cilium · olsajiri · Jan 7, 2025 · Dec 19, 2024 · Dec 19, 2024 · Dec 19, 2024
@@ -12,19 +12,10 @@
 #include "retprobe_map.h"
 #include "types/operations.h"
 #include "types/basic.h"
-#include "generic_calls.h"
-#include "pfilter.h"
 #include "policy_filter.h"
 
 char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL";
 
-struct {
-	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct msg_generic_kprobe);
-} process_call_heap SEC(".maps");
-
 int generic_kprobe_setup_event(void *ctx);
 int generic_kprobe_process_event(void *ctx);
 int generic_kprobe_process_filter(void *ctx);
@@ -48,51 +39,8 @@ struct {
 	},
 };
 
-struct {
-	__uint(type, BPF_MAP_TYPE_HASH);
-	__uint(max_entries, 1); // will be resized by agent when needed
-	__type(key, __u64);
-	__type(value, __s32);
-} override_tasks SEC(".maps");
-
-#ifdef __LARGE_BPF_PROG
-struct {
-	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct msg_data);
-} data_heap SEC(".maps");
-#define data_heap_ptr &data_heap
-#else
-#define data_heap_ptr 0
-#endif
-
-struct filter_map_value {
-	unsigned char buf[FILTER_SIZE];
-};
-
-/* Arrays of size 1 will be rewritten to direct loads in verifier */
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, int);
-	__type(value, struct filter_map_value);
-} filter_map SEC(".maps");
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct event_config);
-} config_map SEC(".maps");
-
-static struct generic_maps maps = {
-	.heap = (struct bpf_map_def *)&process_call_heap,
-	.calls = (struct bpf_map_def *)&kprobe_calls,
-	.config = (struct bpf_map_def *)&config_map,
-	.filter = (struct bpf_map_def *)&filter_map,
-	.override = (struct bpf_map_def *)&override_tasks,
-};
+#include "generic_maps.h"
+#include "generic_calls.h"
 
 #ifdef __MULTI_KPROBE
 #define MAIN	 "kprobe.multi/generic_kprobe"
@@ -128,36 +76,27 @@ static struct generic_maps maps = {
 __attribute__((section((MAIN)), used)) int
 generic_kprobe_event(struct pt_regs *ctx)
 {
-	return generic_start_process_filter(ctx, &maps);
+	return generic_start_process_filter(ctx, (struct bpf_map_def *)&kprobe_calls);
 }
 
 __attribute__((section("kprobe"), used)) int
 generic_kprobe_setup_event(void *ctx)
 {
-	return generic_process_event_and_setup(
-		ctx, (struct bpf_map_def *)&process_call_heap,
-		(struct bpf_map_def *)&kprobe_calls,
-		(struct bpf_map_def *)&config_map,
-		(struct bpf_map_def *)data_heap_ptr);
+	return generic_process_event_and_setup(ctx, (struct bpf_map_def *)&kprobe_calls);
 }
 
 __attribute__((section("kprobe"), used)) int
 generic_kprobe_process_event(void *ctx)
 {
-	return generic_process_event(ctx,
-				     (struct bpf_map_def *)&process_call_heap,
-				     (struct bpf_map_def *)&kprobe_calls,
-				     (struct bpf_map_def *)&config_map,
-				     (struct bpf_map_def *)data_heap_ptr);
+	return generic_process_event(ctx, (struct bpf_map_def *)&kprobe_calls);
 }
 
 __attribute__((section("kprobe"), used)) int
 generic_kprobe_process_filter(void *ctx)
 {
 	int ret;
 
-	ret = generic_process_filter((struct bpf_map_def *)&process_call_heap,
-				     (struct bpf_map_def *)&filter_map);
+	ret = generic_process_filter();
 	if (ret == PFILTER_CONTINUE)
 		tail_call(ctx, &kprobe_calls, TAIL_CALL_FILTER);
 	else if (ret == PFILTER_ACCEPT)
@@ -171,24 +110,20 @@ generic_kprobe_process_filter(void *ctx)
 __attribute__((section("kprobe"), used)) int
 generic_kprobe_filter_arg(void *ctx)
 {
-	return filter_read_arg(ctx, (struct bpf_map_def *)&process_call_heap,
-			       (struct bpf_map_def *)&filter_map,
-			       (struct bpf_map_def *)&kprobe_calls,
-			       (struct bpf_map_def *)&config_map,
-			       true);
+	return generic_filter_arg(ctx, (struct bpf_map_def *)&kprobe_calls, true);
 }
 
