static VOID _ExtractIcmp6(VOID* pNbBuffer, ULONG nbLen, OVS_ICMP_HEADER* pIcmpHeader, _Inout_ OVS_OFPACKET_INFO* pPacketInfo)
{
if (pIcmpHeader->code == 0)
{
if (pIcmpHeader->type == OVS_ICMP6_ND_NEIGHBOR_ADVERTISMENT ||
pIcmpHeader->type == OVS_ICMP6_ND_NEIGHBOR_SOLICITATION)
{
ULONG offset = (ULONG)((BYTE*)pIcmpHeader - (BYTE*)pNbBuffer);
ULONG icmpLen = nbLen - offset;
if (pIcmpHeader->type == OVS_ICMP6_ND_NEIGHBOR_SOLICITATION)
{
_ExtractIcmp6_NeighborSolicitation(pIcmpHeader, pPacketInfo, icmpLen);
}
else if (pIcmpHeader->type == OVS_ICMP6_ND_NEIGHBOR_ADVERTISMENT)
{
_ExtractIcmp6_NeighborAdvertisment(pIcmpHeader, pPacketInfo, icmpLen);
}
}
}
//turn each byte as word & turn to BE
pPacketInfo->tpInfo.sourcePort = RtlUshortByteSwap(pIcmpHeader->type);
pPacketInfo->tpInfo.destinationPort = RtlUshortByteSwap(pIcmpHeader->code);
}
void
FillNetwork5Tuple(
_In_ const FWPS_INCOMING_VALUES* inFixedValues,
_In_ ADDRESS_FAMILY addressFamily,
_Inout_ TL_INSPECT_PENDED_PACKET* packet
)
{
UINT localAddrIndex;
UINT remoteAddrIndex;
UINT localPortIndex;
UINT remotePortIndex;
UINT protocolIndex;
GetNetwork5TupleIndexesForLayer(
inFixedValues->layerId,
&localAddrIndex,
&remoteAddrIndex,
&localPortIndex,
&remotePortIndex,
&protocolIndex
);
if (addressFamily == AF_INET)
{
packet->ipv4LocalAddr =
RtlUlongByteSwap( /* host-order -> network-order conversion */
inFixedValues->incomingValue[localAddrIndex].value.uint32
);
packet->ipv4RemoteAddr =
RtlUlongByteSwap( /* host-order -> network-order conversion */
inFixedValues->incomingValue[remoteAddrIndex].value.uint32
);
}
else
{
RtlCopyMemory(
(UINT8*)&packet->localAddr,
inFixedValues->incomingValue[localAddrIndex].value.byteArray16,
sizeof(FWP_BYTE_ARRAY16)
);
RtlCopyMemory(
(UINT8*)&packet->remoteAddr,
inFixedValues->incomingValue[remoteAddrIndex].value.byteArray16,
sizeof(FWP_BYTE_ARRAY16)
);
}
packet->localPort =
RtlUshortByteSwap(
inFixedValues->incomingValue[localPortIndex].value.uint16
);
packet->remotePort =
RtlUshortByteSwap(
inFixedValues->incomingValue[remotePortIndex].value.uint16
);
packet->protocol = inFixedValues->incomingValue[protocolIndex].value.uint8;
return;
}
void CNB::BuildPriorityHeader(PETH_HEADER EthHeader, PVLAN_HEADER VlanHeader) const
{
VlanHeader->TCI = RtlUshortByteSwap(m_ParentNBL->TCI());
if (VlanHeader->TCI != 0)
{
VlanHeader->EthType = EthHeader->EthType;
EthHeader->EthType = RtlUshortByteSwap(PRIO_HEADER_ETH_TYPE);
}
}
LE16 ReadEthernetType(_In_ const OVS_ETHERNET_HEADER* pEthHeader)
{
OVS_CHECK(pEthHeader);
if (RtlUshortByteSwap(pEthHeader->type) == OVS_ETHERTYPE_QTAG)
{
pEthHeader = (OVS_ETHERNET_HEADER*)((BYTE*)pEthHeader + OVS_ETHERNET_VLAN_LEN);
}
return RtlUshortByteSwap(pEthHeader->type);
}
BOOLEAN PacketInfo_Extract(_In_ VOID* pNbBuffer, ULONG nbLen, UINT16 ofSourcePort, _Out_ OVS_OFPACKET_INFO* pPacketInfo)
{
OVS_ETHERNET_HEADER* pEthHeader = NULL;
OVS_ETHERNET_HEADER_TAGGED* pEthHeaderTagged = NULL;
OVS_CHECK(pPacketInfo);
RtlZeroMemory(pPacketInfo, sizeof(OVS_OFPACKET_INFO));
//OVS SPECIFIC / PHYSICAL LAYER
//NOTE: on windows, we don't have "packet priority" and "packet mark" associated with a NET_BUFFER / NET_BUFFER_LIST
pPacketInfo->physical.ofInPort = ofSourcePort;
//I. LINK LAYER
pEthHeader = (OVS_ETHERNET_HEADER*)pNbBuffer;
RtlCopyMemory(pPacketInfo->ethInfo.source, pEthHeader->source_addr, OVS_ETHERNET_ADDRESS_LENGTH);
RtlCopyMemory(pPacketInfo->ethInfo.destination, pEthHeader->destination_addr, OVS_ETHERNET_ADDRESS_LENGTH);
//vlan
if (RtlUshortByteSwap(pEthHeader->type) == OVS_ETHERTYPE_QTAG)
{
pEthHeaderTagged = (OVS_ETHERNET_HEADER_TAGGED*)pEthHeader;
pPacketInfo->ethInfo.tci = pEthHeaderTagged->tci;
OVS_CHECK(RtlUshortByteSwap(pPacketInfo->ethInfo.tci) & OVS_VLAN_TAG_PRESENT);
pEthHeader = (OVS_ETHERNET_HEADER*)((BYTE*)pEthHeader + OVS_ETHERNET_VLAN_LEN);
}
//TODO: we don't support 802.2 frames (LLC). We may need to support them, in the future.
