Blame view
samples/bpf/sock_flags_kern.c
1.16 KB
554ae6e79 samples/bpf: add ... |
1 2 3 4 5 6 7 8 9 10 11 12 |
#include <uapi/linux/bpf.h> #include <linux/socket.h> #include <linux/net.h> #include <uapi/linux/in.h> #include <uapi/linux/in6.h> #include "bpf_helpers.h" SEC("cgroup/sock1") int bpf_prog1(struct bpf_sock *sk) { char fmt[] = "socket: family %d type %d protocol %d "; |
0adc3dd90 samples/bpf: Upda... |
13 14 15 16 17 |
char fmt2[] = "socket: uid %u gid %u "; __u64 gid_uid = bpf_get_current_uid_gid(); __u32 uid = gid_uid & 0xffffffff; __u32 gid = gid_uid >> 32; |
554ae6e79 samples/bpf: add ... |
18 19 |
bpf_trace_printk(fmt, sizeof(fmt), sk->family, sk->type, sk->protocol); |
0adc3dd90 samples/bpf: Upda... |
20 |
bpf_trace_printk(fmt2, sizeof(fmt2), uid, gid); |
554ae6e79 samples/bpf: add ... |
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
/* block PF_INET6, SOCK_RAW, IPPROTO_ICMPV6 sockets * ie., make ping6 fail */ if (sk->family == PF_INET6 && sk->type == SOCK_RAW && sk->protocol == IPPROTO_ICMPV6) return 0; return 1; } SEC("cgroup/sock2") int bpf_prog2(struct bpf_sock *sk) { char fmt[] = "socket: family %d type %d protocol %d "; bpf_trace_printk(fmt, sizeof(fmt), sk->family, sk->type, sk->protocol); /* block PF_INET, SOCK_RAW, IPPROTO_ICMP sockets * ie., make ping fail */ if (sk->family == PF_INET && sk->type == SOCK_RAW && sk->protocol == IPPROTO_ICMP) return 0; return 1; } char _license[] SEC("license") = "GPL"; |