Prerequisites
kernel capabilities
First, you need to have a Linux kernel:
- with BTF support
- with BPF LSM support (kernels >= 5.7)
You can check if your kernel has BTF support by checking whether file
/sys/kernel/btf/vmlinux
exists. You can also check the kernel configuration:
$ zgrep CONFIG_DEBUG_INFO_BTF /proc/config.gz
CONFIG_DEBUG_INFO_BTF=y
Next, you need to check if your kernel has BPF LSM support:
$ cat /sys/kernel/security/lsm
lockdown,capability,selinux,bpf
If the output doesn't contain bpf
, you need to enable BPF LSM by adding
lsm=[...],bpf
to your kernel config parameters. That can be achieved by
executing the enable-bpf-lsm.py script.
This script will print modified contents of /etc/default/grub
file to stdout.
Either pipe it back directly to /etc/default/grub
or save it somewhere
and compare contents before swapping to a new version.
Whole command with direct pipe:
$ ./enable-bpf.lsm.py | sudo tee /etc/default/grub 1>/dev/null
This file is used by grub2 to assemble final grub.cfg
. To trigger reconfiguration
use grub's mkconfig command with -o <path to grub.cfg>
switch.
Both command name and path to grub.cfg
are distribution dependent.
On ubuntu:
$ sudo grub-mkconfig -o /boot/grub/grub.cfg
On fedora:
$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
After that's done reboot your system.
rust toolchain and packages
You need the Rust stable and nightly toolchains installed on your system, bpf-linker and bpftool binary.
Install rust from https://rustup.rs. Further commands assume availabilty of rustup command.
Install nightly toolchain:
$ rustup toolchain install nightly --component rust-src
Optionally add miri:
$ rustup component add miri --toolchain nightly
Finally install bpf-linker:
$ cargo install bpf-linker
This bpf-linker installation method works on linux x86_64 systems. For others refer to aya-rs documentation.
To install bpftool either use distro provided package or build it from source.
On ubuntu it is a part of linux-tools:
$ sudo apt install linux-tools-$(uname -r)