From patchwork Tue Nov 19 10:18:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879593 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6F18CD60D1B for ; Tue, 19 Nov 2024 10:21:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=s2v4wvRWn+02yrqYzk8I6pei4Ps2LL08kCWalGaFo8k=; b=KYIVtk/+qfzKQaxZMvoYL7sLFD Ng2X3C7zQUagRHl6oPDv4v81PumXCJijRrib8CqQjabEILLWAkvI0lOwc10lhLptg+BG7mmVrcwMO fE+nTI/493n3jZSRsB5qQphnQu2CwoOxP1ZUldAAPY6CVaBLmVS5fnrM2UrrYmF22ivN9aeFc3Aw+ CUszjF4OJLm6T5BHBTTvur6bNIdUCwuyqjBx00CkCML4W/9DNvy25Tcax+ZkFBqZQ9GdmE2FkwmKd tIce1exGRGWMXsJjf+OcsecbAQaFof0Ta87MYodRd2bkcD1Yxg90D3puHM2BI9CAvmdBpqU//KRip If9YUC0A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLMC-0000000C1UU-2yWX; Tue, 19 Nov 2024 10:21:16 +0000 Received: from mail-lj1-x22b.google.com ([2a00:1450:4864:20::22b]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKM-0000000C0xl-1ZMW; Tue, 19 Nov 2024 10:19:23 +0000 Received: by mail-lj1-x22b.google.com with SMTP id 38308e7fff4ca-2feeb1e8edfso39289331fa.1; Tue, 19 Nov 2024 02:19:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011560; x=1732616360; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=s2v4wvRWn+02yrqYzk8I6pei4Ps2LL08kCWalGaFo8k=; b=aCpGDaLorH7F/Hmtl2KrZ/jedVFJoKYDm9ij3+b4q0BJFYUMoChZTRDEAAZ15Yb9ds oNQCFy2inx6AMRxBZdL3hUnsNlfB/zRzxqhlNPvAR+pqQ6ykVjsozHRXG5H6y19udwfS /hP9l19532B6ubESF/r95iZP/Q9DdK/nAK+TTpQHLyPv/p0RLqwN+JPgngJoCshpneum ut70qvUujMlNWOfwvucWGr595a/7hYF6lLnhotntq8tqt2/ztaYtYa56tsZhQ2OlQIVf 2yOzBKtfO2g/P5AbNivObXJMJfgoEqS4Q+Ruh4Kiq/ACgzk3Zs6LTU/N44Z2CYlHXA2C 3KvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011560; x=1732616360; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=s2v4wvRWn+02yrqYzk8I6pei4Ps2LL08kCWalGaFo8k=; b=ig/UUOo+jDte6wcpEg+Z3/lDl4pAiA52pTWt2EIki8n6ujg3mcPDiK3tqlt9XaljHj E6b2p0JPzwjRR/hfUKPePiSoybAUiTHdJVX5qujVVOf62olvQUPPrIppENpPIzr8NqDj FUmzNCOmhxu1KeFKuQnAeTP2OTUzqVmfbkQ8UrJgqrknZF/wXftkHMbX3B1m4rBplKeA 8zqZ/PjEax0eEzIcvGx3m+vA/nQw1OJ2zxpSpLqnDFDypZZiRBikFfgUErq9Ds2Zky6F 6bQG7CmdTH07O3musbLj+oVihPimX/E0g6Dmg7+I65QuZQ/BqRarra9UTRq7DqRROJcl qUyg== X-Forwarded-Encrypted: i=1; AJvYcCVojnjTQXS3v23pYGNaRwqvzpanDsaAeXEvEcn9qkklq6K2jNiGcRtc0SzLvEyejolDW0JufeV4wjpe4cu1SRCf@lists.infradead.org, AJvYcCVyvzPBtwQYGF+Ioz9HKJolF2XH1AXIU/tVnjnRgsUsneKRMAXtVTlnYPzFtbcj36/lTADpJIpzRfbOQBLB68w=@lists.infradead.org X-Gm-Message-State: AOJu0YyhXa2/shSSGQnh6Cc/Rq9RldQFonFU78JMyIGsf9x5QCTsvu4A KggBlSDf0QJ+u8GJBRCrAwtXDBV+g8+rkh6u0KMaLVExH9rL2ECz X-Google-Smtp-Source: AGHT+IGcc52t0JYl62z5La9vrUnqdLe/7x1g/27aiQFVRTEFc3y9IAb/0I8BdS4CAvP5pPR+qlUj7A== X-Received: by 2002:a2e:a592:0:b0:2fb:4f8e:efd with SMTP id 38308e7fff4ca-2ff606db22emr127527371fa.32.1732011559809; Tue, 19 Nov 2024 02:19:19 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:19 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 01/14] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Tue, 19 Nov 2024 11:18:53 +0100 Message-ID: <20241119101906.862680-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021922_413282_32C8513A X-CRM114-Status: GOOD ( 20.29 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 98edcaa37b38..290d8e10d85b 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -302,6 +302,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -331,6 +417,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -339,6 +426,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -458,7 +548,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -753,7 +844,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 7b84d8d3469c..cdf1771906b8 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Tue Nov 19 10:18:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879594 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id ED093D60D1B for ; Tue, 19 Nov 2024 10:22:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=33FGTDxVghKRUjvQxe8n+i0NIxSacmlAlP2N6q7e0cg=; b=gAnbQkLavkzDVfypjF5otLXR+V HTAC7TJUZpXjeE70iHLMyITnXkwgcYUsO6991Fn9bTMXSxeQQHp1Xpd75DOz3bUvr0VHHW3XtMjmI PuVgFogPYSeZOVvcT4oGyLU2G1w/rByb57xR9mDQAK22MWJxT95ZBUMzssiWs8hl3q7xyuKY7fnF0 1P9Ma2CYQAcp5IJ3zlX+fVwlu9FEJGovOcgDO3tle0rYDc1N15L8AZkn1VYHmzosePvBZvJe9V2Xi KDp7satBTUzm/kSW5TjOJIJvkL7ZL7ei5q7fm+Ss4gKQ3iYxoEMmw1qtS9UHAVxheyaF26or5eIaY jMdS893A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLN7-0000000C1l7-2bvV; Tue, 19 Nov 2024 10:22:13 +0000 Received: from mail-ej1-x632.google.com ([2a00:1450:4864:20::632]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKN-0000000C0y9-2v2l; Tue, 19 Nov 2024 10:19:25 +0000 Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a9a6acac4c3so124343966b.0; Tue, 19 Nov 2024 02:19:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011562; x=1732616362; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=33FGTDxVghKRUjvQxe8n+i0NIxSacmlAlP2N6q7e0cg=; b=MDMkRtlm2E+CfGs44wKVQ65M1VcKe2XPDEkYV5s0STNh6HBenXQ18/c/A039Wqm0ql 0nYcOyBNkr07jf9Xm8VI2dEWVes8cQM3w4PuH+5C0pYEcHH5WqDYnDKOkFbg7oExMKk9 v8NofnWdkfiQnhsmhneMOljiY+S8iOd3kUnQsK1j9/X08Jo++gx34R6VFusIoK676Jzq 0yDnOufScUHcJsazUFOjMRb8rbH+pOWvYgwHchCQ7VYDkf1aJl+Jxx3k6bVk5xB8kW7L vzb2vPcmqiaxYZRm4XBogdFcSYY1qsg+wkeKpBI91aRNZquXiv5thihvMlraDM06FKfX zZYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011562; x=1732616362; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=33FGTDxVghKRUjvQxe8n+i0NIxSacmlAlP2N6q7e0cg=; b=wDyocGNXUgz6/mrBANEkf0UbI4GTQsC9exFslM5+U/fMHiJOhOSRI5vlRXxOstLPmw 7Zzlc4WKHBZwx7jzJVxQsnx3+mc3tStBdzmtcpRGokqEb+X4q0m+CO1SztU0F8+IS1iz ubZefp1YK1xO/3J+0WTWRZEDZfe0ifRNPsAlnk9YNYXnfNHfhtFFid9j7gMJfYsIClvO up6AEegWmJ6TZXomQeuLYDsk4WipjiT9WBdlVuryod+LuilQiHwy+DfU+8ozV0TvDeoy BT/71pGBmAkU9U6AQp04+z8kgxuVw7qxacEdRBW7KVeKErj6rdjQBLUAm7XeAR1hJ9e7 Umaw== X-Forwarded-Encrypted: i=1; AJvYcCUezfSLsI8Hrg+F9APjavqCdplPsK3bziW3BDwkSofuMeJtATXCzv0EfExYbC2gewtZ2MJlvSTJo/kytAoJao4=@lists.infradead.org, AJvYcCWH4F9kszV5UdzhgTRrSYh8Ka27/pxXKXTrDPWIYz2lm+3fjKwZaiQ2542wmTO64SaT5PaNP4cB6AeHhqTxUuRR@lists.infradead.org X-Gm-Message-State: AOJu0YyKkXMEefFyd0kBnPw3Z2Vr2bKFgjDXEKbHSKNLHfrMkIgPnXZ4 1QQAPXm2hJ0qJlSKwCEgX43bvmINl4dI5aMEbLbVU+NUnLqTt9Xr X-Google-Smtp-Source: AGHT+IHK3RPvVbNkL0ulMmObg1fv6oLItSdSeQYUnbTgITRiDHxNBFC5utDs26XSVr92XJ7sV7zGaQ== X-Received: by 2002:a17:907:96ac:b0:a9a:6477:bd03 with SMTP id a640c23a62f3a-aa483525d3dmr1598769866b.38.1732011561338; Tue, 19 Nov 2024 02:19:21 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:20 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 02/14] netfilter: bridge: Add conntrack double vlan and pppoe Date: Tue, 19 Nov 2024 11:18:54 +0100 Message-ID: <20241119101906.862680-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021923_770145_D915BE4C X-CRM114-Status: GOOD ( 14.60 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra --- net/bridge/netfilter/nf_conntrack_bridge.c | 88 ++++++++++++++++++---- 1 file changed, 75 insertions(+), 13 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..31e2bcd71735 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -241,56 +241,118 