1 #include <linux/kernel.h>
2 #include <linux/skbuff.h>
3 #include <linux/export.h>
5 #include <linux/ipv6.h>
6 #include <linux/if_vlan.h>
11 #include <linux/igmp.h>
12 #include <linux/icmp.h>
13 #include <linux/sctp.h>
14 #include <linux/dccp.h>
15 #include <linux/if_tunnel.h>
16 #include <linux/if_pppox.h>
17 #include <linux/ppp_defs.h>
18 #include <linux/stddef.h>
19 #include <linux/if_ether.h>
20 #include <linux/mpls.h>
21 #include <net/flow_dissector.h>
22 #include <scsi/fc/fc_fcoe.h>
24 static void dissector_set_key(struct flow_dissector
*flow_dissector
,
25 enum flow_dissector_key_id key_id
)
27 flow_dissector
->used_keys
|= (1 << key_id
);
30 void skb_flow_dissector_init(struct flow_dissector
*flow_dissector
,
31 const struct flow_dissector_key
*key
,
32 unsigned int key_count
)
36 memset(flow_dissector
, 0, sizeof(*flow_dissector
));
38 for (i
= 0; i
< key_count
; i
++, key
++) {
39 /* User should make sure that every key target offset is withing
40 * boundaries of unsigned short.
42 BUG_ON(key
->offset
> USHRT_MAX
);
43 BUG_ON(dissector_uses_key(flow_dissector
,
46 dissector_set_key(flow_dissector
, key
->key_id
);
47 flow_dissector
->offset
[key
->key_id
] = key
->offset
;
50 /* Ensure that the dissector always includes control and basic key.
51 * That way we are able to avoid handling lack of these in fast path.
53 BUG_ON(!dissector_uses_key(flow_dissector
,
54 FLOW_DISSECTOR_KEY_CONTROL
));
55 BUG_ON(!dissector_uses_key(flow_dissector
,
56 FLOW_DISSECTOR_KEY_BASIC
));
58 EXPORT_SYMBOL(skb_flow_dissector_init
);
61 * skb_flow_get_be16 - extract be16 entity
62 * @skb: sk_buff to extract from
63 * @poff: offset to extract at
64 * @data: raw buffer pointer to the packet
65 * @hlen: packet header length
67 * The function will try to retrieve a be32 entity at
70 __be16
skb_flow_get_be16(const struct sk_buff
*skb
, int poff
, void *data
,
75 u
= __skb_header_pointer(skb
, poff
, sizeof(_u
), data
, hlen
, &_u
);
83 * __skb_flow_get_ports - extract the upper layer ports and return them
84 * @skb: sk_buff to extract the ports from
85 * @thoff: transport header offset
86 * @ip_proto: protocol for which to get port offset
87 * @data: raw buffer pointer to the packet, if NULL use skb->data
88 * @hlen: packet header length, if @data is NULL use skb_headlen(skb)
90 * The function will try to retrieve the ports at offset thoff + poff where poff
91 * is the protocol port offset returned from proto_ports_offset
93 __be32
__skb_flow_get_ports(const struct sk_buff
*skb
, int thoff
, u8 ip_proto
,
96 int poff
= proto_ports_offset(ip_proto
);
100 hlen
= skb_headlen(skb
);
104 __be32
*ports
, _ports
;
106 ports
= __skb_header_pointer(skb
, thoff
+ poff
,
107 sizeof(_ports
), data
, hlen
, &_ports
);
114 EXPORT_SYMBOL(__skb_flow_get_ports
);
117 * __skb_flow_dissect - extract the flow_keys struct and return it
118 * @skb: sk_buff to extract the flow from, can be NULL if the rest are specified
119 * @flow_dissector: list of keys to dissect
120 * @target_container: target structure to put dissected values into
121 * @data: raw buffer pointer to the packet, if NULL use skb->data
122 * @proto: protocol for which to get the flow, if @data is NULL use skb->protocol
123 * @nhoff: network header offset, if @data is NULL use skb_network_offset(skb)
124 * @hlen: packet header length, if @data is NULL use skb_headlen(skb)
126 * The function will try to retrieve individual keys into target specified
127 * by flow_dissector from either the skbuff or a raw buffer specified by the
130 * Caller must take care of zeroing target container memory.
132 bool __skb_flow_dissect(const struct sk_buff
*skb
,
133 struct flow_dissector
*flow_dissector
,
134 void *target_container
,
135 void *data
, __be16 proto
, int nhoff
, int hlen
,
138 struct flow_dissector_key_control
*key_control
;
139 struct flow_dissector_key_basic
*key_basic
;
140 struct flow_dissector_key_addrs
*key_addrs
;
141 struct flow_dissector_key_ports
*key_ports
;
142 struct flow_dissector_key_icmp
*key_icmp
;
143 struct flow_dissector_key_tags
*key_tags
;
144 struct flow_dissector_key_vlan
*key_vlan
;
145 struct flow_dissector_key_keyid
*key_keyid
;
146 bool skip_vlan
= false;
152 proto
= skb_vlan_tag_present(skb
) ?
153 skb
->vlan_proto
: skb
->protocol
;
154 nhoff
= skb_network_offset(skb
);
155 hlen
= skb_headlen(skb
);
158 /* It is ensured by skb_flow_dissector_init() that control key will
161 key_control
= skb_flow_dissector_target(flow_dissector
,
162 FLOW_DISSECTOR_KEY_CONTROL
,
165 /* It is ensured by skb_flow_dissector_init() that basic key will
168 key_basic
= skb_flow_dissector_target(flow_dissector
,
169 FLOW_DISSECTOR_KEY_BASIC
,
172 if (dissector_uses_key(flow_dissector
,
173 FLOW_DISSECTOR_KEY_ETH_ADDRS
)) {
174 struct ethhdr
*eth
= eth_hdr(skb
);
175 struct flow_dissector_key_eth_addrs
*key_eth_addrs
;
177 key_eth_addrs
= skb_flow_dissector_target(flow_dissector
,
178 FLOW_DISSECTOR_KEY_ETH_ADDRS
,
180 memcpy(key_eth_addrs
, ð
->h_dest
, sizeof(*key_eth_addrs
));
185 case htons(ETH_P_IP
): {
186 const struct iphdr
*iph
;
189 iph
= __skb_header_pointer(skb
, nhoff
, sizeof(_iph
), data
, hlen
, &_iph
);
190 if (!iph
|| iph
->ihl
< 5)
192 nhoff
+= iph
->ihl
* 4;
194 ip_proto
= iph
->protocol
;
196 if (dissector_uses_key(flow_dissector
,
197 FLOW_DISSECTOR_KEY_IPV4_ADDRS
)) {
198 key_addrs
= skb_flow_dissector_target(flow_dissector
,
199 FLOW_DISSECTOR_KEY_IPV4_ADDRS
,
202 memcpy(&key_addrs
->v4addrs
, &iph
->saddr
,
203 sizeof(key_addrs
->v4addrs
));
204 key_control
->addr_type
= FLOW_DISSECTOR_KEY_IPV4_ADDRS
;
207 if (ip_is_fragment(iph
)) {
208 key_control
->flags
|= FLOW_DIS_IS_FRAGMENT
;
210 if (iph
->frag_off
& htons(IP_OFFSET
)) {
213 key_control
->flags
|= FLOW_DIS_FIRST_FRAG
;
214 if (!(flags
& FLOW_DISSECTOR_F_PARSE_1ST_FRAG
))
219 if (flags
& FLOW_DISSECTOR_F_STOP_AT_L3
)
224 case htons(ETH_P_IPV6
): {
225 const struct ipv6hdr
*iph
;
229 iph
= __skb_header_pointer(skb
, nhoff
, sizeof(_iph
), data
, hlen
, &_iph
);
233 ip_proto
= iph
->nexthdr
;
234 nhoff
+= sizeof(struct ipv6hdr
);
236 if (dissector_uses_key(flow_dissector
,
237 FLOW_DISSECTOR_KEY_IPV6_ADDRS
)) {
238 key_addrs
= skb_flow_dissector_target(flow_dissector
,
239 FLOW_DISSECTOR_KEY_IPV6_ADDRS
,
242 memcpy(&key_addrs
->v6addrs
, &iph
->saddr
,
243 sizeof(key_addrs
->v6addrs
));
244 key_control
->addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
247 if ((dissector_uses_key(flow_dissector
,
