1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) 2 /* Copyright (c) 2018 Facebook */ 3 4 #include <stdlib.h> 5 #include <memory.h> 6 #include <unistd.h> 7 #include <arpa/inet.h> 8 #include <linux/bpf.h> 9 #include <linux/if_ether.h> 10 #include <linux/pkt_cls.h> 11 #include <linux/rtnetlink.h> 12 #include <sys/socket.h> 13 #include <errno.h> 14 #include <time.h> 15 16 #include "bpf.h" 17 #include "libbpf.h" 18 #include "libbpf_internal.h" 19 #include "nlattr.h" 20 21 #ifndef SOL_NETLINK 22 #define SOL_NETLINK 270 23 #endif 24 25 typedef int (*libbpf_dump_nlmsg_t)(void *cookie, void *msg, struct nlattr **tb); 26 27 typedef int (*__dump_nlmsg_t)(struct nlmsghdr *nlmsg, libbpf_dump_nlmsg_t, 28 void *cookie); 29 30 struct xdp_link_info { 31 __u32 prog_id; 32 __u32 drv_prog_id; 33 __u32 hw_prog_id; 34 __u32 skb_prog_id; 35 __u8 attach_mode; 36 }; 37 38 struct xdp_id_md { 39 int ifindex; 40 __u32 flags; 41 struct xdp_link_info info; 42 }; 43 44 static int libbpf_netlink_open(__u32 *nl_pid) 45 { 46 struct sockaddr_nl sa; 47 socklen_t addrlen; 48 int one = 1, ret; 49 int sock; 50 51 memset(&sa, 0, sizeof(sa)); 52 sa.nl_family = AF_NETLINK; 53 54 sock = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE); 55 if (sock < 0) 56 return -errno; 57 58 if (setsockopt(sock, SOL_NETLINK, NETLINK_EXT_ACK, 59 &one, sizeof(one)) < 0) { 60 pr_warn("Netlink error reporting not supported\n"); 61 } 62 63 if (bind(sock, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 64 ret = -errno; 65 goto cleanup; 66 } 67 68 addrlen = sizeof(sa); 69 if (getsockname(sock, (struct sockaddr *)&sa, &addrlen) < 0) { 70 ret = -errno; 71 goto cleanup; 72 } 73 74 if (addrlen != sizeof(sa)) { 75 ret = -LIBBPF_ERRNO__INTERNAL; 76 goto cleanup; 77 } 78 79 *nl_pid = sa.nl_pid; 80 return sock; 81 82 cleanup: 83 close(sock); 84 return ret; 85 } 86 87 static void libbpf_netlink_close(int sock) 88 { 89 close(sock); 90 } 91 92 enum { 93 NL_CONT, 94 NL_NEXT, 95 NL_DONE, 96 }; 97 98 static int netlink_recvmsg(int sock, struct msghdr *mhdr, int flags) 99 { 100 int len; 101 102 do { 103 len = recvmsg(sock, mhdr, flags); 104 } while (len < 0 && (errno == EINTR || errno == EAGAIN)); 105 106 if (len < 0) 107 return -errno; 108 return len; 109 } 110 111 static int alloc_iov(struct iovec *iov, int len) 112 { 113 void *nbuf; 114 115 nbuf = realloc(iov->iov_base, len); 116 if (!nbuf) 117 return -ENOMEM; 118 119 iov->iov_base = nbuf; 120 iov->iov_len = len; 121 return 0; 122 } 123 124 static int libbpf_netlink_recv(int sock, __u32 nl_pid, int seq, 125 __dump_nlmsg_t _fn, libbpf_dump_nlmsg_t fn, 126 void *cookie) 127 { 128 struct iovec iov = {}; 129 struct msghdr mhdr = { 130 .msg_iov = &iov, 131 .msg_iovlen = 1, 132 }; 133 bool multipart = true; 134 struct nlmsgerr *err; 135 struct nlmsghdr *nh; 136 int len, ret; 137 138 ret = alloc_iov(&iov, 4096); 139 if (ret) 140 goto done; 141 142 while (multipart) { 143 start: 144 multipart = false; 145 len = netlink_recvmsg(sock, &mhdr, MSG_PEEK | MSG_TRUNC); 146 if (len < 0) { 147 ret = len; 148 goto done; 149 } 150 151 if (len > iov.iov_len) { 152 ret = alloc_iov(&iov, len); 153 if (ret) 154 goto done; 155 } 156 157 len = netlink_recvmsg(sock, &mhdr, 0); 158 if (len < 0) { 159 ret = len; 160 goto done; 161 } 162 163 if (len == 0) 164 break; 165 166 for (nh = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(nh, len); 167 nh = NLMSG_NEXT(nh, len)) { 168 if (nh->nlmsg_pid != nl_pid) { 169 ret = -LIBBPF_ERRNO__WRNGPID; 170 goto done; 171 } 172 if (nh->nlmsg_seq != seq) { 173 ret = -LIBBPF_ERRNO__INVSEQ; 174 goto done; 175 } 176 if (nh->nlmsg_flags & NLM_F_MULTI) 177 multipart = true; 178 switch (nh->nlmsg_type) { 179 case NLMSG_ERROR: 180 err = (struct nlmsgerr *)NLMSG_DATA(nh); 181 if (!err->error) 182 continue; 183 ret = err->error; 184 libbpf_nla_dump_errormsg(nh); 185 goto done; 186 case NLMSG_DONE: 187 ret = 0; 188 goto done; 189 default: 190 break; 191 } 192 if (_fn) { 193 ret = _fn(nh, fn, cookie); 194 switch (ret) { 195 case NL_CONT: 196 break; 197 case NL_NEXT: 198 goto start; 199 case NL_DONE: 200 ret = 0; 201 goto done; 202 default: 203 goto done; 204 } 205 } 206 } 207 } 208 ret = 0; 209 done: 210 free(iov.iov_base); 211 return ret; 212 } 213 214 static int libbpf_netlink_send_recv(struct libbpf_nla_req *req, 215 __dump_nlmsg_t parse_msg, 216 libbpf_dump_nlmsg_t parse_attr, 217 void *cookie) 218 { 219 __u32 nl_pid = 0; 220 int sock, ret; 221 222 sock = libbpf_netlink_open(&nl_pid); 223 if (sock < 0) 224 return sock; 225 226 req->nh.nlmsg_pid = 0; 227 req->nh.nlmsg_seq = time(NULL); 228 229 if (send(sock, req, req->nh.nlmsg_len, 0) < 0) { 230 ret = -errno; 231 goto out; 232 } 233 234 ret = libbpf_netlink_recv(sock, nl_pid, req->nh.nlmsg_seq, 235 parse_msg, parse_attr, cookie); 236 out: 237 libbpf_netlink_close(sock); 238 return ret; 239 } 240 241 static int __bpf_set_link_xdp_fd_replace(int ifindex, int fd, int old_fd, 242 __u32 flags) 243 { 244 struct nlattr *nla; 245 int ret; 246 struct libbpf_nla_req req; 247 248 memset(&req, 0, sizeof(req)); 249 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); 250 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; 251 req.nh.nlmsg_type = RTM_SETLINK; 252 req.ifinfo.ifi_family = AF_UNSPEC; 253 req.ifinfo.ifi_index = ifindex; 254 255 nla = nlattr_begin_nested(&req, IFLA_XDP); 256 if (!nla) 257 return -EMSGSIZE; 258 ret = nlattr_add(&req, IFLA_XDP_FD, &fd, sizeof(fd)); 259 if (ret < 0) 260 return ret; 261 if (flags) { 262 ret = nlattr_add(&req, IFLA_XDP_FLAGS, &flags, sizeof(flags)); 263 if (ret < 0) 264 return ret; 265 } 266 if (flags & XDP_FLAGS_REPLACE) { 267 ret = nlattr_add(&req, IFLA_XDP_EXPECTED_FD, &old_fd, 268 sizeof(old_fd)); 269 if (ret < 0) 270 return ret; 271 } 272 nlattr_end_nested(&req, nla); 273 274 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL); 275 } 276 277 int bpf_xdp_attach(int ifindex, int prog_fd, __u32 flags, const struct bpf_xdp_attach_opts *opts) 278 { 279 int old_prog_fd, err; 280 281 if (!OPTS_VALID(opts, bpf_xdp_attach_opts)) 282 return