tools/testing/selftests/bpf/progs/test_tc_edt.c - linux - Git at Google

 // SPDX-License-Identifier: GPL-2.0
 #include <stdint.h>
 #include <linux/bpf.h>
 #include <linux/if_ether.h>
 #include <linux/stddef.h>
 #include <linux/in.h>
 #include <linux/ip.h>
 #include <linux/pkt_cls.h>
 #include <linux/tcp.h>
 #include <bpf/bpf_helpers.h>
 #include <bpf/bpf_endian.h>

 /* the maximum delay we are willing to add (drop packets beyond that) */
 #define TIME_HORIZON_NS (2000 * 1000 * 1000)
 #define NS_PER_SEC 1000000000
 #define ECN_HORIZON_NS 5000000
 #define THROTTLE_RATE_BPS (5 * 1000 * 1000)

 /* flow_key => last_tstamp timestamp used */
 struct {
 	__uint(type, BPF_MAP_TYPE_HASH);
 	__type(key, uint32_t);
 	__type(value, uint64_t);
 	__uint(max_entries, 1);
 } flow_map SEC(".maps");

 static inline int throttle_flow(struct __sk_buff *skb)
 {
 	int key = 0;
 	uint64_t *last_tstamp = bpf_map_lookup_elem(&flow_map, &key);
 	uint64_t delay_ns = ((uint64_t)skb->len) * NS_PER_SEC /
 			THROTTLE_RATE_BPS;
 	uint64_t now = bpf_ktime_get_ns();
 	uint64_t tstamp, next_tstamp = 0;

 	if (last_tstamp)
 		next_tstamp = *last_tstamp + delay_ns;

 	tstamp = skb->tstamp;
 	if (tstamp < now)
 		tstamp = now;

 	/* should we throttle? */
 	if (next_tstamp <= tstamp) {
 		if (bpf_map_update_elem(&flow_map, &key, &tstamp, BPF_ANY))
 			return TC_ACT_SHOT;
 		return TC_ACT_OK;
 	}

 	/* do not queue past the time horizon */
 	if (next_tstamp - now >= TIME_HORIZON_NS)
 		return TC_ACT_SHOT;

 	/* set ecn bit, if needed */
 	if (next_tstamp - now >= ECN_HORIZON_NS)
 		bpf_skb_ecn_set_ce(skb);

 	if (bpf_map_update_elem(&flow_map, &key, &next_tstamp, BPF_EXIST))
 		return TC_ACT_SHOT;
 	skb->tstamp = next_tstamp;

 	return TC_ACT_OK;
 }

 static inline int handle_tcp(struct __sk_buff *skb, struct tcphdr *tcp)
 {
 	void *data_end = (void *)(long)skb->data_end;

 	/* drop malformed packets */
 	if ((void *)(tcp + 1) > data_end)
 		return TC_ACT_SHOT;

 	if (tcp->dest == bpf_htons(9000))
 		return throttle_flow(skb);

 	return TC_ACT_OK;
 }

 static inline int handle_ipv4(struct __sk_buff *skb)
 {
 	void *data_end = (void *)(long)skb->data_end;
 	void *data = (void *)(long)skb->data;
 	struct iphdr *iph;
 	uint32_t ihl;

 	/* drop malformed packets */
 	if (data + sizeof(struct ethhdr) > data_end)
 		return TC_ACT_SHOT;
 	iph = (struct iphdr *)(data + sizeof(struct ethhdr));
 	if ((void *)(iph + 1) > data_end)
 		return TC_ACT_SHOT;
 	ihl = iph->ihl * 4;
 	if (((void *)iph) + ihl > data_end)
 		return TC_ACT_SHOT;

 	if (iph->protocol == IPPROTO_TCP)
 		return handle_tcp(skb, (struct tcphdr *)(((void *)iph) + ihl));

 	return TC_ACT_OK;
 }

 SEC("cls_test") int tc_prog(struct __sk_buff *skb)
 {
 	if (skb->protocol == bpf_htons(ETH_P_IP))
 		return handle_ipv4(skb);

 	return TC_ACT_OK;
 }

 char __license[] SEC("license") = "GPL";
	// SPDX-License-Identifier: GPL-2.0
	#include <stdint.h>
	#include <linux/bpf.h>
	#include <linux/if_ether.h>
	#include <linux/stddef.h>
	#include <linux/in.h>
	#include <linux/ip.h>
	#include <linux/pkt_cls.h>
	#include <linux/tcp.h>
	#include <bpf/bpf_helpers.h>
	#include <bpf/bpf_endian.h>

