/* * node.c: udp packet processing * * Copyright (c) 2013 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #include #include udp_main_t udp_main; #define foreach_udp_local_next \ _ (PUNT, "error-punt") \ _ (DROP, "error-drop") \ _ (ICMP4_ERROR, "ip4-icmp-error") \ _ (ICMP6_ERROR, "ip6-icmp-error") typedef enum { #define _(s,n) UDP_LOCAL_NEXT_##s, foreach_udp_local_next #undef _ UDP_LOCAL_N_NEXT, } udp_local_next_t; typedef struct { u16 src_port; u16 dst_port; u8 bound; } udp_local_rx_trace_t; u8 * format_udp_rx_trace (u8 * s, va_list * args) { CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *); CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *); udp_local_rx_trace_t *t = va_arg (*args, udp_local_rx_trace_t *); s = format (s, "UDP: src-port %d dst-port %d%s", clib_net_to_host_u16 (t->src_port), clib_net_to_host_u16 (t->dst_port), t->bound ? "" : " (no listener)"); return s; } vlib_node_registration_t udp4_local_node; vlib_node_registration_t udp6_local_node; always_inline uword udp46_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * from_frame, int is_ip4) { udp_main_t *um = &udp_main; __attribute__ ((unused)) u32 n_left_from, next_index, *from, *to_next; word n_no_listener = 0; u8 punt_unknown = is_ip4 ? um->punt_unknown4 : um->punt_unknown6; from = vlib_frame_vector_args (from_frame); n_left_from = from_frame->n_vectors; next_index = node->cached_next_index; while (n_left_from > 0) { u32 n_left_to_next; vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from >= 4 && n_left_to_next >= 2) { u32 bi0, bi1; vlib_buffer_t *b0, *b1; udp_header_t *h0 = 0, *h1 = 0; u32 i0, i1, dst_port0, dst_port1; u32 advance0, advance1; u32 error0, next0, error1, next1; /* Prefetch next iteration. */ { vlib_buffer_t *p2, *p3; p2 = vlib_get_buffer (vm, from[2]); p3 = vlib_get_buffer (vm, from[3]); vlib_prefetch_buffer_header (p2, LOAD); vlib_prefetch_buffer_header (p3, LOAD); CLIB_PREFETCH (p2->data, sizeof (h0[0]), LOAD); CLIB_PREFETCH (p3->data, sizeof (h1[0]), LOAD); } bi0 = from[0]; bi1 = from[1]; to_next[0] = bi0; to_next[1] = bi1; from += 2; to_next += 2; n_left_to_next -= 2; n_left_from -= 2; b0 = vlib_get_buffer (vm, bi0); b1 = vlib_get_buffer (vm, bi1); /* ip4/6_local hands us the ip header, not the udp header */ if (is_ip4) { advance0 = sizeof (ip4_header_t); advance1 = sizeof (ip4_header_t); } else { advance0 = sizeof (ip6_header_t); advance1 = sizeof (ip6_header_t); } if (PREDICT_FALSE (b0->current_length < advance0 + sizeof (*h0))) { error0 = UDP_ERROR_LENGTH_ERROR; next0 = UDP_LOCAL_NEXT_DROP; } else { vlib_buffer_advance (b0, advance0); h0 = vlib_buffer_get_current (b0); error0 = next0 = 0; if (PREDICT_FALSE (clib_net_to_host_u16 (h0->length) > vlib_buffer_length_in_chain (vm, b0))) { error0 = UDP_ERROR_LENGTH_ERROR; next0 = UDP_LOCAL_NEXT_DROP; } } if (PREDICT_FALSE (b1->current_length < advance1 + sizeof (*h1))) { error1 = UDP_ERROR_LENGTH_ERROR; next1 = UDP_LOCAL_NEXT_DROP; } else { vlib_buffer_advance (b1, advance1); h1 = vlib_buffer_get_current (b1); error1 = next1 = 0; if (PREDICT_FALSE (clib_net_to_host_u16 (h1->length) > vlib_buffer_length_in_chain (vm, b1))) { error1 = UDP_ERROR_LENGTH_ERROR; next1 = UDP_LOCAL_NEXT_DROP; } } /* Index sparse array with network byte order. */ dst_port0 = (error0 == 0) ? h0->dst_port : 0; dst_port1 = (error1 == 0) ? h1->dst_port : 0; sparse_vec_index2 (is_ip4 ? um->next_by_dst_port4 : um->next_by_dst_port6, dst_port0, dst_port1, &i0, &i1); next0 = (error0 == 0) ? vec_elt (is_ip4 ? um->next_by_dst_port4 : um->next_by_dst_port6, i0) : next0; next1 = (error1 == 0) ? vec_elt (is_ip4 ? um->next_by_dst_port4 : um->next_by_dst_port6, i1) : next1; if (PREDICT_FALSE (i0 == SPARSE_VEC_INVALID_INDEX)) { // move the pointer back so icmp-error can find the // ip packet header vlib_buffer_advance (b0, -(word) advance0); if (PREDICT_FALSE (punt_unknown)) { b0->error = node->errors[UDP_ERROR_PUNT]; next0 = UDP_LOCAL_NEXT_PUNT; } else if (is_ip4) { icmp4_error_set_vnet_buffer (b0, ICMP4_destination_unreachable, ICMP4_destination_unreachable_port_unreachable, 0); next0 = UDP_LOCAL_NEXT_ICMP4_ERROR; n_no_listener++; } else { icmp6_error_set_vnet_buffer (b0, ICMP6_destination_unreachable, ICMP6_destination_unreachable_port_unreachable, 0); next0 = UDP_LOCAL_NEXT_ICMP6_ERROR; n_no_listener++; } } else { b0->error = node->errors[UDP_ERROR_NONE]; // advance to the payload vlib_buffer_advance (b0, sizeof (*h0)); } if (PREDICT_FALSE (i1 == SPARSE_VEC_INVALID_INDEX)) { // move the pointer back so icmp-error can find the // ip packet header vlib_buffer_advance (b1, -(word) advance1); if (PREDICT_FALSE (punt_unknown)) { b1->error = node->errors[UDP_ERROR_PUNT]; next1 = UDP_LOCAL_NEXT_PUNT; } else if (is_ip4) { icmp4_error_set_vnet_buffer (b1, ICMP4_destination_unreachable, ICMP4_destination_unreachable_port_unreachable, 0); next1 = UDP_LOCAL_NEXT_ICMP4_ERROR; n_no_listener++; } else { icmp6_error_set_vnet_buffer (b1, ICMP6_destination_unreachable, ICMP6_destination_unreachable_port_unreachable, 0); next1 = UDP_LOCAL_NEXT_ICMP6_ERROR; n_no_listener++; } } else { b1->error = node->errors[UDP_ERROR_NONE]; // advance to the payload vlib_buffer_advance (b1, sizeof (*h1)); } if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED)) { udp_local_rx_trace_t *tr = vlib_add_trace (vm, node, b0, sizeof (*tr)); if (b0->error != node->errors[UDP_ERROR_LENGTH_ERROR]) { tr->src_port = h0 ? h0->src_port : 0; tr->dst_port = h0 ? h0->dst_port : 0; tr->bound = (next0 != UDP_LOCAL_NEXT_ICMP4_ERROR && next0 != UDP_LOCAL_NEXT_ICMP6_ERROR); } } if (PREDICT_FALSE (b1->flags & VLIB_BUFFER_IS_TRACED)) { udp_local_rx_trace_t *tr = vlib_add_trace (vm, node, b1, sizeof (*tr)); if (b1->error != node->errors[UDP_ERROR_LENGTH_ERROR]) { tr->src_port = h1 ? h1->src_port : 0; tr->dst_port = h1 ? h1->dst_port : 0; tr->bound = (next1 != UDP_LOCAL_NEXT_ICMP4_ERROR && next1 != UDP_LOCAL_NEXT_ICMP6_ERROR); } } vlib_validate_buffer_enqueue_x2 (vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1); } while (n_left_from > 0 && n_left_to_next > 0) { u32 bi0; vlib_buffer_t *b0; udp_header_t *h0 = 0; u32 i0, next0; u32 advance0; bi0 = from[0]; to_next[0] = bi0; from += 1; to_next += 1; n_left_from -= 1; n_left_to_next -= 1; b0 = vlib_get_buffer (vm, bi0); /* ip4/6_local hands us the ip header, not the udp header */ if (is_ip4) advance0 = sizeof (ip4_header_t); else advance0 = sizeof (ip6_header_t); if (PREDICT_FALSE (b0->current_length < advance0 + sizeof (*h0))) { b0->error = node->errors[UDP_ERROR_LENGTH_ERROR]; next0 = UDP_LOCAL_NEXT_DROP; goto trace_x1; } vlib_buffer_advance (b0, advance0); h0 = vlib_buffer_get_current (b0); if (PREDICT_TRUE (clib_net_to_host_u16 (h0->length) <= vlib_buffer_length_in_chain (vm, b0))) { i0 = sparse_vec_index (is_ip4 ? um->next_by_dst_port4 : um->next_by_dst_port6, h0->dst_port); next0 = vec_elt (is_ip4 ? um->next_by_dst_port4 : um->next_by_dst_port6, i0); if (PREDICT_FALSE (i0 == SPARSE_VEC_INVALID_INDEX)) { // move the pointer back so icmp-error can find the // ip packet header vlib_buffer_advance (b0, -(word) advance0); if (PREDICT_FALSE (punt_unknown)) { b0->error = node->errors[UDP_ERROR_PUNT]; next0 = UDP_LOCAL_NEXT_PUNT; } else if (is_ip4) { icmp4_error_set_vnet_buffer (b0, ICMP4_destination_unreachable, ICMP4_destination_unreachable_port_unreachable, 0); next0 = UDP_LOCAL_NEXT_ICMP4_ERROR; n_no_listener++; } else { icmp6_error_set_vnet_buffer (b0, ICMP6_destination_unreachable, ICMP6_destination_unreachable_port_unreachable, 0); next0 = UDP_LOCAL_NEXT_ICMP6_ERROR; n_no_listener++; } } else { b0->error = node->errors[UDP_ERROR_NONE]; // advance to the payload vlib_buffer_