rbbcc 0.0.1.pre
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +9 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +20 -0
- data/README.md +35 -0
- data/Rakefile +2 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/examples/hello_world.rb +6 -0
- data/lib/rbbcc/bcc.rb +119 -0
- data/lib/rbbcc/clib.rb +20 -0
- data/lib/rbbcc/consts.rb +23 -0
- data/lib/rbbcc/version.rb +3 -0
- data/lib/rbbcc.rb +6 -0
- data/rbbcc.gemspec +26 -0
- metadata +84 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: e221c0642b859704c7ed8d83c5a839eab1f44a82a17523bc59a7cfbc210abb1d
|
4
|
+
data.tar.gz: 400bd564a7b462eb56489222126ffda7aa0493d91c1fce654c4ce3420a77a5a8
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: ee72e3ebfc1d6c1ab96a9de7a0a6cef522410f0e9100bdc82d1b516a7f0f7460c874ddd5a9597b5d6e19ed88bd117a97da25ea92fd8586663c1d4de8c493957b
|
7
|
+
data.tar.gz: 9a85d74d9e8c42bb64e4166f7edeef19bb7449d76229fee81ad67a47df6617f4a5260527d7bc7fc16757134d6fa7a6b3709be1a38a1ab9ee8607682d7cc561bb
|
data/.gitignore
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
data/README.md
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
# Rbbcc
|
2
|
+
|
3
|
+
Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/rbbcc`. To experiment with that code, run `bin/console` for an interactive prompt.
|
4
|
+
|
5
|
+
TODO: Delete this and the text above, and describe your gem
|
6
|
+
|
7
|
+
## Installation
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
gem 'rbbcc'
|
13
|
+
```
|
14
|
+
|
15
|
+
And then execute:
|
16
|
+
|
17
|
+
$ bundle
|
18
|
+
|
19
|
+
Or install it yourself as:
|
20
|
+
|
21
|
+
$ gem install rbbcc
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
TODO: Write usage instructions here
|
26
|
+
|
27
|
+
## Development
|
28
|
+
|
29
|
+
After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
30
|
+
|
31
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
32
|
+
|
33
|
+
## Contributing
|
34
|
+
|
35
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/udzura/rbbcc.
|
data/Rakefile
ADDED
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "rbbcc"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
data/lib/rbbcc/bcc.rb
ADDED
@@ -0,0 +1,119 @@
|
|
1
|
+
require 'rbbcc/consts'
|
2
|
+
|
3
|
+
module RbBCC
|
4
|
+
SYSCALL_PREFIXES = [
|
5
|
+
"sys_",
|
6
|
+
"__x64_sys_",
|
7
|
+
"__x32_compat_sys_",
|
8
|
+
"__ia32_compat_sys_",
|
9
|
+
"__arm64_sys_",
|
10
|
+
]
|
11
|
+
TRACEFS = "/sys/kernel/debug/tracing"
|
12
|
+
|
13
|
+
class BCC
|
14
|
+
def initialize(text:, debug: 0, cflags: [], sdt_contexts: [], allow_rlimit: 0)
|
15
|
+
@kprobe_fds = []
|
16
|
+
@module = Clib.bpf_module_create_c_from_string(
|
17
|
+
text,
|
18
|
+
debug,
|
19
|
+
cflags.pack('p*'),
|
20
|
+
cflags.size,
|
21
|
+
allow_rlimit
|
22
|
+
)
|
23
|
+
@funcs = {}
|
24
|
+
|
25
|
+
unless @module
|
26
|
+
raise "BPF module not created"
|
27
|
+
end
|
28
|
+
|
29
|
+
trace_autoload!
