Merge branch 'linuxkerneltravel:develop' into develop

albertxu216 · Mar 25, 2024 · 6d5b9e2 · 6d5b9e2
2 parents 533edfd + a1a5af0
commit 6d5b9e2
Show file tree

Hide file tree

Showing 33 changed files with 1,264 additions and 716 deletions.
diff --git a/.github/workflows/net_watcher.yml b/.github/workflows/net_watcher.yml
@@ -41,4 +41,7 @@ jobs:
           sudo timeout -s SIGINT 5 ./netwatcher -r || if [[ $? != 124 && $? != 0 ]];then exit $?;fi
           sudo timeout -s SIGINT 5 ./netwatcher -t || if [[ $? != 124 && $? != 0 ]];then exit $?;fi
           sudo timeout -s SIGINT 5 ./netwatcher -u || if [[ $? != 124 && $? != 0 ]];then exit $?;fi
+          sudo timeout -s SIGINT 5 ./netwatcher -n || if [[ $? != 124 && $? != 0 ]];then exit $?;fi
+          sudo timeout -s SIGINT 5 ./netwatcher -k || if [[ $? != 124 && $? != 0 ]];then exit $?;fi
+          sudo timeout -s SIGINT 5 ./netwatcher -k -T || if [[ $? != 124 && $? != 0 ]];then exit $?;fi
         timeout-minutes: 5
diff --git a/eBPF_Supermarket/Network_Subsystem/net_watcher/dropreason.h b/eBPF_Supermarket/Network_Subsystem/net_watcher/dropreason.h
@@ -0,0 +1,83 @@
+#ifndef __DROPREASON_H
+#define __DROPREASON_H
+const char *SKB_Drop_Reason_Strings[] = {
+    "SKB_NOT_DROPPED_YET",
+    "SKB_CONSUMED",
+    "SKB_DROP_REASON_NOT_SPECIFIED",
+    "SKB_DROP_REASON_NO_SOCKET",
+    "SKB_DROP_REASON_PKT_TOO_SMALL",
+    "SKB_DROP_REASON_TCP_CSUM",
+    "SKB_DROP_REASON_SOCKET_FILTER",
+    "SKB_DROP_REASON_UDP_CSUM",
+    "SKB_DROP_REASON_NETFILTER_DROP",
+    "SKB_DROP_REASON_OTHERHOST",
+    "SKB_DROP_REASON_IP_CSUM",
+    "SKB_DROP_REASON_IP_INHDR",
+    "SKB_DROP_REASON_IP_RPFILTER",
+    "SKB_DROP_REASON_UNICAST_IN_L2_MULTICAST",
+    "SKB_DROP_REASON_XFRM_POLICY",
+    "SKB_DROP_REASON_IP_NOPROTO",
+    "SKB_DROP_REASON_SOCKET_RCVBUFF",
+    "SKB_DROP_REASON_PROTO_MEM",
+    "SKB_DROP_REASON_TCP_MD5NOTFOUND",
+    "SKB_DROP_REASON_TCP_MD5UNEXPECTED",
+    "SKB_DROP_REASON_TCP_MD5FAILURE",
+    "SKB_DROP_REASON_SOCKET_BACKLOG",
+    "SKB_DROP_REASON_TCP_FLAGS",
+    "SKB_DROP_REASON_TCP_ZEROWINDOW",
+    "SKB_DROP_REASON_TCP_OLD_DATA",
+    "SKB_DROP_REASON_TCP_OVERWINDOW",
+    "SKB_DROP_REASON_TCP_OFOMERGE",
+    "SKB_DROP_REASON_TCP_RFC7323_PAWS",
+    "SKB_DROP_REASON_TCP_INVALID_SEQUENCE",
+    "SKB_DROP_REASON_TCP_RESET",
+    "SKB_DROP_REASON_TCP_INVALID_SYN",
