This repository has been archived by the owner on Dec 7, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathinit_maps.c
199 lines (165 loc) · 4.31 KB
/
init_maps.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
/*-
* GNU GENERAL PUBLIC LICENSE, Version 2
*
* Copyright (C) 2017, 6WIND S.A.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/* This program contains the code needed to initialize an eBPF map, the XFSM
* map, in order to run the token bucket proof-of-concept stateful application.
* The state map starts empty.
*/
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <unistd.h>
#include <asm/unistd.h>
#include <errno.h>
#include <string.h>
#include <linux/bpf.h>
typedef uint8_t u8;
typedef uint16_t u16;
typedef uint32_t u32;
typedef uint64_t u64;
/* Const and struct definitions */
#define IPV4 0x0800
#define IPV6 0x86DD
#define ARP 0x0806
#define TCP 0x06
#define UDP 0x11
enum actions {
DROP = 0,
FORWARD = 1
};
enum states {
ZERO,
ONE,
};
enum updates {
UPDATE_CASE_1,
UPDATE_CASE_2,
UPDATE_CASE_3
};
enum boolean {
TRUE = 1,
FALSE = 2,
ANY = 3,
ERROR = 0,
};
struct StateTableKey {
u16 ether_type;
u16 __padding16;
u32 ip_src;
};
struct StateTableLeaf {
u64 r1;
u64 r2;
int state;
};
struct XFSMTableKey {
int state;
u16 ether_type;
u8 cond1;
u8 cond2;
};
struct XFSMTableLeaf {
int next_state;
int packet_action;
int update_function;
};
/* Some helpers */
int bpf(int cmd, union bpf_attr *attr, unsigned int size)
{
#ifdef __NR_bpf
return syscall(__NR_bpf, cmd, attr, size);
#else
fprintf(stderr, "No bpf syscall, kernel headers too old?\n");
errno = ENOSYS;
return -1;
#endif
}
__u64 bpf_ptr_to_u64(const void *ptr)
{
return (__u64) (unsigned long) ptr;
}
int bpf_update_elem(int fd, void *key, void *value, u64 flags)
{
union bpf_attr attr = {};
attr.map_fd = fd;
attr.key = bpf_ptr_to_u64(key);
attr.value = bpf_ptr_to_u64(value);;
attr.flags = flags;
static int nb = 0;
nb++;
int ret = bpf(BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr));
if (ret < 0) {
fprintf(stderr, "Map update #%d failed: %s\n", nb, strerror(errno));
}
return ret;
}
/* Main function */
int main (void) {
union bpf_attr attr_obj = {};
int map_fd;
struct XFSMTableKey xtkey = {};
struct XFSMTableLeaf xtleaf = {};
// char *stpath = "/sys/fs/bpf/tc/globals/state_table";
char *xtpath = "/sys/fs/bpf/tc/globals/xfsm_table";
/* XFSM table */
attr_obj.map_fd = 0;
attr_obj.pathname = bpf_ptr_to_u64(xtpath);
map_fd = bpf(BPF_OBJ_GET, &attr_obj, sizeof(attr_obj));
if (map_fd <= 0) {
fprintf(stderr, "Getting XFSM map failed: %s\n", strerror(errno));
return -1;
}
xtkey.state = ZERO;
xtkey.ether_type = IPV4;
xtkey.cond1 = TRUE;
xtkey.cond2 = TRUE;
xtleaf.next_state = ONE;
xtleaf.packet_action = FORWARD;
xtleaf.update_function = UPDATE_CASE_2;
if (bpf_update_elem(map_fd, &xtkey, &xtleaf, BPF_ANY))
return -1;
xtkey.state = ONE;
xtkey.ether_type = IPV4;
xtkey.cond1 = TRUE;
xtkey.cond2 = FALSE;
xtleaf.next_state = ONE;
xtleaf.packet_action = FORWARD;
xtleaf.update_function = UPDATE_CASE_2;
if (bpf_update_elem(map_fd, &xtkey, &xtleaf, BPF_ANY))
return -1;
xtkey.state = ONE;
xtkey.ether_type = IPV4;
xtkey.cond1 = TRUE;
xtkey.cond2 = TRUE;
xtleaf.next_state = ONE;
xtleaf.packet_action = FORWARD;
xtleaf.update_function = UPDATE_CASE_1;
if (bpf_update_elem(map_fd, &xtkey, &xtleaf, BPF_ANY))
return -1;
xtkey.state = ONE;
xtkey.ether_type = IPV4;
xtkey.cond1 = FALSE;
xtkey.cond2 = TRUE;
xtleaf.next_state = ONE;
xtleaf.packet_action = DROP;
xtleaf.update_function = UPDATE_CASE_3;
if (bpf_update_elem(map_fd, &xtkey, &xtleaf, BPF_ANY))
return -1;
return 0;
}