1acb4ea95SNikita V. Shirokov // SPDX-License-Identifier: GPL-2.0
2acb4ea95SNikita V. Shirokov /*
3acb4ea95SNikita V. Shirokov * Copyright (c) 2018 Facebook
4acb4ea95SNikita V. Shirokov *
5acb4ea95SNikita V. Shirokov * BPF program to automatically reflect TOS option from received syn packet
6acb4ea95SNikita V. Shirokov *
7ea9b6362SJakub Kicinski * Use "bpftool cgroup attach $cg sock_ops $prog" to load this BPF program.
8acb4ea95SNikita V. Shirokov */
9acb4ea95SNikita V. Shirokov
10acb4ea95SNikita V. Shirokov #include <uapi/linux/bpf.h>
11acb4ea95SNikita V. Shirokov #include <uapi/linux/tcp.h>
12acb4ea95SNikita V. Shirokov #include <uapi/linux/if_ether.h>
13acb4ea95SNikita V. Shirokov #include <uapi/linux/if_packet.h>
14acb4ea95SNikita V. Shirokov #include <uapi/linux/ip.h>
15acb4ea95SNikita V. Shirokov #include <uapi/linux/ipv6.h>
16acb4ea95SNikita V. Shirokov #include <uapi/linux/in.h>
17acb4ea95SNikita V. Shirokov #include <linux/socket.h>
18*7cf245a3SToke Høiland-Jørgensen #include <bpf/bpf_helpers.h>
19*7cf245a3SToke Høiland-Jørgensen #include <bpf/bpf_endian.h>
20acb4ea95SNikita V. Shirokov
21acb4ea95SNikita V. Shirokov #define DEBUG 1
22acb4ea95SNikita V. Shirokov
23acb4ea95SNikita V. Shirokov SEC("sockops")
bpf_basertt(struct bpf_sock_ops * skops)24acb4ea95SNikita V. Shirokov int bpf_basertt(struct bpf_sock_ops *skops)
25acb4ea95SNikita V. Shirokov {
26acb4ea95SNikita V. Shirokov char header[sizeof(struct ipv6hdr)];
27acb4ea95SNikita V. Shirokov struct ipv6hdr *hdr6;
28acb4ea95SNikita V. Shirokov struct iphdr *hdr;
29acb4ea95SNikita V. Shirokov int hdr_size = 0;
30acb4ea95SNikita V. Shirokov int save_syn = 1;
31acb4ea95SNikita V. Shirokov int tos = 0;
32acb4ea95SNikita V. Shirokov int rv = 0;
33acb4ea95SNikita V. Shirokov int op;
34acb4ea95SNikita V. Shirokov
35acb4ea95SNikita V. Shirokov op = (int) skops->op;
36acb4ea95SNikita V. Shirokov
37acb4ea95SNikita V. Shirokov #ifdef DEBUG
38acb4ea95SNikita V. Shirokov bpf_printk("BPF command: %d\n", op);
39acb4ea95SNikita V. Shirokov #endif
40acb4ea95SNikita V. Shirokov switch (op) {
41acb4ea95SNikita V. Shirokov case BPF_SOCK_OPS_TCP_LISTEN_CB:
42acb4ea95SNikita V. Shirokov rv = bpf_setsockopt(skops, SOL_TCP, TCP_SAVE_SYN,
43acb4ea95SNikita V. Shirokov &save_syn, sizeof(save_syn));
44acb4ea95SNikita V. Shirokov break;
45acb4ea95SNikita V. Shirokov case BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB:
46acb4ea95SNikita V. Shirokov if (skops->family == AF_INET)
47acb4ea95SNikita V. Shirokov hdr_size = sizeof(struct iphdr);
48acb4ea95SNikita V. Shirokov else
49acb4ea95SNikita V. Shirokov hdr_size = sizeof(struct ipv6hdr);
50acb4ea95SNikita V. Shirokov rv = bpf_getsockopt(skops, SOL_TCP, TCP_SAVED_SYN,
51acb4ea95SNikita V. Shirokov header, hdr_size);
52acb4ea95SNikita V. Shirokov if (!rv) {
53acb4ea95SNikita V. Shirokov if (skops->family == AF_INET) {
54acb4ea95SNikita V. Shirokov hdr = (struct iphdr *) header;
55acb4ea95SNikita V. Shirokov tos = hdr->tos;
56acb4ea95SNikita V. Shirokov if (tos != 0)
57acb4ea95SNikita V. Shirokov bpf_setsockopt(skops, SOL_IP, IP_TOS,
58acb4ea95SNikita V. Shirokov &tos, sizeof(tos));
59acb4ea95SNikita V. Shirokov } else {
60acb4ea95SNikita V. Shirokov hdr6 = (struct ipv6hdr *) header;
61acb4ea95SNikita V. Shirokov tos = ((hdr6->priority) << 4 |
62acb4ea95SNikita V. Shirokov (hdr6->flow_lbl[0]) >> 4);
63acb4ea95SNikita V. Shirokov if (tos)
64acb4ea95SNikita V. Shirokov bpf_setsockopt(skops, SOL_IPV6,
65acb4ea95SNikita V. Shirokov IPV6_TCLASS,
66acb4ea95SNikita V. Shirokov &tos, sizeof(tos));
67acb4ea95SNikita V. Shirokov }
68acb4ea95SNikita V. Shirokov rv = 0;
69acb4ea95SNikita V. Shirokov }
70acb4ea95SNikita V. Shirokov break;
71acb4ea95SNikita V. Shirokov default:
72acb4ea95SNikita V. Shirokov rv = -1;
73acb4ea95SNikita V. Shirokov }
74acb4ea95SNikita V. Shirokov #ifdef DEBUG
75acb4ea95SNikita V. Shirokov bpf_printk("Returning %d\n", rv);
76acb4ea95SNikita V. Shirokov #endif
77acb4ea95SNikita V. Shirokov skops->reply = rv;
78acb4ea95SNikita V. Shirokov return 1;
79acb4ea95SNikita V. Shirokov }
80acb4ea95SNikita V. Shirokov char _license[] SEC("license") = "GPL";
81