+    "SKB_DROP_REASON_TCP_CLOSE",
+    "SKB_DROP_REASON_TCP_FASTOPEN",
+    "SKB_DROP_REASON_TCP_OLD_ACK",
+    "SKB_DROP_REASON_TCP_TOO_OLD_ACK",
+    "SKB_DROP_REASON_TCP_ACK_UNSENT_DATA",
+    "SKB_DROP_REASON_TCP_OFO_QUEUE_PRUNE",
+    "SKB_DROP_REASON_TCP_OFO_DROP",
+    "SKB_DROP_REASON_IP_OUTNOROUTES",
+    "SKB_DROP_REASON_BPF_CGROUP_EGRESS",
+    "SKB_DROP_REASON_IPV6DISABLED",
+    "SKB_DROP_REASON_NEIGH_CREATEFAIL",
+    "SKB_DROP_REASON_NEIGH_FAILED",
+    "SKB_DROP_REASON_NEIGH_QUEUEFULL",
+    "SKB_DROP_REASON_NEIGH_DEAD",
+    "SKB_DROP_REASON_TC_EGRESS",
+    "SKB_DROP_REASON_QDISC_DROP",
+    "SKB_DROP_REASON_CPU_BACKLOG",
+    "SKB_DROP_REASON_XDP",
+    "SKB_DROP_REASON_TC_INGRESS",
+    "SKB_DROP_REASON_UNHANDLED_PROTO",
+    "SKB_DROP_REASON_SKB_CSUM",
+    "SKB_DROP_REASON_SKB_GSO_SEG",
+    "SKB_DROP_REASON_SKB_UCOPY_FAULT",
+    "SKB_DROP_REASON_DEV_HDR",
+    "SKB_DROP_REASON_DEV_READY",
+    "SKB_DROP_REASON_FULL_RING",
+    "SKB_DROP_REASON_NOMEM",
+    "SKB_DROP_REASON_HDR_TRUNC",
+    "SKB_DROP_REASON_TAP_FILTER",
+    "SKB_DROP_REASON_TAP_TXFILTER",
+    "SKB_DROP_REASON_ICMP_CSUM",
+    "SKB_DROP_REASON_INVALID_PROTO",
+    "SKB_DROP_REASON_IP_INADDRERRORS",
+    "SKB_DROP_REASON_IP_INNOROUTES",
+    "SKB_DROP_REASON_PKT_TOO_BIG",
+    "SKB_DROP_REASON_DUP_FRAG",
+    "SKB_DROP_REASON_FRAG_REASM_TIMEOUT",
+    "SKB_DROP_REASON_FRAG_TOO_FAR",
+    "SKB_DROP_REASON_TCP_MINTTL",
+    "SKB_DROP_REASON_IPV6_BAD_EXTHDR",
+    "SKB_DROP_REASON_IPV6_NDISC_FRAG",
+    "SKB_DROP_REASON_IPV6_NDISC_HOP_LIMIT",
+    "SKB_DROP_REASON_IPV6_NDISC_BAD_CODE",
+    "SKB_DROP_REASON_IPV6_NDISC_BAD_OPTIONS",
+    "SKB_DROP_REASON_IPV6_NDISC_NS_OTHERHOST",
+    "SKB_DROP_REASON_MAX",
+    "SKB_DROP_REASON_SUBSYS_MASK",
+};
+#endif
diff --git a/eBPF_Supermarket/Network_Subsystem/net_watcher/netwatcher.bpf.c b/eBPF_Supermarket/Network_Subsystem/net_watcher/netwatcher.bpf.c
@@ -104,6 +104,12 @@ struct {
     __uint(type, BPF_MAP_TYPE_RINGBUF);
     __uint(max_entries, 256 * 1024);
 } netfilter_rb SEC(".maps");
+
+struct {
+    __uint(type, BPF_MAP_TYPE_RINGBUF);
+    __uint(max_entries, 256 * 1024);
+} kfree_rb SEC(".maps");
+
 // 存储每个tcp连接所对应的conn_t
 struct {
     __uint(type, BPF_MAP_TYPE_LRU_HASH);
@@ -142,10 +148,17 @@ struct {
     __type(value, struct filtertime);
 } netfilter_time SEC(".maps");
 
+struct {
+    __uint(type, BPF_MAP_TYPE_LRU_HASH);
+    __uint(max_entries, MAX_CONN *MAX_PACKET);
+    __type(key, int);
+    __type(value, struct packet_tuple);
+} kfree  SEC(".maps");
+
 const volatile int filter_dport = 0;
 const volatile int filter_sport = 0;
 const volatile int all_conn = 0, err_packet = 0, extra_conn_info = 0,
-                   layer_time = 0, http_info = 0, retrans_info = 0, udp_info =0,net_filter = 0;
+                   layer_time = 0, http_info = 0, retrans_info = 0, udp_info =0,net_filter = 0,kfree_info = 0;
 
 /* help macro */
 
@@ -1353,6 +1366,9 @@ int BPF_KPROBE(ip_send_skb, struct net *net,struct sk_buff *skb) {
     if (tinfo == NULL) {
         return 0;
     }
+
+    bpf_map_update_elem(&pid_filter, &pid, &pt, BPF_ANY); 
+
     struct udp_message *message;
     struct udp_message *udp_message =
         bpf_map_lookup_elem(&timestamps, pt);
@@ -1421,7 +1437,6 @@ int BPF_KPROBE(ip_local_deliver_finish) {
     tinfo->ip_local_deliver_finish_time = bpf_ktime_get_ns() / 1000;
 
     struct netfilter *message;
-    struct netfilter *netfilter =bpf_map_lookup_elem(&netfilter_time, pkt_tuple);
     message = bpf_ringbuf_reserve(&netfilter_rb, sizeof(*message), 0);
     if (!message) {
         return 0;
@@ -1478,15 +1493,47 @@ int BPF_KPROBE(ip_finish_output) {
     }
     tinfo->ip_finish_output_time = bpf_ktime_get_ns() / 1000;
     struct netfilter *message;
-    struct netfilter *netfilter =bpf_map_lookup_elem(&netfilter_time, pkt_tuple);
     message = bpf_ringbuf_reserve(&netfilter_rb, sizeof(*message), 0);
     if(!message){
         return 0;
     }
+    message->saddr = pkt_tuple->saddr;
+    message->daddr =pkt_tuple->daddr;
+    message->sport =pkt_tuple->sport;
+    message->dport = pkt_tuple->dport;
     message->local_out_time=tinfo->ip_output_time-tinfo->ip_local_out_time;
     message->post_routing_time=tinfo->ip_finish_output_time-tinfo->ip_output_time; 
     message->flag=2; 
     bpf_ringbuf_submit(message,0);
     return 0;
 }
 
+
+//drop
+SEC("tp/skb/kfree_skb")
+int tp_kfree(struct trace_event_raw_kfree_skb *ctx) {
+    if(!kfree_info)
+        return 0;
+    struct sk_buff *skb=ctx->skbaddr;
+    if (skb == NULL) // 判断是否为空
+        return 0;
+    struct iphdr *ip = skb_to_iphdr(skb);
+    struct tcphdr *tcp = skb_to_tcphdr(skb);
+     struct packet_tuple pkt_tuple = {0};
+    get_pkt_tuple(&pkt_tuple, ip, tcp);
+
+    struct reasonissue  *message;
+    message = bpf_ringbuf_reserve(&kfree_rb, sizeof(*message), 0);
+    if(!message){
+        return 0;
+    }
+    message->saddr = pkt_tuple.saddr;
+    message->daddr = pkt_tuple.daddr;
+    message->sport = pkt_tuple.sport;
+    message->dport = pkt_tuple.dport;
+    message->protocol = ctx->protocol;
+    message->location = (long)ctx->location;
+    message->drop_reason = ctx->reason;
+    bpf_ringbuf_submit(message,0);
+    return 0;
+}