1 // SPDX-License-Identifier: GPL-2.0 2 3 #include "vmlinux.h" 4 5 #include <bpf/bpf_helpers.h> 6 7 #define AF_INET6 10 8 9 struct { 10 __uint(type, BPF_MAP_TYPE_SK_STORAGE); 11 __uint(map_flags, BPF_F_NO_PREALLOC); 12 __type(key, int); 13 __type(value, int); 14 } sockops_netns_cookies SEC(".maps"); 15 16 struct { 17 __uint(type, BPF_MAP_TYPE_SK_STORAGE); 18 __uint(map_flags, BPF_F_NO_PREALLOC); 19 __type(key, int); 20 __type(value, int); 21 } sk_msg_netns_cookies SEC(".maps"); 22 23 struct { 24 __uint(type, BPF_MAP_TYPE_SOCKMAP); 25 __uint(max_entries, 2); 26 __type(key, __u32); 27 __type(value, __u64); 28 } sock_map SEC(".maps"); 29 30 int tcx_init_netns_cookie, tcx_netns_cookie; 31 32 SEC("sockops") 33 int get_netns_cookie_sockops(struct bpf_sock_ops *ctx) 34 { 35 struct bpf_sock *sk = ctx->sk; 36 int *cookie; 37 __u32 key = 0; 38 39 if (ctx->family != AF_INET6) 40 return 1; 41 42 if (!sk) 43 return 1; 44 45 switch (ctx->op) { 46 case BPF_SOCK_OPS_TCP_CONNECT_CB: 47 cookie = bpf_sk_storage_get(&sockops_netns_cookies, sk, 0, 48 BPF_SK_STORAGE_GET_F_CREATE); 49 if (!cookie) 50 return 1; 51 52 *cookie = bpf_get_netns_cookie(ctx); 53 break; 54 case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB: 55 bpf_sock_map_update(ctx, &sock_map, &key, BPF_NOEXIST); 56 break; 57 default: 58 break; 59 } 60 61 return 1; 62 } 63 64 SEC("sk_msg") 65 int get_netns_cookie_sk_msg(struct sk_msg_md *msg) 66 { 67 struct bpf_sock *sk = msg->sk; 68 int *cookie; 69 70 if (msg->family != AF_INET6) 71 return 1; 72 73 if (!sk) 74 return 1; 75 76 cookie = bpf_sk_storage_get(&sk_msg_netns_cookies, sk, 0, 77 BPF_SK_STORAGE_GET_F_CREATE); 78 if (!cookie) 79 return 1; 80 81 *cookie = bpf_get_netns_cookie(msg); 82 83 return 1; 84 } 85 86 SEC("tcx/ingress") 87 int get_netns_cookie_tcx(struct __sk_buff *skb) 88 { 89 tcx_init_netns_cookie = bpf_get_netns_cookie(NULL); 90 tcx_netns_cookie = bpf_get_netns_cookie(skb); 91 return TCX_PASS; 92 } 93 94 char _license[] SEC("license") = "GPL"; 95