├── toa-kmod ├── checksum.txt ├── Makefile ├── toa.h └── toa.c ├── CHANGELOG ├── toa-ebpf ├── unload.sh ├── load.sh ├── Makefile ├── set-toa-optcode.sh ├── toa.h └── toa-kern.c ├── .gitignore ├── README-CN.md ├── README.md └── LICENSE /toa-kmod/checksum.txt: -------------------------------------------------------------------------------- 1 | 1fba64d04cc6a7ee79054bc423641bc7 Makefile 2 | bc01f15abed8865939da430503c1dbdf toa.h 3 | 600b339c7069be5e7f591cc5d04f08ce toa.c 4 | -------------------------------------------------------------------------------- /CHANGELOG: -------------------------------------------------------------------------------- 1 | 2020-05-12 Version: 1.0.0 2 | - First release 3 | 4 | 2024-07-24 Version: 2.0.0 5 | - Add support kernel version from 2.6.32 to 5.10.134 6 | 7 | 2024-10-11 Version: 3.0.0 8 | - Add support toa parse by ebpf -------------------------------------------------------------------------------- /toa-ebpf/unload.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: BSD 2-Clause license 3 | 4 | bpftool cgroup detach /sys/fs/cgroup/ sock_ops name toa_parse 5 | bpftool cgroup detach /sys/fs/cgroup/ getpeername4 name toa_peername4 6 | bpftool cgroup detach /sys/fs/cgroup/ getpeername6 name toa_peername6 7 | rm -rf /sys/fs/bpf/toa -------------------------------------------------------------------------------- /toa-ebpf/load.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: BSD 2-Clause license 3 | 4 | set -e 5 | 6 | fsys=$(stat -fc %T /sys/fs/cgroup/) 7 | 8 | if [ "$fsys" != "cgroup2fs" ]; then 9 | echo "Error, please open cgroupv2 first!" 10 | exit 1 11 | fi 12 | 13 | bpftool prog loadall ./toa-kern.o /sys/fs/bpf/toa 14 | bpftool cgroup attach /sys/fs/cgroup/ sock_ops name toa_parse multi 15 | bpftool cgroup attach /sys/fs/cgroup/ getpeername4 name toa_peername4 multi 16 | bpftool cgroup attach /sys/fs/cgroup/ getpeername6 name toa_peername6 multi -------------------------------------------------------------------------------- /toa-ebpf/Makefile: -------------------------------------------------------------------------------- 1 | CLANG ?= clang 2 | ARCH := $(shell uname -m) 3 | 4 | EXEC = toa 5 | BPF_KERN_SRC = $(EXEC)-kern.c 6 | BPF_KERN_DEP = toa.h 7 | BPF_OBJECT = $(EXEC)-kern.o 8 | 9 | 10 | .PHONY: all 11 | all: $(BPF_OBJECT) 12 | 13 | .PHONY: clean 14 | clean: 15 | rm -rf *.ll *.o 16 | 17 | $(BPF_OBJECT): $(BPF_KERN_SRC) $(BPF_KERN_DEP) 18 | $(CLANG) -S -target bpf -D__$(ARCH)__ \ 19 | -Wno-compare-distinct-pointer-types \ 20 | -O2 -emit-llvm -c -g -o $(EXEC).kern.ll $(BPF_KERN_SRC) 21 | llc -march=bpf -filetype=obj -o $@ $(EXEC).kern.ll -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | *.d 3 | 4 | # Object files 5 | *.o 6 | *.ko 7 | *.obj 8 | *.elf 9 | 10 | # Linker output 11 | *.ilk 12 | *.map 13 | *.exp 14 | 15 | # Precompiled Headers 16 | *.gch 17 | *.pch 18 | 19 | # Libraries 20 | *.lib 21 | *.a 22 | *.la 23 | *.lo 24 | 25 | # Shared objects (inc. Windows DLLs) 26 | *.dll 27 | *.so 28 | *.so.* 29 | *.dylib 30 | 31 | # Executables 32 | *.exe 33 | *.out 34 | *.app 35 | *.i*86 36 | *.x86_64 37 | *.hex 38 | 39 | # Debug files 40 | *.dSYM/ 41 | *.su 42 | *.idb 43 | *.pdb 44 | 45 | # Kernel Module Compile Results 46 | *.mod* 47 | *.cmd 48 | .tmp_versions/ 49 | modules.order 50 | Module.symvers 51 | Mkfile.old 52 | dkms.conf 53 | -------------------------------------------------------------------------------- /toa-kmod/Makefile: -------------------------------------------------------------------------------- 1 | MODULE_NAME := tcp_toa 2 | $(MODULE_NAME)-objs := toa.o 3 | obj-m += $(MODULE_NAME).o 4 | 5 | KVER := $(shell uname -r) 6 | KDIR := /usr/src/kernels/$(KVER) 7 | PWD := $(shell pwd) 8 | 9 | MD5_ERR := Y 10 | 11 | default: verify 12 | make -C $(KDIR) M=$(PWD) modules 13 | 14 | debug: verify 15 | make -C $(KDIR) M=$(PWD) EXTRA_CFLAGS="-DTOA_DEBUG_ENABLE" modules 16 | 17 | clean: 18 | rm -f .*.cmd *.o *.ko *.mod.c modules.order Module.symvers 19 | rm -rf .tmp_versions 20 | 21 | verify: 22 | @md5sum --check checksum.txt --status || { echo -e "\033[0;31mSource file MD5 mismatch. For details, run 'md5sum --check checksum.txt'\033[0m"; [ $(MD5_ERR) != "Y" ]; } 23 | -------------------------------------------------------------------------------- /README-CN.md: -------------------------------------------------------------------------------- 1 | [English](README.md) | 简体中文 2 | 3 | # Alibaba CDN TCP Option Address 4 | 5 | TOA(TCP Option Address)是一个TCP协议选项,包含于TCP协议头中,携带有源地址信息。 6 | 本仓库提供两种TOA解析方式: 7 | 1. 内核模块 8 | 2. Ebpf 9 | 10 | 两种解析方式的优缺点: 11 | | 解析方式 | IPV6支持 | 支持系统 | 支持内核 | 12 | | ---- | ---- | ---- | ---- | 13 | | 内核模块 | 不支持 | CentOS 6.5/7.2/7.7/8.5/9, Anolis OS 7/8 | 2.6.32 - 5.14 | 14 | | ebpf | 支持 | CentOS 9, Anolis OS 8.9 | >= 5.10.134 | 15 | 16 | 本仓库TOA解析只适用于阿里云CDN发送的TOA。 17 | 18 | ## 内核模块 19 | ### 环境要求 20 | 21 | 本内核模块支持内核版本从2.6.32到5.14。内核模块只支持解析IPv4。 22 | 在开始编译前,请确保您已安装: 23 | - Kernel devel安装包和其他相关的安装包 24 | - GCC编译器 25 | - GNU make工具 26 | 27 | ### 安装 28 | 29 | 1. 从GitHub克隆源码或下载源码压缩包并解压 30 | 2. 进入`toa-kmod`目录编译内核模块 31 | 32 | ``` 33 | cd toa-kmod 34 | make 35 | ``` 36 | 37 | 3. 