~ubuntu-branches/ubuntu/raring/openvswitch/raring
» Revision
35
: .pc/0003-datapath-Stop-using-NLA_PUT.patch/datapath/flow.c
« back to all changes in this revision
Viewing changes to .pc/0003-datapath-Stop-using-NLA_PUT.patch/datapath/flow.c
- browse files at revision 35
- compare with another revision
- download diff
- download tarball
- view history from revision 35
- Committer: Package Import Robot
- Author(s): James Page
- Date: 2012-10-23 17:24:17 UTC
- Revision ID: package-import@ubuntu.com-20121023172417-26590u7zfr4r795j
Tags: 1.4.3-0ubuntu2
* Re-enable the openvswitch-datapath-dkms package to enable support
for gre tunnels between virtual switches which is not supported
in the kernel provided openvswitch module (LP: #1068365).
- d/patches/0001->0008*.patch: Cherry picked patches from upstream
trunk which enable support for the 3.5 linux kernel and align
dkms module naming with kernel module naming.
- d/dkms.conf.in: Drop _mod postfix from dkms module names.
for gre tunnels between virtual switches which is not supported
in the kernel provided openvswitch module (LP: #1068365).
- d/patches/0001->0008*.patch: Cherry picked patches from upstream
trunk which enable support for the 3.5 linux kernel and align
dkms module naming with kernel module naming.
- d/dkms.conf.in: Drop _mod postfix from dkms module names.
- files added:
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch/datapath
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch/datapath/linux
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch/datapath/linux/compat
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch/datapath/linux/compat/include
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch/datapath/linux/compat/include/linux
- .pc/0001-datapath-Remove-custom-version-of-ipv6_skip_exthdr.patch/lib
- .pc/0002-datapath-Use-ETH_ALEN-instead-of-VLAN_ETH_ALEN.patch
- .pc/0002-datapath-Use-ETH_ALEN-instead-of-VLAN_ETH_ALEN.patch/datapath
- .pc/0002-datapath-Use-ETH_ALEN-instead-of-VLAN_ETH_ALEN.patch/datapath/linux
- .pc/0002-datapath-Use-ETH_ALEN-instead-of-VLAN_ETH_ALEN.patch/datapath/linux/compat
- .pc/0002-datapath-Use-ETH_ALEN-instead-of-VLAN_ETH_ALEN.patch/datapath/linux/compat/include
- .pc/0002-datapath-Use-ETH_ALEN-instead-of-VLAN_ETH_ALEN.patch/datapath/linux/compat/include/linux
- .pc/0003-datapath-Stop-using-NLA_PUT.patch
- .pc/0003-datapath-Stop-using-NLA_PUT.patch/datapath
- .pc/0004-datapath-Backport-nla_put_be-functions.patch
- .pc/0004-datapath-Backport-nla_put_be-functions.patch/datapath
- .pc/0004-datapath-Backport-nla_put_be-functions.patch/datapath/linux
- .pc/0004-datapath-Backport-nla_put_be-functions.patch/datapath/linux/compat
- .pc/0004-datapath-Backport-nla_put_be-functions.patch/datapath/linux/compat/include
- .pc/0004-datapath-Backport-nla_put_be-functions.patch/datapath/linux/compat/include/net
- .pc/0005-datapath-Support-for-kernel-3.3.patch
- .pc/0005-datapath-Support-for-kernel-3.3.patch/datapath
- .pc/0005-datapath-Support-for-kernel-3.3.patch/datapath/linux
- .pc/0005-datapath-Support-for-kernel-3.3.patch/datapath/linux/compat
- .pc/0005-datapath-Support-for-kernel-3.3.patch/datapath/linux/compat/include
- .pc/0005-datapath-Support-for-kernel-3.3.patch/datapath/linux/compat/include/linux
- .pc/0005-datapath-Support-for-kernel-3.3.patch/datapath/linux/compat/include/net
- .pc/0006-Bump-up-the-supported-kernel-versions-to-include-3.5.patch
- .pc/0006-Bump-up-the-supported-kernel-versions-to-include-3.5.patch/datapath
- .pc/0007-datapath-Remove-all-inclusions-of-asm-system.h.patch
- .pc/0007-datapath-Remove-all-inclusions-of-asm-system.h.patch/datapath
- .pc/0008-datapath-omit-_mod-from-module-names.patch
- .pc/0008-datapath-omit-_mod-from-module-names.patch/datapath
- .pc/0008-datapath-omit-_mod-from-module-names.patch/datapath/linux
- .pc/0008-datapath-omit-_mod-from-module-names.patch/datapath/linux/compat
- .pc/0008-datapath-omit-_mod-from-module-names.patch/utilities
- .pc/0008-datapath-omit-_mod-from-module-names.patch/vswitchd
- .pc/0008-datapath-omit-_mod-from-module-names.patch/xenserver
- files modified:
- .pc/applied-patches
added
removed
.pc/0003-datapath-Stop-using-NLA_PUT.patch/datapath/flow.c
1
/*
2
* Copyright (c) 2007-2011 Nicira Networks.
3
*
4
* This program is free software; you can redistribute it and/or
5
* modify it under the terms of version 2 of the GNU General Public
6
* License as published by the Free Software Foundation.
7
*
8
* This program is distributed in the hope that it will be useful, but
9
* WITHOUT ANY WARRANTY; without even the implied warranty of
10
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11
* General Public License for more details.
12
*
13
* You should have received a copy of the GNU General Public License
14
* along with this program; if not, write to the Free Software
15
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
16
* 02110-1301, USA
17
*/
18
19
#include "flow.h"
20
#include "datapath.h"
21
#include <linux/uaccess.h>
22
#include <linux/netdevice.h>
23
#include <linux/etherdevice.h>
24
#include <linux/if_ether.h>
25
#include <linux/if_vlan.h>
26
#include <net/llc_pdu.h>
27
#include <linux/kernel.h>
28
#include <linux/jhash.h>
29
#include <linux/jiffies.h>
30
#include <linux/llc.h>
31
#include <linux/module.h>
32
#include <linux/in.h>
33
#include <linux/rcupdate.h>
34
#include <linux/if_arp.h>
35
#include <linux/if_ether.h>
36
#include <linux/ip.h>
37
#include <linux/ipv6.h>
38
#include <linux/tcp.h>
39
#include <linux/udp.h>
40
#include <linux/icmp.h>
41
#include <linux/icmpv6.h>
42
#include <linux/rculist.h>
43
#include <net/ip.h>
44
#include <net/ipv6.h>
45
#include <net/ndisc.h>
46
47
#include "vlan.h"
48
49
static struct kmem_cache *flow_cache;
50
static unsigned int hash_seed __read_mostly;
51
52
static int check_header(struct sk_buff *skb, int len)
53
{
54
if (unlikely(skb->len < len))
55
return -EINVAL;
56
if (unlikely(!pskb_may_pull(skb, len)))
57
return -ENOMEM;
58
return 0;
59
}
60
61
static bool arphdr_ok(struct sk_buff *skb)
62
{
63
return pskb_may_pull(skb, skb_network_offset(skb) +
64
sizeof(struct arp_eth_header));
65
}
66
67
static int check_iphdr(struct sk_buff *skb)
68
{
69
unsigned int nh_ofs = skb_network_offset(skb);
70
unsigned int ip_len;
71
int err;
72
73
err = check_header(skb, nh_ofs + sizeof(struct iphdr));
74
if (unlikely(err))
75
return err;
76
77
ip_len = ip_hdrlen(skb);
78
if (unlikely(ip_len < sizeof(struct iphdr) ||
79
skb->len < nh_ofs + ip_len))
80
return -EINVAL;
81
82
skb_set_transport_header(skb, nh_ofs + ip_len);
83
return 0;
84
}
85
86
static bool tcphdr_ok(struct sk_buff *skb)
87
{
88
int th_ofs = skb_transport_offset(skb);
89
int tcp_len;
90
91
if (unlikely(!pskb_may_pull(skb, th_ofs + sizeof(struct tcphdr))))
92
return false;
93
94
tcp_len = tcp_hdrlen(skb);
95
if (unlikely(tcp_len < sizeof(struct tcphdr) ||
96
skb->len < th_ofs + tcp_len))
97
return false;
98
99
return true;
100
}
101
102
static bool udphdr_ok(struct sk_buff *skb)
103
{
104
return pskb_may_pull(skb, skb_transport_offset(skb) +
105
sizeof(struct udphdr));
106
}
107
108
static bool icmphdr_ok(struct sk_buff *skb)
109
{
110
return pskb_may_pull(skb, skb_transport_offset(skb) +
111
sizeof(struct icmphdr));
112
}
113
114
u64 ovs_flow_used_time(unsigned long flow_jiffies)
115
{
116
struct timespec cur_ts;
117
u64 cur_ms, idle_ms;
118
119
ktime_get_ts(&cur_ts);
120
idle_ms = jiffies_to_msecs(jiffies - flow_jiffies);
121
cur_ms = (u64)cur_ts.tv_sec * MSEC_PER_SEC +
122
cur_ts.tv_nsec / NSEC_PER_MSEC;
123
124
return cur_ms - idle_ms;
125
}
126
127
#define SW_FLOW_KEY_OFFSET(field) \
128
(offsetof(struct sw_flow_key, field) + \
129
FIELD_SIZEOF(struct sw_flow_key, field))
130
131
static int parse_ipv6hdr(struct sk_buff *skb, struct sw_flow_key *key,
132
int *key_lenp)
133
{
134
unsigned int nh_ofs = skb_network_offset(skb);
135
unsigned int nh_len;
136
int payload_ofs;
137
struct ipv6hdr *nh;
138
uint8_t nexthdr;
139
__be16 frag_off;
140
int err;
141
142
*key_lenp = SW_FLOW_KEY_OFFSET(ipv6.label);
143
144
err = check_header(skb, nh_ofs + sizeof(*nh));
145
if (unlikely(err))
146
return err;
147
148
nh = ipv6_hdr(skb);
149
nexthdr = nh->nexthdr;
150
payload_ofs = (u8 *)(nh + 1) - skb->data;
151
152
key->ip.proto = NEXTHDR_NONE;
153
key->ip.tos = ipv6_get_dsfield(nh);
154
key->ip.ttl = nh->hop_limit;
155
key->ipv6.label = *(__be32 *)nh & htonl(IPV6_FLOWINFO_FLOWLABEL);
156
key->ipv6.addr.src = nh->saddr;
157
key->ipv6.addr.dst = nh->daddr;
158
159
payload_ofs = ipv6_skip_exthdr(skb, payload_ofs, &nexthdr, &frag_off);
160
if (unlikely(payload_ofs < 0))
161
return -EINVAL;
162
163
if (frag_off) {
164
if (frag_off & htons(~0x7))
165
key->ip.frag = OVS_FRAG_TYPE_LATER;
166
else
167
key->ip.frag = OVS_FRAG_TYPE_FIRST;
168
}
169
170
nh_len = payload_ofs - nh_ofs;
171
skb_set_transport_header(skb, nh_ofs + nh_len);
172
key->ip.proto = nexthdr;
173
return nh_len;
174
}
175
176
static bool icmp6hdr_ok(struct sk_buff *skb)
177
{
178
return pskb_may_pull(skb, skb_transport_offset(skb) +
179
sizeof(struct icmp6hdr));
180
}
181
182
#define TCP_FLAGS_OFFSET 13
183
#define TCP_FLAG_MASK 0x3f
184
185
void ovs_flow_used(struct sw_flow *flow, struct sk_buff *skb)
186
{
187
u8 tcp_flags = 0;
188
189
if (flow->key.eth.type == htons(ETH_P_IP) &&
190
flow->key.ip.proto == IPPROTO_TCP) {
191
u8 *tcp = (u8 *)tcp_hdr(skb);
192
tcp_flags = *(tcp + TCP_FLAGS_OFFSET) & TCP_FLAG_MASK;
193
}
194
195
spin_lock(&flow->lock);
196
flow->used = jiffies;
197
flow->packet_count++;
198
flow->byte_count += skb->len;
199
flow->tcp_flags |= tcp_flags;
200
spin_unlock(&flow->lock);
201
}
202
203
struct sw_flow_actions *ovs_flow_actions_alloc(const struct nlattr *actions)
204
{
205
int actions_len = nla_len(actions);
206
struct sw_flow_actions *sfa;
207
208
/* At least DP_MAX_PORTS actions are required to be able to flood a
209
* packet to every port. Factor of 2 allows for setting VLAN tags,
210
* etc. */
211
if (actions_len > 2 * DP_MAX_PORTS * nla_total_size(4))
212
return ERR_PTR(-EINVAL);
213
214
sfa = kmalloc(sizeof(*sfa) + actions_len, GFP_KERNEL);
215
if (!sfa)
216
return ERR_PTR(-ENOMEM);
217
218
sfa->actions_len = actions_len;
219
memcpy(sfa->actions, nla_data(actions), actions_len);
220
return sfa;
221
}
222
223
struct sw_flow *ovs_flow_alloc(void)
224
{
225
struct sw_flow *flow;
226
227
flow = kmem_cache_alloc(flow_cache, GFP_KERNEL);
228
if (!flow)
229
return ERR_PTR(-ENOMEM);
230
231
spin_lock_init(&flow->lock);
232
atomic_set(&flow->refcnt, 1);
233
flow->sf_acts = NULL;
234
flow->dead = false;
235
236
return flow;
237
}
238
239
static struct hlist_head *find_bucket(struct flow_table *table, u32 hash)
240
{
241
return flex_array_get(table->buckets,
242
(hash & (table->n_buckets - 1)));
243
}
244
245
static struct flex_array *alloc_buckets(unsigned int n_buckets)
246
{
247
struct flex_array *buckets;
248
int i, err;
249
250
buckets = flex_array_alloc(sizeof(struct hlist_head *),
251
n_buckets, GFP_KERNEL);
252
if (!buckets)
253
return NULL;
254
255
err = flex_array_prealloc(buckets, 0, n_buckets, GFP_KERNEL);
256
if (err) {
257
flex_array_free(buckets);
258
return NULL;
259
}
260
261
for (i = 0; i < n_buckets; i++)
262
INIT_HLIST_HEAD((struct hlist_head *)
263
flex_array_get(buckets, i));
264
265
return buckets;
266
}
267
268
static void free_buckets(struct flex_array *buckets)
269
{
270
flex_array_free(buckets);
271
}
272
273
struct flow_table *ovs_flow_tbl_alloc(int new_size)
274
{
275
struct flow_table *table = kmalloc(sizeof(*table), GFP_KERNEL);
276
277
if (!table)
278
return NULL;
279
280
table->buckets = alloc_buckets(new_size);
281
282
if (!table->buckets) {
283
kfree(table);
284
return NULL;
285
}
286
table->n_buckets = new_size;
287
table->count = 0;
288
289
return table;
290
}
291
292
static void flow_free(struct sw_flow *flow)
293
{
294
flow->dead = true;
295
ovs_flow_put(flow);
296
}
297
298
void ovs_flow_tbl_destroy(struct flow_table *table)
299
{
300
int i;
301
302
if (!table)
303
return;
304
305
for (i = 0; i < table->n_buckets; i++) {
306
struct sw_flow *flow;
307
struct hlist_head *head = flex_array_get(table->buckets, i);
308
struct hlist_node *node, *n;
309
310
hlist_for_each_entry_safe(flow, node, n, head, hash_node) {
311
hlist_del_init_rcu(&flow->hash_node);
312
flow_free(flow);
313
}
314
}
315
316
free_buckets(table->buckets);
317
kfree(table);
318
}
319
320
static void flow_tbl_destroy_rcu_cb(struct rcu_head *rcu)
321
{
322
struct flow_table *table = container_of(rcu, struct flow_table, rcu);
323
324
ovs_flow_tbl_destroy(table);
325
}
326
327
void ovs_flow_tbl_deferred_destroy(struct flow_table *table)
328
{
329
if (!table)
330
return;
331
332
call_rcu(&table->rcu, flow_tbl_destroy_rcu_cb);
333
}
334
335
struct sw_flow *ovs_flow_tbl_next(struct flow_table *table, u32 *bucket, u32 *last)
336
{
337
struct sw_flow *flow;
338
struct hlist_head *head;
339
struct hlist_node *n;
340
int i;
341
342
while (*bucket < table->n_buckets) {
343
i = 0;
344
head = flex_array_get(table->buckets, *bucket);
345
hlist_for_each_entry_rcu(flow, n, head, hash_node) {
346
if (i < *last) {
347
i++;
348
continue;
349
}
350
*last = i + 1;
351
return flow;
352
}
353
(*bucket)++;
354
*last = 0;
355
}
356
357
return NULL;
358
}
359
360
struct flow_table *ovs_flow_tbl_expand(struct flow_table *table)
361
{
362
struct flow_table *new_table;
363
int n_buckets = table->n_buckets * 2;
364
int i;
365
366
new_table = ovs_flow_tbl_alloc(n_buckets);
367
if (!new_table)
368
return ERR_PTR(-ENOMEM);
369
370
for (i = 0; i < table->n_buckets; i++) {
371
struct sw_flow *flow;
372
struct hlist_head *head;
373
struct hlist_node *n, *pos;
374
375
head = flex_array_get(table->buckets, i);
376
377
hlist_for_each_entry_safe(flow, n, pos, head, hash_node) {
378
hlist_del_init_rcu(&flow->hash_node);
379
ovs_flow_tbl_insert(new_table, flow);
380
}
381
}
382
383
return new_table;
384
}
385
386
/* RCU callback used by ovs_flow_deferred_free. */
387
static void rcu_free_flow_callback(struct rcu_head *rcu)
388
{
389
struct sw_flow *flow = container_of(rcu, struct sw_flow, rcu);
390
391
flow->dead = true;
392
ovs_flow_put(flow);
393
}
394
395
/* Schedules 'flow' to be freed after the next RCU grace period.
396
* The caller must hold rcu_read_lock for this to be sensible. */
397
void ovs_flow_deferred_free(struct sw_flow *flow)
398
{
399
call_rcu(&flow->rcu, rcu_free_flow_callback);
400
}
401
402
void ovs_flow_hold(struct sw_flow *flow)
403
{
404
atomic_inc(&flow->refcnt);
405
}
406
407
void ovs_flow_put(struct sw_flow *flow)
408
{
409
if (unlikely(!flow))
410
return;
411
412
if (atomic_dec_and_test(&flow->refcnt)) {
413
kfree((struct sf_flow_acts __force *)flow->sf_acts);
414
kmem_cache_free(flow_cache, flow);
415
}
416
}
417
418
/* RCU callback used by ovs_flow_deferred_free_acts. */
419
static void rcu_free_acts_callback(struct rcu_head *rcu)
420
{
421
struct sw_flow_actions *sf_acts = container_of(rcu,
422
struct sw_flow_actions, rcu);
423
kfree(sf_acts);
424
}
425
426
/* Schedules 'sf_acts' to be freed after the next RCU grace period.
427
* The caller must hold rcu_read_lock for this to be sensible. */
428
void ovs_flow_deferred_free_acts(struct sw_flow_actions *sf_acts)
429
{
430
call_rcu(&sf_acts->rcu, rcu_free_acts_callback);
431
}
432
433
static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
434
{
435
struct qtag_prefix {
436
__be16 eth_type; /* ETH_P_8021Q */
437
__be16 tci;
438
};
439
struct qtag_prefix *qp;
440
441
if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
442
return 0;
443
444
if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
445
sizeof(__be16))))
446
return -ENOMEM;
447
448
qp = (struct qtag_prefix *) skb->data;
449
key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
450
__skb_pull(skb, sizeof(struct qtag_prefix));
451
452
return 0;
453
}
454
455
static __be16 parse_ethertype(struct sk_buff *skb)
456
{
457
struct llc_snap_hdr {
458
u8 dsap; /* Always 0xAA */
459
u8 ssap; /* Always 0xAA */
460
u8 ctrl;
461
u8 oui[3];
462
__be16 ethertype;
463
};
464
struct llc_snap_hdr *llc;
465
__be16 proto;
466
467
proto = *(__be16 *) skb->data;
468
__skb_pull(skb, sizeof(__be16));
469
470
if (ntohs(proto) >= 1536)
471
return proto;
472
473
if (skb->len < sizeof(struct llc_snap_hdr))
474
return htons(ETH_P_802_2);
475
476
if (unlikely(!pskb_may_pull(skb, sizeof(struct llc_snap_hdr))))
477
return htons(0);
478
479
llc = (struct llc_snap_hdr *) skb->data;
480
if (llc->dsap != LLC_SAP_SNAP ||
481
llc->ssap != LLC_SAP_SNAP ||
482
(llc->oui[0] | llc->oui[1] | llc->oui[2]) != 0)
483
return htons(ETH_P_802_2);
484
485
__skb_pull(skb, sizeof(struct llc_snap_hdr));
486
return llc->ethertype;
487
}
488
489
static int parse_icmpv6(struct sk_buff *skb, struct sw_flow_key *key,
490
int *key_lenp, int nh_len)
491
{
492
struct icmp6hdr *icmp = icmp6_hdr(skb);
493
int error = 0;
494
int key_len;
495
496
/* The ICMPv6 type and code fields use the 16-bit transport port
497
* fields, so we need to store them in 16-bit network byte order.
498
*/
499
key->ipv6.tp.src = htons(icmp->icmp6_type);
500
key->ipv6.tp.dst = htons(icmp->icmp6_code);
501
key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
502
503
if (icmp->icmp6_code == 0 &&
504
(icmp->icmp6_type == NDISC_NEIGHBOUR_SOLICITATION ||
505
icmp->icmp6_type == NDISC_NEIGHBOUR_ADVERTISEMENT)) {
506
int icmp_len = skb->len - skb_transport_offset(skb);
507
struct nd_msg *nd;
508
int offset;
509
510
key_len = SW_FLOW_KEY_OFFSET(ipv6.nd);
511
512
/* In order to process neighbor discovery options, we need the
513
* entire packet.
514
*/
515
if (unlikely(icmp_len < sizeof(*nd)))
516
goto out;
517
if (unlikely(skb_linearize(skb))) {
518
error = -ENOMEM;
519
goto out;
520
}
521
522
nd = (struct nd_msg *)skb_transport_header(skb);
523
key->ipv6.nd.target = nd->target;
524
key_len = SW_FLOW_KEY_OFFSET(ipv6.nd);
525
526
icmp_len -= sizeof(*nd);
527
offset = 0;
528
while (icmp_len >= 8) {
529
struct nd_opt_hdr *nd_opt =
530
(struct nd_opt_hdr *)(nd->opt + offset);
531
int opt_len = nd_opt->nd_opt_len * 8;
532
533
if (unlikely(!opt_len || opt_len > icmp_len))
534
goto invalid;
535
536
/* Store the link layer address if the appropriate
537
* option is provided. It is considered an error if
538
* the same link layer option is specified twice.
