• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #define CACHE_MAP_SIZE 1024
18 #define MAX_POLICIES 16
19 
20 #define SRC_IP_MASK_FLAG     1
21 #define DST_IP_MASK_FLAG     2
22 #define SRC_PORT_MASK_FLAG   4
23 #define PROTO_MASK_FLAG      8
24 
25 #define STRUCT_SIZE(name, size) _Static_assert(sizeof(name) == (size), "Incorrect struct size.")
26 
27 // Retrieve the first (ie. high) 64 bits of an IPv6 address (in network order)
28 #define v6_hi_be64(v) (*(uint64_t*)&((v).s6_addr32[0]))
29 
30 // Retrieve the last (ie. low) 64 bits of an IPv6 address (in network order)
31 #define v6_lo_be64(v) (*(uint64_t*)&((v).s6_addr32[2]))
32 
33 // This returns a non-zero u64 iff a != b
34 #define v6_not_equal(a, b) ((v6_hi_be64(a) ^ v6_hi_be64(b)) \
35                           | (v6_lo_be64(a) ^ v6_lo_be64(b)))
36 
37 // Returns 'a == b' as boolean
38 #define v6_equal(a, b) (!v6_not_equal((a), (b)))
39 
40 // TODO: these are already defined in packages/modules/Connectivity/bpf_progs/bpf_net_helpers.h.
41 // smove to common location in future.
42 static uint64_t (*bpf_get_socket_cookie)(struct __sk_buff* skb) =
43         (void*)BPF_FUNC_get_socket_cookie;
44 static int (*bpf_skb_store_bytes)(struct __sk_buff* skb, __u32 offset, const void* from, __u32 len,
45                                   __u64 flags) = (void*)BPF_FUNC_skb_store_bytes;
46 static int (*bpf_l3_csum_replace)(struct __sk_buff* skb, __u32 offset, __u64 from, __u64 to,
47                                   __u64 flags) = (void*)BPF_FUNC_l3_csum_replace;
48 static long (*bpf_skb_ecn_set_ce)(struct __sk_buff* skb) =
49         (void*)BPF_FUNC_skb_ecn_set_ce;
50 
51 typedef struct {
52     struct in6_addr src_ip;
53     struct in6_addr dst_ip;
54     uint32_t ifindex;
55     __be16 src_port;
56     uint16_t dst_port_start;
57     uint16_t dst_port_end;
58     uint8_t proto;
59     int8_t dscp_val;  // -1 none, or 0..63 DSCP value
60     uint8_t present_fields;
61     uint8_t pad[3];
62 } DscpPolicy;
63 STRUCT_SIZE(DscpPolicy, 2 * 16 + 4 + 3 * 2 + 3 * 1 + 3);  // 48
64 
65 typedef struct {
66     struct in6_addr src_ip;
67     struct in6_addr dst_ip;
68     uint32_t ifindex;
69     __be16 src_port;
70     uint16_t dst_port;
71     uint8_t proto;
72     int8_t dscp_val;  // -1 none, or 0..63 DSCP value
73     uint8_t pad[2];
74 } RuleEntry;
75 STRUCT_SIZE(RuleEntry, 2 * 16 + 1 * 4 + 2 * 2 + 2 * 1 + 2);  // 44
76