mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-08-26 02:39:48 +00:00
400031e05a
Now that we have the __bpf_kfunc tag, we should use add it to all existing kfuncs to ensure that they'll never be elided in LTO builds. Signed-off-by: David Vernet <void@manifault.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Stanislav Fomichev <sdf@google.com> Link: https://lore.kernel.org/bpf/20230201173016.342758-4-void@manifault.com
79 lines
2.3 KiB
C
79 lines
2.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/* Unstable NAT Helpers for XDP and TC-BPF hook
|
|
*
|
|
* These are called from the XDP and SCHED_CLS BPF programs. Note that it is
|
|
* allowed to break compatibility for these functions since the interface they
|
|
* are exposed through to BPF programs is explicitly unstable.
|
|
*/
|
|
|
|
#include <linux/bpf.h>
|
|
#include <linux/btf_ids.h>
|
|
#include <net/netfilter/nf_conntrack_bpf.h>
|
|
#include <net/netfilter/nf_conntrack_core.h>
|
|
#include <net/netfilter/nf_nat.h>
|
|
|
|
__diag_push();
|
|
__diag_ignore_all("-Wmissing-prototypes",
|
|
"Global functions as their definitions will be in nf_nat BTF");
|
|
|
|
/* bpf_ct_set_nat_info - Set source or destination nat address
|
|
*
|
|
* Set source or destination nat address of the newly allocated
|
|
* nf_conn before insertion. This must be invoked for referenced
|
|
* PTR_TO_BTF_ID to nf_conn___init.
|
|
*
|
|
* Parameters:
|
|
* @nfct - Pointer to referenced nf_conn object, obtained using
|
|
* bpf_xdp_ct_alloc or bpf_skb_ct_alloc.
|
|
* @addr - Nat source/destination address
|
|
* @port - Nat source/destination port. Non-positive values are
|
|
* interpreted as select a random port.
|
|
* @manip - NF_NAT_MANIP_SRC or NF_NAT_MANIP_DST
|
|
*/
|
|
__bpf_kfunc int bpf_ct_set_nat_info(struct nf_conn___init *nfct,
|
|
union nf_inet_addr *addr, int port,
|
|
enum nf_nat_manip_type manip)
|
|
{
|
|
struct nf_conn *ct = (struct nf_conn *)nfct;
|
|
u16 proto = nf_ct_l3num(ct);
|
|
struct nf_nat_range2 range;
|
|
|
|
if (proto != NFPROTO_IPV4 && proto != NFPROTO_IPV6)
|
|
return -EINVAL;
|
|
|
|
memset(&range, 0, sizeof(struct nf_nat_range2));
|
|
range.flags = NF_NAT_RANGE_MAP_IPS;
|
|
range.min_addr = *addr;
|
|
range.max_addr = range.min_addr;
|
|
if (port > 0) {
|
|
range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
|
|
range.min_proto.all = cpu_to_be16(port);
|
|
range.max_proto.all = range.min_proto.all;
|
|
}
|
|
|
|
return nf_nat_setup_info(ct, &range, manip) == NF_DROP ? -ENOMEM : 0;
|
|
}
|
|
|
|
__diag_pop()
|
|
|
|
BTF_SET8_START(nf_nat_kfunc_set)
|
|
BTF_ID_FLAGS(func, bpf_ct_set_nat_info, KF_TRUSTED_ARGS)
|
|
BTF_SET8_END(nf_nat_kfunc_set)
|
|
|
|
static const struct btf_kfunc_id_set nf_bpf_nat_kfunc_set = {
|
|
.owner = THIS_MODULE,
|
|
.set = &nf_nat_kfunc_set,
|
|
};
|
|
|
|
int register_nf_nat_bpf(void)
|
|
{
|
|
int ret;
|
|
|
|
ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_XDP,
|
|
&nf_bpf_nat_kfunc_set);
|
|
if (ret)
|
|
return ret;
|
|
|
|
return register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_CLS,
|
|
&nf_bpf_nat_kfunc_set);
|
|
}
|