Skip to content

Commit

Permalink
Fixes codeblock indentation in order to make them actually work
Browse files Browse the repository at this point in the history
Currently markdownlint (which runs in our CI/CD) refuses non-indented code blocks,
but material mkdocs requires code blocks to not be indented.

As such, we will ignore this lint rule.

mkdocs clashes really hard with the code block related lint and as
such I disabled it.
  • Loading branch information
arielf212 authored and tamird committed Nov 27, 2024
1 parent cfaed29 commit dd139f7
Show file tree
Hide file tree
Showing 11 changed files with 558 additions and 552 deletions.
1 change: 1 addition & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ jobs:

- uses: DavidAnson/markdownlint-cli2-action@v18
with:
config: .markdownlint.json
globs: '**/*.md'

- uses: dtolnay/rust-toolchain@nightly
Expand Down
3 changes: 3 additions & 0 deletions .markdownlint.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"code-block-style": false
}
42 changes: 21 additions & 21 deletions docs/book/aya/aya-tool.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,40 +18,40 @@ bindings for specific kernel structures.

It can be installed with the following commands:

```console
$ cargo install bindgen-cli
$ cargo install --git https://github.com/aya-rs/aya -- aya-tool
```
```console
cargo install bindgen-cli
cargo install --git https://github.com/aya-rs/aya -- aya-tool
```

Ensure that you have `bpftool` and `bindgen` installed in your system,
`aya-tool` is not going to work without it.

The syntax of the command is:

```console
$ aya-tool
aya-tool
```console
$ aya-tool
aya-tool

USAGE:
aya-tool <SUBCOMMAND>
USAGE:
aya-tool <SUBCOMMAND>

OPTIONS:
-h, --help Print help information
OPTIONS:
-h, --help Print help information

SUBCOMMANDS:
generate Generate Rust bindings to Kernel types using bpftool
help Print this message or the help of the given subcommand(s)
```
SUBCOMMANDS:
generate Generate Rust bindings to Kernel types using bpftool
help Print this message or the help of the given subcommand(s)
```

Let's assume that we want to generate Rust definition of
[task_struct][task-struct]. Let's also assume that your project is called
`myapp`. Your userspace part is in `myapp` subdirectory, your eBPF part is in
`myapp-ebpf`. We need to generate the bindings for the eBPF part, which can be
done with:

```console
$ aya-tool generate task_struct > myapp-ebpf/src/vmlinux.rs
```
```console
aya-tool generate task_struct > myapp-ebpf/src/vmlinux.rs
```

!!! tip "Generating for multiple types"

Expand All @@ -64,9 +64,9 @@ done with:
Then we can use `vmlinux` as a module with `mod vmlinux` in our eBPF program,
like here:

```rust linenums="1" title="myapp-ebpf/src/main.rs"
--8<-- "examples/aya-tool/myapp-ebpf/src/main.rs"
```
```rust linenums="1" title="myapp-ebpf/src/main.rs"
--8<-- "examples/aya-tool/myapp-ebpf/src/main.rs"
```

## Portability and different kernel versions

Expand Down
90 changes: 45 additions & 45 deletions docs/book/programs/cgroup-skb.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,9 @@ represents the IP protocol header. We need to generate Rust bindings to it.

First, we must make sure that `bindgen` is installed.

```sh
cargo install bindgen-cli
```
```sh
cargo install bindgen-cli
```

Let's use `xtask` to automate the process of generating bindings so we can
easily reproduce it in the future by adding the following code:
Expand Down Expand Up @@ -77,9 +77,9 @@ by returning `0`. Otherwise, we are going to accept it by returning `1`.

Here's how the eBPF code looks like:

```rust linenums="1" title="cgroup-skb-egress-ebpf/src/main.rs"
--8<-- "examples/cgroup-skb-egress/cgroup-skb-egress-ebpf/src/main.rs"
```
```rust linenums="1" title="cgroup-skb-egress-ebpf/src/main.rs"
--8<-- "examples/cgroup-skb-egress/cgroup-skb-egress-ebpf/src/main.rs"
```

1. Create our map.
1. Check if we should allow or deny our packet.
Expand All @@ -94,9 +94,9 @@ In this example, we'll block all egress traffic going to `1.1.1.1`.

Here's how the code looks like:

```rust linenums="1" title="cgroup-skb-egress/src/main.rs"
--8<-- "examples/cgroup-skb-egress/cgroup-skb-egress/src/main.rs"
```
```rust linenums="1" title="cgroup-skb-egress/src/main.rs"
--8<-- "examples/cgroup-skb-egress/cgroup-skb-egress/src/main.rs"
```

1. Loading the eBPF program.
1. Attaching it to the given cgroup.
Expand All @@ -112,60 +112,60 @@ is an appropriate type to use in eBPF maps.

