|
||||
@SRCDIR@/src/util/virbitmap.c
|
||||
@SRCDIR@/src/util/virbpf.c
|
||||
@SRCDIR@/src/util/vircgroup.c
|
||||
@SRCDIR@/src/util/vircgroupbackend.c
|
||||
@SRCDIR@/src/util/vircgroupbackend.h
|
||||
|
@ -1584,6 +1584,22 @@ virBitmapToString;
|
||||
virBitmapUnion;
|
||||
|
||||
|
||||
# util/virbpf.h
|
||||
virBPFAttachProg;
|
||||
virBPFCreateMap;
|
||||
virBPFDeleteElem;
|
||||
virBPFDetachProg;
|
||||
virBPFGetMap;
|
||||
virBPFGetMapInfo;
|
||||
virBPFGetNextElem;
|
||||
virBPFGetProg;
|
||||
virBPFGetProgInfo;
|
||||
virBPFLoadProg;
|
||||
virBPFLookupElem;
|
||||
virBPFQueryProg;
|
||||
virBPFUpdateElem;
|
||||
|
||||
|
||||
# util/virbuffer.h
|
||||
virBufferAdd;
|
||||
virBufferAddBuffer;
|
||||
|
@ -21,6 +21,8 @@ UTIL_SOURCES = \
|
||||
util/virauthconfig.h \
|
||||
util/virbitmap.c \
|
||||
util/virbitmap.h \
|
||||
util/virbpf.c \
|
||||
util/virbpf.h \
|
||||
util/virbuffer.c \
|
||||
util/virbuffer.h \
|
||||
util/virperf.c \
|
||||
|
436
src/util/virbpf.c
Normal file
436
src/util/virbpf.c
Normal file
@ -0,0 +1,436 @@
|
||||
/*
|
||||
* virbpf.c: methods for eBPF
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 2.1 of the License, or (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this library. If not, see
|
||||
* <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
#include <config.h>
|
||||
|
||||
#include <sys/syscall.h>
|
||||
|
||||
#include "internal.h"
|
||||
|
||||
#include "viralloc.h"
|
||||
#include "virbpf.h"
|
||||
#include "virerror.h"
|
||||
#include "virfile.h"
|
||||
#include "virlog.h"
|
||||
#include "virstring.h"
|
||||
|
||||
VIR_LOG_INIT("util.bpf");
|
||||
|
||||
#define VIR_FROM_THIS VIR_FROM_BPF
|
||||
|
||||
#if HAVE_DECL_BPF_PROG_QUERY
|
||||
int
|
||||
virBPFCreateMap(unsigned int mapType,
|
||||
unsigned int keySize,
|
||||
unsigned int valSize,
|
||||
unsigned int maxEntries)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.map_type = mapType;
|
||||
attr.key_size = keySize;
|
||||
attr.value_size = valSize;
|
||||
attr.max_entries = maxEntries;
|
||||
|
||||
return syscall(SYS_bpf, BPF_MAP_CREATE, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
# define LOG_BUF_SIZE (256 * 1024)
|
||||
|
||||
int
|
||||
virBPFLoadProg(struct bpf_insn *insns,
|
||||
int progType,
|
||||
unsigned int insnCnt)
|
||||
{
|
||||
g_autofree char *logbuf = NULL;
|
||||
int progfd = -1;
|
||||
union bpf_attr attr;
|
||||
|
||||
logbuf = g_new0(char, LOG_BUF_SIZE);
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.prog_type = progType;
|
||||
attr.insn_cnt = (uint32_t)insnCnt;
|
||||
attr.insns = (uint64_t)insns;
|
||||
attr.license = (uint64_t)"GPL";
|
||||
attr.log_buf = (uint64_t)logbuf;
|
||||
attr.log_size = LOG_BUF_SIZE;
|
||||
attr.log_level = 1;
|
||||
|
||||
progfd = syscall(SYS_bpf, BPF_PROG_LOAD, &attr, sizeof(attr));
|
||||
|
||||
if (progfd < 0)
|
||||
VIR_DEBUG("%s", logbuf);
|
||||
|
||||
return progfd;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFAttachProg(int progfd,
|
||||
int targetfd,
|
||||
int attachType)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.target_fd = targetfd;
|
||||
attr.attach_bpf_fd = progfd;
|
||||
attr.attach_type = attachType;
|
||||
|
||||
return syscall(SYS_bpf, BPF_PROG_ATTACH, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFDetachProg(int progfd,
