From patchwork Wed Jan 31 16:13:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Davide Caratti X-Patchwork-Id: 13539605 X-Patchwork-Delegate: kuba@kernel.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0F8DF12BF29 for ; Wed, 31 Jan 2024 16:16:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706717819; cv=none; b=k+as+1gMwJ0pj6ZzydUOsU/8f+o4DdYdLsZh76mhk1J6Zk3Uti8zE64MhKXBfM4DKEyfGE+t+TyrlgLEHXi47TMtQ0axKjUKJpm+yWuqobaTJeP2acz886IWZ27vfLINRk/zkfsim1VCPr3FvkMcPh6VsLRpJpeDQJBsAhPkexY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706717819; c=relaxed/simple; bh=S+LAOBzBbsGLce3YEcEbKpLkY+B1uuYInBC/zcdcJCA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lwkneuUMUJpYMBlbquzRBNX9vCTDT14t2Q0h0w0zElkQTfuXcsav1O9HBXCQKGgZ9+2nzs4U8GKdsybie1bIxq06W3Ea4zVhzD+sogWkSd5miklxKAl8gDvKxRiCvA/OftDvvDz2QwRqQxB93zcstn1MHnJsMTfeiVMq2+ntX8o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=I/Vh+lZD; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="I/Vh+lZD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706717817; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=eaoaPqae0QGkUTYmUGfhPd0Bl0iReDOAQW04C8x8OtM=; b=I/Vh+lZD1KVIyRWmDsLVQT8Ull45SDxxNoH6TVE6DZE31q4tX9bau0YZfRA1985Z339R4r uQVHYjnYjv2HpVyungWZd1rNBNH/rkSeQ0Dxu5JjgJZBC17+uijKHIEf7x7Uv7dnyYLj2c Fb1Z5jTVL3PV9p73o7QEI4xgfXSRMtk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-562-e1niTZsgPgWk2kqCqLvPew-1; Wed, 31 Jan 2024 11:16:51 -0500 X-MC-Unique: e1niTZsgPgWk2kqCqLvPew-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CA4758493EA; Wed, 31 Jan 2024 16:16:50 +0000 (UTC) Received: from dcaratti.users.ipa.redhat.com (unknown [10.45.226.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id CBC3A492BC6; Wed, 31 Jan 2024 16:16:48 +0000 (UTC) From: Davide Caratti To: Jamal Hadi Salim , Cong Wang , Jiri Pirko , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org Cc: Marcelo Ricardo Leitner , Xin Long , Ilya Maximets Subject: [PATCH net-next 1/2] flow_dissector: add support for tunnel control flags Date: Wed, 31 Jan 2024 17:13:24 +0100 Message-ID: <1e7f0f6ddf38d85d3b0eecdb0dc3389c27ea7d2a.1706714667.git.dcaratti@redhat.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 X-Patchwork-Delegate: kuba@kernel.org dissect [no]csum, [no]dontfrag, [no]oam flags on 'external' tunnels. This is a prerequisite for matching these control flags using TC flower. Suggested-by: Ilya Maximets Signed-off-by: Davide Caratti --- include/net/flow_dissector.h | 11 +++++++++++ net/core/flow_dissector.c | 13 ++++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h index 1a7131d6cb0e..98a0050d5cc3 100644 --- a/include/net/flow_dissector.h +++ b/include/net/flow_dissector.h @@ -329,6 +329,16 @@ struct flow_dissector_key_cfm { #define FLOW_DIS_CFM_MDL_MASK GENMASK(7, 5) #define FLOW_DIS_CFM_MDL_MAX 7 +/** + * struct flow_dissector_key_enc_flags + * @flags: tunnel control flags + */ +struct flow_dissector_key_enc_flags { + __be16 flags; +}; + +#define TUNNEL_FLAGS_PRESENT (TUNNEL_CSUM | TUNNEL_DONT_FRAGMENT | TUNNEL_OAM) + enum flow_dissector_key_id { FLOW_DISSECTOR_KEY_CONTROL, /* struct flow_dissector_key_control */ FLOW_DISSECTOR_KEY_BASIC, /* struct flow_dissector_key_basic */ @@ -363,6 +373,7 @@ enum flow_dissector_key_id { FLOW_DISSECTOR_KEY_L2TPV3, /* struct flow_dissector_key_l2tpv3 */ FLOW_DISSECTOR_KEY_CFM, /* struct flow_dissector_key_cfm */ FLOW_DISSECTOR_KEY_IPSEC, /* struct flow_dissector_key_ipsec */ + FLOW_DISSECTOR_KEY_ENC_FLAGS, /* struct