From owner-svn-soc-all@FreeBSD.ORG  Tue Sep  9 17:02:35 2014
Return-Path: <owner-svn-soc-all@FreeBSD.ORG>
Delivered-To: svn-soc-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id A54A15B9
 for <svn-soc-all@FreeBSD.org>; Tue,  9 Sep 2014 17:02:35 +0000 (UTC)
Received: from socsvn.freebsd.org (socsvn.freebsd.org
 [IPv6:2001:1900:2254:206a::50:2])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 8F585914
 for <svn-soc-all@FreeBSD.org>; Tue,  9 Sep 2014 17:02:35 +0000 (UTC)
Received: from socsvn.freebsd.org ([127.0.1.124])
 by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89H2Zo0008690
 for <svn-soc-all@FreeBSD.org>; Tue, 9 Sep 2014 17:02:35 GMT
 (envelope-from dpl@FreeBSD.org)
Received: (from www@localhost)
 by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89H2Ymm008510
 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 17:02:34 GMT
 (envelope-from dpl@FreeBSD.org)
Date: Tue, 9 Sep 2014 17:02:34 GMT
Message-Id: <201409091702.s89H2Ymm008510@socsvn.freebsd.org>
X-Authentication-Warning: socsvn.freebsd.org: www set sender to
 dpl@FreeBSD.org using -f
From: dpl@FreeBSD.org
To: svn-soc-all@FreeBSD.org
Subject: socsvn commit: r273858 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-soc-all@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for the entire Summer of Code repository
 <svn-soc-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-soc-all>,
 <mailto:svn-soc-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-soc-all/>
List-Post: <mailto:svn-soc-all@freebsd.org>
List-Help: <mailto:svn-soc-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-soc-all>,
 <mailto:svn-soc-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2014 17:02:35 -0000

Author: dpl
Date: Tue Sep  9 17:02:34 2014
New Revision: 273858
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273858

Log:
  Added IP src filtering, still to test, included struct definition at ip_fw_rules.h

Modified:
  soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c
  soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc

Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c
==============================================================================
--- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c	Tue Sep  9 16:57:02 2014	(r273857)
+++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c	Tue Sep  9 17:02:34 2014	(r273858)
@@ -82,6 +82,8 @@
 struct ip_fw_chain;
 struct ip_fw;
 struct _ipfw_insn;
+struct _ipfw_insn_ip;
+struct _ipfw_insn_u16;
 struct _ipfw_insn_if;
 struct _ipfw_dyn_rule;
 

Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc
==============================================================================
--- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc	Tue Sep  9 16:57:02 2014	(r273857)
+++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc	Tue Sep  9 17:02:34 2014	(r273858)
@@ -154,6 +154,7 @@
 	StructType *Ip_fwTy;
 	StructType *Ipfw_insnTy;
 	StructType *IpfwInsnU16Ty;
+	StructType *IpfwInsnIpTy;
 	StructType *Ipfw_dyn_ruleTy;
 	StructType *Ipfw_insn_ifTy;
 	StructType *MbufTy;
@@ -168,6 +169,7 @@
 	PointerType *Ip_fwPtrTy;
 	PointerType *Ipfw_insnPtrTy;
 	PointerType *IpfwInsnU16PtrTy;
+	PointerType *IpfwInsnIpPtrTy;
 	PointerType *Ipfw_dyn_rulePtrTy;
 	PointerType *Ipfw_insn_ifPtrTy;
 	PointerType *MbufPtrTy;
@@ -234,6 +236,7 @@
 		Ip_fwTy = mod->getTypeByName("struct.ip_fw");
 		Ipfw_insnTy = mod->getTypeByName("struct._ipfw_insn");
 		IpfwInsnU16Ty = mod->getTypeByName("struct._ipfw_insn_u16");
+		IpfwInsnIpTy = mod->getTypeByName("struct._ipfw_insn_ip");
 		Ipfw_insn_ifTy = mod->getTypeByName("struct._ipfw_insn_if");
 		Ipfw_dyn_ruleTy = mod->getTypeByName("struct._ipfw_dyn_rule");
 #ifdef __FreeBSD__
@@ -252,6 +255,7 @@
 		Ip_fwPtrTy = PointerType::getUnqual(Ip_fwTy);
 		Ipfw_insnPtrTy = PointerType::getUnqual(Ipfw_insnTy);
 		IpfwInsnU16PtrTy = PointerType::getUnqual(IpfwInsnU16Ty);
+		IpfwInsnIpPtrTy = PointerType::getUnqual(IpfwInsnIpTy);
 		Ipfw_insn_ifPtrTy = PointerType::getUnqual(Ipfw_insn_ifTy);
 		Ipfw_dyn_rulePtrTy = PointerType::getUnqual(Ipfw_dyn_ruleTy);
 #ifdef __FreeBSD__
@@ -1077,6 +1081,23 @@
 	void
 	emit_ip_src()
 	{
+		// match = is_ipv4 &&
+		// 	(((ipfw_insn_ip *)cmd)->addr.s_addr ==
+		// 	src_ip.s_addr);
+
+		// ((ipfw_insn_ip *)cmd)->addr.s_addr
+		// addr only has one element (s_adddr) we only need one GEP.
+		Value *CmdL = Irb.CreateLoad(Cmd);
+		Value *CmdLBitC = Irb.CreateBitCast(CmdL, IpfwInsnIpPtrTy);
+		Value *CmdSAddr = Irb.CreateStructGEP(CmdLBitC, 1);
+		Value *CmdSAddrL = Irb.CreateLoad(CmdSAddr);
+
+		// src_ip.s_addr
+		Value *SrcIpL = Irb.CreateLoad(SrcIp);
+		Value *SrcAddr = Irb.CreateStructGEP(SrcIpL, 0);
+		Value *Comp = Irb.CreateICmpEQ(CmdSAddrL, SrcAddr);
+
+		Value *NewMatch = Irb.CreateAnd(Comp, IsIpv4);
 	}
 
