From owner-svn-soc-all@FreeBSD.ORG Sun Sep 7 00:13:20 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 257B074F for ; Sun, 7 Sep 2014 00:13:20 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 058ED17FA for ; Sun, 7 Sep 2014 00:13:20 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s870DJ7w012849 for ; Sun, 7 Sep 2014 00:13:19 GMT (envelope-from pedrosouza@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s870DI2a011961 for svn-soc-all@FreeBSD.org; Sun, 7 Sep 2014 00:13:18 GMT (envelope-from pedrosouza@FreeBSD.org) Date: Sun, 7 Sep 2014 00:13:18 GMT Message-Id: <201409070013.s870DI2a011961@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to pedrosouza@FreeBSD.org using -f From: pedrosouza@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273744 - soc2014/pedrosouza/lua_loader/head/sys/boot/lua MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Sep 2014 00:13:20 -0000 Author: pedrosouza Date: Sun Sep 7 00:13:17 2014 New Revision: 273744 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273744 Log: Added proper loader color checking Modified: soc2014/pedrosouza/lua_loader/head/sys/boot/lua/core.lua soc2014/pedrosouza/lua_loader/head/sys/boot/lua/drawer.lua soc2014/pedrosouza/lua_loader/head/sys/boot/lua/loader.lua soc2014/pedrosouza/lua_loader/head/sys/boot/lua/menu.lua soc2014/pedrosouza/lua_loader/head/sys/boot/lua/screen.lua Modified: soc2014/pedrosouza/lua_loader/head/sys/boot/lua/core.lua ============================================================================== --- soc2014/pedrosouza/lua_loader/head/sys/boot/lua/core.lua Sat Sep 6 22:38:32 2014 (r273743) +++ soc2014/pedrosouza/lua_loader/head/sys/boot/lua/core.lua Sun Sep 7 00:13:17 2014 (r273744) @@ -80,4 +80,25 @@ function core.boot() loader.perform("boot"); +end + +function core.bootserial() + local c = loader.getenv("console"); + + if c ~= nil then + if c:find("comconsole") ~= nil then + return true; + end + end + + local s = loader.getenv("boot_serial"); + if s ~= nil then + return true; + end + + local m = loader.getenv("boot_multicons"); + if m ~= nil then + return true; + end + return false; end \ No newline at end of file Modified: soc2014/pedrosouza/lua_loader/head/sys/boot/lua/drawer.lua ============================================================================== --- soc2014/pedrosouza/lua_loader/head/sys/boot/lua/drawer.lua Sat Sep 6 22:38:32 2014 (r273743) +++ soc2014/pedrosouza/lua_loader/head/sys/boot/lua/drawer.lua Sun Sep 7 00:13:17 2014 (r273744) @@ -111,9 +111,6 @@ " .---.....----." }; -function drawer.isColorEnabled() - return true; -end function drawer.draw(x, y, logo) for i = 1, #logo do @@ -126,11 +123,11 @@ local x = tonumber(loader.getenv("loader_brand_x")); local y = tonumber(loader.getenv("loader_brand_y")); - if (x == nil) then x = drawer.brand_position.x; end - if (y == nil) then y = drawer.brand_position.y; end + if not x then x = drawer.brand_position.x; end + if not y then y = drawer.brand_position.y; end local logo = load("return " .. tostring(loader.getenv("loader_brand")))(); - if (logo == nil) then logo = drawer.fbsd_logo; end + if not logo then logo = drawer.fbsd_logo; end drawer.draw(x, y, logo); end @@ -138,20 +135,34 @@ local x = tonumber(loader.getenv("loader_logo_x")); local y = tonumber(loader.getenv("loader_logo_y")); - if (x == nil) then x = drawer.logo_position.x; end - if (y == nil) then y = drawer.logo_position.y; end + if not x then x = drawer.logo_position.x; end + if not y then y = drawer.logo_position.y; end local logo = loader.getenv("loader_logo"); - if (logo == "beastie") then logo = drawer.beastie_color; - elseif (logo == "beastiebw") then logo = drawer.beastie; - elseif (logo == "fbsdbw") then logo = drawer.fbsd_logo_v; - elseif (logo == "orb") then logo = drawer.orb_color; - elseif (logo == "orbbw") then logo = drawer.orb; - elseif (logo == "tribute") then logo = drawer.fbsd_logo; - elseif (logo == "tributebw") then logo = drawer.fbsd_logo; - elseif (logo == nil) then - if (drawer.isColorEnabled() == true) then logo = drawer.orb_color; + local s = {x = 0, y = 0}; + local colored = color.isEnabled(); + + if logo == "beastie" then + if colored then logo = drawer.beastie_color; end + elseif logo == "beastiebw" then + logo = drawer.beastie; + elseif logo == "fbsdbw" then + logo = drawer.fbsd_logo_v; + s = drawer.fbsd_logo_shift; + elseif logo == "orb" then + if colored then logo = drawer.orb_color; end + s = drawer.orb_shift; + elseif logo == "orbbw" then + logo = drawer.orb; + s = drawer.orb_shift; + elseif logo == "tribute" then + logo = drawer.fbsd_logo; + elseif logo == "tributebw" then + logo = drawer.fbsd_logo; + end + if not logo then + if colored then logo = drawer.orb_color; else logo = drawer.orb; end end - drawer.draw(x, y, logo); + drawer.draw(x + s.x, y + s.y, logo); end \ No newline at end of file Modified: soc2014/pedrosouza/lua_loader/head/sys/boot/lua/loader.lua ============================================================================== --- soc2014/pedrosouza/lua_loader/head/sys/boot/lua/loader.lua Sat Sep 6 22:38:32 2014 (r273743) +++ soc2014/pedrosouza/lua_loader/head/sys/boot/lua/loader.lua Sun Sep 7 00:13:17 2014 (r273744) @@ -7,10 +7,11 @@ end end -include("/boot/menu.lua"); + include("/boot/password.lua"); include("/boot/config.lua"); - config.load(); password.check(); + +include("/boot/menu.lua"); menu.run(); Modified: soc2014/pedrosouza/lua_loader/head/sys/boot/lua/menu.lua ============================================================================== --- soc2014/pedrosouza/lua_loader/head/sys/boot/lua/menu.lua Sat Sep 6 22:38:32 2014 (r273743) +++ soc2014/pedrosouza/lua_loader/head/sys/boot/lua/menu.lua Sun Sep 7 00:13:17 2014 (r273744) @@ -23,6 +23,13 @@ end function menu.run(opts) + + -- no escape code supported do not draw menu + if core.bootserial() then + core.autoboot(); + return; + end + if (opts == nil) then opts = menu.options; end @@ -213,7 +220,7 @@ if (b) then return str .. color.escapef(color.GREEN).."On"..color.escapef(color.WHITE); else - return str .. color.escapef(color.RED).."Off"..color.escapef(color.WHITE); + return str .. color.escapef(color.RED).."off"..color.escapef(color.WHITE); end end Modified: soc2014/pedrosouza/lua_loader/head/sys/boot/lua/screen.lua ============================================================================== --- soc2014/pedrosouza/lua_loader/head/sys/boot/lua/screen.lua Sat Sep 6 22:38:32 2014 (r273743) +++ soc2014/pedrosouza/lua_loader/head/sys/boot/lua/screen.lua Sun Sep 7 00:13:17 2014 (r273744) @@ -1,3 +1,5 @@ +include("/boot/core.lua"); + screen = {}; color = {}; @@ -14,41 +16,62 @@ color.BRIGHT = 1; color.DIM = 2; +function color.isEnabled() + local c = loader.getenv("loader_color"); + if c ~= nil then + if c:lower() == "no" or c == "0" then + return false; + end + end + return not core.bootserial(); +end + +color.disabled = not color.isEnabled(); + function color.escapef(c) + if color.disabled then return c; end return "\027[3"..c.."m"; end function color.escapeb(c) + if color.disabled then return c; end return "\027[4"..c.."m"; end function color.escape(fg, bg, att) + if color.disabled then return ""; end if not att then att = "" else att = att..";"; end return "\027["..att.."3"..fg..";4"..bg.."m"; end function color.default() + if color.disabled then return ""; end return "\027[0;37;40m"; end function color.highlight(str) + if color.disabled then return str; end return "\027[1m"..str.."\027[0m"; end function screen.clear() + if core.bootserial() then return; end print("\027[H\027[J"); end function screen.setcursor(x, y) + if core.bootserial() then return; end print("\027["..y..";"..x.."H"); end function screen.setforeground(c) + if color.disabled then return c; end print("\027[3"..c.."m"); end function screen.setbackground(c) + if color.disabled then return c; end print("\027[4"..c.."m"); end @@ -57,5 +80,6 @@ end function screen.defcursor() + if core.bootserial() then return; end print("\027[25;0H"); end \ No newline at end of file From owner-svn-soc-all@FreeBSD.ORG Mon Sep 8 16:54:39 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E31A5571 for ; Mon, 8 Sep 2014 16:54:39 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C33B91A46 for ; Mon, 8 Sep 2014 16:54:39 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s88GsdHq071605 for ; Mon, 8 Sep 2014 16:54:39 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s88Gsd4j071601 for svn-soc-all@FreeBSD.org; Mon, 8 Sep 2014 16:54:39 GMT (envelope-from dpl@FreeBSD.org) Date: Mon, 8 Sep 2014 16:54:39 GMT Message-Id: <201409081654.s88Gsd4j071601@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273809 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2014 16:54:40 -0000 Author: dpl Date: Mon Sep 8 16:54:38 2014 New Revision: 273809 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273809 Log: Squashed some bugs. It works now. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c Mon Sep 8 15:42:47 2014 (r273808) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c Mon Sep 8 16:54:38 2014 (r273809) @@ -147,6 +147,7 @@ ret = ipfw_chk_jit(args, chain); IPFW_PF_RUNLOCK(chain); } + #include return (ret); } Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Mon Sep 8 15:42:47 2014 (r273808) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Mon Sep 8 16:54:38 2014 (r273809) @@ -44,10 +44,16 @@ using namespace llvm; +// if (logging) { +// Value *Str = Irb.CreateGlobalString("\nipfw_chk_jit(): firstf\n\n"); +// Value *StrFirstElement = Irb.CreateStructGEP(Str, 0); +// Irb.CreateCall(PrintfFunc, StrFirstElement); +// } + class ipfwJIT { Module *mod; Function *Func; - LLVMContext *Con; + LLVMContext &Con; IRBuilder<> Irb; // We'll store the BasicBlock objects for each rule here. @@ -135,7 +141,6 @@ Function *Set_match; Function *Jump_fast; - // Not pkg-filtering related funcs. Function *PrintfFunc; Function *Ipfw_find_rule; @@ -175,7 +180,7 @@ return (NULL); } - auto modptr = parseBitcodeFile(buff.get().get(), *Con); + auto modptr = parseBitcodeFile(buff.get().get(), Con); if ((modptr.getError())){ std::cerr << "Failed to parse bitcode: " << buff.getError() << "\n"; return (NULL); @@ -186,7 +191,7 @@ BasicBlock* nextRule() { - int nextn = rulenumber+1; + int nextn = rulenumber + 1; if (nextn >= rules.size()) return (End); else @@ -209,10 +214,10 @@ Chain = &arglist.back(); // Get Type objects - Int8Ty = Type::getInt8Ty(*Con); - Int16Ty = Type::getInt16Ty(*Con); - Int32Ty = Type::getInt32Ty(*Con); - Int64Ty = Type::getInt64Ty(*Con); + Int8Ty = Type::getInt8Ty(Con); + Int16Ty = Type::getInt16Ty(Con); + Int32Ty = Type::getInt32Ty(Con); + Int64Ty = Type::getInt64Ty(Con); Int8PtrTy = PointerType::getUnqual(Int8Ty); // Get StrucType from bitcode. @@ -281,108 +286,98 @@ allocaAndInit() { Irb.SetInsertPoint(Entry); - // Control flow variables. - L = Irb.CreateAlloca(Int32Ty); - Done = Irb.CreateAlloca(Int32Ty); + // Control flow variables. + Done = Irb.CreateAlloca(Int32Ty, nullptr, "done"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Done); - FPos = Irb.CreateAlloca(Int32Ty); + FPos = Irb.CreateAlloca(Int32Ty, nullptr, "fpos"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), FPos); - Retval = Irb.CreateAlloca(Int32Ty); + Retval = Irb.CreateAlloca(Int32Ty, nullptr, "retval"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Retval); - Cmd = Irb.CreateAlloca(Ipfw_insnPtrTy); - Tablearg = Irb.CreateAlloca(Int32Ty); - CmdLen = Irb.CreateAlloca(Int32Ty); - SkipOr = Irb.CreateAlloca(Int32Ty); - F = Irb.CreateAlloca(Ip_fwPtrTy); - // m = args->m (idx: 0) - MPtr = Irb.CreateAlloca(MbufPtrTy); + MPtr = Irb.CreateAlloca(MbufPtrTy, nullptr, "m"); Irb.CreateStore(Irb.CreateLoad(Irb.CreateStructGEP(Args, 0)), MPtr); Value *M = Irb.CreateLoad(MPtr); // ip = (struct ip *)((m)->m_data) (idx: 2) - IpPtr = Irb.CreateAlloca(IpPtrTy); + IpPtr = Irb.CreateAlloca(IpPtrTy, nullptr, "ip"); Value *M_data = Irb.CreateStructGEP(M, 2); Value *M_casted = Irb.CreateBitCast(M_data, IpPtrTy); Irb.CreateStore(M_casted, IpPtr); - Ucred_cache = Irb.CreateAlloca(UcredTy); // Init: NULL if type ucred. - - Ucred_lookup = Irb.CreateAlloca(Int32Ty); + Ucred_lookup = Irb.CreateAlloca(Int32Ty, nullptr, "ucred_lookup"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Ucred_lookup); - Oif = Irb.CreateAlloca(IfnetTy); // Init: args->oif + Oif = Irb.CreateAlloca(IfnetTy, nullptr, "oif"); // Init: args->oif Irb.CreateLoad(Irb.CreateStructGEP(Args, 1), Oif); - Hlen = Irb.CreateAlloca(Int32Ty); + Hlen = Irb.CreateAlloca(Int32Ty, nullptr, "hlen"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Hlen); - Offset = Irb.CreateAlloca(Int16Ty); + Offset = Irb.CreateAlloca(Int16Ty, nullptr, "offset"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Offset); - Ip6f_mf = Irb.CreateAlloca(Int16Ty); + Ip6f_mf = Irb.CreateAlloca(Int16Ty, nullptr, "ip6f_mf"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Ip6f_mf); - // proto = args->f_id.proto = 0 - // proto = 0; - Proto = Irb.CreateAlloca(Int8Ty); + // proto = 0 + Proto = Irb.CreateAlloca(Int8Ty, nullptr, "proto"); Irb.CreateStore(ConstantInt::get(Int8Ty, 0), Proto); // args->f_id.proto = 0 (idx: 6, 5) Value *F_id = Irb.CreateStructGEP(Args, 6); - Value *Proto = Irb.CreateStructGEP(F_id, 5); - Irb.CreateStore(ConstantInt::get(Int8Ty, 0), Proto); + Value *FProto = Irb.CreateStructGEP(F_id, 5); + Irb.CreateStore(ConstantInt::get(Int8Ty, 0), FProto); - Src_port = Irb.CreateAlloca(Int16Ty); + Src_port = Irb.CreateAlloca(Int16Ty, nullptr, "src_port"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Src_port); - Dst_port = Irb.CreateAlloca(Int16Ty); + Dst_port = Irb.CreateAlloca(Int16Ty, nullptr, "dst_port"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Dst_port); //src_ip.s_addr = 0; - Src_ip = Irb.CreateAlloca(In_addrTy); + Src_ip = Irb.CreateAlloca(In_addrTy, nullptr, "src_ip"); Value *Src_s_addr = Irb.CreateStructGEP(Src_ip, 0); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Src_s_addr); //dst_ip.s_addr = 0; - Dst_ip = Irb.CreateAlloca(In_addrTy); + Dst_ip = Irb.CreateAlloca(In_addrTy, nullptr, "dst_ip"); Value *Dst_s_addr = Irb.CreateStructGEP(Dst_ip, 0); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Dst_s_addr); //iplen = 0; - Iplen = Irb.CreateAlloca(Int16Ty); + Iplen = Irb.CreateAlloca(Int16Ty, nullptr, "iplen"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Iplen); // pktlen = m->m_pkthdr.len; // m_pkthdr is the 6th element (idx: 5) // len is the 2nd element (idx: 1) - Pktlen = Irb.CreateAlloca(Int32Ty); + Pktlen = Irb.CreateAlloca(Int32Ty, nullptr, "pktlen"); Value *Header = Irb.CreateStructGEP(M, 5); Value *LengthPtr = Irb.CreateStructGEP(Header, 1); Value *Length = Irb.CreateLoad(LengthPtr); Irb.CreateStore(Length, Pktlen); - Etype = Irb.CreateAlloca(Int16Ty); + Etype = Irb.CreateAlloca(Int16Ty, nullptr, "etype"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Etype); - Dyn_dir = Irb.CreateAlloca(Int32Ty); + Dyn_dir = Irb.CreateAlloca(Int32Ty, nullptr, "dyn_dir"); Irb.CreateStore(ConstantInt::get(Int32Ty, MATCH_UNKNOWN), Dyn_dir); - Q = Irb.CreateAlloca(Ipfw_dyn_rulePtrTy); + Q = Irb.CreateAlloca(Ipfw_dyn_rulePtrTy, nullptr, "q"); Irb.CreateStore(ConstantPointerNull::get(Ipfw_dyn_rulePtrTy), Q); // There are no (void *), we use i8* - Ulp = Irb.CreateAlloca(Int8PtrTy); + Ulp = Irb.CreateAlloca(Int8PtrTy, nullptr, "ulp"); Irb.CreateStore(ConstantPointerNull::get(Int8PtrTy), Ulp); - Is_ipv4 = Irb.CreateAlloca(Int32Ty); + Is_ipv4 = Irb.CreateAlloca(Int32Ty, nullptr, "is_ipv4"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Is_ipv4); - Is_ipv6 = Irb.CreateAlloca(Int32Ty); + Is_ipv6 = Irb.CreateAlloca(Int32Ty, nullptr, "is_ipv6"); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Is_ipv6); - Icmp6_type = Irb.CreateAlloca(Int8Ty); + Icmp6_type = Irb.CreateAlloca(Int8Ty, nullptr, "icmp6_type"); Irb.CreateStore(ConstantInt::get(Int8Ty, 0), Icmp6_type); - Ext_hd = Irb.CreateAlloca(Int16Ty); + Ext_hd = Irb.CreateAlloca(Int16Ty, nullptr, "ext_hd"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Ext_hd); // If it returns one, goto pullup_failed. @@ -402,12 +397,11 @@ void emit_pullup_failed() { - BasicBlock *print = BasicBlock::Create(*Con, "print", Func); - BasicBlock *ret = BasicBlock::Create(*Con, "ret", Func); + BasicBlock *print = BasicBlock::Create(Con, "print", Func); + BasicBlock *ret = BasicBlock::Create(Con, "ret", Func); Value *Is_verbose, *Str, *Comp; - // VNET_DECLARE(int, fw_verbose); // #define V_fw_verbose VNET(fw_verbose) // We should be fine getting that from the Module. @@ -441,10 +435,10 @@ void emit_check_tag() { - BasicBlock *Tagged = BasicBlock::Create(*Con, "tagged", Func); - BasicBlock *Nottagged = BasicBlock::Create(*Con, "nottagged", Func); - BasicBlock *Jt = BasicBlock::Create(*Con, "jt", Func); - BasicBlock *Jf = BasicBlock::Create(*Con, "jf", Func); + BasicBlock *Tagged = BasicBlock::Create(Con, "tagged", Func); + BasicBlock *Nottagged = BasicBlock::Create(Con, "nottagged", Func); + BasicBlock *Jt = BasicBlock::Create(Con, "jt", Func); + BasicBlock *Jf = BasicBlock::Create(Con, "jf", Func); Value *Comp; @@ -471,6 +465,11 @@ Value *Slot = Irb.CreateStructGEP(Rule, 0); Value *SlotValue = Irb.CreateLoad(Slot); Comp = Irb.CreateICmpEQ(SlotValue, ConstantInt::get(Int32Ty, 0)); + // if (1) { + // Value *Str = Irb.CreateGlobalString("args->rule.slot: %d\n"); + // Value *StrFirstElement = Irb.CreateStructGEP(Str, 0); + // Irb.CreateCall(PrintfFunc, {StrFirstElement}); + // } Irb.CreateCondBr(Comp, Nottagged, Tagged); Irb.SetInsertPoint(Tagged); @@ -491,10 +490,8 @@ Irb.SetInsertPoint(Jf); Value *Rulenum = Irb.CreateStructGEP(Rule, 1); Value *RulenumL = Irb.CreateLoad(Rulenum); - Value *RuleId = Irb.CreateStructGEP(Rule, 2); Value *RuleIdL = Irb.CreateLoad(RuleId); - Value *FindRuleCall = Irb.CreateCall3(Ipfw_find_rule, Chain, RulenumL, RuleIdL); Irb.CreateStore(FindRuleCall, FPos); @@ -505,12 +502,18 @@ // else f_pos = 0; // Since f_pos is initialized by default as 0, we only br. Irb.SetInsertPoint(Nottagged); + // XXX Fpos + // if (1) { + // Value *Str = Irb.CreateGlobalString("f_pos: %d\n&fpos: %p\n"); + // Value *StrFirstElement = Irb.CreateStructGEP(Str, 0); + // Irb.CreateCall(PrintfFunc, {StrFirstElement, FPos, FPos}); + // } // Jump to first rule. Irb.CreateBr(rules.front()); } public: - ipfwJIT(int rulesnumber) : Con(&getGlobalContext()), Irb(*Con) + ipfwJIT(int rulesnumber) : Con(getGlobalContext()), Irb(Con) { // Create the module and load the code. mod = loadBitcode("rules.bc"); @@ -521,11 +524,10 @@ // The entry basic block contains all the initialization // and allocation of resources, and a basic check done // before start emmiting the rules code. - Entry = BasicBlock::Create(*Con, "Entry", Func); - End = BasicBlock::Create(*Con, "End", Func); - CheckTag = BasicBlock::Create(*Con, "CheckTag", Func); - PullupFailed = BasicBlock::Create(*Con, "PullupFailed", Func); - + Entry = BasicBlock::Create(Con, "Entry", Func); + End = BasicBlock::Create(Con, "End", Func); + CheckTag = BasicBlock::Create(Con, "CheckTag", Func); + PullupFailed = BasicBlock::Create(Con, "PullupFailed", Func); // Get struct types, and store vars setEnv(); @@ -536,7 +538,7 @@ // Initialize the vector. rules = std::vector(rulesnumber); for (auto &i: rules){ - i = BasicBlock::Create(*Con, "rule", Func); + i = BasicBlock::Create(Con, "rule", Func); } emit_check_tag(); @@ -552,7 +554,7 @@ // Optimise PassManagerBuilder PMBuilder; PMBuilder.OptLevel = 3; - PMBuilder.Inliner = createFunctionInliningPass(275); + //PMBuilder.Inliner = createFunctionInliningPass(275); // Function passes FunctionPassManager *PerFunctionPasses = new FunctionPassManager(mod); @@ -561,12 +563,6 @@ PerFunctionPasses->doFinalization(); delete PerFunctionPasses; - // Module passes - PassManager *PerModulePasses = new PassManager(); - PMBuilder.populateModulePassManager(*PerModulePasses); - PerModulePasses->run(*mod); - delete PerModulePasses; - // We don't need it anymore. Function *vf = mod->getFunction("voidfunction"); vf->eraseFromParent(); @@ -575,7 +571,7 @@ std::string errstr; EngineBuilder EB = EngineBuilder(std::unique_ptr(mod)); - EB.setEngineKind(EngineKind::Kind::JIT); + //EB.setEngineKind(EngineKind::Kind::JIT); EB.setErrorStr(&errstr); EB.setOptLevel(CodeGenOpt::Level::Aggressive); EB.setUseMCJIT(true); @@ -587,10 +583,9 @@ exit(1); } - // printf("FuncPtr: %p\n", (void *)EE->getPointerToFunction(Func)); - // printf("FuncPtr: %p\n", (void *)EE->getPointerToNamedFunction("ipfw_chk_jit")); - // printf("FuncPtr: %p\n", (void *)EE->getFunctionAddress("ipfw_chk_jit")); - // return (funcptr)EE->getFunctionAddress("ipfw_chk_jit"); + // mod->dump(); + + // XXX We should use a NON deperecated function. return (funcptr)EE->getPointerToFunction(mod->getFunction("ipfw_chk_jit")); } @@ -603,12 +598,11 @@ void emit_outer_for_prologue() { - BasicBlock *jt = BasicBlock::Create(*Con, "jt", Func); - BasicBlock *jf = BasicBlock::Create(*Con, "jf", Func); + BasicBlock *jt = BasicBlock::Create(Con, "jt", Func); + BasicBlock *jf = BasicBlock::Create(Con, "jf", Func); Value *SetDisable = mod->getGlobalVariable("set_disable"); - // All this variables are already allocated. // ipfw_insn *cmd; // uInt32_t tablearg = 0; // int l, cmdlen, skip_or; /* skip rest of OR block */ @@ -618,16 +612,28 @@ // continue; // skip_or = 0; - // Write at the rule. + // Write at the current rule. Irb.SetInsertPoint(rules[rulenumber]); + // ipfw_insn *cmd; + // uInt32_t tablearg = 0; + // int l, cmdlen, skip_or; /* skip rest of OR block */ + Cmd = Irb.CreateAlloca(Ipfw_insnPtrTy, nullptr, "cmd"); + Tablearg = Irb.CreateAlloca(Int32Ty, nullptr, "tablearg"); + L = Irb.CreateAlloca(Int32Ty, nullptr, "l"); + CmdLen = Irb.CreateAlloca(Int32Ty, nullptr, "cmdlen"); + SkipOr = Irb.CreateAlloca(Int32Ty, nullptr, "skipor"); + F = Irb.CreateAlloca(Ip_fwPtrTy, nullptr, "f"); + // uInt32_t tablearg = 0; Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Tablearg); // f = chain->map[f_pos]; idxs: 5, f_pos - Value *MapPtr = Irb.CreateStructGEP(Chain, 5); - Value *Map = Irb.CreateLoad(MapPtr); - Value *MapFPos = Irb.CreateInBoundsGEP(Map, FPos); + Value *FPosL = Irb.CreateLoad(FPos); + Value *ExtFPos = Irb.CreateSExt(FPosL, Int64Ty); + Value *Map = Irb.CreateStructGEP(Chain, 5); + Value *MapL = Irb.CreateLoad(Map); + Value *MapFPos = Irb.CreateInBoundsGEP(MapL, ExtFPos); Value *MapFPosL = Irb.CreateLoad(MapFPos); Irb.CreateStore(MapFPosL, F); @@ -654,14 +660,14 @@ void emit_inner_for_prologue() { - BasicBlock *firstt = BasicBlock::Create(*Con, "firstt", Func); - BasicBlock *firstf = BasicBlock::Create(*Con, "firstf", Func); - BasicBlock *secondt = BasicBlock::Create(*Con, "secondt", Func); - BasicBlock *secondf = BasicBlock::Create(*Con, "secondf", Func); + BasicBlock *firstt = BasicBlock::Create(Con, "firstt", Func); + BasicBlock *firstf = BasicBlock::Create(Con, "firstf", Func); + BasicBlock *secondt = BasicBlock::Create(Con, "secondt", Func); + BasicBlock *secondf = BasicBlock::Create(Con, "secondf", Func); Value *Comp, *AndOp; - // The first to are the intializers of the for loop. + // The first two are initializers of the outer for. // l = f->cmd_len; // cmd = f->cmd; // @@ -683,15 +689,15 @@ // cmd = f->cmd; Value *FCmd = Irb.CreateStructGEP(FL, 11); - Value *FCmdL = Irb.CreateLoad(FCmd); - FCmd = Irb.CreateExtractValue(FCmdL, 0); - Value *CmdL = Irb.CreateLoad(Cmd); - Irb.CreateStore(FCmd, CmdL); + Value *Addr = Irb.CreateBitCast(FCmd, Ipfw_insnPtrTy); + Irb.CreateStore(Addr, Cmd); + // int match; - Match = Irb.CreateAlloca(Int32Ty); + Match = Irb.CreateAlloca(Int32Ty, nullptr, "match"); // int cmdlen; // cmdlen = ((cmd)->len & F_LEN_MASK); + Value *CmdL = Irb.CreateLoad(Cmd); Value *LenPtr = Irb.CreateStructGEP(CmdL, 1); Value *Len = Irb.CreateLoad(LenPtr); AndOp = Irb.CreateAnd(Len, ConstantInt::get(Int8Ty, F_LEN_MASK)); @@ -728,14 +734,14 @@ void emit_inner_for_epilogue() { - BasicBlock *matchnz = BasicBlock::Create(*Con, "matchnz", Func); - BasicBlock *matchz = BasicBlock::Create(*Con, "matchz", Func); - BasicBlock *jt = BasicBlock::Create(*Con, "jt", Func); - BasicBlock *sec_cond = BasicBlock::Create(*Con, "sec_cond", Func); - BasicBlock *matchzero = BasicBlock::Create(*Con, "matchzero", Func); - BasicBlock *matchnotzero = BasicBlock::Create(*Con, "matchnotzero", Func); - BasicBlock *is_or = BasicBlock::Create(*Con, "is_or", Func); - BasicBlock *Continue = BasicBlock::Create(*Con, "Continue", Func); + BasicBlock *matchnz = BasicBlock::Create(Con, "matchnz", Func); + BasicBlock *matchz = BasicBlock::Create(Con, "matchz", Func); + BasicBlock *jt = BasicBlock::Create(Con, "jt", Func); + BasicBlock *sec_cond = BasicBlock::Create(Con, "sec_cond", Func); + BasicBlock *matchzero = BasicBlock::Create(Con, "matchzero", Func); + BasicBlock *matchnotzero = BasicBlock::Create(Con, "matchnotzero", Func); + BasicBlock *is_or = BasicBlock::Create(Con, "is_or", Func); + BasicBlock *Continue = BasicBlock::Create(Con, "Continue", Func); Value *Comp, *AndOp; @@ -838,13 +844,9 @@ { Value *Rule, *TimeUptime, *Str; - BasicBlock *Jt = BasicBlock::Create(*Con, "jt", Func); - BasicBlock *Jf = BasicBlock::Create(*Con, "jf", Func); - BasicBlock *DoCache = BasicBlock::Create(*Con, "cache", Func); - BasicBlock *Ret = BasicBlock::Create(*Con, "ret", Func); - #ifdef __FreeBSD__ - BasicBlock *CacheNN = BasicBlock::Create(*Con, "cachennull", Func); - #endif + BasicBlock *Jt = BasicBlock::Create(Con, "jt", Func); + BasicBlock *Jf = BasicBlock::Create(Con, "jf", Func); + BasicBlock *Ret = BasicBlock::Create(Con, "ret", Func); Value *Comp, *AddOp; // if (done) { @@ -858,14 +860,10 @@ // printf("ipfw: ouch!, skip past end of rules, denying packet\n"); // } // - // #ifdef __FreeBSD__ - // if (ucred_cache != NULL) - // crfree(ucred_cache); - // #endif - // // return (retval); Irb.SetInsertPoint(End); + // We need to get the timestamp variable. TimeUptime = mod->getGlobalVariable("time_uptime"); Str = Irb.CreateGlobalString("ipfw: ouch!, skip past end of rules, denying packet\n"); @@ -877,10 +875,12 @@ Irb.SetInsertPoint(Jt); // struct ip_fw *rule = chain->map[f_pos]; - Rule = Irb.CreateAlloca(Ip_fwPtrTy); - Value *MapPtr = Irb.CreateStructGEP(Chain, 5); - Value *Map = Irb.CreateLoad(MapPtr); - Value *MapFPos = Irb.CreateInBoundsGEP(Map, FPos); + Rule = Irb.CreateAlloca(Ip_fwPtrTy, nullptr, "rule"); + Value *FPosL = Irb.CreateLoad(FPos); + Value *ExtFPos = Irb.CreateSExt(FPosL, Int64Ty); + Value *Map = Irb.CreateStructGEP(Chain, 5); + Value *MapL = Irb.CreateLoad(Map); + Value *MapFPos = Irb.CreateInBoundsGEP(MapL, ExtFPos); Value *MapFPosL = Irb.CreateLoad(MapFPos); Irb.CreateStore(MapFPosL, Rule); @@ -910,7 +910,7 @@ Value *TimeUptimeL32 = Irb.CreateTrunc(TimeUptimeL, Int32Ty); Value *Timestamp = Irb.CreateStructGEP(RuleL, 10); Irb.CreateStore(TimeUptimeL32, Timestamp); - Irb.CreateBr(DoCache); + Irb.CreateBr(Ret); Irb.SetInsertPoint(Jf); // retval = IP_FW_DENY; @@ -918,22 +918,7 @@ Irb.CreateStore(ConstantInt::get(Int32Ty, IP_FW_DENY), Retval); Value *StrFirstElement = Irb.CreateStructGEP(Str, 0); Irb.CreateCall(PrintfFunc, StrFirstElement); - Irb.CreateBr(DoCache); - - Irb.SetInsertPoint(DoCache); -#ifndef __FreeBSD__ Irb.CreateBr(Ret); -#endif - -#ifdef __FreeBSD__ - // if (ucred_cache != NULL) - Comp = Irb.CreateICmpNE(Ucred_cache, - ConstantPointerNull::get(UcredPtrTy)); - Irb.CreateCondBr(Comp, CacheNN, Ret); - - Irb.SetInsertPoint(CacheNN); - Irb.CreateBr(Ret); -#endif //Return retval Irb.SetInsertPoint(Ret); @@ -943,32 +928,30 @@ // Rules + // XXX Not tested. void emit_nop() { - //break; - Irb.CreateBr(nextRule()); Irb.CreateStore(ConstantInt::get(Int32Ty, 1), Match); } + // XXX Not tested. void emit_forward_mac(u_int8_t opcode) { printf("Compilation error:\n"); printf("ipfwjitter: opcode %d unimplemented\n", opcode); printf("Compilation continues.\n"); - //break; - Irb.CreateBr(nextRule()); } - // check_uidgid() returns 0 on userspace. + // XXX Not tested. void emit_jail() { - BasicBlock *OffsetNZ = BasicBlock::Create(*Con, "offsetnotzero", Func); - BasicBlock *OffsetZE = BasicBlock::Create(*Con, "offsetiszero", Func); - BasicBlock *TCPorUDP = BasicBlock::Create(*Con, "setmatchzero", Func); - BasicBlock *Continue = BasicBlock::Create(*Con, "Continue", Func); + BasicBlock *OffsetNZ = BasicBlock::Create(Con, "offsetnotzero", Func); + BasicBlock *OffsetZE = BasicBlock::Create(Con, "offsetiszero", Func); + BasicBlock *TCPorUDP = BasicBlock::Create(Con, "setmatchzero", Func); + BasicBlock *Continue = BasicBlock::Create(Con, "Continue", Func); Value *Comp; // if (offset != 0) @@ -1003,10 +986,9 @@ // Keep on with the for epilogue. Irb.SetInsertPoint(Continue); - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_recv() { @@ -1015,10 +997,9 @@ Value *cmdc = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); Value *IfaceMatchCall = Irb.CreateCall4(Iface_match, rcvif, cmdc, Chain, Tablearg); Irb.CreateStore(IfaceMatchCall, Match); - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_xmit() { @@ -1026,416 +1007,323 @@ Value *Cmdc = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); Value *IfaceMatchCall = Irb.CreateCall4(Iface_match, Oif, Cmdc, Chain, Tablearg); Irb.CreateStore(IfaceMatchCall, Match); - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_via() { + BasicBlock *OifNZ = BasicBlock::Create(Con, "OifNotZero", Func); + BasicBlock *OifZE = BasicBlock::Create(Con, "OifIsZero", Func); + + // if (oif) + // match = iface_match(oif, (ipfw_insn_if *)cmd, chain, &tablearg); + // else + // match = iface_match(m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, + // chain, &tablearg); + // break; + //Value *Comp = Irb.CreateICmp(Oif, ConstantPointerNull::get(IfnetPtrTy)); - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_macaddr2() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_mac_type() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_frag() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_in() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_layer2() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_diverted() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_proto() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_src() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_dst_lookup() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_dst_mask() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_src_me() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip6_src_me() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_src_set() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_dst() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_dst_me() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip6_dst_me() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip_dstport() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_icmptype() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_icmp6type() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ipopt() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ipver() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ipttl() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ipprecedence() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_iptos() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_dscp() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_tcpdatalen() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_tcpflags() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_tcpopts() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_tcpseq() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_tcpack() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_tcpwin() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_estab() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_altq() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_log() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_prob() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_verrevpath() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_versrcreach() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_antispoof() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ipsec() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip6_src() { - - //break; - Irb.CreateBr(nextRule()); } + // XXX Not tested. void emit_ip6_dst() *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-soc-all@FreeBSD.ORG Tue Sep 9 11:56:27 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0A099E7 for ; Tue, 9 Sep 2014 11:56:27 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9C5C2E2A for ; Tue, 9 Sep 2014 11:56:27 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89BuRWh029854 for ; Tue, 9 Sep 2014 11:56:27 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89BuRMC029852 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 11:56:27 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 9 Sep 2014 11:56:27 GMT Message-Id: <201409091156.s89BuRMC029852@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273840 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2014 11:56:27 -0000 Author: dpl Date: Tue Sep 9 11:56:26 2014 New Revision: 273840 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273840 Log: Written code to deny packets. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 10:52:50 2014 (r273839) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 11:56:26 2014 (r273840) @@ -1438,6 +1438,12 @@ void emit_deny() { + // retval = IP_FW_DENY; + Irb.CreateStore(ConstantInt::get(Int32Ty, IP_FW_DENY), Retval); + // l = 0; /* exit inner loop */ + Irb.CreateStore(ConstantInt::get(Int32Ty, 0), L); + // done = 1; /* exit outer loop */ + Irb.CreateStore(ConstantInt::get(Int32Ty, 1), Done); } // XXX Not tested. From owner-svn-soc-all@FreeBSD.ORG Tue Sep 9 11:57:07 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 07AA59FD for ; Tue, 9 Sep 2014 11:57:07 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E82B6E2E for ; Tue, 9 Sep 2014 11:57:06 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89Bv6pw030191 for ; Tue, 9 Sep 2014 11:57:06 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89Bv6SU030189 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 11:57:06 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 9 Sep 2014 11:57:06 GMT Message-Id: <201409091157.s89Bv6SU030189@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273841 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2014 11:57:07 -0000 Author: dpl Date: Tue Sep 9 11:57:06 2014 New Revision: 273841 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273841 Log: Use the definition of the magic num, instead of the magic num. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 11:56:26 2014 (r273840) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 11:57:06 2014 (r273841) @@ -1385,7 +1385,7 @@ { // retval = 0; /* accept */ - Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Retval); + Irb.CreateStore(ConstantInt::get(Int32Ty, IP_FW_PASS), Retval); // l = 0; /* exit inner loop */ Irb.CreateStore(ConstantInt::get(Int32Ty, 0), L); // done = 1; /* exit outer loop */ From owner-svn-soc-all@FreeBSD.ORG Tue Sep 9 15:59:24 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5E7BA747 for ; Tue, 9 Sep 2014 15:59:24 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 479B5EF3 for ; Tue, 9 Sep 2014 15:59:24 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89FxO4T012908 for ; Tue, 9 Sep 2014 15:59:24 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89FxNds012904 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 15:59:23 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 9 Sep 2014 15:59:23 GMT Message-Id: <201409091559.s89FxNds012904@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273850 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2014 15:59:24 -0000 Author: dpl Date: Tue Sep 9 15:59:23 2014 New Revision: 273850 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273850 Log: Delete unneeded function Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c Tue Sep 9 14:34:54 2014 (r273849) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c Tue Sep 9 15:59:23 2014 (r273850) @@ -861,7 +861,6 @@ } } /* end of inner loop, scan opcodes */ -#undef PULLUP_LEN if (done) break; From owner-svn-soc-all@FreeBSD.ORG Tue Sep 9 16:15:22 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5F285364 for ; Tue, 9 Sep 2014 16:15:22 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 482EF1B5 for ; Tue, 9 Sep 2014 16:15:22 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89GFMYK090062 for ; Tue, 9 Sep 2014 16:15:22 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89GFLxU090058 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 16:15:21 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 9 Sep 2014 16:15:21 GMT Message-Id: <201409091615.s89GFLxU090058@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273852 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2014 16:15:22 -0000 Author: dpl Date: Tue Sep 9 16:15:21 2014 New Revision: 273852 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273852 Log: Added filtering limit. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c Tue Sep 9 15:19:38 2014 (r273851) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_pfil.c Tue Sep 9 16:15:21 2014 (r273852) @@ -120,6 +120,7 @@ SYSEND #endif /* SYSCTL_NODE */ +int counter = 0; /* * Handles the compilation and execution of the @@ -131,6 +132,7 @@ ipfw_chk_wrapper(struct ip_fw_args *args) { int ret; + counter++; /* If we haven't, JIT-compile the actions to be executed per-rule */ if (ipfw_chk_jit == 0) { @@ -148,6 +150,8 @@ IPFW_PF_RUNLOCK(chain); } #include + if (counter == 100) + err(1, "end"); return (ret); } From owner-svn-soc-all@FreeBSD.ORG Tue Sep 9 16:16:02 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5D4F937E for ; Tue, 9 Sep 2014 16:16:02 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2C83E1BB for ; Tue, 9 Sep 2014 16:16:02 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89GG27Y090656 for ; Tue, 9 Sep 2014 16:16:02 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89GG1xx090647 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 16:16:01 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 9 Sep 2014 16:16:01 GMT Message-Id: <201409091616.s89GG1xx090647@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273853 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2014 16:16:02 -0000 Author: dpl Date: Tue Sep 9 16:16:01 2014 New Revision: 273853 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273853 Log: Added port filtering. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 16:15:21 2014 (r273852) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 16:16:01 2014 (r273853) @@ -66,6 +66,7 @@ Type *Int32Ty; Type *Int64Ty; PointerType *Int8PtrTy; + PointerType *Int16PtrTy; // Basic blocks used BasicBlock *Entry; @@ -97,15 +98,15 @@ Value *Oif; Value *Hlen; //unsigned Value *Offset; //unsigned - Value *Ip6f_mf; //unsigned + Value *Ip6fMf; //unsigned // Local copies of vars. // On optimization, unused ones will not be included. Value *Proto; //unsigned - Value *Src_port; //unsigned - Value *Dst_port; //unsigned - Value *Src_ip; - Value *Dst_ip; + Value *SrcPort; //unsigned + Value *DstPort; //unsigned + Value *SrcIp; + Value *DstIp; Value *Iplen; //unsigned Value *Pktlen; Value *Etype; //unsigned @@ -113,36 +114,36 @@ Value *Q; Value *Ulp; - Value *Is_ipv4; - Value *Is_ipv6; - Value *Icmp6_type; //unsigned - Value *Ext_hd; //unsigned + Value *IsIpv4; + Value *IsIpv6; + Value *Icmp6Type; //unsigned + Value *ExtHd; //unsigned // This sets up some vars, at star time. Function *InspectPkt; // Auxiliary functions used by our JITed code. // All this are used from our bitcode. - Function *Is_icmp_query; - Function *Flags_match; - Function *Ipopts_match; - Function *Tcpopts_match; - Function *Iface_match; - Function *Verify_path; + Function *IsIcmpQuery; + Function *FlagsMatch; + Function *IpoptsMatch; + Function *TcpoptsMatch; + Function *IfaceMatch; + Function *VerifyPath; #ifdef INET6 - Function *Icmp6type_match; - Function *Search_ip6_addr_net; - Function *Flow6id_match; - Function *Verify_path6; - Function *Is_icmp6_query; - Function *Send_reject6; + Function *Icmp6typeMatch; + Function *SearchIp6AddrNet; + Function *Flow6idMatch; + Function *VerifyPath6; + Function *IsIcmp6Query; + Function *SendReject6; #endif /* INET6 */ - Function *Send_reject; - Function *Set_match; - Function *Jump_fast; + Function *SendReject; + Function *SetMatch; + Function *JumpFast; Function *PrintfFunc; - Function *Ipfw_find_rule; + Function *IpfwFindRule; // Used structs. StructType *IfnetTy; @@ -152,6 +153,7 @@ StructType *Ip_fw_chainTy; StructType *Ip_fwTy; StructType *Ipfw_insnTy; + StructType *IpfwInsnU16Ty; StructType *Ipfw_dyn_ruleTy; StructType *Ipfw_insn_ifTy; StructType *MbufTy; @@ -165,6 +167,7 @@ PointerType *Ip_fw_chainPtrTy; PointerType *Ip_fwPtrTy; PointerType *Ipfw_insnPtrTy; + PointerType *IpfwInsnU16PtrTy; PointerType *Ipfw_dyn_rulePtrTy; PointerType *Ipfw_insn_ifPtrTy; PointerType *MbufPtrTy; @@ -219,6 +222,7 @@ Int32Ty = Type::getInt32Ty(Con); Int64Ty = Type::getInt64Ty(Con); Int8PtrTy = PointerType::getUnqual(Int8Ty); + Int16PtrTy = PointerType::getUnqual(Int16Ty); // Get StrucType from bitcode. MbufTy = mod->getTypeByName("struct.mbuf"); @@ -229,6 +233,7 @@ Ip_fw_chainTy = mod->getTypeByName("struct.ip_fw_chain"); Ip_fwTy = mod->getTypeByName("struct.ip_fw"); Ipfw_insnTy = mod->getTypeByName("struct._ipfw_insn"); + IpfwInsnU16Ty = mod->getTypeByName("struct._ipfw_insn_u16"); Ipfw_insn_ifTy = mod->getTypeByName("struct._ipfw_insn_if"); Ipfw_dyn_ruleTy = mod->getTypeByName("struct._ipfw_dyn_rule"); #ifdef __FreeBSD__ @@ -246,6 +251,7 @@ Ip_fw_chainPtrTy = PointerType::getUnqual(Ip_fw_chainTy); Ip_fwPtrTy = PointerType::getUnqual(Ip_fwTy); Ipfw_insnPtrTy = PointerType::getUnqual(Ipfw_insnTy); + IpfwInsnU16PtrTy = PointerType::getUnqual(IpfwInsnU16Ty); Ipfw_insn_ifPtrTy = PointerType::getUnqual(Ipfw_insn_ifTy); Ipfw_dyn_rulePtrTy = PointerType::getUnqual(Ipfw_dyn_ruleTy); #ifdef __FreeBSD__ @@ -254,29 +260,29 @@ // Get Function defs from bitcode. // All of them are auxiliary functions. InspectPkt = mod->getFunction("inspect_pkt"); - Is_icmp_query = mod->getFunction("is_icmp_query"); - Flags_match = mod->getFunction("flags_match"); - Ipopts_match = mod->getFunction("ipopts_match"); - Tcpopts_match = mod->getFunction("tcpopts_match"); - Iface_match = mod->getFunction("iface_match"); - Verify_path = mod->getFunction("verify_path"); + IsIcmpQuery = mod->getFunction("is_icmp_query"); + FlagsMatch = mod->getFunction("flags_match"); + IpoptsMatch = mod->getFunction("ipopts_match"); + TcpoptsMatch = mod->getFunction("tcpopts_match"); + IfaceMatch = mod->getFunction("ifaceMatch"); + VerifyPath = mod->getFunction("verify_path"); #ifdef INET6 - Icmp6type_match = mod->getFunction("icmp6type_match"); - Search_ip6_addr_net = mod->getFunction("search_ip6_addr_net"); - Flow6id_match = mod->getFunction("flow6id_match"); - Verify_path6 = mod->getFunction("verify_path6"); - Is_icmp6_query = mod->getFunction("is_icmp6_query"); - Send_reject6 = mod->getFunction("send_reject6"); + Icmp6typeMatch = mod->getFunction("icmp6type_match"); + SearchIp6AddrNet = mod->getFunction("search_ip6_addr_net"); + Flow6idMatch = mod->getFunction("flow6id_match"); + VerifyPath6 = mod->getFunction("verify_path6"); + IsIcmp6Query = mod->getFunction("is_icmp6_query"); + SendReject6 = mod->getFunction("send_reject6"); #endif /* INET6 */ - Send_reject = mod->getFunction("send_reject"); - Set_match = mod->getFunction("set_match"); - Jump_fast = mod->getFunction("jump_fast"); + SendReject = mod->getFunction("send_reject"); + SetMatch = mod->getFunction("set_match"); + JumpFast = mod->getFunction("jump_fast"); // Functions declared at bitcode. PrintfFunc = mod->getFunction("printf"); - Ipfw_find_rule = mod->getFunction("ipfw_find_rule"); + IpfwFindRule = mod->getFunction("ipfw_find_rule"); } // Allocate and