#2 Add ss support for BPF socket-local storage pretty-printing
Merged 9 months ago by dcavalca. Opened 9 months ago by naccyde.
rpms/ naccyde/iproute c9s-sig-hyperscale  into  c9s-sig-hyperscale

@@ -0,0 +1,407 @@ 

+ From 8740ca9dcd3ccf1c75c362900cb3218ae3204cf5 Mon Sep 17 00:00:00 2001

+ From: Quentin Deslandes <qde@naccy.de>

+ Date: Wed, 21 Feb 2024 16:16:19 +0100

+ Subject: [PATCH] ss: add support for BPF socket-local storage

+ 

+ While sock_diag is able to return BPF socket-local storage in response

+ to INET_DIAG_REQ_SK_BPF_STORAGES requests, ss doesn't request it.

+ 

+ This change introduces the --bpf-maps and --bpf-map-id= options to request

+ BPF socket-local storage for all SK_STORAGE maps, or only specific ones.

+ 

+ The bigger part of this change will check the requested map IDs and

+ ensure they are valid. The column COL_EXT is used to print the

+ socket-local data into.

+ 

+ When --bpf-maps is used, ss will send an empty

+ INET_DIAG_REQ_SK_BPF_STORAGES request, in return the kernel will send

+ all the BPF socket-local storage entries for a given socket. The BTF

+ data for each map is loaded on demand, as ss can't predict which map ID

+ are used.

+ 

+ When --bpf-map-id=ID is used, a file descriptor to the requested maps is

+ open to 1) ensure the map doesn't disappear before the data is printed,

+ and 2) ensure the map type is BPF_MAP_TYPE_SK_STORAGE. The BTF data for

+ each requested map is loaded before the request is sent to the kernel.

+ 

+ Co-developed-by: Martin KaFai Lau <martin.lau@kernel.org>

+ Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>

+ Signed-off-by: Quentin Deslandes <qde@naccy.de>

+ Signed-off-by: David Ahern <dsahern@kernel.org>

+ ---

+  misc/ss.c | 272 +++++++++++++++++++++++++++++++++++++++++++++++++++++-

+  1 file changed, 269 insertions(+), 3 deletions(-)

+ 

+ diff --git a/misc/ss.c b/misc/ss.c

+ index 72a841be..2c7e7c58 100644

+ --- a/misc/ss.c

+ +++ b/misc/ss.c

+ @@ -51,6 +51,24 @@

+  #include <linux/tls.h>

+  #include <linux/mptcp.h>

+  

+ +#ifdef HAVE_LIBBPF

+ +/* If libbpf is new enough (0.5+), support for pretty-printing BPF socket-local

+ + * storage is enabled, otherwise we emit a warning and disable it.

+ + * ENABLE_BPF_SKSTORAGE_SUPPORT is only used to gate the socket-local storage

+ + * feature, so this wouldn't prevent any feature relying on HAVE_LIBBPF to be

+ + * usable.

+ + */

+ +#define ENABLE_BPF_SKSTORAGE_SUPPORT

+ +

+ +#include <bpf/bpf.h>

+ +#include <bpf/libbpf.h>

+ +

+ +#if (LIBBPF_MAJOR_VERSION == 0) && (LIBBPF_MINOR_VERSION < 5)

+ +#warning "libbpf version 0.5 or later is required, disabling BPF socket-local storage support"

+ +#undef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +#endif

+ +#endif

+ +

+  #if HAVE_RPC

+  #include <rpc/rpc.h>

+  #include <rpc/xdr.h>

+ @@ -3384,6 +3402,202 @@ static void parse_diag_msg(struct nlmsghdr *nlh, struct sockstat *s)

+  	memcpy(s->remote.data, r->id.idiag_dst, s->local.bytelen);

+  }

+  

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +

+ +#define MAX_NR_BPF_MAP_ID_OPTS 32

+ +

+ +struct btf;

+ +

+ +static struct bpf_map_opts {

+ +	unsigned int nr_maps;

+ +	struct bpf_sk_storage_map_info {

+ +		unsigned int id;

+ +		int fd;

