Skip to content
Navigation Menu
Toggle navigation
Sign in
In this repository
All GitHub Enterprise
↵
Jump to
↵
No suggested jump to results
In this repository
All GitHub Enterprise
↵
Jump to
↵
In this organization
All GitHub Enterprise
↵
Jump to
↵
In this repository
All GitHub Enterprise
↵
Jump to
↵
Sign in
Reseting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
mariux64
/
linux
Public
Notifications
You must be signed in to change notification settings
Fork
0
Star
0
Code
Issues
1
Pull requests
0
Actions
Projects
0
Wiki
Security
Insights
Additional navigation options
Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights
Files
9b329d0
Breadcrumbs
linux
/
tools
/
testing
/
selftests
/
bpf
/
progs
/
test_sysctl_prog.c
Copy path
Blame
Blame
Latest commit
History
History
73 lines (55 loc) · 1.59 KB
Breadcrumbs
linux
/
tools
/
testing
/
selftests
/
bpf
/
progs
/
test_sysctl_prog.c
Top
File metadata and controls
Code
Blame
73 lines (55 loc) · 1.59 KB
Raw
// SPDX-License-Identifier: GPL-2.0 // Copyright (c) 2019 Facebook #include <stdint.h> #include <string.h> #include <linux/stddef.h> #include <linux/bpf.h> #include <bpf/bpf_helpers.h> /* Max supported length of a string with unsigned long in base 10 (pow2 - 1). */ #define MAX_ULONG_STR_LEN 0xF /* Max supported length of sysctl value string (pow2). */ #define MAX_VALUE_STR_LEN 0x40 #ifndef ARRAY_SIZE #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) #endif static __always_inline int is_tcp_mem(struct bpf_sysctl *ctx) { char tcp_mem_name[] = "net/ipv4/tcp_mem"; unsigned char i; char name[64]; int ret; memset(name, 0, sizeof(name)); ret = bpf_sysctl_get_name(ctx, name, sizeof(name), 0); if (ret < 0 || ret != sizeof(tcp_mem_name) - 1) return 0; #pragma clang loop unroll(full) for (i = 0; i < sizeof(tcp_mem_name); ++i) if (name[i] != tcp_mem_name[i]) return 0; return 1; } SEC("cgroup/sysctl") int sysctl_tcp_mem(struct bpf_sysctl *ctx) { unsigned long tcp_mem[3] = {0, 0, 0}; char value[MAX_VALUE_STR_LEN]; unsigned char i, off = 0; volatile int ret; if (ctx->write) return 0; if (!is_tcp_mem(ctx)) return 0; ret = bpf_sysctl_get_current_value(ctx, value, MAX_VALUE_STR_LEN); if (ret < 0 || ret >= MAX_VALUE_STR_LEN) return 0; #pragma clang loop unroll(full) for (i = 0; i < ARRAY_SIZE(tcp_mem); ++i) { ret = bpf_strtoul(value + off, MAX_ULONG_STR_LEN, 0, tcp_mem + i); if (ret <= 0 || ret > MAX_ULONG_STR_LEN) return 0; off += ret & MAX_ULONG_STR_LEN; } return tcp_mem[0] < tcp_mem[1] && tcp_mem[1] < tcp_mem[2]; } char _license[] SEC("license") = "GPL";
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
You can’t perform that action at this time.