//The NDIS filter part only cares about the 802.3 frames (ATM)
pPacketInfo->ethInfo.type = pEthHeader->type;
switch (RtlUshortByteSwap(pPacketInfo->ethInfo.type))
{
case OVS_ETHERTYPE_IPV4:
return _ExtractIpv4(pNbBuffer, pPacketInfo);
case OVS_ETHERTYPE_IPV6:
return _ExtractIpv6(pNbBuffer, nbLen, pPacketInfo);
case OVS_ETHERTYPE_ARP:
_ExtractArp(pEthHeader, pPacketInfo);
break;
default:
OVS_CHECK(__UNEXPECTED__);
}
return TRUE;
}
static void _HandleParameterProblem(_In_ OVS_ICMP_HEADER* pIcmpHeader)
{
OVS_ICMP_MESSAGE_PARAM_PROBLEM* pMessage = (OVS_ICMP_MESSAGE_PARAM_PROBLEM*)pIcmpHeader;
BYTE* buffer = (BYTE*)pMessage;
UINT16 sourcePort = 0, destPort = 0;
//code 0 may be received from host or gateway
OVS_CHECK(pIcmpHeader->code == 0 || pIcmpHeader->code == 1);
buffer += pMessage->ipv4Header.HeaderLength * sizeof(DWORD);
sourcePort = RtlUshortByteSwap(*((UINT16*)buffer));
buffer += sizeof(UINT16);
destPort = RtlUshortByteSwap(*((UINT16*)buffer));
}
static BOOLEAN _CreateIcmp4Args(const OVS_OFPACKET_INFO* pPacketInfo, OVS_ARGUMENT_SLIST_ENTRY** ppArgList)
{
OVS_PI_ICMP icmpPI = { 0 };
icmpPI.type = (UINT8)RtlUshortByteSwap(pPacketInfo->tpInfo.sourcePort);
icmpPI.code = (UINT8)RtlUshortByteSwap(pPacketInfo->tpInfo.destinationPort);
if (!CreateArgInList(OVS_ARGTYPE_PI_ICMP, &icmpPI, ppArgList))
{
DEBUGP(LOG_ERROR, __FUNCTION__ " failed appending icmp packet info\n");
return FALSE;
}
return TRUE;
}
static BOOLEAN _CreateIcmp6Args(const OVS_OFPACKET_INFO* pPacketInfo, OVS_ARGUMENT_SLIST_ENTRY** ppArgList, _Out_ OVS_PI_ICMP6* pIcmp6PI)
{
OVS_CHECK(pIcmp6PI);
pIcmp6PI->type = (UINT8)RtlUshortByteSwap(pPacketInfo->tpInfo.sourcePort);
pIcmp6PI->code = (UINT8)RtlUshortByteSwap(pPacketInfo->tpInfo.destinationPort);
if (!CreateArgInList(OVS_ARGTYPE_PI_ICMP6, pIcmp6PI, ppArgList))
{
DEBUGP(LOG_ERROR, __FUNCTION__ " failed appending icmp6 packet info\n");
return FALSE;
}
return TRUE;
}
static void _HandleRedirect(_In_ OVS_ICMP_HEADER* pIcmpHeader)
{
OVS_ICMP_MESSAGE_REDIRECT* pMessage = (OVS_ICMP_MESSAGE_REDIRECT*)pIcmpHeader;
BYTE* buffer = (BYTE*)pMessage;
UINT16 sourcePort = 0, destPort = 0;
//0, 1, 2, 3: from gateway
OVS_CHECK(pIcmpHeader->code >= 0 && pIcmpHeader->code <= 3);
buffer += pMessage->ipv4Header.HeaderLength * sizeof(DWORD);
sourcePort = RtlUshortByteSwap(*((UINT16*)buffer));
buffer += sizeof(UINT16);
destPort = RtlUshortByteSwap(*((UINT16*)buffer));
}
/*************************************************************************
* SwapPword@8 (MAPI32.48)
*
* Swap the bytes in a USHORT array.