initialize LLVM vars. @@ -320,8 +326,8 @@ Offset = Irb.CreateAlloca(Int16Ty, nullptr, "offset"); Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Offset); - Ip6f_mf = Irb.CreateAlloca(Int16Ty, nullptr, "ip6f_mf"); - Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Ip6f_mf); + Ip6fMf = Irb.CreateAlloca(Int16Ty, nullptr, "ip6f_mf"); + Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Ip6fMf); // proto = 0 Proto = Irb.CreateAlloca(Int8Ty, nullptr, "proto"); @@ -331,18 +337,18 @@ Value *FProto = Irb.CreateStructGEP(F_id, 5); Irb.CreateStore(ConstantInt::get(Int8Ty, 0), FProto); - Src_port = Irb.CreateAlloca(Int16Ty, nullptr, "src_port"); - Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Src_port); - Dst_port = Irb.CreateAlloca(Int16Ty, nullptr, "dst_port"); - Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Dst_port); + SrcPort = Irb.CreateAlloca(Int16Ty, nullptr, "src_port"); + Irb.CreateStore(ConstantInt::get(Int16Ty, 0), SrcPort); + DstPort = Irb.CreateAlloca(Int16Ty, nullptr, "dst_port"); + Irb.CreateStore(ConstantInt::get(Int16Ty, 0), DstPort); //src_ip.s_addr = 0; - Src_ip = Irb.CreateAlloca(In_addrTy, nullptr, "src_ip"); - Value *Src_s_addr = Irb.CreateStructGEP(Src_ip, 0); + SrcIp = Irb.CreateAlloca(In_addrTy, nullptr, "src_ip"); + Value *Src_s_addr = Irb.CreateStructGEP(SrcIp, 0); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Src_s_addr); //dst_ip.s_addr = 0; - Dst_ip = Irb.CreateAlloca(In_addrTy, nullptr, "dst_ip"); - Value *Dst_s_addr = Irb.CreateStructGEP(Dst_ip, 0); + DstIp = Irb.CreateAlloca(In_addrTy, nullptr, "dst_ip"); + Value *Dst_s_addr = Irb.CreateStructGEP(DstIp, 0); Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Dst_s_addr); //iplen = 0; @@ -371,23 +377,23 @@ Ulp = Irb.CreateAlloca(Int8PtrTy, nullptr, "ulp"); Irb.CreateStore(ConstantPointerNull::get(Int8PtrTy), Ulp); - Is_ipv4 = Irb.CreateAlloca(Int32Ty, nullptr, "is_ipv4"); - Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Is_ipv4); - Is_ipv6 = Irb.CreateAlloca(Int32Ty, nullptr, "is_ipv6"); - Irb.CreateStore(ConstantInt::get(Int32Ty, 0), Is_ipv6); - Icmp6_type = Irb.CreateAlloca(Int8Ty, nullptr, "icmp6_type"); - Irb.CreateStore(ConstantInt::get(Int8Ty, 0), Icmp6_type); - Ext_hd = Irb.CreateAlloca(Int16Ty, nullptr, "ext_hd"); - Irb.CreateStore(ConstantInt::get(Int16Ty, 0), Ext_hd); + IsIpv4 = Irb.CreateAlloca(Int32Ty, nullptr, "is_ipv4"); + Irb.CreateStore(ConstantInt::get(Int32Ty, 0), IsIpv4); + IsIpv6 = Irb.CreateAlloca(Int32Ty, nullptr, "is_ipv6"); + Irb.CreateStore(ConstantInt::get(Int32Ty, 0), IsIpv6); + Icmp6Type = Irb.CreateAlloca(Int8Ty, nullptr, "icmp6_type"); + Irb.CreateStore(ConstantInt::get(Int8Ty, 0), Icmp6Type); + ExtHd = Irb.CreateAlloca(Int16Ty, nullptr, "ext_hd"); + Irb.CreateStore(ConstantInt::get(Int16Ty, 0), ExtHd); // If it returns one, goto pullup_failed. // Else, goto first rule. Value *Ip = Irb.CreateLoad(IpPtr); Value *UlpL = Irb.CreateLoad(Ulp); - Value *InspectPktCall = Irb.CreateCall(InspectPkt, {Args, Ip, M, Src_ip, - Dst_ip, Src_port, Dst_port, Etype, Ext_hd, Iplen, Pktlen, Is_ipv4, - Is_ipv6, Hlen, Proto, Icmp6_type, Ip6f_mf, Offset, UlpL}); + Value *InspectPktCall = Irb.CreateCall(InspectPkt, {Args, Ip, M, SrcIp, + DstIp, SrcPort, DstPort, Etype, ExtHd, Iplen, Pktlen, IsIpv4, + IsIpv6, Hlen, Proto, Icmp6Type, Ip6fMf, Offset, UlpL}); Value *Comp = Irb.CreateICmpEQ(InspectPktCall, ConstantInt::get(Int32Ty, 1)); Irb.CreateCondBr(Comp, PullupFailed, CheckTag); @@ -492,7 +498,7 @@ Value *RulenumL = Irb.CreateLoad(Rulenum); Value *RuleId = Irb.CreateStructGEP(Rule, 2); Value *RuleIdL = Irb.CreateLoad(RuleId); - Value *FindRuleCall = Irb.CreateCall3(Ipfw_find_rule, Chain, RulenumL, RuleIdL); + Value *FindRuleCall = Irb.CreateCall3(IpfwFindRule, Chain, RulenumL, RuleIdL); Irb.CreateStore(FindRuleCall, FPos); // Branch to Nottagged because it @@ -752,7 +758,6 @@ Value *Sub = Irb.CreateNSWSub(LL, CmdLenL); Irb.CreateStore(Sub, L); - // TODO - Should ensure correctness of code. // ipfw_insn *cmd; Add to pointer. // Note: Since LLVM can't add to a ptr, we can use GEP with casted Ptr. // cmd += cmdlen; @@ -995,7 +1000,7 @@ //*match = iface_match(m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, chain, tablearg); Value *rcvif = Irb.CreateStructGEP(Irb.CreateStructGEP(Irb.CreateLoad(MPtr), 5), 0); Value *cmdc = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); - Value *IfaceMatchCall = Irb.CreateCall4(Iface_match, rcvif, cmdc, Chain, Tablearg); + Value *IfaceMatchCall = Irb.CreateCall4(IfaceMatch, rcvif, cmdc, Chain, Tablearg); Irb.CreateStore(IfaceMatchCall, Match); } @@ -1005,7 +1010,7 @@ { //*match = iface_match(oif, (ipfw_insn_if *)cmd, chain, tablearg); Value *Cmdc = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); - Value *IfaceMatchCall = Irb.CreateCall4(Iface_match, Oif, Cmdc, Chain, Tablearg); + Value *IfaceMatchCall = Irb.CreateCall4(IfaceMatch, Oif, Cmdc, Chain, Tablearg); Irb.CreateStore(IfaceMatchCall, Match); } @@ -1126,6 +1131,110 @@ void emit_ip_dstport() { + // /* + // * offset == 0 && proto != 0 is enough + // * to guarantee that we have a + // * packet with port info. + // */ + // if ((proto==IPPROTO_UDP || proto==IPPROTO_TCP) + // && offset == 0) { + // u_int16_t x = + // (cmd->opcode == O_IP_SRCPORT) ? + // src_port : dst_port ; + // u_int16_t *p = + // ((ipfw_insn_u16 *)cmd)->ports; + // int i; + + // for (i = cmdlen - 1; !match && i>0; + // i--, p += 2) + // match = (x>=p[0] && x<=p[1]); + // } + BasicBlock *Yes = BasicBlock::Create(Con, "R_Yes", Func); + BasicBlock *Out = BasicBlock::Create(Con, "R_Out", Func); + BasicBlock *Src = BasicBlock::Create(Con, "R_Src", Func); + BasicBlock *Dst = BasicBlock::Create(Con, "R_Dst", Func); + BasicBlock *Loop = BasicBlock::Create(Con, "R_Loop", Func); + BasicBlock *ContLoop = BasicBlock::Create(Con, "R_ContLoop", Func); + Value Comp; + + // Perform allocations at the beginning. + Value *X = Irb.CreateAlloca(Int16Ty, nullptr, "x"); + Value *P = Irb.CreateAlloca(Int16PtrTy, nullptr, "p"); + Value *I = Irb.CreateAlloca(Int32Ty, nullptr, "i"); + // p = ((ipfw_insn_u16 *)cmd)->ports; + // XXX TODO Ensure correctness. + CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy); + Value *Ports = Irb.CreateStructGEP(CMDLBitC, 1); + Irb.CreateStore(PortsPtr, P); + Value *PL = Irb.CreateLoad(P); + + // (proto == IPPROTO_UDP || proto == IPPROTO_TCP) + Value *Comp1 = Irb.CreateICmpEQ(Proto, ConstantInt::get(Proto->getType(), IPPROTO_TCP)); + Value *Comp2 = Irb.CreateICmpEQ(Proto, ConstantInt::get(Proto->getType(), IPPROTO_UDP)); + Value *OrComps = Irb.CreateOr(Comp1, Comp2); + + // (Offset == 0) + Value *Comp3 = Irb.CreateICmpEQ(Offset, ConstantInt::get(Offset->getType(), 0)); + // (OrComps && Comp3) + Value *Comp = Irb.CreateAnd(OrComps, Comp3); + Irb.CreateCondBr(Comp, Yes, Out); + + // yes: + Irb.SetInserPoint(Yes); + // if (cmd->opcode == O_IP_SRCPORT) + Value *CmdL = Irb.CreateLoad(Cmd); + Value *OpcodePtr = Irb.CreateStructGEP(CmdL, 0); + Value *Opcode = Irb.CreateLoad(OpcodePtr); + Comp = Irb.CreateICmpEQ(Opcode, ConstantInt::get(Opcode->getType(), O_IP_SRCPORT)); + Irb.CreateCondBr(Comp, Src, Dst); + + Irb.SetInserPoint(Src); + // u_int16_t x = src_port; + Irb.CreateStore(SrcPort, X); + Irb.CreateBr(Loop); + + Irb.SetInserPoint(Dst); + // u_int16_t x = dst_port; + Irb.CreateStore(DstPort, X); + Irb.CreateBr(Loop); + + Irb.SetInserPoint(Loop); + // Loop initialisation + // i = cmdlen - 1; + // cmdlen: signed + Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1); + Irb.CreateStore(Sub, I); + Irb.CreateBr(ContLoop); + + // Check condition + Irb.SetInserPoint(ContLoop); + // while((!match) && (i>0)) { + Value *IL = Irb.CreateLoad(I); + Value *MatchL = Irb.CreateLoad(Match); + Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0) + Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0) + Value *BreakCond = Irb.CreateAnd(Comp1, Comp2); + Irb.CreateCondBr(BreakCond, ContLoop, Out); + + // match = ((x >= p[0]) && (x <= p[1])); + Value *PZ = Irb.CreateStructGEP(PL, 0); + Value *PO = Irb.CreateStructGEP(PL, 1); + Comp1 = Irb.CreateICmpUGE(X, PZ); + Comp2 = Irb.CreateICmpULE(X, PO); + Comp = Irb.CreateAnd(Comp1, Comp2); + Value *Comp32 = Irb.CreateSExt(Comp, Match->getType()); + Irb.CreateStore(Comp32, Match); + + // Increment, decrement. + // i--; + Value *ILD = Irb.CreateNSWSub(IL, ConstantInt::get(I->getType(), 1)); + Irb.CreateStore(ILD, I); + // p += 2; + Value PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2)); + Irb.CreateStore(PGEP, P); + Irb.CreateBr(ContLoop); + + Irb.SetInsertPoint(Out); } // XXX Not tested. From owner-svn-soc-all@FreeBSD.ORG Tue Sep 9 17:02:35 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A54A15B9 for ; Tue, 9 Sep 2014 17:02:35 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8F585914 for ; Tue, 9 Sep 2014 17:02:35 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s89H2Zo0008690 for ; Tue, 9 Sep 2014 17:02:35 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s89H2Ymm008510 for svn-soc-all@FreeBSD.org; Tue, 9 Sep 2014 17:02:34 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 9 Sep 2014 17:02:34 GMT Message-Id: <201409091702.s89H2Ymm008510@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273858 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2014 17:02:35 -0000 Author: dpl Date: Tue Sep 9 17:02:34 2014 New Revision: 273858 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273858 Log: Added IP src filtering, still to test, included struct definition at ip_fw_rules.h Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Tue Sep 9 16:57:02 2014 (r273857) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Tue Sep 9 17:02:34 2014 (r273858) @@ -82,6 +82,8 @@ struct ip_fw_chain; struct ip_fw; struct _ipfw_insn; +struct _ipfw_insn_ip; +struct _ipfw_insn_u16; struct _ipfw_insn_if; struct _ipfw_dyn_rule; Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 16:57:02 2014 (r273857) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Tue Sep 9 17:02:34 2014 (r273858) @@ -154,6 +154,7 @@ StructType *Ip_fwTy; StructType *Ipfw_insnTy; StructType *IpfwInsnU16Ty; + StructType *IpfwInsnIpTy; StructType *Ipfw_dyn_ruleTy; StructType *Ipfw_insn_ifTy; StructType *MbufTy; @@ -168,6 +169,7 @@ PointerType *Ip_fwPtrTy; PointerType *Ipfw_insnPtrTy; PointerType *IpfwInsnU16PtrTy; + PointerType *IpfwInsnIpPtrTy; PointerType *Ipfw_dyn_rulePtrTy; PointerType *Ipfw_insn_ifPtrTy; PointerType *MbufPtrTy; @@ -234,6 +236,7 @@ Ip_fwTy = mod->getTypeByName("struct.ip_fw"); Ipfw_insnTy = mod->getTypeByName("struct._ipfw_insn"); IpfwInsnU16Ty = mod->getTypeByName("struct._ipfw_insn_u16"); + IpfwInsnIpTy = mod->getTypeByName("struct._ipfw_insn_ip"); Ipfw_insn_ifTy = mod->getTypeByName("struct._ipfw_insn_if"); Ipfw_dyn_ruleTy = mod->getTypeByName("struct._ipfw_dyn_rule"); #ifdef __FreeBSD__ @@ -252,6 +255,7 @@ Ip_fwPtrTy = PointerType::getUnqual(Ip_fwTy); Ipfw_insnPtrTy = PointerType::getUnqual(Ipfw_insnTy); IpfwInsnU16PtrTy = PointerType::getUnqual(IpfwInsnU16Ty); + IpfwInsnIpPtrTy = PointerType::getUnqual(IpfwInsnIpTy); Ipfw_insn_ifPtrTy = PointerType::getUnqual(Ipfw_insn_ifTy); Ipfw_dyn_rulePtrTy = PointerType::getUnqual(Ipfw_dyn_ruleTy); #ifdef __FreeBSD__ @@ -1077,6 +1081,23 @@ void emit_ip_src() { + // match = is_ipv4 && + // (((ipfw_insn_ip *)cmd)->addr.s_addr == + // src_ip.s_addr); + + // ((ipfw_insn_ip *)cmd)->addr.s_addr + // addr only has one element (s_adddr) we only need one GEP. + Value *CmdL = Irb.CreateLoad(Cmd); + Value *CmdLBitC = Irb.CreateBitCast(CmdL, IpfwInsnIpPtrTy); + Value *CmdSAddr = Irb.CreateStructGEP(CmdLBitC, 1); + Value *CmdSAddrL = Irb.CreateLoad(CmdSAddr); + + // src_ip.s_addr + Value *SrcIpL = Irb.CreateLoad(SrcIp); + Value *SrcAddr = Irb.CreateStructGEP(SrcIpL, 0); + Value *Comp = Irb.CreateICmpEQ(CmdSAddrL, SrcAddr); + + Value *NewMatch = Irb.CreateAnd(Comp, IsIpv4); } // XXX Not tested. @@ -1155,7 +1176,7 @@ BasicBlock *Dst = BasicBlock::Create(Con, "R_Dst", Func); BasicBlock *Loop = BasicBlock::Create(Con, "R_Loop", Func); BasicBlock *ContLoop = BasicBlock::Create(Con, "R_ContLoop", Func); - Value Comp; + Value *Comp; // Perform allocations at the beginning. Value *X = Irb.CreateAlloca(Int16Ty, nullptr, "x"); @@ -1163,9 +1184,9 @@ Value *I = Irb.CreateAlloca(Int32Ty, nullptr, "i"); // p = ((ipfw_insn_u16 *)cmd)->ports; // XXX TODO Ensure correctness. - CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy); - Value *Ports = Irb.CreateStructGEP(CMDLBitC, 1); - Irb.CreateStore(PortsPtr, P); + Value *CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy); + Value *Ports = Irb.CreateStructGEP(CmdLBitC, 1); + Irb.CreateStore(Ports, P); Value *PL = Irb.CreateLoad(P); // (proto == IPPROTO_UDP || proto == IPPROTO_TCP) @@ -1176,11 +1197,11 @@ // (Offset == 0) Value *Comp3 = Irb.CreateICmpEQ(Offset, ConstantInt::get(Offset->getType(), 0)); // (OrComps && Comp3) - Value *Comp = Irb.CreateAnd(OrComps, Comp3); + Comp = Irb.CreateAnd(OrComps, Comp3); Irb.CreateCondBr(Comp, Yes, Out); // yes: - Irb.SetInserPoint(Yes); + Irb.SetInsertPoint(Yes); // if (cmd->opcode == O_IP_SRCPORT) Value *CmdL = Irb.CreateLoad(Cmd); Value *OpcodePtr = Irb.CreateStructGEP(CmdL, 0); @@ -1188,31 +1209,31 @@ Comp = Irb.CreateICmpEQ(Opcode, ConstantInt::get(Opcode->getType(), O_IP_SRCPORT)); Irb.CreateCondBr(Comp, Src, Dst); - Irb.SetInserPoint(Src); + Irb.SetInsertPoint(Src); // u_int16_t x = src_port; Irb.CreateStore(SrcPort, X); Irb.CreateBr(Loop); - Irb.SetInserPoint(Dst); + Irb.SetInsertPoint(Dst); // u_int16_t x = dst_port; Irb.CreateStore(DstPort, X); Irb.CreateBr(Loop); - Irb.SetInserPoint(Loop); + Irb.SetInsertPoint(Loop); // Loop initialisation // i = cmdlen - 1; // cmdlen: signed - Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1); + Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1)); Irb.CreateStore(Sub, I); Irb.CreateBr(ContLoop); // Check condition - Irb.SetInserPoint(ContLoop); + Irb.SetInsertPoint(ContLoop); // while((!match) && (i>0)) { Value *IL = Irb.CreateLoad(I); Value *MatchL = Irb.CreateLoad(Match); - Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0) - Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0) + Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0)); + Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0)); Value *BreakCond = Irb.CreateAnd(Comp1, Comp2); Irb.CreateCondBr(BreakCond, ContLoop, Out); @@ -1230,7 +1251,7 @@ Value *ILD = Irb.CreateNSWSub(IL, ConstantInt::get(I->getType(), 1)); Irb.CreateStore(ILD, I); // p += 2; - Value PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2)); + Value *PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2)); Irb.CreateStore(PGEP, P); Irb.CreateBr(ContLoop); From owner-svn-soc-all@FreeBSD.ORG Thu Sep 11 09:40:56 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BD8BB168 for ; Thu, 11 Sep 2014 09:40:56 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A9B409AE for ; Thu, 11 Sep 2014 09:40:56 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8B9euFw078153 for ; Thu, 11 Sep 2014 09:40:56 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s8B9euVv078151 for svn-soc-all@FreeBSD.org; Thu, 11 Sep 2014 09:40:56 GMT (envelope-from dpl@FreeBSD.org) Date: Thu, 11 Sep 2014 09:40:56 GMT Message-Id: <201409110940.s8B9euVv078151@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273959 - soc2014/dpl/netmap-ipfwjit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2014 09:40:56 -0000 Author: dpl Date: Thu Sep 11 09:40:55 2014 New Revision: 273959 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273959 Log: Ensure the bitcode's not optimized. Modified: soc2014/dpl/netmap-ipfwjit/Makefile.kipfw Modified: soc2014/dpl/netmap-ipfwjit/Makefile.kipfw ============================================================================== --- soc2014/dpl/netmap-ipfwjit/Makefile.kipfw Thu Sep 11 07:16:15 2014 (r273958) +++ soc2014/dpl/netmap-ipfwjit/Makefile.kipfw Thu Sep 11 09:40:55 2014 (r273959) @@ -154,7 +154,7 @@ #Generate the actual bytecode to be used ../rules.bc: - $(HIDE) $(CC) $(CFLAGS) -emit-llvm -c -o ../rules.bc ../sys/netpfil/ipfw/ip_fw_rules.c + $(HIDE) $(CC) $(CFLAGS) -O0 -emit-llvm -c -o ../rules.bc ../sys/netpfil/ipfw/ip_fw_rules.c radix.o:# CFLAGS += -U_KERNEL From owner-svn-soc-all@FreeBSD.ORG Thu Sep 11 10:13:05 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 542E1683 for ; Thu, 11 Sep 2014 10:13:05 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 40336D3F for ; Thu, 11 Sep 2014 10:13:05 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8BAD5n8090297 for ; Thu, 11 Sep 2014 10:13:05 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s8BAD4hw090162 for svn-soc-all@FreeBSD.org; Thu, 11 Sep 2014 10:13:04 GMT (envelope-from dpl@FreeBSD.org) Date: Thu, 11 Sep 2014 10:13:04 GMT Message-Id: <201409111013.s8BAD4hw090162@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273960 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2014 10:13:05 -0000 Author: dpl Date: Thu Sep 11 10:13:04 2014 New Revision: 273960 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273960 Log: Force inclusion of functions at bitcode. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h Thu Sep 11 09:40:55 2014 (r273959) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h Thu Sep 11 10:13:04 2014 (r273960) @@ -908,7 +908,7 @@ * one. slot is precise, whereas we guess rule_id as they are * assigned sequentially. */ -static inline void +static void set_match(struct ip_fw_args *args, int slot, struct ip_fw_chain *chain) { @@ -922,7 +922,7 @@ * Helper function to enable cached rule lookups using * x_next and next_rule fields in ipfw rule. */ -static int +static int jump_fast(struct ip_fw_chain *chain, struct ip_fw *f, int num, int tablearg, int jump_backwards) { From owner-svn-soc-all@FreeBSD.ORG Thu Sep 11 10:13:19 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A8787697 for ; Thu, 11 Sep 2014 10:13:19 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 947D6D41 for ; Thu, 11 Sep 2014 10:13:19 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8BADJWN093083 for ; Thu, 11 Sep 2014 10:13:19 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s8BADJbW092981 for svn-soc-all@FreeBSD.org; Thu, 11 Sep 2014 10:13:19 GMT (envelope-from dpl@FreeBSD.org) Date: Thu, 11 Sep 2014 10:13:19 GMT Message-Id: <201409111013.s8BADJbW092981@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273961 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2014 10:13:19 -0000 Author: dpl Date: Thu Sep 11 10:13:18 2014 New Revision: 273961 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273961 Log: Force inclusion of functions at bitcode. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Thu Sep 11 10:13:04 2014 (r273960) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.c Thu Sep 11 10:13:18 2014 (r273961) @@ -7,8 +7,18 @@ // The real function will be compiled and inserted by the JIT. int ipfw_chk_jit(struct ip_fw_args *args, struct ip_fw_chain *chain); +static int jump_fast(struct ip_fw_chain *chain, struct ip_fw *f, int num, + int tablearg, int jump_backwards); +static void set_match(struct ip_fw_args *args, int slot, struct ip_fw_chain *chain); +static int is_icmp_query(struct icmphdr *icmp); +static int ipopts_match(struct ip *ip, ipfw_insn *cmd); +static int tcpopts_match(struct tcphdr *tcp, ipfw_insn *cmd); +static int iface_match(struct ifnet *ifp, ipfw_insn_if *cmd, + struct ip_fw_chain *chain, uint32_t *tablearg); +static int verify_path(struct in_addr src, struct ifnet *ifp, u_int fib); +static void send_reject(struct ip_fw_args *args, int code, int iplen, + struct ip *ip); -void crfree(struct ucred *); time_t time_uptime = 0; /* XXX Function defined at ip_fw_sockopt.c @@ -41,7 +51,6 @@ int tags_minlen = 64; int tags_freelist_count = 0; static int tags_freelist_max = 0; - struct mbuf *mbuf_freelist; void @@ -87,50 +96,56 @@ struct _ipfw_insn_if; struct _ipfw_dyn_rule; -// We should hide this. -#ifndef __FreeBSD__ - struct bsd_ucred; -#else - struct ucred; -#endif - // This functions only forces the compiler to store the stubs of the functions // so that they can be used by the JIT-compiled code instead. -// this functions is not to be called anywhere. +// This function is not to be called ever. void voidfunction() { struct ip_fw_args arguments; struct ip_fw_chain chainss; - uint32_t thing; - - #ifndef __FreeBSD__ - struct bsd_ucred user_creds; - #else - struct ucred user_creds; - #endif - // These two structs are not included. + // These structs are not included. // We need to do something with them. struct _ipfw_insn_if insnif; struct _ipfw_dyn_rule rules; - - struct ip_fw_args *args = &arguments; + struct _ipfw_insn_ip ip; + struct _ipfw_insn_u16 u16; + struct _ipfw_dyn_rule rule; + struct ip_fw_args *args; struct ip_fw_chain *chain = &chainss; + struct ip_fw f; + struct icmphdr icmp; + struct ip ipstruct; + struct tcphdr tcp; + ipfw_insn cmd; + struct ifnet ifp; + ipfw_insn_if cmdif; + struct in_addr src; + + int n, tablearg, jmp; + uint32_t t; + u_int fib; + + args = &arguments; + ip.o.opcode = 1; + u16.o.opcode = 1; + rule.pcnt = 0; ipfw_find_rule(chain, 0, 0); - ipfw_chk_jit(args, chain); - insnif.o.opcode = 0; rules.next = &rules; -#ifdef __FreeBSD__ - struct ucred *ucreds = &user_creds; - - crfree(ucreds); -#endif - - thing = htonl(thing); - thing = ntohl(thing); + /* Functions */ + ipfw_chk_jit(args, chain); + n = tablearg = jmp = t = fib = 0; + jump_fast(chain, &f, n, tablearg, jmp); + set_match(args, n, chain); + is_icmp_query(&icmp); + ipopts_match(&ipstruct, &cmd); + tcpopts_match(&tcp, &cmd); + iface_match(&ifp, &cmdif, chain, &t); + verify_path(src, &ifp, fib); + send_reject(args, tablearg , n, &ipstruct); } From owner-svn-soc-all@FreeBSD.ORG Thu Sep 11 10:15:16 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF8CB6E1 for ; Thu, 11 Sep 2014 10:15:16 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A98CFD5B for ; Thu, 11 Sep 2014 10:15:16 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8BAFGsx094555 for ; Thu, 11 Sep 2014 10:15:16 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id s8BAFGDo094551 for svn-soc-all@FreeBSD.org; Thu, 11 Sep 2014 10:15:16 GMT (envelope-from dpl@FreeBSD.org) Date: Thu, 11 Sep 2014 10:15:16 GMT Message-Id: <201409111015.s8BAFGDo094551@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r273962 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2014 10:15:16 -0000 Author: dpl Date: Thu Sep 11 10:15:15 2014 New Revision: 273962 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=273962 Log: Added a test function to test the compilation of rules, corrected errors, and added the _frag, _in, and _layer2 functions, whose compilation is already tested. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Thu Sep 11 10:13:18 2014 (r273961) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/jit.cc Thu Sep 11 10:15:15 2014 (r273962) @@ -81,6 +81,7 @@ // Loop control. Value *Match; Value *L; + Value *M; Value *Done; Value *FPos; Value *Retval; @@ -228,22 +229,41 @@ // Get StrucType from bitcode. MbufTy = mod->getTypeByName("struct.mbuf"); + if (MbufTy == NULL) + err(1, "bitcode fault: struct.mbuf"); IfnetTy = mod->getTypeByName("struct.ifnet"); + if (IfnetTy == NULL) + err(1, "bitcode fault: struct.ifnet"); In_addrTy = mod->getTypeByName("struct.in_addr"); + if (In_addrTy == NULL) + err(1, "bitcode fault: struct.in_addr"); IpTy = mod->getTypeByName("struct.ip"); + if (IpTy == NULL) + err(1, "bitcode fault: struct.ip"); Ip_fw_argsTy = mod->getTypeByName("struct.ip_fw_args"); + if (Ip_fw_argsTy == NULL) + err(1, "bitcode fault: struct.ip_fw_args"); Ip_fw_chainTy = mod->getTypeByName("struct.ip_fw_chain"); + if (Ip_fw_chainTy == NULL) + err(1, "bitcode fault: struct.ip_fw_chain"); Ip_fwTy = mod->getTypeByName("struct.ip_fw"); + if (Ip_fwTy == NULL) + err(1, "bitcode fault: struct.ip_fw"); Ipfw_insnTy = mod->getTypeByName("struct._ipfw_insn"); + if (Ipfw_insnTy == NULL) + err(1, "bitcode fault: struct._ipfw_insn"); IpfwInsnU16Ty = mod->getTypeByName("struct._ipfw_insn_u16"); + if (IpfwInsnU16Ty == NULL) + err(1, "bitcode fault: struct._ipfw_insn_u16"); IpfwInsnIpTy = mod->getTypeByName("struct._ipfw_insn_ip"); + if (IpfwInsnIpTy == NULL) + err(1, "bitcode fault: struct._ipfw_insn_ip"); Ipfw_insn_ifTy = mod->getTypeByName("struct._ipfw_insn_if"); + if (Ipfw_insn_ifTy == NULL) + err(1, "bitcode fault: struct._ipfw_insn_if"); Ipfw_dyn_ruleTy = mod->getTypeByName("struct._ipfw_dyn_rule"); -#ifdef __FreeBSD__ - UcredTy = mod->getTypeByName("struct.ucred"); -#else - UcredTy = mod->getTypeByName("struct.bsd_ucred"); -#endif /* __FreeBSD__ */ + if (Ipfw_dyn_ruleTy == NULL) + err(1, "bitcode fault: struct._ipfw_dyn_rule"); // Create Pointer to StructType types. MbufPtrTy = PointerType::getUnqual(MbufTy); @@ -258,35 +278,69 @@ IpfwInsnIpPtrTy = PointerType::getUnqual(IpfwInsnIpTy); Ipfw_insn_ifPtrTy = PointerType::getUnqual(Ipfw_insn_ifTy); Ipfw_dyn_rulePtrTy = PointerType::getUnqual(Ipfw_dyn_ruleTy); -#ifdef __FreeBSD__ - UcredPtrTy = PointerType::getUnqual(UcredTy); -#endif + // Get Function defs from bitcode. // All of them are auxiliary functions. InspectPkt = mod->getFunction("inspect_pkt"); + if (InspectPkt == NULL) + err(1, "bitcode fault: inspect_pkt"); IsIcmpQuery = mod->getFunction("is_icmp_query"); + if (IsIcmpQuery == NULL) + err(1, "bitcode fault: is_icmp_query"); FlagsMatch = mod->getFunction("flags_match"); + if (FlagsMatch == NULL) + err(1, "bitcode fault: flags_match"); IpoptsMatch = mod->getFunction("ipopts_match"); + if (IpoptsMatch == NULL) + err(1, "bitcode fault: ipopts_match"); TcpoptsMatch = mod->getFunction("tcpopts_match"); - IfaceMatch = mod->getFunction("ifaceMatch"); + if (TcpoptsMatch == NULL) + err(1, "bitcode fault: tcpopts_match"); + IfaceMatch = mod->getFunction("iface_match"); + if (IfaceMatch == NULL) + err(1, "bitcode fault: iface_match"); VerifyPath = mod->getFunction("verify_path"); + if (VerifyPath == NULL) + err(1, "bitcode fault: verify_path"); #ifdef INET6 Icmp6typeMatch = mod->getFunction("icmp6type_match"); + if (Icmp6typeMatch == NULL) + err(1, "bitcode fault: icmp6type_match"); SearchIp6AddrNet = mod->getFunction("search_ip6_addr_net"); + if (SearchIp6AddrNet == NULL) + err(1, "bitcode fault: search_ip6_addr_net"); Flow6idMatch = mod->getFunction("flow6id_match"); + if (Flow6idMatch == NULL) + err(1, "bitcode fault: flow6id_match"); VerifyPath6 = mod->getFunction("verify_path6"); + if (VerifyPath6 == NULL) + err(1, "bitcode fault: verify_path6"); IsIcmp6Query = mod->getFunction("is_icmp6_query"); + if (IsIcmp6Query == NULL) + err(1, "bitcode fault: is_icmp6_query"); SendReject6 = mod->getFunction("send_reject6"); + if (SendReject6 == NULL) + err(1, "bitcode fault: send_reject6"); #endif /* INET6 */ SendReject = mod->getFunction("send_reject"); + if (SendReject == NULL) + err(1, "bitcode fault: send_reject"); SetMatch = mod->getFunction("set_match"); + if (SetMatch == NULL) + err(1, "bitcode fault: set_match"); JumpFast = mod->getFunction("jump_fast"); + if (JumpFast == NULL) + err(1, "bitcode fault: jump_fast"); // Functions declared at bitcode. PrintfFunc = mod->getFunction("printf"); + if (PrintfFunc == NULL) + err(1, "bitcode fault: printf"); IpfwFindRule = mod->getFunction("ipfw_find_rule"); + if (IpfwFindRule == NULL) + err(1, "bitcode fault: ipfw_find_rule"); } // Allocate and initialize LLVM vars. @@ -310,7 +364,7 @@ // m = args->m (idx: 0) MPtr = Irb.CreateAlloca(MbufPtrTy, nullptr, "m"); Irb.CreateStore(Irb.CreateLoad(Irb.CreateStructGEP(Args, 0)), MPtr); - Value *M = Irb.CreateLoad(MPtr); + M = Irb.CreateLoad(MPtr); // ip = (struct ip *)((m)->m_data) (idx: 2) IpPtr = Irb.CreateAlloca(IpPtrTy, nullptr, "ip"); @@ -475,11 +529,6 @@ Value *Slot = Irb.CreateStructGEP(Rule, 0); Value *SlotValue = Irb.CreateLoad(Slot); Comp = Irb.CreateICmpEQ(SlotValue, ConstantInt::get(Int32Ty, 0)); - // if (1) { - // Value *Str = Irb.CreateGlobalString("args->rule.slot: %d\n"); - // Value *StrFirstElement = Irb.CreateStructGEP(Str, 0); - // Irb.CreateCall(PrintfFunc, {StrFirstElement}); - // } Irb.CreateCondBr(Comp, Nottagged, Tagged); Irb.SetInsertPoint(Tagged); @@ -512,13 +561,6 @@ // else f_pos = 0; // Since f_pos is initialized by default as 0, we only br. Irb.SetInsertPoint(Nottagged); - // XXX Fpos - // if (1) { - // Value *Str = Irb.CreateGlobalString("f_pos: %d\n&fpos: %p\n"); - // Value *StrFirstElement = Irb.CreateStructGEP(Str, 0); - // Irb.CreateCall(PrintfFunc, {StrFirstElement, FPos, FPos}); - // } - // Jump to first rule. Irb.CreateBr(rules.front()); } @@ -529,7 +571,11 @@ mod = loadBitcode("rules.bc"); Func = mod->getFunction("ipfw_chk_jit"); + if (Func == NULL) + err(1, "bitcode fault: ipfw_chk_jit"); + Func->setLinkage(GlobalValue::ExternalLinkage); + // Create static BasicBlocks. // The entry basic block contains all the initialization // and allocation of resources, and a basic check done @@ -593,8 +639,6 @@ exit(1); } - // mod->dump(); - // XXX We should use a NON deperecated function. return (funcptr)EE->getPointerToFunction(mod->getFunction("ipfw_chk_jit")); } @@ -937,30 +981,30 @@ // Rules - // XXX Not tested. + // XXX Exec not tested. void emit_nop() { Irb.CreateStore(ConstantInt::get(Int32Ty, 1), Match); } - // XXX Not tested. + // XXX Exec not tested. void - emit_forward_mac(u_int8_t opcode) + emit_forward_mac() { printf("Compilation error:\n"); - printf("ipfwjitter: opcode %d unimplemented\n", opcode); + printf("ipfwjitter: MAC forwarding unimplemented\n"); printf("Compilation continues.\n"); } - // XXX Not tested. + // XXX Exec not tested. void emit_jail() { - BasicBlock *OffsetNZ = BasicBlock::Create(Con, "offsetnotzero", Func); - BasicBlock *OffsetZE = BasicBlock::Create(Con, "offsetiszero", Func); - BasicBlock *TCPorUDP = BasicBlock::Create(Con, "setmatchzero", Func); - BasicBlock *Continue = BasicBlock::Create(Con, "Continue", Func); + BasicBlock *OffsetNZ = BasicBlock::Create(Con, "R_offsetnotzero", Func); + BasicBlock *OffsetZE = BasicBlock::Create(Con, "R_offsetiszero", Func); + BasicBlock *TCPorUDP = BasicBlock::Create(Con, "R_setmatchzero", Func); + BasicBlock *Continue = BasicBlock::Create(Con, "R_Continue", Func); Value *Comp; // if (offset != 0) @@ -984,8 +1028,8 @@ // *match = 0; Irb.SetInsertPoint(OffsetZE); Value *ProtoL = Irb.CreateLoad(Proto); - Comp = Irb.CreateICmpEQ(OffsetL, ConstantInt::get(Int8Ty, IPPROTO_TCP)); - Value *Comp2 = Irb.CreateICmpEQ(OffsetL, ConstantInt::get(Int8Ty, IPPROTO_UDP)); + Comp = Irb.CreateICmpEQ(OffsetL, ConstantInt::get(OffsetL->getType(), IPPROTO_TCP)); + Value *Comp2 = Irb.CreateICmpEQ(OffsetL, ConstantInt::get(OffsetL->getType(), IPPROTO_UDP)); Irb.CreateCondBr(Comp, TCPorUDP, Continue); Irb.CreateCondBr(Comp2, TCPorUDP, Continue); @@ -997,87 +1041,120 @@ Irb.SetInsertPoint(Continue); } - // XXX Not tested. + // XXX Exec not tested. void emit_recv() { //*match = iface_match(m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, chain, tablearg); - Value *rcvif = Irb.CreateStructGEP(Irb.CreateStructGEP(Irb.CreateLoad(MPtr), 5), 0); - Value *cmdc = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); - Value *IfaceMatchCall = Irb.CreateCall4(IfaceMatch, rcvif, cmdc, Chain, Tablearg); + Value *MPkthdr = Irb.CreateStructGEP(M, 5); + Value *Rcvif = Irb.CreateStructGEP(MPkthdr, 0); + Value *RcvifL = Irb.CreateLoad(Rcvif); + Value *CmdL = Irb.CreateLoad(Cmd); + Value *CmdBitC = Irb.CreateBitCast(CmdL, Ipfw_insn_ifPtrTy); + Value *IfaceMatchCall = Irb.CreateCall4(IfaceMatch, RcvifL, CmdBitC, Chain, Tablearg); Irb.CreateStore(IfaceMatchCall, Match); } - // XXX Not tested. + // XXX Exec not tested. void emit_xmit() { //*match = iface_match(oif, (ipfw_insn_if *)cmd, chain, tablearg); - Value *Cmdc = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); + Value *CmdL = Irb.CreateLoad(Cmd); + Value *Cmdc = Irb.CreateBitCast(CmdL, Ipfw_insn_ifPtrTy); Value *IfaceMatchCall = Irb.CreateCall4(IfaceMatch, Oif, Cmdc, Chain, Tablearg); Irb.CreateStore(IfaceMatchCall, Match); } - // XXX Not tested. + // XXX Exec not tested. void emit_via() { - BasicBlock *OifNZ = BasicBlock::Create(Con, "OifNotZero", Func); - BasicBlock *OifZE = BasicBlock::Create(Con, "OifIsZero", Func); + BasicBlock *OifNZ = BasicBlock::Create(Con, "R_OifNotZero", Func); + BasicBlock *OifZE = BasicBlock::Create(Con, "R_OifIsZero", Func); + Value *IfaceMatchCall; // if (oif) // match = iface_match(oif, (ipfw_insn_if *)cmd, chain, &tablearg); // else // match = iface_match(m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, // chain, &tablearg); - // break; - //Value *Comp = Irb.CreateICmp(Oif, ConstantPointerNull::get(IfnetPtrTy)); + Value *Comp = Irb.CreateICmpNE(Oif, ConstantPointerNull::get((PointerType *)Oif->getType())); + Value *CmdLBitC = Irb.CreateBitCast(Cmd, Ipfw_insn_ifPtrTy); + Irb.CreateCondBr(Comp, OifNZ, OifZE ); + Irb.SetInsertPoint(OifNZ); + // match = iface_match(oif, (ipfw_insn_if *)cmd, chain, &tablearg); + IfaceMatchCall = Irb.CreateCall4(IfaceMatch, Oif, CmdLBitC, Chain, Tablearg); + Irb.CreateStore(IfaceMatchCall, Match); + + Irb.SetInsertPoint(OifZE); + // match = iface_match(m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, + // chain, &tablearg); + Value *MPkthdr = Irb.CreateStructGEP(M, 5); + Value *Rcvif = Irb.CreateStructGEP(MPkthdr, 0); + Value *RcvifL = Irb.CreateLoad(Rcvif); + IfaceMatchCall = Irb.CreateCall4(IfaceMatch, RcvifL, CmdLBitC, Chain, Tablearg); + Irb.CreateStore(IfaceMatchCall, Match); } - // XXX Not tested. void emit_macaddr2() { } - // XXX Not tested. void emit_mac_type() { } - // XXX Not tested. + + // XXX Exec not tested. void emit_frag() { + // match = (offset != 0); + Value *OffsetL = Irb.CreateLoad(Offset); + Value *Comp = Irb.CreateICmpNE(OffsetL, ConstantInt::get(OffsetL->getType(), 0)); + Value *Comp32 = Irb.CreateSExt(Comp, Int32Ty); + Irb.CreateStore(Comp32, Match); } - // XXX Not tested. + // XXX Exec not tested. void emit_in() { + // "out" is "not in" + // match = (oif == NULL); + Value *OffsetL = Irb.CreateLoad(Offset); + Value *Comp = Irb.CreateICmpEQ(OffsetL, ConstantInt::get(OffsetL->getType(), 0)); + Value *Comp32 = Irb.CreateSExt(Comp, Int32Ty); + Irb.CreateStore(Comp32, Match); } - // XXX Not tested. + // XXX Exec not tested. void emit_layer2() { + // match = (args->eh != NULL); + Value *EhPtr = Irb.CreateStructGEP(Args, 5); + Value *Eh = Irb.CreateLoad(EhPtr); + Value *Comp = Irb.CreateICmpNE(Eh, ConstantPointerNull::get((PointerType *)Eh->getType())); + Value *Comp32 = Irb.CreateSExt(Comp, Int32Ty); + Irb.CreateStore(Comp32, Match); } - // XXX Not tested. void emit_diverted() { } - // XXX Not tested. void emit_proto() { } - // XXX Not tested. + // XXX Exec not tested. void emit_ip_src() { @@ -1086,69 +1163,65 @@ // src_ip.s_addr); // ((ipfw_insn_ip *)cmd)->addr.s_addr - // addr only has one element (s_adddr) we only need one GEP. - Value *CmdL = Irb.CreateLoad(Cmd); - Value *CmdLBitC = Irb.CreateBitCast(CmdL, IpfwInsnIpPtrTy); - Value *CmdSAddr = Irb.CreateStructGEP(CmdLBitC, 1); + Value *CmdBitC = Irb.CreateBitCast(Cmd, IpfwInsnIpPtrTy); + Value *CmdAddr = Irb.CreateStructGEP(CmdBitC, 1); + Value *CmdSAddr = Irb.CreateStructGEP(CmdAddr, 0); Value *CmdSAddrL = Irb.CreateLoad(CmdSAddr); // src_ip.s_addr - Value *SrcIpL = Irb.CreateLoad(SrcIp); - Value *SrcAddr = Irb.CreateStructGEP(SrcIpL, 0); - Value *Comp = Irb.CreateICmpEQ(CmdSAddrL, SrcAddr); - - Value *NewMatch = Irb.CreateAnd(Comp, IsIpv4); + //Value *SrcIpL = Irb.CreateLoad(SrcIp); + Value *SrcAddr = Irb.CreateStructGEP(SrcIp, 0); + Value *SrcAddrL = Irb.CreateLoad(SrcAddr); + //s_addr == src_ip.s_addr + Value *Comp = Irb.CreateICmpEQ(CmdSAddrL, SrcAddrL); + + Value *IsIpv4L = Irb.CreateLoad(IsIpv4); + Value *Comp32 = Irb.CreateZExt(Comp, IsIpv4L->getType()); + Value *NewMatch = Irb.CreateAnd(Comp32, IsIpv4L); + Irb.CreateStore(NewMatch, Match); } - // XXX Not tested. void emit_ip_dst_lookup() { } - // XXX Not tested. void emit_ip_dst_mask() { } - // XXX Not tested. void emit_ip_src_me() { } - // XXX Not tested. void emit_ip6_src_me() { } - // XXX Not tested. void emit_ip_src_set() { } - // XXX Not tested. void emit_ip_dst() { } - // XXX Not tested. void emit_ip_dst_me() { } - // XXX Not tested. void emit_ip6_dst_me() { } - // XXX Not tested. + // XXX Exec not tested. void emit_ip_dstport() { @@ -1183,19 +1256,22 @@ Value *P = Irb.CreateAlloca(Int16PtrTy, nullptr, "p"); Value *I = Irb.CreateAlloca(Int32Ty, nullptr, "i"); // p = ((ipfw_insn_u16 *)cmd)->ports; - // XXX TODO Ensure correctness. Value *CmdLBitC = Irb.CreateBitCast(Cmd, IpfwInsnU16PtrTy); Value *Ports = Irb.CreateStructGEP(CmdLBitC, 1); - Irb.CreateStore(Ports, P); + Value *PortsGEP = Irb.CreateStructGEP(Ports, 0); + Irb.CreateStore(PortsGEP, P); + // New p Value *PL = Irb.CreateLoad(P); // (proto == IPPROTO_UDP || proto == IPPROTO_TCP) - Value *Comp1 = Irb.CreateICmpEQ(Proto, ConstantInt::get(Proto->getType(), IPPROTO_TCP)); - Value *Comp2 = Irb.CreateICmpEQ(Proto, ConstantInt::get(Proto->getType(), IPPROTO_UDP)); + Value *ProtoL = Irb.CreateLoad(Proto); + Value *Comp1 = Irb.CreateICmpEQ(ProtoL, ConstantInt::get(ProtoL->getType(), IPPROTO_TCP)); + Value *Comp2 = Irb.CreateICmpEQ(ProtoL, ConstantInt::get(ProtoL->getType(), IPPROTO_UDP)); Value *OrComps = Irb.CreateOr(Comp1, Comp2); // (Offset == 0) - Value *Comp3 = Irb.CreateICmpEQ(Offset, ConstantInt::get(Offset->getType(), 0)); + Value *OffsetL = Irb.CreateLoad(Offset); + Value *Comp3 = Irb.CreateICmpEQ(OffsetL, ConstantInt::get(OffsetL->getType(), 0)); // (OrComps && Comp3) Comp = Irb.CreateAnd(OrComps, Comp3); Irb.CreateCondBr(Comp, Yes, Out); @@ -1208,22 +1284,25 @@ Value *Opcode = Irb.CreateLoad(OpcodePtr); Comp = Irb.CreateICmpEQ(Opcode, ConstantInt::get(Opcode->getType(), O_IP_SRCPORT)); Irb.CreateCondBr(Comp, Src, Dst); - + Irb.SetInsertPoint(Src); // u_int16_t x = src_port; - Irb.CreateStore(SrcPort, X); + Value *SrcPortL = Irb.CreateLoad(SrcPort); + Irb.CreateStore(SrcPortL, X); Irb.CreateBr(Loop); Irb.SetInsertPoint(Dst); // u_int16_t x = dst_port; - Irb.CreateStore(DstPort, X); + Value *DstPortL = Irb.CreateLoad(DstPort); + Irb.CreateStore(DstPortL, X); Irb.CreateBr(Loop); Irb.SetInsertPoint(Loop); // Loop initialisation // i = cmdlen - 1; // cmdlen: signed - Value *Sub = Irb.CreateNSWSub(CmdLen, ConstantInt::get(CmdLen->getType(), 1)); + Value *CmdLenL = Irb.CreateLoad(CmdLen); + Value *Sub = Irb.CreateNSWSub(CmdLenL, ConstantInt::get(CmdLenL->getType(), 1)); Irb.CreateStore(Sub, I); Irb.CreateBr(ContLoop); @@ -1232,23 +1311,24 @@ // while((!match) && (i>0)) { Value *IL = Irb.CreateLoad(I); Value *MatchL = Irb.CreateLoad(Match); - Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(Match->getType(), 0)); - Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(I->getType(), 0)); + Comp1 = Irb.CreateICmpEQ(MatchL, ConstantInt::get(MatchL->getType(), 0)); + Comp2 = Irb.CreateICmpSGT(IL, ConstantInt::get(IL->getType(), 0)); Value *BreakCond = Irb.CreateAnd(Comp1, Comp2); Irb.CreateCondBr(BreakCond, ContLoop, Out); // match = ((x >= p[0]) && (x <= p[1])); - Value *PZ = Irb.CreateStructGEP(PL, 0); - Value *PO = Irb.CreateStructGEP(PL, 1); + // FIXME + Value *PZ = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 0)); + Value *PO = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 1)); Comp1 = Irb.CreateICmpUGE(X, PZ); Comp2 = Irb.CreateICmpULE(X, PO); Comp = Irb.CreateAnd(Comp1, Comp2); - Value *Comp32 = Irb.CreateSExt(Comp, Match->getType()); + Value *Comp32 = Irb.CreateSExt(Comp, MatchL->getType()); Irb.CreateStore(Comp32, Match); // Increment, decrement. // i--; - Value *ILD = Irb.CreateNSWSub(IL, ConstantInt::get(I->getType(), 1)); + Value *ILD = Irb.CreateNSWSub(IL, ConstantInt::get(IL->getType(), 1)); Irb.CreateStore(ILD, I); // p += 2; Value *PGEP = Irb.CreateInBoundsGEP(PL, ConstantInt::get(Int32Ty, 2)); @@ -1258,199 +1338,166 @@ Irb.SetInsertPoint(Out); } - // XXX Not tested. void emit_icmptype() { } - // XXX Not tested. void emit_icmp6type() { } - // XXX Not tested. void emit_ipopt() { } - // XXX Not tested. void emit_ipver() { } - // XXX Not tested. void emit_ipttl() { } - // XXX Not tested. void emit_ipprecedence() { } - // XXX Not tested. void emit_iptos() { } - // XXX Not tested. void emit_dscp() { } - // XXX Not tested. void emit_tcpdatalen() { } - // XXX Not tested. void emit_tcpflags() { } - // XXX Not tested. void emit_tcpopts() { } - // XXX Not tested. void emit_tcpseq() { } - // XXX Not tested. void emit_tcpack() { } - // XXX Not tested. void emit_tcpwin() { } - // XXX Not tested. void emit_estab() { } - // XXX Not tested. void emit_altq() { } - // XXX Not tested. void emit_log() { } - // XXX Not tested. void emit_prob() { } - // XXX Not tested. void emit_verrevpath() { } - // XXX Not tested. void emit_versrcreach() { } - // XXX Not tested. void emit_antispoof() { } - // XXX Not tested. void emit_ipsec() { } - // XXX Not tested. void emit_ip6_src() { } - // XXX Not tested. void emit_ip6_dst() { } - // XXX Not tested. void emit_ip6_dst_mask() { } - // XXX Not tested. void emit_flow6id() { } - // XXX Not tested. void emit_ext_hdr() { } - // XXX Not tested. void emit_ip6() { } - // XXX Not tested. void emit_ip4() { } - // XXX Not tested. void emit_tag() { } - // XXX Not tested. void emit_fib() { } - // XXX Not tested. void emit_sockarg() { } - // XXX Not tested. void emit_tagged() { @@ -1498,13 +1545,11 @@ * l=0, cmdlen=0. */ - // XXX Not tested. void emit_keep_state() { } - // XXX Not tested. void emit_check_state() { @@ -1522,49 +1567,64 @@ Irb.CreateStore(ConstantInt::get(Int32Ty, 1), Done); } - // XXX Not tested. void emit_queue() { } - // XXX Not tested. void emit_tee() { } - // XXX Not tested. void emit_count() { } - // XXX Not tested. + // TODO void emit_skipto() { + // IPFW_INC_RULE_COUNTER(f, pktlen); + // f_pos = jump_fast(chain, f, cmd->arg1, tablearg, 0); + // /* + // * Skip disabled rules, and re-enter + // * the inner loop with the correct + // * f_pos, f, l and cmd. + // * Also clear cmdlen and skip_or + // */ + // for (; f_pos < chain->n_rules - 1 && + // (V_set_disable & + // (1 << chain->map[f_pos]->set)); + // f_pos++) + // ; + // /* Re-enter the inner loop at the skipto rule. */ + // f = chain->map[f_pos]; + // l = f->cmd_len; + // cmd = f->cmd; + // match = 1; + // cmdlen = 0; + // skip_or = 0; + // continue; } - // XXX Not tested. void emit_callreturn() { } - // XXX Not tested. void emit_reject() { } - // XXX Not tested. void emit_unreach6() { } - // XXX Not tested. + // XXX Exec not tested. void emit_deny() { @@ -1576,49 +1636,66 @@ Irb.CreateStore(ConstantInt::get(Int32Ty, 1), Done); } - // XXX Not tested. void emit_forward_ip() { } - // XXX Not tested. void emit_forward_ip6() { } - // XXX Not tested. void emit_ngtee() { } - // XXX Not tested. void emit_setfib() { } - // XXX Not tested. void emit_setdscp() { } - // XXX Not tested. void emit_nat() { } - // XXX Not tested. void emit_reass() { } }; +// Function to test compilation code. +// Filtering code has to be tested by real usage. +void +test_compilation() +{ + printf("Creating object\n"); + ipfwJIT compiler(1); + printf("emit_outer_for_prologue()\n"); + compiler.emit_outer_for_prologue(); + printf("emit_inner_for_prologue()\n"); + compiler.emit_inner_for_prologue(); + // Rule to test + printf("testing rule\n"); + compiler.emit_layer2(); + printf("emit_inner_for_epilogue()\n"); + compiler.emit_inner_for_epilogue(); + printf("emit_outer_for_epilogue()\n"); + compiler.emit_outer_for_epilogue(); + compiler.end_rule(); + printf("emit_end()\n"); + compiler.emit_end(); + err(1, "Compilation"); +} + extern "C" funcptr compile_code(struct ip_fw_args *args, struct ip_fw_chain *chain) { @@ -1628,6 +1705,8 @@ if (chain->n_rules == 0) return (NULL); + // test_compilation(); + ipfwJIT compiler(chain->n_rules); // Iterate through the rules. @@ -1656,8 +1735,9 @@ compiler.emit_nop(); break; + // XXX Not implemented in netmap-ipfw case O_FORWARD_MAC: - compiler.emit_forward_mac(cmd->opcode); + compiler.emit_forward_mac(); break; case O_GID: