|
6 | 6 | #include <fcntl.h> |
7 | 7 | #include <ffi.h> |
8 | 8 | #include <linux/bpf.h> |
| 9 | +#include <linux/if_link.h> |
9 | 10 | #include <linux/tcp.h> |
10 | 11 | #include <linux/types.h> |
11 | 12 | #include <net/if.h> |
@@ -112,8 +113,8 @@ static inline int tc_hook_cleanup(struct bpf_tc_hook* hook, struct bpf_tc_opts* |
112 | 113 | return ret ?: bpf_tc_hook_destroy(hook); |
113 | 114 | } |
114 | 115 |
|
115 | | -static inline int tc_hook_create_bind(struct bpf_tc_hook* hook, struct bpf_tc_opts* opts, |
116 | | - const struct bpf_program* prog) { |
| 116 | +static inline int tc_hook_create_attach(struct bpf_tc_hook* hook, struct bpf_tc_opts* opts, |
| 117 | + const struct bpf_program* prog) { |
117 | 118 | // EEXIST causes libbpf_print_fn to log harmless 'libbpf: Kernel error message: Exclusivity flag |
118 | 119 | // on, cannot modify' |
119 | 120 | int retcode = bpf_tc_hook_create(hook); |
@@ -463,9 +464,9 @@ static inline int run_bpf(struct run_args* args, int lock_fd, const char* ifname |
463 | 464 | int mimic_whitelist_fd = -1, mimic_conns_fd = -1, mimic_rb_fd = -1; |
464 | 465 |
|
465 | 466 | bool tc_hook_created = false; |
| 467 | + bool xdp_attached = false; |
466 | 468 | struct bpf_tc_hook tc_hook_egress; |
467 | 469 | struct bpf_tc_opts tc_opts_egress; |
468 | | - struct bpf_link* xdp_ingress = NULL; |
469 | 470 | struct ring_buffer* rb = NULL; |
470 | 471 | ffi_closure* closure = NULL; |
471 | 472 | ffi_cif cif; |
@@ -526,15 +527,19 @@ static inline int run_bpf(struct run_args* args, int lock_fd, const char* ifname |
526 | 527 | rb = try2_p(ring_buffer__new(mimic_rb_fd, handle_rb_event(&ctx, &cif, &closure), NULL, NULL), |
527 | 528 | _("failed to attach BPF ring buffer '%s': %s"), "mimic_rb", strret); |
528 | 529 |
|
529 | | - // TC and XDP |
| 530 | + // TC |
530 | 531 | tc_hook_egress = (typeof(tc_hook_egress)){ |
531 | 532 | .sz = sizeof(tc_hook_egress), .ifindex = ifindex, .attach_point = BPF_TC_EGRESS}; |
532 | 533 | tc_opts_egress = |
533 | 534 | (typeof(tc_opts_egress)){.sz = sizeof(tc_opts_egress), .handle = 1, .priority = 1}; |
534 | 535 | tc_hook_created = true; |
535 | | - try2(tc_hook_create_bind(&tc_hook_egress, &tc_opts_egress, skel->progs.egress_handler)); |
536 | | - xdp_ingress = try2_p(bpf_program__attach_xdp(skel->progs.ingress_handler, ifindex), |
537 | | - _("failed to attach XDP program: %s"), strret); |
| 536 | + try2(tc_hook_create_attach(&tc_hook_egress, &tc_opts_egress, skel->progs.egress_handler)); |
| 537 | + |
| 538 | + // XDP |
| 539 | + // TODO: pass flags |
| 540 | + try2(bpf_xdp_attach(ifindex, bpf_program__fd(skel->progs.ingress_handler), 0 , NULL), |
| 541 | + _("failed to attach XDP program: %s"), strret); |
| 542 | + xdp_attached = true; |
538 | 543 |
|
539 | 544 | retcode = notify_ready(); |
540 | 545 | if (retcode < 0) |
@@ -613,7 +618,7 @@ static inline int run_bpf(struct run_args* args, int lock_fd, const char* ifname |
613 | 618 | terminate_all_conns(mimic_conns_fd, ifname); |
614 | 619 | sigprocmask(SIG_SETMASK, NULL, NULL); |
615 | 620 | if (tc_hook_created) tc_hook_cleanup(&tc_hook_egress, &tc_opts_egress); |
616 | | - if (xdp_ingress) bpf_link__destroy(xdp_ingress); |
| 621 | + if (xdp_attached) bpf_xdp_detach(ifindex, 0, NULL); |
617 | 622 | if (rb) ring_buffer__free(rb); |
618 | 623 | if (closure) ffi_closure_free(closure); |
619 | 624 | if (skel) mimic_bpf__destroy(skel); |
|
0 commit comments