*
* PARAMS
* lpData [O] Array to swap bytes in
* ulLen [I] Number of USHORT element to swap the bytes of
*
* RETURNS
* Nothing.
*/
VOID WINAPI SwapPword(PUSHORT lpData, ULONG ulLen)
{
ULONG i;
for (i = 0; i < ulLen; i++)
lpData[i] = RtlUshortByteSwap(lpData[i]);
}
static void _HandleTimeExceeded(_In_ OVS_ICMP_HEADER* pIcmpHeader)
{
OVS_ICMP_MESSAGE_TIME_EXCEEDED* pMessage = (OVS_ICMP_MESSAGE_TIME_EXCEEDED*)pIcmpHeader;
BYTE* buffer = (BYTE*)pMessage;
UINT16 sourcePort = 0, destPort = 0;
//0: gateway
//1: host
OVS_CHECK(pIcmpHeader->code == 0 || pIcmpHeader->code == 1);
buffer += pMessage->ipv4Header.HeaderLength * sizeof(DWORD);
sourcePort = RtlUshortByteSwap(*((UINT16*)buffer));
buffer += sizeof(UINT16);
destPort = RtlUshortByteSwap(*((UINT16*)buffer));
}
FORCEINLINE BOOLEAN
natCheckIpHeader(
IN IP_HDR *pIpHeader,
IN ULONG Length,
IN PULONG pOutLen
)
{
ULONG ip_len, hlen;
*pOutLen = 0;
if (pIpHeader->ip_ver != 4)
return FALSE;
hlen = pIpHeader->ip_hlen << 2;
if (hlen < IP_HEADER_LEN)
return FALSE;
ip_len = RtlUshortByteSwap(pIpHeader->ip_len);
if (ip_len > Length)
return FALSE;
if (ip_len != Length) {
if (ip_len > Length || ip_len == 0)
ip_len = Length;
}
if (ip_len < hlen)
return FALSE;
*pOutLen = hlen;
return TRUE;
}
NDIS_STATUS
OvsSlowPathDecapVxlan(const PNET_BUFFER_LIST packet,
OvsIPv4TunnelKey *tunnelKey)
{
NDIS_STATUS status = NDIS_STATUS_FAILURE;
UDPHdr udpStorage;
const UDPHdr *udp;
VXLANHdr *VxlanHeader;
VXLANHdr VxlanHeaderBuffer;
struct IPHdr ip_storage;
const struct IPHdr *nh;
OVS_PACKET_HDR_INFO layers;
layers.value = 0;
do {
nh = OvsGetIp(packet, layers.l3Offset, &ip_storage);
if (nh) {
layers.l4Offset = layers.l3Offset + nh->ihl * 4;
} else {
break;
}
/* make sure it's a VXLAN packet */
udp = OvsGetUdp(packet, layers.l4Offset, &udpStorage);
if (udp) {
layers.l7Offset = layers.l4Offset + sizeof *udp;
} else {
break;
}
/* XXX Should be tested against the dynamic port # in the VXLAN vport */
ASSERT(udp->dest == RtlUshortByteSwap(VXLAN_UDP_PORT));
VxlanHeader = (VXLANHdr *)OvsGetPacketBytes(packet,
sizeof(*VxlanHeader),
layers.l7Offset,
&VxlanHeaderBuffer);
if (VxlanHeader) {
tunnelKey->src = nh->saddr;
tunnelKey->dst = nh->daddr;
tunnelKey->ttl = nh->ttl;
tunnelKey->tos = nh->tos;
if (VxlanHeader->instanceID) {
tunnelKey->flags = OVS_TNL_F_KEY;
tunnelKey->tunnelId = VXLAN_VNI_TO_TUNNELID(VxlanHeader->vxlanID);
} else {
tunnelKey->flags = 0;
tunnelKey->tunnelId = 0;
}
} else {
break;
}
status = NDIS_STATUS_SUCCESS;
} while(FALSE);
return status;
}
static void
natvDumpRulesHelper(
PLIST_ENTRY pRuleHead,
NDIS_SPIN_LOCK *pRuleLock
)
{
FLT_RULE *pRule;
PLIST_ENTRY pRuleEntry;
char pubIpAddrStr[30];
char prvIpAddrStr[30];
char pubMaskStr[30];
char prvMaskStr[30];
NdisAcquireSpinLock(pRuleLock);
for(pRuleEntry = pRuleHead->Flink; pRuleEntry != pRuleHead; pRuleEntry = pRuleEntry->Flink ){
pRule = CONTAINING_RECORD(pRuleEntry, FLT_RULE, ListEntry);
