fix ci and add attach

example/minimal/README.md

@@ -91,3 +91,17 @@ client
 ```sh
 LD_PRELOAD=~/.bpftime/libbpftime-agent.so ./victim
 ```
+
+## ureplace
+
+Run server:
+
+```sh
+SPDLOG_LEVEL=Debug LD_PRELOAD=~/.bpftime/libbpftime-syscall-server.so ./ureplace
+```
+
+Run victim:
+
+```sh
+SPDLOG_LEVEL=Debug LD_PRELOAD=~/.bpftime/libbpftime-syscall-server.so ./ureplace
+```

example/minimal/ureplace.c

@@ -11,8 +11,7 @@
 #include <stdlib.h>
 #include "ureplace.skel.h"
 #include <inttypes.h>
-#include <syscall.h>
-#include <linux/perf_event.h>
+#include "ureplace_attach.h"
 
 #define warn(...) fprintf(stderr, __VA_ARGS__)
 
@@ -29,64 +28,6 @@ static void sig_handler(int sig)
 	exiting = true;
 }
 
-long elf_find_func_offset_from_file(const char *binary_path, const char *name);
-
-#define PERF_UPROBE_REF_CTR_OFFSET_BITS 32
-#define PERF_UPROBE_REF_CTR_OFFSET_SHIFT 32
-#define BPF_TYPE_UFILTER 8
-
-static inline __u64 ptr_to_u64(const void *ptr)
-{
-	return (__u64)(unsigned long)ptr;
-}
-
-static int perf_event_open_ureplace(const char *name, uint64_t offset, int pid,
-				    size_t ref_ctr_off)
-{
-	const size_t attr_sz = sizeof(struct perf_event_attr);
-	struct perf_event_attr attr;
-	int type, pfd;
-
-	if ((__u64)ref_ctr_off >= (1ULL << PERF_UPROBE_REF_CTR_OFFSET_BITS))
-		return -EINVAL;
-
-	memset(&attr, 0, attr_sz);
-
-	type = BPF_TYPE_UFILTER;
-	attr.size = attr_sz;
-	attr.type = type;
-	attr.config |= (__u64)ref_ctr_off << PERF_UPROBE_REF_CTR_OFFSET_SHIFT;
-	attr.config1 = ptr_to_u64(name); /* kprobe_func or uprobe_path */
-	attr.config2 = offset; /* kprobe_addr or probe_offset */
-
-	/* pid filter is meaningful only for uprobes */
-	pfd = syscall(__NR_perf_event_open, &attr, pid < 0 ? -1 : pid /* pid */,
-		      pid == -1 ? 0 : -1 /* cpu */, -1 /* group_fd */,
-		      PERF_FLAG_FD_CLOEXEC);
-	return pfd >= 0 ? pfd : -errno;
-}
-
-static int bpf_prog_attach_ureplace(int prog_fd, const char *binary_path,
-				    const char *name)
-{
-	int offset = elf_find_func_offset_from_file("./victim", "target_func");
-	if (offset < 0) {
-		return offset;
-	}
-	printf("offset: %d", offset);
-	int res = perf_event_open_ureplace("./victim", offset, -1, 0);
-	if (res < 0) {
-		printf("perf_event_open_ureplace failed: %d\n", res);
-		return res;
-	}
-	res = bpf_prog_attach(prog_fd, res, BPF_MODIFY_RETURN, 0);
-	if (res < 0) {
-		printf("bpf_prog_attach failed: %d\n", res);
-		return res;
-	}
-	return 0;
-}
-
 int main(int argc, char **argv)
 {
 	struct ureplace_bpf *skel;
@@ -112,8 +53,9 @@ int main(int argc, char **argv)
 		fprintf(stderr, "Failed to load and verify BPF skeleton\n");
 		goto cleanup;
 	}
-	err = bpf_prog_attach_ureplace(bpf_program__fd(skel->progs.do_ureplace_patch),
-				       "./victim", "target_func");
+	err = bpf_prog_attach_ureplace(
+		bpf_program__fd(skel->progs.do_ureplace_patch), "./victim",
+		"target_func");
 	if (err) {
 		fprintf(stderr, "Failed to attach BPF program\n");
 		goto cleanup;

example/minimal/ureplace_attach.h

@@ -0,0 +1,73 @@
+#ifndef BPFTIME_UREPLACE_ATTACH_H
+#define BPFTIME_UREPLACE_ATTACH_H
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <syscall.h>
+#include <linux/perf_event.h>
+#include <linux/bpf.h>
+#include <bpf/bpf.h>
+#include <stdint.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+
+long elf_find_func_offset_from_file(const char *binary_path, const char *name);
+
+#define PERF_UPROBE_REF_CTR_OFFSET_BITS 32
+#define PERF_UPROBE_REF_CTR_OFFSET_SHIFT 32
+#define BPF_TYPE_UFILTER 8
+
+static inline __u64 ptr_to_u64(const void *ptr)
+{
+	return (__u64)(unsigned long)ptr;
+}
+
+static int perf_event_open_ureplace(const char *name, uint64_t offset, int pid,
+				    size_t ref_ctr_off)
+{
+	const size_t attr_sz = sizeof(struct perf_event_attr);
+	struct perf_event_attr attr;
+	int type, pfd;
+
+	if ((__u64)ref_ctr_off >= (1ULL << PERF_UPROBE_REF_CTR_OFFSET_BITS))
+		return -EINVAL;
+
+	memset(&attr, 0, attr_sz);
+
+	type = BPF_TYPE_UFILTER;
+	attr.size = attr_sz;
+	attr.type = type;
+	attr.config |= (__u64)ref_ctr_off << PERF_UPROBE_REF_CTR_OFFSET_SHIFT;
+	attr.config1 = ptr_to_u64(name); /* kprobe_func or uprobe_path */
+	attr.config2 = offset; /* kprobe_addr or probe_offset */
+
+	/* pid filter is meaningful only for uprobes */
+	pfd = syscall(__NR_perf_event_open, &attr, pid < 0 ? -1 : pid /* pid */,
+		      pid == -1 ? 0 : -1 /* cpu */, -1 /* group_fd */,
+		      PERF_FLAG_FD_CLOEXEC);
+	return pfd >= 0 ? pfd : -errno;
+}
+
+static int bpf_prog_attach_ureplace(int prog_fd, const char *binary_path,
+				    const char *name)
+{
+	int offset = elf_find_func_offset_from_file("./victim", "target_func");
+	if (offset < 0) {
+		return offset;
+	}
+	printf("offset: %d", offset);
+	int res = perf_event_open_ureplace("./victim", offset, -1, 0);
+	if (res < 0) {
+		printf("perf_event_open_ureplace failed: %d\n", res);
+		return res;
+	}
+	res = bpf_prog_attach(prog_fd, res, BPF_MODIFY_RETURN, 0);
+	if (res < 0) {
+		printf("bpf_prog_attach failed: %d\n", res);
+		return res;
+	}
+	return 0;
+}
+
+#endif // BPFTIME_UREPLACE_ATTACH_H

example/minimal/victim.c

@@ -11,7 +11,7 @@ int target_func() {
 
 int main(int argc, char *argv[]) {
     while(1) {
-        sleep(2);
+        sleep(1);
         target_func();
     }
     return 0;