(skywalking-rover) branch main updated: Enhance get connection address strategy in access log module. (#143)

Thu, 19 Sep 2024 03:36:07 -0700 

This is an automated email from the ASF dual-hosted git repository.

liuhan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/skywalking-rover.git


The following commit(s) were added to refs/heads/main by this push:
     new b4c7ffc  Enhance get connection address strategy in access log module. 
(#143)
b4c7ffc is described below

commit b4c7ffc29f9e03b8321fde837aef1f25c825eca3
Author: mrproliu <[email protected]>
AuthorDate: Thu Sep 19 18:34:23 2024 +0800

    Enhance get connection address strategy in access log module. (#143)
---
 CHANGES.md                        |  1 +
 bpf/accesslog/common/connection.h | 10 ++++++++++
 bpf/include/api.h                 | 13 +++++++++++++
 bpf/include/socket.h              |  1 +
 pkg/accesslog/runner.go           | 16 ++++++++++------
 5 files changed, 35 insertions(+), 6 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 0e1c187..ad12449 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -11,6 +11,7 @@ Release Notes.
 * Add detect process from `CRI-O` container in Kubernetes.
 * Introduce `MonitorFilter` into access log module. 
 * Support monitoring ztunnel to adapt istio ambient mode.
+* Enhance get connection address strategy in access log module.
 
 #### Bug Fixes
 * Fixed the issue where `conntrack` could not find the Reply IP in the access 
log module.
diff --git a/bpf/accesslog/common/connection.h 
b/bpf/accesslog/common/connection.h
index 71069be..31e9f78 100644
--- a/bpf/accesslog/common/connection.h
+++ b/bpf/accesslog/common/connection.h
@@ -218,6 +218,16 @@ static __always_inline void submit_new_connection(void* 
ctx, bool success, __u32
     __u16 port;
     event->local_port = 0;
     event->remote_port = 0;
+    if (socket == NULL) {
+        struct task_struct* task_ptr = (struct 
task_struct*)bpf_get_current_task();
+        struct files_struct *files = _(task_ptr->files);
+        struct fdtable *fdtable = _(files->fdt);
+        struct file *fd_data;
+        struct file **fd_ptr;
+        bpf_probe_read_kernel(&fd_ptr, sizeof(fd_ptr), &fdtable->fd);
+        bpf_probe_read_kernel(&fd_data, sizeof(fd_data), &fd_ptr[fd]);
+        socket = _(fd_data->private_data);
+    }
     if (socket != NULL) {
         // only get from accept function(server side)
         struct sock* s;
diff --git a/bpf/include/api.h b/bpf/include/api.h
index 0d76451..be139bf 100644
--- a/bpf/include/api.h
+++ b/bpf/include/api.h
@@ -56,9 +56,22 @@ struct thread_struct {
     } uw;
 }  __attribute__((preserve_access_index));
 
+struct file {
+       void *private_data;
+} __attribute__((preserve_access_index));
+
+struct fdtable {
+       struct file **fd;      /* current fd array */
+} __attribute__((preserve_access_index));
+
+struct files_struct {
+       struct fdtable *fdt;
+} __attribute__((preserve_access_index));
+
 struct task_struct {
        __u32 pid;
     __u32 tgid;
     struct thread_struct thread;
+    struct files_struct *files;
 }  __attribute__((preserve_access_index));
 #endif
\ No newline at end of file
diff --git a/bpf/include/socket.h b/bpf/include/socket.h
index 5e92bed..02fd49b 100644
--- a/bpf/include/socket.h
+++ b/bpf/include/socket.h
@@ -60,6 +60,7 @@ struct sock_common {
 
 struct socket {
        struct sock             *sk;
+       struct file             *file;
 } __attribute__((preserve_access_index));
 
 struct iov_iter {
diff --git a/pkg/accesslog/runner.go b/pkg/accesslog/runner.go
index 63f9eee..18577de 100644
--- a/pkg/accesslog/runner.go
+++ b/pkg/accesslog/runner.go
@@ -214,6 +214,16 @@ func (r *Runner) sendLogs(allLogs 
map[*common.ConnectionInfo]*connectionLogs) er
        firstLog := true
        firstConnection := true
        for connection, logs := range allLogs {
+               if len(logs.kernels) == 0 && len(logs.protocols) == 0 {
+                       continue
+               }
+               if log.Enable(logrus.DebugLevel) {
+                       log.Debugf("ready to sending access log with 
connection, connection ID: %d, random ID: %d, "+
+                               "local: %s, remote: %s, role: %s, kernel logs 
count: %d, protocol log count: %d",
+                               connection.ConnectionID, connection.RandomID, 
connection.RPCConnection.Local, connection.RPCConnection.Remote,
+                               connection.RPCConnection.Role, 
len(logs.kernels), len(logs.protocols))
+               }
+
                if len(logs.kernels) > 0 {
                        r.sendLogToTheStream(streaming, 
r.buildAccessLogMessage(firstLog, firstConnection, connection, logs.kernels, 
nil))
                        firstLog, firstConnection = false, false
@@ -243,12 +253,6 @@ func (r *Runner) buildAccessLogMessage(firstLog, 
firstConnection bool, conn *com
        var rpcCon *v3.AccessLogConnection
        if firstConnection {
                rpcCon = conn.RPCConnection
-               if log.Enable(logrus.DebugLevel) {
-                       log.Debugf("ready to sending access log with 
connection, connection ID: %d, random ID: %d, "+
-                               "local: %s, remote: %s, role: %s, kernel logs 
count: %d, contains protocol log: %t",
-                               conn.ConnectionID, conn.RandomID, rpcCon.Local, 
rpcCon.Remote, rpcCon.Role,
-                               len(kernelLogs), protocolLog != nil)
-               }
        }
        return &v3.EBPFAccessLogMessage{
                Node:        r.BuildNodeInfo(firstLog),

Reply via email to