Loading...
1// SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
2/* Copyright (c) 2018 Facebook */
3
4#include <stdlib.h>
5#include <memory.h>
6#include <unistd.h>
7#include <arpa/inet.h>
8#include <linux/bpf.h>
9#include <linux/if_ether.h>
10#include <linux/pkt_cls.h>
11#include <linux/rtnetlink.h>
12#include <sys/socket.h>
13#include <errno.h>
14#include <time.h>
15
16#include "bpf.h"
17#include "libbpf.h"
18#include "libbpf_internal.h"
19#include "nlattr.h"
20
21#ifndef SOL_NETLINK
22#define SOL_NETLINK 270
23#endif
24
25typedef int (*libbpf_dump_nlmsg_t)(void *cookie, void *msg, struct nlattr **tb);
26
27typedef int (*__dump_nlmsg_t)(struct nlmsghdr *nlmsg, libbpf_dump_nlmsg_t,
28 void *cookie);
29
30struct xdp_link_info {
31 __u32 prog_id;
32 __u32 drv_prog_id;
33 __u32 hw_prog_id;
34 __u32 skb_prog_id;
35 __u8 attach_mode;
36};
37
38struct xdp_id_md {
39 int ifindex;
40 __u32 flags;
41 struct xdp_link_info info;
42};
43
44static int libbpf_netlink_open(__u32 *nl_pid)
45{
46 struct sockaddr_nl sa;
47 socklen_t addrlen;
48 int one = 1, ret;
49 int sock;
50
51 memset(&sa, 0, sizeof(sa));
52 sa.nl_family = AF_NETLINK;
53
54 sock = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
55 if (sock < 0)
56 return -errno;
57
58 if (setsockopt(sock, SOL_NETLINK, NETLINK_EXT_ACK,
59 &one, sizeof(one)) < 0) {
60 pr_warn("Netlink error reporting not supported\n");
61 }
62
63 if (bind(sock, (struct sockaddr *)&sa, sizeof(sa)) < 0) {
64 ret = -errno;
65 goto cleanup;
66 }
67
68 addrlen = sizeof(sa);
69 if (getsockname(sock, (struct sockaddr *)&sa, &addrlen) < 0) {
70 ret = -errno;
71 goto cleanup;
72 }
73
74 if (addrlen != sizeof(sa)) {
75 ret = -LIBBPF_ERRNO__INTERNAL;
76 goto cleanup;
77 }
78
79 *nl_pid = sa.nl_pid;
80 return sock;
81
82cleanup:
83 close(sock);
84 return ret;
85}
86
87static void libbpf_netlink_close(int sock)
88{
89 close(sock);
90}
91
92enum {
93 NL_CONT,
94 NL_NEXT,
95 NL_DONE,
96};
97
98static int netlink_recvmsg(int sock, struct msghdr *mhdr, int flags)
99{
100 int len;
101
102 do {
103 len = recvmsg(sock, mhdr, flags);
104 } while (len < 0 && (errno == EINTR || errno == EAGAIN));
105
106 if (len < 0)
107 return -errno;
108 return len;
109}
110
111static int alloc_iov(struct iovec *iov, int len)
112{
113 void *nbuf;
114
115 nbuf = realloc(iov->iov_base, len);
116 if (!nbuf)
117 return -ENOMEM;
118
119 iov->iov_base = nbuf;
120 iov->iov_len = len;
121 return 0;
122}
123
124static int libbpf_netlink_recv(int sock, __u32 nl_pid, int seq,
125 __dump_nlmsg_t _fn, libbpf_dump_nlmsg_t fn,
126 void *cookie)
127{
128 struct iovec iov = {};
129 struct msghdr mhdr = {
130 .msg_iov = &iov,
131 .msg_iovlen = 1,
132 };
133 bool multipart = true;
134 struct nlmsgerr *err;
135 struct nlmsghdr *nh;
136 int len, ret;
137
138 ret = alloc_iov(&iov, 4096);
139 if (ret)
140 goto done;
141
142 while (multipart) {
143start:
144 multipart = false;
145 len = netlink_recvmsg(sock, &mhdr, MSG_PEEK | MSG_TRUNC);
146 if (len < 0) {
147 ret = len;
148 goto done;
149 }
150
151 if (len > iov.iov_len) {
152 ret = alloc_iov(&iov, len);
153 if (ret)
154 goto done;
155 }
156
157 len = netlink_recvmsg(sock, &mhdr, 0);
158 if (len < 0) {
159 ret = len;
160 goto done;
161 }
162
163 if (len == 0)
164 break;
165
166 for (nh = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(nh, len);
167 nh = NLMSG_NEXT(nh, len)) {
168 if (nh->nlmsg_pid != nl_pid) {
169 ret = -LIBBPF_ERRNO__WRNGPID;
170 goto done;
171 }
172 if (nh->nlmsg_seq != seq) {
173 ret = -LIBBPF_ERRNO__INVSEQ;
174 goto done;
175 }
176 if (nh->nlmsg_flags & NLM_F_MULTI)
177 multipart = true;
178 switch (nh->nlmsg_type) {
179 case NLMSG_ERROR:
180 err = (struct nlmsgerr *)NLMSG_DATA(nh);
181 if (!err->error)
182 continue;
183 ret = err->error;
184 libbpf_nla_dump_errormsg(nh);
185 goto done;
186 case NLMSG_DONE:
187 ret = 0;
188 goto done;
189 default:
190 break;
191 }
192 if (_fn) {
193 ret = _fn(nh, fn, cookie);
194 switch (ret) {
195 case NL_CONT:
196 break;
197 case NL_NEXT:
198 goto start;
199 case NL_DONE:
200 ret = 0;
201 goto done;
202 default:
203 goto done;
204 }
205 }
206 }
207 }
208 ret = 0;
209done:
210 free(iov.iov_base);
211 return ret;
212}
213
214static int libbpf_netlink_send_recv(struct libbpf_nla_req *req,
215 __dump_nlmsg_t parse_msg,
216 libbpf_dump_nlmsg_t parse_attr,
217 void *cookie)
218{
219 __u32 nl_pid = 0;
220 int sock, ret;
221
222 sock = libbpf_netlink_open(&nl_pid);
223 if (sock < 0)
224 return sock;
225
226 req->nh.nlmsg_pid = 0;
227 req->nh.nlmsg_seq = time(NULL);
228
229 if (send(sock, req, req->nh.nlmsg_len, 0) < 0) {
230 ret = -errno;
231 goto out;
232 }
233
234 ret = libbpf_netlink_recv(sock, nl_pid, req->nh.nlmsg_seq,
235 parse_msg, parse_attr, cookie);
236out:
237 libbpf_netlink_close(sock);
238 return ret;
239}
240
241static int __bpf_set_link_xdp_fd_replace(int ifindex, int fd, int old_fd,
242 __u32 flags)
243{
244 struct nlattr *nla;
245 int ret;
246 struct libbpf_nla_req req;
247
248 memset(&req, 0, sizeof(req));
249 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
250 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
251 req.nh.nlmsg_type = RTM_SETLINK;
252 req.ifinfo.ifi_family = AF_UNSPEC;
253 req.ifinfo.ifi_index = ifindex;
254
255 nla = nlattr_begin_nested(&req, IFLA_XDP);
256 if (!nla)
257 return -EMSGSIZE;
258 ret = nlattr_add(&req, IFLA_XDP_FD, &fd, sizeof(fd));
259 if (ret < 0)
260 return ret;
261 if (flags) {
262 ret = nlattr_add(&req, IFLA_XDP_FLAGS, &flags, sizeof(flags));
263 if (ret < 0)
264 return ret;
