[mirror_ubuntu-hirsute-kernel.git] / net / core / flow_dissector.c

#include <linux/kernel.h>
#include <linux/skbuff.h>
#include <linux/export.h>
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/if_vlan.h>
#include <net/ip.h>
#include <net/ipv6.h>
#include <linux/igmp.h>
#include <linux/icmp.h>
#include <linux/sctp.h>
#include <linux/dccp.h>
#include <linux/if_tunnel.h>
#include <linux/if_pppox.h>
#include <linux/ppp_defs.h>
#include <net/flow_dissector.h>
#include <scsi/fc/fc_fcoe.h>

static bool skb_flow_dissector_uses_key(struct flow_dissector *flow_dissector,
					enum flow_dissector_key_id key_id)
{
	return flow_dissector->used_keys & (1 << key_id);
}

static void skb_flow_dissector_set_key(struct flow_dissector *flow_dissector,
				       enum flow_dissector_key_id key_id)
{
	flow_dissector->used_keys |= (1 << key_id);
}

static void *skb_flow_dissector_target(struct flow_dissector *flow_dissector,
				       enum flow_dissector_key_id key_id,
				       void *target_container)
{
	return ((char *) target_container) + flow_dissector->offset[key_id];
}

void skb_flow_dissector_init(struct flow_dissector *flow_dissector,
			     const struct flow_dissector_key *key,
			     unsigned int key_count)
{
	unsigned int i;

	memset(flow_dissector, 0, sizeof(*flow_dissector));

	for (i = 0; i < key_count; i++, key++) {
		/* User should make sure that every key target offset is withing
		 * boundaries of unsigned short.
		 */
		BUG_ON(key->offset > USHRT_MAX);
		BUG_ON(skb_flow_dissector_uses_key(flow_dissector,
						   key->key_id));

		skb_flow_dissector_set_key(flow_dissector, key->key_id);
		flow_dissector->offset[key->key_id] = key->offset;
	}

	/* Ensure that the dissector always includes basic key. That way
	 * we are able to avoid handling lack of it in fast path.
	 */
	BUG_ON(!skb_flow_dissector_uses_key(flow_dissector,
					    FLOW_DISSECTOR_KEY_BASIC));
}
EXPORT_SYMBOL(skb_flow_dissector_init);

/* copy saddr & daddr, possibly using 64bit load/store
 * Equivalent to :	flow->src = iph->saddr;
 *			flow->dst = iph->daddr;
 */
static void iph_to_flow_copy_addrs(struct flow_keys *flow, const struct iphdr *iph)
{
	BUILD_BUG_ON(offsetof(typeof(*flow), dst) !=
		     offsetof(typeof(*flow), src) + sizeof(flow->src));
	memcpy(&flow->src, &iph->saddr, sizeof(flow->src) + sizeof(flow->dst));
}

/**
 * __skb_flow_get_ports - extract the upper layer ports and return them
 * @skb: sk_buff to extract the ports from
 * @thoff: transport header offset
 * @ip_proto: protocol for which to get port offset
 * @data: raw buffer pointer to the packet, if NULL use skb->data
 * @hlen: packet header length, if @data is NULL use skb_headlen(skb)
 *
 * The function will try to retrieve the ports at offset thoff + poff where poff
 * is the protocol port offset returned from proto_ports_offset
 */
__be32 __skb_flow_get_ports(const struct sk_buff *skb, int thoff, u8 ip_proto,
			    void *data, int hlen)
{
	int poff = proto_ports_offset(ip_proto);

	if (!data) {
		data = skb->data;
		hlen = skb_headlen(skb);
	}

	if (poff >= 0) {
		__be32 *ports, _ports;

		ports = __skb_header_pointer(skb, thoff + poff,
					     sizeof(_ports), data, hlen, &_ports);
		if (ports)
			return *ports;
	}

	return 0;
}
EXPORT_SYMBOL(__skb_flow_get_ports);

/**
 * __skb_flow_dissect - extract the flow_keys struct and return it
 * @skb: sk_buff to extract the flow from, can be NULL if the rest are specified
 * @data: raw buffer pointer to the packet, if NULL use skb->data
 * @proto: protocol for which to get the flow, if @data is NULL use skb->protocol
 * @nhoff: network header offset, if @data is NULL use skb_network_offset(skb)
 * @hlen: packet header length, if @data is NULL use skb_headlen(skb)
 *
 * The function will try to retrieve the struct flow_keys from either the skbuff
 * or a raw buffer specified by the rest parameters
 */
bool __skb_flow_dissect(const struct sk_buff *skb, struct flow_keys *flow,
			void *data, __be16 proto, int nhoff, int hlen)
{
	u8 ip_proto;

	if (!data) {
		data = skb->data;
		proto = skb->protocol;
		nhoff = skb_network_offset(skb);
		hlen = skb_headlen(skb);
	}

	memset(flow, 0, sizeof(*flow));

again:
	switch (proto) {
	case htons(ETH_P_IP): {
		const struct iphdr *iph;
		struct iphdr _iph;
ip:
		iph = __skb_header_pointer(skb, nhoff, sizeof(_iph), data, hlen, &_iph);
		if (!iph || iph->ihl < 5)
			return false;
		nhoff += iph->ihl * 4;

		ip_proto = iph->protocol;
		if (ip_is_fragment(iph))
			ip_proto = 0;

		/* skip the address processing if skb is NULL.  The assumption
		 * here is that if there is no skb we are not looking for flow
		 * info but lengths and protocols.
		 */
		if (!skb)
			break;

		iph_to_flow_copy_addrs(flow, iph);
		break;
	}
	case htons(ETH_P_IPV6): {
		const struct ipv6hdr *iph;
		struct ipv6hdr _iph;
		__be32 flow_label;

ipv6:
		iph = __skb_header_pointer(skb, nhoff, sizeof(_iph), data, hlen, &_iph);
		if (!iph)
			return false;

		ip_proto = iph->nexthdr;
		nhoff += sizeof(struct ipv6hdr);

		/* see comment above in IPv4 section */
		if (!skb)
			break;

		flow->src = (__force __be32)ipv6_addr_hash(&iph->saddr);
		flow->dst = (__force __be32)ipv6_addr_hash(&iph->daddr);

		flow_label = ip6_flowlabel(iph);
		if (flow_label) {
			/* Awesome, IPv6 packet has a flow label so we can
			 * use that to represent the ports without any
			 * further dissection.
			 */
			flow->n_proto = proto;
			flow->ip_proto = ip_proto;
			flow->ports = flow_label;
			flow->thoff = (u16)nhoff;

			return true;
		}

		break;
	}
	case htons(ETH_P_8021AD):
	case htons(ETH_P_8021Q): {
		const struct vlan_hdr *vlan;
		struct vlan_hdr _vlan;

		vlan = __skb_header_pointer(skb, nhoff, sizeof(_vlan), data, hlen, &_vlan);
		if (!vlan)
			return false;

		proto = vlan->h_vlan_encapsulated_proto;
		nhoff += sizeof(*vlan);
		goto again;
	}
	case htons(ETH_P_PPP_SES): {
		struct {
			struct pppoe_hdr hdr;
			__be16 proto;
		} *hdr, _hdr;
		hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
		if (!hdr)
			return false;
		proto = hdr->proto;
		nhoff += PPPOE_SES_HLEN;
		switch (proto) {
		case htons(PPP_IP):
			goto ip;
		case htons(PPP_IPV6):
			goto ipv6;
		default:
			return false;
		}
	}
	case htons(ETH_P_TIPC): {
		struct {
			__be32 pre[3];
			__be32 srcnode;
		} *hdr, _hdr;
		hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
		if (!hdr)
			return false;
		flow->src = hdr->srcnode;
		flow->dst = 0;
		flow->n_proto = proto;
		flow->thoff = (u16)nhoff;
		return true;
	}
	case htons(ETH_P_FCOE):
		flow->thoff = (u16)(nhoff + FCOE_HEADER_LEN);
		/* fall through */
	default:
		return false;
	}

	switch (ip_proto) {
	case IPPROTO_GRE: {
		struct gre_hdr {
			__be16 flags;
			__be16 proto;
		} *hdr, _hdr;

		hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
		if (!hdr)
			return false;
		/*
		 * Only look inside GRE if version zero and no
		 * routing
		 */
		if (!(hdr->flags & (GRE_VERSION|GRE_ROUTING))) {
			proto = hdr->proto;
			nhoff += 4;
			if (hdr->flags & GRE_CSUM)
				nhoff += 4;
			if (hdr->flags & GRE_KEY)
				nhoff += 4;
			if (hdr->flags & GRE_SEQ)
				nhoff += 4;
			if (proto == htons(ETH_P_TEB)) {
				const struct ethhdr *eth;
				struct ethhdr _eth;

				eth = __skb_header_pointer(skb, nhoff,
							   sizeof(_eth),
							   data, hlen, &_eth);
				if (!eth)
					return false;
				proto = eth->h_proto;
				nhoff += sizeof(*eth);
			}
			goto again;
		}
		break;
	}
	case IPPROTO_IPIP:
		proto = htons(ETH_P_IP);
		goto ip;
	case IPPROTO_IPV6:
		proto = htons(ETH_P_IPV6);
		goto ipv6;
	default:
		break;
	}

	flow->n_proto = proto;
	flow->ip_proto = ip_proto;
	flow->thoff = (u16) nhoff;

	/* unless skb is set we don't need to record port info */
	if (skb)
		flow->ports = __skb_flow_get_ports(skb, nhoff, ip_proto,
						   data, hlen);

	return true;
}
EXPORT_SYMBOL(__skb_flow_dissect);

static u32 hashrnd __read_mostly;
static __always_inline void __flow_hash_secret_init(void)
{
	net_get_random_once(&hashrnd, sizeof(hashrnd));
}

static __always_inline u32 __flow_hash_3words(u32 a, u32 b, u32 c, u32 keyval)
{
	return jhash_3words(a, b, c, keyval);
}

static inline u32 __flow_hash_from_keys(struct flow_keys *keys, u32 keyval)
{
	u32 hash;

	/* get a consistent hash (same value on both flow directions) */
	if (((__force u32)keys->dst < (__force u32)keys->src) ||
	    (((__force u32)keys->dst == (__force u32)keys->src) &&
	     ((__force u16)keys->port16[1] < (__force u16)keys->port16[0]))) {
		swap(keys->dst, keys->src);
		swap(keys->port16[0], keys->port16[1]);
	}

	hash = __flow_hash_3words((__force u32)keys->dst,
				  (__force u32)keys->src,
				  (__force u32)keys->ports,
				  keyval);
	if (!hash)
		hash = 1;

	return hash;
}

u32 flow_hash_from_keys(struct flow_keys *keys)
{
	__flow_hash_secret_init();
	return __flow_hash_from_keys(keys, hashrnd);
}
EXPORT_SYMBOL(flow_hash_from_keys);

static inline u32 ___skb_get_hash(const struct sk_buff *skb,
				  struct flow_keys *keys, u32 keyval)
{
	if (!skb_flow_dissect(skb, keys))
		return 0;

	return __flow_hash_from_keys(keys, keyval);
}

struct _flow_keys_digest_data {
	__be16	n_proto;
	u8	ip_proto;
	u8	padding;
	__be32	ports;
	__be32	src;
	__be32	dst;
};

void make_flow_keys_digest(struct flow_keys_digest *digest,
			   const struct flow_keys *flow)
{
	struct _flow_keys_digest_data *data =
	    (struct _flow_keys_digest_data *)digest;

	BUILD_BUG_ON(sizeof(*data) > sizeof(*digest));

	memset(digest, 0, sizeof(*digest));

	data->n_proto = flow->n_proto;
	data->ip_proto = flow->ip_proto;
	data->ports = flow->ports;
	data->src = flow->src;
	data->dst = flow->dst;
}
EXPORT_SYMBOL(make_flow_keys_digest);

/**
 * __skb_get_hash: calculate a flow hash
 * @skb: sk_buff to calculate flow hash from
 *
 * This function calculates a flow hash based on src/dst addresses
 * and src/dst port numbers.  Sets hash in skb to non-zero hash value
 * on success, zero indicates no valid hash.  Also, sets l4_hash in skb
 * if hash is a canonical 4-tuple hash over transport ports.
 */
void __skb_get_hash(struct sk_buff *skb)
{
	struct flow_keys keys;
	u32 hash;

	__flow_hash_secret_init();

	hash = ___skb_get_hash(skb, &keys, hashrnd);
	if (!hash)
		return;
	if (keys.ports)
		skb->l4_hash = 1;
	skb->sw_hash = 1;
	skb->hash = hash;
}
EXPORT_SYMBOL(__skb_get_hash);

__u32 skb_get_hash_perturb(const struct sk_buff *skb, u32 perturb)
{
	struct flow_keys keys;

	return ___skb_get_hash(skb, &keys, perturb);
}
EXPORT_SYMBOL(skb_get_hash_perturb);

u32 __skb_get_poff(const struct sk_buff *skb, void *data,
		   const struct flow_keys *keys, int hlen)
{
	u32 poff = keys->thoff;

	switch (keys->ip_proto) {
	case IPPROTO_TCP: {
		/* access doff as u8 to avoid unaligned access */
		const u8 *doff;
		u8 _doff;

		doff = __skb_header_pointer(skb, poff + 12, sizeof(_doff),
					    data, hlen, &_doff);
		if (!doff)
			return poff;

		poff += max_t(u32, sizeof(struct tcphdr), (*doff & 0xF0) >> 2);
		break;
	}
	case IPPROTO_UDP:
	case IPPROTO_UDPLITE:
		poff += sizeof(struct udphdr);
		break;
	/* For the rest, we do not really care about header
	 * extensions at this point for now.
	 */
	case IPPROTO_ICMP:
		poff += sizeof(struct icmphdr);
		break;
	case IPPROTO_ICMPV6:
		poff += sizeof(struct icmp6hdr);
		break;
	case IPPROTO_IGMP:
		poff += sizeof(struct igmphdr);
		break;
	case IPPROTO_DCCP:
		poff += sizeof(struct dccp_hdr);
		break;
	case IPPROTO_SCTP:
		poff += sizeof(struct sctphdr);
		break;
	}

	return poff;
}

/**
 * skb_get_poff - get the offset to the payload
 * @skb: sk_buff to get the payload offset from
 *
 * The function will get the offset to the payload as far as it could
 * be dissected.  The main user is currently BPF, so that we can dynamically
 * truncate packets without needing to push actual payload to the user
 * space and can analyze headers only, instead.
 */
u32 skb_get_poff(const struct sk_buff *skb)
{
	struct flow_keys keys;

	if (!skb_flow_dissect(skb, &keys))
		return 0;

