add support for geneve tunnel type.

tommyp1ckles · tommyp1ckles · commit 0fe178fce7ba · 2025-02-13T20:18:36.000-08:00
Signed-off-by: Tom Hadlaw &lt;tom.hadlaw@isovalent.com&gt;
diff --git a/bpf/kprobe_pwru.c b/bpf/kprobe_pwru.c
@@ -52,6 +52,12 @@ struct vxlanhdr {
 	u32 vni;
 };
 
+// Only include the first byte to save stack space.
+struct genevehdr {
+	u8 flags:2;
+	u8 opt_len:6;
+};
+
 struct skb_meta {
 	u32 netns;
 	u32 mark;
@@ -283,6 +289,36 @@ filter_pcap_ebpf_tunnel_l3(void *_skb, void *__skb, void *___skb, void *data, vo
 	return data != data_end && _skb == __skb && __skb == ___skb;
 }
 
+#define VXLAN_PORT1_NET 6177	// 8472 in net byte order.
+#define VXLAN_PORT2_NET 46354	// 4789 in net byte order.
+#define GENEVE_PORT_NET 49431	// 6081 in net byte order.
+
+static __always_inline s16
+__tunnel_hdr_len(void *skb_head, u16 sport, u16 dport, u16 l4_data_off) {
+	u16 tunnel_l2_off;
+	if (dport == GENEVE_PORT_NET || sport == GENEVE_PORT_NET) {
+		struct genevehdr gh;
+		if (bpf_probe_read_kernel(&gh, sizeof(struct genevehdr), skb_head + l4_data_off) != 0) {
+			return -1;
+		}
+		tunnel_l2_off = gh.opt_len * 4 + 8;
+	} else if ((dport == VXLAN_PORT1_NET || sport == VXLAN_PORT1_NET)) {
+		struct vxlanhdr vxh = {};
+		if (bpf_probe_read_kernel(&vxh, sizeof(struct vxlanhdr), skb_head + l4_data_off) != 0) {
+			return -1;
+		}
+		tunnel_l2_off = sizeof(struct vxlanhdr);
+		if (vxh.flags != 0x8) {
+			return -1;
+		}
+	} else {
+		return -1;
+	}
+	return tunnel_l2_off;
+}
+
+
+
 static __always_inline bool
 filter_pcap_tunnel_l2(struct sk_buff *skb)
 {
@@ -296,17 +332,19 @@ filter_pcap_tunnel_l2(struct sk_buff *skb)
 	if (BPF_CORE_READ(ip4, protocol) != IPPROTO_UDP) {
 		return true;
 	}
+	
+	struct udphdr *udp = (struct udphdr *) (data + l4_off);
 
-	struct vxlanhdr vxh = {};
-	if (bpf_probe_read_kernel(&vxh, sizeof(struct vxlanhdr), data + l4_off + 8) != 0) {
-		return true;
-	}
-
-	if (vxh.flags != 8) {
+	s16 tunnel_hdr_len = __tunnel_hdr_len(
+		skb_head,
+		BPF_CORE_READ(udp, source),
+		BPF_CORE_READ(udp, dest),
+		l4_off + sizeof(struct udphdr));
+	
+	if (tunnel_hdr_len == -1)
 		return true;
-	}
 
-	data = (void*) (data + l4_off + 8 + 8);
+	data = (void*) (data + l4_off + sizeof(struct udphdr) + tunnel_hdr_len);
 	struct ethhdr *eth = (struct ethhdr*) data;
 	if (BPF_CORE_READ(eth, h_proto) != bpf_htons(ETH_P_IP))
 		return false;
@@ -427,17 +465,32 @@ set_tuple(struct sk_buff *skb, struct tuple *tpl, struct tuple *tunnel_tpl, stru
 }
 
 static __always_inline void
-set_tunnel(struct sk_buff *skb, struct tuple *tunnel_tpl, struct l2tuple *l2_tuple, u16 l4_data_off) {
+set_tunnel(struct sk_buff *skb, struct tuple *tpl, struct tuple *tunnel_tpl, struct l2tuple *l2_tuple, u16 l4_data_off) {
 	void *skb_head = BPF_CORE_READ(skb, head);
-	struct vxlanhdr vxh = {};
-	if (bpf_probe_read_kernel(&vxh, sizeof(struct vxlanhdr), skb_head + l4_data_off) != 0) {
-		return;
-	}
 
-	if (vxh.flags != 0x8)
+	s16 tunnel_hdr_len = __tunnel_hdr_len(skb_head, tpl->sport, tpl->dport, l4_data_off);
+	/*if (tpl->dport == GENEVE_PORT_NET || tpl->sport == GENEVE_PORT_NET) {
+		struct genevehdr gh;
+		if (bpf_probe_read_kernel(&gh, sizeof(struct genevehdr), skb_head + l4_data_off) != 0) {
+			return;
+		}
+		tunnel_l2_off = gh.opt_len * 4 + 8;
+	} else if ((tpl->dport == VXLAN_PORT1_NET || tpl->sport == VXLAN_PORT1_NET)) {
+		struct vxlanhdr vxh = {};
+		if (bpf_probe_read_kernel(&vxh, sizeof(struct vxlanhdr), skb_head + l4_data_off) != 0) {
+			return;
+		}
+		tunnel_l2_off = sizeof(struct vxlanhdr);
+		if (vxh.flags != 0x8) {
+			return;
+		}
+	} else {
+		return;
+	}*/
+	if (tunnel_hdr_len == -1)
 		return;
 
-	struct ethhdr *inner = (struct ethhdr*) (skb_head + l4_data_off + sizeof(struct vxlanhdr));
+	struct ethhdr *inner = (struct ethhdr*) (skb_head + l4_data_off + tunnel_hdr_len);
 	BPF_CORE_READ_INTO(&l2_tuple->src, inner, h_source);
 	BPF_CORE_READ_INTO(&l2_tuple->dest, inner, h_dest);
 
@@ -550,7 +603,7 @@ set_output(void *ctx, struct sk_buff *skb, struct event_t *event) {
 	if (cfg->output_tuple) {
 		s16 l4_off = set_tuple(skb, &event->tuple, &event->tunnel_tuple, &event->l2_tuple, cfg->output_tunnel);
 		if (cfg->output_tunnel && l4_off != -1 && event->tuple.l4_proto == IPPROTO_UDP) {
-			set_tunnel(skb, &event->tunnel_tuple, &event->l2_tuple, l4_off);
+			set_tunnel(skb, &event->tuple, &event->tunnel_tuple, &event->l2_tuple, l4_off);
 		}
 	}
 
