From 7e4692da957ffb2537346628a66f09c1609833c1 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pierre=20Gri=C3=A9?= Date: Wed, 24 Nov 2021 14:15:50 +0100 Subject: [PATCH] dnsdist: fixed XDP filter indentation --- contrib/xdp-logging-middleware.ebpf.src | 238 +++++++++++------------- 1 file changed, 108 insertions(+), 130 deletions(-) diff --git a/contrib/xdp-logging-middleware.ebpf.src b/contrib/xdp-logging-middleware.ebpf.src index fee572992b..8a355a44ee 100644 --- a/contrib/xdp-logging-middleware.ebpf.src +++ b/contrib/xdp-logging-middleware.ebpf.src @@ -3,11 +3,11 @@ #include #include -#define DNS_PORT 53 +#define DNS_PORT 53 // do not use libc includes because this causes clang // to include 32bit headers on 64bit ( only ) systems. -typedef __u8 uint8_t; +typedef __u8 uint8_t; typedef __u16 uint16_t; typedef __u32 uint32_t; typedef __u64 uint64_t; @@ -18,8 +18,8 @@ typedef __u64 uint64_t; * Copyright 2020, NLnet Labs, All rights reserved. */ struct cursor { - void *pos; - void *end; + void* pos; + void* end; }; /* @@ -38,34 +38,34 @@ struct vlanhdr { struct dnshdr { uint16_t id; union { - struct { + struct { #if BYTE_ORDER == LITTLE_ENDIAN - uint8_t rd : 1; - uint8_t tc : 1; - uint8_t aa : 1; - uint8_t opcode : 4; - uint8_t qr : 1; - - uint8_t rcode : 4; - uint8_t cd : 1; - uint8_t ad : 1; - uint8_t z : 1; - uint8_t ra : 1; + uint8_t rd : 1; + uint8_t tc : 1; + uint8_t aa : 1; + uint8_t opcode : 4; + uint8_t qr : 1; + + uint8_t rcode : 4; + uint8_t cd : 1; + uint8_t ad : 1; + uint8_t z : 1; + uint8_t ra : 1; #elif BYTE_ORDER == BIG_ENDIAN || BYTE_ORDER == PDP_ENDIAN - uint8_t qr : 1; - uint8_t opcode : 4; - uint8_t aa : 1; - uint8_t tc : 1; - uint8_t rd : 1; - - uint8_t ra : 1; - uint8_t z : 1; - uint8_t ad : 1; - uint8_t cd : 1; - uint8_t rcode : 4; + uint8_t qr : 1; + uint8_t opcode : 4; + uint8_t aa : 1; + uint8_t tc : 1; + uint8_t rd : 1; + + uint8_t ra : 1; + uint8_t z : 1; + uint8_t ad : 1; + uint8_t cd : 1; + uint8_t rcode : 4; #endif - } as_bits_and_pieces; - uint16_t as_value; + } as_bits_and_pieces; + uint16_t as_value; } flags; uint16_t qdcount; uint16_t ancount; @@ -76,8 +76,7 @@ struct dnshdr { /* * Store the qname and qtype */ -struct dns_qname -{ +struct dns_qname { uint8_t qname[255]; uint16_t qtype; }; @@ -101,10 +100,9 @@ BPF_PERF_OUTPUT(events); * Initializer of a cursor pointer * Copyright 2020, NLnet Labs, All rights reserved. */ -static inline void cursor_init(struct cursor *c, struct xdp_md *ctx) -{ - c->end = (void *)(long)ctx->data_end; - c->pos = (void *)(long)ctx->data; +static inline void cursor_init(struct cursor* c, struct xdp_md* ctx) { + c->end = (void*)(long)ctx->data_end; + c->pos = (void*)(long)ctx->data; } /* @@ -112,14 +110,13 @@ static inline void cursor_init(struct cursor *c, struct xdp_md *ctx) * Copyright 2020, NLnet Labs, All rights reserved. */ #define PARSE_FUNC_DECLARATION(STRUCT) \ -static inline struct STRUCT *parse_ ## STRUCT (struct cursor *c) \ -{ \ - struct STRUCT *ret = c->pos; \ - if (c->pos + sizeof(struct STRUCT) > c->end) \ - return 0; \ - c->pos += sizeof(struct STRUCT); \ - return ret; \ -} + static inline struct STRUCT* parse_##STRUCT(struct cursor* c) { \ + struct STRUCT* ret = c->pos; \ + if (c->pos + sizeof(struct STRUCT) > c->end) \ + return 0; \ + c->pos += sizeof(struct STRUCT); \ + return ret; \ + } PARSE_FUNC_DECLARATION(ethhdr) PARSE_FUNC_DECLARATION(vlanhdr) @@ -132,29 +129,28 @@ PARSE_FUNC_DECLARATION(dnshdr) * Parse ethernet frame and fill the struct * Copyright 2020, NLnet Labs, All rights reserved. */ -static inline struct ethhdr *parse_eth(struct cursor *c, uint16_t *eth_proto) -{ - struct ethhdr *eth; +static inline struct ethhdr* parse_eth(struct cursor* c, uint16_t* eth_proto) { + struct ethhdr* eth; if (!(eth = parse_ethhdr(c))) - return 0; + return 0; *eth_proto = eth->h_proto; if (*eth_proto == bpf_htons(ETH_P_8021Q) - || *eth_proto == bpf_htons(ETH_P_8021AD)) { - struct vlanhdr *vlan; + || *eth_proto == bpf_htons(ETH_P_8021AD)) { + struct vlanhdr* vlan; - if (!(vlan = parse_vlanhdr(c))) - return 0; + if (!(vlan = parse_vlanhdr(c))) + return 0; - *eth_proto = vlan->encap_proto; - if (*eth_proto == bpf_htons(ETH_P_8021Q) - || *eth_proto == bpf_htons(ETH_P_8021AD)) { - if (!(vlan = parse_vlanhdr(c))) - return 0; + *eth_proto = vlan->encap_proto; + if (*eth_proto == bpf_htons(ETH_P_8021Q) + || *eth_proto == bpf_htons(ETH_P_8021AD)) { + if (!(vlan = parse_vlanhdr(c))) + return 0; - *eth_proto = vlan->encap_proto; - } + *eth_proto = vlan->encap_proto; + } } return eth; } @@ -162,29 +158,28 @@ static inline struct ethhdr *parse_eth(struct cursor *c, uint16_t *eth_proto) /* * Parse DNS QName and fill the struct */ -static inline void parse_qname(struct cursor *c, struct dns_qname *query) -{ +static inline void parse_qname(struct cursor* c, struct dns_qname* query) { uint8_t qname_byte; uint16_t qtype; int length = 0; - for(int i = 0; i<255; i++) { - bpf_probe_read_kernel(&qname_byte, sizeof(qname_byte), c->pos); + for (int i = 0; i < 255; i++) { + bpf_probe_read_kernel(&qname_byte, sizeof(qname_byte), c->pos); - c->pos += 1; - if (length == 0) { - if (qname_byte == 0 || qname_byte > 63 ) { - break; - } - length += qname_byte; - } else { - length--; - } - if (qname_byte >= 'A' && qname_byte <= 'Z') { - query->qname[i] = qname_byte + ('a' - 'A'); - } else { - query->qname[i] = qname_byte; + c->pos += 1; + if (length == 0) { + if (qname_byte == 0 || qname_byte > 63) { + break; } + length += qname_byte; + } else { + length--; + } + if (qname_byte >= 'A' && qname_byte <= 'Z') { + query->qname[i] = qname_byte + ('a' - 'A'); + } else { + query->qname[i] = qname_byte; + } } bpf_probe_read_kernel(&(query->qtype), sizeof(query->qtype), c->pos); @@ -193,20 +188,20 @@ static inline void parse_qname(struct