libbpf_err(-EINVAL); 283 284 old_prog_fd = OPTS_GET(opts, old_prog_fd, 0); 285 if (old_prog_fd) 286 flags |= XDP_FLAGS_REPLACE; 287 else 288 old_prog_fd = -1; 289 290 err = __bpf_set_link_xdp_fd_replace(ifindex, prog_fd, old_prog_fd, flags); 291 return libbpf_err(err); 292 } 293 294 int bpf_xdp_detach(int ifindex, __u32 flags, const struct bpf_xdp_attach_opts *opts) 295 { 296 return bpf_xdp_attach(ifindex, -1, flags, opts); 297 } 298 299 static int __dump_link_nlmsg(struct nlmsghdr *nlh, 300 libbpf_dump_nlmsg_t dump_link_nlmsg, void *cookie) 301 { 302 struct nlattr *tb[IFLA_MAX + 1], *attr; 303 struct ifinfomsg *ifi = NLMSG_DATA(nlh); 304 int len; 305 306 len = nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi)); 307 attr = (struct nlattr *) ((void *) ifi + NLMSG_ALIGN(sizeof(*ifi))); 308 309 if (libbpf_nla_parse(tb, IFLA_MAX, attr, len, NULL) != 0) 310 return -LIBBPF_ERRNO__NLPARSE; 311 312 return dump_link_nlmsg(cookie, ifi, tb); 313 } 314 315 static int get_xdp_info(void *cookie, void *msg, struct nlattr **tb) 316 { 317 struct nlattr *xdp_tb[IFLA_XDP_MAX + 1]; 318 struct xdp_id_md *xdp_id = cookie; 319 struct ifinfomsg *ifinfo = msg; 320 int ret; 321 322 if (xdp_id->ifindex && xdp_id->ifindex != ifinfo->ifi_index) 323 return 0; 324 325 if (!tb[IFLA_XDP]) 326 return 0; 327 328 ret = libbpf_nla_parse_nested(xdp_tb, IFLA_XDP_MAX, tb[IFLA_XDP], NULL); 329 if (ret) 330 return ret; 331 332 if (!xdp_tb[IFLA_XDP_ATTACHED]) 333 return 0; 334 335 xdp_id->info.attach_mode = libbpf_nla_getattr_u8( 336 xdp_tb[IFLA_XDP_ATTACHED]); 337 338 if (xdp_id->info.attach_mode == XDP_ATTACHED_NONE) 339 return 0; 340 341 if (xdp_tb[IFLA_XDP_PROG_ID]) 342 xdp_id->info.prog_id = libbpf_nla_getattr_u32( 343 xdp_tb[IFLA_XDP_PROG_ID]); 344 345 if (xdp_tb[IFLA_XDP_SKB_PROG_ID]) 346 xdp_id->info.skb_prog_id = libbpf_nla_getattr_u32( 347 xdp_tb[IFLA_XDP_SKB_PROG_ID]); 348 349 if (xdp_tb[IFLA_XDP_DRV_PROG_ID]) 350 xdp_id->info.drv_prog_id = libbpf_nla_getattr_u32( 351 xdp_tb[IFLA_XDP_DRV_PROG_ID]); 352 353 if (xdp_tb[IFLA_XDP_HW_PROG_ID]) 354 xdp_id->info.hw_prog_id = libbpf_nla_getattr_u32( 355 xdp_tb[IFLA_XDP_HW_PROG_ID]); 356 357 return 0; 358 } 359 360 int bpf_xdp_query(int ifindex, int xdp_flags, struct bpf_xdp_query_opts *opts) 361 { 362 struct libbpf_nla_req req = { 363 .nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)), 364 .nh.nlmsg_type = RTM_GETLINK, 365 .nh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST, 366 .ifinfo.ifi_family = AF_PACKET, 367 }; 368 struct xdp_id_md xdp_id = {}; 369 int err; 370 371 if (!OPTS_VALID(opts, bpf_xdp_query_opts)) 372 return libbpf_err(-EINVAL); 373 374 if (xdp_flags & ~XDP_FLAGS_MASK) 375 return libbpf_err(-EINVAL); 376 377 /* Check whether the single {HW,DRV,SKB} mode is set */ 378 xdp_flags &= XDP_FLAGS_SKB_MODE | XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE; 379 if (xdp_flags & (xdp_flags - 1)) 380 return libbpf_err(-EINVAL); 381 382 xdp_id.ifindex = ifindex; 383 xdp_id.flags = xdp_flags; 384 385 err = libbpf_netlink_send_recv(&req, __dump_link_nlmsg, 