Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / ef7baf5e083c09b66af500331cbb2be0dae37468 / . / samples / bpf / tcbpf2_kern.c
blob: 15a469220e198734d80830d3824a9146e817a0bc [file] [log] [blame]
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]1/* Copyright (c) 2016 VMware
Alexei Starovoitova1c82702016-09-15 13:00:31 -0700[diff] [blame]2 * Copyright (c) 2016 Facebook
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
7 */
Daniel Borkmann96a8eb12016-10-26 00:37:53 +0200[diff] [blame]8#define KBUILD_MODNAME "foo"
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]9#include <uapi/linux/bpf.h>
10#include <uapi/linux/if_ether.h>
11#include <uapi/linux/if_packet.h>
12#include <uapi/linux/ip.h>
Alexei Starovoitov173ca262016-09-15 13:00:32 -0700[diff] [blame]13#include <uapi/linux/ipv6.h>
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]14#include <uapi/linux/in.h>
15#include <uapi/linux/tcp.h>
16#include <uapi/linux/filter.h>
17#include <uapi/linux/pkt_cls.h>
Alexei Starovoitov173ca262016-09-15 13:00:32 -0700[diff] [blame]18#include <net/ipv6.h>
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]19#include "bpf_helpers.h"
William Tuef88f892017-08-25 09:21:29 -0700[diff] [blame]20#include "bpf_endian.h"
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]21
Alexei Starovoitov173ca262016-09-15 13:00:32 -0700[diff] [blame]22#define _htonl __builtin_bswap32
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]23#define ERROR(ret) do {\
24 char fmt[] = "ERROR line:%d ret:%d\n";\
25 bpf_trace_printk(fmt, sizeof(fmt), __LINE__, ret); \
26 } while(0)
27
28struct geneve_opt {
29 __be16 opt_class;
30 u8 type;
31 u8 length:5;
32 u8 r3:1;
33 u8 r2:1;
34 u8 r1:1;
35 u8 opt_data[8]; /* hard-coded to 8 byte */
36};
37
38struct vxlan_metadata {
39 u32 gbp;
40};
41
William Tuef88f892017-08-25 09:21:29 -0700[diff] [blame]42struct erspan_metadata {
43 __be32 index;
44};
45
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]46SEC("gre_set_tunnel")
47int _gre_set_tunnel(struct __sk_buff *skb)
48{
49 int ret;
50 struct bpf_tunnel_key key;
51
52 __builtin_memset(&key, 0x0, sizeof(key));
53 key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
54 key.tunnel_id = 2;
55 key.tunnel_tos = 0;
56 key.tunnel_ttl = 64;
57
58 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), BPF_F_ZERO_CSUM_TX);
59 if (ret < 0) {
60 ERROR(ret);
61 return TC_ACT_SHOT;
62 }
63
64 return TC_ACT_OK;
65}
66
67SEC("gre_get_tunnel")
68int _gre_get_tunnel(struct __sk_buff *skb)
69{
70 int ret;
71 struct bpf_tunnel_key key;
72 char fmt[] = "key %d remote ip 0x%x\n";
73
74 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
75 if (ret < 0) {
76 ERROR(ret);
77 return TC_ACT_SHOT;
78 }
79
80 bpf_trace_printk(fmt, sizeof(fmt), key.tunnel_id, key.remote_ipv4);
81 return TC_ACT_OK;
82}
83
William Tu56ddd302017-12-01 15:26:10 -0800[diff] [blame]84SEC("ip6gretap_set_tunnel")
85int _ip6gretap_set_tunnel(struct __sk_buff *skb)
86{
87 struct bpf_tunnel_key key;
88 int ret;
89
90 __builtin_memset(&key, 0x0, sizeof(key));
91 key.remote_ipv6[3] = _htonl(0x11); /* ::11 */
92 key.tunnel_id = 2;
93 key.tunnel_tos = 0;
94 key.tunnel_ttl = 64;
95 key.tunnel_label = 0xabcde;
96
97 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key),
98 BPF_F_TUNINFO_IPV6 | BPF_F_ZERO_CSUM_TX);
