projects / linux-2.6-block.git / blame
| Commit | Line | Data |
|---|---|---|
| 2874c5fd | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
| 1da177e4 LT |
2 | /* |
| 3 | * Linux Socket Filter - Kernel level socket filtering | |
| 4 | * | |
| bd4cf0ed AS |
5 | * Based on the design of the Berkeley Packet Filter. The new |
| 6 | * internal format has been designed by PLUMgrid: | |
| 1da177e4 | 7 | * |
| bd4cf0ed AS |
8 | * Copyright (c) 2011 - 2014 PLUMgrid, http://plumgrid.com |
| 9 | * | |
| 10 | * Authors: | |
| 11 | * | |
| 12 | * Jay Schulist <jschlst@samba.org> | |
| 13 | * Alexei Starovoitov <ast@plumgrid.com> | |
| 14 | * Daniel Borkmann <dborkman@redhat.com> | |
| 1da177e4 | 15 | * |
| 1da177e4 | 16 | * Andi Kleen - Fix a few bad bugs and races. |
| 4df95ff4 | 17 | * Kris Katterjohn - Added many additional checks in bpf_check_classic() |
| 1da177e4 LT |
18 | */ |
| 19 | ||
| 201e2c1b | 20 | #include <linux/atomic.h> |
| 864b656f | 21 | #include <linux/bpf_verifier.h> |
| 1da177e4 LT |
22 | #include <linux/module.h> |
| 23 | #include <linux/types.h> | |
| 1da177e4 LT |
24 | #include <linux/mm.h> |
| 25 | #include <linux/fcntl.h> | |
| 26 | #include <linux/socket.h> | |
| 91b8270f | 27 | #include <linux/sock_diag.h> |
| 1da177e4 LT |
28 | #include <linux/in.h> |
| 29 | #include <linux/inet.h> | |
| 30 | #include <linux/netdevice.h> | |
| 31 | #include <linux/if_packet.h> | |
| c491680f | 32 | #include <linux/if_arp.h> |
| 5a0e3ad6 | 33 | #include <linux/gfp.h> |
| d74bad4e | 34 | #include <net/inet_common.h> |
| 1da177e4 LT |
35 | #include <net/ip.h> |
| 36 | #include <net/protocol.h> | |
| 4738c1db | 37 | #include <net/netlink.h> |
| 1da177e4 | 38 | #include <linux/skbuff.h> |
| 604326b4 | 39 | #include <linux/skmsg.h> |
| 1da177e4 | 40 | #include <net/sock.h> |
| 10b89ee4 | 41 | #include <net/flow_dissector.h> |
| 1da177e4 LT |
42 | #include <linux/errno.h> |
| 43 | #include <linux/timer.h> | |
| 7c0f6ba6 | 44 | #include <linux/uaccess.h> |
| 40daafc8 | 45 | #include <asm/unaligned.h> |
| 1da177e4 | 46 | #include <linux/filter.h> |
| 86e4ca66 | 47 | #include <linux/ratelimit.h> |
| 46b325c7 | 48 | #include <linux/seccomp.h> |
| f3335031 | 49 | #include <linux/if_vlan.h> |
| 89aa0758 | 50 | #include <linux/bpf.h> |
| af7ec138 | 51 | #include <linux/btf.h> |
| d691f9e8 | 52 | #include <net/sch_generic.h> |
| 8d20aabe | 53 | #include <net/cls_cgroup.h> |
| d3aa45ce | 54 | #include <net/dst_metadata.h> |
| c46646d0 | 55 | #include <net/dst.h> |
| 538950a1 | 56 | #include <net/sock_reuseport.h> |
| b1d9fc41 | 57 | #include <net/busy_poll.h> |
| 8c4b4c7e | 58 | #include <net/tcp.h> |
| 12bed760 | 59 | #include <net/xfrm.h> |
| 6acc9b43 | 60 | #include <net/udp.h> |
| 5acaee0a | 61 | #include <linux/bpf_trace.h> |
| 02671e23 | 62 | #include <net/xdp_sock.h> |
| 87f5fc7e | 63 | #include <linux/inetdevice.h> |
| 6acc9b43 JS |
64 | #include <net/inet_hashtables.h> |
| 65 | #include <net/inet6_hashtables.h> | |
| 87f5fc7e | 66 | #include <net/ip_fib.h> |
| 5481d73f | 67 | #include <net/nexthop.h> |
| 87f5fc7e DA |
68 | #include <net/flow.h> |
| 69 | #include <net/arp.h> | |
| fe94cc29 | 70 | #include <net/ipv6.h> |
| 6acc9b43 | 71 | #include <net/net_namespace.h> |
| fe94cc29 MX |
72 | #include <linux/seg6_local.h> |
| 73 | #include <net/seg6.h> | |
| 74 | #include <net/seg6_local.h> | |
| 52f27877 | 75 | #include <net/lwtunnel.h> |
| 3616d08b | 76 | #include <net/ipv6_stubs.h> |
| 6ac99e8f | 77 | #include <net/bpf_sk_storage.h> |
| 478cfbdf | 78 | #include <net/transp_v6.h> |
| c9a0f3b8 | 79 | #include <linux/btf_ids.h> |
| 18ebe16d | 80 | #include <net/tls.h> |
| 7445cf31 | 81 | #include <net/xdp.h> |
| 3bc253c2 | 82 | #include <net/mptcp.h> |
| 578ce69f | 83 | #include <net/netfilter/nf_conntrack_bpf.h> |
| 1da177e4 | 84 | |
| 1df8f55a MKL |
85 | static const struct bpf_func_proto * |
| 86 | bpf_sk_base_func_proto(enum bpf_func_id func_id); | |
| 87 | ||
| b1ea9ff6 | 88 | int copy_bpf_fprog_from_user(struct sock_fprog *dst, sockptr_t src, int len) |
| 4d295e54 CH |
89 | { |
| 90 | if (in_compat_syscall()) { | |
| 91 | struct compat_sock_fprog f32; | |
| 92 | ||
| 93 | if (len != sizeof(f32)) | |
| 94 | return -EINVAL; | |
| b1ea9ff6 | 95 | if (copy_from_sockptr(&f32, src, sizeof(f32))) |
| 4d295e54 CH |
96 | return -EFAULT; |
| 97 | memset(dst, 0, sizeof(*dst)); | |
| 98 | dst->len = f32.len; | |
| 99 | dst->filter = compat_ptr(f32.filter); | |
| 100 | } else { | |
| 101 | if (len != sizeof(*dst)) | |
| 102 | return -EINVAL; | |
| b1ea9ff6 | 103 | if (copy_from_sockptr(dst, src, sizeof(*dst))) |
| 4d295e54 CH |
104 | return -EFAULT; |
| 105 | } | |
| 106 | ||
| 107 | return 0; | |
| 108 | } | |
| 109 | EXPORT_SYMBOL_GPL(copy_bpf_fprog_from_user); | |
| 110 | ||
| 43db6d65 | 111 | /** |
| f4979fce | 112 | * sk_filter_trim_cap - run a packet through a socket filter |
| 43db6d65 SH |
113 | * @sk: sock associated with &sk_buff |
| 114 | * @skb: buffer to filter | |
| f4979fce | 115 | * @cap: limit on how short the eBPF program may trim the packet |
| 43db6d65 | 116 | * |
| ff936a04 AS |
117 | * Run the eBPF program and then cut skb->data to correct size returned by |
| 118 | * the program. If pkt_len is 0 we toss packet. If skb->len is smaller | |
| 43db6d65 | 119 | * than pkt_len we keep whole skb->data. This is the socket level |
| fb7dd8bc | 120 | * wrapper to bpf_prog_run. It returns 0 if the packet should |
| 43db6d65 SH |
121 | * be accepted or -EPERM if the packet should be tossed. |
| 122 | * | |
| 123 | */ | |
| f4979fce | 124 | int sk_filter_trim_cap(struct sock *sk, struct sk_buff *skb, unsigned int cap) |
| 43db6d65 SH |
125 | { |
| 126 | int err; | |
| 127 | struct sk_filter *filter; | |
| 128 | ||
| c93bdd0e MG |
129 | /* |
| 130 | * If the skb was allocated from pfmemalloc reserves, only | |
| 131 | * allow SOCK_MEMALLOC sockets to use it as this socket is | |
| 132 | * helping free memory | |
| 133 | */ | |
| 8fe809a9 ED |
134 | if (skb_pfmemalloc(skb) && !sock_flag(sk, SOCK_MEMALLOC)) { |
| 135 | NET_INC_STATS(sock_net(sk), LINUX_MIB_PFMEMALLOCDROP); | |
| c93bdd0e | 136 | return -ENOMEM; |
| 8fe809a9 | 137 | } |
| c11cd3a6 DM |
138 | err = BPF_CGROUP_RUN_PROG_INET_INGRESS(sk, skb); |
| 139 | if (err) | |
| 140 | return err; | |
| 141 | ||
| 43db6d65 SH |
142 | err = security_sock_rcv_skb(sk, skb); |
| 143 | if (err) | |
| 144 | return err; | |
| 145 | ||
| 80f8f102 ED |
146 | rcu_read_lock(); |
| 147 | filter = rcu_dereference(sk->sk_filter); | |
| 43db6d65 | 148 | if (filter) { |
| 8f917bba WB |
149 | struct sock *save_sk = skb->sk; |
| 150 | unsigned int pkt_len; | |
| 151 | ||
| 152 | skb->sk = sk; | |
| 153 | pkt_len = bpf_prog_run_save_cb(filter->prog, skb); | |
| 8f917bba | 154 | skb->sk = save_sk; |
| d1f496fd | 155 | err = pkt_len ? pskb_trim(skb, max(cap, pkt_len)) : -EPERM; |
| 43db6d65 | 156 | } |
| 80f8f102 | 157 | rcu_read_unlock(); |
| 43db6d65 SH |
158 | |
| 159 | return err; | |
| 160 | } | |
| f4979fce | 161 | EXPORT_SYMBOL(sk_filter_trim_cap); |
| 43db6d65 | 162 | |
| b390134c | 163 | BPF_CALL_1(bpf_skb_get_pay_offset, struct sk_buff *, skb) |
| bd4cf0ed | 164 | { |
| f3694e00 | 165 | return skb_get_poff(skb); |
| bd4cf0ed AS |
166 | } |
| 167 | ||
| b390134c | 168 | BPF_CALL_3(bpf_skb_get_nlattr, struct sk_buff *, skb, u32, a, u32, x) |
| bd4cf0ed | 169 | { |
| bd4cf0ed AS |
170 | struct nlattr *nla; |
| 171 | ||
| 172 | if (skb_is_nonlinear(skb)) | |
| 173 | return 0; | |
| 174 | ||
| 05ab8f26 MK |
175 | if (skb->len < sizeof(struct nlattr)) |
| 176 | return 0; | |
| 177 | ||
| 30743837 | 178 | if (a > skb->len - sizeof(struct nlattr)) |
| bd4cf0ed AS |
179 | return 0; |
| 180 | ||
| 30743837 | 181 | nla = nla_find((struct nlattr *) &skb->data[a], skb->len - a, x); |
| bd4cf0ed AS |
182 | if (nla) |
| 183 | return (void *) nla - (void *) skb->data; | |
| 184 | ||
| 185 | return 0; | |
| 186 | } | |
| 187 | ||
| b390134c | 188 | BPF_CALL_3(bpf_skb_get_nlattr_nest, struct sk_buff *, skb, u32, a, u32, x) |
| bd4cf0ed | 189 | { |
| bd4cf0ed AS |
190 | struct nlattr *nla; |
| 191 | ||
| 192 | if (skb_is_nonlinear(skb)) | |
| 193 | return 0; | |
| 194 | ||
| 05ab8f26 MK |
195 | if (skb->len < sizeof(struct nlattr)) |
| 196 | return 0; | |
| 197 | ||
| 30743837 | 198 | if (a > skb->len - sizeof(struct nlattr)) |
| bd4cf0ed AS |
199 | return 0; |
| 200 | ||
| 30743837 DB |
201 | nla = (struct nlattr *) &skb->data[a]; |
| 202 | if (nla->nla_len > skb->len - a) | |
| bd4cf0ed AS |
203 | return 0; |
| 204 | ||
| 30743837 | 205 | nla = nla_find_nested(nla, x); |
| bd4cf0ed AS |
206 | if (nla) |
| 207 | return (void *) nla - (void *) skb->data; | |
| 208 | ||
| 209 | return 0; | |
| 210 | } | |
| 211 | ||
| e0cea7ce DB |
212 | BPF_CALL_4(bpf_skb_load_helper_8, const struct sk_buff *, skb, const void *, |
| 213 | data, int, headlen, int, offset) | |
| 214 | { | |
| 215 | u8 tmp, *ptr; | |
| 216 | const int len = sizeof(tmp); | |
| 217 | ||
| 218 | if (offset >= 0) { | |
| 219 | if (headlen - offset >= len) | |
| 220 | return *(u8 *)(data + offset); | |
| 221 | if (!skb_copy_bits(skb, offset, &tmp, sizeof(tmp))) | |
| 222 | return tmp; | |
| 223 | } else { | |
| 224 | ptr = bpf_internal_load_pointer_neg_helper(skb, offset, len); | |
| 225 | if (likely(ptr)) | |
| 226 | return *(u8 *)ptr; | |
| 227 | } | |
| 228 | ||
| 229 | return -EFAULT; | |
| 230 | } | |
| 231 | ||
| 232 | BPF_CALL_2(bpf_skb_load_helper_8_no_cache, const struct sk_buff *, skb, | |
| 233 | int, offset) | |
| 234 | { | |
| 235 | return ____bpf_skb_load_helper_8(skb, skb->data, skb->len - skb->data_len, | |
| 236 | offset); | |
| 237 | } | |
| 238 | ||
| 239 | BPF_CALL_4(bpf_skb_load_helper_16, const struct sk_buff *, skb, const void *, | |
| 240 | data, int, headlen, int, offset) | |
| 241 | { | |
| 96a233e6 | 242 | __be16 tmp, *ptr; |
| e0cea7ce DB |
243 | const int len = sizeof(tmp); |
| 244 | ||
| 245 | if (offset >= 0) { | |
| 246 | if (headlen - offset >= len) | |
| 247 | return get_unaligned_be16(data + offset); | |
| 248 | if (!skb_copy_bits(skb, offset, &tmp, sizeof(tmp))) | |
| 249 | return be16_to_cpu(tmp); | |
| 250 | } else { | |
| 251 | ptr = bpf_internal_load_pointer_neg_helper(skb, offset, len); | |
| 252 | if (likely(ptr)) | |
| 253 | return get_unaligned_be16(ptr); | |
| 254 | } | |
| 255 | ||
| 256 | return -EFAULT; | |
| 257 | } | |
| 258 | ||
| 259 | BPF_CALL_2(bpf_skb_load_helper_16_no_cache, const struct sk_buff *, skb, | |
| 260 | int, offset) | |
| 261 | { | |
| 262 | return ____bpf_skb_load_helper_16(skb, skb->data, skb->len - skb->data_len, | |
| 263 | offset); | |
| 264 | } | |
| 265 | ||
| 266 | BPF_CALL_4(bpf_skb_load_helper_32, const struct sk_buff *, skb, const void *, | |
| 267 | data, int, headlen, int, offset) | |
| 268 | { | |
| 96a233e6 | 269 | __be32 tmp, *ptr; |
| e0cea7ce DB |
270 | const int len = sizeof(tmp); |
| 271 | ||
| 272 | if (likely(offset >= 0)) { | |
| 273 | if (headlen - offset >= len) | |
| 274 | return get_unaligned_be32(data + offset); | |
| 275 | if (!skb_copy_bits(skb, offset, &tmp, sizeof(tmp))) | |
| 276 | return be32_to_cpu(tmp); | |
| 277 | } else { | |
| 278 | ptr = bpf_internal_load_pointer_neg_helper(skb, offset, len); | |
| 279 | if (likely(ptr)) | |
| 280 | return get_unaligned_be32(ptr); | |
| 281 | } | |
| 282 | ||
| 283 | return -EFAULT; | |
| 284 | } | |
| 285 | ||
| 286 | BPF_CALL_2(bpf_skb_load_helper_32_no_cache, const struct sk_buff *, skb, | |
| 287 | int, offset) | |
| 288 | { | |
| 289 | return ____bpf_skb_load_helper_32(skb, skb->data, skb->len - skb->data_len, | |
| 290 | offset); | |
| 291 | } | |
| 292 | ||
| 9bac3d6d AS |
293 | static u32 convert_skb_access(int skb_field, int dst_reg, int src_reg, |
| 294 | struct bpf_insn *insn_buf) | |
| 295 | { | |
| 296 | struct bpf_insn *insn = insn_buf; | |
| 297 | ||
| 298 | switch (skb_field) { | |
| 299 | case SKF_AD_MARK: | |
| c593642c | 300 | BUILD_BUG_ON(sizeof_field(struct sk_buff, mark) != 4); |
| 9bac3d6d AS |
301 | |
| 302 | *insn++ = BPF_LDX_MEM(BPF_W, dst_reg, src_reg, | |
| 303 | offsetof(struct sk_buff, mark)); | |
| 304 | break; | |
| 305 | ||
| 306 | case SKF_AD_PKTTYPE: | |
| fba84957 | 307 | *insn++ = BPF_LDX_MEM(BPF_B, dst_reg, src_reg, PKT_TYPE_OFFSET); |
| 9bac3d6d AS |
308 | *insn++ = BPF_ALU32_IMM(BPF_AND, dst_reg, PKT_TYPE_MAX); |
| 309 | #ifdef __BIG_ENDIAN_BITFIELD | |
| 310 | *insn++ = BPF_ALU32_IMM(BPF_RSH, dst_reg, 5); | |
| 311 | #endif | |
| 312 | break; | |
| 313 | ||
| 314 | case SKF_AD_QUEUE: | |
| c593642c | 315 | BUILD_BUG_ON(sizeof_field(struct sk_buff, queue_mapping) != 2); |
| 9bac3d6d AS |
316 | |
| 317 | *insn++ = BPF_LDX_MEM(BPF_H, dst_reg, src_reg, | |
| 318 | offsetof(struct sk_buff, queue_mapping)); | |
| 319 | break; | |
| c2497395 | 320 | |
| c2497395 | 321 | case SKF_AD_VLAN_TAG: |
| c593642c | 322 | BUILD_BUG_ON(sizeof_field(struct sk_buff, vlan_tci) != 2); |
| c2497395 AS |
323 | |
| 324 | /* dst_reg = *(u16 *) (src_reg + offsetof(vlan_tci)) */ | |
| 325 | *insn++ = BPF_LDX_MEM(BPF_H, dst_reg, src_reg, | |
| 326 | offsetof(struct sk_buff, vlan_tci)); | |
| 9c212255 MM |
327 | break; |
| 328 | case SKF_AD_VLAN_TAG_PRESENT: | |
| 354259fa ED |
329 | BUILD_BUG_ON(sizeof_field(struct sk_buff, vlan_all) != 4); |
| 330 | *insn++ = BPF_LDX_MEM(BPF_W, dst_reg, src_reg, | |
| 331 | offsetof(struct sk_buff, vlan_all)); | |
| 332 | *insn++ = BPF_JMP_IMM(BPF_JEQ, dst_reg, 0, 1); | |
| 333 | *insn++ = BPF_ALU32_IMM(BPF_MOV, dst_reg, 1); | |
| c2497395 | 334 | break; |
| 9bac3d6d AS |
335 | } |
| 336 | ||
| 337 | return insn - insn_buf; | |
| 338 | } | |
| 339 | ||
| bd4cf0ed | 340 | static bool convert_bpf_extensions(struct sock_filter *fp, |
| 2695fb55 | 341 | struct bpf_insn **insnp) |
| bd4cf0ed | 342 | { |
| 2695fb55 | 343 | struct bpf_insn *insn = *insnp; |
| 9bac3d6d | 344 | u32 cnt; |
| bd4cf0ed AS |
345 | |
| 346 | switch (fp->k) { | |
| 347 | case SKF_AD_OFF + SKF_AD_PROTOCOL: | |
| c593642c | 348 | BUILD_BUG_ON(sizeof_field(struct sk_buff, protocol) != 2); |
| 0b8c707d DB |
349 | |
| 350 | /* A = *(u16 *) (CTX + offsetof(protocol)) */ | |
| 351 | *insn++ = BPF_LDX_MEM(BPF_H, BPF_REG_A, BPF_REG_CTX, | |
| 352 | offsetof(struct sk_buff, protocol)); | |
| 353 | /* A = ntohs(A) [emitting a nop or swap16] */ | |
| 354 | *insn = BPF_ENDIAN(BPF_FROM_BE, BPF_REG_A, 16); | |
| bd4cf0ed AS |
355 | break; |
| 356 | ||
| 357 | case SKF_AD_OFF + SKF_AD_PKTTYPE: | |
| 9bac3d6d AS |
358 | cnt = convert_skb_access(SKF_AD_PKTTYPE, BPF_REG_A, BPF_REG_CTX, insn); |
| 359 | insn += cnt - 1; | |
| bd4cf0ed AS |
360 | break; |
| 361 | ||
| 362 | case SKF_AD_OFF + SKF_AD_IFINDEX: | |
| 363 | case SKF_AD_OFF + SKF_AD_HATYPE: | |
| c593642c PB |
364 | BUILD_BUG_ON(sizeof_field(struct net_device, ifindex) != 4); |
| 365 | BUILD_BUG_ON(sizeof_field(struct net_device, type) != 2); | |
| f8f6d679 | 366 | |
| f035a515 | 367 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, dev), |
| f8f6d679 DB |
368 | BPF_REG_TMP, BPF_REG_CTX, |
| 369 | offsetof(struct sk_buff, dev)); | |
| 370 | /* if (tmp != 0) goto pc + 1 */ | |
| 371 | *insn++ = BPF_JMP_IMM(BPF_JNE, BPF_REG_TMP, 0, 1); | |
| 372 | *insn++ = BPF_EXIT_INSN(); | |
| 373 | if (fp->k == SKF_AD_OFF + SKF_AD_IFINDEX) | |
| 374 | *insn = BPF_LDX_MEM(BPF_W, BPF_REG_A, BPF_REG_TMP, | |
| 375 | offsetof(struct net_device, ifindex)); | |
| 376 | else | |
| 377 | *insn = BPF_LDX_MEM(BPF_H, BPF_REG_A, BPF_REG_TMP, | |
| 378 | offsetof(struct net_device, type)); | |
| bd4cf0ed AS |
379 | break; |
| 380 | ||
| 381 | case SKF_AD_OFF + SKF_AD_MARK: | |
| 9bac3d6d AS |
382 | cnt = convert_skb_access(SKF_AD_MARK, BPF_REG_A, BPF_REG_CTX, insn); |
| 383 | insn += cnt - 1; | |
| bd4cf0ed AS |
384 | break; |
| 385 | ||
| 386 | case SKF_AD_OFF + SKF_AD_RXHASH: | |
| c593642c | 387 | BUILD_BUG_ON(sizeof_field(struct sk_buff, hash) != 4); |
| bd4cf0ed | 388 | |
| 9739eef1 AS |
389 | *insn = BPF_LDX_MEM(BPF_W, BPF_REG_A, BPF_REG_CTX, |
| 390 | offsetof(struct sk_buff, hash)); | |
| bd4cf0ed AS |
391 | break; |
| 392 | ||
| 393 | case SKF_AD_OFF + SKF_AD_QUEUE: | |
| 9bac3d6d AS |
394 | cnt = convert_skb_access(SKF_AD_QUEUE, BPF_REG_A, BPF_REG_CTX, insn); |
| 395 | insn += cnt - 1; | |
| bd4cf0ed AS |
396 | break; |
| 397 | ||
| 398 | case SKF_AD_OFF + SKF_AD_VLAN_TAG: | |
| c2497395 AS |
399 | cnt = convert_skb_access(SKF_AD_VLAN_TAG, |
| 400 | BPF_REG_A, BPF_REG_CTX, insn); | |
| 401 | insn += cnt - 1; | |
| 402 | break; | |
| bd4cf0ed | 403 | |
| c2497395 AS |
404 | case SKF_AD_OFF + SKF_AD_VLAN_TAG_PRESENT: |
| 405 | cnt = convert_skb_access(SKF_AD_VLAN_TAG_PRESENT, | |
| 406 | BPF_REG_A, BPF_REG_CTX, insn); | |
| 407 | insn += cnt - 1; | |
| bd4cf0ed AS |
408 | break; |
| 409 | ||
| 27cd5452 | 410 | case SKF_AD_OFF + SKF_AD_VLAN_TPID: |
| c593642c | 411 | BUILD_BUG_ON(sizeof_field(struct sk_buff, vlan_proto) != 2); |
| 27cd5452 MS |
412 | |
| 413 | /* A = *(u16 *) (CTX + offsetof(vlan_proto)) */ | |
| 414 | *insn++ = BPF_LDX_MEM(BPF_H, BPF_REG_A, BPF_REG_CTX, | |
| 415 | offsetof(struct sk_buff, vlan_proto)); | |
| 416 | /* A = ntohs(A) [emitting a nop or swap16] */ | |
| 417 | *insn = BPF_ENDIAN(BPF_FROM_BE, BPF_REG_A, 16); | |
| 418 | break; | |
| 419 | ||
| bd4cf0ed AS |
420 | case SKF_AD_OFF + SKF_AD_PAY_OFFSET: |
| 421 | case SKF_AD_OFF + SKF_AD_NLATTR: | |
| 422 | case SKF_AD_OFF + SKF_AD_NLATTR_NEST: | |
| 423 | case SKF_AD_OFF + SKF_AD_CPU: | |
| 4cd3675e | 424 | case SKF_AD_OFF + SKF_AD_RANDOM: |
| e430f34e | 425 | /* arg1 = CTX */ |
| f8f6d679 | 426 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG1, BPF_REG_CTX); |
| bd4cf0ed | 427 | /* arg2 = A */ |
| f8f6d679 | 428 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG2, BPF_REG_A); |
| bd4cf0ed | 429 | /* arg3 = X */ |
| f8f6d679 | 430 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG3, BPF_REG_X); |
| e430f34e | 431 | /* Emit call(arg1=CTX, arg2=A, arg3=X) */ |
| bd4cf0ed AS |
432 | switch (fp->k) { |
| 433 | case SKF_AD_OFF + SKF_AD_PAY_OFFSET: | |
| b390134c | 434 | *insn = BPF_EMIT_CALL(bpf_skb_get_pay_offset); |
| bd4cf0ed AS |
435 | break; |
| 436 | case SKF_AD_OFF + SKF_AD_NLATTR: | |
| b390134c | 437 | *insn = BPF_EMIT_CALL(bpf_skb_get_nlattr); |
| bd4cf0ed AS |
438 | break; |
| 439 | case SKF_AD_OFF + SKF_AD_NLATTR_NEST: | |
| b390134c | 440 | *insn = BPF_EMIT_CALL(bpf_skb_get_nlattr_nest); |
| bd4cf0ed AS |
441 | break; |
| 442 | case SKF_AD_OFF + SKF_AD_CPU: | |
| b390134c | 443 | *insn = BPF_EMIT_CALL(bpf_get_raw_cpu_id); |
| bd4cf0ed | 444 | break; |
| 4cd3675e | 445 | case SKF_AD_OFF + SKF_AD_RANDOM: |
| 3ad00405 DB |
446 | *insn = BPF_EMIT_CALL(bpf_user_rnd_u32); |
| 447 | bpf_user_rnd_init_once(); | |
| 4cd3675e | 448 | break; |
| bd4cf0ed AS |
449 | } |
| 450 | break; | |
| 451 | ||
| 452 | case SKF_AD_OFF + SKF_AD_ALU_XOR_X: | |
| 9739eef1 AS |
453 | /* A ^= X */ |
| 454 | *insn = BPF_ALU32_REG(BPF_XOR, BPF_REG_A, BPF_REG_X); | |
| bd4cf0ed AS |
455 | break; |
| 456 | ||
| 457 | default: | |
| 458 | /* This is just a dummy call to avoid letting the compiler | |
| 459 | * evict __bpf_call_base() as an optimization. Placed here | |
| 460 | * where no-one bothers. | |
| 461 | */ | |
| 462 | BUG_ON(__bpf_call_base(0, 0, 0, 0, 0) != 0); | |
| 463 | return false; | |
| 464 | } | |
| 465 | ||
| 466 | *insnp = insn; | |
| 467 | return true; | |
| 468 | } | |
| 469 | ||
| e0cea7ce DB |
470 | static bool convert_bpf_ld_abs(struct sock_filter *fp, struct bpf_insn **insnp) |
| 471 | { | |
| 472 | const bool unaligned_ok = IS_BUILTIN(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS); | |
| 473 | int size = bpf_size_to_bytes(BPF_SIZE(fp->code)); | |
| 474 | bool endian = BPF_SIZE(fp->code) == BPF_H || | |
| 475 | BPF_SIZE(fp->code) == BPF_W; | |
| 476 | bool indirect = BPF_MODE(fp->code) == BPF_IND; | |
| 477 | const int ip_align = NET_IP_ALIGN; | |
| 478 | struct bpf_insn *insn = *insnp; | |
| 479 | int offset = fp->k; | |
| 480 | ||
| 481 | if (!indirect && | |
| 482 | ((unaligned_ok && offset >= 0) || | |
| 483 | (!unaligned_ok && offset >= 0 && | |
| 484 | offset + ip_align >= 0 && | |
| 485 | offset + ip_align % size == 0))) { | |
| 59ee4129 DB |
486 | bool ldx_off_ok = offset <= S16_MAX; |
| 487 | ||
| e0cea7ce | 488 | *insn++ = BPF_MOV64_REG(BPF_REG_TMP, BPF_REG_H); |
| d8f3e978 DM |
489 | if (offset) |
| 490 | *insn++ = BPF_ALU64_IMM(BPF_SUB, BPF_REG_TMP, offset); | |
| 59ee4129 DB |
491 | *insn++ = BPF_JMP_IMM(BPF_JSLT, BPF_REG_TMP, |
| 492 | size, 2 + endian + (!ldx_off_ok * 2)); | |
| 493 | if (ldx_off_ok) { | |
| 494 | *insn++ = BPF_LDX_MEM(BPF_SIZE(fp->code), BPF_REG_A, | |
| 495 | BPF_REG_D, offset); | |
| 496 | } else { | |
| 497 | *insn++ = BPF_MOV64_REG(BPF_REG_TMP, BPF_REG_D); | |
| 498 | *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_TMP, offset); | |
| 499 | *insn++ = BPF_LDX_MEM(BPF_SIZE(fp->code), BPF_REG_A, | |
| 500 | BPF_REG_TMP, 0); | |
| 501 | } | |
| e0cea7ce DB |
502 | if (endian) |
| 503 | *insn++ = BPF_ENDIAN(BPF_FROM_BE, BPF_REG_A, size * 8); | |
| 504 | *insn++ = BPF_JMP_A(8); | |
| 505 | } | |
| 506 | ||
| 507 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG1, BPF_REG_CTX); | |
| 508 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG2, BPF_REG_D); | |
| 509 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG3, BPF_REG_H); | |
| 510 | if (!indirect) { | |
| 511 | *insn++ = BPF_MOV64_IMM(BPF_REG_ARG4, offset); | |
| 512 | } else { | |
| 513 | *insn++ = BPF_MOV64_REG(BPF_REG_ARG4, BPF_REG_X); | |
| 514 | if (fp->k) | |
| 515 | *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_ARG4, offset); | |
| 516 | } | |
| 517 | ||
| 518 | switch (BPF_SIZE(fp->code)) { | |
| 519 | case BPF_B: | |
| 520 | *insn++ = BPF_EMIT_CALL(bpf_skb_load_helper_8); | |
| 521 | break; | |
| 522 | case BPF_H: | |
| 523 | *insn++ = BPF_EMIT_CALL(bpf_skb_load_helper_16); | |
| 524 | break; | |
| 525 | case BPF_W: | |
| 526 | *insn++ = BPF_EMIT_CALL(bpf_skb_load_helper_32); | |
| 527 | break; | |
| 528 | default: | |
| 529 | return false; | |
| 530 | } | |
| 531 | ||
| 532 | *insn++ = BPF_JMP_IMM(BPF_JSGE, BPF_REG_A, 0, 2); | |
| 533 | *insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_A, BPF_REG_A); | |
| 534 | *insn = BPF_EXIT_INSN(); | |
| 535 | ||
| 536 | *insnp = insn; | |
| 537 | return true; | |
| 538 | } | |
| 539 | ||
| bd4cf0ed | 540 | /** |
| 8fb575ca | 541 | * bpf_convert_filter - convert filter program |
| bd4cf0ed AS |
542 | * @prog: the user passed filter program |
| 543 | * @len: the length of the user passed filter program | |
| 50bbfed9 | 544 | * @new_prog: allocated 'struct bpf_prog' or NULL |
| bd4cf0ed | 545 | * @new_len: pointer to store length of converted program |
| e0cea7ce | 546 | * @seen_ld_abs: bool whether we've seen ld_abs/ind |
| bd4cf0ed | 547 | * |
| 1f504ec9 TK |
548 | * Remap 'sock_filter' style classic BPF (cBPF) instruction set to 'bpf_insn' |
| 549 | * style extended BPF (eBPF). | |
| bd4cf0ed AS |
550 | * Conversion workflow: |
| 551 | * | |
| 552 | * 1) First pass for calculating the new program length: | |
| e0cea7ce | 553 | * bpf_convert_filter(old_prog, old_len, NULL, &new_len, &seen_ld_abs) |
| bd4cf0ed AS |
554 | * |
| 555 | * 2) 2nd pass to remap in two passes: 1st pass finds new | |
| 556 | * jump offsets, 2nd pass remapping: | |
| e0cea7ce | 557 | * bpf_convert_filter(old_prog, old_len, new_prog, &new_len, &seen_ld_abs) |
| bd4cf0ed | 558 | */ |
| d9e12f42 | 559 | static int bpf_convert_filter(struct sock_filter *prog, int len, |
| e0cea7ce DB |
560 | struct bpf_prog *new_prog, int *new_len, |
| 561 | bool *seen_ld_abs) | |
| bd4cf0ed | 562 | { |
| 50bbfed9 AS |
563 | int new_flen = 0, pass = 0, target, i, stack_off; |
| 564 | struct bpf_insn *new_insn, *first_insn = NULL; | |
| bd4cf0ed AS |
565 | struct sock_filter *fp; |
| 566 | int *addrs = NULL; | |
| 567 | u8 bpf_src; | |
| 568 | ||
| 569 | BUILD_BUG_ON(BPF_MEMWORDS * sizeof(u32) > MAX_BPF_STACK); | |
| 30743837 | 570 | BUILD_BUG_ON(BPF_REG_FP + 1 != MAX_BPF_REG); |
| bd4cf0ed | 571 | |
| 6f9a093b | 572 | if (len <= 0 || len > BPF_MAXINSNS) |
| bd4cf0ed AS |
573 | return -EINVAL; |
| 574 | ||
| 575 | if (new_prog) { | |
| 50bbfed9 | 576 | first_insn = new_prog->insnsi; |
| 658da937 DB |
577 | addrs = kcalloc(len, sizeof(*addrs), |
| 578 | GFP_KERNEL | __GFP_NOWARN); | |
| bd4cf0ed AS |
579 | if (!addrs) |
| 580 | return -ENOMEM; | |
| 581 | } | |
| 582 | ||
| 583 | do_pass: | |
| 50bbfed9 | 584 | new_insn = first_insn; |
| bd4cf0ed AS |
585 | fp = prog; |
| 586 | ||
| 8b614aeb | 587 | /* Classic BPF related prologue emission. */ |
| 50bbfed9 | 588 | if (new_prog) { |
| 8b614aeb DB |
589 | /* Classic BPF expects A and X to be reset first. These need |
| 590 | * to be guaranteed to be the first two instructions. | |
| 591 | */ | |
| 1d621674 DB |
592 | *new_insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_A, BPF_REG_A); |
| 593 | *new_insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_X, BPF_REG_X); | |
| 8b614aeb DB |
594 | |
| 595 | /* All programs must keep CTX in callee saved BPF_REG_CTX. | |
| 596 | * In eBPF case it's done by the compiler, here we need to | |
| 597 | * do this ourself. Initial CTX is present in BPF_REG_ARG1. | |
| 598 | */ | |
| 599 | *new_insn++ = BPF_MOV64_REG(BPF_REG_CTX, BPF_REG_ARG1); | |
| e0cea7ce DB |
600 | if (*seen_ld_abs) { |
| 601 | /* For packet access in classic BPF, cache skb->data | |
| 602 | * in callee-saved BPF R8 and skb->len - skb->data_len | |
| 603 | * (headlen) in BPF R9. Since classic BPF is read-only | |
| 604 | * on CTX, we only need to cache it once. | |
| 605 | */ | |
| 606 | *new_insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, data), | |
| 607 | BPF_REG_D, BPF_REG_CTX, | |
| 608 | offsetof(struct sk_buff, data)); | |
| 609 | *new_insn++ = BPF_LDX_MEM(BPF_W, BPF_REG_H, BPF_REG_CTX, | |
| 610 | offsetof(struct sk_buff, len)); | |
| 611 | *new_insn++ = BPF_LDX_MEM(BPF_W, BPF_REG_TMP, BPF_REG_CTX, | |
| 612 | offsetof(struct sk_buff, data_len)); | |
| 613 | *new_insn++ = BPF_ALU32_REG(BPF_SUB, BPF_REG_H, BPF_REG_TMP); | |
| 614 | } | |
| 8b614aeb DB |
615 | } else { |
| 616 | new_insn += 3; | |
| 617 | } | |
| bd4cf0ed AS |
618 | |
| 619 | for (i = 0; i < len; fp++, i++) { | |
| e0cea7ce | 620 | struct bpf_insn tmp_insns[32] = { }; |
| 2695fb55 | 621 | struct bpf_insn *insn = tmp_insns; |
| bd4cf0ed AS |
622 | |
| 623 | if (addrs) | |
| 50bbfed9 | 624 | addrs[i] = new_insn - first_insn; |
| bd4cf0ed AS |
625 | |
| 626 | switch (fp->code) { | |
| 627 | /* All arithmetic insns and skb loads map as-is. */ | |
| 628 | case BPF_ALU | BPF_ADD | BPF_X: | |
| 629 | case BPF_ALU | BPF_ADD | BPF_K: | |
| 630 | case BPF_ALU | BPF_SUB | BPF_X: | |
| 631 | case BPF_ALU | BPF_SUB | BPF_K: | |
| 632 | case BPF_ALU | BPF_AND | BPF_X: | |
| 633 | case BPF_ALU | BPF_AND | BPF_K: | |
| 634 | case BPF_ALU | BPF_OR | BPF_X: | |
| 635 | case BPF_ALU | BPF_OR | BPF_K: | |
| 636 | case BPF_ALU | BPF_LSH | BPF_X: | |
| 637 | case BPF_ALU | BPF_LSH | BPF_K: | |
| 638 | case BPF_ALU | BPF_RSH | BPF_X: | |
| 639 | case BPF_ALU | BPF_RSH | BPF_K: | |
| 640 | case BPF_ALU | BPF_XOR | BPF_X: | |
| 641 | case BPF_ALU | BPF_XOR | BPF_K: | |
| 642 | case BPF_ALU | BPF_MUL | BPF_X: | |
| 643 | case BPF_ALU | BPF_MUL | BPF_K: | |
| 644 | case BPF_ALU | BPF_DIV | BPF_X: | |
| 645 | case BPF_ALU | BPF_DIV | BPF_K: | |
| 646 | case BPF_ALU | BPF_MOD | BPF_X: | |
| 647 | case BPF_ALU | BPF_MOD | BPF_K: | |
| 648 | case BPF_ALU | BPF_NEG: | |
| 649 | case BPF_LD | BPF_ABS | BPF_W: | |
| 650 | case BPF_LD | BPF_ABS | BPF_H: | |
| 651 | case BPF_LD | BPF_ABS | BPF_B: | |
| 652 | case BPF_LD | BPF_IND | BPF_W: | |
| 653 | case BPF_LD | BPF_IND | BPF_H: | |
| 654 | case BPF_LD | BPF_IND | BPF_B: | |
| 655 | /* Check for overloaded BPF extension and | |
| 656 | * directly convert it if found, otherwise | |
| 657 | * just move on with mapping. | |
| 658 | */ | |
| 659 | if (BPF_CLASS(fp->code) == BPF_LD && | |
| 660 | BPF_MODE(fp->code) == BPF_ABS && | |
| 661 | convert_bpf_extensions(fp, &insn)) | |
| 662 | break; | |
| e0cea7ce DB |
663 | if (BPF_CLASS(fp->code) == BPF_LD && |
| 664 | convert_bpf_ld_abs(fp, &insn)) { | |
| 665 | *seen_ld_abs = true; | |
| 666 | break; | |
| 667 | } | |
| bd4cf0ed | 668 | |
| 68fda450 | 669 | if (fp->code == (BPF_ALU | BPF_DIV | BPF_X) || |
| f6b1b3bf | 670 | fp->code == (BPF_ALU | BPF_MOD | BPF_X)) { |
| 68fda450 | 671 | *insn++ = BPF_MOV32_REG(BPF_REG_X, BPF_REG_X); |
| f6b1b3bf DB |
672 | /* Error with exception code on div/mod by 0. |
| 673 | * For cBPF programs, this was always return 0. | |
| 674 | */ | |
| 675 | *insn++ = BPF_JMP_IMM(BPF_JNE, BPF_REG_X, 0, 2); | |
| 676 | *insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_A, BPF_REG_A); | |
| 677 | *insn++ = BPF_EXIT_INSN(); | |
| 678 | } | |
| 68fda450 | 679 | |
| f8f6d679 | 680 | *insn = BPF_RAW_INSN(fp->code, BPF_REG_A, BPF_REG_X, 0, fp->k); |
| bd4cf0ed AS |
681 | break; |
| 682 | ||
| f8f6d679 DB |
683 | /* Jump transformation cannot use BPF block macros |
| 684 | * everywhere as offset calculation and target updates | |
| 685 | * require a bit more work than the rest, i.e. jump | |
| 686 | * opcodes map as-is, but offsets need adjustment. | |
| 687 | */ | |
| 688 | ||
| 689 | #define BPF_EMIT_JMP \ | |
| bd4cf0ed | 690 | do { \ |
| 050fad7c DB |
691 | const s32 off_min = S16_MIN, off_max = S16_MAX; \ |
| 692 | s32 off; \ | |
| 693 | \ | |
| bd4cf0ed AS |
694 | if (target >= len || target < 0) \ |
| 695 | goto err; \ | |
| 050fad7c | 696 | off = addrs ? addrs[target] - addrs[i] - 1 : 0; \ |
| bd4cf0ed | 697 | /* Adjust pc relative offset for 2nd or 3rd insn. */ \ |
| 050fad7c DB |
698 | off -= insn - tmp_insns; \ |
| 699 | /* Reject anything not fitting into insn->off. */ \ | |
| 700 | if (off < off_min || off > off_max) \ | |
| 701 | goto err; \ | |
| 702 | insn->off = off; \ | |
| bd4cf0ed AS |
703 | } while (0) |
| 704 | ||
| f8f6d679 DB |
705 | case BPF_JMP | BPF_JA: |
| 706 | target = i + fp->k + 1; | |
| 707 | insn->code = fp->code; | |
| 708 | BPF_EMIT_JMP; | |
| bd4cf0ed AS |
709 | break; |
| 710 | ||
| 711 | case BPF_JMP | BPF_JEQ | BPF_K: | |
| 712 | case BPF_JMP | BPF_JEQ | BPF_X: | |
| 713 | case BPF_JMP | BPF_JSET | BPF_K: | |
| 714 | case BPF_JMP | BPF_JSET | BPF_X: | |
| 715 | case BPF_JMP | BPF_JGT | BPF_K: | |
| 716 | case BPF_JMP | BPF_JGT | BPF_X: | |
| 717 | case BPF_JMP | BPF_JGE | BPF_K: | |
| 718 | case BPF_JMP | BPF_JGE | BPF_X: | |
| 719 | if (BPF_SRC(fp->code) == BPF_K && (int) fp->k < 0) { | |
| 720 | /* BPF immediates are signed, zero extend | |
| 721 | * immediate into tmp register and use it | |
| 722 | * in compare insn. | |
| 723 | */ | |
| f8f6d679 | 724 | *insn++ = BPF_MOV32_IMM(BPF_REG_TMP, fp->k); |
| bd4cf0ed | 725 | |
| e430f34e AS |
726 | insn->dst_reg = BPF_REG_A; |
| 727 | insn->src_reg = BPF_REG_TMP; | |
| bd4cf0ed AS |
728 | bpf_src = BPF_X; |
| 729 | } else { | |
| e430f34e | 730 | insn->dst_reg = BPF_REG_A; |
| bd4cf0ed AS |
731 | insn->imm = fp->k; |
| 732 | bpf_src = BPF_SRC(fp->code); | |
| 19539ce7 | 733 | insn->src_reg = bpf_src == BPF_X ? BPF_REG_X : 0; |
| 1da177e4 | 734 | } |
| bd4cf0ed AS |
735 | |
| 736 | /* Common case where 'jump_false' is next insn. */ | |
| 737 | if (fp->jf == 0) { | |
| 738 | insn->code = BPF_JMP | BPF_OP(fp->code) | bpf_src; | |
| 739 | target = i + fp->jt + 1; | |
| f8f6d679 | 740 | BPF_EMIT_JMP; |
| bd4cf0ed | 741 | break; |
| 1da177e4 | 742 | } |
| bd4cf0ed | 743 | |
| 92b31a9a DB |
744 | /* Convert some jumps when 'jump_true' is next insn. */ |
| 745 | if (fp->jt == 0) { | |
| 746 | switch (BPF_OP(fp->code)) { | |
| 747 | case BPF_JEQ: | |
| 748 | insn->code = BPF_JMP | BPF_JNE | bpf_src; | |
| 749 | break; | |
| 750 | case BPF_JGT: | |
| 751 | insn->code = BPF_JMP | BPF_JLE | bpf_src; | |
| 752 | break; | |
| 753 | case BPF_JGE: | |
| 754 | insn->code = BPF_JMP | BPF_JLT | bpf_src; | |
| 755 | break; | |
| 756 | default: | |
| 757 | goto jmp_rest; | |
| 758 | } | |
| 759 | ||
| bd4cf0ed | 760 | target = i + fp->jf + 1; |
| f8f6d679 | 761 | BPF_EMIT_JMP; |
| bd4cf0ed | 762 | break; |
| 0b05b2a4 | 763 | } |
| 92b31a9a | 764 | jmp_rest: |
| bd4cf0ed AS |
765 | /* Other jumps are mapped into two insns: Jxx and JA. */ |
| 766 | target = i + fp->jt + 1; | |
| 767 | insn->code = BPF_JMP | BPF_OP(fp->code) | bpf_src; | |
| f8f6d679 | 768 | BPF_EMIT_JMP; |
| bd4cf0ed AS |
769 | insn++; |
| 770 | ||
| 771 | insn->code = BPF_JMP | BPF_JA; | |
| 772 | target = i + fp->jf + 1; | |
| f8f6d679 | 773 | BPF_EMIT_JMP; |
| bd4cf0ed AS |
774 | break; |
| 775 | ||
| 776 | /* ldxb 4 * ([14] & 0xf) is remaped into 6 insns. */ | |
| e0cea7ce DB |
777 | case BPF_LDX | BPF_MSH | BPF_B: { |
| 778 | struct sock_filter tmp = { | |
| 779 | .code = BPF_LD | BPF_ABS | BPF_B, | |
| 780 | .k = fp->k, | |
| 781 | }; | |
| 782 | ||
| 783 | *seen_ld_abs = true; | |
| 784 | ||
| 785 | /* X = A */ | |
| 786 | *insn++ = BPF_MOV64_REG(BPF_REG_X, BPF_REG_A); | |
| 1268e253 | 787 | /* A = BPF_R0 = *(u8 *) (skb->data + K) */ |
| e0cea7ce DB |
788 | convert_bpf_ld_abs(&tmp, &insn); |
| 789 | insn++; | |
| 9739eef1 | 790 | /* A &= 0xf */ |
| f8f6d679 | 791 | *insn++ = BPF_ALU32_IMM(BPF_AND, BPF_REG_A, 0xf); |
| 9739eef1 | 792 | /* A <<= 2 */ |
| f8f6d679 | 793 | *insn++ = BPF_ALU32_IMM(BPF_LSH, BPF_REG_A, 2); |
| e0cea7ce DB |
794 | /* tmp = X */ |
| 795 | *insn++ = BPF_MOV64_REG(BPF_REG_TMP, BPF_REG_X); | |
| 9739eef1 | 796 | /* X = A */ |
| f8f6d679 | 797 | *insn++ = BPF_MOV64_REG(BPF_REG_X, BPF_REG_A); |
| 9739eef1 | 798 | /* A = tmp */ |
| f8f6d679 | 799 | *insn = BPF_MOV64_REG(BPF_REG_A, BPF_REG_TMP); |
| bd4cf0ed | 800 | break; |
| e0cea7ce | 801 | } |
| 6205b9cf DB |
802 | /* RET_K is remaped into 2 insns. RET_A case doesn't need an |
| 803 | * extra mov as BPF_REG_0 is already mapped into BPF_REG_A. | |
| 804 | */ | |
| bd4cf0ed AS |
805 | case BPF_RET | BPF_A: |
| 806 | case BPF_RET | BPF_K: | |
| 6205b9cf DB |
807 | if (BPF_RVAL(fp->code) == BPF_K) |
| 808 | *insn++ = BPF_MOV32_RAW(BPF_K, BPF_REG_0, | |
| 809 | 0, fp->k); | |
| 9739eef1 | 810 | *insn = BPF_EXIT_INSN(); |
| bd4cf0ed AS |
811 | break; |
| 812 | ||
| 813 | /* Store to stack. */ | |
| 814 | case BPF_ST: | |
| 815 | case BPF_STX: | |
| 50bbfed9 | 816 | stack_off = fp->k * 4 + 4; |
| f8f6d679 DB |
817 | *insn = BPF_STX_MEM(BPF_W, BPF_REG_FP, BPF_CLASS(fp->code) == |
| 818 | BPF_ST ? BPF_REG_A : BPF_REG_X, | |
| 50bbfed9 AS |
819 | -stack_off); |
| 820 | /* check_load_and_stores() verifies that classic BPF can | |
| 821 | * load from stack only after write, so tracking | |
| 822 | * stack_depth for ST|STX insns is enough | |
| 823 | */ | |
| 824 | if (new_prog && new_prog->aux->stack_depth < stack_off) | |
| 825 | new_prog->aux->stack_depth = stack_off; | |
| bd4cf0ed AS |
826 | break; |
| 827 | ||
| 828 | /* Load from stack. */ | |
| 829 | case BPF_LD | BPF_MEM: | |
| 830 | case BPF_LDX | BPF_MEM: | |
| 50bbfed9 | 831 | stack_off = fp->k * 4 + 4; |
| f8f6d679 DB |
832 | *insn = BPF_LDX_MEM(BPF_W, BPF_CLASS(fp->code) == BPF_LD ? |
| 833 | BPF_REG_A : BPF_REG_X, BPF_REG_FP, | |
| 50bbfed9 | 834 | -stack_off); |
| bd4cf0ed AS |
835 | break; |
| 836 | ||
| 837 | /* A = K or X = K */ | |
| 838 | case BPF_LD | BPF_IMM: | |
| 839 | case BPF_LDX | BPF_IMM: | |
| f8f6d679 DB |
840 | *insn = BPF_MOV32_IMM(BPF_CLASS(fp->code) == BPF_LD ? |
| 841 | BPF_REG_A : BPF_REG_X, fp->k); | |
| bd4cf0ed AS |
842 | break; |
| 843 | ||
| 844 | /* X = A */ | |
| 845 | case BPF_MISC | BPF_TAX: | |
| f8f6d679 | 846 | *insn = BPF_MOV64_REG(BPF_REG_X, BPF_REG_A); |
| bd4cf0ed AS |
847 | break; |
| 848 | ||
| 849 | /* A = X */ | |
| 850 | case BPF_MISC | BPF_TXA: | |
| f8f6d679 | 851 | *insn = BPF_MOV64_REG(BPF_REG_A, BPF_REG_X); |
| bd4cf0ed AS |
852 | break; |
| 853 | ||
| 854 | /* A = skb->len or X = skb->len */ | |
| 855 | case BPF_LD | BPF_W | BPF_LEN: | |
| 856 | case BPF_LDX | BPF_W | BPF_LEN: | |
| f8f6d679 DB |
857 | *insn = BPF_LDX_MEM(BPF_W, BPF_CLASS(fp->code) == BPF_LD ? |
| 858 | BPF_REG_A : BPF_REG_X, BPF_REG_CTX, | |
| 859 | offsetof(struct sk_buff, len)); | |
| bd4cf0ed AS |
860 | break; |
| 861 | ||
| f8f6d679 | 862 | /* Access seccomp_data fields. */ |
| bd4cf0ed | 863 | case BPF_LDX | BPF_ABS | BPF_W: |
| 9739eef1 AS |
864 | /* A = *(u32 *) (ctx + K) */ |
| 865 | *insn = BPF_LDX_MEM(BPF_W, BPF_REG_A, BPF_REG_CTX, fp->k); | |
| bd4cf0ed AS |
866 | break; |
| 867 | ||
| ca9f1fd2 | 868 | /* Unknown instruction. */ |
| 1da177e4 | 869 | default: |
| bd4cf0ed | 870 | goto err; |
| 1da177e4 | 871 | } |
| bd4cf0ed AS |
872 | |
| 873 | insn++; | |
| 874 | if (new_prog) | |
| 875 | memcpy(new_insn, tmp_insns, | |
| 876 | sizeof(*insn) * (insn - tmp_insns)); | |
| bd4cf0ed | 877 | new_insn += insn - tmp_insns; |
| 1da177e4 LT |
878 | } |
| 879 | ||
| bd4cf0ed AS |
880 | if (!new_prog) { |
| 881 | /* Only calculating new length. */ | |
| 50bbfed9 | 882 | *new_len = new_insn - first_insn; |
| e0cea7ce DB |
883 | if (*seen_ld_abs) |
| 884 | *new_len += 4; /* Prologue bits. */ | |
| bd4cf0ed AS |
885 | return 0; |
| 886 | } | |
| 887 | ||
| 888 | pass++; | |
| 50bbfed9 AS |
889 | if (new_flen != new_insn - first_insn) { |
| 890 | new_flen = new_insn - first_insn; | |
| bd4cf0ed AS |
891 | if (pass > 2) |
| 892 | goto err; | |
| bd4cf0ed AS |
893 | goto do_pass; |
| 894 | } | |
| 895 | ||
| 896 | kfree(addrs); | |
| 897 | BUG_ON(*new_len != new_flen); | |
| 1da177e4 | 898 | return 0; |
| bd4cf0ed AS |
899 | err: |
| 900 | kfree(addrs); | |
| 901 | return -EINVAL; | |
| 1da177e4 LT |
902 | } |
| 903 | ||
| bd4cf0ed | 904 | /* Security: |
| bd4cf0ed | 905 | * |
| 2d5311e4 | 906 | * As we dont want to clear mem[] array for each packet going through |
| 8ea6e345 | 907 | * __bpf_prog_run(), we check that filter loaded by user never try to read |
| 2d5311e4 | 908 | * a cell if not previously written, and we check all branches to be sure |
| 25985edc | 909 | * a malicious user doesn't try to abuse us. |
| 2d5311e4 | 910 | */ |
| ec31a05c | 911 | static int check_load_and_stores(const struct sock_filter *filter, int flen) |
| 2d5311e4 | 912 | { |
| 34805931 | 913 | u16 *masks, memvalid = 0; /* One bit per cell, 16 cells */ |
| 2d5311e4 ED |
914 | int pc, ret = 0; |
| 915 | ||
| 916 | BUILD_BUG_ON(BPF_MEMWORDS > 16); | |
| 34805931 | 917 | |
| 99e72a0f | 918 | masks = kmalloc_array(flen, sizeof(*masks), GFP_KERNEL); |
| 2d5311e4 ED |
919 | if (!masks) |
| 920 | return -ENOMEM; | |
| 34805931 | 921 | |
| 2d5311e4 ED |
922 | memset(masks, 0xff, flen * sizeof(*masks)); |
| 923 | ||
| 924 | for (pc = 0; pc < flen; pc++) { | |
| 925 | memvalid &= masks[pc]; | |
| 926 | ||
| 927 | switch (filter[pc].code) { | |
| 34805931 DB |
928 | case BPF_ST: |
| 929 | case BPF_STX: | |
| 2d5311e4 ED |
930 | memvalid |= (1 << filter[pc].k); |
| 931 | break; | |
| 34805931 DB |
932 | case BPF_LD | BPF_MEM: |
| 933 | case BPF_LDX | BPF_MEM: | |
| 2d5311e4 ED |
934 | if (!(memvalid & (1 << filter[pc].k))) { |
| 935 | ret = -EINVAL; | |
| 936 | goto error; | |
| 937 | } | |
| 938 | break; | |
| 34805931 DB |
939 | case BPF_JMP | BPF_JA: |
| 940 | /* A jump must set masks on target */ | |
| 2d5311e4 ED |
941 | masks[pc + 1 + filter[pc].k] &= memvalid; |
| 942 | memvalid = ~0; | |
| 943 | break; | |
| 34805931 DB |
944 | case BPF_JMP | BPF_JEQ | BPF_K: |
| 945 | case BPF_JMP | BPF_JEQ | BPF_X: | |
| 946 | case BPF_JMP | BPF_JGE | BPF_K: | |
| 947 | case BPF_JMP | BPF_JGE | BPF_X: | |
| 948 | case BPF_JMP | BPF_JGT | BPF_K: | |
| 949 | case BPF_JMP | BPF_JGT | BPF_X: | |
| 950 | case BPF_JMP | BPF_JSET | BPF_K: | |
| 951 | case BPF_JMP | BPF_JSET | BPF_X: | |
| 952 | /* A jump must set masks on targets */ | |
| 2d5311e4 ED |
953 | masks[pc + 1 + filter[pc].jt] &= memvalid; |
| 954 | masks[pc + 1 + filter[pc].jf] &= memvalid; | |
| 955 | memvalid = ~0; | |
| 956 | break; | |
| 957 | } | |
| 958 | } | |
| 959 | error: | |
| 960 | kfree(masks); | |
| 961 | return ret; | |
| 962 | } | |
| 963 | ||
| 34805931 DB |
964 | static bool chk_code_allowed(u16 code_to_probe) |
| 965 | { | |
| 966 | static const bool codes[] = { | |
| 967 | /* 32 bit ALU operations */ | |
| 968 | [BPF_ALU | BPF_ADD | BPF_K] = true, | |
| 969 | [BPF_ALU | BPF_ADD | BPF_X] = true, | |
| 970 | [BPF_ALU | BPF_SUB | BPF_K] = true, | |
| 971 | [BPF_ALU | BPF_SUB | BPF_X] = true, | |
| 972 | [BPF_ALU | BPF_MUL | BPF_K] = true, | |
| 973 | [BPF_ALU | BPF_MUL | BPF_X] = true, | |
| 974 | [BPF_ALU | BPF_DIV | BPF_K] = true, | |
| 975 | [BPF_ALU | BPF_DIV | BPF_X] = true, | |
| 976 | [BPF_ALU | BPF_MOD | BPF_K] = true, | |
| 977 | [BPF_ALU | BPF_MOD | BPF_X] = true, | |
| 978 | [BPF_ALU | BPF_AND | BPF_K] = true, | |
| 979 | [BPF_ALU | BPF_AND | BPF_X] = true, | |
| 980 | [BPF_ALU | BPF_OR | BPF_K] = true, | |
| 981 | [BPF_ALU | BPF_OR | BPF_X] = true, | |
| 982 | [BPF_ALU | BPF_XOR | BPF_K] = true, | |
| 983 | [BPF_ALU | BPF_XOR | BPF_X] = true, | |
| 984 | [BPF_ALU | BPF_LSH | BPF_K] = true, | |
| 985 | [BPF_ALU | BPF_LSH | BPF_X] = true, | |
| 986 | [BPF_ALU | BPF_RSH | BPF_K] = true, | |
| 987 | [BPF_ALU | BPF_RSH | BPF_X] = true, | |
| 988 | [BPF_ALU | BPF_NEG] = true, | |
| 989 | /* Load instructions */ | |
| 990 | [BPF_LD | BPF_W | BPF_ABS] = true, | |
| 991 | [BPF_LD | BPF_H | BPF_ABS] = true, | |
| 992 | [BPF_LD | BPF_B | BPF_ABS] = true, | |
| 993 | [BPF_LD | BPF_W | BPF_LEN] = true, | |
| 994 | [BPF_LD | BPF_W | BPF_IND] = true, | |
| 995 | [BPF_LD | BPF_H | BPF_IND] = true, | |
| 996 | [BPF_LD | BPF_B | BPF_IND] = true, | |
| 997 | [BPF_LD | BPF_IMM] = true, | |
| 998 | [BPF_LD | BPF_MEM] = true, | |
| 999 | [BPF_LDX | BPF_W | BPF_LEN] = true, | |
| 1000 | [BPF_LDX | BPF_B | BPF_MSH] = true, | |
| 1001 | [BPF_LDX | BPF_IMM] = true, | |
| 1002 | [BPF_LDX | BPF_MEM] = true, | |
| 1003 | /* Store instructions */ | |
| 1004 | [BPF_ST] = true, | |
| 1005 | [BPF_STX] = true, | |
| 1006 | /* Misc instructions */ | |
| 1007 | [BPF_MISC | BPF_TAX] = true, | |
| 1008 | [BPF_MISC | BPF_TXA] = true, | |
| 1009 | /* Return instructions */ | |
| 1010 | [BPF_RET | BPF_K] = true, | |
| 1011 | [BPF_RET | BPF_A] = true, | |
| 1012 | /* Jump instructions */ | |
| 1013 | [BPF_JMP | BPF_JA] = true, | |
| 1014 | [BPF_JMP | BPF_JEQ | BPF_K] = true, | |
| 1015 | [BPF_JMP | BPF_JEQ | BPF_X] = true, | |
| 1016 | [BPF_JMP | BPF_JGE | BPF_K] = true, | |
| 1017 | [BPF_JMP | BPF_JGE | BPF_X] = true, | |
| 1018 | [BPF_JMP | BPF_JGT | BPF_K] = true, | |
| 1019 | [BPF_JMP | BPF_JGT | BPF_X] = true, | |
| 1020 | [BPF_JMP | BPF_JSET | BPF_K] = true, | |
| 1021 | [BPF_JMP | BPF_JSET | BPF_X] = true, | |
| 1022 | }; | |
| 1023 | ||
| 1024 | if (code_to_probe >= ARRAY_SIZE(codes)) | |
| 1025 | return false; | |
| 1026 | ||
| 1027 | return codes[code_to_probe]; | |
| 1028 | } | |
| 1029 | ||
| f7bd9e36 DB |
1030 | static bool bpf_check_basics_ok(const struct sock_filter *filter, |
| 1031 | unsigned int flen) | |
| 1032 | { | |
| 1033 | if (filter == NULL) | |
| 1034 | return false; | |
| 1035 | if (flen == 0 || flen > BPF_MAXINSNS) | |
| 1036 | return false; | |
| 1037 | ||
| 1038 | return true; | |
| 1039 | } | |
| 1040 | ||
| 1da177e4 | 1041 | /** |
| 4df95ff4 | 1042 | * bpf_check_classic - verify socket filter code |
| 1da177e4 LT |
1043 | * @filter: filter to verify |
| 1044 | * @flen: length of filter | |
| 1045 | * | |
| 1046 | * Check the user's filter code. If we let some ugly | |
| 1047 | * filter code slip through kaboom! The filter must contain | |
| 93699863 KK |
1048 | * no references or jumps that are out of range, no illegal |
| 1049 | * instructions, and must end with a RET instruction. | |
| 1da177e4 | 1050 | * |
| 7b11f69f KK |
1051 | * All jumps are forward as they are not signed. |
| 1052 | * | |
| 1053 | * Returns 0 if the rule set is legal or -EINVAL if not. | |
| 1da177e4 | 1054 | */ |
| d9e12f42 NS |
1055 | static int bpf_check_classic(const struct sock_filter *filter, |
| 1056 | unsigned int flen) | |
| 1da177e4 | 1057 | { |
| aa1113d9 | 1058 | bool anc_found; |
| 34805931 | 1059 | int pc; |
| 1da177e4 | 1060 | |
| 34805931 | 1061 | /* Check the filter code now */ |
| 1da177e4 | 1062 | for (pc = 0; pc < flen; pc++) { |
| ec31a05c | 1063 | const struct sock_filter *ftest = &filter[pc]; |
| 93699863 | 1064 | |
| 34805931 DB |
1065 | /* May we actually operate on this code? */ |
| 1066 | if (!chk_code_allowed(ftest->code)) | |
| cba328fc | 1067 | return -EINVAL; |
| 34805931 | 1068 | |
| 93699863 | 1069 | /* Some instructions need special checks */ |
| 34805931 DB |
1070 | switch (ftest->code) { |
| 1071 | case BPF_ALU | BPF_DIV | BPF_K: | |
| 1072 | case BPF_ALU | BPF_MOD | BPF_K: | |
| 1073 | /* Check for division by zero */ | |
| b6069a95 ED |
1074 | if (ftest->k == 0) |
| 1075 | return -EINVAL; | |
| 1076 | break; | |
| 229394e8 RV |
1077 | case BPF_ALU | BPF_LSH | BPF_K: |
| 1078 | case BPF_ALU | BPF_RSH | BPF_K: | |
| 1079 | if (ftest->k >= 32) | |
| 1080 | return -EINVAL; | |
| 1081 | break; | |
| 34805931 DB |
1082 | case BPF_LD | BPF_MEM: |
| 1083 | case BPF_LDX | BPF_MEM: | |
| 1084 | case BPF_ST: | |
| 1085 | case BPF_STX: | |
| 1086 | /* Check for invalid memory addresses */ | |
| 93699863 KK |
1087 | if (ftest->k >= BPF_MEMWORDS) |
| 1088 | return -EINVAL; | |
| 1089 | break; | |
| 34805931 DB |
1090 | case BPF_JMP | BPF_JA: |
| 1091 | /* Note, the large ftest->k might cause loops. | |
| 93699863 KK |
1092 | * Compare this with conditional jumps below, |
| 1093 | * where offsets are limited. --ANK (981016) | |
| 1094 | */ | |
| 34805931 | 1095 | if (ftest->k >= (unsigned int)(flen - pc - 1)) |
| 93699863 | 1096 | return -EINVAL; |
| 01f2f3f6 | 1097 | break; |
| 34805931 DB |
1098 | case BPF_JMP | BPF_JEQ | BPF_K: |
| 1099 | case BPF_JMP | BPF_JEQ | BPF_X: | |
| 1100 | case BPF_JMP | BPF_JGE | BPF_K: | |
| 1101 | case BPF_JMP | BPF_JGE | BPF_X: | |
| 1102 | case BPF_JMP | BPF_JGT | BPF_K: | |
| 1103 | case BPF_JMP | BPF_JGT | BPF_X: | |
| 1104 | case BPF_JMP | BPF_JSET | BPF_K: | |
| 1105 | case BPF_JMP | BPF_JSET | BPF_X: | |
| 1106 | /* Both conditionals must be safe */ | |
| e35bedf3 | 1107 | if (pc + ftest->jt + 1 >= flen || |
| 93699863 KK |
1108 | pc + ftest->jf + 1 >= flen) |
| 1109 | return -EINVAL; | |
| cba328fc | 1110 | break; |
| 34805931 DB |
1111 | case BPF_LD | BPF_W | BPF_ABS: |
| 1112 | case BPF_LD | BPF_H | BPF_ABS: | |
| 1113 | case BPF_LD | BPF_B | BPF_ABS: | |
| aa1113d9 | 1114 | anc_found = false; |
| 34805931 DB |
1115 | if (bpf_anc_helper(ftest) & BPF_ANC) |
| 1116 | anc_found = true; | |
| 1117 | /* Ancillary operation unknown or unsupported */ | |
| aa1113d9 DB |
1118 | if (anc_found == false && ftest->k >= SKF_AD_OFF) |
| 1119 | return -EINVAL; | |
| 01f2f3f6 HPP |
1120 | } |
| 1121 | } | |
| 93699863 | 1122 | |
| 34805931 | 1123 | /* Last instruction must be a RET code */ |
| 01f2f3f6 | 1124 | switch (filter[flen - 1].code) { |
| 34805931 DB |
1125 | case BPF_RET | BPF_K: |
| 1126 | case BPF_RET | BPF_A: | |
| 2d5311e4 | 1127 | return check_load_and_stores(filter, flen); |
| cba328fc | 1128 | } |
| 34805931 | 1129 | |
| cba328fc | 1130 | return -EINVAL; |
| 1da177e4 LT |
1131 | } |
| 1132 | ||
| 7ae457c1 AS |
1133 | static int bpf_prog_store_orig_filter(struct bpf_prog *fp, |
| 1134 | const struct sock_fprog *fprog) | |
| a3ea269b | 1135 | { |
| 009937e7 | 1136 | unsigned int fsize = bpf_classic_proglen(fprog); |
| a3ea269b DB |
1137 | struct sock_fprog_kern *fkprog; |
| 1138 | ||
| 1139 | fp->orig_prog = kmalloc(sizeof(*fkprog), GFP_KERNEL); | |
| 1140 | if (!fp->orig_prog) | |
| 1141 | return -ENOMEM; | |
| 1142 | ||
| 1143 | fkprog = fp->orig_prog; | |
| 1144 | fkprog->len = fprog->len; | |
| 658da937 DB |
1145 | |
| 1146 | fkprog->filter = kmemdup(fp->insns, fsize, | |
| 1147 | GFP_KERNEL | __GFP_NOWARN); | |
| a3ea269b DB |
1148 | if (!fkprog->filter) { |
| 1149 | kfree(fp->orig_prog); | |
| 1150 | return -ENOMEM; | |
| 1151 | } | |
| 1152 | ||
| 1153 | return 0; | |
| 1154 | } | |
| 1155 | ||
| 7ae457c1 | 1156 | static void bpf_release_orig_filter(struct bpf_prog *fp) |
| a3ea269b DB |
1157 | { |
| 1158 | struct sock_fprog_kern *fprog = fp->orig_prog; | |
| 1159 | ||
| 1160 | if (fprog) { | |
| 1161 | kfree(fprog->filter); | |
| 1162 | kfree(fprog); | |
| 1163 | } | |
| 1164 | } | |
| 1165 | ||
| 7ae457c1 AS |
1166 | static void __bpf_prog_release(struct bpf_prog *prog) |
| 1167 | { | |
| 24701ece | 1168 | if (prog->type == BPF_PROG_TYPE_SOCKET_FILTER) { |
| 89aa0758 AS |
1169 | bpf_prog_put(prog); |
| 1170 | } else { | |
| 1171 | bpf_release_orig_filter(prog); | |
| 1172 | bpf_prog_free(prog); | |
| 1173 | } | |
| 7ae457c1 AS |
1174 | } |
| 1175 | ||
| 34c5bd66 PN |
1176 | static void __sk_filter_release(struct sk_filter *fp) |
| 1177 | { | |
| 7ae457c1 AS |
1178 | __bpf_prog_release(fp->prog); |
| 1179 | kfree(fp); | |
| 34c5bd66 PN |
1180 | } |
| 1181 | ||
| 47e958ea | 1182 | /** |
| 46bcf14f | 1183 | * sk_filter_release_rcu - Release a socket filter by rcu_head |
| 47e958ea PE |
1184 | * @rcu: rcu_head that contains the sk_filter to free |
| 1185 | */ | |
| fbc907f0 | 1186 | static void sk_filter_release_rcu(struct rcu_head *rcu) |
| 47e958ea PE |
1187 | { |
| 1188 | struct sk_filter *fp = container_of(rcu, struct sk_filter, rcu); | |
| 1189 | ||
| 34c5bd66 | 1190 | __sk_filter_release(fp); |
| 47e958ea | 1191 | } |
| fbc907f0 DB |
1192 | |
| 1193 | /** | |
| 1194 | * sk_filter_release - release a socket filter | |
| 1195 | * @fp: filter to remove | |
| 1196 | * | |
| 1197 | * Remove a filter from a socket and release its resources. | |
| 1198 | */ | |
| 1199 | static void sk_filter_release(struct sk_filter *fp) | |
| 1200 | { | |
| 4c355cdf | 1201 | if (refcount_dec_and_test(&fp->refcnt)) |
| fbc907f0 DB |
1202 | call_rcu(&fp->rcu, sk_filter_release_rcu); |
| 1203 | } | |
| 1204 | ||
| 1205 | void sk_filter_uncharge(struct sock *sk, struct sk_filter *fp) | |
| 1206 | { | |
| 7ae457c1 | 1207 | u32 filter_size = bpf_prog_size(fp->prog->len); |
| fbc907f0 | 1208 | |
| 278571ba AS |
1209 | atomic_sub(filter_size, &sk->sk_omem_alloc); |
| 1210 | sk_filter_release(fp); | |
| fbc907f0 | 1211 | } |
| 47e958ea | 1212 | |
| 278571ba AS |
1213 | /* try to charge the socket memory if there is space available |
| 1214 | * return true on success | |
| 1215 | */ | |
| 4c355cdf | 1216 | static bool __sk_filter_charge(struct sock *sk, struct sk_filter *fp) |
| bd4cf0ed | 1217 | { |
| 7ae457c1 | 1218 | u32 filter_size = bpf_prog_size(fp->prog->len); |
| 7de6d09f | 1219 | int optmem_max = READ_ONCE(sysctl_optmem_max); |
| 278571ba AS |
1220 | |
| 1221 | /* same check as in sock_kmalloc() */ | |
| 7de6d09f KI |
1222 | if (filter_size <= optmem_max && |
| 1223 | atomic_read(&sk->sk_omem_alloc) + filter_size < optmem_max) { | |
| 278571ba AS |
1224 | atomic_add(filter_size, &sk->sk_omem_alloc); |
| 1225 | return true; | |
| bd4cf0ed | 1226 | } |
| 278571ba | 1227 | return false; |
| bd4cf0ed AS |
1228 | } |
| 1229 | ||
| 4c355cdf RE |
1230 | bool sk_filter_charge(struct sock *sk, struct sk_filter *fp) |
| 1231 | { | |
| eefca20e ED |
1232 | if (!refcount_inc_not_zero(&fp->refcnt)) |
| 1233 | return false; | |
| 1234 | ||
| 1235 | if (!__sk_filter_charge(sk, fp)) { | |
| 1236 | sk_filter_release(fp); | |
| 1237 | return false; | |
| 1238 | } | |
| 1239 | return true; | |
| 4c355cdf RE |
1240 | } |
| 1241 | ||
| 7ae457c1 | 1242 | static struct bpf_prog *bpf_migrate_filter(struct bpf_prog *fp) |
| bd4cf0ed AS |
1243 | { |
| 1244 | struct sock_filter *old_prog; | |
| 7ae457c1 | 1245 | struct bpf_prog *old_fp; |
| 34805931 | 1246 | int err, new_len, old_len = fp->len; |
| e0cea7ce | 1247 | bool seen_ld_abs = false; |
| bd4cf0ed | 1248 | |
| 06edc59c CH |
1249 | /* We are free to overwrite insns et al right here as it won't be used at |
| 1250 | * this point in time anymore internally after the migration to the eBPF | |
| 1251 | * instruction representation. | |
| bd4cf0ed AS |
1252 | */ |
| 1253 | BUILD_BUG_ON(sizeof(struct sock_filter) != | |
| 2695fb55 | 1254 | sizeof(struct bpf_insn)); |
| bd4cf0ed | 1255 | |
| bd4cf0ed AS |
1256 | /* Conversion cannot happen on overlapping memory areas, |
| 1257 | * so we need to keep the user BPF around until the 2nd | |
| 1258 | * pass. At this time, the user BPF is stored in fp->insns. | |
| 1259 | */ | |
| 1260 | old_prog = kmemdup(fp->insns, old_len * sizeof(struct sock_filter), | |
| 658da937 | 1261 | GFP_KERNEL | __GFP_NOWARN); |
| bd4cf0ed AS |
1262 | if (!old_prog) { |
| 1263 | err = -ENOMEM; | |
| 1264 | goto out_err; | |
| 1265 | } | |
| 1266 | ||
| 1267 | /* 1st pass: calculate the new program length. */ | |
| e0cea7ce DB |
1268 | err = bpf_convert_filter(old_prog, old_len, NULL, &new_len, |
| 1269 | &seen_ld_abs); | |
| bd4cf0ed AS |
1270 | if (err) |
| 1271 | goto out_err_free; | |
| 1272 | ||
| 1273 | /* Expand fp for appending the new filter representation. */ | |
| 1274 | old_fp = fp; | |
| 60a3b225 | 1275 | fp = bpf_prog_realloc(old_fp, bpf_prog_size(new_len), 0); |
| bd4cf0ed AS |
1276 | if (!fp) { |
| 1277 | /* The old_fp is still around in case we couldn't | |
| 1278 | * allocate new memory, so uncharge on that one. | |
| 1279 | */ | |
| 1280 | fp = old_fp; | |
| 1281 | err = -ENOMEM; | |
| 1282 | goto out_err_free; | |
| 1283 | } | |
| 1284 | ||
| bd4cf0ed AS |
1285 | fp->len = new_len; |
| 1286 | ||
| 2695fb55 | 1287 | /* 2nd pass: remap sock_filter insns into bpf_insn insns. */ |
| e0cea7ce DB |
1288 | err = bpf_convert_filter(old_prog, old_len, fp, &new_len, |
| 1289 | &seen_ld_abs); | |
| bd4cf0ed | 1290 | if (err) |
| 8fb575ca | 1291 | /* 2nd bpf_convert_filter() can fail only if it fails |
| bd4cf0ed AS |
1292 | * to allocate memory, remapping must succeed. Note, |
| 1293 | * that at this time old_fp has already been released | |
| 278571ba | 1294 | * by krealloc(). |
| bd4cf0ed AS |
1295 | */ |
| 1296 | goto out_err_free; | |
| 1297 | ||
| d1c55ab5 | 1298 | fp = bpf_prog_select_runtime(fp, &err); |
| 290af866 AS |
1299 | if (err) |
| 1300 | goto out_err_free; | |
| 5fe821a9 | 1301 | |
| bd4cf0ed AS |
1302 | kfree(old_prog); |
| 1303 | return fp; | |
| 1304 | ||
| 1305 | out_err_free: | |
| 1306 | kfree(old_prog); | |
| 1307 | out_err: | |
| 7ae457c1 | 1308 | __bpf_prog_release(fp); |
| bd4cf0ed AS |
1309 | return ERR_PTR(err); |
| 1310 | } | |
| 1311 | ||
| ac67eb2c DB |
1312 | static struct bpf_prog *bpf_prepare_filter(struct bpf_prog *fp, |
| 1313 | bpf_aux_classic_check_t trans) | |
| 302d6637 JP |
1314 | { |
| 1315 | int err; | |
| 1316 | ||
| bd4cf0ed | 1317 | fp->bpf_func = NULL; |
| a91263d5 | 1318 | fp->jited = 0; |
| 302d6637 | 1319 | |
| 4df95ff4 | 1320 | err = bpf_check_classic(fp->insns, fp->len); |
| 418c96ac | 1321 | if (err) { |
| 7ae457c1 | 1322 | __bpf_prog_release(fp); |
| bd4cf0ed | 1323 | return ERR_PTR(err); |
| 418c96ac | 1324 | } |
| 302d6637 | 1325 | |
| 4ae92bc7 NS |
1326 | /* There might be additional checks and transformations |
| 1327 | * needed on classic filters, f.e. in case of seccomp. | |
| 1328 | */ | |
| 1329 | if (trans) { | |
| 1330 | err = trans(fp->insns, fp->len); | |
| 1331 | if (err) { | |
| 1332 | __bpf_prog_release(fp); | |
| 1333 | return ERR_PTR(err); | |
| 1334 | } | |
| 1335 | } | |
| 1336 | ||
| bd4cf0ed AS |
1337 | /* Probe if we can JIT compile the filter and if so, do |
| 1338 | * the compilation of the filter. | |
| 1339 | */ | |
| 302d6637 | 1340 | bpf_jit_compile(fp); |
| bd4cf0ed | 1341 | |
| 06edc59c CH |
1342 | /* JIT compiler couldn't process this filter, so do the eBPF translation |
| 1343 | * for the optimized interpreter. | |
| bd4cf0ed | 1344 | */ |
| 5fe821a9 | 1345 | if (!fp->jited) |
| 7ae457c1 | 1346 | fp = bpf_migrate_filter(fp); |
| bd4cf0ed AS |
1347 | |
| 1348 | return fp; | |
| 302d6637 JP |
1349 | } |
| 1350 | ||
| 1351 | /** | |
| 7ae457c1 | 1352 | * bpf_prog_create - create an unattached filter |
| c6c4b97c | 1353 | * @pfp: the unattached filter that is created |
| 677a9fd3 | 1354 | * @fprog: the filter program |
| 302d6637 | 1355 | * |
| c6c4b97c | 1356 | * Create a filter independent of any socket. We first run some |
| 302d6637 JP |
1357 | * sanity checks on it to make sure it does not explode on us later. |
| 1358 | * If an error occurs or there is insufficient memory for the filter | |
| 1359 | * a negative errno code is returned. On success the return is zero. | |
| 1360 | */ | |
| 7ae457c1 | 1361 | int bpf_prog_create(struct bpf_prog **pfp, struct sock_fprog_kern *fprog) |
| 302d6637 | 1362 | { |
| 009937e7 | 1363 | unsigned int fsize = bpf_classic_proglen(fprog); |
| 7ae457c1 | 1364 | struct bpf_prog *fp; |
| 302d6637 JP |
1365 | |
| 1366 | /* Make sure new filter is there and in the right amounts. */ | |
| f7bd9e36 | 1367 | if (!bpf_check_basics_ok(fprog->filter, fprog->len)) |
| 302d6637 JP |
1368 | return -EINVAL; |
| 1369 | ||
| 60a3b225 | 1370 | fp = bpf_prog_alloc(bpf_prog_size(fprog->len), 0); |
| 302d6637 JP |
1371 | if (!fp) |
| 1372 | return -ENOMEM; | |
| a3ea269b | 1373 | |
| 302d6637 JP |
1374 | memcpy(fp->insns, fprog->filter, fsize); |
| 1375 | ||
| 302d6637 | 1376 | fp->len = fprog->len; |
| a3ea269b DB |
1377 | /* Since unattached filters are not copied back to user |
| 1378 | * space through sk_get_filter(), we do not need to hold | |
| 1379 | * a copy here, and can spare us the work. | |
| 1380 | */ | |
| 1381 | fp->orig_prog = NULL; | |
| 302d6637 | 1382 | |
| 7ae457c1 | 1383 | /* bpf_prepare_filter() already takes care of freeing |
| bd4cf0ed AS |
1384 | * memory in case something goes wrong. |
| 1385 | */ | |
| 4ae92bc7 | 1386 | fp = bpf_prepare_filter(fp, NULL); |
| bd4cf0ed AS |
1387 | if (IS_ERR(fp)) |
| 1388 | return PTR_ERR(fp); | |
| 302d6637 JP |
1389 | |
| 1390 | *pfp = fp; | |
| 1391 | return 0; | |
| 302d6637 | 1392 | } |
| 7ae457c1 | 1393 | EXPORT_SYMBOL_GPL(bpf_prog_create); |
| 302d6637 | 1394 | |
| ac67eb2c DB |
1395 | /** |
| 1396 | * bpf_prog_create_from_user - create an unattached filter from user buffer | |
| 1397 | * @pfp: the unattached filter that is created | |
| 1398 | * @fprog: the filter program | |
| 1399 | * @trans: post-classic verifier transformation handler | |
| bab18991 | 1400 | * @save_orig: save classic BPF program |
| ac67eb2c DB |
1401 | * |
| 1402 | * This function effectively does the same as bpf_prog_create(), only | |
| 1403 | * that it builds up its insns buffer from user space provided buffer. | |
| 1404 | * It also allows for passing a bpf_aux_classic_check_t handler. | |
| 1405 | */ | |
| 1406 | int bpf_prog_create_from_user(struct bpf_prog **pfp, struct sock_fprog *fprog, | |
| bab18991 | 1407 | bpf_aux_classic_check_t trans, bool save_orig) |
| ac67eb2c DB |
1408 | { |
| 1409 | unsigned int fsize = bpf_classic_proglen(fprog); | |
| 1410 | struct bpf_prog *fp; | |
| bab18991 | 1411 | int err; |
| ac67eb2c DB |
1412 | |
| 1413 | /* Make sure new filter is there and in the right amounts. */ | |
| f7bd9e36 | 1414 | if (!bpf_check_basics_ok(fprog->filter, fprog->len)) |
| ac67eb2c DB |
1415 | return -EINVAL; |
| 1416 | ||
| 1417 | fp = bpf_prog_alloc(bpf_prog_size(fprog->len), 0); | |
| 1418 | if (!fp) | |
| 1419 | return -ENOMEM; | |
| 1420 | ||
| 1421 | if (copy_from_user(fp->insns, fprog->filter, fsize)) { | |
| 1422 | __bpf_prog_free(fp); | |
| 1423 | return -EFAULT; | |
| 1424 | } | |
| 1425 | ||
| 1426 | fp->len = fprog->len; | |
| ac67eb2c DB |
1427 | fp->orig_prog = NULL; |
| 1428 | ||
| bab18991 DB |
1429 | if (save_orig) { |
| 1430 | err = bpf_prog_store_orig_filter(fp, fprog); | |
| 1431 | if (err) { | |
| 1432 | __bpf_prog_free(fp); | |
| 1433 | return -ENOMEM; | |
| 1434 | } | |
| 1435 | } | |
| 1436 | ||
| ac67eb2c DB |
1437 | /* bpf_prepare_filter() already takes care of freeing |
| 1438 | * memory in case something goes wrong. | |
| 1439 | */ | |
| 1440 | fp = bpf_prepare_filter(fp, trans); | |
| 1441 | if (IS_ERR(fp)) | |
| 1442 | return PTR_ERR(fp); | |
| 1443 | ||
| 1444 | *pfp = fp; | |
| 1445 | return 0; | |
| 1446 | } | |
| 2ea273d7 | 1447 | EXPORT_SYMBOL_GPL(bpf_prog_create_from_user); |
| ac67eb2c | 1448 | |
| 7ae457c1 | 1449 | void bpf_prog_destroy(struct bpf_prog *fp) |
| 302d6637 | 1450 | { |
| 7ae457c1 | 1451 | __bpf_prog_release(fp); |
| 302d6637 | 1452 | } |
| 7ae457c1 | 1453 | EXPORT_SYMBOL_GPL(bpf_prog_destroy); |
| 302d6637 | 1454 | |
| 8ced425e | 1455 | static int __sk_attach_prog(struct bpf_prog *prog, struct sock *sk) |
| 49b31e57 DB |
1456 | { |
| 1457 | struct sk_filter *fp, *old_fp; | |
| 1458 | ||
| 1459 | fp = kmalloc(sizeof(*fp), GFP_KERNEL); | |
| 1460 | if (!fp) | |
| 1461 | return -ENOMEM; | |
| 1462 | ||
| 1463 | fp->prog = prog; | |
| 49b31e57 | 1464 | |
| 4c355cdf | 1465 | if (!__sk_filter_charge(sk, fp)) { |
| 49b31e57 DB |
1466 | kfree(fp); |
