From: Victor Julien <vjulien@oisf.net>
Date: Fri, 29 Mar 2024 18:50:52 +0000 (+0100)
Subject: decode/gre: move greh into L4 packet data
X-Git-Tag: suricata-8.0.0-beta1~1377
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7d04216cad40c011a67aca4a7a812ceeca4cebea;p=thirdparty%2Fsuricata.git

decode/gre: move greh into L4 packet data

To reduce Packet size.

Ticket: #6938.
---

diff --git a/src/decode-gre.c b/src/decode-gre.c
index 6919f0544d..4fe0bcab5f 100644
--- a/src/decode-gre.c
+++ b/src/decode-gre.c
@@ -62,13 +62,12 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
         return TM_ECODE_FAILED;
     }
 
-    p->greh = (GREHdr *)pkt;
+    GREHdr *greh = PacketSetGRE(p, pkt);
 
-    SCLogDebug("p %p pkt %p GRE protocol %04x Len: %d GRE version %x",
-        p, pkt, GRE_GET_PROTO(p->greh), len,GRE_GET_VERSION(p->greh));
+    SCLogDebug("p %p pkt %p GRE protocol %04x Len: %d GRE version %x", p, pkt, GRE_GET_PROTO(greh),
+            len, GRE_GET_VERSION(greh));
 
-    switch (GRE_GET_VERSION(p->greh))
-    {
+    switch (GRE_GET_VERSION(greh)) {
         case GRE_VERSION_0:
 
             /* GRE version 0 doesn't support the fields below RFC 1701 */
@@ -80,25 +79,25 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
              *       further into it.
              */
 
-            if (GRE_FLAG_ISSET_RECUR(p->greh)) {
+            if (GRE_FLAG_ISSET_RECUR(greh)) {
                 ENGINE_SET_INVALID_EVENT(p, GRE_VERSION0_RECUR);
                 return TM_ECODE_OK;
             }
 
-            if (GREV1_FLAG_ISSET_FLAGS(p->greh))   {
+            if (GREV1_FLAG_ISSET_FLAGS(greh)) {
                 ENGINE_SET_INVALID_EVENT(p, GRE_VERSION0_FLAGS);
                 return TM_ECODE_OK;
             }
 
             /* Adjust header length based on content */
 
-            if (GRE_FLAG_ISSET_KY(p->greh))
+            if (GRE_FLAG_ISSET_KY(greh))
                 header_len += GRE_KEY_LEN;
 
-            if (GRE_FLAG_ISSET_SQ(p->greh))
+            if (GRE_FLAG_ISSET_SQ(greh))
                 header_len += GRE_SEQ_LEN;
 
-            if (GRE_FLAG_ISSET_CHKSUM(p->greh) || GRE_FLAG_ISSET_ROUTE(p->greh))
+            if (GRE_FLAG_ISSET_CHKSUM(greh) || GRE_FLAG_ISSET_ROUTE(greh))
                 header_len += GRE_CHKSUM_LEN + GRE_OFFSET_LEN;
 
             if (header_len > len)   {
@@ -106,8 +105,7 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
                 return TM_ECODE_OK;
             }
 
-            if (GRE_FLAG_ISSET_ROUTE(p->greh))
-            {
+            if (GRE_FLAG_ISSET_ROUTE(greh)) {
                 while (1)
                 {
                     if ((header_len + GRE_SRE_HDR_LEN) > len) {
@@ -144,37 +142,37 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
              *       further into it.
              */
 
-            if (GRE_FLAG_ISSET_CHKSUM(p->greh))    {
+            if (GRE_FLAG_ISSET_CHKSUM(greh)) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_CHKSUM);
                 return TM_ECODE_OK;
             }
 
-            if (GRE_FLAG_ISSET_ROUTE(p->greh)) {
+            if (GRE_FLAG_ISSET_ROUTE(greh)) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_ROUTE);
                 return TM_ECODE_OK;
             }
 
-            if (GRE_FLAG_ISSET_SSR(p->greh))   {
+            if (GRE_FLAG_ISSET_SSR(greh)) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_SSR);
                 return TM_ECODE_OK;
             }
 
-            if (GRE_FLAG_ISSET_RECUR(p->greh)) {
+            if (GRE_FLAG_ISSET_RECUR(greh)) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_RECUR);
                 return TM_ECODE_OK;
             }
 
-            if (GREV1_FLAG_ISSET_FLAGS(p->greh))   {
+            if (GREV1_FLAG_ISSET_FLAGS(greh)) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_FLAGS);
                 return TM_ECODE_OK;
             }
 
-            if (GRE_GET_PROTO(p->greh) != GRE_PROTO_PPP)  {
+            if (GRE_GET_PROTO(greh) != GRE_PROTO_PPP) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_WRONG_PROTOCOL);
                 return TM_ECODE_OK;
             }
 
