New tmp

bpf/include/bpf_kfunc.h

@@ -0,0 +1,64 @@
+/* SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) */
+/* Copyright Authors of Kmesh */
+
+#include "../../config/kmesh_marcos_def.h"
+#include <linux/in.h>
+#include <stddef.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <linux/bpf.h>
+#include <sys/socket.h>
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_endian.h>
+#include "map_config.h"
+
+#include "errno.h"
+
+struct bpf_mem_ptr {
+    void *ptr;
+    __u32 size;
+};
+
+#define KMESH_MODULE_ULP_NAME "kmesh_defer"
+
+extern int bpf_parse_header_msg_func(void *src, int src__sz) __ksym;
+extern int bpf_km_header_strnstr_func(void *ctx, int ctx__sz, const char *key, int key__sz, const char *subptr) __ksym;
+extern int bpf_km_header_strncmp_func(const char *key, int key__sz, const char *target, int target__sz, int opt) __ksym;
+extern int bpf_setsockopt_func(void *bpf_mem, int bpf_mem__sz, int optname, const char *optval, int optval__sz) __ksym;
+extern int bpf_getsockopt_func(void *bpf_mem, int bpf_mem__sz, int optname, char *optval, int optval__sz) __ksym;
+
+#define bpf_km_header_strncmp bpf_km_header_strncmp_func
+
+static int bpf_km_header_strnstr(void *ctx, const char *key, int key__sz, const char *subptr, int subptr__sz)
+{
+    struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)};
+    return bpf_km_header_strnstr_func(&msg_tmp, sizeof(struct bpf_mem_ptr), key, key__sz, subptr);
+}
+
+static int bpf_parse_header_msg(struct bpf_sock_addr *ctx)
+{
+    struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)};
+    return bpf_parse_header_msg_func(&msg_tmp, sizeof(struct bpf_mem_ptr));
+}
+
+// Due to the limitation of bpf verifier, optval and optval__sz are required to correspond.
+// The strnlen function cannot be used here, so the string is redefined.
+static int bpf_km_setsockopt(struct bpf_sock_addr *ctx, int level, int optname, const char *optval, int optval__sz)
+{
+    const char kmesh_module_ulp_name[] = KMESH_MODULE_ULP_NAME;
+    if (level != IPPROTO_TCP || optval__sz != sizeof(kmesh_module_ulp_name))
+        return -1;
+
+    struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)};
+    return bpf_setsockopt_func(
+        &msg_tmp, sizeof(struct bpf_mem_ptr), optname, (void *)kmesh_module_ulp_name, sizeof(kmesh_module_ulp_name));
+}
+
+static int bpf_km_getsockopt(struct bpf_sock_addr *ctx, int level, int optname, char *optval, int optval__sz)
+{
+    if (level != IPPROTO_TCP) {
+        return -1;
+    }
+    struct bpf_mem_ptr msg_tmp = {.ptr = ctx, .size = sizeof(struct bpf_sock_addr)};
+    return bpf_getsockopt_func(&msg_tmp, sizeof(struct bpf_mem_ptr), optname, (void *)optval, optval__sz);
+}

bpf/include/common.h

@@ -5,6 +5,7 @@
 #define _COMMON_H_
 
 #include "../../config/kmesh_marcos_def.h"
+#include <linux/in.h>
 #include <stddef.h>
 #include <stdbool.h>
 #include <stdint.h>
@@ -17,7 +18,17 @@
 #include "errno.h"
 
 #if ENHANCED_KERNEL
-#include <bpf_helper_defs_ext.h>
+#if KERNEL_KFUNC
+#include "bpf_kfunc.h"
+#else
+struct bpf_mem_ptr {
+    void *ptr;
+    __u32 size;
+};
+#include "bpf_helper_defs_ext.h"
+#define bpf_km_setsockopt bpf_setsockopt
+#define bpf_km_getsockopt bpf_getsockopt
+#endif
 #endif
 
 #define bpf_unused __attribute__((__unused__))
@@ -113,14 +124,8 @@ static inline bool is_ipv4_mapped_addr(__u32 ip6[4])
         (dst)[3] = (src)[3];                                                                                           \
     } while (0)
 
-#if OE_23_03
-#define bpf__strncmp                  bpf_strncmp
-#define GET_SKOPS_REMOTE_PORT(sk_ops) (__u16)((sk_ops)->remote_port)
-#else
 #define GET_SKOPS_REMOTE_PORT(sk_ops) (__u16)((sk_ops)->remote_port >> 16)
-#endif
-
-#define GET_SKOPS_LOCAL_PORT(sk_ops) (__u16)((sk_ops)->local_port)
+#define GET_SKOPS_LOCAL_PORT(sk_ops)  (__u16)((sk_ops)->local_port)
 