加载内核模块 38 | 39 | ``` 40 | sudo insmod tcp_toa.ko 41 | ``` 42 | 43 | ### 卸载 44 | 45 | ``` 46 | sudo rmmod tcp_toa 47 | ``` 48 | 49 | ## Ebpf 50 | ### 环境要求 51 | 52 | 当前ebpf程序支持内核版本5.10.134及以上。ebpf程序支持解析IPv4和IPv6。 53 | 在开始编译前,请确保您已安装: 54 | - libbpf devel 55 | - Clang编译器 56 | - llvm 57 | - bpftool 58 | 59 | ### 安装 60 | 61 | 1. 从GitHub克隆源码或下载源码压缩包并解压 62 | 2. 进入`toa-ebpf`目录编译内核模块 63 | 64 | ``` 65 | cd toa-ebpf 66 | make 67 | ``` 68 | 69 | 3. 加载ebpf程序 70 | 71 | ``` 72 | sudo ./load.sh 73 | ``` 74 | 75 | ### 卸载 76 | 77 | ``` 78 | sudo ./unload.sh 79 | ``` 80 | 81 | --- 82 | 83 | ## 发行说明 84 | 每个版本的详细更改记录在[发行说明](CHANGELOG)中。 85 | 86 | ## 许可证 87 | [GPLv2](https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt) 88 | 89 | 版权所有 2019-2024 阿里巴巴集团 90 | -------------------------------------------------------------------------------- /toa-ebpf/set-toa-optcode.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: BSD 2-Clause license 3 | 4 | tcp_opt_code[0]="TCPOPT_EOL" 5 | tcp_opt_code[1]="TCPOPT_NOP" 6 | tcp_opt_code[2]="TCPOPT_MSS" 7 | tcp_opt_code[3]="TCPOPT_WINDOW" 8 | tcp_opt_code[4]="TCPOPT_SACK_PERM" 9 | tcp_opt_code[5]="TCPOPT_SACK" 10 | tcp_opt_code[8]="TCPOPT_TIMESTAMP" 11 | tcp_opt_code[19]="TCPOPT_MD5SIG" 12 | tcp_opt_code[30]="TCPOPT_MPTCP" 13 | tcp_opt_code[34]="TCPOPT_FASTOPEN" 14 | 15 | print_help() { 16 | echo "Usage: $0 [OPTIONS] [ARGUMENTS]" 17 | echo 18 | echo "Options:" 19 | echo " -h, --help Show this help message and exit" 20 | echo " -c1, Specify toa optcode" 21 | echo " -c2, Specify toa port optcode" 22 | echo 23 | echo "Examples:" 24 | echo " $0 -c1 28 -c2 254" 25 | } 26 | 27 | check_opt_code() { 28 | if [ "${tcp_opt_code[$1]}" ]; then 29 | echo "Error: opt code $1 conflicts with ${tcp_opt_code[$1]}" 30 | exit 1 31 | fi 32 | } 33 | 34 | if [ $# -eq 0 ]; then 35 | echo "No arguments provided. Use -h or --help for usage information." 36 | exit 1 37 | fi 38 | 39 | while [[ "$1" != "" ]]; do 40 | case $1 in 41 | -h | --help) 42 | print_help 43 | exit 44 | ;; 45 | -c1 ) 46 | shift 47 | toa_opcode=$1 48 | ;; 49 | -c2 ) 50 | shift 51 | toa_port_opcode=$1 52 | ;; 53 | *) 54 | echo "Unknown option: $1" 55 | print_help 56 | exit 1 57 | ;; 58 | esac 59 | shift 60 | done 61 | 62 | if [ "$toa_opcode" ]; then 63 | check_opt_code $toa_opcode 64 | fi 65 | 66 | if [ "$toa_port_opcode" ]; then 67 | check_opt_code $toa_port_opcode 68 | fi 69 | 70 | if [ "$toa_opcode" ]; then 71 | bpftool map update name toa_opcode_map key 0 0 0 0 value $toa_opcode any 72 | fi 73 | 74 | if [ "$toa_port_opcode" ]; then 75 | bpftool map update name toa_opcode_map key 1 0 0 0 value $toa_port_opcode any 76 | fi 77 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | English | [简体中文](README-CN.md) 2 | 3 | # Alibaba CDN TCP Option Address 4 | 5 | The TOA(TCP Option Address) is a TCP option in TCP header which contains the source IP address. 6 | This repository provides two TOA parsing methods: 7 | 1. Kernel module 8 | 2. Ebpf 9 | 10 | The detail of the two parsing methods: 11 | | Parsing method | IPV6 | OS | Kernel version | 12 | | ---- | ---- | ---- | ---- | 13 | | Kernel module | unsupport | CentOS 6.5/7.2/7.7/8.5/9, Anolis OS 7/8 | 2.6.32 - 5.14 | 14 | | Ebpf | support | CentOS 9, Anolis OS 8.9 | >= 5.10.134 | 15 | 16 | 17 | This TOA parsing is to obtain the IP address in TOA only sent by Alibaba Cloud CDN servers. 18 | 19 | ## Kernel module 20 | ### Requirements 21 | 22 | The kernel module supports kernel from 2.6.32 to 5.14. It only supports IPv4 yet. 23 | To compile the kernel module, the environment requirements are as below: 24 | 25 | - Kernel devel and related packages 26 | - GCC compiler 27 | - GNU make tool 28 | 29 | ### Installation 30 | 31 | 1. Git clone or download the source package 32 | 2. Enter the `toa-kmod` directory and compile the kernel module 33 | 34 | ``` 35 | cd toa-kmod 36 | make 37 | ``` 38 | 39 | 3. Load the kernel module 40 | 41 | ``` 42 | sudo insmod tcp_toa.ko 43 | ``` 44 | 45 | ### Uninstallation 46 | 47 | ``` 48 | sudo rmmod tcp_toa 49 | ``` 50 | 51 | ## Ebpf 52 | ### Requirements 53 | 54 | Ebpf prog supports kernel over v5.10.134. It supports both IPv4 and IPv6. 55 | To compile the ebpf prog, the environment requirements are as below: 56 | 57 | - libbpf devel 58 | - Clang compiler 59 | - llvm 60 | - bpftool 61 | 62 | ### Installation 63 | 64 | 1. Git clone or download the source package 65 | 2. Enter the `toa-ebpf` directory and compile the kernel module 66 | 67 | ``` 68 | cd toa-ebpf 69 | make 70 | ``` 71 | 72 | 3. Load the kernel module 73 | 74 | ``` 75 | sudo ./load.sh 76 | ``` 77 | 78 | ### Uninstallation 79 | 80 | ``` 81 | sudo ./unload.sh 82 | ``` 83 | 84 | --- 85 | 86 | ## Changelog 87 | Detailed changes for each release are documented in the [release notes](CHANGELOG). 88 | 89 | ## License 90 | [GPLv2](https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt) 91 | 92 | Copyright 2019-2024 Alibaba Group Holding Ltd. 93 | -------------------------------------------------------------------------------- /toa-kmod/toa.