Add cgroup

castai · Aug 25, 2024 · 557d268 · 557d268
1 parent 3009761
commit 557d268
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 3 deletions.
diff --git a/devbox.json b/devbox.json
@@ -8,7 +8,8 @@
     "protoc-gen-go@1.34.1",
     "protoc-gen-go-grpc@1.3.0",
     "tilt@0.33.10",
-    "bpftrace@latest"
+    "bpftrace@latest",
+    "bpftool@latest"
   ],
   "shell": {
     "init_hook": [

diff --git a/devbox.lock b/devbox.lock
@@ -1,6 +1,12 @@
 {
   "lockfile_version": "1",
   "packages": {
+    "bpftool@latest": {
+      "last_modified": "2023-02-24T09:01:09Z",
+      "resolved": "github:NixOS/nixpkgs/7d0ed7f2e5aea07ab22ccb338d27fbe347ed2f11#bpftool",
+      "source": "devbox-search",
+      "version": "5.19.12"
+    },
     "bpftrace@latest": {
       "last_modified": "2024-08-15T06:27:57Z",
       "resolved": "github:NixOS/nixpkgs/8b908192e64224420e2d59dfd9b2e4309e154c5d#bpftrace",

diff --git a/tools/ebpfplayground/sock_cookie/bpf_x86_bpfel.o b/tools/ebpfplayground/sock_cookie/bpf_x86_bpfel.o
diff --git a/tools/ebpfplayground/sock_cookie/main.c b/tools/ebpfplayground/sock_cookie/main.c
@@ -30,6 +30,7 @@ enum
     kind_security_socket_connect = 1,
     kind_security_socket_sendmsg = 2,
     kind_inet_sock_set_state = 3,
+    kind_cgroup_skb_egress = 4,
 };
 
 struct event {
@@ -182,6 +183,7 @@ int cgroup_skb_ingress(struct __sk_buff *ctx)
         return 1;
     }
 	bpf_printk("cgroup_skb ingress %d\n", cookie);
+
     return 1;
 }
 
@@ -210,5 +212,19 @@ int cgroup_skb_egress(struct __sk_buff *ctx)
     }
 	bpf_printk("cgroup_skb egress %d\n", cookie);
 
+    struct event *e;
+    e = bpf_ringbuf_reserve(&events, sizeof(struct event), 0);
+    if (!e) {
+        return 0;
+    }
+    e->kind = kind_cgroup_skb_egress;
+    e->cookie = cookie;
+
+    struct netcontext_val *netctx = bpf_map_lookup_elem(&netcontext, &cookie);
+    if (netctx) {
+        __builtin_memcpy(&e->comm, &netctx->comm, 16);
+    }
+    bpf_ringbuf_submit(e, 0);
+
     return 1;
 }
diff --git a/tools/ebpfplayground/sock_cookie/main.go b/tools/ebpfplayground/sock_cookie/main.go
@@ -107,7 +107,7 @@ func main() {
 		attach(objs.SecuritySkClone),
 		attach(objs.TraceInetSockSetState),
 		//attachCgroupSKB(objs.CgroupSkbIngress, ebpf.AttachCGroupInetIngress),
-		//attachCgroupSKB(objs.CgroupSkbEgress, ebpf.AttachCGroupInetEgress),
+		attachCgroupSKB(objs.CgroupSkbEgress, ebpf.AttachCGroupInetEgress),
 	}
 
 	defer func() {
@@ -176,8 +176,10 @@ func readEvents(ctx context.Context, rd *ringbuf.Reader) {
 			kind = "security_socket_sendmsg"
 		case 3:
 			kind = "inet_sock_set_state"
+		case 4:
+			kind = "kind_cgroup_skb_egress"
 		}
-		fmt.Printf("kind=%s proc=%s src=%s:%d dst=%s:%d cookie=%d\n", kind, string(event.Comm[:]), intToIP(event.Saddr), event.Sport, intToIP(event.Daddr), event.Dport, event.Cookie)
+		fmt.Printf("kind=%30s proc=%10s  cookie=%d src=%s:%d dst=%s:%d\n", kind, string(event.Comm[:]), event.Cookie, intToIP(event.Saddr), event.Sport, intToIP(event.Daddr), event.Dport)
 	}
 }