diff options
Diffstat (limited to 'filter')
| -rw-r--r-- | filter/Makefile | 18 | ||||
| -rw-r--r-- | filter/config.Y | 754 | ||||
| -rw-r--r-- | filter/data.c | 537 | ||||
| -rw-r--r-- | filter/data.h | 203 | ||||
| -rw-r--r-- | filter/decl.m4 | 583 | ||||
| -rw-r--r-- | filter/f-inst.c | 1173 | ||||
| -rw-r--r-- | filter/f-inst.h | 73 | ||||
| -rw-r--r-- | filter/f-util.c | 119 | ||||
| -rw-r--r-- | filter/filter.c | 1974 | ||||
| -rw-r--r-- | filter/filter.h | 312 | ||||
| -rw-r--r-- | filter/filter_test.c | 66 | ||||
| -rw-r--r-- | filter/test-reconf-begin.conf | 23 | ||||
| -rw-r--r-- | filter/test-reconf-end.conf | 23 | ||||
| -rw-r--r-- | filter/test.conf | 37 | ||||
| -rw-r--r-- | filter/tree.c | 31 | ||||
| -rw-r--r-- | filter/tree_test.c | 11 | ||||
| -rw-r--r-- | filter/trie.c | 15 | ||||
| -rw-r--r-- | filter/trie_test.c | 1 |
18 files changed, 3495 insertions, 2458 deletions
diff --git a/filter/Makefile b/filter/Makefile index 6bada8ca..c2062534 100644 --- a/filter/Makefile +++ b/filter/Makefile @@ -1,8 +1,24 @@ -src := filter.c f-util.c tree.c trie.c +src := filter.c data.c f-util.c tree.c trie.c inst-gen.c obj := $(src-o-files) $(all-daemon) $(cf-local) +#M4FLAGS_FILTERS=$(filter-out -s,$(M4FLAGS)) +M4FLAGS_FILTERS=$(M4FLAGS) + +$(o)inst-gen.h: $(s)decl.m4 $(s)f-inst.c $(objdir)/.dir-stamp + $(M4) $(M4FLAGS_FILTERS) -DTARGET=H -P $^ >$@ + +$(o)inst-gen.c: $(s)decl.m4 $(s)f-inst.c $(objdir)/.dir-stamp + $(M4) $(M4FLAGS_FILTERS) -DTARGET=C -P $^ >$@ + +$(o)inst-interpret.c: $(s)decl.m4 $(s)f-inst.c $(objdir)/.dir-stamp + $(M4) $(M4FLAGS_FILTERS) -DTARGET=I -P $^ >$@ + +prepare: $(o)inst-interpret.c $(o)inst-gen.h + tests_src := tree_test.c filter_test.c trie_test.c tests_targets := $(tests_targets) $(tests-target-files) tests_objs := $(tests_objs) $(src-o-files) + +$(call clean,inst-gen.h inst-gen.c inst-interpret.c) diff --git a/filter/config.Y b/filter/config.Y index 02de3416..83319194 100644 --- a/filter/config.Y +++ b/filter/config.Y @@ -10,12 +10,17 @@ CF_HDR +#include "filter/f-inst.h" +#include "filter/data.h" + CF_DEFINES static inline u32 pair(u32 a, u32 b) { return (a << 16) | b; } static inline u32 pair_a(u32 p) { return p >> 16; } static inline u32 pair_b(u32 p) { return p & 0xFFFF; } +#define f_generate_complex(fi_code, da, arg) \ + f_new_inst(FI_EA_SET, f_new_inst(fi_code, f_new_inst(FI_EA_GET, da), arg), da) /* * Sets and their items are during parsing handled as lists, linked @@ -158,30 +163,29 @@ f_new_lc_item(u32 f1, u32 t1, u32 f2, u32 t2, u32 f3, u32 t3) static inline struct f_inst * f_generate_empty(struct f_dynamic_attr dyn) { - struct f_inst *e = f_new_inst(FI_EMPTY); + struct f_val empty; switch (dyn.type & EAF_TYPE_MASK) { case EAF_TYPE_AS_PATH: - e->aux = T_PATH; + empty = f_const_empty_path; break; case EAF_TYPE_INT_SET: - e->aux = T_CLIST; + empty = f_const_empty_clist; break; case EAF_TYPE_EC_SET: - e->aux = T_ECLIST; + empty = f_const_empty_eclist; break; case EAF_TYPE_LC_SET: - e->aux = T_LCLIST; + empty = f_const_empty_lclist; break; default: cf_error("Can't empty that attribute"); } - struct f_inst *s = f_new_inst_da(FI_EA_SET, dyn); - s->a1.p = e; - return s; + return f_new_inst(FI_EA_SET, f_new_inst(FI_CONSTANT, empty), dyn); } +#if 0 static inline struct f_inst * f_generate_dpair(struct f_inst *t1, struct f_inst *t2) @@ -189,20 +193,22 @@ f_generate_dpair(struct f_inst *t1, struct f_inst *t2) struct f_inst *rv; if ((t1->fi_code == FI_CONSTANT) && (t2->fi_code == FI_CONSTANT)) { - if ((t1->aux != T_INT) || (t2->aux != T_INT)) + if ((t1->val.type != T_INT) || (t2->val.type != T_INT)) cf_error( "Can't operate with value of non-integer type in pair constructor"); - check_u16(t1->a2.i); - check_u16(t2->a2.i); + check_u16(t1->a[1].i); + check_u16(t2->a[1].i); rv = f_new_inst(FI_CONSTANT); - rv->aux = T_PAIR; - rv->a2.i = pair(t1->a2.i, t2->a2.i); + rv->val = (struct f_val) { + .type = T_PAIR, + .val.i = pair(t1->a[1].i, t2->a[1].i), + }; } else { rv = f_new_inst(FI_PAIR_CONSTRUCT); - rv->a1.p = t1; - rv->a2.p = t2; + rv->a[0].p = t1; + rv->a[1].p = t2; } return rv; @@ -217,26 +223,12 @@ f_generate_ec(u16 kind, struct f_inst *tk, struct f_inst *tv) if (tk->fi_code == FI_CONSTANT) { c1 = 1; - - if (tk->aux == T_INT) { - ipv4_used = 0; key = tk->a2.i; - } - else if (tk->aux == T_QUAD) { - ipv4_used = 1; key = tk->a2.i; - } - else - cf_error("Can't operate with key of non-integer/IPv4 type in EC constructor"); - } - - /* IP->Quad implicit conversion */ - else if (tk->fi_code == FI_CONSTANT_INDIRECT) { - c1 = 1; - struct f_val *val = tk->a1.p; + struct f_val *val = &(tk->val); if (val->type == T_INT) { ipv4_used = 0; key = val->val.i; } - else if (val->type == T_QUAD) { + else if (tk->val.type == T_QUAD) { ipv4_used = 1; key = val->val.i; } else if ((val->type == T_IP) && ipa_is_ip4(val->val.ip)) { @@ -247,10 +239,10 @@ f_generate_ec(u16 kind, struct f_inst *tk, struct f_inst *tv) } if (tv->fi_code == FI_CONSTANT) { - if (tv->aux != T_INT) + if (tv->val.type != T_INT) cf_error("Can't operate with value of non-integer type in EC constructor"); c2 = 1; - val2 = tv->a2.i; + val2 = tv->val.val.i; } if (c1 && c2) { @@ -271,17 +263,17 @@ f_generate_ec(u16 kind, struct f_inst *tk, struct f_inst *tv) ec = ec_as4(kind, key, val2); } - NEW_F_VAL; - rv = f_new_inst(FI_CONSTANT_INDIRECT); - rv->a1.p = val; - val->type = T_EC; - val->val.ec = ec; + rv = f_new_inst(FI_CONSTANT); + rv->val = (struct f_val) { + .type = T_EC, + .val.ec = ec, + }; } else { rv = f_new_inst(FI_EC_CONSTRUCT); rv->aux = kind; - rv->a1.p = tk; - rv->a2.p = tv; + rv->a[0].p = tk; + rv->a[1].p = tv; } return rv; @@ -293,48 +285,59 @@ f_generate_lc(struct f_inst *t1, struct f_inst *t2, struct f_inst *t3) struct f_inst *rv; if ((t1->fi_code == FI_CONSTANT) && (t2->fi_code == FI_CONSTANT) && (t3->fi_code == FI_CONSTANT)) { - if ((t1->aux != T_INT) || (t2->aux != T_INT) || (t3->aux != T_INT)) + if ((t1->val.type != T_INT) || (t2->val.type != T_INT) || (t3->val.type != T_INT)) cf_error( "LC - Can't operate with value of non-integer type in tuple constructor"); - rv = f_new_inst(FI_CONSTANT_INDIRECT); - - NEW_F_VAL; - rv->a1.p = val; - val->type = T_LC; - val->val.lc = (lcomm) { t1->a2.i, t2->a2.i, t3->a2.i }; + rv = f_new_inst(FI_CONSTANT); + rv->val = (struct f_val) { + .type = T_LC, + .val.lc = (lcomm) { t1->a[1].i, t2->a[1].i, t3->a[1].i }, + }; } else { rv = f_new_inst(FI_LC_CONSTRUCT); - rv->a1.p = t1; - rv->a2.p = t2; - rv->a3.p = t3; + rv->a[0].p = t1; + rv->a[1].p = t2; + rv->a[2].p = t3; } return rv; } static inline struct f_inst * -f_generate_path_mask(struct f_path_mask *t) +f_generate_path_mask(struct f_inst *t) { - for (struct f_path_mask *tt = t; tt; tt = tt->next) { - if (tt->kind == PM_ASN_EXPR) { - struct f_inst *mrv = f_new_inst(FI_PATHMASK_CONSTRUCT); - mrv->a1.p = t; - return mrv; - } + uint len = 0; + uint dyn = 0; + for (const struct f_inst *tt = t; tt; tt = tt->next) { + if (tt->fi_code != FI_CONSTANT) + dyn++; + len++; } - NEW_F_VAL; - val->type = T_PATH_MASK; - val->val.path_mask = t; + if (dyn) { + struct f_inst *pmc = f_new_inst(FI_PATHMASK_CONSTRUCT); + pmc->a[0].p = t; + pmc->a[1].i = len; + return pmc; + } - struct f_inst *rv = f_new_inst(FI_CONSTANT_INDIRECT); - rv->a1.p = val; + struct f_path_mask *pm = cfg_allocz(sizeof(struct f_path_mask) + len * sizeof(struct f_path_mask_item)); - return rv; + uint i = 0; + for (const struct f_inst *tt = t; tt; tt = tt->next) + pm->item[i++] = tt->val.val.pmi; + + pm->len = i; + struct f_inst *pmc = f_new_inst(FI_CONSTANT); + pmc->val = (struct f_val) { .type = T_PATH_MASK, .val.path_mask = pm, }; + + return pmc; } +#endif + /* * Remove all new lines and doubled whitespaces * and convert all tabulators to spaces @@ -383,21 +386,41 @@ assert_copy_expr(const char *start, size_t len) static struct f_inst * assert_done(struct f_inst *expr, const char *start, const char *end) { - struct f_inst *i; - i = f_new_inst(FI_ASSERT); - i->a1.p = expr; + return f_new_inst(FI_ASSERT, expr, + (end >= start) ? + assert_copy_expr(start, end - start + 1) + : "???"); +} - if (end >= start) - { - i->a2.p = assert_copy_expr(start, end - start + 1); - } - else - { - /* this is a break of lexer buffer */ - i->a2.p = "???"; +static struct f_inst * +assert_assign(struct f_lval *lval, struct f_inst *expr, const char *start, const char *end) +{ + struct f_inst *setter, *getter, *checker; + switch (lval->type) { + case F_LVAL_VARIABLE: + setter = f_new_inst(FI_VAR_SET, expr, lval->sym); + getter = f_new_inst(FI_VAR_GET, lval->sym); + break; + case F_LVAL_PREFERENCE: + setter = f_new_inst(FI_PREF_SET, expr); + getter = f_new_inst(FI_PREF_GET); + break; + case F_LVAL_SA: + setter = f_new_inst(FI_RTA_SET, expr, lval->sa); + getter = f_new_inst(FI_RTA_GET, lval->sa); + break; + case F_LVAL_EA: + setter = f_new_inst(FI_EA_SET, expr, lval->da); + getter = f_new_inst(FI_EA_GET, lval->da); + break; + default: + bug("Unknown lval type"); } - return i; + checker = f_new_inst(FI_EQ, expr, getter); + setter->next = checker; + + return assert_done(setter, start, end); } CF_DECLS @@ -418,56 +441,58 @@ CF_KEYWORDS(FUNCTION, PRINT, PRINTN, UNSET, RETURN, PREPEND, FIRST, LAST, LAST_NONAGGREGATED, MATCH, EMPTY, FILTER, WHERE, EVAL, ATTRIBUTE, - BT_ASSERT, BT_TEST_SUITE, FORMAT) + BT_ASSERT, BT_TEST_SUITE, BT_CHECK_ASSIGN, BT_TEST_SAME, FORMAT) %nonassoc THEN %nonassoc ELSE -%type <x> term block cmds cmds_int cmd function_body constant constructor print_one print_list var_list var_listn function_call symbol bgp_path_expr +%type <xp> cmds_int +%type <x> term block cmd cmds constant constructor print_list var_list function_call symbol_value bgp_path_expr bgp_path bgp_path_tail %type <fda> dynamic_attr %type <fsa> static_attr -%type <f> filter filter_body where_filter -%type <i> type break_command ec_kind +%type <f> filter where_filter +%type <fl> filter_body function_body +%type <flv> lvalue +%type <i> type function_args function_vars +%type <ecs> ec_kind +%type <fret> break_command %type <i32> cnum %type <e> pair_item ec_item lc_item set_item switch_item set_items switch_items switch_body %type <trie> fprefix_set %type <v> set_atom switch_atom fipa %type <px> fprefix -%type <s> decls declsn one_decl function_params -%type <h> bgp_path bgp_path_tail %type <t> get_cf_position CF_GRAMMAR conf: filter_def ; filter_def: - FILTER SYM { $2 = cf_define_symbol($2, SYM_FILTER, NULL); cf_push_scope( $2 ); } + FILTER CF_SYM_VOID { $2 = cf_define_symbol($2, SYM_FILTER, filter, NULL); cf_push_scope( $2 ); } filter_body { - $2->def = $4; - $4->name = $2->name; - DBG( "We have new filter defined (%s)\n", $2->name ); + struct filter *f = cfg_alloc(sizeof(struct filter)); + *f = (struct filter) { .sym = $2, .root = $4 }; + $2->filter = f; + cf_pop_scope(); } ; conf: filter_eval ; filter_eval: - EVAL term { f_eval_int($2); } + EVAL term { f_eval_int(f_linearize($2)); } ; conf: custom_attr ; -custom_attr: ATTRIBUTE type SYM ';' { - cf_define_symbol($3, SYM_ATTRIBUTE, ca_lookup(new_config->pool, $3->name, $2)->fda); +custom_attr: ATTRIBUTE type CF_SYM_VOID ';' { + cf_define_symbol($3, SYM_ATTRIBUTE, attribute, ca_lookup(new_config->pool, $3->name, $2)->fda); }; conf: bt_test_suite ; bt_test_suite: - BT_TEST_SUITE '(' SYM ',' text ')' { - if (!($3->class & SYM_FUNCTION)) - cf_error("Function expected"); - - struct f_bt_test_suite *t = cfg_alloc(sizeof(struct f_bt_test_suite)); - t->fn = $3->def; + BT_TEST_SUITE '(' CF_SYM_KNOWN ',' text ')' { + cf_assert_symbol($3, SYM_FUNCTION); + struct f_bt_test_suite *t = cfg_allocz(sizeof(struct f_bt_test_suite)); + t->fn = $3->function; t->fn_name = $3->name; t->dsc = $5; @@ -475,6 +500,21 @@ bt_test_suite: } ; +conf: bt_test_same ; +bt_test_same: + BT_TEST_SAME '(' CF_SYM_KNOWN ',' CF_SYM_KNOWN ',' NUM ')' { + cf_assert_symbol($3, SYM_FUNCTION); + cf_assert_symbol($5, SYM_FUNCTION); + struct f_bt_test_suite *t = cfg_allocz(sizeof(struct f_bt_test_suite)); + t->fn = $3->function; + t->cmp = $5->function; + t->result = $7; + t->fn_name = $3->name; + t->dsc = $5->name; + add_tail(&new_config->tests, &t->n); + } + ; + type: INT { $$ = T_INT; } | BOOL { $$ = T_BOOL; } @@ -513,112 +553,89 @@ type: } ; -one_decl: - type SYM { - struct f_val * val = cfg_alloc(sizeof(struct f_val)); - val->type = T_VOID; - $2 = cf_define_symbol($2, SYM_VARIABLE | $1, val); - DBG( "New variable %s type %x\n", $2->name, $1 ); - $2->aux2 = NULL; - $$=$2; +function_argsn: + /* EMPTY */ + | function_argsn type CF_SYM_VOID ';' { + if ($3->scope->slots >= 0xfe) cf_error("Too many declarations, at most 255 allowed"); + cf_define_symbol($3, SYM_VARIABLE | $2, offset, $3->scope->slots++); } ; -/* Decls with ';' at the end */ -decls: /* EMPTY */ { $$ = NULL; } - | one_decl ';' decls { - $$ = $1; - $$->aux2 = $3; +function_args: + '(' ')' { $$ = 0; } + | '(' function_argsn type CF_SYM_VOID ')' { + cf_define_symbol($4, SYM_VARIABLE | $3, offset, $4->scope->slots++); + $$ = $4->scope->slots; } ; -/* Declarations that have no ';' at the end. */ -declsn: one_decl { $$ = $1; } - | one_decl ';' declsn { - $$ = $1; - $$->aux2 = $3; +function_vars: + /* EMPTY */ { $$ = 0; } + | function_vars type CF_SYM_VOID ';' { + cf_define_symbol($3, SYM_VARIABLE | $2, offset, $3->scope->slots++); + $$ = $1 + 1; } ; -filter_body: - function_body { - struct filter *f = cfg_alloc(sizeof(struct filter)); - f->name = NULL; - f->root = $1; - $$ = f; - } - ; +filter_body: function_body ; filter: - SYM { - if ($1->class != SYM_FILTER) cf_error("No such filter."); - $$ = $1->def; + CF_SYM_KNOWN { + cf_assert_symbol($1, SYM_FILTER); + $$ = $1->filter; } - | filter_body - ; - -where_filter: - WHERE term { - /* Construct 'IF term THEN ACCEPT; REJECT;' */ + | filter_body { struct filter *f = cfg_alloc(sizeof(struct filter)); - struct f_inst *i, *acc, *rej; - acc = f_new_inst(FI_PRINT_AND_DIE); /* ACCEPT */ - acc->a1.p = NULL; - acc->a2.i = F_ACCEPT; - rej = f_new_inst(FI_PRINT_AND_DIE); /* REJECT */ - rej->a1.p = NULL; - rej->a2.i = F_REJECT; - i = f_new_inst(FI_CONDITION); /* IF */ - i->a1.p = $2; - i->a2.p = acc; - i->next = rej; - f->name = NULL; - f->root = i; + *f = (struct filter) { .root = $1 }; $$ = f; - } + } ; -function_params: - '(' declsn ')' { DBG( "Have function parameters\n" ); $$=$2; } - | '(' ')' { $$=NULL; } +where_filter: + WHERE term { + /* Construct 'IF term THEN { ACCEPT; } ELSE { REJECT; }' */ + $$ = f_new_where($2); + } ; function_body: - decls '{' cmds '}' { - if ($1) { - /* Prepend instruction to clear local variables */ - $$ = f_new_inst(FI_CLEAR_LOCAL_VARS); - $$->a1.p = $1; - $$->next = $3; - } else - $$ = $3; + function_vars '{' cmds '}' { + $$ = f_linearize($3); + $$->vars = $1; } ; conf: function_def ; function_def: - FUNCTION SYM { DBG( "Beginning of function %s\n", $2->name ); - $2 = cf_define_symbol($2, SYM_FUNCTION, NULL); + FUNCTION CF_SYM_VOID { DBG( "Beginning of function %s\n", $2->name ); + $2 = cf_define_symbol($2, SYM_FUNCTION, function, NULL); cf_push_scope($2); - } function_params function_body { - $2->def = $5; - $2->aux2 = $4; - DBG("Hmm, we've got one function here - %s\n", $2->name); + } function_args function_body { + DBG("Definition of function %s with %u args and %u local vars.\n", $2->name, $4, $5->vars); + $5->args = $4; + $2->function = $5; cf_pop_scope(); } ; /* Programs */ -/* Hack: $$ of cmds_int is the last node. - $$->next of cmds_int is temporary used for the first node */ - cmds: /* EMPTY */ { $$ = NULL; } - | cmds_int { $$ = $1->next; $1->next = NULL; } + | cmds_int { $$ = $1.begin; } ; -cmds_int: cmd { $$ = $1; $1->next = $1; } - | cmds_int cmd { $$ = $2; $2->next = $1->next ; $1->next = $2; } +cmds_int: cmd { + $$.begin = $$.end = $1; + while ($$.end->next) + $$.end = $$.end->next; + } + | cmds_int cmd { + $$.begin = $1.begin; + $1.end->next = $2; + $$.end = $2; + while ($$.end->next) + $$.end = $$.end->next; + } ; block: @@ -653,25 +670,25 @@ set_atom: | VPN_RD { $$.type = T_RD; $$.val.ec = $1; } | ENUM { $$.type = pair_a($1); $$.val.i = pair_b($1); } | '(' term ')' { - $$ = f_eval($2, cfg_mem); + if (f_eval(f_linearize($2), cfg_mem, &($$)) > F_RETURN) cf_error("Runtime error"); if (!f_valid_set_type($$.type)) cf_error("Set-incompatible type"); } - | SYM { - if (!cf_symbol_is_constant($1)) cf_error("%s: constant expected", $1->name); + | CF_SYM_KNOWN { + cf_assert_symbol($1, SYM_CONSTANT); if (!f_valid_set_type(SYM_TYPE($1))) cf_error("%s: set-incompatible type", $1->name); - $$ = *(struct f_val *)($1->def); + $$ = *$1->val; } ; switch_atom: NUM { $$.type = T_INT; $$.val.i = $1; } - | '(' term ')' { $$.type = T_INT; $$.val.i = f_eval_int($2); } + | '(' term ')' { $$.type = T_INT; $$.val.i = f_eval_int(f_linearize($2)); } | fipa { $$ = $1; } | ENUM { $$.type = pair_a($1); $$.val.i = pair_b($1); } ; cnum: - term { $$ = f_eval_int($1); } + term { $$ = f_eval_int(f_linearize($1)); } pair_item: '(' cnum ',' cnum ')' { $$ = f_new_pair_item($2, $2, $4, $4); } @@ -758,23 +775,22 @@ switch_body: /* EMPTY */ { $$ = NULL; } | switch_body switch_items ':' cmds { /* Fill data fields */ struct f_tree *t; + struct f_line *line = f_linearize($4); for (t = $2; t; t = t->left) - t->data = $4; + t->data = line; $$ = f_merge_items($1, $2); } | switch_body ELSECOL cmds { struct f_tree *t = f_new_tree(); t->from.type = t->to.type = T_VOID; t->right = t; - t->data = $3; + t->data = f_linearize($3); $$ = f_merge_items($1, t); } ; -/* CONST '(' expr ')' { $$ = f_new_inst(FI_CONSTANT); $$->aux = T_INT; $$->a2.i = $3; } */ - bgp_path_expr: - symbol { $$ = $1; } + symbol_value { $$ = $1; } | '(' term ')' { $$ = $2; } ; @@ -783,178 +799,166 @@ bgp_path: ; bgp_path_tail: - NUM bgp_path_tail { $$ = cfg_allocz(sizeof(struct f_path_mask)); $$->next = $2; $$->kind = PM_ASN; $$->val = $1; } - | NUM DDOT NUM bgp_path_tail { $$ = cfg_allocz(sizeof(struct f_path_mask)); $$->next = $4; $$->kind = PM_ASN_RANGE; $$->val = $1; $$->val2 = $3; } - | '*' bgp_path_tail { $$ = cfg_allocz(sizeof(struct f_path_mask)); $$->next = $2; $$->kind = PM_ASTERISK; } - | '?' bgp_path_tail { $$ = cfg_allocz(sizeof(struct f_path_mask)); $$->next = $2; $$->kind = PM_QUESTION; } - | bgp_path_expr bgp_path_tail { $$ = cfg_allocz(sizeof(struct f_path_mask)); $$->next = $2; $$->kind = PM_ASN_EXPR; $$->val = (uintptr_t) $1; } + NUM bgp_path_tail { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_PATH_MASK_ITEM, .val.pmi = { .asn = $1, .kind = PM_ASN, }, }); $$->next = $2; } + | NUM DDOT NUM bgp_path_tail { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_PATH_MASK_ITEM, .val.pmi = { .from = $1, .to = $3, .kind = PM_ASN_RANGE }, }); $$->next = $4; } + | '*' bgp_path_tail { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_PATH_MASK_ITEM, .val.pmi = { .kind = PM_ASTERISK }, }); $$->next = $2; } + | '?' bgp_path_tail { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_PATH_MASK_ITEM, .val.pmi = { .kind = PM_QUESTION }, }); $$->next = $2; } + | bgp_path_expr bgp_path_tail { $$ = $1; $$->next = $2; } | { $$ = NULL; } ; constant: - NUM { $$ = f_new_inst(FI_CONSTANT); $$->aux = T_INT; $$->a2.i = $1; } - | TRUE { $$ = f_new_inst(FI_CONSTANT); $$->aux = T_BOOL; $$->a2.i = 1; } - | FALSE { $$ = f_new_inst(FI_CONSTANT); $$->aux = T_BOOL; $$->a2.i = 0; } - | TEXT { $$ = f_new_inst(FI_CONSTANT); $$->aux = T_STRING; $$->a2.p = $1; } - | fipa { NEW_F_VAL; $$ = f_new_inst(FI_CONSTANT_INDIRECT); $$->a1.p = val; *val = $1; } - | VPN_RD { NEW_F_VAL; $$ = f_new_inst(FI_CONSTANT_INDIRECT); val->type = T_RD; val->val.ec = $1; $$->a1.p = val; } - | net_ { NEW_F_VAL; $$ = f_new_inst(FI_CONSTANT_INDIRECT); val->type = T_NET; val->val.net = $1; $$->a1.p = val; } - | '[' set_items ']' { DBG( "We've got a set here..." ); $$ = f_new_inst(FI_CONSTANT); $$->aux = T_SET; $$->a2.p = build_tree($2); DBG( "ook\n" ); } - | '[' fprefix_set ']' { $$ = f_new_inst(FI_CONSTANT); $$->aux = T_PREFIX_SET; $$->a2.p = $2; } - | ENUM { $$ = f_new_inst(FI_CONSTANT); $$->aux = $1 >> 16; $$->a2.i = $1 & 0xffff; } + NUM { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_INT, .val.i = $1, }); } + | TRUE { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_BOOL, .val.i = 1, }); } + | FALSE { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_BOOL, .val.i = 0, }); } + | TEXT { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_STRING, .val.s = $1, }); } + | fipa { $$ = f_new_inst(FI_CONSTANT, $1); } + | VPN_RD { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_RD, .val.ec = $1, }); } + | net_ { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_NET, .val.net = $1, }); } + | '[' set_items ']' { + DBG( "We've got a set here..." ); + $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_SET, .val.t = build_tree($2), }); + DBG( "ook\n" ); + } + | '[' fprefix_set ']' { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_PREFIX_SET, .val.ti = $2, }); } + | ENUM { $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = $1 >> 16, .val.i = $1 & 0xffff, }); } ; constructor: - '(' term ',' term ')' { $$ = f_generate_dpair($2, $4); } - | '(' ec_kind ',' term ',' term ')' { $$ = f_generate_ec($2, $4, $6); } - | '(' term ',' term ',' term ')' { $$ = f_generate_lc($2, $4, $6); } - | bgp_path { $$ = f_generate_path_mask($1); } + '(' term ',' term ')' { $$ = f_new_inst(FI_PAIR_CONSTRUCT, $2, $4); } + | '(' ec_kind ',' term ',' term ')' { $$ = f_new_inst(FI_EC_CONSTRUCT, $4, $6, $2); } + | '(' term ',' term ',' term ')' { $$ = f_new_inst(FI_LC_CONSTRUCT, $2, $4, $6); } + | bgp_path { $$ = f_new_inst(FI_PATHMASK_CONSTRUCT, $1); } ; -rtadot: /* EMPTY, we are not permitted RTA. prefix */ - ; +/* This generates the function_call variable list backwards. */ +var_list: /* EMPTY */ { $$ = NULL; } + | term { $$ = $1; } + | var_list ',' term { $$ = $3; $$->next = $1; } function_call: - SYM '(' var_list ')' { - struct symbol *sym; - struct f_inst *inst = $3; + CF_SYM_KNOWN '(' var_list ')' { if ($1->class != SYM_FUNCTION) cf_error("You can't call something which is not a function. Really."); - DBG("You are calling function %s\n", $1->name); - $$ = f_new_inst(FI_CALL); - $$->a1.p = inst; - $$->a2.p = $1->def; - sym = $1->aux2; - while (sym || inst) { - if (!sym || !inst) - cf_error("Wrong number of arguments for function %s.", $1->name); - DBG( "You should pass parameter called %s\n", sym->name); - inst->a1.p = sym; - sym = sym->aux2; - inst = inst->next; + + struct f_inst *fc = f_new_inst(FI_CALL, $1); + uint args = 0; + while ($3) { + args++; + struct f_inst *tmp = $3->next; + $3->next = fc; + + fc = $3; + $3 = tmp; } + + if (args != $1->function->args) + cf_error("Function call '%s' got %u arguments, need %u arguments.", + $1->name, args, $1->function->args); + + $$ = f_new_inst(FI_CONSTANT, (struct f_val) { .type = T_VOID }); + $$->next = fc; } ; -symbol: - SYM { - switch ($1->class & 0xffff) { - case SYM_CONSTANT_RANGE: - $$ = f_new_inst(FI_CONSTANT_INDIRECT); - goto cv_common; - case SYM_VARIABLE_RANGE: - $$ = f_new_inst(FI_VARIABLE); - cv_common: - $$->a1.p = $1->def; - $$->a2.p = $1->name; - break; - case SYM_ATTRIBUTE: - $$ = f_new_inst_da(FI_EA_GET, *((struct f_dynamic_attr *) $1->def)); - break; - default: - cf_error("%s: variable expected.", $1->name); - } - } +symbol_value: CF_SYM_KNOWN + { + switch ($1->class) { + case SYM_CONSTANT_RANGE: + $$ = f_new_inst(FI_CONSTANT, *($1->val)); + break; + case SYM_VARIABLE_RANGE: + $$ = f_new_inst(FI_VAR_GET, $1); + break; + case SYM_ATTRIBUTE: + $$ = f_new_inst(FI_EA_GET, *$1->attribute); + break; + default: + cf_error("Can't get value of symbol %s", $1->name); + } + } + ; static_attr: - FROM { $$ = f_new_static_attr(T_IP, SA_FROM, 1); } - | GW { $$ = f_new_static_attr(T_IP, SA_GW, 1); } - | NET { $$ = f_new_static_attr(T_NET, SA_NET, 0); } - | PROTO { $$ = f_new_static_attr(T_STRING, SA_PROTO, 0); } - | SOURCE { $$ = f_new_static_attr(T_ENUM_RTS, SA_SOURCE, 0); } - | SCOPE { $$ = f_new_static_attr(T_ENUM_SCOPE, SA_SCOPE, 1); } - | DEST { $$ = f_new_static_attr(T_ENUM_RTD, SA_DEST, 1); } - | IFNAME { $$ = f_new_static_attr(T_STRING, SA_IFNAME, 1); } - | IFINDEX { $$ = f_new_static_attr(T_INT, SA_IFINDEX, 0); } + FROM { $$ = f_new_static_attr(T_IP, SA_FROM, 0); } + | GW { $$ = f_new_static_attr(T_IP, SA_GW, 0); } + | NET { $$ = f_new_static_attr(T_NET, SA_NET, 1); } + | PROTO { $$ = f_new_static_attr(T_STRING, SA_PROTO, 1); } + | SOURCE { $$ = f_new_static_attr(T_ENUM_RTS, SA_SOURCE, 1); } + | SCOPE { $$ = f_new_static_attr(T_ENUM_SCOPE, SA_SCOPE, 0); } + | DEST { $$ = f_new_static_attr(T_ENUM_RTD, SA_DEST, 0); } + | IFNAME { $$ = f_new_static_attr(T_STRING, SA_IFNAME, 0); } + | IFINDEX { $$ = f_new_static_attr(T_INT, SA_IFINDEX, 1); } ; term: '(' term ')' { $$ = $2; } - | term '+' term { $$ = f_new_inst(FI_ADD); $$->a1.p = $1; $$->a2.p = $3; } - | term '-' term { $$ = f_new_inst(FI_SUBTRACT); $$->a1.p = $1; $$->a2.p = $3; } - | term '*' term { $$ = f_new_inst(FI_MULTIPLY); $$->a1.p = $1; $$->a2.p = $3; } - | term '/' term { $$ = f_new_inst(FI_DIVIDE); $$->a1.p = $1; $$->a2.p = $3; } - | term AND term { $$ = f_new_inst(FI_AND); $$->a1.p = $1; $$->a2.p = $3; } - | term OR term { $$ = f_new_inst(FI_OR); $$->a1.p = $1; $$->a2.p = $3; } - | term '=' term { $$ = f_new_inst(FI_EQ); $$->a1.p = $1; $$->a2.p = $3; } - | term NEQ term { $$ = f_new_inst(FI_NEQ); $$->a1.p = $1; $$->a2.p = $3; } - | term '<' term { $$ = f_new_inst(FI_LT); $$->a1.p = $1; $$->a2.p = $3; } - | term LEQ term { $$ = f_new_inst(FI_LTE); $$->a1.p = $1; $$->a2.p = $3; } - | term '>' term { $$ = f_new_inst(FI_LT); $$->a1.p = $3; $$->a2.p = $1; } - | term GEQ term { $$ = f_new_inst(FI_LTE); $$->a1.p = $3; $$->a2.p = $1; } - | term '~' term { $$ = f_new_inst(FI_MATCH); $$->a1.p = $1; $$->a2.p = $3; } - | term NMA term { $$ = f_new_inst(FI_NOT_MATCH);$$->a1.p = $1; $$->a2.p = $3; } - | '!' term { $$ = f_new_inst(FI_NOT); $$->a1.p = $2; } - | DEFINED '(' term ')' { $$ = f_new_inst(FI_DEFINED); $$->a1.p = $3; } - - | symbol { $$ = $1; } + | term '+' term { $$ = f_new_inst(FI_ADD, $1, $3); } + | term '-' term { $$ = f_new_inst(FI_SUBTRACT, $1, $3); } + | term '*' term { $$ = f_new_inst(FI_MULTIPLY, $1, $3); } + | term '/' term { $$ = f_new_inst(FI_DIVIDE, $1, $3); } + | term AND term { $$ = f_new_inst(FI_AND, $1, $3); } + | term OR term { $$ = f_new_inst(FI_OR, $1, $3); } + | term '=' term { $$ = f_new_inst(FI_EQ, $1, $3); } + | term NEQ term { $$ = f_new_inst(FI_NEQ, $1, $3); } + | term '<' term { $$ = f_new_inst(FI_LT, $1, $3); } + | term LEQ term { $$ = f_new_inst(FI_LTE, $1, $3); } + | term '>' term { $$ = f_new_inst(FI_LT, $3, $1); } + | term GEQ term { $$ = f_new_inst(FI_LTE, $3, $1); } + | term '~' term { $$ = f_new_inst(FI_MATCH, $1, $3); } + | term NMA term { $$ = f_new_inst(FI_NOT_MATCH, $1, $3); } + | '!' term { $$ = f_new_inst(FI_NOT, $2); } + | DEFINED '(' term ')' { $$ = f_new_inst(FI_DEFINED, $3); } + + | symbol_value { $$ = $1; } | constant { $$ = $1; } | constructor { $$ = $1; } | PREFERENCE { $$ = f_new_inst(FI_PREF_GET); } - | rtadot static_attr { $$ = f_new_inst_sa(FI_RTA_GET, $2); } + | static_attr { $$ = f_new_inst(FI_RTA_GET, $1); } - | rtadot dynamic_attr { $$ = f_new_inst_da(FI_EA_GET, $2); } + | dynamic_attr { $$ = f_new_inst(FI_EA_GET, $1); } - | term '.' IS_V4 { $$ = f_new_inst(FI_IS_V4); $$->a1.p = $1; } - | term '.' TYPE { $$ = f_new_inst(FI_TYPE); $$->a1.p = $1; } - | term '.' IP { $$ = f_new_inst(FI_IP); $$->a1.p = $1; $$->aux = T_IP; } - | term '.' RD { $$ = f_new_inst(FI_ROUTE_DISTINGUISHER); $$->a1.p = $1; $$->aux = T_RD; } - | term '.' LEN { $$ = f_new_inst(FI_LENGTH); $$->a1.p = $1; } - | term '.' MAXLEN { $$ = f_new_inst(FI_ROA_MAXLEN); $$->a1.p = $1; } - | term '.' ASN { $$ = f_new_inst(FI_ROA_ASN); $$->a1.p = $1; } - | term '.' SRC { $$ = f_new_inst(FI_SADR_SRC); $$->a1.p = $1; } - | term '.' MASK '(' term ')' { $$ = f_new_inst(FI_IP_MASK); $$->a1.p = $1; $$->a2.p = $5; } - | term '.' FIRST { $$ = f_new_inst(FI_AS_PATH_FIRST); $$->a1.p = $1; } - | term '.' LAST { $$ = f_new_inst(FI_AS_PATH_LAST); $$->a1.p = $1; } - | term '.' LAST_NONAGGREGATED { $$ = f_new_inst(FI_AS_PATH_LAST_NAG); $$->a1.p = $1; } + | term '.' IS_V4 { $$ = f_new_inst(FI_IS_V4, $1); } + | term '.' TYPE { $$ = f_new_inst(FI_TYPE, $1); } + | term '.' IP { $$ = f_new_inst(FI_IP, $1); } + | term '.' RD { $$ = f_new_inst(FI_ROUTE_DISTINGUISHER, $1); } + | term '.' LEN { $$ = f_new_inst(FI_LENGTH, $1); } + | term '.' MAXLEN { $$ = f_new_inst(FI_ROA_MAXLEN, $1); } + | term '.' ASN { $$ = f_new_inst(FI_ROA_ASN, $1); } + | term '.' SRC { $$ = f_new_inst(FI_SADR_SRC, $1); } + | term '.' MASK '(' term ')' { $$ = f_new_inst(FI_IP_MASK, $1, $5); } + | term '.' FIRST { $$ = f_new_inst(FI_AS_PATH_FIRST, $1); } + | term '.' LAST { $$ = f_new_inst(FI_AS_PATH_LAST, $1); } + | term '.' LAST_NONAGGREGATED { $$ = f_new_inst(FI_AS_PATH_LAST_NAG, $1); } /* Communities */ /* This causes one shift/reduce conflict - | rtadot dynamic_attr '.' ADD '(' term ')' { } - | rtadot dynamic_attr '.' DELETE '(' term ')' { } - | rtadot dynamic_attr '.' CONTAINS '(' term ')' { } - | rtadot dynamic_attr '.' RESET{ } + | dynamic_attr '.' ADD '(' term ')' { } + | dynamic_attr '.' DELETE '(' term ')' { } + | dynamic_attr '.' CONTAINS '(' term ')' { } + | dynamic_attr '.' RESET{ } */ - | '+' EMPTY '+' { $$ = f_new_inst(FI_EMPTY); $$->aux = T_PATH; } - | '-' EMPTY '-' { $$ = f_new_inst(FI_EMPTY); $$->aux = T_CLIST; } - | '-' '-' EMPTY '-' '-' { $$ = f_new_inst(FI_EMPTY); $$->aux = T_ECLIST; } - | '-' '-' '-' EMPTY '-' '-' '-' { $$ = f_new_inst(FI_EMPTY); $$->aux = T_LCLIST; } - | PREPEND '(' term ',' term ')' { $$ = f_new_inst(FI_PATH_PREPEND); $$->a1.p = $3; $$->a2.p = $5; } - | ADD '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_ADD_DEL); $$->a1.p = $3; $$->a2.p = $5; $$->aux = 'a'; } - | DELETE '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_ADD_DEL); $$->a1.p = $3; $$->a2.p = $5; $$->aux = 'd'; } - | FILTER '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_ADD_DEL); $$->a1.p = $3; $$->a2.p = $5; $$->aux = 'f'; } + | '+' EMPTY '+' { $$ = f_new_inst(FI_CONSTANT, f_const_empty_path); } + | '-' EMPTY '-' { $$ = f_new_inst(FI_CONSTANT, f_const_empty_clist); } + | '-' '-' EMPTY '-' '-' { $$ = f_new_inst(FI_CONSTANT, f_const_empty_eclist); } + | '-' '-' '-' EMPTY '-' '-' '-' { $$ = f_new_inst(FI_CONSTANT, f_const_empty_lclist); } + | PREPEND '(' term ',' term ')' { $$ = f_new_inst(FI_PATH_PREPEND, $3, $5); } + | ADD '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_ADD, $3, $5); } + | DELETE '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_DEL, $3, $5); } + | FILTER '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_FILTER, $3, $5); } - | ROA_CHECK '(' rtable ')' { $$ = f_generate_roa_check($3, NULL, NULL); } - | ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_generate_roa_check($3, $5, $7); } + | ROA_CHECK '(' rtable ')' { $$ = f_new_inst(FI_ROA_CHECK_IMPLICIT, $3); } + | ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_new_inst(FI_ROA_CHECK_EXPLICIT, $5, $7, $3); } - | FORMAT '(' term ')' { $$ = f_new_inst(FI_FORMAT); $$->a1.p = $3; } + | FORMAT '(' term ')' { $$ = f_new_inst(FI_FORMAT, $3); } /* | term '.' LEN { $$->code = P('P','l'); } */ -/* function_call is inlined here */ - | SYM '(' var_list ')' { - struct symbol *sym; - struct f_inst *inst = $3; - if ($1->class != SYM_FUNCTION) - cf_error("You can't call something which is not a function. Really."); - DBG("You are calling function %s\n", $1->name); - $$ = f_new_inst(FI_CALL); - $$->a1.p = inst; - $$->a2.p = $1->def; - sym = $1->aux2; - while (sym || inst) { - if (!sym || !inst) - cf_error("Wrong number of arguments for function %s.", $1->name); - DBG( "You should pass parameter called %s\n", sym->name); - inst->a1.p = sym; - sym = sym->aux2; - inst = inst->next; - } - } + | function_call ; break_command: @@ -962,106 +966,85 @@ break_command: | ACCEPT { $$ = F_ACCEPT; } | REJECT { $$ = F_REJECT; } | ERROR { $$ = F_ERROR; } - | PRINT { $$ = F_NOP; } - | PRINTN { $$ = F_NONL; } - ; - -print_one: - term { $$ = f_new_inst(FI_PRINT); $$->a1.p = $1; $$->a2.p = NULL; } ; print_list: /* EMPTY */ { $$ = NULL; } - | print_one { $$ = $1; } - | print_one ',' print_list { - if ($1) { - $1->next = $3; - $$ = $1; - } else $$ = $3; - } - ; - -var_listn: term { - $$ = f_new_inst(FI_SET); - $$->a1.p = NULL; - $$->a2.p = $1; - $$->next = NULL; - } - | term ',' var_listn { - $$ = f_new_inst(FI_SET); - $$->a1.p = NULL; - $$->a2.p = $1; - $$->next = $3; + | term { $$ = $1; } + | term ',' print_list { + ASSERT($1); + ASSERT($1->next == NULL); + $1->next = $3; + $$ = $1; } ; -var_list: /* EMPTY */ { $$ = NULL; } - | var_listn { $$ = $1; } - ; - cmd: IF term THEN block { - $$ = f_new_inst(FI_CONDITION); - $$->a1.p = $2; - $$->a2.p = $4; + $$ = f_new_inst(FI_CONDITION, $2, $4, NULL); } | IF term THEN block ELSE block { - struct f_inst *i = f_new_inst(FI_CONDITION); - i->a1.p = $2; - i->a2.p = $4; - $$ = f_new_inst(FI_CONDITION); - $$->a1.p = i; - $$->a2.p = $6; + $$ = f_new_inst(FI_CONDITION, $2, $4, $6); } - | SYM '=' term ';' { - DBG( "Ook, we'll set value\n" ); - if ($1->class == SYM_ATTRIBUTE) { - $$ = f_new_inst_da(FI_EA_SET, *((struct f_dynamic_attr *) $1->def)); - $$->a1.p = $3; - } else if (($1->class & ~T_MASK) == SYM_VARIABLE) { - $$ = f_new_inst(FI_SET); - $$->a1.p = $1; - $$->a2.p = $3; - } else - cf_error( "Symbol `%s' is read-only.", $1->name ); + | CF_SYM_KNOWN '=' term ';' { + switch ($1->class) { + case SYM_VARIABLE_RANGE: + $$ = f_new_inst(FI_VAR_SET, $3, $1); + break; + case SYM_ATTRIBUTE: + $$ = f_new_inst(FI_EA_SET, $3, *$1->attribute); + break; + default: + cf_error("Can't assign to symbol %s", $1->name); + } } | RETURN term ';' { DBG( "Ook, we'll return the value\n" ); - $$ = f_new_inst(FI_RETURN); - $$->a1.p = $2; + $$ = f_new_inst(FI_RETURN, $2); } - | rtadot dynamic_attr '=' term ';' { - $$ = f_new_inst_da(FI_EA_SET, $2); - $$->a1.p = $4; + | dynamic_attr '=' term ';' { + $$ = f_new_inst(FI_EA_SET, $3, $1); } - | rtadot static_attr '=' term ';' { - $$ = f_new_inst_sa(FI_RTA_SET, $2); - if (!$$->a1.i) + | static_attr '=' term ';' { + if ($1.readonly) cf_error( "This static attribute is read-only."); - $$->a1.p = $4; + $$ = f_new_inst(FI_RTA_SET, $3, $1); } | PREFERENCE '=' term ';' { - $$ = f_new_inst(FI_PREF_SET); - $$->a1.p = $3; + $$ = f_new_inst(FI_PREF_SET, $3); + } + | UNSET '(' dynamic_attr ')' ';' { + $$ = f_new_inst(FI_EA_UNSET, $3); + } + | break_command print_list ';' { + struct f_inst *breaker = f_new_inst(FI_DIE, $1); + if ($2) { + struct f_inst *printer = f_new_inst(FI_PRINT, $2); + struct f_inst *flusher = f_new_inst(FI_FLUSH); + printer->next = flusher; + flusher->next = breaker; + $$ = printer; + } else + $$ = breaker; + } + | PRINT print_list ';' { + $$ = f_new_inst(FI_PRINT, $2); + $$->next = f_new_inst(FI_FLUSH); } - | UNSET '(' rtadot dynamic_attr ')' ';' { - $$ = f_new_inst_da(FI_EA_SET, $4); - $$->aux = EAF_TYPE_UNDEF; - $$->a1.p = NULL; + | PRINTN print_list ';' { + $$ = f_new_inst(FI_PRINT, $2); } - | break_command print_list ';' { $$ = f_new_inst(FI_PRINT_AND_DIE); $$->a1.p = $2; $$->a2.i = $1; } - | function_call ';' { $$ = $1; } + | function_call ';' { $$ = f_new_inst(FI_DROP_RESULT, $1); } | CASE term '{' switch_body '}' { - $$ = f_new_inst(FI_SWITCH); - $$->a1.p = $2; - $$->a2.p = build_tree( $4 ); + $$ = f_new_inst(FI_SWITCH, $2, build_tree($4)); } - | rtadot dynamic_attr '.' EMPTY ';' { $$ = f_generate_empty($2); } - | rtadot dynamic_attr '.' PREPEND '(' term ')' ';' { $$ = f_generate_complex( FI_PATH_PREPEND, 'x', $2, $6 ); } - | rtadot dynamic_attr '.' ADD '(' term ')' ';' { $$ = f_generate_complex( FI_CLIST_ADD_DEL, 'a', $2, $6 ); } - | rtadot dynamic_attr '.' DELETE '(' term ')' ';' { $$ = f_generate_complex( FI_CLIST_ADD_DEL, 'd', $2, $6 ); } - | rtadot dynamic_attr '.' FILTER '(' term ')' ';' { $$ = f_generate_complex( FI_CLIST_ADD_DEL, 'f', $2, $6 ); } + | dynamic_attr '.' EMPTY ';' { $$ = f_generate_empty($1); } + | dynamic_attr '.' PREPEND '(' term ')' ';' { $$ = f_generate_complex( FI_PATH_PREPEND, $1, $5 ); } + | dynamic_attr '.' ADD '(' term ')' ';' { $$ = f_generate_complex( FI_CLIST_ADD, $1, $5 ); } + | dynamic_attr '.' DELETE '(' term ')' ';' { $$ = f_generate_complex( FI_CLIST_DEL, $1, $5 ); } + | dynamic_attr '.' FILTER '(' term ')' ';' { $$ = f_generate_complex( FI_CLIST_FILTER, $1, $5 ); } | BT_ASSERT '(' get_cf_position term get_cf_position ')' ';' { $$ = assert_done($4, $3 + 1, $5 - 1); } + | BT_CHECK_ASSIGN '(' get_cf_position lvalue get_cf_position ',' term ')' ';' { $$ = assert_assign(&$4, $7, $3 + 1, $5 - 1); } ; get_cf_position: @@ -1069,5 +1052,10 @@ get_cf_position: $$ = cf_text; }; +lvalue: + CF_SYM_KNOWN { cf_assert_symbol($1, SYM_VARIABLE); $$ = (struct f_lval) { .type = F_LVAL_VARIABLE, .sym = $1 }; } + | PREFERENCE { $$ = (struct f_lval) { .type = F_LVAL_PREFERENCE }; } + | static_attr { $$ = (struct f_lval) { .type = F_LVAL_SA, .sa = $1 }; } + | dynamic_attr { $$ = (struct f_lval) { .type = F_LVAL_EA, .da = $1 }; }; CF_END diff --git a/filter/data.c b/filter/data.c new file mode 100644 index 00000000..db55070f --- /dev/null +++ b/filter/data.c @@ -0,0 +1,537 @@ +/* + * Filters: utility functions + * + * (c) 1998 Pavel Machek <pavel@ucw.cz> + * (c) 2019 Maria Matejka <mq@jmq.cz> + * + * Can be freely distributed and used under the terms of the GNU GPL. + * + */ + +#include "nest/bird.h" +#include "lib/lists.h" +#include "lib/resource.h" +#include "lib/socket.h" +#include "lib/string.h" +#include "lib/unaligned.h" +#include "lib/net.h" +#include "lib/ip.h" +#include "nest/route.h" +#include "nest/protocol.h" +#include "nest/iface.h" +#include "nest/attrs.h" +#include "conf/conf.h" +#include "filter/filter.h" +#include "filter/f-inst.h" +#include "filter/data.h" + +const struct f_val f_const_empty_path = { + .type = T_PATH, + .val.ad = &null_adata, +}, f_const_empty_clist = { + .type = T_CLIST, + .val.ad = &null_adata, +}, f_const_empty_eclist = { + .type = T_ECLIST, + .val.ad = &null_adata, +}, f_const_empty_lclist = { + .type = T_LCLIST, + .val.ad = &null_adata, +}; + +static struct adata * +adata_empty(struct linpool *pool, int l) +{ + struct adata *res = lp_alloc(pool, sizeof(struct adata) + l); + res->length = l; + return res; +} + +static void +pm_format(const struct f_path_mask *p, buffer *buf) +{ + buffer_puts(buf, "[= "); + + for (uint i=0; i<p->len; i++) + { + switch(p->item[i].kind) + { + case PM_ASN: + buffer_print(buf, "%u ", p->item[i].asn); + break; + + case PM_QUESTION: + buffer_puts(buf, "? "); + break; + + case PM_ASTERISK: + buffer_puts(buf, "* "); + break; + + case PM_ASN_RANGE: + buffer_print(buf, "%u..%u ", p->item[i].from, p->item[i].to); + break; + + case PM_ASN_EXPR: + ASSERT(0); + } + + } + + buffer_puts(buf, "=]"); +} + +static inline int +lcomm_cmp(lcomm v1, lcomm v2) +{ + if (v1.asn != v2.asn) + return (v1.asn > v2.asn) ? 1 : -1; + if (v1.ldp1 != v2.ldp1) + return (v1.ldp1 > v2.ldp1) ? 1 : -1; + if (v1.ldp2 != v2.ldp2) + return (v1.ldp2 > v2.ldp2) ? 1 : -1; + return 0; +} + +/** + * val_compare - compare two values + * @v1: first value + * @v2: second value + * + * Compares two values and returns -1, 0, 1 on <, =, > or F_CMP_ERROR on + * error. Tree module relies on this giving consistent results so + * that it can be used for building balanced trees. + */ +int +val_compare(const struct f_val *v1, const struct f_val *v2) +{ + if (v1->type != v2->type) { + if (v1->type == T_VOID) /* Hack for else */ + return -1; + if (v2->type == T_VOID) + return 1; + + /* IP->Quad implicit conversion */ + if ((v1->type == T_QUAD) && val_is_ip4(v2)) + return uint_cmp(v1->val.i, ipa_to_u32(v2->val.ip)); + if (val_is_ip4(v1) && (v2->type == T_QUAD)) + return uint_cmp(ipa_to_u32(v1->val.ip), v2->val.i); + + debug( "Types do not match in val_compare\n" ); + return F_CMP_ERROR; + } + + switch (v1->type) { + case T_VOID: + return 0; + case T_ENUM: + case T_INT: + case T_BOOL: + case T_PAIR: + case T_QUAD: + return uint_cmp(v1->val.i, v2->val.i); + case T_EC: + case T_RD: + return u64_cmp(v1->val.ec, v2->val.ec); + case T_LC: + return lcomm_cmp(v1->val.lc, v2->val.lc); + case T_IP: + return ipa_compare(v1->val.ip, v2->val.ip); + case T_NET: + return net_compare(v1->val.net, v2->val.net); + case T_STRING: + return strcmp(v1->val.s, v2->val.s); + default: + return F_CMP_ERROR; + } +} + +static inline int +pmi_same(const struct f_path_mask_item *mi1, const struct f_path_mask_item *mi2) +{ + if (mi1->kind != mi2->kind) + return 0; + + switch (mi1->kind) { + case PM_ASN: + if (mi1->asn != mi2->asn) + return 0; + break; + case PM_ASN_EXPR: + if (!f_same(mi1->expr, mi2->expr)) + return 0; + break; + case PM_ASN_RANGE: + if (mi1->from != mi2->from) + return 0; + if (mi1->to != mi2->to) + return 0; + break; + } + + return 1; +} + +static int +pm_same(const struct f_path_mask *m1, const struct f_path_mask *m2) +{ + if (m1->len != m2->len) + + for (uint i=0; i<m1->len; i++) + if (!pmi_same(&(m1->item[i]), &(m2->item[i]))) + return 0; + + return 1; +} + +/** + * val_same - compare two values + * @v1: first value + * @v2: second value + * + * Compares two values and returns 1 if they are same and 0 if not. + * Comparison of values of different types is valid and returns 0. + */ +int +val_same(const struct f_val *v1, const struct f_val *v2) +{ + int rc; + + rc = val_compare(v1, v2); + if (rc != F_CMP_ERROR) + return !rc; + + if (v1->type != v2->type) + return 0; + + switch (v1->type) { + case T_PATH_MASK: + return pm_same(v1->val.path_mask, v2->val.path_mask); + case T_PATH_MASK_ITEM: + return pmi_same(&(v1->val.pmi), &(v2->val.pmi)); + case T_PATH: + case T_CLIST: + case T_ECLIST: + case T_LCLIST: + return adata_same(v1->val.ad, v2->val.ad); + case T_SET: + return same_tree(v1->val.t, v2->val.t); + case T_PREFIX_SET: + return trie_same(v1->val.ti, v2->val.ti); + default: + bug("Invalid type in val_same(): %x", v1->type); + } +} + +int +clist_set_type(const struct f_tree *set, struct f_val *v) +{ + switch (set->from.type) + { + case T_PAIR: + v->type = T_PAIR; + return 1; + + case T_QUAD: + v->type = T_QUAD; + return 1; + + case T_IP: + if (val_is_ip4(&(set->from)) && val_is_ip4(&(set->to))) + { + v->type = T_QUAD; + return 1; + } + /* Fall through */ + default: + v->type = T_VOID; + return 0; + } +} + +static int +clist_match_set(const struct adata *clist, const struct f_tree *set) +{ + if (!clist) + return 0; + + struct f_val v; + if (!clist_set_type(set, &v)) + return F_CMP_ERROR; + + u32 *l = (u32 *) clist->data; + u32 *end = l + clist->length/4; + + while (l < end) { + v.val.i = *l++; + if (find_tree(set, &v)) + return 1; + } + return 0; +} + +static int +eclist_match_set(const struct adata *list, const struct f_tree *set) +{ + if (!list) + return 0; + + if (!eclist_set_type(set)) + return F_CMP_ERROR; + + struct f_val v; + u32 *l = int_set_get_data(list); + int len = int_set_get_size(list); + int i; + + v.type = T_EC; + for (i = 0; i < len; i += 2) { + v.val.ec = ec_get(l, i); + if (find_tree(set, &v)) + return 1; + } + + return 0; +} + +static int +lclist_match_set(const struct adata *list, const struct f_tree *set) +{ + if (!list) + return 0; + + if (!lclist_set_type(set)) + return F_CMP_ERROR; + + struct f_val v; + u32 *l = int_set_get_data(list); + int len = int_set_get_size(list); + int i; + + v.type = T_LC; + for (i = 0; i < len; i += 3) { + v.val.lc = lc_get(l, i); + if (find_tree(set, &v)) + return 1; + } + + return 0; +} + +const struct adata * +clist_filter(struct linpool *pool, const struct adata *list, const struct f_val *set, int pos) +{ + if (!list) + return NULL; + + int tree = (set->type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */ + struct f_val v; + if (tree) + clist_set_type(set->val.t, &v); + else + v.type = T_PAIR; + + int len = int_set_get_size(list); + u32 *l = int_set_get_data(list); + u32 tmp[len]; + u32 *k = tmp; + u32 *end = l + len; + + while (l < end) { + v.val.i = *l++; + /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */ + if ((tree ? !!find_tree(set->val.t, &v) : int_set_contains(set->val.ad, v.val.i)) == pos) + *k++ = v.val.i; + } + + uint nl = (k - tmp) * sizeof(u32); + if (nl == list->length) + return list; + + struct adata *res = adata_empty(pool, nl); + memcpy(res->data, tmp, nl); + return res; +} + +const struct adata * +eclist_filter(struct linpool *pool, const struct adata *list, const struct f_val *set, int pos) +{ + if (!list) + return NULL; + + int tree = (set->type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */ + struct f_val v; + + int len = int_set_get_size(list); + u32 *l = int_set_get_data(list); + u32 tmp[len]; + u32 *k = tmp; + int i; + + v.type = T_EC; + for (i = 0; i < len; i += 2) { + v.val.ec = ec_get(l, i); + /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */ + if ((tree ? !!find_tree(set->val.t, &v) : ec_set_contains(set->val.ad, v.val.ec)) == pos) { + *k++ = l[i]; + *k++ = l[i+1]; + } + } + + uint nl = (k - tmp) * sizeof(u32); + if (nl == list->length) + return list; + + struct adata *res = adata_empty(pool, nl); + memcpy(res->data, tmp, nl); + return res; +} + +const struct adata * +lclist_filter(struct linpool *pool, const struct adata *list, const struct f_val *set, int pos) +{ + if (!list) + return NULL; + + int tree = (set->type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */ + struct f_val v; + + int len = int_set_get_size(list); + u32 *l = int_set_get_data(list); + u32 tmp[len]; + u32 *k = tmp; + int i; + + v.type = T_LC; + for (i = 0; i < len; i += 3) { + v.val.lc = lc_get(l, i); + /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */ + if ((tree ? !!find_tree(set->val.t, &v) : lc_set_contains(set->val.ad, v.val.lc)) == pos) + k = lc_copy(k, l+i); + } + + uint nl = (k - tmp) * sizeof(u32); + if (nl == list->length) + return list; + + struct adata *res = adata_empty(pool, nl); + memcpy(res->data, tmp, nl); + return res; +} + +/** + * val_in_range - implement |~| operator + * @v1: element + * @v2: set + * + * Checks if @v1 is element (|~| operator) of @v2. + */ +int +val_in_range(const struct f_val *v1, const struct f_val *v2) +{ + if ((v1->type == T_PATH) && (v2->type == T_PATH_MASK)) + return as_path_match(v1->val.ad, v2->val.path_mask); + + if ((v1->type == T_INT) && (v2->type == T_PATH)) + return as_path_contains(v2->val.ad, v1->val.i, 1); + + if (((v1->type == T_PAIR) || (v1->type == T_QUAD)) && (v2->type == T_CLIST)) + return int_set_contains(v2->val.ad, v1->val.i); + /* IP->Quad implicit conversion */ + if (val_is_ip4(v1) && (v2->type == T_CLIST)) + return int_set_contains(v2->val.ad, ipa_to_u32(v1->val.ip)); + + if ((v1->type == T_EC) && (v2->type == T_ECLIST)) + return ec_set_contains(v2->val.ad, v1->val.ec); + + if ((v1->type == T_LC) && (v2->type == T_LCLIST)) + return lc_set_contains(v2->val.ad, v1->val.lc); + + if ((v1->type == T_STRING) && (v2->type == T_STRING)) + return patmatch(v2->val.s, v1->val.s); + + if ((v1->type == T_IP) && (v2->type == T_NET)) + return ipa_in_netX(v1->val.ip, v2->val.net); + + if ((v1->type == T_NET) && (v2->type == T_NET)) + return net_in_netX(v1->val.net, v2->val.net); + + if ((v1->type == T_NET) && (v2->type == T_PREFIX_SET)) + return trie_match_net(v2->val.ti, v1->val.net); + + if (v2->type != T_SET) + return F_CMP_ERROR; + + /* With integrated Quad<->IP implicit conversion */ + if ((v1->type == v2->val.t->from.type) || + ((v1->type == T_QUAD) && val_is_ip4(&(v2->val.t->from)) && val_is_ip4(&(v2->val.t->to)))) + return !!find_tree(v2->val.t, v1); + + if (v1->type == T_CLIST) + return clist_match_set(v1->val.ad, v2->val.t); + + if (v1->type == T_ECLIST) + return eclist_match_set(v1->val.ad, v2->val.t); + + if (v1->type == T_LCLIST) + return lclist_match_set(v1->val.ad, v2->val.t); + + if (v1->type == T_PATH) + return as_path_match_set(v1->val.ad, v2->val.t); + + return F_CMP_ERROR; +} + +/* + * val_format - format filter value + */ +void +val_format(const struct f_val *v, buffer *buf) +{ + char buf2[1024]; + switch (v->type) + { + case T_VOID: buffer_puts(buf, "(void)"); return; + case T_BOOL: buffer_puts(buf, v->val.i ? "TRUE" : "FALSE"); return; + case T_INT: buffer_print(buf, "%u", v->val.i); return; + case T_STRING: buffer_print(buf, "%s", v->val.s); return; + case T_IP: buffer_print(buf, "%I", v->val.ip); return; + case T_NET: buffer_print(buf, "%N", v->val.net); return; + case T_PAIR: buffer_print(buf, "(%u,%u)", v->val.i >> 16, v->val.i & 0xffff); return; + case T_QUAD: buffer_print(buf, "%R", v->val.i); return; + case T_EC: ec_format(buf2, v->val.ec); buffer_print(buf, "%s", buf2); return; + case T_LC: lc_format(buf2, v->val.lc); buffer_print(buf, "%s", buf2); return; + case T_RD: rd_format(v->val.ec, buf2, 1024); buffer_print(buf, "%s", buf2); return; + case T_PREFIX_SET: trie_format(v->val.ti, buf); return; + case T_SET: tree_format(v->val.t, buf); return; + case T_ENUM: buffer_print(buf, "(enum %x)%u", v->type, v->val.i); return; + case T_PATH: as_path_format(v->val.ad, buf2, 1000); buffer_print(buf, "(path %s)", buf2); return; + case T_CLIST: int_set_format(v->val.ad, 1, -1, buf2, 1000); buffer_print(buf, "(clist %s)", buf2); return; + case T_ECLIST: ec_set_format(v->val.ad, -1, buf2, 1000); buffer_print(buf, "(eclist %s)", buf2); return; + case T_LCLIST: lc_set_format(v->val.ad, -1, buf2, 1000); buffer_print(buf, "(lclist %s)", buf2); return; + case T_PATH_MASK: pm_format(v->val.path_mask, buf); return; + default: buffer_print(buf, "[unknown type %x]", v->type); return; + } +} + +char * +val_format_str(struct linpool *lp, const struct f_val *v) { + buffer b; + LOG_BUFFER_INIT(b); + val_format(v, &b); + return lp_strdup(lp, b.start); +} + + +static char val_dump_buffer[1024]; +const char * +val_dump(const struct f_val *v) { + static buffer b = { + .start = val_dump_buffer, + .end = val_dump_buffer + 1024, + }; + b.pos = b.start; + val_format(v, &b); + return val_dump_buffer; +} + diff --git a/filter/data.h b/filter/data.h new file mode 100644 index 00000000..083595f4 --- /dev/null +++ b/filter/data.h @@ -0,0 +1,203 @@ +/* + * BIRD Internet Routing Daemon -- Dynamic data structures + * + * (c) 1999 Pavel Machek <pavel@ucw.cz> + * (c) 2018--2019 Maria Matejka <mq@jmq.cz> + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#ifndef _BIRD_FILTER_DATA_H_ +#define _BIRD_FILTER_DATA_H_ + +#include "nest/bird.h" + +/* Type numbers must be in 0..0xff range */ +#define T_MASK 0xff + +/* Internal types */ +enum f_type { +/* Nothing. Simply nothing. */ + T_VOID = 0, + +/* User visible types, which fit in int */ + T_INT = 0x10, + T_BOOL = 0x11, + T_PAIR = 0x12, /* Notice that pair is stored as integer: first << 16 | second */ + T_QUAD = 0x13, + +/* Put enumerational types in 0x30..0x3f range */ + T_ENUM_LO = 0x30, + T_ENUM_HI = 0x3f, + + T_ENUM_RTS = 0x30, + T_ENUM_BGP_ORIGIN = 0x31, + T_ENUM_SCOPE = 0x32, + T_ENUM_RTC = 0x33, + T_ENUM_RTD = 0x34, + T_ENUM_ROA = 0x35, + T_ENUM_NETTYPE = 0x36, + T_ENUM_RA_PREFERENCE = 0x37, + +/* new enums go here */ + T_ENUM_EMPTY = 0x3f, /* Special hack for atomic_aggr */ + +#define T_ENUM T_ENUM_LO ... T_ENUM_HI + +/* Bigger ones */ + T_IP = 0x20, + T_NET = 0x21, + T_STRING = 0x22, + T_PATH_MASK = 0x23, /* mask for BGP path */ + T_PATH = 0x24, /* BGP path */ + T_CLIST = 0x25, /* Community list */ + T_EC = 0x26, /* Extended community value, u64 */ + T_ECLIST = 0x27, /* Extended community list */ + T_LC = 0x28, /* Large community value, lcomm */ + T_LCLIST = 0x29, /* Large community list */ + T_RD = 0x2a, /* Route distinguisher for VPN addresses */ + T_PATH_MASK_ITEM = 0x2b, /* Path mask item for path mask constructors */ + + T_SET = 0x80, + T_PREFIX_SET = 0x81, +} PACKED; + +/* Filter value; size of this affects filter memory consumption */ +struct f_val { + enum f_type type; /* T_* */ + union { + uint i; + u64 ec; + lcomm lc; + ip_addr ip; + const net_addr *net; + char *s; + const struct f_tree *t; + const struct f_trie *ti; + const struct adata *ad; + const struct f_path_mask *path_mask; + struct f_path_mask_item pmi; + } val; +}; + +/* Dynamic attribute definition (eattrs) */ +struct f_dynamic_attr { + u8 type; /* EA type (EAF_*) */ + u8 bit; /* For bitfield accessors */ + enum f_type f_type; /* Filter type */ + uint ea_code; /* EA code */ +}; + +enum f_sa_code { + SA_FROM = 1, + SA_GW, + SA_NET, + SA_PROTO, + SA_SOURCE, + SA_SCOPE, + SA_DEST, + SA_IFNAME, + SA_IFINDEX, +} PACKED; + +/* Static attribute definition (members of struct rta) */ +struct f_static_attr { + enum f_type f_type; /* Filter type */ + enum f_sa_code sa_code; /* Static attribute id */ + int readonly:1; /* Don't allow writing */ +}; + +/* Filter l-value type */ +enum f_lval_type { + F_LVAL_VARIABLE, + F_LVAL_PREFERENCE, + F_LVAL_SA, + F_LVAL_EA, +}; + +/* Filter l-value */ +struct f_lval { + enum f_lval_type type; + union { + struct symbol *sym; + struct f_dynamic_attr da; + struct f_static_attr sa; + }; +}; + +/* IP prefix range structure */ +struct f_prefix { + net_addr net; /* The matching prefix must match this net */ + u8 lo, hi; /* And its length must fit between lo and hi */ +}; + +struct f_tree { + struct f_tree *left, *right; + struct f_val from, to; + void *data; +}; + +struct f_trie_node +{ + ip_addr addr, mask, accept; + uint plen; + struct f_trie_node *c[2]; +}; + +struct f_trie +{ + linpool *lp; + int zero; + uint node_size; + struct f_trie_node root[0]; /* Root trie node follows */ +}; + +struct f_tree *f_new_tree(void); +struct f_tree *build_tree(struct f_tree *); +const struct f_tree *find_tree(const struct f_tree *t, const struct f_val *val); +int same_tree(const struct f_tree *t0, const struct f_tree *t2); +void tree_format(const struct f_tree *t, buffer *buf); + +struct f_trie *f_new_trie(linpool *lp, uint node_size); +void *trie_add_prefix(struct f_trie *t, const net_addr *n, uint l, uint h); +int trie_match_net(const struct f_trie *t, const net_addr *n); +int trie_same(const struct f_trie *t1, const struct f_trie *t2); +void trie_format(const struct f_trie *t, buffer *buf); + +#define F_CMP_ERROR 999 + +int val_same(const struct f_val *v1, const struct f_val *v2); +int val_compare(const struct f_val *v1, const struct f_val *v2); +void val_format(const struct f_val *v, buffer *buf); +char *val_format_str(struct linpool *lp, const struct f_val *v); +const char *val_dump(const struct f_val *v); + +static inline int val_is_ip4(const struct f_val *v) +{ return (v->type == T_IP) && ipa_is_ip4(v->val.ip); } +int val_in_range(const struct f_val *v1, const struct f_val *v2); + +int clist_set_type(const struct f_tree *set, struct f_val *v); +static inline int eclist_set_type(const struct f_tree *set) +{ return set->from.type == T_EC; } +static inline int lclist_set_type(const struct f_tree *set) +{ return set->from.type == T_LC; } + +const struct adata *clist_filter(struct linpool *pool, const struct adata *list, const struct f_val *set, int pos); +const struct adata *eclist_filter(struct linpool *pool, const struct adata *list, const struct f_val *set, int pos); +const struct adata *lclist_filter(struct linpool *pool, const struct adata *list, const struct f_val *set, int pos); + + +/* Special undef value for paths and clists */ +static inline int +undef_value(struct f_val v) +{ + return ((v.type == T_PATH) || (v.type == T_CLIST) || + (v.type == T_ECLIST) || (v.type == T_LCLIST)) && + (v.val.ad == &null_adata); +} + +extern const struct f_val f_const_empty_path, f_const_empty_clist, f_const_empty_eclist, f_const_empty_lclist; + +enum filter_return f_eval(const struct f_line *expr, struct linpool *tmp_pool, struct f_val *pres); + +#endif diff --git a/filter/decl.m4 b/filter/decl.m4 new file mode 100644 index 00000000..4d5b70dc --- /dev/null +++ b/filter/decl.m4 @@ -0,0 +1,583 @@ +m4_divert(-1)m4_dnl +# +# BIRD -- Construction of per-instruction structures +# +# (c) 2018 Maria Matejka <mq@jmq.cz> +# +# Can be freely distributed and used under the terms of the GNU GPL. +# +# THIS IS A M4 MACRO FILE GENERATING 3 FILES ALTOGETHER. +# KEEP YOUR HANDS OFF UNLESS YOU KNOW WHAT YOU'RE DOING. +# EDITING AND DEBUGGING THIS FILE MAY DAMAGE YOUR BRAIN SERIOUSLY. +# +# But you're welcome to read and edit and debug if you aren't scared. +# +# Uncomment the following line to get exhaustive debug output. +# m4_debugmode(aceflqtx) +# +# How it works: +# 1) Instruction to code conversion (uses diversions 100..199) +# 2) Code wrapping (uses diversions 1..99) +# 3) Final preparation (uses diversions 200..299) +# 4) Shipout +# +# See below for detailed description. +# +# +# 1) Instruction to code conversion +# The code provided in f-inst.c between consecutive INST() calls +# is interleaved for many different places. It is here processed +# and split into separate instances where split-by-instruction +# happens. These parts are stored in temporary diversions listed: +# +# 101 content of per-inst struct +# 102 constructor arguments +# 103 constructor body +# 104 dump line item content +# (there may be nothing in dump-line content and +# it must be handled specially in phase 2) +# 105 linearize body +# 106 comparator body +# 107 struct f_line_item content +# 108 interpreter body +# +# Here are macros to allow you to _divert to the right directions. +m4_define(FID_STRUCT_IN, `m4_divert(101)') +m4_define(FID_NEW_ARGS, `m4_divert(102)') +m4_define(FID_NEW_BODY, `m4_divert(103)') +m4_define(FID_DUMP_BODY, `m4_divert(104)m4_define([[FID_DUMP_BODY_EXISTS]])') +m4_define(FID_LINEARIZE_BODY, `m4_divert(105)') +m4_define(FID_SAME_BODY, `m4_divert(106)') +m4_define(FID_LINE_IN, `m4_divert(107)') +m4_define(FID_INTERPRET_BODY, `m4_divert(108)') + +# Sometimes you want slightly different code versions in different +# outputs. +# Use FID_HIC(code for inst-gen.h, code for inst-gen.c, code for inst-interpret.c) +# and put it into [[ ]] quotes if it shall contain commas. +m4_define(FID_HIC, `m4_ifelse(TARGET, [[H]], [[$1]], TARGET, [[I]], [[$2]], TARGET, [[C]], [[$3]])') + +# In interpreter code, this is quite common. +m4_define(FID_INTERPRET_EXEC, `FID_HIC(,[[FID_INTERPRET_BODY()]],[[m4_divert(-1)]])') +m4_define(FID_INTERPRET_NEW, `FID_HIC(,[[m4_divert(-1)]],[[FID_INTERPRET_BODY()]])') + +# If the instruction is never converted to constant, the interpret +# code is not produced at all for constructor +m4_define(NEVER_CONSTANT, `m4_define([[INST_NEVER_CONSTANT]])') +m4_define(FID_IFCONST, `m4_ifdef([[INST_NEVER_CONSTANT]],[[$2]],[[$1]])') + +# If the instruction has some attributes (here called members), +# these are typically carried with the instruction from constructor +# to interpreter. This yields a line of code everywhere on the path. +# FID_MEMBER is a macro to help with this task. +m4_define(FID_MEMBER, `m4_dnl +FID_LINE_IN()m4_dnl + $1 $2; +FID_STRUCT_IN()m4_dnl + $1 $2; +FID_NEW_ARGS()m4_dnl + , $1 $2 +FID_NEW_BODY()m4_dnl +whati->$2 = $2; +FID_LINEARIZE_BODY()m4_dnl +item->$2 = whati->$2; +m4_ifelse($3,,,[[ +FID_SAME_BODY()m4_dnl +if ($3) return 0; +]]) +m4_ifelse($4,,,[[ +FID_DUMP_BODY()m4_dnl +debug("%s" $4 "\n", INDENT, $5); +]]) +FID_INTERPRET_EXEC()m4_dnl +const $1 $2 = whati->$2 +FID_INTERPRET_BODY') + +# Instruction arguments are needed only until linearization is done. +# This puts the arguments into the filter line to be executed before +# the instruction itself. +# +# To achieve this, ARG_ANY must be called before anything writes into +# the instruction line as it moves the instruction pointer forward. +m4_define(ARG_ANY, ` +FID_STRUCT_IN()m4_dnl + struct f_inst * f$1; +FID_NEW_ARGS()m4_dnl + , struct f_inst * f$1 +FID_NEW_BODY +whati->f$1 = f$1; +for (const struct f_inst *child = f$1; child; child = child->next) { + what->size += child->size; +FID_IFCONST([[ + if (child->fi_code != FI_CONSTANT) + constargs = 0; +]]) +} +FID_LINEARIZE_BODY +pos = linearize(dest, whati->f$1, pos); +FID_INTERPRET_BODY()') + +# Some instructions accept variable number of arguments. +m4_define(VARARG, ` +FID_NEW_ARGS()m4_dnl + , struct f_inst * fvar +FID_STRUCT_IN()m4_dnl + struct f_inst * fvar; + uint varcount; +FID_LINE_IN()m4_dnl + uint varcount; +FID_NEW_BODY()m4_dnl +whati->varcount = 0; +whati->fvar = fvar; +for (const struct f_inst *child = fvar; child; child = child->next, whati->varcount++) { + what->size += child->size; +FID_IFCONST([[ + if (child->fi_code != FI_CONSTANT) + constargs = 0; +]]) +} +FID_IFCONST([[ + const struct f_inst **items = NULL; + if (constargs) { + items = alloca(whati->varcount * sizeof(struct f_inst *)); + const struct f_inst *child = fvar; + for (uint i=0; child; i++) + child = (items[i] = child)->next; + } +]]) +FID_LINEARIZE_BODY()m4_dnl + pos = linearize(dest, whati->fvar, pos); + item->varcount = whati->varcount; +FID_DUMP_BODY()m4_dnl + debug("%snumber of varargs %u\n", INDENT, item->varcount); +FID_SAME_BODY()m4_dnl + if (f1->varcount != f2->varcount) return 0; +FID_INTERPRET_BODY() +FID_HIC(,[[ + if (fstk->vcnt < whati->varcount) runtime("Stack underflow"); + fstk->vcnt -= whati->varcount; +]],) +') + +# Some arguments need to check their type. After that, ARG_ANY is called. +m4_define(ARG, `ARG_ANY($1) +FID_INTERPRET_EXEC()m4_dnl +if (v$1.type != $2) runtime("Argument $1 of instruction %s must be of type $2, got 0x%02x", f_instruction_name(what->fi_code), v$1.type)m4_dnl +FID_INTERPRET_BODY()') + +# Executing another filter line. This replaces the recursion +# that was needed in the former implementation. +m4_define(LINEX, `FID_INTERPRET_EXEC()LINEX_($1)FID_INTERPRET_NEW()return $1 FID_INTERPRET_BODY()') +m4_define(LINEX_, `do { + fstk->estk[fstk->ecnt].pos = 0; + fstk->estk[fstk->ecnt].line = $1; + fstk->estk[fstk->ecnt].ventry = fstk->vcnt; + fstk->estk[fstk->ecnt].vbase = fstk->estk[fstk->ecnt-1].vbase; + fstk->estk[fstk->ecnt].emask = 0; + fstk->ecnt++; +} while (0)') + +m4_define(LINE, ` +FID_LINE_IN()m4_dnl + const struct f_line * fl$1; +FID_STRUCT_IN()m4_dnl + struct f_inst * f$1; +FID_NEW_ARGS()m4_dnl + , struct f_inst * f$1 +FID_NEW_BODY()m4_dnl +whati->f$1 = f$1; +FID_DUMP_BODY()m4_dnl +f_dump_line(item->fl$1, indent + 1); +FID_LINEARIZE_BODY()m4_dnl +item->fl$1 = f_linearize(whati->f$1); +FID_SAME_BODY()m4_dnl +if (!f_same(f1->fl$1, f2->fl$1)) return 0; +FID_INTERPRET_EXEC()m4_dnl +do { if (whati->fl$1) { + LINEX_(whati->fl$1); +} } while(0) +FID_INTERPRET_NEW()m4_dnl +return whati->f$1 +FID_INTERPRET_BODY()') + +# Some of the instructions have a result. These constructions +# state the result and put it to the right place. +m4_define(RESULT, `RESULT_VAL([[ (struct f_val) { .type = $1, .val.$2 = $3 } ]])') +m4_define(RESULT_VAL, `FID_HIC(, [[do { res = $1; fstk->vcnt++; } while (0)]], +[[return fi_constant(what, $1)]])') +m4_define(RESULT_VOID, `RESULT_VAL([[ (struct f_val) { .type = T_VOID } ]])') + +# Some common filter instruction members +m4_define(SYMBOL, `FID_MEMBER(struct symbol *, sym, [[strcmp(f1->sym->name, f2->sym->name) || (f1->sym->class != f2->sym->class)]], "symbol %s", item->sym->name)') +m4_define(RTC, `FID_MEMBER(struct rtable_config *, rtc, [[strcmp(f1->rtc->name, f2->rtc->name)]], "route table %s", item->rtc->name)') +m4_define(STATIC_ATTR, `FID_MEMBER(struct f_static_attr, sa, f1->sa.sa_code != f2->sa.sa_code,,)') +m4_define(DYNAMIC_ATTR, `FID_MEMBER(struct f_dynamic_attr, da, f1->da.ea_code != f2->da.ea_code,,)') +m4_define(ACCESS_RTE, `FID_HIC(,[[do { if (!fs->rte) runtime("No route to access"); } while (0)]],NEVER_CONSTANT())') + +# 2) Code wrapping +# The code produced in 1xx temporary diversions is a raw code without +# any auxiliary commands and syntactical structures around. When the +# instruction is done, INST_FLUSH is called. More precisely, it is called +# at the beginning of INST() call and at the end of file. +# +# INST_FLUSH picks all the temporary diversions, wraps their content +# into appropriate headers and structures and saves them into global +# diversions listed: +# +# 4 enum fi_code +# 5 enum fi_code to string +# 6 dump line item +# 7 dump line item callers +# 8 linearize +# 9 same (filter comparator) +# 1 union in struct f_inst +# 3 constructors + interpreter +# +# These global diversions contain blocks of code that can be directly +# put into the final file, yet it still can't be written out now as +# every instruction writes to all of these diversions. + +# Code wrapping diversion names. Here we want an explicit newline +# after the C comment. +m4_define(FID_ZONE, `m4_divert($1) /* $2 for INST_NAME() */ +') +m4_define(FID_INST, `FID_ZONE(1, Instruction structure for config)') +m4_define(FID_LINE, `FID_ZONE(2, Instruction structure for interpreter)') +m4_define(FID_NEW, `FID_ZONE(3, Constructor)') +m4_define(FID_ENUM, `FID_ZONE(4, Code enum)') +m4_define(FID_ENUM_STR, `FID_ZONE(5, Code enum to string)') +m4_define(FID_DUMP, `FID_ZONE(6, Dump line)') +m4_define(FID_DUMP_CALLER, `FID_ZONE(7, Dump line caller)') +m4_define(FID_LINEARIZE, `FID_ZONE(8, Linearize)') +m4_define(FID_SAME, `FID_ZONE(9, Comparison)') + +# This macro does all the code wrapping. See inline comments. +m4_define(INST_FLUSH, `m4_ifdef([[INST_NAME]], [[ +FID_ENUM()m4_dnl Contents of enum fi_code { ... } + INST_NAME(), +FID_ENUM_STR()m4_dnl Contents of const char * indexed by enum fi_code + [INST_NAME()] = "INST_NAME()", +FID_INST()m4_dnl Anonymous structure inside struct f_inst + struct { +m4_undivert(101)m4_dnl + } i_[[]]INST_NAME(); +FID_LINE()m4_dnl Anonymous structure inside struct f_line_item + struct { +m4_undivert(107)m4_dnl + } i_[[]]INST_NAME(); +FID_NEW()m4_dnl Constructor and interpreter code together +FID_HIC( +[[m4_dnl Public declaration of constructor in H file +struct f_inst *f_new_inst_]]INST_NAME()[[(enum f_instruction_code fi_code +m4_undivert(102)m4_dnl +);]], +[[m4_dnl The one case in The Big Switch inside interpreter + case INST_NAME(): + #define whati (&(what->i_]]INST_NAME()[[)) + m4_ifelse(m4_eval(INST_INVAL() > 0), 1, [[if (fstk->vcnt < INST_INVAL()) runtime("Stack underflow"); fstk->vcnt -= INST_INVAL(); ]]) + m4_undivert(108)m4_dnl + #undef whati + break; +]], +[[m4_dnl Constructor itself +struct f_inst *f_new_inst_]]INST_NAME()[[(enum f_instruction_code fi_code +m4_undivert(102)m4_dnl +) + { + /* Allocate the structure */ + struct f_inst *what = fi_new(fi_code); + FID_IFCONST([[uint constargs = 1;]]) + + /* Initialize all the members */ + #define whati (&(what->i_]]INST_NAME()[[)) + m4_undivert(103)m4_dnl + + /* If not constant, return the instruction itself */ + FID_IFCONST([[if (!constargs)]]) + return what; + + /* Try to pre-calculate the result */ + FID_IFCONST([[m4_undivert(108)]])m4_dnl + #undef whati + } +]]) + +FID_DUMP_CALLER()m4_dnl Case in another big switch used in instruction dumping (debug) +case INST_NAME(): f_dump_line_item_]]INST_NAME()[[(item, indent + 1); break; + +FID_DUMP()m4_dnl The dumper itself +m4_ifdef([[FID_DUMP_BODY_EXISTS]], +[[static inline void f_dump_line_item_]]INST_NAME()[[(const struct f_line_item *item_, const int indent)]], +[[static inline void f_dump_line_item_]]INST_NAME()[[(const struct f_line_item *item UNUSED, const int indent UNUSED)]]) +m4_undefine([[FID_DUMP_BODY_EXISTS]]) +{ +#define item (&(item_->i_]]INST_NAME()[[)) +m4_undivert(104)m4_dnl +#undef item +} + +FID_LINEARIZE()m4_dnl The linearizer +case INST_NAME(): { +#define whati (&(what->i_]]INST_NAME()[[)) +#define item (&(dest->items[pos].i_]]INST_NAME()[[)) + m4_undivert(105)m4_dnl +#undef whati +#undef item + dest->items[pos].fi_code = what->fi_code; + dest->items[pos].lineno = what->lineno; + break; +} + +FID_SAME()m4_dnl This code compares two f_line"s while reconfiguring +case INST_NAME(): +#define f1 (&(f1_->i_]]INST_NAME()[[)) +#define f2 (&(f2_->i_]]INST_NAME()[[)) +m4_undivert(106)m4_dnl +#undef f1 +#undef f2 +break; + +m4_divert(-1)FID_FLUSH(101,200)m4_dnl And finally this flushes all the unused diversions +]])') + +m4_define(INST, `m4_dnl This macro is called on beginning of each instruction. +INST_FLUSH()m4_dnl First, old data is flushed +m4_define([[INST_NAME]], [[$1]])m4_dnl Then we store instruction name, +m4_define([[INST_INVAL]], [[$2]])m4_dnl instruction input value count +m4_undefine([[INST_NEVER_CONSTANT]])m4_dnl and reset NEVER_CONSTANT trigger. +FID_INTERPRET_BODY()m4_dnl By default, every code is interpreter code. +') + +# 3) Final preparation +# +# Now we prepare all the code around the global diversions. +# It must be here, not in m4wrap, as we want M4 to mark the code +# by #line directives correctly, not to claim that every single line +# is at the beginning of the m4wrap directive. +# +# This part is split by the final file. +# H for inst-gen.h +# I for inst-interpret.c +# C for inst-gen.c +# +# So we in cycle: +# A. open a diversion +# B. send there some code +# C. close that diversion +# D. flush a global diversion +# E. open another diversion and goto B. +# +# Final diversions +# 200+ completed text before it is flushed to output + +# This is a list of output diversions +m4_define(FID_WR_PUT_LIST) + +# This macro does the steps C to E, see before. +m4_define(FID_WR_PUT_ALSO, `m4_define([[FID_WR_PUT_LIST]],FID_WR_PUT_LIST()[[FID_WR_DPUT(]]FID_WR_DIDX[[)FID_WR_DPUT(]]$1[[)]])m4_define([[FID_WR_DIDX]],m4_eval(FID_WR_DIDX+1))m4_divert(FID_WR_DIDX)') + +# These macros do the splitting between H/I/C +m4_define(FID_WR_DIRECT, `m4_ifelse(TARGET,[[$1]],[[FID_WR_INIT()]],[[FID_WR_STOP()]])') +m4_define(FID_WR_INIT, `m4_define([[FID_WR_DIDX]],200)m4_define([[FID_WR_PUT]],[[FID_WR_PUT_ALSO($]][[@)]])m4_divert(200)') +m4_define(FID_WR_STOP, `m4_define([[FID_WR_PUT]])m4_divert(-1)') + +# Here is the direct code to be put into the output files +# together with the undiversions, being hidden under FID_WR_PUT() + +m4_changequote([[,]]) +FID_WR_DIRECT(I) +FID_WR_PUT(3) +FID_WR_DIRECT(C) + +#if defined(__GNUC__) && __GNUC__ >= 6 +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wmisleading-indentation" +#endif + +#include "nest/bird.h" +#include "filter/filter.h" +#include "filter/f-inst.h" + +/* Instruction codes to string */ +static const char * const f_instruction_name_str[] = { +FID_WR_PUT(5) +}; + +const char * +f_instruction_name(enum f_instruction_code fi) +{ + if (fi < (sizeof(f_instruction_name_str) / sizeof(f_instruction_name_str[0]))) + return f_instruction_name_str[fi]; + else + bug("Got unknown instruction code: %d", fi); +} + +static inline struct f_inst * +fi_new(enum f_instruction_code fi_code) +{ + struct f_inst *what = cfg_allocz(sizeof(struct f_inst)); + what->lineno = ifs->lino; + what->size = 1; + what->fi_code = fi_code; + return what; +} + +static inline struct f_inst * +fi_constant(struct f_inst *what, struct f_val val) +{ + what->fi_code = FI_CONSTANT; + what->i_FI_CONSTANT.val = val; + return what; +} + +#define v1 whati->f1->i_FI_CONSTANT.val +#define v2 whati->f2->i_FI_CONSTANT.val +#define v3 whati->f3->i_FI_CONSTANT.val +#define vv(i) items[i]->i_FI_CONSTANT.val +#define runtime(fmt, ...) cf_error("filter preevaluation, line %d: " fmt, ifs->lino, ##__VA_ARGS__) +#define fpool cfg_mem +#define falloc(size) cfg_alloc(size) +/* Instruction constructors */ +FID_WR_PUT(3) +#undef v1 +#undef v2 +#undef v3 +#undef vv + +/* Line dumpers */ +#define INDENT (((const char *) f_dump_line_indent_str) + sizeof(f_dump_line_indent_str) - (indent) - 1) +static const char f_dump_line_indent_str[] = " "; + +FID_WR_PUT(6) + +void f_dump_line(const struct f_line *dest, uint indent) +{ + if (!dest) { + debug("%sNo filter line (NULL)\n", INDENT); + return; + } + debug("%sFilter line %p (len=%u)\n", INDENT, dest, dest->len); + for (uint i=0; i<dest->len; i++) { + const struct f_line_item *item = &dest->items[i]; + debug("%sInstruction %s at line %u\n", INDENT, f_instruction_name(item->fi_code), item->lineno); + switch (item->fi_code) { +FID_WR_PUT(7) + default: bug("Unknown instruction %x in f_dump_line", item->fi_code); + } + } + debug("%sFilter line %p dump done\n", INDENT, dest); +} + +/* Linearize */ +static uint +linearize(struct f_line *dest, const struct f_inst *what, uint pos) +{ + for ( ; what; what = what->next) { + switch (what->fi_code) { +FID_WR_PUT(8) + } + pos++; + } + return pos; +} + +struct f_line * +f_linearize_concat(const struct f_inst * const inst[], uint count) +{ + uint len = 0; + for (uint i=0; i<count; i++) + for (const struct f_inst *what = inst[i]; what; what = what->next) + len += what->size; + + struct f_line *out = cfg_allocz(sizeof(struct f_line) + sizeof(struct f_line_item)*len); + + for (uint i=0; i<count; i++) + out->len = linearize(out, inst[i], out->len); + +#if DEBUGGING + f_dump_line(out, 0); +#endif + return out; +} + +/* Filter line comparison */ +int +f_same(const struct f_line *fl1, const struct f_line *fl2) +{ + if ((!fl1) && (!fl2)) + return 1; + if ((!fl1) || (!fl2)) + return 0; + if (fl1->len != fl2->len) + return 0; + for (uint i=0; i<fl1->len; i++) { +#define f1_ (&(fl1->items[i])) +#define f2_ (&(fl2->items[i])) + if (f1_->fi_code != f2_->fi_code) + return 0; + if (f1_->flags != f2_->flags) + return 0; + + switch(f1_->fi_code) { +FID_WR_PUT(9) + } + } +#undef f1_ +#undef f2_ + return 1; +} + +#if defined(__GNUC__) && __GNUC__ >= 6 +#pragma GCC diagnostic pop +#endif + +FID_WR_DIRECT(H) +/* Filter instruction codes */ +enum f_instruction_code { +FID_WR_PUT(4)m4_dnl +} PACKED; + +/* Filter instruction structure for config */ +struct f_inst { + struct f_inst *next; /* Next instruction */ + enum f_instruction_code fi_code; /* Instruction code */ + int size; /* How many instructions are underneath */ + int lineno; /* Line number */ + union { +FID_WR_PUT(1)m4_dnl + }; +}; + +/* Filter line item */ +struct f_line_item { + enum f_instruction_code fi_code; /* What to do */ + enum f_instruction_flags flags; /* Flags, instruction-specific */ + uint lineno; /* Where */ + union { +FID_WR_PUT(2)m4_dnl + }; +}; + +/* Instruction constructors */ +FID_WR_PUT(3) +m4_divert(-1) + +# 4) Shipout +# +# Everything is prepared in FID_WR_PUT_LIST now. Let's go! + +m4_changequote(`,') + +# Flusher auxiliary macro +m4_define(FID_FLUSH, `m4_ifelse($1,$2,,[[m4_undivert($1)FID_FLUSH(m4_eval($1+1),$2)]])') + +# Defining the macro used in FID_WR_PUT_LIST +m4_define(FID_WR_DPUT, `m4_undivert($1)') + +# After the code is read and parsed, we: +m4_m4wrap(`INST_FLUSH()m4_divert(0)FID_WR_PUT_LIST()m4_divert(-1)FID_FLUSH(1,200)') + +m4_changequote([[,]]) +# And now M4 is going to parse f-inst.c, fill the diversions +# and after the file is done, the content of m4_m4wrap (see before) +# is executed. diff --git a/filter/f-inst.c b/filter/f-inst.c new file mode 100644 index 00000000..0867ac4a --- /dev/null +++ b/filter/f-inst.c @@ -0,0 +1,1173 @@ +/* + * Filters: Instructions themselves + * + * Copyright 1998 Pavel Machek <pavel@ucw.cz> + * Copyright 2018 Maria Matejka <mq@jmq.cz> + * Copyright 2018 CZ.NIC z.s.p.o. + * + * Can be freely distributed and used under the terms of the GNU GPL. + * + * The filter code goes through several phases: + * + * 1 Parsing + * Flex- and Bison-generated parser decodes the human-readable data into + * a struct f_inst tree. This is an infix tree that was interpreted by + * depth-first search execution in previous versions of the interpreter. + * All instructions have their constructor: f_new_inst(FI_EXAMPLE, ...) + * translates into f_new_inst_FI_EXAMPLE(...) and the types are checked in + * compile time. If the result of the instruction is always the same, + * it's reduced to FI_CONSTANT directly in constructor. This phase also + * counts how many instructions are underlying in means of f_line_item + * fields to know how much we have to allocate in the next phase. + * + * 2 Linearize before interpreting + * The infix tree is always interpreted in the same order. Therefore we + * sort the instructions one after another into struct f_line. Results + * and arguments of these instructions are implicitly put on a value + * stack; e.g. the + operation just takes two arguments from the value + * stack and puts the result on there. + * + * 3 Interpret + * The given line is put on a custom execution stack. If needed (FI_CALL, + * FI_SWITCH, FI_AND, FI_OR, FI_CONDITION, ...), another line is put on top + * of the stack; when that line finishes, the execution continues on the + * older lines on the stack where it stopped before. + * + * 4 Same + * On config reload, the filters have to be compared whether channel + * reload is needed or not. The comparison is done by comparing the + * struct f_line's recursively. + * + * The main purpose of this rework was to improve filter performance + * by making the interpreter non-recursive. + * + * The other outcome is concentration of instruction definitions to + * one place -- right here. You shall define your instruction only here + * and nowhere else. + * + * Beware. This file is interpreted by M4 macros. These macros + * may be more stupid than you could imagine. If something strange + * happens after changing this file, compare the results before and + * after your change (see the Makefile to find out where the results are) + * and see what really happened. + * + * This file is not directly a C source code -> it is a generator input + * for several C sources; every instruction block gets expanded into many + * different places. + * + * All the arguments are processed literally; if you need an argument including comma, + * you have to quote it by [[ ... ]] + * + * What is the syntax here? + * m4_dnl INST(FI_NOP, in, out) { enum value, input args, output args + * m4_dnl ARG(num, type); argument, its id (in data fields) and type accessible by v1, v2, v3 + * m4_dnl ARG_ANY(num); argument with no type check accessible by v1, v2, v3 + * m4_dnl VARARG; variable-length argument list; accessible by vv(i) and whati->varcount + * m4_dnl LINE(num, unused); this argument has to be converted to its own f_line + * m4_dnl SYMBOL; symbol handed from config + * m4_dnl STATIC_ATTR; static attribute definition + * m4_dnl DYNAMIC_ATTR; dynamic attribute definition + * m4_dnl RTC; route table config + * m4_dnl ACCESS_RTE; this instruction needs route + * m4_dnl ACCESS_EATTRS; this instruction needs extended attributes + * + * m4_dnl FID_MEMBER( custom instruction member + * m4_dnl C type, for storage in structs + * m4_dnl name, how the member is named + * m4_dnl comparator for same(), if different, this should be TRUE (CAVEAT) + * m4_dnl dump format string debug -> format string for bvsnprintf + * m4_dnl dump format args appropriate args + * m4_dnl ) + * + * m4_dnl RESULT(type, union-field, value); putting this on value stack + * m4_dnl RESULT_VAL(value-struct); pass the struct f_val directly + * m4_dnl RESULT_VOID; return undef + * m4_dnl } + * + * Also note that the { ... } blocks are not respected by M4 at all. + * If you get weird unmatched-brace-pair errors, check what it generated and why. + * What is really considered as one instruction is not the { ... } block + * after m4_dnl INST() but all the code between them. + * + * Other code is just copied into the interpreter part. + * + * If you are satisfied with this, you don't need to read the following + * detailed description of what is really done with the instruction definitions. + * + * m4_dnl Now let's look under the cover. The code between each INST() + * m4_dnl is copied to several places, namely these (numbered by the M4 diversions + * m4_dnl used in filter/decl.m4): + * + * m4_dnl (102) struct f_inst *f_new_inst(FI_EXAMPLE [[ put it here ]]) + * m4_dnl { + * m4_dnl ... (common code) + * m4_dnl (103) [[ put it here ]] + * m4_dnl ... + * m4_dnl if (all arguments are constant) + * m4_dnl (108) [[ put it here ]] + * m4_dnl } + * m4_dnl For writing directly to constructor argument list, use FID_NEW_ARGS. + * m4_dnl For computing something in constructor (103), use FID_NEW_BODY. + * m4_dnl For constant pre-interpretation (108), see below at FID_INTERPRET_BODY. + * + * m4_dnl struct f_inst { + * m4_dnl ... (common fields) + * m4_dnl union { + * m4_dnl struct { + * m4_dnl (101) [[ put it here ]] + * m4_dnl } i_FI_EXAMPLE; + * m4_dnl ... + * m4_dnl }; + * m4_dnl }; + * m4_dnl This structure is returned from constructor. + * m4_dnl For writing directly to this structure, use FID_STRUCT_IN. + * + * m4_dnl linearize(struct f_line *dest, const struct f_inst *what, uint pos) { + * m4_dnl ... + * m4_dnl switch (what->fi_code) { + * m4_dnl case FI_EXAMPLE: + * m4_dnl (105) [[ put it here ]] + * m4_dnl break; + * m4_dnl } + * m4_dnl } + * m4_dnl This is called when translating from struct f_inst to struct f_line_item. + * m4_dnl For accessing your custom instruction data, use following macros: + * m4_dnl whati -> for accessing (struct f_inst).i_FI_EXAMPLE + * m4_dnl item -> for accessing (struct f_line)[pos].i_FI_EXAMPLE + * m4_dnl For writing directly here, use FID_LINEARIZE_BODY. + * + * m4_dnl (107) struct f_line_item { + * m4_dnl ... (common fields) + * m4_dnl union { + * m4_dnl struct { + * m4_dnl (101) [[ put it here ]] + * m4_dnl } i_FI_EXAMPLE; + * m4_dnl ... + * m4_dnl }; + * m4_dnl }; + * m4_dnl The same as FID_STRUCT_IN (101) but for the other structure. + * m4_dnl This structure is returned from the linearizer (105). + * m4_dnl For writing directly to this structure, use FID_LINE_IN. + * + * m4_dnl f_dump_line_item_FI_EXAMPLE(const struct f_line_item *item, const int indent) + * m4_dnl { + * m4_dnl (104) [[ put it here ]] + * m4_dnl } + * m4_dnl This code dumps the instruction on debug. Note that the argument + * m4_dnl is the linearized instruction; if the instruction has arguments, + * m4_dnl their code has already been linearized and their value is taken + * m4_dnl from the value stack. + * m4_dnl For writing directly here, use FID_DUMP_BODY. + * + * m4_dnl f_same(...) + * m4_dnl { + * m4_dnl switch (f1_->fi_code) { + * m4_dnl case FI_EXAMPLE: + * m4_dnl (106) [[ put it here ]] + * m4_dnl break; + * m4_dnl } + * m4_dnl } + * m4_dnl This code compares the two given instrucions (f1_ and f2_) + * m4_dnl on reconfigure. For accessing your custom instruction data, + * m4_dnl use macros f1 and f2. + * m4_dnl For writing directly here, use FID_SAME_BODY. + * + * m4_dnl interpret(...) + * m4_dnl { + * m4_dnl switch (what->fi_code) { + * m4_dnl case FI_EXAMPLE: + * m4_dnl (108) [[ put it here ]] + * m4_dnl break; + * m4_dnl } + * m4_dnl } + * m4_dnl This code executes the instruction. Every pre-defined macro + * m4_dnl resets the output here. For setting it explicitly, + * m4_dnl use FID_INTERPRET_BODY. + * m4_dnl This code is put on two places; one is the interpreter, the other + * m4_dnl is instruction constructor. If you need to distinguish between + * m4_dnl these two, use FID_INTERPRET_EXEC or FID_INTERPRET_NEW respectively. + * m4_dnl To address the difference between interpreter and constructor + * m4_dnl environments, there are several convenience macros defined: + * m4_dnl runtime() -> for spitting out runtime error like division by zero + * m4_dnl RESULT(...) -> declare result; may overwrite arguments + * m4_dnl v1, v2, v3 -> positional arguments, may be overwritten by RESULT() + * m4_dnl falloc(size) -> allocate memory from the appropriate linpool + * m4_dnl fpool -> the current linpool + * m4_dnl NEVER_CONSTANT-> don't generate pre-interpretation code at all + * m4_dnl ACCESS_RTE -> check that route is available, also NEVER_CONSTANT + * m4_dnl ACCESS_EATTRS -> pre-cache the eattrs; use only with ACCESS_RTE + * m4_dnl f_rta_cow(fs) -> function to call before any change to route should be done + * + * m4_dnl If you are stymied, see FI_CALL or FI_CONSTANT or just search for + * m4_dnl the mentioned macros in this file to see what is happening there in wild. + */ + +/* Binary operators */ + INST(FI_ADD, 2, 1) { + ARG(1,T_INT); + ARG(2,T_INT); + RESULT(T_INT, i, v1.val.i + v2.val.i); + } + INST(FI_SUBTRACT, 2, 1) { + ARG(1,T_INT); + ARG(2,T_INT); + RESULT(T_INT, i, v1.val.i - v2.val.i); + } + INST(FI_MULTIPLY, 2, 1) { + ARG(1,T_INT); + ARG(2,T_INT); + RESULT(T_INT, i, v1.val.i * v2.val.i); + } + INST(FI_DIVIDE, 2, 1) { + ARG(1,T_INT); + ARG(2,T_INT); + if (v2.val.i == 0) runtime( "Mother told me not to divide by 0" ); + RESULT(T_INT, i, v1.val.i / v2.val.i); + } + INST(FI_AND, 1, 1) { + ARG(1,T_BOOL); + if (v1.val.i) + LINE(2,0); + else + RESULT_VAL(v1); + } + INST(FI_OR, 1, 1) { + ARG(1,T_BOOL); + if (!v1.val.i) + LINE(2,0); + else + RESULT_VAL(v1); + } + + INST(FI_PAIR_CONSTRUCT, 2, 1) { + ARG(1,T_INT); + ARG(2,T_INT); + uint u1 = v1.val.i; + uint u2 = v2.val.i; + if ((u1 > 0xFFFF) || (u2 > 0xFFFF)) + runtime( "Can't operate with value out of bounds in pair constructor" ); + RESULT(T_PAIR, i, (u1 << 16) | u2); + } + + INST(FI_EC_CONSTRUCT, 2, 1) { + ARG_ANY(1); + ARG(2, T_INT); + + FID_MEMBER(enum ec_subtype, ecs, f1->ecs != f2->ecs, "ec subtype %s", ec_subtype_str(item->ecs)); + + int check, ipv4_used; + u32 key, val; + + if (v1.type == T_INT) { + ipv4_used = 0; key = v1.val.i; + } + else if (v1.type == T_QUAD) { + ipv4_used = 1; key = v1.val.i; + } + /* IP->Quad implicit conversion */ + else if (val_is_ip4(&v1)) { + ipv4_used = 1; key = ipa_to_u32(v1.val.ip); + } + else + runtime("Argument 1 of EC constructor must be integer or IPv4 address, got 0x%02x", v1.type); + + val = v2.val.i; + + if (ecs == EC_GENERIC) { + check = 0; RESULT(T_EC, ec, ec_generic(key, val)); + } + else if (ipv4_used) { + check = 1; RESULT(T_EC, ec, ec_ip4(ecs, key, val)); + } + else if (key < 0x10000) { + check = 0; RESULT(T_EC, ec, ec_as2(ecs, key, val)); + } + else { + check = 1; RESULT(T_EC, ec, ec_as4(ecs, key, val)); + } + + if (check && (val > 0xFFFF)) + runtime("Value %u > %u out of bounds in EC constructor", val, 0xFFFF); + } + + INST(FI_LC_CONSTRUCT, 3, 1) { + ARG(1, T_INT); + ARG(2, T_INT); + ARG(3, T_INT); + RESULT(T_LC, lc, [[(lcomm) { v1.val.i, v2.val.i, v3.val.i }]]); + } + + INST(FI_PATHMASK_CONSTRUCT, 0, 1) { + VARARG; + + struct f_path_mask *pm = falloc(sizeof(struct f_path_mask) + whati->varcount * sizeof(struct f_path_mask_item)); + pm->len = whati->varcount; + + for (uint i=0; i<whati->varcount; i++) { + switch (vv(i).type) { + case T_PATH_MASK_ITEM: + pm->item[i] = vv(i).val.pmi; + break; + case T_INT: + pm->item[i] = (struct f_path_mask_item) { + .asn = vv(i).val.i, + .kind = PM_ASN, + }; + break; + default: + runtime( "Error resolving path mask template: value not an integer" ); + } + } + + RESULT(T_PATH_MASK, path_mask, pm); + } + +/* Relational operators */ + + INST(FI_NEQ, 2, 1) { + ARG_ANY(1); + ARG_ANY(2); + RESULT(T_BOOL, i, !val_same(&v1, &v2)); + } + + INST(FI_EQ, 2, 1) { + ARG_ANY(1); + ARG_ANY(2); + RESULT(T_BOOL, i, val_same(&v1, &v2)); + } + + INST(FI_LT, 2, 1) { + ARG_ANY(1); + ARG_ANY(2); + int i = val_compare(&v1, &v2); + if (i == F_CMP_ERROR) + runtime( "Can't compare values of incompatible types" ); + RESULT(T_BOOL, i, (i == -1)); + } + + INST(FI_LTE, 2, 1) { + ARG_ANY(1); + ARG_ANY(2); + int i = val_compare(&v1, &v2); + if (i == F_CMP_ERROR) + runtime( "Can't compare values of incompatible types" ); + RESULT(T_BOOL, i, (i != 1)); + } + + INST(FI_NOT, 1, 1) { + ARG(1,T_BOOL); + RESULT(T_BOOL, i, !v1.val.i); + } + + INST(FI_MATCH, 2, 1) { + ARG_ANY(1); + ARG_ANY(2); + int i = val_in_range(&v1, &v2); + if (i == F_CMP_ERROR) + runtime( "~ applied on unknown type pair" ); + RESULT(T_BOOL, i, !!i); + } + + INST(FI_NOT_MATCH, 2, 1) { + ARG_ANY(1); + ARG_ANY(2); + int i = val_in_range(&v1, &v2); + if (i == F_CMP_ERROR) + runtime( "!~ applied on unknown type pair" ); + RESULT(T_BOOL, i, !i); + } + + INST(FI_DEFINED, 1, 1) { + ARG_ANY(1); + RESULT(T_BOOL, i, (v1.type != T_VOID) && !undef_value(v1)); + } + + INST(FI_TYPE, 1, 1) { + ARG_ANY(1); /* There may be more types supporting this operation */ + switch (v1.type) + { + case T_NET: + RESULT(T_ENUM_NETTYPE, i, v1.val.net->type); + break; + default: + runtime( "Can't determine type of this item" ); + } + } + + INST(FI_IS_V4, 1, 1) { + ARG(1, T_IP); + RESULT(T_BOOL, i, ipa_is_ip4(v1.val.ip)); + } + + /* Set to indirect value prepared in v1 */ + INST(FI_VAR_SET, 1, 0) { + NEVER_CONSTANT; + ARG_ANY(1); + SYMBOL; + + if ((sym->class != (SYM_VARIABLE | v1.type)) && (v1.type != T_VOID)) + { + /* IP->Quad implicit conversion */ + if ((sym->class == (SYM_VARIABLE | T_QUAD)) && val_is_ip4(&v1)) + v1 = (struct f_val) { + .type = T_QUAD, + .val.i = ipa_to_u32(v1.val.ip), + }; + else + runtime( "Assigning to variable of incompatible type" ); + } + + fstk->vstk[curline.vbase + sym->offset] = v1; + } + + INST(FI_VAR_GET, 0, 1) { + SYMBOL; + NEVER_CONSTANT; + RESULT_VAL(fstk->vstk[curline.vbase + sym->offset]); + } + + INST(FI_CONSTANT, 0, 1) { + FID_MEMBER( + struct f_val, + val, + [[ !val_same(&(f1->val), &(f2->val)) ]], + "value %s", + val_dump(&(item->val)) + ); + + RESULT_VAL(val); + } + + INST(FI_CONDITION, 1, 0) { + ARG(1, T_BOOL); + if (v1.val.i) + LINE(2,0); + else + LINE(3,1); + } + + INST(FI_PRINT, 0, 0) { + NEVER_CONSTANT; + VARARG; + + if (whati->varcount && !(fs->flags & FF_SILENT)) + for (uint i=0; i<whati->varcount; i++) + val_format(&(vv(i)), &fs->buf); + } + + INST(FI_FLUSH, 0, 0) { + NEVER_CONSTANT; + if (!(fs->flags & FF_SILENT)) + /* After log_commit, the buffer is reset */ + log_commit(*L_INFO, &fs->buf); + } + + INST(FI_DIE, 0, 0) { + NEVER_CONSTANT; + FID_MEMBER(enum filter_return, fret, f1->fret != f2->fret, "%s", filter_return_str(item->fret)); + + switch (whati->fret) { + case F_QUITBIRD: + die( "Filter asked me to die" ); + case F_ACCEPT: /* Should take care about turning ACCEPT into MODIFY */ + case F_ERROR: + case F_REJECT: /* Maybe print complete route along with reason to reject route? */ + return fret; /* We have to return now, no more processing. */ + default: + bug( "unknown return type: Can't happen"); + } + } + + INST(FI_RTA_GET, 0, 1) { + { + STATIC_ATTR; + ACCESS_RTE; + struct rta *rta = (*fs->rte)->attrs; + + switch (sa.sa_code) + { + case SA_FROM: RESULT(sa.f_type, ip, rta->from); break; + case SA_GW: RESULT(sa.f_type, ip, rta->nh.gw); break; + case SA_NET: RESULT(sa.f_type, net, (*fs->rte)->net->n.addr); break; + case SA_PROTO: RESULT(sa.f_type, s, rta->src->proto->name); break; + case SA_SOURCE: RESULT(sa.f_type, i, rta->source); break; + case SA_SCOPE: RESULT(sa.f_type, i, rta->scope); break; + case SA_DEST: RESULT(sa.f_type, i, rta->dest); break; + case SA_IFNAME: RESULT(sa.f_type, s, rta->nh.iface ? rta->nh.iface->name : ""); break; + case SA_IFINDEX: RESULT(sa.f_type, i, rta->nh.iface ? rta->nh.iface->index : 0); break; + + default: + bug("Invalid static attribute access (%u/%u)", sa.f_type, sa.sa_code); + } + } + } + + INST(FI_RTA_SET, 1, 0) { + ACCESS_RTE; + ARG_ANY(1); + STATIC_ATTR; + if (sa.f_type != v1.type) + runtime( "Attempt to set static attribute to incompatible type" ); + + f_rta_cow(fs); + { + struct rta *rta = (*fs->rte)->attrs; + + switch (sa.sa_code) + { + case SA_FROM: + rta->from = v1.val.ip; + break; + + case SA_GW: + { + ip_addr ip = v1.val.ip; + neighbor *n = neigh_find(rta->src->proto, ip, NULL, 0); + if (!n || (n->scope == SCOPE_HOST)) + runtime( "Invalid gw address" ); + + rta->dest = RTD_UNICAST; + rta->nh.gw = ip; + rta->nh.iface = n->iface; + rta->nh.next = NULL; + rta->hostentry = NULL; + } + break; + + case SA_SCOPE: + rta->scope = v1.val.i; + break; + + case SA_DEST: + { + int i = v1.val.i; + if ((i != RTD_BLACKHOLE) && (i != RTD_UNREACHABLE) && (i != RTD_PROHIBIT)) + runtime( "Destination can be changed only to blackhole, unreachable or prohibit" ); + + rta->dest = i; + rta->nh.gw = IPA_NONE; + rta->nh.iface = NULL; + rta->nh.next = NULL; + rta->hostentry = NULL; + } + break; + + case SA_IFNAME: + { + struct iface *ifa = if_find_by_name(v1.val.s); + if (!ifa) + runtime( "Invalid iface name" ); + + rta->dest = RTD_UNICAST; + rta->nh.gw = IPA_NONE; + rta->nh.iface = ifa; + rta->nh.next = NULL; + rta->hostentry = NULL; + } + break; + + default: + bug("Invalid static attribute access (%u/%u)", sa.f_type, sa.sa_code); + } + } + } + + INST(FI_EA_GET, 0, 1) { /* Access to extended attributes */ + DYNAMIC_ATTR; + ACCESS_RTE; + ACCESS_EATTRS; + { + eattr *e = ea_find(*fs->eattrs, da.ea_code); + + if (!e) { + /* A special case: undefined as_path looks like empty as_path */ + if (da.type == EAF_TYPE_AS_PATH) { + RESULT(T_PATH, ad, &null_adata); + break; + } + + /* The same special case for int_set */ + if (da.type == EAF_TYPE_INT_SET) { + RESULT(T_CLIST, ad, &null_adata); + break; + } + + /* The same special case for ec_set */ + if (da.type == EAF_TYPE_EC_SET) { + RESULT(T_ECLIST, ad, &null_adata); + break; + } + + /* The same special case for lc_set */ + if (da.type == EAF_TYPE_LC_SET) { + RESULT(T_LCLIST, ad, &null_adata); + break; + } + + /* Undefined value */ + RESULT_VOID; + break; + } + + switch (e->type & EAF_TYPE_MASK) { + case EAF_TYPE_INT: + RESULT(da.f_type, i, e->u.data); + break; + case EAF_TYPE_ROUTER_ID: + RESULT(T_QUAD, i, e->u.data); + break; + case EAF_TYPE_OPAQUE: + RESULT(T_ENUM_EMPTY, i, 0); + break; + case EAF_TYPE_IP_ADDRESS: + RESULT(T_IP, ip, *((ip_addr *) e->u.ptr->data)); + break; + case EAF_TYPE_AS_PATH: + RESULT(T_PATH, ad, e->u.ptr); + break; + case EAF_TYPE_BITFIELD: + RESULT(T_BOOL, i, !!(e->u.data & (1u << da.bit))); + break; + case EAF_TYPE_INT_SET: + RESULT(T_CLIST, ad, e->u.ptr); + break; + case EAF_TYPE_EC_SET: + RESULT(T_ECLIST, ad, e->u.ptr); + break; + case EAF_TYPE_LC_SET: + RESULT(T_LCLIST, ad, e->u.ptr); + break; + case EAF_TYPE_UNDEF: + RESULT_VOID; + break; + default: + bug("Unknown dynamic attribute type"); + } + } + } + + INST(FI_EA_SET, 1, 0) { + ACCESS_RTE; + ACCESS_EATTRS; + ARG_ANY(1); + DYNAMIC_ATTR; + { + struct ea_list *l = lp_alloc(fs->pool, sizeof(struct ea_list) + sizeof(eattr)); + + l->next = NULL; + l->flags = EALF_SORTED; + l->count = 1; + l->attrs[0].id = da.ea_code; + l->attrs[0].flags = 0; + l->attrs[0].type = da.type | EAF_ORIGINATED | EAF_FRESH; + + switch (da.type) { + case EAF_TYPE_INT: + if (v1.type != da.f_type) + runtime( "Setting int attribute to non-int value" ); + l->attrs[0].u.data = v1.val.i; + break; + + case EAF_TYPE_ROUTER_ID: + /* IP->Quad implicit conversion */ + if (val_is_ip4(&v1)) { + l->attrs[0].u.data = ipa_to_u32(v1.val.ip); + break; + } + /* T_INT for backward compatibility */ + if ((v1.type != T_QUAD) && (v1.type != T_INT)) + runtime( "Setting quad attribute to non-quad value" ); + l->attrs[0].u.data = v1.val.i; + break; + + case EAF_TYPE_OPAQUE: + runtime( "Setting opaque attribute is not allowed" ); + break; + + case EAF_TYPE_IP_ADDRESS: + if (v1.type != T_IP) + runtime( "Setting ip attribute to non-ip value" ); + int len = sizeof(ip_addr); + struct adata *ad = lp_alloc(fs->pool, sizeof(struct adata) + len); + ad->length = len; + (* (ip_addr *) ad->data) = v1.val.ip; + l->attrs[0].u.ptr = ad; + break; + + case EAF_TYPE_AS_PATH: + if (v1.type != T_PATH) + runtime( "Setting path attribute to non-path value" ); + l->attrs[0].u.ptr = v1.val.ad; + break; + + case EAF_TYPE_BITFIELD: + if (v1.type != T_BOOL) + runtime( "Setting bit in bitfield attribute to non-bool value" ); + { + /* First, we have to find the old value */ + eattr *e = ea_find(*fs->eattrs, da.ea_code); + u32 data = e ? e->u.data : 0; + + if (v1.val.i) + l->attrs[0].u.data = data | (1u << da.bit); + else + l->attrs[0].u.data = data & ~(1u << da.bit); + } + break; + + case EAF_TYPE_INT_SET: + if (v1.type != T_CLIST) + runtime( "Setting clist attribute to non-clist value" ); + l->attrs[0].u.ptr = v1.val.ad; + break; + + case EAF_TYPE_EC_SET: + if (v1.type != T_ECLIST) + runtime( "Setting eclist attribute to non-eclist value" ); + l->attrs[0].u.ptr = v1.val.ad; + break; + + case EAF_TYPE_LC_SET: + if (v1.type != T_LCLIST) + runtime( "Setting lclist attribute to non-lclist value" ); + l->attrs[0].u.ptr = v1.val.ad; + break; + + default: + bug("Unknown dynamic attribute type"); + } + + f_rta_cow(fs); + l->next = *fs->eattrs; + *fs->eattrs = l; + } + } + + INST(FI_EA_UNSET, 0, 0) { + DYNAMIC_ATTR; + ACCESS_RTE; + ACCESS_EATTRS; + + { + struct ea_list *l = lp_alloc(fs->pool, sizeof(struct ea_list) + sizeof(eattr)); + + l->next = NULL; + l->flags = EALF_SORTED; + l->count = 1; + l->attrs[0].id = da.ea_code; + l->attrs[0].flags = 0; + l->attrs[0].type = EAF_TYPE_UNDEF | EAF_ORIGINATED | EAF_FRESH; + l->attrs[0].u.data = 0; + + f_rta_cow(fs); + l->next = *fs->eattrs; + *fs->eattrs = l; + } + } + + INST(FI_PREF_GET, 0, 1) { + ACCESS_RTE; + RESULT(T_INT, i, (*fs->rte)->pref); + } + + INST(FI_PREF_SET, 1, 0) { + ACCESS_RTE; + ARG(1,T_INT); + if (v1.val.i > 0xFFFF) + runtime( "Setting preference value out of bounds" ); + f_rte_cow(fs); + (*fs->rte)->pref = v1.val.i; + } + + INST(FI_LENGTH, 1, 1) { /* Get length of */ + ARG_ANY(1); + switch(v1.type) { + case T_NET: RESULT(T_INT, i, net_pxlen(v1.val.net)); break; + case T_PATH: RESULT(T_INT, i, as_path_getlen(v1.val.ad)); break; + case T_CLIST: RESULT(T_INT, i, int_set_get_size(v1.val.ad)); break; + case T_ECLIST: RESULT(T_INT, i, ec_set_get_size(v1.val.ad)); break; + case T_LCLIST: RESULT(T_INT, i, lc_set_get_size(v1.val.ad)); break; + default: runtime( "Prefix, path, clist or eclist expected" ); + } + } + + INST(FI_SADR_SRC, 1, 1) { /* Get SADR src prefix */ + ARG(1, T_NET); + if (!net_is_sadr(v1.val.net)) + runtime( "SADR expected" ); + + net_addr_ip6_sadr *net = (void *) v1.val.net; + net_addr *src = falloc(sizeof(net_addr_ip6)); + net_fill_ip6(src, net->src_prefix, net->src_pxlen); + + RESULT(T_NET, net, src); + } + + INST(FI_ROA_MAXLEN, 1, 1) { /* Get ROA max prefix length */ + ARG(1, T_NET); + if (!net_is_roa(v1.val.net)) + runtime( "ROA expected" ); + + RESULT(T_INT, i, (v1.val.net->type == NET_ROA4) ? + ((net_addr_roa4 *) v1.val.net)->max_pxlen : + ((net_addr_roa6 *) v1.val.net)->max_pxlen); + } + + INST(FI_ROA_ASN, 1, 1) { /* Get ROA ASN */ + ARG(1, T_NET); + if (!net_is_roa(v1.val.net)) + runtime( "ROA expected" ); + + RESULT(T_INT, i, (v1.val.net->type == NET_ROA4) ? + ((net_addr_roa4 *) v1.val.net)->asn : + ((net_addr_roa6 *) v1.val.net)->asn); + } + + INST(FI_IP, 1, 1) { /* Convert prefix to ... */ + ARG(1, T_NET); + RESULT(T_IP, ip, net_prefix(v1.val.net)); + } + + INST(FI_ROUTE_DISTINGUISHER, 1, 1) { + ARG(1, T_NET); + if (!net_is_vpn(v1.val.net)) + runtime( "VPN address expected" ); + RESULT(T_RD, ec, net_rd(v1.val.net)); + } + + INST(FI_AS_PATH_FIRST, 1, 1) { /* Get first ASN from AS PATH */ + ARG(1, T_PATH); + int as = 0; + as_path_get_first(v1.val.ad, &as); + RESULT(T_INT, i, as); + } + + INST(FI_AS_PATH_LAST, 1, 1) { /* Get last ASN from AS PATH */ + ARG(1, T_PATH); + int as = 0; + as_path_get_last(v1.val.ad, &as); + RESULT(T_INT, i, as); + } + + INST(FI_AS_PATH_LAST_NAG, 1, 1) { /* Get last ASN from non-aggregated part of AS PATH */ + ARG(1, T_PATH); + RESULT(T_INT, i, as_path_get_last_nonaggregated(v1.val.ad)); + } + + INST(FI_RETURN, 1, 1) { + NEVER_CONSTANT; + /* Acquire the return value */ + ARG_ANY(1); + uint retpos = fstk->vcnt; + + /* Drop every sub-block including ourselves */ + while ((fstk->ecnt-- > 0) && !(fstk->estk[fstk->ecnt].emask & FE_RETURN)) + ; + + /* Now we are at the caller frame; if no such, try to convert to accept/reject. */ + if (!fstk->ecnt) + if (fstk->vstk[retpos].type == T_BOOL) + if (fstk->vstk[retpos].val.i) + return F_ACCEPT; + else + return F_REJECT; + else + runtime("Can't return non-bool from non-function"); + + /* Set the value stack position, overwriting the former implicit void */ + fstk->vcnt = fstk->estk[fstk->ecnt].ventry - 1; + + /* Copy the return value */ + RESULT_VAL(fstk->vstk[retpos]); + } + + INST(FI_CALL, 0, 1) { + NEVER_CONSTANT; + SYMBOL; + + /* Push the body on stack */ + LINEX(sym->function); + curline.emask |= FE_RETURN; + + /* Before this instruction was called, there was the T_VOID + * automatic return value pushed on value stack and also + * sym->function->args function arguments. Setting the + * vbase to point to first argument. */ + ASSERT(curline.ventry >= sym->function->args); + curline.ventry -= sym->function->args; + curline.vbase = curline.ventry; + + /* Storage for local variables */ + memset(&(fstk->vstk[fstk->vcnt]), 0, sizeof(struct f_val) * sym->function->vars); + fstk->vcnt += sym->function->vars; + } + + INST(FI_DROP_RESULT, 1, 0) { + NEVER_CONSTANT; + ARG_ANY(1); + } + + INST(FI_SWITCH, 1, 0) { + ARG_ANY(1); + + FID_MEMBER(struct f_tree *, tree, [[!same_tree(f1->tree, f2->tree)]], "tree %p", item->tree); + + const struct f_tree *t = find_tree(tree, &v1); + if (!t) { + v1.type = T_VOID; + t = find_tree(tree, &v1); + if (!t) { + debug( "No else statement?\n"); + FID_HIC(,break,return NULL); + } + } + /* It is actually possible to have t->data NULL */ + + LINEX(t->data); + } + + INST(FI_IP_MASK, 2, 1) { /* IP.MASK(val) */ + ARG(1, T_IP); + ARG(2, T_INT); + RESULT(T_IP, ip, [[ ipa_is_ip4(v1.val.ip) ? + ipa_from_ip4(ip4_and(ipa_to_ip4(v1.val.ip), ip4_mkmask(v2.val.i))) : + ipa_from_ip6(ip6_and(ipa_to_ip6(v1.val.ip), ip6_mkmask(v2.val.i))) ]]); + } + + INST(FI_PATH_PREPEND, 2, 1) { /* Path prepend */ + ARG(1, T_PATH); + ARG(2, T_INT); + RESULT(T_PATH, ad, [[ as_path_prepend(fpool, v1.val.ad, v2.val.i) ]]); + } + + INST(FI_CLIST_ADD, 2, 1) { /* (Extended) Community list add */ + ARG_ANY(1); + ARG_ANY(2); + if (v1.type == T_PATH) + runtime("Can't add to path"); + + else if (v1.type == T_CLIST) + { + /* Community (or cluster) list */ + struct f_val dummy; + + if ((v2.type == T_PAIR) || (v2.type == T_QUAD)) + RESULT(T_CLIST, ad, [[ int_set_add(fpool, v1.val.ad, v2.val.i) ]]); + /* IP->Quad implicit conversion */ + else if (val_is_ip4(&v2)) + RESULT(T_CLIST, ad, [[ int_set_add(fpool, v1.val.ad, ipa_to_u32(v2.val.ip)) ]]); + else if ((v2.type == T_SET) && clist_set_type(v2.val.t, &dummy)) + runtime("Can't add set"); + else if (v2.type == T_CLIST) + RESULT(T_CLIST, ad, [[ int_set_union(fpool, v1.val.ad, v2.val.ad) ]]); + else + runtime("Can't add non-pair"); + } + + else if (v1.type == T_ECLIST) + { + /* v2.val is either EC or EC-set */ + if ((v2.type == T_SET) && eclist_set_type(v2.val.t)) + runtime("Can't add set"); + else if (v2.type == T_ECLIST) + RESULT(T_ECLIST, ad, [[ ec_set_union(fpool, v1.val.ad, v2.val.ad) ]]); + else if (v2.type != T_EC) + runtime("Can't add non-ec"); + else + RESULT(T_ECLIST, ad, [[ ec_set_add(fpool, v1.val.ad, v2.val.ec) ]]); + } + + else if (v1.type == T_LCLIST) + { + /* v2.val is either LC or LC-set */ + if ((v2.type == T_SET) && lclist_set_type(v2.val.t)) + runtime("Can't add set"); + else if (v2.type == T_LCLIST) + RESULT(T_LCLIST, ad, [[ lc_set_union(fpool, v1.val.ad, v2.val.ad) ]]); + else if (v2.type != T_LC) + runtime("Can't add non-lc"); + else + RESULT(T_LCLIST, ad, [[ lc_set_add(fpool, v1.val.ad, v2.val.lc) ]]); + + } + + else + runtime("Can't add to non-[e|l]clist"); + } + + INST(FI_CLIST_DEL, 2, 1) { /* (Extended) Community list add or delete */ + ARG_ANY(1); + ARG_ANY(2); + if (v1.type == T_PATH) + { + const struct f_tree *set = NULL; + u32 key = 0; + + if (v2.type == T_INT) + key = v2.val.i; + else if ((v2.type == T_SET) && (v2.val.t->from.type == T_INT)) + set = v2.val.t; + else + runtime("Can't delete non-integer (set)"); + + RESULT(T_PATH, ad, [[ as_path_filter(fpool, v1.val.ad, set, key, 0) ]]); + } + + else if (v1.type == T_CLIST) + { + /* Community (or cluster) list */ + struct f_val dummy; + + if ((v2.type == T_PAIR) || (v2.type == T_QUAD)) + RESULT(T_CLIST, ad, [[ int_set_del(fpool, v1.val.ad, v2.val.i) ]]); + /* IP->Quad implicit conversion */ + else if (val_is_ip4(&v2)) + RESULT(T_CLIST, ad, [[ int_set_del(fpool, v1.val.ad, ipa_to_u32(v2.val.ip)) ]]); + else if ((v2.type == T_SET) && clist_set_type(v2.val.t, &dummy) || (v2.type == T_CLIST)) + RESULT(T_CLIST, ad, [[ clist_filter(fpool, v1.val.ad, &v2, 0) ]]); + else + runtime("Can't delete non-pair"); + } + + else if (v1.type == T_ECLIST) + { + /* v2.val is either EC or EC-set */ + if ((v2.type == T_SET) && eclist_set_type(v2.val.t) || (v2.type == T_ECLIST)) + RESULT(T_ECLIST, ad, [[ eclist_filter(fpool, v1.val.ad, &v2, 0) ]]); + else if (v2.type != T_EC) + runtime("Can't delete non-ec"); + else + RESULT(T_ECLIST, ad, [[ ec_set_del(fpool, v1.val.ad, v2.val.ec) ]]); + } + + else if (v1.type == T_LCLIST) + { + /* v2.val is either LC or LC-set */ + if ((v2.type == T_SET) && lclist_set_type(v2.val.t) || (v2.type == T_LCLIST)) + RESULT(T_LCLIST, ad, [[ lclist_filter(fpool, v1.val.ad, &v2, 0) ]]); + else if (v2.type != T_LC) + runtime("Can't delete non-lc"); + else + RESULT(T_LCLIST, ad, [[ lc_set_del(fpool, v1.val.ad, v2.val.lc) ]]); + } + + else + runtime("Can't delete in non-[e|l]clist"); + } + + INST(FI_CLIST_FILTER, 2, 1) { /* (Extended) Community list add or delete */ + ARG_ANY(1); + ARG_ANY(2); + if (v1.type == T_PATH) + { + u32 key = 0; + + if ((v2.type == T_SET) && (v2.val.t->from.type == T_INT)) + RESULT(T_PATH, ad, [[ as_path_filter(fpool, v1.val.ad, v2.val.t, key, 1) ]]); + else + runtime("Can't filter integer"); + } + + else if (v1.type == T_CLIST) + { + /* Community (or cluster) list */ + struct f_val dummy; + + if ((v2.type == T_SET) && clist_set_type(v2.val.t, &dummy) || (v2.type == T_CLIST)) + RESULT(T_CLIST, ad, [[ clist_filter(fpool, v1.val.ad, &v2, 1) ]]); + else + runtime("Can't filter pair"); + } + + else if (v1.type == T_ECLIST) + { + /* v2.val is either EC or EC-set */ + if ((v2.type == T_SET) && eclist_set_type(v2.val.t) || (v2.type == T_ECLIST)) + RESULT(T_ECLIST, ad, [[ eclist_filter(fpool, v1.val.ad, &v2, 1) ]]); + else + runtime("Can't filter ec"); + } + + else if (v1.type == T_LCLIST) + { + /* v2.val is either LC or LC-set */ + if ((v2.type == T_SET) && lclist_set_type(v2.val.t) || (v2.type == T_LCLIST)) + RESULT(T_LCLIST, ad, [[ lclist_filter(fpool, v1.val.ad, &v2, 1) ]]); + else + runtime("Can't filter lc"); + } + + else + runtime("Can't filter non-[e|l]clist"); + } + + INST(FI_ROA_CHECK_IMPLICIT, 0, 1) { /* ROA Check */ + NEVER_CONSTANT; + RTC(1); + struct rtable *table = rtc->table; + ACCESS_RTE; + ACCESS_EATTRS; + const net_addr *net = (*fs->rte)->net->n.addr; + + /* We ignore temporary attributes, probably not a problem here */ + /* 0x02 is a value of BA_AS_PATH, we don't want to include BGP headers */ + eattr *e = ea_find(*fs->eattrs, EA_CODE(PROTOCOL_BGP, 0x02)); + + if (!e || ((e->type & EAF_TYPE_MASK) != EAF_TYPE_AS_PATH)) + runtime("Missing AS_PATH attribute"); + + u32 as = 0; + as_path_get_last(e->u.ptr, &as); + + if (!table) + runtime("Missing ROA table"); + + if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6) + runtime("Table type must be either ROA4 or ROA6"); + + if (table->addr_type != (net->type == NET_IP4 ? NET_ROA4 : NET_ROA6)) + RESULT(T_ENUM_ROA, i, ROA_UNKNOWN); /* Prefix and table type mismatch */ + else + RESULT(T_ENUM_ROA, i, [[ net_roa_check(table, net, as) ]]); + } + + INST(FI_ROA_CHECK_EXPLICIT, 2, 1) { /* ROA Check */ + NEVER_CONSTANT; + ARG(1, T_NET); + ARG(2, T_INT); + RTC(3); + struct rtable *table = rtc->table; + + u32 as = v2.val.i; + + if (!table) + runtime("Missing ROA table"); + + if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6) + runtime("Table type must be either ROA4 or ROA6"); + + if (table->addr_type != (v1.val.net->type == NET_IP4 ? NET_ROA4 : NET_ROA6)) + RESULT(T_ENUM_ROA, i, ROA_UNKNOWN); /* Prefix and table type mismatch */ + else + RESULT(T_ENUM_ROA, i, [[ net_roa_check(table, v1.val.net, as) ]]); + + } + + INST(FI_FORMAT, 1, 0) { /* Format */ + ARG_ANY(1); + RESULT(T_STRING, s, val_format_str(fpool, &v1)); + } + + INST(FI_ASSERT, 1, 0) { /* Birdtest Assert */ + NEVER_CONSTANT; + ARG(1, T_BOOL); + + FID_MEMBER(char *, s, [[strcmp(f1->s, f2->s)]], "string %s", item->s); + + ASSERT(s); + + if (!bt_assert_hook) + runtime("No bt_assert hook registered, can't assert"); + + bt_assert_hook(v1.val.i, what); + } diff --git a/filter/f-inst.h b/filter/f-inst.h new file mode 100644 index 00000000..33fcf4a9 --- /dev/null +++ b/filter/f-inst.h @@ -0,0 +1,73 @@ +/* + * BIRD Internet Routing Daemon -- Filter instructions + * + * (c) 1999 Pavel Machek <pavel@ucw.cz> + * (c) 2018--2019 Maria Matejka <mq@jmq.cz> + * + * Can be freely distributed and used under the terms of the GNU GPL. + * + * Filter interpreter data structures and internal API. + * See filter/f-inst.c for documentation. + */ + +#ifndef _BIRD_F_INST_H_ +#define _BIRD_F_INST_H_ + +#include "nest/bird.h" +#include "conf/conf.h" +#include "filter/filter.h" +#include "filter/data.h" + +/* Flags for instructions */ +enum f_instruction_flags { + FIF_PRINTED = 1, /* FI_PRINT_AND_DIE: message put in buffer */ +} PACKED; + +/* Include generated filter instruction declarations */ +#include "filter/inst-gen.h" + +#define f_new_inst(...) MACRO_CONCAT_AFTER(f_new_inst_, MACRO_FIRST(__VA_ARGS__))(__VA_ARGS__) + +/* Convert the instruction back to the enum name */ +const char *f_instruction_name(enum f_instruction_code fi); + +/* Filter structures for execution */ +/* Line of instructions to be unconditionally executed one after another */ +struct f_line { + uint len; /* Line length */ + u8 args; /* Function: Args required */ + u8 vars; + struct f_line_item items[0]; /* The items themselves */ +}; + +/* Convert the f_inst infix tree to the f_line structures */ +struct f_line *f_linearize_concat(const struct f_inst * const inst[], uint count); +static inline struct f_line *f_linearize(const struct f_inst *root) +{ return f_linearize_concat(&root, 1); } + +void f_dump_line(const struct f_line *, uint indent); + +struct filter *f_new_where(struct f_inst *); +static inline struct f_dynamic_attr f_new_dynamic_attr(u8 type, enum f_type f_type, uint code) /* Type as core knows it, type as filters know it, and code of dynamic attribute */ +{ return (struct f_dynamic_attr) { .type = type, .f_type = f_type, .ea_code = code }; } /* f_type currently unused; will be handy for static type checking */ +static inline struct f_dynamic_attr f_new_dynamic_attr_bit(u8 bit, enum f_type f_type, uint code) /* Type as core knows it, type as filters know it, and code of dynamic attribute */ +{ return (struct f_dynamic_attr) { .type = EAF_TYPE_BITFIELD, .bit = bit, .f_type = f_type, .ea_code = code }; } /* f_type currently unused; will be handy for static type checking */ +static inline struct f_static_attr f_new_static_attr(int f_type, int code, int readonly) +{ return (struct f_static_attr) { .f_type = f_type, .sa_code = code, .readonly = readonly }; } +struct f_inst *f_generate_complex(enum f_instruction_code fi_code, struct f_dynamic_attr da, struct f_inst *argument); +struct f_inst *f_generate_roa_check(struct rtable_config *table, struct f_inst *prefix, struct f_inst *asn); + +/* Hook for call bt_assert() function in configuration */ +extern void (*bt_assert_hook)(int result, const struct f_line_item *assert); + +/* Bird Tests */ +struct f_bt_test_suite { + node n; /* Node in config->tests */ + const struct f_line *fn; /* Root of function */ + const struct f_line *cmp; /* Compare to this function */ + const char *fn_name; /* Name of test */ + const char *dsc; /* Description */ + int result; /* Desired result */ +}; + +#endif diff --git a/filter/f-util.c b/filter/f-util.c index ee9490b4..e61949f2 100644 --- a/filter/f-util.c +++ b/filter/f-util.c @@ -10,103 +10,56 @@ #include "nest/bird.h" #include "conf/conf.h" #include "filter/filter.h" +#include "filter/f-inst.h" #include "lib/idm.h" #include "nest/protocol.h" #include "nest/route.h" #define P(a,b) ((a<<8) | b) -struct f_inst * -f_new_inst(enum f_instruction_code fi_code) -{ - struct f_inst * ret; - ret = cfg_allocz(sizeof(struct f_inst)); - ret->fi_code = fi_code; - ret->lineno = ifs->lino; - return ret; -} - -struct f_inst * -f_new_inst_da(enum f_instruction_code fi_code, struct f_dynamic_attr da) -{ - struct f_inst *ret = f_new_inst(fi_code); - ret->aux = (da.f_type << 8) | da.type; - ret->a2.i = da.ea_code; - return ret; -} - -struct f_inst * -f_new_inst_sa(enum f_instruction_code fi_code, struct f_static_attr sa) -{ - struct f_inst *ret = f_new_inst(fi_code); - ret->aux = sa.f_type; - ret->a2.i = sa.sa_code; - ret->a1.i = sa.readonly; - return ret; -} - -/* - * Generate set_dynamic( operation( get_dynamic(), argument ) ) - */ -struct f_inst * -f_generate_complex(int operation, int operation_aux, struct f_dynamic_attr da, struct f_inst *argument) -{ - struct f_inst *set_dyn = f_new_inst_da(FI_EA_SET, da), - *oper = f_new_inst(operation), - *get_dyn = f_new_inst_da(FI_EA_GET, da); - - oper->aux = operation_aux; - oper->a1.p = get_dyn; - oper->a2.p = argument; - - set_dyn->a1.p = oper; - return set_dyn; -} - -struct f_inst * -f_generate_roa_check(struct rtable_config *table, struct f_inst *prefix, struct f_inst *asn) -{ - struct f_inst_roa_check *ret = cfg_allocz(sizeof(struct f_inst_roa_check)); - ret->i.fi_code = FI_ROA_CHECK; - ret->i.lineno = ifs->lino; - ret->i.arg1 = prefix; - ret->i.arg2 = asn; - /* prefix == NULL <-> asn == NULL */ - - if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6) - cf_error("%s is not a ROA table", table->name); - ret->rtc = table; - - return &ret->i; -} - -static const char * const f_instruction_name_str[] = { -#define F(c,a,b) \ - [c] = #c, -FI__LIST -#undef F -}; - const char * -f_instruction_name(enum f_instruction_code fi) -{ - if (fi < FI__MAX) - return f_instruction_name_str[fi]; - else - bug("Got unknown instruction code: %d", fi); -} - -char * -filter_name(struct filter *filter) +filter_name(const struct filter *filter) { if (!filter) return "ACCEPT"; else if (filter == FILTER_REJECT) return "REJECT"; - else if (!filter->name) + else if (!filter->sym) return "(unnamed)"; else - return filter->name; + return filter->sym->name; +} + +struct filter *f_new_where(struct f_inst *where) +{ + struct f_inst acc = { + .fi_code = FI_DIE, + .lineno = ifs->lino, + .size = 1, + .i_FI_DIE = { .fret = F_ACCEPT, }, + }; + + struct f_inst rej = { + .fi_code = FI_DIE, + .lineno = ifs->lino, + .size = 1, + .i_FI_DIE = { .fret = F_REJECT, }, + }; + + struct f_inst i = { + .fi_code = FI_CONDITION, + .lineno = ifs->lino, + .size = 3 + where->size, + .i_FI_CONDITION = { + .f1 = where, + .f2 = &acc, + .f3 = &rej, + }, + }; + + struct filter *f = cfg_allocz(sizeof(struct filter)); + f->root = f_linearize(&i); + return f; } #define CA_KEY(n) n->name, n->fda.type diff --git a/filter/filter.c b/filter/filter.c index 37cf16a3..35bd75e6 100644 --- a/filter/filter.c +++ b/filter/filter.c @@ -15,20 +15,13 @@ * the source from user into a tree of &f_inst structures. These trees are * later interpreted using code in |filter/filter.c|. * - * A filter is represented by a tree of &f_inst structures, one structure per - * "instruction". Each &f_inst contains @code, @aux value which is - * usually the data type this instruction operates on and two generic - * arguments (@a1, @a2). Some instructions contain pointer(s) to other - * instructions in their (@a1, @a2) fields. + * A filter is represented by a tree of &f_inst structures, later translated + * into lists called &f_line. All the instructions are defined and documented + * in |filter/f-inst.c| definition file. * * Filters use a &f_val structure for their data. Each &f_val - * contains type and value (types are constants prefixed with %T_). Few - * of the types are special; %T_RETURN can be or-ed with a type to indicate - * that return from a function or from the whole filter should be - * forced. Important thing about &f_val's is that they may be copied - * with a simple |=|. That's fine for all currently defined types: strings - * are read-only (and therefore okay), paths are copied for each - * operation (okay too). + * contains type and value (types are constants prefixed with %T_). + * Look into |filter/data.h| for more information and appropriate calls. */ #undef LOCAL_DEBUG @@ -47,583 +40,109 @@ #include "nest/attrs.h" #include "conf/conf.h" #include "filter/filter.h" +#include "filter/f-inst.h" +#include "filter/data.h" -#define CMP_ERROR 999 -void (*bt_assert_hook)(int result, struct f_inst *assert); +/* Exception bits */ +enum f_exception { + FE_RETURN = 0x1, +}; -static struct adata undef_adata; /* adata of length 0 used for undefined */ -/* Special undef value for paths and clists */ -static inline int -undef_value(struct f_val v) -{ - return ((v.type == T_PATH) || (v.type == T_CLIST) || - (v.type == T_ECLIST) || (v.type == T_LCLIST)) && - (v.val.ad == &undef_adata); -} - -static struct adata * -adata_empty(struct linpool *pool, int l) -{ - struct adata *res = lp_alloc(pool, sizeof(struct adata) + l); - res->length = l; - return res; -} - -static void -pm_format(struct f_path_mask *p, buffer *buf) -{ - buffer_puts(buf, "[= "); - - while (p) - { - switch(p->kind) - { - case PM_ASN: - buffer_print(buf, "%u ", p->val); - break; - - case PM_QUESTION: - buffer_puts(buf, "? "); - break; - - case PM_ASTERISK: - buffer_puts(buf, "* "); - break; - - case PM_ASN_RANGE: - buffer_print(buf, "%u..%u ", p->val, p->val2); - break; - - case PM_ASN_EXPR: - ASSERT(0); - } - - p = p->next; - } - - buffer_puts(buf, "=]"); -} - -static inline int val_is_ip4(const struct f_val v) -{ return (v.type == T_IP) && ipa_is_ip4(v.val.ip); } - -static inline int -lcomm_cmp(lcomm v1, lcomm v2) -{ - if (v1.asn != v2.asn) - return (v1.asn > v2.asn) ? 1 : -1; - if (v1.ldp1 != v2.ldp1) - return (v1.ldp1 > v2.ldp1) ? 1 : -1; - if (v1.ldp2 != v2.ldp2) - return (v1.ldp2 > v2.ldp2) ? 