 __attribute__((section("kprobe"), used)) int
 generic_kprobe_actions(void *ctx)
 {
-	generic_actions(ctx, &maps);
+	generic_actions(ctx, (struct bpf_map_def *)&kprobe_calls);
 	return 0;
 }
 
 __attribute__((section("kprobe"), used)) int
 generic_kprobe_output(void *ctx)
 {
-	return generic_output(ctx, (struct bpf_map_def *)&process_call_heap, MSG_OP_GENERIC_KPROBE);
+	return generic_output(ctx, MSG_OP_GENERIC_KPROBE);
 }
 
 __attribute__((section(OVERRIDE), used)) int

@@ -15,17 +15,9 @@
 #include "retprobe_map.h"
 #include "types/operations.h"
 #include "types/basic.h"
-#include "generic_calls.h"
 
 char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL";
 
-struct {
-	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct msg_generic_kprobe);
-} process_call_heap SEC(".maps");
-
 int generic_lsm_setup_event(void *ctx);
 int generic_lsm_process_event(void *ctx);
 int generic_lsm_process_filter(void *ctx);
@@ -47,87 +39,35 @@ struct {
 	},
 };
 
-struct {
-	__uint(type, BPF_MAP_TYPE_HASH);
-	__uint(max_entries, 32768);
-	__type(key, __u64);
-	__type(value, __s32);
-} override_tasks SEC(".maps");
-
-struct filter_map_value {
-	unsigned char buf[FILTER_SIZE];
-};
-
-/* Arrays of size 1 will be rewritten to direct loads in verifier */
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, int);
-	__type(value, struct filter_map_value);
-} filter_map SEC(".maps");
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct event_config);
-} config_map SEC(".maps");
-
-#ifdef __LARGE_BPF_PROG
-struct {
-	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct msg_data);
-} data_heap SEC(".maps");
-#define data_heap_ptr &data_heap
-#else
-#define data_heap_ptr 0
-#endif
-
-static struct generic_maps maps = {
-	.heap = (struct bpf_map_def *)&process_call_heap,
-	.calls = (struct bpf_map_def *)&lsm_calls,
-	.config = (struct bpf_map_def *)&config_map,
-	.filter = (struct bpf_map_def *)&filter_map,
-	.override = (struct bpf_map_def *)&override_tasks,
-};
+#include "generic_maps.h"
+#include "generic_calls.h"
 
 #define MAIN "lsm/generic_lsm_core"
 
 __attribute__((section((MAIN)), used)) int
 generic_lsm_event(struct pt_regs *ctx)
 {
-	return generic_start_process_filter(ctx, &maps);
+	return generic_start_process_filter(ctx, (struct bpf_map_def *)&lsm_calls);
 }
 
 __attribute__((section("lsm"), used)) int
 generic_lsm_setup_event(void *ctx)
 {
-	return generic_process_event_and_setup(
-		ctx, (struct bpf_map_def *)&process_call_heap,
-		(struct bpf_map_def *)&lsm_calls,
-		(struct bpf_map_def *)&config_map,
-		(struct bpf_map_def *)data_heap_ptr);
+	return generic_process_event_and_setup(ctx, (struct bpf_map_def *)&lsm_calls);
 }
 
 __attribute__((section("lsm"), used)) int
 generic_lsm_process_event(void *ctx)
 {
-	return generic_process_event(ctx,
-				     (struct bpf_map_def *)&process_call_heap,
-				     (struct bpf_map_def *)&lsm_calls,
-				     (struct bpf_map_def *)&config_map,
-				     (struct bpf_map_def *)data_heap_ptr);
+	return generic_process_event(ctx, (struct bpf_map_def *)&lsm_calls);
 }
 
 __attribute__((section("lsm"), used)) int
 generic_lsm_process_filter(void *ctx)
 {
 	int ret;
 
-	ret = generic_process_filter((struct bpf_map_def *)&process_call_heap,
-				     (struct bpf_map_def *)&filter_map);
+	ret = generic_process_filter();
 	if (ret == PFILTER_CONTINUE)
 		tail_call(ctx, &lsm_calls, TAIL_CALL_FILTER);
 	else if (ret == PFILTER_ACCEPT)
@@ -138,17 +78,13 @@ generic_lsm_process_filter(void *ctx)
 __attribute__((section("lsm"), used)) int
 generic_lsm_filter_arg(void *ctx)
 {
-	return filter_read_arg(ctx, (struct bpf_map_def *)&process_call_heap,
-			       (struct bpf_map_def *)&filter_map,
-			       (struct bpf_map_def *)&lsm_calls,
-			       (struct bpf_map_def *)&config_map,
-			       true);
+	return generic_filter_arg(ctx, (struct bpf_map_def *)&lsm_calls, true);
 }
 
 __attribute__((section("lsm"), used)) int
 generic_lsm_actions(void *ctx)
 {
-	bool postit = generic_actions(ctx, &maps);
+	bool postit = generic_actions(ctx, (struct bpf_map_def *)&lsm_calls);
 
 	struct msg_generic_kprobe *e;
 	int zero = 0;

@@ -12,27 +12,10 @@
 #include "bpf_lsm_ima.h"
 #include "retprobe_map.h"
 #include "types/basic.h"
+#include "generic_maps.h"
 
 char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL";
 
-struct filter_map_value {
-	unsigned char buf[FILTER_SIZE];
-};
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, int);
-	__type(value, struct filter_map_value);
-} filter_map SEC(".maps");
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct event_config);
-} config_map SEC(".maps");
-
 __attribute__((section("lsm.s/generic_lsm_ima_bprm"), used)) int
 BPF_PROG(ima_bprm, struct linux_binprm *bprm)
 {

@@ -12,27 +12,10 @@
 #include "bpf_lsm_ima.h"
 #include "retprobe_map.h"
 #include "types/basic.h"
+#include "generic_maps.h"
 
 char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL";
 
-struct filter_map_value {
-	unsigned char buf[FILTER_SIZE];
-};
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, int);
-	__type(value, struct filter_map_value);
-} filter_map SEC(".maps");
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct event_config);
-} config_map SEC(".maps");
-
 __attribute__((section("lsm.s/generic_lsm_ima_file"), used)) int
 BPF_PROG(ima_file, struct file *file)
 {

@@ -14,41 +14,12 @@
 #include "bpf_task.h"
 #include "retprobe_map.h"
 #include "types/basic.h"
+#include "generic_maps.h"
 
-char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL";
-
-struct {
-	__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct msg_generic_kprobe);
-} process_call_heap SEC(".maps");
-
-struct {
-	__uint(type, BPF_MAP_TYPE_HASH);
-	__uint(max_entries, 32768);
-	__type(key, __u64);
-	__type(value, __s32);
-} override_tasks SEC(".maps");
+#include "generic_maps.h"
+#include "generic_calls.h"
 
-struct filter_map_value {
-	unsigned char buf[FILTER_SIZE];
-};
-
-/* Arrays of size 1 will be rewritten to direct loads in verifier */
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, int);
-	__type(value, struct filter_map_value);
-} filter_map SEC(".maps");
-
-struct {
-	__uint(type, BPF_MAP_TYPE_ARRAY);
-	__uint(max_entries, 1);
-	__type(key, __u32);
-	__type(value, struct event_config);
-} config_map SEC(".maps");
+char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL";
 
 __attribute__((section("lsm/generic_lsm_output"), used)) int
 generic_lsm_output(void *ctx)
@@ -75,6 +46,6 @@ generic_lsm_output(void *ctx)
 	}
 #endif
 	if (e->lsm.post)
-		generic_output(ctx, (struct bpf_map_def *)&process_call_heap, MSG_OP_GENERIC_LSM);
+		generic_output(ctx, MSG_OP_GENERIC_LSM);
 	return try_override(ctx, (struct bpf_map_def *)&override_tasks);
 }