From patchwork Tue Dec 10 09:44:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901170 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3FA33E77180 for ; Tue, 10 Dec 2024 09:48:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Baj5jGYp4+wV8/iAbfAoST2ANmEn8FK5eb8xxUvDBwU=; b=GerER/3hkEz8oAp+v0hgB3YjFB HRHFVp4ggnA9Rwt+3AtsOOI5M2CTuM9fqxB3PHEfCFTTe/3ywCGAa0lQ8V2+zHM3LpEt5j7POip+t vDAklfqMVH7wqLLo6+pc6GPN/khXaJ7A7qz3knUdcoMd4VzcqeHBAG8Ik65Dt0OlKFD8XMi+dSj2s pcuYX9XjFsynyfAwl+Cq0nAgr/5UBo6+D/AVR+0YrEpgRleUCPWyuab+G9kM6/QGB6r5DYO9KxsmH BKWYm8w3Z81iOmxStgQCRDBcR2BGdwa/0iixVg+LcPxxyRH/9SMl3ucdYRfnoV6mJXTOvRxHCCCJ0 qEzPm4EQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwqu-0000000Azpd-0zVt; Tue, 10 Dec 2024 09:48:24 +0000 Received: from mail-ed1-x52e.google.com ([2a00:1450:4864:20::52e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwop-0000000AzD0-0NVL; Tue, 10 Dec 2024 09:46:16 +0000 Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-5d3d14336f0so6017274a12.3; Tue, 10 Dec 2024 01:46:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823973; x=1734428773; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Baj5jGYp4+wV8/iAbfAoST2ANmEn8FK5eb8xxUvDBwU=; b=dw1cfy4ZuiymhbeDCwuse+JMH3XPkIX52ZmixBLepnEB+zWxjcqUHK78nooyLzJTnr 6QB+uM8iN8rDQkzLiILBwOU54md4H+bucXZ22G0Ut5sFHjCwfJiqYylHp6PzqztXq0B4 4jzldp+9RqNbj5Ue8NHcGz8CLwBkGghs8LTUrhnsj3/gYU7H8rnB6q3i8MWuclKo4TuJ qQ/r//at4TiKRGePHYSG0YVKY2SmziL7ww+cc10CS88p0n6vBI73iABrEeOciJKoNh63 VZC7U2dNDrE/G4u7wyvBkGx3wLv7FSGUM/eRgKAaMVDjuXtmqItvh0wP6ggXT8FUoF7P GLtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823973; x=1734428773; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Baj5jGYp4+wV8/iAbfAoST2ANmEn8FK5eb8xxUvDBwU=; b=pFBvcETPJyqmXyj4P4IbAGJgHvFqRHjh0fx6esdVPv3gs138YWOJWBVGMaBorsAuS2 YSGASeXuOmAG7ZaD8NAs8FRtKM2Bkc16QExemjMCSfHcXNCjJG5ZuFGuifMAXQG5iCea ZMmatE+hcLm7VOF8G6jmKzvTk5OUdMkn0ZblyGsqLTQ4kg/pUpgF1Xy+OLCa+OAUnbr/ x5kMpV+U8W5gwEzwgLhDweurE39wLcO/lUXnSK1siQgE4TOrwCa4kNqPhHiONDvSkXCr YtOEXNJX9LtbYxBGvK6LaN4EceAQlnTccuEL6IQR5AjOQ3xcOZm3dlq180IOxLc70WiJ mDGA== X-Forwarded-Encrypted: i=1; AJvYcCUVGAJP50OoTelITMoTUp/eMV/cjVwWT+/y8aSvGqDxuxQtBqhLkzZ/mxIPMkdQcTX+q0ndfvzcjoAO7t7wqFZy@lists.infradead.org, AJvYcCUuFqNcIItrOu6SSwU2CQMn9DtCW8d1+A6J3OlH1SNofz7Mw/2a1XAvhpIbKZL8HUIfgryLJ/gFleQxO1f8aN0=@lists.infradead.org X-Gm-Message-State: AOJu0YxU5c8LyJizYPX6kuHQuRZ5b65lZ9hpAqlSBmEARVMafIAT9Zt9 /i1P1ChDstZ6w4t0HeA6RkQA2sD3iBBWcsEIUBLu68dXui5X52di X-Gm-Gg: ASbGncvOEGXIOz/X7UbPnu4TzCibYvzEYkt+Fa0bD5TEdmDpuIsY7P/AwXg9nUUCAEy w6jy+rA0NsSneHazZ/Ab92ihgrBVAzTgok3ec3khQM5mtmpOQmwFVWJlJcQOEgzFEMKmPn5N90M +ZTtEGWjYIT8h2ACgfZyJgitlNJSdUk2cImfmBxQMsgkggRfB4M1qUtGumEQMsdR2WWp0SsvL1k 6Iz8XbDeFeX47BkUSu9nNBM7SOtkJgOMdxmWzIVYp+OD9sY+Ke7rVoq2Ic0CK9oRxe419oUi+qz 8cowbbRAq5ZYwTsD4mjW3KHRnS/+DYLsHsBH8Pfs7yingwF0DTOoEbtYx+TT5NmNoZcKU04= X-Google-Smtp-Source: AGHT+IHKdE8bXe8IMSV2wZCfAqbK8hBoc5nXAt4+RtU2iWTR2cHV5c46LmMZ/phJZQ7EkHH6eDKNXw== X-Received: by 2002:a05:6402:2807:b0:5d0:c67e:e26c with SMTP id 4fb4d7f45d1cf-5d41852f135mr4854517a12.10.1733823973031; Tue, 10 Dec 2024 01:46:13 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:12 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 01/13] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Tue, 10 Dec 2024 10:44:49 +0100 Message-ID: <20241210094501.3069-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014615_128329_7D6EEE6C X-CRM114-Status: GOOD ( 19.48 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 98edcaa37b38..290d8e10d85b 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -302,6 +302,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -331,6 +417,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -339,6 +426,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -458,7 +548,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -753,7 +844,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 7b84d8d3469c..cdf1771906b8 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Tue Dec 10 09:44:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901178 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BC21BE7717F for ; Tue, 10 Dec 2024 09:49:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=k+WwlYEDG0HLvBd8VAnV5F5MIiHlMD5bJhzWof6nBUU=; b=Za2g0RWiO7HD3hz9c+yKddISAW coNHwYrb5i1CCZdDLLpOed5xj/IE8fZL3OTBYngmv0pCVkXLfg/t0FeT7NBDrcih8qT++C4mXsquw TmoTK2LTYxzxUkR7ufbskEqK9boQIg3lw/L3IZaA/6Co6ZBymkkdaecYHZt6ac297+dEACr5TSMPO UGEGYR4+YjLuLsI1DyNQ2wDLnY+UME1OJvRQ1ZUAz3CbOCWnZImzkQqhjb7eShQB2RyM9d0ikDVaH jEGBPZMMsou37CQj/+5MM4HfsPhaOIInJHQaJI04YDRXkP7jCVktI+TD0PxGExMLHh0wC0rLoe7cG X8fzYJaA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwrw-0000000B07w-0fbt; Tue, 10 Dec 2024 09:49:28 +0000 Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwor-0000000AzDs-0gso; Tue, 10 Dec 2024 09:46:19 +0000 Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-5d3d0205bd5so4470701a12.3; Tue, 10 Dec 2024 01:46:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823975; x=1734428775; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=k+WwlYEDG0HLvBd8VAnV5F5MIiHlMD5bJhzWof6nBUU=; b=BPKL66eN9qP3QEBuctBxnI9aUvXp191vAB3mUseK1TwzlfDsFqprzSaOXN0Tw75GPk AfnPbII6DTYpKmcx8HLQojp7d0ViwsiJG76jxgNwTK0ZGEGdgjZjPf+/HWX+OzJSkRdh XwinJMbhQDImREw5oKdE8xDsZprdQxPfxa3KIxLeOngI9nWwZhJOFZCRdZk47/DUuJvw C1A0ky7G3O844Bb9Le4hEX7bVTDJ9eDuGGFWrvGhYlKoluGgg9OMH9fSpO9et2EpuL5I taGa8Ca3Hc0CrAyVpn7ToOYoU6CaCenvvY7rcK8csx2iCifSFocrt49LZ6XQBFoA3YFY Njig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823975; x=1734428775; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=k+WwlYEDG0HLvBd8VAnV5F5MIiHlMD5bJhzWof6nBUU=; b=V10yQtm/3uxuSdB8kjv1CIAfUDd9nbJxhDj9xypQ/6LMysn3haRbkf99namp1m1+6u ibxnkRhBuMJmRKD9xwBTXyAAUGpSDnJgbwiA0dHdVezsYBew0jbH8x59G8uQZA1az4i9 HIZI4D66Vl87vIeJtB6r5F7T9AZmxeDN3wvAkjW77JqLBqT1rowc9jUx2CqHOSUpKLqb 1GMGk/Zaf6eIwsasRCFGxjqr8IyYElBbb8bBBGsJRBuACveOA/j/Sf9t4WmYbrmdPzKg xG1MNUdI59SnEPeTeCYWg+z9JqI5JajgbFFIFf6uJ98dgZP+5HgHbjvF9mH7XLBrHz4u Y6+g== X-Forwarded-Encrypted: i=1; AJvYcCVMYuU2jJcuXzQXjvsjfp8SueAH/DgXnT02gUJvOTpDvuTylRTN9AgxHa3qkDsThLSyJc8oeOpILvxCvbEMeyDn@lists.infradead.org, AJvYcCXO0a+bc0XDY7FcElz36j2dLj+1Utf/DJuMvl28tMxoWJvtkD+129boToS5AaBPUWJxHKWUsa9WqJG383nhshs=@lists.infradead.org X-Gm-Message-State: AOJu0Yyh/TfLFri887vsc39MqMKhzyFgpgVOG9+oO/Eb0ECGGdnhfwzw VaUiRGbE0bA0NHuJpNWu1YsEgW3488PzY9+TIYM/nNKChODGE/or X-Gm-Gg: ASbGncvfHbyM3kip+a1FV0nT63xMR5kcypvDemy0H8Txh3/7JZnU2XOgMeKBgR9iTTd vpGRksU0Eh7oi15Z1CrYdjKv2FmYcSlSeais2pYKWcjdvOeLHZkiosEQyjXIQYFwiZYuYtw1i2A t6r4/1blGUF4y+3GxW9URXECLrgrV2G+u2hDqcN/tXSduSF+A/t4xrsGPS2G5QPQYhf+bI2lcIK FvaMoCIIhqKndKUiiz/q2CTz2J3CqRtreycPGJaFtzIWIqFsKizdrmI9vNuY2ebnJycy7dG8Oau T0xZf9W/ByuHlQ4IPbnBbH1/BLFRoLRQoTB92g4FvD54Yk6OZBAPeN3b6WmGmNHWRxjyykA= X-Google-Smtp-Source: AGHT+IFN3njHf4zlSvRJy82iqOt9EgBaVK0pDLpNl3FfM/NqTtRAx0hFLhBw6GAH1TXoonBsNWdlBA== X-Received: by 2002:a05:6402:2550:b0:5d0:bf4a:3dfe with SMTP id 4fb4d7f45d1cf-5d3be7f01e6mr14645479a12.23.1733823975128; Tue, 10 Dec 2024 01:46:15 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:13 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 02/13] netfilter: bridge: Add conntrack double vlan and pppoe Date: Tue, 10 Dec 2024 10:44:50 +0100 Message-ID: <20241210094501.3069-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014617_217153_12E581EC X-CRM114-Status: GOOD ( 13.68 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra --- net/bridge/netfilter/nf_conntrack_bridge.c | 88 ++++++++++++++++++---- 1 file changed, 75 insertions(+), 13 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..31e2bcd71735 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -241,56 +241,118 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { struct nf_hook_state bridge_state = *state; + __be16 outer_proto, inner_proto; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): { + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph = (struct ppp_hdr *)(skb->data); + + data_len = ntohs(ph->hdr.length) - 2; + offset = PPPOE_SES_HLEN; + outer_proto = skb->protocol; + switch (ph->proto) { + case htons(PPP_IP): + inner_proto = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + inner_proto = htons(ETH_P_IPV6); + break; + default: + return NF_ACCEPT; + } + break; + } + case htons(ETH_P_8021Q): { + struct vlan_hdr *vhdr = (struct vlan_hdr *)(skb->data); + + data_len = 0xffffffff; + offset = VLAN_HLEN; + outer_proto = skb->protocol; + inner_proto = vhdr->h_vlan_encapsulated_proto; + break; + } + default: + data_len = 0xffffffff; + break; + } + + if (offset) { + switch (inner_proto) { + case htons(ETH_P_IP): + case htons(ETH_P_IPV6): + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = inner_proto; + break; + default: + return NF_ACCEPT; + } + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } - static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { From patchwork Tue Dec 10 09:44:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901179 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2CD50E77180 for ; Tue, 10 Dec 2024 09:50:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=BKIHos904u/55jjyV61JBBioSUFkR0jZBzN6/oqpIaY=; b=Cu7g5Hayzjl5C/WaPzHaGP6bRf BNBLz1sW2lBSe23a0SFQmQFh2snpObbbVTN6X6ftFHMJwhkCeoirB8w2VAeg/TiPKfMdOMq3IxYBw 0ZQAQsOSEazLv+irZfGjgQdZoB5Fx/m9/HXIwpA3b+IM/AVZ1DttH0Um9xqRhc5ebCaVhW60BCbIM WYHK6Tp5kSxnZl7FiI0BWC+WJOPgSguwOFrYH+UpFhmitSWzgpQXAklEH/fWqrwh/MEvIO7+SUN7z 954POv3DyFXH8r9zz4LcbCIQyvjsWv4ACdT5nLBkBCSndBvU8otpY6mPGIcgf6zi9HUe3J4h2bq/6 oZ/932xA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwsy-0000000B0SZ-1XM3; Tue, 10 Dec 2024 09:50:32 +0000 Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwos-0000000AzEZ-22U9; Tue, 10 Dec 2024 09:46:20 +0000 Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5d2726c0d45so8124183a12.2; Tue, 10 Dec 2024 01:46:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823977; x=1734428777; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=BKIHos904u/55jjyV61JBBioSUFkR0jZBzN6/oqpIaY=; b=iX/0AwL+L7AmlEx8uFT2x9JPlo2rvHSToTVZUWU03mHngRofKA+5hgM5xdrwES6kS7 0bYuG6SamfCNwjf9DY5Lv3sM6lAMr0U0alil+Ox4DKgPHb1GmL/0NnyX86PYa4wEOUhT yMoVywKAi4nu1UeN7AkYAuxz9yi3kdRUxoqtU3CymhHcA4ul2WuassqZ+T//i4JFbZmJ 4bgA7+cq5gyQv7BhAOI7ex6TinYnOTOhbsUZbiWpYlMlb2YKxrhLF0fA4hCnjRJMV0RF LIGzgmyLRBZYvC3ika2/VFXUTkLX6MzSbw3hfNdTWCIOtgZcef0iRoL6xyLVx8uqeRrs /Dvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823977; x=1734428777; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BKIHos904u/55jjyV61JBBioSUFkR0jZBzN6/oqpIaY=; b=P73M5K2NdsDw4i5liq2IDiw29wMrLHdTpC6fvae4Mg6asHRMZpO4WpAjmcYnlaC9ok k0WgXtNSyfaKCsT+1Xh9l0jiodaEoxxCx/1t5RJBpfFLZAXU2nAKh/D1iOLFSCN72Aas GyptfHoHFVMYLh0HBsy4ZChsksM/DbEhdNet+eWZbkdaV0mxoWFIF5EMizdlcGJuvqCI zEV7l0p7vfxYXhvVaduZYtA/z+WQv6OJvrnEYyd6T0WSxgfBE2rduElC4zNSbigQuPeR GVluSovCzMhy7a5eBsWgYPPtHKB6F2eG5qWhLrthuPuLgb5zqW15M5UalVLcmCzghodD y/jA== X-Forwarded-Encrypted: i=1; AJvYcCW+OMqG9XBfplZBoK55IQ8/0wKGoSHGyPj2hRbta6FW6ldEGWIh7GnAgguJ4Rvdh+nNtzVX5ByeQ1zVqn7hMTo=@lists.infradead.org, AJvYcCWherCsdgYO04P8hwAh7r/8mMZ5nQPMvdr9TSEjpM02SaQ4+0HKl188nNTgWM4nRv3JSSjKr+Ato6H8vbnKqAv9@lists.infradead.org X-Gm-Message-State: AOJu0YzOd9RXocI2zZEikC3yy5KQzKSEPQC3lmu54lXoIEEinuuOxuYT 9GE+vuL40zQQBjHua+lzm+mDIYK/otyYJTD8BXtkOtt61EVTAFKQ X-Gm-Gg: ASbGncsTT9nem8qKfKy6HAh6GnK2X4zmRBnvR4zHfjire3aJ3q79HZR4vValcbO7kWP CI1TIEDpy+rfCNtZlQSQt5ClEpI1rCHMiYqM4Pj5CF/oPOUCKaz88mynUWosIZqfQYUY1B894K2 08r4aRr5DTto2zsMJwOYqj45PAkbPDExrQBr6E7oM+HXgxXrmnWoRPUJbpZKR1Yna6iObbts9xk ExxPWjnMhARMmR8zA7OQKaIHn0Kx/mZTrgG2Y132D9oo6EV6si5KyPPvwDw3hiaqq2IQuezvHuZ HbLJ6uvM6NyaNqM6je6gUtYeFIBWctJW0J60/Owii3cbG4V9M7pO5ukk9g08CgpL+O839Ng= X-Google-Smtp-Source: AGHT+IEEUrkGtJfTGOQCwFkl/sxLKxNiujiQKGJAvLJ8Ua0u8uaifo2lDidZZxTSL8EGmSiw468ajg== X-Received: by 2002:a05:6402:13d1:b0:5d3:cd5b:64da with SMTP id 4fb4d7f45d1cf-5d4185f81d8mr3897445a12.23.1733823976507; Tue, 10 Dec 2024 01:46:16 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:16 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 03/13] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Tue, 10 Dec 2024 10:44:51 +0100 Message-ID: <20241210094501.3069-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014618_670094_C0D0C0CA X-CRM114-Status: GOOD ( 11.91 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 7010541fcca6..91aa3fa43d31 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Tue Dec 10 09:44:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901180 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 75A29E7717F for ; Tue, 10 Dec 2024 09:51:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=uFNROVzPiBTZyVVUJmIxiKujmgCuTGia69D/U8CcyUs=; b=wkRJLRABCEcf1xybl1ZalntzWB 8fjZ0R/HL/XpI4FL8eOpJ9QBg0O7mMFW8YN93QyLGF2P7/VqhrHBtJkQCCPxHdtN7gQTx2x/7gm+U lNBTTnnGnIbyGWLL8K+LqkkhtJW4JFWWr3kYux7X4+SfCwn2RaH3VuYxcGcGOPXTZ8m2OXnRQW73a wsqp4hWzMbSJfm/sDx0eUUTUsk+ke0OgQsvRfl4i0FzRLEVVZvKiPKCss+t5Wd4BVdLIXBgxzPoWm Ot+oa4mDU1/zpzKLads78PCxicpB6AT+DkBGymrXYRCGgUMtzJMHIYyn2KW7lCNOi3sOb2RZ5PARd wMB5S4rw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwtz-0000000B0jh-2z3Q; Tue, 10 Dec 2024 09:51:35 +0000 Received: from mail-ej1-x629.google.com ([2a00:1450:4864:20::629]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwot-0000000AzEy-3vbD; Tue, 10 Dec 2024 09:46:21 +0000 Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-aa5325af6a0so855694366b.2; Tue, 10 Dec 2024 01:46:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823978; x=1734428778; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uFNROVzPiBTZyVVUJmIxiKujmgCuTGia69D/U8CcyUs=; b=bL3K+RmJuhevP0Zt3yeb9KpFbvLwDmdOQxYEezCg2yiTVGPhWC7VinPLNKR+t6CdH3 Rx9+tRlSa7DGhp/yFgECOeho6fFB0sb5Kj7rgS3BAt28E7TJSJLoVFj2O1syx0NaS9re JVzktMOfTTlC4bQu06aEi3mU45t2QK662z0Dr4oTtdnNTxLveYGsAW7KpwABX+MrJRzB Yb3Yef5qZf+zW7+iH2FH1Bm153RibpNLc+KeRs7BslV7ivfrn2hoWuqXU9o6AM6SfBU7 f+mv7EFCpwCbKj+tkwQ4r+t2DAYXKaq9McdMVgWvink9GH4A4vNByKdshKLpMURUVYDM k7PA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823978; x=1734428778; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uFNROVzPiBTZyVVUJmIxiKujmgCuTGia69D/U8CcyUs=; b=CY6cVGh2FAaUnzWmRTjla3xes9/1GVPz8b/v1dLayL0nYzT9J3TETKfj0phwR/bUIb Rz0AxKVuaRq6lyQDU7yNJH5bbRWF0ElKYLzwmNHGYDy3DQ9SAn2agUWIBY1qe3ZhBfy1 P/cVMuWTcqBuc4OwzxGwDS2AHQ73sEhZ1+8kcfBG8m5Th6sc+m2gBt1/pNLMhXDenpmh s+4skfAm+X16KWhzwUqEYRMbTPE+yVXYfy4wvtdqSUkXt+vqeEx8hqLx1ct8TASFLC79 e1SMkFLQa7MmRqz0B2HF9LAppzs39Fr62LwyvscQ+TNMjDg8DoqdiiUjqrpgB+Oy0jwJ F6eQ== X-Forwarded-Encrypted: i=1; AJvYcCUQAT1aHbzZpyM6KOaX1H6FCTysQKBo+SEVT6OHibbEVlvcJCUz8r2rpzhRDS5TZVjcfIp+wP1kj91dRAS0HGtq@lists.infradead.org, AJvYcCVpNOVm0MxXpfNogazlgKzzOElA1axnw32J0SHjDolMfDqK38qtoi+G4g2zBE6d/T63rWEIJFDg9qoy2agrYC0=@lists.infradead.org X-Gm-Message-State: AOJu0YxhYZWrS4G4AieUaRzzGnhseZO6uuHEAgkGf4tQLe2keCfE0o94 ZtnOIyHMo/+epw6KwUtSCeQN1uj18++B/rirjwOrJayRH0WpnkCe X-Gm-Gg: ASbGncsrZ4yDhvySHQF/rQgeHCqYsqJ1QBFqRxB0h8F81OwBdapHb9m2mVrP3oq1FS9 93nNP4NTu4fp7HpSRxdi//gJHUggf+MnP0AV5L+xw3j3Fe7T+/56dGvYSBIwaIDwk4Pi2e1q8Pu Q6/a2KtT6fkzY5awQAfgzDa2ZLik8un+pI9NK6L2xGFxPqUOMYipKw5PEs/2ZW4wcQ9EPu2KcCy rkQ/J11GbsRH4FUlG72/GU0MnPdEFSd1QthMq7w97oXkIlUVLi8DXXco+rO8KCwWkh7uycX5Qt0 DK9Ew6PsmzMZLbf/bWn04BQv5loSXETXQoDAVfpQyJK4o1W5uS2AnKisvhv4DnfzwP4FASA= X-Google-Smtp-Source: AGHT+IFck8FUe0I7ZA5vL7ViiiUaUyfpC35SDzrKqWUIlH6m1Fs13klQNmleCULSsIKK4sGjlxJe1g== X-Received: by 2002:a17:906:3292:b0:aa6:967c:9aaf with SMTP id a640c23a62f3a-aa69ce44445mr361784266b.50.1733823977712; Tue, 10 Dec 2024 01:46:17 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:17 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 04/13] bridge: Add filling forward path from port to port Date: Tue, 10 Dec 2024 10:44:52 +0100 Message-ID: <20241210094501.3069-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014619_998782_B7B81862 X-CRM114-Status: GOOD ( 16.27 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org If a port is passed as argument instead of the master, then: At br_fill_forward_path(): find the master and use it to fill the forward path. At br_vlan_fill_forward_path_pvid(): lookup vlan group from port instead. Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 19 ++++++++++++++----- net/bridge/br_private.h | 2 ++ net/bridge/br_vlan.c | 6 +++++- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0ab4613aa07a..c7646afc8b96 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -383,16 +383,25 @@ static int br_del_slave(struct net_device *dev, struct net_device *slave_dev) static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { + struct net_bridge_port *src, *dst; struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + struct net_device *br_dev; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); + br = netdev_priv(br_dev); + } else { + src = NULL; + br = netdev_priv(ctx->dev); + } - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 9853cfbb9d14..046d7b04771f 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1581,6 +1581,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, @@ -1750,6 +1751,7 @@ static inline int nbp_get_num_vlan_infos(struct net_bridge_port *p, } static inline void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 89f51ea4cabe..2ea1e2ff4676 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group(p); + else + vg = br_vlan_group(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Tue Dec 10 09:44:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901181 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9C9ADE7717F for ; Tue, 10 Dec 2024 09:52:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=sgr56AJOAsne10L7JfWzoylFaIhH9l45zqgX/3P/NmA=; b=WSb/BgDlKYheQbP0RbHirEnnS6 92eyKzUf2TU6xGF6rE4NGHeObWDm/aQ+iDGa2p8Z3TxOV9JWJmbwDJg6dmtSEIUFB1v9DFHYVIMtb vgWjFA9DJk1rTSunl+ztcqoO4Ok5iii9yl9wzAVzY+zJzF41a7ZYq/6OSOFFDmNjv6PG/rxdWi7DM N5+1abOGm4Q5YmJ0GowK/4JSQLv2KdlL87a8KlN8TeogAQ6KlkK1YRLms9ExNNXP8jY9h4YGsBxhS AQ+o1HFRK9cSRK3rj/FAJncdY3Q1NgFUzhYgws2gk4Ea1JEtJ1DuErCybPTTc/ZE//HWn0sz85rSE auNqunNw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwv1-0000000B0yO-3r41; Tue, 10 Dec 2024 09:52:39 +0000 Received: from mail-ed1-x532.google.com ([2a00:1450:4864:20::532]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwov-0000000AzFv-1Fij; Tue, 10 Dec 2024 09:46:22 +0000 Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-5d34030ebb2so7105960a12.1; Tue, 10 Dec 2024 01:46:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823979; x=1734428779; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sgr56AJOAsne10L7JfWzoylFaIhH9l45zqgX/3P/NmA=; b=AxnfofQ8m0LjEcHIYR6VmEaiXDXQxPYifCXyC3YrQH9Lk43haXIuIPYJEbWDmKSCpG SFnQCk2EKsoNf+LsRIIW72EpJrxqPiEYDeOPYVCKMuyBbzbhgU2UzFumdV0CUUgeMddr qThNMKjUAsOn6Qg5k39wtuxB2OIAiF4x1vxBa1CgwfN5w+eZeTkIIfPog3FCMC+OKloP y6OdSKY9vLUXPUGUGdeFzvDJF9m3ouq9eHdXQ4i8/xlcxXjFK7TGmBPxAqRfuRgjw0Xf /svLgVsaiA6EVG0O+P+d+7fmVIaLd0PK0M7QZFMCc743uZiw+jehK+CQs3d/S9v+5Sca LsHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823979; x=1734428779; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sgr56AJOAsne10L7JfWzoylFaIhH9l45zqgX/3P/NmA=; b=aPKi5t9cxEW5bTGkdnaB1e2LFR0xzjHp2GJ5j1v6WBfNIsnWos/Ok3s2f6oZaNtg/2 5KOEmO384Jglo4v5+jJlE8ktF6wygjiHqDpLhMGBoDApdY4CZuqhEcvcYC+mOrrOlnCG HYMn7jELoAoRbk+/NjqyB33VjuwHEgS7K4e5gaknaIv/FIwn7FSXvL55zxeUzNEQ32mQ tkxKDoh4KXpTkMpRbc2eM70gNq1+ILQmgyGpUQUyfGhFgn9Fxc+pApikUIrtIPqb/1CU VcPDFyzRoKa5MwGZ2ya7WLtlMUb13Gxj/ZIWUUI1Kx0gAQkvUNINGF+b+JKnqhn/IwLM AD9Q== X-Forwarded-Encrypted: i=1; AJvYcCWLpFTogYG1ygXZrd518+ftgty9ldu2/cuFX41d9cYV3MI5up+6ZVG1YLTuw9DeDaESnjQQD4X7s2Xbw4v1V4m2@lists.infradead.org, AJvYcCWvlVQ8/tJDMQbl0gWg249RGkIIMkkbhYkwdcQ1GtFyRHQTgdpXxWvIqiohH5MyU65YZIM7wk1+6N1wWPi1xwQ=@lists.infradead.org X-Gm-Message-State: AOJu0YzEtyerFftVrPGuIl8EbydjdaH35nv4PB9m8etIK/2eKJMQQ+dq Weze59fu9FGZ1wGaiiSsDHs/n3BzRtHkqsZD3GkS8HYnab1VV1hW X-Gm-Gg: ASbGncuGGjhuE9yNe0r5J5R8vNGC9Aw5Rn1Ej9tdqzowD8uv1nUGYiuQHYuhK2jX0OQ pc/7yiSPFiytgp+PeQIkizrXJ0iJ7vgOXEDLp0zqdA8g91fMnAUQ+MnXMJoWvh1M7CKJDvDVhKM 7rycaXlXr9S4v5gScOJqDCjvLQ/RWEEfso8i/eeXQw+0X0+w0JCfcqUmBP+TgQw20SE8qsrNlEP hwqLkYeTEn1qhitFtFW2Ff7P8H5b3RCbgaz/Ot0lmREX/ZLE2DArbeeWg0uFTnIvn8BYB9OvLms 3LVTSTudc0681hJKn2LeEn4pCN3xTbWWbdcLNaorusLmp5BfiQgFCkiKGCP3sLIszkZaMzI= X-Google-Smtp-Source: AGHT+IGZmVUxUDExEwI2I/Wt1QDwE1SDwE0IGYTeBPK1ELBKPlastjt+1dn458EDLOHgXMoYKOhzNA== X-Received: by 2002:a05:6402:3484:b0:5d1:2440:9b05 with SMTP id 4fb4d7f45d1cf-5d41862e405mr4691296a12.28.1733823979183; Tue, 10 Dec 2024 01:46:19 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:18 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 05/13] net: core: dev: Add dev_fill_bridge_path() Date: Tue, 10 Dec 2024 10:44:53 +0100 Message-ID: <20241210094501.3069-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014621_344722_D8BC6104 X-CRM114-Status: GOOD ( 16.85 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 ++ net/core/dev.c | 66 +++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 135105441681..6dbc442f9706 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3183,6 +3183,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index c7f3dea3e0eb..01dc51abe7e8 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -713,44 +713,84 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; return ret; } + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + if (br_dev->netdev_ops->ndo_fill_forward_path(ctx, path) < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + return dev_fill_forward_path_common(ctx, stack); +} +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /** From patchwork Tue Dec 10 09:44:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901182 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AB4D4E7717F for ; Tue, 10 Dec 2024 09:53:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=0IPV+/btLneRoSo5HiyXyxa4AsB3fEttv56AKWcCbic=; b=VxvGp/6TvVL/C67PEB3frQ0U9F x/rNfBAzFRZcIrhYNlo1VM1fqahS4QctT3a4FqIT1vnuzHM0ONoqHZrDv9HomRFQxkmBv3ccB0Md5 JdRehS/R2Um9a8KrPbSDIAB647QFtYpyvbxeB6io5iAbPITQ1gvZyjJU/iDG39VuNQqffiqX317bw 8CM1weQoGFuJ7sp0Y6utg48QiwdKTSdfVuV2COfpDo3P2cz+qRTm+p2tU4HlZ5YQxGHvDkKQofSmY 0ECn38K6/CoZYUA1hPLdBPkcwHdLOAPv2m4+D5pTP2wj433mgViaCMO+HTHjuiCotTqWzNT7mBpyR B9TR+ViQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKww2-0000000B1Fw-3hUD; Tue, 10 Dec 2024 09:53:42 +0000 Received: from mail-ed1-x532.google.com ([2a00:1450:4864:20::532]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwov-0000000AzGH-43ij; Tue, 10 Dec 2024 09:46:23 +0000 Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-5d2726c0d45so8124270a12.2; Tue, 10 Dec 2024 01:46:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823981; x=1734428781; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0IPV+/btLneRoSo5HiyXyxa4AsB3fEttv56AKWcCbic=; b=F3K4FZbXwnY5Q1eGb39OECNc4Gb7VPNjHK6YwSXXR8T2MKO4KaoiodHw2cgiK+dTf6 ptPUAnZAZKmGLVUqiS77p7u9eUzP84avBbqgJkYHn7iASb9h1YLh3DqWuJA/zuPdcOzc PRQCGkX8vNLJFNOzj4llQzSlk3IZj4lmkOMKFvYNS/WVjz8QCL3mVLdLWsOgioihBfwr Dj16OP9vE1yZCNo+GVU0SkYvPx2KaZpv4ONqnqnE2kqy69XRdtLz1jmN4lsFrxA8dZOb IM0c/TcYP7NArqI9zv/bNZqOmQYQgxUqlKp/ZR/jEAlee7qJi1EFwg69iKGhedBxSum7 YKjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823981; x=1734428781; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0IPV+/btLneRoSo5HiyXyxa4AsB3fEttv56AKWcCbic=; b=HegLfSt57heFtrKuOZsfA28lr5AUU+CrLZ/ekRxbgUna4SbD10DACmoYU2E+rm/PN0 nF8wvS890mXGuJ+fswizTP5YNbVy3NgV9F8d0SmK3aI0a7JJmefWHpD5mvuREyWYOJCH TI+NatxGK/SQ2AM5vK2y8g6TQ+bqdK/cB1yTCJYX47t21+dV7qpkLNvUtguxAKdVW14H 8dGT/HByDLhOU8opmCeSE3MtEy0z24d1uyq4kw8WaSoufRalcFoIzTVLIz8Jmz3h0tdE