1 : -1; - return 0; -} - -/** - * val_compare - compare two values - * @v1: first value - * @v2: second value - * - * Compares two values and returns -1, 0, 1 on <, =, > or CMP_ERROR on - * error. Tree module relies on this giving consistent results so - * that it can be used for building balanced trees. - */ -int -val_compare(struct f_val v1, struct f_val v2) -{ - if (v1.type != v2.type) { - if (v1.type == T_VOID) /* Hack for else */ - return -1; - if (v2.type == T_VOID) - return 1; - - /* IP->Quad implicit conversion */ - if ((v1.type == T_QUAD) && val_is_ip4(v2)) - return uint_cmp(v1.val.i, ipa_to_u32(v2.val.ip)); - if (val_is_ip4(v1) && (v2.type == T_QUAD)) - return uint_cmp(ipa_to_u32(v1.val.ip), v2.val.i); - - debug( "Types do not match in val_compare\n" ); - return CMP_ERROR; - } - - switch (v1.type) { - case T_VOID: - return 0; - case T_ENUM: - case T_INT: - case T_BOOL: - case T_PAIR: - case T_QUAD: - return uint_cmp(v1.val.i, v2.val.i); - case T_EC: - case T_RD: - return u64_cmp(v1.val.ec, v2.val.ec); - case T_LC: - return lcomm_cmp(v1.val.lc, v2.val.lc); - case T_IP: - return ipa_compare(v1.val.ip, v2.val.ip); - case T_NET: - return net_compare(v1.val.net, v2.val.net); - case T_STRING: - return strcmp(v1.val.s, v2.val.s); - default: - return CMP_ERROR; - } -} - -static int -pm_same(struct f_path_mask *m1, struct f_path_mask *m2) -{ - while (m1 && m2) - { - if (m1->kind != m2->kind) - return 0; - - if (m1->kind == PM_ASN_EXPR) - { - if (!i_same((struct f_inst *) m1->val, (struct f_inst *) m2->val)) - return 0; - } - else - { - if ((m1->val != m2->val) || (m1->val2 != m2->val2)) - return 0; - } - - m1 = m1->next; - m2 = m2->next; - } - - return !m1 && !m2; -} - -/** - * val_same - compare two values - * @v1: first value - * @v2: second value - * - * Compares two values and returns 1 if they are same and 0 if not. - * Comparison of values of different types is valid and returns 0. - */ -int -val_same(struct f_val v1, struct f_val v2) -{ - int rc; - - rc = val_compare(v1, v2); - if (rc != CMP_ERROR) - return !rc; - - if (v1.type != v2.type) - return 0; - - switch (v1.type) { - case T_PATH_MASK: - return pm_same(v1.val.path_mask, v2.val.path_mask); - case T_PATH: - case T_CLIST: - case T_ECLIST: - case T_LCLIST: - return adata_same(v1.val.ad, v2.val.ad); - case T_SET: - return same_tree(v1.val.t, v2.val.t); - case T_PREFIX_SET: - return trie_same(v1.val.ti, v2.val.ti); - default: - bug("Invalid type in val_same(): %x", v1.type); - } -} - -static int -clist_set_type(struct f_tree *set, struct f_val *v) -{ - switch (set->from.type) - { - case T_PAIR: - v->type = T_PAIR; - return 1; - - case T_QUAD: - v->type = T_QUAD; - return 1; - - case T_IP: - if (val_is_ip4(set->from) && val_is_ip4(set->to)) - { - v->type = T_QUAD; - return 1; - } - /* Fall through */ - default: - v->type = T_VOID; - return 0; - } -} - -static inline int -eclist_set_type(struct f_tree *set) -{ return set->from.type == T_EC; } - -static inline int -lclist_set_type(struct f_tree *set) -{ return set->from.type == T_LC; } - -static int -clist_match_set(struct adata *clist, struct f_tree *set) -{ - if (!clist) - return 0; - - struct f_val v; - if (!clist_set_type(set, &v)) - return CMP_ERROR; - - u32 *l = (u32 *) clist->data; - u32 *end = l + clist->length/4; - - while (l < end) { - v.val.i = *l++; - if (find_tree(set, v)) - return 1; - } - return 0; -} - -static int -eclist_match_set(struct adata *list, struct f_tree *set) -{ - if (!list) - return 0; - - if (!eclist_set_type(set)) - return CMP_ERROR; - - struct f_val v; - u32 *l = int_set_get_data(list); - int len = int_set_get_size(list); - int i; - - v.type = T_EC; - for (i = 0; i < len; i += 2) { - v.val.ec = ec_get(l, i); - if (find_tree(set, v)) - return 1; - } - - return 0; -} - -static int -lclist_match_set(struct adata *list, struct f_tree *set) -{ - if (!list) - return 0; - - if (!lclist_set_type(set)) - return CMP_ERROR; - - struct f_val v; - u32 *l = int_set_get_data(list); - int len = int_set_get_size(list); - int i; - - v.type = T_LC; - for (i = 0; i < len; i += 3) { - v.val.lc = lc_get(l, i); - if (find_tree(set, v)) - return 1; - } - - return 0; -} - -static struct adata * -clist_filter(struct linpool *pool, struct adata *list, struct f_val set, int pos) -{ - if (!list) - return NULL; - - int tree = (set.type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */ - struct f_val v; - if (tree) - clist_set_type(set.val.t, &v); - else - v.type = T_PAIR; - - int len = int_set_get_size(list); - u32 *l = int_set_get_data(list); - u32 tmp[len]; - u32 *k = tmp; - u32 *end = l + len; - - while (l < end) { - v.val.i = *l++; - /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */ - if ((tree ? !!find_tree(set.val.t, v) : int_set_contains(set.val.ad, v.val.i)) == pos) - *k++ = v.val.i; - } - - uint nl = (k - tmp) * sizeof(u32); - if (nl == list->length) - return list; - - struct adata *res = adata_empty(pool, nl); - memcpy(res->data, tmp, nl); - return res; -} - -static struct adata * -eclist_filter(struct linpool *pool, struct adata *list, struct f_val set, int pos) -{ - if (!list) - return NULL; - - int tree = (set.type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */ - struct f_val v; - - int len = int_set_get_size(list); - u32 *l = int_set_get_data(list); - u32 tmp[len]; - u32 *k = tmp; - int i; - - v.type = T_EC; - for (i = 0; i < len; i += 2) { - v.val.ec = ec_get(l, i); - /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */ - if ((tree ? !!find_tree(set.val.t, v) : ec_set_contains(set.val.ad, v.val.ec)) == pos) { - *k++ = l[i]; - *k++ = l[i+1]; - } - } - - uint nl = (k - tmp) * sizeof(u32); - if (nl == list->length) - return list; - - struct adata *res = adata_empty(pool, nl); - memcpy(res->data, tmp, nl); - return res; -} - -static struct adata * -lclist_filter(struct linpool *pool, struct adata *list, struct f_val set, int pos) -{ - if (!list) - return NULL; - - int tree = (set.type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */ - struct f_val v; - - int len = int_set_get_size(list); - u32 *l = int_set_get_data(list); - u32 tmp[len]; - u32 *k = tmp; - int i; - - v.type = T_LC; - for (i = 0; i < len; i += 3) { - v.val.lc = lc_get(l, i); - /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */ - if ((tree ? !!find_tree(set.val.t, v) : lc_set_contains(set.val.ad, v.val.lc)) == pos) - k = lc_copy(k, l+i); - } - - uint nl = (k - tmp) * sizeof(u32); - if (nl == list->length) - return list; - - struct adata *res = adata_empty(pool, nl); - memcpy(res->data, tmp, nl); - return res; -} - -/** - * val_in_range - implement |~| operator - * @v1: element - * @v2: set - * - * Checks if @v1 is element (|~| operator) of @v2. - */ -static int -val_in_range(struct f_val v1, struct f_val v2) -{ - if ((v1.type == T_PATH) && (v2.type == T_PATH_MASK)) - return as_path_match(v1.val.ad, v2.val.path_mask); +struct filter_stack { + /* Value stack for execution */ +#define F_VAL_STACK_MAX 4096 + uint vcnt; /* Current value stack size; 0 for empty */ + uint ecnt; /* Current execute stack size; 0 for empty */ - if ((v1.type == T_INT) && (v2.type == T_PATH)) - return as_path_contains(v2.val.ad, v1.val.i, 1); + struct f_val vstk[F_VAL_STACK_MAX]; /* The stack itself */ - if (((v1.type == T_PAIR) || (v1.type == T_QUAD)) && (v2.type == T_CLIST)) - return int_set_contains(v2.val.ad, v1.val.i); - /* IP->Quad implicit conversion */ - if (val_is_ip4(v1) && (v2.type == T_CLIST)) - return int_set_contains(v2.val.ad, ipa_to_u32(v1.val.ip)); + /* Instruction stack for execution */ +#define F_EXEC_STACK_MAX 4096 + struct { + const struct f_line *line; /* The line that is being executed */ + uint pos; /* Instruction index in the line */ + uint ventry; /* Value stack depth on entry */ + uint vbase; /* Where to index variable positions from */ + enum f_exception emask; /* Exception mask */ + } estk[F_EXEC_STACK_MAX]; +}; - if ((v1.type == T_EC) && (v2.type == T_ECLIST)) - return ec_set_contains(v2.val.ad, v1.val.ec); +/* Internal filter state, to be allocated on stack when executing filters */ +struct filter_state { + /* Stacks needed for execution */ + struct filter_stack *stack; - if ((v1.type == T_LC) && (v2.type == T_LCLIST)) - return lc_set_contains(v2.val.ad, v1.val.lc); + /* The route we are processing. This may be NULL to indicate no route available. */ + struct rte **rte; - if ((v1.type == T_STRING) && (v2.type == T_STRING)) - return patmatch(v2.val.s, v1.val.s); + /* The old rta to be freed after filters are done. */ + struct rta *old_rta; - if ((v1.type == T_IP) && (v2.type == T_NET)) - return ipa_in_netX(v1.val.ip, v2.val.net); + /* Cached pointer to ea_list */ + struct ea_list **eattrs; - if ((v1.type == T_NET) && (v2.type == T_NET)) - return net_in_netX(v1.val.net, v2.val.net); + /* Linpool for adata allocation */ + struct linpool *pool; - if ((v1.type == T_NET) && (v2.type == T_PREFIX_SET)) - return trie_match_net(v2.val.ti, v1.val.net); + /* Buffer for log output */ + struct buffer buf; - if (v2.type != T_SET) - return CMP_ERROR; + /* Filter execution flags */ + int flags; +}; - /* With integrated Quad<->IP implicit conversion */ - if ((v1.type == v2.val.t->from.type) || - ((v1.type == T_QUAD) && val_is_ip4(v2.val.t->from) && val_is_ip4(v2.val.t->to))) - return !!find_tree(v2.val.t, v1); +_Thread_local static struct filter_state filter_state; +_Thread_local static struct filter_stack filter_stack; - if (v1.type == T_CLIST) - return clist_match_set(v1.val.ad, v2.val.t); +void (*bt_assert_hook)(int result, const struct f_line_item *assert); - if (v1.type == T_ECLIST) - return eclist_match_set(v1.val.ad, v2.val.t); - - if (v1.type == T_LCLIST) - return lclist_match_set(v1.val.ad, v2.val.t); - - if (v1.type == T_PATH) - return as_path_match_set(v1.val.ad, v2.val.t); - - return CMP_ERROR; -} - -/* - * val_format - format filter value - */ -void -val_format(struct f_val v, buffer *buf) -{ - char buf2[1024]; - switch (v.type) - { - case T_VOID: buffer_puts(buf, "(void)"); return; - case T_BOOL: buffer_puts(buf, v.val.i ? "TRUE" : "FALSE"); return; - case T_INT: buffer_print(buf, "%u", v.val.i); return; - case T_STRING: buffer_print(buf, "%s", v.val.s); return; - case T_IP: buffer_print(buf, "%I", v.val.ip); return; - case T_NET: buffer_print(buf, "%N", v.val.net); return; - case T_PAIR: buffer_print(buf, "(%u,%u)", v.val.i >> 16, v.val.i & 0xffff); return; - case T_QUAD: buffer_print(buf, "%R", v.val.i); return; - case T_EC: ec_format(buf2, v.val.ec); buffer_print(buf, "%s", buf2); return; - case T_LC: lc_format(buf2, v.val.lc); buffer_print(buf, "%s", buf2); return; - case T_RD: rd_format(v.val.ec, buf2, 1024); buffer_print(buf, "%s", buf2); return; - case T_PREFIX_SET: trie_format(v.val.ti, buf); return; - case T_SET: tree_format(v.val.t, buf); return; - case T_ENUM: buffer_print(buf, "(enum %x)%u", v.type, v.val.i); return; - case T_PATH: as_path_format(v.val.ad, buf2, 1000); buffer_print(buf, "(path %s)", buf2); return; - case T_CLIST: int_set_format(v.val.ad, 1, -1, buf2, 1000); buffer_print(buf, "(clist %s)", buf2); return; - case T_ECLIST: ec_set_format(v.val.ad, -1, buf2, 1000); buffer_print(buf, "(eclist %s)", buf2); return; - case T_LCLIST: lc_set_format(v.val.ad, -1, buf2, 1000); buffer_print(buf, "(lclist %s)", buf2); return; - case T_PATH_MASK: pm_format(v.val.path_mask, buf); return; - default: buffer_print(buf, "[unknown type %x]", v.type); return; - } -} - -static struct rte **f_rte; -static struct rta *f_old_rta; -static struct ea_list **f_eattrs; -static struct linpool *f_pool; -static struct buffer f_buf; -static int f_flags; - -static inline void f_cache_eattrs(void) +static inline void f_cache_eattrs(struct filter_state *fs) { - f_eattrs = &((*f_rte)->attrs->eattrs); + fs->eattrs = &((*fs->rte)->attrs->eattrs); } -static inline void f_rte_cow(void) +static inline void f_rte_cow(struct filter_state *fs) { - if (!((*f_rte)->flags & REF_COW)) + if (!((*fs->rte)->flags & REF_COW)) return; - *f_rte = rte_do_cow(*f_rte); + *fs->rte = rte_cow(*fs->rte); } /* * rta_cow - prepare rta for modification by filter */ static void -f_rta_cow(void) +f_rta_cow(struct filter_state *fs) { - if (!rta_is_cached((*f_rte)->attrs)) + if (!rta_is_cached((*fs->rte)->attrs)) return; /* Prepare to modify rte */ - f_rte_cow(); + f_rte_cow(fs); /* Store old rta to free it later, it stores reference from rte_cow() */ - f_old_rta = (*f_rte)->attrs; + fs->old_rta = (*fs->rte)->attrs; /* * Get shallow copy of rta. Fields eattrs and nexthops of rta are shared - * with f_old_rta (they will be copied when the cached rta will be obtained + * with fs->old_rta (they will be copied when the cached rta will be obtained * at the end of f_run()), also the lock of hostentry is inherited (we * suppose hostentry is not changed by filters). */ - (*f_rte)->attrs = rta_do_cow((*f_rte)->attrs, f_pool); + (*fs->rte)->attrs = rta_do_cow((*fs->rte)->attrs, fs->pool); /* Re-cache the ea_list */ - f_cache_eattrs(); -} - -static char * -val_format_str(struct f_val v) { - buffer b; - LOG_BUFFER_INIT(b); - val_format(v, &b); - return lp_strdup(f_pool, b.start); + f_cache_eattrs(fs); } static struct tbf rl_runtime_err = TBF_DEFAULT_LOG_LIMITS; -#define runtime(fmt, ...) do { \ - if (!(f_flags & FF_SILENT)) \ - log_rl(&rl_runtime_err, L_ERR "filters, line %d: " fmt, what->lineno, ##__VA_ARGS__); \ - res.type = T_RETURN; \ - res.val.i = F_ERROR; \ - return res; \ - } while(0) - -#define ARG_ANY(n) INTERPRET(v##n, what->a##n.p) - -#define ARG(n,t) ARG_ANY(n) \ - if (v##n.type != t) \ - runtime("Argument %d of instruction %s must be of type %02x, got %02x", \ - n, f_instruction_name(what->fi_code), t, v##n.type); - -#define INTERPRET(val, what_) \ - val = interpret(what_); \ - if (val.type & T_RETURN) \ - return val; - -#define ACCESS_RTE \ - do { if (!f_rte) runtime("No route to access"); } while (0) - -#define ACCESS_EATTRS \ - do { if (!f_eattrs) f_cache_eattrs(); } while (0) - -#define BITFIELD_MASK(what) \ - (1u << (what->a2.i >> 24)) - /** * interpret + * @fs: filter state * @what: filter to interpret * * Interpret given tree of filter instructions. This is core function @@ -635,1099 +154,88 @@ static struct tbf rl_runtime_err = TBF_DEFAULT_LOG_LIMITS; * are either integers, or pointers to instruction trees. Common * instructions like +, that have two expressions as arguments use * TWOARGS macro to get both of them evaluated. - * - * &f_val structures are copied around, so there are no problems with - * memory managment. */ -static struct f_val -interpret(struct f_inst *what) +static enum filter_return +interpret(struct filter_state *fs, const struct f_line *line, struct f_val *val) { - struct symbol *sym; - struct f_val v1, v2, v3, res = { .type = T_VOID }, *vp; - unsigned u1, u2; - int i; - u32 as; - - for ( ; what; what = what->next) { - res.type = T_VOID; - switch(what->fi_code) { -/* Binary operators */ - case FI_ADD: - ARG(1,T_INT); - ARG(2,T_INT); - res.type = T_INT; - res.val.i = v1.val.i + v2.val.i; - break; - case FI_SUBTRACT: - ARG(1,T_INT); - ARG(2,T_INT); - res.type = T_INT; - res.val.i = v1.val.i - v2.val.i; - break; - case FI_MULTIPLY: - ARG(1,T_INT); - ARG(2,T_INT); - res.type = T_INT; - res.val.i = v1.val.i * v2.val.i; - break; - case FI_DIVIDE: - ARG(1,T_INT); - ARG(2,T_INT); - res.type = T_INT; - if (v2.val.i == 0) runtime( "Mother told me not to divide by 0" ); - res.val.i = v1.val.i / v2.val.i; - break; - case FI_AND: - case FI_OR: - ARG(1,T_BOOL); - if (v1.val.i == (what->fi_code == FI_OR)) { - res.type = T_BOOL; - res.val.i = v1.val.i; - } else { - ARG(2,T_BOOL); - res = v2; - } - break; - case FI_PAIR_CONSTRUCT: - ARG(1,T_INT); - ARG(2,T_INT); - u1 = v1.val.i; - u2 = v2.val.i; - if ((u1 > 0xFFFF) || (u2 > 0xFFFF)) - runtime( "Can't operate with value out of bounds in pair constructor" ); - res.val.i = (u1 << 16) | u2; - res.type = T_PAIR; - break; - - case FI_EC_CONSTRUCT: - { - ARG_ANY(1); - ARG(2, T_INT); - - int check, ipv4_used; - u32 key, val; - - if (v1.type == T_INT) { - ipv4_used = 0; key = v1.val.i; - } - else if (v1.type == T_QUAD) { - ipv4_used = 1; key = v1.val.i; - } - /* IP->Quad implicit conversion */ - else if (val_is_ip4(v1)) { - ipv4_used = 1; key = ipa_to_u32(v1.val.ip); - } - else - runtime("Can't operate with key of non-integer/IPv4 type in EC constructor"); - - val = v2.val.i; - - /* XXXX */ - res.type = T_EC; - - if (what->aux == EC_GENERIC) { - check = 0; res.val.ec = ec_generic(key, val); - } - else if (ipv4_used) { - check = 1; res.val.ec = ec_ip4(what->aux, key, val); - } - else if (key < 0x10000) { - check = 0; res.val.ec = ec_as2(what->aux, key, val); - } - else { - check = 1; res.val.ec = ec_as4(what->aux, key, val); - } - - if (check && (val > 0xFFFF)) - runtime("Can't operate with value out of bounds in EC constructor"); - - break; - } - - case FI_LC_CONSTRUCT: - { - ARG(1, T_INT); - ARG(2, T_INT); - ARG(3, T_INT); - - res.type = T_LC; - res.val.lc = (lcomm) { v1.val.i, v2.val.i, v3.val.i }; - - break; - } - - case FI_PATHMASK_CONSTRUCT: - { - struct f_path_mask *tt = what->a1.p, *vbegin, **vv = &vbegin; - - while (tt) { - *vv = lp_alloc(f_pool, sizeof(struct f_path_mask)); - if (tt->kind == PM_ASN_EXPR) { - struct f_val res; - INTERPRET(res, (struct f_inst *) tt->val); - (*vv)->kind = PM_ASN; - if (res.type != T_INT) { - runtime( "Error resolving path mask template: value not an integer" ); - return (struct f_val) { .type = T_VOID }; - } - - (*vv)->val = res.val.i; - } else { - **vv = *tt; - } - tt = tt->next; - vv = &((*vv)->next); - } - - res = (struct f_val) { .type = T_PATH_MASK, .val.path_mask = vbegin }; - break; - } - -/* Relational operators */ - -#define COMPARE(x) \ - ARG_ANY(1); \ - ARG_ANY(2); \ - i = val_compare(v1, v2); \ - if (i==CMP_ERROR) \ - runtime( "Can't compare values of incompatible types" ); \ - res.type = T_BOOL; \ - res.val.i = (x); \ - break; - -#define SAME(x) \ - ARG_ANY(1); \ - ARG_ANY(2); \ - i = val_same(v1, v2); \ - res.type = T_BOOL; \ - res.val.i = (x); \ - break; - - case FI_NEQ: SAME(!i); - case FI_EQ: SAME(i); - case FI_LT: COMPARE(i==-1); - case FI_LTE: COMPARE(i!=1); - - case FI_NOT: - ARG(1,T_BOOL); - res = v1; - res.val.i = !res.val.i; - break; - - case FI_MATCH: - ARG_ANY(1); - ARG_ANY(2); - res.type = T_BOOL; - res.val.i = val_in_range(v1, v2); - if (res.val.i == CMP_ERROR) - runtime( "~ applied on unknown type pair" ); - res.val.i = !!res.val.i; - break; - - case FI_NOT_MATCH: - ARG_ANY(1); - ARG_ANY(2); - res.type = T_BOOL; - res.val.i = val_in_range(v1, v2); - if (res.val.i == CMP_ERROR) - runtime( "!~ applied on unknown type pair" ); - res.val.i = !res.val.i; - break; - - case FI_DEFINED: - ARG_ANY(1); - res.type = T_BOOL; - res.val.i = (v1.type != T_VOID) && !undef_value(v1); - break; - case FI_TYPE: - ARG_ANY(1); /* There may be more types supporting this operation */ - switch (v1.type) - { - case T_NET: - res.type = T_ENUM_NETTYPE; - res.val.i = v1.val.net->type; - break; - default: - runtime( "Can't determine type of this item" ); - } - break; - case FI_IS_V4: - ARG(1, T_IP); - res.type = T_BOOL; - res.val.i = ipa_is_ip4(v1.val.ip); - break; - - /* Set to indirect value, a1 = variable, a2 = value */ - case FI_SET: - ARG_ANY(2); - sym = what->a1.p; - vp = sym->def; - if ((sym->class != (SYM_VARIABLE | v2.type)) && (v2.type != T_VOID)) - { - /* IP->Quad implicit conversion */ - if ((sym->class == (SYM_VARIABLE | T_QUAD)) && val_is_ip4(v2)) - { - vp->type = T_QUAD; - vp->val.i = ipa_to_u32(v2.val.ip); - break; - } - runtime( "Assigning to variable of incompatible type" ); - } - *vp = v2; - break; - - /* some constants have value in a2, some in *a1.p, strange. */ - case FI_CONSTANT: /* integer (or simple type) constant, string, set, or prefix_set */ - res.type = what->aux; - - if (res.type == T_PREFIX_SET) - res.val.ti = what->a2.p; - else if (res.type == T_SET) - res.val.t = what->a2.p; - else if (res.type == T_STRING) - res.val.s = what->a2.p; - else - res.val.i = what->a2.i; - break; - case FI_VARIABLE: - case FI_CONSTANT_INDIRECT: - res = * ((struct f_val *) what->a1.p); - break; - case FI_PRINT: - ARG_ANY(1); - val_format(v1, &f_buf); - break; - case FI_CONDITION: /* ? has really strange error value, so we can implement if ... else nicely :-) */ - ARG(1, T_BOOL); - if (v1.val.i) { - ARG_ANY(2); - res.val.i = 0; - } else - res.val.i = 1; - res.type = T_BOOL; - break; - case FI_NOP: - debug( "No operation\n" ); - break; - case FI_PRINT_AND_DIE: - ARG_ANY(1); - if ((what->a2.i == F_NOP || (what->a2.i != F_NONL && what->a1.p)) && - !(f_flags & FF_SILENT)) - log_commit(*L_INFO, &f_buf); - - switch (what->a2.i) { - case F_QUITBIRD: - die( "Filter asked me to die" ); - case F_ACCEPT: - /* Should take care about turning ACCEPT into MODIFY */ - case F_ERROR: - case F_REJECT: /* FIXME (noncritical) Should print complete route along with reason to reject route */ - res.type = T_RETURN; - res.val.i = what->a2.i; - return res; /* We have to return now, no more processing. */ - case F_NONL: - case F_NOP: - break; - default: - bug( "unknown return type: Can't happen"); - } - break; - case FI_RTA_GET: /* rta access */ - { - ACCESS_RTE; - struct rta *rta = (*f_rte)->attrs; - res.type = what->aux; - - switch (what->a2.i) - { - case SA_FROM: res.val.ip = rta->from; break; - case SA_GW: res.val.ip = rta->nh.gw; break; - case SA_NET: res.val.net = (*f_rte)->net->n.addr; break; - case SA_PROTO: res.val.s = rta->src->proto->name; break; - case SA_SOURCE: res.val.i = rta->source; break; - case SA_SCOPE: res.val.i = rta->scope; break; - case SA_DEST: res.val.i = rta->dest; break; - case SA_IFNAME: res.val.s = rta->nh.iface ? rta->nh.iface->name : ""; break; - case SA_IFINDEX: res.val.i = rta->nh.iface ? rta->nh.iface->index : 0; break; - - default: - bug("Invalid static attribute access (%x)", res.type); - } - } - break; - case FI_RTA_SET: - ACCESS_RTE; - ARG_ANY(1); - if (what->aux != v1.type) - runtime( "Attempt to set static attribute to incompatible type" ); - - f_rta_cow(); - { - struct rta *rta = (*f_rte)->attrs; - - switch (what->a2.i) - { - case SA_FROM: - rta->from = v1.val.ip; - break; - - case SA_GW: - { - ip_addr ip = v1.val.ip; - neighbor *n = neigh_find(rta->src->proto, ip, NULL, 0); - if (!n || (n->scope == SCOPE_HOST)) - runtime( "Invalid gw address" ); - - rta->dest = RTD_UNICAST; - rta->nh.gw = ip; - rta->nh.iface = n->iface; - rta->nh.next = NULL; - rta->hostentry = NULL; - } - break; - - case SA_SCOPE: - rta->scope = v1.val.i; - break; + /* No arguments allowed */ + ASSERT(line->args == 0); - case SA_DEST: - i = v1.val.i; - if ((i != RTD_BLACKHOLE) && (i != RTD_UNREACHABLE) && (i != RTD_PROHIBIT)) - runtime( "Destination can be changed only to blackhole, unreachable or prohibit" ); + /* Initialize the filter stack */ + struct filter_stack *fstk = fs->stack; - rta->dest = i; - rta->nh.gw = IPA_NONE; - rta->nh.iface = NULL; - rta->nh.next = NULL; - rta->hostentry = NULL; - break; - - case SA_IFNAME: - { - struct iface *ifa = if_find_by_name(v1.val.s); - if (!ifa) - runtime( "Invalid iface name" ); - - rta->dest = RTD_UNICAST; - rta->nh.gw = IPA_NONE; - rta->nh.iface = ifa; - rta->nh.next = NULL; - rta->hostentry = NULL; - } - break; - - default: - bug("Invalid static attribute access (%x)", res.type); - } - } - break; - case FI_EA_GET: /* Access to extended attributes */ - ACCESS_RTE; - ACCESS_EATTRS; - { - u16 code = what->a2.i; - int f_type = what->aux >> 8; - eattr *e = ea_find(*f_eattrs, code); - - if (!e) { - /* A special case: undefined as_path looks like empty as_path */ - if ((what->aux & EAF_TYPE_MASK) == EAF_TYPE_AS_PATH) { - res.type = T_PATH; - res.val.ad = &undef_adata; - break; - } - - /* The same special case for int_set */ - if ((what->aux & EAF_TYPE_MASK) == EAF_TYPE_INT_SET) { - res.type = T_CLIST; - res.val.ad = &undef_adata; - break; - } - - /* The same special case for ec_set */ - if ((what->aux & EAF_TYPE_MASK) == EAF_TYPE_EC_SET) { - res.type = T_ECLIST; - res.val.ad = &undef_adata; - break; - } - - /* The same special case for lc_set */ - if ((what->aux & EAF_TYPE_MASK) == EAF_TYPE_LC_SET) { - res.type = T_LCLIST; - res.val.ad = &undef_adata; - break; - } - - /* Undefined value */ - res.type = T_VOID; - break; - } - - switch (e->type & EAF_TYPE_MASK) { - case EAF_TYPE_INT: - res.type = f_type; - res.val.i = e->u.data; - break; - case EAF_TYPE_ROUTER_ID: - res.type = T_QUAD; - res.val.i = e->u.data; - break; - case EAF_TYPE_OPAQUE: - res.type = T_ENUM_EMPTY; - res.val.i = 0; - break; - case EAF_TYPE_IP_ADDRESS: - res.type = T_IP; - struct adata * ad = e->u.ptr; - res.val.ip = * (ip_addr *) ad->data; - break; - case EAF_TYPE_AS_PATH: - res.type = T_PATH; - res.val.ad = e->u.ptr; - break; - case EAF_TYPE_BITFIELD: - res.type = T_BOOL; - res.val.i = !!