1cfa7b011SJoanne Koong // SPDX-License-Identifier: GPL-2.0
2cfa7b011SJoanne Koong
3cfa7b011SJoanne Koong /* This logic is lifted from a real-world use case of packet parsing, used in
4cfa7b011SJoanne Koong * the open source library katran, a layer 4 load balancer.
5cfa7b011SJoanne Koong *
6cfa7b011SJoanne Koong * This test demonstrates how to parse packet contents using dynptrs. The
7cfa7b011SJoanne Koong * original code (parsing without dynptrs) can be found in test_parse_tcp_hdr_opt.c
8cfa7b011SJoanne Koong */
9cfa7b011SJoanne Koong
10cfa7b011SJoanne Koong #include <linux/bpf.h>
11cfa7b011SJoanne Koong #include <bpf/bpf_helpers.h>
12cfa7b011SJoanne Koong #include <linux/tcp.h>
13cfa7b011SJoanne Koong #include <stdbool.h>
14cfa7b011SJoanne Koong #include <linux/ipv6.h>
15cfa7b011SJoanne Koong #include <linux/if_ether.h>
16cfa7b011SJoanne Koong #include "test_tcp_hdr_options.h"
17cfa7b011SJoanne Koong #include "bpf_kfuncs.h"
18cfa7b011SJoanne Koong
19cfa7b011SJoanne Koong char _license[] SEC("license") = "GPL";
20cfa7b011SJoanne Koong
21cfa7b011SJoanne Koong /* Kind number used for experiments */
22cfa7b011SJoanne Koong const __u32 tcp_hdr_opt_kind_tpr = 0xFD;
23cfa7b011SJoanne Koong /* Length of the tcp header option */
24cfa7b011SJoanne Koong const __u32 tcp_hdr_opt_len_tpr = 6;
25cfa7b011SJoanne Koong /* maximum number of header options to check to lookup server_id */
26cfa7b011SJoanne Koong const __u32 tcp_hdr_opt_max_opt_checks = 15;
27cfa7b011SJoanne Koong
28cfa7b011SJoanne Koong __u32 server_id;
29cfa7b011SJoanne Koong
parse_hdr_opt(struct bpf_dynptr * ptr,__u32 * off,__u8 * hdr_bytes_remaining,__u32 * server_id)30cfa7b011SJoanne Koong static int parse_hdr_opt(struct bpf_dynptr *ptr, __u32 *off, __u8 *hdr_bytes_remaining,
31cfa7b011SJoanne Koong __u32 *server_id)
32cfa7b011SJoanne Koong {
33*c8ed6685SAndrii Nakryiko __u8 kind, hdr_len;
34cfa7b011SJoanne Koong __u8 buffer[sizeof(kind) + sizeof(hdr_len) + sizeof(*server_id)];
35cfa7b011SJoanne Koong __u8 *data;
36cfa7b011SJoanne Koong
37cfa7b011SJoanne Koong __builtin_memset(buffer, 0, sizeof(buffer));
38cfa7b011SJoanne Koong
39cfa7b011SJoanne Koong data = bpf_dynptr_slice(ptr, *off, buffer, sizeof(buffer));
40cfa7b011SJoanne Koong if (!data)
41cfa7b011SJoanne Koong return -1;
42cfa7b011SJoanne Koong
43cfa7b011SJoanne Koong kind = data[0];
44cfa7b011SJoanne Koong
45cfa7b011SJoanne Koong if (kind == TCPOPT_EOL)
46cfa7b011SJoanne Koong return -1;
47cfa7b011SJoanne Koong
48cfa7b011SJoanne Koong if (kind == TCPOPT_NOP) {
49cfa7b011SJoanne Koong *off += 1;
50cfa7b011SJoanne Koong *hdr_bytes_remaining -= 1;
51cfa7b011SJoanne Koong return 0;
52cfa7b011SJoanne Koong }
53cfa7b011SJoanne Koong