248 FLOW_DISSECTOR_KEY_FLOW_LABEL
) ||
249 (flags
& FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL
)) &&
250 ip6_flowlabel(iph
)) {
251 __be32 flow_label
= ip6_flowlabel(iph
);
253 if (dissector_uses_key(flow_dissector
,
254 FLOW_DISSECTOR_KEY_FLOW_LABEL
)) {
255 key_tags
= skb_flow_dissector_target(flow_dissector
,
256 FLOW_DISSECTOR_KEY_FLOW_LABEL
,
258 key_tags
->flow_label
= ntohl(flow_label
);
260 if (flags
& FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL
)
264 if (flags
& FLOW_DISSECTOR_F_STOP_AT_L3
)
269 case htons(ETH_P_8021AD
):
270 case htons(ETH_P_8021Q
): {
271 const struct vlan_hdr
*vlan
;
272 struct vlan_hdr _vlan
;
273 bool vlan_tag_present
= skb
&& skb_vlan_tag_present(skb
);
275 if (vlan_tag_present
)
276 proto
= skb
->protocol
;
278 if (!vlan_tag_present
|| eth_type_vlan(skb
->protocol
)) {
279 vlan
= __skb_header_pointer(skb
, nhoff
, sizeof(_vlan
),
283 proto
= vlan
->h_vlan_encapsulated_proto
;
284 nhoff
+= sizeof(*vlan
);
290 if (dissector_uses_key(flow_dissector
,
291 FLOW_DISSECTOR_KEY_VLAN
)) {
292 key_vlan
= skb_flow_dissector_target(flow_dissector
,
293 FLOW_DISSECTOR_KEY_VLAN
,
296 if (vlan_tag_present
) {
297 key_vlan
->vlan_id
= skb_vlan_tag_get_id(skb
);
298 key_vlan
->vlan_priority
=
299 (skb_vlan_tag_get_prio(skb
) >> VLAN_PRIO_SHIFT
);
301 key_vlan
->vlan_id
= ntohs(vlan
->h_vlan_TCI
) &
303 key_vlan
->vlan_priority
=
304 (ntohs(vlan
->h_vlan_TCI
) &
305 VLAN_PRIO_MASK
) >> VLAN_PRIO_SHIFT
;
311 case htons(ETH_P_PPP_SES
): {
313 struct pppoe_hdr hdr
;
316 hdr
= __skb_header_pointer(skb
, nhoff
, sizeof(_hdr
), data
, hlen
, &_hdr
);
320 nhoff
+= PPPOE_SES_HLEN
;
324 case htons(PPP_IPV6
):
330 case htons(ETH_P_TIPC
): {
335 hdr
= __skb_header_pointer(skb
, nhoff
, sizeof(_hdr
), data
, hlen
, &_hdr
);
339 if (dissector_uses_key(flow_dissector
,
340 FLOW_DISSECTOR_KEY_TIPC_ADDRS
)) {
341 key_addrs
= skb_flow_dissector_target(flow_dissector
,
342 FLOW_DISSECTOR_KEY_TIPC_ADDRS
,
344 key_addrs
->tipcaddrs
.srcnode
= hdr
->srcnode
;
345 key_control
->addr_type
= FLOW_DISSECTOR_KEY_TIPC_ADDRS
;
350 case htons(ETH_P_MPLS_UC
):
351 case htons(ETH_P_MPLS_MC
): {
352 struct mpls_label
*hdr
, _hdr
[2];
354 hdr
= __skb_header_pointer(skb
, nhoff
, sizeof(_hdr
), data
,
359 if ((ntohl(hdr
[0].entry
) & MPLS_LS_LABEL_MASK
) >>
360 MPLS_LS_LABEL_SHIFT
== MPLS_LABEL_ENTROPY
) {
361 if (dissector_uses_key(flow_dissector
,
362 FLOW_DISSECTOR_KEY_MPLS_ENTROPY
)) {
363 key_keyid
= skb_flow_dissector_target(flow_dissector
,
364 FLOW_DISSECTOR_KEY_MPLS_ENTROPY
,
366 key_keyid
->keyid
= hdr
[1].entry
&
367 htonl(MPLS_LS_LABEL_MASK
);
376 case htons(ETH_P_FCOE
):
377 if ((hlen
- nhoff
) < FCOE_HEADER_LEN
)
380 nhoff
+= FCOE_HEADER_LEN
;
389 struct gre_base_hdr
*hdr
, _hdr
;
393 hdr
= __skb_header_pointer(skb
, nhoff
, sizeof(_hdr
), data
, hlen
, &_hdr
);
397 /* Only look inside GRE without routing */
