2 * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <arpa/inet.h>
20 #include <sys/socket.h>
21 #include <netinet/in.h>
22 #include <netinet/ip6.h>
23 #include <netinet/icmp6.h>
25 #include "byte-order.h"
30 #include "dynamic-string.h"
31 #include "ovs-thread.h"
33 #include "dp-packet.h"
34 #include "unaligned.h"
36 const struct in6_addr in6addr_exact = IN6ADDR_EXACT_INIT;
37 const struct in6_addr in6addr_all_hosts = IN6ADDR_ALL_HOSTS_INIT;
40 flow_tnl_dst(const struct flow_tnl *tnl)
44 in6_addr_set_mapped_ipv4(&addr, tnl->ip_dst);
51 flow_tnl_src(const struct flow_tnl *tnl)
55 in6_addr_set_mapped_ipv4(&addr, tnl->ip_src);
61 /* Parses 's' as a 16-digit hexadecimal number representing a datapath ID. On
62 * success stores the dpid into '*dpidp' and returns true, on failure stores 0
63 * into '*dpidp' and returns false.
65 * Rejects an all-zeros dpid as invalid. */
67 dpid_from_string(const char *s, uint64_t *dpidp)
69 *dpidp = (strlen(s) == 16 && strspn(s, "0123456789abcdefABCDEF") == 16
70 ? strtoull(s, NULL, 16)
75 /* Returns true if 'ea' is a reserved address, that a bridge must never
76 * forward, false otherwise.
78 * If you change this function's behavior, please update corresponding
79 * documentation in vswitch.xml at the same time. */
81 eth_addr_is_reserved(const struct eth_addr ea)
83 struct eth_addr_node {
84 struct hmap_node hmap_node;
88 static struct eth_addr_node nodes[] = {
89 /* STP, IEEE pause frames, and other reserved protocols. */
90 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000000ULL },
91 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000001ULL },
92 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000002ULL },
93 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000003ULL },
94 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000004ULL },
95 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000005ULL },
96 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000006ULL },
97 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000007ULL },
98 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000008ULL },
99 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000009ULL },
100 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000aULL },
101 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000bULL },
102 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000cULL },
103 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000dULL },
104 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000eULL },
105 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000fULL },
107 /* Extreme protocols. */
108 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000000ULL }, /* EDP. */
109 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000004ULL }, /* EAPS. */
110 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000006ULL }, /* EAPS. */
112 /* Cisco protocols. */
113 { HMAP_NODE_NULL_INITIALIZER, 0x01000c000000ULL }, /* ISL. */
114 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccccULL }, /* PAgP, UDLD, CDP,
116 { HMAP_NODE_NULL_INITIALIZER, 0x01000ccccccdULL }, /* PVST+. */
117 { HMAP_NODE_NULL_INITIALIZER, 0x01000ccdcdcdULL }, /* STP Uplink Fast,
121 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc0ULL },
122 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc1ULL },
123 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc2ULL },
124 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc3ULL },
125 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc4ULL },
126 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc5ULL },
127 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc6ULL },
128 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc7ULL },
131 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
132 struct eth_addr_node *node;
133 static struct hmap addrs;
136 if (ovsthread_once_start(&once)) {
138 for (node = nodes; node < &nodes[ARRAY_SIZE(nodes)]; node++) {
139 hmap_insert(&addrs, &node->hmap_node, hash_uint64(node->ea64));
141 ovsthread_once_done(&once);
144 ea64 = eth_addr_to_uint64(ea);
145 HMAP_FOR_EACH_IN_BUCKET (node, hmap_node, hash_uint64(ea64), &addrs) {
146 if (node->ea64 == ea64) {
154 eth_addr_from_string(const char *s, struct eth_addr *ea)
156 if (ovs_scan(s, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(*ea))) {
164 /* Fills 'b' with a Reverse ARP packet with Ethernet source address 'eth_src'.
165 * This function is used by Open vSwitch to compose packets in cases where
166 * context is important but content doesn't (or shouldn't) matter.
168 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
171 compose_rarp(struct dp_packet *b, const struct eth_addr eth_src)
173 struct eth_header *eth;
174 struct arp_eth_header *arp;
177 dp_packet_prealloc_tailroom(b, 2 + ETH_HEADER_LEN + VLAN_HEADER_LEN
178 + ARP_ETH_HEADER_LEN);
179 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
180 eth = dp_packet_put_uninit(b, sizeof *eth);
181 eth->eth_dst = eth_addr_broadcast;
182 eth->eth_src = eth_src;
183 eth->eth_type = htons(ETH_TYPE_RARP);
185 arp = dp_packet_put_uninit(b, sizeof *arp);
186 arp->ar_hrd = htons(ARP_HRD_ETHERNET);
187 arp->ar_pro = htons(ARP_PRO_IP);
188 arp->ar_hln = sizeof arp->ar_sha;
189 arp->ar_pln = sizeof arp->ar_spa;
190 arp->ar_op = htons(ARP_OP_RARP);
191 arp->ar_sha = eth_src;
192 put_16aligned_be32(&arp->ar_spa, htonl(0));
193 arp->ar_tha = eth_src;
194 put_16aligned_be32(&arp->ar_tpa, htonl(0));
196 dp_packet_reset_offsets(b);
197 dp_packet_set_l3(b, arp);
200 /* Insert VLAN header according to given TCI. Packet passed must be Ethernet
201 * packet. Ignores the CFI bit of 'tci' using 0 instead.
203 * Also adjusts the layer offsets accordingly. */
205 eth_push_vlan(struct dp_packet *packet, ovs_be16 tpid, ovs_be16 tci)
207 struct vlan_eth_header *veh;
209 /* Insert new 802.1Q header. */
210 veh = dp_packet_resize_l2(packet, VLAN_HEADER_LEN);
211 memmove(veh, (char *)veh + VLAN_HEADER_LEN, 2 * ETH_ADDR_LEN);
212 veh->veth_type = tpid;
213 veh->veth_tci = tci & htons(~VLAN_CFI);
216 /* Removes outermost VLAN header (if any is present) from 'packet'.
218 * 'packet->l2_5' should initially point to 'packet''s outer-most VLAN header
219 * or may be NULL if there are no VLAN headers. */
221 eth_pop_vlan(struct dp_packet *packet)
223 struct vlan_eth_header *veh = dp_packet_l2(packet);
225 if (veh && dp_packet_size(packet) >= sizeof *veh
226 && eth_type_vlan(veh->veth_type)) {
228 memmove((char *)veh + VLAN_HEADER_LEN, veh, 2 * ETH_ADDR_LEN);
229 dp_packet_resize_l2(packet, -VLAN_HEADER_LEN);
233 /* Set ethertype of the packet. */
235 set_ethertype(struct dp_packet *packet, ovs_be16 eth_type)
237 struct eth_header *eh = dp_packet_l2(packet);
243 if (eth_type_vlan(eh->eth_type)) {
245 char *l2_5 = dp_packet_l2_5(packet);
247 p = ALIGNED_CAST(ovs_be16 *,
248 (l2_5 ? l2_5 : (char *)dp_packet_l3(packet)) - 2);
251 eh->eth_type = eth_type;
255 static bool is_mpls(struct dp_packet *packet)
257 return packet->l2_5_ofs != UINT16_MAX;
260 /* Set time to live (TTL) of an MPLS label stack entry (LSE). */
262 set_mpls_lse_ttl(ovs_be32 *lse, uint8_t ttl)
264 *lse &= ~htonl(MPLS_TTL_MASK);
265 *lse |= htonl((ttl << MPLS_TTL_SHIFT) & MPLS_TTL_MASK);
268 /* Set traffic class (TC) of an MPLS label stack entry (LSE). */
270 set_mpls_lse_tc(ovs_be32 *lse, uint8_t tc)
272 *lse &= ~htonl(MPLS_TC_MASK);
273 *lse |= htonl((tc << MPLS_TC_SHIFT) & MPLS_TC_MASK);
276 /* Set label of an MPLS label stack entry (LSE). */
278 set_mpls_lse_label(ovs_be32 *lse, ovs_be32 label)
280 *lse &= ~htonl(MPLS_LABEL_MASK);
281 *lse |= htonl((ntohl(label) << MPLS_LABEL_SHIFT) & MPLS_LABEL_MASK);
284 /* Set bottom of stack (BoS) bit of an MPLS label stack entry (LSE). */
286 set_mpls_lse_bos(ovs_be32 *lse, uint8_t bos)
288 *lse &= ~htonl(MPLS_BOS_MASK);
289 *lse |= htonl((bos << MPLS_BOS_SHIFT) & MPLS_BOS_MASK);
292 /* Compose an MPLS label stack entry (LSE) from its components:
293 * label, traffic class (TC), time to live (TTL) and
294 * bottom of stack (BoS) bit. */
296 set_mpls_lse_values(uint8_t ttl, uint8_t tc, uint8_t bos, ovs_be32 label)
298 ovs_be32 lse = htonl(0);
299 set_mpls_lse_ttl(&lse, ttl);
300 set_mpls_lse_tc(&lse, tc);
301 set_mpls_lse_bos(&lse, bos);
302 set_mpls_lse_label(&lse, label);
306 /* Set MPLS label stack entry to outermost MPLS header.*/
308 set_mpls_lse(struct dp_packet *packet, ovs_be32 mpls_lse)
310 /* Packet type should be MPLS to set label stack entry. */
311 if (is_mpls(packet)) {
312 struct mpls_hdr *mh = dp_packet_l2_5(packet);
314 /* Update mpls label stack entry. */
315 put_16aligned_be32(&mh->mpls_lse, mpls_lse);
319 /* Push MPLS label stack entry 'lse' onto 'packet' as the outermost MPLS
320 * header. If 'packet' does not already have any MPLS labels, then its
321 * Ethertype is changed to 'ethtype' (which must be an MPLS Ethertype). */
323 push_mpls(struct dp_packet *packet, ovs_be16 ethtype, ovs_be32 lse)
328 if (!eth_type_mpls(ethtype)) {
332 if (!is_mpls(packet)) {
333 /* Set MPLS label stack offset. */
334 packet->l2_5_ofs = packet->l3_ofs;
337 set_ethertype(packet, ethtype);
339 /* Push new MPLS shim header onto packet. */
340 len = packet->l2_5_ofs;
341 header = dp_packet_resize_l2_5(packet, MPLS_HLEN);
342 memmove(header, header + MPLS_HLEN, len);
343 memcpy(header + len, &lse, sizeof lse);
346 /* If 'packet' is an MPLS packet, removes its outermost MPLS label stack entry.
347 * If the label that was removed was the only MPLS label, changes 'packet''s
348 * Ethertype to 'ethtype' (which ordinarily should not be an MPLS
351 pop_mpls(struct dp_packet *packet, ovs_be16 ethtype)
353 if (is_mpls(packet)) {
354 struct mpls_hdr *mh = dp_packet_l2_5(packet);
355 size_t len = packet->l2_5_ofs;
357 set_ethertype(packet, ethtype);
358 if (get_16aligned_be32(&mh->mpls_lse) & htonl(MPLS_BOS_MASK)) {
359 dp_packet_set_l2_5(packet, NULL);
361 /* Shift the l2 header forward. */
362 memmove((char*)dp_packet_data(packet) + MPLS_HLEN, dp_packet_data(packet), len);
363 dp_packet_resize_l2_5(packet, -MPLS_HLEN);
367 /* Converts hex digits in 'hex' to an Ethernet packet in '*packetp'. The
368 * caller must free '*packetp'. On success, returns NULL. On failure, returns
369 * an error message and stores NULL in '*packetp'.
371 * Aligns the L3 header of '*packetp' on a 32-bit boundary. */
373 eth_from_hex(const char *hex, struct dp_packet **packetp)
375 struct dp_packet *packet;
377 /* Use 2 bytes of headroom to 32-bit align the L3 header. */
378 packet = *packetp = dp_packet_new_with_headroom(strlen(hex) / 2, 2);
380 if (dp_packet_put_hex(packet, hex, NULL)[0] != '\0') {
381 dp_packet_delete(packet);
383 return "Trailing garbage in packet data";
386 if (dp_packet_size(packet) < ETH_HEADER_LEN) {
387 dp_packet_delete(packet);
389 return "Packet data too short for Ethernet";
396 eth_format_masked(const struct eth_addr eth,
397 const struct eth_addr *mask, struct ds *s)
399 ds_put_format(s, ETH_ADDR_FMT, ETH_ADDR_ARGS(eth));
400 if (mask && !eth_mask_is_exact(*mask)) {
401 ds_put_format(s, "/"ETH_ADDR_FMT, ETH_ADDR_ARGS(*mask));
405 /* Given the IP netmask 'netmask', returns the number of bits of the IP address
406 * that it specifies, that is, the number of 1-bits in 'netmask'.
408 * If 'netmask' is not a CIDR netmask (see ip_is_cidr()), the return value will
409 * still be in the valid range but isn't otherwise meaningful. */
411 ip_count_cidr_bits(ovs_be32 netmask)
413 return 32 - ctz32(ntohl(netmask));
417 ip_format_masked(ovs_be32 ip, ovs_be32 mask, struct ds *s)
419 ds_put_format(s, IP_FMT, IP_ARGS(ip));
420 if (mask != OVS_BE32_MAX) {
421 if (ip_is_cidr(mask)) {
422 ds_put_format(s, "/%d", ip_count_cidr_bits(mask));
424 ds_put_format(s, "/"IP_FMT, IP_ARGS(mask));
429 /* Parses string 's', which must be an IP address with an optional netmask or
430 * CIDR prefix length. Stores the IP address into '*ip' and the netmask into
431 * '*mask'. (If 's' does not contain a netmask, 255.255.255.255 is
434 * Returns NULL if successful, otherwise an error message that the caller must
436 char * OVS_WARN_UNUSED_RESULT
437 ip_parse_masked(const char *s, ovs_be32 *ip, ovs_be32 *mask)
442 if (ovs_scan(s, IP_SCAN_FMT"/"IP_SCAN_FMT"%n",
443 IP_SCAN_ARGS(ip), IP_SCAN_ARGS(mask), &n) && !s[n]) {
445 } else if (ovs_scan(s, IP_SCAN_FMT"/%d%n", IP_SCAN_ARGS(ip), &prefix, &n)
447 if (prefix <= 0 || prefix > 32) {
448 return xasprintf("%s: network prefix bits not between 0 and "
451 *mask = be32_prefix_mask(prefix);
452 } else if (ovs_scan(s, IP_SCAN_FMT"%n", IP_SCAN_ARGS(ip), &n) && !s[n]) {
453 *mask = OVS_BE32_MAX;
455 return xasprintf("%s: invalid IP address", s);