|
||||
int targetfd,
|
||||
int attachType)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.target_fd = targetfd;
|
||||
attr.attach_bpf_fd = progfd;
|
||||
attr.attach_type = attachType;
|
||||
|
||||
return syscall(SYS_bpf, BPF_PROG_DETACH, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFQueryProg(int targetfd,
|
||||
unsigned int maxprogids,
|
||||
int attachType,
|
||||
unsigned int *progcnt,
|
||||
void *progids)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
int rc;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.query.target_fd = targetfd;
|
||||
attr.query.attach_type = attachType;
|
||||
attr.query.prog_cnt = maxprogids;
|
||||
attr.query.prog_ids = (uint64_t)progids;
|
||||
|
||||
rc = syscall(SYS_bpf, BPF_PROG_QUERY, &attr, sizeof(attr));
|
||||
|
||||
if (rc >= 0)
|
||||
*progcnt = attr.query.prog_cnt;
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetProg(unsigned int id)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.prog_id = id;
|
||||
|
||||
return syscall(SYS_bpf, BPF_PROG_GET_FD_BY_ID, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetProgInfo(int progfd,
|
||||
struct bpf_prog_info *info,
|
||||
unsigned int **mapIDs)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
int rc;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.info.bpf_fd = progfd;
|
||||
attr.info.info_len = sizeof(struct bpf_prog_info);
|
||||
attr.info.info = (uint64_t)info;
|
||||
|
||||
rc = syscall(SYS_bpf, BPF_OBJ_GET_INFO_BY_FD, &attr, sizeof(attr));
|
||||
if (rc < 0)
|
||||
return rc;
|
||||
|
||||
if (mapIDs && info->nr_map_ids > 0) {
|
||||
unsigned int maplen = info->nr_map_ids;
|
||||
g_autofree unsigned int *retmapIDs = NULL;
|
||||
|
||||
retmapIDs = g_new0(unsigned int, maplen);
|
||||
|
||||
memset(info, 0, sizeof(struct bpf_prog_info));
|
||||
info->nr_map_ids = maplen;
|
||||
info->map_ids = (uint64_t)retmapIDs;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
attr.info.bpf_fd = progfd;
|
||||
attr.info.info_len = sizeof(struct bpf_prog_info);
|
||||
attr.info.info = (uint64_t)info;
|
||||
|
||||
rc = syscall(SYS_bpf, BPF_OBJ_GET_INFO_BY_FD, &attr, sizeof(attr));
|
||||
if (rc < 0)
|
||||
return rc;
|
||||
|
||||
*mapIDs = g_steal_pointer(&retmapIDs);
|
||||
}
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetMap(unsigned int id)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.map_id = id;
|
||||
|
||||
return syscall(SYS_bpf, BPF_MAP_GET_FD_BY_ID, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetMapInfo(int mapfd,
|
||||
struct bpf_map_info *info)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.info.bpf_fd = mapfd;
|
||||
attr.info.info_len = sizeof(struct bpf_map_info);
|
||||
attr.info.info = (uint64_t)info;
|
||||
|
||||
return syscall(SYS_bpf, BPF_OBJ_GET_INFO_BY_FD, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFLookupElem(int mapfd,
|
||||
void *key,
|
||||
void *val)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.map_fd = mapfd;
|
||||
attr.key = (uint64_t)key;
|
||||
attr.value = (uint64_t)val;
|
||||
|
||||
return syscall(SYS_bpf, BPF_MAP_LOOKUP_ELEM, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetNextElem(int mapfd,
|
||||
void *key,
|
||||
void *nextKey)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.map_fd = mapfd;
|
||||
