[mirror_iproute2.git] / tc / e_bpf.c

/*
 * e_bpf.c	BPF exec proxy
 *
 *		This program is free software; you can distribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:	Daniel Borkmann <daniel@iogearbox.net>
 */

#include <stdio.h>
#include <unistd.h>

#include "utils.h"

#include "tc_util.h"

#include "bpf_util.h"
#include "bpf_elf.h"
#include "bpf_scm.h"

#define BPF_DEFAULT_CMD	"/bin/sh"

static char *argv_default[] = { BPF_DEFAULT_CMD, NULL };

static void explain(void)
{
	fprintf(stderr,
		"Usage: ... bpf [ import UDS_FILE ] [ run CMD ]\n"
		"       ... bpf [ debug ]\n"
		"       ... bpf [ graft MAP_FILE ] [ key KEY ]\n"
		"          `... [ object-file OBJ_FILE ] [ type TYPE ] [ section NAME ] [ verbose ]\n"
		"          `... [ object-pinned PROG_FILE ]\n"
		"\n"
		"Where UDS_FILE provides the name of a unix domain socket file\n"
		"to import eBPF maps and the optional CMD denotes the command\n"
		"to be executed (default: \'%s\').\n"
		"Where MAP_FILE points to a pinned map, OBJ_FILE to an object file\n"
		"and PROG_FILE to a pinned program. TYPE can be {cls, act}, where\n"
		"\'cls\' is default. KEY is optional and can be inferred from the\n"
		"section name, otherwise it needs to be provided.\n",
		BPF_DEFAULT_CMD);
}

static int bpf_num_env_entries(void)
{
	char **envp;
	int num;

	for (num = 0, envp = environ; *envp != NULL; envp++)
		num++;
	return num;
}

static int parse_bpf(struct exec_util *eu, int argc, char **argv)
{
	char **argv_run = argv_default, **envp_run, *tmp;
	int ret, i, env_old, env_num, env_map;
	const char *bpf_uds_name = NULL;
	int fds[BPF_SCM_MAX_FDS] = {};
	struct bpf_map_aux aux = {};

	if (argc == 0)
		return 0;

	while (argc > 0) {
		if (matches(*argv, "run") == 0) {
			NEXT_ARG();
			argv_run = argv;
			break;
		} else if (matches(*argv, "import") == 0) {
			NEXT_ARG();
			bpf_uds_name = *argv;
		} else if (matches(*argv, "debug") == 0 ||
			   matches(*argv, "dbg") == 0) {
			if (bpf_trace_pipe())
				fprintf(stderr,
					"No trace pipe, tracefs not mounted?\n");
			return -1;
		} else if (matches(*argv, "graft") == 0) {
			const char *bpf_map_path;
			bool has_key = false;
			uint32_t key;

			NEXT_ARG();
			bpf_map_path = *argv;
			NEXT_ARG();
			if (matches(*argv, "key") == 0) {
				NEXT_ARG();
				if (get_unsigned(&key, *argv, 0)) {
					fprintf(stderr, "Illegal \"key\"\n");
					return -1;
				}
				has_key = true;
				NEXT_ARG();
			}
			return bpf_graft_map(bpf_map_path, has_key ?
					     &key : NULL, argc, argv);
		} else {
			explain();
			return -1;
		}

		NEXT_ARG_FWD();
	}

	if (!bpf_uds_name) {
		fprintf(stderr, "bpf: No import parameter provided!\n");
		explain();
		return -1;
	}

	if (argv_run != argv_default && argc == 0) {
		fprintf(stderr, "bpf: No run command provided!\n");
		explain();
		return -1;
	}

	ret = bpf_recv_map_fds(bpf_uds_name, fds, &aux, ARRAY_SIZE(fds));
	if (ret < 0) {
		fprintf(stderr, "bpf: Could not receive fds!\n");
		return -1;
	}

	if (aux.num_ent == 0) {
		envp_run = environ;
		goto out;
	}

	env_old = bpf_num_env_entries();
	env_num = env_old + aux.num_ent + 2;
	env_map = env_old + 1;

