Minix/netbsd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
58d5f9a2a46f09ca05fc15026cf3bdb7ff4342dd
netbsd/sys/net/npf/npf_ncode.h
Lionel Sambuc 58d5f9a2a4 2012/10/17 12:00:00 UTC
2013-04-06 16:48:33 +02:00

375 lines
8.2 KiB
C
Raw Blame History

/* $NetBSD: npf_ncode.h,v 1.10 2012/07/19 21:52:29 spz Exp $ */
/*-
* Copyright (c) 2009-2010 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This material is based upon work partially supported by The
* NetBSD Foundation under a contract with Mindaugas Rasiukevicius.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* NPF n-code interface.
*
* WARNING: Backwards compatibilty is not _yet_ maintained and instructions
* or their codes may (or may not) change. Expect ABI breakage.
*/
#ifndef _NPF_NCODE_H_
#define _NPF_NCODE_H_
#include "npf.h"
#if defined(_KERNEL)
/*
* N-code processing, validation & building.
*/
void * npf_ncode_alloc(size_t);
void npf_ncode_free(void *, size_t);
int npf_ncode_process(npf_cache_t *, const void *, nbuf_t *, const int);
int npf_ncode_validate(const void *, size_t, int *);
#endif
/* Error codes. */
#define NPF_ERR_OPCODE -1 /* Invalid instruction. */
#define NPF_ERR_JUMP -2 /* Invalid jump (e.g. out of range). */
#define NPF_ERR_REG -3 /* Invalid register. */
#define NPF_ERR_INVAL -4 /* Invalid argument value. */
#define NPF_ERR_RANGE -5 /* Processing out of range. */
/* Number of registers: [0..N] */
#define NPF_NREGS 4
/* Maximum loop count. */
#define NPF_LOOP_LIMIT 100
/* Shift to check if CISC-like instruction. */
#define NPF_CISC_SHIFT 7
#define NPF_CISC_OPCODE(insn) (insn >> NPF_CISC_SHIFT)
/*
* RISC-like n-code instructions.
*/
/* Return, advance, jump, tag and invalidate instructions. */
#define NPF_OPCODE_RET 0x00
#define NPF_OPCODE_ADVR 0x01
#define NPF_OPCODE_J 0x02
#define NPF_OPCODE_INVL 0x03
#define NPF_OPCODE_TAG 0x04
/* Set and load instructions. */
#define NPF_OPCODE_MOVE 0x10
#define NPF_OPCODE_LW 0x11
/* Compare and jump instructions. */
#define NPF_OPCODE_CMP 0x21
#define NPF_OPCODE_CMPR 0x22
#define NPF_OPCODE_BEQ 0x23
#define NPF_OPCODE_BNE 0x24
#define NPF_OPCODE_BGT 0x25
#define NPF_OPCODE_BLT 0x26
/* Arithmetic instructions. */
#define NPF_OPCODE_ADD 0x30
#define NPF_OPCODE_SUB 0x31
#define NPF_OPCODE_MULT 0x32
#define NPF_OPCODE_DIV 0x33
/* Bitwise instructions. */
#define NPF_OPCODE_NOT 0x40
#define NPF_OPCODE_AND 0x41
#define NPF_OPCODE_OR 0x42
#define NPF_OPCODE_XOR 0x43
#define NPF_OPCODE_SLL 0x44
#define NPF_OPCODE_SRL 0x45
/*
* CISC-like n-code instructions.