attr.key = (uint64_t)key;
|
||||
attr.next_key = (uint64_t)nextKey;
|
||||
|
||||
return syscall(SYS_bpf, BPF_MAP_GET_NEXT_KEY, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFUpdateElem(int mapfd,
|
||||
void *key,
|
||||
void *val)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.map_fd = mapfd;
|
||||
attr.key = (uint64_t)key;
|
||||
attr.value = (uint64_t)val;
|
||||
|
||||
return syscall(SYS_bpf, BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFDeleteElem(int mapfd,
|
||||
void *key)
|
||||
{
|
||||
union bpf_attr attr;
|
||||
|
||||
memset(&attr, 0, sizeof(attr));
|
||||
|
||||
attr.map_fd = mapfd;
|
||||
attr.key = (uint64_t)key;
|
||||
|
||||
return syscall(SYS_bpf, BPF_MAP_DELETE_ELEM, &attr, sizeof(attr));
|
||||
}
|
||||
#else /* HAVE_DECL_BPF_PROG_QUERY */
|
||||
int
|
||||
virBPFCreateMap(unsigned int mapType G_GNUC_UNUSED,
|
||||
unsigned int keySize G_GNUC_UNUSED,
|
||||
unsigned int valSize G_GNUC_UNUSED,
|
||||
unsigned int maxEntries G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFLoadProg(struct bpf_insn *insns G_GNUC_UNUSED,
|
||||
int progType G_GNUC_UNUSED,
|
||||
unsigned int insnCnt G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFAttachProg(int progfd G_GNUC_UNUSED,
|
||||
int targetfd G_GNUC_UNUSED,
|
||||
int attachType G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFDetachProg(int progfd G_GNUC_UNUSED,
|
||||
int targetfd G_GNUC_UNUSED,
|
||||
int attachType G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFQueryProg(int targetfd G_GNUC_UNUSED,
|
||||
unsigned int maxprogids G_GNUC_UNUSED,
|
||||
int attachType G_GNUC_UNUSED,
|
||||
unsigned int *progcnt G_GNUC_UNUSED,
|
||||
void *progids G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetProg(unsigned int id G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetProgInfo(int progfd G_GNUC_UNUSED,
|
||||
struct bpf_prog_info *info G_GNUC_UNUSED,
|
||||
unsigned int **mapIDs G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetMap(unsigned int id G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetMapInfo(int mapfd G_GNUC_UNUSED,
|
||||
struct bpf_map_info *info G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFLookupElem(int mapfd G_GNUC_UNUSED,
|
||||
void *key G_GNUC_UNUSED,
|
||||
void *val G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFGetNextElem(int mapfd G_GNUC_UNUSED,
|
||||
void *key G_GNUC_UNUSED,
|
||||
void *nextKey G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFUpdateElem(int mapfd G_GNUC_UNUSED,
|
||||
void *key G_GNUC_UNUSED,
|
||||
void *val G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virBPFDeleteElem(int mapfd G_GNUC_UNUSED,
|
||||
void *key G_GNUC_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("BPF not supported with this kernel"));
|
||||
return -1;
|
||||
}
|
||||
#endif /* HAVE_DECL_BPF_PROG_QUERY */
|
256
src/util/virbpf.h
Normal file
256
src/util/virbpf.h
Normal file
@ -0,0 +1,256 @@
|
||||
/*
|
||||
* virbpf.h: methods for eBPF
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 2.1 of the License, or (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this library. If not, see
|
||||
* <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#if HAVE_DECL_BPF_PROG_QUERY
|
||||
|
||||
# include <linux/bpf.h>
|
||||
|
||||
