af-packet: hide all ebpf/bypass logic behind guards

Leave no runtime checks for bypass/ebpf/xdp if not compiled in.
3 years ago · 5e05fedc90
parent e63db9d1d2
commit 5e05fedc90
1 changed files with 12 additions and 20 deletions
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@ -248,8 +248,10 @@ union thdr {
    void *raw;
 };

+#ifdef HAVE_PACKET_EBPF
 static int AFPBypassCallback(Packet *p);
 static int AFPXDPBypassCallback(Packet *p);
+#endif

 #define MAX_MAPS 32
 /**
@ -315,8 +317,6 @@ typedef struct AFPThreadVars_
    int buffer_size;
    /* Filter */
    const char *bpf_filter;
-    int ebpf_lb_fd;
-    int ebpf_filter_fd;

    int promisc;

@ -342,9 +342,10 @@ typedef struct AFPThreadVars_
    unsigned int ring_buflen;
    uint8_t *ring_buf;

-    uint8_t xdp_mode;
-
 #ifdef HAVE_PACKET_EBPF
+    uint8_t xdp_mode;
+    int ebpf_lb_fd;
+    int ebpf_filter_fd;
    struct ebpf_timeout_config ebpf_t_config;
 #endif

@ -673,22 +674,20 @@ static int AFPRead(AFPThreadVars *ptv)
        SCReturnInt(AFP_SURI_FAILURE);
    }
    PKT_SET_SRC(p, PKT_SRC_WIRE);
+#ifdef HAVE_PACKET_EBPF
    if (ptv->flags & AFP_BYPASS) {
        p->BypassPacketsFlow = AFPBypassCallback;
-#ifdef HAVE_PACKET_EBPF
        p->afp_v.v4_map_fd = ptv->v4_map_fd;
        p->afp_v.v6_map_fd = ptv->v6_map_fd;
        p->afp_v.nr_cpus = ptv->ebpf_t_config.cpus_count;
-#endif
    }
    if (ptv->flags & AFP_XDPBYPASS) {
        p->BypassPacketsFlow = AFPXDPBypassCallback;
-#ifdef HAVE_PACKET_EBPF
        p->afp_v.v4_map_fd = ptv->v4_map_fd;
        p->afp_v.v6_map_fd = ptv->v6_map_fd;
        p->afp_v.nr_cpus = ptv->ebpf_t_config.cpus_count;
-#endif
    }
+#endif

    /* get timestamp of packet via ioctl */
    if (ioctl(ptv->socket, SIOCGSTAMP, &p->ts) == -1) {
@ -902,22 +901,20 @@ static inline int AFPSuriFailure(AFPThreadVars *ptv, union thdr h)

 static inline void AFPReadApplyBypass(const AFPThreadVars *ptv, Packet *p)
 {
+#ifdef HAVE_PACKET_EBPF
    if (ptv->flags & AFP_BYPASS) {
        p->BypassPacketsFlow = AFPBypassCallback;
-#ifdef HAVE_PACKET_EBPF
        p->afp_v.v4_map_fd = ptv->v4_map_fd;
        p->afp_v.v6_map_fd = ptv->v6_map_fd;
        p->afp_v.nr_cpus = ptv->ebpf_t_config.cpus_count;
-#endif
    }
    if (ptv->flags & AFP_XDPBYPASS) {
        p->BypassPacketsFlow = AFPXDPBypassCallback;
-#ifdef HAVE_PACKET_EBPF
        p->afp_v.v4_map_fd = ptv->v4_map_fd;
        p->afp_v.v6_map_fd = ptv->v6_map_fd;
        p->afp_v.nr_cpus = ptv->ebpf_t_config.cpus_count;
-#endif
    }
+#endif
 }

 /** \internal
@ -2395,8 +2392,6 @@ static int AFPSetFlowStorage(Packet *p, int map_fd, void *key0, void* key1,
    return 1;
 }

-#endif
-
 /**
 * Bypass function for AF_PACKET capture in eBPF mode
 *
@ -2413,7 +2408,6 @@ static int AFPSetFlowStorage(Packet *p, int map_fd, void *key0, void* key1,
 */
 static int AFPBypassCallback(Packet *p)
 {
-#ifdef HAVE_PACKET_EBPF
    SCLogDebug("Calling af_packet callback function");
    /* Only bypass TCP and UDP */
    if (!(PKT_IS_TCP(p) || PKT_IS_UDP(p))) {
@ -2549,7 +2543,6 @@ static int AFPBypassCallback(Packet *p)
            EBPFUpdateFlow(p->flow, p, NULL);
        return AFPSetFlowStorage(p, p->afp_v.v6_map_fd, keys[0], keys[1], AF_INET6);
    }
-#endif
    return 0;
 }

@ -2566,7 +2559,6 @@ static int AFPBypassCallback(Packet *p)
 */
 static int AFPXDPBypassCallback(Packet *p)
 {
-#ifdef HAVE_PACKET_XDP
    SCLogDebug("Calling af_packet callback function");
    /* Only bypass TCP and UDP */
    if (!(PKT_IS_TCP(p) || PKT_IS_UDP(p))) {
@ -2698,14 +2690,14 @@ static int AFPXDPBypassCallback(Packet *p)
        }
        return AFPSetFlowStorage(p, p->afp_v.v6_map_fd, keys[0], keys[1], AF_INET6);
    }
-#endif
    return 0;
 }

-
 bool g_flowv4_ok = true;
 bool g_flowv6_ok = true;

+#endif /* HAVE_PACKET_EBPF */
+
 /**
 * \brief Init function for ReceiveAFP.
 *
@ -2770,10 +2762,10 @@ TmEcode ReceiveAFPThreadInit(ThreadVars *tv, const void *initdata, void **data)
    if (afpconfig->bpf_filter) {
        ptv->bpf_filter = afpconfig->bpf_filter;
    }
+#ifdef HAVE_PACKET_EBPF
    ptv->ebpf_lb_fd = afpconfig->ebpf_lb_fd;
    ptv->ebpf_filter_fd = afpconfig->ebpf_filter_fd;
    ptv->xdp_mode = afpconfig->xdp_mode;
-#ifdef HAVE_PACKET_EBPF
    ptv->ebpf_t_config.cpus_count = UtilCpuGetNumProcessorsConfigured();

    if (ptv->flags & (AFP_BYPASS|AFP_XDPBYPASS)) {