path: root/tools/net/bpf_dbg.c (follow)
AgeCommit message (Collapse)AuthorFilesLines
2014-04-30bpf_dbg: fix wrong register usageBrendan Hickey1-1/+1
The AND instruction is erroneously using the X register instead of the K register. Signed-off-by: Brendan Hickey <bhickey@google.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-24tools: bpf_dbg: various misc code cleanupsDaniel Borkmann1-64/+55
Lets clean up bpf_dbg a bit and improve its code slightly in various areas: i) Get rid of some macros as there's no good reason for keeping them, ii) remove one unused variable and reduce scope of various variables found by cppcheck, iii) Close non-default file descriptors when exiting the shell. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-17bpf_dbg: always close socket in bpf_runnableDaniel Borkmann1-1/+1
We must not leave the socket intact in bpf_runnable(). The socket is used to test if the filter code is being accepted by the kernel or not. So right after we do the setsockopt(2), we need to close it again. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-11filter: bpf_dbg: add minimal bpf debuggerDaniel Borkmann1-0/+1404
This patch adds a minimal BPF debugger that "emulates" the kernel's BPF engine (w/o extensions) and allows for single stepping (forwards and backwards through BPF code) or running with >=1 breakpoints through selected or all packets from a pcap file with a provided user filter in order to facilitate verification of a BPF program. When a breakpoint is being hit, it dumps all register contents, decoded instructions and in case of branches both decoded branch targets as well as other useful information. Having this facility is in particular useful to verify BPF programs against given test traffic *before* attaching to a live system. With the general availability of cls_bpf, xt_bpf, socket filters, team driver and e.g. PTP code, all BPF users, quite often a single more complex BPF program is being used. Reasons for a more complex BPF program are primarily to optimize execution time for making a verdict when multiple simple BPF programs are combined into one in order to prevent parsing same headers multiple times. In particular, for cls_bpf that can have various return paths for encoding flowids, and xt_bpf to come to a fw verdict this can be the case. Therefore, as this can result in more complex and harder to debug code, it would be very useful to have this minimal tool for testing purposes. It can also be of help for BPF JIT developers as filters are "test attached" to the kernel on a temporary socket thus triggering a JIT image dump when enabled. The tool uses an interactive libreadline shell with auto-completion and history support. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>