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2019-2024 Alibaba Group Holding Limited 3 | * 4 | * This program is free software; you can redistribute it and/or 5 | * modify it under the terms of the GNU General Public License 6 | * as published by the Free Software Foundation; either version 2 7 | * of the License, or (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License 15 | * along with this program; if not, write to the Free Software 16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 17 | */ 18 | 19 | #ifndef __TCP_TOA_H__ 20 | #define __TCP_TOA_H__ 21 | 22 | #define TOA_VERSION "2.0.0" 23 | 24 | #ifdef TOA_DEBUG_ENABLE 25 | #define TOA_DBG(msg...) do { \ 26 | printk(KERN_DEBUG "[DEBUG] TOA: " msg); \ 27 | } while (0) 28 | #else 29 | #define TOA_DBG(msg...) 30 | #endif 31 | 32 | #define TOA_INFO(msg...) do { \ 33 | if (net_ratelimit()) \ 34 | printk(KERN_INFO "TOA: " msg); \ 35 | } while (0) 36 | 37 | #define TCPOPT_TOA 28 38 | #define TOA_IPV4 1 39 | #define TOA_V4_LEN 7 40 | 41 | struct toa_data { 42 | __u8 opcode; 43 | __u8 opsize; 44 | __u8 opversion; 45 | __be32 ip; 46 | } __attribute__((packed)); 47 | 48 | enum toa_sock_flags { 49 | SOCK_TOA_IPV4 = 60, 50 | }; 51 | 52 | /* statistics about toa in proc /proc/net/toa_stat */ 53 | enum { 54 | SYN_RECV_SOCK_TOA_CNT = 1, 55 | SYN_RECV_SOCK_NO_TOA_CNT, 56 | GETNAME_TOA_OK_CNT, 57 | GETNAME_TOA_MISMATCH_CNT, 58 | GETNAME_TOA_BYPASS_CNT, 59 | GETNAME_TOA_EMPTY_CNT, 60 | TOA_STAT_LAST 61 | }; 62 | 63 | struct toa_stats_entry { 64 | char *name; 65 | int entry; 66 | }; 67 | 68 | #define TOA_STAT_ITEM(_name, _entry) { \ 69 | .name = _name, \ 70 | .entry = _entry, \ 71 | } 72 | 73 | #define TOA_STAT_END { \ 74 | NULL, \ 75 | 0, \ 76 | } 77 | 78 | struct toa_stat_mib { 79 | unsigned long mibs[TOA_STAT_LAST]; 80 | }; 81 | 82 | #define DEFINE_TOA_STAT(type, name) \ 83 | __typeof__(type) *name 84 | 85 | #define TOA_INC_STATS(mib, field) \ 86 | (per_cpu_ptr(mib, smp_processor_id())->mibs[field]++) 87 | 88 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0) 89 | #define req_wndclp (req->window_clamp) 90 | #else 91 | #define req_wndclp (req->rsk_window_clamp) 92 | #endif 93 | 94 | #endif 95 | -------------------------------------------------------------------------------- /toa-ebpf/toa.h: -------------------------------------------------------------------------------- 1 | /* 2 | * BSD 2-Clause License 3 | * 4 | * Copyright (c) 2024, Alibaba Group Holding Limited 5 | * All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions are met: 9 | * 10 | * 1. Redistributions of source code must retain the above copyright notice, this 11 | * list of conditions and the following disclaimer. 12 | * 13 | * 2. Redistributions in binary form must reproduce the above copyright notice, 14 | * this list of conditions and the following disclaimer in the documentation 15 | * and/or other materials provided with the distribution. 16 | * 17 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 18 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 20 | * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 23 | * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 24 | * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 26 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 | * 28 | */ 29 | 30 | #ifndef __TOA_H__ 31 | #define __TOA_H__ 32 | 33 | struct toa_info { 34 | __u8 ip_valid; 35 | __u8 port_valid; 36 | __be16 cport; 37 | union { 38 | __be32 cip; 39 | __be32 cip6[4]; 40 | }; 41 | }; 42 | 43 | #pragma pack(1) 44 | union toa_opt { 45 | struct toa { 46 | __u8 opcode; 47 | __u8 opsize; 48 | __u8 opversion; 49 | __be32 ip; 50 | } toa; 51 | struct toa_v6 { 52 | __u8 opcode; 53 | __u8 opsize; 54 | __u8 opversion; 55 | __be32 ip[4]; 56 | } toa_v6; 57 | struct toa_port { 58 | __u8 opcode; 59 | __u8 opsize; 60 | __be16 port; 61 | __be32 ip; 62 | } toa_port; 63 | struct toa_port_v6 { 64 | __u8 opcode; 65 | __u8 opsize; 66 | __be16 port; 67 | __be32 ip[4]; 68 | } toa_port_v6; 69 | __u8 data[20]; 70 | }; 71 | #pragma pack() 72 | 73 | #define TCPOPT_EOL 0 74 | #define TCPOPT_NOP 1 75 | #define TCPOPT_TOA 28 76 | #define TCPOPT_TOA_PORT 254 77 | #define TCPOPT_EXP 254 78 | 79 | #define TOA_V4_LEN 7 80 | #define TOA_V6_LEN 19 81 | 82 | #define TOA_PORT_V4_LEN 8 83 | #define TOA_PORT_V6_LEN 20 84 | 85 | #define TCPHDR_FIN 0x01 86 | #define TCPHDR_SYN 0x02 87 | #define TCPHDR_RST 0x04 88 | #define TCPHDR_PSH 0x08 89 | #define TCPHDR_ACK 0x10 90 | #define TCPHDR_URG 0x20 91 | #define TCPHDR_ECE 0x40 92 | #define TCPHDR_CWR 0x80 93 | #define TCPHDR_SYNACK (TCPHDR_SYN | TCPHDR_ACK) 94 | 95 | #define SOL_TCP 6 96 | 97 | #define TCPOPT_FASTOPEN 34 /* Fast open (RFC7413) */ 98 | #define TCPOPT_FASTOPEN_MAGIC 0xF989 99 | 100 | #endif /* __TOA_H__ */ -------------------------------------------------------------------------------- /toa-ebpf/toa-kern.c: -------------------------------------------------------------------------------- 1 | /* 2 | * BSD 2-Clause License 3 | * 4 | * Copyright (c) 2024, Alibaba Group Holding Limited 5 | * All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions are met: 9 | * 10 | * 1. Redistributions of source code must retain the above copyright notice, this 11 | * list of conditions and the following disclaimer. 12 | * 13 | * 2. Redistributions in binary form must reproduce the above copyright notice, 14 | * this list of conditions and the following disclaimer in the documentation 15 | * and/or other materials provided with the distribution. 