From patchwork Sat Jul 14 11:39:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: William Tu X-Patchwork-Id: 943925 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="UlwozPGt"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41SSZQ5Kx8z9ryt for ; Sat, 14 Jul 2018 21:46:54 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 943A4CE0; Sat, 14 Jul 2018 11:40:15 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 91FCCCEB for ; Sat, 14 Jul 2018 11:40:13 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pl0-f65.google.com (mail-pl0-f65.google.com [209.85.160.65]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5DF8B67E for ; Sat, 14 Jul 2018 11:40:13 +0000 (UTC) Received: by mail-pl0-f65.google.com with SMTP id 94-v6so1375647ple.12 for ; Sat, 14 Jul 2018 04:40:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=wZ5otdrW8GdYmPK9caVC2m6fYiRKu9Xq99rVQTjwQYU=; b=UlwozPGto4/NK4pw7y1Nn08y1KDJWW5zf5GCsosUUqOLBG1krlFg7IlCN3ZKYDTF6F FKVX8/aiqmdvFj3OzO9McbhbvjZ6p0AsAcvhyoKtOfCkfjtPrvwKq1voP05MPOs8FS6d NX2HF4sKP3M0/+tQuvoG0XJwgQ+9LwdAQYZqj2b8gQvbrEy6FtykYXR4RY3t/1sTSjyK Uz97eyWjyba9eF3FduGF5swgUfs7GdocMScZtAUfrsqU/hInJ3POSaKq3o4h/jDsWpk5 K27tQjDGLLOXybTAbEIBJ6CKZaJBQtvFkfR3hM4S5KnRONyoufSKBO85jbQdnGPHTaWD lslg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=wZ5otdrW8GdYmPK9caVC2m6fYiRKu9Xq99rVQTjwQYU=; b=nY7ZhPEjR421em0BmSqjm3Hfuz7NSLhvovhZL5rpol458u35312WYWLSTc8gH4GreA QbNDMWa46LVM2empWRRWia2/7/8ftPa8TJE5x4CK4g3cDRyIuTq8Rzuxif334PykOjTJ PPU5LNVnjvrcurWOMnmuvJ0YdtwnysbQF1FaIF96J2RWjbiczMs0lO7BHkj8bHSs1kV8 Cp8XYB0uxUsJRRKrlY8pZjxgsWT4sgCs3MkcKGj1NrnXNLkk5XegTASNiJaj8K8S71+u z9rgsRQ98UGrO8K19XoxHHdup1CkKUSr/VJFqKgSUOwIYtgq8ZWAnrthDk8HES4zDZQ1 r+EQ== X-Gm-Message-State: AOUpUlGmv9duZPaGseZ/KubcIQ95eAoyyValsKpMfuBbknDluNjB/Irf VgWNaVp924GmXtzYy7GHZWtkj9qR X-Google-Smtp-Source: AAOMgpeL4YxZqBToeezx0ArOgBCQVnCOwYOtv/xwAeCkKwHM9tb8gIWuOrldvtFpXJuYQzfV9sVi5A== X-Received: by 2002:a17:902:5590:: with SMTP id g16-v6mr9583792pli.99.1531568412825; Sat, 14 Jul 2018 04:40:12 -0700 (PDT) Received: from sc9-mailhost3.vmware.com (c-73-231-16-221.hsd1.ca.comcast.net. [73.231.16.221]) by smtp.gmail.com with ESMTPSA id m21-v6sm35825267pgv.27.2018.07.14.04.40.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 14 Jul 2018 04:40:12 -0700 (PDT) From: William Tu To: dev@openvswitch.org, iovisor-dev@lists.iovisor.org Date: Sat, 14 Jul 2018 04:39:05 -0700 Message-Id: <1531568345-80246-14-git-send-email-u9012063@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1531568345-80246-1-git-send-email-u9012063@gmail.com> References: <1531568345-80246-1-git-send-email-u9012063@gmail.com> X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [RFC PATCHv2 13/13] xdp: early drop ipv6 packet. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org If not using ipv6, drop it in XDP. Signed-off-by: William Tu --- bpf/xdp.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/bpf/xdp.h b/bpf/xdp.h index 2d2102a6ba28..e71b268370c6 100644 --- a/bpf/xdp.h +++ b/bpf/xdp.h @@ -23,8 +23,26 @@ __section("xdp") static int xdp_ingress(struct xdp_md *ctx OVS_UNUSED) { /* TODO: see p4c-xdp project */ +#ifdef BPF_ENABLE_IPV6 printt("return XDP_PASS\n"); return XDP_PASS; +#else + /* Early drop ipv6 */ + void *data_end = (void *)(long)ctx->data_end; + void *data = (void *)(long)ctx->data; + struct ethhdr *eth = data; + __u16 h_proto; + + if ((char *)eth + 14 > (char *)data_end) + return XDP_DROP; + + h_proto = eth->h_proto; + + if (h_proto == bpf_htons(ETH_P_IPV6)) { + printt("drop ipv6\n"); + return XDP_DROP; + } +#endif } __section("af_xdp")