2 ** Copyright (c) 2015, Asim Jamshed, Robin Sommer, Seth Hall
3 ** and the International Computer Science Institute. All rights reserved.
5 ** Redistribution and use in source and binary forms, with or without
6 ** modification, are permitted provided that the following conditions are met:
8 ** (1) Redistributions of source code must retain the above copyright
9 ** notice, this list of conditions and the following disclaimer.
11 ** (2) Redistributions in binary form must reproduce the above copyright
12 ** notice, this list of conditions and the following disclaimer in the
13 ** documentation and/or other materials provided with the distribution.
16 ** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 ** AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 ** IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 ** ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
20 ** LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 ** CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 ** SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 ** INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 ** CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 ** ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 ** POSSIBILITY OF SUCH DAMAGE.
29 /* for func prototypes */
32 /* Make Linux headers choose BSD versions of some of the data structures */
36 #include <sys/types.h>
37 /* for [n/h]to[h/n][ls] */
38 #include <netinet/in.h>
40 #include <netinet/ip.h>
42 #include <netinet/ip6.h>
44 #include <netinet/tcp.h>
46 #include <netinet/udp.h>
48 #include <net/ethernet.h>
56 /*---------------------------------------------------------------------*/
58 * * The cache table is used to pick a nice seed for the hash value. It is
59 * * built only once when sym_hash_fn is called for the very first time
62 build_sym_key_cache(uint32_t *cache, int cache_len)
64 static const uint8_t key[] = { 0x50, 0x6d };
66 uint32_t result = (((uint32_t)key[0]) << 24) |
67 (((uint32_t)key[1]) << 16) |
68 (((uint32_t)key[0]) << 8) |
74 for (i = 0; i < cache_len; i++, idx++) {
75 uint8_t shift = (idx % 8);
79 bit = ((key[(idx/8) & 1] << shift) & 0x80) ? 1 : 0;
80 result = ((result << 1) | bit);
85 build_byte_cache(uint32_t byte_cache[256][4])
87 #define KEY_CACHE_LEN 96
89 uint32_t key_cache[KEY_CACHE_LEN];
91 build_sym_key_cache(key_cache, KEY_CACHE_LEN);
93 for (i = 0; i < 4; i++) {
94 for (j = 0; j < 256; j++) {
97 for (k = 0; k < 8; k++) {
99 byte_cache[j][i] ^= key_cache[8 * i + k];
107 /*---------------------------------------------------------------------*/
109 ** Computes symmetric hash based on the 4-tuple header data
112 sym_hash_fn(uint32_t sip, uint32_t dip, uint16_t sp, uint32_t dp)
115 static int first_time = 1;
116 static uint32_t byte_cache[256][4];
117 uint8_t *sip_b = (uint8_t *)&sip,
118 *dip_b = (uint8_t *)&dip,
119 *sp_b = (uint8_t *)&sp,
120 *dp_b = (uint8_t *)&dp;
123 build_byte_cache(byte_cache);
127 rc = byte_cache[sip_b[3]][0] ^
128 byte_cache[sip_b[2]][1] ^
129 byte_cache[sip_b[1]][2] ^
130 byte_cache[sip_b[0]][3] ^
131 byte_cache[dip_b[3]][0] ^
132 byte_cache[dip_b[2]][1] ^
133 byte_cache[dip_b[1]][2] ^
134 byte_cache[dip_b[0]][3] ^
135 byte_cache[sp_b[1]][0] ^
136 byte_cache[sp_b[0]][1] ^
137 byte_cache[dp_b[1]][2] ^
138 byte_cache[dp_b[0]][3];
142 static uint32_t decode_gre_hash(const uint8_t *, uint8_t, uint8_t);
143 /*---------------------------------------------------------------------*/
145 ** Parser + hash function for the IPv4 packet
148 decode_ip_n_hash(const struct ip *iph, uint8_t hash_split, uint8_t seed)
152 if (iph->ip_hl < 5 || iph->ip_hl * 4 > iph->ip_len) {
154 } else if (hash_split == 2) {
155 rc = sym_hash_fn(ntohl(iph->ip_src.s_addr),
156 ntohl(iph->ip_dst.s_addr),
157 ntohs(0xFFFD) + seed,
158 ntohs(0xFFFE) + seed);
160 const struct tcphdr *tcph = NULL;
161 const struct udphdr *udph = NULL;
165 tcph = (const struct tcphdr *)((const uint8_t *)iph + (iph->ip_hl<<2));
166 rc = sym_hash_fn(ntohl(iph->ip_src.s_addr),
167 ntohl(iph->ip_dst.s_addr),
168 ntohs(tcph->th_sport) + seed,
169 ntohs(tcph->th_dport) + seed);
172 udph = (const struct udphdr *)((const uint8_t *)iph + (iph->ip_hl<<2));
173 rc = sym_hash_fn(ntohl(iph->ip_src.s_addr),
174 ntohl(iph->ip_dst.s_addr),
175 ntohs(udph->uh_sport) + seed,
176 ntohs(udph->uh_dport) + seed);
