github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix eBPD PID detection for UDP on linux and recompile eBPF programs

Browse Source
This commit is contained in:
Daniel
2023-08-04 14:10:25 +02:00
parent a76e659989
commit bf6bf0705d
6 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
firewall/interception/ebpf/bandwidth/bpf_bpfeb.o
View File

Binary file not shown.

BIN
firewall/interception/ebpf/bandwidth/bpf_bpfel.o
View File

Binary file not shown.

BIN
firewall/interception/ebpf/connection_listener/bpf_bpfeb.o
View File

Binary file not shown.

BIN
firewall/interception/ebpf/connection_listener/bpf_bpfel.o
View File

Binary file not shown.

4
firewall/interception/ebpf/programs/bandwidth.c
View File

@@ -105,7 +105,7 @@ int BPF_PROG(udp_sendmsg, struct sock *sk, struct msghdr *msg, size_t len) {
struct sock_common *skc = &sk->__sk_common; struct sock_common *skc = &sk->__sk_common;
// Create a key for the map and set all the nececery information. // Create a key for the map and set all the nececery information.
struct sk_key key = {0}; struct sk_key key = {0};
key.protocol = PROTOCOL_UDP; key.protocol = PROTOCOL_UDP;
key.src_ip[0] = skc->skc_rcv_saddr; key.src_ip[0] = skc->skc_rcv_saddr;
key.dst_ip[0] = skc->skc_daddr; key.dst_ip[0] = skc->skc_daddr;
@@ -134,7 +134,7 @@ int BPF_PROG(udp_recvmsg, struct sock *sk, struct msghdr *msg, size_t len, int f
struct sock_common *skc = &sk->__sk_common; struct sock_common *skc = &sk->__sk_common;
// Create a key for the map and set all the nececery information. // Create a key for the map and set all the nececery information.
struct sk_key key = {0}; struct sk_key key = {0};
key.protocol = PROTOCOL_UDP; key.protocol = PROTOCOL_UDP;
key.src_ip[0] = skc->skc_rcv_saddr; key.src_ip[0] = skc->skc_rcv_saddr;
key.dst_ip[0] = skc->skc_daddr; key.dst_ip[0] = skc->skc_daddr;

20
firewall/interception/ebpf/programs/monitor.c
View File

@@ -76,7 +76,7 @@ int BPF_PROG(tcp_connect, struct sock *sk) {
tcp_info->ipVersion = 6; tcp_info->ipVersion = 6;
} }
// Send event // Send event
bpf_ringbuf_submit(tcp_info, 0); bpf_ringbuf_submit(tcp_info, 0);
return 0; return 0;
}; };
@@ -95,15 +95,15 @@ int BPF_PROG(udp_v4_connect, struct sock *sk) {
return 0; return 0;
} }
// Allocate space for the event. // Allocate space for the event.
struct Event *udp_info; struct Event *udp_info;
udp_info = bpf_ringbuf_reserve(&pm_connection_events, sizeof(struct Event), 0); udp_info = bpf_ringbuf_reserve(&pm_connection_events, sizeof(struct Event), 0);
if (!udp_info) { if (!udp_info) {
return 0; return 0;
} }
// Read PID // Read PID (Careful: This is the Thread Group ID in kernel speak!)
udp_info->pid = __builtin_bswap32((u32)bpf_get_current_pid_tgid()); udp_info->pid = __builtin_bswap32((u32)(bpf_get_current_pid_tgid() >> 32));
// Set src and dist ports // Set src and dist ports
udp_info->sport = __builtin_bswap16(sk->__sk_common.skc_num); udp_info->sport = __builtin_bswap16(sk->__sk_common.skc_num);
@@ -119,7 +119,7 @@ int BPF_PROG(udp_v4_connect, struct sock *sk) {
// Set protocol. No way to detect udplite for ipv4 // Set protocol. No way to detect udplite for ipv4
udp_info->protocol = UDP; udp_info->protocol = UDP;
// Send event // Send event
bpf_ringbuf_submit(udp_info, 0); bpf_ringbuf_submit(udp_info, 0);
return 0; return 0;
} }
@@ -138,21 +138,21 @@ int BPF_PROG(udp_v6_connect, struct sock *sk) {
return 0; return 0;
} }
// Make sure its udp6 socket // Make sure its udp6 socket
struct udp6_sock *us = bpf_skc_to_udp6_sock(sk); struct udp6_sock *us = bpf_skc_to_udp6_sock(sk);
if (!us) { if (!us) {
return 0; return 0;
} }
// Allocate space for the event. // Allocate space for the event.
struct Event *udp_info; struct Event *udp_info;
udp_info = bpf_ringbuf_reserve(&pm_connection_events, sizeof(struct Event), 0); udp_info = bpf_ringbuf_reserve(&pm_connection_events, sizeof(struct Event), 0);
if (!udp_info) { if (!udp_info) {
return 0; return 0;
} }
// Read PID // Read PID (Careful: This is the Thread Group ID in kernel speak!)
udp_info->pid = __builtin_bswap32((u32)bpf_get_current_pid_tgid()); udp_info->pid = __builtin_bswap32((u32)(bpf_get_current_pid_tgid() >> 32));
// Set src and dist ports // Set src and dist ports
udp_info->sport = __builtin_bswap16(sk->__sk_common.skc_num); udp_info->sport = __builtin_bswap16(sk->__sk_common.skc_num);
@@ -176,7 +176,7 @@ int BPF_PROG(udp_v6_connect, struct sock *sk) {
udp_info->protocol = UDPLite; udp_info->protocol = UDPLite;
} }
// Send event // Send event
bpf_ringbuf_submit(udp_info, 0); bpf_ringbuf_submit(udp_info, 0);
return 0; return 0;
} }