From 8dc78395b6aac9a7d4353ed78a3842d36b3dfa23 Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sat, 18 Jun 2022 23:54:19 +0800 Subject: [PATCH 1/2] New feature: #87 support Android 12+ Signed-off-by: CFC4N --- Makefile | 11 +++-- main.go | 2 + pkg/util/ebpf/{btf.go => bpf.go} | 59 +------------------------- pkg/util/ebpf/bpf_android12.go | 69 +++++++++++++++++++++++++++++++ pkg/util/ebpf/bpf_linux.go | 71 ++++++++++++++++++++++++++++++++ 5 files changed, 152 insertions(+), 60 deletions(-) rename pkg/util/ebpf/{btf.go => bpf.go} (52%) create mode 100644 pkg/util/ebpf/bpf_android12.go create mode 100644 pkg/util/ebpf/bpf_linux.go diff --git a/Makefile b/Makefile index 2136792bf..165890c04 100644 --- a/Makefile +++ b/Makefile @@ -46,6 +46,11 @@ ifeq ($(DEBUG),1) DEBUG_PRINT := -DDEBUG_PRINT endif +TARGET_TAG ?= linux +ifeq ($(ANDROID),1) +TARGET_TAG := android12 +endif + EXTRA_CFLAGS ?= -O2 -mcpu=v1 \ $(DEBUG_PRINT) \ -nostdinc \ @@ -299,8 +304,8 @@ assets: \ .PHONY: build build: \ .checkver_$(CMD_GO) -# - CGO_ENABLED=0 $(CMD_GO) build -ldflags "-w -s -X 'ecapture/cli/cmd.GitVersion=$(UNAME_M):$(VERSION)'" -o bin/ecapture . +# -tags android TODO + CGO_ENABLED=0 $(CMD_GO) build -tags $(TARGET_TAG) -ldflags "-w -s -X 'ecapture/cli/cmd.GitVersion=$(UNAME_M):$(VERSION):[CORE]'" -o bin/ecapture . @@ -310,7 +315,7 @@ build: \ build_nocore: \ .checkver_$(CMD_GO) # - CGO_ENABLED=0 $(CMD_GO) build -ldflags "-w -s -X 'ecapture/cli/cmd.GitVersion=$(UNAME_M):$(VERSION):[NOCORE]' -X 'main.enableCORE=false'" -o bin/ecapture . + CGO_ENABLED=0 $(CMD_GO) build -tags $(TARGET_TAG) -ldflags "-w -s -X 'ecapture/cli/cmd.GitVersion=$(UNAME_M):$(VERSION):$(UNAME_R)' -X 'main.enableCORE=false'" -o bin/ecapture . .PHONY: ebpf_nocore diff --git a/main.go b/main.go index 84fb670fe..7e500a898 100644 --- a/main.go +++ b/main.go @@ -41,6 +41,8 @@ func main() { } } + // TODO check UPROBE + cli.Start() return } diff --git a/pkg/util/ebpf/btf.go b/pkg/util/ebpf/bpf.go similarity index 52% rename from pkg/util/ebpf/btf.go rename to pkg/util/ebpf/bpf.go index 89049e306..66fda92c6 100644 --- a/pkg/util/ebpf/btf.go +++ b/pkg/util/ebpf/bpf.go @@ -1,55 +1,11 @@ package ebpf import ( - "bufio" "fmt" "golang.org/x/sys/unix" "os" ) -const ( - BOOT_CONFIG_PATH = "/boot/config-%s" - CONFIG_BTF_TAGNAME = "CONFIG_DEBUG_INFO_BTF" -) - -func IsEnableBTF() (bool, error) { - found, e := checkKernelBTF() - if e == nil && found { - return true, nil - } - - i, e := getOSUnamer() - if e != nil { - return false, e - } - bootConf := fmt.Sprintf(BOOT_CONFIG_PATH, i.Release) - - // Open file bootConf. - f, err := os.Open(bootConf) - if err != nil { - return false, err - } - defer f.Close() - - var KernelConfig = make(map[string]string) - s := bufio.NewScanner(f) - if err := parse(s, KernelConfig); err != nil { - return false, err - } - bc, found := KernelConfig[CONFIG_BTF_TAGNAME] - if !found { - // 没有这个配置项 - return false, nil - } - - //如果有,在判断配置项的值 - if bc != "y" { - // 没有开启 - return false, nil - } - return true, nil -} - type UnameInfo struct { SysName string Nodename string @@ -88,13 +44,13 @@ func charsToString(ca [65]byte) string { return string(s[0:lens]) } -// from internal/btf/btf.go +// from internal/btf/bpf.go // checkKernelBTF attempts to load the raw vmlinux BTF blob at // /sys/kernel/btf/vmlinux and falls back to