Back to home page

OSCL-LXR
 
 

     

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 #ifndef _NET_FLOW_DISSECTOR_H
0003 #define _NET_FLOW_DISSECTOR_H
0004 
0005 #include <linux/types.h>
0006 #include <linux/in6.h>
0007 #include <linux/siphash.h>
0008 #include <linux/string.h>
0009 #include <uapi/linux/if_ether.h>
0010 
0011 struct bpf_prog;
0012 struct net;
0013 struct sk_buff;
0014 
0015 /**
0016  * struct flow_dissector_key_control:
0017  * @thoff: Transport header offset
0018  */
0019 struct flow_dissector_key_control {
0020     u16 thoff;
0021     u16 addr_type;
0022     u32 flags;
0023 };
0024 
0025 #define FLOW_DIS_IS_FRAGMENT    BIT(0)
0026 #define FLOW_DIS_FIRST_FRAG BIT(1)
0027 #define FLOW_DIS_ENCAPSULATION  BIT(2)
0028 
0029 enum flow_dissect_ret {
0030     FLOW_DISSECT_RET_OUT_GOOD,
0031     FLOW_DISSECT_RET_OUT_BAD,
0032     FLOW_DISSECT_RET_PROTO_AGAIN,
0033     FLOW_DISSECT_RET_IPPROTO_AGAIN,
0034     FLOW_DISSECT_RET_CONTINUE,
0035 };
0036 
0037 /**
0038  * struct flow_dissector_key_basic:
0039  * @n_proto: Network header protocol (eg. IPv4/IPv6)
0040  * @ip_proto: Transport header protocol (eg. TCP/UDP)
0041  */
0042 struct flow_dissector_key_basic {
0043     __be16  n_proto;
0044     u8  ip_proto;
0045     u8  padding;
0046 };
0047 
0048 struct flow_dissector_key_tags {
0049     u32 flow_label;
0050 };
0051 
0052 struct flow_dissector_key_vlan {
0053     union {
0054         struct {
0055             u16 vlan_id:12,
0056                 vlan_dei:1,
0057                 vlan_priority:3;
0058         };
0059         __be16  vlan_tci;
0060     };
0061     __be16  vlan_tpid;
0062     __be16  vlan_eth_type;
0063     u16 padding;
0064 };
0065 
0066 struct flow_dissector_mpls_lse {
0067     u32 mpls_ttl:8,
0068         mpls_bos:1,
0069         mpls_tc:3,
0070         mpls_label:20;
0071 };
0072 
0073 #define FLOW_DIS_MPLS_MAX 7
0074 struct flow_dissector_key_mpls {
0075     struct flow_dissector_mpls_lse ls[FLOW_DIS_MPLS_MAX]; /* Label Stack */
0076     u8 used_lses; /* One bit set for each Label Stack Entry in use */
0077 };
0078 
0079 static inline void dissector_set_mpls_lse(struct flow_dissector_key_mpls *mpls,
0080                       int lse_index)
0081 {
0082     mpls->used_lses |= 1 << lse_index;
0083 }
0084 
0085 #define FLOW_DIS_TUN_OPTS_MAX 255
0086 /**
0087  * struct flow_dissector_key_enc_opts:
0088  * @data: tunnel option data
0089  * @len: length of tunnel option data
0090  * @dst_opt_type: tunnel option type
0091  */
0092 struct flow_dissector_key_enc_opts {
0093     u8 data[FLOW_DIS_TUN_OPTS_MAX]; /* Using IP_TUNNEL_OPTS_MAX is desired
0094                      * here but seems difficult to #include
0095                      */
0096     u8 len;
0097     __be16 dst_opt_type;
0098 };
0099 
0100 struct flow_dissector_key_keyid {
0101     __be32  keyid;
0102 };
0103 
0104 /**
0105  * struct flow_dissector_key_ipv4_addrs:
0106  * @src: source ip address
0107  * @dst: destination ip address
0108  */
0109 struct flow_dissector_key_ipv4_addrs {
0110     /* (src,dst) must be grouped, in the same way than in IP header */
0111     __be32 src;
0112     __be32 dst;
0113 };
0114 
0115 /**
0116  * struct flow_dissector_key_ipv6_addrs:
0117  * @src: source ip address
0118  * @dst: destination ip address
0119  */
0120 struct flow_dissector_key_ipv6_addrs {
0121     /* (src,dst) must be grouped, in the same way than in IP header */
0122     struct in6_addr src;
0123     struct in6_addr dst;
0124 };
0125 
0126 /**
0127  * struct flow_dissector_key_tipc:
0128  * @key: source node address combined with selector
0129  */
0130 struct flow_dissector_key_tipc {
0131     __be32 key;
0132 };
0133 
0134 /**
0135  * struct flow_dissector_key_addrs:
0136  * @v4addrs: IPv4 addresses
0137  * @v6addrs: IPv6 addresses
0138  */
0139 struct flow_dissector_key_addrs {
0140     union {
0141         struct flow_dissector_key_ipv4_addrs v4addrs;
0142         struct flow_dissector_key_ipv6_addrs v6addrs;
0143         struct flow_dissector_key_tipc tipckey;
0144     };
0145 };
0146 
0147 /**
0148  * flow_dissector_key_arp:
0149  *  @ports: Operation, source and target addresses for an ARP header
0150  *              for Ethernet hardware addresses and IPv4 protocol addresses
0151  *      sip: Sender IP address
0152  *      tip: Target IP address
0153  *      op:  Operation
0154  *      sha: Sender hardware address
0155  *      tpa: Target hardware address
0156  */
0157 struct flow_dissector_key_arp {
0158     __u32 sip;
0159     __u32 tip;
0160     __u8 op;
0161     unsigned char sha[ETH_ALEN];
0162     unsigned char tha[ETH_ALEN];
0163 };
0164 
0165 /**
0166  * flow_dissector_key_tp_ports:
0167  *  @ports: port numbers of Transport header
0168  *      src: source port number
0169  *      dst: destination port number
0170  */
0171 struct flow_dissector_key_ports {
0172     union {
0173         __be32 ports;
0174         struct {
0175             __be16 src;
0176             __be16 dst;
0177         };
0178     };
0179 };
0180 
0181 /**
0182  * struct flow_dissector_key_ports_range
0183  * @tp: port number from packet
0184  * @tp_min: min port number in range
0185  * @tp_max: max port number in range
0186  */
0187 struct flow_dissector_key_ports_range {
0188     union {
0189         struct flow_dissector_key_ports tp;
0190         struct {
0191             struct flow_dissector_key_ports tp_min;
0192             struct flow_dissector_key_ports tp_max;
0193         };
0194     };
0195 };
0196 
0197 /**
0198  * flow_dissector_key_icmp:
0199  *      type: ICMP type
0200  *      code: ICMP code
0201  *      id:   session identifier
0202  */
0203 struct flow_dissector_key_icmp {
0204     struct {
0205         u8 type;
0206         u8 code;
0207     };
0208     u16 id;
0209 };
0210 
0211 /**
0212  * struct flow_dissector_key_eth_addrs:
0213  * @src: source Ethernet address
0214  * @dst: destination Ethernet address
0215  */
0216 struct flow_dissector_key_eth_addrs {
0217     /* (dst,src) must be grouped, in the same way than in ETH header */
0218     unsigned char dst[ETH_ALEN];
0219     unsigned char src[ETH_ALEN];
0220 };
0221 
0222 /**
0223  * struct flow_dissector_key_tcp:
0224  * @flags: flags
0225  */
0226 struct flow_dissector_key_tcp {
0227     __be16 flags;
0228 };
0229 
0230 /**
0231  * struct flow_dissector_key_ip:
0232  * @tos: tos
0233  * @ttl: ttl
0234  */
0235 struct flow_dissector_key_ip {
0236     __u8    tos;
0237     __u8    ttl;
0238 };
0239 
0240 /**
0241  * struct flow_dissector_key_meta:
0242  * @ingress_ifindex: ingress ifindex
0243  * @ingress_iftype: ingress interface type
0244  */
0245 struct flow_dissector_key_meta {
0246     int ingress_ifindex;
0247     u16 ingress_iftype;
0248 };
0249 
0250 /**
0251  * struct flow_dissector_key_ct:
0252  * @ct_state: conntrack state after converting with map
0253  * @ct_mark: conttrack mark
0254  * @ct_zone: conntrack zone
0255  * @ct_labels: conntrack labels
0256  */
0257 struct flow_dissector_key_ct {
0258     u16 ct_state;
0259     u16 ct_zone;
0260     u32 ct_mark;
0261     u32 ct_labels[4];
0262 };
0263 
0264 /**
0265  * struct flow_dissector_key_hash:
0266  * @hash: hash value
0267  */
0268 struct flow_dissector_key_hash {
0269     u32 hash;
0270 };
0271 
0272 /**
0273  * struct flow_dissector_key_num_of_vlans:
0274  * @num_of_vlans: num_of_vlans value
0275  */
0276 struct flow_dissector_key_num_of_vlans {
0277     u8 num_of_vlans;
0278 };
0279 
0280 /**
0281  * struct flow_dissector_key_pppoe:
0282  * @session_id: pppoe session id
0283  * @ppp_proto: ppp protocol
0284  * @type: pppoe eth type
0285  */
0286 struct flow_dissector_key_pppoe {
0287     __be16 session_id;
0288     __be16 ppp_proto;
0289     __be16 type;
0290 };
0291 
0292 enum flow_dissector_key_id {
0293     FLOW_DISSECTOR_KEY_CONTROL, /* struct flow_dissector_key_control */
0294     FLOW_DISSECTOR_KEY_BASIC, /* struct flow_dissector_key_basic */
0295     FLOW_DISSECTOR_KEY_IPV4_ADDRS, /* struct flow_dissector_key_ipv4_addrs */
0296     FLOW_DISSECTOR_KEY_IPV6_ADDRS, /* struct flow_dissector_key_ipv6_addrs */
0297     FLOW_DISSECTOR_KEY_PORTS, /* struct flow_dissector_key_ports */
0298     FLOW_DISSECTOR_KEY_PORTS_RANGE, /* struct flow_dissector_key_ports */
0299     FLOW_DISSECTOR_KEY_ICMP, /* struct flow_dissector_key_icmp */
0300     FLOW_DISSECTOR_KEY_ETH_ADDRS, /* struct flow_dissector_key_eth_addrs */
0301     FLOW_DISSECTOR_KEY_TIPC, /* struct flow_dissector_key_tipc */
0302     FLOW_DISSECTOR_KEY_ARP, /* struct flow_dissector_key_arp */
0303     FLOW_DISSECTOR_KEY_VLAN, /* struct flow_dissector_key_vlan */
0304     FLOW_DISSECTOR_KEY_FLOW_LABEL, /* struct flow_dissector_key_tags */
0305     FLOW_DISSECTOR_KEY_GRE_KEYID, /* struct flow_dissector_key_keyid */
0306     FLOW_DISSECTOR_KEY_MPLS_ENTROPY, /* struct flow_dissector_key_keyid */
0307     FLOW_DISSECTOR_KEY_ENC_KEYID, /* struct flow_dissector_key_keyid */
0308     FLOW_DISSECTOR_KEY_ENC_IPV4_ADDRS, /* struct flow_dissector_key_ipv4_addrs */
0309     FLOW_DISSECTOR_KEY_ENC_IPV6_ADDRS, /* struct flow_dissector_key_ipv6_addrs */
0310     FLOW_DISSECTOR_KEY_ENC_CONTROL, /* struct flow_dissector_key_control */
0311     FLOW_DISSECTOR_KEY_ENC_PORTS, /* struct flow_dissector_key_ports */
0312     FLOW_DISSECTOR_KEY_MPLS, /* struct flow_dissector_key_mpls */
0313     FLOW_DISSECTOR_KEY_TCP, /* struct flow_dissector_key_tcp */
0314     FLOW_DISSECTOR_KEY_IP, /* struct flow_dissector_key_ip */
0315     FLOW_DISSECTOR_KEY_CVLAN, /* struct flow_dissector_key_vlan */
0316     FLOW_DISSECTOR_KEY_ENC_IP, /* struct flow_dissector_key_ip */
0317     FLOW_DISSECTOR_KEY_ENC_OPTS, /* struct flow_dissector_key_enc_opts */
0318     FLOW_DISSECTOR_KEY_META, /* struct flow_dissector_key_meta */
0319     FLOW_DISSECTOR_KEY_CT, /* struct flow_dissector_key_ct */
0320     FLOW_DISSECTOR_KEY_HASH, /* struct flow_dissector_key_hash */
0321     FLOW_DISSECTOR_KEY_NUM_OF_VLANS, /* struct flow_dissector_key_num_of_vlans */
0322     FLOW_DISSECTOR_KEY_PPPOE, /* struct flow_dissector_key_pppoe */
0323 
0324     FLOW_DISSECTOR_KEY_MAX,
0325 };
0326 
0327 #define FLOW_DISSECTOR_F_PARSE_1ST_FRAG     BIT(0)
0328 #define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL BIT(1)
0329 #define FLOW_DISSECTOR_F_STOP_AT_ENCAP      BIT(2)
0330 #define FLOW_DISSECTOR_F_STOP_BEFORE_ENCAP  BIT(3)
0331 
0332 struct flow_dissector_key {
0333     enum flow_dissector_key_id key_id;
0334     size_t offset; /* offset of struct flow_dissector_key_*
0335               in target the struct */
0336 };
0337 
0338 struct flow_dissector {
0339     unsigned int used_keys; /* each bit repesents presence of one key id */
0340     unsigned short int offset[FLOW_DISSECTOR_KEY_MAX];
0341 };
0342 
0343 struct flow_keys_basic {
0344     struct flow_dissector_key_control control;
0345     struct flow_dissector_key_basic basic;
0346 };
0347 
0348 struct flow_keys {
0349     struct flow_dissector_key_control control;
0350 #define FLOW_KEYS_HASH_START_FIELD basic
0351     struct flow_dissector_key_basic basic __aligned(SIPHASH_ALIGNMENT);
0352     struct flow_dissector_key_tags tags;
0353     struct flow_dissector_key_vlan vlan;
0354     struct flow_dissector_key_vlan cvlan;
0355     struct flow_dissector_key_keyid keyid;
0356     struct flow_dissector_key_ports ports;
0357     struct flow_dissector_key_icmp icmp;
0358     /* 'addrs' must be the last member */
0359     struct flow_dissector_key_addrs addrs;
0360 };
0361 
0362 #define FLOW_KEYS_HASH_OFFSET       \
0363     offsetof(struct flow_keys, FLOW_KEYS_HASH_START_FIELD)
0364 
0365 __be32 flow_get_u32_src(const struct flow_keys *flow);
0366 __be32 flow_get_u32_dst(const struct flow_keys *flow);
0367 
0368 extern struct flow_dissector flow_keys_dissector;
0369 extern struct flow_dissector flow_keys_basic_dissector;
0370 
0371 /* struct flow_keys_digest:
0372  *
0373  * This structure is used to hold a digest of the full flow keys. This is a
0374  * larger "hash" of a flow to allow definitively matching specific flows where
0375  * the 32 bit skb->hash is not large enough. The size is limited to 16 bytes so
0376  * that it can be used in CB of skb (see sch_choke for an example).
0377  */
0378 #define FLOW_KEYS_DIGEST_LEN    16
0379 struct flow_keys_digest {
0380     u8  data[FLOW_KEYS_DIGEST_LEN];
0381 };
0382 
0383 void make_flow_keys_digest(struct flow_keys_digest *digest,
0384                const struct flow_keys *flow);
0385 
0386 static inline bool flow_keys_have_l4(const struct flow_keys *keys)
0387 {
0388     return (keys->ports.ports || keys->tags.flow_label);
0389 }
0390 
0391 u32 flow_hash_from_keys(struct flow_keys *keys);
0392 void skb_flow_get_icmp_tci(const struct sk_buff *skb,
0393                struct flow_dissector_key_icmp *key_icmp,
0394                const void *data, int thoff, int hlen);
0395 
0396 static inline bool dissector_uses_key(const struct flow_dissector *flow_dissector,
0397                       enum flow_dissector_key_id key_id)
0398 {
0399     return flow_dissector->used_keys & (1 << key_id);
0400 }
0401 
0402 static inline void *skb_flow_dissector_target(struct flow_dissector *flow_dissector,
0403                           enum flow_dissector_key_id key_id,
0404                           void *target_container)
0405 {
0406     return ((char *)target_container) + flow_dissector->offset[key_id];
0407 }
0408 
0409 struct bpf_flow_dissector {
0410     struct bpf_flow_keys    *flow_keys;
0411     const struct sk_buff    *skb;
0412     const void      *data;
0413     const void      *data_end;
0414 };
0415 
0416 static inline void
0417 flow_dissector_init_keys(struct flow_dissector_key_control *key_control,
0418              struct flow_dissector_key_basic *key_basic)
0419 {
0420     memset(key_control, 0, sizeof(*key_control));
0421     memset(key_basic, 0, sizeof(*key_basic));
0422 }
0423 
0424 #ifdef CONFIG_BPF_SYSCALL
0425 int flow_dissector_bpf_prog_attach_check(struct net *net,
0426                      struct bpf_prog *prog);
0427 #endif /* CONFIG_BPF_SYSCALL */
0428 
0429 #endif
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!