1bd4aed0eSJiong Wang // SPDX-License-Identifier: GPL-2.0
2bd4aed0eSJiong Wang /* Copyright (c) 2018 Facebook */
3bd4aed0eSJiong Wang
4bd4aed0eSJiong Wang #include <stdlib.h>
5bd4aed0eSJiong Wang #include <linux/in.h>
6bd4aed0eSJiong Wang #include <linux/ip.h>
7bd4aed0eSJiong Wang #include <linux/ipv6.h>
8bd4aed0eSJiong Wang #include <linux/tcp.h>
9bd4aed0eSJiong Wang #include <linux/udp.h>
10bd4aed0eSJiong Wang #include <linux/bpf.h>
11bd4aed0eSJiong Wang #include <linux/types.h>
12bd4aed0eSJiong Wang #include <linux/if_ether.h>
13bd4aed0eSJiong Wang
143e689141SToke Høiland-Jørgensen #include <bpf/bpf_endian.h>
153e689141SToke Høiland-Jørgensen #include <bpf/bpf_helpers.h>
16bd4aed0eSJiong Wang #include "test_select_reuseport_common.h"
17bd4aed0eSJiong Wang
18bd4aed0eSJiong Wang #ifndef offsetof
19bd4aed0eSJiong Wang #define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
20bd4aed0eSJiong Wang #endif
21bd4aed0eSJiong Wang
22df0b7792SAndrii Nakryiko struct {
23bc7430ccSAndrii Nakryiko __uint(type, BPF_MAP_TYPE_ARRAY_OF_MAPS);
24bc7430ccSAndrii Nakryiko __uint(max_entries, 1);
25bd368cb5SHengqi Chen __type(key, __u32);
26bd368cb5SHengqi Chen __type(value, __u32);
27bc7430ccSAndrii Nakryiko } outer_map SEC(".maps");
28bd4aed0eSJiong Wang
29df0b7792SAndrii Nakryiko struct {
30bc7430ccSAndrii Nakryiko __uint(type, BPF_MAP_TYPE_ARRAY);
31bc7430ccSAndrii Nakryiko __uint(max_entries, NR_RESULTS);
32bc7430ccSAndrii Nakryiko __type(key, __u32);
33bc7430ccSAndrii Nakryiko __type(value, __u32);
34bc7430ccSAndrii Nakryiko } result_map SEC(".maps");
35bd4aed0eSJiong Wang
36df0b7792SAndrii Nakryiko struct {
37bc7430ccSAndrii Nakryiko __uint(type, BPF_MAP_TYPE_ARRAY);
38bc7430ccSAndrii Nakryiko __uint(max_entries, 1);
39bc7430ccSAndrii Nakryiko __type(key, __u32);
40bc7430ccSAndrii Nakryiko __type(value, int);
41bc7430ccSAndrii Nakryiko } tmp_index_ovr_map SEC(".maps");
42bd4aed0eSJiong Wang
43df0b7792SAndrii Nakryiko struct {
44bc7430ccSAndrii Nakryiko __uint(type, BPF_MAP_TYPE_ARRAY);
45bc7430ccSAndrii Nakryiko __uint(max_entries, 1);
46bc7430ccSAndrii Nakryiko __type(key, __u32);
47bc7430ccSAndrii Nakryiko __type(value, __u32);
48bc7430ccSAndrii Nakryiko } linum_map SEC(".maps");
49bd4aed0eSJiong Wang
50df0b7792SAndrii Nakryiko struct {
51bc7430ccSAndrii Nakryiko __uint(type, BPF_MAP_TYPE_ARRAY);
52bc7430ccSAndrii Nakryiko __uint(max_entries, 1);
53bc7430ccSAndrii Nakryiko __type(key, __u32);
54bc7430ccSAndrii Nakryiko __type(value, struct data_check);
55bc7430ccSAndrii Nakryiko } data_check_map SEC(".maps");
56bd4aed0eSJiong Wang
57bd4aed0eSJiong Wang #define GOTO_DONE(_result) ({ \
58bd4aed0eSJiong Wang result = (_result); \
59bd4aed0eSJiong Wang linum = __LINE__; \
60bd4aed0eSJiong Wang goto done; \
61bd4aed0eSJiong Wang })
62bd4aed0eSJiong Wang
631fbcef92SJakub Sitnicki SEC("sk_reuseport")
_select_by_skb_data(struct sk_reuseport_md * reuse_md)64bd4aed0eSJiong Wang int _select_by_skb_data(struct sk_reuseport_md *reuse_md)
65bd4aed0eSJiong Wang {
66bd4aed0eSJiong Wang __u32 linum, index = 0, flags = 0, index_zero = 0;
67*c8ed6685SAndrii Nakryiko __u32 *result_cnt;
68bd4aed0eSJiong Wang struct data_check data_check = {};
69bd4aed0eSJiong Wang struct cmd *cmd, cmd_copy;
70bd4aed0eSJiong Wang void *data, *data_end;
71bd4aed0eSJiong Wang void *reuseport_array;
72bd4aed0eSJiong Wang enum result result;
73bd4aed0eSJiong Wang int *index_ovr;
74bd4aed0eSJiong Wang int err;
75bd4aed0eSJiong Wang
76bd4aed0eSJiong Wang data = reuse_md->data;
77bd4aed0eSJiong Wang data_end = reuse_md->data_end;
78bd4aed0eSJiong Wang data_check.len = reuse_md->len;
79bd4aed0eSJiong Wang data_check.eth_protocol = reuse_md->eth_protocol;
80bd4aed0eSJiong Wang data_check.ip_protocol = reuse_md->ip_protocol;
81bd4aed0eSJiong Wang data_check.hash = reuse_md->hash;
82bd4aed0eSJiong Wang data_check.bind_inany = reuse_md->bind_inany;
83bd4aed0eSJiong Wang if (data_check.eth_protocol == bpf_htons(ETH_P_IP)) {
84bd4aed0eSJiong Wang if (bpf_skb_load_bytes_relative(reuse_md,
85bd4aed0eSJiong Wang offsetof(struct iphdr, saddr),
86bd4aed0eSJiong Wang data_check.skb_addrs, 8,
87bd4aed0eSJiong Wang BPF_HDR_START_NET))
88bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
89bd4aed0eSJiong Wang } else {
90bd4aed0eSJiong Wang if (bpf_skb_load_bytes_relative(reuse_md,
91bd4aed0eSJiong Wang offsetof(struct ipv6hdr, saddr),
92bd4aed0eSJiong Wang data_check.skb_addrs, 32,
93bd4aed0eSJiong Wang BPF_HDR_START_NET))
94bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
95bd4aed0eSJiong Wang }
96bd4aed0eSJiong Wang
97bd4aed0eSJiong Wang /*
98bd4aed0eSJiong Wang * The ip_protocol could be a compile time decision
99bd4aed0eSJiong Wang * if the bpf_prog.o is dedicated to either TCP or
100bd4aed0eSJiong Wang * UDP.
101bd4aed0eSJiong Wang *
102bd4aed0eSJiong Wang * Otherwise, reuse_md->ip_protocol or
103bd4aed0eSJiong Wang * the protocol field in the iphdr can be used.
104bd4aed0eSJiong Wang */
105bd4aed0eSJiong Wang if (data_check.ip_protocol == IPPROTO_TCP) {
106bd4aed0eSJiong Wang struct tcphdr *th = data;
107bd4aed0eSJiong Wang
108bd4aed0eSJiong Wang if (th + 1 > data_end)
109bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
110bd4aed0eSJiong Wang
111bd4aed0eSJiong Wang data_check.skb_ports[0] = th->source;
112bd4aed0eSJiong Wang data_check.skb_ports[1] = th->dest;
113bd4aed0eSJiong Wang
1148bec4f66SLorenz Bauer if (th->fin)
1158bec4f66SLorenz Bauer /* The connection is being torn down at the end of a
1168bec4f66SLorenz Bauer * test. It can't contain a cmd, so return early.
1178bec4f66SLorenz Bauer */
1188bec4f66SLorenz Bauer return SK_PASS;
1198bec4f66SLorenz Bauer
120bd4aed0eSJiong Wang if ((th->doff << 2) + sizeof(*cmd) > data_check.len)
121bd4aed0eSJiong Wang GOTO_DONE(DROP_ERR_SKB_DATA);
122bd4aed0eSJiong Wang if (bpf_skb_load_bytes(reuse_md, th->doff << 2, &cmd_copy,
123bd4aed0eSJiong Wang sizeof(cmd_copy)))
124bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
125bd4aed0eSJiong Wang cmd = &cmd_copy;
126bd4aed0eSJiong Wang } else if (data_check.ip_protocol == IPPROTO_UDP) {
127bd4aed0eSJiong Wang struct udphdr *uh = data;
128bd4aed0eSJiong Wang
129bd4aed0eSJiong Wang if (uh + 1 > data_end)
130bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
131bd4aed0eSJiong Wang
132bd4aed0eSJiong Wang data_check.skb_ports[0] = uh->source;
133bd4aed0eSJiong Wang data_check.skb_ports[1] = uh->dest;
134bd4aed0eSJiong Wang
135bd4aed0eSJiong Wang if (sizeof(struct udphdr) + sizeof(*cmd) > data_check.len)
136bd4aed0eSJiong Wang GOTO_DONE(DROP_ERR_SKB_DATA);
137bd4aed0eSJiong Wang if (data + sizeof(struct udphdr) + sizeof(*cmd) > data_end) {
138bd4aed0eSJiong Wang if (bpf_skb_load_bytes(reuse_md, sizeof(struct udphdr),
139bd4aed0eSJiong Wang &cmd_copy, sizeof(cmd_copy)))
140bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
141bd4aed0eSJiong Wang cmd = &cmd_copy;
142bd4aed0eSJiong Wang } else {
143bd4aed0eSJiong Wang cmd = data + sizeof(struct udphdr);
144bd4aed0eSJiong Wang }
145bd4aed0eSJiong Wang } else {
146bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
147bd4aed0eSJiong Wang }
148bd4aed0eSJiong Wang
149bd4aed0eSJiong Wang reuseport_array = bpf_map_lookup_elem(&outer_map, &index_zero);
150bd4aed0eSJiong Wang if (!reuseport_array)
151bd4aed0eSJiong Wang GOTO_DONE(DROP_ERR_INNER_MAP);
152bd4aed0eSJiong Wang
153bd4aed0eSJiong Wang index = cmd->reuseport_index;
154bd4aed0eSJiong Wang index_ovr = bpf_map_lookup_elem(&tmp_index_ovr_map, &index_zero);
155bd4aed0eSJiong Wang if (!index_ovr)
156bd4aed0eSJiong Wang GOTO_DONE(DROP_MISC);
157bd4aed0eSJiong Wang
158bd4aed0eSJiong Wang if (*index_ovr != -1) {
159bd4aed0eSJiong Wang index = *index_ovr;
160bd4aed0eSJiong Wang *index_ovr = -1;
161bd4aed0eSJiong Wang }
162bd4aed0eSJiong Wang err = bpf_sk_select_reuseport(reuse_md, reuseport_array, &index,
163bd4aed0eSJiong Wang flags);
164bd4aed0eSJiong Wang if (!err)
165bd4aed0eSJiong Wang GOTO_DONE(PASS);
166bd4aed0eSJiong Wang
167bd4aed0eSJiong Wang if (cmd->pass_on_failure)
168bd4aed0eSJiong Wang GOTO_DONE(PASS_ERR_SK_SELECT_REUSEPORT);
169bd4aed0eSJiong Wang else
170bd4aed0eSJiong Wang GOTO_DONE(DROP_ERR_SK_SELECT_REUSEPORT);
171bd4aed0eSJiong Wang
172bd4aed0eSJiong Wang done:
173bd4aed0eSJiong Wang result_cnt = bpf_map_lookup_elem(&result_map, &result);
174bd4aed0eSJiong Wang if (!result_cnt)
175bd4aed0eSJiong Wang return SK_DROP;
176bd4aed0eSJiong Wang
177bd4aed0eSJiong Wang bpf_map_update_elem(&linum_map, &index_zero, &linum, BPF_ANY);
178bd4aed0eSJiong Wang bpf_map_update_elem(&data_check_map, &index_zero, &data_check, BPF_ANY);
179bd4aed0eSJiong Wang
180bd4aed0eSJiong Wang (*result_cnt)++;
181bd4aed0eSJiong Wang return result < PASS ? SK_DROP : SK_PASS;
182bd4aed0eSJiong Wang }
183bd4aed0eSJiong Wang
184bd4aed0eSJiong Wang char _license[] SEC("license") = "GPL";
185