From 7aad3a9474d76aef3554db81808ad49c21bbf7cf Mon Sep 17 00:00:00 2001
From: /gray <greyschwinger@gmail.com>
Date: Sat, 30 Mar 2024 14:34:15 +0800
Subject: [PATCH 1/2] chore: bump submodule dae_bpf_headers (#487)

---
 common/consts/ebpf.go |  1 +
 control/kern/headers  |  2 +-
 docs/en/README.md     |  4 ++++
 docs/zh/README.md     |  4 ++++
 trace/kern/headers    |  2 +-
 trace/kern/trace.c    |  2 +-
 trace/trace.go        | 11 +++++++++++
 7 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/common/consts/ebpf.go b/common/consts/ebpf.go
index 7b04dad96..420632d16 100644
--- a/common/consts/ebpf.go
+++ b/common/consts/ebpf.go
@@ -154,6 +154,7 @@ var (
 	ChecksumFeatureVersion                    = internal.Version{5, 8, 0}
 	ProgTypeSkLookupFeatureVersion            = internal.Version{5, 9, 0}
 	UserspaceBatchUpdateLpmTrieFeatureVersion = internal.Version{5, 13, 0}
+	HelperBpfGetFuncIpVersionFeatureVersion   = internal.Version{5, 15, 0}
 )
 
 const (
diff --git a/control/kern/headers b/control/kern/headers
index e4da1c960..79f0a7618 160000
--- a/control/kern/headers
+++ b/control/kern/headers
@@ -1 +1 @@
-Subproject commit e4da1c9601e1c3797d02c481a462b66588477495
+Subproject commit 79f0a7618571882eb5d8243909267e27e34c8290
diff --git a/docs/en/README.md b/docs/en/README.md
index 44cde1b36..a59d9c247 100644
--- a/docs/en/README.md
+++ b/docs/en/README.md
@@ -27,6 +27,10 @@ This feature requires kernel version of the machine >= 5.8.
 
 Note that if you bind dae to WAN only, dae only provide network service for local programs and not impact traffic coming in from other interfaces.
 
+`Use trace command`
+
+If you want to use `dae trace` command to triage network connectivity issue, the kernel version is required to be >= 5.15.
+
 ## Kernel Configurations
 
 Usually, mainstream desktop distributions have these items turned on. But in order to reduce kernel size, some items are turned off by default on embedded device distributions like OpenWRT, Armbian, etc.
diff --git a/docs/zh/README.md b/docs/zh/README.md
index 8c7eca4df..7fbc82fcf 100644
--- a/docs/zh/README.md
+++ b/docs/zh/README.md
@@ -25,6 +25,10 @@
 
 如果你只在 `wan_interface` 中填写了接口或 `auto`，而未在 `lan_interface` 中填写内容，那么从局域网中传来的流量将无法被代理。如果你想同时代理本机和局域网流量，请同时填写 `wan_interface` 和 `lan_interface`。
 
+`使用 trace 命令`
+
+如果你想用 `dae trace` 命令来诊断网络连通性问题，所在的设备内核版本要求 >= 5.15 。
+
 ## 内核配置选项
 
 通常，主流桌面发行版都会打开这些选项。但是为了减小内核大小，在嵌入式设备发行版（如 OpenWRT、Armbian 等）上这些选项可能处于关闭状态。使用以下命令在你的设备上显示内核配置选项：
diff --git a/trace/kern/headers b/trace/kern/headers
index e4da1c960..79f0a7618 160000
--- a/trace/kern/headers
+++ b/trace/kern/headers
@@ -1 +1 @@
-Subproject commit e4da1c9601e1c3797d02c481a462b66588477495
+Subproject commit 79f0a7618571882eb5d8243909267e27e34c8290
diff --git a/trace/kern/trace.c b/trace/kern/trace.c
index bff1d337d..611074f29 100644
--- a/trace/kern/trace.c
+++ b/trace/kern/trace.c
@@ -132,7 +132,7 @@ filter_l3_and_l4(struct sk_buff *skb)
 static __always_inline void
 set_meta(struct meta *meta, struct sk_buff *skb, struct pt_regs *ctx)
 {
-	meta->pc = BPF_CORE_READ(ctx, ip);
+	meta->pc = bpf_get_func_ip(ctx);
 	meta->skb = (__u64)skb;
 	meta->second_param = PT_REGS_PARM2(ctx);
 	meta->mark = BPF_CORE_READ(skb, mark);
diff --git a/trace/trace.go b/trace/trace.go
index 2ee3da23e..a1d6eaf37 100644
--- a/trace/trace.go
+++ b/trace/trace.go
@@ -20,6 +20,8 @@ import (
 	"github.com/cilium/ebpf/btf"
 	"github.com/cilium/ebpf/link"
 	"github.com/cilium/ebpf/ringbuf"
+	"github.com/daeuniverse/dae/common/consts"
+	internal "github.com/daeuniverse/dae/pkg/ebpf_internal"
 	"github.com/sirupsen/logrus"
 )
 
@@ -42,6 +44,15 @@ func init() {
 }
 
 func StartTrace(ctx context.Context, ipVersion int, l4ProtoNo uint16, port int, outputFile string) (err error) {
+	kernelVersion, err := internal.KernelVersion()
+	if err != nil {
+		return fmt.Errorf("failed to get kernel version: %w", err)
+	}
+	if requirement := consts.HelperBpfGetFuncIpVersionFeatureVersion; kernelVersion.Less(requirement) {
+		return fmt.Errorf("your kernel version %v does not support bpf_get_func_ip; expect >=%v; upgrade your kernel and try again",
+			kernelVersion.String(),
+			requirement.String())
+	}
 	objs, err := rewriteAndLoadBpf(ipVersion, l4ProtoNo, port)
 	if err != nil {
 		return

From 36fa05b10593d9b825f74475635ade8d2a175983 Mon Sep 17 00:00:00 2001
From: /gray <greyschwinger@gmail.com>
Date: Sat, 30 Mar 2024 20:59:58 +0800
Subject: [PATCH 2/2] fix(bpf): revert using bpf_redirect_peer (#480)

---
 control/kern/tproxy.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/control/kern/tproxy.c b/control/kern/tproxy.c
index 4c3a3efb2..93afd68ee 100644
--- a/control/kern/tproxy.c
+++ b/control/kern/tproxy.c
@@ -1062,7 +1062,7 @@ int tproxy_lan_ingress(struct __sk_buff *skb)
 	// Assign to control plane.
 control_plane:
 	prep_redirect_to_control_plane(skb, link_h_len, &tuples, l4proto, &ethh, 0, &tcph);
-	return bpf_redirect_peer(PARAM.dae0_ifindex, 0);
+	return bpf_redirect(PARAM.dae0_ifindex, 0);
 
 direct:
 	return TC_ACT_OK;