|
30
|
+
end
|
31
|
+
|
32
|
+
def load_func(func_name, prog_type)
|
33
|
+
if @funcs.keys.include?(func_name)
|
34
|
+
return @funcs[func_name]
|
35
|
+
end
|
36
|
+
|
37
|
+
log_level = 0
|
38
|
+
fd = Clib.bcc_func_load(@module, prog_type, func_name,
|
39
|
+
Clib.bpf_function_start(@module, func_name),
|
40
|
+
Clib.bpf_function_size(@module, func_name),
|
41
|
+
Clib.bpf_module_license(@module),
|
42
|
+
Clib.bpf_module_kern_version(@module),
|
43
|
+
log_level, nil, 0);
|
44
|
+
if fd < 0
|
45
|
+
raise SystemCallError.new(Fiddle.last_error)
|
46
|
+
end
|
47
|
+
fnobj = {fd: fd, name: func_name}
|
48
|
+
@funcs[func_name] = fnobj
|
49
|
+
return fnobj
|
50
|
+
end
|
51
|
+
|
52
|
+
def attach_kprobe(event:, fn_name:, event_off: 0)
|
53
|
+
fn = load_func(fn_name, BPF::KPROBE)
|
54
|
+
ev_name = "p_" + event.gsub(/[\+\.]/, "_")
|
55
|
+
fd = Clib.bpf_attach_kprobe(fn[:fd], 0, ev_name, event, event_off, 0)
|
56
|
+
if fd < 0
|
57
|
+
raise SystemCallError.new(Fiddle.last_error)
|
58
|
+
end
|
59
|
+
puts "Attach: #{event}"
|
60
|
+
@kprobe_fds << fd
|
61
|
+
end
|
62
|
+
|
63
|
+
def tracefile
|
64
|
+
@tracefile ||= File.open("#{TRACEFS}/trace_pipe", "rb")
|
65
|
+
end
|
66
|
+
|
67
|
+
def trace_readline
|
68
|
+
tracefile.readline(1024).rstrip
|
69
|
+
end
|
70
|
+
|
71
|
+
def trace_print(fmt: nil)
|
72
|
+
loop do
|
73
|
+
if fmt
|
74
|
+
# TBD
|
75
|
+
else
|
76
|
+
line = trace_readline
|
77
|
+
end
|
78
|
+
puts line
|
79
|
+
$stdout.flush
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
private
|
84
|
+
def trace_autoload!
|
85
|
+
(0..Clib.bpf_num_functions(@module)).each do |i|
|
86
|
+
func_name = ""
|
87
|
+
_func_name = Clib.bpf_function_name(@module, i)
|
88
|
+
if _func_name && !_func_name.null?
|
89
|
+
idx = 0
|
90
|
+
while _func_name[idx, 1] != "\x00"
|
91
|
+
idx += 1
|
92
|
+
end
|
93
|
+
_func_name.size = idx + 1
|
94
|
+
func_name = _func_name.to_s
|
95
|
+
else
|
96
|
+
next
|
97
|
+
end
|
98
|
+
puts "Found fnc: #{func_name}"
|
99
|
+
if func_name.start_with?("kprobe__")
|
100
|
+
fn = load_func(func_name, BPF::KPROBE)
|
101
|
+
attach_kprobe(
|
102
|
+
event: fix_syscall_fnname(func_name[8..-1]),
|
103
|
+
fn_name: fn[:name]
|
104
|
+
)
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
def fix_syscall_fnname(name)
|
110
|
+
SYSCALL_PREFIXES.each do |prefix|
|
111
|
+
if name.start_with?(prefix)
|
112
|
+
# TODO resolution from sym cache
|
113
|
+
return SYSCALL_PREFIXES[0] + name.sub(prefix, "")
|
114
|
+
end
|
115
|
+
end
|
116
|
+
return name
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
data/lib/rbbcc/clib.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'fiddle/import'
|
2
|
+
|
3
|
+
module RbBCC
|
4
|
+
module Clib
|
5
|
+
extend Fiddle::Importer
|
6
|
+
dlload "libbcc.so.0"
|
7
|
+
|
8
|
+
extern 'void * bpf_module_create_c_from_string(char *, unsigned int, char **, int, long)'
|
9
|
+
extern 'int bpf_num_functions(void *)'
|
10
|
+
extern 'char * bpf_function_name(void *, int)'
|
11
|
+
|
12
|
+
extern 'int bcc_func_load(void *, int, char *, void *, int, char *, unsigned int, int, char *, unsigned int)'
|
13
|
+
extern 'void * bpf_function_start(void *, char *)'
|
14
|
+
extern 'int bpf_function_size(void *, char *)'
|
15
|
+
extern 'char * bpf_module_license(void *)'
|
16
|
+
extern 'unsigned int bpf_module_kern_version(void *)'
|
17
|
+
|
18
|
+
extern 'int bpf_attach_kprobe(int, int, char *, char *, unsigned int, int)'
|
19
|
+
end
|
20
|
+
end
|
data/lib/rbbcc/consts.rb
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
module RbBCC
|
2
|
+
module BPF
|
3
|
+
# From bpf_prog_type in uapi/linux/bpf.h
|
4
|
+
SOCKET_FILTER = 1
|
5
|
+
KPROBE = 2
|
6
|
+
SCHED_CLS = 3
|
7
|
+
SCHED_ACT = 4
|
8
|
+
TRACEPOINT = 5
|
9
|
+
XDP = 6
|
10
|
+
PERF_EVENT = 7
|
11
|
+
CGROUP_SKB = 8
|
12
|
+
CGROUP_SOCK = 9
|
13
|
+
LWT_IN = 10
|
14
|
+
LWT_OUT = 11
|
15
|
+
LWT_XMIT = 12
|
16
|
+
SOCK_OPS = 13
|
17
|
+
SK_SKB = 14
|
18
|
+
CGROUP_DEVICE = 15
|
19
|
+
SK_MSG = 16
|
20
|
+
RAW_TRACEPOINT = 17
|
21
|
+
CGROUP_SOCK_ADDR = 18
|
22
|
+
end
|
23
|
+
end
|
data/lib/rbbcc.rb
ADDED
data/rbbcc.gemspec
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
lib = File.expand_path("../lib", __FILE__)
|
2
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
3
|
+
require "rbbcc/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = "rbbcc"
|
7
|
+
spec.version = RbBCC::VERSION
|
8
|
+
spec.authors = ["Uchio Kondo"]
|
9
|
+
spec.email = ["udzura@udzura.jp"]
|
10
|
+
|
11
|
+
spec.summary = %q{BCC port for MRI}
|
12
|
+
spec.description = %q{BCC port for MRI. See https://github.com/iovisor/bcc}
|
13
|
+
spec.homepage = "https://github.com/udzura/rbbcc"
|
14
|
+
|
15
|
+
# Specify which files should be added to the gem when it is released.
|
16
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
17
|
+
spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
|
18
|
+
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
19
|
+
end
|
20
|
+
#spec.bindir = "exe"
|
21
|
+
#spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
22
|
+
spec.require_paths = ["lib"]
|
23
|
+
|
24
|
+
spec.add_development_dependency "bundler", "~> 2.0"
|
25
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
26
|
+
end
|
metadata
ADDED
@@ -0,0 +1,84 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rbbcc
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1.pre
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Uchio Kondo
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-07-28 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
description: BCC port for MRI. See https://github.com/iovisor/bcc
|
42
|
+
email:
|
43
|
+
- udzura@udzura.jp
|
44
|
+
executables: []
|
45
|
+
extensions: []
|
46
|
+
extra_rdoc_files: []
|
47
|
+
files:
|
48
|
+
- ".gitignore"
|
49
|
+
- Gemfile
|
50
|
+
- Gemfile.lock
|
51
|
+
- README.md
|
52
|
+
- Rakefile
|
53
|
+
- bin/console
|
54
|
+
- bin/setup
|
55
|
+
- examples/hello_world.rb
|
56
|
+
- lib/rbbcc.rb
|
57
|
+
- lib/rbbcc/bcc.rb
|
58
|
+
- lib/rbbcc/clib.rb
|
59
|
+
- lib/rbbcc/consts.rb
|
60
|
+
- lib/rbbcc/version.rb
|
61
|
+
- rbbcc.gemspec
|
62
|
+
homepage: https://github.com/udzura/rbbcc
|
63
|
+
licenses: []
|
64
|
+
metadata: {}
|
65
|
+
post_install_message:
|
66
|
+
rdoc_options: []
|
67
|
+
require_paths:
|
68
|
+
- lib
|
69
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
70
|
+
requirements:
|
71
|
+
- - ">="
|
72
|
+
- !ruby/object:Gem::Version
|
73
|
+
version: '0'
|
74
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
75
|
+
requirements:
|
76
|
+
- - ">"
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: 1.3.1
|
79
|
+
requirements: []
|
80
|
+
rubygems_version: 3.0.3
|
81
|
+
signing_key:
|
82
|
+
specification_version: 4
|
83
|
+
summary: BCC port for MRI
|
84
|
+
test_files: []
|