This is an automated email from the ASF dual-hosted git repository.
liuhan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/skywalking-rover.git
The following commit(s) were added to refs/heads/main by this push:
new 699d6a6 Fix missing the first socket detail event in HTTPS protocol
(#165)
699d6a6 is described below
commit 699d6a6bffb055cdb146f71b40fa34618e0f5779
Author: mrproliu <[email protected]>
AuthorDate: Mon Dec 9 21:35:36 2024 +0900
Fix missing the first socket detail event in HTTPS protocol (#165)
---
CHANGES.md | 1 +
bpf/accesslog/syscalls/transfer.h | 89 ++++++++++++++++++---------------------
bpf/accesslog/tls/go_tls.c | 36 ++++++++--------
bpf/accesslog/tls/go_tls.h | 1 +
4 files changed, 60 insertions(+), 67 deletions(-)
diff --git a/CHANGES.md b/CHANGES.md
index 5c27ece..4eab947 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -12,6 +12,7 @@ Release Notes.
* Decode the BPF data by self instant `binary.Read` to reduce CPU usage.
* Fix the unaligned memory accesses for `upload_socket_data_buf`.
* Support for connecting to the backend server over TLS without requiring
`ca.pem`.
+* Fix missing the first socket detail event in HTTPS protocol.
#### Bug Fixes
* Fix the base image cannot run in the arm64.
diff --git a/bpf/accesslog/syscalls/transfer.h
b/bpf/accesslog/syscalls/transfer.h
index 4fda16e..e1f1ba7 100644
--- a/bpf/accesslog/syscalls/transfer.h
+++ b/bpf/accesslog/syscalls/transfer.h
@@ -78,53 +78,6 @@ struct {
__uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY);
} socket_detail_data_queue SEC(".maps");
-
-static __inline void upload_socket_detail(void *ctx, __u64 conid, struct
active_connection_t *connection, __u8 func_name, struct sock_data_args_t
*data_args, bool ssl, __u64 end_nacs) {
- // only send the original socket syscall(not ssl)
- if (ssl == true) {
- return;
- }
- __u32 kZero = 0;
- struct socket_detail_t *detail =
bpf_map_lookup_elem(&socket_detail_event_per_cpu_map, &kZero);
- if (detail == NULL) {
- return;
- }
-
- detail->connection_id = conid;
- detail->random_id = connection->random_id;
- detail->data_id = data_args->data_id;
-
- detail->start_nacs = data_args->start_nacs;
- detail->end_nacs = end_nacs;
-
- detail->l4_duration = data_args->exit_l4_time - data_args->enter_l4_time;
- detail->l3_duration = data_args->l3_duration;
- detail->l3_local_duration = data_args->l3_local_duration;
- detail->l3_output_duration = data_args->l3_output_duration;
- detail->l3_resolve_mac_duration = data_args->total_resolve_mac_time;
- detail->l3_net_filter_duration = data_args->total_net_filter_time;
- detail->l2_duration = data_args->l2_duration;
- detail->l2_ready_send_duration = data_args->l2_ready_send_duration;
- detail->l2_send_duration = data_args->l2_send_duration;
- detail->ifindex = data_args->ifindex;
- detail->l4_total_package_size = data_args->total_package_size;
- detail->l4_package_count = data_args->package_count;
- detail->l4_retransmit_package_count = data_args->retransmit_package_count;
- detail->l3_resolve_mac_count = data_args->total_resolve_mac_count;
- detail->l3_net_filter_count = data_args->total_net_filter_count;
- detail->op_func_name = func_name;
- detail->data_protocol = connection->protocol;
- detail->ssl = connection->ssl;
- detail->l2_package_to_queue_time = data_args->total_package_to_queue_time;
- detail->l3_total_recv_time = data_args->l3_rcv_duration;
- detail->l2_enter_queue_count = data_args->l2_enter_queue_count;
- detail->l4_package_rcv_from_queue_time =
data_args->total_package_receive_from_queue_time;
-
- // loss package detail
-
- bpf_perf_event_output(ctx, &socket_detail_data_queue, BPF_F_CURRENT_CPU,
detail, sizeof(*detail));
-}
-
static __always_inline void process_write_data(void *ctx, __u64 id, struct
sock_data_args_t *args, ssize_t bytes_count,
__u32 data_direction, const bool vecs,
__u8 func_name, bool ssl) {
__u64 curr_nacs = bpf_ktime_get_ns();
@@ -187,8 +140,46 @@ static __always_inline void process_write_data(void *ctx,
__u64 id, struct sock_
}
__u64 conid = gen_tgid_fd(tgid, args->fd);
- // upload the socket detail
- upload_socket_detail(ctx, conid, conn, func_name, args, ssl, curr_nacs);
+ // upload the socket detail, detail can only be send when the ssl are same:
+ // 1. when the SSL connection sends SSL(unencrypted) message
+ // 2. when the not SSL connection sends plain data
+ if (conn->ssl == ssl) {
+ __u32 kZero = 0;
+ struct socket_detail_t *detail =
bpf_map_lookup_elem(&socket_detail_event_per_cpu_map, &kZero);
+ if (detail != NULL) {
+ detail->connection_id = conid;
+ detail->random_id = conn->random_id;
+ detail->data_id = args->data_id;
+
+ detail->start_nacs = args->start_nacs;
+ detail->end_nacs = curr_nacs;
+
+ detail->l4_duration = args->exit_l4_time - args->enter_l4_time;
+ detail->l3_duration = args->l3_duration;
+ detail->l3_local_duration = args->l3_local_duration;
+ detail->l3_output_duration = args->l3_output_duration;
+ detail->l3_resolve_mac_duration = args->total_resolve_mac_time;
+ detail->l3_net_filter_duration = args->total_net_filter_time;
+ detail->l2_duration = args->l2_duration;
+ detail->l2_ready_send_duration = args->l2_ready_send_duration;
+ detail->l2_send_duration = args->l2_send_duration;
+ detail->ifindex = args->ifindex;
+ detail->l4_total_package_size = args->total_package_size;
+ detail->l4_package_count = args->package_count;
+ detail->l4_retransmit_package_count =
args->retransmit_package_count;
+ detail->l3_resolve_mac_count = args->total_resolve_mac_count;
+ detail->l3_net_filter_count = args->total_net_filter_count;
+ detail->op_func_name = func_name;
+ detail->data_protocol = conn->protocol;
+ detail->ssl = conn->ssl;
+ detail->l2_package_to_queue_time =
args->total_package_to_queue_time;
+ detail->l3_total_recv_time = args->l3_rcv_duration;
+ detail->l2_enter_queue_count = args->l2_enter_queue_count;
+ detail->l4_package_rcv_from_queue_time =
args->total_package_receive_from_queue_time;
+
+ bpf_perf_event_output(ctx, &socket_detail_data_queue,
BPF_F_CURRENT_CPU, detail, sizeof(*detail));
+ }
+ }
// upload the socket data if need
struct upload_data_args *upload_data_args = generate_socket_upload_args();
diff --git a/bpf/accesslog/tls/go_tls.c b/bpf/accesslog/tls/go_tls.c
index 311ec73..e3e67b8 100644
--- a/bpf/accesslog/tls/go_tls.c
+++ b/bpf/accesslog/tls/go_tls.c
@@ -47,7 +47,14 @@ int go_tls_write(struct pt_regs* ctx) {
struct go_tls_connection_args_t data_args = {};
assign_go_tls_arg(&data_args.connection_ptr,
