Skip to content

Commit f71ed30

Browse files
rafaelroquettorafaelroquetto
authored
Enforce clang-format for C source files (#1177)
* clang-format eBPF sources * Add pre-commit hook and workflow check * Install pre-commit hook if not present * Update eBPF files to ensure tests run
1 parent 3fc48aa commit f71ed30

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

81 files changed

+1075
-1257
lines changed

.github/workflows/clang-format-check.yml

+37
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
name: Clang Format Check
2+
3+
on:
4+
push:
5+
branches: [ 'main', 'release-*' ]
6+
pull_request:
7+
branches: [ 'main', 'release-*' ]
8+
9+
jobs:
10+
clang-format:
11+
runs-on: ubuntu-latest
12+
13+
steps:
14+
- name: Checkout code
15+
uses: actions/checkout@v3
16+
with:
17+
fetch-depth: 0
18+
19+
- name: Install Clang-Format
20+
run: sudo apt-get install clang-format
21+
22+
- name: Check Clang Format
23+
run: |
24+
# Check for modified C/C++ files
25+
files=$(git diff --name-only origin/main...HEAD | grep -E '\.(c|cpp|h)$')
26+
if [ -z "$files" ]; then
27+
echo "No C/C++ files modified."
28+
exit 0
29+
fi
30+
31+
# Run clang-format and check for changes
32+
clang-format -i $files
33+
if ! git diff --exit-code $files; then
34+
echo "Error: Some files are not formatted correctly. Please run clang-format on the modified files or use the provided pre-commit hook."
35+
exit 1
36+
fi
37+

Makefile

+10-1
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,17 @@ define check_format
9494
$(GOIMPORTS_REVISER) -company-prefixes github.com/grafana -list-diff -output stdout $(FILE);))
9595
endef
9696

97+
98+
.PHONY: install-hooks
99+
install-hooks:
100+
@if [ ! -f .git/hooks/pre-commit ]; then \
101+
echo "Installing pre-commit hook..."; \
102+
cp hooks/pre-commit .git/hooks/pre-commit && chmod +x .git/hooks/pre-commit; \
103+
echo "Pre-commit hook installed."; \
104+
fi
105+
97106
.PHONY: prereqs
98-
prereqs:
107+
prereqs: install-hooks
99108
@echo "### Check if prerequisites are met, and installing missing dependencies"
100109
mkdir -p $(TEST_OUTPUT)/run
101110
$(call go-install-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/cmd/golangci-lint,v1.60.3)

bpf/.clang-format

+1
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
{
22
BasedOnStyle: LLVM,
3+
BreakStringLiterals: true,
34
AllowShortFunctionsOnASingleLine: InlineOnly,
45
ColumnLimit: 100,
56
IndentWidth: 4,

bpf/bpf_dbg.h

+22-21
Original file line numberDiff line numberDiff line change
@@ -23,33 +23,34 @@ typedef struct log_info {
2323
struct {
2424
__uint(type, BPF_MAP_TYPE_RINGBUF);
2525
__uint(max_entries, 1 << 12);
26-
__uint(pinning, LIBBPF_PIN_BY_NAME);
26+
__uint(pinning, LIBBPF_PIN_BY_NAME);
2727
} debug_events SEC(".maps");
2828