461 ipv6_format_addr(const struct in6_addr *addr, struct ds *s)
465 ds_reserve(s, s->length + INET6_ADDRSTRLEN);
467 dst = s->string + s->length;
468 inet_ntop(AF_INET6, addr, dst, INET6_ADDRSTRLEN);
469 s->length += strlen(dst);
472 /* Same as print_ipv6_addr, but optionally encloses the address in square
475 ipv6_format_addr_bracket(const struct in6_addr *addr, struct ds *s,
481 ipv6_format_addr(addr, s);
488 ipv6_format_mapped(const struct in6_addr *addr, struct ds *s)
490 if (IN6_IS_ADDR_V4MAPPED(addr)) {
491 ds_put_format(s, IP_FMT, addr->s6_addr[12], addr->s6_addr[13],
492 addr->s6_addr[14], addr->s6_addr[15]);
494 ipv6_format_addr(addr, s);
499 ipv6_format_masked(const struct in6_addr *addr, const struct in6_addr *mask,
502 ipv6_format_addr(addr, s);
503 if (mask && !ipv6_mask_is_exact(mask)) {
504 if (ipv6_is_cidr(mask)) {
505 int cidr_bits = ipv6_count_cidr_bits(mask);
506 ds_put_format(s, "/%d", cidr_bits);
509 ipv6_format_addr(mask, s);
514 /* Stores the string representation of the IPv6 address 'addr' into the
515 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
516 * bytes long. If addr is IPv4-mapped, store an IPv4 dotted-decimal string. */
518 ipv6_string_mapped(char *addr_str, const struct in6_addr *addr)
521 ip = in6_addr_get_mapped_ipv4(addr);
523 return inet_ntop(AF_INET, &ip, addr_str, INET6_ADDRSTRLEN);
525 return inet_ntop(AF_INET6, addr, addr_str, INET6_ADDRSTRLEN);
529 struct in6_addr ipv6_addr_bitand(const struct in6_addr *a,
530 const struct in6_addr *b)
536 for (i=0; i<4; i++) {
537 dst.s6_addr32[i] = a->s6_addr32[i] & b->s6_addr32[i];
540 for (i=0; i<16; i++) {
541 dst.s6_addr[i] = a->s6_addr[i] & b->s6_addr[i];
548 /* Returns an in6_addr consisting of 'mask' high-order 1-bits and 128-N
549 * low-order 0-bits. */
551 ipv6_create_mask(int mask)
553 struct in6_addr netmask;
554 uint8_t *netmaskp = &netmask.s6_addr[0];
556 memset(&netmask, 0, sizeof netmask);
564 *netmaskp = 0xff << (8 - mask);
570 /* Given the IPv6 netmask 'netmask', returns the number of bits of the IPv6
571 * address that it specifies, that is, the number of 1-bits in 'netmask'.
572 * 'netmask' must be a CIDR netmask (see ipv6_is_cidr()).
574 * If 'netmask' is not a CIDR netmask (see ipv6_is_cidr()), the return value
575 * will still be in the valid range but isn't otherwise meaningful. */
577 ipv6_count_cidr_bits(const struct in6_addr *netmask)
581 const uint8_t *netmaskp = &netmask->s6_addr[0];
583 for (i=0; i<16; i++) {
584 if (netmaskp[i] == 0xff) {
589 for(nm = netmaskp[i]; nm; nm <<= 1) {
600 /* Returns true if 'netmask' is a CIDR netmask, that is, if it consists of N
601 * high-order 1-bits and 128-N low-order 0-bits. */
603 ipv6_is_cidr(const struct in6_addr *netmask)
605 const uint8_t *netmaskp = &netmask->s6_addr[0];
608 for (i=0; i<16; i++) {
609 if (netmaskp[i] != 0xff) {
610 uint8_t x = ~netmaskp[i];
625 /* Parses string 's', which must be an IPv6 address with an optional
626 * CIDR prefix length. Stores the IP address into '*ipv6' and the CIDR
627 * prefix in '*prefix'. (If 's' does not contain a CIDR length, all-ones
630 * Returns NULL if successful, otherwise an error message that the caller must
632 char * OVS_WARN_UNUSED_RESULT
633 ipv6_parse_masked(const char *s, struct in6_addr *ipv6, struct in6_addr *mask)
635 char ipv6_s[IPV6_SCAN_LEN + 1];
636 char mask_s[IPV6_SCAN_LEN + 1];
640 if (ovs_scan(s, IPV6_SCAN_FMT"/"IPV6_SCAN_FMT"%n", ipv6_s, mask_s, &n)
641 && inet_pton(AF_INET6, ipv6_s, ipv6) == 1
642 && inet_pton(AF_INET6, mask_s, mask) == 1
645 } else if (ovs_scan(s, IPV6_SCAN_FMT"/%d%n", ipv6_s, &prefix, &n)
646 && inet_pton(AF_INET6, ipv6_s, ipv6) == 1
648 if (prefix <= 0 || prefix > 128) {
649 return xasprintf("%s: prefix bits not between 0 and 128", s);
651 *mask = ipv6_create_mask(prefix);
652 } else if (ovs_scan(s, IPV6_SCAN_FMT"%n", ipv6_s, &n)
653 && inet_pton(AF_INET6, ipv6_s, ipv6) == 1
655 *mask = in6addr_exact;
657 return xasprintf("%s: invalid IP address", s);
662 /* Populates 'b' with an Ethernet II packet headed with the given 'eth_dst',
663 * 'eth_src' and 'eth_type' parameters. A payload of 'size' bytes is allocated
664 * in 'b' and returned. This payload may be populated with appropriate
665 * information by the caller. Sets 'b''s 'frame' pointer and 'l3' offset to
666 * the Ethernet header and payload respectively. Aligns b->l3 on a 32-bit
669 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
672 eth_compose(struct dp_packet *b, const struct eth_addr eth_dst,
673 const struct eth_addr eth_src, uint16_t eth_type,
677 struct eth_header *eth;
681 /* The magic 2 here ensures that the L3 header (when it is added later)
682 * will be 32-bit aligned. */
683 dp_packet_prealloc_tailroom(b, 2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + size);
684 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
685 eth = dp_packet_put_uninit(b, ETH_HEADER_LEN);
686 data = dp_packet_put_uninit(b, size);
688 eth->eth_dst = eth_dst;
689 eth->eth_src = eth_src;
690 eth->eth_type = htons(eth_type);
692 dp_packet_reset_offsets(b);
693 dp_packet_set_l3(b, data);
699 packet_set_ipv4_addr(struct dp_packet *packet,
700 ovs_16aligned_be32 *addr, ovs_be32 new_addr)
702 struct ip_header *nh = dp_packet_l3(packet);
703 ovs_be32 old_addr = get_16aligned_be32(addr);
704 size_t l4_size = dp_packet_l4_size(packet);
706 if (nh->ip_proto == IPPROTO_TCP && l4_size >= TCP_HEADER_LEN) {
707 struct tcp_header *th = dp_packet_l4(packet);
709 th->tcp_csum = recalc_csum32(th->tcp_csum, old_addr, new_addr);
710 } else if (nh->ip_proto == IPPROTO_UDP && l4_size >= UDP_HEADER_LEN ) {
711 struct udp_header *uh = dp_packet_l4(packet);
714 uh->udp_csum = recalc_csum32(uh->udp_csum, old_addr, new_addr);
716 uh->udp_csum = htons(0xffff);
720 nh->ip_csum = recalc_csum32(nh->ip_csum, old_addr, new_addr);
721 put_16aligned_be32(addr, new_addr);
724 /* Returns true, if packet contains at least one routing header where
725 * segements_left > 0.
727 * This function assumes that L3 and L4 offsets are set in the packet. */
729 packet_rh_present(struct dp_packet *packet)
731 const struct ovs_16aligned_ip6_hdr *nh;
735 uint8_t *data = dp_packet_l3(packet);
737 remaining = packet->l4_ofs - packet->l3_ofs;
739 if (remaining < sizeof *nh) {
742 nh = ALIGNED_CAST(struct ovs_16aligned_ip6_hdr *, data);
744 remaining -= sizeof *nh;
745 nexthdr = nh->ip6_nxt;
748 if ((nexthdr != IPPROTO_HOPOPTS)
749 && (nexthdr != IPPROTO_ROUTING)
750 && (nexthdr != IPPROTO_DSTOPTS)
751 && (nexthdr != IPPROTO_AH)
752 && (nexthdr != IPPROTO_FRAGMENT)) {
753 /* It's either a terminal header (e.g., TCP, UDP) or one we
754 * don't understand. In either case, we're done with the
755 * packet, so use it to fill in 'nw_proto'. */
759 /* We only verify that at least 8 bytes of the next header are
760 * available, but many of these headers are longer. Ensure that
761 * accesses within the extension header are within those first 8
762 * bytes. All extension headers are required to be at least 8
768 if (nexthdr == IPPROTO_AH) {
769 /* A standard AH definition isn't available, but the fields
770 * we care about are in the same location as the generic
771 * option header--only the header length is calculated
773 const struct ip6_ext *ext_hdr = (struct ip6_ext *)data;
775 nexthdr = ext_hdr->ip6e_nxt;
776 len = (ext_hdr->ip6e_len + 2) * 4;
777 } else if (nexthdr == IPPROTO_FRAGMENT) {
778 const struct ovs_16aligned_ip6_frag *frag_hdr
779 = ALIGNED_CAST(struct ovs_16aligned_ip6_frag *, data);
781 nexthdr = frag_hdr->ip6f_nxt;
782 len = sizeof *frag_hdr;
783 } else if (nexthdr == IPPROTO_ROUTING) {
784 const struct ip6_rthdr *rh = (struct ip6_rthdr *)data;
786 if (rh->ip6r_segleft > 0) {
790 nexthdr = rh->ip6r_nxt;
791 len = (rh->ip6r_len + 1) * 8;
793 const struct ip6_ext *ext_hdr = (struct ip6_ext *)data;
795 nexthdr = ext_hdr->ip6e_nxt;
796 len = (ext_hdr->ip6e_len + 1) * 8;
799 if (remaining < len) {
810 packet_update_csum128(struct dp_packet *packet, uint8_t proto,
811 ovs_16aligned_be32 addr[4], const ovs_be32 new_addr[4])
813 size_t l4_size = dp_packet_l4_size(packet);
815 if (proto == IPPROTO_TCP && l4_size >= TCP_HEADER_LEN) {
816 struct tcp_header *th = dp_packet_l4(packet);
818 th->tcp_csum = recalc_csum128(th->tcp_csum, addr, new_addr);
819 } else if (proto == IPPROTO_UDP && l4_size >= UDP_HEADER_LEN) {
820 struct udp_header *uh = dp_packet_l4(packet);
823 uh->udp_csum = recalc_csum128(uh->udp_csum, addr, new_addr);
825 uh->udp_csum = htons(0xffff);
828 } else if (proto == IPPROTO_ICMPV6 &&
829 l4_size >= sizeof(struct icmp6_header)) {
830 struct icmp6_header *icmp = dp_packet_l4(packet);
832 icmp->icmp6_cksum = recalc_csum128(icmp->icmp6_cksum, addr, new_addr);
837 packet_set_ipv6_addr(struct dp_packet *packet, uint8_t proto,
838 ovs_16aligned_be32 addr[4], const ovs_be32 new_addr[4],
839 bool recalculate_csum)
841 if (recalculate_csum) {
842 packet_update_csum128(packet, proto, addr, new_addr);
844 memcpy(addr, new_addr, sizeof(ovs_be32[4]));
848 packet_set_ipv6_flow_label(ovs_16aligned_be32 *flow_label, ovs_be32 flow_key)
850 ovs_be32 old_label = get_16aligned_be32(flow_label);
851 ovs_be32 new_label = (old_label & htonl(~IPV6_LABEL_MASK)) | flow_key;
852 put_16aligned_be32(flow_label, new_label);
856 packet_set_ipv6_tc(ovs_16aligned_be32 *flow_label, uint8_t tc)
858 ovs_be32 old_label = get_16aligned_be32(flow_label);
859 ovs_be32 new_label = (old_label & htonl(0xF00FFFFF)) | htonl(tc << 20);
860 put_16aligned_be32(flow_label, new_label);
863 /* Modifies the IPv4 header fields of 'packet' to be consistent with 'src',
864 * 'dst', 'tos', and 'ttl'. Updates 'packet''s L4 checksums as appropriate.
865 * 'packet' must contain a valid IPv4 packet with correctly populated l[347]
868 packet_set_ipv4(struct dp_packet *packet, ovs_be32 src, ovs_be32 dst,
869 uint8_t tos, uint8_t ttl)
871 struct ip_header *nh = dp_packet_l3(packet);
873 if (get_16aligned_be32(&nh->ip_src) != src) {
874 packet_set_ipv4_addr(packet, &nh->ip_src, src);
877 if (get_16aligned_be32(&nh->ip_dst) != dst) {
878 packet_set_ipv4_addr(packet, &nh->ip_dst, dst);
881 if (nh->ip_tos != tos) {
882 uint8_t *field = &nh->ip_tos;
884 nh->ip_csum = recalc_csum16(nh->ip_csum, htons((uint16_t) *field),
885 htons((uint16_t) tos));
889 if (nh->ip_ttl != ttl) {
890 uint8_t *field = &nh->ip_ttl;
892 nh->ip_csum = recalc_csum16(nh->ip_csum, htons(*field << 8),
898 /* Modifies the IPv6 header fields of 'packet' to be consistent with 'src',
899 * 'dst', 'traffic class', and 'next hop'. Updates 'packet''s L4 checksums as
900 * appropriate. 'packet' must contain a valid IPv6 packet with correctly
901 * populated l[34] offsets. */
903 packet_set_ipv6(struct dp_packet *packet, uint8_t proto, const ovs_be32 src[4],
904 const ovs_be32 dst[4], uint8_t key_tc, ovs_be32 key_fl,
907 struct ovs_16aligned_ip6_hdr *nh = dp_packet_l3(packet);
909 if (memcmp(&nh->ip6_src, src, sizeof(ovs_be32[4]))) {
910 packet_set_ipv6_addr(packet, proto, nh->ip6_src.be32, src, true);
913 if (memcmp(&nh->ip6_dst, dst, sizeof(ovs_be32[4]))) {
914 packet_set_ipv6_addr(packet, proto, nh->ip6_dst.be32, dst,
915 !packet_rh_present(packet));
918 packet_set_ipv6_tc(&nh->ip6_flow, key_tc);
920 packet_set_ipv6_flow_label(&nh->ip6_flow, key_fl);
922 nh->ip6_hlim = key_hl;
926 packet_set_port(ovs_be16 *port, ovs_be16 new_port, ovs_be16 *csum)
928 if (*port != new_port) {
929 *csum = recalc_csum16(*csum, *port, new_port);
934 /* Sets the TCP source and destination port ('src' and 'dst' respectively) of
935 * the TCP header contained in 'packet'. 'packet' must be a valid TCP packet
936 * with its l4 offset properly populated. */
938 packet_set_tcp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
940 struct tcp_header *th = dp_packet_l4(packet);
942 packet_set_port(&th->tcp_src, src, &th->tcp_csum);
943 packet_set_port(&th->tcp_dst, dst, &th->tcp_csum);
946 /* Sets the UDP source and destination port ('src' and 'dst' respectively) of
947 * the UDP header contained in 'packet'. 'packet' must be a valid UDP packet
948 * with its l4 offset properly populated. */
950 packet_set_udp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
952 struct udp_header *uh = dp_packet_l4(packet);
955 packet_set_port(&uh->udp_src, src, &uh->udp_csum);
956 packet_set_port(&uh->udp_dst, dst, &uh->udp_csum);
959 uh->udp_csum = htons(0xffff);
967 /* Sets the SCTP source and destination port ('src' and 'dst' respectively) of
968 * the SCTP header contained in 'packet'. 'packet' must be a valid SCTP packet
969 * with its l4 offset properly populated. */
971 packet_set_sctp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
973 struct sctp_header *sh = dp_packet_l4(packet);
974 ovs_be32 old_csum, old_correct_csum, new_csum;
975 uint16_t tp_len = dp_packet_l4_size(packet);
977 old_csum = get_16aligned_be32(&sh->sctp_csum);
978 put_16aligned_be32(&sh->sctp_csum, 0);
979 old_correct_csum = crc32c((void *)sh, tp_len);
984 new_csum = crc32c((void *)sh, tp_len);
985 put_16aligned_be32(&sh->sctp_csum, old_csum ^ old_correct_csum ^ new_csum);
988 /* Sets the ICMP type and code of the ICMP header contained in 'packet'.
989 * 'packet' must be a valid ICMP packet with its l4 offset properly
992 packet_set_icmp(struct dp_packet *packet, uint8_t type, uint8_t code)
994 struct icmp_header *ih = dp_packet_l4(packet);
995 ovs_be16 orig_tc = htons(ih->icmp_type << 8 | ih->icmp_code);
996 ovs_be16 new_tc = htons(type << 8 | code);
998 if (orig_tc != new_tc) {
999 ih->icmp_type = type;
1000 ih->icmp_code = code;
1002 ih->icmp_csum = recalc_csum16(ih->icmp_csum, orig_tc, new_tc);
1007 packet_set_nd(struct dp_packet *packet, const ovs_be32 target[4],
1008 const struct eth_addr sll, const struct eth_addr tll) {
1009 struct ovs_nd_msg *ns;
1010 struct ovs_nd_opt *nd_opt;
1011 int bytes_remain = dp_packet_l4_size(packet);
1013 if (OVS_UNLIKELY(bytes_remain < sizeof(*ns))) {
1017 ns = dp_packet_l4(packet);
1018 nd_opt = &ns->options[0];
1019 bytes_remain -= sizeof(*ns);
1021 if (memcmp(&ns->target, target, sizeof(ovs_be32[4]))) {
1022 packet_set_ipv6_addr(packet, IPPROTO_ICMPV6,
1027 while (bytes_remain >= ND_OPT_LEN && nd_opt->nd_opt_len != 0) {
1028 if (nd_opt->nd_opt_type == ND_OPT_SOURCE_LINKADDR
1029 && nd_opt->nd_opt_len == 1) {
1030 if (!eth_addr_equals(nd_opt->nd_opt_mac, sll)) {
1031 ovs_be16 *csum = &(ns->icmph.icmp6_cksum);
1033 *csum = recalc_csum48(*csum, nd_opt->nd_opt_mac, sll);
1034 nd_opt->nd_opt_mac = sll;
1037 /* A packet can only contain one SLL or TLL option */
1039 } else if (nd_opt->nd_opt_type == ND_OPT_TARGET_LINKADDR
1040 && nd_opt->nd_opt_len == 1) {
1041 if (!eth_addr_equals(nd_opt->nd_opt_mac, tll)) {
1042 ovs_be16 *csum = &(ns->icmph.icmp6_cksum);
1044 *csum = recalc_csum48(*csum, nd_opt->nd_opt_mac, tll);
1045 nd_opt->nd_opt_mac = tll;
1048 /* A packet can only contain one SLL or TLL option */
1052 nd_opt += nd_opt->nd_opt_len;
1053 bytes_remain -= nd_opt->nd_opt_len * ND_OPT_LEN;
1058 packet_tcp_flag_to_string(uint32_t flag)
1090 /* Appends a string representation of the TCP flags value 'tcp_flags'
1091 * (e.g. from struct flow.tcp_flags or obtained via TCP_FLAGS) to 's', in the
1092 * format used by tcpdump. */
1094 packet_format_tcp_flags(struct ds *s, uint16_t tcp_flags)
1097 ds_put_cstr(s, "none");
1101 if (tcp_flags & TCP_SYN) {
1102 ds_put_char(s, 'S');
1104 if (tcp_flags & TCP_FIN) {
1105 ds_put_char(s, 'F');
1107 if (tcp_flags & TCP_PSH) {
1108 ds_put_char(s, 'P');
1110 if (tcp_flags & TCP_RST) {
1111 ds_put_char(s, 'R');
1113 if (tcp_flags & TCP_URG) {
1114 ds_put_char(s, 'U');
1116 if (tcp_flags & TCP_ACK) {
1117 ds_put_char(s, '.');
1119 if (tcp_flags & TCP_ECE) {
1120 ds_put_cstr(s, "E");
1122 if (tcp_flags & TCP_CWR) {
1123 ds_put_cstr(s, "C");
1125 if (tcp_flags & TCP_NS) {
1126 ds_put_cstr(s, "N");
1128 if (tcp_flags & 0x200) {
1129 ds_put_cstr(s, "[200]");
1131 if (tcp_flags & 0x400) {
1132 ds_put_cstr(s, "[400]");
1134 if (tcp_flags & 0x800) {
1135 ds_put_cstr(s, "[800]");
1139 #define ARP_PACKET_SIZE (2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + \
1142 /* Clears 'b' and replaces its contents by an ARP frame with the specified
1143 * 'arp_op', 'arp_sha', 'arp_tha', 'arp_spa', and 'arp_tpa'. The outer
1144 * Ethernet frame is initialized with Ethernet source 'arp_sha' and destination
1145 * 'arp_tha', except that destination ff:ff:ff:ff:ff:ff is used instead if
1146 * 'broadcast' is true. */
1148 compose_arp(struct dp_packet *b, uint16_t arp_op,
1149 const struct eth_addr arp_sha, const struct eth_addr arp_tha,
1150 bool broadcast, ovs_be32 arp_spa, ovs_be32 arp_tpa)
1152 struct eth_header *eth;
1153 struct arp_eth_header *arp;
1156 dp_packet_prealloc_tailroom(b, ARP_PACKET_SIZE);
1157 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
1159 eth = dp_packet_put_uninit(b, sizeof *eth);
1160 eth->eth_dst = broadcast ? eth_addr_broadcast : arp_tha;
1161 eth->eth_src = arp_sha;
1162 eth->eth_type = htons(ETH_TYPE_ARP);
1164 arp = dp_packet_put_uninit(b, sizeof *arp);
1165 arp->ar_hrd = htons(ARP_HRD_ETHERNET);
1166 arp->ar_pro = htons(ARP_PRO_IP);
1167 arp->ar_hln = sizeof arp->ar_sha;
1168 arp->ar_pln = sizeof arp->ar_spa;
1169 arp->ar_op = htons(arp_op);
1170 arp->ar_sha = arp_sha;
1171 arp->ar_tha = arp_tha;
1173 put_16aligned_be32(&arp->ar_spa, arp_spa);
1174 put_16aligned_be32(&arp->ar_tpa, arp_tpa);
1176 dp_packet_reset_offsets(b);
1177 dp_packet_set_l3(b, arp);
1181 packet_csum_pseudoheader(const struct ip_header *ip)
1183 uint32_t partial = 0;
1185 partial = csum_add32(partial, get_16aligned_be32(&ip->ip_src));
1186 partial = csum_add32(partial, get_16aligned_be32(&ip->ip_dst));
1187 partial = csum_add16(partial, htons(ip->ip_proto));
1188 partial = csum_add16(partial, htons(ntohs(ip->ip_tot_len) -
1189 IP_IHL(ip->ip_ihl_ver) * 4));