diff --git a/doc/Doxyfile.in b/doc/Doxyfile.in index 0e9dcc52d..44e5640c3 100644 --- a/doc/Doxyfile.in +++ b/doc/Doxyfile.in @@ -57,7 +57,8 @@ GENERATE_PERLMOD = NO #--------------------------------------------------------------------------- INCLUDE_PATH = "@CMAKE_SOURCE_DIR@/src" "@CMAKE_SOURCE_DIR@/tests" MACRO_EXPANSION = YES -PREDEFINED = bf_aligned(x)= +PREDEFINED = bf_aligned(x)= \ + DOXYGEN #--------------------------------------------------------------------------- # Configuration options related to diagram generator tools diff --git a/src/bfcli/lexer.l b/src/bfcli/lexer.l index 8a04987a7..16476d854 100644 --- a/src/bfcli/lexer.l +++ b/src/bfcli/lexer.l @@ -101,7 +101,7 @@ log { BEGIN(STATE_LOG_OPTS); return LOG; } [0-9a-zA-Z]+(,[0-9a-zA-Z]+)* { BEGIN(INITIAL); yylval.sval = strdup(yytext); - return LOG_HEADERS; + return LOG_OPTS; } } diff --git a/src/bfcli/parser.y b/src/bfcli/parser.y index 98a4cd238..9655c0c79 100644 --- a/src/bfcli/parser.y +++ b/src/bfcli/parser.y @@ -103,7 +103,7 @@ %token SET %token LOG COUNTER MARK %token REDIRECT_TOKEN -%token LOG_HEADERS +%token LOG_OPTS %token SET_TYPE %token SET_RAW_PAYLOAD %token STRING @@ -320,7 +320,7 @@ rule : RULE matchers rule_options rule_verdict } ; -rule_option : LOG LOG_HEADERS +rule_option : LOG LOG_OPTS { _cleanup_free_ char *in = $2; char *tmp = in; @@ -329,12 +329,12 @@ rule_option : LOG LOG_HEADERS uint8_t log = 0; while ((token = strtok_r(tmp, ",", &saveptr))) { - enum bf_pkthdr header; + enum bf_log_opt opt; - if (bf_pkthdr_from_str(token, &header) < 0) - bf_parse_err("unknown packet header '%s'", token); + if (bf_log_opt_from_str(token, &opt) < 0) + bf_parse_err("unknown log option '%s'", token); - log |= BF_FLAG(header); + log |= BF_FLAG(opt); tmp = NULL; } diff --git a/src/bfcli/print.c b/src/bfcli/print.c index b920dc21d..73292ee62 100644 --- a/src/bfcli/print.c +++ b/src/bfcli/print.c @@ -265,12 +265,12 @@ void bfc_chain_dump(struct bf_chain *chain, struct bf_hookopts *hookopts, (void)fprintf(stdout, " log "); - for (enum bf_pkthdr hdr = 0; hdr < _BF_PKTHDR_MAX; ++hdr) { - if (!(log & BF_FLAG(hdr))) + for (enum bf_log_opt opt = 0; opt < _BF_LOG_OPT_MAX; ++opt) { + if (!(log & BF_FLAG(opt))) continue; - log &= ~BF_FLAG(hdr); - (void)fprintf(stdout, "%s%s", bf_pkthdr_to_str(hdr), + log &= ~BF_FLAG(opt); + (void)fprintf(stdout, "%s%s", bf_log_opt_to_str(opt), log ? "," : "\n"); } } @@ -373,17 +373,17 @@ static void _bf_chain_log_header(const struct bf_log *log) bf_logger_get_color(BF_COLOR_LIGHT_CYAN, BF_STYLE_NORMAL), time_str, time.tv_nsec / BF_TIME_US, bf_logger_get_color(BF_COLOR_RESET, BF_STYLE_RESET), log->rule_id, - bf_logger_get_color(BF_COLOR_DEFAULT, BF_STYLE_BOLD), log->pkt_size, + bf_logger_get_color(BF_COLOR_DEFAULT, BF_STYLE_BOLD), log->pkt.pkt_size, bf_logger_get_color(BF_COLOR_RESET, BF_STYLE_RESET), bf_verdict_to_str((enum bf_verdict)log->verdict)); } static void _bf_chain_log_l2(const struct bf_log *log) { - struct ethhdr *ethhdr = (void *)log->l2hdr; + struct ethhdr *ethhdr = (void *)log->pkt.l2hdr; const char *ethertype; - if (!(log->headers & (1 << BF_PKTHDR_LINK))) { + if (!(log->pkt.headers & (1 << BF_LOG_OPT_LINK))) { (void)fprintf(stdout, " Ethernet : \n"); return; } @@ -418,14 +418,14 @@ static void _bf_chain_log_l3(const struct bf_log *log) char dst_addr[INET6_ADDRSTRLEN]; const char *protocol; - if (!(log->headers & (1 << BF_PKTHDR_INTERNET))) { + if (!(log->pkt.headers & (1 << BF_LOG_OPT_INTERNET))) { (void)fprintf(stdout, " Internet : \n"); return; } switch (log->l3_proto) { case ETH_P_IP: - iphdr = (struct iphdr *)&log->l3hdr[0]; + iphdr = (struct iphdr *)&log->pkt.l3hdr[0]; inet_ntop(AF_INET, &iphdr->saddr, src_addr, sizeof(src_addr)); inet_ntop(AF_INET, &iphdr->daddr, dst_addr, sizeof(dst_addr)); @@ -451,7 +451,7 @@ static void _bf_chain_log_l3(const struct bf_log *log) break; case ETH_P_IPV6: - ipv6hdr = (struct ipv6hdr *)log->l3hdr; + ipv6hdr = (struct ipv6hdr *)log->pkt.l3hdr; inet_ntop(AF_INET6, &ipv6hdr->saddr, src_addr, sizeof(src_addr)); inet_ntop(AF_INET6, &ipv6hdr->daddr, dst_addr, sizeof(dst_addr)); @@ -490,14 +490,14 @@ static void _bf_chain_log_l4(const struct bf_log *log) struct udphdr *udphdr; const char *tcp_flags_str; - if (!(log->headers & (1 << BF_PKTHDR_TRANSPORT))) { + if (!(log->pkt.headers & (1 << BF_LOG_OPT_TRANSPORT))) { (void)fprintf(stdout, " Transport : \n"); return; } switch (log->l4_proto) { case IPPROTO_TCP: - tcphdr = (struct tcphdr *)log->l4hdr; + tcphdr = (struct tcphdr *)log->pkt.l4hdr; tcp_flags_str = _bf_tcp_flags_to_str(tcphdr); (void)fprintf(stdout, " TCP : %s%-5u%s → %s%-5u%s", @@ -522,7 +522,7 @@ static void _bf_chain_log_l4(const struct bf_log *log) break; case IPPROTO_UDP: - udphdr = (struct udphdr *)log->l4hdr; + udphdr = (struct udphdr *)log->pkt.l4hdr; (void)fprintf(stdout, " UDP : %s%-5u%s → %s%-5u%s [len=%u]\n", bf_logger_get_color(BF_COLOR_LIGHT_YELLOW, BF_STYLE_BOLD), @@ -535,7 +535,7 @@ static void _bf_chain_log_l4(const struct bf_log *log) break; case IPPROTO_ICMP: - icmphdr = (struct icmphdr *)log->l4hdr; + icmphdr = (struct icmphdr *)log->pkt.l4hdr; (void)fprintf(stdout, " ICMP : type=%-3u code=%-3u", icmphdr->type, icmphdr->code); @@ -550,7 +550,7 @@ static void _bf_chain_log_l4(const struct bf_log *log) break; case IPPROTO_ICMPV6: - icmp6hdr = (struct icmp6hdr *)log->l4hdr; + icmp6hdr = (struct icmp6hdr *)log->pkt.l4hdr; (void)fprintf(stdout, " ICMPv6 : type=%-3u code=%-3u", icmp6hdr->icmp6_type, icmp6hdr->icmp6_code); @@ -573,12 +573,15 @@ static void _bf_chain_log_l4(const struct bf_log *log) void bfc_print_log(const struct bf_log *log) { + if (log->log_type != BF_LOG_TYPE_PACKET) + return; + _bf_chain_log_header(log); - if (log->req_headers & (1 << BF_PKTHDR_LINK)) + if (log->pkt.req_headers & (1 << BF_LOG_OPT_LINK)) _bf_chain_log_l2(log); - if (log->req_headers & (1 << BF_PKTHDR_INTERNET)) + if (log->pkt.req_headers & (1 << BF_LOG_OPT_INTERNET)) _bf_chain_log_l3(log); - if (log->req_headers & (1 << BF_PKTHDR_TRANSPORT)) + if (log->pkt.req_headers & (1 << BF_LOG_OPT_TRANSPORT)) _bf_chain_log_l4(log); } diff --git a/src/libbpfilter/CMakeLists.txt b/src/libbpfilter/CMakeLists.txt index 47d98e674..537d21691 100644 --- a/src/libbpfilter/CMakeLists.txt +++ b/src/libbpfilter/CMakeLists.txt @@ -109,7 +109,7 @@ bf_target_add_elfstubs(libbpfilter "parse_ipv6_eh" "parse_ipv6_nh" "update_counters" - "log" + "pkt_log" "flow_hash" ) diff --git a/src/libbpfilter/bpf/log.bpf.c b/src/libbpfilter/bpf/log.bpf.c deleted file mode 100644 index bdd71516f..000000000 --- a/src/libbpfilter/bpf/log.bpf.c +++ /dev/null @@ -1,58 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * Copyright (c) 2023 Meta Platforms, Inc. and affiliates. - */ - -#include - -#include -#include -#include - -#include "cgen/runtime.h" - -__u8 bf_log(struct bf_runtime *ctx, __u32 rule_id, __u8 headers, __u32 verdict, - __u32 l3_l4_proto) -{ - struct bf_log *log; - __u16 l3_proto = (__u16)(l3_l4_proto >> 16); - __u8 l4_proto = (__u8)l3_l4_proto; - - log = bpf_ringbuf_reserve(ctx->log_map, sizeof(struct bf_log), 0); - if (!log) { - bpf_printk("failed to reserve %d bytes in ringbuf", - sizeof(struct bf_log)); - return 1; - } - - log->ts = bpf_ktime_get_ns(); - log->rule_id = rule_id; - log->verdict = verdict; - log->pkt_size = ctx->pkt_size; - log->req_headers = headers; - log->headers = 0; - log->l3_proto = bpf_ntohs(l3_proto); - log->l4_proto = l4_proto; - - if (headers & (1 << BF_PKTHDR_LINK) && ctx->l2_hdr && - ctx->l2_size <= BF_L2_SLICE_LEN) { - bpf_probe_read_kernel(log->l2hdr, ctx->l2_size, ctx->l2_hdr); - log->headers |= (1 << BF_PKTHDR_LINK); - } - - if (headers & (1 << BF_PKTHDR_INTERNET) && ctx->l3_hdr && - ctx->l3_size <= BF_L3_SLICE_LEN) { - bpf_probe_read_kernel(log->l3hdr, ctx->l3_size, ctx->l3_hdr); - log->headers |= (1 << BF_PKTHDR_INTERNET); - } - - if (headers & (1 << BF_PKTHDR_TRANSPORT) && ctx->l4_hdr && - ctx->l4_size <= BF_L4_SLICE_LEN) { - bpf_probe_read_kernel(log->l4hdr, ctx->l4_size, ctx->l4_hdr); - log->headers |= (1 << BF_PKTHDR_TRANSPORT); - } - - bpf_ringbuf_submit(log, 0); - - return 0; -} diff --git a/src/libbpfilter/bpf/pkt_log.bpf.c b/src/libbpfilter/bpf/pkt_log.bpf.c new file mode 100644 index 000000000..c2ba7af92 --- /dev/null +++ b/src/libbpfilter/bpf/pkt_log.bpf.c @@ -0,0 +1,59 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (c) Meta Platforms, Inc. and affiliates. + */ + +#include + +#include +#include +#include + +#include "cgen/runtime.h" + +__u8 bf_pkt_log(struct bf_runtime *ctx, __u32 rule_id, __u8 headers, + __u32 verdict, __u32 l3_l4_proto) +{ + struct bf_log *log; + __u16 l3_proto = (__u16)(l3_l4_proto >> 16); + __u8 l4_proto = (__u8)l3_l4_proto; + + log = bpf_ringbuf_reserve(ctx->log_map, sizeof(struct bf_log), 0); + if (!log) { + bpf_printk("failed to reserve %d bytes in ringbuf", + sizeof(struct bf_log)); + return 1; + } + + log->ts = bpf_ktime_get_ns(); + log->rule_id = rule_id; + log->verdict = verdict; + log->l3_proto = bpf_ntohs(l3_proto); + log->l4_proto = l4_proto; + log->log_type = BF_LOG_TYPE_PACKET; + log->pkt.pkt_size = ctx->pkt_size; + log->pkt.req_headers = headers; + log->pkt.headers = 0; + + if (headers & (1 << BF_LOG_OPT_LINK) && ctx->l2_hdr && + ctx->l2_size <= BF_L2_SLICE_LEN) { + bpf_probe_read_kernel(log->pkt.l2hdr, ctx->l2_size, ctx->l2_hdr); + log->pkt.headers |= (1 << BF_LOG_OPT_LINK); + } + + if (headers & (1 << BF_LOG_OPT_INTERNET) && ctx->l3_hdr && + ctx->l3_size <= BF_L3_SLICE_LEN) { + bpf_probe_read_kernel(log->pkt.l3hdr, ctx->l3_size, ctx->l3_hdr); + log->pkt.headers |= (1 << BF_LOG_OPT_INTERNET); + } + + if (headers & (1 << BF_LOG_OPT_TRANSPORT) && ctx->l4_hdr && + ctx->l4_size <= BF_L4_SLICE_LEN) { + bpf_probe_read_kernel(log->pkt.l4hdr, ctx->l4_size, ctx->l4_hdr); + log->pkt.headers |= (1 << BF_LOG_OPT_TRANSPORT); + } + + bpf_ringbuf_submit(log, 0); + + return 0; +} diff --git a/src/libbpfilter/cgen/program.c b/src/libbpfilter/cgen/program.c index 84f8d7b5f..ca8524a20 100644 --- a/src/libbpfilter/cgen/program.c +++ b/src/libbpfilter/cgen/program.c @@ -357,7 +357,7 @@ static int _bf_program_generate_rule(struct bf_program *program, EMIT(program, BPF_ALU64_IMM(BPF_LSH, BPF_REG_5, 16)); EMIT(program, BPF_ALU64_REG(BPF_OR, BPF_REG_5, BPF_REG_8)); - EMIT_FIXUP_ELFSTUB(program, BF_ELFSTUB_LOG); + EMIT_FIXUP_ELFSTUB(program, BF_ELFSTUB_PKT_LOG); } if (rule->counters) { diff --git a/src/libbpfilter/include/bpfilter/elfstub.h b/src/libbpfilter/include/bpfilter/elfstub.h index 31a05ac80..1c54ee74e 100644 --- a/src/libbpfilter/include/bpfilter/elfstub.h +++ b/src/libbpfilter/include/bpfilter/elfstub.h @@ -122,7 +122,7 @@ enum bf_elfstub_id /** * Log user-requested packet headers to a ring buffer. * - * `__u8 bf_log(struct bf_runtime *ctx, __u32 rule_id, __u8 headers, __u32 verdict, __u32 l3_l4_proto)` + * `__u8 bf_pkt_log(struct bf_runtime *ctx, __u32 rule_id, __u8 headers, __u32 verdict, __u32 l3_l4_proto)` * * **Parameters** * - `ctx`: address of the `bf_runtime` context of the program. @@ -133,7 +133,7 @@ enum bf_elfstub_id * * **Return** 0 on success, or 1 on error. */ - BF_ELFSTUB_LOG, + BF_ELFSTUB_PKT_LOG, /** * Calculate flow hash from packet 5-tuple + IPv6 flow label. diff --git a/src/libbpfilter/include/bpfilter/rule.h b/src/libbpfilter/include/bpfilter/rule.h index c1d6bcc72..91cd6d5ba 100644 --- a/src/libbpfilter/include/bpfilter/rule.h +++ b/src/libbpfilter/include/bpfilter/rule.h @@ -19,28 +19,23 @@ #define BF_RULE_MARK_MASK (0x00000000ffffffffULL) /** - * @brief Return the string representation of a `bf_pkthdr` enumeration value. + * @brief Return the string representation of a `bf_log_opt` enumeration value. * - * @param hdr `bf_pkthdr` enumeration value. - * @return A pointer to the C-string representation of `hdr`. + * @param opt `bf_log_opt` enumeration value. + * @return A pointer to the C-string representation of `opt`. */ -const char *bf_pkthdr_to_str(enum bf_pkthdr hdr); +const char *bf_log_opt_to_str(enum bf_log_opt opt); /** - * @brief Return the `bf_pkthdr` enumeration value corresponding to a string. + * @brief Return the `bf_log_opt` enumeration value corresponding to a string. * - * @pre - * - `str` is a non-NULL pointer to a C-string. - * - `hdr != NULL` - * @post - * - On failure, `hdr` is unchanged. - * - * @param str String to get the corresponding `bf_pkthdr` enumeration value for. - * @param hdr On success, contains the `bf_pkthdr` enumeration value - * corresponding to `str`. + * @param str String to get the corresponding `bf_log_opt` enumeration value + * for. + * @param opt On success, contains the `bf_log_opt` enumeration value + * corresponding to `str`. Can't be NULL. * @return 0 on success, or a negative error value on failure. */ -int bf_pkthdr_from_str(const char *str, enum bf_pkthdr *hdr); +int bf_log_opt_from_str(const char *str, enum bf_log_opt *opt); #define _free_bf_rule_ __attribute__((__cleanup__(bf_rule_free))) @@ -77,8 +72,8 @@ struct bf_rule }; static_assert( - _BF_PKTHDR_MAX < 8, - "bf_pkthdr has more than 8 values, it won't fit in bf_rule.log's 8 bits"); + _BF_LOG_OPT_MAX <= 8, + "bf_log_opt has more than 8 values, it won't fit in bf_rule.log's 8 bits"); /** * Allocated and initialise a new rule. diff --git a/src/libbpfilter/include/bpfilter/runtime.h b/src/libbpfilter/include/bpfilter/runtime.h index f245bb62b..382fb1ab5 100644 --- a/src/libbpfilter/include/bpfilter/runtime.h +++ b/src/libbpfilter/include/bpfilter/runtime.h @@ -7,11 +7,24 @@ #define bf_aligned(x) __attribute__((aligned(x))) +/** + * @brief Give an anonymous union or struct a name only for Doxygen. + * + * Allows anonymous unions/structs in code while keeping Doxygen's parser happy. + */ +#ifdef DOXYGEN +#define ANONYMOUS_MEMBER(name) name +#else +#define ANONYMOUS_MEMBER(name) +#endif + // _Static_assert doesn't exist in C++ #ifndef __cplusplus #define static_assert _Static_assert #endif +#include + #include /** @@ -50,31 +63,91 @@ static_assert(BF_L3_SLICE_LEN % 8 == 0, static_assert(BF_L4_SLICE_LEN % 8 == 0, "BF_L4_SLICE_LEN should be aligned to 8 bytes"); +/** Size of the process name buffer, matches TASK_COMM_LEN. */ +#define BF_COMM_LEN 16 + /** - * @brief Types of network packet headers. + * @brief Log options controlling which headers are captured in a log entry. */ -enum bf_pkthdr +enum bf_log_opt { - /** - * Link layer header: Ethernet, ... - */ - BF_PKTHDR_LINK, + /** Link layer data: Ethernet header. */ + BF_LOG_OPT_LINK, - /** - * Internet header: IPv4, IPv6, ... - */ - BF_PKTHDR_INTERNET, + /** Internet layer data: IPv4/IPv6 header. */ + BF_LOG_OPT_INTERNET, /** - * Transport header: TCP, UDP, ... + * Transport layer data: TCP/UDP header. * * ICMPv6 is an internet layer (L3) header, but it's encapsulated inside an - * IPv6 packet, so it's considered a transport layer (L4) header in - * bpfilter. + * IPv6 packet, so it's considered