| // SPDX-License-Identifier: GPL-2.0 |
| #include <linux/bpf.h> |
| #include <linux/if_link.h> |
| #include <assert.h> |
| #include <errno.h> |
| #include <signal.h> |
| #include <stdio.h> |
| #include <stdlib.h> |
| #include <string.h> |
| #include <net/if.h> |
| #include <unistd.h> |
| #include <libgen.h> |
| #include <sys/ioctl.h> |
| #include <sys/types.h> |
| #include <sys/socket.h> |
| #include <netinet/in.h> |
| |
| #include "bpf_util.h" |
| #include <bpf/bpf.h> |
| #include <bpf/libbpf.h> |
| |
| #define MAX_IFACE_NUM 32 |
| #define MAX_INDEX_NUM 1024 |
| |
| static __u32 xdp_flags = XDP_FLAGS_UPDATE_IF_NOEXIST; |
| static int ifaces[MAX_IFACE_NUM] = {}; |
| |
| static void int_exit(int sig) |
| { |
| __u32 prog_id = 0; |
| int i; |
| |
| for (i = 0; ifaces[i] > 0; i++) { |
| if (bpf_xdp_query_id(ifaces[i], xdp_flags, &prog_id)) { |
| printf("bpf_xdp_query_id failed\n"); |
| exit(1); |
| } |
| if (prog_id) |
| bpf_xdp_detach(ifaces[i], xdp_flags, NULL); |
| } |
| |
| exit(0); |
| } |
| |
| static int get_mac_addr(unsigned int ifindex, void *mac_addr) |
| { |
| char ifname[IF_NAMESIZE]; |
| struct ifreq ifr; |
| int fd, ret = -1; |
| |
| fd = socket(AF_INET, SOCK_DGRAM, 0); |
| if (fd < 0) |
| return ret; |
| |
| if (!if_indextoname(ifindex, ifname)) |
| goto err_out; |
| |
| strcpy(ifr.ifr_name, ifname); |
| |
| if (ioctl(fd, SIOCGIFHWADDR, &ifr) != 0) |
| goto err_out; |
| |
| memcpy(mac_addr, ifr.ifr_hwaddr.sa_data, 6 * sizeof(char)); |
| ret = 0; |
| |
| err_out: |
| close(fd); |
| return ret; |
| } |
| |
| static void usage(const char *prog) |
| { |
| fprintf(stderr, |
| "usage: %s [OPTS] <IFNAME|IFINDEX> <IFNAME|IFINDEX> ...\n" |
| "OPTS:\n" |
| " -S use skb-mode\n" |
| " -N enforce native mode\n" |
| " -F force loading prog\n" |
| " -X load xdp program on egress\n", |
| prog); |
| } |
| |
| int main(int argc, char **argv) |
| { |
| int prog_fd, group_all, mac_map; |
| struct bpf_program *ingress_prog, *egress_prog; |
| int i, err, ret, opt, egress_prog_fd = 0; |
| struct bpf_devmap_val devmap_val; |
| bool attach_egress_prog = false; |
| unsigned char mac_addr[6]; |
| char ifname[IF_NAMESIZE]; |
| struct bpf_object *obj; |
| unsigned int ifindex; |
| char filename[256]; |
| |
| while ((opt = getopt(argc, argv, "SNFX")) != -1) { |
| switch (opt) { |
| case 'S': |
| xdp_flags |= XDP_FLAGS_SKB_MODE; |
| break; |
| case 'N': |
| /* default, set below */ |
| break; |
| case 'F': |
| xdp_flags &= ~XDP_FLAGS_UPDATE_IF_NOEXIST; |
| break; |
| case 'X': |
| attach_egress_prog = true; |
| break; |
| default: |
| usage(basename(argv[0])); |
| return 1; |
| } |
| } |
| |
| if (!(xdp_flags & XDP_FLAGS_SKB_MODE)) { |
| xdp_flags |= XDP_FLAGS_DRV_MODE; |
| } else if (attach_egress_prog) { |
| printf("Load xdp program on egress with SKB mode not supported yet\n"); |
| goto err_out; |
| } |
| |
| if (optind == argc) { |
| printf("usage: %s <IFNAME|IFINDEX> <IFNAME|IFINDEX> ...\n", argv[0]); |
