From patchwork Thu Sep 1 12:01:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wojciech Drewek X-Patchwork-Id: 12962369 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B6B32ECAAD1 for ; Thu, 1 Sep 2022 12:05:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233224AbiIAME6 (ORCPT ); Thu, 1 Sep 2022 08:04:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33174 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233213AbiIAME5 (ORCPT ); Thu, 1 Sep 2022 08:04:57 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 95B96BF8 for ; Thu, 1 Sep 2022 05:04:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1662033884; x=1693569884; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xLHvtWB8Mdu1BTf/v6Bgi0v4Trg04AHk3BkNIZhLIqQ=; b=Md1KcU0jiu8r7ApZaIVh9iZjThQKrfnF5Ad/HvnuGdQh7nPS2nl9RevQ FD2cxSaW40O2Zya6o6wQVpLpY+dBMb9LSxSymZQwlnZAIZgw+egWvBsQc Y+bWU5hY8AfDto9pfHj1ygQacE7BTHkVRh5cmDGSAj33FJhsPaUtsn+xF So6Wh3XNTa7htuvz1aK6y1zr5XDqqPtxwrIk60dPSUbXkeDU94VjNSUaJ Q46tR6dbtGaHJeDIz0bKplW8UIkhRDBZxLA09LKskmeqV84OAFvqbn/Hp eTEyUrQYkekNoAZ7X0dkpwyl1F3fBOQOrhf1m/Rj1r2VSp0386LU9bd9I A==; X-IronPort-AV: E=McAfee;i="6500,9779,10457"; a="296978350" X-IronPort-AV: E=Sophos;i="5.93,280,1654585200"; d="scan'208";a="296978350" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Sep 2022 05:04:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,280,1654585200"; d="scan'208";a="738470652" Received: from irvmail001.ir.intel.com ([10.43.11.63]) by orsmga004.jf.intel.com with ESMTP; 01 Sep 2022 05:04:39 -0700 Received: from switcheroo.igk.intel.com (switcheroo.igk.intel.com [172.22.229.137]) by irvmail001.ir.intel.com (8.14.3/8.13.6/MailSET/Hub) with ESMTP id 281C4XRj024211; Thu, 1 Sep 2022 13:04:37 +0100 From: Wojciech Drewek To: netdev@vger.kernel.org Cc: alexandr.lobakin@intel.com, jesse.brandeburg@intel.com, anthony.l.nguyen@intel.com, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, marcin.szycik@linux.intel.com, michal.swiatkowski@linux.intel.com, kurt@linutronix.de, boris.sukholitko@broadcom.com, vladbu@nvidia.com, komachi.yoshiki@gmail.com, paulb@nvidia.com, baowen.zheng@corigine.com, louis.peens@corigine.com, simon.horman@corigine.com, pablo@netfilter.org, maksym.glubokiy@plvision.eu, intel-wired-lan@lists.osuosl.org, jchapman@katalix.com, gnault@redhat.com Subject: [RFC PATCH net-next v3 3/5] net/sched: flower: Add L2TPv3 filter Date: Thu, 1 Sep 2022 14:01:29 +0200 Message-Id: <20220901120131.1373568-4-wojciech.drewek@intel.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20220901120131.1373568-1-wojciech.drewek@intel.com> References: <20220901120131.1373568-1-wojciech.drewek@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC Add support for matching on L2TPv3 session ID. Session ID can be specified only when ip proto was set to IPPROTO_L2TP. Example filter: # tc filter add dev $PF1 ingress prio 1 protocol ip \ flower \ ip_proto l2tp \ l2tpv3_sid 1234 \ skip_sw \ action mirred egress redirect dev $VF1_PR Acked-by: Guillaume Nault Signed-off-by: Wojciech Drewek --- include/uapi/linux/pkt_cls.h | 2 ++ net/sched/cls_flower.c | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h index 877309d6ca3c..648a82f32666 100644 --- a/include/uapi/linux/pkt_cls.h +++ b/include/uapi/linux/pkt_cls.h @@ -592,6 +592,8 @@ enum { TCA_FLOWER_KEY_PPPOE_SID, /* be16 */ TCA_FLOWER_KEY_PPP_PROTO, /* be16 */ + TCA_FLOWER_KEY_L2TPV3_SID, /* be32 */ + __TCA_FLOWER_MAX, }; diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c index 041d63ff809a..22d32b82bc09 100644 --- a/net/sched/cls_flower.c +++ b/net/sched/cls_flower.c @@ -69,6 +69,7 @@ struct fl_flow_key { struct flow_dissector_key_hash hash; struct flow_dissector_key_num_of_vlans num_of_vlans; struct flow_dissector_key_pppoe pppoe; + struct flow_dissector_key_l2tpv3 l2tpv3; } __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */ struct fl_flow_mask_range { @@ -712,6 +713,7 @@ static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = { [TCA_FLOWER_KEY_NUM_OF_VLANS] = { .type = NLA_U8 }, [TCA_FLOWER_KEY_PPPOE_SID] = { .type = NLA_U16 }, [TCA_FLOWER_KEY_PPP_PROTO] = { .type = NLA_U16 }, + [TCA_FLOWER_KEY_L2TPV3_SID] = { .type = NLA_U32 }, }; @@ -1790,6 +1792,11 @@ static int fl_set_key(struct net *net, struct nlattr **tb, fl_set_key_val(tb, key->arp.tha, TCA_FLOWER_KEY_ARP_THA, mask->arp.tha, TCA_FLOWER_KEY_ARP_THA_MASK, sizeof(key->arp.tha)); + } else if (key->basic.ip_proto == IPPROTO_L2TP) { + fl_set_key_val(tb, &key->l2tpv3.session_id, + TCA_FLOWER_KEY_L2TPV3_SID, + &mask->l2tpv3.session_id, TCA_FLOWER_UNSPEC, + sizeof(key->l2tpv3.session_id)); } if (key->basic.ip_proto == IPPROTO_TCP || @@ -1970,6 +1977,8 @@ static void fl_init_dissector(struct flow_dissector *dissector, FLOW_DISSECTOR_KEY_NUM_OF_VLANS, num_of_vlans); FL_KEY_SET_IF_MASKED(mask, keys, cnt, FLOW_DISSECTOR_KEY_PPPOE, pppoe); + FL_KEY_SET_IF_MASKED(mask, keys, cnt, + FLOW_DISSECTOR_KEY_L2TPV3, l2tpv3); skb_flow_dissector_init(dissector, keys, cnt); } @@ -3196,6 +3205,13 @@ static int fl_dump_key(struct sk_buff *skb, struct net *net, mask->arp.tha, TCA_FLOWER_KEY_ARP_THA_MASK, sizeof(key->arp.tha)))) goto nla_put_failure; + else if (key->basic.ip_proto == IPPROTO_L2TP && + fl_dump_key_val(skb, &key->l2tpv3.session_id, + TCA_FLOWER_KEY_L2TPV3_SID, + &mask->l2tpv3.session_id, + TCA_FLOWER_UNSPEC, + sizeof(key->l2tpv3.session_id))) + goto nla_put_failure; if ((key->basic.ip_proto == IPPROTO_TCP || key->basic.ip_proto == IPPROTO_UDP ||