16 | * 17 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 18 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 20 | * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 23 | * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 24 | * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 26 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 | * 28 | */ 29 | 30 | #include 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | #include 41 | #include 42 | #include "toa.h" 43 | 44 | char LICENSE[] SEC("license") = "Dual BSD/GPL"; 45 | 46 | struct { 47 | __uint(type, BPF_MAP_TYPE_SK_STORAGE); 48 | __uint(map_flags, BPF_F_NO_PREALLOC); 49 | __type(key, int); 50 | __type(value, struct toa_info); 51 | } sk_toa_map SEC(".maps"); 52 | 53 | struct { 54 | __uint(type, BPF_MAP_TYPE_ARRAY); 55 | __type(key, __u32); 56 | __type(value, __u8); 57 | __uint(max_entries, 10); 58 | } toa_opcode_map SEC(".maps"); 59 | 60 | #define TOA_OPCODE_KEY 0 61 | #define TOA_PORT_OPCODE_KEY 1 62 | 63 | static inline __u8* search_toa_option(__u8 *data, void *data_end, __u8 opt_len, 64 | __u8 optcode1, __u8 optcode2) 65 | { 66 | __u8 optsize = 0; 67 | 68 | /* make ebpf verifier happy */ 69 | opt_len = opt_len < 40 ? opt_len : 40; 70 | for (int i = 0; i < opt_len; i++) { 71 | if (optsize) { 72 | optsize--; 73 | continue; 74 | } 75 | 76 | if (data + i + 1 >= data_end) 77 | break; 78 | if (data[i] == TCPOPT_EOL) 79 | break; 80 | else if (data[i] == TCPOPT_NOP) 81 | continue; 82 | 83 | if (opt_len - i < 2 || opt_len - i < data[i+1] || data[i+1] < 2) 84 | /* Something is wrong in the received header. 85 | * Follow the TCP stack's tcp_parse_options() 86 | * and just bail here. 87 | */ 88 | break; 89 | 90 | if (optcode1 == data[i] || optcode2 == data[i]) 91 | return data + i; 92 | 93 | optsize = data[i+1] - 1; 94 | } 95 | 96 | return NULL; 97 | } 98 | 99 | static inline void save_toa_to_sk_storage(__u8 *data, void *data_end, __u8 toa_opcode, 100 | __u8 toa_port_opcode, struct toa_info * toa_val) { 101 | union toa_opt *toa_opt; 102 | toa_opt = (union toa_opt *)data; 103 | if (data[0] == toa_opcode && data[1] == TOA_V4_LEN && 104 | data + TOA_V4_LEN <= data_end) { 105 | toa_val->cip = toa_opt->toa.ip; 106 | toa_val->ip_valid = 1; 107 | } else if (data[0] == toa_opcode && data[1] == TOA_V6_LEN && 108 | data + TOA_V6_LEN <= data_end) { 109 | memcpy(toa_val->cip6, toa_opt->toa_v6.ip, 16); 110 | toa_val->ip_valid = 1; 111 | } else if (data[0] == toa_port_opcode && data[1] == TOA_PORT_V4_LEN && 112 | data + TOA_PORT_V4_LEN <= data_end) { 113 | toa_val->cip = toa_opt->toa_port.ip; 114 | toa_val->cport = toa_opt->toa_port.port; 115 | toa_val->ip_valid = 1; 116 | toa_val->port_valid = 1; 117 | } else if (data[0] == toa_port_opcode && data[1] == TOA_PORT_V6_LEN && 118 | data + TOA_PORT_V6_LEN <= data_end) { 119 | memcpy(toa_val->cip6, toa_opt->toa_port_v6.ip, 16); 120 | toa_val->cport = toa_opt->toa_port_v6.port; 121 | toa_val->ip_valid = 1; 122 | toa_val->port_valid = 1; 123 | } 124 | } 125 | 126 | static inline void get_toa_opcode(__u8 *toa_opcode, __u8 *toa_port_opcode) { 127 | __u8 *val = NULL; 128 | __u32 key = 0; 129 | 130 | key = TOA_OPCODE_KEY; 131 | val = bpf_map_lookup_elem(&toa_opcode_map, &key); 132 | if (!val) 133 | return; 134 | 135 | if (*val) 136 | *toa_opcode = *val; 137 | 138 | key = TOA_PORT_OPCODE_KEY; 139 | val = bpf_map_lookup_elem(&toa_opcode_map, &key); 140 | if (!val) 141 | return; 142 | 143 | if (*val) 144 | *toa_port_opcode = *val; 145 | } 146 | 147 | SEC("sockops") 148 | int toa_parse(struct bpf_sock_ops *skops) 149 | { 150 | __u8 *opt = NULL; 151 | __u8 optlen = 0; 152 | __u16 magic_code; 153 | union toa_opt *toa_opt = NULL; 154 | struct toa_info *toa_val = NULL; 155 | int rv = 0, save_syn; 156 | __u8 toa_opcode = TCPOPT_TOA, toa_port_opcode = TCPOPT_TOA_PORT; 157 | 158 | union { 159 | struct tcphdr th; 160 | __u8 data[60 + TOA_PORT_V6_LEN]; 161 | } hdr = {}; 162 | 163 | switch (skops->op) { 164 | case BPF_SOCK_OPS_TCP_LISTEN_CB: 165 | save_syn = 1; 166 | bpf_setsockopt(skops, SOL_TCP, TCP_SAVE_SYN, 167 | &save_syn, sizeof(save_syn)); 168 | break; 169 | case BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB: 170 | if (!skops->sk) 171 | return 1; 172 | 173 | toa_val = bpf_sk_storage_get(&sk_toa_map, skops->sk, NULL, 174 | BPF_SK_STORAGE_GET_F_CREATE); 175 | if (!toa_val) 176 | return 1; 177 | 178 | get_toa_opcode(&toa_opcode, &toa_port_opcode); 179 | rv = bpf_getsockopt(skops, SOL_TCP, TCP_BPF_SYN, &hdr, sizeof(hdr)); 180 | if (rv > 0) { 181 | optlen = hdr.th.doff * 4 - sizeof(struct tcphdr); 182 | opt = search_toa_option(hdr.data + 20, hdr.data + 60, optlen, 183 | toa_opcode, toa_port_opcode); 184 | if (opt) { 185 | /* bypass fastopen connect */ 186 | if (*opt == TCPOPT_EXP && opt + 4 <= hdr.data + 60) { 187 | memcpy(&magic_code, opt + 2, 2); 188 | if (magic_code == TCPOPT_FASTOPEN_MAGIC) 189 | return 1; 190 | } 191 | save_toa_to_sk_storage(opt, hdr.data + 60, toa_opcode, 192 | toa_port_opcode, toa_val); 193 | } 194 | } 195 | 196 | struct tcphdr* th = skops->skb_data; 197 | if (th + 1 > skops->skb_data_end) 198 | return 1; 199 | opt = (__u8 *)(th + 1); 200 | optlen = th->doff * 4 - sizeof(struct