/* ALU ops on registers, bpf_add|sub|...: dst_reg += src_reg */
|
||||
|
||||
# define VIR_BPF_ALU64_REG(op, dst, src) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_ALU64 | BPF_OP(op) | BPF_X, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = src, \
|
||||
.off = 0, \
|
||||
.imm = 0, \
|
||||
})
|
||||
|
||||
/* ALU ops on immediates, bpf_add|sub|...: dst_reg += imm32 */
|
||||
|
||||
# define VIR_BPF_ALU64_IMM(op, dst, immval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_ALU64 | BPF_OP(op) | BPF_K, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = 0, \
|
||||
.off = 0, \
|
||||
.imm = immval, \
|
||||
})
|
||||
|
||||
/* mov of registers, dst_reg = src_reg */
|
||||
|
||||
# define VIR_BPF_MOV64_REG(dst, src) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_ALU64 | BPF_MOV | BPF_X, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = src, \
|
||||
.off = 0, \
|
||||
.imm = 0, \
|
||||
})
|
||||
|
||||
/* mov of immediates, dst_reg = imm32 */
|
||||
|
||||
# define VIR_BPF_MOV64_IMM(dst, immval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_ALU64 | BPF_MOV | BPF_K, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = 0, \
|
||||
.off = 0, \
|
||||
.imm = immval, \
|
||||
})
|
||||
|
||||
/* helper to encode 16 byte instruction */
|
||||
|
||||
# define _VIR_BPF_LD_IMM64_RAW(dst, src, immval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_LD | BPF_DW | BPF_IMM, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = src, \
|
||||
.off = 0, \
|
||||
.imm = (uint32_t)immval, \
|
||||
}), \
|
||||
((struct bpf_insn) { \
|
||||
.code = 0, \
|
||||
.dst_reg = 0, \
|
||||
.src_reg = 0, \
|
||||
.off = 0, \
|
||||
.imm = ((uint64_t)immval) >> 32, \
|
||||
})
|
||||
|
||||
/* encodes single 'load 64-bit immediate' insn, dst_reg = imm ll */
|
||||
|
||||
# define VIR_BPF_LD_IMM64(dst, imm) \
|
||||
_VIR_BPF_LD_IMM64_RAW(dst, 0, imm)
|
||||
|
||||
/* pseudo VIR_BPF_LD_IMM64 insn used to refer to process-local map_fd */
|
||||
|
||||
# define VIR_BPF_LD_MAP_FD(dst, mapfd) \
|
||||
_VIR_BPF_LD_IMM64_RAW(dst, 1, mapfd)
|
||||
|
||||
/* memory load, dst_reg = *(size *) (src_reg + off16) */
|
||||
|
||||
# define VIR_BPF_LDX_MEM(size, dst, src, offval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_LDX | BPF_SIZE(size) | BPF_MEM, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = src, \
|
||||
.off = offval, \
|
||||
.imm = 0, \
|
||||
})
|
||||
|
||||
/* memory store of registers, *(size *) (dst_reg + off16) = src_reg */
|
||||
|
||||
# define VIR_BPF_STX_MEM(size, dst, src, offval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_STX | BPF_SIZE(size) | BPF_MEM, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = src, \
|
||||
.off = offval, \
|
||||
.imm = 0, \
|
||||
})
|
||||
|
||||
/* memory store of immediates, *(size *) (dst_reg + off16) = imm32 */
|
||||
|
||||
# define VIR_BPF_ST_MEM(size, dst, immval, offval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_ST | BPF_SIZE(size) | BPF_MEM, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = 0, \
|
||||
.off = offval, \
|
||||
.imm = immval, \
|
||||
})
|
||||
|
||||
/* conditional jumps against registers, if (dst_reg 'op' src_reg) goto pc + off16 */
|
||||
|
||||
# define VIR_BPF_JMP_REG(op, dst, src, offval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_JMP | BPF_OP(op) | BPF_X, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = src, \
|
