diff options
author | thiagoftsm <thiagoftsm@gmail.com> | 2024-02-16 13:51:49 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-16 13:51:49 +0000 |
commit | 23e9e990bad6e988801898514b8c0f295dedb885 (patch) | |
tree | 6de3f8a1d468b79102866416f71de4d95f0052b8 | |
parent | 9f08cd92e69afc3b5fcd8a9667b356908aef299e (diff) |
eBPF - Network Viewer (Move code) (#17018)
-rw-r--r-- | src/collectors/ebpf.plugin/ebpf.c | 48 | ||||
-rw-r--r-- | src/collectors/ebpf.plugin/ebpf_apps.c | 18 | ||||
-rw-r--r-- | src/collectors/ebpf.plugin/ebpf_apps.h | 2 | ||||
-rw-r--r-- | src/collectors/ebpf.plugin/ebpf_functions.c | 5 | ||||
-rw-r--r-- | src/libnetdata/ebpf/ebpf.c | 74 | ||||
-rw-r--r-- | src/libnetdata/ebpf/ebpf.h | 6 |
6 files changed, 81 insertions, 72 deletions
diff --git a/src/collectors/ebpf.plugin/ebpf.c b/src/collectors/ebpf.plugin/ebpf.c index c46688895f..5c2036394e 100644 --- a/src/collectors/ebpf.plugin/ebpf.c +++ b/src/collectors/ebpf.plugin/ebpf.c @@ -3051,48 +3051,6 @@ static inline void ebpf_load_thread_config() } /** - * Check Conditions - * - * This function checks kernel that plugin is running and permissions. - * - * @return It returns 0 on success and -1 otherwise - */ -int ebpf_check_conditions() -{ - if (!has_condition_to_run(running_on_kernel)) { - netdata_log_error("The current collector cannot run on this kernel."); - return -1; - } - - if (!am_i_running_as_root()) { - netdata_log_error( - "ebpf.plugin should either run as root (now running with uid %u, euid %u) or have special capabilities..", - (unsigned int)getuid(), (unsigned int)geteuid()); - return -1; - } - - return 0; -} - -/** - * Adjust memory - * - * Adjust memory values to load eBPF programs. - * - * @return It returns 0 on success and -1 otherwise - */ -int ebpf_adjust_memory_limit() -{ - struct rlimit r = { RLIM_INFINITY, RLIM_INFINITY }; - if (setrlimit(RLIMIT_MEMLOCK, &r)) { - netdata_log_error("Setrlimit(RLIMIT_MEMLOCK)"); - return -1; - } - - return 0; -} - -/** * Parse arguments given from user. * * @param argc the number of arguments @@ -3324,7 +3282,7 @@ static void ebpf_parse_args(int argc, char **argv) case EBPF_OPTION_UNITTEST: { // if we cannot run until the end, we will cancel the unittest int exit_code = ECANCELED; - if (ebpf_check_conditions()) + if (ebpf_can_plugin_load_code(running_on_kernel, NETDATA_EBPF_PLUGIN_NAME)) goto unittest; if (ebpf_adjust_memory_limit()) @@ -4009,7 +3967,7 @@ static void ebpf_manage_pid(pid_t pid) int main(int argc, char **argv) { clocks_init(); - nd_log_initialize_for_external_plugins("ebpf.plugin"); + nd_log_initialize_for_external_plugins(NETDATA_EBPF_PLUGIN_NAME); main_thread_id = gettid(); @@ -4017,7 +3975,7 @@ int main(int argc, char **argv) ebpf_parse_args(argc, argv); ebpf_manage_pid(getpid()); - if (ebpf_check_conditions()) + if (ebpf_can_plugin_load_code(running_on_kernel, NETDATA_EBPF_PLUGIN_NAME)) return 2; if (ebpf_adjust_memory_limit()) diff --git a/src/collectors/ebpf.plugin/ebpf_apps.c b/src/collectors/ebpf.plugin/ebpf_apps.c index e9503d1db1..544f468523 100644 --- a/src/collectors/ebpf.plugin/ebpf_apps.c +++ b/src/collectors/ebpf.plugin/ebpf_apps.c @@ -372,24 +372,6 @@ int ebpf_read_hash_table(void *ep, int fd, uint32_t pid) *****************************************************************/ /** - * Am I running as Root - * - * Verify the user that is running the collector. - * - * @return It returns 1 for root and 0 otherwise. - */ -int am_i_running_as_root() -{ - uid_t uid = getuid(), euid = geteuid(); - - if (uid == 0 || euid == 0) { - return 1; - } - - return 0; -} - -/** * Reset the target values * * @param root the pointer to the chain that will be reset. diff --git a/src/collectors/ebpf.plugin/ebpf_apps.h b/src/collectors/ebpf.plugin/ebpf_apps.h index feffe74218..12f2f54fec 100644 --- a/src/collectors/ebpf.plugin/ebpf_apps.h +++ b/src/collectors/ebpf.plugin/ebpf_apps.h @@ -195,8 +195,6 @@ void clean_apps_groups_target(struct ebpf_target *apps_groups_root_target); size_t zero_all_targets(struct ebpf_target *root); -int am_i_running_as_root(); - void cleanup_exited_pids(); int