(e->u.data & BITFIELD_MASK(what)); - break; - case EAF_TYPE_INT_SET: - res.type = T_CLIST; - res.val.ad = e->u.ptr; - break; - case EAF_TYPE_EC_SET: - res.type = T_ECLIST; - res.val.ad = e->u.ptr; - break; - case EAF_TYPE_LC_SET: - res.type = T_LCLIST; - res.val.ad = e->u.ptr; - break; - case EAF_TYPE_UNDEF: - res.type = T_VOID; - break; - default: - bug("Unknown type in e,a"); - } - } - break; - case FI_EA_SET: - ACCESS_RTE; - ACCESS_EATTRS; - ARG_ANY(1); - { - struct ea_list *l = lp_alloc(f_pool, sizeof(struct ea_list) + sizeof(eattr)); - u16 code = what->a2.i; - int f_type = what->aux >> 8; - - l->next = NULL; - l->flags = EALF_SORTED; - l->count = 1; - l->attrs[0].id = code; - l->attrs[0].flags = 0; - l->attrs[0].type = (what->aux & 0xff) | EAF_ORIGINATED | EAF_FRESH; - - switch (what->aux & EAF_TYPE_MASK) { - case EAF_TYPE_INT: - if (v1.type != f_type) - runtime( "Setting int attribute to non-int value" ); - l->attrs[0].u.data = v1.val.i; - break; - - case EAF_TYPE_ROUTER_ID: - /* IP->Quad implicit conversion */ - if (val_is_ip4(v1)) { - l->attrs[0].u.data = ipa_to_u32(v1.val.ip); - break; - } - /* T_INT for backward compatibility */ - if ((v1.type != T_QUAD) && (v1.type != T_INT)) - runtime( "Setting quad attribute to non-quad value" ); - l->attrs[0].u.data = v1.val.i; - break; - - case EAF_TYPE_OPAQUE: - runtime( "Setting opaque attribute is not allowed" ); - break; - case EAF_TYPE_IP_ADDRESS: - if (v1.type != T_IP) - runtime( "Setting ip attribute to non-ip value" ); - int len = sizeof(ip_addr); - struct adata *ad = lp_alloc(f_pool, sizeof(struct adata) + len); - ad->length = len; - (* (ip_addr *) ad->data) = v1.val.ip; - l->attrs[0].u.ptr = ad; - break; - case EAF_TYPE_AS_PATH: - if (v1.type != T_PATH) - runtime( "Setting path attribute to non-path value" ); - l->attrs[0].u.ptr = v1.val.ad; - break; - case EAF_TYPE_BITFIELD: - if (v1.type != T_BOOL) - runtime( "Setting bit in bitfield attribute to non-bool value" ); - { - /* First, we have to find the old value */ - eattr *e = ea_find(*f_eattrs, code); - u32 data = e ? e->u.data : 0; - - if (v1.val.i) - l->attrs[0].u.data = data | BITFIELD_MASK(what); - else - l->attrs[0].u.data = data & ~BITFIELD_MASK(what);; - } - break; - case EAF_TYPE_INT_SET: - if (v1.type != T_CLIST) - runtime( "Setting clist attribute to non-clist value" ); - l->attrs[0].u.ptr = v1.val.ad; - break; - case EAF_TYPE_EC_SET: - if (v1.type != T_ECLIST) - runtime( "Setting eclist attribute to non-eclist value" ); - l->attrs[0].u.ptr = v1.val.ad; - break; - case EAF_TYPE_LC_SET: - if (v1.type != T_LCLIST) - runtime( "Setting lclist attribute to non-lclist value" ); - l->attrs[0].u.ptr = v1.val.ad; - break; - case EAF_TYPE_UNDEF: - if (v1.type != T_VOID) - runtime( "Setting void attribute to non-void value" ); - l->attrs[0].u.data = 0; - break; - default: bug("Unknown type in e,S"); - } - - f_rta_cow(); - l->next = *f_eattrs; - *f_eattrs = l; - } - break; - case FI_PREF_GET: - ACCESS_RTE; - res.type = T_INT; - res.val.i = (*f_rte)->pref; - break; - case FI_PREF_SET: - ACCESS_RTE; - ARG(1,T_INT); - if (v1.val.i > 0xFFFF) - runtime( "Setting preference value out of bounds" ); - f_rte_cow(); - (*f_rte)->pref = v1.val.i; - break; - case FI_LENGTH: /* Get length of */ - ARG_ANY(1); - res.type = T_INT; - switch(v1.type) { - case T_NET: res.val.i = net_pxlen(v1.val.net); break; - case T_PATH: res.val.i = as_path_getlen(v1.val.ad); break; - case T_CLIST: res.val.i = int_set_get_size(v1.val.ad); break; - case T_ECLIST: res.val.i = ec_set_get_size(v1.val.ad); break; - case T_LCLIST: res.val.i = lc_set_get_size(v1.val.ad); break; - default: runtime( "Prefix, path, clist or eclist expected" ); - } - break; - case FI_SADR_SRC: /* Get SADR src prefix */ - ARG(1, T_NET); - if (!net_is_sadr(v1.val.net)) - runtime( "SADR expected" ); - - { - net_addr_ip6_sadr *net = (void *) v1.val.net; - net_addr *src = lp_alloc(f_pool, sizeof(net_addr_ip6)); - net_fill_ip6(src, net->src_prefix, net->src_pxlen); - - res.type = T_NET; - res.val.net = src; - } - break; - case FI_ROA_MAXLEN: /* Get ROA max prefix length */ - ARG(1, T_NET); - if (!net_is_roa(v1.val.net)) - runtime( "ROA expected" ); - - res.type = T_INT; - res.val.i = (v1.val.net->type == NET_ROA4) ? - ((net_addr_roa4 *) v1.val.net)->max_pxlen : - ((net_addr_roa6 *) v1.val.net)->max_pxlen; - break; - case FI_ROA_ASN: /* Get ROA ASN */ - ARG(1, T_NET); - if (!net_is_roa(v1.val.net)) - runtime( "ROA expected" ); - - res.type = T_INT; - res.val.i = (v1.val.net->type == NET_ROA4) ? - ((net_addr_roa4 *) v1.val.net)->asn : - ((net_addr_roa6 *) v1.val.net)->asn; - break; - case FI_IP: /* Convert prefix to ... */ - ARG(1, T_NET); - res.type = T_IP; - res.val.ip = net_prefix(v1.val.net); - break; - case FI_ROUTE_DISTINGUISHER: - ARG(1, T_NET); - res.type = T_IP; - if (!net_is_vpn(v1.val.net)) - runtime( "VPN address expected" ); - res.type = T_RD; - res.val.ec = net_rd(v1.val.net); - break; - case FI_AS_PATH_FIRST: /* Get first ASN from AS PATH */ - ARG(1, T_PATH); - - as = 0; - as_path_get_first(v1.val.ad, &as); - res.type = T_INT; - res.val.i = as; - break; - case FI_AS_PATH_LAST: /* Get last ASN from AS PATH */ - ARG(1, T_PATH); - - as = 0; - as_path_get_last(v1.val.ad, &as); - res.type = T_INT; - res.val.i = as; - break; - case FI_AS_PATH_LAST_NAG: /* Get last ASN from non-aggregated part of AS PATH */ - ARG(1, T_PATH); - - res.type = T_INT; - res.val.i = as_path_get_last_nonaggregated(v1.val.ad); - break; - case FI_RETURN: - ARG_ANY(1); - res = v1; - res.type |= T_RETURN; - return res; - case FI_CALL: /* CALL: this is special: if T_RETURN and returning some value, mask it out */ - ARG_ANY(1); - res = interpret(what->a2.p); - if (res.type == T_RETURN) - return res; - res.type &= ~T_RETURN; - break; - case FI_CLEAR_LOCAL_VARS: /* Clear local variables */ - for (sym = what->a1.p; sym != NULL; sym = sym->aux2) - ((struct f_val *) sym->def)->type = T_VOID; - break; - case FI_SWITCH: - ARG_ANY(1); - { - struct f_tree *t = find_tree(what->a2.p, v1); - if (!t) { - v1.type = T_VOID; - t = find_tree(what->a2.p, v1); - if (!t) { - debug( "No else statement?\n"); - break; - } - } - /* It is actually possible to have t->data NULL */ - - INTERPRET(res, t->data); - } - break; - case FI_IP_MASK: /* IP.MASK(val) */ - ARG(1, T_IP); - ARG(2, T_INT); - - res.type = T_IP; - res.val.ip = ipa_is_ip4(v1.val.ip) ? - ipa_from_ip4(ip4_and(ipa_to_ip4(v1.val.ip), ip4_mkmask(v2.val.i))) : - ipa_from_ip6(ip6_and(ipa_to_ip6(v1.val.ip), ip6_mkmask(v2.val.i))); - break; - - case FI_EMPTY: /* Create empty attribute */ - res.type = what->aux; - res.val.ad = adata_empty(f_pool, 0); - break; - case FI_PATH_PREPEND: /* Path prepend */ - ARG(1, T_PATH); - ARG(2, T_INT); - - res.type = T_PATH; - res.val.ad = as_path_prepend(f_pool, v1.val.ad, v2.val.i); - break; - - case FI_CLIST_ADD_DEL: /* (Extended) Community list add or delete */ - ARG_ANY(1); - ARG_ANY(2); - if (v1.type == T_PATH) - { - struct f_tree *set = NULL; - u32 key = 0; - int pos; - - if (v2.type == T_INT) - key = v2.val.i; - else if ((v2.type == T_SET) && (v2.val.t->from.type == T_INT)) - set = v2.val.t; - else - runtime("Can't delete non-integer (set)"); - - switch (what->aux) - { - case 'a': runtime("Can't add to path"); - case 'd': pos = 0; break; - case 'f': pos = 1; break; - default: bug("unknown Ca operation"); - } - - if (pos && !set) - runtime("Can't filter integer"); - - res.type = T_PATH; - res.val.ad = as_path_filter(f_pool, v1.val.ad, set, key, pos); - } - else if (v1.type == T_CLIST) - { - /* Community (or cluster) list */ - struct f_val dummy; - int arg_set = 0; - uint n = 0; - - if ((v2.type == T_PAIR) || (v2.type == T_QUAD)) - n = v2.val.i; - /* IP->Quad implicit conversion */ - else if (val_is_ip4(v2)) - n = ipa_to_u32(v2.val.ip); - else if ((v2.type == T_SET) && clist_set_type(v2.val.t, &dummy)) - arg_set = 1; - else if (v2.type == T_CLIST) - arg_set = 2; - else - runtime("Can't add/delete non-pair"); - - res.type = T_CLIST; - switch (what->aux) - { - case 'a': - if (arg_set == 1) - runtime("Can't add set"); - else if (!arg_set) - res.val.ad = int_set_add(f_pool, v1.val.ad, n); - else - res.val.ad = int_set_union(f_pool, v1.val.ad, v2.val.ad); - break; - - case 'd': - if (!arg_set) - res.val.ad = int_set_del(f_pool, v1.val.ad, n); - else - res.val.ad = clist_filter(f_pool, v1.val.ad, v2, 0); - break; - - case 'f': - if (!arg_set) - runtime("Can't filter pair"); - res.val.ad = clist_filter(f_pool, v1.val.ad, v2, 1); - break; + fstk->vcnt = line->vars; + memset(fstk->vstk, 0, sizeof(struct f_val) * line->vars); - default: - bug("unknown Ca operation"); - } - } - else if (v1.type == T_ECLIST) - { - /* Extended community list */ - int arg_set = 0; - - /* v2.val is either EC or EC-set */ - if ((v2.type == T_SET) && eclist_set_type(v2.val.t)) - arg_set = 1; - else if (v2.type == T_ECLIST) - arg_set = 2; - else if (v2.type != T_EC) - runtime("Can't add/delete non-ec"); - - res.type = T_ECLIST; - switch (what->aux) - { - case 'a': - if (arg_set == 1) - runtime("Can't add set"); - else if (!arg_set) - res.val.ad = ec_set_add(f_pool, v1.val.ad, v2.val.ec); - else - res.val.ad = ec_set_union(f_pool, v1.val.ad, v2.val.ad); - break; + /* The same as with the value stack. Not resetting the stack for performance reasons. */ + fstk->ecnt = 1; + fstk->estk[0].line = line; + fstk->estk[0].pos = 0; - case 'd': - if (!arg_set) - res.val.ad = ec_set_del(f_pool, v1.val.ad, v2.val.ec); - else - res.val.ad = eclist_filter(f_pool, v1.val.ad, v2, 0); - break; +#define curline fstk->estk[fstk->ecnt-1] - case 'f': - if (!arg_set) - runtime("Can't filter ec"); - res.val.ad = eclist_filter(f_pool, v1.val.ad, v2, 1); - break; - - default: - bug("unknown Ca operation"); - } - } - else if (v1.type == T_LCLIST) - { - /* Large community list */ - int arg_set = 0; - - /* v2.val is either LC or LC-set */ - if ((v2.type == T_SET) && lclist_set_type(v2.val.t)) - arg_set = 1; - else if (v2.type == T_LCLIST) - arg_set = 2; - else if (v2.type != T_LC) - runtime("Can't add/delete non-lc"); - - res.type = T_LCLIST; - switch (what->aux) - { - case 'a': - if (arg_set == 1) - runtime("Can't add set"); - else if (!arg_set) - res.val.ad = lc_set_add(f_pool, v1.val.ad, v2.val.lc); - else - res.val.ad = lc_set_union(f_pool, v1.val.ad, v2.val.ad); - break; +#if DEBUGGING + debug("Interpreting line."); + f_dump_line(line, 1); +#endif - case 'd': - if (!arg_set) - res.val.ad = lc_set_del(f_pool, v1.val.ad, v2.val.lc); - else - res.val.ad = lclist_filter(f_pool, v1.val.ad, v2, 0); - break; + while (fstk->ecnt > 0) { + while (curline.pos < curline.line->len) { + const struct f_line_item *what = &(curline.line->items[curline.pos++]); - case 'f': - if (!arg_set) - runtime("Can't filter lc"); - res.val.ad = lclist_filter(f_pool, v1.val.ad, v2, 1); - break; + switch (what->fi_code) { +#define res fstk->vstk[fstk->vcnt] +#define vv(i) fstk->vstk[fstk->vcnt + (i)] +#define v1 vv(0) +#define v2 vv(1) +#define v3 vv(2) - default: - bug("unknown Ca operation"); +#define runtime(fmt, ...) do { \ + if (!(fs->flags & FF_SILENT)) \ + log_rl(&rl_runtime_err, L_ERR "filters, line %d: " fmt, what->lineno, ##__VA_ARGS__); \ + return F_ERROR; \ +} while(0) + +#define falloc(size) lp_alloc(fs->pool, size) +#define fpool fs->pool + +#define ACCESS_EATTRS do { if (!fs->eattrs) f_cache_eattrs(fs); } while (0) + +#include "filter/inst-interpret.c" +#undef res +#undef v1 +#undef v2 +#undef v3 +#undef runtime +#undef falloc +#undef fpool +#undef ACCESS_EATTRS } } - else - runtime("Can't add/delete to non-[e|l]clist"); - - break; - case FI_ROA_CHECK: /* ROA Check */ - if (what->arg1) - { - ARG(1, T_NET); - ARG(2, T_INT); - - as = v2.val.i; - } - else - { - ACCESS_RTE; - ACCESS_EATTRS; - v1.val.net = (*f_rte)->net->n.addr; - - /* We ignore temporary attributes, probably not a problem here */ - /* 0x02 is a value of BA_AS_PATH, we don't want to include BGP headers */ - eattr *e = ea_find(*f_eattrs, EA_CODE(PROTOCOL_BGP, 0x02)); - - if (!e || ((e->type & EAF_TYPE_MASK) != EAF_TYPE_AS_PATH)) - runtime("Missing AS_PATH attribute"); + /* End of current line. Drop local variables before exiting. */ + fstk->vcnt -= curline.line->vars; + fstk->vcnt -= curline.line->args; + fstk->ecnt--; + } - as_path_get_last(e->u.ptr, &as); + if (fstk->vcnt == 0) { + if (val) { + log_rl(&rl_runtime_err, L_ERR "filters: No value left on stack"); + return F_ERROR; } + return F_NOP; + } - struct rtable *table = ((struct f_inst_roa_check *) what)->rtc->table; - if (!table) - runtime("Missing ROA table"); - - if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6) - runtime("Table type must be either ROA4 or ROA6"); - - res.type = T_ENUM_ROA; - - if (table->addr_type != (v1.val.net->type == NET_IP4 ? NET_ROA4 : NET_ROA6)) - res.val.i = ROA_UNKNOWN; /* Prefix and table type mismatch */ - else - res.val.i = net_roa_check(table, v1.val.net, as); - - break; - - case FI_FORMAT: /* Format */ - ARG_ANY(1); - - res.type = T_STRING; - res.val.s = val_format_str(v1); - break; - - case FI_ASSERT: /* Birdtest Assert */ - ARG(1, T_BOOL); - - res.type = v1.type; - res.val = v1.val; - - CALL(bt_assert_hook, res.val.i, what); - break; + if (val && (fstk->vcnt == 1)) { + *val = fstk->vstk[0]; + return F_NOP; + } - default: - bug( "Unknown instruction %d (%c)", what->fi_code, what->fi_code & 0xff); - }} - return res; + log_rl(&rl_runtime_err, L_ERR "Too many items left on stack: %u", fstk->vcnt); + return F_ERROR; } -#undef ARG -#undef ARG_ANY - -#define ARG(n) \ - if (!i_same(f1->a##n.p, f2->a##n.p)) \ - return 0; - -#define ONEARG ARG(1); -#define TWOARGS ONEARG; ARG(2); -#define THREEARGS TWOARGS; ARG(3); - -#define A2_SAME if (f1->a2.i != f2->a2.i) return 0; - -/* - * i_same - function that does real comparing of instruction trees, you should call filter_same from outside - */ -int -i_same(struct f_inst *f1, struct f_inst *f2) -{ - if ((!!f1) != (!!f2)) - return 0; - if (!f1) - return 1; - if (f1->aux != f2->aux) - return 0; - if (f1->fi_code != f2->fi_code) - return 0; - if (f1 == f2) /* It looks strange, but it is possible with call rewriting trickery */ - return 1; - - switch(f1->fi_code) { - case FI_ADD: /* fall through */ - case FI_SUBTRACT: - case FI_MULTIPLY: - case FI_DIVIDE: - case FI_OR: - case FI_AND: - case FI_PAIR_CONSTRUCT: - case FI_EC_CONSTRUCT: - case FI_NEQ: - case FI_EQ: - case FI_LT: - case FI_LTE: TWOARGS; break; - - case FI_PATHMASK_CONSTRUCT: if (!pm_same(f1->a1.p, f2->a1.p)) return 0; break; - - case FI_NOT: ONEARG; break; - case FI_NOT_MATCH: - case FI_MATCH: TWOARGS; break; - case FI_DEFINED: ONEARG; break; - case FI_TYPE: ONEARG; break; - - case FI_LC_CONSTRUCT: - THREEARGS; - break; - - case FI_SET: - ARG(2); - { - struct symbol *s1, *s2; - s1 = f1->a1.p; - s2 = f2->a1.p; - if (strcmp(s1->name, s2->name)) - return 0; - if (s1->class != s2->class) - return 0; - } - break; - - case FI_CONSTANT: - switch (f1->aux) { - - case T_PREFIX_SET: - if (!trie_same(f1->a2.p, f2->a2.p)) - return 0; - break; - - case T_SET: - if (!same_tree(f1->a2.p, f2->a2.p)) - return 0; - break; - - case T_STRING: - if (strcmp(f1->a2.p, f2->a2.p)) - return 0; - break; - - default: - A2_SAME; - } - break; - - case FI_CONSTANT_INDIRECT: - if (!val_same(* (struct f_val *) f1->a1.p, * (struct f_val *) f2->a1.p)) - return 0; - break; - - case FI_VARIABLE: - if (strcmp((char *) f1->a2.p, (char *) f2->a2.p)) - return 0; - break; - case FI_PRINT: case FI_LENGTH: ONEARG; break; - case FI_CONDITION: TWOARGS; break; - case FI_NOP: case FI_EMPTY: break; - case FI_PRINT_AND_DIE: ONEARG; A2_SAME; break; - case FI_PREF_GET: - case FI_RTA_GET: A2_SAME; break; - case FI_EA_GET: A2_SAME; break; - case FI_PREF_SET: - case FI_RTA_SET: - case FI_EA_SET: ONEARG; A2_SAME; break; - - case FI_RETURN: ONEARG; break; - case FI_ROA_MAXLEN: ONEARG; break; - case FI_ROA_ASN: ONEARG; break; - case FI_SADR_SRC: ONEARG; break; - case FI_IP: ONEARG; break; - case FI_IS_V4: ONEARG; break; - case FI_ROUTE_DISTINGUISHER: ONEARG; break; - case FI_CALL: /* Call rewriting trickery to avoid exponential behaviour */ - ONEARG; - if (!i_same(f1->a2.p, f2->a2.p)) - return 0; - f2->a2.p = f1->a2.p; - break; - case FI_CLEAR_LOCAL_VARS: break; /* internal instruction */ - case FI_SWITCH: ONEARG; if (!same_tree(f1->a2.p, f2->a2.p)) return 0; break; - case FI_IP_MASK: TWOARGS; break; - case FI_PATH_PREPEND: TWOARGS; break; - case FI_CLIST_ADD_DEL: TWOARGS; break; - case FI_AS_PATH_FIRST: - case FI_AS_PATH_LAST: - case FI_AS_PATH_LAST_NAG: ONEARG; break; - case FI_ROA_CHECK: - TWOARGS; - /* Does not really make sense - ROA check results may change anyway */ - if (strcmp(((struct f_inst_roa_check *) f1)->rtc->name, - ((struct f_inst_roa_check *) f2)->rtc->name)) - return 0; - break; - case FI_FORMAT: ONEARG; break; - case FI_ASSERT: ONEARG; break; - default: - bug( "Unknown instruction %d in same (%c)", f1->fi_code, f1->fi_code & 0xff); - } - return i_same(f1->next, f2->next); -} /** * f_run - run a filter for a route @@ -1743,7 +251,7 @@ i_same(struct f_inst *f1, struct f_inst *f2) * copied). * * The returned rte may reuse the (possibly cached, cloned) rta, or - * (if rta was modificied) contains a modified uncached rta, which + * (if rta was modified) contains a modified uncached rta, which * uses parts allocated from @tmp_pool and parts shared from original * rta. There is one exception - if @rte is rw but contains a cached * rta and that is modified, rta in returned rte is also cached. @@ -1753,8 +261,8 @@ i_same(struct f_inst *f1, struct f_inst *f2) * (and cached rta of read-only source rte is intact), if rte is * modified in place, old cached rta is possibly freed. */ -int -f_run(struct filter *filter, struct rte **rte, struct linpool *tmp_pool, int flags) +enum filter_return +f_run(const struct filter *filter, struct rte **rte, struct linpool *tmp_pool, int flags) { if (filter == FILTER_ACCEPT) return F_ACCEPT; @@ -1765,107 +273,241 @@ f_run(struct filter *filter, struct rte **rte, struct linpool *tmp_pool, int fla int rte_cow = ((*rte)->flags & REF_COW); DBG( "Running filter `%s'...", filter->name ); - f_rte = rte; - f_eattrs = NULL; - f_old_rta = NULL; - f_pool = tmp_pool; - f_flags = flags; + /* Initialize the filter state */ + filter_state = (struct filter_state) { + .stack = &filter_stack, + .rte = rte, + .pool = tmp_pool, + .flags = flags, + }; - LOG_BUFFER_INIT(f_buf); + LOG_BUFFER_INIT(filter_state.buf); - struct f_val res = interpret(filter->root); + /* Run the interpreter itself */ + enum filter_return fret = interpret(&filter_state, filter->root, NULL); - if (f_old_rta) { + if (filter_state.old_rta) { /* - * Cached rta was modified and f_rte contains now an uncached one, + * Cached rta was modified and filter_state->rte contains now an uncached one, * sharing some part with the cached one. The cached rta should - * be freed (if rte was originally COW, f_old_rta is a clone + * be freed (if rte was originally COW, filter_state->old_rta is a clone * obtained during rte_cow()). * * This also implements the exception mentioned in f_run() * description. The reason for this is that rta reuses parts of - * f_old_rta, and these may be freed during rta_free(f_old_rta). + * filter_state->old_rta, and these may be freed during rta_free(filter_state->old_rta). * This is not the problem if rte was COW, because original rte * also holds the same rta. */ - if (!rte_cow) - (*f_rte)->attrs = rta_lookup((*f_rte)->attrs); + if (!rte_cow) { + /* Cache the new attrs */ + (*filter_state.rte)->attrs = rta_lookup((*filter_state.rte)->attrs); - rta_free(f_old_rta); - } + /* Drop cached ea_list pointer */ + filter_state.eattrs = NULL; + } + /* Uncache the old attrs and drop the pointer as it is invalid now. */ + rta_free(filter_state.old_rta); + filter_state.old_rta = NULL; + } - if (res.type != T_RETURN) { - if (!(f_flags & FF_SILENT)) - log_rl(&rl_runtime_err, L_ERR "Filter %s did not return accept nor reject. Make up your mind", filter->name); + /* Process the filter output, log it and return */ + if (fret < F_ACCEPT) { + if (!(filter_state.flags & FF_SILENT)) + log_rl(&rl_runtime_err, L_ERR "Filter %s did not return accept nor reject. Make up your mind", filter_name(filter)); return F_ERROR; } DBG( "done (%u)\n", res.val.i ); - return res.val.i; + return fret; } -/* TODO: perhaps we could integrate f_eval(), f_eval_rte() and f_run() */ +/** + * f_eval_rte - run a filter line for an uncached route + * @expr: filter line to run + * @rte: route being filtered, may be modified + * @tmp_pool: all filter allocations go from this pool + * + * This specific filter entry point runs the given filter line + * (which must not have any arguments) on the given route. + * + * The route MUST NOT have REF_COW set and its attributes MUST NOT + * be cached by rta_lookup(). + */ -struct f_val -f_eval_rte(struct f_inst *expr, struct rte **rte, struct linpool *tmp_pool) +enum filter_return +f_eval_rte(const struct f_line *expr, struct rte **rte, struct linpool *tmp_pool) { + filter_state = (struct filter_state) { + .stack = &filter_stack, + .rte = rte, + .pool = tmp_pool, + }; - f_rte = rte; - f_eattrs = NULL; - f_old_rta = NULL; - f_pool = tmp_pool; - f_flags = 0; + LOG_BUFFER_INIT(filter_state.buf); - LOG_BUFFER_INIT(f_buf); + ASSERT(!((*rte)->flags & REF_COW)); + ASSERT(!rta_is_cached((*rte)->attrs)); - /* Note that in this function we assume that rte->attrs is private / uncached */ - struct f_val res = interpret(expr); - - return res; + return interpret(&filter_state, expr, NULL); } -struct f_val -f_eval(struct f_inst *expr, struct linpool *tmp_pool) +/* + * f_eval - get a value of a term + * @expr: filter line containing the term + * @tmp_pool: long data may get allocated from this pool + * @pres: here the output will be stored + */ +enum filter_return +f_eval(const struct f_line *expr, struct linpool *tmp_pool, struct f_val *pres) { - f_flags = 0; - f_eattrs = NULL; - f_rte = NULL; - f_pool = tmp_pool; + filter_state = (struct filter_state) { + .stack = &filter_stack, + .pool = tmp_pool, + }; - LOG_BUFFER_INIT(f_buf); + LOG_BUFFER_INIT(filter_state.buf); - return interpret(expr); + enum filter_return fret = interpret(&filter_state, expr, pres); + return fret; } +/* + * f_eval_int - get an integer value of a term + * Called internally from the config parser, uses its internal memory pool + * for allocations. Do not call in other cases. + */ uint -f_eval_int(struct f_inst *expr) +f_eval_int(const struct f_line *expr) { /* Called independently in parse-time to eval expressions */ - struct f_val res = f_eval(expr, cfg_mem); + filter_state = (struct filter_state) { + .stack = &filter_stack, + .pool = cfg_mem, + }; + + struct f_val val; - if (res.type != T_INT) + LOG_BUFFER_INIT(filter_state.buf); + + if (interpret(&filter_state, expr, &val) > F_RETURN) + cf_error("Runtime error while evaluating expression; see log for details"); + + if (val.type != T_INT) cf_error("Integer expression expected"); - return res.val.i; + return val.val.i; +} + +/* + * f_eval_buf - get a value of a term and print it to the supplied buffer + */ +enum filter_return +f_eval_buf(const struct f_line *expr, struct linpool *tmp_pool, buffer *buf) +{ + struct f_val val; + enum filter_return fret = f_eval(expr, tmp_pool, &val); + if (fret > F_RETURN) + val_format(&val, buf); + return fret; } /** * filter_same - compare two filters * @new: first filter to be compared - * @old: second filter to be compared, notice that this filter is - * damaged while comparing. + * @old: second filter to be compared * * Returns 1 in case filters are same, otherwise 0. If there are * underlying bugs, it will rather say 0 on same filters than say * 1 on different. */ int -filter_same(struct filter *new, struct filter *old) +filter_same(const struct filter *new, const struct filter *old) { if (old == new) /* Handle FILTER_ACCEPT and FILTER_REJECT */ return 1; if (old == FILTER_ACCEPT || old == FILTER_REJECT || new == FILTER_ACCEPT || new == FILTER_REJECT) return 0; - return i_same(new->root, old->root); + + if ((!old->sym) && (!new->sym)) + return f_same(new->root, old->root); + + if ((!old->sym) || (!new->sym)) + return 0; + + if (strcmp(old->sym->name, new->sym->name)) + return 0; + + return new->sym->flags & SYM_FLAG_SAME; +} + +/** + * filter_commit - do filter comparisons on all the named functions and filters + */ +void +filter_commit(struct config *new, struct config *old) +{ + if (!old) + return; + + struct symbol *sym, *osym; + WALK_LIST(sym, new->symbols) + switch (sym->class) { + case SYM_FUNCTION: + if ((osym = cf_find_symbol(old, sym->name)) && + (osym->class == SYM_FUNCTION) && + f_same(sym->function, osym->function)) + sym->flags |= SYM_FLAG_SAME; + else + sym->flags &= ~SYM_FLAG_SAME; + break; + + case SYM_FILTER: + if ((osym = cf_find_symbol(old, sym->name)) && + (osym->class == SYM_FILTER) && + f_same(sym->filter->root, osym->filter->root)) + sym->flags |= SYM_FLAG_SAME; + else + sym->flags &= ~SYM_FLAG_SAME; + break; + } +} + +void filters_dump_all(void) +{ + struct symbol *sym; + WALK_LIST(sym, config->symbols) { + switch (sym->class) { + case SYM_FILTER: + debug("Named filter %s:\n", sym->name); + f_dump_line(sym->filter->root, 1); + break; + case SYM_FUNCTION: + debug("Function %s:\n", sym->name); + f_dump_line(sym->function, 1); + break; + case SYM_PROTO: + { + debug("Protocol %s:\n", sym->name); + struct channel *c; + WALK_LIST(c, sym->proto->proto->channels) { + debug(" Channel %s (%s) IMPORT", c->name, net_label[c->net_type]); + if (c->in_filter == FILTER_ACCEPT) + debug(" ALL\n"); + else if (c->in_filter == FILTER_REJECT) + debug(" NONE\n"); + else if (c->in_filter == FILTER_UNDEF) + debug(" UNDEF\n"); + else if (c->in_filter->sym) { + ASSERT(c->in_filter->sym->filter == c->in_filter); + debug(" named filter %s\n", c->in_filter->sym->name); + } else { + debug("\n"); + f_dump_line(c->in_filter->root, 2); + } + } + } + } + } } diff --git a/filter/filter.h b/filter/filter.h index a8c33287..9d997efb 100644 --- a/filter/filter.h +++ b/filter/filter.h @@ -2,6 +2,7 @@ * BIRD Internet Routing Daemon -- Filters * * (c) 1999 Pavel Machek <pavel@ucw.cz> + * (c) 2018--2019 Maria Matejka <mq@jmq.cz> * * Can be freely distributed and used under the terms of the GNU GPL. */ @@ -11,279 +12,63 @@ #include "lib/resource.h" #include "lib/ip.h" +#include "lib/macro.h" #include "nest/route.h" #include "nest/attrs.h" -/* Filter instruction types */ - -#define FI__TWOCHAR(a,b) ((a<<8) | b) -#define FI__LIST \ - F(FI_ADD, 0, '+') \ - F(FI_SUBTRACT, 0, '-') \ - F(FI_MULTIPLY, 0, '*') \ - F(FI_DIVIDE, 0, '/') \ - F(FI_AND, 0, '&') \ - F(FI_OR, 0, '|') \ - F(FI_PAIR_CONSTRUCT, 'm', 'p') \ - F(FI_EC_CONSTRUCT, 'm', 'c') \ - F(FI_LC_CONSTRUCT, 'm', 'l') \ - F(FI_PATHMASK_CONSTRUCT, 'm', 'P') \ - F(FI_NEQ, '!', '=') \ - F(FI_EQ, '=', '=') \ - F(FI_LT, 0, '<') \ - F(FI_LTE, '<', '=') \ - F(FI_NOT, 0, '!') \ - F(FI_MATCH, 0, '~') \ - F(FI_NOT_MATCH, '!', '~') \ - F(FI_DEFINED, 'd', 'e') \ - F(FI_TYPE, 0, 'T') \ - F(FI_IS_V4, 'I', 'i') \ - F(FI_SET, 0, 's') \ - F(FI_CONSTANT, 0, 'c') \ - F(FI_VARIABLE, 0, 'V') \ - F(FI_CONSTANT_INDIRECT, 0, 'C') \ - F(FI_PRINT, 0, 'p') \ - F(FI_CONDITION, 0, '?') \ - F(FI_NOP, 0, '0') \ - F(FI_PRINT_AND_DIE, 'p', ',') \ - F(FI_RTA_GET, 0, 'a') \ - F(FI_RTA_SET, 'a', 'S') \ - F(FI_EA_GET, 'e', 'a') \ - F(FI_EA_SET, 'e', 'S') \ - F(FI_PREF_GET, 0, 'P') \ - F(FI_PREF_SET, 'P', 'S') \ - F(FI_LENGTH, 0, 'L') \ - F(FI_ROA_MAXLEN, 'R', 'M') \ - F(FI_ROA_ASN, 'R', 'A') \ - F(FI_SADR_SRC, 'n', 's') \ - F(FI_IP, 'c', 'p') \ - F(FI_ROUTE_DISTINGUISHER, 'R', 'D') \ - F(FI_AS_PATH_FIRST, 'a', 'f') \ - F(FI_AS_PATH_LAST, 'a', 'l') \ - F(FI_AS_PATH_LAST_NAG, 'a', 'L') \ - F(FI_RETURN, 0, 'r') \ - F(FI_CALL, 'c', 'a') \ - F(FI_CLEAR_LOCAL_VARS, 'c', 'V') \ - F(FI_SWITCH, 'S', 'W') \ - F(FI_IP_MASK, 'i', 'M') \ - F(FI_EMPTY, 0, 'E') \ - F(FI_PATH_PREPEND, 'A', 'p') \ - F(FI_CLIST_ADD_DEL, 'C', 'a') \ - F(FI_ROA_CHECK, 'R', 'C') \ - F(FI_FORMAT, 0, 'F') \ - F(FI_ASSERT, 'a', 's') - -enum f_instruction_code { -#define F(c,a,b) \ - c, -FI__LIST -#undef F - FI__MAX, -} PACKED; - -const char *f_instruction_name(enum f_instruction_code fi); - -struct f_inst { /* Instruction */ - struct f_inst *next; /* Structure is 16 bytes, anyway */ - enum f_instruction_code fi_code; - u16 aux; /* Extension to instruction code, T_*, EA_*, EAF_* */ - union { - uint i; - void *p; - } a1; /* The first argument */ - union { - uint i; - void *p; - } a2; /* The second argument */ - union { - int i; - void *p; - } a3; /* The third argument */ - int lineno; -}; - -#define arg1 a1.p -#define arg2 a2.p - -/* Not enough fields in f_inst for three args used by roa_check() */ -struct f_inst_roa_check { - struct f_inst i; - struct rtable_config *rtc; -}; - -struct f_prefix { - net_addr net; - u8 lo, hi; -}; - -struct f_val { - int type; /* T_* */ - union { - uint i; - u64 ec; - lcomm lc; - ip_addr ip; - const net_addr *net; - char *s; - struct f_tree *t; - struct f_trie *ti; - struct adata *ad; - struct f_path_mask *path_mask; - } val; -}; - -struct f_dynamic_attr { - int type; - int f_type; - int ea_code; -}; - -struct f_static_attr { - int f_type; - int sa_code; - int readonly; +/* Possible return values of filter execution */ +enum filter_return { + F_NOP = 0, + F_NONL, + F_RETURN, + F_ACCEPT, /* Need to preserve ordering: accepts < rejects! */ + F_REJECT, + F_ERROR, + F_QUITBIRD, }; +static inline const char *filter_return_str(const enum filter_return fret) { + switch (fret) { +#define FRS(x) case x: return #x + FRS(F_NOP); + FRS(F_NONL); + FRS(F_RETURN); + FRS(F_ACCEPT); + FRS(F_REJECT); + FRS(F_ERROR); + FRS(F_QUITBIRD); +#undef FRS + default: bug("This shall not happen"); + } +} + +struct f_val; + +/* The filter encapsulating structure to be pointed-to from outside */ +struct f_line; struct filter { - char *name; - struct f_inst *root; + struct symbol *sym; + const struct f_line *root; }; -struct f_inst *f_new_inst(enum f_instruction_code fi_code); -struct f_inst *f_new_inst_da(enum f_instruction_code fi_code, struct f_dynamic_attr da); -struct f_inst *f_new_inst_sa(enum f_instruction_code fi_code, struct f_static_attr sa); -static inline struct f_dynamic_attr f_new_dynamic_attr(int type, int f_type, int code) /* Type as core knows it, type as filters know it, and code of dynamic attribute */ -{ return (struct f_dynamic_attr) { .type = type, .f_type = f_type, .ea_code = code }; } /* f_type currently unused; will be handy for static type checking */ -static inline struct f_static_attr f_new_static_attr(int f_type, int code, int readonly) -{ return (struct f_static_attr) { .f_type = f_type, .sa_code = code, .readonly = readonly }; } -struct f_tree *f_new_tree(void); -struct f_inst *f_generate_complex(int operation, int operation_aux, struct f_dynamic_attr da, struct f_inst *argument); -struct f_inst *f_generate_roa_check(struct rtable_config *table, struct f_inst *prefix, struct f_inst *asn); - - -struct f_tree *build_tree(struct f_tree *); -struct f_tree *find_tree(struct f_tree *t, struct f_val val); -int same_tree(struct f_tree *t1, struct f_tree *t2); -void tree_format(struct f_tree *t, buffer *buf); - -struct f_trie *f_new_trie(linpool *lp, uint node_size); -void *trie_add_prefix(struct f_trie *t, const net_addr *n, uint l, uint h); -int trie_match_net(struct f_trie *t, const net_addr *n); -int trie_same(struct f_trie *t1, struct f_trie *t2); -void trie_format(struct f_trie *t, buffer *buf); - -struct ea_list; struct rte; -int f_run(struct filter *filter, struct rte **rte, struct linpool *tmp_pool, int flags); -struct f_val f_eval_rte(struct f_inst *expr, struct rte **rte, struct linpool *tmp_pool); -struct f_val f_eval(struct f_inst *expr, struct linpool *tmp_pool); -uint f_eval_int(struct f_inst *expr); - -char *filter_name(struct filter *filter); -int filter_same(struct filter *new, struct filter *old); - -int i_same(struct f_inst *f1, struct f_inst *f2); - -int val_compare(struct f_val v1, struct f_val v2); -int val_same(struct f_val v1, struct f_val v2); +enum filter_return f_run(const struct filter *filter, struct rte **rte, struct linpool *tmp_pool, int flags); +enum filter_return f_eval_rte(const struct f_line *expr, struct rte **rte, struct linpool *tmp_pool); +uint f_eval_int(const struct f_line *expr); +enum filter_return f_eval_buf(const struct f_line *expr, struct linpool *tmp_pool, buffer *buf); -void val_format(struct f_val v, buffer *buf); +const char *filter_name(const struct filter *filter); +int filter_same(const struct filter *new, const struct filter *old); +int f_same(const struct f_line *f1, const struct f_line *f2); +void filter_commit(struct config *new, struct config *old); -#define F_NOP 0 -#define F_NONL 1 -#define F_ACCEPT 2 /* Need to preserve ordering: accepts < rejects! */ -#define F_REJECT 3 -#define F_ERROR 4 -#define F_QUITBIRD 5 +void filters_dump_all(void); #define FILTER_ACCEPT NULL -#define FILTER_REJECT ((void *) 1) -#define FILTER_UNDEF ((void *) 2) /* Used in BGP */ - -/* Type numbers must be in 0..0xff range */ -#define T_MASK 0xff - -/* Internal types */ -/* Do not use type of zero, that way we'll see errors easier. */ -#define T_VOID 1 - -/* User visible types, which fit in int */ -#define T_INT 0x10 -#define T_BOOL 0x11 -#define T_PAIR 0x12 /* Notice that pair is stored as integer: first << 16 | second */ -#define T_QUAD 0x13 - -/* Put enumerational types in 0x30..0x3f range */ -#define T_ENUM_LO 0x30 -#define T_ENUM_HI 0x3f - -#define T_ENUM_RTS 0x30 -#define T_ENUM_BGP_ORIGIN 0x31 -#define T_ENUM_SCOPE 0x32 -#define T_ENUM_RTC 0x33 -#define T_ENUM_RTD 0x34 -#define T_ENUM_ROA 0x35 -#define T_ENUM_NETTYPE 0x36 -#define T_ENUM_RA_PREFERENCE 0x37 - -/* new enums go here */ -#define T_ENUM_EMPTY 0x3f /* Special hack for atomic_aggr */ - -#define T_ENUM T_ENUM_LO ... T_ENUM_HI - -/* Bigger ones */ -#define T_IP 0x20 -#define T_NET 0x21 -#define T_STRING 0x22 -#define T_PATH_MASK 0x23 /* mask for BGP path */ -#define T_PATH 0x24 /* BGP path */ -#define T_CLIST 0x25 /* Community list */ -#define T_EC 0x26 /* Extended community value, u64 */ -#define T_ECLIST 0x27 /* Extended community list */ -#define T_LC 0x28 /* Large community value, lcomm */ -#define T_LCLIST 0x29 /* Large community list */ -#define T_RD 0x2a /* Route distinguisher for VPN addresses */ - -#define T_RETURN 0x40 -#define T_SET 0x80 -#define T_PREFIX_SET 0x81 - - -#define SA_FROM 1 -#define SA_GW 2 -#define SA_NET 3 -#define SA_PROTO 4 -#define SA_SOURCE 5 -#define SA_SCOPE 6 -#define SA_DEST 7 -#define SA_IFNAME 8 -#define SA_IFINDEX 9 - - -struct f_tree { - struct f_tree *left, *right; - struct f_val from, to; - void *data; -}; - -struct f_trie_node -{ - ip_addr addr, mask, accept; - uint plen; - struct f_trie_node *c[2]; -}; - -struct f_trie -{ - linpool *lp; - int zero; - uint node_size; - struct f_trie_node root[0]; /* Root trie node follows */ -}; - -#define NEW_F_VAL struct f_val * val; val = cfg_alloc(sizeof(struct f_val)); +#define FILTER_REJECT ((struct filter *) 1) +#define FILTER_UNDEF ((struct filter *) 2) /* Used in BGP */ #define FF_SILENT 2 /* Silent filter execution */ @@ -296,15 +81,4 @@ struct custom_attribute { struct custom_attribute *ca_lookup(pool *p, const char *name, int ea_type); -/* Bird Tests */ -struct f_bt_test_suite { - node n; /* Node in config->tests */ - struct f_inst *fn; /* Root of function */ - const char *fn_name; /* Name of test */ - const char *dsc; /* Description */ -}; - -/* Hook for call bt_assert() function in configuration */ -extern void (*bt_assert_hook)(int result, struct f_inst *assert); - #endif diff --git a/filter/filter_test.c b/filter/filter_test.c index 916290ed..3abe095b 100644 --- a/filter/filter_test.c +++ b/filter/filter_test.c @@ -17,44 +17,53 @@ #include "test/bt-utils.h" #include "filter/filter.h" +#include "filter/data.h" +#include "filter/f-inst.h" #include "conf/conf.h" #define BT_CONFIG_FILE "filter/test.conf" -static struct config * -parse_config_file(const void *filename_void) -{ - bt_bird_init(); +struct parse_config_file_arg { + struct config **cp; + const char *filename; +}; - size_t fn_size = strlen((const char *) filename_void) + 1; +static int +parse_config_file(const void *argv) +{ + const struct parse_config_file_arg *arg = argv; + size_t fn_size = strlen(arg->filename) + 1; char *filename = alloca(fn_size); - memcpy(filename, filename_void, fn_size); - - struct config *c = bt_config_file_parse(filename); - bt_bird_cleanup(); - - return c; + memcpy(filename, arg->filename, fn_size); + + *(arg->cp) = bt_config_file_parse(filename); + return !!*(arg->cp); } static int -run_function(const void *parsed_fn_def) +run_function(const void *arg) { - /* XXX: const -> non-const */ - struct f_inst *f = (struct f_inst *) parsed_fn_def; + const struct f_bt_test_suite *t = arg; - linpool *tmp = lp_new_default(&root_pool); - struct f_val res = f_eval(f, tmp); - rfree(tmp); + if (t->cmp) + return t->result == f_same(t->fn, t->cmp); - if (res.type == T_RETURN && res.val.i >= F_REJECT) + if (!f_same(t->fn, t->fn)) { + bt_result = bt_suite_result = 0; + bt_log_suite_case_result(0, "The function doesn't compare to itself as the same"); return 0; + } + + linpool *tmp = lp_new_default(&root_pool); + enum filter_return fret = f_eval(t->fn, tmp, NULL); + rfree(tmp); - return 1; + return (fret < F_REJECT); } static void -bt_assert_filter(int result, struct f_inst *assert) +bt_assert_filter(int result, const struct f_line_item *assert) { int bt_suit_case_result = 1; if (!result) @@ -64,23 +73,30 @@ bt_assert_filter(int result, struct f_inst *assert) bt_suit_case_result = 0; } - bt_log_suite_case_result(bt_suit_case_result, "Assertion at line %d (%s)", assert->lineno, (char *) assert->a2.p); + bt_log_suite_case_result(bt_suit_case_result, "Assertion at line %d (%s)", + assert->lineno, assert->i_FI_ASSERT.s); } int main(int argc, char *argv[]) { bt_init(argc, argv); + bt_bird_init(); + + bt_assert_hook = bt_assert_filter; + + struct config *c = NULL; + struct parse_config_file_arg pcfa = { .cp = &c, .filename = BT_CONFIG_FILE }; + bt_test_suite_base(parse_config_file, "conf", (const void *) &pcfa, 0, 0, "parse config file"); + bt_test_suite_base(parse_config_file, "reconf", (const void *) &pcfa, 0, 0, "reconfigure with the same file"); - struct config *c = parse_config_file(BT_CONFIG_FILE); + bt_bird_cleanup(); if (c) { - bt_assert_hook = bt_assert_filter; - struct f_bt_test_suite *t; WALK_LIST(t, c->tests) - bt_test_suite_base(run_function, t->fn_name, t->fn, BT_FORKING, BT_TIMEOUT, "%s", t->dsc); + bt_test_suite_base(run_function, t->fn_name, t, BT_FORKING, BT_TIMEOUT, "%s", t->dsc); } return bt_exit_value(); diff --git a/filter/test-reconf-begin.conf b/filter/test-reconf-begin.conf new file mode 100644 index 00000000..aeed007f --- /dev/null +++ b/filter/test-reconf-begin.conf @@ -0,0 +1,23 @@ +router id 1.1.1.1; +protocol device {} + +function a() { + return true; +} + +function b() { + return a(); +} + +function c() { + return b(); +} + +filter d { + if c() then accept; else reject; +} + +protocol static { + ipv4 { import filter d; }; + route 10.0.0.0/24 unreachable; +} diff --git a/filter/test-reconf-end.conf b/filter/test-reconf-end.conf new file mode 100644 index 00000000..19164825 --- /dev/null +++ b/filter/test-reconf-end.conf @@ -0,0 +1,23 @@ +router id 1.1.1.1; +protocol device {} + +function a() { + return false; +} + +function b() { + return a(); +} + +function c() { + return b(); +} + +filter d { + if c() then accept; else reject; +} + +protocol static { + ipv4 { import filter d; }; + route 10.0.0.0/24 unreachable; +} diff --git a/filter/test.conf b/filter/test.conf index 39b349cc..9abd76f3 100644 --- a/filter/test.conf +++ b/filter/test.conf @@ -7,8 +7,7 @@ router id 62.168.0.1; /* We have to setup any protocol */ -protocol static { ipv4; } - +protocol device { } @@ -25,8 +24,19 @@ function onef(int a) return 1; } +function twof(int a) +{ + return 2; +} +function oneg(int a) +{ + return 1; +} +bt_test_same(onef, onef, 1); +bt_test_same(onef, oneg, 1); +bt_test_same(onef, twof, 0); /* * Testing boolean expressions @@ -62,7 +72,6 @@ bt_test_suite(t_bool, "Testing boolean expressions"); - /* * Testing integers * ---------------- @@ -126,6 +135,7 @@ int set is; bt_assert(2 ~ [ 1, 2, 3 ]); bt_assert(5 ~ [ 4 .. 7 ]); bt_assert(1 !~ [ 2, 3, 4 ]); + bt_assert(999 !~ [ 666, 333 ]); is = [ 2, 3, 4, 7..11 ]; bt_assert(10 ~ is); @@ -1107,6 +1117,11 @@ int i; return 0; } +function callmeagain(int a; int b; int c) +{ + return a + b + c; +} + function fifteen() { return 15; @@ -1123,6 +1138,7 @@ function t_call_function() bt_assert(callme(3, 2) = 6); bt_assert(callme(4, 4) = 16); bt_assert(callme(7, 2) = 14); + bt_assert(callmeagain(1, 2, 3) = 6); } bt_test_suite(t_call_function, "Testing calling functions"); @@ -1336,7 +1352,7 @@ bt_test_suite(t_mixed_prefix, "Testing mixed net types"); filter vpn_filter { - bt_assert(format(net) = "0:1:2 10.1.10.0/24"); + bt_assert(format(net) = "1:2 10.1.10.0/24"); bt_assert(net.type = NET_VPN4); bt_assert(net.type != NET_IP4); bt_assert(net.type != NET_IP6); @@ -1347,6 +1363,13 @@ filter vpn_filter NET_IP6: print "IPV6"; } + bt_check_assign(from, 10.20.30.40); + bt_check_assign(gw, 55.55.55.44); + + bgp_community.add((3,5)); + bgp_ext_community.add((ro, 135, 999)); + bgp_large_community.add((6464156, 89646354, 8675643)); + accept; } @@ -1358,3 +1381,9 @@ protocol static vpn4 { table v4; import filter vpn_filter; }; route 0:1:2 10.1.10.0/24 unreachable; } + +protocol static +{ + ipv6 { import where false; }; + route fd01::/48 unreachable; +} diff --git a/filter/tree.c b/filter/tree.c index f8379fa8..46d6e529 100644 --- a/filter/tree.c +++ b/filter/tree.c @@ -10,6 +10,7 @@ #include "nest/bird.h" #include "conf/conf.h" #include "filter/filter.h" +#include "filter/data.h" /** * find_tree @@ -23,15 +24,15 @@ * Both set matching and |switch() { }| construction is implemented using this function, * thus both are as fast as they can be. */ -struct f_tree * -find_tree(struct f_tree *t, struct f_val val) +const struct f_tree * +find_tree(const struct f_tree *t, const struct f_val *val) { if (!t) return NULL; - if ((val_compare(t->from, val) != 1) && - (val_compare(t->to, val) != -1)) + if ((val_compare(&(t->from), val) != 1) && + (val_compare(&(t->to), val) != -1)) return t; - if (val_compare(t->from, val) == -1) + if (val_compare(&(t->from), val) == -1) return find_tree(t->right, val); else return find_tree(t->left, val); @@ -56,7 +57,7 @@ build_tree_rec(struct f_tree **buf, int l, int h) static int tree_compare(const void *p1, const void *p2) { - return val_compare((* (struct f_tree **) p1)->from, (* (struct f_tree **) p2)->from); + return val_compare(&((* (struct f_tree **) p1)->from), &((* (struct f_tree **) p2)->from)); } /** @@ -119,39 +120,39 @@ f_new_tree(void) * Compares two trees and returns 1 if they are same */ int -same_tree(struct f_tree *t1, struct f_tree *t2) +same_tree(const struct f_tree *t1, const struct f_tree *t2) { if ((!!t1) != (!!t2)) return 0; if (!t1) return 1; - if (val_compare(t1->from, t2->from)) + if (val_compare(&(t1->from), &(t2->from))) return 0; - if (val_compare(t1->to, t2->to)) + if (val_compare(&(t1->to), &(t2->to))) return 0; if (!same_tree(t1->left, t2->left)) return 0; if (!same_tree(t1->right, t2->right)) return 0; - if (!i_same(t1->data, t2->data)) + if (!f_same(t1->data, t2->data)) return 0; return 1; } static void -tree_node_format(struct f_tree *t, buffer *buf) +tree_node_format(const struct f_tree *t, buffer *buf) { if (t == NULL) return; tree_node_format(t->left, buf); - val_format(t->from, buf); - if (val_compare(t->from, t->to) != 0) + val_format(&(t->from), buf); + if (val_compare(&(t->from), &(t->to)) != 0) { buffer_puts(buf, ".."); - val_format(t->to, buf); + val_format(&(t->to), buf); } buffer_puts(buf, ", "); @@ -159,7 +160,7 @@ tree_node_format(struct f_tree *t, buffer *buf) } void -tree_format(struct f_tree *t, buffer *buf) +tree_format(const struct f_tree *t, buffer *buf) { buffer_puts(buf, "["); diff --git a/filter/tree_test.c b/filter/tree_test.c index 5b22a9fe..6472d17e 100644 --- a/filter/tree_test.c +++ b/filter/tree_test.c @@ -10,6 +10,7 @@ #include "test/bt-utils.h" #include "filter/filter.h" +#include "filter/data.h" #include "conf/conf.h" #define MAX_TREE_HEIGHT 13 @@ -226,8 +227,8 @@ t_find(void) }; for(looking_up_value.val.i = 0; looking_up_value.val.i < nodes_count; looking_up_value.val.i++) { - struct f_tree *found_tree = find_tree(tree, looking_up_value); - bt_assert((val_compare(looking_up_value, found_tree->from) == 0) && (val_compare(looking_up_value, found_tree->to) == 0)); + const struct f_tree *found_tree = find_tree(tree, &looking_up_value); + bt_assert((val_compare(&looking_up_value, &(found_tree->from)) == 0) && (val_compare(&looking_up_value, &(found_tree->to)) == 0)); } } @@ -278,11 +279,11 @@ t_find_ranges(void) for(*i = 0; *i <= max_value; *i += (uint)bt_random()/nodes_count) { - struct f_tree *found_tree = find_tree(tree, needle); + const struct f_tree *found_tree = find_tree(tree, &needle); bt_debug("searching: %u \n", *i); bt_assert( - (val_compare(needle, found_tree->from) == 0) || (val_compare(needle, found_tree->to) == 0) || - ((val_compare(needle, found_tree->from) == 1) && (val_compare(needle, found_tree->to) == -1)) + (val_compare(&needle, &(found_tree->from)) == 0) || (val_compare(&needle, &(found_tree->to)) == 0) || + ((val_compare(&needle, &(found_tree->from)) == 1) && (val_compare(&needle, &(found_tree->to)) == -1)) ); } } diff --git a/filter/trie.c b/filter/trie.c index adcfcdf3..3038f5ec 100644 --- a/filter/trie.c +++ b/filter/trie.c @@ -73,6 +73,7 @@ #include "lib/string.h" #include "conf/conf.h" #include "filter/filter.h" +#include "filter/data.h" /* @@ -220,7 +221,7 @@ trie_add_prefix(struct f_trie *t, const net_addr *net, uint l, uint h) } static int -trie_match_prefix(struct f_trie *t, ip_addr px, uint plen) +trie_match_prefix(const struct f_trie *t, ip_addr px, uint plen) { ip_addr pmask = ipa_mkmask(plen); ip_addr paddr = ipa_and(px, pmask); @@ -229,7 +230,7 @@ trie_match_prefix(struct f_trie *t, ip_addr px, uint plen) return t->zero; int plentest = plen - 1; - struct f_trie_node *n = t->root; + const struct f_trie_node *n = t->root; while(n) { @@ -264,7 +265,7 @@ trie_match_prefix(struct f_trie *t, ip_addr px, uint plen) * is such prefix pattern in the trie. */ int -trie_match_net(struct f_trie *t, const net_addr *n) +trie_match_net(const struct f_trie *t, const net_addr *n) { uint add = 0; @@ -279,7 +280,7 @@ trie_match_net(struct f_trie *t, const net_addr *n) } static int -trie_node_same(struct f_trie_node *t1, struct f_trie_node *t2) +trie_node_same(const struct f_trie_node *t1, const struct f_trie_node *t2) { if ((t1 == NULL) && (t2 == NULL)) return 1; @@ -303,13 +304,13 @@ trie_node_same(struct f_trie_node *t1, struct f_trie_node *t2) * Compares two tries and returns 1 if they are same */ int -trie_same(struct f_trie *t1, struct f_trie *t2) +trie_same(const struct f_trie *t1, const struct f_trie *t2) { return (t1->zero == t2->zero) && trie_node_same(t1->root, t2->root); } static void -trie_node_format(struct f_trie_node *t, buffer *buf) +trie_node_format(const struct f_trie_node *t, buffer *buf) { if (t == NULL) return; @@ -329,7 +330,7 @@ trie_node_format(struct f_trie_node *t, buffer *buf) * Prints the trie to the supplied buffer. */ void -trie_format(struct f_trie *t, buffer *buf) +trie_format(const struct f_trie *t, buffer *buf) { buffer_puts(buf, "["); diff --git a/filter/trie_test.c b/filter/trie_test.c index 7529a5c5..38c387b0 100644 --- a/filter/trie_test.c +++ b/filter/trie_test.c @@ -10,6 +10,7 @@ #include "test/bt-utils.h" #include "filter/filter.h" +#include "filter/data.h" #include "conf/conf.h" #define TESTS_NUM 10 |