microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

flow_dissector: extract more ICMP information 

The ICMP flow dissector currently parses only the Type and Code fields.
Some ICMP packets (echo, timestamp) have a 16 bit Identifier field which
is used to correlate packets.
Add such field in flow_dissector_key_icmp and replace skb_flow_get_be16()
with a more complex function which populate this field.

Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Matteo Croce 2019-10-29 14:50:52 +01:00 коммит произвёл David S. Miller
Родитель 3b336d6f4e
Коммит 5dec597e5c
2 изменённых файлов: 61 добавлений и 32 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

19
include/net/flow_dissector.h
Просмотреть файл

@ -6,6 +6,8 @@
#include <linux/in6.h> #include <linux/in6.h>
#include <uapi/linux/if_ether.h> #include <uapi/linux/if_ether.h>
struct sk_buff;
/** /**
* struct flow_dissector_key_control: * struct flow_dissector_key_control:
* @thoff: Transport header offset * @thoff: Transport header offset
@ -156,19 +158,16 @@ struct flow_dissector_key_ports {
/** /**
* flow_dissector_key_icmp: * flow_dissector_key_icmp:
* @ports: type and code of ICMP header
* icmp: ICMP type (high) and code (low)
* type: ICMP type * type: ICMP type
* code: ICMP code * code: ICMP code
* id: session identifier
*/ */
struct flow_dissector_key_icmp { struct flow_dissector_key_icmp {
union { struct {
__be16 icmp; u8 type;
struct { u8 code;
u8 type;
u8 code;
};
}; };
u16 id;
}; };
/** /**
@ -282,6 +281,7 @@ struct flow_keys {
struct flow_dissector_key_vlan cvlan; struct flow_dissector_key_vlan cvlan;
struct flow_dissector_key_keyid keyid; struct flow_dissector_key_keyid keyid;
struct flow_dissector_key_ports ports; struct flow_dissector_key_ports ports;
struct flow_dissector_key_icmp icmp;
/* 'addrs' must be the last member */ /* 'addrs' must be the last member */
struct flow_dissector_key_addrs addrs; struct flow_dissector_key_addrs addrs;
}; };
@ -316,6 +316,9 @@ static inline bool flow_keys_have_l4(const struct flow_keys *keys)
} }
u32 flow_hash_from_keys(struct flow_keys *keys); u32 flow_hash_from_keys(struct flow_keys *keys);
void skb_flow_get_icmp_tci(const struct sk_buff *skb,
struct flow_dissector_key_icmp *key_icmp,
void *data, int thoff, int hlen);
static inline bool dissector_uses_key(const struct flow_dissector *flow_dissector, static inline bool dissector_uses_key(const struct flow_dissector *flow_dissector,
enum flow_dissector_key_id key_id) enum flow_dissector_key_id key_id)

74
net/core/flow_dissector.c
Просмотреть файл

@ -178,27 +178,6 @@ int skb_flow_dissector_bpf_prog_detach(const union bpf_attr *attr)
mutex_unlock(&flow_dissector_mutex); mutex_unlock(&flow_dissector_mutex);
return 0; return 0;
} }
/**
* skb_flow_get_be16 - extract be16 entity
* @skb: sk_buff to extract from
* @poff: offset to extract at
* @data: raw buffer pointer to the packet
* @hlen: packet header length
*
* The function will try to retrieve a be32 entity at
* offset poff
*/
static __be16 skb_flow_get_be16(const struct sk_buff *skb, int poff,
void *data, int hlen)
{
__be16 *u, _u;
u = __skb_header_pointer(skb, poff, sizeof(_u), data, hlen, &_u);
if (u)
return *u;
return 0;
}
/** /**
* __skb_flow_get_ports - extract the upper layer ports and return them * __skb_flow_get_ports - extract the upper layer ports and return them
@ -234,8 +213,54 @@ __be32 __skb_flow_get_ports(const struct sk_buff *skb, int thoff, u8 ip_proto,
} }
EXPORT_SYMBOL(__skb_flow_get_ports); EXPORT_SYMBOL(__skb_flow_get_ports);
/* If FLOW_DISSECTOR_KEY_ICMP is set, get the Type and Code from an ICMP packet static bool icmp_has_id(u8 type)
* using skb_flow_get_be16(). {
switch (type) {
case ICMP_ECHO:
case ICMP_ECHOREPLY:
case ICMP_TIMESTAMP:
case ICMP_TIMESTAMPREPLY:
case ICMPV6_ECHO_REQUEST:
case ICMPV6_ECHO_REPLY:
return true;
}
return false;
}
/**
* skb_flow_get_icmp_tci - extract ICMP(6) Type, Code and Identifier fields
* @skb: sk_buff to extract from
* @key_icmp: struct flow_dissector_key_icmp to fill
* @data: raw buffer pointer to the packet
* @toff: offset to extract at
* @hlen: packet header length
*/
void skb_flow_get_icmp_tci(const struct sk_buff *skb,
struct flow_dissector_key_icmp *key_icmp,
void *data, int thoff, int hlen)
{
struct icmphdr *ih, _ih;
ih = __skb_header_pointer(skb, thoff, sizeof(_ih), data, hlen, &_ih);
if (!ih)
return;
key_icmp->type = ih->type;
key_icmp->code = ih->code;
/* As we use 0 to signal that the Id field is not present,
* avoid confusion with packets without such field
*/
if (icmp_has_id(ih->type))
key_icmp->id = ih->un.echo.id ? : 1;
else
key_icmp->id = 0;
}
EXPORT_SYMBOL(skb_flow_get_icmp_tci);
/* If FLOW_DISSECTOR_KEY_ICMP is set, dissect an ICMP packet
* using skb_flow_get_icmp_tci().
*/ */
static void __skb_flow_dissect_icmp(const struct sk_buff *skb, static void __skb_flow_dissect_icmp(const struct sk_buff *skb,
struct flow_dissector *flow_dissector, struct flow_dissector *flow_dissector,
@ -250,7 +275,8 @@ static void __skb_flow_dissect_icmp(const struct sk_buff *skb,
key_icmp = skb_flow_dissector_target(flow_dissector, key_icmp = skb_flow_dissector_target(flow_dissector,
FLOW_DISSECTOR_KEY_ICMP, FLOW_DISSECTOR_KEY_ICMP,
target_container); target_container);
key_icmp->icmp = skb_flow_get_be16(skb, thoff, data, hlen);
skb_flow_get_icmp_tci(skb, key_icmp, data, thoff, hlen);
} }
void skb_flow_dissect_meta(const struct sk_buff *skb, void skb_flow_dissect_meta(const struct sk_buff *skb,