99 if (ret < 0) {
100 ERROR(ret);
101 return TC_ACT_SHOT;
102 }
103
104 return TC_ACT_OK;
105}
106
107SEC("ip6gretap_get_tunnel")
108int _ip6gretap_get_tunnel(struct __sk_buff *skb)
109{
110 char fmt[] = "key %d remote ip6 ::%x label %x\n";
111 struct bpf_tunnel_key key;
112 int ret;
113
114 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key),
115 BPF_F_TUNINFO_IPV6);
116 if (ret < 0) {
117 ERROR(ret);
118 return TC_ACT_SHOT;
119 }
120
121 bpf_trace_printk(fmt, sizeof(fmt),
122 key.tunnel_id, key.remote_ipv6[3], key.tunnel_label);
123
124 return TC_ACT_OK;
125}
126
William Tuef88f892017-08-25 09:21:29 -0700[diff] [blame]127SEC("erspan_set_tunnel")
128int _erspan_set_tunnel(struct __sk_buff *skb)
129{
130 struct bpf_tunnel_key key;
131 struct erspan_metadata md;
132 int ret;
133
134 __builtin_memset(&key, 0x0, sizeof(key));
135 key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
136 key.tunnel_id = 2;
137 key.tunnel_tos = 0;
138 key.tunnel_ttl = 64;
139
140 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), BPF_F_ZERO_CSUM_TX);
141 if (ret < 0) {
142 ERROR(ret);
143 return TC_ACT_SHOT;
144 }
145
146 md.index = htonl(123);
147 ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
148 if (ret < 0) {
149 ERROR(ret);
150 return TC_ACT_SHOT;
151 }
152
153 return TC_ACT_OK;
154}
155
156SEC("erspan_get_tunnel")
157int _erspan_get_tunnel(struct __sk_buff *skb)
158{
159 char fmt[] = "key %d remote ip 0x%x erspan index 0x%x\n";
160 struct bpf_tunnel_key key;
161 struct erspan_metadata md;
162 u32 index;
163 int ret;
164
165 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
166 if (ret < 0) {
167 ERROR(ret);
168 return TC_ACT_SHOT;
169 }
170
171 ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md));
172 if (ret < 0) {
173 ERROR(ret);
174 return TC_ACT_SHOT;
175 }
176
177 index = bpf_ntohl(md.index);
178 bpf_trace_printk(fmt, sizeof(fmt),
179 key.tunnel_id, key.remote_ipv4, index);
180
181 return TC_ACT_OK;
182}
183
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]184SEC("vxlan_set_tunnel")
185int _vxlan_set_tunnel(struct __sk_buff *skb)
186{
187 int ret;
188 struct bpf_tunnel_key key;
189 struct vxlan_metadata md;
190
191 __builtin_memset(&key, 0x0, sizeof(key));
192 key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
193 key.tunnel_id = 2;
194 key.tunnel_tos = 0;
195 key.tunnel_ttl = 64;
196
197 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), BPF_F_ZERO_CSUM_TX);
198 if (ret < 0) {
199 ERROR(ret);
200 return TC_ACT_SHOT;
201 }
202
203 md.gbp = 0x800FF; /* Set VXLAN Group Policy extension */
204 ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md));
205 if (ret < 0) {
206 ERROR(ret);
207 return TC_ACT_SHOT;
208 }
209
210 return TC_ACT_OK;
211}
212
213SEC("vxlan_get_tunnel")
214int _vxlan_get_tunnel(struct __sk_buff *skb)
215{
216 int ret;
217 struct bpf_tunnel_key key;
218 struct vxlan_metadata md;
219 char fmt[] = "key %d remote ip 0x%x vxlan gbp 0x%x\n";
220
221 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
222 if (ret < 0) {
223 ERROR(ret);
224 return TC_ACT_SHOT;
225 }
226
227 ret = bpf_skb_get_tunnel_opt(skb, &md, sizeof(md));
228 if (ret < 0) {
229 ERROR(ret);
230 return TC_ACT_SHOT;
231 }
232
233 bpf_trace_printk(fmt, sizeof(fmt),
234 key.tunnel_id, key.remote_ipv4, md.gbp);
