lib/ct-dpif.h

   1 /*
   2  * Copyright (c) 2015, 2018 Nicira, Inc.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at:
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 #ifndef CT_DPIF_H
  18 #define CT_DPIF_H
  19
  20 #include "openvswitch/types.h"
  21 #include "packets.h"
  22
  23 union ct_dpif_inet_addr {
  24     ovs_be32 ip;
  25     ovs_be32 ip6[4];
  26     struct in_addr in;
  27     struct in6_addr in6;
  28 };
  29
  30 struct ct_dpif_tuple {
  31     uint16_t l3_type; /* Address family. */
  32     uint8_t  ip_proto;
  33     union ct_dpif_inet_addr src;
  34     union ct_dpif_inet_addr dst;
  35     union {
  36         ovs_be16 src_port;
  37         ovs_be16 icmp_id;
  38     };
  39     union {
  40         ovs_be16 dst_port;
  41         struct {
  42             uint8_t icmp_type;
  43             uint8_t icmp_code;
  44         };
  45     };
  46 };
  47 BUILD_ASSERT_DECL(sizeof(struct ct_dpif_tuple) % 8 == 0);
  48
  49 struct ct_dpif_counters {
  50     uint64_t packets;
  51     uint64_t bytes;
  52 };
  53
  54 /* Nanoseconds from January 1, 1970 */
  55 struct ct_dpif_timestamp {
  56     /* When the entry was created */
  57     uint64_t start;
  58     /* When the entry was deleted */
  59     uint64_t stop;
  60 };
  61
  62 #define DEFAULT_TP_ID 0
  63
  64 #define CT_DPIF_TCP_STATES \
  65     CT_DPIF_TCP_STATE(CLOSED) \
  66     CT_DPIF_TCP_STATE(LISTEN) \
  67     CT_DPIF_TCP_STATE(SYN_SENT) \
  68     CT_DPIF_TCP_STATE(SYN_RECV) \
  69     CT_DPIF_TCP_STATE(ESTABLISHED) \
  70     CT_DPIF_TCP_STATE(CLOSE_WAIT) \
  71     CT_DPIF_TCP_STATE(FIN_WAIT_1) \
  72     CT_DPIF_TCP_STATE(CLOSING) \
  73     CT_DPIF_TCP_STATE(LAST_ACK) \
  74     CT_DPIF_TCP_STATE(FIN_WAIT_2) \
  75     CT_DPIF_TCP_STATE(TIME_WAIT) \
  76     CT_DPIF_TCP_STATE(MAX_NUM)
  77
  78 enum OVS_PACKED_ENUM ct_dpif_tcp_state {
  79 #define CT_DPIF_TCP_STATE(STATE) CT_DPIF_TCPS_##STATE,
  80     CT_DPIF_TCP_STATES
  81 #undef CT_DPIF_TCP_STATE
  82 };
  83
  84 extern const char *ct_dpif_tcp_state_string[];
  85
  86 #define CT_DPIF_TCP_FLAGS \
  87     CT_DPIF_TCP_FLAG(WINDOW_SCALE) \
  88     CT_DPIF_TCP_FLAG(SACK_PERM) \
  89     CT_DPIF_TCP_FLAG(CLOSE_INIT) \
  90     CT_DPIF_TCP_FLAG(BE_LIBERAL) \
  91     CT_DPIF_TCP_FLAG(DATA_UNACKNOWLEDGED) \
  92     CT_DPIF_TCP_FLAG(MAXACK_SET) \
  93
  94 enum ct_dpif_tcp_flags_count_ {
  95 #define CT_DPIF_TCP_FLAG(FLAG) FLAG##_COUNT_,
  96     CT_DPIF_TCP_FLAGS
  97 #undef CT_DPIF_TCP_FLAG
  98 };
  99
 100 enum ct_dpif_tcp_flags {
 101 #define CT_DPIF_TCP_FLAG(FLAG) CT_DPIF_TCPF_##FLAG = (1 << FLAG##_COUNT_),
 102     CT_DPIF_TCP_FLAGS
 103 #undef CT_DPIF_TCP_FLAG
 104 };
 105
 106 extern const char *ct_dpif_sctp_state_string[];
 107
 108 #define CT_DPIF_SCTP_STATES \
 109     CT_DPIF_SCTP_STATE(CLOSED) \
 110     CT_DPIF_SCTP_STATE(COOKIE_WAIT) \
 111     CT_DPIF_SCTP_STATE(COOKIE_ECHOED) \
 112     CT_DPIF_SCTP_STATE(ESTABLISHED) \
 113     CT_DPIF_SCTP_STATE(SHUTDOWN_SENT) \
 114     CT_DPIF_SCTP_STATE(SHUTDOWN_RECD) \
 115     CT_DPIF_SCTP_STATE(SHUTDOWN_ACK_SENT) \
 116     CT_DPIF_SCTP_STATE(HEARTBEAT_SENT) \
 117     CT_DPIF_SCTP_STATE(HEARTBEAT_ACKED) \
 118     CT_DPIF_SCTP_STATE(MAX_NUM)
 119
 120 enum ct_dpif_sctp_state {
 121 #define CT_DPIF_SCTP_STATE(STATE) CT_DPIF_SCTP_STATE_##STATE,
 122     CT_DPIF_SCTP_STATES
 123 #undef CT_DPIF_SCTP_STATE
 124 };
 125
 126 struct ct_dpif_protoinfo {
 127     uint16_t proto; /* IPPROTO_* */
 128     union {
 129         struct {
 130             uint8_t state_orig;
 131             uint8_t state_reply;
 132             uint8_t wscale_orig;
 133             uint8_t wscale_reply;
 134             uint8_t flags_orig;
 135             uint8_t flags_reply;
 136         } tcp;
 137         struct {
 138             uint8_t state;
 139             uint32_t vtag_orig;
 140             uint32_t vtag_reply;
 141         } sctp;
 142     };
 143 };
 144
 145 struct ct_dpif_helper {
 146     char *name;
 147 };
 148
 149 #define CT_DPIF_STATUS_FLAGS \
 150     CT_DPIF_STATUS_FLAG(EXPECTED) \
 151     CT_DPIF_STATUS_FLAG(SEEN_REPLY) \
 152     CT_DPIF_STATUS_FLAG(ASSURED) \
 153     CT_DPIF_STATUS_FLAG(CONFIRMED) \
 154     CT_DPIF_STATUS_FLAG(SRC_NAT) \
 155     CT_DPIF_STATUS_FLAG(DST_NAT) \
 156     CT_DPIF_STATUS_FLAG(SEQ_ADJUST) \
 157     CT_DPIF_STATUS_FLAG(SRC_NAT_DONE) \
 158     CT_DPIF_STATUS_FLAG(DST_NAT_DONE) \
 159     CT_DPIF_STATUS_FLAG(DYING) \
 160     CT_DPIF_STATUS_FLAG(FIXED_TIMEOUT) \
 161     CT_DPIF_STATUS_FLAG(TEMPLATE) \
 162     CT_DPIF_STATUS_FLAG(UNTRACKED) \
 163
 164 enum ct_dpif_status_flags_count_ {
 165 #define CT_DPIF_STATUS_FLAG(FLAG) FLAG##_COUNT_,
 166     CT_DPIF_STATUS_FLAGS
 167 #undef CT_DPIF_STATUS_FLAG
 168 };
 169
 170 enum ct_dpif_status_flags {
 171 #define CT_DPIF_STATUS_FLAG(FLAG) CT_DPIF_STATUS_##FLAG = (1 << FLAG##_COUNT_),
 172     CT_DPIF_STATUS_FLAGS
 173 #undef CT_DPIF_STATUS_FLAG
 174 };
 175
 176 struct ct_dpif_entry {
 177     /* Const members. */
 178     struct ct_dpif_tuple tuple_orig;
 179     struct ct_dpif_tuple tuple_reply;
 180     struct ct_dpif_tuple tuple_parent;
 181     struct ct_dpif_helper helper;
 182     uint32_t id;
 183     uint16_t zone;
 184
 185     /* Modifiable members. */
 186
 187     struct ct_dpif_counters counters_orig;
 188     struct ct_dpif_counters counters_reply;
 189
 190     struct ct_dpif_timestamp timestamp;
 191     struct ct_dpif_protoinfo protoinfo;
 192
 193     ovs_u128 labels;
 194     bool have_labels;
 195     uint32_t status;
 196     /* Timeout for this entry in seconds */
 197     uint32_t timeout;
 198     uint32_t mark;
 199     uint32_t bkt;       /* CT bucket number. */
 200 };
 201
 202 enum {
 203     CT_STATS_UDP,
 204     CT_STATS_TCP,
 205     CT_STATS_SCTP,
 206     CT_STATS_ICMP,
 207     CT_STATS_ICMPV6,
 208     CT_STATS_UDPLITE,
 209     CT_STATS_DCCP,
 210     CT_STATS_IGMP,
 211     CT_STATS_OTHER,
 212     CT_STATS_MAX,
 213 };
 214
 215 struct dpif;
 216 struct dpif_ipf_status;
 217 struct ipf_dump_ctx;
 218
 219 struct ct_dpif_dump_state {
 220     struct dpif *dpif;
 221 };
 222
 223 struct ct_dpif_zone_limit {
 224     uint16_t zone;
 225     uint32_t limit;       /* Limit on number of entries. */
 226     uint32_t count;       /* Current number of entries. */
 227     struct ovs_list node;
 228 };
 229
 230 #define CT_DPIF_TP_TCP_ATTRS \
 231     CT_DPIF_TP_TCP_ATTR(SYN_SENT) \
 232     CT_DPIF_TP_TCP_ATTR(SYN_RECV) \
 233     CT_DPIF_TP_TCP_ATTR(ESTABLISHED) \
 234     CT_DPIF_TP_TCP_ATTR(FIN_WAIT) \
 235     CT_DPIF_TP_TCP_ATTR(CLOSE_WAIT) \
 236     CT_DPIF_TP_TCP_ATTR(LAST_ACK) \
 237     CT_DPIF_TP_TCP_ATTR(TIME_WAIT) \
 238     CT_DPIF_TP_TCP_ATTR(CLOSE) \
 239     CT_DPIF_TP_TCP_ATTR(SYN_SENT2) \
 240     CT_DPIF_TP_TCP_ATTR(RETRANSMIT) \
 241     CT_DPIF_TP_TCP_ATTR(UNACK)
 242
 243 #define CT_DPIF_TP_UDP_ATTRS \
 244     CT_DPIF_TP_UDP_ATTR(FIRST) \
 245     CT_DPIF_TP_UDP_ATTR(SINGLE) \
 246     CT_DPIF_TP_UDP_ATTR(MULTIPLE)
 247
 248 #define CT_DPIF_TP_ICMP_ATTRS \
 249     CT_DPIF_TP_ICMP_ATTR(FIRST) \
 250     CT_DPIF_TP_ICMP_ATTR(REPLY)
 251
 252 enum OVS_PACKED_ENUM ct_dpif_tp_attr {
 253 #define CT_DPIF_TP_TCP_ATTR(ATTR) CT_DPIF_TP_ATTR_TCP_##ATTR,
 254     CT_DPIF_TP_TCP_ATTRS
 255 #undef CT_DPIF_TP_TCP_ATTR
 256 #define CT_DPIF_TP_UDP_ATTR(ATTR) CT_DPIF_TP_ATTR_UDP_##ATTR,
 257     CT_DPIF_TP_UDP_ATTRS
 258 #undef CT_DPIF_TP_UDP_ATTR
 259 #define CT_DPIF_TP_ICMP_ATTR(ATTR) CT_DPIF_TP_ATTR_ICMP_##ATTR,
 260     CT_DPIF_TP_ICMP_ATTRS
 261 #undef CT_DPIF_TP_ICMP_ATTR
 262     CT_DPIF_TP_ATTR_MAX
 263 };
 264
 265 struct ct_dpif_timeout_policy {
 266     uint32_t    id;         /* Unique identifier for the timeout policy in
 267                              * the datapath. */
 268     uint32_t    present;    /* If a timeout attribute is present set the
 269                              * corresponding CT_DPIF_TP_ATTR_* mapping bit. */
 270     uint32_t    attrs[CT_DPIF_TP_ATTR_MAX];     /* An array that specifies
 271                                                  * timeout attribute values */
 272 };
 273
 274 int ct_dpif_dump_start(struct dpif *, struct ct_dpif_dump_state **,
 275                        const uint16_t *zone, int *);
 276 int ct_dpif_dump_next(struct ct_dpif_dump_state *, struct ct_dpif_entry *);
 277 int ct_dpif_dump_done(struct ct_dpif_dump_state *);
 278 int ct_dpif_flush(struct dpif *, const uint16_t *zone,
 279                   const struct ct_dpif_tuple *);
 280 int ct_dpif_set_maxconns(struct dpif *dpif, uint32_t maxconns);
 281 int ct_dpif_get_maxconns(struct dpif *dpif, uint32_t *maxconns);
 282 int ct_dpif_get_nconns(struct dpif *dpif, uint32_t *nconns);
 283 int ct_dpif_set_tcp_seq_chk(struct dpif *dpif, bool enabled);
 284 int ct_dpif_get_tcp_seq_chk(struct dpif *dpif, bool *enabled);
 285 int ct_dpif_set_limits(struct dpif *dpif, const uint32_t *default_limit,
 286                        const struct ovs_list *);
 287 int ct_dpif_get_limits(struct dpif *dpif, uint32_t *default_limit,
 288                        const struct ovs_list *, struct ovs_list *);
 289 int ct_dpif_del_limits(struct dpif *dpif, const struct ovs_list *);
 290 int ct_dpif_ipf_set_enabled(struct dpif *, bool v6, bool enable);
 291 int ct_dpif_ipf_set_min_frag(struct dpif *, bool v6, uint32_t min_frag);
 292 int ct_dpif_ipf_set_max_nfrags(struct dpif *, uint32_t max_frags);
 293 int ct_dpif_ipf_get_status(struct dpif *dpif,
 294                            struct dpif_ipf_status *dpif_ipf_status);
 295 int ct_dpif_ipf_dump_start(struct dpif *dpif, struct ipf_dump_ctx **);
 296 int ct_dpif_ipf_dump_next(struct dpif *dpif, void *, char **);
 297 int ct_dpif_ipf_dump_done(struct dpif *dpif, void *);
 298 void ct_dpif_entry_uninit(struct ct_dpif_entry *);
 299 void ct_dpif_format_entry(const struct ct_dpif_entry *, struct ds *,
 300                           bool verbose, bool print_stats);
 301 void ct_dpif_format_ipproto(struct ds *ds, uint16_t ipproto);
 302 void ct_dpif_format_tuple(struct ds *, const struct ct_dpif_tuple *);
 303 uint8_t ct_dpif_coalesce_tcp_state(uint8_t state);
 304 void ct_dpif_format_tcp_stat(struct ds *, int, int);
 305 bool ct_dpif_parse_tuple(struct ct_dpif_tuple *, const char *s, struct ds *);
 306 void ct_dpif_push_zone_limit(struct ovs_list *, uint16_t zone, uint32_t limit,
 307                              uint32_t count);
 308 void ct_dpif_free_zone_limits(struct ovs_list *);
 309 bool ct_dpif_parse_zone_limit_tuple(const char *s, uint16_t *pzone,
 310                                     uint32_t *plimit, struct ds *);
 311 void ct_dpif_format_zone_limits(uint32_t default_limit,
 312                                 const struct ovs_list *, struct ds *);
 313 bool ct_dpif_set_timeout_policy_attr_by_name(struct ct_dpif_timeout_policy *tp,
 314                                              const char *key, uint32_t value);
 315 bool ct_dpif_timeout_policy_support_ipproto(uint8_t ipproto);
 316 int ct_dpif_set_timeout_policy(struct dpif *dpif,
 317                                const struct ct_dpif_timeout_policy *tp);
 318 int ct_dpif_get_timeout_policy(struct dpif *dpif, uint32_t tp_id,
 319                                struct ct_dpif_timeout_policy *tp);
 320 int ct_dpif_del_timeout_policy(struct dpif *dpif, uint32_t tp_id);
 321 int ct_dpif_timeout_policy_dump_start(struct dpif *dpif, void **statep);
 322 int ct_dpif_timeout_policy_dump_next(struct dpif *dpif, void *state,
 323                                      struct ct_dpif_timeout_policy *tp);
 324 int ct_dpif_timeout_policy_dump_done(struct dpif *dpif, void *state);
 325 int ct_dpif_get_timeout_policy_name(struct dpif *dpif, uint32_t tp_id,
 326                                     uint16_t dl_type, uint8_t nw_proto,
 327                                     char **tp_name, bool *is_generic);
 328
 329 #endif /* CT_DPIF_H */