1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
#define PACKET_SIZE 64
#define GROUP_BITS 4
#define BUCKETS (1 << GROUP_BITS)
#define MAX_FIELDS 8 /* E.g. mac,mac,addr,addr,port,port */
#define ADDR_LEN 4
#define ADDR6_LEN 16
#define PORT_LEN 2
#define MAC_LEN 6
#ifdef __MATCH_AVX2
#ifdef __AVX2__
#define MATCH_AVX2
#else
#warning "AVX2 not supported, disabling"
#endif
#endif
#ifdef __MATCH_CTZL
#ifdef __GNUC__
#define MATCH_CTZL
#else
#warning "__builtin_ctzl() not supported, disabling"
#endif
#endif
/**
* enum desc_type - Types used in set description entries
* @KEY: Verdict key for packets matching entry
* @ADDR: IPv4 address
* @PORT: Generic 16-bit port
* @ADDR6: IPv6 address
* @MAC: MAC address
*/
enum desc_type {
KEY,
ADDR,
PORT,
ADDR6,
MAC,
};
/**
* enum set_ops - Operations used in set files
* @ADD: Add entry to set
* @LIST: List current set entries
* @DEL: Delete entry from set
*/
enum set_ops {
ADD,
LIST,
DEL,
};
/**
* struct desc_spec - Description of a single set specifier
* @label: Field name
* @type: Type of set field
* @len: Length of packet field to be matched, in bytes
* @offset: Field offset in packet, bytes
*/
struct desc_spec {
char *label;
enum desc_type type;
int len;
int offset;
};
/**
* struct desc - Description of a set
* @layout: Layout as array of field specifiers
* @fields: Number of fields
* @row_size: Size of binary data for one entry (input to pre-computation)
* @entries: Total number of set operations
* @data: Binary data for pre-computation, concatenation of structs below
*/
struct desc {
struct desc_spec *layout[MAX_FIELDS];
int fields;
int row_size;
int entries;
uint8_t *data;
};
/**
* struct addr - Represent an IPv4 address, range or mask (in set description)
* @start: Start of range, or address
* @end: End of range, zero for single addresses or masks
* @cidr: Mask length, 0 for ranges, 32 for single addresses
*/
struct addr {
uint32_t start;
uint32_t end;
uint8_t cidr;
};
/**
* struct addr6 - Represent an IPv6 address, range or mask (in set description)
* @start: Start of range, or address
* @end: End of range, zero for single addresses or masks
* @cidr: Mask length, 0 for ranges, 128 for single addresses
*/
struct addr6 {
uint32_t start[4];
uint32_t end[4];
uint8_t cidr;
};
/**
* struct port - Represent a port or port range (in set description)
* @start: Start of range, or single port number
* @end: End of range, zero for single port
*/
struct port {
uint16_t start;
uint16_t end;
};
/**
* struct mac - Represent a MAC address or range (in set description)
* @start: Start of range, or single MAC address
* @end: End of range, zero for single MAC address
*/
struct mac {
uint8_t start[6];
uint8_t end[6];
};
/**
* union map_bucket - Bucket in mapping table (algorithm steps 3.5, 3.6)
* @to: First rule number (in next field) this rule maps to
* @n: Number of rules (in next field) this rule maps to
* @key: If there's no next field, key this rule maps to
*/
union map_bucket {
struct {
uint32_t to:24;
uint32_t n:8;
};
uint32_t key;
};
|
