2021-01-18 13:13:51 +01:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2021-03-22 12:23:27 +01:00
|
|
|
static const char *__doc__ =
|
2021-12-08 10:13:50 +01:00
|
|
|
"Passive Ping - monitor flow RTT based on header inspection";
|
2021-03-22 12:23:27 +01:00
|
|
|
|
2020-12-11 19:25:35 +01:00
|
|
|
#include <bpf/bpf.h>
|
|
|
|
|
#include <bpf/libbpf.h>
|
2021-01-11 18:44:18 +01:00
|
|
|
#include <linux/if_link.h>
|
2021-01-07 18:14:27 +01:00
|
|
|
#include <net/if.h> // For if_nametoindex
|
|
|
|
|
#include <arpa/inet.h> // For inet_ntoa and ntohs
|
2020-12-11 19:25:35 +01:00
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <unistd.h>
|
2021-03-22 12:23:27 +01:00
|
|
|
#include <getopt.h>
|
2020-12-11 19:25:35 +01:00
|
|
|
#include <stdbool.h>
|
2021-03-22 12:23:27 +01:00
|
|
|
#include <limits.h>
|
2020-12-11 19:25:35 +01:00
|
|
|
#include <signal.h> // For detecting Ctrl-C
|
|
|
|
|
#include <sys/resource.h> // For setting rlmit
|
2021-01-26 18:34:23 +01:00
|
|
|
#include <sys/wait.h>
|
2021-02-02 14:28:42 +01:00
|
|
|
#include <sys/stat.h>
|
2020-12-11 19:25:35 +01:00
|
|
|
#include <time.h>
|
2021-01-07 18:14:27 +01:00
|
|
|
#include <pthread.h>
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-06-22 15:02:34 +02:00
|
|
|
#include "json_writer.h"
|
2021-04-15 14:13:54 +02:00
|
|
|
#include "pping.h" //common structs for user-space and BPF parts
|
2020-12-11 19:25:35 +01:00
|
|
|
|
2021-01-26 18:34:23 +01:00
|
|
|
#define NS_PER_SECOND 1000000000UL
|
|
|
|
|
#define NS_PER_MS 1000000UL
|
2021-06-29 13:55:37 +02:00
|
|
|
#define MS_PER_S 1000UL
|
|
|
|
|
#define S_PER_DAY (24*3600UL)
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-01-27 12:16:11 +01:00
|
|
|
#define TIMESTAMP_LIFETIME \
|
2021-03-09 17:50:27 +01:00
|
|
|
(10 * NS_PER_SECOND) // Clear out packet timestamps if they're over 10 seconds
|
2021-04-15 14:13:54 +02:00
|
|
|
#define FLOW_LIFETIME \
|
2021-03-09 17:50:27 +01:00
|
|
|
(300 * NS_PER_SECOND) // Clear out flows if they're inactive over 300 seconds
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-01-07 18:14:27 +01:00
|
|
|
#define PERF_BUFFER_PAGES 64 // Related to the perf-buffer size?
|
|
|
|
|
#define PERF_POLL_TIMEOUT_MS 100
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-01-11 18:44:18 +01:00
|
|
|
#define MAX_PATH_LEN 1024
|
|
|
|
|
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
#define MON_TO_REAL_UPDATE_FREQ \
|
|
|
|
|
(1 * NS_PER_SECOND) // Update offset between CLOCK_MONOTONIC and CLOCK_REALTIME once per second
|
|
|
|
|
|
2022-01-04 17:08:10 +01:00
|
|
|
enum PPING_OUTPUT_FORMAT {
|
|
|
|
|
PPING_OUTPUT_STANDARD,
|
|
|
|
|
PPING_OUTPUT_JSON,
|
|
|
|
|
PPING_OUTPUT_PPVIZ
|
|
|
|
|
};
|
|
|
|
|
|
2021-01-18 13:13:51 +01:00
|
|
|
/*
|
2021-12-08 10:13:50 +01:00
|
|
|
* BPF implementation of pping using libbpf.
|
|
|
|
|
* Uses TC-BPF for egress and XDP for ingress.
|
|
|
|
|
* - On egrees, packets are parsed for an identifer,
|
|
|
|
|
* if found added to hashmap using flow+identifier as key,
|
|
|
|
|
* and current time as value.
|
|
|
|
|
* - On ingress, packets are parsed for reply identifer,
|
|
|
|
|
* if found looksup hashmap using reverse-flow+identifier as key,
|
|
|
|
|
* and calculates RTT as different between now and stored timestamp.
|
|
|
|
|
* - Calculated RTTs are pushed to userspace
|
|
|
|
|
* (together with the related flow) and printed out.
|
2021-01-11 18:44:18 +01:00
|
|
|
*/
|
|
|
|
|
|
2021-01-26 18:34:23 +01:00
|
|
|
// Structure to contain arguments for clean_map (for passing to pthread_create)
|
2021-01-07 18:14:27 +01:00
|
|
|
struct map_cleanup_args {
|
2021-04-15 14:13:54 +02:00
|
|
|
__u64 cleanup_interval;
|
2021-03-09 17:50:27 +01:00
|
|
|
int packet_map_fd;
|
|
|
|
|
int flow_map_fd;
|
2021-01-07 18:14:27 +01:00
|
|
|
};
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
// Store configuration values in struct to easily pass around
|
|
|
|
|
struct pping_config {
|
|
|
|
|
struct bpf_config bpf_config;
|
2021-12-08 10:06:30 +01:00
|
|
|
struct bpf_tc_opts tc_ingress_opts;
|
|
|
|
|
struct bpf_tc_opts tc_egress_opts;
|
2021-04-15 14:13:54 +02:00
|
|
|
__u64 cleanup_interval;
|
|
|
|
|
char *object_path;
|
2022-01-04 17:08:10 +01:00
|
|
|
char *ingress_prog;
|
|
|
|
|
char *egress_prog;
|
2021-04-15 14:13:54 +02:00
|
|
|
char *packet_map;
|
|
|
|
|
char *flow_map;
|
2021-06-22 15:22:11 +02:00
|
|
|
char *event_map;
|
2021-04-30 11:36:41 +02:00
|
|
|
int xdp_flags;
|
|
|
|
|
int ifindex;
|
2021-12-17 18:03:00 +01:00
|
|
|
int ingress_prog_id;
|
|
|
|
|
int egress_prog_id;
|
2021-04-30 11:36:41 +02:00
|
|
|
char ifname[IF_NAMESIZE];
|
2022-01-04 17:08:10 +01:00
|
|
|
enum PPING_OUTPUT_FORMAT output_format;
|
2021-04-30 11:36:41 +02:00
|
|
|
bool force;
|
2021-12-17 18:03:00 +01:00
|
|
|
bool created_tc_hook;
|
2021-04-15 14:13:54 +02:00
|
|
|
};
|
|
|
|
|
|
2020-12-11 19:25:35 +01:00
|
|
|
static volatile int keep_running = 1;
|
2021-06-22 15:02:34 +02:00
|
|
|
static json_writer_t *json_ctx = NULL;
|
2021-06-22 15:36:35 +02:00
|
|
|
static void (*print_event_func)(void *, int, void *, __u32) = NULL;
|
2020-12-11 19:25:35 +01:00
|
|
|
|
2021-03-22 12:23:27 +01:00
|
|
|
static const struct option long_options[] = {
|
2021-04-15 14:13:54 +02:00
|
|
|
{ "help", no_argument, NULL, 'h' },
|
|
|
|
|
{ "interface", required_argument, NULL, 'i' }, // Name of interface to run on
|
|
|
|
|
{ "rate-limit", required_argument, NULL, 'r' }, // Sampling rate-limit in ms
|
2021-12-17 18:03:00 +01:00
|
|
|
{ "force", no_argument, NULL, 'f' }, // Overwrite any existing XDP program on interface, remove qdisc on cleanup
|
2021-06-29 13:55:37 +02:00
|
|
|
{ "cleanup-interval", required_argument, NULL, 'c' }, // Map cleaning interval in s, 0 to disable
|
2021-05-06 15:36:25 +02:00
|
|
|
{ "format", required_argument, NULL, 'F' }, // Which format to output in (standard/json/ppviz)
|
2021-12-08 10:06:30 +01:00
|
|
|
{ "ingress-hook", required_argument, NULL, 'I' }, // Use tc or XDP as ingress hook
|
2022-02-02 11:38:53 +01:00
|
|
|
{ "tcp", no_argument, NULL, 'T' }, // Calculate and report RTTs for TCP traffic (with TCP timestamps)
|
|
|
|
|
{ "icmp", no_argument, NULL, 'C' }, // Calculate and report RTTs for ICMP echo-reply traffic
|
2021-03-22 12:23:27 +01:00
|
|
|
{ 0, 0, NULL, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Copied from Jesper Dangaaard Brouer's traffic-pacing-edt example
|
|
|
|
|
*/
|
|
|
|
|
static void print_usage(char *argv[])
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
printf("\nDOCUMENTATION:\n%s\n", __doc__);
|
|
|
|
|
printf("\n");
|
|
|
|
|
printf(" Usage: %s (options-see-below)\n", argv[0]);
|
|
|
|
|
printf(" Listing options:\n");
|
|
|
|
|
for (i = 0; long_options[i].name != 0; i++) {
|
|
|
|
|
printf(" --%-12s", long_options[i].name);
|
|
|
|
|
if (long_options[i].flag != NULL)
|
|
|
|
|
printf(" flag (internal value:%d)",
|
2021-04-15 14:13:54 +02:00
|
|
|
*long_options[i].flag);
|
2021-03-22 12:23:27 +01:00
|
|
|
else
|
2021-04-15 14:13:54 +02:00
|
|
|
printf(" short-option: -%c", long_options[i].val);
|
2021-03-22 12:23:27 +01:00
|
|
|
printf("\n");
|
|
|
|
|
}
|
|
|
|
|
printf("\n");
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
/*
|
|
|
|
|
* Simple convenience wrapper around libbpf_strerror for which you don't have
|
|
|
|
|
* to provide a buffer. Instead uses its own static buffer and returns a pointer
|
|
|
|
|
* to it.
|
|
|
|
|
*
|
|
|
|
|
* This of course comes with the tradeoff that it is no longer thread safe and
|
|
|
|
|
* later invocations overwrite previous results.
|
|
|
|
|
*/
|
|
|
|
|
static const char *get_libbpf_strerror(int err)
|
|
|
|
|
{
|
|
|
|
|
static char buf[200];
|
|
|
|
|
libbpf_strerror(err, buf, sizeof(buf));
|
|
|
|
|
return buf;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-29 13:55:37 +02:00
|
|
|
static int parse_bounded_double(double *res, const char *str, double low,
|
|
|
|
|
double high, const char *name)
|
2021-04-15 14:13:54 +02:00
|
|
|
{
|
|
|
|
|
char *endptr;
|
2021-06-29 13:55:37 +02:00
|
|
|
*res = strtod(str, &endptr);
|
2021-04-15 14:13:54 +02:00
|
|
|
if (strlen(str) != endptr - str) {
|
2021-06-29 13:55:37 +02:00
|
|
|
fprintf(stderr, "%s %s is not a valid number\n", name, str);
|
2021-04-15 14:13:54 +02:00
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
2021-06-29 13:55:37 +02:00
|
|
|
if (*res < low || *res > high) {
|
|
|
|
|
fprintf(stderr, "%s must in range [%g, %g]\n", name, low, high);
|
2021-04-15 14:13:54 +02:00
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-29 13:55:37 +02:00
|
|
|
return 0;
|
2021-04-15 14:13:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int parse_arguments(int argc, char *argv[], struct pping_config *config)
|
|
|
|
|
{
|
|
|
|
|
int err, opt;
|
|
|
|
|
double rate_limit_ms, cleanup_interval_s;
|
|
|
|
|
|
|
|
|
|
config->ifindex = 0;
|
2021-05-06 15:36:25 +02:00
|
|
|
config->force = false;
|
2022-02-02 11:38:53 +01:00
|
|
|
config->bpf_config.track_tcp = false;
|
|
|
|
|
config->bpf_config.track_icmp = false;
|
2021-04-15 14:13:54 +02:00
|
|
|
|
2022-02-02 11:38:53 +01:00
|
|
|
while ((opt = getopt_long(argc, argv, "hfTCi:r:c:F:I:", long_options,
|
2021-04-15 14:13:54 +02:00
|
|
|
NULL)) != -1) {
|
|
|
|
|
switch (opt) {
|
|
|
|
|
case 'i':
|
|
|
|
|
if (strlen(optarg) > IF_NAMESIZE) {
|
|
|
|
|
fprintf(stderr, "interface name too long\n");
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
strncpy(config->ifname, optarg, IF_NAMESIZE);
|
|
|
|
|
|
|
|
|
|
config->ifindex = if_nametoindex(config->ifname);
|
|
|
|
|
if (config->ifindex == 0) {
|
|
|
|
|
err = -errno;
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"Could not get index of interface %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->ifname, get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'r':
|
2021-06-29 13:55:37 +02:00
|
|
|
err = parse_bounded_double(&rate_limit_ms, optarg, 0,
|
|
|
|
|
7 * S_PER_DAY * MS_PER_S,
|
|
|
|
|
"rate-limit");
|
|
|
|
|
if (err)
|
2021-04-15 14:13:54 +02:00
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
config->bpf_config.rate_limit =
|
|
|
|
|
rate_limit_ms * NS_PER_MS;
|
|
|
|
|
break;
|
|
|
|
|
case 'c':
|
2021-06-29 13:55:37 +02:00
|
|
|
err = parse_bounded_double(&cleanup_interval_s, optarg,
|
|
|
|
|
0, 7 * S_PER_DAY,
|
|
|
|
|
"cleanup-interval");
|
|
|
|
|
if (err)
|
2021-04-15 14:13:54 +02:00
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
config->cleanup_interval =
|
|
|
|
|
cleanup_interval_s * NS_PER_SECOND;
|
|
|
|
|
break;
|
2021-05-06 15:36:25 +02:00
|
|
|
case 'F':
|
2022-01-04 17:08:10 +01:00
|
|
|
if (strcmp(optarg, "standard") == 0) {
|
|
|
|
|
config->output_format = PPING_OUTPUT_STANDARD;
|
|
|
|
|
} else if (strcmp(optarg, "json") == 0) {
|
|
|
|
|
config->output_format = PPING_OUTPUT_JSON;
|
2021-05-06 15:36:25 +02:00
|
|
|
} else if (strcmp(optarg, "ppviz") == 0) {
|
2022-01-04 17:08:10 +01:00
|
|
|
config->output_format = PPING_OUTPUT_PPVIZ;
|
|
|
|
|
} else {
|
2021-05-06 15:36:25 +02:00
|
|
|
fprintf(stderr, "format must be \"standard\", \"json\" or \"ppviz\"\n");
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
2021-04-30 12:31:23 +02:00
|
|
|
break;
|
2021-12-08 10:06:30 +01:00
|
|
|
case 'I':
|
|
|
|
|
if (strcmp(optarg, "xdp") == 0) {
|
2022-01-04 17:08:10 +01:00
|
|
|
config->ingress_prog = "pping_xdp_ingress";
|
2021-12-08 10:06:30 +01:00
|
|
|
} else if (strcmp(optarg, "tc") == 0) {
|
2022-01-04 17:08:10 +01:00
|
|
|
config->ingress_prog = "pping_tc_ingress";
|
2021-12-08 10:06:30 +01:00
|
|
|
} else {
|
|
|
|
|
fprintf(stderr, "ingress-hook must be \"xdp\" or \"tc\"\n");
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
break;
|
2021-04-15 14:13:54 +02:00
|
|
|
case 'f':
|
|
|
|
|
config->force = true;
|
2021-12-17 18:03:00 +01:00
|
|
|
config->xdp_flags &= ~XDP_FLAGS_UPDATE_IF_NOEXIST;
|
2021-04-15 14:13:54 +02:00
|
|
|
break;
|
2022-02-02 11:38:53 +01:00
|
|
|
case 'T':
|
|
|
|
|
config->bpf_config.track_tcp = true;
|
|
|
|
|
break;
|
|
|
|
|
case 'C':
|
|
|
|
|
config->bpf_config.track_icmp = true;
|
|
|
|
|
break;
|
2021-04-15 14:13:54 +02:00
|
|
|
case 'h':
|
|
|
|
|
printf("HELP:\n");
|
|
|
|
|
print_usage(argv);
|
|
|
|
|
exit(0);
|
|
|
|
|
default:
|
|
|
|
|
fprintf(stderr, "Unknown option %s\n", argv[optind]);
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (config->ifindex == 0) {
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"An interface (-i or --interface) must be provided\n");
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-02 11:38:53 +01:00
|
|
|
const char *tracked_protocols_to_str(struct pping_config *config)
|
|
|
|
|
{
|
|
|
|
|
bool tcp = config->bpf_config.track_tcp;
|
|
|
|
|
bool icmp = config->bpf_config.track_icmp;
|
|
|
|
|
return tcp && icmp ? "TCP, ICMP" : tcp ? "TCP" : "ICMP";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const char *output_format_to_str(enum PPING_OUTPUT_FORMAT format)
|
|
|
|
|
{
|
|
|
|
|
switch (format) {
|
|
|
|
|
case PPING_OUTPUT_STANDARD: return "standard";
|
|
|
|
|
case PPING_OUTPUT_JSON: return "json";
|
|
|
|
|
case PPING_OUTPUT_PPVIZ: return "ppviz";
|
|
|
|
|
default: return "unkown format";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-07 18:14:27 +01:00
|
|
|
void abort_program(int sig)
|
2020-12-11 19:25:35 +01:00
|
|
|
{
|
2021-01-18 13:13:51 +01:00
|
|
|
keep_running = 0;
|
2020-12-11 19:25:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int set_rlimit(long int lim)
|
|
|
|
|
{
|
2021-01-18 13:13:51 +01:00
|
|
|
struct rlimit rlim = {
|
|
|
|
|
.rlim_cur = lim,
|
|
|
|
|
.rlim_max = lim,
|
|
|
|
|
};
|
2020-12-11 19:25:35 +01:00
|
|
|
|
2021-01-18 13:13:51 +01:00
|
|
|
return !setrlimit(RLIMIT_MEMLOCK, &rlim) ? 0 : -errno;
|
2020-12-11 19:25:35 +01:00
|
|
|
}
|
2021-01-11 18:44:18 +01:00
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
static int init_rodata(struct bpf_object *obj, void *src, size_t size)
|
2021-01-18 13:13:51 +01:00
|
|
|
{
|
2021-12-17 18:03:00 +01:00
|
|
|
struct bpf_map *map = NULL;
|
|
|
|
|
bpf_object__for_each_map(map, obj) {
|
|
|
|
|
if (strstr(bpf_map__name(map), ".rodata"))
|
|
|
|
|
return bpf_map__set_initial_value(map, src, size);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// No .rodata map found
|
|
|
|
|
return -EINVAL;
|
2020-12-11 19:25:35 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
/*
|
|
|
|
|
* Attempt to attach program in section sec of obj to ifindex.
|
|
|
|
|
* If sucessful, will return the positive program id of the attached.
|
|
|
|
|
* On failure, will return a negative error code.
|
|
|
|
|
*/
|
2022-01-04 17:08:10 +01:00
|
|
|
static int xdp_attach(struct bpf_object *obj, const char *prog_name,
|
|
|
|
|
int ifindex, __u32 xdp_flags)
|
2021-01-11 18:44:18 +01:00
|
|
|
{
|
2021-01-18 13:13:51 +01:00
|
|
|
struct bpf_program *prog;
|
2021-12-17 18:03:00 +01:00
|
|
|
int prog_fd, err;
|
|
|
|
|
__u32 prog_id;
|
2021-01-18 13:13:51 +01:00
|
|
|
|
2022-01-04 17:08:10 +01:00
|
|
|
if (prog_name)
|
|
|
|
|
prog = bpf_object__find_program_by_name(obj, prog_name);
|
2021-01-18 13:13:51 +01:00
|
|
|
else
|
2022-01-04 17:08:10 +01:00
|
|
|
prog = bpf_object__next_program(obj, NULL);
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-01-18 13:13:51 +01:00
|
|
|
prog_fd = bpf_program__fd(prog);
|
2021-04-15 14:13:54 +02:00
|
|
|
if (prog_fd < 0)
|
2021-01-18 13:13:51 +01:00
|
|
|
return prog_fd;
|
|
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
err = bpf_set_link_xdp_fd(ifindex, prog_fd, xdp_flags);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
err = bpf_get_link_xdp_id(ifindex, &prog_id, xdp_flags);
|
|
|
|
|
if (err) {
|
|
|
|
|
bpf_set_link_xdp_fd(ifindex, -1, xdp_flags);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return prog_id;
|
2021-01-11 18:44:18 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
static int xdp_detach(int ifindex, __u32 xdp_flags, __u32 expected_prog_id)
|
2021-03-22 12:23:27 +01:00
|
|
|
{
|
2021-12-17 18:03:00 +01:00
|
|
|
__u32 curr_prog_id;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
err = bpf_get_link_xdp_id(ifindex, &curr_prog_id, xdp_flags);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
|
|
|
|
|
if (!curr_prog_id) {
|
|
|
|
|
return 0; // No current prog on interface
|
2021-03-29 14:55:41 +02:00
|
|
|
}
|
2021-03-22 12:23:27 +01:00
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
if (expected_prog_id && curr_prog_id != expected_prog_id)
|
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
|
|
return bpf_set_link_xdp_fd(ifindex, -1, xdp_flags);
|
2021-03-22 12:23:27 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
/*
|
|
|
|
|
* Will attempt to attach program at section sec in obj to ifindex at
|
|
|
|
|
* attach_point.
|
|
|
|
|
* On success, will fill in the passed opts, optionally set new_hook depending
|
|
|
|
|
* if it created a new hook or not, and return the id of the attached program.
|
|
|
|
|
* On failure it will return a negative error code.
|
|
|
|
|
*/
|
2021-06-11 14:44:19 +02:00
|
|
|
static int tc_attach(struct bpf_object *obj, int ifindex,
|
|
|
|
|
enum bpf_tc_attach_point attach_point,
|
2022-01-04 17:08:10 +01:00
|
|
|
const char *prog_name, struct bpf_tc_opts *opts,
|
2021-12-17 18:03:00 +01:00
|
|
|
bool *new_hook)
|
2021-01-26 18:34:23 +01:00
|
|
|
{
|
2021-06-11 14:44:19 +02:00
|
|
|
int err;
|
|
|
|
|
int prog_fd;
|
2021-12-17 18:03:00 +01:00
|
|
|
bool created_hook = true;
|
2021-06-11 14:44:19 +02:00
|
|
|
DECLARE_LIBBPF_OPTS(bpf_tc_hook, hook, .ifindex = ifindex,
|
|
|
|
|
.attach_point = attach_point);
|
2021-05-10 11:21:54 +02:00
|
|
|
|
2021-06-11 14:44:19 +02:00
|
|
|
err = bpf_tc_hook_create(&hook);
|
2021-12-17 18:03:00 +01:00
|
|
|
if (err == -EEXIST)
|
|
|
|
|
created_hook = false;
|
|
|
|
|
else if (err)
|
2021-05-10 11:21:54 +02:00
|
|
|
return err;
|
|
|
|
|
|
2021-06-11 14:44:19 +02:00
|
|
|
prog_fd = bpf_program__fd(
|
2022-01-04 17:08:10 +01:00
|
|
|
bpf_object__find_program_by_name(obj, prog_name));
|
2021-12-17 18:03:00 +01:00
|
|
|
if (prog_fd < 0) {
|
|
|
|
|
err = prog_fd;
|
|
|
|
|
goto err_after_hook;
|
|
|
|
|
}
|
2021-05-10 11:21:54 +02:00
|
|
|
|
2021-06-11 14:44:19 +02:00
|
|
|
opts->prog_fd = prog_fd;
|
|
|
|
|
opts->prog_id = 0;
|
2021-12-17 18:03:00 +01:00
|
|
|
err = bpf_tc_attach(&hook, opts);
|
|
|
|
|
if (err)
|
|
|
|
|
goto err_after_hook;
|
|
|
|
|
|
|
|
|
|
if (new_hook)
|
|
|
|
|
*new_hook = created_hook;
|
|
|
|
|
return opts->prog_id;
|
|
|
|
|
|
|
|
|
|
err_after_hook:
|
|
|
|
|
/*
|
|
|
|
|
* Destroy hook if it created it.
|
|
|
|
|
* This is slightly racy, as some other program may still have been
|
|
|
|
|
* attached to the hook between its creation and this error cleanup.
|
|
|
|
|
*/
|
|
|
|
|
if (created_hook) {
|
|
|
|
|
hook.attach_point = BPF_TC_INGRESS | BPF_TC_EGRESS;
|
|
|
|
|
bpf_tc_hook_destroy(&hook);
|
|
|
|
|
}
|
|
|
|
|
return err;
|
2021-05-10 11:21:54 +02:00
|
|
|
}
|
|
|
|
|
|
2021-06-11 14:44:19 +02:00
|
|
|
static int tc_detach(int ifindex, enum bpf_tc_attach_point attach_point,
|
2021-12-17 18:03:00 +01:00
|
|
|
const struct bpf_tc_opts *opts, bool destroy_hook)
|
2021-01-27 12:16:11 +01:00
|
|
|
{
|
2021-12-17 18:03:00 +01:00
|
|
|
int err;
|
|
|
|
|
int hook_err = 0;
|
2021-06-11 14:44:19 +02:00
|
|
|
DECLARE_LIBBPF_OPTS(bpf_tc_hook, hook, .ifindex = ifindex,
|
|
|
|
|
.attach_point = attach_point);
|
2021-12-17 18:03:00 +01:00
|
|
|
DECLARE_LIBBPF_OPTS(bpf_tc_opts, opts_info, .handle = opts->handle,
|
|
|
|
|
.priority = opts->priority);
|
|
|
|
|
|
|
|
|
|
// Check we are removing the correct program
|
|
|
|
|
err = bpf_tc_query(&hook, &opts_info);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
if (opts->prog_id != opts_info.prog_id)
|
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
|
|
// Attempt to detach program
|
|
|
|
|
opts_info.prog_fd = 0;
|
|
|
|
|
opts_info.prog_id = 0;
|
|
|
|
|
opts_info.flags = 0;
|
|
|
|
|
err = bpf_tc_detach(&hook, &opts_info);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Attempt to destroy hook regardsless if detach succeded.
|
|
|
|
|
* If the hook is destroyed sucessfully, program should
|
|
|
|
|
* also be detached.
|
|
|
|
|
*/
|
|
|
|
|
if (destroy_hook) {
|
|
|
|
|
hook.attach_point = BPF_TC_INGRESS | BPF_TC_EGRESS;
|
|
|
|
|
hook_err = bpf_tc_hook_destroy(&hook);
|
|
|
|
|
}
|
2021-06-11 14:44:19 +02:00
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
err = destroy_hook ? hook_err : err;
|
|
|
|
|
return err;
|
2021-01-26 18:34:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2021-06-11 14:44:19 +02:00
|
|
|
* Returns time as nanoseconds in a single __u64.
|
2021-01-26 18:34:23 +01:00
|
|
|
* On failure, the value 0 is returned (and errno will be set).
|
|
|
|
|
*/
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
static __u64 get_time_ns(clockid_t clockid)
|
2020-12-11 19:25:35 +01:00
|
|
|
{
|
2021-01-18 13:13:51 +01:00
|
|
|
struct timespec t;
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
if (clock_gettime(clockid, &t) != 0)
|
2021-01-18 13:13:51 +01:00
|
|
|
return 0;
|
2021-01-26 18:34:23 +01:00
|
|
|
|
|
|
|
|
return (__u64)t.tv_sec * NS_PER_SECOND + (__u64)t.tv_nsec;
|
2020-12-11 19:25:35 +01:00
|
|
|
}
|
|
|
|
|
|
2021-06-22 15:36:35 +02:00
|
|
|
static bool packet_ts_timeout(void *key_ptr, void *val_ptr, __u64 now)
|
2021-03-09 17:50:27 +01:00
|
|
|
{
|
|
|
|
|
__u64 ts = *(__u64 *)val_ptr;
|
|
|
|
|
if (now > ts && now - ts > TIMESTAMP_LIFETIME)
|
|
|
|
|
return true;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-22 15:36:35 +02:00
|
|
|
static bool flow_timeout(void *key_ptr, void *val_ptr, __u64 now)
|
2021-03-09 17:50:27 +01:00
|
|
|
{
|
2021-06-22 15:36:35 +02:00
|
|
|
struct flow_event fe;
|
2021-03-09 17:50:27 +01:00
|
|
|
__u64 ts = ((struct flow_state *)val_ptr)->last_timestamp;
|
2021-06-22 15:36:35 +02:00
|
|
|
|
2021-06-22 15:22:11 +02:00
|
|
|
if (now > ts && now - ts > FLOW_LIFETIME) {
|
2021-06-22 15:36:35 +02:00
|
|
|
if (print_event_func) {
|
|
|
|
|
fe.event_type = EVENT_TYPE_FLOW;
|
|
|
|
|
fe.timestamp = now;
|
|
|
|
|
memcpy(&fe.flow, key_ptr, sizeof(struct network_tuple));
|
|
|
|
|
fe.event_info.event = FLOW_EVENT_CLOSING;
|
|
|
|
|
fe.event_info.reason = EVENT_REASON_FLOW_TIMEOUT;
|
|
|
|
|
fe.source = EVENT_SOURCE_USERSPACE;
|
|
|
|
|
print_event_func(NULL, 0, &fe, sizeof(fe));
|
|
|
|
|
}
|
2021-03-09 17:50:27 +01:00
|
|
|
return true;
|
2021-06-22 15:22:11 +02:00
|
|
|
}
|
2021-03-09 17:50:27 +01:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Loops through all entries in a map, running del_decision_func(value, time)
|
|
|
|
|
* on every entry, and deleting those for which it returns true.
|
|
|
|
|
* On sucess, returns the number of entries deleted, otherwise returns the
|
|
|
|
|
* (negative) error code.
|
|
|
|
|
*/
|
|
|
|
|
//TODO - maybe add some pointer to arguments for del_decision_func?
|
|
|
|
|
static int clean_map(int map_fd, size_t key_size, size_t value_size,
|
2021-06-22 15:36:35 +02:00
|
|
|
bool (*del_decision_func)(void *, void *, __u64))
|
2020-12-11 19:25:35 +01:00
|
|
|
{
|
2021-01-26 18:34:23 +01:00
|
|
|
int removed = 0;
|
2021-03-09 17:50:27 +01:00
|
|
|
void *key, *prev_key, *value;
|
2021-01-18 13:13:51 +01:00
|
|
|
bool delete_prev = false;
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
__u64 now_nsec = get_time_ns(CLOCK_MONOTONIC);
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-03-09 17:50:27 +01:00
|
|
|
#ifdef DEBUG
|
|
|
|
|
int entries = 0;
|
|
|
|
|
__u64 duration;
|
|
|
|
|
#endif
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-01-18 13:13:51 +01:00
|
|
|
if (now_nsec == 0)
|
|
|
|
|
return -errno;
|
|
|
|
|
|
2021-03-09 17:50:27 +01:00
|
|
|
key = malloc(key_size);
|
|
|
|
|
prev_key = malloc(key_size);
|
|
|
|
|
value = malloc(value_size);
|
|
|
|
|
if (!key || !prev_key || !value) {
|
|
|
|
|
removed = -ENOMEM;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-18 13:13:51 +01:00
|
|
|
// Cannot delete current key because then loop will reset, see https://www.bouncybouncy.net/blog/bpf_map_get_next_key-pitfalls/
|
2021-03-09 17:50:27 +01:00
|
|
|
while (bpf_map_get_next_key(map_fd, prev_key, key) == 0) {
|
2021-01-18 13:13:51 +01:00
|
|
|
if (delete_prev) {
|
2021-03-09 17:50:27 +01:00
|
|
|
bpf_map_delete_elem(map_fd, prev_key);
|
2021-01-18 13:13:51 +01:00
|
|
|
removed++;
|
|
|
|
|
delete_prev = false;
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-09 17:50:27 +01:00
|
|
|
if (bpf_map_lookup_elem(map_fd, key, value) == 0)
|
2021-06-22 15:36:35 +02:00
|
|
|
delete_prev = del_decision_func(key, value, now_nsec);
|
2021-03-09 17:50:27 +01:00
|
|
|
#ifdef DEBUG
|
2021-01-18 13:13:51 +01:00
|
|
|
entries++;
|
2021-03-09 17:50:27 +01:00
|
|
|
#endif
|
|
|
|
|
memcpy(prev_key, key, key_size);
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
|
|
|
|
if (delete_prev) {
|
2021-03-09 17:50:27 +01:00
|
|
|
bpf_map_delete_elem(map_fd, prev_key);
|
2021-01-18 13:13:51 +01:00
|
|
|
removed++;
|
|
|
|
|
}
|
2021-03-09 17:50:27 +01:00
|
|
|
#ifdef DEBUG
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
duration = get_time_ns(CLOCK_MONOTONIC) - now_nsec;
|
2021-04-30 11:36:41 +02:00
|
|
|
fprintf(stderr,
|
|
|
|
|
"%d: Gone through %d entries and removed %d of them in %llu.%09llu s\n",
|
|
|
|
|
map_fd, entries, removed, duration / NS_PER_SECOND,
|
|
|
|
|
duration % NS_PER_SECOND);
|
2021-03-09 17:50:27 +01:00
|
|
|
#endif
|
|
|
|
|
cleanup:
|
2021-04-15 14:13:54 +02:00
|
|
|
free(key);
|
|
|
|
|
free(prev_key);
|
|
|
|
|
free(value);
|
2021-01-18 13:13:51 +01:00
|
|
|
return removed;
|
2020-12-11 19:25:35 +01:00
|
|
|
}
|
|
|
|
|
|
2021-01-07 18:14:27 +01:00
|
|
|
static void *periodic_map_cleanup(void *args)
|
|
|
|
|
{
|
2021-01-18 13:13:51 +01:00
|
|
|
struct map_cleanup_args *argp = args;
|
|
|
|
|
struct timespec interval;
|
2021-04-15 14:13:54 +02:00
|
|
|
interval.tv_sec = argp->cleanup_interval / NS_PER_SECOND;
|
|
|
|
|
interval.tv_nsec = argp->cleanup_interval % NS_PER_SECOND;
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-01-18 13:13:51 +01:00
|
|
|
while (keep_running) {
|
2021-03-09 17:50:27 +01:00
|
|
|
clean_map(argp->packet_map_fd, sizeof(struct packet_id),
|
|
|
|
|
sizeof(__u64), packet_ts_timeout);
|
|
|
|
|
clean_map(argp->flow_map_fd, sizeof(struct network_tuple),
|
|
|
|
|
sizeof(struct flow_state), flow_timeout);
|
2021-01-18 13:13:51 +01:00
|
|
|
nanosleep(&interval, NULL);
|
|
|
|
|
}
|
|
|
|
|
pthread_exit(NULL);
|
2021-01-07 18:14:27 +01:00
|
|
|
}
|
|
|
|
|
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
static __u64 convert_monotonic_to_realtime(__u64 monotonic_time)
|
|
|
|
|
{
|
|
|
|
|
static __u64 offset = 0;
|
|
|
|
|
static __u64 offset_updated = 0;
|
2021-06-10 18:23:37 +02:00
|
|
|
__u64 now_mon = get_time_ns(CLOCK_MONOTONIC);
|
|
|
|
|
__u64 now_rt;
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
|
|
|
|
|
if (offset == 0 ||
|
|
|
|
|
(now_mon > offset_updated &&
|
|
|
|
|
now_mon - offset_updated > MON_TO_REAL_UPDATE_FREQ)) {
|
|
|
|
|
now_mon = get_time_ns(CLOCK_MONOTONIC);
|
|
|
|
|
now_rt = get_time_ns(CLOCK_REALTIME);
|
2021-06-10 18:23:37 +02:00
|
|
|
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
if (now_rt < now_mon)
|
|
|
|
|
return 0;
|
|
|
|
|
offset = now_rt - now_mon;
|
|
|
|
|
offset_updated = now_mon;
|
|
|
|
|
}
|
|
|
|
|
return monotonic_time + offset;
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-08 20:28:46 +01:00
|
|
|
/*
|
|
|
|
|
* Wrapper around inet_ntop designed to handle the "bug" that mapped IPv4
|
|
|
|
|
* addresses are formated as IPv6 addresses for AF_INET6
|
|
|
|
|
*/
|
2021-05-27 11:11:28 +02:00
|
|
|
static int format_ip_address(char *buf, size_t size, int af,
|
|
|
|
|
const struct in6_addr *addr)
|
2021-02-08 20:28:46 +01:00
|
|
|
{
|
|
|
|
|
if (af == AF_INET)
|
2021-02-09 13:00:28 +01:00
|
|
|
return inet_ntop(af, &addr->s6_addr[12],
|
2021-02-08 20:28:46 +01:00
|
|
|
buf, size) ? -errno : 0;
|
|
|
|
|
else if (af == AF_INET6)
|
|
|
|
|
return inet_ntop(af, addr, buf, size) ? -errno : 0;
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-06 15:36:25 +02:00
|
|
|
static const char *proto_to_str(__u16 proto)
|
2021-04-30 11:36:41 +02:00
|
|
|
{
|
|
|
|
|
static char buf[8];
|
|
|
|
|
|
|
|
|
|
switch (proto) {
|
|
|
|
|
case IPPROTO_TCP:
|
|
|
|
|
return "TCP";
|
|
|
|
|
case IPPROTO_ICMP:
|
|
|
|
|
return "ICMP";
|
|
|
|
|
case IPPROTO_ICMPV6:
|
|
|
|
|
return "ICMPv6";
|
|
|
|
|
default:
|
|
|
|
|
snprintf(buf, sizeof(buf), "%d", proto);
|
|
|
|
|
return buf;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-22 15:22:11 +02:00
|
|
|
static const char *flowevent_to_str(enum flow_event_type fe)
|
2021-01-07 18:14:27 +01:00
|
|
|
{
|
2021-06-22 15:22:11 +02:00
|
|
|
switch (fe) {
|
2021-06-22 15:36:35 +02:00
|
|
|
case FLOW_EVENT_NONE:
|
|
|
|
|
return "none";
|
2021-06-22 15:22:11 +02:00
|
|
|
case FLOW_EVENT_OPENING:
|
|
|
|
|
return "opening";
|
|
|
|
|
case FLOW_EVENT_CLOSING:
|
|
|
|
|
return "closing";
|
|
|
|
|
default:
|
|
|
|
|
return "unknown";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static const char *eventreason_to_str(enum flow_event_reason er)
|
|
|
|
|
{
|
|
|
|
|
switch (er) {
|
|
|
|
|
case EVENT_REASON_SYN:
|
|
|
|
|
return "SYN";
|
|
|
|
|
case EVENT_REASON_SYN_ACK:
|
|
|
|
|
return "SYN-ACK";
|
|
|
|
|
case EVENT_REASON_FIRST_OBS_PCKT:
|
|
|
|
|
return "first observed packet";
|
|
|
|
|
case EVENT_REASON_FIN:
|
|
|
|
|
return "FIN";
|
|
|
|
|
case EVENT_REASON_FIN_ACK:
|
|
|
|
|
return "FIN-ACK";
|
|
|
|
|
case EVENT_REASON_RST:
|
|
|
|
|
return "RST";
|
|
|
|
|
case EVENT_REASON_FLOW_TIMEOUT:
|
|
|
|
|
return "flow timeout";
|
|
|
|
|
default:
|
|
|
|
|
return "unknown";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-22 15:36:35 +02:00
|
|
|
static const char *eventsource_to_str(enum flow_event_source es)
|
|
|
|
|
{
|
|
|
|
|
switch (es) {
|
|
|
|
|
case EVENT_SOURCE_EGRESS:
|
|
|
|
|
return "src";
|
|
|
|
|
case EVENT_SOURCE_INGRESS:
|
|
|
|
|
return "dest";
|
|
|
|
|
case EVENT_SOURCE_USERSPACE:
|
|
|
|
|
return "userspace-cleanup";
|
|
|
|
|
default:
|
|
|
|
|
return "unknown";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-10 18:23:37 +02:00
|
|
|
static void print_flow_ppvizformat(FILE *stream, const struct network_tuple *flow)
|
2021-06-22 15:22:11 +02:00
|
|
|
{
|
2021-02-08 20:28:46 +01:00
|
|
|
char saddr[INET6_ADDRSTRLEN];
|
|
|
|
|
char daddr[INET6_ADDRSTRLEN];
|
2021-06-10 18:23:37 +02:00
|
|
|
|
|
|
|
|
format_ip_address(saddr, sizeof(saddr), flow->ipv, &flow->saddr.ip);
|
|
|
|
|
format_ip_address(daddr, sizeof(daddr), flow->ipv, &flow->daddr.ip);
|
|
|
|
|
fprintf(stream, "%s:%d+%s:%d", saddr, ntohs(flow->saddr.port), daddr,
|
|
|
|
|
ntohs(flow->daddr.port));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void print_ns_datetime(FILE *stream, __u64 monotonic_ns)
|
|
|
|
|
{
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
char timestr[9];
|
2021-06-10 18:23:37 +02:00
|
|
|
__u64 ts = convert_monotonic_to_realtime(monotonic_ns);
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
time_t ts_s = ts / NS_PER_SECOND;
|
2021-02-08 20:28:46 +01:00
|
|
|
|
pping: Add timestamp and min-RTT to output
To add timestamp to output, push the timestamp when packet was
processed from kernel as part of the rtt-event. Also keep track of
minimum encountered RTT for each flow in kernel, and also push that as
part of the RTT-event.
Additionally, avoid pushing RTT messages at all if no flow-state
information can be found (due to ex. being deleted from egress side),
as no valid min-RTT can then be given. Furthermore, no longer delete
flow-information once seeing the FIN-flag on egress in order to keep
useful flow-state around for RTT-messages longer. Due to the
FIN-handshake process, it is sufficient if the ingress program deletes
the flow-state upon seeing FIN. However, still delete flow-state from
either ingress or egress upon seeing RST flag, as RST does not have a
handshake process allowing for delayed deletion.
While minimum RTT could also be tracked from the userspace process,
userspace is not aware of when the flow is closed so would have to add
additional logic to keep track of minimum RTT for each flow and
periodically clean them up. Furthermore, keeping RTT statistics in the
flow-state map is useful for implementing future features, such as an
RTT-based sampling interval. It would also be useful in case pping is
changed to no longer have a long-running userspace process printing
out all the calculated RTTs, but instead simply occasionally looks up
the RTT from the flow-state map.
Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>
2021-04-29 18:55:06 +02:00
|
|
|
strftime(timestr, sizeof(timestr), "%H:%M:%S", localtime(&ts_s));
|
2021-06-10 18:23:37 +02:00
|
|
|
fprintf(stream, "%s.%09llu", timestr, ts % NS_PER_SECOND);
|
|
|
|
|
}
|
2021-02-08 20:28:46 +01:00
|
|
|
|
2021-06-10 18:23:37 +02:00
|
|
|
static void print_event_standard(void *ctx, int cpu, void *data,
|
|
|
|
|
__u32 data_size)
|
|
|
|
|
{
|
|
|
|
|
const union pping_event *e = data;
|
|
|
|
|
|
|
|
|
|
if (e->event_type == EVENT_TYPE_RTT) {
|
|
|
|
|
print_ns_datetime(stdout, e->rtt_event.timestamp);
|
2021-12-08 10:13:50 +01:00
|
|
|
printf(" %llu.%06llu ms %llu.%06llu ms %s ",
|
2021-06-10 18:23:37 +02:00
|
|
|
e->rtt_event.rtt / NS_PER_MS,
|
|
|
|
|
e->rtt_event.rtt % NS_PER_MS,
|
|
|
|
|
e->rtt_event.min_rtt / NS_PER_MS,
|
2021-12-08 10:13:50 +01:00
|
|
|
e->rtt_event.min_rtt % NS_PER_MS,
|
|
|
|
|
proto_to_str(e->rtt_event.flow.proto));
|
2021-06-10 18:23:37 +02:00
|
|
|
print_flow_ppvizformat(stdout, &e->rtt_event.flow);
|
|
|
|
|
printf("\n");
|
|
|
|
|
} else if (e->event_type == EVENT_TYPE_FLOW) {
|
|
|
|
|
print_ns_datetime(stdout, e->flow_event.timestamp);
|
2021-12-08 10:13:50 +01:00
|
|
|
printf(" %s ", proto_to_str(e->rtt_event.flow.proto));
|
2021-06-10 18:23:37 +02:00
|
|
|
print_flow_ppvizformat(stdout, &e->flow_event.flow);
|
|
|
|
|
printf(" %s due to %s from %s\n",
|
|
|
|
|
flowevent_to_str(e->flow_event.event_info.event),
|
|
|
|
|
eventreason_to_str(e->flow_event.event_info.reason),
|
|
|
|
|
eventsource_to_str(e->flow_event.source));
|
|
|
|
|
}
|
2021-01-07 18:14:27 +01:00
|
|
|
}
|
|
|
|
|
|
2021-06-22 15:22:11 +02:00
|
|
|
static void print_event_ppviz(void *ctx, int cpu, void *data, __u32 data_size)
|
2021-04-30 12:31:23 +02:00
|
|
|
{
|
|
|
|
|
const struct rtt_event *e = data;
|
|
|
|
|
__u64 time = convert_monotonic_to_realtime(e->timestamp);
|
|
|
|
|
|
2021-12-08 10:13:50 +01:00
|
|
|
// ppviz format does not support flow events
|
2021-06-22 15:22:11 +02:00
|
|
|
if (e->event_type != EVENT_TYPE_RTT)
|
|
|
|
|
return;
|
|
|
|
|
|
2021-06-10 18:23:37 +02:00
|
|
|
printf("%llu.%09llu %llu.%09llu %llu.%09llu ", time / NS_PER_SECOND,
|
|
|
|
|
time % NS_PER_SECOND, e->rtt / NS_PER_SECOND,
|
|
|
|
|
e->rtt % NS_PER_SECOND, e->min_rtt / NS_PER_SECOND, e->min_rtt);
|
|
|
|
|
print_flow_ppvizformat(stdout, &e->flow);
|
|
|
|
|
printf("\n");
|
2021-04-30 12:31:23 +02:00
|
|
|
}
|
|
|
|
|
|
2021-06-10 18:23:37 +02:00
|
|
|
static void print_common_fields_json(json_writer_t *ctx,
|
|
|
|
|
const union pping_event *e)
|
2021-04-30 11:36:41 +02:00
|
|
|
{
|
2021-06-10 18:23:37 +02:00
|
|
|
const struct network_tuple *flow = &e->rtt_event.flow;
|
2021-04-30 11:36:41 +02:00
|
|
|
char saddr[INET6_ADDRSTRLEN];
|
|
|
|
|
char daddr[INET6_ADDRSTRLEN];
|
|
|
|
|
|
2021-06-10 18:23:37 +02:00
|
|
|
format_ip_address(saddr, sizeof(saddr), flow->ipv, &flow->saddr.ip);
|
|
|
|
|
format_ip_address(daddr, sizeof(daddr), flow->ipv, &flow->daddr.ip);
|
2021-06-22 15:22:11 +02:00
|
|
|
|
2021-06-10 18:23:37 +02:00
|
|
|
jsonw_u64_field(ctx, "timestamp",
|
|
|
|
|
convert_monotonic_to_realtime(e->rtt_event.timestamp));
|
|
|
|
|
jsonw_string_field(ctx, "src_ip", saddr);
|
|
|
|
|
jsonw_hu_field(ctx, "src_port", ntohs(flow->saddr.port));
|
|
|
|
|
jsonw_string_field(ctx, "dest_ip", daddr);
|
|
|
|
|
jsonw_hu_field(ctx, "dest_port", ntohs(flow->daddr.port));
|
|
|
|
|
jsonw_string_field(ctx, "protocol", proto_to_str(flow->proto));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void print_rttevent_fields_json(json_writer_t *ctx,
|
|
|
|
|
const struct rtt_event *re)
|
|
|
|
|
{
|
|
|
|
|
jsonw_u64_field(ctx, "rtt", re->rtt);
|
|
|
|
|
jsonw_u64_field(ctx, "min_rtt", re->min_rtt);
|
|
|
|
|
jsonw_u64_field(ctx, "sent_packets", re->sent_pkts);
|
|
|
|
|
jsonw_u64_field(ctx, "sent_bytes", re->sent_bytes);
|
|
|
|
|
jsonw_u64_field(ctx, "rec_packets", re->rec_pkts);
|
|
|
|
|
jsonw_u64_field(ctx, "rec_bytes", re->rec_bytes);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void print_flowevent_fields_json(json_writer_t *ctx,
|
|
|
|
|
const struct flow_event *fe)
|
|
|
|
|
{
|
|
|
|
|
jsonw_string_field(ctx, "flow_event",
|
|
|
|
|
flowevent_to_str(fe->event_info.event));
|
|
|
|
|
jsonw_string_field(ctx, "reason",
|
|
|
|
|
eventreason_to_str(fe->event_info.reason));
|
|
|
|
|
jsonw_string_field(ctx, "triggered_by", eventsource_to_str(fe->source));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void print_event_json(void *ctx, int cpu, void *data, __u32 data_size)
|
|
|
|
|
{
|
|
|
|
|
const union pping_event *e = data;
|
|
|
|
|
|
|
|
|
|
if (e->event_type != EVENT_TYPE_RTT && e->event_type != EVENT_TYPE_FLOW)
|
|
|
|
|
return;
|
2021-04-30 11:36:41 +02:00
|
|
|
|
2021-06-22 15:02:34 +02:00
|
|
|
if (!json_ctx) {
|
|
|
|
|
json_ctx = jsonw_new(stdout);
|
|
|
|
|
jsonw_start_array(json_ctx);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
jsonw_start_object(json_ctx);
|
2021-06-10 18:23:37 +02:00
|
|
|
print_common_fields_json(json_ctx, e);
|
|
|
|
|
if (e->event_type == EVENT_TYPE_RTT)
|
|
|
|
|
print_rttevent_fields_json(json_ctx, &e->rtt_event);
|
|
|
|
|
else // flow-event
|
|
|
|
|
print_flowevent_fields_json(json_ctx, &e->flow_event);
|
2021-06-22 15:02:34 +02:00
|
|
|
jsonw_end_object(json_ctx);
|
2021-04-30 11:36:41 +02:00
|
|
|
}
|
|
|
|
|
|
2021-01-07 18:14:27 +01:00
|
|
|
static void handle_missed_rtt_event(void *ctx, int cpu, __u64 lost_cnt)
|
|
|
|
|
{
|
2021-01-18 13:13:51 +01:00
|
|
|
fprintf(stderr, "Lost %llu RTT events on CPU %d\n", lost_cnt, cpu);
|
2021-01-07 18:14:27 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
/*
|
|
|
|
|
* Sets only the necessary programs in the object file to autoload.
|
|
|
|
|
*
|
|
|
|
|
* Assumes all programs are set to autoload by default, so in practice
|
|
|
|
|
* deactivates autoloading for the program that does not need to be loaded.
|
|
|
|
|
*/
|
|
|
|
|
static int set_programs_to_load(struct bpf_object *obj,
|
|
|
|
|
struct pping_config *config)
|
|
|
|
|
{
|
|
|
|
|
struct bpf_program *prog;
|
2022-01-04 17:08:10 +01:00
|
|
|
char *unload_prog =
|
|
|
|
|
strcmp(config->ingress_prog, "pping_xdp_ingress") != 0 ?
|
|
|
|
|
"pping_xdp_ingress" :
|
|
|
|
|
"pping_tc_ingress";
|
2021-12-08 10:06:30 +01:00
|
|
|
|
2022-01-04 17:08:10 +01:00
|
|
|
prog = bpf_object__find_program_by_name(obj, unload_prog);
|
2021-12-08 10:06:30 +01:00
|
|
|
if (libbpf_get_error(prog))
|
|
|
|
|
return libbpf_get_error(prog);
|
|
|
|
|
|
|
|
|
|
return bpf_program__set_autoload(prog, false);
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-17 18:03:00 +01:00
|
|
|
/*
|
|
|
|
|
* Print out some hints for what might have caused an error while attempting
|
|
|
|
|
* to attach an XDP program. Based on xdp_link_attach() in
|
|
|
|
|
* xdp-tutorial/common/common_user_bpf_xdp.c
|
|
|
|
|
*/
|
|
|
|
|
static void print_xdp_error_hints(FILE *stream, int err)
|
|
|
|
|
{
|
|
|
|
|
err = err > 0 ? err : -err;
|
|
|
|
|
switch (err) {
|
|
|
|
|
case EBUSY:
|
|
|
|
|
case EEXIST:
|
|
|
|
|
fprintf(stream, "Hint: XDP already loaded on device"
|
|
|
|
|
" use --force to swap/replace\n");
|
|
|
|
|
break;
|
|
|
|
|
case EOPNOTSUPP:
|
|
|
|
|
fprintf(stream, "Hint: Native-XDP not supported\n");
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
static int load_attach_bpfprogs(struct bpf_object **obj,
|
2021-12-08 10:06:30 +01:00
|
|
|
struct pping_config *config)
|
2020-12-11 19:25:35 +01:00
|
|
|
{
|
2021-05-10 11:21:54 +02:00
|
|
|
int err, detach_err;
|
2021-04-23 14:16:52 +02:00
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
// Open and load ELF file
|
2021-04-23 14:16:52 +02:00
|
|
|
*obj = bpf_object__open(config->object_path);
|
|
|
|
|
err = libbpf_get_error(*obj);
|
2021-04-15 14:13:54 +02:00
|
|
|
if (err) {
|
|
|
|
|
fprintf(stderr, "Failed opening object file %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->object_path, get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
return err;
|
2021-02-02 14:28:42 +01:00
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
err = init_rodata(*obj, &config->bpf_config,
|
|
|
|
|
sizeof(config->bpf_config));
|
2021-01-18 13:13:51 +01:00
|
|
|
if (err) {
|
2021-04-15 14:13:54 +02:00
|
|
|
fprintf(stderr, "Failed pushing user-configration to %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->object_path, get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
return err;
|
2021-03-22 12:23:27 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
set_programs_to_load(*obj, config);
|
2021-04-15 14:13:54 +02:00
|
|
|
err = bpf_object__load(*obj);
|
|
|
|
|
if (err) {
|
2021-12-08 10:06:30 +01:00
|
|
|
fprintf(stderr, "Failed loading bpf programs in %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->object_path, get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
return err;
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
// Attach egress prog
|
2021-12-17 18:03:00 +01:00
|
|
|
config->egress_prog_id =
|
|
|
|
|
tc_attach(*obj, config->ifindex, BPF_TC_EGRESS,
|
2022-01-04 17:08:10 +01:00
|
|
|
config->egress_prog, &config->tc_egress_opts,
|
2021-12-17 18:03:00 +01:00
|
|
|
&config->created_tc_hook);
|
|
|
|
|
if (config->egress_prog_id < 0) {
|
2021-04-15 14:13:54 +02:00
|
|
|
fprintf(stderr,
|
2021-12-08 10:06:30 +01:00
|
|
|
"Failed attaching egress BPF program on interface %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->ifname,
|
|
|
|
|
get_libbpf_strerror(config->egress_prog_id));
|
|
|
|
|
return config->egress_prog_id;
|
2021-02-02 14:28:42 +01:00
|
|
|
}
|
|
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
// Attach ingress prog
|
2022-01-04 17:08:10 +01:00
|
|
|
if (strcmp(config->ingress_prog, "pping_xdp_ingress") == 0)
|
2021-12-17 18:03:00 +01:00
|
|
|
config->ingress_prog_id =
|
2022-01-04 17:08:10 +01:00
|
|
|
xdp_attach(*obj, config->ingress_prog, config->ifindex,
|
2021-12-17 18:03:00 +01:00
|
|
|
config->xdp_flags);
|
2021-12-08 10:06:30 +01:00
|
|
|
else
|
2021-12-17 18:03:00 +01:00
|
|
|
config->ingress_prog_id =
|
|
|
|
|
tc_attach(*obj, config->ifindex, BPF_TC_INGRESS,
|
2022-01-04 17:08:10 +01:00
|
|
|
config->ingress_prog,
|
|
|
|
|
&config->tc_ingress_opts, NULL);
|
2021-12-17 18:03:00 +01:00
|
|
|
if (config->ingress_prog_id < 0) {
|
2021-12-08 10:06:30 +01:00
|
|
|
fprintf(stderr,
|
|
|
|
|
"Failed attaching ingress BPF program on interface %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->ifname, get_libbpf_strerror(err));
|
|
|
|
|
err = config->ingress_prog_id;
|
2022-01-04 17:08:10 +01:00
|
|
|
if (strcmp(config->ingress_prog, "pping_xdp_ingress") == 0)
|
2021-12-17 18:03:00 +01:00
|
|
|
print_xdp_error_hints(stderr, err);
|
2021-12-08 10:06:30 +01:00
|
|
|
goto ingress_err;
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
return 0;
|
2021-05-10 11:21:54 +02:00
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
ingress_err:
|
2021-12-17 18:03:00 +01:00
|
|
|
detach_err =
|
|
|
|
|
tc_detach(config->ifindex, BPF_TC_EGRESS,
|
|
|
|
|
&config->tc_egress_opts, config->created_tc_hook);
|
2021-05-10 11:21:54 +02:00
|
|
|
if (detach_err)
|
|
|
|
|
fprintf(stderr, "Failed detaching tc program from %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->ifname, get_libbpf_strerror(detach_err));
|
2021-05-10 11:21:54 +02:00
|
|
|
return err;
|
2021-04-15 14:13:54 +02:00
|
|
|
}
|
2021-01-27 12:16:11 +01:00
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
static int setup_periodical_map_cleaning(struct bpf_object *obj,
|
|
|
|
|
struct pping_config *config)
|
|
|
|
|
{
|
|
|
|
|
pthread_t tid;
|
|
|
|
|
struct map_cleanup_args clean_args = {
|
|
|
|
|
.cleanup_interval = config->cleanup_interval
|
|
|
|
|
};
|
|
|
|
|
int err;
|
|
|
|
|
|
2021-06-29 13:55:37 +02:00
|
|
|
if (!clean_args.cleanup_interval) {
|
|
|
|
|
fprintf(stderr, "Periodic map cleanup disabled\n");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
clean_args.packet_map_fd =
|
|
|
|
|
bpf_object__find_map_fd_by_name(obj, config->packet_map);
|
|
|
|
|
if (clean_args.packet_map_fd < 0) {
|
|
|
|
|
fprintf(stderr, "Could not get file descriptor of map %s: %s\n",
|
|
|
|
|
config->packet_map,
|
2021-12-17 18:03:00 +01:00
|
|
|
get_libbpf_strerror(clean_args.packet_map_fd));
|
2021-04-15 14:13:54 +02:00
|
|
|
return clean_args.packet_map_fd;
|
2021-03-02 17:40:51 +01:00
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
clean_args.flow_map_fd =
|
|
|
|
|
bpf_object__find_map_fd_by_name(obj, config->flow_map);
|
|
|
|
|
if (clean_args.flow_map_fd < 0) {
|
|
|
|
|
fprintf(stderr, "Could not get file descriptor of map %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config->flow_map,
|
|
|
|
|
get_libbpf_strerror(clean_args.flow_map_fd));
|
|
|
|
|
return clean_args.flow_map_fd;
|
2021-03-22 12:23:27 +01:00
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
err = pthread_create(&tid, NULL, periodic_map_cleanup, &clean_args);
|
2021-03-02 17:40:51 +01:00
|
|
|
if (err) {
|
2021-04-15 14:13:54 +02:00
|
|
|
fprintf(stderr,
|
|
|
|
|
"Failed starting thread to perform periodic map cleanup: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
return err;
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
2021-01-20 19:49:51 +01:00
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int main(int argc, char *argv[])