398 if (hdr
->flags
& GRE_ROUTING
)
401 /* Only look inside GRE for version 0 and 1 */
402 gre_ver
= ntohs(hdr
->flags
& GRE_VERSION
);
406 proto
= hdr
->protocol
;
408 /* Version1 must be PPTP, and check the flags */
409 if (!(proto
== GRE_PROTO_PPP
&& (hdr
->flags
& GRE_KEY
)))
413 offset
+= sizeof(struct gre_base_hdr
);
415 if (hdr
->flags
& GRE_CSUM
)
416 offset
+= sizeof(((struct gre_full_hdr
*)0)->csum
) +
417 sizeof(((struct gre_full_hdr
*)0)->reserved1
);
419 if (hdr
->flags
& GRE_KEY
) {
423 keyid
= __skb_header_pointer(skb
, nhoff
+ offset
, sizeof(_keyid
),
424 data
, hlen
, &_keyid
);
428 if (dissector_uses_key(flow_dissector
,
429 FLOW_DISSECTOR_KEY_GRE_KEYID
)) {
430 key_keyid
= skb_flow_dissector_target(flow_dissector
,
431 FLOW_DISSECTOR_KEY_GRE_KEYID
,
434 key_keyid
->keyid
= *keyid
;
436 key_keyid
->keyid
= *keyid
& GRE_PPTP_KEY_MASK
;
438 offset
+= sizeof(((struct gre_full_hdr
*)0)->key
);
441 if (hdr
->flags
& GRE_SEQ
)
442 offset
+= sizeof(((struct pptp_gre_header
*)0)->seq
);
445 if (proto
== htons(ETH_P_TEB
)) {
446 const struct ethhdr
*eth
;
449 eth
= __skb_header_pointer(skb
, nhoff
+ offset
,
454 proto
= eth
->h_proto
;
455 offset
+= sizeof(*eth
);
457 /* Cap headers that we access via pointers at the
458 * end of the Ethernet header as our maximum alignment
459 * at that point is only 2 bytes.
462 hlen
= (nhoff
+ offset
);
464 } else { /* version 1, must be PPTP */
465 u8 _ppp_hdr
[PPP_HDRLEN
];
468 if (hdr
->flags
& GRE_ACK
)
469 offset
+= sizeof(((struct pptp_gre_header
*)0)->ack
);
471 ppp_hdr
= skb_header_pointer(skb
, nhoff
+ offset
,
472 sizeof(_ppp_hdr
), _ppp_hdr
);
476 switch (PPP_PROTOCOL(ppp_hdr
)) {
478 proto
= htons(ETH_P_IP
);
481 proto
= htons(ETH_P_IPV6
);
484 /* Could probably catch some more like MPLS */
488 offset
+= PPP_HDRLEN
;
492 key_control
->flags
|= FLOW_DIS_ENCAPSULATION
;
493 if (flags
& FLOW_DISSECTOR_F_STOP_AT_ENCAP
)
499 case NEXTHDR_ROUTING
:
501 u8 _opthdr
[2], *opthdr
;
503 if (proto
!= htons(ETH_P_IPV6
))
506 opthdr
= __skb_header_pointer(skb
, nhoff
, sizeof(_opthdr
),
507 data
, hlen
, &_opthdr
);
511 ip_proto
= opthdr
[0];
512 nhoff
+= (opthdr
[1] + 1) << 3;
516 case NEXTHDR_FRAGMENT
: {
517 struct frag_hdr _fh
, *fh
;
519 if (proto
!= htons(ETH_P_IPV6
))
522 fh
= __skb_header_pointer(skb
, nhoff
, sizeof(_fh
),
528 key_control
->flags
|= FLOW_DIS_IS_FRAGMENT
;
530 nhoff
+= sizeof(_fh
);
531 ip_proto
= fh
->nexthdr
;
533 if (!(fh
->frag_off
& htons(IP6_OFFSET
))) {
534 key_control
->flags
|= FLOW_DIS_FIRST_FRAG
;
535 if (flags
& FLOW_DISSECTOR_F_PARSE_1ST_FRAG
)
541 proto
= htons(ETH_P_IP
);
543 key_control
->flags
|= FLOW_DIS_ENCAPSULATION
;
544 if (flags
& FLOW_DISSECTOR_F_STOP_AT_ENCAP
)
549 proto
= htons(ETH_P_IPV6
);
551 key_control
->flags
|= FLOW_DIS_ENCAPSULATION
;
552 if (flags
& FLOW_DISSECTOR_F_STOP_AT_ENCAP
)
557 proto
= htons(ETH_P_MPLS_UC
);
563 if (dissector_uses_key(flow_dissector
,
564 FLOW_DISSECTOR_KEY_PORTS
)) {
565 key_ports
= skb_flow_dissector_target(flow_dissector
,
566 FLOW_DISSECTOR_KEY_PORTS
,
568 key_ports
->ports
= __skb_flow_get_ports(skb
, nhoff
, ip_proto
,
572 if (dissector_uses_key(flow_dissector
,
573 FLOW_DISSECTOR_KEY_ICMP
)) {
574 key_icmp
= skb_flow_dissector_target(flow_dissector
,
575 FLOW_DISSECTOR_KEY_ICMP
,
577 key_icmp
->icmp
= skb_flow_get_be16(skb
, nhoff
, data
, hlen
);
583 key_control
->thoff
= (u16
)nhoff
;
585 key_basic
->n_proto
= proto
;
586 key_basic
->ip_proto
= ip_proto
;
592 key_control
->thoff
= min_t(u16
, nhoff
, skb
? skb
->len
: hlen
);
595 EXPORT_SYMBOL(__skb_flow_dissect
);
597 static u32 hashrnd __read_mostly
;
598 static __always_inline
void __flow_hash_secret_init(void)
600 net_get_random_once(&hashrnd
, sizeof(hashrnd
));
603 static __always_inline u32
__flow_hash_words(const u32
*words
, u32 length
,
606 return jhash2(words
, length
, keyval
);
609 static inline const u32
*flow_keys_hash_start(const struct flow_keys
*flow
)
611 const void *p
= flow
;
613 BUILD_BUG_ON(FLOW_KEYS_HASH_OFFSET
% sizeof(u32
));
614 return (const u32
*)(p
+ FLOW_KEYS_HASH_OFFSET
);
617 static inline size_t flow_keys_hash_length(const struct flow_keys
*flow
)
619 size_t diff
= FLOW_KEYS_HASH_OFFSET
+ sizeof(flow
->addrs
);
620 BUILD_BUG_ON((sizeof(*flow
) - FLOW_KEYS_HASH_OFFSET
) % sizeof(u32
));
621 BUILD_BUG_ON(offsetof(typeof(*flow
), addrs
) !=
622 sizeof(*flow
) - sizeof(flow
->addrs
));
624 switch (flow
->control
.addr_type
) {
625 case FLOW_DISSECTOR_KEY_IPV4_ADDRS
:
626 diff
-= sizeof(flow
->addrs
.v4addrs
);
628 case FLOW_DISSECTOR_KEY_IPV6_ADDRS
:
629 diff
-= sizeof(flow
->addrs
.v6addrs
);
631 case FLOW_DISSECTOR_KEY_TIPC_ADDRS
:
632 diff
-= sizeof(flow
->addrs
.tipcaddrs
);
635 return (sizeof(*flow
) - diff
) / sizeof(u32
);
638 __be32
flow_get_u32_src(const struct flow_keys
*flow
)
640 switch (flow
->control
.addr_type
) {
641 case FLOW_DISSECTOR_KEY_IPV4_ADDRS
:
642 return flow
->addrs
.v4addrs
.src
;
643 case FLOW_DISSECTOR_KEY_IPV6_ADDRS
:
644 return (__force __be32
)ipv6_addr_hash(
645 &flow
->addrs
.v6addrs
.src
);
646 case FLOW_DISSECTOR_KEY_TIPC_ADDRS
:
647 return flow
->addrs
.tipcaddrs
.srcnode
;
652 EXPORT_SYMBOL(flow_get_u32_src
);
654 __be32
flow_get_u32_dst(const struct flow_keys
*flow
)
656 switch (flow
->control
.addr_type
) {
657 case FLOW_DISSECTOR_KEY_IPV4_ADDRS
:
658 return flow
->addrs
.v4addrs
.dst
;
659 case FLOW_DISSECTOR_KEY_IPV6_ADDRS
:
660 return (__force __be32
)ipv6_addr_hash(
661 &flow
->addrs
.v6addrs
.dst
);
666 EXPORT_SYMBOL(flow_get_u32_dst
);
668 static inline void __flow_hash_consistentify(struct flow_keys
*keys
)
672 switch (keys
->control
.addr_type
) {
673 case FLOW_DISSECTOR_KEY_IPV4_ADDRS
:
674 addr_diff
= (__force u32