 #define MAX_BUF_LEN 100
 #define MAX_IP4_LEN 16

bpf/kmesh/ads/cgroup_sock.c

@@ -14,16 +14,15 @@
 
 #if ENHANCED_KERNEL
 #include "route_config.h"
+static const char kmesh_module_ulp_name[] = KMESH_MODULE_ULP_NAME;
 #endif
 #if KMESH_ENABLE_IPV4
 #if KMESH_ENABLE_HTTP
 
-static const char kmesh_module_name[] = "kmesh_defer";
-static char kmesh_module_name_get[KMESH_MODULE_NAME_LEN] = "";
 static inline int sock4_traffic_control(struct bpf_sock_addr *ctx)
 {
     int ret;
-
+    char kmesh_module_ulp_name_get[KMESH_MODULE_NAME_LEN] = "";
     Listener__Listener *listener = NULL;
 
     if (ctx->protocol != IPPROTO_TCP)
@@ -42,9 +41,10 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx)
     BPF_LOG(DEBUG, KMESH, "bpf find listener addr=[%s:%u]\n", ip2str(&ip, 1), bpf_ntohs(ctx->user_port));
 
 #if ENHANCED_KERNEL
-    ret = bpf_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name_get, KMESH_MODULE_NAME_LEN);
-    if (CHECK_MODULE_NAME_NULL(ret) || bpf__strncmp(kmesh_module_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_name)) {
-        ret = bpf_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, (void *)kmesh_module_name, sizeof(kmesh_module_name));
+    ret = bpf_km_getsockopt(ctx, IPPROTO_TCP, TCP_ULP, kmesh_module_ulp_name_get, KMESH_MODULE_NAME_LEN);
+    if (CHECK_MODULE_NAME_NULL(ret)
+        || bpf__strncmp(kmesh_module_ulp_name_get, KMESH_MODULE_NAME_LEN, kmesh_module_ulp_name)) {
+        ret = bpf_km_setsockopt(ctx, IPPROTO_TCP, TCP_ULP, kmesh_module_ulp_name, sizeof(kmesh_module_ulp_name));
         if (ret)
             BPF_LOG(ERR, KMESH, "bpf set sockopt failed! ret %d\n", ret);
         return 0;

bpf/kmesh/ads/include/ctx/sock_ops.h

@@ -22,16 +22,6 @@ typedef struct bpf_sock_ops ctx_buff_t;
     name.ipv4 = (ctx)->remote_ip4;                                                                                     \
     name.port = (ctx)->remote_port
 
-#if OE_23_03
-#define SET_CTX_ADDRESS(ctx, address)                                                                                  \
-    (ctx)->remote_ip4 = (address)->ipv4;                                                                               \
-    (ctx)->remote_port = (address)->port
-
-#define MARK_REJECTED(ctx)                                                                                             \
-    BPF_LOG(DEBUG, KMESH, "mark reject\n");                                                                            \
-    (ctx)->remote_ip4 = 0;                                                                                             \
-    (ctx)->remote_port = 0
-#else
 #define SET_CTX_ADDRESS(ctx, address)                                                                                  \
     (ctx)->replylong[2] = (address)->ipv4;                                                                             \
     (ctx)->replylong[3] = (address)->port
@@ -40,6 +30,5 @@ typedef struct bpf_sock_ops ctx_buff_t;
     BPF_LOG(DEBUG, KMESH, "mark reject\n");                                                                            \
     (ctx)->replylong[2] = 0;                                                                                           \
     (ctx)->replylong[3] = 0
-#endif
 
 #endif //__BPF_CTX_SOCK_OPS_H

bpf/kmesh/ads/include/kmesh_common.h

@@ -31,11 +31,6 @@
         val;                                                                                                           \
     })
 
-struct bpf_mem_ptr {
-    void *ptr;
-    __u32 size;
-};
-
 static inline int bpf__strncmp(const char *dst, int n, const char *src)
 {
     if (dst == NULL || src == NULL)

build.sh

@@ -43,11 +43,20 @@ if [ "$1" == "-h" -o "$1" == "--help" ]; then
 fi
 
 if [ -z "$1" -o "$1" == "-b" -o "$1" == "--build" ]; then
+	bash kmesh_macros_env_kernel.sh
 	prepare
 	make
 	exit
 fi
 
+if [ "$1" == "-d" -o "$1" == "--docker" ]; then
+	prepare
+	make kmesh-bpf
+	make all-binary
+	install
+	exit
+fi
+
 if [ "$1" == "-i" -o "$1" == "--install" ]; then
 	make install
 	install

config/kmesh_marcos_def.h

@@ -24,33 +24,11 @@
  */
 #define MDA_GID_UID_FILTER 1
 
-/*
- * openEuler-23.03 is an innovative version of openEuler, in the early time, we
- * developed kmesh based on openEuler-23.03, and the implementation of kmesh
- * was related to the openEuler-23.03 kernel. Now, the general implementation
- * of kmesh differs from the previous openEuler-23.03 version, so we need to
- * use this macro to distinguish these differences.
- * The main differences between the general implementation of kmesh and the
- * openEuler-23.03 version are as follows:
- * 1. Use replylong parameter instead of directly modifying the remote IP and Port;
- * 2. Use bpf__strncmp instead of bpf_strncmp for string comparison;
- * 3. Fix Port shift bug on openEuler-23.03.In the kernel network protocol
- *    stack, the port is stored in u16, but in the bpf network module, the port
- *    is stored in u32. Therefore, after the endian conversion, the 16-bit port
- *    needs to be obtained from the 32-bit data structure.
- *    You need to find the position of the valid 16 bits. Generally, after the
- *    port is extended from 16 bits to 32 bits, the port is in the upper 16
- *    bits after the endian conversion. Therefore, you need to offset the port
- *    before using the u16 RX port. In some specific kernels, the port stored
- *    in sockops is in the lower 16 bits and does not need to be offset.
- */
-#define OE_23_03 0
-
 /*
  * in kernel 6.x version, add the new iter type ITER_UBUF, and we need add code
  * for the corresponding scenarios.
  */
-#define ITER_TYPE_IS_UBUF 0
+#define KERNEL_VERISON6 0
 
 /*
  * Kmesh’s Layer 7 acceleration proxy capability relies on kernel enhancements.
@@ -68,3 +46,8 @@
  * is enabled accordingly.
  * */
 #define LIBBPF_HIGHER_0_6_0_VERSION 0
+
+/*
+ * Determine whether the current kernel version supports the use of kfunc.
+ */
+#define KERNEL_KFUNC 0

hack/gen_bpf_specs.go

@@ -167,7 +167,10 @@ func main() {
 				importPath := filepath.ToSlash(filepath.Join(modulePrefix, "bpf", "kmesh", "bpf2go", real))
 				pi := pkgInfo{Alias: alias, ImportPath: importPath, OutputDir: real, Entries: list}
 				pkgsDefault = append(pkgsDefault, pi)
-				pkgsEnhanced = append(pkgsEnhanced, pi)
+
+				if !strings.HasPrefix(real, "dualengine") {
+					pkgsEnhanced = append(pkgsEnhanced, pi)
+				}
 			}
 		}
 	}

hack/utils.sh

@@ -30,7 +30,7 @@ function get_arch() {
 function build_kmesh() {
 	local container_id=$1
 	docker exec $container_id git config --global --add safe.directory /kmesh
-	docker exec -e VERSION=$VERSION $container_id sh /kmesh/build.sh
+	docker exec -e VERSION=$VERSION $container_id sh /kmesh/build.sh -d
 	docker exec -e VERSION=$VERSION $container_id sh /kmesh/build.sh -i
 	docker exec $container_id sh -c "$(declare -f copy_to_host); copy_to_host"
 }

kernel/ko_src/Makefile

@@ -2,8 +2,10 @@ CURRENT_PATH := $(shell pwd)
 DIRS := $(shell find $(CURRENT_PATH) -maxdepth 1 -type d)
 BASE_DIRS := $(basename $(patsubst $(CURRENT_PATH)/%, %, $(DIRS)))
 BASE_DIRS := $(filter-out $(CURRENT_PATH), $(BASE_DIRS))
+CONFIG_FILE := ../../config/kmesh_marcos_def.h
+ENHANCED_KERNEL := $(shell grep -q "#define ENHANCED_KERNEL 1" $(CONFIG_FILE) && echo yes || echo no)
 
-ifeq ($(ENHANCED_KERNEL), enhanced)
+ifeq ($(ENHANCED_KERNEL), yes)
 all:
 	@for dir in ${BASE_DIRS}; do 	\
 		make -C $(CURRENT_PATH)/$$dir;	\

kernel/ko_src/kmesh/Makefile

@@ -10,7 +10,7 @@
 obj-m := kmesh.o
 kmesh-objs = kmesh_main.o defer_connect.o \
 	kmesh_parse_protocol_data.o \
-	kmesh_parse_http_1_1.o
+	kmesh_parse_http_1_1.o kmesh_func.o
 
 KERNELDIR ?= /lib/modules/$(shell uname -r)/build
 PWD := $(shell pwd)