tools/testing/selftests/bpf/progs/profiler.h - linux - Git at Google

 // SPDX-License-Identifier: GPL-2.0
 /* Copyright (c) 2020 Facebook */
 #pragma once

 #define TASK_COMM_LEN 16
 #define MAX_ANCESTORS 4
 #define MAX_PATH 256
 #define KILL_TARGET_LEN 64
 #define CTL_MAXNAME 10
 #define MAX_ARGS_LEN 4096
 #define MAX_FILENAME_LEN 512
 #define MAX_ENVIRON_LEN 8192
 #define MAX_PATH_DEPTH 32
 #define MAX_FILEPATH_LENGTH (MAX_PATH_DEPTH * MAX_PATH)
 #define MAX_CGROUPS_PATH_DEPTH 8

 #define MAX_METADATA_PAYLOAD_LEN TASK_COMM_LEN

 #define MAX_CGROUP_PAYLOAD_LEN \
 	(MAX_PATH * 2 + (MAX_PATH * MAX_CGROUPS_PATH_DEPTH))

 #define MAX_CAP_PAYLOAD_LEN (MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN)

 #define MAX_SYSCTL_PAYLOAD_LEN \
 	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + CTL_MAXNAME + MAX_PATH)

 #define MAX_KILL_PAYLOAD_LEN \
 	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + TASK_COMM_LEN + \
 	 KILL_TARGET_LEN)

 #define MAX_EXEC_PAYLOAD_LEN \
 	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + MAX_FILENAME_LEN + \
 	 MAX_ARGS_LEN + MAX_ENVIRON_LEN)

 #define MAX_FILEMOD_PAYLOAD_LEN \
 	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + MAX_FILEPATH_LENGTH + \
 	 MAX_FILEPATH_LENGTH)

 enum data_type {
 	INVALID_EVENT,
 	EXEC_EVENT,
 	FORK_EVENT,
 	KILL_EVENT,
 	SYSCTL_EVENT,
 	FILEMOD_EVENT,
 	MAX_DATA_TYPE_EVENT
 };

 enum filemod_type {
 	FMOD_OPEN,
 	FMOD_LINK,
 	FMOD_SYMLINK,
 };

 struct ancestors_data_t {
 	pid_t ancestor_pids[MAX_ANCESTORS];
 	uint32_t ancestor_exec_ids[MAX_ANCESTORS];
 	uint64_t ancestor_start_times[MAX_ANCESTORS];
 	uint32_t num_ancestors;
 };

 struct var_metadata_t {
 	enum data_type type;
 	pid_t pid;
 	uint32_t exec_id;
 	uid_t uid;
 	gid_t gid;
 	uint64_t start_time;
 	uint32_t cpu_id;
 	uint64_t bpf_stats_num_perf_events;
 	uint64_t bpf_stats_start_ktime_ns;
 	uint8_t comm_length;
 };

 struct cgroup_data_t {
 	ino_t cgroup_root_inode;
 	ino_t cgroup_proc_inode;
 	uint64_t cgroup_root_mtime;
 	uint64_t cgroup_proc_mtime;
 	uint16_t cgroup_root_length;
 	uint16_t cgroup_proc_length;
 	uint16_t cgroup_full_length;
 	int cgroup_full_path_root_pos;
 };

 struct var_sysctl_data_t {
 	struct var_metadata_t meta;
 	struct cgroup_data_t cgroup_data;
 	struct ancestors_data_t ancestors_info;
 	uint8_t sysctl_val_length;
 	uint16_t sysctl_path_length;
 	char payload[MAX_SYSCTL_PAYLOAD_LEN];
 };

 struct var_kill_data_t {
 	struct var_metadata_t meta;
 	struct cgroup_data_t cgroup_data;
 	struct ancestors_data_t ancestors_info;
 	pid_t kill_target_pid;
 	int kill_sig;
 	uint32_t kill_count;
 	uint64_t last_kill_time;
 	uint8_t kill_target_name_length;
 	uint8_t kill_target_cgroup_proc_length;
 	char payload[MAX_KILL_PAYLOAD_LEN];
 	size_t payload_length;
 };

 struct var_exec_data_t {
 	struct var_metadata_t meta;
 	struct cgroup_data_t cgroup_data;
 	pid_t parent_pid;
 	uint32_t parent_exec_id;
 	uid_t parent_uid;
 	uint64_t parent_start_time;
 	uint16_t bin_path_length;
 	uint16_t cmdline_length;
 	uint16_t environment_length;
 	char payload[MAX_EXEC_PAYLOAD_LEN];
 };

 struct var_fork_data_t {
 	struct var_metadata_t meta;
 	pid_t parent_pid;
 	uint32_t parent_exec_id;
 	uint64_t parent_start_time;
 	char payload[MAX_METADATA_PAYLOAD_LEN];
 };

 struct var_filemod_data_t {
 	struct var_metadata_t meta;
 	struct cgroup_data_t cgroup_data;
 	enum filemod_type fmod_type;
 	unsigned int dst_flags;
 	uint32_t src_device_id;
 	uint32_t dst_device_id;
 	ino_t src_inode;
 	ino_t dst_inode;
 	uint16_t src_filepath_length;
 	uint16_t dst_filepath_length;
 	char payload[MAX_FILEMOD_PAYLOAD_LEN];
 };

 struct profiler_config_struct {
 	bool fetch_cgroups_from_bpf;
 	ino_t cgroup_fs_inode;
 	ino_t cgroup_login_session_inode;
 	uint64_t kill_signals_mask;
 	ino_t inode_filter;
 	uint32_t stale_info_secs;
 	bool use_variable_buffers;
 	bool read_environ_from_exec;
 	bool enable_cgroup_v1_resolver;
 };

 struct bpf_func_stats_data {
 	uint64_t time_elapsed_ns;
 	uint64_t num_executions;
 	uint64_t num_perf_events;
 };

 struct bpf_func_stats_ctx {
 	uint64_t start_time_ns;
 	struct bpf_func_stats_data* bpf_func_stats_data_val;
 };

 enum bpf_function_id {
 	profiler_bpf_proc_sys_write,
 	profiler_bpf_sched_process_exec,
 	profiler_bpf_sched_process_exit,
 	profiler_bpf_sys_enter_kill,
 	profiler_bpf_do_filp_open_ret,
 	profiler_bpf_sched_process_fork,
 	profiler_bpf_vfs_link,
 	profiler_bpf_vfs_symlink,
 	profiler_bpf_max_function_id
 };
	// SPDX-License-Identifier: GPL-2.0
	/* Copyright (c) 2020 Facebook */
	#pragma once

	#define TASK_COMM_LEN 16
	#define MAX_ANCESTORS 4
	#define MAX_PATH 256
	#define KILL_TARGET_LEN 64
	#define CTL_MAXNAME 10
	#define MAX_ARGS_LEN 4096
	#define MAX_FILENAME_LEN 512
	#define MAX_ENVIRON_LEN 8192
	#define MAX_PATH_DEPTH 32
	#define MAX_FILEPATH_LENGTH (MAX_PATH_DEPTH * MAX_PATH)
	#define MAX_CGROUPS_PATH_DEPTH 8

	#define MAX_METADATA_PAYLOAD_LEN TASK_COMM_LEN

	#define MAX_CGROUP_PAYLOAD_LEN \
	(MAX_PATH * 2 + (MAX_PATH * MAX_CGROUPS_PATH_DEPTH))

	#define MAX_CAP_PAYLOAD_LEN (MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN)

	#define MAX_SYSCTL_PAYLOAD_LEN \
	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + CTL_MAXNAME + MAX_PATH)

	#define MAX_KILL_PAYLOAD_LEN \
	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + TASK_COMM_LEN + \
	KILL_TARGET_LEN)

	#define MAX_EXEC_PAYLOAD_LEN \
	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + MAX_FILENAME_LEN + \
	MAX_ARGS_LEN + MAX_ENVIRON_LEN)

	#define MAX_FILEMOD_PAYLOAD_LEN \
	(MAX_METADATA_PAYLOAD_LEN + MAX_CGROUP_PAYLOAD_LEN + MAX_FILEPATH_LENGTH + \
	MAX_FILEPATH_LENGTH)

	enum data_type {
	INVALID_EVENT,
	EXEC_EVENT,
	FORK_EVENT,
	KILL_EVENT,
	SYSCTL_EVENT,
	FILEMOD_EVENT,
	MAX_DATA_TYPE_EVENT
	};

	enum filemod_type {
	FMOD_OPEN,
	FMOD_LINK,
	FMOD_SYMLINK,
	};

	struct ancestors_data_t {
	pid_t ancestor_pids[MAX_ANCESTORS];
	uint32_t ancestor_exec_ids[MAX_ANCESTORS];
	uint64_t ancestor_start_times[MAX_ANCESTORS];
	uint32_t num_ancestors;
	};

	struct var_metadata_t {
	enum data_type type;
	pid_t pid;
	uint32_t exec_id;
	uid_t uid;
	gid_t gid;
	uint64_t start_time;
	uint32_t cpu_id;
	uint64_t bpf_stats_num_perf_events;
	uint64_t bpf_stats_start_ktime_ns;
	uint8_t comm_length;
	};

	struct cgroup_data_t {
	ino_t cgroup_root_inode;
	ino_t cgroup_proc_inode;
	uint64_t cgroup_root_mtime;
	uint64_t cgroup_proc_mtime;
	uint16_t cgroup_root_length;
	uint16_t cgroup_proc_length;
	uint16_t cgroup_full_length;
	int cgroup_full_path_root_pos;
	};

	struct var_sysctl_data_t {
	struct var_metadata_t meta;
	struct cgroup_data_t cgroup_data;
	struct ancestors_data_t ancestors_info;
	uint8_t sysctl_val_length;
	uint16_t sysctl_path_length;
	char payload[MAX_SYSCTL_PAYLOAD_LEN];
	};

	struct var_kill_data_t {
	struct var_metadata_t meta;
	struct cgroup_data_t cgroup_data;
	struct ancestors_data_t ancestors_info;
	pid_t kill_target_pid;
	int kill_sig;
	uint32_t kill_count;
	uint64_t last_kill_time;
	uint8_t kill_target_name_length;
	uint8_t kill_target_cgroup_proc_length;
	char payload[MAX_KILL_PAYLOAD_LEN];
	size_t payload_length;
	};

	struct var_exec_data_t {
	struct var_metadata_t meta;
	struct cgroup_data_t cgroup_data;
	pid_t parent_pid;
	uint32_t parent_exec_id;
	uid_t parent_uid;
	uint64_t parent_start_time;
	uint16_t bin_path_length;
	uint16_t cmdline_length;
	uint16_t environment_length;
	char payload[MAX_EXEC_PAYLOAD_LEN];
	};

	struct var_fork_data_t {
	struct var_metadata_t meta;
	pid_t parent_pid;
	uint32_t parent_exec_id;
	uint64_t parent_start_time;
	char payload[MAX_METADATA_PAYLOAD_LEN];
	};

	struct var_filemod_data_t {
	struct var_metadata_t meta;
	struct cgroup_data_t cgroup_data;
	enum filemod_type fmod_type;
	unsigned int dst_flags;
	uint32_t src_device_id;
	uint32_t dst_device_id;
	ino_t src_inode;
	ino_t dst_inode;
	uint16_t src_filepath_length;
	uint16_t dst_filepath_length;
	char payload[MAX_FILEMOD_PAYLOAD_LEN];
	};

	struct profiler_config_struct {
	bool fetch_cgroups_from_bpf;
	ino_t cgroup_fs_inode;
	ino_t cgroup_login_session_inode;
	uint64_t kill_signals_mask;
	ino_t inode_filter;
	uint32_t stale_info_secs;
	bool use_variable_buffers;
	bool read_environ_from_exec;
	bool enable_cgroup_v1_resolver;
	};

	struct bpf_func_stats_data {
	uint64_t time_elapsed_ns;
	uint64_t num_executions;
	uint64_t num_perf_events;
	};

	struct bpf_func_stats_ctx {
	uint64_t start_time_ns;
	struct bpf_func_stats_data* bpf_func_stats_data_val;
	};

	enum bpf_function_id {
	profiler_bpf_proc_sys_write,
	profiler_bpf_sched_process_exec,
	profiler_bpf_sched_process_exit,
	profiler_bpf_sys_enter_kill,
	profiler_bpf_do_filp_open_ret,
	profiler_bpf_sched_process_fork,
	profiler_bpf_vfs_link,
	profiler_bpf_vfs_symlink,
	profiler_bpf_max_function_id
	};