0

So I have this code in my ebpf program and so on my system struct xdp_md does exists.

struct xdp_md {
    __u32 data;
    __u32 data_end;
    __u32 data_meta;
    /* Below access go through struct xdp_rxq_info */
    __u32 ingress_ifindex; /* rxq->dev->ifindex */
    __u32 rx_queue_index;  /* rxq->queue_index  */

    __u32 egress_ifindex;  /* txq->dev->ifindex */
};

the above struct is inside /usr/include/linux/bpf.h file

So u can see egree_ifindex does exists. But when I do compile it says

 -O2 -emit-llvm -c -g -o af_xdp_kern.ll af_xdp_kern.c
af_xdp_kern.c:49:22: error: no member named 'egress_ifindex' in 'struct xdp_md'; did you mean 'ingress_ifindex'?
    int index = ctx->egress_ifindex;
                     ^~~~~~~~~~~~~~
                     ingress_ifindex
../headers/linux/bpf.h:2861:8: note: 'ingress_ifindex' declared here
        __u32 ingress_ifindex; /* rxq->dev->ifindex */
              ^
1 error generated.

following is the my code in ebpf program

SEC("xdp_devmap_xmit")
int xdp_sock_prog(struct xdp_md *ctx)
{
    int index = ctx->egress_ifindex
    __u32 *pkt_count;

    void *data = (void *)(long)ctx->data;
    void *data_end = (void *)(long)ctx->data_end;
    struct ethhdr *eth = data;
    struct share_me me;

    if ((void *)eth + sizeof(*eth) <= data_end)
    {

        struct iphdr *ip = data + sizeof(*eth);
        //me.dest_ip=ip;


        if(((void *)ip+sizeof(*ip))<=data_end)
        {
             struct iphdr ip_temp=(struct iphdr)*ip;
            memcpy(&me.dest_ip,&ip_temp,sizeof(ip_temp));
            bpf_map_lookup_elem(&ip_map, &index);
            bpf_map_update_elem(&ip_map,&index,&me,0);
            if ((void *)ip + sizeof(*ip) <= data_end)
            {

                if (ip->protocol == IPPROTO_UDP)
                {

           struct udphdr *udp = (void *)ip + sizeof(*ip);
           if ((void *)udp + sizeof(*udp) <= data_end)
           {
               //u64 value = htons(udp->dest);
               //counter.increment(value);
           }
                }
            }
         }
    }



    pkt_count = bpf_map_lookup_elem(&xdp_stats_map, &index);
    if (pkt_count) {

        /* We pass every other packet */
        if ((*pkt_count)++ & 1)
            return XDP_DROP;
    }

    /* A set entry here means that the correspnding queue_id
     * has an active AF_XDP socket bound to it. */
    if (bpf_map_lookup_elem(&xsks_map, &index))
        return bpf_redirect_map(&xsks_map, index, 0);

    return XDP_PASS;
}

Can anyone guide me what exactly I need to to get iphdr (for egress packets) .is it possible?

user786
  • 3,902
  • 4
  • 40
  • 72
  • 1
    Looks like clang pulls the definition from another file? `../headers/linux/bpf.h`. Does _this_ file contain `egress_ifindex`? – Qeole Jan 19 '22 at 13:52
  • @Qeole this does not exists in that header file and if include it as member of `struct xdp_md {...__u32 egress_ifindex;}` I get error that while loading program `libbpf: load bpf program failed: Permission denied libbpf: -- BEGIN DUMP LOG --- libbpf: ; int index = ctx->egress_ifindex; 0: (61) r2 = *(u32 *)(r1 +20) invalid bpf_context access off=20 size=4 processed 1 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 ` – user786 Jan 19 '22 at 14:29
  • @Qeole can u please shed light on this `bpf_set_link_xdp_fd` function I am passing 0 as flags so that may be for ingress packets, I may need to pass some thing for attaching my prog for egress something like `.xdp_flags = XDP_FLAGS_UPDATE_IF_NOEXIST | XDP_FLAGS_DRV_MODE,` or something BPF_XDP_EGRESS – user786 Jan 19 '22 at 14:59
  • Just in case, can your confirm your kernel version is >= 5.10? I don't know for `bpf_set_link_xdp_fd()`, you'll have to look at the code or search for examples. [Here is how bpftool uses it](https://elixir.bootlin.com/linux/v5.16/source/tools/bpf/bpftool/net.c#L540). – Qeole Jan 19 '22 at 15:53
  • @Qeole 5.13.0.25 – user786 Jan 19 '22 at 15:58
  • Where is this `../headers/linux/bpf.h` file coming from? – pchaigno Jan 19 '22 at 16:50
  • 1
    Also what are you using for loading the program? Is there a chance that libbpf misinterprets the type? `egress_ifindex` is only accessible to programs of attach type `BPF_XDP_DEVMAP`. Where is the `SEC("xdp_devmap_xmit")` coming from? – Qeole Jan 19 '22 at 17:17

0 Answers0