265 }
266 if (flags & XDP_FLAGS_REPLACE) {
267 ret = nlattr_add(&req, IFLA_XDP_EXPECTED_FD, &old_fd,
268 sizeof(old_fd));
269 if (ret < 0)
270 return ret;
271 }
272 nlattr_end_nested(&req, nla);
273
274 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
275}
276
277int bpf_xdp_attach(int ifindex, int prog_fd, __u32 flags, const struct bpf_xdp_attach_opts *opts)
278{
279 int old_prog_fd, err;
280
281 if (!OPTS_VALID(opts, bpf_xdp_attach_opts))
282 return libbpf_err(-EINVAL);
283
284 old_prog_fd = OPTS_GET(opts, old_prog_fd, 0);
285 if (old_prog_fd)
286 flags |= XDP_FLAGS_REPLACE;
287 else
288 old_prog_fd = -1;
289
290 err = __bpf_set_link_xdp_fd_replace(ifindex, prog_fd, old_prog_fd, flags);
291 return libbpf_err(err);
292}
293
294int bpf_xdp_detach(int ifindex, __u32 flags, const struct bpf_xdp_attach_opts *opts)
295{
296 return bpf_xdp_attach(ifindex, -1, flags, opts);
297}
298
299static int __dump_link_nlmsg(struct nlmsghdr *nlh,
300 libbpf_dump_nlmsg_t dump_link_nlmsg, void *cookie)
301{
302 struct nlattr *tb[IFLA_MAX + 1], *attr;
303 struct ifinfomsg *ifi = NLMSG_DATA(nlh);
304 int len;
305
306 len = nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi));
307 attr = (struct nlattr *) ((void *) ifi + NLMSG_ALIGN(sizeof(*ifi)));
308
309 if (libbpf_nla_parse(tb, IFLA_MAX, attr, len, NULL) != 0)
310 return -LIBBPF_ERRNO__NLPARSE;
311
312 return dump_link_nlmsg(cookie, ifi, tb);
313}
314
315static int get_xdp_info(void *cookie, void *msg, struct nlattr **tb)
316{
317 struct nlattr *xdp_tb[IFLA_XDP_MAX + 1];
318 struct xdp_id_md *xdp_id = cookie;
319 struct ifinfomsg *ifinfo = msg;
320 int ret;
321
322 if (xdp_id->ifindex && xdp_id->ifindex != ifinfo->ifi_index)
323 return 0;
324
325 if (!tb[IFLA_XDP])
326 return 0;
327
328 ret = libbpf_nla_parse_nested(xdp_tb, IFLA_XDP_MAX, tb[IFLA_XDP], NULL);
329 if (ret)
330 return ret;
331
332 if (!xdp_tb[IFLA_XDP_ATTACHED])
333 return 0;
334
335 xdp_id->info.attach_mode = libbpf_nla_getattr_u8(
336 xdp_tb[IFLA_XDP_ATTACHED]);
337
338 if (xdp_id->info.attach_mode == XDP_ATTACHED_NONE)
339 return 0;
340
341 if (xdp_tb[IFLA_XDP_PROG_ID])
342 xdp_id->info.prog_id = libbpf_nla_getattr_u32(
343 xdp_tb[IFLA_XDP_PROG_ID]);
344
345 if (xdp_tb[IFLA_XDP_SKB_PROG_ID])
346 xdp_id->info.skb_prog_id = libbpf_nla_getattr_u32(
347 xdp_tb[IFLA_XDP_SKB_PROG_ID]);
348
349 if (xdp_tb[IFLA_XDP_DRV_PROG_ID])
350 xdp_id->info.drv_prog_id = libbpf_nla_getattr_u32(
351 xdp_tb[IFLA_XDP_DRV_PROG_ID]);
352
353 if (xdp_tb[IFLA_XDP_HW_PROG_ID])
354 xdp_id->info.hw_prog_id = libbpf_nla_getattr_u32(
355 xdp_tb[IFLA_XDP_HW_PROG_ID]);
356
357 return 0;
358}
359
360int bpf_xdp_query(int ifindex, int xdp_flags, struct bpf_xdp_query_opts *opts)
361{
362 struct libbpf_nla_req req = {
363 .nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)),
364 .nh.nlmsg_type = RTM_GETLINK,
365 .nh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST,
366 .ifinfo.ifi_family = AF_PACKET,
367 };
368 struct xdp_id_md xdp_id = {};
369 int err;
370
371 if (!OPTS_VALID(opts, bpf_xdp_query_opts))
372 return libbpf_err(-EINVAL);
373
374 if (xdp_flags & ~XDP_FLAGS_MASK)
375 return libbpf_err(-EINVAL);
376
377 /* Check whether the single {HW,DRV,SKB} mode is set */
378 xdp_flags &= XDP_FLAGS_SKB_MODE | XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE;
379 if (xdp_flags & (xdp_flags - 1))
380 return libbpf_err(-EINVAL);
381
382 xdp_id.ifindex = ifindex;
383 xdp_id.flags = xdp_flags;
384
385 err = libbpf_netlink_send_recv(&req, __dump_link_nlmsg,
386 get_xdp_info, &xdp_id);
387 if (err)
388 return libbpf_err(err);
389
390 OPTS_SET(opts, prog_id, xdp_id.info.prog_id);
391 OPTS_SET(opts, drv_prog_id, xdp_id.info.drv_prog_id);
392 OPTS_SET(opts, hw_prog_id, xdp_id.info.hw_prog_id);
393 OPTS_SET(opts, skb_prog_id, xdp_id.info.skb_prog_id);
394 OPTS_SET(opts, attach_mode, xdp_id.info.attach_mode);
395
396 return 0;
397}
398
399int bpf_xdp_query_id(int ifindex, int flags, __u32 *prog_id)
400{
401 LIBBPF_OPTS(bpf_xdp_query_opts, opts);
402 int ret;
403
404 ret = bpf_xdp_query(ifindex, flags, &opts);
405 if (ret)
406 return libbpf_err(ret);
407
408 flags &= XDP_FLAGS_MODES;
409
410 if (opts.attach_mode != XDP_ATTACHED_MULTI && !flags)
411 *prog_id = opts.prog_id;
412 else if (flags & XDP_FLAGS_DRV_MODE)
413 *prog_id = opts.drv_prog_id;
414 else if (flags & XDP_FLAGS_HW_MODE)
415 *prog_id = opts.hw_prog_id;
416 else if (flags & XDP_FLAGS_SKB_MODE)
417 *prog_id = opts.skb_prog_id;
418 else
419 *prog_id = 0;
420
421 return 0;
422}
423
424
425typedef int (*qdisc_config_t)(struct libbpf_nla_req *req);
426
427static int clsact_config(struct libbpf_nla_req *req)
428{
429 req->tc.tcm_parent = TC_H_CLSACT;
430 req->tc.tcm_handle = TC_H_MAKE(TC_H_CLSACT, 0);
431
432 return nlattr_add(req, TCA_KIND, "clsact", sizeof("clsact"));
433}
434
435static int attach_point_to_config(struct bpf_tc_hook *hook,
436 qdisc_config_t *config)
437{
438 switch (OPTS_GET(hook, attach_point, 0)) {
439 case BPF_TC_INGRESS:
440 case BPF_TC_EGRESS:
441 case BPF_TC_INGRESS | BPF_TC_EGRESS:
442 if (OPTS_GET(hook, parent, 0))
443 return -EINVAL;
444 *config = &clsact_config;
445 return 0;
446 case BPF_TC_CUSTOM:
447 return -EOPNOTSUPP;
448 default:
449 return -EINVAL;
450 }
451}
452
453static int tc_get_tcm_parent(enum bpf_tc_attach_point attach_point,
454 __u32 *parent)
455{
456 switch (attach_point) {
457 case BPF_TC_INGRESS:
458 case BPF_TC_EGRESS:
459 if (*parent)
460 return -EINVAL;
461 *parent = TC_H_MAKE(TC_H_CLSACT,
462 attach_point == BPF_TC_INGRESS ?
463 TC_H_MIN_INGRESS : TC_H_MIN_EGRESS);
464 break;
465 case BPF_TC_CUSTOM:
466 if (!*parent)
467 return -EINVAL;
468 break;
469 default:
470 return -EINVAL;
471 }
472 return 0;
473}
474
475static int tc_qdisc_modify(struct bpf_tc_hook *hook, int cmd, int flags)
476{
477 qdisc_config_t config;
478 int ret;
479 struct libbpf_nla_req req;
480
481 ret = attach_point_to_config(hook, &config);
482 if (ret < 0)
483 return ret;
484
485 memset(&req, 0, sizeof(req));
486 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
487 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags;
488 req.nh.nlmsg_type = cmd;
489 req.tc.tcm_family = AF_UNSPEC;
490 req.tc.tcm_ifindex = OPTS_GET(hook, ifindex, 0);
491
492 ret = config(&req);
493 if (ret < 0)
494 return ret;
495
496 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
497}
498
499static int tc_qdisc_create_excl(struct bpf_tc_hook *hook)
500{
501 return tc_qdisc_modify(hook, RTM_NEWQDISC, NLM_F_CREATE | NLM_F_EXCL);
502}
503
504static int tc_qdisc_delete(struct bpf_tc_hook *hook)
505{
506 return tc_qdisc_modify(hook, RTM_DELQDISC, 0);
507}
508
509int bpf_tc_hook_create(struct bpf_tc_hook *hook)
510{
511 int ret;
512
513 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) ||
514 OPTS_GET(hook, ifindex, 0) <= 0)
515 return libbpf_err(-EINVAL);
516
517 ret = tc_qdisc_create_excl(hook);
518 return libbpf_err(ret);
519}
520
521static int __bpf_tc_detach(const struct bpf_tc_hook *hook,
522 const struct bpf_tc_opts *opts,
523 const bool flush);
524
525int bpf_tc_hook_destroy(struct bpf_tc_hook *hook)
526{
527 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) ||
528 OPTS_GET(hook, ifindex, 0) <= 0)
529 return libbpf_err(-EINVAL);
530
531 switch (OPTS_GET(hook, attach_point, 0)) {
532 case BPF_TC_INGRESS:
533 case BPF_TC_EGRESS:
534 return libbpf_err(__bpf_tc_detach(hook, NULL, true));
535 case BPF_TC_INGRESS | BPF_TC_EGRESS:
536 return libbpf_err(tc_qdisc_delete(hook));
537 case BPF_TC_CUSTOM:
538 return libbpf_err(-EOPNOTSUPP);
539 default:
540 return libbpf_err(-EINVAL);
541 }
542}
543
544struct bpf_cb_ctx {
545 struct bpf_tc_opts *opts;
546 bool processed;
547};
548
549static int __get_tc_info(void *cookie, struct tcmsg *tc, struct nlattr **tb,
550 bool unicast)
551{
552 struct nlattr *tbb[TCA_BPF_MAX + 1];
553 struct bpf_cb_ctx *info = cookie;
554
555 if (!info || !info->opts)
556 return -EINVAL;
557 if (unicast && info->processed)
558 return -EINVAL;
559 if (!tb[TCA_OPTIONS])
560 return NL_CONT;
561
562 libbpf_nla_parse_nested(tbb, TCA_BPF_MAX, tb[TCA_OPTIONS], NULL);
563 if (!tbb[TCA_BPF_ID])
564 return -EINVAL;
565
566 OPTS_SET(info->opts, prog_id, libbpf_nla_getattr_u32(tbb[TCA_BPF_ID]));
567 OPTS_SET(info->opts, handle, tc->tcm_handle);
568 OPTS_SET(info->opts, priority, TC_H_MAJ(tc->tcm_info) >> 16);
569
570 info->processed = true;
571 return unicast ? NL_NEXT : NL_DONE;
572}
573
574static int get_tc_info(struct nlmsghdr *nh, libbpf_dump_nlmsg_t fn,
575 void *cookie)
576{
577 struct tcmsg *tc = NLMSG_DATA(nh);
578 struct nlattr *tb[TCA_MAX + 1];
579
580 libbpf_nla_parse(tb, TCA_MAX,
581 (struct nlattr *)((void *)tc + NLMSG_ALIGN(sizeof(*tc))),
582 NLMSG_PAYLOAD(nh, sizeof(*tc)), NULL);
583 if (!tb[TCA_KIND])
584 return NL_CONT;
585 return __get_tc_info(cookie, tc, tb, nh->nlmsg_flags & NLM_F_ECHO);
586}
587
588static int tc_add_fd_and_name(struct libbpf_nla_req *req, int fd)
589{
590 struct bpf_prog_info info;
591 __u32 info_len = sizeof(info);
592 char name[256];
593 int len, ret;
594
595 memset(&info, 0, info_len);
596 ret = bpf_obj_get_info_by_fd(fd, &info, &info_len);
597 if (ret < 0)
598 return ret;
599
600 ret = nlattr_add(req, TCA_BPF_FD, &fd, sizeof(fd));
601 if (ret < 0)
602 return ret;
603 len = snprintf(name, sizeof(name), "%s:[%u]", info.name, info.id);
604 if (len < 0)
605 return -errno;
606 if (len >= sizeof(name))
607 return -ENAMETOOLONG;
608 return nlattr_add(req, TCA_BPF_NAME, name, len + 1);
609}
610
611int bpf_tc_attach(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts)
612{
613 __u32 protocol, bpf_flags, handle, priority, parent, prog_id, flags;
614 int ret, ifindex, attach_point, prog_fd;
615 struct bpf_cb_ctx info = {};
616 struct libbpf_nla_req req;
617 struct nlattr *nla;
618
619 if (!hook || !opts ||
620 !OPTS_VALID(hook, bpf_tc_hook) ||
621 !OPTS_VALID(opts, bpf_tc_opts))
622 return libbpf_err(-EINVAL);
623
624 ifindex = OPTS_GET(hook, ifindex, 0);
625 parent = OPTS_GET(hook, parent, 0);
626 attach_point = OPTS_GET(hook, attach_point, 0);
627
628 handle = OPTS_GET(opts, handle, 0);
629 priority = OPTS_GET(opts, priority, 0);
630 prog_fd = OPTS_GET(opts, prog_fd, 0);
631 prog_id = OPTS_GET(opts, prog_id, 0);
632 flags = OPTS_GET(opts, flags, 0);
633
634 if (ifindex <= 0 || !prog_fd || prog_id)
635 return libbpf_err(-EINVAL);
636 if (priority > UINT16_MAX)
637 return libbpf_err(-EINVAL);
638 if (flags & ~BPF_TC_F_REPLACE)
639 return libbpf_err(-EINVAL);
640