||||
.off = offval, \
|
||||
.imm = 0, \
|
||||
})
|
||||
|
||||
/* conditional jumps against immediates, if (dst_reg 'op' imm32) goto pc + off16 */
|
||||
|
||||
# define VIR_BPF_JMP_IMM(op, dst, immval, offval) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_JMP | BPF_OP(op) | BPF_K, \
|
||||
.dst_reg = dst, \
|
||||
.src_reg = 0, \
|
||||
.off = offval, \
|
||||
.imm = immval, \
|
||||
})
|
||||
|
||||
/* call eBPF function, call imm32 */
|
||||
|
||||
# define VIR_BPF_CALL_INSN(func) \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_JMP | BPF_CALL, \
|
||||
.dst_reg = 0, \
|
||||
.src_reg = 0, \
|
||||
.off = 0, \
|
||||
.imm = func, \
|
||||
})
|
||||
|
||||
/* program exit */
|
||||
|
||||
# define VIR_BPF_EXIT_INSN() \
|
||||
((struct bpf_insn) { \
|
||||
.code = BPF_JMP | BPF_EXIT, \
|
||||
.dst_reg = 0, \
|
||||
.src_reg = 0, \
|
||||
.off = 0, \
|
||||
.imm = 0, \
|
||||
})
|
||||
|
||||
#else /* HAVE_DECL_BPF_PROG_QUERY */
|
||||
|
||||
struct bpf_prog_info;
|
||||
struct bpf_map_info;
|
||||
struct bpf_insn;
|
||||
|
||||
# define VIR_BPF_ALU64_REG(op, dst, src)
|
||||
# define VIR_BPF_ALU64_IMM(op, dst, immval)
|
||||
# define VIR_BPF_MOV64_REG(dst, src)
|
||||
# define VIR_BPF_MOV64_IMM(dst, immval)
|
||||
# define VIR_BPF_LD_IMM64(dst, imm)
|
||||
# define VIR_BPF_LD_MAP_FD(dst, mapfd)
|
||||
# define VIR_BPF_LDX_MEM(size, dst, src, offval)
|
||||
# define VIR_BPF_STX_MEM(size, dst, src, offval)
|
||||
# define VIR_BPF_ST_MEM(size, dst, immval, offval)
|
||||
# define VIR_BPF_JMP_REG(op, dst, src, offval)
|
||||
# define VIR_BPF_JMP_IMM(op, dst, immval, offval)
|
||||
# define VIR_BPF_CALL_INSN(func)
|
||||
# define VIR_BPF_EXIT_INSN()
|
||||
|
||||
#endif /* HAVE_DECL_BPF_PROG_QUERY */
|
||||
|
||||
int
|
||||
virBPFCreateMap(unsigned int mapType,
|
||||
unsigned int keySize,
|
||||
unsigned int valSize,
|
||||
unsigned int maxEntries);
|
||||
|
||||
int
|
||||
virBPFGetMapInfo(int mapfd,
|
||||
struct bpf_map_info *info);
|
||||
|
||||
int
|
||||
virBPFLoadProg(struct bpf_insn *insns,
|
||||
int progType,
|
||||
unsigned int insnCnt);
|
||||
|
||||
int
|
||||
virBPFAttachProg(int progfd,
|
||||
int targetfd,
|
||||
int attachType);
|
||||
|
||||
int
|
||||
virBPFDetachProg(int progfd,
|
||||
int targetfd,
|
||||
int attachType);
|
||||
|
||||
int
|
||||
virBPFQueryProg(int targetfd,
|
||||
unsigned int maxprogids,
|
||||
int attachType,
|
||||
unsigned int *progcnt,
|
||||
void *progids);
|
||||
|
||||
int
|
||||
virBPFGetProg(unsigned int id);
|
||||
|
||||
int
|
||||
virBPFGetProgInfo(int progfd,
|
||||
struct bpf_prog_info *info,
|
||||
unsigned int **mapIDs);
|
||||
|
||||
int
|
||||
virBPFGetMap(unsigned int id);
|
||||
|
||||
int
|
||||
virBPFLookupElem(int mapfd,
|
||||
void *key,
|
||||
void *val);
|
||||
|
||||
int
|
||||
virBPFGetNextElem(int mapfd,
|
||||
void *key,
|
||||
void *nextKey);
|
||||
|
||||
int
|
||||
virBPFUpdateElem(int mapfd,
|
||||
void *key,
|
||||
void *val);
|
||||
|
||||
int
|
||||
virBPFDeleteElem(int mapfd,
|
||||
void *key);
|
@ -144,6 +144,7 @@ VIR_ENUM_IMPL(virErrorDomain,
|
||||
"Domain Checkpoint",
|
||||
|
||||
"TPM", /* 70 */
|
||||
"BPF",
|
||||
);
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user