Merge branch 'solutions'

tohojo · tohojo · commit 9278fdca20a1 · 2019-07-27T12:18:15.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -53,5 +53,15 @@ Module.symvers
 Mkfile.old
 dkms.conf
 
-# The xdp_loader program
+# Userspace programs
 xdp_loader
+xdp_stats
+xdp_pass_user
+xdp_load_and_stats
+xdp_prog_user
+
+# tracing userspace programs
+trace_load_and_stats
+trace_load_and_stats
+trace_read
+xdp_sample_pkts_user
diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause)
 
-LESSONS = $(wildcard basic??-*) $(wildcard packet??-*)
+LESSONS = $(wildcard basic??-*) $(wildcard packet*) $(wildcard tracing??-*)
 LESSONS_CLEAN = $(addsuffix _clean,$(LESSONS))
 
 .PHONY: clean $(LESSONS) $(LESSONS_CLEAN)
diff --git a/common/parsing_helpers.h b/common/parsing_helpers.h
@@ -26,6 +26,8 @@
 #include <linux/ipv6.h>
 #include <linux/icmp.h>
 #include <linux/icmpv6.h>
+#include <linux/udp.h>
+#include <linux/tcp.h>
 
 /* Header cursor to keep track of current parsing position */
 struct hdr_cursor {
@@ -185,77 +187,50 @@ static __always_inline int parse_icmphdr_common(struct hdr_cursor *nh,
 	return h->type;
 }
 
-static __always_inline struct ethhdr *get_ethhdr(struct hdr_cursor *nh,
-						 void *data_end)
-{
-	struct ethhdr *eth = nh->pos;
-	int hdrsize = sizeof(*eth);
-
-	/* Byte-count bounds check; check if current pointer + size of header
-	 * is after data_end.
-	 */
-	if (nh->pos + hdrsize > data_end)
-		return NULL;
-
-	nh->pos += hdrsize;
-	return eth;
-}
-
-static __always_inline struct ipv6hdr *get_ip6hdr(struct ethhdr *eth,
-                                                  struct hdr_cursor *nh,
-                                                  void *data_end)
+/*
+ * parse_tcphdr: parse the udp header and return the length of the udp payload
+ */
+static __always_inline int parse_udphdr(struct hdr_cursor *nh,
+					void *data_end,
+					struct udphdr **udphdr)
 {
-        struct vlan_hdr *vlh = nh->pos;
-        __u16 h_proto = eth->h_proto;
-	struct ipv6hdr *ip6h;
-        int i;
-
-        /* Use loop unrolling to avoid the verifier restriction on loops;
-         * support up to VLAN_MAX_DEPTH layers of VLAN encapsulation.
-         */
-        #pragma unroll
-        for (i = 0; i < VLAN_MAX_DEPTH; i++) {
-                if (!(h_proto == bpf_htons(ETH_P_8021Q) ||
-                      h_proto == bpf_htons(ETH_P_8021AD)))
-                        break;
-
-                if (vlh + 1 > data_end)
-                        return NULL;
+	int len;
+	struct udphdr *h = nh->pos;
 
-                h_proto = vlh->h_vlan_encapsulated_proto;
-                vlh++;
-        }
-
-        ip6h = (void *)vlh;
+	if (h + 1 > data_end)
+		return -1;
 
-	if (h_proto != bpf_htons(ETH_P_IPV6))
-		return NULL;
+	nh->pos  = h + 1;
+	*udphdr = h;
 
-	/* Pointer-arithmetic bounds check; pointer +1 points to after end of
-	 * thing being pointed to. We will be using this style in the remainder
-	 * of the tutorial.
-	 */
-	if (ip6h + 1 > data_end)
-		return NULL;
+	len = bpf_ntohs(h->len) - sizeof(struct udphdr);
+	if (len < 0)
+		return -1;
 
-	nh->pos = ip6h + 1;
-	return ip6h;
+	return len;
 }
 
-static __always_inline struct icmp6hdr *get_icmp6hdr(struct ipv6hdr *ip6h,
-                                                     struct hdr_cursor *nh,
-                                                     void *data_end)
+/*
+ * parse_tcphdr: parse and return the length of the tcp header
+ */
+static __always_inline int parse_tcphdr(struct hdr_cursor *nh,
+					void *data_end,
+					struct tcphdr **tcphdr)
 {
-	struct icmp6hdr *icmp6h = nh->pos;
+	int len;
+	struct tcphdr *h = nh->pos;
 
-	if (ip6h->nexthdr != IPPROTO_ICMPV6)
-		return NULL;
+	if (h + 1 > data_end)
+		return -1;
 
-	if (icmp6h + 1 > data_end)
-		return NULL;
+	len = h->doff * 4;
+	if ((void *) h + len > data_end)
+		return -1;
+
+	nh->pos  = h + 1;
+	*tcphdr = h;
 
-	nh->pos = icmp6h + 1;
-	return icmp6h;
+	return len;
 }
 
 #endif /* __PARSING_HELPERS_H */
diff --git a/packet-solutions/Makefile b/packet-solutions/Makefile
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause)
 
