Skip to content

[1/2] Add flavor-specific log codegen callback #486

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
yaakov-stein wants to merge 5 commits into
base: main
Choose a base branch
from
Open

[1/2] Add flavor-specific log codegen callback #486

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
083aa27
lib: cgen: rename log elfstub to pkt_log
yaakov-stein Mar 20, 2026
c7e85d2
lib: runtime: restructure bf_log with tagged union
yaakov-stein Mar 20, 2026
a7bc7c5
lib: rename bf_pkthdr to bf_log_opt
yaakov-stein Mar 20, 2026
3f33c9f
lib: cgen: move packet codegen out of matcher directory
yaakov-stein Mar 20, 2026
91afd74
lib: cgen: add gen_inline_log flavor callback
yaakov-stein Mar 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion doc/Doxyfile.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,8 @@ GENERATE_PERLMOD = NO
#---------------------------------------------------------------------------
INCLUDE_PATH = "@CMAKE_SOURCE_DIR@/src" "@CMAKE_SOURCE_DIR@/tests"
MACRO_EXPANSION = YES
PREDEFINED = bf_aligned(x)=
PREDEFINED = bf_aligned(x)= \
DOXYGEN

#---------------------------------------------------------------------------
# Configuration options related to diagram generator tools
Expand Down
2 changes: 1 addition & 1 deletion src/bfcli/lexer.l
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ log { BEGIN(STATE_LOG_OPTS); return LOG; }
[0-9a-zA-Z]+(,[0-9a-zA-Z]+)* {
BEGIN(INITIAL);
yylval.sval = strdup(yytext);
return LOG_HEADERS;
return LOG_OPTS;
}
}

Expand Down
12 changes: 6 additions & 6 deletions src/bfcli/parser.y
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@
%token SET
%token LOG COUNTER MARK
%token REDIRECT_TOKEN
%token <sval> LOG_HEADERS
%token <sval> LOG_OPTS
%token <sval> SET_TYPE
%token <sval> SET_RAW_PAYLOAD
%token <sval> STRING
Expand Down Expand Up @@ -320,7 +320,7 @@ rule : RULE matchers rule_options rule_verdict
}
;

rule_option : LOG LOG_HEADERS
rule_option : LOG LOG_OPTS
{
_cleanup_free_ char *in = $2;
char *tmp = in;
Expand All @@ -329,12 +329,12 @@ rule_option : LOG LOG_HEADERS
uint8_t log = 0;

while ((token = strtok_r(tmp, ",", &saveptr))) {
enum bf_pkthdr header;
enum bf_log_opt opt;

if (bf_pkthdr_from_str(token, &header) < 0)
bf_parse_err("unknown packet header '%s'", token);
if (bf_log_opt_from_str(token, &opt) < 0)
bf_parse_err("unknown log option '%s'", token);

log |= BF_FLAG(header);
log |= BF_FLAG(opt);

tmp = NULL;
}
Expand Down
39 changes: 21 additions & 18 deletions src/bfcli/print.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -265,12 +265,12 @@ void bfc_chain_dump(struct bf_chain *chain, struct bf_hookopts *hookopts,

(void)fprintf(stdout, " log ");

for (enum bf_pkthdr hdr = 0; hdr < _BF_PKTHDR_MAX; ++hdr) {
if (!(log & BF_FLAG(hdr)))
for (enum bf_log_opt opt = 0; opt < _BF_LOG_OPT_MAX; ++opt) {
if (!(log & BF_FLAG(opt)))
continue;

log &= ~BF_FLAG(hdr);
(void)fprintf(stdout, "%s%s", bf_pkthdr_to_str(hdr),
log &= ~BF_FLAG(opt);
(void)fprintf(stdout, "%s%s", bf_log_opt_to_str(opt),
log ? "," : "\n");
}
}
Expand Down Expand Up @@ -373,17 +373,17 @@ static void _bf_chain_log_header(const struct bf_log *log)
bf_logger_get_color(BF_COLOR_LIGHT_CYAN, BF_STYLE_NORMAL), time_str,
time.tv_nsec / BF_TIME_US,
bf_logger_get_color(BF_COLOR_RESET, BF_STYLE_RESET), log->rule_id,
bf_logger_get_color(BF_COLOR_DEFAULT, BF_STYLE_BOLD), log->pkt_size,
bf_logger_get_color(BF_COLOR_DEFAULT, BF_STYLE_BOLD), log->pkt.pkt_size,
bf_logger_get_color(BF_COLOR_RESET, BF_STYLE_RESET),
bf_verdict_to_str((enum bf_verdict)log->verdict));
}

