flow_dissector.h source code [linux/include/net/flow_dissector.h]

1	/ SPDX-License-Identifier: GPL-2.0 /
2	#ifndef _NET_FLOW_DISSECTOR_H
3	#define _NET_FLOW_DISSECTOR_H
4
5	#include <linux/types.h>
6	#include <linux/in6.h>
7	#include <linux/siphash.h>
8	#include <linux/string.h>
9	#include <uapi/linux/if_ether.h>
10
11	struct bpf_prog;
12	struct net;
13	struct sk_buff;
14
15	/**
16	* struct flow_dissector_key_control:
17	* @thoff: Transport header offset
18	*/
19	struct flow_dissector_key_control {
20	u16 thoff;
21	u16 addr_type;
22	u32 flags;
23	};
24
25	#define FLOW_DIS_IS_FRAGMENT BIT(0)
26	#define FLOW_DIS_FIRST_FRAG BIT(1)
27	#define FLOW_DIS_ENCAPSULATION BIT(2)
28
29	enum flow_dissect_ret {
30	FLOW_DISSECT_RET_OUT_GOOD,
31	FLOW_DISSECT_RET_OUT_BAD,
32	FLOW_DISSECT_RET_PROTO_AGAIN,
33	FLOW_DISSECT_RET_IPPROTO_AGAIN,
34	FLOW_DISSECT_RET_CONTINUE,
35	};
36
37	/**
38	* struct flow_dissector_key_basic:
39	* @n_proto: Network header protocol (eg. IPv4/IPv6)
40	* @ip_proto: Transport header protocol (eg. TCP/UDP)
41	*/
42	struct flow_dissector_key_basic {
43	__be16 n_proto;
44	u8 ip_proto;
45	u8 padding;
46	};
47
48	struct flow_dissector_key_tags {
49	u32 flow_label;
50	};
51
52	struct flow_dissector_key_vlan {
53	union {
54	struct {
55	u16 vlan_id:`12`,
56	vlan_dei:`1`,
57	vlan_priority:`3`;
58	};
59	__be16 vlan_tci;
60	};
61	__be16 vlan_tpid;
62	__be16 vlan_eth_type;
63	u16 padding;
64	};
65
66	struct flow_dissector_mpls_lse {
67	u32 mpls_ttl:`8`,
68	mpls_bos:`1`,
69	mpls_tc:`3`,
70	mpls_label:`20`;
71	};
72
73	#define FLOW_DIS_MPLS_MAX 7
74	struct flow_dissector_key_mpls {
75	struct flow_dissector_mpls_lse ls[FLOW_DIS_MPLS_MAX]; / Label Stack /
76	u8 used_lses; / One bit set for each Label Stack Entry in use /
77	};
78
79	static inline void dissector_set_mpls_lse(struct flow_dissector_key_mpls *mpls,
80	int lse_index)
81	{
82	mpls->used_lses \|= `1` << lse_index;
83	}
84
85	#define FLOW_DIS_TUN_OPTS_MAX 255
86	/**
87	* struct flow_dissector_key_enc_opts:
88	* @data: tunnel option data
89	* @len: length of tunnel option data
90	* @dst_opt_type: tunnel option type
91	*/
92	struct flow_dissector_key_enc_opts {
93	u8 data[FLOW_DIS_TUN_OPTS_MAX]; / Using IP_TUNNEL_OPTS_MAX is desired*
94	* here but seems difficult to #include
95	*/
96	u8 len;
97	__be16 dst_opt_type;
98	};
99
100	struct flow_dissector_key_keyid {
101	__be32 keyid;
102	};
103
104	/**
105	* struct flow_dissector_key_ipv4_addrs:
106	* @src: source ip address
107	* @dst: destination ip address
108	*/
109	struct flow_dissector_key_ipv4_addrs {
110	/ (src,dst) must be grouped, in the same way than in IP header /
111	__be32 src;
112	__be32 dst;
113	};
114
115	/**
116	* struct flow_dissector_key_ipv6_addrs:
117	* @src: source ip address
118	* @dst: destination ip address
119	*/
120	struct flow_dissector_key_ipv6_addrs {
121	/ (src,dst) must be grouped, in the same way than in IP header /
122	struct in6_addr src;
123	struct in6_addr dst;
124	};
125
126	/**
127	* struct flow_dissector_key_tipc:
128	* @key: source node address combined with selector
129	*/
130	struct flow_dissector_key_tipc {
