Make default pid to be -1 and remove unsafe code
This commit is contained in:
Vladimir Stoilov
@@ -1,17 +1,17 @@
|
||||
package ebpf
|
||||
|
||||
import (
|
||||
"encoding/binary"
|
||||
"fmt"
|
||||
"net"
|
||||
"path/filepath"
|
||||
"syscall"
|
||||
"time"
|
||||
"unsafe"
|
||||
|
||||
"github.com/cilium/ebpf"
|
||||
"github.com/cilium/ebpf/link"
|
||||
"github.com/cilium/ebpf/rlimit"
|
||||
"github.com/safing/portbase/log"
|
||||
"github.com/safing/portmaster/network/packet"
|
||||
"golang.org/x/sys/unix"
|
||||
)
|
||||
|
||||
@@ -28,6 +28,7 @@ var ebpfInterface = struct {
|
||||
objs: bpfObjects{},
|
||||
}
|
||||
|
||||
// SetupBandwidthInterface initializes the ebpf interface and starts gattering bandwidth information for all connections.
|
||||
func SetupBandwidthInterface() error {
|
||||
|
||||
// Allow the current process to lock memory for eBPF resources.
|
||||
@@ -141,6 +142,7 @@ func ShutdownBandwithInterface() {
|
||||
ebpfInterface.objs.Close()
|
||||
}
|
||||
|
||||
// findCgroupPath returns the default unified path of the cgroup
|
||||
func findCgroupPath() (string, error) {
|
||||
cgroupPath := "/sys/fs/cgroup"
|
||||
|
||||
@@ -156,24 +158,31 @@ func findCgroupPath() (string, error) {
|
||||
return cgroupPath, nil
|
||||
}
|
||||
|
||||
// printBandwidthData prints the contencs of the shared map in the ebpf program.
|
||||
func printBandwidthData() {
|
||||
iter := ebpfInterface.objs.bpfMaps.PmBandwidthMap.Iterate()
|
||||
var skKey bpfSkKey
|
||||
var skInfo bpfSkInfo
|
||||
for iter.Next(&skKey, &skInfo) {
|
||||
log.Debugf("Connection: %d %s:%d %s:%d %d %d", skKey.Protocol,
|
||||
arrayToIP(skKey.SrcIp, skKey.Ipv6).String(), skKey.SrcPort,
|
||||
arrayToIP(skKey.DstIp, skKey.Ipv6).String(), skKey.DstPort,
|
||||
convertArrayToIPv4(skKey.SrcIp, packet.IPVersion(skKey.Ipv6)).String(), skKey.SrcPort,
|
||||
convertArrayToIPv4(skKey.DstIp, packet.IPVersion(skKey.Ipv6)).String(), skKey.DstPort,
|
||||
skInfo.Rx, skInfo.Tx,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
// arrayToIP converts IP number array to net.IP
|
||||
func arrayToIP(ipNum [4]uint32, ipv6 uint8) net.IP {
|
||||
if ipv6 == 0 {
|
||||
return unsafe.Slice((*byte)(unsafe.Pointer(&ipNum)), 4)
|
||||
// convertArrayToIPv4 converts an array of uint32 values to an IPv4 net.IP address.
|
||||
func convertArrayToIPv4(input [4]uint32, ipVersion packet.IPVersion) net.IP {
|
||||
if ipVersion == packet.IPv4 {
|
||||
addressBuf := make([]byte, 4)
|
||||
binary.LittleEndian.PutUint32(addressBuf, input[0])
|
||||
return net.IP(addressBuf)
|
||||
} else {
|
||||
return unsafe.Slice((*byte)(unsafe.Pointer(&ipNum)), 16)
|
||||
addressBuf := make([]byte, 16)
|
||||
for i := 0; i < 4; i++ {
|
||||
binary.LittleEndian.PutUint32(addressBuf[i*4:i*4+4], input[i])
|
||||
}
|
||||
return net.IP(addressBuf)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,7 +5,6 @@ import (
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"net"
|
||||
"unsafe"
|
||||
|
||||
"github.com/cilium/ebpf/link"
|
||||
"github.com/cilium/ebpf/ringbuf"
|
||||
@@ -15,8 +14,10 @@ import (
|
||||
)
|
||||
|
||||
//go:generate go run github.com/cilium/ebpf/cmd/bpf2go -cc clang -cflags "-O2 -g -Wall -Werror" -type Event bpf ../programs/monitor.c
|
||||
|
||||
var stopper chan struct{}
|
||||
|
||||
// StartEBPFWorker starts the ebpf worker.
|
||||
func StartEBPFWorker(ch chan packet.Packet) {
|
||||
stopper = make(chan struct{})
|
||||
go func() {
|
||||
@@ -32,7 +33,7 @@ func StartEBPFWorker(ch chan packet.Packet) {
|
||||
log.Errorf("ebpf: failed to load ebpf object: %s", err)
|
||||
return
|
||||
}
|
||||
defer objs.Close()
|
||||
defer objs.Close() //nolint:errcheck
|
||||
|
||||
// Create a link to the tcp_connect program.
|
||||
linkTCPConnect, err := link.AttachTracing(link.TracingOptions{
|
||||
@@ -42,7 +43,7 @@ func StartEBPFWorker(ch chan packet.Packet) {
|
||||
log.Errorf("ebpf: failed to attach to tcp_v4_connect: %s ", err)
|
||||
return
|
||||
}
|
||||
defer linkTCPConnect.Close()
|
||||
defer linkTCPConnect.Close() //nolint:errcheck
|
||||
|
||||
// Create a link to the udp_v4_connect program.
|
||||
linkUDPV4, err := link.AttachTracing(link.TracingOptions{
|
||||
@@ -52,7 +53,7 @@ func StartEBPFWorker(ch chan packet.Packet) {
|
||||
log.Errorf("ebpf: failed to attach to udp_v4_connect: %s ", err)
|
||||
return
|
||||
}
|
||||
defer linkUDPV4.Close()
|
||||
defer linkUDPV4.Close() //nolint:errcheck
|
||||
|
||||
// Create a link to the udp_v6_connect program.
|
||||
linkUDPV6, err := link.AttachTracing(link.TracingOptions{
|
||||
@@ -62,7 +63,7 @@ func StartEBPFWorker(ch chan packet.Packet) {
|
||||
log.Errorf("ebpf: failed to attach to udp_v6_connect: %s ", err)
|
||||
return
|
||||
}
|
||||
defer linkUDPV6.Close()
|
||||
defer linkUDPV6.Close() //nolint:errcheck
|
||||
|
||||
rd, err := ringbuf.NewReader(objs.bpfMaps.PmConnectionEvents)
|
||||
if err != nil {
|
||||
@@ -105,8 +106,8 @@ func StartEBPFWorker(ch chan packet.Packet) {
|
||||
Protocol: packet.IPProtocol(event.Protocol),
|
||||
SrcPort: event.Sport,
|
||||
DstPort: event.Dport,
|
||||
Src: arrayToIP(event.Saddr, packet.IPVersion(event.IpVersion)),
|
||||
Dst: arrayToIP(event.Daddr, packet.IPVersion(event.IpVersion)),
|
||||
Src: convertArrayToIPv4(event.Saddr, packet.IPVersion(event.IpVersion)),
|
||||
Dst: convertArrayToIPv4(event.Daddr, packet.IPVersion(event.IpVersion)),
|
||||
PID: int(event.Pid),
|
||||
}
|
||||
if isEventValid(event) {
|
||||
@@ -123,19 +124,30 @@ func StartEBPFWorker(ch chan packet.Packet) {
|
||||
}()
|
||||
}
|
||||
|
||||
// StopEBPFWorker stops the ebpf worker.
|
||||
func StopEBPFWorker() {
|
||||
close(stopper)
|
||||
}
|
||||
|
||||
// isEventValid checks whether the given bpfEvent is valid or not.
|
||||
// It returns true if the event is valid, otherwise false.
|
||||
func isEventValid(event bpfEvent) bool {
|
||||
// Check if the destination port is 0
|
||||
if event.Dport == 0 {
|
||||
return false
|
||||
}
|
||||
|
||||
// Check if the source port is 0
|
||||
if event.Sport == 0 {
|
||||
return false
|
||||
}
|
||||
|
||||
// Check if the process ID is 0
|
||||
if event.Pid == 0 {
|
||||
return false
|
||||
}
|
||||
|
||||
// If the IP version is IPv4
|
||||
if event.IpVersion == 4 {
|
||||
if event.Saddr[0] == 0 {
|
||||
return false
|
||||
@@ -148,11 +160,17 @@ func isEventValid(event bpfEvent) bool {
|
||||
return true
|
||||
}
|
||||
|
||||
// arrayToIP converts IP number array to net.IP
|
||||
func arrayToIP(ipNum [4]uint32, ipVersion packet.IPVersion) net.IP {
|
||||
// convertArrayToIPv4 converts an array of uint32 values to an IPv4 net.IP address.
|
||||
func convertArrayToIPv4(input [4]uint32, ipVersion packet.IPVersion) net.IP {
|
||||
if ipVersion == packet.IPv4 {
|
||||
return unsafe.Slice((*byte)(unsafe.Pointer(&ipNum)), 4)
|
||||
addressBuf := make([]byte, 4)
|
||||
binary.LittleEndian.PutUint32(addressBuf, input[0])
|
||||
return net.IP(addressBuf)
|
||||
} else {
|
||||
return unsafe.Slice((*byte)(unsafe.Pointer(&ipNum)), 16)
|
||||
addressBuf := make([]byte, 16)
|
||||
for i := 0; i < 4; i++ {
|
||||
binary.LittleEndian.PutUint32(addressBuf[i*4:i*4+4], input[i])
|
||||
}
|
||||
return net.IP(addressBuf)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user