[ovs-dev,RFC,PATCHv2,13/13] xdp: early drop ipv6 packet.

Message ID	1531568345-80246-14-git-send-email-u9012063@gmail.com
State	RFC
Headers	show Return-Path: <ovs-dev-bounces@openvswitch.org> From: William Tu <u9012063@gmail.com> To: dev@openvswitch.org, iovisor-dev@lists.iovisor.org Date: Sat, 14 Jul 2018 04:39:05 -0700 Message-Id: <1531568345-80246-14-git-send-email-u9012063@gmail.com> In-Reply-To: <1531568345-80246-1-git-send-email-u9012063@gmail.com> References: <1531568345-80246-1-git-send-email-u9012063@gmail.com> Subject: [ovs-dev] [RFC PATCHv2 13/13] xdp: early drop ipv6 packet. Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org
Series	OVS eBPF datapath. \| expand [ovs-dev,RFC,PATCHv2,00/13] OVS eBPF datapath. [ovs-dev,RFC,PATCHv2,01/13] ovs-bpf: add documentation and configuration. [ovs-dev,RFC,PATCHv2,02/13] netdev: add ebpf support for netdev provider. [ovs-dev,RFC,PATCHv2,03/13] lib: implement perf event ringbuffer for upcall. [ovs-dev,RFC,PATCHv2,04/13] lib/bpf: add support for managing bpf program/map. [ovs-dev,RFC,PATCHv2,05/13] dpif: add 'dpif-bpf' provider. [ovs-dev,RFC,PATCHv2,06/13] dpif-bpf-odp: Add bpf datapath interface and impl. [ovs-dev,RFC,PATCHv2,07/13] bpf: implement OVS BPF datapath. [ovs-dev,RFC,PATCHv2,08/13] vswitch/bridge.c: add bpf datapath initialization. [ovs-dev,RFC,PATCHv2,09/13] utilities: Add ovs-bpfctl utility. [ovs-dev,RFC,PATCHv2,10/13] tests: Add "make check-bpf" traffic target. [ovs-dev,RFC,PATCHv2,11/13] vagrant: add ebpf support using ubuntu/bionic [ovs-dev,RFC,PATCHv2,12/13] ofproto: disable megaflow for bpf datapath. [ovs-dev,RFC,PATCHv2,13/13] xdp: early drop ipv6 packet.

Message ID

1531568345-80246-14-git-send-email-u9012063@gmail.com

State

RFC

Headers

From: William Tu <u9012063@gmail.com>
To: dev@openvswitch.org,
	iovisor-dev@lists.iovisor.org
Date: Sat, 14 Jul 2018 04:39:05 -0700
Message-Id: <1531568345-80246-14-git-send-email-u9012063@gmail.com>
In-Reply-To: <1531568345-80246-1-git-send-email-u9012063@gmail.com>
References: <1531568345-80246-1-git-send-email-u9012063@gmail.com>
Subject: [ovs-dev] [RFC PATCHv2 13/13] xdp: early drop ipv6 packet.
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

Series

OVS eBPF datapath. | expand

Commit Message

William Tu July 14, 2018, 11:39 a.m. UTC

If not using ipv6, drop it in XDP.

Signed-off-by: William Tu <u9012063@gmail.com>
---
 bpf/xdp.h | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/bpf/xdp.h b/bpf/xdp.h
index 2d2102a6ba28..e71b268370c6 100644
--- a/bpf/xdp.h
+++ b/bpf/xdp.h
@@ -23,8 +23,26 @@  __section("xdp")
 static int xdp_ingress(struct xdp_md *ctx OVS_UNUSED)
 {
     /* TODO: see p4c-xdp project */
+#ifdef BPF_ENABLE_IPV6
     printt("return XDP_PASS\n");
     return XDP_PASS;
+#else
+    /* Early drop ipv6 */
+    void *data_end = (void *)(long)ctx->data_end;
+    void *data = (void *)(long)ctx->data;
+    struct ethhdr *eth = data;
+    __u16 h_proto;
+
+    if ((char *)eth + 14 > (char *)data_end)
+        return XDP_DROP;
+
+    h_proto = eth->h_proto;
+
+    if (h_proto == bpf_htons(ETH_P_IPV6)) {
+        printt("drop ipv6\n");
+        return XDP_DROP;
+    }
+#endif
 }
 
 __section("af_xdp")

[ovs-dev,RFC,PATCHv2,13/13] xdp: early drop ipv6 packet.

Commit Message

Patch