|
|
|
|
|
{
|
2021-05-10 11:21:54 +02:00
|
|
|
int err = 0, detach_err;
|
2021-04-15 14:13:54 +02:00
|
|
|
struct bpf_object *obj = NULL;
|
2021-05-10 11:21:54 +02:00
|
|
|
struct perf_buffer *pb = NULL;
|
2021-04-15 14:13:54 +02:00
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
DECLARE_LIBBPF_OPTS(bpf_tc_opts, tc_ingress_opts);
|
|
|
|
|
DECLARE_LIBBPF_OPTS(bpf_tc_opts, tc_egress_opts);
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
struct pping_config config = {
|
|
|
|
|
.bpf_config = { .rate_limit = 100 * NS_PER_MS },
|
|
|
|
|
.cleanup_interval = 1 * NS_PER_SECOND,
|
|
|
|
|
.object_path = "pping_kern.o",
|
2022-01-04 17:08:10 +01:00
|
|
|
.ingress_prog = "pping_xdp_ingress",
|
|
|
|
|
.egress_prog = "pping_tc_egress",
|
2021-04-15 14:13:54 +02:00
|
|
|
.packet_map = "packet_ts",
|
|
|
|
|
.flow_map = "flow_state",
|
2021-06-22 15:22:11 +02:00
|
|
|
.event_map = "events",
|
2021-04-15 14:13:54 +02:00
|
|
|
.xdp_flags = XDP_FLAGS_UPDATE_IF_NOEXIST,
|
2021-12-08 10:06:30 +01:00
|
|
|
.tc_ingress_opts = tc_ingress_opts,
|
|
|
|
|
.tc_egress_opts = tc_egress_opts,
|
2022-01-04 17:08:10 +01:00
|
|
|
.output_format = PPING_OUTPUT_STANDARD,
|
2021-04-15 14:13:54 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// Detect if running as root
|
|
|
|
|
if (geteuid() != 0) {
|
|
|
|
|
printf("This program must be run as root.\n");
|
|
|
|
|
return EXIT_FAILURE;
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
// Increase rlimit
|
|
|
|
|
err = set_rlimit(RLIM_INFINITY);
|
2021-01-21 17:52:08 +01:00
|
|
|
if (err) {
|
2021-04-15 14:13:54 +02:00
|
|
|
fprintf(stderr, "Could not set rlimit to infinity: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
return EXIT_FAILURE;
|
2021-01-21 17:52:08 +01:00
|
|
|
}
|
|
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
err = parse_arguments(argc, argv, &config);
|
|
|
|
|
if (err) {
|
|
|
|
|
fprintf(stderr, "Failed parsing arguments: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
get_libbpf_strerror(err));
|
2021-04-15 14:13:54 +02:00
|
|
|
print_usage(argv);
|
|
|
|
|
return EXIT_FAILURE;
|
2021-03-09 17:50:27 +01:00
|
|
|
}
|
|
|
|
|
|
2022-02-02 11:38:53 +01:00
|
|
|
if (!config.bpf_config.track_tcp && !config.bpf_config.track_icmp)
|
|
|
|
|
config.bpf_config.track_tcp = true;
|
|
|
|
|
|
|
|
|
|
if (config.bpf_config.track_icmp &&
|
|
|
|
|
config.output_format == PPING_OUTPUT_PPVIZ)
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"Warning: ppviz format mainly intended for TCP traffic, but may now include ICMP traffic as well\n");
|
|
|
|
|
|
2022-01-04 17:08:10 +01:00
|
|
|
switch (config.output_format) {
|
|
|
|
|
case PPING_OUTPUT_STANDARD:
|
|
|
|
|
print_event_func = print_event_standard;
|
|
|
|
|
break;
|
|
|
|
|
case PPING_OUTPUT_JSON:
|
2021-06-22 15:36:35 +02:00
|
|
|
print_event_func = print_event_json;
|
2022-01-04 17:08:10 +01:00
|
|
|
break;
|
|
|
|
|
case PPING_OUTPUT_PPVIZ:
|
2021-06-22 15:36:35 +02:00
|
|
|
print_event_func = print_event_ppviz;
|
2022-01-04 17:08:10 +01:00
|
|
|
break;
|
2021-06-22 15:36:35 +02:00
|
|
|
}
|
2021-04-30 11:36:41 +02:00
|
|
|
|
2022-02-02 11:38:53 +01:00
|
|
|
fprintf(stderr, "Starting ePPing in %s mode tracking %s on %s\n",
|
|
|
|
|
output_format_to_str(config.output_format),
|
|
|
|
|
tracked_protocols_to_str(&config), config.ifname);
|
|
|
|
|
|
2021-12-08 10:06:30 +01:00
|
|
|
err = load_attach_bpfprogs(&obj, &config);
|
2021-04-15 14:13:54 +02:00
|
|
|
if (err) {
|
2021-01-27 12:16:11 +01:00
|
|
|
fprintf(stderr,
|
2021-04-15 14:13:54 +02:00
|
|
|
"Failed loading and attaching BPF programs in %s\n",
|
|
|
|
|
config.object_path);
|
2021-05-10 11:21:54 +02:00
|
|
|
return EXIT_FAILURE;
|
2021-01-20 19:49:51 +01:00
|
|
|
}
|
2021-01-26 18:34:23 +01:00
|
|
|
|
2021-04-15 14:13:54 +02:00
|
|
|
err = setup_periodical_map_cleaning(obj, &config);
|
2021-01-18 13:13:51 +01:00
|
|
|
if (err) {
|
2021-04-15 14:13:54 +02:00
|
|
|
fprintf(stderr, "Failed setting up map cleaning: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
get_libbpf_strerror(err));
|
2021-05-10 11:21:54 +02:00
|
|
|
goto cleanup_attached_progs;
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Set up perf buffer
|
2021-04-15 14:13:54 +02:00
|
|
|
pb = perf_buffer__new(bpf_object__find_map_fd_by_name(obj,
|
2021-06-22 15:22:11 +02:00
|
|
|
config.event_map),
|
2022-01-04 17:08:10 +01:00
|
|
|
PERF_BUFFER_PAGES, print_event_func,
|
|
|
|
|
handle_missed_rtt_event, NULL, NULL);
|
2021-01-18 13:13:51 +01:00
|
|
|
err = libbpf_get_error(pb);
|
|
|
|
|
if (err) {
|
|
|
|
|
fprintf(stderr, "Failed to open perf buffer %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config.event_map, get_libbpf_strerror(err));
|
2021-05-10 11:21:54 +02:00
|
|
|
goto cleanup_attached_progs;
|
2021-01-18 13:13:51 +01:00
|
|
|
}
|
|
|
|
|
|
2021-01-21 17:52:08 +01:00
|
|
|
// Allow program to perform cleanup on Ctrl-C
|
2021-01-18 13:13:51 +01:00
|
|
|
signal(SIGINT, abort_program);
|
2022-01-31 18:47:08 +01:00
|
|
|
signal(SIGTERM, abort_program);
|
2021-01-18 13:13:51 +01:00
|
|
|
|
|
|
|
|
// Main loop
|
|
|
|
|
while (keep_running) {
|
|
|
|
|
if ((err = perf_buffer__poll(pb, PERF_POLL_TIMEOUT_MS)) < 0) {
|
|
|
|
|
if (keep_running) // Only print polling error if it wasn't caused by program termination
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"Error polling perf buffer: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
get_libbpf_strerror(-err));
|
2021-01-18 13:13:51 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-10 11:21:54 +02:00
|
|
|
// Cleanup
|
2022-01-04 17:08:10 +01:00
|
|
|
if (config.output_format == PPING_OUTPUT_JSON && json_ctx) {
|
2021-06-22 15:02:34 +02:00
|
|
|
jsonw_end_array(json_ctx);
|
|
|
|
|
jsonw_destroy(&json_ctx);
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-10 11:21:54 +02:00
|
|
|
perf_buffer__free(pb);
|
|
|
|
|
|
|
|
|
|
cleanup_attached_progs:
|
2022-01-04 17:08:10 +01:00
|
|
|
if (strcmp(config.ingress_prog, "pping_xdp_ingress") == 0)
|
2021-12-17 18:03:00 +01:00
|
|
|
detach_err = xdp_detach(config.ifindex, config.xdp_flags,
|
|
|
|
|
config.ingress_prog_id);
|
2021-12-08 10:06:30 +01:00
|
|
|
else
|
|
|
|
|
detach_err = tc_detach(config.ifindex, BPF_TC_INGRESS,
|
2021-12-17 18:03:00 +01:00
|
|
|
&config.tc_ingress_opts, false);
|
2021-05-10 11:21:54 +02:00
|
|
|
if (detach_err)
|
|
|
|
|
fprintf(stderr,
|
2021-12-08 10:06:30 +01:00
|
|
|
"Failed removing ingress program from interface %s: %s\n",
|
2021-12-17 18:03:00 +01:00
|
|
|
config.ifname, get_libbpf_strerror(detach_err));
|
|
|
|
|
|
|
|
|
|
detach_err =
|
|
|
|
|
tc_detach(config.ifindex, BPF_TC_EGRESS, &config.tc_egress_opts,
|
|
|
|
|
config.force && config.created_tc_hook);
|
|
|
|
|
if (detach_err)
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"Failed removing egress program from interface %s: %s\n",
|
|
|
|
|
config.ifname, get_libbpf_strerror(detach_err));
|
2021-05-10 11:21:54 +02:00
|
|
|
|
|
|
|
|
return (err != 0 && keep_running) || detach_err != 0;
|
2020-12-11 19:25:35 +01:00
|
|
|
}
|