First, check where cgroups v2 are mounted:

```console
$ mount | grep cgroup2
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
```
```console
$ mount | grep cgroup2
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
```

The most common locations are either `/sys/fs/cgroup` or `/sys/fs/cgroup/unified`.

Inside that location, we need to create our new cgroup (as root):

```console
# mkdir /sys/fs/cgroup/foo
```
```console
# mkdir /sys/fs/cgroup/foo
```

Then run the program with:

```console
RUST_LOG=info cargo xtask run
```
```console
RUST_LOG=info cargo xtask run
```

And then, in a separate terminal, as root, try to access `1.1.1.1`:

```console
# bash -c "echo \$$ >> /sys/fs/cgroup/foo/cgroup.procs && curl 1.1.1.1"
```
```console
# bash -c "echo \$$ >> /sys/fs/cgroup/foo/cgroup.procs && curl 1.1.1.1"
```

That command should hang and the logs of our program should look like:

```console
LOG: DST 1.1.1.1, ACTION 0
LOG: DST 1.1.1.1, ACTION 0
```
```console
LOG: DST 1.1.1.1, ACTION 0
LOG: DST 1.1.1.1, ACTION 0
```

On the other hand, accessing any other address should be successful, for
example:

```console
# bash -c "echo \$$ >> /sys/fs/cgroup/foo/cgroup.procs && curl google.com"
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
```
```console
# bash -c "echo \$$ >> /sys/fs/cgroup/foo/cgroup.procs && curl google.com"
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
```

And should result in the following logs:

```console
LOG: DST 192.168.88.10, ACTION 1
LOG: DST 192.168.88.10, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
```
```console
LOG: DST 192.168.88.10, ACTION 1
LOG: DST 192.168.88.10, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
LOG: DST 172.217.19.78, ACTION 1
```
38 changes: 19 additions & 19 deletions docs/book/programs/classifiers.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,9 +57,9 @@ Classifier programs and qdisc filters.

Here's how the eBPF code looks like:

```rust linenums="1" title="tc-egress-ebpf/src/main.rs"
--8<-- "examples/tc-egress/tc-egress-ebpf/src/main.rs"
```
```rust linenums="1" title="tc-egress-ebpf/src/main.rs"
--8<-- "examples/tc-egress/tc-egress-ebpf/src/main.rs"
```

1. Create our map.
1. Check if we should allow or deny our packet.
Expand All @@ -74,9 +74,9 @@ In this example, we'll block all egress traffic going to `1.1.1.1`.

Here's how the code looks like:

```rust linenums="1" title="tc-egress/src/main.rs"
--8<-- "examples/tc-egress/tc-egress/src/main.rs"
```
```rust linenums="1" title="tc-egress/src/main.rs"
--8<-- "examples/tc-egress/tc-egress/src/main.rs"
```

1. Get a reference to the map.
1. Create an IPv4Addr.
Expand All @@ -90,16 +90,16 @@ is an appropriate type to use in eBPF maps.

## Running the program

```console
$ RUST_LOG=info cargo xtask run
LOG: SRC 1.1.1.1, ACTION 2
LOG: SRC 35.186.224.47, ACTION 3
LOG: SRC 35.186.224.47, ACTION 3
LOG: SRC 1.1.1.1, ACTION 2
LOG: SRC 168.100.68.32, ACTION 3
LOG: SRC 168.100.68.239, ACTION 3
LOG: SRC 168.100.68.32, ACTION 3
LOG: SRC 168.100.68.239, ACTION 3
LOG: SRC 1.1.1.1, ACTION 2
LOG: SRC 13.248.212.111, ACTION 3
```
```console
$ RUST_LOG=info cargo xtask run
LOG: SRC 1.1.1.1, ACTION 2
LOG: SRC 35.186.224.47, ACTION 3
LOG: SRC 35.186.224.47, ACTION 3
LOG: SRC 1.1.1.1, ACTION 2
LOG: SRC 168.100.68.32, ACTION 3
LOG: SRC 168.100.68.239, ACTION 3
LOG: SRC 168.100.68.32, ACTION 3
LOG: SRC 168.100.68.239, ACTION 3
LOG: SRC 1.1.1.1, ACTION 2
LOG: SRC 13.248.212.111, ACTION 3
```
Loading

0 comments on commit dd139f7

Please sign in to comment.