diff options
| author | Baitinq <[email protected]> | 2024-05-31 00:00:44 +0200 |
|---|---|---|
| committer | Baitinq <[email protected]> | 2024-05-31 00:00:44 +0200 |
| commit | 17ff6a39dc293f6d45ffd355c637a181e28c31ee (patch) | |
| tree | 75183ad391c0bac9f04f3b475aeca5aab902551b | |
| parent | fs-tracer: change api endpoint (diff) | |
| download | fs-tracer-17ff6a39dc293f6d45ffd355c637a181e28c31ee.tar.gz fs-tracer-17ff6a39dc293f6d45ffd355c637a181e28c31ee.tar.bz2 fs-tracer-17ff6a39dc293f6d45ffd355c637a181e28c31ee.zip | |
fs-tracer: create syscall handler
| -rw-r--r-- | fs-tracer/src/main.rs | 68 | ||||
| -rw-r--r-- | fs-tracer/src/syscall_handler.rs | 70 |
2 files changed, 100 insertions, 38 deletions
diff --git a/fs-tracer/src/main.rs b/fs-tracer/src/main.rs index d974d66..a6d41b7 100644 --- a/fs-tracer/src/main.rs +++ b/fs-tracer/src/main.rs @@ -1,3 +1,5 @@ +mod syscall_handler; + use aya::util::online_cpus; use aya::{include_bytes_aligned, Ebpf}; use aya::{maps::AsyncPerfEventArray, programs::TracePoint}; @@ -7,7 +9,8 @@ use fs_tracer_common::SyscallInfo; use log::{debug, info, warn}; use std::env; use std::sync::atomic::{AtomicBool, Ordering}; -use std::sync::Arc; +use std::sync::mpsc; +use std::sync::{Arc, Mutex}; use tokio::task; #[tokio::main] @@ -72,13 +75,19 @@ async fn main() -> Result<(), anyhow::Error> { }) .expect("could not set Ctrl+C handler"); + let (resolved_files_send, resolved_files_recv) = mpsc::channel(); + + // Create arcmutex for the syscall handler in order to use it in threads + let syscall_handler = Arc::new(Mutex::new(syscall_handler::SyscallHandler::new( + resolved_files_send, + ))); + let mut handles = vec![]; let mut perf_array = AsyncPerfEventArray::try_from(bpf.take_map("EVENTS").unwrap())?; for cpu_id in online_cpus()? { let mut buf = perf_array.open(cpu_id, None)?; - let thread_url = url.clone(); - let thread_api_key = fs_tracer_api_key.clone(); + let thread_syscall_handler = syscall_handler.clone(); let thread_exit = exit.clone(); handles.push(task::spawn(async move { let mut buffers = (0..10) @@ -93,47 +102,30 @@ async fn main() -> Result<(), anyhow::Error> { } let ptr = buf.as_ptr() as *const SyscallInfo; let data = unsafe { ptr.read_unaligned() }; - match data { - SyscallInfo::Write(x) => { - println!("WRITE KERNEL: DATA {:?}", x); - // TODO: Batching. - let resp = ureq::post(&thread_url) - .set("API_KEY", &thread_api_key) - .send_string(&format!( - r#" -[ - {{ - "timestamp": "{}", - "absolute_path": "/tmp/test.txt", - "contents": "Hello, world!" - }} -] -"#, - chrono::Utc::now().to_rfc3339() - )) - .expect("Failed to send request"); - if resp.status() != 200 { - panic!("Failed to send request: {:?}", resp); - } - } - SyscallInfo::Open(x) => { - // if !CStr::from_bytes_until_nul(&x.filename) - // .unwrap_or_default() - // .to_str() - // .unwrap_or_default() - // .starts_with('/') - // { - println!("OPEN KERNEL DATA: {:?}", x) - // } - } - } + thread_syscall_handler.lock().unwrap().handle_syscall(data); } } })); } info!("Waiting for threads to stop"); - futures::future::join_all(handles).await; + for elt in resolved_files_recv { + // TODO: Batching. + let resp = ureq::post(&url) + .set("API_KEY", &fs_tracer_api_key) + .send_string(&format!( + r#" + [ + {} + ] + "#, + elt + )) + .expect("Failed to send request"); + if resp.status() != 200 { + panic!("Failed to send request: {:?}", resp); + } + } info!("All threads stopped, exiting now..."); Ok(()) diff --git a/fs-tracer/src/syscall_handler.rs b/fs-tracer/src/syscall_handler.rs new file mode 100644 index 0000000..bdb3a6e --- /dev/null +++ b/fs-tracer/src/syscall_handler.rs @@ -0,0 +1,70 @@ +use std::{collections::HashMap, sync::mpsc::Sender}; + +use fs_tracer_common::SyscallInfo; + +pub struct SyscallHandler { + resolved_files: Sender<String>, + syscall_map: HashMap<u64, fn([u64; 6]) -> u64>, //TODO +} + +impl SyscallHandler { + pub fn new(resolved_files: Sender<String>) -> Self { + Self { + resolved_files, + syscall_map: HashMap::new(), + } + } + + pub fn handle_syscall(&self, data: SyscallInfo) -> u64 { + match data { + SyscallInfo::Write(x) => { + println!("WRITE KERNEL: DATA {:?}", x); + let _ = self.resolved_files.send(format!( + r#" + {{ + "timestamp": "{}", + "absolute_path": "{}", + "contents": "{}" + }} + "#, + chrono::Utc::now().to_rfc3339(), + "/tmp/file.txt", + "some contents!!" + )); + return 0; + // TODO: Batching. + // let resp = ureq::post(&thread_url) + // .set("API_KEY", &thread_api_key) + // .send_string(&format!( + // r#" + // [ + // {{ + // "timestamp": "{}", + // "absolute_path": "{}", + // "contents": "{}" + // }} + // ] + // "#, + // chrono::Utc::now().to_rfc3339(), + // "/tmp/file.txt", + // "some contents!!" + // )) + // .expect("Failed to send request"); + // if resp.status() != 200 { + // panic!("Failed to send request: {:?}", resp); + // } + } + SyscallInfo::Open(x) => { + // if !CStr::from_bytes_until_nul(&x.filename) + // .unwrap_or_default() + // .to_str() + // .unwrap_or_default() + // .starts_with('/') + // { + println!("OPEN KERNEL DATA: {:?}", x); + return 0; + // } + } + } + } +} |