1ccb1352eSJesse Gross /* 2971427f3SAndy Zhou * Copyright (c) 2007-2014 Nicira, Inc. 3ccb1352eSJesse Gross * 4ccb1352eSJesse Gross * This program is free software; you can redistribute it and/or 5ccb1352eSJesse Gross * modify it under the terms of version 2 of the GNU General Public 6ccb1352eSJesse Gross * License as published by the Free Software Foundation. 7ccb1352eSJesse Gross * 8ccb1352eSJesse Gross * This program is distributed in the hope that it will be useful, but 9ccb1352eSJesse Gross * WITHOUT ANY WARRANTY; without even the implied warranty of 10ccb1352eSJesse Gross * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 11ccb1352eSJesse Gross * General Public License for more details. 12ccb1352eSJesse Gross * 13ccb1352eSJesse Gross * You should have received a copy of the GNU General Public License 14ccb1352eSJesse Gross * along with this program; if not, write to the Free Software 15ccb1352eSJesse Gross * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 16ccb1352eSJesse Gross * 02110-1301, USA 17ccb1352eSJesse Gross */ 18ccb1352eSJesse Gross 19ccb1352eSJesse Gross #include <linux/uaccess.h> 20ccb1352eSJesse Gross #include <linux/netdevice.h> 21ccb1352eSJesse Gross #include <linux/etherdevice.h> 22ccb1352eSJesse Gross #include <linux/if_ether.h> 23ccb1352eSJesse Gross #include <linux/if_vlan.h> 24ccb1352eSJesse Gross #include <net/llc_pdu.h> 25ccb1352eSJesse Gross #include <linux/kernel.h> 26ccb1352eSJesse Gross #include <linux/jhash.h> 27ccb1352eSJesse Gross #include <linux/jiffies.h> 28ccb1352eSJesse Gross #include <linux/llc.h> 29ccb1352eSJesse Gross #include <linux/module.h> 30ccb1352eSJesse Gross #include <linux/in.h> 31ccb1352eSJesse Gross #include <linux/rcupdate.h> 32db74a333SThadeu Lima de Souza Cascardo #include <linux/cpumask.h> 33ccb1352eSJesse Gross #include <linux/if_arp.h> 34ccb1352eSJesse Gross #include <linux/ip.h> 35ccb1352eSJesse Gross #include <linux/ipv6.h> 3625cd9ba0SSimon Horman #include <linux/mpls.h> 37a175a723SJoe Stringer #include <linux/sctp.h> 38e298e505SPravin B Shelar #include <linux/smp.h> 39ccb1352eSJesse Gross #include <linux/tcp.h> 40ccb1352eSJesse Gross #include <linux/udp.h> 41ccb1352eSJesse Gross #include <linux/icmp.h> 42ccb1352eSJesse Gross #include <linux/icmpv6.h> 43ccb1352eSJesse Gross #include <linux/rculist.h> 44ccb1352eSJesse Gross #include <net/ip.h> 457d5437c7SPravin B Shelar #include <net/ip_tunnels.h> 46ccb1352eSJesse Gross #include <net/ipv6.h> 4725cd9ba0SSimon Horman #include <net/mpls.h> 48ccb1352eSJesse Gross #include <net/ndisc.h> 49b2d0f5d5SYi Yang #include <net/nsh.h> 50ccb1352eSJesse Gross 51a581b96dSPravin B Shelar #include "conntrack.h" 5283c8df26SPravin B Shelar #include "datapath.h" 5383c8df26SPravin B Shelar #include "flow.h" 5483c8df26SPravin B Shelar #include "flow_netlink.h" 55a581b96dSPravin B Shelar #include "vport.h" 5683c8df26SPravin B Shelar 57e6445719SPravin B Shelar u64 ovs_flow_used_time(unsigned long flow_jiffies) 5803f0d916SAndy Zhou { 59*311af51dSArnd Bergmann struct timespec64 cur_ts; 60e6445719SPravin B Shelar u64 cur_ms, idle_ms; 6103f0d916SAndy Zhou 62*311af51dSArnd Bergmann ktime_get_ts64(&cur_ts); 63e6445719SPravin B Shelar idle_ms = jiffies_to_msecs(jiffies - flow_jiffies); 64*311af51dSArnd Bergmann cur_ms = (u64)(u32)cur_ts.tv_sec * MSEC_PER_SEC + 65e6445719SPravin B Shelar cur_ts.tv_nsec / NSEC_PER_MSEC; 6603f0d916SAndy Zhou 67e6445719SPravin B Shelar return cur_ms - idle_ms; 6803f0d916SAndy Zhou } 6903f0d916SAndy Zhou 70df23e9f6SJarno Rajahalme #define TCP_FLAGS_BE16(tp) (*(__be16 *)&tcp_flag_word(tp) & htons(0x0FFF)) 7103f0d916SAndy Zhou 72ad552007SBen Pfaff void ovs_flow_stats_update(struct sw_flow *flow, __be16 tcp_flags, 7312eb18f7SThomas Graf const struct sk_buff *skb) 745828cd9aSAndy Zhou { 75e298e505SPravin B Shelar struct flow_stats *stats; 76c4b2bf6bSTonghao Zhang unsigned int cpu = smp_processor_id(); 77df8a39deSJiri Pirko int len = skb->len + (skb_vlan_tag_present(skb) ? VLAN_HLEN : 0); 78e6445719SPravin B Shelar 79db74a333SThadeu Lima de Souza Cascardo stats = rcu_dereference(flow->stats[cpu]); 80e298e505SPravin B Shelar 81db74a333SThadeu Lima de Souza Cascardo /* Check if already have CPU-specific stats. */ 8263e7959cSJarno Rajahalme if (likely(stats)) { 83e298e505SPravin B Shelar spin_lock(&stats->lock); 8463e7959cSJarno Rajahalme /* Mark if we write on the pre-allocated stats. */ 85db74a333SThadeu Lima de Souza Cascardo if (cpu == 0 && unlikely(flow->stats_last_writer != cpu)) 86db74a333SThadeu Lima de Souza Cascardo flow->stats_last_writer = cpu; 8763e7959cSJarno Rajahalme } else { 8863e7959cSJarno Rajahalme stats = rcu_dereference(flow->stats[0]); /* Pre-allocated. */ 8963e7959cSJarno Rajahalme spin_lock(&stats->lock); 9063e7959cSJarno Rajahalme 91db74a333SThadeu Lima de Souza Cascardo /* If the current CPU is the only writer on the 9263e7959cSJarno Rajahalme * pre-allocated stats keep using them. 9363e7959cSJarno Rajahalme */ 94db74a333SThadeu Lima de Souza Cascardo if (unlikely(flow->stats_last_writer != cpu)) { 9563e7959cSJarno Rajahalme /* A previous locker may have already allocated the 96db74a333SThadeu Lima de Souza Cascardo * stats, so we need to check again. If CPU-specific 9763e7959cSJarno Rajahalme * stats were already allocated, we update the pre- 9863e7959cSJarno Rajahalme * allocated stats as we have already locked them. 9963e7959cSJarno Rajahalme */ 100db74a333SThadeu Lima de Souza Cascardo if (likely(flow->stats_last_writer != -1) && 101db74a333SThadeu Lima de Souza Cascardo likely(!rcu_access_pointer(flow->stats[cpu]))) { 102db74a333SThadeu Lima de Souza Cascardo /* Try to allocate CPU-specific stats. */ 10363e7959cSJarno Rajahalme struct flow_stats *new_stats; 10463e7959cSJarno Rajahalme 10563e7959cSJarno Rajahalme new_stats = 10663e7959cSJarno Rajahalme kmem_cache_alloc_node(flow_stats_cache, 1074167e9b2SDavid Rientjes GFP_NOWAIT | 1084167e9b2SDavid Rientjes __GFP_THISNODE | 1094167e9b2SDavid Rientjes __GFP_NOWARN | 11063e7959cSJarno Rajahalme __GFP_NOMEMALLOC, 111c57c054eSTonghao Zhang numa_node_id()); 11263e7959cSJarno Rajahalme if (likely(new_stats)) { 11363e7959cSJarno Rajahalme new_stats->used = jiffies; 11463e7959cSJarno Rajahalme new_stats->packet_count = 1; 11524cc59d1SBen Pfaff new_stats->byte_count = len; 11663e7959cSJarno Rajahalme new_stats->tcp_flags = tcp_flags; 11763e7959cSJarno Rajahalme spin_lock_init(&new_stats->lock); 11863e7959cSJarno Rajahalme 119db74a333SThadeu Lima de Souza Cascardo rcu_assign_pointer(flow->stats[cpu], 12063e7959cSJarno Rajahalme new_stats); 121c4b2bf6bSTonghao Zhang cpumask_set_cpu(cpu, &flow->cpu_used_mask); 12263e7959cSJarno Rajahalme goto unlock; 12363e7959cSJarno Rajahalme } 12463e7959cSJarno Rajahalme } 125db74a333SThadeu Lima de Souza Cascardo flow->stats_last_writer = cpu; 12663e7959cSJarno Rajahalme } 12763e7959cSJarno Rajahalme } 12863e7959cSJarno Rajahalme 129e298e505SPravin B Shelar stats->used = jiffies; 130e298e505SPravin B Shelar stats->packet_count++; 13124cc59d1SBen Pfaff stats->byte_count += len; 132e298e505SPravin B Shelar stats->tcp_flags |= tcp_flags; 13363e7959cSJarno Rajahalme unlock: 134e298e505SPravin B Shelar spin_unlock(&stats->lock); 135e298e505SPravin B Shelar } 136e298e505SPravin B Shelar 13786ec8dbaSJarno Rajahalme /* Must be called with rcu_read_lock or ovs_mutex. */ 13886ec8dbaSJarno Rajahalme void ovs_flow_stats_get(const struct sw_flow *flow, 13986ec8dbaSJarno Rajahalme struct ovs_flow_stats *ovs_stats, 140e298e505SPravin B Shelar unsigned long *used, __be16 *tcp_flags) 141e298e505SPravin B Shelar { 142db74a333SThadeu Lima de Souza Cascardo int cpu; 143e298e505SPravin B Shelar 144e298e505SPravin B Shelar *used = 0; 145e298e505SPravin B Shelar *tcp_flags = 0; 146e298e505SPravin B Shelar memset(ovs_stats, 0, sizeof(*ovs_stats)); 147e298e505SPravin B Shelar 148db74a333SThadeu Lima de Souza Cascardo /* We open code this to make sure cpu 0 is always considered */ 149c4b2bf6bSTonghao Zhang for (cpu = 0; cpu < nr_cpu_ids; cpu = cpumask_next(cpu, &flow->cpu_used_mask)) { 150db74a333SThadeu Lima de Souza Cascardo struct flow_stats *stats = rcu_dereference_ovsl(flow->stats[cpu]); 15123dabf88SJarno Rajahalme 15263e7959cSJarno Rajahalme if (stats) { 15363e7959cSJarno Rajahalme /* Local CPU may write on non-local stats, so we must 15463e7959cSJarno Rajahalme * block bottom-halves here. 15563e7959cSJarno Rajahalme */ 15663e7959cSJarno Rajahalme spin_lock_bh(&stats->lock); 15763e7959cSJarno Rajahalme if (!*used || time_after(stats->used, *used)) 15863e7959cSJarno Rajahalme *used = stats->used; 15963e7959cSJarno Rajahalme *tcp_flags |= stats->tcp_flags; 16063e7959cSJarno Rajahalme ovs_stats->n_packets += stats->packet_count; 16163e7959cSJarno Rajahalme ovs_stats->n_bytes += stats->byte_count; 16263e7959cSJarno Rajahalme spin_unlock_bh(&stats->lock); 1634f647e0aSFlavio Leitner } 164e298e505SPravin B Shelar } 165e298e505SPravin B Shelar } 166e298e505SPravin B Shelar 16786ec8dbaSJarno Rajahalme /* Called with ovs_mutex. */ 168e298e505SPravin B Shelar void ovs_flow_stats_clear(struct sw_flow *flow) 169e298e505SPravin B Shelar { 170db74a333SThadeu Lima de Souza Cascardo int cpu; 171e298e505SPravin B Shelar 172db74a333SThadeu Lima de Souza Cascardo /* We open code this to make sure cpu 0 is always considered */ 173c4b2bf6bSTonghao Zhang for (cpu = 0; cpu < nr_cpu_ids; cpu = cpumask_next(cpu, &flow->cpu_used_mask)) { 174db74a333SThadeu Lima de Souza Cascardo struct flow_stats *stats = ovsl_dereference(flow->stats[cpu]); 17523dabf88SJarno Rajahalme 17663e7959cSJarno Rajahalme if (stats) { 17763e7959cSJarno Rajahalme spin_lock_bh(&stats->lock); 17863e7959cSJarno Rajahalme stats->used = 0; 17963e7959cSJarno Rajahalme stats->packet_count = 0; 18063e7959cSJarno Rajahalme stats->byte_count = 0; 18163e7959cSJarno Rajahalme stats->tcp_flags = 0; 18263e7959cSJarno Rajahalme spin_unlock_bh(&stats->lock); 18363e7959cSJarno Rajahalme } 18463e7959cSJarno Rajahalme } 185e298e505SPravin B Shelar } 18603f0d916SAndy Zhou 187ccb1352eSJesse Gross static int check_header(struct sk_buff *skb, int len) 188ccb1352eSJesse Gross { 189ccb1352eSJesse Gross if (unlikely(skb->len < len)) 190ccb1352eSJesse Gross return -EINVAL; 191ccb1352eSJesse Gross if (unlikely(!pskb_may_pull(skb, len))) 192ccb1352eSJesse Gross return -ENOMEM; 193ccb1352eSJesse Gross return 0; 194ccb1352eSJesse Gross } 195ccb1352eSJesse Gross 196ccb1352eSJesse Gross static bool arphdr_ok(struct sk_buff *skb) 197ccb1352eSJesse Gross { 198ccb1352eSJesse Gross return pskb_may_pull(skb, skb_network_offset(skb) + 199ccb1352eSJesse Gross sizeof(struct arp_eth_header)); 200ccb1352eSJesse Gross } 201ccb1352eSJesse Gross 202ccb1352eSJesse Gross static int check_iphdr(struct sk_buff *skb) 203ccb1352eSJesse Gross { 204ccb1352eSJesse Gross unsigned int nh_ofs = skb_network_offset(skb); 205ccb1352eSJesse Gross unsigned int ip_len; 206ccb1352eSJesse Gross int err; 207ccb1352eSJesse Gross 208ccb1352eSJesse Gross err = check_header(skb, nh_ofs + sizeof(struct iphdr)); 209ccb1352eSJesse Gross if (unlikely(err)) 210ccb1352eSJesse Gross return err; 211ccb1352eSJesse Gross 