2929
enum bpf_func_id___x { BPF_FUNC_snprintf___x = 42 /* avoid zero */ };
3030

31-
#define bpf_dbg_helper(fmt, args...) { \
32-
log_info_t *__trace__ = bpf_ringbuf_reserve(&debug_events, sizeof(log_info_t), 0); \
33-
if (__trace__) { \
34-
if(bpf_core_enum_value_exists(enum bpf_func_id___x, BPF_FUNC_snprintf___x)) { \
35-
BPF_SNPRINTF(__trace__->log, sizeof(__trace__->log), fmt, ##args); \
36-
} else { \
37-
__builtin_memcpy(__trace__->log, fmt, sizeof(__trace__->log)); \
38-
} \
39-
u64 id = bpf_get_current_pid_tgid(); \
40-
bpf_get_current_comm(&__trace__->comm, sizeof(__trace__->comm)); \
41-
__trace__->pid = id >> 32; \
42-
bpf_ringbuf_submit(__trace__, 0); \
43-
} \
44-
}
45-
46-
#define bpf_dbg_printk(fmt, args...) { \
47-
bpf_printk(fmt, ##args); \
48-
bpf_dbg_helper(fmt, ##args); \
49-
}
31+
#define bpf_dbg_helper(fmt, args...) \
32+
{ \
33+
log_info_t *__trace__ = bpf_ringbuf_reserve(&debug_events, sizeof(log_info_t), 0); \
34+
if (__trace__) { \
35+
if (bpf_core_enum_value_exists(enum bpf_func_id___x, BPF_FUNC_snprintf___x)) { \
36+
BPF_SNPRINTF(__trace__->log, sizeof(__trace__->log), fmt, ##args); \
37+
} else { \
38+
__builtin_memcpy(__trace__->log, fmt, sizeof(__trace__->log)); \
39+
} \
40+
u64 id = bpf_get_current_pid_tgid(); \
41+
bpf_get_current_comm(&__trace__->comm, sizeof(__trace__->comm)); \
42+
__trace__->pid = id >> 32; \
43+
bpf_ringbuf_submit(__trace__, 0); \
44+
} \
45+
}
46+
47+
#define bpf_dbg_printk(fmt, args...) \
48+
{ \
49+
bpf_printk(fmt, ##args); \
50+
bpf_dbg_helper(fmt, ##args); \
51+
}
5052
#else
5153
#define bpf_dbg_printk(fmt, args...)
5254
#endif
5355

5456
#endif
55-

bpf/flow.h

+4-4
Original file line numberDiff line numberDiff line change
@@ -23,12 +23,12 @@
2323
#define TC_ACT_SHOT 2
2424
#define IP_MAX_LEN 16
2525

26-
#define ETH_ALEN 6 /* Octets in one ethernet addr */
26+
#define ETH_ALEN 6 /* Octets in one ethernet addr */
2727

28-
#define s6_addr in6_u.u6_addr8
29-
#define ETH_P_IP 0x0800 /* Internet Protocol packet */
28+
#define s6_addr in6_u.u6_addr8
29+
#define ETH_P_IP 0x0800 /* Internet Protocol packet */
3030
// ETH_P_IPV6 value as defined in IEEE 802: https://www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.xhtml
31-
#define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */
31+
#define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */
3232
typedef __u8 u8;
3333
typedef __u16 u16;
3434
typedef __u32 u32;

bpf/flows.c

+11-10
Original file line numberDiff line numberDiff line change
@@ -26,14 +26,14 @@
2626

2727
// sets the TCP header flags for connection information
2828
static inline void set_flags(struct tcphdr *th, u16 *flags) {
29-
//If both ACK and SYN are set, then it is server -> client communication during 3-way handshake.
29+
//If both ACK and SYN are set, then it is server -> client communication during 3-way handshake.
3030
if (th->ack && th->syn) {
3131
*flags |= SYN_ACK_FLAG;
32-
} else if (th->ack && th->fin ) {
32+
} else if (th->ack && th->fin) {
3333
// If both ACK and FIN are set, then it is graceful termination from server.
3434
*flags |= FIN_ACK_FLAG;
35-
} else if (th->ack && th->rst ) {
36-
// If both ACK and RST are set, then it is abrupt connection termination.
35+
} else if (th->ack && th->rst) {
36+
// If both ACK and RST are set, then it is abrupt connection termination.
3737
*flags |= RST_ACK_FLAG;
3838
} else if (th->fin) {
3939
*flags |= FIN_FLAG;
@@ -199,18 +199,18 @@ static inline int flow_monitor(struct __sk_buff *skb) {
199199
};
200200

201201
u8 *direction = (u8 *)bpf_map_lookup_elem(&flow_directions, &id);
202-
if(direction == NULL) {
202+
if (direction == NULL) {
203203
// Calculate direction based on first flag received
204204
// SYN and ACK mean someone else initiated the connection and this is the INGRESS direction
205-
if((flags & SYN_ACK_FLAG) == SYN_ACK_FLAG) {
205+
if ((flags & SYN_ACK_FLAG) == SYN_ACK_FLAG) {
206206
new_flow.iface_direction = INGRESS;
207207
}
208208
// SYN only means we initiated the connection and this is the EGRESS direction
209-
else if((flags & SYN_FLAG) == SYN_FLAG) {
209+
else if ((flags & SYN_FLAG) == SYN_FLAG) {
210210
new_flow.iface_direction = EGRESS;
211211
}
212212
// save, when direction was calculated based on TCP flag
213-
if(new_flow.iface_direction != UNKNOWN) {
213+
if (new_flow.iface_direction != UNKNOWN) {
214214
// errors are intentionally omitted
215215
bpf_map_update_elem(&flow_directions, &id, &new_flow.iface_direction, BPF_NOEXIST);
216216
}
@@ -242,7 +242,8 @@ static inline int flow_monitor(struct __sk_buff *skb) {
242242
}
243243

244244
new_flow.errno = -ret;
245-
flow_record *record = (flow_record *)bpf_ringbuf_reserve(&direct_flows, sizeof(flow_record), 0);
245+
flow_record *record =
246+
(flow_record *)bpf_ringbuf_reserve(&direct_flows, sizeof(flow_record), 0);
246247
if (!record) {
247248
if (trace_messages) {
248249
bpf_dbg_printk("couldn't reserve space in the ringbuf. Dropping flow");
@@ -257,7 +258,7 @@ static inline int flow_monitor(struct __sk_buff *skb) {
257258

258259
cleanup:
259260
// finally, when flow receives FIN or RST, clean flow_directions
260-
if(flags & FIN_FLAG || flags & RST_FLAG || flags & FIN_ACK_FLAG || flags & RST_ACK_FLAG) {
261+
if (flags & FIN_FLAG || flags & RST_FLAG || flags & FIN_ACK_FLAG || flags & RST_ACK_FLAG) {
261262
bpf_map_delete_elem(&flow_directions, &id);
262263
}
263264
return TC_ACT_OK;

bpf/flows_sock.c

+69-51
Original file line numberDiff line numberDiff line change
@@ -30,17 +30,18 @@ struct __tcphdr {
3030
__be16 dest;
3131
__be32 seq;
3232
__be32 ack_seq;
33-
__u16 res1 : 4, doff : 4, fin : 1, syn : 1, rst : 1, psh : 1, ack : 1, urg : 1, ece : 1, cwr : 1;
33+
__u16 res1 : 4, doff : 4, fin : 1, syn : 1, rst : 1, psh : 1, ack : 1, urg : 1, ece : 1,
34+
cwr : 1;
3435
__be16 window;
3536
__sum16 check;
3637
__be16 urg_ptr;
3738
};
3839

3940
struct __udphdr {
40-
__be16 source;
41-
__be16 dest;
42-
__be16 len;
43-
__sum16 check;
41+
__be16 source;
42+
__be16 dest;
43+
__be16 len;
44+
__sum16 check;
4445
};
4546

4647
static __always_inline bool read_sk_buff(struct __sk_buff *skb, flow_id *id, u16 *custom_flags) {
@@ -85,10 +86,17 @@ static __always_inline bool read_sk_buff(struct __sk_buff *skb, flow_id *id, u16
8586
break;
8687
}
8788
case ETH_P_IPV6:
88-
bpf_skb_load_bytes(skb, ETH_HLEN + offsetof(struct ipv6hdr, nexthdr), &proto, sizeof(proto));
89-
90-
bpf_skb_load_bytes(skb, ETH_HLEN + offsetof(struct ipv6hdr, saddr), &id->src_ip.s6_addr, sizeof(id->src_ip.s6_addr));
91-
bpf_skb_load_bytes(skb, ETH_HLEN + offsetof(struct ipv6hdr, daddr), &id->dst_ip.s6_addr, sizeof(id->dst_ip.s6_addr));
89+
bpf_skb_load_bytes(
90+
skb, ETH_HLEN + offsetof(struct ipv6hdr, nexthdr), &proto, sizeof(proto));
91+
92+
bpf_skb_load_bytes(skb,
93+
ETH_HLEN + offsetof(struct ipv6hdr, saddr),
94+
&id->src_ip.s6_addr,
95+
sizeof(id->src_ip.s6_addr));
96+
bpf_skb_load_bytes(skb,
97+
ETH_HLEN + offsetof(struct ipv6hdr, daddr),
98+
&id->dst_ip.s6_addr,
99+
sizeof(id->dst_ip.s6_addr));
92100

93101
hdr_len = ETH_HLEN + sizeof(struct ipv6hdr);
94102
break;
@@ -100,40 +108,49 @@ static __always_inline bool read_sk_buff(struct __sk_buff *skb, flow_id *id, u16
100108
id->dst_port = 0;
101109
id->transport_protocol = proto;
102110

103-
switch(proto) {
104-
case IPPROTO_TCP: {
105-
u16 port;
106-
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __tcphdr, source), &port, sizeof(port));
107-
id->src_port = __bpf_htons(port);
108-
109-
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __tcphdr, dest), &port, sizeof(port));
110-
id->dst_port = __bpf_htons(port);
111-
112-
u8 doff;
113-
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __tcphdr, ack_seq) + 4, &doff, sizeof(doff)); // read the first byte past __tcphdr->ack_seq, we can't do offsetof bit fields
114-
doff &= 0xf0; // clean-up res1
115-
doff >>= 4; // move the upper 4 bits to low
116-
doff *= 4; // convert to bytes length
117-
118-
u8 flags;
119-
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __tcphdr, ack_seq) + 4 + 1, &flags, sizeof(flags)); // read the second byte past __tcphdr->doff, again bit fields offsets
120-
*custom_flags = ((u16)flags & 0x00ff);
121-
122-
hdr_len += doff;
123-
124-
if ((skb->len - hdr_len) < 0) { // less than 0 is a packet we can't parse
125-
return false;
126-
}
127-
128-
break;
129-
}
130-
case IPPROTO_UDP: {
131-
u16 port;
132-
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __udphdr, source), &port, sizeof(port));
133-
id->src_port = __bpf_htons(port);
134-
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __udphdr, dest), &port, sizeof(port));
135-
id->dst_port = __bpf_htons(port);
111+
switch (proto) {
112+
case IPPROTO_TCP: {
113+
u16 port;
114+
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __tcphdr, source), &port, sizeof(port));
115+
id->src_port = __bpf_htons(port);
116+
117+
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __tcphdr, dest), &port, sizeof(port));
118+
id->dst_port = __bpf_htons(port);
119+
120+
u8 doff;
121+
bpf_skb_load_bytes(
122+
skb,
123+
hdr_len + offsetof(struct __tcphdr, ack_seq) + 4,
124+
&doff,
125+
sizeof(
126+
doff)); // read the first byte past __tcphdr->ack_seq, we can't do offsetof bit fields
127+
doff &= 0xf0; // clean-up res1
128+
doff >>= 4; // move the upper 4 bits to low
129+
doff *= 4; // convert to bytes length
130+
131+
u8 flags;
132+
bpf_skb_load_bytes(
133+
skb,
134+
hdr_len + offsetof(struct __tcphdr, ack_seq) + 4 + 1,
135+
&flags,
136+
sizeof(flags)); // read the second byte past __tcphdr->doff, again bit fields offsets
137+
*custom_flags = ((u16)flags & 0x00ff);
138+
139+
hdr_len += doff;
140+
141+
if ((skb->len - hdr_len) < 0) { // less than 0 is a packet we can't parse
142+
return false;
136143
}
144+
145+
break;
146+
}
147+
case IPPROTO_UDP: {
148+
u16 port;
149+
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __udphdr, source), &port, sizeof(port));
150+
id->src_port = __bpf_htons(port);
151+
bpf_skb_load_bytes(skb, hdr_len + offsetof(struct __udphdr, dest), &port, sizeof(port));
152+
id->dst_port = __bpf_htons(port);
153+
}
137154
}
138155

139156
// custom flags
@@ -149,8 +166,8 @@ static __always_inline bool read_sk_buff(struct __sk_buff *skb, flow_id *id, u16
149166
}
150167

151168
static __always_inline bool same_ip(u8 *ip1, u8 *ip2) {
152-
for (int i=0; i<16; i+=4) {
153-
if (*((u32 *)(ip1+i)) != *((u32 *)(ip2+i))) {
169+
for (int i = 0; i < 16; i += 4) {
170+
if (*((u32 *)(ip1 + i)) != *((u32 *)(ip2 + i))) {
154171
return false;
155172
}
156173
}
@@ -214,21 +231,21 @@ int socket__http_filter(struct __sk_buff *skb) {
214231
};
215232

216233
u8 *direction = (u8 *)bpf_map_lookup_elem(&flow_directions, &id);
217-
if(direction == NULL) {
234+
if (direction == NULL) {
218235
// Calculate direction based on first flag received
219236
// SYN and ACK mean someone else initiated the connection and this is the INGRESS direction
220-
if((flags & (SYN_FLAG | ACK_FLAG)) == (SYN_FLAG | ACK_FLAG)) {
237+
if ((flags & (SYN_FLAG | ACK_FLAG)) == (SYN_FLAG | ACK_FLAG)) {
221238
new_flow.iface_direction = INGRESS;
222239
}
223240
// SYN only means we initiated the connection and this is the EGRESS direction
224-
else if((flags & SYN_FLAG) == SYN_FLAG) {
241+
else if ((flags & SYN_FLAG) == SYN_FLAG) {
225242
new_flow.iface_direction = EGRESS;
226243
}
227244
// save, when direction was calculated based on TCP flag
228-
if(new_flow.iface_direction != UNKNOWN) {
245+
if (new_flow.iface_direction != UNKNOWN) {
229246
// errors are intentionally omitted
230247
bpf_map_update_elem(&flow_directions, &id, &new_flow.iface_direction, BPF_NOEXIST);
231-
}
248+
}
232249
// fallback for lost or already started connections and UDP
233250
else {
234251
new_flow.iface_direction = INGRESS;
@@ -257,7 +274,8 @@ int socket__http_filter(struct __sk_buff *skb) {
257274
}
258275

259276
new_flow.errno = -ret;
260-
flow_record *record = (flow_record *)bpf_ringbuf_reserve(&direct_flows, sizeof(flow_record), 0);
277+
flow_record *record =
278+
(flow_record *)bpf_ringbuf_reserve(&direct_flows, sizeof(flow_record), 0);
261279
if (!record) {
262280
if (trace_messages) {
263281
bpf_dbg_printk("couldn't reserve space in the ringbuf. Dropping flow");
@@ -272,7 +290,7 @@ int socket__http_filter(struct __sk_buff *skb) {
272290

273291
cleanup:
274292
// finally, when flow receives FIN or RST, clean flow_directions
275-
if(flags & FIN_FLAG || flags & RST_FLAG) {
293+
if (flags & FIN_FLAG || flags & RST_FLAG) {
276294
bpf_map_delete_elem(&flow_directions, &id);
277295
}
278296
return TC_ACT_OK;

bpf/go_byte_arr.h

+2-1
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,8 @@
1616
#include "utils.h"
1717
#include "bpf_dbg.h"
1818

19-
static __inline int read_go_byte_arr(char *name, void *base_ptr, u8 offset, void *field, u64 *size_ptr, u64 max_size) {
19+
static __inline int
20+
read_go_byte_arr(char *name, void *base_ptr, u8 offset, void *field, u64 *size_ptr, u64 max_size) {
2021
void *ptr = 0;
2122
if (bpf_probe_read(&ptr, sizeof(ptr), (void *)(base_ptr + offset)) != 0) {
2223
bpf_dbg_printk("can't read ptr for %s", name);

0 commit comments

Comments
 (0)