WSL2-Linux-Kernel/samples/bpf
Sargun Dhillon cf9b1199de samples/bpf: Add test/example of using bpf_probe_write_user bpf helper
This example shows using a kprobe to act as a dnat mechanism to divert
traffic for arbitrary endpoints. It rewrite the arguments to a syscall
while they're still in userspace, and before the syscall has a chance
to copy the argument into kernel space.

Although this is an example, it also acts as a test because the mapped
address is 255.255.255.255:555 -> real address, and that's not a legal
address to connect to. If the helper is broken, the example will fail
on the intermediate steps, as well as the final step to verify the
rewrite of userspace memory succeeded.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-07-25 18:07:48 -07:00
..
Makefile samples/bpf: Add test/example of using bpf_probe_write_user bpf helper 2016-07-25 18:07:48 -07:00
README.rst samples/bpf: like LLC also verify and allow redefining CLANG command 2016-04-29 14:26:08 -04:00
bpf_helpers.h bpf: Add bpf_probe_write_user BPF helper to be called in tracers 2016-07-25 18:07:48 -07:00
bpf_load.c Add sample for adding simple drop program to link 2016-07-19 21:46:32 -07:00
bpf_load.h samples/bpf: move ksym_search() into library 2016-03-08 15:28:32 -05:00
fds_example.c samples/bpf: add map_flags to bpf loader 2016-03-08 15:28:32 -05:00
lathist_kern.c bpf: BPF based latency tracing 2015-06-23 06:09:58 -07:00
lathist_user.c bpf: BPF based latency tracing 2015-06-23 06:09:58 -07:00
libbpf.c samples/bpf: add map_flags to bpf loader 2016-03-08 15:28:32 -05:00
libbpf.h samples/bpf: add map_flags to bpf loader 2016-03-08 15:28:32 -05:00
map_perf_test_kern.c samples/bpf: add map performance test 2016-03-08 23:22:03 -05:00
map_perf_test_user.c samples/bpf: Fix build breakage with map_perf_test_user.c 2016-04-06 16:01:28 -04:00
offwaketime_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
offwaketime_user.c samples/bpf: move ksym_search() into library 2016-03-08 15:28:32 -05:00
parse_ldabs.c samples/bpf: add 'pointer to packet' tests 2016-05-06 16:01:54 -04:00
parse_simple.c samples/bpf: add 'pointer to packet' tests 2016-05-06 16:01:54 -04:00
parse_varlen.c samples/bpf: add 'pointer to packet' tests 2016-05-06 16:01:54 -04:00
sock_example.c samples/bpf: add map_flags to bpf loader 2016-03-08 15:28:32 -05:00
sockex1_kern.c samples: bpf: add skb->field examples and tests 2015-03-15 22:02:28 -04:00
sockex1_user.c samples: bpf: add skb->field examples and tests 2015-03-15 22:02:28 -04:00
sockex2_kern.c samples: bpf: add skb->field examples and tests 2015-03-15 22:02:28 -04:00
sockex2_user.c samples/bpf: set max locked memory to ulimited 2016-06-25 12:03:46 -04:00
sockex3_kern.c bpf: allow programs to write to certain skb fields 2015-06-07 02:01:33 -07:00
sockex3_user.c samples/bpf: set max locked memory to ulimited 2016-06-25 12:03:46 -04:00
spintest_kern.c samples/bpf: Enable powerpc support 2016-04-06 16:01:29 -04:00
spintest_user.c samples/bpf: add bpf map stress test 2016-03-08 23:22:02 -05:00
tcbpf1_kern.c bpf: add bpf_redirect() helper 2015-09-17 21:09:07 -07:00
test_cgrp2_array_pin.c cgroup: bpf: Add an example to do cgroup checking in BPF 2016-07-01 16:32:13 -04:00
test_cgrp2_tc.sh cgroup: bpf: Add an example to do cgroup checking in BPF 2016-07-01 16:32:13 -04:00
test_cgrp2_tc_kern.c cgroup: bpf: Add an example to do cgroup checking in BPF 2016-07-01 16:32:13 -04:00
test_cls_bpf.sh samples/bpf: add 'pointer to packet' tests 2016-05-06 16:01:54 -04:00
test_maps.c samples/bpf: test both pre-alloc and normal maps 2016-03-08 15:28:32 -05:00
test_overhead_kprobe_kern.c samples/bpf: add tracepoint vs kprobe performance tests 2016-04-07 21:04:27 -04:00
test_overhead_tp_kern.c samples/bpf: add tracepoint vs kprobe performance tests 2016-04-07 21:04:27 -04:00
test_overhead_user.c samples/bpf: add tracepoint vs kprobe performance tests 2016-04-07 21:04:27 -04:00
test_probe_write_user_kern.c samples/bpf: Add test/example of using bpf_probe_write_user bpf helper 2016-07-25 18:07:48 -07:00
test_probe_write_user_user.c samples/bpf: Add test/example of using bpf_probe_write_user bpf helper 2016-07-25 18:07:48 -07:00
test_verifier.c samples/bpf: add verifier tests 2016-05-06 16:01:54 -04:00
trace_output_kern.c samples/bpf: fix trace_output example 2016-04-28 17:29:45 -04:00
trace_output_user.c samples: bpf: add bpf_perf_event_output example 2015-10-22 06:42:15 -07:00
tracex1_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
tracex1_user.c samples/bpf: Add simple non-portable kprobe filter example 2015-04-02 13:25:50 +02:00
tracex2_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
tracex2_user.c samples/bpf: update tracex[23] examples to use per-cpu maps 2016-02-06 03:34:36 -05:00
tracex3_kern.c samples/bpf: update tracex[23] examples to use per-cpu maps 2016-02-06 03:34:36 -05:00
tracex3_user.c samples/bpf: update tracex[23] examples to use per-cpu maps 2016-02-06 03:34:36 -05:00
tracex4_kern.c samples/bpf: Enable powerpc support 2016-04-06 16:01:29 -04:00
tracex4_user.c samples/bpf: Add kmem_alloc()/free() tracker tool 2015-04-02 13:25:51 +02:00
tracex5_kern.c bpf, samples: don't zero data when not needed 2016-04-14 21:40:42 -04:00
tracex5_user.c samples/bpf: bpf_tail_call example for tracing 2015-05-21 17:07:59 -04:00
tracex6_kern.c bpf: fix build warnings and add function read_trace_pipe() 2015-08-12 16:39:12 -07:00
tracex6_user.c bpf: fix build warnings and add function read_trace_pipe() 2015-08-12 16:39:12 -07:00
xdp1_kern.c bpf: make xdp sample variable names more meaningful 2016-07-20 22:07:24 -07:00
xdp1_user.c Add sample for adding simple drop program to link 2016-07-19 21:46:32 -07:00
xdp2_kern.c bpf: make xdp sample variable names more meaningful 2016-07-20 22:07:24 -07:00

README.rst

eBPF sample programs
====================

This directory contains a mini eBPF library, test stubs, verifier
test-suite and examples for using eBPF.

Build dependencies
==================

Compiling requires having installed:
 * clang >= version 3.4.0
 * llvm >= version 3.7.1

Note that LLVM's tool 'llc' must support target 'bpf', list version
and supported targets with command: ``llc --version``

Kernel headers
--------------

There are usually dependencies to header files of the current kernel.
To avoid installing devel kernel headers system wide, as a normal
user, simply call::

 make headers_install

This will creates a local "usr/include" directory in the git/build top
level directory, that the make system automatically pickup first.

Compiling
=========

For building the BPF samples, issue the below command from the kernel
top level directory::

 make samples/bpf/

Do notice the "/" slash after the directory name.

It is also possible to call make from this directory.  This will just
hide the the invocation of make as above with the appended "/".

Manually compiling LLVM with 'bpf' support
------------------------------------------

Since version 3.7.0, LLVM adds a proper LLVM backend target for the
BPF bytecode architecture.

By default llvm will build all non-experimental backends including bpf.
To generate a smaller llc binary one can use::

 -DLLVM_TARGETS_TO_BUILD="BPF"

Quick sniplet for manually compiling LLVM and clang
(build dependencies are cmake and gcc-c++)::

 $ git clone http://llvm.org/git/llvm.git
 $ cd llvm/tools
 $ git clone --depth 1 http://llvm.org/git/clang.git
 $ cd ..; mkdir build; cd build
 $ cmake .. -DLLVM_TARGETS_TO_BUILD="BPF;X86"
 $ make -j $(getconf _NPROCESSORS_ONLN)

It is also possible to point make to the newly compiled 'llc' or
'clang' command via redefining LLC or CLANG on the make command line::

 make samples/bpf/ LLC=~/git/llvm/build/bin/llc CLANG=~/git/llvm/build/bin/clang