2 * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
3 * Copyright (c) 2013 Simon Horman
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 #include "odp-execute.h"
20 #include <arpa/inet.h>
21 #include <netinet/in.h>
22 #include <netinet/icmp6.h>
23 #include <netinet/ip6.h>
27 #include "dp-packet.h"
30 #include "odp-netlink.h"
34 #include "unaligned.h"
37 /* Masked copy of an ethernet address. 'src' is already properly masked. */
39 ether_addr_copy_masked(struct eth_addr *dst, const struct eth_addr src,
40 const struct eth_addr mask)
44 for (i = 0; i < ARRAY_SIZE(dst->be16); i++) {
45 dst->be16[i] = src.be16[i] | (dst->be16[i] & ~mask.be16[i]);
50 odp_eth_set_addrs(struct dp_packet *packet, const struct ovs_key_ethernet *key,
51 const struct ovs_key_ethernet *mask)
53 struct eth_header *eh = dp_packet_l2(packet);
57 eh->eth_src = key->eth_src;
58 eh->eth_dst = key->eth_dst;
60 ether_addr_copy_masked(&eh->eth_src, key->eth_src, mask->eth_src);
61 ether_addr_copy_masked(&eh->eth_dst, key->eth_dst, mask->eth_dst);
67 odp_set_ipv4(struct dp_packet *packet, const struct ovs_key_ipv4 *key,
68 const struct ovs_key_ipv4 *mask)
70 struct ip_header *nh = dp_packet_l3(packet);
74 key->ipv4_src | (get_16aligned_be32(&nh->ip_src) & ~mask->ipv4_src),
75 key->ipv4_dst | (get_16aligned_be32(&nh->ip_dst) & ~mask->ipv4_dst),
76 key->ipv4_tos | (nh->ip_tos & ~mask->ipv4_tos),
77 key->ipv4_ttl | (nh->ip_ttl & ~mask->ipv4_ttl));
80 static const ovs_be32 *
81 mask_ipv6_addr(const ovs_16aligned_be32 *old, const ovs_be32 *addr,
82 const ovs_be32 *mask, ovs_be32 *masked)
84 for (int i = 0; i < 4; i++) {
85 masked[i] = addr[i] | (get_16aligned_be32(&old[i]) & ~mask[i]);
92 odp_set_ipv6(struct dp_packet *packet, const struct ovs_key_ipv6 *key,
93 const struct ovs_key_ipv6 *mask)
95 struct ovs_16aligned_ip6_hdr *nh = dp_packet_l3(packet);
96 ovs_be32 sbuf[4], dbuf[4];
97 uint8_t old_tc = ntohl(get_16aligned_be32(&nh->ip6_flow)) >> 20;
98 ovs_be32 old_fl = get_16aligned_be32(&nh->ip6_flow) & htonl(0xfffff);
103 mask_ipv6_addr(nh->ip6_src.be32, key->ipv6_src, mask->ipv6_src, sbuf),
104 mask_ipv6_addr(nh->ip6_dst.be32, key->ipv6_dst, mask->ipv6_dst, dbuf),
105 key->ipv6_tclass | (old_tc & ~mask->ipv6_tclass),
106 key->ipv6_label | (old_fl & ~mask->ipv6_label),
107 key->ipv6_hlimit | (nh->ip6_hlim & ~mask->ipv6_hlimit));
111 odp_set_tcp(struct dp_packet *packet, const struct ovs_key_tcp *key,
112 const struct ovs_key_tcp *mask)
114 struct tcp_header *th = dp_packet_l4(packet);
116 if (OVS_LIKELY(th && dp_packet_get_tcp_payload(packet))) {
117 packet_set_tcp_port(packet,
118 key->tcp_src | (th->tcp_src & ~mask->tcp_src),
119 key->tcp_dst | (th->tcp_dst & ~mask->tcp_dst));
124 odp_set_udp(struct dp_packet *packet, const struct ovs_key_udp *key,
125 const struct ovs_key_udp *mask)
127 struct udp_header *uh = dp_packet_l4(packet);
129 if (OVS_LIKELY(uh && dp_packet_get_udp_payload(packet))) {
130 packet_set_udp_port(packet,
131 key->udp_src | (uh->udp_src & ~mask->udp_src),
132 key->udp_dst | (uh->udp_dst & ~mask->udp_dst));
137 odp_set_sctp(struct dp_packet *packet, const struct ovs_key_sctp *key,
138 const struct ovs_key_sctp *mask)
140 struct sctp_header *sh = dp_packet_l4(packet);
142 if (OVS_LIKELY(sh && dp_packet_get_sctp_payload(packet))) {
143 packet_set_sctp_port(packet,
144 key->sctp_src | (sh->sctp_src & ~mask->sctp_src),
145 key->sctp_dst | (sh->sctp_dst & ~mask->sctp_dst));
150 odp_set_tunnel_action(const struct nlattr *a, struct flow_tnl *tun_key)
152 enum odp_key_fitness fitness;
154 fitness = odp_tun_key_from_attr(a, true, tun_key);
155 ovs_assert(fitness != ODP_FIT_ERROR);
159 set_arp(struct dp_packet *packet, const struct ovs_key_arp *key,
160 const struct ovs_key_arp *mask)
162 struct arp_eth_header *arp = dp_packet_l3(packet);
165 arp->ar_op = key->arp_op;
166 arp->ar_sha = key->arp_sha;
167 put_16aligned_be32(&arp->ar_spa, key->arp_sip);
168 arp->ar_tha = key->arp_tha;
169 put_16aligned_be32(&arp->ar_tpa, key->arp_tip);
171 ovs_be32 ar_spa = get_16aligned_be32(&arp->ar_spa);
172 ovs_be32 ar_tpa = get_16aligned_be32(&arp->ar_tpa);
174 arp->ar_op = key->arp_op | (arp->ar_op & ~mask->arp_op);
175 ether_addr_copy_masked(&arp->ar_sha, key->arp_sha, mask->arp_sha);
176 put_16aligned_be32(&arp->ar_spa,
177 key->arp_sip | (ar_spa & ~mask->arp_sip));
178 ether_addr_copy_masked(&arp->ar_tha, key->arp_tha, mask->arp_tha);
179 put_16aligned_be32(&arp->ar_tpa,
180 key->arp_tip | (ar_tpa & ~mask->arp_tip));
185 odp_set_nd(struct dp_packet *packet, const struct ovs_key_nd *key,
186 const struct ovs_key_nd *mask)
188 const struct ovs_nd_msg *ns = dp_packet_l4(packet);
189 const struct ovs_nd_opt *nd_opt = dp_packet_get_nd_payload(packet);
191 if (OVS_LIKELY(ns && nd_opt)) {
192 int bytes_remain = dp_packet_l4_size(packet) - sizeof(*ns);
194 struct eth_addr sll_buf = eth_addr_zero;
195 struct eth_addr tll_buf = eth_addr_zero;
197 while (bytes_remain >= ND_OPT_LEN && nd_opt->nd_opt_len != 0) {
198 if (nd_opt->nd_opt_type == ND_OPT_SOURCE_LINKADDR
199 && nd_opt->nd_opt_len == 1) {
200 sll_buf = nd_opt->nd_opt_mac;
201 ether_addr_copy_masked(&sll_buf, key->nd_sll, mask->nd_sll);
203 /* A packet can only contain one SLL or TLL option */
205 } else if (nd_opt->nd_opt_type == ND_OPT_TARGET_LINKADDR
206 && nd_opt->nd_opt_len == 1) {
207 tll_buf = nd_opt->nd_opt_mac;
208 ether_addr_copy_masked(&tll_buf, key->nd_tll, mask->nd_tll);
210 /* A packet can only contain one SLL or TLL option */
214 nd_opt += nd_opt->nd_opt_len;
215 bytes_remain -= nd_opt->nd_opt_len * ND_OPT_LEN;
218 packet_set_nd(packet,
219 mask_ipv6_addr(ns->target.be32,
220 key->nd_target, mask->nd_target, tgt_buf),
227 odp_execute_set_action(struct dp_packet *packet, const struct nlattr *a)
229 enum ovs_key_attr type = nl_attr_type(a);
230 const struct ovs_key_ipv4 *ipv4_key;