static void _bf_chain_log_l2(const struct bf_log *log)
{
struct ethhdr *ethhdr = (void *)log->l2hdr;
struct ethhdr *ethhdr = (void *)log->pkt.l2hdr;
const char *ethertype;

if (!(log->headers & (1 << BF_PKTHDR_LINK))) {
if (!(log->pkt.headers & (1 << BF_LOG_OPT_LINK))) {
(void)fprintf(stdout, " Ethernet : <unknown header>\n");
return;
}
Expand Down Expand Up @@ -418,14 +418,14 @@ static void _bf_chain_log_l3(const struct bf_log *log)
char dst_addr[INET6_ADDRSTRLEN];
const char *protocol;

if (!(log->headers & (1 << BF_PKTHDR_INTERNET))) {
if (!(log->pkt.headers & (1 << BF_LOG_OPT_INTERNET))) {
(void)fprintf(stdout, " Internet : <unknown header>\n");
return;
}

switch (log->l3_proto) {
case ETH_P_IP:
iphdr = (struct iphdr *)&log->l3hdr[0];
iphdr = (struct iphdr *)&log->pkt.l3hdr[0];

inet_ntop(AF_INET, &iphdr->saddr, src_addr, sizeof(src_addr));
inet_ntop(AF_INET, &iphdr->daddr, dst_addr, sizeof(dst_addr));
Expand All @@ -451,7 +451,7 @@ static void _bf_chain_log_l3(const struct bf_log *log)
break;

case ETH_P_IPV6:
ipv6hdr = (struct ipv6hdr *)log->l3hdr;
ipv6hdr = (struct ipv6hdr *)log->pkt.l3hdr;

inet_ntop(AF_INET6, &ipv6hdr->saddr, src_addr, sizeof(src_addr));
inet_ntop(AF_INET6, &ipv6hdr->daddr, dst_addr, sizeof(dst_addr));
Expand Down Expand Up @@ -490,14 +490,14 @@ static void _bf_chain_log_l4(const struct bf_log *log)
struct udphdr *udphdr;
const char *tcp_flags_str;

if (!(log->headers & (1 << BF_PKTHDR_TRANSPORT))) {
if (!(log->pkt.headers & (1 << BF_LOG_OPT_TRANSPORT))) {
(void)fprintf(stdout, " Transport : <unknown header>\n");
return;
}

switch (log->l4_proto) {
case IPPROTO_TCP:
tcphdr = (struct tcphdr *)log->l4hdr;
tcphdr = (struct tcphdr *)log->pkt.l4hdr;
tcp_flags_str = _bf_tcp_flags_to_str(tcphdr);

(void)fprintf(stdout, " TCP : %s%-5u%s → %s%-5u%s",
Expand All @@ -522,7 +522,7 @@ static void _bf_chain_log_l4(const struct bf_log *log)
break;

case IPPROTO_UDP:
udphdr = (struct udphdr *)log->l4hdr;
udphdr = (struct udphdr *)log->pkt.l4hdr;

(void)fprintf(stdout, " UDP : %s%-5u%s → %s%-5u%s [len=%u]\n",
bf_logger_get_color(BF_COLOR_LIGHT_YELLOW, BF_STYLE_BOLD),
Expand All @@ -535,7 +535,7 @@ static void _bf_chain_log_l4(const struct bf_log *log)
break;

case IPPROTO_ICMP:
icmphdr = (struct icmphdr *)log->l4hdr;
icmphdr = (struct icmphdr *)log->pkt.l4hdr;

(void)fprintf(stdout, " ICMP : type=%-3u code=%-3u",
icmphdr->type, icmphdr->code);
Expand All @@ -550,7 +550,7 @@ static void _bf_chain_log_l4(const struct bf_log *log)
break;

case IPPROTO_ICMPV6:
icmp6hdr = (struct icmp6hdr *)log->l4hdr;
icmp6hdr = (struct icmp6hdr *)log->pkt.l4hdr;

(void)fprintf(stdout, " ICMPv6 : type=%-3u code=%-3u",
icmp6hdr->icmp6_type, icmp6hdr->icmp6_code);
Expand All @@ -573,12 +573,15 @@ static void _bf_chain_log_l4(const struct bf_log *log)

void bfc_print_log(const struct bf_log *log)
{
if (log->log_type != BF_LOG_TYPE_PACKET)
return;

_bf_chain_log_header(log);

if (log->req_headers & (1 << BF_PKTHDR_LINK))
if (log->pkt.req_headers & (1 << BF_LOG_OPT_LINK))
_bf_chain_log_l2(log);
if (log->req_headers & (1 << BF_PKTHDR_INTERNET))
if (log->pkt.req_headers & (1 << BF_LOG_OPT_INTERNET))
_bf_chain_log_l3(log);
if (log->req_headers & (1 << BF_PKTHDR_TRANSPORT))
if (log->pkt.req_headers & (1 << BF_LOG_OPT_TRANSPORT))
_bf_chain_log_l4(log);
}
4 changes: 2 additions & 2 deletions src/libbpfilter/CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,9 +64,9 @@ set(libbpfilter_srcs
${CMAKE_CURRENT_SOURCE_DIR}/cgen/jmp.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/jmp.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/cmp.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/cmp.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/meta.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/meta.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/packet.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/packet.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/set.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/matcher/set.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/nf.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/nf.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/packet.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/packet.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/printer.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/printer.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/program.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/program.c
${CMAKE_CURRENT_SOURCE_DIR}/cgen/prog/link.h ${CMAKE_CURRENT_SOURCE_DIR}/cgen/prog/link.c
Expand Down Expand Up @@ -109,7 +109,7 @@ bf_target_add_elfstubs(libbpfilter
"parse_ipv6_eh"
"parse_ipv6_nh"
"update_counters"
"log"
"pkt_log"
"flow_hash"
)

Expand Down
58 changes: 0 additions & 58 deletions src/libbpfilter/bpf/log.bpf.c
View file
Open in desktop

This file was deleted.

59 changes: 59 additions & 0 deletions src/libbpfilter/bpf/pkt_log.bpf.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
/* SPDX-License-Identifier: GPL-2.0-only */
/*
* Copyright (c) Meta Platforms, Inc. and affiliates.
*/

#include <linux/bpf.h>

#include <bpf/bpf_endian.h>
#include <bpf/bpf_helpers.h>
#include <stddef.h>

#include "cgen/runtime.h"

__u8 bf_pkt_log(struct bf_runtime *ctx, __u32 rule_id, __u8 headers,
__u32 verdict, __u32 l3_l4_proto)
{
struct bf_log *log;
__u16 l3_proto = (__u16)(l3_l4_proto >> 16);
__u8 l4_proto = (__u8)l3_l4_proto;

log = bpf_ringbuf_reserve(ctx->log_map, sizeof(struct bf_log), 0);
if (!log) {
bpf_printk("failed to reserve %d bytes in ringbuf",
sizeof(struct bf_log));
return 1;
}

log->ts = bpf_ktime_get_ns();
log->rule_id = rule_id;
log->verdict = verdict;
log->l3_proto = bpf_ntohs(l3_proto);
log->l4_proto = l4_proto;
log->log_type = BF_LOG_TYPE_PACKET;
log->pkt.pkt_size = ctx->pkt_size;
log->pkt.req_headers = headers;
log->pkt.headers = 0;

if (headers & (1 << BF_LOG_OPT_LINK) && ctx->l2_hdr &&
ctx->l2_size <= BF_L2_SLICE_LEN) {
bpf_probe_read_kernel(log->pkt.l2hdr, ctx->l2_size, ctx->l2_hdr);
log->pkt.headers |= (1 << BF_LOG_OPT_LINK);
}