cursor *c, struct dns_qname *query) /* * Push data regarding the dropped/redirected packet to a perf buffer */ -static inline void log_packet(struct xdp_md *ctx, enum dns_action action) { +static inline void log_packet(struct xdp_md* ctx, enum dns_action action) { // store variables - struct cursor c; - struct ethhdr *eth; - uint16_t eth_proto; - struct iphdr *ipv4; - struct ipv6hdr *ipv6; - struct udphdr *udp; - struct dnshdr *dns; - int r = 0; + struct cursor c; + struct ethhdr* eth; + uint16_t eth_proto; + struct iphdr* ipv4; + struct ipv6hdr* ipv6; + struct udphdr* udp; + struct dnshdr* dns; + int r = 0; struct pktdata { - uint32_t ipv4_src; - uint8_t ipv6_src[16]; + uint32_t ipv4_src; + uint8_t ipv6_src[16]; struct dns_qname query; } packet_info = {0}; @@ -214,61 +209,44 @@ static inline void log_packet(struct xdp_md *ctx, enum dns_action action) { cursor_init(&c, ctx); if ((eth = parse_eth(&c, ð_proto))) { - if (eth_proto == bpf_htons(ETH_P_IP)) - { - if ((ipv4 = parse_iphdr(&c))) - { - if (action == DROP) - { - memcpy(&(packet_info.ipv4_src), &(ipv4->saddr), sizeof(packet_info.ipv4_src)); - } - else if (action == TC) - { - memcpy(&(packet_info.ipv4_src), &(ipv4->daddr), sizeof(packet_info.ipv4_src)); - } - if ((udp = parse_udphdr(&c))) - { - if ((dns = parse_dnshdr(&c))) - { - parse_qname(&c, &(packet_info.query)); - } - } - } + if (eth_proto == bpf_htons(ETH_P_IP)) { + if ((ipv4 = parse_iphdr(&c))) { + if (action == DROP) { + memcpy(&(packet_info.ipv4_src), &(ipv4->saddr), sizeof(packet_info.ipv4_src)); + } else if (action == TC) { + memcpy(&(packet_info.ipv4_src), &(ipv4->daddr), sizeof(packet_info.ipv4_src)); + } + if ((udp = parse_udphdr(&c))) { + if ((dns = parse_dnshdr(&c))) { + parse_qname(&c, &(packet_info.query)); + } + } + } + } else if (eth_proto == bpf_htons(ETH_P_IPV6)) { + if ((ipv6 = parse_ipv6hdr(&c))) { + if (action == DROP) { + memcpy(&(packet_info.ipv6_src), &(ipv6->saddr.in6_u.u6_addr8), 16); + } else if (action == TC) { + memcpy(&(packet_info.ipv6_src), &(ipv6->daddr.in6_u.u6_addr8), 16); } - else if (eth_proto == bpf_htons(ETH_P_IPV6)) - { - if ((ipv6 = parse_ipv6hdr(&c))) - { - if (action == DROP) - { - memcpy(&(packet_info.ipv6_src), &(ipv6->saddr.in6_u.u6_addr8), 16); - } - else if (action == TC) - { - memcpy(&(packet_info.ipv6_src), &(ipv6->daddr.in6_u.u6_addr8), 16); - } - if ((udp = parse_udphdr(&c))) - { - if ((dns = parse_dnshdr(&c))) - { - parse_qname(&c, &(packet_info.query)); - } - } - } + if ((udp = parse_udphdr(&c))) { + if ((dns = parse_dnshdr(&c))) { + parse_qname(&c, &(packet_info.query)); + } } + } + } } events.perf_submit(ctx, &packet_info, sizeof(packet_info)); } -int log_drop(struct xdp_md *ctx) -{ +int log_drop(struct xdp_md* ctx) { log_packet(ctx, DROP); return XDP_DROP; } -int log_tc(struct xdp_md *ctx) -{ +int log_tc(struct xdp_md* ctx) { log_packet(ctx, TC); return XDP_TX; } -- 2.47.2