88 lines
4.9 KiB
Diff
88 lines
4.9 KiB
Diff
From 12f2a608cc1c519786befadd3195316968a5ca28 Mon Sep 17 00:00:00 2001
|
|
From: zgzxx <zhangguangzhi3@huawei.com>
|
|
Date: Thu, 19 Sep 2024 10:36:59 +0800
|
|
Subject: [PATCH] adapt file ebpf for kernel 6.6
|
|
|
|
---
|
|
observer_agent/ebpf/CMakeLists.txt | 2 +-
|
|
observer_agent/ebpf/file_ebpf/CMakeLists.txt | 2 +-
|
|
observer_agent/ebpf/file_ebpf/file_fentry.bpf.c | 14 ++++++++------
|
|
3 files changed, 10 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/observer_agent/ebpf/CMakeLists.txt b/observer_agent/ebpf/CMakeLists.txt
|
|
index a5c9bbe..d400c01 100644
|
|
--- a/observer_agent/ebpf/CMakeLists.txt
|
|
+++ b/observer_agent/ebpf/CMakeLists.txt
|
|
@@ -3,7 +3,7 @@ project(ebpf)
|
|
add_subdirectory(file_ebpf)
|
|
add_custom_target(ebpf
|
|
COMMAND mkdir -p ${CMAKE_CURRENT_BINARY_DIR}/.output
|
|
- COMMAND bpftool btf dump file /sys/kernel/btf/vmlinux format c > ${CMAKE_CURRENT_BINARY_DIR}/.output/vmlinux.h
|
|
+ COMMAND bpftool btf dump file /usr/lib/debug/lib/modules/`uname -r`/vmlinux format c > ${CMAKE_CURRENT_BINARY_DIR}/.output/vmlinux.h
|
|
COMMAND clang -g -O2 -target bpf -D__TARGET_ARCH_x86 -I${CMAKE_SOURCE_DIR}/include -I${CMAKE_CURRENT_BINARY_DIR}/.output -c ${CMAKE_CURRENT_SOURCE_DIR}/fentry.bpf.c -o ${CMAKE_CURRENT_BINARY_DIR}/.output/fentry.bpf.o
|
|
COMMAND bpftool gen skeleton ${CMAKE_CURRENT_BINARY_DIR}/.output/fentry.bpf.o > ${CMAKE_CURRENT_BINARY_DIR}/.output/fentry.skel.h
|
|
COMMAND cc -g -Wall -fPIC -I${CMAKE_SOURCE_DIR}/include -I${CMAKE_CURRENT_BINARY_DIR}/.output -I${CMAKE_CURRENT_SOURCE_DIR} -c ${CMAKE_CURRENT_SOURCE_DIR}/fentry.c -o ${CMAKE_CURRENT_BINARY_DIR}/.output/fentry.o
|
|
diff --git a/observer_agent/ebpf/file_ebpf/CMakeLists.txt b/observer_agent/ebpf/file_ebpf/CMakeLists.txt
|
|
index e9e073a..b8939df 100644
|
|
--- a/observer_agent/ebpf/file_ebpf/CMakeLists.txt
|
|
+++ b/observer_agent/ebpf/file_ebpf/CMakeLists.txt
|
|
@@ -4,7 +4,7 @@ cmake_minimum_required(VERSION 3.22)
|
|
project(file_ebpf)
|
|
add_custom_target(file_ebpf
|
|
COMMAND mkdir -p ${CMAKE_CURRENT_BINARY_DIR}/.output
|
|
- COMMAND bpftool btf dump file /sys/kernel/btf/vmlinux format c > ${CMAKE_CURRENT_BINARY_DIR}/.output/vmlinux.h
|
|
+ COMMAND bpftool btf dump file /usr/lib/debug/lib/modules/`uname -r`/vmlinux format c > ${CMAKE_CURRENT_BINARY_DIR}/.output/vmlinux.h
|
|
COMMAND clang -g -O2 -target bpf -D__TARGET_ARCH_x86 -I${CMAKE_SOURCE_DIR}/include -I${CMAKE_CURRENT_BINARY_DIR}/.output -c ${CMAKE_CURRENT_SOURCE_DIR}/file_fentry.bpf.c -o ${CMAKE_CURRENT_BINARY_DIR}/.output/file_fentry.bpf.o
|
|
COMMAND bpftool gen skeleton ${CMAKE_CURRENT_BINARY_DIR}/.output/file_fentry.bpf.o > ${CMAKE_CURRENT_BINARY_DIR}/.output/file_fentry.skel.h
|
|
COMMAND cc -g -Wall -fPIC -I${CMAKE_SOURCE_DIR}/include -I${CMAKE_CURRENT_BINARY_DIR}/.output -I${CMAKE_CURRENT_SOURCE_DIR} -c ${CMAKE_CURRENT_SOURCE_DIR}/file_fentry.c -o ${CMAKE_CURRENT_BINARY_DIR}/.output/file_fentry.o
|
|
diff --git a/observer_agent/ebpf/file_ebpf/file_fentry.bpf.c b/observer_agent/ebpf/file_ebpf/file_fentry.bpf.c
|
|
index 941b785..b3ef041 100644
|
|
--- a/observer_agent/ebpf/file_ebpf/file_fentry.bpf.c
|
|
+++ b/observer_agent/ebpf/file_ebpf/file_fentry.bpf.c
|
|
@@ -178,7 +178,7 @@ int BPF_PROG(fexit_vfs_write, struct file *file, const char *buf, size_t count,
|
|
}
|
|
|
|
SEC("fexit/vfs_unlink")
|
|
-int BPF_PROG(fexit_vfs_unlink, struct inode *dir, struct dentry *dentry, struct inode **delegated_inode, int ret)
|
|
+int BPF_PROG(fexit_vfs_unlink, struct mnt_idmap *idmap, struct inode *dir, struct dentry *dentry, struct inode **delegated_inode, int ret)
|
|
{
|
|
struct ebpf_event *e = NULL;
|
|
|
|
@@ -287,7 +287,7 @@ int BPF_PROG(fexit_chown_common, const struct path *path, uid_t user, gid_t grou
|
|
}
|
|
|
|
SEC("fentry/__vfs_setxattr_noperm")
|
|
-int BPF_PROG(fentry__vfs_setxattr_noperm, struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
|
|
+int BPF_PROG(fentry__vfs_setxattr_noperm, struct mnt_idmap *idmap, struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
|
|
{
|
|
struct ebpf_event *e = NULL;
|
|
|
|
@@ -307,7 +307,7 @@ int BPF_PROG(fentry__vfs_setxattr_noperm, struct dentry *dentry, const char *nam
|
|
}
|
|
|
|
SEC("fentry/__vfs_removexattr_locked")
|
|
-int BPF_PROG(fentry__vfs_removexattr_locked, struct dentry *dentry, const char *name, struct inode **delegated_inode)
|
|
+int BPF_PROG(fentry__vfs_removexattr_locked, struct mnt_idmap *idmap, struct dentry *dentry, const char *name, struct inode **delegated_inode)
|
|
{
|
|
struct ebpf_event *e = NULL;
|
|
|
|
@@ -327,10 +327,12 @@ int BPF_PROG(fentry__vfs_removexattr_locked, struct dentry *dentry, const char *
|
|
}
|
|
|
|
SEC("fentry/vfs_rename")
|
|
-int BPF_PROG(fentry_vfs_rename, struct inode *old_dir, struct dentry *old_dentry,
|
|
- struct inode *new_dir, struct dentry *new_dentry, struct inode **delegated_inode,
|
|
- unsigned int flags)
|
|
+int BPF_PROG(fentry_vfs_rename, struct renamedata *rd)
|
|
{
|
|
+ if (!rd)
|
|
+ return 0;
|
|
+ struct dentry *old_dentry = rd->old_dentry;
|
|
+ struct dentry *new_dentry = rd->new_dentry;
|
|
struct ebpf_event *e = NULL;
|
|
char name[] = "rename";
|
|
|
|
--
|
|
2.33.0
|
|
|