+ +	} maps[MAX_NR_BPF_MAP_ID_OPTS];

+ +	bool show_all;

+ +} bpf_map_opts;

+ +

+ +static void bpf_map_opts_mixed_error(void)

+ +{

+ +	fprintf(stderr,

+ +		"ss: --bpf-maps and --bpf-map-id cannot be used together\n");

+ +}

+ +

+ +static int bpf_map_opts_load_info(unsigned int map_id)

+ +{

+ +	struct bpf_map_info info = {};

+ +	uint32_t len = sizeof(info);

+ +	int fd;

+ +	int r;

+ +

+ +	if (bpf_map_opts.nr_maps == MAX_NR_BPF_MAP_ID_OPTS) {

+ +		fprintf(stderr,

+ +			"ss: too many (> %u) BPF socket-local storage maps found, skipping map ID %u\n",

+ +			MAX_NR_BPF_MAP_ID_OPTS, map_id);

+ +		return 0;

+ +	}

+ +

+ +	fd = bpf_map_get_fd_by_id(map_id);

+ +	if (fd < 0) {

+ +		if (errno == -ENOENT)

+ +			return 0;

+ +

+ +		fprintf(stderr, "ss: cannot get fd for BPF map ID %u%s\n",

+ +			map_id, errno == EPERM ?

+ +			": missing root permissions, CAP_BPF, or CAP_SYS_ADMIN" : "");

+ +		return -1;

+ +	}

+ +

+ +	r = bpf_obj_get_info_by_fd(fd, &info, &len);

+ +	if (r) {

+ +		fprintf(stderr, "ss: failed to get info for BPF map ID %u\n",

+ +			map_id);

+ +		close(fd);

+ +		return -1;

+ +	}

+ +

+ +	if (info.type != BPF_MAP_TYPE_SK_STORAGE) {

+ +		fprintf(stderr,

+ +			"ss: BPF map with ID %s has type ID %d, expecting %d ('sk_storage')\n",

+ +			optarg, info.type, BPF_MAP_TYPE_SK_STORAGE);

+ +		close(fd);

+ +		return -1;

+ +	}

+ +

+ +	bpf_map_opts.maps[bpf_map_opts.nr_maps].id = map_id;

+ +	bpf_map_opts.maps[bpf_map_opts.nr_maps++].fd = fd;

+ +

+ +	return 0;

+ +}

+ +

+ +static struct bpf_sk_storage_map_info *bpf_map_opts_get_info(

+ +	unsigned int map_id)

+ +{

+ +	unsigned int i;

+ +	int r;

+ +

+ +	for (i = 0; i < bpf_map_opts.nr_maps; ++i) {

+ +		if (bpf_map_opts.maps[i].id == map_id)

+ +			return &bpf_map_opts.maps[i];

+ +	}

+ +

+ +	r = bpf_map_opts_load_info(map_id);

+ +	if (r)

+ +		return NULL;

+ +

+ +	return &bpf_map_opts.maps[bpf_map_opts.nr_maps - 1];

+ +}

+ +

+ +static int bpf_map_opts_add_id(const char *optarg)

+ +{

+ +	size_t optarg_len;

+ +	unsigned long id;

+ +	char *end;

+ +

+ +	if (bpf_map_opts.show_all) {

+ +		bpf_map_opts_mixed_error();

+ +		return -1;

+ +	}

+ +

+ +	optarg_len = strlen(optarg);

+ +	id = strtoul(optarg, &end, 0);

+ +	if (end != optarg + optarg_len || id == 0 || id >= UINT32_MAX) {

+ +		fprintf(stderr, "ss: invalid BPF map ID %s\n", optarg);

+ +		return -1;

+ +	}

+ +

+ +	/* Force lazy loading of the map's data. */

+ +	if (!bpf_map_opts_get_info(id))

+ +		return -1;

+ +

+ +	return 0;

+ +}

+ +

+ +static void bpf_map_opts_destroy(void)

+ +{

+ +	int i;

+ +

+ +	for (i = 0; i < bpf_map_opts.nr_maps; ++i)

