tequilaOS/platform_system_bpf
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_bpf/bpfloader/BpfLoader.cpp

177 lines
5.5 KiB
C++
Raw Normal View History

Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
/*
* Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef LOG_TAG
#define LOG_TAG "bpfloader"
#endif
#include <arpa/inet.h>
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
#include <dirent.h>
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
#include <elf.h>
#include <error.h>
#include <fcntl.h>
#include <inttypes.h>
#include <linux/bpf.h>
#include <linux/unistd.h>
#include <net/if.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
bpfloader: use kernel logs Boots early. logd no workie! Bug: 210919187 Test: see bpfloader logs Change-Id: Ib5669cb64684dfa18307ae5784349df3548d66d8
2022-02-08 00:15:48 +01:00
#include <android-base/logging.h>
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
#include <android-base/macros.h>
Set bpf.progs_loaded property when programs finish loading The property bpf.progs_loaded will be used by services expecting BPF programs to be loaded and wait before they are loaded. Bug: 112334572 Change-Id: I19daa0caa84e2659e8790f0dd551d95ab824e13b Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-01-11 12:22:05 +01:00
#include <android-base/properties.h>
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
#include <android-base/stringprintf.h>
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
#include <android-base/strings.h>
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
#include <android-base/unique_fd.h>
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
#include <libbpf_android.h>
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
#include <log/log.h>
#include <netdutils/Misc.h>
#include <netdutils/Slice.h>
#include "bpf/BpfUtils.h"
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
using android::base::EndsWith;
using std::string;
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
// see b/162057235. For arbitrary program types, the concern is that due to the lack of
// SELinux access controls over BPF program attachpoints, we have no way to control the
// attachment of programs to shared resources (or to detect when a shared resource
// has one BPF program replace another that is attached there)
constexpr bpf_prog_type kVendorAllowedProgTypes[] = {
Add socket filter to allowed programs for vendor and remove tracepoint This also fixes a permissions issue if a non-root user is set. The read permissions should be set before the file is set as non-root to ensure that the permissions can be set without error. Bump the BPF loader version. Bug: 203462310 Test: Ensure that vendor skfilter bpf programs can load Change-Id: Ib6b9a64d8652ff464c9d4d734bb8ae351673b6ce
2022-03-09 02:27:09 +01:00
BPF_PROG_TYPE_SOCKET_FILTER,
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
};
struct Location {
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
const char* const dir;
const char* const prefix;
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
const bpf_prog_type* allowedProgTypes = nullptr;
size_t allowedProgTypesLength = 0;
};
const Location locations[] = {
Allow bpfloader to handle 'net_shared' subdirectory netd.c is moved from netd to tethering mainline module. Bump BpfLoader to v0.9 Bug: 202086915 Test: cd system/netd; atest Test: atest TrafficStatsTest NetworkUsageStatsTest Change-Id: I0b8ba90bbbe4e16d979c4a40d6fdbbaac0d14d27
2022-01-17 10:22:34 +01:00
// Tethering mainline module: tether offload
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
{
.dir = "/apex/com.android.tethering/etc/bpf/",
.prefix = "tethering/",
},
bpfloader: add support for netd_shared and net_private subdirs Bug: 218408035 Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I613b84342fba7b425fb10af157fe0a6a731b71cb
2022-05-12 10:47:05 +02:00
// Tethering mainline module (shared with netd & system server)
{
.dir = "/apex/com.android.tethering/etc/bpf/netd_shared/",
.prefix = "netd_shared/",
},
// Tethering mainline module (shared with system server)
Allow bpfloader to handle 'net_shared' subdirectory netd.c is moved from netd to tethering mainline module. Bump BpfLoader to v0.9 Bug: 202086915 Test: cd system/netd; atest Test: atest TrafficStatsTest NetworkUsageStatsTest Change-Id: I0b8ba90bbbe4e16d979c4a40d6fdbbaac0d14d27
2022-01-17 10:22:34 +01:00
{
.dir = "/apex/com.android.tethering/etc/bpf/net_shared/",
move net_shared bpf programs into net_shared subdirectory (no selinux consequences to this in and of itself, though required for follow up selinux changes) Test: TreeHugger, manual Bug: 218408035 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Id5ef7f3b119743ef26b062068756c4e0f754e694
2022-04-21 15:31:33 +02:00
.prefix = "net_shared/",
Allow bpfloader to handle 'net_shared' subdirectory netd.c is moved from netd to tethering mainline module. Bump BpfLoader to v0.9 Bug: 202086915 Test: cd system/netd; atest Test: atest TrafficStatsTest NetworkUsageStatsTest Change-Id: I0b8ba90bbbe4e16d979c4a40d6fdbbaac0d14d27
2022-01-17 10:22:34 +01:00
},
bpfloader: add support for netd_shared and net_private subdirs Bug: 218408035 Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I613b84342fba7b425fb10af157fe0a6a731b71cb
2022-05-12 10:47:05 +02:00
// Tethering mainline module (not shared)
{
.dir = "/apex/com.android.tethering/etc/bpf/net_private/",
.prefix = "net_private/",
},
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
// Core operating system
{
.dir = "/system/etc/bpf/",
.prefix = "",
},
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
// Vendor operating system
{
.dir = "/vendor/etc/bpf/",
.prefix = "vendor/",
.allowedProgTypes = kVendorAllowedProgTypes,
.allowedProgTypesLength = arraysize(kVendorAllowedProgTypes),
},
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
};
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
int loadAllElfObjects(const Location& location) {
Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure. Reasoning: critical load failures for netd bpf programs will just result in unpredictable behaviour later on. For example netd/systemserver crash loops. Test: builds Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 04:27:33 +02:00
int retVal = 0;
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
DIR* dir;
struct dirent* ent;
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
if ((dir = opendir(location.dir)) != NULL) {
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
while ((ent = readdir(dir)) != NULL) {
string s = ent->d_name;
if (!EndsWith(s, ".o")) continue;
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
string progPath(location.dir);
Load BPF programs from system and mainline folder Test: flash and boot successfully Change-Id: Ia1a713024686c36e34f7cf525a284abc00fe56e2
2020-09-10 09:51:59 +02:00
progPath += s;
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure. Reasoning: critical load failures for netd bpf programs will just result in unpredictable behaviour later on. For example netd/systemserver crash loops. Test: builds Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 04:27:33 +02:00
bool critical;
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
int ret = android::bpf::loadProg(progPath.c_str(), &critical, location.prefix,
location.allowedProgTypes,
location.allowedProgTypesLength);
Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure. Reasoning: critical load failures for netd bpf programs will just result in unpredictable behaviour later on. For example netd/systemserver crash loops. Test: builds Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 04:27:33 +02:00
if (ret) {
if (critical) retVal = ret;
ALOGE("Failed to load object: %s, ret: %s", progPath.c_str(), std::strerror(-ret));
} else {
ALOGI("Loaded object: %s", progPath.c_str());
}
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
}
closedir(dir);
}
Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure. Reasoning: critical load failures for netd bpf programs will just result in unpredictable behaviour later on. For example netd/systemserver crash loops. Test: builds Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 04:27:33 +02:00
return retVal;
Initial checkin for relocatable ELF loader and link with bcc * Wrote a relocatable ELF loader from scratch. The loader library loads all objects in /system/etc/bpf/, parses and fixes up eBPF instructions based on relocation information, creates maps and programs and pins them. A single API call without arguments is made which results in this operation. The API has all the information it needs from the filesystem and the ELF objects, so there is no configuration stored in the code calling the loader API essentially making it zero conf. Initially this will be used by time_in_state statistics collection using tracepoints. In the future, netd's eBPF C code should be rewritten to use this infrastructure and the old ELF loader can be gotten rid off. This is the first step. * Link libbpf with libbpf_android which will come from the external/ bcc project. This will be used for tracepoint and perf eBPF support. In the future it can be used for other things as kernel eBPF support advances. This patch will be merged only after bcc is cloned into external/ to prevent build breakage. Bug: 112334572 Change-Id: Ic0fd9504e18031132d40bb627c5e44058d59c9f8 Signed-off-by: Joel Fernandes <joelaf@google.com>
2018-10-16 22:19:58 +02:00
}
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
void createSysFsBpfSubDir(const char* const prefix) {
if (*prefix) {
mode_t prevUmask = umask(0);
string s = "/sys/fs/bpf/";
s += prefix;
errno = 0;
int ret = mkdir(s.c_str(), S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO);
if (ret && errno != EEXIST) {
ALOGW("Failed to create directory: %s, ret: %s", s.c_str(), std::strerror(errno));
}
umask(prevUmask);
}
}
bpfloader: use kernel logs Boots early. logd no workie! Bug: 210919187 Test: see bpfloader logs Change-Id: Ib5669cb64684dfa18307ae5784349df3548d66d8
2022-02-08 00:15:48 +01:00
int main(int argc, char** argv) {
(void)argc;
android::base::InitLogging(argv, &android::base::KernelLogger);
only set 'bpf.progs_loaded' property on eBPF capable devices... ... which also means waitForProgsLoaded() has to be a no-op on pre-bpf devices. This is more consistent: it's weird to have bpf.progs_loaded set on a 4.4 device. Test: builds, atest Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iddabcf56c187ea518dd2e4d8db451b2f6902aa8e
2020-06-11 00:56:07 +02:00
// Load all ELF objects, create programs and maps, and pin them
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
for (const auto& location : locations) {
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
createSysFsBpfSubDir(location.prefix);
bpfloader: also load from /vendor/etc/bpf/ Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2019-12-12 23:22:34 +01:00
if (loadAllElfObjects(location) != 0) {
put tethering bpf maps & programs in /sys/fs/bpf/tethering/... This makes it harder for system and mainline bpf programs to conflict with each other, thus enabling easier mainline module updates. Test: builds and boots, atest, TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-15 08:36:32 +01:00
ALOGE("=== CRITICAL FAILURE LOADING BPF PROGRAMS FROM %s ===", location.dir);
Load BPF programs from system and mainline folder Test: flash and boot successfully Change-Id: Ia1a713024686c36e34f7cf525a284abc00fe56e2
2020-09-10 09:51:59 +02:00
ALOGE("If this triggers reliably, you're probably missing kernel options or patches.");
ALOGE("If this triggers randomly, you might be hitting some memory allocation "
"problems or startup script race.");
ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---");
sleep(20);
return 2;
}
Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure. Reasoning: critical load failures for netd bpf programs will just result in unpredictable behaviour later on. For example netd/systemserver crash loops. Test: builds Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 04:27:33 +02:00
}
Set bpf.progs_loaded property when programs finish loading The property bpf.progs_loaded will be used by services expecting BPF programs to be loaded and wait before they are loaded. Bug: 112334572 Change-Id: I19daa0caa84e2659e8790f0dd551d95ab824e13b Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-01-11 12:22:05 +01:00
if (android::base::SetProperty("bpf.progs_loaded", "1") == false) {
Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure. Reasoning: critical load failures for netd bpf programs will just result in unpredictable behaviour later on. For example netd/systemserver crash loops. Test: builds Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 04:27:33 +02:00
ALOGE("Failed to set bpf.progs_loaded property");
Set bpf.progs_loaded property when programs finish loading The property bpf.progs_loaded will be used by services expecting BPF programs to be loaded and wait before they are loaded. Bug: 112334572 Change-Id: I19daa0caa84e2659e8790f0dd551d95ab824e13b Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-01-11 12:22:05 +01:00
return 1;
}
return 0;
Initial checkin for bpf project Copied the files from system/netd into system/bpf. No modification is made to the files. Test: this doesn't build since the Android.bp file is missing Bug: 112334572 Change-Id: Ia090a429dd416e07c46766784fb3dd2037201525
2018-10-11 00:01:19 +02:00
}
Reference in a new issue Copy permalink