641 flags = (flags & BPF_TC_F_REPLACE) ? NLM_F_REPLACE : NLM_F_EXCL;
642 protocol = ETH_P_ALL;
643
644 memset(&req, 0, sizeof(req));
645 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
646 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE |
647 NLM_F_ECHO | flags;
648 req.nh.nlmsg_type = RTM_NEWTFILTER;
649 req.tc.tcm_family = AF_UNSPEC;
650 req.tc.tcm_ifindex = ifindex;
651 req.tc.tcm_handle = handle;
652 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
653
654 ret = tc_get_tcm_parent(attach_point, &parent);
655 if (ret < 0)
656 return libbpf_err(ret);
657 req.tc.tcm_parent = parent;
658
659 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
660 if (ret < 0)
661 return libbpf_err(ret);
662 nla = nlattr_begin_nested(&req, TCA_OPTIONS);
663 if (!nla)
664 return libbpf_err(-EMSGSIZE);
665 ret = tc_add_fd_and_name(&req, prog_fd);
666 if (ret < 0)
667 return libbpf_err(ret);
668 bpf_flags = TCA_BPF_FLAG_ACT_DIRECT;
669 ret = nlattr_add(&req, TCA_BPF_FLAGS, &bpf_flags, sizeof(bpf_flags));
670 if (ret < 0)
671 return libbpf_err(ret);
672 nlattr_end_nested(&req, nla);
673
674 info.opts = opts;
675
676 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info);
677 if (ret < 0)
678 return libbpf_err(ret);
679 if (!info.processed)
680 return libbpf_err(-ENOENT);
681 return ret;
682}
683
684static int __bpf_tc_detach(const struct bpf_tc_hook *hook,
685 const struct bpf_tc_opts *opts,
686 const bool flush)
687{
688 __u32 protocol = 0, handle, priority, parent, prog_id, flags;
689 int ret, ifindex, attach_point, prog_fd;
690 struct libbpf_nla_req req;
691
692 if (!hook ||
693 !OPTS_VALID(hook, bpf_tc_hook) ||
694 !OPTS_VALID(opts, bpf_tc_opts))
695 return -EINVAL;
696
697 ifindex = OPTS_GET(hook, ifindex, 0);
698 parent = OPTS_GET(hook, parent, 0);
699 attach_point = OPTS_GET(hook, attach_point, 0);
700
701 handle = OPTS_GET(opts, handle, 0);
702 priority = OPTS_GET(opts, priority, 0);
703 prog_fd = OPTS_GET(opts, prog_fd, 0);
704 prog_id = OPTS_GET(opts, prog_id, 0);
705 flags = OPTS_GET(opts, flags, 0);
706
707 if (ifindex <= 0 || flags || prog_fd || prog_id)
708 return -EINVAL;
709 if (priority > UINT16_MAX)
710 return -EINVAL;
711 if (!flush) {
712 if (!handle || !priority)
713 return -EINVAL;
714 protocol = ETH_P_ALL;
715 } else {
716 if (handle || priority)
717 return -EINVAL;
718 }
719
720 memset(&req, 0, sizeof(req));
721 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
722 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
723 req.nh.nlmsg_type = RTM_DELTFILTER;
724 req.tc.tcm_family = AF_UNSPEC;
725 req.tc.tcm_ifindex = ifindex;
726 if (!flush) {
727 req.tc.tcm_handle = handle;
728 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
729 }
730
731 ret = tc_get_tcm_parent(attach_point, &parent);
732 if (ret < 0)
733 return ret;
734 req.tc.tcm_parent = parent;
735
736 if (!flush) {
737 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
738 if (ret < 0)
739 return ret;
740 }
741
742 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
743}
744
745int bpf_tc_detach(const struct bpf_tc_hook *hook,
746 const struct bpf_tc_opts *opts)
747{
748 int ret;
749
750 if (!opts)
751 return libbpf_err(-EINVAL);
752
753 ret = __bpf_tc_detach(hook, opts, false);
754 return libbpf_err(ret);
755}
756
757int bpf_tc_query(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts)
758{
759 __u32 protocol, handle, priority, parent, prog_id, flags;
760 int ret, ifindex, attach_point, prog_fd;
761 struct bpf_cb_ctx info = {};
762 struct libbpf_nla_req req;
763
764 if (!hook || !opts ||
765 !OPTS_VALID(hook, bpf_tc_hook) ||
766 !OPTS_VALID(opts, bpf_tc_opts))
767 return libbpf_err(-EINVAL);
768
769 ifindex = OPTS_GET(hook, ifindex, 0);
770 parent = OPTS_GET(hook, parent, 0);
771 attach_point = OPTS_GET(hook, attach_point, 0);
772
773 handle = OPTS_GET(opts, handle, 0);
774 priority = OPTS_GET(opts, priority, 0);
775 prog_fd = OPTS_GET(opts, prog_fd, 0);
776 prog_id = OPTS_GET(opts, prog_id, 0);
777 flags = OPTS_GET(opts, flags, 0);
778
779 if (ifindex <= 0 || flags || prog_fd || prog_id ||
780 !handle || !priority)
781 return libbpf_err(-EINVAL);
782 if (priority > UINT16_MAX)
783 return libbpf_err(-EINVAL);
784
785 protocol = ETH_P_ALL;
786
787 memset(&req, 0, sizeof(req));
788 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
789 req.nh.nlmsg_flags = NLM_F_REQUEST;
790 req.nh.nlmsg_type = RTM_GETTFILTER;
791 req.tc.tcm_family = AF_UNSPEC;
792 req.tc.tcm_ifindex = ifindex;
793 req.tc.tcm_handle = handle;
794 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
795
796 ret = tc_get_tcm_parent(attach_point, &parent);
797 if (ret < 0)
798 return libbpf_err(ret);
799 req.tc.tcm_parent = parent;
800
801 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
802 if (ret < 0)
803 return libbpf_err(ret);
804
805 info.opts = opts;
806
807 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info);
808 if (ret < 0)
809 return libbpf_err(ret);
810 if (!info.processed)
811 return libbpf_err(-ENOENT);
812 return ret;
813}
1// SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
2/* Copyright (c) 2018 Facebook */
3
4#include <stdlib.h>
5#include <memory.h>
6#include <unistd.h>
7#include <arpa/inet.h>
8#include <linux/bpf.h>
9#include <linux/if_ether.h>
10#include <linux/pkt_cls.h>
11#include <linux/rtnetlink.h>
12#include <sys/socket.h>
13#include <errno.h>
14#include <time.h>
15
16#include "bpf.h"
17#include "libbpf.h"
18#include "libbpf_internal.h"
19#include "nlattr.h"
20
21#ifndef SOL_NETLINK
22#define SOL_NETLINK 270
23#endif
24
25typedef int (*libbpf_dump_nlmsg_t)(void *cookie, void *msg, struct nlattr **tb);
26
27typedef int (*__dump_nlmsg_t)(struct nlmsghdr *nlmsg, libbpf_dump_nlmsg_t,
28 void *cookie);
29
30struct xdp_id_md {
31 int ifindex;
32 __u32 flags;
33 struct xdp_link_info info;
34};
35
36static int libbpf_netlink_open(__u32 *nl_pid)
37{
38 struct sockaddr_nl sa;
39 socklen_t addrlen;
40 int one = 1, ret;
41 int sock;
42
43 memset(&sa, 0, sizeof(sa));
44 sa.nl_family = AF_NETLINK;
45
46 sock = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
47 if (sock < 0)
48 return -errno;
49
50 if (setsockopt(sock, SOL_NETLINK, NETLINK_EXT_ACK,
51 &one, sizeof(one)) < 0) {
52 pr_warn("Netlink error reporting not supported\n");
53 }
54
55 if (bind(sock, (struct sockaddr *)&sa, sizeof(sa)) < 0) {
56 ret = -errno;
57 goto cleanup;
58 }
59
60 addrlen = sizeof(sa);
61 if (getsockname(sock, (struct sockaddr *)&sa, &addrlen) < 0) {
62 ret = -errno;
63 goto cleanup;
64 }
65
66 if (addrlen != sizeof(sa)) {
67 ret = -LIBBPF_ERRNO__INTERNAL;
68 goto cleanup;
69 }
70
71 *nl_pid = sa.nl_pid;
72 return sock;
73
74cleanup:
75 close(sock);
76 return ret;
77}
78
79static void libbpf_netlink_close(int sock)
80{
81 close(sock);
82}
83
84enum {
85 NL_CONT,
86 NL_NEXT,
87 NL_DONE,
88};
89
90static int libbpf_netlink_recv(int sock, __u32 nl_pid, int seq,
91 __dump_nlmsg_t _fn, libbpf_dump_nlmsg_t fn,
92 void *cookie)
93{
94 bool multipart = true;
95 struct nlmsgerr *err;
96 struct nlmsghdr *nh;
97 char buf[4096];
98 int len, ret;
99
100 while (multipart) {
101start:
102 multipart = false;
103 len = recv(sock, buf, sizeof(buf), 0);
104 if (len < 0) {
105 ret = -errno;
106 goto done;
107 }
108
109 if (len == 0)
110 break;
111
112 for (nh = (struct nlmsghdr *)buf; NLMSG_OK(nh, len);
113 nh = NLMSG_NEXT(nh, len)) {
114 if (nh->nlmsg_pid != nl_pid) {
115 ret = -LIBBPF_ERRNO__WRNGPID;
116 goto done;
117 }
118 if (nh->nlmsg_seq != seq) {
119 ret = -LIBBPF_ERRNO__INVSEQ;
120 goto done;
121 }
122 if (nh->nlmsg_flags & NLM_F_MULTI)
123 multipart = true;
124 switch (nh->nlmsg_type) {
125 case NLMSG_ERROR:
126 err = (struct nlmsgerr *)NLMSG_DATA(nh);
127 if (!err->error)
128 continue;
129 ret = err->error;
130 libbpf_nla_dump_errormsg(nh);
131 goto done;
132 case NLMSG_DONE:
133 return 0;
134 default:
135 break;
136 }
137 if (_fn) {
138 ret = _fn(nh, fn, cookie);
139 switch (ret) {
140 case NL_CONT:
141 break;
142 case NL_NEXT:
143 goto start;
144 case NL_DONE:
145 return 0;
146 default:
147 return ret;
148 }
149 }
150 }
151 }
152 ret = 0;
153done:
154 return ret;
155}
156
157static int libbpf_netlink_send_recv(struct libbpf_nla_req *req,
158 __dump_nlmsg_t parse_msg,
159 libbpf_dump_nlmsg_t parse_attr,
160 void *cookie)
161{
162 __u32 nl_pid = 0;
163 int sock, ret;
164
165 sock = libbpf_netlink_open(&nl_pid);
166 if (sock < 0)
167 return sock;
168
169 req->nh.nlmsg_pid = 0;
170 req->nh.nlmsg_seq = time(NULL);
171
172 if (send(sock, req, req->nh.nlmsg_len, 0) < 0) {
173 ret = -errno;
174 goto out;
175 }
176
177 ret = libbpf_netlink_recv(sock, nl_pid, req->nh.nlmsg_seq,
178 parse_msg, parse_attr, cookie);
179out:
180 libbpf_netlink_close(sock);
181 return ret;
182}
183
184static int __bpf_set_link_xdp_fd_replace(int ifindex, int fd, int old_fd,
185 __u32 flags)
186{
187 struct nlattr *nla;
188 int ret;
189 struct libbpf_nla_req req;
190
191 memset(&req, 0, sizeof(req));
192 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
193 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
194 req.nh.nlmsg_type = RTM_SETLINK;
195 req.ifinfo.ifi_family = AF_UNSPEC;
196 req.ifinfo.ifi_index = ifindex;
197
198 nla = nlattr_begin_nested(&req, IFLA_XDP);
199 if (!nla)
200 return -EMSGSIZE;
201 ret = nlattr_add(&req, IFLA_XDP_FD, &fd, sizeof(fd));
202 if (ret < 0)
203 return ret;
204 if (flags) {
205 ret = nlattr_add(&req, IFLA_XDP_FLAGS, &flags, sizeof(flags));
206 if (ret < 0)
207 return ret;
208 }
209 if (flags & XDP_FLAGS_REPLACE) {
210 ret = nlattr_add(&req, IFLA_XDP_EXPECTED_FD, &old_fd,
211 sizeof(old_fd));
212 if (ret < 0)
213 return ret;
214 }
215 nlattr_end_nested(&req, nla);
216
217 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
218}
219
220int bpf_set_link_xdp_fd_opts(int ifindex, int fd, __u32 flags,
221 const struct bpf_xdp_set_link_opts *opts)
222{
223 int old_fd = -1, ret;
224
225 if (!OPTS_VALID(opts, bpf_xdp_set_link_opts))
226 return libbpf_err(-EINVAL);