235
236 return TC_ACT_OK;
237}
238
239SEC("geneve_set_tunnel")
240int _geneve_set_tunnel(struct __sk_buff *skb)
241{
242 int ret, ret2;
243 struct bpf_tunnel_key key;
244 struct geneve_opt gopt;
245
246 __builtin_memset(&key, 0x0, sizeof(key));
247 key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
248 key.tunnel_id = 2;
249 key.tunnel_tos = 0;
250 key.tunnel_ttl = 64;
251
252 __builtin_memset(&gopt, 0x0, sizeof(gopt));
253 gopt.opt_class = 0x102; /* Open Virtual Networking (OVN) */
254 gopt.type = 0x08;
William Tucc75f852017-07-31 14:40:50 -0700[diff] [blame]255 gopt.r1 = 0;
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]256 gopt.r2 = 0;
William Tucc75f852017-07-31 14:40:50 -0700[diff] [blame]257 gopt.r3 = 0;
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]258 gopt.length = 2; /* 4-byte multiple */
259 *(int *) &gopt.opt_data = 0xdeadbeef;
260
261 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), BPF_F_ZERO_CSUM_TX);
262 if (ret < 0) {
263 ERROR(ret);
264 return TC_ACT_SHOT;
265 }
266
267 ret = bpf_skb_set_tunnel_opt(skb, &gopt, sizeof(gopt));
268 if (ret < 0) {
269 ERROR(ret);
270 return TC_ACT_SHOT;
271 }
272
273 return TC_ACT_OK;
274}
275
276SEC("geneve_get_tunnel")
277int _geneve_get_tunnel(struct __sk_buff *skb)
278{
279 int ret;
280 struct bpf_tunnel_key key;
281 struct geneve_opt gopt;
282 char fmt[] = "key %d remote ip 0x%x geneve class 0x%x\n";
283
284 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
285 if (ret < 0) {
286 ERROR(ret);
287 return TC_ACT_SHOT;
288 }
289
290 ret = bpf_skb_get_tunnel_opt(skb, &gopt, sizeof(gopt));
291 if (ret < 0) {
292 ERROR(ret);
293 return TC_ACT_SHOT;
294 }
295
296 bpf_trace_printk(fmt, sizeof(fmt),
297 key.tunnel_id, key.remote_ipv4, gopt.opt_class);
298 return TC_ACT_OK;
299}
300
Alexei Starovoitova1c82702016-09-15 13:00:31 -0700[diff] [blame]301SEC("ipip_set_tunnel")
302int _ipip_set_tunnel(struct __sk_buff *skb)
303{
304 struct bpf_tunnel_key key = {};
305 void *data = (void *)(long)skb->data;
306 struct iphdr *iph = data;
307 struct tcphdr *tcp = data + sizeof(*iph);
308 void *data_end = (void *)(long)skb->data_end;
309 int ret;
310
311 /* single length check */
312 if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
313 ERROR(1);
314 return TC_ACT_SHOT;
315 }
316
317 key.tunnel_ttl = 64;
318 if (iph->protocol == IPPROTO_ICMP) {
319 key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
320 } else {
321 if (iph->protocol != IPPROTO_TCP || iph->ihl != 5)
322 return TC_ACT_SHOT;
323
324 if (tcp->dest == htons(5200))
325 key.remote_ipv4 = 0xac100164; /* 172.16.1.100 */
326 else if (tcp->dest == htons(5201))
327 key.remote_ipv4 = 0xac100165; /* 172.16.1.101 */
328 else
329 return TC_ACT_SHOT;
330 }
331
332 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0);
333 if (ret < 0) {
334 ERROR(ret);
335 return TC_ACT_SHOT;
336 }
337
338 return TC_ACT_OK;
339}
340
341SEC("ipip_get_tunnel")
342int _ipip_get_tunnel(struct __sk_buff *skb)
343{
344 int ret;
345 struct bpf_tunnel_key key;
346 char fmt[] = "remote ip 0x%x\n";
347
348 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0);
349 if (ret < 0) {
350 ERROR(ret);
351 return TC_ACT_SHOT;
352 }
353
354 bpf_trace_printk(fmt, sizeof(fmt), key.remote_ipv4);
355 return TC_ACT_OK;
356}
357
