netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
payload.c File Reference
#include <stddef.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdint.h>
#include <string.h>
#include <net/if_arp.h>
#include <arpa/inet.h>
#include <linux/netfilter.h>
#include <rule.h>
#include <expression.h>
#include <statement.h>
#include <payload.h>
#include <gmputil.h>
#include <utils.h>
Include dependency graph for payload.c:

Functions

struct exprpayload_expr_alloc (const struct location *loc, const struct proto_desc *desc, unsigned int type)
 
void payload_init_raw (struct expr *expr, enum proto_bases base, unsigned int offset, unsigned int len)
 
int payload_gen_dependency (struct eval_ctx *ctx, const struct expr *expr, struct stmt **res)
 payload_gen_dependency - generate match expression on payload dependency More...
 
void payload_expr_complete (struct expr *expr, const struct proto_ctx *ctx)
 payload_expr_complete - fill in type information of a raw payload expr More...
 
void payload_expr_expand (struct list_head *list, struct expr *expr, const struct proto_ctx *ctx)
 payload_expr_expand - expand raw merged adjacent payload expressions into its original components More...
 
bool payload_is_adjacent (const struct expr *e1, const struct expr *e2)
 payload_is_adjacent - return whether two payload expressions refer to adjacent header locations More...
 
struct exprpayload_expr_join (const struct expr *e1, const struct expr *e2)
 payload_expr_join - join two adjacent payload expressions More...
 

Function Documentation

void payload_expr_complete ( struct expr expr,
const struct proto_ctx ctx 
)

payload_expr_complete - fill in type information of a raw payload expr

: the payload expression : protocol context

Complete the type of a raw payload expression based on the context. If insufficient information is available the expression remains unchanged.

References array_size, proto_desc::base, proto_desc::desc, proto_ctx::desc, proto_hdr_template::dtype, expr::dtype, EXPR_PAYLOAD, proto_hdr_template::len, expr::len, NULL, proto_hdr_template::offset, expr::ops, expr::payload, proto_ctx::protocol, proto_desc::templates, and expr_ops::type.

void payload_expr_expand ( struct list_head list,
struct expr expr,
const struct proto_ctx ctx 
)

payload_expr_expand - expand raw merged adjacent payload expressions into its original components

: list to append expanded payload expressions to : the payload expression to expand : protocol context

Expand a merged adjacent payload expression into its original components by splitting elements off the beginning matching a payload template.

Note: this requires all payload templates to be specified in ascending offset order.

References array_size, proto_desc::base, proto_desc::desc, proto_ctx::desc, EXPR_PAYLOAD, proto_hdr_template::len, expr::len, expr::location, new, NULL, proto_hdr_template::offset, expr::ops, expr::payload, payload_expr_alloc(), payload_init_raw(), proto_ctx::protocol, proto_desc::templates, and expr_ops::type.

Here is the call graph for this function:

struct expr* payload_expr_join ( const struct expr e1,
const struct expr e2 
)

payload_expr_join - join two adjacent payload expressions

: first payload expression : second payload expression

References internal_location, expr::len, NULL, expr::payload, payload_expr_alloc(), and payload_is_adjacent().

Here is the call graph for this function:

int payload_gen_dependency ( struct eval_ctx ctx,
const struct expr expr,
struct stmt **  res 
)

payload_gen_dependency - generate match expression on payload dependency

: evaluation context : payload expression : dependency expression

Generate matches on protocol dependencies. There are two different kinds of dependencies:

  • A payload expression for a base above the hook base requires a match on the protocol value in the lower layer header.
  • A payload expression for a base below the hook base is invalid in the output path since the lower layer header does not exist when the packet is classified. In the input path a payload expressions for a base exactly one below the hook base is valid. In this case a match on the device type is required to verify that we're dealing with the expected protocol.

    Note: since it is unknown to userspace which hooks a chain is called from, it is not explicitly verified. The NFT_META_IIFTYPE match will only match in the input path though.

References arphrd_type, hook_proto_desc::base, BITS_PER_BYTE, datatype::byteorder, BYTEORDER_HOST_ENDIAN, constant_expr_alloc(), proto_desc::desc, proto_ctx::desc, proto_hdr_template::dtype, expr_error, expr_stmt_alloc(), proto_ctx::family, expr::left, proto_hdr_template::len, expr::location, meta_expr_alloc(), proto_hdr_template::meta_key, eval_ctx::msgs, proto_desc::name, NFPROTO_BRIDGE, NFPROTO_INET, NFT_META_IIFTYPE, NULL, OP_EQ, expr::ops, expr::payload, payload_expr_alloc(), eval_ctx::pctx, expr_ops::pctx_update, PROTO_BASE_LL_HDR, proto_base_names, PROTO_BASE_TRANSPORT_HDR, proto_dev_type(), proto_eth, proto_find_num(), proto_inet, proto_inet_service, proto_ctx::protocol, proto_desc::protocol_key, relational_expr_alloc(), expr::right, stmt_evaluate(), proto_desc::templates, and type.

Here is the call graph for this function:

void payload_init_raw ( struct expr expr,
enum proto_bases  base,
unsigned int  offset,
unsigned int  len 
)

References expr::base, len, expr::len, expr::offset, and expr::payload.

Referenced by payload_expr_expand().

Here is the caller graph for this function:

bool payload_is_adjacent ( const struct expr e1,
const struct expr e2 
)

payload_is_adjacent - return whether two payload expressions refer to adjacent header locations

: first payload expression : second payload expression

References expr::len, and expr::payload.

Referenced by payload_expr_join().

Here is the caller graph for this function: