Merge branch 'linuxkerneltravel:develop' into develop

.github/workflows/ebpf_stack_analyser.yml

@@ -23,7 +23,7 @@ jobs:
 
       - name: Install native lib dependencies
         run: |
-          git submodule update --init --recursive eBPF_Supermarket/Stack_Analyser/ MagicEyes/
+          git submodule update --init --recursive eBPF_Supermarket/lib/ MagicEyes/
           sudo apt install clang libelf1 libelf-dev zlib1g-dev
         
       - name: Compile test examples

.gitmodules

@@ -46,9 +46,6 @@
 [submodule "eBPF_Supermarket/CPU_Subsystem/libbpf"]
 	path = eBPF_Supermarket/CPU_Subsystem/libbpf
 	url = https://github.com/libbpf/libbpf.git
-[submodule "eBPF_Supermarket/Stack_Analyser/libbpf-bootstrap"]
-	path = eBPF_Supermarket/Stack_Analyser/libbpf-bootstrap
-	url = https://github.com/libbpf/libbpf-bootstrap.git
 [submodule "eBPF_Supermarket/Network_Subsystem/net_manager/lib/libbpf"]
 	path = eBPF_Supermarket/Network_Subsystem/net_manager/lib/libbpf
 	url = https://github.com/libbpf/libbpf.git

eBPF_Supermarket/Network_Subsystem/net_watcher/common.bpf.h

@@ -227,10 +227,18 @@ struct {
 const volatile int filter_dport = 0;
 const volatile int filter_sport = 0;
 const volatile int all_conn = 0, err_packet = 0, extra_conn_info = 0,
-                   layer_time = 0, http_info = 0, retrans_info = 0, udp_info =0,net_filter = 0,drop_reason = 0,icmp_info = 0 ,tcp_info = 0 ,dns_info = 0;
+                   layer_time = 0, http_info = 0, retrans_info = 0, udp_info =0,net_filter = 0,
+                   drop_reason = 0,icmp_info = 0 ,tcp_info = 0 ,dns_info = 0 ,stack_info = 0;
 
 /* help macro */
 
+#define FILTER                                          \
+    if(filter_dport&&filter_dport!= pkt_tuple.dport)    \
+        return 0;                                       \
+    if(filter_sport&&filter_sport!= pkt_tuple.sport)    \
+        return 0;                                       \
+
+
 // 连接的目标端口是否匹配于filter_dport的值
 #define FILTER_DPORT                                                           \
     if (filter_dport) {                                                        \

eBPF_Supermarket/Network_Subsystem/net_watcher/drop.bpf.h

@@ -42,6 +42,7 @@ int __tp_kfree(struct trace_event_raw_kfree_skb *ctx)
     message->location = (long)ctx->location;
     message->drop_reason = ctx->reason;
     bpf_ringbuf_submit(message,0);
-    getstack(ctx);
+    if(stack_info)
+        getstack(ctx);
     return 0;
 } 

eBPF_Supermarket/Network_Subsystem/net_watcher/netfilter.bpf.h

@@ -22,7 +22,7 @@ int submit_nf_time(struct packet_tuple pkt_tuple, struct filtertime *tinfo, int
 {
     int time =0;                                     
     struct netfilter *message;
-
+    FILTER
     message = bpf_ringbuf_reserve(&netfilter_rb, sizeof(*message), 0);
     if(!message){
         return 0;
@@ -116,7 +116,6 @@ int store_nf_time(struct sk_buff *skb, int hook)
             return 0;
         }
     }                
-
     tinfo->time[hook] = bpf_ktime_get_ns() / 1000;
     if(hook == e_ip_local_deliver_finish){
         submit_nf_time(tinfo->init, tinfo, 1);

eBPF_Supermarket/Network_Subsystem/net_watcher/netwatcher.c

@@ -43,7 +43,7 @@ static int sport = 0, dport = 0; // for filter
 static int all_conn = 0, err_packet = 0, extra_conn_info = 0, layer_time = 0,
            http_info = 0, retrans_info = 0, udp_info = 0, net_filter = 0,
            drop_reason = 0, addr_to_func = 0, icmp_info = 0, tcp_info = 0,
-           time_load = 0, dns_info = 0; // flag
+           time_load = 0, dns_info = 0, stack_info=0; // flag
 
 static const char *tcp_states[] = {
     [1] = "ESTABLISHED", [2] = "SYN_SENT",   [3] = "SYN_RECV",
@@ -75,6 +75,7 @@ static const struct argp_option opts[] = {
      "set to trace dns information info include Id 事务ID、Flags 标志字段、Qd "
      "问题部分计数、An 应答记录计数、Ns 授权记录计数、Ar 附加记录计数、Qr "
      "域名、rx 收发包 "},
+    {"stack", 'A', 0, 0, "set to trace of stack "},
     {}};
 
 static error_t parse_arg(int key, char *arg, struct argp_state *state) {
@@ -128,6 +129,9 @@ static error_t parse_arg(int key, char *arg, struct argp_state *state) {
     case 'D':
         dns_info = 1;
         break;
+    case 'A':
+        stack_info = 1;
+        break;
     default:
         return ARGP_ERR_UNKNOWN;
     }
@@ -364,6 +368,7 @@ static void set_rodata_flags(struct netwatcher_bpf *skel) {
     skel->rodata->tcp_info = tcp_info;
     skel->rodata->icmp_info = icmp_info;
     skel->rodata->dns_info = dns_info;
+    skel->rodata->stack_info = stack_info;
 }
 static void set_disable_load(struct netwatcher_bpf *skel) {
 
@@ -506,61 +511,68 @@ static void print_header(enum MonitorMode mode) {
                "UDP "
                "INFORMATION===================================================="
                "====\n");
-        printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s\n", "saddr", "daddr",
-               "sprot", "dprot", "udp_time/μs", "rx/direction", "len/byte");
+        printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s\n", "Saddr", "Daddr",
+               "Sprot", "Dprot", "udp_time/μs", "RX/direction", "len/byte");
         break;
     case MODE_NET_FILTER:
         printf("==============================================================="
-               "===NET FILTER "
+               "===NETFILTER "
                "INFORMATION===================================================="
                "=======\n");
         printf("%-20s %-20s %-12s %-12s %-8s %-8s %-7s %-8s %-8s %-8s\n",
-               "saddr", "daddr", "dprot", "sprot", "PreRT/μs", "L_IN/μs",
-               "FW/μs", "PostRT/μs", "L_OUT/μs", "rx/direction");
+               "Saddr", "Daddr", "Sprot", "Dprot", "PreRT/μs", "L_IN/μs",
+               "FW/μs", "PostRT/μs", "L_OUT/μs", "RX/direction");
         break;
     case MODE_DROP_REASON:
         printf("==============================================================="
                "DROP "
                "INFORMATION===================================================="
                "====\n");
-        printf("%-13s %-17s %-17s %-10s %-10s %-9s %-33s %-30s\n", "time",
-               "saddr", "daddr", "sprot", "dprot", "prot", "addr", "reason");
+        printf("%-13s %-17s %-17s %-10s %-10s %-9s %-33s %-30s\n", "Time",
+               "Saddr", "Daddr", "Sprot", "Dprot", "prot", "addr", "reason");
         break;
     case MODE_ICMP:
         printf("=================================================ICMP "
                "INFORMATION==============================================\n");
-        printf("%-20s %-20s %-20s %-20s\n", "saddr", "daddr", "icmp_time/μs",
-               "tx//direction");
+        printf("%-20s %-20s %-20s %-20s\n", "Saddr", "Daddr", "icmp_time/μs",
+               "RX/direction");
         break;
     case MODE_TCP:
         printf("==============================================================="
                "TCP STATE "
                "INFORMATION===================================================="
                "====\n");
-        printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s \n", "saddr", "daddr",
-               "sport", "dport", "oldstate", "newstate", "time/μs");
+        printf("%-20s %-20s %-20s %-20s %-20s %-20s %-20s \n", "Saddr", "Daddr",
+               "Sport", "Dport", "oldstate", "newstate", "time/μs");
         break;
     case MODE_DNS:
         printf("==============================================================="
                "====================DNS "
                "INFORMATION===================================================="
                "============================\n");
-        printf("%-20s %-20s %-12s %-12s %-12s %-12s %-12s %-11s %-47s %5s \n",
-               "saddr", "daddr", "Id", "Flags", "Qd", "An", "Ns", "Ar", "Qr",
-               "rx/direction");
+        printf("%-20s %-20s %-12s %-12s %-5s %-5s %-5s %-5s %-47s %5s \n",
+               "Saddr", "Daddr", "Id", "Flags", "Qd", "An", "Ns", "Ar", "Qr",
+               "RX/direction");
         break;
     case MODE_DEFAULT:
         printf("==============================================================="
                "=INFORMATION==================================================="
                "======================\n");
         printf("%-22s %-20s %-8s %-20s %-8s %-15s %-15s %-15s %-15s %-15s \n",
                "SOCK", "Saddr", "Sport", "Daddr", "Dport", "MAC_TIME/μs",
-               "IP_TIME/μs", "TRAN_TIME/μs", "RX//direction", "HTTP");
+               "IP_TIME/μs", "TRAN_TIME/μs", "RX/direction", "HTTP");
         break;
     }
 }
 
 static void open_log_files() {
+    FILE *connect_file = fopen(connects_file_path, "w+");
+    if (connect_file == NULL) {
+        fprintf(stderr, "Failed to open connect.log: (%s)\n", strerror(errno));
+        exit(EXIT_FAILURE);
+    }
+    fclose(connect_file);
+
     FILE *err_file = fopen(err_file_path, "w+");
     if (err_file == NULL) {
         fprintf(stderr, "Failed to open err.log: (%s)\n", strerror(errno));
@@ -1000,7 +1012,7 @@ static int print_dns(void *ctx, void *packet_info, size_t size) {
 
     print_domain_name((const unsigned char *)pack_info->data, domain_name);
 
-    printf("%-20s %-20s %-#12x %-#12x %-12x %-12x %-12x %-11x %-47s %-10d\n",
+    printf("%-20s %-20s %-#12x %-#12x %-5x %-5x %-5x %-5x %-47s %-10d\n",
            s_str, d_str, pack_info->id, pack_info->flags, pack_info->qdcount,
            pack_info->ancount, pack_info->nscount, pack_info->arcount,
            domain_name, pack_info->rx);

eBPF_Supermarket/Network_Subsystem/net_watcher/udp.bpf.h

@@ -23,6 +23,7 @@ static __always_inline int __udp_rcv(struct sk_buff *skb) {
     struct udphdr *udp = skb_to_udphdr(skb);
     struct packet_tuple pkt_tuple = {0};
     get_udp_pkt_tuple(&pkt_tuple, ip, udp);
+    FILTER
     struct ktime_info *tinfo, zero = {0};
     tinfo = (struct ktime_info *)bpf_map_lookup_or_try_init(&timestamps,
                                                             &pkt_tuple, &zero);
@@ -40,6 +41,7 @@ static __always_inline int udp_enqueue_schedule_skb(struct sock *sk,
     struct udphdr *udp = skb_to_udphdr(skb);
     struct packet_tuple pkt_tuple = {0};
     get_udp_pkt_tuple(&pkt_tuple, ip, udp);
+    FILTER
     struct ktime_info *tinfo, zero = {0};
     tinfo = bpf_map_lookup_elem(&timestamps, &pkt_tuple);
     if (tinfo == NULL) {
@@ -75,6 +77,7 @@ static __always_inline int __udp_send_skb(struct sk_buff *skb) {
     pkt_tuple.sport = sport;                                        // 源端口
     pkt_tuple.dport = __bpf_ntohs(dport); // 目的端口并进行字节序转换
     pkt_tuple.tran_flag = UDP;
+    FILTER
     struct ktime_info *tinfo, zero = {0};
     bpf_printk("udp_send_skb%d %d %d %d", pkt_tuple.saddr, pkt_tuple.daddr,
                pkt_tuple.sport, pkt_tuple.dport);
@@ -93,8 +96,7 @@ static __always_inline int __ip_send_skb(struct sk_buff *skb) {
     struct udphdr *udp = skb_to_udphdr(skb);
     struct packet_tuple pkt_tuple = {0};
     get_udp_pkt_tuple(&pkt_tuple, ip, udp);
-    bpf_printk("ip_send_skb%d %d %d %d", pkt_tuple.saddr, pkt_tuple.daddr,
-               pkt_tuple.sport, pkt_tuple.dport);
+    FILTER
     struct ktime_info *tinfo, zero = {0};
     tinfo = bpf_map_lookup_elem(&timestamps, &pkt_tuple);
     if (tinfo == NULL) {

eBPF_Supermarket/Stack_Analyser/Makefile

@@ -19,8 +19,11 @@
 OUTPUT := .output
 BPF_SKEL := bpf_skel
 CLANG ?= clang
-LIBBPF_SRC := $(abspath libbpf-bootstrap/libbpf/src)
-BPFTOOL_SRC := $(abspath libbpf-bootstrap/bpftool/src)
+CXX := clang
+LIB := ../lib
+LIBBPF_ROOT := $(abspath $(LIB)/libbpf)
+LIBBPF_SRC := $(LIBBPF_ROOT)/src
+BPFTOOL_SRC := $(abspath $(LIB)/bpftool/src)
 LIBBPF_OBJ := $(abspath $(OUTPUT)/libbpf.a)
 BPFTOOL_OUTPUT ?= $(abspath $(OUTPUT)/bpftool)
 BPFTOOL ?= $(BPFTOOL_OUTPUT)/bootstrap/bpftool
@@ -31,11 +34,12 @@ ARCH ?= $(shell uname -m | sed 's/x86_64/x86/' \
 			 | sed 's/mips.*/mips/' \
 			 | sed 's/riscv64/riscv/' \
 			 | sed 's/loongarch64/loongarch/')
-VMLINUX := libbpf-bootstrap/vmlinux/$(ARCH)/vmlinux.h
+
+VMLINUX := $(LIB)/vmlinux.h
 # Use our own libbpf API headers and Linux UAPI headers distributed with
 # libbpf to avoid dependency on system-wide headers, which could be missing or
 # outdated
-INCLUDES := -I./include -I./$(OUTPUT) -I./$(BPF_SKEL) -I./libbpf-bootstrap/libbpf/include/uapi -I$(dir $(VMLINUX))
+INCLUDES := -I./include -I./$(OUTPUT) -I./$(BPF_SKEL) -I$(LIBBPF_ROOT)/include/uapi -I$(dir $(VMLINUX))
 CFLAGS := -Og -Wall
 ALL_LDFLAGS := $(LDFLAGS) $(EXTRA_LDFLAGS)
 
@@ -85,6 +89,16 @@ clean:
 	$(call msg,CLEAN)
 	$(Q)rm -rf $(OUTPUT) $(TARGETS) $(BPF_SKEL)
 
+init:
+	$(call msg,INIT,$(LIB))
+	$(Q)git submodule update --init --recursive ../lib/
+
+$(LIBBPF_SRC) $(BPFTOOL_SRC): init
+
+$(VMLINUX):
+	$(call msg,BTFDUMP,$@)
+	$(Q)bpftool btf dump file /sys/kernel/btf/vmlinux format c > $@
+
 $(OUTPUT) $(OUTPUT)/libbpf $(BPFTOOL_OUTPUT) $(BPF_SKEL):
 	$(call msg,MKDIR,$@)
 	$(Q)mkdir -p $@

eBPF_Supermarket/Stack_Analyser/README.md

@@ -61,21 +61,34 @@ Stack_Analyzer是一个基于eBPF的按照指定时间间隔（默认为5s）来
 
 ## 编译要求
 
-Ubuntu下需要安装一下依赖，其他发行版类似
+初始化并更新libbpf和bpftool的代码仓库：
 
 ```shell
-$ git submodule update --init --recursive
-$ apt install clang libelf1 libelf-dev zlib1g-dev
+git submodule update --init --recursive ../lib/*
 ```
+需要安装一下依赖：
 
-g++-10以上，clang-12以上
+Ubuntu下
+
+```shell
+sudo apt update
+sudo apt install -y clang libelf1 libelf-dev zlib1g-dev bpftool
+```
+
+CentOS下
+
+```shell
+sudo dnf install clang elfutils-libelf elfutils-libelf-devel zlib-devel bpftool
+```
+
+clang-12以上
 
 # 使用方法
 
 ## 工具编译
 
 ```shell
-$ make
+$ make -j$(nproc)
 ```
 
 ## 命令使用方法

eBPF_Supermarket/Stack_Analyser/bpf/memleak.bpf.c

@@ -484,7 +484,7 @@ int memleak__mm_page_free(struct trace_event_raw_mm_page_free *ctx)
 SEC("tracepoint/percpu/percpu_alloc_percpu")
 int memleak__percpu_alloc_percpu(struct trace_event_raw_percpu_alloc_percpu *ctx)
 {
-    gen_alloc_enter(ctx->bytes_alloc);
+    gen_alloc_enter(ctx->size);
 
     return gen_alloc_exit2(ctx, (u64)(ctx->ptr));
 }