From 344cffc30d64583f7e985fcae24297a4cc24627b Mon Sep 17 00:00:00 2001 From: Daniel Borkmann Date: Thu, 19 Oct 2023 22:49:17 +0200 Subject: [PATCH] bpftool: Extend net dump with netkit progs Add support to dump BPF programs on netkit via bpftool. This includes both the BPF link and attach ops programs. Dumped information contain the attach location, function entry name, program ID and link ID when applicable. Example with tc BPF link: # ./bpftool net xdp: tc: nk1(22) netkit/peer tc1 prog_id 43 link_id 12 [...] Example with json dump: # ./bpftool net --json | jq [ { "xdp": [], "tc": [ { "devname": "nk1", "ifindex": 18, "kind": "netkit/primary", "name": "tc1", "prog_id": 29, "prog_flags": [], "link_id": 8, "link_flags": [] } ], "flow_dissector": [], "netfilter": [] } ] Signed-off-by: Daniel Borkmann Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/Documentation/bpftool-net.rst | 8 ++++---- tools/bpf/bpftool/net.c | 7 ++++++- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/tools/bpf/bpftool/Documentation/bpftool-net.rst b/tools/bpf/bpftool/Documentation/bpftool-net.rst index 5e2abd3de5ab8f..dd3f9469765b2b 100644 --- a/tools/bpf/bpftool/Documentation/bpftool-net.rst +++ b/tools/bpf/bpftool/Documentation/bpftool-net.rst @@ -37,7 +37,7 @@ DESCRIPTION **bpftool net { show | list }** [ **dev** *NAME* ] List bpf program attachments in the kernel networking subsystem. - Currently, device driver xdp attachments, tcx and old-style tc + Currently, device driver xdp attachments, tcx, netkit and old-style tc classifier/action attachments, flow_dissector as well as netfilter attachments are implemented, i.e., for program types **BPF_PROG_TYPE_XDP**, **BPF_PROG_TYPE_SCHED_CLS**, @@ -52,11 +52,11 @@ DESCRIPTION bpf programs, users should consult other tools, e.g., iproute2. The current output will start with all xdp program attachments, followed by - all tcx, then tc class/qdisc bpf program attachments, then flow_dissector - and finally netfilter programs. Both xdp programs and tcx/tc programs are + all tcx, netkit, then tc class/qdisc bpf program attachments, then flow_dissector + and finally netfilter programs. Both xdp programs and tcx/netkit/tc programs are ordered based on ifindex number. If multiple bpf programs attached to the same networking device through **tc**, the order will be first - all bpf programs attached to tcx, then tc classes, then all bpf programs + all bpf programs attached to tcx, netkit, then tc classes, then all bpf programs attached to non clsact qdiscs, and finally all bpf programs attached to root and clsact qdisc. diff --git a/tools/bpf/bpftool/net.c b/tools/bpf/bpftool/net.c index 66a8ce8ae0127a..968714b4c3d45b 100644 --- a/tools/bpf/bpftool/net.c +++ b/tools/bpf/bpftool/net.c @@ -79,6 +79,8 @@ static const char * const attach_type_strings[] = { static const char * const attach_loc_strings[] = { [BPF_TCX_INGRESS] = "tcx/ingress", [BPF_TCX_EGRESS] = "tcx/egress", + [BPF_NETKIT_PRIMARY] = "netkit/primary", + [BPF_NETKIT_PEER] = "netkit/peer", }; const size_t net_attach_type_size = ARRAY_SIZE(attach_type_strings); @@ -506,6 +508,9 @@ static void show_dev_tc_bpf(struct ip_devname_ifindex *dev) { __show_dev_tc_bpf(dev, BPF_TCX_INGRESS); __show_dev_tc_bpf(dev, BPF_TCX_EGRESS); + + __show_dev_tc_bpf(dev, BPF_NETKIT_PRIMARY); + __show_dev_tc_bpf(dev, BPF_NETKIT_PEER); } static int show_dev_tc_bpf_classic(int sock, unsigned int nl_pid, @@ -926,7 +931,7 @@ static int do_help(int argc, char **argv) " ATTACH_TYPE := { xdp | xdpgeneric | xdpdrv | xdpoffload }\n" " " HELP_SPEC_OPTIONS " }\n" "\n" - "Note: Only xdp, tcx, tc, flow_dissector and netfilter attachments\n" + "Note: Only xdp, tcx, tc, netkit, flow_dissector and netfilter attachments\n" " are currently supported.\n" " For progs attached to cgroups, use \"bpftool cgroup\"\n" " to dump program attachments. For program types\n"