1*de1e4e89SAndroid Build Coastguard Worker /*
2*de1e4e89SAndroid Build Coastguard Worker * m_bpf.c BPF based action module
3*de1e4e89SAndroid Build Coastguard Worker *
4*de1e4e89SAndroid Build Coastguard Worker * This program is free software; you can redistribute it and/or
5*de1e4e89SAndroid Build Coastguard Worker * modify it under the terms of the GNU General Public License
6*de1e4e89SAndroid Build Coastguard Worker * as published by the Free Software Foundation; either version
7*de1e4e89SAndroid Build Coastguard Worker * 2 of the License, or (at your option) any later version.
8*de1e4e89SAndroid Build Coastguard Worker *
9*de1e4e89SAndroid Build Coastguard Worker * Authors: Jiri Pirko <[email protected]>
10*de1e4e89SAndroid Build Coastguard Worker * Daniel Borkmann <[email protected]>
11*de1e4e89SAndroid Build Coastguard Worker */
12*de1e4e89SAndroid Build Coastguard Worker
13*de1e4e89SAndroid Build Coastguard Worker #include <stdio.h>
14*de1e4e89SAndroid Build Coastguard Worker #include <stdlib.h>
15*de1e4e89SAndroid Build Coastguard Worker
16*de1e4e89SAndroid Build Coastguard Worker #include <linux/bpf.h>
17*de1e4e89SAndroid Build Coastguard Worker #include <linux/tc_act/tc_bpf.h>
18*de1e4e89SAndroid Build Coastguard Worker
19*de1e4e89SAndroid Build Coastguard Worker #include "utils.h"
20*de1e4e89SAndroid Build Coastguard Worker
21*de1e4e89SAndroid Build Coastguard Worker #include "tc_util.h"
22*de1e4e89SAndroid Build Coastguard Worker #include "bpf_util.h"
23*de1e4e89SAndroid Build Coastguard Worker
24*de1e4e89SAndroid Build Coastguard Worker static const enum bpf_prog_type bpf_type = BPF_PROG_TYPE_SCHED_ACT;
25*de1e4e89SAndroid Build Coastguard Worker
explain(void)26*de1e4e89SAndroid Build Coastguard Worker static void explain(void)
27*de1e4e89SAndroid Build Coastguard Worker {
28*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Usage: ... bpf ... [ index INDEX ]\n");
29*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
30*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "BPF use case:\n");
31*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, " bytecode BPF_BYTECODE\n");
32*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, " bytecode-file FILE\n");
33*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
34*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "eBPF use case:\n");
35*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, " object-file FILE [ section ACT_NAME ] [ export UDS_FILE ]");
36*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, " [ verbose ]\n");
37*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, " object-pinned FILE\n");
38*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
39*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Where BPF_BYTECODE := \'s,c t f k,c t f k,c t f k,...\'\n");
40*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "c,t,f,k and s are decimals; s denotes number of 4-tuples\n");
41*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
42*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Where FILE points to a file containing the BPF_BYTECODE string,\n");
43*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "an ELF file containing eBPF map definitions and bytecode, or a\n");
44*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "pinned eBPF program.\n");
45*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
46*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Where ACT_NAME refers to the section name containing the\n");
47*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "action (default \'%s\').\n", bpf_prog_to_default_section(bpf_type));
48*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