54cfa7b011SJoanne Koong if (*hdr_bytes_remaining < 2)
55cfa7b011SJoanne Koong return -1;
56cfa7b011SJoanne Koong
57cfa7b011SJoanne Koong hdr_len = data[1];
58cfa7b011SJoanne Koong if (hdr_len > *hdr_bytes_remaining)
59cfa7b011SJoanne Koong return -1;
60cfa7b011SJoanne Koong
61cfa7b011SJoanne Koong if (kind == tcp_hdr_opt_kind_tpr) {
62cfa7b011SJoanne Koong if (hdr_len != tcp_hdr_opt_len_tpr)
63cfa7b011SJoanne Koong return -1;
64cfa7b011SJoanne Koong
65cfa7b011SJoanne Koong __builtin_memcpy(server_id, (__u32 *)(data + 2), sizeof(*server_id));
66cfa7b011SJoanne Koong return 1;
67cfa7b011SJoanne Koong }
68cfa7b011SJoanne Koong
69cfa7b011SJoanne Koong *off += hdr_len;
70cfa7b011SJoanne Koong *hdr_bytes_remaining -= hdr_len;
71cfa7b011SJoanne Koong return 0;
72cfa7b011SJoanne Koong }
73cfa7b011SJoanne Koong
74cfa7b011SJoanne Koong SEC("xdp")
xdp_ingress_v6(struct xdp_md * xdp)75cfa7b011SJoanne Koong int xdp_ingress_v6(struct xdp_md *xdp)
76cfa7b011SJoanne Koong {
77cfa7b011SJoanne Koong __u8 buffer[sizeof(struct tcphdr)] = {};
78cfa7b011SJoanne Koong __u8 hdr_bytes_remaining;
79cfa7b011SJoanne Koong struct tcphdr *tcp_hdr;
80cfa7b011SJoanne Koong __u8 tcp_hdr_opt_len;
81cfa7b011SJoanne Koong int err = 0;
82cfa7b011SJoanne Koong __u32 off;
83cfa7b011SJoanne Koong
84cfa7b011SJoanne Koong struct bpf_dynptr ptr;
85cfa7b011SJoanne Koong
86cfa7b011SJoanne Koong bpf_dynptr_from_xdp(xdp, 0, &ptr);
87cfa7b011SJoanne Koong
88cfa7b011SJoanne Koong off = sizeof(struct ethhdr) + sizeof(struct ipv6hdr);
89cfa7b011SJoanne Koong
90cfa7b011SJoanne Koong tcp_hdr = bpf_dynptr_slice(&ptr, off, buffer, sizeof(buffer));
91cfa7b011SJoanne Koong if (!tcp_hdr)
92cfa7b011SJoanne Koong return XDP_DROP;
93cfa7b011SJoanne Koong
94cfa7b011SJoanne Koong tcp_hdr_opt_len = (tcp_hdr->doff * 4) - sizeof(struct tcphdr);
95cfa7b011SJoanne Koong if (tcp_hdr_opt_len < tcp_hdr_opt_len_tpr)
96cfa7b011SJoanne Koong return XDP_DROP;
97cfa7b011SJoanne Koong
98cfa7b011SJoanne Koong hdr_bytes_remaining = tcp_hdr_opt_len;
99cfa7b011SJoanne Koong
100cfa7b011SJoanne Koong off += sizeof(struct tcphdr);
101cfa7b011SJoanne Koong
102cfa7b011SJoanne Koong /* max number of bytes of options in tcp header is 40 bytes */
103cfa7b011SJoanne Koong for (int i = 0; i < tcp_hdr_opt_max_opt_checks; i++) {
104cfa7b011SJoanne Koong err = parse_hdr_opt(&ptr, &off, &hdr_bytes_remaining, &server_id);
105cfa7b011SJoanne Koong
106cfa7b011SJoanne Koong if (err || !hdr_bytes_remaining)
107cfa7b011SJoanne Koong break;
108cfa7b011SJoanne Koong }
109cfa7b011SJoanne Koong
110cfa7b011SJoanne Koong if (!server_id)
111cfa7b011SJoanne Koong return XDP_DROP;
112cfa7b011SJoanne Koong
113cfa7b011SJoanne Koong return XDP_PASS;
114cfa7b011SJoanne Koong }
115