Commit 85bf1f51 authored by Lorenzo Bianconi's avatar Lorenzo Bianconi Committed by Andrii Nakryiko

samples: bpf: Convert xdp_router_ipv4 to XDP samples helper

Rely on the libbpf skeleton facility and other utilities provided by XDP
sample helpers in xdp_router_ipv4 sample.
Signed-off-by: default avatarLorenzo Bianconi <lorenzo@kernel.org>
Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/7f4d98ee2c13c04d5eb924eebf79ced32fee8418.1647414711.git.lorenzo@kernel.org
parent 66df0fdb
...@@ -96,7 +96,6 @@ test_cgrp2_sock2-objs := test_cgrp2_sock2.o ...@@ -96,7 +96,6 @@ test_cgrp2_sock2-objs := test_cgrp2_sock2.o
xdp1-objs := xdp1_user.o xdp1-objs := xdp1_user.o
# reuse xdp1 source intentionally # reuse xdp1 source intentionally
xdp2-objs := xdp1_user.o xdp2-objs := xdp1_user.o
xdp_router_ipv4-objs := xdp_router_ipv4_user.o
test_current_task_under_cgroup-objs := $(CGROUP_HELPERS) \ test_current_task_under_cgroup-objs := $(CGROUP_HELPERS) \
test_current_task_under_cgroup_user.o test_current_task_under_cgroup_user.o
trace_event-objs := trace_event_user.o $(TRACE_HELPERS) trace_event-objs := trace_event_user.o $(TRACE_HELPERS)
...@@ -124,6 +123,7 @@ xdp_redirect_cpu-objs := xdp_redirect_cpu_user.o $(XDP_SAMPLE) ...@@ -124,6 +123,7 @@ xdp_redirect_cpu-objs := xdp_redirect_cpu_user.o $(XDP_SAMPLE)
xdp_redirect_map-objs := xdp_redirect_map_user.o $(XDP_SAMPLE) xdp_redirect_map-objs := xdp_redirect_map_user.o $(XDP_SAMPLE)
xdp_redirect-objs := xdp_redirect_user.o $(XDP_SAMPLE) xdp_redirect-objs := xdp_redirect_user.o $(XDP_SAMPLE)
xdp_monitor-objs := xdp_monitor_user.o $(XDP_SAMPLE) xdp_monitor-objs := xdp_monitor_user.o $(XDP_SAMPLE)
xdp_router_ipv4-objs := xdp_router_ipv4_user.o $(XDP_SAMPLE)
# Tell kbuild to always build the programs # Tell kbuild to always build the programs
always-y := $(tprogs-y) always-y := $(tprogs-y)
...@@ -153,7 +153,6 @@ always-y += parse_varlen.o parse_simple.o parse_ldabs.o ...@@ -153,7 +153,6 @@ always-y += parse_varlen.o parse_simple.o parse_ldabs.o
always-y += test_cgrp2_tc_kern.o always-y += test_cgrp2_tc_kern.o
always-y += xdp1_kern.o always-y += xdp1_kern.o
always-y += xdp2_kern.o always-y += xdp2_kern.o
always-y += xdp_router_ipv4_kern.o
always-y += test_current_task_under_cgroup_kern.o always-y += test_current_task_under_cgroup_kern.o
always-y += trace_event_kern.o always-y += trace_event_kern.o
always-y += sampleip_kern.o always-y += sampleip_kern.o
...@@ -342,6 +341,7 @@ $(obj)/xdp_redirect_map_multi_user.o: $(obj)/xdp_redirect_map_multi.skel.h ...@@ -342,6 +341,7 @@ $(obj)/xdp_redirect_map_multi_user.o: $(obj)/xdp_redirect_map_multi.skel.h
$(obj)/xdp_redirect_map_user.o: $(obj)/xdp_redirect_map.skel.h $(obj)/xdp_redirect_map_user.o: $(obj)/xdp_redirect_map.skel.h
$(obj)/xdp_redirect_user.o: $(obj)/xdp_redirect.skel.h $(obj)/xdp_redirect_user.o: $(obj)/xdp_redirect.skel.h
$(obj)/xdp_monitor_user.o: $(obj)/xdp_monitor.skel.h $(obj)/xdp_monitor_user.o: $(obj)/xdp_monitor.skel.h