PRINT_IP(pubIpAddrStr, &pRule->pubAddr);
PRINT_IP(pubMaskStr, &pRule->pubMask);
PRINT_IP(prvIpAddrStr, &pRule->prvAddr);
PRINT_IP(prvMaskStr, &pRule->prvMask);
DbgPrint("%s RULE: ALLOW PUB=%s/%s PRV=%s/%s DST PORT=%u\n",
pRule->out ? "OUTGOING" : "INCOMING",
pubIpAddrStr,pubMaskStr,
prvIpAddrStr,prvMaskStr,
RtlUshortByteSwap(pRule->port));
}
NdisReleaseSpinLock(pRuleLock);
}
void DebugPrintIPv4Header(struct IPv4_HEADER * ipv4h)
{
DbgPrint("IPv4 Header { VIDE : %d, TotalLength : %d",
ipv4h->VIDE, RtlUshortByteSwap(ipv4h->TotalLength));
DbgPrint(" Id : %d, Flags & FragmentOffset : %d",
RtlUshortByteSwap(ipv4h->Identification), ipv4h->FFO);
DbgPrint(" TTL : %d, Protocol : %d, HeaderChecksum : %d",
ipv4h->TTL, ipv4h->Protocol, RtlUshortByteSwap(ipv4h->HeaderChecksum));
DbgPrint(" src : %d.%d.%d.%d, dst : %d.%d.%d.%d }",
ipv4h->SourceAddress[0], ipv4h->SourceAddress[1],
ipv4h->SourceAddress[2], ipv4h->SourceAddress[3],
ipv4h->DestinationAddress[0], ipv4h->DestinationAddress[1],
ipv4h->DestinationAddress[2], ipv4h->DestinationAddress[3]
);
}
void DebugPrintARPHeader(struct ARP_HEADER * arph)
{
DbgPrint("ARP Header { Hardware type : %d, Protocol type : %d",
RtlUshortByteSwap(arph->HardwareType), arph->ProtocolType );
DbgPrint(" Hardware size : %d, Protocol size : %d",
arph->HardwareSize, arph->ProtocolSize );
DbgPrint(" Operate code : %d", RtlUshortByteSwap(arph->OperateCode) );
DbgPrint(" Source MAC : %x:%x:%x-%x:%x:%x, Destination MAC : %x:%x:%x-%x:%x:%x",
arph->SourceMACAddress[0], arph->SourceMACAddress[1], arph->SourceMACAddress[2],
arph->SourceMACAddress[3], arph->SourceMACAddress[4], arph->SourceMACAddress[5],
arph->DestinationMACAddress[0], arph->DestinationMACAddress[1], arph->DestinationMACAddress[2],
arph->DestinationMACAddress[3], arph->DestinationMACAddress[4], arph->DestinationMACAddress[5]
);
DbgPrint(" Source IP : %d.%d.%d.%d, Destination IP : %d.%d.%d.%d }",
arph->SourceIPAddress[0], arph->SourceIPAddress[1], arph->SourceIPAddress[2], arph->SourceIPAddress[3],
arph->DestinationIPAddress[0], arph->DestinationIPAddress[1], arph->DestinationIPAddress[2], arph->DestinationIPAddress[3] );
}
static void _HandleDestUnreachable(_In_ OVS_ICMP_HEADER* pIcmpHeader)
{
OVS_ICMP_MESSAGE_DEST_UNREACH* pMessage = (OVS_ICMP_MESSAGE_DEST_UNREACH*)pIcmpHeader;
BYTE* buffer = (BYTE*)pMessage;
UINT16 sourcePort = 0, destPort = 0;
//0, 1, 4, 5: received from gateway
//2, 3: received from host
OVS_CHECK(pIcmpHeader->code >= 0 || pIcmpHeader->code <= 5);
buffer += pMessage->ipv4Header.HeaderLength * sizeof(DWORD);
sourcePort = RtlUshortByteSwap(*((UINT16*)buffer));
buffer += sizeof(UINT16);
destPort = RtlUshortByteSwap(*((UINT16*)buffer));
DEBUGP(LOG_ERROR, "Destination ureachable for ip:\n");
ReadIpv4ProtocolFrame(&pMessage->ipv4Header);
}
static BOOLEAN _GetPIFromArg_Arp(_Inout_ OVS_OFPACKET_INFO* pPacketInfo, _Inout_ OVS_PI_RANGE* pPiRange, _In_ const OVS_ARGUMENT* pArpArg, _In_ BOOLEAN isMask)