539
*/
540
if (nd_opt->nd_opt_type == ND_OPT_SOURCE_LL_ADDR
541
&& opt_len == 8) {
542
if (unlikely(!is_zero_ether_addr(key->ipv6.nd.sll)))
543
goto invalid;
544
memcpy(key->ipv6.nd.sll,
545
&nd->opt[offset+sizeof(*nd_opt)], ETH_ALEN);
546
} else if (nd_opt->nd_opt_type == ND_OPT_TARGET_LL_ADDR
547
&& opt_len == 8) {
548
if (unlikely(!is_zero_ether_addr(key->ipv6.nd.tll)))
549
goto invalid;
550
memcpy(key->ipv6.nd.tll,
551
&nd->opt[offset+sizeof(*nd_opt)], ETH_ALEN);
552
}
553
554
icmp_len -= opt_len;
555
offset += opt_len;
556
}
557
}
558
559
goto out;
560
561
invalid:
562
memset(&key->ipv6.nd.target, 0, sizeof(key->ipv6.nd.target));
563
memset(key->ipv6.nd.sll, 0, sizeof(key->ipv6.nd.sll));
564
memset(key->ipv6.nd.tll, 0, sizeof(key->ipv6.nd.tll));
565
566
out:
567
*key_lenp = key_len;
568
return error;
569
}
570
571
/**
572
* ovs_flow_extract - extracts a flow key from an Ethernet frame.
573
* @skb: sk_buff that contains the frame, with skb->data pointing to the
574
* Ethernet header
575
* @in_port: port number on which @skb was received.
576
* @key: output flow key
577
* @key_lenp: length of output flow key
578
*
579
* The caller must ensure that skb->len >= ETH_HLEN.
580
*
581
* Returns 0 if successful, otherwise a negative errno value.
582
*
583
* Initializes @skb header pointers as follows:
584
*
585
* - skb->mac_header: the Ethernet header.
586
*
587
* - skb->network_header: just past the Ethernet header, or just past the
588
* VLAN header, to the first byte of the Ethernet payload.
589
*
590
* - skb->transport_header: If key->dl_type is ETH_P_IP or ETH_P_IPV6
591
* on output, then just past the IP header, if one is present and
592
* of a correct length, otherwise the same as skb->network_header.
593
* For other key->dl_type values it is left untouched.
594
*/
595
int ovs_flow_extract(struct sk_buff *skb, u16 in_port, struct sw_flow_key *key,
596
int *key_lenp)
597
{
598
int error = 0;
599
int key_len = SW_FLOW_KEY_OFFSET(eth);
600
struct ethhdr *eth;
601
602
memset(key, 0, sizeof(*key));
603
604
key->phy.priority = skb->priority;
605
key->phy.tun_id = OVS_CB(skb)->tun_id;
606
key->phy.in_port = in_port;
607
608
skb_reset_mac_header(skb);
609
610
/* Link layer. We are guaranteed to have at least the 14 byte Ethernet
611
* header in the linear data area.
612
*/
613
eth = eth_hdr(skb);
614
memcpy(key->eth.src, eth->h_source, ETH_ALEN);
615
memcpy(key->eth.dst, eth->h_dest, ETH_ALEN);
616
617
__skb_pull(skb, 2 * ETH_ALEN);
618
619
if (vlan_tx_tag_present(skb))
620
key->eth.tci = htons(vlan_get_tci(skb));
621
else if (eth->h_proto == htons(ETH_P_8021Q))
622
if (unlikely(parse_vlan(skb, key)))
623
return -ENOMEM;
624
625
key->eth.type = parse_ethertype(skb);
626
if (unlikely(key->eth.type == htons(0)))
627
return -ENOMEM;
628
629
skb_reset_network_header(skb);
630
__skb_push(skb, skb->data - skb_mac_header(skb));
631
632
/* Network layer. */
633
if (key->eth.type == htons(ETH_P_IP)) {
634
struct iphdr *nh;
635
__be16 offset;
636
637
key_len = SW_FLOW_KEY_OFFSET(ipv4.addr);
638
639
error = check_iphdr(skb);
640
if (unlikely(error)) {
641
if (error == -EINVAL) {
642
skb->transport_header = skb->network_header;
643
error = 0;
644
}
645
goto out;
646
}
647
648
nh = ip_hdr(skb);
649
key->ipv4.addr.src = nh->saddr;
650
key->ipv4.addr.dst = nh->daddr;
651
652
key->ip.proto = nh->protocol;
653
key->ip.tos = nh->tos;
654
key->ip.ttl = nh->ttl;
655
656
offset = nh->frag_off & htons(IP_OFFSET);
657
if (offset) {
658
key->ip.frag = OVS_FRAG_TYPE_LATER;
659
goto out;
660
}
661
if (nh->frag_off & htons(IP_MF) ||
662
skb_shinfo(skb)->gso_type & SKB_GSO_UDP)
663
key->ip.frag = OVS_FRAG_TYPE_FIRST;
664
665
/* Transport layer. */
666
if (key->ip.proto == IPPROTO_TCP) {
667
key_len = SW_FLOW_KEY_OFFSET(ipv4.tp);
668
if (tcphdr_ok(skb)) {
669
struct tcphdr *tcp = tcp_hdr(skb);
670
key->ipv4.tp.src = tcp->source;
671
key->ipv4.tp.dst = tcp->dest;
672
}
673
} else if (key->ip.proto == IPPROTO_UDP) {
674
key_len = SW_FLOW_KEY_OFFSET(ipv4.tp);
675
if (udphdr_ok(skb)) {
676
struct udphdr *udp = udp_hdr(skb);
677
key->ipv4.tp.src = udp->source;
678
key->ipv4.tp.dst = udp->dest;
679
}
680
} else if (key->ip.proto == IPPROTO_ICMP) {
681
key_len = SW_FLOW_KEY_OFFSET(ipv4.tp);
682
if (icmphdr_ok(skb)) {
683
struct icmphdr *icmp = icmp_hdr(skb);
684
/* The ICMP type and code fields use the 16-bit
685
* transport port fields, so we need to store
686
* them in 16-bit network byte order. */
687
key->ipv4.tp.src = htons(icmp->type);
688
key->ipv4.tp.dst = htons(icmp->code);
689
}
690
}
691
692
} else if (key->eth.type == htons(ETH_P_ARP) && arphdr_ok(skb)) {
693
struct arp_eth_header *arp;
694
695
arp = (struct arp_eth_header *)skb_network_header(skb);
696
697
if (arp->ar_hrd == htons(ARPHRD_ETHER)
698
&& arp->ar_pro == htons(ETH_P_IP)
699
&& arp->ar_hln == ETH_ALEN
700
&& arp->ar_pln == 4) {
701
702
/* We only match on the lower 8 bits of the opcode. */
703
if (ntohs(arp->ar_op) <= 0xff)
704
key->ip.proto = ntohs(arp->ar_op);
705
706
if (key->ip.proto == ARPOP_REQUEST
707
|| key->ip.proto == ARPOP_REPLY) {
708
memcpy(&key->ipv4.addr.src, arp->ar_sip, sizeof(key->ipv4.addr.src));
709
memcpy(&key->ipv4.addr.dst, arp->ar_tip, sizeof(key->ipv4.addr.dst));
710
memcpy(key->ipv4.arp.sha, arp->ar_sha, ETH_ALEN);
711
memcpy(key->ipv4.arp.tha, arp->ar_tha, ETH_ALEN);
712
key_len = SW_FLOW_KEY_OFFSET(ipv4.arp);
713
}
714
}
715
} else if (key->eth.type == htons(ETH_P_IPV6)) {
716
int nh_len; /* IPv6 Header + Extensions */
717
718
nh_len = parse_ipv6hdr(skb, key, &key_len);
719
if (unlikely(nh_len < 0)) {
720
if (nh_len == -EINVAL)
721
skb->transport_header = skb->network_header;
722
else
723
error = nh_len;
724
goto out;
725
}
726
727
if (key->ip.frag == OVS_FRAG_TYPE_LATER)
728
goto out;
729
if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP)
730
key->ip.frag = OVS_FRAG_TYPE_FIRST;
731
732
/* Transport layer. */
733
if (key->ip.proto == NEXTHDR_TCP) {
734
key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
735
if (tcphdr_ok(skb)) {
736
struct tcphdr *tcp = tcp_hdr(skb);
737
key->ipv6.tp.src = tcp->source;
738
key->ipv6.tp.dst = tcp->dest;
739
}
740
} else if (key->ip.proto == NEXTHDR_UDP) {
741
key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
742
if (udphdr_ok(skb)) {
743
struct udphdr *udp = udp_hdr(skb);
744
key->ipv6.tp.src = udp->source;
745
key->ipv6.tp.dst = udp->dest;
746
}
747
} else if (key->ip.proto == NEXTHDR_ICMP) {
748
key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
749
if (icmp6hdr_ok(skb)) {
750
error = parse_icmpv6(skb, key, &key_len, nh_len);
751
if (error < 0)
752
goto out;
753
}
754
}
755
}
756
757
out:
758
*key_lenp = key_len;
759
return error;
760
}
761
762
u32 ovs_flow_hash(const struct sw_flow_key *key, int key_len)
763
{
764
return jhash2((u32 *)key, DIV_ROUND_UP(key_len, sizeof(u32)), hash_seed);
765
}
766
767
struct sw_flow *ovs_flow_tbl_lookup(struct flow_table *table,
768
struct sw_flow_key *key, int key_len)
769
{
770
struct sw_flow *flow;
771
struct hlist_node *n;
772
struct hlist_head *head;
773
u32 hash;
774
775
hash = ovs_flow_hash(key, key_len);
776
777
head = find_bucket(table, hash);
778
hlist_for_each_entry_rcu(flow, n, head, hash_node) {
779
780
if (flow->hash == hash &&
781
!memcmp(&flow->key, key, key_len)) {
782
return flow;
783
}
784
}
785
return NULL;
786
}
787
788
void ovs_flow_tbl_insert(struct flow_table *table, struct sw_flow *flow)
789
{
790
struct hlist_head *head;
791
792
head = find_bucket(table, flow->hash);
793
hlist_add_head_rcu(&flow->hash_node, head);
794
table->count++;
795
}
796
797
void ovs_flow_tbl_remove(struct flow_table *table, struct sw_flow *flow)
798
{
799
if (!hlist_unhashed(&flow->hash_node)) {
800
hlist_del_init_rcu(&flow->hash_node);
801
table->count--;
802
BUG_ON(table->count < 0);
803
}
804
}
805
806
/* The size of the argument for each %OVS_KEY_ATTR_* Netlink attribute. */
807
const int ovs_key_lens[OVS_KEY_ATTR_MAX + 1] = {
808
[OVS_KEY_ATTR_ENCAP] = -1,
809
[OVS_KEY_ATTR_PRIORITY] = sizeof(u32),
810
[OVS_KEY_ATTR_IN_PORT] = sizeof(u32),
811
[OVS_KEY_ATTR_ETHERNET] = sizeof(struct ovs_key_ethernet),
812
[OVS_KEY_ATTR_VLAN] = sizeof(__be16),
813
[OVS_KEY_ATTR_ETHERTYPE] = sizeof(__be16),
814
[OVS_KEY_ATTR_IPV4] = sizeof(struct ovs_key_ipv4),
815
[OVS_KEY_ATTR_IPV6] = sizeof(struct ovs_key_ipv6),
816
[OVS_KEY_ATTR_TCP] = sizeof(struct ovs_key_tcp),
817
[OVS_KEY_ATTR_UDP] = sizeof(struct ovs_key_udp),
818
[OVS_KEY_ATTR_ICMP] = sizeof(struct ovs_key_icmp),
819
[OVS_KEY_ATTR_ICMPV6] = sizeof(struct ovs_key_icmpv6),
820
[OVS_KEY_ATTR_ARP] = sizeof(struct ovs_key_arp),
821
[OVS_KEY_ATTR_ND] = sizeof(struct ovs_key_nd),
822
823
/* Not upstream. */
824
[OVS_KEY_ATTR_TUN_ID] = sizeof(__be64),
825
};
826
827
static int ipv4_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_len,
828
const struct nlattr *a[], u64 *attrs)
829
{
830
const struct ovs_key_icmp *icmp_key;
831
const struct ovs_key_tcp *tcp_key;
832
const struct ovs_key_udp *udp_key;
833
834
switch (swkey->ip.proto) {
835
case IPPROTO_TCP:
836
if (!(*attrs & (1 << OVS_KEY_ATTR_TCP)))
837
return -EINVAL;
838
*attrs &= ~(1 << OVS_KEY_ATTR_TCP);
839
840
*key_len = SW_FLOW_KEY_OFFSET(ipv4.tp);
841
tcp_key = nla_data(a[OVS_KEY_ATTR_TCP]);
842
swkey->ipv4.tp.src = tcp_key->tcp_src;
843
swkey->ipv4.tp.dst = tcp_key->tcp_dst;
844
break;
845
846
case IPPROTO_UDP:
847
if (!(*attrs & (1 << OVS_KEY_ATTR_UDP)))
848
return -EINVAL;
849
*attrs &= ~(1 << OVS_KEY_ATTR_UDP);
850
851
*key_len = SW_FLOW_KEY_OFFSET(ipv4.tp);
852
udp_key = nla_data(a[OVS_KEY_ATTR_UDP]);
853
swkey->ipv4.tp.src = udp_key->udp_src;
854
swkey->ipv4.tp.dst = udp_key->udp_dst;
855
break;
856
857
case IPPROTO_ICMP:
858
if (!(*attrs & (1 << OVS_KEY_ATTR_ICMP)))
859
return -EINVAL;
860
*attrs &= ~(1 << OVS_KEY_ATTR_ICMP);
861
862
*key_len = SW_FLOW_KEY_OFFSET(ipv4.tp);
863
icmp_key = nla_data(a[OVS_KEY_ATTR_ICMP]);
864
swkey->ipv4.tp.src = htons(icmp_key->icmp_type);
865
swkey->ipv4.tp.dst = htons(icmp_key->icmp_code);
866
break;
867
}
868
869
return 0;
870
}
871
872
static int ipv6_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_len,
873
const struct nlattr *a[], u64 *attrs)
874
{
875
const struct ovs_key_icmpv6 *icmpv6_key;
876
const struct ovs_key_tcp *tcp_key;
877
const struct ovs_key_udp *udp_key;
878
879
switch (swkey->ip.proto) {
880
case IPPROTO_TCP:
881
if (!(*attrs & (1 << OVS_KEY_ATTR_TCP)))
882
return -EINVAL;
883
*attrs &= ~(1 << OVS_KEY_ATTR_TCP);
884
885
*key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
886
tcp_key = nla_data(a[OVS_KEY_ATTR_TCP]);
887
swkey->ipv6.tp.src = tcp_key->tcp_src;
888
swkey->ipv6.tp.dst = tcp_key->tcp_dst;
889
break;
890
891
case IPPROTO_UDP:
892
if (!(*attrs & (1 << OVS_KEY_ATTR_UDP)))
893
return -EINVAL;
894
*attrs &= ~(1 << OVS_KEY_ATTR_UDP);
895
896
*key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
897
udp_key = nla_data(a[OVS_KEY_ATTR_UDP]);
898
swkey->ipv6.tp.src = udp_key->udp_src;
899
swkey->ipv6.tp.dst = udp_key->udp_dst;
900
break;
901
902
case IPPROTO_ICMPV6:
903
if (!(*attrs & (1 << OVS_KEY_ATTR_ICMPV6)))
904
return -EINVAL;
905
*attrs &= ~(1 << OVS_KEY_ATTR_ICMPV6);
906
907
*key_len = SW_FLOW_KEY_OFFSET(ipv6.tp);
908
icmpv6_key = nla_data(a[OVS_KEY_ATTR_ICMPV6]);
909
swkey->ipv6.tp.src = htons(icmpv6_key->icmpv6_type);
910
swkey->ipv6.tp.dst = htons(icmpv6_key->icmpv6_code);
911
912
if (swkey->ipv6.tp.src == htons(NDISC_NEIGHBOUR_SOLICITATION) ||
913
swkey->ipv6.tp.src == htons(NDISC_NEIGHBOUR_ADVERTISEMENT)) {
914
const struct ovs_key_nd *nd_key;
915
916
if (!(*attrs & (1 << OVS_KEY_ATTR_ND)))
917
return -EINVAL;
918
*attrs &= ~(1 << OVS_KEY_ATTR_ND);
919
920
*key_len = SW_FLOW_KEY_OFFSET(ipv6.nd);
921
nd_key = nla_data(a[OVS_KEY_ATTR_ND]);
922
memcpy(&swkey->ipv6.nd.target, nd_key->nd_target,
923
sizeof(swkey->ipv6.nd.target));
924
memcpy(swkey->ipv6.nd.sll, nd_key->nd_sll, ETH_ALEN);
925
memcpy(swkey->ipv6.nd.tll, nd_key->nd_tll, ETH_ALEN);
926
}
927
break;
928
}
929
930
return 0;
931
}
932
933
static int parse_flow_nlattrs(const struct nlattr *attr,
934
const struct nlattr *a[], u64 *attrsp)
935
{
936
const struct nlattr *nla;
937
u64 attrs;
938
int rem;
939
940
attrs = 0;
941
nla_for_each_nested(nla, attr, rem) {
942
u16 type = nla_type(nla);
943
int expected_len;
944
945
if (type > OVS_KEY_ATTR_MAX || attrs & (1ULL << type))
946
return -EINVAL;
947
948
expected_len = ovs_key_lens[type];
949
if (nla_len(nla) != expected_len && expected_len != -1)
950
return -EINVAL;
951
952
attrs |= 1ULL << type;
953
a[type] = nla;
954
}
955
if (rem)
956
return -EINVAL;
957
958
*attrsp = attrs;
959
return 0;
960
}
961
962
/**
963
* ovs_flow_from_nlattrs - parses Netlink attributes into a flow key.
964
* @swkey: receives the extracted flow key.
965
* @key_lenp: number of bytes used in @swkey.
966
* @attr: Netlink attribute holding nested %OVS_KEY_ATTR_* Netlink attribute
967
* sequence.
968
*/
969
int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp,
970
const struct nlattr *attr)
971
{
972
const struct nlattr *a[OVS_KEY_ATTR_MAX + 1];
973
const struct ovs_key_ethernet *eth_key;
974
int key_len;
975
u64 attrs;
976
int err;
977
978
memset(swkey, 0, sizeof(struct sw_flow_key));
979
key_len = SW_FLOW_KEY_OFFSET(eth);
980
981
err = parse_flow_nlattrs(attr, a, &attrs);
982
if (err)
983
return err;
984
985
/* Metadata attributes. */
986
if (attrs & (1 << OVS_KEY_ATTR_PRIORITY)) {
987
swkey->phy.priority = nla_get_u32(a[OVS_KEY_ATTR_PRIORITY]);
988
attrs &= ~(1 << OVS_KEY_ATTR_PRIORITY);
989
}
990
if (attrs & (1 << OVS_KEY_ATTR_IN_PORT)) {
991
u32 in_port = nla_get_u32(a[OVS_KEY_ATTR_IN_PORT]);
992
if (in_port >= DP_MAX_PORTS)
993
return -EINVAL;
994
swkey->phy.in_port = in_port;
995
attrs &= ~(1 << OVS_KEY_ATTR_IN_PORT);
996
} else {
997
swkey->phy.in_port = USHRT_MAX;
998
}
999
1000
if (attrs & (1ULL << OVS_KEY_ATTR_TUN_ID)) {
1001
swkey->phy.tun_id = nla_get_be64(a[OVS_KEY_ATTR_TUN_ID]);
1002
attrs &= ~(1ULL << OVS_KEY_ATTR_TUN_ID);
1003
}
1004
1005
/* Data attributes. */
1006
if (!(attrs & (1 << OVS_KEY_ATTR_ETHERNET)))
1007
return -EINVAL;
1008
attrs &= ~(1 << OVS_KEY_ATTR_ETHERNET);
1009
1010
eth_key = nla_data(a[OVS_KEY_ATTR_ETHERNET]);
1011
memcpy(swkey->eth.src, eth_key->eth_src, ETH_ALEN);
1012
memcpy(swkey->eth.dst, eth_key->eth_dst, ETH_ALEN);
1013
1014
if (attrs & (1u << OVS_KEY_ATTR_ETHERTYPE) &&
1015
nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q)) {
1016
const struct nlattr *encap;
1017
__be16 tci;
1018
1019
if (attrs != ((1 << OVS_KEY_ATTR_VLAN) |
1020
(1 << OVS_KEY_ATTR_ETHERTYPE) |
1021
(1 << OVS_KEY_ATTR_ENCAP)))
1022
return -EINVAL;
1023
1024
encap = a[OVS_KEY_ATTR_ENCAP];
1025
tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
1026
if (tci & htons(VLAN_TAG_PRESENT)) {
1027
swkey->eth.tci = tci;
1028
1029
err = parse_flow_nlattrs(encap, a, &attrs);
1030
if (err)
1031
return err;
1032
} else if (!tci) {
1033
/* Corner case for truncated 802.1Q header. */
1034
if (nla_len(encap))
1035
return -EINVAL;
1036
1037
swkey->eth.type = htons(ETH_P_8021Q);
1038
*key_lenp = key_len;
1039
return 0;
1040
} else {
1041
return -EINVAL;
1042
}
1043
}
1044
1045
if (attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) {
1046
swkey->eth.type = nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]);
1047
if (ntohs(swkey->eth.type) < 1536)
1048
return -EINVAL;
1049
attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
1050
} else {
1051
swkey->eth.type = htons(ETH_P_802_2);
1052
}
1053
1054
if (swkey->eth.type == htons(ETH_P_IP)) {
1055
const struct ovs_key_ipv4 *ipv4_key;
1056
1057
if (!(attrs & (1 << OVS_KEY_ATTR_IPV4)))
1058
return -EINVAL;
1059
attrs &= ~(1 << OVS_KEY_ATTR_IPV4);
1060
1061
key_len = SW_FLOW_KEY_OFFSET(ipv4.addr);
1062
ipv4_key = nla_data(a[OVS_KEY_ATTR_IPV4]);
1063
if (ipv4_key->ipv4_frag > OVS_FRAG_TYPE_MAX)
1064
return -EINVAL;
1065
swkey->ip.proto = ipv4_key->ipv4_proto;
1066
swkey->ip.tos = ipv4_key->ipv4_tos;
1067
swkey->ip.ttl = ipv4_key->ipv4_ttl;
1068
swkey->ip.frag = ipv4_key->ipv4_frag;
1069
swkey->ipv4.addr.src = ipv4_key->ipv4_src;
1070
swkey->ipv4.addr.dst = ipv4_key->ipv4_dst;
1071
1072
if (swkey->ip.frag != OVS_FRAG_TYPE_LATER) {
1073
err = ipv4_flow_from_nlattrs(swkey, &key_len, a, &attrs);
1074
if (err)
1075
return err;
1076
}
1077
} else if (swkey->eth.type == htons(ETH_P_IPV6)) {
1078
const struct ovs_key_ipv6 *ipv6_key;
1079
1080
if (!(attrs & (1 << OVS_KEY_ATTR_IPV6)))
1081
return -EINVAL;
1082
attrs &= ~(1 << OVS_KEY_ATTR_IPV6);
1083
1084
key_len = SW_FLOW_KEY_OFFSET(ipv6.label);
1085
ipv6_key = nla_data(a[OVS_KEY_ATTR_IPV6]);
1086
if (ipv6_key->ipv6_frag > OVS_FRAG_TYPE_MAX)
1087
return -EINVAL;
1088
swkey->ipv6.label = ipv6_key->ipv6_label;
1089
swkey->ip.proto = ipv6_key->ipv6_proto;
1090
swkey->ip.tos = ipv6_key->ipv6_tclass;
1091
swkey->ip.ttl = ipv6_key->ipv6_hlimit;
1092
swkey->ip.frag = ipv6_key->ipv6_frag;
1093
memcpy(&swkey->ipv6.addr.src, ipv6_key->ipv6_src,
1094
sizeof(swkey->ipv6.addr.src));
1095
memcpy(&swkey->ipv6.addr.dst, ipv6_key->ipv6_dst,
1096
sizeof(swkey->ipv6.addr.dst));
1097
1098
if (swkey->ip.frag != OVS_FRAG_TYPE_LATER) {
1099
err = ipv6_flow_from_nlattrs(swkey, &key_len, a, &attrs);
1100
if (err)
1101
return err;
1102
}
1103
} else if (swkey->eth.type == htons(ETH_P_ARP)) {
1104
const struct ovs_key_arp *arp_key;
1105
1106
if (!(attrs & (1 << OVS_KEY_ATTR_ARP)))
1107
return -EINVAL;
1108
attrs &= ~(1 << OVS_KEY_ATTR_ARP);
1109
1110
key_len = SW_FLOW_KEY_OFFSET(ipv4.arp);
1111
arp_key = nla_data(a[OVS_KEY_ATTR_ARP]);
1112
swkey->ipv4.addr.src = arp_key->arp_sip;
1113
swkey->ipv4.addr.dst = arp_key->arp_tip;
1114
if (arp_key->arp_op & htons(0xff00))
1115
return -EINVAL;
1116
swkey->ip.proto = ntohs(arp_key->arp_op);
1117
memcpy(swkey->ipv4.arp.sha, arp_key->arp_sha, ETH_ALEN);
1118
memcpy(swkey->ipv4.arp.tha, arp_key->arp_tha, ETH_ALEN);
1119
}
1120
1121
if (attrs)
1122
return -EINVAL;
1123
*key_lenp = key_len;
1124
1125
return 0;
1126
}
1127
1128
/**
1129
* ovs_flow_metadata_from_nlattrs - parses Netlink attributes into a flow key.
1130
* @in_port: receives the extracted input port.
1131
* @tun_id: receives the extracted tunnel ID.
1132
* @key: Netlink attribute holding nested %OVS_KEY_ATTR_* Netlink attribute
1133
* sequence.
1134
*
1135
* This parses a series of Netlink attributes that form a flow key, which must
1136
* take the same form accepted by flow_from_nlattrs(), but only enough of it to
1137
* get the metadata, that is, the parts of the flow key that cannot be
1138
* extracted from the packet itself.
1139
*/
1140
int ovs_flow_metadata_from_nlattrs(u32 *priority, u16 *in_port, __be64 *tun_id,
1141
const struct nlattr *attr)
1142
{
1143
const struct nlattr *nla;
1144
int rem;
1145
1146
*in_port = USHRT_MAX;
1147
*tun_id = 0;
1148
*priority = 0;
1149
1150
nla_for_each_nested(nla, attr, rem) {
1151
int type = nla_type(nla);
1152
1153
if (type <= OVS_KEY_ATTR_MAX && ovs_key_lens[type] > 0) {
1154
if (nla_len(nla) != ovs_key_lens[type])
1155
return -EINVAL;
1156
1157
switch (type) {
1158
case OVS_KEY_ATTR_PRIORITY:
1159
*priority = nla_get_u32(nla);
1160
break;
1161
1162
case OVS_KEY_ATTR_TUN_ID:
1163
*tun_id = nla_get_be64(nla);
1164
break;
1165
1166
case OVS_KEY_ATTR_IN_PORT:
1167
if (nla_get_u32(nla) >= DP_MAX_PORTS)
1168
return -EINVAL;
1169
*in_port = nla_get_u32(nla);
1170
break;
1171
}
1172
}
1173
}
1174
if (rem)
1175
return -EINVAL;
1176
return 0;
1177
}
1178
1179
int ovs_flow_to_nlattrs(const struct sw_flow_key *swkey, struct sk_buff *skb)
1180
{
1181
struct ovs_key_ethernet *eth_key;
1182
struct nlattr *nla, *encap;
1183
1184
if (swkey->phy.priority)
1185
NLA_PUT_U32(skb, OVS_KEY_ATTR_PRIORITY, swkey->phy.priority);
1186
1187
if (swkey->phy.tun_id != cpu_to_be64(0))
1188
NLA_PUT_BE64(skb, OVS_KEY_ATTR_TUN_ID, swkey->phy.tun_id);
1189
1190
if (swkey->phy.in_port != USHRT_MAX)
1191
NLA_PUT_U32(skb, OVS_KEY_ATTR_IN_PORT, swkey->phy.in_port);
1192
1193
nla = nla_reserve(skb, OVS_KEY_ATTR_ETHERNET, sizeof(*eth_key));
1194
if (!nla)
1195
goto nla_put_failure;
1196
eth_key = nla_data(nla);
1197
memcpy(eth_key->eth_src, swkey->eth.src, ETH_ALEN);
1198
memcpy(eth_key->eth_dst, swkey->eth.dst, ETH_ALEN);
1199
1200
if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
1201
NLA_PUT_BE16(skb, OVS_KEY_ATTR_ETHERTYPE, htons(ETH_P_8021Q));
1202
NLA_PUT_BE16(skb, OVS_KEY_ATTR_VLAN, swkey->eth.tci);
1203
encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
1204
if (!swkey->eth.tci)
1205
goto unencap;
1206
} else {
1207
encap = NULL;
1208
}
1209
1210
if (swkey->eth.type == htons(ETH_P_802_2))
1211
goto unencap;
1212
1213
NLA_PUT_BE16(skb, OVS_KEY_ATTR_ETHERTYPE, swkey->eth.type);
1214
1215
if (swkey->eth.type == htons(ETH_P_IP)) {
1216
struct ovs_key_ipv4 *ipv4_key;
1217
1218
nla = nla_reserve(skb, OVS_KEY_ATTR_IPV4, sizeof(*ipv4_key));
1219
if (!nla)
1220
goto nla_put_failure;
1221
ipv4_key = nla_data(nla);
1222
ipv4_key->ipv4_src = swkey->ipv4.addr.src;
1223
ipv4_key->ipv4_dst = swkey->ipv4.addr.dst;
1224
ipv4_key->ipv4_proto = swkey->ip.proto;
1225
ipv4_key->ipv4_tos = swkey->ip.tos;
1226
ipv4_key->ipv4_ttl = swkey->ip.ttl;
1227
ipv4_key->ipv4_frag = swkey->ip.frag;
1228
} else if (swkey->eth.type == htons(ETH_P_IPV6)) {
1229
struct ovs_key_ipv6 *ipv6_key;
1230
1231
nla = nla_reserve(skb, OVS_KEY_ATTR_IPV6, sizeof(*ipv6_key));
1232
if (!nla)
1233
goto nla_put_failure;
1234
ipv6_key = nla_data(nla);
1235
memcpy(ipv6_key->ipv6_src, &swkey->ipv6.addr.src,
1236
sizeof(ipv6_key->ipv6_src));
1237
memcpy(ipv6_key->ipv6_dst, &swkey->ipv6.addr.dst,
1238
sizeof(ipv6_key->ipv6_dst));
1239
ipv6_key->ipv6_label = swkey->ipv6.label;
1240
ipv6_key->ipv6_proto = swkey->ip.proto;
1241
ipv6_key->ipv6_tclass = swkey->ip.tos;
1242
ipv6_key->ipv6_hlimit = swkey->ip.ttl;
1243
ipv6_key->ipv6_frag = swkey->ip.frag;
1244
} else if (swkey->eth.type == htons(ETH_P_ARP)) {
1245
struct ovs_key_arp *arp_key;
1246
1247
nla = nla_reserve(skb, OVS_KEY_ATTR_ARP, sizeof(*arp_key));
1248
if (!nla)
1249
goto nla_put_failure;
1250
arp_key = nla_data(nla);
1251
memset(arp_key, 0, sizeof(struct ovs_key_arp));
1252
arp_key->arp_sip = swkey->ipv4.addr.src;
1253
arp_key->arp_tip = swkey->ipv4.addr.dst;
1254
arp_key->arp_op = htons(swkey->ip.proto);
1255
memcpy(arp_key->arp_sha, swkey->ipv4.arp.sha, ETH_ALEN);
1256
memcpy(arp_key->arp_tha, swkey->ipv4.arp.tha, ETH_ALEN);
1257
}
1258
1259
if ((swkey->eth.type == htons(ETH_P_IP) ||
1260
swkey->eth.type == htons(ETH_P_IPV6)) &&
1261
swkey->ip.frag != OVS_FRAG_TYPE_LATER) {
1262
1263
if (swkey->ip.proto == IPPROTO_TCP) {
1264
struct ovs_key_tcp *tcp_key;
1265
1266
nla = nla_reserve(skb, OVS_KEY_ATTR_TCP, sizeof(*tcp_key));
1267
if (!nla)
1268
goto nla_put_failure;
1269
tcp_key = nla_data(nla);
1270
if (swkey->eth.type == htons(ETH_P_IP)) {
1271
tcp_key->tcp_src = swkey->ipv4.tp.src;
1272
tcp_key->tcp_dst = swkey->ipv4.tp.dst;
1273
} else if (swkey->eth.type == htons(ETH_P_IPV6)) {
1274
tcp_key->tcp_src = swkey->ipv6.tp.src;
1275
tcp_key->tcp_dst = swkey->ipv6.tp.dst;
1276
}
1277
} else if (swkey->ip.proto == IPPROTO_UDP) {
1278
struct ovs_key_udp *udp_key;
1279
1280
nla = nla_reserve(skb, OVS_KEY_ATTR_UDP, sizeof(*udp_key));
1281
if (!nla)
1282
goto nla_put_failure;
1283
udp_key = nla_data(nla);
1284
if (swkey->eth.type == htons(ETH_P_IP)) {
1285
udp_key->udp_src = swkey->ipv4.tp.src;
1286
udp_key->udp_dst = swkey->ipv4.tp.dst;
1287
} else if (swkey->eth.type == htons(ETH_P_IPV6)) {
1288
udp_key->udp_src = swkey->ipv6.tp.src;
1289
udp_key->udp_dst = swkey->ipv6.tp.dst;
1290
}
1291
} else if (swkey->eth.type == htons(ETH_P_IP) &&
1292
swkey->ip.proto == IPPROTO_ICMP) {
1293
struct ovs_key_icmp *icmp_key;
1294
1295
nla = nla_reserve(skb, OVS_KEY_ATTR_ICMP, sizeof(*icmp_key));
1296
if (!nla)
1297
goto nla_put_failure;
1298
icmp_key = nla_data(nla);
1299
icmp_key->icmp_type = ntohs(swkey->ipv4.tp.src);
1300
icmp_key->icmp_code = ntohs(swkey->ipv4.tp.dst);
1301
} else if (swkey->eth.type == htons(ETH_P_IPV6) &&
1302
swkey->ip.proto == IPPROTO_ICMPV6) {
1303
struct ovs_key_icmpv6 *icmpv6_key;
1304
1305
nla = nla_reserve(skb, OVS_KEY_ATTR_ICMPV6,
1306
sizeof(*icmpv6_key));
1307
if (!nla)
1308
goto nla_put_failure;
1309
icmpv6_key = nla_data(nla);
1310
icmpv6_key->icmpv6_type = ntohs(swkey->ipv6.tp.src);
1311
icmpv6_key->icmpv6_code = ntohs(swkey->ipv6.tp.dst);
1312
1313
if (icmpv6_key->icmpv6_type == NDISC_NEIGHBOUR_SOLICITATION ||
1314
icmpv6_key->icmpv6_type == NDISC_NEIGHBOUR_ADVERTISEMENT) {
1315
struct ovs_key_nd *nd_key;
1316
1317
nla = nla_reserve(skb, OVS_KEY_ATTR_ND, sizeof(*nd_key));
1318
if (!nla)
1319
goto nla_put_failure;
1320
nd_key = nla_data(nla);
1321
memcpy(nd_key->nd_target, &swkey->ipv6.nd.target,
1322
sizeof(nd_key->nd_target));
1323
memcpy(nd_key->nd_sll, swkey->ipv6.nd.sll, ETH_ALEN);
1324
memcpy(nd_key->nd_tll, swkey->ipv6.nd.tll, ETH_ALEN);
1325
}
1326
}
1327
}
1328
1329
unencap:
1330
if (encap)
1331
nla_nest_end(skb, encap);
1332
1333
return 0;
1334
1335
nla_put_failure:
1336
return -EMSGSIZE;
1337
}
1338
1339
/* Initializes the flow module.
1340
* Returns zero if successful or a negative error code. */
1341
int ovs_flow_init(void)
1342
{
1343
flow_cache = kmem_cache_create("sw_flow", sizeof(struct sw_flow), 0,
1344
0, NULL);
1345
if (flow_cache == NULL)
1346
return -ENOMEM;
1347
1348
get_random_bytes(&hash_seed, sizeof(hash_seed));
1349
1350
return 0;
1351
}
1352
1353
/* Uninitializes the flow module. */
1354
void ovs_flow_exit(void)
1355
{
1356
kmem_cache_destroy(flow_cache);
1357
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1