1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2002 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _IPP_IPGPC_CLASSIFIER_OBJECTS_H 28 #define _IPP_IPGPC_CLASSIFIER_OBJECTS_H 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #include <sys/time.h> 33 #include <ipp/ipp.h> 34 #include <ipp/ipgpc/ipgpc.h> 35 36 #ifdef __cplusplus 37 extern "C" { 38 #endif 39 40 /* common objects and defines used by the ipgpc code base */ 41 42 /* default wildcard and unspecified value for selectors */ 43 #define IPGPC_WILDCARD -1 44 #define IPGPC_UNSPECIFIED 0 45 46 /* trie id's */ 47 #define IPGPC_TRIE_SPORTID 0 48 #define IPGPC_TRIE_DPORTID 1 49 #define IPGPC_TRIE_SADDRID 2 50 #define IPGPC_TRIE_DADDRID 3 51 52 /* 53 * IPv6 trie id's 54 * note: tries for SPORT, DPORT are shared between IPv4 and IPv6 filters 55 */ 56 #define IPGPC_TRIE_SADDRID6 4 57 #define IPGPC_TRIE_DADDRID6 5 58 59 /* ba table id's */ 60 #define IPGPC_BA_DSID 6 61 62 /* table id's */ 63 #define IPGPC_TABLE_PROTOID 7 64 #define IPGPC_TABLE_UID 8 65 #define IPGPC_TABLE_PROJID 9 66 #define IPGPC_TABLE_IF 10 67 #define IPGPC_TABLE_IF_GRPNM 11 68 #define IPGPC_TABLE_DIR 12 69 #define TABLE_ID_OFFSET IPGPC_TABLE_PROTOID 70 #define PROTOID_IDX (IPGPC_TABLE_PROTOID - TABLE_ID_OFFSET) 71 #define UID_IDX (IPGPC_TABLE_UID - TABLE_ID_OFFSET) 72 #define PROJID_IDX (IPGPC_TABLE_PROJID - TABLE_ID_OFFSET) 73 #define IF_IDX (IPGPC_TABLE_IF - TABLE_ID_OFFSET) 74 #define IF_GRPNM_IDX (IPGPC_TABLE_IF_GRPNM - TABLE_ID_OFFSET) 75 #define DIR_IDX (IPGPC_TABLE_DIR - TABLE_ID_OFFSET) 76 77 /* Match types for selector searching */ 78 #define NORMAL_MATCH 0 79 #define NO_MATCHES 1 80 #define DONTCARE_ONLY_MATCH 2 81 82 /* match masks */ 83 #define PROTO_MASK 0x01 84 #define DS_MASK 0x02 85 #define SPORT_MASK 0x04 86 #define DPORT_MASK 0x08 87 #define SADDR_MASK 0x10 88 #define DADDR_MASK 0x20 89 #define SADDR6_MASK SADDR_MASK 90 #define DADDR6_MASK DADDR_MASK 91 #define UID_MASK 0x40 92 #define PROJID_MASK 0x80 93 #define IF_MASK 0x100 94 #define IF_GRPNM_MASK 0x200 95 #define DIR_MASK 0x400 96 #define ALL_MATCH_MASK (DS_MASK | PROTO_MASK | SADDR_MASK | DADDR_MASK | \ 97 SPORT_MASK | DPORT_MASK | UID_MASK | PROJID_MASK | \ 98 IF_MASK | IF_GRPNM_MASK | DIR_MASK) 99 100 #define HASH_SIZE 11 /* default hash table size */ 101 102 /* used when inserting values into selector structures */ 103 #define NORMAL_VALUE 0 /* a valid value was insert */ 104 #define DONTCARE_VALUE 1 /* a dontcare/wildcard value was inserted */ 105 106 /* filter definition structure */ 107 typedef struct ipgpc_filter_s { 108 char filter_name[MAXNAMELEN]; /* null terminated name of filter */ 109 110 /* exact match selectors */ 111 char if_groupname[LIFNAMSIZ]; /* null terminated iface groupname */ 112 uid_t uid; /* uid key, value = exact or IPGPC_WILDCARD */ 113 projid_t projid; /* project id, " " */ 114 uint_t if_index; /* interface index, " " or 0 for wildcard */ 115 /* 116 * packet direction 117 * value = IPP_LOCAL_IN | IPP_LOCAL_OUT | 118 * IPP_FWD_IN | IPP_FWD_OUT | 0 for wildcard 119 */ 120 uint32_t direction; 121 uint8_t proto; /* protocol key, exact or 0 for wildcard */ 122 123 /* non-exact match selectors */ 124 uint8_t dsfield; /* diffserv field key */ 125 uint8_t dsfield_mask; /* mask for diffserv field key */ 126 /* IP Addresses are represented as IPV6 address structures */ 127 in6_addr_t saddr; /* source address key */ 128 in6_addr_t saddr_mask; /* mask for saddr key */ 129 char *saddr_hostname; /* hostname of source address, optional */ 130 in6_addr_t daddr; /* destination address key */ 131 in6_addr_t daddr_mask; /* mask for daddr key */ 132 char *daddr_hostname; /* hostname of destination address, optional */ 133 uint16_t sport; /* source port key */ 134 uint16_t sport_mask; /* mask for sport key */ 135 uint16_t dport; /* destination port key */ 136 uint16_t dport_mask; /* mask for dport key */ 137 138 /* filter ranking variables */ 139 uint32_t precedence; /* precedence value for filter */ 140 uint32_t priority; /* filter priority */ 141 142 /* 143 * filter_type accepted values = 144 * IPGPC_GENERIC_FLTR | IPGPC_V4_FLTR | 145 * IPGPC_V6_FLTR 146 */ 147 uint8_t filter_type; 148 int32_t filter_instance; /* filter instance number, -1 if unused */ 149 uint32_t originator; /* originator of this config item */ 150 char *filter_comment; /* optional and unused by ipgpc */ 151 } ipgpc_filter_t; 152 153 typedef struct ipgpc_class_stats_s { 154 ipp_action_id_t next_action; /* next action id */ 155 hrtime_t last_match; /* hrtime value of last match to class */ 156 uint64_t nbytes; /* number of matching bytes */ 157 uint64_t npackets; /* number of matching packets */ 158 } ipgpc_class_stats_t; 159 160 /* linked list Element node structure */ 161 typedef struct element_node_s *linked_list; 162 typedef struct element_node_s *plink; 163 typedef struct element_node_s { 164 plink next; 165 void (*element_ref)(struct element_node_s *); 166 void (*element_unref)(struct element_node_s *); 167 int id; 168 uint32_t element_refcnt; 169 } element_node_t; 170 171 /* trie node structure */ 172 typedef struct node_s *node_p; 173 typedef struct node_s { 174 linked_list elements; /* pointer to element list */ 175 node_p zero; /* left link */ 176 node_p one; /* right link */ 177 uint32_t val; /* value of bits covered */ 178 uint32_t mask; /* mask of bits covered */ 179 uint8_t bits; /* number of bits covered by this node */ 180 uint8_t pos; /* starting position of bits covered */ 181 uint16_t isroot; /* 1 if is root node, 0 otherwise */ 182 } node_t; 183 typedef node_p trie; 184 185 /* hashtable node structure */ 186 typedef struct ht_node_s *hash_table; 187 typedef struct ht_node_s *ht_node_p; 188 typedef struct ht_node_s { 189 ht_node_p next; /* link to next node in chain */ 190 linked_list elements; /* elements stored at this node */ 191 int key; /* key stored at this node */ 192 int info; 193 } ht_node_t; 194 195 /* behavior aggregate table element structure */ 196 typedef struct ba_table_element_s { 197 linked_list filter_list; /* list of filters */ 198 uint32_t info; 199 } ba_table_element_t; 200 201 /* behavior aggregate table structure */ 202 typedef struct ba_table_s { 203 linked_list masks; /* list of loaded masks */ 204 ba_table_element_t masked_values[256]; /* table of masked values */ 205 } ba_table_t; 206 207 /* selector information structure */ 208 typedef struct sel_info_s { 209 uint16_t mask; /* mask for marking */ 210 boolean_t dontcareonly; /* true if only don't cares are loaded */ 211 } sel_info_t; 212 213 /* selector statistics structure */ 214 typedef struct sel_stats_s { 215 uint32_t num_inserted; /* number of nodes that are not dontcares */ 216 uint32_t num_dontcare; /* number of nodes that are dontcares */ 217 } sel_stats_t; 218 219 /* identification structure for a trie */ 220 typedef struct trie_id_s { 221 trie trie; /* pointer to the trie structure */ 222 krwlock_t rw_lock; /* lock protecting this trie */ 223 size_t key_len; /* length (bits) of the key for a lookup */ 224 sel_stats_t stats; /* selector statistics strucutre */ 225 sel_info_t info; /* selector info structure */ 226 } trie_id_t; 227 228 /* identification structure for a table */ 229 typedef struct table_id_s { 230 hash_table table; /* pointer to the hash table structure */ 231 int wildcard; /* wildcard value for this selector */ 232 sel_stats_t stats; /* selector statistics strucutre */ 233 sel_info_t info; /* selector info structure */ 234 } table_id_t; 235 236 /* identification structure for a ba_table */ 237 typedef struct ba_table_id_s { 238 ba_table_t table; 239 kmutex_t lock; /* ba table lock */ 240 sel_info_t info; /* selector info structure */ 241 sel_stats_t stats; /* selector statistics structure */ 242 } ba_table_id_t; 243 244 /* class definition structure */ 245 typedef struct ipgpc_class_s { 246 ipp_action_id_t next_action; /* id of action at head of list */ 247 boolean_t gather_stats; /* are stats desired? B_TRUE or B_FALSE */ 248 uint32_t originator; /* originator of this config item */ 249 char class_name[MAXNAMELEN]; /* name of classification */ 250 } ipgpc_class_t; 251 252 /* filter id association data structure */ 253 typedef struct fid_s { 254 int info; /* 0 if unused, -1 if dirty, 1 if used */ 255 int class_id; /* id of class associated with filter */ 256 uint16_t insert_map; /* selectors w/ values inserted for this fid */ 257 ipgpc_filter_t filter; /* filter structure that this fid describes */ 258 } fid_t; 259 260 /* class_id structure */ 261 typedef struct cid_s { 262 linked_list filter_list; /* list of filters associated with class */ 263 int info; /* 0 if unused, -1 if dirty, 1 if used */ 264 ipgpc_class_t aclass; /* the class structure this cid describes */ 265 ipp_stat_t *cl_stats; /* kstats structure */ 266 ipgpc_class_stats_t stats; /* statistics structure for class */ 267 } cid_t; 268 269 /* ipp_stat global stats structure */ 270 typedef struct globalstats_s { 271 ipp_named_t nfilters; 272 ipp_named_t nclasses; 273 ipp_named_t nbytes; 274 ipp_named_t npackets; 275 ipp_named_t epackets; 276 } globalstats_t; 277 278 /* ipp_stat class stats structure */ 279 typedef struct classstats_s { 280 ipp_named_t nbytes; 281 ipp_named_t npackets; 282 ipp_named_t last_match; 283 } classstats_t; 284 285 /* matching hash table element */ 286 typedef struct ht_match_s *ht_chain; 287 typedef struct ht_match_s { 288 ht_chain next; /* link to next node in chain */ 289 int key; /* key stored at this node in the table */ 290 uint16_t match_map; /* match map for this id */ 291 } ht_match_t; 292 293 extern kmem_cache_t *ht_node_cache; 294 extern kmem_cache_t *element_node_cache; 295 extern kmem_cache_t *ht_match_cache; 296 extern kmem_cache_t *trie_node_cache; 297 298 #ifdef __cplusplus 299 } 300 #endif 301 302 #endif /* _IPP_IPGPC_CLASSIFIER_OBJECTS_H */ 303