On Tue, 6 Feb 2018 20:05:43 +0100 Daniel Borkmann <[email protected]> wrote:
> On 02/06/2018 06:03 PM, Jesper Dangaard Brouer wrote:
[...]
> > [...] I plan to follow up and do a more complete solution later. This
> > is a workaround to get the Suricata use-case working and also that
> > samples/bpf/ can be loaded.
>
> Aside from a needed fix in any case, is there a specifc reason why Suricata
> cannot rely on 'clang -target bpf'? Is it asm inline headers in your case?
Below is the error I get when using 'clang' with '-target bpf'
$ dirs
~/git/suricata/src/ebpf
$ clang -Wall -Iinclude -O2 -D__KERNEL__ -target bpf -emit-llvm -c
xdp_filter.c -o - | llc -march=bpf -filetype=obj -o xdp_filter.bpf
In file included from xdp_filter.c:19:
In file included from /usr/bin/../lib64/clang/4.0.1/include/stdint.h:63:
In file included from /usr/include/stdint.h:26:
In file included from /usr/include/bits/libc-header-start.h:33:
In file included from /usr/include/features.h:434:
/usr/include/gnu/stubs.h:7:11: fatal error: 'gnu/stubs-32.h' file not found
# include <gnu/stubs-32.h>
^~~~~~~~~~~~~~~~
I'll leave it up to Eric Leblond to figure out that he need to change
in the eBPF programs to make it compile with '-target bpf'. Maybe you
can offer him some guidance here?
Direct link to code:
https://github.com/OISF/suricata/blob/master/ebpf/xdp_filter.c
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
