1ccb1352eSJesse Gross /* 2971427f3SAndy Zhou * Copyright (c) 2007-2014 Nicira, Inc. 3ccb1352eSJesse Gross * 4ccb1352eSJesse Gross * This program is free software; you can redistribute it and/or 5ccb1352eSJesse Gross * modify it under the terms of version 2 of the GNU General Public 6ccb1352eSJesse Gross * License as published by the Free Software Foundation. 7ccb1352eSJesse Gross * 8ccb1352eSJesse Gross * This program is distributed in the hope that it will be useful, but 9ccb1352eSJesse Gross * WITHOUT ANY WARRANTY; without even the implied warranty of 10ccb1352eSJesse Gross * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 11ccb1352eSJesse Gross * General Public License for more details. 12ccb1352eSJesse Gross * 13ccb1352eSJesse Gross * You should have received a copy of the GNU General Public License 14ccb1352eSJesse Gross * along with this program; if not, write to the Free Software 15ccb1352eSJesse Gross * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 16ccb1352eSJesse Gross * 02110-1301, USA 17ccb1352eSJesse Gross */ 18ccb1352eSJesse Gross 19ccb1352eSJesse Gross #include <linux/uaccess.h> 20ccb1352eSJesse Gross #include <linux/netdevice.h> 21ccb1352eSJesse Gross #include <linux/etherdevice.h> 22ccb1352eSJesse Gross #include <linux/if_ether.h> 23ccb1352eSJesse Gross #include <linux/if_vlan.h> 24ccb1352eSJesse Gross #include <net/llc_pdu.h> 25ccb1352eSJesse Gross #include <linux/kernel.h> 26ccb1352eSJesse Gross #include <linux/jhash.h> 27ccb1352eSJesse Gross #include <linux/jiffies.h> 28ccb1352eSJesse Gross #include <linux/llc.h> 29ccb1352eSJesse Gross #include <linux/module.h> 30ccb1352eSJesse Gross #include <linux/in.h> 31ccb1352eSJesse Gross #include <linux/rcupdate.h> 32db74a333SThadeu Lima de Souza Cascardo #include <linux/cpumask.h> 33ccb1352eSJesse Gross #include <linux/if_arp.h> 34ccb1352eSJesse Gross #include <linux/ip.h> 35ccb1352eSJesse Gross #include <linux/ipv6.h> 3625cd9ba0SSimon Horman #include <linux/mpls.h> 37a175a723SJoe Stringer #include <linux/sctp.h> 38e298e505SPravin B Shelar #include <linux/smp.h> 39ccb1352eSJesse Gross #include <linux/tcp.h> 40ccb1352eSJesse Gross #include <linux/udp.h> 41ccb1352eSJesse Gross #include <linux/icmp.h> 42ccb1352eSJesse Gross #include <linux/icmpv6.h> 43ccb1352eSJesse Gross #include <linux/rculist.h> 44ccb1352eSJesse Gross #include <net/ip.h> 457d5437c7SPravin B Shelar #include <net/ip_tunnels.h> 46ccb1352eSJesse Gross #include <net/ipv6.h> 4725cd9ba0SSimon Horman #include <net/mpls.h> 48ccb1352eSJesse Gross #include <net/ndisc.h> 49b2d0f5d5SYi Yang #include <net/nsh.h> 50ccb1352eSJesse Gross 51a581b96dSPravin B Shelar #include "conntrack.h" 5283c8df26SPravin B Shelar #include "datapath.h" 5383c8df26SPravin B Shelar #include "flow.h" 5483c8df26SPravin B Shelar #include "flow_netlink.h" 55a581b96dSPravin B Shelar #include "vport.h" 5683c8df26SPravin B Shelar 57e6445719SPravin B Shelar u64 ovs_flow_used_time(unsigned long flow_jiffies) 5803f0d916SAndy Zhou { 59311af51dSArnd Bergmann struct timespec64 cur_ts; 60e6445719SPravin B Shelar u64 cur_ms, idle_ms; 6103f0d916SAndy Zhou 62311af51dSArnd Bergmann ktime_get_ts64(&cur_ts); 63e6445719SPravin B Shelar idle_ms = jiffies_to_msecs(jiffies - flow_jiffies); 64311af51dSArnd Bergmann cur_ms = (u64)(u32)cur_ts.tv_sec * MSEC_PER_SEC + 65e6445719SPravin B Shelar cur_ts.tv_nsec / NSEC_PER_MSEC; 6603f0d916SAndy Zhou 67e6445719SPravin B Shelar return cur_ms - idle_ms; 6803f0d916SAndy Zhou } 6903f0d916SAndy Zhou 70df23e9f6SJarno Rajahalme #define TCP_FLAGS_BE16(tp) (*(__be16 *)&tcp_flag_word(tp) & htons(0x0FFF)) 7103f0d916SAndy Zhou 72ad552007SBen Pfaff void ovs_flow_stats_update(struct sw_flow *flow, __be16 tcp_flags, 7312eb18f7SThomas Graf const struct sk_buff *skb) 745828cd9aSAndy Zhou { 75e298e505SPravin B Shelar struct flow_stats *stats; 76c4b2bf6bSTonghao Zhang unsigned int cpu = smp_processor_id(); 77df8a39deSJiri Pirko int len = skb->len + (skb_vlan_tag_present(skb) ? VLAN_HLEN : 0); 78e6445719SPravin B Shelar 79db74a333SThadeu Lima de Souza Cascardo stats = rcu_dereference(flow->stats[cpu]); 80e298e505SPravin B Shelar 81db74a333SThadeu Lima de Souza Cascardo /* Check if already have CPU-specific stats. */ 8263e7959cSJarno Rajahalme if (likely(stats)) { 83e298e505SPravin B Shelar spin_lock(&stats->lock); 8463e7959cSJarno Rajahalme /* Mark if we write on the pre-allocated stats. */ 85db74a333SThadeu Lima de Souza Cascardo if (cpu == 0 && unlikely(flow->stats_last_writer != cpu)) 86db74a333SThadeu Lima de Souza Cascardo flow->stats_last_writer = cpu; 8763e7959cSJarno Rajahalme } else { 8863e7959cSJarno Rajahalme stats = rcu_dereference(flow->stats[0]); /* Pre-allocated. */ 8963e7959cSJarno Rajahalme spin_lock(&stats->lock); 9063e7959cSJarno Rajahalme 91db74a333SThadeu Lima de Souza Cascardo /* If the current CPU is the only writer on the 9263e7959cSJarno Rajahalme * pre-allocated stats keep using them. 9363e7959cSJarno Rajahalme */ 94db74a333SThadeu Lima de Souza Cascardo if (unlikely(flow->stats_last_writer != cpu)) { 9563e7959cSJarno Rajahalme /* A previous locker may have already allocated the 96db74a333SThadeu Lima de Souza Cascardo * stats, so we need to check again. If CPU-specific 9763e7959cSJarno Rajahalme * stats were already allocated, we update the pre- 9863e7959cSJarno Rajahalme * allocated stats as we have already locked them. 9963e7959cSJarno Rajahalme */ 100db74a333SThadeu Lima de Souza Cascardo if (likely(flow->stats_last_writer != -1) && 101db74a333SThadeu Lima de Souza Cascardo likely(!rcu_access_pointer(flow->stats[cpu]))) { 102db74a333SThadeu Lima de Souza Cascardo /* Try to allocate CPU-specific stats. */ 10363e7959cSJarno Rajahalme struct flow_stats *new_stats; 10463e7959cSJarno Rajahalme 10563e7959cSJarno Rajahalme new_stats = 10663e7959cSJarno Rajahalme kmem_cache_alloc_node(flow_stats_cache, 1074167e9b2SDavid Rientjes GFP_NOWAIT | 1084167e9b2SDavid Rientjes __GFP_THISNODE | 1094167e9b2SDavid Rientjes __GFP_NOWARN | 11063e7959cSJarno Rajahalme __GFP_NOMEMALLOC, 111c57c054eSTonghao Zhang numa_node_id()); 11263e7959cSJarno Rajahalme if (likely(new_stats)) { 11363e7959cSJarno Rajahalme new_stats->used = jiffies; 11463e7959cSJarno Rajahalme new_stats->packet_count = 1; 11524cc59d1SBen Pfaff new_stats->byte_count = len; 11663e7959cSJarno Rajahalme new_stats->tcp_flags = tcp_flags; 11763e7959cSJarno Rajahalme spin_lock_init(&new_stats->lock); 11863e7959cSJarno Rajahalme 119db74a333SThadeu Lima de Souza Cascardo rcu_assign_pointer(flow->stats[cpu], 12063e7959cSJarno Rajahalme new_stats); 121c4b2bf6bSTonghao Zhang cpumask_set_cpu(cpu, &flow->cpu_used_mask); 12263e7959cSJarno Rajahalme goto unlock; 12363e7959cSJarno Rajahalme } 12463e7959cSJarno Rajahalme } 125db74a333SThadeu Lima de Souza Cascardo flow->stats_last_writer = cpu; 12663e7959cSJarno Rajahalme } 12763e7959cSJarno Rajahalme } 12863e7959cSJarno Rajahalme 129e298e505SPravin B Shelar stats->used = jiffies; 130e298e505SPravin B Shelar stats->packet_count++; 13124cc59d1SBen Pfaff stats->byte_count += len; 132e298e505SPravin B Shelar stats->tcp_flags |= tcp_flags; 13363e7959cSJarno Rajahalme unlock: 134e298e505SPravin B Shelar spin_unlock(&stats->lock); 135e298e505SPravin B Shelar } 136e298e505SPravin B Shelar 13786ec8dbaSJarno Rajahalme /* Must be called with rcu_read_lock or ovs_mutex. */ 13886ec8dbaSJarno Rajahalme void ovs_flow_stats_get(const struct sw_flow *flow, 13986ec8dbaSJarno Rajahalme struct ovs_flow_stats *ovs_stats, 140e298e505SPravin B Shelar unsigned long *used, __be16 *tcp_flags) 141e298e505SPravin B Shelar { 142db74a333SThadeu Lima de Souza Cascardo int cpu; 143e298e505SPravin B Shelar 144e298e505SPravin B Shelar *used = 0; 145e298e505SPravin B Shelar *tcp_flags = 0; 146e298e505SPravin B Shelar memset(ovs_stats, 0, sizeof(*ovs_stats)); 147e298e505SPravin B Shelar 148db74a333SThadeu Lima de Souza Cascardo /* We open code this to make sure cpu 0 is always considered */ 149c4b2bf6bSTonghao Zhang for (cpu = 0; cpu < nr_cpu_ids; cpu = cpumask_next(cpu, &flow->cpu_used_mask)) { 150db74a333SThadeu Lima de Souza Cascardo struct flow_stats *stats = rcu_dereference_ovsl(flow->stats[cpu]); 15123dabf88SJarno Rajahalme 15263e7959cSJarno Rajahalme if (stats) { 15363e7959cSJarno Rajahalme /* Local CPU may write on non-local stats, so we must 15463e7959cSJarno Rajahalme * block bottom-halves here. 15563e7959cSJarno Rajahalme */ 15663e7959cSJarno Rajahalme spin_lock_bh(&stats->lock); 15763e7959cSJarno Rajahalme if (!*used || time_after(stats->used, *used)) 15863e7959cSJarno Rajahalme *used = stats->used; 15963e7959cSJarno Rajahalme *tcp_flags |= stats->tcp_flags; 16063e7959cSJarno Rajahalme ovs_stats->n_packets += stats->packet_count; 16163e7959cSJarno Rajahalme ovs_stats->n_bytes += stats->byte_count; 16263e7959cSJarno Rajahalme spin_unlock_bh(&stats->lock); 1634f647e0aSFlavio Leitner } 164e298e505SPravin B Shelar } 165e298e505SPravin B Shelar } 166e298e505SPravin B Shelar 16786ec8dbaSJarno Rajahalme /* Called with ovs_mutex. */ 168e298e505SPravin B Shelar void ovs_flow_stats_clear(struct sw_flow *flow) 169e298e505SPravin B Shelar { 170db74a333SThadeu Lima de Souza Cascardo int cpu; 171e298e505SPravin B Shelar 172db74a333SThadeu Lima de Souza Cascardo /* We open code this to make sure cpu 0 is always considered */ 173c4b2bf6bSTonghao Zhang for (cpu = 0; cpu < nr_cpu_ids; cpu = cpumask_next(cpu, &flow->cpu_used_mask)) { 174db74a333SThadeu Lima de Souza Cascardo struct flow_stats *stats = ovsl_dereference(flow->stats[cpu]); 17523dabf88SJarno Rajahalme 17663e7959cSJarno Rajahalme if (stats) { 17763e7959cSJarno Rajahalme spin_lock_bh(&stats->lock); 17863e7959cSJarno Rajahalme stats->used = 0; 17963e7959cSJarno Rajahalme stats->packet_count = 0; 18063e7959cSJarno Rajahalme stats->byte_count = 0; 18163e7959cSJarno Rajahalme stats->tcp_flags = 0; 18263e7959cSJarno Rajahalme spin_unlock_bh(&stats->lock); 18363e7959cSJarno Rajahalme } 18463e7959cSJarno Rajahalme } 185e298e505SPravin B Shelar } 18603f0d916SAndy Zhou 187ccb1352eSJesse Gross static int check_header(struct sk_buff *skb, int len) 188ccb1352eSJesse Gross { 189ccb1352eSJesse Gross if (unlikely(skb->len < len)) 190ccb1352eSJesse Gross return -EINVAL; 191ccb1352eSJesse Gross if (unlikely(!pskb_may_pull(skb, len))) 192ccb1352eSJesse Gross return -ENOMEM; 193ccb1352eSJesse Gross return 0; 194ccb1352eSJesse Gross } 195ccb1352eSJesse Gross 196ccb1352eSJesse Gross static bool arphdr_ok(struct sk_buff *skb) 197ccb1352eSJesse Gross { 198ccb1352eSJesse Gross return pskb_may_pull(skb, skb_network_offset(skb) + 199ccb1352eSJesse Gross sizeof(struct arp_eth_header)); 200ccb1352eSJesse Gross } 201ccb1352eSJesse Gross 202ccb1352eSJesse Gross static int check_iphdr(struct sk_buff *skb) 203ccb1352eSJesse Gross { 204ccb1352eSJesse Gross unsigned int nh_ofs = skb_network_offset(skb); 205ccb1352eSJesse Gross unsigned int ip_len; 206ccb1352eSJesse Gross int err; 207ccb1352eSJesse Gross 208ccb1352eSJesse Gross err = check_header(skb, nh_ofs + sizeof(struct iphdr)); 209ccb1352eSJesse Gross if (unlikely(err)) 210ccb1352eSJesse Gross return err; 211ccb1352eSJesse Gross 212ccb1352eSJesse Gross ip_len = ip_hdrlen(skb); 213ccb1352eSJesse Gross if (unlikely(ip_len < sizeof(struct iphdr) || 214ccb1352eSJesse Gross skb->len < nh_ofs + ip_len)) 215ccb1352eSJesse Gross return -EINVAL; 216ccb1352eSJesse Gross 217ccb1352eSJesse Gross skb_set_transport_header(skb, nh_ofs + ip_len); 218ccb1352eSJesse Gross return 0; 219ccb1352eSJesse Gross } 220ccb1352eSJesse Gross 221ccb1352eSJesse Gross static bool tcphdr_ok(struct sk_buff *skb) 222ccb1352eSJesse Gross { 223ccb1352eSJesse Gross int th_ofs = skb_transport_offset(skb); 224ccb1352eSJesse Gross int tcp_len; 225ccb1352eSJesse Gross 226ccb1352eSJesse Gross if (unlikely(!pskb_may_pull(skb, th_ofs + sizeof(struct tcphdr)))) 227ccb1352eSJesse Gross return false; 228ccb1352eSJesse Gross 229ccb1352eSJesse Gross tcp_len = tcp_hdrlen(skb); 230ccb1352eSJesse Gross if (unlikely(tcp_len < sizeof(struct tcphdr) || 231ccb1352eSJesse Gross skb->len < th_ofs + tcp_len)) 232ccb1352eSJesse Gross return false; 233ccb1352eSJesse Gross 234ccb1352eSJesse Gross return true; 235ccb1352eSJesse Gross } 236ccb1352eSJesse Gross 237ccb1352eSJesse Gross static bool udphdr_ok(struct sk_buff *skb) 238ccb1352eSJesse Gross { 239ccb1352eSJesse Gross return pskb_may_pull(skb, skb_transport_offset(skb) + 240ccb1352eSJesse Gross sizeof(struct udphdr)); 241ccb1352eSJesse Gross } 242ccb1352eSJesse Gross 243a175a723SJoe Stringer static bool sctphdr_ok(struct sk_buff *skb) 244a175a723SJoe Stringer { 245a175a723SJoe Stringer return pskb_may_pull(skb, skb_transport_offset(skb) + 246a175a723SJoe Stringer sizeof(struct sctphdr)); 247a175a723SJoe Stringer } 248a175a723SJoe Stringer 249ccb1352eSJesse Gross static bool icmphdr_ok(struct sk_buff *skb) 250ccb1352eSJesse Gross { 251ccb1352eSJesse Gross return pskb_may_pull(skb, skb_transport_offset(skb) + 252ccb1352eSJesse Gross sizeof(struct icmphdr)); 253ccb1352eSJesse Gross } 254ccb1352eSJesse Gross 25503f0d916SAndy Zhou static int parse_ipv6hdr(struct sk_buff *skb, struct sw_flow_key *key) 256ccb1352eSJesse Gross { 257*fa642f08SYi-Hung Wei unsigned short frag_off; 258*fa642f08SYi-Hung Wei unsigned int payload_ofs = 0; 259ccb1352eSJesse Gross unsigned int nh_ofs = skb_network_offset(skb); 260ccb1352eSJesse Gross unsigned int nh_len; 261ccb1352eSJesse Gross struct ipv6hdr *nh; 262*fa642f08SYi-Hung Wei int err, nexthdr, flags = 0; 263ccb1352eSJesse Gross 264ccb1352eSJesse Gross err = check_header(skb, nh_ofs + sizeof(*nh)); 265ccb1352eSJesse Gross if (unlikely(err)) 266ccb1352eSJesse Gross return err; 267ccb1352eSJesse Gross 268ccb1352eSJesse Gross nh = ipv6_hdr(skb); 269ccb1352eSJesse Gross 270ccb1352eSJesse Gross key->ip.proto = NEXTHDR_NONE; 271ccb1352eSJesse Gross key->ip.tos = ipv6_get_dsfield(nh); 272ccb1352eSJesse Gross key->ip.ttl = nh->hop_limit; 273ccb1352eSJesse Gross key->ipv6.label = *(__be32 *)nh & htonl(IPV6_FLOWINFO_FLOWLABEL); 274ccb1352eSJesse Gross key->ipv6.addr.src = nh->saddr; 275ccb1352eSJesse Gross key->ipv6.addr.dst = nh->daddr; 276ccb1352eSJesse Gross 277*fa642f08SYi-Hung Wei nexthdr = ipv6_find_hdr(skb, &payload_ofs, -1, &frag_off, &flags); 278*fa642f08SYi-Hung Wei if (flags & IP6_FH_F_FRAG) { 279*fa642f08SYi-Hung Wei if (frag_off) 280ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_LATER; 281ccb1352eSJesse Gross else 282ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_FIRST; 28325ef1328SPravin B Shelar } else { 28425ef1328SPravin B Shelar key->ip.frag = OVS_FRAG_TYPE_NONE; 285ccb1352eSJesse Gross } 286ccb1352eSJesse Gross 287*fa642f08SYi-Hung Wei /* Delayed handling of error in ipv6_find_hdr() as it 288*fa642f08SYi-Hung Wei * always sets flags and frag_off to a valid value which may be 289c30da497SSimon Horman * used to set key->ip.frag above. 290c30da497SSimon Horman */ 291*fa642f08SYi-Hung Wei if (unlikely(nexthdr < 0)) 292c30da497SSimon Horman return -EPROTO; 293c30da497SSimon Horman 294ccb1352eSJesse Gross nh_len = payload_ofs - nh_ofs; 295ccb1352eSJesse Gross skb_set_transport_header(skb, nh_ofs + nh_len); 296ccb1352eSJesse Gross key->ip.proto = nexthdr; 297ccb1352eSJesse Gross return nh_len; 298ccb1352eSJesse Gross } 299ccb1352eSJesse Gross 300ccb1352eSJesse Gross static bool icmp6hdr_ok(struct sk_buff *skb) 301ccb1352eSJesse Gross { 302ccb1352eSJesse Gross return pskb_may_pull(skb, skb_transport_offset(skb) + 303ccb1352eSJesse Gross sizeof(struct icmp6hdr)); 304ccb1352eSJesse Gross } 305ccb1352eSJesse Gross 306018c1ddaSEric Garver /** 307018c1ddaSEric Garver * Parse vlan tag from vlan header. 308018c1ddaSEric Garver * Returns ERROR on memory error. 309018c1ddaSEric Garver * Returns 0 if it encounters a non-vlan or incomplete packet. 310018c1ddaSEric Garver * Returns 1 after successfully parsing vlan tag. 311018c1ddaSEric Garver */ 312df30f740Spravin shelar static int parse_vlan_tag(struct sk_buff *skb, struct vlan_head *key_vh, 313df30f740Spravin shelar bool untag_vlan) 314ccb1352eSJesse Gross { 315018c1ddaSEric Garver struct vlan_head *vh = (struct vlan_head *)skb->data; 316ccb1352eSJesse Gross 317018c1ddaSEric Garver if (likely(!eth_type_vlan(vh->tpid))) 318ccb1352eSJesse Gross return 0; 319ccb1352eSJesse Gross 320018c1ddaSEric Garver if (unlikely(skb->len < sizeof(struct vlan_head) + sizeof(__be16))) 321018c1ddaSEric Garver return 0; 322018c1ddaSEric Garver 323018c1ddaSEric Garver if (unlikely(!pskb_may_pull(skb, sizeof(struct vlan_head) + 324ccb1352eSJesse Gross sizeof(__be16)))) 325ccb1352eSJesse Gross return -ENOMEM; 326ccb1352eSJesse Gross 327018c1ddaSEric Garver vh = (struct vlan_head *)skb->data; 328018c1ddaSEric Garver key_vh->tci = vh->tci | htons(VLAN_TAG_PRESENT); 329018c1ddaSEric Garver key_vh->tpid = vh->tpid; 330018c1ddaSEric Garver 331df30f740Spravin