Skip to main content

Browse the archive

https://github.com/cilium/cilium
22 July 2024, 03:12:21 UTC
Raw File
Tip revision: 9ab7bfc943c3290805d7033ef030a43bfd279d48 authored by Joe Stringer on 12 October 2020, 23:22:19 UTC
Prepare for release v1.9.0-rc1
Tip revision: 9ab7bfc
bpf_network.c 
// SPDX-License-Identifier: GPL-2.0
/* Copyright (C) 2019-2020 Authors of Cilium */

#include <bpf/ctx/skb.h>
#include <bpf/api.h>

#include <node_config.h>
#include <netdev_config.h>

#include "lib/common.h"
#include "lib/eth.h"
#include "lib/dbg.h"
#include "lib/trace.h"
#include "lib/encrypt.h"

__section("from-network")
int from_network(struct __ctx_buff *ctx)
{
#ifdef ENABLE_IPSEC
	__u16 proto;
	int ret;

	if ((ctx->mark & MARK_MAGIC_HOST_MASK) == MARK_MAGIC_DECRYPT) {
		send_trace_notify(ctx, TRACE_FROM_NETWORK, get_identity(ctx), 0, 0,
				  ctx->ingress_ifindex,
				  TRACE_REASON_ENCRYPTED, TRACE_PAYLOAD_LEN);
	} else
#endif
	{
		send_trace_notify(ctx, TRACE_FROM_NETWORK, 0, 0, 0,
				  ctx->ingress_ifindex, 0, TRACE_PAYLOAD_LEN);
	}

	bpf_clear_meta(ctx);

#ifdef ENABLE_IPSEC
	/* Pass unknown protocols to the stack */
	if (!validate_ethertype(ctx, &proto))
		return CTX_ACT_OK;

	ret = do_decrypt(ctx, proto);
	if (!ret)
		return CTX_ACT_OK;
	ctx->mark = 0;
	return redirect(CILIUM_IFINDEX, 0);
#endif
	/* Pass unknown traffic to the stack */
	return CTX_ACT_OK;
}

BPF_LICENSE("GPL");
back to top