admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2026-01-30 19:13:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Payload increased length now being correctly recognized, but still cannot write to it yet.

Browse Source
This commit is contained in:
h3xduck
2021-11-25 06:36:32 -05:00
parent 442f955cf5
commit 253c302695
6 changed files with 641 additions and 421 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/include/xdp/xdp_helper.h
View File

@@ -12,9 +12,9 @@ static struct expand_return{
struct xdp_md ret_md;
void *data;
void *data_end;
struct ethhdr eth;
struct iphdr ip;
struct tcphdr tcp;
struct ethhdr *eth;
struct iphdr *ip;
struct tcphdr *tcp;
}expand_return;
/**
@@ -32,7 +32,7 @@ static __always_inline struct expand_return expand_tcp_packet_payload(struct xdp
struct ethhdr eth_copy;
struct iphdr ip_copy;
struct tcphdr tcp_copy;
struct expand_return ret;
//Copy the header for later before expanding ctx
@@ -48,14 +48,42 @@ static __always_inline struct expand_return expand_tcp_packet_payload(struct xdp
return ret;
}
//We must check bounds again, otherwise the verifier gets angry
ret.eth = (void*)(long)ctx->data;
ret.ip = (void *)ret.eth + sizeof(struct ethhdr);
ret.tcp = (void *)ret.ip + sizeof(struct iphdr);
void* data = (void*)(long)ctx->data;
void* data_end = (void*)(long)ctx->data_end;
if(ethernet_header_bound_check(ret.eth, data_end)<0){
bpf_printk("Bound check A failed while expanding\n");
ret.code = -1;//The rest is undefined
return ret;
}
if (ip_header_bound_check(ret.ip, data_end)<0){
bpf_printk("Bound check B failed while expanding\n");
ret.code = -1;//The rest is undefined
return ret;
}
if (tcp_header_bound_check(ret.tcp, data_end)){
bpf_printk("Bound check C failed while expanding\n");
ret.code = -1;//The rest is undefined
return ret;
}
//We now have to readjust the packet headers, checksums have changed
//Note that we do not care about ctx->data_meta or any other extra field
//since we will not be using any communication here
__builtin_memcpy(&(ret.eth), &eth_copy, sizeof(struct ethhdr));
__builtin_memcpy(&(ret.ip), &ip_copy, sizeof(struct iphdr));
__builtin_memcpy(&(ret.tcp), &tcp_copy, sizeof(struct tcphdr));
__builtin_memcpy((ret.eth), &eth_copy, sizeof(struct ethhdr));
__builtin_memcpy((ret.ip), &ip_copy, sizeof(struct iphdr));
__builtin_memcpy((ret.tcp), &tcp_copy, sizeof(struct tcphdr));
//We modify the fields we care about of the headers
bpf_printk("before: %i\n", ret.ip->tot_len);
ret.ip->tot_len = htons(ntohs(ret.ip->tot_len) + more_bytes);
bpf_printk("after: %i\n", ret.ip->tot_len);
ret.ret_md = *ctx;
ret.code = 0;
ret.data = (void *)(long)ctx->data;