diff options
| author | Daniel Borkmann <dborkman@redhat.com> | 2013-03-19 16:36:10 +0100 |
|---|---|---|
| committer | Daniel Borkmann <dborkman@redhat.com> | 2013-03-19 16:36:10 +0100 |
| commit | ceae98914962e4375a98db2622b65ecf44b0232a (patch) | |
| tree | 1560778e9ea194247c1cec6d827dde882a860b58 | |
| parent | e4c98bb91e35dba56a077e8e5b9c70556fdd4e24 (diff) | |
bpfc: filter: add poff ancillary operation
In preparation for [1], add the #poff operation, so that users can
dynamically truncate packets on the payload start offset. This is
useful for several reasons: privacy, speed, ...
Example for bpfc:
ld #poff
ret a
[1] http://thread.gmane.org/gmane.linux.network/262512
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
| -rw-r--r-- | bpf.h | 3 | ||||
| -rw-r--r-- | bpf_lexer.l | 1 | ||||
| -rw-r--r-- | bpf_parser.y | 11 |
3 files changed, 14 insertions, 1 deletions
@@ -131,5 +131,8 @@ static inline void bpf_release(struct sock_fprog *bpf) #ifndef SKF_AD_VLAN_TAG_PRESENT # define SKF_AD_VLAN_TAG_PRESENT 48 #endif +#ifndef SKF_AD_PAY_OFFSET +# define SKF_AD_PAY_OFFSET 52 +#endif #endif /* BPF_I_H */ diff --git a/bpf_lexer.l b/bpf_lexer.l index d4b6947..a2ff90a 100644 --- a/bpf_lexer.l +++ b/bpf_lexer.l @@ -75,6 +75,7 @@ label [a-zA-Z_][a-zA-Z0-9_]+ "#"?("len"|"pktlen") { return K_PKT_LEN; } "#"?("pto"|"proto") { return K_PROTO; } "#"?("type") { return K_TYPE; } +"#"?("poff") { return K_POFF; } "#"?("ifx"|"ifidx") { return K_IFIDX; } "#"?("nla") { return K_NLATTR; } "#"?("nlan") { return K_NLATTR_NEST; } diff --git a/bpf_parser.y b/bpf_parser.y index 7f6bcc8..459ea99 100644 --- a/bpf_parser.y +++ b/bpf_parser.y @@ -132,7 +132,7 @@ static int find_intr_offset_or_panic(char *label_to_search) %token OP_LDXI %token K_PKT_LEN K_PROTO K_TYPE K_NLATTR K_NLATTR_NEST K_MARK K_QUEUE K_HATYPE -%token K_RXHASH K_CPU K_IFIDX K_VLANT K_VLANP +%token K_RXHASH K_CPU K_IFIDX K_VLANT K_VLANP K_POFF %token ':' ',' '[' ']' '(' ')' 'x' 'a' '+' 'M' '*' '&' '#' @@ -235,6 +235,9 @@ ldb | OP_LDB K_VLANP { set_curr_instr(BPF_LD | BPF_B | BPF_ABS, 0, 0, SKF_AD_OFF + SKF_AD_VLAN_TAG_PRESENT); } + | OP_LDB K_POFF { + set_curr_instr(BPF_LD | BPF_B | BPF_ABS, 0, 0, + SKF_AD_OFF + SKF_AD_PAY_OFFSET); } ; ldh @@ -278,6 +281,9 @@ ldh | OP_LDH K_VLANP { set_curr_instr(BPF_LD | BPF_H | BPF_ABS, 0, 0, SKF_AD_OFF + SKF_AD_VLAN_TAG_PRESENT); } + | OP_LDH K_POFF { + set_curr_instr(BPF_LD | BPF_H | BPF_ABS, 0, 0, + SKF_AD_OFF + SKF_AD_PAY_OFFSET); } ; ldi @@ -326,6 +332,9 @@ ld | OP_LD K_VLANP { set_curr_instr(BPF_LD | BPF_W | BPF_ABS, 0, 0, SKF_AD_OFF + SKF_AD_VLAN_TAG_PRESENT); } + | OP_LD K_POFF { + set_curr_instr(BPF_LD | BPF_W | BPF_ABS, 0, 0, + SKF_AD_OFF + SKF_AD_PAY_OFFSET); } | OP_LD 'M' '[' number ']' { set_curr_instr(BPF_LD | BPF_MEM, 0, 0, $4); } | OP_LD '[' 'x' '+' number ']' { |