shelar if (unlikely(untag_vlan)) { 332df30f740Spravin shelar int offset = skb->data - skb_mac_header(skb); 333df30f740Spravin shelar u16 tci; 334df30f740Spravin shelar int err; 335df30f740Spravin shelar 336df30f740Spravin shelar __skb_push(skb, offset); 337df30f740Spravin shelar err = __skb_vlan_pop(skb, &tci); 338df30f740Spravin shelar __skb_pull(skb, offset); 339df30f740Spravin shelar if (err) 340df30f740Spravin shelar return err; 341df30f740Spravin shelar __vlan_hwaccel_put_tag(skb, key_vh->tpid, tci); 342df30f740Spravin shelar } else { 343018c1ddaSEric Garver __skb_pull(skb, sizeof(struct vlan_head)); 344df30f740Spravin shelar } 345018c1ddaSEric Garver return 1; 346018c1ddaSEric Garver } 347018c1ddaSEric Garver 3485108bbadSJiri Benc static void clear_vlan(struct sw_flow_key *key) 349018c1ddaSEric Garver { 350018c1ddaSEric Garver key->eth.vlan.tci = 0; 351018c1ddaSEric Garver key->eth.vlan.tpid = 0; 352018c1ddaSEric Garver key->eth.cvlan.tci = 0; 353018c1ddaSEric Garver key->eth.cvlan.tpid = 0; 3545108bbadSJiri Benc } 3555108bbadSJiri Benc 3565108bbadSJiri Benc static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key) 3575108bbadSJiri Benc { 3585108bbadSJiri Benc int res; 359018c1ddaSEric Garver 36020ecf1e4SJiri Benc if (skb_vlan_tag_present(skb)) { 361018c1ddaSEric Garver key->eth.vlan.tci = htons(skb->vlan_tci); 362018c1ddaSEric Garver key->eth.vlan.tpid = skb->vlan_proto; 363018c1ddaSEric Garver } else { 364018c1ddaSEric Garver /* Parse outer vlan tag in the non-accelerated case. */ 365df30f740Spravin shelar res = parse_vlan_tag(skb, &key->eth.vlan, true); 366018c1ddaSEric Garver if (res <= 0) 367018c1ddaSEric Garver return res; 368018c1ddaSEric Garver } 369018c1ddaSEric Garver 370018c1ddaSEric Garver /* Parse inner vlan tag. */ 371df30f740Spravin shelar res = parse_vlan_tag(skb, &key->eth.cvlan, false); 372018c1ddaSEric Garver if (res <= 0) 373018c1ddaSEric Garver return res; 374ccb1352eSJesse Gross 375ccb1352eSJesse Gross return 0; 376ccb1352eSJesse Gross } 377ccb1352eSJesse Gross 378ccb1352eSJesse Gross static __be16 parse_ethertype(struct sk_buff *skb) 379ccb1352eSJesse Gross { 380ccb1352eSJesse Gross struct llc_snap_hdr { 381ccb1352eSJesse Gross u8 dsap; /* Always 0xAA */ 382ccb1352eSJesse Gross u8 ssap; /* Always 0xAA */ 383ccb1352eSJesse Gross u8 ctrl; 384ccb1352eSJesse Gross u8 oui[3]; 385ccb1352eSJesse Gross __be16 ethertype; 386ccb1352eSJesse Gross }; 387ccb1352eSJesse Gross struct llc_snap_hdr *llc; 388ccb1352eSJesse Gross __be16 proto; 389ccb1352eSJesse Gross 390ccb1352eSJesse Gross proto = *(__be16 *) skb->data; 391ccb1352eSJesse Gross __skb_pull(skb, sizeof(__be16)); 392ccb1352eSJesse Gross 3936713fc9bSAlexander Duyck if (eth_proto_is_802_3(proto)) 394ccb1352eSJesse Gross return proto; 395ccb1352eSJesse Gross 396ccb1352eSJesse Gross if (skb->len < sizeof(struct llc_snap_hdr)) 397ccb1352eSJesse Gross return htons(ETH_P_802_2); 398ccb1352eSJesse Gross 399ccb1352eSJesse Gross if (unlikely(!pskb_may_pull(skb, sizeof(struct llc_snap_hdr)))) 400ccb1352eSJesse Gross return htons(0); 401ccb1352eSJesse Gross 402ccb1352eSJesse Gross llc = (struct llc_snap_hdr *) skb->data; 403ccb1352eSJesse Gross if (llc->dsap != LLC_SAP_SNAP || 404ccb1352eSJesse Gross llc->ssap != LLC_SAP_SNAP || 405ccb1352eSJesse Gross (llc->oui[0] | llc->oui[1] | llc->oui[2]) != 0) 406ccb1352eSJesse Gross return htons(ETH_P_802_2); 407ccb1352eSJesse Gross 408ccb1352eSJesse Gross __skb_pull(skb, sizeof(struct llc_snap_hdr)); 40917b682a0SRich Lane 4106713fc9bSAlexander Duyck if (eth_proto_is_802_3(llc->ethertype)) 411ccb1352eSJesse Gross return llc->ethertype; 41217b682a0SRich Lane 41317b682a0SRich Lane return htons(ETH_P_802_2); 414ccb1352eSJesse Gross } 415ccb1352eSJesse Gross 416ccb1352eSJesse Gross static int parse_icmpv6(struct sk_buff *skb, struct sw_flow_key *key, 41703f0d916SAndy Zhou int nh_len) 418ccb1352eSJesse Gross { 419ccb1352eSJesse Gross struct icmp6hdr *icmp = icmp6_hdr(skb); 420ccb1352eSJesse Gross 421ccb1352eSJesse Gross /* The ICMPv6 type and code fields use the 16-bit transport port 422ccb1352eSJesse Gross * fields, so we need to store them in 16-bit network byte order. 423ccb1352eSJesse Gross */ 4241139e241SJarno Rajahalme key->tp.src = htons(icmp->icmp6_type); 4251139e241SJarno Rajahalme key->tp.dst = htons(icmp->icmp6_code); 42625ef1328SPravin B Shelar memset(&key->ipv6.nd, 0, sizeof(key->ipv6.nd)); 427ccb1352eSJesse Gross 428ccb1352eSJesse Gross if (icmp->icmp6_code == 0 && 429ccb1352eSJesse Gross (icmp->icmp6_type == NDISC_NEIGHBOUR_SOLICITATION || 430ccb1352eSJesse Gross icmp->icmp6_type == NDISC_NEIGHBOUR_ADVERTISEMENT)) { 431ccb1352eSJesse Gross int icmp_len = skb->len - skb_transport_offset(skb); 432ccb1352eSJesse Gross struct nd_msg *nd; 433ccb1352eSJesse Gross int offset; 434ccb1352eSJesse Gross 435ccb1352eSJesse Gross /* In order to process neighbor discovery options, we need the 436ccb1352eSJesse Gross * entire packet. 437ccb1352eSJesse Gross */ 438ccb1352eSJesse Gross if (unlikely(icmp_len < sizeof(*nd))) 43903f0d916SAndy Zhou return 0; 44003f0d916SAndy Zhou 44103f0d916SAndy Zhou if (unlikely(skb_linearize(skb))) 44203f0d916SAndy Zhou return -ENOMEM; 443ccb1352eSJesse Gross 444ccb1352eSJesse Gross nd = (struct nd_msg *)skb_transport_header(skb); 445ccb1352eSJesse Gross key->ipv6.nd.target = nd->target; 446ccb1352eSJesse Gross 447ccb1352eSJesse Gross icmp_len -= sizeof(*nd); 448ccb1352eSJesse Gross offset = 0; 449ccb1352eSJesse Gross while (icmp_len >= 8) { 450ccb1352eSJesse Gross struct nd_opt_hdr *nd_opt = 451ccb1352eSJesse Gross (struct nd_opt_hdr *)(nd->opt + offset); 452ccb1352eSJesse Gross int opt_len = nd_opt->nd_opt_len * 8; 453ccb1352eSJesse Gross 454ccb1352eSJesse Gross if (unlikely(!opt_len || opt_len > icmp_len)) 45503f0d916SAndy Zhou return 0; 456ccb1352eSJesse Gross 457ccb1352eSJesse Gross /* Store the link layer address if the appropriate 458ccb1352eSJesse Gross * option is provided. It is considered an error if 459ccb1352eSJesse Gross * the same link layer option is specified twice. 460ccb1352eSJesse Gross */ 461ccb1352eSJesse Gross if (nd_opt->nd_opt_type == ND_OPT_SOURCE_LL_ADDR 462ccb1352eSJesse Gross && opt_len == 8) { 463ccb1352eSJesse Gross if (unlikely(!is_zero_ether_addr(key->ipv6.nd.sll))) 464ccb1352eSJesse Gross goto invalid; 4658c63ff09SJoe Perches ether_addr_copy(key->ipv6.nd.sll, 4668c63ff09SJoe Perches &nd->opt[offset+sizeof(*nd_opt)]); 467ccb1352eSJesse Gross } else if (nd_opt->nd_opt_type == ND_OPT_TARGET_LL_ADDR 468ccb1352eSJesse Gross && opt_len == 8) { 469ccb1352eSJesse Gross if (unlikely(!is_zero_ether_addr(key->ipv6.nd.tll))) 470ccb1352eSJesse Gross goto invalid; 4718c63ff09SJoe Perches ether_addr_copy(key->ipv6.nd.tll, 4728c63ff09SJoe Perches &nd->opt[offset+sizeof(*nd_opt)]); 473ccb1352eSJesse Gross } 474ccb1352eSJesse Gross 475ccb1352eSJesse Gross icmp_len -= opt_len; 476ccb1352eSJesse Gross offset += opt_len; 477ccb1352eSJesse Gross } 478ccb1352eSJesse Gross } 479ccb1352eSJesse Gross 48003f0d916SAndy Zhou return 0; 481ccb1352eSJesse Gross 482ccb1352eSJesse Gross invalid: 483ccb1352eSJesse Gross memset(&key->ipv6.nd.target, 0, sizeof(key->ipv6.nd.target)); 484ccb1352eSJesse Gross memset(key->ipv6.nd.sll, 0, sizeof(key->ipv6.nd.sll)); 485ccb1352eSJesse Gross memset(key->ipv6.nd.tll, 0, sizeof(key->ipv6.nd.tll)); 486ccb1352eSJesse Gross 48703f0d916SAndy Zhou return 0; 488ccb1352eSJesse Gross } 489ccb1352eSJesse Gross 490b2d0f5d5SYi Yang static int parse_nsh(struct sk_buff *skb, struct sw_flow_key *key) 491b2d0f5d5SYi Yang { 492b2d0f5d5SYi Yang struct nshhdr *nh; 493b2d0f5d5SYi Yang unsigned int nh_ofs = skb_network_offset(skb); 494b2d0f5d5SYi Yang u8 version, length; 495b2d0f5d5SYi Yang int err; 496b2d0f5d5SYi Yang 497b2d0f5d5SYi Yang err = check_header(skb, nh_ofs + NSH_BASE_HDR_LEN); 498b2d0f5d5SYi Yang if (unlikely(err)) 499b2d0f5d5SYi Yang return err; 500b2d0f5d5SYi Yang 501b2d0f5d5SYi Yang nh = nsh_hdr(skb); 502b2d0f5d5SYi Yang version = nsh_get_ver(nh); 503b2d0f5d5SYi Yang length = nsh_hdr_len(nh); 504b2d0f5d5SYi Yang 505b2d0f5d5SYi Yang if (version != 0) 506b2d0f5d5SYi Yang return -EINVAL; 507b2d0f5d5SYi Yang 508b2d0f5d5SYi Yang err = check_header(skb, nh_ofs + length); 509b2d0f5d5SYi Yang if (unlikely(err)) 510b2d0f5d5SYi Yang return err; 511b2d0f5d5SYi Yang 512b2d0f5d5SYi Yang nh = nsh_hdr(skb); 513b2d0f5d5SYi Yang key->nsh.base.flags = nsh_get_flags(nh); 514b2d0f5d5SYi Yang key->nsh.base.ttl = nsh_get_ttl(nh); 515b2d0f5d5SYi Yang key->nsh.base.mdtype = nh->mdtype; 516b2d0f5d5SYi Yang key->nsh.base.np = nh->np; 517b2d0f5d5SYi Yang key->nsh.base.path_hdr = nh->path_hdr; 518b2d0f5d5SYi Yang switch (key->nsh.base.mdtype) { 519b2d0f5d5SYi Yang case NSH_M_TYPE1: 520b2d0f5d5SYi Yang if (length != NSH_M_TYPE1_LEN) 521b2d0f5d5SYi Yang return -EINVAL; 522b2d0f5d5SYi Yang memcpy(key->nsh.context, nh->md1.context, 523b2d0f5d5SYi Yang sizeof(nh->md1)); 524b2d0f5d5SYi Yang break; 525b2d0f5d5SYi Yang case NSH_M_TYPE2: 526b2d0f5d5SYi Yang memset(key->nsh.context, 0, 527b2d0f5d5SYi Yang sizeof(nh->md1)); 528b2d0f5d5SYi Yang break; 529b2d0f5d5SYi Yang default: 530b2d0f5d5SYi Yang return -EINVAL; 531b2d0f5d5SYi Yang } 532b2d0f5d5SYi Yang 533b2d0f5d5SYi Yang return 0; 534b2d0f5d5SYi Yang } 535b2d0f5d5SYi Yang 536ccb1352eSJesse Gross /** 53783c8df26SPravin B Shelar * key_extract - extracts a flow key from an Ethernet frame. 538ccb1352eSJesse Gross * @skb: sk_buff that contains the frame, with skb->data pointing to the 539ccb1352eSJesse Gross * Ethernet header 540ccb1352eSJesse Gross * @key: output flow key 541ccb1352eSJesse Gross * 542ccb1352eSJesse Gross * The caller must ensure that skb->len >= ETH_HLEN. 543ccb1352eSJesse Gross * 544ccb1352eSJesse Gross * Returns 0 if successful, otherwise a negative errno value. 545ccb1352eSJesse Gross * 5465108bbadSJiri Benc * Initializes @skb header fields as follows: 547ccb1352eSJesse Gross * 5485108bbadSJiri Benc * - skb->mac_header: the L2 header. 549ccb1352eSJesse Gross * 5505108bbadSJiri Benc * - skb->network_header: just past the L2 header, or just past the 5515108bbadSJiri Benc * VLAN header, to the first byte of the L2 payload. 552ccb1352eSJesse Gross * 55334d94f21SLorand Jakab * - skb->transport_header: If key->eth.type is ETH_P_IP or ETH_P_IPV6 554ccb1352eSJesse Gross * on output, then just past the IP header, if one is present and 555ccb1352eSJesse Gross * of a correct length, otherwise the same as skb->network_header. 55634d94f21SLorand Jakab * For other key->eth.type values it is left untouched. 5575108bbadSJiri Benc * 5585108bbadSJiri Benc * - skb->protocol: the type of the data starting at skb->network_header. 5595108bbadSJiri Benc * Equals to key->eth.type. 560ccb1352eSJesse Gross */ 56183c8df26SPravin B Shelar static int key_extract(struct sk_buff *skb, struct sw_flow_key *key) 562ccb1352eSJesse Gross { 56303f0d916SAndy Zhou int error; 564ccb1352eSJesse Gross struct ethhdr *eth; 565ccb1352eSJesse Gross 566f5796684SJesse Gross /* Flags are always used as part of stats */ 567f5796684SJesse Gross key->tp.flags = 0; 568f5796684SJesse Gross 569ccb1352eSJesse Gross skb_reset_mac_header(skb); 570ccb1352eSJesse Gross 5715108bbadSJiri Benc /* Link layer. */ 5725108bbadSJiri Benc clear_vlan(key); 5736f56f618SYi-Hung Wei if (ovs_key_mac_proto(key) == MAC_PROTO_NONE) { 5745108bbadSJiri Benc if (unlikely(eth_type_vlan(skb->protocol))) 5755108bbadSJiri Benc return -EINVAL; 5765108bbadSJiri Benc 5775108bbadSJiri Benc skb_reset_network_header(skb); 578c48e7473SEric Garver key->eth.type = skb->protocol; 5795108bbadSJiri Benc } else { 580ccb1352eSJesse Gross eth = eth_hdr(skb); 5818c63ff09SJoe Perches ether_addr_copy(key->eth.src, eth->h_source); 5828c63ff09SJoe Perches ether_addr_copy(key->eth.dst, eth->h_dest); 583ccb1352eSJesse Gross 584ccb1352eSJesse Gross __skb_pull(skb, 2 * ETH_ALEN); 585b34df5e8SPravin B Shelar /* We are going to push all headers that we pull, so no need to 586b34df5e8SPravin B Shelar * update skb->csum here. 587b34df5e8SPravin B Shelar */ 588ccb1352eSJesse Gross 589ccb1352eSJesse Gross if (unlikely(parse_vlan(skb, key))) 590ccb1352eSJesse Gross return -ENOMEM; 591ccb1352eSJesse Gross 592c48e7473SEric Garver key->eth.type = parse_ethertype(skb); 593c48e7473SEric Garver if (unlikely(key->eth.type == htons(0))) 594ccb1352eSJesse Gross return -ENOMEM; 595ccb1352eSJesse Gross 596c48e7473SEric Garver /* Multiple tagged packets need to retain TPID to satisfy 597c48e7473SEric Garver * skb_vlan_pop(), which will later shift the ethertype into 598c48e7473SEric Garver * skb->protocol. 599c48e7473SEric Garver */ 600c48e7473SEric Garver if (key->eth.cvlan.tci & htons(VLAN_TAG_PRESENT)) 601c48e7473SEric Garver skb->protocol = key->eth.cvlan.tpid; 602c48e7473SEric Garver else 603c48e7473SEric Garver skb->protocol = key->eth.type; 604c48e7473SEric Garver 605ccb1352eSJesse Gross skb_reset_network_header(skb); 606ccb1352eSJesse Gross __skb_push(skb, skb->data - skb_mac_header(skb)); 6075108bbadSJiri Benc } 6085108bbadSJiri Benc skb_reset_mac_len(skb); 609ccb1352eSJesse Gross 610ccb1352eSJesse Gross /* Network layer. */ 611ccb1352eSJesse Gross if (key->eth.type == htons(ETH_P_IP)) { 612ccb1352eSJesse Gross struct iphdr *nh; 613ccb1352eSJesse Gross __be16 offset; 614ccb1352eSJesse Gross 615ccb1352eSJesse Gross error = check_iphdr(skb); 616ccb1352eSJesse Gross if (unlikely(error)) { 61707148121SJesse Gross memset(&key->ip, 0, sizeof(key->ip)); 61807148121SJesse Gross memset(&key->ipv4, 0, sizeof(key->ipv4)); 619ccb1352eSJesse Gross if (error == -EINVAL) { 620ccb1352eSJesse Gross skb->transport_header = skb->network_header; 621ccb1352eSJesse Gross error = 0; 622ccb1352eSJesse Gross } 62303f0d916SAndy Zhou return error; 624ccb1352eSJesse Gross } 625ccb1352eSJesse Gross 626ccb1352eSJesse Gross nh = ip_hdr(skb); 627ccb1352eSJesse Gross key->ipv4.addr.src = nh->saddr; 628ccb1352eSJesse Gross key->ipv4.addr.dst = nh->daddr; 629ccb1352eSJesse Gross 630ccb1352eSJesse Gross key->ip.proto = nh->protocol; 631ccb1352eSJesse Gross key->ip.tos = nh->tos; 632ccb1352eSJesse Gross key->ip.ttl = nh->ttl; 633ccb1352eSJesse Gross 634ccb1352eSJesse Gross offset = nh->frag_off & htons(IP_OFFSET); 635ccb1352eSJesse Gross if (offset) { 636ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_LATER; 63703f0d916SAndy Zhou return 0; 638ccb1352eSJesse Gross } 6390c19f846SWillem de Bruijn if (nh->frag_off & htons(IP_MF) || 6400c19f846SWillem de Bruijn skb_shinfo(skb)->gso_type & SKB_GSO_UDP) 641ccb1352eSJesse Gross key->ip.frag = OVS_FRAG_TYPE_FIRST; 64207148121SJesse Gross else 64307148121SJesse Gross key->ip.frag = OVS_FRAG_TYPE_NONE; 644ccb1352eSJesse Gross 645ccb1352eSJesse Gross /* Transport layer. */ 646ccb1352eSJesse Gross if (key->ip.proto == IPPROTO_TCP) { 647ccb1352eSJesse Gross if (tcphdr_ok(skb)) { 648ccb1352eSJesse Gross struct tcphdr *tcp = tcp_hdr(skb); 6491139e241SJarno Rajahalme key->tp.src = tcp->source; 6501139e241SJarno Rajahalme key->tp.dst = tcp->dest; 6511139e241SJarno Rajahalme key->tp.flags = TCP_FLAGS_BE16(tcp); 65207148121SJesse Gross } else { 65307148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 654ccb1352eSJesse Gross } 65507148121SJesse Gross 656ccb1352eSJesse Gross } else if (key->ip.proto == IPPROTO_UDP) { 657ccb1352eSJesse Gross if (udphdr_ok(skb)) { 658ccb1352eSJesse Gross struct udphdr *udp = udp_hdr(skb); 6591139e241SJarno Rajahalme key->tp.src = udp->source; 6601139e241SJarno Rajahalme key->tp.dst = udp->dest; 66107148121SJesse Gross } else { 66207148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 663ccb1352eSJesse Gross } 664a175a723SJoe Stringer } else if (key->ip.proto == IPPROTO_SCTP) { 665a175a723SJoe Stringer if (sctphdr_ok(skb)) { 666a175a723SJoe Stringer struct sctphdr *sctp = sctp_hdr(skb); 6671139e241SJarno Rajahalme key->tp.src = sctp->source; 6681139e241SJarno Rajahalme key->tp.dst = sctp->dest; 66907148121SJesse Gross } else { 67007148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 671a175a723SJoe Stringer } 672ccb1352eSJesse Gross } else if (key->ip.proto == IPPROTO_ICMP) { 673ccb1352eSJesse Gross if (icmphdr_ok(skb)) { 674ccb1352eSJesse Gross struct icmphdr *icmp = icmp_hdr(skb); 675ccb1352eSJesse Gross /* The ICMP type and code fields use the 16-bit 676ccb1352eSJesse Gross * transport port fields, so we need to store 677ccb1352eSJesse Gross * them in 16-bit network byte order. */ 6781139e241SJarno Rajahalme key->tp.src = htons(icmp->type); 6791139e241SJarno Rajahalme key->tp.dst = htons(icmp->code); 68007148121SJesse Gross } else { 68107148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 682ccb1352eSJesse Gross } 683ccb1352eSJesse Gross } 684ccb1352eSJesse Gross 68507148121SJesse Gross } else if (key->eth.type == htons(ETH_P_ARP) || 68607148121SJesse Gross key->eth.type == htons(ETH_P_RARP)) { 687ccb1352eSJesse Gross struct arp_eth_header *arp; 688389f4894SLi RongQing bool arp_available = arphdr_ok(skb); 689ccb1352eSJesse Gross 690ccb1352eSJesse Gross arp = (struct arp_eth_header *)skb_network_header(skb); 691ccb1352eSJesse Gross 692389f4894SLi RongQing if (arp_available && 69307148121SJesse Gross arp->ar_hrd == htons(ARPHRD_ETHER) && 69407148121SJesse Gross arp->ar_pro == htons(ETH_P_IP) && 69507148121SJesse Gross arp->ar_hln == ETH_ALEN && 69607148121SJesse Gross arp->ar_pln == 4) { 697ccb1352eSJesse Gross 698ccb1352eSJesse Gross /* We only match on the lower 8 bits of the opcode. */ 699ccb1352eSJesse Gross if (ntohs(arp->ar_op) <= 0xff) 700ccb1352eSJesse Gross key->ip.proto = ntohs(arp->ar_op); 70107148121SJesse Gross else 70207148121SJesse Gross key->ip.proto = 0; 70307148121SJesse Gross 704ccb1352eSJesse Gross memcpy(&key->ipv4.addr.src, arp->ar_sip, sizeof(key->ipv4.addr.src)); 705ccb1352eSJesse Gross memcpy(&key->ipv4.addr.dst, arp->ar_tip, sizeof(key->ipv4.addr.dst)); 7068c63ff09SJoe Perches ether_addr_copy(key->ipv4.arp.sha, arp->ar_sha); 7078c63ff09SJoe Perches ether_addr_copy(key->ipv4.arp.tha, arp->ar_tha); 70807148121SJesse Gross } else { 70907148121SJesse Gross memset(&key->ip, 0, sizeof(key->ip)); 71007148121SJesse Gross memset(&key->ipv4, 0, sizeof(key->ipv4)); 711ccb1352eSJesse Gross } 71225cd9ba0SSimon Horman } else if (eth_p_mpls(key->eth.type)) { 71325cd9ba0SSimon Horman size_t stack_len = MPLS_HLEN; 71425cd9ba0SSimon Horman 715f7d49bceSJiri Benc skb_set_inner_network_header(skb, skb->mac_len); 71625cd9ba0SSimon Horman while (1) { 71725cd9ba0SSimon Horman __be32 lse; 71825cd9ba0SSimon Horman 71925cd9ba0SSimon Horman error = check_header(skb, skb->mac_len + stack_len); 72025cd9ba0SSimon Horman if (unlikely(error)) 72125cd9ba0SSimon Horman return 0; 72225cd9ba0SSimon Horman 723f7d49bceSJiri Benc memcpy(&lse, skb_inner_network_header(skb), MPLS_HLEN); 72425cd9ba0SSimon Horman 72525cd9ba0SSimon Horman if (stack_len == MPLS_HLEN) 72625cd9ba0SSimon Horman memcpy(&key->mpls.top_lse, &lse, MPLS_HLEN); 72725cd9ba0SSimon Horman 728f7d49bceSJiri Benc skb_set_inner_network_header(skb, skb->mac_len + stack_len); 72925cd9ba0SSimon Horman if (lse & htonl(MPLS_LS_S_MASK)) 73025cd9ba0SSimon Horman break; 73125cd9ba0SSimon Horman 73225cd9ba0SSimon Horman stack_len += MPLS_HLEN; 73325cd9ba0SSimon Horman } 734ccb1352eSJesse Gross } else if (key->eth.type == htons(ETH_P_IPV6)) { 735ccb1352eSJesse Gross int nh_len; /* IPv6 Header + Extensions */ 736ccb1352eSJesse Gross 73703f0d916SAndy Zhou nh_len = parse_ipv6hdr(skb, key); 738ccb1352eSJesse Gross if (unlikely(nh_len < 0)) { 739c30da497SSimon Horman switch (nh_len) { 740c30da497SSimon Horman case -EINVAL: 74107148121SJesse Gross memset(&key->ip, 0, sizeof(key->ip)); 74207148121SJesse Gross memset(&key->ipv6.addr, 0, sizeof(key->ipv6.addr)); 743c30da497SSimon Horman /* fall-through */ 744c30da497SSimon Horman case -EPROTO: 745ccb1352eSJesse Gross skb->transport_header = skb->network_header; 74603f0d916SAndy Zhou error = 0; 747c30da497SSimon Horman break; 748c30da497SSimon Horman default: 749ccb1352eSJesse Gross error = nh_len; 75003f0d916SAndy Zhou } 75103f0d916SAndy Zhou return error; 752ccb1352eSJesse Gross } 753ccb1352eSJesse Gross 754ccb1352eSJesse Gross if (key->ip.frag == OVS_FRAG_TYPE_LATER) 75503f0d916SAndy Zhou return 0; 7560c19f846SWillem de Bruijn if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP) 7570c19f846SWillem de Bruijn key->ip.frag = OVS_FRAG_TYPE_FIRST; 7580c19f846SWillem de Bruijn 759ccb1352eSJesse Gross /* Transport layer. */ 760ccb1352eSJesse Gross if (key->ip.proto == NEXTHDR_TCP) { 761ccb1352eSJesse Gross if (tcphdr_ok(skb)) { 762ccb1352eSJesse Gross struct tcphdr *tcp = tcp_hdr(skb); 7631139e241SJarno Rajahalme key->tp.src = tcp->source; 7641139e241SJarno Rajahalme key->tp.dst = tcp->dest; 7651139e241SJarno Rajahalme key->tp.flags = TCP_FLAGS_BE16(tcp); 76607148121SJesse Gross } else { 76707148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 768ccb1352eSJesse Gross } 769ccb1352eSJesse Gross } else if (key->ip.proto == NEXTHDR_UDP) { 770ccb1352eSJesse Gross if (udphdr_ok(skb)) { 771ccb1352eSJesse Gross struct udphdr *udp = udp_hdr(skb); 7721139e241SJarno Rajahalme key->tp.src = udp->source; 7731139e241SJarno Rajahalme key->tp.dst = udp->dest; 77407148121SJesse Gross } else { 77507148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 776ccb1352eSJesse Gross } 777a175a723SJoe Stringer } else if (key->ip.proto == NEXTHDR_SCTP) { 778a175a723SJoe Stringer if (sctphdr_ok(skb)) { 779a175a723SJoe Stringer struct sctphdr *sctp = sctp_hdr(skb); 7801139e241SJarno Rajahalme key->tp.src = sctp->source; 7811139e241SJarno Rajahalme key->tp.dst = sctp->dest; 78207148121SJesse Gross } else { 78307148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 784a175a723SJoe Stringer } 785ccb1352eSJesse Gross } else if (key->ip.proto == NEXTHDR_ICMP) { 786ccb1352eSJesse Gross if (icmp6hdr_ok(skb)) { 78703f0d916SAndy Zhou error = parse_icmpv6(skb, key, nh_len); 78803f0d916SAndy Zhou if (error) 78903f0d916SAndy Zhou return error; 79007148121SJesse Gross } else { 79107148121SJesse Gross memset(&key->tp, 0, sizeof(key->tp)); 792ccb1352eSJesse Gross } 793ccb1352eSJesse Gross } 794b2d0f5d5SYi Yang } else if (key->eth.type == htons(ETH_P_NSH)) { 795b2d0f5d5SYi Yang error = parse_nsh(skb, key); 796b2d0f5d5SYi Yang if (error) 797b2d0f5d5SYi Yang return error; 798ccb1352eSJesse Gross } 79903f0d916SAndy Zhou return 0; 800ccb1352eSJesse Gross } 80183c8df26SPravin B Shelar 802971427f3SAndy Zhou int ovs_flow_key_update(struct sk_buff *skb, struct sw_flow_key *key) 803971427f3SAndy Zhou { 8046f56f618SYi-Hung Wei int res; 8056f56f618SYi-Hung Wei 8066f56f618SYi-Hung Wei res = key_extract(skb, key); 8076f56f618SYi-Hung Wei if (!res) 8086f56f618SYi-Hung Wei key->mac_proto &= ~SW_FLOW_KEY_INVALID; 8096f56f618SYi-Hung Wei 8106f56f618SYi-Hung Wei return res; 811971427f3SAndy Zhou } 812971427f3SAndy Zhou 8135108bbadSJiri Benc static int key_extract_mac_proto(struct sk_buff *skb) 8145108bbadSJiri Benc { 8155108bbadSJiri Benc switch (skb->dev->type) { 8165108bbadSJiri Benc case ARPHRD_ETHER: 8175108bbadSJiri Benc return MAC_PROTO_ETHERNET; 8185108bbadSJiri Benc case ARPHRD_NONE: 8195108bbadSJiri Benc if (skb->protocol == htons(ETH_P_TEB)) 8205108bbadSJiri Benc return MAC_PROTO_ETHERNET; 8215108bbadSJiri Benc return MAC_PROTO_NONE; 8225108bbadSJiri Benc } 8235108bbadSJiri Benc WARN_ON_ONCE(1); 8245108bbadSJiri Benc return -EINVAL; 8255108bbadSJiri Benc } 8265108bbadSJiri Benc 8271d8fff90SThomas Graf int ovs_flow_key_extract(const struct ip_tunnel_info *tun_info, 8288c8b1b83SPravin B Shelar struct sk_buff *skb, struct sw_flow_key *key) 82983c8df26SPravin B Shelar { 8309dd7f890SJarno Rajahalme int res, err; 8315108bbadSJiri Benc 83283c8df26SPravin B Shelar /* Extract metadata from packet. */ 833f5796684SJesse Gross if (tun_info) { 83400a93babSJiri Benc key->tun_proto = ip_tunnel_info_af(tun_info); 8351d8fff90SThomas Graf memcpy(&key->tun_key, &tun_info->key, sizeof(key->tun_key)); 836f5796684SJesse Gross 8374c222798SPravin B Shelar if (tun_info->options_len) { 838f5796684SJesse Gross BUILD_BUG_ON((1 << (sizeof(tun_info->options_len) * 839f5796684SJesse Gross 8)) - 1 840f5796684SJesse Gross > sizeof(key->tun_opts)); 8414c222798SPravin B Shelar 8424c222798SPravin B Shelar ip_tunnel_info_opts_get(TUN_METADATA_OPTS(key, tun_info->options_len), 8434c222798SPravin B Shelar tun_info); 844f5796684SJesse Gross key->tun_opts_len = tun_info->options_len; 845f5796684SJesse Gross } else { 846f5796684SJesse Gross key->tun_opts_len = 0; 847f5796684SJesse Gross } 848f5796684SJesse Gross } else { 84900a93babSJiri Benc key->tun_proto = 0; 850f5796684SJesse Gross key->tun_opts_len = 0; 85107148121SJesse Gross memset(&key->tun_key, 0, sizeof(key->tun_key)); 852f5796684SJesse Gross } 85383c8df26SPravin B Shelar 85483c8df26SPravin B Shelar key->phy.priority = skb->priority; 85583c8df26SPravin B Shelar key->phy.in_port = OVS_CB(skb)->input_vport->port_no; 85683c8df26SPravin B Shelar key->phy.skb_mark = skb->mark; 85707148121SJesse Gross key->ovs_flow_hash = 0; 8585108bbadSJiri Benc res = key_extract_mac_proto(skb); 8595108bbadSJiri Benc if (res < 0) 8605108bbadSJiri Benc return res; 8615108bbadSJiri Benc key->mac_proto = res; 86207148121SJesse Gross key->recirc_id = 0; 86307148121SJesse Gross 8649dd7f890SJarno Rajahalme err = key_extract(skb, key); 8659dd7f890SJarno Rajahalme if (!err) 8669dd7f890SJarno Rajahalme ovs_ct_fill_key(skb, key); /* Must be after key_extract(). */ 8679dd7f890SJarno Rajahalme return err; 86883c8df26SPravin B Shelar } 86983c8df26SPravin B Shelar 870c2ac6673SJoe Stringer int ovs_flow_key_extract_userspace(struct net *net, const struct nlattr *attr, 87183c8df26SPravin B Shelar struct sk_buff *skb, 87205da5898SJarno Rajahalme struct sw_flow_key *key, bool log) 87383c8df26SPravin B Shelar { 8749dd7f890SJarno Rajahalme const struct nlattr *a[OVS_KEY_ATTR_MAX + 1]; 8759dd7f890SJarno Rajahalme u64 attrs = 0; 87683c8df26SPravin B Shelar int err; 87783c8df26SPravin B Shelar 8789dd7f890SJarno Rajahalme err = parse_flow_nlattrs(attr, a, &attrs, log); 8799dd7f890SJarno Rajahalme if (err) 8809dd7f890SJarno Rajahalme return -EINVAL; 8819dd7f890SJarno Rajahalme 88283c8df26SPravin B Shelar /* Extract metadata from netlink attributes. */ 8839dd7f890SJarno Rajahalme err = ovs_nla_get_flow_metadata(net, a, attrs, key, log); 88483c8df26SPravin B Shelar if (err) 88583c8df26SPravin B Shelar return err; 88683c8df26SPravin B Shelar 8875108bbadSJiri Benc /* key_extract assumes that skb->protocol is set-up for 8885108bbadSJiri Benc * layer 3 packets which is the case for other callers, 889df30f740Spravin shelar * in particular packets received from the network stack. 8905108bbadSJiri Benc * Here the correct value can be set from the metadata 8915108bbadSJiri Benc * extracted above. 892df30f740Spravin shelar * For L2 packet key eth type would be zero. skb protocol 893df30f740Spravin shelar * would be set to correct value later during key-extact. 8945108bbadSJiri Benc */ 895df30f740Spravin shelar 8965108bbadSJiri Benc skb->protocol = key->eth.type; 8979dd7f890SJarno Rajahalme err = key_extract(skb, key); 8989dd7f890SJarno Rajahalme if (err) 8999dd7f890SJarno Rajahalme return err; 9009dd7f890SJarno Rajahalme 9019dd7f890SJarno Rajahalme /* Check that we have conntrack original direction tuple metadata only 9029dd7f890SJarno Rajahalme * for packets for which it makes sense. Otherwise the key may be 9039dd7f890SJarno Rajahalme * corrupted due to overlapping key fields. 9049dd7f890SJarno Rajahalme */ 9059dd7f890SJarno Rajahalme if (attrs & (1 << OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4) && 9069dd7f890SJarno Rajahalme key->eth.type != htons(ETH_P_IP)) 9079dd7f890SJarno Rajahalme return -EINVAL; 9089dd7f890SJarno Rajahalme if (attrs & (1 << OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV6) && 9099dd7f890SJarno Rajahalme (key->eth.type != htons(ETH_P_IPV6) || 9109dd7f890SJarno Rajahalme sw_flow_key_is_nd(key))) 9119dd7f890SJarno Rajahalme return -EINVAL; 9129dd7f890SJarno Rajahalme 9139dd7f890SJarno Rajahalme return 0; 91483c8df26SPravin B Shelar } 915