sizeof(data_args.connection_ptr), symaddrs->write_connection_loc, sp, regs);
assign_go_tls_arg(&data_args.buffer_ptr, sizeof(data_args.buffer_ptr),
symaddrs->write_buffer_loc, sp, regs);
+
+ struct go_interface conn_intf = {};
+ conn_intf.type = 1;
+ conn_intf.ptr = data_args.connection_ptr;
+ int fd = get_fd_from_go_tls_conn(conn_intf, symaddrs);
+ set_conn_as_ssl(ctx, tgid, fd, SOCKET_OPTS_TYPE_GOTLS_WRITE);
data_args.start_nacs = bpf_ktime_get_ns();
+ data_args.fd = fd;
bpf_map_update_elem(&go_tls_active_connection_args, &tgid_goid,
&data_args, 0);
return 0;
}
@@ -87,18 +94,11 @@ int go_tls_write_ret(struct pt_regs* ctx) {
struct go_tls_connection_args_t *args =
bpf_map_lookup_elem(&go_tls_active_connection_args, &tgid_goid);
if (args) {
- struct go_interface conn_intf = {};
- conn_intf.type = 1;
- conn_intf.ptr = args->connection_ptr;
- int fd = get_fd_from_go_tls_conn(conn_intf, symaddrs);
-
- set_conn_as_ssl(ctx, tgid, fd, SOCKET_OPTS_TYPE_GOTLS_WRITE);
-
struct sock_data_args_t data_args = {};
- data_args.fd = fd;
+ data_args.fd = args->fd;
data_args.buf = args->buffer_ptr;
data_args.start_nacs = args->start_nacs;
- data_args.data_id = get_socket_data_id(6, id, fd);
+ data_args.data_id = get_socket_data_id(6, id, args->fd);
process_write_data(ctx, id, &data_args, retval0,
SOCK_DATA_DIRECTION_EGRESS, false, SOCKET_OPTS_TYPE_GOTLS_WRITE, true);
}
@@ -135,7 +135,14 @@ int go_tls_read(struct pt_regs* ctx) {
struct go_tls_connection_args_t data_args = {};
assign_go_tls_arg(&data_args.connection_ptr,
sizeof(data_args.connection_ptr), symaddrs->read_connection_loc, sp, regs);
assign_go_tls_arg(&data_args.buffer_ptr, sizeof(data_args.buffer_ptr),
symaddrs->read_buffer_loc, sp, regs);
+ struct go_interface conn_intf = {};
+ conn_intf.type = 1;
+ conn_intf.ptr = data_args.connection_ptr;
+ int fd = get_fd_from_go_tls_conn(conn_intf, symaddrs);
+ set_conn_as_ssl(ctx, tgid, fd, SOCKET_OPTS_TYPE_GOTLS_READ);
+
data_args.start_nacs = bpf_ktime_get_ns();
+ data_args.fd = fd;
bpf_map_update_elem(&go_tls_active_connection_args, &tgid_goid,
&data_args, 0);
return 0;
}
@@ -175,18 +182,11 @@ int go_tls_read_ret(struct pt_regs* ctx) {
struct go_tls_connection_args_t *args =
bpf_map_lookup_elem(&go_tls_active_connection_args, &tgid_goid);
if (args) {
- struct go_interface conn_intf = {};
- conn_intf.type = 1;
- conn_intf.ptr = args->connection_ptr;
- int fd = get_fd_from_go_tls_conn(conn_intf, symaddrs);
-
- set_conn_as_ssl(ctx, tgid, fd, SOCKET_OPTS_TYPE_GOTLS_READ);
-
struct sock_data_args_t data_args = {};
- data_args.fd = fd;
+ data_args.fd = args->fd;
data_args.buf = args->buffer_ptr;
data_args.start_nacs = args->start_nacs;
- data_args.data_id = get_socket_data_id(8, id, fd);
+ data_args.data_id = get_socket_data_id(8, id, args->fd);
process_write_data(ctx, id, &data_args, retval0,
SOCK_DATA_DIRECTION_INGRESS, false, SOCKET_OPTS_TYPE_GOTLS_WRITE, true);
}
diff --git a/bpf/accesslog/tls/go_tls.h b/bpf/accesslog/tls/go_tls.h
index 1057ef9..72d5067 100644
--- a/bpf/accesslog/tls/go_tls.h
+++ b/bpf/accesslog/tls/go_tls.h
@@ -25,6 +25,7 @@ struct go_tls_connection_args_t {
void* connection_ptr;
char* buffer_ptr;
__u64 start_nacs;
+ __u32 fd;
};
struct {
__uint(type, BPF_MAP_TYPE_HASH);