131	__be32 key;
132	};
133
134	/**
135	* struct flow_dissector_key_addrs:
136	* @v4addrs: IPv4 addresses
137	* @v6addrs: IPv6 addresses
138	*/
139	struct flow_dissector_key_addrs {
140	union {
141	struct flow_dissector_key_ipv4_addrs v4addrs;
142	struct flow_dissector_key_ipv6_addrs v6addrs;
143	struct flow_dissector_key_tipc tipckey;
144	};
145	};
146
147	/**
148	* flow_dissector_key_arp:
149	* @ports: Operation, source and target addresses for an ARP header
150	* for Ethernet hardware addresses and IPv4 protocol addresses
151	* sip: Sender IP address
152	* tip: Target IP address
153	* op: Operation
154	* sha: Sender hardware address
155	* tpa: Target hardware address
156	*/
157	struct flow_dissector_key_arp {
158	__u32 sip;
159	__u32 tip;
160	__u8 op;
161	unsigned char sha[ETH_ALEN];
162	unsigned char tha[ETH_ALEN];
163	};
164
165	/**
166	* flow_dissector_key_tp_ports:
167	* @ports: port numbers of Transport header
168	* src: source port number
169	* dst: destination port number
170	*/
171	struct flow_dissector_key_ports {
172	union {
173	__be32 ports;
174	struct {
175	__be16 src;
176	__be16 dst;
177	};
178	};
179	};
180
181	/**
182	* struct flow_dissector_key_ports_range
183	* @tp: port number from packet
184	* @tp_min: min port number in range
185	* @tp_max: max port number in range
186	*/
187	struct flow_dissector_key_ports_range {
188	union {
189	struct flow_dissector_key_ports tp;
190	struct {
191	struct flow_dissector_key_ports tp_min;
192	struct flow_dissector_key_ports tp_max;
193	};
194	};
195	};
196
197	/**
198	* flow_dissector_key_icmp:
199	* type: ICMP type
200	* code: ICMP code
201	* id: session identifier
202	*/
203	struct flow_dissector_key_icmp {
204	struct {
205	u8 type;
206	u8 code;
207	};
208	u16 id;
209	};
210
211	/**
212	* struct flow_dissector_key_eth_addrs:
213	* @src: source Ethernet address
214	* @dst: destination Ethernet address
215	*/
216	struct flow_dissector_key_eth_addrs {
217	/ (dst,src) must be grouped, in the same way than in ETH header /
218	unsigned char dst[ETH_ALEN];
219	unsigned char src[ETH_ALEN];
220	};
221
222	/**
223	* struct flow_dissector_key_tcp:
224	* @flags: flags
225	*/
226	struct flow_dissector_key_tcp {
227	__be16 flags;
228	};
229
230	/**
231	* struct flow_dissector_key_ip:
232	* @tos: tos
233	* @ttl: ttl
234	*/
235	struct flow_dissector_key_ip {
236	__u8 tos;
237	__u8 ttl;
238	};
239
240	/**
241	* struct flow_dissector_key_meta:
242	* @ingress_ifindex: ingress ifindex
243	* @ingress_iftype: ingress interface type
244	*/
245	struct flow_dissector_key_meta {
246	int ingress_ifindex;
247	u16 ingress_iftype;
248	};
249
250	/**
251	* struct flow_dissector_key_ct:
252	* @ct_state: conntrack state after converting with map
253	* @ct_mark: conttrack mark
254	* @ct_zone: conntrack zone
255	* @ct_labels: conntrack labels
256	*/
257	struct flow_dissector_key_ct {
258	u16 ct_state;
259	u16 ct_zone;
260	u32 ct_mark;
261	u32 ct_labels[`4`];
262	};
263
264	/**
265	* struct flow_dissector_key_hash:
266	* @hash: hash value
267	*/
268	struct flow_dissector_key_hash {
269	u32 hash;
270	};
