wasm-bpf/examples/sockops/sockops.bpf.c

#include "vmlinux.h"
#include <bpf/bpf_endian.h>
#include <bpf/bpf_helpers.h>

char LICENSE[] SEC("license") = "GPL";

struct {
  __uint(type, BPF_MAP_TYPE_PERCPU_ARRAY);
  __uint(max_entries, 1);
  __type(key, int);   // key always 0
  __type(value, u32); // pid
} write_pid_array SEC(".maps");

SEC("tp/syscalls/sys_enter_connect")
int tp_write(struct trace_entry *ctx) {
  u32 pid = bpf_get_current_pid_tgid() >> 32;
  int key = 0;
  bpf_map_update_elem(&write_pid_array, &key, &pid, 0);
  return 0;
}

static inline void set_hdr_cb_flags(struct bpf_sock_ops *skops) {
  bpf_sock_ops_cb_flags_set(skops, skops->bpf_sock_ops_cb_flags |
                                       BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG);
}

static inline void clear_hdr_cb_flags(struct bpf_sock_ops *skops) {
  bpf_sock_ops_cb_flags_set(skops, skops->bpf_sock_ops_cb_flags &
                                       ~(BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG));
}

static inline u32 current_pid() {
  int key = 0;
  u32 *pid = bpf_map_lookup_elem(&write_pid_array, &key);
  if (!pid) {
    return 0;
  }
  return *pid;
}

struct pid_opt {
  unsigned char kind;
  unsigned char len;
  u32 pid;
} __attribute__((__packed__));

SEC("sockops")
int pid_tcp_opt_inject(struct bpf_sock_ops *skops) {

  switch (skops->op) {
  case BPF_SOCK_OPS_TCP_CONNECT_CB:
    set_hdr_cb_flags(skops);
    break;
  case BPF_SOCK_OPS_HDR_OPT_LEN_CB:
    bpf_reserve_hdr_opt(skops, 6, 0);
    break;
  case BPF_SOCK_OPS_WRITE_HDR_OPT_CB: {
    // only set in syn
    if (skops->skb_tcp_flags != 0x2) {
      return 0;
    }
    struct pid_opt opt = {
        .kind = 254,
        .len = 6,
        .pid = bpf_htonl(current_pid()),
    };

    __u16 sport, dport;
    u32 saddr, daddr;

    u16 local_port = (__u16)skops->local_port;
    u16 remote_port = bpf_ntohs(skops->remote_port >> 16);
    saddr = skops->local_ip4;
    daddr = skops->remote_ip4;

    bpf_printk("%pI4:%d -> %pI4:%d set tcp option kind: %d, pid: %d ", &saddr,
               local_port, &daddr, remote_port, 254, opt.pid);
    bpf_store_hdr_opt(skops, &opt, 6, 0);
    clear_hdr_cb_flags(skops);
    break;
  }
  }

  return 1;
}