Refactor the generation of the bytecode to parse and detect a packet's protocols #83
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
qdeslandes
force-pushed
the
refactor_packet_parsing
branch
from
9a04ec6 to
792bec9
Compare
Store layer 3 protocol type and offset into the program's runtime context. The program will not accept the packet by default if the L3 protocol is not IPv4, as we aim to support more than just IPv4. Eventually, only the protocols matchers are defined for will be processed.
stub.c contains functions used to generate stub of BPF bytecode, some of the code tries to generate switch-like features, to parse different network protocols for example. However, the C code used to generate the BPF bytecode can become very messy, due to the various jumps required to emulate such functionality. Introduce bf_swich and its API to ease creation of switch-like structures in BPF bytecode. The usage is described in swich.h, but in summary: - Create a bf_swich object, initialize it - Add the various cases, with a value to match against the switch, and a list of instructions to execute if it matches. - Define the default instructions to execute, if any - Generate the bytecode for the operations described above by call bf_swich_geneate.
qdeslandes
force-pushed
the
refactor_packet_parsing
branch
from
792bec9 to
fe7321e
Compare
qdeslandes
force-pushed
the
refactor_packet_parsing
branch
from
0030345 to
e74673a
Compare
Unify naming of the runtime context protocol fields and reorder the fields to group layers together.
Use bf_swich to improve the BPF bytecode generated to process a protocol's header. Reorder some instructions so the logic used to call the various kfunc is clearer and closer to C.
Use a more generic function name to define function generating the BPF bytecode responsible for pre-processing a packet.
Matcher applies a specific logic to the packet's data according to an expected data layout (the procotol header). In order to support various protocol on the same layer, the matcher should check if the protocol they are able to parse is effectively present in the packet.
qdeslandes
force-pushed
the
refactor_packet_parsing
branch
from
e74673a to
9e4d7f5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR refactors the generation of the bytecode used to parse a packet's content, in order to prepare for the program's matchers to be used. It consists in:
bf_swichto emulate a switch-like functionality in BPF bytecode (with doc and unit tests).bf_swichto simplify protocol detection, reorder instructions for more clarity.