$(obj)/xdp_router_ipv4_user.o: $(obj)/xdp_router_ipv4.skel.h
$(obj)/tracex5_kern.o: $(obj)/syscall_nrs.h $(obj)/tracex5_kern.o: $(obj)/syscall_nrs.h
$(obj)/hbm_out_kern.o: $(src)/hbm.h $(src)/hbm_kern.h $(obj)/hbm_out_kern.o: $(src)/hbm.h $(src)/hbm_kern.h
...@@ -399,6 +399,7 @@ $(obj)/xdp_redirect_map_multi.bpf.o: $(obj)/xdp_sample.bpf.o ...@@ -399,6 +399,7 @@ $(obj)/xdp_redirect_map_multi.bpf.o: $(obj)/xdp_sample.bpf.o
$(obj)/xdp_redirect_map.bpf.o: $(obj)/xdp_sample.bpf.o $(obj)/xdp_redirect_map.bpf.o: $(obj)/xdp_sample.bpf.o
$(obj)/xdp_redirect.bpf.o: $(obj)/xdp_sample.bpf.o $(obj)/xdp_redirect.bpf.o: $(obj)/xdp_sample.bpf.o
$(obj)/xdp_monitor.bpf.o: $(obj)/xdp_sample.bpf.o $(obj)/xdp_monitor.bpf.o: $(obj)/xdp_sample.bpf.o
$(obj)/xdp_router_ipv4.bpf.o: $(obj)/xdp_sample.bpf.o
$(obj)/%.bpf.o: $(src)/%.bpf.c $(obj)/vmlinux.h $(src)/xdp_sample.bpf.h $(src)/xdp_sample_shared.h $(obj)/%.bpf.o: $(src)/%.bpf.c $(obj)/vmlinux.h $(src)/xdp_sample.bpf.h $(src)/xdp_sample_shared.h
@echo " CLANG-BPF " $@ @echo " CLANG-BPF " $@
...@@ -409,7 +410,8 @@ $(obj)/%.bpf.o: $(src)/%.bpf.c $(obj)/vmlinux.h $(src)/xdp_sample.bpf.h $(src)/x ...@@ -409,7 +410,8 @@ $(obj)/%.bpf.o: $(src)/%.bpf.c $(obj)/vmlinux.h $(src)/xdp_sample.bpf.h $(src)/x
-c $(filter %.bpf.c,$^) -o $@ -c $(filter %.bpf.c,$^) -o $@
LINKED_SKELS := xdp_redirect_cpu.skel.h xdp_redirect_map_multi.skel.h \ LINKED_SKELS := xdp_redirect_cpu.skel.h xdp_redirect_map_multi.skel.h \
xdp_redirect_map.skel.h xdp_redirect.skel.h xdp_monitor.skel.h xdp_redirect_map.skel.h xdp_redirect.skel.h xdp_monitor.skel.h \
xdp_router_ipv4.skel.h
clean-files += $(LINKED_SKELS) clean-files += $(LINKED_SKELS)
xdp_redirect_cpu.skel.h-deps := xdp_redirect_cpu.bpf.o xdp_sample.bpf.o xdp_redirect_cpu.skel.h-deps := xdp_redirect_cpu.bpf.o xdp_sample.bpf.o
...@@ -417,6 +419,7 @@ xdp_redirect_map_multi.skel.h-deps := xdp_redirect_map_multi.bpf.o xdp_sample.bp ...@@ -417,6 +419,7 @@ xdp_redirect_map_multi.skel.h-deps := xdp_redirect_map_multi.bpf.o xdp_sample.bp
xdp_redirect_map.skel.h-deps := xdp_redirect_map.bpf.o xdp_sample.bpf.o xdp_redirect_map.skel.h-deps := xdp_redirect_map.bpf.o xdp_sample.bpf.o
xdp_redirect.skel.h-deps := xdp_redirect.bpf.o xdp_sample.bpf.o xdp_redirect.skel.h-deps := xdp_redirect.bpf.o xdp_sample.bpf.o
xdp_monitor.skel.h-deps := xdp_monitor.bpf.o xdp_sample.bpf.o xdp_monitor.skel.h-deps := xdp_monitor.bpf.o xdp_sample.bpf.o
xdp_router_ipv4.skel.h-deps := xdp_router_ipv4.bpf.o xdp_sample.bpf.o
LINKED_BPF_SRCS := $(patsubst %.bpf.o,%.bpf.c,$(foreach skel,$(LINKED_SKELS),$($(skel)-deps))) LINKED_BPF_SRCS := $(patsubst %.bpf.o,%.bpf.c,$(foreach skel,$(LINKED_SKELS),$($(skel)-deps)))
......
...@@ -4,17 +4,14 @@ ...@@ -4,17 +4,14 @@
* under the terms of version 2 of the GNU General Public License * under the terms of version 2 of the GNU General Public License
* as published by the Free Software Foundation. * as published by the Free Software Foundation.
*/ */
#define KBUILD_MODNAME "foo"
#include <uapi/linux/bpf.h> #include "vmlinux.h"
#include <linux/in.h> #include "xdp_sample.bpf.h"
#include <linux/if_ether.h> #include "xdp_sample_shared.h"
#include <linux/if_packet.h>
#include <linux/if_vlan.h> #define ETH_ALEN 6
#include <linux/ip.h> #define ETH_P_8021Q 0x8100
#include <linux/ipv6.h> #define ETH_P_8021AD 0x88A8
#include <bpf/bpf_helpers.h>
#include <linux/slab.h>
#include <net/ip_fib.h>
struct trie_value { struct trie_value {
__u8 prefix[4]; __u8 prefix[4];
...@@ -24,7 +21,7 @@ struct trie_value { ...@@ -24,7 +21,7 @@ struct trie_value {
__be32 gw; __be32 gw;
}; };
/* Key for lpm_trie*/ /* Key for lpm_trie */
union key_4 { union key_4 {
u32 b32[2]; u32 b32[2];
u8 b8[8]; u8 b8[8];
...@@ -41,7 +38,7 @@ struct direct_map { ...@@ -41,7 +38,7 @@ struct direct_map {
__be64 mac; __be64 mac;
}; };
/* Map for trie implementation*/ /* Map for trie implementation */
struct { struct {
__uint(type, BPF_MAP_TYPE_LPM_TRIE); __uint(type, BPF_MAP_TYPE_LPM_TRIE);
__uint(key_size, 8); __uint(key_size, 8);
...@@ -50,15 +47,7 @@ struct { ...@@ -50,15 +47,7 @@ struct {
__uint(map_flags, BPF_F_NO_PREALLOC); __uint(map_flags, BPF_F_NO_PREALLOC);
} lpm_map SEC(".maps"); } lpm_map SEC(".maps");
/* Map for counter*/ /* Map for ARP table */
struct {
__uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
__type(key, u32);
__type(value, u64);
__uint(max_entries, 256);
} rxcnt SEC(".maps");
/* Map for ARP table*/
struct { struct {
__uint(type, BPF_MAP_TYPE_HASH); __uint(type, BPF_MAP_TYPE_HASH);
__type(key, __be32); __type(key, __be32);
...@@ -66,7 +55,7 @@ struct { ...@@ -66,7 +55,7 @@ struct {
__uint(max_entries, 50); __uint(max_entries, 50);
} arp_table SEC(".maps"); } arp_table SEC(".maps");
/* Map to keep the exact match entries in the route table*/ /* Map to keep the exact match entries in the route table */
struct { struct {
__uint(type, BPF_MAP_TYPE_HASH); __uint(type, BPF_MAP_TYPE_HASH);
__type(key, __be32); __type(key, __be32);
...@@ -81,106 +70,111 @@ struct { ...@@ -81,106 +70,111 @@ struct {
__uint(max_entries, 100); __uint(max_entries, 100);
} tx_port SEC(".maps"); } tx_port SEC(".maps");
/* Function to set source and destination mac of the packet */ SEC("xdp")
static inline void set_src_dst_mac(void *data, void *src, void *dst)
{
unsigned short *source = src;
unsigned short *dest = dst;
unsigned short *p = data;
__builtin_memcpy(p, dest, 6);
__builtin_memcpy(p + 3, source, 6);
}
/* Parse IPV4 packet to get SRC, DST IP and protocol */
static inline int parse_ipv4(void *data, u64 nh_off, void *data_end,
__be32 *src, __be32 *dest)
{
struct iphdr *iph = data + nh_off;
if (iph + 1 > data_end)
return 0;
*src = iph->saddr;
*dest = iph->daddr;
return iph->protocol;
}
SEC("xdp_router_ipv4")
int xdp_router_ipv4_prog(struct xdp_md *ctx) int xdp_router_ipv4_prog(struct xdp_md *ctx)
{ {
void *data_end = (void *)(long)ctx->data_end; void *data_end = (void *)(long)ctx->data_end;
__be64 *dest_mac = NULL, *src_mac = NULL;
void *data = (void *)(long)ctx->data; void *data = (void *)(long)ctx->data;
struct trie_value *prefix_value;
int rc = XDP_DROP, forward_to;
struct ethhdr *eth = data; struct ethhdr *eth = data;
union key_4 key4; u64 nh_off = sizeof(*eth);
long *value; struct datarec *rec;
u16 h_proto; __be16 h_proto;
u32 ipproto; u32 key = 0;
u64 nh_off;
rec = bpf_map_lookup_elem(&rx_cnt, &key);
if (rec)
NO_TEAR_INC(rec->processed);
nh_off = sizeof(*eth);
if (data + nh_off > data_end) if (data + nh_off > data_end)
return rc; goto drop;
h_proto = eth->h_proto; h_proto = eth->h_proto;
if (h_proto == bpf_htons(ETH_P_8021Q) ||
if (h_proto == htons(ETH_P_8021Q) || h_proto == htons(ETH_P_8021AD)) { h_proto == bpf_htons(ETH_P_8021AD)) {
struct vlan_hdr *vhdr; struct vlan_hdr *vhdr;
vhdr = data + nh_off; vhdr = data + nh_off;
nh_off += sizeof(struct vlan_hdr); nh_off += sizeof(struct vlan_hdr);
if (data + nh_off > data_end) if (data + nh_off > data_end)
return rc; goto drop;
h_proto = vhdr->h_vlan_encapsulated_proto; h_proto = vhdr->h_vlan_encapsulated_proto;
} }
if (h_proto == htons(ETH_P_ARP)) {
switch (bpf_ntohs(h_proto)) {
case ETH_P_ARP:
if (rec)
NO_TEAR_INC(rec->xdp_pass);
return XDP_PASS; return XDP_PASS;
} else if (h_proto == htons(ETH_P_IP)) { case ETH_P_IP: {
struct iphdr *iph = data + nh_off;
struct direct_map *direct_entry; struct direct_map *direct_entry;
__be32 src_ip = 0, dest_ip = 0; __be64 *dest_mac, *src_mac;
int forward_to;
ipproto = parse_ipv4(data, nh_off, data_end, &src_ip, &dest_ip); if (iph + 1 > data_end)
direct_entry = bpf_map_lookup_elem(&exact_match, &dest_ip); goto drop;
/* Check for exact match, this would give a faster lookup*/
if (direct_entry && direct_entry->mac && direct_entry->arp.mac) { direct_entry = bpf_map_lookup_elem(&exact_match, &iph->daddr);
/* Check for exact match, this would give a faster lookup */
if (direct_entry && direct_entry->mac &&
direct_entry->arp.mac) {
src_mac = &direct_entry->mac; src_mac = &direct_entry->mac;
dest_mac = &direct_entry->arp.mac; dest_mac = &direct_entry->arp.mac;
forward_to = direct_entry->ifindex; forward_to = direct_entry->ifindex;
} else { } else {
/* Look up in the trie for lpm*/ struct trie_value *prefix_value;
union key_4 key4;
/* Look up in the trie for lpm */
key4.b32[0] = 32; key4.b32[0] = 32;
key4.b8[4] = dest_ip & 0xff; key4.b8[4] = iph->daddr & 0xff;
key4.b8[5] = (dest_ip >> 8) & 0xff; key4.b8[5] = (iph->daddr >> 8) & 0xff;
key4.b8[6] = (dest_ip >> 16) & 0xff; key4.b8[6] = (iph->daddr >> 16) & 0xff;
key4.b8[7] = (dest_ip >> 24) & 0xff; key4.b8[7] = (iph->daddr >> 24) & 0xff;
prefix_value = bpf_map_lookup_elem(&lpm_map, &key4); prefix_value = bpf_map_lookup_elem(&lpm_map, &key4);
if (!prefix_value) if (!prefix_value)
return XDP_DROP; goto drop;
forward_to = prefix_value->ifindex;
src_mac = &prefix_value->value; src_mac = &prefix_value->value;
if (!src_mac) if (!src_mac)
return XDP_DROP; goto drop;
dest_mac = bpf_map_lookup_elem(&arp_table, &dest_ip);
dest_mac = bpf_map_lookup_elem(&arp_table, &iph->daddr);
if (!dest_mac) { if (!dest_mac) {
if (!prefix_value->gw) if (!prefix_value->gw)
return XDP_DROP; goto drop;
dest_ip = prefix_value->gw;
dest_mac = bpf_map_lookup_elem(&arp_table, &dest_ip); dest_mac = bpf_map_lookup_elem(&arp_table,
&prefix_value->gw);
}
}
if (src_mac && dest_mac) {
int ret;
__builtin_memcpy(eth->h_dest, dest_mac, ETH_ALEN);
__builtin_memcpy(eth->h_source, src_mac, ETH_ALEN);
ret = bpf_redirect_map(&tx_port, forward_to, 0);
if (ret == XDP_REDIRECT) {
if (rec)
NO_TEAR_INC(rec->xdp_redirect);
return ret;
} }
forward_to = prefix_value->ifindex;
} }
} else {
ipproto = 0;
} }
if (src_mac && dest_mac) { default:
set_src_dst_mac(data, src_mac, dest_mac); break;
value = bpf_map_lookup_elem(&rxcnt, &ipproto);
if (value)
*value += 1;
return bpf_redirect_map(&tx_port, forward_to, 0);
} }
return rc; drop:
if (rec)
NO_TEAR_INC(rec->xdp_drop);
return XDP_DROP;
} }
char _license[] SEC("license") = "GPL"; char _license[] SEC("license") = "GPL";
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment