Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src NPF:
details: https://anonhg.NetBSD.org/src/rev/4c270cf59bd1
branches: trunk
changeset: 330198:4c270cf59bd1
user: rmind <rmind%NetBSD.org@localhost>
date: Sun Jun 29 00:05:24 2014 +0000
description:
NPF:
- Populate the BPF external memory store with L3 information.
- Eliminate NPF_COP_L3 call and just use the data in the memstore.
- Bump NPF_VERSION.
diffstat:
sys/net/npf/npf.h | 4 +-
sys/net/npf/npf_bpf.c | 53 ++++++++++++++++++++-----------------
usr.sbin/npf/npfctl/npf_bpf_comp.c | 28 ++++++-------------
3 files changed, 39 insertions(+), 46 deletions(-)
diffs (182 lines):
diff -r ea1d4a405964 -r 4c270cf59bd1 sys/net/npf/npf.h
--- a/sys/net/npf/npf.h Sat Jun 28 22:27:50 2014 +0000
+++ b/sys/net/npf/npf.h Sun Jun 29 00:05:24 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: npf.h,v 1.41 2014/06/25 00:20:06 rmind Exp $ */
+/* $NetBSD: npf.h,v 1.42 2014/06/29 00:05:24 rmind Exp $ */
/*-
* Copyright (c) 2009-2014 The NetBSD Foundation, Inc.
@@ -45,7 +45,7 @@
#include <netinet/in_systm.h>
#include <netinet/in.h>
-#define NPF_VERSION 13
+#define NPF_VERSION 14
/*
* Public declarations and definitions.
diff -r ea1d4a405964 -r 4c270cf59bd1 sys/net/npf/npf_bpf.c
--- a/sys/net/npf/npf_bpf.c Sat Jun 28 22:27:50 2014 +0000
+++ b/sys/net/npf/npf_bpf.c Sun Jun 29 00:05:24 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_bpf.c,v 1.8 2014/06/25 00:20:06 rmind Exp $ */
+/* $NetBSD: npf_bpf.c,v 1.9 2014/06/29 00:05:24 rmind Exp $ */
/*-
* Copyright (c) 2009-2013 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_bpf.c,v 1.8 2014/06/25 00:20:06 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_bpf.c,v 1.9 2014/06/29 00:05:24 rmind Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -78,7 +78,7 @@
}
void
-npf_bpf_prepare(npf_cache_t *npc, nbuf_t *nbuf, bpf_args_t *args, uint32_t *m)
+npf_bpf_prepare(npf_cache_t *npc, nbuf_t *nbuf, bpf_args_t *args, uint32_t *M)
{
const struct mbuf *mbuf = nbuf_head_mbuf(nbuf);
const size_t pktlen = m_length(mbuf);
@@ -87,19 +87,39 @@
args->pkt = (const uint8_t *)mbuf;
args->wirelen = pktlen;
args->buflen = 0;
- args->mem = m;
+ args->mem = M;
args->arg = npc;
+
+ /*
+ * Convert address length to IP version. Just mask out
+ * number 4 or set 6 if higher bits set, such that:
+ *
+ * 0 => 0
+ * 4 => 4 (IPVERSION)
+ * 16 => 6 (IPV6_VERSION >> 4)
+ */
+ const u_int alen = npc->npc_alen;
+ const uint32_t ver = (alen & 4) | ((alen >> 4) * 6);
+
+ /*
+ * Output words in the memory store:
+ * BPF_MW_IPVER IP version (4 or 6).
+ * BPF_MW_L4OFF L4 header offset.
+ * BPF_MW_L4PROTO L4 protocol.
+ */
+ M[BPF_MW_IPVER] = ver;
+ M[BPF_MW_L4OFF] = npc->npc_hlen;
+ M[BPF_MW_L4PROTO] = npc->npc_proto;
}
int
npf_bpf_filter(bpf_args_t *args, const void *code, bpfjit_func_t jcode)
{
-#if 0
/* Execute JIT-compiled code. */
if (__predict_true(jcode)) {
return jcode(npf_bpfctx, args);
}
-#endif
+
/* Execute BPF byte-code. */
return bpf_filter_ext(npf_bpfctx, code, args);
}
@@ -123,35 +143,18 @@
/*
* NPF_COP_L3: fetches layer 3 information.
