Age | Commit message (Collapse) | Author | Files | Lines |
|
Just shortly also mention JIT disassembler in conjunction with bpfc.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
This is a minimal stand-alone user space helper, that allows for debugging or
verification of emitted BPF JIT images. This is in particular useful for
emitted opcode debugging, since minor bugs in the JIT compiler can be fatal.
The disassembler is architecture generic and uses libopcodes and libbfd.
How to get to the disassembly, example:
1) `echo 2 > /proc/sys/net/core/bpf_jit_enable`
2) Load a BPF filter (e.g. `tcpdump -p -n -s 0 -i eth1 host 192.168.20.0/24`)
3) Run e.g. `bpf_jit_disasm -o` to disassemble the most recent JIT code output
`bpf_jit_disasm -o` will display the related opcodes to a particular instruction
as well. Example for x86_64:
$./bpf_jit_disasm
94 bytes emitted from JIT compiler (pass:3, flen:9)
ffffffffa0356000 + <x>:
0: push %rbp
1: mov %rsp,%rbp
4: sub $0x60,%rsp
8: mov %rbx,-0x8(%rbp)
c: mov 0x68(%rdi),%r9d
10: sub 0x6c(%rdi),%r9d
14: mov 0xe0(%rdi),%r8
1b: mov $0xc,%esi
20: callq 0xffffffffe0d01b71
25: cmp $0x86dd,%eax
2a: jne 0x000000000000003d
2c: mov $0x14,%esi
31: callq 0xffffffffe0d01b8d
36: cmp $0x6,%eax
[...]
5c: leaveq
5d: retq
$ ./bpf_jit_disasm -o
94 bytes emitted from JIT compiler (pass:3, flen:9)
ffffffffa0356000 + <x>:
0: push %rbp
55
1: mov %rsp,%rbp
48 89 e5
4: sub $0x60,%rsp
48 83 ec 60
8: mov %rbx,-0x8(%rbp)
48 89 5d f8
c: mov 0x68(%rdi),%r9d
44 8b 4f 68
10: sub 0x6c(%rdi),%r9d
44 2b 4f 6c
[...]
5c: leaveq
c9
5d: retq
c3
Note that this is also part of the Linux kernel source tree under
tools/net/. We also keep a copy of it here, since it is quite useful
in conjunction with bpfc for debugging purposes. However, we do not
integrate this small helper into the main build process. People who
care to have this need to compile it on their own which is not a big
deal.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Format larger text sections into subsections, include .PPs
and other fixups.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Minor change in BUGS section to bring it up to date.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Make the 2nd section of the description a bit easier to read by
splitting and rearranging sentences. Also add a few missing punctuations
or make it more consistent repectively.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Remove some unneeded stuff, and move other things around.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Add a paragraph about multi-threading with netsniff-ng.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Memory usage can never be negative, so make these members unsigned.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Add HARDENING=1 build option and move all hardening-related GCC
flags into this condition. This allows the user to choose whether
or not he wants to have a hardened build with some possible performance
tradeoff at load/runtime.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Add -z relro for linking, move --param ssp-buffer-size=4 to stack
protector flag, and more.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Some regarding unused parameter, some regarding signed/unsigned
comparison.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Include long version string into tools when called with --version.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Just a minor cosmetic fix.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
This patch allows bpf programs to be passed to the C preprocessor
before handing over to bpfc. Example:
#define ETH_P_IP 0x800
ldh [12]
jne #ETH_P_IP, drop
ldb [23]
jneq #6, drop
ldh [20]
jset #0x1fff, drop
ldxb 4 * ([14] & 0xf)
ldh [x + 14]
jeq #0x16, pass
ldh [x + 16]
jne #0x16, drop
pass: ret #-1
drop: ret #0
Compile with: bpfc -i foo -p
Suggested-by: John Lange <JLange@trendium.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Some minor edits all over the place.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
The extra branch is history for a while now, it's an internal staging
area instead.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Various edits all over.
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Signed-off-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Only use xfree where it makes sense, here not really.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Initial draft of curvetun manpage. Follow-up commits may come to fix
formating errors and the like.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
This patch implements the option and usage examples of curvetun.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
This patch escapes all '\' chars so that they get recognized. Also,
we add a short note at the end of the NOTE section to point to the
netsniff-ng(8) man page regarding tuning hints.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
It is quite useful to have an initial walkthrough for the interactive
mode documented, so add a first version of this [1] into the man page.
[1] original here: http://pub.netsniff-ng.org/docs/Mausezahn
Formatting still needs to be fixed up in follow-up commits.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Do not show the old mausezahn version in the prompt, since
we use a different versioning scheme.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
The tprintf module already uses a static variable named 'buffer', thus
rename the parameter to avoid a name clash. Found by compiling with
-Wshadow.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The entire packet is zeroed using memset() three lines above, thus there
is no need to set icmp->code and icmp->checksum to 0 explicitely again.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Jon reported that the setup via netlink of a raw 802.11 mon
device fails with:
root~/gencfg# trafgen --in beacon.cfg --rfraw --out wlan0
Waiting for netlink ack failed!
Let us only wait for it, if really needed.
Reported-by: Jon Schipp <jonschipp@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Add the index files generated by cscope and ctags to .gitignore.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The version() function was missed in the previous commit 785fe152
("trafgen: Add __noreturn attribute to exiting functions"), so add
__noreturn to it now.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return
but call die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return
but call die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return
but call die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return
but call die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return
but call die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return but call
die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add the __noreturn attribute to all functions which wont return but call
exit() (or die() respectively) themselves.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This can be used to mark functions which will call exit() by themselves.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
We need to break if we get NULL from pkt_pull() but the actual check was
inverted. This was discovered by the coverity scanner and missed in
commit b76adfd1 ("dissector: igmp: Fix erroneous null pointer check").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mention the fact that curvetun exits after printing either the help of
the version information.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mention the fact that astraceroute exits after printing either the help
of the version information.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make the wording consistent with the other man pages.
This was probably messed up by my previous commit which was not properly
split.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make the wording consistent with the other man pages.
This was probably messed up by my previous commit which was not properly
split.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Stephen Wadeley for his man page contributions.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Conflicts resolved by hand:
bpfc.8
ifpps.8
netsniff-ng.8
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Signed-off-by: Stephen Wadeley <swadeley@redhat.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|