search

aya-rs / aya

Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.
https://aya-rs.dev/book/
Apache License 2.0
3.13k stars 279 forks source link

aya_log_ebpf cannot print to screen in LSM program #362

Closed fanrong1992 closed 2 years ago

fanrong1992 commented 2 years ago

I try to run example in aya/book, but after I execute renice 1 -p 380074, there is no output on screen.

image

It works well in kprobe program.

image

Here is my code:

#![no_std]
#![no_main]

use aya_bpf::{
    cty::c_int,
    macros::lsm,
    programs::LsmContext,
};
use aya_log_ebpf::{debug, info};
mod vmlinux;
use vmlinux::task_struct;

#[no_mangle]
static PID: i32 = 0;

#[lsm(name="task_setnice")]
pub fn task_setnice(ctx: LsmContext) -> i32 {
    match unsafe { try_task_setnice(ctx) } { 
        Ok(ret) => ret,
        Err(ret) => ret,
    }   
}

unsafe fn try_task_setnice(ctx: LsmContext) -> Result<i32, i32> {
    info!(&ctx, "function task_setnice called");
    let p: *const task_struct = ctx.arg(0);
    let nice: c_int = ctx.arg(1);
    let ret: c_int = ctx.arg(2);

    if ret != 0 { 
        return Err(ret);
    }   

    if (*p).pid == 380074 && nice < 0 { 
        return Err(-1);
    }   
    Ok(0)
}

#[panic_handler]
fn panic(_info: &core::panic::PanicInfo) -> ! { 
    unsafe { core::hint::unreachable_unchecked() }
}

Is there any bug in aya_log_ebpf or my code? Thank you~

pplanel commented 2 years ago

This example (LSM task_setnice) is working for you? It does not work for me, none LSM app.

pplanel commented 2 years ago

As discussed in Discord, i got Aya LSM example working on Ubuntu Lemmy by edit GRUB_CMDLINE_LINUX on /etc/default/grub:

GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=1 lsm=lockdown,capability,yama,apparmor,bpf bpf_lsm=1"

and then: $ sudo update-grub

reboot

fanrong1992 commented 2 years ago

This example (LSM task_setnice) is working for you? It does not work for me, none LSM app.

It doesn't work for me, either.

fanrong1992 commented 2 years ago

As discussed in Discord, i got Aya LSM example working on Ubuntu Lemmy by edit GRUB_CMDLINE_LINUX on /etc/default/grub:

GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=1 lsm=lockdown,capability,yama,apparmor,bpf bpf_lsm=1"

and then: $ sudo update-grub

reboot

Thank you for your solution, I will try it.

vadorovsky commented 2 years ago

I'm closing this. Now we have an explanation in docs how to enable BPF LSM - https://aya-rs.dev/book/programs/lsm/#ensure-that-bpf-lsm-is-enabled