~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/samples/bpf/xdp_router_ipv4.bpf.c

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /* Copyright (C) 2017 Cavium, Inc.
  2  *
  3  * This program is free software; you can redistribute it and/or modify it
  4  * under the terms of version 2 of the GNU General Public License
  5  * as published by the Free Software Foundation.
  6  */
  7 
  8 #include "vmlinux.h"
  9 #include "xdp_sample.bpf.h"
 10 #include "xdp_sample_shared.h"
 11 
 12 #define ETH_ALEN        6
 13 #define ETH_P_8021Q     0x8100
 14 #define ETH_P_8021AD    0x88A8
 15 
 16 struct trie_value {
 17         __u8 prefix[4];
 18         __be64 value;
 19         int ifindex;
 20         int metric;
 21         __be32 gw;
 22 };
 23 
 24 /* Key for lpm_trie */
 25 union key_4 {
 26         u32 b32[2];
 27         u8 b8[8];
 28 };
 29 
 30 struct arp_entry {
 31         __be64 mac;
 32         __be32 dst;
 33 };
 34 
 35 struct direct_map {
 36         struct arp_entry arp;
 37         int ifindex;
 38         __be64 mac;
 39 };
 40 
 41 /* Map for trie implementation */
 42 struct {
 43         __uint(type, BPF_MAP_TYPE_LPM_TRIE);
 44         __uint(key_size, 8);
 45         __uint(value_size, sizeof(struct trie_value));
 46         __uint(max_entries, 50);
 47         __uint(map_flags, BPF_F_NO_PREALLOC);
 48 } lpm_map SEC(".maps");
 49 
 50 /* Map for ARP table */
 51 struct {
 52         __uint(type, BPF_MAP_TYPE_HASH);
 53         __type(key, __be32);
 54         __type(value, __be64);
 55         __uint(max_entries, 50);
 56 } arp_table SEC(".maps");
 57 
 58 /* Map to keep the exact match entries in the route table */
 59 struct {
 60         __uint(type, BPF_MAP_TYPE_HASH);
 61         __type(key, __be32);
 62         __type(value, struct direct_map);
 63         __uint(max_entries, 50);
 64 } exact_match SEC(".maps");
 65 
 66 struct {
 67         __uint(type, BPF_MAP_TYPE_DEVMAP);
 68         __uint(key_size, sizeof(int));
 69         __uint(value_size, sizeof(int));
 70         __uint(max_entries, 100);
 71 } tx_port SEC(".maps");
 72 
 73 SEC("xdp")
 74 int xdp_router_ipv4_prog(struct xdp_md *ctx)
 75 {
 76         void *data_end = (void *)(long)ctx->data_end;
 77         void *data = (void *)(long)ctx->data;
 78         struct ethhdr *eth = data;
 79         u64 nh_off = sizeof(*eth);
 80         struct datarec *rec;
 81         __be16 h_proto;
 82         u32 key = 0;
 83 
 84         rec = bpf_map_lookup_elem(&rx_cnt, &key);
 85         if (rec)
 86                 NO_TEAR_INC(rec->processed);
 87 
 88         if (data + nh_off > data_end)
 89                 goto drop;
 90 
 91         h_proto = eth->h_proto;
 92         if (h_proto == bpf_htons(ETH_P_8021Q) ||
 93             h_proto == bpf_htons(ETH_P_8021AD)) {
 94                 struct vlan_hdr *vhdr;
 95 
 96                 vhdr = data + nh_off;
 97                 nh_off += sizeof(struct vlan_hdr);
 98                 if (data + nh_off > data_end)
 99                         goto drop;
100 
101                 h_proto = vhdr->h_vlan_encapsulated_proto;
102         }
103 
104         switch (bpf_ntohs(h_proto)) {
105         case ETH_P_ARP:
106                 if (rec)
107                         NO_TEAR_INC(rec->xdp_pass);
108                 return XDP_PASS;
109         case ETH_P_IP: {
110                 struct iphdr *iph = data + nh_off;
111                 struct direct_map *direct_entry;
112                 __be64 *dest_mac, *src_mac;
113                 int forward_to;
114 
115                 if (iph + 1 > data_end)
116                         goto drop;
117 
118                 direct_entry = bpf_map_lookup_elem(&exact_match, &iph->daddr);
119 
120                 /* Check for exact match, this would give a faster lookup */
121                 if (direct_entry && direct_entry->mac &&
122                     direct_entry->arp.mac) {
123                         src_mac = &direct_entry->mac;
124                         dest_mac = &direct_entry->arp.mac;
125                         forward_to = direct_entry->ifindex;
126                 } else {
127                         struct trie_value *prefix_value;
128                         union key_4 key4;
129 
130                         /* Look up in the trie for lpm */
131                         key4.b32[0] = 32;
132                         key4.b8[4] = iph->daddr & 0xff;
133                         key4.b8[5] = (iph->daddr >> 8) & 0xff;
134                         key4.b8[6] = (iph->daddr >> 16) & 0xff;
135                         key4.b8[7] = (iph->daddr >> 24) & 0xff;
136 
137                         prefix_value = bpf_map_lookup_elem(&lpm_map, &key4);
138                         if (!prefix_value)
139                                 goto drop;
140 
141                         forward_to = prefix_value->ifindex;
142                         src_mac = &prefix_value->value;
143                         if (!src_mac)
144                                 goto drop;
145 
146                         dest_mac = bpf_map_lookup_elem(&arp_table, &iph->daddr);
147                         if (!dest_mac) {
148                                 if (!prefix_value->gw)
149                                         goto drop;
150 
151                                 dest_mac = bpf_map_lookup_elem(&arp_table,
152                                                                &prefix_value->gw);
153                                 if (!dest_mac) {
154                                         /* Forward the packet to the kernel in
155                                          * order to trigger ARP discovery for
156                                          * the default gw.
157                                          */
158                                         if (rec)
159                                                 NO_TEAR_INC(rec->xdp_pass);
160                                         return XDP_PASS;
161                                 }
162                         }
163                 }
164 
165                 if (src_mac && dest_mac) {
166                         int ret;
167 
168                         __builtin_memcpy(eth->h_dest, dest_mac, ETH_ALEN);
169                         __builtin_memcpy(eth->h_source, src_mac, ETH_ALEN);
170 
171                         ret = bpf_redirect_map(&tx_port, forward_to, 0);
172                         if (ret == XDP_REDIRECT) {
173                                 if (rec)
174                                         NO_TEAR_INC(rec->xdp_redirect);
175                                 return ret;
176                         }
177                 }
178         }
179         default:
180                 break;
181         }
182 drop:
183         if (rec)
184                 NO_TEAR_INC(rec->xdp_drop);
185 
186         return XDP_DROP;
187 }
188 
189 char _license[] SEC("license") = "GPL";
190 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php