From 8c7cd343a4c44c3a5a87403318a44b1c7cf46ee2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= <maze@google.com>
Date: Mon, 18 Jan 2021 00:02:19 -0800
Subject: [PATCH] add a test xdp program that drops all IPv4/UDP packets
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Test: builds, boots, program present
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id5be48ec172366296929875856a3d17ecc87e84b
---
 Tethering/bpf_progs/test.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/Tethering/bpf_progs/test.c b/Tethering/bpf_progs/test.c
index b5be33f459..eeaaa62003 100644
--- a/Tethering/bpf_progs/test.c
+++ b/Tethering/bpf_progs/test.c
@@ -14,6 +14,10 @@
  * limitations under the License.
  */
 
+#include <linux/if_ether.h>
+#include <linux/in.h>
+#include <linux/ip.h>
+
 #include "bpf_helpers.h"
 #include "bpf_net_helpers.h"
 #include "netdbpf/bpf_shared.h"
@@ -22,4 +26,22 @@
 DEFINE_BPF_MAP_GRW(tether_ingress_map, HASH, TetherIngressKey, TetherIngressValue, 16,
                    AID_NETWORK_STACK)
 
+DEFINE_BPF_PROG_KVER("xdp/drop_ipv4_udp_ether", AID_ROOT, AID_ROOT,
+                      xdp_test, KVER(5, 9, 0))
+(struct xdp_md *ctx) {
+    void *data = (void *)(long)ctx->data;
+    void *data_end = (void *)(long)ctx->data_end;
+
+    struct ethhdr *eth = data;
+    int hsize = sizeof(*eth);
+
+    struct iphdr *ip = data + hsize;
+    hsize += sizeof(struct iphdr);
+
+    if (data + hsize > data_end) return XDP_PASS;
+    if (eth->h_proto != htons(ETH_P_IP)) return XDP_PASS;
+    if (ip->protocol == IPPROTO_UDP) return XDP_DROP;
+    return XDP_PASS;
+}
+
 LICENSE("Apache 2.0");