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { struct nf_hook_state bridge_state = *state; + __be16 outer_proto, inner_proto; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): { + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph = (struct ppp_hdr *)(skb->data); + + data_len = ntohs(ph->hdr.length) - 2; + offset = PPPOE_SES_HLEN; + outer_proto = skb->protocol; + switch (ph->proto) { + case htons(PPP_IP): + inner_proto = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + inner_proto = htons(ETH_P_IPV6); + break; + default: + return NF_ACCEPT; + } + break; + } + case htons(ETH_P_8021Q): { + struct vlan_hdr *vhdr = (struct vlan_hdr *)(skb->data); + + data_len = 0xffffffff; + offset = VLAN_HLEN; + outer_proto = skb->protocol; + inner_proto = vhdr->h_vlan_encapsulated_proto; + break; + } + default: + data_len = 0xffffffff; + break; + } + + if (offset) { + switch (inner_proto) { + case htons(ETH_P_IP): + case htons(ETH_P_IPV6): + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = inner_proto; + break; + default: + return NF_ACCEPT; + } + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } - static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { From patchwork Tue Nov 19 10:18:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879595 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B2ED2D60D1B for ; Tue, 19 Nov 2024 10:23:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Qi0AlNa47OjnLX+zdNkH8pnYspHiUC9rPn7VlkLtCao=; b=wcZo5TIAU74WamLh7qjCU1cHsq CKgiKPS60U53j39nlBdYUYyNrhn8hHLO540/bHHWjOfJzI6voHVFoXfB9ePBb+kaLXAsqvAyDXd/F NU8WlOIwRRg8DI1C5oUeVAvRgNtV58Z16htngYh8KLsMu5tLS0V15O/h5qEurtqEuPWoOSy3hUjRH ix7ExIULYSb7puBz81mMTq2lLsCM4U8qaTpUa8T8XjiSSc1ZMZeVIKvK9RARvNnDj2CouLTu6W3Su GaoVG2PHBW3xPTpABMr/5nkdogqvIjjEMOIjRE0AhFutkKPuGPVv750BS9N3KRuwpkOB4Q/jov0KL RqKKKaCA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLO1-0000000C20a-3aS3; Tue, 19 Nov 2024 10:23:09 +0000 Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKO-0000000C0zD-3uP1; Tue, 19 Nov 2024 10:19:26 +0000 Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-a99f3a5a44cso95606666b.3; Tue, 19 Nov 2024 02:19:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011563; x=1732616363; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Qi0AlNa47OjnLX+zdNkH8pnYspHiUC9rPn7VlkLtCao=; b=Cy1SpyIeakMgCjk0zw0pqV7l8VL25SV8YGgknn0vV2D4YaHpEl+osgiCdeZ5vTGbgH HnqRzEER0U5plJj7NmOYoHvvWjeJLkkqKjcEck2p4FbINYlVEQqTUYBCkmAmb0fQ48Kg d/0q/NYzZY9GrERIBB+d6PtpcnLzdhRGimJ2ur1YaO9bX6zXRV5cuoeySISaMDK4N3bx csu88t2Wqi9hMVamuvUkDA09kVhBJ1F571qo2RfA4rNoYRiupVkgDEO6cqbpicNwB4Rz SsWrOkN1jb+f6RNtDw2fT0P3tUfUNEE5+vP78Dna2yP+r0DNNDsmU/ZrbCpM58F9so1o d65g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011563; x=1732616363; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Qi0AlNa47OjnLX+zdNkH8pnYspHiUC9rPn7VlkLtCao=; b=fag1KYo6x2BwyBykUFyBdkLatx6idSTwHMTjWUarDBjHhJfwfKCb8CdZA/GHrlmYf7 MN7yo8YPyYctABJv+GkF87M5G2T0FQUfIk7eH0Xw8gc5SHWWbJwqH2y70QH+fyNQBp7w GOKXTNL1zzA+Yg8ACePyxZWhGfc4uighR5ROmx/z6XVuiqweC771eDQLvkAVPqAtMHhx LrOf0AD8abcxBwinR0J1bIMIyvRHlS1SrF4buAuMShaOtBKZQ0VTfWeOO7npqtE7UmHh hZvFlgNPjJAWXX4JjoOF8HpELMm1WAVj3YyKAuDHjO/JBR0JfBISWAyTda77ADkigFmZ tOBg== X-Forwarded-Encrypted: i=1; AJvYcCV/ZqmBIs3xfCrt6uDbFjkMGhzy2JjeXgeqK47CYO0Pqp/8STTpQG2O77yjRqKzW/khs7Io5gIpVNE/VESmScHU@lists.infradead.org, AJvYcCVqeh6sc0OeSIb2yvJgJJEdVgkwNRpHghUi0K8uxMzjdFqWjHx4Zw+59QiQHvTUUJDxK3GF4Qo5vZVZ9HT6PtY=@lists.infradead.org X-Gm-Message-State: AOJu0YxXPMkocfjUlyXsuJO6I9swoi69fFf8q8iuE8Dp+o94GpDEYE5J ky7d/7ZQm9Qm84/A9TdeWFBQfVo/CCtfdaXEjFO8r6AZsOLUtOyn X-Google-Smtp-Source: AGHT+IFgtvvx9QxVfYb+i/eHHWDw6v24GqRwyxuBvltZN8tRLFnZjBJN+NHnVp7SFNVLDR7NZlEVpg== X-Received: by 2002:a17:907:96ab:b0:a99:ec3c:15cd with SMTP id a640c23a62f3a-aa483552e2amr1511647266b.54.1732011562657; Tue, 19 Nov 2024 02:19:22 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:22 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 03/14] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Tue, 19 Nov 2024 11:18:55 +0100 Message-ID: <20241119101906.862680-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021925_013189_0C1B8F71 X-CRM114-Status: GOOD ( 12.72 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 7010541fcca6..91aa3fa43d31 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Tue Nov 19 10:18:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879611 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3874FD60D1B for ; Tue, 19 Nov 2024 10:24:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=oNtMqpfiZ8j9VP8YeMgt8jDUBPMHbCQx5OGfeubdb70=; b=IxoRido9s695hbuTvRF/+36Ju1 SNJ6Sx0Q6G8uJ8Km2d+prNqIcvkyVziQHF4h7M08ObaxmZ9+sMZLExgecNUSFIS4B8gF10iyOB6Li IzltNDibyu3mbd+svoDHIyuBs3s9FotZQ/kNBTgPfbawvpo31IDonqJVbQAMxyzOWNWW+Z/mHICLf Zqnvpt/MKcMSCVlQc5CblEVscs0DoepnARnqfyFmP3tR7sDPs55NY17fMZQH2QYPgkHf0wg0K+rhr pR1gkFdIPeYSBzdl0IbMqoqgQFmfQKNHwlw/hmnRutwcO3yY+fPhVcX/CHl6RJAbzpDhPWfz7EpR6 /s7s3nkA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLOw-0000000C2He-3zYR; Tue, 19 Nov 2024 10:24:06 +0000 Received: from mail-lj1-x22e.google.com ([2a00:1450:4864:20::22e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKQ-0000000C10B-24Zk; Tue, 19 Nov 2024 10:19:27 +0000 Received: by mail-lj1-x22e.google.com with SMTP id 38308e7fff4ca-2fb51e00c05so37921341fa.0; Tue, 19 Nov 2024 02:19:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011564; x=1732616364; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oNtMqpfiZ8j9VP8YeMgt8jDUBPMHbCQx5OGfeubdb70=; b=GBWLqRtwi7YuDiHjN86J5VUJW4tBTY8LpMP/xErtFbQJzyIZFenGvehPICDfl2d2Q2 ASuKQBU52xt54UADH2ERZbrFptdgjxMm3KP0WurY77WKMI9Fjts3yBlGNvHCcnPUMt3u d2jBbRwJESAl0VOaeZhRxJnrVFxBIdqISd/RyIDdO3QSn1q6UiR2ZLcvnXDoYlx2Eegk zxvb4wOYcR3EXyiB3aufdfVZCdRL45/hMtfP8UZ+lSWgIP9wjtCwTITPwIN0V6U/XqSe e96YCoRQj1t7Y4+DlCywhwkM/QCl3Ua//TKi1cmoUFFAY4agzIBirQNj8Wy3GXz4Rkj5 fRLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011564; x=1732616364; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oNtMqpfiZ8j9VP8YeMgt8jDUBPMHbCQx5OGfeubdb70=; b=A9y15ymQFYm3G7eZk1FizmT7A5UferNFwF0zsCbrO/sz3DMbmMaUTWkJtfc6i4lLbb PmGLAs0lk1Jz6Xq9Mcp0OjWYu6nsd0v+clACkbr6fN5V1hgK9WOEWb2DgVv0aR53ksnB EjeVbeQ1/sOLS27SLA5RahenAjbR/bh1PrLxWnOJPW6VV3EEtx9g4sioHARQCZbCqvBM y5YszcXXF0+MScmn4TLnnlb6EPx9edM+P8t2UqB7p1aJi+c1+uv4OvRFf8e/O7kXWEDG 1Txsipcw58L2nGAY96zOSPLFueX0DD+4kYBuhIsr8gjoeIkc/Ej25SDF1hUNxSZAnPQI yUKQ== X-Forwarded-Encrypted: i=1; AJvYcCXMMNkTQxrbCkP6G9uGbuPNjLQze8HDBgBiidiEVuNEAO7NfuDH6wDHZmeTsCt6uXFS7BWAijCUBwmvExVCixg=@lists.infradead.org, AJvYcCXzpnSAQtRfzie4IDQj+ejUqpINGxNZFcW61D86rbiejh3pV739+8wjRUJq8Ruw9VB30gk0Uh3P9PhcTz0IzAgY@lists.infradead.org X-Gm-Message-State: AOJu0YwmWGUrfcIKglFOkLjeId5srODW8ZEATinKU4MAK8r5pQYYTu0O VAF65hpZCdsORCzTp9EV3RZ+z4CQ6efGM4zC+O7Ujd/NbkSDTdO2 X-Google-Smtp-Source: AGHT+IHPphanLQvn1smAWqmqpsVVY1N5Pj6CCsoY8pRu0n0GdFTRRvOQ87pUfg0ubCpmZuXrqQ7tJQ== X-Received: by 2002:a2e:a9a9:0:b0:2fa:c0c2:d311 with SMTP id 38308e7fff4ca-2ff60610642mr89237351fa.5.1732011563899; Tue, 19 Nov 2024 02:19:23 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:23 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 04/14] bridge: br_vlan_fill_forward_path_pvid: Add port to port Date: Tue, 19 Nov 2024 11:18:56 +0100 Message-ID: <20241119101906.862680-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021926_567415_5F871896 X-CRM114-Status: GOOD ( 13.78 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Lookup vlan group from bridge port, if it is passed as argument. Signed-off-by: Eric Woudstra --- net/bridge/br_private.h | 2 ++ net/bridge/br_vlan.c | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 9853cfbb9d14..046d7b04771f 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1581,6 +1581,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, @@ -1750,6 +1751,7 @@ static inline int nbp_get_num_vlan_infos(struct net_bridge_port *p, } static inline void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 89f51ea4cabe..2ea1e2ff4676 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group(p); + else + vg = br_vlan_group(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Tue Nov 19 10:18:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879612 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DFDC6D60D1B for ; Tue, 19 Nov 2024 10:25:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=3IFIJoTYk6YKRTRNHwxftMTYmZfYo4cB7iVfLaoFmHE=; b=vst8zEHkO9den09UykbhHGbvxK rE4qmvBYgwcx1z8BuOaNPJnxFCnfLOFOSRi/HzP7vQg0ppmsz3kQPK91YJ1PqYVFU4jza5dWiWLXD QO1K0hpjzEvxF3X5dTOxc3lQiKYV3BZ3NENxB+FZKqH6bYvMIQj+Dpw64d2nkJNO+2XelKRPDffq6 thEFGSms+dzRsKioXP0EikomLt9qFwiLlFSkepUqANadM4VXO6MSfP9V1Em/DvSLhXBgtmfMrzhlm puXfOpDvP8JBCR4y61IN8b9tIHmwoozw9zpqQ5INmaEahKOMKJmkQ1NNDiPxwb6abqfU41s11cG1N 6D8hpGUw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLPq-0000000C2XR-3uBt; Tue, 19 Nov 2024 10:25:02 +0000 Received: from mail-lj1-x231.google.com ([2a00:1450:4864:20::231]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKR-0000000C10h-2s2Y; Tue, 19 Nov 2024 10:19:28 +0000 Received: by mail-lj1-x231.google.com with SMTP id 38308e7fff4ca-2fb5fa911aaso41639831fa.2; Tue, 19 Nov 2024 02:19:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011565; x=1732616365; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3IFIJoTYk6YKRTRNHwxftMTYmZfYo4cB7iVfLaoFmHE=; b=bzMarAVpnyKkGgdgVL5Fh9kPWTxX7p9IZ4FFbOy/6EYsxRZxT9b8Tu+6CL9S4/epxs LHdujvlGG21JKl3lf2MfTlNJchaE/tcuh0OueGlCEAqf3fm41rV+Dk83OGX2jqM3o8j9 ICJvYC7+55ApiPySSVOt+ettgq19WKBw9nTxQRF7tj2XYyFuuHmj1NKyRJWzJp2D6uL7 RGba2OW0mcavZDVGBV0p4YHMmfJZVZVWtUZM7DTCwUtnm1sJe1ufoD7g68mJULb6GMeH 3ifBf5EO8jN0rHTYP5I723nR+KO3f3zH/37dt5qDHpAmqkM6eirfqYHEsA/tr+Dm3F1K +d1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011565; x=1732616365; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3IFIJoTYk6YKRTRNHwxftMTYmZfYo4cB7iVfLaoFmHE=; b=Qtt8ke2abXSGAGB4D91vMO/78x/d0qGl1YQIFdPKkbQawpXAvZmQadW8y14VxxL9R+ ISOLdopuP7nmgKxkjCBJkqhToaSn0xM8N9ji4tfM4sZe2gRoNeJOkan7hfbJqp3lFTHQ Bb0NxRHc3VYHj451EoVBaqLVkSO9+oSuBci0johsdj03dskBPahdAr3SV2ktrUgmvtc8 qAQfHzx876HN4jX9U6VT68Bf8S+j0ul9wBJRq4/SemqubKaFHnbpJtzpNrbtedBxstBI YlXl8cyOWigICJwMSg8d1DwiWYaYmt7uwT6O/+NeMVyaDRXG0CZ4KkMaIpT3PHMwXi69 nAsA== X-Forwarded-Encrypted: i=1; AJvYcCVHnqWhrXpMxVg1kb3DxH7W4o4bsjhhnLy2Opw8XWSAqdEsyxt5EDX/mozYh3UogVp9r1+84IERH5tn/xUYZBiY@lists.infradead.org, AJvYcCWFhPZ5i2W7MMkjnHDI0RXmfTGNfHX5oa57RdVq+0cbQy7hGlmj3PRn3IynZyqhaq+MqE5CSu3ZXtJCa5+vY4c=@lists.infradead.org X-Gm-Message-State: AOJu0YyC2T376VVNUXnL+CibAYvB0VWeFia4SelyD4V2u6Jc7JnbLhhP J1W/rHnMp6tbiP2F6b/Sy2GEQuv1EoyuiQhDp0C+gPnd6iFaHKVx X-Google-Smtp-Source: AGHT+IHnkAmZBG6E9wO/q7BJvCC5UomYmpRer3uAt1HmEjIcUorcDjARLDEPuztshHFwg7HC5D+dGA== X-Received: by 2002:a05:6512:32c9:b0:52e:fa5f:b6a7 with SMTP id 2adb3069b0e04-53dab29e907mr9290473e87.13.1732011565255; Tue, 19 Nov 2024 02:19:25 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:24 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 05/14] bridge: br_fill_forward_path add port to port Date: Tue, 19 Nov 2024 11:18:57 +0100 Message-ID: <20241119101906.862680-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021927_719375_F5FDD7CE X-CRM114-Status: GOOD ( 13.85 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org If handed a bridge port, use the bridge master to fill the forward path. Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0ab4613aa07a..c7646afc8b96 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -383,16 +383,25 @@ static int br_del_slave(struct net_device *dev, struct net_device *slave_dev) static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { + struct net_bridge_port *src, *dst; struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + struct net_device *br_dev; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); + br = netdev_priv(br_dev); + } else { + src = NULL; + br = netdev_priv(ctx->dev); + } - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) From patchwork Tue Nov 19 10:18:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879613 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C26BAD62069 for ; Tue, 19 Nov 2024 10:26:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=UhjXvlF/z+0rM6u5ozJqSa6SbSygSBJ+zrfQOupSHO8=; b=aez83mIe4GDrgZKQpCMHhvlwDM UfqoQUslpIavq414eWcJ2QIgsJw5mQWxw0Jd1kV8knh3h/j/+Twu0/GDP2cwgKxPPYxfcFRsYCGZk 4boyKG+3A8qbJSowutOkpCN3PtOPKVDem2QK6D9sHOkf98y2VST9W0f+w1AydPO4/lOZLoLub1mjn ctnq3wATS05tS1IxT7Sk9vExio4OnG/A8auARHrSnNmApYFR+XLUdcrjvr9Fvy4Oy30Xu07htSM2r sxeda1FADCIDuD9piP7lCvkm6KESOJVIVBt+9rtMGaMkWzfsEVioFv9ebx0Z4nhY+18umg9J4vFQ7 pfEctNZA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLQk-0000000C2nJ-3cLC; Tue, 19 Nov 2024 10:25:58 +0000 Received: from mail-ed1-x52a.google.com ([2a00:1450:4864:20::52a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKS-0000000C11H-3xD1; Tue, 19 Nov 2024 10:19:30 +0000 Received: by mail-ed1-x52a.google.com with SMTP id 4fb4d7f45d1cf-5cfd2978f95so2085271a12.0; Tue, 19 Nov 2024 02:19:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011567; x=1732616367; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UhjXvlF/z+0rM6u5ozJqSa6SbSygSBJ+zrfQOupSHO8=; b=HbhDTOVIJZJciD0oy62pzhXsq4JNhhdrugmG3/0hqaayDOcVJIr/j2dqcprzWvnOHZ tapAZlaWrc2GiuQLkeNfgRWCuKRVY5i8/kFgb0IMxOoAb0cGkUNUqE/oQzRcUhcFklFS gZrRzIG7hL0v3C5uAXZMABSnGZ/CJBRFcaoBzwJHR3giNieRoBX63D0jDcYofEV2aoaF 0lugt9PdFjbDwi4VmKunz0tKG2rBKZEcYkPRIHgpjLK4sf+nfHJX2d1afrFzOisEhvUL BkYdoqsFLTkThML8Z2DPyuQQ5VVqG1P4PgQzeoJaIhum6BZ14McvoI+nkCve3NZvYCiT pI/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011567; x=1732616367; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UhjXvlF/z+0rM6u5ozJqSa6SbSygSBJ+zrfQOupSHO8=; b=PlsNLrZOHQVM7cE8LUYXf20vXkONgCh0oA7sMtkrsV4pnx3HC1PzNkSAyDchCCXA4b wM3B3bpxTHw3Rrmh0RaDKx36akuRY2q/IbChdhb2dzJiaYKgRTEXZRj/01EG0/YpbnAq eiptKA0flJ/j3IEm5LW0MUFdilnN+yQLSU3TPoixcRWu0SrXJjswKreg8R34omYwOHkV /ESJGTtrykQaDwL2/G8PizNshL3AkTnuRt1mWFeKBOw5JNOZSgcc3kBjMFVuZ2qcbdJj