271
272	/**
273	* struct flow_dissector_key_num_of_vlans:
274	* @num_of_vlans: num_of_vlans value
275	*/
276	struct flow_dissector_key_num_of_vlans {
277	u8 num_of_vlans;
278	};
279
280	/**
281	* struct flow_dissector_key_pppoe:
282	* @session_id: pppoe session id
283	* @ppp_proto: ppp protocol
284	* @type: pppoe eth type
285	*/
286	struct flow_dissector_key_pppoe {
287	__be16 session_id;
288	__be16 ppp_proto;
289	__be16 type;
290	};
291
292	enum flow_dissector_key_id {
293	FLOW_DISSECTOR_KEY_CONTROL, / struct flow_dissector_key_control /
294	FLOW_DISSECTOR_KEY_BASIC, / struct flow_dissector_key_basic /
295	FLOW_DISSECTOR_KEY_IPV4_ADDRS, / struct flow_dissector_key_ipv4_addrs /
296	FLOW_DISSECTOR_KEY_IPV6_ADDRS, / struct flow_dissector_key_ipv6_addrs /
297	FLOW_DISSECTOR_KEY_PORTS, / struct flow_dissector_key_ports /
298	FLOW_DISSECTOR_KEY_PORTS_RANGE, / struct flow_dissector_key_ports /
299	FLOW_DISSECTOR_KEY_ICMP, / struct flow_dissector_key_icmp /
300	FLOW_DISSECTOR_KEY_ETH_ADDRS, / struct flow_dissector_key_eth_addrs /
301	FLOW_DISSECTOR_KEY_TIPC, / struct flow_dissector_key_tipc /
302	FLOW_DISSECTOR_KEY_ARP, / struct flow_dissector_key_arp /
303	FLOW_DISSECTOR_KEY_VLAN, / struct flow_dissector_key_vlan /
304	FLOW_DISSECTOR_KEY_FLOW_LABEL, / struct flow_dissector_key_tags /
305	FLOW_DISSECTOR_KEY_GRE_KEYID, / struct flow_dissector_key_keyid /
306	FLOW_DISSECTOR_KEY_MPLS_ENTROPY, / struct flow_dissector_key_keyid /
307	FLOW_DISSECTOR_KEY_ENC_KEYID, / struct flow_dissector_key_keyid /
308	FLOW_DISSECTOR_KEY_ENC_IPV4_ADDRS, / struct flow_dissector_key_ipv4_addrs /
309	FLOW_DISSECTOR_KEY_ENC_IPV6_ADDRS, / struct flow_dissector_key_ipv6_addrs /
310	FLOW_DISSECTOR_KEY_ENC_CONTROL, / struct flow_dissector_key_control /
311	FLOW_DISSECTOR_KEY_ENC_PORTS, / struct flow_dissector_key_ports /
312	FLOW_DISSECTOR_KEY_MPLS, / struct flow_dissector_key_mpls /
313	FLOW_DISSECTOR_KEY_TCP, / struct flow_dissector_key_tcp /
314	FLOW_DISSECTOR_KEY_IP, / struct flow_dissector_key_ip /
315	FLOW_DISSECTOR_KEY_CVLAN, / struct flow_dissector_key_vlan /
316	FLOW_DISSECTOR_KEY_ENC_IP, / struct flow_dissector_key_ip /
317	FLOW_DISSECTOR_KEY_ENC_OPTS, / struct flow_dissector_key_enc_opts /
318	FLOW_DISSECTOR_KEY_META, / struct flow_dissector_key_meta /
319	FLOW_DISSECTOR_KEY_CT, / struct flow_dissector_key_ct /
320	FLOW_DISSECTOR_KEY_HASH, / struct flow_dissector_key_hash /
321	FLOW_DISSECTOR_KEY_NUM_OF_VLANS, / struct flow_dissector_key_num_of_vlans /
322	FLOW_DISSECTOR_KEY_PPPOE, / struct flow_dissector_key_pppoe /
323
324	FLOW_DISSECTOR_KEY_MAX,
325	};
326
327	#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG BIT(0)
328	#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL BIT(1)
329	#define FLOW_DISSECTOR_F_STOP_AT_ENCAP BIT(2)
330	#define FLOW_DISSECTOR_F_STOP_BEFORE_ENCAP BIT(3)
331
332	struct flow_dissector_key {
333	enum flow_dissector_key_id key_id;
334	size_t offset; /* offset of struct flow_dissector_key_*
335	in target the struct /*
336	};
337
338	struct flow_dissector {
339	unsigned int used_keys; / each bit repesents presence of one key id /
340	unsigned short int offset[FLOW_DISSECTOR_KEY_MAX];
341	};
342
343	struct flow_keys_basic {
344	struct flow_dissector_key_control control;
345	struct flow_dissector_key_basic basic;
346	};
347
348	struct flow_keys {
349	struct flow_dissector_key_control control;
350	#define FLOW_KEYS_HASH_START_FIELD basic
351	struct flow_dissector_key_basic basic __aligned(SIPHASH_ALIGNMENT);
352	struct flow_dissector_key_tags tags;
353	struct flow_dissector_key_vlan vlan;
354	struct flow_dissector_key_vlan cvlan;
355	struct flow_dissector_key_keyid keyid;
356	struct flow_dissector_key_ports ports;
357	struct flow_dissector_key_icmp icmp;
358	/ 'addrs' must be the last member /
359	struct flow_dissector_key_addrs addrs;
360	};
361
362	#define FLOW_KEYS_HASH_OFFSET \
363	offsetof(struct flow_keys, FLOW_KEYS_HASH_START_FIELD)
364
365	__be32 flow_get_u32_src(const struct flow_keys *flow);
366	__be32 flow_get_u32_dst(const struct flow_keys *flow);
367
368	extern struct flow_dissector flow_keys_dissector;
369	extern struct flow_dissector flow_keys_basic_dissector;
370
371	/ struct flow_keys_digest:*
372	*
373	* This structure is used to hold a digest of the full flow keys. This is a
374	* larger "hash" of a flow to allow definitively matching specific flows where
375	* the 32 bit skb->hash is not large enough. The size is limited to 16 bytes so
376	* that it can be used in CB of skb (see sch_choke for an example).
377	*/
378	#define FLOW_KEYS_DIGEST_LEN 16
379	struct flow_keys_digest {
380	u8 data[FLOW_KEYS_DIGEST_LEN];
381	};
382
383	void make_flow_keys_digest(struct flow_keys_digest *digest,
384	const struct flow_keys *flow);
385
386	static inline bool flow_keys_have_l4(const struct flow_keys *keys)
387	{
388	return (keys->ports.ports \|\| keys->tags.flow_label);
389	}
390
391	u32 flow_hash_from_keys(struct flow_keys *keys);
392	void skb_flow_get_icmp_tci(const struct sk_buff *skb,
393	struct flow_dissector_key_icmp *key_icmp,
394	const void data, int* thoff, int hlen);
395
396	static inline bool dissector_uses_key(const struct flow_dissector *flow_dissector,
397	enum flow_dissector_key_id key_id)
398	{
399	return flow_dissector->used_keys & (`1` << key_id);
400	}
401
402	static inline void skb_flow_dissector_target(struct* flow_dissector *flow_dissector,
403	enum flow_dissector_key_id key_id,
404	void *target_container)
405	{
406	return ((char *)target_container) + flow_dissector->offset[key_id];
407	}
408
409	struct bpf_flow_dissector {
410	struct bpf_flow_keys *flow_keys;
411	const struct sk_buff *skb;
412	const void *data;
413	const void *data_end;
414	};
415
416	static inline void
417	flow_dissector_init_keys(struct flow_dissector_key_control *key_control,
418	struct flow_dissector_key_basic *key_basic)
419	{
420	memset(key_control, `0`, sizeof(*key_control));
421	memset(key_basic, `0`, sizeof(*key_basic));
422	}
423
424	#ifdef CONFIG_BPF_SYSCALL
425	int flow_dissector_bpf_prog_attach_check(struct net *net,
426	struct bpf_prog *prog);
427	#endif /* CONFIG_BPF_SYSCALL */
428
429	#endif
430

source code of linux/include/net/flow_dissector.h