search

foniod / redbpf

Rust library for building and running BPF/eBPF modules
Apache License 2.0
1.71k stars 136 forks source link

[Question] How to load a xdp program with cargo installed by rustup #288

Closed Forsworns closed 2 years ago

Forsworns commented 2 years ago

I work on WSL2 and it has support eBPF programs since version 5.10.74.3-microsoft-standard-WSL2.

As the cargo-bpf doc said:

Loading eBPF programs requires admin priviledges, so you'll have to run load as root or with sudo:

$ sudo cargo bpf load -i eth0 target/bpf/programs/block_http.elf

But my cargo is installed with rustup, which installs cargo in my user home. Therefore, I got error sudo cargo: command not found.

I tried with sudo -E bash -c "cargo bpf load -i eth0 target/bpf/programs/block_http.elf". But the error is the same.

I also tried use ip to load xdp programs, as what is recommended in XDP tutorial

ip link set dev lo xdpgeneric obj block_http.elf sec xdp

However, it reminded me the elf file from redbpf did not has a xdp section and PTR *mut xdp_md type_id=2 Invalid name:

bpf_sentinel/ebpf_sentinel.elf sec xdp

BTF debug data section '.BTF' rejected: Invalid argument (22)!
 - Length:       1344
Verifier analysis:

magic: 0xeb9f
version: 1
flags: 0x0
hdr_len: 24
type_off: 0
type_len: 320
str_off: 320
str_len: 1000
btf_total_size: 1344
[1] PTR *mut xdp_md type_id=2 Invalid name

Program section 'xdp' not found in ELF file!
Error fetching program/map!
rsdy commented 2 years ago

I think sudo -E bash -c ... will re-run your /root/.bashrc and reset your PATH. You should try sudo -E cargo ..., or install through sudo rustup.

Forsworns commented 2 years ago

I think sudo -E bash -c ... will re-run your /root/.bashrc and reset your PATH. You should try sudo -E cargo ...

Tried sudo -E cargo ... and the output is the same

Fine, maybe I need to reinstall the cargo and toolchains :(

Forsworns commented 2 years ago

It seems tedious to re-install system-wide cargo/rustup.

I change the /etc/passwd file for user privilege escalation. By changing the user id and group id of the user with cargo installed to 0. The user gains root privilege without sudo now. And the XDP program is successfully injected via cargo bpf tool. Don't know if this is a good way. At least, it works without much suffering. :)