rbbcc 0.0.1.pre

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e221c0642b859704c7ed8d83c5a839eab1f44a82a17523bc59a7cfbc210abb1d
+  data.tar.gz: 400bd564a7b462eb56489222126ffda7aa0493d91c1fce654c4ce3420a77a5a8
+SHA512:
+  metadata.gz: ee72e3ebfc1d6c1ab96a9de7a0a6cef522410f0e9100bdc82d1b516a7f0f7460c874ddd5a9597b5d6e19ed88bd117a97da25ea92fd8586663c1d4de8c493957b
+  data.tar.gz: 9a85d74d9e8c42bb64e4166f7edeef19bb7449d76229fee81ad67a47df6617f4a5260527d7bc7fc16757134d6fa7a6b3709be1a38a1ab9ee8607682d7cc561bb

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/vendor/bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in rbbcc.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,20 @@
+PATH
+  remote: .
+  specs:
+    rbbcc (0.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    rake (10.5.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 2.0)
+  rake (~> 10.0)
+  rbbcc!
+
+BUNDLED WITH
+   2.0.1

data/README.md

@@ -0,0 +1,35 @@
+# Rbbcc
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/rbbcc`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'rbbcc'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install rbbcc
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/udzura/rbbcc.

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "rbbcc"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/examples/hello_world.rb

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require 'rbbcc'
+include RbBCC
+
+BCC.new(text: 'int kprobe__sys_clone(void *ctx) { bpf_trace_printk("Hello, World!\\n"); return 0; }').trace_print

data/lib/rbbcc/bcc.rb

@@ -0,0 +1,119 @@
+require 'rbbcc/consts'
+
+module RbBCC
+  SYSCALL_PREFIXES = [
+    "sys_",
+    "__x64_sys_",
+    "__x32_compat_sys_",
+    "__ia32_compat_sys_",
+    "__arm64_sys_",
+  ]
+  TRACEFS = "/sys/kernel/debug/tracing"
+
+  class BCC
+    def initialize(text:, debug: 0, cflags: [], sdt_contexts: [], allow_rlimit: 0)
+      @kprobe_fds = []
+      @module = Clib.bpf_module_create_c_from_string(
+        text,
+        debug,
+        cflags.pack('p*'),
+        cflags.size,
+        allow_rlimit
+      )
+      @funcs = {}
+
+      unless @module
+        raise "BPF module not created"
+      end
+
+      trace_autoload!
+    end
+
+    def load_func(func_name, prog_type)
+      if @funcs.keys.include?(func_name)
+        return @funcs[func_name]
+      end
+
+      log_level = 0
+      fd = Clib.bcc_func_load(@module, prog_type, func_name,
+             Clib.bpf_function_start(@module, func_name),
+             Clib.bpf_function_size(@module, func_name),
+             Clib.bpf_module_license(@module),
+             Clib.bpf_module_kern_version(@module),
+             log_level, nil, 0);
+      if fd < 0
+        raise SystemCallError.new(Fiddle.last_error)
+      end
+      fnobj = {fd: fd, name: func_name}
+      @funcs[func_name] = fnobj
+      return fnobj
+    end
+
+    def attach_kprobe(event:, fn_name:, event_off: 0)
+      fn = load_func(fn_name, BPF::KPROBE)
+      ev_name = "p_" + event.gsub(/[\+\.]/, "_")
+      fd = Clib.bpf_attach_kprobe(fn[:fd], 0, ev_name, event, event_off, 0)
+      if fd < 0
+        raise SystemCallError.new(Fiddle.last_error)
+      end
+      puts "Attach: #{event}"
+      @kprobe_fds << fd
+    end
+
+    def tracefile
+      @tracefile ||= File.open("#{TRACEFS}/trace_pipe", "rb")
+    end
+
+    def trace_readline
+      tracefile.readline(1024).rstrip
+    end
+
+    def trace_print(fmt: nil)
+      loop do
+        if fmt
+        # TBD
+        else
+          line = trace_readline
+        end
+        puts line
+        $stdout.flush
+      end
+    end
+
+    private
+    def trace_autoload!
+      (0..Clib.bpf_num_functions(@module)).each do |i|
+        func_name = ""
+        _func_name = Clib.bpf_function_name(@module, i)
+        if _func_name && !_func_name.null?
+          idx = 0
+          while _func_name[idx, 1] != "\x00"
+            idx += 1
+          end
+          _func_name.size = idx + 1
+          func_name = _func_name.to_s
+        else
+          next
+        end
+        puts "Found fnc: #{func_name}"
+        if func_name.start_with?("kprobe__")
+          fn = load_func(func_name, BPF::KPROBE)
+          attach_kprobe(
+            event: fix_syscall_fnname(func_name[8..-1]),
+            fn_name: fn[:name]
+          )
+        end
+      end
+    end
+
+    def fix_syscall_fnname(name)
+      SYSCALL_PREFIXES.each do |prefix|
+        if name.start_with?(prefix)
+          # TODO resolution from sym cache
+          return SYSCALL_PREFIXES[0] + name.sub(prefix, "")
+        end
+      end
+      return name
+    end
+  end
+end

data/lib/rbbcc/clib.rb

@@ -0,0 +1,20 @@
+require 'fiddle/import'
+
+module RbBCC
+  module Clib
+    extend Fiddle::Importer
+    dlload "libbcc.so.0"
+
+    extern 'void * bpf_module_create_c_from_string(char *, unsigned int, char **, int, long)'
+    extern 'int bpf_num_functions(void *)'
+    extern 'char * bpf_function_name(void *, int)'
+
+    extern 'int bcc_func_load(void *, int, char *, void *, int, char *, unsigned int, int, char *, unsigned int)'
+    extern 'void * bpf_function_start(void *, char *)'
+    extern 'int bpf_function_size(void *, char *)'
+    extern 'char * bpf_module_license(void *)'
+    extern 'unsigned int bpf_module_kern_version(void *)'
+
+    extern 'int bpf_attach_kprobe(int, int, char *, char *, unsigned int, int)'
+  end
+end

data/lib/rbbcc/consts.rb

@@ -0,0 +1,23 @@
+module RbBCC
+  module BPF
+    # From bpf_prog_type in uapi/linux/bpf.h
+    SOCKET_FILTER = 1
+    KPROBE = 2
+    SCHED_CLS = 3
+    SCHED_ACT = 4
+    TRACEPOINT = 5
+    XDP = 6
+    PERF_EVENT = 7
+    CGROUP_SKB = 8
+    CGROUP_SOCK = 9
+    LWT_IN = 10
+    LWT_OUT = 11
+    LWT_XMIT = 12
+    SOCK_OPS = 13
+    SK_SKB = 14
+    CGROUP_DEVICE = 15
+    SK_MSG = 16
+    RAW_TRACEPOINT = 17
+    CGROUP_SOCK_ADDR = 18
+  end
+end

data/lib/rbbcc/version.rb

@@ -0,0 +1,3 @@
+module RbBCC
+  VERSION = "0.0.1.pre"
+end

data/lib/rbbcc.rb

@@ -0,0 +1,6 @@
+require "rbbcc/bcc"
+require "rbbcc/clib"
+require "rbbcc/version"
+
+module RbBCC
+end

data/rbbcc.gemspec

@@ -0,0 +1,26 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "rbbcc/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "rbbcc"
+  spec.version       = RbBCC::VERSION
+  spec.authors       = ["Uchio Kondo"]
+  spec.email         = ["udzura@udzura.jp"]
+
+  spec.summary       = %q{BCC port for MRI}
+  spec.description   = %q{BCC port for MRI. See https://github.com/iovisor/bcc}
+  spec.homepage      = "https://github.com/udzura/rbbcc"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  #spec.bindir        = "exe"
+  #spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 2.0"
+  spec.add_development_dependency "rake", "~> 10.0"
+end

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification
+name: rbbcc
+version: !ruby/object:Gem::Version
+  version: 0.0.1.pre
+platform: ruby
+authors:
+- Uchio Kondo
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-07-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: BCC port for MRI. See https://github.com/iovisor/bcc
+email:
+- udzura@udzura.jp
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- examples/hello_world.rb
+- lib/rbbcc.rb
+- lib/rbbcc/bcc.rb
+- lib/rbbcc/clib.rb
+- lib/rbbcc/consts.rb
+- lib/rbbcc/version.rb
+- rbbcc.gemspec
+homepage: https://github.com/udzura/rbbcc
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: BCC port for MRI
+test_files: []