wibQhBajuMxRw/gNOwRL1GpWCQvNM7ODE5ZgwoJFD7JkvCmsIUX2ENiyDzvEw22y4mk6 UDKg== X-Forwarded-Encrypted: i=1; AJvYcCVMaCLhoooydFkjCJOVTZ1F/cyw4D9q5Od97gGOFqGs0vu225wgWPNUOi77UnDivk1vNqTRkMOAJSAdM1y+otc=@lists.infradead.org, AJvYcCWXJwVzupx99NlfYEmiU0KPNDhOwJFxFXmtO6/jcV5e9JfnGNarCvbCGh//34T1NTUZv5TV8DBP2PRB9Rkd4hfM@lists.infradead.org X-Gm-Message-State: AOJu0YwsqsM0RNU3MuaHHCudJHNEBWoeTkNG+5u8Q7FsbpcWSxZHmnua 3ZnVxf9QZaECyzzuNZ/nfLQ0HSrheyDCCYPADpNNZL7XhAAvn8Un X-Gm-Gg: ASbGncvcpt2tvBOp0gGp8aaDCJSD7PfI+BTY5u2oMhh09YLZSxqn8Jee6ohppIyPcm+ +LCYS4iQqaAyf3M8dIXfkimEXPUTLwuNdpTE9C7l6krw++rzTLE53zKIfCc/FxZS/tZ7/2+PGT3 mauc8yjd6obooPnWNki6nUVBsCdNhtzeA/aKUt9eJusfCIsYhnNa8o3ymAGGGAwA7+eqi3WzDPE HuQSDm6/meur2lB5GPwXRTweOmuNPzEJeAmzjvsXrB/kjYouuvIHZxz2NdS6jNs9kRTi6HppRbd WbagOrrva3sz+bE00cFKR+Tk35EW6ko06nd0fD7bJ55PuqoN8RrpYa4F8IpO6/T3TglQm0U= X-Google-Smtp-Source: AGHT+IFjT0LuXJIh1LnKJhzqy9wN2HFcOfLo9WVivfUzaooRucqnpDZPHXE4LF68gVbRTOO3lAb8JA== X-Received: by 2002:a05:6402:42ca:b0:5cf:c97c:8206 with SMTP id 4fb4d7f45d1cf-5d4185f8686mr4106270a12.25.1733823980513; Tue, 10 Dec 2024 01:46:20 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:20 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 06/13] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Tue, 10 Dec 2024 10:44:54 +0100 Message-ID: <20241210094501.3069-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014622_009431_0E81D8AF X-CRM114-Status: GOOD ( 10.37 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index b63d53bb9dd6..568019a3898a 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -341,6 +341,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..5543ce03a196 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Tue Dec 10 09:44:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901193 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 355F4E77180 for ; Tue, 10 Dec 2024 09:54:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=pk+qY6px5gG3FxqwFvW1Op3xt7LAoxtK3/4BHj1Cflg=; b=w/CnUdvxcW9lRNt/xHOrVHpFQI Ud8yufDwqtq3m/Ln8/2WZQpi+4+bchbmriNS9c9p20QTWVWHEX8IlqLwMDVVCjLkAEjqp9VnA75bC 2Qjpn9XoKX5gFT4B49wpG2x9MSOIZ+nxq/qO6TcjZkKgAPlka1CPyrD+2MfO/TXndGS1FtedGudc9 mMoUvUrOVIwB5QsyPXOyxSXFwdtkE+bicgFnpSPtUtntoYaVPzJjU4oii0VaSoGuLj14eU4hp/5lv gVv70eNuYd4P7zE9jCE37731MM9m9NOyhJ7smor+w8IVdtrWKSNH+w9mX3F2rxNLRE8Hw/JNVG38/ 3+0m+fsw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwx5-0000000B1ZA-1Pkz; Tue, 10 Dec 2024 09:54:47 +0000 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwoz-0000000AzHE-1J9I; Tue, 10 Dec 2024 09:46:26 +0000 Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5d3d14336f0so6017544a12.3; Tue, 10 Dec 2024 01:46:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823983; x=1734428783; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pk+qY6px5gG3FxqwFvW1Op3xt7LAoxtK3/4BHj1Cflg=; b=FodVs6rvXOP+tFTAfpRHG+SsLc5mmxTZ4oeOkjeyj5cmpzDO2XqlacBGAm6FzuQDll M/UYcCbrVoCMOgvn/450oUOcR8YZ7T+8F5nfnhxXBtvfaA/f1RpIjk5bFTQsHoxtSBVa 1suoksiQtUcBRdhBnsMpMnEBuv/oIBt5duKp1aORtpiXXWvUs+ZPFZgvn/hXh4goX4Ux a9jw2EzelLIquA/dOMNa6eSRJeSjeEo6eP9dHuwzJXJ+ta6yqh3gfHZMp2mSH7ueYe8o oKW+pg97e7nSNp65JZIy8ZIEpX+LrhTLAS+WJpLmPzqJShhW+CEZZKLoOWFpIhGEPaSO AnFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823983; x=1734428783; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pk+qY6px5gG3FxqwFvW1Op3xt7LAoxtK3/4BHj1Cflg=; b=qGK2tnlhC+JDBCHWyUNdDbkOBK8aFqmV0aKlyUilRGIHhJ2lOGq9rwiq/BbIRHbipl K5O8rIMZav2YrdXDumZ6Hei6DM/R3fRM8Tt/2w7SC6OCzKuUW7o95XC1wnnHTIewQcun EbhEtYNR3hkQK09OmNRH3oYlQA2xIOpLXEYfCOiA87F2Bx5Tv6E8zVVb0Y6aIJy+55XR D7m8g4WTvG6Xl4ec3G/HJJ99KPrXkwUU/rDrmfENqPFklo9chWwyyK8hau11pNEbk9Ny pteFoN/H8x66+aJD2lYgW7k0mBAfrjBB5ida8GgCVhyRpihuctMXcRUkSq4ylROtlxYg 2y2w== X-Forwarded-Encrypted: i=1; AJvYcCUmYMgkZoG8YFSaZo/Nfr0iw+I679i8Z7QX9HwayFO97Lg1xFuSY2nAkDZzoNayP7muyDRFaR+K+oJODaS/9sjt@lists.infradead.org, AJvYcCV162cw9ZZeyvxWIxPuk0LTJhJkI/Vx9/oF/o2QaXNQRHLv2vG57LFxBx2/FMb7XM1qM9mRZiEij1FJROBiB+0=@lists.infradead.org X-Gm-Message-State: AOJu0YyXD1uGveRlHFer2tN77gnq3YgkNrs1vH0EpPF+yEdZVbQ1h5st na5poN4aerL75uIhZeoQWVNk7tA9DyBypT5yE4jjfkDuNrAc8oIp X-Gm-Gg: ASbGncvk9vCGjieS+jxH6EdGyc5CR4RYBfw+lRo6Z8Zon95IPIuZX+2+8vNXoU+YXOE +90nYssFOX0b8ykT/cO5ZLlTwNGPIjp5nIgdjq6vQS2WY/ayoKWd3RnrvDoxi+zINwaL9ktbNwS mXrPhO1WG5tr9a61XI4F9+o1SgifuB+JD7Y4TkHp/4SzD+aujqVGwDOz1bORd8yXRi/q8+j9q3o HxV0B0yHNoo/50VzYOR1pNpvMgt8F2I70ZcODAjkjBg/CFbTh1XNGktgWG6/BnT39evJcUqMP1K ecqGYaYK3Hy7390em1NHUIiv1peYtoWuxabLlWnyyD/QENvIbwua6bpWXQHK9pXnR8BR4eQ= X-Google-Smtp-Source: AGHT+IH4EN2bl4nM1hM4vW3lNE4AbT4jAUoKGNPh+jpctdHbiWVvzXPjIW3iNo8T8bSk3yNngjltIA== X-Received: by 2002:a05:6402:3484:b0:5d1:2440:9b05 with SMTP id 4fb4d7f45d1cf-5d41862e405mr4691569a12.28.1733823983340; Tue, 10 Dec 2024 01:46:23 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:22 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 07/13] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Tue, 10 Dec 2024 10:44:55 +0100 Message-ID: <20241210094501.3069-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014625_347736_936DF46B X-CRM114-Status: GOOD ( 11.83 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Tue Dec 10 09:44:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901194 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E728BE7717F for ; Tue, 10 Dec 2024 09:56:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=dC3jhTj5HQrnKJfxc0SY/ZIZuFArZD9eLZZ+JbLbIJI=; b=1jUESVLTy9acro3+xMG2qo1ryu ZhrdpimzbCRnBCROIqY5bmfsVyARN4g1O3mc11p1CnLg8qfMLewTX/m4EQjw4CylnFI7MEnsC0WXv iQcVDIzy7W3USDYwDo865TxHwf54cCJwU1RgR1HJvOFtZ8ygVRYbkzSKBGF+SBrQwyb7TdhbHtnUB UCY4s+YTcuNjaJbWtDvN6d/YHGafZY5IAikZXUd4VpboEoqKO4JpGByyvnZ9x+3M79rYFHy1YWIGU FRx0FCPrKBIfLy4qFkiGDa1INjayE9ESD6XGOVO7nonJNoWkmOXz9MaefCtpdWVxPWI7sBNDxCn9n oYsGCMUA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwy7-0000000B1rQ-122o; Tue, 10 Dec 2024 09:55:51 +0000 Received: from mail-ed1-x534.google.com ([2a00:1450:4864:20::534]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwp2-0000000AzHn-1sHk; Tue, 10 Dec 2024 09:46:29 +0000 Received: by mail-ed1-x534.google.com with SMTP id 4fb4d7f45d1cf-5d3e829ff44so4752959a12.0; Tue, 10 Dec 2024 01:46:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823986; x=1734428786; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dC3jhTj5HQrnKJfxc0SY/ZIZuFArZD9eLZZ+JbLbIJI=; b=kBH85LVqlLqrR06X1v2vnq4sCaKtQ30XW6hNUxmEsGSREJjztacgFH8+JdG9GH7+DH A42wZt8xyDCpr/nfcjGyuS6zWfSgyBGjV/uO+umIl7H1KslC5Cm2D8UMpHFkCb9Rdix9 5euVSN3hH7BSLDupwiYSwCc2xowLm/4qMatDZiA4EcMt+K6afCa9VamCFD4L/fha3R+H +rcY3ANfXrGG2y7ZHh5dv8G074vZtv8MCO9mJYAKgtkOzbsTmsON+uAtlUreOB9K6pqs WhwuI214C/PrF2qsJthfnQSgTJ3aHLD12oM7gMunc3mDwJ2QLoz3btGivlw4+ezceSsM 4UCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823986; x=1734428786; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dC3jhTj5HQrnKJfxc0SY/ZIZuFArZD9eLZZ+JbLbIJI=; b=ZF3opKHBM4cy8dx9kSuRtIcLb9WbprP96wLh7bLWlwvk1gwC7k8wHYHj0a9Ett/VCu N6PtjjHxtFZKLcsgARoOXYPuNcG+EBCWx1youJ5yTdC6zeiZep+sB9iXW4ogrByxQO72 eGFRZygND6brJnWhSUTS+WR1DAID7cb6tWH4gGBtT5xA+LOpMS/8kB7alSAZ/qDRTZUK UafXu1JcKmRLVrhnY3xBAN+dQJTutqThpfY6Sq6a7X2eZ0RmpJOZQ4Wif/hTzWvbckOp rhhtd3EosWT7n0b6qGPbhrhPlnbgtSQJ8VjMq2ERw3JgRwkjg2zeWZGNTtsoM+ZXD7mF q/6Q== X-Forwarded-Encrypted: i=1; AJvYcCWo91zrPQWlQPU/1xGaJYUI4lJbkSZkgxMYvKRPXvaOETTz4HA0a4oHFxesj2SvTiTEOwnmNTIrCenIE6Hrjr2W@lists.infradead.org, AJvYcCWzL9mD79bhye9qmgyDuJIrU5/0rbTbJahZ8DRaD+FSUFnnLg3nMQ0T6JKji51hS9BLHy+OvuJlxVRXP2SUqYs=@lists.infradead.org X-Gm-Message-State: AOJu0YwAzjxhv0MxCW/0tbrBhd5MEh8iu0h0esf02OAKCM9HGsIEOdge SSkFIUJCxIDo8fv3MsX4oRubVOKB91toXXVt/d7lqwckNEQmGWfW X-Gm-Gg: ASbGncutafRt1nJ/0HU6H4oPZzNG+vYB+5RSZC3I8EgqTjZBUQ0v4ulPwJPTHxGJVcP IHRG7+gb0EuzAyveYwtcLZQCRuQSHTf2qmUYpZ4ezraAbFZ1KSDU7WhAbXpZkHtHVe60KWT2+aP rQFTK4UoYeDNd9hjduLCaXSz9hArkclDIdRkHvMjtz4ovb+cZrDQa6GcICQPnxfbpdy5esFqnav k1vbQrNbu1kD4Ba8UFWBwNZwUx5BikESZnKAbcUBpOdbSABpkfWGW88IL4miPQvcFcT+fgTA6o8 AxWC9nh96XsxM0ztqHkfEq93krvmu7DyyFaOlkiGyy3Zz29ed2MxIC7ZE+0imCZ8mVNJaPM= X-Google-Smtp-Source: AGHT+IHlX9+SooPSE590CjcBy1PCTK3BSd2T3uvELFXCE//zwA+1O6qm8MPbAI3EXqA1jn0vY/Q71w== X-Received: by 2002:a05:6402:1f8c:b0:5d4:1c66:d783 with SMTP id 4fb4d7f45d1cf-5d41d3dd1c0mr2691977a12.0.1733823986474; Tue, 10 Dec 2024 01:46:26 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:25 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 08/13] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Tue, 10 Dec 2024 10:44:56 +0100 Message-ID: <20241210094501.3069-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014628_483110_F2613A3E X-CRM114-Status: GOOD ( 11.28 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index cdf1771906b8..cce4c5980ed5 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Tue Dec 10 09:44:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901195 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 97627E7717F for ; Tue, 10 Dec 2024 09:57:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=XtgyJTf0nGEQy8dIgfNuKn9dKl89pMTFI5gYmniF26o=; b=Xe6K2mOOKWLqZWQzrkrrRY0mv+ yS6pzd1aAyW0iQ7d/I/7BRNSpuZN42Xr3LgtkHbXPMglUzFRnL0rgEKTmO8vhCgvB1j8AL7r2/nZk bu+8/l9qBZ9yMZNKJ/jiyliYrCeGphT1mOkJVLRQ8r6hLj+g9skK6VZwxRSluB83ZcKju8oifTFUu 37X4W6jczsmRsQItZluporuBbhVTnsit2zkXa7ugu0Jkr1AiCy1QcTYudxowYC8x9Ul1ewj+9eCG9 bjQPoFHX2H7i45hDLsFks0zA17xRxgoEYvmYpryUz2zyI0OMwbqPj1SVYs2lcjBtvJmDY5dgskzCn FeNrSVCg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKwz9-0000000B2CB-0nq2; Tue, 10 Dec 2024 09:56:55 +0000 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwp3-0000000AzI6-19yX; Tue, 10 Dec 2024 09:46:30 +0000 Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5cf6f804233so6690606a12.2; Tue, 10 Dec 2024 01:46:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823988; x=1734428788; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XtgyJTf0nGEQy8dIgfNuKn9dKl89pMTFI5gYmniF26o=; b=k4o5f7wTwur0e7K3OlKJ5PhBo6sng02FofoX7dgvsyiauvmNpkDcW+tFUPDvmiSkyn jyMTsLoUDq1pRnmM1ibo8FE8PQoiXaStInDO+wVCd5XDd3lL0uCZSeYyXbb5dl5FTSmr gfWxoOAPXX9ENX1ec/ME30QXs5YolpsUkqCY+IvLR5TYB7+LrzckvDcSxbQUfoiBhZIB GTVRCafjhvuuwbuPfMyKUr5DFp08wGddWYKr483QXnEKO2fxXerGUtzBUJ9sz+mjpoIV Ne8bBETCUr7b5bGx/UE7kOKJtCwYEEU/0XMstDKFWVzKeilF17B3Y6bXY7S0YFTlW38m +4ow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823988; x=1734428788; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XtgyJTf0nGEQy8dIgfNuKn9dKl89pMTFI5gYmniF26o=; b=hFDV70t2mf/VEyTtAJqNqP+2YJRjKgl//6z6g1uSApMgutyS5KPsR4at9Nar8y5Y85 mROx+PIyDKuz2Q9qihbm6Tet3DtU0gUXHG6gJ1y2VrdLMNowXEQdGL2yVVdIjxDOzSua a0B0gxg+ks9pSuh4VqUVmGB/zrrlHi4BTZyfmTKpekajrxoPgd2mPAVQtrtyHDP4atV8 tkO+HYbPz0P7dc82UklSHKihtDjl8SyPRazmE4siY+4BZPnnIrrMFAC2otaIkKdISn4K DBWEhYegKR/mY7Ud5q3RN3z554tCRuS/MVjIhHliFUxuA0fcWpwmaVNag5WJOSeSlVVW ahLA== X-Forwarded-Encrypted: i=1; AJvYcCVwUEH4HhPS8grQEJqbw3OsI2L2pHRGoDN6uKIJ7HUdCNZd5FX0CxvqoMMYPXciKHH+PVXiKL3WR/PylxcLrN5n@lists.infradead.org, AJvYcCWy5o9NK4eaFzR51LJb5uZaGjYnIyeE4jBPgoHRl1JKMIo9to+0c1o28fixVNjSH8wuV8jBHKseGc/3Buj5fKQ=@lists.infradead.org X-Gm-Message-State: AOJu0YzPnLFtJcDY7nFYeGV59tFDg92AQi9HpT32yUYQykBYKqkVX2bJ AmvCHKWHg2H3FNbJMr36WpR8ZAVqQOfgG3wFsuR9hnurC7tH0FJ/ X-Gm-Gg: ASbGncuISq6Wu7g5x+5T6TK6jUpTx4wwMoZ7QSf355TKNvWPmcEASmS44gk09gu/P+u jESCBDYXRiOkObHytC2f1Dd3wYh3wU+NaYny1VzPZnN8jbPsJwwe7ccmpZ/ExS4nnvWVVUJp/nj lWLDYsUZA5pDDrkbaHVkvUy7v/kmRLhj0pQCZDNDT4rj4DO/ZTklt0+aRI5GD4cDfdqjOoouuZ8 o1MWc+qTTKn7r+Ctge1mjPQYT6/j0DiSAWirbYH0pEEMrmr5KyrKjCsrz2MDVElVk1HFx1pezLs 8u4z9LqlyNYLTq/i141qvdStLv5PZbgQXdXXbTK9tzDhvbPpIyfKB1eNZTyLd5WDLC42ACI= X-Google-Smtp-Source: AGHT+IHMIuAkwd6n+zMlbqGssJrA/sOKUAdIFcZ0GUQzc6T7cPFdzuPhW1u/ZoZsTEDW+OJzrhPxJg== X-Received: by 2002:a05:6402:4403:b0:5d2:7270:6135 with SMTP id 4fb4d7f45d1cf-5d41863c5c4mr4611870a12.33.1733823987762; Tue, 10 Dec 2024 01:46:27 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:27 