layer 4 in bpfilter. */ - BF_PKTHDR_TRANSPORT, + BF_LOG_OPT_TRANSPORT, - _BF_PKTHDR_MAX, + _BF_LOG_OPT_MAX, +}; + +/** + * @brief Log entry type discriminator. + */ +enum bf_log_type +{ + /** Packet-based log entry (XDP, TC, NF, cgroup_skb). */ + BF_LOG_TYPE_PACKET, + + /** Socket address log entry (cgroup_sock_addr). */ + BF_LOG_TYPE_SOCK_ADDR, + + _BF_LOG_TYPE_MAX, +}; + +/** + * @brief Packet log payload fields (XDP, TC, NF, cgroup_skb). + */ +struct bf_log_pkt +{ + /** Total size of the packet, including the payload. */ + __u64 pkt_size; + + /** User-requested headers, as defined in the rule. */ + __u8 req_headers:4; + + /** Logged headers, as not all hooks can access all headers. */ + __u8 headers:4; + + /** Layer 2 header. */ + bf_aligned(8) __u8 l2hdr[BF_L2_SLICE_LEN]; + + /** Layer 3 header. */ + bf_aligned(8) __u8 l3hdr[BF_L3_SLICE_LEN]; + + /** Layer 4 header. */ + bf_aligned(8) __u8 l4hdr[BF_L4_SLICE_LEN]; +}; + +/** + * @brief Socket address log payload fields (cgroup_sock_addr). + */ +struct bf_log_sock_addr +{ + /** Root namespace PID (tgid) of the process. */ + __u32 pid; + + /** Destination port in host byteorder. */ + __u16 dport; + + /** User-requested log options bitmask. */ + __u8 req_log_opts; + + /** Process name. */ + bf_aligned(8) __u8 comm[BF_COMM_LEN]; + + /** Source address (4 bytes for IPv4, 16 for IPv6). */ + bf_aligned(8) __u8 saddr[sizeof(struct in6_addr)]; + + /** Destination address (4 bytes for IPv4, 16 for IPv6). */ + bf_aligned(8) __u8 daddr[sizeof(struct in6_addr)]; }; /** @@ -83,17 +156,13 @@ enum bf_pkthdr * The structure is published into a log buffer by the chain, when a hit rule * has a `log` action defined. * - * Except for the raw packet headers (`l2hdr`, `l3hdr`, and `l4hdr`), all the - * values are stored in host byteorder. + * All fields are stored in host byteorder unless noted otherwise. */ struct bf_log { - /** Timestamp of the packet processing. */ + /** Timestamp of the event. */ __u64 ts; - /** Total size of the packet, including the payload. */ - __u64 pkt_size; - /** ID of the rule triggering the log. */ __u32 rule_id; @@ -106,20 +175,20 @@ struct bf_log /** Layer 4 (transport) protocol identifier. */ __u8 l4_proto; - /** User-request headers, as defined in the rule. */ - __u8 req_headers:4; - - /** Logged headers, as not all hooks can access all headers. */ - __u8 headers:4; - - /** Layer 2 header. */ - bf_aligned(8) __u8 l2hdr[BF_L2_SLICE_LEN]; - - /** Layer 3 header. */ - bf_aligned(8) __u8 l3hdr[BF_L3_SLICE_LEN]; + /** Log entry type. */ + __u8 log_type; - /** Layer 4 header. */ - bf_aligned(8) __u8 l4hdr[BF_L4_SLICE_LEN]; + /** Flavor-specific payload, discriminated by `log_type`. + * + * - `BF_LOG_TYPE_PACKET`: use `pkt` — raw packet headers in network + * byteorder. + * - `BF_LOG_TYPE_SOCK_ADDR`: use `sock_addr` — socket address, port, + * and process metadata. */ + union + { + struct bf_log_pkt pkt; + struct bf_log_sock_addr sock_addr; + } ANONYMOUS_MEMBER(payload); }; struct bf_ip4_lpm_key diff --git a/src/libbpfilter/rule.c b/src/libbpfilter/rule.c index 22b86ab27..3abb04e98 100644 --- a/src/libbpfilter/rule.c +++ b/src/libbpfilter/rule.c @@ -19,28 +19,28 @@ #include "bpfilter/runtime.h" #include "bpfilter/verdict.h" -static const char *_bf_pkthdr_strs[] = { - [BF_PKTHDR_LINK] = "link", - [BF_PKTHDR_INTERNET] = "internet", - [BF_PKTHDR_TRANSPORT] = "transport", +static const char *_bf_log_opt_strs[] = { + [BF_LOG_OPT_LINK] = "link", + [BF_LOG_OPT_INTERNET] = "internet", + [BF_LOG_OPT_TRANSPORT] = "transport", }; -static_assert_enum_mapping(_bf_pkthdr_strs, _BF_PKTHDR_MAX); +static_assert_enum_mapping(_bf_log_opt_strs, _BF_LOG_OPT_MAX); -const char *bf_pkthdr_to_str(enum bf_pkthdr hdr) +const char *bf_log_opt_to_str(enum bf_log_opt opt) { - if (hdr < 0 || hdr >= _BF_PKTHDR_MAX) - return ""; + if (opt < 0 || opt >= _BF_LOG_OPT_MAX) + return ""; - return _bf_pkthdr_strs[hdr]; + return _bf_log_opt_strs[opt]; } -int bf_pkthdr_from_str(const char *str, enum bf_pkthdr *hdr) +int bf_log_opt_from_str(const char *str, enum bf_log_opt *opt) { - assert(hdr); + assert(opt); - for (int i = 0; i < _BF_PKTHDR_MAX; ++i) { - if (bf_streq_i(str, _bf_pkthdr_strs[i])) { - *hdr = (enum bf_pkthdr)i; + for (int i = 0; i < _BF_LOG_OPT_MAX; ++i) { + if (bf_streq_i(str, _bf_log_opt_strs[i])) { + *opt = (enum bf_log_opt)i; return 0; } } diff --git a/tests/fuzz/keywords.dict b/tests/fuzz/keywords.dict index 2377d20e1..2a7b0901e 100644 --- a/tests/fuzz/keywords.dict +++ b/tests/fuzz/keywords.dict @@ -132,7 +132,7 @@ "ipv4" "ipv6" -# Log headers (bf_pkthdr) +# Log options (bf_log_opt) "link" "internet" "transport" diff --git a/tests/harness/Rule.hpp b/tests/harness/Rule.hpp index 7a4a99068..45da2a1ed 100644 --- a/tests/harness/Rule.hpp +++ b/tests/harness/Rule.hpp @@ -21,7 +21,7 @@ extern "C" { namespace bf { -using RuleLogBitset = std::bitset<_BF_PKTHDR_MAX>; +using RuleLogBitset = std::bitset<_BF_LOG_OPT_MAX>; class Rule { diff --git a/tests/harness/fake.c b/tests/harness/fake.c index 8792305d7..f29538b67 100644 --- a/tests/harness/fake.c +++ b/tests/harness/fake.c @@ -189,7 +189,7 @@ struct bf_rule *bft_rule_dummy(size_t n_matchers) return NULL; rule->index = 0; - rule->log = BF_FLAGS(BF_PKTHDR_INTERNET, BF_PKTHDR_TRANSPORT); + rule->log = BF_FLAGS(BF_LOG_OPT_INTERNET, BF_LOG_OPT_TRANSPORT); rule->mark = 0x17; rule->counters = true; rule->verdict = BF_VERDICT_ACCEPT; diff --git a/tests/unit/libbpfilter/rule.c b/tests/unit/libbpfilter/rule.c index b70f99653..3b7c431f2 100644 --- a/tests/unit/libbpfilter/rule.c +++ b/tests/unit/libbpfilter/rule.c @@ -15,8 +15,9 @@ static void to_from_str(void **state) { (void)state; - assert_enum_to_from_str(enum bf_pkthdr, bf_pkthdr_to_str, - bf_pkthdr_from_str, BF_PKTHDR_LINK, _BF_PKTHDR_MAX); + assert_enum_to_from_str(enum bf_log_opt, bf_log_opt_to_str, + bf_log_opt_from_str, BF_LOG_OPT_LINK, + _BF_LOG_OPT_MAX); } static void new_and_free(void **state)