1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
// SPDX-License-Identifier: GPL-2.0
// Copyright (c) 2018 Facebook
#include "vmlinux.h"
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_endian.h>
#include <bpf/bpf_tracing.h>
#define AF_INET6 10
struct socket_cookie {
__u64 cookie_key;
__u32 cookie_value;
};
struct {
__uint(type, BPF_MAP_TYPE_SK_STORAGE);
__uint(map_flags, BPF_F_NO_PREALLOC);
__type(key, int);
__type(value, struct socket_cookie);
} socket_cookies SEC(".maps");
/*
* These three programs get executed in a row on connect() syscalls. The
* userspace side of the test creates a client socket, issues a connect() on it
* and then checks that the local storage associated with this socket has:
* cookie_value == local_port << 8 | 0xFF
* The different parts of this cookie_value are appended by those hooks if they
* all agree on the output of bpf_get_socket_cookie().
*/
SEC("cgroup/connect6")
int set_cookie(struct bpf_sock_addr *ctx)
{
struct socket_cookie *p;
if (ctx->family != AF_INET6 || ctx->user_family != AF_INET6)
return 1;
p = bpf_sk_storage_get(&socket_cookies, ctx->sk, 0,
BPF_SK_STORAGE_GET_F_CREATE);
if (!p)
return 1;
p->cookie_value = 0xF;
p->cookie_key = bpf_get_socket_cookie(ctx);
return 1;
}
SEC("sockops")
int update_cookie_sockops(struct bpf_sock_ops *ctx)
{
struct bpf_sock *sk = ctx->sk;
struct socket_cookie *p;
if (ctx->family != AF_INET6)
return 1;
if (ctx->op != BPF_SOCK_OPS_TCP_CONNECT_CB)
return 1;
if (!sk)
return 1;
p = bpf_sk_storage_get(&socket_cookies, sk, 0, 0);
if (!p)
return 1;
if (p->cookie_key != bpf_get_socket_cookie(ctx))
return 1;
p->cookie_value |= (ctx->local_port << 8);
return 1;
}
SEC("fexit/inet_stream_connect")
int BPF_PROG(update_cookie_tracing, struct socket *sock,
struct sockaddr *uaddr, int addr_len, int flags)
{
struct socket_cookie *p;
if (uaddr->sa_family != AF_INET6)
return 0;
p = bpf_sk_storage_get(&socket_cookies, sock->sk, 0, 0);
if (!p)
return 0;
if (p->cookie_key != bpf_get_socket_cookie(sock->sk))
return 0;
p->cookie_value |= 0xF0;
return 0;
}
char _license[] SEC("license") = "GPL";
|