Hi Alexei at al.,
I'm getting closer to finally have an xdpdump tool that uses the bpf
fentry/fexit tracepoints, but I ran into a final hurdle...
To stuff the packet into a perf ring I'll need to use the
bpf_perf_event_output(), but unfortunately, this is a program of trace
type, and not XDP so the packet data is not added automatically :(
Secondly even trying to pass the actual packet data as a reference to
bpf_perf_event_output() will not work as the verifier wants the data to
be on the fp.
Even worse, the trace program gets the XDP info not thought the ctx, but
trough the fentry/fexit input value, i.e.:
SEC("fentry/func")
int BPF_PROG(trace_on_entry, struct xdp_buff *xdp)...
struct net_device {
int ifindex;
} __attribute__((preserve_access_index));
struct xdp_rxq_info {
struct net_device *dev;
__u32 queue_index;
} __attribute__((preserve_access_index));
struct xdp_buff {
void *data;
void *data_end;
void *data_meta;
void *data_hard_start;
unsigned long handle;
struct xdp_rxq_info *rxq;
} __attribute__((preserve_access_index));
Hence even trying to copy in bytes to a local buffer is not allowed by
the verifier, i.e. __u8 *data = (u8 *)(long)xdp->data;
Can you let me know how you envisioned a BPF entry hook to capture
packets from XDP. Am I missing something, or is there something missing
from the infrastructure?
Thanks,
Eelco
