]>
Commit | Line | Data |
---|---|---|
6b241d64 PS |
1 | /* |
2 | * Copyright (c) 2016 Nicira, Inc. | |
68da36fe | 3 | * Copyright (c) 2016 Red Hat, Inc. |
6b241d64 PS |
4 | * |
5 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
6 | * you may not use this file except in compliance with the License. | |
7 | * You may obtain a copy of the License at: | |
8 | * | |
9 | * http://www.apache.org/licenses/LICENSE-2.0 | |
10 | * | |
11 | * Unless required by applicable law or agreed to in writing, software | |
12 | * distributed under the License is distributed on an "AS IS" BASIS, | |
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
14 | * See the License for the specific language governing permissions and | |
15 | * limitations under the License. | |
16 | */ | |
17 | ||
18 | #include <config.h> | |
19 | ||
aca40d4f TLSC |
20 | #include "netdev-native-tnl.h" |
21 | ||
6b241d64 PS |
22 | #include <errno.h> |
23 | #include <fcntl.h> | |
24 | #include <sys/socket.h> | |
25 | #include <net/if.h> | |
b2befd5b | 26 | #include <sys/types.h> |
67eaddc0 | 27 | #include <netinet/in.h> |
aca40d4f | 28 | #include <netinet/ip.h> |
6b241d64 PS |
29 | #include <netinet/ip6.h> |
30 | #include <sys/ioctl.h> | |
31 | ||
32 | #include <errno.h> | |
33 | #include <stdlib.h> | |
34 | #include <sys/time.h> | |
35 | ||
6b241d64 PS |
36 | #include "byte-order.h" |
37 | #include "csum.h" | |
6b241d64 | 38 | #include "dp-packet.h" |
aca40d4f | 39 | #include "netdev.h" |
6b241d64 PS |
40 | #include "netdev-vport.h" |
41 | #include "netdev-vport-private.h" | |
42 | #include "odp-netlink.h" | |
6b241d64 | 43 | #include "packets.h" |
aca40d4f | 44 | #include "seq.h" |
6b241d64 PS |
45 | #include "unaligned.h" |
46 | #include "unixctl.h" | |
aca40d4f | 47 | #include "openvswitch/vlog.h" |
6b241d64 PS |
48 | |
49 | VLOG_DEFINE_THIS_MODULE(native_tnl); | |
50 | static struct vlog_rate_limit err_rl = VLOG_RATE_LIMIT_INIT(60, 5); | |
51 | ||
52 | #define VXLAN_HLEN (sizeof(struct udp_header) + \ | |
53 | sizeof(struct vxlanhdr)) | |
54 | ||
55 | #define GENEVE_BASE_HLEN (sizeof(struct udp_header) + \ | |
56 | sizeof(struct genevehdr)) | |
57 | ||
58 | uint16_t tnl_udp_port_min = 32768; | |
59 | uint16_t tnl_udp_port_max = 61000; | |
60 | ||
61 | void * | |
62 | netdev_tnl_ip_extract_tnl_md(struct dp_packet *packet, struct flow_tnl *tnl, | |
63 | unsigned int *hlen) | |
64 | { | |
65 | void *nh; | |
66 | struct ip_header *ip; | |
67 | struct ovs_16aligned_ip6_hdr *ip6; | |
68 | void *l4; | |
69 | int l3_size; | |
70 | ||
71 | nh = dp_packet_l3(packet); | |
72 | ip = nh; | |
73 | ip6 = nh; | |
74 | l4 = dp_packet_l4(packet); | |
75 | ||
76 | if (!nh || !l4) { | |
77 | return NULL; | |
78 | } | |
79 | ||
80 | *hlen = sizeof(struct eth_header); | |
81 | ||
82 | l3_size = dp_packet_size(packet) - | |
83 | ((char *)nh - (char *)dp_packet_data(packet)); | |
84 | ||
85 | if (IP_VER(ip->ip_ihl_ver) == 4) { | |
86 | ||
87 | ovs_be32 ip_src, ip_dst; | |
88 | ||
1a2bb118 SC |
89 | if (OVS_UNLIKELY(!dp_packet_ip_checksum_valid(packet))) { |
90 | if (csum(ip, IP_IHL(ip->ip_ihl_ver) * 4)) { | |
91 | VLOG_WARN_RL(&err_rl, "ip packet has invalid checksum"); | |
92 | return NULL; | |
93 | } | |
6b241d64 PS |
94 | } |
95 | ||
96 | if (ntohs(ip->ip_tot_len) > l3_size) { | |
97 | VLOG_WARN_RL(&err_rl, "ip packet is truncated (IP length %d, actual %d)", | |
98 | ntohs(ip->ip_tot_len), l3_size); | |
99 | return NULL; | |
100 | } | |
101 | if (IP_IHL(ip->ip_ihl_ver) * 4 > sizeof(struct ip_header)) { | |
102 | VLOG_WARN_RL(&err_rl, "ip options not supported on tunnel packets " | |
103 | "(%d bytes)", IP_IHL(ip->ip_ihl_ver) * 4); | |
104 | return NULL; | |
105 | } | |
106 | ||
107 | ip_src = get_16aligned_be32(&ip->ip_src); | |
108 | ip_dst = get_16aligned_be32(&ip->ip_dst); | |
109 | ||
110 | tnl->ip_src = ip_src; | |
111 | tnl->ip_dst = ip_dst; | |
112 | tnl->ip_tos = ip->ip_tos; | |
113 | tnl->ip_ttl = ip->ip_ttl; | |
114 | ||
115 | *hlen += IP_HEADER_LEN; | |
116 | ||
117 | } else if (IP_VER(ip->ip_ihl_ver) == 6) { | |
98c086db | 118 | ovs_be32 tc_flow = get_16aligned_be32(&ip6->ip6_flow); |
6b241d64 PS |
119 | |
120 | memcpy(tnl->ipv6_src.s6_addr, ip6->ip6_src.be16, sizeof ip6->ip6_src); | |
121 | memcpy(tnl->ipv6_dst.s6_addr, ip6->ip6_dst.be16, sizeof ip6->ip6_dst); | |
98c086db PS |
122 | |
123 | tnl->ip_tos = ntohl(tc_flow) >> 20; | |
6b241d64 PS |
124 | tnl->ip_ttl = ip6->ip6_hlim; |
125 | ||
3456684e | 126 | *hlen += packet->l4_ofs - packet->l3_ofs; |
6b241d64 PS |
127 | |
128 | } else { | |
129 | VLOG_WARN_RL(&err_rl, "ipv4 packet has invalid version (%d)", | |
130 | IP_VER(ip->ip_ihl_ver)); | |
131 | return NULL; | |
132 | } | |
133 | ||
134 | return l4; | |
135 | } | |
136 | ||
137 | /* Pushes the 'size' bytes of 'header' into the headroom of 'packet', | |
138 | * reallocating the packet if necessary. 'header' should contain an Ethernet | |
139 | * header, followed by an IPv4 header (without options), and an L4 header. | |
140 | * | |
141 | * This function sets the IP header's ip_tot_len field (which should be zeroed | |
142 | * as part of 'header') and puts its value into '*ip_tot_size' as well. Also | |
7c12dfc5 | 143 | * updates IP header checksum, as well as the l3 and l4 offsets in 'packet'. |
6b241d64 PS |
144 | * |
145 | * Return pointer to the L4 header added to 'packet'. */ | |
146 | void * | |
147 | netdev_tnl_push_ip_header(struct dp_packet *packet, | |
148 | const void *header, int size, int *ip_tot_size) | |
149 | { | |
150 | struct eth_header *eth; | |
151 | struct ip_header *ip; | |
152 | struct ovs_16aligned_ip6_hdr *ip6; | |
153 | ||
154 | eth = dp_packet_push_uninit(packet, size); | |
155 | *ip_tot_size = dp_packet_size(packet) - sizeof (struct eth_header); | |
156 | ||
157 | memcpy(eth, header, size); | |
63171f04 JS |
158 | /* The encapsulated packet has type Ethernet. Adjust dp_packet. */ |
159 | packet->packet_type = htonl(PT_ETH); | |
160 | dp_packet_reset_offsets(packet); | |
161 | packet->l3_ofs = sizeof (struct eth_header); | |
6b241d64 PS |
162 | |
163 | if (netdev_tnl_is_header_ipv6(header)) { | |
164 | ip6 = netdev_tnl_ipv6_hdr(eth); | |
165 | *ip_tot_size -= IPV6_HEADER_LEN; | |
166 | ip6->ip6_plen = htons(*ip_tot_size); | |
ce8bbd37 | 167 | packet->l4_ofs = dp_packet_size(packet) - *ip_tot_size; |
6b241d64 PS |
168 | return ip6 + 1; |
169 | } else { | |
170 | ip = netdev_tnl_ip_hdr(eth); | |
171 | ip->ip_tot_len = htons(*ip_tot_size); | |
172 | ip->ip_csum = recalc_csum16(ip->ip_csum, 0, ip->ip_tot_len); | |
173 | *ip_tot_size -= IP_HEADER_LEN; | |
ce8bbd37 | 174 | packet->l4_ofs = dp_packet_size(packet) - *ip_tot_size; |
6b241d64 PS |
175 | return ip + 1; |
176 | } | |
177 | } | |
178 | ||
179 | static void * | |
180 | udp_extract_tnl_md(struct dp_packet *packet, struct flow_tnl *tnl, | |
181 | unsigned int *hlen) | |
182 | { | |
183 | struct udp_header *udp; | |
184 | ||
185 | udp = netdev_tnl_ip_extract_tnl_md(packet, tnl, hlen); | |
186 | if (!udp) { | |
187 | return NULL; | |
188 | } | |
189 | ||
190 | if (udp->udp_csum) { | |
1a2bb118 SC |
191 | if (OVS_UNLIKELY(!dp_packet_l4_checksum_valid(packet))) { |
192 | uint32_t csum; | |
193 | if (netdev_tnl_is_header_ipv6(dp_packet_data(packet))) { | |
194 | csum = packet_csum_pseudoheader6(dp_packet_l3(packet)); | |
195 | } else { | |
196 | csum = packet_csum_pseudoheader(dp_packet_l3(packet)); | |
197 | } | |
198 | ||
199 | csum = csum_continue(csum, udp, dp_packet_size(packet) - | |
200 | ((const unsigned char *)udp - | |
2482b0b0 | 201 | (const unsigned char *)dp_packet_eth(packet) |
1a2bb118 SC |
202 | )); |
203 | if (csum_finish(csum)) { | |
204 | return NULL; | |
205 | } | |
6b241d64 PS |
206 | } |
207 | tnl->flags |= FLOW_TNL_F_CSUM; | |
208 | } | |
209 | ||
210 | tnl->tp_src = udp->udp_src; | |
211 | tnl->tp_dst = udp->udp_dst; | |
212 | ||
213 | return udp + 1; | |
214 | } | |
215 | ||
216 | ||
217 | void | |
754f8acb WT |
218 | netdev_tnl_push_udp_header(const struct netdev *netdev OVS_UNUSED, |
219 | struct dp_packet *packet, | |
6b241d64 PS |
220 | const struct ovs_action_push_tnl *data) |
221 | { | |
222 | struct udp_header *udp; | |
223 | int ip_tot_size; | |
224 | ||
225 | udp = netdev_tnl_push_ip_header(packet, data->header, data->header_len, &ip_tot_size); | |
226 | ||
227 | /* set udp src port */ | |
228 | udp->udp_src = netdev_tnl_get_src_port(packet); | |
229 | udp->udp_len = htons(ip_tot_size); | |
230 | ||
231 | if (udp->udp_csum) { | |
232 | uint32_t csum; | |
233 | if (netdev_tnl_is_header_ipv6(dp_packet_data(packet))) { | |
234 | csum = packet_csum_pseudoheader6(netdev_tnl_ipv6_hdr(dp_packet_data(packet))); | |
235 | } else { | |
236 | csum = packet_csum_pseudoheader(netdev_tnl_ip_hdr(dp_packet_data(packet))); | |
237 | } | |
238 | ||
239 | csum = csum_continue(csum, udp, ip_tot_size); | |
240 | udp->udp_csum = csum_finish(csum); | |
241 | ||
242 | if (!udp->udp_csum) { | |
243 | udp->udp_csum = htons(0xffff); | |
244 | } | |
245 | } | |
246 | } | |
247 | ||
248 | static void * | |
4975aa3e PS |
249 | eth_build_header(struct ovs_action_push_tnl *data, |
250 | const struct netdev_tnl_build_header_params *params) | |
6b241d64 | 251 | { |
4975aa3e PS |
252 | uint16_t eth_proto = params->is_ipv6 ? ETH_TYPE_IPV6 : ETH_TYPE_IP; |
253 | struct eth_header *eth; | |
6b241d64 | 254 | |
4975aa3e | 255 | memset(data->header, 0, sizeof data->header); |
6b241d64 | 256 | |
4975aa3e PS |
257 | eth = (struct eth_header *)data->header; |
258 | eth->eth_dst = params->dmac; | |
259 | eth->eth_src = params->smac; | |
260 | eth->eth_type = htons(eth_proto); | |
261 | data->header_len = sizeof(struct eth_header); | |
262 | return eth + 1; | |
263 | } | |
6b241d64 | 264 | |
4975aa3e PS |
265 | void * |
266 | netdev_tnl_ip_build_header(struct ovs_action_push_tnl *data, | |
267 | const struct netdev_tnl_build_header_params *params, | |
268 | uint8_t next_proto) | |
269 | { | |
270 | void *l3; | |
271 | ||
272 | l3 = eth_build_header(data, params); | |
273 | if (!params->is_ipv6) { | |
274 | ovs_be32 ip_src = in6_addr_get_mapped_ipv4(params->s_ip); | |
275 | struct ip_header *ip; | |
276 | ||
277 | ip = (struct ip_header *) l3; | |
278 | ||
279 | ip->ip_ihl_ver = IP_IHL_VER(5, 4); | |
280 | ip->ip_tos = params->flow->tunnel.ip_tos; | |
281 | ip->ip_ttl = params->flow->tunnel.ip_ttl; | |
282 | ip->ip_proto = next_proto; | |
283 | put_16aligned_be32(&ip->ip_src, ip_src); | |
284 | put_16aligned_be32(&ip->ip_dst, params->flow->tunnel.ip_dst); | |
285 | ||
286 | ip->ip_frag_off = (params->flow->tunnel.flags & FLOW_TNL_F_DONT_FRAGMENT) ? | |
287 | htons(IP_DF) : 0; | |
288 | ||
ece9c294 | 289 | /* Checksum has already been zeroed by eth_build_header. */ |
4975aa3e PS |
290 | ip->ip_csum = csum(ip, sizeof *ip); |
291 | ||
292 | data->header_len += IP_HEADER_LEN; | |
293 | return ip + 1; | |
6b241d64 | 294 | } else { |
4975aa3e PS |
295 | struct ovs_16aligned_ip6_hdr *ip6; |
296 | ||
297 | ip6 = (struct ovs_16aligned_ip6_hdr *) l3; | |
298 | ||
98c086db PS |
299 | put_16aligned_be32(&ip6->ip6_flow, htonl(6 << 28) | |
300 | htonl(params->flow->tunnel.ip_tos << 20)); | |
4975aa3e PS |
301 | ip6->ip6_hlim = params->flow->tunnel.ip_ttl; |
302 | ip6->ip6_nxt = next_proto; | |
303 | memcpy(&ip6->ip6_src, params->s_ip, sizeof(ovs_be32[4])); | |
304 | memcpy(&ip6->ip6_dst, ¶ms->flow->tunnel.ipv6_dst, sizeof(ovs_be32[4])); | |
305 | ||
306 | data->header_len += IPV6_HEADER_LEN; | |
307 | return ip6 + 1; | |
6b241d64 | 308 | } |
4975aa3e PS |
309 | } |
310 | ||
311 | static void * | |
312 | udp_build_header(struct netdev_tunnel_config *tnl_cfg, | |
313 | struct ovs_action_push_tnl *data, | |
314 | const struct netdev_tnl_build_header_params *params) | |
315 | { | |
316 | struct udp_header *udp; | |
6b241d64 | 317 | |
4975aa3e | 318 | udp = netdev_tnl_ip_build_header(data, params, IPPROTO_UDP); |
6b241d64 PS |
319 | udp->udp_dst = tnl_cfg->dst_port; |
320 | ||
4975aa3e | 321 | if (params->is_ipv6 || params->flow->tunnel.flags & FLOW_TNL_F_CSUM) { |
6b241d64 PS |
322 | /* Write a value in now to mark that we should compute the checksum |
323 | * later. 0xffff is handy because it is transparent to the | |
324 | * calculation. */ | |
325 | udp->udp_csum = htons(0xffff); | |
326 | } | |
4975aa3e | 327 | data->header_len += sizeof *udp; |
6b241d64 PS |
328 | return udp + 1; |
329 | } | |
330 | ||
331 | static int | |
332 | gre_header_len(ovs_be16 flags) | |
333 | { | |
334 | int hlen = 4; | |
335 | ||
336 | if (flags & htons(GRE_CSUM)) { | |
337 | hlen += 4; | |
338 | } | |
339 | if (flags & htons(GRE_KEY)) { | |
340 | hlen += 4; | |
341 | } | |
342 | if (flags & htons(GRE_SEQ)) { | |
343 | hlen += 4; | |
344 | } | |
345 | return hlen; | |
346 | } | |
347 | ||
348 | static int | |
349 | parse_gre_header(struct dp_packet *packet, | |
350 | struct flow_tnl *tnl) | |
351 | { | |
352 | const struct gre_base_hdr *greh; | |
353 | ovs_16aligned_be32 *options; | |
354 | int hlen; | |
355 | unsigned int ulen; | |
63171f04 | 356 | uint16_t greh_protocol; |
6b241d64 PS |
357 | |
358 | greh = netdev_tnl_ip_extract_tnl_md(packet, tnl, &ulen); | |
359 | if (!greh) { | |
360 | return -EINVAL; | |
361 | } | |
362 | ||
363 | if (greh->flags & ~(htons(GRE_CSUM | GRE_KEY | GRE_SEQ))) { | |
364 | return -EINVAL; | |
365 | } | |
366 | ||
6b241d64 PS |
367 | hlen = ulen + gre_header_len(greh->flags); |
368 | if (hlen > dp_packet_size(packet)) { | |
369 | return -EINVAL; | |
370 | } | |
371 | ||
372 | options = (ovs_16aligned_be32 *)(greh + 1); | |
373 | if (greh->flags & htons(GRE_CSUM)) { | |
374 | ovs_be16 pkt_csum; | |
375 | ||
376 | pkt_csum = csum(greh, dp_packet_size(packet) - | |
377 | ((const unsigned char *)greh - | |
2482b0b0 | 378 | (const unsigned char *)dp_packet_eth(packet))); |
6b241d64 PS |
379 | if (pkt_csum) { |
380 | return -EINVAL; | |
381 | } | |
382 | tnl->flags = FLOW_TNL_F_CSUM; | |
383 | options++; | |
384 | } | |
385 | ||
386 | if (greh->flags & htons(GRE_KEY)) { | |
3d75c660 | 387 | tnl->tun_id = be32_to_be64(get_16aligned_be32(options)); |
6b241d64 PS |
388 | tnl->flags |= FLOW_TNL_F_KEY; |
389 | options++; | |
390 | } | |
391 | ||
392 | if (greh->flags & htons(GRE_SEQ)) { | |
393 | options++; | |
394 | } | |
395 | ||
63171f04 JS |
396 | /* Set the new packet type depending on the GRE protocol field. */ |
397 | greh_protocol = ntohs(greh->protocol); | |
398 | if (greh_protocol == ETH_TYPE_TEB) { | |
399 | packet->packet_type = htonl(PT_ETH); | |
400 | } else if (greh_protocol >= ETH_TYPE_MIN) { | |
401 | /* Allow all GRE protocol values above 0x5ff as Ethertypes. */ | |
402 | packet->packet_type = PACKET_TYPE_BE(OFPHTN_ETHERTYPE, greh_protocol); | |
403 | } else { | |
404 | return -EINVAL; | |
405 | } | |
406 | ||
6b241d64 PS |
407 | return hlen; |
408 | } | |
409 | ||
1c8f98d9 | 410 | struct dp_packet * |
6b241d64 PS |
411 | netdev_gre_pop_header(struct dp_packet *packet) |
412 | { | |
413 | struct pkt_metadata *md = &packet->md; | |
414 | struct flow_tnl *tnl = &md->tunnel; | |
415 | int hlen = sizeof(struct eth_header) + 4; | |
416 | ||
417 | hlen += netdev_tnl_is_header_ipv6(dp_packet_data(packet)) ? | |
418 | IPV6_HEADER_LEN : IP_HEADER_LEN; | |
419 | ||
420 | pkt_metadata_init_tnl(md); | |
421 | if (hlen > dp_packet_size(packet)) { | |
1c8f98d9 | 422 | goto err; |
6b241d64 PS |
423 | } |
424 | ||
425 | hlen = parse_gre_header(packet, tnl); | |
426 | if (hlen < 0) { | |
1c8f98d9 | 427 | goto err; |
6b241d64 PS |
428 | } |
429 | ||
430 | dp_packet_reset_packet(packet, hlen); | |
431 | ||
1c8f98d9 PS |
432 | return packet; |
433 | err: | |
434 | dp_packet_delete(packet); | |
435 | return NULL; | |
6b241d64 PS |
436 | } |
437 | ||
438 | void | |
0ffff497 | 439 | netdev_gre_push_header(const struct netdev *netdev, |
754f8acb | 440 | struct dp_packet *packet, |
6b241d64 PS |
441 | const struct ovs_action_push_tnl *data) |
442 | { | |
0ffff497 WT |
443 | struct netdev_vport *dev = netdev_vport_cast(netdev); |
444 | struct netdev_tunnel_config *tnl_cfg; | |
6b241d64 PS |
445 | struct gre_base_hdr *greh; |
446 | int ip_tot_size; | |
447 | ||
448 | greh = netdev_tnl_push_ip_header(packet, data->header, data->header_len, &ip_tot_size); | |
449 | ||
450 | if (greh->flags & htons(GRE_CSUM)) { | |
451 | ovs_be16 *csum_opt = (ovs_be16 *) (greh + 1); | |
452 | *csum_opt = csum(greh, ip_tot_size); | |
453 | } | |
0ffff497 WT |
454 | |
455 | if (greh->flags & htons(GRE_SEQ)) { | |
456 | /* Last 4 byte is GRE seqno */ | |
457 | int seq_ofs = gre_header_len(greh->flags) - 4; | |
458 | ovs_16aligned_be32 *seq_opt = | |
459 | ALIGNED_CAST(ovs_16aligned_be32 *, (char *)greh + seq_ofs); | |
460 | tnl_cfg = &dev->tnl_cfg; | |
461 | put_16aligned_be32(seq_opt, htonl(tnl_cfg->seqno++)); | |
462 | } | |
6b241d64 PS |
463 | } |
464 | ||
465 | int | |
466 | netdev_gre_build_header(const struct netdev *netdev, | |
467 | struct ovs_action_push_tnl *data, | |
4975aa3e | 468 | const struct netdev_tnl_build_header_params *params) |
6b241d64 PS |
469 | { |
470 | struct netdev_vport *dev = netdev_vport_cast(netdev); | |
471 | struct netdev_tunnel_config *tnl_cfg; | |
6b241d64 PS |
472 | struct gre_base_hdr *greh; |
473 | ovs_16aligned_be32 *options; | |
4975aa3e | 474 | unsigned int hlen; |
6b241d64 PS |
475 | |
476 | /* XXX: RCUfy tnl_cfg. */ | |
477 | ovs_mutex_lock(&dev->mutex); | |
478 | tnl_cfg = &dev->tnl_cfg; | |
479 | ||
4975aa3e | 480 | greh = netdev_tnl_ip_build_header(data, params, IPPROTO_GRE); |
6b241d64 | 481 | |
875ab130 | 482 | if (params->flow->packet_type == htonl(PT_ETH)) { |
63171f04 | 483 | greh->protocol = htons(ETH_TYPE_TEB); |
875ab130 BP |
484 | } else if (pt_ns(params->flow->packet_type) == OFPHTN_ETHERTYPE) { |
485 | greh->protocol = pt_ns_type_be(params->flow->packet_type); | |
486 | } else { | |
487 | ovs_mutex_unlock(&dev->mutex); | |
488 | return 1; | |
63171f04 | 489 | } |
6b241d64 PS |
490 | greh->flags = 0; |
491 | ||
492 | options = (ovs_16aligned_be32 *) (greh + 1); | |
4975aa3e | 493 | if (params->flow->tunnel.flags & FLOW_TNL_F_CSUM) { |
6b241d64 PS |
494 | greh->flags |= htons(GRE_CSUM); |
495 | put_16aligned_be32(options, 0); | |
496 | options++; | |
497 | } | |
498 | ||
499 | if (tnl_cfg->out_key_present) { | |
500 | greh->flags |= htons(GRE_KEY); | |
3d75c660 | 501 | put_16aligned_be32(options, be64_to_be32(params->flow->tunnel.tun_id)); |
6b241d64 PS |
502 | options++; |
503 | } | |
504 | ||
0ffff497 WT |
505 | if (tnl_cfg->set_seq) { |
506 | greh->flags |= htons(GRE_SEQ); | |
507 | /* seqno is updated at push header */ | |
508 | options++; | |
509 | } | |
510 | ||
6b241d64 PS |
511 | ovs_mutex_unlock(&dev->mutex); |
512 | ||
513 | hlen = (uint8_t *) options - (uint8_t *) greh; | |
514 | ||
4975aa3e | 515 | data->header_len += hlen; |
3b10ceee GR |
516 | if (!params->is_ipv6) { |
517 | data->tnl_type = OVS_VPORT_TYPE_GRE; | |
518 | } else { | |
519 | data->tnl_type = OVS_VPORT_TYPE_IP6GRE; | |
520 | } | |
6b241d64 PS |
521 | return 0; |
522 | } | |
523 | ||
7dc18ae9 WT |
524 | struct dp_packet * |
525 | netdev_erspan_pop_header(struct dp_packet *packet) | |
526 | { | |
527 | const struct gre_base_hdr *greh; | |
528 | const struct erspan_base_hdr *ersh; | |
529 | struct pkt_metadata *md = &packet->md; | |
530 | struct flow_tnl *tnl = &md->tunnel; | |
531 | int hlen = sizeof(struct eth_header); | |
532 | unsigned int ulen; | |
533 | uint16_t greh_protocol; | |
534 | ||
535 | hlen += netdev_tnl_is_header_ipv6(dp_packet_data(packet)) ? | |
536 | IPV6_HEADER_LEN : IP_HEADER_LEN; | |
537 | ||
538 | pkt_metadata_init_tnl(md); | |
539 | if (hlen > dp_packet_size(packet)) { | |
540 | goto err; | |
541 | } | |
542 | ||
543 | greh = netdev_tnl_ip_extract_tnl_md(packet, tnl, &ulen); | |
544 | if (!greh) { | |
545 | goto err; | |
546 | } | |
547 | ||
548 | greh_protocol = ntohs(greh->protocol); | |
549 | if (greh_protocol != ETH_TYPE_ERSPAN1 && | |
550 | greh_protocol != ETH_TYPE_ERSPAN2) { | |
551 | goto err; | |
552 | } | |
553 | ||
554 | if (greh->flags & ~htons(GRE_SEQ)) { | |
555 | goto err; | |
556 | } | |
557 | ||
558 | ersh = ERSPAN_HDR(greh); | |
3b10ceee | 559 | tnl->tun_id = be16_to_be64(htons(get_sid(ersh))); |
7dc18ae9 WT |
560 | tnl->erspan_ver = ersh->ver; |
561 | ||
562 | if (ersh->ver == 1) { | |
563 | ovs_16aligned_be32 *index = ALIGNED_CAST(ovs_16aligned_be32 *, | |
564 | ersh + 1); | |
565 | tnl->erspan_idx = ntohl(get_16aligned_be32(index)); | |
566 | tnl->flags |= FLOW_TNL_F_KEY; | |
567 | hlen = ulen + ERSPAN_GREHDR_LEN + sizeof *ersh + ERSPAN_V1_MDSIZE; | |
568 | } else if (ersh->ver == 2) { | |
569 | struct erspan_md2 *md2 = ALIGNED_CAST(struct erspan_md2 *, ersh + 1); | |
570 | tnl->erspan_dir = md2->dir; | |
571 | tnl->erspan_hwid = get_hwid(md2); | |
572 | tnl->flags |= FLOW_TNL_F_KEY; | |
573 | hlen = ulen + ERSPAN_GREHDR_LEN + sizeof *ersh + ERSPAN_V2_MDSIZE; | |
574 | } else { | |
575 | VLOG_WARN_RL(&err_rl, "ERSPAN version error %d", ersh->ver); | |
576 | goto err; | |
577 | } | |
578 | ||
579 | if (hlen > dp_packet_size(packet)) { | |
580 | goto err; | |
581 | } | |
582 | ||
583 | dp_packet_reset_packet(packet, hlen); | |
584 | ||
585 | return packet; | |
586 | err: | |
587 | dp_packet_delete(packet); | |
588 | return NULL; | |
589 | } | |
590 | ||
591 | void | |
592 | netdev_erspan_push_header(const struct netdev *netdev, | |
593 | struct dp_packet *packet, | |
594 | const struct ovs_action_push_tnl *data) | |
595 | { | |
596 | struct netdev_vport *dev = netdev_vport_cast(netdev); | |
597 | struct netdev_tunnel_config *tnl_cfg; | |
598 | struct erspan_base_hdr *ersh; | |
599 | struct gre_base_hdr *greh; | |
600 | struct erspan_md2 *md2; | |
601 | int ip_tot_size; | |
602 | ||
603 | greh = netdev_tnl_push_ip_header(packet, data->header, | |
604 | data->header_len, &ip_tot_size); | |
605 | ||
606 | /* update GRE seqno */ | |
607 | tnl_cfg = &dev->tnl_cfg; | |
608 | ovs_16aligned_be32 *seqno = (ovs_16aligned_be32 *) (greh + 1); | |
609 | put_16aligned_be32(seqno, htonl(tnl_cfg->seqno++)); | |
610 | ||
611 | /* update v2 timestamp */ | |
612 | if (greh->protocol == htons(ETH_TYPE_ERSPAN2)) { | |
613 | ersh = ERSPAN_HDR(greh); | |
614 | md2 = ALIGNED_CAST(struct erspan_md2 *, ersh + 1); | |
615 | put_16aligned_be32(&md2->timestamp, get_erspan_ts(ERSPAN_100US)); | |
616 | } | |
617 | return; | |
618 | } | |
619 | ||
620 | int | |
621 | netdev_erspan_build_header(const struct netdev *netdev, | |
622 | struct ovs_action_push_tnl *data, | |
623 | const struct netdev_tnl_build_header_params *params) | |
624 | { | |
625 | struct netdev_vport *dev = netdev_vport_cast(netdev); | |
626 | struct netdev_tunnel_config *tnl_cfg; | |
627 | struct gre_base_hdr *greh; | |
628 | struct erspan_base_hdr *ersh; | |
629 | unsigned int hlen; | |
630 | uint32_t tun_id; | |
631 | uint16_t sid; | |
632 | ||
633 | /* XXX: RCUfy tnl_cfg. */ | |
634 | ovs_mutex_lock(&dev->mutex); | |
635 | tnl_cfg = &dev->tnl_cfg; | |
636 | greh = netdev_tnl_ip_build_header(data, params, IPPROTO_GRE); | |
637 | ersh = ERSPAN_HDR(greh); | |
638 | ||
639 | tun_id = ntohl(be64_to_be32(params->flow->tunnel.tun_id)); | |
640 | /* ERSPAN only has 10-bit session ID */ | |
641 | if (tun_id & ~ERSPAN_SID_MASK) { | |
642 | ovs_mutex_unlock(&dev->mutex); | |
643 | return 1; | |
644 | } else { | |
645 | sid = (uint16_t) tun_id; | |
646 | } | |
647 | ||
648 | if (tnl_cfg->erspan_ver == 1) { | |
649 | greh->protocol = htons(ETH_TYPE_ERSPAN1); | |
650 | greh->flags = htons(GRE_SEQ); | |
651 | ersh->ver = 1; | |
652 | set_sid(ersh, sid); | |
653 | ||
654 | put_16aligned_be32(ALIGNED_CAST(ovs_16aligned_be32 *, ersh + 1), | |
655 | htonl(tnl_cfg->erspan_idx)); | |
656 | ||
657 | hlen = ERSPAN_GREHDR_LEN + sizeof *ersh + ERSPAN_V1_MDSIZE; | |
658 | } else if (tnl_cfg->erspan_ver == 2) { | |
659 | greh->protocol = htons(ETH_TYPE_ERSPAN2); | |
660 | greh->flags = htons(GRE_SEQ); | |
661 | ersh->ver = 2; | |
662 | set_sid(ersh, sid); | |
663 | ||
664 | struct erspan_md2 *md2 = ALIGNED_CAST(struct erspan_md2 *, ersh + 1); | |
665 | md2->sgt = 0; /* security group tag */ | |
666 | md2->gra = 0; | |
667 | put_16aligned_be32(&md2->timestamp, 0); | |
668 | set_hwid(md2, tnl_cfg->erspan_hwid); | |
669 | md2->dir = tnl_cfg->erspan_dir; | |
670 | ||
671 | hlen = ERSPAN_GREHDR_LEN + sizeof *ersh + ERSPAN_V2_MDSIZE; | |
672 | } else { | |
673 | VLOG_WARN_RL(&err_rl, "ERSPAN version error %d", tnl_cfg->erspan_ver); | |
674 | ovs_mutex_unlock(&dev->mutex); | |
675 | return 1; | |
676 | } | |
677 | ||
678 | ovs_mutex_unlock(&dev->mutex); | |
679 | ||
680 | data->header_len += hlen; | |
681 | ||
682 | if (params->is_ipv6) { | |
683 | data->tnl_type = OVS_VPORT_TYPE_IP6ERSPAN; | |
684 | } else { | |
685 | data->tnl_type = OVS_VPORT_TYPE_ERSPAN; | |
686 | } | |
687 | return 0; | |
688 | } | |
689 | ||
1c8f98d9 | 690 | struct dp_packet * |
6b241d64 PS |
691 | netdev_vxlan_pop_header(struct dp_packet *packet) |
692 | { | |
693 | struct pkt_metadata *md = &packet->md; | |
694 | struct flow_tnl *tnl = &md->tunnel; | |
695 | struct vxlanhdr *vxh; | |
696 | unsigned int hlen; | |
439f39cb GS |
697 | ovs_be32 vx_flags; |
698 | enum packet_type next_pt = PT_ETH; | |
6b241d64 | 699 | |
1fc2e1bd BB |
700 | ovs_assert(packet->l3_ofs > 0); |
701 | ovs_assert(packet->l4_ofs > 0); | |
702 | ||
6b241d64 PS |
703 | pkt_metadata_init_tnl(md); |
704 | if (VXLAN_HLEN > dp_packet_l4_size(packet)) { | |
1c8f98d9 | 705 | goto err; |
6b241d64 PS |
706 | } |
707 | ||
708 | vxh = udp_extract_tnl_md(packet, tnl, &hlen); | |
709 | if (!vxh) { | |
1c8f98d9 | 710 | goto err; |
6b241d64 PS |
711 | } |
712 | ||
439f39cb GS |
713 | vx_flags = get_16aligned_be32(&vxh->vx_flags); |
714 | if (vx_flags & htonl(VXLAN_HF_GPE)) { | |
715 | vx_flags &= htonl(~VXLAN_GPE_USED_BITS); | |
716 | /* Drop the OAM packets */ | |
717 | if (vxh->vx_gpe.flags & VXLAN_GPE_FLAGS_O) { | |
718 | goto err; | |
719 | } | |
720 | switch (vxh->vx_gpe.next_protocol) { | |
721 | case VXLAN_GPE_NP_IPV4: | |
722 | next_pt = PT_IPV4; | |
723 | break; | |
724 | case VXLAN_GPE_NP_IPV6: | |
725 | next_pt = PT_IPV6; | |
726 | break; | |
478b1473 JS |
727 | case VXLAN_GPE_NP_NSH: |
728 | next_pt = PT_NSH; | |
729 | break; | |
439f39cb GS |
730 | case VXLAN_GPE_NP_ETHERNET: |
731 | next_pt = PT_ETH; | |
732 | break; | |
733 | default: | |
734 | goto err; | |
735 | } | |
736 | } | |
737 | ||
738 | if (vx_flags != htonl(VXLAN_FLAGS) || | |
6b241d64 PS |
739 | (get_16aligned_be32(&vxh->vx_vni) & htonl(0xff))) { |
740 | VLOG_WARN_RL(&err_rl, "invalid vxlan flags=%#x vni=%#x\n", | |
439f39cb | 741 | ntohl(vx_flags), |
6b241d64 | 742 | ntohl(get_16aligned_be32(&vxh->vx_vni))); |
1c8f98d9 | 743 | goto err; |
6b241d64 PS |
744 | } |
745 | tnl->tun_id = htonll(ntohl(get_16aligned_be32(&vxh->vx_vni)) >> 8); | |
746 | tnl->flags |= FLOW_TNL_F_KEY; | |
747 | ||
439f39cb | 748 | packet->packet_type = htonl(next_pt); |
6b241d64 | 749 | dp_packet_reset_packet(packet, hlen + VXLAN_HLEN); |
439f39cb GS |
750 | if (next_pt != PT_ETH) { |
751 | packet->l3_ofs = 0; | |
752 | } | |
6b241d64 | 753 | |
1c8f98d9 PS |
754 | return packet; |
755 | err: | |
756 | dp_packet_delete(packet); | |
757 | return NULL; | |
6b241d64 PS |
758 | } |
759 | ||
760 | int | |
761 | netdev_vxlan_build_header(const struct netdev *netdev, | |
762 | struct ovs_action_push_tnl *data, | |
4975aa3e | 763 | const struct netdev_tnl_build_header_params *params) |
6b241d64 PS |
764 | { |
765 | struct netdev_vport *dev = netdev_vport_cast(netdev); | |
766 | struct netdev_tunnel_config *tnl_cfg; | |
767 | struct vxlanhdr *vxh; | |
6b241d64 PS |
768 | |
769 | /* XXX: RCUfy tnl_cfg. */ | |
770 | ovs_mutex_lock(&dev->mutex); | |
771 | tnl_cfg = &dev->tnl_cfg; | |
772 | ||
4975aa3e | 773 | vxh = udp_build_header(tnl_cfg, data, params); |
6b241d64 | 774 | |
439f39cb GS |
775 | if (tnl_cfg->exts & (1 << OVS_VXLAN_EXT_GPE)) { |
776 | put_16aligned_be32(&vxh->vx_flags, htonl(VXLAN_FLAGS | VXLAN_HF_GPE)); | |
777 | put_16aligned_be32(&vxh->vx_vni, | |
778 | htonl(ntohll(params->flow->tunnel.tun_id) << 8)); | |
875ab130 BP |
779 | if (params->flow->packet_type == htonl(PT_ETH)) { |
780 | vxh->vx_gpe.next_protocol = VXLAN_GPE_NP_ETHERNET; | |
781 | } else if (pt_ns(params->flow->packet_type) == OFPHTN_ETHERTYPE) { | |
782 | switch (pt_ns_type(params->flow->packet_type)) { | |
439f39cb GS |
783 | case ETH_TYPE_IP: |
784 | vxh->vx_gpe.next_protocol = VXLAN_GPE_NP_IPV4; | |
785 | break; | |
786 | case ETH_TYPE_IPV6: | |
787 | vxh->vx_gpe.next_protocol = VXLAN_GPE_NP_IPV6; | |
788 | break; | |
478b1473 JS |
789 | case ETH_TYPE_NSH: |
790 | vxh->vx_gpe.next_protocol = VXLAN_GPE_NP_NSH; | |
791 | break; | |
439f39cb GS |
792 | case ETH_TYPE_TEB: |
793 | vxh->vx_gpe.next_protocol = VXLAN_GPE_NP_ETHERNET; | |
794 | break; | |
875ab130 BP |
795 | default: |
796 | goto drop; | |
439f39cb GS |
797 | } |
798 | } else { | |
875ab130 | 799 | goto drop; |
439f39cb GS |
800 | } |
801 | } else { | |
802 | put_16aligned_be32(&vxh->vx_flags, htonl(VXLAN_FLAGS)); | |
803 | put_16aligned_be32(&vxh->vx_vni, | |
804 | htonl(ntohll(params->flow->tunnel.tun_id) << 8)); | |
805 | } | |
6b241d64 PS |
806 | |
807 | ovs_mutex_unlock(&dev->mutex); | |
4975aa3e | 808 | data->header_len += sizeof *vxh; |
6b241d64 PS |
809 | data->tnl_type = OVS_VPORT_TYPE_VXLAN; |
810 | return 0; | |
875ab130 BP |
811 | |
812 | drop: | |
813 | ovs_mutex_unlock(&dev->mutex); | |
814 | return 1; | |
6b241d64 PS |
815 | } |
816 | ||
1c8f98d9 | 817 | struct dp_packet * |
6b241d64 PS |
818 | netdev_geneve_pop_header(struct dp_packet *packet) |
819 | { | |
820 | struct pkt_metadata *md = &packet->md; | |
821 | struct flow_tnl *tnl = &md->tunnel; | |
822 | struct genevehdr *gnh; | |
823 | unsigned int hlen, opts_len, ulen; | |
824 | ||
825 | pkt_metadata_init_tnl(md); | |
826 | if (GENEVE_BASE_HLEN > dp_packet_l4_size(packet)) { | |
827 | VLOG_WARN_RL(&err_rl, "geneve packet too small: min header=%u packet size=%"PRIuSIZE"\n", | |
828 | (unsigned int)GENEVE_BASE_HLEN, dp_packet_l4_size(packet)); | |
1c8f98d9 | 829 | goto err; |
6b241d64 PS |
830 | } |
831 | ||
832 | gnh = udp_extract_tnl_md(packet, tnl, &ulen); | |
833 | if (!gnh) { | |
1c8f98d9 | 834 | goto err; |
6b241d64 PS |
835 | } |
836 | ||
837 | opts_len = gnh->opt_len * 4; | |
838 | hlen = ulen + GENEVE_BASE_HLEN + opts_len; | |
839 | if (hlen > dp_packet_size(packet)) { | |
840 | VLOG_WARN_RL(&err_rl, "geneve packet too small: header len=%u packet size=%u\n", | |
841 | hlen, dp_packet_size(packet)); | |
1c8f98d9 | 842 | goto err; |
6b241d64 PS |
843 | } |
844 | ||
845 | if (gnh->ver != 0) { | |
846 | VLOG_WARN_RL(&err_rl, "unknown geneve version: %"PRIu8"\n", gnh->ver); | |
1c8f98d9 | 847 | goto err; |
6b241d64 PS |
848 | } |
849 | ||
850 | if (gnh->proto_type != htons(ETH_TYPE_TEB)) { | |
851 | VLOG_WARN_RL(&err_rl, "unknown geneve encapsulated protocol: %#x\n", | |
852 | ntohs(gnh->proto_type)); | |
1c8f98d9 | 853 | goto err; |
6b241d64 PS |
854 | } |
855 | ||
856 | tnl->flags |= gnh->oam ? FLOW_TNL_F_OAM : 0; | |
857 | tnl->tun_id = htonll(ntohl(get_16aligned_be32(&gnh->vni)) >> 8); | |
858 | tnl->flags |= FLOW_TNL_F_KEY; | |
859 | ||
860 | memcpy(tnl->metadata.opts.gnv, gnh->options, opts_len); | |
861 | tnl->metadata.present.len = opts_len; | |
862 | tnl->flags |= FLOW_TNL_F_UDPIF; | |
863 | ||
63171f04 | 864 | packet->packet_type = htonl(PT_ETH); |
6b241d64 PS |
865 | dp_packet_reset_packet(packet, hlen); |
866 | ||
1c8f98d9 PS |
867 | return packet; |
868 | err: | |
869 | dp_packet_delete(packet); | |
870 | return NULL; | |
6b241d64 PS |
871 | } |
872 | ||
873 | int | |
874 | netdev_geneve_build_header(const struct netdev *netdev, | |
875 | struct ovs_action_push_tnl *data, | |
4975aa3e | 876 | const struct netdev_tnl_build_header_params *params) |
6b241d64 PS |
877 | { |
878 | struct netdev_vport *dev = netdev_vport_cast(netdev); | |
879 | struct netdev_tunnel_config *tnl_cfg; | |
880 | struct genevehdr *gnh; | |
881 | int opt_len; | |
882 | bool crit_opt; | |
6b241d64 PS |
883 | |
884 | /* XXX: RCUfy tnl_cfg. */ | |
885 | ovs_mutex_lock(&dev->mutex); | |
886 | tnl_cfg = &dev->tnl_cfg; | |
887 | ||
4975aa3e | 888 | gnh = udp_build_header(tnl_cfg, data, params); |
6b241d64 | 889 | |
4975aa3e | 890 | put_16aligned_be32(&gnh->vni, htonl(ntohll(params->flow->tunnel.tun_id) << 8)); |
6b241d64 PS |
891 | |
892 | ovs_mutex_unlock(&dev->mutex); | |
893 | ||
4975aa3e | 894 | opt_len = tun_metadata_to_geneve_header(¶ms->flow->tunnel, |
6b241d64 PS |
895 | gnh->options, &crit_opt); |
896 | ||
897 | gnh->opt_len = opt_len / 4; | |
4975aa3e | 898 | gnh->oam = !!(params->flow->tunnel.flags & FLOW_TNL_F_OAM); |
6b241d64 PS |
899 | gnh->critical = crit_opt ? 1 : 0; |
900 | gnh->proto_type = htons(ETH_TYPE_TEB); | |
901 | ||
4975aa3e | 902 | data->header_len += sizeof *gnh + opt_len; |
6b241d64 PS |
903 | data->tnl_type = OVS_VPORT_TYPE_GENEVE; |
904 | return 0; | |
905 | } | |
906 | ||
907 | \f | |
908 | void | |
909 | netdev_tnl_egress_port_range(struct unixctl_conn *conn, int argc, | |
910 | const char *argv[], void *aux OVS_UNUSED) | |
911 | { | |
912 | int val1, val2; | |
913 | ||
914 | if (argc < 3) { | |
915 | struct ds ds = DS_EMPTY_INITIALIZER; | |
916 | ||
917 | ds_put_format(&ds, "Tunnel UDP source port range: %"PRIu16"-%"PRIu16"\n", | |
918 | tnl_udp_port_min, tnl_udp_port_max); | |
919 | ||
920 | unixctl_command_reply(conn, ds_cstr(&ds)); | |
921 | ds_destroy(&ds); | |
922 | return; | |
923 | } | |
924 | ||
925 | if (argc != 3) { | |
926 | return; | |
927 | } | |
928 | ||
929 | val1 = atoi(argv[1]); | |
930 | if (val1 <= 0 || val1 > UINT16_MAX) { | |
931 | unixctl_command_reply(conn, "Invalid min."); | |
932 | return; | |
933 | } | |
934 | val2 = atoi(argv[2]); | |
935 | if (val2 <= 0 || val2 > UINT16_MAX) { | |
936 | unixctl_command_reply(conn, "Invalid max."); | |
937 | return; | |
938 | } | |
939 | ||
940 | if (val1 > val2) { | |
941 | tnl_udp_port_min = val2; | |
942 | tnl_udp_port_max = val1; | |
943 | } else { | |
944 | tnl_udp_port_min = val1; | |
945 | tnl_udp_port_max = val2; | |
946 | } | |
947 | seq_change(tnl_conf_seq); | |
948 | ||
949 | unixctl_command_reply(conn, "OK"); | |
950 | } |