tcphdr); 201 | opt = search_toa_option(opt, skops->skb_data_end, optlen, 202 | toa_opcode, toa_port_opcode); 203 | if (!opt) 204 | return 1; 205 | 206 | save_toa_to_sk_storage(opt, skops->skb_data_end, toa_opcode, 207 | toa_port_opcode, toa_val); 208 | break; 209 | default: 210 | return 1; 211 | } 212 | return 1; 213 | } 214 | 215 | SEC("cgroup/getpeername4") 216 | int toa_peername4(struct bpf_sock_addr *ctx) 217 | { 218 | struct toa_info *toa_val = NULL; 219 | 220 | if (!ctx->sk) 221 | return 1; 222 | 223 | toa_val = bpf_sk_storage_get(&sk_toa_map, ctx->sk, NULL, 0); 224 | if (!toa_val) 225 | return 1; 226 | 227 | if (toa_val->ip_valid) 228 | ctx->user_ip4 = toa_val->cip; 229 | 230 | if (toa_val->port_valid) 231 | ctx->user_port = toa_val->cport; 232 | 233 | return 1; 234 | } 235 | 236 | SEC("cgroup/getpeername6") 237 | int toa_peername6(struct bpf_sock_addr *ctx) 238 | { 239 | struct toa_info *toa_val = NULL; 240 | 241 | if (!ctx->sk) 242 | return 1; 243 | 244 | toa_val = bpf_sk_storage_get(&sk_toa_map, ctx->sk, NULL, 0); 245 | if (!toa_val) 246 | return 1; 247 | 248 | if (toa_val->ip_valid) { 249 | ctx->user_ip6[0] = toa_val->cip6[0]; 250 | ctx->user_ip6[1] = toa_val->cip6[1]; 251 | ctx->user_ip6[2] = toa_val->cip6[2]; 252 | ctx->user_ip6[3] = toa_val->cip6[3]; 253 | } 254 | 255 | if (toa_val->port_valid) 256 | ctx->user_port = toa_val->cport; 257 | 258 | return 1; 259 | } 260 | -------------------------------------------------------------------------------- /toa-kmod/toa.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2019-2024 Alibaba Group Holding Limited 3 | * 4 | * This program is free software; you can redistribute it and/or 5 | * modify it under the terms of the GNU General Public License 6 | * as published by the Free Software Foundation; either version 2 7 | * of the License, or (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License 15 | * along with this program; if not, write to the Free Software 16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 17 | */ 18 | 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | #include 26 | #include 27 | #include 28 | #include 29 | #include 30 | #include 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | 40 | #include "toa.h" 41 | 42 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 7, 0) 43 | #include 44 | static struct kprobe kp = { 45 | .symbol_name = "kallsyms_lookup_name" 46 | }; 47 | #endif 48 | 49 | /* statistics of toa in proc /proc/net/toa_stats */ 50 | struct toa_stats_entry toa_stats[] = { 51 | TOA_STAT_ITEM("syn_recv_sock_toa", SYN_RECV_SOCK_TOA_CNT), 52 | TOA_STAT_ITEM("syn_recv_sock_no_toa", SYN_RECV_SOCK_NO_TOA_CNT), 53 | TOA_STAT_ITEM("getname_toa_ok", GETNAME_TOA_OK_CNT), 54 | TOA_STAT_ITEM("getname_toa_mismatch", GETNAME_TOA_MISMATCH_CNT), 55 | TOA_STAT_ITEM("getname_toa_bypass", GETNAME_TOA_BYPASS_CNT), 56 | TOA_STAT_ITEM("getname_toa_empty", GETNAME_TOA_EMPTY_CNT), 57 | TOA_STAT_END 58 | }; 59 | 60 | DEFINE_TOA_STAT(struct toa_stat_mib, ext_stats); 61 | 62 | static struct proto *ptr_tcp_prot; 63 | 64 | typedef unsigned long (*kallsyms_lookup_name_t)(const char *name); 65 | static kallsyms_lookup_name_t ptr_kallsyms_lookup_name; 66 | 67 | static struct proc_dir_entry *proc_toa_stat; 68 | 69 | #define U32_MAX ((u32)~0U) 70 | 71 | enum { 72 | TOA_NOT_FOUND, 73 | TOA_IPV4_FOUND, 74 | }; 75 | 76 | /* parse TCP options in skb, try to get client ip, port 77 | * @param skb [in] received skb, it should be a ack/get-ack packet. 78 | * @param in [out] ipv4 addr if existed. 79 | * @return 0 nothing found. 80 | * 1 if ipv4 toa found. 81 | * <0 error occurred. 82 | */ 83 | static int get_toa_data(struct sk_buff *skb, __be32 *in) 84 | { 85 | struct tcphdr *th; 86 | int length; 87 | unsigned char *ptr; 88 | 89 | TOA_DBG("get_toa_data called\n"); 90 | 91 | if (skb) { 92 | th = tcp_hdr(skb); 93 | length = (th->doff * 4) - sizeof(struct tcphdr); 94 | ptr = (unsigned char *) (th + 1); 95 | 96 | while (length > 0) { 97 | int opcode = *ptr++; 98 | int opsize; 99 | switch (opcode) { 100 | case TCPOPT_EOL: 101 | return TOA_NOT_FOUND; 102 | case TCPOPT_NOP: /* Ref: RFC 793 section 3.1 */ 103 | length--; 104 | continue; 105 | default: 106 | opsize = *ptr++; 107 | if (opsize < 2) /* "silly options" */ 108 | return TOA_NOT_FOUND; 109 | if (opsize > length) 110 | /* don't parse partial options */ 111 | return TOA_NOT_FOUND; 112 | if (opcode == TCPOPT_TOA) { 113 | if (*ptr == TOA_IPV4 && opsize == TOA_V4_LEN && in) { 114 | memcpy(in, ptr + 1, sizeof(__be32)); 115 | TOA_DBG("coded ip4 toa data: %pI4c\n", ptr + 1); 116 | return TOA_IPV4_FOUND; 117 | } 118 | } 119 | 120 | ptr += opsize - 2; 121 | length -= opsize; 122 | } 123 | } 124 | } 125 | return TOA_NOT_FOUND; 126 | } 127 | 128 | /* get client ip from socket 129 | * @param sock [in] the socket to getpeername() or getsockname() 130 | * @param uaddr [out] the place to put client ip, port 131 | * @param uaddr_len [out] lenth of @uaddr 132 | * @param peer [in] if(peer), try to get remote address; if(!peer), 133 | * try to get local address 134 | * @return return what the original inet_getname() returns. 135 | */ 136 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 17, 0) 137 | static int inet_getname_toa(struct socket *sock, struct sockaddr *uaddr, 138 | int *uaddr_len, int peer) 139 | #else 140 | static int inet_getname_toa(struct socket *sock, struct sockaddr *uaddr, 141 | int peer) 142 | #endif 143 | { 144 | int retval = 0; 145 | struct sock *sk = sock->sk; 146 | struct sockaddr_in *sin = (struct sockaddr_in *) uaddr; 147 | struct toa_data *tdata; 148 | 149 | TOA_DBG("inet_getname_toa called, sk->sk_user_data is %p\n", 150 | sk->sk_user_data); 151 | 152 | /* call orginal one */ 153 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 17, 0) 154 | retval = inet_getname(sock, uaddr, uaddr_len, peer); 155 | #else 156 | retval = inet_getname(sock, uaddr, peer); 157 | #endif 158 | 159 | 160 | /* set our value if need */ 161 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 17, 0) 162 | if (!retval && sock_flag(sk, SOCK_TOA_IPV4) && 163 | #else 164 | if (retval > 0 && sock_flag(sk, SOCK_TOA_IPV4) && 165 | #endif 166 | sk->sk_user_data && peer) { 167 | if (sk->sk_family == AF_INET && sk->sk_type == SOCK_STREAM && 168 | sk->sk_prot == ptr_tcp_prot) { 169 | tdata = (struct toa_data*)&sk->sk_user_data; 170 | if (tdata->opcode == TCPOPT_TOA && 171 | tdata->opsize == TOA_V4_LEN && 172 | tdata->opversion == TOA_IPV4) { 173 | TOA_INC_STATS(ext_stats, GETNAME_TOA_OK_CNT); 174 | TOA_DBG("inet_getname_toa: set new sockaddr, ip " 175 | "%pI4c -> %pI4c\n", 176 | &sin->sin_addr.s_addr, &tdata->ip); 177 | sin->sin_addr.s_addr = tdata->ip; 178 | } else { /* sk_user_data doesn't belong to us */ 179 | TOA_INC_STATS(ext_stats, GETNAME_TOA_MISMATCH_CNT); 180 | } 181 | } else { 182 | TOA_INC_STATS(ext_stats, GETNAME_TOA_BYPASS_CNT); 183 | } 184 | } else { /* no need to get client ip */ 185 | TOA_INC_STATS(ext_stats, GETNAME_TOA_EMPTY_CNT); 186 | } 187 | 188 | return retval; 189 | } 190 | 191 | /* The three way handshake has completed - we got a valid synack - 192 | * now create the new socket. 193 | * We need to save toa data into the new socket. 194 | * @param sk [out] the socket 195 | * @param skb [in] the ack/ack-get packet 196 | * @param req [in] the open request for this connection 197 | * @param dst [out] route cache entry 198 | * @return NULL if fail new socket if succeed. 199 | */ 200 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0) 201 | static struct sock* tcp_v4_syn_recv_sock_toa(struct sock *sk, struct sk_buff *skb, 202 | struct request_sock *req, struct dst_entry *dst) 203 | #else 204 | static struct sock *tcp_v4_syn_recv_sock_toa(const struct sock *sk, struct sk_buff *skb, 205 | struct request_sock *req, struct dst_entry *dst, 206 | struct request_sock *req_unhash, bool *own_req) 207 | #endif 208 | { 209 | struct sock *newsock = NULL; 210 | struct tcp_sock *tp = tcp_sk(sk); 211 | struct toa_data tdata; 212 | __be32 ip = req_wndclp; 213 | void *ptr = NULL; 214 | 215 | TOA_DBG("tcp_v4_syn_recv_sock_toa called\n"); 216 | 217 | if (tp->window_clamp) 218 | req_wndclp = tp->window_clamp; 219 | else 220 | req_wndclp = 0; 221 | 222 | /* copy from tcp_select_initial_window() */ 223 | if (req_wndclp == 0) 224 | req_wndclp = 65535U << 14; 225 | 226 | if (sk->sk_userlocks & SOCK_RCVBUF_LOCK) 227 | req_wndclp = min_t(u32, req_wndclp, tcp_full_space(sk)); 228 | 229 | req_wndclp = min(65535U << inet_rsk(req)->rcv_wscale, req_wndclp); 230 | TOA_DBG("t4srst req: %p, tcp_wnd_clp: %u, wnd_clp: %u\n", 231 | req, tp->window_clamp, req_wndclp); 232 | 233 | WARN_ON_ONCE(!req_wndclp); 234 | 235 | /* call orginal one */ 236 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0) 237 | newsock = tcp_v4_syn_recv_sock(sk, skb, req, dst); 238 | #else 239 | newsock = tcp_v4_syn_recv_sock(sk, skb, req, dst, req_unhash, own_req); 240 | #endif 241 | 242 | /* clear TOA flag */ 243 | if (newsock) 244 | sock_reset_flag(newsock, SOCK_TOA_IPV4); 245 | 246 | /* set our value if need */ 247 | if (newsock && newsock->sk_family == AF_INET && 248 | newsock->sk_type == SOCK_STREAM && newsock->sk_prot == ptr_tcp_prot && 249 | !newsock->sk_user_data) { 250 | if (ip != 65535U) { 251 | tdata.opcode = TCPOPT_TOA; 252 | tdata.opsize = TOA_V4_LEN; 253 | tdata.opversion = TOA_IPV4; 254 | tdata.ip = ip; 255 | memcpy(&ptr, &tdata, sizeof(struct toa_data)); 256 | newsock->sk_user_data = ptr; 257 | sock_set_flag(newsock, SOCK_TOA_IPV4); 258 | TOA_INC_STATS(ext_stats, SYN_RECV_SOCK_TOA_CNT); 259 | } else { 260 | TOA_INC_STATS(ext_stats, SYN_RECV_SOCK_NO_TOA_CNT); 261 | } 262 | 263 | TOA_DBG("tcp_v4_syn_recv_sock_toa: set " 264 | "sk->sk_user_data to %p\n", 265 | newsock->sk_user_data); 266 | } 267 | return newsock; 268 | } 269 | 270 | static int tcp_v4_conn_request_toa(struct sock *sk, struct sk_buff *skb) 271 | { 272 | struct request_sock *req, **prev; 273 | struct tcphdr *th = tcp_hdr(skb); 274 | struct iphdr *iph = ip_hdr(skb); 275 | __be32 addr; 276 | int toa_found; 277 | int ret; 278 | 279 | TOA_DBG("tcp_v4_conn_request_toa called\n"); 280 | 281 | /* call orginal one */ 282 | ret = tcp_v4_conn_request(sk, skb); 283 | 284 | if (!ret && sk->sk_family == AF_INET && sk->sk_type == SOCK_STREAM && 285 | sk->sk_prot == ptr_tcp_prot) { 286 | #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0) 287 | req = inet_csk_search_req(sk, &prev, th->source, iph->saddr, iph->daddr); 