Add bpf2go example + Devcontainer example #126
Conversation
David-VTUK
force-pushed
the
ebpf2go-example
branch
from
536e8b9 to
829e50c
Compare
xdp-bpf2go-example/main.go
Outdated
| } | ||
| defer objs.Close() | ||
|
|
||
| ifname := "eno2" // Change this to an interface on your machine. |
There was a problem hiding this comment.
Couldn't the interface name be given on the command line? That would make it possible to run the example without changing the code...
| #include <linux/bpf.h> | ||
| #include <bpf/bpf_helpers.h> | ||
| #include <linux/if_ether.h> | ||
| #include <linux/ip.h> |
There was a problem hiding this comment.
We generally follow the Linux kernel coding style for the BPF code in this repo. I think we should do this here as well for consistency. So please change the indent to be a single tab character; and a few more comments below:
xdp-bpf2go-example/packetProtocol.c
Outdated
| void *data = (void *)(long)ctx->data; | ||
|
|
||
| // Parse Ethernet header | ||
| struct ethhdr *eth = data; |
There was a problem hiding this comment.
Variable declarations should all be at the top of the function.
xdp-bpf2go-example/packetProtocol.c
Outdated
| } | ||
|
|
||
| // Check if the packet is an IP packet | ||
| if (eth->h_proto != __constant_htons(ETH_P_IP)) { |
There was a problem hiding this comment.
We use bpf_htons() in other places - that automatically selects the constant version as appropriate.
Also, drop the braces
xdp-bpf2go-example/packetProtocol.c
Outdated
| } | ||
|
|
||
| // Parse IP header | ||
| struct iphdr *ip = data + sizeof(struct ethhdr); |
There was a problem hiding this comment.
Variable declaration at the top of the file, please.
xdp-bpf2go-example/packetProtocol.c
Outdated
| } | ||
|
|
||
| __u32 key = ip->protocol; // Using IP protocol as the key | ||
| __u64 *count = bpf_map_lookup_elem(&protocol_count, &key); |
There was a problem hiding this comment.
Variable declarations at the top of the file.
xdp-bpf2go-example/packetProtocol.c
Outdated
|
|
||
| __u32 key = ip->protocol; // Using IP protocol as the key | ||
| __u64 *count = bpf_map_lookup_elem(&protocol_count, &key); | ||
| if (count) { |
xdp-bpf2go-example/main.go
Outdated
| for { | ||
| select { | ||
| case <-tick: | ||
| // log.Print(objs.ProtocolCount) |
Signed-off-by: David-VTUK <[email protected]> revert README.org to README.md to retain formatting Signed-off-by: David-VTUK <[email protected]> Resize diagram image Signed-off-by: David-VTUK <[email protected]>
David-VTUK
force-pushed
the
ebpf2go-example
branch
from
829e50c to
ed35685
Compare
Signed-off-by: David-VTUK <[email protected]>
David-VTUK
force-pushed
the
ebpf2go-example
branch
from
09ecce3 to
fe5a070
Compare
Signed-off-by: David-VTUK <[email protected]> Remove superfluous braces Signed-off-by: David-VTUK <[email protected]>
David-VTUK
force-pushed
the
ebpf2go-example
branch
from
87fcebd to
75df16d
Compare
| struct ethhdr *eth = data; | ||
| struct iphdr *ip = data + sizeof(struct ethhdr); | ||
| __u32 key = ip->protocol; // Using IP protocol as the key | ||
| __u64 *count = bpf_map_lookup_elem(&protocol_count, &key); |
There was a problem hiding this comment.
I don't think this works? You're dereferencing the ip variable before the range check below, which will be rejected by the verifier.
You can declare the variable without assigning to it at the top of the function (just __u32 key), and then to the assignment key = ip->protocol below the range check at the bottom. Same thing for the assignment to count (and arguably to ip.
Also, please fix the indentation (to be a single tab character per indentation level) as is the custom in the kernel sources.
bpf2go enables embedding and interacting with eBPF programs in Go applications. It does this by compiling, loading and managing eBPF programs by generating Go bindings from eBPF object files.
This is a simple example that includes both components:
A eBPF kernel application that inspects incoming packets via
xdp, recording theprotocolvalue in the IP header and storing it in a map.A Go user space application that loads the eBPF application, reads from the map and outputs information via
stdout, translating the IANA protocol number to its respective name.The
README.mdfor the example contains further informationAdditionally, a devcontainers example directory is added to help speed up eBPF development by facilitating repeatable, consistent environments to develop eBPF applications in.
Signed-off-by: David Holder [email protected]