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 09/13] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Tue, 10 Dec 2024 10:44:57 +0100 Message-ID: <20241210094501.3069-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014629_319413_09B6DB06 X-CRM114-Status: GOOD ( 12.95 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index cce4c5980ed5..f7c2692ff3f2 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -106,6 +106,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -118,6 +119,10 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, i = stack->num_paths; break; } + if (path->type == DEV_PATH_MTK_WDMA) { + i = stack->num_paths; + break; + } /* DEV_PATH_VLAN and DEV_PATH_PPPOE */ if (info->num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) { From patchwork Tue Dec 10 09:44:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901196 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AF61DE7717F for ; Tue, 10 Dec 2024 09:58:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=BztZ0cfqRt9dxay4EdRKv7PmLiYD1WDU1Ehk6gLPnTE=; b=S+5ZrlKfDg3/crS7oTEmOznQUs TtGE9c6dmwwWmfKpADU/jVacSZC9y4WYp5RuU3UmANvJlh/wUfva37eCqcdhaTcIPkFo3p1CzAFCZ FhfKnSVeIXpGexHDNWdggldEf31Hi5ib9d7x1SC+0fTBltyezkDeuk1zBSxI79cfCpcbuHGjmWvbg 63DbwIaWBAZMcfpQdstNm+u6EEYVR6OUyYQ0ThqaaoO400DWx7Sy5Y187U+hYFoEF6RWQ1hVWpHZ+ xta4Y7cX3ca/If16k+sZo8o16JJJ6Q4YXqsHVfdwP/8wb0yFFktKtBYwaiVOpzXFsdo/FjKXvEVx7 MgMjTZLQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKx0B-0000000B2UP-0zmU; Tue, 10 Dec 2024 09:57:59 +0000 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwp4-0000000AzIa-2grI; Tue, 10 Dec 2024 09:46:31 +0000 Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5d41848901bso2136296a12.0; Tue, 10 Dec 2024 01:46:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823989; x=1734428789; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=BztZ0cfqRt9dxay4EdRKv7PmLiYD1WDU1Ehk6gLPnTE=; b=HGqI/6MrUXAAC5hb4vJVWvcKxJC50OHgaWmcin3bF7Pl4jZrjvur+L+4mhZofmUt0F JmD9Q6udroxg7KMVhTIs7cPc1H4oOU1sbh+ObHHtt4+w/Tn8Jzp5lBDmczZQLp6VBrGV uQSbfiICJ3ed79R/03fQk0dibFG6VB2EsQsn+k8DqwV4P+99rnST+0xVLeEmNygc0dEK bKsjtct7nc8kUOzPms5ftjawmprjWQToRrBKkeqEcnctmwZk81/6xwREH2KANOFvy+0f 2kp8V9rpbkFDuISBhJGJl41VX8/WU5PaKgtR+syRjbSoIjlzVteerNC9KMknTgIbgttI dg7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823989; x=1734428789; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BztZ0cfqRt9dxay4EdRKv7PmLiYD1WDU1Ehk6gLPnTE=; b=NPa9dY4AhuvYVzXgA7acyNti0lITOPOOgftkjTXWeK9PWAsw7o429HAOk4nkuSKRVf KTyoeYeUrD/+d286NlbwPrCjkDC0gy8g0KihcXwjyokgPTdCYtSgnFvQjtytldMJ79/E rr8rRBBPSYorAzPyO738zUKKAyz7TQ1YWaieMDxPSxVLHKz3sM3yqsJrrb0U62TLCaJf 6HcT3d1ezNyM8tDBtoXFvAqwu5twJ5Vim8x/45oUZvU6YAnstIgu2VSm2aKDfgdv4wND T/xi/Ouzb+RUxS6yMGkPfWuswDuag8WSM+uqN5BqsUucW2o/0RXw6TIzoq0FR90EF6Px d/8g== X-Forwarded-Encrypted: i=1; AJvYcCUG9FC24gA2rXYr+4dkHUMP/UWKuHGfqiGXHjIv+hq8bgl2j3/1h03JxuGTtF0uiZwdoWl4Q01GIR5pt2YGptk=@lists.infradead.org, AJvYcCVqdp7b/6gQrRLi3fCPnltSHAgMriL5PhM8WX2d7NO5LaCt8k9u3/sj1JHZGzHqe2N19Pn9U2ugdBqKe/RHyEDe@lists.infradead.org X-Gm-Message-State: AOJu0YxTFb+yu88boX7iPw5uCijTXmrRPj+Kia+KwdiaVmAZFI5YRO+W b5L470dNhSTn5jK9bPHhbkjFI1C82dqNIhveA3wHydrwbksQGO7I X-Gm-Gg: ASbGncsia/O7cw/lLtMqWNqctdYar83fdMQjz8vmhuvaVcDL+S5v9YPIx2WaxnrtP2e Tqcesop2H/IdCE1ak261Fybm+hnf0vDQxOCEso91paqF8FKXgnYcSKG1sV7Hzhql9rfeqoCCglY k9+2ZZKoT8Piy8zhs+n/du5dKS2LM72XZn4Y0yUNC/Hw9C/+44aeUCi2lAoxVTlRxOs7DGgaJRN QNXaLp7pl394BrdAyLc6S8D2poGOKa65OWjxT1BvAYav5sa55JZWN/9L2pkJhrT0Zd1h2y+KSbi duhDoKcpsAxbetex9YReuKDg2fvC6kSk/6hIoc5zNr/PjUlXts0kHdxeX69wKl211tIPR8Y= X-Google-Smtp-Source: AGHT+IFyTeE5viLWDV5JNS3lSXCPHMg3QwwF9F8vVIQIRSBON1JTkjS6u5VFo+SMdaaFOV+dkCijqQ== X-Received: by 2002:a05:6402:524e:b0:5d0:e461:68e6 with SMTP id 4fb4d7f45d1cf-5d41e36d2acmr2440521a12.17.1733823989216; Tue, 10 Dec 2024 01:46:29 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:28 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 10/13] netfilter: nft_flow_offload: No ingress_vlan forward info for dsa user port Date: Tue, 10 Dec 2024 10:44:58 +0100 Message-ID: <20241210094501.3069-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014630_687148_8C2FE3A2 X-CRM114-Status: GOOD ( 10.97 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The bitfield info->ingress_vlans and correcponding vlan encap are used for a switchdev user port. However, they should not be set for a dsa user port. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index f7c2692ff3f2..387e5574c31f 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -117,6 +117,11 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; if (path->type == DEV_PATH_DSA) { i = stack->num_paths; + if (!info->num_encaps || + !(info->ingress_vlans & BIT(info->num_encaps - 1))) + break; + info->num_encaps--; + info->ingress_vlans &= ~BIT(info->num_encaps - 1); break; } if (path->type == DEV_PATH_MTK_WDMA) { From patchwork Tue Dec 10 09:44:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901197 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4133EE77180 for ; Tue, 10 Dec 2024 09:59:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=eVgPo7GP+w/iXTNTv43Xh832Ytqh3LElKKcl5avl2EQ=; b=pI8Ii1oX7a8JuAoo1hk7V12xmY wmFleCAv6YZbxY97PPuhZs0UEIrXy8LLrvsUitymZVqhRQXrWfF2AK/mk3bNet4seZ207uD3sfzqC dt1Lv4z9pUj96VwJoqJnVuwuiqs7pRw7wWXuGhSIW7v8sFWVb4Lv/uS1RNYu6Sy2uHGWWSsjzVnDQ tKgnpwK6oaugpp4uYYnhUTdhs6IHRdmCM02WLqJqqxA49G/xPFid7zOV1eCyEUgWRk7vZr/OgO9iN GEBrt9o8ktaoNXgf/X/G3XoRpEh5/nYRqfXahpSTwlISWpaI3qXCkfKLyuRO5C5wKE8yC2sxs9egn ulYSEM1Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKx1D-0000000B2sB-1pyi; Tue, 10 Dec 2024 09:59:03 +0000 Received: from mail-ed1-x52b.google.com ([2a00:1450:4864:20::52b]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwp6-0000000AzJ4-1yUU; Tue, 10 Dec 2024 09:46:33 +0000 Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-5d3e9a88793so4005641a12.1; Tue, 