Hi Alexei at al.,I'm getting closer to finally have an xdpdump tool that uses the bpf fentry/fexit tracepoints, but I ran into a final hurdle...
To stuff the packet into a perf ring I'll need to use the bpf_perf_event_output(), but unfortunately, this is a program of trace type, and not XDP so the packet data is not added automatically :(
Secondly even trying to pass the actual packet data as a reference to bpf_perf_event_output() will not work as the verifier wants the data to be on the fp.
Even worse, the trace program gets the XDP info not thought the ctx, but trough the fentry/fexit input value, i.e.:
SEC("fentry/func")
int BPF_PROG(trace_on_entry, struct xdp_buff *xdp)...
struct net_device {
int ifindex;
} __attribute__((preserve_access_index));
struct xdp_rxq_info {
struct net_device *dev;
__u32 queue_index;
} __attribute__((preserve_access_index));
struct xdp_buff {
void *data;
void *data_end;
void *data_meta;
void *data_hard_start;
unsigned long handle;
struct xdp_rxq_info *rxq;
} __attribute__((preserve_access_index));
Hence even trying to copy in bytes to a local buffer is not allowed by
the verifier, i.e. __u8 *data = (u8 *)(long)xdp->data;
Can you let me know how you envisioned a BPF entry hook to capture packets from XDP. Am I missing something, or is there something missing from the infrastructure?
Thanks, Eelco
|