Created
June 4, 2020 07:16
-
-
Save soumyadipdm/c0d5610595b9946c71490aaa2d66f350 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- /usr/share/bcc/tools/tcptop 2020-05-06 09:47:19.000000000 +0000 | |
+++ my_tcptop3 2020-06-04 07:02:29.028703296 +0000 | |
@@ -25,7 +25,7 @@ | |
# 02-Sep-2016 Brendan Gregg Created this. | |
from __future__ import print_function | |
-from bcc import BPF | |
+from bcc import BPF, DEBUG_BPF, DEBUG_PREPROCESSOR, DEBUG_SOURCE | |
import argparse | |
from socket import inet_ntop, AF_INET, AF_INET6 | |
from struct import pack | |
@@ -76,6 +76,8 @@ | |
#include <uapi/linux/ptrace.h> | |
#include <net/sock.h> | |
#include <bcc/proto.h> | |
+#include <linux/cgroup.h> | |
+#include <linux/sched.h> | |
struct ipv4_key_t { | |
u32 pid; | |
@@ -83,6 +85,7 @@ | |
u32 daddr; | |
u16 lport; | |
u16 dport; | |
+ char cgrouppath[16]; | |
}; | |
BPF_HASH(ipv4_send_bytes, struct ipv4_key_t); | |
BPF_HASH(ipv4_recv_bytes, struct ipv4_key_t); | |
@@ -93,27 +96,21 @@ | |
u32 pid; | |
u16 lport; | |
u16 dport; | |
- u64 __pad__; | |
+ char cgrouppath[16]; | |
}; | |
BPF_HASH(ipv6_send_bytes, struct ipv6_key_t); | |
BPF_HASH(ipv6_recv_bytes, struct ipv6_key_t); | |
-#if CGROUPSET | |
-BPF_TABLE_PINNED("hash", u64, u64, cgroupset, 1024, "CGROUPPATH"); | |
-#endif | |
- | |
int kprobe__tcp_sendmsg(struct pt_regs *ctx, struct sock *sk, | |
struct msghdr *msg, size_t size) | |
{ | |
u32 pid = bpf_get_current_pid_tgid() >> 32; | |
- FILTER | |
-#if CGROUPSET | |
- u64 cgroupid = bpf_get_current_cgroup_id(); | |
- if (cgroupset.lookup(&cgroupid) == NULL) { | |
- return 0; | |
- } | |
-#endif | |
u16 dport = 0, family = sk->__sk_common.skc_family; | |
+ | |
+ char cgpath[16] = "/"; | |
+ struct task_struct *t = NULL; | |
+ t = (struct task_struct *)bpf_get_current_task(); | |
+ task_cgroup_path(t, (char *) &cgpath, sizeof(cgpath)); | |
if (family == AF_INET) { | |
struct ipv4_key_t ipv4_key = {.pid = pid}; | |
@@ -122,6 +119,7 @@ | |
ipv4_key.lport = sk->__sk_common.skc_num; | |
dport = sk->__sk_common.skc_dport; | |
ipv4_key.dport = ntohs(dport); | |
+ __builtin_memcpy(&ipv4_key.cgrouppath, &cgpath, sizeof(ipv4_key.cgrouppath)); | |
ipv4_send_bytes.increment(ipv4_key, size); | |
} else if (family == AF_INET6) { | |
@@ -133,6 +131,7 @@ | |
ipv6_key.lport = sk->__sk_common.skc_num; | |
dport = sk->__sk_common.skc_dport; | |
ipv6_key.dport = ntohs(dport); | |
+ __builtin_memcpy(&ipv6_key.cgrouppath, &cgpath, sizeof(ipv6_key.cgrouppath)); | |
ipv6_send_bytes.increment(ipv6_key, size); | |
} | |
// else drop | |
@@ -149,18 +148,16 @@ | |
int kprobe__tcp_cleanup_rbuf(struct pt_regs *ctx, struct sock *sk, int copied) | |
{ | |
u32 pid = bpf_get_current_pid_tgid() >> 32; | |
- FILTER | |
-#if CGROUPSET | |
- u64 cgroupid = bpf_get_current_cgroup_id(); | |
- if (cgroupset.lookup(&cgroupid) == NULL) { | |
- return 0; | |
- } | |
-#endif | |
u16 dport = 0, family = sk->__sk_common.skc_family; | |
- u64 *val, zero = 0; | |
- if (copied <= 0) | |
+ char cgpath[16] = "/"; | |
+ struct task_struct *t = NULL; | |
+ t = (struct task_struct *)bpf_get_current_task(); | |
+ task_cgroup_path(t, (char *) &cgpath, sizeof(cgpath)); | |
+ | |
+ if (copied <= 0) { | |
return 0; | |
+ } | |
if (family == AF_INET) { | |
struct ipv4_key_t ipv4_key = {.pid = pid}; | |
@@ -169,6 +166,7 @@ | |
ipv4_key.lport = sk->__sk_common.skc_num; | |
dport = sk->__sk_common.skc_dport; | |
ipv4_key.dport = ntohs(dport); | |
+ __builtin_memcpy(&ipv4_key.cgrouppath, &cgpath, sizeof(ipv4_key.cgrouppath)); | |
ipv4_recv_bytes.increment(ipv4_key, copied); | |
} else if (family == AF_INET6) { | |
@@ -180,6 +178,7 @@ | |
ipv6_key.lport = sk->__sk_common.skc_num; | |
dport = sk->__sk_common.skc_dport; | |
ipv6_key.dport = ntohs(dport); | |
+ __builtin_memcpy(&ipv6_key.cgrouppath, &cgpath, sizeof(ipv6_key.cgrouppath)); | |
ipv6_recv_bytes.increment(ipv6_key, copied); | |
} | |
// else drop | |
@@ -189,16 +188,6 @@ | |
""" | |
# code substitutions | |
-if args.pid: | |
- bpf_text = bpf_text.replace('FILTER', | |
- 'if (pid != %s) { return 0; }' % args.pid) | |
-else: | |
- bpf_text = bpf_text.replace('FILTER', '') | |
-if args.cgroupmap: | |
- bpf_text = bpf_text.replace('CGROUPSET', '1') | |
- bpf_text = bpf_text.replace('CGROUPPATH', args.cgroupmap) | |
-else: | |
- bpf_text = bpf_text.replace('CGROUPSET', '0') | |
if debug or args.ebpf: | |
print(bpf_text) | |
if args.ebpf: | |
@@ -228,7 +217,8 @@ | |
dport=k.dport) | |
# initialize BPF | |
-b = BPF(text=bpf_text) | |
+b = BPF(text=bpf_text, debug=DEBUG_BPF|DEBUG_PREPROCESSOR|DEBUG_SOURCE, | |
+ cflags=["-fmacro-backtrace-limit=0"]) | |
ipv4_send_bytes = b["ipv4_send_bytes"] | |
ipv4_recv_bytes = b["ipv4_recv_bytes"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment