diff --git a/tap/tlstapper/bpf-builder/build.sh b/tap/tlstapper/bpf-builder/build.sh index 1e71bb955..713931477 100755 --- a/tap/tlstapper/bpf-builder/build.sh +++ b/tap/tlstapper/bpf-builder/build.sh @@ -6,8 +6,11 @@ MIZU_HOME=$(realpath ../../../) docker build -t mizu-ebpf-builder . || exit 1 +BPF_TARGET=amd64 BPF_CFLAGS="-O2 -g -D__TARGET_ARCH_x86" -if [[ $1 == "arm64" ]]; then +ARCH=$(uname -m) +if [[ $ARCH == "aarch64" ]]; then + BPF_TARGET=arm64 BPF_CFLAGS="-O2 -g -D__TARGET_ARCH_arm64" fi @@ -17,11 +20,8 @@ docker run --rm \ -v $(go env GOPATH):/root/go \ -it mizu-ebpf-builder \ sh -c " - BPF_CFLAGS=\"$BPF_CFLAGS\" go generate tap/tlstapper/tls_tapper.go - chown $(id -u):$(id -g) tap/tlstapper/tlstapper_bpfeb.go - chown $(id -u):$(id -g) tap/tlstapper/tlstapper_bpfeb.o - chown $(id -u):$(id -g) tap/tlstapper/tlstapper_bpfel.go - chown $(id -u):$(id -g) tap/tlstapper/tlstapper_bpfel.o + BPF_TARGET=\"$BPF_TARGET\" BPF_CFLAGS=\"$BPF_CFLAGS\" go generate tap/tlstapper/tls_tapper.go + chown $(id -u):$(id -g) tap/tlstapper/tlstapper_bpf* " || exit 1 popd diff --git a/tap/tlstapper/tlstapper_bpfeb.o b/tap/tlstapper/tlstapper_bpfeb.o deleted file mode 100644 index 5098e04ad..000000000 Binary files a/tap/tlstapper/tlstapper_bpfeb.o and /dev/null differ diff --git a/tap/tlstapper/tlstapper_bpfel.go b/tap/tlstapper/tlstapper_bpfel.go deleted file mode 100644 index a149b76f6..000000000 --- a/tap/tlstapper/tlstapper_bpfel.go +++ /dev/null @@ -1,212 +0,0 @@ -// Code generated by bpf2go; DO NOT EDIT. -//go:build 386 || amd64 || amd64p32 || arm || arm64 || mips64le || mips64p32le || mipsle || ppc64le || riscv64 -// +build 386 amd64 amd64p32 arm arm64 mips64le mips64p32le mipsle ppc64le riscv64 - -package tlstapper - -import ( - "bytes" - _ "embed" - "fmt" - "io" - - "github.com/cilium/ebpf" -) - -type tlsTapperTlsChunk struct { - Pid uint32 - Tgid uint32 - Len uint32 - Start uint32 - Recorded uint32 - Fd uint32 - Flags uint32 - Address [16]uint8 - Data [4096]uint8 -} - -// loadTlsTapper returns the embedded CollectionSpec for tlsTapper. -func loadTlsTapper() (*ebpf.CollectionSpec, error) { - reader := bytes.NewReader(_TlsTapperBytes) - spec, err := ebpf.LoadCollectionSpecFromReader(reader) - if err != nil { - return nil, fmt.Errorf("can't load tlsTapper: %w", err) - } - - return spec, err -} - -// loadTlsTapperObjects loads tlsTapper and converts it into a struct. -// -// The following types are suitable as obj argument: -// -// *tlsTapperObjects -// *tlsTapperPrograms -// *tlsTapperMaps -// -// See ebpf.CollectionSpec.LoadAndAssign documentation for details. -func loadTlsTapperObjects(obj interface{}, opts *ebpf.CollectionOptions) error { - spec, err := loadTlsTapper() - if err != nil { - return err - } - - return spec.LoadAndAssign(obj, opts) -} - -// tlsTapperSpecs contains maps and programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type tlsTapperSpecs struct { - tlsTapperProgramSpecs - tlsTapperMapSpecs -} - -// tlsTapperSpecs contains programs before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type tlsTapperProgramSpecs struct { - GoCryptoTlsRead *ebpf.ProgramSpec `ebpf:"go_crypto_tls_read"` - GoCryptoTlsReadEx *ebpf.ProgramSpec `ebpf:"go_crypto_tls_read_ex"` - GoCryptoTlsWrite *ebpf.ProgramSpec `ebpf:"go_crypto_tls_write"` - GoCryptoTlsWriteEx *ebpf.ProgramSpec `ebpf:"go_crypto_tls_write_ex"` - SslRead *ebpf.ProgramSpec `ebpf:"ssl_read"` - SslReadEx *ebpf.ProgramSpec `ebpf:"ssl_read_ex"` - SslRetRead *ebpf.ProgramSpec `ebpf:"ssl_ret_read"` - SslRetReadEx *ebpf.ProgramSpec `ebpf:"ssl_ret_read_ex"` - SslRetWrite *ebpf.ProgramSpec `ebpf:"ssl_ret_write"` - SslRetWriteEx *ebpf.ProgramSpec `ebpf:"ssl_ret_write_ex"` - SslWrite *ebpf.ProgramSpec `ebpf:"ssl_write"` - SslWriteEx *ebpf.ProgramSpec `ebpf:"ssl_write_ex"` - SysEnterAccept4 *ebpf.ProgramSpec `ebpf:"sys_enter_accept4"` - SysEnterConnect *ebpf.ProgramSpec `ebpf:"sys_enter_connect"` - SysEnterRead *ebpf.ProgramSpec `ebpf:"sys_enter_read"` - SysEnterWrite *ebpf.ProgramSpec `ebpf:"sys_enter_write"` - SysExitAccept4 *ebpf.ProgramSpec `ebpf:"sys_exit_accept4"` - SysExitConnect *ebpf.ProgramSpec `ebpf:"sys_exit_connect"` -} - -// tlsTapperMapSpecs contains maps before they are loaded into the kernel. -// -// It can be passed ebpf.CollectionSpec.Assign. -type tlsTapperMapSpecs struct { - AcceptSyscallContext *ebpf.MapSpec `ebpf:"accept_syscall_context"` - ChunksBuffer *ebpf.MapSpec `ebpf:"chunks_buffer"` - ConnectSyscallInfo *ebpf.MapSpec `ebpf:"connect_syscall_info"` - FileDescriptorToIpv4 *ebpf.MapSpec `ebpf:"file_descriptor_to_ipv4"` - GoReadContext *ebpf.MapSpec `ebpf:"go_read_context"` - GoWriteContext *ebpf.MapSpec `ebpf:"go_write_context"` - Heap *ebpf.MapSpec `ebpf:"heap"` - LogBuffer *ebpf.MapSpec `ebpf:"log_buffer"` - OpensslReadContext *ebpf.MapSpec `ebpf:"openssl_read_context"` - OpensslWriteContext *ebpf.MapSpec `ebpf:"openssl_write_context"` - PidsMap *ebpf.MapSpec `ebpf:"pids_map"` -} - -// tlsTapperObjects contains all objects after they have been loaded into the kernel. -// -// It can be passed to loadTlsTapperObjects or ebpf.CollectionSpec.LoadAndAssign. -type tlsTapperObjects struct { - tlsTapperPrograms - tlsTapperMaps -} - -func (o *tlsTapperObjects) Close() error { - return _TlsTapperClose( - &o.tlsTapperPrograms, - &o.tlsTapperMaps, - ) -} - -// tlsTapperMaps contains all maps after they have been loaded into the kernel. -// -// It can be passed to loadTlsTapperObjects or ebpf.CollectionSpec.LoadAndAssign. -type tlsTapperMaps struct { - AcceptSyscallContext *ebpf.Map `ebpf:"accept_syscall_context"` - ChunksBuffer *ebpf.Map `ebpf:"chunks_buffer"` - ConnectSyscallInfo *ebpf.Map `ebpf:"connect_syscall_info"` - FileDescriptorToIpv4 *ebpf.Map `ebpf:"file_descriptor_to_ipv4"` - GoReadContext *ebpf.Map `ebpf:"go_read_context"` - GoWriteContext *ebpf.Map `ebpf:"go_write_context"` - Heap *ebpf.Map `ebpf:"heap"` - LogBuffer *ebpf.Map `ebpf:"log_buffer"` - OpensslReadContext *ebpf.Map `ebpf:"openssl_read_context"` - OpensslWriteContext *ebpf.Map `ebpf:"openssl_write_context"` - PidsMap *ebpf.Map `ebpf:"pids_map"` -} - -func (m *tlsTapperMaps) Close() error { - return _TlsTapperClose( - m.AcceptSyscallContext, - m.ChunksBuffer, - m.ConnectSyscallInfo, - m.FileDescriptorToIpv4, - m.GoReadContext, - m.GoWriteContext, - m.Heap, - m.LogBuffer, - m.OpensslReadContext, - m.OpensslWriteContext, - m.PidsMap, - ) -} - -// tlsTapperPrograms