 	// XXX Not tested.
@@ -1155,7 +1176,7 @@
 		BasicBlock *Dst = BasicBlock::Create(Con, "R_Dst", Func);
 		BasicBlock *Loop = BasicBlock::Create(Con, "R_Loop", Func);
 		BasicBlock *ContLoop = BasicBlock::Create(Con, "R_ContLoop", Func);
-		Value Comp;
+		Value *Comp;
 
 		// Perform allocations at the beginning.
 		Value *X = Irb.CreateAlloca(Int16Ty, nullptr, "x");
@@ -1163,9 +1184,9 @@
 		Value *I = Irb.CreateAlloca(Int32Ty, nullptr, "i");
 		// p = ((ipfw_insn_u16 *)cmd)->ports;
 		// XXX TODO Ensure correctness.
-		CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy);
-		Value *Ports = Irb.CreateStructGEP(CMDLBitC, 1);
-		Irb.CreateStore(PortsPtr, P);
+		Value *CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy);
+		Value *Ports = Irb.CreateStructGEP(CmdLBitC, 1);
+		Irb.CreateStore(Ports, P);
 		Value *PL = Irb.CreateLoad(P);
 
 		// (proto == IPPROTO_UDP || proto == IPPROTO_TCP)
@@ -1176,11 +1197,11 @@
 		// (Offset == 0)
 		Value *Comp3 = Irb.CreateICmpEQ(Offset, ConstantInt::get(Offset->getType(), 0));
 		// (OrComps && Comp3)
-		Value *Comp = Irb.CreateAnd(OrComps, Comp3);
+		Comp = Irb.CreateAnd(OrComps, Comp3);
 		Irb.CreateCondBr(Comp, Yes, Out);
 
 		// yes:
-		Irb.SetInserPoint(Yes);
+		Irb.SetInsertPoint(Yes);
 		// if (cmd->opcode == O_IP_SRCPORT)
 		Value *CmdL = Irb.CreateLoad(Cmd);
 		Value *OpcodePtr = Irb.CreateStructGEP(CmdL, 0);
@@ -1188,31 +1209,31 @@
 		Comp = Irb.CreateICmpEQ(Opcode, ConstantInt::get(Opcode->getType(), O_IP_SRCPORT));
 		Irb.CreateCondBr(Comp, Src, Dst);
 		
-		Irb.SetInserPoint(Src);
+		Irb.SetInsertPoint(Src);
 		// 	u_int16_t x = src_port;
 		Irb.CreateStore(SrcPort, X);
 		Irb.CreateBr(Loop);
 
-		Irb.SetInserPoint(Dst);
+		Irb.SetInsertPoint(Dst);
 		// 	u_int16_t x = dst_port;
 		Irb.CreateStore(DstPort, X);
 		Irb.CreateBr(Loop);
 
-		Irb.SetInserPoint(Loop);
+		Irb.SetInsertPoint(Loop);
 		// Loop initialisation
 		// i = cmdlen - 1;
 		// cmdlen: signed
-		Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1);
+		Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1));
 		Irb.CreateStore(Sub, I);
 		Irb.CreateBr(ContLoop);
 
 		// Check condition
-		Irb.SetInserPoint(ContLoop);
+		Irb.SetInsertPoint(ContLoop);
 		// while((!match) && (i>0)) {
 		Value *IL = Irb.CreateLoad(I);
 		Value *MatchL = Irb.CreateLoad(Match);
-		Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0)
-		Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0)
+		Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0));
+		Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0));
 		Value *BreakCond = Irb.CreateAnd(Comp1, Comp2);
 		Irb.CreateCondBr(BreakCond, ContLoop, Out);
 
@@ -1230,7 +1251,7 @@
 		Value *ILD = Irb.CreateNSWSub(IL, ConstantInt::get(I->getType(), 1));
 		Irb.CreateStore(ILD, I);
 		// 	p += 2;
-		Value PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2));
+		Value *PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2));
 		Irb.CreateStore(PGEP, P);
 		Irb.CreateBr(ContLoop);