+ +		close(bpf_map_opts.maps[i].fd);

+ +}

+ +

+ +static struct rtattr *bpf_map_opts_alloc_rta(void)

+ +{

+ +	struct rtattr *stgs_rta, *fd_rta;

+ +	size_t total_size;

+ +	unsigned int i;

+ +	void *buf;

+ +

+ +	/* If bpf_map_opts.show_all == true, we will send an empty message to

+ +	 * the kernel, which will return all the socket-local data attached to

+ +	 * a socket, no matter their map ID

+ +	 */

+ +	if (bpf_map_opts.show_all) {

+ +		total_size = RTA_LENGTH(0);

+ +	} else {

+ +		total_size = RTA_LENGTH(RTA_LENGTH(sizeof(int)) *

+ +					bpf_map_opts.nr_maps);

+ +	}

+ +

+ +	buf = malloc(total_size);

+ +	if (!buf)

+ +		return NULL;

+ +

+ +	stgs_rta = buf;

+ +	stgs_rta->rta_type = INET_DIAG_REQ_SK_BPF_STORAGES | NLA_F_NESTED;

+ +	stgs_rta->rta_len = total_size;

+ +

+ +	/* If inet_show_netlink() retries fetching socket data, nr_maps might

+ +	 * be different from 0, even with show_all == true, so we return early

+ +	 * to avoid inserting specific map IDs into the request.

+ +	 */

+ +	if (bpf_map_opts.show_all)

+ +		return stgs_rta;

+ +

+ +	buf = RTA_DATA(stgs_rta);

+ +	for (i = 0; i < bpf_map_opts.nr_maps; i++) {

+ +		int *fd;

+ +

+ +		fd_rta = buf;

+ +		fd_rta->rta_type = SK_DIAG_BPF_STORAGE_REQ_MAP_FD;

+ +		fd_rta->rta_len = RTA_LENGTH(sizeof(int));

+ +

+ +		fd = RTA_DATA(fd_rta);

+ +		*fd = bpf_map_opts.maps[i].fd;

+ +

+ +		buf += fd_rta->rta_len;

+ +	}

+ +

+ +	return stgs_rta;

+ +}

+ +

+ +static void show_sk_bpf_storages(struct rtattr *bpf_stgs)

+ +{

+ +	struct rtattr *tb[SK_DIAG_BPF_STORAGE_MAX + 1], *bpf_stg;

+ +	unsigned int rem;

+ +

+ +	for (bpf_stg = RTA_DATA(bpf_stgs), rem = RTA_PAYLOAD(bpf_stgs);

+ +		RTA_OK(bpf_stg, rem); bpf_stg = RTA_NEXT(bpf_stg, rem)) {

+ +

+ +		if ((bpf_stg->rta_type & NLA_TYPE_MASK) != SK_DIAG_BPF_STORAGE)

+ +			continue;

+ +

+ +		parse_rtattr_nested(tb, SK_DIAG_BPF_STORAGE_MAX,

+ +				    (struct rtattr *)bpf_stg);

+ +

+ +		if (tb[SK_DIAG_BPF_STORAGE_MAP_ID]) {

+ +			out(" map_id:%u",

+ +			    rta_getattr_u32(tb[SK_DIAG_BPF_STORAGE_MAP_ID]));

+ +		}

+ +	}

+ +}

+ +

+ +static bool bpf_map_opts_is_enabled(void)

+ +{

+ +	return bpf_map_opts.nr_maps || bpf_map_opts.show_all;

+ +}

+ +#endif

+ +

+  static int inet_show_sock(struct nlmsghdr *nlh,

+  			  struct sockstat *s)

+  {

+ @@ -3391,8 +3605,9 @@ static int inet_show_sock(struct nlmsghdr *nlh,

+  	struct inet_diag_msg *r = NLMSG_DATA(nlh);

+  	unsigned char v6only = 0;

+  

+ -	parse_rtattr(tb, INET_DIAG_MAX, (struct rtattr *)(r+1),

+ -		     nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));

+ +	parse_rtattr_flags(tb, INET_DIAG_MAX, (struct rtattr *)(r+1),

+ +			   nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)),

+ +			   NLA_F_NESTED);

