1 // SPDX-License-Identifier: GPL-2.0 2 #include <vmlinux.h> 3 #include <bpf/bpf_tracing.h> 4 #include <bpf/bpf_helpers.h> 5 #include <bpf/bpf_core_read.h> 6 7 struct nf_conn; 8 9 struct bpf_ct_opts___local { 10 s32 netns_id; 11 s32 error; 12 u8 l4proto; 13 u8 reserved[3]; 14 } __attribute__((preserve_access_index)); 15 16 struct nf_conn *bpf_skb_ct_alloc(struct __sk_buff *, struct bpf_sock_tuple *, u32, 17 struct bpf_ct_opts___local *, u32) __ksym; 18 struct nf_conn *bpf_skb_ct_lookup(struct __sk_buff *, struct bpf_sock_tuple *, u32, 19 struct bpf_ct_opts___local *, u32) __ksym; 20 struct nf_conn *bpf_ct_insert_entry(struct nf_conn *) __ksym; 21 void bpf_ct_release(struct nf_conn *) __ksym; 22 void bpf_ct_set_timeout(struct nf_conn *, u32) __ksym; 23 int bpf_ct_change_timeout(struct nf_conn *, u32) __ksym; 24 int bpf_ct_set_status(struct nf_conn *, u32) __ksym; 25 int bpf_ct_change_status(struct nf_conn *, u32) __ksym; 26 27 SEC("?tc") 28 int alloc_release(struct __sk_buff *ctx) 29 { 30 struct bpf_ct_opts___local opts = {}; 31 struct bpf_sock_tuple tup = {}; 32 struct nf_conn *ct; 33 34 ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 35 if (!ct) 36 return 0; 37 bpf_ct_release(ct); 38 return 0; 39 } 40 41 SEC("?tc") 42 int insert_insert(struct __sk_buff *ctx) 43 { 44 struct bpf_ct_opts___local opts = {}; 45 struct bpf_sock_tuple tup = {}; 46 struct nf_conn *ct; 47 48 ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 49 if (!ct) 50 return 0; 51 ct = bpf_ct_insert_entry(ct); 52 if (!ct) 53 return 0; 54 ct = bpf_ct_insert_entry(ct); 55 return 0; 56 } 57 58 SEC("?tc") 59 int lookup_insert(struct __sk_buff *ctx) 60 { 61 struct bpf_ct_opts___local opts = {}; 62 struct bpf_sock_tuple tup = {}; 63 struct nf_conn *ct; 64 65 ct = bpf_skb_ct_lookup(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 66 if (!ct) 67 return 0; 68 bpf_ct_insert_entry(ct); 69 return 0; 70 } 71 72 SEC("?tc") 73 int set_timeout_after_insert(struct __sk_buff *ctx) 74 { 75 struct bpf_ct_opts___local opts = {}; 76 struct bpf_sock_tuple tup = {}; 77 struct nf_conn *ct; 78 79 ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 80 if (!ct) 81 return 0; 82 ct = bpf_ct_insert_entry(ct); 83 if (!ct) 84 return 0; 85 bpf_ct_set_timeout(ct, 0); 86 return 0; 87 } 88 89 SEC("?tc") 90 int set_status_after_insert(struct __sk_buff *ctx) 91 { 92 struct bpf_ct_opts___local opts = {}; 93 struct bpf_sock_tuple tup = {}; 94 struct nf_conn *ct; 95 96 ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 97 if (!ct) 98 return 0; 99 ct = bpf_ct_insert_entry(ct); 100 if (!ct) 101 return 0; 102 bpf_ct_set_status(ct, 0); 103 return 0; 104 } 105 106 SEC("?tc") 107 int change_timeout_after_alloc(struct __sk_buff *ctx) 108 { 109 struct bpf_ct_opts___local opts = {}; 110 struct bpf_sock_tuple tup = {}; 111 struct nf_conn *ct; 112 113 ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 114 if (!ct) 115 return 0; 116 bpf_ct_change_timeout(ct, 0); 117 return 0; 118 } 119 120 SEC("?tc") 121 int change_status_after_alloc(struct __sk_buff *ctx) 122 { 123 struct bpf_ct_opts___local opts = {}; 124 struct bpf_sock_tuple tup = {}; 125 struct nf_conn *ct; 126 127 ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts)); 128 if (!ct) 129 return 0; 130 bpf_ct_change_status(ct, 0); 131 return 0; 132 } 133 134 char _license[] SEC("license") = "GPL"; 135