- *
- * Output words in the memory store:
- * BPF_MW_IPVER IP version (4 or 6).
- * BPF_MW_L4OFF L4 header offset.
- * BPF_MW_L4PROTO L4 protocol.
*/
static uint32_t
npf_cop_l3(const bpf_ctx_t *bc, bpf_args_t *args, uint32_t A)
{
const npf_cache_t * const npc = (const npf_cache_t *)args->arg;
+ const uint32_t ver = (npc->npc_alen & 4) | ((npc->npc_alen >> 4) * 6);
uint32_t * const M = args->mem;
- /*
- * Convert address length to IP version. Just mask out
- * number 4 or set 6 if higher bits set, such that:
- *
- * 0 => 0
- * 4 => 4 (IPVERSION)
- * 16 => 6 (IPV6_VERSION >> 4)
- */
- const u_int alen = npc->npc_alen;
- const uint32_t ver = (alen & 4) | ((alen >> 4) * 6);
-
M[BPF_MW_IPVER] = ver;
M[BPF_MW_L4OFF] = npc->npc_hlen;
M[BPF_MW_L4PROTO] = npc->npc_proto;
-
- /* A <- IP version */
- return ver;
+ return ver; /* A <- IP version */
}
#define SRC_FLAG_BIT (1U << 31)
diff -r ea1d4a405964 -r 4c270cf59bd1 usr.sbin/npf/npfctl/npf_bpf_comp.c
--- a/usr.sbin/npf/npfctl/npf_bpf_comp.c Sat Jun 28 22:27:50 2014 +0000
+++ b/usr.sbin/npf/npfctl/npf_bpf_comp.c Sun Jun 29 00:05:24 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_bpf_comp.c,v 1.6 2014/05/31 22:41:37 rmind Exp $ */
+/* $NetBSD: npf_bpf_comp.c,v 1.7 2014/06/29 00:05:24 rmind Exp $ */
/*-
* Copyright (c) 2010-2014 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: npf_bpf_comp.c,v 1.6 2014/05/31 22:41:37 rmind Exp $");
+__RCSID("$NetBSD: npf_bpf_comp.c,v 1.7 2014/06/29 00:05:24 rmind Exp $");
#include <stdlib.h>
#include <stdbool.h>
@@ -284,8 +284,7 @@
}
/*
- * Call NPF_COP_L3 to fetch L3 information. The coprocessor
- * populates the following words in the scratch memory store:
+ * The memory store is populated with:
* - BPF_MW_IPVER: IP version (4 or 6).
* - BPF_MW_L4OFF: L4 header offset.
* - BPF_MW_L4PROTO: L4 protocol.
@@ -308,21 +307,12 @@
* A <- IP version; A == expected-version?
* If no particular version specified, check for non-zero.
*/
- if ((ctx->flags & FETCHED_L3) == 0) {
- struct bpf_insn insns_l3[] = {
- BPF_STMT(BPF_MISC+BPF_COP, NPF_COP_L3),
- BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ver, jt, jf),
- };
- add_insns(ctx, insns_l3, __arraycount(insns_l3));
- ctx->flags |= FETCHED_L3;
- } else {
- /* IP version is already fetched in BPF_MW_IPVER. */
- struct bpf_insn insns_af[] = {
- BPF_STMT(BPF_LD+BPF_W+BPF_MEM, BPF_MW_IPVER),
- BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ver, jt, jf),
- };
- add_insns(ctx, insns_af, __arraycount(insns_af));
- }
+ struct bpf_insn insns_af[] = {
+ BPF_STMT(BPF_LD+BPF_W+BPF_MEM, BPF_MW_IPVER),
+ BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ver, jt, jf),
+ };
+ add_insns(ctx, insns_af, __arraycount(insns_af));
+ ctx->flags |= FETCHED_L3;
ctx->af = af;
if (af) {
Home |
Main Index |
Thread Index |
Old Index