{
const OVS_PI_ARP* pArpPI = pArpArg->data;
if (!isMask)
{
EXPECT(RtlUshortByteSwap(pArpPI->operation) <= MAXUINT8);
}
OVS_PI_UPDATE_ARPINFO_FIELD_VALUE(pPacketInfo, pPiRange, source.S_un.S_addr, pArpPI->sourceIp);
OVS_PI_UPDATE_ARPINFO_FIELD_VALUE(pPacketInfo, pPiRange, destination.S_un.S_addr, pArpPI->targetIp);
OVS_PI_UPDATE_ARPINFO_ADDRESS(pPacketInfo, pPiRange, sourceMac, pArpPI->sourceMac);
OVS_PI_UPDATE_ARPINFO_ADDRESS(pPacketInfo, pPiRange, destinationMac, pArpPI->targetMac);
OVS_PI_UPDATE_NETINFO_FIELD_VALUE(pPacketInfo, pPiRange, protocol, (UINT8)RtlUshortByteSwap(pArpPI->operation));
return TRUE;
}
static VOID _ExtractIpv4_Icmp(const OVS_IPV4_HEADER* pIpv4Header, OVS_OFPACKET_INFO* pPacketInfo)
{
OVS_ICMP_HEADER* const pIcmpHeader = (OVS_ICMP_HEADER*)AdvanceIpv4Header(pIpv4Header);
//packet too big and DF is set:
//if the packet that arrived was encapsulated in GRE (i.e. the packet, encapsulated, was too big for mtu),
//then we must update the ICMP's nextHopMtu in the packet, to account for the encapsulation bytes overhead
//(i.e. the protocol driver does not know we intend to encapsulate the packet, when considering the mtu)
//TODO: we should do similar for VXLAN!
if (pIcmpHeader->type == 3 && pIcmpHeader->code == 4)
{
OVS_ICMP_MESSAGE_DEST_UNREACH* pIcmpT3C4 = (OVS_ICMP_MESSAGE_DEST_UNREACH*)pIcmpHeader;
if (pIcmpT3C4->ipv4Header.Protocol == OVS_IPPROTO_GRE)
{
UINT16 nextHopMtu = pIcmpT3C4->nextHopMtu;
nextHopMtu = RtlUshortByteSwap(nextHopMtu);
if (nextHopMtu)
{
const OVS_GRE_HEADER_2890* pGre = AdvanceIpv4Header(&pIcmpT3C4->ipv4Header);
ULONG greSize = Gre_FrameHeaderSize(pGre);
OVS_CHECK(greSize <= OVS_MAX_GRE_HEADER_SIZE);
if (nextHopMtu > greSize + pIcmpT3C4->ipv4Header.HeaderLength * sizeof(DWORD))
{
ULONG icmpHeaderSize;
nextHopMtu -= (UINT16)greSize;
pIcmpT3C4->nextHopMtu = RtlUshortByteSwap(nextHopMtu);
icmpHeaderSize = OVS_ICMP_MESSAGE_DEST_UNREACH_SIZE_BARE + pIcmpT3C4->ipv4Header.HeaderLength * sizeof(DWORD)+8;
pIcmpT3C4->header.checksum = (UINT16)ComputeIpChecksum((BYTE*)pIcmpT3C4, icmpHeaderSize);
pIcmpT3C4->header.checksum = RtlUshortByteSwap(pIcmpT3C4->header.checksum);
}
}
}
}
//turn each byte as word & turn to BE
pPacketInfo->tpInfo.sourcePort = RtlUshortByteSwap(pIcmpHeader->type);
pPacketInfo->tpInfo.destinationPort = RtlUshortByteSwap(pIcmpHeader->code);
}
static void _HandleEcho(_In_ OVS_ICMP_HEADER* pIcmpHeader)
{
OVS_ICMP_MESSAGE_ECHO* pMessage = (OVS_ICMP_MESSAGE_ECHO*)pIcmpHeader;
UNREFERENCED_PARAMETER(pMessage);
DEBUGP_FRAMES(LOG_INFO, "echo: id=%d; seq=%d\n", RtlUshortByteSwap(pMessage->identifier), RtlUshortByteSwap(pMessage->sequenceNumber));
//code 0: from gateway or host
OVS_CHECK(pIcmpHeader->code == 0);
}
static BOOLEAN _MasksFromArgs_HandleEncap(_In_ const OVS_ARGUMENT_GROUP* pMaskGroup, _Inout_ OVS_ARGUMENT* pEncapArg, _Inout_ OVS_ARGUMENT* pEtherTypeArg)
{
