example: Add TCP header modification example

- Replaced tabs with spaces for consistency
- Removed unstable features
- Modified handling of attachment result
- Replaced verbose options and included trigger command in README.md

Author: ThisSeanZhang

examples/tcp_option/Cargo.toml

@@ -0,0 +1,16 @@
+[package]
+name = "tcp_option"
+version = "0.1.0"
+edition = "2021"
+license = "LGPL-2.1-only OR BSD-2-Clause"
+
+[build-dependencies]
+libbpf-cargo = { path = "../../libbpf-cargo" }
+vmlinux = { path = "../../vmlinux" }
+
+[dependencies]
+anyhow = "1.0"
+libbpf-rs = { path = "../../libbpf-rs" }
+clap = { version = "4.0.32", features = ["derive"] }
+libc = "0.2"
+ctrlc = "3.2"

examples/tcp_option/LICENSE

@@ -0,0 +1 @@
+../../LICENSE

examples/tcp_option/LICENSE.BSD-2-Clause

@@ -0,0 +1 @@
+../../LICENSE.BSD-2-Clause

examples/tcp_option/LICENSE.LGPL-2.1

@@ -0,0 +1 @@
+../../LICENSE.LGPL-2.1

examples/tcp_option/README.md

@@ -0,0 +1,83 @@
+# TCP Header Modification Example
+This example focuses on modifying TCP headers, demonstrating how users can extend and manipulate network packet headers as required.
+
+## Building
+
+```shell
+$ cargo build
+```
+
+## Usage
+
+```shell
+$ sudo ./target/debug/tcp_option --ip <target> --trace-id <id or something>
+```
+
+## Trigger
+
+```shell
+# Start
+$ sudo ./target/debug/tcp_option --ip 127.0.0.1 --trace-id 42
+
+# Start a listener
+$ nc -l 127.0.0.1 65000 &
+
+# Start a connector
+$ echo test | nc 127.0.0.1 65000
+```
+
+> Note that using 127.0.0.1 may result in a mixed output of modified TCP headers in both directions. In fact, only the response message of the machine where the program is deployed will be modified.
+
+## Output
+
+```shell
+$ sudo cat /sys/kernel/debug/tracing/trace_pipe
+```
+
+```text
+<...>-190048  [000] d..21 2094364.690447: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 524, required space: 8
+<...>-190048  [000] d..21 2094364.690477: bpf_trace_printk: Stored a TCP option in TCP Flag: 2
+<...>-190048  [000] D..21 2094364.690500: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] D..21 2094364.690501: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d.s31 2094364.690507: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] d.s31 2094364.690508: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d..21 2094364.690540: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32741, required space: 8
+<...>-190048  [000] d..21 2094364.690551: bpf_trace_printk: Stored a TCP option in TCP Flag: 16
+<...>-190048  [000] D..21 2094364.690556: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] D..21 2094364.690556: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d.s31 2094364.690560: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] d.s31 2094364.690562: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d..21 2094364.690632: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32741, required space: 8
+<...>-190048  [000] d..21 2094364.690643: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32741, required space: 13
+<...>-190048  [000] d..21 2094364.690646: bpf_trace_printk: Stored a TCP option in TCP Flag: 24
+<...>-190048  [000] D..21 2094364.690651: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] D..21 2094364.690654: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d.s31 2094364.690657: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] d.s31 2094364.690658: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d.s41 2094364.690671: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32768, required space: 8
+<...>-190048  [000] d.s41 2094364.690673: bpf_trace_printk: Stored a TCP option in TCP Flag: 16
+<...>-190048  [000] D.s41 2094364.690677: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] D.s41 2094364.690678: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190048  [000] d.s31 2094364.690681: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190048  [000] d.s31 2094364.690682: bpf_trace_printk: ####=> Socket TCP option data: 42
+    nc-190048  [000] d..21 2094379.828439: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32768, required space: 8
+    nc-190048  [000] d..21 2094379.828469: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32768, required space: 8
+    nc-190048  [000] d..21 2094379.828472: bpf_trace_printk: Stored a TCP option in TCP Flag: 17
+    nc-190048  [000] D..21 2094379.828496: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+    nc-190048  [000] D..21 2094379.828498: bpf_trace_printk: ####=> Socket TCP option data: 42
+    nc-190048  [000] d.s31 2094379.828507: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+    nc-190048  [000] d.s31 2094379.828517: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190022  [002] d..21 2094379.828606: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32768, required space: 8
+<...>-190022  [002] d..21 2094379.828636: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32768, required space: 8
+<...>-190022  [002] d..21 2094379.828639: bpf_trace_printk: Stored a TCP option in TCP Flag: 17
+<...>-190022  [002] D..21 2094379.828652: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190022  [002] D..21 2094379.828653: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190022  [002] d.s31 2094379.828659: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190022  [002] d.s31 2094379.828661: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190022  [002] d.s41 2094379.828677: bpf_trace_printk: Sufficient space available to store a TCP option, total space: 32768, required space: 8
+<...>-190022  [002] d.s41 2094379.828690: bpf_trace_printk: Stored a TCP option in TCP Flag: 16
+<...>-190022  [002] D.s41 2094379.828696: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190022  [002] D.s41 2094379.828697: bpf_trace_printk: ####=> Socket TCP option data: 42
+<...>-190022  [002] d.s31 2094379.828717: bpf_trace_printk: ####=> Socket TCP option magic: 0xeb9f
+<...>-190022  [002] d.s31 2094379.828718: bpf_trace_printk: ####=> Socket TCP option data: 42
+```

