On Fri, Aug 25, 2017 at 4:28 AM, 周小明 via iovisor-dev <
iovisor-dev@lists.iovisor.org> wrote:
> Now i want to modify something of the skb with the ebpf in the prog_type
> kprobe.
> However, the help function `bpf_skb_store_bytes` is not supported with the
> prog_type BPF_PROG_TYPE_KPROBE.
> I test
Now i want to modify something of the skb with the ebpf in the prog_type kprobe.
However, the help function `bpf_skb_store_bytes` is not supported with the
prog_type BPF_PROG_TYPE_KPROBE.
I test it with the error `unknow func`
And I want to ask is there a way to modify skb with ebpf in kprobe
This is the problem:
static inline uint16_t parse_tcp_pld(void *data, u64 nh_off, void *data_end) {
uint16_t *pld = data + nh_off;
if ((void*)&pld[1] > data_end)
return 0;
return pld;
}
return value should be "void *" or "uint16_t *".
In the future, we will try to add more diagnostic in
If I just copy your swapu16 function into my code (and it looks very similar to
mine) the result continues to be the same (error).
Here is a gist with python and c-components of my program
https://gist.github.com/ibaldin/716d70d490b44e05d15db59ee983c0c0
Looking at the BPF byte code print out f
Thank you! Let me run a gap analysis to see what’s different.
-ilya
Ilya Baldin
Director, Networking Research and Infrastructure
RENCI/UNC Chapel Hill
http://www.renci.org
On Aug 24, 2017, at 3:32 PM, Brenden Blanco
mailto:bbla...@gmail.com>> wrote:
On Thu, Aug 24, 2017 at 12:25 PM, Y Song
ma
I’m staring at the BPF ‘pseudocode’ now. I wouldn’t put it past me to do
something stupid.
-ilya
Ilya Baldin
On Aug 24, 2017, at 3:25 PM, Y Song
mailto:ys114...@gmail.com>> wrote:
On Thu, Aug 24, 2017 at 12:17 PM, Ilya Baldin
mailto:ibal...@renci.org>> wrote:
Thank you, everyone for the repl
On Thu, Aug 24, 2017 at 12:25 PM, Y Song wrote:
> On Thu, Aug 24, 2017 at 12:17 PM, Ilya Baldin wrote:
>> Thank you, everyone for the replies. This explains about bpf_probe_read.
>>
>> I tried the approach below (changed the check to offset +1) however that
>> didn’t help, I still get the same er
On Thu, Aug 24, 2017 at 12:17 PM, Ilya Baldin wrote:
> Thank you, everyone for the replies. This explains about bpf_probe_read.
>
> I tried the approach below (changed the check to offset +1) however that
> didn’t help, I still get the same error and BCC refuses to load the program
>
> R0=inv,min
Thank you, everyone for the replies. This explains about bpf_probe_read.
I tried the approach below (changed the check to offset +1) however that didn’t
help, I still get the same error and BCC refuses to load the program
R0=inv,min_value=2,max_value=65537,min_align=1,aux_off_align=2
R1=inv,mi
On Thu, Aug 24, 2017 at 9:26 AM, Daniel Borkmann via iovisor-dev
wrote:
> On 08/24/2017 06:17 PM, Y Song wrote:
>>
>> CC to bcc mailing list as well.
>>
>> bpf_probe_read is not allowed in XDP programs.
>>
>> Your comparison may need to comparison not just starting offset, but
>> also including th
On 08/24/2017 06:17 PM, Y Song wrote:
CC to bcc mailing list as well.
bpf_probe_read is not allowed in XDP programs.
Your comparison may need to comparison not just starting offset, but
also including the memory size so the
whole write won't fall beyond the "data_end".
Regarding to bcc transla
CC to bcc mailing list as well.
bpf_probe_read is not allowed in XDP programs.
Your comparison may need to comparison not just starting offset, but
also including the memory size so the
whole write won't fall beyond the "data_end".
Regarding to bcc translates "start[off2]" to bpf_probe_read, it
12 matches
Mail list logo