	return __skb_get_poff(skb, skb->data, &keys, skb_headlen(skb));
}
Commit	Line	Data
fbff949e	1	#include <linux/kernel.h>
0744dd00	2	#include <linux/skbuff.h>
c452ed70	3	#include <linux/export.h>
0744dd00 ED	4	#include <linux/ip.h>
	5	#include <linux/ipv6.h>
	6	#include <linux/if_vlan.h>
	7	#include <net/ip.h>
ddbe5032	8	#include <net/ipv6.h>
f77668dc DB	9	#include <linux/igmp.h>
	10	#include <linux/icmp.h>
	11	#include <linux/sctp.h>
	12	#include <linux/dccp.h>
0744dd00 ED	13	#include <linux/if_tunnel.h>
	14	#include <linux/if_pppox.h>
	15	#include <linux/ppp_defs.h>
1bd758eb	16	#include <net/flow_dissector.h>
56193d1b	17	#include <scsi/fc/fc_fcoe.h>
0744dd00	18
fbff949e JP	19	static bool skb_flow_dissector_uses_key(struct flow_dissector *flow_dissector,
	20	enum flow_dissector_key_id key_id)
	21	{
	22	return flow_dissector->used_keys & (1 << key_id);
	23	}
	24
	25	static void skb_flow_dissector_set_key(struct flow_dissector *flow_dissector,
	26	enum flow_dissector_key_id key_id)
	27	{
	28	flow_dissector->used_keys \|= (1 << key_id);
	29	}
	30
	31	static void skb_flow_dissector_target(struct flow_dissector flow_dissector,
	32	enum flow_dissector_key_id key_id,
	33	void *target_container)
	34	{
	35	return ((char *) target_container) + flow_dissector->offset[key_id];
	36	}
	37
	38	void skb_flow_dissector_init(struct flow_dissector *flow_dissector,
	39	const struct flow_dissector_key *key,
	40	unsigned int key_count)
	41	{
	42	unsigned int i;
	43
	44	memset(flow_dissector, 0, sizeof(*flow_dissector));
	45
	46	for (i = 0; i < key_count; i++, key++) {
	47	/* User should make sure that every key target offset is withing
	48	* boundaries of unsigned short.
	49	*/
	50	BUG_ON(key->offset > USHRT_MAX);
	51	BUG_ON(skb_flow_dissector_uses_key(flow_dissector,
	52	key->key_id));
	53
	54	skb_flow_dissector_set_key(flow_dissector, key->key_id);
	55	flow_dissector->offset[key->key_id] = key->offset;
	56	}
	57
	58	/* Ensure that the dissector always includes basic key. That way
	59	* we are able to avoid handling lack of it in fast path.
	60	*/
	61	BUG_ON(!skb_flow_dissector_uses_key(flow_dissector,
	62	FLOW_DISSECTOR_KEY_BASIC));
	63	}
	64	EXPORT_SYMBOL(skb_flow_dissector_init);
	65
4d77d2b5 ED	66	/* copy saddr & daddr, possibly using 64bit load/store
	67	* Equivalent to : flow->src = iph->saddr;
	68	* flow->dst = iph->daddr;
	69	*/
	70	static void iph_to_flow_copy_addrs(struct flow_keys flow, const struct iphdr iph)
	71	{
	72	BUILD_BUG_ON(offsetof(typeof(*flow), dst) !=
	73	offsetof(typeof(*flow), src) + sizeof(flow->src));
	74	memcpy(&flow->src, &iph->saddr, sizeof(flow->src) + sizeof(flow->dst));
	75	}
0744dd00	76
357afe9c	77	/**
6451b3f5 WC	78	* __skb_flow_get_ports - extract the upper layer ports and return them
6451b3f5 WC	79	* @skb: sk_buff to extract the ports from
357afe9c NA	80	* @thoff: transport header offset
357afe9c NA	81	* @ip_proto: protocol for which to get port offset
6451b3f5 WC	82	* @data: raw buffer pointer to the packet, if NULL use skb->data
6451b3f5 WC	83	* @hlen: packet header length, if @data is NULL use skb_headlen(skb)
357afe9c NA	84	*
	85	* The function will try to retrieve the ports at offset thoff + poff where poff
	86	* is the protocol port offset returned from proto_ports_offset
	87	*/
690e36e7 DM	88	__be32 __skb_flow_get_ports(const struct sk_buff *skb, int thoff, u8 ip_proto,
690e36e7 DM	89	void *data, int hlen)
357afe9c NA	90	{
	91	int poff = proto_ports_offset(ip_proto);
	92
690e36e7 DM	93	if (!data) {
	94	data = skb->data;
	95	hlen = skb_headlen(skb);
	96	}
	97
357afe9c NA	98	if (poff >= 0) {
	99	__be32 *ports, _ports;
	100
690e36e7 DM	101	ports = __skb_header_pointer(skb, thoff + poff,
690e36e7 DM	102	sizeof(_ports), data, hlen, &_ports);
357afe9c NA	103	if (ports)
	104	return *ports;
	105	}
	106
	107	return 0;
	108	}
690e36e7	109	EXPORT_SYMBOL(__skb_flow_get_ports);
357afe9c	110
453a940e WC	111	/**
	112	* __skb_flow_dissect - extract the flow_keys struct and return it
	113	* @skb: sk_buff to extract the flow from, can be NULL if the rest are specified
	114	* @data: raw buffer pointer to the packet, if NULL use skb->data
	115	* @proto: protocol for which to get the flow, if @data is NULL use skb->protocol
	116	* @nhoff: network header offset, if @data is NULL use skb_network_offset(skb)
	117	* @hlen: packet header length, if @data is NULL use skb_headlen(skb)
	118	*
	119	* The function will try to retrieve the struct flow_keys from either the skbuff
	120	* or a raw buffer specified by the rest parameters
	121	*/
	122	bool __skb_flow_dissect(const struct sk_buff skb, struct flow_keys flow,
	123	void *data, __be16 proto, int nhoff, int hlen)
0744dd00	124	{
0744dd00	125	u8 ip_proto;
0744dd00	126
690e36e7 DM	127	if (!data) {
690e36e7 DM	128	data = skb->data;
453a940e WC	129	proto = skb->protocol;
453a940e WC	130	nhoff = skb_network_offset(skb);
690e36e7 DM	131	hlen = skb_headlen(skb);
	132	}
	133
0744dd00 ED	134	memset(flow, 0, sizeof(*flow));
	135
	136	again:
	137	switch (proto) {
2b8837ae	138	case htons(ETH_P_IP): {
0744dd00 ED	139	const struct iphdr *iph;
	140	struct iphdr _iph;
	141	ip:
690e36e7	142	iph = __skb_header_pointer(skb, nhoff, sizeof(_iph), data, hlen, &_iph);
6f092343	143	if (!iph \|\| iph->ihl < 5)
0744dd00	144	return false;
3797d3e8	145	nhoff += iph->ihl * 4;
0744dd00	146
3797d3e8	147	ip_proto = iph->protocol;
0744dd00 ED	148	if (ip_is_fragment(iph))
0744dd00 ED	149	ip_proto = 0;
3797d3e8	150
5af7fb6e AD	151	/* skip the address processing if skb is NULL. The assumption
	152	* here is that if there is no skb we are not looking for flow
	153	* info but lengths and protocols.
	154	*/
	155	if (!skb)
	156	break;
	157
4d77d2b5	158	iph_to_flow_copy_addrs(flow, iph);
0744dd00 ED	159	break;
0744dd00 ED	160	}
2b8837ae	161	case htons(ETH_P_IPV6): {
0744dd00 ED	162	const struct ipv6hdr *iph;
0744dd00 ED	163	struct ipv6hdr _iph;
19469a87 TH	164	__be32 flow_label;
19469a87 TH	165
0744dd00	166	ipv6:
690e36e7	167	iph = __skb_header_pointer(skb, nhoff, sizeof(_iph), data, hlen, &_iph);
0744dd00 ED	168	if (!iph)
	169	return false;
	170
	171	ip_proto = iph->nexthdr;
0744dd00	172	nhoff += sizeof(struct ipv6hdr);
19469a87	173
5af7fb6e	174	/* see comment above in IPv4 section */
56193d1b AD	175	if (!skb)
	176	break;
	177
5af7fb6e AD	178	flow->src = (__force __be32)ipv6_addr_hash(&iph->saddr);
	179	flow->dst = (__force __be32)ipv6_addr_hash(&iph->daddr);
	180
19469a87 TH	181	flow_label = ip6_flowlabel(iph);
	182	if (flow_label) {
	183	/* Awesome, IPv6 packet has a flow label so we can
	184	* use that to represent the ports without any
	185	* further dissection.
	186	*/
	187	flow->n_proto = proto;
	188	flow->ip_proto = ip_proto;
	189	flow->ports = flow_label;
	190	flow->thoff = (u16)nhoff;
	191
	192	return true;
	193	}
	194
0744dd00 ED	195	break;
0744dd00 ED	196	}
2b8837ae JP	197	case htons(ETH_P_8021AD):
2b8837ae JP	198	case htons(ETH_P_8021Q): {
0744dd00 ED	199	const struct vlan_hdr *vlan;
	200	struct vlan_hdr _vlan;
	201
690e36e7	202	vlan = __skb_header_pointer(skb, nhoff, sizeof(_vlan), data, hlen, &_vlan);
0744dd00 ED	203	if (!vlan)
	204	return false;
	205
	206	proto = vlan->h_vlan_encapsulated_proto;
	207	nhoff += sizeof(*vlan);
	208	goto again;
	209	}
2b8837ae	210	case htons(ETH_P_PPP_SES): {
0744dd00 ED	211	struct {
	212	struct pppoe_hdr hdr;
	213	__be16 proto;
	214	} *hdr, _hdr;
690e36e7	215	hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
0744dd00 ED	216	if (!hdr)
	217	return false;
	218	proto = hdr->proto;
	219	nhoff += PPPOE_SES_HLEN;
	220	switch (proto) {
2b8837ae	221	case htons(PPP_IP):
0744dd00	222	goto ip;
2b8837ae	223	case htons(PPP_IPV6):
0744dd00 ED	224	goto ipv6;
	225	default:
	226	return false;
	227	}
	228	}
08bfc9cb EH	229	case htons(ETH_P_TIPC): {
	230	struct {
	231	__be32 pre[3];
	232	__be32 srcnode;
	233	} *hdr, _hdr;
	234	hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
	235	if (!hdr)
	236	return false;
	237	flow->src = hdr->srcnode;
	238	flow->dst = 0;
	239	flow->n_proto = proto;
	240	flow->thoff = (u16)nhoff;
	241	return true;
	242	}
56193d1b AD	243	case htons(ETH_P_FCOE):
	244	flow->thoff = (u16)(nhoff + FCOE_HEADER_LEN);
	245	/* fall through */
0744dd00 ED	246	default:
	247	return false;
	248	}
	249
	250	switch (ip_proto) {
	251	case IPPROTO_GRE: {
	252	struct gre_hdr {
	253	__be16 flags;
	254	__be16 proto;
	255	} *hdr, _hdr;
	256
690e36e7	257	hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
0744dd00 ED	258	if (!hdr)
	259	return false;
	260	/*
	261	* Only look inside GRE if version zero and no
	262	* routing
	263	*/
	264	if (!(hdr->flags & (GRE_VERSION\|GRE_ROUTING))) {
	265	proto = hdr->proto;
	266	nhoff += 4;
	267	if (hdr->flags & GRE_CSUM)
	268	nhoff += 4;
	269	if (hdr->flags & GRE_KEY)
	270	nhoff += 4;
	271	if (hdr->flags & GRE_SEQ)
	272	nhoff += 4;
e1733de2 MD	273	if (proto == htons(ETH_P_TEB)) {
	274	const struct ethhdr *eth;
	275	struct ethhdr _eth;
	276
690e36e7 DM	277	eth = __skb_header_pointer(skb, nhoff,
	278	sizeof(_eth),
	279	data, hlen, &_eth);
e1733de2 MD	280	if (!eth)
	281	return false;
	282	proto = eth->h_proto;
	283	nhoff += sizeof(*eth);
	284	}
0744dd00 ED	285	goto again;
	286	}
	287	break;
	288	}
	289	case IPPROTO_IPIP:
fca41895 TH	290	proto = htons(ETH_P_IP);
fca41895 TH	291	goto ip;
b438f940 TH	292	case IPPROTO_IPV6:
	293	proto = htons(ETH_P_IPV6);
	294	goto ipv6;
0744dd00 ED	295	default:
	296	break;
	297	}
	298
e0f31d84	299	flow->n_proto = proto;
0744dd00	300	flow->ip_proto = ip_proto;
8ed78166 DB	301	flow->thoff = (u16) nhoff;
8ed78166 DB	302
5af7fb6e AD	303	/* unless skb is set we don't need to record port info */
	304	if (skb)
	305	flow->ports = __skb_flow_get_ports(skb, nhoff, ip_proto,
	306	data, hlen);
	307
0744dd00 ED	308	return true;
0744dd00 ED	309	}
690e36e7	310	EXPORT_SYMBOL(__skb_flow_dissect);
441d9d32 CW	311
441d9d32 CW	312	static u32 hashrnd __read_mostly;
66415cf8 HFS	313	static __always_inline void __flow_hash_secret_init(void)
	314	{
	315	net_get_random_once(&hashrnd, sizeof(hashrnd));
	316	}
	317
50fb7992	318	static __always_inline u32 __flow_hash_3words(u32 a, u32 b, u32 c, u32 keyval)
66415cf8	319	{
50fb7992	320	return jhash_3words(a, b, c, keyval);
66415cf8 HFS	321	}
66415cf8 HFS	322
50fb7992	323	static inline u32 __flow_hash_from_keys(struct flow_keys *keys, u32 keyval)
5ed20a68 TH	324	{
	325	u32 hash;
	326
	327	/* get a consistent hash (same value on both flow directions) */
	328	if (((__force u32)keys->dst < (__force u32)keys->src) \|\|
	329	(((__force u32)keys->dst == (__force u32)keys->src) &&
	330	((__force u16)keys->port16[1] < (__force u16)keys->port16[0]))) {
	331	swap(keys->dst, keys->src);
	332	swap(keys->port16[0], keys->port16[1]);
	333	}
	334
	335	hash = __flow_hash_3words((__force u32)keys->dst,
	336	(__force u32)keys->src,
50fb7992 TH	337	(__force u32)keys->ports,
50fb7992 TH	338	keyval);
5ed20a68 TH	339	if (!hash)
	340	hash = 1;
	341
	342	return hash;
	343	}
	344
	345	u32 flow_hash_from_keys(struct flow_keys *keys)
	346	{
50fb7992 TH	347	__flow_hash_secret_init();
50fb7992 TH	348	return __flow_hash_from_keys(keys, hashrnd);
5ed20a68 TH	349	}
	350	EXPORT_SYMBOL(flow_hash_from_keys);
	351
50fb7992 TH	352	static inline u32 ___skb_get_hash(const struct sk_buff *skb,
	353	struct flow_keys *keys, u32 keyval)
	354	{
	355	if (!skb_flow_dissect(skb, keys))
	356	return 0;
	357
	358	return __flow_hash_from_keys(keys, keyval);
	359	}
	360
2f59e1eb TH	361	struct _flow_keys_digest_data {
	362	__be16 n_proto;
	363	u8 ip_proto;
	364	u8 padding;
	365	__be32 ports;
	366	__be32 src;
	367	__be32 dst;
	368	};
	369
	370	void make_flow_keys_digest(struct flow_keys_digest *digest,
	371	const struct flow_keys *flow)
	372	{
	373	struct _flow_keys_digest_data *data =
	374	(struct _flow_keys_digest_data *)digest;
	375
	376	BUILD_BUG_ON(sizeof(data) > sizeof(digest));
	377
	378	memset(digest, 0, sizeof(*digest));
	379
	380	data->n_proto = flow->n_proto;
	381	data->ip_proto = flow->ip_proto;
	382	data->ports = flow->ports;
	383	data->src = flow->src;
	384	data->dst = flow->dst;
	385	}
	386	EXPORT_SYMBOL(make_flow_keys_digest);
	387
d4fd3275 JP	388	/**
	389	* __skb_get_hash: calculate a flow hash
	390	* @skb: sk_buff to calculate flow hash from
	391	*
	392	* This function calculates a flow hash based on src/dst addresses
61b905da TH	393	* and src/dst port numbers. Sets hash in skb to non-zero hash value
61b905da TH	394	* on success, zero indicates no valid hash. Also, sets l4_hash in skb
441d9d32 CW	395	* if hash is a canonical 4-tuple hash over transport ports.
441d9d32 CW	396	*/
3958afa1	397	void __skb_get_hash(struct sk_buff *skb)
441d9d32 CW	398	{
441d9d32 CW	399	struct flow_keys keys;
50fb7992	400	u32 hash;
441d9d32	401
50fb7992 TH	402	__flow_hash_secret_init();
	403
	404	hash = ___skb_get_hash(skb, &keys, hashrnd);
	405	if (!hash)
441d9d32	406	return;
441d9d32	407	if (keys.ports)
61b905da	408	skb->l4_hash = 1;
a3b18ddb	409	skb->sw_hash = 1;
50fb7992	410	skb->hash = hash;
441d9d32	411	}
3958afa1	412	EXPORT_SYMBOL(__skb_get_hash);
441d9d32	413
50fb7992 TH	414	__u32 skb_get_hash_perturb(const struct sk_buff *skb, u32 perturb)
	415	{
	416	struct flow_keys keys;
	417
	418	return ___skb_get_hash(skb, &keys, perturb);
	419	}
	420	EXPORT_SYMBOL(skb_get_hash_perturb);
	421
56193d1b AD	422	u32 __skb_get_poff(const struct sk_buff skb, void data,
56193d1b AD	423	const struct flow_keys *keys, int hlen)
f77668dc	424	{
56193d1b	425	u32 poff = keys->thoff;
f77668dc	426
56193d1b	427	switch (keys->ip_proto) {
f77668dc	428	case IPPROTO_TCP: {
5af7fb6e AD	429	/* access doff as u8 to avoid unaligned access */
	430	const u8 *doff;
	431	u8 _doff;
f77668dc	432
5af7fb6e AD	433	doff = __skb_header_pointer(skb, poff + 12, sizeof(_doff),
	434	data, hlen, &_doff);
	435	if (!doff)
f77668dc DB	436	return poff;
f77668dc DB	437
5af7fb6e	438	poff += max_t(u32, sizeof(struct tcphdr), (*doff & 0xF0) >> 2);
f77668dc DB	439	break;
	440	}
	441	case IPPROTO_UDP:
	442	case IPPROTO_UDPLITE:
	443	poff += sizeof(struct udphdr);
	444	break;
	445	/* For the rest, we do not really care about header
	446	* extensions at this point for now.
	447	*/
	448	case IPPROTO_ICMP:
	449	poff += sizeof(struct icmphdr);
	450	break;
	451	case IPPROTO_ICMPV6:
	452	poff += sizeof(struct icmp6hdr);
	453	break;
	454	case IPPROTO_IGMP:
	455	poff += sizeof(struct igmphdr);
	456	break;
	457	case IPPROTO_DCCP:
	458	poff += sizeof(struct dccp_hdr);
	459	break;
	460	case IPPROTO_SCTP:
	461	poff += sizeof(struct sctphdr);
	462	break;
	463	}
	464
	465	return poff;
	466	}
	467
0db89b8b JP	468	/**
	469	* skb_get_poff - get the offset to the payload
	470	* @skb: sk_buff to get the payload offset from
	471	*
	472	* The function will get the offset to the payload as far as it could
	473	* be dissected. The main user is currently BPF, so that we can dynamically
56193d1b AD	474	* truncate packets without needing to push actual payload to the user
	475	* space and can analyze headers only, instead.
	476	*/
	477	u32 skb_get_poff(const struct sk_buff *skb)
	478	{
	479	struct flow_keys keys;
	480
	481	if (!skb_flow_dissect(skb, &keys))
	482	return 0;
	483
	484	return __skb_get_poff(skb, skb->data, &keys, skb_headlen(skb));
	485	}