Collect SEC BPF information #25
Description
It would be useful to parse SEC() definitions for BPF programs in C source code as used in the Linux kernel and programs running in the kernel.
SEC sections in C source code such as https://github.com/torvalds/linux/blob/3a8a670eeeaa40d87bd38a587438952741980c18/samples/bpf/tracex7_kern.c#L6C1-L6C25 contain structured data that are further ending in a compiled ELF section and in compiled "BPF" code (in the .BTF section.)
Some examples include "license", "version" and related information similar to what we can collect using MODULE_XXX macros or their output inlined in compiled kernel ELFs (See for instance simple regexes in https://github.com/nexB/scancode-plugins/blob/4df0cf04e1b7b6774ba6e983c7c57002f19327c9/binary-analysis/scancode-compiledcode/src/compiledcode/sourcecode/kernel.py )
There should be some example in this package:
$ rpm -qfi /usr/lib64/bpf/xdpdump_xdp.o
Name : xdp-tools
Version : 1.2.3
Release : 1.fc36
Architecture: x86_64
Install Date: Thu 29 Sep 2022 11:34:49 AM CEST
Group : Unspecified
Size : 634410
License : GPLv2
Signature : RSA/SHA256, Thu 17 Feb 2022 04:29:22 PM CET, Key ID 999f7cbf38ab71f4
Source RPM : xdp-tools-1.2.3-1.fc36.src.rpm
Build Date : Thu 17 Feb 2022 04:27:35 PM CET
Build Host : buildhw-x86-08.iad2.fedoraproject.org
Packager : Fedora Project
Vendor : Fedora Project
URL : https://github.com/xdp-project/xdp-tools
Bug URL : https://bugz.fedoraproject.org/xdp-tools
Summary : Utilities and example programs for use with XDP
Description :
Utilities and example programs for use with XDP
and
$ readelf -WS bpf/xdpdump_xdp.o
There are 14 section headers, starting at offset 0xc30:
Section Headers:
[Nr] Name Type Address Off Size ES Flg Lk Inf Al
[ 0] NULL 0000000000000000 000000 000000 00 0 0 0
[ 1] .text PROGBITS 0000000000000000 000040 000000 00 AX 0 0 4
[ 2] xdpdump_xdp PROGBITS 0000000000000000 000040 000118 00 AX 0 0 8
[ 3] .relxdpdump_xdp REL 0000000000000000 000a10 000020 10 I 11 2 8
[ 4] .data PROGBITS 0000000000000000 000158 00000c 00 WA 0 0 4
[ 5] .maps PROGBITS 0000000000000000 000168 000020 00 WA 0 0 8
[ 6] license PROGBITS 0000000000000000 000188 000004 00 WA 0 0 1
[ 7] .BTF PROGBITS 0000000000000000 00018c 0005df 00 0 0 1
[ 8] .rel.BTF REL 0000000000000000 000a30 000030 10 I 11 7 8
[ 9] .BTF.ext PROGBITS 0000000000000000 00076b 0001a0 00 0 0 1
[10] .rel.BTF.ext REL 0000000000000000 000a60 000170 10 I 11 9 8
[11] .symtab SYMTAB 0000000000000000 000910 0000c0 18 12 4 8
[12] .strtab STRTAB 0000000000000000 0009d0 00003b 00 0 0 1
[13] .shstrtab STRTAB 0000000000000000 000bd0 00005b 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
D (mbind), p (processor specific)
and the SEC calls in the corresponding source code https://github.com/search?q=repo%3Axdp-project%2Fxdp-tools+"SEC("&type=code
This issue is to collect the source code side of the SEC sections