1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _NET_FLOW_DISSECTOR_H
3 #define _NET_FLOW_DISSECTOR_H
4 
5 #include <linux/types.h>
6 #include <linux/in6.h>
7 #include <uapi/linux/if_ether.h>
8 
9 /**
10  * struct flow_dissector_key_control:
11  * @thoff: Transport header offset
12  */
13 struct flow_dissector_key_control {
14 	u16	thoff;
15 	u16	addr_type;
16 	u32	flags;
17 };
18 
19 #define FLOW_DIS_IS_FRAGMENT	BIT(0)
20 #define FLOW_DIS_FIRST_FRAG	BIT(1)
21 #define FLOW_DIS_ENCAPSULATION	BIT(2)
22 
23 enum flow_dissect_ret {
24 	FLOW_DISSECT_RET_OUT_GOOD,
25 	FLOW_DISSECT_RET_OUT_BAD,
26 	FLOW_DISSECT_RET_PROTO_AGAIN,
27 	FLOW_DISSECT_RET_IPPROTO_AGAIN,
28 	FLOW_DISSECT_RET_CONTINUE,
29 };
30 
31 /**
32  * struct flow_dissector_key_basic:
33  * @thoff: Transport header offset
34  * @n_proto: Network header protocol (eg. IPv4/IPv6)
35  * @ip_proto: Transport header protocol (eg. TCP/UDP)
36  */
37 struct flow_dissector_key_basic {
38 	__be16	n_proto;
39 	u8	ip_proto;
40 	u8	padding;
41 };
42 
43 struct flow_dissector_key_tags {
44 	u32	flow_label;
45 };
46 
47 struct flow_dissector_key_vlan {
48 	u16	vlan_id:12,
49 		vlan_priority:3;
50 	__be16	vlan_tpid;
51 };
52 
53 struct flow_dissector_key_mpls {
54 	u32	mpls_ttl:8,
55 		mpls_bos:1,
56 		mpls_tc:3,
57 		mpls_label:20;
58 };
59 
60 #define FLOW_DIS_TUN_OPTS_MAX 255
61 /**
62  * struct flow_dissector_key_enc_opts:
63  * @data: tunnel option data
64  * @len: length of tunnel option data
65  * @dst_opt_type: tunnel option type
66  */
67 struct flow_dissector_key_enc_opts {
68 	u8 data[FLOW_DIS_TUN_OPTS_MAX];	/* Using IP_TUNNEL_OPTS_MAX is desired
69 					 * here but seems difficult to #include
70 					 */
71 	u8 len;
72 	__be16 dst_opt_type;
73 };
74 
75 struct flow_dissector_key_keyid {
76 	__be32	keyid;
77 };
78 
79 /**
80  * struct flow_dissector_key_ipv4_addrs:
81  * @src: source ip address
82  * @dst: destination ip address
83  */
84 struct flow_dissector_key_ipv4_addrs {
85 	/* (src,dst) must be grouped, in the same way than in IP header */
86 	__be32 src;
87 	__be32 dst;
88 };
89 
90 /**
91  * struct flow_dissector_key_ipv6_addrs:
92  * @src: source ip address
93  * @dst: destination ip address
94  */
95 struct flow_dissector_key_ipv6_addrs {
96 	/* (src,dst) must be grouped, in the same way than in IP header */
97 	struct in6_addr src;
98 	struct in6_addr dst;
99 };
100 
101 /**
102  * struct flow_dissector_key_tipc:
103  * @key: source node address combined with selector
104  */
105 struct flow_dissector_key_tipc {
106 	__be32 key;
107 };
108 
109 /**
110  * struct flow_dissector_key_addrs:
111  * @v4addrs: IPv4 addresses
112  * @v6addrs: IPv6 addresses
113  */
114 struct flow_dissector_key_addrs {
115 	union {
116 		struct flow_dissector_key_ipv4_addrs v4addrs;
117 		struct flow_dissector_key_ipv6_addrs v6addrs;
118 		struct flow_dissector_key_tipc tipckey;
119 	};
120 };
121 
122 /**
123  * flow_dissector_key_arp:
124  *	@ports: Operation, source and target addresses for an ARP header
125  *              for Ethernet hardware addresses and IPv4 protocol addresses
126  *		sip: Sender IP address
127  *		tip: Target IP address
128  *		op:  Operation
129  *		sha: Sender hardware address
130  *		tpa: Target hardware address
131  */
132 struct flow_dissector_key_arp {
133 	__u32 sip;
134 	__u32 tip;
135 	__u8 op;
136 	unsigned char sha[ETH_ALEN];
137 	unsigned char tha[ETH_ALEN];
138 };
139 
140 /**
141  * flow_dissector_key_tp_ports:
142  *	@ports: port numbers of Transport header
143  *		src: source port number
144  *		dst: destination port number
145  */
146 struct flow_dissector_key_ports {
147 	union {
148 		__be32 ports;
149 		struct {
150 			__be16 src;
151 			__be16 dst;
152 		};
153 	};
154 };
155 
156 /**
157  * flow_dissector_key_icmp:
158  *	@ports: type and code of ICMP header
159  *		icmp: ICMP type (high) and code (low)
160  *		type: ICMP type
161  *		code: ICMP code
162  */
163 struct flow_dissector_key_icmp {
164 	union {
165 		__be16 icmp;
166 		struct {
167 			u8 type;
168 			u8 code;
169 		};
170 	};
171 };
172 
173 /**
174  * struct flow_dissector_key_eth_addrs:
175  * @src: source Ethernet address
176  * @dst: destination Ethernet address
177  */
178 struct flow_dissector_key_eth_addrs {
179 	/* (dst,src) must be grouped, in the same way than in ETH header */
180 	unsigned char dst[ETH_ALEN];
181 	unsigned char src[ETH_ALEN];
182 };
183 
184 /**
185  * struct flow_dissector_key_tcp:
186  * @flags: flags
187  */
188 struct flow_dissector_key_tcp {
189 	__be16 flags;
190 };
191 
192 /**
193  * struct flow_dissector_key_ip:
194  * @tos: tos
195  * @ttl: ttl
196  */
197 struct flow_dissector_key_ip {
198 	__u8	tos;
199 	__u8	ttl;
200 };
201 
202 enum flow_dissector_key_id {
203 	FLOW_DISSECTOR_KEY_CONTROL, /* struct flow_dissector_key_control */
204 	FLOW_DISSECTOR_KEY_BASIC, /* struct flow_dissector_key_basic */
205 	FLOW_DISSECTOR_KEY_IPV4_ADDRS, /* struct flow_dissector_key_ipv4_addrs */
206 	FLOW_DISSECTOR_KEY_IPV6_ADDRS, /* struct flow_dissector_key_ipv6_addrs */
207 	FLOW_DISSECTOR_KEY_PORTS, /* struct flow_dissector_key_ports */
208 	FLOW_DISSECTOR_KEY_ICMP, /* struct flow_dissector_key_icmp */
209 	FLOW_DISSECTOR_KEY_ETH_ADDRS, /* struct flow_dissector_key_eth_addrs */
210 	FLOW_DISSECTOR_KEY_TIPC, /* struct flow_dissector_key_tipc */
211 	FLOW_DISSECTOR_KEY_ARP, /* struct flow_dissector_key_arp */
212 	FLOW_DISSECTOR_KEY_VLAN, /* struct flow_dissector_key_flow_vlan */
213 	FLOW_DISSECTOR_KEY_FLOW_LABEL, /* struct flow_dissector_key_flow_tags */
214 	FLOW_DISSECTOR_KEY_GRE_KEYID, /* struct flow_dissector_key_keyid */
215 	FLOW_DISSECTOR_KEY_MPLS_ENTROPY, /* struct flow_dissector_key_keyid */
216 	FLOW_DISSECTOR_KEY_ENC_KEYID, /* struct flow_dissector_key_keyid */
217 	FLOW_DISSECTOR_KEY_ENC_IPV4_ADDRS, /* struct flow_dissector_key_ipv4_addrs */
218 	FLOW_DISSECTOR_KEY_ENC_IPV6_ADDRS, /* struct flow_dissector_key_ipv6_addrs */
219 	FLOW_DISSECTOR_KEY_ENC_CONTROL, /* struct flow_dissector_key_control */
220 	FLOW_DISSECTOR_KEY_ENC_PORTS, /* struct flow_dissector_key_ports */
221 	FLOW_DISSECTOR_KEY_MPLS, /* struct flow_dissector_key_mpls */
222 	FLOW_DISSECTOR_KEY_TCP, /* struct flow_dissector_key_tcp */
223 	FLOW_DISSECTOR_KEY_IP, /* struct flow_dissector_key_ip */
224 	FLOW_DISSECTOR_KEY_CVLAN, /* struct flow_dissector_key_flow_vlan */
225 	FLOW_DISSECTOR_KEY_ENC_IP, /* struct flow_dissector_key_ip */
226 	FLOW_DISSECTOR_KEY_ENC_OPTS, /* struct flow_dissector_key_enc_opts */
227 
228 	FLOW_DISSECTOR_KEY_MAX,
229 };
230 
231 #define FLOW_DISSECTOR_F_PARSE_1ST_FRAG		BIT(0)
232 #define FLOW_DISSECTOR_F_STOP_AT_L3		BIT(1)
233 #define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL	BIT(2)
234 #define FLOW_DISSECTOR_F_STOP_AT_ENCAP		BIT(3)
235 
236 struct flow_dissector_key {
237 	enum flow_dissector_key_id key_id;
238 	size_t offset; /* offset of struct flow_dissector_key_*
239 			  in target the struct */
240 };
241 
242 struct flow_dissector {
243 	unsigned int used_keys; /* each bit repesents presence of one key id */
244 	unsigned short int offset[FLOW_DISSECTOR_KEY_MAX];
245 };
246 
247 struct flow_keys_basic {
248 	struct flow_dissector_key_control control;
249 	struct flow_dissector_key_basic basic;
250 };
251 
252 struct flow_keys {
253 	struct flow_dissector_key_control control;
254 #define FLOW_KEYS_HASH_START_FIELD basic
255 	struct flow_dissector_key_basic basic;
256 	struct flow_dissector_key_tags tags;
257 	struct flow_dissector_key_vlan vlan;
258 	struct flow_dissector_key_vlan cvlan;
259 	struct flow_dissector_key_keyid keyid;
260 	struct flow_dissector_key_ports ports;
261 	struct flow_dissector_key_addrs addrs;
262 };
263 
264 #define FLOW_KEYS_HASH_OFFSET		\
265 	offsetof(struct flow_keys, FLOW_KEYS_HASH_START_FIELD)
266 
267 __be32 flow_get_u32_src(const struct flow_keys *flow);
268 __be32 flow_get_u32_dst(const struct flow_keys *flow);
269 
270 extern struct flow_dissector flow_keys_dissector;
271 extern struct flow_dissector flow_keys_basic_dissector;
272 
273 /* struct flow_keys_digest:
274  *
275  * This structure is used to hold a digest of the full flow keys. This is a
276  * larger "hash" of a flow to allow definitively matching specific flows where
277  * the 32 bit skb->hash is not large enough. The size is limited to 16 bytes so
278  * that it can be used in CB of skb (see sch_choke for an example).
279  */
280 #define FLOW_KEYS_DIGEST_LEN	16
281 struct flow_keys_digest {
282 	u8	data[FLOW_KEYS_DIGEST_LEN];
283 };
284 
285 void make_flow_keys_digest(struct flow_keys_digest *digest,
286 			   const struct flow_keys *flow);
287 
flow_keys_have_l4(const struct flow_keys * keys)288 static inline bool flow_keys_have_l4(const struct flow_keys *keys)
289 {
290 	return (keys->ports.ports || keys->tags.flow_label);
291 }
292 
293 u32 flow_hash_from_keys(struct flow_keys *keys);
294 
dissector_uses_key(const struct flow_dissector * flow_dissector,enum flow_dissector_key_id key_id)295 static inline bool dissector_uses_key(const struct flow_dissector *flow_dissector,
296 				      enum flow_dissector_key_id key_id)
297 {
298 	return flow_dissector->used_keys & (1 << key_id);
299 }
300 
skb_flow_dissector_target(struct flow_dissector * flow_dissector,enum flow_dissector_key_id key_id,void * target_container)301 static inline void *skb_flow_dissector_target(struct flow_dissector *flow_dissector,
302 					      enum flow_dissector_key_id key_id,
303 					      void *target_container)
304 {
305 	return ((char *)target_container) + flow_dissector->offset[key_id];
306 }
307 
308 #endif
309