tetragon: Load tail calls directly in genericlsm program

Signed-off-by: Jiri Olsa <[email protected]>
cilium · Aug 19, 2024 · 2537c68 · 2537c68
1 parent 083044c
commit 2537c68
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 11 deletions.
diff --git a/bpf/process/bpf_generic_lsm.c b/bpf/process/bpf_generic_lsm.c
@@ -23,12 +23,28 @@ struct {
 	__type(value, struct msg_generic_kprobe);
 } process_call_heap SEC(".maps");
 
+int generic_lsm_setup_event(void *ctx);
+int generic_lsm_process_event(void *ctx);
+int generic_lsm_process_filter(void *ctx);
+int generic_lsm_filter_arg(void *ctx);
+int generic_lsm_actions(void *ctx);
+int generic_lsm_output(void *ctx);
+
 struct {
 	__uint(type, BPF_MAP_TYPE_PROG_ARRAY);
 	__uint(max_entries, 13);
 	__uint(key_size, sizeof(__u32));
-	__uint(value_size, sizeof(__u32));
-} lsm_calls SEC(".maps");
+	__array(values, int(void *));
+} lsm_calls SEC(".maps") = {
+	.values = {
+		[0] = (void *)&generic_lsm_setup_event,
+		[1] = (void *)&generic_lsm_process_event,
+		[2] = (void *)&generic_lsm_process_filter,
+		[3] = (void *)&generic_lsm_filter_arg,
+		[4] = (void *)&generic_lsm_actions,
+		[5] = (void *)&generic_lsm_output,
+	},
+};
 
 struct {
 	__uint(type, BPF_MAP_TYPE_HASH);
@@ -97,7 +113,7 @@ generic_lsm_event(struct pt_regs *ctx)
 	return generic_start_process_filter(ctx, &maps);
 }
 
-__attribute__((section("lsm/0"), used)) int
+__attribute__((section("lsm"), used)) int
 generic_lsm_setup_event(void *ctx)
 {
 	return generic_process_event_and_setup(
@@ -107,7 +123,7 @@ generic_lsm_setup_event(void *ctx)
 		(struct bpf_map_def *)data_heap_ptr);
 }
 
-__attribute__((section("lsm/1"), used)) int
+__attribute__((section("lsm"), used)) int
 generic_lsm_process_event(void *ctx)
 {
 	return generic_process_event(ctx,
@@ -117,7 +133,7 @@ generic_lsm_process_event(void *ctx)
 				     (struct bpf_map_def *)data_heap_ptr);
 }
 
-__attribute__((section("lsm/2"), used)) int
+__attribute__((section("lsm"), used)) int
 generic_lsm_process_filter(void *ctx)
 {
 	int ret;
@@ -131,7 +147,7 @@ generic_lsm_process_filter(void *ctx)
 	return PFILTER_REJECT;
 }
 
-__attribute__((section("lsm/3"), used)) int
+__attribute__((section("lsm"), used)) int
 generic_lsm_filter_arg(void *ctx)
 {
 	return filter_read_arg(ctx, (struct bpf_map_def *)&process_call_heap,
@@ -141,7 +157,7 @@ generic_lsm_filter_arg(void *ctx)
 			       true);
 }
 
-__attribute__((section("lsm/4"), used)) int
+__attribute__((section("lsm"), used)) int
 generic_lsm_actions(void *ctx)
 {
 	generic_actions(ctx, &maps);
@@ -150,7 +166,7 @@ generic_lsm_actions(void *ctx)
 	return try_override(ctx);
 }
 
-__attribute__((section("lsm/5"), used)) int
+__attribute__((section("lsm"), used)) int
 generic_lsm_output(void *ctx)
 {
 	generic_output(ctx, (struct bpf_map_def *)&process_call_heap, MSG_OP_GENERIC_LSM);

diff --git a/pkg/sensors/tracing/genericlsm.go b/pkg/sensors/tracing/genericlsm.go
@@ -365,9 +365,7 @@ func createLsmSensorFromEntry(lsmEntry *genericLsm,
 	progs = append(progs, load)
 
 	program.MapBuilderPin("config_map", sensors.PathJoin(pinPath, "config_map"), load)
-
-	tailCalls := program.MapBuilderPin("lsm_calls", sensors.PathJoin(pinPath, "lsm_calls"), load)
-	load.SetTailCall("lsm", tailCalls)
+	program.MapBuilderPin("lsm_calls", sensors.PathJoin(pinPath, "lsm_calls"), load)
 
 	filterMapsForLsm(load, pinPath, lsmEntry)