)keys
->addrs
.v4addrs
.dst
-
675 (__force u32
)keys
->addrs
.v4addrs
.src
;
676 if ((addr_diff
< 0) ||
678 ((__force u16
)keys
->ports
.dst
<
679 (__force u16
)keys
->ports
.src
))) {
680 swap(keys
->addrs
.v4addrs
.src
, keys
->addrs
.v4addrs
.dst
);
681 swap(keys
->ports
.src
, keys
->ports
.dst
);
684 case FLOW_DISSECTOR_KEY_IPV6_ADDRS
:
685 addr_diff
= memcmp(&keys
->addrs
.v6addrs
.dst
,
686 &keys
->addrs
.v6addrs
.src
,
687 sizeof(keys
->addrs
.v6addrs
.dst
));
688 if ((addr_diff
< 0) ||
690 ((__force u16
)keys
->ports
.dst
<
691 (__force u16
)keys
->ports
.src
))) {
692 for (i
= 0; i
< 4; i
++)
693 swap(keys
->addrs
.v6addrs
.src
.s6_addr32
[i
],
694 keys
->addrs
.v6addrs
.dst
.s6_addr32
[i
]);
695 swap(keys
->ports
.src
, keys
->ports
.dst
);
701 static inline u32
__flow_hash_from_keys(struct flow_keys
*keys
, u32 keyval
)
705 __flow_hash_consistentify(keys
);
707 hash
= __flow_hash_words(flow_keys_hash_start(keys
),
708 flow_keys_hash_length(keys
), keyval
);
715 u32
flow_hash_from_keys(struct flow_keys
*keys
)
717 __flow_hash_secret_init();
718 return __flow_hash_from_keys(keys
, hashrnd
);
720 EXPORT_SYMBOL(flow_hash_from_keys
);
722 static inline u32
___skb_get_hash(const struct sk_buff
*skb
,
723 struct flow_keys
*keys
, u32 keyval
)
725 skb_flow_dissect_flow_keys(skb
, keys
,
726 FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL
);
728 return __flow_hash_from_keys(keys
, keyval
);
731 struct _flow_keys_digest_data
{
740 void make_flow_keys_digest(struct flow_keys_digest
*digest
,
741 const struct flow_keys
*flow
)
743 struct _flow_keys_digest_data
*data
=
744 (struct _flow_keys_digest_data
*)digest
;
746 BUILD_BUG_ON(sizeof(*data
) > sizeof(*digest
));
748 memset(digest
, 0, sizeof(*digest
));
750 data
->n_proto
= flow
->basic
.n_proto
;
751 data
->ip_proto
= flow
->basic
.ip_proto
;
752 data
->ports
= flow
->ports
.ports
;
753 data
->src
= flow
->addrs
.v4addrs
.src
;
754 data
->dst
= flow
->addrs
.v4addrs
.dst
;
756 EXPORT_SYMBOL(make_flow_keys_digest
);
758 static struct flow_dissector flow_keys_dissector_symmetric __read_mostly
;
760 u32
__skb_get_hash_symmetric(const struct sk_buff
*skb
)
762 struct flow_keys keys
;
764 __flow_hash_secret_init();
766 memset(&keys
, 0, sizeof(keys
));
767 __skb_flow_dissect(skb
, &flow_keys_dissector_symmetric
, &keys
,
769 FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL
);
771 return __flow_hash_from_keys(&keys
, hashrnd
);
773 EXPORT_SYMBOL_GPL(__skb_get_hash_symmetric
);
776 * __skb_get_hash: calculate a flow hash
777 * @skb: sk_buff to calculate flow hash from
779 * This function calculates a flow hash based on src/dst addresses
780 * and src/dst port numbers. Sets hash in skb to non-zero hash value
781 * on success, zero indicates no valid hash. Also, sets l4_hash in skb
782 * if hash is a canonical 4-tuple hash over transport ports.
784 void __skb_get_hash(struct sk_buff
*skb
)
786 struct flow_keys keys
;
789 __flow_hash_secret_init();
791 hash
= ___skb_get_hash(skb
, &keys
, hashrnd
);
793 __skb_set_sw_hash(skb
, hash
, flow_keys_have_l4(&keys
));
795 EXPORT_SYMBOL(__skb_get_hash
);
797 __u32
skb_get_hash_perturb(const struct sk_buff
*skb
, u32 perturb
)
799 struct flow_keys keys
;
801 return ___skb_get_hash(skb
, &keys
, perturb
);
803 EXPORT_SYMBOL(skb_get_hash_perturb
);
805 __u32
__skb_get_hash_flowi6(struct sk_buff
*skb
, const struct flowi6
*fl6
)
807 struct flow_keys keys
;
809 memset(&keys
, 0, sizeof(keys
));
811 memcpy(&keys
.addrs
.v6addrs
.src
, &fl6
->saddr
,
812 sizeof(keys
.addrs
.v6addrs
.src
));
813 memcpy(&keys
.addrs
.v6addrs
.dst
, &fl6
->daddr
,
814 sizeof(keys
.addrs
.v6addrs
.dst
));
815 keys
.control
.addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
816 keys
.ports
.src
= fl6
->fl6_sport
;
817 keys
.ports
.dst
= fl6
->fl6_dport
;
818 keys
.keyid
.keyid
= fl6
->fl6_gre_key
;
819 keys
.tags
.flow_label
= (__force u32
)fl6
->flowlabel
;
820 keys
.basic
.ip_proto
= fl6
->flowi6_proto
;
822 __skb_set_sw_hash(skb
, flow_hash_from_keys(&keys
),
823 flow_keys_have_l4(&keys
));
827 EXPORT_SYMBOL(__skb_get_hash_flowi6
);
829 __u32
__skb_get_hash_flowi4(struct sk_buff
*skb
, const struct flowi4
*fl4
)
831 struct flow_keys keys
;
833 memset(&keys
, 0, sizeof(keys
));
835 keys
.addrs
.v4addrs
.src
= fl4
->saddr
;
836 keys
.addrs
.v4addrs
.dst
= fl4
->daddr
;
837 keys
.control
.addr_type
= FLOW_DISSECTOR_KEY_IPV4_ADDRS
;
838 keys
.ports
.src
= fl4
->fl4_sport
;
839 keys
.ports
.dst
= fl4
->fl4_dport
;
840 keys
.keyid
.keyid
= fl4
->fl4_gre_key
;
841 keys
.basic
.ip_proto
= fl4
->flowi4_proto
;
843 __skb_set_sw_hash(skb
, flow_hash_from_keys(&keys
),
844 flow_keys_have_l4(&keys
));
848 EXPORT_SYMBOL(__skb_get_hash_flowi4
);
850 u32
__skb_get_poff(const struct sk_buff
*skb
, void *data
,
851 const struct flow_keys
*keys
, int hlen
)
853 u32 poff
= keys
->control
.thoff
;
855 /* skip L4 headers for fragments after the first */
856 if ((keys
->control
.flags
& FLOW_DIS_IS_FRAGMENT
) &&
857 !(keys
->control
.flags
& FLOW_DIS_FIRST_FRAG
))
860 switch (keys
->basic
.ip_proto
) {
862 /* access doff as u8 to avoid unaligned access */
866 doff
= __skb_header_pointer(skb
, poff
+ 12, sizeof(_doff
),
871 poff
+= max_t(u32
, sizeof(struct tcphdr
), (*doff
& 0xF0) >> 2);
875 case IPPROTO_UDPLITE
:
876 poff
+= sizeof(struct udphdr
);
878 /* For the rest, we do not really care about header
879 * extensions at this point for now.
882 poff
+= sizeof(struct icmphdr
);
885 poff
+= sizeof(struct icmp6hdr
);
888 poff
+= sizeof(struct igmphdr
);
891 poff
+= sizeof(struct dccp_hdr
);
894 poff
+= sizeof(struct sctphdr
);
902 * skb_get_poff - get the offset to the payload
903 * @skb: sk_buff to get the payload offset from
905 * The function will get the offset to the payload as far as it could
906 * be dissected. The main user is currently BPF, so that we can dynamically
907 * truncate packets without needing to push actual payload to the user
908 * space and can analyze headers only, instead.
910 u32
skb_get_poff(const struct sk_buff
*skb
)
912 struct flow_keys keys
;
914 if (!skb_flow_dissect_flow_keys(skb
, &keys
, 0))
917 return __skb_get_poff(skb
, skb
->data
, &keys
, skb_headlen(skb
));
920 __u32
__get_hash_from_flowi6(const struct flowi6
*fl6
, struct flow_keys
*keys
)
922 memset(keys
, 0, sizeof(*keys
));
924 memcpy(&keys
->addrs
.v6addrs
.src
, &fl6
->saddr
,
925 sizeof(keys
->addrs
.v6addrs
.src
));
926 memcpy(&keys
->addrs
.v6addrs