Alexei Starovoitov173ca262016-09-15 13:00:32 -0700[diff] [blame]358SEC("ipip6_set_tunnel")
359int _ipip6_set_tunnel(struct __sk_buff *skb)
360{
361 struct bpf_tunnel_key key = {};
362 void *data = (void *)(long)skb->data;
363 struct iphdr *iph = data;
364 struct tcphdr *tcp = data + sizeof(*iph);
365 void *data_end = (void *)(long)skb->data_end;
366 int ret;
367
368 /* single length check */
369 if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
370 ERROR(1);
371 return TC_ACT_SHOT;
372 }
373
374 key.remote_ipv6[0] = _htonl(0x2401db00);
375 key.tunnel_ttl = 64;
376
377 if (iph->protocol == IPPROTO_ICMP) {
378 key.remote_ipv6[3] = _htonl(1);
379 } else {
380 if (iph->protocol != IPPROTO_TCP || iph->ihl != 5) {
381 ERROR(iph->protocol);
382 return TC_ACT_SHOT;
383 }
384
385 if (tcp->dest == htons(5200)) {
386 key.remote_ipv6[3] = _htonl(1);
387 } else if (tcp->dest == htons(5201)) {
388 key.remote_ipv6[3] = _htonl(2);
389 } else {
390 ERROR(tcp->dest);
391 return TC_ACT_SHOT;
392 }
393 }
394
395 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), BPF_F_TUNINFO_IPV6);
396 if (ret < 0) {
397 ERROR(ret);
398 return TC_ACT_SHOT;
399 }
400
401 return TC_ACT_OK;
402}
403
404SEC("ipip6_get_tunnel")
405int _ipip6_get_tunnel(struct __sk_buff *skb)
406{
407 int ret;
408 struct bpf_tunnel_key key;
409 char fmt[] = "remote ip6 %x::%x\n";
410
411 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), BPF_F_TUNINFO_IPV6);
412 if (ret < 0) {
413 ERROR(ret);
414 return TC_ACT_SHOT;
415 }
416
417 bpf_trace_printk(fmt, sizeof(fmt), _htonl(key.remote_ipv6[0]),
418 _htonl(key.remote_ipv6[3]));
419 return TC_ACT_OK;
420}
421
422SEC("ip6ip6_set_tunnel")
423int _ip6ip6_set_tunnel(struct __sk_buff *skb)
424{
425 struct bpf_tunnel_key key = {};
426 void *data = (void *)(long)skb->data;
427 struct ipv6hdr *iph = data;
428 struct tcphdr *tcp = data + sizeof(*iph);
429 void *data_end = (void *)(long)skb->data_end;
430 int ret;
431
432 /* single length check */
433 if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
434 ERROR(1);
435 return TC_ACT_SHOT;
436 }
437
438 key.remote_ipv6[0] = _htonl(0x2401db00);
439 key.tunnel_ttl = 64;
440
441 if (iph->nexthdr == NEXTHDR_ICMP) {
442 key.remote_ipv6[3] = _htonl(1);
443 } else {
444 if (iph->nexthdr != NEXTHDR_TCP) {
445 ERROR(iph->nexthdr);
446 return TC_ACT_SHOT;
447 }
448
449 if (tcp->dest == htons(5200)) {
450 key.remote_ipv6[3] = _htonl(1);
451 } else if (tcp->dest == htons(5201)) {
452 key.remote_ipv6[3] = _htonl(2);
453 } else {
454 ERROR(tcp->dest);
455 return TC_ACT_SHOT;
456 }
457 }
458
459 ret = bpf_skb_set_tunnel_key(skb, &key, sizeof(key), BPF_F_TUNINFO_IPV6);
460 if (ret < 0) {
461 ERROR(ret);
462 return TC_ACT_SHOT;
463 }
464
465 return TC_ACT_OK;
466}
467
468SEC("ip6ip6_get_tunnel")
469int _ip6ip6_get_tunnel(struct __sk_buff *skb)
470{
471 int ret;
472 struct bpf_tunnel_key key;
473 char fmt[] = "remote ip6 %x::%x\n";
474
475 ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), BPF_F_TUNINFO_IPV6);
476 if (ret < 0) {
477 ERROR(ret);
478 return TC_ACT_SHOT;
479 }
480
481 bpf_trace_printk(fmt, sizeof(fmt), _htonl(key.remote_ipv6[0]),
482 _htonl(key.remote_ipv6[3]));
483 return TC_ACT_OK;
484}
485
William Tu6afb1e22016-08-19 11:55:44 -0700[diff] [blame]486char _license[] SEC("license") = "GPL";