Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/samples/bpf/test_lwt_bpf.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* Copyright (c) 2016 Thomas Graf <tgraf@tgraf.ch>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * This program is free software; you can redistribute it and/or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  * modify it under the terms of version 2 of the GNU General Public
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * License as published by the Free Software Foundation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  * This program is distributed in the hope that it will be useful, but
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  * WITHOUT ANY WARRANTY; without even the implied warranty of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10)  * General Public License for more details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <stdint.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <stddef.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include <linux/bpf.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) #include <linux/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) #include <linux/in.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) #include <linux/in6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) #include <linux/tcp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) #include <linux/udp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) #include <linux/icmpv6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) #include <linux/if_ether.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) #include <bpf/bpf_helpers.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) #include <string.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) # define printk(fmt, ...)						\
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 		({							\
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 			char ____fmt[] = fmt;				\
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 			bpf_trace_printk(____fmt, sizeof(____fmt),	\
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 				     ##__VA_ARGS__);			\
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 		})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) #define CB_MAGIC 1234
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) /* Test: Pass all packets through */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) SEC("nop")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) int do_nop(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) /* Test: Verify context information can be accessed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) SEC("test_ctx")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) int do_test_ctx(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 	skb->cb[0] = CB_MAGIC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 	printk("len %d hash %d protocol %d\n", skb->len, skb->hash,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 	       skb->protocol);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	printk("cb %d ingress_ifindex %d ifindex %d\n", skb->cb[0],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	       skb->ingress_ifindex, skb->ifindex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) /* Test: Ensure skb->cb[] buffer is cleared */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) SEC("test_cb")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) int do_test_cb(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	printk("cb0: %x cb1: %x cb2: %x\n", skb->cb[0], skb->cb[1],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	       skb->cb[2]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	printk("cb3: %x cb4: %x\n", skb->cb[3], skb->cb[4]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) /* Test: Verify skb data can be read */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) SEC("test_data")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) int do_test_data(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	void *data = (void *)(long)skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	void *data_end = (void *)(long)skb->data_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	struct iphdr *iph = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 	if (data + sizeof(*iph) > data_end) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 		printk("packet truncated\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 		return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 	printk("src: %x dst: %x\n", iph->saddr, iph->daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) #define IP_CSUM_OFF offsetof(struct iphdr, check)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) #define IP_DST_OFF offsetof(struct iphdr, daddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) #define IP_SRC_OFF offsetof(struct iphdr, saddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) #define IP_PROTO_OFF offsetof(struct iphdr, protocol)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) #define TCP_CSUM_OFF offsetof(struct tcphdr, check)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) #define UDP_CSUM_OFF offsetof(struct udphdr, check)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) #define IS_PSEUDO 0x10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) static inline int rewrite(struct __sk_buff *skb, uint32_t old_ip,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 			  uint32_t new_ip, int rw_daddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	int ret, off = 0, flags = IS_PSEUDO;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	uint8_t proto;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	ret = bpf_skb_load_bytes(skb, IP_PROTO_OFF, &proto, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 		printk("bpf_l4_csum_replace failed: %d\n", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 		return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 	switch (proto) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	case IPPROTO_TCP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 		off = TCP_CSUM_OFF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	case IPPROTO_UDP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 		off = UDP_CSUM_OFF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 		flags |= BPF_F_MARK_MANGLED_0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	case IPPROTO_ICMPV6:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 		off = offsetof(struct icmp6hdr, icmp6_cksum);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 	if (off) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 		ret = bpf_l4_csum_replace(skb, off, old_ip, new_ip,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 					  flags | sizeof(new_ip));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 		if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 			printk("bpf_l4_csum_replace failed: %d\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 			return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	ret = bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 	if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 		printk("bpf_l3_csum_replace failed: %d\n", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 		return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 	if (rw_daddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 		ret = bpf_skb_store_bytes(skb, IP_DST_OFF, &new_ip, sizeof(new_ip), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 	else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 		ret = bpf_skb_store_bytes(skb, IP_SRC_OFF, &new_ip, sizeof(new_ip), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 	if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 		printk("bpf_skb_store_bytes() failed: %d\n", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 		return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) /* Test: Verify skb data can be modified */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) SEC("test_rewrite")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) int do_test_rewrite(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 	uint32_t old_ip, new_ip = 0x3fea8c0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 	int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 	ret = bpf_skb_load_bytes(skb, IP_DST_OFF, &old_ip, 4);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 	if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 		printk("bpf_skb_load_bytes failed: %d\n", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 		return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 	if (old_ip == 0x2fea8c0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 		printk("out: rewriting from %x to %x\n", old_ip, new_ip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) 		return rewrite(skb, old_ip, new_ip, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) static inline int __do_push_ll_and_redirect(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 	uint64_t smac = SRC_MAC, dmac = DST_MAC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 	int ret, ifindex = DST_IFINDEX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 	struct ethhdr ehdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) 	ret = bpf_skb_change_head(skb, 14, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) 	if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) 		printk("skb_change_head() failed: %d\n", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) 	ehdr.h_proto = __constant_htons(ETH_P_IP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 	memcpy(&ehdr.h_source, &smac, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 	memcpy(&ehdr.h_dest, &dmac, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 	ret = bpf_skb_store_bytes(skb, 0, &ehdr, sizeof(ehdr), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 	if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 		printk("skb_store_bytes() failed: %d\n", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 		return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 	return bpf_redirect(ifindex, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) SEC("push_ll_and_redirect_silent")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) int do_push_ll_and_redirect_silent(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 	return __do_push_ll_and_redirect(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) SEC("push_ll_and_redirect")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) int do_push_ll_and_redirect(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) 	int ret, ifindex = DST_IFINDEX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) 	ret = __do_push_ll_and_redirect(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) 	if (ret >= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 		printk("redirected to %d\n", ifindex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 	return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) static inline void __fill_garbage(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) 	uint64_t f = 0xFFFFFFFFFFFFFFFF;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) 	bpf_skb_store_bytes(skb, 0, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 	bpf_skb_store_bytes(skb, 8, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 	bpf_skb_store_bytes(skb, 16, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) 	bpf_skb_store_bytes(skb, 24, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 	bpf_skb_store_bytes(skb, 32, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 	bpf_skb_store_bytes(skb, 40, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 	bpf_skb_store_bytes(skb, 48, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	bpf_skb_store_bytes(skb, 56, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 	bpf_skb_store_bytes(skb, 64, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 	bpf_skb_store_bytes(skb, 72, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) 	bpf_skb_store_bytes(skb, 80, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 	bpf_skb_store_bytes(skb, 88, &f, sizeof(f), 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) SEC("fill_garbage")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) int do_fill_garbage(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 	__fill_garbage(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) 	printk("Set initial 96 bytes of header to FF\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) 	return BPF_OK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) SEC("fill_garbage_and_redirect")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) int do_fill_garbage_and_redirect(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 	int ifindex = DST_IFINDEX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) 	__fill_garbage(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 	printk("redirected to %d\n", ifindex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 	return bpf_redirect(ifindex, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) /* Drop all packets */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) SEC("drop_all")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) int do_drop_all(struct __sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 	printk("dropping with: %d\n", BPF_DROP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) 	return BPF_DROP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) char _license[] SEC("license") = "GPL";
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.