*/
#define NPF_OPCODE_ETHER 0x80
#define NPF_OPCODE_PROTO 0x81
#define NPF_OPCODE_IP4MASK 0x90
#define NPF_OPCODE_TABLE 0x91
#define NPF_OPCODE_ICMP4 0x92
#define NPF_OPCODE_IP6MASK 0x93
#define NPF_OPCODE_ICMP6 0x94
#define NPF_OPCODE_TCP_PORTS 0xa0
#define NPF_OPCODE_UDP_PORTS 0xa1
#define NPF_OPCODE_TCP_FLAGS 0xa2
#ifdef NPF_OPCODES_STRINGS
# define NPF_OPERAND_NONE 0
# define NPF_OPERAND_REGISTER 1
# define NPF_OPERAND_KEY 2
# define NPF_OPERAND_VALUE 3
# define NPF_OPERAND_SD 4
# define NPF_OPERAND_SD_SRC 1
# define NPF_OPERAND_SD_DST 0
# define NPF_OPERAND_REL_ADDRESS 5
# define NPF_OPERAND_NET_ADDRESS4 6
# define NPF_OPERAND_NET_ADDRESS6 7
# define NPF_OPERAND_ETHER_TYPE 8
# define NPF_OPERAND_SUBNET 9
# define NPF_OPERAND_LENGTH 10
# define NPF_OPERAND_TABLE_ID 11
# define NPF_OPERAND_ICMP_TYPE_CODE 12
# define NPF_OPERAND_TCP_FLAGS_MASK 13
# define NPF_OPERAND_PORT_RANGE 14
# define NPF_OPERAND_PROTO 15
static const struct npf_instruction {
const char * name;
uint8_t op[4];
} npf_instructions[] = {
[NPF_OPCODE_RET] = {
.name = "ret",
.op = {
[0] = NPF_OPERAND_VALUE,
},
},
[NPF_OPCODE_ADVR] = {
.name = "advr",
.op = {
[0] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_J] = {
.name = "j",
.op = {
[0] = NPF_OPERAND_REL_ADDRESS,
},
},
[NPF_OPCODE_INVL] = {
.name = "invl",
},
[NPF_OPCODE_TAG] = {
.name = "tag",
.op = {
[0] = NPF_OPERAND_KEY,
[1] = NPF_OPERAND_VALUE,
},
},
[NPF_OPCODE_MOVE] = {
.name = "move",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_LW] = {
.name = "lw",
.op = {
[0] = NPF_OPERAND_LENGTH,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_CMP] = {
.name = "cmp",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_CMPR] = {
.name = "cmpr",
.op = {
[0] = NPF_OPERAND_REGISTER,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_BEQ] = {
.name = "beq",
.op = {
[0] = NPF_OPERAND_REL_ADDRESS,
},
},
[NPF_OPCODE_BNE] = {
.name = "bne",
.op = {
[0] = NPF_OPERAND_REL_ADDRESS,
},
},
[NPF_OPCODE_BGT] = {
.name = "bge",
.op = {
[0] = NPF_OPERAND_REL_ADDRESS,
},
},
[NPF_OPCODE_BLT] = {
.name = "blt",
.op = {
[0] = NPF_OPERAND_REL_ADDRESS,
},
},
[NPF_OPCODE_ADD] = {
.name = "add",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_SUB] = {
.name = "sub",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_MULT] = {
.name = "mult",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_DIV] = {
.name = "div",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_NOT] = {
.name = "not",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_AND] = {
.name = "and",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_OR] = {
.name = "or",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_XOR] = {
.name = "xor",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_SLL] = {
.name = "sll",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_SRL] = {
.name = "srl",
.op = {
[0] = NPF_OPERAND_VALUE,
[1] = NPF_OPERAND_REGISTER,
},
},
[NPF_OPCODE_ETHER] = {
.name = "ether",
.op = {
[0] = NPF_OPERAND_SD,
[1] = NPF_OPERAND_NET_ADDRESS4,
[2] = NPF_OPERAND_ETHER_TYPE,
},
},
[NPF_OPCODE_PROTO] = {
.name = "proto",
.op = {
[0] = NPF_OPERAND_PROTO,
},
},
[NPF_OPCODE_IP4MASK] = {
.name = "ip4mask",
.op = {
[0] = NPF_OPERAND_SD,
[1] = NPF_OPERAND_NET_ADDRESS4,
[2] = NPF_OPERAND_SUBNET,
},
},
[NPF_OPCODE_TABLE] = {
.name = "table",
.op = {
[0] = NPF_OPERAND_SD,
[1] = NPF_OPERAND_TABLE_ID,
},
},
[NPF_OPCODE_ICMP4] = {
.name = "icmp4",
.op = {
[0] = NPF_OPERAND_ICMP_TYPE_CODE,
},
},
[NPF_OPCODE_ICMP6] = {
.name = "icmp6",
.op = {
[0] = NPF_OPERAND_ICMP_TYPE_CODE,
},
},
[NPF_OPCODE_IP6MASK] = {
.name = "ip6mask",
.op = {
[0] = NPF_OPERAND_SD,
[1] = NPF_OPERAND_NET_ADDRESS6,
[2] = NPF_OPERAND_SUBNET,
},
},
[NPF_OPCODE_TCP_PORTS] = {
.name = "tcp_ports",
.op = {
[0] = NPF_OPERAND_SD,
[1] = NPF_OPERAND_PORT_RANGE,
},
},
[NPF_OPCODE_UDP_PORTS] = {
.name = "udp_ports",
.op = {
[0] = NPF_OPERAND_SD,
[1] = NPF_OPERAND_PORT_RANGE,
},
},
[NPF_OPCODE_TCP_FLAGS] = {
.name = "tcp_flags",
.op = {
[0] = NPF_OPERAND_TCP_FLAGS_MASK,
},
},
};
#endif /* NPF_OPCODES_STRINGS */
#endif /* _NET_NPF_NCODE_H_ */
Reference in New Issue View Git Blame Copy Permalink