-            if (!(GRE_FLAG_ISSET_KY(p->greh))) {
+            if (!(GRE_FLAG_ISSET_KY(greh))) {
                 ENGINE_SET_INVALID_EVENT(p,GRE_VERSION1_NO_KEY);
                 return TM_ECODE_OK;
             }
@@ -185,10 +183,10 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
 
             /* Adjust header length based on content */
 
-            if (GRE_FLAG_ISSET_SQ(p->greh))
+            if (GRE_FLAG_ISSET_SQ(greh))
                 header_len += GRE_SEQ_LEN;
 
-            if (GREV1_FLAG_ISSET_ACK(p->greh))
+            if (GREV1_FLAG_ISSET_ACK(greh))
                 header_len += GREV1_ACK_LEN;
 
             if (header_len > len)   {
@@ -202,8 +200,7 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
             return TM_ECODE_OK;
     }
 
-    switch (GRE_GET_PROTO(p->greh))
-    {
+    switch (GRE_GET_PROTO(greh)) {
         case ETHERNET_TYPE_IP:
         {
             Packet *tp = PacketTunnelPktSetup(tv, dtv, p, pkt + header_len,
@@ -257,11 +254,8 @@ int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *p
             // Type I:  0|0|0|0|0|00000|000000000|00000
             // Type II: 0|0|0|1|0|00000|000000000|00000
             //                Seq
-            Packet *tp = PacketTunnelPktSetup(tv, dtv, p, pkt + header_len,
-                    len - header_len,
-                    GRE_FLAG_ISSET_SQ(p->greh) == 0 ?
-                            DECODE_TUNNEL_ERSPANI :
-                            DECODE_TUNNEL_ERSPANII);
+            Packet *tp = PacketTunnelPktSetup(tv, dtv, p, pkt + header_len, len - header_len,
+                    GRE_FLAG_ISSET_SQ(greh) == 0 ? DECODE_TUNNEL_ERSPANI : DECODE_TUNNEL_ERSPANII);
             if (tp != NULL) {
                 PKT_SET_SRC(tp, PKT_SRC_DECODER_GRE);
                 PacketEnqueueNoLock(&tv->decode_pq,tp);
@@ -377,7 +371,7 @@ static int DecodeGREtest03 (void)
     memset(&dtv, 0, sizeof(DecodeThreadVars));
 
     DecodeGRE(&tv, &dtv, p, raw_gre, sizeof(raw_gre));
-    FAIL_IF_NULL(p->greh);
+    FAIL_IF_NOT(PacketIsGRE(p));
 
     SCFree(p);
     PASS;
diff --git a/src/decode.h b/src/decode.h
index 039e5978f4..b8e26c1e8c 100644
--- a/src/decode.h
+++ b/src/decode.h
@@ -429,6 +429,7 @@ struct PacketL3 {
 enum PacketL4Types {
     PACKET_L4_UNKNOWN = 0,
     PACKET_L4_SCTP,
+    PACKET_L4_GRE,
 };
 
 struct PacketL4 {
@@ -437,6 +438,7 @@ struct PacketL4 {
     uint16_t csum;
     union L4Hdrs {
         SCTPHdr *sctph;
+        GREHdr *greh;
     } hdrs;
 };
 
@@ -580,7 +582,6 @@ typedef struct Packet_
     ICMPV6Hdr *icmpv6h;
     PPPOESessionHdr *pppoesh;
     PPPOEDiscoveryHdr *pppoedh;
-    GREHdr *greh;
 
     /* ptr to the payload of the packet
      * with it's length. */
@@ -795,6 +796,25 @@ static inline bool PacketIsSCTP(const Packet *p)
     return p->l4.type == PACKET_L4_SCTP;
 }
 
+static inline GREHdr *PacketSetGRE(Packet *p, const uint8_t *buf)
+{
+    DEBUG_VALIDATE_BUG_ON(p->l4.type != PACKET_L4_UNKNOWN);
+    p->l4.type = PACKET_L4_GRE;
+    p->l4.hdrs.greh = (GREHdr *)buf;
+    return p->l4.hdrs.greh;
+}
+
+static inline const GREHdr *PacketGetGRE(const Packet *p)
+{
+    DEBUG_VALIDATE_BUG_ON(p->l4.type != PACKET_L4_GRE);
+    return p->l4.hdrs.greh;
+}
+
+static inline bool PacketIsGRE(const Packet *p)
+{
+    return p->l4.type == PACKET_L4_GRE;
+}
+
 /** \brief Structure to hold thread specific data for all decode modules */
 typedef struct DecodeThreadVars_
 {
diff --git a/src/packet.c b/src/packet.c
index 11e3837393..0210e23204 100644
--- a/src/packet.c
+++ b/src/packet.c
@@ -132,7 +132,6 @@ void PacketReinit(Packet *p)
     }
     p->pppoesh = NULL;
     p->pppoedh = NULL;
-    p->greh = NULL;
     p->payload = NULL;
     p->payload_len = 0;
     p->BypassPacketsFlow = NULL;