#define MASK6(pfxlen) HTON128(~((((uint128_t)1) << (128 - pfxlen)) - 1))
#define MASK6_OFFS(offs, pfxlen) HTON128((~((((uint128_t)1) << (128 - pfxlen)) - 1)) & ((((uint128_t)1) << (128 - offs)) - 1))
-// Note rules.h may also define PARSE_8021Q and REQ_8021Q
-// Note rules.h may also define PARSE_IHL
+// PARSE is used as a preprocessor flag to indicate parsing fields
+#define PARSE 42
#include "rules.h"
+#define unlikely(a) __builtin_expect(a, 0)
+#define likely(a) __builtin_expect(a, 1)
+
#ifdef TEST
// 64 bit version of xdp_md for testing
struct xdp_md {
unsigned short eth_proto;
{
- if ((void*)(size_t)ctx->data + sizeof(struct ethhdr) > data_end)
+ if (unlikely((void*)(size_t)ctx->data + sizeof(struct ethhdr) > data_end))
return XDP_DROP;
const struct ethhdr *const eth = (void*)(size_t)ctx->data;
-#ifdef PARSE_8021Q
- if (eth->h_proto == BE16(ETH_P_8021Q)) {
- if ((void*)(size_t)ctx->data + sizeof(struct ethhdr_vlan) > data_end)
+#if PARSE_8021Q == PARSE
+ if (likely(eth->h_proto == BE16(ETH_P_8021Q))) {
+ if (unlikely((void*)(size_t)ctx->data + sizeof(struct ethhdr_vlan) > data_end))
return XDP_DROP;
const struct ethhdr_vlan *const eth_vlan = (void*)(size_t)ctx->data;
#ifdef REQ_8021Q
- if ((eth_vlan->tci & BE16(0xfff)) != BE16(REQ_8021Q))
+ if (unlikely((eth_vlan->tci & BE16(0xfff)) != BE16(REQ_8021Q)))
return XDP_DROP;
#endif
eth_proto = eth_vlan->h_proto;
pktdata = (const void *)(long)ctx->data + sizeof(struct ethhdr_vlan);
+#else
+ if (unlikely(eth->h_proto == BE16(ETH_P_8021Q))) {
+ return PARSE_8021Q;
+#endif
} else {
#ifdef REQ_8021Q
return XDP_DROP;
eth_proto = eth->h_proto;
#endif
}
-#else
- pktdata = (const void *)(long)ctx->data + sizeof(struct ethhdr);
- eth_proto = eth->h_proto;
-#endif
}
- const struct tcphdr *tcp = NULL;
- const struct udphdr *udp = NULL;
+#ifdef NEED_V4_PARSE
+ const struct iphdr *ip = NULL;
const struct icmphdr *icmp = NULL;
+#endif
+#ifdef NEED_V6_PARSE
+ const struct ip6hdr *ip6 = NULL;
const struct icmp6hdr *icmpv6 = NULL;
const struct ip6_fraghdr *frag6 = NULL;
- const struct iphdr *ip = NULL;
- const struct ip6hdr *ip6 = NULL;
+#endif
+
const void *l4hdr = NULL;
+ const struct tcphdr *tcp = NULL;
+ const struct udphdr *udp = NULL;
+
+#ifdef NEED_V4_PARSE
if (eth_proto == BE16(ETH_P_IP)) {
- if (pktdata + sizeof(struct iphdr) > data_end)
+ if (unlikely(pktdata + sizeof(struct iphdr) > data_end))
return XDP_DROP;
ip = (struct iphdr*) pktdata;
-#ifdef PARSE_IHL
- if (ip->ihl < 5) return XDP_DROP;
+#if PARSE_IHL == PARSE
+ if (unlikely(ip->ihl < 5)) return XDP_DROP;
l4hdr = pktdata + ip->ihl * 4;
#else
- if (ip->ihl != 5) return XDP_DROP;
+ if (ip->ihl != 5) return PARSE_IHL;
l4hdr = pktdata + 5*4;
#endif
+
if (ip->protocol == IP_PROTO_TCP) {
- if (l4hdr + sizeof(struct tcphdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct tcphdr) > data_end))
return XDP_DROP;
tcp = (struct tcphdr*) l4hdr;
} else if (ip->protocol == IP_PROTO_UDP) {
- if (l4hdr + sizeof(struct udphdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct udphdr) > data_end))
return XDP_DROP;
udp = (struct udphdr*) l4hdr;
} else if (ip->protocol == IP_PROTO_ICMP) {
- if (l4hdr + sizeof(struct icmphdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct icmphdr) > data_end))
return XDP_DROP;
icmp = (struct icmphdr*) l4hdr;
}
- } else if (eth_proto == BE16(ETH_P_IPV6)) {
- if (pktdata + sizeof(struct ip6hdr) > data_end)
+ }
+#endif
+#ifdef NEED_V6_PARSE
+ if (eth_proto == BE16(ETH_P_IPV6)) {
+ if (unlikely(pktdata + sizeof(struct ip6hdr) > data_end))
return XDP_DROP;
ip6 = (struct ip6hdr*) pktdata;
uint8_t v6nexthdr;
if (ip6->nexthdr == IP6_PROTO_FRAG) {
- if (l4hdr + sizeof(struct ip6_fraghdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct ip6_fraghdr) > data_end))
return XDP_DROP;
frag6 = (struct ip6_fraghdr*) l4hdr;
l4hdr = l4hdr + sizeof(struct ip6_fraghdr);
}
if (v6nexthdr == IP_PROTO_TCP) {
- if (l4hdr + sizeof(struct tcphdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct tcphdr) > data_end))
return XDP_DROP;
tcp = (struct tcphdr*) l4hdr;
} else if (v6nexthdr == IP_PROTO_UDP) {
- if (l4hdr + sizeof(struct udphdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct udphdr) > data_end))
return XDP_DROP;
udp = (struct udphdr*) l4hdr;
} else if (v6nexthdr == IP6_PROTO_ICMPV6) {
- if (l4hdr + sizeof(struct icmp6hdr) > data_end)
+ if (unlikely(l4hdr + sizeof(struct icmp6hdr) > data_end))
return XDP_DROP;
icmpv6 = (struct icmp6hdr*) l4hdr;
}
// TODO: Handle some options?
- } else {
- return XDP_PASS;
}
+#endif
uint16_t sport, dport; // Host Endian! Only valid with tcp || udp
if (tcp != NULL) {
projects / flowspec-xdp / blobdiff