1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
2 /* Copyright (c) 2018 Facebook */
3
4 #include <stdlib.h>
5 #include <memory.h>
6 #include <unistd.h>
7 #include <arpa/inet.h>
8 #include <linux/bpf.h>
9 #include <linux/if_ether.h>
10 #include <linux/pkt_cls.h>
11 #include <linux/rtnetlink.h>
12 #include <sys/socket.h>
13 #include <errno.h>
14 #include <time.h>
15
16 #include "bpf.h"
17 #include "libbpf.h"
18 #include "libbpf_internal.h"
19 #include "nlattr.h"
20
21 #ifndef SOL_NETLINK
22 #define SOL_NETLINK 270
23 #endif
24
25 typedef int (*libbpf_dump_nlmsg_t)(void *cookie, void *msg, struct nlattr **tb);
26
27 typedef int (*__dump_nlmsg_t)(struct nlmsghdr *nlmsg, libbpf_dump_nlmsg_t,
28 void *cookie);
29
30 struct xdp_link_info {
31 __u32 prog_id;
32 __u32 drv_prog_id;
33 __u32 hw_prog_id;
34 __u32 skb_prog_id;
35 __u8 attach_mode;
36 };
37
38 struct xdp_id_md {
39 int ifindex;
40 __u32 flags;
41 struct xdp_link_info info;
42 };
43
libbpf_netlink_open(__u32 * nl_pid)44 static int libbpf_netlink_open(__u32 *nl_pid)
45 {
46 struct sockaddr_nl sa;
47 socklen_t addrlen;
48 int one = 1, ret;
49 int sock;
50
51 memset(&sa, 0, sizeof(sa));
52 sa.nl_family = AF_NETLINK;
53
54 sock = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
55 if (sock < 0)
56 return -errno;
57
58 if (setsockopt(sock, SOL_NETLINK, NETLINK_EXT_ACK,
59 &one, sizeof(one)) < 0) {
60 pr_warn("Netlink error reporting not supported\n");
61 }
62
63 if (bind(sock, (struct sockaddr *)&sa, sizeof(sa)) < 0) {
64 ret = -errno;
65 goto cleanup;
66 }
67
68 addrlen = sizeof(sa);
69 if (getsockname(sock, (struct sockaddr *)&sa, &addrlen) < 0) {
70 ret = -errno;
71 goto cleanup;
72 }
73
74 if (addrlen != sizeof(sa)) {
75 ret = -LIBBPF_ERRNO__INTERNAL;
76 goto cleanup;
77 }
78
79 *nl_pid = sa.nl_pid;
80 return sock;
81
82 cleanup:
83 close(sock);
84 return ret;
85 }
86
libbpf_netlink_close(int sock)87 static void libbpf_netlink_close(int sock)
88 {
89 close(sock);
90 }
91
92 enum {
93 NL_CONT,
94 NL_NEXT,
95 NL_DONE,
96 };
97
netlink_recvmsg(int sock,struct msghdr * mhdr,int flags)98 static int netlink_recvmsg(int sock, struct msghdr *mhdr, int flags)
99 {
100 int len;
101
102 do {
103 len = recvmsg(sock, mhdr, flags);
104 } while (len < 0 && (errno == EINTR || errno == EAGAIN));
105
106 if (len < 0)
107 return -errno;
108 return len;
109 }
110
alloc_iov(struct iovec * iov,int len)111 static int alloc_iov(struct iovec *iov, int len)
112 {
113 void *nbuf;
114
115 nbuf = realloc(iov->iov_base, len);
116 if (!nbuf)
117 return -ENOMEM;
118
119 iov->iov_base = nbuf;
120 iov->iov_len = len;
121 return 0;
122 }
123
libbpf_netlink_recv(int sock,__u32 nl_pid,int seq,__dump_nlmsg_t _fn,libbpf_dump_nlmsg_t fn,void * cookie)124 static int libbpf_netlink_recv(int sock, __u32 nl_pid, int seq,
125 __dump_nlmsg_t _fn, libbpf_dump_nlmsg_t fn,
126 void *cookie)
127 {
128 struct iovec iov = {};
129 struct msghdr mhdr = {
130 .msg_iov = &iov,
131 .msg_iovlen = 1,
132 };
133 bool multipart = true;
134 struct nlmsgerr *err;
135 struct nlmsghdr *nh;
136 int len, ret;
137
138 ret = alloc_iov(&iov, 4096);
139 if (ret)
140 goto done;
141
142 while (multipart) {
143 start:
144 multipart = false;
145 len = netlink_recvmsg(sock, &mhdr, MSG_PEEK | MSG_TRUNC);
146 if (len < 0) {
147 ret = len;
148 goto done;
149 }
150
151 if (len > iov.iov_len) {
152 ret = alloc_iov(&iov, len);
153 if (ret)
154 goto done;
155 }
156
157 len = netlink_recvmsg(sock, &mhdr, 0);
158 if (len < 0) {
159 ret = len;
160 goto done;
161 }
162
163 if (len == 0)
164 break;
165
166 for (nh = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(nh, len);
167 nh = NLMSG_NEXT(nh, len)) {
168 if (nh->nlmsg_pid != nl_pid) {
169 ret = -LIBBPF_ERRNO__WRNGPID;
170 goto done;
171 }
172 if (nh->nlmsg_seq != seq) {
173 ret = -LIBBPF_ERRNO__INVSEQ;
174 goto done;
175 }
176 if (nh->nlmsg_flags & NLM_F_MULTI)
177 multipart = true;
178 switch (nh->nlmsg_type) {
179 case NLMSG_ERROR:
180 err = (struct nlmsgerr *)NLMSG_DATA(nh);
181 if (!err->error)
182 continue;
183 ret = err->error;
184 libbpf_nla_dump_errormsg(nh);
185 goto done;
186 case NLMSG_DONE:
187 ret = 0;
188 goto done;
189 default:
190 break;
191 }
192 if (_fn) {
193 ret = _fn(nh, fn, cookie);
194 switch (ret) {
195 case NL_CONT:
196 break;
197 case NL_NEXT:
198 goto start;
199 case NL_DONE:
200 ret = 0;
201 goto done;
202 default:
203 goto done;
204 }
205 }
206 }
207 }
208 ret = 0;
209 done:
210 free(iov.iov_base);
211 return ret;
212 }
213
libbpf_netlink_send_recv(struct libbpf_nla_req * req,__dump_nlmsg_t parse_msg,libbpf_dump_nlmsg_t parse_attr,void * cookie)214 static int libbpf_netlink_send_recv(struct libbpf_nla_req *req,
215 __dump_nlmsg_t parse_msg,
216 libbpf_dump_nlmsg_t parse_attr,
217 void *cookie)
218 {
219 __u32 nl_pid = 0;
220 int sock, ret;
221
222 sock = libbpf_netlink_open(&nl_pid);
223 if (sock < 0)
224 return sock;
225
226 req->nh.nlmsg_pid = 0;
227 req->nh.nlmsg_seq = time(NULL);
228
229 if (send(sock, req, req->nh.nlmsg_len, 0) < 0) {
230 ret = -errno;
231 goto out;
232 }
233
234 ret = libbpf_netlink_recv(sock, nl_pid, req->nh.nlmsg_seq,
235 parse_msg, parse_attr, cookie);
236 out:
237 libbpf_netlink_close(sock);
238 return ret;
239 }
240
__bpf_set_link_xdp_fd_replace(int ifindex,int fd,int old_fd,__u32 flags)241 static int __bpf_set_link_xdp_fd_replace(int ifindex, int fd, int old_fd,
242 __u32 flags)
243 {
244 struct nlattr *nla;
245 int ret;
246 struct libbpf_nla_req req;
247
248 memset(&req, 0, sizeof(req));
249 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
250 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
251 req.nh.nlmsg_type = RTM_SETLINK;
252 req.ifinfo.ifi_family = AF_UNSPEC;
253 req.ifinfo.ifi_index = ifindex;
254