flow_dissector_key_enc_flags */ FLOW_DISSECTOR_KEY_MAX, }; diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c index 272f09251343..9099a5524d7c 100644 --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -382,7 +382,9 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb, !dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_ENC_IP) && !dissector_uses_key(flow_dissector, - FLOW_DISSECTOR_KEY_ENC_OPTS)) + FLOW_DISSECTOR_KEY_ENC_OPTS) && + !dissector_uses_key(flow_dissector, + FLOW_DISSECTOR_KEY_ENC_FLAGS)) return; info = skb_tunnel_info(skb); @@ -467,6 +469,15 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb, TUNNEL_OPTIONS_PRESENT; } } + + if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_ENC_FLAGS)) { + struct flow_dissector_key_enc_flags *enc_flags; + + enc_flags = skb_flow_dissector_target(flow_dissector, + FLOW_DISSECTOR_KEY_ENC_FLAGS, + target_container); + enc_flags->flags = info->key.tun_flags & TUNNEL_FLAGS_PRESENT; + } } EXPORT_SYMBOL(skb_flow_dissect_tunnel_info); From patchwork Wed Jan 31 16:13:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Davide Caratti X-Patchwork-Id: 13539606 X-Patchwork-Delegate: kuba@kernel.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0380B12C556 for ; Wed, 31 Jan 2024 16:16:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706717820; cv=none; b=I67YNMDGLyCpAp9joN6LIM9a88FqzQ1BeIermHtPAEG0AX6vlnG5t1yGteC01xSeg21d0wbNTiQrdrZSOUzYyXjTb3lrF6OeNtgQTmwxI7B9jDAE8XW/vSzSu9TMoyPdyGmXvwJpkrYqof3ofOjoojLViAp8TDPUAMrCWhaYfCE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706717820; c=relaxed/simple; bh=m3xyxrbVX/CkRiYUUH2miqgHH3lsRrlqFgUEEYUjw/I=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ounDx0nzUwHXUPAzHU48MOj+Ms52DtZbGYmItMH0UETV7TgZF/pj3bdfQ7mKwVn4VdjtkmOlrb6c76ns9oTvIuLY1X+wUI4ysBP8EJdvdvlrGeHxWXkOjozLOQzW6h8AB9RbkTJjBnAmVByqk3GMZ7uov/QD5PWIcQZFAOiPC2o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=VsotNb6/; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="VsotNb6/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706717818; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vjylor8cAHr1J38Qp1+9P7xnWauUwUmoliwz4hQBnA0=; b=VsotNb6/Ih33DvFw+cBeGA6UxJNRiN4P5hyYT840E1Xwh0GNj1gcnoVcH1dAJIf0ON9M4L LmmBLtVs/BkqD5EVJ3GWzxVUgA/TeOUL8zJZ/EojL3IaJrI3LR1jlUgfMd/iTBwLd/09CJ JUXt2oTmj4ius4Ukf4KFFby5tQmDZcM= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-669-UPr7Xh5sMVOmDsVh5DbZ8g-1; Wed, 31 Jan 2024 11:16:53 -0500 X-MC-Unique: UPr7Xh5sMVOmDsVh5DbZ8g-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id EA9BD800074; Wed, 31 Jan 2024 16:16:52 +0000 (UTC) Received: from dcaratti.users.ipa.redhat.com (unknown [10.45.226.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 14392492BC6; Wed, 31 Jan 2024 16:16:50 +0000 (UTC) From: Davide Caratti To: Jamal Hadi Salim , Cong Wang , Jiri Pirko , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org Cc: Marcelo Ricardo Leitner , Xin Long , Ilya Maximets Subject: [PATCH net-next 2/2] net/sched: cls_flower: add support for matching tunnel control flags Date: Wed, 31 Jan 2024 17:13:25 +0100 Message-ID: <91b858e0551f900a415b2d6ed80a54d7f5ef3c33.1706714667.git.dcaratti@redhat.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 X-Patchwork-Delegate: kuba@kernel.org extend cls_flower to match flags belonging to 'TUNNEL_FLAGS_PRESENT' mask inside skb tunnel metadata. Suggested-by: Ilya Maximets Signed-off-by: Davide Caratti --- include/uapi/linux/pkt_cls.h | 3 +++ net/sched/cls_flower.c | 45 ++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h index ea277039f89d..e3394f9d06b7 100644 --- a/include/uapi/linux/pkt_cls.h +++ b/include/uapi/linux/pkt_cls.h @@ -554,6 +554,9 @@ enum { TCA_FLOWER_KEY_SPI, /* be32 */ TCA_FLOWER_KEY_SPI_MASK, /* be32 */ + TCA_FLOWER_KEY_ENC_FLAGS, /* be16 */ + TCA_FLOWER_KEY_ENC_FLAGS_MASK, /* be16 */ + __TCA_FLOWER_MAX, }; diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c index efb9d2811b73..d244169c8471 100644 --- a/net/sched/cls_flower.c +++ b/net/sched/cls_flower.c @@ -74,6 +74,7 @@ struct fl_flow_key { struct flow_dissector_key_l2tpv3 l2tpv3; struct flow_dissector_key_ipsec ipsec; struct flow_dissector_key_cfm cfm; + struct flow_dissector_key_enc_flags enc_flags; } __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */ struct fl_flow_mask_range { @@ -731,6 +732,10 @@ static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = { [TCA_FLOWER_KEY_SPI_MASK] = { .type = NLA_U32 }, [TCA_FLOWER_L2_MISS] = NLA_POLICY_MAX(NLA_U8, 1), [TCA_FLOWER_KEY_CFM] = { .type = NLA_NESTED }, + [TCA_FLOWER_KEY_ENC_FLAGS] = NLA_POLICY_MASK(NLA_BE16, + TUNNEL_FLAGS_PRESENT), + [TCA_FLOWER_KEY_ENC_FLAGS_MASK] = NLA_POLICY_MASK(NLA_BE16, + TUNNEL_FLAGS_PRESENT), }; static const struct nla_policy @@ -1748,6 +1753,21 @@ static int fl_set_key_cfm(struct nlattr **tb, return 0; } +static int fl_set_key_enc_flags(struct nlattr **tb, __be16 *flags_key, + __be16 *flags_mask, struct netlink_ext_ack *extack) +{ + /* mask is mandatory for flags */ + if (!tb[TCA_FLOWER_KEY_ENC_FLAGS_MASK]) { + NL_SET_ERR_MSG(extack, "missing enc_flags mask"); + return -EINVAL; + } + + *flags_key = nla_get_be16(tb[TCA_FLOWER_KEY_ENC_FLAGS]); + *flags_mask = nla_get_be16(tb[TCA_FLOWER_KEY_ENC_FLAGS_MASK]); + + return 0; +} + static int fl_set_key(struct net *net, struct nlattr **tb, struct fl_flow_key *key, struct fl_flow_key *mask, struct netlink_ext_ack *extack) @@ -1986,6 +2006,10 @@ static int fl_set_key(struct net *net, struct nlattr **tb, ret = fl_set_key_flags(tb, &key->control.flags, &mask->control.flags, extack); + if (tb[TCA_FLOWER_KEY_ENC_FLAGS]) + ret = fl_set_key_enc_flags(tb, &key->enc_flags.flags, + &mask->enc_flags.flags, extack); + return ret; } @@ -2098,6 +2122,8 @@ static void fl_init_dissector(struct flow_dissector *dissector, FLOW_DISSECTOR_KEY_IPSEC, ipsec); FL_KEY_SET_IF_MASKED(mask, keys, cnt, FLOW_DISSECTOR_KEY_CFM, cfm); + FL_KEY_SET_IF_MASKED(mask, keys, cnt, + FLOW_DISSECTOR_KEY_ENC_FLAGS, enc_flags); skb_flow_dissector_init(dissector, keys, cnt); } @@ -3185,6 +3211,22 @@ static int fl_dump_key_cfm(struct sk_buff *skb, return err; } +static int fl_dump_key_enc_flags(struct sk_buff *skb, + struct flow_dissector_key_enc_flags *key, + struct flow_dissector_key_enc_flags *mask) +{ + if (!memchr_inv(mask, 0, sizeof(*mask))) + return 0; + + if (nla_put_be16(skb, TCA_FLOWER_KEY_ENC_FLAGS, key->flags)) + return -EMSGSIZE; + + if (nla_put_be16(skb, TCA_FLOWER_KEY_ENC_FLAGS_MASK, mask->flags)) + return -EMSGSIZE; + + return 0; +} + static int fl_dump_key_options(struct sk_buff *skb, int enc_opt_type, struct flow_dissector_key_enc_opts *enc_opts) { @@ -3481,6 +3523,9 @@ static int fl_dump_key(struct sk_buff *skb, struct net *net, if (fl_dump_key_cfm(skb, &key->cfm, &mask->cfm)) goto nla_put_failure; + if (fl_dump_key_enc_flags(skb, &key->enc_flags, &mask->enc_flags)) + goto nla_put_failure; + return 0; nla_put_failure: