From 5f0973110034b2a3519e4e6fe59dc724955d28d7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 12 Feb 2025 15:46:13 +0000 Subject: [PATCH 01/28] Bump github.com/cilium/ebpf from 0.17.1 to 0.17.3 Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf) from 0.17.1 to 0.17.3. - [Release notes](https://github.com/cilium/ebpf/releases) - [Commits](https://github.com/cilium/ebpf/compare/v0.17.1...v0.17.3) --- updated-dependencies: - dependency-name: github.com/cilium/ebpf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 1ac0ad4f1..73abbcfa9 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ replace github.com/imdario/mergo => github.com/imdario/mergo v0.3.5 require ( github.com/agiledragon/gomonkey/v2 v2.12.0 github.com/cespare/xxhash/v2 v2.3.0 - github.com/cilium/ebpf v0.17.1 + github.com/cilium/ebpf v0.17.3 github.com/cncf/xds/go v0.0.0-20241213214725-57cfbe6fad57 github.com/containernetworking/cni v1.2.3 github.com/containernetworking/plugins v1.6.1 @@ -24,7 +24,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.10.0 github.com/vishvananda/netlink v1.3.0 - golang.org/x/sys v0.29.0 + golang.org/x/sys v0.30.0 google.golang.org/grpc v1.69.4 google.golang.org/protobuf v1.36.3 gopkg.in/natefinch/lumberjack.v2 v2.2.1 diff --git a/go.sum b/go.sum index 44005b19b..fa8c47821 100644 --- a/go.sum +++ b/go.sum @@ -62,8 +62,8 @@ github.com/chai2010/gettext-go v1.0.3 h1:9liNh8t+u26xl5ddmWLmsOsdNLwkdRTg5AG+JnT github.com/chai2010/gettext-go v1.0.3/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/cheggaaa/pb/v3 v3.1.5 h1:QuuUzeM2WsAqG2gMqtzaWithDJv0i+i6UlnwSCI4QLk= github.com/cheggaaa/pb/v3 v3.1.5/go.mod h1:CrxkeghYTXi1lQBEI7jSn+3svI3cuc19haAj6jM60XI= -github.com/cilium/ebpf v0.17.1 h1:G8mzU81R2JA1nE5/8SRubzqvBMmAmri2VL8BIZPWvV0= -github.com/cilium/ebpf v0.17.1/go.mod h1:vay2FaYSmIlv3r8dNACd4mW/OCaZLJKJOo+IHBvCIO8= +github.com/cilium/ebpf v0.17.3 h1:FnP4r16PWYSE4ux6zN+//jMcW4nMVRvuTLVTvCjyyjg= +github.com/cilium/ebpf v0.17.3/go.mod h1:G5EDHij8yiLzaqn0WjyfJHvRa+3aDlReIaLVRMvOyJk= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/xds/go v0.0.0-20241213214725-57cfbe6fad57 h1:put7Je9ZyxbHtwr7IqGrW4LLVUupJQ2gbsDshKISSgU= @@ -564,8 +564,8 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= From b9f2ad7de1b76ee252a8fbbb451d9e65dfd32b4f Mon Sep 17 00:00:00 2001 From: lec-bit Date: Thu, 6 Feb 2025 09:49:39 +0800 Subject: [PATCH 02/28] adapt new kernel enhanced Signed-off-by: lec-bit --- bpf/kmesh/ads/cgroup_sock.c | 24 ++++---- bpf/kmesh/ads/include/circuit_breaker.h | 1 + bpf/kmesh/ads/include/filter.h | 4 +- bpf/kmesh/ads/include/kmesh_common.h | 2 + bpf/kmesh/ads/sockops.c | 38 ------------ kernel/ko_src/kmesh/defer_connect.c | 43 +++++++------- kernel/ko_src/kmesh/defer_connect.h | 2 + pkg/bpf/ads/loader_enhanced.go | 23 +++++--- pkg/bpf/ads/sock_ops.go | 77 ------------------------- 9 files changed, 57 insertions(+), 157 deletions(-) diff --git a/bpf/kmesh/ads/cgroup_sock.c b/bpf/kmesh/ads/cgroup_sock.c index 7293f104a..ae7fc838e 100644 --- a/bpf/kmesh/ads/cgroup_sock.c +++ b/bpf/kmesh/ads/cgroup_sock.c @@ -12,11 +12,14 @@ #include "cluster.h" #include "bpf_common.h" +#if ENHANCED_KERNEL +#include "route_config.h" +#endif #if KMESH_ENABLE_IPV4 #if KMESH_ENABLE_HTTP static const char kmesh_module_name[] = "kmesh_defer"; - +static char kmesh_module_name_get[KMESH_MODULE_NAME_LEN]; static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) { int ret; @@ -39,18 +42,19 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) BPF_LOG(DEBUG, KMESH, "bpf find listener addr=[%s:%u]\n", ip2str(&ip, 1), bpf_ntohs(ctx->user_port)); #if ENHANCED_KERNEL - // todo build when kernel support http parse and route - // defer conn - ret = bpf_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name, sizeof(kmesh_module_name)); - if (ret) - BPF_LOG(ERR, KMESH, "bpf set sockopt failed! ret:%d\n", ret); -#else // KMESH_ENABLE_HTTP - ret = listener_manager(ctx, listener, NULL); + ret = bpf_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name_get, KMESH_MODULE_NAME_LEN); + BPF_LOG(DEBUG, KMESH, "kmesh_module_name_get:%s ret:%d\n", kmesh_module_name_get, ret); + if (ret != 0 || bpf__strncmp(kmesh_module_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_name)) { + ret = bpf_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name, sizeof(kmesh_module_name)); + if (ret) + BPF_LOG(ERR, KMESH, "bpf set sockopt failed! ret %d\n", ret); + return 0; + } +#endif + ret = listener_manager(ctx, listener, ctx); if (ret != 0) { BPF_LOG(ERR, KMESH, "listener_manager failed, ret %d\n", ret); - return ret; } -#endif // KMESH_ENABLE_HTTP return 0; } diff --git a/bpf/kmesh/ads/include/circuit_breaker.h b/bpf/kmesh/ads/include/circuit_breaker.h index b4106c5bd..187aafc44 100644 --- a/bpf/kmesh/ads/include/circuit_breaker.h +++ b/bpf/kmesh/ads/include/circuit_breaker.h @@ -4,6 +4,7 @@ #include "bpf_log.h" #include "kmesh_common.h" #include "bpf_common.h" +#include "cluster/cluster.pb-c.h" #ifndef __KMESH_CIRCUIT_BREAKER_H__ #define __KMESH_CIRCUIT_BREAKER_H__ diff --git a/bpf/kmesh/ads/include/filter.h b/bpf/kmesh/ads/include/filter.h index 467d57264..53adbe722 100644 --- a/bpf/kmesh/ads/include/filter.h +++ b/bpf/kmesh/ads/include/filter.h @@ -128,10 +128,10 @@ int filter_manager(ctx_buff_t *ctx) kmesh_tail_delete_ctx(&ctx_key); switch (filter->config_type_case) { -#ifndef CGROUP_SOCK_MANAGE +#if ENHANCED_KERNEL case LISTENER__FILTER__CONFIG_TYPE_HTTP_CONNECTION_MANAGER: http_conn = KMESH_GET_PTR_VAL(filter->http_connection_manager, Filter__HttpConnectionManager); - ret = bpf_parse_header_msg(ctx_val->msg); + ret = bpf_parse_header_msg(ctx); if (GET_RET_PROTO_TYPE(ret) != PROTO_HTTP_1_1) { BPF_LOG(DEBUG, FILTER, "http filter manager,only support http1.1 this version"); break; diff --git a/bpf/kmesh/ads/include/kmesh_common.h b/bpf/kmesh/ads/include/kmesh_common.h index 2a9c62010..07942678b 100644 --- a/bpf/kmesh/ads/include/kmesh_common.h +++ b/bpf/kmesh/ads/include/kmesh_common.h @@ -21,6 +21,8 @@ #define BPF_LOGTYPE_CIRCUIT_BREAKER BPF_DEBUG_ON #define BPF_OK 1 +#define BPF_STRNCMP_DATA_MAX_LEN 16 +#define KMESH_MODULE_NAME_LEN 16 #define _(P) \ ({ \ diff --git a/bpf/kmesh/ads/sockops.c b/bpf/kmesh/ads/sockops.c index fcd15e4fc..e7800842f 100644 --- a/bpf/kmesh/ads/sockops.c +++ b/bpf/kmesh/ads/sockops.c @@ -4,45 +4,11 @@ #include #include "bpf_log.h" #include "ctx/sock_ops.h" -#include "listener.h" -#include "listener/listener.pb-c.h" -#include "filter.h" -#include "route_config.h" -#include "cluster.h" #include "circuit_breaker.h" #if KMESH_ENABLE_IPV4 #if KMESH_ENABLE_HTTP -static int sockops_traffic_control(struct bpf_sock_ops *skops, struct bpf_mem_ptr *msg) -{ - int ret; - /* 1 lookup listener */ - DECLARE_VAR_ADDRESS(skops, addr); - addr.port = GET_SKOPS_REMOTE_PORT(skops); - - Listener__Listener *listener = map_lookup_listener(&addr); - - if (!listener) { - addr.ipv4 = 0; - listener = map_lookup_listener(&addr); - if (!listener) { - /* no match vip/nodeport listener */ - return 0; - } - } - - DECLARE_VAR_IPV4(skops->remote_ip4, ip) - BPF_LOG( - DEBUG, - SOCKOPS, - "sockops_traffic_control listener=\"%s\", addr=[%s:%u]\n", - (char *)KMESH_GET_PTR_VAL(listener->name, char *), - ip2str(&ip, 1), - bpf_ntohs(skops->remote_port)); - return listener_manager(skops, listener, msg); -} - SEC("sockops") int sockops_prog(struct bpf_sock_ops *skops) { @@ -53,10 +19,6 @@ int sockops_prog(struct bpf_sock_ops *skops) return BPF_OK; switch (skops->op) { - case BPF_SOCK_OPS_TCP_DEFER_CONNECT_CB: - msg = (struct bpf_mem_ptr *)BPF_CONSTRUCT_PTR(skops->args[0], skops->args[1]); - (void)sockops_traffic_control(skops, msg); - break; case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB: if (bpf_sock_ops_cb_flags_set(skops, BPF_SOCK_OPS_STATE_CB_FLAG) != 0) { BPF_LOG(ERR, SOCKOPS, "set sockops cb failed!\n"); diff --git a/kernel/ko_src/kmesh/defer_connect.c b/kernel/ko_src/kmesh/defer_connect.c index ef7d1d7aa..8540bb752 100644 --- a/kernel/ko_src/kmesh/defer_connect.c +++ b/kernel/ko_src/kmesh/defer_connect.c @@ -18,18 +18,31 @@ #include #include +#include "defer_connect.h" + static struct proto *kmesh_defer_proto = NULL; #define KMESH_DELAY_ERROR -1000 +#define BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, uaddr, t_ctx) \ + ({ \ + int __ret = -1; \ + if (t_ctx == NULL) { \ + __ret = -EINVAL; \ + } else { \ + __ret = __cgroup_bpf_run_filter_sock_addr(sk, uaddr, CGROUP_INET4_CONNECT, t_ctx); \ + } \ + __ret; \ + }) + static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) { struct bpf_mem_ptr tmpMem = {0}; void *kbuf = NULL; size_t kbuf_size; - struct sockaddr_in addr_in; long timeo = 1; const struct iovec *iov; - struct bpf_sock_ops_kern sock_ops; + struct bpf_sock_addr_kern sock_addr; + struct sockaddr_in uaddr; void __user *ubase; int err; u32 dport, daddr; @@ -83,34 +96,20 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) goto out; } #else - memset(&sock_ops, 0, offsetof(struct bpf_sock_ops_kern, temp)); - if (sk_fullsock(sk)) { - sock_ops.is_fullsock = 1; - sock_owned_by_me(sk); - } - sock_ops.sk = sk; - sock_ops.op = BPF_SOCK_OPS_TCP_DEFER_CONNECT_CB; - sock_ops.args[0] = ((u64)(&tmpMem) & U32_MAX); - sock_ops.args[1] = (((u64)(&tmpMem) >> 32) & U32_MAX); - - (void)BPF_CGROUP_RUN_PROG_SOCK_OPS(&sock_ops); - if (sock_ops.replylong[2] && sock_ops.replylong[3]) { - daddr = sock_ops.replylong[2]; - dport = sock_ops.replylong[3]; - } + uaddr.sin_family = AF_INET; + uaddr.sin_addr.s_addr = daddr; + uaddr.sin_port = dport; + err = BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, (struct sockaddr *)&uaddr, &tmpMem); #endif connect: - addr_in.sin_family = AF_INET; - addr_in.sin_addr.s_addr = daddr; - addr_in.sin_port = dport; - err = sk->sk_prot->connect(sk, (struct sockaddr *)&addr_in, sizeof(struct sockaddr_in)); - inet_sk(sk)->bpf_defer_connect = 0; + err = sk->sk_prot->connect(sk, (struct sockaddr *)&uaddr, sizeof(struct sockaddr_in)); if (unlikely(err)) { tcp_set_state(sk, TCP_CLOSE); sk->sk_route_caps = 0; inet_sk(sk)->inet_dport = 0; goto out; } + inet_sk(sk)->defer_connect = 0; if ((((__u32)1 << sk->sk_state) & ~(__u32)(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) && !tcp_passive_fastopen(sk)) { sk_stream_wait_connect(sk, &timeo); diff --git a/kernel/ko_src/kmesh/defer_connect.h b/kernel/ko_src/kmesh/defer_connect.h index 88d186f18..caedd7106 100644 --- a/kernel/ko_src/kmesh/defer_connect.h +++ b/kernel/ko_src/kmesh/defer_connect.h @@ -4,6 +4,8 @@ #ifndef KMESH_DEFER_CONN_H #define KMESH_DEFER_CONN_H +#include "kmesh_parse_protocol_data.h" + int __init defer_conn_init(void); void __exit defer_conn_exit(void); diff --git a/pkg/bpf/ads/loader_enhanced.go b/pkg/bpf/ads/loader_enhanced.go index 30f60c70d..a8fc629e8 100644 --- a/pkg/bpf/ads/loader_enhanced.go +++ b/pkg/bpf/ads/loader_enhanced.go @@ -114,7 +114,10 @@ func (sc *BpfAds) Load() error { if err := sc.TracePoint.Load(); err != nil { return err } + return nil +} +func (sc *BpfAds) Load() error { if err := sc.SockOps.Load(); err != nil { return err } @@ -123,6 +126,10 @@ func (sc *BpfAds) Load() error { return err } + if err := sc.SockConn.RouteLoad(); err != nil { + return err + } + if err := sc.Tc.LoadTC(); err != nil { return err } @@ -133,31 +140,31 @@ func (sc *BpfAds) Load() error { func (sc *BpfAds) ApiEnvCfg() error { var err error - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmeshSockopsMaps.KmListener, "Listener"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshCgroupSockMaps.KmListener, "Listener"); err != nil { return err } - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmRouterconfig, "RouteConfiguration"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshCgroupSockMaps.KmRouterconfig, "RouteConfiguration"); err != nil { return err } - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmCluster, "Cluster"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshCgroupSockMaps.KmCluster, "Cluster"); err != nil { return err } - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmeshMap64, "KmeshMap64"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshMap64, "KmeshMap64"); err != nil { return err } - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmeshMap192, "KmeshMap192"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshMap192, "KmeshMap192"); err != nil { return err } - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmeshMap296, "KmeshMap296"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshMap296, "KmeshMap296"); err != nil { return err } - if err = utils.SetEnvByBpfMapId(sc.SockOps.KmeshMap1600, "KmeshMap1600"); err != nil { + if err = utils.SetEnvByBpfMapId(sc.SockConn.KmeshMap1600, "KmeshMap1600"); err != nil { return err } return nil @@ -199,7 +206,7 @@ func (sc *BpfAds) Detach() error { } func (sc *BpfAds) GetClusterStatsMap() *ebpf.Map { - return sc.SockOps.KmeshSockopsMaps.KmClusterstats + return sc.SockConn.KmeshCgroupSockMaps.KmClusterstats } func AdsL7Enabled() bool { diff --git a/pkg/bpf/ads/sock_ops.go b/pkg/bpf/ads/sock_ops.go index 5117d429e..cebee39d9 100644 --- a/pkg/bpf/ads/sock_ops.go +++ b/pkg/bpf/ads/sock_ops.go @@ -87,70 +87,6 @@ func (sc *BpfSockOps) loadKmeshSockopsObjects() (*ebpf.CollectionSpec, error) { return spec, nil } - -func (sc *BpfSockOps) loadKmeshFilterObjects() (*ebpf.CollectionSpec, error) { - var ( - err error - spec *ebpf.CollectionSpec - opts ebpf.CollectionOptions - ) - - opts.Maps.PinPath = sc.Info.MapPath - err = sc.KmSkopstailcall.Update( - uint32(KMESH_TAIL_CALL_FILTER_CHAIN), - uint32(sc.FilterChainManager.FD()), - ebpf.UpdateAny) - if err != nil { - return nil, err - } - - err = sc.KmSkopstailcall.Update( - uint32(KMESH_TAIL_CALL_FILTER), - uint32(sc.FilterManager.FD()), - ebpf.UpdateAny) - if err != nil { - return nil, err - } - - return spec, nil -} - -func (sc *BpfSockOps) loadRouteConfigObjects() (*ebpf.CollectionSpec, error) { - var ( - err error - spec *ebpf.CollectionSpec - opts ebpf.CollectionOptions - ) - opts.Maps.PinPath = sc.Info.MapPath - err = sc.KmSkopstailcall.Update( - uint32(KMESH_TAIL_CALL_ROUTER_CONFIG), - uint32(sc.RouteConfigManager.FD()), - ebpf.UpdateAny) - if err != nil { - return nil, err - } - - return spec, nil -} - -func (sc *BpfSockOps) loadKmeshClusterObjects() (*ebpf.CollectionSpec, error) { - var ( - err error - spec *ebpf.CollectionSpec - opts ebpf.CollectionOptions - ) - opts.Maps.PinPath = sc.Info.MapPath - err = sc.KmSkopstailcall.Update( - uint32(KMESH_TAIL_CALL_CLUSTER), - uint32(sc.ClusterManager.FD()), - ebpf.UpdateAny) - if err != nil { - return nil, err - } - - return spec, nil -} - func (sc *BpfSockOps) Load() error { /* load kmesh sockops main bpf prog */ spec, err := sc.loadKmeshSockopsObjects() @@ -162,19 +98,6 @@ func (sc *BpfSockOps) Load() error { sc.Info.Type = prog.Type sc.Info.AttachType = prog.AttachType - /* load kmesh sockops tail call bpf prog */ - if _, err := sc.loadKmeshFilterObjects(); err != nil { - return err - } - - if _, err := sc.loadRouteConfigObjects(); err != nil { - return err - } - - if _, err := sc.loadKmeshClusterObjects(); err != nil { - return err - } - return nil } From 52efd5dff5c3b353f5f142602684fdb2996858f9 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Thu, 6 Feb 2025 09:55:21 +0800 Subject: [PATCH 03/28] adapt new kernel, not need bpf_defer_connect and tracepoint Signed-off-by: lec-bit --- bpf/kmesh/ads/tracepoint.c | 23 --- bpf/kmesh/bpf2go/bpf2go.go | 2 - .../enhanced/kmeshtracepoint_bpfeb.go | 115 --------------- .../enhanced/kmeshtracepoint_bpfel.go | 115 --------------- .../enhanced/kmeshtracepointcompat_bpfeb.go | 115 --------------- .../enhanced/kmeshtracepointcompat_bpfel.go | 115 --------------- hack/golangci-lint-prepare.sh | 4 - kernel/ko_src/kmesh/defer_connect.c | 19 +-- kmesh_compile_env_pre.sh | 2 - pkg/bpf/ads/loader_enhanced.go | 26 ++-- pkg/bpf/ads/trace_point.go | 135 ------------------ 11 files changed, 14 insertions(+), 657 deletions(-) delete mode 100644 bpf/kmesh/ads/tracepoint.c delete mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfeb.go delete mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfel.go delete mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfeb.go delete mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfel.go delete mode 100644 pkg/bpf/ads/trace_point.go diff --git a/bpf/kmesh/ads/tracepoint.c b/bpf/kmesh/ads/tracepoint.c deleted file mode 100644 index c24af007d..000000000 --- a/bpf/kmesh/ads/tracepoint.c +++ /dev/null @@ -1,23 +0,0 @@ -// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) -/* Copyright Authors of Kmesh */ - -#include -#include -#include - -#define KMESH_DELAY_ERROR -1000 - -struct context { - int *err; -}; - -SEC("raw_tracepoint.w") -int connect_ret(struct context *ctx) -{ - if (*ctx->err == KMESH_DELAY_ERROR) - *ctx->err = 0; - return 0; -} - -char _license[] SEC("license") = "Dual BSD/GPL"; -__u32 _version SEC("version") = 1; diff --git a/bpf/kmesh/bpf2go/bpf2go.go b/bpf/kmesh/bpf2go/bpf2go.go index 2fb660590..1ef4aa61a 100644 --- a/bpf/kmesh/bpf2go/bpf2go.go +++ b/bpf/kmesh/bpf2go/bpf2go.go @@ -21,7 +21,6 @@ package bpf2go //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/normal --go-package normal -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSock ../ads/cgroup_sock.c -- -I../ads/include -I../../include -I../../../api/v2-c -DCGROUP_SOCK_MANAGE -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockWorkload ../workload/cgroup_sock.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/enhanced --go-package enhanced -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockops ../ads/sockops.c -- -I../ads/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=1 -//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/enhanced --go-package enhanced -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshTracePoint ../ads/tracepoint.c -- -I../ads/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsWorkload ../workload/sockops.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshXDPAuth ../workload/xdp.c -- -I../workload/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSendmsg ../workload/sendmsg.c -- -I../workload/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=1 @@ -31,7 +30,6 @@ package bpf2go //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/normal --go-package normal -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockCompat ../ads/cgroup_sock.c -- -I../ads/include -I../../include -I../../../api/v2-c -DCGROUP_SOCK_MANAGE -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockWorkloadCompat ../workload/cgroup_sock.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/enhanced --go-package enhanced -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsCompat ../ads/sockops.c -- -I../ads/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=0 -//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/enhanced --go-package enhanced -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshTracePointCompat ../ads/tracepoint.c -- -I../ads/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsWorkloadCompat ../workload/sockops.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshXDPAuthCompat ../workload/xdp.c -- -I../workload/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSendmsgCompat ../workload/sendmsg.c -- -I../workload/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=0 diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfeb.go deleted file mode 100644 index 9deec1c35..000000000 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfeb.go +++ /dev/null @@ -1,115 +0,0 @@ -// Code generated by bpf2go; DO NOT EDIT. -//go:build mips || mips64 || ppc64 || s390x - -package enhanced - -import ( - "bytes" - _ "embed" - "fmt" - "io" - - "github.com/cilium/ebpf" -) - -// LoadKmeshTracePoint returns the embedded CollectionSpec for KmeshTracePoint. -func LoadKmeshTracePoint() (*ebpf.CollectionSpec, error) { - reader := bytes.NewReader(_KmeshTracePointBytes) - spec, err := ebpf.LoadCollectionSpecFromReader(reader) - if err != nil { - return nil, fmt.Errorf("can't load KmeshTracePoint: %w", err) - } - - return spec, err -} - -// LoadKmeshTracePointObjects loads KmeshTracePoint and converts it into a struct. -// -// The following types are suitable as obj argument: -// -// *KmeshTracePointObjects -// *KmeshTracePointPrograms -// *KmeshTracePointMaps -// -// See ebpf.CollectionSpec.LoadAndAssign documentation for details. -func LoadKmeshTracePointObjects(obj interface{}, opts *ebpf.CollectionOptions) error { - spec, err := LoadKmeshTracePoint() - if err != nil { - return err - } - - return spec.LoadAndAssign(obj, opts) -} - -// KmeshTracePointSpecs contains maps and programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointSpecs struct { - KmeshTracePointProgramSpecs - KmeshTracePointMapSpecs -} - -// KmeshTracePointSpecs contains programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointProgramSpecs struct { - ConnectRet *ebpf.ProgramSpec `ebpf:"connect_ret"` -} - -// KmeshTracePointMapSpecs contains maps before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointMapSpecs struct { -} - -// KmeshTracePointObjects contains all objects after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointObjects struct { - KmeshTracePointPrograms - KmeshTracePointMaps -} - -func (o *KmeshTracePointObjects) Close() error { - return _KmeshTracePointClose( - &o.KmeshTracePointPrograms, - &o.KmeshTracePointMaps, - ) -} - -// KmeshTracePointMaps contains all maps after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointMaps struct { -} - -func (m *KmeshTracePointMaps) Close() error { - return _KmeshTracePointClose() -} - -// KmeshTracePointPrograms contains all programs after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointPrograms struct { - ConnectRet *ebpf.Program `ebpf:"connect_ret"` -} - -func (p *KmeshTracePointPrograms) Close() error { - return _KmeshTracePointClose( - p.ConnectRet, - ) -} - -func _KmeshTracePointClose(closers ...io.Closer) error { - for _, closer := range closers { - if err := closer.Close(); err != nil { - return err - } - } - return nil -} - -// Do not access this directly. -// -//go:embed kmeshtracepoint_bpfeb.o -var _KmeshTracePointBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfel.go deleted file mode 100644 index 20d20d7d9..000000000 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepoint_bpfel.go +++ /dev/null @@ -1,115 +0,0 @@ -// Code generated by bpf2go; DO NOT EDIT. -//go:build 386 || amd64 || arm || arm64 || loong64 || mips64le || mipsle || ppc64le || riscv64 - -package enhanced - -import ( - "bytes" - _ "embed" - "fmt" - "io" - - "github.com/cilium/ebpf" -) - -// LoadKmeshTracePoint returns the embedded CollectionSpec for KmeshTracePoint. -func LoadKmeshTracePoint() (*ebpf.CollectionSpec, error) { - reader := bytes.NewReader(_KmeshTracePointBytes) - spec, err := ebpf.LoadCollectionSpecFromReader(reader) - if err != nil { - return nil, fmt.Errorf("can't load KmeshTracePoint: %w", err) - } - - return spec, err -} - -// LoadKmeshTracePointObjects loads KmeshTracePoint and converts it into a struct. -// -// The following types are suitable as obj argument: -// -// *KmeshTracePointObjects -// *KmeshTracePointPrograms -// *KmeshTracePointMaps -// -// See ebpf.CollectionSpec.LoadAndAssign documentation for details. -func LoadKmeshTracePointObjects(obj interface{}, opts *ebpf.CollectionOptions) error { - spec, err := LoadKmeshTracePoint() - if err != nil { - return err - } - - return spec.LoadAndAssign(obj, opts) -} - -// KmeshTracePointSpecs contains maps and programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointSpecs struct { - KmeshTracePointProgramSpecs - KmeshTracePointMapSpecs -} - -// KmeshTracePointSpecs contains programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointProgramSpecs struct { - ConnectRet *ebpf.ProgramSpec `ebpf:"connect_ret"` -} - -// KmeshTracePointMapSpecs contains maps before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointMapSpecs struct { -} - -// KmeshTracePointObjects contains all objects after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointObjects struct { - KmeshTracePointPrograms - KmeshTracePointMaps -} - -func (o *KmeshTracePointObjects) Close() error { - return _KmeshTracePointClose( - &o.KmeshTracePointPrograms, - &o.KmeshTracePointMaps, - ) -} - -// KmeshTracePointMaps contains all maps after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointMaps struct { -} - -func (m *KmeshTracePointMaps) Close() error { - return _KmeshTracePointClose() -} - -// KmeshTracePointPrograms contains all programs after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointPrograms struct { - ConnectRet *ebpf.Program `ebpf:"connect_ret"` -} - -func (p *KmeshTracePointPrograms) Close() error { - return _KmeshTracePointClose( - p.ConnectRet, - ) -} - -func _KmeshTracePointClose(closers ...io.Closer) error { - for _, closer := range closers { - if err := closer.Close(); err != nil { - return err - } - } - return nil -} - -// Do not access this directly. -// -//go:embed kmeshtracepoint_bpfel.o -var _KmeshTracePointBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfeb.go deleted file mode 100644 index 76bdabd1b..000000000 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfeb.go +++ /dev/null @@ -1,115 +0,0 @@ -// Code generated by bpf2go; DO NOT EDIT. -//go:build mips || mips64 || ppc64 || s390x - -package enhanced - -import ( - "bytes" - _ "embed" - "fmt" - "io" - - "github.com/cilium/ebpf" -) - -// LoadKmeshTracePointCompat returns the embedded CollectionSpec for KmeshTracePointCompat. -func LoadKmeshTracePointCompat() (*ebpf.CollectionSpec, error) { - reader := bytes.NewReader(_KmeshTracePointCompatBytes) - spec, err := ebpf.LoadCollectionSpecFromReader(reader) - if err != nil { - return nil, fmt.Errorf("can't load KmeshTracePointCompat: %w", err) - } - - return spec, err -} - -// LoadKmeshTracePointCompatObjects loads KmeshTracePointCompat and converts it into a struct. -// -// The following types are suitable as obj argument: -// -// *KmeshTracePointCompatObjects -// *KmeshTracePointCompatPrograms -// *KmeshTracePointCompatMaps -// -// See ebpf.CollectionSpec.LoadAndAssign documentation for details. -func LoadKmeshTracePointCompatObjects(obj interface{}, opts *ebpf.CollectionOptions) error { - spec, err := LoadKmeshTracePointCompat() - if err != nil { - return err - } - - return spec.LoadAndAssign(obj, opts) -} - -// KmeshTracePointCompatSpecs contains maps and programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointCompatSpecs struct { - KmeshTracePointCompatProgramSpecs - KmeshTracePointCompatMapSpecs -} - -// KmeshTracePointCompatSpecs contains programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointCompatProgramSpecs struct { - ConnectRet *ebpf.ProgramSpec `ebpf:"connect_ret"` -} - -// KmeshTracePointCompatMapSpecs contains maps before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointCompatMapSpecs struct { -} - -// KmeshTracePointCompatObjects contains all objects after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointCompatObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointCompatObjects struct { - KmeshTracePointCompatPrograms - KmeshTracePointCompatMaps -} - -func (o *KmeshTracePointCompatObjects) Close() error { - return _KmeshTracePointCompatClose( - &o.KmeshTracePointCompatPrograms, - &o.KmeshTracePointCompatMaps, - ) -} - -// KmeshTracePointCompatMaps contains all maps after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointCompatObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointCompatMaps struct { -} - -func (m *KmeshTracePointCompatMaps) Close() error { - return _KmeshTracePointCompatClose() -} - -// KmeshTracePointCompatPrograms contains all programs after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointCompatObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointCompatPrograms struct { - ConnectRet *ebpf.Program `ebpf:"connect_ret"` -} - -func (p *KmeshTracePointCompatPrograms) Close() error { - return _KmeshTracePointCompatClose( - p.ConnectRet, - ) -} - -func _KmeshTracePointCompatClose(closers ...io.Closer) error { - for _, closer := range closers { - if err := closer.Close(); err != nil { - return err - } - } - return nil -} - -// Do not access this directly. -// -//go:embed kmeshtracepointcompat_bpfeb.o -var _KmeshTracePointCompatBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfel.go deleted file mode 100644 index b0fc02813..000000000 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshtracepointcompat_bpfel.go +++ /dev/null @@ -1,115 +0,0 @@ -// Code generated by bpf2go; DO NOT EDIT. -//go:build 386 || amd64 || arm || arm64 || loong64 || mips64le || mipsle || ppc64le || riscv64 - -package enhanced - -import ( - "bytes" - _ "embed" - "fmt" - "io" - - "github.com/cilium/ebpf" -) - -// LoadKmeshTracePointCompat returns the embedded CollectionSpec for KmeshTracePointCompat. -func LoadKmeshTracePointCompat() (*ebpf.CollectionSpec, error) { - reader := bytes.NewReader(_KmeshTracePointCompatBytes) - spec, err := ebpf.LoadCollectionSpecFromReader(reader) - if err != nil { - return nil, fmt.Errorf("can't load KmeshTracePointCompat: %w", err) - } - - return spec, err -} - -// LoadKmeshTracePointCompatObjects loads KmeshTracePointCompat and converts it into a struct. -// -// The following types are suitable as obj argument: -// -// *KmeshTracePointCompatObjects -// *KmeshTracePointCompatPrograms -// *KmeshTracePointCompatMaps -// -// See ebpf.CollectionSpec.LoadAndAssign documentation for details. -func LoadKmeshTracePointCompatObjects(obj interface{}, opts *ebpf.CollectionOptions) error { - spec, err := LoadKmeshTracePointCompat() - if err != nil { - return err - } - - return spec.LoadAndAssign(obj, opts) -} - -// KmeshTracePointCompatSpecs contains maps and programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointCompatSpecs struct { - KmeshTracePointCompatProgramSpecs - KmeshTracePointCompatMapSpecs -} - -// KmeshTracePointCompatSpecs contains programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointCompatProgramSpecs struct { - ConnectRet *ebpf.ProgramSpec `ebpf:"connect_ret"` -} - -// KmeshTracePointCompatMapSpecs contains maps before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type KmeshTracePointCompatMapSpecs struct { -} - -// KmeshTracePointCompatObjects contains all objects after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointCompatObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointCompatObjects struct { - KmeshTracePointCompatPrograms - KmeshTracePointCompatMaps -} - -func (o *KmeshTracePointCompatObjects) Close() error { - return _KmeshTracePointCompatClose( - &o.KmeshTracePointCompatPrograms, - &o.KmeshTracePointCompatMaps, - ) -} - -// KmeshTracePointCompatMaps contains all maps after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointCompatObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointCompatMaps struct { -} - -func (m *KmeshTracePointCompatMaps) Close() error { - return _KmeshTracePointCompatClose() -} - -// KmeshTracePointCompatPrograms contains all programs after they have been loaded into the kernel. -// -// It can be passed to LoadKmeshTracePointCompatObjects or ebpf.CollectionSpec.LoadAndAssign. -type KmeshTracePointCompatPrograms struct { - ConnectRet *ebpf.Program `ebpf:"connect_ret"` -} - -func (p *KmeshTracePointCompatPrograms) Close() error { - return _KmeshTracePointCompatClose( - p.ConnectRet, - ) -} - -func _KmeshTracePointCompatClose(closers ...io.Closer) error { - for _, closer := range closers { - if err := closer.Close(); err != nil { - return err - } - } - return nil -} - -// Do not access this directly. -// -//go:embed kmeshtracepointcompat_bpfel.o -var _KmeshTracePointCompatBytes []byte diff --git a/hack/golangci-lint-prepare.sh b/hack/golangci-lint-prepare.sh index 95383f9aa..c602f41e0 100755 --- a/hack/golangci-lint-prepare.sh +++ b/hack/golangci-lint-prepare.sh @@ -8,10 +8,6 @@ FILES=( "kmeshsockops_bpfeb.o" "kmeshsockopscompat_bpfeb.o" "kmeshsockopscompat_bpfel.o" - "kmeshtracepoint_bpfeb.o" - "kmeshtracepoint_bpfel.o" - "kmeshtracepointcompat_bpfeb.o" - "kmeshtracepointcompat_bpfel.o" ) mkdir -p "$TARGET_DIR" diff --git a/kernel/ko_src/kmesh/defer_connect.c b/kernel/ko_src/kmesh/defer_connect.c index 8540bb752..ffa2afe62 100644 --- a/kernel/ko_src/kmesh/defer_connect.c +++ b/kernel/ko_src/kmesh/defer_connect.c @@ -124,9 +124,8 @@ static int defer_connect_and_sendmsg(struct sock *sk, struct msghdr *msg, size_t struct socket *sock; int err = 0; - if (unlikely(inet_sk(sk)->bpf_defer_connect == 1)) { + if (unlikely(inet_sk(sk)->defer_connect == 1)) { lock_sock(sk); - inet_sk(sk)->defer_connect = 0; err = defer_connect(sk, msg, size); if (err) { @@ -155,27 +154,19 @@ static int defer_tcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t size) static int defer_tcp_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) { - /* Kmesh is not compatible with defer_connect, so we - * need to check whether defer_connect is set to 1. - * Kmesh reuses the defer_connect flag to enable the - * epoll to be triggered normally. - */ - if (inet_sk(sk)->defer_connect == 1) - return -ENOTSUPP; - /* bpf_defer_connect is 0 when you first enter the connection. + /* defer_connect is 0 when you first enter the connection. * When you delay link establishment from sendmsg, the value - * of bpf_defer_connect should be 1 and the normal connect function + * of defer_connect should be 1 and the normal connect function * needs to be used. */ - if (inet_sk(sk)->bpf_defer_connect) + if (inet_sk(sk)->defer_connect) return tcp_v4_connect(sk, uaddr, addr_len); - inet_sk(sk)->bpf_defer_connect = 1; inet_sk(sk)->defer_connect = 1; sk->sk_dport = ((struct sockaddr_in *)uaddr)->sin_port; sk_daddr_set(sk, ((struct sockaddr_in *)uaddr)->sin_addr.s_addr); sk->sk_socket->state = SS_CONNECTING; tcp_set_state(sk, TCP_SYN_SENT); - return KMESH_DELAY_ERROR; + return 0; } static int kmesh_build_proto(struct sock *sk) diff --git a/kmesh_compile_env_pre.sh b/kmesh_compile_env_pre.sh index 35b7162c6..b6dd03662 100644 --- a/kmesh_compile_env_pre.sh +++ b/kmesh_compile_env_pre.sh @@ -112,10 +112,8 @@ function kmesh_set_env(){ # adjust the range of BPF code compilation based on the kernel is enhanced function bpf_compile_range_adjust() { if [ "$ENHANCED_KERNEL" == "enhanced" ]; then - sed -i '/ads\/tracepoint\.c/s/\(.*\)generate/\/\/go:generate/' bpf/kmesh/bpf2go/bpf2go.go sed -i '/ads\/sockops\.c/s/\(.*\)generate/\/\/go:generate/' bpf/kmesh/bpf2go/bpf2go.go else - sed -i '/ads\/tracepoint\.c/s/\(.*\)generate/\/\/not go:generate/' bpf/kmesh/bpf2go/bpf2go.go sed -i '/ads\/sockops\.c/s/\(.*\)generate/\/\/not go:generate/' bpf/kmesh/bpf2go/bpf2go.go fi } diff --git a/pkg/bpf/ads/loader_enhanced.go b/pkg/bpf/ads/loader_enhanced.go index a8fc629e8..999ea6f75 100644 --- a/pkg/bpf/ads/loader_enhanced.go +++ b/pkg/bpf/ads/loader_enhanced.go @@ -37,17 +37,13 @@ import ( var log = logger.NewLoggerScope("bpf_ads") type BpfAds struct { - TracePoint BpfTracePoint - SockConn BpfSockConn - SockOps BpfSockOps - Tc *general.BpfTCGeneral + SockConn BpfSockConn + SockOps BpfSockOps + Tc *general.BpfTCGeneral } func NewBpfAds(cfg *options.BpfConfig) (*BpfAds, error) { sc := &BpfAds{} - if err := sc.TracePoint.NewBpf(cfg); err != nil { - return nil, err - } if err := sc.SockOps.NewBpf(cfg); err != nil { return nil, err @@ -110,8 +106,12 @@ func (sc *BpfAds) GetBpfLogLevelVariable() *ebpf.Variable { return sc.SockConn.BpfLogLevel } -func (sc *BpfAds) Load() error { - if err := sc.TracePoint.Load(); err != nil { +func (sc *BpfSockConn) RouteLoad() error { + err := sc.KmCgrptailcall.Update( + uint32(KMESH_TAIL_CALL_ROUTER_CONFIG), + uint32(sc.RouteConfigManager.FD()), + ebpf.UpdateAny) + if err != nil { return err } return nil @@ -171,10 +171,6 @@ func (sc *BpfAds) ApiEnvCfg() error { } func (sc *BpfAds) Attach() error { - if err := sc.TracePoint.Attach(); err != nil { - return err - } - if err := sc.SockOps.Attach(); err != nil { return err } @@ -186,10 +182,6 @@ func (sc *BpfAds) Attach() error { } func (sc *BpfAds) Detach() error { - if err := sc.TracePoint.Detach(); err != nil { - return err - } - if err := sc.SockOps.Detach(); err != nil { return err } diff --git a/pkg/bpf/ads/trace_point.go b/pkg/bpf/ads/trace_point.go deleted file mode 100644 index 1cafd4f7b..000000000 --- a/pkg/bpf/ads/trace_point.go +++ /dev/null @@ -1,135 +0,0 @@ -//go:build enhanced -// +build enhanced - -/* - * Copyright The Kmesh Authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package ads - -import ( - "os" - "path/filepath" - "syscall" - - "github.com/cilium/ebpf" - "github.com/cilium/ebpf/link" - - bpf2go "kmesh.net/kmesh/bpf/kmesh/bpf2go/kernelnative/enhanced" - "kmesh.net/kmesh/daemon/options" - "kmesh.net/kmesh/pkg/bpf/general" - "kmesh.net/kmesh/pkg/bpf/restart" - "kmesh.net/kmesh/pkg/constants" - helper "kmesh.net/kmesh/pkg/utils" -) - -type BpfTracePoint struct { - Info general.BpfInfo - Link link.Link - bpf2go.KmeshTracePointObjects -} - -func (sc *BpfTracePoint) NewBpf(cfg *options.BpfConfig) error { - sc.Info.MapPath = cfg.BpfFsPath + "/bpf_kmesh/map/" - sc.Info.BpfFsPath = cfg.BpfFsPath + "/bpf_kmesh/tracepoint/" - sc.Info.Cgroup2Path = cfg.Cgroup2Path - - if err := os.MkdirAll(sc.Info.MapPath, - syscall.S_IRUSR|syscall.S_IWUSR|syscall.S_IXUSR| - syscall.S_IRGRP|syscall.S_IXGRP); err != nil && !os.IsExist(err) { - return err - } - - if err := os.MkdirAll(sc.Info.BpfFsPath, - syscall.S_IRUSR|syscall.S_IWUSR|syscall.S_IXUSR| - syscall.S_IRGRP|syscall.S_IXGRP); err != nil && !os.IsExist(err) { - return err - } - - return nil -} - -func (sc *BpfTracePoint) loadKmeshTracePointObjects() (*ebpf.CollectionSpec, error) { - var ( - err error - spec *ebpf.CollectionSpec - opts ebpf.CollectionOptions - ) - if helper.KernelVersionLowerThan5_13() { - spec, err = bpf2go.LoadKmeshTracePointCompat() - } else { - spec, err = bpf2go.LoadKmeshTracePoint() - } - if err != nil || spec == nil { - return nil, err - } - - for _, v := range spec.Programs { - if v.Name == "connect_ret" { - v.Type = ebpf.RawTracepointWritable - } - } - - if err = spec.LoadAndAssign(&sc.KmeshTracePointObjects, &opts); err != nil { - return nil, err - } - - return spec, nil -} - -func (sc *BpfTracePoint) Load() error { - if _, err := sc.loadKmeshTracePointObjects(); err != nil { - return err - } - return nil -} - -func (sc *BpfTracePoint) Attach() error { - var err error - tpopt := link.RawTracepointOptions{ - Name: "connect_ret", - Program: sc.KmeshTracePointObjects.ConnectRet, - } - - pinPath := filepath.Join(sc.Info.BpfFsPath, constants.Prog_link) - if restart.GetStartType() == restart.Restart { - sc.Link, err = link.LoadPinnedLink(pinPath, &ebpf.LoadPinOptions{}) - if err != nil { - return err - } - } else { - sc.Link, err = link.AttachRawTracepoint(tpopt) - if err != nil { - return err - } - - if err := sc.Link.Pin(pinPath); err != nil { - return err - } - - } - return nil -} - -func (sc *BpfTracePoint) Detach() error { - if err := sc.KmeshTracePointObjects.Close(); err != nil { - return err - } - - if sc.Link != nil { - return sc.Link.Close() - } - return nil -} From b483787b8aa5eceed09b5dc3fa7d02dedc5bac59 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Wed, 12 Feb 2025 15:24:49 +0800 Subject: [PATCH 04/28] adapt helper func Signed-off-by: lec-bit --- bpf/include/bpf_helper_defs_ext.h | 40 +++++++-- bpf/kmesh/ads/cgroup_sock.c | 1 - bpf/kmesh/ads/include/kmesh_common.h | 10 +-- bpf/kmesh/ads/include/route_config.h | 81 +++++++------------ kernel/ko_src/kmesh/kmesh_parse_http_1_1.c | 12 +-- .../ko_src/kmesh/kmesh_parse_protocol_data.c | 58 +++++++++---- .../ko_src/kmesh/kmesh_parse_protocol_data.h | 12 ++- 7 files changed, 129 insertions(+), 85 deletions(-) diff --git a/bpf/include/bpf_helper_defs_ext.h b/bpf/include/bpf_helper_defs_ext.h index 7bd9549b8..f5979e035 100644 --- a/bpf/include/bpf_helper_defs_ext.h +++ b/bpf/include/bpf_helper_defs_ext.h @@ -10,9 +10,37 @@ * By default, these IDs are in the 5.10 kernel with kmesh kernel patches. */ -static void *(*bpf_strncpy)(char *dst, __u32 dst_size, char *src) = (void *)171; -static void *(*bpf_strnstr)(void *s1, void *s2, __u32 size) = (void *)172; -static __u64 (*bpf_strnlen)(char *buff, __u32 size) = (void *)173; -static __u64 (*bpf__strncmp)(const char *s1, __u32 s1_size, const char *s2) = (void *)174; -static long (*bpf_parse_header_msg)(struct bpf_mem_ptr *msg) = (void *)175; -static void *(*bpf_get_msg_header_element)(void *name) = (void *)176; +/* + * Description + * Look for the string corresponding to the key in the results of the + * previous bpf_parse_header_msg parsing of the message header, and + * Search for the target substring in the string. + * Return + * If found, return 1; otherwise, return 0. + */ +static long (*bpf_km_header_strnstr)( + struct bpf_sock_addr *ctx, const char *key, int key_sz, const char *subptr, int subptr_sz) = (void *)163; + +/* + * Description + * Look for the string corresponding to the key in the results of the + * previous bpf_parse_header_msg parsing of the message header, and + * compare it with the target string. Control whether it is an exact + * match or a prefix match through the opt. + * Return + * If the strings are same, return 0. + */ +static long (*bpf_km_header_strncmp)(const char *key, int key_sz, const char *target, int target_sz, int opt) = + (void *)164; + +/* + * Description + * Get the memory pointer from ctx's t_ctx and parse the string information + * stored within. In this use case, t_ctx must be the HTTP protocol message + * header. After parsing, the message information will be stored in a + * red-black tree for subsequent lookup. + * Return + * A HTTP PROTO TYPE is returned on success. + * **PROTO_UNKNOW** is returned if failure. + */ +static long (*bpf_parse_header_msg)(struct bpf_sock_addr *ctx) = (void *)165; diff --git a/bpf/kmesh/ads/cgroup_sock.c b/bpf/kmesh/ads/cgroup_sock.c index ae7fc838e..119be1bbe 100644 --- a/bpf/kmesh/ads/cgroup_sock.c +++ b/bpf/kmesh/ads/cgroup_sock.c @@ -43,7 +43,6 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) #if ENHANCED_KERNEL ret = bpf_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name_get, KMESH_MODULE_NAME_LEN); - BPF_LOG(DEBUG, KMESH, "kmesh_module_name_get:%s ret:%d\n", kmesh_module_name_get, ret); if (ret != 0 || bpf__strncmp(kmesh_module_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_name)) { ret = bpf_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name, sizeof(kmesh_module_name)); if (ret) diff --git a/bpf/kmesh/ads/include/kmesh_common.h b/bpf/kmesh/ads/include/kmesh_common.h index 07942678b..f57bf43af 100644 --- a/bpf/kmesh/ads/include/kmesh_common.h +++ b/bpf/kmesh/ads/include/kmesh_common.h @@ -20,9 +20,9 @@ #define BPF_LOGTYPE_COMMON BPF_DEBUG_ON #define BPF_LOGTYPE_CIRCUIT_BREAKER BPF_DEBUG_ON -#define BPF_OK 1 +#define BPF_OK 1 #define BPF_STRNCMP_DATA_MAX_LEN 16 -#define KMESH_MODULE_NAME_LEN 16 +#define KMESH_MODULE_NAME_LEN 16 #define _(P) \ ({ \ @@ -36,14 +36,13 @@ struct bpf_mem_ptr { __u32 size; }; -#if !ENHANCED_KERNEL static inline int bpf__strncmp(const char *dst, int n, const char *src) { if (dst == NULL || src == NULL) return -1; #pragma unroll - for (int i = 0; i < BPF_DATA_MAX_LEN; i++) { + for (int i = 0; i < BPF_STRNCMP_DATA_MAX_LEN; i++) { if (dst[i] != src[i]) return dst[i] - src[i]; else if (dst[i] == '\0' || i == n - 1) @@ -71,7 +70,6 @@ static inline char *bpf_strncpy(char *dst, int n, const char *src) } return dst; } -#endif typedef Core__SocketAddress address_t; @@ -83,6 +81,8 @@ enum kmesh_l7_proto_type { PROTO_UNKNOW = 0, PROTO_HTTP_1_1, PROTO_HTTP_2_0 }; enum kmesh_l7_msg_type { MSG_UNKNOW = 0, MSG_REQUEST, MSG_MID_REPONSE, MSG_FINAL_RESPONSE }; +enum kmesh_strncmp_type { STRNCMP_FAILED = 0, STRNCMP_PREFIX, STRNCMP_EXACT }; + #define KMESH_PROTO_TYPE_WIDTH (8) #define GET_RET_PROTO_TYPE(n) ((n)&0xff) #define GET_RET_MSG_TYPE(n) (((n) >> KMESH_PROTO_TYPE_WIDTH) & 0xff) diff --git a/bpf/kmesh/ads/include/route_config.h b/bpf/kmesh/ads/include/route_config.h index 956cead31..ef72f18ec 100644 --- a/bpf/kmesh/ads/include/route_config.h +++ b/bpf/kmesh/ads/include/route_config.h @@ -28,26 +28,16 @@ static inline Route__RouteConfiguration *map_lookup_route_config(const char *rou return kmesh_map_lookup_elem(&map_of_router_config, route_name); } -static inline int -virtual_host_match_check(Route__VirtualHost *virt_host, char *addr, ctx_buff_t *ctx, struct bpf_mem_ptr *host) +static inline int virtual_host_match_check( + Route__VirtualHost *virt_host, char *addr, ctx_buff_t *ctx, char *host_key, int host_key_len) { int i; void *domains = NULL; void *domain = NULL; void *ptr; __u32 ptr_length; - long target_length = bpf_strnlen(addr, BPF_DATA_MAX_LEN); - - if (!host || !addr) - return 0; - - ptr = _(host->ptr); - if (!ptr) - return 0; - - ptr_length = _(host->size); - if (!virt_host->domains) + if (!virt_host->domains || !addr) return 0; domains = KMESH_GET_PTR_VAL(_(virt_host->domains), void *); @@ -66,10 +56,10 @@ virtual_host_match_check(Route__VirtualHost *virt_host, char *addr, ctx_buff_t * if (((char *)domain)[0] == '*' && ((char *)domain)[1] == '\0') return 1; - if (bpf_strnstr(ptr, domain, ptr_length) != NULL) { + if (bpf_km_header_strnstr(ctx, host_key, host_key_len, domain, BPF_DATA_MAX_LEN) != 0) { return 1; } else { - if (bpf__strncmp(addr, target_length, domain) == 0) { + if (bpf__strncmp(addr, BPF_DATA_MAX_LEN, domain) == 0) { return 1; } } @@ -95,14 +85,7 @@ virtual_host_match(Route__RouteConfiguration *route_config, address_t *addr, ctx Route__VirtualHost *virt_host = NULL; Route__VirtualHost *virt_host_allow_any = NULL; char host_key[5] = {'H', 'o', 's', 't', '\0'}; - struct bpf_mem_ptr *host; - uint32_t dst_ip; - char *dst_ip_str; - - if (!addr) - return 0; - dst_ip = addr->ipv4; - dst_ip_str = ip2str(&dst_ip, true); + int host_key_len = 5; if (route_config->n_virtual_hosts <= 0 || route_config->n_virtual_hosts > KMESH_PER_VIRT_HOST_NUM) { BPF_LOG(WARN, ROUTER_CONFIG, "invalid virt hosts num=%d\n", route_config->n_virtual_hosts); @@ -115,12 +98,6 @@ virtual_host_match(Route__RouteConfiguration *route_config, address_t *addr, ctx return NULL; } - host = bpf_get_msg_header_element(host_key); - if (!host) { - BPF_LOG(ERR, ROUTER_CONFIG, "failed to get URI in msg\n"); - return NULL; - } - for (i = 0; i < KMESH_PER_VIRT_HOST_NUM; i++) { if (i >= route_config->n_virtual_hosts) { break; @@ -135,24 +112,28 @@ virtual_host_match(Route__RouteConfiguration *route_config, address_t *addr, ctx continue; } - if (virtual_host_match_check(virt_host, dst_ip_str, ctx, host)) + if (virtual_host_match_check(virt_host, addr, ctx, host_key, host_key_len)) { + BPF_LOG( + DEBUG, + ROUTER_CONFIG, + "match virtual_host, name=\"%s\"\n", + (char *)KMESH_GET_PTR_VAL(virt_host->name, char *)); return virt_host; + } } // allow_any as the default virt_host - if (virt_host_allow_any && virtual_host_match_check(virt_host_allow_any, dst_ip_str, ctx, host)) + if (virt_host_allow_any && virtual_host_match_check(virt_host_allow_any, addr, ctx, host_key, host_key_len)) return virt_host_allow_any; return NULL; } -static inline bool check_header_value_match(char *target, struct bpf_mem_ptr *head, bool exact) +static inline bool check_header_value_match(char *target, char *header_name, bool exact) { - BPF_LOG(DEBUG, ROUTER_CONFIG, "header match, is exact:%d value:%s\n", exact, target); - long target_length = bpf_strnlen(target, BPF_DATA_MAX_LEN); - if (!exact) - return (bpf__strncmp(target, target_length, _(head->ptr)) == 0); - if (target_length != _(head->size)) + int ret = 0; + ret = bpf_km_header_strncmp(header_name, BPF_DATA_MAX_LEN, target, BPF_DATA_MAX_LEN, exact); + if (ret != 0) return false; - return (bpf__strncmp(target, target_length, _(head->ptr)) == 0); + return true; } static inline bool check_headers_match(Route__RouteMatch *match) @@ -189,19 +170,15 @@ static inline bool check_headers_match(Route__RouteMatch *match) BPF_LOG(ERR, ROUTER_CONFIG, "failed to get match headers in route match\n"); return false; } - msg_header = (struct bpf_mem_ptr *)bpf_get_msg_header_element(header_name); - if (!msg_header) { - BPF_LOG(DEBUG, ROUTER_CONFIG, "failed to get header value form msg\n"); - return false; - } - BPF_LOG(DEBUG, ROUTER_CONFIG, "header match check, name:%s\n", header_name); + switch (header_match->header_match_specifier_case) { case ROUTE__HEADER_MATCHER__HEADER_MATCH_SPECIFIER_EXACT_MATCH: { config_header_value = KMESH_GET_PTR_VAL(header_match->exact_match, char *); if (config_header_value == NULL) { BPF_LOG(ERR, ROUTER_CONFIG, "failed to get config_header_value\n"); + return false; } - if (!check_header_value_match(config_header_value, msg_header, true)) { + if (!check_header_value_match(config_header_value, header_name, true)) { return false; } break; @@ -210,8 +187,9 @@ static inline bool check_headers_match(Route__RouteMatch *match) config_header_value = KMESH_GET_PTR_VAL(header_match->prefix_match, char *); if (config_header_value == NULL) { BPF_LOG(ERR, ROUTER_CONFIG, "prefix:failed to get config_header_value\n"); + return false; } - if (!check_header_value_match(config_header_value, msg_header, false)) { + if (!check_header_value_match(config_header_value, header_name, false)) { return false; } break; @@ -230,10 +208,8 @@ virtual_host_route_match_check(Route__Route *route, address_t *addr, ctx_buff_t Route__RouteMatch *match; char *prefix; void *ptr; - - ptr = _(msg->ptr); - if (!ptr) - return 0; + char uri[4] = {'U', 'R', 'I', '\0'}; + int uri_len = 4; if (!route->match) return 0; @@ -246,8 +222,9 @@ virtual_host_route_match_check(Route__Route *route, address_t *addr, ctx_buff_t if (!prefix) return 0; - if (bpf_strnstr(ptr, prefix, BPF_DATA_MAX_LEN) == NULL) + if (bpf_km_header_strnstr(ctx, uri, uri_len, prefix, BPF_DATA_MAX_LEN) == 0) { return 0; + } if (!check_headers_match(match)) return 0; @@ -399,4 +376,4 @@ int route_config_manager(ctx_buff_t *ctx) KMESH_TAIL_CALL_WITH_CTX(KMESH_TAIL_CALL_CLUSTER, ctx_key, ctx_val_1); return KMESH_TAIL_CALL_RET(ret); } -#endif \ No newline at end of file +#endif diff --git a/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c b/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c index bd1ee4a33..f0b9febe5 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c +++ b/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c @@ -36,9 +36,9 @@ enum state { ST_HEAD_END }; -u32 parse_http_1_1_request(const struct bpf_mem_ptr *msg); +int parse_http_1_1_request(const struct bpf_mem_ptr *msg); -u32 parse_http_1_1_respond(const struct bpf_mem_ptr *msg); +int parse_http_1_1_respond(const struct bpf_mem_ptr *msg); static enum state __parse_request_startline( const struct bpf_mem_ptr *msg, @@ -362,10 +362,10 @@ static bool parse_header(struct bpf_mem_ptr *context) return true; } -u32 parse_http_1_1_request(const struct bpf_mem_ptr *msg) +int parse_http_1_1_request(const struct bpf_mem_ptr *msg) { struct bpf_mem_ptr context = {0}; - u32 ret = 0; + int ret = 0; if (parse_request_startline(msg, &context) == false) { kmesh_protocol_data_clean_all(); return PROTO_UNKNOW; @@ -383,10 +383,10 @@ u32 parse_http_1_1_request(const struct bpf_mem_ptr *msg) return ret; } -u32 parse_http_1_1_respond(const struct bpf_mem_ptr *msg) +int parse_http_1_1_respond(const struct bpf_mem_ptr *msg) { struct bpf_mem_ptr context = {0}; - u32 ret = 0; + int ret = 0; if (parse_respose_startline(msg, &context) == false) { kmesh_protocol_data_clean_all(); return PROTO_UNKNOW; diff --git a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c index 7cbf9e091..589c8e35c 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c +++ b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c @@ -118,52 +118,82 @@ void kmesh_protocol_data_clean_allcpu(void) } } -typedef u32 (*bpf_parse_protocol_func)(struct bpf_mem_ptr *msg); +typedef int (*bpf_parse_protocol_func)(struct bpf_sock_addr_kern *ctx); extern bpf_parse_protocol_func parse_protocol_func; -typedef struct bpf_mem_ptr *(*bpf_get_protocol_element_func)(char *key); -extern bpf_get_protocol_element_func get_protocol_element_func; +typedef int (*bpf_km_header_strnstr_func)( + struct bpf_sock_addr_kern *ctx, const char *key, int key_sz, const char *subptr, int subptr_sz); +extern bpf_km_header_strnstr_func km_header_strnstr_func; -static u32 parse_protocol_impl(struct bpf_mem_ptr *msg) +typedef int (*bpf_km_header_strncmp_func)(const char *key, int key_sz, const char *target, int target_sz, int opt); +extern bpf_km_header_strncmp_func km_header_strncmp_func; + +static int parse_protocol_impl(struct bpf_sock_addr_kern *ctx) { - u32 ret; + int ret; struct msg_protocol *cur; kmesh_protocol_data_clean_all(); list_for_each_entry(cur, &g_protocol_list_head, list) { - if (!cur->parse_protocol_msg) + if (!cur->parse_protocol_msg || !ctx->t_ctx) continue; - ret = cur->parse_protocol_msg(msg); + ret = cur->parse_protocol_msg(ctx->t_ctx); if (ret) break; } return ret; } -static struct bpf_mem_ptr *get_protocol_element_impl(char *key) +static int bpf_km_header_strnstr_impl( + struct bpf_sock_addr_kern *ctx, const char *key, int key_sz, const char *subptr, int subptr_len) { - struct kmesh_data_node *data = kmesh_protocol_data_search(key); + struct bpf_mem_ptr *msg = NULL; + struct kmesh_data_node *data = NULL; + + data = kmesh_protocol_data_search(key); if (!data) - return NULL; - return &data->value; + return 0; + msg = &(data->value); + if (strnstr(msg->ptr, subptr, subptr_len) != NULL) + return 1; + return 0; +} + +static int bpf_km_header_strncmp_impl(const char *key, int key_sz, const char *target, int target_len, int opt) +{ + struct kmesh_data_node *data = NULL; + target_len = strnlen(target, target_len); + int ret = -1; + + data = kmesh_protocol_data_search(key); + if (!data) + return -1; + if (opt == STRNCMP_EXACT && ((data->value).size) == target_len) { + ret = strncmp((data->value).ptr, target, target_len); + } else if (opt == STRNCMP_PREFIX) { + ret = strncmp((data->value).ptr, target, target_len); + } + + return ret; } int __init proto_common_init(void) { parse_protocol_func = parse_protocol_impl; - get_protocol_element_func = get_protocol_element_impl; + km_header_strnstr_func = bpf_km_header_strnstr_impl; + km_header_strncmp_func = bpf_km_header_strncmp_impl; /* add protocol list */ g_kmesh_data_root = alloc_percpu(struct rb_root); if (!g_kmesh_data_root) return -ENOMEM; - return 0; } void __exit proto_common_exit(void) { parse_protocol_func = NULL; - get_protocol_element_func = NULL; + km_header_strnstr_func = NULL; + km_header_strncmp_func = NULL; kmesh_protocol_data_clean_allcpu(); free_percpu(g_kmesh_data_root); } diff --git a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h index 5ce5be236..20c8c86b3 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h +++ b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h @@ -12,11 +12,19 @@ #include #include #include +#include + +struct bpf_mem_ptr { + void *ptr; + __u32 size; +}; enum kmesh_l7_proto_type { PROTO_UNKNOW = 0, PROTO_HTTP_1_1, PROTO_HTTP_2_0 }; enum kmesh_l7_msg_type { MSG_UNKNOW = 0, MSG_REQUEST, MSG_MID_REPONSE, MSG_FINAL_RESPONSE }; +enum kmesh_strncmp_type { STRNCMP_FAILED = 0, STRNCMP_PREFIX, STRNCMP_EXACT }; + #define KMESH_PROTO_TYPE_WIDTH (8) #define SET_RET_PROTO_TYPE(n, type) (n) = (((n)&0xff00) | ((u32)(type)&0xff)) @@ -25,6 +33,8 @@ enum kmesh_l7_msg_type { MSG_UNKNOW = 0, MSG_REQUEST, MSG_MID_REPONSE, MSG_FINAL #define SET_RET_MSG_TYPE(n, type) (n) = (((n)&0xff) | (((u32)(type)&0xff) << KMESH_PROTO_TYPE_WIDTH)) #define GET_RET_MSG_TYPE(n) (((n) >> KMESH_PROTO_TYPE_WIDTH) & 0xff) +#define LOG(level, fmt, ...) printk(level "Kmesh_module: " fmt, ##__VA_ARGS__) + struct kmesh_data_node { struct rb_node node; char *keystring; @@ -33,7 +43,7 @@ struct kmesh_data_node { struct msg_protocol { struct list_head list; - u32 (*parse_protocol_msg)(const struct bpf_mem_ptr *msg); + int (*parse_protocol_msg)(const struct bpf_mem_ptr *msg); }; extern struct rb_root *g_kmesh_data_root; From 5ba7c6eacdb4a8f9fcf618e20d306c50ad959338 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Wed, 12 Feb 2025 15:27:22 +0800 Subject: [PATCH 05/28] add kernel module log Signed-off-by: lec-bit --- kernel/ko_src/kmesh/defer_connect.c | 10 +- kernel/ko_src/kmesh/kmesh_main.c | 8 +- kernel/ko_src/kmesh/kmesh_parse_http_1_1.c | 40 ++++-- .../ko_src/kmesh/kmesh_parse_protocol_data.c | 4 +- pkg/controller/controller.go | 2 + pkg/kolog/kolog.go | 123 ++++++++++++++++++ 6 files changed, 170 insertions(+), 17 deletions(-) create mode 100644 pkg/kolog/kolog.go diff --git a/kernel/ko_src/kmesh/defer_connect.c b/kernel/ko_src/kmesh/defer_connect.c index ffa2afe62..412419b7d 100644 --- a/kernel/ko_src/kmesh/defer_connect.c +++ b/kernel/ko_src/kmesh/defer_connect.c @@ -66,10 +66,13 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) goto connect; kbuf = (void *)kmalloc(kbuf_size, GFP_KERNEL); - if (!kbuf) + if (!kbuf) { + LOG(KERN_ERR, "kbuf kmalloc failed\n"); return -EFAULT; + } if (copy_from_user(kbuf, ubase, kbuf_size)) { + LOG(KERN_ERR, "copy_from_user failed\n"); err = -EFAULT; goto out; } @@ -104,6 +107,7 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) connect: err = sk->sk_prot->connect(sk, (struct sockaddr *)&uaddr, sizeof(struct sockaddr_in)); if (unlikely(err)) { + LOG(KERN_ERR, "connect failed:%d\n", err); tcp_set_state(sk, TCP_CLOSE); sk->sk_route_caps = 0; inet_sk(sk)->inet_dport = 0; @@ -192,8 +196,10 @@ static struct tcp_ulp_ops kmesh_defer_ulp_ops __read_mostly = { int __init defer_conn_init(void) { kmesh_defer_proto = kmalloc(sizeof(struct proto), GFP_ATOMIC); - if (!kmesh_defer_proto) + if (!kmesh_defer_proto) { + LOG(KERN_ERR, "kmesh_defer_proto kmalloc failed\n"); return -ENOMEM; + } *kmesh_defer_proto = tcp_prot; kmesh_defer_proto->connect = defer_tcp_connect; kmesh_defer_proto->sendmsg = defer_tcp_sendmsg; diff --git a/kernel/ko_src/kmesh/kmesh_main.c b/kernel/ko_src/kmesh/kmesh_main.c index 7eeaf29b1..7a7ba332e 100644 --- a/kernel/ko_src/kmesh/kmesh_main.c +++ b/kernel/ko_src/kmesh/kmesh_main.c @@ -19,12 +19,16 @@ static int __init kmesh_init(void) int ret; ret = defer_conn_init(); - if (ret) + if (ret) { + LOG(KERN_ERR, "defer_conn_init failed:%d\n", ret); return ret; + } ret = proto_common_init(); - if (ret) + if (ret) { + LOG(KERN_ERR, "proto_common_init failed:%d\n", ret); return ret; + } ret = kmesh_register_http_1_1_init(); return ret; diff --git a/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c b/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c index f0b9febe5..b48c3f565 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c +++ b/kernel/ko_src/kmesh/kmesh_parse_http_1_1.c @@ -121,6 +121,8 @@ static enum state __parse_request_startline( } failed: + if (current_state != ST_FIELD_NAME_START) + LOG(KERN_ERR, "__parse_request_startline failed, current_state:%d, char: %c\n", current_state, ch); return current_state; } @@ -131,8 +133,10 @@ static bool parse_request_startline(const struct bpf_mem_ptr *msg, struct bpf_me struct kmesh_data_node *URI = new_kmesh_data_node(URI_STRING_LENGTH); struct kmesh_data_node *http_version = new_kmesh_data_node(VERSION_STRING_LENGTH); - if (IS_ERR(method) || IS_ERR(URI) || IS_ERR(http_version)) + if (IS_ERR(method) || IS_ERR(URI) || IS_ERR(http_version)) { + LOG(KERN_ERR, "parse_request new kmesh_data_node failed\n"); goto failed; + } current_state = __parse_request_startline(msg, context, method, URI, http_version); if (current_state != ST_FIELD_NAME_START) @@ -232,6 +236,8 @@ static enum state __parse_respose_startline( } } failed: + if (current_state != ST_FIELD_NAME_START) + LOG(KERN_ERR, "__parse_respose_startline failed, current_state:%d, char: %c\n", current_state, ch); return current_state; } @@ -242,8 +248,10 @@ static bool parse_respose_startline(const struct bpf_mem_ptr *msg, struct bpf_me struct kmesh_data_node *status_code = new_kmesh_data_node(STATUS_STRING_LENGTH); struct kmesh_data_node *reason = new_kmesh_data_node(REASON_STRING_LENGTH); - if (IS_ERR(http_version) || IS_ERR(status_code) || IS_ERR(reason)) + if (IS_ERR(http_version) || IS_ERR(status_code) || IS_ERR(reason)) { + LOG(KERN_ERR, "parse_respose new kmesh_data_node failed\n"); goto failed; + } current_state = __parse_respose_startline(msg, context, http_version, status_code, reason); if (current_state != ST_FIELD_NAME_START) @@ -279,8 +287,10 @@ static bool parse_header(struct bpf_mem_ptr *context) ch = ((char *)context->ptr)[i]; switch (current_state) { case ST_FIELD_NAME_START: - if (ch == FIELD_SPLIT) + if (ch == FIELD_SPLIT) { + LOG(KERN_ERR, "Invalid field split detected, char:%c, current_state:%d\n", ch, current_state); return false; + } if (ch == CR) { current_state = ST_HEAD_END; break; @@ -315,15 +325,20 @@ static bool parse_header(struct bpf_mem_ptr *context) current_state = ST_NEW_LINE; break; case ST_NEW_LINE: - if (unlikely(ch != LF)) + if (unlikely(ch != LF)) { + LOG(KERN_ERR, "Expected LF but got another character:%c, current_state:%d\n", ch, current_state); return false; - if (field_name_end_position < field_name_begin_position) - return false; - if (field_value_end_position < field_value_begin_position) + } + if (field_name_end_position < field_name_begin_position + || field_value_end_position < field_value_begin_position) { + LOG(KERN_ERR, "Invalid field name or value positions, char:%c, current_state:%d\n", ch, current_state); return false; + } new_field = new_kmesh_data_node(field_name_end_position - field_name_begin_position + 2); - if (IS_ERR(new_field)) + if (IS_ERR(new_field)) { + LOG(KERN_ERR, "Failed to create new field node, char:%c, current_state:%d\n", ch, current_state); return false; + } (void)strncpy( new_field->keystring, ((char *)context->ptr) + field_name_begin_position, @@ -347,8 +362,10 @@ static bool parse_header(struct bpf_mem_ptr *context) current_state = ST_FIELD_NAME_START; break; case ST_HEAD_END: - if (ch != LF) + if (ch != LF) { + LOG(KERN_ERR, "Expected LF but got another character:%c, current_state:%d\n", ch, current_state); return false; + } head_end = true; break; default: @@ -356,9 +373,10 @@ static bool parse_header(struct bpf_mem_ptr *context) break; } } - if (current_state != ST_HEAD_END) + if (current_state != ST_HEAD_END) { + LOG(KERN_ERR, "parse_header failed, current_state:%d\n", current_state); return false; - + } return true; } diff --git a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c index 589c8e35c..cc2a831aa 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c +++ b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c @@ -15,14 +15,14 @@ struct kmesh_data_node *new_kmesh_data_node(u32 name_field_length) { struct kmesh_data_node *new = (struct kmesh_data_node *)kmalloc(sizeof(struct kmesh_data_node), GFP_ATOMIC); if (unlikely(!new)) { - (void)pr_err("[kmesh data node] alloc data node memory failed! no memory!\n"); + LOG(KERN_ERR, "alloc data node memory failed! no memory!\n"); return ERR_PTR(-ENOMEM); } (void)memset(new, 0x0, sizeof(struct kmesh_data_node)); new->keystring = (char *)kmalloc(name_field_length * sizeof(char), GFP_ATOMIC); if (unlikely(!new->keystring)) { kfree(new); - (void)pr_err("[kmesh data node] alloc data node key memory failed! no memory!\n"); + LOG(KERN_ERR, "alloc data node key memory failed! no memory!\n"); return ERR_PTR(-ENOMEM); } (void)memset(new->keystring, 0x0, sizeof(char) * name_field_length); diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go index 15689729f..8ded81bac 100644 --- a/pkg/controller/controller.go +++ b/pkg/controller/controller.go @@ -32,6 +32,7 @@ import ( manage "kmesh.net/kmesh/pkg/controller/manage" "kmesh.net/kmesh/pkg/controller/security" "kmesh.net/kmesh/pkg/dns" + "kmesh.net/kmesh/pkg/kolog" "kmesh.net/kmesh/pkg/kube" "kmesh.net/kmesh/pkg/logger" helper "kmesh.net/kmesh/pkg/utils" @@ -107,6 +108,7 @@ func (c *Controller) Start(stopCh <-chan struct{}) error { } kmeshManageController, err = manage.NewKmeshManageController(clientset, secertManager, c.bpfWorkloadObj.XdpAuth.XdpAuthz.FD(), tcFd, c.mode) } else { + kolog.KmeshModuleLog(stopCh) kmeshManageController, err = manage.NewKmeshManageController(clientset, nil, -1, tcFd, c.mode) } if err != nil { diff --git a/pkg/kolog/kolog.go b/pkg/kolog/kolog.go new file mode 100644 index 000000000..08ed4f55b --- /dev/null +++ b/pkg/kolog/kolog.go @@ -0,0 +1,123 @@ +/* + * Copyright The Kmesh Authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package kolog + +import ( + "bufio" + "fmt" + "os" + "strconv" + "strings" + "time" + + "kmesh.net/kmesh/pkg/logger" +) + +var ( + log = logger.NewLoggerScope("Kmesh_module") +) + +// Used for timestamp conversion +func getBootTime() (time.Time, error) { + data, err := os.ReadFile("/proc/stat") + if err != nil { + return time.Time{}, err + } + + for _, line := range strings.Split(string(data), "\n") { + if strings.HasPrefix(line, "btime ") { + parts := strings.Fields(line) + if len(parts) < 2 { + continue + } + btime, err := strconv.ParseInt(parts[1], 10, 64) + if err != nil { + return time.Time{}, err + } + return time.Unix(btime, 0), nil + } + } + return time.Time{}, fmt.Errorf("btime not found") +} + +// Convert to a readable time:dataTime +func timeParse(timestamp uint64, bootTime time.Time) time.Time { + totalNano := (timestamp) * uint64(time.Microsecond) + return bootTime.Add(time.Duration(totalNano)) +} + +func parseKmsgLine(line string, bootTime time.Time, appStartTimestamp uint64) { + parts := strings.Split(line, ",") + if len(parts) < 3 { + return + } + + // parse timestamp + timestampStr := strings.TrimSpace(parts[2]) + timestamp, err := strconv.ParseUint(timestampStr, 10, 64) + if err != nil { + log.Printf("Parse timestamp error: %v", err) + return + } + + if timestamp < appStartTimestamp { + return + } + eventTime := timeParse(timestamp, bootTime) + + // parse is Kmesh log + if strings.Contains(line, "Kmesh_module") { + // The log print will add a '\n' at the end again, + // so the original string's '\n' needs to be removed. + line = strings.TrimSuffix(line, "\n") + log.Printf("[%s] %s\n", eventTime.Format(time.DateTime), line) + } +} + +func KmeshModuleLog(stopCh <-chan struct{}) { + go func() { + bootTime, err := getBootTime() + if err != nil { + log.Fatalf("getBootTime: %v", err) + } + startTimestamp := uint64(time.Now().UnixMicro() - bootTime.UnixMicro()) + + file, err := os.Open("/dev/kmsg") + if err != nil { + log.Fatalf("open /dev/kmsg failed: %v", err) + } + defer file.Close() + + reader := bufio.NewReader(file) + for { + select { + case <-stopCh: + return + default: + line, err := reader.ReadString('\n') + if err != nil { + if err.Error() == "EOF" { + time.Sleep(100 * time.Millisecond) + continue + } + log.Fatalf("ReadString err: %v", err) + } + parseKmsgLine(line, bootTime, startTimestamp) + } + } + }() +} From 9abee7c0dabd871c0daae173a130e5b8907ba7ea Mon Sep 17 00:00:00 2001 From: lec-bit Date: Mon, 24 Feb 2025 21:11:37 +0800 Subject: [PATCH 06/28] optimize Signed-off-by: lec-bit --- bpf/kmesh/ads/cgroup_sock.c | 2 +- bpf/kmesh/ads/include/route_config.h | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bpf/kmesh/ads/cgroup_sock.c b/bpf/kmesh/ads/cgroup_sock.c index 119be1bbe..676894708 100644 --- a/bpf/kmesh/ads/cgroup_sock.c +++ b/bpf/kmesh/ads/cgroup_sock.c @@ -50,7 +50,7 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) return 0; } #endif - ret = listener_manager(ctx, listener, ctx); + ret = listener_manager(ctx, listener, NULL); if (ret != 0) { BPF_LOG(ERR, KMESH, "listener_manager failed, ret %d\n", ret); } diff --git a/bpf/kmesh/ads/include/route_config.h b/bpf/kmesh/ads/include/route_config.h index ef72f18ec..82c37fe3f 100644 --- a/bpf/kmesh/ads/include/route_config.h +++ b/bpf/kmesh/ads/include/route_config.h @@ -28,8 +28,8 @@ static inline Route__RouteConfiguration *map_lookup_route_config(const char *rou return kmesh_map_lookup_elem(&map_of_router_config, route_name); } -static inline int virtual_host_match_check( - Route__VirtualHost *virt_host, char *addr, ctx_buff_t *ctx, char *host_key, int host_key_len) +static inline int +virtual_host_match_check(Route__VirtualHost *virt_host, char *addr, ctx_buff_t *ctx, char *host_key, int host_key_len) { int i; void *domains = NULL; @@ -56,7 +56,7 @@ static inline int virtual_host_match_check( if (((char *)domain)[0] == '*' && ((char *)domain)[1] == '\0') return 1; - if (bpf_km_header_strnstr(ctx, host_key, host_key_len, domain, BPF_DATA_MAX_LEN) != 0) { + if (bpf_km_header_strnstr(ctx, host_key, host_key_len, domain, BPF_DATA_MAX_LEN)) { return 1; } else { if (bpf__strncmp(addr, BPF_DATA_MAX_LEN, domain) == 0) { @@ -222,7 +222,7 @@ virtual_host_route_match_check(Route__Route *route, address_t *addr, ctx_buff_t if (!prefix) return 0; - if (bpf_km_header_strnstr(ctx, uri, uri_len, prefix, BPF_DATA_MAX_LEN) == 0) { + if (!bpf_km_header_strnstr(ctx, uri, uri_len, prefix, BPF_DATA_MAX_LEN)) { return 0; } From e77e611c264a8d30d2c094dfa5b3a7e52abdacab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Feb 2025 16:28:16 +0000 Subject: [PATCH 07/28] Bump the k8s-io group with 5 updates Bumps the k8s-io group with 5 updates: | Package | From | To | | --- | --- | --- | | [k8s.io/api](https://github.com/kubernetes/api) | `0.32.1` | `0.32.2` | | [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.32.1` | `0.32.2` | | [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) | `0.32.1` | `0.32.2` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.32.1` | `0.32.2` | | [k8s.io/kubectl](https://github.com/kubernetes/kubectl) | `0.32.1` | `0.32.2` | Updates `k8s.io/api` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/api/compare/v0.32.1...v0.32.2) Updates `k8s.io/apimachinery` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.1...v0.32.2) Updates `k8s.io/cli-runtime` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.32.1...v0.32.2) Updates `k8s.io/client-go` from 0.32.1 to 0.32.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.32.1...v0.32.2) Updates `k8s.io/kubectl` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/kubectl/compare/v0.32.1...v0.32.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-io - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-io - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-io - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-io - dependency-name: k8s.io/kubectl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-io ... Signed-off-by: dependabot[bot] --- go.mod | 12 ++++++------ go.sum | 24 ++++++++++++------------ 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/go.mod b/go.mod index 73abbcfa9..d8d1552ea 100644 --- a/go.mod +++ b/go.mod @@ -31,11 +31,11 @@ require ( istio.io/api v1.24.2 istio.io/istio v0.0.0-20241214032803-7754674f65d3 istio.io/pkg v0.0.0-20231221211216-7635388a563e - k8s.io/api v0.32.1 - k8s.io/apimachinery v0.32.1 - k8s.io/cli-runtime v0.32.1 - k8s.io/client-go v0.32.1 - k8s.io/kubectl v0.32.1 + k8s.io/api v0.32.2 + k8s.io/apimachinery v0.32.2 + k8s.io/cli-runtime v0.32.2 + k8s.io/client-go v0.32.2 + k8s.io/kubectl v0.32.2 k8s.io/utils v0.0.0-20241210054802-24370beab758 sigs.k8s.io/gateway-api v1.2.1 sigs.k8s.io/yaml v1.4.0 @@ -226,7 +226,7 @@ require ( istio.io/client-go v1.24.2-0.20241206152608-3892aa679051 // indirect k8s.io/apiextensions-apiserver v0.32.0 // indirect k8s.io/apiserver v0.32.0 // indirect - k8s.io/component-base v0.32.1 // indirect + k8s.io/component-base v0.32.2 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect sigs.k8s.io/controller-runtime v0.19.3 // indirect diff --git a/go.sum b/go.sum index fa8c47821..fae8d36fd 100644 --- a/go.sum +++ b/go.sum @@ -671,26 +671,26 @@ istio.io/istio v0.0.0-20241214032803-7754674f65d3 h1:remhEc2PJofM+dUQezuaESREq/Q istio.io/istio v0.0.0-20241214032803-7754674f65d3/go.mod h1:RPdKjH/j6aK3Xrt1AmHJyczLuVl/Ox2NqaGE+6DzOn4= istio.io/pkg v0.0.0-20231221211216-7635388a563e h1:ZlLVbKDlCzfP0MPbWc6VRcY23d9NdjLxwpPQpDrh3Gc= istio.io/pkg v0.0.0-20231221211216-7635388a563e/go.mod h1:fvmqEdHhZjYYwf6dSiIwvwc7db54kMWVTfsb91KmhzY= -k8s.io/api v0.32.1 h1:f562zw9cy+GvXzXf0CKlVQ7yHJVYzLfL6JAS4kOAaOc= -k8s.io/api v0.32.1/go.mod h1:/Yi/BqkuueW1BgpoePYBRdDYfjPF5sgTr5+YqDZra5k= +k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= +k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= k8s.io/apiextensions-apiserver v0.32.0 h1:S0Xlqt51qzzqjKPxfgX1xh4HBZE+p8KKBq+k2SWNOE0= k8s.io/apiextensions-apiserver v0.32.0/go.mod h1:86hblMvN5yxMvZrZFX2OhIHAuFIMJIZ19bTvzkP+Fmw= -k8s.io/apimachinery v0.32.1 h1:683ENpaCBjma4CYqsmZyhEzrGz6cjn1MY/X2jB2hkZs= -k8s.io/apimachinery v0.32.1/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/apimachinery v0.32.2 h1:yoQBR9ZGkA6Rgmhbp/yuT9/g+4lxtsGYwW6dR6BDPLQ= +k8s.io/apimachinery v0.32.2/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= k8s.io/apiserver v0.32.0 h1:VJ89ZvQZ8p1sLeiWdRJpRD6oLozNZD2+qVSLi+ft5Qs= k8s.io/apiserver v0.32.0/go.mod h1:HFh+dM1/BE/Hm4bS4nTXHVfN6Z6tFIZPi649n83b4Ag= -k8s.io/cli-runtime v0.32.1 h1:19nwZPlYGJPUDbhAxDIS2/oydCikvKMHsxroKNGA2mM= -k8s.io/cli-runtime v0.32.1/go.mod h1:NJPbeadVFnV2E7B7vF+FvU09mpwYlZCu8PqjzfuOnkY= -k8s.io/client-go v0.32.1 h1:otM0AxdhdBIaQh7l1Q0jQpmo7WOFIk5FFa4bg6YMdUU= -k8s.io/client-go v0.32.1/go.mod h1:aTTKZY7MdxUaJ/KiUs8D+GssR9zJZi77ZqtzcGXIiDg= -k8s.io/component-base v0.32.1 h1:/5IfJ0dHIKBWysGV0yKTFfacZ5yNV1sulPh3ilJjRZk= -k8s.io/component-base v0.32.1/go.mod h1:j1iMMHi/sqAHeG5z+O9BFNCF698a1u0186zkjMZQ28w= +k8s.io/cli-runtime v0.32.2 h1:aKQR4foh9qeyckKRkNXUccP9moxzffyndZAvr+IXMks= +k8s.io/cli-runtime v0.32.2/go.mod h1:a/JpeMztz3xDa7GCyyShcwe55p8pbcCVQxvqZnIwXN8= +k8s.io/client-go v0.32.2 h1:4dYCD4Nz+9RApM2b/3BtVvBHw54QjMFUl1OLcJG5yOA= +k8s.io/client-go v0.32.2/go.mod h1:fpZ4oJXclZ3r2nDOv+Ux3XcJutfrwjKTCHz2H3sww94= +k8s.io/component-base v0.32.2 h1:1aUL5Vdmu7qNo4ZsE+569PV5zFatM9hl+lb3dEea2zU= +k8s.io/component-base v0.32.2/go.mod h1:PXJ61Vx9Lg+P5mS8TLd7bCIr+eMJRQTyXe8KvkrvJq0= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 h1:hcha5B1kVACrLujCKLbr8XWMxCxzQx42DY8QKYJrDLg= k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7/go.mod h1:GewRfANuJ70iYzvn+i4lezLDAFzvjxZYK1gn1lWcfas= -k8s.io/kubectl v0.32.1 h1:/btLtXLQUU1rWx8AEvX9jrb9LaI6yeezt3sFALhB8M8= -k8s.io/kubectl v0.32.1/go.mod h1:sezNuyWi1STk4ZNPVRIFfgjqMI6XMf+oCVLjZen/pFQ= +k8s.io/kubectl v0.32.2 h1:TAkag6+XfSBgkqK9I7ZvwtF0WVtUAvK8ZqTt+5zi1Us= +k8s.io/kubectl v0.32.2/go.mod h1:+h/NQFSPxiDZYX/WZaWw9fwYezGLISP0ud8nQKg+3g8= k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 h1:CPT0ExVicCzcpeN4baWEV2ko2Z/AsiZgEdwgcfwLgMo= From f7c0e517e3748e9fd6d269c943de9ba68f06e72c Mon Sep 17 00:00:00 2001 From: lec-bit Date: Tue, 25 Feb 2025 16:46:33 +0800 Subject: [PATCH 08/28] optimize kolog Signed-off-by: lec-bit --- pkg/kolog/kolog.go | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/pkg/kolog/kolog.go b/pkg/kolog/kolog.go index 08ed4f55b..4add5f19d 100644 --- a/pkg/kolog/kolog.go +++ b/pkg/kolog/kolog.go @@ -33,12 +33,13 @@ var ( // Used for timestamp conversion func getBootTime() (time.Time, error) { - data, err := os.ReadFile("/proc/stat") + data, err := os.Open("/proc/stat") if err != nil { return time.Time{}, err } - - for _, line := range strings.Split(string(data), "\n") { + scanner := bufio.NewScanner(data) + for scanner.Scan() { + line := scanner.Text() if strings.HasPrefix(line, "btime ") { parts := strings.Fields(line) if len(parts) < 2 { @@ -84,7 +85,7 @@ func parseKmsgLine(line string, bootTime time.Time, appStartTimestamp uint64) { // The log print will add a '\n' at the end again, // so the original string's '\n' needs to be removed. line = strings.TrimSuffix(line, "\n") - log.Printf("[%s] %s\n", eventTime.Format(time.DateTime), line) + log.Printf("[%s] %s", eventTime.Format(time.DateTime), line) } } @@ -92,31 +93,27 @@ func KmeshModuleLog(stopCh <-chan struct{}) { go func() { bootTime, err := getBootTime() if err != nil { - log.Fatalf("getBootTime: %v", err) + log.Errorf("getBootTime: %v, ko log time is inaccurate", err) } startTimestamp := uint64(time.Now().UnixMicro() - bootTime.UnixMicro()) file, err := os.Open("/dev/kmsg") if err != nil { - log.Fatalf("open /dev/kmsg failed: %v", err) + log.Errorf("open /dev/kmsg failed: %v, Failed to read ko log", err) + return } defer file.Close() - reader := bufio.NewReader(file) + scanner := bufio.NewScanner(file) for { select { case <-stopCh: return default: - line, err := reader.ReadString('\n') - if err != nil { - if err.Error() == "EOF" { - time.Sleep(100 * time.Millisecond) - continue - } - log.Fatalf("ReadString err: %v", err) + if scanner.Scan() { + line := scanner.Text() + parseKmsgLine(line, bootTime, startTimestamp) } - parseKmsgLine(line, bootTime, startTimestamp) } } }() From d95091149bda4bcac5ac00b4d7325cfc240f4481 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Tue, 25 Feb 2025 18:47:40 +0800 Subject: [PATCH 09/28] optimize bpf_getsockopt ret judgment Signed-off-by: lec-bit --- bpf/kmesh/ads/cgroup_sock.c | 4 ++-- bpf/kmesh/ads/include/kmesh_common.h | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/bpf/kmesh/ads/cgroup_sock.c b/bpf/kmesh/ads/cgroup_sock.c index 676894708..ca125cda8 100644 --- a/bpf/kmesh/ads/cgroup_sock.c +++ b/bpf/kmesh/ads/cgroup_sock.c @@ -19,7 +19,7 @@ #if KMESH_ENABLE_HTTP static const char kmesh_module_name[] = "kmesh_defer"; -static char kmesh_module_name_get[KMESH_MODULE_NAME_LEN]; +static char kmesh_module_name_get[KMESH_MODULE_NAME_LEN] = ""; static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) { int ret; @@ -43,7 +43,7 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) #if ENHANCED_KERNEL ret = bpf_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name_get, KMESH_MODULE_NAME_LEN); - if (ret != 0 || bpf__strncmp(kmesh_module_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_name)) { + if (CHECK_MODULE_NAME_NULL(ret) || bpf__strncmp(kmesh_module_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_name)) { ret = bpf_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name, sizeof(kmesh_module_name)); if (ret) BPF_LOG(ERR, KMESH, "bpf set sockopt failed! ret %d\n", ret); diff --git a/bpf/kmesh/ads/include/kmesh_common.h b/bpf/kmesh/ads/include/kmesh_common.h index f57bf43af..b1a35d91f 100644 --- a/bpf/kmesh/ads/include/kmesh_common.h +++ b/bpf/kmesh/ads/include/kmesh_common.h @@ -87,4 +87,6 @@ enum kmesh_strncmp_type { STRNCMP_FAILED = 0, STRNCMP_PREFIX, STRNCMP_EXACT }; #define GET_RET_PROTO_TYPE(n) ((n)&0xff) #define GET_RET_MSG_TYPE(n) (((n) >> KMESH_PROTO_TYPE_WIDTH) & 0xff) +#define CHECK_MODULE_NAME_NULL(ret) ((ret) == -EINVAL) + #endif // _KMESH_COMMON_H_ From 4387553402219732e4f4a93e758e09c302a1cd3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Feb 2025 15:47:41 +0000 Subject: [PATCH 10/28] Bump github.com/safchain/ethtool from 0.5.9 to 0.5.10 Bumps [github.com/safchain/ethtool](https://github.com/safchain/ethtool) from 0.5.9 to 0.5.10. - [Release notes](https://github.com/safchain/ethtool/releases) - [Commits](https://github.com/safchain/ethtool/compare/v0.5.9...v0.5.10) --- updated-dependencies: - dependency-name: github.com/safchain/ethtool dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index d8d1552ea..36ed0d86b 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,7 @@ require ( github.com/miekg/dns v1.1.62 github.com/prometheus/client_golang v1.20.5 github.com/prometheus/common v0.61.0 - github.com/safchain/ethtool v0.5.9 + github.com/safchain/ethtool v0.5.10 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.1 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index fae8d36fd..1f28bb4e8 100644 --- a/go.sum +++ b/go.sum @@ -378,8 +378,8 @@ github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= -github.com/safchain/ethtool v0.5.9 h1://6RvaOKFf3nQ0rl5+8zBbE4/72455VC9Jq61pfq67E= -github.com/safchain/ethtool v0.5.9/go.mod h1:w8oSsZeowyRaM7xJJBAbubzzrOkwO8TBgPSEqPP/5mg= +github.com/safchain/ethtool v0.5.10 h1:Im294gZtuf4pSGJRAOGKaASNi3wMeFaGaWuSaomedpc= +github.com/safchain/ethtool v0.5.10/go.mod h1:w9jh2Lx7YBR4UwzLkzCmWl85UY0W2uZdd7/DckVE5+c= github.com/sagikazarmark/locafero v0.6.0 h1:ON7AQg37yzcRPU69mt7gwhFEBwxI6P9T4Qu3N51bwOk= github.com/sagikazarmark/locafero v0.6.0/go.mod h1:77OmuIc6VTraTXKXIs/uvUxKGUXjE1GbemJYHqdNjX0= github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= @@ -563,7 +563,7 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= From 74e1ad5082319a97a37c868b2347d41c33215b18 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Feb 2025 15:26:44 +0000 Subject: [PATCH 11/28] Bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.5 to 1.21.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.20.5...v1.21.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 36ed0d86b..c7c94b200 100644 --- a/go.mod +++ b/go.mod @@ -16,8 +16,8 @@ require ( github.com/fsnotify/fsnotify v1.8.0 github.com/hashicorp/go-multierror v1.1.1 github.com/miekg/dns v1.1.62 - github.com/prometheus/client_golang v1.20.5 - github.com/prometheus/common v0.61.0 + github.com/prometheus/client_golang v1.21.0 + github.com/prometheus/common v0.62.0 github.com/safchain/ethtool v0.5.10 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.1 diff --git a/go.sum b/go.sum index 1f28bb4e8..019d17518 100644 --- a/go.sum +++ b/go.sum @@ -354,13 +354,13 @@ github.com/planetscale/vtprotobuf v0.6.1-0.20240409071808-615f978279ca/go.mod h1 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= -github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.21.0 h1:DIsaGmiaBkSangBgMtWdNfxbMNdku5IK6iNhrEqWvdA= +github.com/prometheus/client_golang v1.21.0/go.mod h1:U9NM32ykUErtVBxdvD3zfi+EuFkkaBvMb09mIfe0Zgg= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.61.0 h1:3gv/GThfX0cV2lpO7gkTUwZru38mxevy90Bj8YFSRQQ= -github.com/prometheus/common v0.61.0/go.mod h1:zr29OCN/2BsJRaFwG8QOBr41D6kkchKbpeNH7pAjb/s= +github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= +github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/prometheus/prometheus v0.300.1 h1:9KKcTTq80gkzmXW0Et/QCFSrBPgmwiS3Hlcxc6o8KlM= From 8ac8faa855d75aa005b9b34505b77d517cc97018 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Feb 2025 22:19:37 +0000 Subject: [PATCH 12/28] Bump github.com/go-jose/go-jose/v3 in the go_modules group Bumps the go_modules group with 1 update: [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose). Updates `github.com/go-jose/go-jose/v3` from 3.0.3 to 3.0.4 - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 36ed0d86b..147489685 100644 --- a/go.mod +++ b/go.mod @@ -82,7 +82,7 @@ require ( github.com/florianl/go-nflog/v2 v2.1.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-errors/errors v1.5.1 // indirect - github.com/go-jose/go-jose/v3 v3.0.3 // indirect + github.com/go-jose/go-jose/v3 v3.0.4 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect diff --git a/go.sum b/go.sum index 1f28bb4e8..da0dfc1f9 100644 --- a/go.sum +++ b/go.sum @@ -128,8 +128,8 @@ github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-errors/errors v1.5.1 h1:ZwEMSLRCapFLflTpT7NKaAc7ukJ8ZPEjzlxt8rPN8bk= github.com/go-errors/errors v1.5.1/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= -github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= +github.com/go-jose/go-jose/v3 v3.0.4 h1:Wp5HA7bLQcKnf6YYao/4kpRpVMp/yf6+pJKV8WFSaNY= +github.com/go-jose/go-jose/v3 v3.0.4/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= github.com/go-jose/go-jose/v4 v4.0.2 h1:R3l3kkBds16bO7ZFAEEcofK0MkrAJt3jlJznWZG0nvk= github.com/go-jose/go-jose/v4 v4.0.2/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= From bfa4e00ea2de9554e7162dd9927f1f1a169ab528 Mon Sep 17 00:00:00 2001 From: weli-l <1289113577@qq.com> Date: Thu, 27 Feb 2025 09:51:27 +0800 Subject: [PATCH 13/28] optimizie xdp auth Signed-off-by: weli-l <1289113577@qq.com> --- bpf/kmesh/workload/include/authz.h | 18 +++++++++--------- bpf/kmesh/workload/xdp.c | 1 + 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/bpf/kmesh/workload/include/authz.h b/bpf/kmesh/workload/include/authz.h index 0db08768b..642434706 100644 --- a/bpf/kmesh/workload/include/authz.h +++ b/bpf/kmesh/workload/include/authz.h @@ -35,6 +35,7 @@ struct match_context { __u8 policy_index; bool need_tailcall_to_userspace; __u8 n_rules; + int auth_result; wl_policies_v *policies; void *rulesPtr; }; @@ -573,7 +574,11 @@ int policies_check(struct xdp_md *ctx) } policy = map_lookup_authz(policyId); if (!policy) { - return XDP_PASS; + if (match_ctx->need_tailcall_to_userspace) { + bpf_tail_call(ctx, &map_of_xdp_tailcall, TAIL_CALL_AUTH_IN_USER_SPACE); + return XDP_PASS; + } + return match_ctx->auth_result; } else { rulesPtr = KMESH_GET_PTR_VAL(policy->rules, void *); if (!rulesPtr) { @@ -672,15 +677,10 @@ int policy_check(struct xdp_md *ctx) } return match_ctx->action == ISTIO__SECURITY__ACTION__DENY ? XDP_DROP : XDP_PASS; } - - match_ctx->policy_index++; - if (match_ctx->policy_index >= MAX_MEMBER_NUM_PER_POLICY) { - if (match_ctx->need_tailcall_to_userspace) { - bpf_tail_call(ctx, &map_of_xdp_tailcall, TAIL_CALL_AUTH_IN_USER_SPACE); - return XDP_PASS; - } - return XDP_PASS; + if (match_ctx->auth_result == XDP_PASS) { + match_ctx->auth_result = match_ctx->action == ISTIO__SECURITY__ACTION__DENY ? XDP_PASS : XDP_DROP; } + match_ctx->policy_index++; ret = bpf_map_update_elem(&kmesh_tc_args, &tuple_key, match_ctx, BPF_ANY); if (ret < 0) { diff --git a/bpf/kmesh/workload/xdp.c b/bpf/kmesh/workload/xdp.c index 28629b160..befc72d0a 100644 --- a/bpf/kmesh/workload/xdp.c +++ b/bpf/kmesh/workload/xdp.c @@ -132,6 +132,7 @@ int xdp_authz(struct xdp_md *ctx) match_ctx.policies = policies; match_ctx.need_tailcall_to_userspace = false; match_ctx.policy_index = 0; + match_ctx.auth_result = XDP_PASS; ret = bpf_map_update_elem(&kmesh_tc_args, &tuple_key, &match_ctx, BPF_ANY); if (ret < 0) { BPF_LOG(ERR, AUTH, "Failed to update map, error: %d", ret); From 42b69917aae583d83f3e7778f75b69ae1bf44c95 Mon Sep 17 00:00:00 2001 From: Yash Patel Date: Thu, 6 Feb 2025 02:57:07 +0530 Subject: [PATCH 14/28] feat: dump authorizationPolicy Signed-off-by: Yash Patel --- pkg/controller/workload/cache/policy_cache.go | 75 +++++++++++++++++++ pkg/controller/workload/workload_processor.go | 5 ++ pkg/status/api.go | 25 +++++++ pkg/status/status_server.go | 8 +- 4 files changed, 111 insertions(+), 2 deletions(-) create mode 100644 pkg/controller/workload/cache/policy_cache.go diff --git a/pkg/controller/workload/cache/policy_cache.go b/pkg/controller/workload/cache/policy_cache.go new file mode 100644 index 000000000..f36b67271 --- /dev/null +++ b/pkg/controller/workload/cache/policy_cache.go @@ -0,0 +1,75 @@ +/* + * Copyright The Kmesh Authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package cache + +import ( + "sync" + + "kmesh.net/kmesh/api/v2/workloadapi/security" +) + +type PolicyCache interface { + List() []*security.Authorization + AddOrUpdatePolicy(policy *security.Authorization) + DeletePolicy(resourceName string) + GetPolicy(resourceName string) *security.Authorization +} + +var _ PolicyCache = &policyCache{} + +type policyCache struct { + mutex sync.RWMutex + + policiesByResourceName map[string]*security.Authorization +} + +func NewPolicyCache() *policyCache { + return &policyCache{ + policiesByResourceName: make(map[string]*security.Authorization), + } +} + +func (p *policyCache) GetPolicy(resourceName string) *security.Authorization { + p.mutex.RLock() + defer p.mutex.Unlock() + return p.policiesByResourceName[resourceName] +} + +func (p *policyCache) AddOrUpdatePolicy(policy *security.Authorization) { + p.mutex.Lock() + defer p.mutex.Unlock() + resourceName := policy.ResourceName() + + p.policiesByResourceName[resourceName] = policy +} + +func (p *policyCache) DeletePolicy(resourceName string) { + p.mutex.Lock() + defer p.mutex.Unlock() + delete(p.policiesByResourceName, resourceName) +} + +func (p *policyCache) List() []*security.Authorization { + p.mutex.RLock() + defer p.mutex.RUnlock() + out := make([]*security.Authorization, 0, len(p.policiesByResourceName)) + for _, pol := range p.policiesByResourceName { + out = append(out, pol) + } + + return out +} diff --git a/pkg/controller/workload/workload_processor.go b/pkg/controller/workload/workload_processor.go index 57e3ad745..e4cbca83e 100644 --- a/pkg/controller/workload/workload_processor.go +++ b/pkg/controller/workload/workload_processor.go @@ -62,6 +62,7 @@ type Processor struct { ServiceCache cache.ServiceCache EndpointCache cache.EndpointCache WaypointCache cache.WaypointCache + PolicyCache cache.PolicyCache locality bpf.LocalityCache once sync.Once @@ -79,6 +80,7 @@ func NewProcessor(workloadMap bpf2go.KmeshCgroupSockWorkloadMaps) *Processor { ServiceCache: serviceCache, EndpointCache: cache.NewEndpointCache(), WaypointCache: cache.NewWaypointCache(serviceCache), + PolicyCache: cache.NewPolicyCache(), locality: bpf.NewLocalityCache(), } } @@ -909,6 +911,8 @@ func (p *Processor) handleAuthorizationTypeResponse(rsp *service_discovery_v3.De if err := rbac.UpdatePolicy(authPolicy); err != nil { return err } + + p.PolicyCache.AddOrUpdatePolicy(authPolicy) policyKey := authPolicy.ResourceName() if err := maps_v2.AuthorizationUpdate(p.hashName.Hash(policyKey), authPolicy); err != nil { return fmt.Errorf("AuthorizationUpdate %s failed %v ", policyKey, err) @@ -921,6 +925,7 @@ func (p *Processor) handleAuthorizationTypeResponse(rsp *service_discovery_v3.De if err := maps_v2.AuthorizationDelete(p.hashName.Hash(resourceName)); err != nil { log.Errorf("remove authorization policy %s failed :%v", resourceName, err) } + p.PolicyCache.DeletePolicy(resourceName) log.Debugf("remove authorization policy %s", resourceName) } diff --git a/pkg/status/api.go b/pkg/status/api.go index 415ae2a8c..c0d0a9bcf 100644 --- a/pkg/status/api.go +++ b/pkg/status/api.go @@ -20,6 +20,7 @@ import ( "net" "kmesh.net/kmesh/api/v2/workloadapi" + "kmesh.net/kmesh/api/v2/workloadapi/security" ) type Workload struct { @@ -75,6 +76,14 @@ type Service struct { Waypoint *Waypoint `json:"waypoint"` } +type AuthorizationPolicy struct { + Name string `json:"name"` + Namespace string `json:"namespace"` + Scope string `json:"scope"` + Action string `json:"action"` + Rules []string `json:"rules"` +} + type NetworkAddress struct { // Network represents the network this address is on. Network string @@ -162,3 +171,19 @@ func ConvertService(s *workloadapi.Service) *Service { return out } + +func ConvertAuthorizationPolicy(p *security.Authorization) *AuthorizationPolicy { + rules := make([]string, 0, len(p.GetRules())) + for _, r := range p.GetRules() { + rules = append(rules, r.String()) + } + out := &AuthorizationPolicy{ + Name: p.GetName(), + Namespace: p.GetNamespace(), + Scope: p.GetScope().String(), + Action: p.GetAction().String(), + Rules: rules, + } + + return out +} diff --git a/pkg/status/status_server.go b/pkg/status/status_server.go index 533d95f05..55b62768d 100644 --- a/pkg/status/status_server.go +++ b/pkg/status/status_server.go @@ -31,7 +31,6 @@ import ( "google.golang.org/protobuf/encoding/protojson" adminv2 "kmesh.net/kmesh/api/v2/admin" - "kmesh.net/kmesh/api/v2/workloadapi/security" "kmesh.net/kmesh/daemon/options" "kmesh.net/kmesh/pkg/bpf" bpfads "kmesh.net/kmesh/pkg/bpf/ads" @@ -460,7 +459,7 @@ type WorkloadDump struct { Workloads []*Workload Services []*Service // TODO: add authorization - Policies []*security.Authorization + Policies []*AuthorizationPolicy } func (s *Server) configDumpWorkload(w http.ResponseWriter, r *http.Request) { @@ -472,9 +471,11 @@ func (s *Server) configDumpWorkload(w http.ResponseWriter, r *http.Request) { workloads := client.WorkloadController.Processor.WorkloadCache.List() services := client.WorkloadController.Processor.ServiceCache.List() + policies := client.WorkloadController.Processor.PolicyCache.List() workloadDump := WorkloadDump{ Workloads: make([]*Workload, 0, len(workloads)), Services: make([]*Service, 0, len(services)), + Policies: make([]*AuthorizationPolicy, 0, len(policies)), } for _, w := range workloads { workloadDump.Workloads = append(workloadDump.Workloads, ConvertWorkload(w)) @@ -482,6 +483,9 @@ func (s *Server) configDumpWorkload(w http.ResponseWriter, r *http.Request) { for _, s := range services { workloadDump.Services = append(workloadDump.Services, ConvertService(s)) } + for _, p := range policies { + workloadDump.Policies = append(workloadDump.Policies, ConvertAuthorizationPolicy(p)) + } printWorkloadDump(w, workloadDump) } From 2272cd856a9998d272cabbbc31c2e76d9476d975 Mon Sep 17 00:00:00 2001 From: Zhonghu Xu Date: Wed, 5 Feb 2025 14:34:15 +0800 Subject: [PATCH 15/28] Fix typos Signed-off-by: Zhonghu Xu --- deploy/README.md | 2 +- pkg/nets/nets.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/README.md b/deploy/README.md index 493531ead..b60fd34a9 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -2,7 +2,7 @@ ## Helm -We provide a Helm Chart to deploy Kmesh in Kubernets Cluster. +We provide a Helm Chart to deploy Kmesh in Kubernetes Cluster. ```bash helm install kmesh ./deploy/charts/kmesh-helm -n kmesh-system --create-namespace diff --git a/pkg/nets/nets.go b/pkg/nets/nets.go index 591383124..9be63571a 100644 --- a/pkg/nets/nets.go +++ b/pkg/nets/nets.go @@ -90,7 +90,7 @@ func checkIPVersion() (ipv4, ipv6 bool) { // Compare two slices and return the data added to a over b and the data missing from b over a. // -// Arges: +// Args: // // a: new data // b: old data From 726da1710543e9f83319498693133b36b38157b0 Mon Sep 17 00:00:00 2001 From: Yash Patel Date: Thu, 6 Feb 2025 21:42:44 +0530 Subject: [PATCH 16/28] chore: added unit test for policy dump Signed-off-by: Yash Patel --- pkg/auth/policy_store.go | 12 +++ pkg/auth/rbac.go | 5 ++ pkg/controller/workload/cache/policy_cache.go | 75 ------------------- pkg/controller/workload/workload_processor.go | 4 - pkg/status/api.go | 16 ++-- pkg/status/status_server.go | 5 +- pkg/status/status_server_test.go | 11 +++ pkg/status/testdata/workload_configdump.json | 10 ++- 8 files changed, 45 insertions(+), 93 deletions(-) delete mode 100644 pkg/controller/workload/cache/policy_cache.go diff --git a/pkg/auth/policy_store.go b/pkg/auth/policy_store.go index 0bec9aac3..50f9ebfa2 100644 --- a/pkg/auth/policy_store.go +++ b/pkg/auth/policy_store.go @@ -124,3 +124,15 @@ func (ps *policyStore) getByNamespace(namespace string) []string { } return nil } + +// List returns a copied list of all policies +func (p *policyStore) list() []*security.Authorization { + p.rwLock.RLock() + defer p.rwLock.RUnlock() + out := make([]*security.Authorization, 0, len(p.byKey)) + for _, pol := range p.byKey { + out = append(out, pol) + } + + return out +} diff --git a/pkg/auth/rbac.go b/pkg/auth/rbac.go index 438b6489d..b5c21e169 100644 --- a/pkg/auth/rbac.go +++ b/pkg/auth/rbac.go @@ -516,3 +516,8 @@ func (r *Rbac) getIdentityByIp(ip []byte) Identity { serviceAccount: workload.GetServiceAccount(), } } + +// List returns a copied list of all policies +func (r *Rbac) PoliciesList() []*security.Authorization { + return r.policyStore.list() +} diff --git a/pkg/controller/workload/cache/policy_cache.go b/pkg/controller/workload/cache/policy_cache.go deleted file mode 100644 index f36b67271..000000000 --- a/pkg/controller/workload/cache/policy_cache.go +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright The Kmesh Authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package cache - -import ( - "sync" - - "kmesh.net/kmesh/api/v2/workloadapi/security" -) - -type PolicyCache interface { - List() []*security.Authorization - AddOrUpdatePolicy(policy *security.Authorization) - DeletePolicy(resourceName string) - GetPolicy(resourceName string) *security.Authorization -} - -var _ PolicyCache = &policyCache{} - -type policyCache struct { - mutex sync.RWMutex - - policiesByResourceName map[string]*security.Authorization -} - -func NewPolicyCache() *policyCache { - return &policyCache{ - policiesByResourceName: make(map[string]*security.Authorization), - } -} - -func (p *policyCache) GetPolicy(resourceName string) *security.Authorization { - p.mutex.RLock() - defer p.mutex.Unlock() - return p.policiesByResourceName[resourceName] -} - -func (p *policyCache) AddOrUpdatePolicy(policy *security.Authorization) { - p.mutex.Lock() - defer p.mutex.Unlock() - resourceName := policy.ResourceName() - - p.policiesByResourceName[resourceName] = policy -} - -func (p *policyCache) DeletePolicy(resourceName string) { - p.mutex.Lock() - defer p.mutex.Unlock() - delete(p.policiesByResourceName, resourceName) -} - -func (p *policyCache) List() []*security.Authorization { - p.mutex.RLock() - defer p.mutex.RUnlock() - out := make([]*security.Authorization, 0, len(p.policiesByResourceName)) - for _, pol := range p.policiesByResourceName { - out = append(out, pol) - } - - return out -} diff --git a/pkg/controller/workload/workload_processor.go b/pkg/controller/workload/workload_processor.go index e4cbca83e..7bce75d2d 100644 --- a/pkg/controller/workload/workload_processor.go +++ b/pkg/controller/workload/workload_processor.go @@ -62,7 +62,6 @@ type Processor struct { ServiceCache cache.ServiceCache EndpointCache cache.EndpointCache WaypointCache cache.WaypointCache - PolicyCache cache.PolicyCache locality bpf.LocalityCache once sync.Once @@ -80,7 +79,6 @@ func NewProcessor(workloadMap bpf2go.KmeshCgroupSockWorkloadMaps) *Processor { ServiceCache: serviceCache, EndpointCache: cache.NewEndpointCache(), WaypointCache: cache.NewWaypointCache(serviceCache), - PolicyCache: cache.NewPolicyCache(), locality: bpf.NewLocalityCache(), } } @@ -912,7 +910,6 @@ func (p *Processor) handleAuthorizationTypeResponse(rsp *service_discovery_v3.De return err } - p.PolicyCache.AddOrUpdatePolicy(authPolicy) policyKey := authPolicy.ResourceName() if err := maps_v2.AuthorizationUpdate(p.hashName.Hash(policyKey), authPolicy); err != nil { return fmt.Errorf("AuthorizationUpdate %s failed %v ", policyKey, err) @@ -925,7 +922,6 @@ func (p *Processor) handleAuthorizationTypeResponse(rsp *service_discovery_v3.De if err := maps_v2.AuthorizationDelete(p.hashName.Hash(resourceName)); err != nil { log.Errorf("remove authorization policy %s failed :%v", resourceName, err) } - p.PolicyCache.DeletePolicy(resourceName) log.Debugf("remove authorization policy %s", resourceName) } diff --git a/pkg/status/api.go b/pkg/status/api.go index c0d0a9bcf..0a53df2f4 100644 --- a/pkg/status/api.go +++ b/pkg/status/api.go @@ -77,11 +77,11 @@ type Service struct { } type AuthorizationPolicy struct { - Name string `json:"name"` - Namespace string `json:"namespace"` - Scope string `json:"scope"` - Action string `json:"action"` - Rules []string `json:"rules"` + Name string `json:"name"` + Namespace string `json:"namespace"` + Scope string `json:"scope"` + Action string `json:"action"` + Rules []*security.Rule `json:"rules"` } type NetworkAddress struct { @@ -173,16 +173,12 @@ func ConvertService(s *workloadapi.Service) *Service { } func ConvertAuthorizationPolicy(p *security.Authorization) *AuthorizationPolicy { - rules := make([]string, 0, len(p.GetRules())) - for _, r := range p.GetRules() { - rules = append(rules, r.String()) - } out := &AuthorizationPolicy{ Name: p.GetName(), Namespace: p.GetNamespace(), Scope: p.GetScope().String(), Action: p.GetAction().String(), - Rules: rules, + Rules: p.Rules, } return out diff --git a/pkg/status/status_server.go b/pkg/status/status_server.go index 55b62768d..7f7777c11 100644 --- a/pkg/status/status_server.go +++ b/pkg/status/status_server.go @@ -458,8 +458,7 @@ func (s *Server) configDumpAds(w http.ResponseWriter, r *http.Request) { type WorkloadDump struct { Workloads []*Workload Services []*Service - // TODO: add authorization - Policies []*AuthorizationPolicy + Policies []*AuthorizationPolicy } func (s *Server) configDumpWorkload(w http.ResponseWriter, r *http.Request) { @@ -471,7 +470,7 @@ func (s *Server) configDumpWorkload(w http.ResponseWriter, r *http.Request) { workloads := client.WorkloadController.Processor.WorkloadCache.List() services := client.WorkloadController.Processor.ServiceCache.List() - policies := client.WorkloadController.Processor.PolicyCache.List() + policies := client.WorkloadController.Rbac.PoliciesList() workloadDump := WorkloadDump{ Workloads: make([]*Workload, 0, len(workloads)), Services: make([]*Service, 0, len(services)), diff --git a/pkg/status/status_server_test.go b/pkg/status/status_server_test.go index ae99fedcc..afc523c7d 100644 --- a/pkg/status/status_server_test.go +++ b/pkg/status/status_server_test.go @@ -38,7 +38,9 @@ import ( "kmesh.net/kmesh/api/v2/core" "kmesh.net/kmesh/api/v2/listener" "kmesh.net/kmesh/api/v2/workloadapi" + "kmesh.net/kmesh/api/v2/workloadapi/security" "kmesh.net/kmesh/daemon/options" + "kmesh.net/kmesh/pkg/auth" "kmesh.net/kmesh/pkg/bpf" maps_v2 "kmesh.net/kmesh/pkg/cache/v2/maps" "kmesh.net/kmesh/pkg/constants" @@ -275,10 +277,18 @@ func TestServer_configDumpWorkload(t *testing.T) { }, }, }} + policy := &security.Authorization{ + Name: "policy", + Namespace: "ns", + Scope: security.Scope_GLOBAL, + Action: security.Action_ALLOW, + } fakeWorkloadCache := cache.NewWorkloadCache() fakeServiceCache := cache.NewServiceCache() fakeWorkloadCache.AddOrUpdateWorkload(w1) fakeServiceCache.AddOrUpdateService(svc) + fakeAuth := auth.NewRbac(fakeWorkloadCache) + fakeAuth.UpdatePolicy(policy) // Create a new instance of the Server struct server := &Server{ xdsClient: &controller.XdsClient{ @@ -287,6 +297,7 @@ func TestServer_configDumpWorkload(t *testing.T) { WorkloadCache: fakeWorkloadCache, ServiceCache: fakeServiceCache, }, + Rbac: fakeAuth, }, }, } diff --git a/pkg/status/testdata/workload_configdump.json b/pkg/status/testdata/workload_configdump.json index 2ac5286f9..ad0288c30 100644 --- a/pkg/status/testdata/workload_configdump.json +++ b/pkg/status/testdata/workload_configdump.json @@ -51,5 +51,13 @@ } } ], - "Policies": null + "Policies": [ + { + "name": "policy", + "namespace": "ns", + "scope": "GLOBAL", + "action": "ALLOW", + "rules": null + } + ] } \ No newline at end of file From a2fc9237c863f3dee16ce0e07bb5300b0294c779 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 27 Feb 2025 15:42:45 +0000 Subject: [PATCH 17/28] Bump google.golang.org/grpc from 1.69.4 to 1.70.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.4 to 1.70.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.69.4...v1.70.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 43fd39bed..3066e1106 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/stretchr/testify v1.10.0 github.com/vishvananda/netlink v1.3.0 golang.org/x/sys v0.30.0 - google.golang.org/grpc v1.69.4 + google.golang.org/grpc v1.70.0 google.golang.org/protobuf v1.36.3 gopkg.in/natefinch/lumberjack.v2 v2.2.1 istio.io/api v1.24.2 diff --git a/go.sum b/go.sum index cf5f28925..a514c39e1 100644 --- a/go.sum +++ b/go.sum @@ -624,8 +624,8 @@ google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.69.4 h1:MF5TftSMkd8GLw/m0KM6V8CMOCY6NZ1NQDPGFgbTt4A= -google.golang.org/grpc v1.69.4/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= +google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ= +google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= From 3706b1ea97ed4facf946d65412344e3b9305c9ba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 28 Feb 2025 15:20:56 +0000 Subject: [PATCH 18/28] Bump istio.io/api from 1.24.2 to 1.24.3 Bumps [istio.io/api](https://github.com/istio/api) from 1.24.2 to 1.24.3. - [Commits](https://github.com/istio/api/compare/1.24.2...1.24.3) --- updated-dependencies: - dependency-name: istio.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 3066e1106..50dc4e838 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( google.golang.org/grpc v1.70.0 google.golang.org/protobuf v1.36.3 gopkg.in/natefinch/lumberjack.v2 v2.2.1 - istio.io/api v1.24.2 + istio.io/api v1.24.3 istio.io/istio v0.0.0-20241214032803-7754674f65d3 istio.io/pkg v0.0.0-20231221211216-7635388a563e k8s.io/api v0.32.2 diff --git a/go.sum b/go.sum index a514c39e1..e6348e476 100644 --- a/go.sum +++ b/go.sum @@ -663,8 +663,8 @@ helm.sh/helm/v3 v3.16.3 h1:kb8bSxMeRJ+knsK/ovvlaVPfdis0X3/ZhYCSFRP+YmY= helm.sh/helm/v3 v3.16.3/go.mod h1:zeVWGDR4JJgiRbT3AnNsjYaX8OTJlIE9zC+Q7F7iUSU= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -istio.io/api v1.24.2 h1:jYjcN6Iq0RPtQj/3KMFsybxmfqmjGN/dxhL7FGJEdIM= -istio.io/api v1.24.2/go.mod h1:MQnRok7RZ20/PE56v0LxmoWH0xVxnCQPNuf9O7PAN1I= +istio.io/api v1.24.3 h1:iwWWPM0uEQ+oxRHvIWoB8MQ4bjF3dRQj+M5IDVczg0M= +istio.io/api v1.24.3/go.mod h1:MQnRok7RZ20/PE56v0LxmoWH0xVxnCQPNuf9O7PAN1I= istio.io/client-go v1.24.2-0.20241206152608-3892aa679051 h1:KgYFUC2tfDQnq0usZPUsAcCwXoHVX+m9TmOYcC7uL44= istio.io/client-go v1.24.2-0.20241206152608-3892aa679051/go.mod h1:dgZ9EmJzh1EECzf6nQhwNL4R6RvlyeH/RXeNeNp/MRg= istio.io/istio v0.0.0-20241214032803-7754674f65d3 h1:remhEc2PJofM+dUQezuaESREq/QuBlRdaT7R90mQW1w= From eeeb3991215c97b2aa2f55aa00daacf2e187bef4 Mon Sep 17 00:00:00 2001 From: weli-l <1289113577@qq.com> Date: Wed, 5 Mar 2025 15:17:57 +0800 Subject: [PATCH 19/28] add comment for tailcall to userspace Signed-off-by: weli-l <1289113577@qq.com> --- bpf/kmesh/workload/include/authz.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bpf/kmesh/workload/include/authz.h b/bpf/kmesh/workload/include/authz.h index 642434706..97e8b496b 100644 --- a/bpf/kmesh/workload/include/authz.h +++ b/bpf/kmesh/workload/include/authz.h @@ -574,6 +574,9 @@ int policies_check(struct xdp_md *ctx) } policy = map_lookup_authz(policyId); if (!policy) { + // Currently, authz in xdp only support ip and port, + // if any principal or namespace type policy is configured, + // we need to tailcall to userspace. if (match_ctx->need_tailcall_to_userspace) { bpf_tail_call(ctx, &map_of_xdp_tailcall, TAIL_CALL_AUTH_IN_USER_SPACE); return XDP_PASS; From e8d0131d7e6952a16c0fc087914fc85e6789cc7c Mon Sep 17 00:00:00 2001 From: lec-bit Date: Thu, 6 Mar 2025 15:40:39 +0800 Subject: [PATCH 20/28] adapt doc Signed-off-by: lec-bit --- docs/kmesh_kernel_compile-zh.md | 14 ++++++-------- docs/kmesh_kernel_compile.md | 15 ++++++--------- docs/kmesh_support-zh.md | 3 ++- docs/kmesh_use_enhanced_kernel.md | 6 +++--- 4 files changed, 17 insertions(+), 21 deletions(-) diff --git a/docs/kmesh_kernel_compile-zh.md b/docs/kmesh_kernel_compile-zh.md index afb06af33..a5345285d 100644 --- a/docs/kmesh_kernel_compile-zh.md +++ b/docs/kmesh_kernel_compile-zh.md @@ -19,10 +19,8 @@ kernel/ ├── ko_src └── patches # 内核增强特性补丁 └── 5.10.0 # 基于linux 5.10制作的增强patch - └── 0001-bpf-sockmap-add-extra-return-value-for-sockops.patch - └── 0002-xxx.patch - └── ...... - └── bpf-support-writable-context-for-bare-tracepoint.patch #该补丁为社区补丁,在linux 5.16引入,在此之前版本需要判断是否已回合该补丁并按需回合;此补丁提供了kmesh所依赖内核功能相关宏定义 + └── 0001-add-helper-strnstr-strncmp-parse_header_msg.patch + └── 0002-add-TCP_ULP-support-in-bpf_getset_sockopt.patch ``` 内核构建时,按需获取/适配patch。 @@ -58,7 +56,7 @@ kernel/ # 将项目仓中patch拷贝到SOURCE目录下 [root@dev SOURCES]# pwd /home/test/kmesh_kernel/root/rpmbuild/SOURCES - [root@dev SOURCES]# cp 0001-bpf-sockmap-add-extra-return-value-for-sockops.patch . + [root@dev SOURCES]# cp 0001-add-helper-strnstr-strncmp-parse_header_msg.patch . ...... [root@dev SOURCES]# cp xxx.patch . ``` @@ -72,12 +70,12 @@ kernel/ # b. spec中增加patch定义 # 增加增强特性补丁 - Source9003: 0001-bpf-sockmap-add-extra-return-value-for-sockops.patch - Source900X: ...... + Source9003: 0001-add-helper-strnstr-strncmp-parse_header_msg.patch + Source9004: 0002-add-TCP_ULP-support-in-bpf_getset_sockopt.patch # c. %prep中增加打patch步骤 patch -s -F0 -E -p1 --no-backup-if-mismatch -i %{SOURCE9003} - patch -s -F0 -E -p1 --no-backup-if-mismatch -i ...... + patch -s -F0 -E -p1 --no-backup-if-mismatch -i %{SOURCE9004} ``` - 编译 diff --git a/docs/kmesh_kernel_compile.md b/docs/kmesh_kernel_compile.md index 1284a873f..054b5273d 100644 --- a/docs/kmesh_kernel_compile.md +++ b/docs/kmesh_kernel_compile.md @@ -20,10 +20,8 @@ kernel/ ├── ko_src └── patches # Kernel enhancement feature patches └── 5.10.0 # Enhancement patch made based on Linux 5.10 - └── 0001-bpf-sockmap-add-extra-return-value-for-sockops.patch - └── 0002-xxx.patch - └── ...... - └── bpf-support-writable-context-for-bare-tracepoint.patch #This patch is a community patch, introduced in Linux 5.16. For versions prior to this, it is necessary to determine whether this patch has already been merged and merge as needed. This patch provides the macro definitions related to the kernel features that kmesh depends on + └── 0001-add-helper-strnstr-strncmp-parse_header_msg.patch + └── 0002-add-TCP_ULP-support-in-bpf_getset_sockopt.patch ``` When building the kernel, get/adapt the patch as needed. @@ -60,8 +58,7 @@ Taking openEuler 2203 LTS SP2(linux 5.10)as an example, the build steps as f [root@dev SOURCES]# pwd /home/test/kmesh_kernel/root/rpmbuild/SOURCES [root@dev SOURCES]# cp 0001-bpf-sockmap-add-extra-return-value-for-sockops.patch . - ...... - [root@dev SOURCES]# cp xxx.patch . + [root@dev SOURCES]# cp 0002-add-TCP_ULP-support-in-bpf_getset_sockopt.patch . ``` - Modify SPEC to add patch @@ -73,12 +70,12 @@ Taking openEuler 2203 LTS SP2(linux 5.10)as an example, the build steps as f # b. add patch definition in spec # add enhancement feature patch - Source9003: 0001-bpf-sockmap-add-extra-return-value-for-sockops.patch - Source900X: ...... + Source9003: 0001-add-helper-strnstr-strncmp-parse_header_msg.patch + Source9004: 0002-add-TCP_ULP-support-in-bpf_getset_sockopt.patch # c. %prep add apply patch step patch -s -F0 -E -p1 --no-backup-if-mismatch -i %{SOURCE9003} - patch -s -F0 -E -p1 --no-backup-if-mismatch -i ...... + patch -s -F0 -E -p1 --no-backup-if-mismatch -i %{SOURCE9004} ``` - Compile diff --git a/docs/kmesh_support-zh.md b/docs/kmesh_support-zh.md index fa44179e3..12d94edb2 100644 --- a/docs/kmesh_support-zh.md +++ b/docs/kmesh_support-zh.md @@ -4,7 +4,8 @@ | 操作系统版本 | 内核版本 | 操作系统发布路径 | | :-------------: | :------: | :-----------------------------------------: | -| openEuler-23.03 | 6.1.19 | https://repo.openeuler.org/openEuler-23.03/ | +| openEuler-24.03 | 6.6.0 | https://repo.openeuler.org/openEuler-24.03-LTS/ | +| ubuntu-24.04 | 6.8.0 | https://releases.ubuntu.com/24.04/ | ### 通过Kmesh增强内核支持所有特性 diff --git a/docs/kmesh_use_enhanced_kernel.md b/docs/kmesh_use_enhanced_kernel.md index ed2adc855..ec4d0776d 100644 --- a/docs/kmesh_use_enhanced_kernel.md +++ b/docs/kmesh_use_enhanced_kernel.md @@ -1,15 +1,15 @@ # Use Enhanced Kernel in Kmesh -Some features of kmesh depend on enhanced kernel (e.g., L7 traffic control in ads mode). To utilize it, you can use `openEuler 23.03`, which natively supports all features. +Some features of kmesh depend on enhanced kernel (e.g., L7 traffic control in ads mode). To utilize it, you can use `openEuler 24.03-LTS`, which natively supports all features. You can follow the steps below to use enhanced kernel: -+ Download `openEuler 23.03` image on: https://repo.openeuler.org/openEuler-23.03/ISO/. ++ Download `openEuler 24.03-LTS` image on: https://repo.openeuler.org/openEuler-24.03-LTS/ISO/. + Install the operation system: Here, we take [VMware](https://www.vmware.com/products/workstation-pro/html.html) for example (you can also use other VM management tools). ![](./pics/install_openEuler.png) - Notice that `openEuler 23.03`'s kernel version is **6.1.19**. So you should select `其他 Linux 6.x 内核 64位`(`Linux 6.x kernel 64bit`). + Notice that `openEuler 24.03-LTS`'s kernel version is **6.6.0**. So you should select `其他 Linux 6.x 内核 64位`(`Linux 6.x kernel 64bit`). Then, you can follow the [official blog](https://www.openeuler.org/zh/blog/20240306vmware/20240306vmware.html) to install it. From 1378205e4390e15110e73611c72e581f66eb7497 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Wed, 12 Mar 2025 17:57:31 +0800 Subject: [PATCH 21/28] new kernel bugfix Signed-off-by: lec-bit --- Makefile | 3 +- bpf/include/bpf_common.h | 82 ++++++++++++++++++++++++++++++++++++ bpf/kmesh/ads/sockops.c | 6 +++ bpf/kmesh/workload/sockops.c | 82 ------------------------------------ kmesh_compile_env_pre.sh | 10 ----- pkg/bpf/ads/loader.go | 19 +++++++++ pkg/bpf/ads/sock_ops.go | 3 -- 7 files changed, 108 insertions(+), 97 deletions(-) diff --git a/Makefile b/Makefile index 43b6d15a3..f7bd28b7a 100644 --- a/Makefile +++ b/Makefile @@ -82,8 +82,7 @@ ifeq ($(TAG),) $(error "TAG cannot be empty") endif -TMP_FILES := bpf/kmesh/bpf2go/bpf2go.go \ - config/kmesh_marcos_def.h \ +TMP_FILES := config/kmesh_marcos_def.h \ mk/api-v2-c.pc \ mk/bpf.pc \ bpf/include/bpf_helper_defs_ext.h \ diff --git a/bpf/include/bpf_common.h b/bpf/include/bpf_common.h index bd556e99f..4a44cc4bf 100644 --- a/bpf/include/bpf_common.h +++ b/bpf/include/bpf_common.h @@ -223,4 +223,86 @@ static inline void *get_ptr_val_from_map(void *map, __u8 map_type, const void *p val_tmp; \ }) +static inline void record_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) +{ + int err; + __u32 value = 0; + struct manager_key key = {0}; + if (family == AF_INET) + key.addr.ip4 = ip4; + if (family == AF_INET6 && ip6) + IP6_COPY(key.addr.ip6, ip6); + + err = bpf_map_update_elem(&map_of_manager, &key, &value, BPF_ANY); + if (err) + BPF_LOG(ERR, KMESH, "record ip failed!, err is %d\n", err); +} + +static inline void remove_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) +{ + struct manager_key key = {0}; + if (family == AF_INET) + key.addr.ip4 = ip4; + if (family == AF_INET6 && ip6) + IP6_COPY(key.addr.ip6, ip6); + + int err = bpf_map_delete_elem(&map_of_manager, &key); + if (err && err != -ENOENT) + BPF_LOG(ERR, KMESH, "remove ip failed!, err is %d\n", err); +} + +static inline bool conn_from_sim(struct bpf_sock_ops *skops, __u32 ip, __u16 port) +{ + __u16 remote_port = GET_SKOPS_REMOTE_PORT(skops); + if (bpf_ntohs(remote_port) != port) + return false; + + if (skops->family == AF_INET) + return (bpf_ntohl(skops->remote_ip4) == ip); + + return ( + skops->remote_ip6[0] == 0 && skops->remote_ip6[1] == 0 && skops->remote_ip6[2] == 0 + && bpf_ntohl(skops->remote_ip6[3]) == ip); +} + +static inline bool skops_conn_from_cni_sim_add(struct bpf_sock_ops *skops) +{ + // cni sim connect CONTROL_CMD_IP:929(0x3a1) + // 0x3a1 is the specific port handled by the cni to enable Kmesh + return conn_from_sim(skops, CONTROL_CMD_IP, ENABLE_KMESH_PORT); +} + +static inline bool skops_conn_from_cni_sim_delete(struct bpf_sock_ops *skops) +{ + // cni sim connect CONTROL_CMD_IP:930(0x3a2) + // 0x3a2 is the specific port handled by the cni to disable Kmesh + return conn_from_sim(skops, CONTROL_CMD_IP, DISABLE_KMESH_PORT); +} + +static inline void skops_handle_kmesh_managed_process(struct bpf_sock_ops *skops) +{ + if (skops_conn_from_cni_sim_add(skops)) + record_kmesh_managed_ip(skops->family, skops->local_ip4, skops->local_ip6); + if (skops_conn_from_cni_sim_delete(skops)) + remove_kmesh_managed_ip(skops->family, skops->local_ip4, skops->local_ip6); +} + +static inline bool is_managed_by_kmesh(struct bpf_sock_ops *skops) +{ + struct manager_key key = {0}; + if (skops->family == AF_INET) + key.addr.ip4 = skops->local_ip4; + if (skops->family == AF_INET6) { + if (is_ipv4_mapped_addr(skops->local_ip6)) + key.addr.ip4 = skops->local_ip6[3]; + else + IP6_COPY(key.addr.ip6, skops->local_ip6); + } + + int *value = bpf_map_lookup_elem(&map_of_manager, &key); + if (!value) + return false; + return (*value == 0); +} + #endif \ No newline at end of file diff --git a/bpf/kmesh/ads/sockops.c b/bpf/kmesh/ads/sockops.c index e7800842f..20c12e5fc 100644 --- a/bpf/kmesh/ads/sockops.c +++ b/bpf/kmesh/ads/sockops.c @@ -19,7 +19,13 @@ int sockops_prog(struct bpf_sock_ops *skops) return BPF_OK; switch (skops->op) { + case BPF_SOCK_OPS_TCP_CONNECT_CB: + skops_handle_kmesh_managed_process(skops); + break; case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB: + if (!is_managed_by_kmesh(skops)) + break; + if (bpf_sock_ops_cb_flags_set(skops, BPF_SOCK_OPS_STATE_CB_FLAG) != 0) { BPF_LOG(ERR, SOCKOPS, "set sockops cb failed!\n"); } else { diff --git a/bpf/kmesh/workload/sockops.c b/bpf/kmesh/workload/sockops.c index 738d66643..03872d496 100644 --- a/bpf/kmesh/workload/sockops.c +++ b/bpf/kmesh/workload/sockops.c @@ -29,24 +29,6 @@ struct { __uint(map_flags, 0); } map_of_kmesh_socket SEC(".maps"); -static inline bool is_managed_by_kmesh(struct bpf_sock_ops *skops) -{ - struct manager_key key = {0}; - if (skops->family == AF_INET) - key.addr.ip4 = skops->local_ip4; - if (skops->family == AF_INET6) { - if (is_ipv4_mapped_addr(skops->local_ip6)) - key.addr.ip4 = skops->local_ip6[3]; - else - IP6_COPY(key.addr.ip6, skops->local_ip6); - } - - int *value = bpf_map_lookup_elem(&map_of_manager, &key); - if (!value) - return false; - return (*value == 0); -} - static inline bool skip_specific_probe(struct bpf_sock_ops *skops) { struct kmesh_config *data = {0}; @@ -182,70 +164,6 @@ static inline void enable_encoding_metadata(struct bpf_sock_ops *skops) BPF_LOG(ERR, SOCKOPS, "enable encoding metadata failed!, err is %d", err); } -static inline void record_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) -{ - int err; - __u32 value = 0; - struct manager_key key = {0}; - if (family == AF_INET) - key.addr.ip4 = ip4; - if (family == AF_INET6 && ip6) - IP6_COPY(key.addr.ip6, ip6); - - err = bpf_map_update_elem(&map_of_manager, &key, &value, BPF_ANY); - if (err) - BPF_LOG(ERR, KMESH, "record ip failed!, err is %d\n", err); -} - -static inline void remove_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) -{ - struct manager_key key = {0}; - if (family == AF_INET) - key.addr.ip4 = ip4; - if (family == AF_INET6 && ip6) - IP6_COPY(key.addr.ip6, ip6); - - int err = bpf_map_delete_elem(&map_of_manager, &key); - if (err && err != -ENOENT) - BPF_LOG(ERR, KMESH, "remove ip failed!, err is %d\n", err); -} - -static inline bool conn_from_sim(struct bpf_sock_ops *skops, __u32 ip, __u16 port) -{ - __u16 remote_port = GET_SKOPS_REMOTE_PORT(skops); - if (bpf_ntohs(remote_port) != port) - return false; - - if (skops->family == AF_INET) - return (bpf_ntohl(skops->remote_ip4) == ip); - - return ( - skops->remote_ip6[0] == 0 && skops->remote_ip6[1] == 0 && skops->remote_ip6[2] == 0 - && bpf_ntohl(skops->remote_ip6[3]) == ip); -} - -static inline bool skops_conn_from_cni_sim_add(struct bpf_sock_ops *skops) -{ - // cni sim connect CONTROL_CMD_IP:929(0x3a1) - // 0x3a1 is the specific port handled by the cni to enable Kmesh - return conn_from_sim(skops, CONTROL_CMD_IP, ENABLE_KMESH_PORT); -} - -static inline bool skops_conn_from_cni_sim_delete(struct bpf_sock_ops *skops) -{ - // cni sim connect CONTROL_CMD_IP:930(0x3a2) - // 0x3a2 is the specific port handled by the cni to disable Kmesh - return conn_from_sim(skops, CONTROL_CMD_IP, DISABLE_KMESH_PORT); -} - -static inline void skops_handle_kmesh_managed_process(struct bpf_sock_ops *skops) -{ - if (skops_conn_from_cni_sim_add(skops)) - record_kmesh_managed_ip(skops->family, skops->local_ip4, skops->local_ip6); - if (skops_conn_from_cni_sim_delete(skops)) - remove_kmesh_managed_ip(skops->family, skops->local_ip4, skops->local_ip6); -} - SEC("sockops") int sockops_prog(struct bpf_sock_ops *skops) { diff --git a/kmesh_compile_env_pre.sh b/kmesh_compile_env_pre.sh index b6dd03662..0a6cb324b 100644 --- a/kmesh_compile_env_pre.sh +++ b/kmesh_compile_env_pre.sh @@ -109,15 +109,6 @@ function kmesh_set_env(){ export EXTRA_CFLAGS="-O0 -g" } -# adjust the range of BPF code compilation based on the kernel is enhanced -function bpf_compile_range_adjust() { - if [ "$ENHANCED_KERNEL" == "enhanced" ]; then - sed -i '/ads\/sockops\.c/s/\(.*\)generate/\/\/go:generate/' bpf/kmesh/bpf2go/bpf2go.go - else - sed -i '/ads\/sockops\.c/s/\(.*\)generate/\/\/not go:generate/' bpf/kmesh/bpf2go/bpf2go.go - fi -} - function set_enhanced_kernel_env() { # we use /usr/include/linux/bpf.h to determine the runtime environment’s # support for kmesh. Considering the case of online image compilation, a @@ -149,5 +140,4 @@ function prepare() { kmesh_set_env bash kmesh_macros_env.sh bash kmesh_bpf_env.sh - bpf_compile_range_adjust } diff --git a/pkg/bpf/ads/loader.go b/pkg/bpf/ads/loader.go index d3aadb079..cd028b17b 100644 --- a/pkg/bpf/ads/loader.go +++ b/pkg/bpf/ads/loader.go @@ -39,11 +39,17 @@ var log = logger.NewLoggerScope("bpf_ads") type BpfAds struct { SockConn BpfSockConn + SockOps BpfSockOps Tc *general.BpfTCGeneral } func NewBpfAds(cfg *options.BpfConfig) (*BpfAds, error) { sc := &BpfAds{} + + if err := sc.SockOps.NewBpf(cfg); err != nil { + return nil, err + } + if err := sc.SockConn.NewBpf(cfg); err != nil { return nil, err } @@ -105,6 +111,10 @@ func (sc *BpfAds) Load() error { return err } + if err := sc.SockOps.Load(); err != nil { + return err + } + if err := sc.Tc.LoadTC(); err != nil { return err } @@ -142,6 +152,10 @@ func (sc *BpfAds) ApiEnvCfg() error { } func (sc *BpfAds) Attach() error { + if err := sc.SockOps.Attach(); err != nil { + return err + } + if err := sc.SockConn.Attach(); err != nil { return err } @@ -150,9 +164,14 @@ func (sc *BpfAds) Attach() error { } func (sc *BpfAds) Detach() error { + if err := sc.SockOps.Detach(); err != nil { + return err + } + if err := sc.SockConn.Detach(); err != nil { return err } + if err := sc.Tc.Close(); err != nil { return err } diff --git a/pkg/bpf/ads/sock_ops.go b/pkg/bpf/ads/sock_ops.go index cebee39d9..ef7fd9e3b 100644 --- a/pkg/bpf/ads/sock_ops.go +++ b/pkg/bpf/ads/sock_ops.go @@ -1,6 +1,3 @@ -//go:build enhanced -// +build enhanced - /* * Copyright The Kmesh Authors. * From 127535610b5b7ef40e67813a638156066ea364f3 Mon Sep 17 00:00:00 2001 From: weli-l <1289113577@qq.com> Date: Thu, 13 Mar 2025 16:56:19 +0800 Subject: [PATCH 22/28] enable auth offload by default Signed-off-by: weli-l <1289113577@qq.com> --- pkg/bpf/bpf.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/bpf/bpf.go b/pkg/bpf/bpf.go index 73dd974f1..8143bf4b4 100644 --- a/pkg/bpf/bpf.go +++ b/pkg/bpf/bpf.go @@ -321,7 +321,7 @@ func (l *BpfLoader) setBpfProgOptions() { valueOfKmeshBpfConfig.BpfLogLevel = constants.BPF_LOG_INFO valueOfKmeshBpfConfig.NodeIP = nodeIP valueOfKmeshBpfConfig.PodGateway = gateway - valueOfKmeshBpfConfig.AuthzOffload = constants.DISABLED + valueOfKmeshBpfConfig.AuthzOffload = constants.ENABLED valueOfKmeshBpfConfig.EnableMonitoring = constants.ENABLED if err := UpdateKmeshConfigMap(l.kmeshConfig, valueOfKmeshBpfConfig); err != nil { From 49f3290025cce62794fa54ebc569cb30bc543575 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Fri, 14 Mar 2025 11:28:15 +0800 Subject: [PATCH 23/28] adapt bpf2go files Signed-off-by: lec-bit --- bpf/kmesh/bpf2go/bpf2go.go | 8 +++--- kmesh_compile.sh | 2 ++ kmesh_compile_env_pre.sh | 2 +- kmesh_macros_env_kernel.sh | 52 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 59 insertions(+), 5 deletions(-) create mode 100755 kmesh_macros_env_kernel.sh diff --git a/bpf/kmesh/bpf2go/bpf2go.go b/bpf/kmesh/bpf2go/bpf2go.go index 1ef4aa61a..f79735de3 100644 --- a/bpf/kmesh/bpf2go/bpf2go.go +++ b/bpf/kmesh/bpf2go/bpf2go.go @@ -18,18 +18,18 @@ package bpf2go // go run github.com/cilium/ebpf/cmd/bpf2go --help -//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/normal --go-package normal -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSock ../ads/cgroup_sock.c -- -I../ads/include -I../../include -I../../../api/v2-c -DCGROUP_SOCK_MANAGE -DKERNEL_VERSION_HIGHER_5_13_0=1 +//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/$ENHANCED_KERNEL --go-package $ENHANCED_KERNEL -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSock ../ads/cgroup_sock.c -- -I../ads/include -I../../include -I../../../api/v2-c -DCGROUP_SOCK_MANAGE -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockWorkload ../workload/cgroup_sock.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=1 -//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/enhanced --go-package enhanced -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockops ../ads/sockops.c -- -I../ads/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=1 +//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/$ENHANCED_KERNEL --go-package $ENHANCED_KERNEL -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockops ../ads/sockops.c -- -I../ads/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsWorkload ../workload/sockops.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshXDPAuth ../workload/xdp.c -- -I../workload/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSendmsg ../workload/sendmsg.c -- -I../workload/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir general --go-package general -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshTcMarkEncrypt ../general/tc_mark_encrypt.c -- -I../general/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=1 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir general --go-package general -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshTcMarkDecrypt ../general/tc_mark_decrypt.c -- -I../general/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=1 -//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/normal --go-package normal -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockCompat ../ads/cgroup_sock.c -- -I../ads/include -I../../include -I../../../api/v2-c -DCGROUP_SOCK_MANAGE -DKERNEL_VERSION_HIGHER_5_13_0=0 +//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/$ENHANCED_KERNEL --go-package $ENHANCED_KERNEL -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockCompat ../ads/cgroup_sock.c -- -I../ads/include -I../../include -I../../../api/v2-c -DCGROUP_SOCK_MANAGE -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshCgroupSockWorkloadCompat ../workload/cgroup_sock.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=0 -//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/enhanced --go-package enhanced -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsCompat ../ads/sockops.c -- -I../ads/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=0 +//go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir kernelnative/$ENHANCED_KERNEL --go-package $ENHANCED_KERNEL -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsCompat ../ads/sockops.c -- -I../ads/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSockopsWorkloadCompat ../workload/sockops.c -- -I../workload/include -I../../include -I../probes -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshXDPAuthCompat ../workload/xdp.c -- -I../workload/include -I../../include -I../../../api/v2-c -DKERNEL_VERSION_HIGHER_5_13_0=0 //go:generate go run github.com/cilium/ebpf/cmd/bpf2go --output-dir dualengine --go-package dualengine -cc clang --cflags $EXTRA_CFLAGS --cflags $EXTRA_CDEFINE KmeshSendmsgCompat ../workload/sendmsg.c -- -I../workload/include -I../../include -DKERNEL_VERSION_HIGHER_5_13_0=0 diff --git a/kmesh_compile.sh b/kmesh_compile.sh index 5dcf8b7ae..5e2ec3798 100755 --- a/kmesh_compile.sh +++ b/kmesh_compile.sh @@ -4,6 +4,8 @@ ROOT_DIR=$(git rev-parse --show-toplevel) . $ROOT_DIR/hack/utils.sh +bash kmesh_macros_env_kernel.sh +make kmesh-ko container_id=$(run_docker_container) build_kmesh $container_id clean_container $container_id diff --git a/kmesh_compile_env_pre.sh b/kmesh_compile_env_pre.sh index 0a6cb324b..523c97b9c 100644 --- a/kmesh_compile_env_pre.sh +++ b/kmesh_compile_env_pre.sh @@ -126,7 +126,7 @@ function set_enhanced_kernel_env() { if grep -q "FN(parse_header_msg)" $KERNEL_HEADER_LINUX_BPF; then export ENHANCED_KERNEL="enhanced" else - export ENHANCED_KERNEL="unenhanced" + export ENHANCED_KERNEL="normal" fi } diff --git a/kmesh_macros_env_kernel.sh b/kmesh_macros_env_kernel.sh new file mode 100755 index 000000000..2a489182d --- /dev/null +++ b/kmesh_macros_env_kernel.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +VERSION=$(uname -r | cut -d '.' -f 1) +KERNEL_VERSION=$(uname -r | cut -d '-' -f 1) +KERNEL_HEADER_LINUX_BPF=/usr/include/linux/bpf.h + +function set_config() { + sed -i -r -e "s/($1)([ \t]*)([0-9]+)/\1\2$2/" config/kmesh_marcos_def.h +} + +# MDA_LOOPBACK_ADDR +if grep -q "FN(get_netns_cookie)" $KERNEL_HEADER_LINUX_BPF; then + set_config MDA_LOOPBACK_ADDR 1 +else + set_config MDA_LOOPBACK_ADDR 0 +fi + +# MDA_NAT_ACCEL +if grep -q "FN(sk_original_addr)" $KERNEL_HEADER_LINUX_BPF; then + set_config MDA_NAT_ACCEL 1 +else + set_config MDA_NAT_ACCEL 0 +fi + +# MDA_GID_UID_FILTER +if grep -q "FN(get_sockops_uid_gid)" $KERNEL_HEADER_LINUX_BPF; then + set_config MDA_GID_UID_FILTER 1 +else + set_config MDA_GID_UID_FILTER 0 +fi + +# ITER_TYPE_IS_UBUF +if [ "$VERSION" -ge 6 ]; then + set_config ITER_TYPE_IS_UBUF 1 +else + set_config ITER_TYPE_IS_UBUF 0 +fi + +# ENHANCED_KERNEL +if grep -q "FN(parse_header_msg)" $KERNEL_HEADER_LINUX_BPF; then + set_config ENHANCED_KERNEL 1 +else + set_config ENHANCED_KERNEL 0 +fi + +# KERNEL_KFUNC +if [ "$VERSION" -ge 6 ]; then + set_config ENHANCED_KERNEL 1 + set_config KERNEL_KFUNC 1 +else + set_config KERNEL_KFUNC 0 +fi \ No newline at end of file From 0475704970714c2a42de947affdd91f73bf3a17d Mon Sep 17 00:00:00 2001 From: lec-bit Date: Fri, 14 Mar 2025 14:42:04 +0800 Subject: [PATCH 24/28] adapt bpf2go Signed-off-by: lec-bit --- .../kernelnative/normal/kmeshsockops_bpfeb.go | 189 ++++++++++++++++++ .../kernelnative/normal/kmeshsockops_bpfel.go | 189 ++++++++++++++++++ .../normal/kmeshsockopscompat_bpfeb.go | 189 ++++++++++++++++++ .../normal/kmeshsockopscompat_bpfel.go | 189 ++++++++++++++++++ pkg/bpf/ads/loader.go | 38 ++++ pkg/bpf/ads/loader_enhanced.go | 37 ++++ pkg/bpf/ads/sock_connection.go | 15 +- pkg/bpf/ads/sock_ops.go | 15 +- 8 files changed, 833 insertions(+), 28 deletions(-) create mode 100644 bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfeb.go create mode 100644 bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfel.go create mode 100644 bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfeb.go create mode 100644 bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfel.go diff --git a/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfeb.go new file mode 100644 index 000000000..1e0cb0058 --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfeb.go @@ -0,0 +1,189 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build mips || mips64 || ppc64 || s390x + +package normal + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshSockopsBuf struct{ Data [40]int8 } + +type KmeshSockopsClusterSockData struct{ ClusterId uint32 } + +type KmeshSockopsKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshSockopsManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshSockopsSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshSockops returns the embedded CollectionSpec for KmeshSockops. +func LoadKmeshSockops() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshSockopsBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshSockops: %w", err) + } + + return spec, err +} + +// LoadKmeshSockopsObjects loads KmeshSockops and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshSockopsObjects +// *KmeshSockopsPrograms +// *KmeshSockopsMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshSockopsObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshSockops() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshSockopsSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsSpecs struct { + KmeshSockopsProgramSpecs + KmeshSockopsMapSpecs + KmeshSockopsVariableSpecs +} + +// KmeshSockopsProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsProgramSpecs struct { + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` +} + +// KmeshSockopsMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsMapSpecs struct { + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshSockopsObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsObjects struct { + KmeshSockopsPrograms + KmeshSockopsMaps + KmeshSockopsVariables +} + +func (o *KmeshSockopsObjects) Close() error { + return _KmeshSockopsClose( + &o.KmeshSockopsPrograms, + &o.KmeshSockopsMaps, + ) +} + +// KmeshSockopsMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsMaps struct { + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshSockopsMaps) Close() error { + return _KmeshSockopsClose( + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmLogEvent, + m.KmManage, + m.KmSockstorage, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshSockopsVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshSockopsPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsPrograms struct { + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` +} + +func (p *KmeshSockopsPrograms) Close() error { + return _KmeshSockopsClose( + p.SockopsProg, + ) +} + +func _KmeshSockopsClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshsockops_bpfeb.o +var _KmeshSockopsBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfel.go new file mode 100644 index 000000000..608244892 --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockops_bpfel.go @@ -0,0 +1,189 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build 386 || amd64 || arm || arm64 || loong64 || mips64le || mipsle || ppc64le || riscv64 + +package normal + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshSockopsBuf struct{ Data [40]int8 } + +type KmeshSockopsClusterSockData struct{ ClusterId uint32 } + +type KmeshSockopsKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshSockopsManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshSockopsSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshSockops returns the embedded CollectionSpec for KmeshSockops. +func LoadKmeshSockops() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshSockopsBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshSockops: %w", err) + } + + return spec, err +} + +// LoadKmeshSockopsObjects loads KmeshSockops and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshSockopsObjects +// *KmeshSockopsPrograms +// *KmeshSockopsMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshSockopsObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshSockops() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshSockopsSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsSpecs struct { + KmeshSockopsProgramSpecs + KmeshSockopsMapSpecs + KmeshSockopsVariableSpecs +} + +// KmeshSockopsProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsProgramSpecs struct { + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` +} + +// KmeshSockopsMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsMapSpecs struct { + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshSockopsObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsObjects struct { + KmeshSockopsPrograms + KmeshSockopsMaps + KmeshSockopsVariables +} + +func (o *KmeshSockopsObjects) Close() error { + return _KmeshSockopsClose( + &o.KmeshSockopsPrograms, + &o.KmeshSockopsMaps, + ) +} + +// KmeshSockopsMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsMaps struct { + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshSockopsMaps) Close() error { + return _KmeshSockopsClose( + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmLogEvent, + m.KmManage, + m.KmSockstorage, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshSockopsVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshSockopsPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsPrograms struct { + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` +} + +func (p *KmeshSockopsPrograms) Close() error { + return _KmeshSockopsClose( + p.SockopsProg, + ) +} + +func _KmeshSockopsClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshsockops_bpfel.o +var _KmeshSockopsBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfeb.go new file mode 100644 index 000000000..0d2536adc --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfeb.go @@ -0,0 +1,189 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build mips || mips64 || ppc64 || s390x + +package normal + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshSockopsCompatBuf struct{ Data [40]int8 } + +type KmeshSockopsCompatClusterSockData struct{ ClusterId uint32 } + +type KmeshSockopsCompatKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshSockopsCompatManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshSockopsCompatSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshSockopsCompat returns the embedded CollectionSpec for KmeshSockopsCompat. +func LoadKmeshSockopsCompat() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshSockopsCompatBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshSockopsCompat: %w", err) + } + + return spec, err +} + +// LoadKmeshSockopsCompatObjects loads KmeshSockopsCompat and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshSockopsCompatObjects +// *KmeshSockopsCompatPrograms +// *KmeshSockopsCompatMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshSockopsCompatObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshSockopsCompat() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshSockopsCompatSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatSpecs struct { + KmeshSockopsCompatProgramSpecs + KmeshSockopsCompatMapSpecs + KmeshSockopsCompatVariableSpecs +} + +// KmeshSockopsCompatProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatProgramSpecs struct { + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` +} + +// KmeshSockopsCompatMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatMapSpecs struct { + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsCompatVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshSockopsCompatObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatObjects struct { + KmeshSockopsCompatPrograms + KmeshSockopsCompatMaps + KmeshSockopsCompatVariables +} + +func (o *KmeshSockopsCompatObjects) Close() error { + return _KmeshSockopsCompatClose( + &o.KmeshSockopsCompatPrograms, + &o.KmeshSockopsCompatMaps, + ) +} + +// KmeshSockopsCompatMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatMaps struct { + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshSockopsCompatMaps) Close() error { + return _KmeshSockopsCompatClose( + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmLogEvent, + m.KmManage, + m.KmSockstorage, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshSockopsCompatVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshSockopsCompatPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatPrograms struct { + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` +} + +func (p *KmeshSockopsCompatPrograms) Close() error { + return _KmeshSockopsCompatClose( + p.SockopsProg, + ) +} + +func _KmeshSockopsCompatClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshsockopscompat_bpfeb.o +var _KmeshSockopsCompatBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfel.go new file mode 100644 index 000000000..4b1e9a2d8 --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/normal/kmeshsockopscompat_bpfel.go @@ -0,0 +1,189 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build 386 || amd64 || arm || arm64 || loong64 || mips64le || mipsle || ppc64le || riscv64 + +package normal + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshSockopsCompatBuf struct{ Data [40]int8 } + +type KmeshSockopsCompatClusterSockData struct{ ClusterId uint32 } + +type KmeshSockopsCompatKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshSockopsCompatManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshSockopsCompatSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshSockopsCompat returns the embedded CollectionSpec for KmeshSockopsCompat. +func LoadKmeshSockopsCompat() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshSockopsCompatBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshSockopsCompat: %w", err) + } + + return spec, err +} + +// LoadKmeshSockopsCompatObjects loads KmeshSockopsCompat and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshSockopsCompatObjects +// *KmeshSockopsCompatPrograms +// *KmeshSockopsCompatMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshSockopsCompatObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshSockopsCompat() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshSockopsCompatSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatSpecs struct { + KmeshSockopsCompatProgramSpecs + KmeshSockopsCompatMapSpecs + KmeshSockopsCompatVariableSpecs +} + +// KmeshSockopsCompatProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatProgramSpecs struct { + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` +} + +// KmeshSockopsCompatMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatMapSpecs struct { + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsCompatVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshSockopsCompatObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatObjects struct { + KmeshSockopsCompatPrograms + KmeshSockopsCompatMaps + KmeshSockopsCompatVariables +} + +func (o *KmeshSockopsCompatObjects) Close() error { + return _KmeshSockopsCompatClose( + &o.KmeshSockopsCompatPrograms, + &o.KmeshSockopsCompatMaps, + ) +} + +// KmeshSockopsCompatMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatMaps struct { + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshSockopsCompatMaps) Close() error { + return _KmeshSockopsCompatClose( + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmLogEvent, + m.KmManage, + m.KmSockstorage, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshSockopsCompatVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshSockopsCompatPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatPrograms struct { + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` +} + +func (p *KmeshSockopsCompatPrograms) Close() error { + return _KmeshSockopsCompatClose( + p.SockopsProg, + ) +} + +func _KmeshSockopsCompatClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshsockopscompat_bpfel.o +var _KmeshSockopsCompatBytes []byte diff --git a/pkg/bpf/ads/loader.go b/pkg/bpf/ads/loader.go index cd028b17b..5835dd2f0 100644 --- a/pkg/bpf/ads/loader.go +++ b/pkg/bpf/ads/loader.go @@ -27,12 +27,15 @@ import ( "fmt" "github.com/cilium/ebpf" + "github.com/cilium/ebpf/link" + bpf2go "kmesh.net/kmesh/bpf/kmesh/bpf2go/kernelnative/normal" "kmesh.net/kmesh/daemon/options" "kmesh.net/kmesh/pkg/bpf/general" "kmesh.net/kmesh/pkg/bpf/utils" "kmesh.net/kmesh/pkg/consistenthash/maglev" "kmesh.net/kmesh/pkg/logger" + helper "kmesh.net/kmesh/pkg/utils" ) var log = logger.NewLoggerScope("bpf_ads") @@ -43,6 +46,40 @@ type BpfAds struct { Tc *general.BpfTCGeneral } +type BpfSockConn struct { + Info general.BpfInfo + Link link.Link + bpf2go.KmeshCgroupSockObjects +} + +type BpfSockOps struct { + Info general.BpfInfo + Link link.Link + bpf2go.KmeshSockopsObjects +} + +func Bpf2goLoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { + var spec *ebpf.CollectionSpec + var err error + if helper.KernelVersionLowerThan5_13() { + spec, err = bpf2go.LoadKmeshCgroupSockCompat() + } else { + spec, err = bpf2go.LoadKmeshCgroupSock() + } + return spec, err +} + +func Bpf2goLoadKmeshSockOps() (*ebpf.CollectionSpec, error) { + var spec *ebpf.CollectionSpec + var err error + if helper.KernelVersionLowerThan5_13() { + spec, err = bpf2go.LoadKmeshSockops() + } else { + spec, err = bpf2go.LoadKmeshSockopsCompat() + } + return spec, err +} + func NewBpfAds(cfg *options.BpfConfig) (*BpfAds, error) { sc := &BpfAds{} @@ -53,6 +90,7 @@ func NewBpfAds(cfg *options.BpfConfig) (*BpfAds, error) { if err := sc.SockConn.NewBpf(cfg); err != nil { return nil, err } + if cfg.EnableIPsec { var err error sc.Tc, err = general.NewBpf(cfg) diff --git a/pkg/bpf/ads/loader_enhanced.go b/pkg/bpf/ads/loader_enhanced.go index 999ea6f75..cfaed06ea 100644 --- a/pkg/bpf/ads/loader_enhanced.go +++ b/pkg/bpf/ads/loader_enhanced.go @@ -27,11 +27,14 @@ import ( "fmt" "github.com/cilium/ebpf" + "github.com/cilium/ebpf/link" + bpf2go "kmesh.net/kmesh/bpf/kmesh/bpf2go/kernelnative/enhanced" "kmesh.net/kmesh/daemon/options" "kmesh.net/kmesh/pkg/bpf/general" "kmesh.net/kmesh/pkg/bpf/utils" "kmesh.net/kmesh/pkg/logger" + helper "kmesh.net/kmesh/pkg/utils" ) var log = logger.NewLoggerScope("bpf_ads") @@ -42,6 +45,40 @@ type BpfAds struct { Tc *general.BpfTCGeneral } +type BpfSockConn struct { + Info general.BpfInfo + Link link.Link + bpf2go.KmeshCgroupSockObjects +} + +type BpfSockOps struct { + Info general.BpfInfo + Link link.Link + bpf2go.KmeshSockopsObjects +} + +func Bpf2goLoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { + var spec *ebpf.CollectionSpec + var err error + if helper.KernelVersionLowerThan5_13() { + spec, err = bpf2go.LoadKmeshCgroupSockCompat() + } else { + spec, err = bpf2go.LoadKmeshCgroupSock() + } + return spec, err +} + +func Bpf2goLoadKmeshSockOps() (*ebpf.CollectionSpec, error) { + var spec *ebpf.CollectionSpec + var err error + if helper.KernelVersionLowerThan5_13() { + spec, err = bpf2go.LoadKmeshSockops() + } else { + spec, err = bpf2go.LoadKmeshSockopsCompat() + } + return spec, err +} + func NewBpfAds(cfg *options.BpfConfig) (*BpfAds, error) { sc := &BpfAds{} diff --git a/pkg/bpf/ads/sock_connection.go b/pkg/bpf/ads/sock_connection.go index f574a9368..0f2c496da 100644 --- a/pkg/bpf/ads/sock_connection.go +++ b/pkg/bpf/ads/sock_connection.go @@ -32,11 +32,8 @@ import ( "kmesh.net/kmesh/pkg/bpf/restart" "kmesh.net/kmesh/pkg/constants" - bpf2go "kmesh.net/kmesh/bpf/kmesh/bpf2go/kernelnative/normal" "kmesh.net/kmesh/daemon/options" - "kmesh.net/kmesh/pkg/bpf/general" "kmesh.net/kmesh/pkg/bpf/utils" - helper "kmesh.net/kmesh/pkg/utils" ) var KMESH_TAIL_CALL_LISTENER = uint32(C.KMESH_TAIL_CALL_LISTENER) @@ -46,12 +43,6 @@ var KMESH_TAIL_CALL_ROUTER = uint32(C.KMESH_TAIL_CALL_ROUTER) var KMESH_TAIL_CALL_CLUSTER = uint32(C.KMESH_TAIL_CALL_CLUSTER) var KMESH_TAIL_CALL_ROUTER_CONFIG = uint32(C.KMESH_TAIL_CALL_ROUTER_CONFIG) -type BpfSockConn struct { - Info general.BpfInfo - Link link.Link - bpf2go.KmeshCgroupSockObjects -} - func (sc *BpfSockConn) NewBpf(cfg *options.BpfConfig) error { sc.Info.MapPath = cfg.BpfFsPath + "/bpf_kmesh/map/" sc.Info.BpfFsPath = cfg.BpfFsPath + "/bpf_kmesh/sockconn/" @@ -80,11 +71,7 @@ func (sc *BpfSockConn) loadKmeshSockConnObjects() (*ebpf.CollectionSpec, error) ) opts.Maps.PinPath = sc.Info.MapPath - if helper.KernelVersionLowerThan5_13() { - spec, err = bpf2go.LoadKmeshCgroupSockCompat() - } else { - spec, err = bpf2go.LoadKmeshCgroupSock() - } + spec, err = Bpf2goLoadKmeshCgroupSock() if err != nil || spec == nil { return nil, err } diff --git a/pkg/bpf/ads/sock_ops.go b/pkg/bpf/ads/sock_ops.go index ef7fd9e3b..5ec9148f8 100644 --- a/pkg/bpf/ads/sock_ops.go +++ b/pkg/bpf/ads/sock_ops.go @@ -25,21 +25,12 @@ import ( "github.com/cilium/ebpf" "github.com/cilium/ebpf/link" - bpf2go "kmesh.net/kmesh/bpf/kmesh/bpf2go/kernelnative/enhanced" "kmesh.net/kmesh/daemon/options" - "kmesh.net/kmesh/pkg/bpf/general" "kmesh.net/kmesh/pkg/bpf/restart" "kmesh.net/kmesh/pkg/bpf/utils" "kmesh.net/kmesh/pkg/constants" - helper "kmesh.net/kmesh/pkg/utils" ) -type BpfSockOps struct { - Info general.BpfInfo - Link link.Link - bpf2go.KmeshSockopsObjects -} - func (sc *BpfSockOps) NewBpf(cfg *options.BpfConfig) error { sc.Info.MapPath = cfg.BpfFsPath + "/bpf_kmesh/map/" sc.Info.BpfFsPath = cfg.BpfFsPath + "/bpf_kmesh/sockops/" @@ -68,11 +59,7 @@ func (sc *BpfSockOps) loadKmeshSockopsObjects() (*ebpf.CollectionSpec, error) { ) opts.Maps.PinPath = sc.Info.MapPath - if helper.KernelVersionLowerThan5_13() { - spec, err = bpf2go.LoadKmeshSockopsCompat() - } else { - spec, err = bpf2go.LoadKmeshSockops() - } + spec, err = Bpf2goLoadKmeshSockOps() if err != nil || spec == nil { return nil, err } From 4b98e440713059c400deec5ba83ebf56aa3c4dec Mon Sep 17 00:00:00 2001 From: lec-bit Date: Fri, 14 Mar 2025 18:11:18 +0800 Subject: [PATCH 25/28] update, optimize funcname Signed-off-by: lec-bit --- bpf/include/bpf_common.h | 4 ++-- pkg/bpf/ads/loader.go | 4 ++-- pkg/bpf/ads/loader_enhanced.go | 4 ++-- pkg/bpf/ads/sock_connection.go | 2 +- pkg/bpf/ads/sock_ops.go | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/bpf/include/bpf_common.h b/bpf/include/bpf_common.h index 4a44cc4bf..2a739fe14 100644 --- a/bpf/include/bpf_common.h +++ b/bpf/include/bpf_common.h @@ -235,7 +235,7 @@ static inline void record_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) err = bpf_map_update_elem(&map_of_manager, &key, &value, BPF_ANY); if (err) - BPF_LOG(ERR, KMESH, "record ip failed!, err is %d\n", err); + BPF_LOG(ERR, KMESH, "record ip failed, err is %d\n", err); } static inline void remove_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) @@ -248,7 +248,7 @@ static inline void remove_kmesh_managed_ip(__u32 family, __u32 ip4, __u32 *ip6) int err = bpf_map_delete_elem(&map_of_manager, &key); if (err && err != -ENOENT) - BPF_LOG(ERR, KMESH, "remove ip failed!, err is %d\n", err); + BPF_LOG(ERR, KMESH, "remove ip failed, err is %d\n", err); } static inline bool conn_from_sim(struct bpf_sock_ops *skops, __u32 ip, __u16 port) diff --git a/pkg/bpf/ads/loader.go b/pkg/bpf/ads/loader.go index 5835dd2f0..d5a3d7799 100644 --- a/pkg/bpf/ads/loader.go +++ b/pkg/bpf/ads/loader.go @@ -58,7 +58,7 @@ type BpfSockOps struct { bpf2go.KmeshSockopsObjects } -func Bpf2goLoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { +func loadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { var spec *ebpf.CollectionSpec var err error if helper.KernelVersionLowerThan5_13() { @@ -69,7 +69,7 @@ func Bpf2goLoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { return spec, err } -func Bpf2goLoadKmeshSockOps() (*ebpf.CollectionSpec, error) { +func loadKmeshSockOps() (*ebpf.CollectionSpec, error) { var spec *ebpf.CollectionSpec var err error if helper.KernelVersionLowerThan5_13() { diff --git a/pkg/bpf/ads/loader_enhanced.go b/pkg/bpf/ads/loader_enhanced.go index cfaed06ea..cf0d6ac2f 100644 --- a/pkg/bpf/ads/loader_enhanced.go +++ b/pkg/bpf/ads/loader_enhanced.go @@ -57,7 +57,7 @@ type BpfSockOps struct { bpf2go.KmeshSockopsObjects } -func Bpf2goLoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { +func loadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { var spec *ebpf.CollectionSpec var err error if helper.KernelVersionLowerThan5_13() { @@ -68,7 +68,7 @@ func Bpf2goLoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { return spec, err } -func Bpf2goLoadKmeshSockOps() (*ebpf.CollectionSpec, error) { +func loadKmeshSockOps() (*ebpf.CollectionSpec, error) { var spec *ebpf.CollectionSpec var err error if helper.KernelVersionLowerThan5_13() { diff --git a/pkg/bpf/ads/sock_connection.go b/pkg/bpf/ads/sock_connection.go index 0f2c496da..2f72f6ba2 100644 --- a/pkg/bpf/ads/sock_connection.go +++ b/pkg/bpf/ads/sock_connection.go @@ -71,7 +71,7 @@ func (sc *BpfSockConn) loadKmeshSockConnObjects() (*ebpf.CollectionSpec, error) ) opts.Maps.PinPath = sc.Info.MapPath - spec, err = Bpf2goLoadKmeshCgroupSock() + spec, err = loadKmeshCgroupSock() if err != nil || spec == nil { return nil, err } diff --git a/pkg/bpf/ads/sock_ops.go b/pkg/bpf/ads/sock_ops.go index 5ec9148f8..579638f57 100644 --- a/pkg/bpf/ads/sock_ops.go +++ b/pkg/bpf/ads/sock_ops.go @@ -59,7 +59,7 @@ func (sc *BpfSockOps) loadKmeshSockopsObjects() (*ebpf.CollectionSpec, error) { ) opts.Maps.PinPath = sc.Info.MapPath - spec, err = Bpf2goLoadKmeshSockOps() + spec, err = loadKmeshSockOps() if err != nil || spec == nil { return nil, err } From 693e0ecb545468291ef1a67fc4382375eafca6c7 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Thu, 20 Feb 2025 20:52:11 +0800 Subject: [PATCH 26/28] adapt 6.6 Signed-off-by: lec-bit --- bpf/include/common.h | 61 ++++- bpf/include/inner_map_defs.h | 2 +- bpf/kmesh/ads/cgroup_sock.c | 7 +- bpf/kmesh/ads/include/ctx/sock_ops.h | 11 - bpf/kmesh/ads/include/kmesh_common.h | 5 - .../enhanced/kmeshcgroupsock_bpfeb.go | 225 ++++++++++++++++++ .../enhanced/kmeshcgroupsock_bpfel.go | 225 ++++++++++++++++++ .../enhanced/kmeshcgroupsockcompat_bpfeb.go | 225 ++++++++++++++++++ .../enhanced/kmeshcgroupsockcompat_bpfel.go | 225 ++++++++++++++++++ .../enhanced/kmeshsockops_bpfeb.go | 102 ++++---- .../enhanced/kmeshsockops_bpfel.go | 102 ++++---- .../enhanced/kmeshsockopscompat_bpfeb.go | 102 ++++---- .../enhanced/kmeshsockopscompat_bpfel.go | 102 ++++---- build/docker/builder.dockerfile | 4 +- build/docker/dockerfile | 2 +- config/kmesh_marcos_def.h | 27 +-- kernel/ko_src/kmesh/Makefile | 2 +- kernel/ko_src/kmesh/defer_connect.c | 62 ++--- kernel/ko_src/kmesh/kmesh_func.c | 142 +++++++++++ kernel/ko_src/kmesh/kmesh_func.h | 6 + kernel/ko_src/kmesh/kmesh_main.c | 4 +- .../ko_src/kmesh/kmesh_parse_protocol_data.c | 22 +- .../ko_src/kmesh/kmesh_parse_protocol_data.h | 6 + kmesh_compile_env_pre.sh | 6 +- kmesh_macros_env.sh | 15 +- oncn-mda/include/mesh_accelerate.h | 10 +- 26 files changed, 1339 insertions(+), 363 deletions(-) create mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfeb.go create mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfel.go create mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfeb.go create mode 100644 bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfel.go create mode 100644 kernel/ko_src/kmesh/kmesh_func.c create mode 100644 kernel/ko_src/kmesh/kmesh_func.h diff --git a/bpf/include/common.h b/bpf/include/common.h index ee045c102..ea95c76e0 100644 --- a/bpf/include/common.h +++ b/bpf/include/common.h @@ -5,6 +5,7 @@ #define _COMMON_H_ #include "../../config/kmesh_marcos_def.h" +#include #include #include #include @@ -16,8 +17,60 @@ #include "errno.h" +struct bpf_mem_ptr { + void *ptr; + __u32 size; +}; + #if ENHANCED_KERNEL +#if KERNEL_KFUNC +extern int bpf_parse_header_msg_func(void *src, int src__sz) __ksym; +extern int bpf_km_header_strnstr_func(void *ctx, int ctx__sz, const char *key, int key__sz, const char *subptr) __ksym; +extern int bpf_km_header_strncmp_func(const char *key, int key__sz, const char *target, int target__sz, int opt) __ksym; +extern int bpf_setsockopt_func(void *bpf_mem, int bpf_mem__sz, int optname, const char *optval, int optval__sz) __ksym; +extern int bpf_getsockopt_func(void *bpf_mem, int bpf_mem__sz, int optname, char *optval, int optval__sz) __ksym; + +#define bpf_km_header_strncmp bpf_km_header_strncmp_func + +int bpf_km_header_strnstr(void *ctx, const char *key, int key__sz, const char *subptr, int subptr__sz) +{ + struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)}; + return bpf_km_header_strnstr_func(&msg_tmp, sizeof(struct bpf_mem_ptr), key, key__sz, subptr); +} + +int bpf_parse_header_msg(struct bpf_sock_addr *ctx) +{ + struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)}; + return bpf_parse_header_msg_func(&msg_tmp, sizeof(struct bpf_mem_ptr)); +} + +// Due to the limitation of bpf verifier, optval and optval__sz are required to correspond. +// The strnlen function cannot be used here, so the string is redefined. +int bpf_km_setsockopt(struct bpf_sock_addr *ctx, int level, int optname, const char *optval, int optval__sz) +{ + const char kmesh_module_name[] = "kmesh_defer"; + if (level != IPPROTO_TCP || optval__sz != sizeof(kmesh_module_name)) + return -1; + + struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)}; + return bpf_setsockopt_func( + &msg_tmp, sizeof(struct bpf_mem_ptr), optname, (void *)kmesh_module_name, sizeof(kmesh_module_name)); +} + +int bpf_km_getsockopt(struct bpf_sock_addr *ctx, int level, int optname, char *optval, int optval__sz) +{ + if (level != IPPROTO_TCP) { + return -1; + } + struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)}; + return bpf_getsockopt_func(&msg_tmp, sizeof(struct bpf_mem_ptr), optname, (void *)optval, optval__sz); +} + +#else #include +#define bpf_km_setsockopt bpf_setsockopt +#define bpf_km_getsockopt bpf_getsockopt +#endif #endif #define bpf_unused __attribute__((__unused__)) @@ -121,14 +174,8 @@ static inline bool is_ipv4_mapped_addr(__u32 ip6[4]) (dst)[3] = (src)[3]; \ } while (0) -#if OE_23_03 -#define bpf__strncmp bpf_strncmp -#define GET_SKOPS_REMOTE_PORT(sk_ops) (__u16)((sk_ops)->remote_port) -#else #define GET_SKOPS_REMOTE_PORT(sk_ops) (__u16)((sk_ops)->remote_port >> 16) -#endif - -#define GET_SKOPS_LOCAL_PORT(sk_ops) (__u16)((sk_ops)->local_port) +#define GET_SKOPS_LOCAL_PORT(sk_ops) (__u16)((sk_ops)->local_port) #define MAX_BUF_LEN 100 #define MAX_IP4_LEN 16 diff --git a/bpf/include/inner_map_defs.h b/bpf/include/inner_map_defs.h index 028f59ca2..d770df4e3 100644 --- a/bpf/include/inner_map_defs.h +++ b/bpf/include/inner_map_defs.h @@ -33,4 +33,4 @@ typedef enum { MAP_TYPE_64, MAP_TYPE_192, MAP_TYPE_296, MAP_TYPE_1600, MAP_TYPE_ #define FLIP_BIT(bitmap, n) ((bitmap)[(n) / 8] ^= (1U << ((n) % 8))) -#endif // __INNER_MAP_H__ \ No newline at end of file +#endif // __INNER_MAP_H__ diff --git a/bpf/kmesh/ads/cgroup_sock.c b/bpf/kmesh/ads/cgroup_sock.c index ca125cda8..d84893c27 100644 --- a/bpf/kmesh/ads/cgroup_sock.c +++ b/bpf/kmesh/ads/cgroup_sock.c @@ -19,11 +19,10 @@ #if KMESH_ENABLE_HTTP static const char kmesh_module_name[] = "kmesh_defer"; -static char kmesh_module_name_get[KMESH_MODULE_NAME_LEN] = ""; static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) { int ret; - + char kmesh_module_name_get[KMESH_MODULE_NAME_LEN] = ""; Listener__Listener *listener = NULL; if (ctx->protocol != IPPROTO_TCP) @@ -42,9 +41,9 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx) BPF_LOG(DEBUG, KMESH, "bpf find listener addr=[%s:%u]\n", ip2str(&ip, 1), bpf_ntohs(ctx->user_port)); #if ENHANCED_KERNEL - ret = bpf_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name_get, KMESH_MODULE_NAME_LEN); + ret = bpf_km_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, kmesh_module_name_get, KMESH_MODULE_NAME_LEN); if (CHECK_MODULE_NAME_NULL(ret) || bpf__strncmp(kmesh_module_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_name)) { - ret = bpf_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name, sizeof(kmesh_module_name)); + ret = bpf_km_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, kmesh_module_name, sizeof(kmesh_module_name)); if (ret) BPF_LOG(ERR, KMESH, "bpf set sockopt failed! ret %d\n", ret); return 0; diff --git a/bpf/kmesh/ads/include/ctx/sock_ops.h b/bpf/kmesh/ads/include/ctx/sock_ops.h index fe733f909..34a0f1a76 100644 --- a/bpf/kmesh/ads/include/ctx/sock_ops.h +++ b/bpf/kmesh/ads/include/ctx/sock_ops.h @@ -22,16 +22,6 @@ typedef struct bpf_sock_ops ctx_buff_t; name.ipv4 = (ctx)->remote_ip4; \ name.port = (ctx)->remote_port -#if OE_23_03 -#define SET_CTX_ADDRESS(ctx, address) \ - (ctx)->remote_ip4 = (address)->ipv4; \ - (ctx)->remote_port = (address)->port - -#define MARK_REJECTED(ctx) \ - BPF_LOG(DEBUG, KMESH, "mark reject\n"); \ - (ctx)->remote_ip4 = 0; \ - (ctx)->remote_port = 0 -#else #define SET_CTX_ADDRESS(ctx, address) \ (ctx)->replylong[2] = (address)->ipv4; \ (ctx)->replylong[3] = (address)->port @@ -40,6 +30,5 @@ typedef struct bpf_sock_ops ctx_buff_t; BPF_LOG(DEBUG, KMESH, "mark reject\n"); \ (ctx)->replylong[2] = 0; \ (ctx)->replylong[3] = 0 -#endif #endif //__BPF_CTX_SOCK_OPS_H diff --git a/bpf/kmesh/ads/include/kmesh_common.h b/bpf/kmesh/ads/include/kmesh_common.h index b1a35d91f..8b5bf0e2b 100644 --- a/bpf/kmesh/ads/include/kmesh_common.h +++ b/bpf/kmesh/ads/include/kmesh_common.h @@ -31,11 +31,6 @@ val; \ }) -struct bpf_mem_ptr { - void *ptr; - __u32 size; -}; - static inline int bpf__strncmp(const char *dst, int n, const char *src) { if (dst == NULL || src == NULL) diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfeb.go new file mode 100644 index 000000000..0624476d9 --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfeb.go @@ -0,0 +1,225 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build mips || mips64 || ppc64 || s390x + +package enhanced + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshCgroupSockBuf struct{ Data [40]int8 } + +type KmeshCgroupSockClusterSockData struct{ ClusterId uint32 } + +type KmeshCgroupSockKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshCgroupSockManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshCgroupSockSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshCgroupSock returns the embedded CollectionSpec for KmeshCgroupSock. +func LoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshCgroupSockBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshCgroupSock: %w", err) + } + + return spec, err +} + +// LoadKmeshCgroupSockObjects loads KmeshCgroupSock and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshCgroupSockObjects +// *KmeshCgroupSockPrograms +// *KmeshCgroupSockMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshCgroupSockObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshCgroupSock() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshCgroupSockSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockSpecs struct { + KmeshCgroupSockProgramSpecs + KmeshCgroupSockMapSpecs + KmeshCgroupSockVariableSpecs +} + +// KmeshCgroupSockProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockProgramSpecs struct { + CgroupConnect4Prog *ebpf.ProgramSpec `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` + FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` + FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` + RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` +} + +// KmeshCgroupSockMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockMapSpecs struct { + KmCgrptailcall *ebpf.MapSpec `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` + KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` + KmListener *ebpf.MapSpec `ebpf:"km_listener"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshCgroupSockVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockObjects struct { + KmeshCgroupSockPrograms + KmeshCgroupSockMaps + KmeshCgroupSockVariables +} + +func (o *KmeshCgroupSockObjects) Close() error { + return _KmeshCgroupSockClose( + &o.KmeshCgroupSockPrograms, + &o.KmeshCgroupSockMaps, + ) +} + +// KmeshCgroupSockMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockMaps struct { + KmCgrptailcall *ebpf.Map `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.Map `ebpf:"km_cluster"` + KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmEpsData *ebpf.Map `ebpf:"km_eps_data"` + KmListener *ebpf.Map `ebpf:"km_listener"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshCgroupSockMaps) Close() error { + return _KmeshCgroupSockClose( + m.KmCgrptailcall, + m.KmCluster, + m.KmClusterEps, + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmEpsData, + m.KmListener, + m.KmLogEvent, + m.KmMaglevOuter, + m.KmManage, + m.KmRouterconfig, + m.KmSockstorage, + m.KmTailcallCtx, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshCgroupSockVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockPrograms struct { + CgroupConnect4Prog *ebpf.Program `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.Program `ebpf:"cluster_manager"` + FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` + FilterManager *ebpf.Program `ebpf:"filter_manager"` + RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` +} + +func (p *KmeshCgroupSockPrograms) Close() error { + return _KmeshCgroupSockClose( + p.CgroupConnect4Prog, + p.ClusterManager, + p.FilterChainManager, + p.FilterManager, + p.RouteConfigManager, + ) +} + +func _KmeshCgroupSockClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshcgroupsock_bpfeb.o +var _KmeshCgroupSockBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfel.go new file mode 100644 index 000000000..24633e916 --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsock_bpfel.go @@ -0,0 +1,225 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build 386 || amd64 || arm || arm64 || loong64 || mips64le || mipsle || ppc64le || riscv64 + +package enhanced + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshCgroupSockBuf struct{ Data [40]int8 } + +type KmeshCgroupSockClusterSockData struct{ ClusterId uint32 } + +type KmeshCgroupSockKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshCgroupSockManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshCgroupSockSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshCgroupSock returns the embedded CollectionSpec for KmeshCgroupSock. +func LoadKmeshCgroupSock() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshCgroupSockBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshCgroupSock: %w", err) + } + + return spec, err +} + +// LoadKmeshCgroupSockObjects loads KmeshCgroupSock and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshCgroupSockObjects +// *KmeshCgroupSockPrograms +// *KmeshCgroupSockMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshCgroupSockObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshCgroupSock() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshCgroupSockSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockSpecs struct { + KmeshCgroupSockProgramSpecs + KmeshCgroupSockMapSpecs + KmeshCgroupSockVariableSpecs +} + +// KmeshCgroupSockProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockProgramSpecs struct { + CgroupConnect4Prog *ebpf.ProgramSpec `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` + FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` + FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` + RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` +} + +// KmeshCgroupSockMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockMapSpecs struct { + KmCgrptailcall *ebpf.MapSpec `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` + KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` + KmListener *ebpf.MapSpec `ebpf:"km_listener"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshCgroupSockVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockObjects struct { + KmeshCgroupSockPrograms + KmeshCgroupSockMaps + KmeshCgroupSockVariables +} + +func (o *KmeshCgroupSockObjects) Close() error { + return _KmeshCgroupSockClose( + &o.KmeshCgroupSockPrograms, + &o.KmeshCgroupSockMaps, + ) +} + +// KmeshCgroupSockMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockMaps struct { + KmCgrptailcall *ebpf.Map `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.Map `ebpf:"km_cluster"` + KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmEpsData *ebpf.Map `ebpf:"km_eps_data"` + KmListener *ebpf.Map `ebpf:"km_listener"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshCgroupSockMaps) Close() error { + return _KmeshCgroupSockClose( + m.KmCgrptailcall, + m.KmCluster, + m.KmClusterEps, + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmEpsData, + m.KmListener, + m.KmLogEvent, + m.KmMaglevOuter, + m.KmManage, + m.KmRouterconfig, + m.KmSockstorage, + m.KmTailcallCtx, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshCgroupSockVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockPrograms struct { + CgroupConnect4Prog *ebpf.Program `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.Program `ebpf:"cluster_manager"` + FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` + FilterManager *ebpf.Program `ebpf:"filter_manager"` + RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` +} + +func (p *KmeshCgroupSockPrograms) Close() error { + return _KmeshCgroupSockClose( + p.CgroupConnect4Prog, + p.ClusterManager, + p.FilterChainManager, + p.FilterManager, + p.RouteConfigManager, + ) +} + +func _KmeshCgroupSockClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshcgroupsock_bpfel.o +var _KmeshCgroupSockBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfeb.go new file mode 100644 index 000000000..44dffc05d --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfeb.go @@ -0,0 +1,225 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build mips || mips64 || ppc64 || s390x + +package enhanced + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshCgroupSockCompatBuf struct{ Data [40]int8 } + +type KmeshCgroupSockCompatClusterSockData struct{ ClusterId uint32 } + +type KmeshCgroupSockCompatKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshCgroupSockCompatManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshCgroupSockCompatSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshCgroupSockCompat returns the embedded CollectionSpec for KmeshCgroupSockCompat. +func LoadKmeshCgroupSockCompat() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshCgroupSockCompatBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshCgroupSockCompat: %w", err) + } + + return spec, err +} + +// LoadKmeshCgroupSockCompatObjects loads KmeshCgroupSockCompat and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshCgroupSockCompatObjects +// *KmeshCgroupSockCompatPrograms +// *KmeshCgroupSockCompatMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshCgroupSockCompatObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshCgroupSockCompat() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshCgroupSockCompatSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatSpecs struct { + KmeshCgroupSockCompatProgramSpecs + KmeshCgroupSockCompatMapSpecs + KmeshCgroupSockCompatVariableSpecs +} + +// KmeshCgroupSockCompatProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatProgramSpecs struct { + CgroupConnect4Prog *ebpf.ProgramSpec `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` + FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` + FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` + RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` +} + +// KmeshCgroupSockCompatMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatMapSpecs struct { + KmCgrptailcall *ebpf.MapSpec `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` + KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` + KmListener *ebpf.MapSpec `ebpf:"km_listener"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshCgroupSockCompatVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockCompatObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatObjects struct { + KmeshCgroupSockCompatPrograms + KmeshCgroupSockCompatMaps + KmeshCgroupSockCompatVariables +} + +func (o *KmeshCgroupSockCompatObjects) Close() error { + return _KmeshCgroupSockCompatClose( + &o.KmeshCgroupSockCompatPrograms, + &o.KmeshCgroupSockCompatMaps, + ) +} + +// KmeshCgroupSockCompatMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatMaps struct { + KmCgrptailcall *ebpf.Map `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.Map `ebpf:"km_cluster"` + KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmEpsData *ebpf.Map `ebpf:"km_eps_data"` + KmListener *ebpf.Map `ebpf:"km_listener"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshCgroupSockCompatMaps) Close() error { + return _KmeshCgroupSockCompatClose( + m.KmCgrptailcall, + m.KmCluster, + m.KmClusterEps, + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmEpsData, + m.KmListener, + m.KmLogEvent, + m.KmMaglevOuter, + m.KmManage, + m.KmRouterconfig, + m.KmSockstorage, + m.KmTailcallCtx, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshCgroupSockCompatVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockCompatPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatPrograms struct { + CgroupConnect4Prog *ebpf.Program `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.Program `ebpf:"cluster_manager"` + FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` + FilterManager *ebpf.Program `ebpf:"filter_manager"` + RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` +} + +func (p *KmeshCgroupSockCompatPrograms) Close() error { + return _KmeshCgroupSockCompatClose( + p.CgroupConnect4Prog, + p.ClusterManager, + p.FilterChainManager, + p.FilterManager, + p.RouteConfigManager, + ) +} + +func _KmeshCgroupSockCompatClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshcgroupsockcompat_bpfeb.o +var _KmeshCgroupSockCompatBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfel.go new file mode 100644 index 000000000..521e442e4 --- /dev/null +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshcgroupsockcompat_bpfel.go @@ -0,0 +1,225 @@ +// Code generated by bpf2go; DO NOT EDIT. +//go:build 386 || amd64 || arm || arm64 || loong64 || mips64le || mipsle || ppc64le || riscv64 + +package enhanced + +import ( + "bytes" + _ "embed" + "fmt" + "io" + + "github.com/cilium/ebpf" +) + +type KmeshCgroupSockCompatBuf struct{ Data [40]int8 } + +type KmeshCgroupSockCompatClusterSockData struct{ ClusterId uint32 } + +type KmeshCgroupSockCompatKmeshConfig struct { + BpfLogLevel uint32 + NodeIp [4]uint32 + PodGateway [4]uint32 + AuthzOffload uint32 + EnableMonitoring uint32 +} + +type KmeshCgroupSockCompatManagerKey struct { + NetnsCookie uint64 + _ [8]byte +} + +type KmeshCgroupSockCompatSockStorageData struct { + ConnectNs uint64 + Direction uint8 + ConnectSuccess uint8 + _ [6]byte +} + +// LoadKmeshCgroupSockCompat returns the embedded CollectionSpec for KmeshCgroupSockCompat. +func LoadKmeshCgroupSockCompat() (*ebpf.CollectionSpec, error) { + reader := bytes.NewReader(_KmeshCgroupSockCompatBytes) + spec, err := ebpf.LoadCollectionSpecFromReader(reader) + if err != nil { + return nil, fmt.Errorf("can't load KmeshCgroupSockCompat: %w", err) + } + + return spec, err +} + +// LoadKmeshCgroupSockCompatObjects loads KmeshCgroupSockCompat and converts it into a struct. +// +// The following types are suitable as obj argument: +// +// *KmeshCgroupSockCompatObjects +// *KmeshCgroupSockCompatPrograms +// *KmeshCgroupSockCompatMaps +// +// See ebpf.CollectionSpec.LoadAndAssign documentation for details. +func LoadKmeshCgroupSockCompatObjects(obj interface{}, opts *ebpf.CollectionOptions) error { + spec, err := LoadKmeshCgroupSockCompat() + if err != nil { + return err + } + + return spec.LoadAndAssign(obj, opts) +} + +// KmeshCgroupSockCompatSpecs contains maps and programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatSpecs struct { + KmeshCgroupSockCompatProgramSpecs + KmeshCgroupSockCompatMapSpecs + KmeshCgroupSockCompatVariableSpecs +} + +// KmeshCgroupSockCompatProgramSpecs contains programs before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatProgramSpecs struct { + CgroupConnect4Prog *ebpf.ProgramSpec `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` + FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` + FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` + RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` +} + +// KmeshCgroupSockCompatMapSpecs contains maps before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatMapSpecs struct { + KmCgrptailcall *ebpf.MapSpec `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` + KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` + KmListener *ebpf.MapSpec `ebpf:"km_listener"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshCgroupSockCompatVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshCgroupSockCompatVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockCompatObjects contains all objects after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatObjects struct { + KmeshCgroupSockCompatPrograms + KmeshCgroupSockCompatMaps + KmeshCgroupSockCompatVariables +} + +func (o *KmeshCgroupSockCompatObjects) Close() error { + return _KmeshCgroupSockCompatClose( + &o.KmeshCgroupSockCompatPrograms, + &o.KmeshCgroupSockCompatMaps, + ) +} + +// KmeshCgroupSockCompatMaps contains all maps after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatMaps struct { + KmCgrptailcall *ebpf.Map `ebpf:"km_cgrptailcall"` + KmCluster *ebpf.Map `ebpf:"km_cluster"` + KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmEpsData *ebpf.Map `ebpf:"km_eps_data"` + KmListener *ebpf.Map `ebpf:"km_listener"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` +} + +func (m *KmeshCgroupSockCompatMaps) Close() error { + return _KmeshCgroupSockCompatClose( + m.KmCgrptailcall, + m.KmCluster, + m.KmClusterEps, + m.KmClusterSock, + m.KmClusterstats, + m.KmConfigmap, + m.KmEpsData, + m.KmListener, + m.KmLogEvent, + m.KmMaglevOuter, + m.KmManage, + m.KmRouterconfig, + m.KmSockstorage, + m.KmTailcallCtx, + m.KmTmpbuf, + m.KmeshMap1600, + m.KmeshMap192, + m.KmeshMap296, + m.KmeshMap64, + ) +} + +// KmeshCgroupSockCompatVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + +// KmeshCgroupSockCompatPrograms contains all programs after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshCgroupSockCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshCgroupSockCompatPrograms struct { + CgroupConnect4Prog *ebpf.Program `ebpf:"cgroup_connect4_prog"` + ClusterManager *ebpf.Program `ebpf:"cluster_manager"` + FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` + FilterManager *ebpf.Program `ebpf:"filter_manager"` + RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` +} + +func (p *KmeshCgroupSockCompatPrograms) Close() error { + return _KmeshCgroupSockCompatClose( + p.CgroupConnect4Prog, + p.ClusterManager, + p.FilterChainManager, + p.FilterManager, + p.RouteConfigManager, + ) +} + +func _KmeshCgroupSockCompatClose(closers ...io.Closer) error { + for _, closer := range closers { + if err := closer.Close(); err != nil { + return err + } + } + return nil +} + +// Do not access this directly. +// +//go:embed kmeshcgroupsockcompat_bpfel.o +var _KmeshCgroupSockCompatBytes []byte diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfeb.go index 637e8e8e2..7727dc894 100644 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfeb.go +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfeb.go @@ -71,42 +71,38 @@ func LoadKmeshSockopsObjects(obj interface{}, opts *ebpf.CollectionOptions) erro type KmeshSockopsSpecs struct { KmeshSockopsProgramSpecs KmeshSockopsMapSpecs + KmeshSockopsVariableSpecs } -// KmeshSockopsSpecs contains programs before they are loaded into the kernel. +// KmeshSockopsProgramSpecs contains programs before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsProgramSpecs struct { - ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` - FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` - FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` - RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` - SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` } // KmeshSockopsMapSpecs contains maps before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsMapSpecs struct { - KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` - KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` - KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` - KmListener *ebpf.MapSpec `ebpf:"km_listener"` - KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` - KmManage *ebpf.MapSpec `ebpf:"km_manage"` - KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.MapSpec `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` } // KmeshSockopsObjects contains all objects after they have been loaded into the kernel. @@ -115,6 +111,7 @@ type KmeshSockopsMapSpecs struct { type KmeshSockopsObjects struct { KmeshSockopsPrograms KmeshSockopsMaps + KmeshSockopsVariables } func (o *KmeshSockopsObjects) Close() error { @@ -128,43 +125,27 @@ func (o *KmeshSockopsObjects) Close() error { // // It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsMaps struct { - KmCluster *ebpf.Map `ebpf:"km_cluster"` - KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.Map `ebpf:"km_configmap"` - KmEpsData *ebpf.Map `ebpf:"km_eps_data"` - KmListener *ebpf.Map `ebpf:"km_listener"` - KmLogEvent *ebpf.Map `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` - KmManage *ebpf.Map `ebpf:"km_manage"` - KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.Map `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` } func (m *KmeshSockopsMaps) Close() error { return _KmeshSockopsClose( - m.KmCluster, - m.KmClusterEps, m.KmClusterSock, m.KmClusterstats, m.KmConfigmap, - m.KmEpsData, - m.KmListener, m.KmLogEvent, - m.KmMaglevOuter, m.KmManage, - m.KmRouterconfig, - m.KmSkopstailcall, m.KmSockstorage, - m.KmTailcallCtx, m.KmTmpbuf, m.KmeshMap1600, m.KmeshMap192, @@ -173,23 +154,22 @@ func (m *KmeshSockopsMaps) Close() error { ) } +// KmeshSockopsVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + // KmeshSockopsPrograms contains all programs after they have been loaded into the kernel. // // It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsPrograms struct { - ClusterManager *ebpf.Program `ebpf:"cluster_manager"` - FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` - FilterManager *ebpf.Program `ebpf:"filter_manager"` - RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` - SockopsProg *ebpf.Program `ebpf:"sockops_prog"` + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` } func (p *KmeshSockopsPrograms) Close() error { return _KmeshSockopsClose( - p.ClusterManager, - p.FilterChainManager, - p.FilterManager, - p.RouteConfigManager, p.SockopsProg, ) } diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfel.go index 7366e1129..4603d056c 100644 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfel.go +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockops_bpfel.go @@ -71,42 +71,38 @@ func LoadKmeshSockopsObjects(obj interface{}, opts *ebpf.CollectionOptions) erro type KmeshSockopsSpecs struct { KmeshSockopsProgramSpecs KmeshSockopsMapSpecs + KmeshSockopsVariableSpecs } -// KmeshSockopsSpecs contains programs before they are loaded into the kernel. +// KmeshSockopsProgramSpecs contains programs before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsProgramSpecs struct { - ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` - FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` - FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` - RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` - SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` } // KmeshSockopsMapSpecs contains maps before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsMapSpecs struct { - KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` - KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` - KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` - KmListener *ebpf.MapSpec `ebpf:"km_listener"` - KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` - KmManage *ebpf.MapSpec `ebpf:"km_manage"` - KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.MapSpec `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` } // KmeshSockopsObjects contains all objects after they have been loaded into the kernel. @@ -115,6 +111,7 @@ type KmeshSockopsMapSpecs struct { type KmeshSockopsObjects struct { KmeshSockopsPrograms KmeshSockopsMaps + KmeshSockopsVariables } func (o *KmeshSockopsObjects) Close() error { @@ -128,43 +125,27 @@ func (o *KmeshSockopsObjects) Close() error { // // It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsMaps struct { - KmCluster *ebpf.Map `ebpf:"km_cluster"` - KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.Map `ebpf:"km_configmap"` - KmEpsData *ebpf.Map `ebpf:"km_eps_data"` - KmListener *ebpf.Map `ebpf:"km_listener"` - KmLogEvent *ebpf.Map `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` - KmManage *ebpf.Map `ebpf:"km_manage"` - KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.Map `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` } func (m *KmeshSockopsMaps) Close() error { return _KmeshSockopsClose( - m.KmCluster, - m.KmClusterEps, m.KmClusterSock, m.KmClusterstats, m.KmConfigmap, - m.KmEpsData, - m.KmListener, m.KmLogEvent, - m.KmMaglevOuter, m.KmManage, - m.KmRouterconfig, - m.KmSkopstailcall, m.KmSockstorage, - m.KmTailcallCtx, m.KmTmpbuf, m.KmeshMap1600, m.KmeshMap192, @@ -173,23 +154,22 @@ func (m *KmeshSockopsMaps) Close() error { ) } +// KmeshSockopsVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + // KmeshSockopsPrograms contains all programs after they have been loaded into the kernel. // // It can be passed to LoadKmeshSockopsObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsPrograms struct { - ClusterManager *ebpf.Program `ebpf:"cluster_manager"` - FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` - FilterManager *ebpf.Program `ebpf:"filter_manager"` - RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` - SockopsProg *ebpf.Program `ebpf:"sockops_prog"` + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` } func (p *KmeshSockopsPrograms) Close() error { return _KmeshSockopsClose( - p.ClusterManager, - p.FilterChainManager, - p.FilterManager, - p.RouteConfigManager, p.SockopsProg, ) } diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfeb.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfeb.go index 7f14ce64c..78206f912 100644 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfeb.go +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfeb.go @@ -71,42 +71,38 @@ func LoadKmeshSockopsCompatObjects(obj interface{}, opts *ebpf.CollectionOptions type KmeshSockopsCompatSpecs struct { KmeshSockopsCompatProgramSpecs KmeshSockopsCompatMapSpecs + KmeshSockopsCompatVariableSpecs } -// KmeshSockopsCompatSpecs contains programs before they are loaded into the kernel. +// KmeshSockopsCompatProgramSpecs contains programs before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsCompatProgramSpecs struct { - ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` - FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` - FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` - RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` - SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` } // KmeshSockopsCompatMapSpecs contains maps before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsCompatMapSpecs struct { - KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` - KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` - KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` - KmListener *ebpf.MapSpec `ebpf:"km_listener"` - KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` - KmManage *ebpf.MapSpec `ebpf:"km_manage"` - KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.MapSpec `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsCompatVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` } // KmeshSockopsCompatObjects contains all objects after they have been loaded into the kernel. @@ -115,6 +111,7 @@ type KmeshSockopsCompatMapSpecs struct { type KmeshSockopsCompatObjects struct { KmeshSockopsCompatPrograms KmeshSockopsCompatMaps + KmeshSockopsCompatVariables } func (o *KmeshSockopsCompatObjects) Close() error { @@ -128,43 +125,27 @@ func (o *KmeshSockopsCompatObjects) Close() error { // // It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsCompatMaps struct { - KmCluster *ebpf.Map `ebpf:"km_cluster"` - KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.Map `ebpf:"km_configmap"` - KmEpsData *ebpf.Map `ebpf:"km_eps_data"` - KmListener *ebpf.Map `ebpf:"km_listener"` - KmLogEvent *ebpf.Map `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` - KmManage *ebpf.Map `ebpf:"km_manage"` - KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.Map `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` } func (m *KmeshSockopsCompatMaps) Close() error { return _KmeshSockopsCompatClose( - m.KmCluster, - m.KmClusterEps, m.KmClusterSock, m.KmClusterstats, m.KmConfigmap, - m.KmEpsData, - m.KmListener, m.KmLogEvent, - m.KmMaglevOuter, m.KmManage, - m.KmRouterconfig, - m.KmSkopstailcall, m.KmSockstorage, - m.KmTailcallCtx, m.KmTmpbuf, m.KmeshMap1600, m.KmeshMap192, @@ -173,23 +154,22 @@ func (m *KmeshSockopsCompatMaps) Close() error { ) } +// KmeshSockopsCompatVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + // KmeshSockopsCompatPrograms contains all programs after they have been loaded into the kernel. // // It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsCompatPrograms struct { - ClusterManager *ebpf.Program `ebpf:"cluster_manager"` - FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` - FilterManager *ebpf.Program `ebpf:"filter_manager"` - RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` - SockopsProg *ebpf.Program `ebpf:"sockops_prog"` + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` } func (p *KmeshSockopsCompatPrograms) Close() error { return _KmeshSockopsCompatClose( - p.ClusterManager, - p.FilterChainManager, - p.FilterManager, - p.RouteConfigManager, p.SockopsProg, ) } diff --git a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfel.go b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfel.go index 8fa776acc..504cded68 100644 --- a/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfel.go +++ b/bpf/kmesh/bpf2go/kernelnative/enhanced/kmeshsockopscompat_bpfel.go @@ -71,42 +71,38 @@ func LoadKmeshSockopsCompatObjects(obj interface{}, opts *ebpf.CollectionOptions type KmeshSockopsCompatSpecs struct { KmeshSockopsCompatProgramSpecs KmeshSockopsCompatMapSpecs + KmeshSockopsCompatVariableSpecs } -// KmeshSockopsCompatSpecs contains programs before they are loaded into the kernel. +// KmeshSockopsCompatProgramSpecs contains programs before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsCompatProgramSpecs struct { - ClusterManager *ebpf.ProgramSpec `ebpf:"cluster_manager"` - FilterChainManager *ebpf.ProgramSpec `ebpf:"filter_chain_manager"` - FilterManager *ebpf.ProgramSpec `ebpf:"filter_manager"` - RouteConfigManager *ebpf.ProgramSpec `ebpf:"route_config_manager"` - SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` + SockopsProg *ebpf.ProgramSpec `ebpf:"sockops_prog"` } // KmeshSockopsCompatMapSpecs contains maps before they are loaded into the kernel. // // It can be passed ebpf.CollectionSpec.Assign. type KmeshSockopsCompatMapSpecs struct { - KmCluster *ebpf.MapSpec `ebpf:"km_cluster"` - KmClusterEps *ebpf.MapSpec `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` - KmEpsData *ebpf.MapSpec `ebpf:"km_eps_data"` - KmListener *ebpf.MapSpec `ebpf:"km_listener"` - KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.MapSpec `ebpf:"km_maglev_outer"` - KmManage *ebpf.MapSpec `ebpf:"km_manage"` - KmRouterconfig *ebpf.MapSpec `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.MapSpec `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.MapSpec `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.MapSpec `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.MapSpec `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.MapSpec `ebpf:"km_configmap"` + KmLogEvent *ebpf.MapSpec `ebpf:"km_log_event"` + KmManage *ebpf.MapSpec `ebpf:"km_manage"` + KmSockstorage *ebpf.MapSpec `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.MapSpec `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.MapSpec `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.MapSpec `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.MapSpec `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.MapSpec `ebpf:"kmesh_map64"` +} + +// KmeshSockopsCompatVariableSpecs contains global variables before they are loaded into the kernel. +// +// It can be passed ebpf.CollectionSpec.Assign. +type KmeshSockopsCompatVariableSpecs struct { + BpfLogLevel *ebpf.VariableSpec `ebpf:"bpf_log_level"` } // KmeshSockopsCompatObjects contains all objects after they have been loaded into the kernel. @@ -115,6 +111,7 @@ type KmeshSockopsCompatMapSpecs struct { type KmeshSockopsCompatObjects struct { KmeshSockopsCompatPrograms KmeshSockopsCompatMaps + KmeshSockopsCompatVariables } func (o *KmeshSockopsCompatObjects) Close() error { @@ -128,43 +125,27 @@ func (o *KmeshSockopsCompatObjects) Close() error { // // It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsCompatMaps struct { - KmCluster *ebpf.Map `ebpf:"km_cluster"` - KmClusterEps *ebpf.Map `ebpf:"km_cluster_eps"` - KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` - KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` - KmConfigmap *ebpf.Map `ebpf:"km_configmap"` - KmEpsData *ebpf.Map `ebpf:"km_eps_data"` - KmListener *ebpf.Map `ebpf:"km_listener"` - KmLogEvent *ebpf.Map `ebpf:"km_log_event"` - KmMaglevOuter *ebpf.Map `ebpf:"km_maglev_outer"` - KmManage *ebpf.Map `ebpf:"km_manage"` - KmRouterconfig *ebpf.Map `ebpf:"km_routerconfig"` - KmSkopstailcall *ebpf.Map `ebpf:"km_skopstailcall"` - KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` - KmTailcallCtx *ebpf.Map `ebpf:"km_tailcall_ctx"` - KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` - KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` - KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` - KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` - KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` + KmClusterSock *ebpf.Map `ebpf:"km_cluster_sock"` + KmClusterstats *ebpf.Map `ebpf:"km_clusterstats"` + KmConfigmap *ebpf.Map `ebpf:"km_configmap"` + KmLogEvent *ebpf.Map `ebpf:"km_log_event"` + KmManage *ebpf.Map `ebpf:"km_manage"` + KmSockstorage *ebpf.Map `ebpf:"km_sockstorage"` + KmTmpbuf *ebpf.Map `ebpf:"km_tmpbuf"` + KmeshMap1600 *ebpf.Map `ebpf:"kmesh_map1600"` + KmeshMap192 *ebpf.Map `ebpf:"kmesh_map192"` + KmeshMap296 *ebpf.Map `ebpf:"kmesh_map296"` + KmeshMap64 *ebpf.Map `ebpf:"kmesh_map64"` } func (m *KmeshSockopsCompatMaps) Close() error { return _KmeshSockopsCompatClose( - m.KmCluster, - m.KmClusterEps, m.KmClusterSock, m.KmClusterstats, m.KmConfigmap, - m.KmEpsData, - m.KmListener, m.KmLogEvent, - m.KmMaglevOuter, m.KmManage, - m.KmRouterconfig, - m.KmSkopstailcall, m.KmSockstorage, - m.KmTailcallCtx, m.KmTmpbuf, m.KmeshMap1600, m.KmeshMap192, @@ -173,23 +154,22 @@ func (m *KmeshSockopsCompatMaps) Close() error { ) } +// KmeshSockopsCompatVariables contains all global variables after they have been loaded into the kernel. +// +// It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. +type KmeshSockopsCompatVariables struct { + BpfLogLevel *ebpf.Variable `ebpf:"bpf_log_level"` +} + // KmeshSockopsCompatPrograms contains all programs after they have been loaded into the kernel. // // It can be passed to LoadKmeshSockopsCompatObjects or ebpf.CollectionSpec.LoadAndAssign. type KmeshSockopsCompatPrograms struct { - ClusterManager *ebpf.Program `ebpf:"cluster_manager"` - FilterChainManager *ebpf.Program `ebpf:"filter_chain_manager"` - FilterManager *ebpf.Program `ebpf:"filter_manager"` - RouteConfigManager *ebpf.Program `ebpf:"route_config_manager"` - SockopsProg *ebpf.Program `ebpf:"sockops_prog"` + SockopsProg *ebpf.Program `ebpf:"sockops_prog"` } func (p *KmeshSockopsCompatPrograms) Close() error { return _KmeshSockopsCompatClose( - p.ClusterManager, - p.FilterChainManager, - p.FilterManager, - p.RouteConfigManager, p.SockopsProg, ) } diff --git a/build/docker/builder.dockerfile b/build/docker/builder.dockerfile index c8f8b1c57..3b8774d74 100644 --- a/build/docker/builder.dockerfile +++ b/build/docker/builder.dockerfile @@ -5,10 +5,10 @@ # # base image -FROM openeuler/openeuler:23.09 +FROM openeuler/openeuler:24.03 # Setup Go -COPY --from=golang:1.23.2 /usr/local/go/ /usr/local/go/ +COPY --from=golang:latest /usr/local/go/ /usr/local/go/ RUN mkdir -p /go ENV GOROOT /usr/local/go ENV GOPATH /go diff --git a/build/docker/dockerfile b/build/docker/dockerfile index 7c865e10c..47d2fbf1b 100644 --- a/build/docker/dockerfile +++ b/build/docker/dockerfile @@ -1,7 +1,7 @@ # Usage: # docker run -itd --privileged=true -v /etc/cni/net.d:/etc/cni/net.d -v /opt/cni/bin:/opt/cni/bin -v /mnt:/mnt -v /sys/fs/bpf:/sys/fs/bpf -v /lib/modules:/lib/modules --name kmesh kmesh:latest # -FROM openeuler/openeuler:23.09 +FROM openeuler/openeuler:24.03 WORKDIR /kmesh diff --git a/config/kmesh_marcos_def.h b/config/kmesh_marcos_def.h index 4daf23236..4e66007ee 100644 --- a/config/kmesh_marcos_def.h +++ b/config/kmesh_marcos_def.h @@ -24,28 +24,6 @@ */ #define MDA_GID_UID_FILTER 1 -/* - * openEuler-23.03 is an innovative version of openEuler, in the early time, we - * developed kmesh based on openEuler-23.03, and the implementation of kmesh - * was related to the openEuler-23.03 kernel. Now, the general implementation - * of kmesh differs from the previous openEuler-23.03 version, so we need to - * use this macro to distinguish these differences. - * The main differences between the general implementation of kmesh and the - * openEuler-23.03 version are as follows: - * 1. Use replylong parameter instead of directly modifying the remote IP and Port; - * 2. Use bpf__strncmp instead of bpf_strncmp for string comparison; - * 3. Fix Port shift bug on openEuler-23.03.In the kernel network protocol - * stack, the port is stored in u16, but in the bpf network module, the port - * is stored in u32. Therefore, after the endian conversion, the 16-bit port - * needs to be obtained from the 32-bit data structure. - * You need to find the position of the valid 16 bits. Generally, after the - * port is extended from 16 bits to 32 bits, the port is in the upper 16 - * bits after the endian conversion. Therefore, you need to offset the port - * before using the u16 RX port. In some specific kernels, the port stored - * in sockops is in the lower 16 bits and does not need to be offset. - */ -#define OE_23_03 0 - /* * in kernel 6.x version, add the new iter type ITER_UBUF, and we need add code * for the corresponding scenarios. @@ -68,3 +46,8 @@ * is enabled accordingly. * */ #define LIBBPF_HIGHER_0_6_0_VERSION 0 + +/* + * Determine whether the current kernel version supports the use of kfunc. + */ +#define KERNEL_KFUNC 0 \ No newline at end of file diff --git a/kernel/ko_src/kmesh/Makefile b/kernel/ko_src/kmesh/Makefile index 264a37b80..c61a97906 100644 --- a/kernel/ko_src/kmesh/Makefile +++ b/kernel/ko_src/kmesh/Makefile @@ -10,7 +10,7 @@ obj-m := kmesh.o kmesh-objs = kmesh_main.o defer_connect.o \ kmesh_parse_protocol_data.o \ - kmesh_parse_http_1_1.o + kmesh_parse_http_1_1.o kmesh_func.o KERNELDIR ?= /lib/modules/$(shell uname -r)/build PWD := $(shell pwd) diff --git a/kernel/ko_src/kmesh/defer_connect.c b/kernel/ko_src/kmesh/defer_connect.c index 412419b7d..a5e86cbd4 100644 --- a/kernel/ko_src/kmesh/defer_connect.c +++ b/kernel/ko_src/kmesh/defer_connect.c @@ -1,7 +1,6 @@ // SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) /* Copyright Authors of Kmesh */ -#include "../../../config/kmesh_marcos_def.h" #include #include #include @@ -21,9 +20,24 @@ #include "defer_connect.h" static struct proto *kmesh_defer_proto = NULL; -#define KMESH_DELAY_ERROR -1000 -#define BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, uaddr, t_ctx) \ +#ifdef KERNEL_KFUNC +#define BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, uaddr, uaddrlen, t_ctx) \ + ({ \ + int __ret = -1; \ + if (t_ctx == NULL) { \ + __ret = -EINVAL; \ + } else { \ + __ret = __cgroup_bpf_run_filter_sock_addr(sk, uaddr, uaddrlen, CGROUP_INET4_CONNECT, t_ctx, NULL); \ + } \ + __ret; \ + }) + +#define SET_FDEFER_CONNECT_ON(sk) (inet_set_bit(DEFER_CONNECT, sk)) +#define SET_FDEFER_CONNECT_OFF(sk) (inet_clear_bit(DEFER_CONNECT, sk)) +#define IS_DEFER_CONNECT(sk) (inet_test_bit(DEFER_CONNECT, sk)) +#else +#define BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, uaddr, uaddrlen, t_ctx) \ ({ \ int __ret = -1; \ if (t_ctx == NULL) { \ @@ -34,6 +48,11 @@ static struct proto *kmesh_defer_proto = NULL; __ret; \ }) +#define SET_FDEFER_CONNECT_ON(sk) (inet_sk(sk)->defer_connect = 1) +#define SET_FDEFER_CONNECT_OFF(sk) (inet_sk(sk)->defer_connect = 0) +#define IS_DEFER_CONNECT(sk) (inet_sk(sk)->defer_connect == 1) +#endif + static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) { struct bpf_mem_ptr tmpMem = {0}; @@ -43,6 +62,7 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) const struct iovec *iov; struct bpf_sock_addr_kern sock_addr; struct sockaddr_in uaddr; + int uaddrlen = sizeof(struct sockaddr_in); void __user *ubase; int err; u32 dport, daddr; @@ -54,7 +74,11 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) ubase = iov->iov_base; kbuf_size = iov->iov_len; } else if (iter_is_iovec(&msg->msg_iter)) { +#ifdef KERNEL_KFUNC + iov = msg->msg_iter.__iov; +#else iov = msg->msg_iter.iov; +#endif ubase = iov->iov_base; kbuf_size = iov->iov_len; #if ITER_TYPE_IS_UBUF @@ -79,31 +103,11 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) tmpMem.size = kbuf_size; tmpMem.ptr = kbuf; -#if OE_23_03 - tcp_call_bpf_3arg( - sk, - BPF_SOCK_OPS_TCP_DEFER_CONNECT_CB, - ((u64)(&tmpMem) & U32_MAX), - (((u64)(&tmpMem) >> 32) & U32_MAX), - kbuf_size); - daddr = sk->sk_daddr; - dport = sk->sk_dport; - - // daddr == 0 && dport == 0 are special flags meaning the circuit breaker is open - // Should reject connection here - if (daddr == 0 && dport == 0) { - tcp_set_state(sk, TCP_CLOSE); - sk->sk_route_caps = 0; - inet_sk(sk)->inet_dport = 0; - err = -1; - goto out; - } -#else uaddr.sin_family = AF_INET; uaddr.sin_addr.s_addr = daddr; uaddr.sin_port = dport; - err = BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, (struct sockaddr *)&uaddr, &tmpMem); -#endif + err = BPF_CGROUP_RUN_PROG_INET4_CONNECT_KMESH(sk, (struct sockaddr *)&uaddr, &uaddrlen, &tmpMem); + connect: err = sk->sk_prot->connect(sk, (struct sockaddr *)&uaddr, sizeof(struct sockaddr_in)); if (unlikely(err)) { @@ -113,7 +117,7 @@ static int defer_connect(struct sock *sk, struct msghdr *msg, size_t size) inet_sk(sk)->inet_dport = 0; goto out; } - inet_sk(sk)->defer_connect = 0; + SET_FDEFER_CONNECT_OFF(sk); if ((((__u32)1 << sk->sk_state) & ~(__u32)(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) && !tcp_passive_fastopen(sk)) { sk_stream_wait_connect(sk, &timeo); @@ -128,7 +132,7 @@ static int defer_connect_and_sendmsg(struct sock *sk, struct msghdr *msg, size_t struct socket *sock; int err = 0; - if (unlikely(inet_sk(sk)->defer_connect == 1)) { + if (unlikely(IS_DEFER_CONNECT(sk))) { lock_sock(sk); err = defer_connect(sk, msg, size); @@ -163,9 +167,9 @@ static int defer_tcp_connect(struct sock *sk, struct sockaddr *uaddr, int addr_l * of defer_connect should be 1 and the normal connect function * needs to be used. */ - if (inet_sk(sk)->defer_connect) + if (IS_DEFER_CONNECT(sk)) return tcp_v4_connect(sk, uaddr, addr_len); - inet_sk(sk)->defer_connect = 1; + SET_FDEFER_CONNECT_ON(sk); sk->sk_dport = ((struct sockaddr_in *)uaddr)->sin_port; sk_daddr_set(sk, ((struct sockaddr_in *)uaddr)->sin_addr.s_addr); sk->sk_socket->state = SS_CONNECTING; diff --git a/kernel/ko_src/kmesh/kmesh_func.c b/kernel/ko_src/kmesh/kmesh_func.c new file mode 100644 index 000000000..47c693d8e --- /dev/null +++ b/kernel/ko_src/kmesh/kmesh_func.c @@ -0,0 +1,142 @@ +// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +/* Copyright Authors of Kmesh */ +#include +#include +#include +#include +#include +#include +#include +#include +#include "kmesh_func.h" + +#ifdef KERNEL_KFUNC +__diag_push(); +__diag_ignore_all("-Wmissing-prototypes", "Global functions as their definitions will be in BTF"); + +__bpf_kfunc int bpf_km_header_strnstr_func(void *ctx, int ctx__sz, const char *key, int key__sz, const char *subptr) +{ + struct bpf_sock_addr_kern *sa_kern = ctx; + int subptr__sz = 5; + return bpf_km_header_strnstr_impl(ctx, key, key__sz, subptr, subptr__sz); +} + +__bpf_kfunc int bpf_km_header_strncmp_func(const char *key, int key_sz, const char *target, int target_len, int opt) +{ + return bpf_km_header_strncmp_impl(key, key_sz, target, target_len, opt); +} + +__bpf_kfunc int bpf_parse_header_msg_func(void *bpf_mem, int src__sz) +{ + struct bpf_mem_ptr *tmp = bpf_mem; + struct bpf_sock_addr_kern *ctx = tmp->ptr; + return parse_protocol_impl(ctx); +} + +__bpf_kfunc int bpf_setsockopt_func(void *bpf_mem, int bpf_socket__sz, int optname, const char *optval, int optval__sz) +{ + struct bpf_mem_ptr *tmp = bpf_mem; + struct bpf_sock_addr_kern *ctx = tmp->ptr; + struct sock *sk = ctx->sk; + int ret = 0; + + if (sk == NULL) { + LOG(KERN_ERR, "sk is NULL\n"); + return -1; + } + return tcp_setsockopt(sk, SOL_TCP, optname, KERNEL_SOCKPTR(optval), optval__sz); +} + +__bpf_kfunc int bpf_getsockopt_func(void *bpf_mem, int bpf_socket__sz, int optname, char *opt, int opt__sz) +{ + struct bpf_mem_ptr *tmp = bpf_mem; + struct bpf_sock_addr_kern *ctx = tmp->ptr; + struct sock *sk = ctx->sk; + + struct inet_connection_sock *icsk = inet_csk(sk); + struct tcp_sock *tp = tcp_sk(sk); + struct net *net = sock_net(sk); + int val, len; + + sockptr_t optval = KERNEL_SOCKPTR(opt); + sockptr_t optlen = KERNEL_SOCKPTR(&opt__sz); + + if (copy_from_sockptr(&len, optlen, sizeof(int))) + return -EFAULT; + + if (len < 0) + return -EINVAL; + + len = min_t(unsigned int, len, TCP_ULP_NAME_MAX); + if (!icsk->icsk_ulp_ops) { + len = 0; + if (copy_to_sockptr(optlen, &len, sizeof(int))) + return -EFAULT; + return -EINVAL; + } + if (copy_to_sockptr(optlen, &len, sizeof(int))) + return -EFAULT; + if (copy_to_sockptr(optval, icsk->icsk_ulp_ops->name, len)) + return -EFAULT; + return 0; +} + +__diag_pop(); + +BTF_SET8_START(bpf_kmesh_kfunc) +BTF_ID_FLAGS(func, bpf_km_header_strnstr_func) +BTF_ID_FLAGS(func, bpf_km_header_strncmp_func) +BTF_ID_FLAGS(func, bpf_parse_header_msg_func) +BTF_ID_FLAGS(func, bpf_setsockopt_func) +BTF_ID_FLAGS(func, bpf_getsockopt_func) +BTF_SET8_END(bpf_kmesh_kfunc) + +static const struct btf_kfunc_id_set bpf_kmesh_kfunc_set = { + .owner = THIS_MODULE, + .set = &bpf_kmesh_kfunc, +}; + +int __init kmesh_func_init(void) +{ + int ret; + ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_UNSPEC, &bpf_kmesh_kfunc_set); + if (ret < 0) { + pr_err("ret is not zero:%d\n", ret); + return ret; + } + return 0; +} + +void __exit kmesh_func_exit(void) +{ + return; +} + +#else +typedef int (*bpf_parse_protocol_func)(struct bpf_sock_addr_kern *ctx); +extern bpf_parse_protocol_func parse_protocol_func; + +typedef int (*bpf_km_header_strnstr_func)( + struct bpf_sock_addr_kern *ctx, const char *key, int key_sz, const char *subptr, int subptr_sz); +extern bpf_km_header_strnstr_func km_header_strnstr_func; + +typedef int (*bpf_km_header_strncmp_func)(const char *key, int key_sz, const char *target, int target_sz, int opt); +extern bpf_km_header_strncmp_func km_header_strncmp_func; + +int __init kmesh_func_init(void) +{ + parse_protocol_func = parse_protocol_impl; + km_header_strnstr_func = bpf_km_header_strnstr_impl; + km_header_strncmp_func = bpf_km_header_strncmp_impl; + return 0; +} + +void __exit kmesh_func_exit(void) +{ + parse_protocol_func = NULL; + km_header_strnstr_func = NULL; + km_header_strncmp_func = NULL; +} + +#endif +MODULE_LICENSE("Dual BSD/GPL"); diff --git a/kernel/ko_src/kmesh/kmesh_func.h b/kernel/ko_src/kmesh/kmesh_func.h new file mode 100644 index 000000000..e6bf33f5f --- /dev/null +++ b/kernel/ko_src/kmesh/kmesh_func.h @@ -0,0 +1,6 @@ +// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +/* Copyright Authors of Kmesh */ +#include "kmesh_parse_protocol_data.h" + +int __init kmesh_func_init(void); +void __exit kmesh_func_exit(void); diff --git a/kernel/ko_src/kmesh/kmesh_main.c b/kernel/ko_src/kmesh/kmesh_main.c index 7a7ba332e..c58804ba3 100644 --- a/kernel/ko_src/kmesh/kmesh_main.c +++ b/kernel/ko_src/kmesh/kmesh_main.c @@ -13,6 +13,7 @@ #include "defer_connect.h" #include "kmesh_parse_protocol_data.h" #include "kmesh_parse_http_1_1.h" +#include "kmesh_func.h" static int __init kmesh_init(void) { @@ -23,7 +24,7 @@ static int __init kmesh_init(void) LOG(KERN_ERR, "defer_conn_init failed:%d\n", ret); return ret; } - + kmesh_func_init(); ret = proto_common_init(); if (ret) { LOG(KERN_ERR, "proto_common_init failed:%d\n", ret); @@ -37,6 +38,7 @@ static int __init kmesh_init(void) static void __exit kmesh_exit(void) { defer_conn_exit(); + kmesh_func_exit(); proto_common_exit(); } diff --git a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c index cc2a831aa..e3c5e9ae8 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c +++ b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.c @@ -118,17 +118,7 @@ void kmesh_protocol_data_clean_allcpu(void) } } -typedef int (*bpf_parse_protocol_func)(struct bpf_sock_addr_kern *ctx); -extern bpf_parse_protocol_func parse_protocol_func; - -typedef int (*bpf_km_header_strnstr_func)( - struct bpf_sock_addr_kern *ctx, const char *key, int key_sz, const char *subptr, int subptr_sz); -extern bpf_km_header_strnstr_func km_header_strnstr_func; - -typedef int (*bpf_km_header_strncmp_func)(const char *key, int key_sz, const char *target, int target_sz, int opt); -extern bpf_km_header_strncmp_func km_header_strncmp_func; - -static int parse_protocol_impl(struct bpf_sock_addr_kern *ctx) +int parse_protocol_impl(struct bpf_sock_addr_kern *ctx) { int ret; struct msg_protocol *cur; @@ -144,7 +134,7 @@ static int parse_protocol_impl(struct bpf_sock_addr_kern *ctx) return ret; } -static int bpf_km_header_strnstr_impl( +int bpf_km_header_strnstr_impl( struct bpf_sock_addr_kern *ctx, const char *key, int key_sz, const char *subptr, int subptr_len) { struct bpf_mem_ptr *msg = NULL; @@ -159,7 +149,7 @@ static int bpf_km_header_strnstr_impl( return 0; } -static int bpf_km_header_strncmp_impl(const char *key, int key_sz, const char *target, int target_len, int opt) +int bpf_km_header_strncmp_impl(const char *key, int key_sz, const char *target, int target_len, int opt) { struct kmesh_data_node *data = NULL; target_len = strnlen(target, target_len); @@ -179,9 +169,6 @@ static int bpf_km_header_strncmp_impl(const char *key, int key_sz, const char *t int __init proto_common_init(void) { - parse_protocol_func = parse_protocol_impl; - km_header_strnstr_func = bpf_km_header_strnstr_impl; - km_header_strncmp_func = bpf_km_header_strncmp_impl; /* add protocol list */ g_kmesh_data_root = alloc_percpu(struct rb_root); if (!g_kmesh_data_root) @@ -191,9 +178,6 @@ int __init proto_common_init(void) void __exit proto_common_exit(void) { - parse_protocol_func = NULL; - km_header_strnstr_func = NULL; - km_header_strncmp_func = NULL; kmesh_protocol_data_clean_allcpu(); free_percpu(g_kmesh_data_root); } diff --git a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h index 20c8c86b3..d13fd2fa1 100644 --- a/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h +++ b/kernel/ko_src/kmesh/kmesh_parse_protocol_data.h @@ -8,6 +8,7 @@ #ifndef KMESH_PARSE_PROTOCOL_DATA #define KMESH_PARSE_PROTOCOL_DATA +#include "../../../config/kmesh_marcos_def.h" #include #include #include @@ -59,6 +60,11 @@ void kmesh_protocol_data_clean_all(void); void kmesh_protocol_data_clean_allcpu(void); +int bpf_km_header_strnstr_impl( + struct bpf_sock_addr_kern *ctx, const char *key, int key_sz, const char *subptr, int subptr_len); +int bpf_km_header_strncmp_impl(const char *key, int key_sz, const char *target, int target_len, int opt); +int parse_protocol_impl(struct bpf_sock_addr_kern *ctx); + int __init proto_common_init(void); void __exit proto_common_exit(void); diff --git a/kmesh_compile_env_pre.sh b/kmesh_compile_env_pre.sh index 523c97b9c..443204ab5 100644 --- a/kmesh_compile_env_pre.sh +++ b/kmesh_compile_env_pre.sh @@ -110,6 +110,7 @@ function kmesh_set_env(){ } function set_enhanced_kernel_env() { + # we use /usr/include/linux/bpf.h to determine the runtime environment’s # support for kmesh. Considering the case of online image compilation, a # variable KERNEL_HEADER_LINUX_BPF is used here to specify the path of the @@ -123,7 +124,10 @@ function set_enhanced_kernel_env() { export KERNEL_HEADER_LINUX_BPF=/usr/include/linux/bpf.h fi - if grep -q "FN(parse_header_msg)" $KERNEL_HEADER_LINUX_BPF; then + # The 6.x Linux kernel already has complete support for kfunc capabilities, + # allowing all features of kmesh to run directly. + KERNEL_MAJOR=$(uname -r | awk -F '.' '{print $1}') + if grep -q "FN(parse_header_msg)" $KERNEL_HEADER_LINUX_BPF || [ $KERNEL_MAJOR -ge 6 ]; then export ENHANCED_KERNEL="enhanced" else export ENHANCED_KERNEL="normal" diff --git a/kmesh_macros_env.sh b/kmesh_macros_env.sh index 2f7a94762..1963f99aa 100644 --- a/kmesh_macros_env.sh +++ b/kmesh_macros_env.sh @@ -28,13 +28,6 @@ else set_config MDA_GID_UID_FILTER 0 fi -# OE_23_03 -if (uname -r | grep oe2303); then - set_config OE_23_03 1 -else - set_config OE_23_03 0 -fi - # ITER_TYPE_IS_UBUF if [ "$VERSION" -ge 6 ]; then set_config ITER_TYPE_IS_UBUF 1 @@ -61,3 +54,11 @@ if [[ "$LIBBPF_VERSION" < "0.6.0" ]]; then else set_config LIBBPF_HIGHER_0_6_0_VERSION 1 fi + +# KERNEL_KFUNC +if [ "$VERSION" -ge 6 ]; then + set_config ENHANCED_KERNEL 1 + set_config KERNEL_KFUNC 1 +else + set_config KERNEL_KFUNC 0 +fi \ No newline at end of file diff --git a/oncn-mda/include/mesh_accelerate.h b/oncn-mda/include/mesh_accelerate.h index 39aeca01a..2d9710c5f 100644 --- a/oncn-mda/include/mesh_accelerate.h +++ b/oncn-mda/include/mesh_accelerate.h @@ -20,15 +20,9 @@ enum bpf_loglevel { BPF_LOG_DEBUG, }; -#define BPF_LOGLEVEL BPF_LOG_ERROR - -#if OE_23_03 -#define GET_SKOPS_REMOTE_PORT(sk_ops) (__u16)((sk_ops)->remote_port) -#else +#define BPF_LOGLEVEL BPF_LOG_ERROR #define GET_SKOPS_REMOTE_PORT(sk_ops) (__u16)((sk_ops)->remote_port >> 16) -#endif - -#define GET_SKOPS_LOCAL_PORT(sk_ops) (__u16)((sk_ops)->local_port) +#define GET_SKOPS_LOCAL_PORT(sk_ops) (__u16)((sk_ops)->local_port) #ifndef bpf_printk #define bpf_printk(fmt, ...) \ From 033decac52e2570081219818953f87f81cf46f74 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Sat, 15 Mar 2025 03:53:57 +0800 Subject: [PATCH 27/28] fix ko make Signed-off-by: lec-bit --- .github/workflows/main.yml | 5 +++-- hack/golangci-lint-prepare.sh | 6 +++++- kernel/ko_src/Makefile | 4 +++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0fba1bba2..7f48df0db 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -41,6 +41,7 @@ jobs: run: | sudo env "PATH=$PATH" bash ./build.sh + # The kernel version of Ubuntu 22.04 is 6.8, so the access control check is enhanced by default. - name: Setup Enviroments run: | echo "PKG_CONFIG_PATH=$GITHUB_WORKSPACE/mk" >> $GITHUB_ENV @@ -54,12 +55,12 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v3.7.0 with: - args: "--config=common/config/.golangci.yaml --out-format colored-line-number" + args: "--build-tags=enhanced --config=common/config/.golangci.yaml --out-format colored-line-number" skip-pkg-cache: true - name: Go Test run: | - sudo env LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib:$GITHUB_WORKSPACE/api/v2-c:$GITHUB_WORKSPACE/bpf/deserialization_to_bpf_map PKG_CONFIG_PATH=$GITHUB_WORKSPACE/mk go test -race -v -vet=off -coverprofile=coverage.out ./pkg/... + sudo env LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib:$GITHUB_WORKSPACE/api/v2-c:$GITHUB_WORKSPACE/bpf/deserialization_to_bpf_map PKG_CONFIG_PATH=$GITHUB_WORKSPACE/mk go test -tags=enhanced -race -v -vet=off -coverprofile=coverage.out ./pkg/... - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v4 diff --git a/hack/golangci-lint-prepare.sh b/hack/golangci-lint-prepare.sh index c602f41e0..c7ed3a7a4 100755 --- a/hack/golangci-lint-prepare.sh +++ b/hack/golangci-lint-prepare.sh @@ -1,13 +1,17 @@ #!/bin/bash ROOT_DIR=$(git rev-parse --show-toplevel) -TARGET_DIR="$ROOT_DIR/bpf/kmesh/bpf2go/kernelnative/enhanced" +TARGET_DIR="$ROOT_DIR/bpf/kmesh/bpf2go/kernelnative/normal" FILES=( "kmeshsockops_bpfel.o" "kmeshsockops_bpfeb.o" "kmeshsockopscompat_bpfeb.o" "kmeshsockopscompat_bpfel.o" + "kmeshcgroupsock_bpfeb.o" + "kmeshcgroupsock_bpfel.o" + "kmeshcgroupsockcompat_bpfeb.o" + "kmeshcgroupsockcompat_bpfel.o" ) mkdir -p "$TARGET_DIR" diff --git a/kernel/ko_src/Makefile b/kernel/ko_src/Makefile index 580555f43..6281f68e5 100644 --- a/kernel/ko_src/Makefile +++ b/kernel/ko_src/Makefile @@ -2,8 +2,10 @@ CURRENT_PATH := $(shell pwd) DIRS := $(shell find $(CURRENT_PATH) -maxdepth 1 -type d) BASE_DIRS := $(basename $(patsubst $(CURRENT_PATH)/%, %, $(DIRS))) BASE_DIRS := $(filter-out $(CURRENT_PATH), $(BASE_DIRS)) +CONFIG_FILE := ../../config/kmesh_marcos_def.h +ENHANCED_KERNEL := $(shell grep -q "#define ENHANCED_KERNEL 1" $(CONFIG_FILE) && echo yes || echo no) -ifeq ($(ENHANCED_KERNEL), enhanced) +ifeq ($(ENHANCED_KERNEL), yes) all: @for dir in ${BASE_DIRS}; do \ make -C $(CURRENT_PATH)/$$dir; \ From 6a42a8d68fe0ec9611d310bfdff1b00b98527f45 Mon Sep 17 00:00:00 2001 From: lec-bit Date: Tue, 18 Mar 2025 10:57:00 +0800 Subject: [PATCH 28/28] test Signed-off-by: lec-bit --- build.sh | 1 + kmesh_compile.sh | 9 +++++++++ kmesh_compile_env_pre.sh | 9 +++++++++ 3 files changed, 19 insertions(+) diff --git a/build.sh b/build.sh index ed9c5dea4..dff6c992c 100755 --- a/build.sh +++ b/build.sh @@ -45,6 +45,7 @@ fi if [ -z "$1" -o "$1" == "-b" -o "$1" == "--build" ]; then prepare make + readelf -a kernel/ko_src/kmesh/kmesh.ko | grep "string table" exit fi diff --git a/kmesh_compile.sh b/kmesh_compile.sh index 5e2ec3798..dcdc2b86f 100755 --- a/kmesh_compile.sh +++ b/kmesh_compile.sh @@ -4,6 +4,15 @@ ROOT_DIR=$(git rev-parse --show-toplevel) . $ROOT_DIR/hack/utils.sh +uname -a +grep CONFIG_DEBUG_INFO_BTF /boot/config-$(uname -r) +ls /boot +ls /sys/kernel/btf +ls /sys/kernel/btf/vmlinux +bpftool feature probe kernel | grep -E BTF + +echo "Building kmesh kernel module" + bash kmesh_macros_env_kernel.sh make kmesh-ko container_id=$(run_docker_container) diff --git a/kmesh_compile_env_pre.sh b/kmesh_compile_env_pre.sh index 443204ab5..0b2d5b024 100644 --- a/kmesh_compile_env_pre.sh +++ b/kmesh_compile_env_pre.sh @@ -124,6 +124,15 @@ function set_enhanced_kernel_env() { export KERNEL_HEADER_LINUX_BPF=/usr/include/linux/bpf.h fi + uname -a + grep CONFIG_DEBUG_INFO_BTF /boot/config-$(uname -r) + ll /sys/kernel/btf/vmlinux + lsmod | grep sha + ls /boot + ls /sys/kernel/btf + ls /sys/kernel/btf/vmlinux + bpftool feature probe kernel | grep -E BTF + # The 6.x Linux kernel already has complete support for kfunc capabilities, # allowing all features of kmesh to run directly. KERNEL_MAJOR=$(uname -r | awk -F '.' '{print $1}')