| goto err_out; |
| } |
| |
| printf("Get interfaces:"); |
| for (i = 0; i < MAX_IFACE_NUM && argv[optind + i]; i++) { |
| ifaces[i] = if_nametoindex(argv[optind + i]); |
| if (!ifaces[i]) |
| ifaces[i] = strtoul(argv[optind + i], NULL, 0); |
| if (!if_indextoname(ifaces[i], ifname)) { |
| perror("Invalid interface name or i"); |
| goto err_out; |
| } |
| if (ifaces[i] > MAX_INDEX_NUM) { |
| printf(" interface index too large\n"); |
| goto err_out; |
| } |
| printf(" %d", ifaces[i]); |
| } |
| printf("\n"); |
| |
| snprintf(filename, sizeof(filename), "%s_kern.bpf.o", argv[0]); |
| obj = bpf_object__open_file(filename, NULL); |
| err = libbpf_get_error(obj); |
| if (err) |
| goto err_out; |
| err = bpf_object__load(obj); |
| if (err) |
| goto err_out; |
| prog_fd = bpf_program__fd(bpf_object__next_program(obj, NULL)); |
| |
| if (attach_egress_prog) |
| group_all = bpf_object__find_map_fd_by_name(obj, "map_egress"); |
| else |
| group_all = bpf_object__find_map_fd_by_name(obj, "map_all"); |
| mac_map = bpf_object__find_map_fd_by_name(obj, "mac_map"); |
| |
| if (group_all < 0 || mac_map < 0) { |
| printf("bpf_object__find_map_fd_by_name failed\n"); |
| goto err_out; |
| } |
| |
| if (attach_egress_prog) { |
| /* Find ingress/egress prog for 2nd xdp prog */ |
| ingress_prog = bpf_object__find_program_by_name(obj, "xdp_redirect_map_all_prog"); |
| egress_prog = bpf_object__find_program_by_name(obj, "xdp_devmap_prog"); |
| if (!ingress_prog || !egress_prog) { |
| printf("finding ingress/egress_prog in obj file failed\n"); |
| goto err_out; |
| } |
| prog_fd = bpf_program__fd(ingress_prog); |
| egress_prog_fd = bpf_program__fd(egress_prog); |
| if (prog_fd < 0 || egress_prog_fd < 0) { |
| printf("find egress_prog fd failed\n"); |
| goto err_out; |
| } |
| } |
| |
| signal(SIGINT, int_exit); |
| signal(SIGTERM, int_exit); |
| |
| /* Init forward multicast groups and exclude group */ |
| for (i = 0; ifaces[i] > 0; i++) { |
| ifindex = ifaces[i]; |
| |
| if (attach_egress_prog) { |
| ret = get_mac_addr(ifindex, mac_addr); |
| if (ret < 0) { |
| printf("get interface %d mac failed\n", ifindex); |
| goto err_out; |
| } |
| ret = bpf_map_update_elem(mac_map, &ifindex, mac_addr, 0); |
| if (ret) { |
| perror("bpf_update_elem mac_map failed\n"); |
| goto err_out; |
| } |
| } |
| |
| /* Add all the interfaces to group all */ |
| devmap_val.ifindex = ifindex; |
| devmap_val.bpf_prog.fd = egress_prog_fd; |
| ret = bpf_map_update_elem(group_all, &ifindex, &devmap_val, 0); |
| if (ret) { |
| perror("bpf_map_update_elem"); |
| goto err_out; |
| } |
| |
| /* bind prog_fd to each interface */ |
| ret = bpf_xdp_attach(ifindex, prog_fd, xdp_flags, NULL); |
| if (ret) { |
| printf("Set xdp fd failed on %d\n", ifindex); |
| goto err_out; |
| } |
| } |
| |
| /* sleep some time for testing */ |
| sleep(999); |
| |
| return 0; |
| |
| err_out: |
| return 1; |
| } |