1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (c) 2007-2017 Nicira, Inc. 4 */ 5 6 #ifndef FLOW_H 7 #define FLOW_H 1 8 9 #include <linux/cache.h> 10 #include <linux/kernel.h> 11 #include <linux/netlink.h> 12 #include <linux/openvswitch.h> 13 #include <linux/spinlock.h> 14 #include <linux/types.h> 15 #include <linux/rcupdate.h> 16 #include <linux/if_ether.h> 17 #include <linux/in6.h> 18 #include <linux/jiffies.h> 19 #include <linux/time.h> 20 #include <linux/cpumask.h> 21 #include <net/inet_ecn.h> 22 #include <net/ip_tunnels.h> 23 #include <net/dst_metadata.h> 24 #include <net/nsh.h> 25 26 struct sk_buff; 27 28 enum sw_flow_mac_proto { 29 MAC_PROTO_NONE = 0, 30 MAC_PROTO_ETHERNET, 31 }; 32 #define SW_FLOW_KEY_INVALID 0x80 33 #define MPLS_LABEL_DEPTH 3 34 35 /* Bit definitions for IPv6 Extension Header pseudo-field. */ 36 enum ofp12_ipv6exthdr_flags { 37 OFPIEH12_NONEXT = 1 << 0, /* "No next header" encountered. */ 38 OFPIEH12_ESP = 1 << 1, /* Encrypted Sec Payload header present. */ 39 OFPIEH12_AUTH = 1 << 2, /* Authentication header present. */ 40 OFPIEH12_DEST = 1 << 3, /* 1 or 2 dest headers present. */ 41 OFPIEH12_FRAG = 1 << 4, /* Fragment header present. */ 42 OFPIEH12_ROUTER = 1 << 5, /* Router header present. */ 43 OFPIEH12_HOP = 1 << 6, /* Hop-by-hop header present. */ 44 OFPIEH12_UNREP = 1 << 7, /* Unexpected repeats encountered. */ 45 OFPIEH12_UNSEQ = 1 << 8 /* Unexpected sequencing encountered. */ 46 }; 47 48 /* Store options at the end of the array if they are less than the 49 * maximum size. This allows us to get the benefits of variable length 50 * matching for small options. 51 */ 52 #define TUN_METADATA_OFFSET(opt_len) \ 53 (sizeof_field(struct sw_flow_key, tun_opts) - opt_len) 54 #define TUN_METADATA_OPTS(flow_key, opt_len) \ 55 ((void *)((flow_key)->tun_opts + TUN_METADATA_OFFSET(opt_len))) 56 57 struct ovs_tunnel_info { 58 struct metadata_dst *tun_dst; 59 }; 60 61 struct vlan_head { 62 __be16 tpid; /* Vlan type. Generally 802.1q or 802.1ad.*/ 63 __be16 tci; /* 0 if no VLAN, VLAN_CFI_MASK set otherwise. */ 64 }; 65 66 #define OVS_SW_FLOW_KEY_METADATA_SIZE \ 67 (offsetof(struct sw_flow_key, recirc_id) + \ 68 sizeof_field(struct sw_flow_key, recirc_id)) 69 70 struct ovs_key_nsh { 71 struct ovs_nsh_key_base base; 72 __be32 context[NSH_MD1_CONTEXT_SIZE]; 73 }; 74 75 struct sw_flow_key { 76 u8 tun_opts[IP_TUNNEL_OPTS_MAX]; 77 u8 tun_opts_len; 78 struct ip_tunnel_key tun_key; /* Encapsulating tunnel key. */ 79 struct { 80 u32 priority; /* Packet QoS priority. */ 81 u32 skb_mark; /* SKB mark. */ 82 u16 in_port; /* Input switch port (or DP_MAX_PORTS). */ 83 } __packed phy; /* Safe when right after 'tun_key'. */ 84 u8 mac_proto; /* MAC layer protocol (e.g. Ethernet). */ 85 u8 tun_proto; /* Protocol of encapsulating tunnel. */ 86 u32 ovs_flow_hash; /* Datapath computed hash value. */ 87 u32 recirc_id; /* Recirculation ID. */ 88 struct { 89 u8 src[ETH_ALEN]; /* Ethernet source address. */ 90 u8 dst[ETH_ALEN]; /* Ethernet destination address. */ 91 struct vlan_head vlan; 92 struct vlan_head cvlan; 93 __be16 type; /* Ethernet frame type. */ 94 } eth; 95 /* Filling a hole of two bytes. */ 96 u8 ct_state; 97 u8 ct_orig_proto; /* CT original direction tuple IP 98 * protocol. 