227
228 if (OPTS_HAS(opts, old_fd)) {
229 old_fd = OPTS_GET(opts, old_fd, -1);
230 flags |= XDP_FLAGS_REPLACE;
231 }
232
233 ret = __bpf_set_link_xdp_fd_replace(ifindex, fd, old_fd, flags);
234 return libbpf_err(ret);
235}
236
237int bpf_set_link_xdp_fd(int ifindex, int fd, __u32 flags)
238{
239 int ret;
240
241 ret = __bpf_set_link_xdp_fd_replace(ifindex, fd, 0, flags);
242 return libbpf_err(ret);
243}
244
245static int __dump_link_nlmsg(struct nlmsghdr *nlh,
246 libbpf_dump_nlmsg_t dump_link_nlmsg, void *cookie)
247{
248 struct nlattr *tb[IFLA_MAX + 1], *attr;
249 struct ifinfomsg *ifi = NLMSG_DATA(nlh);
250 int len;
251
252 len = nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi));
253 attr = (struct nlattr *) ((void *) ifi + NLMSG_ALIGN(sizeof(*ifi)));
254
255 if (libbpf_nla_parse(tb, IFLA_MAX, attr, len, NULL) != 0)
256 return -LIBBPF_ERRNO__NLPARSE;
257
258 return dump_link_nlmsg(cookie, ifi, tb);
259}
260
261static int get_xdp_info(void *cookie, void *msg, struct nlattr **tb)
262{
263 struct nlattr *xdp_tb[IFLA_XDP_MAX + 1];
264 struct xdp_id_md *xdp_id = cookie;
265 struct ifinfomsg *ifinfo = msg;
266 int ret;
267
268 if (xdp_id->ifindex && xdp_id->ifindex != ifinfo->ifi_index)
269 return 0;
270
271 if (!tb[IFLA_XDP])
272 return 0;
273
274 ret = libbpf_nla_parse_nested(xdp_tb, IFLA_XDP_MAX, tb[IFLA_XDP], NULL);
275 if (ret)
276 return ret;
277
278 if (!xdp_tb[IFLA_XDP_ATTACHED])
279 return 0;
280
281 xdp_id->info.attach_mode = libbpf_nla_getattr_u8(
282 xdp_tb[IFLA_XDP_ATTACHED]);
283
284 if (xdp_id->info.attach_mode == XDP_ATTACHED_NONE)
285 return 0;
286
287 if (xdp_tb[IFLA_XDP_PROG_ID])
288 xdp_id->info.prog_id = libbpf_nla_getattr_u32(
289 xdp_tb[IFLA_XDP_PROG_ID]);
290
291 if (xdp_tb[IFLA_XDP_SKB_PROG_ID])
292 xdp_id->info.skb_prog_id = libbpf_nla_getattr_u32(
293 xdp_tb[IFLA_XDP_SKB_PROG_ID]);
294
295 if (xdp_tb[IFLA_XDP_DRV_PROG_ID])
296 xdp_id->info.drv_prog_id = libbpf_nla_getattr_u32(
297 xdp_tb[IFLA_XDP_DRV_PROG_ID]);
298
299 if (xdp_tb[IFLA_XDP_HW_PROG_ID])
300 xdp_id->info.hw_prog_id = libbpf_nla_getattr_u32(
301 xdp_tb[IFLA_XDP_HW_PROG_ID]);
302
303 return 0;
304}
305
306int bpf_get_link_xdp_info(int ifindex, struct xdp_link_info *info,
307 size_t info_size, __u32 flags)
308{
309 struct xdp_id_md xdp_id = {};
310 __u32 mask;
311 int ret;
312 struct libbpf_nla_req req = {
313 .nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)),
314 .nh.nlmsg_type = RTM_GETLINK,
315 .nh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST,
316 .ifinfo.ifi_family = AF_PACKET,
317 };
318
319 if (flags & ~XDP_FLAGS_MASK || !info_size)
320 return libbpf_err(-EINVAL);
321
322 /* Check whether the single {HW,DRV,SKB} mode is set */
323 flags &= (XDP_FLAGS_SKB_MODE | XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE);
324 mask = flags - 1;
325 if (flags && flags & mask)
326 return libbpf_err(-EINVAL);
327
328 xdp_id.ifindex = ifindex;
329 xdp_id.flags = flags;
330
331 ret = libbpf_netlink_send_recv(&req, __dump_link_nlmsg,
332 get_xdp_info, &xdp_id);
333 if (!ret) {
334 size_t sz = min(info_size, sizeof(xdp_id.info));
335
336 memcpy(info, &xdp_id.info, sz);
337 memset((void *) info + sz, 0, info_size - sz);
338 }
339
340 return libbpf_err(ret);
341}
342
343static __u32 get_xdp_id(struct xdp_link_info *info, __u32 flags)
344{
345 flags &= XDP_FLAGS_MODES;
346
347 if (info->attach_mode != XDP_ATTACHED_MULTI && !flags)
348 return info->prog_id;
349 if (flags & XDP_FLAGS_DRV_MODE)
350 return info->drv_prog_id;
351 if (flags & XDP_FLAGS_HW_MODE)
352 return info->hw_prog_id;
353 if (flags & XDP_FLAGS_SKB_MODE)
354 return info->skb_prog_id;
355
356 return 0;
357}
358
359int bpf_get_link_xdp_id(int ifindex, __u32 *prog_id, __u32 flags)
360{
361 struct xdp_link_info info;
362 int ret;
363
364 ret = bpf_get_link_xdp_info(ifindex, &info, sizeof(info), flags);
365 if (!ret)
366 *prog_id = get_xdp_id(&info, flags);
367
368 return libbpf_err(ret);
369}
370
371typedef int (*qdisc_config_t)(struct libbpf_nla_req *req);
372
373static int clsact_config(struct libbpf_nla_req *req)
374{
375 req->tc.tcm_parent = TC_H_CLSACT;
376 req->tc.tcm_handle = TC_H_MAKE(TC_H_CLSACT, 0);
377
378 return nlattr_add(req, TCA_KIND, "clsact", sizeof("clsact"));
379}
380
381static int attach_point_to_config(struct bpf_tc_hook *hook,
382 qdisc_config_t *config)
383{
384 switch (OPTS_GET(hook, attach_point, 0)) {
385 case BPF_TC_INGRESS:
386 case BPF_TC_EGRESS:
387 case BPF_TC_INGRESS | BPF_TC_EGRESS:
388 if (OPTS_GET(hook, parent, 0))
389 return -EINVAL;
390 *config = &clsact_config;
391 return 0;
392 case BPF_TC_CUSTOM:
393 return -EOPNOTSUPP;
394 default:
395 return -EINVAL;
396 }
397}
398
399static int tc_get_tcm_parent(enum bpf_tc_attach_point attach_point,
400 __u32 *parent)
401{
402 switch (attach_point) {
403 case BPF_TC_INGRESS:
404 case BPF_TC_EGRESS:
405 if (*parent)
406 return -EINVAL;
407 *parent = TC_H_MAKE(TC_H_CLSACT,
408 attach_point == BPF_TC_INGRESS ?
409 TC_H_MIN_INGRESS : TC_H_MIN_EGRESS);
410 break;
411 case BPF_TC_CUSTOM:
412 if (!*parent)
413 return -EINVAL;
414 break;
415 default:
416 return -EINVAL;
417 }
418 return 0;
419}
420
421static int tc_qdisc_modify(struct bpf_tc_hook *hook, int cmd, int flags)
422{
423 qdisc_config_t config;
424 int ret;
425 struct libbpf_nla_req req;
426
427 ret = attach_point_to_config(hook, &config);
428 if (ret < 0)
429 return ret;
430
431 memset(&req, 0, sizeof(req));
432 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
433 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags;
434 req.nh.nlmsg_type = cmd;
435 req.tc.tcm_family = AF_UNSPEC;
436 req.tc.tcm_ifindex = OPTS_GET(hook, ifindex, 0);
437
438 ret = config(&req);
439 if (ret < 0)
440 return ret;
441
442 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
443}
444
445static int tc_qdisc_create_excl(struct bpf_tc_hook *hook)
446{
447 return tc_qdisc_modify(hook, RTM_NEWQDISC, NLM_F_CREATE | NLM_F_EXCL);
448}
449
450static int tc_qdisc_delete(struct bpf_tc_hook *hook)
451{
452 return tc_qdisc_modify(hook, RTM_DELQDISC, 0);
453}
454
455int bpf_tc_hook_create(struct bpf_tc_hook *hook)
456{
457 int ret;
458
459 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) ||
460 OPTS_GET(hook, ifindex, 0) <= 0)
461 return libbpf_err(-EINVAL);
462
463 ret = tc_qdisc_create_excl(hook);
464 return libbpf_err(ret);
465}
466
467static int __bpf_tc_detach(const struct bpf_tc_hook *hook,
468 const struct bpf_tc_opts *opts,
469 const bool flush);
470
471int bpf_tc_hook_destroy(struct bpf_tc_hook *hook)
472{
473 if (!hook || !OPTS_VALID(hook, bpf_tc_hook) ||
474 OPTS_GET(hook, ifindex, 0) <= 0)
475 return libbpf_err(-EINVAL);
476
477 switch (OPTS_GET(hook, attach_point, 0)) {
478 case BPF_TC_INGRESS:
479 case BPF_TC_EGRESS:
480 return libbpf_err(__bpf_tc_detach(hook, NULL, true));
481 case BPF_TC_INGRESS | BPF_TC_EGRESS:
482 return libbpf_err(tc_qdisc_delete(hook));
483 case BPF_TC_CUSTOM:
484 return libbpf_err(-EOPNOTSUPP);
485 default:
486 return libbpf_err(-EINVAL);
487 }
488}
489
490struct bpf_cb_ctx {
491 struct bpf_tc_opts *opts;
492 bool processed;
493};
494
495static int __get_tc_info(void *cookie, struct tcmsg *tc, struct nlattr **tb,
496 bool unicast)
497{
498 struct nlattr *tbb[TCA_BPF_MAX + 1];
499 struct bpf_cb_ctx *info = cookie;
500
501 if (!info || !info->opts)
502 return -EINVAL;
503 if (unicast && info->processed)
504 return -EINVAL;
505 if (!tb[TCA_OPTIONS])
506 return NL_CONT;
507
508 libbpf_nla_parse_nested(tbb, TCA_BPF_MAX, tb[TCA_OPTIONS], NULL);
509 if (!tbb[TCA_BPF_ID])
510 return -EINVAL;
511
512 OPTS_SET(info->opts, prog_id, libbpf_nla_getattr_u32(tbb[TCA_BPF_ID]));
513 OPTS_SET(info->opts, handle, tc->tcm_handle);
514 OPTS_SET(info->opts, priority, TC_H_MAJ(tc->tcm_info) >> 16);
515
516 info->processed = true;
517 return unicast ? NL_NEXT : NL_DONE;
518}
519
520static int get_tc_info(struct nlmsghdr *nh, libbpf_dump_nlmsg_t fn,
521 void *cookie)
522{
523 struct tcmsg *tc = NLMSG_DATA(nh);
524 struct nlattr *tb[TCA_MAX + 1];
525
526 libbpf_nla_parse(tb, TCA_MAX,
527 (struct nlattr *)((void *)tc + NLMSG_ALIGN(sizeof(*tc))),
528 NLMSG_PAYLOAD(nh, sizeof(*tc)), NULL);
529 if (!tb[TCA_KIND])
530 return NL_CONT;
531 return __get_tc_info(cookie, tc, tb, nh->nlmsg_flags & NLM_F_ECHO);
532}
533
534static int tc_add_fd_and_name(struct libbpf_nla_req *req, int fd)
535{
536 struct bpf_prog_info info = {};
537 __u32 info_len = sizeof(info);
538 char name[256];
539 int len, ret;
540
541 ret = bpf_obj_get_info_by_fd(fd, &info, &info_len);
542 if (ret < 0)
543 return ret;
544
545 ret = nlattr_add(req, TCA_BPF_FD, &fd, sizeof(fd));
546 if (ret < 0)
547 return ret;
548 len = snprintf(name, sizeof(name), "%s:[%u]", info.name, info.id);
549 if (len < 0)
550 return -errno;
551 if (len >= sizeof(name))
552 return -ENAMETOOLONG;
553 return nlattr_add(req, TCA_BPF_NAME, name, len + 1);
554}
555
556int bpf_tc_attach(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts)
557{
558 __u32 protocol, bpf_flags, handle, priority, parent, prog_id, flags;
559 int ret, ifindex, attach_point, prog_fd;
560 struct bpf_cb_ctx info = {};
561 struct libbpf_nla_req req;
562 struct nlattr *nla;
563
564 if (!hook || !opts ||
565 !OPTS_VALID(hook, bpf_tc_hook) ||
566 !OPTS_VALID(opts, bpf_tc_opts))
567 return libbpf_err(-EINVAL);
568
569 ifindex = OPTS_GET(hook, ifindex, 0);
570 parent = OPTS_GET(hook, parent, 0);
571 attach_point = OPTS_GET(hook, attach_point, 0);
572
573 handle = OPTS_GET(opts, handle, 0);
574 priority = OPTS_GET(opts, priority, 0);
575 prog_fd = OPTS_GET(opts, prog_fd, 0);
576 prog_id = OPTS_GET(opts, prog_id, 0);
577 flags = OPTS_GET(opts, flags, 0);
578
579 if (ifindex <= 0 || !prog_fd || prog_id)
580 return libbpf_err(-EINVAL);
581 if (priority > UINT16_MAX)
582 return libbpf_err(-EINVAL);
583 if (flags & ~BPF_TC_F_REPLACE)
584 return libbpf_err(-EINVAL);
585
586 flags = (flags & BPF_TC_F_REPLACE) ? NLM_F_REPLACE : NLM_F_EXCL;
587 protocol = ETH_P_ALL;
588
589 memset(&req, 0, sizeof(req));
590 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
591 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE |
592 NLM_F_ECHO | flags;
593 req.nh.nlmsg_type = RTM_NEWTFILTER;
594 req.tc.tcm_family = AF_UNSPEC;
595 req.tc.tcm_ifindex = ifindex;
596 req.tc.tcm_handle = handle;
597 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
598
599 ret = tc_get_tcm_parent(attach_point, &parent);
600 if (ret < 0)
601 return libbpf_err(ret);
602 req.tc.tcm_parent = parent;
603
604 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
605 if (ret < 0)
606 return libbpf_err(ret);
607 nla = nlattr_begin_nested(&req, TCA_OPTIONS);
608 if (!nla)
609 return libbpf_err(-EMSGSIZE);
610 ret = tc_add_fd_and_name(&req, prog_fd);
611 if (ret < 0)
612 return libbpf_err(ret);
613 bpf_flags = TCA_BPF_FLAG_ACT_DIRECT;
614 ret = nlattr_add(&req, TCA_BPF_FLAGS, &bpf_flags, sizeof(bpf_flags));
615 if (ret < 0)
616 return libbpf_err(ret);
617 nlattr_end_nested(&req, nla);
618
619 info.opts = opts;
620
621 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info);
622 if (ret < 0)
623 return libbpf_err(ret);
624 if (!info.processed)
625 return libbpf_err(-ENOENT);
626 return ret;
627}
628
629static int __bpf_tc_detach(const struct bpf_tc_hook *hook,
630 const struct bpf_tc_opts *opts,
631 const bool flush)
632{
633 __u32 protocol = 0, handle, priority, parent, prog_id, flags;
634 int ret, ifindex, attach_point, prog_fd;
635 struct libbpf_nla_req req;
636
637 if (!hook ||
638 !OPTS_VALID(hook, bpf_tc_hook) ||
639 !OPTS_VALID(opts, bpf_tc_opts))
640 return -EINVAL;
641
642 ifindex = OPTS_GET(hook, ifindex, 0);
643 parent = OPTS_GET(hook, parent, 0);
644 attach_point = OPTS_GET(hook, attach_point, 0);
645
646 handle = OPTS_GET(opts, handle, 0);
647 priority = OPTS_GET(opts, priority, 0);
648 prog_fd = OPTS_GET(opts, prog_fd, 0);
649 prog_id = OPTS_GET(opts, prog_id, 0);
650 flags = OPTS_GET(opts, flags, 0);
651
652 if (ifindex <= 0 || flags || prog_fd || prog_id)
653 return -EINVAL;
654 if (priority > UINT16_MAX)
655 return -EINVAL;
656 if (!flush) {
657 if (!handle || !priority)
658 return -EINVAL;
659 protocol = ETH_P_ALL;
660 } else {
661 if (handle || priority)
662 return -EINVAL;
663 }
664
665 memset(&req, 0, sizeof(req));
666 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
667 req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
668 req.nh.nlmsg_type = RTM_DELTFILTER;
669 req.tc.tcm_family = AF_UNSPEC;
670 req.tc.tcm_ifindex = ifindex;
671 if (!flush) {
672 req.tc.tcm_handle = handle;
673 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
674 }
675
676 ret = tc_get_tcm_parent(attach_point, &parent);
677 if (ret < 0)
678 return ret;
679 req.tc.tcm_parent = parent;
680
681 if (!flush) {
682 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
683 if (ret < 0)
684 return ret;
685 }
686
687 return libbpf_netlink_send_recv(&req, NULL, NULL, NULL);
688}
689
690int bpf_tc_detach(const struct bpf_tc_hook *hook,
691 const struct bpf_tc_opts *opts)
692{
693 int ret;
694
695 if (!opts)
696 return libbpf_err(-EINVAL);
697
698 ret = __bpf_tc_detach(hook, opts, false);
699 return libbpf_err(ret);
700}
701
702int bpf_tc_query(const struct bpf_tc_hook *hook, struct bpf_tc_opts *opts)
703{
704 __u32 protocol, handle, priority, parent, prog_id, flags;
705 int ret, ifindex, attach_point, prog_fd;
706 struct bpf_cb_ctx info = {};
707 struct libbpf_nla_req req;
708
709 if (!hook || !opts ||
710 !OPTS_VALID(hook, bpf_tc_hook) ||
711 !OPTS_VALID(opts, bpf_tc_opts))
712 return libbpf_err(-EINVAL);
713
714 ifindex = OPTS_GET(hook, ifindex, 0);
715 parent = OPTS_GET(hook, parent, 0);
716 attach_point = OPTS_GET(hook, attach_point, 0);
717
718 handle = OPTS_GET(opts, handle, 0);
719 priority = OPTS_GET(opts, priority, 0);
720 prog_fd = OPTS_GET(opts, prog_fd, 0);
721 prog_id = OPTS_GET(opts, prog_id, 0);
722 flags = OPTS_GET(opts, flags, 0);
723
724 if (ifindex <= 0 || flags || prog_fd || prog_id ||
725 !handle || !priority)
726 return libbpf_err(-EINVAL);
727 if (priority > UINT16_MAX)
728 return libbpf_err(-EINVAL);
729
730 protocol = ETH_P_ALL;
731
732 memset(&req, 0, sizeof(req));
733 req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg));
734 req.nh.nlmsg_flags = NLM_F_REQUEST;
735 req.nh.nlmsg_type = RTM_GETTFILTER;
736 req.tc.tcm_family = AF_UNSPEC;
737 req.tc.tcm_ifindex = ifindex;
738 req.tc.tcm_handle = handle;
739 req.tc.tcm_info = TC_H_MAKE(priority << 16, htons(protocol));
740
741 ret = tc_get_tcm_parent(attach_point, &parent);
742 if (ret < 0)
743 return libbpf_err(ret);
744 req.tc.tcm_parent = parent;
745
746 ret = nlattr_add(&req, TCA_KIND, "bpf", sizeof("bpf"));
747 if (ret < 0)
748 return libbpf_err(ret);
749
750 info.opts = opts;
751
752 ret = libbpf_netlink_send_recv(&req, get_tc_info, NULL, &info);
753 if (ret < 0)
754 return libbpf_err(ret);
755 if (!info.processed)
756 return libbpf_err(-ENOENT);
757 return ret;
758}