xref: /linux/net/core/flow_dissector.c (revision d96caf61ace778b56ab189caaf2b2294101878a9) 
1 #include <linux/skbuff.h>
2 #include <linux/export.h>
3 #include <linux/ip.h>
4 #include <linux/ipv6.h>
5 #include <linux/if_vlan.h>
6 #include <net/ip.h>
7 #include <net/ipv6.h>
8 #include <linux/igmp.h>
9 #include <linux/icmp.h>
10 #include <linux/sctp.h>
11 #include <linux/dccp.h>
12 #include <linux/if_tunnel.h>
13 #include <linux/if_pppox.h>
14 #include <linux/ppp_defs.h>
15 #include <net/flow_keys.h>
16 
17 /* copy saddr & daddr, possibly using 64bit load/store
18  * Equivalent to :	flow->src = iph->saddr;
19  *			flow->dst = iph->daddr;
20  */
21 static void iph_to_flow_copy_addrs(struct flow_keys *flow, const struct iphdr *iph)
22 {
23 	BUILD_BUG_ON(offsetof(typeof(*flow), dst) !=
24 		     offsetof(typeof(*flow), src) + sizeof(flow->src));
25 	memcpy(&flow->src, &iph->saddr, sizeof(flow->src) + sizeof(flow->dst));
26 }
27 
28 /**
29  * skb_flow_get_ports - extract the upper layer ports and return them
30  * @skb: buffer to extract the ports from
31  * @thoff: transport header offset
32  * @ip_proto: protocol for which to get port offset
33  *
34  * The function will try to retrieve the ports at offset thoff + poff where poff
35  * is the protocol port offset returned from proto_ports_offset
36  */
37 __be32 skb_flow_get_ports(const struct sk_buff *skb, int thoff, u8 ip_proto)
38 {
39 	int poff = proto_ports_offset(ip_proto);
40 
41 	if (poff >= 0) {
42 		__be32 *ports, _ports;
43 
44 		ports = skb_header_pointer(skb, thoff + poff,
45 					   sizeof(_ports), &_ports);
46 		if (ports)
47 			return *ports;
48 	}
49 
50 	return 0;
51 }
52 EXPORT_SYMBOL(skb_flow_get_ports);
53 
54 bool skb_flow_dissect(const struct sk_buff *skb, struct flow_keys *flow)
55 {
56 	int nhoff = skb_network_offset(skb);
57 	u8 ip_proto;
58 	__be16 proto = skb->protocol;
59 
60 	memset(flow, 0, sizeof(*flow));
61 
62 again:
63 	switch (proto) {
64 	case __constant_htons(ETH_P_IP): {
65 		const struct iphdr *iph;
66 		struct iphdr _iph;
67 ip:
68 		iph = skb_header_pointer(skb, nhoff, sizeof(_iph), &_iph);
69 		if (!iph)
70 			return false;
71 
72 		if (ip_is_fragment(iph))
73 			ip_proto = 0;
74 		else
75 			ip_proto = iph->protocol;
76 		iph_to_flow_copy_addrs(flow, iph);
77 		nhoff += iph->ihl * 4;
78 		break;
79 	}
80 	case __constant_htons(ETH_P_IPV6): {
81 		const struct ipv6hdr *iph;
82 		struct ipv6hdr _iph;
83 ipv6:
84 		iph = skb_header_pointer(skb, nhoff, sizeof(_iph), &_iph);
85 		if (!iph)
86 			return false;
87 
88 		ip_proto = iph->nexthdr;
89 		flow->src = (__force __be32)ipv6_addr_hash(&iph->saddr);
90 		flow->dst = (__force __be32)ipv6_addr_hash(&iph->daddr);
91 		nhoff += sizeof(struct ipv6hdr);
92 		break;
93 	}
94 	case __constant_htons(ETH_P_8021AD):
95 	case __constant_htons(ETH_P_8021Q): {
96 		const struct vlan_hdr *vlan;
97 		struct vlan_hdr _vlan;
98 
99 		vlan = skb_header_pointer(skb, nhoff, sizeof(_vlan), &_vlan);
100 		if (!vlan)
101 			return false;
102 
103 		proto = vlan->h_vlan_encapsulated_proto;
104 		nhoff += sizeof(*vlan);
105 		goto again;
106 	}
107 	case __constant_htons(ETH_P_PPP_SES): {
108 		struct {
109 			struct pppoe_hdr hdr;
110 			__be16 proto;
111 		} *hdr, _hdr;
112 		hdr = skb_header_pointer(skb, nhoff, sizeof(_hdr), &_hdr);
113 		if (!hdr)
114 			return false;
115 		proto = hdr->proto;
116 		nhoff += PPPOE_SES_HLEN;
117 		switch (proto) {
118 		case __constant_htons(PPP_IP):
119 			goto ip;
120 		case __constant_htons(PPP_IPV6):
121 			goto ipv6;
122 		default:
123 			return false;
124 		}
125 	}
126 	default:
127 		return false;
128 	}
129 
130 	switch (ip_proto) {
131 	case IPPROTO_GRE: {
132 		struct gre_hdr {
133 			__be16 flags;
134 			__be16 proto;
135 		} *hdr, _hdr;
136 
137 		hdr = skb_header_pointer(skb, nhoff, sizeof(_hdr), &_hdr);
138 		if (!hdr)
139 			return false;
140 		/*
141 		 * Only look inside GRE if version zero and no
142 		 * routing
143 		 */
144 		if (!(hdr->flags & (GRE_VERSION|GRE_ROUTING))) {
145 			proto = hdr->proto;
146 			nhoff += 4;
147 			if (hdr->flags & GRE_CSUM)
148 				nhoff += 4;
149 			if (hdr->flags & GRE_KEY)
150 				nhoff += 4;
151 			if (hdr->flags & GRE_SEQ)
152 				nhoff += 4;
153 			if (proto == htons(ETH_P_TEB)) {
154 				const struct ethhdr *eth;
155 				struct ethhdr _eth;
156 
157 				eth = skb_header_pointer(skb, nhoff,
158 							 sizeof(_eth), &_eth);
159 				if (!eth)
160 					return false;
161 				proto = eth->h_proto;
162 				nhoff += sizeof(*eth);
163 			}
164 			goto again;
165 		}
166 		break;
167 	}
168 	case IPPROTO_IPIP:
169 		proto = htons(ETH_P_IP);
170 		goto ip;
171 	case IPPROTO_IPV6:
172 		proto = htons(ETH_P_IPV6);
173 		goto ipv6;
174 	default:
175 		break;
176 	}
177 
178 	flow->ip_proto = ip_proto;
179 	flow->ports = skb_flow_get_ports(skb, nhoff, ip_proto);
180 	flow->thoff = (u16) nhoff;
181 
182 	return true;
183 }
184 EXPORT_SYMBOL(skb_flow_dissect);
185 
186 static u32 hashrnd __read_mostly;
187 
188 /*
189  * __skb_get_rxhash: calculate a flow hash based on src/dst addresses
190  * and src/dst port numbers.  Sets rxhash in skb to non-zero hash value
191  * on success, zero indicates no valid hash.  Also, sets l4_rxhash in skb
192  * if hash is a canonical 4-tuple hash over transport ports.
193  */
194 void __skb_get_rxhash(struct sk_buff *skb)
195 {
196 	struct flow_keys keys;
197 	u32 hash;
198 
199 	if (!skb_flow_dissect(skb, &keys))
200 		return;
201 
202 	if (keys.ports)
203 		skb->l4_rxhash = 1;
204 
205 	/* get a consistent hash (same value on both flow directions) */
206 	if (((__force u32)keys.dst < (__force u32)keys.src) ||
207 	    (((__force u32)keys.dst == (__force u32)keys.src) &&
208 	     ((__force u16)keys.port16[1] < (__force u16)keys.port16[0]))) {
209 		swap(keys.dst, keys.src);
210 		swap(keys.port16[0], keys.port16[1]);
211 	}
212 
213 	hash = jhash_3words((__force u32)keys.dst,
214 			    (__force u32)keys.src,
215 			    (__force u32)keys.ports, hashrnd);
216 	if (!hash)
217 		hash = 1;
218 
219 	skb->rxhash = hash;
220 }
221 EXPORT_SYMBOL(__skb_get_rxhash);
222 
223 /*
224  * Returns a Tx hash based on the given packet descriptor a Tx queues' number
225  * to be used as a distribution range.
226  */
227 u16 __skb_tx_hash(const struct net_device *dev, const struct sk_buff *skb,
228 		  unsigned int num_tx_queues)
229 {
230 	u32 hash;
231 	u16 qoffset = 0;
232 	u16 qcount = num_tx_queues;
233 
234 	if (skb_rx_queue_recorded(skb)) {
235 		hash = skb_get_rx_queue(skb);
236 		while (unlikely(hash >= num_tx_queues))
237 			hash -= num_tx_queues;
238 		return hash;
239 	}
240 
241 	if (dev->num_tc) {
242 		u8 tc = netdev_get_prio_tc_map(dev, skb->priority);
243 		qoffset = dev->tc_to_txq[tc].offset;
244 		qcount = dev->tc_to_txq[tc].count;
245 	}
246 
247 	if (skb->sk && skb->sk->sk_hash)
248 		hash = skb->sk->sk_hash;
249 	else
250 		hash = (__force u16) skb->protocol;
251 	hash = jhash_1word(hash, hashrnd);
252 
253 	return (u16) (((u64) hash * qcount) >> 32) + qoffset;
254 }
255 EXPORT_SYMBOL(__skb_tx_hash);
256 
257 /* __skb_get_poff() returns the offset to the payload as far as it could
258  * be dissected. The main user is currently BPF, so that we can dynamically
259  * truncate packets without needing to push actual payload to the user
260  * space and can analyze headers only, instead.
