diff options
Diffstat (limited to 'src/libnetdata/ebpf')
| -rw-r--r-- | src/libnetdata/ebpf/ebpf.c | 74 | ||||
| -rw-r--r-- | src/libnetdata/ebpf/ebpf.h | 6 |
2 files changed, 74 insertions, 6 deletions
diff --git a/src/libnetdata/ebpf/ebpf.c b/src/libnetdata/ebpf/ebpf.c index 7ae7649536..087454dbaf 100644 --- a/src/libnetdata/ebpf/ebpf.c +++ b/src/libnetdata/ebpf/ebpf.c @@ -244,7 +244,16 @@ static int kernel_is_rejected() return 0; } -static int has_ebpf_kernel_version(int version) +/** + * Check Kernel Version + * + * Test kernel version + * + * @param version current kernel version + * + * @return It returns 1 when kernel is supported and 0 otherwise + */ +int ebpf_check_kernel_version(int version) { if (kernel_is_rejected()) return 0; @@ -253,12 +262,67 @@ static int has_ebpf_kernel_version(int version) return (version >= NETDATA_MINIMUM_EBPF_KERNEL || get_redhat_release() >= NETDATA_MINIMUM_RH_VERSION); } -int has_condition_to_run(int version) +/** + * Am I running as Root + * + * Verify the user that is running the collector. + * + * @return It returns 1 for root and 0 otherwise. + */ +int is_ebpf_plugin_running_as_root() { - if (!has_ebpf_kernel_version(version)) - return 0; + uid_t uid = getuid(), euid = geteuid(); + + if (uid == 0 || euid == 0) { + return 1; + } + + return 0; +} + +/** + * Can the plugin run eBPF code + * + * This function checks kernel version and permissions. + * + * @param kver the kernel version + * @param name the plugin name. + * + * @return It returns 0 on success and -1 otherwise + */ +int ebpf_can_plugin_load_code(int kver, char *plugin_name) +{ + if (!ebpf_check_kernel_version(kver)) { + netdata_log_error("The current collector cannot run on this kernel."); + return -1; + } + + if (!is_ebpf_plugin_running_as_root()) { + netdata_log_error( + "%s should either run as root (now running with uid %u, euid %u) or have special capabilities.", + plugin_name, (unsigned int)getuid(), (unsigned int)geteuid()); + return -1; + } + + return 0; +} - return 1; +/** + * Adjust memory + * + * Adjust memory values to load eBPF programs. + * + * @return It returns 0 on success and -1 otherwise + */ +int ebpf_adjust_memory_limit() +{ + struct rlimit r = { RLIM_INFINITY, RLIM_INFINITY }; + if (setrlimit(RLIMIT_MEMLOCK, &r)) { + netdata_log_error("Setrlimit(RLIMIT_MEMLOCK)"); + return -1; + } + + return 0; } //---------------------------------------------------------------------------------------------------------------------- diff --git a/src/libnetdata/ebpf/ebpf.h b/src/libnetdata/ebpf/ebpf.h index 0af794514c..50eb696302 100644 --- a/src/libnetdata/ebpf/ebpf.h +++ b/src/libnetdata/ebpf/ebpf.h @@ -3,6 +3,8 @@ #ifndef NETDATA_EBPF_H #define NETDATA_EBPF_H 1 +#define NETDATA_EBPF_PLUGIN_NAME "ebpf.plugin" + #include <bpf/bpf.h> #include <bpf/libbpf.h> #ifdef LIBBPF_DEPRECATED @@ -361,7 +363,6 @@ typedef struct ebpf_module { int ebpf_get_kernel_version(); int get_redhat_release(); -int has_condition_to_run(int version); char *ebpf_kernel_suffix(int version, int isrh); struct bpf_link **ebpf_load_program(char *plugins_dir, ebpf_module_t *em, int kver, int is_rhf, struct bpf_object **obj); @@ -484,4 +485,7 @@ int ebpf_statistic_create_aral_chart(char *name, ebpf_module_t *em); void ebpf_statistic_obsolete_aral_chart(ebpf_module_t *em, int prio); void ebpf_send_data_aral_chart(ARAL *memory, ebpf_module_t *em); +int ebpf_can_plugin_load_code(int kver, char *plugin_name); +int ebpf_adjust_memory_limit(); + #endif /* NETDATA_EBPF_H */ |