.dst
, &fl6
->daddr
,
927 sizeof(keys
->addrs
.v6addrs
.dst
));
928 keys
->control
.addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
929 keys
->ports
.src
= fl6
->fl6_sport
;
930 keys
->ports
.dst
= fl6
->fl6_dport
;
931 keys
->keyid
.keyid
= fl6
->fl6_gre_key
;
932 keys
->tags
.flow_label
= (__force u32
)fl6
->flowlabel
;
933 keys
->basic
.ip_proto
= fl6
->flowi6_proto
;
935 return flow_hash_from_keys(keys
);
937 EXPORT_SYMBOL(__get_hash_from_flowi6
);
939 __u32
__get_hash_from_flowi4(const struct flowi4
*fl4
, struct flow_keys
*keys
)
941 memset(keys
, 0, sizeof(*keys
));
943 keys
->addrs
.v4addrs
.src
= fl4
->saddr
;
944 keys
->addrs
.v4addrs
.dst
= fl4
->daddr
;
945 keys
->control
.addr_type
= FLOW_DISSECTOR_KEY_IPV4_ADDRS
;
946 keys
->ports
.src
= fl4
->fl4_sport
;
947 keys
->ports
.dst
= fl4
->fl4_dport
;
948 keys
->keyid
.keyid
= fl4
->fl4_gre_key
;
949 keys
->basic
.ip_proto
= fl4
->flowi4_proto
;
951 return flow_hash_from_keys(keys
);
953 EXPORT_SYMBOL(__get_hash_from_flowi4
);
955 static const struct flow_dissector_key flow_keys_dissector_keys
[] = {
957 .key_id
= FLOW_DISSECTOR_KEY_CONTROL
,
958 .offset
= offsetof(struct flow_keys
, control
),
961 .key_id
= FLOW_DISSECTOR_KEY_BASIC
,
962 .offset
= offsetof(struct flow_keys
, basic
),
965 .key_id
= FLOW_DISSECTOR_KEY_IPV4_ADDRS
,
966 .offset
= offsetof(struct flow_keys
, addrs
.v4addrs
),
969 .key_id
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
,
970 .offset
= offsetof(struct flow_keys
, addrs
.v6addrs
),
973 .key_id
= FLOW_DISSECTOR_KEY_TIPC_ADDRS
,
974 .offset
= offsetof(struct flow_keys
, addrs
.tipcaddrs
),
977 .key_id
= FLOW_DISSECTOR_KEY_PORTS
,
978 .offset
= offsetof(struct flow_keys
, ports
),
981 .key_id
= FLOW_DISSECTOR_KEY_VLAN
,
982 .offset
= offsetof(struct flow_keys
, vlan
),
985 .key_id
= FLOW_DISSECTOR_KEY_FLOW_LABEL
,
986 .offset
= offsetof(struct flow_keys
, tags
),
989 .key_id
= FLOW_DISSECTOR_KEY_GRE_KEYID
,
990 .offset
= offsetof(struct flow_keys
, keyid
),
994 static const struct flow_dissector_key flow_keys_dissector_symmetric_keys
[] = {
996 .key_id
= FLOW_DISSECTOR_KEY_CONTROL
,
997 .offset
= offsetof(struct flow_keys
, control
),
1000 .key_id
= FLOW_DISSECTOR_KEY_BASIC
,
1001 .offset
= offsetof(struct flow_keys
, basic
),
1004 .key_id
= FLOW_DISSECTOR_KEY_IPV4_ADDRS
,
1005 .offset
= offsetof(struct flow_keys
, addrs
.v4addrs
),
1008 .key_id
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
,
1009 .offset
= offsetof(struct flow_keys
, addrs
.v6addrs
),
1012 .key_id
= FLOW_DISSECTOR_KEY_PORTS
,
1013 .offset
= offsetof(struct flow_keys
, ports
),
1017 static const struct flow_dissector_key flow_keys_buf_dissector_keys
[] = {
1019 .key_id
= FLOW_DISSECTOR_KEY_CONTROL
,
1020 .offset
= offsetof(struct flow_keys
, control
),
1023 .key_id
= FLOW_DISSECTOR_KEY_BASIC
,
1024 .offset
= offsetof(struct flow_keys
, basic
),
1028 struct flow_dissector flow_keys_dissector __read_mostly
;
1029 EXPORT_SYMBOL(flow_keys_dissector
);
1031 struct flow_dissector flow_keys_buf_dissector __read_mostly
;
1033 static int __init
init_default_flow_dissectors(void)
1035 skb_flow_dissector_init(&flow_keys_dissector
,
1036 flow_keys_dissector_keys
,
1037 ARRAY_SIZE(flow_keys_dissector_keys
));
1038 skb_flow_dissector_init(&flow_keys_dissector_symmetric
,
1039 flow_keys_dissector_symmetric_keys
,
1040 ARRAY_SIZE(flow_keys_dissector_symmetric_keys
));
1041 skb_flow_dissector_init(&flow_keys_buf_dissector
,
1042 flow_keys_buf_dissector_keys
,
1043 ARRAY_SIZE(flow_keys_buf_dissector_keys
));
1047 core_initcall(init_default_flow_dissectors
);