| 1467 | return -ENOMEM; | |
| 1468 | } | |
| 4c355cdf | 1469 | refcount_set(&fp->refcnt, 1); |
| 49b31e57 | 1470 | |
| 8ced425e HFS |
1471 | old_fp = rcu_dereference_protected(sk->sk_filter, |
| 1472 | lockdep_sock_is_held(sk)); | |
| 49b31e57 | 1473 | rcu_assign_pointer(sk->sk_filter, fp); |
| 8ced425e | 1474 | |
| 49b31e57 DB |
1475 | if (old_fp) |
| 1476 | sk_filter_uncharge(sk, old_fp); | |
| 1477 | ||
| 1478 | return 0; | |
| 1479 | } | |
| 1480 | ||
| 538950a1 CG |
1481 | static |
| 1482 | struct bpf_prog *__get_filter(struct sock_fprog *fprog, struct sock *sk) | |
| 1da177e4 | 1483 | { |
| 009937e7 | 1484 | unsigned int fsize = bpf_classic_proglen(fprog); |
| 7ae457c1 | 1485 | struct bpf_prog *prog; |
| 1da177e4 LT |
1486 | int err; |
| 1487 | ||
| d59577b6 | 1488 | if (sock_flag(sk, SOCK_FILTER_LOCKED)) |
| 538950a1 | 1489 | return ERR_PTR(-EPERM); |
| d59577b6 | 1490 | |
| 1da177e4 | 1491 | /* Make sure new filter is there and in the right amounts. */ |
| f7bd9e36 | 1492 | if (!bpf_check_basics_ok(fprog->filter, fprog->len)) |
| 538950a1 | 1493 | return ERR_PTR(-EINVAL); |
| 1da177e4 | 1494 | |
| f7bd9e36 | 1495 | prog = bpf_prog_alloc(bpf_prog_size(fprog->len), 0); |
| 7ae457c1 | 1496 | if (!prog) |
| 538950a1 | 1497 | return ERR_PTR(-ENOMEM); |
| a3ea269b | 1498 | |
| 7ae457c1 | 1499 | if (copy_from_user(prog->insns, fprog->filter, fsize)) { |
| c0d1379a | 1500 | __bpf_prog_free(prog); |
| 538950a1 | 1501 | return ERR_PTR(-EFAULT); |
| 1da177e4 LT |
1502 | } |
| 1503 | ||
| 7ae457c1 | 1504 | prog->len = fprog->len; |
| 1da177e4 | 1505 | |
| 7ae457c1 | 1506 | err = bpf_prog_store_orig_filter(prog, fprog); |
| a3ea269b | 1507 | if (err) { |
| c0d1379a | 1508 | __bpf_prog_free(prog); |
| 538950a1 | 1509 | return ERR_PTR(-ENOMEM); |
| a3ea269b DB |
1510 | } |
| 1511 | ||
| 7ae457c1 | 1512 | /* bpf_prepare_filter() already takes care of freeing |
| bd4cf0ed AS |
1513 | * memory in case something goes wrong. |
| 1514 | */ | |
| 538950a1 CG |
1515 | return bpf_prepare_filter(prog, NULL); |
| 1516 | } | |
| 1517 | ||
| 1518 | /** | |
| 1519 | * sk_attach_filter - attach a socket filter | |
| 1520 | * @fprog: the filter program | |
| 1521 | * @sk: the socket to use | |
| 1522 | * | |
| 1523 | * Attach the user's filter code. We first run some sanity checks on | |
| 1524 | * it to make sure it does not explode on us later. If an error | |
| 1525 | * occurs or there is insufficient memory for the filter a negative | |
| 1526 | * errno code is returned. On success the return is zero. | |
| 1527 | */ | |
| 8ced425e | 1528 | int sk_attach_filter(struct sock_fprog *fprog, struct sock *sk) |
| 538950a1 CG |
1529 | { |
| 1530 | struct bpf_prog *prog = __get_filter(fprog, sk); | |
| 1531 | int err; | |
| 1532 | ||
| 7ae457c1 AS |
1533 | if (IS_ERR(prog)) |
| 1534 | return PTR_ERR(prog); | |
| 1535 | ||
| 8ced425e | 1536 | err = __sk_attach_prog(prog, sk); |
| 49b31e57 | 1537 | if (err < 0) { |
| 7ae457c1 | 1538 | __bpf_prog_release(prog); |
| 49b31e57 | 1539 | return err; |
| 278571ba AS |
1540 | } |
| 1541 | ||
| d3904b73 | 1542 | return 0; |
| 1da177e4 | 1543 | } |
| 8ced425e | 1544 | EXPORT_SYMBOL_GPL(sk_attach_filter); |
| 1da177e4 | 1545 | |
| 538950a1 | 1546 | int sk_reuseport_attach_filter(struct sock_fprog *fprog, struct sock *sk) |
| 89aa0758 | 1547 | { |
| 538950a1 | 1548 | struct bpf_prog *prog = __get_filter(fprog, sk); |
| 49b31e57 | 1549 | int err; |
| 89aa0758 | 1550 | |
| 538950a1 CG |
1551 | if (IS_ERR(prog)) |
| 1552 | return PTR_ERR(prog); | |
| 1553 | ||
| 7de6d09f | 1554 | if (bpf_prog_size(prog->len) > READ_ONCE(sysctl_optmem_max)) |
| 8217ca65 MKL |
1555 | err = -ENOMEM; |
| 1556 | else | |
| 1557 | err = reuseport_attach_prog(sk, prog); | |
| 1558 | ||
| 1559 | if (err) | |
| 538950a1 | 1560 | __bpf_prog_release(prog); |
| 538950a1 | 1561 | |
| 8217ca65 | 1562 | return err; |
| 538950a1 CG |
1563 | } |
| 1564 | ||
| 1565 | static struct bpf_prog *__get_bpf(u32 ufd, struct sock *sk) | |
| 1566 | { | |
| 89aa0758 | 1567 | if (sock_flag(sk, SOCK_FILTER_LOCKED)) |
| 538950a1 | 1568 | return ERR_PTR(-EPERM); |
| 89aa0758 | 1569 | |
| 113214be | 1570 | return bpf_prog_get_type(ufd, BPF_PROG_TYPE_SOCKET_FILTER); |
| 538950a1 CG |
1571 | } |
| 1572 | ||
| 1573 | int sk_attach_bpf(u32 ufd, struct sock *sk) | |
| 1574 | { | |
| 1575 | struct bpf_prog *prog = __get_bpf(ufd, sk); | |
| 1576 | int err; | |
| 1577 | ||
| 1578 | if (IS_ERR(prog)) | |
| 1579 | return PTR_ERR(prog); | |
| 1580 | ||
| 8ced425e | 1581 | err = __sk_attach_prog(prog, sk); |
| 49b31e57 | 1582 | if (err < 0) { |
| 89aa0758 | 1583 | bpf_prog_put(prog); |
| 49b31e57 | 1584 | return err; |
| 89aa0758 AS |
1585 | } |
| 1586 | ||
| 89aa0758 AS |
1587 | return 0; |
| 1588 | } | |
| 1589 | ||
| 538950a1 CG |
1590 | int sk_reuseport_attach_bpf(u32 ufd, struct sock *sk) |
| 1591 | { | |
| 8217ca65 | 1592 | struct bpf_prog *prog; |
| 538950a1 CG |
1593 | int err; |
| 1594 | ||
| 8217ca65 MKL |
1595 | if (sock_flag(sk, SOCK_FILTER_LOCKED)) |
| 1596 | return -EPERM; | |
| 1597 | ||
| 1598 | prog = bpf_prog_get_type(ufd, BPF_PROG_TYPE_SOCKET_FILTER); | |
| 45586c70 | 1599 | if (PTR_ERR(prog) == -EINVAL) |
| 8217ca65 | 1600 | prog = bpf_prog_get_type(ufd, BPF_PROG_TYPE_SK_REUSEPORT); |
| 538950a1 CG |
1601 | if (IS_ERR(prog)) |
| 1602 | return PTR_ERR(prog); | |
| 1603 | ||
| 8217ca65 MKL |
1604 | if (prog->type == BPF_PROG_TYPE_SK_REUSEPORT) { |
| 1605 | /* Like other non BPF_PROG_TYPE_SOCKET_FILTER | |
| 1606 | * bpf prog (e.g. sockmap). It depends on the | |
| 1607 | * limitation imposed by bpf_prog_load(). | |
| 1608 | * Hence, sysctl_optmem_max is not checked. | |
| 1609 | */ | |
| 1610 | if ((sk->sk_type != SOCK_STREAM && | |
| 1611 | sk->sk_type != SOCK_DGRAM) || | |
| 1612 | (sk->sk_protocol != IPPROTO_UDP && | |
| 1613 | sk->sk_protocol != IPPROTO_TCP) || | |
| 1614 | (sk->sk_family != AF_INET && | |
| 1615 | sk->sk_family != AF_INET6)) { | |
| 1616 | err = -ENOTSUPP; | |
| 1617 | goto err_prog_put; | |
| 1618 | } | |
| 1619 | } else { | |
| 1620 | /* BPF_PROG_TYPE_SOCKET_FILTER */ | |
| 7de6d09f | 1621 | if (bpf_prog_size(prog->len) > READ_ONCE(sysctl_optmem_max)) { |
| 8217ca65 MKL |
1622 | err = -ENOMEM; |
| 1623 | goto err_prog_put; | |
| 1624 | } | |
| 538950a1 CG |
1625 | } |
| 1626 | ||
| 8217ca65 MKL |
1627 | err = reuseport_attach_prog(sk, prog); |
| 1628 | err_prog_put: | |
| 1629 | if (err) | |
| 1630 | bpf_prog_put(prog); | |
| 1631 | ||
| 1632 | return err; | |
| 1633 | } | |
| 1634 | ||
| 1635 | void sk_reuseport_prog_free(struct bpf_prog *prog) | |
| 1636 | { | |
| 1637 | if (!prog) | |
| 1638 | return; | |
| 1639 | ||
| 1640 | if (prog->type == BPF_PROG_TYPE_SK_REUSEPORT) | |
| 1641 | bpf_prog_put(prog); | |
| 1642 | else | |
| 1643 | bpf_prog_destroy(prog); | |
| 538950a1 CG |
1644 | } |
| 1645 | ||
| 21cafc1d DB |
1646 | struct bpf_scratchpad { |
| 1647 | union { | |
| 1648 | __be32 diff[MAX_BPF_STACK / sizeof(__be32)]; | |
| 1649 | u8 buff[MAX_BPF_STACK]; | |
| 1650 | }; | |
| 1651 | }; | |
| 1652 | ||
| 1653 | static DEFINE_PER_CPU(struct bpf_scratchpad, bpf_sp); | |
| 91bc4822 | 1654 | |
| 5293efe6 DB |
1655 | static inline int __bpf_try_make_writable(struct sk_buff *skb, |
| 1656 | unsigned int write_len) | |
| 1657 | { | |
| 1658 | return skb_ensure_writable(skb, write_len); | |
| 1659 | } | |
| 1660 | ||
| db58ba45 AS |
1661 | static inline int bpf_try_make_writable(struct sk_buff *skb, |
| 1662 | unsigned int write_len) | |
| 1663 | { | |
| 5293efe6 | 1664 | int err = __bpf_try_make_writable(skb, write_len); |
| db58ba45 | 1665 | |
| 6aaae2b6 | 1666 | bpf_compute_data_pointers(skb); |
| db58ba45 AS |
1667 | return err; |
| 1668 | } | |
| 1669 | ||
| 36bbef52 DB |
1670 | static int bpf_try_make_head_writable(struct sk_buff *skb) |
| 1671 | { | |
| 1672 | return bpf_try_make_writable(skb, skb_headlen(skb)); | |
| 1673 | } | |
| 1674 | ||
| a2bfe6bf DB |
1675 | static inline void bpf_push_mac_rcsum(struct sk_buff *skb) |
| 1676 | { | |
| 1677 | if (skb_at_tc_ingress(skb)) | |
| 1678 | skb_postpush_rcsum(skb, skb_mac_header(skb), skb->mac_len); | |
| 1679 | } | |
| 1680 | ||
| 8065694e DB |
1681 | static inline void bpf_pull_mac_rcsum(struct sk_buff *skb) |
| 1682 | { | |
| 1683 | if (skb_at_tc_ingress(skb)) | |
| 1684 | skb_postpull_rcsum(skb, skb_mac_header(skb), skb->mac_len); | |
| 1685 | } | |
| 1686 | ||
| f3694e00 DB |
1687 | BPF_CALL_5(bpf_skb_store_bytes, struct sk_buff *, skb, u32, offset, |
| 1688 | const void *, from, u32, len, u64, flags) | |
| 608cd71a | 1689 | { |
| 608cd71a AS |
1690 | void *ptr; |
| 1691 | ||
| 8afd54c8 | 1692 | if (unlikely(flags & ~(BPF_F_RECOMPUTE_CSUM | BPF_F_INVALIDATE_HASH))) |
| 781c53bc | 1693 | return -EINVAL; |
| 45969b41 | 1694 | if (unlikely(offset > INT_MAX)) |
| 608cd71a | 1695 | return -EFAULT; |
| db58ba45 | 1696 | if (unlikely(bpf_try_make_writable(skb, offset + len))) |
| 608cd71a AS |
1697 | return -EFAULT; |
| 1698 | ||
| 0ed661d5 | 1699 | ptr = skb->data + offset; |
| 781c53bc | 1700 | if (flags & BPF_F_RECOMPUTE_CSUM) |
| 479ffccc | 1701 | __skb_postpull_rcsum(skb, ptr, len, offset); |
| 608cd71a AS |
1702 | |
| 1703 | memcpy(ptr, from, len); | |
| 1704 | ||
| 781c53bc | 1705 | if (flags & BPF_F_RECOMPUTE_CSUM) |
| 479ffccc | 1706 | __skb_postpush_rcsum(skb, ptr, len, offset); |
| 8afd54c8 DB |
1707 | if (flags & BPF_F_INVALIDATE_HASH) |
| 1708 | skb_clear_hash(skb); | |
| f8ffad69 | 1709 | |
| 608cd71a AS |
1710 | return 0; |
| 1711 | } | |
| 1712 | ||
| 577c50aa | 1713 | static const struct bpf_func_proto bpf_skb_store_bytes_proto = { |
| 608cd71a AS |
1714 | .func = bpf_skb_store_bytes, |
| 1715 | .gpl_only = false, | |
| 1716 | .ret_type = RET_INTEGER, | |
| 1717 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1718 | .arg2_type = ARG_ANYTHING, | |
| 216e3cd2 | 1719 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 39f19ebb | 1720 | .arg4_type = ARG_CONST_SIZE, |
| 91bc4822 AS |
1721 | .arg5_type = ARG_ANYTHING, |
| 1722 | }; | |
| 1723 | ||
| f3694e00 DB |
1724 | BPF_CALL_4(bpf_skb_load_bytes, const struct sk_buff *, skb, u32, offset, |
| 1725 | void *, to, u32, len) | |
| 05c74e5e | 1726 | { |
| 05c74e5e DB |
1727 | void *ptr; |
| 1728 | ||
| 45969b41 | 1729 | if (unlikely(offset > INT_MAX)) |
| 074f528e | 1730 | goto err_clear; |
| 05c74e5e DB |
1731 | |
| 1732 | ptr = skb_header_pointer(skb, offset, len, to); | |
| 1733 | if (unlikely(!ptr)) | |
| 074f528e | 1734 | goto err_clear; |
| 05c74e5e DB |
1735 | if (ptr != to) |
| 1736 | memcpy(to, ptr, len); | |
| 1737 | ||
| 1738 | return 0; | |
| 074f528e DB |
1739 | err_clear: |
| 1740 | memset(to, 0, len); | |
| 1741 | return -EFAULT; | |
| 05c74e5e DB |
1742 | } |
| 1743 | ||
| 577c50aa | 1744 | static const struct bpf_func_proto bpf_skb_load_bytes_proto = { |
| 05c74e5e DB |
1745 | .func = bpf_skb_load_bytes, |
| 1746 | .gpl_only = false, | |
| 1747 | .ret_type = RET_INTEGER, | |
| 1748 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1749 | .arg2_type = ARG_ANYTHING, | |
| 39f19ebb AS |
1750 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, |
| 1751 | .arg4_type = ARG_CONST_SIZE, | |
| 05c74e5e DB |
1752 | }; |
| 1753 | ||
| 089b19a9 SF |
1754 | BPF_CALL_4(bpf_flow_dissector_load_bytes, |
| 1755 | const struct bpf_flow_dissector *, ctx, u32, offset, | |
| 1756 | void *, to, u32, len) | |
| 1757 | { | |
| 1758 | void *ptr; | |
| 1759 | ||
| 1760 | if (unlikely(offset > 0xffff)) | |
| 1761 | goto err_clear; | |
| 1762 | ||
| 1763 | if (unlikely(!ctx->skb)) | |
| 1764 | goto err_clear; | |
| 1765 | ||
| 1766 | ptr = skb_header_pointer(ctx->skb, offset, len, to); | |
| 1767 | if (unlikely(!ptr)) | |
| 1768 | goto err_clear; | |
| 1769 | if (ptr != to) | |
| 1770 | memcpy(to, ptr, len); | |
| 1771 | ||
| 1772 | return 0; | |
| 1773 | err_clear: | |
| 1774 | memset(to, 0, len); | |
| 1775 | return -EFAULT; | |
| 1776 | } | |
| 1777 | ||
| 1778 | static const struct bpf_func_proto bpf_flow_dissector_load_bytes_proto = { | |
| 1779 | .func = bpf_flow_dissector_load_bytes, | |
| 1780 | .gpl_only = false, | |
| 1781 | .ret_type = RET_INTEGER, | |
| 1782 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1783 | .arg2_type = ARG_ANYTHING, | |
| 1784 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 1785 | .arg4_type = ARG_CONST_SIZE, | |
| 1786 | }; | |
| 1787 | ||
| 4e1ec56c DB |
1788 | BPF_CALL_5(bpf_skb_load_bytes_relative, const struct sk_buff *, skb, |
| 1789 | u32, offset, void *, to, u32, len, u32, start_header) | |
| 1790 | { | |
| 3eee1f75 | 1791 | u8 *end = skb_tail_pointer(skb); |
| 0f5d82f1 | 1792 | u8 *start, *ptr; |
| 4e1ec56c | 1793 | |
| 0f5d82f1 | 1794 | if (unlikely(offset > 0xffff)) |
| 4e1ec56c DB |
1795 | goto err_clear; |
| 1796 | ||
| 1797 | switch (start_header) { | |
| 1798 | case BPF_HDR_START_MAC: | |
| 0f5d82f1 YZ |
1799 | if (unlikely(!skb_mac_header_was_set(skb))) |
| 1800 | goto err_clear; | |
| 1801 | start = skb_mac_header(skb); | |
| 4e1ec56c DB |
1802 | break; |
| 1803 | case BPF_HDR_START_NET: | |
| 0f5d82f1 | 1804 | start = skb_network_header(skb); |
| 4e1ec56c DB |
1805 | break; |
| 1806 | default: | |
| 1807 | goto err_clear; | |
| 1808 | } | |
| 1809 | ||
| 0f5d82f1 YZ |
1810 | ptr = start + offset; |
| 1811 | ||
| 1812 | if (likely(ptr + len <= end)) { | |
| 4e1ec56c DB |
1813 | memcpy(to, ptr, len); |
| 1814 | return 0; | |
| 1815 | } | |
| 1816 | ||
| 1817 | err_clear: | |
| 1818 | memset(to, 0, len); | |
| 1819 | return -EFAULT; | |
| 1820 | } | |
| 1821 | ||
| 1822 | static const struct bpf_func_proto bpf_skb_load_bytes_relative_proto = { | |
| 1823 | .func = bpf_skb_load_bytes_relative, | |
| 1824 | .gpl_only = false, | |
| 1825 | .ret_type = RET_INTEGER, | |
| 1826 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1827 | .arg2_type = ARG_ANYTHING, | |
| 1828 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 1829 | .arg4_type = ARG_CONST_SIZE, | |
| 1830 | .arg5_type = ARG_ANYTHING, | |
| 1831 | }; | |
| 1832 | ||
| 36bbef52 DB |
1833 | BPF_CALL_2(bpf_skb_pull_data, struct sk_buff *, skb, u32, len) |
| 1834 | { | |
| 1835 | /* Idea is the following: should the needed direct read/write | |
| 1836 | * test fail during runtime, we can pull in more data and redo | |
| 1837 | * again, since implicitly, we invalidate previous checks here. | |
| 1838 | * | |
| 1839 | * Or, since we know how much we need to make read/writeable, | |
| 1840 | * this can be done once at the program beginning for direct | |
| 1841 | * access case. By this we overcome limitations of only current | |
| 1842 | * headroom being accessible. | |
| 1843 | */ | |
| 1844 | return bpf_try_make_writable(skb, len ? : skb_headlen(skb)); | |
| 1845 | } | |
| 1846 | ||
| 1847 | static const struct bpf_func_proto bpf_skb_pull_data_proto = { | |
| 1848 | .func = bpf_skb_pull_data, | |
| 1849 | .gpl_only = false, | |
| 1850 | .ret_type = RET_INTEGER, | |
| 1851 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1852 | .arg2_type = ARG_ANYTHING, | |
| 1853 | }; | |
| 1854 | ||
| 46f8bc92 MKL |
1855 | BPF_CALL_1(bpf_sk_fullsock, struct sock *, sk) |
| 1856 | { | |
| 46f8bc92 MKL |
1857 | return sk_fullsock(sk) ? (unsigned long)sk : (unsigned long)NULL; |
| 1858 | } | |
| 1859 | ||
| 1860 | static const struct bpf_func_proto bpf_sk_fullsock_proto = { | |
| 1861 | .func = bpf_sk_fullsock, | |
| 1862 | .gpl_only = false, | |
| 1863 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 1864 | .arg1_type = ARG_PTR_TO_SOCK_COMMON, | |
| 1865 | }; | |
| 1866 | ||
| 0ea488ff JF |
1867 | static inline int sk_skb_try_make_writable(struct sk_buff *skb, |
| 1868 | unsigned int write_len) | |
| 1869 | { | |
| 16137b09 | 1870 | return __bpf_try_make_writable(skb, write_len); |
| 0ea488ff JF |
1871 | } |
| 1872 | ||
| 1873 | BPF_CALL_2(sk_skb_pull_data, struct sk_buff *, skb, u32, len) | |
| 1874 | { | |
| 1875 | /* Idea is the following: should the needed direct read/write | |
| 1876 | * test fail during runtime, we can pull in more data and redo | |
| 1877 | * again, since implicitly, we invalidate previous checks here. | |
| 1878 | * | |
| 1879 | * Or, since we know how much we need to make read/writeable, | |
| 1880 | * this can be done once at the program beginning for direct | |
| 1881 | * access case. By this we overcome limitations of only current | |
| 1882 | * headroom being accessible. | |
| 1883 | */ | |
| 1884 | return sk_skb_try_make_writable(skb, len ? : skb_headlen(skb)); | |
| 1885 | } | |
| 1886 | ||
| 1887 | static const struct bpf_func_proto sk_skb_pull_data_proto = { | |
| 1888 | .func = sk_skb_pull_data, | |
| 1889 | .gpl_only = false, | |
| 1890 | .ret_type = RET_INTEGER, | |
| 1891 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1892 | .arg2_type = ARG_ANYTHING, | |
| 1893 | }; | |
| 1894 | ||
| f3694e00 DB |
1895 | BPF_CALL_5(bpf_l3_csum_replace, struct sk_buff *, skb, u32, offset, |
| 1896 | u64, from, u64, to, u64, flags) | |
| 91bc4822 | 1897 | { |
| 0ed661d5 | 1898 | __sum16 *ptr; |
| 91bc4822 | 1899 | |
| 781c53bc DB |
1900 | if (unlikely(flags & ~(BPF_F_HDR_FIELD_MASK))) |
| 1901 | return -EINVAL; | |
| 0ed661d5 | 1902 | if (unlikely(offset > 0xffff || offset & 1)) |
| 91bc4822 | 1903 | return -EFAULT; |
| 0ed661d5 | 1904 | if (unlikely(bpf_try_make_writable(skb, offset + sizeof(*ptr)))) |
| 91bc4822 AS |
1905 | return -EFAULT; |
| 1906 | ||
| 0ed661d5 | 1907 | ptr = (__sum16 *)(skb->data + offset); |
| 781c53bc | 1908 | switch (flags & BPF_F_HDR_FIELD_MASK) { |
| 8050c0f0 DB |
1909 | case 0: |
| 1910 | if (unlikely(from != 0)) | |
| 1911 | return -EINVAL; | |
| 1912 | ||
| 1913 | csum_replace_by_diff(ptr, to); | |
| 1914 | break; | |
| 91bc4822 AS |
1915 | case 2: |
| 1916 | csum_replace2(ptr, from, to); | |
| 1917 | break; | |
| 1918 | case 4: | |
| 1919 | csum_replace4(ptr, from, to); | |
| 1920 | break; | |
| 1921 | default: | |
| 1922 | return -EINVAL; | |
| 1923 | } | |
| 1924 | ||
| 91bc4822 AS |
1925 | return 0; |
| 1926 | } | |
| 1927 | ||
| 577c50aa | 1928 | static const struct bpf_func_proto bpf_l3_csum_replace_proto = { |
| 91bc4822 AS |
1929 | .func = bpf_l3_csum_replace, |
| 1930 | .gpl_only = false, | |
| 1931 | .ret_type = RET_INTEGER, | |
| 1932 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1933 | .arg2_type = ARG_ANYTHING, | |
| 1934 | .arg3_type = ARG_ANYTHING, | |
| 1935 | .arg4_type = ARG_ANYTHING, | |
| 1936 | .arg5_type = ARG_ANYTHING, | |
| 1937 | }; | |
| 1938 | ||
| f3694e00 DB |
1939 | BPF_CALL_5(bpf_l4_csum_replace, struct sk_buff *, skb, u32, offset, |
| 1940 | u64, from, u64, to, u64, flags) | |
| 91bc4822 | 1941 | { |
| 781c53bc | 1942 | bool is_pseudo = flags & BPF_F_PSEUDO_HDR; |
| 2f72959a | 1943 | bool is_mmzero = flags & BPF_F_MARK_MANGLED_0; |
| d1b662ad | 1944 | bool do_mforce = flags & BPF_F_MARK_ENFORCE; |
| 0ed661d5 | 1945 | __sum16 *ptr; |
| 91bc4822 | 1946 | |
| d1b662ad DB |
1947 | if (unlikely(flags & ~(BPF_F_MARK_MANGLED_0 | BPF_F_MARK_ENFORCE | |
| 1948 | BPF_F_PSEUDO_HDR | BPF_F_HDR_FIELD_MASK))) | |
| 781c53bc | 1949 | return -EINVAL; |
| 0ed661d5 | 1950 | if (unlikely(offset > 0xffff || offset & 1)) |
| 91bc4822 | 1951 | return -EFAULT; |
| 0ed661d5 | 1952 | if (unlikely(bpf_try_make_writable(skb, offset + sizeof(*ptr)))) |
| 91bc4822 AS |
1953 | return -EFAULT; |
| 1954 | ||
| 0ed661d5 | 1955 | ptr = (__sum16 *)(skb->data + offset); |
| d1b662ad | 1956 | if (is_mmzero && !do_mforce && !*ptr) |
| 2f72959a | 1957 | return 0; |
| 91bc4822 | 1958 | |
| 781c53bc | 1959 | switch (flags & BPF_F_HDR_FIELD_MASK) { |
| 7d672345 DB |
1960 | case 0: |
| 1961 | if (unlikely(from != 0)) | |
| 1962 | return -EINVAL; | |
| 1963 | ||
| 1964 | inet_proto_csum_replace_by_diff(ptr, skb, to, is_pseudo); | |
| 1965 | break; | |
| 91bc4822 AS |
1966 | case 2: |
| 1967 | inet_proto_csum_replace2(ptr, skb, from, to, is_pseudo); | |
| 1968 | break; | |
| 1969 | case 4: | |
| 1970 | inet_proto_csum_replace4(ptr, skb, from, to, is_pseudo); | |
| 1971 | break; | |
| 1972 | default: | |
| 1973 | return -EINVAL; | |
| 1974 | } | |
| 1975 | ||
| 2f72959a DB |
1976 | if (is_mmzero && !*ptr) |
| 1977 | *ptr = CSUM_MANGLED_0; | |
| 91bc4822 AS |
1978 | return 0; |
| 1979 | } | |
| 1980 | ||
| 577c50aa | 1981 | static const struct bpf_func_proto bpf_l4_csum_replace_proto = { |
| 91bc4822 AS |
1982 | .func = bpf_l4_csum_replace, |
| 1983 | .gpl_only = false, | |
| 1984 | .ret_type = RET_INTEGER, | |
| 1985 | .arg1_type = ARG_PTR_TO_CTX, | |
| 1986 | .arg2_type = ARG_ANYTHING, | |
| 1987 | .arg3_type = ARG_ANYTHING, | |
| 1988 | .arg4_type = ARG_ANYTHING, | |
| 1989 | .arg5_type = ARG_ANYTHING, | |
| 608cd71a AS |
1990 | }; |
| 1991 | ||
| f3694e00 DB |
1992 | BPF_CALL_5(bpf_csum_diff, __be32 *, from, u32, from_size, |
| 1993 | __be32 *, to, u32, to_size, __wsum, seed) | |
| 7d672345 | 1994 | { |
| 21cafc1d | 1995 | struct bpf_scratchpad *sp = this_cpu_ptr(&bpf_sp); |
| f3694e00 | 1996 | u32 diff_size = from_size + to_size; |
| 7d672345 DB |
1997 | int i, j = 0; |
| 1998 | ||
| 1999 | /* This is quite flexible, some examples: | |
| 2000 | * | |
| 2001 | * from_size == 0, to_size > 0, seed := csum --> pushing data | |
| 2002 | * from_size > 0, to_size == 0, seed := csum --> pulling data | |
| 2003 | * from_size > 0, to_size > 0, seed := 0 --> diffing data | |
| 2004 | * | |
| 2005 | * Even for diffing, from_size and to_size don't need to be equal. | |
| 2006 | */ | |
| 2007 | if (unlikely(((from_size | to_size) & (sizeof(__be32) - 1)) || | |
| 2008 | diff_size > sizeof(sp->diff))) | |
| 2009 | return -EINVAL; | |
| 2010 | ||
| 2011 | for (i = 0; i < from_size / sizeof(__be32); i++, j++) | |
| 2012 | sp->diff[j] = ~from[i]; | |
| 2013 | for (i = 0; i < to_size / sizeof(__be32); i++, j++) | |
| 2014 | sp->diff[j] = to[i]; | |
| 2015 | ||
| 2016 | return csum_partial(sp->diff, diff_size, seed); | |
| 2017 | } | |
| 2018 | ||
| 577c50aa | 2019 | static const struct bpf_func_proto bpf_csum_diff_proto = { |
| 7d672345 DB |
2020 | .func = bpf_csum_diff, |
| 2021 | .gpl_only = false, | |
| 36bbef52 | 2022 | .pkt_access = true, |
| 7d672345 | 2023 | .ret_type = RET_INTEGER, |
| 216e3cd2 | 2024 | .arg1_type = ARG_PTR_TO_MEM | PTR_MAYBE_NULL | MEM_RDONLY, |
| 39f19ebb | 2025 | .arg2_type = ARG_CONST_SIZE_OR_ZERO, |
| 216e3cd2 | 2026 | .arg3_type = ARG_PTR_TO_MEM | PTR_MAYBE_NULL | MEM_RDONLY, |
| 39f19ebb | 2027 | .arg4_type = ARG_CONST_SIZE_OR_ZERO, |
| 7d672345 DB |
2028 | .arg5_type = ARG_ANYTHING, |
| 2029 | }; | |
| 2030 | ||
| 36bbef52 DB |
2031 | BPF_CALL_2(bpf_csum_update, struct sk_buff *, skb, __wsum, csum) |
| 2032 | { | |
| 2033 | /* The interface is to be used in combination with bpf_csum_diff() | |
| 2034 | * for direct packet writes. csum rotation for alignment as well | |
| 2035 | * as emulating csum_sub() can be done from the eBPF program. | |
| 2036 | */ | |
| 2037 | if (skb->ip_summed == CHECKSUM_COMPLETE) | |
| 2038 | return (skb->csum = csum_add(skb->csum, csum)); | |
| 2039 | ||
| 2040 | return -ENOTSUPP; | |
| 2041 | } | |
| 2042 | ||
| 2043 | static const struct bpf_func_proto bpf_csum_update_proto = { | |
| 2044 | .func = bpf_csum_update, | |
| 2045 | .gpl_only = false, | |
| 2046 | .ret_type = RET_INTEGER, | |
| 2047 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2048 | .arg2_type = ARG_ANYTHING, | |
| 2049 | }; | |
| 2050 | ||
| 7cdec54f DB |
2051 | BPF_CALL_2(bpf_csum_level, struct sk_buff *, skb, u64, level) |
| 2052 | { | |
| 2053 | /* The interface is to be used in combination with bpf_skb_adjust_room() | |
| 2054 | * for encap/decap of packet headers when BPF_F_ADJ_ROOM_NO_CSUM_RESET | |
| 2055 | * is passed as flags, for example. | |
| 2056 | */ | |
| 2057 | switch (level) { | |
| 2058 | case BPF_CSUM_LEVEL_INC: | |
| 2059 | __skb_incr_checksum_unnecessary(skb); | |
| 2060 | break; | |
| 2061 | case BPF_CSUM_LEVEL_DEC: | |
| 2062 | __skb_decr_checksum_unnecessary(skb); | |
| 2063 | break; | |
| 2064 | case BPF_CSUM_LEVEL_RESET: | |
| 2065 | __skb_reset_checksum_unnecessary(skb); | |
| 2066 | break; | |
| 2067 | case BPF_CSUM_LEVEL_QUERY: | |
| 2068 | return skb->ip_summed == CHECKSUM_UNNECESSARY ? | |
| 2069 | skb->csum_level : -EACCES; | |
| 2070 | default: | |
| 2071 | return -EINVAL; | |
| 2072 | } | |
| 2073 | ||
| 2074 | return 0; | |
| 2075 | } | |
| 2076 | ||
| 2077 | static const struct bpf_func_proto bpf_csum_level_proto = { | |
| 2078 | .func = bpf_csum_level, | |
| 2079 | .gpl_only = false, | |
| 2080 | .ret_type = RET_INTEGER, | |
| 2081 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2082 | .arg2_type = ARG_ANYTHING, | |
| 2083 | }; | |
| 2084 | ||
| a70b506e DB |
2085 | static inline int __bpf_rx_skb(struct net_device *dev, struct sk_buff *skb) |
| 2086 | { | |
| 5f7d5728 | 2087 | return dev_forward_skb_nomtu(dev, skb); |
| a70b506e DB |
2088 | } |
| 2089 | ||
| 4e3264d2 MKL |
2090 | static inline int __bpf_rx_skb_no_mac(struct net_device *dev, |
| 2091 | struct sk_buff *skb) | |
| 2092 | { | |
| 5f7d5728 | 2093 | int ret = ____dev_forward_skb(dev, skb, false); |
| 4e3264d2 MKL |
2094 | |
| 2095 | if (likely(!ret)) { | |
| 2096 | skb->dev = dev; | |
| 2097 | ret = netif_rx(skb); | |
| 2098 | } | |
| 2099 | ||
| 2100 | return ret; | |
| 2101 | } | |
| 2102 | ||
| a70b506e DB |
2103 | static inline int __bpf_tx_skb(struct net_device *dev, struct sk_buff *skb) |
| 2104 | { | |
| 2105 | int ret; | |
| 2106 | ||
| 97cdcf37 | 2107 | if (dev_xmit_recursion()) { |
| a70b506e DB |
2108 | net_crit_ratelimited("bpf: recursion limit reached on datapath, buggy bpf program?\n"); |
| 2109 | kfree_skb(skb); | |
| 2110 | return -ENETDOWN; | |
| 2111 | } | |
| 2112 | ||
| 2113 | skb->dev = dev; | |
| de799101 | 2114 | skb_clear_tstamp(skb); |
| a70b506e | 2115 | |
| 97cdcf37 | 2116 | dev_xmit_recursion_inc(); |
| a70b506e | 2117 | ret = dev_queue_xmit(skb); |
| 97cdcf37 | 2118 | dev_xmit_recursion_dec(); |
| a70b506e DB |
2119 | |
| 2120 | return ret; | |
| 2121 | } | |
| 2122 | ||
| 4e3264d2 MKL |
2123 | static int __bpf_redirect_no_mac(struct sk_buff *skb, struct net_device *dev, |
| 2124 | u32 flags) | |
| 2125 | { | |
| e7c87bd6 | 2126 | unsigned int mlen = skb_network_offset(skb); |
| 4e3264d2 | 2127 | |
| 114039b3 SF |
2128 | if (unlikely(skb->len <= mlen)) { |
| 2129 | kfree_skb(skb); | |
| 2130 | return -ERANGE; | |
| 2131 | } | |
| 2132 | ||
| e7c87bd6 WB |
2133 | if (mlen) { |
| 2134 | __skb_pull(skb, mlen); | |
| 4e3264d2 | 2135 | |
| e7c87bd6 WB |
2136 | /* At ingress, the mac header has already been pulled once. |
| 2137 | * At egress, skb_pospull_rcsum has to be done in case that | |
| 2138 | * the skb is originated from ingress (i.e. a forwarded skb) | |
| 2139 | * to ensure that rcsum starts at net header. | |
| 2140 | */ | |
| 2141 | if (!skb_at_tc_ingress(skb)) | |
| 2142 | skb_postpull_rcsum(skb, skb_mac_header(skb), mlen); | |
| 2143 | } | |
| 4e3264d2 MKL |
2144 | skb_pop_mac_header(skb); |
| 2145 | skb_reset_mac_len(skb); | |
| 2146 | return flags & BPF_F_INGRESS ? | |
| 2147 | __bpf_rx_skb_no_mac(dev, skb) : __bpf_tx_skb(dev, skb); | |
| 2148 | } | |
| 2149 | ||
| 2150 | static int __bpf_redirect_common(struct sk_buff *skb, struct net_device *dev, | |
| 2151 | u32 flags) | |
| 2152 | { | |
| 3a0af8fd | 2153 | /* Verify that a link layer header is carried */ |
| 114039b3 | 2154 | if (unlikely(skb->mac_header >= skb->network_header || skb->len == 0)) { |
| 3a0af8fd TG |
2155 | kfree_skb(skb); |
| 2156 | return -ERANGE; | |
| 2157 | } | |
| 2158 | ||
| 4e3264d2 MKL |
2159 | bpf_push_mac_rcsum(skb); |
| 2160 | return flags & BPF_F_INGRESS ? | |
| 2161 | __bpf_rx_skb(dev, skb) : __bpf_tx_skb(dev, skb); | |
| 2162 | } | |
| 2163 | ||
| 2164 | static int __bpf_redirect(struct sk_buff *skb, struct net_device *dev, | |
| 2165 | u32 flags) | |
| 2166 | { | |
| c491680f | 2167 | if (dev_is_mac_header_xmit(dev)) |
| 4e3264d2 | 2168 | return __bpf_redirect_common(skb, dev, flags); |
| c491680f DB |
2169 | else |
| 2170 | return __bpf_redirect_no_mac(skb, dev, flags); | |
| 4e3264d2 MKL |
2171 | } |
| 2172 | ||
| b4ab3141 | 2173 | #if IS_ENABLED(CONFIG_IPV6) |
| ba452c9e THJ |
2174 | static int bpf_out_neigh_v6(struct net *net, struct sk_buff *skb, |
| 2175 | struct net_device *dev, struct bpf_nh_params *nh) | |
| b4ab3141 | 2176 | { |
| b4ab3141 DB |
2177 | u32 hh_len = LL_RESERVED_SPACE(dev); |
| 2178 | const struct in6_addr *nexthop; | |
| ba452c9e | 2179 | struct dst_entry *dst = NULL; |
| b4ab3141 DB |
2180 | struct neighbour *neigh; |
| 2181 | ||
| 2182 | if (dev_xmit_recursion()) { | |
| 2183 | net_crit_ratelimited("bpf: recursion limit reached on datapath, buggy bpf program?\n"); | |
| 2184 | goto out_drop; | |
| 2185 | } | |
| 2186 | ||
| 2187 | skb->dev = dev; | |
| de799101 | 2188 | skb_clear_tstamp(skb); |
| b4ab3141 DB |
2189 | |
| 2190 | if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) { | |
| a1e975e1 VA |
2191 | skb = skb_expand_head(skb, hh_len); |
| 2192 | if (!skb) | |
| b4ab3141 | 2193 | return -ENOMEM; |
| b4ab3141 DB |
2194 | } |
| 2195 | ||
| 2196 | rcu_read_lock_bh(); | |
| ba452c9e THJ |
2197 | if (!nh) { |
| 2198 | dst = skb_dst(skb); | |
| 2199 | nexthop = rt6_nexthop(container_of(dst, struct rt6_info, dst), | |
| 2200 | &ipv6_hdr(skb)->daddr); | |
| 2201 | } else { | |
| 2202 | nexthop = &nh->ipv6_nh; | |
| 2203 | } | |
| b4ab3141 DB |
2204 | neigh = ip_neigh_gw6(dev, nexthop); |
| 2205 | if (likely(!IS_ERR(neigh))) { | |
| 2206 | int ret; | |
| 2207 | ||
| 2208 | sock_confirm_neigh(skb, neigh); | |
| 2209 | dev_xmit_recursion_inc(); | |
| 2210 | ret = neigh_output(neigh, skb, false); | |
| 2211 | dev_xmit_recursion_dec(); | |
| 2212 | rcu_read_unlock_bh(); | |
| 2213 | return ret; | |
| 2214 | } | |
| 2215 | rcu_read_unlock_bh(); | |
| ba452c9e | 2216 | if (dst) |
| a1e975e1 | 2217 | IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES); |
| b4ab3141 DB |
2218 | out_drop: |
| 2219 | kfree_skb(skb); | |
| 2220 | return -ENETDOWN; | |
| 2221 | } | |
| 2222 | ||
| ba452c9e THJ |
2223 | static int __bpf_redirect_neigh_v6(struct sk_buff *skb, struct net_device *dev, |
| 2224 | struct bpf_nh_params *nh) | |
| b4ab3141 DB |
2225 | { |
| 2226 | const struct ipv6hdr *ip6h = ipv6_hdr(skb); | |
| 2227 | struct net *net = dev_net(dev); | |
| 2228 | int err, ret = NET_XMIT_DROP; | |
| b4ab3141 | 2229 | |
| ba452c9e THJ |
2230 | if (!nh) { |
| 2231 | struct dst_entry *dst; | |
| 2232 | struct flowi6 fl6 = { | |
| 2233 | .flowi6_flags = FLOWI_FLAG_ANYSRC, | |
| 2234 | .flowi6_mark = skb->mark, | |
| 2235 | .flowlabel = ip6_flowinfo(ip6h), | |
| 2236 | .flowi6_oif = dev->ifindex, | |
| 2237 | .flowi6_proto = ip6h->nexthdr, | |
| 2238 | .daddr = ip6h->daddr, | |
| 2239 | .saddr = ip6h->saddr, | |
| 2240 | }; | |
| 2241 | ||
| 2242 | dst = ipv6_stub->ipv6_dst_lookup_flow(net, NULL, &fl6, NULL); | |
| 2243 | if (IS_ERR(dst)) | |
| 2244 | goto out_drop; | |
| b4ab3141 | 2245 | |
| ba452c9e THJ |
2246 | skb_dst_set(skb, dst); |
| 2247 | } else if (nh->nh_family != AF_INET6) { | |
| 2248 | goto out_drop; | |
| 2249 | } | |
| b4ab3141 | 2250 | |
| ba452c9e | 2251 | err = bpf_out_neigh_v6(net, skb, dev, nh); |
| b4ab3141 DB |
2252 | if (unlikely(net_xmit_eval(err))) |
| 2253 | dev->stats.tx_errors++; | |
| 2254 | else | |
| 2255 | ret = NET_XMIT_SUCCESS; | |
| 2256 | goto out_xmit; | |
| 2257 | out_drop: | |
| 2258 | dev->stats.tx_errors++; | |
| 2259 | kfree_skb(skb); | |
| 2260 | out_xmit: | |
| 2261 | return ret; | |
| 2262 | } | |
| 2263 | #else | |
| ba452c9e THJ |
2264 | static int __bpf_redirect_neigh_v6(struct sk_buff *skb, struct net_device *dev, |
| 2265 | struct bpf_nh_params *nh) | |
| b4ab3141 DB |
2266 | { |
| 2267 | kfree_skb(skb); | |
| 2268 | return NET_XMIT_DROP; | |
| 2269 | } | |
| 2270 | #endif /* CONFIG_IPV6 */ | |
| 2271 | ||
| 2272 | #if IS_ENABLED(CONFIG_INET) | |
| ba452c9e THJ |
2273 | static int bpf_out_neigh_v4(struct net *net, struct sk_buff *skb, |
| 2274 | struct net_device *dev, struct bpf_nh_params *nh) | |
| b4ab3141 | 2275 | { |
| b4ab3141 DB |
2276 | u32 hh_len = LL_RESERVED_SPACE(dev); |
| 2277 | struct neighbour *neigh; | |
| 2278 | bool is_v6gw = false; | |
| 2279 | ||
| 2280 | if (dev_xmit_recursion()) { | |
| 2281 | net_crit_ratelimited("bpf: recursion limit reached on datapath, buggy bpf program?\n"); | |
| 2282 | goto out_drop; | |
| 2283 | } | |
| 2284 | ||
| 2285 | skb->dev = dev; | |
| de799101 | 2286 | skb_clear_tstamp(skb); |
| b4ab3141 DB |
2287 | |
| 2288 | if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) { | |
| a1e975e1 VA |
2289 | skb = skb_expand_head(skb, hh_len); |
| 2290 | if (!skb) | |
| b4ab3141 | 2291 | return -ENOMEM; |
| b4ab3141 DB |
2292 | } |
| 2293 | ||
| 2294 | rcu_read_lock_bh(); | |
| ba452c9e THJ |
2295 | if (!nh) { |
| 2296 | struct dst_entry *dst = skb_dst(skb); | |
| 2297 | struct rtable *rt = container_of(dst, struct rtable, dst); | |
| 2298 | ||
| 2299 | neigh = ip_neigh_for_gw(rt, skb, &is_v6gw); | |
| 2300 | } else if (nh->nh_family == AF_INET6) { | |
| 2301 | neigh = ip_neigh_gw6(dev, &nh->ipv6_nh); | |
| 2302 | is_v6gw = true; | |
| 2303 | } else if (nh->nh_family == AF_INET) { | |
| 2304 | neigh = ip_neigh_gw4(dev, nh->ipv4_nh); | |
| 2305 | } else { | |
| 2306 | rcu_read_unlock_bh(); | |
| 2307 | goto out_drop; | |
| 2308 | } | |
| 2309 | ||
| b4ab3141 DB |
2310 | if (likely(!IS_ERR(neigh))) { |
| 2311 | int ret; | |
| 2312 | ||
| 2313 | sock_confirm_neigh(skb, neigh); | |
| 2314 | dev_xmit_recursion_inc(); | |
| 2315 | ret = neigh_output(neigh, skb, is_v6gw); | |
| 2316 | dev_xmit_recursion_dec(); | |
| 2317 | rcu_read_unlock_bh(); | |
| 2318 | return ret; | |
| 2319 | } | |
| 2320 | rcu_read_unlock_bh(); | |
| 2321 | out_drop: | |
| 2322 | kfree_skb(skb); | |
| 2323 | return -ENETDOWN; | |
| 2324 | } | |
| 2325 | ||
| ba452c9e THJ |
2326 | static int __bpf_redirect_neigh_v4(struct sk_buff *skb, struct net_device *dev, |
| 2327 | struct bpf_nh_params *nh) | |
| b4ab3141 DB |
2328 | { |
| 2329 | const struct iphdr *ip4h = ip_hdr(skb); | |
| 2330 | struct net *net = dev_net(dev); | |
| 2331 | int err, ret = NET_XMIT_DROP; | |
| b4ab3141 | 2332 | |
| ba452c9e THJ |
2333 | if (!nh) { |
| 2334 | struct flowi4 fl4 = { | |
| 2335 | .flowi4_flags = FLOWI_FLAG_ANYSRC, | |
| 2336 | .flowi4_mark = skb->mark, | |
| 2337 | .flowi4_tos = RT_TOS(ip4h->tos), | |
| 2338 | .flowi4_oif = dev->ifindex, | |
| 2339 | .flowi4_proto = ip4h->protocol, | |
| 2340 | .daddr = ip4h->daddr, | |
| 2341 | .saddr = ip4h->saddr, | |
| 2342 | }; | |
| 2343 | struct rtable *rt; | |
| 2344 | ||
| 2345 | rt = ip_route_output_flow(net, &fl4, NULL); | |
| 2346 | if (IS_ERR(rt)) | |
| 2347 | goto out_drop; | |
| 2348 | if (rt->rt_type != RTN_UNICAST && rt->rt_type != RTN_LOCAL) { | |
| 2349 | ip_rt_put(rt); | |
| 2350 | goto out_drop; | |
| 2351 | } | |
| b4ab3141 | 2352 | |
| ba452c9e THJ |
2353 | skb_dst_set(skb, &rt->dst); |
| 2354 | } | |
| b4ab3141 | 2355 | |
| ba452c9e | 2356 | err = bpf_out_neigh_v4(net, skb, dev, nh); |
| b4ab3141 DB |
2357 | if (unlikely(net_xmit_eval(err))) |
| 2358 | dev->stats.tx_errors++; | |
| 2359 | else | |
| 2360 | ret = NET_XMIT_SUCCESS; | |
| 2361 | goto out_xmit; | |
| 2362 | out_drop: | |
| 2363 | dev->stats.tx_errors++; | |
| 2364 | kfree_skb(skb); | |
| 2365 | out_xmit: | |
| 2366 | return ret; | |
| 2367 | } | |
| 2368 | #else | |
| ba452c9e THJ |
2369 | static int __bpf_redirect_neigh_v4(struct sk_buff *skb, struct net_device *dev, |
| 2370 | struct bpf_nh_params *nh) | |
| b4ab3141 DB |
2371 | { |
| 2372 | kfree_skb(skb); | |
| 2373 | return NET_XMIT_DROP; | |
| 2374 | } | |
| 2375 | #endif /* CONFIG_INET */ | |
| 2376 | ||
| ba452c9e THJ |
2377 | static int __bpf_redirect_neigh(struct sk_buff *skb, struct net_device *dev, |
| 2378 | struct bpf_nh_params *nh) | |
| b4ab3141 DB |
2379 | { |
| 2380 | struct ethhdr *ethh = eth_hdr(skb); | |
| 2381 | ||
| 2382 | if (unlikely(skb->mac_header >= skb->network_header)) | |
| 2383 | goto out; | |
| 2384 | bpf_push_mac_rcsum(skb); | |
| 2385 | if (is_multicast_ether_addr(ethh->h_dest)) | |
| 2386 | goto out; | |
| 2387 | ||
| 2388 | skb_pull(skb, sizeof(*ethh)); | |
| 2389 | skb_unset_mac_header(skb); | |
| 2390 | skb_reset_network_header(skb); | |
| 2391 | ||
| 2392 | if (skb->protocol == htons(ETH_P_IP)) | |
| ba452c9e | 2393 | return __bpf_redirect_neigh_v4(skb, dev, nh); |
| b4ab3141 | 2394 | else if (skb->protocol == htons(ETH_P_IPV6)) |
| ba452c9e | 2395 | return __bpf_redirect_neigh_v6(skb, dev, nh); |
| b4ab3141 DB |
2396 | out: |
| 2397 | kfree_skb(skb); | |
| 2398 | return -ENOTSUPP; | |
| 2399 | } | |
| 2400 | ||
| 2401 | /* Internal, non-exposed redirect flags. */ | |
| 2402 | enum { | |
| 9aa1206e DB |
2403 | BPF_F_NEIGH = (1ULL << 1), |
| 2404 | BPF_F_PEER = (1ULL << 2), | |
| ba452c9e THJ |
2405 | BPF_F_NEXTHOP = (1ULL << 3), |
| 2406 | #define BPF_F_REDIRECT_INTERNAL (BPF_F_NEIGH | BPF_F_PEER | BPF_F_NEXTHOP) | |
| b4ab3141 DB |
2407 | }; |
| 2408 | ||
| f3694e00 | 2409 | BPF_CALL_3(bpf_clone_redirect, struct sk_buff *, skb, u32, ifindex, u64, flags) |
| 3896d655 | 2410 | { |
| 3896d655 | 2411 | struct net_device *dev; |
| 36bbef52 DB |
2412 | struct sk_buff *clone; |
| 2413 | int ret; | |
| 3896d655 | 2414 | |
| b4ab3141 | 2415 | if (unlikely(flags & (~(BPF_F_INGRESS) | BPF_F_REDIRECT_INTERNAL))) |
| 781c53bc DB |
2416 | return -EINVAL; |
| 2417 | ||
| 3896d655 AS |
2418 | dev = dev_get_by_index_rcu(dev_net(skb->dev), ifindex); |
| 2419 | if (unlikely(!dev)) | |
| 2420 | return -EINVAL; | |
| 2421 | ||
| 36bbef52 DB |
2422 | clone = skb_clone(skb, GFP_ATOMIC); |
| 2423 | if (unlikely(!clone)) | |
| 3896d655 AS |
2424 | return -ENOMEM; |
| 2425 | ||
| 36bbef52 DB |
2426 | /* For direct write, we need to keep the invariant that the skbs |
| 2427 | * we're dealing with need to be uncloned. Should uncloning fail | |
| 2428 | * here, we need to free the just generated clone to unclone once | |
| 2429 | * again. | |
| 2430 | */ | |
| 2431 | ret = bpf_try_make_head_writable(skb); | |
| 2432 | if (unlikely(ret)) { | |
| 2433 | kfree_skb(clone); | |
| 2434 | return -ENOMEM; | |
| 2435 | } | |
| 2436 | ||
| 4e3264d2 | 2437 | return __bpf_redirect(clone, dev, flags); |
| 3896d655 AS |
2438 | } |
| 2439 | ||
| 577c50aa | 2440 | static const struct bpf_func_proto bpf_clone_redirect_proto = { |
| 3896d655 AS |
2441 | .func = bpf_clone_redirect, |
| 2442 | .gpl_only = false, | |
| 2443 | .ret_type = RET_INTEGER, | |
| 2444 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2445 | .arg2_type = ARG_ANYTHING, | |
| 2446 | .arg3_type = ARG_ANYTHING, | |
| 2447 | }; | |
| 2448 | ||
| 0b19cc0a TM |
2449 | DEFINE_PER_CPU(struct bpf_redirect_info, bpf_redirect_info); |
| 2450 | EXPORT_PER_CPU_SYMBOL_GPL(bpf_redirect_info); | |
| 781c53bc | 2451 | |
| 27b29f63 AS |
2452 | int skb_do_redirect(struct sk_buff *skb) |
| 2453 | { | |
| 0b19cc0a | 2454 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); |
| 9aa1206e | 2455 | struct net *net = dev_net(skb->dev); |
| 27b29f63 | 2456 | struct net_device *dev; |
| b4ab3141 | 2457 | u32 flags = ri->flags; |
| 27b29f63 | 2458 | |
| 9aa1206e | 2459 | dev = dev_get_by_index_rcu(net, ri->tgt_index); |
| 4b55cf29 | 2460 | ri->tgt_index = 0; |
| 9aa1206e DB |
2461 | ri->flags = 0; |
| 2462 | if (unlikely(!dev)) | |
| 2463 | goto out_drop; | |
| 2464 | if (flags & BPF_F_PEER) { | |
| 2465 | const struct net_device_ops *ops = dev->netdev_ops; | |
| 2466 | ||
| 2467 | if (unlikely(!ops->ndo_get_peer_dev || | |
| 2468 | !skb_at_tc_ingress(skb))) | |
| 2469 | goto out_drop; | |
| 2470 | dev = ops->ndo_get_peer_dev(dev); | |
| 2471 | if (unlikely(!dev || | |
| 5f7d5728 | 2472 | !(dev->flags & IFF_UP) || |
| 9aa1206e DB |
2473 | net_eq(net, dev_net(dev)))) |
| 2474 | goto out_drop; | |
| 2475 | skb->dev = dev; | |
| 2476 | return -EAGAIN; | |
| 27b29f63 | 2477 | } |
| b4ab3141 | 2478 | return flags & BPF_F_NEIGH ? |
| ba452c9e THJ |
2479 | __bpf_redirect_neigh(skb, dev, flags & BPF_F_NEXTHOP ? |
| 2480 | &ri->nh : NULL) : | |
| b4ab3141 | 2481 | __bpf_redirect(skb, dev, flags); |
| 9aa1206e DB |
2482 | out_drop: |
| 2483 | kfree_skb(skb); | |
| 2484 | return -EINVAL; | |
| b4ab3141 DB |
2485 | } |
| 2486 | ||
| 2487 | BPF_CALL_2(bpf_redirect, u32, ifindex, u64, flags) | |
| 2488 | { | |
| 2489 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); | |
| 2490 | ||
| 2491 | if (unlikely(flags & (~(BPF_F_INGRESS) | BPF_F_REDIRECT_INTERNAL))) | |
| 2492 | return TC_ACT_SHOT; | |
| 2493 | ||
| 2494 | ri->flags = flags; | |
| 2495 | ri->tgt_index = ifindex; | |
| 2496 | ||
| 2497 | return TC_ACT_REDIRECT; | |
| 27b29f63 AS |
2498 | } |
| 2499 | ||
| 577c50aa | 2500 | static const struct bpf_func_proto bpf_redirect_proto = { |
| 27b29f63 AS |
2501 | .func = bpf_redirect, |
| 2502 | .gpl_only = false, | |
| 2503 | .ret_type = RET_INTEGER, | |
| 2504 | .arg1_type = ARG_ANYTHING, | |
| 2505 | .arg2_type = ARG_ANYTHING, | |
| 2506 | }; | |
| 2507 | ||
| 9aa1206e DB |
2508 | BPF_CALL_2(bpf_redirect_peer, u32, ifindex, u64, flags) |
| 2509 | { | |
| 2510 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); | |
| 2511 | ||
| 2512 | if (unlikely(flags)) | |
| 2513 | return TC_ACT_SHOT; | |
| 2514 | ||
| 2515 | ri->flags = BPF_F_PEER; | |
| 2516 | ri->tgt_index = ifindex; | |
| 2517 | ||
| 2518 | return TC_ACT_REDIRECT; | |
| 2519 | } | |
| 2520 | ||
| 2521 | static const struct bpf_func_proto bpf_redirect_peer_proto = { | |
| 2522 | .func = bpf_redirect_peer, | |
| 2523 | .gpl_only = false, | |
| 2524 | .ret_type = RET_INTEGER, | |
| 2525 | .arg1_type = ARG_ANYTHING, | |
| 2526 | .arg2_type = ARG_ANYTHING, | |
| 2527 | }; | |
| 2528 | ||
| ba452c9e THJ |
2529 | BPF_CALL_4(bpf_redirect_neigh, u32, ifindex, struct bpf_redir_neigh *, params, |
| 2530 | int, plen, u64, flags) | |
| b4ab3141 DB |
2531 | { |
| 2532 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); | |
| 2533 | ||
| ba452c9e | 2534 | if (unlikely((plen && plen < sizeof(*params)) || flags)) |
| b4ab3141 DB |
2535 | return TC_ACT_SHOT; |
| 2536 | ||
| ba452c9e | 2537 | ri->flags = BPF_F_NEIGH | (plen ? BPF_F_NEXTHOP : 0); |
| b4ab3141 DB |
2538 | ri->tgt_index = ifindex; |
| 2539 | ||
| ba452c9e THJ |
2540 | BUILD_BUG_ON(sizeof(struct bpf_redir_neigh) != sizeof(struct bpf_nh_params)); |
| 2541 | if (plen) | |
| 2542 | memcpy(&ri->nh, params, sizeof(ri->nh)); | |
| 2543 | ||
| b4ab3141 DB |
2544 | return TC_ACT_REDIRECT; |
| 2545 | } | |
| 2546 | ||
| 2547 | static const struct bpf_func_proto bpf_redirect_neigh_proto = { | |
| 2548 | .func = bpf_redirect_neigh, | |
| 2549 | .gpl_only = false, | |
| 2550 | .ret_type = RET_INTEGER, | |
| 2551 | .arg1_type = ARG_ANYTHING, | |
| 216e3cd2 | 2552 | .arg2_type = ARG_PTR_TO_MEM | PTR_MAYBE_NULL | MEM_RDONLY, |
| ba452c9e THJ |
2553 | .arg3_type = ARG_CONST_SIZE_OR_ZERO, |
| 2554 | .arg4_type = ARG_ANYTHING, | |
| b4ab3141 DB |
2555 | }; |
| 2556 | ||
| 604326b4 | 2557 | BPF_CALL_2(bpf_msg_apply_bytes, struct sk_msg *, msg, u32, bytes) |
| 2a100317 JF |
2558 | { |
| 2559 | msg->apply_bytes = bytes; | |
| 2560 | return 0; | |
| 2561 | } | |
| 2562 | ||
| 2563 | static const struct bpf_func_proto bpf_msg_apply_bytes_proto = { | |
| 2564 | .func = bpf_msg_apply_bytes, | |
| 2565 | .gpl_only = false, | |
| 2566 | .ret_type = RET_INTEGER, | |
| 2567 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2568 | .arg2_type = ARG_ANYTHING, | |
| 2569 | }; | |
| 2570 | ||
| 604326b4 | 2571 | BPF_CALL_2(bpf_msg_cork_bytes, struct sk_msg *, msg, u32, bytes) |
| 91843d54 JF |
2572 | { |
| 2573 | msg->cork_bytes = bytes; | |
| 2574 | return 0; | |
| 2575 | } | |
| 2576 | ||
| 2577 | static const struct bpf_func_proto bpf_msg_cork_bytes_proto = { | |
| 2578 | .func = bpf_msg_cork_bytes, | |
| 2579 | .gpl_only = false, | |
| 2580 | .ret_type = RET_INTEGER, | |
| 2581 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2582 | .arg2_type = ARG_ANYTHING, | |
| 2583 | }; | |
| 2584 | ||
| 604326b4 DB |
2585 | BPF_CALL_4(bpf_msg_pull_data, struct sk_msg *, msg, u32, start, |
| 2586 | u32, end, u64, flags) | |
| 015632bb | 2587 | { |
| 604326b4 DB |
2588 | u32 len = 0, offset = 0, copy = 0, poffset = 0, bytes = end - start; |
| 2589 | u32 first_sge, last_sge, i, shift, bytes_sg_total; | |
| 2590 | struct scatterlist *sge; | |
| 2591 | u8 *raw, *to, *from; | |
| 015632bb JF |
2592 | struct page *page; |
| 2593 | ||
| 2594 | if (unlikely(flags || end <= start)) | |
| 2595 | return -EINVAL; | |
| 2596 | ||
| 2597 | /* First find the starting scatterlist element */ | |
| 604326b4 | 2598 | i = msg->sg.start; |
| 015632bb | 2599 | do { |
| 6562e29c | 2600 | offset += len; |
| 604326b4 | 2601 | len = sk_msg_elem(msg, i)->length; |
| 015632bb JF |
2602 | if (start < offset + len) |
| 2603 | break; | |
| 604326b4 DB |
2604 | sk_msg_iter_var_next(i); |
| 2605 | } while (i != msg->sg.end); | |
| 015632bb JF |
2606 | |
| 2607 | if (unlikely(start >= offset + len)) | |
| 2608 | return -EINVAL; | |
| 2609 | ||
| 604326b4 | 2610 | first_sge = i; |
| 5b24109b DB |
2611 | /* The start may point into the sg element so we need to also |
| 2612 | * account for the headroom. | |
| 2613 | */ | |
| 2614 | bytes_sg_total = start - offset + bytes; | |
| 5a8fb33e | 2615 | if (!test_bit(i, msg->sg.copy) && bytes_sg_total <= len) |
| 015632bb | 2616 | goto out; |
| 015632bb JF |
2617 | |
| 2618 | /* At this point we need to linearize multiple scatterlist | |
| 2619 | * elements or a single shared page. Either way we need to | |
| 2620 | * copy into a linear buffer exclusively owned by BPF. Then | |
| 2621 | * place the buffer in the scatterlist and fixup the original | |
| 2622 | * entries by removing the entries now in the linear buffer | |
| 2623 | * and shifting the remaining entries. For now we do not try | |
| 2624 | * to copy partial entries to avoid complexity of running out | |
| 2625 | * of sg_entry slots. The downside is reading a single byte | |
| 2626 | * will copy the entire sg entry. | |
| 2627 | */ | |
| 2628 | do { | |
| 604326b4 DB |
2629 | copy += sk_msg_elem(msg, i)->length; |
| 2630 | sk_msg_iter_var_next(i); | |
| 5b24109b | 2631 | if (bytes_sg_total <= copy) |
| 015632bb | 2632 | break; |
| 604326b4 DB |
2633 | } while (i != msg->sg.end); |
| 2634 | last_sge = i; | |
| 015632bb | 2635 | |
| 5b24109b | 2636 | if (unlikely(bytes_sg_total > copy)) |
| 015632bb JF |
2637 | return -EINVAL; |
| 2638 | ||
| 4c3d795c TD |
2639 | page = alloc_pages(__GFP_NOWARN | GFP_ATOMIC | __GFP_COMP, |
| 2640 | get_order(copy)); | |
| 015632bb JF |
2641 | if (unlikely(!page)) |
| 2642 | return -ENOMEM; | |
| 015632bb | 2643 | |
| 604326b4 DB |
2644 | raw = page_address(page); |
| 2645 | i = first_sge; | |
| 015632bb | 2646 | do { |
| 604326b4 DB |
2647 | sge = sk_msg_elem(msg, i); |
| 2648 | from = sg_virt(sge); | |
| 2649 | len = sge->length; | |
| 2650 | to = raw + poffset; | |
| 015632bb JF |
2651 | |
| 2652 | memcpy(to, from, len); | |
| 9db39f4d | 2653 | poffset += len; |
| 604326b4 DB |
2654 | sge->length = 0; |
| 2655 | put_page(sg_page(sge)); | |
| 015632bb | 2656 | |
| 604326b4 DB |
2657 | sk_msg_iter_var_next(i); |
| 2658 | } while (i != last_sge); | |
| 015632bb | 2659 | |
| 604326b4 | 2660 | sg_set_page(&msg->sg.data[first_sge], page, copy, 0); |
| 015632bb JF |
2661 | |
| 2662 | /* To repair sg ring we need to shift entries. If we only | |
| 2663 | * had a single entry though we can just replace it and | |
| 2664 | * be done. Otherwise walk the ring and shift the entries. | |
| 2665 | */ | |
| 604326b4 DB |
2666 | WARN_ON_ONCE(last_sge == first_sge); |
| 2667 | shift = last_sge > first_sge ? | |
| 2668 | last_sge - first_sge - 1 : | |
| 031097d9 | 2669 | NR_MSG_FRAG_IDS - first_sge + last_sge - 1; |
| 015632bb JF |
2670 | if (!shift) |
| 2671 | goto out; | |
| 2672 | ||
| 604326b4 DB |
2673 | i = first_sge; |
| 2674 | sk_msg_iter_var_next(i); | |
| 015632bb | 2675 | do { |
| 604326b4 | 2676 | u32 move_from; |
| 015632bb | 2677 | |
| 031097d9 JK |
2678 | if (i + shift >= NR_MSG_FRAG_IDS) |
| 2679 | move_from = i + shift - NR_MSG_FRAG_IDS; | |
| 015632bb JF |
2680 | else |
| 2681 | move_from = i + shift; | |
| 604326b4 | 2682 | if (move_from == msg->sg.end) |
| 015632bb JF |
2683 | break; |
| 2684 | ||
| 604326b4 DB |
2685 | msg->sg.data[i] = msg->sg.data[move_from]; |
| 2686 | msg->sg.data[move_from].length = 0; | |
| 2687 | msg->sg.data[move_from].page_link = 0; | |
| 2688 | msg->sg.data[move_from].offset = 0; | |
| 2689 | sk_msg_iter_var_next(i); | |
| 015632bb | 2690 | } while (1); |
| 604326b4 DB |
2691 | |
| 2692 | msg->sg.end = msg->sg.end - shift > msg->sg.end ? | |
| 031097d9 | 2693 | msg->sg.end - shift + NR_MSG_FRAG_IDS : |
| 604326b4 | 2694 | msg->sg.end - shift; |
| 015632bb | 2695 | out: |
| 604326b4 | 2696 | msg->data = sg_virt(&msg->sg.data[first_sge]) + start - offset; |
| 015632bb | 2697 | msg->data_end = msg->data + bytes; |
| 015632bb JF |
2698 | return 0; |
| 2699 | } | |
| 2700 | ||
| 2701 | static const struct bpf_func_proto bpf_msg_pull_data_proto = { | |
| 2702 | .func = bpf_msg_pull_data, | |
| 2703 | .gpl_only = false, | |
| 2704 | .ret_type = RET_INTEGER, | |
| 2705 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2706 | .arg2_type = ARG_ANYTHING, | |
| 2707 | .arg3_type = ARG_ANYTHING, | |
| 2708 | .arg4_type = ARG_ANYTHING, | |
| 2709 | }; | |
| 2710 | ||
| 6fff607e JF |
2711 | BPF_CALL_4(bpf_msg_push_data, struct sk_msg *, msg, u32, start, |
| 2712 | u32, len, u64, flags) | |
| 2713 | { | |
| 2714 | struct scatterlist sge, nsge, nnsge, rsge = {0}, *psge; | |
| 6562e29c | 2715 | u32 new, i = 0, l = 0, space, copy = 0, offset = 0; |
| 6fff607e JF |
2716 | u8 *raw, *to, *from; |
| 2717 | struct page *page; | |
| 2718 | ||
| 2719 | if (unlikely(flags)) | |
| 2720 | return -EINVAL; | |
| 2721 | ||
| 4a11678f FM |
2722 | if (unlikely(len == 0)) |
| 2723 | return 0; | |
| 2724 | ||
| 6fff607e JF |
2725 | /* First find the starting scatterlist element */ |
| 2726 | i = msg->sg.start; | |
| 2727 | do { | |
| 6562e29c | 2728 | offset += l; |
| 6fff607e JF |
2729 | l = sk_msg_elem(msg, i)->length; |
| 2730 | ||
| 2731 | if (start < offset + l) | |
| 2732 | break; | |
| 6fff607e JF |
2733 | sk_msg_iter_var_next(i); |
| 2734 | } while (i != msg->sg.end); | |
| 2735 | ||
| 2736 | if (start >= offset + l) | |
| 2737 | return -EINVAL; | |
| 2738 | ||
| 2739 | space = MAX_MSG_FRAGS - sk_msg_elem_used(msg); | |
| 2740 | ||
| 2741 | /* If no space available will fallback to copy, we need at | |
| 2742 | * least one scatterlist elem available to push data into | |
| 2743 | * when start aligns to the beginning of an element or two | |
| 2744 | * when it falls inside an element. We handle the start equals | |
| 2745 | * offset case because its the common case for inserting a | |
| 2746 | * header. | |
| 2747 | */ | |
| 2748 | if (!space || (space == 1 && start != offset)) | |
| 2749 | copy = msg->sg.data[i].length; | |
| 2750 | ||
| 2751 | page = alloc_pages(__GFP_NOWARN | GFP_ATOMIC | __GFP_COMP, | |
| 2752 | get_order(copy + len)); | |
| 2753 | if (unlikely(!page)) | |
| 2754 | return -ENOMEM; | |
| 2755 | ||
| 2756 | if (copy) { | |
| 2757 | int front, back; | |
| 2758 | ||
| 2759 | raw = page_address(page); | |
| 2760 | ||
| 2761 | psge = sk_msg_elem(msg, i); | |
| 2762 | front = start - offset; | |
| 2763 | back = psge->length - front; | |
| 2764 | from = sg_virt(psge); | |
| 2765 | ||
| 2766 | if (front) | |
| 2767 | memcpy(raw, from, front); | |
| 2768 | ||
| 2769 | if (back) { | |
| 2770 | from += front; | |
| 2771 | to = raw + front + len; | |
| 2772 | ||
| 2773 | memcpy(to, from, back); | |
| 2774 | } | |
| 2775 | ||
| 2776 | put_page(sg_page(psge)); | |
| 2777 | } else if (start - offset) { | |
| 2778 | psge = sk_msg_elem(msg, i); | |
| 2779 | rsge = sk_msg_elem_cpy(msg, i); | |
| 2780 | ||
| 2781 | psge->length = start - offset; | |
| 2782 | rsge.length -= psge->length; | |
| 2783 | rsge.offset += start; | |
| 2784 | ||
| 2785 | sk_msg_iter_var_next(i); | |
| 2786 | sg_unmark_end(psge); | |
| cf21e9ba | 2787 | sg_unmark_end(&rsge); |
| 6fff607e JF |
2788 | sk_msg_iter_next(msg, end); |
| 2789 | } | |
| 2790 | ||
| 2791 | /* Slot(s) to place newly allocated data */ | |
| 2792 | new = i; | |
| 2793 | ||
| 2794 | /* Shift one or two slots as needed */ | |
| 2795 | if (!copy) { | |
| 2796 | sge = sk_msg_elem_cpy(msg, i); | |
| 2797 | ||
| 2798 | sk_msg_iter_var_next(i); | |
| 2799 | sg_unmark_end(&sge); | |
| 2800 | sk_msg_iter_next(msg, end); | |
| 2801 | ||
| 2802 | nsge = sk_msg_elem_cpy(msg, i); | |
| 2803 | if (rsge.length) { | |
| 2804 | sk_msg_iter_var_next(i); | |
| 2805 | nnsge = sk_msg_elem_cpy(msg, i); | |
| 2806 | } | |
| 2807 | ||
| 2808 | while (i != msg->sg.end) { | |
| 2809 | msg->sg.data[i] = sge; | |
| 2810 | sge = nsge; | |
| 2811 | sk_msg_iter_var_next(i); | |
| 2812 | if (rsge.length) { | |
| 2813 | nsge = nnsge; | |
| 2814 | nnsge = sk_msg_elem_cpy(msg, i); | |
| 2815 | } else { | |
| 2816 | nsge = sk_msg_elem_cpy(msg, i); | |
| 2817 | } | |
| 2818 | } | |
| 2819 | } | |
| 2820 | ||
| 2821 | /* Place newly allocated data buffer */ | |
| 2822 | sk_mem_charge(msg->sk, len); | |
| 2823 | msg->sg.size += len; | |
| 5a8fb33e | 2824 | __clear_bit(new, msg->sg.copy); |
| 6fff607e JF |
2825 | sg_set_page(&msg->sg.data[new], page, len + copy, 0); |
| 2826 | if (rsge.length) { | |
| 2827 | get_page(sg_page(&rsge)); | |
| 2828 | sk_msg_iter_var_next(new); | |
| 2829 | msg->sg.data[new] = rsge; | |
| 2830 | } | |
| 2831 | ||
| 2832 | sk_msg_compute_data_pointers(msg); | |
| 2833 | return 0; | |
| 2834 | } | |
| 2835 | ||
| 2836 | static const struct bpf_func_proto bpf_msg_push_data_proto = { | |
| 2837 | .func = bpf_msg_push_data, | |
| 2838 | .gpl_only = false, | |
| 2839 | .ret_type = RET_INTEGER, | |
| 2840 | .arg1_type = ARG_PTR_TO_CTX, | |
| 2841 | .arg2_type = ARG_ANYTHING, | |
| 2842 | .arg3_type = ARG_ANYTHING, | |
| 2843 | .arg4_type = ARG_ANYTHING, | |
| 2844 | }; | |
| 2845 | ||
| 7246d8ed JF |
2846 | static void sk_msg_shift_left(struct sk_msg *msg, int i) |
| 2847 | { | |
| 2848 | int prev; | |
| 2849 | ||
| 2850 | do { | |
| 2851 | prev = i; | |
| 2852 | sk_msg_iter_var_next(i); | |
| 2853 | msg->sg.data[prev] = msg->sg.data[i]; | |
| 2854 | } while (i != msg->sg.end); | |
| 2855 | ||
| 2856 | sk_msg_iter_prev(msg, end); | |
| 2857 | } | |
| 2858 | ||
| 2859 | static void sk_msg_shift_right(struct sk_msg *msg, int i) | |
| 2860 | { | |
| 2861 | struct scatterlist tmp, sge; | |
| 2862 | ||
| 2863 | sk_msg_iter_next(msg, end); | |
| 2864 | sge = sk_msg_elem_cpy(msg, i); | |
| 2865 | sk_msg_iter_var_next(i); | |
| 2866 | tmp = sk_msg_elem_cpy(msg, i); | |
| 2867 | ||
| 2868 | while (i != msg->sg.end) { | |
| 2869 | msg->sg.data[i] = sge; | |
| 2870 | sk_msg_iter_var_next(i); | |
| 2871 | sge = tmp; | |
| 2872 | tmp = sk_msg_elem_cpy(msg, i); | |
| 2873 | } | |
| 2874 | } | |
| 2875 | ||
| 2876 | BPF_CALL_4(bpf_msg_pop_data, struct sk_msg *, msg, u32, start, | |
| 2877 | u32, len, u64, flags) | |
| 2878 | { | |
| 6562e29c | 2879 | u32 i = 0, l = 0, space, offset = 0; |
| 7246d8ed JF |
2880 | u64 last = start + len; |
| 2881 | int pop; | |
| 2882 | ||
| 2883 | if (unlikely(flags)) | |
| 2884 | return -EINVAL; | |
| 2885 | ||
| 2886 | /* First find the starting scatterlist element */ | |
| 2887 | i = msg->sg.start; | |
| 2888 | do { | |
| 6562e29c | 2889 | offset += l; |
| 7246d8ed JF |
2890 | l = sk_msg_elem(msg, i)->length; |
| 2891 | ||
| 2892 | if (start < offset + l) | |
| 2893 | break; | |
| 7246d8ed JF |
2894 | sk_msg_iter_var_next(i); |
| 2895 | } while (i != msg->sg.end); | |
| 2896 | ||
| 2897 | /* Bounds checks: start and pop must be inside message */ | |
| 2898 | if (start >= offset + l || last >= msg->sg.size) | |
| 2899 | return -EINVAL; | |
| 2900 | ||
| 2901 | space = MAX_MSG_FRAGS - sk_msg_elem_used(msg); | |
| 2902 | ||
| 2903 | pop = len; | |
| 2904 | /* --------------| offset | |
| 2905 | * -| start |-------- len -------| | |
| 2906 | * | |
| 2907 | * |----- a ----|-------- pop -------|----- b ----| | |
| 2908 | * |______________________________________________| length | |
| 2909 | * | |
| 2910 | * | |
| 2911 | * a: region at front of scatter element to save | |
| 2912 | * b: region at back of scatter element to save when length > A + pop | |
| 2913 | * pop: region to pop from element, same as input 'pop' here will be | |
| 2914 | * decremented below per iteration. | |
| 2915 | * | |
| 2916 | * Two top-level cases to handle when start != offset, first B is non | |
| 2917 | * zero and second B is zero corresponding to when a pop includes more | |
| 2918 | * than one element. | |
| 2919 | * | |
| 2920 | * Then if B is non-zero AND there is no space allocate space and | |
| 2921 | * compact A, B regions into page. If there is space shift ring to | |
| 2922 | * the rigth free'ing the next element in ring to place B, leaving | |
| 2923 | * A untouched except to reduce length. | |
| 2924 | */ | |
| 2925 | if (start != offset) { | |
| 2926 | struct scatterlist *nsge, *sge = sk_msg_elem(msg, i); | |
| 2927 | int a = start; | |
| 2928 | int b = sge->length - pop - a; | |
| 2929 | ||
| 2930 | sk_msg_iter_var_next(i); | |
| 2931 | ||
| 2932 | if (pop < sge->length - a) { | |
| 2933 | if (space) { | |
| 2934 | sge->length = a; | |
| 2935 | sk_msg_shift_right(msg, i); | |
| 2936 | nsge = sk_msg_elem(msg, i); | |
| 2937 | get_page(sg_page(sge)); | |
| 2938 | sg_set_page(nsge, | |
| 2939 | sg_page(sge), | |
| 2940 | b, sge->offset + pop + a); | |
| 2941 | } else { | |
| 2942 | struct page *page, *orig; | |
| 2943 | u8 *to, *from; | |
| 2944 | ||
| 2945 | page = alloc_pages(__GFP_NOWARN | | |
| 2946 | __GFP_COMP | GFP_ATOMIC, | |
| 2947 | get_order(a + b)); | |
| 2948 | if (unlikely(!page)) | |
| 2949 | return -ENOMEM; | |
| 2950 | ||
| 2951 | sge->length = a; | |
| 2952 | orig = sg_page(sge); | |
| 2953 | from = sg_virt(sge); | |
| 2954 | to = page_address(page); | |
| 2955 | memcpy(to, from, a); | |
| 2956 | memcpy(to + a, from + a + pop, b); | |
| 2957 | sg_set_page(sge, page, a + b, 0); | |
| 2958 | put_page(orig); | |
| 2959 | } | |
| 2960 | pop = 0; | |
| 2961 | } else if (pop >= sge->length - a) { | |
| 7246d8ed | 2962 | pop -= (sge->length - a); |
| 3e104c23 | 2963 | sge->length = a; |
| 7246d8ed JF |
2964 | } |
| 2965 | } | |
| 2966 | ||
| 2967 | /* From above the current layout _must_ be as follows, | |
| 2968 | * | |
| 2969 | * -| offset | |
| 2970 | * -| start | |
| 2971 | * | |
| 2972 | * |---- pop ---|---------------- b ------------| | |
| 2973 | * |____________________________________________| length | |
| 2974 | * | |
| 2975 | * Offset and start of the current msg elem are equal because in the | |
| 2976 | * previous case we handled offset != start and either consumed the | |
| 2977 | * entire element and advanced to the next element OR pop == 0. | |
| 2978 | * | |
| 2979 | * Two cases to handle here are first pop is less than the length | |
| 2980 | * leaving some remainder b above. Simply adjust the element's layout | |
| 2981 | * in this case. Or pop >= length of the element so that b = 0. In this | |
| 2982 | * case advance to next element decrementing pop. | |
| 2983 | */ | |
| 2984 | while (pop) { | |
| 2985 | struct scatterlist *sge = sk_msg_elem(msg, i); | |
| 2986 | ||
| 2987 | if (pop < sge->length) { | |
| 2988 | sge->length -= pop; | |
| 2989 | sge->offset += pop; | |
| 2990 | pop = 0; | |
| 2991 | } else { | |
| 2992 | pop -= sge->length; | |
| 2993 | sk_msg_shift_left(msg, i); | |
| 2994 | } | |
| 2995 | sk_msg_iter_var_next(i); | |
| 2996 | } | |
| 2997 | ||
| 2998 | sk_mem_uncharge(msg->sk, len - pop); | |
| 2999 | msg->sg.size -= (len - pop); | |
| 3000 | sk_msg_compute_data_pointers(msg); | |
| 3001 | return 0; | |
| 3002 | } | |
| 3003 | ||
| 3004 | static const struct bpf_func_proto bpf_msg_pop_data_proto = { | |
| 3005 | .func = bpf_msg_pop_data, | |
| 3006 | .gpl_only = false, | |
| 3007 | .ret_type = RET_INTEGER, | |
| 3008 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3009 | .arg2_type = ARG_ANYTHING, | |
| 3010 | .arg3_type = ARG_ANYTHING, | |
| 3011 | .arg4_type = ARG_ANYTHING, | |
| 3012 | }; | |
| 3013 | ||
| 5a52ae4e DB |
3014 | #ifdef CONFIG_CGROUP_NET_CLASSID |
| 3015 | BPF_CALL_0(bpf_get_cgroup_classid_curr) | |
| 3016 | { | |
| 3017 | return __task_get_classid(current); | |
| 3018 | } | |
| 3019 | ||
| bed89185 | 3020 | const struct bpf_func_proto bpf_get_cgroup_classid_curr_proto = { |
| 5a52ae4e DB |
3021 | .func = bpf_get_cgroup_classid_curr, |
| 3022 | .gpl_only = false, | |
| 3023 | .ret_type = RET_INTEGER, | |
| 3024 | }; | |
| b426ce83 DB |
3025 | |
| 3026 | BPF_CALL_1(bpf_skb_cgroup_classid, const struct sk_buff *, skb) | |
| 3027 | { | |
| 3028 | struct sock *sk = skb_to_full_sk(skb); | |
| 3029 | ||
| 3030 | if (!sk || !sk_fullsock(sk)) | |
| 3031 | return 0; | |
| 3032 | ||
| 3033 | return sock_cgroup_classid(&sk->sk_cgrp_data); | |
| 3034 | } | |
| 3035 | ||
| 3036 | static const struct bpf_func_proto bpf_skb_cgroup_classid_proto = { | |
| 3037 | .func = bpf_skb_cgroup_classid, | |
| 3038 | .gpl_only = false, | |
| 3039 | .ret_type = RET_INTEGER, | |
| 3040 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3041 | }; | |
| 5a52ae4e DB |
3042 | #endif |
| 3043 | ||
| f3694e00 | 3044 | BPF_CALL_1(bpf_get_cgroup_classid, const struct sk_buff *, skb) |
| 8d20aabe | 3045 | { |
| f3694e00 | 3046 | return task_get_classid(skb); |
| 8d20aabe DB |
3047 | } |
| 3048 | ||
| 3049 | static const struct bpf_func_proto bpf_get_cgroup_classid_proto = { | |
| 3050 | .func = bpf_get_cgroup_classid, | |
| 3051 | .gpl_only = false, | |
| 3052 | .ret_type = RET_INTEGER, | |
| 3053 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3054 | }; | |
| 3055 | ||
| f3694e00 | 3056 | BPF_CALL_1(bpf_get_route_realm, const struct sk_buff *, skb) |
| c46646d0 | 3057 | { |
| f3694e00 | 3058 | return dst_tclassid(skb); |
| c46646d0 DB |
3059 | } |
| 3060 | ||
| 3061 | static const struct bpf_func_proto bpf_get_route_realm_proto = { | |
| 3062 | .func = bpf_get_route_realm, | |
| 3063 | .gpl_only = false, | |
| 3064 | .ret_type = RET_INTEGER, | |
| 3065 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3066 | }; | |
| 3067 | ||
| f3694e00 | 3068 | BPF_CALL_1(bpf_get_hash_recalc, struct sk_buff *, skb) |
| 13c5c240 DB |
3069 | { |
| 3070 | /* If skb_clear_hash() was called due to mangling, we can | |
| 3071 | * trigger SW recalculation here. Later access to hash | |
| 3072 | * can then use the inline skb->hash via context directly | |
| 3073 | * instead of calling this helper again. | |
| 3074 | */ | |
| f3694e00 | 3075 | return skb_get_hash(skb); |
| 13c5c240 DB |
3076 | } |
| 3077 | ||
| 3078 | static const struct bpf_func_proto bpf_get_hash_recalc_proto = { | |
| 3079 | .func = bpf_get_hash_recalc, | |
| 3080 | .gpl_only = false, | |
| 3081 | .ret_type = RET_INTEGER, | |
| 3082 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3083 | }; | |
| 3084 | ||
| 7a4b28c6 DB |
3085 | BPF_CALL_1(bpf_set_hash_invalid, struct sk_buff *, skb) |
| 3086 | { | |
| 3087 | /* After all direct packet write, this can be used once for | |
| 3088 | * triggering a lazy recalc on next skb_get_hash() invocation. | |
| 3089 | */ | |
| 3090 | skb_clear_hash(skb); | |
| 3091 | return 0; | |
| 3092 | } | |
| 3093 | ||
| 3094 | static const struct bpf_func_proto bpf_set_hash_invalid_proto = { | |
| 3095 | .func = bpf_set_hash_invalid, | |
| 3096 | .gpl_only = false, | |
| 3097 | .ret_type = RET_INTEGER, | |
| 3098 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3099 | }; | |
| 3100 | ||
| ded092cd DB |
3101 | BPF_CALL_2(bpf_set_hash, struct sk_buff *, skb, u32, hash) |
| 3102 | { | |
| 3103 | /* Set user specified hash as L4(+), so that it gets returned | |
| 3104 | * on skb_get_hash() call unless BPF prog later on triggers a | |
| 3105 | * skb_clear_hash(). | |
| 3106 | */ | |
| 3107 | __skb_set_sw_hash(skb, hash, true); | |
| 3108 | return 0; | |
| 3109 | } | |
| 3110 | ||
| 3111 | static const struct bpf_func_proto bpf_set_hash_proto = { | |
| 3112 | .func = bpf_set_hash, | |
| 3113 | .gpl_only = false, | |
| 3114 | .ret_type = RET_INTEGER, | |
| 3115 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3116 | .arg2_type = ARG_ANYTHING, | |
| 3117 | }; | |
| 3118 | ||
| f3694e00 DB |
3119 | BPF_CALL_3(bpf_skb_vlan_push, struct sk_buff *, skb, __be16, vlan_proto, |
| 3120 | u16, vlan_tci) | |
| 4e10df9a | 3121 | { |
| db58ba45 | 3122 | int ret; |
| 4e10df9a AS |
3123 | |
| 3124 | if (unlikely(vlan_proto != htons(ETH_P_8021Q) && | |
| 3125 | vlan_proto != htons(ETH_P_8021AD))) | |
| 3126 | vlan_proto = htons(ETH_P_8021Q); | |
| 3127 | ||
| 8065694e | 3128 | bpf_push_mac_rcsum(skb); |
| db58ba45 | 3129 | ret = skb_vlan_push(skb, vlan_proto, vlan_tci); |
| 8065694e DB |
3130 | bpf_pull_mac_rcsum(skb); |
| 3131 | ||
| 6aaae2b6 | 3132 | bpf_compute_data_pointers(skb); |
| db58ba45 | 3133 | return ret; |
| 4e10df9a AS |
3134 | } |
| 3135 | ||
| 93731ef0 | 3136 | static const struct bpf_func_proto bpf_skb_vlan_push_proto = { |
| 4e10df9a AS |
3137 | .func = bpf_skb_vlan_push, |
| 3138 | .gpl_only = false, | |
| 3139 | .ret_type = RET_INTEGER, | |
| 3140 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3141 | .arg2_type = ARG_ANYTHING, | |
| 3142 | .arg3_type = ARG_ANYTHING, | |
| 3143 | }; | |
| 3144 | ||
| f3694e00 | 3145 | BPF_CALL_1(bpf_skb_vlan_pop, struct sk_buff *, skb) |
| 4e10df9a | 3146 | { |
| db58ba45 | 3147 | int ret; |
| 4e10df9a | 3148 | |
| 8065694e | 3149 | bpf_push_mac_rcsum(skb); |
| db58ba45 | 3150 | ret = skb_vlan_pop(skb); |
| 8065694e DB |
3151 | bpf_pull_mac_rcsum(skb); |
| 3152 | ||
| 6aaae2b6 | 3153 | bpf_compute_data_pointers(skb); |
| db58ba45 | 3154 | return ret; |
| 4e10df9a AS |
3155 | } |
| 3156 | ||
| 93731ef0 | 3157 | static const struct bpf_func_proto bpf_skb_vlan_pop_proto = { |
| 4e10df9a AS |
3158 | .func = bpf_skb_vlan_pop, |
| 3159 | .gpl_only = false, | |
| 3160 | .ret_type = RET_INTEGER, | |
| 3161 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3162 | }; | |
| 3163 | ||
| 6578171a DB |
3164 | static int bpf_skb_generic_push(struct sk_buff *skb, u32 off, u32 len) |
| 3165 | { | |
| 3166 | /* Caller already did skb_cow() with len as headroom, | |
| 3167 | * so no need to do it here. | |
| 3168 | */ | |
| 3169 | skb_push(skb, len); | |
| 3170 | memmove(skb->data, skb->data + len, off); | |
| 3171 | memset(skb->data + off, 0, len); | |
| 3172 | ||
| 3173 | /* No skb_postpush_rcsum(skb, skb->data + off, len) | |
| 3174 | * needed here as it does not change the skb->csum | |
| 3175 | * result for checksum complete when summing over | |
| 3176 | * zeroed blocks. | |
| 3177 | */ | |
| 3178 | return 0; | |
| 3179 | } | |
| 3180 | ||
| 3181 | static int bpf_skb_generic_pop(struct sk_buff *skb, u32 off, u32 len) | |
| 3182 | { | |
| 3183 | /* skb_ensure_writable() is not needed here, as we're | |
| 3184 | * already working on an uncloned skb. | |
| 3185 | */ | |
| 3186 | if (unlikely(!pskb_may_pull(skb, off + len))) | |
| 3187 | return -ENOMEM; | |
| 3188 | ||
| 3189 | skb_postpull_rcsum(skb, skb->data + off, len); | |
| 3190 | memmove(skb->data + len, skb->data, off); | |
| 3191 | __skb_pull(skb, len); | |
| 3192 | ||
| 3193 | return 0; | |
| 3194 | } | |
| 3195 | ||
| 3196 | static int bpf_skb_net_hdr_push(struct sk_buff *skb, u32 off, u32 len) | |
| 3197 | { | |
| 3198 | bool trans_same = skb->transport_header == skb->network_header; | |
| 3199 | int ret; | |
| 3200 | ||
| 3201 | /* There's no need for __skb_push()/__skb_pull() pair to | |
| 3202 | * get to the start of the mac header as we're guaranteed | |
| 3203 | * to always start from here under eBPF. | |
| 3204 | */ | |
| 3205 | ret = bpf_skb_generic_push(skb, off, len); | |
| 3206 | if (likely(!ret)) { | |
| 3207 | skb->mac_header -= len; | |
| 3208 | skb->network_header -= len; | |
| 3209 | if (trans_same) | |
| 3210 | skb->transport_header = skb->network_header; | |
| 3211 | } | |
| 3212 | ||
| 3213 | return ret; | |
| 3214 | } | |
| 3215 | ||
| 3216 | static int bpf_skb_net_hdr_pop(struct sk_buff *skb, u32 off, u32 len) | |
| 3217 | { | |
| 3218 | bool trans_same = skb->transport_header == skb->network_header; | |
| 3219 | int ret; | |
| 3220 | ||
| 3221 | /* Same here, __skb_push()/__skb_pull() pair not needed. */ | |
| 3222 | ret = bpf_skb_generic_pop(skb, off, len); | |
| 3223 | if (likely(!ret)) { | |
| 3224 | skb->mac_header += len; | |
| 3225 | skb->network_header += len; | |
| 3226 | if (trans_same) | |
| 3227 | skb->transport_header = skb->network_header; | |
| 3228 | } | |
| 3229 | ||
| 3230 | return ret; | |
| 3231 | } | |
| 3232 | ||
| 3233 | static int bpf_skb_proto_4_to_6(struct sk_buff *skb) | |
| 3234 | { | |
| 3235 | const u32 len_diff = sizeof(struct ipv6hdr) - sizeof(struct iphdr); | |
| 0daf4349 | 3236 | u32 off = skb_mac_header_len(skb); |
| 6578171a DB |
3237 | int ret; |
| 3238 | ||
| 3239 | ret = skb_cow(skb, len_diff); | |
| 3240 | if (unlikely(ret < 0)) | |
| 3241 | return ret; | |
| 3242 | ||
| 3243 | ret = bpf_skb_net_hdr_push(skb, off, len_diff); | |
| 3244 | if (unlikely(ret < 0)) | |
| 3245 | return ret; | |
| 3246 | ||
| 3247 | if (skb_is_gso(skb)) { | |
| d02f51cb DA |
3248 | struct skb_shared_info *shinfo = skb_shinfo(skb); |
| 3249 | ||
| 0bc919d3 | 3250 | /* SKB_GSO_TCPV4 needs to be changed into SKB_GSO_TCPV6. */ |
| d02f51cb DA |
3251 | if (shinfo->gso_type & SKB_GSO_TCPV4) { |
| 3252 | shinfo->gso_type &= ~SKB_GSO_TCPV4; | |
| 3253 | shinfo->gso_type |= SKB_GSO_TCPV6; | |
| 6578171a | 3254 | } |
| 6578171a DB |
3255 | } |
| 3256 | ||
| 3257 | skb->protocol = htons(ETH_P_IPV6); | |
| 3258 | skb_clear_hash(skb); | |
| 3259 | ||
| 3260 | return 0; | |
| 3261 | } | |
| 3262 | ||
| 3263 | static int bpf_skb_proto_6_to_4(struct sk_buff *skb) | |
| 3264 | { | |
| 3265 | const u32 len_diff = sizeof(struct ipv6hdr) - sizeof(struct iphdr); | |
| 0daf4349 | 3266 | u32 off = skb_mac_header_len(skb); |
| 6578171a DB |
3267 | int ret; |
| 3268 | ||
| 3269 | ret = skb_unclone(skb, GFP_ATOMIC); | |
| 3270 | if (unlikely(ret < 0)) | |
| 3271 | return ret; | |
| 3272 | ||
| 3273 | ret = bpf_skb_net_hdr_pop(skb, off, len_diff); | |
| 3274 | if (unlikely(ret < 0)) | |
| 3275 | return ret; | |
| 3276 | ||
| 3277 | if (skb_is_gso(skb)) { | |
| d02f51cb DA |
3278 | struct skb_shared_info *shinfo = skb_shinfo(skb); |
| 3279 | ||
| 0bc919d3 | 3280 | /* SKB_GSO_TCPV6 needs to be changed into SKB_GSO_TCPV4. */ |
| d02f51cb DA |
3281 | if (shinfo->gso_type & SKB_GSO_TCPV6) { |
| 3282 | shinfo->gso_type &= ~SKB_GSO_TCPV6; | |
| 3283 | shinfo->gso_type |= SKB_GSO_TCPV4; | |
| 6578171a | 3284 | } |
| 6578171a DB |
3285 | } |
| 3286 | ||
| 3287 | skb->protocol = htons(ETH_P_IP); | |
| 3288 | skb_clear_hash(skb); | |
| 3289 | ||
| 3290 | return 0; | |
| 3291 | } | |
| 3292 | ||
| 3293 | static int bpf_skb_proto_xlat(struct sk_buff *skb, __be16 to_proto) | |
| 3294 | { | |
| 3295 | __be16 from_proto = skb->protocol; | |
| 3296 | ||
| 3297 | if (from_proto == htons(ETH_P_IP) && | |
| 3298 | to_proto == htons(ETH_P_IPV6)) | |
| 3299 | return bpf_skb_proto_4_to_6(skb); | |
| 3300 | ||
| 3301 | if (from_proto == htons(ETH_P_IPV6) && | |
| 3302 | to_proto == htons(ETH_P_IP)) | |
| 3303 | return bpf_skb_proto_6_to_4(skb); | |
| 3304 | ||
| 3305 | return -ENOTSUPP; | |
| 3306 | } | |
| 3307 | ||
| f3694e00 DB |
3308 | BPF_CALL_3(bpf_skb_change_proto, struct sk_buff *, skb, __be16, proto, |
| 3309 | u64, flags) | |
| 6578171a | 3310 | { |
| 6578171a DB |
3311 | int ret; |
| 3312 | ||
| 3313 | if (unlikely(flags)) | |
| 3314 | return -EINVAL; | |
| 3315 | ||
| 3316 | /* General idea is that this helper does the basic groundwork | |
| 3317 | * needed for changing the protocol, and eBPF program fills the | |
| 3318 | * rest through bpf_skb_store_bytes(), bpf_lX_csum_replace() | |
| 3319 | * and other helpers, rather than passing a raw buffer here. | |
| 3320 | * | |
| 3321 | * The rationale is to keep this minimal and without a need to | |
| 3322 | * deal with raw packet data. F.e. even if we would pass buffers | |
| 3323 | * here, the program still needs to call the bpf_lX_csum_replace() | |
| 3324 | * helpers anyway. Plus, this way we keep also separation of | |
| 3325 | * concerns, since f.e. bpf_skb_store_bytes() should only take | |
| 3326 | * care of stores. | |
| 3327 | * | |
| 3328 | * Currently, additional options and extension header space are | |
| 3329 | * not supported, but flags register is reserved so we can adapt | |
| 3330 | * that. For offloads, we mark packet as dodgy, so that headers | |
| 3331 | * need to be verified first. | |
| 3332 | */ | |
| 3333 | ret = bpf_skb_proto_xlat(skb, proto); | |
| 6aaae2b6 | 3334 | bpf_compute_data_pointers(skb); |
| 6578171a DB |
3335 | return ret; |
| 3336 | } | |
| 3337 | ||
| 3338 | static const struct bpf_func_proto bpf_skb_change_proto_proto = { | |
| 3339 | .func = bpf_skb_change_proto, | |
| 3340 | .gpl_only = false, | |
| 3341 | .ret_type = RET_INTEGER, | |
| 3342 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3343 | .arg2_type = ARG_ANYTHING, | |
| 3344 | .arg3_type = ARG_ANYTHING, | |
| 3345 | }; | |
| 3346 | ||
| f3694e00 | 3347 | BPF_CALL_2(bpf_skb_change_type, struct sk_buff *, skb, u32, pkt_type) |
| d2485c42 | 3348 | { |
| d2485c42 | 3349 | /* We only allow a restricted subset to be changed for now. */ |
| 45c7fffa DB |
3350 | if (unlikely(!skb_pkt_type_ok(skb->pkt_type) || |
| 3351 | !skb_pkt_type_ok(pkt_type))) | |
| d2485c42 DB |
3352 | return -EINVAL; |
| 3353 | ||
| 3354 | skb->pkt_type = pkt_type; | |
| 3355 | return 0; | |
| 3356 | } | |
| 3357 | ||
| 3358 | static const struct bpf_func_proto bpf_skb_change_type_proto = { | |
| 3359 | .func = bpf_skb_change_type, | |
| 3360 | .gpl_only = false, | |
| 3361 | .ret_type = RET_INTEGER, | |
| 3362 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3363 | .arg2_type = ARG_ANYTHING, | |
| 3364 | }; | |
| 3365 | ||
| 2be7e212 DB |
3366 | static u32 bpf_skb_net_base_len(const struct sk_buff *skb) |
| 3367 | { | |
| 3368 | switch (skb->protocol) { | |
| 3369 | case htons(ETH_P_IP): | |
| 3370 | return sizeof(struct iphdr); | |
| 3371 | case htons(ETH_P_IPV6): | |
| 3372 | return sizeof(struct ipv6hdr); | |
| 3373 | default: | |
| 3374 | return ~0U; | |
| 3375 | } | |
| 3376 | } | |
| 3377 | ||
| 868d5235 WB |
3378 | #define BPF_F_ADJ_ROOM_ENCAP_L3_MASK (BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 | \ |
| 3379 | BPF_F_ADJ_ROOM_ENCAP_L3_IPV6) | |
| 3380 | ||
| 3381 | #define BPF_F_ADJ_ROOM_MASK (BPF_F_ADJ_ROOM_FIXED_GSO | \ | |
| 3382 | BPF_F_ADJ_ROOM_ENCAP_L3_MASK | \ | |
| 3383 | BPF_F_ADJ_ROOM_ENCAP_L4_GRE | \ | |
| 58dfc900 | 3384 | BPF_F_ADJ_ROOM_ENCAP_L4_UDP | \ |
| d01b59c9 | 3385 | BPF_F_ADJ_ROOM_ENCAP_L2_ETH | \ |
| 58dfc900 AM |
3386 | BPF_F_ADJ_ROOM_ENCAP_L2( \ |
| 3387 | BPF_ADJ_ROOM_ENCAP_L2_MASK)) | |
| 2278f6cc WB |
3388 | |
| 3389 | static int bpf_skb_net_grow(struct sk_buff *skb, u32 off, u32 len_diff, | |
| 3390 | u64 flags) | |
| 2be7e212 | 3391 | { |
| 58dfc900 | 3392 | u8 inner_mac_len = flags >> BPF_ADJ_ROOM_ENCAP_L2_SHIFT; |
| 868d5235 | 3393 | bool encap = flags & BPF_F_ADJ_ROOM_ENCAP_L3_MASK; |
| 62b31b42 | 3394 | u16 mac_len = 0, inner_net = 0, inner_trans = 0; |
| 868d5235 | 3395 | unsigned int gso_type = SKB_GSO_DODGY; |
| 2be7e212 DB |
3396 | int ret; |
| 3397 | ||
| 2278f6cc WB |
3398 | if (skb_is_gso(skb) && !skb_is_gso_tcp(skb)) { |
| 3399 | /* udp gso_size delineates datagrams, only allow if fixed */ | |
| 3400 | if (!(skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4) || | |
| 3401 | !(flags & BPF_F_ADJ_ROOM_FIXED_GSO)) | |
| 3402 | return -ENOTSUPP; | |
| 3403 | } | |
| d02f51cb | 3404 | |
| 908adce6 | 3405 | ret = skb_cow_head(skb, len_diff); |
| 2be7e212 DB |
3406 | if (unlikely(ret < 0)) |
| 3407 | return ret; | |
| 3408 | ||
| 868d5235 WB |
3409 | if (encap) { |
| 3410 | if (skb->protocol != htons(ETH_P_IP) && | |
| 3411 | skb->protocol != htons(ETH_P_IPV6)) | |
| 3412 | return -ENOTSUPP; | |
| 3413 | ||
| 3414 | if (flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 && | |
| 3415 | flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV6) | |
| 3416 | return -EINVAL; | |
| 3417 | ||
| 3418 | if (flags & BPF_F_ADJ_ROOM_ENCAP_L4_GRE && | |
| 3419 | flags & BPF_F_ADJ_ROOM_ENCAP_L4_UDP) | |
| 3420 | return -EINVAL; | |
| 3421 | ||
| d01b59c9 XH |
3422 | if (flags & BPF_F_ADJ_ROOM_ENCAP_L2_ETH && |
| 3423 | inner_mac_len < ETH_HLEN) | |
| 3424 | return -EINVAL; | |
| 3425 | ||
| 868d5235 WB |
3426 | if (skb->encapsulation) |
| 3427 | return -EALREADY; | |
| 3428 | ||
| 3429 | mac_len = skb->network_header - skb->mac_header; | |
| 3430 | inner_net = skb->network_header; | |
| 58dfc900 AM |
3431 | if (inner_mac_len > len_diff) |
| 3432 | return -EINVAL; | |
| 868d5235 WB |
3433 | inner_trans = skb->transport_header; |
| 3434 | } | |
| 3435 | ||
| 2be7e212 DB |
3436 | ret = bpf_skb_net_hdr_push(skb, off, len_diff); |
| 3437 | if (unlikely(ret < 0)) | |
| 3438 | return ret; | |
| 3439 | ||
| 868d5235 | 3440 | if (encap) { |
| 58dfc900 | 3441 | skb->inner_mac_header = inner_net - inner_mac_len; |
| 868d5235 WB |
3442 | skb->inner_network_header = inner_net; |
| 3443 | skb->inner_transport_header = inner_trans; | |
| d01b59c9 XH |
3444 | |
| 3445 | if (flags & BPF_F_ADJ_ROOM_ENCAP_L2_ETH) | |
| 3446 | skb_set_inner_protocol(skb, htons(ETH_P_TEB)); | |
| 3447 | else | |
| 3448 | skb_set_inner_protocol(skb, skb->protocol); | |
| 868d5235 WB |
3449 | |
| 3450 | skb->encapsulation = 1; | |
| 3451 | skb_set_network_header(skb, mac_len); | |
| 3452 | ||
| 3453 | if (flags & BPF_F_ADJ_ROOM_ENCAP_L4_UDP) | |
| 3454 | gso_type |= SKB_GSO_UDP_TUNNEL; | |
| 3455 | else if (flags & BPF_F_ADJ_ROOM_ENCAP_L4_GRE) | |
| 3456 | gso_type |= SKB_GSO_GRE; | |
| 3457 | else if (flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV6) | |
| 3458 | gso_type |= SKB_GSO_IPXIP6; | |
| 58dfc900 | 3459 | else if (flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV4) |
| 868d5235 WB |
3460 | gso_type |= SKB_GSO_IPXIP4; |
| 3461 | ||
| 3462 | if (flags & BPF_F_ADJ_ROOM_ENCAP_L4_GRE || | |
| 3463 | flags & BPF_F_ADJ_ROOM_ENCAP_L4_UDP) { | |
| 3464 | int nh_len = flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 ? | |
| 3465 | sizeof(struct ipv6hdr) : | |
| 3466 | sizeof(struct iphdr); | |
| 3467 | ||
| 3468 | skb_set_transport_header(skb, mac_len + nh_len); | |
| 3469 | } | |
| 1b00e0df WB |
3470 | |
| 3471 | /* Match skb->protocol to new outer l3 protocol */ | |
| 3472 | if (skb->protocol == htons(ETH_P_IP) && | |
| 3473 | flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV6) | |
| 3474 | skb->protocol = htons(ETH_P_IPV6); | |
| 3475 | else if (skb->protocol == htons(ETH_P_IPV6) && | |
| 3476 | flags & BPF_F_ADJ_ROOM_ENCAP_L3_IPV4) | |
| 3477 | skb->protocol = htons(ETH_P_IP); | |
| 868d5235 WB |
3478 | } |
| 3479 | ||
| 2be7e212 | 3480 | if (skb_is_gso(skb)) { |
| d02f51cb DA |
3481 | struct skb_shared_info *shinfo = skb_shinfo(skb); |
| 3482 | ||
| 2be7e212 | 3483 | /* Due to header grow, MSS needs to be downgraded. */ |
| 2278f6cc WB |
3484 | if (!(flags & BPF_F_ADJ_ROOM_FIXED_GSO)) |
| 3485 | skb_decrease_gso_size(shinfo, len_diff); | |
| 3486 | ||
| 2be7e212 | 3487 | /* Header must be checked, and gso_segs recomputed. */ |
| 868d5235 | 3488 | shinfo->gso_type |= gso_type; |
| d02f51cb | 3489 | shinfo->gso_segs = 0; |
| 2be7e212 DB |
3490 | } |
| 3491 | ||
| 3492 | return 0; | |
| 3493 | } | |
| 3494 | ||
| 2278f6cc WB |
3495 | static int bpf_skb_net_shrink(struct sk_buff *skb, u32 off, u32 len_diff, |
| 3496 | u64 flags) | |
| 2be7e212 | 3497 | { |
| 2be7e212 DB |
3498 | int ret; |
| 3499 | ||
| 836e66c2 DB |
3500 | if (unlikely(flags & ~(BPF_F_ADJ_ROOM_FIXED_GSO | |
| 3501 | BPF_F_ADJ_ROOM_NO_CSUM_RESET))) | |
| 43537b8e WB |
3502 | return -EINVAL; |
| 3503 | ||
| 2278f6cc WB |
3504 | if (skb_is_gso(skb) && !skb_is_gso_tcp(skb)) { |
| 3505 | /* udp gso_size delineates datagrams, only allow if fixed */ | |
| 3506 | if (!(skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4) || | |
| 3507 | !(flags & BPF_F_ADJ_ROOM_FIXED_GSO)) | |
| 3508 | return -ENOTSUPP; | |
| 3509 | } | |
| d02f51cb | 3510 | |
| 2be7e212 DB |
3511 | ret = skb_unclone(skb, GFP_ATOMIC); |
| 3512 | if (unlikely(ret < 0)) | |
| 3513 | return ret; | |
| 3514 | ||
| 3515 | ret = bpf_skb_net_hdr_pop(skb, off, len_diff); | |
| 3516 | if (unlikely(ret < 0)) | |
| 3517 | return ret; | |
| 3518 | ||
| 3519 | if (skb_is_gso(skb)) { | |
| d02f51cb DA |
3520 | struct skb_shared_info *shinfo = skb_shinfo(skb); |
| 3521 | ||
| 2be7e212 | 3522 | /* Due to header shrink, MSS can be upgraded. */ |
| 2278f6cc WB |
3523 | if (!(flags & BPF_F_ADJ_ROOM_FIXED_GSO)) |
| 3524 | skb_increase_gso_size(shinfo, len_diff); | |
| 3525 | ||
| 2be7e212 | 3526 | /* Header must be checked, and gso_segs recomputed. */ |
| d02f51cb DA |
3527 | shinfo->gso_type |= SKB_GSO_DODGY; |
| 3528 | shinfo->gso_segs = 0; | |
| 2be7e212 DB |
3529 | } |
| 3530 | ||
| 3531 | return 0; | |
| 3532 | } | |
| 3533 | ||
| 6306c118 | 3534 | #define BPF_SKB_MAX_LEN SKB_MAX_ALLOC |
| 2be7e212 | 3535 | |
| 18ebe16d JF |
3536 | BPF_CALL_4(sk_skb_adjust_room, struct sk_buff *, skb, s32, len_diff, |
| 3537 | u32, mode, u64, flags) | |
| 3538 | { | |
| 3539 | u32 len_diff_abs = abs(len_diff); | |
| 3540 | bool shrink = len_diff < 0; | |
| 3541 | int ret = 0; | |
| 3542 | ||
| 3543 | if (unlikely(flags || mode)) | |
| 3544 | return -EINVAL; | |
| 3545 | if (unlikely(len_diff_abs > 0xfffU)) | |
| 3546 | return -EFAULT; | |
| 3547 | ||
| 3548 | if (!shrink) { | |
| 3549 | ret = skb_cow(skb, len_diff); | |
| 3550 | if (unlikely(ret < 0)) | |
| 3551 | return ret; | |
| 3552 | __skb_push(skb, len_diff_abs); | |
| 3553 | memset(skb->data, 0, len_diff_abs); | |
| 3554 | } else { | |
| 3555 | if (unlikely(!pskb_may_pull(skb, len_diff_abs))) | |
| 3556 | return -ENOMEM; | |
| 3557 | __skb_pull(skb, len_diff_abs); | |
| 3558 | } | |
| 18ebe16d JF |
3559 | if (tls_sw_has_ctx_rx(skb->sk)) { |
| 3560 | struct strp_msg *rxm = strp_msg(skb); | |
| 3561 | ||
| 3562 | rxm->full_len += len_diff; | |
| 3563 | } | |
| 3564 | return ret; | |
| 3565 | } | |
| 3566 | ||
| 3567 | static const struct bpf_func_proto sk_skb_adjust_room_proto = { | |
| 3568 | .func = sk_skb_adjust_room, | |
| 3569 | .gpl_only = false, | |
| 3570 | .ret_type = RET_INTEGER, | |
| 3571 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3572 | .arg2_type = ARG_ANYTHING, | |
| 3573 | .arg3_type = ARG_ANYTHING, | |
| 3574 | .arg4_type = ARG_ANYTHING, | |
| 3575 | }; | |
| 3576 | ||
| 14aa3192 WB |
3577 | BPF_CALL_4(bpf_skb_adjust_room, struct sk_buff *, skb, s32, len_diff, |
| 3578 | u32, mode, u64, flags) | |
| 2be7e212 | 3579 | { |
| 2be7e212 DB |
3580 | u32 len_cur, len_diff_abs = abs(len_diff); |
| 3581 | u32 len_min = bpf_skb_net_base_len(skb); | |
| 6306c118 | 3582 | u32 len_max = BPF_SKB_MAX_LEN; |
| 2be7e212 DB |
3583 | __be16 proto = skb->protocol; |
| 3584 | bool shrink = len_diff < 0; | |
| 14aa3192 | 3585 | u32 off; |
| 2be7e212 DB |
3586 | int ret; |
| 3587 | ||
| 836e66c2 DB |
3588 | if (unlikely(flags & ~(BPF_F_ADJ_ROOM_MASK | |
| 3589 | BPF_F_ADJ_ROOM_NO_CSUM_RESET))) | |
| 14aa3192 | 3590 | return -EINVAL; |
| 2be7e212 DB |
3591 | if (unlikely(len_diff_abs > 0xfffU)) |
| 3592 | return -EFAULT; | |
| 3593 | if (unlikely(proto != htons(ETH_P_IP) && | |
| 3594 | proto != htons(ETH_P_IPV6))) | |
| 3595 | return -ENOTSUPP; | |
| 3596 | ||
| 14aa3192 WB |
3597 | off = skb_mac_header_len(skb); |
| 3598 | switch (mode) { | |
| 3599 | case BPF_ADJ_ROOM_NET: | |
| 3600 | off += bpf_skb_net_base_len(skb); | |
| 3601 | break; | |
| 3602 | case BPF_ADJ_ROOM_MAC: | |
| 3603 | break; | |
| 3604 | default: | |
| 3605 | return -ENOTSUPP; | |
| 3606 | } | |
| 3607 | ||
| 2be7e212 | 3608 | len_cur = skb->len - skb_network_offset(skb); |
| 2be7e212 DB |
3609 | if ((shrink && (len_diff_abs >= len_cur || |
| 3610 | len_cur - len_diff_abs < len_min)) || | |
| 3611 | (!shrink && (skb->len + len_diff_abs > len_max && | |
| 3612 | !skb_is_gso(skb)))) | |
| 3613 | return -ENOTSUPP; | |
| 3614 | ||
| 2278f6cc WB |
3615 | ret = shrink ? bpf_skb_net_shrink(skb, off, len_diff_abs, flags) : |
| 3616 | bpf_skb_net_grow(skb, off, len_diff_abs, flags); | |
| 836e66c2 DB |
3617 | if (!ret && !(flags & BPF_F_ADJ_ROOM_NO_CSUM_RESET)) |
| 3618 | __skb_reset_checksum_unnecessary(skb); | |
| 2be7e212 | 3619 | |
| 6aaae2b6 | 3620 | bpf_compute_data_pointers(skb); |
| e4a6a342 | 3621 | return ret; |
| 2be7e212 DB |
3622 | } |
| 3623 | ||
| 2be7e212 DB |
3624 | static const struct bpf_func_proto bpf_skb_adjust_room_proto = { |
| 3625 | .func = bpf_skb_adjust_room, | |
| 3626 | .gpl_only = false, | |
| 3627 | .ret_type = RET_INTEGER, | |
| 3628 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3629 | .arg2_type = ARG_ANYTHING, | |
| 3630 | .arg3_type = ARG_ANYTHING, | |
| 3631 | .arg4_type = ARG_ANYTHING, | |
| 3632 | }; | |
| 3633 | ||
| 5293efe6 DB |
3634 | static u32 __bpf_skb_min_len(const struct sk_buff *skb) |
| 3635 | { | |
| 3636 | u32 min_len = skb_network_offset(skb); | |
| 3637 | ||
| 3638 | if (skb_transport_header_was_set(skb)) | |
| 3639 | min_len = skb_transport_offset(skb); | |
| 3640 | if (skb->ip_summed == CHECKSUM_PARTIAL) | |
| 3641 | min_len = skb_checksum_start_offset(skb) + | |
| 3642 | skb->csum_offset + sizeof(__sum16); | |
| 3643 | return min_len; | |
| 3644 | } | |
| 3645 | ||
| 5293efe6 DB |
3646 | static int bpf_skb_grow_rcsum(struct sk_buff *skb, unsigned int new_len) |
| 3647 | { | |
| 3648 | unsigned int old_len = skb->len; | |
| 3649 | int ret; | |
| 3650 | ||
| 3651 | ret = __skb_grow_rcsum(skb, new_len); | |
| 3652 | if (!ret) | |
| 3653 | memset(skb->data + old_len, 0, new_len - old_len); | |
| 3654 | return ret; | |
| 3655 | } | |
| 3656 | ||
| 3657 | static int bpf_skb_trim_rcsum(struct sk_buff *skb, unsigned int new_len) | |
| 3658 | { | |
| 3659 | return __skb_trim_rcsum(skb, new_len); | |
| 3660 | } | |
| 3661 | ||
| 0ea488ff JF |
3662 | static inline int __bpf_skb_change_tail(struct sk_buff *skb, u32 new_len, |
| 3663 | u64 flags) | |
| 5293efe6 | 3664 | { |
| 6306c118 | 3665 | u32 max_len = BPF_SKB_MAX_LEN; |
| 5293efe6 | 3666 | u32 min_len = __bpf_skb_min_len(skb); |
| 5293efe6 DB |
3667 | int ret; |
| 3668 | ||
| 3669 | if (unlikely(flags || new_len > max_len || new_len < min_len)) | |
| 3670 | return -EINVAL; | |
| 3671 | if (skb->encapsulation) | |
| 3672 | return -ENOTSUPP; | |
| 3673 | ||
| 3674 | /* The basic idea of this helper is that it's performing the | |
| 3675 | * needed work to either grow or trim an skb, and eBPF program | |
| 3676 | * rewrites the rest via helpers like bpf_skb_store_bytes(), | |
| 3677 | * bpf_lX_csum_replace() and others rather than passing a raw | |
| 3678 | * buffer here. This one is a slow path helper and intended | |
| 3679 | * for replies with control messages. | |
| 3680 | * | |
| 3681 | * Like in bpf_skb_change_proto(), we want to keep this rather | |
| 3682 | * minimal and without protocol specifics so that we are able | |
| 3683 | * to separate concerns as in bpf_skb_store_bytes() should only | |
| 3684 | * be the one responsible for writing buffers. | |
| 3685 | * | |
| 3686 | * It's really expected to be a slow path operation here for | |
| 3687 | * control message replies, so we're implicitly linearizing, | |
| 3688 | * uncloning and drop offloads from the skb by this. | |
| 3689 | */ | |
| 3690 | ret = __bpf_try_make_writable(skb, skb->len); | |
| 3691 | if (!ret) { | |
| 3692 | if (new_len > skb->len) | |
| 3693 | ret = bpf_skb_grow_rcsum(skb, new_len); | |
| 3694 | else if (new_len < skb->len) | |
| 3695 | ret = bpf_skb_trim_rcsum(skb, new_len); | |
| 3696 | if (!ret && skb_is_gso(skb)) | |
| 3697 | skb_gso_reset(skb); | |
| 3698 | } | |
| 0ea488ff JF |
3699 | return ret; |
| 3700 | } | |
| 3701 | ||
| 3702 | BPF_CALL_3(bpf_skb_change_tail, struct sk_buff *, skb, u32, new_len, | |
| 3703 | u64, flags) | |
| 3704 | { | |
| 3705 | int ret = __bpf_skb_change_tail(skb, new_len, flags); | |
| 5293efe6 | 3706 | |
| 6aaae2b6 | 3707 | bpf_compute_data_pointers(skb); |
| 5293efe6 DB |
3708 | return ret; |
| 3709 | } | |
| 3710 | ||
| 3711 | static const struct bpf_func_proto bpf_skb_change_tail_proto = { | |
| 3712 | .func = bpf_skb_change_tail, | |
| 3713 | .gpl_only = false, | |
| 3714 | .ret_type = RET_INTEGER, | |
| 3715 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3716 | .arg2_type = ARG_ANYTHING, | |
| 3717 | .arg3_type = ARG_ANYTHING, | |
| 3718 | }; | |
| 3719 | ||
| 0ea488ff | 3720 | BPF_CALL_3(sk_skb_change_tail, struct sk_buff *, skb, u32, new_len, |
| 3a0af8fd | 3721 | u64, flags) |
| 0ea488ff | 3722 | { |
| 16137b09 | 3723 | return __bpf_skb_change_tail(skb, new_len, flags); |
| 0ea488ff JF |
3724 | } |
| 3725 | ||
| 3726 | static const struct bpf_func_proto sk_skb_change_tail_proto = { | |
| 3727 | .func = sk_skb_change_tail, | |
| 3728 | .gpl_only = false, | |
| 3729 | .ret_type = RET_INTEGER, | |
| 3730 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3731 | .arg2_type = ARG_ANYTHING, | |
| 3732 | .arg3_type = ARG_ANYTHING, | |
| 3733 | }; | |
| 3734 | ||
| 3735 | static inline int __bpf_skb_change_head(struct sk_buff *skb, u32 head_room, | |
| 3736 | u64 flags) | |
| 3a0af8fd | 3737 | { |
| 6306c118 | 3738 | u32 max_len = BPF_SKB_MAX_LEN; |
| 3a0af8fd TG |
3739 | u32 new_len = skb->len + head_room; |
| 3740 | int ret; | |
| 3741 | ||
| 3742 | if (unlikely(flags || (!skb_is_gso(skb) && new_len > max_len) || | |
| 3743 | new_len < skb->len)) | |
| 3744 | return -EINVAL; | |
| 3745 | ||
| 3746 | ret = skb_cow(skb, head_room); | |
| 3747 | if (likely(!ret)) { | |
| 3748 | /* Idea for this helper is that we currently only | |
| 3749 | * allow to expand on mac header. This means that | |
| 3750 | * skb->protocol network header, etc, stay as is. | |
| 3751 | * Compared to bpf_skb_change_tail(), we're more | |
| 3752 | * flexible due to not needing to linearize or | |
| 3753 | * reset GSO. Intention for this helper is to be | |
| 3754 | * used by an L3 skb that needs to push mac header | |
| 3755 | * for redirection into L2 device. | |
| 3756 | */ | |
| 3757 | __skb_push(skb, head_room); | |
| 3758 | memset(skb->data, 0, head_room); | |
| 3759 | skb_reset_mac_header(skb); | |
| 84316ca4 | 3760 | skb_reset_mac_len(skb); |
| 3a0af8fd TG |
3761 | } |
| 3762 | ||
| 0ea488ff JF |
3763 | return ret; |
| 3764 | } | |
| 3765 | ||
| 3766 | BPF_CALL_3(bpf_skb_change_head, struct sk_buff *, skb, u32, head_room, | |
| 3767 | u64, flags) | |
| 3768 | { | |
| 3769 | int ret = __bpf_skb_change_head(skb, head_room, flags); | |
| 3770 | ||
| 6aaae2b6 | 3771 | bpf_compute_data_pointers(skb); |
| 0ea488ff | 3772 | return ret; |
| 3a0af8fd TG |
3773 | } |
| 3774 | ||
| 3775 | static const struct bpf_func_proto bpf_skb_change_head_proto = { | |
| 3776 | .func = bpf_skb_change_head, | |
| 3777 | .gpl_only = false, | |
| 3778 | .ret_type = RET_INTEGER, | |
| 3779 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3780 | .arg2_type = ARG_ANYTHING, | |
| 3781 | .arg3_type = ARG_ANYTHING, | |
| 3782 | }; | |
| 3783 | ||
| 0ea488ff JF |
3784 | BPF_CALL_3(sk_skb_change_head, struct sk_buff *, skb, u32, head_room, |
| 3785 | u64, flags) | |
| 3786 | { | |
| 16137b09 | 3787 | return __bpf_skb_change_head(skb, head_room, flags); |
| 0ea488ff JF |
3788 | } |
| 3789 | ||
| 3790 | static const struct bpf_func_proto sk_skb_change_head_proto = { | |
| 3791 | .func = sk_skb_change_head, | |
| 3792 | .gpl_only = false, | |
| 3793 | .ret_type = RET_INTEGER, | |
| 3794 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3795 | .arg2_type = ARG_ANYTHING, | |
| 3796 | .arg3_type = ARG_ANYTHING, | |
| 3797 | }; | |
| 0165cc81 LB |
3798 | |
| 3799 | BPF_CALL_1(bpf_xdp_get_buff_len, struct xdp_buff*, xdp) | |
| 3800 | { | |
| 3801 | return xdp_get_buff_len(xdp); | |
| 3802 | } | |
| 3803 | ||
| 3804 | static const struct bpf_func_proto bpf_xdp_get_buff_len_proto = { | |
| 3805 | .func = bpf_xdp_get_buff_len, | |
| 3806 | .gpl_only = false, | |
| 3807 | .ret_type = RET_INTEGER, | |
| 3808 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3809 | }; | |
| 3810 | ||
| d9917302 EC |
3811 | BTF_ID_LIST_SINGLE(bpf_xdp_get_buff_len_bpf_ids, struct, xdp_buff) |
| 3812 | ||
| 3813 | const struct bpf_func_proto bpf_xdp_get_buff_len_trace_proto = { | |
| 3814 | .func = bpf_xdp_get_buff_len, | |
| 3815 | .gpl_only = false, | |
| 3816 | .arg1_type = ARG_PTR_TO_BTF_ID, | |
| 3817 | .arg1_btf_id = &bpf_xdp_get_buff_len_bpf_ids[0], | |
| 3818 | }; | |
| 3819 | ||
| de8f3a83 DB |
3820 | static unsigned long xdp_get_metalen(const struct xdp_buff *xdp) |
| 3821 | { | |
| 3822 | return xdp_data_meta_unsupported(xdp) ? 0 : | |
| 3823 | xdp->data - xdp->data_meta; | |
| 3824 | } | |
| 3825 | ||
| 17bedab2 MKL |
3826 | BPF_CALL_2(bpf_xdp_adjust_head, struct xdp_buff *, xdp, int, offset) |
| 3827 | { | |
| 6dfb970d | 3828 | void *xdp_frame_end = xdp->data_hard_start + sizeof(struct xdp_frame); |
| de8f3a83 | 3829 | unsigned long metalen = xdp_get_metalen(xdp); |
| 97e19cce | 3830 | void *data_start = xdp_frame_end + metalen; |
| 17bedab2 MKL |
3831 | void *data = xdp->data + offset; |
| 3832 | ||
| de8f3a83 | 3833 | if (unlikely(data < data_start || |
| 17bedab2 MKL |
3834 | data > xdp->data_end - ETH_HLEN)) |
| 3835 | return -EINVAL; | |
| 3836 | ||
| de8f3a83 DB |
3837 | if (metalen) |
| 3838 | memmove(xdp->data_meta + offset, | |
| 3839 | xdp->data_meta, metalen); | |
| 3840 | xdp->data_meta += offset; | |
| 17bedab2 MKL |
3841 | xdp->data = data; |
| 3842 | ||
| 3843 | return 0; | |
| 3844 | } | |
| 3845 | ||
| 3846 | static const struct bpf_func_proto bpf_xdp_adjust_head_proto = { | |
| 3847 | .func = bpf_xdp_adjust_head, | |
| 3848 | .gpl_only = false, | |
| 3849 | .ret_type = RET_INTEGER, | |
| 3850 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3851 | .arg2_type = ARG_ANYTHING, | |
| 3852 | }; | |
| 3853 | ||
| 3f364222 LB |
3854 | static void bpf_xdp_copy_buf(struct xdp_buff *xdp, unsigned long off, |
| 3855 | void *buf, unsigned long len, bool flush) | |
| 3856 | { | |
| 3857 | unsigned long ptr_len, ptr_off = 0; | |
| 3858 | skb_frag_t *next_frag, *end_frag; | |
| 3859 | struct skb_shared_info *sinfo; | |
| 3860 | void *src, *dst; | |
| 3861 | u8 *ptr_buf; | |
| 3862 | ||
| 3863 | if (likely(xdp->data_end - xdp->data >= off + len)) { | |
| 3864 | src = flush ? buf : xdp->data + off; | |
| 3865 | dst = flush ? xdp->data + off : buf; | |
| 3866 | memcpy(dst, src, len); | |
| 3867 | return; | |
| 3868 | } | |
| 3869 | ||
| 3870 | sinfo = xdp_get_shared_info_from_buff(xdp); | |
| 3871 | end_frag = &sinfo->frags[sinfo->nr_frags]; | |
| 3872 | next_frag = &sinfo->frags[0]; | |
| 3873 | ||
| 3874 | ptr_len = xdp->data_end - xdp->data; | |
| 3875 | ptr_buf = xdp->data; | |
| 3876 | ||
| 3877 | while (true) { | |
| 3878 | if (off < ptr_off + ptr_len) { | |
| 3879 | unsigned long copy_off = off - ptr_off; | |
| 3880 | unsigned long copy_len = min(len, ptr_len - copy_off); | |
| 3881 | ||
| 3882 | src = flush ? buf : ptr_buf + copy_off; | |
| 3883 | dst = flush ? ptr_buf + copy_off : buf; | |
| 3884 | memcpy(dst, src, copy_len); | |
| 3885 | ||
| 3886 | off += copy_len; | |
| 3887 | len -= copy_len; | |
| 3888 | buf += copy_len; | |
| 3889 | } | |
| 3890 | ||
| 3891 | if (!len || next_frag == end_frag) | |
| 3892 | break; | |
| 3893 | ||
| 3894 | ptr_off += ptr_len; | |
| 3895 | ptr_buf = skb_frag_address(next_frag); | |
| 3896 | ptr_len = skb_frag_size(next_frag); | |
| 3897 | next_frag++; | |
| 3898 | } | |
| 3899 | } | |
| 3900 | ||
| 3901 | static void *bpf_xdp_pointer(struct xdp_buff *xdp, u32 offset, u32 len) | |
| 3902 | { | |
| 3903 | struct skb_shared_info *sinfo = xdp_get_shared_info_from_buff(xdp); | |
| 3904 | u32 size = xdp->data_end - xdp->data; | |
| 3905 | void *addr = xdp->data; | |
| 3906 | int i; | |
| 3907 | ||
| 3908 | if (unlikely(offset > 0xffff || len > 0xffff)) | |
| 3909 | return ERR_PTR(-EFAULT); | |
| 3910 | ||
| 3911 | if (offset + len > xdp_get_buff_len(xdp)) | |
| 3912 | return ERR_PTR(-EINVAL); | |
| 3913 | ||
| 3914 | if (offset < size) /* linear area */ | |
| 3915 | goto out; | |
| 3916 | ||
| 3917 | offset -= size; | |
| 3918 | for (i = 0; i < sinfo->nr_frags; i++) { /* paged area */ | |
| 3919 | u32 frag_size = skb_frag_size(&sinfo->frags[i]); | |
| 3920 | ||
| 3921 | if (offset < frag_size) { | |
| 3922 | addr = skb_frag_address(&sinfo->frags[i]); | |
| 3923 | size = frag_size; | |
| 3924 | break; | |
| 3925 | } | |
| 3926 | offset -= frag_size; | |
| 3927 | } | |
| 3928 | out: | |
| bbd52178 | 3929 | return offset + len <= size ? addr + offset : NULL; |
| 3f364222 LB |
3930 | } |
| 3931 | ||
| 3932 | BPF_CALL_4(bpf_xdp_load_bytes, struct xdp_buff *, xdp, u32, offset, | |
| 3933 | void *, buf, u32, len) | |
| 3934 | { | |
| 3935 | void *ptr; | |
| 3936 | ||
| 3937 | ptr = bpf_xdp_pointer(xdp, offset, len); | |
| 3938 | if (IS_ERR(ptr)) | |
| 3939 | return PTR_ERR(ptr); | |
| 3940 | ||
| 3941 | if (!ptr) | |
| 3942 | bpf_xdp_copy_buf(xdp, offset, buf, len, false); | |
| 3943 | else | |
| 3944 | memcpy(buf, ptr, len); | |
| 3945 | ||
| 3946 | return 0; | |
| 3947 | } | |
| 3948 | ||
| 3949 | static const struct bpf_func_proto bpf_xdp_load_bytes_proto = { | |
| 3950 | .func = bpf_xdp_load_bytes, | |
| 3951 | .gpl_only = false, | |
| 3952 | .ret_type = RET_INTEGER, | |
| 3953 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3954 | .arg2_type = ARG_ANYTHING, | |
| 3955 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 3956 | .arg4_type = ARG_CONST_SIZE, | |
| 3957 | }; | |
| 3958 | ||
| 3959 | BPF_CALL_4(bpf_xdp_store_bytes, struct xdp_buff *, xdp, u32, offset, | |
| 3960 | void *, buf, u32, len) | |
| 3961 | { | |
| 3962 | void *ptr; | |
| 3963 | ||
| 3964 | ptr = bpf_xdp_pointer(xdp, offset, len); | |
| 3965 | if (IS_ERR(ptr)) | |
| 3966 | return PTR_ERR(ptr); | |
| 3967 | ||
| 3968 | if (!ptr) | |
| 3969 | bpf_xdp_copy_buf(xdp, offset, buf, len, true); | |
| 3970 | else | |
| 3971 | memcpy(ptr, buf, len); | |
| 3972 | ||
| 3973 | return 0; | |
| 3974 | } | |
| 3975 | ||
| 3976 | static const struct bpf_func_proto bpf_xdp_store_bytes_proto = { | |
| 3977 | .func = bpf_xdp_store_bytes, | |
| 3978 | .gpl_only = false, | |
| 3979 | .ret_type = RET_INTEGER, | |
| 3980 | .arg1_type = ARG_PTR_TO_CTX, | |
| 3981 | .arg2_type = ARG_ANYTHING, | |
| 3982 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 3983 | .arg4_type = ARG_CONST_SIZE, | |
| 3984 | }; | |
| 3985 | ||
| bf25146a EC |
3986 | static int bpf_xdp_frags_increase_tail(struct xdp_buff *xdp, int offset) |
| 3987 | { | |
| 3988 | struct skb_shared_info *sinfo = xdp_get_shared_info_from_buff(xdp); | |
| 3989 | skb_frag_t *frag = &sinfo->frags[sinfo->nr_frags - 1]; | |
| 3990 | struct xdp_rxq_info *rxq = xdp->rxq; | |
| 3991 | unsigned int tailroom; | |
| 3992 | ||
| 3993 | if (!rxq->frag_size || rxq->frag_size > xdp->frame_sz) | |
| 3994 | return -EOPNOTSUPP; | |
| 3995 | ||
| 3996 | tailroom = rxq->frag_size - skb_frag_size(frag) - skb_frag_off(frag); | |
| 3997 | if (unlikely(offset > tailroom)) | |
| 3998 | return -EINVAL; | |
| 3999 | ||
| 4000 | memset(skb_frag_address(frag) + skb_frag_size(frag), 0, offset); | |
| 4001 | skb_frag_size_add(frag, offset); | |
| 4002 | sinfo->xdp_frags_size += offset; | |
| 4003 | ||
| 4004 | return 0; | |
| 4005 | } | |
| 4006 | ||
| 4007 | static int bpf_xdp_frags_shrink_tail(struct xdp_buff *xdp, int offset) | |
| 4008 | { | |
| 4009 | struct skb_shared_info *sinfo = xdp_get_shared_info_from_buff(xdp); | |
| 4010 | int i, n_frags_free = 0, len_free = 0; | |
| 4011 | ||
| 4012 | if (unlikely(offset > (int)xdp_get_buff_len(xdp) - ETH_HLEN)) | |
| 4013 | return -EINVAL; | |
| 4014 | ||
| 4015 | for (i = sinfo->nr_frags - 1; i >= 0 && offset > 0; i--) { | |
| 4016 | skb_frag_t *frag = &sinfo->frags[i]; | |
| 4017 | int shrink = min_t(int, offset, skb_frag_size(frag)); | |
| 4018 | ||
| 4019 | len_free += shrink; | |
| 4020 | offset -= shrink; | |
| 4021 | ||
| 4022 | if (skb_frag_size(frag) == shrink) { | |
| 4023 | struct page *page = skb_frag_page(frag); | |
| 4024 | ||
| 4025 | __xdp_return(page_address(page), &xdp->rxq->mem, | |
| 4026 | false, NULL); | |
| 4027 | n_frags_free++; | |
| 4028 | } else { | |
| 4029 | skb_frag_size_sub(frag, shrink); | |
| 4030 | break; | |
| 4031 | } | |
| 4032 | } | |
| 4033 | sinfo->nr_frags -= n_frags_free; | |
| 4034 | sinfo->xdp_frags_size -= len_free; | |
| 4035 | ||
| 4036 | if (unlikely(!sinfo->nr_frags)) { | |
| 4037 | xdp_buff_clear_frags_flag(xdp); | |
| 4038 | xdp->data_end -= offset; | |
| 4039 | } | |
| 4040 | ||
| 4041 | return 0; | |
| 4042 | } | |
| 4043 | ||
| b32cc5b9 NS |
4044 | BPF_CALL_2(bpf_xdp_adjust_tail, struct xdp_buff *, xdp, int, offset) |
| 4045 | { | |
| c8741e2b | 4046 | void *data_hard_end = xdp_data_hard_end(xdp); /* use xdp->frame_sz */ |
| b32cc5b9 NS |
4047 | void *data_end = xdp->data_end + offset; |
| 4048 | ||
| bf25146a EC |
4049 | if (unlikely(xdp_buff_has_frags(xdp))) { /* non-linear xdp buff */ |
| 4050 | if (offset < 0) | |
| 4051 | return bpf_xdp_frags_shrink_tail(xdp, -offset); | |
| 4052 | ||
| 4053 | return bpf_xdp_frags_increase_tail(xdp, offset); | |
| 4054 | } | |
| 4055 | ||
| c8741e2b JDB |
4056 | /* Notice that xdp_data_hard_end have reserved some tailroom */ |
| 4057 | if (unlikely(data_end > data_hard_end)) | |
| b32cc5b9 NS |
4058 | return -EINVAL; |
| 4059 | ||
| c8741e2b JDB |
4060 | /* ALL drivers MUST init xdp->frame_sz, chicken check below */ |
| 4061 | if (unlikely(xdp->frame_sz > PAGE_SIZE)) { | |
| 4062 | WARN_ONCE(1, "Too BIG xdp->frame_sz = %d\n", xdp->frame_sz); | |
| 4063 | return -EINVAL; | |
| 4064 | } | |
| 4065 | ||
| b32cc5b9 NS |
4066 | if (unlikely(data_end < xdp->data + ETH_HLEN)) |
| 4067 | return -EINVAL; | |
| 4068 | ||
| ddb47d51 JDB |
4069 | /* Clear memory area on grow, can contain uninit kernel memory */ |
| 4070 | if (offset > 0) | |
| 4071 | memset(xdp->data_end, 0, offset); | |
| 4072 | ||
| b32cc5b9 NS |
4073 | xdp->data_end = data_end; |
| 4074 | ||
| 4075 | return 0; | |
| 4076 | } | |
| 4077 | ||
| 4078 | static const struct bpf_func_proto bpf_xdp_adjust_tail_proto = { | |
| 4079 | .func = bpf_xdp_adjust_tail, | |
| 4080 | .gpl_only = false, | |
| 4081 | .ret_type = RET_INTEGER, | |
| 4082 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4083 | .arg2_type = ARG_ANYTHING, | |
| 4084 | }; | |
| 4085 | ||
| de8f3a83 DB |
4086 | BPF_CALL_2(bpf_xdp_adjust_meta, struct xdp_buff *, xdp, int, offset) |
| 4087 | { | |
| 97e19cce | 4088 | void *xdp_frame_end = xdp->data_hard_start + sizeof(struct xdp_frame); |
| de8f3a83 DB |
4089 | void *meta = xdp->data_meta + offset; |
| 4090 | unsigned long metalen = xdp->data - meta; | |
| 4091 | ||
| 4092 | if (xdp_data_meta_unsupported(xdp)) | |
| 4093 | return -ENOTSUPP; | |
| 97e19cce | 4094 | if (unlikely(meta < xdp_frame_end || |
| de8f3a83 DB |
4095 | meta > xdp->data)) |
| 4096 | return -EINVAL; | |
| 7445cf31 | 4097 | if (unlikely(xdp_metalen_invalid(metalen))) |
| de8f3a83 DB |
4098 | return -EACCES; |
| 4099 | ||
| 4100 | xdp->data_meta = meta; | |
| 4101 | ||
| 4102 | return 0; | |
| 4103 | } | |
| 4104 | ||
| 4105 | static const struct bpf_func_proto bpf_xdp_adjust_meta_proto = { | |
| 4106 | .func = bpf_xdp_adjust_meta, | |
| 4107 | .gpl_only = false, | |
| 4108 | .ret_type = RET_INTEGER, | |
| 4109 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4110 | .arg2_type = ARG_ANYTHING, | |
| 4111 | }; | |
| 4112 | ||
| d1e91173 MT |
4113 | /** |
| 4114 | * DOC: xdp redirect | |
| 4115 | * | |
| 4116 | * XDP_REDIRECT works by a three-step process, implemented in the functions | |
| 782347b6 THJ |
4117 | * below: |
| 4118 | * | |
| 4119 | * 1. The bpf_redirect() and bpf_redirect_map() helpers will lookup the target | |
| 4120 | * of the redirect and store it (along with some other metadata) in a per-CPU | |
| 4121 | * struct bpf_redirect_info. | |
| 4122 | * | |
| 4123 | * 2. When the program returns the XDP_REDIRECT return code, the driver will | |
| 4124 | * call xdp_do_redirect() which will use the information in struct | |
| 4125 | * bpf_redirect_info to actually enqueue the frame into a map type-specific | |
| 4126 | * bulk queue structure. | |
| 4127 | * | |
| 4128 | * 3. Before exiting its NAPI poll loop, the driver will call xdp_do_flush(), | |
| 4129 | * which will flush all the different bulk queues, thus completing the | |
| 4130 | * redirect. | |
| d1e91173 MT |
4131 | */ |
| 4132 | /* | |
| 782347b6 THJ |
4133 | * Pointers to the map entries will be kept around for this whole sequence of |
| 4134 | * steps, protected by RCU. However, there is no top-level rcu_read_lock() in | |
| 4135 | * the core code; instead, the RCU protection relies on everything happening | |
| 4136 | * inside a single NAPI poll sequence, which means it's between a pair of calls | |
| 4137 | * to local_bh_disable()/local_bh_enable(). | |
| 4138 | * | |
| 4139 | * The map entries are marked as __rcu and the map code makes sure to | |
| 4140 | * dereference those pointers with rcu_dereference_check() in a way that works | |
| 4141 | * for both sections that to hold an rcu_read_lock() and sections that are | |
| 4142 | * called from NAPI without a separate rcu_read_lock(). The code below does not | |
| 4143 | * use RCU annotations, but relies on those in the map code. | |
| 4144 | */ | |
| 1d233886 | 4145 | void xdp_do_flush(void) |
| 11393cc9 | 4146 | { |
| 1d233886 | 4147 | __dev_flush(); |
| 332f22a6 BT |
4148 | __cpu_map_flush(); |
| 4149 | __xsk_map_flush(); | |
| 11393cc9 | 4150 | } |
| 1d233886 | 4151 | EXPORT_SYMBOL_GPL(xdp_do_flush); |
| 11393cc9 | 4152 | |
| e624d4ed HL |
4153 | void bpf_clear_redirect_map(struct bpf_map *map) |
| 4154 | { | |
| 4155 | struct bpf_redirect_info *ri; | |
| 4156 | int cpu; | |
| 4157 | ||
| 4158 | for_each_possible_cpu(cpu) { | |
| 4159 | ri = per_cpu_ptr(&bpf_redirect_info, cpu); | |
| 4160 | /* Avoid polluting remote cacheline due to writes if | |
| 4161 | * not needed. Once we pass this test, we need the | |
| 4162 | * cmpxchg() to make sure it hasn't been changed in | |
| 4163 | * the meantime by remote CPU. | |
| 4164 | */ | |
| 4165 | if (unlikely(READ_ONCE(ri->map) == map)) | |
| 4166 | cmpxchg(&ri->map, map, NULL); | |
| 4167 | } | |
| 4168 | } | |
| 4169 | ||
| 879af96f JM |
4170 | DEFINE_STATIC_KEY_FALSE(bpf_master_redirect_enabled_key); |
| 4171 | EXPORT_SYMBOL_GPL(bpf_master_redirect_enabled_key); | |
| 4172 | ||
| 4173 | u32 xdp_master_redirect(struct xdp_buff *xdp) | |
| 4174 | { | |
| 4175 | struct net_device *master, *slave; | |
| 4176 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); | |
| 4177 | ||
| 4178 | master = netdev_master_upper_dev_get_rcu(xdp->rxq->dev); | |
| 4179 | slave = master->netdev_ops->ndo_xdp_get_xmit_slave(master, xdp); | |
| 4180 | if (slave && slave != xdp->rxq->dev) { | |
| 4181 | /* The target device is different from the receiving device, so | |
| 4182 | * redirect it to the new device. | |
| 4183 | * Using XDP_REDIRECT gets the correct behaviour from XDP enabled | |
| 4184 | * drivers to unmap the packet from their rx ring. | |
| 4185 | */ | |
| 4186 | ri->tgt_index = slave->ifindex; | |
| 4187 | ri->map_id = INT_MAX; | |
| 4188 | ri->map_type = BPF_MAP_TYPE_UNSPEC; | |
| 4189 | return XDP_REDIRECT; | |
| 4190 | } | |
| 4191 | return XDP_TX; | |
| 4192 | } | |
| 4193 | EXPORT_SYMBOL_GPL(xdp_master_redirect); | |
| 4194 | ||
| 1372d34c THJ |
4195 | static inline int __xdp_do_redirect_xsk(struct bpf_redirect_info *ri, |
| 4196 | struct net_device *dev, | |
| 4197 | struct xdp_buff *xdp, | |
| 4198 | struct bpf_prog *xdp_prog) | |
| 97f91a7c | 4199 | { |
| ee75aef2 | 4200 | enum bpf_map_type map_type = ri->map_type; |
| 43e74c02 | 4201 | void *fwd = ri->tgt_value; |
| ee75aef2 | 4202 | u32 map_id = ri->map_id; |
| 4c03bdd7 | 4203 | int err; |
| 97f91a7c | 4204 | |
| ee75aef2 BT |
4205 | ri->map_id = 0; /* Valid map id idr range: [1,INT_MAX[ */ |
| 4206 | ri->map_type = BPF_MAP_TYPE_UNSPEC; | |
| 97f91a7c | 4207 | |
| 1372d34c THJ |
4208 | err = __xsk_map_redirect(fwd, xdp); |
| 4209 | if (unlikely(err)) | |
| 4210 | goto err; | |
| 4211 | ||
| 4212 | _trace_xdp_redirect_map(dev, xdp_prog, fwd, map_type, map_id, ri->tgt_index); | |
| 4213 | return 0; | |
| 4214 | err: | |
| 4215 | _trace_xdp_redirect_map_err(dev, xdp_prog, fwd, map_type, map_id, ri->tgt_index, err); | |
| 4216 | return err; | |
| 4217 | } | |
| 4218 | ||
| 4219 | static __always_inline int __xdp_do_redirect_frame(struct bpf_redirect_info *ri, | |
| 4220 | struct net_device *dev, | |
| 4221 | struct xdp_frame *xdpf, | |
| 4222 | struct bpf_prog *xdp_prog) | |
| 4223 | { | |
| 4224 | enum bpf_map_type map_type = ri->map_type; | |
| 4225 | void *fwd = ri->tgt_value; | |
| 4226 | u32 map_id = ri->map_id; | |
| 4227 | struct bpf_map *map; | |
| 4228 | int err; | |
| 4229 | ||
| 4230 | ri->map_id = 0; /* Valid map id idr range: [1,INT_MAX[ */ | |
| 4231 | ri->map_type = BPF_MAP_TYPE_UNSPEC; | |
| d53ad5d8 | 4232 | |
| d53ad5d8 THJ |
4233 | if (unlikely(!xdpf)) { |
| 4234 | err = -EOVERFLOW; | |
| 4235 | goto err; | |
| 4236 | } | |
| 4237 | ||
| ee75aef2 BT |
4238 | switch (map_type) { |
| 4239 | case BPF_MAP_TYPE_DEVMAP: | |
| 4240 | fallthrough; | |
| 4241 | case BPF_MAP_TYPE_DEVMAP_HASH: | |
| e624d4ed HL |
4242 | map = READ_ONCE(ri->map); |
| 4243 | if (unlikely(map)) { | |
| 4244 | WRITE_ONCE(ri->map, NULL); | |
| d53ad5d8 | 4245 | err = dev_map_enqueue_multi(xdpf, dev, map, |
| e624d4ed HL |
4246 | ri->flags & BPF_F_EXCLUDE_INGRESS); |
| 4247 | } else { | |
| d53ad5d8 | 4248 | err = dev_map_enqueue(fwd, xdpf, dev); |
| e624d4ed | 4249 | } |
| ee75aef2 BT |
4250 | break; |
| 4251 | case BPF_MAP_TYPE_CPUMAP: | |
| d53ad5d8 | 4252 | err = cpu_map_enqueue(fwd, xdpf, dev); |
| ee75aef2 BT |
4253 | break; |
| 4254 | case BPF_MAP_TYPE_UNSPEC: | |
| 4255 | if (map_id == INT_MAX) { | |
| 4256 | fwd = dev_get_by_index_rcu(dev_net(dev), ri->tgt_index); | |
| 4257 | if (unlikely(!fwd)) { | |
| 4258 | err = -EINVAL; | |
| 4259 | break; | |
| 4260 | } | |
| d53ad5d8 | 4261 | err = dev_xdp_enqueue(fwd, xdpf, dev); |
| ee75aef2 | 4262 | break; |
| 1d233886 | 4263 | } |
| ee75aef2 BT |
4264 | fallthrough; |
| 4265 | default: | |
| 4266 | err = -EBADRQC; | |
| 1d233886 THJ |
4267 | } |
| 4268 | ||
| f5836ca5 JDB |
4269 | if (unlikely(err)) |
| 4270 | goto err; | |
| 4271 | ||
| ee75aef2 | 4272 | _trace_xdp_redirect_map(dev, xdp_prog, fwd, map_type, map_id, ri->tgt_index); |
| f5836ca5 JDB |
4273 | return 0; |
| 4274 | err: | |
| ee75aef2 | 4275 | _trace_xdp_redirect_map_err(dev, xdp_prog, fwd, map_type, map_id, ri->tgt_index, err); |
| 97f91a7c JF |
4276 | return err; |
| 4277 | } | |
| 1372d34c THJ |
4278 | |
| 4279 | int xdp_do_redirect(struct net_device *dev, struct xdp_buff *xdp, | |
| 4280 | struct bpf_prog *xdp_prog) | |
| 4281 | { | |
| 4282 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); | |
| 4283 | enum bpf_map_type map_type = ri->map_type; | |
| 4284 | ||
| ab0db463 LB |
4285 | /* XDP_REDIRECT is not fully supported yet for xdp frags since |
| 4286 | * not all XDP capable drivers can map non-linear xdp_frame in | |
| 4287 | * ndo_xdp_xmit. | |
| 4288 | */ | |
| 4289 | if (unlikely(xdp_buff_has_frags(xdp) && | |
| 4290 | map_type != BPF_MAP_TYPE_CPUMAP)) | |
| 4291 | return -EOPNOTSUPP; | |
| 4292 | ||
| 1372d34c THJ |
4293 | if (map_type == BPF_MAP_TYPE_XSKMAP) |
| 4294 | return __xdp_do_redirect_xsk(ri, dev, xdp, xdp_prog); | |
| 4295 | ||
| 4296 | return __xdp_do_redirect_frame(ri, dev, xdp_convert_buff_to_frame(xdp), | |
| 4297 | xdp_prog); | |
| 4298 | } | |
| 814abfab JF |
4299 | EXPORT_SYMBOL_GPL(xdp_do_redirect); |
| 4300 | ||
| 1372d34c THJ |
4301 | int xdp_do_redirect_frame(struct net_device *dev, struct xdp_buff *xdp, |
| 4302 | struct xdp_frame *xdpf, struct bpf_prog *xdp_prog) | |
| 4303 | { | |
| 4304 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); | |
| 4305 | enum bpf_map_type map_type = ri->map_type; | |
| 4306 | ||
| 4307 | if (map_type == BPF_MAP_TYPE_XSKMAP) | |
| 4308 | return __xdp_do_redirect_xsk(ri, dev, xdp, xdp_prog); | |
| 4309 | ||
| 4310 | return __xdp_do_redirect_frame(ri, dev, xdpf, xdp_prog); | |
| 4311 | } | |
| 4312 | EXPORT_SYMBOL_GPL(xdp_do_redirect_frame); | |
| 4313 | ||
| c060bc61 XS |
4314 | static int xdp_do_generic_redirect_map(struct net_device *dev, |
| 4315 | struct sk_buff *skb, | |
| 02671e23 | 4316 | struct xdp_buff *xdp, |
| f6069b9a | 4317 | struct bpf_prog *xdp_prog, |
| ee75aef2 BT |
4318 | void *fwd, |
| 4319 | enum bpf_map_type map_type, u32 map_id) | |
| 6103aa96 | 4320 | { |
| 0b19cc0a | 4321 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); |
| e624d4ed | 4322 | struct bpf_map *map; |
| ee75aef2 | 4323 | int err; |
| 6d5fc195 | 4324 | |
| ee75aef2 BT |
4325 | switch (map_type) { |
| 4326 | case BPF_MAP_TYPE_DEVMAP: | |
| 4327 | fallthrough; | |
| 4328 | case BPF_MAP_TYPE_DEVMAP_HASH: | |
| e624d4ed HL |
4329 | map = READ_ONCE(ri->map); |
| 4330 | if (unlikely(map)) { | |
| 4331 | WRITE_ONCE(ri->map, NULL); | |
| 4332 | err = dev_map_redirect_multi(dev, skb, xdp_prog, map, | |
| 4333 | ri->flags & BPF_F_EXCLUDE_INGRESS); | |
| 4334 | } else { | |
| 4335 | err = dev_map_generic_redirect(fwd, skb, xdp_prog); | |
| 4336 | } | |
| 6d5fc195 | 4337 | if (unlikely(err)) |
| 9c270af3 | 4338 | goto err; |
| ee75aef2 BT |
4339 | break; |
| 4340 | case BPF_MAP_TYPE_XSKMAP: | |
| 4341 | err = xsk_generic_rcv(fwd, xdp); | |
| 02671e23 BT |
4342 | if (err) |
| 4343 | goto err; | |
| 4344 | consume_skb(skb); | |
| ee75aef2 | 4345 | break; |
| 11941f8a KKD |
4346 | case BPF_MAP_TYPE_CPUMAP: |
| 4347 | err = cpu_map_generic_redirect(fwd, skb); | |
| 4348 | if (unlikely(err)) | |
| 4349 | goto err; | |
| 4350 | break; | |
| ee75aef2 | 4351 | default: |
| 9c270af3 | 4352 | err = -EBADRQC; |
| f5836ca5 | 4353 | goto err; |
| 2facaad6 | 4354 | } |
| 6103aa96 | 4355 | |
| ee75aef2 | 4356 | _trace_xdp_redirect_map(dev, xdp_prog, fwd, map_type, map_id, ri->tgt_index); |
| 9c270af3 JDB |
4357 | return 0; |
| 4358 | err: | |
| ee75aef2 | 4359 | _trace_xdp_redirect_map_err(dev, xdp_prog, fwd, map_type, map_id, ri->tgt_index, err); |
| 9c270af3 JDB |
4360 | return err; |
| 4361 | } | |
| 4362 | ||
| 4363 | int xdp_do_generic_redirect(struct net_device *dev, struct sk_buff *skb, | |
| 02671e23 | 4364 | struct xdp_buff *xdp, struct bpf_prog *xdp_prog) |
| 9c270af3 | 4365 | { |
| 0b19cc0a | 4366 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); |
| ee75aef2 BT |
4367 | enum bpf_map_type map_type = ri->map_type; |
| 4368 | void *fwd = ri->tgt_value; | |
| 4369 | u32 map_id = ri->map_id; | |
| 4370 | int err; | |
| 2facaad6 | 4371 | |
| ee75aef2 BT |
4372 | ri->map_id = 0; /* Valid map id idr range: [1,INT_MAX[ */ |
| 4373 | ri->map_type = BPF_MAP_TYPE_UNSPEC; | |
| 9c270af3 | 4374 | |
| ee75aef2 BT |
4375 | if (map_type == BPF_MAP_TYPE_UNSPEC && map_id == INT_MAX) { |
| 4376 | fwd = dev_get_by_index_rcu(dev_net(dev), ri->tgt_index); | |
| 4377 | if (unlikely(!fwd)) { | |
| 4378 | err = -EINVAL; | |
| 4379 | goto err; | |
| 4380 | } | |
| 4381 | ||
| 4382 | err = xdp_ok_fwd_dev(fwd, skb->len); | |
| 4383 | if (unlikely(err)) | |
| 4384 | goto err; | |
| 4385 | ||
| 4386 | skb->dev = fwd; | |
| 4387 | _trace_xdp_redirect(dev, xdp_prog, ri->tgt_index); | |
| 4388 | generic_xdp_tx(skb, xdp_prog); | |
| 4389 | return 0; | |
| 4390 | } | |
| 4391 | ||
| 4392 | return xdp_do_generic_redirect_map(dev, skb, xdp, xdp_prog, fwd, map_type, map_id); | |
| f5836ca5 | 4393 | err: |
| ee75aef2 | 4394 | _trace_xdp_redirect_err(dev, xdp_prog, ri->tgt_index, err); |
| 2facaad6 | 4395 | return err; |
| 6103aa96 | 4396 | } |
| 6103aa96 | 4397 | |
| 814abfab JF |
4398 | BPF_CALL_2(bpf_xdp_redirect, u32, ifindex, u64, flags) |
| 4399 | { | |
| 0b19cc0a | 4400 | struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info); |
| 814abfab JF |
4401 | |
| 4402 | if (unlikely(flags)) | |
| 4403 | return XDP_ABORTED; | |
| 4404 | ||
| ee75aef2 BT |
4405 | /* NB! Map type UNSPEC and map_id == INT_MAX (never generated |
| 4406 | * by map_idr) is used for ifindex based XDP redirect. | |
| 4407 | */ | |
| 4b55cf29 | 4408 | ri->tgt_index = ifindex; |
| ee75aef2 BT |
4409 | ri->map_id = INT_MAX; |
| 4410 | ri->map_type = BPF_MAP_TYPE_UNSPEC; | |
| e4a8e817 | 4411 | |
| 814abfab JF |
4412 | return XDP_REDIRECT; |
| 4413 | } | |
| 4414 | ||
| 4415 | static const struct bpf_func_proto bpf_xdp_redirect_proto = { | |
| 4416 | .func = bpf_xdp_redirect, | |
| 4417 | .gpl_only = false, | |
| 4418 | .ret_type = RET_INTEGER, | |
| 4419 | .arg1_type = ARG_ANYTHING, | |
| 4420 | .arg2_type = ARG_ANYTHING, | |
| 4421 | }; | |
| 4422 | ||
| 32637e33 | 4423 | BPF_CALL_3(bpf_xdp_redirect_map, struct bpf_map *, map, u64, key, |
| f6069b9a | 4424 | u64, flags) |
| e4a8e817 | 4425 | { |
| 32637e33 | 4426 | return map->ops->map_redirect(map, key, flags); |
| e4a8e817 DB |
4427 | } |
| 4428 | ||
| 4429 | static const struct bpf_func_proto bpf_xdp_redirect_map_proto = { | |
| 4430 | .func = bpf_xdp_redirect_map, | |
| 4431 | .gpl_only = false, | |
| 4432 | .ret_type = RET_INTEGER, | |
| 4433 | .arg1_type = ARG_CONST_MAP_PTR, | |
| 4434 | .arg2_type = ARG_ANYTHING, | |
| 4435 | .arg3_type = ARG_ANYTHING, | |
| 4436 | }; | |
| 4437 | ||
| 555c8a86 | 4438 | static unsigned long bpf_skb_copy(void *dst_buff, const void *skb, |
| aa7145c1 | 4439 | unsigned long off, unsigned long len) |
| 555c8a86 | 4440 | { |
| aa7145c1 | 4441 | void *ptr = skb_header_pointer(skb, off, len, dst_buff); |
| 555c8a86 DB |
4442 | |
| 4443 | if (unlikely(!ptr)) | |
| 4444 | return len; | |
| 4445 | if (ptr != dst_buff) | |
| 4446 | memcpy(dst_buff, ptr, len); | |
| 4447 | ||
| 4448 | return 0; | |
| 4449 | } | |
| 4450 | ||
| f3694e00 DB |
4451 | BPF_CALL_5(bpf_skb_event_output, struct sk_buff *, skb, struct bpf_map *, map, |
| 4452 | u64, flags, void *, meta, u64, meta_size) | |
| 555c8a86 | 4453 | { |
| 555c8a86 | 4454 | u64 skb_size = (flags & BPF_F_CTXLEN_MASK) >> 32; |
| 555c8a86 DB |
4455 | |
| 4456 | if (unlikely(flags & ~(BPF_F_CTXLEN_MASK | BPF_F_INDEX_MASK))) | |
| 4457 | return -EINVAL; | |
| a7658e1a | 4458 | if (unlikely(!skb || skb_size > skb->len)) |
| 555c8a86 DB |
4459 | return -EFAULT; |
| 4460 | ||
| 4461 | return bpf_event_output(map, flags, meta, meta_size, skb, skb_size, | |
| 4462 | bpf_skb_copy); | |
| 4463 | } | |
| 4464 | ||
| 4465 | static const struct bpf_func_proto bpf_skb_event_output_proto = { | |
| 4466 | .func = bpf_skb_event_output, | |
| 4467 | .gpl_only = true, | |
| 4468 | .ret_type = RET_INTEGER, | |
| 4469 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4470 | .arg2_type = ARG_CONST_MAP_PTR, | |
| 4471 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 4472 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 1728a4f2 | 4473 | .arg5_type = ARG_CONST_SIZE_OR_ZERO, |
| 555c8a86 DB |
4474 | }; |
| 4475 | ||
| 9436ef6e | 4476 | BTF_ID_LIST_SINGLE(bpf_skb_output_btf_ids, struct, sk_buff) |
| c9a0f3b8 | 4477 | |
| a7658e1a AS |
4478 | const struct bpf_func_proto bpf_skb_output_proto = { |
| 4479 | .func = bpf_skb_event_output, | |
| 4480 | .gpl_only = true, | |
| 4481 | .ret_type = RET_INTEGER, | |
| 4482 | .arg1_type = ARG_PTR_TO_BTF_ID, | |
| 9436ef6e | 4483 | .arg1_btf_id = &bpf_skb_output_btf_ids[0], |
| a7658e1a AS |
4484 | .arg2_type = ARG_CONST_MAP_PTR, |
| 4485 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 4486 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| a7658e1a | 4487 | .arg5_type = ARG_CONST_SIZE_OR_ZERO, |
| a7658e1a AS |
4488 | }; |
| 4489 | ||
| c6c33454 DB |
4490 | static unsigned short bpf_tunnel_key_af(u64 flags) |
| 4491 | { | |
| 4492 | return flags & BPF_F_TUNINFO_IPV6 ? AF_INET6 : AF_INET; | |
| 4493 | } | |
| 4494 | ||
| f3694e00 DB |
4495 | BPF_CALL_4(bpf_skb_get_tunnel_key, struct sk_buff *, skb, struct bpf_tunnel_key *, to, |
| 4496 | u32, size, u64, flags) | |
| d3aa45ce | 4497 | { |
| c6c33454 DB |
4498 | const struct ip_tunnel_info *info = skb_tunnel_info(skb); |
| 4499 | u8 compat[sizeof(struct bpf_tunnel_key)]; | |
| 074f528e DB |
4500 | void *to_orig = to; |
| 4501 | int err; | |
| d3aa45ce | 4502 | |
| 44c51472 SL |
4503 | if (unlikely(!info || (flags & ~(BPF_F_TUNINFO_IPV6 | |
| 4504 | BPF_F_TUNINFO_FLAGS)))) { | |
| 074f528e DB |
4505 | err = -EINVAL; |
| 4506 | goto err_clear; | |
| 4507 | } | |
| 4508 | if (ip_tunnel_info_af(info) != bpf_tunnel_key_af(flags)) { | |
| 4509 | err = -EPROTO; | |
| 4510 | goto err_clear; | |
| 4511 | } | |
| c6c33454 | 4512 | if (unlikely(size != sizeof(struct bpf_tunnel_key))) { |
| 074f528e | 4513 | err = -EINVAL; |
| c6c33454 | 4514 | switch (size) { |
| 26101f5a | 4515 | case offsetof(struct bpf_tunnel_key, local_ipv6[0]): |
| 4018ab18 | 4516 | case offsetof(struct bpf_tunnel_key, tunnel_label): |
| c0e760c9 | 4517 | case offsetof(struct bpf_tunnel_key, tunnel_ext): |
| 4018ab18 | 4518 | goto set_compat; |
| c6c33454 DB |
4519 | case offsetof(struct bpf_tunnel_key, remote_ipv6[1]): |
| 4520 | /* Fixup deprecated structure layouts here, so we have | |
| 4521 | * a common path later on. | |
| 4522 | */ | |
| 4523 | if (ip_tunnel_info_af(info) != AF_INET) | |
| 074f528e | 4524 | goto err_clear; |
| 4018ab18 | 4525 | set_compat: |
| c6c33454 DB |
4526 | to = (struct bpf_tunnel_key *)compat; |
| 4527 | break; | |
| 4528 | default: | |
| 074f528e | 4529 | goto err_clear; |
| c6c33454 DB |
4530 | } |
| 4531 | } | |
| d3aa45ce AS |
4532 | |
| 4533 | to->tunnel_id = be64_to_cpu(info->key.tun_id); | |
| c6c33454 DB |
4534 | to->tunnel_tos = info->key.tos; |
| 4535 | to->tunnel_ttl = info->key.ttl; | |
| 44c51472 SL |
4536 | if (flags & BPF_F_TUNINFO_FLAGS) |
| 4537 | to->tunnel_flags = info->key.tun_flags; | |
| 4538 | else | |
| 4539 | to->tunnel_ext = 0; | |
| c6c33454 | 4540 | |
| 4018ab18 | 4541 | if (flags & BPF_F_TUNINFO_IPV6) { |
| c6c33454 DB |
4542 | memcpy(to->remote_ipv6, &info->key.u.ipv6.src, |
| 4543 | sizeof(to->remote_ipv6)); | |
| 26101f5a KF |
4544 | memcpy(to->local_ipv6, &info->key.u.ipv6.dst, |
| 4545 | sizeof(to->local_ipv6)); | |
| 4018ab18 DB |
4546 | to->tunnel_label = be32_to_cpu(info->key.label); |
| 4547 | } else { | |
| c6c33454 | 4548 | to->remote_ipv4 = be32_to_cpu(info->key.u.ipv4.src); |
| 1fbc2e0c | 4549 | memset(&to->remote_ipv6[1], 0, sizeof(__u32) * 3); |
| 26101f5a KF |
4550 | to->local_ipv4 = be32_to_cpu(info->key.u.ipv4.dst); |
| 4551 | memset(&to->local_ipv6[1], 0, sizeof(__u32) * 3); | |
| 1fbc2e0c | 4552 | to->tunnel_label = 0; |
| 4018ab18 | 4553 | } |
| c6c33454 DB |
4554 | |
| 4555 | if (unlikely(size != sizeof(struct bpf_tunnel_key))) | |
| 074f528e | 4556 | memcpy(to_orig, to, size); |
| d3aa45ce AS |
4557 | |
| 4558 | return 0; | |
| 074f528e DB |
4559 | err_clear: |
| 4560 | memset(to_orig, 0, size); | |
| 4561 | return err; | |
| d3aa45ce AS |
4562 | } |
| 4563 | ||
| 577c50aa | 4564 | static const struct bpf_func_proto bpf_skb_get_tunnel_key_proto = { |
| d3aa45ce AS |
4565 | .func = bpf_skb_get_tunnel_key, |
| 4566 | .gpl_only = false, | |
| 4567 | .ret_type = RET_INTEGER, | |
| 4568 | .arg1_type = ARG_PTR_TO_CTX, | |
| 39f19ebb AS |
4569 | .arg2_type = ARG_PTR_TO_UNINIT_MEM, |
| 4570 | .arg3_type = ARG_CONST_SIZE, | |
| d3aa45ce AS |
4571 | .arg4_type = ARG_ANYTHING, |
| 4572 | }; | |
| 4573 | ||
| f3694e00 | 4574 | BPF_CALL_3(bpf_skb_get_tunnel_opt, struct sk_buff *, skb, u8 *, to, u32, size) |
| 14ca0751 | 4575 | { |
| 14ca0751 | 4576 | const struct ip_tunnel_info *info = skb_tunnel_info(skb); |
| 074f528e | 4577 | int err; |
| 14ca0751 DB |
4578 | |
| 4579 | if (unlikely(!info || | |
| 074f528e DB |
4580 | !(info->key.tun_flags & TUNNEL_OPTIONS_PRESENT))) { |
| 4581 | err = -ENOENT; | |
| 4582 | goto err_clear; | |
| 4583 | } | |
| 4584 | if (unlikely(size < info->options_len)) { | |
| 4585 | err = -ENOMEM; | |
| 4586 | goto err_clear; | |
| 4587 | } | |
| 14ca0751 DB |
4588 | |
| 4589 | ip_tunnel_info_opts_get(to, info); | |
| 074f528e DB |
4590 | if (size > info->options_len) |
| 4591 | memset(to + info->options_len, 0, size - info->options_len); | |
| 14ca0751 DB |
4592 | |
| 4593 | return info->options_len; | |
| 074f528e DB |
4594 | err_clear: |
| 4595 | memset(to, 0, size); | |
| 4596 | return err; | |
| 14ca0751 DB |
4597 | } |
| 4598 | ||
| 4599 | static const struct bpf_func_proto bpf_skb_get_tunnel_opt_proto = { | |
| 4600 | .func = bpf_skb_get_tunnel_opt, | |
| 4601 | .gpl_only = false, | |
| 4602 | .ret_type = RET_INTEGER, | |
| 4603 | .arg1_type = ARG_PTR_TO_CTX, | |
| 39f19ebb AS |
4604 | .arg2_type = ARG_PTR_TO_UNINIT_MEM, |
| 4605 | .arg3_type = ARG_CONST_SIZE, | |
| 14ca0751 DB |
4606 | }; |
| 4607 | ||
| d3aa45ce AS |
4608 | static struct metadata_dst __percpu *md_dst; |
| 4609 | ||
| f3694e00 DB |
4610 | BPF_CALL_4(bpf_skb_set_tunnel_key, struct sk_buff *, skb, |
| 4611 | const struct bpf_tunnel_key *, from, u32, size, u64, flags) | |
| d3aa45ce | 4612 | { |
| d3aa45ce | 4613 | struct metadata_dst *md = this_cpu_ptr(md_dst); |
| c6c33454 | 4614 | u8 compat[sizeof(struct bpf_tunnel_key)]; |
| d3aa45ce AS |
4615 | struct ip_tunnel_info *info; |
| 4616 | ||
| 22080870 | 4617 | if (unlikely(flags & ~(BPF_F_TUNINFO_IPV6 | BPF_F_ZERO_CSUM_TX | |
| 77a5196a | 4618 | BPF_F_DONT_FRAGMENT | BPF_F_SEQ_NUMBER))) |
| d3aa45ce | 4619 | return -EINVAL; |
| c6c33454 DB |
4620 | if (unlikely(size != sizeof(struct bpf_tunnel_key))) { |
| 4621 | switch (size) { | |
| 26101f5a | 4622 | case offsetof(struct bpf_tunnel_key, local_ipv6[0]): |
| 4018ab18 | 4623 | case offsetof(struct bpf_tunnel_key, tunnel_label): |
| c0e760c9 | 4624 | case offsetof(struct bpf_tunnel_key, tunnel_ext): |
| c6c33454 DB |
4625 | case offsetof(struct bpf_tunnel_key, remote_ipv6[1]): |
| 4626 | /* Fixup deprecated structure layouts here, so we have | |
| 4627 | * a common path later on. | |
| 4628 | */ | |
| 4629 | memcpy(compat, from, size); | |
| 4630 | memset(compat + size, 0, sizeof(compat) - size); | |
| f3694e00 | 4631 | from = (const struct bpf_tunnel_key *) compat; |
| c6c33454 DB |
4632 | break; |
| 4633 | default: | |
| 4634 | return -EINVAL; | |
| 4635 | } | |
| 4636 | } | |
| c0e760c9 DB |
4637 | if (unlikely((!(flags & BPF_F_TUNINFO_IPV6) && from->tunnel_label) || |
| 4638 | from->tunnel_ext)) | |
| 4018ab18 | 4639 | return -EINVAL; |
| d3aa45ce AS |
4640 | |
| 4641 | skb_dst_drop(skb); | |
| 4642 | dst_hold((struct dst_entry *) md); | |
| 4643 | skb_dst_set(skb, (struct dst_entry *) md); | |
| 4644 | ||
| 4645 | info = &md->u.tun_info; | |
| 5540fbf4 | 4646 | memset(info, 0, sizeof(*info)); |
| d3aa45ce | 4647 | info->mode = IP_TUNNEL_INFO_TX; |
| c6c33454 | 4648 | |
| db3c6139 | 4649 | info->key.tun_flags = TUNNEL_KEY | TUNNEL_CSUM | TUNNEL_NOCACHE; |
| 22080870 DB |
4650 | if (flags & BPF_F_DONT_FRAGMENT) |
| 4651 | info->key.tun_flags |= TUNNEL_DONT_FRAGMENT; | |
| 792f3dd6 WT |
4652 | if (flags & BPF_F_ZERO_CSUM_TX) |
| 4653 | info->key.tun_flags &= ~TUNNEL_CSUM; | |
| 77a5196a WT |
4654 | if (flags & BPF_F_SEQ_NUMBER) |
| 4655 | info->key.tun_flags |= TUNNEL_SEQ; | |
| 22080870 | 4656 | |
| d3aa45ce | 4657 | info->key.tun_id = cpu_to_be64(from->tunnel_id); |
| c6c33454 DB |
4658 | info->key.tos = from->tunnel_tos; |
| 4659 | info->key.ttl = from->tunnel_ttl; | |
| 4660 | ||
| 4661 | if (flags & BPF_F_TUNINFO_IPV6) { | |
| 4662 | info->mode |= IP_TUNNEL_INFO_IPV6; | |
| 4663 | memcpy(&info->key.u.ipv6.dst, from->remote_ipv6, | |
| 4664 | sizeof(from->remote_ipv6)); | |
| 26101f5a KF |
4665 | memcpy(&info->key.u.ipv6.src, from->local_ipv6, |
| 4666 | sizeof(from->local_ipv6)); | |
| 4018ab18 DB |
4667 | info->key.label = cpu_to_be32(from->tunnel_label) & |
| 4668 | IPV6_FLOWLABEL_MASK; | |
| c6c33454 DB |
4669 | } else { |
| 4670 | info->key.u.ipv4.dst = cpu_to_be32(from->remote_ipv4); | |
| 26101f5a | 4671 | info->key.u.ipv4.src = cpu_to_be32(from->local_ipv4); |
| b8fff748 | 4672 | info->key.flow_flags = FLOWI_FLAG_ANYSRC; |
| c6c33454 | 4673 | } |
| d3aa45ce AS |
4674 | |
| 4675 | return 0; | |
| 4676 | } | |
| 4677 | ||
| 577c50aa | 4678 | static const struct bpf_func_proto bpf_skb_set_tunnel_key_proto = { |
| d3aa45ce AS |
4679 | .func = bpf_skb_set_tunnel_key, |
| 4680 | .gpl_only = false, | |
| 4681 | .ret_type = RET_INTEGER, | |
| 4682 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 4683 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 39f19ebb | 4684 | .arg3_type = ARG_CONST_SIZE, |
| d3aa45ce AS |
4685 | .arg4_type = ARG_ANYTHING, |
| 4686 | }; | |
| 4687 | ||
| f3694e00 DB |
4688 | BPF_CALL_3(bpf_skb_set_tunnel_opt, struct sk_buff *, skb, |
| 4689 | const u8 *, from, u32, size) | |
| 14ca0751 | 4690 | { |
| 14ca0751 DB |
4691 | struct ip_tunnel_info *info = skb_tunnel_info(skb); |
| 4692 | const struct metadata_dst *md = this_cpu_ptr(md_dst); | |
| 4693 | ||
| 4694 | if (unlikely(info != &md->u.tun_info || (size & (sizeof(u32) - 1)))) | |
| 4695 | return -EINVAL; | |
| fca5fdf6 | 4696 | if (unlikely(size > IP_TUNNEL_OPTS_MAX)) |
| 14ca0751 DB |
4697 | return -ENOMEM; |
| 4698 | ||
| 256c87c1 | 4699 | ip_tunnel_info_opts_set(info, from, size, TUNNEL_OPTIONS_PRESENT); |
| 14ca0751 DB |
4700 | |
| 4701 | return 0; | |
| 4702 | } | |
| 4703 | ||
| 4704 | static const struct bpf_func_proto bpf_skb_set_tunnel_opt_proto = { | |
| 4705 | .func = bpf_skb_set_tunnel_opt, | |
| 4706 | .gpl_only = false, | |
| 4707 | .ret_type = RET_INTEGER, | |
| 4708 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 4709 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 39f19ebb | 4710 | .arg3_type = ARG_CONST_SIZE, |
| 14ca0751 DB |
4711 | }; |
| 4712 | ||
| 4713 | static const struct bpf_func_proto * | |
| 4714 | bpf_get_skb_set_tunnel_proto(enum bpf_func_id which) | |
| d3aa45ce AS |
4715 | { |
| 4716 | if (!md_dst) { | |
| d66f2b91 JK |
4717 | struct metadata_dst __percpu *tmp; |
| 4718 | ||
| 4719 | tmp = metadata_dst_alloc_percpu(IP_TUNNEL_OPTS_MAX, | |
| 4720 | METADATA_IP_TUNNEL, | |
| 4721 | GFP_KERNEL); | |
| 4722 | if (!tmp) | |
| d3aa45ce | 4723 | return NULL; |
| d66f2b91 JK |
4724 | if (cmpxchg(&md_dst, NULL, tmp)) |
| 4725 | metadata_dst_free_percpu(tmp); | |
| d3aa45ce | 4726 | } |
| 14ca0751 DB |
4727 | |
| 4728 | switch (which) { | |
| 4729 | case BPF_FUNC_skb_set_tunnel_key: | |
| 4730 | return &bpf_skb_set_tunnel_key_proto; | |
| 4731 | case BPF_FUNC_skb_set_tunnel_opt: | |
| 4732 | return &bpf_skb_set_tunnel_opt_proto; | |
| 4733 | default: | |
| 4734 | return NULL; | |
| 4735 | } | |
| d3aa45ce AS |
4736 | } |
| 4737 | ||
| f3694e00 DB |
4738 | BPF_CALL_3(bpf_skb_under_cgroup, struct sk_buff *, skb, struct bpf_map *, map, |
| 4739 | u32, idx) | |
| 4a482f34 | 4740 | { |
| 4a482f34 MKL |
4741 | struct bpf_array *array = container_of(map, struct bpf_array, map); |
| 4742 | struct cgroup *cgrp; | |
| 4743 | struct sock *sk; | |
| 4a482f34 | 4744 | |
| 2d48c5f9 | 4745 | sk = skb_to_full_sk(skb); |
| 4a482f34 MKL |
4746 | if (!sk || !sk_fullsock(sk)) |
| 4747 | return -ENOENT; | |
| f3694e00 | 4748 | if (unlikely(idx >= array->map.max_entries)) |
| 4a482f34 MKL |
4749 | return -E2BIG; |
| 4750 | ||
| f3694e00 | 4751 | cgrp = READ_ONCE(array->ptrs[idx]); |
| 4a482f34 MKL |
4752 | if (unlikely(!cgrp)) |
| 4753 | return -EAGAIN; | |
| 4754 | ||
| 54fd9c2d | 4755 | return sk_under_cgroup_hierarchy(sk, cgrp); |
| 4a482f34 MKL |
4756 | } |
| 4757 | ||
| 747ea55e DB |
4758 | static const struct bpf_func_proto bpf_skb_under_cgroup_proto = { |
| 4759 | .func = bpf_skb_under_cgroup, | |
| 4a482f34 MKL |
4760 | .gpl_only = false, |
| 4761 | .ret_type = RET_INTEGER, | |
| 4762 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4763 | .arg2_type = ARG_CONST_MAP_PTR, | |
| 4764 | .arg3_type = ARG_ANYTHING, | |
| 4765 | }; | |
| 4a482f34 | 4766 | |
| cb20b08e | 4767 | #ifdef CONFIG_SOCK_CGROUP_DATA |
| f307fa2c AI |
4768 | static inline u64 __bpf_sk_cgroup_id(struct sock *sk) |
| 4769 | { | |
| 4770 | struct cgroup *cgrp; | |
| 4771 | ||
| a5fa25ad MKL |
4772 | sk = sk_to_full_sk(sk); |
| 4773 | if (!sk || !sk_fullsock(sk)) | |
| 4774 | return 0; | |
| 4775 | ||
| f307fa2c AI |
4776 | cgrp = sock_cgroup_ptr(&sk->sk_cgrp_data); |
| 4777 | return cgroup_id(cgrp); | |
| 4778 | } | |
| 4779 | ||
| cb20b08e DB |
4780 | BPF_CALL_1(bpf_skb_cgroup_id, const struct sk_buff *, skb) |
| 4781 | { | |
| a5fa25ad | 4782 | return __bpf_sk_cgroup_id(skb->sk); |
| cb20b08e DB |
4783 | } |
| 4784 | ||
| 4785 | static const struct bpf_func_proto bpf_skb_cgroup_id_proto = { | |
| 4786 | .func = bpf_skb_cgroup_id, | |
| 4787 | .gpl_only = false, | |
| 4788 | .ret_type = RET_INTEGER, | |
| 4789 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4790 | }; | |
| 77236281 | 4791 | |
| f307fa2c AI |
4792 | static inline u64 __bpf_sk_ancestor_cgroup_id(struct sock *sk, |
| 4793 | int ancestor_level) | |
| 77236281 | 4794 | { |
| 77236281 AI |
4795 | struct cgroup *ancestor; |
| 4796 | struct cgroup *cgrp; | |
| 4797 | ||
| a5fa25ad MKL |
4798 | sk = sk_to_full_sk(sk); |
| 4799 | if (!sk || !sk_fullsock(sk)) | |
| 4800 | return 0; | |
| 4801 | ||
| 77236281 AI |
4802 | cgrp = sock_cgroup_ptr(&sk->sk_cgrp_data); |
| 4803 | ancestor = cgroup_ancestor(cgrp, ancestor_level); | |
| 4804 | if (!ancestor) | |
| 4805 | return 0; | |
| 4806 | ||
| 74321038 | 4807 | return cgroup_id(ancestor); |
| 77236281 AI |
4808 | } |
| 4809 | ||
| f307fa2c AI |
4810 | BPF_CALL_2(bpf_skb_ancestor_cgroup_id, const struct sk_buff *, skb, int, |
| 4811 | ancestor_level) | |
| 4812 | { | |
| a5fa25ad | 4813 | return __bpf_sk_ancestor_cgroup_id(skb->sk, ancestor_level); |
| f307fa2c AI |
4814 | } |
| 4815 | ||
| 77236281 AI |
4816 | static const struct bpf_func_proto bpf_skb_ancestor_cgroup_id_proto = { |
| 4817 | .func = bpf_skb_ancestor_cgroup_id, | |
| 4818 | .gpl_only = false, | |
| 4819 | .ret_type = RET_INTEGER, | |
| 4820 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4821 | .arg2_type = ARG_ANYTHING, | |
| 4822 | }; | |
| f307fa2c AI |
4823 | |
| 4824 | BPF_CALL_1(bpf_sk_cgroup_id, struct sock *, sk) | |
| 4825 | { | |
| 4826 | return __bpf_sk_cgroup_id(sk); | |
| 4827 | } | |
| 4828 | ||
| 4829 | static const struct bpf_func_proto bpf_sk_cgroup_id_proto = { | |
| 4830 | .func = bpf_sk_cgroup_id, | |
| 4831 | .gpl_only = false, | |
| 4832 | .ret_type = RET_INTEGER, | |
| a5fa25ad | 4833 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| f307fa2c AI |
4834 | }; |
| 4835 | ||
| 4836 | BPF_CALL_2(bpf_sk_ancestor_cgroup_id, struct sock *, sk, int, ancestor_level) | |
| 4837 | { | |
| 4838 | return __bpf_sk_ancestor_cgroup_id(sk, ancestor_level); | |
| 4839 | } | |
| 4840 | ||
| 4841 | static const struct bpf_func_proto bpf_sk_ancestor_cgroup_id_proto = { | |
| 4842 | .func = bpf_sk_ancestor_cgroup_id, | |
| 4843 | .gpl_only = false, | |
| 4844 | .ret_type = RET_INTEGER, | |
| a5fa25ad | 4845 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| f307fa2c AI |
4846 | .arg2_type = ARG_ANYTHING, |
| 4847 | }; | |
| cb20b08e DB |
4848 | #endif |
| 4849 | ||
| 3f364222 | 4850 | static unsigned long bpf_xdp_copy(void *dst, const void *ctx, |
| 4de16969 DB |
4851 | unsigned long off, unsigned long len) |
| 4852 | { | |
| d9917302 | 4853 | struct xdp_buff *xdp = (struct xdp_buff *)ctx; |
| d9917302 | 4854 | |
| 3f364222 | 4855 | bpf_xdp_copy_buf(xdp, off, dst, len, false); |
| 4de16969 DB |
4856 | return 0; |
| 4857 | } | |
| 4858 | ||
| f3694e00 DB |
4859 | BPF_CALL_5(bpf_xdp_event_output, struct xdp_buff *, xdp, struct bpf_map *, map, |
| 4860 | u64, flags, void *, meta, u64, meta_size) | |
| 4de16969 | 4861 | { |
| 4de16969 | 4862 | u64 xdp_size = (flags & BPF_F_CTXLEN_MASK) >> 32; |
| 4de16969 DB |
4863 | |
| 4864 | if (unlikely(flags & ~(BPF_F_CTXLEN_MASK | BPF_F_INDEX_MASK))) | |
| 4865 | return -EINVAL; | |
| d9917302 EC |
4866 | |
| 4867 | if (unlikely(!xdp || xdp_size > xdp_get_buff_len(xdp))) | |
| 4de16969 DB |
4868 | return -EFAULT; |
| 4869 | ||
| d9917302 | 4870 | return bpf_event_output(map, flags, meta, meta_size, xdp, |
| 9c471370 | 4871 | xdp_size, bpf_xdp_copy); |
| 4de16969 DB |
4872 | } |
| 4873 | ||
| 4874 | static const struct bpf_func_proto bpf_xdp_event_output_proto = { | |
| 4875 | .func = bpf_xdp_event_output, | |
| 4876 | .gpl_only = true, | |
| 4877 | .ret_type = RET_INTEGER, | |
| 4878 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4879 | .arg2_type = ARG_CONST_MAP_PTR, | |
| 4880 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 4881 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 1728a4f2 | 4882 | .arg5_type = ARG_CONST_SIZE_OR_ZERO, |
| 4de16969 DB |
4883 | }; |
| 4884 | ||
| 9436ef6e | 4885 | BTF_ID_LIST_SINGLE(bpf_xdp_output_btf_ids, struct, xdp_buff) |
| c9a0f3b8 | 4886 | |
| d831ee84 EC |
4887 | const struct bpf_func_proto bpf_xdp_output_proto = { |
| 4888 | .func = bpf_xdp_event_output, | |
| 4889 | .gpl_only = true, | |
| 4890 | .ret_type = RET_INTEGER, | |
| 4891 | .arg1_type = ARG_PTR_TO_BTF_ID, | |
| 9436ef6e | 4892 | .arg1_btf_id = &bpf_xdp_output_btf_ids[0], |
| d831ee84 EC |
4893 | .arg2_type = ARG_CONST_MAP_PTR, |
| 4894 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 4895 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| d831ee84 | 4896 | .arg5_type = ARG_CONST_SIZE_OR_ZERO, |
| d831ee84 EC |
4897 | }; |
| 4898 | ||
| 91b8270f CF |
4899 | BPF_CALL_1(bpf_get_socket_cookie, struct sk_buff *, skb) |
| 4900 | { | |
| 92acdc58 | 4901 | return skb->sk ? __sock_gen_cookie(skb->sk) : 0; |
| 91b8270f CF |
4902 | } |
| 4903 | ||
| 4904 | static const struct bpf_func_proto bpf_get_socket_cookie_proto = { | |
| 4905 | .func = bpf_get_socket_cookie, | |
| 4906 | .gpl_only = false, | |
| 4907 | .ret_type = RET_INTEGER, | |
| 4908 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4909 | }; | |
| 4910 | ||
| d692f113 AI |
4911 | BPF_CALL_1(bpf_get_socket_cookie_sock_addr, struct bpf_sock_addr_kern *, ctx) |
| 4912 | { | |
| 92acdc58 | 4913 | return __sock_gen_cookie(ctx->sk); |
| d692f113 AI |
4914 | } |
| 4915 | ||
| 4916 | static const struct bpf_func_proto bpf_get_socket_cookie_sock_addr_proto = { | |
| 4917 | .func = bpf_get_socket_cookie_sock_addr, | |
| 4918 | .gpl_only = false, | |
| 4919 | .ret_type = RET_INTEGER, | |
| 4920 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4921 | }; | |
| 4922 | ||
| 0e53d9e5 DB |
4923 | BPF_CALL_1(bpf_get_socket_cookie_sock, struct sock *, ctx) |
| 4924 | { | |
| 92acdc58 | 4925 | return __sock_gen_cookie(ctx); |
| 0e53d9e5 DB |
4926 | } |
| 4927 | ||
| 4928 | static const struct bpf_func_proto bpf_get_socket_cookie_sock_proto = { | |
| 4929 | .func = bpf_get_socket_cookie_sock, | |
| 4930 | .gpl_only = false, | |
| 4931 | .ret_type = RET_INTEGER, | |
| 4932 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4933 | }; | |
| 4934 | ||
| c5dbb89f FR |
4935 | BPF_CALL_1(bpf_get_socket_ptr_cookie, struct sock *, sk) |
| 4936 | { | |
| 4937 | return sk ? sock_gen_cookie(sk) : 0; | |
| 4938 | } | |
| 4939 | ||
| 4940 | const struct bpf_func_proto bpf_get_socket_ptr_cookie_proto = { | |
| 4941 | .func = bpf_get_socket_ptr_cookie, | |
| 4942 | .gpl_only = false, | |
| 4943 | .ret_type = RET_INTEGER, | |
| 4944 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, | |
| 4945 | }; | |
| 4946 | ||
| d692f113 AI |
4947 | BPF_CALL_1(bpf_get_socket_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx) |
| 4948 | { | |
| 92acdc58 | 4949 | return __sock_gen_cookie(ctx->sk); |
| d692f113 AI |
4950 | } |
| 4951 | ||
| 4952 | static const struct bpf_func_proto bpf_get_socket_cookie_sock_ops_proto = { | |
| 4953 | .func = bpf_get_socket_cookie_sock_ops, | |
| 4954 | .gpl_only = false, | |
| 4955 | .ret_type = RET_INTEGER, | |
| 4956 | .arg1_type = ARG_PTR_TO_CTX, | |
| 4957 | }; | |
| 4958 | ||
| f318903c DB |
4959 | static u64 __bpf_get_netns_cookie(struct sock *sk) |
| 4960 | { | |
| 3d368ab8 ED |
4961 | const struct net *net = sk ? sock_net(sk) : &init_net; |
| 4962 | ||
| 4963 | return net->net_cookie; | |
| f318903c DB |
4964 | } |
| 4965 | ||
| 4966 | BPF_CALL_1(bpf_get_netns_cookie_sock, struct sock *, ctx) | |
| 4967 | { | |
| 4968 | return __bpf_get_netns_cookie(ctx); | |
| 4969 | } | |
| 4970 | ||
| 4971 | static const struct bpf_func_proto bpf_get_netns_cookie_sock_proto = { | |
| 4972 | .func = bpf_get_netns_cookie_sock, | |
| 4973 | .gpl_only = false, | |
| 4974 | .ret_type = RET_INTEGER, | |
| 4975 | .arg1_type = ARG_PTR_TO_CTX_OR_NULL, | |
| 4976 | }; | |
| 4977 | ||
| 4978 | BPF_CALL_1(bpf_get_netns_cookie_sock_addr, struct bpf_sock_addr_kern *, ctx) | |
| 4979 | { | |
| 4980 | return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL); | |
| 4981 | } | |
| 4982 | ||
| 4983 | static const struct bpf_func_proto bpf_get_netns_cookie_sock_addr_proto = { | |
| 4984 | .func = bpf_get_netns_cookie_sock_addr, | |
| 4985 | .gpl_only = false, | |
| 4986 | .ret_type = RET_INTEGER, | |
| 4987 | .arg1_type = ARG_PTR_TO_CTX_OR_NULL, | |
| 4988 | }; | |
| 4989 | ||
| 6cf1770d XL |
4990 | BPF_CALL_1(bpf_get_netns_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx) |
| 4991 | { | |
| 4992 | return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL); | |
| 4993 | } | |
| 4994 | ||
| 4995 | static const struct bpf_func_proto bpf_get_netns_cookie_sock_ops_proto = { | |
| 4996 | .func = bpf_get_netns_cookie_sock_ops, | |
| 4997 | .gpl_only = false, | |
| 4998 | .ret_type = RET_INTEGER, | |
| 4999 | .arg1_type = ARG_PTR_TO_CTX_OR_NULL, | |
| 5000 | }; | |
| 5001 | ||
| fab60e29 XL |
5002 | BPF_CALL_1(bpf_get_netns_cookie_sk_msg, struct sk_msg *, ctx) |
| 5003 | { | |
| 5004 | return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL); | |
| 5005 | } | |
| 5006 | ||
| 5007 | static const struct bpf_func_proto bpf_get_netns_cookie_sk_msg_proto = { | |
| 5008 | .func = bpf_get_netns_cookie_sk_msg, | |
| 5009 | .gpl_only = false, | |
| 5010 | .ret_type = RET_INTEGER, | |
| 5011 | .arg1_type = ARG_PTR_TO_CTX_OR_NULL, | |
| 5012 | }; | |
| 5013 | ||
| 6acc5c29 CF |
5014 | BPF_CALL_1(bpf_get_socket_uid, struct sk_buff *, skb) |
| 5015 | { | |
| 5016 | struct sock *sk = sk_to_full_sk(skb->sk); | |
| 5017 | kuid_t kuid; | |
| 5018 | ||
| 5019 | if (!sk || !sk_fullsock(sk)) | |
| 5020 | return overflowuid; | |
| 5021 | kuid = sock_net_uid(sock_net(sk), sk); | |
| 5022 | return from_kuid_munged(sock_net(sk)->user_ns, kuid); | |
| 5023 | } | |
| 5024 | ||
| 5025 | static const struct bpf_func_proto bpf_get_socket_uid_proto = { | |
| 5026 | .func = bpf_get_socket_uid, | |
| 5027 | .gpl_only = false, | |
| 5028 | .ret_type = RET_INTEGER, | |
| 5029 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5030 | }; | |
| 5031 | ||
| 65ddc82d MKL |
5032 | static int sol_socket_sockopt(struct sock *sk, int optname, |
| 5033 | char *optval, int *optlen, | |
| 5034 | bool getopt) | |
| 29003875 MKL |
5035 | { |
| 5036 | switch (optname) { | |
| 7e41df5d | 5037 | case SO_REUSEADDR: |
| 29003875 MKL |
5038 | case SO_SNDBUF: |
| 5039 | case SO_RCVBUF: | |
| 5040 | case SO_KEEPALIVE: | |
| 5041 | case SO_PRIORITY: | |
| 5042 | case SO_REUSEPORT: | |
| 5043 | case SO_RCVLOWAT: | |
| 5044 | case SO_MARK: | |
| 5045 | case SO_MAX_PACING_RATE: | |
| 5046 | case SO_BINDTOIFINDEX: | |
| 5047 | case SO_TXREHASH: | |
| 65ddc82d | 5048 | if (*optlen != sizeof(int)) |
| 29003875 MKL |
5049 | return -EINVAL; |
| 5050 | break; | |
| 5051 | case SO_BINDTODEVICE: | |
| 5052 | break; | |
| 5053 | default: | |
| 8c4b4c7e | 5054 | return -EINVAL; |
| 29003875 | 5055 | } |
| 8c4b4c7e | 5056 | |
| 65ddc82d MKL |
5057 | if (getopt) { |
| 5058 | if (optname == SO_BINDTODEVICE) | |
| 8c4b4c7e | 5059 | return -EINVAL; |
| 65ddc82d MKL |
5060 | return sk_getsockopt(sk, SOL_SOCKET, optname, |
| 5061 | KERNEL_SOCKPTR(optval), | |
| 5062 | KERNEL_SOCKPTR(optlen)); | |
| 5063 | } | |
| 70c58997 | 5064 | |
| 29003875 | 5065 | return sk_setsockopt(sk, SOL_SOCKET, optname, |
| 65ddc82d | 5066 | KERNEL_SOCKPTR(optval), *optlen); |
| 29003875 | 5067 | } |
| 70c58997 | 5068 | |
| 57db31a1 MKL |
5069 | static int bpf_sol_tcp_setsockopt(struct sock *sk, int optname, |
| 5070 | char *optval, int optlen) | |
| 5071 | { | |
| 5072 | struct tcp_sock *tp = tcp_sk(sk); | |
| 5073 | unsigned long timeout; | |
| 5074 | int val; | |
| 70c58997 | 5075 | |
| 57db31a1 MKL |
5076 | if (optlen != sizeof(int)) |
| 5077 | return -EINVAL; | |
| 6f5c39fa | 5078 | |
| 57db31a1 | 5079 | val = *(int *)optval; |
| 6f5c39fa | 5080 | |
| 57db31a1 MKL |
5081 | /* Only some options are supported */ |
| 5082 | switch (optname) { | |
| 5083 | case TCP_BPF_IW: | |
| 5084 | if (val <= 0 || tp->data_segs_out > tp->syn_data) | |
| 5085 | return -EINVAL; | |
| 5086 | tcp_snd_cwnd_set(tp, val); | |
| 5087 | break; | |
| 5088 | case TCP_BPF_SNDCWND_CLAMP: | |
| 5089 | if (val <= 0) | |
| 5090 | return -EINVAL; | |
| 5091 | tp->snd_cwnd_clamp = val; | |
| 5092 | tp->snd_ssthresh = val; | |
| 5093 | break; | |
| 5094 | case TCP_BPF_DELACK_MAX: | |
| 5095 | timeout = usecs_to_jiffies(val); | |
| 5096 | if (timeout > TCP_DELACK_MAX || | |
| 5097 | timeout < TCP_TIMEOUT_MIN) | |
| 5098 | return -EINVAL; | |
| 5099 | inet_csk(sk)->icsk_delack_max = timeout; | |
| 5100 | break; | |
| 5101 | case TCP_BPF_RTO_MIN: | |
| 5102 | timeout = usecs_to_jiffies(val); | |
| 5103 | if (timeout > TCP_RTO_MIN || | |
| 5104 | timeout < TCP_TIMEOUT_MIN) | |
| 6f9bd3d7 | 5105 | return -EINVAL; |
| 57db31a1 MKL |
5106 | inet_csk(sk)->icsk_rto_min = timeout; |
| 5107 | break; | |
| 5108 | default: | |
| 5109 | return -EINVAL; | |
| 5110 | } | |
| 6f9bd3d7 | 5111 | |
| 57db31a1 MKL |
5112 | return 0; |
| 5113 | } | |
| 6f9bd3d7 | 5114 | |
| 1e7d217f MKL |
5115 | static int sol_tcp_sockopt_congestion(struct sock *sk, char *optval, |
| 5116 | int *optlen, bool getopt) | |
| 5117 | { | |
| 061ff040 MKL |
5118 | struct tcp_sock *tp; |
| 5119 | int ret; | |
| 5120 | ||
| 1e7d217f MKL |
5121 | if (*optlen < 2) |
| 5122 | return -EINVAL; | |
| 5123 | ||
| 5124 | if (getopt) { | |
| 5125 | if (!inet_csk(sk)->icsk_ca_ops) | |
| 5126 | return -EINVAL; | |
| 5127 | /* BPF expects NULL-terminated tcp-cc string */ | |
| 5128 | optval[--(*optlen)] = '\0'; | |
| 5129 | return do_tcp_getsockopt(sk, SOL_TCP, TCP_CONGESTION, | |
| 5130 | KERNEL_SOCKPTR(optval), | |
| 5131 | KERNEL_SOCKPTR(optlen)); | |
| 5132 | } | |
| 5133 | ||
| 5134 | /* "cdg" is the only cc that alloc a ptr | |
| 5135 | * in inet_csk_ca area. The bpf-tcp-cc may | |
| 5136 | * overwrite this ptr after switching to cdg. | |
| 5137 | */ | |
| 5138 | if (*optlen >= sizeof("cdg") - 1 && !strncmp("cdg", optval, *optlen)) | |
| 5139 | return -ENOTSUPP; | |
| 5140 | ||
| 061ff040 MKL |
5141 | /* It stops this looping |
| 5142 | * | |
| 5143 | * .init => bpf_setsockopt(tcp_cc) => .init => | |
| 5144 | * bpf_setsockopt(tcp_cc)" => .init => .... | |
| 5145 | * | |
| 5146 | * The second bpf_setsockopt(tcp_cc) is not allowed | |
| 5147 | * in order to break the loop when both .init | |
| 5148 | * are the same bpf prog. | |
| 5149 | * | |
| 5150 | * This applies even the second bpf_setsockopt(tcp_cc) | |
| 5151 | * does not cause a loop. This limits only the first | |
| 5152 | * '.init' can call bpf_setsockopt(TCP_CONGESTION) to | |
| 5153 | * pick a fallback cc (eg. peer does not support ECN) | |
| 5154 | * and the second '.init' cannot fallback to | |
| 5155 | * another. | |
| 5156 | */ | |
| 5157 | tp = tcp_sk(sk); | |
| 5158 | if (tp->bpf_chg_cc_inprogress) | |
| 5159 | return -EBUSY; | |
| 5160 | ||
| 5161 | tp->bpf_chg_cc_inprogress = 1; | |
| 5162 | ret = do_tcp_setsockopt(sk, SOL_TCP, TCP_CONGESTION, | |
| 1e7d217f | 5163 | KERNEL_SOCKPTR(optval), *optlen); |
| 061ff040 MKL |
5164 | tp->bpf_chg_cc_inprogress = 0; |
| 5165 | return ret; | |
| 1e7d217f MKL |
5166 | } |
| 5167 | ||
| 273b7f0f MKL |
5168 | static int sol_tcp_sockopt(struct sock *sk, int optname, |
| 5169 | char *optval, int *optlen, | |
| 5170 | bool getopt) | |
| 0c751f70 MKL |
5171 | { |
| 5172 | if (sk->sk_prot->setsockopt != tcp_setsockopt) | |
| 5173 | return -EINVAL; | |
| 91b5b21c | 5174 | |
| 0c751f70 | 5175 | switch (optname) { |
| 7e41df5d MKL |
5176 | case TCP_NODELAY: |
| 5177 | case TCP_MAXSEG: | |
| 0c751f70 MKL |
5178 | case TCP_KEEPIDLE: |
| 5179 | case TCP_KEEPINTVL: | |
| 5180 | case TCP_KEEPCNT: | |
| 5181 | case TCP_SYNCNT: | |
| 5182 | case TCP_WINDOW_CLAMP: | |
| 7e41df5d | 5183 | case TCP_THIN_LINEAR_TIMEOUTS: |
| 0c751f70 MKL |
5184 | case TCP_USER_TIMEOUT: |
| 5185 | case TCP_NOTSENT_LOWAT: | |
| 5186 | case TCP_SAVE_SYN: | |
| 273b7f0f | 5187 | if (*optlen != sizeof(int)) |
| 0c751f70 MKL |
5188 | return -EINVAL; |
| 5189 | break; | |
| 5190 | case TCP_CONGESTION: | |
| 1e7d217f | 5191 | return sol_tcp_sockopt_congestion(sk, optval, optlen, getopt); |
| 273b7f0f MKL |
5192 | case TCP_SAVED_SYN: |
| 5193 | if (*optlen < 1) | |
| 5194 | return -EINVAL; | |
| 0c751f70 MKL |
5195 | break; |
| 5196 | default: | |
| 273b7f0f MKL |
5197 | if (getopt) |
| 5198 | return -EINVAL; | |
| 5199 | return bpf_sol_tcp_setsockopt(sk, optname, optval, *optlen); | |
| 5200 | } | |
| 5201 | ||
| 5202 | if (getopt) { | |
| 5203 | if (optname == TCP_SAVED_SYN) { | |
| fc747810 LB |
5204 | struct tcp_sock *tp = tcp_sk(sk); |
| 5205 | ||
| 273b7f0f MKL |
5206 | if (!tp->saved_syn || |
| 5207 | *optlen > tcp_saved_syn_len(tp->saved_syn)) | |
| fc747810 | 5208 | return -EINVAL; |
| 273b7f0f MKL |
5209 | memcpy(optval, tp->saved_syn->data, *optlen); |
| 5210 | /* It cannot free tp->saved_syn here because it | |
| 5211 | * does not know if the user space still needs it. | |
| 5212 | */ | |
| 5213 | return 0; | |
| 5214 | } | |
| fc747810 | 5215 | |
| 273b7f0f MKL |
5216 | return do_tcp_getsockopt(sk, SOL_TCP, optname, |
| 5217 | KERNEL_SOCKPTR(optval), | |
| 5218 | KERNEL_SOCKPTR(optlen)); | |
| 8c4b4c7e | 5219 | } |
| 0c751f70 MKL |
5220 | |
| 5221 | return do_tcp_setsockopt(sk, SOL_TCP, optname, | |
| 273b7f0f | 5222 | KERNEL_SOCKPTR(optval), *optlen); |
| 8c4b4c7e LB |
5223 | } |
| 5224 | ||
| fd969f25 MKL |
5225 | static int sol_ip_sockopt(struct sock *sk, int optname, |
| 5226 | char *optval, int *optlen, | |
| 5227 | bool getopt) | |
| 9113d7e4 | 5228 | { |
| ee7f1e13 MKL |
5229 | if (sk->sk_family != AF_INET) |
| 5230 | return -EINVAL; | |
| 5231 | ||
| 5232 | switch (optname) { | |
| 5233 | case IP_TOS: | |
| fd969f25 | 5234 | if (*optlen != sizeof(int)) |
| ee7f1e13 MKL |
5235 | return -EINVAL; |
| 5236 | break; | |
| 5237 | default: | |
| 5238 | return -EINVAL; | |
| 5239 | } | |
| 5240 | ||
| fd969f25 MKL |
5241 | if (getopt) |
| 5242 | return do_ip_getsockopt(sk, SOL_IP, optname, | |
| 5243 | KERNEL_SOCKPTR(optval), | |
| 5244 | KERNEL_SOCKPTR(optlen)); | |
| 5245 | ||
| ee7f1e13 | 5246 | return do_ip_setsockopt(sk, SOL_IP, optname, |
| fd969f25 | 5247 | KERNEL_SOCKPTR(optval), *optlen); |
| 9113d7e4 SF |
5248 | } |
| 5249 | ||
| 38566ec0 MKL |
5250 | static int sol_ipv6_sockopt(struct sock *sk, int optname, |
| 5251 | char *optval, int *optlen, | |
| 5252 | bool getopt) | |
| cd86d1fd | 5253 | { |
| 75b64b68 MKL |
5254 | if (sk->sk_family != AF_INET6) |
| 5255 | return -EINVAL; | |
| beecf11b | 5256 | |
| 75b64b68 MKL |
5257 | switch (optname) { |
| 5258 | case IPV6_TCLASS: | |
| 7e41df5d | 5259 | case IPV6_AUTOFLOWLABEL: |
| 38566ec0 | 5260 | if (*optlen != sizeof(int)) |
| 75b64b68 MKL |
5261 | return -EINVAL; |
| 5262 | break; | |
| 5263 | default: | |
| 5264 | return -EINVAL; | |
| 5265 | } | |
| bcd6f4a8 | 5266 | |
| 38566ec0 MKL |
5267 | if (getopt) |
| 5268 | return ipv6_bpf_stub->ipv6_getsockopt(sk, SOL_IPV6, optname, | |
| 5269 | KERNEL_SOCKPTR(optval), | |
| 5270 | KERNEL_SOCKPTR(optlen)); | |
| 1edb6e03 | 5271 | |
| 75b64b68 | 5272 | return ipv6_bpf_stub->ipv6_setsockopt(sk, SOL_IPV6, optname, |
| 38566ec0 | 5273 | KERNEL_SOCKPTR(optval), *optlen); |
| 75b64b68 | 5274 | } |
| cd86d1fd | 5275 | |
| 9113d7e4 SF |
5276 | static int __bpf_setsockopt(struct sock *sk, int level, int optname, |
| 5277 | char *optval, int optlen) | |
| 8c4b4c7e | 5278 | { |
| 8c4b4c7e LB |
5279 | if (!sk_fullsock(sk)) |
| 5280 | return -EINVAL; | |
| 1e215300 | 5281 | |
| 75b64b68 | 5282 | if (level == SOL_SOCKET) |
| 65ddc82d | 5283 | return sol_socket_sockopt(sk, optname, optval, &optlen, false); |
| 75b64b68 | 5284 | else if (IS_ENABLED(CONFIG_INET) && level == SOL_IP) |
| fd969f25 | 5285 | return sol_ip_sockopt(sk, optname, optval, &optlen, false); |
| 75b64b68 | 5286 | else if (IS_ENABLED(CONFIG_IPV6) && level == SOL_IPV6) |
| 38566ec0 | 5287 | return sol_ipv6_sockopt(sk, optname, optval, &optlen, false); |
| 75b64b68 | 5288 | else if (IS_ENABLED(CONFIG_INET) && level == SOL_TCP) |
| 273b7f0f | 5289 | return sol_tcp_sockopt(sk, optname, optval, &optlen, false); |
| 6f5c39fa | 5290 | |
| 75b64b68 | 5291 | return -EINVAL; |
| 8c4b4c7e | 5292 | } |
| 6f5c39fa | 5293 | |
| 9113d7e4 | 5294 | static int _bpf_setsockopt(struct sock *sk, int level, int optname, |
| beecf11b | 5295 | char *optval, int optlen) |
| 9113d7e4 SF |
5296 | { |
| 5297 | if (sk_fullsock(sk)) | |
| 5298 | sock_owned_by_me(sk); | |
| 5299 | return __bpf_setsockopt(sk, level, optname, optval, optlen); | |
| 5300 | } | |
| 6f9bd3d7 | 5301 | |
| 9113d7e4 SF |
5302 | static int __bpf_getsockopt(struct sock *sk, int level, int optname, |
| 5303 | char *optval, int optlen) | |
| cd86d1fd | 5304 | { |
| 38566ec0 | 5305 | int err, saved_optlen = optlen; |
| 6f9bd3d7 | 5306 | |
| 38566ec0 MKL |
5307 | if (!sk_fullsock(sk)) { |
| 5308 | err = -EINVAL; | |
| 5309 | goto done; | |
| cd86d1fd | 5310 | } |
| beecf11b | 5311 | |
| 38566ec0 | 5312 | if (level == SOL_SOCKET) |
| 65ddc82d | 5313 | err = sol_socket_sockopt(sk, optname, optval, &optlen, true); |
| 38566ec0 | 5314 | else if (IS_ENABLED(CONFIG_INET) && level == SOL_TCP) |
| 273b7f0f | 5315 | err = sol_tcp_sockopt(sk, optname, optval, &optlen, true); |
| 38566ec0 | 5316 | else if (IS_ENABLED(CONFIG_INET) && level == SOL_IP) |
| fd969f25 | 5317 | err = sol_ip_sockopt(sk, optname, optval, &optlen, true); |
| 38566ec0 MKL |
5318 | else if (IS_ENABLED(CONFIG_IPV6) && level == SOL_IPV6) |
| 5319 | err = sol_ipv6_sockopt(sk, optname, optval, &optlen, true); | |
| 5320 | else | |
| 5321 | err = -EINVAL; | |
| 65ddc82d | 5322 | |
| 38566ec0 | 5323 | done: |
| 65ddc82d MKL |
5324 | if (err) |
| 5325 | optlen = 0; | |
| 5326 | if (optlen < saved_optlen) | |
| 5327 | memset(optval + optlen, 0, saved_optlen - optlen); | |
| 5328 | return err; | |
| cd86d1fd LB |
5329 | } |
| 5330 | ||
| 9113d7e4 SF |
5331 | static int _bpf_getsockopt(struct sock *sk, int level, int optname, |
| 5332 | char *optval, int optlen) | |
| 5333 | { | |
| 5334 | if (sk_fullsock(sk)) | |
| 5335 | sock_owned_by_me(sk); | |
| 5336 | return __bpf_getsockopt(sk, level, optname, optval, optlen); | |
| 5337 | } | |
| 5338 | ||
| 3cee6fb8 MKL |
5339 | BPF_CALL_5(bpf_sk_setsockopt, struct sock *, sk, int, level, |
| 5340 | int, optname, char *, optval, int, optlen) | |
| 5341 | { | |
| 5342 | return _bpf_setsockopt(sk, level, optname, optval, optlen); | |
| 5343 | } | |
| 5344 | ||
| 5345 | const struct bpf_func_proto bpf_sk_setsockopt_proto = { | |
| 5346 | .func = bpf_sk_setsockopt, | |
| 5347 | .gpl_only = false, | |
| 5348 | .ret_type = RET_INTEGER, | |
| 5349 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, | |
| 5350 | .arg2_type = ARG_ANYTHING, | |
| 5351 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 5352 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 3cee6fb8 MKL |
5353 | .arg5_type = ARG_CONST_SIZE, |
| 5354 | }; | |
| 5355 | ||
| 5356 | BPF_CALL_5(bpf_sk_getsockopt, struct sock *, sk, int, level, | |
| 5357 | int, optname, char *, optval, int, optlen) | |
| 5358 | { | |
| 5359 | return _bpf_getsockopt(sk, level, optname, optval, optlen); | |
| 5360 | } | |
| 5361 | ||
| 5362 | const struct bpf_func_proto bpf_sk_getsockopt_proto = { | |
| 5363 | .func = bpf_sk_getsockopt, | |
| 5364 | .gpl_only = false, | |
| 5365 | .ret_type = RET_INTEGER, | |
| 5366 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, | |
| 5367 | .arg2_type = ARG_ANYTHING, | |
| 5368 | .arg3_type = ARG_ANYTHING, | |
| 5369 | .arg4_type = ARG_PTR_TO_UNINIT_MEM, | |
| 5370 | .arg5_type = ARG_CONST_SIZE, | |
| 5371 | }; | |
| 5372 | ||
| 9113d7e4 SF |
5373 | BPF_CALL_5(bpf_unlocked_sk_setsockopt, struct sock *, sk, int, level, |
| 5374 | int, optname, char *, optval, int, optlen) | |
| 5375 | { | |
| 5376 | return __bpf_setsockopt(sk, level, optname, optval, optlen); | |
| 5377 | } | |
| 5378 | ||
| 5379 | const struct bpf_func_proto bpf_unlocked_sk_setsockopt_proto = { | |
| 5380 | .func = bpf_unlocked_sk_setsockopt, | |
| 5381 | .gpl_only = false, | |
| 5382 | .ret_type = RET_INTEGER, | |
| 5383 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, | |
| 5384 | .arg2_type = ARG_ANYTHING, | |
| 5385 | .arg3_type = ARG_ANYTHING, | |
| 5386 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, | |
| 5387 | .arg5_type = ARG_CONST_SIZE, | |
| 5388 | }; | |
| 5389 | ||
| 5390 | BPF_CALL_5(bpf_unlocked_sk_getsockopt, struct sock *, sk, int, level, | |
| 5391 | int, optname, char *, optval, int, optlen) | |
| 5392 | { | |
| 5393 | return __bpf_getsockopt(sk, level, optname, optval, optlen); | |
| 5394 | } | |
| 5395 | ||
| 5396 | const struct bpf_func_proto bpf_unlocked_sk_getsockopt_proto = { | |
| 5397 | .func = bpf_unlocked_sk_getsockopt, | |
| 5398 | .gpl_only = false, | |
| 5399 | .ret_type = RET_INTEGER, | |
| 5400 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, | |
| 5401 | .arg2_type = ARG_ANYTHING, | |
| 5402 | .arg3_type = ARG_ANYTHING, | |
| 5403 | .arg4_type = ARG_PTR_TO_UNINIT_MEM, | |
| 5404 | .arg5_type = ARG_CONST_SIZE, | |
| 5405 | }; | |
| 5406 | ||
| beecf11b SF |
5407 | BPF_CALL_5(bpf_sock_addr_setsockopt, struct bpf_sock_addr_kern *, ctx, |
| 5408 | int, level, int, optname, char *, optval, int, optlen) | |
| 5409 | { | |
| 5cdc744c | 5410 | return _bpf_setsockopt(ctx->sk, level, optname, optval, optlen); |
| beecf11b SF |
5411 | } |
| 5412 | ||
| 5413 | static const struct bpf_func_proto bpf_sock_addr_setsockopt_proto = { | |
| 5414 | .func = bpf_sock_addr_setsockopt, | |
| 5415 | .gpl_only = false, | |
| 5416 | .ret_type = RET_INTEGER, | |
| 5417 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5418 | .arg2_type = ARG_ANYTHING, | |
| 5419 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 5420 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| beecf11b SF |
5421 | .arg5_type = ARG_CONST_SIZE, |
| 5422 | }; | |
| 5423 | ||
| 5424 | BPF_CALL_5(bpf_sock_addr_getsockopt, struct bpf_sock_addr_kern *, ctx, | |
| 5425 | int, level, int, optname, char *, optval, int, optlen) | |
| 5426 | { | |
| 5427 | return _bpf_getsockopt(ctx->sk, level, optname, optval, optlen); | |
| 5428 | } | |
| 5429 | ||
| 5430 | static const struct bpf_func_proto bpf_sock_addr_getsockopt_proto = { | |
| 5431 | .func = bpf_sock_addr_getsockopt, | |
| 5432 | .gpl_only = false, | |
| 5433 | .ret_type = RET_INTEGER, | |
| 5434 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5435 | .arg2_type = ARG_ANYTHING, | |
| 5436 | .arg3_type = ARG_ANYTHING, | |
| 5437 | .arg4_type = ARG_PTR_TO_UNINIT_MEM, | |
| 5438 | .arg5_type = ARG_CONST_SIZE, | |
| 5439 | }; | |
| 5440 | ||
| 5441 | BPF_CALL_5(bpf_sock_ops_setsockopt, struct bpf_sock_ops_kern *, bpf_sock, | |
| 5442 | int, level, int, optname, char *, optval, int, optlen) | |
| 5443 | { | |
| 5cdc744c | 5444 | return _bpf_setsockopt(bpf_sock->sk, level, optname, optval, optlen); |
| beecf11b SF |
5445 | } |
| 5446 | ||
| 5447 | static const struct bpf_func_proto bpf_sock_ops_setsockopt_proto = { | |
| 5448 | .func = bpf_sock_ops_setsockopt, | |
| 5449 | .gpl_only = false, | |
| 5450 | .ret_type = RET_INTEGER, | |
| 5451 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5452 | .arg2_type = ARG_ANYTHING, | |
| 5453 | .arg3_type = ARG_ANYTHING, | |
| 216e3cd2 | 5454 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| beecf11b SF |
5455 | .arg5_type = ARG_CONST_SIZE, |
| 5456 | }; | |
| 5457 | ||
| 0813a841 MKL |
5458 | static int bpf_sock_ops_get_syn(struct bpf_sock_ops_kern *bpf_sock, |
| 5459 | int optname, const u8 **start) | |
| 5460 | { | |
| 5461 | struct sk_buff *syn_skb = bpf_sock->syn_skb; | |
| 5462 | const u8 *hdr_start; | |
| 5463 | int ret; | |
| 5464 | ||
| 5465 | if (syn_skb) { | |
| 5466 | /* sk is a request_sock here */ | |
| 5467 | ||
| 5468 | if (optname == TCP_BPF_SYN) { | |
| 5469 | hdr_start = syn_skb->data; | |
| 5470 | ret = tcp_hdrlen(syn_skb); | |
| 267cf9fa | 5471 | } else if (optname == TCP_BPF_SYN_IP) { |
| 0813a841 MKL |
5472 | hdr_start = skb_network_header(syn_skb); |
| 5473 | ret = skb_network_header_len(syn_skb) + | |
| 5474 | tcp_hdrlen(syn_skb); | |
| 267cf9fa MKL |
5475 | } else { |
| 5476 | /* optname == TCP_BPF_SYN_MAC */ | |
| 5477 | hdr_start = skb_mac_header(syn_skb); | |
| 5478 | ret = skb_mac_header_len(syn_skb) + | |
| 5479 | skb_network_header_len(syn_skb) + | |
| 5480 | tcp_hdrlen(syn_skb); | |
| 0813a841 MKL |
5481 | } |
| 5482 | } else { | |
| 5483 | struct sock *sk = bpf_sock->sk; | |
| 5484 | struct saved_syn *saved_syn; | |
| 5485 | ||
| 5486 | if (sk->sk_state == TCP_NEW_SYN_RECV) | |
| 5487 | /* synack retransmit. bpf_sock->syn_skb will | |
| 5488 | * not be available. It has to resort to | |
| 5489 | * saved_syn (if it is saved). | |
| 5490 | */ | |
| 5491 | saved_syn = inet_reqsk(sk)->saved_syn; | |
| 5492 | else | |
| 5493 | saved_syn = tcp_sk(sk)->saved_syn; | |
| 5494 | ||
| 5495 | if (!saved_syn) | |
| 5496 | return -ENOENT; | |
| 5497 | ||
| 5498 | if (optname == TCP_BPF_SYN) { | |
| 5499 | hdr_start = saved_syn->data + | |
| 267cf9fa | 5500 | saved_syn->mac_hdrlen + |
| 0813a841 MKL |
5501 | saved_syn->network_hdrlen; |
| 5502 | ret = saved_syn->tcp_hdrlen; | |
| 267cf9fa MKL |
5503 | } else if (optname == TCP_BPF_SYN_IP) { |
| 5504 | hdr_start = saved_syn->data + | |
| 5505 | saved_syn->mac_hdrlen; | |
| 5506 | ret = saved_syn->network_hdrlen + | |
| 5507 | saved_syn->tcp_hdrlen; | |
| 0813a841 | 5508 | } else { |
| 267cf9fa MKL |
5509 | /* optname == TCP_BPF_SYN_MAC */ |
| 5510 | ||
| 5511 | /* TCP_SAVE_SYN may not have saved the mac hdr */ | |
| 5512 | if (!saved_syn->mac_hdrlen) | |
| 5513 | return -ENOENT; | |
| 5514 | ||
| 0813a841 | 5515 | hdr_start = saved_syn->data; |
| 267cf9fa MKL |
5516 | ret = saved_syn->mac_hdrlen + |
| 5517 | saved_syn->network_hdrlen + | |
| 0813a841 MKL |
5518 | saved_syn->tcp_hdrlen; |
| 5519 | } | |
| 5520 | } | |
| 5521 | ||
| 5522 | *start = hdr_start; | |
| 5523 | return ret; | |
| 5524 | } | |
| 5525 | ||
| beecf11b SF |
5526 | BPF_CALL_5(bpf_sock_ops_getsockopt, struct bpf_sock_ops_kern *, bpf_sock, |
| 5527 | int, level, int, optname, char *, optval, int, optlen) | |
| 5528 | { | |
| 0813a841 | 5529 | if (IS_ENABLED(CONFIG_INET) && level == SOL_TCP && |
| 267cf9fa | 5530 | optname >= TCP_BPF_SYN && optname <= TCP_BPF_SYN_MAC) { |
| 0813a841 MKL |
5531 | int ret, copy_len = 0; |
| 5532 | const u8 *start; | |
| 5533 | ||
| 5534 | ret = bpf_sock_ops_get_syn(bpf_sock, optname, &start); | |
| 5535 | if (ret > 0) { | |
| 5536 | copy_len = ret; | |
| 5537 | if (optlen < copy_len) { | |
| 5538 | copy_len = optlen; | |
| 5539 | ret = -ENOSPC; | |
| 5540 | } | |
| 5541 | ||
| 5542 | memcpy(optval, start, copy_len); | |
| 5543 | } | |
| 5544 | ||
| 5545 | /* Zero out unused buffer at the end */ | |
| 5546 | memset(optval + copy_len, 0, optlen - copy_len); | |
| 5547 | ||
| 5548 | return ret; | |
| 5549 | } | |
| 5550 | ||
| beecf11b SF |
5551 | return _bpf_getsockopt(bpf_sock->sk, level, optname, optval, optlen); |
| 5552 | } | |
| 5553 | ||
| 5554 | static const struct bpf_func_proto bpf_sock_ops_getsockopt_proto = { | |
| 5555 | .func = bpf_sock_ops_getsockopt, | |
| cd86d1fd LB |
5556 | .gpl_only = false, |
| 5557 | .ret_type = RET_INTEGER, | |
| 5558 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5559 | .arg2_type = ARG_ANYTHING, | |
| 5560 | .arg3_type = ARG_ANYTHING, | |
| 5561 | .arg4_type = ARG_PTR_TO_UNINIT_MEM, | |
| 5562 | .arg5_type = ARG_CONST_SIZE, | |
| 5563 | }; | |
| 5564 | ||
| b13d8807 LB |
5565 | BPF_CALL_2(bpf_sock_ops_cb_flags_set, struct bpf_sock_ops_kern *, bpf_sock, |
| 5566 | int, argval) | |
| 5567 | { | |
| 5568 | struct sock *sk = bpf_sock->sk; | |
| 5569 | int val = argval & BPF_SOCK_OPS_ALL_CB_FLAGS; | |
| 5570 | ||
| a7dcdf6e | 5571 | if (!IS_ENABLED(CONFIG_INET) || !sk_fullsock(sk)) |
| b13d8807 LB |
5572 | return -EINVAL; |
| 5573 | ||
| 725721a6 | 5574 | tcp_sk(sk)->bpf_sock_ops_cb_flags = val; |
| b13d8807 LB |
5575 | |
| 5576 | return argval & (~BPF_SOCK_OPS_ALL_CB_FLAGS); | |
| b13d8807 LB |
5577 | } |
| 5578 | ||
| 5579 | static const struct bpf_func_proto bpf_sock_ops_cb_flags_set_proto = { | |
| 5580 | .func = bpf_sock_ops_cb_flags_set, | |
| 5581 | .gpl_only = false, | |
| 5582 | .ret_type = RET_INTEGER, | |
| 5583 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5584 | .arg2_type = ARG_ANYTHING, | |
| 5585 | }; | |
| 5586 | ||
| d74bad4e AI |
5587 | const struct ipv6_bpf_stub *ipv6_bpf_stub __read_mostly; |
| 5588 | EXPORT_SYMBOL_GPL(ipv6_bpf_stub); | |
| 5589 | ||
| 5590 | BPF_CALL_3(bpf_bind, struct bpf_sock_addr_kern *, ctx, struct sockaddr *, addr, | |
| 5591 | int, addr_len) | |
| 5592 | { | |
| 5593 | #ifdef CONFIG_INET | |
| 5594 | struct sock *sk = ctx->sk; | |
| 8086fbaf | 5595 | u32 flags = BIND_FROM_BPF; |
| d74bad4e AI |
5596 | int err; |
| 5597 | ||
| d74bad4e | 5598 | err = -EINVAL; |
| ba024f25 TH |
5599 | if (addr_len < offsetofend(struct sockaddr, sa_family)) |
| 5600 | return err; | |
| d74bad4e AI |
5601 | if (addr->sa_family == AF_INET) { |
| 5602 | if (addr_len < sizeof(struct sockaddr_in)) | |
| 5603 | return err; | |
| 8086fbaf SF |
5604 | if (((struct sockaddr_in *)addr)->sin_port == htons(0)) |
| 5605 | flags |= BIND_FORCE_ADDRESS_NO_PORT; | |
| 5606 | return __inet_bind(sk, addr, addr_len, flags); | |
| d74bad4e AI |
5607 | #if IS_ENABLED(CONFIG_IPV6) |
| 5608 | } else if (addr->sa_family == AF_INET6) { | |
| 5609 | if (addr_len < SIN6_LEN_RFC2133) | |
| 5610 | return err; | |
| 8086fbaf SF |
5611 | if (((struct sockaddr_in6 *)addr)->sin6_port == htons(0)) |
| 5612 | flags |= BIND_FORCE_ADDRESS_NO_PORT; | |
| d74bad4e AI |
5613 | /* ipv6_bpf_stub cannot be NULL, since it's called from |
| 5614 | * bpf_cgroup_inet6_connect hook and ipv6 is already loaded | |
| 5615 | */ | |
| 8086fbaf | 5616 | return ipv6_bpf_stub->inet6_bind(sk, addr, addr_len, flags); |
| d74bad4e AI |
5617 | #endif /* CONFIG_IPV6 */ |
| 5618 | } | |
| 5619 | #endif /* CONFIG_INET */ | |
| 5620 | ||
| 5621 | return -EAFNOSUPPORT; | |
| 5622 | } | |
| 5623 | ||
| 5624 | static const struct bpf_func_proto bpf_bind_proto = { | |
| 5625 | .func = bpf_bind, | |
| 5626 | .gpl_only = false, | |
| 5627 | .ret_type = RET_INTEGER, | |
| 5628 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 5629 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| d74bad4e AI |
5630 | .arg3_type = ARG_CONST_SIZE, |
| 5631 | }; | |
| 5632 | ||
| 12bed760 | 5633 | #ifdef CONFIG_XFRM |
| 94151f5a EB |
5634 | |
| 5635 | #if (IS_BUILTIN(CONFIG_XFRM_INTERFACE) && IS_ENABLED(CONFIG_DEBUG_INFO_BTF)) || \ | |
| 5636 | (IS_MODULE(CONFIG_XFRM_INTERFACE) && IS_ENABLED(CONFIG_DEBUG_INFO_BTF_MODULES)) | |
| 5637 | ||
| 5638 | struct metadata_dst __percpu *xfrm_bpf_md_dst; | |
| 5639 | EXPORT_SYMBOL_GPL(xfrm_bpf_md_dst); | |
| 5640 | ||
| 5641 | #endif | |
| 5642 | ||
| 12bed760 EB |
5643 | BPF_CALL_5(bpf_skb_get_xfrm_state, struct sk_buff *, skb, u32, index, |
| 5644 | struct bpf_xfrm_state *, to, u32, size, u64, flags) | |
| 5645 | { | |
| 5646 | const struct sec_path *sp = skb_sec_path(skb); | |
| 5647 | const struct xfrm_state *x; | |
| 5648 | ||
| 5649 | if (!sp || unlikely(index >= sp->len || flags)) | |
| 5650 | goto err_clear; | |
| 5651 | ||
| 5652 | x = sp->xvec[index]; | |
| 5653 | ||
| 5654 | if (unlikely(size != sizeof(struct bpf_xfrm_state))) | |
| 5655 | goto err_clear; | |
| 5656 | ||
| 5657 | to->reqid = x->props.reqid; | |
| 5658 | to->spi = x->id.spi; | |
| 5659 | to->family = x->props.family; | |
| 1fbc2e0c DB |
5660 | to->ext = 0; |
| 5661 | ||
| 12bed760 EB |
5662 | if (to->family == AF_INET6) { |
| 5663 | memcpy(to->remote_ipv6, x->props.saddr.a6, | |
| 5664 | sizeof(to->remote_ipv6)); | |
| 5665 | } else { | |
| 5666 | to->remote_ipv4 = x->props.saddr.a4; | |
| 1fbc2e0c | 5667 | memset(&to->remote_ipv6[1], 0, sizeof(__u32) * 3); |
| 12bed760 EB |
5668 | } |
| 5669 | ||
| 5670 | return 0; | |
| 5671 | err_clear: | |
| 5672 | memset(to, 0, size); | |
| 5673 | return -EINVAL; | |
| 5674 | } | |
| 5675 | ||
| 5676 | static const struct bpf_func_proto bpf_skb_get_xfrm_state_proto = { | |
| 5677 | .func = bpf_skb_get_xfrm_state, | |
| 5678 | .gpl_only = false, | |
| 5679 | .ret_type = RET_INTEGER, | |
| 5680 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5681 | .arg2_type = ARG_ANYTHING, | |
| 5682 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 5683 | .arg4_type = ARG_CONST_SIZE, | |
| 5684 | .arg5_type = ARG_ANYTHING, | |
| 5685 | }; | |
| 5686 | #endif | |
| 5687 | ||
| 87f5fc7e DA |
5688 | #if IS_ENABLED(CONFIG_INET) || IS_ENABLED(CONFIG_IPV6) |
| 5689 | static int bpf_fib_set_fwd_params(struct bpf_fib_lookup *params, | |
| 5690 | const struct neighbour *neigh, | |
| e1850ea9 | 5691 | const struct net_device *dev, u32 mtu) |
| 87f5fc7e DA |
5692 | { |
| 5693 | memcpy(params->dmac, neigh->ha, ETH_ALEN); | |
| 5694 | memcpy(params->smac, dev->dev_addr, ETH_ALEN); | |
| 5695 | params->h_vlan_TCI = 0; | |
| 5696 | params->h_vlan_proto = 0; | |
| e1850ea9 JDB |
5697 | if (mtu) |
| 5698 | params->mtu_result = mtu; /* union with tot_len */ | |
| 87f5fc7e | 5699 | |
| 4c79579b | 5700 | return 0; |
| 87f5fc7e DA |
5701 | } |
| 5702 | #endif | |
| 5703 | ||
| 5704 | #if IS_ENABLED(CONFIG_INET) | |
| 5705 | static int bpf_ipv4_fib_lookup(struct net *net, struct bpf_fib_lookup *params, | |
| 4f74fede | 5706 | u32 flags, bool check_mtu) |
| 87f5fc7e | 5707 | { |
| eba618ab | 5708 | struct fib_nh_common *nhc; |
| 87f5fc7e DA |
5709 | struct in_device *in_dev; |
| 5710 | struct neighbour *neigh; | |
| 5711 | struct net_device *dev; | |
| 5712 | struct fib_result res; | |
| 87f5fc7e | 5713 | struct flowi4 fl4; |
| e1850ea9 | 5714 | u32 mtu = 0; |
| 87f5fc7e DA |
5715 | int err; |
| 5716 | ||
| 5717 | dev = dev_get_by_index_rcu(net, params->ifindex); | |
| 5718 | if (unlikely(!dev)) | |
| 5719 | return -ENODEV; | |
| 5720 | ||
| 5721 | /* verify forwarding is enabled on this interface */ | |
| 5722 | in_dev = __in_dev_get_rcu(dev); | |
| 5723 | if (unlikely(!in_dev || !IN_DEV_FORWARD(in_dev))) | |
| 4c79579b | 5724 | return BPF_FIB_LKUP_RET_FWD_DISABLED; |
| 87f5fc7e DA |
5725 | |
| 5726 | if (flags & BPF_FIB_LOOKUP_OUTPUT) { | |
| 5727 | fl4.flowi4_iif = 1; | |
| 5728 | fl4.flowi4_oif = params->ifindex; | |
| 5729 | } else { | |
| 5730 | fl4.flowi4_iif = params->ifindex; | |
| 5731 | fl4.flowi4_oif = 0; | |
| 5732 | } | |
| 5733 | fl4.flowi4_tos = params->tos & IPTOS_RT_MASK; | |
| 5734 | fl4.flowi4_scope = RT_SCOPE_UNIVERSE; | |
| 5735 | fl4.flowi4_flags = 0; | |
| 5736 | ||
| 5737 | fl4.flowi4_proto = params->l4_protocol; | |
| 5738 | fl4.daddr = params->ipv4_dst; | |
| 5739 | fl4.saddr = params->ipv4_src; | |
| 5740 | fl4.fl4_sport = params->sport; | |
| 5741 | fl4.fl4_dport = params->dport; | |
| 1869e226 | 5742 | fl4.flowi4_multipath_hash = 0; |
| 87f5fc7e DA |
5743 | |
| 5744 | if (flags & BPF_FIB_LOOKUP_DIRECT) { | |
| 5745 | u32 tbid = l3mdev_fib_table_rcu(dev) ? : RT_TABLE_MAIN; | |
| 5746 | struct fib_table *tb; | |
| 5747 | ||
| 5748 | tb = fib_get_table(net, tbid); | |
| 5749 | if (unlikely(!tb)) | |
| 4c79579b | 5750 | return BPF_FIB_LKUP_RET_NOT_FWDED; |
| 87f5fc7e DA |
5751 | |
| 5752 | err = fib_table_lookup(tb, &fl4, &res, FIB_LOOKUP_NOREF); | |
| 5753 | } else { | |
| 5754 | fl4.flowi4_mark = 0; | |
| 5755 | fl4.flowi4_secid = 0; | |
| 5756 | fl4.flowi4_tun_key.tun_id = 0; | |
| 5757 | fl4.flowi4_uid = sock_net_uid(net, NULL); | |
| 5758 | ||
| 5759 | err = fib_lookup(net, &fl4, &res, FIB_LOOKUP_NOREF); | |
| 5760 | } | |
| 5761 | ||
| 4c79579b DA |
5762 | if (err) { |
| 5763 | /* map fib lookup errors to RTN_ type */ | |
| 5764 | if (err == -EINVAL) | |
| 5765 | return BPF_FIB_LKUP_RET_BLACKHOLE; | |
| 5766 | if (err == -EHOSTUNREACH) | |
| 5767 | return BPF_FIB_LKUP_RET_UNREACHABLE; | |
| 5768 | if (err == -EACCES) | |
| 5769 | return BPF_FIB_LKUP_RET_PROHIBIT; | |
| 5770 | ||
| 5771 | return BPF_FIB_LKUP_RET_NOT_FWDED; | |
| 5772 | } | |
| 5773 | ||
| 5774 | if (res.type != RTN_UNICAST) | |
| 5775 | return BPF_FIB_LKUP_RET_NOT_FWDED; | |
| 87f5fc7e | 5776 | |
| 5481d73f | 5777 | if (fib_info_num_path(res.fi) > 1) |
| 87f5fc7e DA |
5778 | fib_select_path(net, &res, &fl4, NULL); |
| 5779 | ||
| 4f74fede DA |
5780 | if (check_mtu) { |
| 5781 | mtu = ip_mtu_from_fib_result(&res, params->ipv4_dst); | |
| e1850ea9 JDB |
5782 | if (params->tot_len > mtu) { |
| 5783 | params->mtu_result = mtu; /* union with tot_len */ | |
| 4c79579b | 5784 | return BPF_FIB_LKUP_RET_FRAG_NEEDED; |
| e1850ea9 | 5785 | } |
| 4f74fede DA |
5786 | } |
| 5787 | ||
| eba618ab | 5788 | nhc = res.nhc; |
| 87f5fc7e DA |
5789 | |
| 5790 | /* do not handle lwt encaps right now */ | |
| eba618ab | 5791 | if (nhc->nhc_lwtstate) |
| 4c79579b | 5792 | return BPF_FIB_LKUP_RET_UNSUPP_LWT; |
| 87f5fc7e | 5793 | |
| eba618ab | 5794 | dev = nhc->nhc_dev; |
| 87f5fc7e DA |
5795 | |
| 5796 | params->rt_metric = res.fi->fib_priority; | |
| d1c362e1 | 5797 | params->ifindex = dev->ifindex; |
| 87f5fc7e DA |
5798 | |
| 5799 | /* xdp and cls_bpf programs are run in RCU-bh so | |
| 5800 | * rcu_read_lock_bh is not needed here | |
| 5801 | */ | |
| 6f5f68d0 DA |
5802 | if (likely(nhc->nhc_gw_family != AF_INET6)) { |
| 5803 | if (nhc->nhc_gw_family) | |
| 5804 | params->ipv4_dst = nhc->nhc_gw.ipv4; | |
| 5805 | ||
| 5806 | neigh = __ipv4_neigh_lookup_noref(dev, | |
| 5807 | (__force u32)params->ipv4_dst); | |
| 5808 | } else { | |
| 5809 | struct in6_addr *dst = (struct in6_addr *)params->ipv6_dst; | |
| 5810 | ||
| 5811 | params->family = AF_INET6; | |
| 5812 | *dst = nhc->nhc_gw.ipv6; | |
| 5813 | neigh = __ipv6_neigh_lookup_noref_stub(dev, dst); | |
| 5814 | } | |
| 5815 | ||
| 4c79579b DA |
5816 | if (!neigh) |
| 5817 | return BPF_FIB_LKUP_RET_NO_NEIGH; | |
| 87f5fc7e | 5818 | |
| e1850ea9 | 5819 | return bpf_fib_set_fwd_params(params, neigh, dev, mtu); |
| 87f5fc7e DA |
5820 | } |
| 5821 | #endif | |
| 5822 | ||
| 5823 | #if IS_ENABLED(CONFIG_IPV6) | |
| 5824 | static int bpf_ipv6_fib_lookup(struct net *net, struct bpf_fib_lookup *params, | |
| 4f74fede | 5825 | u32 flags, bool check_mtu) |
| 87f5fc7e DA |
5826 | { |
| 5827 | struct in6_addr *src = (struct in6_addr *) params->ipv6_src; | |
| 5828 | struct in6_addr *dst = (struct in6_addr *) params->ipv6_dst; | |
| e55449e7 | 5829 | struct fib6_result res = {}; |
| 87f5fc7e DA |
5830 | struct neighbour *neigh; |
| 5831 | struct net_device *dev; | |
| 5832 | struct inet6_dev *idev; | |
| 87f5fc7e DA |
5833 | struct flowi6 fl6; |
| 5834 | int strict = 0; | |
| effda4dd | 5835 | int oif, err; |
| e1850ea9 | 5836 | u32 mtu = 0; |
| 87f5fc7e DA |
5837 | |
| 5838 | /* link local addresses are never forwarded */ | |
| 5839 | if (rt6_need_strict(dst) || rt6_need_strict(src)) | |
| 4c79579b | 5840 | return BPF_FIB_LKUP_RET_NOT_FWDED; |
| 87f5fc7e DA |
5841 | |
| 5842 | dev = dev_get_by_index_rcu(net, params->ifindex); | |
| 5843 | if (unlikely(!dev)) | |
| 5844 | return -ENODEV; | |
| 5845 | ||
| 5846 | idev = __in6_dev_get_safely(dev); | |
| 56f0f84e | 5847 | if (unlikely(!idev || !idev->cnf.forwarding)) |
| 4c79579b | 5848 | return BPF_FIB_LKUP_RET_FWD_DISABLED; |
| 87f5fc7e DA |
5849 | |
| 5850 | if (flags & BPF_FIB_LOOKUP_OUTPUT) { | |
| 5851 | fl6.flowi6_iif = 1; | |
| 5852 | oif = fl6.flowi6_oif = params->ifindex; | |
| 5853 | } else { | |
| 5854 | oif = fl6.flowi6_iif = params->ifindex; | |
| 5855 | fl6.flowi6_oif = 0; | |
| 5856 | strict = RT6_LOOKUP_F_HAS_SADDR; | |
| 5857 | } | |
| bd3a08aa | 5858 | fl6.flowlabel = params->flowinfo; |
| 87f5fc7e DA |
5859 | fl6.flowi6_scope = 0; |
| 5860 | fl6.flowi6_flags = 0; | |
| 5861 | fl6.mp_hash = 0; | |
| 5862 | ||
| 5863 | fl6.flowi6_proto = params->l4_protocol; | |
| 5864 | fl6.daddr = *dst; | |
| 5865 | fl6.saddr = *src; | |
| 5866 | fl6.fl6_sport = params->sport; | |
| 5867 | fl6.fl6_dport = params->dport; | |
| 5868 | ||
| 5869 | if (flags & BPF_FIB_LOOKUP_DIRECT) { | |
| 5870 | u32 tbid = l3mdev_fib_table_rcu(dev) ? : RT_TABLE_MAIN; | |
| 5871 | struct fib6_table *tb; | |
| 5872 | ||
| 5873 | tb = ipv6_stub->fib6_get_table(net, tbid); | |
| 5874 | if (unlikely(!tb)) | |
| 4c79579b | 5875 | return BPF_FIB_LKUP_RET_NOT_FWDED; |
| 87f5fc7e | 5876 | |
| effda4dd DA |
5877 | err = ipv6_stub->fib6_table_lookup(net, tb, oif, &fl6, &res, |
| 5878 | strict); | |
| 87f5fc7e DA |
5879 | } else { |
| 5880 | fl6.flowi6_mark = 0; | |
| 5881 | fl6.flowi6_secid = 0; | |
| 5882 | fl6.flowi6_tun_key.tun_id = 0; | |
| 5883 | fl6.flowi6_uid = sock_net_uid(net, NULL); | |
| 5884 | ||
| effda4dd | 5885 | err = ipv6_stub->fib6_lookup(net, oif, &fl6, &res, strict); |
| 87f5fc7e DA |
5886 | } |
| 5887 | ||
| effda4dd | 5888 | if (unlikely(err || IS_ERR_OR_NULL(res.f6i) || |
| b1d40991 | 5889 | res.f6i == net->ipv6.fib6_null_entry)) |
| 4c79579b DA |
5890 | return BPF_FIB_LKUP_RET_NOT_FWDED; |
| 5891 | ||
| 7d21fec9 DA |
5892 | switch (res.fib6_type) { |
| 5893 | /* only unicast is forwarded */ | |
| 5894 | case RTN_UNICAST: | |
| 5895 | break; | |
| 5896 | case RTN_BLACKHOLE: | |
| 5897 | return BPF_FIB_LKUP_RET_BLACKHOLE; | |
| 5898 | case RTN_UNREACHABLE: | |
| 5899 | return BPF_FIB_LKUP_RET_UNREACHABLE; | |
| 5900 | case RTN_PROHIBIT: | |
| 5901 | return BPF_FIB_LKUP_RET_PROHIBIT; | |
| 5902 | default: | |
| 4c79579b | 5903 | return BPF_FIB_LKUP_RET_NOT_FWDED; |
| 7d21fec9 | 5904 | } |
| 87f5fc7e | 5905 | |
| b1d40991 DA |
5906 | ipv6_stub->fib6_select_path(net, &res, &fl6, fl6.flowi6_oif, |
| 5907 | fl6.flowi6_oif != 0, NULL, strict); | |
| 87f5fc7e | 5908 | |
| 4f74fede | 5909 | if (check_mtu) { |
| b748f260 | 5910 | mtu = ipv6_stub->ip6_mtu_from_fib6(&res, dst, src); |
| e1850ea9 JDB |
5911 | if (params->tot_len > mtu) { |
| 5912 | params->mtu_result = mtu; /* union with tot_len */ | |
| 4c79579b | 5913 | return BPF_FIB_LKUP_RET_FRAG_NEEDED; |
| e1850ea9 | 5914 | } |
| 4f74fede DA |
5915 | } |
| 5916 | ||
| b1d40991 | 5917 | if (res.nh->fib_nh_lws) |
| 4c79579b | 5918 | return BPF_FIB_LKUP_RET_UNSUPP_LWT; |
| 87f5fc7e | 5919 | |
| b1d40991 DA |
5920 | if (res.nh->fib_nh_gw_family) |
| 5921 | *dst = res.nh->fib_nh_gw6; | |
| 87f5fc7e | 5922 | |
| b1d40991 DA |
5923 | dev = res.nh->fib_nh_dev; |
| 5924 | params->rt_metric = res.f6i->fib6_metric; | |
| d1c362e1 | 5925 | params->ifindex = dev->ifindex; |
| 87f5fc7e DA |
5926 | |
| 5927 | /* xdp and cls_bpf programs are run in RCU-bh so rcu_read_lock_bh is | |
| 71df5777 | 5928 | * not needed here. |
| 87f5fc7e | 5929 | */ |
| 71df5777 | 5930 | neigh = __ipv6_neigh_lookup_noref_stub(dev, dst); |
| 4c79579b DA |
5931 | if (!neigh) |
| 5932 | return BPF_FIB_LKUP_RET_NO_NEIGH; | |
| 87f5fc7e | 5933 | |
| e1850ea9 | 5934 | return bpf_fib_set_fwd_params(params, neigh, dev, mtu); |
| 87f5fc7e DA |
5935 | } |
| 5936 | #endif | |
| 5937 | ||
| 5938 | BPF_CALL_4(bpf_xdp_fib_lookup, struct xdp_buff *, ctx, | |
| 5939 | struct bpf_fib_lookup *, params, int, plen, u32, flags) | |
| 5940 | { | |
| 5941 | if (plen < sizeof(*params)) | |
| 5942 | return -EINVAL; | |
| 5943 | ||
| 9ce64f19 DA |
5944 | if (flags & ~(BPF_FIB_LOOKUP_DIRECT | BPF_FIB_LOOKUP_OUTPUT)) |
| 5945 | return -EINVAL; | |
| 5946 | ||
| 87f5fc7e DA |
5947 | switch (params->family) { |
| 5948 | #if IS_ENABLED(CONFIG_INET) | |
| 5949 | case AF_INET: | |
| 5950 | return bpf_ipv4_fib_lookup(dev_net(ctx->rxq->dev), params, | |
| 4f74fede | 5951 | flags, true); |
| 87f5fc7e DA |
5952 | #endif |
| 5953 | #if IS_ENABLED(CONFIG_IPV6) | |
| 5954 | case AF_INET6: | |
| 5955 | return bpf_ipv6_fib_lookup(dev_net(ctx->rxq->dev), params, | |
| 4f74fede | 5956 | flags, true); |
| 87f5fc7e DA |
5957 | #endif |
| 5958 | } | |
| bcece5dc | 5959 | return -EAFNOSUPPORT; |
| 87f5fc7e DA |
5960 | } |
| 5961 | ||
| 5962 | static const struct bpf_func_proto bpf_xdp_fib_lookup_proto = { | |
| 5963 | .func = bpf_xdp_fib_lookup, | |
| 5964 | .gpl_only = true, | |
| 5965 | .ret_type = RET_INTEGER, | |
| 5966 | .arg1_type = ARG_PTR_TO_CTX, | |
| 5967 | .arg2_type = ARG_PTR_TO_MEM, | |
| 5968 | .arg3_type = ARG_CONST_SIZE, | |
| 5969 | .arg4_type = ARG_ANYTHING, | |
| 5970 | }; | |
| 5971 | ||
| 5972 | BPF_CALL_4(bpf_skb_fib_lookup, struct sk_buff *, skb, | |
| 5973 | struct bpf_fib_lookup *, params, int, plen, u32, flags) | |
| 5974 | { | |
| 4f74fede | 5975 | struct net *net = dev_net(skb->dev); |
| 4c79579b | 5976 | int rc = -EAFNOSUPPORT; |
| 2c0a10af | 5977 | bool check_mtu = false; |
| 4f74fede | 5978 | |
| 87f5fc7e DA |
5979 | if (plen < sizeof(*params)) |
| 5980 | return -EINVAL; | |
| 5981 | ||
| 9ce64f19 DA |
5982 | if (flags & ~(BPF_FIB_LOOKUP_DIRECT | BPF_FIB_LOOKUP_OUTPUT)) |
| 5983 | return -EINVAL; | |
| 5984 | ||
| 2c0a10af JDB |
5985 | if (params->tot_len) |
| 5986 | check_mtu = true; | |
| 5987 | ||
| 87f5fc7e DA |
5988 | switch (params->family) { |
| 5989 | #if IS_ENABLED(CONFIG_INET) | |
| 5990 | case AF_INET: | |
| 2c0a10af | 5991 | rc = bpf_ipv4_fib_lookup(net, params, flags, check_mtu); |
| 4f74fede | 5992 | break; |
| 87f5fc7e DA |
5993 | #endif |
| 5994 | #if IS_ENABLED(CONFIG_IPV6) | |
| 5995 | case AF_INET6: | |
| 2c0a10af | 5996 | rc = bpf_ipv6_fib_lookup(net, params, flags, check_mtu); |
| 4f74fede | 5997 | break; |
| 87f5fc7e DA |
5998 | #endif |
| 5999 | } | |
