LXR linux/tools/testing/selftests/bpf/progs/test_pkt

   1// SPDX-License-Identifier: GPL-2.0-only
   2/* Copyright (c) 2017 Facebook
   3 */
   4#include <stddef.h>
   5#include <string.h>
   6#include <linux/bpf.h>
   7#include <linux/if_ether.h>
   8#include <linux/if_packet.h>
   9#include <linux/ip.h>
  10#include <linux/ipv6.h>
  11#include <linux/in.h>
  12#include <linux/tcp.h>
  13#include <linux/pkt_cls.h>
  14#include <bpf/bpf_helpers.h>
  15#include <bpf/bpf_endian.h>
  16
  17#define barrier() __asm__ __volatile__("": : :"memory")
  18int _version SEC("version") = 1;
  19
  20/* llvm will optimize both subprograms into exactly the same BPF assembly
  21 *
  22 * Disassembly of section .text:
  23 *
  24 * 0000000000000000 test_pkt_access_subprog1:
  25 * ;    return skb->len * 2;
  26 *        0:    61 10 00 00 00 00 00 00 r0 = *(u32 *)(r1 + 0)
  27 *        1:    64 00 00 00 01 00 00 00 w0 <<= 1
  28 *        2:    95 00 00 00 00 00 00 00 exit
  29 *
  30 * 0000000000000018 test_pkt_access_subprog2:
  31 * ;    return skb->len * val;
  32 *        3:    61 10 00 00 00 00 00 00 r0 = *(u32 *)(r1 + 0)
  33 *        4:    64 00 00 00 01 00 00 00 w0 <<= 1
  34 *        5:    95 00 00 00 00 00 00 00 exit
  35 *
  36 * Which makes it an interesting test for BTF-enabled verifier.
  37 */
  38static __attribute__ ((noinline))
  39int test_pkt_access_subprog1(volatile struct __sk_buff *skb)
  40{
  41        return skb->len * 2;
  42}
  43
  44static __attribute__ ((noinline))
  45int test_pkt_access_subprog2(int val, volatile struct __sk_buff *skb)
  46{
  47        return skb->len * val;
  48}
  49
  50#define MAX_STACK (512 - 2 * 32)
  51
  52__attribute__ ((noinline))
  53int get_skb_len(struct __sk_buff *skb)
  54{
  55        volatile char buf[MAX_STACK] = {};
  56
  57        return skb->len;
  58}
  59
  60__attribute__ ((noinline))
  61int get_constant(long val)
  62{
  63        return val - 122;
  64}
  65
  66int get_skb_ifindex(int, struct __sk_buff *skb, int);
  67
  68__attribute__ ((noinline))
  69int test_pkt_access_subprog3(int val, struct __sk_buff *skb)
  70{
  71        return get_skb_len(skb) * get_skb_ifindex(val, skb, get_constant(123));
  72}
  73
  74__attribute__ ((noinline))
  75int get_skb_ifindex(int val, struct __sk_buff *skb, int var)
  76{
  77        volatile char buf[MAX_STACK] = {};
  78
  79        return skb->ifindex * val * var;
  80}
  81
  82__attribute__ ((noinline))
  83int test_pkt_write_access_subprog(struct __sk_buff *skb, __u32 off)
  84{
  85        void *data = (void *)(long)skb->data;
  86        void *data_end = (void *)(long)skb->data_end;
  87        struct tcphdr *tcp = NULL;
  88
  89        if (off > sizeof(struct ethhdr) + sizeof(struct ipv6hdr))
  90                return -1;
  91
  92        tcp = data + off;
  93        if (tcp + 1 > data_end)
  94                return -1;
  95        /* make modification to the packet data */
  96        tcp->check++;
  97        return 0;
  98}
  99
 100SEC("classifier/test_pkt_access")
 101int test_pkt_access(struct __sk_buff *skb)
 102{
 103        void *data_end = (void *)(long)skb->data_end;
 104        void *data = (void *)(long)skb->data;
 105        struct ethhdr *eth = (struct ethhdr *)(data);
 106        struct tcphdr *tcp = NULL;
 107        __u8 proto = 255;
 108        __u64 ihl_len;
 109
 110        if (eth + 1 > data_end)
 111                return TC_ACT_SHOT;
 112
 113        if (eth->h_proto == bpf_htons(ETH_P_IP)) {
 114                struct iphdr *iph = (struct iphdr *)(eth + 1);
 115
 116                if (iph + 1 > data_end)
 117                        return TC_ACT_SHOT;
 118                ihl_len = iph->ihl * 4;
 119                proto = iph->protocol;
 120                tcp = (struct tcphdr *)((void *)(iph) + ihl_len);
 121        } else if (eth->h_proto == bpf_htons(ETH_P_IPV6)) {
 122                struct ipv6hdr *ip6h = (struct ipv6hdr *)(eth + 1);
 123
 124                if (ip6h + 1 > data_end)
 125                        return TC_ACT_SHOT;
 126                ihl_len = sizeof(*ip6h);
 127                proto = ip6h->nexthdr;
 128                tcp = (struct tcphdr *)((void *)(ip6h) + ihl_len);
 129        }
 130
 131        if (test_pkt_access_subprog1(skb) != skb->len * 2)
 132                return TC_ACT_SHOT;
 133        if (test_pkt_access_subprog2(2, skb) != skb->len * 2)
 134                return TC_ACT_SHOT;
 135        if (test_pkt_access_subprog3(3, skb) != skb->len * 3 * skb->ifindex)
 136                return TC_ACT_SHOT;
 137        if (tcp) {
 138                if (test_pkt_write_access_subprog(skb, (void *)tcp - data))
 139                        return TC_ACT_SHOT;
 140                if (((void *)(tcp) + 20) > data_end || proto != 6)
 141                        return TC_ACT_SHOT;
 142                barrier(); /* to force ordering of checks */
 143                if (((void *)(tcp) + 18) > data_end)
 144                        return TC_ACT_SHOT;
 145                if (tcp->urg_ptr == 123)
 146                        return TC_ACT_OK;
 147        }
 148
 149        return TC_ACT_UNSPEC;
 150}
 151