xref: /OK3568_Linux_fs/kernel/samples/bpf/tcp_clamp_kern.c (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun /* Copyright (c) 2017 Facebook
2*4882a593Smuzhiyun  *
3*4882a593Smuzhiyun  * This program is free software; you can redistribute it and/or
4*4882a593Smuzhiyun  * modify it under the terms of version 2 of the GNU General Public
5*4882a593Smuzhiyun  * License as published by the Free Software Foundation.
6*4882a593Smuzhiyun  *
7*4882a593Smuzhiyun  * Sample BPF program to set send and receive buffers to 150KB, sndcwnd clamp
8*4882a593Smuzhiyun  * to 100 packets and SYN and SYN_ACK RTOs to 10ms when both hosts are within
9*4882a593Smuzhiyun  * the same datacenter. For his example, we assume they are within the same
10*4882a593Smuzhiyun  * datacenter when the first 5.5 bytes of their IPv6 addresses are the same.
11*4882a593Smuzhiyun  *
12*4882a593Smuzhiyun  * Use "bpftool cgroup attach $cg sock_ops $prog" to load this BPF program.
13*4882a593Smuzhiyun  */
14*4882a593Smuzhiyun 
15*4882a593Smuzhiyun #include <uapi/linux/bpf.h>
16*4882a593Smuzhiyun #include <uapi/linux/if_ether.h>
17*4882a593Smuzhiyun #include <uapi/linux/if_packet.h>
18*4882a593Smuzhiyun #include <uapi/linux/ip.h>
19*4882a593Smuzhiyun #include <linux/socket.h>
20*4882a593Smuzhiyun #include <bpf/bpf_helpers.h>
21*4882a593Smuzhiyun #include <bpf/bpf_endian.h>
22*4882a593Smuzhiyun 
23*4882a593Smuzhiyun #define DEBUG 1
24*4882a593Smuzhiyun 
25*4882a593Smuzhiyun SEC("sockops")
bpf_clamp(struct bpf_sock_ops * skops)26*4882a593Smuzhiyun int bpf_clamp(struct bpf_sock_ops *skops)
27*4882a593Smuzhiyun {
28*4882a593Smuzhiyun 	int bufsize = 150000;
29*4882a593Smuzhiyun 	int to_init = 10;
30*4882a593Smuzhiyun 	int clamp = 100;
31*4882a593Smuzhiyun 	int rv = 0;
32*4882a593Smuzhiyun 	int op;
33*4882a593Smuzhiyun 
34*4882a593Smuzhiyun 	/* For testing purposes, only execute rest of BPF program
35*4882a593Smuzhiyun 	 * if neither port numberis 55601
36*4882a593Smuzhiyun 	 */
37*4882a593Smuzhiyun 	if (bpf_ntohl(skops->remote_port) != 55601 && skops->local_port != 55601) {
38*4882a593Smuzhiyun 		skops->reply = -1;
39*4882a593Smuzhiyun 		return 0;
40*4882a593Smuzhiyun 	}
41*4882a593Smuzhiyun 
42*4882a593Smuzhiyun 	op = (int) skops->op;
43*4882a593Smuzhiyun 
44*4882a593Smuzhiyun #ifdef DEBUG
45*4882a593Smuzhiyun 	bpf_printk("BPF command: %d\n", op);
46*4882a593Smuzhiyun #endif
47*4882a593Smuzhiyun 
48*4882a593Smuzhiyun 	/* Check that both hosts are within same datacenter. For this example
49*4882a593Smuzhiyun 	 * it is the case when the first 5.5 bytes of their IPv6 addresses are
50*4882a593Smuzhiyun 	 * the same.
51*4882a593Smuzhiyun 	 */
52*4882a593Smuzhiyun 	if (skops->family == AF_INET6 &&
53*4882a593Smuzhiyun 	    skops->local_ip6[0] == skops->remote_ip6[0] &&
54*4882a593Smuzhiyun 	    (bpf_ntohl(skops->local_ip6[1]) & 0xfff00000) ==
55*4882a593Smuzhiyun 	    (bpf_ntohl(skops->remote_ip6[1]) & 0xfff00000)) {
56*4882a593Smuzhiyun 		switch (op) {
57*4882a593Smuzhiyun 		case BPF_SOCK_OPS_TIMEOUT_INIT:
58*4882a593Smuzhiyun 			rv = to_init;
59*4882a593Smuzhiyun 			break;
60*4882a593Smuzhiyun 		case BPF_SOCK_OPS_TCP_CONNECT_CB:
61*4882a593Smuzhiyun 			/* Set sndbuf and rcvbuf of active connections */
62*4882a593Smuzhiyun 			rv = bpf_setsockopt(skops, SOL_SOCKET, SO_SNDBUF,
63*4882a593Smuzhiyun 					    &bufsize, sizeof(bufsize));
64*4882a593Smuzhiyun 			rv += bpf_setsockopt(skops, SOL_SOCKET,
65*4882a593Smuzhiyun 					     SO_RCVBUF, &bufsize,
66*4882a593Smuzhiyun 					     sizeof(bufsize));
67*4882a593Smuzhiyun 			break;
68*4882a593Smuzhiyun 		case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB:
69*4882a593Smuzhiyun 			rv = bpf_setsockopt(skops, SOL_TCP,
70*4882a593Smuzhiyun 					    TCP_BPF_SNDCWND_CLAMP,
71*4882a593Smuzhiyun 					    &clamp, sizeof(clamp));
72*4882a593Smuzhiyun 			break;
73*4882a593Smuzhiyun 		case BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB:
74*4882a593Smuzhiyun 			/* Set sndbuf and rcvbuf of passive connections */
75*4882a593Smuzhiyun 			rv = bpf_setsockopt(skops, SOL_TCP,
76*4882a593Smuzhiyun 					    TCP_BPF_SNDCWND_CLAMP,
77*4882a593Smuzhiyun 					    &clamp, sizeof(clamp));
78*4882a593Smuzhiyun 			rv += bpf_setsockopt(skops, SOL_SOCKET,
79*4882a593Smuzhiyun 					     SO_SNDBUF, &bufsize,
80*4882a593Smuzhiyun 					     sizeof(bufsize));
81*4882a593Smuzhiyun 			rv += bpf_setsockopt(skops, SOL_SOCKET,
82*4882a593Smuzhiyun 					     SO_RCVBUF, &bufsize,
83*4882a593Smuzhiyun 					     sizeof(bufsize));
84*4882a593Smuzhiyun 			break;
85*4882a593Smuzhiyun 		default:
86*4882a593Smuzhiyun 			rv = -1;
87*4882a593Smuzhiyun 		}
88*4882a593Smuzhiyun 	} else {
89*4882a593Smuzhiyun 		rv = -1;
90*4882a593Smuzhiyun 	}
91*4882a593Smuzhiyun #ifdef DEBUG
92*4882a593Smuzhiyun 	bpf_printk("Returning %d\n", rv);
93*4882a593Smuzhiyun #endif
94*4882a593Smuzhiyun 	skops->reply = rv;
95*4882a593Smuzhiyun 	return 1;
96*4882a593Smuzhiyun }
97*4882a593Smuzhiyun char _license[] SEC("license") = "GPL";
98