BE16 ethType = 0;
BE16 vlanTci = 0;
BOOLEAN ok = TRUE;
OVS_ARGUMENT* pVlanTciArg = NULL;
OVS_CHECK(pEncapArg);
pEncapArg->isDisabled = TRUE;
if (pEtherTypeArg)
{
ethType = GET_ARG_DATA(pEtherTypeArg, BE16);
}
else
{
DEBUGP(LOG_ERROR, "The eth type argument was not found\n");
return FALSE;
}
if (ethType == OVS_PI_MASK_MATCH_EXACT(UINT16))
{
pEtherTypeArg->isDisabled = TRUE;
}
else
{
DEBUGP(LOG_ERROR, "The vlan frame must have an exact match for ethType. Mask value: %x.\n", RtlUshortByteSwap(ethType));
return FALSE;
}
pVlanTciArg = FindArgument(pMaskGroup, OVS_ARGTYPE_PI_VLAN_TCI);
if (pVlanTciArg)
{
vlanTci = GET_ARG_DATA(pVlanTciArg, BE16);
}
else
{
DEBUGP(LOG_ERROR, "vlan tci arg not given");
return FALSE;
}
if (!(vlanTci & RtlUshortByteSwap(OVS_VLAN_TAG_PRESENT)))
{
DEBUGP(LOG_ERROR, "The vlan field 'tag present' bit must be exact match! Mask value: %x.\n", RtlUshortByteSwap(vlanTci));
return FALSE;
}
return ok;
}
static VOID _ExtractArp(OVS_ETHERNET_HEADER* pEthHeader, OVS_OFPACKET_INFO* pPacketInfo)
{
OVS_ARP_HEADER* pArp = GetArpHeader(pEthHeader);
if (pArp->hardwareType == RtlUshortByteSwap(OVS_ARP_HARDWARE_TYPE_ETHERNET) &&
pArp->protocolType == RtlUshortByteSwap(OVS_ETHERTYPE_IPV4) &&
pArp->harwareLength == OVS_ETHERNET_ADDRESS_LENGTH &&
pArp->protocolLength == OVS_IPV4_ADDRESS_LENGTH)
{
pPacketInfo->ipInfo.protocol = (UINT8)RtlUshortByteSwap(pArp->operation);
RtlCopyMemory(&pPacketInfo->netProto.arpInfo.source, pArp->senderProtocolAddress, OVS_IPV4_ADDRESS_LENGTH);
RtlCopyMemory(&pPacketInfo->netProto.arpInfo.destination, pArp->targetProtocolAddress, OVS_IPV4_ADDRESS_LENGTH);
RtlCopyMemory(&pPacketInfo->netProto.arpInfo.sourceMac, pArp->senderHardwareAddress, OVS_ETHERNET_ADDRESS_LENGTH);
RtlCopyMemory(&pPacketInfo->netProto.arpInfo.destinationMac, pArp->targetHardwareAddress, OVS_ETHERNET_ADDRESS_LENGTH);
if (RtlUshortByteSwap(pArp->operation) == OVS_ARP_OPERATION_REPLY)
{
//we must update our arp table, to be able to find dest eth addresses, given dest ipv4 addresses (for tunneling)
Arp_InsertTableEntry(pArp->senderProtocolAddress, pArp->senderHardwareAddress);
}
}
}
void natvLogSession(
IN const char * prefixStr,
IN TRACED_CONNECTION* pItem,
IN ULONG prevState,
IN const char * sufixStr
)
{
TIME_FIELDS TimeFields;
char timeStr[30];
LARGE_INTEGER time;
char dstIpAddrStr[30];
char srcIpAddrStr[30];
KeQuerySystemTime(&time);
ExSystemTimeToLocalTime(&time, &time);
RtlTimeToTimeFields(&time, &TimeFields);
RtlStringCbPrintfA(timeStr, sizeof(timeStr), "%02d:%02d:%02d.%03d ",
TimeFields.Hour, TimeFields.Minute,
TimeFields.Second, TimeFields.Milliseconds);
PRINT_IP(dstIpAddrStr, &pItem->dstIpAddrOrg);
PRINT_IP(srcIpAddrStr, &pItem->srcIpAddrOrg);
DbgPrint("%s %s session %s %s: %s:%u->%s:%u. State %s->%s\n",
timeStr,
prefixStr,
pItem->out ? "OUT" : "IN ",
sufixStr,
srcIpAddrStr,
RtlUshortByteSwap(pItem->srcPortOrg),
dstIpAddrStr,
RtlUshortByteSwap(pItem->dstPortOrg),