if (headers & (1 << BF_LOG_OPT_INTERNET) && ctx->l3_hdr &&
ctx->l3_size <= BF_L3_SLICE_LEN) {
bpf_probe_read_kernel(log->pkt.l3hdr, ctx->l3_size, ctx->l3_hdr);
log->pkt.headers |= (1 << BF_LOG_OPT_INTERNET);
}

if (headers & (1 << BF_LOG_OPT_TRANSPORT) && ctx->l4_hdr &&
ctx->l4_size <= BF_L4_SLICE_LEN) {
bpf_probe_read_kernel(log->pkt.l4hdr, ctx->l4_size, ctx->l4_hdr);
log->pkt.headers |= (1 << BF_LOG_OPT_TRANSPORT);
}

bpf_ringbuf_submit(log, 0);

return 0;
}
5 changes: 3 additions & 2 deletions src/libbpfilter/cgen/cgroup_skb.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@

#include "cgen/cgen.h"
#include "cgen/matcher/cmp.h"
#include "cgen/matcher/packet.h"
#include "cgen/packet.h"
#include "cgen/program.h"
#include "cgen/stub.h"
#include "cgen/swich.h"
Expand Down Expand Up @@ -133,7 +133,7 @@ static int _bf_cgroup_skb_gen_inline_matcher(struct bf_program *program,
return bf_cmp_value(program, bf_matcher_get_op(matcher),
bf_matcher_payload(matcher), 4, BPF_REG_1);
default:
return bf_matcher_generate_packet(program, matcher);
return bf_packet_gen_inline_matcher(program, matcher);
}
}

Expand Down Expand Up @@ -161,4 +161,5 @@ const struct bf_flavor_ops bf_flavor_ops_cgroup_skb = {
.gen_inline_set_mark = _bf_cgroup_skb_gen_inline_set_mark,
.get_verdict = _bf_cgroup_skb_get_verdict,
.gen_inline_matcher = _bf_cgroup_skb_gen_inline_matcher,
.gen_inline_log = bf_packet_gen_inline_log,
};
11 changes: 11 additions & 0 deletions src/libbpfilter/cgen/cgroup_sock_addr.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,9 +273,20 @@ static int _bf_cgroup_sock_addr_get_verdict(enum bf_verdict verdict)
}
}

static int _bf_cgroup_sock_addr_gen_inline_log(struct bf_program *program,
const struct bf_rule *rule)
{
(void)program;
(void)rule;

return bf_err_r(-ENOTSUP,
"logging is not yet supported for cgroup_sock_addr");
}

const struct bf_flavor_ops bf_flavor_ops_cgroup_sock_addr = {
.gen_inline_prologue = _bf_cgroup_sock_addr_gen_inline_prologue,
.gen_inline_epilogue = _bf_cgroup_sock_addr_gen_inline_epilogue,
.get_verdict = _bf_cgroup_sock_addr_get_verdict,
.gen_inline_matcher = _bf_cgroup_sock_addr_gen_inline_matcher,
.gen_inline_log = _bf_cgroup_sock_addr_gen_inline_log,
};
5 changes: 3 additions & 2 deletions src/libbpfilter/cgen/nf.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@

#include "cgen/jmp.h"
#include "cgen/matcher/cmp.h"
#include "cgen/matcher/packet.h"
#include "cgen/packet.h"
#include "cgen/program.h"
#include "cgen/stub.h"
#include "cgen/swich.h"
Expand Down Expand Up @@ -149,7 +149,7 @@ static int _bf_nf_gen_inline_matcher(struct bf_program *program,
return bf_cmp_value(program, bf_matcher_get_op(matcher),
bf_matcher_payload(matcher), 4, BPF_REG_1);
default:
return bf_matcher_generate_packet(program, matcher);
return bf_packet_gen_inline_matcher(program, matcher);
}
}

Expand All @@ -176,4 +176,5 @@ const struct bf_flavor_ops bf_flavor_ops_nf = {
.gen_inline_epilogue = _bf_nf_gen_inline_epilogue,
.get_verdict = _bf_nf_get_verdict,
.gen_inline_matcher = _bf_nf_gen_inline_matcher,
.gen_inline_log = bf_packet_gen_inline_log,
};
Loading
Loading