| 4f74fede | 6000 | |
| 2c0a10af | 6001 | if (rc == BPF_FIB_LKUP_RET_SUCCESS && !check_mtu) { |
| 4f74fede DA |
6002 | struct net_device *dev; |
| 6003 | ||
| 2c0a10af JDB |
6004 | /* When tot_len isn't provided by user, check skb |
| 6005 | * against MTU of FIB lookup resulting net_device | |
| 6006 | */ | |
| 4c79579b | 6007 | dev = dev_get_by_index_rcu(net, params->ifindex); |
| 4f74fede | 6008 | if (!is_skb_forwardable(dev, skb)) |
| 4c79579b | 6009 | rc = BPF_FIB_LKUP_RET_FRAG_NEEDED; |
| e1850ea9 JDB |
6010 | |
| 6011 | params->mtu_result = dev->mtu; /* union with tot_len */ | |
| 4f74fede DA |
6012 | } |
| 6013 | ||
| 4c79579b | 6014 | return rc; |
| 87f5fc7e DA |
6015 | } |
| 6016 | ||
| 6017 | static const struct bpf_func_proto bpf_skb_fib_lookup_proto = { | |
| 6018 | .func = bpf_skb_fib_lookup, | |
| 6019 | .gpl_only = true, | |
| 6020 | .ret_type = RET_INTEGER, | |
| 6021 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6022 | .arg2_type = ARG_PTR_TO_MEM, | |
| 6023 | .arg3_type = ARG_CONST_SIZE, | |
| 6024 | .arg4_type = ARG_ANYTHING, | |
| 6025 | }; | |
| 6026 | ||
| 34b2021c JDB |
6027 | static struct net_device *__dev_via_ifindex(struct net_device *dev_curr, |
| 6028 | u32 ifindex) | |
| 6029 | { | |
| 6030 | struct net *netns = dev_net(dev_curr); | |
| 6031 | ||
| 6032 | /* Non-redirect use-cases can use ifindex=0 and save ifindex lookup */ | |
| 6033 | if (ifindex == 0) | |
| 6034 | return dev_curr; | |
| 6035 | ||
| 6036 | return dev_get_by_index_rcu(netns, ifindex); | |
| 6037 | } | |
| 6038 | ||
| 6039 | BPF_CALL_5(bpf_skb_check_mtu, struct sk_buff *, skb, | |
| 6040 | u32, ifindex, u32 *, mtu_len, s32, len_diff, u64, flags) | |
| 6041 | { | |
| 6042 | int ret = BPF_MTU_CHK_RET_FRAG_NEEDED; | |
| 6043 | struct net_device *dev = skb->dev; | |
| 6044 | int skb_len, dev_len; | |
| 6045 | int mtu; | |
| 6046 | ||
| 6047 | if (unlikely(flags & ~(BPF_MTU_CHK_SEGS))) | |
| 6048 | return -EINVAL; | |
| 6049 | ||
| e5e35e75 | 6050 | if (unlikely(flags & BPF_MTU_CHK_SEGS && (len_diff || *mtu_len))) |
| 34b2021c JDB |
6051 | return -EINVAL; |
| 6052 | ||
| 6053 | dev = __dev_via_ifindex(dev, ifindex); | |
| 6054 | if (unlikely(!dev)) | |
| 6055 | return -ENODEV; | |
| 6056 | ||
| 6057 | mtu = READ_ONCE(dev->mtu); | |
| 6058 | ||
| 6059 | dev_len = mtu + dev->hard_header_len; | |
| e5e35e75 JDB |
6060 | |
| 6061 | /* If set use *mtu_len as input, L3 as iph->tot_len (like fib_lookup) */ | |
| 6062 | skb_len = *mtu_len ? *mtu_len + dev->hard_header_len : skb->len; | |
| 6063 | ||
| 6064 | skb_len += len_diff; /* minus result pass check */ | |
| 34b2021c JDB |
6065 | if (skb_len <= dev_len) { |
| 6066 | ret = BPF_MTU_CHK_RET_SUCCESS; | |
| 6067 | goto out; | |
| 6068 | } | |
| 6069 | /* At this point, skb->len exceed MTU, but as it include length of all | |
| 6070 | * segments, it can still be below MTU. The SKB can possibly get | |
| 6071 | * re-segmented in transmit path (see validate_xmit_skb). Thus, user | |
| 6072 | * must choose if segs are to be MTU checked. | |
| 6073 | */ | |
| 6074 | if (skb_is_gso(skb)) { | |
| 6075 | ret = BPF_MTU_CHK_RET_SUCCESS; | |
| 6076 | ||
| 6077 | if (flags & BPF_MTU_CHK_SEGS && | |
| 6078 | !skb_gso_validate_network_len(skb, mtu)) | |
| 6079 | ret = BPF_MTU_CHK_RET_SEGS_TOOBIG; | |
| 6080 | } | |
| 6081 | out: | |
| 6082 | /* BPF verifier guarantees valid pointer */ | |
| 6083 | *mtu_len = mtu; | |
| 6084 | ||
| 6085 | return ret; | |
| 6086 | } | |
| 6087 | ||
| 6088 | BPF_CALL_5(bpf_xdp_check_mtu, struct xdp_buff *, xdp, | |
| 6089 | u32, ifindex, u32 *, mtu_len, s32, len_diff, u64, flags) | |
| 6090 | { | |
| 6091 | struct net_device *dev = xdp->rxq->dev; | |
| 6092 | int xdp_len = xdp->data_end - xdp->data; | |
| 6093 | int ret = BPF_MTU_CHK_RET_SUCCESS; | |
| 6094 | int mtu, dev_len; | |
| 6095 | ||
| 6096 | /* XDP variant doesn't support multi-buffer segment check (yet) */ | |
| 6097 | if (unlikely(flags)) | |
| 6098 | return -EINVAL; | |
| 6099 | ||
| 6100 | dev = __dev_via_ifindex(dev, ifindex); | |
| 6101 | if (unlikely(!dev)) | |
| 6102 | return -ENODEV; | |
| 6103 | ||
| 6104 | mtu = READ_ONCE(dev->mtu); | |
| 6105 | ||
| 6106 | /* Add L2-header as dev MTU is L3 size */ | |
| 6107 | dev_len = mtu + dev->hard_header_len; | |
| 6108 | ||
| e5e35e75 JDB |
6109 | /* Use *mtu_len as input, L3 as iph->tot_len (like fib_lookup) */ |
| 6110 | if (*mtu_len) | |
| 6111 | xdp_len = *mtu_len + dev->hard_header_len; | |
| 6112 | ||
| 34b2021c JDB |
6113 | xdp_len += len_diff; /* minus result pass check */ |
| 6114 | if (xdp_len > dev_len) | |
| 6115 | ret = BPF_MTU_CHK_RET_FRAG_NEEDED; | |
| 6116 | ||
| 6117 | /* BPF verifier guarantees valid pointer */ | |
| 6118 | *mtu_len = mtu; | |
| 6119 | ||
| 6120 | return ret; | |
| 6121 | } | |
| 6122 | ||
| 6123 | static const struct bpf_func_proto bpf_skb_check_mtu_proto = { | |
| 6124 | .func = bpf_skb_check_mtu, | |
| 6125 | .gpl_only = true, | |
| 6126 | .ret_type = RET_INTEGER, | |
| 6127 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6128 | .arg2_type = ARG_ANYTHING, | |
| 6129 | .arg3_type = ARG_PTR_TO_INT, | |
| 6130 | .arg4_type = ARG_ANYTHING, | |
| 6131 | .arg5_type = ARG_ANYTHING, | |
| 6132 | }; | |
| 6133 | ||
| 6134 | static const struct bpf_func_proto bpf_xdp_check_mtu_proto = { | |
| 6135 | .func = bpf_xdp_check_mtu, | |
| 6136 | .gpl_only = true, | |
| 6137 | .ret_type = RET_INTEGER, | |
| 6138 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6139 | .arg2_type = ARG_ANYTHING, | |
| 6140 | .arg3_type = ARG_PTR_TO_INT, | |
| 6141 | .arg4_type = ARG_ANYTHING, | |
| 6142 | .arg5_type = ARG_ANYTHING, | |
| 6143 | }; | |
| 6144 | ||
| fe94cc29 MX |
6145 | #if IS_ENABLED(CONFIG_IPV6_SEG6_BPF) |
| 6146 | static int bpf_push_seg6_encap(struct sk_buff *skb, u32 type, void *hdr, u32 len) | |
| 6147 | { | |
| 6148 | int err; | |
| 6149 | struct ipv6_sr_hdr *srh = (struct ipv6_sr_hdr *)hdr; | |
| 6150 | ||
| bb986a50 | 6151 | if (!seg6_validate_srh(srh, len, false)) |
| fe94cc29 MX |
6152 | return -EINVAL; |
| 6153 | ||
| 6154 | switch (type) { | |
| 6155 | case BPF_LWT_ENCAP_SEG6_INLINE: | |
| 6156 | if (skb->protocol != htons(ETH_P_IPV6)) | |
| 6157 | return -EBADMSG; | |
| 6158 | ||
| 6159 | err = seg6_do_srh_inline(skb, srh); | |
| 6160 | break; | |
| 6161 | case BPF_LWT_ENCAP_SEG6: | |
| 6162 | skb_reset_inner_headers(skb); | |
| 6163 | skb->encapsulation = 1; | |
| 6164 | err = seg6_do_srh_encap(skb, srh, IPPROTO_IPV6); | |
| 6165 | break; | |
| 6166 | default: | |
| 6167 | return -EINVAL; | |
| 6168 | } | |
| 6169 | ||
| 6170 | bpf_compute_data_pointers(skb); | |
| 6171 | if (err) | |
| 6172 | return err; | |
| 6173 | ||
| fe94cc29 MX |
6174 | skb_set_transport_header(skb, sizeof(struct ipv6hdr)); |
| 6175 | ||
| 6176 | return seg6_lookup_nexthop(skb, NULL, 0); | |
| 6177 | } | |
| 6178 | #endif /* CONFIG_IPV6_SEG6_BPF */ | |
| 6179 | ||
| 3e0bd37c PO |
6180 | #if IS_ENABLED(CONFIG_LWTUNNEL_BPF) |
| 6181 | static int bpf_push_ip_encap(struct sk_buff *skb, void *hdr, u32 len, | |
| 6182 | bool ingress) | |
| 6183 | { | |
| 52f27877 | 6184 | return bpf_lwt_push_ip_encap(skb, hdr, len, ingress); |
| 3e0bd37c PO |
6185 | } |
| 6186 | #endif | |
| 6187 | ||
| 6188 | BPF_CALL_4(bpf_lwt_in_push_encap, struct sk_buff *, skb, u32, type, void *, hdr, | |
| fe94cc29 MX |
6189 | u32, len) |
| 6190 | { | |
| 6191 | switch (type) { | |
| 6192 | #if IS_ENABLED(CONFIG_IPV6_SEG6_BPF) | |
| 6193 | case BPF_LWT_ENCAP_SEG6: | |
| 6194 | case BPF_LWT_ENCAP_SEG6_INLINE: | |
| 6195 | return bpf_push_seg6_encap(skb, type, hdr, len); | |
| 3e0bd37c PO |
6196 | #endif |
| 6197 | #if IS_ENABLED(CONFIG_LWTUNNEL_BPF) | |
| 6198 | case BPF_LWT_ENCAP_IP: | |
| 6199 | return bpf_push_ip_encap(skb, hdr, len, true /* ingress */); | |
| fe94cc29 MX |
6200 | #endif |
| 6201 | default: | |
| 6202 | return -EINVAL; | |
| 6203 | } | |
| 6204 | } | |
| 6205 | ||
| 3e0bd37c PO |
6206 | BPF_CALL_4(bpf_lwt_xmit_push_encap, struct sk_buff *, skb, u32, type, |
| 6207 | void *, hdr, u32, len) | |
| 6208 | { | |
| 6209 | switch (type) { | |
| 6210 | #if IS_ENABLED(CONFIG_LWTUNNEL_BPF) | |
| 6211 | case BPF_LWT_ENCAP_IP: | |
| 6212 | return bpf_push_ip_encap(skb, hdr, len, false /* egress */); | |
| fe94cc29 MX |
6213 | #endif |
| 6214 | default: | |
| 6215 | return -EINVAL; | |
| 6216 | } | |
| 6217 | } | |
| 6218 | ||
| 3e0bd37c PO |
6219 | static const struct bpf_func_proto bpf_lwt_in_push_encap_proto = { |
| 6220 | .func = bpf_lwt_in_push_encap, | |
| 6221 | .gpl_only = false, | |
| 6222 | .ret_type = RET_INTEGER, | |
| 6223 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6224 | .arg2_type = ARG_ANYTHING, | |
| 216e3cd2 | 6225 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 3e0bd37c PO |
6226 | .arg4_type = ARG_CONST_SIZE |
| 6227 | }; | |
| 6228 | ||
| 6229 | static const struct bpf_func_proto bpf_lwt_xmit_push_encap_proto = { | |
| 6230 | .func = bpf_lwt_xmit_push_encap, | |
| fe94cc29 MX |
6231 | .gpl_only = false, |
| 6232 | .ret_type = RET_INTEGER, | |
| 6233 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6234 | .arg2_type = ARG_ANYTHING, | |
| 216e3cd2 | 6235 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| fe94cc29 MX |
6236 | .arg4_type = ARG_CONST_SIZE |
| 6237 | }; | |
| 6238 | ||
| 61d76980 | 6239 | #if IS_ENABLED(CONFIG_IPV6_SEG6_BPF) |
| fe94cc29 MX |
6240 | BPF_CALL_4(bpf_lwt_seg6_store_bytes, struct sk_buff *, skb, u32, offset, |
| 6241 | const void *, from, u32, len) | |
| 6242 | { | |
| fe94cc29 MX |
6243 | struct seg6_bpf_srh_state *srh_state = |
| 6244 | this_cpu_ptr(&seg6_bpf_srh_states); | |
| 486cdf21 | 6245 | struct ipv6_sr_hdr *srh = srh_state->srh; |
| fe94cc29 | 6246 | void *srh_tlvs, *srh_end, *ptr; |
| fe94cc29 MX |
6247 | int srhoff = 0; |
| 6248 | ||
| 486cdf21 | 6249 | if (srh == NULL) |
| fe94cc29 MX |
6250 | return -EINVAL; |
| 6251 | ||
| fe94cc29 MX |
6252 | srh_tlvs = (void *)((char *)srh + ((srh->first_segment + 1) << 4)); |
| 6253 | srh_end = (void *)((char *)srh + sizeof(*srh) + srh_state->hdrlen); | |
| 6254 | ||
| 6255 | ptr = skb->data + offset; | |
| 6256 | if (ptr >= srh_tlvs && ptr + len <= srh_end) | |
| 486cdf21 | 6257 | srh_state->valid = false; |
| fe94cc29 MX |
6258 | else if (ptr < (void *)&srh->flags || |
| 6259 | ptr + len > (void *)&srh->segments) | |
| 6260 | return -EFAULT; | |
| 6261 | ||
| 6262 | if (unlikely(bpf_try_make_writable(skb, offset + len))) | |
| 6263 | return -EFAULT; | |
| 486cdf21 MX |
6264 | if (ipv6_find_hdr(skb, &srhoff, IPPROTO_ROUTING, NULL, NULL) < 0) |
| 6265 | return -EINVAL; | |
| 6266 | srh_state->srh = (struct ipv6_sr_hdr *)(skb->data + srhoff); | |
| fe94cc29 MX |
6267 | |
| 6268 | memcpy(skb->data + offset, from, len); | |
| 6269 | return 0; | |
| fe94cc29 MX |
6270 | } |
| 6271 | ||
| 6272 | static const struct bpf_func_proto bpf_lwt_seg6_store_bytes_proto = { | |
| 6273 | .func = bpf_lwt_seg6_store_bytes, | |
| 6274 | .gpl_only = false, | |
| 6275 | .ret_type = RET_INTEGER, | |
| 6276 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6277 | .arg2_type = ARG_ANYTHING, | |
| 216e3cd2 | 6278 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| fe94cc29 MX |
6279 | .arg4_type = ARG_CONST_SIZE |
| 6280 | }; | |
| 6281 | ||
| 486cdf21 | 6282 | static void bpf_update_srh_state(struct sk_buff *skb) |
| fe94cc29 | 6283 | { |
| fe94cc29 MX |
6284 | struct seg6_bpf_srh_state *srh_state = |
| 6285 | this_cpu_ptr(&seg6_bpf_srh_states); | |
| fe94cc29 | 6286 | int srhoff = 0; |
| fe94cc29 | 6287 | |
| 486cdf21 MX |
6288 | if (ipv6_find_hdr(skb, &srhoff, IPPROTO_ROUTING, NULL, NULL) < 0) { |
| 6289 | srh_state->srh = NULL; | |
| 6290 | } else { | |
| 6291 | srh_state->srh = (struct ipv6_sr_hdr *)(skb->data + srhoff); | |
| 6292 | srh_state->hdrlen = srh_state->srh->hdrlen << 3; | |
| 6293 | srh_state->valid = true; | |
| fe94cc29 | 6294 | } |
| 486cdf21 MX |
6295 | } |
| 6296 | ||
| 6297 | BPF_CALL_4(bpf_lwt_seg6_action, struct sk_buff *, skb, | |
| 6298 | u32, action, void *, param, u32, param_len) | |
| 6299 | { | |
| 6300 | struct seg6_bpf_srh_state *srh_state = | |
| 6301 | this_cpu_ptr(&seg6_bpf_srh_states); | |
| 6302 | int hdroff = 0; | |
| 6303 | int err; | |
| fe94cc29 MX |
6304 | |
| 6305 | switch (action) { | |
| 6306 | case SEG6_LOCAL_ACTION_END_X: | |
| 486cdf21 MX |
6307 | if (!seg6_bpf_has_valid_srh(skb)) |
| 6308 | return -EBADMSG; | |
| fe94cc29 MX |
6309 | if (param_len != sizeof(struct in6_addr)) |
| 6310 | return -EINVAL; | |
| 6311 | return seg6_lookup_nexthop(skb, (struct in6_addr *)param, 0); | |
| 6312 | case SEG6_LOCAL_ACTION_END_T: | |
| 486cdf21 MX |
6313 | if (!seg6_bpf_has_valid_srh(skb)) |
| 6314 | return -EBADMSG; | |
| fe94cc29 MX |
6315 | if (param_len != sizeof(int)) |
| 6316 | return -EINVAL; | |
| 6317 | return seg6_lookup_nexthop(skb, NULL, *(int *)param); | |
| 486cdf21 MX |
6318 | case SEG6_LOCAL_ACTION_END_DT6: |
| 6319 | if (!seg6_bpf_has_valid_srh(skb)) | |
| 6320 | return -EBADMSG; | |
| fe94cc29 MX |
6321 | if (param_len != sizeof(int)) |
| 6322 | return -EINVAL; | |
| 486cdf21 MX |
6323 | |
| 6324 | if (ipv6_find_hdr(skb, &hdroff, IPPROTO_IPV6, NULL, NULL) < 0) | |
| 6325 | return -EBADMSG; | |
| 6326 | if (!pskb_pull(skb, hdroff)) | |
| 6327 | return -EBADMSG; | |
| 6328 | ||
| 6329 | skb_postpull_rcsum(skb, skb_network_header(skb), hdroff); | |
| 6330 | skb_reset_network_header(skb); | |
| 6331 | skb_reset_transport_header(skb); | |
| 6332 | skb->encapsulation = 0; | |
| 6333 | ||
| 6334 | bpf_compute_data_pointers(skb); | |
| 6335 | bpf_update_srh_state(skb); | |
| fe94cc29 MX |
6336 | return seg6_lookup_nexthop(skb, NULL, *(int *)param); |
| 6337 | case SEG6_LOCAL_ACTION_END_B6: | |
| 486cdf21 MX |
6338 | if (srh_state->srh && !seg6_bpf_has_valid_srh(skb)) |
| 6339 | return -EBADMSG; | |
| fe94cc29 MX |
6340 | err = bpf_push_seg6_encap(skb, BPF_LWT_ENCAP_SEG6_INLINE, |
| 6341 | param, param_len); | |
| 6342 | if (!err) | |
| 486cdf21 MX |
6343 | bpf_update_srh_state(skb); |
| 6344 | ||
| fe94cc29 MX |
6345 | return err; |
| 6346 | case SEG6_LOCAL_ACTION_END_B6_ENCAP: | |
| 486cdf21 MX |
6347 | if (srh_state->srh && !seg6_bpf_has_valid_srh(skb)) |
| 6348 | return -EBADMSG; | |
| fe94cc29 MX |
6349 | err = bpf_push_seg6_encap(skb, BPF_LWT_ENCAP_SEG6, |
| 6350 | param, param_len); | |
| 6351 | if (!err) | |
| 486cdf21 MX |
6352 | bpf_update_srh_state(skb); |
| 6353 | ||
| fe94cc29 MX |
6354 | return err; |
| 6355 | default: | |
| 6356 | return -EINVAL; | |
| 6357 | } | |
| fe94cc29 MX |
6358 | } |
| 6359 | ||
| 6360 | static const struct bpf_func_proto bpf_lwt_seg6_action_proto = { | |
| 6361 | .func = bpf_lwt_seg6_action, | |
| 6362 | .gpl_only = false, | |
| 6363 | .ret_type = RET_INTEGER, | |
| 6364 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6365 | .arg2_type = ARG_ANYTHING, | |
| 216e3cd2 | 6366 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| fe94cc29 MX |
6367 | .arg4_type = ARG_CONST_SIZE |
| 6368 | }; | |
| 6369 | ||
| 6370 | BPF_CALL_3(bpf_lwt_seg6_adjust_srh, struct sk_buff *, skb, u32, offset, | |
| 6371 | s32, len) | |
| 6372 | { | |
| fe94cc29 MX |
6373 | struct seg6_bpf_srh_state *srh_state = |
| 6374 | this_cpu_ptr(&seg6_bpf_srh_states); | |
| 486cdf21 | 6375 | struct ipv6_sr_hdr *srh = srh_state->srh; |
| fe94cc29 | 6376 | void *srh_end, *srh_tlvs, *ptr; |
| fe94cc29 MX |
6377 | struct ipv6hdr *hdr; |
| 6378 | int srhoff = 0; | |
| 6379 | int ret; | |
| 6380 | ||
| 486cdf21 | 6381 | if (unlikely(srh == NULL)) |
| fe94cc29 | 6382 | return -EINVAL; |
| fe94cc29 MX |
6383 | |
| 6384 | srh_tlvs = (void *)((unsigned char *)srh + sizeof(*srh) + | |
| 6385 | ((srh->first_segment + 1) << 4)); | |
| 6386 | srh_end = (void *)((unsigned char *)srh + sizeof(*srh) + | |
| 6387 | srh_state->hdrlen); | |
| 6388 | ptr = skb->data + offset; | |
| 6389 | ||
| 6390 | if (unlikely(ptr < srh_tlvs || ptr > srh_end)) | |
| 6391 | return -EFAULT; | |
| 6392 | if (unlikely(len < 0 && (void *)((char *)ptr - len) > srh_end)) | |
| 6393 | return -EFAULT; | |
| 6394 | ||
| 6395 | if (len > 0) { | |
| 6396 | ret = skb_cow_head(skb, len); | |
| 6397 | if (unlikely(ret < 0)) | |
| 6398 | return ret; | |
| 6399 | ||
| 6400 | ret = bpf_skb_net_hdr_push(skb, offset, len); | |
| 6401 | } else { | |
| 6402 | ret = bpf_skb_net_hdr_pop(skb, offset, -1 * len); | |
| 6403 | } | |
| 6404 | ||
| 6405 | bpf_compute_data_pointers(skb); | |
| 6406 | if (unlikely(ret < 0)) | |
| 6407 | return ret; | |
| 6408 | ||
| 6409 | hdr = (struct ipv6hdr *)skb->data; | |
| 6410 | hdr->payload_len = htons(skb->len - sizeof(struct ipv6hdr)); | |
| 6411 | ||
| 486cdf21 MX |
6412 | if (ipv6_find_hdr(skb, &srhoff, IPPROTO_ROUTING, NULL, NULL) < 0) |
| 6413 | return -EINVAL; | |
| 6414 | srh_state->srh = (struct ipv6_sr_hdr *)(skb->data + srhoff); | |
| fe94cc29 | 6415 | srh_state->hdrlen += len; |
| 486cdf21 | 6416 | srh_state->valid = false; |
| fe94cc29 | 6417 | return 0; |
| fe94cc29 MX |
6418 | } |
| 6419 | ||
| 6420 | static const struct bpf_func_proto bpf_lwt_seg6_adjust_srh_proto = { | |
| 6421 | .func = bpf_lwt_seg6_adjust_srh, | |
| 6422 | .gpl_only = false, | |
| 6423 | .ret_type = RET_INTEGER, | |
| 6424 | .arg1_type = ARG_PTR_TO_CTX, | |
| 6425 | .arg2_type = ARG_ANYTHING, | |
| 6426 | .arg3_type = ARG_ANYTHING, | |
| 6427 | }; | |
| 61d76980 | 6428 | #endif /* CONFIG_IPV6_SEG6_BPF */ |
| fe94cc29 | 6429 | |
| df3f94a0 AB |
6430 | #ifdef CONFIG_INET |
| 6431 | static struct sock *sk_lookup(struct net *net, struct bpf_sock_tuple *tuple, | |
| c8123ead | 6432 | int dif, int sdif, u8 family, u8 proto) |
| 6acc9b43 | 6433 | { |
| 4461568a | 6434 | struct inet_hashinfo *hinfo = net->ipv4.tcp_death_row.hashinfo; |
| 6acc9b43 JS |
6435 | bool refcounted = false; |
| 6436 | struct sock *sk = NULL; | |
| 6437 | ||
| 6438 | if (family == AF_INET) { | |
| 6439 | __be32 src4 = tuple->ipv4.saddr; | |
| 6440 | __be32 dst4 = tuple->ipv4.daddr; | |
| 6acc9b43 JS |
6441 | |
| 6442 | if (proto == IPPROTO_TCP) | |
| 4461568a | 6443 | sk = __inet_lookup(net, hinfo, NULL, 0, |
| 6acc9b43 JS |
6444 | src4, tuple->ipv4.sport, |
| 6445 | dst4, tuple->ipv4.dport, | |
| 6446 | dif, sdif, &refcounted); | |
| 6447 | else | |
| 6448 | sk = __udp4_lib_lookup(net, src4, tuple->ipv4.sport, | |
| 6449 | dst4, tuple->ipv4.dport, | |
| ba6aac15 | 6450 | dif, sdif, net->ipv4.udp_table, NULL); |
| 8a615c6b | 6451 | #if IS_ENABLED(CONFIG_IPV6) |
| 6acc9b43 JS |
6452 | } else { |
| 6453 | struct in6_addr *src6 = (struct in6_addr *)&tuple->ipv6.saddr; | |
| 6454 | struct in6_addr *dst6 = (struct in6_addr *)&tuple->ipv6.daddr; | |
| 6acc9b43 JS |
6455 | |
| 6456 | if (proto == IPPROTO_TCP) | |
| 4461568a | 6457 | sk = __inet6_lookup(net, hinfo, NULL, 0, |
| 6acc9b43 | 6458 | src6, tuple->ipv6.sport, |
| cac6cc2f | 6459 | dst6, ntohs(tuple->ipv6.dport), |
| 6acc9b43 | 6460 | dif, sdif, &refcounted); |
| 8a615c6b JS |
6461 | else if (likely(ipv6_bpf_stub)) |
| 6462 | sk = ipv6_bpf_stub->udp6_lib_lookup(net, | |
| 6463 | src6, tuple->ipv6.sport, | |
| cac6cc2f | 6464 | dst6, tuple->ipv6.dport, |
| 8a615c6b | 6465 | dif, sdif, |
| ba6aac15 | 6466 | net->ipv4.udp_table, NULL); |
| 6acc9b43 JS |
6467 | #endif |
| 6468 | } | |
| 6469 | ||
| 6470 | if (unlikely(sk && !refcounted && !sock_flag(sk, SOCK_RCU_FREE))) { | |
| 6471 | WARN_ONCE(1, "Found non-RCU, unreferenced socket!"); | |
| 6472 | sk = NULL; | |
| 6473 | } | |
| 6474 | return sk; | |
| 6475 | } | |
| 6476 | ||
| edbf8c01 | 6477 | /* bpf_skc_lookup performs the core lookup for different types of sockets, |
| 6acc9b43 | 6478 | * taking a reference on the socket if it doesn't have the flag SOCK_RCU_FREE. |
| 6acc9b43 | 6479 | */ |
| edbf8c01 LB |
6480 | static struct sock * |
| 6481 | __bpf_skc_lookup(struct sk_buff *skb, struct bpf_sock_tuple *tuple, u32 len, | |
| 6482 | struct net *caller_net, u32 ifindex, u8 proto, u64 netns_id, | |
| 6483 | u64 flags) | |
| 6acc9b43 | 6484 | { |
| 6acc9b43 | 6485 | struct sock *sk = NULL; |
| 6acc9b43 | 6486 | struct net *net; |
| 2064a132 | 6487 | u8 family; |
| c8123ead | 6488 | int sdif; |
| 6acc9b43 | 6489 | |
| 9b28ae24 LB |
6490 | if (len == sizeof(tuple->ipv4)) |
| 6491 | family = AF_INET; | |
| 6492 | else if (len == sizeof(tuple->ipv6)) | |
| 6493 | family = AF_INET6; | |
| 6494 | else | |
| 6495 | return NULL; | |
| 6496 | ||
| 2064a132 | 6497 | if (unlikely(flags || !((s32)netns_id < 0 || netns_id <= S32_MAX))) |
| 6acc9b43 JS |
6498 | goto out; |
| 6499 | ||
| c8123ead NH |
6500 | if (family == AF_INET) |
| 6501 | sdif = inet_sdif(skb); | |
| 6acc9b43 | 6502 | else |
| c8123ead NH |
6503 | sdif = inet6_sdif(skb); |
| 6504 | ||
| f71c6143 JS |
6505 | if ((s32)netns_id < 0) { |
| 6506 | net = caller_net; | |
| 4cc1feeb | 6507 | sk = sk_lookup(net, tuple, ifindex, sdif, family, proto); |
| f71c6143 | 6508 | } else { |
| 6acc9b43 JS |
6509 | net = get_net_ns_by_id(caller_net, netns_id); |
| 6510 | if (unlikely(!net)) | |
| 6511 | goto out; | |
| c8123ead | 6512 | sk = sk_lookup(net, tuple, ifindex, sdif, family, proto); |
| 6acc9b43 | 6513 | put_net(net); |
| 6acc9b43 JS |
6514 | } |
| 6515 | ||
| edbf8c01 LB |
6516 | out: |
| 6517 | return sk; | |
| 6518 | } | |
| 6519 | ||
| 6520 | static struct sock * | |
| 6521 | __bpf_sk_lookup(struct sk_buff *skb, struct bpf_sock_tuple *tuple, u32 len, | |
| 6522 | struct net *caller_net, u32 ifindex, u8 proto, u64 netns_id, | |
| 6523 | u64 flags) | |
| 6524 | { | |
| 6525 | struct sock *sk = __bpf_skc_lookup(skb, tuple, len, caller_net, | |
| 6526 | ifindex, proto, netns_id, flags); | |
| 6527 | ||
| f7355a6c | 6528 | if (sk) { |
| 3046a827 JM |
6529 | struct sock *sk2 = sk_to_full_sk(sk); |
| 6530 | ||
| 6531 | /* sk_to_full_sk() may return (sk)->rsk_listener, so make sure the original sk | |
| 6532 | * sock refcnt is decremented to prevent a request_sock leak. | |
| 6533 | */ | |
| 6534 | if (!sk_fullsock(sk2)) | |
| 6535 | sk2 = NULL; | |
| 6536 | if (sk2 != sk) { | |
| 2e012c74 | 6537 | sock_gen_put(sk); |
| 3046a827 JM |
6538 | /* Ensure there is no need to bump sk2 refcnt */ |
| 6539 | if (unlikely(sk2 && !sock_flag(sk2, SOCK_RCU_FREE))) { | |
| 6540 | WARN_ONCE(1, "Found non-RCU, unreferenced socket!"); | |
| 6541 | return NULL; | |
| 6542 | } | |
| 6543 | sk = sk2; | |
| f7355a6c MKL |
6544 | } |
| 6545 | } | |
| edbf8c01 LB |
6546 | |
| 6547 | return sk; | |
| 6acc9b43 JS |
6548 | } |
| 6549 | ||
| edbf8c01 LB |
6550 | static struct sock * |
| 6551 | bpf_skc_lookup(struct sk_buff *skb, struct bpf_sock_tuple *tuple, u32 len, | |
| 6552 | u8 proto, u64 netns_id, u64 flags) | |
| c8123ead NH |
6553 | { |
| 6554 | struct net *caller_net; | |
| 6555 | int ifindex; | |
| 6556 | ||
| 6557 | if (skb->dev) { | |
| 6558 | caller_net = dev_net(skb->dev); | |
| 6559 | ifindex = skb->dev->ifindex; | |
| 6560 | } else { | |
| 6561 | caller_net = sock_net(skb->sk); | |
| 6562 | ifindex = 0; | |
| 6563 | } | |
| 6564 | ||
| edbf8c01 LB |
6565 | return __bpf_skc_lookup(skb, tuple, len, caller_net, ifindex, proto, |
| 6566 | netns_id, flags); | |
| c8123ead NH |
6567 | } |
| 6568 | ||
| edbf8c01 LB |
6569 | static struct sock * |
| 6570 | bpf_sk_lookup(struct sk_buff *skb, struct bpf_sock_tuple *tuple, u32 len, | |
| 6571 | u8 proto, u64 netns_id, u64 flags) | |
| 6572 | { | |
| 6573 | struct sock *sk = bpf_skc_lookup(skb, tuple, len, proto, netns_id, | |
| 6574 | flags); | |
| 6575 | ||
| f7355a6c | 6576 | if (sk) { |
| 3046a827 JM |
6577 | struct sock *sk2 = sk_to_full_sk(sk); |
| 6578 | ||
| 6579 | /* sk_to_full_sk() may return (sk)->rsk_listener, so make sure the original sk | |
| 6580 | * sock refcnt is decremented to prevent a request_sock leak. | |
| 6581 | */ | |
| 6582 | if (!sk_fullsock(sk2)) | |
| 6583 | sk2 = NULL; | |
| 6584 | if (sk2 != sk) { | |
| 2e012c74 | 6585 | sock_gen_put(sk); |
| 3046a827 JM |
6586 | /* Ensure there is no need to bump sk2 refcnt */ |
| 6587 | if (unlikely(sk2 && !sock_flag(sk2, SOCK_RCU_FREE))) { | |
| 6588 | WARN_ONCE(1, "Found non-RCU, unreferenced socket!"); | |
| 6589 | return NULL; | |
| 6590 | } | |
| 6591 | sk = sk2; | |
| f7355a6c MKL |
6592 | } |
| 6593 | } | |
| edbf8c01 LB |
6594 | |
| 6595 | return sk; | |
| 6596 | } | |
| 6597 | ||
| 6598 | BPF_CALL_5(bpf_skc_lookup_tcp, struct sk_buff *, skb, | |
| 6599 | struct bpf_sock_tuple *, tuple, u32, len, u64, netns_id, u64, flags) | |
| 6600 | { | |
| 6601 | return (unsigned long)bpf_skc_lookup(skb, tuple, len, IPPROTO_TCP, | |
| 6602 | netns_id, flags); | |
| 6603 | } | |
| 6604 | ||
| 6605 | static const struct bpf_func_proto bpf_skc_lookup_tcp_proto = { | |
| 6606 | .func = bpf_skc_lookup_tcp, | |
| 6607 | .gpl_only = false, | |
| 6608 | .pkt_access = true, | |
| 6609 | .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, | |
| 6610 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6611 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| edbf8c01 LB |
6612 | .arg3_type = ARG_CONST_SIZE, |
| 6613 | .arg4_type = ARG_ANYTHING, | |
| 6614 | .arg5_type = ARG_ANYTHING, | |
| 6615 | }; | |
| 6616 | ||
| 6acc9b43 JS |
6617 | BPF_CALL_5(bpf_sk_lookup_tcp, struct sk_buff *, skb, |
| 6618 | struct bpf_sock_tuple *, tuple, u32, len, u64, netns_id, u64, flags) | |
| 6619 | { | |
| edbf8c01 LB |
6620 | return (unsigned long)bpf_sk_lookup(skb, tuple, len, IPPROTO_TCP, |
| 6621 | netns_id, flags); | |
| 6acc9b43 JS |
6622 | } |
| 6623 | ||
| 6624 | static const struct bpf_func_proto bpf_sk_lookup_tcp_proto = { | |
| 6625 | .func = bpf_sk_lookup_tcp, | |
| 6626 | .gpl_only = false, | |
| 6627 | .pkt_access = true, | |
| 6628 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6629 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6630 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 6acc9b43 JS |
6631 | .arg3_type = ARG_CONST_SIZE, |
| 6632 | .arg4_type = ARG_ANYTHING, | |
| 6633 | .arg5_type = ARG_ANYTHING, | |
| 6634 | }; | |
| 6635 | ||
| 6636 | BPF_CALL_5(bpf_sk_lookup_udp, struct sk_buff *, skb, | |
| 6637 | struct bpf_sock_tuple *, tuple, u32, len, u64, netns_id, u64, flags) | |
| 6638 | { | |
| edbf8c01 LB |
6639 | return (unsigned long)bpf_sk_lookup(skb, tuple, len, IPPROTO_UDP, |
| 6640 | netns_id, flags); | |
| 6acc9b43 JS |
6641 | } |
| 6642 | ||
| 6643 | static const struct bpf_func_proto bpf_sk_lookup_udp_proto = { | |
| 6644 | .func = bpf_sk_lookup_udp, | |
| 6645 | .gpl_only = false, | |
| 6646 | .pkt_access = true, | |
| 6647 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6648 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6649 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 6acc9b43 JS |
6650 | .arg3_type = ARG_CONST_SIZE, |
| 6651 | .arg4_type = ARG_ANYTHING, | |
| 6652 | .arg5_type = ARG_ANYTHING, | |
| 6653 | }; | |
| 6654 | ||
| 6655 | BPF_CALL_1(bpf_sk_release, struct sock *, sk) | |
| 6656 | { | |
| a5fa25ad | 6657 | if (sk && sk_is_refcounted(sk)) |
| 6acc9b43 JS |
6658 | sock_gen_put(sk); |
| 6659 | return 0; | |
| 6660 | } | |
| 6661 | ||
| 6662 | static const struct bpf_func_proto bpf_sk_release_proto = { | |
| 6663 | .func = bpf_sk_release, | |
| 6664 | .gpl_only = false, | |
| 6665 | .ret_type = RET_INTEGER, | |
| 8f14852e | 6666 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON | OBJ_RELEASE, |
| 6acc9b43 | 6667 | }; |
| c8123ead NH |
6668 | |
| 6669 | BPF_CALL_5(bpf_xdp_sk_lookup_udp, struct xdp_buff *, ctx, | |
| 6670 | struct bpf_sock_tuple *, tuple, u32, len, u32, netns_id, u64, flags) | |
| 6671 | { | |
| 6672 | struct net *caller_net = dev_net(ctx->rxq->dev); | |
| 6673 | int ifindex = ctx->rxq->dev->ifindex; | |
| 6674 | ||
| edbf8c01 LB |
6675 | return (unsigned long)__bpf_sk_lookup(NULL, tuple, len, caller_net, |
| 6676 | ifindex, IPPROTO_UDP, netns_id, | |
| 6677 | flags); | |
| c8123ead NH |
6678 | } |
| 6679 | ||
| 6680 | static const struct bpf_func_proto bpf_xdp_sk_lookup_udp_proto = { | |
| 6681 | .func = bpf_xdp_sk_lookup_udp, | |
| 6682 | .gpl_only = false, | |
| 6683 | .pkt_access = true, | |
| 6684 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6685 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6686 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| c8123ead NH |
6687 | .arg3_type = ARG_CONST_SIZE, |
| 6688 | .arg4_type = ARG_ANYTHING, | |
| 6689 | .arg5_type = ARG_ANYTHING, | |
| 6690 | }; | |
| 6691 | ||
| edbf8c01 LB |
6692 | BPF_CALL_5(bpf_xdp_skc_lookup_tcp, struct xdp_buff *, ctx, |
| 6693 | struct bpf_sock_tuple *, tuple, u32, len, u32, netns_id, u64, flags) | |
| 6694 | { | |
| 6695 | struct net *caller_net = dev_net(ctx->rxq->dev); | |
| 6696 | int ifindex = ctx->rxq->dev->ifindex; | |
| 6697 | ||
| 6698 | return (unsigned long)__bpf_skc_lookup(NULL, tuple, len, caller_net, | |
| 6699 | ifindex, IPPROTO_TCP, netns_id, | |
| 6700 | flags); | |
| 6701 | } | |
| 6702 | ||
| 6703 | static const struct bpf_func_proto bpf_xdp_skc_lookup_tcp_proto = { | |
| 6704 | .func = bpf_xdp_skc_lookup_tcp, | |
| 6705 | .gpl_only = false, | |
| 6706 | .pkt_access = true, | |
| 6707 | .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, | |
| 6708 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6709 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| edbf8c01 LB |
6710 | .arg3_type = ARG_CONST_SIZE, |
| 6711 | .arg4_type = ARG_ANYTHING, | |
| 6712 | .arg5_type = ARG_ANYTHING, | |
| 6713 | }; | |
| 6714 | ||
| c8123ead NH |
6715 | BPF_CALL_5(bpf_xdp_sk_lookup_tcp, struct xdp_buff *, ctx, |
| 6716 | struct bpf_sock_tuple *, tuple, u32, len, u32, netns_id, u64, flags) | |
| 6717 | { | |
| 6718 | struct net *caller_net = dev_net(ctx->rxq->dev); | |
| 6719 | int ifindex = ctx->rxq->dev->ifindex; | |
| 6720 | ||
| edbf8c01 LB |
6721 | return (unsigned long)__bpf_sk_lookup(NULL, tuple, len, caller_net, |
| 6722 | ifindex, IPPROTO_TCP, netns_id, | |
| 6723 | flags); | |
| c8123ead NH |
6724 | } |
| 6725 | ||
| 6726 | static const struct bpf_func_proto bpf_xdp_sk_lookup_tcp_proto = { | |
| 6727 | .func = bpf_xdp_sk_lookup_tcp, | |
| 6728 | .gpl_only = false, | |
| 6729 | .pkt_access = true, | |
| 6730 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6731 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6732 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| c8123ead NH |
6733 | .arg3_type = ARG_CONST_SIZE, |
| 6734 | .arg4_type = ARG_ANYTHING, | |
| 6735 | .arg5_type = ARG_ANYTHING, | |
| 6736 | }; | |
| 6c49e65e | 6737 | |
| edbf8c01 LB |
6738 | BPF_CALL_5(bpf_sock_addr_skc_lookup_tcp, struct bpf_sock_addr_kern *, ctx, |
| 6739 | struct bpf_sock_tuple *, tuple, u32, len, u64, netns_id, u64, flags) | |
| 6740 | { | |
| 6741 | return (unsigned long)__bpf_skc_lookup(NULL, tuple, len, | |
| 6742 | sock_net(ctx->sk), 0, | |
| 6743 | IPPROTO_TCP, netns_id, flags); | |
| 6744 | } | |
| 6745 | ||
| 6746 | static const struct bpf_func_proto bpf_sock_addr_skc_lookup_tcp_proto = { | |
| 6747 | .func = bpf_sock_addr_skc_lookup_tcp, | |
| 6748 | .gpl_only = false, | |
| 6749 | .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, | |
| 6750 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6751 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| edbf8c01 LB |
6752 | .arg3_type = ARG_CONST_SIZE, |
| 6753 | .arg4_type = ARG_ANYTHING, | |
| 6754 | .arg5_type = ARG_ANYTHING, | |
| 6755 | }; | |
| 6756 | ||
| 6c49e65e AI |
6757 | BPF_CALL_5(bpf_sock_addr_sk_lookup_tcp, struct bpf_sock_addr_kern *, ctx, |
| 6758 | struct bpf_sock_tuple *, tuple, u32, len, u64, netns_id, u64, flags) | |
| 6759 | { | |
| edbf8c01 LB |
6760 | return (unsigned long)__bpf_sk_lookup(NULL, tuple, len, |
| 6761 | sock_net(ctx->sk), 0, IPPROTO_TCP, | |
| 6762 | netns_id, flags); | |
| 6c49e65e AI |
6763 | } |
| 6764 | ||
| 6765 | static const struct bpf_func_proto bpf_sock_addr_sk_lookup_tcp_proto = { | |
| 6766 | .func = bpf_sock_addr_sk_lookup_tcp, | |
| 6767 | .gpl_only = false, | |
| 6768 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6769 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6770 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 6c49e65e AI |
6771 | .arg3_type = ARG_CONST_SIZE, |
| 6772 | .arg4_type = ARG_ANYTHING, | |
| 6773 | .arg5_type = ARG_ANYTHING, | |
| 6774 | }; | |
| 6775 | ||
| 6776 | BPF_CALL_5(bpf_sock_addr_sk_lookup_udp, struct bpf_sock_addr_kern *, ctx, | |
| 6777 | struct bpf_sock_tuple *, tuple, u32, len, u64, netns_id, u64, flags) | |
| 6778 | { | |
| edbf8c01 LB |
6779 | return (unsigned long)__bpf_sk_lookup(NULL, tuple, len, |
| 6780 | sock_net(ctx->sk), 0, IPPROTO_UDP, | |
| 6781 | netns_id, flags); | |
| 6c49e65e AI |
6782 | } |
| 6783 | ||
| 6784 | static const struct bpf_func_proto bpf_sock_addr_sk_lookup_udp_proto = { | |
| 6785 | .func = bpf_sock_addr_sk_lookup_udp, | |
| 6786 | .gpl_only = false, | |
| 6787 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6788 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 6789 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 6c49e65e AI |
6790 | .arg3_type = ARG_CONST_SIZE, |
| 6791 | .arg4_type = ARG_ANYTHING, | |
| 6792 | .arg5_type = ARG_ANYTHING, | |
| 6793 | }; | |
| 6794 | ||
| 655a51e5 MKL |
6795 | bool bpf_tcp_sock_is_valid_access(int off, int size, enum bpf_access_type type, |
| 6796 | struct bpf_insn_access_aux *info) | |
| 6797 | { | |
| c2cb5e82 SF |
6798 | if (off < 0 || off >= offsetofend(struct bpf_tcp_sock, |
| 6799 | icsk_retransmits)) | |
| 655a51e5 MKL |
6800 | return false; |
| 6801 | ||
| 6802 | if (off % size != 0) | |
| 6803 | return false; | |
| 6804 | ||
| 6805 | switch (off) { | |
| 6806 | case offsetof(struct bpf_tcp_sock, bytes_received): | |
| 6807 | case offsetof(struct bpf_tcp_sock, bytes_acked): | |
| 6808 | return size == sizeof(__u64); | |
| 6809 | default: | |
| 6810 | return size == sizeof(__u32); | |
| 6811 | } | |
| 6812 | } | |
| 6813 | ||
| 6814 | u32 bpf_tcp_sock_convert_ctx_access(enum bpf_access_type type, | |
| 6815 | const struct bpf_insn *si, | |
| 6816 | struct bpf_insn *insn_buf, | |
| 6817 | struct bpf_prog *prog, u32 *target_size) | |
| 6818 | { | |
| 6819 | struct bpf_insn *insn = insn_buf; | |
| 6820 | ||
| 6821 | #define BPF_TCP_SOCK_GET_COMMON(FIELD) \ | |
| 6822 | do { \ | |
| c593642c PB |
6823 | BUILD_BUG_ON(sizeof_field(struct tcp_sock, FIELD) > \ |
| 6824 | sizeof_field(struct bpf_tcp_sock, FIELD)); \ | |
| 655a51e5 MKL |
6825 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct tcp_sock, FIELD),\ |
| 6826 | si->dst_reg, si->src_reg, \ | |
| 6827 | offsetof(struct tcp_sock, FIELD)); \ | |
| 6828 | } while (0) | |
| 6829 | ||
| c2cb5e82 SF |
6830 | #define BPF_INET_SOCK_GET_COMMON(FIELD) \ |
| 6831 | do { \ | |
| c593642c | 6832 | BUILD_BUG_ON(sizeof_field(struct inet_connection_sock, \ |
| c2cb5e82 | 6833 | FIELD) > \ |
| c593642c | 6834 | sizeof_field(struct bpf_tcp_sock, FIELD)); \ |
| c2cb5e82 SF |
6835 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ |
| 6836 | struct inet_connection_sock, \ | |
| 6837 | FIELD), \ | |
| 6838 | si->dst_reg, si->src_reg, \ | |
| 6839 | offsetof( \ | |
| 6840 | struct inet_connection_sock, \ | |
| 6841 | FIELD)); \ | |
| 6842 | } while (0) | |
| 6843 | ||
| 655a51e5 MKL |
6844 | if (insn > insn_buf) |
| 6845 | return insn - insn_buf; | |
| 6846 | ||
| 6847 | switch (si->off) { | |
| 6848 | case offsetof(struct bpf_tcp_sock, rtt_min): | |
| c593642c | 6849 | BUILD_BUG_ON(sizeof_field(struct tcp_sock, rtt_min) != |
| 655a51e5 MKL |
6850 | sizeof(struct minmax)); |
| 6851 | BUILD_BUG_ON(sizeof(struct minmax) < | |
| 6852 | sizeof(struct minmax_sample)); | |
| 6853 | ||
| 6854 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 6855 | offsetof(struct tcp_sock, rtt_min) + | |
| 6856 | offsetof(struct minmax_sample, v)); | |
| 6857 | break; | |
| 2377b81d SF |
6858 | case offsetof(struct bpf_tcp_sock, snd_cwnd): |
| 6859 | BPF_TCP_SOCK_GET_COMMON(snd_cwnd); | |
| 6860 | break; | |
| 6861 | case offsetof(struct bpf_tcp_sock, srtt_us): | |
| 6862 | BPF_TCP_SOCK_GET_COMMON(srtt_us); | |
| 6863 | break; | |
| 6864 | case offsetof(struct bpf_tcp_sock, snd_ssthresh): | |
| 6865 | BPF_TCP_SOCK_GET_COMMON(snd_ssthresh); | |
| 6866 | break; | |
| 6867 | case offsetof(struct bpf_tcp_sock, rcv_nxt): | |
| 6868 | BPF_TCP_SOCK_GET_COMMON(rcv_nxt); | |
| 6869 | break; | |
| 6870 | case offsetof(struct bpf_tcp_sock, snd_nxt): | |
| 6871 | BPF_TCP_SOCK_GET_COMMON(snd_nxt); | |
| 6872 | break; | |
| 6873 | case offsetof(struct bpf_tcp_sock, snd_una): | |
| 6874 | BPF_TCP_SOCK_GET_COMMON(snd_una); | |
| 6875 | break; | |
| 6876 | case offsetof(struct bpf_tcp_sock, mss_cache): | |
| 6877 | BPF_TCP_SOCK_GET_COMMON(mss_cache); | |
| 6878 | break; | |
| 6879 | case offsetof(struct bpf_tcp_sock, ecn_flags): | |
| 6880 | BPF_TCP_SOCK_GET_COMMON(ecn_flags); | |
| 6881 | break; | |
| 6882 | case offsetof(struct bpf_tcp_sock, rate_delivered): | |
| 6883 | BPF_TCP_SOCK_GET_COMMON(rate_delivered); | |
| 6884 | break; | |
| 6885 | case offsetof(struct bpf_tcp_sock, rate_interval_us): | |
| 6886 | BPF_TCP_SOCK_GET_COMMON(rate_interval_us); | |
| 6887 | break; | |
| 6888 | case offsetof(struct bpf_tcp_sock, packets_out): | |
| 6889 | BPF_TCP_SOCK_GET_COMMON(packets_out); | |
| 6890 | break; | |
| 6891 | case offsetof(struct bpf_tcp_sock, retrans_out): | |
| 6892 | BPF_TCP_SOCK_GET_COMMON(retrans_out); | |
| 6893 | break; | |
| 6894 | case offsetof(struct bpf_tcp_sock, total_retrans): | |
| 6895 | BPF_TCP_SOCK_GET_COMMON(total_retrans); | |
| 6896 | break; | |
| 6897 | case offsetof(struct bpf_tcp_sock, segs_in): | |
| 6898 | BPF_TCP_SOCK_GET_COMMON(segs_in); | |
| 6899 | break; | |
| 6900 | case offsetof(struct bpf_tcp_sock, data_segs_in): | |
| 6901 | BPF_TCP_SOCK_GET_COMMON(data_segs_in); | |
| 6902 | break; | |
| 6903 | case offsetof(struct bpf_tcp_sock, segs_out): | |
| 6904 | BPF_TCP_SOCK_GET_COMMON(segs_out); | |
| 6905 | break; | |
| 6906 | case offsetof(struct bpf_tcp_sock, data_segs_out): | |
| 6907 | BPF_TCP_SOCK_GET_COMMON(data_segs_out); | |
| 6908 | break; | |
| 6909 | case offsetof(struct bpf_tcp_sock, lost_out): | |
| 6910 | BPF_TCP_SOCK_GET_COMMON(lost_out); | |
| 6911 | break; | |
| 6912 | case offsetof(struct bpf_tcp_sock, sacked_out): | |
| 6913 | BPF_TCP_SOCK_GET_COMMON(sacked_out); | |
| 6914 | break; | |
| 6915 | case offsetof(struct bpf_tcp_sock, bytes_received): | |
| 6916 | BPF_TCP_SOCK_GET_COMMON(bytes_received); | |
| 6917 | break; | |
| 6918 | case offsetof(struct bpf_tcp_sock, bytes_acked): | |
| 6919 | BPF_TCP_SOCK_GET_COMMON(bytes_acked); | |
| 6920 | break; | |
| 0357746d SF |
6921 | case offsetof(struct bpf_tcp_sock, dsack_dups): |
| 6922 | BPF_TCP_SOCK_GET_COMMON(dsack_dups); | |
| 6923 | break; | |
| 6924 | case offsetof(struct bpf_tcp_sock, delivered): | |
| 6925 | BPF_TCP_SOCK_GET_COMMON(delivered); | |
| 6926 | break; | |
| 6927 | case offsetof(struct bpf_tcp_sock, delivered_ce): | |
| 6928 | BPF_TCP_SOCK_GET_COMMON(delivered_ce); | |
| 6929 | break; | |
| c2cb5e82 SF |
6930 | case offsetof(struct bpf_tcp_sock, icsk_retransmits): |
| 6931 | BPF_INET_SOCK_GET_COMMON(icsk_retransmits); | |
| 6932 | break; | |
| 655a51e5 MKL |
6933 | } |
| 6934 | ||
| 6935 | return insn - insn_buf; | |
| 6936 | } | |
| 6937 | ||
| 6938 | BPF_CALL_1(bpf_tcp_sock, struct sock *, sk) | |
| 6939 | { | |
| 655a51e5 MKL |
6940 | if (sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP) |
| 6941 | return (unsigned long)sk; | |
| 6942 | ||
| 6943 | return (unsigned long)NULL; | |
| 6944 | } | |
| 6945 | ||
| 0d01da6a | 6946 | const struct bpf_func_proto bpf_tcp_sock_proto = { |
| 655a51e5 MKL |
6947 | .func = bpf_tcp_sock, |
| 6948 | .gpl_only = false, | |
| 6949 | .ret_type = RET_PTR_TO_TCP_SOCK_OR_NULL, | |
| 6950 | .arg1_type = ARG_PTR_TO_SOCK_COMMON, | |
| 6951 | }; | |
| 6952 | ||
| dbafd7dd MKL |
6953 | BPF_CALL_1(bpf_get_listener_sock, struct sock *, sk) |
| 6954 | { | |
| 6955 | sk = sk_to_full_sk(sk); | |
| 6956 | ||
| 6957 | if (sk->sk_state == TCP_LISTEN && sock_flag(sk, SOCK_RCU_FREE)) | |
| 6958 | return (unsigned long)sk; | |
| 6959 | ||
| 6960 | return (unsigned long)NULL; | |
| 6961 | } | |
| 6962 | ||
| 6963 | static const struct bpf_func_proto bpf_get_listener_sock_proto = { | |
| 6964 | .func = bpf_get_listener_sock, | |
| 6965 | .gpl_only = false, | |
| 6966 | .ret_type = RET_PTR_TO_SOCKET_OR_NULL, | |
| 6967 | .arg1_type = ARG_PTR_TO_SOCK_COMMON, | |
| 6968 | }; | |
| 6969 | ||
| f7c917ba | 6970 | BPF_CALL_1(bpf_skb_ecn_set_ce, struct sk_buff *, skb) |
| 6971 | { | |
| 6972 | unsigned int iphdr_len; | |
| 6973 | ||
| d7bf2ebe THJ |
6974 | switch (skb_protocol(skb, true)) { |
| 6975 | case cpu_to_be16(ETH_P_IP): | |
| f7c917ba | 6976 | iphdr_len = sizeof(struct iphdr); |
| d7bf2ebe THJ |
6977 | break; |
| 6978 | case cpu_to_be16(ETH_P_IPV6): | |
| f7c917ba | 6979 | iphdr_len = sizeof(struct ipv6hdr); |
| d7bf2ebe THJ |
6980 | break; |
| 6981 | default: | |
| f7c917ba | 6982 | return 0; |
| d7bf2ebe | 6983 | } |
| f7c917ba | 6984 | |
| 6985 | if (skb_headlen(skb) < iphdr_len) | |
| 6986 | return 0; | |
| 6987 | ||
| 6988 | if (skb_cloned(skb) && !skb_clone_writable(skb, iphdr_len)) | |
| 6989 | return 0; | |
| 6990 | ||
| 6991 | return INET_ECN_set_ce(skb); | |
| 6992 | } | |
| 6993 | ||
| fada7fdc JL |
6994 | bool bpf_xdp_sock_is_valid_access(int off, int size, enum bpf_access_type type, |
| 6995 | struct bpf_insn_access_aux *info) | |
| 6996 | { | |
| 6997 | if (off < 0 || off >= offsetofend(struct bpf_xdp_sock, queue_id)) | |
| 6998 | return false; | |
| 6999 | ||
| 7000 | if (off % size != 0) | |
| 7001 | return false; | |
| 7002 | ||
| 7003 | switch (off) { | |
| 7004 | default: | |
| 7005 | return size == sizeof(__u32); | |
| 7006 | } | |
| 7007 | } | |
| 7008 | ||
| 7009 | u32 bpf_xdp_sock_convert_ctx_access(enum bpf_access_type type, | |
| 7010 | const struct bpf_insn *si, | |
| 7011 | struct bpf_insn *insn_buf, | |
| 7012 | struct bpf_prog *prog, u32 *target_size) | |
| 7013 | { | |
| 7014 | struct bpf_insn *insn = insn_buf; | |
| 7015 | ||
| 7016 | #define BPF_XDP_SOCK_GET(FIELD) \ | |
| 7017 | do { \ | |
| c593642c PB |
7018 | BUILD_BUG_ON(sizeof_field(struct xdp_sock, FIELD) > \ |
| 7019 | sizeof_field(struct bpf_xdp_sock, FIELD)); \ | |
| fada7fdc JL |
7020 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_sock, FIELD),\ |
| 7021 | si->dst_reg, si->src_reg, \ | |
| 7022 | offsetof(struct xdp_sock, FIELD)); \ | |
| 7023 | } while (0) | |
| 7024 | ||
| 7025 | switch (si->off) { | |
| 7026 | case offsetof(struct bpf_xdp_sock, queue_id): | |
| 7027 | BPF_XDP_SOCK_GET(queue_id); | |
| 7028 | break; | |
| 7029 | } | |
| 7030 | ||
| 7031 | return insn - insn_buf; | |
| 7032 | } | |
| 7033 | ||
| f7c917ba | 7034 | static const struct bpf_func_proto bpf_skb_ecn_set_ce_proto = { |
| 7035 | .func = bpf_skb_ecn_set_ce, | |
| 7036 | .gpl_only = false, | |
| 7037 | .ret_type = RET_INTEGER, | |
| 7038 | .arg1_type = ARG_PTR_TO_CTX, | |
| 7039 | }; | |
| 39904084 LB |
7040 | |
| 7041 | BPF_CALL_5(bpf_tcp_check_syncookie, struct sock *, sk, void *, iph, u32, iph_len, | |
| 7042 | struct tcphdr *, th, u32, th_len) | |
| 7043 | { | |
| 7044 | #ifdef CONFIG_SYN_COOKIES | |
| 7045 | u32 cookie; | |
| 7046 | int ret; | |
| 7047 | ||
| c0df236e | 7048 | if (unlikely(!sk || th_len < sizeof(*th))) |
| 39904084 LB |
7049 | return -EINVAL; |
| 7050 | ||
| 7051 | /* sk_listener() allows TCP_NEW_SYN_RECV, which makes no sense here. */ | |
| 7052 | if (sk->sk_protocol != IPPROTO_TCP || sk->sk_state != TCP_LISTEN) | |
| 7053 | return -EINVAL; | |
| 7054 | ||
| f2e383b5 | 7055 | if (!READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_syncookies)) |
| 39904084 LB |
7056 | return -EINVAL; |
| 7057 | ||
| 7058 | if (!th->ack || th->rst || th->syn) | |
| 7059 | return -ENOENT; | |
| 7060 | ||
| 2e8702cc MM |
7061 | if (unlikely(iph_len < sizeof(struct iphdr))) |
| 7062 | return -EINVAL; | |
| 7063 | ||
| 39904084 LB |
7064 | if (tcp_synq_no_recent_overflow(sk)) |
| 7065 | return -ENOENT; | |
| 7066 | ||
| 7067 | cookie = ntohl(th->ack_seq) - 1; | |
| 7068 | ||
| 2e8702cc MM |
7069 | /* Both struct iphdr and struct ipv6hdr have the version field at the |
| 7070 | * same offset so we can cast to the shorter header (struct iphdr). | |
| 7071 | */ | |
| 7072 | switch (((struct iphdr *)iph)->version) { | |
| 7073 | case 4: | |
| 7074 | if (sk->sk_family == AF_INET6 && ipv6_only_sock(sk)) | |
| 39904084 LB |
7075 | return -EINVAL; |
| 7076 | ||
| 7077 | ret = __cookie_v4_check((struct iphdr *)iph, th, cookie); | |
| 7078 | break; | |
| 7079 | ||
| 7080 | #if IS_BUILTIN(CONFIG_IPV6) | |
| 2e8702cc | 7081 | case 6: |
| 39904084 LB |
7082 | if (unlikely(iph_len < sizeof(struct ipv6hdr))) |
| 7083 | return -EINVAL; | |
| 7084 | ||
| 2e8702cc MM |
7085 | if (sk->sk_family != AF_INET6) |
| 7086 | return -EINVAL; | |
| 7087 | ||
| 39904084 LB |
7088 | ret = __cookie_v6_check((struct ipv6hdr *)iph, th, cookie); |
| 7089 | break; | |
| 7090 | #endif /* CONFIG_IPV6 */ | |
| 7091 | ||
| 7092 | default: | |
| 7093 | return -EPROTONOSUPPORT; | |
| 7094 | } | |
| 7095 | ||
| 7096 | if (ret > 0) | |
| 7097 | return 0; | |
| 7098 | ||
| 7099 | return -ENOENT; | |
| 7100 | #else | |
| 7101 | return -ENOTSUPP; | |
| 7102 | #endif | |
| 7103 | } | |
| 7104 | ||
| 7105 | static const struct bpf_func_proto bpf_tcp_check_syncookie_proto = { | |
| 7106 | .func = bpf_tcp_check_syncookie, | |
| 7107 | .gpl_only = true, | |
| 7108 | .pkt_access = true, | |
| 7109 | .ret_type = RET_INTEGER, | |
| c0df236e | 7110 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| 216e3cd2 | 7111 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 39904084 | 7112 | .arg3_type = ARG_CONST_SIZE, |
| 216e3cd2 | 7113 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 39904084 LB |
7114 | .arg5_type = ARG_CONST_SIZE, |
| 7115 | }; | |
| 7116 | ||
| 70d66244 PP |
7117 | BPF_CALL_5(bpf_tcp_gen_syncookie, struct sock *, sk, void *, iph, u32, iph_len, |
| 7118 | struct tcphdr *, th, u32, th_len) | |
| 7119 | { | |
| 7120 | #ifdef CONFIG_SYN_COOKIES | |
| 7121 | u32 cookie; | |
| 7122 | u16 mss; | |
| 7123 | ||
| c0df236e | 7124 | if (unlikely(!sk || th_len < sizeof(*th) || th_len != th->doff * 4)) |
| 70d66244 PP |
7125 | return -EINVAL; |
| 7126 | ||
| 7127 | if (sk->sk_protocol != IPPROTO_TCP || sk->sk_state != TCP_LISTEN) | |
| 7128 | return -EINVAL; | |
| 7129 | ||
| f2e383b5 | 7130 | if (!READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_syncookies)) |
| 70d66244 PP |
7131 | return -ENOENT; |
| 7132 | ||
| 7133 | if (!th->syn || th->ack || th->fin || th->rst) | |
| 7134 | return -EINVAL; | |
| 7135 | ||
| 7136 | if (unlikely(iph_len < sizeof(struct iphdr))) | |
| 7137 | return -EINVAL; | |
| 7138 | ||
| 7139 | /* Both struct iphdr and struct ipv6hdr have the version field at the | |
| 7140 | * same offset so we can cast to the shorter header (struct iphdr). | |
| 7141 | */ | |
| 7142 | switch (((struct iphdr *)iph)->version) { | |
| 7143 | case 4: | |
| 81ee0eb6 | 7144 | if (sk->sk_family == AF_INET6 && ipv6_only_sock(sk)) |
| 70d66244 PP |
7145 | return -EINVAL; |
| 7146 | ||
| 7147 | mss = tcp_v4_get_syncookie(sk, iph, th, &cookie); | |
| 7148 | break; | |
| 7149 | ||
| 7150 | #if IS_BUILTIN(CONFIG_IPV6) | |
| 7151 | case 6: | |
| 7152 | if (unlikely(iph_len < sizeof(struct ipv6hdr))) | |
| 7153 | return -EINVAL; | |
| 7154 | ||
| 7155 | if (sk->sk_family != AF_INET6) | |
| 7156 | return -EINVAL; | |
| 7157 | ||
| 7158 | mss = tcp_v6_get_syncookie(sk, iph, th, &cookie); | |
| 7159 | break; | |
| 7160 | #endif /* CONFIG_IPV6 */ | |
| 7161 | ||
| 7162 | default: | |
| 7163 | return -EPROTONOSUPPORT; | |
| 7164 | } | |
| 0741be35 | 7165 | if (mss == 0) |
| 70d66244 PP |
7166 | return -ENOENT; |
| 7167 | ||
| 7168 | return cookie | ((u64)mss << 32); | |
| 7169 | #else | |
| 7170 | return -EOPNOTSUPP; | |
| 7171 | #endif /* CONFIG_SYN_COOKIES */ | |
| 7172 | } | |
| 7173 | ||
| 7174 | static const struct bpf_func_proto bpf_tcp_gen_syncookie_proto = { | |
| 7175 | .func = bpf_tcp_gen_syncookie, | |
| 7176 | .gpl_only = true, /* __cookie_v*_init_sequence() is GPL */ | |
| 7177 | .pkt_access = true, | |
| 7178 | .ret_type = RET_INTEGER, | |
| c0df236e | 7179 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| 216e3cd2 | 7180 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 70d66244 | 7181 | .arg3_type = ARG_CONST_SIZE, |
| 216e3cd2 | 7182 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 70d66244 PP |
7183 | .arg5_type = ARG_CONST_SIZE, |
| 7184 | }; | |
| 7185 | ||
| cf7fbe66 JS |
7186 | BPF_CALL_3(bpf_sk_assign, struct sk_buff *, skb, struct sock *, sk, u64, flags) |
| 7187 | { | |
| 27e5203b | 7188 | if (!sk || flags != 0) |
| cf7fbe66 JS |
7189 | return -EINVAL; |
| 7190 | if (!skb_at_tc_ingress(skb)) | |
| 7191 | return -EOPNOTSUPP; | |
| 7192 | if (unlikely(dev_net(skb->dev) != sock_net(sk))) | |
| 7193 | return -ENETUNREACH; | |
| 8e368dc7 | 7194 | if (unlikely(sk_fullsock(sk) && sk->sk_reuseport)) |
| cf7fbe66 | 7195 | return -ESOCKTNOSUPPORT; |
| 7ae215d2 JS |
7196 | if (sk_is_refcounted(sk) && |
| 7197 | unlikely(!refcount_inc_not_zero(&sk->sk_refcnt))) | |
| cf7fbe66 JS |
7198 | return -ENOENT; |
| 7199 | ||
| 7200 | skb_orphan(skb); | |
| 7201 | skb->sk = sk; | |
| 7202 | skb->destructor = sock_pfree; | |
| 7203 | ||
| 7204 | return 0; | |
| 7205 | } | |
| 7206 | ||
| 7207 | static const struct bpf_func_proto bpf_sk_assign_proto = { | |
| 7208 | .func = bpf_sk_assign, | |
| 7209 | .gpl_only = false, | |
| 7210 | .ret_type = RET_INTEGER, | |
| 7211 | .arg1_type = ARG_PTR_TO_CTX, | |
| 27e5203b | 7212 | .arg2_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| cf7fbe66 JS |
7213 | .arg3_type = ARG_ANYTHING, |
| 7214 | }; | |
| 7215 | ||
| 0813a841 MKL |
7216 | static const u8 *bpf_search_tcp_opt(const u8 *op, const u8 *opend, |
| 7217 | u8 search_kind, const u8 *magic, | |
| 7218 | u8 magic_len, bool *eol) | |
| 7219 | { | |
| 7220 | u8 kind, kind_len; | |
| 7221 | ||
| 7222 | *eol = false; | |
| 7223 | ||
| 7224 | while (op < opend) { | |
| 7225 | kind = op[0]; | |
| 7226 | ||
| 7227 | if (kind == TCPOPT_EOL) { | |
| 7228 | *eol = true; | |
| 7229 | return ERR_PTR(-ENOMSG); | |
| 7230 | } else if (kind == TCPOPT_NOP) { | |
| 7231 | op++; | |
| 7232 | continue; | |
| 7233 | } | |
| 7234 | ||
| 7235 | if (opend - op < 2 || opend - op < op[1] || op[1] < 2) | |
| 7236 | /* Something is wrong in the received header. | |
| 7237 | * Follow the TCP stack's tcp_parse_options() | |
| 7238 | * and just bail here. | |
| 7239 | */ | |
| 7240 | return ERR_PTR(-EFAULT); | |
| 7241 | ||
| 7242 | kind_len = op[1]; | |
| 7243 | if (search_kind == kind) { | |
| 7244 | if (!magic_len) | |
| 7245 | return op; | |
| 7246 | ||
| 7247 | if (magic_len > kind_len - 2) | |
| 7248 | return ERR_PTR(-ENOMSG); | |
| 7249 | ||
| 7250 | if (!memcmp(&op[2], magic, magic_len)) | |
| 7251 | return op; | |
| 7252 | } | |
| 7253 | ||
| 7254 | op += kind_len; | |
| 7255 | } | |
| 7256 | ||
| 7257 | return ERR_PTR(-ENOMSG); | |
| 7258 | } | |
| 7259 | ||
| 7260 | BPF_CALL_4(bpf_sock_ops_load_hdr_opt, struct bpf_sock_ops_kern *, bpf_sock, | |
| 7261 | void *, search_res, u32, len, u64, flags) | |
| 7262 | { | |
| 7263 | bool eol, load_syn = flags & BPF_LOAD_HDR_OPT_TCP_SYN; | |
| 7264 | const u8 *op, *opend, *magic, *search = search_res; | |
| 7265 | u8 search_kind, search_len, copy_len, magic_len; | |
| 7266 | int ret; | |
| 7267 | ||
| 7268 | /* 2 byte is the minimal option len except TCPOPT_NOP and | |
| 7269 | * TCPOPT_EOL which are useless for the bpf prog to learn | |
| 7270 | * and this helper disallow loading them also. | |
| 7271 | */ | |
| 7272 | if (len < 2 || flags & ~BPF_LOAD_HDR_OPT_TCP_SYN) | |
| 7273 | return -EINVAL; | |
| 7274 | ||
| 7275 | search_kind = search[0]; | |
| 7276 | search_len = search[1]; | |
| 7277 | ||
| 7278 | if (search_len > len || search_kind == TCPOPT_NOP || | |
| 7279 | search_kind == TCPOPT_EOL) | |
| 7280 | return -EINVAL; | |
| 7281 | ||
| 7282 | if (search_kind == TCPOPT_EXP || search_kind == 253) { | |
| 7283 | /* 16 or 32 bit magic. +2 for kind and kind length */ | |
| 7284 | if (search_len != 4 && search_len != 6) | |
| 7285 | return -EINVAL; | |
| 7286 | magic = &search[2]; | |
| 7287 | magic_len = search_len - 2; | |
| 7288 | } else { | |
| 7289 | if (search_len) | |
| 7290 | return -EINVAL; | |
| 7291 | magic = NULL; | |
| 7292 | magic_len = 0; | |
| 7293 | } | |
| 7294 | ||
| 7295 | if (load_syn) { | |
| 7296 | ret = bpf_sock_ops_get_syn(bpf_sock, TCP_BPF_SYN, &op); | |
| 7297 | if (ret < 0) | |
| 7298 | return ret; | |
| 7299 | ||
| 7300 | opend = op + ret; | |
| 7301 | op += sizeof(struct tcphdr); | |
| 7302 | } else { | |
| 7303 | if (!bpf_sock->skb || | |
| 7304 | bpf_sock->op == BPF_SOCK_OPS_HDR_OPT_LEN_CB) | |
| 7305 | /* This bpf_sock->op cannot call this helper */ | |
| 7306 | return -EPERM; | |
| 7307 | ||
| 7308 | opend = bpf_sock->skb_data_end; | |
| 7309 | op = bpf_sock->skb->data + sizeof(struct tcphdr); | |
| 7310 | } | |
| 7311 | ||
| 7312 | op = bpf_search_tcp_opt(op, opend, search_kind, magic, magic_len, | |
| 7313 | &eol); | |
| 7314 | if (IS_ERR(op)) | |
| 7315 | return PTR_ERR(op); | |
| 7316 | ||
| 7317 | copy_len = op[1]; | |
| 7318 | ret = copy_len; | |
| 7319 | if (copy_len > len) { | |
| 7320 | ret = -ENOSPC; | |
| 7321 | copy_len = len; | |
| 7322 | } | |
| 7323 | ||
| 7324 | memcpy(search_res, op, copy_len); | |
| 7325 | return ret; | |
| 7326 | } | |
| 7327 | ||
| 7328 | static const struct bpf_func_proto bpf_sock_ops_load_hdr_opt_proto = { | |
| 7329 | .func = bpf_sock_ops_load_hdr_opt, | |
| 7330 | .gpl_only = false, | |
| 7331 | .ret_type = RET_INTEGER, | |
| 7332 | .arg1_type = ARG_PTR_TO_CTX, | |
| 7333 | .arg2_type = ARG_PTR_TO_MEM, | |
| 7334 | .arg3_type = ARG_CONST_SIZE, | |
| 7335 | .arg4_type = ARG_ANYTHING, | |
| 7336 | }; | |
| 7337 | ||
| 7338 | BPF_CALL_4(bpf_sock_ops_store_hdr_opt, struct bpf_sock_ops_kern *, bpf_sock, | |
| 7339 | const void *, from, u32, len, u64, flags) | |
| 7340 | { | |
| 7341 | u8 new_kind, new_kind_len, magic_len = 0, *opend; | |
| 7342 | const u8 *op, *new_op, *magic = NULL; | |
| 7343 | struct sk_buff *skb; | |
| 7344 | bool eol; | |
| 7345 | ||
| 7346 | if (bpf_sock->op != BPF_SOCK_OPS_WRITE_HDR_OPT_CB) | |
| 7347 | return -EPERM; | |
| 7348 | ||
| 7349 | if (len < 2 || flags) | |
| 7350 | return -EINVAL; | |
| 7351 | ||
| 7352 | new_op = from; | |
| 7353 | new_kind = new_op[0]; | |
| 7354 | new_kind_len = new_op[1]; | |
| 7355 | ||
| 7356 | if (new_kind_len > len || new_kind == TCPOPT_NOP || | |
| 7357 | new_kind == TCPOPT_EOL) | |
| 7358 | return -EINVAL; | |
| 7359 | ||
| 7360 | if (new_kind_len > bpf_sock->remaining_opt_len) | |
| 7361 | return -ENOSPC; | |
| 7362 | ||
| 7363 | /* 253 is another experimental kind */ | |
| 7364 | if (new_kind == TCPOPT_EXP || new_kind == 253) { | |
| 7365 | if (new_kind_len < 4) | |
| 7366 | return -EINVAL; | |
| 7367 | /* Match for the 2 byte magic also. | |
| 7368 | * RFC 6994: the magic could be 2 or 4 bytes. | |
| 7369 | * Hence, matching by 2 byte only is on the | |
| 7370 | * conservative side but it is the right | |
| 7371 | * thing to do for the 'search-for-duplication' | |
| 7372 | * purpose. | |
| 7373 | */ | |
| 7374 | magic = &new_op[2]; | |
| 7375 | magic_len = 2; | |
| 7376 | } | |
| 7377 | ||
| 7378 | /* Check for duplication */ | |
| 7379 | skb = bpf_sock->skb; | |
| 7380 | op = skb->data + sizeof(struct tcphdr); | |
| 7381 | opend = bpf_sock->skb_data_end; | |
| 7382 | ||
| 7383 | op = bpf_search_tcp_opt(op, opend, new_kind, magic, magic_len, | |
| 7384 | &eol); | |
| 7385 | if (!IS_ERR(op)) | |
| 7386 | return -EEXIST; | |
| 7387 | ||
| 7388 | if (PTR_ERR(op) != -ENOMSG) | |
| 7389 | return PTR_ERR(op); | |
| 7390 | ||
| 7391 | if (eol) | |
| 7392 | /* The option has been ended. Treat it as no more | |
| 7393 | * header option can be written. | |
| 7394 | */ | |
| 7395 | return -ENOSPC; | |
| 7396 | ||
| 7397 | /* No duplication found. Store the header option. */ | |
| 7398 | memcpy(opend, from, new_kind_len); | |
| 7399 | ||
| 7400 | bpf_sock->remaining_opt_len -= new_kind_len; | |
| 7401 | bpf_sock->skb_data_end += new_kind_len; | |
| 7402 | ||
| 7403 | return 0; | |
| 7404 | } | |
| 7405 | ||
| 7406 | static const struct bpf_func_proto bpf_sock_ops_store_hdr_opt_proto = { | |
| 7407 | .func = bpf_sock_ops_store_hdr_opt, | |
| 7408 | .gpl_only = false, | |
| 7409 | .ret_type = RET_INTEGER, | |
| 7410 | .arg1_type = ARG_PTR_TO_CTX, | |
| 216e3cd2 | 7411 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, |
| 0813a841 MKL |
7412 | .arg3_type = ARG_CONST_SIZE, |
| 7413 | .arg4_type = ARG_ANYTHING, | |
| 7414 | }; | |
| 7415 | ||
| 7416 | BPF_CALL_3(bpf_sock_ops_reserve_hdr_opt, struct bpf_sock_ops_kern *, bpf_sock, | |
| 7417 | u32, len, u64, flags) | |
| 7418 | { | |
| 7419 | if (bpf_sock->op != BPF_SOCK_OPS_HDR_OPT_LEN_CB) | |
| 7420 | return -EPERM; | |
| 7421 | ||
| 7422 | if (flags || len < 2) | |
| 7423 | return -EINVAL; | |
| 7424 | ||
| 7425 | if (len > bpf_sock->remaining_opt_len) | |
| 7426 | return -ENOSPC; | |
| 7427 | ||
| 7428 | bpf_sock->remaining_opt_len -= len; | |
| 7429 | ||
| 7430 | return 0; | |
| 7431 | } | |
| 7432 | ||
| 7433 | static const struct bpf_func_proto bpf_sock_ops_reserve_hdr_opt_proto = { | |
| 7434 | .func = bpf_sock_ops_reserve_hdr_opt, | |
| 7435 | .gpl_only = false, | |
| 7436 | .ret_type = RET_INTEGER, | |
| 7437 | .arg1_type = ARG_PTR_TO_CTX, | |
| 7438 | .arg2_type = ARG_ANYTHING, | |
| 7439 | .arg3_type = ARG_ANYTHING, | |
| 7440 | }; | |
| 7441 | ||
| 9bb984f2 MKL |
7442 | BPF_CALL_3(bpf_skb_set_tstamp, struct sk_buff *, skb, |
| 7443 | u64, tstamp, u32, tstamp_type) | |
| 8d21ec0e MKL |
7444 | { |
| 7445 | /* skb_clear_delivery_time() is done for inet protocol */ | |
| 7446 | if (skb->protocol != htons(ETH_P_IP) && | |
| 7447 | skb->protocol != htons(ETH_P_IPV6)) | |
| 7448 | return -EOPNOTSUPP; | |
| 7449 | ||
| 9bb984f2 MKL |
7450 | switch (tstamp_type) { |
| 7451 | case BPF_SKB_TSTAMP_DELIVERY_MONO: | |
| 7452 | if (!tstamp) | |
| 8d21ec0e | 7453 | return -EINVAL; |
| 9bb984f2 | 7454 | skb->tstamp = tstamp; |
| 8d21ec0e MKL |
7455 | skb->mono_delivery_time = 1; |
| 7456 | break; | |
| 9bb984f2 MKL |
7457 | case BPF_SKB_TSTAMP_UNSPEC: |
| 7458 | if (tstamp) | |
| 8d21ec0e MKL |
7459 | return -EINVAL; |
| 7460 | skb->tstamp = 0; | |
| 7461 | skb->mono_delivery_time = 0; | |
| 7462 | break; | |
| 7463 | default: | |
| 9bb984f2 | 7464 | return -EINVAL; |
| 8d21ec0e MKL |
7465 | } |
| 7466 | ||
| 7467 | return 0; | |
| 7468 | } | |
| 7469 | ||
| 9bb984f2 MKL |
7470 | static const struct bpf_func_proto bpf_skb_set_tstamp_proto = { |
| 7471 | .func = bpf_skb_set_tstamp, | |
| 8d21ec0e MKL |
7472 | .gpl_only = false, |
| 7473 | .ret_type = RET_INTEGER, | |
| 7474 | .arg1_type = ARG_PTR_TO_CTX, | |
| 7475 | .arg2_type = ARG_ANYTHING, | |
| 7476 | .arg3_type = ARG_ANYTHING, | |
| 7477 | }; | |
| 7478 | ||
| 33bf9885 MM |
7479 | #ifdef CONFIG_SYN_COOKIES |
| 7480 | BPF_CALL_3(bpf_tcp_raw_gen_syncookie_ipv4, struct iphdr *, iph, | |
| 7481 | struct tcphdr *, th, u32, th_len) | |
| 7482 | { | |
| 7483 | u32 cookie; | |
| 7484 | u16 mss; | |
| 7485 | ||
| 7486 | if (unlikely(th_len < sizeof(*th) || th_len != th->doff * 4)) | |
| 7487 | return -EINVAL; | |
| 7488 | ||
| 7489 | mss = tcp_parse_mss_option(th, 0) ?: TCP_MSS_DEFAULT; | |
| 7490 | cookie = __cookie_v4_init_sequence(iph, th, &mss); | |
| 7491 | ||
| 7492 | return cookie | ((u64)mss << 32); | |
| 7493 | } | |
| 7494 | ||
| 7495 | static const struct bpf_func_proto bpf_tcp_raw_gen_syncookie_ipv4_proto = { | |
| 7496 | .func = bpf_tcp_raw_gen_syncookie_ipv4, | |
| 7497 | .gpl_only = true, /* __cookie_v4_init_sequence() is GPL */ | |
| 7498 | .pkt_access = true, | |
| 7499 | .ret_type = RET_INTEGER, | |
| 7500 | .arg1_type = ARG_PTR_TO_FIXED_SIZE_MEM, | |
| 7501 | .arg1_size = sizeof(struct iphdr), | |
| 7502 | .arg2_type = ARG_PTR_TO_MEM, | |
| 7503 | .arg3_type = ARG_CONST_SIZE, | |
| 7504 | }; | |
| 7505 | ||
| 7506 | BPF_CALL_3(bpf_tcp_raw_gen_syncookie_ipv6, struct ipv6hdr *, iph, | |
| 7507 | struct tcphdr *, th, u32, th_len) | |
| 7508 | { | |
| 7509 | #if IS_BUILTIN(CONFIG_IPV6) | |
| 7510 | const u16 mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - | |
| 7511 | sizeof(struct ipv6hdr); | |
| 7512 | u32 cookie; | |
| 7513 | u16 mss; | |
| 7514 | ||
| 7515 | if (unlikely(th_len < sizeof(*th) || th_len != th->doff * 4)) | |
| 7516 | return -EINVAL; | |
| 7517 | ||
| 7518 | mss = tcp_parse_mss_option(th, 0) ?: mss_clamp; | |
| 7519 | cookie = __cookie_v6_init_sequence(iph, th, &mss); | |
| 7520 | ||
| 7521 | return cookie | ((u64)mss << 32); | |
| 7522 | #else | |
| 7523 | return -EPROTONOSUPPORT; | |
