tetragon: Add send_event function

Signed-off-by: Jiri Olsa <[email protected]>
cilium · Jul 3, 2023 · 480b399 · 480b399
1 parent 74ae81b
commit 480b399
Show file tree

Hide file tree

Showing 7 changed files with 13 additions and 10 deletions.
diff --git a/bpf/lib/bpf_event.h b/bpf/lib/bpf_event.h
@@ -16,4 +16,10 @@ struct {
 	__type(value, struct event);
 } tcpmon_map SEC(".maps");
 
+static inline __attribute__((always_inline)) void
+send_event(void *ctx, void *data, size_t total, __u8 op)
+{
+	perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, data, total);
+}
+
 #endif // __HUBBLE_MSG_
diff --git a/bpf/process/bpf_execve_event.c b/bpf/process/bpf_execve_event.c
@@ -278,6 +278,6 @@ execve_send(struct sched_execve_args *ctx)
 		sizeof(struct msg_execve_key) + sizeof(__u64) +
 		sizeof(struct msg_capabilities) + sizeof(struct msg_ns) +
 		sizeof(struct msg_execve_key) + p->size);
-	perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, event, size);
+	send_event(ctx, event, size, MSG_OP_EXECVE);
 	return 0;
 }
diff --git a/bpf/process/bpf_exit.h b/bpf/process/bpf_exit.h
@@ -61,8 +61,7 @@ static inline __attribute__((always_inline)) void event_exit_send(void *ctx, __u
 		probe_read(&exit->info.code, sizeof(exit->info.code),
 			   _(&task->exit_code));
 
-		perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, exit,
-				  size);
+		send_event(ctx, exit, size, MSG_OP_EXIT);
 	}
 	execve_map_delete(tgid);
 }

diff --git a/bpf/process/bpf_fork.c b/bpf/process/bpf_fork.c
@@ -88,8 +88,7 @@ BPF_KPROBE(event_wake_up_new_task, struct task_struct *task)
 		/* Last: set any encountered error when setting cgroup info */
 		msg.flags |= error_flags;
 
-		perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, &msg,
-				  size);
+		send_event(ctx, &msg, size, MSG_OP_CLONE);
 	}
 	return 0;
 }
diff --git a/bpf/process/bpf_loader.c b/bpf/process/bpf_loader.c
@@ -134,6 +134,6 @@ loader_kprobe(struct pt_regs *ctx)
 	msg->common.op = MSG_OP_LOADER;
 	msg->common.flags = 0;
 
-	perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, msg, total);
+	send_event(ctx, msg, total, MSG_OP_LOADER);
 	return 0;
 }
diff --git a/bpf/process/data_event.h b/bpf/process/data_event.h
@@ -32,8 +32,7 @@ __do_bytes(void *ctx, struct msg_data *msg, unsigned long uptr, size_t bytes)
 		return err;
 
 	msg->common.size = offsetof(struct msg_data, arg) + bytes;
-	perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, msg,
-			  msg->common.size);
+	send_event(ctx, msg, msg->common.size, MSG_OP_DATA);
 	return bytes;
 b:
 	return -1;
@@ -106,7 +105,7 @@ __do_str(void *ctx, struct msg_data *msg, unsigned long arg,
 		     :
 		     : [size] "+r"(size)
 		     :);
-	perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, msg, size);
+	send_event(ctx, msg, size, MSG_OP_DATA);
 	return err == max ? 0 : 1;
 }
 

diff --git a/bpf/process/types/basic.h b/bpf/process/types/basic.h
@@ -1909,7 +1909,7 @@ generic_output(void *ctx, struct bpf_map_def *heap)
 		     :
 		     : [total] "+r"(total)
 		     :);
-	perf_event_output(ctx, &tcpmon_map, BPF_F_CURRENT_CPU, e, total);
+	send_event(ctx, e, total, e->common.op);
 	return 1;
 }