1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef NET_FIREWALL_TYPES_H
16 #define NET_FIREWALL_TYPES_H
17 
18 #include <linux/types.h>
19 #include <linux/bpf.h>
20 #include <sys/socket.h>
21 
22 #ifdef __cplusplus
23 #include <netinet/in.h>
24 #else
25 #include <linux/in6.h>
26 #endif
27 
28 #define USER_ID_DIVIDOR 200000
29 #define DEFAULT_USER_ID 100
30 #define BITMAP_LEN 63
31 
32 struct bitmap {
33     __u32 val[BITMAP_LEN];
34 };
35 
36 typedef __u32 *bitmap_ptr;
37 typedef __u32 bitmap_t[BITMAP_LEN];
38 #define BITMAP_BITS (BITMAP_LEN * 32)
39 
40 enum stream_dir {
41     INVALID = -1,
42     INGRESS = 1,
43     EGRESS,
44 };
45 
46 enum event_type {
47     EVENT_INVALID = -1,
48     EVENT_INTERCEPT = 1,
49     EVENT_DEBUG,
50     EVENT_TUPLE_DEBUG,
51 };
52 
53 enum debug_type {
54     DBG_UNSPEC = 0,
55     DBG_GENERIC, /* Generic, no message, useful to dump random integers */
56     DBG_LOOKUP_FAIL,
57     DBG_MATCH_SADDR,
58     DBG_MATCH_DADDR,
59     DBG_MATCH_SPORT,
60     DBG_MATCH_DPORT,
61     DBG_MATCH_PROTO,
62     DBG_MATCH_APPUID,
63     DBG_MATCH_UID,
64     DBG_ACTION_KEY,
65     DBG_MATCH_ACTION,
66     DBG_TCP_FLAGS,
67     DBG_CT_LOOKUP,
68 };
69 
70 struct debug_event {
71     enum debug_type type;
72     enum stream_dir dir;
73     __u32 arg1;
74     __u32 arg2;
75     __u32 arg3;
76     __u32 arg4;
77     __u32 arg5;
78 };
79 
80 struct intercept_event {
81     enum stream_dir dir;
82     __u32 family;
83     __u8 protocol;
84     union {
85         struct {
86             __be32 saddr;
87             __be32 daddr;
88         } ipv4;
89         struct {
90             struct in6_addr saddr;
91             struct in6_addr daddr;
92         } ipv6;
93     };
94     __be16 sport;
95     __be16 dport;
96     __u32 appuid;
97 };
98 
99 struct match_tuple {
100     enum stream_dir dir;
101     __u32 family;
102     __u8 protocol;
103     union {
104         struct {
105             __be32 saddr;
106             __be32 daddr;
107         } ipv4;
108         struct {
109             struct in6_addr saddr;
110             struct in6_addr daddr;
111         } ipv6;
112     };
113     __be16 sport;
114     __be16 dport;
115     __u32 appuid;
116     __u32 uid;
117     __u16 rst;
118 };
119 
120 
121 struct event {
122     enum event_type type;
123     union {
124         struct debug_event debug;
125         struct intercept_event intercept;
126         struct match_tuple tuple;
127     };
128     __u32 len;
129 };
130 
131 typedef __be32 ip4_key;
132 typedef struct in6_addr ip6_key;
133 typedef __u8 action_key;
134 typedef struct bitmap action_val;
135 typedef __be16 port_key;
136 typedef __u8 proto_key;
137 typedef __u32 appuid_key;
138 typedef __u32 uid_key;
139 
140 typedef enum {
141     CURRENT_USER_ID_KEY = 1,
142 } current_user_id_key;
143 
144 typedef enum {
145     DEFAULT_ACT_IN_KEY = 1,
146     DEFAULT_ACT_OUT_KEY = 2,
147 } default_action_key;
148 
149 struct ipv4_lpm_key {
150         __u32 prefixlen;
151         ip4_key data;
152 };
153 
154 struct ipv6_lpm_key {
155         __u32 prefixlen;
156         ip6_key data;
157 };
158 
159 #endif // NET_FIREWALL_TYPES_H
160