-XDP_TARGETS  := xdp_prog_kern
+XDP_TARGETS  := xdp_prog_kern_02 xdp_prog_kern_03
 USER_TARGETS := xdp_prog_user
 
 LIBBPF_DIR = ../libbpf/src/
diff --git a/packet-solutions/README.org b/packet-solutions/README.org
@@ -6,3 +6,71 @@ This directory contains solutions to all the assignments in the
 [[file:../packet01-parsing/][packet01]],
 [[file:../packet02-rewriting/][packet02]], and
 [[file:../packet03-redirecting/][packet03]] lessons.
+
+* Table of Contents                                                     :TOC:
+- [[#solutions][Solutions]]
+  - [[#packet01-packet-parsing][Packet01: packet parsing]]
+  - [[#packet02-packet-rewriting][Packet02: packet rewriting]]
+  - [[#packet03-redirecting-packets][Packet03: redirecting packets]]
+
+* Solutions
+
+** Packet01: packet parsing
+
+*** Assignment 1: Fix the bounds checking error
+
+See the =parse_ethhdr= function from the [[file:../common/parsing_helpers.h][parsing_helpers.h]] file.
+
+*** Assignment 2: Parsing the IP header
+
+See the =parse_ip6hdr= function from the [[file:../common/parsing_helpers.h][parsing_helpers.h]] file.
+
+*** Assignment 3: Parsing the ICMPv6 header and reacting to it
+
+See the =parse_icmp6hdr= function from the [[file:../common/parsing_helpers.h][parsing_helpers.h]]
+file.  The sequence number should be accessed as =bpf_ntohs(icmp6h->icmp6_sequence)=
+as it is a 2-byte value in the network order.
+
+*** Assignment 4: Adding VLAN support
+
+See the =parse_ethhdr= function from the [[file:../common/parsing_helpers.h][parsing_helpers.h]] file.
+
+*** Assignment 5: Adding IPv4 support
+
+See the =parse_iphdr= and =parse_icmphdr= functions from the [[file:../common/parsing_helpers.h][parsing_helpers.h]] file.
+
+** Packet02: packet rewriting
+
+*** Assignment 1: Rewrite port numbers
+
+An example XDP program can be found in the =xdp_patch_ports= section in the [[file:xdp_prog_kern_02.c][xdp_prog_kern_02.c]] file. The program will decrease by one destination port number in any TCP or UDP packet.
+
+*** Assignment 2: Remove the outermost VLAN tag
+
+See the =vlan_tag_pop= function from the [[file:../common/rewrite_helpers.h][rewrite_helpers.h]] file.
+An example XDP program can be found in the =xdp_vlan_swap= section in the [[file:xdp_prog_kern_02.c][xdp_prog_kern_02.c]] file.
+
+*** Assignment 3: Add back a missing VLAN tag
+
+See the =vlan_tag_push= function from the [[file:../common/rewrite_helpers.h][rewrite_helpers.h]] file.
+An example XDP program can be found in the =xdp_vlan_swap= section in the [[file:xdp_prog_kern_02.c][xdp_prog_kern_02.c]] file.
+
+** Packet03: redirecting packets
+
+*** Assignment 1: Send packets back where they came from
+
+See the =xdp_icmp_echo= program in the [[file:xdp_prog_kern_03.c][xdp_prog_kern_03.c]] file.
+
+*** Assignment 2: Redirect packets between two interfaces
+
+See the =xdp_redirect= program in the [[file:xdp_prog_kern_03.c][xdp_prog_kern_03.c]] file.
+
+*** Assignment 3: Extend to a bidirectional router
+
+See the =xdp_redirect_map= program in the [[file:xdp_prog_kern_03.c][xdp_prog_kern_03.c]] file.
+Userspace part of the assignment is implemented in the [[file:xdp_prog_user.c][xdp_prog_user.c]] file.
+
+*** Assignment 4: Use the BPF helper for routing
+
+See the =xdp_router= program in the [[file:xdp_prog_kern_03.c][xdp_prog_kern_03.c]] file.
+Userspace part of the assignment is implemented in the [[file:xdp_prog_user.c][xdp_prog_user.c]] file.
diff --git a/packet-solutions/xdp_prog_kern_02.c b/packet-solutions/xdp_prog_kern_02.c
@@ -0,0 +1,98 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#include <linux/bpf.h>
+#include <linux/in.h>
+#include "bpf_helpers.h"
+#include "bpf_endian.h"
+
+// The parsing helper functions from the packet01 lesson have moved here
+#include "../common/parsing_helpers.h"
+#include "../common/rewrite_helpers.h"
+
+/* Defines xdp_stats_map */
+#include "../common/xdp_stats_kern_user.h"
+#include "../common/xdp_stats_kern.h"
+
+/*
+ * Solution to the assignment 1 in lesson packet02
+ */
+SEC("xdp_patch_ports")
+int xdp_patch_ports_func(struct xdp_md *ctx)
+{
+	int action = XDP_PASS;
+	int eth_type, ip_type;
+	struct ethhdr *eth;
+	struct iphdr *iphdr;
+	struct ipv6hdr *ipv6hdr;
+	struct udphdr *udphdr;
+	struct tcphdr *tcphdr;
+	void *data_end = (void *)(long)ctx->data_end;
+	void *data = (void *)(long)ctx->data;
+	struct hdr_cursor nh = { .pos = data };
+
+	eth_type = parse_ethhdr(&nh, data_end, &eth);
+	if (eth_type < 0) {
+		action = XDP_ABORTED;
+		goto out;
+	}
+
+	if (eth_type == ETH_P_IP) {
+		ip_type = parse_iphdr(&nh, data_end, &iphdr);
+	} else if (eth_type == ETH_P_IPV6) {
+		ip_type = parse_ip6hdr(&nh, data_end, &ipv6hdr);
+	} else {
+		goto out;
+	}
+
+	if (ip_type == IPPROTO_UDP) {
+		if (parse_udphdr(&nh, data_end, &udphdr) < 0) {
+			action = XDP_ABORTED;
+			goto out;
+		}
+		udphdr->dest = bpf_htons(bpf_ntohs(udphdr->dest) - 1);
+	} else if (ip_type == IPPROTO_TCP) {
+		if (parse_tcphdr(&nh, data_end, &tcphdr) < 0) {
+			action = XDP_ABORTED;
+			goto out;
+		}
+		tcphdr->dest = bpf_htons(bpf_ntohs(tcphdr->dest) - 1);
+	}
+
+out:
+	return xdp_stats_record_action(ctx, action);
+}
+
+/*
+ * Solution to the assignments 2 and 3 in lesson packet02: Will pop outermost
+ * VLAN tag if it exists, otherwise push a new one with ID 1
+ */
+SEC("xdp_vlan_swap")
+int xdp_vlan_swap_func(struct xdp_md *ctx)
+{
+	void *data_end = (void *)(long)ctx->data_end;
+	void *data = (void *)(long)ctx->data;
+
+	/* These keep track of the next header type and iterator pointer */
+	struct hdr_cursor nh;
+	int nh_type;
+	nh.pos = data;
+
+	struct ethhdr *eth;
+	nh_type = parse_ethhdr(&nh, data_end, &eth);
+	if (nh_type < 0)
+		return XDP_PASS;
+
+	if (proto_is_vlan(eth->h_proto))
+		vlan_tag_pop(ctx, eth);
+	else
+		vlan_tag_push(ctx, eth, 1);
+
+	return XDP_PASS;
+}
+
+SEC("xdp_pass")
+int xdp_pass_func(struct xdp_md *ctx)
+{
+	return XDP_PASS;
+}
+
+char _license[] SEC("license") = "GPL";
diff --git a/packet-solutions/xdp_prog_kern_03.c b/packet-solutions/xdp_prog_kern_03.c
@@ -30,33 +30,6 @@ struct bpf_map_def SEC("maps") redirect_params = {
 	.max_entries = 1,
 };
 
