Date: Tue, 9 Sep 2014 17:02:34 GMT From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273858 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw Message-ID: <201409091702.s89H2Ymm008510@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dpl Date: Tue Sep 9 17:02:34 2014 New Revision: 273858 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273858 Log: Added IP src filtering, still to test, included struct definition at ip_fw_rules.h Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Tue Sep 9 16:57:02 2014 (r273857) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Tue Sep 9 17:02:34 2014 (r273858) @@ -82,6 +82,8 @@ struct ip_fw_chain; struct ip_fw; struct _ipfw_insn; +struct _ipfw_insn_ip; +struct _ipfw_insn_u16; struct _ipfw_insn_if; struct _ipfw_dyn_rule; Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 16:57:02 2014 (r273857) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 17:02:34 2014 (r273858) @@ -154,6 +154,7 @@ StructType *Ip_fwTy; StructType *Ipfw_insnTy; StructType *IpfwInsnU16Ty; + StructType *IpfwInsnIpTy; StructType *Ipfw_dyn_ruleTy; StructType *Ipfw_insn_ifTy; StructType *MbufTy; @@ -168,6 +169,7 @@ PointerType *Ip_fwPtrTy; PointerType *Ipfw_insnPtrTy; PointerType *IpfwInsnU16PtrTy; + PointerType *IpfwInsnIpPtrTy; PointerType *Ipfw_dyn_rulePtrTy; PointerType *Ipfw_insn_ifPtrTy; PointerType *MbufPtrTy; @@ -234,6 +236,7 @@ Ip_fwTy = mod->getTypeByName("struct.ip_fw"); Ipfw_insnTy = mod->getTypeByName("struct._ipfw_insn"); IpfwInsnU16Ty = mod->getTypeByName("struct._ipfw_insn_u16"); + IpfwInsnIpTy = mod->getTypeByName("struct._ipfw_insn_ip"); Ipfw_insn_ifTy = mod->getTypeByName("struct._ipfw_insn_if"); Ipfw_dyn_ruleTy = mod->getTypeByName("struct._ipfw_dyn_rule"); #ifdef __FreeBSD__ @@ -252,6 +255,7 @@ Ip_fwPtrTy = PointerType::getUnqual(Ip_fwTy); Ipfw_insnPtrTy = PointerType::getUnqual(Ipfw_insnTy); IpfwInsnU16PtrTy = PointerType::getUnqual(IpfwInsnU16Ty); + IpfwInsnIpPtrTy = PointerType::getUnqual(IpfwInsnIpTy); Ipfw_insn_ifPtrTy = PointerType::getUnqual(Ipfw_insn_ifTy); Ipfw_dyn_rulePtrTy = PointerType::getUnqual(Ipfw_dyn_ruleTy); #ifdef __FreeBSD__ @@ -1077,6 +1081,23 @@ void emit_ip_src() { + // match = is_ipv4 && + // (((ipfw_insn_ip *)cmd)->addr.s_addr == + // src_ip.s_addr); + + // ((ipfw_insn_ip *)cmd)->addr.s_addr + // addr only has one element (s_adddr) we only need one GEP. + Value *CmdL = Irb.CreateLoad(Cmd); + Value *CmdLBitC = Irb.CreateBitCast(CmdL, IpfwInsnIpPtrTy); + Value *CmdSAddr = Irb.CreateStructGEP(CmdLBitC, 1); + Value *CmdSAddrL = Irb.CreateLoad(CmdSAddr); + + // src_ip.s_addr + Value *SrcIpL = Irb.CreateLoad(SrcIp); + Value *SrcAddr = Irb.CreateStructGEP(SrcIpL, 0); + Value *Comp = Irb.CreateICmpEQ(CmdSAddrL, SrcAddr); + + Value *NewMatch = Irb.CreateAnd(Comp, IsIpv4); } // XXX Not tested. @@ -1155,7 +1176,7 @@ BasicBlock *Dst = BasicBlock::Create(Con, "R_Dst", Func); BasicBlock *Loop = BasicBlock::Create(Con, "R_Loop", Func); BasicBlock *ContLoop = BasicBlock::Create(Con, "R_ContLoop", Func); - Value Comp; + Value *Comp; // Perform allocations at the beginning. Value *X = Irb.CreateAlloca(Int16Ty, nullptr, "x"); @@ -1163,9 +1184,9 @@ Value *I = Irb.CreateAlloca(Int32Ty, nullptr, "i"); // p = ((ipfw_insn_u16 *)cmd)->ports; // XXX TODO Ensure correctness. - CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy); - Value *Ports = Irb.CreateStructGEP(CMDLBitC, 1); - Irb.CreateStore(PortsPtr, P); + Value *CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy); + Value *Ports = Irb.CreateStructGEP(CmdLBitC, 1); + Irb.CreateStore(Ports, P); Value *PL = Irb.CreateLoad(P); // (proto == IPPROTO_UDP || proto == IPPROTO_TCP) @@ -1176,11 +1197,11 @@ // (Offset == 0) Value *Comp3 = Irb.CreateICmpEQ(Offset, ConstantInt::get(Offset->getType(), 0)); // (OrComps && Comp3) - Value *Comp = Irb.CreateAnd(OrComps, Comp3); + Comp = Irb.CreateAnd(OrComps, Comp3); Irb.CreateCondBr(Comp, Yes, Out); // yes: - Irb.SetInserPoint(Yes); + Irb.SetInsertPoint(Yes); // if (cmd->opcode == O_IP_SRCPORT) Value *CmdL = Irb.CreateLoad(Cmd); Value *OpcodePtr = Irb.CreateStructGEP(CmdL, 0); @@ -1188,31 +1209,31 @@ Comp = Irb.CreateICmpEQ(Opcode, ConstantInt::get(Opcode->getType(), O_IP_SRCPORT)); Irb.CreateCondBr(Comp, Src, Dst); - Irb.SetInserPoint(Src); + Irb.SetInsertPoint(Src); // u_int16_t x = src_port; Irb.CreateStore(SrcPort, X); Irb.CreateBr(Loop); - Irb.SetInserPoint(Dst); + Irb.SetInsertPoint(Dst); // u_int16_t x = dst_port; Irb.CreateStore(DstPort, X); Irb.CreateBr(Loop); - Irb.SetInserPoint(Loop); + Irb.SetInsertPoint(Loop); // Loop initialisation // i = cmdlen - 1; // cmdlen: signed - Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1); + Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1)); Irb.CreateStore(Sub, I); Irb.CreateBr(ContLoop); // Check condition - Irb.SetInserPoint(ContLoop); + Irb.SetInsertPoint(ContLoop); // while((!match) && (i>0)) { Value *IL = Irb.CreateLoad(I); Value *MatchL = Irb.CreateLoad(Match); - Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0) - Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0) + Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0)); + Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0)); Value *BreakCond = Irb.CreateAnd(Comp1, Comp2); Irb.CreateCondBr(BreakCond, ContLoop, Out); @@ -1230,7 +1251,7 @@ Value *ILD = Irb.CreateNSWSub(IL, ConstantInt::get(I->getType(), 1)); Irb.CreateStore(ILD, I); // p += 2; - Value PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2)); + Value *PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2)); Irb.CreateStore(PGEP, P); Irb.CreateBr(ContLoop);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201409091702.s89H2Ymm008510>