212ccb1352eSJesse Gross ip_len = ip_hdrlen(skb); 213ccb1352eSJesse Gross if (unlikely(ip_len < sizeof(struct iphdr) || 214ccb1352eSJesse Gross skb->len < nh_ofs + ip_len)) 215ccb1352eSJesse Gross return -EINVAL; 216ccb1352eSJesse Gross 217ccb1352eSJesse Gross skb_set_transport_header(skb, nh_ofs + ip_len); 218ccb1352eSJesse Gross return 0; 219ccb1352eSJesse Gross } 220ccb1352eSJesse Gross 221ccb1352eSJesse Gross static bool tcphdr_ok(struct sk_buff *skb) 222ccb1352eSJesse Gross { 223ccb1352eSJesse Gross int th_ofs = skb_transport_offset(skb); 224ccb1352eSJesse Gross int tcp_len; 225ccb1352eSJesse Gross 226ccb1352eSJesse Gross if (unlikely(!pskb_may_pull(skb, th_ofs + sizeof(struct tcphdr)))) 227ccb1352eSJesse Gross return false; 228ccb1352eSJesse Gross 229ccb1352eSJesse Gross tcp_len = tcp_hdrlen(skb); 230ccb1352eSJesse Gross if (unlikely(tcp_len < sizeof(struct tcphdr) || 231ccb1352eSJesse Gross skb->len < th_ofs + tcp_len)) 232ccb1352eSJesse Gross return false; 233ccb1352eSJesse Gross 234ccb1352eSJesse Gross return true; 235ccb1352eSJesse Gross } 236ccb1352eSJesse Gross 237ccb1352eSJesse Gross static bool udphdr_ok(struct sk_buff *skb) 238ccb1352eSJesse Gross { 239ccb1352eSJesse Gross return pskb_may_pull(skb, skb_transport_offset(skb) + 240ccb1352eSJesse Gross sizeof(struct udphdr)); 241ccb1352eSJesse Gross } 242ccb1352eSJesse Gross 243a175a723SJoe Stringer static bool sctphdr_ok(struct sk_buff *skb) 244a175a723SJoe Stringer { 245a175a723SJoe Stringer return pskb_may_pull(skb, skb_transport_offset(skb) + 246a175a723SJoe Stringer sizeof(struct sctphdr)); 247a175a723SJoe Stringer } 248a175a723SJoe Stringer 249ccb1352eSJesse Gross static bool icmphdr_ok(struct sk_buff *skb) 250ccb1352eSJesse Gross { 251ccb1352eSJesse Gross return pskb_may_pull(skb, skb_transport_offset(skb) + 252ccb1352eSJesse Gross sizeof(struct icmphdr)); 253ccb1352eSJesse Gross } 254ccb1352eSJesse Gross 25503f0d916SAndy Zhou static int parse_ipv6hdr(struct sk_buff *skb, struct sw_flow_key *key) 256ccb1352eSJesse Gross { 257ccb1352eSJesse Gross unsigned int nh_ofs = skb_network_offset(skb); 258ccb1352eSJesse Gross unsigned int nh_len; 259ccb1352eSJesse Gross int payload_ofs; 260ccb1352eSJesse Gross struct ipv6hdr *nh; 261ccb1352eSJesse Gross uint8_t nexthdr; 262ccb1352eSJesse Gross __be16 frag_off; 263ccb1352eSJesse Gross int err; 264ccb1352eSJesse Gross 265ccb1352eSJesse Gross err = check_header(skb, nh_ofs + sizeof(*nh)); 266ccb1352eSJesse Gross if (unlikely(err)) 267ccb1352eSJesse Gross return err; 268ccb1352eSJesse Gross 269ccb1352eSJesse Gross nh = ipv6_hdr(skb); 270ccb1352eSJesse Gross nexthdr = nh->nexthdr; 271ccb1352eSJesse Gross payload_ofs = (u8 *)(nh + 1) - skb->data; 272ccb1352eSJesse Gross 273ccb1352eSJesse Gross key->ip.proto = NEXTHDR_NONE; 274ccb1352eSJesse Gross key->ip.tos = ipv6_get_dsfield(nh); 275ccb1352eSJesse Gross key->ip.ttl = nh->hop_limit; 276ccb1352eSJesse Gross key->ipv6.label = *(__be32 *)nh & htonl(IPV6_FLOWINFO_FLOWLABEL); 277ccb1352eSJesse Gross key->ipv6.addr.src = nh->saddr; 278ccb1352eSJesse Gross key->ipv6.addr.dst = nh->daddr; 279ccb1352eSJesse Gross 280ccb1352eSJesse Gross payload_ofs = ipv6_skip_exthdr(skb, payload_ofs, &nexthdr, &frag_off); 281ccb1352eSJesse Gross 282ccb1352eSJesse Gross if (frag_off) { 283ccb1352eSJesse Gross if (frag_off & htons(~0x7)) 284ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_LATER; 285ccb1352eSJesse Gross else 286ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_FIRST; 28725ef1328SPravin B Shelar } else { 28825ef1328SPravin B Shelar key->ip.frag = OVS_FRAG_TYPE_NONE; 289ccb1352eSJesse Gross } 290ccb1352eSJesse Gross 291c30da497SSimon Horman /* Delayed handling of error in ipv6_skip_exthdr() as it 292c30da497SSimon Horman * always sets frag_off to a valid value which may be 293c30da497SSimon Horman * used to set key->ip.frag above. 294c30da497SSimon Horman */ 295c30da497SSimon Horman if (unlikely(payload_ofs < 0)) 296c30da497SSimon Horman return -EPROTO; 297c30da497SSimon Horman 298ccb1352eSJesse Gross nh_len = payload_ofs - nh_ofs; 299ccb1352eSJesse Gross skb_set_transport_header(skb, nh_ofs + nh_len); 300ccb1352eSJesse Gross key->ip.proto = nexthdr; 301ccb1352eSJesse Gross return nh_len; 302ccb1352eSJesse Gross } 303ccb1352eSJesse Gross 304ccb1352eSJesse Gross static bool icmp6hdr_ok(struct sk_buff *skb) 305ccb1352eSJesse Gross { 306ccb1352eSJesse Gross return pskb_may_pull(skb, skb_transport_offset(skb) + 307ccb1352eSJesse Gross sizeof(struct icmp6hdr)); 308ccb1352eSJesse Gross } 309ccb1352eSJesse Gross 310018c1ddaSEric Garver /** 311018c1ddaSEric Garver * Parse vlan tag from vlan header. 312018c1ddaSEric Garver * Returns ERROR on memory error. 313018c1ddaSEric Garver * Returns 0 if it encounters a non-vlan or incomplete packet. 314018c1ddaSEric Garver * Returns 1 after successfully parsing vlan tag. 315018c1ddaSEric Garver */ 316df30f740Spravin shelar static int parse_vlan_tag(struct sk_buff *skb, struct vlan_head *key_vh, 317df30f740Spravin shelar bool untag_vlan) 318ccb1352eSJesse Gross { 319018c1ddaSEric Garver struct vlan_head *vh = (struct vlan_head *)skb->data; 320ccb1352eSJesse Gross 321018c1ddaSEric Garver if (likely(!eth_type_vlan(vh->tpid))) 322ccb1352eSJesse Gross return 0; 323ccb1352eSJesse Gross 324018c1ddaSEric Garver if (unlikely(skb->len < sizeof(struct vlan_head) + sizeof(__be16))) 325018c1ddaSEric Garver return 0; 326018c1ddaSEric Garver 327018c1ddaSEric Garver if (unlikely(!pskb_may_pull(skb, sizeof(struct vlan_head) + 328ccb1352eSJesse Gross sizeof(__be16)))) 329ccb1352eSJesse Gross return -ENOMEM; 330ccb1352eSJesse Gross 331018c1ddaSEric Garver vh = (struct vlan_head *)skb->data; 332018c1ddaSEric Garver key_vh->tci = vh->tci | htons(VLAN_TAG_PRESENT); 333018c1ddaSEric Garver key_vh->tpid = vh->tpid; 334018c1ddaSEric Garver 335df30f740Spravin shelar if (unlikely(untag_vlan)) { 336df30f740Spravin shelar int offset = skb->data - skb_mac_header(skb); 337df30f740Spravin shelar u16 tci; 338df30f740Spravin shelar int err; 339df30f740Spravin shelar 340df30f740Spravin shelar __skb_push(skb, offset); 341df30f740Spravin shelar err = __skb_vlan_pop(skb, &tci); 342df30f740Spravin shelar __skb_pull(skb, offset); 343df30f740Spravin shelar if (err) 344df30f740Spravin shelar return err; 345df30f740Spravin shelar __vlan_hwaccel_put_tag(skb, key_vh->tpid, tci); 346df30f740Spravin shelar } else { 347018c1ddaSEric Garver __skb_pull(skb, sizeof(struct vlan_head)); 348df30f740Spravin shelar } 349018c1ddaSEric Garver return 1; 350018c1ddaSEric Garver } 351018c1ddaSEric Garver 3525108bbadSJiri Benc static void clear_vlan(struct sw_flow_key *key) 353018c1ddaSEric Garver { 354018c1ddaSEric Garver key->eth.vlan.tci = 0; 355018c1ddaSEric Garver key->eth.vlan.tpid = 0; 356018c1ddaSEric Garver key->eth.cvlan.tci = 0; 357018c1ddaSEric Garver key->eth.cvlan.tpid = 0; 3585108bbadSJiri Benc } 3595108bbadSJiri Benc 3605108bbadSJiri Benc static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key) 3615108bbadSJiri Benc { 3625108bbadSJiri Benc int res; 363018c1ddaSEric Garver 36420ecf1e4SJiri Benc if (skb_vlan_tag_present(skb)) { 365018c1ddaSEric Garver key->eth.vlan.tci = htons(skb->vlan_tci); 366018c1ddaSEric Garver key->eth.vlan.tpid = skb->vlan_proto; 367018c1ddaSEric Garver } else { 368018c1ddaSEric Garver /* Parse outer vlan tag in the non-accelerated case. */ 369df30f740Spravin shelar res = parse_vlan_tag(skb, &key->eth.vlan, true); 370018c1ddaSEric Garver if (res <= 0) 371018c1ddaSEric Garver return res; 372018c1ddaSEric Garver } 373018c1ddaSEric Garver 374018c1ddaSEric Garver /* Parse inner vlan tag. */ 375df30f740Spravin shelar res = parse_vlan_tag(skb, &key->eth.cvlan, false); 376018c1ddaSEric Garver if (res <= 0) 377018c1ddaSEric Garver return res; 378ccb1352eSJesse Gross 379ccb1352eSJesse Gross return 0; 380ccb1352eSJesse Gross } 381ccb1352eSJesse Gross 382ccb1352eSJesse Gross static __be16 parse_ethertype(struct sk_buff *skb) 383ccb1352eSJesse Gross { 384ccb1352eSJesse Gross struct llc_snap_hdr { 385ccb1352eSJesse Gross u8 dsap; /* Always 0xAA */ 386ccb1352eSJesse Gross u8 ssap; /* Always 0xAA */ 387ccb1352eSJesse Gross u8 ctrl; 388ccb1352eSJesse Gross u8 oui[3]; 389ccb1352eSJesse Gross __be16 ethertype; 390ccb1352eSJesse Gross }; 391ccb1352eSJesse Gross struct llc_snap_hdr *llc; 392ccb1352eSJesse Gross __be16 proto; 393ccb1352eSJesse Gross 394ccb1352eSJesse Gross proto = *(__be16 *) skb->data; 395ccb1352eSJesse Gross __skb_pull(skb, sizeof(__be16)); 396ccb1352eSJesse Gross 3976713fc9bSAlexander Duyck if (eth_proto_is_802_3(proto)) 398ccb1352eSJesse Gross return proto; 399ccb1352eSJesse Gross 400ccb1352eSJesse Gross if (skb->len < sizeof(struct llc_snap_hdr)) 401ccb1352eSJesse Gross return htons(ETH_P_802_2); 402ccb1352eSJesse Gross 403ccb1352eSJesse Gross if (unlikely(!pskb_may_pull(skb, sizeof(struct llc_snap_hdr)))) 404ccb1352eSJesse Gross return htons(0); 405ccb1352eSJesse Gross 406ccb1352eSJesse Gross llc = (struct llc_snap_hdr *) skb->data; 407ccb1352eSJesse Gross if (llc->dsap != LLC_SAP_SNAP || 408ccb1352eSJesse Gross llc->ssap != LLC_SAP_SNAP || 409ccb1352eSJesse Gross (llc->oui[0] | llc->oui[1] | llc->oui[2]) != 0) 410ccb1352eSJesse Gross return htons(ETH_P_802_2); 411ccb1352eSJesse Gross 412ccb1352eSJesse Gross __skb_pull(skb, sizeof(struct llc_snap_hdr)); 41317b682a0SRich Lane 4146713fc9bSAlexander Duyck if (eth_proto_is_802_3(llc->ethertype)) 415ccb1352eSJesse Gross return llc->ethertype; 41617b682a0SRich Lane 41717b682a0SRich Lane return htons(ETH_P_802_2); 418ccb1352eSJesse Gross } 419ccb1352eSJesse Gross 420ccb1352eSJesse Gross static int parse_icmpv6(struct sk_buff *skb, struct sw_flow_key *key, 42103f0d916SAndy Zhou int nh_len) 422ccb1352eSJesse Gross { 423ccb1352eSJesse Gross struct icmp6hdr *icmp = icmp6_hdr(skb); 424ccb1352eSJesse Gross 425ccb1352eSJesse Gross /* The ICMPv6 type and code fields use the 16-bit transport port 426ccb1352eSJesse Gross * fields, so we need to store them in 16-bit network byte order. 427ccb1352eSJesse Gross */ 4281139e241SJarno Rajahalme key->tp.src = htons(icmp->icmp6_type); 4291139e241SJarno Rajahalme key->tp.dst = htons(icmp->icmp6_code); 43025ef1328SPravin B Shelar memset(&key->ipv6.nd, 0, sizeof(key->ipv6.nd)); 431ccb1352eSJesse Gross 432ccb1352eSJesse Gross if (icmp->icmp6_code == 0 && 433ccb1352eSJesse Gross (icmp->icmp6_type == NDISC_NEIGHBOUR_SOLICITATION || 434ccb1352eSJesse Gross icmp->icmp6_type == NDISC_NEIGHBOUR_ADVERTISEMENT)) { 435ccb1352eSJesse Gross int icmp_len = skb->len - skb_transport_offset(skb); 436ccb1352eSJesse Gross struct nd_msg *nd; 437ccb1352eSJesse Gross int offset; 438ccb1352eSJesse Gross 439ccb1352eSJesse Gross /* In order to process neighbor discovery options, we need the 440ccb1352eSJesse Gross * entire packet. 441ccb1352eSJesse Gross */ 442ccb1352eSJesse Gross if (unlikely(icmp_len < sizeof(*nd))) 44303f0d916SAndy Zhou return 0; 44403f0d916SAndy Zhou 44503f0d916SAndy Zhou if (unlikely(skb_linearize(skb))) 44603f0d916SAndy Zhou return -ENOMEM; 447ccb1352eSJesse Gross 448ccb1352eSJesse Gross nd = (struct nd_msg *)skb_transport_header(skb); 449ccb1352eSJesse Gross key->ipv6.nd.target = nd->target; 450ccb1352eSJesse Gross 451ccb1352eSJesse Gross icmp_len -= sizeof(*nd); 452ccb1352eSJesse Gross offset = 0; 453ccb1352eSJesse Gross while (icmp_len >= 8) { 454ccb1352eSJesse Gross struct nd_opt_hdr *nd_opt = 455ccb1352eSJesse Gross (struct nd_opt_hdr *)(nd->opt + offset); 456ccb1352eSJesse Gross int opt_len = nd_opt->nd_opt_len * 8; 457ccb1352eSJesse Gross 458ccb1352eSJesse Gross if (unlikely(!opt_len || opt_len > icmp_len)) 45903f0d916SAndy Zhou return 0; 460ccb1352eSJesse Gross 461ccb1352eSJesse Gross /* Store the link layer address if the appropriate 462ccb1352eSJesse Gross * option is provided. It is considered an error if 463ccb1352eSJesse Gross * the same link layer option is specified twice. 464ccb1352eSJesse Gross */ 465ccb1352eSJesse Gross if (nd_opt->nd_opt_type == ND_OPT_SOURCE_LL_ADDR 466ccb1352eSJesse Gross && opt_len == 8) { 467ccb1352eSJesse Gross if (unlikely(!is_zero_ether_addr(key->ipv6.nd.sll))) 468ccb1352eSJesse Gross goto invalid; 4698c63ff09SJoe Perches ether_addr_copy(key->ipv6.nd.sll, 4708c63ff09SJoe Perches &nd->opt[offset+sizeof(*nd_opt)]); 471ccb1352eSJesse Gross } else if (nd_opt->nd_opt_type == ND_OPT_TARGET_LL_ADDR 472ccb1352eSJesse Gross && opt_len == 8) { 473ccb1352eSJesse Gross if (unlikely(!is_zero_ether_addr(key->ipv6.nd.tll))) 474ccb1352eSJesse Gross goto invalid; 4758c63ff09SJoe Perches ether_addr_copy(key->ipv6.nd.tll, 4768c63ff09SJoe Perches &nd->opt[offset+sizeof(*nd_opt)]); 477ccb1352eSJesse Gross } 478ccb1352eSJesse Gross 479ccb1352eSJesse Gross icmp_len -= opt_len; 480ccb1352eSJesse Gross offset += opt_len; 481ccb1352eSJesse Gross } 482ccb1352eSJesse Gross } 483ccb1352eSJesse Gross 48403f0d916SAndy Zhou return 0; 485ccb1352eSJesse Gross 486ccb1352eSJesse Gross invalid: 487ccb1352eSJesse Gross memset(&key->ipv6.nd.target, 0, sizeof(key->ipv6.nd.target)); 488ccb1352eSJesse Gross memset(key->ipv6.nd.sll, 0, sizeof(key->ipv6.nd.sll)); 489ccb1352eSJesse Gross memset(key->ipv6.nd.tll, 0, sizeof(key->ipv6.nd.tll)); 490ccb1352eSJesse Gross 49103f0d916SAndy Zhou return 0; 492ccb1352eSJesse Gross } 493ccb1352eSJesse Gross 494b2d0f5d5SYi Yang static int parse_nsh(struct sk_buff *skb, struct sw_flow_key *key) 495b2d0f5d5SYi Yang { 496b2d0f5d5SYi Yang struct nshhdr *nh; 497b2d0f5d5SYi Yang unsigned int nh_ofs = skb_network_offset(skb); 498b2d0f5d5SYi Yang u8 version, length; 499b2d0f5d5SYi Yang int err; 500b2d0f5d5SYi Yang 501b2d0f5d5SYi Yang err = check_header(skb, nh_ofs + NSH_BASE_HDR_LEN); 502b2d0f5d5SYi Yang if (unlikely(err)) 503b2d0f5d5SYi Yang return err; 504b2d0f5d5SYi Yang 505b2d0f5d5SYi Yang nh = nsh_hdr(skb); 506b2d0f5d5SYi Yang version = nsh_get_ver(nh); 507b2d0f5d5SYi Yang length = nsh_hdr_len(nh); 508b2d0f5d5SYi Yang 509b2d0f5d5SYi Yang if (version != 0) 510b2d0f5d5SYi Yang return -EINVAL; 511b2d0f5d5SYi Yang 512b2d0f5d5SYi Yang err = check_header(skb, nh_ofs + length); 513b2d0f5d5SYi Yang if (unlikely(err)) 514b2d0f5d5SYi Yang return err; 515b2d0f5d5SYi Yang 516b2d0f5d5SYi Yang nh = nsh_hdr(skb); 517b2d0f5d5SYi Yang key->nsh.base.flags = nsh_get_flags(nh); 518b2d0f5d5SYi Yang key->nsh.base.ttl = nsh_get_ttl(nh); 519b2d0f5d5SYi Yang key->nsh.base.mdtype = nh->mdtype; 520b2d0f5d5SYi Yang key->nsh.base.np = nh->np; 521b2d0f5d5SYi Yang key->nsh.base.path_hdr = nh->path_hdr; 522b2d0f5d5SYi Yang switch (key->nsh.base.mdtype) { 523b2d0f5d5SYi Yang case NSH_M_TYPE1: 524b2d0f5d5SYi Yang if (length != NSH_M_TYPE1_LEN) 525b2d0f5d5SYi Yang return -EINVAL; 526b2d0f5d5SYi Yang memcpy(key->nsh.context, nh->md1.context, 527b2d0f5d5SYi Yang sizeof(nh->md1)); 528b2d0f5d5SYi Yang break; 529b2d0f5d5SYi Yang case NSH_M_TYPE2: 530b2d0f5d5SYi Yang memset(key->nsh.context, 0, 531b2d0f5d5SYi Yang sizeof(nh->md1)); 532b2d0f5d5SYi Yang break; 533b2d0f5d5SYi Yang default: 534b2d0f5d5SYi Yang return -EINVAL; 535b2d0f5d5SYi Yang } 536b2d0f5d5SYi Yang 537b2d0f5d5SYi Yang return 0; 538b2d0f5d5SYi Yang } 539b2d0f5d5SYi Yang 540ccb1352eSJesse Gross /** 54183c8df26SPravin B Shelar * key_extract - extracts a flow key from an Ethernet frame. 542ccb1352eSJesse Gross * @skb: sk_buff that contains the frame, with skb->data pointing to the 543ccb1352eSJesse Gross * Ethernet header 544ccb1352eSJesse Gross * @key: output flow key 545ccb1352eSJesse Gross * 546ccb1352eSJesse Gross * The caller must ensure that skb->len >= ETH_HLEN. 547ccb1352eSJesse Gross * 548ccb1352eSJesse Gross * Returns 0 if successful, otherwise a negative errno value. 549ccb1352eSJesse Gross * 5505108bbadSJiri Benc * Initializes @skb header fields as follows: 551ccb1352eSJesse Gross * 5525108bbadSJiri Benc * - skb->mac_header: the L2 header. 553ccb1352eSJesse Gross * 5545108bbadSJiri Benc * - skb->network_header: just past the L2 header, or just past the 5555108bbadSJiri Benc * VLAN header, to the first byte of the L2 payload. 556ccb1352eSJesse Gross * 55734d94f21SLorand Jakab * - skb->transport_header: If key->eth.type is ETH_P_IP or ETH_P_IPV6 558ccb1352eSJesse Gross * on output, then just past the IP header, if one is present and 559ccb1352eSJesse Gross * of a correct length, otherwise the same as skb->network_header. 56034d94f21SLorand Jakab * For other key->eth.type values it is left untouched. 5615108bbadSJiri Benc * 5625108bbadSJiri Benc * - skb->protocol: the type of the data starting at skb->network_header. 5635108bbadSJiri Benc * Equals to key->eth.type. 564ccb1352eSJesse Gross */ 56583c8df26SPravin B Shelar static int key_extract(struct sk_buff *skb, struct sw_flow_key *key) 566ccb1352eSJesse Gross { 56703f0d916SAndy Zhou int error; 568ccb1352eSJesse Gross struct ethhdr *eth; 569ccb1352eSJesse Gross 570f5796684SJesse Gross /* Flags are always used as part of stats */ 571f5796684SJesse Gross key->tp.flags = 0; 572f5796684SJesse Gross 573ccb1352eSJesse Gross skb_reset_mac_header(skb); 574ccb1352eSJesse Gross 5755108bbadSJiri Benc /* Link layer. */ 5765108bbadSJiri Benc clear_vlan(key); 5776f56f618SYi-Hung Wei if (ovs_key_mac_proto(key) == MAC_PROTO_NONE) { 5785108bbadSJiri Benc if (unlikely(eth_type_vlan(skb->protocol))) 5795108bbadSJiri Benc return -EINVAL; 5805108bbadSJiri Benc 5815108bbadSJiri Benc skb_reset_network_header(skb); 5825108bbadSJiri Benc } else { 583ccb1352eSJesse Gross eth = eth_hdr(skb); 5848c63ff09SJoe Perches ether_addr_copy(key->eth.src, eth->h_source); 5858c63ff09SJoe Perches ether_addr_copy(key->eth.dst, eth->h_dest); 586ccb1352eSJesse Gross 587ccb1352eSJesse Gross __skb_pull(skb, 2 * ETH_ALEN); 588b34df5e8SPravin B Shelar /* We are going to push all headers that we pull, so no need to 589b34df5e8SPravin B Shelar * update skb->csum here. 590b34df5e8SPravin B Shelar */ 591ccb1352eSJesse Gross 592ccb1352eSJesse Gross if (unlikely(parse_vlan(skb, key))) 593ccb1352eSJesse Gross return -ENOMEM; 594ccb1352eSJesse Gross 5955108bbadSJiri Benc skb->protocol = parse_ethertype(skb); 5965108bbadSJiri Benc if (unlikely(skb->protocol == htons(0))) 597ccb1352eSJesse Gross return -ENOMEM; 598ccb1352eSJesse Gross 599ccb1352eSJesse Gross skb_reset_network_header(skb); 600ccb1352eSJesse Gross __skb_push(skb, skb->data - skb_mac_header(skb)); 6015108bbadSJiri Benc } 6025108bbadSJiri Benc skb_reset_mac_len(skb); 6035108bbadSJiri Benc key->eth.type = skb->protocol; 604ccb1352eSJesse Gross 605ccb1352eSJesse Gross /* Network layer. */ 606ccb1352eSJesse Gross if (key->eth.type == htons(ETH_P_IP)) { 607ccb1352eSJesse Gross struct iphdr *nh; 608ccb1352eSJesse Gross __be16 offset; 609ccb1352eSJesse Gross 610ccb1352eSJesse Gross error = check_iphdr(skb); 611ccb1352eSJesse Gross if (unlikely(error)) { 61207148121SJesse Gross memset(&key->ip, 0, sizeof(key->ip)); 61307148121SJesse Gross memset(&key->ipv4, 0, sizeof(key->ipv4)); 614ccb1352eSJesse Gross if (error == -EINVAL) { 615ccb1352eSJesse Gross skb->transport_header = skb->network_header; 616ccb1352eSJesse Gross error = 0; 617ccb1352eSJesse Gross } 61803f0d916SAndy Zhou return error; 619ccb1352eSJesse Gross } 620ccb1352eSJesse Gross 621ccb1352eSJesse Gross nh = ip_hdr(skb); 622ccb1352eSJesse Gross key->ipv4.addr.src = nh->saddr; 623ccb1352eSJesse Gross key->ipv4.addr.dst = nh->daddr; 624ccb1352eSJesse Gross 625ccb1352eSJesse Gross key->ip.proto = nh->protocol; 626ccb1352eSJesse Gross key->ip.tos = nh->tos; 627ccb1352eSJesse Gross key->ip.ttl = nh->ttl; 628ccb1352eSJesse Gross 629ccb1352eSJesse Gross offset = nh->frag_off & htons(IP_OFFSET); 630ccb1352eSJesse Gross if (offset) { 631ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_LATER; 63203f0d916SAndy Zhou return 0; 633ccb1352eSJesse Gross } 6340c19f846SWillem de Bruijn if (nh->frag_off & htons(IP_MF) || 6350c19f846SWillem de Bruijn skb_shinfo(skb)->gso_type & SKB_GSO_UDP) 636ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_FIRST; 63707148121SJesse Gross else 63807148121SJesse Gross key->ip.frag = OVS_FRAG_TYPE_NONE; 639ccb1352eSJesse Gross 640ccb1352eSJesse Gross /* Transport layer. */ 641ccb1352eSJesse Gross if (key->ip.proto == IPPROTO_TCP) { 642ccb1352eSJesse Gross if (tcphdr_ok(skb)) { 643ccb1352eSJesse Gross struct tcphdr *tcp = tcp_hdr(skb); 6441139e241SJarno Rajahalme key->tp.src = tcp->source; 6451139e241SJarno Rajahalme key->tp.dst = tcp->dest; 6461139e241SJarno Rajahalme key->tp.flags = TCP_FLAGS_BE16(tcp); 64707148121SJesse Gross } else { 64807148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 649ccb1352eSJesse Gross } 65007148121SJesse Gross 651ccb1352eSJesse Gross } else if (key->ip.proto == IPPROTO_UDP) { 652ccb1352eSJesse Gross if (udphdr_ok(skb)) { 653ccb1352eSJesse Gross struct udphdr *udp = udp_hdr(skb); 6541139e241SJarno Rajahalme key->tp.src = udp->source; 6551139e241SJarno Rajahalme key->tp.dst = udp->dest; 65607148121SJesse Gross } else { 65707148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 658ccb1352eSJesse Gross } 659a175a723SJoe Stringer } else if (key->ip.proto == IPPROTO_SCTP) { 660a175a723SJoe Stringer if (sctphdr_ok(skb)) { 661a175a723SJoe Stringer struct sctphdr *sctp = sctp_hdr(skb); 6621139e241SJarno Rajahalme key->tp.src = sctp->source; 6631139e241SJarno Rajahalme key->tp.dst = sctp->dest; 66407148121SJesse Gross } else { 66507148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 666a175a723SJoe Stringer } 667ccb1352eSJesse Gross } else if (key->ip.proto == IPPROTO_ICMP) { 668ccb1352eSJesse Gross if (icmphdr_ok(skb)) { 669ccb1352eSJesse Gross struct icmphdr *icmp = icmp_hdr(skb); 670ccb1352eSJesse Gross /* The ICMP type and code fields use the 16-bit 671ccb1352eSJesse Gross * transport port fields, so we need to store 672ccb1352eSJesse Gross * them in 16-bit network byte order. */ 6731139e241SJarno Rajahalme key->tp.src = htons(icmp->type); 6741139e241SJarno Rajahalme key->tp.dst = htons(icmp->code); 67507148121SJesse Gross } else { 67607148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 677ccb1352eSJesse Gross } 678ccb1352eSJesse Gross } 679ccb1352eSJesse Gross 68007148121SJesse Gross } else if (key->eth.type == htons(ETH_P_ARP) || 68107148121SJesse Gross key->eth.type == htons(ETH_P_RARP)) { 682ccb1352eSJesse Gross struct arp_eth_header *arp; 683389f4894SLi RongQing bool arp_available = arphdr_ok(skb); 684ccb1352eSJesse Gross 685ccb1352eSJesse Gross arp = (struct arp_eth_header *)skb_network_header(skb); 686ccb1352eSJesse Gross 687389f4894SLi RongQing if (arp_available && 68807148121SJesse Gross arp->ar_hrd == htons(ARPHRD_ETHER) && 68907148121SJesse Gross arp->ar_pro == htons(ETH_P_IP) && 69007148121SJesse Gross arp->ar_hln == ETH_ALEN && 69107148121SJesse Gross arp->ar_pln == 4) { 692ccb1352eSJesse Gross 693ccb1352eSJesse Gross /* We only match on the lower 8 bits of the opcode. */ 694ccb1352eSJesse Gross if (ntohs(arp->ar_op) <= 0xff) 695ccb1352eSJesse Gross key->ip.proto = ntohs(arp->ar_op); 69607148121SJesse Gross else 69707148121SJesse Gross key->ip.proto = 0; 69807148121SJesse Gross 699ccb1352eSJesse Gross memcpy(&key->ipv4.addr.src, arp->ar_sip, sizeof(key->ipv4.addr.src)); 700ccb1352eSJesse Gross memcpy(&key->ipv4.addr.dst, arp->ar_tip, sizeof(key->ipv4.addr.dst)); 7018c63ff09SJoe Perches ether_addr_copy(key->ipv4.arp.sha, arp->ar_sha); 7028c63ff09SJoe Perches ether_addr_copy(key->ipv4.arp.tha, arp->ar_tha); 70307148121SJesse Gross } else { 70407148121SJesse Gross memset(&key->ip, 0, sizeof(key->ip)); 70507148121SJesse Gross memset(&key->ipv4, 0, sizeof(key->ipv4)); 706ccb1352eSJesse Gross } 70725cd9ba0SSimon Horman } else if (eth_p_mpls(key->eth.type)) { 70825cd9ba0SSimon Horman size_t stack_len = MPLS_HLEN; 70925cd9ba0SSimon Horman 710f7d49bceSJiri Benc skb_set_inner_network_header(skb, skb->mac_len); 71125cd9ba0SSimon Horman while (1) { 71225cd9ba0SSimon Horman __be32 lse; 71325cd9ba0SSimon Horman 71425cd9ba0SSimon Horman error = check_header(skb, skb->mac_len + stack_len); 71525cd9ba0SSimon Horman if (unlikely(error)) 71625cd9ba0SSimon Horman return 0; 71725cd9ba0SSimon Horman 718f7d49bceSJiri Benc memcpy(&lse, skb_inner_network_header(skb), MPLS_HLEN); 71925cd9ba0SSimon Horman 72025cd9ba0SSimon Horman if (stack_len == MPLS_HLEN) 72125cd9ba0SSimon Horman memcpy(&key->mpls.top_lse, &lse, MPLS_HLEN); 72225cd9ba0SSimon Horman 723f7d49bceSJiri Benc skb_set_inner_network_header(skb, skb->mac_len + stack_len); 72425cd9ba0SSimon Horman if (lse & htonl(MPLS_LS_S_MASK)) 72525cd9ba0SSimon Horman break; 72625cd9ba0SSimon Horman 72725cd9ba0SSimon Horman stack_len += MPLS_HLEN; 72825cd9ba0SSimon Horman } 729ccb1352eSJesse Gross } else if (key->eth.type == htons(ETH_P_IPV6)) { 730ccb1352eSJesse Gross int nh_len; /* IPv6 Header + Extensions */ 731ccb1352eSJesse Gross 73203f0d916SAndy Zhou nh_len = parse_ipv6hdr(skb, key); 733ccb1352eSJesse Gross if (unlikely(nh_len < 0)) { 734c30da497SSimon Horman switch (nh_len) { 735c30da497SSimon Horman case -EINVAL: 73607148121SJesse Gross memset(&key->ip, 0, sizeof(key->ip)); 73707148121SJesse Gross memset(&key->ipv6.addr, 0, sizeof(key->ipv6.addr)); 738c30da497SSimon Horman /* fall-through */ 739c30da497SSimon Horman case -EPROTO: 740ccb1352eSJesse Gross skb->transport_header = skb->network_header; 74103f0d916SAndy Zhou error = 0; 742c30da497SSimon Horman break; 743c30da497SSimon Horman default: 744ccb1352eSJesse Gross error = nh_len; 74503f0d916SAndy Zhou } 74603f0d916SAndy Zhou return error; 747ccb1352eSJesse Gross } 748ccb1352eSJesse Gross 749ccb1352eSJesse Gross if (key->ip.frag == OVS_FRAG_TYPE_LATER) 75003f0d916SAndy Zhou return 0; 7510c19f846SWillem de Bruijn if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP) 7520c19f846SWillem de Bruijn key->ip.frag = OVS_FRAG_TYPE_FIRST; 7530c19f846SWillem de Bruijn 754ccb1352eSJesse Gross /* Transport layer. */ 755ccb1352eSJesse Gross if (key->ip.proto == NEXTHDR_TCP) { 756ccb1352eSJesse Gross if (tcphdr_ok(skb)) { 757ccb1352eSJesse Gross struct tcphdr *tcp = tcp_hdr(skb); 7581139e241SJarno Rajahalme key->tp.src = tcp->source; 7591139e241SJarno Rajahalme key->tp.dst = tcp->dest; 7601139e241SJarno Rajahalme key->tp.flags = TCP_FLAGS_BE16(tcp); 76107148121SJesse Gross } else { 76207148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 763ccb1352eSJesse Gross } 764ccb1352eSJesse Gross } else if (key->ip.proto == NEXTHDR_UDP) { 765ccb1352eSJesse Gross if (udphdr_ok(skb)) { 766ccb1352eSJesse Gross struct udphdr *udp = udp_hdr(skb); 7671139e241SJarno Rajahalme key->tp.src = udp->source; 7681139e241SJarno Rajahalme key->tp.dst = udp->dest; 76907148121SJesse Gross } else { 77007148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 771ccb1352eSJesse Gross } 772a175a723SJoe Stringer } else if (key->ip.proto == NEXTHDR_SCTP) { 773a175a723SJoe Stringer if (sctphdr_ok(skb)) { 774a175a723SJoe Stringer struct sctphdr *sctp = sctp_hdr(skb); 7751139e241SJarno Rajahalme key->tp.src = sctp->source; 7761139e241SJarno Rajahalme key->tp.dst = sctp->dest; 77707148121SJesse Gross } else { 77807148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 779a175a723SJoe Stringer } 780ccb1352eSJesse Gross } else if (key->ip.proto == NEXTHDR_ICMP) { 781ccb1352eSJesse Gross if (icmp6hdr_ok(skb)) { 78203f0d916SAndy Zhou error = parse_icmpv6(skb, key, nh_len); 78303f0d916SAndy Zhou if (error) 78403f0d916SAndy Zhou return error; 78507148121SJesse Gross } else { 78607148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 787ccb1352eSJesse Gross } 788ccb1352eSJesse Gross } 789b2d0f5d5SYi Yang } else if (key->eth.type == htons(ETH_P_NSH)) { 790b2d0f5d5SYi Yang error = parse_nsh(skb, key); 791b2d0f5d5SYi Yang if (error) 792b2d0f5d5SYi Yang return error; 793ccb1352eSJesse Gross } 79403f0d916SAndy Zhou return 0; 795ccb1352eSJesse Gross } 79683c8df26SPravin B Shelar 797971427f3SAndy Zhou int ovs_flow_key_update(struct sk_buff *skb, struct sw_flow_key *key) 798971427f3SAndy Zhou { 7996f56f618SYi-Hung Wei int res; 8006f56f618SYi-Hung Wei 8016f56f618SYi-Hung Wei res = key_extract(skb, key); 8026f56f618SYi-Hung Wei if (!res) 8036f56f618SYi-Hung Wei key->mac_proto &= ~SW_FLOW_KEY_INVALID; 8046f56f618SYi-Hung Wei 8056f56f618SYi-Hung Wei return res; 806971427f3SAndy Zhou } 807971427f3SAndy Zhou 8085108bbadSJiri Benc static int key_extract_mac_proto(struct sk_buff *skb) 8095108bbadSJiri Benc { 8105108bbadSJiri Benc switch (skb->dev->type) { 8115108bbadSJiri Benc case ARPHRD_ETHER: 8125108bbadSJiri Benc return MAC_PROTO_ETHERNET; 8135108bbadSJiri Benc case ARPHRD_NONE: 8145108bbadSJiri Benc if (skb->protocol == htons(ETH_P_TEB)) 8155108bbadSJiri Benc return MAC_PROTO_ETHERNET; 8165108bbadSJiri Benc return MAC_PROTO_NONE; 8175108bbadSJiri Benc } 8185108bbadSJiri Benc WARN_ON_ONCE(1); 8195108bbadSJiri Benc return -EINVAL; 8205108bbadSJiri Benc } 8215108bbadSJiri Benc 8221d8fff90SThomas Graf int ovs_flow_key_extract(const struct ip_tunnel_info *tun_info, 8238c8b1b83SPravin B Shelar struct sk_buff *skb, struct sw_flow_key *key) 82483c8df26SPravin B Shelar { 8259dd7f890SJarno Rajahalme int res, err; 8265108bbadSJiri Benc 82783c8df26SPravin B Shelar /* Extract metadata from packet. */ 828f5796684SJesse Gross if (tun_info) { 82900a93babSJiri Benc key->tun_proto = ip_tunnel_info_af(tun_info); 8301d8fff90SThomas Graf memcpy(&key->tun_key, &tun_info->key, sizeof(key->tun_key)); 831f5796684SJesse Gross 8324c222798SPravin B Shelar if (tun_info->options_len) { 833f5796684SJesse Gross BUILD_BUG_ON((1 << (sizeof(tun_info->options_len) * 834f5796684SJesse Gross 8)) - 1 835f5796684SJesse Gross > sizeof(key->tun_opts)); 8364c222798SPravin B Shelar 8374c222798SPravin B Shelar ip_tunnel_info_opts_get(TUN_METADATA_OPTS(key, tun_info->options_len), 8384c222798SPravin B Shelar tun_info); 839f5796684SJesse Gross key->tun_opts_len = tun_info->options_len; 840f5796684SJesse Gross } else { 841f5796684SJesse Gross key->tun_opts_len = 0; 842f5796684SJesse Gross } 843f5796684SJesse Gross } else { 84400a93babSJiri Benc key->tun_proto = 0; 845f5796684SJesse Gross key->tun_opts_len = 0; 84607148121SJesse Gross memset(&key->tun_key, 0, sizeof(key->tun_key)); 847f5796684SJesse Gross } 84883c8df26SPravin B Shelar 84983c8df26SPravin B Shelar key->phy.priority = skb->priority; 85083c8df26SPravin B Shelar key->phy.in_port = OVS_CB(skb)->input_vport->port_no; 85183c8df26SPravin B Shelar key->phy.skb_mark = skb->mark; 85207148121SJesse Gross key->ovs_flow_hash = 0; 8535108bbadSJiri Benc res = key_extract_mac_proto(skb); 8545108bbadSJiri Benc if (res < 0) 8555108bbadSJiri Benc return res; 8565108bbadSJiri Benc key->mac_proto = res; 85707148121SJesse Gross key->recirc_id = 0; 85807148121SJesse Gross 8599dd7f890SJarno Rajahalme err = key_extract(skb, key); 8609dd7f890SJarno Rajahalme if (!err) 8619dd7f890SJarno Rajahalme ovs_ct_fill_key(skb, key); /* Must be after key_extract(). */ 8629dd7f890SJarno Rajahalme return err; 86383c8df26SPravin B Shelar } 86483c8df26SPravin B Shelar 865c2ac6673SJoe Stringer int ovs_flow_key_extract_userspace(struct net *net, const struct nlattr *attr, 86683c8df26SPravin B Shelar struct sk_buff *skb, 86705da5898SJarno Rajahalme struct sw_flow_key *key, bool log) 86883c8df26SPravin B Shelar { 8699dd7f890SJarno Rajahalme const struct nlattr *a[OVS_KEY_ATTR_MAX + 1]; 8709dd7f890SJarno Rajahalme u64 attrs = 0; 87183c8df26SPravin B Shelar int err; 87283c8df26SPravin B Shelar 8739dd7f890SJarno Rajahalme err = parse_flow_nlattrs(attr, a, &attrs, log); 8749dd7f890SJarno Rajahalme if (err) 8759dd7f890SJarno Rajahalme return -EINVAL; 8769dd7f890SJarno Rajahalme 87783c8df26SPravin B Shelar /* Extract metadata from netlink attributes. */ 8789dd7f890SJarno Rajahalme err = ovs_nla_get_flow_metadata(net, a, attrs, key, log); 87983c8df26SPravin B Shelar if (err) 88083c8df26SPravin B Shelar return err; 88183c8df26SPravin B Shelar 8825108bbadSJiri Benc /* key_extract assumes that skb->protocol is set-up for 8835108bbadSJiri Benc * layer 3 packets which is the case for other callers, 884df30f740Spravin shelar * in particular packets received from the network stack. 8855108bbadSJiri Benc * Here the correct value can be set from the metadata 8865108bbadSJiri Benc * extracted above. 887df30f740Spravin shelar * For L2 packet key eth type would be zero. skb protocol 888df30f740Spravin shelar * would be set to correct value later during key-extact. 8895108bbadSJiri Benc */ 890df30f740Spravin shelar 8915108bbadSJiri Benc skb->protocol = key->eth.type; 8929dd7f890SJarno Rajahalme err = key_extract(skb, key); 8939dd7f890SJarno Rajahalme if (err) 8949dd7f890SJarno Rajahalme return err; 8959dd7f890SJarno Rajahalme 8969dd7f890SJarno Rajahalme /* Check that we have conntrack original direction tuple metadata only 8979dd7f890SJarno Rajahalme * for packets for which it makes sense. Otherwise the key may be 8989dd7f890SJarno Rajahalme * corrupted due to overlapping key fields. 8999dd7f890SJarno Rajahalme */ 9009dd7f890SJarno Rajahalme if (attrs & (1 << OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4) && 9019dd7f890SJarno Rajahalme key->eth.type != htons(ETH_P_IP)) 9029dd7f890SJarno Rajahalme return -EINVAL; 9039dd7f890SJarno Rajahalme if (attrs & (1 << OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV6) && 9049dd7f890SJarno Rajahalme (key->eth.type != htons(ETH_P_IPV6) || 9059dd7f890SJarno Rajahalme sw_flow_key_is_nd(key))) 9069dd7f890SJarno Rajahalme return -EINVAL; 9079dd7f890SJarno Rajahalme 9089dd7f890SJarno Rajahalme return 0; 90983c8df26SPravin B Shelar } 910