	envp_run = malloc(sizeof(*envp_run) * env_num);
	if (!envp_run) {
		fprintf(stderr, "bpf: No memory left to allocate env!\n");
		goto err;
	}

	for (i = 0; i < env_old; i++)
		envp_run[i] = environ[i];

	ret = asprintf(&tmp, "BPF_NUM_MAPS=%u", aux.num_ent);
	if (ret < 0)
		goto err_free;

	envp_run[env_old] = tmp;

	for (i = env_map; i < env_num - 1; i++) {
		ret = asprintf(&tmp, "BPF_MAP%u=%u",
			       aux.ent[i - env_map].id,
			       fds[i - env_map]);
		if (ret < 0)
			goto err_free_env;

		envp_run[i] = tmp;
	}

	envp_run[env_num - 1] = NULL;
out:
	return execvpe(argv_run[0], argv_run, envp_run);

err_free_env:
	for (--i; i >= env_old; i--)
		free(envp_run[i]);
err_free:
	free(envp_run);
err:
	for (i = 0; i < aux.num_ent; i++)
		close(fds[i]);
	return -1;
}

struct exec_util bpf_exec_util = {
	.id		= "bpf",
	.parse_eopt	= parse_bpf,
};
Commit	Line	Data
4bd62446 DB	1	/*
	2	* e_bpf.c BPF exec proxy
	3	*
	4	* This program is free software; you can distribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
	9	* Authors: Daniel Borkmann <daniel@iogearbox.net>
	10	*/
	11
	12	#include <stdio.h>
	13	#include <unistd.h>
	14
	15	#include "utils.h"
	16
	17	#include "tc_util.h"
4bd62446	18
e4225669	19	#include "bpf_util.h"
4bd62446 DB	20	#include "bpf_elf.h"
	21	#include "bpf_scm.h"
	22
	23	#define BPF_DEFAULT_CMD "/bin/sh"
	24
	25	static char *argv_default[] = { BPF_DEFAULT_CMD, NULL };
	26
	27	static void explain(void)
	28	{
8589eb4e MC	29	fprintf(stderr,
	30	"Usage: ... bpf [ import UDS_FILE ] [ run CMD ]\n"
	31	" ... bpf [ debug ]\n"
	32	" ... bpf [ graft MAP_FILE ] [ key KEY ]\n"
	33	" `... [ object-file OBJ_FILE ] [ type TYPE ] [ section NAME ] [ verbose ]\n"
	34	" `... [ object-pinned PROG_FILE ]\n"
	35	"\n"
	36	"Where UDS_FILE provides the name of a unix domain socket file\n"
	37	"to import eBPF maps and the optional CMD denotes the command\n"
	38	"to be executed (default: \'%s\').\n"
	39	"Where MAP_FILE points to a pinned map, OBJ_FILE to an object file\n"
	40	"and PROG_FILE to a pinned program. TYPE can be {cls, act}, where\n"
	41	"\'cls\' is default. KEY is optional and can be inferred from the\n"
	42	"section name, otherwise it needs to be provided.\n",
	43	BPF_DEFAULT_CMD);
4bd62446 DB	44	}
	45
	46	static int bpf_num_env_entries(void)
	47	{
	48	char **envp;
	49	int num;
	50
	51	for (num = 0, envp = environ; *envp != NULL; envp++)
	52	num++;
	53	return num;
	54	}
	55
	56	static int parse_bpf(struct exec_util eu, int argc, char *argv)
	57	{
	58	char argv_run = argv_default, envp_run, *tmp;
	59	int ret, i, env_old, env_num, env_map;
	60	const char *bpf_uds_name = NULL;
d17b136f PS	61	int fds[BPF_SCM_MAX_FDS] = {};
d17b136f PS	62	struct bpf_map_aux aux = {};
4bd62446 DB	63
	64	if (argc == 0)
	65	return 0;
	66
	67	while (argc > 0) {
	68	if (matches(*argv, "run") == 0) {
	69	NEXT_ARG();
	70	argv_run = argv;
	71	break;
32e93fb7	72	} else if (matches(*argv, "import") == 0) {
4bd62446 DB	73	NEXT_ARG();
4bd62446 DB	74	bpf_uds_name = *argv;
32e93fb7 DB	75	} else if (matches(*argv, "debug") == 0 \|\|
	76	matches(*argv, "dbg") == 0) {
	77	if (bpf_trace_pipe())
	78	fprintf(stderr,
	79	"No trace pipe, tracefs not mounted?\n");
	80	return -1;
91d88eeb DB	81	} else if (matches(*argv, "graft") == 0) {
	82	const char *bpf_map_path;
	83	bool has_key = false;
	84	uint32_t key;
	85
	86	NEXT_ARG();
	87	bpf_map_path = *argv;
	88	NEXT_ARG();
	89	if (matches(*argv, "key") == 0) {
	90	NEXT_ARG();
	91	if (get_unsigned(&key, *argv, 0)) {
	92	fprintf(stderr, "Illegal \"key\"\n");
	93	return -1;
	94	}
	95	has_key = true;
	96	NEXT_ARG();
	97	}
	98	return bpf_graft_map(bpf_map_path, has_key ?
	99	&key : NULL, argc, argv);
4bd62446 DB	100	} else {
	101	explain();
	102	return -1;
	103	}
	104
32e93fb7	105	NEXT_ARG_FWD();
4bd62446 DB	106	}
	107
	108	if (!bpf_uds_name) {
	109	fprintf(stderr, "bpf: No import parameter provided!\n");
	110	explain();
	111	return -1;
	112	}
	113
	114	if (argv_run != argv_default && argc == 0) {
	115	fprintf(stderr, "bpf: No run command provided!\n");
	116	explain();
	117	return -1;
	118	}
	119
4bd62446 DB	120	ret = bpf_recv_map_fds(bpf_uds_name, fds, &aux, ARRAY_SIZE(fds));
	121	if (ret < 0) {
	122	fprintf(stderr, "bpf: Could not receive fds!\n");
	123	return -1;
	124	}
	125
	126	if (aux.num_ent == 0) {
	127	envp_run = environ;
	128	goto out;
	129	}
	130
	131	env_old = bpf_num_env_entries();
	132	env_num = env_old + aux.num_ent + 2;
	133	env_map = env_old + 1;
	134
	135	envp_run = malloc(sizeof(envp_run) env_num);
	136	if (!envp_run) {
	137	fprintf(stderr, "bpf: No memory left to allocate env!\n");
	138	goto err;
	139	}
	140
	141	for (i = 0; i < env_old; i++)
	142	envp_run[i] = environ[i];
	143
	144	ret = asprintf(&tmp, "BPF_NUM_MAPS=%u", aux.num_ent);
	145	if (ret < 0)
	146	goto err_free;
	147
	148	envp_run[env_old] = tmp;
	149
	150	for (i = env_map; i < env_num - 1; i++) {
	151	ret = asprintf(&tmp, "BPF_MAP%u=%u",
	152	aux.ent[i - env_map].id,
	153	fds[i - env_map]);
	154	if (ret < 0)
	155	goto err_free_env;
	156
	157	envp_run[i] = tmp;
	158	}
	159
	160	envp_run[env_num - 1] = NULL;
	161	out:
	162	return execvpe(argv_run[0], argv_run, envp_run);
	163
	164	err_free_env:
	165	for (--i; i >= env_old; i--)
	166	free(envp_run[i]);
	167	err_free:
	168	free(envp_run);
	169	err:
	170	for (i = 0; i < aux.num_ent; i++)
	171	close(fds[i]);
	172	return -1;
	173	}
	174
	175	struct exec_util bpf_exec_util = {
32e93fb7 DB	176	.id = "bpf",
32e93fb7 DB	177	.parse_eopt = parse_bpf,
4bd62446	178	};