natsState2Name(prevState),
natsState2Name(pItem->state)
);
}
static BOOLEAN _GetPIFromArg_EthType(_Inout_ OVS_OFPACKET_INFO* pPacketInfo, _Inout_ OVS_PI_RANGE* pPiRange, _In_ const OVS_ARGUMENT* pEthTypeArg, _In_ BOOLEAN isMask)
{
BE16 ethType = GET_ARG_DATA(pEthTypeArg, BE16);
if (isMask)
{
ethType = OVS_PI_MASK_MATCH_EXACT(UINT16);
}
if (!isMask)
{
EXPECT(RtlUshortByteSwap(ethType) >= OVS_ETHERTYPE_802_3_MIN);
}
OVS_PI_UPDATE_ETHINFO_FIELD(pPacketInfo, pPiRange, pEthTypeArg, BE16, type);
return TRUE;
}
OVS_ETHERNET_HEADER* GetEthernetHeader(_In_ VOID* buffer, _Out_ ULONG* pEthSize)
{
OVS_CHECK(pEthSize);
OVS_CHECK(buffer);
OVS_ETHERNET_HEADER* pEthHeader = (OVS_ETHERNET_HEADER*)buffer;
if (RtlUshortByteSwap(pEthHeader->type) == OVS_ETHERTYPE_QTAG)
{
*pEthSize = sizeof(OVS_ETHERNET_HEADER_TAGGED);
}
else
{
*pEthSize = sizeof(OVS_ETHERNET_HEADER);
}
return pEthHeader;
}
static BOOLEAN _CreateArpArgs(const OVS_OFPACKET_INFO* pPacketInfo, OVS_ARGUMENT_SLIST_ENTRY** ppArgList)
{
OVS_PI_ARP arpPI = { 0 };
arpPI.sourceIp = pPacketInfo->netProto.ipv4Info.source.S_un.S_addr;
arpPI.targetIp = pPacketInfo->netProto.ipv4Info.destination.S_un.S_addr;
arpPI.operation = RtlUshortByteSwap(pPacketInfo->ipInfo.protocol);
RtlCopyMemory(arpPI.sourceMac, pPacketInfo->netProto.arpInfo.sourceMac, OVS_ETHERNET_ADDRESS_LENGTH);
RtlCopyMemory(arpPI.targetMac, pPacketInfo->netProto.arpInfo.destinationMac, OVS_ETHERNET_ADDRESS_LENGTH);
if (!CreateArgInList(OVS_ARGTYPE_PI_ARP, &arpPI, ppArgList))
{
DEBUGP(LOG_ERROR, __FUNCTION__ " failed appending arp packet info\n");
return FALSE;
}
return TRUE;
}
NTSTATUS Ext_StartScsiRequest(_In_ PVOID ExtContext, _In_ PEVHD_EXT_SCSI_PACKET pExtPacket)
{
UNREFERENCED_PARAMETER(ExtContext);
UNREFERENCED_PARAMETER(pExtPacket);
NTSTATUS Status = STATUS_SUCCESS;
UCHAR opCode = pExtPacket->Srb->Cdb[0];
PMDL pMdl = pExtPacket->pMdl;
PEXTENSION_CONTEXT Context = ExtContext;
USHORT wSectors = RtlUshortByteSwap(*(USHORT *)&(pExtPacket->Srb->Cdb[7]));
ULONG dwSectorOffset = RtlUlongByteSwap(*(ULONG *)&(pExtPacket->Srb->Cdb[2]));
switch (opCode)
{
case SCSI_OP_CODE_WRITE_6:
case SCSI_OP_CODE_WRITE_10:
case SCSI_OP_CODE_WRITE_12:
case SCSI_OP_CODE_WRITE_16:
if (Context->pCipherEngine)
{
EXTLOG(LL_VERBOSE, "Write request: %X blocks starting from %X\n", wSectors, dwSectorOffset);
pExtPacket->pMdl = Ext_AllocateInnerMdl(pMdl);
Status = Ext_CryptBlocks(Context, pMdl, pExtPacket->pMdl, pExtPacket->Srb->DataTransferLength, dwSectorOffset, TRUE);
pMdl = pExtPacket->pMdl;
if (pMdl->MdlFlags & MDL_MAPPED_TO_SYSTEM_VA)
MmUnmapLockedPages(pMdl->MappedSystemVa, pMdl);
}
break;
case SCSI_OP_CODE_READ_6:
case SCSI_OP_CODE_READ_10:
case SCSI_OP_CODE_READ_12:
case SCSI_OP_CODE_READ_16:
if (Context->pCipherEngine)
{
EXTLOG(LL_VERBOSE, "Read request: %X blocks starting from %X\n", wSectors, dwSectorOffset);
}
break;
}
return Status;
}