-/* Solution to the assignments in lesson packet02: Will pop outermost VLAN tag
- * if it exists, otherwise push a new one with ID 1
- */
-SEC("xdp_vlan_swap")
-int xdp_vlan_swap_func(struct xdp_md *ctx)
-{
-	void *data_end = (void *)(long)ctx->data_end;
-	void *data = (void *)(long)ctx->data;
-
-        /* These keep track of the next header type and iterator pointer */
-	struct hdr_cursor nh;
-	int nh_type;
-        nh.pos = data;
-
-	struct ethhdr *eth;
-	nh_type = parse_ethhdr(&nh, data_end, &eth);
-        if (nh_type < 0)
-                return XDP_PASS;
-
-        if (proto_is_vlan(eth->h_proto))
-                vlan_tag_pop(ctx, eth);
-        else
-                vlan_tag_push(ctx, eth, 1);
-
-        return XDP_PASS;
-}
-
 static __always_inline __u16 csum_fold_helper(__u32 csum)
 {
 	return ~((csum & 0xffff) + (csum >> 16));
@@ -172,7 +145,7 @@ int xdp_icmp_echo_func(struct xdp_md *ctx)
 	return xdp_stats_record_action(ctx, action);
 }
 
-/* Assignment 2 */
+/* Solution to packet03/assignment-2 */
 SEC("xdp_redirect")
 int xdp_redirect_func(struct xdp_md *ctx)
 {
@@ -201,7 +174,7 @@ int xdp_redirect_func(struct xdp_md *ctx)
 	return xdp_stats_record_action(ctx, action);
 }
 
-/* Assignment 3 */
+/* Solution to packet03/assignment-3 */
 SEC("xdp_redirect_map")
 int xdp_redirect_map_func(struct xdp_md *ctx)
 {
diff --git a/packet01-parsing/README.org b/packet01-parsing/README.org
