示例#1
0
func NewPatchPanel() (pp *PatchPanel, err error) {
	id := util.NewUUID4()

	pp = &PatchPanel{}
	defer func() {
		if err != nil {
			pp.Close()
			pp = nil
		}
	}()
	code := strings.Join([]string{bpf.IomoduleH, bpf.PatchC}, "\n")
	b := bpf.NewBpfModule(code, []string{"-w"})
	if b == nil {
		err = fmt.Errorf("PatchPanel: unable to load core module")
		return
	}
	pp.adapter = canvas.NewBpfAdapter(id, "patch", b)
	pp.modules = pp.adapter.Table("modules")
	if pp.modules == nil {
		err = fmt.Errorf("PatchPanel: Unable to load modules table")
		return
	}
	Debug.Printf("Patch panel modules table loaded: %v\n", pp.modules.Config())
	return
}
示例#2
0
func (adapter *BpfAdapter) SetConfig(req api.ModuleBase, g Graph, id int) error {
	var code, fullCode string
	for k, v := range req.Config {
		switch strings.ToLower(k) {
		case "code":
			val, ok := v.(string)
			if !ok {
				return fmt.Errorf("Expected code argument to be a string")
			}
			code = val
			fullCode = strings.Join([]string{bpf.IomoduleH, bpf.WrapperC, val}, "\n")
		}
	}
	cflags := []string{"-DMODULE_UUID_SHORT=\"" + adapter.uuid[:8] + "\""}

	adapter.name = req.DisplayName
	adapter.tags = req.Tags

	if orig, ok := adapter.config["code"]; ok {
		if orig != code {
			return fmt.Errorf("BPF code update not supported")
		}
	} else {
		adapter.bpf = bpf.NewBpfModule(fullCode, cflags)
		if adapter.bpf == nil {
			return fmt.Errorf("Could not load bpf code, check server log for details")
		}
		if err := adapter.Init(); err != nil {
			adapter.Close()
			return err
		}
		adapter.config["code"] = code
	}
	switch {
	case adapter.subtype == "policy":
		for _, node := range g.Nodes() {
			node.(Node).Groups().Remove(id)
		}
		for _, tag := range adapter.tags {
			if node := g.NodeByPath(tag); node != nil {
				node.Groups().Insert(id)
			} else {
				Warn.Printf("Could not find %s for policy\n", tag)
			}
		}
	case adapter.subtype == "forward":
	}
	return nil
}
示例#3
0
func NewIngressChain(chain [4]int) (*IngressChain, error) {
	cflags := []string{
		fmt.Sprintf("-DCHAIN_VALUE0=%#x", chain[0]),
		fmt.Sprintf("-DCHAIN_VALUE1=%#x", chain[1]),
		fmt.Sprintf("-DCHAIN_VALUE2=%#x", chain[2]),
		fmt.Sprintf("-DCHAIN_VALUE3=%#x", chain[3]),
	}
	//Debug.Printf("netdev: %v\n", cflags)
	bpf := bpf.NewBpfModule(bpf.NetdevRxC, cflags)
	if bpf == nil {
		return nil, fmt.Errorf("NewIngressChain bpf compile failed")
	}
	defer bpf.Close()
	fd, err := bpf.LoadNet("ingress")
	if err != nil {
		return nil, err
	}
	fd2, err := syscall.Dup(fd)
	if err != nil {
		return nil, err
	}
	return &IngressChain{fd: fd2}, nil
}
示例#4
0
func (ifc *ExtInterface) FD() int {
	if ifc.NodeBase.FD() >= 0 {
		return ifc.NodeBase.FD()
	}
	cflags := []string{
		fmt.Sprintf("-DINTERFACE_ID=%d", ifc.link.Attrs().Index),
	}
	bpf := bpf.NewBpfModule(bpf.NetdevTxC, cflags)
	if bpf == nil {
		panic(fmt.Errorf("Failed to compile bpf module for %s egress", ifc.Path()))
	}
	// free the llvm memory, just keep the fd
	defer bpf.Close()
	fd, err := bpf.LoadNet("egress")
	if err != nil {
		panic(err)
	}
	fd2, err := syscall.Dup(fd)
	if err != nil {
		panic(err)
	}
	ifc.NodeBase.SetFD(fd2)
	return ifc.NodeBase.FD()
}