49*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Where UDS_FILE points to a unix domain socket file in order\n");
50*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "to hand off control of all created eBPF maps to an agent.\n");
51*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\n");
52*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Where optionally INDEX points to an existing action, or\n");
53*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "explicitly specifies an action index upon creation.\n");
54*de1e4e89SAndroid Build Coastguard Worker }
55*de1e4e89SAndroid Build Coastguard Worker
bpf_cbpf_cb(void * nl,const struct sock_filter * ops,int ops_len)56*de1e4e89SAndroid Build Coastguard Worker static void bpf_cbpf_cb(void *nl, const struct sock_filter *ops, int ops_len)
57*de1e4e89SAndroid Build Coastguard Worker {
58*de1e4e89SAndroid Build Coastguard Worker addattr16(nl, MAX_MSG, TCA_ACT_BPF_OPS_LEN, ops_len);
59*de1e4e89SAndroid Build Coastguard Worker addattr_l(nl, MAX_MSG, TCA_ACT_BPF_OPS, ops,
60*de1e4e89SAndroid Build Coastguard Worker ops_len * sizeof(struct sock_filter));
61*de1e4e89SAndroid Build Coastguard Worker }
62*de1e4e89SAndroid Build Coastguard Worker
bpf_ebpf_cb(void * nl,int fd,const char * annotation)63*de1e4e89SAndroid Build Coastguard Worker static void bpf_ebpf_cb(void *nl, int fd, const char *annotation)
64*de1e4e89SAndroid Build Coastguard Worker {
65*de1e4e89SAndroid Build Coastguard Worker addattr32(nl, MAX_MSG, TCA_ACT_BPF_FD, fd);
66*de1e4e89SAndroid Build Coastguard Worker addattrstrz(nl, MAX_MSG, TCA_ACT_BPF_NAME, annotation);
67*de1e4e89SAndroid Build Coastguard Worker }
68*de1e4e89SAndroid Build Coastguard Worker
69*de1e4e89SAndroid Build Coastguard Worker static const struct bpf_cfg_ops bpf_cb_ops = {
70*de1e4e89SAndroid Build Coastguard Worker .cbpf_cb = bpf_cbpf_cb,
71*de1e4e89SAndroid Build Coastguard Worker .ebpf_cb = bpf_ebpf_cb,
72*de1e4e89SAndroid Build Coastguard Worker };
73*de1e4e89SAndroid Build Coastguard Worker
bpf_parse_opt(struct action_util * a,int * ptr_argc,char *** ptr_argv,int tca_id,struct nlmsghdr * n)74*de1e4e89SAndroid Build Coastguard Worker static int bpf_parse_opt(struct action_util *a, int *ptr_argc, char ***ptr_argv,
75*de1e4e89SAndroid Build Coastguard Worker int tca_id, struct nlmsghdr *n)
76*de1e4e89SAndroid Build Coastguard Worker {
77*de1e4e89SAndroid Build Coastguard Worker const char *bpf_obj = NULL, *bpf_uds_name = NULL;
78*de1e4e89SAndroid Build Coastguard Worker struct tc_act_bpf parm = {};
79*de1e4e89SAndroid Build Coastguard Worker struct bpf_cfg_in cfg = {};
80*de1e4e89SAndroid Build Coastguard Worker bool seen_run = false;
81*de1e4e89SAndroid Build Coastguard Worker struct rtattr *tail;
82*de1e4e89SAndroid Build Coastguard Worker int argc, ret = 0;
83*de1e4e89SAndroid Build Coastguard Worker char **argv;
84*de1e4e89SAndroid Build Coastguard Worker
85*de1e4e89SAndroid Build Coastguard Worker argv = *ptr_argv;
86*de1e4e89SAndroid Build Coastguard Worker argc = *ptr_argc;
87*de1e4e89SAndroid Build Coastguard Worker
88*de1e4e89SAndroid Build Coastguard Worker if (matches(*argv, "bpf") != 0)
89*de1e4e89SAndroid Build Coastguard Worker return -1;
90*de1e4e89SAndroid Build Coastguard Worker
91*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG();
92*de1e4e89SAndroid Build Coastguard Worker
93*de1e4e89SAndroid Build Coastguard Worker tail = NLMSG_TAIL(n);
94*de1e4e89SAndroid Build Coastguard Worker addattr_l(n, MAX_MSG, tca_id, NULL, 0);
95*de1e4e89SAndroid Build Coastguard Worker
96*de1e4e89SAndroid Build Coastguard Worker while (argc > 0) {
97*de1e4e89SAndroid Build Coastguard Worker if (matches(*argv, "run") == 0) {
98*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG();