contains all programs after they have been loaded into the kernel. -// -// It can be passed to loadTlsTapperObjects or ebpf.CollectionSpec.LoadAndAssign. -type tlsTapperPrograms struct { - GoCryptoTlsRead *ebpf.Program `ebpf:"go_crypto_tls_read"` - GoCryptoTlsReadEx *ebpf.Program `ebpf:"go_crypto_tls_read_ex"` - GoCryptoTlsWrite *ebpf.Program `ebpf:"go_crypto_tls_write"` - GoCryptoTlsWriteEx *ebpf.Program `ebpf:"go_crypto_tls_write_ex"` - SslRead *ebpf.Program `ebpf:"ssl_read"` - SslReadEx *ebpf.Program `ebpf:"ssl_read_ex"` - SslRetRead *ebpf.Program `ebpf:"ssl_ret_read"` - SslRetReadEx *ebpf.Program `ebpf:"ssl_ret_read_ex"` - SslRetWrite *ebpf.Program `ebpf:"ssl_ret_write"` - SslRetWriteEx *ebpf.Program `ebpf:"ssl_ret_write_ex"` - SslWrite *ebpf.Program `ebpf:"ssl_write"` - SslWriteEx *ebpf.Program `ebpf:"ssl_write_ex"` - SysEnterAccept4 *ebpf.Program `ebpf:"sys_enter_accept4"` - SysEnterConnect *ebpf.Program `ebpf:"sys_enter_connect"` - SysEnterRead *ebpf.Program `ebpf:"sys_enter_read"` - SysEnterWrite *ebpf.Program `ebpf:"sys_enter_write"` - SysExitAccept4 *ebpf.Program `ebpf:"sys_exit_accept4"` - SysExitConnect *ebpf.Program `ebpf:"sys_exit_connect"` -} - -func (p *tlsTapperPrograms) Close() error { - return _TlsTapperClose( - p.GoCryptoTlsRead, - p.GoCryptoTlsReadEx, - p.GoCryptoTlsWrite, - p.GoCryptoTlsWriteEx, - p.SslRead, - p.SslReadEx, - p.SslRetRead, - p.SslRetReadEx, - p.SslRetWrite, - p.SslRetWriteEx, - p.SslWrite, - p.SslWriteEx, - p.SysEnterAccept4, - p.SysEnterConnect, - p.SysEnterRead, - p.SysEnterWrite, - p.SysExitAccept4, - p.SysExitConnect, - ) -} - -func _TlsTapperClose(closers ...io.Closer) error { - for _, closer := range closers { - if err := closer.Close(); err != nil { - return err - } - } - return nil -} - -// Do not access this directly. -//go:embed tlstapper_bpfel.o -var _TlsTapperBytes []byte diff --git a/tap/tlstapper/tlstapper_bpfel.o b/tap/tlstapper/tlstapper_bpfel.o deleted file mode 100644 index 260994b7f..000000000 Binary files a/tap/tlstapper/tlstapper_bpfel.o and /dev/null differ diff --git a/tap/tlstapper/tlstapper_bpfeb.go b/tap/tlstapper/tlstapper_bpfel_x86.go similarity index 97% rename from tap/tlstapper/tlstapper_bpfeb.go rename to tap/tlstapper/tlstapper_bpfel_x86.go index c6b046e97..e0eecfc72 100644 --- a/tap/tlstapper/tlstapper_bpfeb.go +++ b/tap/tlstapper/tlstapper_bpfel_x86.go @@ -1,6 +1,6 @@ // Code generated by bpf2go; DO NOT EDIT. -//go:build arm64be || armbe || mips || mips64 || mips64p32 || ppc64 || s390 || s390x || sparc || sparc64 -// +build arm64be armbe mips mips64 mips64p32 ppc64 s390 s390x sparc sparc64 +//go:build 386 || amd64 +// +build 386 amd64 package tlstapper @@ -208,5 +208,5 @@ func _TlsTapperClose(closers ...io.Closer) error { } // Do not access this directly. -//go:embed tlstapper_bpfeb.o +//go:embed tlstapper_bpfel_x86.o var _TlsTapperBytes []byte diff --git a/tap/tlstapper/tlstapper_bpfel_x86.o b/tap/tlstapper/tlstapper_bpfel_x86.o new file mode 100644 index 000000000..c65c4516d Binary files /dev/null and b/tap/tlstapper/tlstapper_bpfel_x86.o differ