]> git.proxmox.com Git - mirror_ovs.git/blob - lib/packets.c
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
other-config: Add tc-policy switch to control tc flower flag
[mirror_ovs.git] / lib / packets.c
1 /*
2 * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <config.h>
18 #include "packets.h"
19 #include <arpa/inet.h>
20 #include <sys/socket.h>
21 #include <netinet/in.h>
22 #include <netinet/ip6.h>
23 #include <netinet/icmp6.h>
24 #include <stdlib.h>
25 #include "byte-order.h"
26 #include "csum.h"
27 #include "crc32c.h"
28 #include "flow.h"
29 #include "openvswitch/hmap.h"
30 #include "openvswitch/dynamic-string.h"
31 #include "ovs-thread.h"
32 #include "odp-util.h"
33 #include "dp-packet.h"
34 #include "unaligned.h"
35
36 const struct in6_addr in6addr_exact = IN6ADDR_EXACT_INIT;
37 const struct in6_addr in6addr_all_hosts = IN6ADDR_ALL_HOSTS_INIT;
38 const struct in6_addr in6addr_all_routers = IN6ADDR_ALL_ROUTERS_INIT;
39
40 struct in6_addr
41 flow_tnl_dst(const struct flow_tnl *tnl)
42 {
43 return tnl->ip_dst ? in6_addr_mapped_ipv4(tnl->ip_dst) : tnl->ipv6_dst;
44 }
45
46 struct in6_addr
47 flow_tnl_src(const struct flow_tnl *tnl)
48 {
49 return tnl->ip_src ? in6_addr_mapped_ipv4(tnl->ip_src) : tnl->ipv6_src;
50 }
51
52 /* Parses 's' as a 16-digit hexadecimal number representing a datapath ID. On
53 * success stores the dpid into '*dpidp' and returns true, on failure stores 0
54 * into '*dpidp' and returns false.
55 *
56 * Rejects an all-zeros dpid as invalid. */
57 bool
58 dpid_from_string(const char *s, uint64_t *dpidp)
59 {
60 *dpidp = (strlen(s) == 16 && strspn(s, "0123456789abcdefABCDEF") == 16
61 ? strtoull(s, NULL, 16)
62 : 0);
63 return *dpidp != 0;
64 }
65
66 /* Returns true if 'ea' is a reserved address, that a bridge must never
67 * forward, false otherwise.
68 *
69 * If you change this function's behavior, please update corresponding
70 * documentation in vswitch.xml at the same time. */
71 bool
72 eth_addr_is_reserved(const struct eth_addr ea)
73 {
74 struct eth_addr_node {
75 struct hmap_node hmap_node;
76 const uint64_t ea64;
77 };
78
79 static struct eth_addr_node nodes[] = {
80 /* STP, IEEE pause frames, and other reserved protocols. */
81 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000000ULL },
82 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000001ULL },
83 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000002ULL },
84 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000003ULL },
85 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000004ULL },
86 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000005ULL },
87 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000006ULL },
88 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000007ULL },
89 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000008ULL },
90 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000009ULL },
91 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000aULL },
92 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000bULL },
93 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000cULL },
94 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000dULL },
95 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000eULL },
96 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000fULL },
97
98 /* Extreme protocols. */
99 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000000ULL }, /* EDP. */
100 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000004ULL }, /* EAPS. */
101 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000006ULL }, /* EAPS. */
102
103 /* Cisco protocols. */
104 { HMAP_NODE_NULL_INITIALIZER, 0x01000c000000ULL }, /* ISL. */
105 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccccULL }, /* PAgP, UDLD, CDP,
106 * DTP, VTP. */
107 { HMAP_NODE_NULL_INITIALIZER, 0x01000ccccccdULL }, /* PVST+. */
108 { HMAP_NODE_NULL_INITIALIZER, 0x01000ccdcdcdULL }, /* STP Uplink Fast,
109 * FlexLink. */
110
111 /* Cisco CFM. */
112 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc0ULL },
113 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc1ULL },
114 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc2ULL },
115 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc3ULL },
116 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc4ULL },
117 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc5ULL },
118 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc6ULL },
119 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc7ULL },
120 };
121
122 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
123 struct eth_addr_node *node;
124 static struct hmap addrs;
125 uint64_t ea64;
126
127 if (ovsthread_once_start(&once)) {
128 hmap_init(&addrs);
129 for (node = nodes; node < &nodes[ARRAY_SIZE(nodes)]; node++) {
130 hmap_insert(&addrs, &node->hmap_node, hash_uint64(node->ea64));
131 }
132 ovsthread_once_done(&once);
133 }
134
135 ea64 = eth_addr_to_uint64(ea);
136 HMAP_FOR_EACH_IN_BUCKET (node, hmap_node, hash_uint64(ea64), &addrs) {
137 if (node->ea64 == ea64) {
138 return true;
139 }
140 }
141 return false;
142 }
143
144 /* Attempts to parse 's' as an Ethernet address. If successful, stores the
145 * address in 'ea' and returns true, otherwise zeros 'ea' and returns
146 * false. This function checks trailing characters. */
147 bool
148 eth_addr_from_string(const char *s, struct eth_addr *ea)
149 {
150 int n = 0;
151 if (ovs_scan(s, ETH_ADDR_SCAN_FMT"%n", ETH_ADDR_SCAN_ARGS(*ea), &n)
152 && !s[n]) {
153 return true;
154 } else {
155 *ea = eth_addr_zero;
156 return false;
157 }
158 }
159
160 /* Fills 'b' with a Reverse ARP packet with Ethernet source address 'eth_src'.
161 * This function is used by Open vSwitch to compose packets in cases where
162 * context is important but content doesn't (or shouldn't) matter.
163 *
164 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
165 * desired. */
166 void
167 compose_rarp(struct dp_packet *b, const struct eth_addr eth_src)
168 {
169 struct eth_header *eth;
170 struct arp_eth_header *arp;
171
172 dp_packet_clear(b);
173 dp_packet_prealloc_tailroom(b, 2 + ETH_HEADER_LEN + VLAN_HEADER_LEN
174 + ARP_ETH_HEADER_LEN);
175 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
176 eth = dp_packet_put_uninit(b, sizeof *eth);
177 eth->eth_dst = eth_addr_broadcast;
178 eth->eth_src = eth_src;
179 eth->eth_type = htons(ETH_TYPE_RARP);
180
181 arp = dp_packet_put_uninit(b, sizeof *arp);
182 arp->ar_hrd = htons(ARP_HRD_ETHERNET);
183 arp->ar_pro = htons(ARP_PRO_IP);
184 arp->ar_hln = sizeof arp->ar_sha;
185 arp->ar_pln = sizeof arp->ar_spa;
186 arp->ar_op = htons(ARP_OP_RARP);
187 arp->ar_sha = eth_src;
188 put_16aligned_be32(&arp->ar_spa, htonl(0));
189 arp->ar_tha = eth_src;
190 put_16aligned_be32(&arp->ar_tpa, htonl(0));
191
192 dp_packet_reset_offsets(b);
193 dp_packet_set_l3(b, arp);
194 b->packet_type = htonl(PT_ETH);
195 }
196
197 /* Insert VLAN header according to given TCI. Packet passed must be Ethernet
198 * packet. Ignores the CFI bit of 'tci' using 0 instead.
199 *
200 * Also adjusts the layer offsets accordingly. */
201 void
202 eth_push_vlan(struct dp_packet *packet, ovs_be16 tpid, ovs_be16 tci)
203 {
204 struct vlan_eth_header *veh;
205
206 /* Insert new 802.1Q header. */
207 veh = dp_packet_resize_l2(packet, VLAN_HEADER_LEN);
208 memmove(veh, (char *)veh + VLAN_HEADER_LEN, 2 * ETH_ADDR_LEN);
209 veh->veth_type = tpid;
210 veh->veth_tci = tci & htons(~VLAN_CFI);
211 }
212
213 /* Removes outermost VLAN header (if any is present) from 'packet'.
214 *
215 * 'packet->l2_5' should initially point to 'packet''s outer-most VLAN header
216 * or may be NULL if there are no VLAN headers. */
217 void
218 eth_pop_vlan(struct dp_packet *packet)
219 {
220 struct vlan_eth_header *veh = dp_packet_eth(packet);
221
222 if (veh && dp_packet_size(packet) >= sizeof *veh
223 && eth_type_vlan(veh->veth_type)) {
224
225 memmove((char *)veh + VLAN_HEADER_LEN, veh, 2 * ETH_ADDR_LEN);
226 dp_packet_resize_l2(packet, -VLAN_HEADER_LEN);
227 }
228 }
229
230 /* Push Ethernet header onto 'packet' assuming it is layer 3 */
231 void
232 push_eth(struct dp_packet *packet, const struct eth_addr *dst,
233 const struct eth_addr *src)
234 {
235 struct eth_header *eh;
236
237 ovs_assert(packet->packet_type != htonl(PT_ETH));
238 eh = dp_packet_resize_l2(packet, ETH_HEADER_LEN);
239 eh->eth_dst = *dst;
240 eh->eth_src = *src;
241 eh->eth_type = pt_ns_type_be(packet->packet_type);
242 packet->packet_type = htonl(PT_ETH);
243 }
244
245 /* Removes Ethernet header, including VLAN header, from 'packet'.
246 *
247 * Previous to calling this function, 'ofpbuf_l3(packet)' must not be NULL */
248 void
249 pop_eth(struct dp_packet *packet)
250 {
251 char *l2_5 = dp_packet_l2_5(packet);
252 char *l3 = dp_packet_l3(packet);
253 ovs_be16 ethertype;
254 int increment;
255
256 ovs_assert(packet->packet_type == htonl(PT_ETH));
257 ovs_assert(l3 != NULL);
258
259 if (l2_5) {
260 increment = packet->l2_5_ofs;
261 ethertype = *(ALIGNED_CAST(ovs_be16 *, (l2_5 - 2)));
262 } else {
263 increment = packet->l3_ofs;
264 ethertype = *(ALIGNED_CAST(ovs_be16 *, (l3 - 2)));
265 }
266
267 dp_packet_resize_l2(packet, -increment);
268 packet->packet_type = PACKET_TYPE_BE(OFPHTN_ETHERTYPE, ntohs(ethertype));
269 }
270
271 /* Set ethertype of the packet. */
272 static void
273 set_ethertype(struct dp_packet *packet, ovs_be16 eth_type)
274 {
275 struct eth_header *eh = dp_packet_eth(packet);
276
277 if (!eh) {
278 return;
279 }
280
281 if (eth_type_vlan(eh->eth_type)) {
282 ovs_be16 *p;
283 char *l2_5 = dp_packet_l2_5(packet);
284
285 p = ALIGNED_CAST(ovs_be16 *,
286 (l2_5 ? l2_5 : (char *)dp_packet_l3(packet)) - 2);
287 *p = eth_type;
288 } else {
289 eh->eth_type = eth_type;
290 }
291 }
292
293 static bool is_mpls(struct dp_packet *packet)
294 {
295 return packet->l2_5_ofs != UINT16_MAX;
296 }
297
298 /* Set time to live (TTL) of an MPLS label stack entry (LSE). */
299 void
300 set_mpls_lse_ttl(ovs_be32 *lse, uint8_t ttl)
301 {
302 *lse &= ~htonl(MPLS_TTL_MASK);
303 *lse |= htonl((ttl << MPLS_TTL_SHIFT) & MPLS_TTL_MASK);
304 }
305
306 /* Set traffic class (TC) of an MPLS label stack entry (LSE). */
307 void
308 set_mpls_lse_tc(ovs_be32 *lse, uint8_t tc)
309 {
310 *lse &= ~htonl(MPLS_TC_MASK);
311 *lse |= htonl((tc << MPLS_TC_SHIFT) & MPLS_TC_MASK);
312 }
313
314 /* Set label of an MPLS label stack entry (LSE). */
315 void
316 set_mpls_lse_label(ovs_be32 *lse, ovs_be32 label)
317 {
318 *lse &= ~htonl(MPLS_LABEL_MASK);
319 *lse |= htonl((ntohl(label) << MPLS_LABEL_SHIFT) & MPLS_LABEL_MASK);
320 }
321
322 /* Set bottom of stack (BoS) bit of an MPLS label stack entry (LSE). */
323 void
324 set_mpls_lse_bos(ovs_be32 *lse, uint8_t bos)
325 {
326 *lse &= ~htonl(MPLS_BOS_MASK);
327 *lse |= htonl((bos << MPLS_BOS_SHIFT) & MPLS_BOS_MASK);
328 }
329
330 /* Compose an MPLS label stack entry (LSE) from its components:
331 * label, traffic class (TC), time to live (TTL) and
332 * bottom of stack (BoS) bit. */
333 ovs_be32
334 set_mpls_lse_values(uint8_t ttl, uint8_t tc, uint8_t bos, ovs_be32 label)
335 {
336 ovs_be32 lse = htonl(0);
337 set_mpls_lse_ttl(&lse, ttl);
338 set_mpls_lse_tc(&lse, tc);
339 set_mpls_lse_bos(&lse, bos);
340 set_mpls_lse_label(&lse, label);
341 return lse;
342 }
343
344 /* Set MPLS label stack entry to outermost MPLS header.*/
345 void
346 set_mpls_lse(struct dp_packet *packet, ovs_be32 mpls_lse)
347 {
348 /* Packet type should be MPLS to set label stack entry. */
349 if (is_mpls(packet)) {
350 struct mpls_hdr *mh = dp_packet_l2_5(packet);
351
352 /* Update mpls label stack entry. */
353 put_16aligned_be32(&mh->mpls_lse, mpls_lse);
354 }
355 }
356
357 /* Push MPLS label stack entry 'lse' onto 'packet' as the outermost MPLS
358 * header. If 'packet' does not already have any MPLS labels, then its
359 * Ethertype is changed to 'ethtype' (which must be an MPLS Ethertype). */
360 void
361 push_mpls(struct dp_packet *packet, ovs_be16 ethtype, ovs_be32 lse)
362 {
363 char * header;
364 size_t len;
365
366 if (!eth_type_mpls(ethtype)) {
367 return;
368 }
369
370 if (!is_mpls(packet)) {
371 /* Set MPLS label stack offset. */
372 packet->l2_5_ofs = packet->l3_ofs;
373 }
374
375 set_ethertype(packet, ethtype);
376
377 /* Push new MPLS shim header onto packet. */
378 len = packet->l2_5_ofs;
379 header = dp_packet_resize_l2_5(packet, MPLS_HLEN);
380 memmove(header, header + MPLS_HLEN, len);
381 memcpy(header + len, &lse, sizeof lse);
382 }
383
384 /* If 'packet' is an MPLS packet, removes its outermost MPLS label stack entry.
385 * If the label that was removed was the only MPLS label, changes 'packet''s
386 * Ethertype to 'ethtype' (which ordinarily should not be an MPLS
387 * Ethertype). */
388 void
389 pop_mpls(struct dp_packet *packet, ovs_be16 ethtype)
390 {
391 if (is_mpls(packet)) {
392 struct mpls_hdr *mh = dp_packet_l2_5(packet);
393 size_t len = packet->l2_5_ofs;
394
395 set_ethertype(packet, ethtype);
396 if (get_16aligned_be32(&mh->mpls_lse) & htonl(MPLS_BOS_MASK)) {
397 dp_packet_set_l2_5(packet, NULL);
398 }
399 /* Shift the l2 header forward. */
400 memmove((char*)dp_packet_data(packet) + MPLS_HLEN, dp_packet_data(packet), len);
401 dp_packet_resize_l2_5(packet, -MPLS_HLEN);
402 }
403 }
404
405 /* Converts hex digits in 'hex' to an Ethernet packet in '*packetp'. The
406 * caller must free '*packetp'. On success, returns NULL. On failure, returns
407 * an error message and stores NULL in '*packetp'.
408 *
409 * Aligns the L3 header of '*packetp' on a 32-bit boundary. */
410 const char *
411 eth_from_hex(const char *hex, struct dp_packet **packetp)
412 {
413 struct dp_packet *packet;
414
415 /* Use 2 bytes of headroom to 32-bit align the L3 header. */
416 packet = *packetp = dp_packet_new_with_headroom(strlen(hex) / 2, 2);
417
418 if (dp_packet_put_hex(packet, hex, NULL)[0] != '\0') {
419 dp_packet_delete(packet);
420 *packetp = NULL;
421 return "Trailing garbage in packet data";
422 }
423
424 if (dp_packet_size(packet) < ETH_HEADER_LEN) {
425 dp_packet_delete(packet);
426 *packetp = NULL;
427 return "Packet data too short for Ethernet";
428 }
429
430 return NULL;
431 }
432
433 void
434 eth_format_masked(const struct eth_addr eth,
435 const struct eth_addr *mask, struct ds *s)
436 {
437 ds_put_format(s, ETH_ADDR_FMT, ETH_ADDR_ARGS(eth));
438 if (mask && !eth_mask_is_exact(*mask)) {
439 ds_put_format(s, "/"ETH_ADDR_FMT, ETH_ADDR_ARGS(*mask));
440 }
441 }
442
443 /* Given the IP netmask 'netmask', returns the number of bits of the IP address
444 * that it specifies, that is, the number of 1-bits in 'netmask'.
445 *
446 * If 'netmask' is not a CIDR netmask (see ip_is_cidr()), the return value will
447 * still be in the valid range but isn't otherwise meaningful. */
448 int
449 ip_count_cidr_bits(ovs_be32 netmask)
450 {
451 return 32 - ctz32(ntohl(netmask));
452 }
453
454 void
455 ip_format_masked(ovs_be32 ip, ovs_be32 mask, struct ds *s)
456 {
457 ds_put_format(s, IP_FMT, IP_ARGS(ip));
458 if (mask != OVS_BE32_MAX) {
459 if (ip_is_cidr(mask)) {
460 ds_put_format(s, "/%d", ip_count_cidr_bits(mask));
461 } else {
462 ds_put_format(s, "/"IP_FMT, IP_ARGS(mask));
463 }
464 }
465 }
466
467 /* Parses string 's', which must be an IP address. Stores the IP address into
468 * '*ip'. Returns true if successful, otherwise false. */
469 bool
470 ip_parse(const char *s, ovs_be32 *ip)
471 {
472 return inet_pton(AF_INET, s, ip) == 1;
473 }
474
475 /* Parses string 's', which must be an IP address with a port number
476 * with ":" as a separator (e.g.: 192.168.1.2:80).
477 * Stores the IP address into '*ip' and port number to '*port'.
478 *
479 * Returns NULL if successful, otherwise an error message that the caller must
480 * free(). */
481 char * OVS_WARN_UNUSED_RESULT
482 ip_parse_port(const char *s, ovs_be32 *ip, ovs_be16 *port)
483 {
484 int n = 0;
485 if (ovs_scan(s, IP_PORT_SCAN_FMT"%n", IP_PORT_SCAN_ARGS(ip, port), &n)
486 && !s[n]) {
487 return NULL;
488 }
489
490 return xasprintf("%s: invalid IP address or port number", s);
491 }
492
493 /* Parses string 's', which must be an IP address with an optional netmask or
494 * CIDR prefix length. Stores the IP address into '*ip', netmask into '*mask',
495 * (255.255.255.255, if 's' lacks a netmask), and number of scanned characters
496 * into '*n'.
497 *
498 * Returns NULL if successful, otherwise an error message that the caller must
499 * free(). */
500 char * OVS_WARN_UNUSED_RESULT
501 ip_parse_masked_len(const char *s, int *n, ovs_be32 *ip,
502 ovs_be32 *mask)
503 {
504 int prefix;
505
506 if (ovs_scan_len(s, n, IP_SCAN_FMT"/"IP_SCAN_FMT,
507 IP_SCAN_ARGS(ip), IP_SCAN_ARGS(mask))) {
508 /* OK. */
509 } else if (ovs_scan_len(s, n, IP_SCAN_FMT"/%d",
510 IP_SCAN_ARGS(ip), &prefix)) {
511 if (prefix < 0 || prefix > 32) {
512 return xasprintf("%s: IPv4 network prefix bits not between 0 and "
513 "32, inclusive", s);
514 }
515 *mask = be32_prefix_mask(prefix);
516 } else if (ovs_scan_len(s, n, IP_SCAN_FMT, IP_SCAN_ARGS(ip))) {
517 *mask = OVS_BE32_MAX;
518 } else {
519 return xasprintf("%s: invalid IP address", s);
520 }
521 return NULL;
522 }
523
524 /* This function is similar to ip_parse_masked_len(), but doesn't return the
525 * number of scanned characters and expects 's' to end after the ip/(optional)
526 * mask.
527 *
528 * Returns NULL if successful, otherwise an error message that the caller must
529 * free(). */
530 char * OVS_WARN_UNUSED_RESULT
531 ip_parse_masked(const char *s, ovs_be32 *ip, ovs_be32 *mask)
532 {
533 int n = 0;
534
535 char *error = ip_parse_masked_len(s, &n, ip, mask);
536 if (!error && s[n]) {
537 return xasprintf("%s: invalid IP address", s);
538 }
539 return error;
540 }
541
542 /* Similar to ip_parse_masked_len(), but the mask, if present, must be a CIDR
543 * mask and is returned as a prefix len in '*plen'. */
544 char * OVS_WARN_UNUSED_RESULT
545 ip_parse_cidr_len(const char *s, int *n, ovs_be32 *ip, unsigned int *plen)
546 {
547 ovs_be32 mask;
548 char *error;
549
550 error = ip_parse_masked_len(s, n, ip, &mask);
551 if (error) {
552 return error;
553 }
554
555 if (!ip_is_cidr(mask)) {
556 return xasprintf("%s: CIDR network required", s);
557 }
558 *plen = ip_count_cidr_bits(mask);
559 return NULL;
560 }
561
562 /* Similar to ip_parse_cidr_len(), but doesn't return the number of scanned
563 * characters and expects 's' to be NULL terminated at the end of the
564 * ip/(optional) cidr. */
565 char * OVS_WARN_UNUSED_RESULT
566 ip_parse_cidr(const char *s, ovs_be32 *ip, unsigned int *plen)
567 {
568 int n = 0;
569
570 char *error = ip_parse_cidr_len(s, &n, ip, plen);
571 if (!error && s[n]) {
572 return xasprintf("%s: invalid IP address", s);
573 }
574 return error;
575 }
576
577 /* Parses string 's', which must be an IPv6 address. Stores the IPv6 address
578 * into '*ip'. Returns true if successful, otherwise false. */
579 bool
580 ipv6_parse(const char *s, struct in6_addr *ip)
581 {
582 return inet_pton(AF_INET6, s, ip) == 1;
583 }
584
585 /* Parses string 's', which must be an IPv6 address with an optional netmask or
586 * CIDR prefix length. Stores the IPv6 address into '*ip' and the netmask into
587 * '*mask' (if 's' does not contain a netmask, all-one-bits is assumed), and
588 * number of scanned characters into '*n'.
589 *
590 * Returns NULL if successful, otherwise an error message that the caller must
591 * free(). */
592 char * OVS_WARN_UNUSED_RESULT
593 ipv6_parse_masked_len(const char *s, int *n, struct in6_addr *ip,
594 struct in6_addr *mask)
595 {
596 char ipv6_s[IPV6_SCAN_LEN + 1];
597 int prefix;
598
599 if (ovs_scan_len(s, n, " "IPV6_SCAN_FMT, ipv6_s)
600 && ipv6_parse(ipv6_s, ip)) {
601 if (ovs_scan_len(s, n, "/%d", &prefix)) {
602 if (prefix < 0 || prefix > 128) {
603 return xasprintf("%s: IPv6 network prefix bits not between 0 "
604 "and 128, inclusive", s);
605 }
606 *mask = ipv6_create_mask(prefix);
607 } else if (ovs_scan_len(s, n, "/"IPV6_SCAN_FMT, ipv6_s)) {
608 if (!ipv6_parse(ipv6_s, mask)) {
609 return xasprintf("%s: Invalid IPv6 mask", s);
610 }
611 /* OK. */
612 } else {
613 /* OK. No mask. */
614 *mask = in6addr_exact;
615 }
616 return NULL;
617 }
618 return xasprintf("%s: invalid IPv6 address", s);
619 }
620
621 /* This function is similar to ipv6_parse_masked_len(), but doesn't return the
622 * number of scanned characters and expects 's' to end following the
623 * ipv6/(optional) mask. */
624 char * OVS_WARN_UNUSED_RESULT
625 ipv6_parse_masked(const char *s, struct in6_addr *ip, struct in6_addr *mask)
626 {
627 int n = 0;
628
629 char *error = ipv6_parse_masked_len(s, &n, ip, mask);
630 if (!error && s[n]) {
631 return xasprintf("%s: invalid IPv6 address", s);
632 }
633 return error;
634 }
635
636 /* Similar to ipv6_parse_masked_len(), but the mask, if present, must be a CIDR
637 * mask and is returned as a prefix length in '*plen'. */
638 char * OVS_WARN_UNUSED_RESULT
639 ipv6_parse_cidr_len(const char *s, int *n, struct in6_addr *ip,
640 unsigned int *plen)
641 {
642 struct in6_addr mask;
643 char *error;
644
645 error = ipv6_parse_masked_len(s, n, ip, &mask);
646 if (error) {
647 return error;
648 }
649
650 if (!ipv6_is_cidr(&mask)) {
651 return xasprintf("%s: IPv6 CIDR network required", s);
652 }
653 *plen = ipv6_count_cidr_bits(&mask);
654 return NULL;
655 }
656
657 /* Similar to ipv6_parse_cidr_len(), but doesn't return the number of scanned
658 * characters and expects 's' to end after the ipv6/(optional) cidr. */
659 char * OVS_WARN_UNUSED_RESULT
660 ipv6_parse_cidr(const char *s, struct in6_addr *ip, unsigned int *plen)
661 {
662 int n = 0;
663
664 char *error = ipv6_parse_cidr_len(s, &n, ip, plen);
665 if (!error && s[n]) {
666 return xasprintf("%s: invalid IPv6 address", s);
667 }
668 return error;
669 }
670
671 /* Stores the string representation of the IPv6 address 'addr' into the
672 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
673 * bytes long. */
674 void
675 ipv6_format_addr(const struct in6_addr *addr, struct ds *s)
676 {
677 char *dst;
678
679 ds_reserve(s, s->length + INET6_ADDRSTRLEN);
680
681 dst = s->string + s->length;
682 inet_ntop(AF_INET6, addr, dst, INET6_ADDRSTRLEN);
683 s->length += strlen(dst);
684 }
685
686 /* Same as print_ipv6_addr, but optionally encloses the address in square
687 * brackets. */
688 void
689 ipv6_format_addr_bracket(const struct in6_addr *addr, struct ds *s,
690 bool bracket)
691 {
692 if (bracket) {
693 ds_put_char(s, '[');
694 }
695 ipv6_format_addr(addr, s);
696 if (bracket) {
697 ds_put_char(s, ']');
698 }
699 }
700
701 void
702 ipv6_format_mapped(const struct in6_addr *addr, struct ds *s)
703 {
704 if (IN6_IS_ADDR_V4MAPPED(addr)) {
705 ds_put_format(s, IP_FMT, addr->s6_addr[12], addr->s6_addr[13],
706 addr->s6_addr[14], addr->s6_addr[15]);
707 } else {
708 ipv6_format_addr(addr, s);
709 }
710 }
711
712 void
713 ipv6_format_masked(const struct in6_addr *addr, const struct in6_addr *mask,
714 struct ds *s)
715 {
716 ipv6_format_addr(addr, s);
717 if (mask && !ipv6_mask_is_exact(mask)) {
718 if (ipv6_is_cidr(mask)) {
719 int cidr_bits = ipv6_count_cidr_bits(mask);
720 ds_put_format(s, "/%d", cidr_bits);
721 } else {
722 ds_put_char(s, '/');
723 ipv6_format_addr(mask, s);
724 }
725 }
726 }
727
728 /* Stores the string representation of the IPv6 address 'addr' into the
729 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
730 * bytes long. If addr is IPv4-mapped, store an IPv4 dotted-decimal string. */
731 const char *
732 ipv6_string_mapped(char *addr_str, const struct in6_addr *addr)
733 {
734 ovs_be32 ip;
735 ip = in6_addr_get_mapped_ipv4(addr);
736 if (ip) {
737 return inet_ntop(AF_INET, &ip, addr_str, INET6_ADDRSTRLEN);
738 } else {
739 return inet_ntop(AF_INET6, addr, addr_str, INET6_ADDRSTRLEN);
740 }
741 }
742
743 #ifdef s6_addr32
744 #define s6_addrX s6_addr32
745 #define IPV6_FOR_EACH(VAR) for (int VAR = 0; VAR < 4; VAR++)
746 #else
747 #define s6_addrX s6_addr
748 #define IPV6_FOR_EACH(VAR) for (int VAR = 0; VAR < 16; VAR++)
749 #endif
750
751 struct in6_addr
752 ipv6_addr_bitand(const struct in6_addr *a, const struct in6_addr *b)
753 {
754 struct in6_addr dst;
755 IPV6_FOR_EACH (i) {
756 dst.s6_addrX[i] = a->s6_addrX[i] & b->s6_addrX[i];
757 }
758 return dst;
759 }
760
761 struct in6_addr
762 ipv6_addr_bitxor(const struct in6_addr *a, const struct in6_addr *b)
763 {
764 struct in6_addr dst;
765 IPV6_FOR_EACH (i) {
766 dst.s6_addrX[i] = a->s6_addrX[i] ^ b->s6_addrX[i];
767 }
768 return dst;
769 }
770
771 bool
772 ipv6_is_zero(const struct in6_addr *a)
773 {
774 IPV6_FOR_EACH (i) {
775 if (a->s6_addrX[i]) {
776 return false;
777 }
778 }
779 return true;
780 }
781
782 /* Returns an in6_addr consisting of 'mask' high-order 1-bits and 128-N
783 * low-order 0-bits. */
784 struct in6_addr
785 ipv6_create_mask(int mask)
786 {
787 struct in6_addr netmask;
788 uint8_t *netmaskp = &netmask.s6_addr[0];
789
790 memset(&netmask, 0, sizeof netmask);
791 while (mask > 8) {
792 *netmaskp = 0xff;
793 netmaskp++;
794 mask -= 8;
795 }
796
797 if (mask) {
798 *netmaskp = 0xff << (8 - mask);
799 }
800
801 return netmask;
802 }
803
804 /* Given the IPv6 netmask 'netmask', returns the number of bits of the IPv6
805 * address that it specifies, that is, the number of 1-bits in 'netmask'.
806 * 'netmask' must be a CIDR netmask (see ipv6_is_cidr()).
807 *
808 * If 'netmask' is not a CIDR netmask (see ipv6_is_cidr()), the return value
809 * will still be in the valid range but isn't otherwise meaningful. */
810 int
811 ipv6_count_cidr_bits(const struct in6_addr *netmask)
812 {
813 int i;
814 int count = 0;
815 const uint8_t *netmaskp = &netmask->s6_addr[0];
816
817 for (i=0; i<16; i++) {
818 if (netmaskp[i] == 0xff) {
819 count += 8;
820 } else {
821 uint8_t nm;
822
823 for(nm = netmaskp[i]; nm; nm <<= 1) {
824 count++;
825 }
826 break;
827 }
828
829 }
830
831 return count;
832 }
833
834 /* Returns true if 'netmask' is a CIDR netmask, that is, if it consists of N
835 * high-order 1-bits and 128-N low-order 0-bits. */
836 bool
837 ipv6_is_cidr(const struct in6_addr *netmask)
838 {
839 const uint8_t *netmaskp = &netmask->s6_addr[0];
840 int i;
841
842 for (i=0; i<16; i++) {
843 if (netmaskp[i] != 0xff) {
844 uint8_t x = ~netmaskp[i];
845 if (x & (x + 1)) {
846 return false;
847 }
848 while (++i < 16) {
849 if (netmaskp[i]) {
850 return false;
851 }
852 }
853 }
854 }
855
856 return true;
857 }
858
859 /* Populates 'b' with an Ethernet II packet headed with the given 'eth_dst',
860 * 'eth_src' and 'eth_type' parameters. A payload of 'size' bytes is allocated
861 * in 'b' and returned. This payload may be populated with appropriate
862 * information by the caller. Sets 'b''s 'frame' pointer and 'l3' offset to
863 * the Ethernet header and payload respectively. Aligns b->l3 on a 32-bit
864 * boundary.
865 *
866 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
867 * desired. */
868 void *
869 eth_compose(struct dp_packet *b, const struct eth_addr eth_dst,
870 const struct eth_addr eth_src, uint16_t eth_type,
871 size_t size)
872 {
873 void *data;
874 struct eth_header *eth;
875
876 dp_packet_clear(b);
877
878 /* The magic 2 here ensures that the L3 header (when it is added later)
879 * will be 32-bit aligned. */
880 dp_packet_prealloc_tailroom(b, 2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + size);
881 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
882 eth = dp_packet_put_uninit(b, ETH_HEADER_LEN);
883 data = dp_packet_put_zeros(b, size);
884
885 eth->eth_dst = eth_dst;
886 eth->eth_src = eth_src;
887 eth->eth_type = htons(eth_type);
888
889 b->packet_type = htonl(PT_ETH);
890 dp_packet_reset_offsets(b);
891 dp_packet_set_l3(b, data);
892
893 return data;
894 }
895
896 void
897 packet_set_ipv4_addr(struct dp_packet *packet,
898 ovs_16aligned_be32 *addr, ovs_be32 new_addr)
899 {
900 struct ip_header *nh = dp_packet_l3(packet);
901 ovs_be32 old_addr = get_16aligned_be32(addr);
902 size_t l4_size = dp_packet_l4_size(packet);
903
904 if (nh->ip_proto == IPPROTO_TCP && l4_size >= TCP_HEADER_LEN) {
905 struct tcp_header *th = dp_packet_l4(packet);
906
907 th->tcp_csum = recalc_csum32(th->tcp_csum, old_addr, new_addr);
908 } else if (nh->ip_proto == IPPROTO_UDP && l4_size >= UDP_HEADER_LEN ) {
909 struct udp_header *uh = dp_packet_l4(packet);
910
911 if (uh->udp_csum) {
912 uh->udp_csum = recalc_csum32(uh->udp_csum, old_addr, new_addr);
913 if (!uh->udp_csum) {
914 uh->udp_csum = htons(0xffff);
915 }
916 }
917 }
918 nh->ip_csum = recalc_csum32(nh->ip_csum, old_addr, new_addr);
919 put_16aligned_be32(addr, new_addr);
920 }
921
922 /* Returns true, if packet contains at least one routing header where
923 * segements_left > 0.
924 *
925 * This function assumes that L3 and L4 offsets are set in the packet. */
926 static bool
927 packet_rh_present(struct dp_packet *packet, uint8_t *nexthdr)
928 {
929 const struct ovs_16aligned_ip6_hdr *nh;
930 size_t len;
931 size_t remaining;
932 uint8_t *data = dp_packet_l3(packet);
933
934 remaining = packet->l4_ofs - packet->l3_ofs;
935 if (remaining < sizeof *nh) {
936 return false;
937 }
938 nh = ALIGNED_CAST(struct ovs_16aligned_ip6_hdr *, data);
939 data += sizeof *nh;
940 remaining -= sizeof *nh;
941 *nexthdr = nh->ip6_nxt;
942
943 while (1) {
944 if ((*nexthdr != IPPROTO_HOPOPTS)
945 && (*nexthdr != IPPROTO_ROUTING)
946 && (*nexthdr != IPPROTO_DSTOPTS)
947 && (*nexthdr != IPPROTO_AH)
948 && (*nexthdr != IPPROTO_FRAGMENT)) {
949 /* It's either a terminal header (e.g., TCP, UDP) or one we
950 * don't understand. In either case, we're done with the
951 * packet, so use it to fill in 'nw_proto'. */
952 break;
953 }
954
955 /* We only verify that at least 8 bytes of the next header are
956 * available, but many of these headers are longer. Ensure that
957 * accesses within the extension header are within those first 8
958 * bytes. All extension headers are required to be at least 8
959 * bytes. */
960 if (remaining < 8) {
961 return false;
962 }
963
964 if (*nexthdr == IPPROTO_AH) {
965 /* A standard AH definition isn't available, but the fields
966 * we care about are in the same location as the generic
967 * option header--only the header length is calculated
968 * differently. */
969 const struct ip6_ext *ext_hdr = (struct ip6_ext *)data;
970
971 *nexthdr = ext_hdr->ip6e_nxt;
972 len = (ext_hdr->ip6e_len + 2) * 4;
973 } else if (*nexthdr == IPPROTO_FRAGMENT) {
974 const struct ovs_16aligned_ip6_frag *frag_hdr
975 = ALIGNED_CAST(struct ovs_16aligned_ip6_frag *, data);
976
977 *nexthdr = frag_hdr->ip6f_nxt;
978 len = sizeof *frag_hdr;
979 } else if (*nexthdr == IPPROTO_ROUTING) {
980 const struct ip6_rthdr *rh = (struct ip6_rthdr *)data;
981
982 if (rh->ip6r_segleft > 0) {
983 return true;
984 }
985
986 *nexthdr = rh->ip6r_nxt;
987 len = (rh->ip6r_len + 1) * 8;
988 } else {
989 const struct ip6_ext *ext_hdr = (struct ip6_ext *)data;
990
991 *nexthdr = ext_hdr->ip6e_nxt;
992 len = (ext_hdr->ip6e_len + 1) * 8;
993 }
994
995 if (remaining < len) {
996 return false;
997 }
998 remaining -= len;
999 data += len;
1000 }
1001
1002 return false;
1003 }
1004
1005 static void
1006 packet_update_csum128(struct dp_packet *packet, uint8_t proto,
1007 ovs_16aligned_be32 addr[4],
1008 const struct in6_addr *new_addr)
1009 {
1010 size_t l4_size = dp_packet_l4_size(packet);
1011
1012 if (proto == IPPROTO_TCP && l4_size >= TCP_HEADER_LEN) {
1013 struct tcp_header *th = dp_packet_l4(packet);
1014
1015 th->tcp_csum = recalc_csum128(th->tcp_csum, addr, new_addr);
1016 } else if (proto == IPPROTO_UDP && l4_size >= UDP_HEADER_LEN) {
1017 struct udp_header *uh = dp_packet_l4(packet);
1018
1019 if (uh->udp_csum) {
1020 uh->udp_csum = recalc_csum128(uh->udp_csum, addr, new_addr);
1021 if (!uh->udp_csum) {
1022 uh->udp_csum = htons(0xffff);
1023 }
1024 }
1025 } else if (proto == IPPROTO_ICMPV6 &&
1026 l4_size >= sizeof(struct icmp6_header)) {
1027 struct icmp6_header *icmp = dp_packet_l4(packet);
1028
1029 icmp->icmp6_cksum = recalc_csum128(icmp->icmp6_cksum, addr, new_addr);
1030 }
1031 }
1032
1033 void
1034 packet_set_ipv6_addr(struct dp_packet *packet, uint8_t proto,
1035 ovs_16aligned_be32 addr[4],
1036 const struct in6_addr *new_addr,
1037 bool recalculate_csum)
1038 {
1039 if (recalculate_csum) {
1040 packet_update_csum128(packet, proto, addr, new_addr);
1041 }
1042 memcpy(addr, new_addr, sizeof(ovs_be32[4]));
1043 }
1044
1045 static void
1046 packet_set_ipv6_flow_label(ovs_16aligned_be32 *flow_label, ovs_be32 flow_key)
1047 {
1048 ovs_be32 old_label = get_16aligned_be32(flow_label);
1049 ovs_be32 new_label = (old_label & htonl(~IPV6_LABEL_MASK)) | flow_key;
1050 put_16aligned_be32(flow_label, new_label);
1051 }
1052
1053 static void
1054 packet_set_ipv6_tc(ovs_16aligned_be32 *flow_label, uint8_t tc)
1055 {
1056 ovs_be32 old_label = get_16aligned_be32(flow_label);
1057 ovs_be32 new_label = (old_label & htonl(0xF00FFFFF)) | htonl(tc << 20);
1058 put_16aligned_be32(flow_label, new_label);
1059 }
1060
1061 /* Modifies the IPv4 header fields of 'packet' to be consistent with 'src',
1062 * 'dst', 'tos', and 'ttl'. Updates 'packet''s L4 checksums as appropriate.
1063 * 'packet' must contain a valid IPv4 packet with correctly populated l[347]
1064 * markers. */
1065 void
1066 packet_set_ipv4(struct dp_packet *packet, ovs_be32 src, ovs_be32 dst,
1067 uint8_t tos, uint8_t ttl)
1068 {
1069 struct ip_header *nh = dp_packet_l3(packet);
1070
1071 if (get_16aligned_be32(&nh->ip_src) != src) {
1072 packet_set_ipv4_addr(packet, &nh->ip_src, src);
1073 }
1074
1075 if (get_16aligned_be32(&nh->ip_dst) != dst) {
1076 packet_set_ipv4_addr(packet, &nh->ip_dst, dst);
1077 }
1078
1079 if (nh->ip_tos != tos) {
1080 uint8_t *field = &nh->ip_tos;
1081
1082 nh->ip_csum = recalc_csum16(nh->ip_csum, htons((uint16_t) *field),
1083 htons((uint16_t) tos));
1084 *field = tos;
1085 }
1086
1087 if (nh->ip_ttl != ttl) {
1088 uint8_t *field = &nh->ip_ttl;
1089
1090 nh->ip_csum = recalc_csum16(nh->ip_csum, htons(*field << 8),
1091 htons(ttl << 8));
1092 *field = ttl;
1093 }
1094 }
1095
1096 /* Modifies the IPv6 header fields of 'packet' to be consistent with 'src',
1097 * 'dst', 'traffic class', and 'next hop'. Updates 'packet''s L4 checksums as
1098 * appropriate. 'packet' must contain a valid IPv6 packet with correctly
1099 * populated l[34] offsets. */
1100 void
1101 packet_set_ipv6(struct dp_packet *packet, const struct in6_addr *src,
1102 const struct in6_addr *dst, uint8_t key_tc, ovs_be32 key_fl,
1103 uint8_t key_hl)
1104 {
1105 struct ovs_16aligned_ip6_hdr *nh = dp_packet_l3(packet);
1106 uint8_t proto = 0;
1107 bool rh_present;
1108
1109 rh_present = packet_rh_present(packet, &proto);
1110
1111 if (memcmp(&nh->ip6_src, src, sizeof(ovs_be32[4]))) {
1112 packet_set_ipv6_addr(packet, proto, nh->ip6_src.be32, src, true);
1113 }
1114
1115 if (memcmp(&nh->ip6_dst, dst, sizeof(ovs_be32[4]))) {
1116 packet_set_ipv6_addr(packet, proto, nh->ip6_dst.be32, dst,
1117 !rh_present);
1118 }
1119
1120 packet_set_ipv6_tc(&nh->ip6_flow, key_tc);
1121 packet_set_ipv6_flow_label(&nh->ip6_flow, key_fl);
1122 nh->ip6_hlim = key_hl;
1123 }
1124
1125 static void
1126 packet_set_port(ovs_be16 *port, ovs_be16 new_port, ovs_be16 *csum)
1127 {
1128 if (*port != new_port) {
1129 *csum = recalc_csum16(*csum, *port, new_port);
1130 *port = new_port;
1131 }
1132 }
1133
1134 /* Sets the TCP source and destination port ('src' and 'dst' respectively) of
1135 * the TCP header contained in 'packet'. 'packet' must be a valid TCP packet
1136 * with its l4 offset properly populated. */
1137 void
1138 packet_set_tcp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
1139 {
1140 struct tcp_header *th = dp_packet_l4(packet);
1141
1142 packet_set_port(&th->tcp_src, src, &th->tcp_csum);
1143 packet_set_port(&th->tcp_dst, dst, &th->tcp_csum);
1144 }
1145
1146 /* Sets the UDP source and destination port ('src' and 'dst' respectively) of
1147 * the UDP header contained in 'packet'. 'packet' must be a valid UDP packet
1148 * with its l4 offset properly populated. */
1149 void
1150 packet_set_udp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
1151 {
1152 struct udp_header *uh = dp_packet_l4(packet);
1153
1154 if (uh->udp_csum) {
1155 packet_set_port(&uh->udp_src, src, &uh->udp_csum);
1156 packet_set_port(&uh->udp_dst, dst, &uh->udp_csum);
1157
1158 if (!uh->udp_csum) {
1159 uh->udp_csum = htons(0xffff);
1160 }
1161 } else {
1162 uh->udp_src = src;
1163 uh->udp_dst = dst;
1164 }
1165 }
1166
1167 /* Sets the SCTP source and destination port ('src' and 'dst' respectively) of
1168 * the SCTP header contained in 'packet'. 'packet' must be a valid SCTP packet
1169 * with its l4 offset properly populated. */
1170 void
1171 packet_set_sctp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
1172 {
1173 struct sctp_header *sh = dp_packet_l4(packet);
1174 ovs_be32 old_csum, old_correct_csum, new_csum;
1175 uint16_t tp_len = dp_packet_l4_size(packet);
1176
1177 old_csum = get_16aligned_be32(&sh->sctp_csum);
1178 put_16aligned_be32(&sh->sctp_csum, 0);
1179 old_correct_csum = crc32c((void *)sh, tp_len);
1180
1181 sh->sctp_src = src;
1182 sh->sctp_dst = dst;
1183
1184 new_csum = crc32c((void *)sh, tp_len);
1185 put_16aligned_be32(&sh->sctp_csum, old_csum ^ old_correct_csum ^ new_csum);
1186 }
1187
1188 /* Sets the ICMP type and code of the ICMP header contained in 'packet'.
1189 * 'packet' must be a valid ICMP packet with its l4 offset properly
1190 * populated. */
1191 void
1192 packet_set_icmp(struct dp_packet *packet, uint8_t type, uint8_t code)
1193 {
1194 struct icmp_header *ih = dp_packet_l4(packet);
1195 ovs_be16 orig_tc = htons(ih->icmp_type << 8 | ih->icmp_code);
1196 ovs_be16 new_tc = htons(type << 8 | code);
1197
1198 if (orig_tc != new_tc) {
1199 ih->icmp_type = type;
1200 ih->icmp_code = code;
1201
1202 ih->icmp_csum = recalc_csum16(ih->icmp_csum, orig_tc, new_tc);
1203 }
1204 }
1205
1206 void
1207 packet_set_nd(struct dp_packet *packet, const struct in6_addr *target,
1208 const struct eth_addr sll, const struct eth_addr tll)
1209 {
1210 struct ovs_nd_msg *ns;
1211 struct ovs_nd_lla_opt *opt;
1212 int bytes_remain = dp_packet_l4_size(packet);
1213
1214 if (OVS_UNLIKELY(bytes_remain < sizeof(*ns))) {
1215 return;
1216 }
1217
1218 ns = dp_packet_l4(packet);
1219 opt = &ns->options[0];
1220 bytes_remain -= sizeof(*ns);
1221
1222 if (memcmp(&ns->target, target, sizeof(ovs_be32[4]))) {
1223 packet_set_ipv6_addr(packet, IPPROTO_ICMPV6, ns->target.be32, target,
1224 true);
1225 }
1226
1227 while (bytes_remain >= ND_LLA_OPT_LEN && opt->len != 0) {
1228 if (opt->type == ND_OPT_SOURCE_LINKADDR && opt->len == 1) {
1229 if (!eth_addr_equals(opt->mac, sll)) {
1230 ovs_be16 *csum = &(ns->icmph.icmp6_cksum);
1231
1232 *csum = recalc_csum48(*csum, opt->mac, sll);
1233 opt->mac = sll;
1234 }
1235
1236 /* A packet can only contain one SLL or TLL option */
1237 break;
1238 } else if (opt->type == ND_OPT_TARGET_LINKADDR && opt->len == 1) {
1239 if (!eth_addr_equals(opt->mac, tll)) {
1240 ovs_be16 *csum = &(ns->icmph.icmp6_cksum);
1241
1242 *csum = recalc_csum48(*csum, opt->mac, tll);
1243 opt->mac = tll;
1244 }
1245
1246 /* A packet can only contain one SLL or TLL option */
1247 break;
1248 }
1249
1250 opt += opt->len;
1251 bytes_remain -= opt->len * ND_LLA_OPT_LEN;
1252 }
1253 }
1254
1255 const char *
1256 packet_tcp_flag_to_string(uint32_t flag)
1257 {
1258 switch (flag) {
1259 case TCP_FIN:
1260 return "fin";
1261 case TCP_SYN:
1262 return "syn";
1263 case TCP_RST:
1264 return "rst";
1265 case TCP_PSH:
1266 return "psh";
1267 case TCP_ACK:
1268 return "ack";
1269 case TCP_URG:
1270 return "urg";
1271 case TCP_ECE:
1272 return "ece";
1273 case TCP_CWR:
1274 return "cwr";
1275 case TCP_NS:
1276 return "ns";
1277 case 0x200:
1278 return "[200]";
1279 case 0x400:
1280 return "[400]";
1281 case 0x800:
1282 return "[800]";
1283 default:
1284 return NULL;
1285 }
1286 }
1287
1288 /* Appends a string representation of the TCP flags value 'tcp_flags'
1289 * (e.g. from struct flow.tcp_flags or obtained via TCP_FLAGS) to 's', in the
1290 * format used by tcpdump. */
1291 void
1292 packet_format_tcp_flags(struct ds *s, uint16_t tcp_flags)
1293 {
1294 if (!tcp_flags) {
1295 ds_put_cstr(s, "none");
1296 return;
1297 }
1298
1299 if (tcp_flags & TCP_SYN) {
1300 ds_put_char(s, 'S');
1301 }
1302 if (tcp_flags & TCP_FIN) {
1303 ds_put_char(s, 'F');
1304 }
1305 if (tcp_flags & TCP_PSH) {
1306 ds_put_char(s, 'P');
1307 }
1308 if (tcp_flags & TCP_RST) {
1309 ds_put_char(s, 'R');
1310 }
1311 if (tcp_flags & TCP_URG) {
1312 ds_put_char(s, 'U');
1313 }
1314 if (tcp_flags & TCP_ACK) {
1315 ds_put_char(s, '.');
1316 }
1317 if (tcp_flags & TCP_ECE) {
1318 ds_put_cstr(s, "E");
1319 }
1320 if (tcp_flags & TCP_CWR) {
1321 ds_put_cstr(s, "C");
1322 }
1323 if (tcp_flags & TCP_NS) {
1324 ds_put_cstr(s, "N");
1325 }
1326 if (tcp_flags & 0x200) {
1327 ds_put_cstr(s, "[200]");
1328 }
1329 if (tcp_flags & 0x400) {
1330 ds_put_cstr(s, "[400]");
1331 }
1332 if (tcp_flags & 0x800) {
1333 ds_put_cstr(s, "[800]");
1334 }
1335 }
1336
1337 #define ARP_PACKET_SIZE (2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + \
1338 ARP_ETH_HEADER_LEN)
1339
1340 /* Clears 'b' and replaces its contents by an ARP frame with the specified
1341 * 'arp_op', 'arp_sha', 'arp_tha', 'arp_spa', and 'arp_tpa'. The outer
1342 * Ethernet frame is initialized with Ethernet source 'arp_sha' and destination
1343 * 'arp_tha', except that destination ff:ff:ff:ff:ff:ff is used instead if
1344 * 'broadcast' is true. Points the L3 header to the ARP header. */
1345 void
1346 compose_arp(struct dp_packet *b, uint16_t arp_op,
1347 const struct eth_addr arp_sha, const struct eth_addr arp_tha,
1348 bool broadcast, ovs_be32 arp_spa, ovs_be32 arp_tpa)
1349 {
1350 compose_arp__(b);
1351
1352 struct eth_header *eth = dp_packet_eth(b);
1353 eth->eth_dst = broadcast ? eth_addr_broadcast : arp_tha;
1354 eth->eth_src = arp_sha;
1355
1356 struct arp_eth_header *arp = dp_packet_l3(b);
1357 arp->ar_op = htons(arp_op);
1358 arp->ar_sha = arp_sha;
1359 arp->ar_tha = arp_tha;
1360 put_16aligned_be32(&arp->ar_spa, arp_spa);
1361 put_16aligned_be32(&arp->ar_tpa, arp_tpa);
1362 }
1363
1364 /* Clears 'b' and replaces its contents by an ARP frame. Sets the fields in
1365 * the Ethernet and ARP headers that are fixed for ARP frames to those fixed
1366 * values, and zeroes the other fields. Points the L3 header to the ARP
1367 * header. */
1368 void
1369 compose_arp__(struct dp_packet *b)
1370 {
1371 dp_packet_clear(b);
1372 dp_packet_prealloc_tailroom(b, ARP_PACKET_SIZE);
1373 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
1374
1375 struct eth_header *eth = dp_packet_put_zeros(b, sizeof *eth);
1376 eth->eth_type = htons(ETH_TYPE_ARP);
1377
1378 struct arp_eth_header *arp = dp_packet_put_zeros(b, sizeof *arp);
1379 arp->ar_hrd = htons(ARP_HRD_ETHERNET);
1380 arp->ar_pro = htons(ARP_PRO_IP);
1381 arp->ar_hln = sizeof arp->ar_sha;
1382 arp->ar_pln = sizeof arp->ar_spa;
1383
1384 dp_packet_reset_offsets(b);
1385 dp_packet_set_l3(b, arp);
1386
1387 b->packet_type = htonl(PT_ETH);
1388 }
1389
1390 /* This function expects packet with ethernet header with correct
1391 * l3 pointer set. */
1392 static void *
1393 compose_ipv6(struct dp_packet *packet, uint8_t proto,
1394 const struct in6_addr *src, const struct in6_addr *dst,
1395 uint8_t key_tc, ovs_be32 key_fl, uint8_t key_hl, int size)
1396 {
1397 struct ip6_hdr *nh;
1398 void *data;
1399
1400 nh = dp_packet_l3(packet);
1401 nh->ip6_vfc = 0x60;
1402 nh->ip6_nxt = proto;
1403 nh->ip6_plen = htons(size);
1404 data = dp_packet_put_zeros(packet, size);
1405 dp_packet_set_l4(packet, data);
1406 packet_set_ipv6(packet, src, dst, key_tc, key_fl, key_hl);
1407 return data;
1408 }
1409
1410 /* Compose an IPv6 Neighbor Discovery Neighbor Solicitation message. */
1411 void
1412 compose_nd_ns(struct dp_packet *b, const struct eth_addr eth_src,
1413 const struct in6_addr *ipv6_src, const struct in6_addr *ipv6_dst)
1414 {
1415 struct in6_addr sn_addr;
1416 struct eth_addr eth_dst;
1417 struct ovs_nd_msg *ns;
1418 struct ovs_nd_lla_opt *lla_opt;
1419 uint32_t icmp_csum;
1420
1421 in6_addr_solicited_node(&sn_addr, ipv6_dst);
1422 ipv6_multicast_to_ethernet(&eth_dst, &sn_addr);
1423
1424 eth_compose(b, eth_dst, eth_src, ETH_TYPE_IPV6, IPV6_HEADER_LEN);
1425 ns = compose_ipv6(b, IPPROTO_ICMPV6, ipv6_src, &sn_addr,
1426 0, 0, 255, ND_MSG_LEN + ND_LLA_OPT_LEN);
1427
1428 ns->icmph.icmp6_type = ND_NEIGHBOR_SOLICIT;
1429 ns->icmph.icmp6_code = 0;
1430 put_16aligned_be32(&ns->rso_flags, htonl(0));
1431
1432 lla_opt = &ns->options[0];
1433 lla_opt->type = ND_OPT_SOURCE_LINKADDR;
1434 lla_opt->len = 1;
1435
1436 packet_set_nd(b, ipv6_dst, eth_src, eth_addr_zero);
1437
1438 ns->icmph.icmp6_cksum = 0;
1439 icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1440 ns->icmph.icmp6_cksum = csum_finish(
1441 csum_continue(icmp_csum, ns, ND_MSG_LEN + ND_LLA_OPT_LEN));
1442 }
1443
1444 /* Compose an IPv6 Neighbor Discovery Neighbor Advertisement message. */
1445 void
1446 compose_nd_na(struct dp_packet *b,
1447 const struct eth_addr eth_src, const struct eth_addr eth_dst,
1448 const struct in6_addr *ipv6_src, const struct in6_addr *ipv6_dst,
1449 ovs_be32 rso_flags)
1450 {
1451 struct ovs_nd_msg *na;
1452 struct ovs_nd_lla_opt *lla_opt;
1453 uint32_t icmp_csum;
1454
1455 eth_compose(b, eth_dst, eth_src, ETH_TYPE_IPV6, IPV6_HEADER_LEN);
1456 na = compose_ipv6(b, IPPROTO_ICMPV6, ipv6_src, ipv6_dst,
1457 0, 0, 255, ND_MSG_LEN + ND_LLA_OPT_LEN);
1458
1459 na->icmph.icmp6_type = ND_NEIGHBOR_ADVERT;
1460 na->icmph.icmp6_code = 0;
1461 put_16aligned_be32(&na->rso_flags, rso_flags);
1462
1463 lla_opt = &na->options[0];
1464 lla_opt->type = ND_OPT_TARGET_LINKADDR;
1465 lla_opt->len = 1;
1466
1467 packet_set_nd(b, ipv6_src, eth_addr_zero, eth_src);
1468
1469 na->icmph.icmp6_cksum = 0;
1470 icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1471 na->icmph.icmp6_cksum = csum_finish(csum_continue(
1472 icmp_csum, na, ND_MSG_LEN + ND_LLA_OPT_LEN));
1473 }
1474
1475 /* Compose an IPv6 Neighbor Discovery Router Advertisement message with
1476 * Source Link-layer Address Option and MTU Option.