261  */
262 u32 __skb_get_poff(const struct sk_buff *skb)
263 {
264 	struct flow_keys keys;
265 	u32 poff = 0;
266 
267 	if (!skb_flow_dissect(skb, &keys))
268 		return 0;
269 
270 	poff += keys.thoff;
271 	switch (keys.ip_proto) {
272 	case IPPROTO_TCP: {
273 		const struct tcphdr *tcph;
274 		struct tcphdr _tcph;
275 
276 		tcph = skb_header_pointer(skb, poff, sizeof(_tcph), &_tcph);
277 		if (!tcph)
278 			return poff;
279 
280 		poff += max_t(u32, sizeof(struct tcphdr), tcph->doff * 4);
281 		break;
282 	}
283 	case IPPROTO_UDP:
284 	case IPPROTO_UDPLITE:
285 		poff += sizeof(struct udphdr);
286 		break;
287 	/* For the rest, we do not really care about header
288 	 * extensions at this point for now.
289 	 */
290 	case IPPROTO_ICMP:
291 		poff += sizeof(struct icmphdr);
292 		break;
293 	case IPPROTO_ICMPV6:
294 		poff += sizeof(struct icmp6hdr);
295 		break;
296 	case IPPROTO_IGMP:
297 		poff += sizeof(struct igmphdr);
298 		break;
299 	case IPPROTO_DCCP:
300 		poff += sizeof(struct dccp_hdr);
301 		break;
302 	case IPPROTO_SCTP:
303 		poff += sizeof(struct sctphdr);
304 		break;
305 	}
306 
307 	return poff;
308 }
309 
310 static inline u16 dev_cap_txqueue(struct net_device *dev, u16 queue_index)
311 {
312 	if (unlikely(queue_index >= dev->real_num_tx_queues)) {
313 		net_warn_ratelimited("%s selects TX queue %d, but real number of TX queues is %d\n",
314 				     dev->name, queue_index,
315 				     dev->real_num_tx_queues);
316 		return 0;
317 	}
318 	return queue_index;
319 }
320 
321 static inline int get_xps_queue(struct net_device *dev, struct sk_buff *skb)
322 {
323 #ifdef CONFIG_XPS
324 	struct xps_dev_maps *dev_maps;
325 	struct xps_map *map;
326 	int queue_index = -1;
327 
328 	rcu_read_lock();
329 	dev_maps = rcu_dereference(dev->xps_maps);
330 	if (dev_maps) {
331 		map = rcu_dereference(
332 		    dev_maps->cpu_map[raw_smp_processor_id()]);
333 		if (map) {
334 			if (map->len == 1)
335 				queue_index = map->queues[0];
336 			else {
337 				u32 hash;
338 				if (skb->sk && skb->sk->sk_hash)
339 					hash = skb->sk->sk_hash;
340 				else
341 					hash = (__force u16) skb->protocol ^
342 					    skb->rxhash;
343 				hash = jhash_1word(hash, hashrnd);
344 				queue_index = map->queues[
345 				    ((u64)hash * map->len) >> 32];
346 			}
347 			if (unlikely(queue_index >= dev->real_num_tx_queues))
348 				queue_index = -1;
349 		}
350 	}
351 	rcu_read_unlock();
352 
353 	return queue_index;
354 #else
355 	return -1;
356 #endif
357 }
358 
359 u16 __netdev_pick_tx(struct net_device *dev, struct sk_buff *skb)
360 {
361 	struct sock *sk = skb->sk;
362 	int queue_index = sk_tx_queue_get(sk);
363 
364 	if (queue_index < 0 || skb->ooo_okay ||
365 	    queue_index >= dev->real_num_tx_queues) {
366 		int new_index = get_xps_queue(dev, skb);
367 		if (new_index < 0)
368 			new_index = skb_tx_hash(dev, skb);
369 
370 		if (queue_index != new_index && sk &&
371 		    rcu_access_pointer(sk->sk_dst_cache))
372 			sk_tx_queue_set(sk, new_index);
373 
374 		queue_index = new_index;
375 	}
376 
377 	return queue_index;
378 }
379 EXPORT_SYMBOL(__netdev_pick_tx);
380 
381 struct netdev_queue *netdev_pick_tx(struct net_device *dev,
382 				    struct sk_buff *skb)
383 {
384 	int queue_index = 0;
385 
386 	if (dev->real_num_tx_queues != 1) {
387 		const struct net_device_ops *ops = dev->netdev_ops;
388 		if (ops->ndo_select_queue)
389 			queue_index = ops->ndo_select_queue(dev, skb);
390 		else
391 			queue_index = __netdev_pick_tx(dev, skb);
392 		queue_index = dev_cap_txqueue(dev, queue_index);
393 	}
394 
395 	skb_set_queue_mapping(skb, queue_index);
396 	return netdev_get_tx_queue(dev, queue_index);
397 }
398 
399 static int __init initialize_hashrnd(void)
400 {
401 	get_random_bytes(&hashrnd, sizeof(hashrnd));
402 	return 0;
403 }
404 
405 late_initcall_sync(initialize_hashrnd);
406