xref: /DragonOS/kernel/crates/rbpf/examples/load_elf.rs (revision a9e28e9ce9607ebd1953898dda370c22d4f1425d) 
1 // SPDX-License-Identifier: (Apache-2.0 OR MIT)
2 // Copyright 2016 6WIND S.A. <quentin.monnet@6wind.com>
3 
4 #![allow(clippy::unreadable_literal)]
5 
6 extern crate elf;
7 use std::path::PathBuf;
8 
9 extern crate rbpf;
10 use rbpf::helpers;
11 
12 // The following example uses an ELF file that has been compiled from the C program available in
13 // `load_elf__block_a_port.c` in the same directory.
14 //
15 // It was compiled with the following command:
16 //
17 // ```bash
18 // clang -O2 -emit-llvm -c load_elf__block_a_port.c -o - | \
19 //     llc -march=bpf -filetype=obj -o load_elf__block_a_port.o
20 // ```
21 //
22 // Once compiled, this program can be injected into Linux kernel, with tc for instance. Sadly, we
23 // need to bring some modifications to the generated bytecode in order to run it: the three
24 // instructions with opcode 0x61 load data from a packet area as 4-byte words, where we need to
25 // load it as 8-bytes double words (0x79). The kernel does the same kind of translation before
26 // running the program, but rbpf does not implement this.
27 //
28 // In addition, the offset at which the pointer to the packet data is stored must be changed: since
29 // we use 8 bytes instead of 4 for the start and end addresses of the data packet, we cannot use
30 // the offsets produced by clang (0x4c and 0x50), the addresses would overlap. Instead we can use,
31 // for example, 0x40 and 0x50.
32 //
33 // These change were applied with the following script:
34 //
35 // ```bash
36 // xxd load_elf__block_a_port.o | sed '
37 //     s/6112 5000 0000 0000/7912 5000 0000 0000/ ;
38 //     s/6111 4c00 0000 0000/7911 4000 0000 0000/ ;
39 //     s/6111 2200 0000 0000/7911 2200 0000 0000/' | xxd -r > load_elf__block_a_port.tmp
40 
41 // mv load_elf__block_a_port.tmp load_elf__block_a_port.o
42 // ```
43 //
44 // The eBPF program was placed into the `.classifier` ELF section (see C code above), which means
45 // that you can retrieve the raw bytecode with `readelf -x .classifier load_elf__block_a_port.o` or
46 // with `objdump -s -j .classifier load_elf__block_a_port.o`.
47 //
48 // Once the bytecode has been edited, we can load the bytecode directly from the ELF object file.
49 
50 fn main() {
51     let filename = "examples/load_elf__block_a_port.elf";
52 
53     let path = PathBuf::from(filename);
54     let file = match elf::File::open_path(path) {
55         Ok(f) => f,
56         Err(e) => panic!("Error: {:?}", e),
57     };
58 
59     let text_scn = match file.get_section(".classifier") {
60         Some(s) => s,
61         None => panic!("Failed to look up .classifier section"),
62     };
63 
64     let prog = &text_scn.data;
65 
66     let packet1 = &mut [
67         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x08,
68         0x00, // ethertype
69         0x45, 0x00, 0x00, 0x3b, // start ip_hdr
70         0xa6, 0xab, 0x40, 0x00, 0x40, 0x06, 0x96, 0x0f, 0x7f, 0x00, 0x00, 0x01, 0x7f, 0x00, 0x00,
71         0x01,
72         // Program matches the next two bytes: 0x9999 returns 0xffffffff, else return 0.
73         0x99, 0x99, 0xc6, 0xcc, // start tcp_hdr
74         0xd1, 0xe5, 0xc4, 0x9d, 0xd4, 0x30, 0xb5, 0xd2, 0x80, 0x18, 0x01, 0x56, 0xfe, 0x2f, 0x00,
75         0x00, 0x01, 0x01, 0x08, 0x0a, // start data
76         0x00, 0x23, 0x75, 0x89, 0x00, 0x23, 0x63, 0x2d, 0x71, 0x64, 0x66, 0x73, 0x64, 0x66, 0x0au8,
77     ];
78 
79     let packet2 = &mut [
80         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x08,
81         0x00, // ethertype
82         0x45, 0x00, 0x00, 0x3b, // start ip_hdr
83         0xa6, 0xab, 0x40, 0x00, 0x40, 0x06, 0x96, 0x0f, 0x7f, 0x00, 0x00, 0x01, 0x7f, 0x00, 0x00,
84         0x01,
85         // Program matches the next two bytes: 0x9999 returns 0xffffffff, else return 0.
86         0x98, 0x76, 0xc6, 0xcc, // start tcp_hdr
87         0xd1, 0xe5, 0xc4, 0x9d, 0xd4, 0x30, 0xb5, 0xd2, 0x80, 0x18, 0x01, 0x56, 0xfe, 0x2f, 0x00,
88         0x00, 0x01, 0x01, 0x08, 0x0a, // start data
89         0x00, 0x23, 0x75, 0x89, 0x00, 0x23, 0x63, 0x2d, 0x71, 0x64, 0x66, 0x73, 0x64, 0x66, 0x0au8,
90     ];
91 
92     let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
93     vm.register_helper(helpers::BPF_TRACE_PRINTK_IDX, helpers::bpf_trace_printf)
94         .unwrap();
95 
96     let res = vm.execute_program(packet1).unwrap();
97     println!("Packet #1, program returned: {res:?} ({res:#x})");
98     assert_eq!(res, 0xffffffff);
99 
100     #[cfg(not(windows))]
101     {
102         vm.jit_compile().unwrap();
103 
104         let res = unsafe { vm.execute_program_jit(packet2).unwrap() };
105         println!("Packet #2, program returned: {res:?} ({res:#x})");
106         assert_eq!(res, 0);
107     }
108 
109     #[cfg(windows)]
110     {
111         let res = vm.execute_program(packet2).unwrap();
112         println!("Packet #2, program returned: {:?} ({:#x})", res, res);
113         assert_eq!(res, 0);
114     }
115 }
116