diff options
| author | Alice Frosi <afrosi@redhat.com> | 2022-12-21 12:01:39 +0100 |
|---|---|---|
| committer | Alice Frosi <afrosi@redhat.com> | 2022-12-21 14:57:12 +0100 |
| commit | ca4c9f229aa46d7983302323d7468cabde55995c (patch) | |
| tree | 1e242c9bde19c254534b042846924f59aa16b46e /bpf_dbg.c | |
| parent | 5d408e91861d8c995931c69eae62c25cdf130ca5 (diff) | |
| download | seitan-ca4c9f229aa46d7983302323d7468cabde55995c.tar seitan-ca4c9f229aa46d7983302323d7468cabde55995c.tar.gz seitan-ca4c9f229aa46d7983302323d7468cabde55995c.tar.bz2 seitan-ca4c9f229aa46d7983302323d7468cabde55995c.tar.lz seitan-ca4c9f229aa46d7983302323d7468cabde55995c.tar.xz seitan-ca4c9f229aa46d7983302323d7468cabde55995c.tar.zst seitan-ca4c9f229aa46d7983302323d7468cabde55995c.zip | |
Create bpf_dbg program to disassemble BPF filters
The bpf_dbg binary prints the instructions included in the BPF filter.
This is particurarly useful for debugging and verifing the generated
filter. E.g:
./bpf_dbg test.bpf
Read 7 entries
l0: ld [4]
l1: jeq #0xc000003e, l2, l5
l2: ld [0]
l3: jeq #0x2a, l4, l5
l4: ja 5
l5: ret #0x7fff0000
l6: ret #0x7fc00000
Signed-off-by: Alice Frosi <afrosi@redhat.com>
Diffstat (limited to 'bpf_dbg.c')
| -rw-r--r-- | bpf_dbg.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/bpf_dbg.c b/bpf_dbg.c new file mode 100644 index 0000000..2f109b1 --- /dev/null +++ b/bpf_dbg.c @@ -0,0 +1,27 @@ +#include <stdio.h> +#include <stdlib.h> +#include <fcntl.h> +#include <linux/filter.h> +#include <unistd.h> + +#include "disasm.h" + +int main(int argc, char **argv) +{ + struct sock_filter *filter; + size_t fd, n; + + if (argc < 2) { + perror("missing input file"); + exit(EXIT_FAILURE); + } + filter = calloc(SIZE_FILTER, sizeof(struct sock_filter)); + fd = open(argv[1], O_CLOEXEC | O_RDONLY); + + n = read(fd, filter, sizeof(struct sock_filter) * SIZE_FILTER); + close(fd); + printf("Read %ld entries\n", n / sizeof(struct sock_filter)); + bpf_disasm_all(filter, n / sizeof(struct sock_filter)); + free(filter); + return 0; +} |