impl README

2026-02-10 05:35:53 +08:00 · 2022-12-04 18:47:00 +08:00
parent 4089e699b4
commit cf82f04a7b
9 changed files with 43 additions and 33 deletions
--- a/21-tc/.gitignore
+++ b/21-tc/.gitignore
@@ -0,0 +1,10 @@
+.vscode
+package.json
+*.wasm
+ewasm-skel.h
+ecli
+ewasm
+*.o
+*.skel.json
+*.skel.yaml
+package.yaml
--- a/21-tc/README.md
+++ b/21-tc/README.md
@@ -0,0 +1,56 @@
+---
+layout: post
+title: tc
+date: 2022-10-10 16:18
+category: bpftools
+author: yunwei37
+tags: [bpftools, tc, example]
+summary: a minimal example of a BPF application use tc
+---
+
+
+`tc` (short for Traffic Control) is an example of handling ingress network traffics.
+It creates a qdisc on the `lo` interface and attaches the `tc_ingress` BPF program to it.
+It reports the metadata of the IP packets that coming into the `lo` interface.
+
+```shell
+$ sudo ecli ./package.json
+...
+Successfully started! Please run `sudo cat /sys/kernel/debug/tracing/trace_pipe` to see output of the BPF program.
+......
+```
+
+The `tc` output in `/sys/kernel/debug/tracing/trace_pipe` should look
+something like this:
+
+```
+$ sudo cat /sys/kernel/debug/tracing/trace_pipe
+            node-1254811 [007] ..s1 8737831.671074: 0: Got IP packet: tot_len: 79, ttl: 64
+            sshd-1254728 [006] ..s1 8737831.674334: 0: Got IP packet: tot_len: 79, ttl: 64
+            sshd-1254728 [006] ..s1 8737831.674349: 0: Got IP packet: tot_len: 72, ttl: 64
+            node-1254811 [007] ..s1 8737831.674550: 0: Got IP packet: tot_len: 71, ttl: 64
+```
+
+## Compile and Run
+
+ 
+
+Compile:
+
+```console
+docker run -it -v `pwd`/:/src/ yunwei37/ebpm:latest
+```
+
+or compile with `ecc`:
+
+```console
+$ ecc tc.bpf.c
+Compiling bpf object...
+Packing ebpf object and config into package.json...
+```
+
+Run:
+
+```console
+sudo ecli ./package.json
+```
--- a/21-tc/tc.bpf.c
+++ b/21-tc/tc.bpf.c
@@ -0,0 +1,36 @@
+// SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
+/* Copyright (c) 2022 Hengqi Chen */
+#include <vmlinux.h>
+#include <bpf/bpf_endian.h>
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+#define TC_ACT_OK 0
+#define ETH_P_IP 0x0800 /* Internet Protocol packet	*/
+
+/// @tchook {"ifindex":1, "attach_point":"BPF_TC_INGRESS"}
+/// @tcopts {"handle":1, "priority":1}
+SEC("tc")
+int tc_ingress(struct __sk_buff *ctx)
+{
+    void *data_end = (void *)(__u64)ctx->data_end;
+    void *data = (void *)(__u64)ctx->data;
+    struct ethhdr *l2;
+    struct iphdr *l3;
+
+    if (ctx->protocol != bpf_htons(ETH_P_IP))
+        return TC_ACT_OK;
+
+    l2 = data;
+    if ((void *)(l2 + 1) > data_end)
+        return TC_ACT_OK;
+
+    l3 = (struct iphdr *)(l2 + 1);
+    if ((void *)(l3 + 1) > data_end)
+        return TC_ACT_OK;
+
+    bpf_printk("Got IP packet: tot_len: %d, ttl: %d", bpf_ntohs(l3->tot_len), l3->ttl);
+    return TC_ACT_OK;
+}
+
+char __license[] SEC("license") = "GPL";