| 7524 | #endif | |
| 7525 | } | |
| 7526 | ||
| 7527 | static const struct bpf_func_proto bpf_tcp_raw_gen_syncookie_ipv6_proto = { | |
| 7528 | .func = bpf_tcp_raw_gen_syncookie_ipv6, | |
| 7529 | .gpl_only = true, /* __cookie_v6_init_sequence() is GPL */ | |
| 7530 | .pkt_access = true, | |
| 7531 | .ret_type = RET_INTEGER, | |
| 7532 | .arg1_type = ARG_PTR_TO_FIXED_SIZE_MEM, | |
| 7533 | .arg1_size = sizeof(struct ipv6hdr), | |
| 7534 | .arg2_type = ARG_PTR_TO_MEM, | |
| 7535 | .arg3_type = ARG_CONST_SIZE, | |
| 7536 | }; | |
| 7537 | ||
| 7538 | BPF_CALL_2(bpf_tcp_raw_check_syncookie_ipv4, struct iphdr *, iph, | |
| 7539 | struct tcphdr *, th) | |
| 7540 | { | |
| 7541 | u32 cookie = ntohl(th->ack_seq) - 1; | |
| 7542 | ||
| 7543 | if (__cookie_v4_check(iph, th, cookie) > 0) | |
| 7544 | return 0; | |
| 7545 | ||
| 7546 | return -EACCES; | |
| 7547 | } | |
| 7548 | ||
| 7549 | static const struct bpf_func_proto bpf_tcp_raw_check_syncookie_ipv4_proto = { | |
| 7550 | .func = bpf_tcp_raw_check_syncookie_ipv4, | |
| 7551 | .gpl_only = true, /* __cookie_v4_check is GPL */ | |
| 7552 | .pkt_access = true, | |
| 7553 | .ret_type = RET_INTEGER, | |
| 7554 | .arg1_type = ARG_PTR_TO_FIXED_SIZE_MEM, | |
| 7555 | .arg1_size = sizeof(struct iphdr), | |
| 7556 | .arg2_type = ARG_PTR_TO_FIXED_SIZE_MEM, | |
| 7557 | .arg2_size = sizeof(struct tcphdr), | |
| 7558 | }; | |
| 7559 | ||
| 7560 | BPF_CALL_2(bpf_tcp_raw_check_syncookie_ipv6, struct ipv6hdr *, iph, | |
| 7561 | struct tcphdr *, th) | |
| 7562 | { | |
| 7563 | #if IS_BUILTIN(CONFIG_IPV6) | |
| 7564 | u32 cookie = ntohl(th->ack_seq) - 1; | |
| 7565 | ||
| 7566 | if (__cookie_v6_check(iph, th, cookie) > 0) | |
| 7567 | return 0; | |
| 7568 | ||
| 7569 | return -EACCES; | |
| 7570 | #else | |
| 7571 | return -EPROTONOSUPPORT; | |
| 7572 | #endif | |
| 7573 | } | |
| 7574 | ||
| 7575 | static const struct bpf_func_proto bpf_tcp_raw_check_syncookie_ipv6_proto = { | |
| 7576 | .func = bpf_tcp_raw_check_syncookie_ipv6, | |
| 7577 | .gpl_only = true, /* __cookie_v6_check is GPL */ | |
| 7578 | .pkt_access = true, | |
| 7579 | .ret_type = RET_INTEGER, | |
| 7580 | .arg1_type = ARG_PTR_TO_FIXED_SIZE_MEM, | |
| 7581 | .arg1_size = sizeof(struct ipv6hdr), | |
| 7582 | .arg2_type = ARG_PTR_TO_FIXED_SIZE_MEM, | |
| 7583 | .arg2_size = sizeof(struct tcphdr), | |
| 7584 | }; | |
| 7585 | #endif /* CONFIG_SYN_COOKIES */ | |
| 7586 | ||
| df3f94a0 | 7587 | #endif /* CONFIG_INET */ |
| 6acc9b43 | 7588 | |
| fe94cc29 MX |
7589 | bool bpf_helper_changes_pkt_data(void *func) |
| 7590 | { | |
| 7591 | if (func == bpf_skb_vlan_push || | |
| 7592 | func == bpf_skb_vlan_pop || | |
| 7593 | func == bpf_skb_store_bytes || | |
| 7594 | func == bpf_skb_change_proto || | |
| 7595 | func == bpf_skb_change_head || | |
| 0ea488ff | 7596 | func == sk_skb_change_head || |
| fe94cc29 | 7597 | func == bpf_skb_change_tail || |
| 0ea488ff | 7598 | func == sk_skb_change_tail || |
| fe94cc29 | 7599 | func == bpf_skb_adjust_room || |
| 18ebe16d | 7600 | func == sk_skb_adjust_room || |
| fe94cc29 | 7601 | func == bpf_skb_pull_data || |
| 0ea488ff | 7602 | func == sk_skb_pull_data || |
| fe94cc29 MX |
7603 | func == bpf_clone_redirect || |
| 7604 | func == bpf_l3_csum_replace || | |
| 7605 | func == bpf_l4_csum_replace || | |
| 7606 | func == bpf_xdp_adjust_head || | |
| 7607 | func == bpf_xdp_adjust_meta || | |
| 7608 | func == bpf_msg_pull_data || | |
| 6fff607e | 7609 | func == bpf_msg_push_data || |
| 7246d8ed | 7610 | func == bpf_msg_pop_data || |
| fe94cc29 | 7611 | func == bpf_xdp_adjust_tail || |
| 61d76980 | 7612 | #if IS_ENABLED(CONFIG_IPV6_SEG6_BPF) |
| fe94cc29 MX |
7613 | func == bpf_lwt_seg6_store_bytes || |
| 7614 | func == bpf_lwt_seg6_adjust_srh || | |
| 61d76980 | 7615 | func == bpf_lwt_seg6_action || |
| 0813a841 MKL |
7616 | #endif |
| 7617 | #ifdef CONFIG_INET | |
| 7618 | func == bpf_sock_ops_store_hdr_opt || | |
| 61d76980 | 7619 | #endif |
| 3e0bd37c PO |
7620 | func == bpf_lwt_in_push_encap || |
| 7621 | func == bpf_lwt_xmit_push_encap) | |
| fe94cc29 MX |
7622 | return true; |
| 7623 | ||
| 7624 | return false; | |
| 7625 | } | |
| 7626 | ||
| 6890896b | 7627 | const struct bpf_func_proto bpf_event_output_data_proto __weak; |
| f7c6cb1d | 7628 | const struct bpf_func_proto bpf_sk_storage_get_cg_sock_proto __weak; |
| 89aa0758 | 7629 | |
| ae2cf1c4 | 7630 | static const struct bpf_func_proto * |
| 5e43f899 | 7631 | sock_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) |
| ae2cf1c4 | 7632 | { |
| bed89185 SF |
7633 | const struct bpf_func_proto *func_proto; |
| 7634 | ||
| 7635 | func_proto = cgroup_common_func_proto(func_id, prog); | |
| 7636 | if (func_proto) | |
| 7637 | return func_proto; | |
| 7638 | ||
| 7639 | func_proto = cgroup_current_func_proto(func_id, prog); | |
| 7640 | if (func_proto) | |
| 7641 | return func_proto; | |
| 7642 | ||
| ae2cf1c4 | 7643 | switch (func_id) { |
| 0e53d9e5 DB |
7644 | case BPF_FUNC_get_socket_cookie: |
| 7645 | return &bpf_get_socket_cookie_sock_proto; | |
| f318903c DB |
7646 | case BPF_FUNC_get_netns_cookie: |
| 7647 | return &bpf_get_netns_cookie_sock_proto; | |
| fcf752ea DB |
7648 | case BPF_FUNC_perf_event_output: |
| 7649 | return &bpf_event_output_data_proto; | |
| f7c6cb1d SF |
7650 | case BPF_FUNC_sk_storage_get: |
| 7651 | return &bpf_sk_storage_get_cg_sock_proto; | |
| 5e0bc308 DB |
7652 | case BPF_FUNC_ktime_get_coarse_ns: |
| 7653 | return &bpf_ktime_get_coarse_ns_proto; | |
| ae2cf1c4 DA |
7654 | default: |
| 7655 | return bpf_base_func_proto(func_id); | |
| 7656 | } | |
| 7657 | } | |
| 7658 | ||
| 4fbac77d AI |
7659 | static const struct bpf_func_proto * |
| 7660 | sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 7661 | { | |
| bed89185 SF |
7662 | const struct bpf_func_proto *func_proto; |
| 7663 | ||
| 7664 | func_proto = cgroup_common_func_proto(func_id, prog); | |
| 7665 | if (func_proto) | |
| 7666 | return func_proto; | |
| 7667 | ||
| 7668 | func_proto = cgroup_current_func_proto(func_id, prog); | |
| 7669 | if (func_proto) | |
| 7670 | return func_proto; | |
| 7671 | ||
| 4fbac77d | 7672 | switch (func_id) { |
| d74bad4e AI |
7673 | case BPF_FUNC_bind: |
| 7674 | switch (prog->expected_attach_type) { | |
| 7675 | case BPF_CGROUP_INET4_CONNECT: | |
| 7676 | case BPF_CGROUP_INET6_CONNECT: | |
| 7677 | return &bpf_bind_proto; | |
| 7678 | default: | |
| 7679 | return NULL; | |
| 7680 | } | |
| d692f113 AI |
7681 | case BPF_FUNC_get_socket_cookie: |
| 7682 | return &bpf_get_socket_cookie_sock_addr_proto; | |
| f318903c DB |
7683 | case BPF_FUNC_get_netns_cookie: |
| 7684 | return &bpf_get_netns_cookie_sock_addr_proto; | |
| fcf752ea DB |
7685 | case BPF_FUNC_perf_event_output: |
| 7686 | return &bpf_event_output_data_proto; | |
| 6c49e65e AI |
7687 | #ifdef CONFIG_INET |
| 7688 | case BPF_FUNC_sk_lookup_tcp: | |
| 7689 | return &bpf_sock_addr_sk_lookup_tcp_proto; | |
| 7690 | case BPF_FUNC_sk_lookup_udp: | |
| 7691 | return &bpf_sock_addr_sk_lookup_udp_proto; | |
| 7692 | case BPF_FUNC_sk_release: | |
| 7693 | return &bpf_sk_release_proto; | |
| edbf8c01 LB |
7694 | case BPF_FUNC_skc_lookup_tcp: |
| 7695 | return &bpf_sock_addr_skc_lookup_tcp_proto; | |
| 6c49e65e | 7696 | #endif /* CONFIG_INET */ |
| fb85c4a7 SF |
7697 | case BPF_FUNC_sk_storage_get: |
| 7698 | return &bpf_sk_storage_get_proto; | |
| 7699 | case BPF_FUNC_sk_storage_delete: | |
| 7700 | return &bpf_sk_storage_delete_proto; | |
| beecf11b SF |
7701 | case BPF_FUNC_setsockopt: |
| 7702 | switch (prog->expected_attach_type) { | |
| 427167c0 SF |
7703 | case BPF_CGROUP_INET4_BIND: |
| 7704 | case BPF_CGROUP_INET6_BIND: | |
| beecf11b SF |
7705 | case BPF_CGROUP_INET4_CONNECT: |
| 7706 | case BPF_CGROUP_INET6_CONNECT: | |
| 4c3384d7 SF |
7707 | case BPF_CGROUP_UDP4_RECVMSG: |
| 7708 | case BPF_CGROUP_UDP6_RECVMSG: | |
| 62476cc1 SF |
7709 | case BPF_CGROUP_UDP4_SENDMSG: |
| 7710 | case BPF_CGROUP_UDP6_SENDMSG: | |
| 073f4ec1 SF |
7711 | case BPF_CGROUP_INET4_GETPEERNAME: |
| 7712 | case BPF_CGROUP_INET6_GETPEERNAME: | |
| 7713 | case BPF_CGROUP_INET4_GETSOCKNAME: | |
| 7714 | case BPF_CGROUP_INET6_GETSOCKNAME: | |
| beecf11b SF |
7715 | return &bpf_sock_addr_setsockopt_proto; |
| 7716 | default: | |
| 7717 | return NULL; | |
| 7718 | } | |
| 7719 | case BPF_FUNC_getsockopt: | |
| 7720 | switch (prog->expected_attach_type) { | |
| 427167c0 SF |
7721 | case BPF_CGROUP_INET4_BIND: |
| 7722 | case BPF_CGROUP_INET6_BIND: | |
| beecf11b SF |
7723 | case BPF_CGROUP_INET4_CONNECT: |
| 7724 | case BPF_CGROUP_INET6_CONNECT: | |
| 4c3384d7 SF |
7725 | case BPF_CGROUP_UDP4_RECVMSG: |
| 7726 | case BPF_CGROUP_UDP6_RECVMSG: | |
| 62476cc1 SF |
7727 | case BPF_CGROUP_UDP4_SENDMSG: |
| 7728 | case BPF_CGROUP_UDP6_SENDMSG: | |
| 073f4ec1 SF |
7729 | case BPF_CGROUP_INET4_GETPEERNAME: |
| 7730 | case BPF_CGROUP_INET6_GETPEERNAME: | |
| 7731 | case BPF_CGROUP_INET4_GETSOCKNAME: | |
| 7732 | case BPF_CGROUP_INET6_GETSOCKNAME: | |
| beecf11b SF |
7733 | return &bpf_sock_addr_getsockopt_proto; |
| 7734 | default: | |
| 7735 | return NULL; | |
| 7736 | } | |
| 4fbac77d | 7737 | default: |
| 1df8f55a | 7738 | return bpf_sk_base_func_proto(func_id); |
| 4fbac77d AI |
7739 | } |
| 7740 | } | |
| 7741 | ||
| 2492d3b8 | 7742 | static const struct bpf_func_proto * |
| 5e43f899 | 7743 | sk_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) |
| 2492d3b8 DB |
7744 | { |
| 7745 | switch (func_id) { | |
| 7746 | case BPF_FUNC_skb_load_bytes: | |
| 7747 | return &bpf_skb_load_bytes_proto; | |
| 4e1ec56c DB |
7748 | case BPF_FUNC_skb_load_bytes_relative: |
| 7749 | return &bpf_skb_load_bytes_relative_proto; | |
| 91b8270f CF |
7750 | case BPF_FUNC_get_socket_cookie: |
| 7751 | return &bpf_get_socket_cookie_proto; | |
| 6acc5c29 CF |
7752 | case BPF_FUNC_get_socket_uid: |
| 7753 | return &bpf_get_socket_uid_proto; | |
| 7c4b90d7 AZ |
7754 | case BPF_FUNC_perf_event_output: |
| 7755 | return &bpf_skb_event_output_proto; | |
| 2492d3b8 | 7756 | default: |
| 1df8f55a | 7757 | return bpf_sk_base_func_proto(func_id); |
| 2492d3b8 DB |
7758 | } |
| 7759 | } | |
| 7760 | ||
| 6ac99e8f MKL |
7761 | const struct bpf_func_proto bpf_sk_storage_get_proto __weak; |
| 7762 | const struct bpf_func_proto bpf_sk_storage_delete_proto __weak; | |
| 7763 | ||
| cd339431 RG |
7764 | static const struct bpf_func_proto * |
| 7765 | cg_skb_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 7766 | { | |
| bed89185 SF |
7767 | const struct bpf_func_proto *func_proto; |
| 7768 | ||
| 7769 | func_proto = cgroup_common_func_proto(func_id, prog); | |
| 7770 | if (func_proto) | |
| 7771 | return func_proto; | |
| 7772 | ||
| cd339431 | 7773 | switch (func_id) { |
| 46f8bc92 MKL |
7774 | case BPF_FUNC_sk_fullsock: |
| 7775 | return &bpf_sk_fullsock_proto; | |
| 6ac99e8f MKL |
7776 | case BPF_FUNC_sk_storage_get: |
| 7777 | return &bpf_sk_storage_get_proto; | |
| 7778 | case BPF_FUNC_sk_storage_delete: | |
| 7779 | return &bpf_sk_storage_delete_proto; | |
| 7c4b90d7 AZ |
7780 | case BPF_FUNC_perf_event_output: |
| 7781 | return &bpf_skb_event_output_proto; | |
| 4ecabd55 RG |
7782 | #ifdef CONFIG_SOCK_CGROUP_DATA |
| 7783 | case BPF_FUNC_skb_cgroup_id: | |
| 7784 | return &bpf_skb_cgroup_id_proto; | |
| 06d3e4c9 AI |
7785 | case BPF_FUNC_skb_ancestor_cgroup_id: |
| 7786 | return &bpf_skb_ancestor_cgroup_id_proto; | |
| f307fa2c AI |
7787 | case BPF_FUNC_sk_cgroup_id: |
| 7788 | return &bpf_sk_cgroup_id_proto; | |
| 7789 | case BPF_FUNC_sk_ancestor_cgroup_id: | |
| 7790 | return &bpf_sk_ancestor_cgroup_id_proto; | |
| 4ecabd55 | 7791 | #endif |
| 655a51e5 | 7792 | #ifdef CONFIG_INET |
| d56c2f95 AI |
7793 | case BPF_FUNC_sk_lookup_tcp: |
| 7794 | return &bpf_sk_lookup_tcp_proto; | |
| 7795 | case BPF_FUNC_sk_lookup_udp: | |
| 7796 | return &bpf_sk_lookup_udp_proto; | |
| 7797 | case BPF_FUNC_sk_release: | |
| 7798 | return &bpf_sk_release_proto; | |
| 7799 | case BPF_FUNC_skc_lookup_tcp: | |
| 7800 | return &bpf_skc_lookup_tcp_proto; | |
| 655a51e5 MKL |
7801 | case BPF_FUNC_tcp_sock: |
| 7802 | return &bpf_tcp_sock_proto; | |
| dbafd7dd MKL |
7803 | case BPF_FUNC_get_listener_sock: |
| 7804 | return &bpf_get_listener_sock_proto; | |
| f7c917ba | 7805 | case BPF_FUNC_skb_ecn_set_ce: |
| 7806 | return &bpf_skb_ecn_set_ce_proto; | |
| 655a51e5 | 7807 | #endif |
| cd339431 RG |
7808 | default: |
| 7809 | return sk_filter_func_proto(func_id, prog); | |
| 7810 | } | |
| 7811 | } | |
| 7812 | ||
| 608cd71a | 7813 | static const struct bpf_func_proto * |
| 5e43f899 | 7814 | tc_cls_act_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) |
| 608cd71a AS |
7815 | { |
| 7816 | switch (func_id) { | |
| 7817 | case BPF_FUNC_skb_store_bytes: | |
| 7818 | return &bpf_skb_store_bytes_proto; | |
| 05c74e5e DB |
7819 | case BPF_FUNC_skb_load_bytes: |
| 7820 | return &bpf_skb_load_bytes_proto; | |
| 4e1ec56c DB |
7821 | case BPF_FUNC_skb_load_bytes_relative: |
| 7822 | return &bpf_skb_load_bytes_relative_proto; | |
| 36bbef52 DB |
7823 | case BPF_FUNC_skb_pull_data: |
| 7824 | return &bpf_skb_pull_data_proto; | |
| 7d672345 DB |
7825 | case BPF_FUNC_csum_diff: |
| 7826 | return &bpf_csum_diff_proto; | |
| 36bbef52 DB |
7827 | case BPF_FUNC_csum_update: |
| 7828 | return &bpf_csum_update_proto; | |
| 7cdec54f DB |
7829 | case BPF_FUNC_csum_level: |
| 7830 | return &bpf_csum_level_proto; | |
| 91bc4822 AS |
7831 | case BPF_FUNC_l3_csum_replace: |
| 7832 | return &bpf_l3_csum_replace_proto; | |
| 7833 | case BPF_FUNC_l4_csum_replace: | |
| 7834 | return &bpf_l4_csum_replace_proto; | |
| 3896d655 AS |
7835 | case BPF_FUNC_clone_redirect: |
| 7836 | return &bpf_clone_redirect_proto; | |
| 8d20aabe DB |
7837 | case BPF_FUNC_get_cgroup_classid: |
| 7838 | return &bpf_get_cgroup_classid_proto; | |
| 4e10df9a AS |
7839 | case BPF_FUNC_skb_vlan_push: |
| 7840 | return &bpf_skb_vlan_push_proto; | |
| 7841 | case BPF_FUNC_skb_vlan_pop: | |
| 7842 | return &bpf_skb_vlan_pop_proto; | |
| 6578171a DB |
7843 | case BPF_FUNC_skb_change_proto: |
| 7844 | return &bpf_skb_change_proto_proto; | |
| d2485c42 DB |
7845 | case BPF_FUNC_skb_change_type: |
| 7846 | return &bpf_skb_change_type_proto; | |
| 2be7e212 DB |
7847 | case BPF_FUNC_skb_adjust_room: |
| 7848 | return &bpf_skb_adjust_room_proto; | |
| 5293efe6 DB |
7849 | case BPF_FUNC_skb_change_tail: |
| 7850 | return &bpf_skb_change_tail_proto; | |
| 6f3f65d8 LC |
7851 | case BPF_FUNC_skb_change_head: |
| 7852 | return &bpf_skb_change_head_proto; | |
| d3aa45ce AS |
7853 | case BPF_FUNC_skb_get_tunnel_key: |
| 7854 | return &bpf_skb_get_tunnel_key_proto; | |
| 7855 | case BPF_FUNC_skb_set_tunnel_key: | |
| 14ca0751 DB |
7856 | return bpf_get_skb_set_tunnel_proto(func_id); |
| 7857 | case BPF_FUNC_skb_get_tunnel_opt: | |
| 7858 | return &bpf_skb_get_tunnel_opt_proto; | |
| 7859 | case BPF_FUNC_skb_set_tunnel_opt: | |
| 7860 | return bpf_get_skb_set_tunnel_proto(func_id); | |
| 27b29f63 AS |
7861 | case BPF_FUNC_redirect: |
| 7862 | return &bpf_redirect_proto; | |
| b4ab3141 DB |
7863 | case BPF_FUNC_redirect_neigh: |
| 7864 | return &bpf_redirect_neigh_proto; | |
| 9aa1206e DB |
7865 | case BPF_FUNC_redirect_peer: |
| 7866 | return &bpf_redirect_peer_proto; | |
| c46646d0 DB |
7867 | case BPF_FUNC_get_route_realm: |
| 7868 | return &bpf_get_route_realm_proto; | |
| 13c5c240 DB |
7869 | case BPF_FUNC_get_hash_recalc: |
| 7870 | return &bpf_get_hash_recalc_proto; | |
| 7a4b28c6 DB |
7871 | case BPF_FUNC_set_hash_invalid: |
| 7872 | return &bpf_set_hash_invalid_proto; | |
| ded092cd DB |
7873 | case BPF_FUNC_set_hash: |
| 7874 | return &bpf_set_hash_proto; | |
| bd570ff9 | 7875 | case BPF_FUNC_perf_event_output: |
| 555c8a86 | 7876 | return &bpf_skb_event_output_proto; |
| 80b48c44 DB |
7877 | case BPF_FUNC_get_smp_processor_id: |
| 7878 | return &bpf_get_smp_processor_id_proto; | |
| 747ea55e DB |
7879 | case BPF_FUNC_skb_under_cgroup: |
| 7880 | return &bpf_skb_under_cgroup_proto; | |
| 91b8270f CF |
7881 | case BPF_FUNC_get_socket_cookie: |
| 7882 | return &bpf_get_socket_cookie_proto; | |
| 6acc5c29 CF |
7883 | case BPF_FUNC_get_socket_uid: |
| 7884 | return &bpf_get_socket_uid_proto; | |
| cb20b08e DB |
7885 | case BPF_FUNC_fib_lookup: |
| 7886 | return &bpf_skb_fib_lookup_proto; | |
| 34b2021c JDB |
7887 | case BPF_FUNC_check_mtu: |
| 7888 | return &bpf_skb_check_mtu_proto; | |
| 46f8bc92 MKL |
7889 | case BPF_FUNC_sk_fullsock: |
| 7890 | return &bpf_sk_fullsock_proto; | |
| 6ac99e8f MKL |
7891 | case BPF_FUNC_sk_storage_get: |
| 7892 | return &bpf_sk_storage_get_proto; | |
| 7893 | case BPF_FUNC_sk_storage_delete: | |
| 7894 | return &bpf_sk_storage_delete_proto; | |
| 12bed760 EB |
7895 | #ifdef CONFIG_XFRM |
| 7896 | case BPF_FUNC_skb_get_xfrm_state: | |
| 7897 | return &bpf_skb_get_xfrm_state_proto; | |
| 7898 | #endif | |
| b426ce83 DB |
7899 | #ifdef CONFIG_CGROUP_NET_CLASSID |
| 7900 | case BPF_FUNC_skb_cgroup_classid: | |
| 7901 | return &bpf_skb_cgroup_classid_proto; | |
| 7902 | #endif | |
| cb20b08e DB |
7903 | #ifdef CONFIG_SOCK_CGROUP_DATA |
| 7904 | case BPF_FUNC_skb_cgroup_id: | |
| 7905 | return &bpf_skb_cgroup_id_proto; | |
| 77236281 AI |
7906 | case BPF_FUNC_skb_ancestor_cgroup_id: |
| 7907 | return &bpf_skb_ancestor_cgroup_id_proto; | |
| cb20b08e | 7908 | #endif |
| df3f94a0 | 7909 | #ifdef CONFIG_INET |
| 6acc9b43 JS |
7910 | case BPF_FUNC_sk_lookup_tcp: |
| 7911 | return &bpf_sk_lookup_tcp_proto; | |
| 7912 | case BPF_FUNC_sk_lookup_udp: | |
| 7913 | return &bpf_sk_lookup_udp_proto; | |
| 7914 | case BPF_FUNC_sk_release: | |
| 7915 | return &bpf_sk_release_proto; | |
| 655a51e5 MKL |
7916 | case BPF_FUNC_tcp_sock: |
| 7917 | return &bpf_tcp_sock_proto; | |
| dbafd7dd MKL |
7918 | case BPF_FUNC_get_listener_sock: |
| 7919 | return &bpf_get_listener_sock_proto; | |
| edbf8c01 LB |
7920 | case BPF_FUNC_skc_lookup_tcp: |
| 7921 | return &bpf_skc_lookup_tcp_proto; | |
| 39904084 LB |
7922 | case BPF_FUNC_tcp_check_syncookie: |
| 7923 | return &bpf_tcp_check_syncookie_proto; | |
| 315a2029 PO |
7924 | case BPF_FUNC_skb_ecn_set_ce: |
| 7925 | return &bpf_skb_ecn_set_ce_proto; | |
| 70d66244 PP |
7926 | case BPF_FUNC_tcp_gen_syncookie: |
| 7927 | return &bpf_tcp_gen_syncookie_proto; | |
| cf7fbe66 JS |
7928 | case BPF_FUNC_sk_assign: |
| 7929 | return &bpf_sk_assign_proto; | |
| 9bb984f2 MKL |
7930 | case BPF_FUNC_skb_set_tstamp: |
| 7931 | return &bpf_skb_set_tstamp_proto; | |
| 9a4cf073 MM |
7932 | #ifdef CONFIG_SYN_COOKIES |
| 7933 | case BPF_FUNC_tcp_raw_gen_syncookie_ipv4: | |
| 7934 | return &bpf_tcp_raw_gen_syncookie_ipv4_proto; | |
| 7935 | case BPF_FUNC_tcp_raw_gen_syncookie_ipv6: | |
| 7936 | return &bpf_tcp_raw_gen_syncookie_ipv6_proto; | |
| 7937 | case BPF_FUNC_tcp_raw_check_syncookie_ipv4: | |
| 7938 | return &bpf_tcp_raw_check_syncookie_ipv4_proto; | |
| 7939 | case BPF_FUNC_tcp_raw_check_syncookie_ipv6: | |
| 7940 | return &bpf_tcp_raw_check_syncookie_ipv6_proto; | |
| 7941 | #endif | |
| df3f94a0 | 7942 | #endif |
| 608cd71a | 7943 | default: |
| 1df8f55a | 7944 | return bpf_sk_base_func_proto(func_id); |
| 608cd71a AS |
7945 | } |
| 7946 | } | |
| 7947 | ||
| 6a773a15 | 7948 | static const struct bpf_func_proto * |
| 5e43f899 | 7949 | xdp_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) |
| 6a773a15 | 7950 | { |
| 4de16969 DB |
7951 | switch (func_id) { |
| 7952 | case BPF_FUNC_perf_event_output: | |
| 7953 | return &bpf_xdp_event_output_proto; | |
| 669dc4d7 DB |
7954 | case BPF_FUNC_get_smp_processor_id: |
| 7955 | return &bpf_get_smp_processor_id_proto; | |
| 205c3807 DB |
7956 | case BPF_FUNC_csum_diff: |
| 7957 | return &bpf_csum_diff_proto; | |
| 17bedab2 MKL |
7958 | case BPF_FUNC_xdp_adjust_head: |
| 7959 | return &bpf_xdp_adjust_head_proto; | |
| de8f3a83 DB |
7960 | case BPF_FUNC_xdp_adjust_meta: |
| 7961 | return &bpf_xdp_adjust_meta_proto; | |
| 814abfab JF |
7962 | case BPF_FUNC_redirect: |
| 7963 | return &bpf_xdp_redirect_proto; | |
| 97f91a7c | 7964 | case BPF_FUNC_redirect_map: |
| e4a8e817 | 7965 | return &bpf_xdp_redirect_map_proto; |
| b32cc5b9 NS |
7966 | case BPF_FUNC_xdp_adjust_tail: |
| 7967 | return &bpf_xdp_adjust_tail_proto; | |
| 0165cc81 LB |
7968 | case BPF_FUNC_xdp_get_buff_len: |
| 7969 | return &bpf_xdp_get_buff_len_proto; | |
| 3f364222 LB |
7970 | case BPF_FUNC_xdp_load_bytes: |
| 7971 | return &bpf_xdp_load_bytes_proto; | |
| 7972 | case BPF_FUNC_xdp_store_bytes: | |
| 7973 | return &bpf_xdp_store_bytes_proto; | |
| 87f5fc7e DA |
7974 | case BPF_FUNC_fib_lookup: |
| 7975 | return &bpf_xdp_fib_lookup_proto; | |
| 34b2021c JDB |
7976 | case BPF_FUNC_check_mtu: |
| 7977 | return &bpf_xdp_check_mtu_proto; | |
| c8123ead NH |
7978 | #ifdef CONFIG_INET |
| 7979 | case BPF_FUNC_sk_lookup_udp: | |
| 7980 | return &bpf_xdp_sk_lookup_udp_proto; | |
| 7981 | case BPF_FUNC_sk_lookup_tcp: | |
| 7982 | return &bpf_xdp_sk_lookup_tcp_proto; | |
| 7983 | case BPF_FUNC_sk_release: | |
| 7984 | return &bpf_sk_release_proto; | |
| edbf8c01 LB |
7985 | case BPF_FUNC_skc_lookup_tcp: |
| 7986 | return &bpf_xdp_skc_lookup_tcp_proto; | |
| 39904084 LB |
7987 | case BPF_FUNC_tcp_check_syncookie: |
| 7988 | return &bpf_tcp_check_syncookie_proto; | |
| 70d66244 PP |
7989 | case BPF_FUNC_tcp_gen_syncookie: |
| 7990 | return &bpf_tcp_gen_syncookie_proto; | |
| 33bf9885 MM |
7991 | #ifdef CONFIG_SYN_COOKIES |
| 7992 | case BPF_FUNC_tcp_raw_gen_syncookie_ipv4: | |
| 7993 | return &bpf_tcp_raw_gen_syncookie_ipv4_proto; | |
| 7994 | case BPF_FUNC_tcp_raw_gen_syncookie_ipv6: | |
| 7995 | return &bpf_tcp_raw_gen_syncookie_ipv6_proto; | |
| 7996 | case BPF_FUNC_tcp_raw_check_syncookie_ipv4: | |
| 7997 | return &bpf_tcp_raw_check_syncookie_ipv4_proto; | |
| 7998 | case BPF_FUNC_tcp_raw_check_syncookie_ipv6: | |
| 7999 | return &bpf_tcp_raw_check_syncookie_ipv6_proto; | |
| 8000 | #endif | |
| c8123ead | 8001 | #endif |
| 4de16969 | 8002 | default: |
| 1df8f55a | 8003 | return bpf_sk_base_func_proto(func_id); |
| 4de16969 | 8004 | } |
| 578ce69f THJ |
8005 | |
| 8006 | #if IS_MODULE(CONFIG_NF_CONNTRACK) && IS_ENABLED(CONFIG_DEBUG_INFO_BTF_MODULES) | |
| 8007 | /* The nf_conn___init type is used in the NF_CONNTRACK kfuncs. The | |
| 8008 | * kfuncs are defined in two different modules, and we want to be able | |
| 8009 | * to use them interchangably with the same BTF type ID. Because modules | |
| 8010 | * can't de-duplicate BTF IDs between each other, we need the type to be | |
| 8011 | * referenced in the vmlinux BTF or the verifier will get confused about | |
| 8012 | * the different types. So we add this dummy type reference which will | |
| 8013 | * be included in vmlinux BTF, allowing both modules to refer to the | |
| 8014 | * same type ID. | |
| 8015 | */ | |
| 8016 | BTF_TYPE_EMIT(struct nf_conn___init); | |
| 8017 | #endif | |
| 6a773a15 BB |
8018 | } |
| 8019 | ||
| 604326b4 DB |
8020 | const struct bpf_func_proto bpf_sock_map_update_proto __weak; |
| 8021 | const struct bpf_func_proto bpf_sock_hash_update_proto __weak; | |
| 8022 | ||
| 8c4b4c7e | 8023 | static const struct bpf_func_proto * |
| 5e43f899 | 8024 | sock_ops_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) |
| 8c4b4c7e | 8025 | { |
| bed89185 SF |
8026 | const struct bpf_func_proto *func_proto; |
| 8027 | ||
| 8028 | func_proto = cgroup_common_func_proto(func_id, prog); | |
| 8029 | if (func_proto) | |
| 8030 | return func_proto; | |
| 8031 | ||
| 8c4b4c7e LB |
8032 | switch (func_id) { |
| 8033 | case BPF_FUNC_setsockopt: | |
| beecf11b | 8034 | return &bpf_sock_ops_setsockopt_proto; |
| cd86d1fd | 8035 | case BPF_FUNC_getsockopt: |
| beecf11b | 8036 | return &bpf_sock_ops_getsockopt_proto; |
| b13d8807 LB |
8037 | case BPF_FUNC_sock_ops_cb_flags_set: |
| 8038 | return &bpf_sock_ops_cb_flags_set_proto; | |
| 174a79ff JF |
8039 | case BPF_FUNC_sock_map_update: |
| 8040 | return &bpf_sock_map_update_proto; | |
| 81110384 JF |
8041 | case BPF_FUNC_sock_hash_update: |
| 8042 | return &bpf_sock_hash_update_proto; | |
| d692f113 AI |
8043 | case BPF_FUNC_get_socket_cookie: |
| 8044 | return &bpf_get_socket_cookie_sock_ops_proto; | |
| a5a3a828 | 8045 | case BPF_FUNC_perf_event_output: |
| fcf752ea | 8046 | return &bpf_event_output_data_proto; |
| 1314ef56 SF |
8047 | case BPF_FUNC_sk_storage_get: |
| 8048 | return &bpf_sk_storage_get_proto; | |
| 8049 | case BPF_FUNC_sk_storage_delete: | |
| 8050 | return &bpf_sk_storage_delete_proto; | |
| 6cf1770d XL |
8051 | case BPF_FUNC_get_netns_cookie: |
| 8052 | return &bpf_get_netns_cookie_sock_ops_proto; | |
| 1314ef56 | 8053 | #ifdef CONFIG_INET |
| 0813a841 MKL |
8054 | case BPF_FUNC_load_hdr_opt: |
| 8055 | return &bpf_sock_ops_load_hdr_opt_proto; | |
| 8056 | case BPF_FUNC_store_hdr_opt: | |
| 8057 | return &bpf_sock_ops_store_hdr_opt_proto; | |
| 8058 | case BPF_FUNC_reserve_hdr_opt: | |
| 8059 | return &bpf_sock_ops_reserve_hdr_opt_proto; | |
| 1314ef56 SF |
8060 | case BPF_FUNC_tcp_sock: |
| 8061 | return &bpf_tcp_sock_proto; | |
| 8062 | #endif /* CONFIG_INET */ | |
| 8c4b4c7e | 8063 | default: |
| 1df8f55a | 8064 | return bpf_sk_base_func_proto(func_id); |
| 8c4b4c7e LB |
8065 | } |
| 8066 | } | |
| 8067 | ||
| 604326b4 DB |
8068 | const struct bpf_func_proto bpf_msg_redirect_map_proto __weak; |
| 8069 | const struct bpf_func_proto bpf_msg_redirect_hash_proto __weak; | |
| 8070 | ||
| 5e43f899 AI |
8071 | static const struct bpf_func_proto * |
| 8072 | sk_msg_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 4f738adb JF |
8073 | { |
| 8074 | switch (func_id) { | |
| 8075 | case BPF_FUNC_msg_redirect_map: | |
| 8076 | return &bpf_msg_redirect_map_proto; | |
| 81110384 JF |
8077 | case BPF_FUNC_msg_redirect_hash: |
| 8078 | return &bpf_msg_redirect_hash_proto; | |
| 2a100317 JF |
8079 | case BPF_FUNC_msg_apply_bytes: |
| 8080 | return &bpf_msg_apply_bytes_proto; | |
| 91843d54 JF |
8081 | case BPF_FUNC_msg_cork_bytes: |
| 8082 | return &bpf_msg_cork_bytes_proto; | |
| 015632bb JF |
8083 | case BPF_FUNC_msg_pull_data: |
| 8084 | return &bpf_msg_pull_data_proto; | |
| 6fff607e JF |
8085 | case BPF_FUNC_msg_push_data: |
| 8086 | return &bpf_msg_push_data_proto; | |
| 7246d8ed JF |
8087 | case BPF_FUNC_msg_pop_data: |
| 8088 | return &bpf_msg_pop_data_proto; | |
| abe3cac8 JF |
8089 | case BPF_FUNC_perf_event_output: |
| 8090 | return &bpf_event_output_data_proto; | |
| 8091 | case BPF_FUNC_get_current_uid_gid: | |
| 8092 | return &bpf_get_current_uid_gid_proto; | |
| 8093 | case BPF_FUNC_get_current_pid_tgid: | |
| 8094 | return &bpf_get_current_pid_tgid_proto; | |
| 13d70f5a JF |
8095 | case BPF_FUNC_sk_storage_get: |
| 8096 | return &bpf_sk_storage_get_proto; | |
| 8097 | case BPF_FUNC_sk_storage_delete: | |
| 8098 | return &bpf_sk_storage_delete_proto; | |
| fab60e29 XL |
8099 | case BPF_FUNC_get_netns_cookie: |
| 8100 | return &bpf_get_netns_cookie_sk_msg_proto; | |
| abe3cac8 JF |
8101 | #ifdef CONFIG_CGROUPS |
| 8102 | case BPF_FUNC_get_current_cgroup_id: | |
| 8103 | return &bpf_get_current_cgroup_id_proto; | |
| 8104 | case BPF_FUNC_get_current_ancestor_cgroup_id: | |
| 8105 | return &bpf_get_current_ancestor_cgroup_id_proto; | |
| 8106 | #endif | |
| 8107 | #ifdef CONFIG_CGROUP_NET_CLASSID | |
| 8108 | case BPF_FUNC_get_cgroup_classid: | |
| 8109 | return &bpf_get_cgroup_classid_curr_proto; | |
| 8110 | #endif | |
| 4f738adb | 8111 | default: |
| 1df8f55a | 8112 | return bpf_sk_base_func_proto(func_id); |
| 4f738adb JF |
8113 | } |
| 8114 | } | |
| 8115 | ||
| 604326b4 DB |
8116 | const struct bpf_func_proto bpf_sk_redirect_map_proto __weak; |
| 8117 | const struct bpf_func_proto bpf_sk_redirect_hash_proto __weak; | |
| 8118 | ||
| 5e43f899 AI |
8119 | static const struct bpf_func_proto * |
| 8120 | sk_skb_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| b005fd18 JF |
8121 | { |
| 8122 | switch (func_id) { | |
| 8a31db56 JF |
8123 | case BPF_FUNC_skb_store_bytes: |
| 8124 | return &bpf_skb_store_bytes_proto; | |
| b005fd18 JF |
8125 | case BPF_FUNC_skb_load_bytes: |
| 8126 | return &bpf_skb_load_bytes_proto; | |
| 8a31db56 | 8127 | case BPF_FUNC_skb_pull_data: |
| 0ea488ff | 8128 | return &sk_skb_pull_data_proto; |
| 8a31db56 | 8129 | case BPF_FUNC_skb_change_tail: |
| 0ea488ff | 8130 | return &sk_skb_change_tail_proto; |
| 8a31db56 | 8131 | case BPF_FUNC_skb_change_head: |
| 0ea488ff | 8132 | return &sk_skb_change_head_proto; |
| 18ebe16d JF |
8133 | case BPF_FUNC_skb_adjust_room: |
| 8134 | return &sk_skb_adjust_room_proto; | |
| b005fd18 JF |
8135 | case BPF_FUNC_get_socket_cookie: |
| 8136 | return &bpf_get_socket_cookie_proto; | |
| 8137 | case BPF_FUNC_get_socket_uid: | |
| 8138 | return &bpf_get_socket_uid_proto; | |
| 174a79ff JF |
8139 | case BPF_FUNC_sk_redirect_map: |
| 8140 | return &bpf_sk_redirect_map_proto; | |
| 81110384 JF |
8141 | case BPF_FUNC_sk_redirect_hash: |
| 8142 | return &bpf_sk_redirect_hash_proto; | |
| 7c4b90d7 AZ |
8143 | case BPF_FUNC_perf_event_output: |
| 8144 | return &bpf_skb_event_output_proto; | |
| df3f94a0 | 8145 | #ifdef CONFIG_INET |
| 6acc9b43 JS |
8146 | case BPF_FUNC_sk_lookup_tcp: |
| 8147 | return &bpf_sk_lookup_tcp_proto; | |
| 8148 | case BPF_FUNC_sk_lookup_udp: | |
| 8149 | return &bpf_sk_lookup_udp_proto; | |
| 8150 | case BPF_FUNC_sk_release: | |
| 8151 | return &bpf_sk_release_proto; | |
| edbf8c01 LB |
8152 | case BPF_FUNC_skc_lookup_tcp: |
| 8153 | return &bpf_skc_lookup_tcp_proto; | |
| df3f94a0 | 8154 | #endif |
| b005fd18 | 8155 | default: |
| 1df8f55a | 8156 | return bpf_sk_base_func_proto(func_id); |
| b005fd18 JF |
8157 | } |
| 8158 | } | |
| 8159 | ||
| d58e468b PP |
8160 | static const struct bpf_func_proto * |
| 8161 | flow_dissector_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 8162 | { | |
| 8163 | switch (func_id) { | |
| 8164 | case BPF_FUNC_skb_load_bytes: | |
| 089b19a9 | 8165 | return &bpf_flow_dissector_load_bytes_proto; |
| d58e468b | 8166 | default: |
| 1df8f55a | 8167 | return bpf_sk_base_func_proto(func_id); |
| d58e468b PP |
8168 | } |
| 8169 | } | |
| 8170 | ||
| cd3092c7 MX |
8171 | static const struct bpf_func_proto * |
| 8172 | lwt_out_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 8173 | { | |
| 8174 | switch (func_id) { | |
| 8175 | case BPF_FUNC_skb_load_bytes: | |
| 8176 | return &bpf_skb_load_bytes_proto; | |
| 8177 | case BPF_FUNC_skb_pull_data: | |
| 8178 | return &bpf_skb_pull_data_proto; | |
| 8179 | case BPF_FUNC_csum_diff: | |
| 8180 | return &bpf_csum_diff_proto; | |
| 8181 | case BPF_FUNC_get_cgroup_classid: | |
| 8182 | return &bpf_get_cgroup_classid_proto; | |
| 8183 | case BPF_FUNC_get_route_realm: | |
| 8184 | return &bpf_get_route_realm_proto; | |
| 8185 | case BPF_FUNC_get_hash_recalc: | |
| 8186 | return &bpf_get_hash_recalc_proto; | |
| 8187 | case BPF_FUNC_perf_event_output: | |
| 8188 | return &bpf_skb_event_output_proto; | |
| 8189 | case BPF_FUNC_get_smp_processor_id: | |
| 8190 | return &bpf_get_smp_processor_id_proto; | |
| 8191 | case BPF_FUNC_skb_under_cgroup: | |
| 8192 | return &bpf_skb_under_cgroup_proto; | |
| 8193 | default: | |
| 1df8f55a | 8194 | return bpf_sk_base_func_proto(func_id); |
| cd3092c7 MX |
8195 | } |
| 8196 | } | |
| 8197 | ||
| 8198 | static const struct bpf_func_proto * | |
| 8199 | lwt_in_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 8200 | { | |
| 8201 | switch (func_id) { | |
| 8202 | case BPF_FUNC_lwt_push_encap: | |
| 3e0bd37c | 8203 | return &bpf_lwt_in_push_encap_proto; |
| cd3092c7 MX |
8204 | default: |
| 8205 | return lwt_out_func_proto(func_id, prog); | |
| 8206 | } | |
| 8207 | } | |
| 8208 | ||
| 3a0af8fd | 8209 | static const struct bpf_func_proto * |
| 5e43f899 | 8210 | lwt_xmit_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) |
| 3a0af8fd TG |
8211 | { |
| 8212 | switch (func_id) { | |
| 8213 | case BPF_FUNC_skb_get_tunnel_key: | |
| 8214 | return &bpf_skb_get_tunnel_key_proto; | |
| 8215 | case BPF_FUNC_skb_set_tunnel_key: | |
| 8216 | return bpf_get_skb_set_tunnel_proto(func_id); | |
| 8217 | case BPF_FUNC_skb_get_tunnel_opt: | |
| 8218 | return &bpf_skb_get_tunnel_opt_proto; | |
| 8219 | case BPF_FUNC_skb_set_tunnel_opt: | |
| 8220 | return bpf_get_skb_set_tunnel_proto(func_id); | |
| 8221 | case BPF_FUNC_redirect: | |
| 8222 | return &bpf_redirect_proto; | |
| 8223 | case BPF_FUNC_clone_redirect: | |
| 8224 | return &bpf_clone_redirect_proto; | |
| 8225 | case BPF_FUNC_skb_change_tail: | |
| 8226 | return &bpf_skb_change_tail_proto; | |
| 8227 | case BPF_FUNC_skb_change_head: | |
| 8228 | return &bpf_skb_change_head_proto; | |
| 8229 | case BPF_FUNC_skb_store_bytes: | |
| 8230 | return &bpf_skb_store_bytes_proto; | |
| 8231 | case BPF_FUNC_csum_update: | |
| 8232 | return &bpf_csum_update_proto; | |
| 7cdec54f DB |
8233 | case BPF_FUNC_csum_level: |
| 8234 | return &bpf_csum_level_proto; | |
| 3a0af8fd TG |
8235 | case BPF_FUNC_l3_csum_replace: |
| 8236 | return &bpf_l3_csum_replace_proto; | |
| 8237 | case BPF_FUNC_l4_csum_replace: | |
| 8238 | return &bpf_l4_csum_replace_proto; | |
| 8239 | case BPF_FUNC_set_hash_invalid: | |
| 8240 | return &bpf_set_hash_invalid_proto; | |
| 3e0bd37c PO |
8241 | case BPF_FUNC_lwt_push_encap: |
| 8242 | return &bpf_lwt_xmit_push_encap_proto; | |
| 3a0af8fd | 8243 | default: |
| cd3092c7 | 8244 | return lwt_out_func_proto(func_id, prog); |
| 3a0af8fd TG |
8245 | } |
| 8246 | } | |
| 8247 | ||
| 004d4b27 MX |
8248 | static const struct bpf_func_proto * |
| 8249 | lwt_seg6local_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 8250 | { | |
| 8251 | switch (func_id) { | |
| 61d76980 | 8252 | #if IS_ENABLED(CONFIG_IPV6_SEG6_BPF) |
| 004d4b27 MX |
8253 | case BPF_FUNC_lwt_seg6_store_bytes: |
| 8254 | return &bpf_lwt_seg6_store_bytes_proto; | |
| 8255 | case BPF_FUNC_lwt_seg6_action: | |
| 8256 | return &bpf_lwt_seg6_action_proto; | |
| 8257 | case BPF_FUNC_lwt_seg6_adjust_srh: | |
| 8258 | return &bpf_lwt_seg6_adjust_srh_proto; | |
| 61d76980 | 8259 | #endif |
| 004d4b27 MX |
8260 | default: |
| 8261 | return lwt_out_func_proto(func_id, prog); | |
| 3a0af8fd TG |
8262 | } |
| 8263 | } | |
| 8264 | ||
| f96da094 | 8265 | static bool bpf_skb_is_valid_access(int off, int size, enum bpf_access_type type, |
| 5e43f899 | 8266 | const struct bpf_prog *prog, |
| f96da094 | 8267 | struct bpf_insn_access_aux *info) |
| 23994631 | 8268 | { |
| f96da094 | 8269 | const int size_default = sizeof(__u32); |
| 23994631 | 8270 | |
| 9bac3d6d AS |
8271 | if (off < 0 || off >= sizeof(struct __sk_buff)) |
| 8272 | return false; | |
| 62c7989b | 8273 | |
| 4936e352 | 8274 | /* The verifier guarantees that size > 0. */ |
| 9bac3d6d AS |
8275 | if (off % size != 0) |
| 8276 | return false; | |
| 62c7989b DB |
8277 | |
| 8278 | switch (off) { | |
| f96da094 DB |
8279 | case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]): |
| 8280 | if (off + size > offsetofend(struct __sk_buff, cb[4])) | |
| 62c7989b DB |
8281 | return false; |
| 8282 | break; | |
| 8a31db56 JF |
8283 | case bpf_ctx_range_till(struct __sk_buff, remote_ip6[0], remote_ip6[3]): |
| 8284 | case bpf_ctx_range_till(struct __sk_buff, local_ip6[0], local_ip6[3]): | |
| 8285 | case bpf_ctx_range_till(struct __sk_buff, remote_ip4, remote_ip4): | |
| 8286 | case bpf_ctx_range_till(struct __sk_buff, local_ip4, local_ip4): | |
| f96da094 | 8287 | case bpf_ctx_range(struct __sk_buff, data): |
| de8f3a83 | 8288 | case bpf_ctx_range(struct __sk_buff, data_meta): |
| f96da094 DB |
8289 | case bpf_ctx_range(struct __sk_buff, data_end): |
| 8290 | if (size != size_default) | |
| 23994631 | 8291 | return false; |
| 31fd8581 | 8292 | break; |
| b7df9ada | 8293 | case bpf_ctx_range_ptr(struct __sk_buff, flow_keys): |
| 089b19a9 | 8294 | return false; |
| f64c4ace VF |
8295 | case bpf_ctx_range(struct __sk_buff, hwtstamp): |
| 8296 | if (type == BPF_WRITE || size != sizeof(__u64)) | |
| 8297 | return false; | |
| 8298 | break; | |
| f11216b2 VD |
8299 | case bpf_ctx_range(struct __sk_buff, tstamp): |
| 8300 | if (size != sizeof(__u64)) | |
| 8301 | return false; | |
| 8302 | break; | |
| 46f8bc92 MKL |
8303 | case offsetof(struct __sk_buff, sk): |
| 8304 | if (type == BPF_WRITE || size != sizeof(__u64)) | |
| 8305 | return false; | |
| 8306 | info->reg_type = PTR_TO_SOCK_COMMON_OR_NULL; | |
| 8307 | break; | |
| 9bb984f2 | 8308 | case offsetof(struct __sk_buff, tstamp_type): |
| 8d21ec0e | 8309 | return false; |
| 9bb984f2 | 8310 | case offsetofend(struct __sk_buff, tstamp_type) ... offsetof(struct __sk_buff, hwtstamp) - 1: |
| f64c4ace VF |
8311 | /* Explicitly prohibit access to padding in __sk_buff. */ |
| 8312 | return false; | |
| 31fd8581 | 8313 | default: |
| f96da094 | 8314 | /* Only narrow read access allowed for now. */ |
| 31fd8581 | 8315 | if (type == BPF_WRITE) { |
| f96da094 | 8316 | if (size != size_default) |
| 31fd8581 YS |
8317 | return false; |
| 8318 | } else { | |
| f96da094 DB |
8319 | bpf_ctx_record_field_size(info, size_default); |
| 8320 | if (!bpf_ctx_narrow_access_ok(off, size, size_default)) | |
| 23994631 | 8321 | return false; |
| 31fd8581 | 8322 | } |
| 62c7989b | 8323 | } |
| 9bac3d6d AS |
8324 | |
| 8325 | return true; | |
| 8326 | } | |
| 8327 | ||
| d691f9e8 | 8328 | static bool sk_filter_is_valid_access(int off, int size, |
| 19de99f7 | 8329 | enum bpf_access_type type, |
| 5e43f899 | 8330 | const struct bpf_prog *prog, |
| 23994631 | 8331 | struct bpf_insn_access_aux *info) |
| d691f9e8 | 8332 | { |
| db58ba45 | 8333 | switch (off) { |
| f96da094 DB |
8334 | case bpf_ctx_range(struct __sk_buff, tc_classid): |
| 8335 | case bpf_ctx_range(struct __sk_buff, data): | |
| de8f3a83 | 8336 | case bpf_ctx_range(struct __sk_buff, data_meta): |
| f96da094 | 8337 | case bpf_ctx_range(struct __sk_buff, data_end): |
| 8a31db56 | 8338 | case bpf_ctx_range_till(struct __sk_buff, family, local_port): |
| f11216b2 | 8339 | case bpf_ctx_range(struct __sk_buff, tstamp): |
| e3da08d0 | 8340 | case bpf_ctx_range(struct __sk_buff, wire_len): |
| f64c4ace | 8341 | case bpf_ctx_range(struct __sk_buff, hwtstamp): |
| 045efa82 | 8342 | return false; |
| db58ba45 | 8343 | } |
| 045efa82 | 8344 | |
| d691f9e8 AS |
8345 | if (type == BPF_WRITE) { |
| 8346 | switch (off) { | |
| f96da094 | 8347 | case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]): |
| d691f9e8 AS |
8348 | break; |
| 8349 | default: | |
| 8350 | return false; | |
| 8351 | } | |
| 8352 | } | |
| 8353 | ||
| 5e43f899 | 8354 | return bpf_skb_is_valid_access(off, size, type, prog, info); |
| d691f9e8 AS |
8355 | } |
| 8356 | ||
| b39b5f41 SL |
8357 | static bool cg_skb_is_valid_access(int off, int size, |
| 8358 | enum bpf_access_type type, | |
| 8359 | const struct bpf_prog *prog, | |
| 8360 | struct bpf_insn_access_aux *info) | |
| 8361 | { | |
| 8362 | switch (off) { | |
| 8363 | case bpf_ctx_range(struct __sk_buff, tc_classid): | |
| 8364 | case bpf_ctx_range(struct __sk_buff, data_meta): | |
| e3da08d0 | 8365 | case bpf_ctx_range(struct __sk_buff, wire_len): |
| b39b5f41 | 8366 | return false; |
| ab21c1b5 DB |
8367 | case bpf_ctx_range(struct __sk_buff, data): |
| 8368 | case bpf_ctx_range(struct __sk_buff, data_end): | |
| 2c78ee89 | 8369 | if (!bpf_capable()) |
| ab21c1b5 DB |
8370 | return false; |
| 8371 | break; | |
| b39b5f41 | 8372 | } |
| ab21c1b5 | 8373 | |
| b39b5f41 SL |
8374 | if (type == BPF_WRITE) { |
| 8375 | switch (off) { | |
| 8376 | case bpf_ctx_range(struct __sk_buff, mark): | |
| 8377 | case bpf_ctx_range(struct __sk_buff, priority): | |
| 8378 | case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]): | |
| 8379 | break; | |
| f11216b2 | 8380 | case bpf_ctx_range(struct __sk_buff, tstamp): |
| 2c78ee89 | 8381 | if (!bpf_capable()) |
| f11216b2 VD |
8382 | return false; |
| 8383 | break; | |
| b39b5f41 SL |
8384 | default: |
| 8385 | return false; | |
| 8386 | } | |
| 8387 | } | |
| 8388 | ||
| 8389 | switch (off) { | |
| 8390 | case bpf_ctx_range(struct __sk_buff, data): | |
| 8391 | info->reg_type = PTR_TO_PACKET; | |
| 8392 | break; | |
| 8393 | case bpf_ctx_range(struct __sk_buff, data_end): | |
| 8394 | info->reg_type = PTR_TO_PACKET_END; | |
| 8395 | break; | |
| 8396 | } | |
| 8397 | ||
| 8398 | return bpf_skb_is_valid_access(off, size, type, prog, info); | |
| 8399 | } | |
| 8400 | ||
| 3a0af8fd TG |
8401 | static bool lwt_is_valid_access(int off, int size, |
| 8402 | enum bpf_access_type type, | |
| 5e43f899 | 8403 | const struct bpf_prog *prog, |
| 23994631 | 8404 | struct bpf_insn_access_aux *info) |
| 3a0af8fd TG |
8405 | { |
| 8406 | switch (off) { | |
| f96da094 | 8407 | case bpf_ctx_range(struct __sk_buff, tc_classid): |
| 8a31db56 | 8408 | case bpf_ctx_range_till(struct __sk_buff, family, local_port): |
| de8f3a83 | 8409 | case bpf_ctx_range(struct __sk_buff, data_meta): |
| f11216b2 | 8410 | case bpf_ctx_range(struct __sk_buff, tstamp): |
| e3da08d0 | 8411 | case bpf_ctx_range(struct __sk_buff, wire_len): |
| f64c4ace | 8412 | case bpf_ctx_range(struct __sk_buff, hwtstamp): |
| 3a0af8fd TG |
8413 | return false; |
| 8414 | } | |
| 8415 | ||
| 8416 | if (type == BPF_WRITE) { | |
| 8417 | switch (off) { | |
| f96da094 DB |
8418 | case bpf_ctx_range(struct __sk_buff, mark): |
| 8419 | case bpf_ctx_range(struct __sk_buff, priority): | |
| 8420 | case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]): | |
| 3a0af8fd TG |
8421 | break; |
| 8422 | default: | |
| 8423 | return false; | |
| 8424 | } | |
| 8425 | } | |
| 8426 | ||
| f96da094 DB |
8427 | switch (off) { |
| 8428 | case bpf_ctx_range(struct __sk_buff, data): | |
| 8429 | info->reg_type = PTR_TO_PACKET; | |
| 8430 | break; | |
| 8431 | case bpf_ctx_range(struct __sk_buff, data_end): | |
| 8432 | info->reg_type = PTR_TO_PACKET_END; | |
| 8433 | break; | |
| 8434 | } | |
| 8435 | ||
| 5e43f899 | 8436 | return bpf_skb_is_valid_access(off, size, type, prog, info); |
| 3a0af8fd TG |
8437 | } |
| 8438 | ||
| aac3fc32 AI |
8439 | /* Attach type specific accesses */ |
| 8440 | static bool __sock_filter_check_attach_type(int off, | |
| 8441 | enum bpf_access_type access_type, | |
| 8442 | enum bpf_attach_type attach_type) | |
| 61023658 | 8443 | { |
| aac3fc32 AI |
8444 | switch (off) { |
| 8445 | case offsetof(struct bpf_sock, bound_dev_if): | |
| 8446 | case offsetof(struct bpf_sock, mark): | |
| 8447 | case offsetof(struct bpf_sock, priority): | |
| 8448 | switch (attach_type) { | |
| 8449 | case BPF_CGROUP_INET_SOCK_CREATE: | |
| f5836749 | 8450 | case BPF_CGROUP_INET_SOCK_RELEASE: |
| aac3fc32 AI |
8451 | goto full_access; |
| 8452 | default: | |
| 8453 | return false; | |
| 8454 | } | |
| 8455 | case bpf_ctx_range(struct bpf_sock, src_ip4): | |
| 8456 | switch (attach_type) { | |
| 8457 | case BPF_CGROUP_INET4_POST_BIND: | |
| 8458 | goto read_only; | |
| 8459 | default: | |
| 8460 | return false; | |
| 8461 | } | |
| 8462 | case bpf_ctx_range_till(struct bpf_sock, src_ip6[0], src_ip6[3]): | |
| 8463 | switch (attach_type) { | |
| 8464 | case BPF_CGROUP_INET6_POST_BIND: | |
| 8465 | goto read_only; | |
| 8466 | default: | |
| 8467 | return false; | |
| 8468 | } | |
| 8469 | case bpf_ctx_range(struct bpf_sock, src_port): | |
| 8470 | switch (attach_type) { | |
| 8471 | case BPF_CGROUP_INET4_POST_BIND: | |
| 8472 | case BPF_CGROUP_INET6_POST_BIND: | |
| 8473 | goto read_only; | |
| 61023658 DA |
8474 | default: |
| 8475 | return false; | |
| 8476 | } | |
| 8477 | } | |
| aac3fc32 AI |
8478 | read_only: |
| 8479 | return access_type == BPF_READ; | |
| 8480 | full_access: | |
| 8481 | return true; | |
| 8482 | } | |
| 8483 | ||
| 46f8bc92 MKL |
8484 | bool bpf_sock_common_is_valid_access(int off, int size, |
| 8485 | enum bpf_access_type type, | |
| aac3fc32 AI |
8486 | struct bpf_insn_access_aux *info) |
| 8487 | { | |
| aac3fc32 | 8488 | switch (off) { |
| 46f8bc92 MKL |
8489 | case bpf_ctx_range_till(struct bpf_sock, type, priority): |
| 8490 | return false; | |
| 8491 | default: | |
| 8492 | return bpf_sock_is_valid_access(off, size, type, info); | |
| aac3fc32 | 8493 | } |
| aac3fc32 AI |
8494 | } |
| 8495 | ||
| c64b7983 JS |
8496 | bool bpf_sock_is_valid_access(int off, int size, enum bpf_access_type type, |
| 8497 | struct bpf_insn_access_aux *info) | |
| aac3fc32 | 8498 | { |
| aa65d696 | 8499 | const int size_default = sizeof(__u32); |
| 4421a582 | 8500 | int field_size; |
| aa65d696 | 8501 | |
| aac3fc32 | 8502 | if (off < 0 || off >= sizeof(struct bpf_sock)) |
| 61023658 | 8503 | return false; |
| 61023658 DA |
8504 | if (off % size != 0) |
| 8505 | return false; | |
| aa65d696 MKL |
8506 | |
| 8507 | switch (off) { | |
| 8508 | case offsetof(struct bpf_sock, state): | |
| 8509 | case offsetof(struct bpf_sock, family): | |
| 8510 | case offsetof(struct bpf_sock, type): | |
| 8511 | case offsetof(struct bpf_sock, protocol): | |
| aa65d696 | 8512 | case offsetof(struct bpf_sock, src_port): |
| c3c16f2e | 8513 | case offsetof(struct bpf_sock, rx_queue_mapping): |
| aa65d696 MKL |
8514 | case bpf_ctx_range(struct bpf_sock, src_ip4): |
| 8515 | case bpf_ctx_range_till(struct bpf_sock, src_ip6[0], src_ip6[3]): | |
| 8516 | case bpf_ctx_range(struct bpf_sock, dst_ip4): | |
| 8517 | case bpf_ctx_range_till(struct bpf_sock, dst_ip6[0], dst_ip6[3]): | |
| 8518 | bpf_ctx_record_field_size(info, size_default); | |
| 8519 | return bpf_ctx_narrow_access_ok(off, size, size_default); | |
| 4421a582 JS |
8520 | case bpf_ctx_range(struct bpf_sock, dst_port): |
| 8521 | field_size = size == size_default ? | |
| 8522 | size_default : sizeof_field(struct bpf_sock, dst_port); | |
| 8523 | bpf_ctx_record_field_size(info, field_size); | |
| 8524 | return bpf_ctx_narrow_access_ok(off, size, field_size); | |
| 8525 | case offsetofend(struct bpf_sock, dst_port) ... | |
| 8526 | offsetof(struct bpf_sock, dst_ip4) - 1: | |
| 8527 | return false; | |
| aa65d696 MKL |
8528 | } |
| 8529 | ||
| 8530 | return size == size_default; | |
| 61023658 DA |
8531 | } |
| 8532 | ||
| c64b7983 JS |
8533 | static bool sock_filter_is_valid_access(int off, int size, |
| 8534 | enum bpf_access_type type, | |
| 8535 | const struct bpf_prog *prog, | |
| 8536 | struct bpf_insn_access_aux *info) | |
| 8537 | { | |
| 8538 | if (!bpf_sock_is_valid_access(off, size, type, info)) | |
| 8539 | return false; | |
| 8540 | return __sock_filter_check_attach_type(off, type, | |
| 8541 | prog->expected_attach_type); | |
| 8542 | } | |
| 8543 | ||
| b09928b9 DB |
8544 | static int bpf_noop_prologue(struct bpf_insn *insn_buf, bool direct_write, |
| 8545 | const struct bpf_prog *prog) | |
| 8546 | { | |
| 8547 | /* Neither direct read nor direct write requires any preliminary | |
| 8548 | * action. | |
| 8549 | */ | |
| 8550 | return 0; | |
| 8551 | } | |
| 8552 | ||
| 047b0ecd DB |
8553 | static int bpf_unclone_prologue(struct bpf_insn *insn_buf, bool direct_write, |
| 8554 | const struct bpf_prog *prog, int drop_verdict) | |
| 36bbef52 DB |
8555 | { |
| 8556 | struct bpf_insn *insn = insn_buf; | |
| 8557 | ||
| 8558 | if (!direct_write) | |
| 8559 | return 0; | |
| 8560 | ||
| 8561 | /* if (!skb->cloned) | |
| 8562 | * goto start; | |
| 8563 | * | |
| 8564 | * (Fast-path, otherwise approximation that we might be | |
| 8565 | * a clone, do the rest in helper.) | |
| 8566 | */ | |
| fba84957 | 8567 | *insn++ = BPF_LDX_MEM(BPF_B, BPF_REG_6, BPF_REG_1, CLONED_OFFSET); |
| 36bbef52 DB |
8568 | *insn++ = BPF_ALU32_IMM(BPF_AND, BPF_REG_6, CLONED_MASK); |
| 8569 | *insn++ = BPF_JMP_IMM(BPF_JEQ, BPF_REG_6, 0, 7); | |
| 8570 | ||
| 8571 | /* ret = bpf_skb_pull_data(skb, 0); */ | |
| 8572 | *insn++ = BPF_MOV64_REG(BPF_REG_6, BPF_REG_1); | |
| 8573 | *insn++ = BPF_ALU64_REG(BPF_XOR, BPF_REG_2, BPF_REG_2); | |
| 8574 | *insn++ = BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, | |
| 8575 | BPF_FUNC_skb_pull_data); | |
| 8576 | /* if (!ret) | |
| 8577 | * goto restore; | |
| 8578 | * return TC_ACT_SHOT; | |
| 8579 | */ | |
| 8580 | *insn++ = BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 2); | |
| 047b0ecd | 8581 | *insn++ = BPF_ALU32_IMM(BPF_MOV, BPF_REG_0, drop_verdict); |
| 36bbef52 DB |
8582 | *insn++ = BPF_EXIT_INSN(); |
| 8583 | ||
| 8584 | /* restore: */ | |
| 8585 | *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_6); | |
| 8586 | /* start: */ | |
| 8587 | *insn++ = prog->insnsi[0]; | |
| 8588 | ||
| 8589 | return insn - insn_buf; | |
| 8590 | } | |
| 8591 | ||
| e0cea7ce DB |
8592 | static int bpf_gen_ld_abs(const struct bpf_insn *orig, |
| 8593 | struct bpf_insn *insn_buf) | |
| 8594 | { | |
| 8595 | bool indirect = BPF_MODE(orig->code) == BPF_IND; | |
| 8596 | struct bpf_insn *insn = insn_buf; | |
| 8597 | ||
| e0cea7ce DB |
8598 | if (!indirect) { |
| 8599 | *insn++ = BPF_MOV64_IMM(BPF_REG_2, orig->imm); | |
| 8600 | } else { | |
| 8601 | *insn++ = BPF_MOV64_REG(BPF_REG_2, orig->src_reg); | |
| 8602 | if (orig->imm) | |
| 8603 | *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, orig->imm); | |
| 8604 | } | |
| e6a18d36 DB |
8605 | /* We're guaranteed here that CTX is in R6. */ |
| 8606 | *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_CTX); | |
| e0cea7ce DB |
8607 | |
| 8608 | switch (BPF_SIZE(orig->code)) { | |
| 8609 | case BPF_B: | |
| 8610 | *insn++ = BPF_EMIT_CALL(bpf_skb_load_helper_8_no_cache); | |
| 8611 | break; | |
| 8612 | case BPF_H: | |
| 8613 | *insn++ = BPF_EMIT_CALL(bpf_skb_load_helper_16_no_cache); | |
| 8614 | break; | |
| 8615 | case BPF_W: | |
| 8616 | *insn++ = BPF_EMIT_CALL(bpf_skb_load_helper_32_no_cache); | |
| 8617 | break; | |
| 8618 | } | |
| 8619 | ||
| 8620 | *insn++ = BPF_JMP_IMM(BPF_JSGE, BPF_REG_0, 0, 2); | |
| 8621 | *insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_0, BPF_REG_0); | |
| 8622 | *insn++ = BPF_EXIT_INSN(); | |
| 8623 | ||
| 8624 | return insn - insn_buf; | |
| 8625 | } | |
| 8626 | ||
| 047b0ecd DB |
8627 | static int tc_cls_act_prologue(struct bpf_insn *insn_buf, bool direct_write, |
| 8628 | const struct bpf_prog *prog) | |
| 8629 | { | |
| 8630 | return bpf_unclone_prologue(insn_buf, direct_write, prog, TC_ACT_SHOT); | |
| 8631 | } | |
| 8632 | ||
| d691f9e8 | 8633 | static bool tc_cls_act_is_valid_access(int off, int size, |
| 19de99f7 | 8634 | enum bpf_access_type type, |
| 5e43f899 | 8635 | const struct bpf_prog *prog, |
| 23994631 | 8636 | struct bpf_insn_access_aux *info) |
| d691f9e8 AS |
8637 | { |
| 8638 | if (type == BPF_WRITE) { | |
| 8639 | switch (off) { | |
| f96da094 DB |
8640 | case bpf_ctx_range(struct __sk_buff, mark): |
| 8641 | case bpf_ctx_range(struct __sk_buff, tc_index): | |
| 8642 | case bpf_ctx_range(struct __sk_buff, priority): | |
| 8643 | case bpf_ctx_range(struct __sk_buff, tc_classid): | |
| 8644 | case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]): | |
| f11216b2 | 8645 | case bpf_ctx_range(struct __sk_buff, tstamp): |
| 74e31ca8 | 8646 | case bpf_ctx_range(struct __sk_buff, queue_mapping): |
| d691f9e8 AS |
8647 | break; |
| 8648 | default: | |
| 8649 | return false; | |
| 8650 | } | |
| 8651 | } | |
| 19de99f7 | 8652 | |
| f96da094 DB |
8653 | switch (off) { |
| 8654 | case bpf_ctx_range(struct __sk_buff, data): | |
| 8655 | info->reg_type = PTR_TO_PACKET; | |
| 8656 | break; | |
| de8f3a83 DB |
8657 | case bpf_ctx_range(struct __sk_buff, data_meta): |
| 8658 | info->reg_type = PTR_TO_PACKET_META; | |
| 8659 | break; | |
| f96da094 DB |
8660 | case bpf_ctx_range(struct __sk_buff, data_end): |
| 8661 | info->reg_type = PTR_TO_PACKET_END; | |
| 8662 | break; | |
| 8a31db56 JF |
8663 | case bpf_ctx_range_till(struct __sk_buff, family, local_port): |
| 8664 | return false; | |
| 9bb984f2 | 8665 | case offsetof(struct __sk_buff, tstamp_type): |
| 8d21ec0e MKL |
8666 | /* The convert_ctx_access() on reading and writing |
| 8667 | * __sk_buff->tstamp depends on whether the bpf prog | |
| 9bb984f2 MKL |
8668 | * has used __sk_buff->tstamp_type or not. |
| 8669 | * Thus, we need to set prog->tstamp_type_access | |
| 8d21ec0e MKL |
8670 | * earlier during is_valid_access() here. |
| 8671 | */ | |
| 9bb984f2 | 8672 | ((struct bpf_prog *)prog)->tstamp_type_access = 1; |
| 8d21ec0e | 8673 | return size == sizeof(__u8); |
| f96da094 DB |
8674 | } |
| 8675 | ||
| 5e43f899 | 8676 | return bpf_skb_is_valid_access(off, size, type, prog, info); |
| d691f9e8 AS |
8677 | } |
| 8678 | ||
| 864b656f DX |
8679 | DEFINE_MUTEX(nf_conn_btf_access_lock); |
| 8680 | EXPORT_SYMBOL_GPL(nf_conn_btf_access_lock); | |
| 8681 | ||
| 6728aea7 KKD |
8682 | int (*nfct_btf_struct_access)(struct bpf_verifier_log *log, |
| 8683 | const struct bpf_reg_state *reg, | |
| 8684 | int off, int size, enum bpf_access_type atype, | |
| 8685 | u32 *next_btf_id, enum bpf_type_flag *flag); | |
| 5a090aa3 | 8686 | EXPORT_SYMBOL_GPL(nfct_btf_struct_access); |
| 864b656f DX |
8687 | |
| 8688 | static int tc_cls_act_btf_struct_access(struct bpf_verifier_log *log, | |
| 6728aea7 KKD |
8689 | const struct bpf_reg_state *reg, |
| 8690 | int off, int size, enum bpf_access_type atype, | |
| 8691 | u32 *next_btf_id, enum bpf_type_flag *flag) | |
| 864b656f DX |
8692 | { |
| 8693 | int ret = -EACCES; | |
| 8694 | ||
| 8695 | if (atype == BPF_READ) | |
| 6728aea7 | 8696 | return btf_struct_access(log, reg, off, size, atype, next_btf_id, flag); |
| 864b656f DX |
8697 | |
| 8698 | mutex_lock(&nf_conn_btf_access_lock); | |
| 5a090aa3 | 8699 | if (nfct_btf_struct_access) |
| 6728aea7 | 8700 | ret = nfct_btf_struct_access(log, reg, off, size, atype, next_btf_id, flag); |
| 864b656f DX |
8701 | mutex_unlock(&nf_conn_btf_access_lock); |
| 8702 | ||
| 8703 | return ret; | |
| 8704 | } | |
| 8705 | ||
| 1afaf661 | 8706 | static bool __is_valid_xdp_access(int off, int size) |
| 6a773a15 BB |
8707 | { |
| 8708 | if (off < 0 || off >= sizeof(struct xdp_md)) | |
| 8709 | return false; | |
| 8710 | if (off % size != 0) | |
| 8711 | return false; | |
| 6088b582 | 8712 | if (size != sizeof(__u32)) |
| 6a773a15 BB |
8713 | return false; |
| 8714 | ||
| 8715 | return true; | |
| 8716 | } | |
| 8717 | ||
| 8718 | static bool xdp_is_valid_access(int off, int size, | |
| 8719 | enum bpf_access_type type, | |
| 5e43f899 | 8720 | const struct bpf_prog *prog, |
| 23994631 | 8721 | struct bpf_insn_access_aux *info) |
| 6a773a15 | 8722 | { |
| 64b59025 DA |
8723 | if (prog->expected_attach_type != BPF_XDP_DEVMAP) { |
| 8724 | switch (off) { | |
| 8725 | case offsetof(struct xdp_md, egress_ifindex): | |
| 8726 | return false; | |
| 8727 | } | |
| 8728 | } | |
| 8729 | ||
| 0d830032 JK |
8730 | if (type == BPF_WRITE) { |
| 8731 | if (bpf_prog_is_dev_bound(prog->aux)) { | |
| 8732 | switch (off) { | |
| 8733 | case offsetof(struct xdp_md, rx_queue_index): | |
| 8734 | return __is_valid_xdp_access(off, size); | |
| 8735 | } | |
| 8736 | } | |
| 6a773a15 | 8737 | return false; |
| 0d830032 | 8738 | } |
| 6a773a15 BB |
8739 | |
| 8740 | switch (off) { | |
| 8741 | case offsetof(struct xdp_md, data): | |
| 23994631 | 8742 | info->reg_type = PTR_TO_PACKET; |
| 6a773a15 | 8743 | break; |
| de8f3a83 DB |
8744 | case offsetof(struct xdp_md, data_meta): |
| 8745 | info->reg_type = PTR_TO_PACKET_META; | |
| 8746 | break; | |
| 6a773a15 | 8747 | case offsetof(struct xdp_md, data_end): |
| 23994631 | 8748 | info->reg_type = PTR_TO_PACKET_END; |
| 6a773a15 BB |
8749 | break; |
| 8750 | } | |
| 8751 | ||
| 1afaf661 | 8752 | return __is_valid_xdp_access(off, size); |
| 6a773a15 BB |
8753 | } |
| 8754 | ||
| c8064e5b | 8755 | void bpf_warn_invalid_xdp_action(struct net_device *dev, struct bpf_prog *prog, u32 act) |
| 6a773a15 | 8756 | { |
| 9beb8bed DB |
8757 | const u32 act_max = XDP_REDIRECT; |
| 8758 | ||
| c8064e5b | 8759 | pr_warn_once("%s XDP return value %u on prog %s (id %d) dev %s, expect packet loss!\n", |
| 2cbad989 | 8760 | act > act_max ? "Illegal" : "Driver unsupported", |
| c8064e5b | 8761 | act, prog->aux->name, prog->aux->id, dev ? dev->name : "N/A"); |
| 6a773a15 BB |
8762 | } |
| 8763 | EXPORT_SYMBOL_GPL(bpf_warn_invalid_xdp_action); | |
| 8764 | ||
| 864b656f | 8765 | static int xdp_btf_struct_access(struct bpf_verifier_log *log, |
| 6728aea7 KKD |
8766 | const struct bpf_reg_state *reg, |
| 8767 | int off, int size, enum bpf_access_type atype, | |
| 8768 | u32 *next_btf_id, enum bpf_type_flag *flag) | |
| 864b656f DX |
8769 | { |
| 8770 | int ret = -EACCES; | |
| 8771 | ||
| 8772 | if (atype == BPF_READ) | |
| 6728aea7 | 8773 | return btf_struct_access(log, reg, off, size, atype, next_btf_id, flag); |
| 864b656f DX |
8774 | |
| 8775 | mutex_lock(&nf_conn_btf_access_lock); | |
| 5a090aa3 | 8776 | if (nfct_btf_struct_access) |
| 6728aea7 | 8777 | ret = nfct_btf_struct_access(log, reg, off, size, atype, next_btf_id, flag); |
| 864b656f DX |
8778 | mutex_unlock(&nf_conn_btf_access_lock); |
| 8779 | ||
| 8780 | return ret; | |
| 8781 | } | |
| 8782 | ||
| 4fbac77d AI |
8783 | static bool sock_addr_is_valid_access(int off, int size, |
| 8784 | enum bpf_access_type type, | |
| 8785 | const struct bpf_prog *prog, | |
| 8786 | struct bpf_insn_access_aux *info) | |
| 8787 | { | |
| 8788 | const int size_default = sizeof(__u32); | |
| 8789 | ||
| 8790 | if (off < 0 || off >= sizeof(struct bpf_sock_addr)) | |
| 8791 | return false; | |
| 8792 | if (off % size != 0) | |
| 8793 | return false; | |
| 8794 | ||
| 8795 | /* Disallow access to IPv6 fields from IPv4 contex and vise | |
| 8796 | * versa. | |
| 8797 | */ | |
| 8798 | switch (off) { | |
| 8799 | case bpf_ctx_range(struct bpf_sock_addr, user_ip4): | |
| 8800 | switch (prog->expected_attach_type) { | |
| 8801 | case BPF_CGROUP_INET4_BIND: | |
| d74bad4e | 8802 | case BPF_CGROUP_INET4_CONNECT: |
| 1b66d253 DB |
8803 | case BPF_CGROUP_INET4_GETPEERNAME: |
| 8804 | case BPF_CGROUP_INET4_GETSOCKNAME: | |
| 1cedee13 | 8805 | case BPF_CGROUP_UDP4_SENDMSG: |
| 983695fa | 8806 | case BPF_CGROUP_UDP4_RECVMSG: |
| 4fbac77d AI |
8807 | break; |
| 8808 | default: | |
| 8809 | return false; | |
| 8810 | } | |
| 8811 | break; | |
| 8812 | case bpf_ctx_range_till(struct bpf_sock_addr, user_ip6[0], user_ip6[3]): | |
| 8813 | switch (prog->expected_attach_type) { | |
| 8814 | case BPF_CGROUP_INET6_BIND: | |
| d74bad4e | 8815 | case BPF_CGROUP_INET6_CONNECT: |
| 1b66d253 DB |
8816 | case BPF_CGROUP_INET6_GETPEERNAME: |
| 8817 | case BPF_CGROUP_INET6_GETSOCKNAME: | |
| 1cedee13 | 8818 | case BPF_CGROUP_UDP6_SENDMSG: |
| 983695fa | 8819 | case BPF_CGROUP_UDP6_RECVMSG: |
| 1cedee13 AI |
8820 | break; |
| 8821 | default: | |
| 8822 | return false; | |
| 8823 | } | |
| 8824 | break; | |
| 8825 | case bpf_ctx_range(struct bpf_sock_addr, msg_src_ip4): | |
| 8826 | switch (prog->expected_attach_type) { | |
| 8827 | case BPF_CGROUP_UDP4_SENDMSG: | |
| 8828 | break; | |
| 8829 | default: | |
| 8830 | return false; | |
| 8831 | } | |
| 8832 | break; | |
| 8833 | case bpf_ctx_range_till(struct bpf_sock_addr, msg_src_ip6[0], | |
| 8834 | msg_src_ip6[3]): | |
| 8835 | switch (prog->expected_attach_type) { | |
| 8836 | case BPF_CGROUP_UDP6_SENDMSG: | |
| 4fbac77d AI |
8837 | break; |
| 8838 | default: | |
| 8839 | return false; | |
| 8840 | } | |
| 8841 | break; | |
| 8842 | } | |
| 8843 | ||
| 8844 | switch (off) { | |
| 8845 | case bpf_ctx_range(struct bpf_sock_addr, user_ip4): | |
| 8846 | case bpf_ctx_range_till(struct bpf_sock_addr, user_ip6[0], user_ip6[3]): | |
| 1cedee13 AI |
8847 | case bpf_ctx_range(struct bpf_sock_addr, msg_src_ip4): |
| 8848 | case bpf_ctx_range_till(struct bpf_sock_addr, msg_src_ip6[0], | |
| 8849 | msg_src_ip6[3]): | |
| 7aebfa1b | 8850 | case bpf_ctx_range(struct bpf_sock_addr, user_port): |
| 4fbac77d AI |
8851 | if (type == BPF_READ) { |
| 8852 | bpf_ctx_record_field_size(info, size_default); | |
| d4ecfeb1 SF |
8853 | |
| 8854 | if (bpf_ctx_wide_access_ok(off, size, | |
| 8855 | struct bpf_sock_addr, | |
| 8856 | user_ip6)) | |
| 8857 | return true; | |
| 8858 | ||
| 8859 | if (bpf_ctx_wide_access_ok(off, size, | |
| 8860 | struct bpf_sock_addr, | |
| 8861 | msg_src_ip6)) | |
| 8862 | return true; | |
| 8863 | ||
| 4fbac77d AI |
8864 | if (!bpf_ctx_narrow_access_ok(off, size, size_default)) |
| 8865 | return false; | |
| 8866 | } else { | |
| b4399546 SF |
8867 | if (bpf_ctx_wide_access_ok(off, size, |
| 8868 | struct bpf_sock_addr, | |
| 8869 | user_ip6)) | |
| 600c70ba SF |
8870 | return true; |
| 8871 | ||
| b4399546 SF |
8872 | if (bpf_ctx_wide_access_ok(off, size, |
| 8873 | struct bpf_sock_addr, | |
| 8874 | msg_src_ip6)) | |
| 600c70ba SF |
8875 | return true; |
| 8876 | ||
| 4fbac77d AI |
8877 | if (size != size_default) |
| 8878 | return false; | |
| 8879 | } | |
| 8880 | break; | |
| fb85c4a7 SF |
8881 | case offsetof(struct bpf_sock_addr, sk): |
| 8882 | if (type != BPF_READ) | |
| 8883 | return false; | |
| 8884 | if (size != sizeof(__u64)) | |
| 8885 | return false; | |
| 8886 | info->reg_type = PTR_TO_SOCKET; | |
| 8887 | break; | |
| 4fbac77d AI |
8888 | default: |
| 8889 | if (type == BPF_READ) { | |
| 8890 | if (size != size_default) | |
| 8891 | return false; | |
| 8892 | } else { | |
| 8893 | return false; | |
| 8894 | } | |
| 8895 | } | |
| 8896 | ||
| 8897 | return true; | |
| 8898 | } | |
| 8899 | ||
| 44f0e430 LB |
8900 | static bool sock_ops_is_valid_access(int off, int size, |
| 8901 | enum bpf_access_type type, | |
| 5e43f899 | 8902 | const struct bpf_prog *prog, |
| 44f0e430 | 8903 | struct bpf_insn_access_aux *info) |
| 40304b2a | 8904 | { |
| 44f0e430 LB |
8905 | const int size_default = sizeof(__u32); |
| 8906 | ||
| 40304b2a LB |
8907 | if (off < 0 || off >= sizeof(struct bpf_sock_ops)) |
| 8908 | return false; | |
| 44f0e430 | 8909 | |
| 40304b2a LB |
8910 | /* The verifier guarantees that size > 0. */ |
| 8911 | if (off % size != 0) | |
| 8912 | return false; | |
| 40304b2a | 8913 | |
| 40304b2a LB |
8914 | if (type == BPF_WRITE) { |
| 8915 | switch (off) { | |
| 2585cd62 | 8916 | case offsetof(struct bpf_sock_ops, reply): |
| 6f9bd3d7 | 8917 | case offsetof(struct bpf_sock_ops, sk_txhash): |
| 44f0e430 LB |
8918 | if (size != size_default) |
| 8919 | return false; | |
| 40304b2a LB |
8920 | break; |
| 8921 | default: | |
| 8922 | return false; | |
| 8923 | } | |
| 44f0e430 LB |
8924 | } else { |
| 8925 | switch (off) { | |
| 8926 | case bpf_ctx_range_till(struct bpf_sock_ops, bytes_received, | |
| 8927 | bytes_acked): | |
| 8928 | if (size != sizeof(__u64)) | |
| 8929 | return false; | |
| 8930 | break; | |
| 1314ef56 SF |
8931 | case offsetof(struct bpf_sock_ops, sk): |
| 8932 | if (size != sizeof(__u64)) | |
| 8933 | return false; | |
| 8934 | info->reg_type = PTR_TO_SOCKET_OR_NULL; | |
| 8935 | break; | |
| 0813a841 MKL |
8936 | case offsetof(struct bpf_sock_ops, skb_data): |
| 8937 | if (size != sizeof(__u64)) | |
| 8938 | return false; | |
| 8939 | info->reg_type = PTR_TO_PACKET; | |
| 8940 | break; | |
| 8941 | case offsetof(struct bpf_sock_ops, skb_data_end): | |
| 8942 | if (size != sizeof(__u64)) | |
| 8943 | return false; | |
| 8944 | info->reg_type = PTR_TO_PACKET_END; | |
| 8945 | break; | |
| 8946 | case offsetof(struct bpf_sock_ops, skb_tcp_flags): | |
| 8947 | bpf_ctx_record_field_size(info, size_default); | |
| 8948 | return bpf_ctx_narrow_access_ok(off, size, | |
| 8949 | size_default); | |
| 9bb05349 MKL |
8950 | case offsetof(struct bpf_sock_ops, skb_hwtstamp): |
| 8951 | if (size != sizeof(__u64)) | |
| 8952 | return false; | |
| 8953 | break; | |
| 44f0e430 LB |
8954 | default: |
| 8955 | if (size != size_default) | |
| 8956 | return false; | |
| 8957 | break; | |
| 8958 | } | |
| 40304b2a LB |
8959 | } |
| 8960 | ||
| 44f0e430 | 8961 | return true; |
| 40304b2a LB |
8962 | } |
| 8963 | ||
| 8a31db56 JF |
8964 | static int sk_skb_prologue(struct bpf_insn *insn_buf, bool direct_write, |
| 8965 | const struct bpf_prog *prog) | |
| 8966 | { | |
| 047b0ecd | 8967 | return bpf_unclone_prologue(insn_buf, direct_write, prog, SK_DROP); |
| 8a31db56 JF |
8968 | } |
| 8969 | ||
| b005fd18 JF |
8970 | static bool sk_skb_is_valid_access(int off, int size, |
| 8971 | enum bpf_access_type type, | |
| 5e43f899 | 8972 | const struct bpf_prog *prog, |
| b005fd18 JF |
8973 | struct bpf_insn_access_aux *info) |
| 8974 | { | |
| de8f3a83 DB |
8975 | switch (off) { |
| 8976 | case bpf_ctx_range(struct __sk_buff, tc_classid): | |
| 8977 | case bpf_ctx_range(struct __sk_buff, data_meta): | |
| f11216b2 | 8978 | case bpf_ctx_range(struct __sk_buff, tstamp): |
| e3da08d0 | 8979 | case bpf_ctx_range(struct __sk_buff, wire_len): |
| f64c4ace | 8980 | case bpf_ctx_range(struct __sk_buff, hwtstamp): |
| de8f3a83 DB |
8981 | return false; |
| 8982 | } | |
| 8983 | ||
| 8a31db56 JF |
8984 | if (type == BPF_WRITE) { |
| 8985 | switch (off) { | |
| 8a31db56 JF |
8986 | case bpf_ctx_range(struct __sk_buff, tc_index): |
| 8987 | case bpf_ctx_range(struct __sk_buff, priority): | |
| 8988 | break; | |
| 8989 | default: | |
| 8990 | return false; | |
| 8991 | } | |
| 8992 | } | |
| 8993 | ||
| b005fd18 | 8994 | switch (off) { |
| f7e9cb1e | 8995 | case bpf_ctx_range(struct __sk_buff, mark): |
| 8a31db56 | 8996 | return false; |
| b005fd18 JF |
8997 | case bpf_ctx_range(struct __sk_buff, data): |
| 8998 | info->reg_type = PTR_TO_PACKET; | |
| 8999 | break; | |
| 9000 | case bpf_ctx_range(struct __sk_buff, data_end): | |
| 9001 | info->reg_type = PTR_TO_PACKET_END; | |
| 9002 | break; | |
| 9003 | } | |
| 9004 | ||
| 5e43f899 | 9005 | return bpf_skb_is_valid_access(off, size, type, prog, info); |
| b005fd18 JF |
9006 | } |
| 9007 | ||
| 4f738adb JF |
9008 | static bool sk_msg_is_valid_access(int off, int size, |
| 9009 | enum bpf_access_type type, | |
| 5e43f899 | 9010 | const struct bpf_prog *prog, |
| 4f738adb JF |
9011 | struct bpf_insn_access_aux *info) |
| 9012 | { | |
| 9013 | if (type == BPF_WRITE) | |
| 9014 | return false; | |
| 9015 | ||
| bc1b4f01 JF |
9016 | if (off % size != 0) |
| 9017 | return false; | |
| 9018 | ||
| 4f738adb JF |
9019 | switch (off) { |
| 9020 | case offsetof(struct sk_msg_md, data): | |
| 9021 | info->reg_type = PTR_TO_PACKET; | |
| 303def35 JF |
9022 | if (size != sizeof(__u64)) |
| 9023 | return false; | |
| 4f738adb JF |
9024 | break; |
| 9025 | case offsetof(struct sk_msg_md, data_end): | |
| 9026 | info->reg_type = PTR_TO_PACKET_END; | |
| 303def35 JF |
9027 | if (size != sizeof(__u64)) |
| 9028 | return false; | |
| 4f738adb | 9029 | break; |
| 13d70f5a JF |
9030 | case offsetof(struct sk_msg_md, sk): |
| 9031 | if (size != sizeof(__u64)) | |
| 9032 | return false; | |
| 9033 | info->reg_type = PTR_TO_SOCKET; | |
| 9034 | break; | |
| bc1b4f01 JF |
9035 | case bpf_ctx_range(struct sk_msg_md, family): |
| 9036 | case bpf_ctx_range(struct sk_msg_md, remote_ip4): | |
| 9037 | case bpf_ctx_range(struct sk_msg_md, local_ip4): | |
| 9038 | case bpf_ctx_range_till(struct sk_msg_md, remote_ip6[0], remote_ip6[3]): | |
| 9039 | case bpf_ctx_range_till(struct sk_msg_md, local_ip6[0], local_ip6[3]): | |
| 9040 | case bpf_ctx_range(struct sk_msg_md, remote_port): | |
| 9041 | case bpf_ctx_range(struct sk_msg_md, local_port): | |
| 9042 | case bpf_ctx_range(struct sk_msg_md, size): | |
| 303def35 JF |
9043 | if (size != sizeof(__u32)) |
| 9044 | return false; | |
| bc1b4f01 JF |
9045 | break; |
| 9046 | default: | |
| 4f738adb | 9047 | return false; |
| bc1b4f01 | 9048 | } |
| 4f738adb JF |
9049 | return true; |
| 9050 | } | |
| 9051 | ||
| d58e468b PP |
9052 | static bool flow_dissector_is_valid_access(int off, int size, |
| 9053 | enum bpf_access_type type, | |
| 9054 | const struct bpf_prog *prog, | |
| 9055 | struct bpf_insn_access_aux *info) | |
| 9056 | { | |
| 089b19a9 SF |
9057 | const int size_default = sizeof(__u32); |
| 9058 | ||
| 9059 | if (off < 0 || off >= sizeof(struct __sk_buff)) | |
| 9060 | return false; | |
| 9061 | ||
| 2ee7fba0 SF |
9062 | if (type == BPF_WRITE) |
| 9063 | return false; | |
| d58e468b PP |
9064 | |
| 9065 | switch (off) { | |
| 9066 | case bpf_ctx_range(struct __sk_buff, data): | |
| 089b19a9 SF |
9067 | if (size != size_default) |
| 9068 | return false; | |
| d58e468b | 9069 | info->reg_type = PTR_TO_PACKET; |
| 089b19a9 | 9070 | return true; |
| d58e468b | 9071 | case bpf_ctx_range(struct __sk_buff, data_end): |
| 089b19a9 SF |
9072 | if (size != size_default) |
| 9073 | return false; | |
| d58e468b | 9074 | info->reg_type = PTR_TO_PACKET_END; |
| 089b19a9 | 9075 | return true; |
| b7df9ada | 9076 | case bpf_ctx_range_ptr(struct __sk_buff, flow_keys): |
| 089b19a9 SF |
9077 | if (size != sizeof(__u64)) |
| 9078 | return false; | |
| d58e468b | 9079 | info->reg_type = PTR_TO_FLOW_KEYS; |
| 089b19a9 | 9080 | return true; |
| 2ee7fba0 | 9081 | default: |
| d58e468b PP |
9082 | return false; |
| 9083 | } | |
| 089b19a9 | 9084 | } |
| d58e468b | 9085 | |
| 089b19a9 SF |
9086 | static u32 flow_dissector_convert_ctx_access(enum bpf_access_type type, |
| 9087 | const struct bpf_insn *si, | |
| 9088 | struct bpf_insn *insn_buf, | |
| 9089 | struct bpf_prog *prog, | |
| 9090 | u32 *target_size) | |
| 9091 | ||
| 9092 | { | |
| 9093 | struct bpf_insn *insn = insn_buf; | |
| 9094 | ||
| 9095 | switch (si->off) { | |
| 9096 | case offsetof(struct __sk_buff, data): | |
| 9097 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_flow_dissector, data), | |
| 9098 | si->dst_reg, si->src_reg, | |
| 9099 | offsetof(struct bpf_flow_dissector, data)); | |
| 9100 | break; | |
| 9101 | ||
| 9102 | case offsetof(struct __sk_buff, data_end): | |
| 9103 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_flow_dissector, data_end), | |
| 9104 | si->dst_reg, si->src_reg, | |
| 9105 | offsetof(struct bpf_flow_dissector, data_end)); | |
| 9106 | break; | |
| 9107 | ||
| 9108 | case offsetof(struct __sk_buff, flow_keys): | |
| 9109 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_flow_dissector, flow_keys), | |
| 9110 | si->dst_reg, si->src_reg, | |
| 9111 | offsetof(struct bpf_flow_dissector, flow_keys)); | |
| 9112 | break; | |
| 9113 | } | |
| 9114 | ||
| 9115 | return insn - insn_buf; | |
| d58e468b PP |
9116 | } |
| 9117 | ||
| 9bb984f2 MKL |
9118 | static struct bpf_insn *bpf_convert_tstamp_type_read(const struct bpf_insn *si, |
| 9119 | struct bpf_insn *insn) | |
| 8d21ec0e MKL |
9120 | { |
| 9121 | __u8 value_reg = si->dst_reg; | |
| 9122 | __u8 skb_reg = si->src_reg; | |
| 9bb984f2 | 9123 | /* AX is needed because src_reg and dst_reg could be the same */ |
| 8d21ec0e MKL |
9124 | __u8 tmp_reg = BPF_REG_AX; |
| 9125 | ||
| 9126 | *insn++ = BPF_LDX_MEM(BPF_B, tmp_reg, skb_reg, | |
| 3b5d4ddf | 9127 | PKT_VLAN_PRESENT_OFFSET); |
| 9bb984f2 MKL |
9128 | *insn++ = BPF_JMP32_IMM(BPF_JSET, tmp_reg, |
| 9129 | SKB_MONO_DELIVERY_TIME_MASK, 2); | |
| 9130 | *insn++ = BPF_MOV32_IMM(value_reg, BPF_SKB_TSTAMP_UNSPEC); | |
| 8d21ec0e | 9131 | *insn++ = BPF_JMP_A(1); |
| 9bb984f2 | 9132 | *insn++ = BPF_MOV32_IMM(value_reg, BPF_SKB_TSTAMP_DELIVERY_MONO); |
| 8d21ec0e | 9133 | |
| 8d21ec0e MKL |
9134 | return insn; |
| 9135 | } | |
| 9136 | ||
| 9bb05349 | 9137 | static struct bpf_insn *bpf_convert_shinfo_access(__u8 dst_reg, __u8 skb_reg, |
| cf62089b WB |
9138 | struct bpf_insn *insn) |
| 9139 | { | |
| 9140 | /* si->dst_reg = skb_shinfo(SKB); */ | |
| 9141 | #ifdef NET_SKBUFF_DATA_USES_OFFSET | |
| 9142 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, end), | |
| 9bb05349 | 9143 | BPF_REG_AX, skb_reg, |
| cf62089b WB |
9144 | offsetof(struct sk_buff, end)); |
| 9145 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, head), | |
| 9bb05349 | 9146 | dst_reg, skb_reg, |
| cf62089b | 9147 | offsetof(struct sk_buff, head)); |
| 9bb05349 | 9148 | *insn++ = BPF_ALU64_REG(BPF_ADD, dst_reg, BPF_REG_AX); |
| cf62089b WB |
9149 | #else |
| 9150 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, end), | |
| 9bb05349 | 9151 | dst_reg, skb_reg, |
| cf62089b WB |
9152 | offsetof(struct sk_buff, end)); |
| 9153 | #endif | |
| 9154 | ||
| 9155 | return insn; | |
| 9156 | } | |
| 9157 | ||
| 8d21ec0e MKL |
9158 | static struct bpf_insn *bpf_convert_tstamp_read(const struct bpf_prog *prog, |
| 9159 | const struct bpf_insn *si, | |
| 7449197d MKL |
9160 | struct bpf_insn *insn) |
| 9161 | { | |
| 9162 | __u8 value_reg = si->dst_reg; | |
| 9163 | __u8 skb_reg = si->src_reg; | |
| 9164 | ||
| 9165 | #ifdef CONFIG_NET_CLS_ACT | |
| 9bb984f2 | 9166 | /* If the tstamp_type is read, |
| 539de932 | 9167 | * the bpf prog is aware the tstamp could have delivery time. |
| 9bb984f2 | 9168 | * Thus, read skb->tstamp as is if tstamp_type_access is true. |
| 539de932 | 9169 | */ |
| 9bb984f2 | 9170 | if (!prog->tstamp_type_access) { |
| 539de932 | 9171 | /* AX is needed because src_reg and dst_reg could be the same */ |
| 8d21ec0e MKL |
9172 | __u8 tmp_reg = BPF_REG_AX; |
| 9173 | ||
| 3b5d4ddf | 9174 | *insn++ = BPF_LDX_MEM(BPF_B, tmp_reg, skb_reg, PKT_VLAN_PRESENT_OFFSET); |
| 8d21ec0e | 9175 | *insn++ = BPF_ALU32_IMM(BPF_AND, tmp_reg, |
| 539de932 MKL |
9176 | TC_AT_INGRESS_MASK | SKB_MONO_DELIVERY_TIME_MASK); |
| 9177 | *insn++ = BPF_JMP32_IMM(BPF_JNE, tmp_reg, | |
| 9178 | TC_AT_INGRESS_MASK | SKB_MONO_DELIVERY_TIME_MASK, 2); | |
| 9179 | /* skb->tc_at_ingress && skb->mono_delivery_time, | |
| 9180 | * read 0 as the (rcv) timestamp. | |
| 9181 | */ | |
| 8d21ec0e MKL |
9182 | *insn++ = BPF_MOV64_IMM(value_reg, 0); |
| 9183 | *insn++ = BPF_JMP_A(1); | |
| 9184 | } | |
| 7449197d MKL |
9185 | #endif |
| 9186 | ||
| 9187 | *insn++ = BPF_LDX_MEM(BPF_DW, value_reg, skb_reg, | |
| 9188 | offsetof(struct sk_buff, tstamp)); | |
| 9189 | return insn; | |
| 9190 | } | |
| 9191 | ||
| 8d21ec0e MKL |
9192 | static struct bpf_insn *bpf_convert_tstamp_write(const struct bpf_prog *prog, |
| 9193 | const struct bpf_insn *si, | |
| 7449197d MKL |
9194 | struct bpf_insn *insn) |
| 9195 | { | |
| 9196 | __u8 value_reg = si->src_reg; | |
| 9197 | __u8 skb_reg = si->dst_reg; | |
| 9198 | ||
| 9199 | #ifdef CONFIG_NET_CLS_ACT | |
| 9bb984f2 | 9200 | /* If the tstamp_type is read, |
| 9d90db97 | 9201 | * the bpf prog is aware the tstamp could have delivery time. |
| 9bb984f2 | 9202 | * Thus, write skb->tstamp as is if tstamp_type_access is true. |
| 9d90db97 MKL |
9203 | * Otherwise, writing at ingress will have to clear the |
| 9204 | * mono_delivery_time bit also. | |
| 9205 | */ | |
| 9bb984f2 | 9206 | if (!prog->tstamp_type_access) { |
| 8d21ec0e MKL |
9207 | __u8 tmp_reg = BPF_REG_AX; |
| 9208 | ||
| 3b5d4ddf | 9209 | *insn++ = BPF_LDX_MEM(BPF_B, tmp_reg, skb_reg, PKT_VLAN_PRESENT_OFFSET); |
| 9d90db97 MKL |
9210 | /* Writing __sk_buff->tstamp as ingress, goto <clear> */ |
| 9211 | *insn++ = BPF_JMP32_IMM(BPF_JSET, tmp_reg, TC_AT_INGRESS_MASK, 1); | |
| 9212 | /* goto <store> */ | |
| 9213 | *insn++ = BPF_JMP_A(2); | |
| 9214 | /* <clear>: mono_delivery_time */ | |
| 9215 | *insn++ = BPF_ALU32_IMM(BPF_AND, tmp_reg, ~SKB_MONO_DELIVERY_TIME_MASK); | |
| 9216 | *insn++ = BPF_STX_MEM(BPF_B, skb_reg, tmp_reg, PKT_VLAN_PRESENT_OFFSET); | |
| 8d21ec0e | 9217 | } |
| 7449197d MKL |
9218 | #endif |
| 9219 | ||
| 9d90db97 | 9220 | /* <store>: skb->tstamp = tstamp */ |
| 7449197d MKL |
9221 | *insn++ = BPF_STX_MEM(BPF_DW, skb_reg, value_reg, |
| 9222 | offsetof(struct sk_buff, tstamp)); | |
| 9223 | return insn; | |
| 9224 | } | |
| 9225 | ||
| 2492d3b8 DB |
9226 | static u32 bpf_convert_ctx_access(enum bpf_access_type type, |
| 9227 | const struct bpf_insn *si, | |
| 9228 | struct bpf_insn *insn_buf, | |
| f96da094 | 9229 | struct bpf_prog *prog, u32 *target_size) |
| 9bac3d6d AS |
9230 | { |
| 9231 | struct bpf_insn *insn = insn_buf; | |
| 6b8cc1d1 | 9232 | int off; |
| 9bac3d6d | 9233 | |
| 6b8cc1d1 | 9234 | switch (si->off) { |
| 9bac3d6d | 9235 | case offsetof(struct __sk_buff, len): |
| 6b8cc1d1 | 9236 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9237 | bpf_target_off(struct sk_buff, len, 4, |
| 9238 | target_size)); | |
| 9bac3d6d AS |
9239 | break; |
| 9240 | ||
| 0b8c707d | 9241 | case offsetof(struct __sk_buff, protocol): |
| 6b8cc1d1 | 9242 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, |
| f96da094 DB |
9243 | bpf_target_off(struct sk_buff, protocol, 2, |
| 9244 | target_size)); | |
| 0b8c707d DB |
9245 | break; |
| 9246 | ||
| 27cd5452 | 9247 | case offsetof(struct __sk_buff, vlan_proto): |
| 6b8cc1d1 | 9248 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, |
| f96da094 DB |
9249 | bpf_target_off(struct sk_buff, vlan_proto, 2, |
| 9250 | target_size)); | |
| 27cd5452 MS |
9251 | break; |
| 9252 | ||
| bcad5718 | 9253 | case offsetof(struct __sk_buff, priority): |
| 754f1e6a | 9254 | if (type == BPF_WRITE) |
| 6b8cc1d1 | 9255 | *insn++ = BPF_STX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9256 | bpf_target_off(struct sk_buff, priority, 4, |
| 9257 | target_size)); | |
| 754f1e6a | 9258 | else |
| 6b8cc1d1 | 9259 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9260 | bpf_target_off(struct sk_buff, priority, 4, |
| 9261 | target_size)); | |
| bcad5718 DB |
9262 | break; |
| 9263 | ||
| 37e82c2f | 9264 | case offsetof(struct __sk_buff, ingress_ifindex): |
| 6b8cc1d1 | 9265 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9266 | bpf_target_off(struct sk_buff, skb_iif, 4, |
| 9267 | target_size)); | |
| 37e82c2f AS |
9268 | break; |
| 9269 | ||
| 9270 | case offsetof(struct __sk_buff, ifindex): | |
| f035a515 | 9271 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, dev), |
| 6b8cc1d1 | 9272 | si->dst_reg, si->src_reg, |
| 37e82c2f | 9273 | offsetof(struct sk_buff, dev)); |
| 6b8cc1d1 DB |
9274 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); |
| 9275 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| f96da094 DB |
9276 | bpf_target_off(struct net_device, ifindex, 4, |
| 9277 | target_size)); | |
| 37e82c2f AS |
9278 | break; |
| 9279 | ||
| ba7591d8 | 9280 | case offsetof(struct __sk_buff, hash): |
| 6b8cc1d1 | 9281 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9282 | bpf_target_off(struct sk_buff, hash, 4, |
| 9283 | target_size)); | |
| ba7591d8 DB |
9284 | break; |
| 9285 | ||
| 9bac3d6d | 9286 | case offsetof(struct __sk_buff, mark): |
| d691f9e8 | 9287 | if (type == BPF_WRITE) |
| 6b8cc1d1 | 9288 | *insn++ = BPF_STX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9289 | bpf_target_off(struct sk_buff, mark, 4, |
| 9290 | target_size)); | |
| d691f9e8 | 9291 | else |
| 6b8cc1d1 | 9292 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9293 | bpf_target_off(struct sk_buff, mark, 4, |
| 9294 | target_size)); | |
| d691f9e8 | 9295 | break; |
| 9bac3d6d AS |
9296 | |
| 9297 | case offsetof(struct __sk_buff, pkt_type): | |
| f96da094 DB |
9298 | *target_size = 1; |
| 9299 | *insn++ = BPF_LDX_MEM(BPF_B, si->dst_reg, si->src_reg, | |
| fba84957 | 9300 | PKT_TYPE_OFFSET); |
| f96da094 DB |
9301 | *insn++ = BPF_ALU32_IMM(BPF_AND, si->dst_reg, PKT_TYPE_MAX); |
| 9302 | #ifdef __BIG_ENDIAN_BITFIELD | |
| 9303 | *insn++ = BPF_ALU32_IMM(BPF_RSH, si->dst_reg, 5); | |
| 9304 | #endif | |
| 9305 | break; | |
| 9bac3d6d AS |
9306 | |
| 9307 | case offsetof(struct __sk_buff, queue_mapping): | |
| 74e31ca8 JDB |
9308 | if (type == BPF_WRITE) { |
| 9309 | *insn++ = BPF_JMP_IMM(BPF_JGE, si->src_reg, NO_QUEUE_MAPPING, 1); | |
| 9310 | *insn++ = BPF_STX_MEM(BPF_H, si->dst_reg, si->src_reg, | |
| 9311 | bpf_target_off(struct sk_buff, | |
| 9312 | queue_mapping, | |
| 9313 | 2, target_size)); | |
| 9314 | } else { | |
| 9315 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, | |
| 9316 | bpf_target_off(struct sk_buff, | |
| 9317 | queue_mapping, | |
| 9318 | 2, target_size)); | |
| 9319 | } | |
| f96da094 | 9320 | break; |
| c2497395 | 9321 | |
| c2497395 | 9322 | case offsetof(struct __sk_buff, vlan_present): |
| 354259fa ED |
9323 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| 9324 | bpf_target_off(struct sk_buff, | |
| 9325 | vlan_all, 4, target_size)); | |
| 9326 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); | |
| 9327 | *insn++ = BPF_ALU32_IMM(BPF_MOV, si->dst_reg, 1); | |
| 9c212255 | 9328 | break; |
| f96da094 | 9329 | |
| 9c212255 | 9330 | case offsetof(struct __sk_buff, vlan_tci): |
| f96da094 DB |
9331 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, |
| 9332 | bpf_target_off(struct sk_buff, vlan_tci, 2, | |
| 9333 | target_size)); | |
| f96da094 | 9334 | break; |
| d691f9e8 AS |
9335 | |
| 9336 | case offsetof(struct __sk_buff, cb[0]) ... | |
| f96da094 | 9337 | offsetofend(struct __sk_buff, cb[4]) - 1: |
| c593642c | 9338 | BUILD_BUG_ON(sizeof_field(struct qdisc_skb_cb, data) < 20); |
| 62c7989b DB |
9339 | BUILD_BUG_ON((offsetof(struct sk_buff, cb) + |
| 9340 | offsetof(struct qdisc_skb_cb, data)) % | |
| 9341 | sizeof(__u64)); | |
| d691f9e8 | 9342 | |
| ff936a04 | 9343 | prog->cb_access = 1; |
| 6b8cc1d1 DB |
9344 | off = si->off; |
| 9345 | off -= offsetof(struct __sk_buff, cb[0]); | |
| 9346 | off += offsetof(struct sk_buff, cb); | |
| 9347 | off += offsetof(struct qdisc_skb_cb, data); | |
| d691f9e8 | 9348 | if (type == BPF_WRITE) |
| 62c7989b | 9349 | *insn++ = BPF_STX_MEM(BPF_SIZE(si->code), si->dst_reg, |
| 6b8cc1d1 | 9350 | si->src_reg, off); |
| d691f9e8 | 9351 | else |
| 62c7989b | 9352 | *insn++ = BPF_LDX_MEM(BPF_SIZE(si->code), si->dst_reg, |
| 6b8cc1d1 | 9353 | si->src_reg, off); |
| d691f9e8 AS |
9354 | break; |
| 9355 | ||
| 045efa82 | 9356 | case offsetof(struct __sk_buff, tc_classid): |
| c593642c | 9357 | BUILD_BUG_ON(sizeof_field(struct qdisc_skb_cb, tc_classid) != 2); |
| 6b8cc1d1 DB |
9358 | |
| 9359 | off = si->off; | |
| 9360 | off -= offsetof(struct __sk_buff, tc_classid); | |
| 9361 | off += offsetof(struct sk_buff, cb); | |
| 9362 | off += offsetof(struct qdisc_skb_cb, tc_classid); | |
| f96da094 | 9363 | *target_size = 2; |
| 09c37a2c | 9364 | if (type == BPF_WRITE) |
| 6b8cc1d1 DB |
9365 | *insn++ = BPF_STX_MEM(BPF_H, si->dst_reg, |
| 9366 | si->src_reg, off); | |
| 09c37a2c | 9367 | else |
| 6b8cc1d1 DB |
9368 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, |
| 9369 | si->src_reg, off); | |
| 045efa82 DB |
9370 | break; |
| 9371 | ||
| db58ba45 | 9372 | case offsetof(struct __sk_buff, data): |
| f035a515 | 9373 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, data), |
| 6b8cc1d1 | 9374 | si->dst_reg, si->src_reg, |
| db58ba45 AS |
9375 | offsetof(struct sk_buff, data)); |
| 9376 | break; | |
| 9377 | ||
| de8f3a83 DB |
9378 | case offsetof(struct __sk_buff, data_meta): |
| 9379 | off = si->off; | |
| 9380 | off -= offsetof(struct __sk_buff, data_meta); | |
| 9381 | off += offsetof(struct sk_buff, cb); | |
| 9382 | off += offsetof(struct bpf_skb_data_end, data_meta); | |
| 9383 | *insn++ = BPF_LDX_MEM(BPF_SIZEOF(void *), si->dst_reg, | |
| 9384 | si->src_reg, off); | |
| 9385 | break; | |
| 9386 | ||
| db58ba45 | 9387 | case offsetof(struct __sk_buff, data_end): |
| 6b8cc1d1 DB |
9388 | off = si->off; |
| 9389 | off -= offsetof(struct __sk_buff, data_end); | |
| 9390 | off += offsetof(struct sk_buff, cb); | |
| 9391 | off += offsetof(struct bpf_skb_data_end, data_end); | |
| 9392 | *insn++ = BPF_LDX_MEM(BPF_SIZEOF(void *), si->dst_reg, | |
| 9393 | si->src_reg, off); | |
| db58ba45 AS |
9394 | break; |
| 9395 | ||
| d691f9e8 AS |
9396 | case offsetof(struct __sk_buff, tc_index): |
| 9397 | #ifdef CONFIG_NET_SCHED | |
| d691f9e8 | 9398 | if (type == BPF_WRITE) |
| 6b8cc1d1 | 9399 | *insn++ = BPF_STX_MEM(BPF_H, si->dst_reg, si->src_reg, |
| f96da094 DB |
9400 | bpf_target_off(struct sk_buff, tc_index, 2, |
| 9401 | target_size)); | |
| d691f9e8 | 9402 | else |
| 6b8cc1d1 | 9403 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, |
| f96da094 DB |
9404 | bpf_target_off(struct sk_buff, tc_index, 2, |
| 9405 | target_size)); | |
| d691f9e8 | 9406 | #else |
| 2ed46ce4 | 9407 | *target_size = 2; |
| d691f9e8 | 9408 | if (type == BPF_WRITE) |
| 6b8cc1d1 | 9409 | *insn++ = BPF_MOV64_REG(si->dst_reg, si->dst_reg); |
| d691f9e8 | 9410 | else |
| 6b8cc1d1 | 9411 | *insn++ = BPF_MOV64_IMM(si->dst_reg, 0); |
| b1d9fc41 DB |
9412 | #endif |
| 9413 | break; | |
| 9414 | ||
| 9415 | case offsetof(struct __sk_buff, napi_id): | |
| 9416 | #if defined(CONFIG_NET_RX_BUSY_POLL) | |
| b1d9fc41 | 9417 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| f96da094 DB |
9418 | bpf_target_off(struct sk_buff, napi_id, 4, |
| 9419 | target_size)); | |
| b1d9fc41 DB |
9420 | *insn++ = BPF_JMP_IMM(BPF_JGE, si->dst_reg, MIN_NAPI_ID, 1); |
| 9421 | *insn++ = BPF_MOV64_IMM(si->dst_reg, 0); | |
| 9422 | #else | |
| 2ed46ce4 | 9423 | *target_size = 4; |
| b1d9fc41 | 9424 | *insn++ = BPF_MOV64_IMM(si->dst_reg, 0); |
| d691f9e8 | 9425 | #endif |
| 6b8cc1d1 | 9426 | break; |
| 8a31db56 | 9427 | case offsetof(struct __sk_buff, family): |
| c593642c | 9428 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_family) != 2); |
| 8a31db56 JF |
9429 | |
| 9430 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9431 | si->dst_reg, si->src_reg, | |
| 9432 | offsetof(struct sk_buff, sk)); | |
| 9433 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, | |
| 9434 | bpf_target_off(struct sock_common, | |
| 9435 | skc_family, | |
| 9436 | 2, target_size)); | |
| 9437 | break; | |
| 9438 | case offsetof(struct __sk_buff, remote_ip4): | |
| c593642c | 9439 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_daddr) != 4); |
| 8a31db56 JF |
9440 | |
| 9441 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9442 | si->dst_reg, si->src_reg, | |
| 9443 | offsetof(struct sk_buff, sk)); | |
| 9444 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 9445 | bpf_target_off(struct sock_common, | |
| 9446 | skc_daddr, | |
| 9447 | 4, target_size)); | |
| 9448 | break; | |
| 9449 | case offsetof(struct __sk_buff, local_ip4): | |
| c593642c | 9450 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 8a31db56 JF |
9451 | skc_rcv_saddr) != 4); |
| 9452 | ||
| 9453 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9454 | si->dst_reg, si->src_reg, | |
| 9455 | offsetof(struct sk_buff, sk)); | |
| 9456 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 9457 | bpf_target_off(struct sock_common, | |
| 9458 | skc_rcv_saddr, | |
| 9459 | 4, target_size)); | |
| 9460 | break; | |
| 9461 | case offsetof(struct __sk_buff, remote_ip6[0]) ... | |
| 9462 | offsetof(struct __sk_buff, remote_ip6[3]): | |
| 9463 | #if IS_ENABLED(CONFIG_IPV6) | |
| c593642c | 9464 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 8a31db56 JF |
9465 | skc_v6_daddr.s6_addr32[0]) != 4); |
| 9466 | ||
| 9467 | off = si->off; | |
| 9468 | off -= offsetof(struct __sk_buff, remote_ip6[0]); | |
| 9469 | ||
| 9470 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9471 | si->dst_reg, si->src_reg, | |
| 9472 | offsetof(struct sk_buff, sk)); | |
| 9473 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 9474 | offsetof(struct sock_common, | |
| 9475 | skc_v6_daddr.s6_addr32[0]) + | |
| 9476 | off); | |
| 9477 | #else | |
| 9478 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 9479 | #endif | |
| 9480 | break; | |
| 9481 | case offsetof(struct __sk_buff, local_ip6[0]) ... | |
| 9482 | offsetof(struct __sk_buff, local_ip6[3]): | |
| 9483 | #if IS_ENABLED(CONFIG_IPV6) | |
| c593642c | 9484 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 8a31db56 JF |
9485 | skc_v6_rcv_saddr.s6_addr32[0]) != 4); |
| 9486 | ||
| 9487 | off = si->off; | |
| 9488 | off -= offsetof(struct __sk_buff, local_ip6[0]); | |
| 9489 | ||
| 9490 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9491 | si->dst_reg, si->src_reg, | |
| 9492 | offsetof(struct sk_buff, sk)); | |
| 9493 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 9494 | offsetof(struct sock_common, | |
| 9495 | skc_v6_rcv_saddr.s6_addr32[0]) + | |
| 9496 | off); | |
| 9497 | #else | |
| 9498 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 9499 | #endif | |
| 9500 | break; | |
| 9501 | ||
| 9502 | case offsetof(struct __sk_buff, remote_port): | |
| c593642c | 9503 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_dport) != 2); |
| 8a31db56 JF |
9504 | |
| 9505 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9506 | si->dst_reg, si->src_reg, | |
| 9507 | offsetof(struct sk_buff, sk)); | |
| 9508 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, | |
| 9509 | bpf_target_off(struct sock_common, | |
| 9510 | skc_dport, | |
| 9511 | 2, target_size)); | |
| 9512 | #ifndef __BIG_ENDIAN_BITFIELD | |
| 9513 | *insn++ = BPF_ALU32_IMM(BPF_LSH, si->dst_reg, 16); | |
| 9514 | #endif | |
| 9515 | break; | |
| 9516 | ||
| 9517 | case offsetof(struct __sk_buff, local_port): | |
| c593642c | 9518 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_num) != 2); |
| 8a31db56 JF |
9519 | |
| 9520 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9521 | si->dst_reg, si->src_reg, | |
| 9522 | offsetof(struct sk_buff, sk)); | |
| 9523 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, | |
| 9524 | bpf_target_off(struct sock_common, | |
| 9525 | skc_num, 2, target_size)); | |
| 9526 | break; | |
| d58e468b | 9527 | |
| f11216b2 | 9528 | case offsetof(struct __sk_buff, tstamp): |
| c593642c | 9529 | BUILD_BUG_ON(sizeof_field(struct sk_buff, tstamp) != 8); |
| f11216b2 VD |
9530 | |
| 9531 | if (type == BPF_WRITE) | |
| 8d21ec0e | 9532 | insn = bpf_convert_tstamp_write(prog, si, insn); |
| f11216b2 | 9533 | else |
| 8d21ec0e MKL |
9534 | insn = bpf_convert_tstamp_read(prog, si, insn); |
| 9535 | break; | |
| 9536 | ||
| 9bb984f2 MKL |
9537 | case offsetof(struct __sk_buff, tstamp_type): |
| 9538 | insn = bpf_convert_tstamp_type_read(si, insn); | |
| e3da08d0 PP |
9539 | break; |
| 9540 | ||
| d9ff286a | 9541 | case offsetof(struct __sk_buff, gso_segs): |
| 9bb05349 | 9542 | insn = bpf_convert_shinfo_access(si->dst_reg, si->src_reg, insn); |
| d9ff286a ED |
9543 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct skb_shared_info, gso_segs), |
| 9544 | si->dst_reg, si->dst_reg, | |
| 9545 | bpf_target_off(struct skb_shared_info, | |
| 9546 | gso_segs, 2, | |
| 9547 | target_size)); | |
| 9548 | break; | |
| cf62089b | 9549 | case offsetof(struct __sk_buff, gso_size): |
| 9bb05349 | 9550 | insn = bpf_convert_shinfo_access(si->dst_reg, si->src_reg, insn); |
| cf62089b WB |
9551 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct skb_shared_info, gso_size), |
| 9552 | si->dst_reg, si->dst_reg, | |
| 9553 | bpf_target_off(struct skb_shared_info, | |
| 9554 | gso_size, 2, | |
| 9555 | target_size)); | |
| 9556 | break; | |
| e3da08d0 | 9557 | case offsetof(struct __sk_buff, wire_len): |
| c593642c | 9558 | BUILD_BUG_ON(sizeof_field(struct qdisc_skb_cb, pkt_len) != 4); |
| e3da08d0 PP |
9559 | |
| 9560 | off = si->off; | |
| 9561 | off -= offsetof(struct __sk_buff, wire_len); | |
| 9562 | off += offsetof(struct sk_buff, cb); | |
| 9563 | off += offsetof(struct qdisc_skb_cb, pkt_len); | |
| 9564 | *target_size = 4; | |
| 9565 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, off); | |
| 46f8bc92 MKL |
9566 | break; |
| 9567 | ||
| 9568 | case offsetof(struct __sk_buff, sk): | |
| 9569 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, sk), | |
| 9570 | si->dst_reg, si->src_reg, | |
| 9571 | offsetof(struct sk_buff, sk)); | |
| 9572 | break; | |
| f64c4ace VF |
9573 | case offsetof(struct __sk_buff, hwtstamp): |
| 9574 | BUILD_BUG_ON(sizeof_field(struct skb_shared_hwtstamps, hwtstamp) != 8); | |
| 9575 | BUILD_BUG_ON(offsetof(struct skb_shared_hwtstamps, hwtstamp) != 0); | |
| 9576 | ||
| 9bb05349 | 9577 | insn = bpf_convert_shinfo_access(si->dst_reg, si->src_reg, insn); |
| f64c4ace VF |
9578 | *insn++ = BPF_LDX_MEM(BPF_DW, |
| 9579 | si->dst_reg, si->dst_reg, | |
| 9580 | bpf_target_off(struct skb_shared_info, | |
| 9581 | hwtstamps, 8, | |
| 9582 | target_size)); | |
| 9583 | break; | |
| 9bac3d6d AS |
9584 | } |
| 9585 | ||
| 9586 | return insn - insn_buf; | |
| 89aa0758 AS |
9587 | } |
| 9588 | ||
| c64b7983 JS |
9589 | u32 bpf_sock_convert_ctx_access(enum bpf_access_type type, |
| 9590 | const struct bpf_insn *si, | |
| 9591 | struct bpf_insn *insn_buf, | |
| 9592 | struct bpf_prog *prog, u32 *target_size) | |
| 61023658 DA |
9593 | { |
| 9594 | struct bpf_insn *insn = insn_buf; | |
| aac3fc32 | 9595 | int off; |
| 61023658 | 9596 | |
| 6b8cc1d1 | 9597 | switch (si->off) { |
| 61023658 | 9598 | case offsetof(struct bpf_sock, bound_dev_if): |
| c593642c | 9599 | BUILD_BUG_ON(sizeof_field(struct sock, sk_bound_dev_if) != 4); |
| 61023658 DA |
9600 | |
| 9601 | if (type == BPF_WRITE) | |
| 6b8cc1d1 | 9602 | *insn++ = BPF_STX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| 61023658 DA |
9603 | offsetof(struct sock, sk_bound_dev_if)); |
| 9604 | else | |
| 6b8cc1d1 | 9605 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, |
| 61023658 DA |
9606 | offsetof(struct sock, sk_bound_dev_if)); |
| 9607 | break; | |
| aa4c1037 | 9608 | |
| 482dca93 | 9609 | case offsetof(struct bpf_sock, mark): |
| c593642c | 9610 | BUILD_BUG_ON(sizeof_field(struct sock, sk_mark) != 4); |
| 482dca93 DA |
9611 | |
| 9612 | if (type == BPF_WRITE) | |
| 9613 | *insn++ = BPF_STX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 9614 | offsetof(struct sock, sk_mark)); | |
| 9615 | else | |
| 9616 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 9617 | offsetof(struct sock, sk_mark)); | |
| 9618 | break; | |
| 9619 | ||
| 9620 | case offsetof(struct bpf_sock, priority): | |
| c593642c | 9621 | BUILD_BUG_ON(sizeof_field(struct sock, sk_priority) != 4); |
| 482dca93 DA |
9622 | |
| 9623 | if (type == BPF_WRITE) | |
| 9624 | *insn++ = BPF_STX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 9625 | offsetof(struct sock, sk_priority)); | |
| 9626 | else | |
| 9627 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 9628 | offsetof(struct sock, sk_priority)); | |
| 9629 | break; | |
| 9630 | ||
| aa4c1037 | 9631 | case offsetof(struct bpf_sock, family): |
| aa65d696 MKL |
9632 | *insn++ = BPF_LDX_MEM( |
| 9633 | BPF_FIELD_SIZEOF(struct sock_common, skc_family), | |
| 9634 | si->dst_reg, si->src_reg, | |
| 9635 | bpf_target_off(struct sock_common, | |
| 9636 | skc_family, | |
| c593642c | 9637 | sizeof_field(struct sock_common, |
| aa65d696 MKL |
9638 | skc_family), |
| 9639 | target_size)); | |
| aa4c1037 DA |
9640 | break; |
| 9641 | ||
| 9642 | case offsetof(struct bpf_sock, type): | |
| bf976514 MM |
9643 | *insn++ = BPF_LDX_MEM( |
| 9644 | BPF_FIELD_SIZEOF(struct sock, sk_type), | |
| 9645 | si->dst_reg, si->src_reg, | |
| 9646 | bpf_target_off(struct sock, sk_type, | |
| 9647 | sizeof_field(struct sock, sk_type), | |
| 9648 | target_size)); | |
| aa4c1037 DA |
9649 | break; |
| 9650 | ||
| 9651 | case offsetof(struct bpf_sock, protocol): | |
| bf976514 MM |
9652 | *insn++ = BPF_LDX_MEM( |
| 9653 | BPF_FIELD_SIZEOF(struct sock, sk_protocol), | |
| 9654 | si->dst_reg, si->src_reg, | |
| 9655 | bpf_target_off(struct sock, sk_protocol, | |
| 9656 | sizeof_field(struct sock, sk_protocol), | |
| 9657 | target_size)); | |
| aa4c1037 | 9658 | break; |
| aac3fc32 AI |
9659 | |
| 9660 | case offsetof(struct bpf_sock, src_ip4): | |
| 9661 | *insn++ = BPF_LDX_MEM( | |
| 9662 | BPF_SIZE(si->code), si->dst_reg, si->src_reg, | |
| 9663 | bpf_target_off(struct sock_common, skc_rcv_saddr, | |
| c593642c | 9664 | sizeof_field(struct sock_common, |
| aac3fc32 AI |
9665 | skc_rcv_saddr), |
| 9666 | target_size)); | |
| 9667 | break; | |
| 9668 | ||
| aa65d696 MKL |
9669 | case offsetof(struct bpf_sock, dst_ip4): |
| 9670 | *insn++ = BPF_LDX_MEM( | |
| 9671 | BPF_SIZE(si->code), si->dst_reg, si->src_reg, | |
| 9672 | bpf_target_off(struct sock_common, skc_daddr, | |
| c593642c | 9673 | sizeof_field(struct sock_common, |
| aa65d696 MKL |
9674 | skc_daddr), |
| 9675 | target_size)); | |
| 9676 | break; | |
| 9677 | ||
| aac3fc32 AI |
9678 | case bpf_ctx_range_till(struct bpf_sock, src_ip6[0], src_ip6[3]): |
| 9679 | #if IS_ENABLED(CONFIG_IPV6) | |
| 9680 | off = si->off; | |
| 9681 | off -= offsetof(struct bpf_sock, src_ip6[0]); | |
| 9682 | *insn++ = BPF_LDX_MEM( | |
| 9683 | BPF_SIZE(si->code), si->dst_reg, si->src_reg, | |
| 9684 | bpf_target_off( | |
| 9685 | struct sock_common, | |
| 9686 | skc_v6_rcv_saddr.s6_addr32[0], | |
| c593642c | 9687 | sizeof_field(struct sock_common, |
| aac3fc32 AI |
9688 | skc_v6_rcv_saddr.s6_addr32[0]), |
| 9689 | target_size) + off); | |
| 9690 | #else | |
| 9691 | (void)off; | |
| 9692 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 9693 | #endif | |
| 9694 | break; | |
| 9695 | ||
| aa65d696 MKL |
9696 | case bpf_ctx_range_till(struct bpf_sock, dst_ip6[0], dst_ip6[3]): |
| 9697 | #if IS_ENABLED(CONFIG_IPV6) | |
| 9698 | off = si->off; | |
| 9699 | off -= offsetof(struct bpf_sock, dst_ip6[0]); | |
| 9700 | *insn++ = BPF_LDX_MEM( | |
| 9701 | BPF_SIZE(si->code), si->dst_reg, si->src_reg, | |
| 9702 | bpf_target_off(struct sock_common, | |
| 9703 | skc_v6_daddr.s6_addr32[0], | |
| c593642c | 9704 | sizeof_field(struct sock_common, |
| aa65d696 MKL |
9705 | skc_v6_daddr.s6_addr32[0]), |
| 9706 | target_size) + off); | |
| 9707 | #else | |
| 9708 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 9709 | *target_size = 4; | |
| 9710 | #endif | |
| 9711 | break; | |
| 9712 | ||
| aac3fc32 AI |
9713 | case offsetof(struct bpf_sock, src_port): |
| 9714 | *insn++ = BPF_LDX_MEM( | |
| 9715 | BPF_FIELD_SIZEOF(struct sock_common, skc_num), | |
| 9716 | si->dst_reg, si->src_reg, | |
| 9717 | bpf_target_off(struct sock_common, skc_num, | |
| c593642c | 9718 | sizeof_field(struct sock_common, |
| aac3fc32 AI |
9719 | skc_num), |
| 9720 | target_size)); | |
| 9721 | break; | |
| aa65d696 MKL |
9722 | |
| 9723 | case offsetof(struct bpf_sock, dst_port): | |
| 9724 | *insn++ = BPF_LDX_MEM( | |
| 9725 | BPF_FIELD_SIZEOF(struct sock_common, skc_dport), | |
| 9726 | si->dst_reg, si->src_reg, | |
| 9727 | bpf_target_off(struct sock_common, skc_dport, | |
| c593642c | 9728 | sizeof_field(struct sock_common, |
| aa65d696 MKL |
9729 | skc_dport), |
| 9730 | target_size)); | |
| 9731 | break; | |
| 9732 | ||
| 9733 | case offsetof(struct bpf_sock, state): | |
| 9734 | *insn++ = BPF_LDX_MEM( | |
| 9735 | BPF_FIELD_SIZEOF(struct sock_common, skc_state), | |
| 9736 | si->dst_reg, si->src_reg, | |
| 9737 | bpf_target_off(struct sock_common, skc_state, | |
| c593642c | 9738 | sizeof_field(struct sock_common, |
| aa65d696 MKL |
9739 | skc_state), |
| 9740 | target_size)); | |
| 9741 | break; | |
| c3c16f2e | 9742 | case offsetof(struct bpf_sock, rx_queue_mapping): |
| 4e1beecc | 9743 | #ifdef CONFIG_SOCK_RX_QUEUE_MAPPING |
| c3c16f2e AN |
9744 | *insn++ = BPF_LDX_MEM( |
| 9745 | BPF_FIELD_SIZEOF(struct sock, sk_rx_queue_mapping), | |
| 9746 | si->dst_reg, si->src_reg, | |
| 9747 | bpf_target_off(struct sock, sk_rx_queue_mapping, | |
| 9748 | sizeof_field(struct sock, | |
| 9749 | sk_rx_queue_mapping), | |
| 9750 | target_size)); | |
| 9751 | *insn++ = BPF_JMP_IMM(BPF_JNE, si->dst_reg, NO_QUEUE_MAPPING, | |
| 9752 | 1); | |
| 9753 | *insn++ = BPF_MOV64_IMM(si->dst_reg, -1); | |
| 9754 | #else | |
| 9755 | *insn++ = BPF_MOV64_IMM(si->dst_reg, -1); | |
| 9756 | *target_size = 2; | |
| 9757 | #endif | |
| 9758 | break; | |
| 61023658 DA |
9759 | } |
| 9760 | ||
| 9761 | return insn - insn_buf; | |
| 9762 | } | |
| 9763 | ||
| 6b8cc1d1 DB |
9764 | static u32 tc_cls_act_convert_ctx_access(enum bpf_access_type type, |
| 9765 | const struct bpf_insn *si, | |
| 374fb54e | 9766 | struct bpf_insn *insn_buf, |
| f96da094 | 9767 | struct bpf_prog *prog, u32 *target_size) |
| 374fb54e DB |
9768 | { |
| 9769 | struct bpf_insn *insn = insn_buf; | |
| 9770 | ||
| 6b8cc1d1 | 9771 | switch (si->off) { |
| 374fb54e | 9772 | case offsetof(struct __sk_buff, ifindex): |
| 374fb54e | 9773 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, dev), |
| 6b8cc1d1 | 9774 | si->dst_reg, si->src_reg, |
| 374fb54e | 9775 | offsetof(struct sk_buff, dev)); |
| 6b8cc1d1 | 9776 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, |
| f96da094 DB |
9777 | bpf_target_off(struct net_device, ifindex, 4, |
| 9778 | target_size)); | |
| 374fb54e DB |
9779 | break; |
| 9780 | default: | |
| f96da094 DB |
9781 | return bpf_convert_ctx_access(type, si, insn_buf, prog, |
| 9782 | target_size); | |
| 374fb54e DB |
9783 | } |
| 9784 | ||
| 9785 | return insn - insn_buf; | |
| 9786 | } | |
| 9787 | ||
| 6b8cc1d1 DB |
9788 | static u32 xdp_convert_ctx_access(enum bpf_access_type type, |
| 9789 | const struct bpf_insn *si, | |
| 6a773a15 | 9790 | struct bpf_insn *insn_buf, |
| f96da094 | 9791 | struct bpf_prog *prog, u32 *target_size) |
| 6a773a15 BB |
9792 | { |
| 9793 | struct bpf_insn *insn = insn_buf; | |
| 9794 | ||
| 6b8cc1d1 | 9795 | switch (si->off) { |
| 6a773a15 | 9796 | case offsetof(struct xdp_md, data): |
| f035a515 | 9797 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_buff, data), |
| 6b8cc1d1 | 9798 | si->dst_reg, si->src_reg, |
| 6a773a15 BB |
9799 | offsetof(struct xdp_buff, data)); |
| 9800 | break; | |
| de8f3a83 DB |
9801 | case offsetof(struct xdp_md, data_meta): |
| 9802 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_buff, data_meta), | |
| 9803 | si->dst_reg, si->src_reg, | |
| 9804 | offsetof(struct xdp_buff, data_meta)); | |
| 9805 | break; | |
| 6a773a15 | 9806 | case offsetof(struct xdp_md, data_end): |
| f035a515 | 9807 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_buff, data_end), |
| 6b8cc1d1 | 9808 | si->dst_reg, si->src_reg, |
| 6a773a15 BB |
9809 | offsetof(struct xdp_buff, data_end)); |
| 9810 | break; | |
| 02dd3291 JDB |
9811 | case offsetof(struct xdp_md, ingress_ifindex): |
| 9812 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_buff, rxq), | |
| 9813 | si->dst_reg, si->src_reg, | |
| 9814 | offsetof(struct xdp_buff, rxq)); | |
| 9815 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_rxq_info, dev), | |
| 9816 | si->dst_reg, si->dst_reg, | |
| 9817 | offsetof(struct xdp_rxq_info, dev)); | |
| 9818 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| daaf24c6 | 9819 | offsetof(struct net_device, ifindex)); |
| 02dd3291 JDB |
9820 | break; |
| 9821 | case offsetof(struct xdp_md, rx_queue_index): | |
| 9822 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_buff, rxq), | |
| 9823 | si->dst_reg, si->src_reg, | |
| 9824 | offsetof(struct xdp_buff, rxq)); | |
| 9825 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| daaf24c6 JDB |
9826 | offsetof(struct xdp_rxq_info, |
| 9827 | queue_index)); | |
| 02dd3291 | 9828 | break; |
| 64b59025 DA |
9829 | case offsetof(struct xdp_md, egress_ifindex): |
| 9830 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_buff, txq), | |
| 9831 | si->dst_reg, si->src_reg, | |
| 9832 | offsetof(struct xdp_buff, txq)); | |
| 9833 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct xdp_txq_info, dev), | |
| 9834 | si->dst_reg, si->dst_reg, | |
| 9835 | offsetof(struct xdp_txq_info, dev)); | |
| 9836 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 9837 | offsetof(struct net_device, ifindex)); | |
| 9838 | break; | |
| 6a773a15 BB |
9839 | } |
| 9840 | ||
| 9841 | return insn - insn_buf; | |
| 9842 | } | |
| 9843 | ||
| 4fbac77d AI |
9844 | /* SOCK_ADDR_LOAD_NESTED_FIELD() loads Nested Field S.F.NF where S is type of |
| 9845 | * context Structure, F is Field in context structure that contains a pointer | |
| 9846 | * to Nested Structure of type NS that has the field NF. | |
| 9847 | * | |
| 9848 | * SIZE encodes the load size (BPF_B, BPF_H, etc). It's up to caller to make | |
| 9849 | * sure that SIZE is not greater than actual size of S.F.NF. | |
| 9850 | * | |
| 9851 | * If offset OFF is provided, the load happens from that offset relative to | |
| 9852 | * offset of NF. | |
| 9853 | */ | |
| 9854 | #define SOCK_ADDR_LOAD_NESTED_FIELD_SIZE_OFF(S, NS, F, NF, SIZE, OFF) \ | |
| 9855 | do { \ | |
| 9856 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(S, F), si->dst_reg, \ | |
| 9857 | si->src_reg, offsetof(S, F)); \ | |
| 9858 | *insn++ = BPF_LDX_MEM( \ | |
| 9859 | SIZE, si->dst_reg, si->dst_reg, \ | |
| c593642c | 9860 | bpf_target_off(NS, NF, sizeof_field(NS, NF), \ |
| 4fbac77d AI |
9861 | target_size) \ |
| 9862 | + OFF); \ | |
| 9863 | } while (0) | |
| 9864 | ||
| 9865 | #define SOCK_ADDR_LOAD_NESTED_FIELD(S, NS, F, NF) \ | |
| 9866 | SOCK_ADDR_LOAD_NESTED_FIELD_SIZE_OFF(S, NS, F, NF, \ | |
| 9867 | BPF_FIELD_SIZEOF(NS, NF), 0) | |
| 9868 | ||
| 9869 | /* SOCK_ADDR_STORE_NESTED_FIELD_OFF() has semantic similar to | |
| 9870 | * SOCK_ADDR_LOAD_NESTED_FIELD_SIZE_OFF() but for store operation. | |
| 9871 | * | |
| 4fbac77d AI |
9872 | * In addition it uses Temporary Field TF (member of struct S) as the 3rd |
| 9873 | * "register" since two registers available in convert_ctx_access are not | |
| 9874 | * enough: we can't override neither SRC, since it contains value to store, nor | |
| 9875 | * DST since it contains pointer to context that may be used by later | |
| 9876 | * instructions. But we need a temporary place to save pointer to nested | |
| 9877 | * structure whose field we want to store to. | |
| 9878 | */ | |
| 600c70ba | 9879 | #define SOCK_ADDR_STORE_NESTED_FIELD_OFF(S, NS, F, NF, SIZE, OFF, TF) \ |
| 4fbac77d AI |
9880 | do { \ |
| 9881 | int tmp_reg = BPF_REG_9; \ | |
| 9882 | if (si->src_reg == tmp_reg || si->dst_reg == tmp_reg) \ | |
| 9883 | --tmp_reg; \ | |
| 9884 | if (si->src_reg == tmp_reg || si->dst_reg == tmp_reg) \ | |
| 9885 | --tmp_reg; \ | |
| 9886 | *insn++ = BPF_STX_MEM(BPF_DW, si->dst_reg, tmp_reg, \ | |
| 9887 | offsetof(S, TF)); \ | |
| 9888 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(S, F), tmp_reg, \ | |
| 9889 | si->dst_reg, offsetof(S, F)); \ | |
| 600c70ba | 9890 | *insn++ = BPF_STX_MEM(SIZE, tmp_reg, si->src_reg, \ |
| c593642c | 9891 | bpf_target_off(NS, NF, sizeof_field(NS, NF), \ |
| 4fbac77d AI |
9892 | target_size) \ |
| 9893 | + OFF); \ | |
| 9894 | *insn++ = BPF_LDX_MEM(BPF_DW, tmp_reg, si->dst_reg, \ | |
| 9895 | offsetof(S, TF)); \ | |
| 9896 | } while (0) | |
| 9897 | ||
| 9898 | #define SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF(S, NS, F, NF, SIZE, OFF, \ | |
| 9899 | TF) \ | |
| 9900 | do { \ | |
| 9901 | if (type == BPF_WRITE) { \ | |
| 600c70ba SF |
9902 | SOCK_ADDR_STORE_NESTED_FIELD_OFF(S, NS, F, NF, SIZE, \ |
| 9903 | OFF, TF); \ | |
| 4fbac77d AI |
9904 | } else { \ |
| 9905 | SOCK_ADDR_LOAD_NESTED_FIELD_SIZE_OFF( \ | |
| 9906 | S, NS, F, NF, SIZE, OFF); \ | |
| 9907 | } \ | |
| 9908 | } while (0) | |
| 9909 | ||
| 9910 | #define SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD(S, NS, F, NF, TF) \ | |
| 9911 | SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF( \ | |
| 9912 | S, NS, F, NF, BPF_FIELD_SIZEOF(NS, NF), 0, TF) | |
| 9913 | ||
| 9914 | static u32 sock_addr_convert_ctx_access(enum bpf_access_type type, | |
| 9915 | const struct bpf_insn *si, | |
| 9916 | struct bpf_insn *insn_buf, | |
| 9917 | struct bpf_prog *prog, u32 *target_size) | |
| 9918 | { | |
| 7aebfa1b | 9919 | int off, port_size = sizeof_field(struct sockaddr_in6, sin6_port); |
| 4fbac77d | 9920 | struct bpf_insn *insn = insn_buf; |
| 4fbac77d AI |
9921 | |
| 9922 | switch (si->off) { | |
| 9923 | case offsetof(struct bpf_sock_addr, user_family): | |
| 9924 | SOCK_ADDR_LOAD_NESTED_FIELD(struct bpf_sock_addr_kern, | |
| 9925 | struct sockaddr, uaddr, sa_family); | |
| 9926 | break; | |
| 9927 | ||
| 9928 | case offsetof(struct bpf_sock_addr, user_ip4): | |
| 9929 | SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF( | |
| 9930 | struct bpf_sock_addr_kern, struct sockaddr_in, uaddr, | |
| 9931 | sin_addr, BPF_SIZE(si->code), 0, tmp_reg); | |
| 9932 | break; | |
| 9933 | ||
| 9934 | case bpf_ctx_range_till(struct bpf_sock_addr, user_ip6[0], user_ip6[3]): | |
| 9935 | off = si->off; | |
| 9936 | off -= offsetof(struct bpf_sock_addr, user_ip6[0]); | |
| 9937 | SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF( | |
| 9938 | struct bpf_sock_addr_kern, struct sockaddr_in6, uaddr, | |
| 9939 | sin6_addr.s6_addr32[0], BPF_SIZE(si->code), off, | |
| 9940 | tmp_reg); | |
| 9941 | break; | |
| 9942 | ||
| 9943 | case offsetof(struct bpf_sock_addr, user_port): | |
| 9944 | /* To get port we need to know sa_family first and then treat | |
| 9945 | * sockaddr as either sockaddr_in or sockaddr_in6. | |
| 9946 | * Though we can simplify since port field has same offset and | |
| 9947 | * size in both structures. | |
| 9948 | * Here we check this invariant and use just one of the | |
| 9949 | * structures if it's true. | |
| 9950 | */ | |
| 9951 | BUILD_BUG_ON(offsetof(struct sockaddr_in, sin_port) != | |
| 9952 | offsetof(struct sockaddr_in6, sin6_port)); | |
| c593642c PB |
9953 | BUILD_BUG_ON(sizeof_field(struct sockaddr_in, sin_port) != |
| 9954 | sizeof_field(struct sockaddr_in6, sin6_port)); | |
| 7aebfa1b AI |
9955 | /* Account for sin6_port being smaller than user_port. */ |
| 9956 | port_size = min(port_size, BPF_LDST_BYTES(si)); | |
| 9957 | SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF( | |
| 9958 | struct bpf_sock_addr_kern, struct sockaddr_in6, uaddr, | |
| 9959 | sin6_port, bytes_to_bpf_size(port_size), 0, tmp_reg); | |
| 4fbac77d AI |
9960 | break; |
| 9961 | ||
| 9962 | case offsetof(struct bpf_sock_addr, family): | |
| 9963 | SOCK_ADDR_LOAD_NESTED_FIELD(struct bpf_sock_addr_kern, | |
| 9964 | struct sock, sk, sk_family); | |
| 9965 | break; | |
| 9966 | ||
| 9967 | case offsetof(struct bpf_sock_addr, type): | |
| bf976514 MM |
9968 | SOCK_ADDR_LOAD_NESTED_FIELD(struct bpf_sock_addr_kern, |
| 9969 | struct sock, sk, sk_type); | |
| 4fbac77d AI |
9970 | break; |
| 9971 | ||
| 9972 | case offsetof(struct bpf_sock_addr, protocol): | |
| bf976514 MM |
9973 | SOCK_ADDR_LOAD_NESTED_FIELD(struct bpf_sock_addr_kern, |
| 9974 | struct sock, sk, sk_protocol); | |
| 4fbac77d | 9975 | break; |
| 1cedee13 AI |
9976 | |
| 9977 | case offsetof(struct bpf_sock_addr, msg_src_ip4): | |
| 9978 | /* Treat t_ctx as struct in_addr for msg_src_ip4. */ | |
| 9979 | SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF( | |
| 9980 | struct bpf_sock_addr_kern, struct in_addr, t_ctx, | |
| 9981 | s_addr, BPF_SIZE(si->code), 0, tmp_reg); | |
| 9982 | break; | |
| 9983 | ||
| 9984 | case bpf_ctx_range_till(struct bpf_sock_addr, msg_src_ip6[0], | |
| 9985 | msg_src_ip6[3]): | |
| 9986 | off = si->off; | |
| 9987 | off -= offsetof(struct bpf_sock_addr, msg_src_ip6[0]); | |
| 9988 | /* Treat t_ctx as struct in6_addr for msg_src_ip6. */ | |
| 9989 | SOCK_ADDR_LOAD_OR_STORE_NESTED_FIELD_SIZE_OFF( | |
| 9990 | struct bpf_sock_addr_kern, struct in6_addr, t_ctx, | |
| 9991 | s6_addr32[0], BPF_SIZE(si->code), off, tmp_reg); | |
| 9992 | break; | |
| fb85c4a7 SF |
9993 | case offsetof(struct bpf_sock_addr, sk): |
| 9994 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_addr_kern, sk), | |
| 9995 | si->dst_reg, si->src_reg, | |
| 9996 | offsetof(struct bpf_sock_addr_kern, sk)); | |
| 9997 | break; | |
| 4fbac77d AI |
9998 | } |
| 9999 | ||
| 10000 | return insn - insn_buf; | |
| 10001 | } | |
| 10002 | ||
| 40304b2a LB |
10003 | static u32 sock_ops_convert_ctx_access(enum bpf_access_type type, |
| 10004 | const struct bpf_insn *si, | |
| 10005 | struct bpf_insn *insn_buf, | |
| f96da094 DB |
10006 | struct bpf_prog *prog, |
| 10007 | u32 *target_size) | |
| 40304b2a LB |
10008 | { |
| 10009 | struct bpf_insn *insn = insn_buf; | |
| 10010 | int off; | |
| 10011 | ||
| 9b1f3d6e MKL |
10012 | /* Helper macro for adding read access to tcp_sock or sock fields. */ |
| 10013 | #define SOCK_OPS_GET_FIELD(BPF_FIELD, OBJ_FIELD, OBJ) \ | |
| 10014 | do { \ | |
| fd09af01 | 10015 | int fullsock_reg = si->dst_reg, reg = BPF_REG_9, jmp = 2; \ |
| c593642c PB |
10016 | BUILD_BUG_ON(sizeof_field(OBJ, OBJ_FIELD) > \ |
| 10017 | sizeof_field(struct bpf_sock_ops, BPF_FIELD)); \ | |
| fd09af01 JF |
10018 | if (si->dst_reg == reg || si->src_reg == reg) \ |
| 10019 | reg--; \ | |
| 10020 | if (si->dst_reg == reg || si->src_reg == reg) \ | |
| 10021 | reg--; \ | |
| 10022 | if (si->dst_reg == si->src_reg) { \ | |
| 10023 | *insn++ = BPF_STX_MEM(BPF_DW, si->src_reg, reg, \ | |
| 10024 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10025 | temp)); \ | |
| 10026 | fullsock_reg = reg; \ | |
| 10027 | jmp += 2; \ | |
| 10028 | } \ | |
| 9b1f3d6e MKL |
10029 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ |
| 10030 | struct bpf_sock_ops_kern, \ | |
| 10031 | is_fullsock), \ | |
| fd09af01 | 10032 | fullsock_reg, si->src_reg, \ |
| 9b1f3d6e MKL |
10033 | offsetof(struct bpf_sock_ops_kern, \ |
| 10034 | is_fullsock)); \ | |
| fd09af01 JF |
10035 | *insn++ = BPF_JMP_IMM(BPF_JEQ, fullsock_reg, 0, jmp); \ |
| 10036 | if (si->dst_reg == si->src_reg) \ | |
| 10037 | *insn++ = BPF_LDX_MEM(BPF_DW, reg, si->src_reg, \ | |
| 10038 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10039 | temp)); \ | |
| 9b1f3d6e MKL |
10040 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ |
| 10041 | struct bpf_sock_ops_kern, sk),\ | |
| 10042 | si->dst_reg, si->src_reg, \ | |
| 10043 | offsetof(struct bpf_sock_ops_kern, sk));\ | |
| 10044 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(OBJ, \ | |
| 10045 | OBJ_FIELD), \ | |
| 10046 | si->dst_reg, si->dst_reg, \ | |
| 10047 | offsetof(OBJ, OBJ_FIELD)); \ | |
| fd09af01 JF |
10048 | if (si->dst_reg == si->src_reg) { \ |
| 10049 | *insn++ = BPF_JMP_A(1); \ | |
| 10050 | *insn++ = BPF_LDX_MEM(BPF_DW, reg, si->src_reg, \ | |
| 10051 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10052 | temp)); \ | |
| 10053 | } \ | |
| 9b1f3d6e MKL |
10054 | } while (0) |
| 10055 | ||
| 84f44df6 JF |
10056 | #define SOCK_OPS_GET_SK() \ |
| 10057 | do { \ | |
| 10058 | int fullsock_reg = si->dst_reg, reg = BPF_REG_9, jmp = 1; \ | |
| 10059 | if (si->dst_reg == reg || si->src_reg == reg) \ | |
| 10060 | reg--; \ | |
| 10061 | if (si->dst_reg == reg || si->src_reg == reg) \ | |
| 10062 | reg--; \ | |
| 10063 | if (si->dst_reg == si->src_reg) { \ | |
| 10064 | *insn++ = BPF_STX_MEM(BPF_DW, si->src_reg, reg, \ | |
| 10065 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10066 | temp)); \ | |
| 10067 | fullsock_reg = reg; \ | |
| 10068 | jmp += 2; \ | |
| 10069 | } \ | |
| 10070 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ | |
| 10071 | struct bpf_sock_ops_kern, \ | |
| 10072 | is_fullsock), \ | |
| 10073 | fullsock_reg, si->src_reg, \ | |
| 10074 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10075 | is_fullsock)); \ | |
| 10076 | *insn++ = BPF_JMP_IMM(BPF_JEQ, fullsock_reg, 0, jmp); \ | |
| 10077 | if (si->dst_reg == si->src_reg) \ | |
| 10078 | *insn++ = BPF_LDX_MEM(BPF_DW, reg, si->src_reg, \ | |
| 10079 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10080 | temp)); \ | |
| 10081 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ | |
| 10082 | struct bpf_sock_ops_kern, sk),\ | |
| 10083 | si->dst_reg, si->src_reg, \ | |
| 10084 | offsetof(struct bpf_sock_ops_kern, sk));\ | |
| 10085 | if (si->dst_reg == si->src_reg) { \ | |
| 10086 | *insn++ = BPF_JMP_A(1); \ | |
| 10087 | *insn++ = BPF_LDX_MEM(BPF_DW, reg, si->src_reg, \ | |
| 10088 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10089 | temp)); \ | |
| 10090 | } \ | |
| 10091 | } while (0) | |
| 10092 | ||
| 9b1f3d6e MKL |
10093 | #define SOCK_OPS_GET_TCP_SOCK_FIELD(FIELD) \ |
| 10094 | SOCK_OPS_GET_FIELD(FIELD, FIELD, struct tcp_sock) | |
| 10095 | ||
| 10096 | /* Helper macro for adding write access to tcp_sock or sock fields. | |
| 10097 | * The macro is called with two registers, dst_reg which contains a pointer | |
| 10098 | * to ctx (context) and src_reg which contains the value that should be | |
| 10099 | * stored. However, we need an additional register since we cannot overwrite | |
| 10100 | * dst_reg because it may be used later in the program. | |
| 10101 | * Instead we "borrow" one of the other register. We first save its value | |
| 10102 | * into a new (temp) field in bpf_sock_ops_kern, use it, and then restore | |
| 10103 | * it at the end of the macro. | |
| 10104 | */ | |
| 10105 | #define SOCK_OPS_SET_FIELD(BPF_FIELD, OBJ_FIELD, OBJ) \ | |
| 10106 | do { \ | |
| 10107 | int reg = BPF_REG_9; \ | |
| c593642c PB |
10108 | BUILD_BUG_ON(sizeof_field(OBJ, OBJ_FIELD) > \ |
| 10109 | sizeof_field(struct bpf_sock_ops, BPF_FIELD)); \ | |
| 9b1f3d6e MKL |
10110 | if (si->dst_reg == reg || si->src_reg == reg) \ |
| 10111 | reg--; \ | |
| 10112 | if (si->dst_reg == reg || si->src_reg == reg) \ | |
| 10113 | reg--; \ | |
| 10114 | *insn++ = BPF_STX_MEM(BPF_DW, si->dst_reg, reg, \ | |
| 10115 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10116 | temp)); \ | |
| 10117 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ | |
| 10118 | struct bpf_sock_ops_kern, \ | |
| 10119 | is_fullsock), \ | |
| 10120 | reg, si->dst_reg, \ | |
| 10121 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10122 | is_fullsock)); \ | |
| 10123 | *insn++ = BPF_JMP_IMM(BPF_JEQ, reg, 0, 2); \ | |
| 10124 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( \ | |
| 10125 | struct bpf_sock_ops_kern, sk),\ | |
| 10126 | reg, si->dst_reg, \ | |
| 10127 | offsetof(struct bpf_sock_ops_kern, sk));\ | |
| 10128 | *insn++ = BPF_STX_MEM(BPF_FIELD_SIZEOF(OBJ, OBJ_FIELD), \ | |
| 10129 | reg, si->src_reg, \ | |
| 10130 | offsetof(OBJ, OBJ_FIELD)); \ | |
| 10131 | *insn++ = BPF_LDX_MEM(BPF_DW, reg, si->dst_reg, \ | |
| 10132 | offsetof(struct bpf_sock_ops_kern, \ | |
| 10133 | temp)); \ | |
| 10134 | } while (0) | |
| 10135 | ||
| 10136 | #define SOCK_OPS_GET_OR_SET_FIELD(BPF_FIELD, OBJ_FIELD, OBJ, TYPE) \ | |
| 10137 | do { \ | |
| 10138 | if (TYPE == BPF_WRITE) \ | |
| 10139 | SOCK_OPS_SET_FIELD(BPF_FIELD, OBJ_FIELD, OBJ); \ | |
| 10140 | else \ | |
| 10141 | SOCK_OPS_GET_FIELD(BPF_FIELD, OBJ_FIELD, OBJ); \ | |
| 10142 | } while (0) | |
| 10143 | ||
| 9b1f3d6e MKL |
10144 | if (insn > insn_buf) |
| 10145 | return insn - insn_buf; | |
| 10146 | ||
| 40304b2a | 10147 | switch (si->off) { |
| c9985d09 MKL |
10148 | case offsetof(struct bpf_sock_ops, op): |
| 10149 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_ops_kern, | |
| 10150 | op), | |
| 10151 | si->dst_reg, si->src_reg, | |
| 10152 | offsetof(struct bpf_sock_ops_kern, op)); | |
| 10153 | break; | |
| 10154 | ||
| 10155 | case offsetof(struct bpf_sock_ops, replylong[0]) ... | |
| 40304b2a | 10156 | offsetof(struct bpf_sock_ops, replylong[3]): |
| c593642c PB |
10157 | BUILD_BUG_ON(sizeof_field(struct bpf_sock_ops, reply) != |
| 10158 | sizeof_field(struct bpf_sock_ops_kern, reply)); | |
| 10159 | BUILD_BUG_ON(sizeof_field(struct bpf_sock_ops, replylong) != | |
| 10160 | sizeof_field(struct bpf_sock_ops_kern, replylong)); | |
| 40304b2a | 10161 | off = si->off; |
| c9985d09 MKL |
10162 | off -= offsetof(struct bpf_sock_ops, replylong[0]); |
| 10163 | off += offsetof(struct bpf_sock_ops_kern, replylong[0]); | |
| 40304b2a LB |
10164 | if (type == BPF_WRITE) |
| 10165 | *insn++ = BPF_STX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 10166 | off); | |
| 10167 | else | |
| 10168 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 10169 | off); | |
| 10170 | break; | |
| 10171 | ||
| 10172 | case offsetof(struct bpf_sock_ops, family): | |
| c593642c | 10173 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_family) != 2); |
| 40304b2a LB |
10174 | |
| 10175 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10176 | struct bpf_sock_ops_kern, sk), | |
| 10177 | si->dst_reg, si->src_reg, | |
| 10178 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10179 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, | |
| 10180 | offsetof(struct sock_common, skc_family)); | |
| 10181 | break; | |
| 10182 | ||
| 10183 | case offsetof(struct bpf_sock_ops, remote_ip4): | |
| c593642c | 10184 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_daddr) != 4); |
| 40304b2a LB |
10185 | |
| 10186 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10187 | struct bpf_sock_ops_kern, sk), | |
| 10188 | si->dst_reg, si->src_reg, | |
| 10189 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10190 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 10191 | offsetof(struct sock_common, skc_daddr)); | |
| 10192 | break; | |
| 10193 | ||
| 10194 | case offsetof(struct bpf_sock_ops, local_ip4): | |
| c593642c | 10195 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 303def35 | 10196 | skc_rcv_saddr) != 4); |
| 40304b2a LB |
10197 | |
| 10198 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10199 | struct bpf_sock_ops_kern, sk), | |
| 10200 | si->dst_reg, si->src_reg, | |
| 10201 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10202 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 10203 | offsetof(struct sock_common, | |
| 10204 | skc_rcv_saddr)); | |
| 10205 | break; | |
| 10206 | ||
| 10207 | case offsetof(struct bpf_sock_ops, remote_ip6[0]) ... | |
| 10208 | offsetof(struct bpf_sock_ops, remote_ip6[3]): | |
| 10209 | #if IS_ENABLED(CONFIG_IPV6) | |
| c593642c | 10210 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 40304b2a LB |
10211 | skc_v6_daddr.s6_addr32[0]) != 4); |
| 10212 | ||
| 10213 | off = si->off; | |
| 10214 | off -= offsetof(struct bpf_sock_ops, remote_ip6[0]); | |
| 10215 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10216 | struct bpf_sock_ops_kern, sk), | |
| 10217 | si->dst_reg, si->src_reg, | |
| 10218 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10219 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 10220 | offsetof(struct sock_common, | |
| 10221 | skc_v6_daddr.s6_addr32[0]) + | |
| 10222 | off); | |
| 10223 | #else | |
| 10224 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 10225 | #endif | |