288 | #else 289 | if (unlikely(!skb_dst(skb))) { 290 | TOA_INFO("There is not destination route entry in skb\n"); 291 | return ret; 292 | } 293 | req = (struct request_sock *)inet_lookup_established(dev_net(skb_dst(skb)->dev), 294 | &tcp_hashinfo, iph->saddr, th->source, 295 | iph->daddr, th->dest, inet_iif(skb)); 296 | #endif 297 | if (req) { 298 | TOA_DBG("t4crt req: %p, tcp_wnd_clp: %u, wnd_clp: %u\n", 299 | req, tcp_sk(sk)->window_clamp, req_wndclp); 300 | req_wndclp = 65535U; 301 | toa_found = get_toa_data(skb, &addr); 302 | if (toa_found == TOA_IPV4_FOUND) 303 | req_wndclp = addr; 304 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0) 305 | reqsk_put(req); 306 | #endif 307 | } 308 | } 309 | 310 | return ret; 311 | } 312 | 313 | /* replace the functions with our functions */ 314 | static inline int hook_toa_functions(void) 315 | { 316 | unsigned int level; 317 | pte_t *pte; 318 | bool pte_changed = false; 319 | 320 | /* hook inet_getname for ipv4 */ 321 | struct proto_ops *inet_stream_ops_p = 322 | (struct proto_ops *)&inet_stream_ops; 323 | /* hook tcp_v4_syn_recv_sock for ipv4 */ 324 | struct inet_connection_sock_af_ops *ipv4_specific_p = 325 | (struct inet_connection_sock_af_ops *)&ipv4_specific; 326 | 327 | pte = lookup_address((unsigned long )inet_stream_ops_p, &level); 328 | if (!pte) 329 | return 1; 330 | if (!(pte->pte & _PAGE_RW)) { 331 | pte->pte |= _PAGE_RW; 332 | pte_changed = true; 333 | } 334 | 335 | inet_stream_ops_p->getname = inet_getname_toa; 336 | TOA_INFO("CPU [%u] hooked inet_getname <%pK> --> <%pK>\n", 337 | smp_processor_id(), inet_getname, 338 | inet_stream_ops_p->getname); 339 | 340 | if (pte_changed) { 341 | pte->pte &= ~_PAGE_RW; 342 | pte_changed = false; 343 | } 344 | 345 | pte = lookup_address((unsigned long )ipv4_specific_p, &level); 346 | if (!pte) 347 | return 1; 348 | if (!(pte->pte & _PAGE_RW)) { 349 | pte->pte |= _PAGE_RW; 350 | pte_changed = true; 351 | } 352 | 353 | ipv4_specific_p->syn_recv_sock = tcp_v4_syn_recv_sock_toa; 354 | TOA_INFO("CPU [%u] hooked tcp_v4_syn_recv_sock <%pK> --> <%pK>\n", 355 | smp_processor_id(), tcp_v4_syn_recv_sock, 356 | ipv4_specific_p->syn_recv_sock); 357 | 358 | ipv4_specific_p->conn_request = tcp_v4_conn_request_toa; 359 | TOA_INFO("CPU [%u] hooked tcp_v4_conn_request <%pK> --> <%pK>\n", 360 | smp_processor_id(), tcp_v4_conn_request, 361 | ipv4_specific_p->conn_request); 362 | 363 | if (pte_changed) { 364 | pte->pte &= ~_PAGE_RW; 365 | pte_changed = false; 366 | } 367 | 368 | return 0; 369 | } 370 | 371 | /* replace the functions to original ones */ 372 | static int unhook_toa_functions(void) 373 | { 374 | unsigned int level; 375 | pte_t *pte; 376 | bool pte_changed = false; 377 | 378 | /* unhook inet_getname for ipv4 */ 379 | struct proto_ops *inet_stream_ops_p = 380 | (struct proto_ops *)&inet_stream_ops; 381 | /* unhook tcp_v4_syn_recv_sock for ipv4 */ 382 | struct inet_connection_sock_af_ops *ipv4_specific_p = 383 | (struct inet_connection_sock_af_ops *)&ipv4_specific; 384 | 385 | pte = lookup_address((unsigned long )inet_stream_ops_p, &level); 386 | if (!pte) 387 | return 1; 388 | if (!(pte->pte & _PAGE_RW)) { 389 | pte->pte |= _PAGE_RW; 390 | pte_changed = true; 391 | } 392 | 393 | inet_stream_ops_p->getname = inet_getname; 394 | TOA_INFO("CPU [%u] unhooked inet_getname\n", 395 | smp_processor_id()); 396 | 397 | if (pte_changed) { 398 | pte->pte &= ~_PAGE_RW; 399 | pte_changed = false; 400 | } 401 | 402 | pte = lookup_address((unsigned long )ipv4_specific_p, &level); 403 | if (!pte) 404 | return 1; 405 | if (!(pte->pte & _PAGE_RW)) { 406 | pte->pte |= _PAGE_RW; 407 | pte_changed = true; 408 | } 409 | 410 | ipv4_specific_p->syn_recv_sock = tcp_v4_syn_recv_sock; 411 | TOA_INFO("CPU [%u] unhooked tcp_v4_syn_recv_sock\n", 412 | smp_processor_id()); 413 | 414 | ipv4_specific_p->conn_request = tcp_v4_conn_request; 415 | TOA_INFO("CPU [%u] unhooked tcp_v4_conn_request\n", 416 | smp_processor_id()); 417 | 418 | if (pte_changed) { 419 | pte->pte &= ~_PAGE_RW; 420 | pte_changed = false; 421 | } 422 | 423 | return 0; 424 | } 425 | 426 | /* statistics of toa in proc /proc/net/toa_stats */ 427 | static int toa_stats_show(struct seq_file *seq, void *v) 428 | { 429 | int i, j, cpu_nr; 430 | 431 | /* print CPU first */ 432 | seq_printf(seq, " "); 433 | cpu_nr = num_possible_cpus(); 434 | for (i = 0; i < cpu_nr; i++) 435 | if (cpu_online(i)) 436 | seq_printf(seq, "CPU%d ", i); 437 | seq_putc(seq, '\n'); 438 | 439 | i = 0; 440 | while (NULL != toa_stats[i].name) { 441 | seq_printf(seq, "%-25s:", toa_stats[i].name); 442 | for (j = 0; j < cpu_nr; j++) { 443 | if (cpu_online(j)) { 444 | seq_printf(seq, "%10lu ", 445 | *(((unsigned long *) per_cpu_ptr( 446 | ext_stats, j)) + toa_stats[i].entry)); 447 | } 448 | } 449 | seq_putc(seq, '\n'); 450 | i++; 451 | } 452 | return 0; 453 | } 454 | 455 | static int toa_stats_seq_open(struct inode *inode, struct file *file) 456 | { 457 | return single_open(file, toa_stats_show, NULL); 458 | } 459 | 460 | #if LINUX_VERSION_CODE < KERNEL_VERSION(5, 6, 0) 461 | static const struct file_operations toa_stats_ops = { 462 | .owner = THIS_MODULE, 463 | .open = toa_stats_seq_open, 464 | .read = seq_read, 465 | .llseek = seq_lseek, 466 | .release = single_release, 467 | }; 468 | #else 469 | static const struct proc_ops toa_stats_ops = { 470 | .proc_open = toa_stats_seq_open, 471 | .proc_read = seq_read, 472 | .proc_lseek = seq_lseek, 473 | .proc_release = single_release, 474 | }; 475 | #endif 476 | 477 | #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 33) 478 | /* TOA module init and destory */ 479 | int kln_lookup(void *data, const char *name, struct module *mod, 480 | unsigned long addr) 481 | { 482 | if (!mod && !strcmp(name, "kallsyms_lookup_name")) { 483 | ptr_kallsyms_lookup_name = (void*)addr; 484 | return 1; 485 | } 486 | 487 | return 0; 488 | } 489 | #endif 490 | 491 | static int toa_get_symbols(void){ 492 | #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 33) 493 | kallsyms_on_each_symbol(kln_lookup, NULL); 494 | #elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 7, 0) 495 | ptr_kallsyms_lookup_name = kallsyms_lookup_name; 496 | #else 497 | register_kprobe(&kp); 498 | ptr_kallsyms_lookup_name = (kallsyms_lookup_name_t) kp.addr; 499 | unregister_kprobe(&kp); 500 | #endif 501 | 502 | if (WARN_ON(!ptr_kallsyms_lookup_name)) { 503 | pr_err("ptr_kallsyms_lookup_name is NULL\n"); 504 | return -EFAULT; 505 | } 506 | 507 | #define GET_SYM(name, type) do { \ 508 | ptr_##name = (type)ptr_kallsyms_lookup_name(#name); \ 509 | if (!ptr_##name) { \ 510 | pr_err("tcp_toa: symbol " #name " not found\n"); \ 511 | return -EFAULT; \ 512 | } \ 513 | } while (0) 514 | 515 | GET_SYM(tcp_prot, struct proto*); 516 | return 0; 517 | } 518 | 519 | /* module init */ 520 | static int __init toa_init(void) 521 | { 522 | int ret = 0; 523 | 524 | TOA_INFO("tcp_toa " TOA_VERSION " insmod\n"); 525 | 526 | BUILD_BUG_ON(sizeof(((struct sock*)0)->sk_flags) < 8); 527 | 528 | if (toa_get_symbols()) 529 | return -EFAULT; 530 | 531 | /* alloc statistics array for toa */ 532 | ext_stats = alloc_percpu(struct toa_stat_mib); 533 | if (!ext_stats) 534 | return -ENOMEM; 535 | 536 | proc_toa_stat = proc_create("toa_stats", 0444, init_net.proc_net, &toa_stats_ops); 537 | if (!proc_toa_stat) { 538 | TOA_INFO("cannot create proc.\n"); 539 | ret = -ENOMEM; 540 | goto free_stats; 541 | } 542 | 543 | /* hook funcs for parse and get toa */ 544 | if (hook_toa_functions()) { 545 | TOA_INFO("cannot hook toa functions.\n"); 546 | ret = -EFAULT; 547 | goto unhook; 548 | } 549 | 550 | TOA_INFO("tcp_toa loaded\n"); 551 | return 0; 552 | 553 | unhook: 554 | unhook_toa_functions(); 555 | synchronize_net(); 556 | remove_proc_entry("toa_stats", init_net.proc_net); 557 | 558 | free_stats: 559 | if (ext_stats) { 560 | free_percpu(ext_stats); 561 | ext_stats = NULL; 562 | } 563 | 564 | return ret; 565 | } 566 | 567 | /* module cleanup */ 568 | static void __exit toa_exit(void) 569 | { 570 | TOA_INFO("tcp_toa " TOA_VERSION " rmmod\n"); 571 | 572 | unhook_toa_functions(); 573 | synchronize_net(); 574 | remove_proc_entry("toa_stats", init_net.proc_net); 575 | 576 | if (ext_stats) { 577 | free_percpu(ext_stats); 578 | ext_stats = NULL; 579 | } 580 | 581 | TOA_INFO("tcp_toa unloaded\n"); 582 | } 583 | 584 | module_init(toa_init); 585 | module_exit(toa_exit); 586 | 587 | MODULE_DESCRIPTION("TOA(TCP Option Address) parser"); 588 | MODULE_LICENSE("GPL"); 589 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc., 5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Lesser General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License along 307 | with this program; if not, write to the Free Software Foundation, Inc., 308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 309 | 310 | Also add information on how to contact you by electronic and paper mail. 311 | 312 | If the program is interactive, make it output a short notice like this 313 | when it starts in an interactive mode: 314 | 315 | Gnomovision version 69, Copyright (C) year name of author 316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 317 | This is free software, and you are welcome to redistribute it 318 | under certain conditions; type `show c' for details. 319 | 320 | The hypothetical commands `show w' and `show c' should show the appropriate 321 | parts of the General Public License. Of course, the commands you use may 322 | be called something other than `show w' and `show c'; they could even be 323 | mouse-clicks or menu items--whatever suits your program. 324 | 325 | You should also get your employer (if you work as a programmer) or your 326 | school, if any, to sign a "copyright disclaimer" for the program, if 327 | necessary. Here is a sample; alter the names: 328 | 329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 330 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 331 | 332 | , 1 April 1989 333 | Ty Coon, President of Vice 334 | 335 | This General Public License does not permit incorporating your program into 336 | proprietary programs. If your program is a subroutine library, you may 337 | consider it more useful to permit linking proprietary applications with the 338 | library. If this is what you want to do, use the GNU Lesser General 339 | Public License instead of this License. 340 | --------------------------------------------------------------------------------