X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fip%2Fip6_packet.h;h=e71604ce7d3e14531442a9e352b418d2253d7019;hb=816b5d613c3a977811af0494e2d215aac6684515;hp=34bc7a8ec1ad56b85ec10371c434f1877be284ce;hpb=041add7d12217494934b651e4e38b5eab5216ddc;p=vpp.git diff --git a/src/vnet/ip/ip6_packet.h b/src/vnet/ip/ip6_packet.h index 34bc7a8ec1a..e71604ce7d3 100644 --- a/src/vnet/ip/ip6_packet.h +++ b/src/vnet/ip/ip6_packet.h @@ -40,8 +40,9 @@ #ifndef included_ip6_packet_h #define included_ip6_packet_h -#include +#include #include +#include typedef union { @@ -62,13 +63,11 @@ typedef struct } ip6_address_and_mask_t; /* Packed so that the mhash key doesn't include uninitialized pad bytes */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { /* IP address must be first for ip_interface_address_get_address() to work */ ip6_address_t ip6_addr; u32 fib_index; }) ip6_address_fib_t; -/* *INDENT-ON* */ always_inline void ip6_addr_fib_init (ip6_address_fib_t * addr_fib, @@ -313,6 +312,7 @@ typedef struct #define IP6_PACKET_TC_MASK 0x0FF00000 #define IP6_PACKET_DSCP_MASK 0x0FC00000 #define IP6_PACKET_ECN_MASK 0x00300000 +#define IP6_PACKET_FL_MASK 0x000FFFFF always_inline ip_dscp_t ip6_traffic_class (const ip6_header_t * i) @@ -368,10 +368,40 @@ ip6_set_ecn_network_order (ip6_header_t * ip6, ip_ecn_t ecn) u32 tmp = clib_net_to_host_u32 (ip6->ip_version_traffic_class_and_flow_label); tmp &= 0xffcfffff; - tmp |= (ecn << 20); + tmp |= ((0x3 & ecn) << 20); ip6->ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (tmp); } +static_always_inline u32 +ip6_flow_label_network_order (const ip6_header_t *ip6) +{ + u32 tmp = + clib_net_to_host_u32 (ip6->ip_version_traffic_class_and_flow_label); + return (tmp & 0xfffff); +} + +static_always_inline void +ip6_set_flow_label_network_order (ip6_header_t *ip6, u32 flow_label) +{ + u32 tmp = + clib_net_to_host_u32 (ip6->ip_version_traffic_class_and_flow_label); + tmp &= 0xfff00000; + tmp |= flow_label & 0x000fffff; + ip6->ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (tmp); +} + +static_always_inline u32 +ip6_hop_limit_network_order (const ip6_header_t *ip6) +{ + return (ip6->hop_limit); +} + +static_always_inline void +ip6_set_hop_limit_network_order (ip6_header_t *ip6, u8 hop_limit) +{ + ip6->hop_limit = hop_limit; +} + always_inline void * ip6_next_header (ip6_header_t * i) { @@ -393,97 +423,32 @@ ip6_copy_header (ip6_header_t * dst, const ip6_header_t * src) dst->dst_address.as_uword[1] = src->dst_address.as_uword[1]; } -always_inline void -ip6_tcp_reply_x1 (ip6_header_t * ip0, tcp_header_t * tcp0) -{ - { - ip6_address_t src0, dst0; - - src0 = ip0->src_address; - dst0 = ip0->dst_address; - ip0->src_address = dst0; - ip0->dst_address = src0; - } - - { - u16 src0, dst0; - - src0 = tcp0->src; - dst0 = tcp0->dst; - tcp0->src = dst0; - tcp0->dst = src0; - } -} - -always_inline void -ip6_tcp_reply_x2 (ip6_header_t * ip0, ip6_header_t * ip1, - tcp_header_t * tcp0, tcp_header_t * tcp1) -{ - { - ip6_address_t src0, dst0, src1, dst1; - - src0 = ip0->src_address; - src1 = ip1->src_address; - dst0 = ip0->dst_address; - dst1 = ip1->dst_address; - ip0->src_address = dst0; - ip1->src_address = dst1; - ip0->dst_address = src0; - ip1->dst_address = src1; - } - - { - u16 src0, dst0, src1, dst1; - - src0 = tcp0->src; - src1 = tcp1->src; - dst0 = tcp0->dst; - dst1 = tcp1->dst; - tcp0->src = dst0; - tcp1->src = dst1; - tcp0->dst = src0; - tcp1->dst = src1; - } -} - - -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { u8 data; }) ip6_pad1_option_t; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { u8 type; u8 len; u8 data[0]; }) ip6_padN_option_t; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { #define IP6_MLDP_ALERT_TYPE 0x5 u8 type; u8 len; u16 value; }) ip6_router_alert_option_t; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { u8 next_hdr; /* Length of this header plus option data in 8 byte units. */ u8 n_data_u64s; }) ip6_ext_header_t; -/* *INDENT-ON* */ #define foreach_ext_hdr_type \ _(IP6_HOP_BY_HOP_OPTIONS) \ _(IPV6_ROUTE) \ - _(IPV6_FRAGMENTATION) \ - _(IPSEC_ESP) \ - _(IPSEC_AH) \ _(IP6_DESTINATION_OPTIONS) \ _(MOBILITY) \ _(HIP) \ @@ -511,15 +476,70 @@ ip6_ext_hdr (u8 nexthdr) #endif } +typedef CLIB_PACKED (struct { + u8 next_hdr; + /* Length of this header plus option data in 8 byte units. */ + u8 n_data_u64s; + u8 data[0]; +}) ip6_hop_by_hop_ext_t; + +typedef CLIB_PACKED (struct { + u8 next_hdr; + u8 rsv; + u16 fragment_offset_and_more; + u32 identification; +}) ip6_frag_hdr_t; + +#define ip6_frag_hdr_offset(hdr) \ + (clib_net_to_host_u16 ((hdr)->fragment_offset_and_more) >> 3) + +#define ip6_frag_hdr_offset_bytes(hdr) (8 * ip6_frag_hdr_offset (hdr)) + +#define ip6_frag_hdr_more(hdr) \ + (clib_net_to_host_u16 ((hdr)->fragment_offset_and_more) & 0x1) + +#define ip6_frag_hdr_offset_and_more(offset, more) \ + clib_host_to_net_u16 (((offset) << 3) + !!(more)) + #define ip6_ext_header_len(p) ((((ip6_ext_header_t *)(p))->n_data_u64s+1) << 3) #define ip6_ext_authhdr_len(p) ((((ip6_ext_header_t *)(p))->n_data_u64s+2) << 2) +static inline int +ip6_ext_header_len_s (ip_protocol_t nh, void *p) +{ + if (ip6_ext_hdr (nh)) + return ip6_ext_header_len (p); + switch (nh) + { + case IP_PROTOCOL_IPSEC_AH: + return ip6_ext_authhdr_len (p); + case IP_PROTOCOL_IPV6_FRAGMENTATION: + return sizeof (ip6_frag_hdr_t); + case IP_PROTOCOL_ICMP6: + return 4; + case IP_PROTOCOL_UDP: + return 8; + case IP_PROTOCOL_TCP: + return 20; + default: /* Caller is responsible for validating the length of terminating + protocols */ + ; + } + return 0; +} + always_inline void * ip6_ext_next_header (ip6_ext_header_t * ext_hdr) { return (void *) ((u8 *) ext_hdr + ip6_ext_header_len (ext_hdr)); } +always_inline void * +ip6_ext_next_header_offset (void *hdr, u16 offset) +{ + return (hdr + offset); +} + always_inline int vlib_object_within_buffer_data (vlib_main_t * vm, vlib_buffer_t * b, void *obj, size_t len) @@ -531,153 +551,144 @@ vlib_object_within_buffer_data (vlib_main_t * vm, vlib_buffer_t * b, return 1; } -/* - * find ipv6 extension header within ipv6 header within buffer b - * - * @param vm - * @param b buffer to limit search to - * @param ip6_header ipv6 header - * @param header_type extension header type to search for - * @param[out] prev_ext_header address of header preceding found header - */ +/* Returns the number of bytes left in buffer from p. */ +static inline u32 +vlib_bytes_left_in_buffer (vlib_buffer_t *b, void *obj) +{ + return