| 10226 | break; | |
| 10227 | ||
| 10228 | case offsetof(struct bpf_sock_ops, local_ip6[0]) ... | |
| 10229 | offsetof(struct bpf_sock_ops, local_ip6[3]): | |
| 10230 | #if IS_ENABLED(CONFIG_IPV6) | |
| c593642c | 10231 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 40304b2a LB |
10232 | skc_v6_rcv_saddr.s6_addr32[0]) != 4); |
| 10233 | ||
| 10234 | off = si->off; | |
| 10235 | off -= offsetof(struct bpf_sock_ops, local_ip6[0]); | |
| 10236 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10237 | struct bpf_sock_ops_kern, sk), | |
| 10238 | si->dst_reg, si->src_reg, | |
| 10239 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10240 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 10241 | offsetof(struct sock_common, | |
| 10242 | skc_v6_rcv_saddr.s6_addr32[0]) + | |
| 10243 | off); | |
| 10244 | #else | |
| 10245 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 10246 | #endif | |
| 10247 | break; | |
| 10248 | ||
| 10249 | case offsetof(struct bpf_sock_ops, remote_port): | |
| c593642c | 10250 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_dport) != 2); |
| 40304b2a LB |
10251 | |
| 10252 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10253 | struct bpf_sock_ops_kern, sk), | |
| 10254 | si->dst_reg, si->src_reg, | |
| 10255 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10256 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, | |
| 10257 | offsetof(struct sock_common, skc_dport)); | |
| 10258 | #ifndef __BIG_ENDIAN_BITFIELD | |
| 10259 | *insn++ = BPF_ALU32_IMM(BPF_LSH, si->dst_reg, 16); | |
| 10260 | #endif | |
| 10261 | break; | |
| 10262 | ||
| 10263 | case offsetof(struct bpf_sock_ops, local_port): | |
| c593642c | 10264 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_num) != 2); |
| 40304b2a LB |
10265 | |
| 10266 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10267 | struct bpf_sock_ops_kern, sk), | |
| 10268 | si->dst_reg, si->src_reg, | |
| 10269 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10270 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, | |
| 10271 | offsetof(struct sock_common, skc_num)); | |
| 10272 | break; | |
| f19397a5 LB |
10273 | |
| 10274 | case offsetof(struct bpf_sock_ops, is_fullsock): | |
| 10275 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10276 | struct bpf_sock_ops_kern, | |
| 10277 | is_fullsock), | |
| 10278 | si->dst_reg, si->src_reg, | |
| 10279 | offsetof(struct bpf_sock_ops_kern, | |
| 10280 | is_fullsock)); | |
| 10281 | break; | |
| 10282 | ||
| 44f0e430 | 10283 | case offsetof(struct bpf_sock_ops, state): |
| c593642c | 10284 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_state) != 1); |
| 44f0e430 LB |
10285 | |
| 10286 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10287 | struct bpf_sock_ops_kern, sk), | |
| 10288 | si->dst_reg, si->src_reg, | |
| 10289 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10290 | *insn++ = BPF_LDX_MEM(BPF_B, si->dst_reg, si->dst_reg, | |
| 10291 | offsetof(struct sock_common, skc_state)); | |
| 10292 | break; | |
| 10293 | ||
| 10294 | case offsetof(struct bpf_sock_ops, rtt_min): | |
| c593642c | 10295 | BUILD_BUG_ON(sizeof_field(struct tcp_sock, rtt_min) != |
| 44f0e430 LB |
10296 | sizeof(struct minmax)); |
| 10297 | BUILD_BUG_ON(sizeof(struct minmax) < | |
| 10298 | sizeof(struct minmax_sample)); | |
| 10299 | ||
| 10300 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 10301 | struct bpf_sock_ops_kern, sk), | |
| 10302 | si->dst_reg, si->src_reg, | |
| 10303 | offsetof(struct bpf_sock_ops_kern, sk)); | |
| 10304 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, | |
| 10305 | offsetof(struct tcp_sock, rtt_min) + | |
| c593642c | 10306 | sizeof_field(struct minmax_sample, t)); |
| 44f0e430 LB |
10307 | break; |
| 10308 | ||
| b13d8807 LB |
10309 | case offsetof(struct bpf_sock_ops, bpf_sock_ops_cb_flags): |
| 10310 | SOCK_OPS_GET_FIELD(bpf_sock_ops_cb_flags, bpf_sock_ops_cb_flags, | |
| 10311 | struct tcp_sock); | |
| 10312 | break; | |
| 44f0e430 | 10313 | |
| 44f0e430 | 10314 | case offsetof(struct bpf_sock_ops, sk_txhash): |
| 6f9bd3d7 LB |
10315 | SOCK_OPS_GET_OR_SET_FIELD(sk_txhash, sk_txhash, |
| 10316 | struct sock, type); | |
| 44f0e430 | 10317 | break; |
| 2377b81d SF |
10318 | case offsetof(struct bpf_sock_ops, snd_cwnd): |
| 10319 | SOCK_OPS_GET_TCP_SOCK_FIELD(snd_cwnd); | |
| 10320 | break; | |
| 10321 | case offsetof(struct bpf_sock_ops, srtt_us): | |
| 10322 | SOCK_OPS_GET_TCP_SOCK_FIELD(srtt_us); | |
| 10323 | break; | |
| 10324 | case offsetof(struct bpf_sock_ops, snd_ssthresh): | |
| 10325 | SOCK_OPS_GET_TCP_SOCK_FIELD(snd_ssthresh); | |
| 10326 | break; | |
| 10327 | case offsetof(struct bpf_sock_ops, rcv_nxt): | |
| 10328 | SOCK_OPS_GET_TCP_SOCK_FIELD(rcv_nxt); | |
| 10329 | break; | |
| 10330 | case offsetof(struct bpf_sock_ops, snd_nxt): | |
| 10331 | SOCK_OPS_GET_TCP_SOCK_FIELD(snd_nxt); | |
| 10332 | break; | |
| 10333 | case offsetof(struct bpf_sock_ops, snd_una): | |
| 10334 | SOCK_OPS_GET_TCP_SOCK_FIELD(snd_una); | |
| 10335 | break; | |
| 10336 | case offsetof(struct bpf_sock_ops, mss_cache): | |
| 10337 | SOCK_OPS_GET_TCP_SOCK_FIELD(mss_cache); | |
| 10338 | break; | |
| 10339 | case offsetof(struct bpf_sock_ops, ecn_flags): | |
| 10340 | SOCK_OPS_GET_TCP_SOCK_FIELD(ecn_flags); | |
| 10341 | break; | |
| 10342 | case offsetof(struct bpf_sock_ops, rate_delivered): | |
| 10343 | SOCK_OPS_GET_TCP_SOCK_FIELD(rate_delivered); | |
| 10344 | break; | |
| 10345 | case offsetof(struct bpf_sock_ops, rate_interval_us): | |
| 10346 | SOCK_OPS_GET_TCP_SOCK_FIELD(rate_interval_us); | |
| 10347 | break; | |
| 10348 | case offsetof(struct bpf_sock_ops, packets_out): | |
| 10349 | SOCK_OPS_GET_TCP_SOCK_FIELD(packets_out); | |
| 10350 | break; | |
| 10351 | case offsetof(struct bpf_sock_ops, retrans_out): | |
| 10352 | SOCK_OPS_GET_TCP_SOCK_FIELD(retrans_out); | |
| 10353 | break; | |
| 10354 | case offsetof(struct bpf_sock_ops, total_retrans): | |
| 10355 | SOCK_OPS_GET_TCP_SOCK_FIELD(total_retrans); | |
| 10356 | break; | |
| 10357 | case offsetof(struct bpf_sock_ops, segs_in): | |
| 10358 | SOCK_OPS_GET_TCP_SOCK_FIELD(segs_in); | |
| 10359 | break; | |
| 10360 | case offsetof(struct bpf_sock_ops, data_segs_in): | |
| 10361 | SOCK_OPS_GET_TCP_SOCK_FIELD(data_segs_in); | |
| 10362 | break; | |
| 10363 | case offsetof(struct bpf_sock_ops, segs_out): | |
| 10364 | SOCK_OPS_GET_TCP_SOCK_FIELD(segs_out); | |
| 10365 | break; | |
| 10366 | case offsetof(struct bpf_sock_ops, data_segs_out): | |
| 10367 | SOCK_OPS_GET_TCP_SOCK_FIELD(data_segs_out); | |
| 10368 | break; | |
| 10369 | case offsetof(struct bpf_sock_ops, lost_out): | |
| 10370 | SOCK_OPS_GET_TCP_SOCK_FIELD(lost_out); | |
| 10371 | break; | |
| 10372 | case offsetof(struct bpf_sock_ops, sacked_out): | |
| 10373 | SOCK_OPS_GET_TCP_SOCK_FIELD(sacked_out); | |
| 10374 | break; | |
| 10375 | case offsetof(struct bpf_sock_ops, bytes_received): | |
| 10376 | SOCK_OPS_GET_TCP_SOCK_FIELD(bytes_received); | |
| 10377 | break; | |
| 10378 | case offsetof(struct bpf_sock_ops, bytes_acked): | |
| 10379 | SOCK_OPS_GET_TCP_SOCK_FIELD(bytes_acked); | |
| 10380 | break; | |
| 1314ef56 | 10381 | case offsetof(struct bpf_sock_ops, sk): |
| 84f44df6 | 10382 | SOCK_OPS_GET_SK(); |
| 1314ef56 | 10383 | break; |
| 0813a841 MKL |
10384 | case offsetof(struct bpf_sock_ops, skb_data_end): |
| 10385 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_ops_kern, | |
| 10386 | skb_data_end), | |
| 10387 | si->dst_reg, si->src_reg, | |
| 10388 | offsetof(struct bpf_sock_ops_kern, | |
| 10389 | skb_data_end)); | |
| 10390 | break; | |
| 10391 | case offsetof(struct bpf_sock_ops, skb_data): | |
| 10392 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_ops_kern, | |
| 10393 | skb), | |
| 10394 | si->dst_reg, si->src_reg, | |
| 10395 | offsetof(struct bpf_sock_ops_kern, | |
| 10396 | skb)); | |
| 10397 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); | |
| 10398 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, data), | |
| 10399 | si->dst_reg, si->dst_reg, | |
| 10400 | offsetof(struct sk_buff, data)); | |
| 10401 | break; | |
| 10402 | case offsetof(struct bpf_sock_ops, skb_len): | |
| 10403 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_ops_kern, | |
| 10404 | skb), | |
| 10405 | si->dst_reg, si->src_reg, | |
| 10406 | offsetof(struct bpf_sock_ops_kern, | |
| 10407 | skb)); | |
| 10408 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); | |
| 10409 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, len), | |
| 10410 | si->dst_reg, si->dst_reg, | |
| 10411 | offsetof(struct sk_buff, len)); | |
| 10412 | break; | |
| 10413 | case offsetof(struct bpf_sock_ops, skb_tcp_flags): | |
| 10414 | off = offsetof(struct sk_buff, cb); | |
| 10415 | off += offsetof(struct tcp_skb_cb, tcp_flags); | |
| 10416 | *target_size = sizeof_field(struct tcp_skb_cb, tcp_flags); | |
| 10417 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_ops_kern, | |
| 10418 | skb), | |
| 10419 | si->dst_reg, si->src_reg, | |
| 10420 | offsetof(struct bpf_sock_ops_kern, | |
| 10421 | skb)); | |
| 10422 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); | |
| 10423 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct tcp_skb_cb, | |
| 10424 | tcp_flags), | |
| 10425 | si->dst_reg, si->dst_reg, off); | |
| 10426 | break; | |
| 9bb05349 MKL |
10427 | case offsetof(struct bpf_sock_ops, skb_hwtstamp): { |
| 10428 | struct bpf_insn *jmp_on_null_skb; | |
| 10429 | ||
| 10430 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct bpf_sock_ops_kern, | |
| 10431 | skb), | |
| 10432 | si->dst_reg, si->src_reg, | |
| 10433 | offsetof(struct bpf_sock_ops_kern, | |
| 10434 | skb)); | |
| 10435 | /* Reserve one insn to test skb == NULL */ | |
| 10436 | jmp_on_null_skb = insn++; | |
| 10437 | insn = bpf_convert_shinfo_access(si->dst_reg, si->dst_reg, insn); | |
| 10438 | *insn++ = BPF_LDX_MEM(BPF_DW, si->dst_reg, si->dst_reg, | |
| 10439 | bpf_target_off(struct skb_shared_info, | |
| 10440 | hwtstamps, 8, | |
| 10441 | target_size)); | |
| 10442 | *jmp_on_null_skb = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, | |
| 10443 | insn - jmp_on_null_skb - 1); | |
| 10444 | break; | |
| 10445 | } | |
| 40304b2a LB |
10446 | } |
| 10447 | return insn - insn_buf; | |
| 10448 | } | |
| 10449 | ||
| 16137b09 CW |
10450 | /* data_end = skb->data + skb_headlen() */ |
| 10451 | static struct bpf_insn *bpf_convert_data_end_access(const struct bpf_insn *si, | |
| 10452 | struct bpf_insn *insn) | |
| 10453 | { | |
| b2c46181 JM |
10454 | int reg; |
| 10455 | int temp_reg_off = offsetof(struct sk_buff, cb) + | |
| 10456 | offsetof(struct sk_skb_cb, temp_reg); | |
| 10457 | ||
| 10458 | if (si->src_reg == si->dst_reg) { | |
| 10459 | /* We need an extra register, choose and save a register. */ | |
| 10460 | reg = BPF_REG_9; | |
| 10461 | if (si->src_reg == reg || si->dst_reg == reg) | |
| 10462 | reg--; | |
| 10463 | if (si->src_reg == reg || si->dst_reg == reg) | |
| 10464 | reg--; | |
| 10465 | *insn++ = BPF_STX_MEM(BPF_DW, si->src_reg, reg, temp_reg_off); | |
| 10466 | } else { | |
| 10467 | reg = si->dst_reg; | |
| 10468 | } | |
| 10469 | ||
| 10470 | /* reg = skb->data */ | |
| 16137b09 | 10471 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, data), |
| b2c46181 | 10472 | reg, si->src_reg, |
| 16137b09 CW |
10473 | offsetof(struct sk_buff, data)); |
| 10474 | /* AX = skb->len */ | |
| 10475 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, len), | |
| 10476 | BPF_REG_AX, si->src_reg, | |
| 10477 | offsetof(struct sk_buff, len)); | |
| b2c46181 JM |
10478 | /* reg = skb->data + skb->len */ |
| 10479 | *insn++ = BPF_ALU64_REG(BPF_ADD, reg, BPF_REG_AX); | |
| 16137b09 CW |
10480 | /* AX = skb->data_len */ |
| 10481 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, data_len), | |
| 10482 | BPF_REG_AX, si->src_reg, | |
| 10483 | offsetof(struct sk_buff, data_len)); | |
| b2c46181 JM |
10484 | |
| 10485 | /* reg = skb->data + skb->len - skb->data_len */ | |
| 10486 | *insn++ = BPF_ALU64_REG(BPF_SUB, reg, BPF_REG_AX); | |
| 10487 | ||
| 10488 | if (si->src_reg == si->dst_reg) { | |
| 10489 | /* Restore the saved register */ | |
| 10490 | *insn++ = BPF_MOV64_REG(BPF_REG_AX, si->src_reg); | |
| 10491 | *insn++ = BPF_MOV64_REG(si->dst_reg, reg); | |
| 10492 | *insn++ = BPF_LDX_MEM(BPF_DW, reg, BPF_REG_AX, temp_reg_off); | |
| 10493 | } | |
| 16137b09 CW |
10494 | |
| 10495 | return insn; | |
| 10496 | } | |
| 10497 | ||
| 8108a775 JF |
10498 | static u32 sk_skb_convert_ctx_access(enum bpf_access_type type, |
| 10499 | const struct bpf_insn *si, | |
| 10500 | struct bpf_insn *insn_buf, | |
| 10501 | struct bpf_prog *prog, u32 *target_size) | |
| 10502 | { | |
| 10503 | struct bpf_insn *insn = insn_buf; | |
| e0dc3b93 | 10504 | int off; |
| 8108a775 JF |
10505 | |
| 10506 | switch (si->off) { | |
| 10507 | case offsetof(struct __sk_buff, data_end): | |
| 16137b09 | 10508 | insn = bpf_convert_data_end_access(si, insn); |
| 8108a775 | 10509 | break; |
| e0dc3b93 JF |
10510 | case offsetof(struct __sk_buff, cb[0]) ... |
| 10511 | offsetofend(struct __sk_buff, cb[4]) - 1: | |
| 10512 | BUILD_BUG_ON(sizeof_field(struct sk_skb_cb, data) < 20); | |
| 10513 | BUILD_BUG_ON((offsetof(struct sk_buff, cb) + | |
| 10514 | offsetof(struct sk_skb_cb, data)) % | |
| 10515 | sizeof(__u64)); | |
| 10516 | ||
| 10517 | prog->cb_access = 1; | |
| 10518 | off = si->off; | |
| 10519 | off -= offsetof(struct __sk_buff, cb[0]); | |
| 10520 | off += offsetof(struct sk_buff, cb); | |
| 10521 | off += offsetof(struct sk_skb_cb, data); | |
| 10522 | if (type == BPF_WRITE) | |
| 10523 | *insn++ = BPF_STX_MEM(BPF_SIZE(si->code), si->dst_reg, | |
| 10524 | si->src_reg, off); | |
| 10525 | else | |
| 10526 | *insn++ = BPF_LDX_MEM(BPF_SIZE(si->code), si->dst_reg, | |
| 10527 | si->src_reg, off); | |
| 10528 | break; | |
| 10529 | ||
| 10530 | ||
| 8108a775 JF |
10531 | default: |
| 10532 | return bpf_convert_ctx_access(type, si, insn_buf, prog, | |
| 10533 | target_size); | |
| 10534 | } | |
| 10535 | ||
| 10536 | return insn - insn_buf; | |
| 10537 | } | |
| 10538 | ||
| 4f738adb JF |
10539 | static u32 sk_msg_convert_ctx_access(enum bpf_access_type type, |
| 10540 | const struct bpf_insn *si, | |
| 10541 | struct bpf_insn *insn_buf, | |
| 10542 | struct bpf_prog *prog, u32 *target_size) | |
| 10543 | { | |
| 10544 | struct bpf_insn *insn = insn_buf; | |
| 720e7f38 | 10545 | #if IS_ENABLED(CONFIG_IPV6) |
| 303def35 | 10546 | int off; |
| 720e7f38 | 10547 | #endif |
| 4f738adb | 10548 | |
| 7a69c0f2 JF |
10549 | /* convert ctx uses the fact sg element is first in struct */ |
| 10550 | BUILD_BUG_ON(offsetof(struct sk_msg, sg) != 0); | |
| 10551 | ||
| 4f738adb JF |
10552 | switch (si->off) { |
| 10553 | case offsetof(struct sk_msg_md, data): | |
| 604326b4 | 10554 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_msg, data), |
| 4f738adb | 10555 | si->dst_reg, si->src_reg, |
| 604326b4 | 10556 | offsetof(struct sk_msg, data)); |
| 4f738adb JF |
10557 | break; |
| 10558 | case offsetof(struct sk_msg_md, data_end): | |
| 604326b4 | 10559 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_msg, data_end), |
| 4f738adb | 10560 | si->dst_reg, si->src_reg, |
| 604326b4 | 10561 | offsetof(struct sk_msg, data_end)); |
| 4f738adb | 10562 | break; |
| 303def35 | 10563 | case offsetof(struct sk_msg_md, family): |
| c593642c | 10564 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_family) != 2); |
| 303def35 JF |
10565 | |
| 10566 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10567 | struct sk_msg, sk), |
| 303def35 | 10568 | si->dst_reg, si->src_reg, |
| 604326b4 | 10569 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10570 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, |
| 10571 | offsetof(struct sock_common, skc_family)); | |
| 10572 | break; | |
| 10573 | ||
| 10574 | case offsetof(struct sk_msg_md, remote_ip4): | |
| c593642c | 10575 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_daddr) != 4); |
| 303def35 JF |
10576 | |
| 10577 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10578 | struct sk_msg, sk), |
| 303def35 | 10579 | si->dst_reg, si->src_reg, |
| 604326b4 | 10580 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10581 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, |
| 10582 | offsetof(struct sock_common, skc_daddr)); | |
| 10583 | break; | |
| 10584 | ||
| 10585 | case offsetof(struct sk_msg_md, local_ip4): | |
| c593642c | 10586 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 303def35 JF |
10587 | skc_rcv_saddr) != 4); |
| 10588 | ||
| 10589 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10590 | struct sk_msg, sk), |
| 303def35 | 10591 | si->dst_reg, si->src_reg, |
| 604326b4 | 10592 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10593 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, |
| 10594 | offsetof(struct sock_common, | |
| 10595 | skc_rcv_saddr)); | |
| 10596 | break; | |
| 10597 | ||
| 10598 | case offsetof(struct sk_msg_md, remote_ip6[0]) ... | |
| 10599 | offsetof(struct sk_msg_md, remote_ip6[3]): | |
| 10600 | #if IS_ENABLED(CONFIG_IPV6) | |
| c593642c | 10601 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 303def35 JF |
10602 | skc_v6_daddr.s6_addr32[0]) != 4); |
| 10603 | ||
| 10604 | off = si->off; | |
| 10605 | off -= offsetof(struct sk_msg_md, remote_ip6[0]); | |
| 10606 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10607 | struct sk_msg, sk), |
| 303def35 | 10608 | si->dst_reg, si->src_reg, |
| 604326b4 | 10609 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10610 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, |
| 10611 | offsetof(struct sock_common, | |
| 10612 | skc_v6_daddr.s6_addr32[0]) + | |
| 10613 | off); | |
| 10614 | #else | |
| 10615 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 10616 | #endif | |
| 10617 | break; | |
| 10618 | ||
| 10619 | case offsetof(struct sk_msg_md, local_ip6[0]) ... | |
| 10620 | offsetof(struct sk_msg_md, local_ip6[3]): | |
| 10621 | #if IS_ENABLED(CONFIG_IPV6) | |
| c593642c | 10622 | BUILD_BUG_ON(sizeof_field(struct sock_common, |
| 303def35 JF |
10623 | skc_v6_rcv_saddr.s6_addr32[0]) != 4); |
| 10624 | ||
| 10625 | off = si->off; | |
| 10626 | off -= offsetof(struct sk_msg_md, local_ip6[0]); | |
| 10627 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10628 | struct sk_msg, sk), |
| 303def35 | 10629 | si->dst_reg, si->src_reg, |
| 604326b4 | 10630 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10631 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, |
| 10632 | offsetof(struct sock_common, | |
| 10633 | skc_v6_rcv_saddr.s6_addr32[0]) + | |
| 10634 | off); | |
| 10635 | #else | |
| 10636 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 10637 | #endif | |
| 10638 | break; | |
| 10639 | ||
| 10640 | case offsetof(struct sk_msg_md, remote_port): | |
| c593642c | 10641 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_dport) != 2); |
| 303def35 JF |
10642 | |
| 10643 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10644 | struct sk_msg, sk), |
| 303def35 | 10645 | si->dst_reg, si->src_reg, |
| 604326b4 | 10646 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10647 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, |
| 10648 | offsetof(struct sock_common, skc_dport)); | |
| 10649 | #ifndef __BIG_ENDIAN_BITFIELD | |
| 10650 | *insn++ = BPF_ALU32_IMM(BPF_LSH, si->dst_reg, 16); | |
| 10651 | #endif | |
| 10652 | break; | |
| 10653 | ||
| 10654 | case offsetof(struct sk_msg_md, local_port): | |
| c593642c | 10655 | BUILD_BUG_ON(sizeof_field(struct sock_common, skc_num) != 2); |
| 303def35 JF |
10656 | |
| 10657 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF( | |
| 604326b4 | 10658 | struct sk_msg, sk), |
| 303def35 | 10659 | si->dst_reg, si->src_reg, |
| 604326b4 | 10660 | offsetof(struct sk_msg, sk)); |
| 303def35 JF |
10661 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->dst_reg, |
| 10662 | offsetof(struct sock_common, skc_num)); | |
| 10663 | break; | |
| 3bdbd022 JF |
10664 | |
| 10665 | case offsetof(struct sk_msg_md, size): | |
| 10666 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_msg_sg, size), | |
| 10667 | si->dst_reg, si->src_reg, | |
| 10668 | offsetof(struct sk_msg_sg, size)); | |
| 10669 | break; | |
| 13d70f5a JF |
10670 | |
| 10671 | case offsetof(struct sk_msg_md, sk): | |
| 10672 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_msg, sk), | |
| 10673 | si->dst_reg, si->src_reg, | |
| 10674 | offsetof(struct sk_msg, sk)); | |
| 10675 | break; | |
| 4f738adb JF |
10676 | } |
| 10677 | ||
| 10678 | return insn - insn_buf; | |
| 10679 | } | |
| 10680 | ||
| 7de16e3a | 10681 | const struct bpf_verifier_ops sk_filter_verifier_ops = { |
| 4936e352 DB |
10682 | .get_func_proto = sk_filter_func_proto, |
| 10683 | .is_valid_access = sk_filter_is_valid_access, | |
| 2492d3b8 | 10684 | .convert_ctx_access = bpf_convert_ctx_access, |
| e0cea7ce | 10685 | .gen_ld_abs = bpf_gen_ld_abs, |
| 89aa0758 AS |
10686 | }; |
| 10687 | ||
| 7de16e3a | 10688 | const struct bpf_prog_ops sk_filter_prog_ops = { |
| 61f3c964 | 10689 | .test_run = bpf_prog_test_run_skb, |
| 7de16e3a JK |
10690 | }; |
| 10691 | ||
| 10692 | const struct bpf_verifier_ops tc_cls_act_verifier_ops = { | |
| 4936e352 DB |
10693 | .get_func_proto = tc_cls_act_func_proto, |
| 10694 | .is_valid_access = tc_cls_act_is_valid_access, | |
| 374fb54e | 10695 | .convert_ctx_access = tc_cls_act_convert_ctx_access, |
| 36bbef52 | 10696 | .gen_prologue = tc_cls_act_prologue, |
| e0cea7ce | 10697 | .gen_ld_abs = bpf_gen_ld_abs, |
| 864b656f | 10698 | .btf_struct_access = tc_cls_act_btf_struct_access, |
| 7de16e3a JK |
10699 | }; |
| 10700 | ||
| 10701 | const struct bpf_prog_ops tc_cls_act_prog_ops = { | |
| 1cf1cae9 | 10702 | .test_run = bpf_prog_test_run_skb, |
| 608cd71a AS |
10703 | }; |
| 10704 | ||
| 7de16e3a | 10705 | const struct bpf_verifier_ops xdp_verifier_ops = { |
| 6a773a15 BB |
10706 | .get_func_proto = xdp_func_proto, |
| 10707 | .is_valid_access = xdp_is_valid_access, | |
| 10708 | .convert_ctx_access = xdp_convert_ctx_access, | |
| b09928b9 | 10709 | .gen_prologue = bpf_noop_prologue, |
| 864b656f | 10710 | .btf_struct_access = xdp_btf_struct_access, |
| 7de16e3a JK |
10711 | }; |
| 10712 | ||
| 10713 | const struct bpf_prog_ops xdp_prog_ops = { | |
| 1cf1cae9 | 10714 | .test_run = bpf_prog_test_run_xdp, |
| 6a773a15 BB |
10715 | }; |
| 10716 | ||
| 7de16e3a | 10717 | const struct bpf_verifier_ops cg_skb_verifier_ops = { |
| cd339431 | 10718 | .get_func_proto = cg_skb_func_proto, |
| b39b5f41 | 10719 | .is_valid_access = cg_skb_is_valid_access, |
| 2492d3b8 | 10720 | .convert_ctx_access = bpf_convert_ctx_access, |
| 7de16e3a JK |
10721 | }; |
| 10722 | ||
| 10723 | const struct bpf_prog_ops cg_skb_prog_ops = { | |
| 1cf1cae9 | 10724 | .test_run = bpf_prog_test_run_skb, |
| 0e33661d DM |
10725 | }; |
| 10726 | ||
| cd3092c7 MX |
10727 | const struct bpf_verifier_ops lwt_in_verifier_ops = { |
| 10728 | .get_func_proto = lwt_in_func_proto, | |
| 3a0af8fd | 10729 | .is_valid_access = lwt_is_valid_access, |
| 2492d3b8 | 10730 | .convert_ctx_access = bpf_convert_ctx_access, |
| 7de16e3a JK |
10731 | }; |
| 10732 | ||
| cd3092c7 MX |
10733 | const struct bpf_prog_ops lwt_in_prog_ops = { |
| 10734 | .test_run = bpf_prog_test_run_skb, | |
| 10735 | }; | |
| 10736 | ||
| 10737 | const struct bpf_verifier_ops lwt_out_verifier_ops = { | |
| 10738 | .get_func_proto = lwt_out_func_proto, | |
| 3a0af8fd | 10739 | .is_valid_access = lwt_is_valid_access, |
| 2492d3b8 | 10740 | .convert_ctx_access = bpf_convert_ctx_access, |
| 7de16e3a JK |
10741 | }; |
| 10742 | ||
| cd3092c7 | 10743 | const struct bpf_prog_ops lwt_out_prog_ops = { |
| 1cf1cae9 | 10744 | .test_run = bpf_prog_test_run_skb, |
| 3a0af8fd TG |
10745 | }; |
| 10746 | ||
| 7de16e3a | 10747 | const struct bpf_verifier_ops lwt_xmit_verifier_ops = { |
| 3a0af8fd TG |
10748 | .get_func_proto = lwt_xmit_func_proto, |
| 10749 | .is_valid_access = lwt_is_valid_access, | |
| 2492d3b8 | 10750 | .convert_ctx_access = bpf_convert_ctx_access, |
| 3a0af8fd | 10751 | .gen_prologue = tc_cls_act_prologue, |
| 7de16e3a JK |
10752 | }; |
| 10753 | ||
| 10754 | const struct bpf_prog_ops lwt_xmit_prog_ops = { | |
| 1cf1cae9 | 10755 | .test_run = bpf_prog_test_run_skb, |
| 3a0af8fd TG |
10756 | }; |
| 10757 | ||
| 004d4b27 MX |
10758 | const struct bpf_verifier_ops lwt_seg6local_verifier_ops = { |
| 10759 | .get_func_proto = lwt_seg6local_func_proto, | |
| 10760 | .is_valid_access = lwt_is_valid_access, | |
| 10761 | .convert_ctx_access = bpf_convert_ctx_access, | |
| 10762 | }; | |
| 10763 | ||
| 10764 | const struct bpf_prog_ops lwt_seg6local_prog_ops = { | |
| 10765 | .test_run = bpf_prog_test_run_skb, | |
| 10766 | }; | |
| 10767 | ||
| 7de16e3a | 10768 | const struct bpf_verifier_ops cg_sock_verifier_ops = { |
| ae2cf1c4 | 10769 | .get_func_proto = sock_filter_func_proto, |
| 61023658 | 10770 | .is_valid_access = sock_filter_is_valid_access, |
| c64b7983 | 10771 | .convert_ctx_access = bpf_sock_convert_ctx_access, |
| 61023658 DA |
10772 | }; |
| 10773 | ||
| 7de16e3a JK |
10774 | const struct bpf_prog_ops cg_sock_prog_ops = { |
| 10775 | }; | |
| 10776 | ||
| 4fbac77d AI |
10777 | const struct bpf_verifier_ops cg_sock_addr_verifier_ops = { |
| 10778 | .get_func_proto = sock_addr_func_proto, | |
| 10779 | .is_valid_access = sock_addr_is_valid_access, | |
| 10780 | .convert_ctx_access = sock_addr_convert_ctx_access, | |
| 10781 | }; | |
| 10782 | ||
| 10783 | const struct bpf_prog_ops cg_sock_addr_prog_ops = { | |
| 10784 | }; | |
| 10785 | ||
| 7de16e3a | 10786 | const struct bpf_verifier_ops sock_ops_verifier_ops = { |
| 8c4b4c7e | 10787 | .get_func_proto = sock_ops_func_proto, |
| 40304b2a LB |
10788 | .is_valid_access = sock_ops_is_valid_access, |
| 10789 | .convert_ctx_access = sock_ops_convert_ctx_access, | |
| 10790 | }; | |
| 10791 | ||
| 7de16e3a JK |
10792 | const struct bpf_prog_ops sock_ops_prog_ops = { |
| 10793 | }; | |
| 10794 | ||
| 10795 | const struct bpf_verifier_ops sk_skb_verifier_ops = { | |
| b005fd18 JF |
10796 | .get_func_proto = sk_skb_func_proto, |
| 10797 | .is_valid_access = sk_skb_is_valid_access, | |
| 8108a775 | 10798 | .convert_ctx_access = sk_skb_convert_ctx_access, |
| 8a31db56 | 10799 | .gen_prologue = sk_skb_prologue, |
| b005fd18 JF |
10800 | }; |
| 10801 | ||
| 7de16e3a JK |
10802 | const struct bpf_prog_ops sk_skb_prog_ops = { |
| 10803 | }; | |
| 10804 | ||
| 4f738adb JF |
10805 | const struct bpf_verifier_ops sk_msg_verifier_ops = { |
| 10806 | .get_func_proto = sk_msg_func_proto, | |
| 10807 | .is_valid_access = sk_msg_is_valid_access, | |
| 10808 | .convert_ctx_access = sk_msg_convert_ctx_access, | |
| b09928b9 | 10809 | .gen_prologue = bpf_noop_prologue, |
| 4f738adb JF |
10810 | }; |
| 10811 | ||
| 10812 | const struct bpf_prog_ops sk_msg_prog_ops = { | |
| 10813 | }; | |
| 10814 | ||
| d58e468b PP |
10815 | const struct bpf_verifier_ops flow_dissector_verifier_ops = { |
| 10816 | .get_func_proto = flow_dissector_func_proto, | |
| 10817 | .is_valid_access = flow_dissector_is_valid_access, | |
| 089b19a9 | 10818 | .convert_ctx_access = flow_dissector_convert_ctx_access, |
| d58e468b PP |
10819 | }; |
| 10820 | ||
| 10821 | const struct bpf_prog_ops flow_dissector_prog_ops = { | |
| b7a1848e | 10822 | .test_run = bpf_prog_test_run_flow_dissector, |
| d58e468b PP |
10823 | }; |
| 10824 | ||
| 8ced425e | 10825 | int sk_detach_filter(struct sock *sk) |
| 55b33325 PE |
10826 | { |
| 10827 | int ret = -ENOENT; | |
| 10828 | struct sk_filter *filter; | |
| 10829 | ||
| d59577b6 VB |
10830 | if (sock_flag(sk, SOCK_FILTER_LOCKED)) |
| 10831 | return -EPERM; | |
| 10832 | ||
| 8ced425e HFS |
10833 | filter = rcu_dereference_protected(sk->sk_filter, |
| 10834 | lockdep_sock_is_held(sk)); | |
| 55b33325 | 10835 | if (filter) { |
| a9b3cd7f | 10836 | RCU_INIT_POINTER(sk->sk_filter, NULL); |
| 46bcf14f | 10837 | sk_filter_uncharge(sk, filter); |
| 55b33325 PE |
10838 | ret = 0; |
| 10839 | } | |
| a3ea269b | 10840 | |
| 55b33325 PE |
10841 | return ret; |
| 10842 | } | |
| 8ced425e | 10843 | EXPORT_SYMBOL_GPL(sk_detach_filter); |
| a8fc9277 | 10844 | |
| 4ff09db1 | 10845 | int sk_get_filter(struct sock *sk, sockptr_t optval, unsigned int len) |
| a8fc9277 | 10846 | { |
| a3ea269b | 10847 | struct sock_fprog_kern *fprog; |
| a8fc9277 | 10848 | struct sk_filter *filter; |
| a3ea269b | 10849 | int ret = 0; |
| a8fc9277 | 10850 | |
| 2c5b6bf5 | 10851 | sockopt_lock_sock(sk); |
| a8fc9277 | 10852 | filter = rcu_dereference_protected(sk->sk_filter, |
| 8ced425e | 10853 | lockdep_sock_is_held(sk)); |
| a8fc9277 PE |
10854 | if (!filter) |
| 10855 | goto out; | |
| a3ea269b DB |
10856 | |
| 10857 | /* We're copying the filter that has been originally attached, | |
| 93d08b69 DB |
10858 | * so no conversion/decode needed anymore. eBPF programs that |
| 10859 | * have no original program cannot be dumped through this. | |
| a3ea269b | 10860 | */ |
| 93d08b69 | 10861 | ret = -EACCES; |
| 7ae457c1 | 10862 | fprog = filter->prog->orig_prog; |
| 93d08b69 DB |
10863 | if (!fprog) |
| 10864 | goto out; | |
| a3ea269b DB |
10865 | |
| 10866 | ret = fprog->len; | |
| a8fc9277 | 10867 | if (!len) |
| a3ea269b | 10868 | /* User space only enquires number of filter blocks. */ |
| a8fc9277 | 10869 | goto out; |
| a3ea269b | 10870 | |
| a8fc9277 | 10871 | ret = -EINVAL; |
| a3ea269b | 10872 | if (len < fprog->len) |
| a8fc9277 PE |
10873 | goto out; |
| 10874 | ||
| 10875 | ret = -EFAULT; | |
| 4ff09db1 | 10876 | if (copy_to_sockptr(optval, fprog->filter, bpf_classic_proglen(fprog))) |
| a3ea269b | 10877 | goto out; |
| a8fc9277 | 10878 | |
| a3ea269b DB |
10879 | /* Instead of bytes, the API requests to return the number |
| 10880 | * of filter blocks. | |
| 10881 | */ | |
| 10882 | ret = fprog->len; | |
| a8fc9277 | 10883 | out: |
| 2c5b6bf5 | 10884 | sockopt_release_sock(sk); |
| a8fc9277 PE |
10885 | return ret; |
| 10886 | } | |
| 2dbb9b9e MKL |
10887 | |
| 10888 | #ifdef CONFIG_INET | |
| 2dbb9b9e MKL |
10889 | static void bpf_init_reuseport_kern(struct sk_reuseport_kern *reuse_kern, |
| 10890 | struct sock_reuseport *reuse, | |
| 10891 | struct sock *sk, struct sk_buff *skb, | |
| d5e4ddae | 10892 | struct sock *migrating_sk, |
| 2dbb9b9e MKL |
10893 | u32 hash) |
| 10894 | { | |
| 10895 | reuse_kern->skb = skb; | |
| 10896 | reuse_kern->sk = sk; | |
| 10897 | reuse_kern->selected_sk = NULL; | |
| d5e4ddae | 10898 | reuse_kern->migrating_sk = migrating_sk; |
| 2dbb9b9e MKL |
10899 | reuse_kern->data_end = skb->data + skb_headlen(skb); |
| 10900 | reuse_kern->hash = hash; | |
| 10901 | reuse_kern->reuseport_id = reuse->reuseport_id; | |
| 10902 | reuse_kern->bind_inany = reuse->bind_inany; | |
| 10903 | } | |
| 10904 | ||
| 10905 | struct sock *bpf_run_sk_reuseport(struct sock_reuseport *reuse, struct sock *sk, | |
| 10906 | struct bpf_prog *prog, struct sk_buff *skb, | |
| d5e4ddae | 10907 | struct sock *migrating_sk, |
| 2dbb9b9e MKL |
10908 | u32 hash) |
| 10909 | { | |
| 10910 | struct sk_reuseport_kern reuse_kern; | |
| 10911 | enum sk_action action; | |
| 10912 | ||
| d5e4ddae | 10913 | bpf_init_reuseport_kern(&reuse_kern, reuse, sk, skb, migrating_sk, hash); |
| fb7dd8bc | 10914 | action = bpf_prog_run(prog, &reuse_kern); |
| 2dbb9b9e MKL |
10915 | |
| 10916 | if (action == SK_PASS) | |
| 10917 | return reuse_kern.selected_sk; | |
| 10918 | else | |
| 10919 | return ERR_PTR(-ECONNREFUSED); | |
| 10920 | } | |
| 10921 | ||
| 10922 | BPF_CALL_4(sk_select_reuseport, struct sk_reuseport_kern *, reuse_kern, | |
| 10923 | struct bpf_map *, map, void *, key, u32, flags) | |
| 10924 | { | |
| 9fed9000 | 10925 | bool is_sockarray = map->map_type == BPF_MAP_TYPE_REUSEPORT_SOCKARRAY; |
| 2dbb9b9e MKL |
10926 | struct sock_reuseport *reuse; |
| 10927 | struct sock *selected_sk; | |
| 10928 | ||
| 10929 | selected_sk = map->ops->map_lookup_elem(map, key); | |
| 10930 | if (!selected_sk) | |
| 10931 | return -ENOENT; | |
| 10932 | ||
| 10933 | reuse = rcu_dereference(selected_sk->sk_reuseport_cb); | |
| 9fed9000 | 10934 | if (!reuse) { |
| 64d85290 JS |
10935 | /* Lookup in sock_map can return TCP ESTABLISHED sockets. */ |
| 10936 | if (sk_is_refcounted(selected_sk)) | |
| 10937 | sock_put(selected_sk); | |
| 10938 | ||
| 9fed9000 JS |
10939 | /* reuseport_array has only sk with non NULL sk_reuseport_cb. |
| 10940 | * The only (!reuse) case here is - the sk has already been | |
| 10941 | * unhashed (e.g. by close()), so treat it as -ENOENT. | |
| 10942 | * | |
| 10943 | * Other maps (e.g. sock_map) do not provide this guarantee and | |
| 10944 | * the sk may never be in the reuseport group to begin with. | |
| 2dbb9b9e | 10945 | */ |
| 9fed9000 JS |
10946 | return is_sockarray ? -ENOENT : -EINVAL; |
| 10947 | } | |
| 2dbb9b9e MKL |
10948 | |
| 10949 | if (unlikely(reuse->reuseport_id != reuse_kern->reuseport_id)) { | |
| 035ff358 | 10950 | struct sock *sk = reuse_kern->sk; |
| 2dbb9b9e | 10951 | |
| 2dbb9b9e MKL |
10952 | if (sk->sk_protocol != selected_sk->sk_protocol) |
| 10953 | return -EPROTOTYPE; | |
| 10954 | else if (sk->sk_family != selected_sk->sk_family) | |
| 10955 | return -EAFNOSUPPORT; | |
| 10956 | ||
| 10957 | /* Catch all. Likely bound to a different sockaddr. */ | |
| 10958 | return -EBADFD; | |
| 10959 | } | |
| 10960 | ||
| 10961 | reuse_kern->selected_sk = selected_sk; | |
| 10962 | ||
| 10963 | return 0; | |
| 10964 | } | |
| 10965 | ||
| 10966 | static const struct bpf_func_proto sk_select_reuseport_proto = { | |
| 10967 | .func = sk_select_reuseport, | |
| 10968 | .gpl_only = false, | |
| 10969 | .ret_type = RET_INTEGER, | |
| 10970 | .arg1_type = ARG_PTR_TO_CTX, | |
| 10971 | .arg2_type = ARG_CONST_MAP_PTR, | |
| 10972 | .arg3_type = ARG_PTR_TO_MAP_KEY, | |
| 10973 | .arg4_type = ARG_ANYTHING, | |
| 10974 | }; | |
| 10975 | ||
| 10976 | BPF_CALL_4(sk_reuseport_load_bytes, | |
| 10977 | const struct sk_reuseport_kern *, reuse_kern, u32, offset, | |
| 10978 | void *, to, u32, len) | |
| 10979 | { | |
| 10980 | return ____bpf_skb_load_bytes(reuse_kern->skb, offset, to, len); | |
| 10981 | } | |
| 10982 | ||
| 10983 | static const struct bpf_func_proto sk_reuseport_load_bytes_proto = { | |
| 10984 | .func = sk_reuseport_load_bytes, | |
| 10985 | .gpl_only = false, | |
| 10986 | .ret_type = RET_INTEGER, | |
| 10987 | .arg1_type = ARG_PTR_TO_CTX, | |
| 10988 | .arg2_type = ARG_ANYTHING, | |
| 10989 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 10990 | .arg4_type = ARG_CONST_SIZE, | |
| 10991 | }; | |
| 10992 | ||
| 10993 | BPF_CALL_5(sk_reuseport_load_bytes_relative, | |
| 10994 | const struct sk_reuseport_kern *, reuse_kern, u32, offset, | |
| 10995 | void *, to, u32, len, u32, start_header) | |
| 10996 | { | |
| 10997 | return ____bpf_skb_load_bytes_relative(reuse_kern->skb, offset, to, | |
| 10998 | len, start_header); | |
| 10999 | } | |
| 11000 | ||
| 11001 | static const struct bpf_func_proto sk_reuseport_load_bytes_relative_proto = { | |
| 11002 | .func = sk_reuseport_load_bytes_relative, | |
| 11003 | .gpl_only = false, | |
| 11004 | .ret_type = RET_INTEGER, | |
| 11005 | .arg1_type = ARG_PTR_TO_CTX, | |
| 11006 | .arg2_type = ARG_ANYTHING, | |
| 11007 | .arg3_type = ARG_PTR_TO_UNINIT_MEM, | |
| 11008 | .arg4_type = ARG_CONST_SIZE, | |
| 11009 | .arg5_type = ARG_ANYTHING, | |
| 11010 | }; | |
| 11011 | ||
| 11012 | static const struct bpf_func_proto * | |
| 11013 | sk_reuseport_func_proto(enum bpf_func_id func_id, | |
| 11014 | const struct bpf_prog *prog) | |
| 11015 | { | |
| 11016 | switch (func_id) { | |
| 11017 | case BPF_FUNC_sk_select_reuseport: | |
| 11018 | return &sk_select_reuseport_proto; | |
| 11019 | case BPF_FUNC_skb_load_bytes: | |
| 11020 | return &sk_reuseport_load_bytes_proto; | |
| 11021 | case BPF_FUNC_skb_load_bytes_relative: | |
| 11022 | return &sk_reuseport_load_bytes_relative_proto; | |
| e0610476 KI |
11023 | case BPF_FUNC_get_socket_cookie: |
| 11024 | return &bpf_get_socket_ptr_cookie_proto; | |
| 5e0bc308 DB |
11025 | case BPF_FUNC_ktime_get_coarse_ns: |
| 11026 | return &bpf_ktime_get_coarse_ns_proto; | |
| 2dbb9b9e MKL |
11027 | default: |
| 11028 | return bpf_base_func_proto(func_id); | |
| 11029 | } | |
| 11030 | } | |
| 11031 | ||
| 11032 | static bool | |
| 11033 | sk_reuseport_is_valid_access(int off, int size, | |
| 11034 | enum bpf_access_type type, | |
| 11035 | const struct bpf_prog *prog, | |
| 11036 | struct bpf_insn_access_aux *info) | |
| 11037 | { | |
| 11038 | const u32 size_default = sizeof(__u32); | |
| 11039 | ||
| 11040 | if (off < 0 || off >= sizeof(struct sk_reuseport_md) || | |
| 11041 | off % size || type != BPF_READ) | |
| 11042 | return false; | |
| 11043 | ||
| 11044 | switch (off) { | |
| 11045 | case offsetof(struct sk_reuseport_md, data): | |
| 11046 | info->reg_type = PTR_TO_PACKET; | |
| 11047 | return size == sizeof(__u64); | |
| 11048 | ||
| 11049 | case offsetof(struct sk_reuseport_md, data_end): | |
| 11050 | info->reg_type = PTR_TO_PACKET_END; | |
| 11051 | return size == sizeof(__u64); | |
| 11052 | ||
| 11053 | case offsetof(struct sk_reuseport_md, hash): | |
| 11054 | return size == size_default; | |
| 11055 | ||
| e0610476 KI |
11056 | case offsetof(struct sk_reuseport_md, sk): |
| 11057 | info->reg_type = PTR_TO_SOCKET; | |
| 11058 | return size == sizeof(__u64); | |
| 11059 | ||
| d5e4ddae KI |
11060 | case offsetof(struct sk_reuseport_md, migrating_sk): |
| 11061 | info->reg_type = PTR_TO_SOCK_COMMON_OR_NULL; | |
| 11062 | return size == sizeof(__u64); | |
| 11063 | ||
| 2dbb9b9e | 11064 | /* Fields that allow narrowing */ |
| 2c238177 | 11065 | case bpf_ctx_range(struct sk_reuseport_md, eth_protocol): |
| c593642c | 11066 | if (size < sizeof_field(struct sk_buff, protocol)) |
| 2dbb9b9e | 11067 | return false; |
| df561f66 | 11068 | fallthrough; |
| 2c238177 IL |
11069 | case bpf_ctx_range(struct sk_reuseport_md, ip_protocol): |
| 11070 | case bpf_ctx_range(struct sk_reuseport_md, bind_inany): | |
| 11071 | case bpf_ctx_range(struct sk_reuseport_md, len): | |
| 2dbb9b9e MKL |
11072 | bpf_ctx_record_field_size(info, size_default); |
| 11073 | return bpf_ctx_narrow_access_ok(off, size, size_default); | |
| 11074 | ||
| 11075 | default: | |
| 11076 | return false; | |
| 11077 | } | |
| 11078 | } | |
| 11079 | ||
| 11080 | #define SK_REUSEPORT_LOAD_FIELD(F) ({ \ | |
| 11081 | *insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_reuseport_kern, F), \ | |
| 11082 | si->dst_reg, si->src_reg, \ | |
| 11083 | bpf_target_off(struct sk_reuseport_kern, F, \ | |
| c593642c | 11084 | sizeof_field(struct sk_reuseport_kern, F), \ |
| 2dbb9b9e MKL |
11085 | target_size)); \ |
| 11086 | }) | |
| 11087 | ||
| 11088 | #define SK_REUSEPORT_LOAD_SKB_FIELD(SKB_FIELD) \ | |
| 11089 | SOCK_ADDR_LOAD_NESTED_FIELD(struct sk_reuseport_kern, \ | |
| 11090 | struct sk_buff, \ | |
| 11091 | skb, \ | |
| 11092 | SKB_FIELD) | |
| 11093 | ||
| bf976514 MM |
11094 | #define SK_REUSEPORT_LOAD_SK_FIELD(SK_FIELD) \ |
| 11095 | SOCK_ADDR_LOAD_NESTED_FIELD(struct sk_reuseport_kern, \ | |
| 11096 | struct sock, \ | |
| 11097 | sk, \ | |
| 11098 | SK_FIELD) | |
| 2dbb9b9e MKL |
11099 | |
| 11100 | static u32 sk_reuseport_convert_ctx_access(enum bpf_access_type type, | |
| 11101 | const struct bpf_insn *si, | |
| 11102 | struct bpf_insn *insn_buf, | |
| 11103 | struct bpf_prog *prog, | |
| 11104 | u32 *target_size) | |
| 11105 | { | |
| 11106 | struct bpf_insn *insn = insn_buf; | |
| 11107 | ||
| 11108 | switch (si->off) { | |
| 11109 | case offsetof(struct sk_reuseport_md, data): | |
| 11110 | SK_REUSEPORT_LOAD_SKB_FIELD(data); | |
| 11111 | break; | |
| 11112 | ||
| 11113 | case offsetof(struct sk_reuseport_md, len): | |
| 11114 | SK_REUSEPORT_LOAD_SKB_FIELD(len); | |
| 11115 | break; | |
| 11116 | ||
| 11117 | case offsetof(struct sk_reuseport_md, eth_protocol): | |
| 11118 | SK_REUSEPORT_LOAD_SKB_FIELD(protocol); | |
| 11119 | break; | |
| 11120 | ||
| 11121 | case offsetof(struct sk_reuseport_md, ip_protocol): | |
| bf976514 | 11122 | SK_REUSEPORT_LOAD_SK_FIELD(sk_protocol); |
| 2dbb9b9e MKL |
11123 | break; |
| 11124 | ||
| 11125 | case offsetof(struct sk_reuseport_md, data_end): | |
| 11126 | SK_REUSEPORT_LOAD_FIELD(data_end); | |
| 11127 | break; | |
| 11128 | ||
| 11129 | case offsetof(struct sk_reuseport_md, hash): | |
| 11130 | SK_REUSEPORT_LOAD_FIELD(hash); | |
| 11131 | break; | |
| 11132 | ||
| 11133 | case offsetof(struct sk_reuseport_md, bind_inany): | |
| 11134 | SK_REUSEPORT_LOAD_FIELD(bind_inany); | |
| 11135 | break; | |
| e0610476 KI |
11136 | |
| 11137 | case offsetof(struct sk_reuseport_md, sk): | |
| 11138 | SK_REUSEPORT_LOAD_FIELD(sk); | |
| 11139 | break; | |
| d5e4ddae KI |
11140 | |
| 11141 | case offsetof(struct sk_reuseport_md, migrating_sk): | |
| 11142 | SK_REUSEPORT_LOAD_FIELD(migrating_sk); | |
| 11143 | break; | |
| 2dbb9b9e MKL |
11144 | } |
| 11145 | ||
| 11146 | return insn - insn_buf; | |
| 11147 | } | |
| 11148 | ||
| 11149 | const struct bpf_verifier_ops sk_reuseport_verifier_ops = { | |
| 11150 | .get_func_proto = sk_reuseport_func_proto, | |
| 11151 | .is_valid_access = sk_reuseport_is_valid_access, | |
| 11152 | .convert_ctx_access = sk_reuseport_convert_ctx_access, | |
| 11153 | }; | |
| 11154 | ||
| 11155 | const struct bpf_prog_ops sk_reuseport_prog_ops = { | |
| 11156 | }; | |
| 7e6897f9 | 11157 | |
| 1559b4aa JS |
11158 | DEFINE_STATIC_KEY_FALSE(bpf_sk_lookup_enabled); |
| 11159 | EXPORT_SYMBOL(bpf_sk_lookup_enabled); | |
| 7e6897f9 | 11160 | |
| e9ddbb77 JS |
11161 | BPF_CALL_3(bpf_sk_lookup_assign, struct bpf_sk_lookup_kern *, ctx, |
| 11162 | struct sock *, sk, u64, flags) | |
| 7e6897f9 | 11163 | { |
| e9ddbb77 JS |
11164 | if (unlikely(flags & ~(BPF_SK_LOOKUP_F_REPLACE | |
| 11165 | BPF_SK_LOOKUP_F_NO_REUSEPORT))) | |
| 11166 | return -EINVAL; | |
| 11167 | if (unlikely(sk && sk_is_refcounted(sk))) | |
| 11168 | return -ESOCKTNOSUPPORT; /* reject non-RCU freed sockets */ | |
| 40a34121 JF |
11169 | if (unlikely(sk && sk_is_tcp(sk) && sk->sk_state != TCP_LISTEN)) |
| 11170 | return -ESOCKTNOSUPPORT; /* only accept TCP socket in LISTEN */ | |
| 11171 | if (unlikely(sk && sk_is_udp(sk) && sk->sk_state != TCP_CLOSE)) | |
| 11172 | return -ESOCKTNOSUPPORT; /* only accept UDP socket in CLOSE */ | |
| e9ddbb77 JS |
11173 | |
| 11174 | /* Check if socket is suitable for packet L3/L4 protocol */ | |
| 11175 | if (sk && sk->sk_protocol != ctx->protocol) | |
| 11176 | return -EPROTOTYPE; | |
| 11177 | if (sk && sk->sk_family != ctx->family && | |
| 11178 | (sk->sk_family == AF_INET || ipv6_only_sock(sk))) | |
| 11179 | return -EAFNOSUPPORT; | |
| 11180 | ||
| 11181 | if (ctx->selected_sk && !(flags & BPF_SK_LOOKUP_F_REPLACE)) | |
| 11182 | return -EEXIST; | |
| 11183 | ||
| 11184 | /* Select socket as lookup result */ | |
| 11185 | ctx->selected_sk = sk; | |
| 11186 | ctx->no_reuseport = flags & BPF_SK_LOOKUP_F_NO_REUSEPORT; | |
| 11187 | return 0; | |
| 7e6897f9 | 11188 | } |
| af7ec138 | 11189 | |
| e9ddbb77 JS |
11190 | static const struct bpf_func_proto bpf_sk_lookup_assign_proto = { |
| 11191 | .func = bpf_sk_lookup_assign, | |
| 11192 | .gpl_only = false, | |
| 11193 | .ret_type = RET_INTEGER, | |
| 11194 | .arg1_type = ARG_PTR_TO_CTX, | |
| 11195 | .arg2_type = ARG_PTR_TO_SOCKET_OR_NULL, | |
| 11196 | .arg3_type = ARG_ANYTHING, | |
| af7ec138 YS |
11197 | }; |
| 11198 | ||
| e9ddbb77 JS |
11199 | static const struct bpf_func_proto * |
| 11200 | sk_lookup_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) | |
| 11201 | { | |
| 11202 | switch (func_id) { | |
| 11203 | case BPF_FUNC_perf_event_output: | |
| 11204 | return &bpf_event_output_data_proto; | |
| 11205 | case BPF_FUNC_sk_assign: | |
| 11206 | return &bpf_sk_lookup_assign_proto; | |
| 11207 | case BPF_FUNC_sk_release: | |
| 11208 | return &bpf_sk_release_proto; | |
| 11209 | default: | |
| 1df8f55a | 11210 | return bpf_sk_base_func_proto(func_id); |
| e9ddbb77 JS |
11211 | } |
| 11212 | } | |
| af7ec138 | 11213 | |
| e9ddbb77 JS |
11214 | static bool sk_lookup_is_valid_access(int off, int size, |
| 11215 | enum bpf_access_type type, | |
| 11216 | const struct bpf_prog *prog, | |
| 11217 | struct bpf_insn_access_aux *info) | |
| 11218 | { | |
| 11219 | if (off < 0 || off >= sizeof(struct bpf_sk_lookup)) | |
| 11220 | return false; | |
| 11221 | if (off % size != 0) | |
| 11222 | return false; | |
| 11223 | if (type != BPF_READ) | |
| 11224 | return false; | |
| 11225 | ||
| 11226 | switch (off) { | |
| 11227 | case offsetof(struct bpf_sk_lookup, sk): | |
| 11228 | info->reg_type = PTR_TO_SOCKET_OR_NULL; | |
| 11229 | return size == sizeof(__u64); | |
| af7ec138 | 11230 | |
| e9ddbb77 JS |
11231 | case bpf_ctx_range(struct bpf_sk_lookup, family): |
| 11232 | case bpf_ctx_range(struct bpf_sk_lookup, protocol): | |
| 11233 | case bpf_ctx_range(struct bpf_sk_lookup, remote_ip4): | |
| 11234 | case bpf_ctx_range(struct bpf_sk_lookup, local_ip4): | |
| 11235 | case bpf_ctx_range_till(struct bpf_sk_lookup, remote_ip6[0], remote_ip6[3]): | |
| 11236 | case bpf_ctx_range_till(struct bpf_sk_lookup, local_ip6[0], local_ip6[3]): | |
| e9ddbb77 | 11237 | case bpf_ctx_range(struct bpf_sk_lookup, local_port): |
| f8931565 | 11238 | case bpf_ctx_range(struct bpf_sk_lookup, ingress_ifindex): |
| e9ddbb77 JS |
11239 | bpf_ctx_record_field_size(info, sizeof(__u32)); |
| 11240 | return bpf_ctx_narrow_access_ok(off, size, sizeof(__u32)); | |
| 11241 | ||
| 058ec4a7 JS |
11242 | case bpf_ctx_range(struct bpf_sk_lookup, remote_port): |
| 11243 | /* Allow 4-byte access to 2-byte field for backward compatibility */ | |
| 11244 | if (size == sizeof(__u32)) | |
| 11245 | return true; | |
| 11246 | bpf_ctx_record_field_size(info, sizeof(__be16)); | |
| 11247 | return bpf_ctx_narrow_access_ok(off, size, sizeof(__be16)); | |
| 11248 | ||
| 11249 | case offsetofend(struct bpf_sk_lookup, remote_port) ... | |
| 11250 | offsetof(struct bpf_sk_lookup, local_ip4) - 1: | |
| 11251 | /* Allow access to zero padding for backward compatibility */ | |
| 11252 | bpf_ctx_record_field_size(info, sizeof(__u16)); | |
| 11253 | return bpf_ctx_narrow_access_ok(off, size, sizeof(__u16)); | |
| 11254 | ||
| e9ddbb77 JS |
11255 | default: |
| 11256 | return false; | |
| 11257 | } | |
| 11258 | } | |
| 11259 | ||
| 11260 | static u32 sk_lookup_convert_ctx_access(enum bpf_access_type type, | |
| 11261 | const struct bpf_insn *si, | |
| 11262 | struct bpf_insn *insn_buf, | |
| 11263 | struct bpf_prog *prog, | |
| 11264 | u32 *target_size) | |
| af7ec138 | 11265 | { |
| e9ddbb77 JS |
11266 | struct bpf_insn *insn = insn_buf; |
| 11267 | ||
| 11268 | switch (si->off) { | |
| 11269 | case offsetof(struct bpf_sk_lookup, sk): | |
| 11270 | *insn++ = BPF_LDX_MEM(BPF_SIZEOF(void *), si->dst_reg, si->src_reg, | |
| 11271 | offsetof(struct bpf_sk_lookup_kern, selected_sk)); | |
| 11272 | break; | |
| af7ec138 | 11273 | |
| e9ddbb77 JS |
11274 | case offsetof(struct bpf_sk_lookup, family): |
| 11275 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, | |
| 11276 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11277 | family, 2, target_size)); | |
| 11278 | break; | |
| 11279 | ||
| 11280 | case offsetof(struct bpf_sk_lookup, protocol): | |
| 11281 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, | |
| 11282 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11283 | protocol, 2, target_size)); | |
| 11284 | break; | |
| 11285 | ||
| 11286 | case offsetof(struct bpf_sk_lookup, remote_ip4): | |
| 11287 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 11288 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11289 | v4.saddr, 4, target_size)); | |
| 11290 | break; | |
| 11291 | ||
| 11292 | case offsetof(struct bpf_sk_lookup, local_ip4): | |
| 11293 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 11294 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11295 | v4.daddr, 4, target_size)); | |
| 11296 | break; | |
| 11297 | ||
| 11298 | case bpf_ctx_range_till(struct bpf_sk_lookup, | |
| 11299 | remote_ip6[0], remote_ip6[3]): { | |
| 11300 | #if IS_ENABLED(CONFIG_IPV6) | |
| 11301 | int off = si->off; | |
| 11302 | ||
| 11303 | off -= offsetof(struct bpf_sk_lookup, remote_ip6[0]); | |
| 11304 | off += bpf_target_off(struct in6_addr, s6_addr32[0], 4, target_size); | |
| 11305 | *insn++ = BPF_LDX_MEM(BPF_SIZEOF(void *), si->dst_reg, si->src_reg, | |
| 11306 | offsetof(struct bpf_sk_lookup_kern, v6.saddr)); | |
| 11307 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); | |
| 11308 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, off); | |
| 11309 | #else | |
| 11310 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 11311 | #endif | |
| 11312 | break; | |
| 11313 | } | |
| 11314 | case bpf_ctx_range_till(struct bpf_sk_lookup, | |
| 11315 | local_ip6[0], local_ip6[3]): { | |
| 11316 | #if IS_ENABLED(CONFIG_IPV6) | |
| 11317 | int off = si->off; | |
| 11318 | ||
| 11319 | off -= offsetof(struct bpf_sk_lookup, local_ip6[0]); | |
| 11320 | off += bpf_target_off(struct in6_addr, s6_addr32[0], 4, target_size); | |
| 11321 | *insn++ = BPF_LDX_MEM(BPF_SIZEOF(void *), si->dst_reg, si->src_reg, | |
| 11322 | offsetof(struct bpf_sk_lookup_kern, v6.daddr)); | |
| 11323 | *insn++ = BPF_JMP_IMM(BPF_JEQ, si->dst_reg, 0, 1); | |
| 11324 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->dst_reg, off); | |
| 11325 | #else | |
| 11326 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 11327 | #endif | |
| 11328 | break; | |
| af7ec138 | 11329 | } |
| e9ddbb77 JS |
11330 | case offsetof(struct bpf_sk_lookup, remote_port): |
| 11331 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, | |
| 11332 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11333 | sport, 2, target_size)); | |
| 11334 | break; | |
| 11335 | ||
| 058ec4a7 JS |
11336 | case offsetofend(struct bpf_sk_lookup, remote_port): |
| 11337 | *target_size = 2; | |
| 11338 | *insn++ = BPF_MOV32_IMM(si->dst_reg, 0); | |
| 11339 | break; | |
| 11340 | ||
| e9ddbb77 JS |
11341 | case offsetof(struct bpf_sk_lookup, local_port): |
| 11342 | *insn++ = BPF_LDX_MEM(BPF_H, si->dst_reg, si->src_reg, | |
| 11343 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11344 | dport, 2, target_size)); | |
| 11345 | break; | |
| f8931565 MP |
11346 | |
| 11347 | case offsetof(struct bpf_sk_lookup, ingress_ifindex): | |
| 11348 | *insn++ = BPF_LDX_MEM(BPF_W, si->dst_reg, si->src_reg, | |
| 11349 | bpf_target_off(struct bpf_sk_lookup_kern, | |
| 11350 | ingress_ifindex, 4, target_size)); | |
| 11351 | break; | |
| e9ddbb77 JS |
11352 | } |
| 11353 | ||
| 11354 | return insn - insn_buf; | |
| af7ec138 | 11355 | } |
| e9ddbb77 JS |
11356 | |
| 11357 | const struct bpf_prog_ops sk_lookup_prog_ops = { | |
| 7c32e8f8 | 11358 | .test_run = bpf_prog_test_run_sk_lookup, |
| e9ddbb77 JS |
11359 | }; |
| 11360 | ||
| 11361 | const struct bpf_verifier_ops sk_lookup_verifier_ops = { | |
| 11362 | .get_func_proto = sk_lookup_func_proto, | |
| 11363 | .is_valid_access = sk_lookup_is_valid_access, | |
| 11364 | .convert_ctx_access = sk_lookup_convert_ctx_access, | |
| 11365 | }; | |
| 11366 | ||
| 2dbb9b9e | 11367 | #endif /* CONFIG_INET */ |
| 7e6897f9 | 11368 | |
| 6a64037d | 11369 | DEFINE_BPF_DISPATCHER(xdp) |
| 7e6897f9 BT |
11370 | |
| 11371 | void bpf_prog_change_xdp(struct bpf_prog *prev_prog, struct bpf_prog *prog) | |
| 11372 | { | |
| 6a64037d | 11373 | bpf_dispatcher_change_prog(BPF_DISPATCHER_PTR(xdp), prev_prog, prog); |
| 7e6897f9 | 11374 | } |
| af7ec138 | 11375 | |
| 9e2ad638 | 11376 | BTF_ID_LIST_GLOBAL(btf_sock_ids, MAX_BTF_SOCK_TYPE) |
| bc4f0548 | 11377 | #define BTF_SOCK_TYPE(name, type) BTF_ID(struct, type) |
| af7ec138 YS |
11378 | BTF_SOCK_TYPE_xxx |
| 11379 | #undef BTF_SOCK_TYPE | |
| af7ec138 | 11380 | |
| af7ec138 YS |
11381 | BPF_CALL_1(bpf_skc_to_tcp6_sock, struct sock *, sk) |
| 11382 | { | |
| 11383 | /* tcp6_sock type is not generated in dwarf and hence btf, | |
| 11384 | * trigger an explicit type generation here. | |
| 11385 | */ | |
| 11386 | BTF_TYPE_EMIT(struct tcp6_sock); | |
| 8c33dadc | 11387 | if (sk && sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP && |
| af7ec138 YS |
11388 | sk->sk_family == AF_INET6) |
| 11389 | return (unsigned long)sk; | |
| 11390 | ||
| 11391 | return (unsigned long)NULL; | |
| 11392 | } | |
| 11393 | ||
| 11394 | const struct bpf_func_proto bpf_skc_to_tcp6_sock_proto = { | |
| 11395 | .func = bpf_skc_to_tcp6_sock, | |
| 11396 | .gpl_only = false, | |
| 11397 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 1df8f55a | 11398 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| af7ec138 YS |
11399 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_TCP6], |
| 11400 | }; | |
| 478cfbdf YS |
11401 | |
| 11402 | BPF_CALL_1(bpf_skc_to_tcp_sock, struct sock *, sk) | |
| 11403 | { | |
| 8c33dadc | 11404 | if (sk && sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP) |
| 478cfbdf YS |
11405 | return (unsigned long)sk; |
| 11406 | ||
| 11407 | return (unsigned long)NULL; | |
| 11408 | } | |
| 11409 | ||
| 11410 | const struct bpf_func_proto bpf_skc_to_tcp_sock_proto = { | |
| 11411 | .func = bpf_skc_to_tcp_sock, | |
| 11412 | .gpl_only = false, | |
| 11413 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 1df8f55a | 11414 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| 478cfbdf YS |
11415 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_TCP], |
| 11416 | }; | |
| 11417 | ||
| 11418 | BPF_CALL_1(bpf_skc_to_tcp_timewait_sock, struct sock *, sk) | |
| 11419 | { | |
| d82a532a YS |
11420 | /* BTF types for tcp_timewait_sock and inet_timewait_sock are not |
| 11421 | * generated if CONFIG_INET=n. Trigger an explicit generation here. | |
| 11422 | */ | |
| 11423 | BTF_TYPE_EMIT(struct inet_timewait_sock); | |
| 11424 | BTF_TYPE_EMIT(struct tcp_timewait_sock); | |
| 11425 | ||
| 6b207d66 | 11426 | #ifdef CONFIG_INET |
| 8c33dadc | 11427 | if (sk && sk->sk_prot == &tcp_prot && sk->sk_state == TCP_TIME_WAIT) |
| 478cfbdf | 11428 | return (unsigned long)sk; |
| 6b207d66 | 11429 | #endif |
| 478cfbdf YS |
11430 | |
| 11431 | #if IS_BUILTIN(CONFIG_IPV6) | |
| 8c33dadc | 11432 | if (sk && sk->sk_prot == &tcpv6_prot && sk->sk_state == TCP_TIME_WAIT) |
| 478cfbdf YS |
11433 | return (unsigned long)sk; |
| 11434 | #endif | |
| 11435 | ||
| 11436 | return (unsigned long)NULL; | |
| 11437 | } | |
| 11438 | ||
| 11439 | const struct bpf_func_proto bpf_skc_to_tcp_timewait_sock_proto = { | |
| 11440 | .func = bpf_skc_to_tcp_timewait_sock, | |
| 11441 | .gpl_only = false, | |
| 11442 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 1df8f55a | 11443 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| 478cfbdf YS |
11444 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_TCP_TW], |
| 11445 | }; | |
| 11446 | ||
| 11447 | BPF_CALL_1(bpf_skc_to_tcp_request_sock, struct sock *, sk) | |
| 11448 | { | |
| 6b207d66 | 11449 | #ifdef CONFIG_INET |
| 8c33dadc | 11450 | if (sk && sk->sk_prot == &tcp_prot && sk->sk_state == TCP_NEW_SYN_RECV) |
| 478cfbdf | 11451 | return (unsigned long)sk; |
| 6b207d66 | 11452 | #endif |
| 478cfbdf YS |
11453 | |
| 11454 | #if IS_BUILTIN(CONFIG_IPV6) | |
| 8c33dadc | 11455 | if (sk && sk->sk_prot == &tcpv6_prot && sk->sk_state == TCP_NEW_SYN_RECV) |
| 478cfbdf YS |
11456 | return (unsigned long)sk; |
| 11457 | #endif | |
| 11458 | ||
| 11459 | return (unsigned long)NULL; | |
| 11460 | } | |
| 11461 | ||
| 11462 | const struct bpf_func_proto bpf_skc_to_tcp_request_sock_proto = { | |
| 11463 | .func = bpf_skc_to_tcp_request_sock, | |
| 11464 | .gpl_only = false, | |
| 11465 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 1df8f55a | 11466 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| 478cfbdf YS |
11467 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_TCP_REQ], |
| 11468 | }; | |
| 0d4fad3e YS |
11469 | |
| 11470 | BPF_CALL_1(bpf_skc_to_udp6_sock, struct sock *, sk) | |
| 11471 | { | |
| 11472 | /* udp6_sock type is not generated in dwarf and hence btf, | |
| 11473 | * trigger an explicit type generation here. | |
| 11474 | */ | |
| 11475 | BTF_TYPE_EMIT(struct udp6_sock); | |
| 8c33dadc | 11476 | if (sk && sk_fullsock(sk) && sk->sk_protocol == IPPROTO_UDP && |
| 0d4fad3e YS |
11477 | sk->sk_type == SOCK_DGRAM && sk->sk_family == AF_INET6) |
| 11478 | return (unsigned long)sk; | |
| 11479 | ||
| 11480 | return (unsigned long)NULL; | |
| 11481 | } | |
| 11482 | ||
| 11483 | const struct bpf_func_proto bpf_skc_to_udp6_sock_proto = { | |
| 11484 | .func = bpf_skc_to_udp6_sock, | |
| 11485 | .gpl_only = false, | |
| 11486 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 1df8f55a | 11487 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, |
| 0d4fad3e YS |
11488 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_UDP6], |
| 11489 | }; | |
| 1df8f55a | 11490 | |
| 9eeb3aa3 HC |
11491 | BPF_CALL_1(bpf_skc_to_unix_sock, struct sock *, sk) |
| 11492 | { | |
| 11493 | /* unix_sock type is not generated in dwarf and hence btf, | |
| 11494 | * trigger an explicit type generation here. | |
| 11495 | */ | |
| 11496 | BTF_TYPE_EMIT(struct unix_sock); | |
| 11497 | if (sk && sk_fullsock(sk) && sk->sk_family == AF_UNIX) | |
| 11498 | return (unsigned long)sk; | |
| 11499 | ||
| 11500 | return (unsigned long)NULL; | |
| 11501 | } | |
| 11502 | ||
| 11503 | const struct bpf_func_proto bpf_skc_to_unix_sock_proto = { | |
| 11504 | .func = bpf_skc_to_unix_sock, | |
| 11505 | .gpl_only = false, | |
| 11506 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 11507 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON, | |
| 11508 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_UNIX], | |
| 11509 | }; | |
| 11510 | ||
| 3bc253c2 GT |
11511 | BPF_CALL_1(bpf_skc_to_mptcp_sock, struct sock *, sk) |
| 11512 | { | |
| 11513 | BTF_TYPE_EMIT(struct mptcp_sock); | |
| 11514 | return (unsigned long)bpf_mptcp_sock_from_subflow(sk); | |
| 11515 | } | |
| 11516 | ||
| 11517 | const struct bpf_func_proto bpf_skc_to_mptcp_sock_proto = { | |
| 11518 | .func = bpf_skc_to_mptcp_sock, | |
| 11519 | .gpl_only = false, | |
| 11520 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 11521 | .arg1_type = ARG_PTR_TO_SOCK_COMMON, | |
| 11522 | .ret_btf_id = &btf_sock_ids[BTF_SOCK_TYPE_MPTCP], | |
| 11523 | }; | |
| 11524 | ||
| b60da495 FR |
11525 | BPF_CALL_1(bpf_sock_from_file, struct file *, file) |
| 11526 | { | |
| 11527 | return (unsigned long)sock_from_file(file); | |
| 11528 | } | |
| 11529 | ||
| 11530 | BTF_ID_LIST(bpf_sock_from_file_btf_ids) | |
| 11531 | BTF_ID(struct, socket) | |
| 11532 | BTF_ID(struct, file) | |
| 11533 | ||
| 11534 | const struct bpf_func_proto bpf_sock_from_file_proto = { | |
| 11535 | .func = bpf_sock_from_file, | |
| 11536 | .gpl_only = false, | |
| 11537 | .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, | |
| 11538 | .ret_btf_id = &bpf_sock_from_file_btf_ids[0], | |
| 11539 | .arg1_type = ARG_PTR_TO_BTF_ID, | |
| 11540 | .arg1_btf_id = &bpf_sock_from_file_btf_ids[1], | |
| 11541 | }; | |
| 11542 | ||
| 1df8f55a MKL |
11543 | static const struct bpf_func_proto * |
| 11544 | bpf_sk_base_func_proto(enum bpf_func_id func_id) | |
| 11545 | { | |
| 11546 | const struct bpf_func_proto *func; | |
| 11547 | ||
| 11548 | switch (func_id) { | |
| 11549 | case BPF_FUNC_skc_to_tcp6_sock: | |
| 11550 | func = &bpf_skc_to_tcp6_sock_proto; | |
| 11551 | break; | |
| 11552 | case BPF_FUNC_skc_to_tcp_sock: | |
| 11553 | func = &bpf_skc_to_tcp_sock_proto; | |
| 11554 | break; | |
| 11555 | case BPF_FUNC_skc_to_tcp_timewait_sock: | |
| 11556 | func = &bpf_skc_to_tcp_timewait_sock_proto; | |
| 11557 | break; | |
| 11558 | case BPF_FUNC_skc_to_tcp_request_sock: | |
| 11559 | func = &bpf_skc_to_tcp_request_sock_proto; | |
| 11560 | break; | |
| 11561 | case BPF_FUNC_skc_to_udp6_sock: | |
| 11562 | func = &bpf_skc_to_udp6_sock_proto; | |
| 11563 | break; | |
| 9eeb3aa3 HC |
11564 | case BPF_FUNC_skc_to_unix_sock: |
| 11565 | func = &bpf_skc_to_unix_sock_proto; | |
| 11566 | break; | |
| 3bc253c2 GT |
11567 | case BPF_FUNC_skc_to_mptcp_sock: |
| 11568 | func = &bpf_skc_to_mptcp_sock_proto; | |
| 11569 | break; | |
| 5e0bc308 DB |
11570 | case BPF_FUNC_ktime_get_coarse_ns: |
| 11571 | return &bpf_ktime_get_coarse_ns_proto; | |
| 1df8f55a MKL |
11572 | default: |
| 11573 | return bpf_base_func_proto(func_id); | |
| 11574 | } | |
| 11575 | ||
| 11576 | if (!perfmon_capable()) | |
| 11577 | return NULL; | |
| 11578 | ||
| 11579 | return func; | |
| 11580 | } |