180 rc = decode_ip_n_hash((const struct ip *)((const uint8_t *)iph + (iph->ip_hl<<2)),
184 rc = decode_gre_hash((const uint8_t *)iph + (iph->ip_hl<<2),
193 ** the hash strength (although weaker but) should still hold
194 ** even with 2 fields
196 rc = sym_hash_fn(ntohl(iph->ip_src.s_addr),
197 ntohl(iph->ip_dst.s_addr),
198 ntohs(0xFFFD) + seed,
199 ntohs(0xFFFE) + seed);
205 /*---------------------------------------------------------------------*/
207 ** Parser + hash function for the IPv6 packet
210 decode_ipv6_n_hash(const struct ip6_hdr *ipv6h, uint8_t hash_split, uint8_t seed)
212 uint32_t saddr, daddr;
215 /* Get only the first 4 octets */
216 saddr = ipv6h->ip6_src.s6_addr[0] |
217 (ipv6h->ip6_src.s6_addr[1] << 8) |
218 (ipv6h->ip6_src.s6_addr[2] << 16) |
219 (ipv6h->ip6_src.s6_addr[3] << 24);
220 daddr = ipv6h->ip6_dst.s6_addr[0] |
221 (ipv6h->ip6_dst.s6_addr[1] << 8) |
222 (ipv6h->ip6_dst.s6_addr[2] << 16) |
223 (ipv6h->ip6_dst.s6_addr[3] << 24);
225 if (hash_split == 2) {
226 rc = sym_hash_fn(ntohl(saddr),
228 ntohs(0xFFFD) + seed,
229 ntohs(0xFFFE) + seed);
231 const struct tcphdr *tcph = NULL;
232 const struct udphdr *udph = NULL;
234 switch(ntohs(ipv6h->ip6_ctlun.ip6_un1.ip6_un1_nxt)) {
236 tcph = (const struct tcphdr *)(ipv6h + 1);
237 rc = sym_hash_fn(ntohl(saddr),
239 ntohs(tcph->th_sport) + seed,
240 ntohs(tcph->th_dport) + seed);
243 udph = (const struct udphdr *)(ipv6h + 1);
244 rc = sym_hash_fn(ntohl(saddr),
246 ntohs(udph->uh_sport) + seed,
247 ntohs(udph->uh_dport) + seed);
251 rc = decode_ip_n_hash((const struct ip *)(ipv6h + 1),
256 rc = decode_ipv6_n_hash((const struct ip6_hdr *)(ipv6h + 1),
260 rc = decode_gre_hash((const uint8_t *)(ipv6h + 1), hash_split, seed);
268 ** the hash strength (although weaker but) should still hold
269 ** even with 2 fields
271 rc = sym_hash_fn(ntohl(saddr),
273 ntohs(0xFFFD) + seed,
274 ntohs(0xFFFE) + seed);
279 /*---------------------------------------------------------------------*/
281 * * A temp solution while hash for other protocols are filled...
282 * * (See decode_vlan_n_hash & pkt_hdr_hash functions).
285 decode_others_n_hash(const struct ether_header *ethh, uint8_t seed)
287 uint32_t saddr, daddr, rc;
289 saddr = ethh->ether_shost[5] |
290 (ethh->ether_shost[4] << 8) |
291 (ethh->ether_shost[3] << 16) |
292 (ethh->ether_shost[2] << 24);
293 daddr = ethh->ether_dhost[5] |
294 (ethh->ether_dhost[4] << 8) |
295 (ethh->ether_dhost[3] << 16) |
296 (ethh->ether_dhost[2] << 24);
298 rc = sym_hash_fn(ntohl(saddr),
300 ntohs(0xFFFD) + seed,
301 ntohs(0xFFFE) + seed);
305 /*---------------------------------------------------------------------*/
307 ** Parser + hash function for VLAN packet
309 static inline uint32_t
310 decode_vlan_n_hash(const struct ether_header *ethh, uint8_t hash_split, uint8_t seed)
313 const struct vlanhdr *vhdr = (const struct vlanhdr *)(ethh + 1);
315 switch (ntohs(vhdr->proto)) {
317 rc = decode_ip_n_hash((const struct ip *)(vhdr + 1),
321 rc = decode_ipv6_n_hash((const struct ip6_hdr *)(vhdr + 1),
327 rc = decode_others_n_hash(ethh, seed);
333 /*---------------------------------------------------------------------*/
335 ** General parser + hash function...
338 pkt_hdr_hash(const unsigned char *buffer, uint8_t hash_split, uint8_t seed)
341 const struct ether_header *ethh = (const struct ether_header *)buffer;
343 switch (ntohs(ethh->ether_type)) {
345 rc = decode_ip_n_hash((const struct ip *)(ethh + 1),
349 rc = decode_ipv6_n_hash((const struct ip6_hdr *)(ethh + 1),
353 rc = decode_vlan_n_hash(ethh, hash_split, seed);
358 rc = decode_others_n_hash(ethh, seed);
365 /*---------------------------------------------------------------------*/
367 ** Parser + hash function for the GRE packet
370 decode_gre_hash(const uint8_t *grehdr, uint8_t hash_split, uint8_t seed)
373 int len = 4 + 2 * (!!(*grehdr & 1) + /* Checksum */
374 !!(*grehdr & 2) + /* Routing */
375 !!(*grehdr & 4) + /* Key */
376 !!(*grehdr & 8)); /* Sequence Number */
377 uint16_t proto = ntohs(*(const uint16_t *)(const void *)(grehdr + 2));
381 rc = decode_ip_n_hash((const struct ip *)(grehdr + len),
385 rc = decode_ipv6_n_hash((const struct ip6_hdr *)(grehdr + len),
388 case 0x6558: /* Transparent Ethernet Bridging */
389 rc = pkt_hdr_hash(grehdr + len, hash_split, seed);
397 /*---------------------------------------------------------------------*/