ebpf_read_hash_table(void *ep, int fd, uint32_t pid); diff --git a/src/collectors/ebpf.plugin/ebpf_functions.c b/src/collectors/ebpf.plugin/ebpf_functions.c index 7876c9b945..437d1234b2 100644 --- a/src/collectors/ebpf.plugin/ebpf_functions.c +++ b/src/collectors/ebpf.plugin/ebpf_functions.c @@ -116,7 +116,10 @@ static void ebpf_fill_function_buffer(BUFFER *wb, netdata_socket_plus_t *values, buffer_json_add_array_item_uint64(wb, (uint64_t)values->pid); // NAME - buffer_json_add_array_item_string(wb, (name) ? name : "unknown"); + if (!values->data.name[0]) + buffer_json_add_array_item_string(wb, (name) ? name : "unknown"); + else + buffer_json_add_array_item_string(wb, values->data.name); // Origin buffer_json_add_array_item_string(wb, (values->data.external_origin) ? "in" : "out"); diff --git a/src/libnetdata/ebpf/ebpf.c b/src/libnetdata/ebpf/ebpf.c index 7ae7649536..087454dbaf 100644 --- a/src/libnetdata/ebpf/ebpf.c +++ b/src/libnetdata/ebpf/ebpf.c @@ -244,7 +244,16 @@ static int kernel_is_rejected() return 0; } -static int has_ebpf_kernel_version(int version) +/** + * Check Kernel Version + * + * Test kernel version + * + * @param version current kernel version + * + * @return It returns 1 when kernel is supported and 0 otherwise + */ +int ebpf_check_kernel_version(int version) { if (kernel_is_rejected()) return 0; @@ -253,12 +262,67 @@ static int has_ebpf_kernel_version(int version) return (version >= NETDATA_MINIMUM_EBPF_KERNEL || get_redhat_release() >= NETDATA_MINIMUM_RH_VERSION); } -int has_condition_to_run(int version) +/** + * Am I running as Root + * + * Verify the user that is running the collector. + * + * @return It returns 1 for root and 0 otherwise. + */ +int is_ebpf_plugin_running_as_root() { - if (!has_ebpf_kernel_version(version)) - return 0; + uid_t uid = getuid(), euid = geteuid(); + + if (uid == 0 || euid == 0) { + return 1; + } + + return 0; +} + +/** + * Can the plugin run eBPF code + * + * This function checks kernel version and permissions. + * + * @param kver the kernel version + * @param name the plugin name. + * + * @return It returns 0 on success and -1 otherwise + */ +int ebpf_can_plugin_load_code(int kver, char *plugin_name) +{ + if (!ebpf_check_kernel_version(kver)) { + netdata_log_error("The current collector cannot run on this kernel."); + return -1; + } + + if (!is_ebpf_plugin_running_as_root()) { + netdata_log_error( + "%s should either run as root (now running with uid %u, euid %u) or have special capabilities.", + plugin_name, (unsigned int)getuid(), (unsigned int)geteuid()); + return -1; + } + + return 0; +} - return 1; +/** + * Adjust memory + * + * Adjust memory values to load eBPF programs. + * + * @return It returns 0 on success and -1 otherwise + */ +int ebpf_adjust_memory_limit() +{ + struct rlimit r = { RLIM_INFINITY, RLIM_INFINITY }; + if (setrlimit(RLIMIT_MEMLOCK, &r)) { + netdata_log_error("Setrlimit(RLIMIT_MEMLOCK)"); + return -1; + } + + return 0; } //---------------------------------------------------------------------------------------------------------------------- diff --git a/src/libnetdata/ebpf/ebpf.h b/src/libnetdata/ebpf/ebpf.h index 0af794514c..50eb696302 100644 --- a/src/libnetdata/ebpf/ebpf.h +++ b/src/libnetdata/ebpf/ebpf.h @@ -3,6 +3,8 @@ #ifndef NETDATA_EBPF_H #define NETDATA_EBPF_H 1 +#define NETDATA_EBPF_PLUGIN_NAME "ebpf.plugin" + #include <bpf/bpf.h> #include <bpf/libbpf.h> #ifdef LIBBPF_DEPRECATED @@ -361,7 +363,6 @@ typedef struct ebpf_module { int ebpf_get_kernel_version(); int get_redhat_release(); -int has_condition_to_run(int version); char *ebpf_kernel_suffix(int version, int isrh); struct bpf_link **ebpf_load_program(char *plugins_dir, ebpf_module_t *em, int kver, int is_rhf, struct bpf_object **obj); @@ -484,4 +485,7 @@ int ebpf_statistic_create_aral_chart(char *name, ebpf_module_t *em); void ebpf_statistic_obsolete_aral_chart(ebpf_module_t *em, int prio); void ebpf_send_data_aral_chart(ARAL *memory, ebpf_module_t *em); +int ebpf_can_plugin_load_code(int kver, char *plugin_name); +int ebpf_adjust_memory_limit(); + #endif /* NETDATA_EBPF_H */ |