386 get_xdp_info, &xdp_id); 387 if (err) 388 return libbpf_err(err); 389 390 OPTS_SET(opts, prog_id, xdp_id.info.prog_id); 391 OPTS_SET(opts, drv_prog_id, xdp_id.info.drv_prog_id); 392 OPTS_SET(opts, hw_prog_id, xdp_id.info.hw_prog_id); 393 OPTS_SET(opts, skb_prog_id, xdp_id.info.skb_prog_id); 394 OPTS_SET(opts, attach_mode, xdp_id.info.attach_mode); 395 396 return 0; 397 } 398 399 int bpf_xdp_query_id(int ifindex, int flags, __u32 *prog_id) 400 { 401 LIBBPF_OPTS(bpf_xdp_query_opts, opts); 402 int ret; 403 404 ret = bpf_xdp_query(ifindex, flags, &opts); 405 if (ret) 406 return libbpf_err(ret); 407 408 flags &= XDP_FLAGS_MODES; 409 410 if (opts.attach_mode != XDP_ATTACHED_MULTI && !flags) 411 *prog_id = opts.prog_id; 412 else if (flags & XDP_FLAGS_DRV_MODE) 413 *prog_id = opts.drv_prog_id; 414 else if (flags & XDP_FLAGS_HW_MODE) 415 *prog_id = opts.hw_prog_id; 416 else if (flags & XDP_FLAGS_SKB_MODE) 417 *prog_id = opts.skb_prog_id; 418 else 419 *prog_id = 0; 420 421 return 0; 422 } 423 424 425 typedef int (*qdisc_config_t)(struct libbpf_nla_req *req); 426 427 static int clsact_config(struct libbpf_nla_req *req) 428 { 429 req->tc.tcm_parent = TC_H_CLSACT; 430 req->tc.tcm_handle = TC_H_MAKE(TC_H_CLSACT, 0); 431 432 return nlattr_add(req, TCA_KIND, "clsact", sizeof("clsact")); 433 } 434 435 static int attach_point_to_config(struct bpf_tc_hook *hook, 436 qdisc_config_t *config) 437 { 438 switch (OPTS_GET(hook, attach_point, 0)) { 439 case BPF_TC_INGRESS: 440 case BPF_TC_EGRESS: 441 case BPF_TC_INGRESS | BPF_TC_EGRESS: 442 if (OPTS_GET(hook, parent, 0)) 443 return -EINVAL; 444 *config = &clsact_config; 445 return 0; 446 case BPF_TC_CUSTOM: 447 return -EOPNOTSUPP; 448 default: 449 return -EINVAL; 450 } 451 } 452 453 static int tc_get_tcm_parent(enum bpf_tc_attach_point attach_point, 454 __u32 *parent) 455 { 456 switch (attach_point) { 457 case BPF_TC_INGRESS: 458 case BPF_TC_EGRESS: 459 if (*parent) 460 return -EINVAL; 461 *parent = TC_H_MAKE(TC_H_CLSACT, 462 attach_point == BPF_TC_INGRESS ? 463 TC_H_MIN_INGRESS : TC_H_MIN_EGRESS); 464 break; 465 case BPF_TC_CUSTOM: 466 if (!*parent) 467 return -EINVAL; 468 break; 469 default: 470 return -EINVAL; 471 } 472 return 0; 473 } 474 475 static int tc_qdisc_modify(struct bpf_tc_hook *hook, int cmd, int flags) 476 { 477 qdisc_config_t config; 478 int ret; 479 struct libbpf_nla_req req; 480 481 ret = attach_point_to_config(hook, &config); 482 if (ret < 0) 483 return ret; 484 485 memset(&req, 0, sizeof(req)); 486 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)); 487 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags; 488 req.nh.nlmsg_type = cmd; 489 req.tc.tcm_family = AF_UNSPEC; 490 req.tc.tcm_ifindex = OPTS_GET(hook, ifindex, 0); 491 492 ret = config(&req); 493 if (ret < 0) 494 return ret; 495 496 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL); 497 } 498 499 static int tc_qdisc_create_excl(struct bpf_tc_hook *hook) 500 { 501 return tc_qdisc_modify(hook, RTM_NEWQDISC, NLM_F_CREATE | NLM_F_EXCL); 502 } 503 504 static int tc_qdisc_delete(struct bpf_tc_hook *hook) 505 { 506 return tc_qdisc_modify(hook, RTM_DELQDISC, 0); 507 } 508 509 int bpf_tc_hook_create(struct bpf_tc_hook *hook) 510 { 511 int ret; 512 513 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) || 514 OPTS_GET(hook, ifindex, 0) <= 0) 515 return libbpf_err(-EINVAL); 516 517 ret = tc_qdisc_create_excl(hook); 518 return libbpf_err(ret); 519 } 520 521 static int __bpf_tc_detach(const struct bpf_tc_hook *hook, 522 const struct bpf_tc_opts *opts, 523 const bool flush); 524 525 int bpf_tc_hook_destroy(struct bpf_tc_hook *hook) 526 { 527 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) || 528 OPTS_GET(hook, ifindex, 0) <= 0) 529 return libbpf_err(-EINVAL); 530 531 switch (OPTS_GET(hook, attach_point, 0)) { 532 case BPF_TC_INGRESS: 533 case BPF_TC_EGRESS: 534 return libbpf_err(__bpf_tc_detach(hook, NULL, true)); 535 case BPF_TC_INGRESS | BPF_TC_EGRESS: 536 return libbpf_err(tc_qdisc_delete(hook)); 537 case BPF_TC_CUSTOM: 538 return libbpf_err(-EOPNOTSUPP); 539 default: 540 return libbpf_err(-EINVAL); 541 } 542 } 543 544 struct bpf_cb_ctx { 545 struct bpf_tc_opts *opts; 546 bool processed; 547 }; 548 549 static int __get_tc_info(void *cookie, struct tcmsg *tc, struct nlattr **tb, 550 bool unicast) 551 { 552 struct nlattr *tbb[TCA_BPF_MAX + 1]; 553 struct bpf_cb_ctx *info = cookie; 554 555 if (!info || !info->opts) 556 return -EINVAL; 557 if (unicast && info->processed) 558 return -EINVAL; 559 if (!tb[TCA_OPTIONS]) 560 return NL_CONT; 561 562 libbpf_nla_parse_nested(tbb, TCA_BPF_MAX, tb[TCA_OPTIONS], NULL); 563 if (!tbb[TCA_BPF_ID]) 564 return -EINVAL; 565 566 OPTS_SET(info->opts, prog_id, libbpf_nla_getattr_u32(tbb[TCA_BPF_ID])); 567 OPTS_SET(info->opts, handle, tc->tcm_handle); 568 OPTS_SET(info->opts, priority, TC_H_MAJ(tc->tcm_info) >> 16); 569 570 info->processed = true; 571 return unicast ? NL_NEXT : NL_DONE; 572 } 573 574 static int get_tc_info(struct nlmsghdr *nh, libbpf_dump_nlmsg_t fn, 575 void *cookie) 576 { 577 struct tcmsg *tc = NLMSG_DATA(nh); 578 struct nlattr *tb[TCA_MAX + 1]; 579 580 libbpf_nla_parse(tb, TCA_MAX, 581 (struct nlattr *)((void *)tc + NLMSG_ALIGN(sizeof(*tc))), 582 NLMSG_PAYLOAD(nh, sizeof(*tc)), NULL); 583 if (!tb[TCA_KIND]) 584 return NL_CONT; 585 return __get_tc_info(cookie, tc, tb, nh->nlmsg_flags & NLM_F_ECHO); 586 } 587 588 static int tc_add_fd_and_name(struct libbpf_nla_req *req, int fd) 589 { 590 struct bpf_prog_info info; 591 __u32 info_len = sizeof(info); 592 char name[256]; 593 int len, ret; 594 595 memset(&info, 0, info_len); 596 ret = bpf_obj_get_info_by_fd(fd, &info, &info_len); 597 if (ret < 0) 598 return ret; 599 600 ret = nlattr_add(req, TCA_BPF_FD, &fd, sizeof(fd)); 601 if (ret < 0) 602 return ret; 603 len = snprintf(name, sizeof(name), "%s:[%u]", info.name, info.id); 604 if (len < 0) 605 return -errno; 606 if (len >= sizeof(name)) 607 return -ENAMETOOLONG; 608 return nlattr_add(req, TCA_BPF_NAME, name, len + 1); 609 } 610 611 int bpf_tc_attach(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts) 612 { 613 __u32 protocol, bpf_flags, handle, priority, parent, prog_id, flags; 614 int ret, ifindex, attach_point, prog_fd; 615 struct bpf_cb_ctx info = {}; 616 struct libbpf_nla_req req; 617 struct nlattr *nla; 618 619 if (!hook || !opts || 620 !OPTS_VALID(hook, bpf_tc_hook) || 621 !OPTS_VALID(opts, bpf_tc_opts)) 622 return libbpf_err(-EINVAL); 623 624 ifindex = OPTS_GET(hook, ifindex, 0); 625 parent = OPTS_GET(hook, parent, 0); 626 attach_point = OPTS_GET(hook, attach_point, 0); 627 628 handle = OPTS_GET(opts, handle, 0); 629 priority = OPTS_GET(opts, priority, 0); 630 prog_fd = OPTS_GET(opts, prog_fd, 0); 631 prog_id = OPTS_GET(opts, prog_id, 0); 632 flags = OPTS_GET(opts, flags, 0); 633 634 if (ifindex <= 0 || !prog_fd || prog_id) 635 return libbpf_err(-EINVAL); 636 if (priority > UINT16_MAX) 637 return libbpf_err(-EINVAL); 638 if (flags & ~BPF_TC_F_REPLACE) 639 return libbpf_err(-EINVAL); 640 641 flags = (flags & BPF_TC_F_REPLACE) ? NLM_F_REPLACE : NLM_F_EXCL; 642 protocol = ETH_P_ALL; 643 644 memset(&req, 0, sizeof(req)); 645 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)); 646 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE | 647 NLM_F_ECHO | flags; 648 req.nh.nlmsg_type = RTM_NEWTFILTER; 649 req.tc.tcm_family = AF_UNSPEC; 650 req.tc.tcm_ifindex = ifindex; 651 req.tc.tcm_handle = handle; 652 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol)); 653 654 ret = tc_get_tcm_parent(attach_point, &parent); 655 if (ret < 0) 656 return libbpf_err(ret); 657 req.tc.tcm_parent = parent; 658 659 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf")); 660 if (ret < 0) 661 return libbpf_err(ret); 662 nla = nlattr_begin_nested(&req, TCA_OPTIONS); 663 if (!nla) 664 return libbpf_err(-EMSGSIZE); 665 ret = tc_add_fd_and_name(&req, prog_fd); 666 if (ret < 0) 667 return libbpf_err(ret); 668 bpf_flags = TCA_BPF_FLAG_ACT_DIRECT; 669 ret = nlattr_add(&req, TCA_BPF_FLAGS, &bpf_flags, sizeof(bpf_flags)); 670 if (ret < 0) 671 return libbpf_err(ret); 672 nlattr_end_nested(&req, nla); 673 674 info.opts = opts; 675 676 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info); 677 if (ret < 0) 678 return libbpf_err(ret); 679 if (!info.processed) 680 return libbpf_err(-ENOENT); 681 return ret; 682 } 683 684 static int __bpf_tc_detach(const struct bpf_tc_hook *hook, 685 const struct bpf_tc_opts *opts, 686 const bool flush) 687 { 688 __u32 protocol = 0, handle, priority, parent, prog_id, flags; 689 int ret, ifindex, attach_point, prog_fd; 690 struct libbpf_nla_req req; 691 692 if (!hook || 693 !OPTS_VALID(hook, bpf_tc_hook) || 694 !OPTS_VALID(opts, bpf_tc_opts)) 695 return -EINVAL; 696 697 ifindex = OPTS_GET(hook, ifindex, 0); 698 parent = OPTS_GET(hook, parent, 0); 699 attach_point = OPTS_GET(hook, attach_point, 0); 700 701 handle = OPTS_GET(opts, handle, 0); 702 priority = OPTS_GET(opts, priority, 0); 703 prog_fd = OPTS_GET(opts, prog_fd, 0); 704 prog_id = OPTS_GET(opts, prog_id, 0); 705 flags = OPTS_GET(opts, flags, 0); 706 707 if (ifindex <= 0 || flags || prog_fd || prog_id) 708 return -EINVAL; 709 if (priority > UINT16_MAX) 710 return -EINVAL; 711 if (!flush) { 712 if (!handle || !priority) 713 return -EINVAL; 714 protocol = ETH_P_ALL; 715 } else { 716 if (handle || priority) 717 return -EINVAL; 718 } 719 720 memset(&req, 0, sizeof(req)); 721 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)); 722 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; 723 req.nh.nlmsg_type = RTM_DELTFILTER; 724 req.tc.tcm_family = AF_UNSPEC; 725 req.tc.tcm_ifindex = ifindex; 726 if (!flush) { 727 req.tc.tcm_handle = handle; 728 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol)); 729 } 730 731 ret = tc_get_tcm_parent(attach_point, &parent); 732 if (ret < 0) 733 return ret; 734 req.tc.tcm_parent = parent; 735 736 if (!flush) { 737 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf")); 738 if (ret < 0) 739 return ret; 740 } 741 742 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL); 743 } 744 745 int bpf_tc_detach(const struct bpf_tc_hook *hook, 746 const struct bpf_tc_opts *opts) 747 { 748 int ret; 749 750 if (!opts) 751 return libbpf_err(-EINVAL); 752 753 ret = __bpf_tc_detach(hook, opts, false); 754 return libbpf_err(ret); 755 } 756 757 int bpf_tc_query(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts) 758 { 759 __u32 protocol, handle, priority, parent, prog_id, flags; 760 int ret, ifindex, attach_point, prog_fd; 761 struct bpf_cb_ctx info = {}; 762 struct libbpf_nla_req req; 763 764 if (!hook || !opts || 765 !OPTS_VALID(hook, bpf_tc_hook) || 766 !OPTS_VALID(opts, bpf_tc_opts)) 767 return libbpf_err(-EINVAL); 768 769 ifindex = OPTS_GET(hook, ifindex, 0); 770 parent = OPTS_GET(hook, parent, 0); 771 attach_point = OPTS_GET(hook, attach_point, 0); 772 773 handle = OPTS_GET(opts, handle, 0); 774 priority = OPTS_GET(opts, priority, 0); 775 prog_fd = OPTS_GET(opts, prog_fd, 0); 776 prog_id = OPTS_GET(opts, prog_id, 0); 777 flags = OPTS_GET(opts, flags, 0); 778 779 if (ifindex <= 0 || flags || prog_fd || prog_id || 780 !handle || !priority) 781 return libbpf_err(-EINVAL); 782 if (priority > UINT16_MAX) 783 return libbpf_err(-EINVAL); 784 785 protocol = ETH_P_ALL; 786 787 memset(&req, 0, sizeof(req)); 788 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)); 789 req.nh.nlmsg_flags = NLM_F_REQUEST; 790 req.nh.nlmsg_type = RTM_GETTFILTER; 791 req.tc.tcm_family = AF_UNSPEC; 792 req.tc.tcm_ifindex = ifindex; 793 req.tc.tcm_handle = handle; 794 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol)); 795 796 ret = tc_get_tcm_parent(attach_point, &parent); 797 if (ret < 0) 798 return libbpf_err(ret); 799 req.tc.tcm_parent = parent; 800 801 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf")); 802 if (ret < 0) 803 return libbpf_err(ret); 804 805 info.opts = opts; 806 807 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info); 808 if (ret < 0) 809 return libbpf_err(ret); 810 if (!info.processed) 811 return libbpf_err(-ENOENT); 812 return ret; 813 } 814