diff --git a/examples/pybpf3.py b/examples/binops_demo.py similarity index 89% rename from examples/pybpf3.py rename to examples/binops_demo.py index 13897c1..f3b65ba 100644 --- a/examples/pybpf3.py +++ b/examples/binops_demo.py @@ -6,8 +6,8 @@ from ctypes import c_void_p, c_int64, c_uint64 # Instructions to how to run this program # 1. Install PythonBPF: pip install pythonbpf -# 2. Run the program: python demo/pybpf3.py -# 3. Run the program with sudo: sudo examples/check.sh run demo/pybpf3.o +# 2. Run the program: python examples/binops_demo.py +# 3. Run the program with sudo: sudo tools/check.sh run examples/binops_demo.py # 4. Start up any program and watch the output @bpf diff --git a/examples/execve4.py b/examples/blk_request.py similarity index 100% rename from examples/execve4.py rename to examples/blk_request.py diff --git a/examples/pybpf4.py b/examples/clone_plot.py similarity index 96% rename from examples/pybpf4.py rename to examples/clone_plot.py index 8e9fd87..28c5c1a 100644 --- a/examples/pybpf4.py +++ b/examples/clone_plot.py @@ -12,7 +12,7 @@ import matplotlib.pyplot as plt # and then plots the distribution as a histogram using matplotlib. # It provides a quick view of process creation activity over 10 seconds. # Everything is done with Python only code and with the new pylibbpf library. -# Run `sudo /path/to/python/binary/ pybpf4.py` +# Run `sudo /path/to/python/binary/ clone_plot.py` @bpf @map diff --git a/examples/execve2.py b/examples/execve2.py deleted file mode 100644 index fadc396..0000000 --- a/examples/execve2.py +++ /dev/null @@ -1,35 +0,0 @@ -from pythonbpf.decorators import bpf, map, section, bpfglobal -from ctypes import c_void_p, c_int64, c_int32, c_uint64 -from pythonbpf.helpers import ktime -from pythonbpf.maps import HashMap - - -@bpf -@map -def last() -> HashMap: - return HashMap(key=c_uint64, value=c_uint64, max_entries=1) - - -@bpf -@section("tracepoint/syscalls/sys_enter_execve") -def hello(ctx: c_void_p) -> c_int32: - print("entered") - print("multi constant support") - return c_int32(0) - - -@bpf -@section("tracepoint/syscalls/sys_exit_execve") -def hello_again(ctx: c_void_p) -> c_int64: - print("exited") - key = 0 - tsp = last().lookup(key) - print(tsp) - ts = ktime() - return c_int64(0) - - -@bpf -@bpfglobal -def LICENSE() -> str: - return "GPL" diff --git a/examples/execve3.py b/examples/execve3.py deleted file mode 100644 index 510d6fa..0000000 --- a/examples/execve3.py +++ /dev/null @@ -1,45 +0,0 @@ -from pythonbpf import bpf, map, section, bpfglobal, compile -from pythonbpf.helpers import ktime, deref -from pythonbpf.maps import HashMap - -from ctypes import c_void_p, c_int64, c_int32, c_uint64 - - -@bpf -@map -def last() -> HashMap: - return HashMap(key=c_uint64, value=c_uint64, max_entries=3) - -@bpf -@section("tracepoint/syscalls/sys_exit_execve") -def hello_again(ctx: c_void_p) -> c_int64: - print("multi constant support") - print("exited") - key = 0 - delta = 0 - dddelta = 0 - tsp = last().lookup(key) - if True: - delta = ktime() - ddelta = deref(delta) - ttsp = deref(deref(tsp)) - dddelta = ddelta - ttsp - if dddelta < 1000000000: - print("execve called within last second") - last().delete(key) - ts = ktime() - last().update(key, ts) - - va = 8 - nm = 5 + va - al = 6 & 3 - print(f"this is a variable {nm}") - - return c_int64(0) - -@bpf -@bpfglobal -def LICENSE() -> str: - return "GPL" - -compile() diff --git a/examples/pybpf0.py b/examples/hello_world.py similarity index 51% rename from examples/pybpf0.py rename to examples/hello_world.py index b292ced..7fc9927 100644 --- a/examples/pybpf0.py +++ b/examples/hello_world.py @@ -1,11 +1,9 @@ -from pythonbpf import bpf, section, bpfglobal, compile - +from pythonbpf import bpf, section, bpfglobal, compile, BPF from ctypes import c_void_p, c_int64 # Instructions to how to run this program # 1. Install PythonBPF: pip install pythonbpf -# 2. Run the program: python demo/pybpf0.py -# 3. Run the program with sudo: sudo examples/check.sh run demo/pybpf0.o +# 2. Run the program: sudo python examples/hello_world.py # 4. Start up any program and watch the output @@ -20,4 +18,11 @@ def hello_world(ctx: c_void_p) -> c_int64: def LICENSE() -> str: return "GPL" -compile() +b = BPF() +b.load_and_attach() +if b.is_loaded() and b.is_attached(): + print("Successfully loaded and attached") +else: + print("Could not load successfully") + +# Now cat /sys/kernel/debug/tracing/trace_pipe to see results of the execve syscall. diff --git a/examples/execve5.py b/examples/struct_and_perf.py similarity index 100% rename from examples/execve5.py rename to examples/struct_and_perf.py diff --git a/examples/pybpf2.py b/examples/sys_sync.py similarity index 88% rename from examples/pybpf2.py rename to examples/sys_sync.py index 94e0d6a..953cb11 100644 --- a/examples/pybpf2.py +++ b/examples/sys_sync.py @@ -6,8 +6,8 @@ from ctypes import c_void_p, c_int64, c_uint64 # Instructions to how to run this program # 1. Install PythonBPF: pip install pythonbpf -# 2. Run the program: python demo/pybpf2.py -# 3. Run the program with sudo: sudo examples/check.sh run demo/pybpf2.o +# 2. Run the program: python examples/sys_sync.py +# 3. Run the program with sudo: sudo tools/check.sh run examples/sys_sync.o # 4. Start a Python repl and `import os` and then keep entering `os.sync()` to see reponses. @bpf diff --git a/examples/pybpf1.py b/examples/xdp_pass.py similarity index 83% rename from examples/pybpf1.py rename to examples/xdp_pass.py index 409e553..74d6f5f 100644 --- a/examples/pybpf1.py +++ b/examples/xdp_pass.py @@ -6,9 +6,9 @@ from ctypes import c_void_p, c_int64 # Instructions to how to run this program # 1. Install PythonBPF: pip install pythonbpf -# 2. Run the program: python demo/pybpf1.py -# 3. Run the program with sudo: sudo examples/check.sh run demo/pybpf1.o -# 4. Attach object file to any network device with something like ./check.sh xdp ../demo/pybpf1.o tailscale0 +# 2. Run the program: python examples/xdp_pass.py +# 3. Run the program with sudo: sudo tools/check.sh run examples/xdp_pass.o +# 4. Attach object file to any network device with something like ./check.sh xdp examples/xdp_pass.o tailscale0 # 5. send traffic through the device and observe effects @bpf diff --git a/examples/c-form/Makefile b/tests/c-form/Makefile similarity index 100% rename from examples/c-form/Makefile rename to tests/c-form/Makefile diff --git a/examples/c-form/ex2.bpf.c b/tests/c-form/ex2.bpf.c similarity index 100% rename from examples/c-form/ex2.bpf.c rename to tests/c-form/ex2.bpf.c diff --git a/examples/c-form/ex3-2.bpf.c b/tests/c-form/ex3-2.bpf.c similarity index 100% rename from examples/c-form/ex3-2.bpf.c rename to tests/c-form/ex3-2.bpf.c diff --git a/examples/c-form/ex3.bpf.c b/tests/c-form/ex3.bpf.c similarity index 100% rename from examples/c-form/ex3.bpf.c rename to tests/c-form/ex3.bpf.c diff --git a/examples/c-form/ex4.bpf.c b/tests/c-form/ex4.bpf.c similarity index 100% rename from examples/c-form/ex4.bpf.c rename to tests/c-form/ex4.bpf.c diff --git a/examples/c-form/ex5.bpf.c b/tests/c-form/ex5.bpf.c similarity index 100% rename from examples/c-form/ex5.bpf.c rename to tests/c-form/ex5.bpf.c diff --git a/examples/c-form/ex6.bpf.c b/tests/c-form/ex6.bpf.c similarity index 100% rename from examples/c-form/ex6.bpf.c rename to tests/c-form/ex6.bpf.c diff --git a/examples/c-form/ex7.bpf.c b/tests/c-form/ex7.bpf.c similarity index 100% rename from examples/c-form/ex7.bpf.c rename to tests/c-form/ex7.bpf.c diff --git a/examples/c-form/ex8.bpf.c b/tests/c-form/ex8.bpf.c similarity index 100% rename from examples/c-form/ex8.bpf.c rename to tests/c-form/ex8.bpf.c diff --git a/examples/c-form/example.bpf.c b/tests/c-form/example.bpf.c similarity index 100% rename from examples/c-form/example.bpf.c rename to tests/c-form/example.bpf.c diff --git a/examples/c-form/vmlinux.h b/tests/c-form/vmlinux.h similarity index 100% rename from examples/c-form/vmlinux.h rename to tests/c-form/vmlinux.h diff --git a/examples/check.sh b/tools/check.sh similarity index 100% rename from examples/check.sh rename to tools/check.sh diff --git a/tools/compile.py b/tools/compile.py deleted file mode 100755 index 7a12159..0000000 --- a/tools/compile.py +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env python3 -import argparse, subprocess, os -from pythonbpf import codegen - -def main(): - parser = argparse.ArgumentParser() - parser.add_argument("source", help="Python BPF program") - args = parser.parse_args() - - ll_file = os.path.splitext(args.source)[0] + ".ll" - o_file = os.path.splitext(args.source)[0] + ".o" - - print(f"[+] Compiling {args.source} → {ll_file}") - codegen.compile_to_ir(args.source, ll_file) - - print("[+] Running llc -march=bpf") - subprocess.run(["llc", "-march=bpf", "-filetype=obj", "-O2", ll_file, "-o", o_file], check=True) - -if __name__ == "__main__": - main()