99 */ 100 union { 101 struct { 102 u8 proto; /* IP protocol or lower 8 bits of ARP opcode. */ 103 u8 tos; /* IP ToS. */ 104 u8 ttl; /* IP TTL/hop limit. */ 105 u8 frag; /* One of OVS_FRAG_TYPE_*. */ 106 } ip; 107 }; 108 u16 ct_zone; /* Conntrack zone. */ 109 struct { 110 __be16 src; /* TCP/UDP/SCTP source port. */ 111 __be16 dst; /* TCP/UDP/SCTP destination port. */ 112 __be16 flags; /* TCP flags. */ 113 } tp; 114 union { 115 struct { 116 struct { 117 __be32 src; /* IP source address. */ 118 __be32 dst; /* IP destination address. */ 119 } addr; 120 union { 121 struct { 122 __be32 src; 123 __be32 dst; 124 } ct_orig; /* Conntrack original direction fields. */ 125 struct { 126 u8 sha[ETH_ALEN]; /* ARP source hardware address. */ 127 u8 tha[ETH_ALEN]; /* ARP target hardware address. */ 128 } arp; 129 }; 130 } ipv4; 131 struct { 132 struct { 133 struct in6_addr src; /* IPv6 source address. */ 134 struct in6_addr dst; /* IPv6 destination address. */ 135 } addr; 136 __be32 label; /* IPv6 flow label. */ 137 u16 exthdrs; /* IPv6 extension header flags */ 138 union { 139 struct { 140 struct in6_addr src; 141 struct in6_addr dst; 142 } ct_orig; /* Conntrack original direction fields. */ 143 struct { 144 struct in6_addr target; /* ND target address. */ 145 u8 sll[ETH_ALEN]; /* ND source link layer address. */ 146 u8 tll[ETH_ALEN]; /* ND target link layer address. */ 147 } nd; 148 }; 149 } ipv6; 150 struct { 151 u32 num_labels_mask; /* labels present bitmap of effective length MPLS_LABEL_DEPTH */ 152 __be32 lse[MPLS_LABEL_DEPTH]; /* label stack entry */ 153 } mpls; 154 155 struct ovs_key_nsh nsh; /* network service header */ 156 }; 157 struct { 158 /* Connection tracking fields not packed above. */ 159 struct { 160 __be16 src; /* CT orig tuple tp src port. */ 161 __be16 dst; /* CT orig tuple tp dst port. */ 162 } orig_tp; 163 u32 mark; 164 struct ovs_key_ct_labels labels; 165 } ct; 166 167 } __aligned(BITS_PER_LONG/8); /* Ensure that we can do comparisons as longs. */ 168 169 static inline bool sw_flow_key_is_nd(const struct sw_flow_key *key) 170 { 171 return key->eth.type == htons(ETH_P_IPV6) && 172 key->ip.proto == NEXTHDR_ICMP && 173 key->tp.dst == 0 && 174 (key->tp.src == htons(NDISC_NEIGHBOUR_SOLICITATION) || 175 key->tp.src == htons(NDISC_NEIGHBOUR_ADVERTISEMENT)); 176 } 177 178 struct sw_flow_key_range { 179 unsigned short int start; 180 unsigned short int end; 181 }; 182 183 struct sw_flow_mask { 184 int ref_count; 185 struct rcu_head rcu; 186 struct sw_flow_key_range range; 187 struct sw_flow_key key; 188 }; 189 190 struct sw_flow_match { 191 struct sw_flow_key *key; 192 struct sw_flow_key_range range; 193 struct sw_flow_mask *mask; 194 }; 195 196 #define MAX_UFID_LENGTH 16 /* 128 bits */ 197 198 struct sw_flow_id { 199 u32 ufid_len; 200 union { 201 u32 ufid[MAX_UFID_LENGTH / 4]; 202 struct sw_flow_key *unmasked_key; 203 }; 204 }; 205 206 struct sw_flow_actions { 207 struct rcu_head rcu; 208 size_t orig_len; /* From flow_cmd_new netlink actions size */ 209 u32 actions_len; 210 struct nlattr actions[]; 211 }; 212 213 struct sw_flow_stats { 214 u64 packet_count; /* Number of packets matched. */ 215 u64 byte_count; /* Number of bytes matched. */ 216 unsigned long used; /* Last used time (in jiffies). */ 217 spinlock_t lock; /* Lock for atomic stats update. */ 218 __be16 tcp_flags; /* Union of seen TCP flags. */ 219 }; 220 221 struct sw_flow { 222 struct rcu_head rcu; 223 struct { 224 struct hlist_node node[2]; 225 u32 hash; 226 } flow_table, ufid_table; 227 int stats_last_writer; /* CPU id of the last writer on 228 * 'stats[0]'. 229 */ 230 struct sw_flow_key key; 231 struct sw_flow_id id; 232 struct cpumask *cpu_used_mask; 233 struct sw_flow_mask *mask; 234 struct sw_flow_actions __rcu *sf_acts; 235 struct sw_flow_stats __rcu *stats[]; /* One for each CPU. First one 236 * is allocated at flow creation time, 237 * the rest are allocated on demand 238 * while holding the 'stats[0].lock'. 239 */ 240 }; 241 242 struct arp_eth_header { 243 __be16 ar_hrd; /* format of hardware address */ 244 __be16 ar_pro; /* format of protocol address */ 245 unsigned char ar_hln; /* length of hardware address */ 246 unsigned char ar_pln; /* length of protocol address */ 247 __be16 ar_op; /* ARP opcode (command) */ 248 249 /* Ethernet+IPv4 specific members. */ 250 unsigned char ar_sha[ETH_ALEN]; /* sender hardware address */ 251 unsigned char ar_sip[4]; /* sender IP address */ 252 unsigned char ar_tha[ETH_ALEN]; /* target hardware address */ 253 unsigned char ar_tip[4]; /* target IP address */ 254 } __packed; 255 256 static inline u8 ovs_key_mac_proto(const struct sw_flow_key *key) 257 { 258 return key->mac_proto & ~SW_FLOW_KEY_INVALID; 259 } 260 261 static inline u16 __ovs_mac_header_len(u8 mac_proto) 262 { 263 return mac_proto == MAC_PROTO_ETHERNET ? ETH_HLEN : 0; 264 } 265 266 static inline u16 ovs_mac_header_len(const struct sw_flow_key *key) 267 { 268 return __ovs_mac_header_len(ovs_key_mac_proto(key)); 269 } 270 271 static inline bool ovs_identifier_is_ufid(const struct sw_flow_id *sfid) 272 { 273 return sfid->ufid_len; 274 } 275 276 static inline bool ovs_identifier_is_key(const struct sw_flow_id *sfid) 277 { 278 return !ovs_identifier_is_ufid(sfid); 279 } 280 281 void ovs_flow_stats_update(struct sw_flow *, __be16 tcp_flags, 282 const struct sk_buff *); 283 void ovs_flow_stats_get(const struct sw_flow *, struct ovs_flow_stats *, 284 unsigned long *used, __be16 *tcp_flags); 285 void ovs_flow_stats_clear(struct sw_flow *); 286 u64 ovs_flow_used_time(unsigned long flow_jiffies); 287 288 int ovs_flow_key_update(struct sk_buff *skb, struct sw_flow_key *key); 289 int ovs_flow_key_update_l3l4(struct sk_buff *skb, struct sw_flow_key *key); 290 int ovs_flow_key_extract(const struct ip_tunnel_info *tun_info, 291 struct sk_buff *skb, 292 struct sw_flow_key *key); 293 /* Extract key from packet coming from userspace. */ 294 int ovs_flow_key_extract_userspace(struct net *net, const struct nlattr *attr, 295 struct sk_buff *skb, 296 struct sw_flow_key *key, bool log); 297 298 #endif /* flow.h */ 299
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.