examples/tcp_option/build.rs

@@ -0,0 +1,29 @@
+use std::env;
+use std::ffi::OsStr;
+use std::path::PathBuf;
+
+use libbpf_cargo::SkeletonBuilder;
+
+const SRC: &str = "src/bpf/tcp_option.bpf.c";
+
+fn main() {
+    let out = PathBuf::from(
+        env::var_os("CARGO_MANIFEST_DIR").expect("CARGO_MANIFEST_DIR must be set in build script"),
+    )
+    .join("src")
+    .join("bpf")
+    .join("tcp_option.skel.rs");
+
+    let arch = env::var("CARGO_CFG_TARGET_ARCH")
+        .expect("CARGO_CFG_TARGET_ARCH must be set in build script");
+
+    SkeletonBuilder::new()
+        .source(SRC)
+        .clang_args([
+            OsStr::new("-I"),
+            vmlinux::include_path_root().join(arch).as_os_str(),
+        ])
+        .build_and_generate(&out)
+        .unwrap();
+    println!("cargo:rerun-if-changed={SRC}");
+}

examples/tcp_option/src/bpf/tcp_option.bpf.c

@@ -0,0 +1,196 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#include "vmlinux.h"
+
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+#include <bpf/bpf_endian.h>
+
+#define IP_MF 0x2000
+#define IP_OFFSET 0x1FFF
+#define ETH_HLEN 14
+#define ETH_P_IP 0x0800
+
+#define TCP_OPTION_CODE 253
+#define TCP_OPTION_MAGIC 0xEB9F
+
+char _license[] SEC("license") = "GPL";
+
+const volatile __u32 targ_ip = 0;
+const volatile __u32 data_such_as_trace_id = 0;
+
+struct __attribute__((packed)) tcp_option
+{
+    u8 kind;
+    u8 length;
+    u16 magic;
+    u32 data;
+};
+
+static void reserve_space_for_tcp_option(struct bpf_sock_ops *skops)
+{
+    u32 need_space = skops->skb_len + sizeof(struct tcp_option);
+    if (need_space > skops->mss_cache)
+        return;
+
+    bpf_printk("Sufficient space available to store a TCP option, total space: %u, required space: %u", skops->mss_cache, need_space);
+    bpf_reserve_hdr_opt(skops, sizeof(struct tcp_option), 0);
+}
+
+static inline void store_tcp_option_header(struct bpf_sock_ops *skops)
+{
+    struct tcp_option tcp_option;
+    struct tcphdr *th = skops->skb_data;
+
+    if (skops->skb_len + sizeof(struct tcp_option) > skops->mss_cache)
+        return;
+
+    tcp_option.kind = TCP_OPTION_CODE;
+    tcp_option.length = sizeof(struct tcp_option);
+    tcp_option.magic = bpf_htons(TCP_OPTION_MAGIC);
+    tcp_option.data = data_such_as_trace_id;
+    bpf_store_hdr_opt(skops, &tcp_option, sizeof(tcp_option), 0);
+    bpf_printk("Stored a TCP option in TCP Flag: %u", skops->skb_tcp_flags);
+}
+
+SEC("sockops")
+int sockops_write_tcp_options(struct bpf_sock_ops *skops)
+{
+    u32 l_ip, r_ip;
+    l_ip = skops->local_ip4;
+    r_ip = skops->remote_ip4;
+
+    // Check if the IP addresses match the target IP
+    if (r_ip != targ_ip && l_ip != targ_ip) {
+        return 1;
+    }
+    switch (skops->op)
+    {
+    // When creating a connection to another host
+    case BPF_SOCK_OPS_TCP_CONNECT_CB:
+        bpf_sock_ops_cb_flags_set(skops, skops->bpf_sock_ops_cb_flags | BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG);
+        break;
+    // When accepting a connection from another host
+    case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB:
+        bpf_sock_ops_cb_flags_set(skops, skops->bpf_sock_ops_cb_flags | BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG);
+        break;
+    // When the socket is established
+    case BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB:
+        bpf_sock_ops_cb_flags_set(skops, skops->bpf_sock_ops_cb_flags | BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG);
+        break;
