forked from ~ljy/RK356X_SDK_RELEASE
blame | history | patch | commit | commitdiff
hc
2023-12-11 072de836f53be56a70cecf70b43ae43b7ce17376 
 kernel/samples/bpf/test_probe_write_user_kern.c
....@@ -8,14 +8,17 @@
88 #include <linux/netdevice.h>
99 #include <uapi/linux/bpf.h>
1010 #include <linux/version.h>
11
-#include "bpf_helpers.h"
11
+#include <bpf/bpf_helpers.h>
12
+#include <bpf/bpf_tracing.h>
13
+#include <bpf/bpf_core_read.h>
14
+#include "trace_common.h"
1215 
13
-struct bpf_map_def SEC("maps") dnat_map = {
14
-	.type = BPF_MAP_TYPE_HASH,
15
-	.key_size = sizeof(struct sockaddr_in),
16
-	.value_size = sizeof(struct sockaddr_in),
17
-	.max_entries = 256,
18
-};
16
+struct {
17
+	__uint(type, BPF_MAP_TYPE_HASH);
18
+	__type(key, struct sockaddr_in);
19
+	__type(value, struct sockaddr_in);
20
+	__uint(max_entries, 256);
21
+} dnat_map SEC(".maps");
1922 
2023 /* kprobe is NOT a stable ABI
2124  * kernel functions can be removed, renamed or completely change semantics.
....@@ -25,18 +28,19 @@
2528  * This example sits on a syscall, and the syscall ABI is relatively stable
2629  * of course, across platforms, and over time, the ABI may change.
2730  */
28
-SEC("kprobe/sys_connect")
31
+SEC("kprobe/" SYSCALL(sys_connect))
2932 int bpf_prog1(struct pt_regs *ctx)
3033 {
34
+	struct pt_regs *real_regs = (struct pt_regs *)PT_REGS_PARM1_CORE(ctx);
35
+	void *sockaddr_arg = (void *)PT_REGS_PARM2_CORE(real_regs);
36
+	int sockaddr_len = (int)PT_REGS_PARM3_CORE(real_regs);
3137 	struct sockaddr_in new_addr, orig_addr = {};
3238 	struct sockaddr_in *mapped_addr;
33
-	void *sockaddr_arg = (void *)PT_REGS_PARM2(ctx);
34
-	int sockaddr_len = (int)PT_REGS_PARM3(ctx);
3539 
3640 	if (sockaddr_len > sizeof(orig_addr))
3741 		return 0;
3842 
39
-	if (bpf_probe_read(&orig_addr, sizeof(orig_addr), sockaddr_arg) != 0)
43
+	if (bpf_probe_read_user(&orig_addr, sizeof(orig_addr), sockaddr_arg) != 0)
4044 		return 0;
4145 
4246 	mapped_addr = bpf_map_lookup_elem(&dnat_map, &orig_addr);