Co3O7mgh/kaG4rijGyL+S9H19/JNhaCPXJlBoOYd4Jbp5MCHB80oWibwsZmTxTxcG6m5 ZJbQ== X-Forwarded-Encrypted: i=1; AJvYcCUGs7jsxM3/Ngyi6vZ3YbNaKna/k+HfWC2FXVkc62D3s913K285uJ4qMFlT1FF8r4/cH/dnhxDdPE4VGN6Xipk=@lists.infradead.org, AJvYcCUp3ur5dWDk5dSjMoiu0pQ25Oc9oTFXXK8V6CgpuMqxMxDHMGwjIm7Q6g19hlZ8ZtfKcOrISSucSpc8B6fV3WDd@lists.infradead.org X-Gm-Message-State: AOJu0YwvVSyVb49OPIQh7QKaU3BGYqb9K2i9qJF/F9R8/omf744ac0Ca Rz5R/mYbK4kLMyFGqJBGJsctngoMlIu0kWjFTD9riatFZbFSqczf X-Google-Smtp-Source: AGHT+IGzB93ZeO7pNN+fEomEYrj7b7jdCBNk8D+nmWW0jpw6ZssNgDprYV1yl7YzBLGgZvsa4c/n+g== X-Received: by 2002:a17:907:9303:b0:a9e:d417:c725 with SMTP id a640c23a62f3a-aa4833e8fe9mr1613209266b.3.1732011566595; Tue, 19 Nov 2024 02:19:26 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:26 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 06/14] net: core: dev: Add dev_fill_bridge_path() Date: Tue, 19 Nov 2024 11:18:58 +0100 Message-ID: <20241119101906.862680-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021929_026739_DFD68149 X-CRM114-Status: GOOD ( 17.67 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 ++ net/core/dev.c | 66 +++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index ecc686409161..15923d177f9e 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3143,6 +3143,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index 13d00fc10f55..f44752e916b0 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -713,44 +713,84 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; return ret; } + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + if (br_dev->netdev_ops->ndo_fill_forward_path(ctx, path) < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + return dev_fill_forward_path_common(ctx, stack); +} +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /** From patchwork Tue Nov 19 10:18:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879614 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1427FD60D1B for ; Tue, 19 Nov 2024 10:27:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=pdMZzUqlItAKYCipC8R7CKRW4bj0To7qOhyuRvVgeD0=; b=y9yHYBSZNWwTmeU/z/bUBlqnZN GPGy+Fz6AUlz/YlKs7sr+bAvoLRhhPugElyxx6zPHZ+Zl6OgpMl1OcI73xENalZMyLZSb9JIPtDW8 hin+MKSwYOyDiSpKV77dyLHCs3+wOaWAgpfD+MdSiOAts/CNnO50Zl8hy+BPU6KtnpyIkHuqHUKcc Mengjqwl9a8M0rwW4wGHgc3S3K+toQP6gb7PazjvixHVxuzCkgizABxkKy6hzPkFozw+Vkhh/LLbB 4ED1CJxjyGLfD+IPhrlNlh+8woM5dqocJHkXYqEojtSWLJYsX2cdE30UrVQmB4Ua7Pb6Rx3ZAqXl1 UyXLZCgw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLRf-0000000C32b-0Zoy; Tue, 19 Nov 2024 10:26:55 +0000 Received: from mail-ej1-x630.google.com ([2a00:1450:4864:20::630]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKT-0000000C11x-2zee; Tue, 19 Nov 2024 10:19:30 +0000 Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-aa1f73966a5so605799366b.2; Tue, 19 Nov 2024 02:19:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011568; x=1732616368; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pdMZzUqlItAKYCipC8R7CKRW4bj0To7qOhyuRvVgeD0=; b=QSPLT6Q3zIXkTSkCDgc3fes1tSjHPJ2716LeTkj/D2MFDD8+WmW3n3rxnECjlpupue iBNwwTS9VRu3SuvZWeNVq6N81xJ1fOICgYNijX3vg1FrL7XTAeUP4+6/rBWVTcj7UvsW lgjYYnJ4JPbQfL09qtG+9LcmYjVt/mPonuKHiiRBnCkrpIv1xCFx32dVTYfcbGF7Vsus iqts1R+eJLchMHmhnW6gPnWRPRykSjePpVOgqM7ikVcAejewjEGHegDjKdeSXU3CoMUP J+I5W2h8hkKQZYXl5ACD7YjmR7lmYTMoUP6kb22IAFT+slQcaUnJ0YmtbATJyNy0nIpN 84Gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011568; x=1732616368; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pdMZzUqlItAKYCipC8R7CKRW4bj0To7qOhyuRvVgeD0=; b=W98wFW1ljennu+jptRxCZR67xDAV8YSUs7fcTMQNN+OzLtobJe/DwtM8UyM1AUsOXZ dPge6r0+6wzFEQDJQKxncPc+pppLioNG6srU2wEMyI5vKQnOZbYz+jGlqUcAKnzJVcgs oenXtFD01SMPGdFGpvrM5FzdqIKqsmsYPfaG7yI059B7fzgHPHxIPc77lsqSdn6BsN3g 4M4L90EyGi/fMOnYRya6X48StmqhrBjkGwFSKFQUFD8VDtbAKmweHwAHoquEv6WS9rlZ FYWhpyStqOzLbRMoGdlVgup+yHVBJmeldN+O+GNhR3s1Y4RzHKGs+lBOl09vFeSUfMTI Q8ow== X-Forwarded-Encrypted: i=1; AJvYcCUHicgO1zQASTmqNVjnOWqco7G0PiTY4mioqKJLU3qI+gLH1HPH/bZOiY7tV0F+5HicCsO10TjuKXKCCWDW7Eyk@lists.infradead.org, AJvYcCVJT6Xd8TYwGjdbJCoicYUmyxR6+IE2lhK4yYvH7iac5XCErkngoINXtqRbdVNWIbvRwzI0wjjkkTbnNEdeHaE=@lists.infradead.org X-Gm-Message-State: AOJu0YzG8nB1MDMveXdb+jr/VRSn+ppi0pU9ShD07PtCGszP3Ut4x3kS Hq76E+SgKxmQgQFKPzjXYjk+a5T5LRv2a8l96FqiSA7G8XYhbX1o X-Google-Smtp-Source: AGHT+IE5L4vgeqmlwvDR/7799c7w2L3XGWClbNm8n2h6VzOovB3/FqcYwFKbh7Ag4naigGnLrOKLJg== X-Received: by 2002:a17:907:7f88:b0:a9a:7f84:93e3 with SMTP id a640c23a62f3a-aa48341a1c8mr1497903766b.14.1732011567950; Tue, 19 Nov 2024 02:19:27 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:27 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 07/14] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Tue, 19 Nov 2024 11:18:59 +0100 Message-ID: <20241119101906.862680-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021929_748959_68208E2B X-CRM114-Status: GOOD ( 11.19 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index b63d53bb9dd6..568019a3898a 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -341,6 +341,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..5543ce03a196 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Tue Nov 19 10:19:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879615 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1006DD60D1B for ; Tue, 19 Nov 2024 10:28:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=D6bOSx9F0JYNp5qomZcy7h/raSRvVGKNY4mEoIJa6U4=; b=X0LacN9sg7LRZx07B2yfzra1Tl 9OMcvknHDU0/6snI18HjwzC6GVYLr7CAaHRlCzcSbkBzVSb0exe3kBk5tnKGsBLEvXY+yppVdY5ba laWWTcV0yYNE7DoGRkCOTEtePHgDuMdlDbJvkqRnSJr2vi38CZlHs/mL0akQDjAz9ZQTbbq/cGOwp 2i3GCAs827hd+tw+VTquxXcjh2RQ35415gZzKpEWKFd91hkMyJfbiG0ioy5sqC5ilPk+2klwvyZ03 iQxsFYumpY41TPgGhwEGAP3vXevqlb9IlooBTEJYskQMLwHgG6sgIo4XMx2avhPL0RKoLV81tzjq2 jRD8uX8A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLSZ-0000000C3Hg-0PfT; Tue, 19 Nov 2024 10:27:51 +0000 Received: from mail-ed1-x534.google.com ([2a00:1450:4864:20::534]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKV-0000000C12e-127B; Tue, 19 Nov 2024 10:19:32 +0000 Received: by mail-ed1-x534.google.com with SMTP id 4fb4d7f45d1cf-5ceca0ec4e7so784723a12.0; Tue, 19 Nov 2024 02:19:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011569; x=1732616369; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=D6bOSx9F0JYNp5qomZcy7h/raSRvVGKNY4mEoIJa6U4=; b=OWTHLu4YCwa+ShepimCOa8eduFyiHYGbTw7zVmhvHLrT62bJUNzbUXEBgkHvXCXzqy 8K7Ld/h1BizV2Ay+hHsEWsD2o17fCTUwTCm6/KmIlSg3xb7DKXxxkKWMRi7J7VofJB+l 7aVB2hCUpesCy/5RDgGIZzcOBWA04tJfnsV7H/4udWl+MHhL2IdL0zq08xrXwAtcWdDP N9w/uoMeUSpLoYcURKqGLaxZJZmVN87J0xqCDfMRJ4yEwVOnBidT82Dy6ED7iKfUzR2W rVHCQVWXyXQ0GvjLaGsvBUYz18XoUoM8D7scDxd0FXQSbPzzf1t6kh5IgCB8mp93Hj3E oK4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011569; x=1732616369; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D6bOSx9F0JYNp5qomZcy7h/raSRvVGKNY4mEoIJa6U4=; b=uCNIFjvuJMqoEJCy4apLIpruxZ898B7LswLwd1s3E5WUNy75qjHZqmKL+6vvXcGypI ioUNyUNGkAp3nYrbg/+szmNh9QN0TGGmp59lQ9poddlku/IcxS2wityplm4JEEpFqXKw dzvrkaNZpIgD8pnF05lSQRdwNLqe/XTLgC7v4T1aK63Q+WdZe8gqxQxjlt78dZQk4XPK CHylbNgebHaNh8wHjHzbgLOgJIFw/YtM8ZQhj2pRGYziMZZgaZiGzMJAG1VluOVlNLAW Z4A1mjTPuEcvO+RnAR1xZmZfWjRhdL6694JE9Jp6c8pBvso5i1HB/Nrf/eqREuwzeSwE MQQQ== X-Forwarded-Encrypted: i=1; AJvYcCU88rozoJ6mwgjK9wfkoqPSBZTkBdmM9PDVhvx5bll3d64wnUtSw6vStJS/EDXU/0LUiL+dA5UckAg+3NxiB0Y=@lists.infradead.org, AJvYcCWavmLiFmaGHQ73eNkvpN+PyEscO1P6sHSFUjKq4gDLz+gVbIK83/Pa2ka4tC2ln2PDTj1WUSYzh123v+Vy0vf0@lists.infradead.org X-Gm-Message-State: AOJu0YwYZLRTEoG7lHf/xOxSJ1Mn6R9/DnqzYkBOWSvPVbhJ5o/C7JMR QJ6OV/Lzr0ptXbAduwDQBOn9OTLwwchV5xCd/7Zpjv6O+jhkXtKJ X-Google-Smtp-Source: AGHT+IG4oWs8UOYUh0SfCm6s9PZ7edWvV+3g/BCD/rQGn8EB4n9k2Znl8dCuVvZlTq+Io1pQtKbeBw== X-Received: by 2002:a17:907:2682:b0:a99:fa01:2b72 with SMTP id a640c23a62f3a-aa483489f31mr1130230666b.33.1732011569157; Tue, 19 Nov 2024 02:19:29 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:28 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 08/14] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Tue, 19 Nov 2024 11:19:00 +0100 Message-ID: <20241119101906.862680-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021931_281026_CEB1F9D2 X-CRM114-Status: GOOD ( 12.65 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Tue Nov 19 10:19:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879616 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AFF79D60D1B for ; Tue, 19 Nov 2024 10:28:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=3u3z/3aqnlj2QKTkwMuuz0nzsflPHuugQE1+9CzpwS8=; b=dNbxNQNcRTErJZV3vpscx2ielP FG+PVoe7uHEQFu0Ws+tN8rCbPVqorCnGE94vndwT6WjfGfOGKYssOhWMzmhYtQkoPEMJPlto23Siu pGcKXqCdhSIeQuQ4UiMaaWSWSsnZGZRSK6lsl+rT2XYRGONu+2Dgba1XNc67IHru3tUJAHypegV2u j2OM1hpI8ZBTFg+p5q8yQmvJh2RdjVCZOoqVPbzmUlB2vIcL6U1Nvshbrk9bozBuF6yrWpTPnzcXO slgDXYS9AodUR1jSMAQgvUNI8DXDk/yH5AWr0yX3eFY+ByzJlkve8P0MApEDAvhcf4kwZRB2NvgE6 o+LFKNWQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLTT-0000000C3Ud-05LM; Tue, 19 Nov 2024 10:28:47 +0000 Received: from mail-lf1-x135.google.com ([2a00:1450:4864:20::135]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKW-0000000C133-3474; Tue, 19 Nov 2024 10:19:33 +0000 Received: by mail-lf1-x135.google.com with SMTP id 2adb3069b0e04-539fb49c64aso4245511e87.0; Tue, 19 Nov 2024 02:19:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011570; x=1732616370; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3u3z/3aqnlj2QKTkwMuuz0nzsflPHuugQE1+9CzpwS8=; b=I71wXhw0BiSfYNzWGGTNo7H1Jzug0a3hZrsryw0lZN+Cg7Ytx7L8Ni8tfrUMdHBvHh effNKDprx4A0PU+219AchW/ThZ0uuEjA+e/EOuuuHrsh6e7t3wfVQNVeG0vCc6VDAmjv k8GINAubwnd4sJt47HIaOcdMFKPEKBjw8W+FvY8e8DDeWCuUYQfRh2j+GP5HW/eZOO00 Q2+Rev1pWFUMxM5/pXPgmmGbb7OM3yIgYTqC6JX4GpoCPaYUN6YAjHVbD9VkVSCv8+vN ioiRS3IlVB03YZiZKfLYoAICLuCNplyZ92HrcuuDj3uTNE+S4YU50tjrAuPwqINtNPSQ j/gA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011570; x=1732616370; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3u3z/3aqnlj2QKTkwMuuz0nzsflPHuugQE1+9CzpwS8=; b=TMWT1juVAXmi6upwjUwKhqq+idsxRkwe/9R1L4zyd21r4KE+qka2yZSL7g5unhaKQm qYSSbSEJnC+1MXndlB75fWRq8S2Coe4wStrz2H8wKp+cyKdjXQ250Z2Fym4pV7ghwyrO pjha/xWNwsW0T27yP9G3a5sxxPXC2Urx0OI0PsxX8o9VOEjLa2bYBuQdufn8EPVyGflO rkoAR2jtaBcW17kz0+UdYGScKiebuqegltIFVKXcha6B/atgkwWwCVGAT2HJqFtNzA41 o7TXIxvyXl9FnXLsWWUr+wMzh/Dllc5rXIJE1h1Kmp4LHJNnh55Db+Vo6LYwh6H82OLJ YkeQ== X-Forwarded-Encrypted: i=1; AJvYcCUFugoRDvG5hDh8YDcJ8+lcLi6Vt16CuEq2oBhVHZsvqdk0bbCKsQVS4ZhydtKMhitD/P/L4czjw1uT1XwBJvQ=@lists.infradead.org, AJvYcCXyJHHRkW5LN7iTFCRNyEfJSOkU/KP4BUs2VQOrrjwjbefbpsLzvjWEpQ94n7GtevSDy0sU1XidyfTq5fEX2B9L@lists.infradead.org X-Gm-Message-State: AOJu0YwE7gLV/Y+yJSNu5zKchblDqfCH+UuR86bJefwrTNyf8461ptqM HkCt7R+CjfhLxDBlPACGK5UTBWBsZ1ZxVHd0KR3N9dEb8D0VJvIn X-Google-Smtp-Source: AGHT+IGkiRcx+4ntGYaz++MVtIBeL1R2ddFZ1Ewy1ZLQRMvnRephj/zyQ1UBYhWvJx/x9a4afZDUfw== X-Received: by 2002:a05:6512:3044:b0:533:c9d:a01f with SMTP id 2adb3069b0e04-53dab29527fmr10641351e87.4.1732011570368; Tue, 19 Nov 2024 02:19:30 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:29 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 09/14] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Tue, 19 Nov 2024 11:19:01 +0100 Message-ID: <20241119101906.862680-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021932_770412_BA7A46CF X-CRM114-Status: GOOD ( 12.00 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index cdf1771906b8..cce4c5980ed5 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Tue Nov 19 10:19:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879622 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CF07ED6206A for ; Tue, 19 Nov 2024 10:29:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=85S0Wgk4R14tSlRD4buKO5TXxTAg6c1gFU6+LoW44DQ=; b=prnmWDg+ZT2JQpm7c5kmiTKyrD nDkYFf3Loa5qkDkQghE+pKF056GkJR4G5Y02z0AXU1u6Q3Kfr2U8SZqNiy76ZvYx/J/KawIG4eXh/ ZZyi81GBXk34JGB8JWK2JsqaPU/TKf96+YqMpttsqns5AjrG0IIiYcne51lv1GReWaz4j0Ncec0dD cQ89PaOgMQEPxBe5TaofGHIx7II+0OFAMbVGjyZHjU4CS+37rAYgzFXG989HOqVBSo0mQo7hsOclO N4qV9yIUTOD3LrcVJFuJBR8kz3JEiHJ+fVSEPN2B8Ccvczh35u2n3hZbW0e9ctr4EnbmKm2REBWMi f0ddKGiw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLUO-0000000C3lQ-0CCW; Tue, 19 Nov 2024 10:29:44 +0000 Received: from mail-ej1-x630.google.com ([2a00:1450:4864:20::630]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKX-0000000C13R-0CWc; Tue, 19 Nov 2024 10:19:34 +0000 Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-aa2099efdc3so965772066b.1; Tue, 19 Nov 2024 02:19:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011572; x=1732616372; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=85S0Wgk4R14tSlRD4buKO5TXxTAg6c1gFU6+LoW44DQ=; b=FdNuR1sMJKTaZQyZGl3sFkcn6aoK066rsL3W/zsEbjfttEws4V8RvtqaGcx4ZKxEiz pxQb/l1h5ganc/vPxpGv0F3AvImXfWGybwxFhllg3oog+/2HQoA0j1aHEiYeWnu1tjK/ QiTp9z0ZedtAMlDIerEfIYZX9lqL451k83sytL/0hsYhn9A9X1L21vs/8S+8J6f45PNx EY/Ykcb1nm7HbQjEewuLO3P3y6aXu/d525UEVGF6RPHS8ehYjMBKyRP2mIXz5mYklY+n xMi86XLyszxkOMA0aQlRJZ/ciBVSQVadhhBx1z03Edd+y9hHKdjYz09hXGF+w4tZg5KK qwtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011572; x=1732616372; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=85S0Wgk4R14tSlRD4buKO5TXxTAg6c1gFU6+LoW44DQ=; b=mH56TYDJ2OmBK81BfJDLKthhxh400dbOkrzitaDagZYU6T+ddyuq2qWipSUhr3F0JV bH14nlvoS1/Frm90+7JRaJanL7KUimkZryDvyuK8ZOJWW1sVPMA9Iss891WxYzHTnkf7 dXJ8PTDT5+uqBuhh5nMGbmWpOYXhKZtKBhII+8/K6K//jqAuGAlRc69wdLeTs6jupZrq ivd/g7fYG/LlZP6CZg8SjU+7Iu8foCy1s+SRGBiPhmdy/FIHEK2Kg/ujYiEND8Nz9xVS gJVHAH4KvRO+X5ohIeH2ZoYvlg/mmEGGkLSJdqY7bFpje9rlH/qiyWDmQx+3TFEf1D/6 3Y6A== X-Forwarded-Encrypted: i=1; AJvYcCUTdJrGy3UDifQx2xjnEqE/cnIX8NYkGa6O8VKMXgfRCbORvBXK5CIo4z6kDcSy+9C6dnohEYUHWaymtgm15xw=@lists.infradead.org, AJvYcCVk7RSowXrf4LOCmGwOh14BKC06K2VU7TnEEJCKgSw8QkMnrkQjrvzf21+FOrYIIpjmXMDLyx10LZFUWRplhIX9@lists.infradead.org X-Gm-Message-State: AOJu0YyC2kJvnhaw1Wtcqp/ZVR+w7MtpsXxDCfAKmZsjFGHWs1nN5JuR gKB8VUtpYfYRbZLJcgGz7inIIYzeoEMYStW8iNjCIoqBtV1xHBDF X-Google-Smtp-Source: AGHT+IGzVDghd+HHCKlijYAqrFFNL9wIfOoTroQPxMyDYa4idVXMvA5nnKPnghWyNvh8dPU7HPTv9w== X-Received: by 2002:a17:906:dac7:b0:a99:fcbe:c96b with SMTP id a640c23a62f3a-aa4c7f2c8fcmr220655966b.25.1732011571689; Tue, 19 Nov 2024 02:19:31 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:31 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 10/14] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Tue, 19 Nov 2024 11:19:02 +0100 Message-ID: <20241119101906.862680-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021933_084428_5D09A63E X-CRM114-Status: GOOD ( 13.39 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index cce4c5980ed5..f7c2692ff3f2 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -106,6 +106,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -118,6 +119,10 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, i = stack->num_paths; break; } + if (path->type == DEV_PATH_MTK_WDMA) { + i = stack->num_paths; + break; + } /* DEV_PATH_VLAN and DEV_PATH_PPPOE */ if (info->num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) { From patchwork Tue Nov 19 10:19:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879623 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 29F8CD60D1B for ; Tue, 19 Nov 2024 10:30:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Kd7MVftOQ+4b1SqBzhiH//oS0+6ChrCs4gWAypG7zyc=; b=KPzMCUvTlkWD4rVj5K7meKFjmh zqaZcJCJ0Q/WOWHC9CwxJCfRDXxVILb6MUjS0HRC0vWCrsxNdNLvXqyr5oUumM1mQmsIEFwRTT93u uyhuu85qS5dKr3EWb7cjVZ2TKsyrgR6ttv8YOM/R4oMAzCv4qYbrY2PBGJX9okKOUAOUrZ5Yk3k+5 H+bDX2CrINhg7qf1qUF9vF7GhGX+HrHvgs+DhiZ879ce1z93JjkH4k3XKYN7PgrV4INrI64HShA8Y k52lCoZARJMfZKzql4+amOE+h/s1MN52x4rPd2sQ0f50D8tNi3/DxfpI66ORnMK8/tqhuxTfWDOQo s6tzg/zA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLVI-0000000C41f-1DF8; Tue, 19 Nov 2024 10:30:40 +0000 Received: from mail-ed1-x52b.google.com ([2a00:1450:4864:20::52b]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKY-0000000C14A-3wDK; Tue, 19 Nov 2024 10:19:36 +0000 Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-5c96b2a10e1so1205830a12.2; Tue, 19 Nov 2024 02:19:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011573; x=1732616373; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Kd7MVftOQ+4b1SqBzhiH//oS0+6ChrCs4gWAypG7zyc=; b=lJXiaU/gDTLKlWM35tbCLFh25ZWemcQvFt35hRcLojPaWP1VvtohDC1ze82yRiTBM0 ep8gZvdHhQjJA1hoKI8G7PpqHn19mUsYxyLg6R7q1JL75fBlQIjWh4njqQKkPZ86oS5X auuLQYC5yV/Zc7wPqRlXk8MgJmnfdrsf9TVVDXoOThH5NP6Pj7SUyPW+3cjmQVMMAUzi sxkxB2fqI2hAyZgEsxiDWSp3d9GIuQLC/gKBqnLkH6pkG7+lscjEWe9u503OKl4NJkzf mRk6tWe+uMNOCaT1aH0PCKHtAZoGxg1QBT0qmW+Mp79G0Y5/YPvH14RkpX/ikFs2fAaY 8/pQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011573; x=1732616373; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Kd7MVftOQ+4b1SqBzhiH//oS0+6ChrCs4gWAypG7zyc=; b=PrkVfo6PYo1IW81cT5B6VszGoQ+vSKwibb6n7VZ9A94DdNKzcrl1TifohXIheJ9G2P 6eSf4tS7qshKcfsfSVyGksusLZj7+qGmeDa0J1mIYbmmEgJrs2AV1sv13TMtjl9F39UN swfou/GSn1LbcrZma60EWTkNxZ31RMRpNb4nWrfbIkXT7V1dBr70HcDeBm25GSVsiVm+ fsQN5Y1xKUb4pZU+q9REEodFegHXnFIVqjq6hHOOFjtz2H3ijIy9lNFOjvAssrjVxHTf a+vqFC6flaez+dnsblpqdX5A9I1RZcfrb6YHe3P0B+5olLAlAudHk2SA6Ti66CGNYXfd yuAw== X-Forwarded-Encrypted: i=1; AJvYcCV83iC5e3zsOJfoIs0eFTBrA8AzXVEPEg9OaN6K4ubFbYJOxktpZxVdP94MHTXmbPFLWy4y5VyGfL7gPuSKpzwg@lists.infradead.org, AJvYcCWZlS/fk5oZFi3vpbQt49uVlNmBKUMfCmHuqS0jJIioKacKG2YWRiucc6MmHZVgpDUS1jntyDNS/bOjzT8acpA=@lists.infradead.org X-Gm-Message-State: AOJu0YwwvrBNbFaF8V1gvXw+Y9/AMC7At+05DTFTnVCYTUi2IbZrJZB4 bHZ7xOZxswV7R/KdvBI1twC+wukrILGbhMu2dd3YTVcxOGPe3aiX X-Google-Smtp-Source: AGHT+IF5+KL0F1ms3SncUyr2N9wLbMEErdK4tEsHN/IWbmagzPDJ/Hm22ZABIXpU1FMVLbP7YJ4tcw== X-Received: by 2002:a17:907:a0e:b0:a9a:4d1:c628 with SMTP id a640c23a62f3a-aa48352c0f5mr1451198666b.45.1732011572868; Tue, 19 Nov 2024 02:19:32 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:32 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 11/14] netfilter: nft_flow_offload: No ingress_vlan forward info for dsa user port Date: Tue, 19 Nov 2024 11:19:03 +0100 Message-ID: <20241119101906.862680-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021934_974545_6FB6035F X-CRM114-Status: GOOD ( 11.78 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The bitfield info->ingress_vlans and correcponding vlan encap are used for a switchdev user port. However, they should not be set for a dsa user port. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index f7c2692ff3f2..387e5574c31f 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -117,6 +117,11 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; if (path->type == DEV_PATH_DSA) { i = stack->num_paths; + if (!info->num_encaps || + !(info->ingress_vlans & BIT(info->num_encaps - 1))) + break; + info->num_encaps--; + info->ingress_vlans &= ~BIT(info->num_encaps - 1); break; } if (path->type == DEV_PATH_MTK_WDMA) { From patchwork Tue Nov 19 10:19:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879624 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6B545D6206A for ; Tue, 19 Nov 2024 10:31:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=iRAtb8ene+/sz4LQnXwEVfer/8Rq7ZF+bD6/DZ4QZnU=; b=aCZ7Vt+4AFVmJxqHYStdh2/pAY TpEe+MYVB43HnsZ4r0EQWaPmXSmXVd1Pd1yEdNImTboYvkpq9ezXgXFMf0pDhP5ErfJglh1SxPpQI G9W5ZKFeB3IH9oPV3OvDQu7qyeiHTbguhkaGAIJxzqYcEpzFVluKMe3AsEPCCYZBrHx2cVT7tu0CW nRswsx1vvfZHAmygglqsDt+tQ9eQ1/MjP9FGqv397RlAqVG2k0EA8mKf9ynxBKhR2R16LE8YJ8eu1 ZqQX+fLl1ng8m8f16J0CgndJYS/yabhVsgRSTTOkU9f45/20BlqdCwL0AwgBrk8CtxLaPV8JM5sQK /B6pqb3Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLWC-0000000C4EE-0wxf; Tue, 19 Nov 2024 10:31:36 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKa-0000000C14Y-15Ef; Tue, 19 Nov 2024 10:19:37 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-aa4b439c5e8so346469566b.2; Tue, 19 Nov 2024 02:19:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011574; x=1732616374; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=iRAtb8ene+/sz4LQnXwEVfer/8Rq7ZF+bD6/DZ4QZnU=; b=hBupWlKqaDgoIfq6qYPGCvP5m3FcSx4Nu3qqSX7D4QkYuPCIa5geockPEzXNwFZSvP L5QA4MCNFm0qq4zuqofvw/Dm5PU4yDjLZHO2xFh8ym+yPxtgR22CNmWN6AYzt8A/F+nG pv4gaqogRarA2OlDUZbMqXH495YhPc9wSeMXStDVTFNKZ9Mcjvpwmcq6tUTicEpL4Cet EJD1kEzxqbMr3b8CfLt3LWG/zSwHVVZ6vnq8MGTQ2q+TTIxJ6ScOC0UHEqOsKIKvM3Mk s7z11pIHV96scSWWqLjEErTI1Qh5W3Cpz/yZKKk8Q+IJjBs7Rbie78MvR5bgqYb6WdWG k00A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011574; x=1732616374; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iRAtb8ene+/sz4LQnXwEVfer/8Rq7ZF+bD6/DZ4QZnU=; b=Ygwov0UYuPY4cObA6HW8Lfj2n+1ciqqHLUMkIvPBU7ljqlOZnV+j3w4BVCsZMbukh0 WZWYnuqB94q9DyQ28DbTFinsV7kC0STDXUVYzsEqbr1LxxcGcvEP/0/VKfwiLRPNgfAs Q2011EsxDzfl7QGzggKyXGnssgQ/6tHYiwfKQiRm+91M6L4gVlTGWKdmeOpRZiqjCaKU O31S9Q5fiHkFRA6DcN/I9NpfrC4z3jTbnxAJFtg0KCh6H4OZHPsl3U/N+x0YSvjC94kp 1F3+VT4rhV06OSEkft0hw1b0bajNyf4AXe8xGTUDTZMEEYoJ5KSLiV23Azd1M5t228Ot KMUg== X-Forwarded-Encrypted: i=1; AJvYcCWPyftY4gfr2lVEioLbKuXG7IRcsCL6apEr1bykx3DX2Pit8BZeNKW8Rjhs+mJiEuvl0lDOCBXR4/pEH50ItZqr@lists.infradead.org, AJvYcCWnOuMcmd5Iqy/6CQyCPxzRMOGx7SKkQa0shbe66I8+d229FkOn+hcLsO7ZgNW+ioToiHq/wEHMZBePhpu1Rbg=@lists.infradead.org X-Gm-Message-State: AOJu0YyjgzAEidqZtzT1ZPNj3H26J4mJYT8np7eHWOIabHOogTfrftVT zgn3v4dFKHonwCvTHhqj12RUX2NtklUzOvr6g8rc1DwNUrZQc8yW X-Google-Smtp-Source: AGHT+IGSdzD5FB5lSzDOWRwk05h9KQwL4lMjDIm3lR195Fp/caQ3LhVr0XgClAvYQhvSqXEJ92m6RA== X-Received: by 2002:a17:907:9344:b0:a9e:8612:f201 with SMTP id a640c23a62f3a-aa483555dd8mr1451247266b.59.1732011574083; Tue, 19 Nov 2024 02:19:34 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:33 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 12/14] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign Date: Tue, 19 Nov 2024 11:19:04 +0100 Message-ID: <20241119101906.862680-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021936_312013_7D7C9A7C X-CRM114-Status: GOOD ( 22.89 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. The same problem for all foreignly added dsa vlans on the bridge. First add the vlan, trying only native devices. If this fails, we know this may be a vlan from a foreign device. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG_HW is set only when there if no foreign device involved. Signed-off-by: Eric Woudstra --- include/net/switchdev.h | 1 + net/bridge/br_private.h | 3 +++ net/bridge/br_switchdev.c | 15 +++++++++++++++ net/bridge/br_vlan.c | 7 ++++++- net/switchdev/switchdev.c | 2 +- 5 files changed, 26 insertions(+), 2 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 8346b0d29542..ee500706496b 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -15,6 +15,7 @@ #define SWITCHDEV_F_NO_RECURSE BIT(0) #define SWITCHDEV_F_SKIP_EOPNOTSUPP BIT(1) #define SWITCHDEV_F_DEFER BIT(2) +#define SWITCHDEV_F_NO_FOREIGN BIT(3) enum switchdev_attr_id { SWITCHDEV_ATTR_ID_UNDEFINED, diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 046d7b04771f..977285925422 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** @@ -2175,6 +2176,8 @@ void br_switchdev_mdb_notify(struct net_device *dev, int type); int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, bool changed, struct netlink_ext_ack *extack); +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack); int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid); void br_switchdev_init(struct net_bridge *br); diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 7b41ee8740cb..efa7a055b8f9 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -187,6 +187,21 @@ int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, return switchdev_port_obj_add(dev, &v.obj, extack); } +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack) +{ + struct switchdev_obj_port_vlan v = { + .obj.orig_dev = dev, + .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN, + .obj.flags = SWITCHDEV_F_NO_FOREIGN, + .flags = flags, + .vid = vid, + .changed = changed, + }; + + return switchdev_port_obj_add(dev, &v.obj, extack); +} + int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { struct switchdev_obj_port_vlan v = { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 2ea1e2ff4676..0decce5d586a 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -109,6 +109,11 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, /* Try switchdev op first. In case it is not supported, fallback to * 8021q add. */ + err = br_switchdev_port_vlan_no_foreign_add(dev, v->vid, flags, false, extack); + if (err != -EOPNOTSUPP) { + v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV | BR_VLFLAG_TAGGING_BY_SWITCHDEV; + return err; + } err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); @@ -1491,7 +1496,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c index 6488ead9e464..c48f66643e99 100644 --- a/net/switchdev/switchdev.c +++ b/net/switchdev/switchdev.c @@ -749,7 +749,7 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev, /* Event is neither on a bridge nor a LAG. Check whether it is on an * interface that is in a bridge with us. */ - if (!foreign_dev_check_cb) + if (!foreign_dev_check_cb || port_obj_info->obj->flags & SWITCHDEV_F_NO_FOREIGN) return err; br = netdev_master_upper_dev_get(dev); From patchwork Tue Nov 19 10:19:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879625 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6900CD60D1B for ; Tue, 19 Nov 2024 10:32:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=v/vUWoqxNIyzC+NeQY2banTy2Lb/YnflO4/5JFbURlo=; b=25cZ7s8JqoYw4/o2J29ihaM41/ /mIbD4WGUAMZ2eqzbczg71Ya0G/mXYucVl1nD+UEry3wHQE3GgeOdeBGn0m037HipefAYEy3/Wd7t 3KMEJZNH8YDbn9wB3Zxu/A+rrfwqIJmH1GT2XlMAHP/leWRyUwF6AYIeDU9TAnIuolCUelOzv8zvt 4BsAmyBNSrTu4yX38G4/bg11m6PHjX6umrA5DD3sJhoj45xLLYdWoqdB90AR/OORTaC9pcs4aAQmJ PFTjujSn3oHKYfAkoCYUwm8Rg3cHbR0qav3mGa9Tt7fj56nLI3noRdxs35I39jalz2hvv5FbfUZ2p MUyvb26w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLX6-0000000C4Qn-0i6G; Tue, 19 Nov 2024 10:32:32 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKb-0000000C15I-1oE8; Tue, 19 Nov 2024 10:19:38 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-aa20c733e92so581611066b.0; Tue, 19 Nov 2024 02:19:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011575; x=1732616375; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=v/vUWoqxNIyzC+NeQY2banTy2Lb/YnflO4/5JFbURlo=; b=cUwMLs0iIC5yOceaY2cQkURiJ3POS/g+e8x4Vv3eGN40QlfWtrAy5HSA4Qz7G44tG2 Y942yxxxgKbU5yPJEKXFW365dew23ve6YNJ4kL8092P276MEjMqRfHvDMsRTIymXAiV6 v2jJEIMSIBkNuyiVh3tYoavEJSg0JYVvGjXGuepJjTOj8f8kNmoB4HqAnU7wW02R46o+ p3HB9S9PJNHSK6C2677RZkHiksXYoRsvnQxow5Pvx6JTZdSPl2nN9wMHzjdukDynJf7g MaHfJ7fpNDzJUge7FgF4bW/3WHNxawxZun9UjKQPk65DHQK9PNOxgu+m4vcYkTXsPOh0 mHKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011575; x=1732616375; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=v/vUWoqxNIyzC+NeQY2banTy2Lb/YnflO4/5JFbURlo=; b=vWvPG6sVbNDQasc/y0aBkCz1flKEBHtflfKkKn1k8SC68ra1brdgAEJyDQu7NUvzFu 9BFa//0ge95NDru21hxPgSJgVZcl6Byibv8tsrn/BIJYzfa1+b9NPc/1NPnCkLWhvJZt 2e7s1I1TdbGxijTapyAIGAtmDbknR9PKqtM7SMMG5N0F1LV8eV9FTMxBVHaEV/++SeSQ kaQ9LoqXzkGAMhhwh3pHvluln2f6J8n5r/H8BGiKZiV9PR8hyTgX3t5tAq5UiCIeVU6Y HtClhYFfZjDjXoUW31py1S6Hmdw3r6dsa5qQrcS/9xhdXAD3hWg5awPgDEFkcOhzT5Ka UmHA== X-Forwarded-Encrypted: i=1; AJvYcCVqc30soLRGsjvzm4PtCB4yWOeKdhnyNizmzyfuAb/aBwsV7ki07MNPu48oiuHs+Gr3UOvEb4XdOACVldkXHu0=@lists.infradead.org, AJvYcCWvBhIP9FVhH/pOmDPkjInjoft/LNcUMGifbDqA763VahAk9XYvMXhFeSxg1+JjnyWALzGEgDNPE0PQIiIP346d@lists.infradead.org X-Gm-Message-State: AOJu0YyiV0ayVDBRo0IWtqByx8ssO7V/lYR6SGik2bgGDU4bKehUxw+j aFMHi6rXs5zlviH5BDKYDDzuYCDiVwyl7KUP6QnII8x4WVcKD4y/ X-Google-Smtp-Source: AGHT+IGpNp2EcDD7KUg0ypC4A+lKeGJDHv/zRaEDzsK/LGdNlutzMURqa+xe7vSUguB7L7JU3yrxXg== X-Received: by 2002:a17:907:70e:b0:a9a:533b:56e3 with SMTP id a640c23a62f3a-aa483454466mr1479164366b.26.1732011575326; Tue, 19 Nov 2024 02:19:35 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:35 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 13/14] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW for bridge-fastpath Date: Tue, 19 Nov 2024 11:19:05 +0100 Message-ID: <20241119101906.862680-14-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021937_471894_A887D7F1 X-CRM114-Status: GOOD ( 15.89 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This patch introduces DEV_PATH_BR_VLAN_KEEP_HW. It is needed in the bridge fastpath for switchdevs supporting SWITCHDEV_OBJ_ID_PORT_VLAN. It is similar to DEV_PATH_BR_VLAN_TAG, with the correcponding bit in ingress_vlans set. In the forward fastpath it is not needed. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 1 + net/bridge/br_device.c | 4 ++++ net/bridge/br_vlan.c | 18 +++++++++++------- net/netfilter/nft_flow_offload.c | 3 +++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 15923d177f9e..3bd5c7b45460 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -870,6 +870,7 @@ struct net_device_path { DEV_PATH_BR_VLAN_TAG, DEV_PATH_BR_VLAN_UNTAG, DEV_PATH_BR_VLAN_UNTAG_HW, + DEV_PATH_BR_VLAN_KEEP_HW, } vlan_mode; u16 vlan_id; __be16 vlan_proto; diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c7646afc8b96..112fd8556217 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -430,6 +430,10 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, case DEV_PATH_BR_VLAN_UNTAG: ctx->num_vlans--; break; + case DEV_PATH_BR_VLAN_KEEP_HW: + if (!src) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + break; case DEV_PATH_BR_VLAN_KEEP: break; } diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 0decce5d586a..6a2ca7a5854d 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1494,13 +1494,17 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) return 0; - if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; - else - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; - + if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + } else { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; + } return 0; } diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 387e5574c31f..ed0e9b499971 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -149,6 +149,9 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, case DEV_PATH_BR_VLAN_UNTAG_HW: info->ingress_vlans |= BIT(info->num_encaps - 1); break; + case DEV_PATH_BR_VLAN_KEEP_HW: + info->ingress_vlans |= BIT(info->num_encaps); + fallthrough; case DEV_PATH_BR_VLAN_TAG: info->encap[info->num_encaps].id = path->bridge.vlan_id; info->encap[info->num_encaps].proto = path->bridge.vlan_proto; From patchwork Tue Nov 19 10:19:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13879626 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B0305D60D1B for ; Tue, 19 Nov 2024 10:33:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=93tHMoq61etCefqeI7/L8ZHaQMS3jaPhjtyND24xOo0=; b=wfVG5hppLW8WvHaR1vr9X7zjJ0 24VoNirpTTE+HSgSvO4TJWmsAMsRLqNfB8jQ/o1SJKGiwFbPedl4J4fcOSKuREGWg9mF6Zu+3IQYN kvtbEdlgHlWj+uAxNEZgd5wUv8aap4ub+hAuxkRbx2xLESqfgvhaGhWSaKRYb3R1OAi0rFKqi2cJX D3sTsCECL4LdWgvhE2fxV/4U7UZPj2QaAdh5sliKJe/j76aJVunD1Bhr1sKp5RHRuci/0ffv3g7yt QkUlbWY7T/dGtBc6p5YQbwyZPpFaPP3S9supUhc31O44nRk7ZghE2KrCeAi8G5Ks+0/R2AwCBp5qu UVIqGttg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tDLY4-0000000C4ZP-1gww; Tue, 19 Nov 2024 10:33:32 +0000 Received: from mail-ej1-x634.google.com ([2a00:1450:4864:20::634]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tDLKc-0000000C15r-34Xb; Tue, 19 Nov 2024 10:19:39 +0000 Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-a9a6acac4c3so124380966b.0; Tue, 19 Nov 2024 02:19:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732011577; x=1732616377; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=93tHMoq61etCefqeI7/L8ZHaQMS3jaPhjtyND24xOo0=; b=JOocquu7cd4COSd8JwAQqc+ajdvD2JulSfGIQGUNUH/HqdadlrVuQAU0ky9OBuSaBt sTG7xci5OnRFJcJkNjV+U034dpRSDY4efyv8rPbIqR3GPnYBWI/Rn9mYLQehUr1hBqP1 1NH+f/lLDvDudHUcCdk0bljfyQBnz5JykdQgLFze7sYbwRLHNx/tO19g4I5qt8F7aGcM oecJB4qw2+c64gSn/2RaFhYN9pIaPYM/nurZgwr8MXhoLzsolE5KNYZy7Q2+XiwafRms O74b4aspOEvC1YbwIvI0ht4g2IOuIgCaTEQhnnR/J90x0fb6+MNcGjqaallbKMFb4aEi JCUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732011577; x=1732616377; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=93tHMoq61etCefqeI7/L8ZHaQMS3jaPhjtyND24xOo0=; b=bvwAKbT2tX4n8A3qWqjbBPc2hkDV//0JrZYenBnpCp6s1I4s5eXGNOJsm+Z0cjwUpx YJTx7UUfW3q7oz7lEPwzDpcQSrTrSoy6hY8nbtPAaEJeq07DIj+HxorXpdND0wL+Q3UV tOHKxk7ui8ksZvZu/pPnXOcv84kyRJibWvmSk6v6+tl/1HLQ+kfwYP2CQZwwsScJRYG6 bif8DH+AVyLX1VfjADNjlM697u7m25vaE+rOGyy3QEGOTThhSsLj/MWeXYTgVyjKjvAl jm4xUJoxTaG5iT/Zv/HESoEwvH239eVneYRH4yNchEPjzJpkto8XXY4kwIqs3gEICUbw L3kg== X-Forwarded-Encrypted: i=1; AJvYcCWu0DaK0JNGHYvKoWNRcwe16xmBMtBNwNjnYw7Jnt9wqliuTi7YlYiMP69v1UxKQV0RU0RJSJXtznecr6DJ/tox@lists.infradead.org, AJvYcCXwIxrCsT74FhH894C5G22CaUdcmdi5f78VnOUPZ7gac0RqMLJ3uYqF3CnJm6EiFwNIGDnBxdZfiNECjVNVmd4=@lists.infradead.org X-Gm-Message-State: AOJu0YwO3z/5893DexJJu/PfCDQx9gaPWBXDEON5N8SaJ584maugJOnl HvX6tyJMwILiqWnPCgCLaN9AgPcLSrceitsWzXHeL7IAd/BlKg4V X-Google-Smtp-Source: AGHT+IHFjm7z288du+sLPkPh9NWZ67RgYD8wK05AuA3EyPac75+11d1DSFwwXFLi3Yq64iVpPPRciw== X-Received: by 2002:a17:907:a4e:b0:a99:c9a4:a4d5 with SMTP id a640c23a62f3a-aa483482762mr1446252966b.29.1732011576580; Tue, 19 Nov 2024 02:19:36 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa20e081574sm634875566b.179.2024.11.19.02.19.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Nov 2024 02:19:36 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v2 net-next 14/14] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Tue, 19 Nov 2024 11:19:06 +0100 Message-ID: <20241119101906.862680-15-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241119101906.862680-1-ericwouds@gmail.com> References: <20241119101906.862680-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241119_021938_770444_63CD12D8 X-CRM114-Status: GOOD ( 19.75 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 144 +++++++++++++++++++++++++++++-- 1 file changed, 139 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index ed0e9b499971..b17a3ef79852 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -196,6 +196,131 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_stack stack; + struct net_device_path_ctx ctx = {}; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + + if (th[dir].tuple.in_vlan_ingress & BIT(i)) + continue; + + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.out.hw_ifidx = info.hw_outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + const struct net_device *out_dev; + const struct net_device *in_dev; + struct pppoe_hdr *phdr; + struct vlan_hdr *vhdr; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, pkt, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, pkt, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -306,6 +431,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = (flowtable->type->family != NFPROTO_BRIDGE); struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -359,14 +485,20 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_route; if (tcph) { ct->proto.tcp.seen[0].flags |= IP_CT_TCP_FLAG_BE_LIBERAL; @@ -419,8 +551,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: