@@ -222,6 +222,26 @@ int process_enter_of_syscalls_write_sendto(void* ctx, __u64 fd, __u8 is_tls, cha
222222 if (method != -1 ){
223223 req -> protocol = PROTOCOL_HTTP ;
224224 req -> method = method ;
225+ }else if (parse_client_postgres_data (buf , count , & req -> request_type )){
226+ // TODO: should wait for CloseComplete message in case of statement close
227+ if (req -> request_type == POSTGRES_MESSAGE_CLOSE || req -> request_type == POSTGRES_MESSAGE_TERMINATE ){
228+ req -> protocol = PROTOCOL_POSTGRES ;
229+ req -> method = METHOD_STATEMENT_CLOSE_OR_CONN_TERMINATE ;
230+ struct write_args args = {};
231+ args .fd = fd ;
232+ args .write_start_ns = timestamp ;
233+ bpf_map_update_elem (& active_writes , & id , & args , BPF_ANY );
234+ }
235+ unsigned char log_msg [] = "parse_client_postgres_data -- count||" ;
236+ log_to_userspace (ctx , DEBUG , func_name , log_msg , count , 0 , 0 );
237+ req -> protocol = PROTOCOL_POSTGRES ;
238+ }else if (is_rabbitmq_publish (buf ,count )){
239+ req -> protocol = PROTOCOL_AMQP ;
240+ req -> method = METHOD_PUBLISH ;
241+ struct write_args args = {};
242+ args .fd = fd ;
243+ args .write_start_ns = timestamp ;
244+ bpf_map_update_elem (& active_writes , & id , & args , BPF_ANY );
225245 }else if (is_http2_frame (buf , count )){
226246 struct l7_event * e = bpf_map_lookup_elem (& l7_event_heap , & zero );
227247 if (!e ) {
@@ -253,25 +273,6 @@ int process_enter_of_syscalls_write_sendto(void* ctx, __u64 fd, __u8 is_tls, cha
253273 log_to_userspace (ctx , WARN , func_name , log_msg , r , e -> fd , e -> payload_size );
254274 }
255275 return 0 ;
256- }
257- else if (is_rabbitmq_publish (buf ,count )){
258- req -> protocol = PROTOCOL_AMQP ;
259- req -> method = METHOD_PUBLISH ;
260- struct write_args args = {};
261- args .fd = fd ;
262- args .write_start_ns = timestamp ;
263- bpf_map_update_elem (& active_writes , & id , & args , BPF_ANY );
264- }else if (parse_client_postgres_data (buf , count , & req -> request_type )){
265- // TODO: should wait for CloseComplete message in case of statement close
266- if (req -> request_type == POSTGRES_MESSAGE_CLOSE || req -> request_type == POSTGRES_MESSAGE_TERMINATE ){
267- req -> protocol = PROTOCOL_POSTGRES ;
268- req -> method = METHOD_STATEMENT_CLOSE_OR_CONN_TERMINATE ;
269- struct write_args args = {};
270- args .fd = fd ;
271- args .write_start_ns = timestamp ;
272- bpf_map_update_elem (& active_writes , & id , & args , BPF_ANY );
273- }
274- req -> protocol = PROTOCOL_POSTGRES ;
275276 }else {
276277 req -> protocol = PROTOCOL_UNKNOWN ;
277278 req -> method = METHOD_UNKNOWN ;
@@ -464,36 +465,6 @@ int process_exit_of_syscalls_read_recvfrom(void* ctx, __u64 id, __u32 pid, __s64
464465 }
465466 e -> is_tls = is_tls ;
466467
467- // if http2, send directly to userspace
468- if (is_http2_frame (read_info -> buf ,ret )){
469- e -> protocol = PROTOCOL_HTTP2 ;
470- e -> write_time_ns = timestamp ;
471- e -> fd = read_info -> fd ;
472- e -> pid = k .pid ;
473- e -> method = SERVER_FRAME ;
474- e -> status = 0 ;
475- e -> failed = 0 ; // success
476- e -> duration = 0 ; // total write time
477- e -> is_tls = 1 ;
478- bpf_probe_read (e -> payload , MAX_PAYLOAD_SIZE , read_info -> buf );
479- if (ret > MAX_PAYLOAD_SIZE ){
480- // will not be able to copy all of it
481- e -> payload_size = MAX_PAYLOAD_SIZE ;
482- e -> payload_read_complete = 0 ;
483- }else {
484- e -> payload_size = ret ;
485- e -> payload_read_complete = 1 ;
486- }
487-
488- long r = bpf_perf_event_output (ctx , & l7_events , BPF_F_CURRENT_CPU , e , sizeof (* e ));
489- if (r < 0 ) {
490- unsigned char log_msg [] = "failed write to l7_events h2 -- res|fd|psize" ;
491- log_to_userspace (ctx , WARN , func_name , log_msg , r , e -> fd , e -> payload_size );
492- }
493- bpf_map_delete_elem (& go_active_reads , & k );
494- return 0 ;
495- }
496-
497468 // For a amqp consume, there will be no write, so we will not have a request in active_l7_requests
498469 // Process amqp consume first, if it is not amqp consume, look for a request in active_l7_requests
499470
@@ -521,6 +492,36 @@ int process_exit_of_syscalls_read_recvfrom(void* ctx, __u64 id, __u32 pid, __s64
521492
522493 struct l7_request * active_req = bpf_map_lookup_elem (& active_l7_requests , & k );
523494 if (!active_req ) {
495+ // if http2 server frame, send directly to userspace
496+ if (is_http2_frame (read_info -> buf ,ret )){
497+ e -> protocol = PROTOCOL_HTTP2 ;
498+ e -> write_time_ns = timestamp ;
499+ e -> fd = read_info -> fd ;
500+ e -> pid = k .pid ;
501+ e -> method = SERVER_FRAME ;
502+ e -> status = 0 ;
503+ e -> failed = 0 ; // success
504+ e -> duration = 0 ; // total write time
505+ e -> is_tls = 1 ;
506+ bpf_probe_read (e -> payload , MAX_PAYLOAD_SIZE , read_info -> buf );
507+ if (ret > MAX_PAYLOAD_SIZE ){
508+ // will not be able to copy all of it
509+ e -> payload_size = MAX_PAYLOAD_SIZE ;
510+ e -> payload_read_complete = 0 ;
511+ }else {
512+ e -> payload_size = ret ;
513+ e -> payload_read_complete = 1 ;
514+ }
515+
516+ long r = bpf_perf_event_output (ctx , & l7_events , BPF_F_CURRENT_CPU , e , sizeof (* e ));
517+ if (r < 0 ) {
518+ unsigned char log_msg [] = "failed write to l7_events h2 -- res|fd|psize" ;
519+ log_to_userspace (ctx , WARN , func_name , log_msg , r , e -> fd , e -> payload_size );
520+ }
521+ bpf_map_delete_elem (& go_active_reads , & k );
522+ return 0 ;
523+ }
524+
524525 bpf_map_delete_elem (& active_reads , & id );
525526 return 0 ;
526527 }
0 commit comments