99*de1e4e89SAndroid Build Coastguard Worker opt_bpf:
100*de1e4e89SAndroid Build Coastguard Worker seen_run = true;
101*de1e4e89SAndroid Build Coastguard Worker cfg.argc = argc;
102*de1e4e89SAndroid Build Coastguard Worker cfg.argv = argv;
103*de1e4e89SAndroid Build Coastguard Worker
104*de1e4e89SAndroid Build Coastguard Worker if (bpf_parse_common(bpf_type, &cfg, &bpf_cb_ops, n))
105*de1e4e89SAndroid Build Coastguard Worker return -1;
106*de1e4e89SAndroid Build Coastguard Worker
107*de1e4e89SAndroid Build Coastguard Worker argc = cfg.argc;
108*de1e4e89SAndroid Build Coastguard Worker argv = cfg.argv;
109*de1e4e89SAndroid Build Coastguard Worker
110*de1e4e89SAndroid Build Coastguard Worker bpf_obj = cfg.object;
111*de1e4e89SAndroid Build Coastguard Worker bpf_uds_name = cfg.uds;
112*de1e4e89SAndroid Build Coastguard Worker } else if (matches(*argv, "help") == 0) {
113*de1e4e89SAndroid Build Coastguard Worker explain();
114*de1e4e89SAndroid Build Coastguard Worker return -1;
115*de1e4e89SAndroid Build Coastguard Worker } else if (matches(*argv, "index") == 0) {
116*de1e4e89SAndroid Build Coastguard Worker break;
117*de1e4e89SAndroid Build Coastguard Worker } else {
118*de1e4e89SAndroid Build Coastguard Worker if (!seen_run)
119*de1e4e89SAndroid Build Coastguard Worker goto opt_bpf;
120*de1e4e89SAndroid Build Coastguard Worker break;
121*de1e4e89SAndroid Build Coastguard Worker }
122*de1e4e89SAndroid Build Coastguard Worker
123*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG_FWD();
124*de1e4e89SAndroid Build Coastguard Worker }
125*de1e4e89SAndroid Build Coastguard Worker
126*de1e4e89SAndroid Build Coastguard Worker parse_action_control_dflt(&argc, &argv, &parm.action,
127*de1e4e89SAndroid Build Coastguard Worker false, TC_ACT_PIPE);
128*de1e4e89SAndroid Build Coastguard Worker
129*de1e4e89SAndroid Build Coastguard Worker if (argc) {
130*de1e4e89SAndroid Build Coastguard Worker if (matches(*argv, "index") == 0) {
131*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG();
132*de1e4e89SAndroid Build Coastguard Worker if (get_u32(&parm.index, *argv, 10)) {
133*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "bpf: Illegal \"index\"\n");
134*de1e4e89SAndroid Build Coastguard Worker return -1;
135*de1e4e89SAndroid Build Coastguard Worker }
136*de1e4e89SAndroid Build Coastguard Worker
137*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG_FWD();
138*de1e4e89SAndroid Build Coastguard Worker }
139*de1e4e89SAndroid Build Coastguard Worker }
140*de1e4e89SAndroid Build Coastguard Worker
141*de1e4e89SAndroid Build Coastguard Worker addattr_l(n, MAX_MSG, TCA_ACT_BPF_PARMS, &parm, sizeof(parm));
142*de1e4e89SAndroid Build Coastguard Worker tail->rta_len = (char *)NLMSG_TAIL(n) - (char *)tail;
143*de1e4e89SAndroid Build Coastguard Worker
144*de1e4e89SAndroid Build Coastguard Worker if (bpf_uds_name)
145*de1e4e89SAndroid Build Coastguard Worker ret = bpf_send_map_fds(bpf_uds_name, bpf_obj);
146*de1e4e89SAndroid Build Coastguard Worker
147*de1e4e89SAndroid Build Coastguard Worker *ptr_argc = argc;
148*de1e4e89SAndroid Build Coastguard Worker *ptr_argv = argv;
149*de1e4e89SAndroid Build Coastguard Worker
150*de1e4e89SAndroid Build Coastguard Worker return ret;
151*de1e4e89SAndroid Build Coastguard Worker }
152*de1e4e89SAndroid Build Coastguard Worker
bpf_print_opt(struct action_util * au,FILE * f,struct rtattr * arg)153*de1e4e89SAndroid Build Coastguard Worker static int bpf_print_opt(struct action_util *au, FILE *f, struct rtattr *arg)
154*de1e4e89SAndroid Build Coastguard Worker {
155*de1e4e89SAndroid Build Coastguard Worker struct rtattr *tb[TCA_ACT_BPF_MAX + 1];
156*de1e4e89SAndroid Build Coastguard Worker struct tc_act_bpf *parm;
157*de1e4e89SAndroid Build Coastguard Worker int dump_ok = 0;
158*de1e4e89SAndroid Build Coastguard Worker
159*de1e4e89SAndroid Build Coastguard Worker if (arg == NULL)
160*de1e4e89SAndroid Build Coastguard Worker return -1;
161*de1e4e89SAndroid Build Coastguard Worker
162*de1e4e89SAndroid Build Coastguard Worker parse_rtattr_nested(tb, TCA_ACT_BPF_MAX, arg);
163*de1e4e89SAndroid Build Coastguard Worker
164*de1e4e89SAndroid Build Coastguard Worker if (!tb[TCA_ACT_BPF_PARMS]) {
165*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "[NULL bpf parameters]");
166*de1e4e89SAndroid Build Coastguard Worker return -1;
167*de1e4e89SAndroid Build Coastguard Worker }
168*de1e4e89SAndroid Build Coastguard Worker
169*de1e4e89SAndroid Build Coastguard Worker parm = RTA_DATA(tb[TCA_ACT_BPF_PARMS]);
170*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "bpf ");
171*de1e4e89SAndroid Build Coastguard Worker
172*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_ACT_BPF_NAME])
173*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "%s ", rta_getattr_str(tb[TCA_ACT_BPF_NAME]));
174*de1e4e89SAndroid Build Coastguard Worker
175*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_ACT_BPF_OPS] && tb[TCA_ACT_BPF_OPS_LEN]) {
176*de1e4e89SAndroid Build Coastguard Worker bpf_print_ops(f, tb[TCA_ACT_BPF_OPS],
177*de1e4e89SAndroid Build Coastguard Worker rta_getattr_u16(tb[TCA_ACT_BPF_OPS_LEN]));
178*de1e4e89SAndroid Build Coastguard Worker fprintf(f, " ");
179*de1e4e89SAndroid Build Coastguard Worker }
180*de1e4e89SAndroid Build Coastguard Worker
181*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_ACT_BPF_ID])
182*de1e4e89SAndroid Build Coastguard Worker dump_ok = bpf_dump_prog_info(f, rta_getattr_u32(tb[TCA_ACT_BPF_ID]));
183*de1e4e89SAndroid Build Coastguard Worker if (!dump_ok && tb[TCA_ACT_BPF_TAG]) {
184*de1e4e89SAndroid Build Coastguard Worker SPRINT_BUF(b);
185*de1e4e89SAndroid Build Coastguard Worker
186*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "tag %s ",
187*de1e4e89SAndroid Build Coastguard Worker hexstring_n2a(RTA_DATA(tb[TCA_ACT_BPF_TAG]),
188*de1e4e89SAndroid Build Coastguard Worker RTA_PAYLOAD(tb[TCA_ACT_BPF_TAG]),
189*de1e4e89SAndroid Build Coastguard Worker b, sizeof(b)));
190*de1e4e89SAndroid Build Coastguard Worker }
191*de1e4e89SAndroid Build Coastguard Worker
192*de1e4e89SAndroid Build Coastguard Worker print_action_control(f, "default-action ", parm->action, "\n");
193*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "\tindex %u ref %d bind %d", parm->index, parm->refcnt,
194*de1e4e89SAndroid Build Coastguard Worker parm->bindcnt);
195*de1e4e89SAndroid Build Coastguard Worker
196*de1e4e89SAndroid Build Coastguard Worker if (show_stats) {
197*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_ACT_BPF_TM]) {
198*de1e4e89SAndroid Build Coastguard Worker struct tcf_t *tm = RTA_DATA(tb[TCA_ACT_BPF_TM]);
199*de1e4e89SAndroid Build Coastguard Worker
200*de1e4e89SAndroid Build Coastguard Worker print_tm(f, tm);
201*de1e4e89SAndroid Build Coastguard Worker }
202*de1e4e89SAndroid Build Coastguard Worker }
203*de1e4e89SAndroid Build Coastguard Worker
204*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "\n ");
205*de1e4e89SAndroid Build Coastguard Worker return 0;
206*de1e4e89SAndroid Build Coastguard Worker }
207*de1e4e89SAndroid Build Coastguard Worker
208*de1e4e89SAndroid Build Coastguard Worker struct action_util bpf_action_util = {
209*de1e4e89SAndroid Build Coastguard Worker .id = "bpf",
210*de1e4e89SAndroid Build Coastguard Worker .parse_aopt = bpf_parse_opt,
211*de1e4e89SAndroid Build Coastguard Worker .print_aopt = bpf_print_opt,
212*de1e4e89SAndroid Build Coastguard Worker };
213