1 /* 2 * f_bpf.c BPF-based Classifier 3 * 4 * This program is free software; you can distribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Authors: Daniel Borkmann <dborkman (at) redhat.com> 10 */ 11 12 #include <stdio.h> 13 #include <stdlib.h> 14 15 #include <linux/bpf.h> 16 17 #include "utils.h" 18 #include "tc_util.h" 19 #include "tc_bpf.h" 20 21 static const enum bpf_prog_type bpf_type = BPF_PROG_TYPE_SCHED_CLS; 22 23 static const int nla_tbl[BPF_NLA_MAX] = { 24 [BPF_NLA_OPS_LEN] = TCA_BPF_OPS_LEN, 25 [BPF_NLA_OPS] = TCA_BPF_OPS, 26 [BPF_NLA_FD] = TCA_BPF_FD, 27 [BPF_NLA_NAME] = TCA_BPF_NAME, 28 }; 29 30 static void explain(void) 31 { 32 fprintf(stderr, "Usage: ... bpf ...\n"); 33 fprintf(stderr, "\n"); 34 fprintf(stderr, "BPF use case:\n"); 35 fprintf(stderr, " bytecode BPF_BYTECODE\n"); 36 fprintf(stderr, " bytecode-file FILE\n"); 37 fprintf(stderr, "\n"); 38 fprintf(stderr, "eBPF use case:\n"); 39 fprintf(stderr, " object-file FILE [ section CLS_NAME ] [ export UDS_FILE ]"); 40 fprintf(stderr, " [ verbose ] [ direct-action ]\n"); 41 fprintf(stderr, " object-pinned FILE [ direct-action ]\n"); 42 fprintf(stderr, "\n"); 43 fprintf(stderr, "Common remaining options:\n"); 44 fprintf(stderr, " [ action ACTION_SPEC ]\n"); 45 fprintf(stderr, " [ classid CLASSID ]\n"); 46 fprintf(stderr, "\n"); 47 fprintf(stderr, "Where BPF_BYTECODE := \'s,c t f k,c t f k,c t f k,...\'\n"); 48 fprintf(stderr, "c,t,f,k and s are decimals; s denotes number of 4-tuples\n"); 49 fprintf(stderr, "\n"); 50 fprintf(stderr, "Where FILE points to a file containing the BPF_BYTECODE string,\n"); 51 fprintf(stderr, "an ELF file containing eBPF map definitions and bytecode, or a\n"); 52 fprintf(stderr, "pinned eBPF program.\n"); 53 fprintf(stderr, "\n"); 54 fprintf(stderr, "Where CLS_NAME refers to the section name containing the\n"); 55 fprintf(stderr, "classifier (default \'%s\').\n", bpf_default_section(bpf_type)); 56 fprintf(stderr, "\n"); 57 fprintf(stderr, "Where UDS_FILE points to a unix domain socket file in order\n"); 58 fprintf(stderr, "to hand off control of all created eBPF maps to an agent.\n"); 59 fprintf(stderr, "\n"); 60 fprintf(stderr, "ACTION_SPEC := ... look at individual actions\n"); 61 fprintf(stderr, "NOTE: CLASSID is parsed as hexadecimal input.\n"); 62 } 63 64 static int bpf_parse_opt(struct filter_util *qu, char *handle, 65 int argc, char **argv, struct nlmsghdr *n) 66 { 67 const char *bpf_obj = NULL, *bpf_uds_name = NULL; 68 struct tcmsg *t = NLMSG_DATA(n); 69 unsigned int bpf_flags = 0; 70 bool seen_run = false; 71 struct rtattr *tail; 72 int ret = 0; 73 74 if (argc == 0) 75 return 0; 76 77 if (handle) { 78 if (get_u32(&t->tcm_handle, handle, 0)) { 79 fprintf(stderr, "Illegal \"handle\"\n"); 80 return -1; 81 } 82 } 83 84 tail = (struct rtattr *)(((void *)n) + NLMSG_ALIGN(n->nlmsg_len)); 85 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0); 86 87 while (argc > 0) { 88 if (matches(*argv, "run") == 0) { 89 NEXT_ARG(); 90 opt_bpf: 91 seen_run = true; 92 if (bpf_parse_common(&argc, &argv, nla_tbl, bpf_type, 93 &bpf_obj, &bpf_uds_name, n)) { 94 fprintf(stderr, "Failed to retrieve (e)BPF data!\n"); 95 return -1; 96 } 97 } else if (matches(*argv, "classid") == 0 || 98 matches(*argv, "flowid") == 0) { 99 unsigned int handle; 100 101 NEXT_ARG(); 102 if (get_tc_classid(&handle, *argv)) { 103 fprintf(stderr, "Illegal \"classid\"\n"); 104 return -1; 105 } 106 addattr32(n, MAX_MSG, TCA_BPF_CLASSID, handle); 107 } else if (matches(*argv, "direct-action") == 0 || 108 matches(*argv, "da") == 0) { 109 bpf_flags |= TCA_BPF_FLAG_ACT_DIRECT; 110 } else if (matches(*argv, "action") == 0) { 111 NEXT_ARG(); 112 if (parse_action(&argc, &argv, TCA_BPF_ACT, n)) { 113 fprintf(stderr, "Illegal \"action\"\n"); 114 return -1; 115 } 116 continue; 117 } else if (matches(*argv, "police") == 0) { 118 NEXT_ARG(); 119 if (parse_police(&argc, &argv, TCA_BPF_POLICE, n)) { 120 fprintf(stderr, "Illegal \"police\"\n"); 121 return -1; 122 } 123 continue; 124 } else if (matches(*argv, "help") == 0) { 125 explain(); 126 return -1; 127 } else { 128 if (!seen_run) 129 goto opt_bpf; 130 131 fprintf(stderr, "What is \"%s\"?\n", *argv); 132 explain(); 133 return -1; 134 } 135 136 NEXT_ARG_FWD(); 137 } 138 139 if (bpf_obj && bpf_flags) 140 addattr32(n, MAX_MSG, TCA_BPF_FLAGS, bpf_flags); 141 142 tail->rta_len = (((void *)n) + n->nlmsg_len) - (void *)tail; 143 144 if (bpf_uds_name) 145 ret = bpf_send_map_fds(bpf_uds_name, bpf_obj); 146 147 return ret; 148 } 149 150 static int bpf_print_opt(struct filter_util *qu, FILE *f, 151 struct rtattr *opt, __u32 handle) 152 { 153 struct rtattr *tb[TCA_BPF_MAX + 1]; 154 155 if (opt == NULL) 156 return 0; 157 158 parse_rtattr_nested(tb, TCA_BPF_MAX, opt); 159 160 if (handle) 161 fprintf(f, "handle 0x%x ", handle); 162 163 if (tb[TCA_BPF_CLASSID]) { 164 SPRINT_BUF(b1); 165 fprintf(f, "flowid %s ", 166 sprint_tc_classid(rta_getattr_u32(tb[TCA_BPF_CLASSID]), b1)); 167 } 168 169 if (tb[TCA_BPF_NAME]) 170 fprintf(f, "%s ", rta_getattr_str(tb[TCA_BPF_NAME])); 171 else if (tb[TCA_BPF_FD]) 172 fprintf(f, "pfd %u ", rta_getattr_u32(tb[TCA_BPF_FD])); 173 174 if (tb[TCA_BPF_FLAGS]) { 175 unsigned int flags = rta_getattr_u32(tb[TCA_BPF_FLAGS]); 176 177 if (flags & TCA_BPF_FLAG_ACT_DIRECT) 178 fprintf(f, "direct-action "); 179 } 180 181 if (tb[TCA_BPF_OPS] && tb[TCA_BPF_OPS_LEN]) { 182 bpf_print_ops(f, tb[TCA_BPF_OPS], 183 rta_getattr_u16(tb[TCA_BPF_OPS_LEN])); 184 fprintf(f, "\n"); 185 } 186 187 if (tb[TCA_BPF_POLICE]) { 188 fprintf(f, "\n"); 189 tc_print_police(f, tb[TCA_BPF_POLICE]); 190 } 191 192 if (tb[TCA_BPF_ACT]) { 193 tc_print_action(f, tb[TCA_BPF_ACT]); 194 } 195 196 return 0; 197 } 198 199 struct filter_util bpf_filter_util = { 200 .id = "bpf", 201 .parse_fopt = bpf_parse_opt, 202 .print_fopt = bpf_print_opt, 203 }; 204