+  

+  	if (tb[INET_DIAG_PROTOCOL])

+  		s->type = rta_getattr_u8(tb[INET_DIAG_PROTOCOL]);

+ @@ -3489,6 +3704,11 @@ static int inet_show_sock(struct nlmsghdr *nlh,

+  	}

+  	sctp_ino = s->ino;

+  

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +	if (tb[INET_DIAG_SK_BPF_STORAGES])

+ +		show_sk_bpf_storages(tb[INET_DIAG_SK_BPF_STORAGES]);

+ +#endif

+ +

+  	return 0;

+  }

+  

+ @@ -3570,13 +3790,14 @@ static int sockdiag_send(int family, int fd, int protocol, struct filter *f)

+  {

+  	struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK };

+  	DIAG_REQUEST(req, struct inet_diag_req_v2 r);

+ +	struct rtattr *bpf_rta = NULL;

+  	char    *bc = NULL;

+  	int	bclen;

+  	__u32	proto;

+  	struct msghdr msg;

+  	struct rtattr rta_bc;

+  	struct rtattr rta_proto;

+ -	struct iovec iov[5];

+ +	struct iovec iov[6];

+  	int iovlen = 1;

+  

+  	if (family == PF_UNSPEC)

+ @@ -3629,6 +3850,20 @@ static int sockdiag_send(int family, int fd, int protocol, struct filter *f)

+  		iovlen += 2;

+  	}

+  

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +	if (bpf_map_opts_is_enabled()) {

+ +		bpf_rta = bpf_map_opts_alloc_rta();

+ +		if (!bpf_rta) {

+ +			fprintf(stderr,

+ +				"ss: cannot alloc request for --bpf-map\n");

+ +			return -1;

+ +		}

+ +

+ +		iov[iovlen++] = (struct iovec){ bpf_rta, bpf_rta->rta_len };

+ +		req.nlh.nlmsg_len += bpf_rta->rta_len;

+ +	}

+ +#endif

+ +

+  	msg = (struct msghdr) {

+  		.msg_name = (void *)&nladdr,

+  		.msg_namelen = sizeof(nladdr),

+ @@ -3637,10 +3872,13 @@ static int sockdiag_send(int family, int fd, int protocol, struct filter *f)

+  	};

+  

+  	if (sendmsg(fd, &msg, 0) < 0) {

+ +		free(bpf_rta);

+  		close(fd);

+  		return -1;

+  	}

+  

+ +	free(bpf_rta);

+ +

+  	return 0;

+  }

+  

+ @@ -5361,6 +5599,10 @@ static void _usage(FILE *dest)

+  "       --tos           show tos and priority information\n"

+  "       --cgroup        show cgroup information\n"

+  "   -b, --bpf           show bpf filter socket information\n"

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +"       --bpf-maps      show all BPF socket-local storage maps\n"

+ +"       --bpf-map-id=MAP-ID    show a BPF socket-local storage map\n"

+ +#endif

+  "   -E, --events        continually display sockets as they are destroyed\n"

+  "   -Z, --context       display task SELinux security contexts\n"

+  "   -z, --contexts      display task and socket SELinux security contexts\n"

+ @@ -5487,6 +5729,9 @@ wrong_state:

+  

+  #define OPT_INET_SOCKOPT 262

+  

+ +#define OPT_BPF_MAPS 263

+ +#define OPT_BPF_MAP_ID 264

+ +

+  static const struct option long_opts[] = {

+  	{ "numeric", 0, 0, 'n' },

+  	{ "resolve", 0, 0, 'r' },

+ @@ -5533,6 +5778,10 @@ static const struct option long_opts[] = {

+  	{ "mptcp", 0, 0, 'M' },

+  	{ "oneline", 0, 0, 'O' },

+  	{ "inet-sockopt", 0, 0, OPT_INET_SOCKOPT },

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +	{ "bpf-maps", 0, 0, OPT_BPF_MAPS},

+ +	{ "bpf-map-id", 1, 0, OPT_BPF_MAP_ID},

+ +#endif

+  	{ 0 }

+  

+  };

+ @@ -5741,6 +5990,19 @@ int main(int argc, char *argv[])

+  		case OPT_INET_SOCKOPT:

+  			show_inet_sockopt = 1;

+  			break;

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +		case OPT_BPF_MAPS:

+ +			if (bpf_map_opts.nr_maps) {

+ +				bpf_map_opts_mixed_error();

+ +				return -1;

+ +			}

+ +			bpf_map_opts.show_all = true;

+ +			break;

+ +		case OPT_BPF_MAP_ID:

+ +			if (bpf_map_opts_add_id(optarg))

+ +				exit(1);

+ +			break;

+ +#endif

+  		case 'h':

+  			help();

+  		case '?':

+ @@ -5880,6 +6142,10 @@ int main(int argc, char *argv[])

+  	if (show_processes || show_threads || show_proc_ctx || show_sock_ctx)

+  		user_ent_destroy();

+  

+ +#ifdef ENABLE_BPF_SKSTORAGE_SUPPORT

+ +	bpf_map_opts_destroy();

+ +#endif

+ +

+  	render();

+  

+  	return 0;

+ -- 

+ 2.41.0

+ 

@@ -0,0 +1,270 @@ 

+ From e3ecf048579afd7a673700d04893671627e85d57 Mon Sep 17 00:00:00 2001

+ From: Quentin Deslandes <qde@naccy.de>

+ Date: Wed, 21 Feb 2024 16:16:20 +0100

+ Subject: [PATCH] ss: pretty-print BPF socket-local storage

+ 

+ ss is able to print the map ID(s) for which a given socket has BPF

+ socket-local storage defined (using --bpf-maps or --bpf-map-id=). However,

+ the actual content of the map remains hidden.

+ 

+ This change aims to pretty-print the socket-local storage content following

+ the socket details, similar to what `bpftool map dump` would do. The exact

+ output format is inspired by drgn, while the BTF data processing is similar

+ to bpftool's.

+ 

+ ss will use libbpf's btf_dump__dump_type_data() to ease pretty-printing

+ of binary data. This requires out_bpf_sk_storage_print_fn() as a print

+ callback function used by btf_dump__dump_type_data(). vout() is also

+ introduced, which is similar to out() but accepts a va_list as

+ parameter.

+ 

+ ss' output remains unchanged unless --bpf-maps or --bpf-map-id= is used,

+ in which case each socket containing BPF local storage will be followed by

+ the content of the storage before the next socket's info is displayed.

+ 

+ Signed-off-by: Quentin Deslandes <qde@naccy.de>

+ Acked-by: Martin KaFai Lau <martin.lau@kernel.org>

+ Signed-off-by: David Ahern <dsahern@kernel.org>

+ ---

+  misc/ss.c | 148 ++++++++++++++++++++++++++++++++++++++++++++++++++----

+  1 file changed, 137 insertions(+), 11 deletions(-)

+ 

+ diff --git a/misc/ss.c b/misc/ss.c

+ index 2c7e7c58..3ebac132 100644

+ --- a/misc/ss.c

+ +++ b/misc/ss.c

+ @@ -61,7 +61,9 @@

+  #define ENABLE_BPF_SKSTORAGE_SUPPORT

+  

+  #include <bpf/bpf.h>

+ +#include <bpf/btf.h>

+  #include <bpf/libbpf.h>

+ +#include <linux/btf.h>

+  

+  #if (LIBBPF_MAJOR_VERSION == 0) && (LIBBPF_MINOR_VERSION < 5)

+  #warning "libbpf version 0.5 or later is required, disabling BPF socket-local storage support"

+ @@ -1053,11 +1055,10 @@ static int buf_update(int len)

+  }

+  

+  /* Append content to buffer as part of the current field */

+ -__attribute__((format(printf, 1, 2)))

+ -static void out(const char *fmt, ...)

+ +static void vout(const char *fmt, va_list args)

+  {

+  	struct column *f = current_field;

+ -	va_list args;

+ +	va_list _args;

+  	char *pos;

+  	int len;

+  

+ @@ -1068,18 +1069,27 @@ static void out(const char *fmt, ...)

+  		buffer.head = buf_chunk_new();

+  

+  again:	/* Append to buffer: if we have a new chunk, print again */

+ +	va_copy(_args, args);

+  

+  	pos = buffer.cur->data + buffer.cur->len;

+ -	va_start(args, fmt);

+  

+  	/* Limit to tail room. If we hit the limit, buf_update() will tell us */

+ -	len = vsnprintf(pos, buf_chunk_avail(buffer.tail), fmt, args);

+ -	va_end(args);

+ +	len = vsnprintf(pos, buf_chunk_avail(buffer.tail), fmt, _args);

+  

+  	if (buf_update(len))

+  		goto again;

+  }

+  

+ +__attribute__((format(printf, 1, 2)))

+ +static void out(const char *fmt, ...)

+ +{

+ +	va_list args;

+ +

+ +	va_start(args, fmt);

+ +	vout(fmt, args);

+ +	va_end(args);

+ +}

+ +

+  static int print_left_spacing(struct column *f, int stored, int printed)

+  {

+  	int s;

+ @@ -3413,6 +3423,9 @@ static struct bpf_map_opts {

+  	struct bpf_sk_storage_map_info {

+  		unsigned int id;

+  		int fd;

+ +		struct bpf_map_info info;

+ +		struct btf *btf;

+ +		struct btf_dump *dump;

+  	} maps[MAX_NR_BPF_MAP_ID_OPTS];

+  	bool show_all;

+  } bpf_map_opts;

+ @@ -3423,10 +3436,36 @@ static void bpf_map_opts_mixed_error(void)

+  		"ss: --bpf-maps and --bpf-map-id cannot be used together\n");

+  }

+  

+ +static int bpf_maps_opts_load_btf(struct bpf_map_info *info, struct btf **btf)

+ +{

+ +	if (info->btf_value_type_id) {

+ +		*btf = btf__load_from_kernel_by_id(info->btf_id);

+ +		if (!*btf) {

+ +			fprintf(stderr, "ss: failed to load BTF for map ID %u\n",

+ +				info->id);

+ +			return -1;

+ +		}

+ +	} else {

+ +		*btf = NULL;

+ +	}

+ +

+ +	return 0;

+ +}

+ +

+ +static void out_bpf_sk_storage_print_fn(void *ctx, const char *fmt, va_list args)

+ +{

+ +	vout(fmt, args);

+ +}

+ +

+  static int bpf_map_opts_load_info(unsigned int map_id)

+  {

+ +	struct btf_dump_opts dopts = {

+ +		.sz = sizeof(struct btf_dump_opts)

+ +	};

+  	struct bpf_map_info info = {};

+  	uint32_t len = sizeof(info);

+ +	struct btf_dump *dump;

+ +	struct btf *btf;

+  	int fd;

+  	int r;

+  

+ @@ -3464,8 +3503,25 @@ static int bpf_map_opts_load_info(unsigned int map_id)

+  		return -1;

+  	}

+  

+ +	r = bpf_maps_opts_load_btf(&info, &btf);

+ +	if (r) {

+ +		close(fd);

+ +		return -1;

+ +	}

+ +

+ +	dump = btf_dump__new(btf, out_bpf_sk_storage_print_fn, NULL, &dopts);

+ +	if (!dump) {

+ +		btf__free(btf);

+ +		close(fd);

+ +		fprintf(stderr, "Failed to create btf_dump object\n");

+ +		return -1;

+ +	}

+ +

+  	bpf_map_opts.maps[bpf_map_opts.nr_maps].id = map_id;

+ -	bpf_map_opts.maps[bpf_map_opts.nr_maps++].fd = fd;

+ +	bpf_map_opts.maps[bpf_map_opts.nr_maps].fd = fd;

+ +	bpf_map_opts.maps[bpf_map_opts.nr_maps].info = info;

+ +	bpf_map_opts.maps[bpf_map_opts.nr_maps].btf = btf;

+ +	bpf_map_opts.maps[bpf_map_opts.nr_maps++].dump = dump;

+  

+  	return 0;

+  }

+ @@ -3517,8 +3573,11 @@ static void bpf_map_opts_destroy(void)

+  {

+  	int i;

+  

+ -	for (i = 0; i < bpf_map_opts.nr_maps; ++i)

+ +	for (i = 0; i < bpf_map_opts.nr_maps; ++i) {

+ +		btf_dump__free(bpf_map_opts.maps[i].dump);

+ +		btf__free(bpf_map_opts.maps[i].btf);

+  		close(bpf_map_opts.maps[i].fd);

+ +	}

+  }

+  

+  static struct rtattr *bpf_map_opts_alloc_rta(void)

+ @@ -3571,10 +3630,74 @@ static struct rtattr *bpf_map_opts_alloc_rta(void)

+  	return stgs_rta;

+  }

+  

+ +static void out_bpf_sk_storage_oneline(struct bpf_sk_storage_map_info *info,

+ +	const void *data, size_t len)

+ +{

+ +	struct btf_dump_type_data_opts opts = {

+ +		.sz = sizeof(struct btf_dump_type_data_opts),

+ +		.emit_zeroes = 1,

+ +		.compact = 1

+ +	};

+ +	int r;

+ +

+ +	out(" map_id:%d", info->id);

+ +	r = btf_dump__dump_type_data(info->dump, info->info.btf_value_type_id,

+ +				     data, len, &opts);

+ +	if (r < 0)

+ +		out("failed to dump data: %d", r);

+ +}

+ +

+ +static void out_bpf_sk_storage_multiline(struct bpf_sk_storage_map_info *info,

+ +	const void *data, size_t len)

+ +{

+ +	struct btf_dump_type_data_opts opts = {

+ +		.sz = sizeof(struct btf_dump_type_data_opts),

+ +		.indent_level = 2,

+ +		.emit_zeroes = 1

+ +	};

+ +	int r;

+ +

+ +	out("\n\tmap_id:%d [\n", info->id);

+ +

+ +	r = btf_dump__dump_type_data(info->dump, info->info.btf_value_type_id,

+ +				     data, len, &opts);

+ +	if (r < 0)

+ +		out("\t\tfailed to dump data: %d", r);

+ +

+ +	out("\n\t]");

+ +}

+ +

+ +static void out_bpf_sk_storage(int map_id, const void *data, size_t len)

+ +{

+ +	struct bpf_sk_storage_map_info *map_info;

+ +

+ +	map_info = bpf_map_opts_get_info(map_id);

+ +	if (!map_info) {

+ +		/* The kernel might return a map we can't get info for, skip

+ +		 * it but print the other ones.

+ +		 */

+ +		out("\n\tmap_id: %d failed to fetch info, skipping\n", map_id);

+ +		return;

+ +	}

+ +

+ +	if (map_info->info.value_size != len) {

+ +		fprintf(stderr,

+ +			"map_id: %d: invalid value size, expecting %u, got %lu\n",

+ +			map_id, map_info->info.value_size, len);

+ +		return;

+ +	}

+ +

+ +	if (oneline)

+ +		out_bpf_sk_storage_oneline(map_info, data, len);

+ +	else

+ +		out_bpf_sk_storage_multiline(map_info, data, len);

+ +}

+ +

+  static void show_sk_bpf_storages(struct rtattr *bpf_stgs)

+  {

+  	struct rtattr *tb[SK_DIAG_BPF_STORAGE_MAX + 1], *bpf_stg;

+ -	unsigned int rem;

+ +	unsigned int rem, map_id;

+ +	struct rtattr *value;

+  

+  	for (bpf_stg = RTA_DATA(bpf_stgs), rem = RTA_PAYLOAD(bpf_stgs);

+  		RTA_OK(bpf_stg, rem); bpf_stg = RTA_NEXT(bpf_stg, rem)) {

+ @@ -3586,8 +3709,11 @@ static void show_sk_bpf_storages(struct rtattr *bpf_stgs)

+  				    (struct rtattr *)bpf_stg);

+  

+  		if (tb[SK_DIAG_BPF_STORAGE_MAP_ID]) {

+ -			out(" map_id:%u",

+ -			    rta_getattr_u32(tb[SK_DIAG_BPF_STORAGE_MAP_ID]));

+ +			map_id = rta_getattr_u32(tb[SK_DIAG_BPF_STORAGE_MAP_ID]);

+ +			value = tb[SK_DIAG_BPF_STORAGE_MAP_VALUE];

+ +

+ +			out_bpf_sk_storage(map_id, RTA_DATA(value),

+ +					   RTA_PAYLOAD(value));

+  		}

+  	}

+  }

+ -- 

+ 2.41.0

+ 

@@ -0,0 +1,34 @@ 

+ From 50763d53310c1f95bd846ce9961d40e0e0e66376 Mon Sep 17 00:00:00 2001

+ From: Quentin Deslandes <qde@naccy.de>

+ Date: Wed, 21 Feb 2024 16:16:21 +0100

+ Subject: [PATCH] ss: update man page to document --bpf-maps and --bpf-map-id=

+ 

+ Document new --bpf-maps and --bpf-map-id= options.

+ 

+ Signed-off-by: Quentin Deslandes <qde@naccy.de>

+ Acked-by: Martin KaFai Lau <martin.lau@kernel.org>

+ Signed-off-by: David Ahern <dsahern@kernel.org>

+ ---

+  man/man8/ss.8 | 6 ++++++

+  1 file changed, 6 insertions(+)

+ 

+ diff --git a/man/man8/ss.8 b/man/man8/ss.8

+ index b014cde1..e23af826 100644

+ --- a/man/man8/ss.8

+ +++ b/man/man8/ss.8

+ @@ -426,6 +426,12 @@ to FILE after applying filters. If FILE is - stdout is used.

+  Read filter information from FILE.  Each line of FILE is interpreted

+  like single command line option. If FILE is - stdin is used.

+  .TP

+ +.B \-\-bpf-maps

+ +Pretty-print all the BPF socket-local data entries for each socket.

+ +.TP

+ +.B \-\-bpf-map-id=MAP_ID

+ +Pretty-print the BPF socket-local data entries for the requested map ID. Can be used more than once.

+ +.TP

+  .B FILTER := [ state STATE-FILTER ] [ EXPRESSION ]

+  Please take a look at the official documentation for details regarding filters.

+  

+ -- 

+ 2.41.0

+ 

file modified
+10 -1
@@ -1,7 +1,7 @@ 

  Summary:            Advanced IP routing and network device configuration tools

  Name:               iproute

  Version:            6.7.0

- Release:            2%{?dist}%{?buildid}

+ Release:            2.1%{?dist}%{?buildid}

  %if 0%{?rhel}

  Group:              Applications/System

  %endif
@@ -9,6 +9,10 @@ 

  Source0:            https://kernel.org/pub/linux/utils/net/%{name}2/%{name}2-%{version}.tar.xz

  Source1:            rt_dsfield.deprecated

  

+ Patch0001: 0001-ss-add-support-for-BPF-socket-local-storage.patch

+ Patch0002: 0002-ss-pretty-print-BPF-socket-local-storage.patch

+ Patch0003: 0003-ss-update-man-page-to-document-bpf-maps-and-bpf-map-.patch

+ 

  License:            GPL-2.0-or-later AND NIST-PD

  BuildRequires:      bison

  BuildRequires:      elfutils-libelf-devel
@@ -139,6 +143,11 @@ 

  %{_includedir}/iproute2/bpf_elf.h

  

  %changelog

+ * Thu Feb 29 2024 Quentin Deslandes <qde@naccy.de> - 6.7.0-2.1.el9

+ - ss: add support for BPF socket-local storage

+ - ss: pretty-print BPF socket-local storage

+ - ss: update man page to document --bpf-maps and --bpf-map-id=

+ 

  * Tue Jan 23 2024 Andrea Claudi <aclaudi@redhat.com> - 6.7.0-2.el9

  - rpmautospec not available in build root, revert spec file changes (Andrea Claudi)