diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | cmd/ioriotng/main.go | 5 | ||||
| -rw-r--r-- | internal/ioriotng.go | 22 | ||||
| -rw-r--r-- | ioriotng.bpf.c | 4 | ||||
| -rw-r--r-- | maps.bpf.h | 6 |
5 files changed, 11 insertions, 28 deletions
@@ -29,4 +29,4 @@ clean: .PHONY: run run: - sudo ./ioriotng + sudo ./ioriotng -uid $$(id -u) diff --git a/cmd/ioriotng/main.go b/cmd/ioriotng/main.go index 16771a0..5173cbb 100644 --- a/cmd/ioriotng/main.go +++ b/cmd/ioriotng/main.go @@ -2,10 +2,9 @@ package main import ( "ioriotng/internal" + "ioriotng/internal/flags" ) func main() { - // Here could be some flag parsing.... - - internal.Run() + internal.Run(flags.New()) } diff --git a/internal/ioriotng.go b/internal/ioriotng.go index b34a5cf..94c8030 100644 --- a/internal/ioriotng.go +++ b/internal/ioriotng.go @@ -10,9 +10,9 @@ import ( "log" "runtime" "sync" - "unsafe" "ioriotng/internal/debugfs" + "ioriotng/internal/flags" "ioriotng/internal/tracepoints" bpf "github.com/aquasecurity/libbpfgo" @@ -70,23 +70,7 @@ func resizeMap(module *bpf.Module, name string, size uint32) error { return nil } -func config(bpfModule *bpf.Module) error { - configMap, err := bpfModule.GetMap("config_map") - if err != nil { - return err - } - - config := struct { - UidFilter int32 - }{ - UidFilter: 1001, // TODO: Make configurable via flag, - } - - key := uint32(1) - return configMap.Update(unsafe.Pointer(&key), unsafe.Pointer(&config)) -} - -func Run() { +func Run(flags flags.Flags) { // To consider for implementation! log.Println(debugfs.TracepointsWithFd()) @@ -108,7 +92,7 @@ func Run() { log.Fatal(err) } - if err := config(bpfModule); err != nil { + if err := flags.SetBPF(bpfModule); err != nil { log.Fatal(err) } diff --git a/ioriotng.bpf.c b/ioriotng.bpf.c index c064364..3eb2e93 100644 --- a/ioriotng.bpf.c +++ b/ioriotng.bpf.c @@ -7,8 +7,8 @@ static inline int filter() { u32 key = 1; - struct config *c = bpf_map_lookup_elem(&config_map, &key); - return c == NULL || (bpf_get_current_uid_gid() & 0xFFFFFFFF) != c->uid_filter; + struct flags *flagsp = bpf_map_lookup_elem(&flags_map, &key); + return flagsp == NULL || (bpf_get_current_uid_gid() & 0xFFFFFFFF) != flagsp->uid_filter; } SEC("tracepoint/syscalls/sys_enter_open") @@ -4,16 +4,16 @@ #define MAX_FILENAME_LENGTH 256 #define MAX_PROGNAME_LENGTH 16 -struct config { +struct flags { __u32 uid_filter; }; struct { __uint(type, BPF_MAP_TYPE_HASH); __type(key, u32); - __type(value, struct config); + __type(value, struct flags); __uint(max_entries, 1 << 24); -} config_map SEC(".maps"); +} flags_map SEC(".maps"); struct open_event { __s32 fd; |