scanning the file system // for vmlinux ELFs. func checkKernelBTF() (bool, error) { - _, err := os.Stat("/sys/kernel/btf/vmlinux") + _, err := os.Stat(SYS_KERNEL_BTF_VMLINUX) // if exist ,return true if err == nil { @@ -111,17 +67,6 @@ func findVMLinux() (bool, error) { return false, err } release := kv.Release - // use same list of locations as libbpf - // https://github.com/libbpf/libbpf/blob/9a3a42608dbe3731256a5682a125ac1e23bced8f/src/btf.c#L3114-L3122 - locations := []string{ - "/boot/vmlinux-%s", - "/lib/modules/%s/vmlinux-%[1]s", - "/lib/modules/%s/build/vmlinux", - "/usr/lib/modules/%s/kernel/vmlinux", - "/usr/lib/debug/boot/vmlinux-%s", - "/usr/lib/debug/boot/vmlinux-%s.debug", - "/usr/lib/debug/lib/modules/%s/vmlinux", - } for _, loc := range locations { _, err := os.Stat(fmt.Sprintf(loc, release)) diff --git a/pkg/util/ebpf/bpf_android12.go b/pkg/util/ebpf/bpf_android12.go new file mode 100644 index 000000000..9a9f0f108 --- /dev/null +++ b/pkg/util/ebpf/bpf_android12.go @@ -0,0 +1,69 @@ +//go:build android12 +// +build android12 + +package ebpf + +import ( + "bufio" + "compress/gzip" + "fmt" + "os" +) + +const ( + BOOT_CONFIG_PATH = "/proc/config.gz" + CONFIG_BTF_TAGNAME = "CONFIG_DEBUG_INFO_BTF" + SYS_KERNEL_BTF_VMLINUX = "/sys/kernel/btf/vmlinux" + CONFIG_ARCH_SUPPORTS_UPROBES = "CONFIG_ARCH_SUPPORTS_UPROBES" + CONFIG_UPROBES = "CONFIG_UPROBES" +) + +var ( + // use same list of locations as libbpf + // https://android.googlesource.com/platform/external/libbpf/ + + locations = []string{ + //"/sys/kernel/btf/vmlinux", + } +) + +func IsEnableBTF() (bool, error) { + found, e := checkKernelBTF() + if e == nil && found { + return true, nil + } + + bootConf := fmt.Sprintf(BOOT_CONFIG_PATH) + + // Open file bootConf. + f, err := os.Open(bootConf) + if err != nil { + return false, err + } + defer f.Close() + + // uncompress + reader, err := gzip.NewReader(f) + if err != nil { + return false, err + } + defer reader.Close() + + var KernelConfig = make(map[string]string) + s := bufio.NewScanner(reader) + if err := parse(s, KernelConfig); err != nil { + return false, err + } + bc, found := KernelConfig[CONFIG_BTF_TAGNAME] + if !found { + // 没有这个配置项 + return false, nil + } + + //如果有,在判断配置项的值 + if bc != "y" { + // 没有开启 + return false, nil + } + return true, nil +} diff --git a/pkg/util/ebpf/bpf_linux.go b/pkg/util/ebpf/bpf_linux.go new file mode 100644 index 000000000..75a81041d --- /dev/null +++ b/pkg/util/ebpf/bpf_linux.go @@ -0,0 +1,71 @@ +//go:build !android12 +// +build !android12 + +package ebpf + +import ( + "bufio" + "fmt" + "os" +) + +const ( + BOOT_CONFIG_PATH = "/boot/config-%s" + CONFIG_BTF_TAGNAME = "CONFIG_DEBUG_INFO_BTF" + SYS_KERNEL_BTF_VMLINUX = "/sys/kernel/btf/vmlinux" + CONFIG_ARCH_SUPPORTS_UPROBES = "CONFIG_ARCH_SUPPORTS_UPROBES" + CONFIG_UPROBES = "CONFIG_UPROBES" +) + +var ( + // use same list of locations as libbpf + // https://github.com/libbpf/libbpf/blob/9a3a42608dbe3731256a5682a125ac1e23bced8f/src/btf.c#L3114-L3122 + + locations = []string{ + "/boot/vmlinux-%s", + "/lib/modules/%s/vmlinux-%[1]s", + "/lib/modules/%s/build/vmlinux", + "/usr/lib/modules/%s/kernel/vmlinux", + "/usr/lib/debug/boot/vmlinux-%s", + "/usr/lib/debug/boot/vmlinux-%s.debug", + "/usr/lib/debug/lib/modules/%s/vmlinux", + } +) + +func IsEnableBTF() (bool, error) { + found, e := checkKernelBTF() + if e == nil && found { + return true, nil + } + + i, e := getOSUnamer() + if e != nil { + return false, e + } + bootConf := fmt.Sprintf(BOOT_CONFIG_PATH, i.Release) + + // Open file bootConf. + f, err := os.Open(bootConf) + if err != nil { + return false, err + } + defer f.Close() + + var KernelConfig = make(map[string]string) + s := bufio.NewScanner(f) + if err := parse(s, KernelConfig); err != nil { + return false, err + } + bc, found := KernelConfig[CONFIG_BTF_TAGNAME] + if !found { + // 没有这个配置项 + return false, nil + } + + //如果有,在判断配置项的值 + if bc != "y" { + // 没有开启 + return false, nil + } + return true, nil +} From 126b03776b1db6490107538e9c607e1ed655314d Mon Sep 17 00:00:00 2001 From: CFC4N Date: Sun, 19 Jun 2022 00:11:03 +0800 Subject: [PATCH 2/2] New feature: #87 support Android 12+ (openssl module) Signed-off-by: CFC4N --- user/common.go | 13 ++----------- user/common_android12.go | 17 +++++++++++++++++ user/common_linux.go | 26 ++++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 11 deletions(-) create mode 100644 user/common_android12.go create mode 100644 user/common_linux.go diff --git a/user/common.go b/user/common.go index 5cef95254..1df0ba60e 100644 --- a/user/common.go +++ b/user/common.go @@ -24,19 +24,10 @@ func inet_ntop(ip uint32) string { } func GetDynLibDirs() []string { - dirs, err := ParseDynLibConf("/etc/ld.so.conf") + dirs, err := ParseDynLibConf(LD_LOAD_PATH) if err != nil { log.Println(err.Error()) - /* - 1, the RPATH binary header (set at build-time) of the library causing the lookup (if any) - 2, the RPATH binary header (set at build-time) of the executable - 3, the LD_LIBRARY_PATH environment variable (set at run-time) - 4, the RUNPATH binary header (set at build-time) of the executable - 5, /etc/ld.so.cache - 6, base library directories (/lib and /usr/lib) - ref: http://blog.tremily.us/posts/rpath/ - */ - return []string{"/lib", "/usr/lib", "/usr/lib64", "/lib64"} + return default_so_paths } return append(dirs, "/lib64", "/usr/lib64") } diff --git a/user/common_android12.go b/user/common_android12.go new file mode 100644 index 000000000..90fda0b3a --- /dev/null +++ b/user/common_android12.go @@ -0,0 +1,17 @@ +//go:build android12 +// +build android12 + +package user + +const ( + LD_LOAD_PATH = "/etc/ld.so.conf" +) + +// https://source.android.com/devices/architecture/vndk/linker-namespace +var ( + default_so_paths = []string{ + "/data/asan/system/lib64", + "/apex/com.android.conscrypt/lib64", + "/apex/com.android.runtime/lib64/bionic", + } +) diff --git a/user/common_linux.go b/user/common_linux.go new file mode 100644 index 000000000..49562d676 --- /dev/null +++ b/user/common_linux.go @@ -0,0 +1,26 @@ +//go:build !android12 +// +build !android12 + +package user + +const ( + LD_LOAD_PATH = "/etc/ld.so.conf" +) + +/* + 1, the RPATH binary header (set at build-time) of the library causing the lookup (if any) + 2, the RPATH binary header (set at build-time) of the executable + 3, the LD_LIBRARY_PATH environment variable (set at run-time) + 4, the RUNPATH binary header (set at build-time) of the executable + 5, /etc/ld.so.cache + 6, base library directories (/lib and /usr/lib) + ref: http://blog.tremily.us/posts/rpath/ +*/ +var ( + default_so_paths = []string{ + "/lib", + "/usr/lib", + "/usr/lib64", + "/lib64", + } +)