1477 * Caller can call packet_put_ra_prefix_opt to append Prefix Information
1478 * Options to composed messags in 'b'. */
1479 void
1480 compose_nd_ra(struct dp_packet *b,
1481 const struct eth_addr eth_src, const struct eth_addr eth_dst,
1482 const struct in6_addr *ipv6_src, const struct in6_addr *ipv6_dst,
1483 uint8_t cur_hop_limit, uint8_t mo_flags,
1484 ovs_be16 router_lt, ovs_be32 reachable_time,
1485 ovs_be32 retrans_timer, ovs_be32 mtu)
1486 {
1487 /* Don't compose Router Advertisement packet with MTU Option if mtu
1488 * value is 0. */
1489 bool with_mtu = mtu != 0;
1490 size_t mtu_opt_len = with_mtu ? ND_MTU_OPT_LEN : 0;
1491
1492 eth_compose(b, eth_dst, eth_src, ETH_TYPE_IPV6, IPV6_HEADER_LEN);
1493
1494 struct ovs_ra_msg *ra = compose_ipv6(
1495 b, IPPROTO_ICMPV6, ipv6_src, ipv6_dst, 0, 0, 255,
1496 RA_MSG_LEN + ND_LLA_OPT_LEN + mtu_opt_len);
1497 ra->icmph.icmp6_type = ND_ROUTER_ADVERT;
1498 ra->icmph.icmp6_code = 0;
1499 ra->cur_hop_limit = cur_hop_limit;
1500 ra->mo_flags = mo_flags;
1501 ra->router_lifetime = router_lt;
1502 ra->reachable_time = reachable_time;
1503 ra->retrans_timer = retrans_timer;
1504
1505 struct ovs_nd_lla_opt *lla_opt = ra->options;
1506 lla_opt->type = ND_OPT_SOURCE_LINKADDR;
1507 lla_opt->len = 1;
1508 lla_opt->mac = eth_src;
1509
1510 if (with_mtu) {
1511 /* ovs_nd_mtu_opt has the same size with ovs_nd_lla_opt. */
1512 struct ovs_nd_mtu_opt *mtu_opt
1513 = (struct ovs_nd_mtu_opt *)(lla_opt + 1);
1514 mtu_opt->type = ND_OPT_MTU;
1515 mtu_opt->len = 1;
1516 mtu_opt->reserved = 0;
1517 put_16aligned_be32(&mtu_opt->mtu, mtu);
1518 }
1519
1520 ra->icmph.icmp6_cksum = 0;
1521 uint32_t icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1522 ra->icmph.icmp6_cksum = csum_finish(csum_continue(
1523 icmp_csum, ra, RA_MSG_LEN + ND_LLA_OPT_LEN + mtu_opt_len));
1524 }
1525
1526 /* Append an IPv6 Neighbor Discovery Prefix Information option to a
1527 * Router Advertisement message. */
1528 void
1529 packet_put_ra_prefix_opt(struct dp_packet *b,
1530 uint8_t plen, uint8_t la_flags,
1531 ovs_be32 valid_lifetime, ovs_be32 preferred_lifetime,
1532 const ovs_be128 prefix)
1533 {
1534 size_t prev_l4_size = dp_packet_l4_size(b);
1535 struct ip6_hdr *nh = dp_packet_l3(b);
1536 nh->ip6_plen = htons(prev_l4_size + ND_PREFIX_OPT_LEN);
1537
1538 struct ovs_ra_msg *ra = dp_packet_l4(b);
1539 struct ovs_nd_prefix_opt *prefix_opt = dp_packet_put_uninit(b, sizeof *b);
1540 prefix_opt->type = ND_OPT_PREFIX_INFORMATION;
1541 prefix_opt->len = 4;
1542 prefix_opt->prefix_len = plen;
1543 prefix_opt->la_flags = la_flags;
1544 put_16aligned_be32(&prefix_opt->valid_lifetime, valid_lifetime);
1545 put_16aligned_be32(&prefix_opt->preferred_lifetime, preferred_lifetime);
1546 put_16aligned_be32(&prefix_opt->reserved, 0);
1547 memcpy(prefix_opt->prefix.be32, prefix.be32, sizeof(ovs_be32[4]));
1548
1549 ra->icmph.icmp6_cksum = 0;
1550 uint32_t icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1551 ra->icmph.icmp6_cksum = csum_finish(csum_continue(
1552 icmp_csum, ra, prev_l4_size + ND_PREFIX_OPT_LEN));
1553 }
1554
1555 uint32_t
1556 packet_csum_pseudoheader(const struct ip_header *ip)
1557 {
1558 uint32_t partial = 0;
1559
1560 partial = csum_add32(partial, get_16aligned_be32(&ip->ip_src));
1561 partial = csum_add32(partial, get_16aligned_be32(&ip->ip_dst));
1562 partial = csum_add16(partial, htons(ip->ip_proto));
1563 partial = csum_add16(partial, htons(ntohs(ip->ip_tot_len) -
1564 IP_IHL(ip->ip_ihl_ver) * 4));
1565
1566 return partial;
1567 }
1568
1569 #ifndef __CHECKER__
1570 uint32_t
1571 packet_csum_pseudoheader6(const struct ovs_16aligned_ip6_hdr *ip6)
1572 {
1573 uint32_t partial = 0;
1574
1575 partial = csum_continue(partial, &ip6->ip6_src, sizeof ip6->ip6_src);
1576 partial = csum_continue(partial, &ip6->ip6_dst, sizeof ip6->ip6_dst);
1577 partial = csum_add16(partial, htons(ip6->ip6_nxt));
1578 partial = csum_add16(partial, ip6->ip6_plen);
1579
1580 return partial;
1581 }
1582
1583 /* Calculate the IPv6 upper layer checksum according to RFC2460. We pass the
1584 ip6_nxt and ip6_plen values, so it will also work if extension headers
1585 are present. */
1586 uint16_t
1587 packet_csum_upperlayer6(const struct ovs_16aligned_ip6_hdr *ip6,
1588 const void *data, uint8_t l4_protocol,
1589 uint16_t l4_size)
1590 {
1591 uint32_t partial = 0;
1592
1593 partial = csum_continue(partial, &ip6->ip6_src, sizeof ip6->ip6_src);
1594 partial = csum_continue(partial, &ip6->ip6_dst, sizeof ip6->ip6_dst);
1595 partial = csum_add16(partial, htons(l4_protocol));
1596 partial = csum_add16(partial, htons(l4_size));
1597
1598 partial = csum_continue(partial, data, l4_size);
1599
1600 return csum_finish(partial);
1601 }
1602 #endif
1603
1604 void
1605 IP_ECN_set_ce(struct dp_packet *pkt, bool is_ipv6)
1606 {
1607 if (is_ipv6) {
1608 ovs_16aligned_be32 *ip6 = dp_packet_l3(pkt);
1609
1610 put_16aligned_be32(ip6, get_16aligned_be32(ip6) |
1611 htonl(IP_ECN_CE << 20));
1612 } else {
1613 struct ip_header *nh = dp_packet_l3(pkt);
1614 uint8_t tos = nh->ip_tos;
1615
1616 tos |= IP_ECN_CE;
1617 if (nh->ip_tos != tos) {
1618 nh->ip_csum = recalc_csum16(nh->ip_csum, htons(nh->ip_tos),
1619 htons((uint16_t) tos));
1620 nh->ip_tos = tos;
1621 }
1622 }
1623 }
openvswitch mirror