cilium.db

{"gitRepoUrl": "https://github.com/cilium/cilium.git", "commitId": "8f606bafb696076609a01f88204d895576043950", "humanFuncDescription": [{"filePath": "bpf/bpf_alignchecker.c", "funcName": "main", "startLine": 44, "endLine": 99, "description": " Print and debug all the existing variables (especially fast path  sections that printk is not appropriate for) ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "main", "startLine": 152, "endLine": 194, "description": " Main function of above functions, initialize the cpu and deal with the  jiffies  accordingly  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_network.c", "funcName": "from_network", "startLine": 15, "endLine": 88, "description": " Initialize the ctx buffer, passing protocols to the stack according to the imput packets (ESP packets coming from network; Non-ESP packets coming from network; Non-ESP packets coming from stack re-inserted by xfrm) ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "handle_ipv6", "startLine": 46, "endLine": 180, "description": " The main goal of handle_ipv6 is to check the different condition including  if nodeport, IPSEC is enabled and if the pulling data or decrypting gets error.  Then make different action to handle according situatoins to convert the IPV6 to a virtual  network which points to overlay. The first step is to verify the background by  using revalidate_data_pull and the pointer ctx (maybe the starting point of a protocol?).  Ret should be the new address of this IPV6 sector. If nodeport is not activated,  ret is set by encap_remap_v6_host address.Then check if the net is decrypted by using mark. Identity is equal to identity of ctx if the net is decrypted, but tunnel id if not. Check if the ID is equal to host_ID since any node encapsulating will map any HOST_ID source to be presented as REMOTE_NODE_ID, therefore any attempt to signal HOST_ID as source from a remote node can be dropped.After that, check esp protocol,ESPis a member of the Internet Protocol Security set of protocols that encrypt and authenticate the packets of data between computers using a Virtual Private Network. If ESP is activated, we set mark for the ID and change the type of ctx to packet_host to pass it up.If Esp is not activated, we look up the IPV6 address in list of local endpoints. If the endpoints reach the host, we go to the host  and set the ret, else we find the next headerlength and return that. ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "tail_handle_ipv6", "startLine": 183, "endLine": 192, "description": " This function is to handle the tail of a protocol and check it it has any error for ipv6 ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_handle_ipv6", "startLine": 697, "endLine": 705, "description": " Count ipv6 tail calls ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "handle_ipv4", "startLine": 196, "endLine": 333, "description": " This function is similar to handle_ipv6 to handle ipv4 packet. The main goal of it is to check the different condition including  if nodeport, IPSEC is enabled and if the pulling data or decrypting gets error.  Then make different action to handle according situatoins to convert the IPV6 to a virtual  network which points to overlay. IPV4 fragmentation check is added. ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "tail_handle_ipv4", "startLine": 336, "endLine": 345, "description": " check if there is error about the tail of ipv4 packet. ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_handle_ipv4", "startLine": 1259, "endLine": 1267, "description": " Count ipv4 tail call. Helper function for handling ipv4 traffic ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "tail_handle_arp", "startLine": 353, "endLine": 395, "description": " Handle the tail for ARP requests from VTEP. Check different occasions including tunnel_key geting, arp validating, and if endpoint of tunnel is reached. ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_handle_arp", "startLine": 1275, "endLine": 1300, "description": " Validate ARP requests. Send unknown and LXC endpoint ARP requests to linux kernel stack.  Send response for all other ARP requests. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "is_esp", "startLine": 401, "endLine": 428, "description": " The built in function to check if esp protocol is used and if pulling data have error. ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "from_overlay", "startLine": 435, "endLine": 527, "description": " handle different possible packets come to the program. First check if it is esp protocol, then check the decrypted or not and get the identity from the metadata.  ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_overlay.c", "funcName": "to_overlay", "startLine": 533, "endLine": 568, "description": " TO BE ADDED  ", "author": "Yichen Wang", "authorEmail": "wyichen@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "redirect_to_proxy", "startLine": 157, "endLine": 162, "description": " check if the proxy is able to be redirected, and redirect the proxy, store in status. Return true if successful. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_sockops.c", "funcName": "redirect_to_proxy", "startLine": 50, "endLine": 53, "description": " check if verdict is larger than 0  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "encode_custom_prog_meta", "startLine": 174, "endLine": 189, "description": " encode meta data (return value and identity), and store it into ctx buffer ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "handle_ipv6_from_lxc", "startLine": 214, "endLine": 581, "description": " Handling egress ipv6 traffic by  a) lookup the destination_id. For encrypted and tunneled traffic b) tunnel endpoint, and c) encryption key as well. Also mark the traffic if it has a remote endpoint destination. Restore ct_state from per packet lb handling in the previous tail call. Enable the per pecket load balancer, swap the address by CT_lookup and establish the connection. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_handle_ipv6_cont", "startLine": 584, "endLine": 603, "description": " Count ipv6 tail calls ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "__tail_handle_ipv6", "startLine": 609, "endLine": 694, "description": " Handle tail messages. Check if it is not special ICMPv6 messages such as echo requests, neighbour advertisement, then check if the destination address is among the address that should be  load balanced. Then store information to ctx for continuous tail call. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "handle_ipv4_from_lxc", "startLine": 728, "endLine": 1157, "description": " Handling egress ipv4 traffic. Mark the traffic if it has a remote endpoint destination. Restore ct_state from per packet lb handling in the previous tail call. Enable the per pecket load balancer, swap the address by CT_lookup and establish the connection. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_handle_ipv4_cont", "startLine": 1160, "endLine": 1179, "description": " Count ipv4 tail call. Helper function for handling ipv4 traffic ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "__tail_handle_ipv4", "startLine": 1185, "endLine": 1256, "description": " helper function to handle ipv4 tail call ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "handle_xgress", "startLine": 1308, "endLine": 1358, "description": " Use previous exgress ipv6/v4 traffic handler to handle exgress traffic. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "ipv6_policy", "startLine": 1361, "endLine": 1536, "description": " Check if the packet is ingress or exgress traffic, redirect the traffic if necessary. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_ipv6_policy", "startLine": 1540, "endLine": 1581, "description": " Identify ipv6 tail call, store data to ctx. Skip tail call when packet is being redirected to a L7 proxy. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_ipv6_to_endpoint", "startLine": 1584, "endLine": 1659, "description": " delivery ipv6 tail call to endpoint, skip if it is send to L7 proxy ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "ipv4_policy", "startLine": 1671, "endLine": 1879, "description": " Identify ipv4 message and store its meta data to ctx. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_ipv4_policy", "startLine": 1883, "endLine": 1924, "description": " Redirect ipv4 tail call, skip tail calls when packet is being redirected to L7 proxy. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "tail_ipv4_to_endpoint", "startLine": 1927, "endLine": 2001, "description": " Send ipv4 tail call to its enpoint. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "handle_policy", "startLine": 2024, "endLine": 2061, "description": " Identify if the traffic is ipv6/v4, handle policy using previous helper function. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "handle_policy_egress", "startLine": 2072, "endLine": 2113, "description": " Handle egress traffic  ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/bpf_lxc.c", "funcName": "handle_to_container", "startLine": 2120, "endLine": 2195, "description": " handle ingress policy by checking it's source and destination stored in ctx buffer. Check identity and drop the unsupported and tail calls. ", "author": "Yihe Bi", "authorEmail": "ybi@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "pin_to_cpu", "startLine": 30, "endLine": 38, "description": " clear CPU and reset a specific CPU in the set, then sets the CPU affinity mask of the thread ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "fix_priority", "startLine": 40, "endLine": 47, "description": " reset the maxmium for the scheduling policy specified by policy  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "timer_list_open", "startLine": 49, "endLine": 52, "description": " read the timer_list file ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "timer_list_close", "startLine": 54, "endLine": 57, "description": " close file ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "prep_kern_jiffies", "startLine": 59, "endLine": 92, "description": " allocate the CPU jiffies with error check (*) ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "fetch_kern_jiffies", "startLine": 94, "endLine": 113, "description": " fetch the CPU jiffies to fit the cpus set in current cpu parameter ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/cilium-probe-kernel-hz.c", "funcName": "dump_kern_jiffies", "startLine": 115, "endLine": 150, "description": " decrease the fixed jiffies from the result jiffies, reset fixed jiffies to the closest kernel_hz stop when any fixed_jiffies isn't constant with the first one. With a macro bool for debugging  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_sockops.c", "funcName": "sk_extract4_key", "startLine": 26, "endLine": 40, "description": " set the sport and dport of the input key with 32 bits local port and remote port (ip4)  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_sockops.c", "funcName": "sk_lb4_key", "startLine": 42, "endLine": 48, "description": " copy address and dport of lb4 from socket key ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_sockops.c", "funcName": "bpf_sock_ops_ipv4", "startLine": 55, "endLine": 118, "description": " update the destination and source port, ip to the skops with respect to whther  the packet is redirect to proxy port (or we say whether verdict is larger than 0) ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_sockops.c", "funcName": "bpf_sock_ops_ipv6", "startLine": 122, "endLine": 126, "description": " update the destination and source port, ip to the skops with respect to whther  the packet is redirect to proxy port (or we say whether verdict is larger than 0) same as bpf_sock_ops_ipv4 but adapt for ipv6 ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_sockops.c", "funcName": "bpf_sockmap", "startLine": 130, "endLine": 154, "description": " calling bpf_sock_ops_ipv4 or bpf_sock_ops_ipv6 according to the family ip version  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_redir.c", "funcName": "sk_msg_extract4_key", "startLine": 25, "endLine": 39, "description": " set the sport and dport of the input key with 32 bits local port and remote port (ip4)  ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}, {"filePath": "bpf/sockops/bpf_redir.c", "funcName": "bpf_redir_proxy", "startLine": 42, "endLine": 67, "description": " Store infomations about destination id, dport and sport ip4 into message, flag set to be BPF_F_INGRESS ", "author": "Shun Zhang", "authorEmail": "shunz@bu.edu", "date": "2023-02-24"}]}