[iovisor-dev] ebpf kprobe modify skb ?

2017-08-24 Thread 周小明 via iovisor-dev
Now i want to modify something of the skb with the ebpf in the prog_type kprobe. However, the help function `bpf_skb_store_bytes` is not supported with the prog_type BPF_PROG_TYPE_KPROBE. I test it with the error `unknow func` And I want to ask is there a way to modify skb with ebpf in kprobe

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Y Song via iovisor-dev
This is the problem: static inline uint16_t parse_tcp_pld(void *data, u64 nh_off, void *data_end) { uint16_t *pld = data + nh_off; if ((void*)[1] > data_end) return 0; return pld; } return value should be "void *" or "uint16_t *". In the future, we will try to add more diagnostic

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Ilya Baldin via iovisor-dev
If I just copy your swapu16 function into my code (and it looks very similar to mine) the result continues to be the same (error). Here is a gist with python and c-components of my program https://gist.github.com/ibaldin/716d70d490b44e05d15db59ee983c0c0 Looking at the BPF byte code print out

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Ilya Baldin via iovisor-dev
Thank you! Let me run a gap analysis to see what’s different. -ilya Ilya Baldin Director, Networking Research and Infrastructure RENCI/UNC Chapel Hill http://www.renci.org On Aug 24, 2017, at 3:32 PM, Brenden Blanco > wrote: On Thu, Aug 24, 2017 at

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Ilya Baldin via iovisor-dev
I’m staring at the BPF ‘pseudocode’ now. I wouldn’t put it past me to do something stupid. -ilya Ilya Baldin On Aug 24, 2017, at 3:25 PM, Y Song > wrote: On Thu, Aug 24, 2017 at 12:17 PM, Ilya Baldin >

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Brenden Blanco via iovisor-dev
On Thu, Aug 24, 2017 at 12:25 PM, Y Song wrote: > On Thu, Aug 24, 2017 at 12:17 PM, Ilya Baldin wrote: >> Thank you, everyone for the replies. This explains about bpf_probe_read. >> >> I tried the approach below (changed the check to offset +1) however that

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Ilya Baldin via iovisor-dev
Thank you, everyone for the replies. This explains about bpf_probe_read. I tried the approach below (changed the check to offset +1) however that didn’t help, I still get the same error and BCC refuses to load the program R0=inv,min_value=2,max_value=65537,min_align=1,aux_off_align=2

Re: [iovisor-dev] modifying packets in XDP

2017-08-24 Thread Y Song via iovisor-dev
CC to bcc mailing list as well. bpf_probe_read is not allowed in XDP programs. Your comparison may need to comparison not just starting offset, but also including the memory size so the whole write won't fall beyond the "data_end". Regarding to bcc translates "start[off2]" to bpf_probe_read, it