255 nla = nlattr_begin_nested(&req, IFLA_XDP);
256 if (!nla)
257 return -EMSGSIZE;
258 ret = nlattr_add(&req, IFLA_XDP_FD, &fd, sizeof(fd));
259 if (ret < 0)
260 return ret;
261 if (flags) {
262 ret = nlattr_add(&req, IFLA_XDP_FLAGS, &flags, sizeof(flags));
263 if (ret < 0)
264 return ret;
265 }
266 if (flags & XDP_FLAGS_REPLACE) {
267 ret = nlattr_add(&req, IFLA_XDP_EXPECTED_FD, &old_fd,
268 sizeof(old_fd));
269 if (ret < 0)
270 return ret;
271 }
272 nlattr_end_nested(&req, nla);
273
274 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
275 }
276
bpf_xdp_attach(int ifindex,int prog_fd,__u32 flags,const struct bpf_xdp_attach_opts * opts)277 int bpf_xdp_attach(int ifindex, int prog_fd, __u32 flags, const struct bpf_xdp_attach_opts *opts)
278 {
279 int old_prog_fd, err;
280
281 if (!OPTS_VALID(opts, bpf_xdp_attach_opts))
282 return libbpf_err(-EINVAL);
283
284 old_prog_fd = OPTS_GET(opts, old_prog_fd, 0);
285 if (old_prog_fd)
286 flags |= XDP_FLAGS_REPLACE;
287 else
288 old_prog_fd = -1;
289
290 err = __bpf_set_link_xdp_fd_replace(ifindex, prog_fd, old_prog_fd, flags);
291 return libbpf_err(err);
292 }
293
bpf_xdp_detach(int ifindex,__u32 flags,const struct bpf_xdp_attach_opts * opts)294 int bpf_xdp_detach(int ifindex, __u32 flags, const struct bpf_xdp_attach_opts *opts)
295 {
296 return bpf_xdp_attach(ifindex, -1, flags, opts);
297 }
298
__dump_link_nlmsg(struct nlmsghdr * nlh,libbpf_dump_nlmsg_t dump_link_nlmsg,void * cookie)299 static int __dump_link_nlmsg(struct nlmsghdr *nlh,
300 libbpf_dump_nlmsg_t dump_link_nlmsg, void *cookie)
301 {
302 struct nlattr *tb[IFLA_MAX + 1], *attr;
303 struct ifinfomsg *ifi = NLMSG_DATA(nlh);
304 int len;
305
306 len = nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi));
307 attr = (struct nlattr *) ((void *) ifi + NLMSG_ALIGN(sizeof(*ifi)));
308
309 if (libbpf_nla_parse(tb, IFLA_MAX, attr, len, NULL) != 0)
310 return -LIBBPF_ERRNO__NLPARSE;
311
312 return dump_link_nlmsg(cookie, ifi, tb);
313 }
314
get_xdp_info(void * cookie,void * msg,struct nlattr ** tb)315 static int get_xdp_info(void *cookie, void *msg, struct nlattr **tb)
316 {
317 struct nlattr *xdp_tb[IFLA_XDP_MAX + 1];
318 struct xdp_id_md *xdp_id = cookie;
319 struct ifinfomsg *ifinfo = msg;
320 int ret;
321
322 if (xdp_id->ifindex && xdp_id->ifindex != ifinfo->ifi_index)
323 return 0;
324
325 if (!tb[IFLA_XDP])
326 return 0;
327
328 ret = libbpf_nla_parse_nested(xdp_tb, IFLA_XDP_MAX, tb[IFLA_XDP], NULL);
329 if (ret)
330 return ret;
331
332 if (!xdp_tb[IFLA_XDP_ATTACHED])
333 return 0;
334
335 xdp_id->info.attach_mode = libbpf_nla_getattr_u8(
336 xdp_tb[IFLA_XDP_ATTACHED]);
337
338 if (xdp_id->info.attach_mode == XDP_ATTACHED_NONE)
339 return 0;
340
341 if (xdp_tb[IFLA_XDP_PROG_ID])
342 xdp_id->info.prog_id = libbpf_nla_getattr_u32(
343 xdp_tb[IFLA_XDP_PROG_ID]);
344
345 if (xdp_tb[IFLA_XDP_SKB_PROG_ID])
346 xdp_id->info.skb_prog_id = libbpf_nla_getattr_u32(
347 xdp_tb[IFLA_XDP_SKB_PROG_ID]);
348
349 if (xdp_tb[IFLA_XDP_DRV_PROG_ID])
350 xdp_id->info.drv_prog_id = libbpf_nla_getattr_u32(
351 xdp_tb[IFLA_XDP_DRV_PROG_ID]);
352
353 if (xdp_tb[IFLA_XDP_HW_PROG_ID])
354 xdp_id->info.hw_prog_id = libbpf_nla_getattr_u32(
355 xdp_tb[IFLA_XDP_HW_PROG_ID]);
356
357 return 0;
358 }
359
bpf_xdp_query(int ifindex,int xdp_flags,struct bpf_xdp_query_opts * opts)360 int bpf_xdp_query(int ifindex, int xdp_flags, struct bpf_xdp_query_opts *opts)
361 {
362 struct libbpf_nla_req req = {
363 .nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)),
364 .nh.nlmsg_type = RTM_GETLINK,
365 .nh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST,
366 .ifinfo.ifi_family = AF_PACKET,
367 };
368 struct xdp_id_md xdp_id = {};
369 int err;
370
371 if (!OPTS_VALID(opts, bpf_xdp_query_opts))
372 return libbpf_err(-EINVAL);
373
374 if (xdp_flags & ~XDP_FLAGS_MASK)
375 return libbpf_err(-EINVAL);
376
377 /* Check whether the single {HW,DRV,SKB} mode is set */
378 xdp_flags &= XDP_FLAGS_SKB_MODE | XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE;
379 if (xdp_flags & (xdp_flags - 1))
380 return libbpf_err(-EINVAL);
381
382 xdp_id.ifindex = ifindex;
383 xdp_id.flags = xdp_flags;
384
385 err = libbpf_netlink_send_recv(&req, __dump_link_nlmsg,
386 get_xdp_info, &xdp_id);
387 if (err)
388 return libbpf_err(err);
389
390 OPTS_SET(opts, prog_id, xdp_id.info.prog_id);
391 OPTS_SET(opts, drv_prog_id, xdp_id.info.drv_prog_id);
392 OPTS_SET(opts, hw_prog_id, xdp_id.info.hw_prog_id);
393 OPTS_SET(opts, skb_prog_id, xdp_id.info.skb_prog_id);
394 OPTS_SET(opts, attach_mode, xdp_id.info.attach_mode);
395
396 return 0;
397 }
398
bpf_xdp_query_id(int ifindex,int flags,__u32 * prog_id)399 int bpf_xdp_query_id(int ifindex, int flags, __u32 *prog_id)
400 {
401 LIBBPF_OPTS(bpf_xdp_query_opts, opts);
402 int ret;
403
404 ret = bpf_xdp_query(ifindex, flags, &opts);
405 if (ret)
406 return libbpf_err(ret);
407
408 flags &= XDP_FLAGS_MODES;
409
410 if (opts.attach_mode != XDP_ATTACHED_MULTI && !flags)
411 *prog_id = opts.prog_id;
412 else if (flags & XDP_FLAGS_DRV_MODE)
413 *prog_id = opts.drv_prog_id;
414 else if (flags & XDP_FLAGS_HW_MODE)
415 *prog_id = opts.hw_prog_id;
416 else if (flags & XDP_FLAGS_SKB_MODE)
417 *prog_id = opts.skb_prog_id;
418 else
419 *prog_id = 0;
420
421 return 0;
422 }
423
424
425 typedef int (*qdisc_config_t)(struct libbpf_nla_req *req);
426
clsact_config(struct libbpf_nla_req * req)427 static int clsact_config(struct libbpf_nla_req *req)
428 {
429 req->tc.tcm_parent = TC_H_CLSACT;
430 req->tc.tcm_handle = TC_H_MAKE(TC_H_CLSACT, 0);
431
432 return nlattr_add(req, TCA_KIND, "clsact", sizeof("clsact"));
433 }
434
attach_point_to_config(struct bpf_tc_hook * hook,qdisc_config_t * config)435 static int attach_point_to_config(struct bpf_tc_hook *hook,