	/* the maximum delay we are willing to add (drop packets beyond that) */
	#define TIME_HORIZON_NS (2000 * 1000 * 1000)
	#define NS_PER_SEC 1000000000
	#define ECN_HORIZON_NS 5000000
	#define THROTTLE_RATE_BPS (5 * 1000 * 1000)

	/* flow_key => last_tstamp timestamp used */
	struct {
	__uint(type, BPF_MAP_TYPE_HASH);
	__type(key, uint32_t);
	__type(value, uint64_t);
	__uint(max_entries, 1);
	} flow_map SEC(".maps");

	static inline int throttle_flow(struct __sk_buff *skb)
	{
	int key = 0;
	uint64_t *last_tstamp = bpf_map_lookup_elem(&flow_map, &key);
	uint64_t delay_ns = ((uint64_t)skb->len) * NS_PER_SEC /
	THROTTLE_RATE_BPS;
	uint64_t now = bpf_ktime_get_ns();
	uint64_t tstamp, next_tstamp = 0;

	if (last_tstamp)
	next_tstamp = *last_tstamp + delay_ns;

	tstamp = skb->tstamp;
	if (tstamp < now)
	tstamp = now;

	/* should we throttle? */
	if (next_tstamp <= tstamp) {
	if (bpf_map_update_elem(&flow_map, &key, &tstamp, BPF_ANY))
	return TC_ACT_SHOT;
	return TC_ACT_OK;
	}

	/* do not queue past the time horizon */
	if (next_tstamp - now >= TIME_HORIZON_NS)
	return TC_ACT_SHOT;

	/* set ecn bit, if needed */
	if (next_tstamp - now >= ECN_HORIZON_NS)
	bpf_skb_ecn_set_ce(skb);

	if (bpf_map_update_elem(&flow_map, &key, &next_tstamp, BPF_EXIST))
	return TC_ACT_SHOT;
	skb->tstamp = next_tstamp;

	return TC_ACT_OK;
	}

	static inline int handle_tcp(struct __sk_buff skb, struct tcphdr tcp)
	{
	void data_end = (void )(long)skb->data_end;

	/* drop malformed packets */
	if ((void *)(tcp + 1) > data_end)
	return TC_ACT_SHOT;

	if (tcp->dest == bpf_htons(9000))
	return throttle_flow(skb);

	return TC_ACT_OK;
	}

	static inline int handle_ipv4(struct __sk_buff *skb)
	{
	void data_end = (void )(long)skb->data_end;
	void data = (void )(long)skb->data;
	struct iphdr *iph;
	uint32_t ihl;

	/* drop malformed packets */
	if (data + sizeof(struct ethhdr) > data_end)
	return TC_ACT_SHOT;
	iph = (struct iphdr *)(data + sizeof(struct ethhdr));
	if ((void *)(iph + 1) > data_end)
	return TC_ACT_SHOT;
	ihl = iph->ihl * 4;
	if (((void *)iph) + ihl > data_end)
	return TC_ACT_SHOT;

	if (iph->protocol == IPPROTO_TCP)
	return handle_tcp(skb, (struct tcphdr )(((void )iph) + ihl));

	return TC_ACT_OK;
	}

	SEC("cls_test") int tc_prog(struct __sk_buff *skb)
	{
	if (skb->protocol == bpf_htons(ETH_P_IP))
	return handle_ipv4(skb);

	return TC_ACT_OK;
	}

	char __license[] SEC("license") = "GPL";