I started coding in ebpf and XDP. I am using python bcc to load the XDP program to the NICs. I am trying to work with __sk_buff structure, but when I am trying to access any filed of skb the verifier failed to load the program.
int xdp_test(struct sk_buff *skb)
{
void *data = (void*)(long)skb->data;
void *data_end = (void*)(long)skb->data_end;
if (data + sizeof(struct ethhdr) + sizeof(struct iphdr) < data_end)
{
struct iphdr * ip = ip_hdr(skb);
// according to my checks, it failed because of this line. I cant access to ip->protocol (or any other fileds)
if (ip->protocol == IPPROTO_TCP)
{
return XDP_PASS;
}
}
...
return XDP_PASS
}
I just want to calculates layer 4 checksum on my program using bpf_l4_csum_replace Which takes skb as the first argument.
Why is that happening? Can I even use __sk_buff structure in XDP? Or I have to use the xdp_md struct?
UPDATE: Thanks to Qeole, I understood that I cannot use sk_buff using XDP. There is a way to calculate TCP checksum using xdp_md?
Indeed you cannot use the
struct __sk_buffin XDP programs. You have to use thestruct xdp_mdinstead. XDP performance is due for a great part to the kernel calling the eBPF program before the allocation and initialisation of the socket buffer (struct sk_buffin the kernel), which saves time and resources, but also means you don't have access to that structure in your XDP program.