b->current_length - (((u8 *) obj - b->data) - b->current_data); +} + always_inline void * -ip6_ext_header_find (vlib_main_t * vm, vlib_buffer_t * b, - ip6_header_t * ip6_header, u8 header_type, - ip6_ext_header_t ** prev_ext_header) +ip6_ext_next_header_s (ip_protocol_t cur_nh, void *hdr, u32 max_offset, + u32 *offset, int *res_nh, bool *last) { - ip6_ext_header_t *prev = NULL; - ip6_ext_header_t *result = NULL; - if ((ip6_header)->protocol == header_type) + u16 hdrlen = 0; + int new_nh = -1; + void *res = 0; + if (ip6_ext_hdr (cur_nh)) { - result = (void *) (ip6_header + 1); - if (!vlib_object_within_buffer_data (vm, b, result, - ip6_ext_header_len (result))) - { - result = NULL; - } + hdrlen = ip6_ext_header_len (hdr); + new_nh = ((ip6_ext_header_t *) hdr)->next_hdr; + res = hdr + hdrlen; + } + else if (cur_nh == IP_PROTOCOL_IPV6_FRAGMENTATION) + { + ip6_frag_hdr_t *frag_hdr = (ip6_frag_hdr_t *) hdr; + if (ip6_frag_hdr_offset (frag_hdr) > 0) + *last = true; + new_nh = frag_hdr->next_hdr; + hdrlen = sizeof (ip6_frag_hdr_t); + res = hdr + hdrlen; + } + else if (cur_nh == IP_PROTOCOL_IPSEC_AH) + { + new_nh = ((ip6_ext_header_t *) hdr)->next_hdr; + hdrlen = ip6_ext_authhdr_len (hdr); + res = hdr + hdrlen; } else { - result = NULL; - prev = (void *) (ip6_header + 1); - while (ip6_ext_hdr (prev->next_hdr) && prev->next_hdr != header_type) - { - prev = ip6_ext_next_header (prev); - if (!vlib_object_within_buffer_data (vm, b, prev, - ip6_ext_header_len (prev))) - { - prev = NULL; - break; - } - } - if (prev && (prev->next_hdr == header_type)) - { - result = ip6_ext_next_header (prev); - if (!vlib_object_within_buffer_data (vm, b, result, - ip6_ext_header_len (result))) - { - result = NULL; - } - } + ; } - if (prev_ext_header) + + if (res && (*offset + hdrlen) >= max_offset) { - *prev_ext_header = prev; + return 0; } - return result; + *res_nh = new_nh; + *offset += hdrlen; + return res; } +#define IP6_EXT_HDR_MAX (4) /* Maximum number of headers */ +#define IP6_EXT_HDR_MAX_DEPTH (256) /* Maximum header depth */ +typedef struct +{ + int length; + struct + { + u16 protocol; + u16 offset; + } eh[IP6_EXT_HDR_MAX]; +} ip6_ext_hdr_chain_t; + /* - * walk extension headers, looking for a specific extension header and last - * extension header, calculating length of all extension headers - * - * @param vm - * @param b buffer to limit search to - * @param ip6_header ipv6 header - * @param find_hdr extension header to look for (ignored if ext_hdr is NULL) - * @param length[out] length of all extension headers - * @param ext_hdr[out] extension header of type find_hdr (may be NULL) - * @param last_ext_hdr[out] last extension header (may be NULL) + * Find ipv6 extension header within ipv6 header within + * whichever is smallest of buffer or IP6_EXT_HDR_MAX_DEPTH. + * The complete header chain must be in first buffer. * - * @return 0 on success, -1 on failure (ext headers crossing buffer boundary) + * The complete header chain (up to the terminating header) is + * returned in res. + * Returns the index of the find_hdr_type if > 0. Otherwise + * it returns the index of the last header. */ always_inline int -ip6_walk_ext_hdr (vlib_main_t * vm, vlib_buffer_t * b, - const ip6_header_t * ip6_header, u8 find_hdr, u32 * length, - ip6_ext_header_t ** ext_hdr, - ip6_ext_header_t ** last_ext_hdr) -{ - if (!ip6_ext_hdr (ip6_header->protocol)) - { - *length = 0; - *ext_hdr = NULL; - *last_ext_hdr = NULL; - return 0; - } - *length = 0; - ip6_ext_header_t *h = (void *) (ip6_header + 1); - if (!vlib_object_within_buffer_data (vm, b, h, ip6_ext_header_len (h))) +ip6_ext_header_walk (vlib_buffer_t *b, ip6_header_t *ip, int find_hdr_type, + ip6_ext_hdr_chain_t *res) +{ + int i = 0; + int found = -1; + void *next_header = ip6_next_header (ip); + int next_proto = ip->protocol; + res->length = 0; + u32 n_bytes_this_buffer = + clib_min (vlib_bytes_left_in_buffer (b, ip), IP6_EXT_HDR_MAX_DEPTH); + u32 max_offset = clib_min (n_bytes_this_buffer, + sizeof (ip6_header_t) + + clib_net_to_host_u16 (ip->payload_length)); + u32 offset = sizeof (ip6_header_t); + if ((ip6_ext_header_len_s (ip->protocol, next_header) + offset) > max_offset) { return -1; } - *length += ip6_ext_header_len (h); - *last_ext_hdr = h; - *ext_hdr = NULL; - if (ip6_header->protocol == find_hdr) + bool last = false; + while (next_header) { - *ext_hdr = h; + /* Move on to next header */ + res->eh[i].offset = offset; + res->eh[i].protocol = next_proto; + if (next_proto == find_hdr_type) + found = i; + i++; + if (last) + break; + if (i >= IP6_EXT_HDR_MAX) + break; + next_header = ip6_ext_next_header_s (next_proto, next_header, max_offset, + &offset, &next_proto, &last); } - while (ip6_ext_hdr (h->next_hdr)) + res->length = i; + if (find_hdr_type < 0) + return i - 1; + return found != -1 ? found : i - 1; +} + +always_inline void * +ip6_ext_header_find (vlib_main_t *vm, vlib_buffer_t *b, ip6_header_t *ip, + int find_hdr_type, ip6_ext_header_t **prev_ext_header) +{ + ip6_ext_hdr_chain_t hdr_chain; + int res = ip6_ext_header_walk (b, ip, find_hdr_type, &hdr_chain); + if (res < 0) + return 0; + + if (prev_ext_header) { - if (h->next_hdr == find_hdr) + if (res > 0) { - h = ip6_ext_next_header (h); - *ext_hdr = h; + *prev_ext_header = + ip6_ext_next_header_offset (ip, hdr_chain.eh[res - 1].offset); } else { - h = ip6_ext_next_header (h); - } - if (!vlib_object_within_buffer_data (vm, b, h, ip6_ext_header_len (h))) - { - return -1; + *prev_ext_header = 0; } - *length += ip6_ext_header_len (h); - *last_ext_hdr = h; } + if (find_hdr_type == hdr_chain.eh[res].protocol) + return ip6_ext_next_header_offset (ip, hdr_chain.eh[res].offset); return 0; } -/* *INDENT-OFF* */ -typedef CLIB_PACKED (struct { - u8 next_hdr; - /* Length of this header plus option data in 8 byte units. */ - u8 n_data_u64s; - u8 data[0]; -}) ip6_hop_by_hop_ext_t; -/* *INDENT-ON* */ - -/* *INDENT-OFF* */ -typedef CLIB_PACKED (struct { - u8 next_hdr; - u8 rsv; - u16 fragment_offset_and_more; - u32 identification; -}) ip6_frag_hdr_t; -/* *INDENT-ON* */ - -#define ip6_frag_hdr_offset(hdr) \ - (clib_net_to_host_u16((hdr)->fragment_offset_and_more) >> 3) - -#define ip6_frag_hdr_offset_bytes(hdr) \ - (8 * ip6_frag_hdr_offset(hdr)) - -#define ip6_frag_hdr_more(hdr) \ - (clib_net_to_host_u16((hdr)->fragment_offset_and_more) & 0x1) - -#define ip6_frag_hdr_offset_and_more(offset, more) \ - clib_host_to_net_u16(((offset) << 3) + !!(more)) - #endif /* included_ip6_packet_h */ /*