NTSTATUS querycom(PDEVICE_OBJECT dev, PIRP irp, PVOID context)
{
UNREFERENCED_PARAMETER(dev);
UNREFERENCED_PARAMETER(irp);
UNREFERENCED_PARAMETER(context);
DbgPrint("5\n");
if (irp->MdlAddress)
{
TDI_ADDRESS_INFO *tai = (TDI_ADDRESS_INFO*)MmGetSystemAddressForMdlSafe(irp->MdlAddress, NormalPagePriority);
TA_ADDRESS *addr = tai->Address.Address;
TA_IP_ADDRESS *ip = (TA_IP_ADDRESS*)&(addr->Address);
in_addr *ia = (in_addr*)&(ip->Address->Address->in_addr);
DbgPrint("%d.%d.%d.%d:%d\n",
ia->S_un.S_un_b.s_b1 ,
ia->S_un.S_un_b.s_b2,
ia->S_un.S_un_b.s_b3,
ia->S_un.S_un_b.s_b4,
RtlUshortByteSwap(((TDI_ADDRESS_IP*)(addr->Address))->sin_port));
}
return STATUS_MORE_PROCESSING_REQUIRED;
}
NTSTATUS Ext_CompleteScsiRequest(_In_ PVOID ExtContext, _In_ PEVHD_EXT_SCSI_PACKET pExtPacket, _In_ NTSTATUS Status)
{
UCHAR opCode = pExtPacket->Srb->Cdb[0];
PMDL pMdl = pExtPacket->pMdl;
PEXTENSION_CONTEXT Context = ExtContext;
USHORT wSectors = RtlUshortByteSwap(*(USHORT *)&(pExtPacket->Srb->Cdb[7]));
ULONG dwSectorOffset = RtlUlongByteSwap(*(ULONG *)&(pExtPacket->Srb->Cdb[2]));
switch (opCode)
{
case SCSI_OP_CODE_READ_6:
case SCSI_OP_CODE_READ_10:
case SCSI_OP_CODE_READ_12:
case SCSI_OP_CODE_READ_16:
if (Context->pCipherEngine)
{
EXTLOG(LL_VERBOSE, "Read request completed: %X blocks starting from %X\n",
wSectors, dwSectorOffset);
if (NT_SUCCESS(Status)) {
Ext_CryptBlocks(Context, pMdl, pMdl, pExtPacket->Srb->DataTransferLength, dwSectorOffset, FALSE);
}
}
break;
case SCSI_OP_CODE_WRITE_6:
case SCSI_OP_CODE_WRITE_10:
case SCSI_OP_CODE_WRITE_12:
case SCSI_OP_CODE_WRITE_16:
if (Context->pCipherEngine)
{
EXTLOG(LL_VERBOSE, "Write request completed: %X blocks starting from %X\n",
wSectors, dwSectorOffset);
pExtPacket->pMdl = Ext_FreeInnerMdl(pExtPacket->pMdl);
}
break;
}
return Status;
}
BYTE* VerifyArpFrame(BYTE* buffer, ULONG* pLength)
{
OVS_ARP_HEADER* pArpHeader = (OVS_ARP_HEADER*)buffer;
OVS_CHECK(pArpHeader);
WORD op = RtlUshortByteSwap(pArpHeader->operation);
if (RtlUshortByteSwap(pArpHeader->hardwareType) != OVS_ARP_HARDWARE_TYPE_ETHERNET)
{
DEBUGP(LOG_ERROR, "arp: hardware type = 0x%x != 1", RtlUshortByteSwap(pArpHeader->hardwareType));
return NULL;
}
if (pArpHeader->harwareLength != OVS_ETHERNET_ADDRESS_LENGTH)
{
DEBUGP(LOG_ERROR, "arp: hardware length = 0x%x != 6", pArpHeader->harwareLength);
return NULL;
}
if (op != OVS_ARP_OPERATION_REQUEST &&
op != OVS_ARP_OPERATION_REPLY)
{
DEBUGP(LOG_ERROR, "arp: op unknown - 0x%x", RtlUshortByteSwap(pArpHeader->operation));
return NULL;
}
if (pArpHeader->protocolLength != OVS_IPV4_ADDRESS_LENGTH)
{
DEBUGP(LOG_ERROR, "arp: protocol length = 0x%x != 4", pArpHeader->harwareLength);
return NULL;
}
if (RtlUshortByteSwap(pArpHeader->protocolType) != OVS_ETHERTYPE_IPV4)
{
DEBUGP(LOG_ERROR, "arp: protocol type = 0x%x != ipv4", RtlUshortByteSwap(pArpHeader->protocolType));
return NULL;
}
*pLength -= sizeof(OVS_ARP_HEADER);
return buffer + sizeof(OVS_ARP_HEADER);
}