Add benchmarking and fix a few bugs

Add benchmarking project responder-bench
have filter and responder emit extra information (timing and file descriptors)
fix a bug in syn.rs when hashcount is 0

.gitignore

@@ -17,6 +17,7 @@ Cargo.lock
 
 # Data files
 data/
+bench/
 
 # Artifacts
 /bin/

Cargo.toml

@@ -1,2 +1,2 @@
 [workspace]
-members = ["responder", "responder-common", "responder-tools", "xtask"]
+members = ["responder", "responder-common", "responder-tools", "responder-bench", "xtask"]

responder-bench/Cargo.toml

@@ -0,0 +1,17 @@
+[package]
+name = "responder-bench"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+rand = { version = "0.8", features = ["small_rng"] }
+nix = { version = "0.26", features = ["signal"] }
+anyhow = "1"
+clap = { version = "3.1", features = ["derive"] }
+responder-common = { path = "../responder-common", features=["user"] }
+env_logger = "0.9"
+log = "0.4"
+json = "0.12.4"
+regex = "1.7.3"

responder-bench/src/main.rs

@@ -0,0 +1,21 @@
+use clap::Parser;
+
+mod run;
+mod process;
+
+#[derive(Debug, Parser, Default)]
+enum Commands {
+    #[default]
+    Run,
+    Process(process::Options)
+}
+
+
+fn main() -> anyhow::Result<()> {
+    env_logger::init();
+    let commands = Commands::parse();
+    match commands {
+        Commands::Run => run::run(),
+        Commands::Process(opts) => process::process(opts),
+    }
+}

responder-bench/src/process.rs

@@ -0,0 +1,265 @@
+use std::{fmt::Debug, path::{Path, PathBuf}, fs::{File, self}, io::{Read, BufReader, BufRead, Write}, collections::{HashMap, HashSet}, net::Ipv4Addr};
+use anyhow::{Context, bail, anyhow};
+use clap::Parser;
+use json::JsonValue;
+use regex::Regex;
+
+use crate::run::{BENCH_BASE_PATH, BENCH_DATA_PATH, TestType};
+
+fn json_from_file<P>(path: P) -> anyhow::Result<HashMap<String, f64>>
+where
+    P: Debug,
+    P: AsRef<Path>
+{
+    if !path.as_ref().exists() {
+        return Ok(HashMap::new());
+    }
+    let mut vec = vec![];
+    File::open(&path)
+        .context(format!("Failed to open {:?}", path))?
+        .read_to_end(&mut vec)?;
+    let json_val = json::parse(String::from_utf8(vec)?.as_str())?;
+    let json_obj = if let JsonValue::Object(o) = json_val {
+        o
+    } else {
+        bail!("Expected json object, got: {}", json_val);
+    };
+    let mut map = HashMap::new();
+    for (key, val) in json_obj.iter() {
+        let val: f64 = match val {
+            JsonValue::Number(n) => {
+                f64::from(*n)
+            },
+            JsonValue::String(_) | JsonValue::Short(_) => {
+                val.as_str()
+                   .unwrap()
+                   .strip_suffix("%")
+                   .ok_or(anyhow!("Expected percentage String, got: {:?}", val))?
+                   .parse()?
+            },
+            _ => bail!("Expected json number or string, got: {:?}", val),
+        };
+        map.insert(String::from(key), val);
+    }
+    Ok(map)
+}
+
+fn ips_from_file<P>(path: P) -> anyhow::Result<HashSet<Ipv4Addr>>
+where
+    P: Debug,
+    P: AsRef<Path>
+{
+    let f = File::open(path)?;
+    let reader = BufReader::new(f);
+    let mut hashset = HashSet::new();
+    for line in reader.lines() {
+        let line = line?;
+        hashset.insert(line.parse()?);
+    }
+
+    Ok(hashset)
+}
+
+fn parse_rate(rate: &str, unit: &str) -> anyhow::Result<f64> {
+    let multiplier = match unit {
+        "G" => 1_000_000_000f64,
+        "M" => 1_000_000f64,
+        "K" => 1_000f64,
+        "" => 1f64,
+        m => bail!("Unknown unit {} (rate: {})", m, rate)
+    };
+
+    let rate: f64 = rate.parse()?;
+    return Ok(rate * multiplier)
+}
+
+fn zmap_stats<P>(path: P, regex: &Regex) -> anyhow::Result<(f64, f64, f64)>
+where
+    P: Debug,
+    P: AsRef<Path>
+{
+    let f = File::open(path)?;
+    let reader = BufReader::new(f);
+    let mut rates = None;
+    for line in reader.lines() {
+        let line = line?;
+        if let Some(capture) = regex.captures(&line) {
+            let result: anyhow::Result<_> = (|| {
+                let send_rate = capture
+                    .get(1)
+                    .ok_or(anyhow!("Capture group 1 did not match"))?;
+                let send_rate_unit = capture
+                    .get(2)
+                    .ok_or(anyhow!("Capture group 2 did not match"))?;
+                let send_rate = parse_rate(send_rate.as_str(), send_rate_unit.as_str())?;
+
+                let receive_rate = capture
+                    .get(3)
+                    .ok_or(anyhow!("Capture group 3 did not match"))?;
+                let receive_rate_unit = capture
+                    .get(4)
+                    .ok_or(anyhow!("Capture group 4 did not match"))?;
+                let receive_rate = parse_rate(receive_rate.as_str(), receive_rate_unit.as_str())?;
+
+                let drop_rate = capture
+                    .get(5)
+                    .ok_or(anyhow!("Capture group 5 did not match"))?;
+                let drop_rate_unit = capture
+                    .get(6)
+                    .ok_or(anyhow!("Capture group 6 did not match"))?;
+                let drop_rate = parse_rate(drop_rate.as_str(), drop_rate_unit.as_str())?;
+
+
+                Ok((send_rate, receive_rate, drop_rate))
+            })();
+            rates = Some(result.context(format!("Failed to parse stats line: '{}'", line))?);
+        }
+    }
+    rates.ok_or(anyhow!("Failed to find final stats line"))
+}
+
+#[derive(Debug, Parser)]
+pub struct Options {
+    seed: String
+}
+
+pub fn process(opts: Options) -> anyhow::Result<()> {
+    let mut path = PathBuf::new();
+    path.push(BENCH_BASE_PATH);
+    path.push(BENCH_DATA_PATH);
+    path.push(opts.seed);
+
+    let zmap_stats_regex = Regex::new(r"^[^\(;]+(?:\(.+left\))?; send: [^\(;]+done \(([\d\.]+) ([KMG]?)p/s avg\); recv: [^\(;]+\(([\d\.]+) ([KMG]?)p/s avg\); drops: [^\(;]+\(([\d\.]+) ([KMG]?)p/s avg\); hitrate: [^;]+$")?;
+
+    let header_row = [
+        "type",
+        "subnet_size", "hitrate", "bloom_filter_bits", "bloom_filter_hash_count", "zmap_scanrate",
+        "bpf_run_time_total", "bpf_run_count", "bpf_memory_lock",
+        "filter_intern_build_time", "filter_intern_write_time",
+        "filter_extern_time_clock", "filter_extern_cpu_p", "filter_extern_kernel_secs", "filter_extern_user_secs",
+        "zmap_send_rate", "zmap_receive_rate", "zmap_drop_rate",
+        "false_positive_count", "false_negative_count"
+    ];
+    let mut data_rows = vec![];
+    data_rows.push(header_row.map(str::to_string));
+
+    for subnet_dir in path.read_dir().context(format!("Failed to read subnet dirs in path {:?}", &path))? {
+        let subnet_dir = subnet_dir.context(format!("Failed to read file info on file in path {:?}", &path))?;
+        if !subnet_dir
+            .file_type()
+            .context(format!("Failed to read file info on file {:?}", subnet_dir.path()))?
+            .is_dir() {
+                bail!("Expected dir at {:?}", subnet_dir.path())
+            }
+        let subnet = subnet_dir.file_name().into_string().map_err(|e| anyhow!(format!("{:?}", e)))?;
+        for hitrate_dir in subnet_dir.path().read_dir().context(format!("Failed to read hitrate dirs in path {:?}", subnet_dir.path()))? {
+            let hitrate_dir = hitrate_dir.context(format!("Failed to read file info on file in path {:?}",subnet_dir.path()))?;
+            if !hitrate_dir
+                .file_type()
+                .context(format!("Failed to read file info on file {:?}", hitrate_dir.path()))?
+                .is_dir() {
+                    bail!("Expected dir at {:?}", hitrate_dir.path())
+                }
+            let hitrate = hitrate_dir.file_name().into_string().map_err(|e| anyhow!(format!("{:?}", e)))?;
+            let in_ips = ips_from_file(hitrate_dir.path().join("ips.txt")).context(format!("Failed to read ips from {:?}/ips.txt", hitrate_dir.path()))?;
+            for bloom_dir in hitrate_dir.path().read_dir().context(format!("Failed to read bloom dirs in path {:?}", hitrate_dir.path()))? {
+                let bloom_dir = bloom_dir.context(format!("Failed to read file info on file in path {:?}", hitrate_dir.path()))?;
+                if !bloom_dir
+                    .file_type()
+                    .context(format!("Failed to read file info on file {:?}", bloom_dir.path()))?
+                    .is_dir() {
+                        continue;
+                    }
+                let bloom_folder_name = bloom_dir
+                    .file_name()
+                    .into_string()
+                    .map_err(|e| anyhow!(format!("{:?}", e)))?;
+                let (test_type, bloom_bits, bloom_hashes) = if bloom_folder_name.contains('-') {
+                    let (bloom_bits, bloom_hashes) = bloom_folder_name.split_once("-")
+                                                                      .ok_or(anyhow!("Expected filename with -, got {:?}", bloom_dir.file_name()))?;
+                    let bloom_bits = bloom_bits.to_string();
+                    let bloom_hashes = bloom_hashes.to_string();
+                    let test_type = if bloom_hashes.as_str() == "0" {
+                        "empty_filter"
+                    } else if bloom_folder_name.contains("bpf") {
+                        "bpf-stats"
+                    } else {
+                        "normal"
+                    };
+                    (test_type, bloom_bits, bloom_hashes)
+                } else {
+                    ("baseline", String::from("-1"), String::from("-1"))
+                };
+
+                let bloom_path = bloom_dir.path();
+
+                let mut filter_intern_time = json_from_file(bloom_path.join("filter_intern_time.json"))
+                    .context(format!("Failed to parse filter_intern_time.json for {:?}", bloom_path))?;
+                let mut filter_extern_time = json_from_file(bloom_path.join("filter_extern_time.json"))
+                    .context(format!("Failed to parse filter_extern_time.json  for {:?}", bloom_path))?;
+
+                for scan_rate_dir in bloom_dir.path().read_dir().context(format!("Failed to read scan rate dirs in path {:?}", bloom_dir.path()))? {
+                    let scan_rate_dir = scan_rate_dir.context(format!("Failed to read file info on file in path {:?}", bloom_dir.path()))?;
+                    if !scan_rate_dir
+                        .file_type()
+                        .context(format!("Failed to read file info on file {:?}", scan_rate_dir.path()))?
+                        .is_dir() {
+                            continue;
+                        }
+                    let scan_rate = scan_rate_dir.file_name().to_str().unwrap().to_string();
+
+                    let wd_path = scan_rate_dir.path();
+                    let mut bpf_stats = json_from_file(wd_path.join("bpf_stats.json"))
+                        .context(format!("Failed to parse bpf_stats.json for {:?}", wd_path))?;
+                    let out_ips = ips_from_file(wd_path.join("zmap_out_ips.txt"))
+                        .context(format!("Failed to parse zmap_out_ips.txt from {:?}", wd_path))?;
+                    let zmap_stats = zmap_stats(wd_path.join("zmap_stats.txt"), &zmap_stats_regex)
+                        .context(format!("Failed to parse zmap_stats.txt from {:?}", wd_path))?;
+
+                    let get_or_default = |map: &mut HashMap<String, f64>, k: &str| map
+                        .get(k).unwrap_or(&-1f64).to_string();
+
+                    let data_row = (|| {
+                        Ok([
+                            test_type.to_owned(),
+                            subnet.clone(), hitrate.clone(), bloom_bits.clone(), bloom_hashes.clone(), scan_rate.clone(),
+                            get_or_default(&mut bpf_stats, "run_time"),
+                            get_or_default(&mut bpf_stats, "run_count"),
+                            get_or_default(&mut bpf_stats, "mem_lock"),
+                            get_or_default(&mut filter_intern_time, "build"),
+                            get_or_default(&mut filter_intern_time, "write"),
+                            get_or_default(&mut filter_extern_time, "clock"),
+                            get_or_default(&mut filter_extern_time, "cpu_p"),
+                            get_or_default(&mut filter_extern_time, "kernel_s"),
+                            get_or_default(&mut filter_extern_time, "user_s"),
+                            zmap_stats.0.to_string(),
+                            zmap_stats.1.to_string(),
+                            zmap_stats.2.to_string(),
+                            out_ips.difference(&in_ips).count().to_string(),
+                            in_ips.difference(&out_ips).count().to_string(),
+                        ])
+                    })().map_err(|key: String| {
+                        anyhow!("Failed to read data point {} for {:?}", key, wd_path)
+                    })?;
+
+                    let mut f = File::create(wd_path.join("data_row.csv"))?;
+                    f.write_all(header_row.join(",").as_bytes())?;
+                    f.write(&[b'\n'])?;
+                    f.write_all(data_row.join(",").as_bytes())?;
+                    data_rows.push(data_row);
+
+                }
+            }
+        }
+    }
+
+    let data = data_rows.into_iter()
+             .map(|row| row.join(","))
+             .fold(String::new(), |a, b| a + &b + "\n");
+
+
+    File::create(path.join("data.csv"))?.write_all(data.as_bytes())?;
+
+
+    Ok(())
+}

responder-bench/src/run.rs

@@ -0,0 +1,506 @@
+use std::{path::{Path, PathBuf}, fs::{File, self, OpenOptions}, io::{BufWriter, Write, self, Read, BufRead}, net::Ipv4Addr, process::{Command, self, Stdio}, time::{Instant, Duration}, thread};
+use json::JsonValue;
+use log::info;
+use rand::prelude::*;
+use anyhow::{Context, ensure, anyhow};
+
+mod args;
+mod error;
+pub use crate::run::args::*;
+pub use crate::run::error::*;
+pub use crate::run::args::TestType::*;
+
+pub const BENCH_BASE_PATH: &str = "bench";
+pub const BENCH_DATA_PATH: &str = "data";
+pub const BENCH_BIN_PATH: &str = "bin";
+pub const BENCH_LOG_PATH: &str = "log";
+
+const XDP_LOAD_TIMEOUT_SECS: u64 = 5;
+
+const PRIVILEGE_RUNNER: [&str;1] = ["sudo"];
+
+fn log<R>(log_path: &Path, reader: &mut R, name: &str) -> anyhow::Result<()>
+where
+    R: ?Sized,
+    R: Read
+{
+    fs::create_dir_all(log_path)?;
+    let path = log_path.join(format!("{}.log", name));
+    let mut file = OpenOptions::new().append(true).create(true).open(&path)
+        .context(format!("Failed to create logfile {}", path.to_str().unwrap()))?;
+    io::copy(reader, &mut file)
+        .context(format!("Failed to write to logfile {}", path.to_str().unwrap()))?;
+
+    Ok(())
+}
+
+fn log_both<R1, R2>(log_path: &Path, stderr: &mut R1, stdout: &mut R2, name: &str) -> anyhow::Result<()>
+where
+    R1: ?Sized,
+    R2: ?Sized,
+    R1: Read,
+    R2: Read
+{
+    let stderr_name = format!("{}.stderr", name);
+    log(log_path, stderr, &stderr_name.as_str())?;
+
+    let stdout_name = format!("{}.stdout", name);
+    log(log_path, stdout, &stdout_name.as_str())?;
+
+    Ok(())
+}
+
+pub fn run() -> Result<(), anyhow::Error> {
+    clean().context("Cleaning bench folder")?;
+
+    let cores: u32 = 4;
+
+    let seed: u64 = 0x1337133713371337;
+    // let scan_sizes: Vec<u64> = vec![8, 16];//, 24];//,32]; // TODO 8 only for test purposes
+    let scan_sizes: Vec<u64> = vec![24];
+    // let hit_rates: Vec<f64> = vec![0.001, 0.0032,0.01,0.032,0.1];
+    let hit_rates: Vec<f64> = vec![0.02];
+    // let false_positive_rates: Vec<TestType> = vec![Baseline, EmptyFilter,Normal(0.1),Normal(0.01),Normal(0.001),Normal(0.0001)];
+    let false_positive_rates: Vec<TestType> = vec![Baseline, Normal(0.001), BpfStats(0.001)];
+    // let scan_rates: Vec<u64> = vec![316_000, 562_000, 1_000_000, 1_780_000, 3_160_000];
+    let scan_rates: Vec<u64> = vec![300000, 377678, 475468, 598579, 753566, 948683, 1194322, 1503562, 1892872, 2382985, 3000000];
+
+    // baseline test against dummy interface (drop all)
+
+    for scan_size in &scan_sizes {
+        for hit_rate in &hit_rates {
+            let data_args = DataArgs::from(seed, *scan_size, *hit_rate);
+            if data_args.entries == 0 {
+                info!("Skipping {}; no entries", data_args);
+                continue;
+            }
+
+            info!("Building IP file for {}", data_args);
+            let (ip_file_path, subnet) = build_ip_file(data_args)
+                .context(format!("Building ip file for {}", data_args))?;
+
+            info!("subnet for {} is {}", data_args, subnet);
+
+            for test_type in &false_positive_rates {
+                let bloom_args = BloomFilterArgs::from(data_args, *test_type);
+
+                info!("Building binaries for {} {}", data_args, bloom_args);
+                build_binaries(data_args, bloom_args)
+                    .context(format!("Failed to build binaries for {} {}", data_args, bloom_args))?;
+
+                info!("Building filter for {} {}", data_args, bloom_args);
+                let filter_path = build_filter(data_args, bloom_args, ip_file_path.as_path())
+                    .context(format!("Failed to build filter for {} {}", data_args, bloom_args))?;
+                for scan_rate in &scan_rates {
+                    let scan_args = ScanArgs::new(*scan_rate);
+                    let args = BenchArgs {data_args, bloom_filter_args: bloom_args, scan_args};
+
+                    let run_output = (|| {
+                        fs::create_dir_all(args.wd_path())
+                            .context("Failed to create wd")
+                            .map_err(|e| (None, e))?;
+
+                        let (handle, stderr_handle, stdout_handle)  = match test_type {
+                            Normal(_) | EmptyFilter | BpfStats(_) => {
+                                info!("Loading XDP program for {}", args);
+                                let (handle, stderr_handle, stdout_handle) = load_xdp(args, Some(filter_path.as_path()))
+                                    .map_err(|(h, e)| (h, e.context(format!("Loading XDP program for {}", args))))?;
+
+                                (Some(handle), Some(stderr_handle), Some(stdout_handle))
+                            },
+                            Baseline => {
+                                info!("Not loading XDP program for {}", args);
+                                (None, None, None)
+                            }
+                        };
+
+                        if let BpfStats(_) = test_type {
+                            info!("Enabling bpf_stats");
+                            if let Err(e) = set_bpf_stats(args, true) {
+                                return Err((handle, e));
+                            }
+                        }
+
+                        info!("Running zmap for {}", args);
+                        let zmap_result = run_zmap(args, subnet)
+                            .context(format!("Running zmap for {}", args));
+                        if let Err(e) = zmap_result {
+                            return Err((handle, e));
+                        }
+                        let zmap_output = zmap_result.unwrap();
+
+                        let bpf_stats = match test_type {
+                            BpfStats(_) => {
+                                info!("Disabling and collecting bpf_stats");
+                                if let Err(e) = set_bpf_stats(args, false) {
+                                    return Err((handle, e));
+                                }
+                                let bpf_stats_result = read_bpf_stats(args)
+                                    .context(format!("Failed to read bpf stats for {}", args));
+                                if let Err(e) = bpf_stats_result {
+                                    return Err((handle, e));
+                                }
+                                let bpf_stats = bpf_stats_result.unwrap();
+
+                                Some(bpf_stats)
+                            }
+                            _ => {
+                                None
+                            }
+                        };
+
+                        let responder_output = match test_type {
+                            BpfStats(_) | Normal(_) | EmptyFilter => {
+                                info!("Telling 'responder' to unload XDP");
+                                let responder_output = unload_xdp(args, handle.unwrap())
+                                    .map_err(|(h, e)| (h, e.context(format!("Could not successfully unload XDP program for {}", args))))?;
+                                Some(responder_output)
+                            }
+                            Baseline => {
+                                None
+                            }
+                        };
+
+                        Ok((zmap_output, responder_output, bpf_stats, stderr_handle, stdout_handle))
+                    })();
+
+                    let (zmap_output, _responder_output, bpf_stats, responder_stderr_handle, responder_stdout_handle) = run_output.map_err(|(handle, e)| {
+                        if let Some(mut handle) = handle {
+                            let kill_result = handle.kill();
+                            if let Err(kill_e) = kill_result {
+                                return anyhow!(kill_e)
+                                    .context(e)
+                                    .context(format!("Failed to kill responder process for {}; Killed because of reason below", args));
+                            }
+                        }
+                        e
+                    })?;
+
+                    if let Some(responder_stderr_handle) = responder_stderr_handle {
+                        responder_stderr_handle.join()
+                                               .map_err(|_| anyhow!("stderr thread panicked"))
+                                               .and(responder_stdout_handle.unwrap().join()
+                                                    .map_err(|_| anyhow!("stdout thread panicked")))
+                                               .and_then(|res| res)
+                                               .context(format!("Error occured in a log thread for {}", args))?;
+                    }
+
+                    File::create(args.wd_path().join("zmap_stats.txt"))
+                        .context(format!("Failed to create zmap_stats.txt file for {}", args))?
+                        .write_all(&zmap_output.stderr.as_slice())
+                        .context(format!("Failed to write to zmap_stats.txt file for {}", args))?;
+                    if let Some(bpf_stats) = bpf_stats {
+                        File::create(args.wd_path().join("bpf_stats.json"))
+                            .context(format!("Failed to create bpf_stats.json file for {}", args))?
+                            .write_all(format!("{{\"run_count\": {}, \"run_time\": {}, \"mem_lock\": {}}}", bpf_stats.0, bpf_stats.1, bpf_stats.2).as_bytes())
+                            .context(format!("Failed to write to bpf_stats.json file for {}", args))?;
+                    }
+                }
+            }
+        }
+    }
+    Ok(())
+}
+
+fn clean() -> anyhow::Result<()> {
+    fs::remove_dir_all(PathBuf::from(BENCH_BASE_PATH)).context(format!("Failed to clean path: {:?}", BENCH_BASE_PATH))?;
+    Ok(())
+}
+
+fn next_ip(rng: &mut SmallRng, mask: u32) -> u32 {
+    loop {
+        let ip = rng.next_u32() & mask;
+        if ip & 0xff000000 != 0x7f000000 {
+            // can not have ips in
+            break ip;
+        }
+    }
+}
+
+fn build_ip_file(data_args: DataArgs) -> anyhow::Result<(PathBuf, Ipv4Addr)> {
+    let mut path = PathBuf::new();
+    path.push(BENCH_BASE_PATH);
+    path.push(BENCH_DATA_PATH);
+    path.push(data_args.rel_path());
+    path.push("ips.txt");
+
+    fs::create_dir_all(path.parent().unwrap())?;
+
+    let ip_file = File::create(&path)?;
+    let mut writer = BufWriter::new(ip_file);
+
+    let mut rng = SmallRng::seed_from_u64(data_args.seed);
+
+    let lower_subnet_mask = (1 << (data_args.scan_subnet_size as u32)) - 1;
+    let upper_subnet_mask = u32::MAX - lower_subnet_mask;
+
+    let subnet = next_ip(&mut rng, upper_subnet_mask);
+
+    for _ in 0..data_args.entries {
+        let ip = subnet | next_ip(&mut rng, lower_subnet_mask);
+        writer.write(Ipv4Addr::from(ip).to_string().as_bytes())?;
+        writer.write(b"\n")?;
+    }
+
+    Ok((path, Ipv4Addr::from(subnet)))
+}
+
+fn build_binaries(data_args: DataArgs, bloom_args: BloomFilterArgs) -> anyhow::Result<()> {
+    let bin_path = BenchArgs::bin_bin_path(data_args, bloom_args);
+    fs::create_dir_all(&bin_path).context("Failed to create bench dir")?;
+    let output = Command::new("cargo")
+        .args([
+            "xtask",
+            "build-artifacts",
+            "--output-folder", bin_path.to_str().unwrap()
+        ])
+        .env("BLOOMFILTER_ADDRESS_BITS", bloom_args.address_bits.to_string())
+        .env("BLOOMFILTER_ADDRESS_BITS_CHUNK", bloom_args.chunk_address_bits.to_string())
+        .env("BLOOMFILTER_HASH_COUNT", bloom_args.hash_count.to_string())
+        .stdin(Stdio::null())
+        .stderr(Stdio::piped())
+        .stdout(Stdio::null())
+        .output()
+        .context("Failed to run cargo xtask build-artifacts")?;
+
+    let log_path = BenchArgs::bin_log_path(data_args, bloom_args);
+    log_both(&log_path, &mut output.stderr.as_slice(), &mut output.stdout.as_slice(), "build-artifacts")?;
+    ensure!(output.status.success(), CommandError::new(output, log_path));
+
+    Ok(())
+}
+
+fn build_filter(data_args: DataArgs, bloom_args: BloomFilterArgs, ip_file_path: &Path) -> anyhow::Result<PathBuf> {
+    let path = BenchArgs::bin_wd_path(data_args, bloom_args).join("ips.bfb");
+    fs::create_dir_all(path.parent().unwrap()).context("Failed to create bench dir")?;
+
+    let output = Command::new("/usr/bin/time")
+        .args([
+            // time args
+            "-o", BenchArgs::bin_wd_path(data_args, bloom_args).join("filter_extern_time.json").to_str().unwrap(),
+            "--format", "{\"clock\": %e, \"cpu_p\": \"%P\", \"kernel_s\": %S, \"user_s\": %U}",
+
+            // actual command
+            BenchArgs::bin_bin_path(data_args, bloom_args).join("tools/build_filter").to_str().unwrap(),
+            "--force",
+            "--timing-path", BenchArgs::bin_wd_path(data_args, bloom_args).join("filter_intern_time.json").to_str().unwrap(),
+            ip_file_path.to_str().unwrap(),
+            path.to_str().unwrap()
+        ])
+        .env("RUST_LOG", "info")
+        .stdin(Stdio::null())
+        .stderr(Stdio::piped())
+        .stdout(Stdio::piped())
+        .output()
+        .context("Failed to run build_filter binary")?;
+
+    let log_path = BenchArgs::bin_log_path(data_args, bloom_args);
+    log_both(&log_path, &mut output.stderr.as_slice(), &mut output.stdout.as_slice(), "build-filter")?;
+    ensure!(output.status.success(), CommandError::new(output, log_path));
+
+    Ok(path)
+}
+
+type LogJoinHandle = thread::JoinHandle<anyhow::Result<()>>;
+
+fn load_xdp(bench_args: BenchArgs, filter_path: Option<&Path>) -> Result<(process::Child, LogJoinHandle, LogJoinHandle), (Option<process::Child>, anyhow::Error)> {
+    let responder_path = bench_args.bin_path().join("responder");
+    let target= bench_args.bin_path().join("ebpf");
+    let fd_info_out_path = bench_args.wd_path().join("responder_info.json");
+    let mut args = Vec::from(PRIVILEGE_RUNNER);
+    args.extend_from_slice(&[
+        responder_path.to_str().unwrap(),
+        "--target", target.to_str().unwrap(),
+        "--fd-info-out-path", fd_info_out_path.to_str().unwrap(),
+    ]);
+    if let Some(path) = filter_path {
+        args.extend_from_slice(&["--bfb", path.to_str().unwrap()]);
+    }
+
+    let mut handle = Command::new(args.remove(0))
+        .args(args)
+        .env("RUST_LOG", "info")
+        .stdin(Stdio::piped())
+        .stderr(Stdio::piped())
+        .stdout(Stdio::piped())
+        .spawn()
+        .context("Failed to run responder to load XDP")
+        .map_err(|e| (None, e))?;
+
+    let mut stderr = handle.stderr.take().unwrap();
+    let mut stdout = handle.stdout.take().unwrap();
+
+    let stderr_handle = thread::spawn(move || log(&bench_args.log_path(), &mut stderr, "responder.stderr"));
+    let stdout_handle = thread::spawn(move || log(&bench_args.log_path(), &mut stdout, "responder.stdout"));
+
+    if let Err(e) = try_wait_xdp_loaded(bench_args, &mut handle) {
+        return Err((Some(handle), e));
+    }
+
+    return Ok((handle, stderr_handle, stdout_handle));
+}
+
+fn try_wait_xdp_loaded(_bench_args: BenchArgs, handle: &mut process::Child) -> anyhow::Result<()> {
+    let start = Instant::now();
+    let mut last_ip_link = None;
+    while start.elapsed().as_secs() < XDP_LOAD_TIMEOUT_SECS {
+        if let Some(_) = handle.try_wait()? {
+            return Err(anyhow!("Responder exited too early"));
+        }
+
+        let output = Command::new("ip")
+            .args(["link", "show", "lo"])
+            .output()
+            .context("Failed to run 'ip link show lo'")?;
+
+        let ip_link_info = String::from_utf8(output.stdout)?;
+        last_ip_link = Some(ip_link_info.clone());
+
+        if let Some(l) = ip_link_info.lines().skip(2).next() {
+            if let Some(id) = l.strip_prefix("    prog/xdp id") {
+                info!("XDP loaded; id:{}", id);
+                return Ok(())
+            }
+        }
+
+        thread::sleep(Duration::from_millis(100));
+    }
+
+    Err(anyhow!(
+        "XDP program did not load within timeout ({}); last ip link show lo info: {}",
+        XDP_LOAD_TIMEOUT_SECS,
+        last_ip_link.unwrap_or(String::from("no ip link info"))
+    ))
+
+}
+
+fn unload_xdp(bench_args: BenchArgs,mut handle: process::Child) -> Result<process::Output, (Option<process::Child>, anyhow::Error)> {
+    let result = handle.stdin.take().unwrap().write(&[b'\n']);
+
+    if let Err(e) = result {
+        return Err((Some(handle), anyhow!(e)));
+    }
+
+    let output = handle.wait_with_output().map_err(|e| (None, anyhow!(e)))?;
+
+    if !output.status.success() {
+        return Err((None, anyhow!(CommandError::new(output, bench_args.log_path()))));
+    }
+
+    return Ok(output);
+}
+
+fn set_bpf_stats(bench_args: BenchArgs, enabled: bool) -> anyhow::Result<()> {
+    let setting = format!("kernel.bpf_stats_enabled={}", if enabled {1} else {0});
+    let mut args = Vec::from(PRIVILEGE_RUNNER);
+    args.extend_from_slice(&[
+        "sysctl", "-w", setting.as_str()
+    ]);
+
+    let output = Command::new(args.remove(0))
+        .args(args)
+        .stdin(Stdio::null())
+        .stderr(Stdio::piped())
+        .stdout(Stdio::piped())
+        .output()
+        .context("Failed to run sysctl")?;
+
+    let name = format!("sysctl_{}", if enabled {"enable"} else {"disable"});
+    log_both(&bench_args.log_path(), &mut output.stderr.as_slice(), &mut output.stdout.as_slice(), name.as_str())?;
+    ensure!(output.status.success(), CommandError::new(output, bench_args.log_path()));
+
+    Ok(())
+}
+
+fn read_bpf_stats(bench_args: BenchArgs) -> anyhow::Result<(u128, u128, u128)> {
+    // TODO Also collect memlock
+    let mut info = vec![];
+    File::open(bench_args.wd_path().join("responder_info.json"))
+        .context("Failed to open responder_info.json file")?
+        .read_to_end(&mut info)?;
+    let info = json::parse(String::from_utf8(info)?.as_str())?;
+    if let JsonValue::Object(o) = info {
+        let fd = o.get("fd").ok_or(anyhow!("No key fd found in responder_info.json file"))?.as_u64().unwrap();
+        let pid = o.get("pid").ok_or(anyhow!("No key pid found in responder_info.json file"))?.as_u64().unwrap();
+        let mut path = PathBuf::from("/proc");
+        path.push(pid.to_string());
+        path.push("fdinfo");
+        path.push(fd.to_string());
+
+        let mut args = Vec::from(PRIVILEGE_RUNNER);
+        args.extend_from_slice(&[
+            "cat", path.to_str().unwrap()
+        ]);
+
+        let output = Command::new(args.remove(0))
+            .args(args)
+            .stdin(Stdio::null())
+            .stderr(Stdio::piped())
+            .stdout(Stdio::piped())
+            .output()
+            .context("Failed to read fd info from /proc/[pid]/fdinfo/[fd]")?;
+
+        log_both(&bench_args.log_path(), &mut output.stderr.as_slice(), &mut output.stdout.as_slice(), "procfs")?;
+        ensure!(output.status.success(), CommandError::new(output, bench_args.log_path()));
+
+        let mut run_time: Option<u128> = None;
+        let mut run_count: Option<u128> = None;
+        let mut mem_lock: Option<u128> = None;
+
+        for line in output.stdout.lines() {
+            let line = line?;
+            if let Some(run_time_str) = line.as_str().strip_prefix("run_time_ns:") {
+                run_time = Some(run_time_str.trim().parse()?);
+            } else if let Some(run_count_str) = line.as_str().strip_prefix("run_cnt:") {
+                run_count = Some(run_count_str.trim().parse()?);
+            } else if let Some(mem_lock_str) = line.as_str().strip_prefix("memlock:") {
+                mem_lock = Some(mem_lock_str.trim().parse()?);
+            }
+        }
+
+        return match (run_count, run_time, mem_lock) {
+            (None, _, _) => Err(anyhow!("Could not read run_cnt from fdinfo file")),
+            (_, None, _) => Err(anyhow!("Could not read run_time_ns from fdinfo file")),
+            (_, _, None) => Err(anyhow!("Could not read mem_lock from fdinfo file")),
+            (Some(run_count), Some(run_time), Some(mem_lock)) => Ok((run_count, run_time, mem_lock))
+        }
+    } else {
+        return Err(anyhow!("Could not read json object from responder_info.json file"));
+    }
+}
+
+fn run_zmap(bench_args: BenchArgs, subnet: Ipv4Addr) -> anyhow::Result<process::Output> {
+    let subnet_string = format!("{}/{}",subnet, 32 - bench_args.data_args.scan_subnet_size);
+    let output_file = bench_args.wd_path().join("zmap_out_ips.txt");
+    let rate_string = bench_args.scan_args.rate.to_string();
+    let interface = match bench_args.bloom_filter_args.test_type {
+        Baseline => "dummyif",
+        _ => "lo",
+    };
+    let seed = bench_args.data_args.seed.to_string();
+    let mut args = Vec::from(PRIVILEGE_RUNNER);
+    args.extend_from_slice(&[
+        "zmap",
+        subnet_string.as_str(),
+        "--target-port=80",
+        "--interface", interface,
+        "--gateway-mac=00:00:00:00:00:00",
+        "--output-file", output_file.to_str().unwrap(),
+        "--rate", rate_string.as_str(),
+        "--sender-threads=7",
+        "--cooldown-time=1",
+        "--seed", seed.as_str(),
+    ]);
+    let output = Command::new(args.remove(0))
+        .args(args)
+        .stdin(Stdio::null())
+        .stderr(Stdio::piped())
+        .stdout(Stdio::piped())
+        .output()
+        .context("Failed to run zmap")?;
+
+    log_both(&bench_args.log_path(), &mut output.stderr.as_slice(), &mut output.stdout.as_slice(), "zmap")?;
+    ensure!(output.status.success(), CommandError::new(output, bench_args.log_path()));
+
+    return Ok(output);
+}

responder-bench/src/run/args.rs

@@ -0,0 +1,195 @@
+use std::{fmt::Display, path::PathBuf};
+
+use crate::run::{BENCH_BASE_PATH, BENCH_DATA_PATH, BENCH_BIN_PATH, BENCH_LOG_PATH};
+use crate::run::args::TestType::*;
+
+const CHUNK_MAX_BITS: u64 = 18;
+const ADDRESS_MIN_BITS: u64 = 3;
+
+
+#[derive(Debug, Copy, Clone)]
+pub struct BenchArgs {
+    pub data_args: DataArgs,
+    pub bloom_filter_args: BloomFilterArgs,
+    pub scan_args: ScanArgs
+}
+
+impl Display for BenchArgs {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "BenchArgs({}, {}, {})", self.data_args, self.bloom_filter_args, self.scan_args)
+    }
+}
+
+#[derive(Debug, Copy, Clone)]
+pub struct DataArgs {
+    pub seed: u64,
+    pub scan_subnet_size: u64,
+    pub hit_rate: f64,
+    pub entries: u64,
+}
+
+impl Display for DataArgs {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "Data(seed: {}, subnet: {}, hit rate: {})", self.seed, self.scan_subnet_size, self.hit_rate)
+    }
+}
+
+#[derive(Debug, Copy, Clone)]
+pub struct BloomFilterArgs {
+    pub test_type: TestType,
+    pub address_bits: u64,
+    pub chunk_address_bits: u64,
+    pub hash_count: u64,
+}
+
+impl Display for BloomFilterArgs {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "BloomFilter(type: {}, address bits: {}, hashes: {})",self.test_type, self.address_bits, self.hash_count)
+    }
+}
+
+#[derive(Debug, Copy, Clone)]
+pub struct ScanArgs {
+    pub rate: u64
+}
+
+impl Display for ScanArgs {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "Scan(rate: {})", self.rate)
+    }
+}
+
+impl BenchArgs {
+    pub fn rel_path(&self) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(self.data_args.rel_path());
+        path.push(self.bloom_filter_args.rel_path());
+        path.push(self.scan_args.rel_path());
+        return path;
+    }
+
+    pub fn wd_path(&self) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(BENCH_BASE_PATH);
+        path.push(BENCH_DATA_PATH);
+        path.push(self.rel_path());
+        return path;
+    }
+
+    pub fn bin_path(&self) -> PathBuf {
+        Self::bin_bin_path(self.data_args, self.bloom_filter_args)
+    }
+
+    pub fn bin_bin_path(data_args: DataArgs, bloom_args: BloomFilterArgs) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(BENCH_BASE_PATH);
+        path.push(BENCH_BIN_PATH);
+        path.push(data_args.rel_path());
+        path.push(bloom_args.rel_path());
+        return path;
+    }
+
+    pub fn bin_log_path(data_args: DataArgs, bloom_args: BloomFilterArgs) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(BENCH_BASE_PATH);
+        path.push(BENCH_LOG_PATH);
+        path.push(data_args.rel_path());
+        path.push(bloom_args.rel_path());
+        return path;
+    }
+
+    pub fn bin_wd_path(data_args: DataArgs, bloom_args: BloomFilterArgs) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(BENCH_BASE_PATH);
+        path.push(BENCH_DATA_PATH);
+        path.push(data_args.rel_path());
+        path.push(bloom_args.rel_path());
+        return path;
+    }
+
+    pub fn log_path(&self) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(BENCH_BASE_PATH);
+        path.push(BENCH_LOG_PATH);
+        path.push(self.rel_path());
+        return path;
+    }
+}
+
+impl DataArgs {
+    pub fn from(seed: u64, scan_subnet_size: u64, hit_rate: f64) -> Self {
+        let entries = (((1u64 << scan_subnet_size) as f64) * hit_rate).round() as u64;
+        Self {
+            seed,
+            scan_subnet_size,
+            hit_rate,
+            entries
+        }
+    }
+
+    pub fn rel_path(&self) -> PathBuf {
+        let mut path = PathBuf::new();
+        path.push(self.seed.to_string());
+        path.push(self.scan_subnet_size.to_string());
+        path.push(self.hit_rate.to_string());
+        return path;
+    }
+}
+
+impl BloomFilterArgs {
+    pub fn from(data_args: DataArgs, test_type: TestType) -> BloomFilterArgs {
+        match test_type {
+            Normal(false_hit_rate) | BpfStats(false_hit_rate) => {
+                let hash_count = (-false_hit_rate.log2()).round();
+                let size = (data_args.entries as f64) * (hash_count/ 2f64.ln());
+                let address_bits = size.log2().round() as u64;
+                let address_bits = ADDRESS_MIN_BITS.max(address_bits);
+                let chunk_address_bits = CHUNK_MAX_BITS.min(address_bits);
+
+                BloomFilterArgs {
+                    test_type,
+                    address_bits,
+                    chunk_address_bits,
+                    hash_count: hash_count as u64
+                }
+            }
+            Baseline | EmptyFilter => BloomFilterArgs {
+                test_type,
+                address_bits: ADDRESS_MIN_BITS,
+                chunk_address_bits: ADDRESS_MIN_BITS,
+                hash_count: 0
+            },
+        }
+    }
+
+    pub fn rel_path(&self) -> PathBuf {
+        match self.test_type {
+            BpfStats(_) => PathBuf::from(format!("{}-{}-bpf", self.address_bits, self.hash_count)),
+            Normal(_) | EmptyFilter => PathBuf::from(format!("{}-{}", self.address_bits, self.hash_count)),
+            Baseline => PathBuf::from("baseline"),
+        }
+    }
+}
+
+impl ScanArgs {
+    pub fn new(rate: u64) -> Self {
+        Self {
+            rate
+        }
+    }
+
+    pub fn rel_path(&self) -> PathBuf {
+        PathBuf::from(self.rate.to_string())
+    }
+}
+
+#[derive(Debug, Copy, Clone)]
+pub enum TestType {
+    Baseline, EmptyFilter, BpfStats(f64), Normal(f64)
+}
+
+impl Display for TestType {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "{:?}", self)
+    }
+}

responder-bench/src/run/error.rs

@@ -0,0 +1,44 @@
+use std::{process, path::PathBuf, fmt::Display, fs};
+
+#[derive(Debug, Clone)]
+pub struct CommandError {
+    output: process::Output,
+    log_path: PathBuf,
+}
+
+impl CommandError {
+    pub fn new(output: process::Output, log_path: PathBuf) -> Self {
+        Self {
+            output, log_path
+        }
+    }
+}
+
+impl Display for CommandError {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let log_path = fs::canonicalize(&self.log_path)
+            .map(|p| p.to_str()
+                 .map(String::from)
+                 .unwrap_or(format!("[path not valid utf-8: {:?}]", p)))
+            .unwrap_or_else(|e| format!("[invalid path; reason: {}]", e));
+
+        write!(
+            f,
+            "Command exited with non-zero exit code ({}). Logs can be viewed at {}\nExcerpt from stderr:\n----\n",
+            self.output.status.code()
+                              .map(|n| i32::to_string(&n))
+                              .unwrap_or("??".to_owned()),
+            log_path
+        )?;
+
+        let buf: Vec<_> = self.output.stderr.rsplit(|b| *b == b'\n').take(10).collect();
+
+        for line in buf.into_iter().rev() {
+            write!(f, "{}\n", String::from_utf8(line.to_vec()).unwrap_or(String::from("[LINE NOT VALID UTF-8]")))?;
+        }
+
+        write!(f, "----\n")?;
+
+        Ok(())
+    }
+}

responder-ebpf/src/bin/syn.rs

@@ -7,7 +7,6 @@ use aya_bpf::{
     maps::Array,
     programs::XdpContext,
 };
-use aya_log_ebpf::info;
 
 use responder_ebpf::util::*;
 use responder_ebpf::bindings::tcphdr;
@@ -54,7 +53,9 @@ static FILTER_MAP: Array<bloom_filter::ChunkType> =
 unsafe fn matches_filter(_ctx: &XdpContext, daddr: IpAddr) -> bool {
     match daddr {
         IpAddr::V4(daddr) => {
+            let mut res = false;
             for hash_offset in 0..bloom_filter::HASH_COUNT {
+                res = true;
                 let hash = bloom_filter::hash(daddr, hash_offset);
                 let map_i = hash >> (bloom_filter::ADDRESS_BITS_CHUNK as u32);
                 let chunk_i = hash & (bloom_filter::ADDRESS_MASK_CHUNK as u32);
@@ -71,7 +72,7 @@ unsafe fn matches_filter(_ctx: &XdpContext, daddr: IpAddr) -> bool {
                     return false
                 }
             }
-            true
+            res
         }
         IpAddr::V6(_daddr) => {
             false // TODO

responder-tools/src/bin/build_filter.rs

@@ -11,6 +11,8 @@ struct Options {
     pub out_path: Option<PathBuf>,
     #[clap(short, long)]
     pub force: bool,
+    #[clap(short, long)]
+    pub timing_path: Option<PathBuf>
 }
 
 fn main() -> Result<(), anyhow::Error> {
@@ -38,8 +40,8 @@ fn build_filter(opts: Options) -> Result<(), anyhow::Error> {
     let start = Instant::now();
 
     // let mut addresses = Vec::new();
-    let mut bloom_filter: Vec<u8> = Vec::with_capacity(bloom_filter::BITS>>3);
-    bloom_filter.resize(bloom_filter::BITS >> 3, 0);
+    let mut bloom_filter_vec: Vec<u8> = Vec::with_capacity(bloom_filter::BITS>>3);
+    bloom_filter_vec.resize(bloom_filter::BITS >> 3, 0);
 
     let f = File::open(opts.ip_path)?;
     let reader = BufReader::new(f);
@@ -52,13 +54,14 @@ fn build_filter(opts: Options) -> Result<(), anyhow::Error> {
         let key = u32::from(line.parse::<Ipv4Addr>()?);
         // addresses.push(key);
         let mut clashes = true;
+        info!("{}", bloom_filter::HASH_COUNT);
         for i in 0..bloom_filter::HASH_COUNT {
             let hash = bloom_filter::hash(key, i);
             let i = hash >> 3;
             let byte_i = hash & 7;
             // info!("{} {} {} {}", line, hash, i, byte_i);
-            clashes = clashes && ((bloom_filter[i as usize] >> (7 - byte_i)) & 1 == 1);
-            bloom_filter[i as usize] |= 0x80 >> byte_i;
+            clashes = clashes && ((bloom_filter_vec[i as usize] >> (7 - byte_i)) & 1 == 1);
+            bloom_filter_vec[i as usize] |= 0x80 >> byte_i;
         }
         if clashes {
             clash_count += 1;
@@ -69,11 +72,20 @@ fn build_filter(opts: Options) -> Result<(), anyhow::Error> {
     let filter = start.elapsed();
 
     let mut file = File::create(out_path)?;
-    let byte_slice: &[u8] = bloom_filter.as_slice();
+    file.write(&(bloom_filter::ADDRESS_BITS as u64).to_be_bytes())?;
+    file.write(&(bloom_filter::ADDRESS_BITS_CHUNK as u64).to_be_bytes())?;
+
+
+    let byte_slice: &[u8] = bloom_filter_vec.as_slice();
     file.write_all(byte_slice)?;
 
     let end = start.elapsed();
 
     info!("build filter: {:?} write: {:?} | total: {:?}", filter, end-filter, end);
+
+    if let Some(path) = opts.timing_path {
+        File::create(path)?.write_all(format!("{{\"write\": {}, \"build\": {}}}\n",(end-filter).as_nanos(), filter.as_nanos()).as_bytes())?;
+    }
+
     Ok(())
 }

responder/src/main.rs

@@ -1,4 +1,4 @@
-use std::{path::PathBuf, time::Instant, fs::File, io::Read};
+use std::{path::PathBuf, time::Instant, fs::File, io::{Read, self, Write}, os::unix::prelude::AsRawFd, process};
 
 use aya::{Bpf, maps::Array as BpfArray};
 use anyhow::{anyhow, Context};
@@ -29,6 +29,8 @@ struct Opt {
     bfb: Option<String>,
     #[clap(default_value = DEFAULT_TARGET, long)]
     target: PathBuf,
+    #[clap(short, long)]
+    fd_info_out_path: Option<PathBuf>
 }
 
 #[tokio::main]
@@ -61,9 +63,14 @@ This can happen if the loaded eBPF program has no log statements.", e);
                xdp_name
            ))?;
 
-    info!("Loaded {} XDP program", xdp_name);
+    info!("Loaded {} XDP program; FD: {}", xdp_name, program.fd().unwrap().as_raw_fd());
 
 
+    if let Some(path) = opt.fd_info_out_path {
+        info!("Emitting pid and fd to {:?}", &path);
+        let info = format!("{{\"fd\": {}, \"pid\": {}}}\n", program.fd().unwrap().as_raw_fd(), process::id());
+        File::create(path)?.write_all(info.as_bytes())?;
+    }
 
     if let Some(bfb_path) = opt.bfb {
         info!("Installing filter rules from {}", bfb_path);
@@ -71,6 +78,26 @@ This can happen if the loaded eBPF program has no log statements.", e);
             BpfArray::try_from(bpf.map_mut("FILTER_MAP")
                                .ok_or(anyhow!("Could not construct mutable FILTER_MAP"))?)?;
         let mut bloom_filter_binary = File::open(bfb_path)?;
+        let mut dimensions_buf: [u8; 8] = [0u8; 8];
+
+        bloom_filter_binary.read_exact(&mut dimensions_buf)?;
+        let file_address_bits = u64::from_be_bytes(dimensions_buf);
+        if file_address_bits != (bloom_filter::ADDRESS_BITS as u64) {
+            return Err(anyhow!(
+                "Filter dimension ADDRESS_BITS does not match binary. Please rebuild the filter or recompile the binaries\n\tFile:\t{}\n\tBinary:\t{}",
+                file_address_bits, bloom_filter::ADDRESS_BITS
+            ));
+        }
+
+        bloom_filter_binary.read_exact(&mut dimensions_buf)?;
+        let file_address_bits_chunk = u64::from_be_bytes(dimensions_buf);
+        if file_address_bits_chunk != (bloom_filter::ADDRESS_BITS_CHUNK as u64) {
+            return Err(anyhow!(
+                "Filter dimension ADDRESS_BITS_CHUNK does not match binary. Please rebuild the filter or recompile the binaries\n\tFile:\t{}\n\tBinary:\t{}",
+                file_address_bits_chunk, bloom_filter::ADDRESS_BITS_CHUNK
+            ));
+        }
+
         let mut chunk = [0 as u8; bloom_filter::CHUNK_BYTES];
 
         let mut i = 0;
@@ -78,19 +105,26 @@ This can happen if the loaded eBPF program has no log statements.", e);
             let read = bloom_filter_binary.read(&mut chunk)?;
             if read > 0 {
                 filter_map.set(i, chunk, 0)?;
+                i += 1;
             }
 
             if read < bloom_filter::CHUNK_BYTES {
                 break;
             }
-            i += 1;
-
+        }
+        if (i as usize) != bloom_filter::MAP_SIZE {
+            return Err(anyhow!(
+                "Number of chunks in file ({}) do not match expected number ({})",
+                i, bloom_filter::MAP_SIZE
+            ))
         }
     };
 
     info!("Loading XDP program took {:?}", start.elapsed());
-    println!("press ctrl-c to exit");
-    signal::ctrl_c().await?;
+    println!("press any key to exit");
+    let mut buf = [0u8];
+    io::stdin().read_exact(&mut buf)?;
+    // signal::ctrl_c().await?;
     info!("Exiting...");
 
     Ok(())

xtask/src/build.rs

@@ -17,7 +17,7 @@ pub struct Options {
 
 fn build_user(_opts: &Options) -> Result<(), anyhow::Error> {
     let status = Command::new("cargo")
-        .args(["build", "--release", "--features=default_artifact_build"])
+        .args(["build","--package=responder", "--release", "--features=default_artifact_build"])
         .status()
         .expect("failed to build responder userspace program");
     if !status.success() {
@@ -31,7 +31,7 @@ fn build_user(_opts: &Options) -> Result<(), anyhow::Error> {
 
 fn build_tools(_opts: &Options) -> Result<(), anyhow::Error> {
     let status = Command::new("cargo")
-        .args(["build", "--release"])
+        .args(["build", "--package=responder-tools", "--release"])
         .status()
         .expect("failed to build responder tools");
     if !status.success() {