436 qdisc_config_t *config)
437 {
438 switch (OPTS_GET(hook, attach_point, 0)) {
439 case BPF_TC_INGRESS:
440 case BPF_TC_EGRESS:
441 case BPF_TC_INGRESS | BPF_TC_EGRESS:
442 if (OPTS_GET(hook, parent, 0))
443 return -EINVAL;
444 *config = &clsact_config;
445 return 0;
446 case BPF_TC_CUSTOM:
447 return -EOPNOTSUPP;
448 default:
449 return -EINVAL;
450 }
451 }
452
tc_get_tcm_parent(enum bpf_tc_attach_point attach_point,__u32 * parent)453 static int tc_get_tcm_parent(enum bpf_tc_attach_point attach_point,
454 __u32 *parent)
455 {
456 switch (attach_point) {
457 case BPF_TC_INGRESS:
458 case BPF_TC_EGRESS:
459 if (*parent)
460 return -EINVAL;
461 *parent = TC_H_MAKE(TC_H_CLSACT,
462 attach_point == BPF_TC_INGRESS ?
463 TC_H_MIN_INGRESS : TC_H_MIN_EGRESS);
464 break;
465 case BPF_TC_CUSTOM:
466 if (!*parent)
467 return -EINVAL;
468 break;
469 default:
470 return -EINVAL;
471 }
472 return 0;
473 }
474
tc_qdisc_modify(struct bpf_tc_hook * hook,int cmd,int flags)475 static int tc_qdisc_modify(struct bpf_tc_hook *hook, int cmd, int flags)
476 {
477 qdisc_config_t config;
478 int ret;
479 struct libbpf_nla_req req;
480
481 ret = attach_point_to_config(hook, &config);
482 if (ret < 0)
483 return ret;
484
485 memset(&req, 0, sizeof(req));
486 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
487 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags;
488 req.nh.nlmsg_type = cmd;
489 req.tc.tcm_family = AF_UNSPEC;
490 req.tc.tcm_ifindex = OPTS_GET(hook, ifindex, 0);
491
492 ret = config(&req);
493 if (ret < 0)
494 return ret;
495
496 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
497 }
498
tc_qdisc_create_excl(struct bpf_tc_hook * hook)499 static int tc_qdisc_create_excl(struct bpf_tc_hook *hook)
500 {
501 return tc_qdisc_modify(hook, RTM_NEWQDISC, NLM_F_CREATE | NLM_F_EXCL);
502 }
503
tc_qdisc_delete(struct bpf_tc_hook * hook)504 static int tc_qdisc_delete(struct bpf_tc_hook *hook)
505 {
506 return tc_qdisc_modify(hook, RTM_DELQDISC, 0);
507 }
508
bpf_tc_hook_create(struct bpf_tc_hook * hook)509 int bpf_tc_hook_create(struct bpf_tc_hook *hook)
510 {
511 int ret;
512
513 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) ||
514 OPTS_GET(hook, ifindex, 0) <= 0)
515 return libbpf_err(-EINVAL);
516
517 ret = tc_qdisc_create_excl(hook);
518 return libbpf_err(ret);
519 }
520
521 static int __bpf_tc_detach(const struct bpf_tc_hook *hook,
522 const struct bpf_tc_opts *opts,
523 const bool flush);
524
bpf_tc_hook_destroy(struct bpf_tc_hook * hook)525 int bpf_tc_hook_destroy(struct bpf_tc_hook *hook)
526 {
527 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) ||
528 OPTS_GET(hook, ifindex, 0) <= 0)
529 return libbpf_err(-EINVAL);
530
531 switch (OPTS_GET(hook, attach_point, 0)) {
532 case BPF_TC_INGRESS:
533 case BPF_TC_EGRESS:
534 return libbpf_err(__bpf_tc_detach(hook, NULL, true));
535 case BPF_TC_INGRESS | BPF_TC_EGRESS:
536 return libbpf_err(tc_qdisc_delete(hook));
537 case BPF_TC_CUSTOM:
538 return libbpf_err(-EOPNOTSUPP);
539 default:
540 return libbpf_err(-EINVAL);
541 }
542 }
543
544 struct bpf_cb_ctx {
545 struct bpf_tc_opts *opts;
546 bool processed;
547 };
548
__get_tc_info(void * cookie,struct tcmsg * tc,struct nlattr ** tb,bool unicast)549 static int __get_tc_info(void *cookie, struct tcmsg *tc, struct nlattr **tb,
550 bool unicast)
551 {
552 struct nlattr *tbb[TCA_BPF_MAX + 1];
553 struct bpf_cb_ctx *info = cookie;
554
555 if (!info || !info->opts)
556 return -EINVAL;
557 if (unicast && info->processed)
558 return -EINVAL;
559 if (!tb[TCA_OPTIONS])
560 return NL_CONT;
561
562 libbpf_nla_parse_nested(tbb, TCA_BPF_MAX, tb[TCA_OPTIONS], NULL);
563 if (!tbb[TCA_BPF_ID])
564 return -EINVAL;
565
566 OPTS_SET(info->opts, prog_id, libbpf_nla_getattr_u32(tbb[TCA_BPF_ID]));
567 OPTS_SET(info->opts, handle, tc->tcm_handle);
568 OPTS_SET(info->opts, priority, TC_H_MAJ(tc->tcm_info) >> 16);
569
570 info->processed = true;
571 return unicast ? NL_NEXT : NL_DONE;
572 }
573
get_tc_info(struct nlmsghdr * nh,libbpf_dump_nlmsg_t fn,void * cookie)574 static int get_tc_info(struct nlmsghdr *nh, libbpf_dump_nlmsg_t fn,
575 void *cookie)
576 {
577 struct tcmsg *tc = NLMSG_DATA(nh);
578 struct nlattr *tb[TCA_MAX + 1];
579
580 libbpf_nla_parse(tb, TCA_MAX,
581 (struct nlattr *)((void *)tc + NLMSG_ALIGN(sizeof(*tc))),
582 NLMSG_PAYLOAD(nh, sizeof(*tc)), NULL);
583 if (!tb[TCA_KIND])
584 return NL_CONT;
585 return __get_tc_info(cookie, tc, tb, nh->nlmsg_flags & NLM_F_ECHO);
586 }
587
tc_add_fd_and_name(struct libbpf_nla_req * req,int fd)588 static int tc_add_fd_and_name(struct libbpf_nla_req *req, int fd)
589 {
590 struct bpf_prog_info info;
591 __u32 info_len = sizeof(info);
592 char name[256];
593 int len, ret;
594
595 memset(&info, 0, info_len);
596 ret = bpf_obj_get_info_by_fd(fd, &info, &info_len);
597 if (ret < 0)
598 return ret;
599
600 ret = nlattr_add(req, TCA_BPF_FD, &fd, sizeof(fd));
601 if (ret < 0)
602 return ret;
603 len = snprintf(name, sizeof(name), "%s:[%u]", info.name, info.id);
604 if (len < 0)
605 return -errno;
606 if (len >= sizeof(name))
607 return -ENAMETOOLONG;
608 return nlattr_add(req, TCA_BPF_NAME, name, len + 1);
609 }
610
bpf_tc_attach(const struct bpf_tc_hook * hook,struct bpf_tc_opts * opts)611 int bpf_tc_attach(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts)
612 {
613 __u32 protocol, bpf_flags, handle, priority, parent, prog_id, flags;
614 int ret, ifindex, attach_point, prog_fd;
615 struct bpf_cb_ctx info = {};
616 struct libbpf_nla_req req;
617 struct nlattr *nla;
618
619 if (!hook || !opts ||
620 !OPTS_VALID(hook, bpf_tc_hook) ||
621 !OPTS_VALID(opts, bpf_tc_opts))
622 return libbpf_err(-EINVAL);
623
624 ifindex = OPTS_GET(hook, ifindex, 0);
625 parent = OPTS_GET(hook, parent, 0);
626 attach_point = OPTS_GET(hook, attach_point, 0);
627
628 handle = OPTS_GET(opts, handle, 0);
629 priority = OPTS_GET(opts, priority, 0);
630 prog_fd = OPTS_GET(opts, prog_fd, 0);
631 prog_id = OPTS_GET(opts, prog_id, 0);
632 flags = OPTS_GET(opts, flags, 0);
633
634 if (ifindex <= 0 || !prog_fd || prog_id)
635 return libbpf_err(-EINVAL);
636 if (priority > UINT16_MAX)
637 return libbpf_err(-EINVAL);
638 if (flags & ~BPF_TC_F_REPLACE)
639 return libbpf_err(-EINVAL);
640
641 flags = (flags & BPF_TC_F_REPLACE) ? NLM_F_REPLACE : NLM_F_EXCL;
642 protocol = ETH_P_ALL;
643
644 memset(&req, 0, sizeof(req));
645 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
646 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE |
647 NLM_F_ECHO | flags;
648 req.nh.nlmsg_type = RTM_NEWTFILTER;
649 req.tc.tcm_family = AF_UNSPEC;
650 req.tc.tcm_ifindex = ifindex;
651 req.tc.tcm_handle = handle;
652 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
653
654 ret = tc_get_tcm_parent(attach_point, &parent);
655 if (ret < 0)
656 return libbpf_err(ret);
657 req.tc.tcm_parent = parent;
658
659 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
660 if (ret < 0)
661 return libbpf_err(ret);
662 nla = nlattr_begin_nested(&req, TCA_OPTIONS);
663 if (!nla)
664 return libbpf_err(-EMSGSIZE);
665 ret = tc_add_fd_and_name(&req, prog_fd);
666 if (ret < 0)
667 return libbpf_err(ret);
668 bpf_flags = TCA_BPF_FLAG_ACT_DIRECT;
669 ret = nlattr_add(&req, TCA_BPF_FLAGS, &bpf_flags, sizeof(bpf_flags));
670 if (ret < 0)
671 return libbpf_err(ret);
672 nlattr_end_nested(&req, nla);
673
674 info.opts = opts;
675
676 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info);
677 if (ret < 0)
678 return libbpf_err(ret);
679 if (!info.processed)
680 return libbpf_err(-ENOENT);
681 return ret;
682 }
683
__bpf_tc_detach(const struct bpf_tc_hook * hook,const struct bpf_tc_opts * opts,const bool flush)684 static int __bpf_tc_detach(const struct bpf_tc_hook *hook,
685 const struct bpf_tc_opts *opts,
686 const bool flush)
687 {
688 __u32 protocol = 0, handle, priority, parent, prog_id, flags;
689 int ret, ifindex, attach_point, prog_fd;
690 struct libbpf_nla_req req;
691
692 if (!hook ||
693 !OPTS_VALID(hook, bpf_tc_hook) ||
694 !OPTS_VALID(opts, bpf_tc_opts))
695 return -EINVAL;
696
697 ifindex = OPTS_GET(hook, ifindex, 0);
698 parent = OPTS_GET(hook, parent, 0);
699 attach_point = OPTS_GET(hook, attach_point, 0);
700
701 handle = OPTS_GET(opts, handle, 0);
702 priority = OPTS_GET(opts, priority, 0);
703 prog_fd = OPTS_GET(opts, prog_fd, 0);
704 prog_id = OPTS_GET(opts, prog_id, 0);
705 flags = OPTS_GET(opts, flags, 0);
706
707 if (ifindex <= 0 || flags || prog_fd || prog_id)
708 return -EINVAL;
709 if (priority > UINT16_MAX)
710 return -EINVAL;
711 if (!flush) {
712 if (!handle || !priority)
713 return -EINVAL;
714 protocol = ETH_P_ALL;
715 } else {
716 if (handle || priority)
717 return -EINVAL;
718 }
719
720 memset(&req, 0, sizeof(req));
721 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
722 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
723 req.nh.nlmsg_type = RTM_DELTFILTER;
724 req.tc.tcm_family = AF_UNSPEC;
725 req.tc.tcm_ifindex = ifindex;
726 if (!flush) {
727 req.tc.tcm_handle = handle;
728 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
729 }
730
731 ret = tc_get_tcm_parent(attach_point, &parent);
732 if (ret < 0)
733 return ret;
734 req.tc.tcm_parent = parent;
735
736 if (!flush) {
737 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
738 if (ret < 0)
739 return ret;
740 }
741
742 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
743 }
744
bpf_tc_detach(const struct bpf_tc_hook * hook,const struct bpf_tc_opts * opts)745 int bpf_tc_detach(const struct bpf_tc_hook *hook,
746 const struct bpf_tc_opts *opts)
747 {
748 int ret;
749
750 if (!opts)
751 return libbpf_err(-EINVAL);
752
753 ret = __bpf_tc_detach(hook, opts, false);
754 return libbpf_err(ret);
755 }
756
bpf_tc_query(const struct bpf_tc_hook * hook,struct bpf_tc_opts * opts)757 int bpf_tc_query(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts)
758 {
759 __u32 protocol, handle, priority, parent, prog_id, flags;
760 int ret, ifindex, attach_point, prog_fd;
761 struct bpf_cb_ctx info = {};
762 struct libbpf_nla_req req;
763
764 if (!hook || !opts ||
765 !OPTS_VALID(hook, bpf_tc_hook) ||
766 !OPTS_VALID(opts, bpf_tc_opts))
767 return libbpf_err(-EINVAL);
768
769 ifindex = OPTS_GET(hook, ifindex, 0);
770 parent = OPTS_GET(hook, parent, 0);
771 attach_point = OPTS_GET(hook, attach_point, 0);
772
773 handle = OPTS_GET(opts, handle, 0);
774 priority = OPTS_GET(opts, priority, 0);
775 prog_fd = OPTS_GET(opts, prog_fd, 0);
776 prog_id = OPTS_GET(opts, prog_id, 0);
777 flags = OPTS_GET(opts, flags, 0);
778
779 if (ifindex <= 0 || flags || prog_fd || prog_id ||
780 !handle || !priority)
781 return libbpf_err(-EINVAL);
782 if (priority > UINT16_MAX)
783 return libbpf_err(-EINVAL);
784
785 protocol = ETH_P_ALL;
786
787 memset(&req, 0, sizeof(req));
788 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
789 req.nh.nlmsg_flags = NLM_F_REQUEST;
790 req.nh.nlmsg_type = RTM_GETTFILTER;
791 req.tc.tcm_family = AF_UNSPEC;
792 req.tc.tcm_ifindex = ifindex;
793 req.tc.tcm_handle = handle;
794 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
795
796 ret = tc_get_tcm_parent(attach_point, &parent);
797 if (ret < 0)
798 return libbpf_err(ret);
799 req.tc.tcm_parent = parent;
800
801 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
802 if (ret < 0)
803 return libbpf_err(ret);
804
805 info.opts = opts;
806
807 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info);
808 if (ret < 0)
809 return libbpf_err(ret);
810 if (!info.processed)
811 return libbpf_err(-ENOENT);
812 return ret;
813 }
814