231 const struct ovs_key_ipv6 *ipv6_key;
232 struct pkt_metadata *md = &packet->md;
235 case OVS_KEY_ATTR_PRIORITY:
236 md->skb_priority = nl_attr_get_u32(a);
239 case OVS_KEY_ATTR_TUNNEL:
240 odp_set_tunnel_action(a, &md->tunnel);
243 case OVS_KEY_ATTR_SKB_MARK:
244 md->pkt_mark = nl_attr_get_u32(a);
247 case OVS_KEY_ATTR_ETHERNET:
248 odp_eth_set_addrs(packet, nl_attr_get(a), NULL);
251 case OVS_KEY_ATTR_IPV4:
252 ipv4_key = nl_attr_get_unspec(a, sizeof(struct ovs_key_ipv4));
253 packet_set_ipv4(packet, ipv4_key->ipv4_src,
254 ipv4_key->ipv4_dst, ipv4_key->ipv4_tos,
258 case OVS_KEY_ATTR_IPV6:
259 ipv6_key = nl_attr_get_unspec(a, sizeof(struct ovs_key_ipv6));
260 packet_set_ipv6(packet, ipv6_key->ipv6_proto,
261 ipv6_key->ipv6_src, ipv6_key->ipv6_dst,
262 ipv6_key->ipv6_tclass, ipv6_key->ipv6_label,
263 ipv6_key->ipv6_hlimit);
266 case OVS_KEY_ATTR_TCP:
267 if (OVS_LIKELY(dp_packet_get_tcp_payload(packet))) {
268 const struct ovs_key_tcp *tcp_key
269 = nl_attr_get_unspec(a, sizeof(struct ovs_key_tcp));
271 packet_set_tcp_port(packet, tcp_key->tcp_src,
276 case OVS_KEY_ATTR_UDP:
277 if (OVS_LIKELY(dp_packet_get_udp_payload(packet))) {
278 const struct ovs_key_udp *udp_key
279 = nl_attr_get_unspec(a, sizeof(struct ovs_key_udp));
281 packet_set_udp_port(packet, udp_key->udp_src,
286 case OVS_KEY_ATTR_SCTP:
287 if (OVS_LIKELY(dp_packet_get_sctp_payload(packet))) {
288 const struct ovs_key_sctp *sctp_key
289 = nl_attr_get_unspec(a, sizeof(struct ovs_key_sctp));
291 packet_set_sctp_port(packet, sctp_key->sctp_src,
296 case OVS_KEY_ATTR_MPLS:
297 set_mpls_lse(packet, nl_attr_get_be32(a));
300 case OVS_KEY_ATTR_ARP:
301 set_arp(packet, nl_attr_get(a), NULL);
304 case OVS_KEY_ATTR_ND:
305 if (OVS_LIKELY(dp_packet_get_nd_payload(packet))) {
306 const struct ovs_key_nd *nd_key
307 = nl_attr_get_unspec(a, sizeof(struct ovs_key_nd));
308 packet_set_nd(packet, nd_key->nd_target, nd_key->nd_sll,
313 case OVS_KEY_ATTR_DP_HASH:
314 md->dp_hash = nl_attr_get_u32(a);
317 case OVS_KEY_ATTR_RECIRC_ID:
318 md->recirc_id = nl_attr_get_u32(a);
321 case OVS_KEY_ATTR_UNSPEC:
322 case OVS_KEY_ATTR_ENCAP:
323 case OVS_KEY_ATTR_ETHERTYPE:
324 case OVS_KEY_ATTR_IN_PORT:
325 case OVS_KEY_ATTR_VLAN:
326 case OVS_KEY_ATTR_ICMP:
327 case OVS_KEY_ATTR_ICMPV6:
328 case OVS_KEY_ATTR_TCP_FLAGS:
329 case OVS_KEY_ATTR_CT_STATE:
330 case OVS_KEY_ATTR_CT_ZONE:
331 case OVS_KEY_ATTR_CT_MARK:
332 case __OVS_KEY_ATTR_MAX:
338 #define get_mask(a, type) ((const type *)(const void *)(a + 1) + 1)
341 odp_execute_masked_set_action(struct dp_packet *packet,
342 const struct nlattr *a)
344 struct pkt_metadata *md = &packet->md;
345 enum ovs_key_attr type = nl_attr_type(a);
349 case OVS_KEY_ATTR_PRIORITY:
350 md->skb_priority = nl_attr_get_u32(a)
351 | (md->skb_priority & ~*get_mask(a, uint32_t));
354 case OVS_KEY_ATTR_SKB_MARK:
355 md->pkt_mark = nl_attr_get_u32(a)
356 | (md->pkt_mark & ~*get_mask(a, uint32_t));
359 case OVS_KEY_ATTR_ETHERNET:
360 odp_eth_set_addrs(packet, nl_attr_get(a),
361 get_mask(a, struct ovs_key_ethernet));
364 case OVS_KEY_ATTR_IPV4:
365 odp_set_ipv4(packet, nl_attr_get(a),
366 get_mask(a, struct ovs_key_ipv4));
369 case OVS_KEY_ATTR_IPV6:
370 odp_set_ipv6(packet, nl_attr_get(a),
371 get_mask(a, struct ovs_key_ipv6));
374 case OVS_KEY_ATTR_TCP:
375 odp_set_tcp(packet, nl_attr_get(a),
376 get_mask(a, struct ovs_key_tcp));
379 case OVS_KEY_ATTR_UDP:
380 odp_set_udp(packet, nl_attr_get(a),
381 get_mask(a, struct ovs_key_udp));
384 case OVS_KEY_ATTR_SCTP:
385 odp_set_sctp(packet, nl_attr_get(a),
386 get_mask(a, struct ovs_key_sctp));
389 case OVS_KEY_ATTR_MPLS:
390 mh = dp_packet_l2_5(packet);
392 put_16aligned_be32(&mh->mpls_lse, nl_attr_get_be32(a)
393 | (get_16aligned_be32(&mh->mpls_lse)
394 & ~*get_mask(a, ovs_be32)));
398 case OVS_KEY_ATTR_ARP:
399 set_arp(packet, nl_attr_get(a),
400 get_mask(a, struct ovs_key_arp));
403 case OVS_KEY_ATTR_ND:
404 odp_set_nd(packet, nl_attr_get(a),
405 get_mask(a, struct ovs_key_nd));
408 case OVS_KEY_ATTR_DP_HASH:
409 md->dp_hash = nl_attr_get_u32(a)
410 | (md->dp_hash & ~*get_mask(a, uint32_t));
413 case OVS_KEY_ATTR_RECIRC_ID:
414 md->recirc_id = nl_attr_get_u32(a)
415 | (md->recirc_id & ~*get_mask(a, uint32_t));
418 case OVS_KEY_ATTR_TUNNEL: /* Masked data not supported for tunnel. */
419 case OVS_KEY_ATTR_UNSPEC:
420 case OVS_KEY_ATTR_CT_STATE:
421 case OVS_KEY_ATTR_CT_ZONE:
422 case OVS_KEY_ATTR_CT_MARK:
423 case OVS_KEY_ATTR_ENCAP:
424 case OVS_KEY_ATTR_ETHERTYPE:
425 case OVS_KEY_ATTR_IN_PORT:
426 case OVS_KEY_ATTR_VLAN:
427 case OVS_KEY_ATTR_ICMP:
428 case OVS_KEY_ATTR_ICMPV6:
429 case OVS_KEY_ATTR_TCP_FLAGS:
430 case __OVS_KEY_ATTR_MAX:
437 odp_execute_sample(void *dp, struct dp_packet *packet, bool steal,
438 const struct nlattr *action,
439 odp_execute_cb dp_execute_action)
441 const struct nlattr *subactions = NULL;
442 const struct nlattr *a;
445 NL_NESTED_FOR_EACH_UNSAFE (a, left, action) {
446 int type = nl_attr_type(a);
448 switch ((enum ovs_sample_attr) type) {
449 case OVS_SAMPLE_ATTR_PROBABILITY:
450 if (random_uint32() >= nl_attr_get_u32(a)) {
452 dp_packet_delete(packet);
458 case OVS_SAMPLE_ATTR_ACTIONS:
462 case OVS_SAMPLE_ATTR_UNSPEC:
463 case __OVS_SAMPLE_ATTR_MAX:
469 odp_execute_actions(dp, &packet, 1, steal, nl_attr_get(subactions),
470 nl_attr_get_size(subactions), dp_execute_action);
474 requires_datapath_assistance(const struct nlattr *a)
476 enum ovs_action_attr type = nl_attr_type(a);
479 /* These only make sense in the context of a datapath. */
480 case OVS_ACTION_ATTR_OUTPUT:
481 case OVS_ACTION_ATTR_TUNNEL_PUSH:
482 case OVS_ACTION_ATTR_TUNNEL_POP:
483 case OVS_ACTION_ATTR_USERSPACE:
484 case OVS_ACTION_ATTR_RECIRC:
485 case OVS_ACTION_ATTR_CT:
488 case OVS_ACTION_ATTR_SET:
489 case OVS_ACTION_ATTR_SET_MASKED:
490 case OVS_ACTION_ATTR_PUSH_VLAN:
491 case OVS_ACTION_ATTR_POP_VLAN:
492 case OVS_ACTION_ATTR_SAMPLE:
493 case OVS_ACTION_ATTR_HASH:
494 case OVS_ACTION_ATTR_PUSH_MPLS:
495 case OVS_ACTION_ATTR_POP_MPLS:
498 case OVS_ACTION_ATTR_UNSPEC:
499 case __OVS_ACTION_ATTR_MAX:
507 odp_execute_actions(void *dp, struct dp_packet **packets, int cnt, bool steal,
508 const struct nlattr *actions, size_t actions_len,
509 odp_execute_cb dp_execute_action)
511 const struct nlattr *a;
515 NL_ATTR_FOR_EACH_UNSAFE (a, left, actions, actions_len) {
516 int type = nl_attr_type(a);
517 bool last_action = (left <= NLA_ALIGN(a->nla_len));
519 if (requires_datapath_assistance(a)) {
520 if (dp_execute_action) {
521 /* Allow 'dp_execute_action' to steal the packet data if we do
522 * not need it any more. */
523 bool may_steal = steal && last_action;
525 dp_execute_action(dp, packets, cnt, a, may_steal);
528 /* We do not need to free the packets. dp_execute_actions()
536 switch ((enum ovs_action_attr) type) {
537 case OVS_ACTION_ATTR_HASH: {
538 const struct ovs_action_hash *hash_act = nl_attr_get(a);
540 /* Calculate a hash value directly. This might not match the
541 * value computed by the datapath, but it is much less expensive,
542 * and the current use case (bonding) does not require a strict
543 * match to work properly. */
544 if (hash_act->hash_alg == OVS_HASH_ALG_L4) {
548 for (i = 0; i < cnt; i++) {
549 flow_extract(packets[i], &flow);
550 hash = flow_hash_5tuple(&flow, hash_act->hash_basis);
552 packets[i]->md.dp_hash = hash;
555 /* Assert on unknown hash algorithm. */
561 case OVS_ACTION_ATTR_PUSH_VLAN: {
562 const struct ovs_action_push_vlan *vlan = nl_attr_get(a);
564 for (i = 0; i < cnt; i++) {
565 eth_push_vlan(packets[i], vlan->vlan_tpid, vlan->vlan_tci);
570 case OVS_ACTION_ATTR_POP_VLAN:
571 for (i = 0; i < cnt; i++) {
572 eth_pop_vlan(packets[i]);
576 case OVS_ACTION_ATTR_PUSH_MPLS: {
577 const struct ovs_action_push_mpls *mpls = nl_attr_get(a);
579 for (i = 0; i < cnt; i++) {
580 push_mpls(packets[i], mpls->mpls_ethertype, mpls->mpls_lse);
585 case OVS_ACTION_ATTR_POP_MPLS:
586 for (i = 0; i < cnt; i++) {
587 pop_mpls(packets[i], nl_attr_get_be16(a));
591 case OVS_ACTION_ATTR_SET:
592 for (i = 0; i < cnt; i++) {
593 odp_execute_set_action(packets[i], nl_attr_get(a));
597 case OVS_ACTION_ATTR_SET_MASKED:
598 for (i = 0; i < cnt; i++) {
599 odp_execute_masked_set_action(packets[i], nl_attr_get(a));
603 case OVS_ACTION_ATTR_SAMPLE:
604 for (i = 0; i < cnt; i++) {
605 odp_execute_sample(dp, packets[i], steal && last_action, a,
610 /* We do not need to free the packets. odp_execute_sample() has
616 case OVS_ACTION_ATTR_OUTPUT:
617 case OVS_ACTION_ATTR_TUNNEL_PUSH:
618 case OVS_ACTION_ATTR_TUNNEL_POP:
619 case OVS_ACTION_ATTR_USERSPACE:
620 case OVS_ACTION_ATTR_RECIRC:
621 case OVS_ACTION_ATTR_CT:
622 case OVS_ACTION_ATTR_UNSPEC:
623 case __OVS_ACTION_ATTR_MAX:
629 for (i = 0; i < cnt; i++) {
630 dp_packet_delete(packets[i]);
projects / cascardo / ovs.git / blob