[bpf-next RFC 4/6] bpf: sync bpf.h to tools/

Mon, 15 Jul 2019 17:27:23 -0700 

From: Petar Penkov <ppen...@google.com>

Sync updated documentation for bpf_redirect_map.

Sync the bpf_tcp_gen_syncookie helper function definition with the one
in tools/uapi.

Signed-off-by: Petar Penkov <ppen...@google.com>
---
 tools/include/uapi/linux/bpf.h | 37 +++++++++++++++++++++++++++++++---
 1 file changed, 34 insertions(+), 3 deletions(-)

diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
index f506c68b2612..abf4a85c76d1 100644
--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@@ -1571,8 +1571,11 @@ union bpf_attr {
  *             but this is only implemented for native XDP (with driver
  *             support) as of this writing).
  *
- *             All values for *flags* are reserved for future usage, and must
- *             be left at zero.
+ *             The lower two bits of *flags* are used as the return code if
+ *             the map lookup fails. This is so that the return value can be
+ *             one of the XDP program return codes up to XDP_TX, as chosen by
+ *             the caller. Any higher bits in the *flags* argument must be
+ *             unset.
  *
  *             When used to redirect packets to net devices, this helper
  *             provides a high performance increase over **bpf_redirect**\ ().
@@ -2710,6 +2713,33 @@ union bpf_attr {
  *             **-EPERM** if no permission to send the *sig*.
  *
  *             **-EAGAIN** if bpf program can try again.
+ *
+ * s64 bpf_tcp_gen_syncookie(struct bpf_sock *sk, void *iph, u32 iph_len, 
struct tcphdr *th, u32 th_len)
+ *     Description
+ *             Try to issue a SYN cookie for the packet with corresponding
+ *             IP/TCP headers, *iph* and *th*, on the listening socket in *sk*.
+ *
+ *             *iph* points to the start of the IPv4 or IPv6 header, while
+ *             *iph_len* contains **sizeof**\ (**struct iphdr**) or
+ *             **sizeof**\ (**struct ip6hdr**).
+ *
+ *             *th* points to the start of the TCP header, while *th_len*
+ *             contains **sizeof**\ (**struct tcphdr**).
+ *
+ *     Return
+ *             On success, lower 32 bits hold the generated SYN cookie in
+ *             network order and the higher 32 bits hold the MSS value for that
+ *             cookie.
+ *
+ *             On failure, the returned value is one of the following:
+ *
+ *             **-EINVAL** SYN cookie cannot be issued due to error
+ *
+ *             **-ENOENT** SYN cookie should not be issued (no SYN flood)
+ *
+ *             **-ENOTSUPP** kernel configuration does not enable SYN cookies
+ *
+ *             **-EPROTONOSUPPORT** *sk* family is not AF_INET/AF_INET6
  */
 #define __BPF_FUNC_MAPPER(FN)          \
        FN(unspec),                     \
@@ -2821,7 +2851,8 @@ union bpf_attr {
        FN(strtoul),                    \
        FN(sk_storage_get),             \
        FN(sk_storage_delete),          \
-       FN(send_signal),
+       FN(send_signal),                \
+       FN(tcp_gen_syncookie),
 
 /* integer value in 'imm' field of BPF_CALL instruction selects which helper
  * function eBPF program intends to call
-- 
2.22.0.510.g264f2c817a-goog

Reply via email to