+    // When reserving space for TCP options header
+    case BPF_SOCK_OPS_HDR_OPT_LEN_CB:
+        reserve_space_for_tcp_option(skops);
+        break;
+    // When writing TCP options header
+    case BPF_SOCK_OPS_WRITE_HDR_OPT_CB:
+        store_tcp_option_header(skops);
+        break;
+    }
+    return 1;
+}
+
+struct __tcphdr
+{
+    __be16 source;
+    __be16 dest;
+    __be32 seq;
+    __be32 ack_seq;
+    __u16 res1 : 4, doff : 4, fin : 1, syn : 1, rst : 1, psh : 1, ack : 1, urg : 1, ece : 1, cwr : 1;
+    __be16 window;
+    __sum16 check;
+    __be16 urg_ptr;
+};
+
+static inline int ip_is_fragment(struct __sk_buff *skb, __u32 nhoff)
+{
+    __u16 frag_off;
+
+    bpf_skb_load_bytes(skb, nhoff + offsetof(struct iphdr, frag_off), &frag_off, 2);
+    frag_off = __bpf_ntohs(frag_off);
+    return frag_off & (IP_MF | IP_OFFSET);
+}
+
+SEC("socket")
+int socket_handler(struct __sk_buff *skb) {
+    u16 proto;
+    u32 nhoff = ETH_HLEN;
+    u8 hdr_len;
+    u32 tcp_hdr_start = 0;
+    u32 ip_proto = 0;
+    u32 l_ip, r_ip;
+    bpf_skb_load_bytes(skb, 12, &proto, 2);
+    proto = __bpf_ntohs(proto);
+    if (proto != ETH_P_IP)
+        return 0;
+    
+    if (ip_is_fragment(skb, nhoff))
+        return 0;
+
+    bpf_skb_load_bytes(skb, ETH_HLEN, &hdr_len, sizeof(hdr_len));
+    hdr_len &= 0x0f;
+    hdr_len *= 4;
+
+
+    bpf_skb_load_bytes(skb, nhoff + offsetof(struct iphdr, protocol), &ip_proto, 1);
+
+    if (ip_proto != IPPROTO_TCP)
+    {
+        return 0;
+    }
+
+    bpf_skb_load_bytes(skb, nhoff + offsetof(struct iphdr, saddr), &l_ip, 4);
+    bpf_skb_load_bytes(skb, nhoff + offsetof(struct iphdr, daddr), &r_ip, 4);
+
+    if (r_ip == targ_ip || l_ip == targ_ip) {
+
+        tcp_hdr_start = nhoff + hdr_len;
+        u8 tcp_flag;
+        bpf_skb_load_bytes(skb, tcp_hdr_start + offsetof(struct __tcphdr, ack_seq) + 5, &tcp_flag, sizeof(tcp_flag));
+    
+        u16 tcp_data_offset;
+        bpf_skb_load_bytes(skb, tcp_hdr_start + offsetof(struct __tcphdr, ack_seq) + 4, &tcp_data_offset, sizeof(tcp_data_offset));
+
+        tcp_data_offset = __bpf_ntohs(tcp_data_offset) >> 12;
+        tcp_data_offset *= 4;
+
+        u32 option_start = tcp_hdr_start + 20;
+        u32 option_end = tcp_hdr_start + tcp_data_offset;
+        int i = 0;
+        for (i = 0; i < 10; i++) {
+            u16 option_hdr;
+            bpf_skb_load_bytes(skb, option_start, &option_hdr, sizeof(option_hdr));
+            u8 length  = option_hdr>>8;
+            u8 kind  = option_hdr & 0xff;
+
+            if (kind == 1) {
+                option_start += 1;
+                goto END;
+            }
+
+            if (kind == TCP_OPTION_CODE) {
+                u16 magic;
+                u32 data;
+                
+                // Load magic number from TCP option header
+                bpf_skb_load_bytes(skb, option_start + 2, &magic, sizeof(magic));
+                magic = __bpf_ntohs(magic);
+                bpf_printk("####=> Socket TCP option magic: 0x%x", magic);
+
+                if (magic == TCP_OPTION_MAGIC) {
+                    // Load data from TCP option header
+                    bpf_skb_load_bytes(skb, option_start + 4, &data, sizeof(data));
+                    bpf_printk("####=> Socket TCP option data: %u", data);
+                }
+            }
+
+            option_start += length;
+            END:
+            if (option_start >= option_end) {
+                break;
+            }
+        }
+
+    }
+    return skb->len;
+}