aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

util-ebpf: conditional pinning of maps

Browse Source 
Only pin maps if `pinned-maps` is set in the configuration. This
ensure backward compatibility.
pull/3952/head
Eric Leblond 6 years ago committed by Victor Julien
parent 6d41a0ced0
commit 4f48c45727
4 changed files with 28 additions and 13 deletions
Show Stats Download Patch File Download Diff File

21
src/runmode-af-packet.c
Unescape Escape View File

@ -381,15 +381,25 @@ static void *ParseAFPConfig(const char *iface)
#ifdef HAVE_PACKET_EBPF
SCLogConfig("af-packet will use '%s' as eBPF load balancing file",
ebpf_file);
#endif
aconf->ebpf_lb_file = ebpf_file;
aconf->ebpf_t_config.flags |= EBPF_SOCKET_FILTER;
#endif
}
if (ConfGetChildValueBoolWithDefault(if_root, if_default, "pinned-maps", (int *)&boolval) != 1) {
if (boolval) {
SCLogConfig("Using pinned maps on iface %s",
aconf->iface);
aconf->ebpf_t_config.flags |= EBPF_PINNED_MAPS;
}
}
#ifdef HAVE_PACKET_EBPF
/* One shot loading of the eBPF file */
if (aconf->ebpf_lb_file && cluster_type == PACKET_FANOUT_EBPF) {
int ret = EBPFLoadFile(aconf->iface, aconf->ebpf_lb_file, "loadbalancer",
&aconf->ebpf_lb_fd, EBPF_SOCKET_FILTER);
&aconf->ebpf_lb_fd,
aconf->ebpf_t_config.flags);
if (ret != 0) {
SCLogWarning(SC_ERR_INVALID_VALUE, "Error when loading eBPF lb file");
}
@ -428,7 +438,8 @@ static void *ParseAFPConfig(const char *iface)
if (aconf->ebpf_filter_file) {
#ifdef HAVE_PACKET_EBPF
int ret = EBPFLoadFile(aconf->iface, aconf->ebpf_filter_file, "filter",
&aconf->ebpf_filter_fd, EBPF_SOCKET_FILTER);
&aconf->ebpf_filter_fd,
aconf->ebpf_t_config.flags);
if (ret != 0) {
SCLogWarning(SC_ERR_INVALID_VALUE,
"Error when loading eBPF filter file");
@ -444,6 +455,7 @@ static void *ParseAFPConfig(const char *iface)
SCLogInfo("af-packet will use '%s' as XDP filter file",
ebpf_file);
aconf->ebpf_t_config.mode = AFP_MODE_XDP_BYPASS;
aconf->ebpf_t_config.flags |= EBPF_XDP_CODE;
aconf->xdp_filter_file = ebpf_file;
ConfGetChildValueBoolWithDefault(if_root, if_default, "bypass", &conf_val);
if (conf_val) {
@ -490,7 +502,8 @@ static void *ParseAFPConfig(const char *iface)
if (aconf->xdp_filter_file) {
#ifdef HAVE_PACKET_XDP
int ret = EBPFLoadFile(aconf->iface, aconf->xdp_filter_file, "xdp",
&aconf->xdp_filter_fd, EBPF_XDP_CODE);
&aconf->xdp_filter_fd,
aconf->ebpf_t_config.flags);
if (ret != 0) {
SCLogWarning(SC_ERR_INVALID_VALUE,
"Error when loading XDP filter file");

1
src/source-af-packet.h
Unescape Escape View File

@ -49,6 +49,7 @@
struct ebpf_timeout_config {
uint16_t cpus_count;
uint8_t mode;
uint8_t flags;
};
#endif

18
src/util-ebpf.c
Unescape Escape View File

@ -275,16 +275,16 @@ int EBPFLoadFile(const char *iface, const char *path, const char * section,
BpfMapsInfoFree(bpf_map_data);
return -1;
}
/* TODO pin */
/* sudo mount bpf -t bpf /sys/fs/bpf/ */
SCLogNotice("Pinning: %d to %s", bpf_map_data->array[bpf_map_data->last].fd,
if (flags & EBPF_PINNED_MAPS) {
SCLogNotice("Pinning: %d to %s", bpf_map_data->array[bpf_map_data->last].fd,
bpf_map_data->array[bpf_map_data->last].name);
char buf[1024];
snprintf(buf, sizeof(buf), "/sys/fs/bpf/suricata-%s-%s", iface,
bpf_map_data->array[bpf_map_data->last].name);
int ret = bpf_obj_pin(bpf_map_data->array[bpf_map_data->last].fd, buf);
if (ret != 0) {
SCLogError(SC_ERR_AFP_CREATE, "Can not pin: %s", strerror(errno));
char buf[1024];
snprintf(buf, sizeof(buf), "/sys/fs/bpf/suricata-%s-%s", iface,
bpf_map_data->array[bpf_map_data->last].name);
int ret = bpf_obj_pin(bpf_map_data->array[bpf_map_data->last].fd, buf);
if (ret != 0) {
SCLogError(SC_ERR_AFP_CREATE, "Can not pin: %s", strerror(errno));
}
}
bpf_map_data->last++;
}

1
src/util-ebpf.h
Unescape Escape View File

@ -63,6 +63,7 @@ struct pair {
#define EBPF_SOCKET_FILTER (1<<0)
#define EBPF_XDP_CODE (1<<1)
#define EBPF_PINNED_MAPS (1<<2)
int EBPFGetMapFDByName(const char *iface, const char *name);
int EBPFLoadFile(const char *iface, const char *path, const char * section,

Write Preview
Loading…
Cancel
Save