10 Dec 2024 01:46:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823990; x=1734428790; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=eVgPo7GP+w/iXTNTv43Xh832Ytqh3LElKKcl5avl2EQ=; b=XIu2xepYSooe82OqL1MxlT8nh/Icog82GMRyVXKNGHJP+fgeM8irw88LqxgeuZJUo6 XKvYIsbEvtVlJSgPwDhTlr1rh3SNRF+SInoO4MYuibnxC8GuCfITK9u6CQRxmWVLb4x9 2xH9DsQIyrmWoiNauISWY8VF8OvGQHmLMQ1GbkIxvLnUnPIrLkf2AJp/fMSlM6jpExgk he5nzpasYJVHY6+zMNMHIZ0nvA5E+fqqkaCTd0HV8Mm5+w6eIyAPKsbuVdzHYHSfW4sG Lh7DFippekJ2ZZfIB8+GockKaY2CQN9dXduie7qNecUUKayRXtvNGB4iyqz4t98zJ8ER BCJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823990; x=1734428790; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eVgPo7GP+w/iXTNTv43Xh832Ytqh3LElKKcl5avl2EQ=; b=Ls3Fnut87CUG0ljbxjB5fLMyYcSBR0EU7hwopFhUL2VXQs4GRygrXD8q+REyxgZ3WW i3iH2K28fUDcbuLutTZ7RA8BNdmuBS7F0hb7sTbX3tVwRS+pS0izh8RCNI703RGZ1bbX FSobciLIV2B2Ol4tDpSQCPNQch1tkWBz6je2UX5xcM/hpxeKElgFfftU7zaZNTz8OPbQ QAqL7Z7stf6/mag4AVkWnQ4hoz3z56eNoX5YydHkeuEIGrWQVjFvQW4jRJXwmYEy5h8t OBBrUXmK1fWWcPfYHP/okvfOXaKWILheHS/mK0uCtL//NuH714Wv+R+YOePDqQ2vV/LD ec8A== X-Forwarded-Encrypted: i=1; AJvYcCUBPs3T9zjnn48PSysdZDiZRiSe61jclfHQSmKAMDlOTg776JWBULnyh9p6h/8dOGtYEZYr//yV3ef1RadEMPk=@lists.infradead.org, AJvYcCUndFnuLvTnVkNeenhgEyv5eIW6KIxavZ8ApoAQDKIQ/XSHuHIsXnli0r8uQluRkOmX9MCyMqPeS9yTN7mJi/fz@lists.infradead.org X-Gm-Message-State: AOJu0Yzmmhl8dLV4auXxiYnyr15JMI4mQjQYP1+0ufxENCUOlWK+PF1U JYuyYzyyXNDurgbznn08cyj4MG7s2aojrGf2Zg7j1+BrdivN6bCf X-Gm-Gg: ASbGnctnQIP0q+BDRyIFPwLI4wTYSoU3nRPs8nKVxTh0oNlToYenOiLE4LWgLR3Xorf NsK6ehUwflnmA9/eZT9kAVhP3UvxH1RZtxR/B9rfTydy/Vld63xlzRBMR7rgkudk7pNmr7Klta3 yNNhlywhrODb7HuCTdYNmriKTJChmRLt64eVtQ2Z8hnM4DoRmCyLaguK4Lm59ybwBdnhTsOfaNH ySmb34gCh8eJqNdawWQj+UtuCA9Uyl+GHtUl/B4YTMug86skiRBEhNndE53HFPm/6sYs8SdOMi4 0ppZSVLEOXG+8lXohRXHJga58xvVhKzTs9NDjwHP5ViXcYx+Zd7wUcAqvWxYcxET24bH5Uw= X-Google-Smtp-Source: AGHT+IG1ns72s5lAxuFqutU6jXgQGW+b3pj0eqZhJSim1Ie1bmEH6QQg6S3iFkPF3upMCtFud8XANA== X-Received: by 2002:a05:6402:51d1:b0:5d2:723c:a559 with SMTP id 4fb4d7f45d1cf-5d418531cf1mr3562560a12.10.1733823990457; Tue, 10 Dec 2024 01:46:30 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:30 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 11/13] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign Date: Tue, 10 Dec 2024 10:44:59 +0100 Message-ID: <20241210094501.3069-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014632_514728_60D60298 X-CRM114-Status: GOOD ( 22.07 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. The same problem for all foreignly added dsa vlans on the bridge. First add the vlan, trying only native devices. If this fails, we know this may be a vlan from a foreign device. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG_HW is set only when there if no foreign device involved. Signed-off-by: Eric Woudstra --- include/net/switchdev.h | 1 + net/bridge/br_private.h | 3 +++ net/bridge/br_switchdev.c | 15 +++++++++++++++ net/bridge/br_vlan.c | 7 ++++++- net/switchdev/switchdev.c | 2 +- 5 files changed, 26 insertions(+), 2 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 8346b0d29542..ee500706496b 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -15,6 +15,7 @@ #define SWITCHDEV_F_NO_RECURSE BIT(0) #define SWITCHDEV_F_SKIP_EOPNOTSUPP BIT(1) #define SWITCHDEV_F_DEFER BIT(2) +#define SWITCHDEV_F_NO_FOREIGN BIT(3) enum switchdev_attr_id { SWITCHDEV_ATTR_ID_UNDEFINED, diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 046d7b04771f..977285925422 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** @@ -2175,6 +2176,8 @@ void br_switchdev_mdb_notify(struct net_device *dev, int type); int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, bool changed, struct netlink_ext_ack *extack); +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack); int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid); void br_switchdev_init(struct net_bridge *br); diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 7b41ee8740cb..efa7a055b8f9 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -187,6 +187,21 @@ int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, return switchdev_port_obj_add(dev, &v.obj, extack); } +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack) +{ + struct switchdev_obj_port_vlan v = { + .obj.orig_dev = dev, + .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN, + .obj.flags = SWITCHDEV_F_NO_FOREIGN, + .flags = flags, + .vid = vid, + .changed = changed, + }; + + return switchdev_port_obj_add(dev, &v.obj, extack); +} + int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { struct switchdev_obj_port_vlan v = { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 2ea1e2ff4676..0decce5d586a 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -109,6 +109,11 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, /* Try switchdev op first. In case it is not supported, fallback to * 8021q add. */ + err = br_switchdev_port_vlan_no_foreign_add(dev, v->vid, flags, false, extack); + if (err != -EOPNOTSUPP) { + v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV | BR_VLFLAG_TAGGING_BY_SWITCHDEV; + return err; + } err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); @@ -1491,7 +1496,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c index 6488ead9e464..c48f66643e99 100644 --- a/net/switchdev/switchdev.c +++ b/net/switchdev/switchdev.c @@ -749,7 +749,7 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev, /* Event is neither on a bridge nor a LAG. Check whether it is on an * interface that is in a bridge with us. */ - if (!foreign_dev_check_cb) + if (!foreign_dev_check_cb || port_obj_info->obj->flags & SWITCHDEV_F_NO_FOREIGN) return err; br = netdev_master_upper_dev_get(dev); From patchwork Tue Dec 10 09:45:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901200 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7D728E7717F for ; Tue, 10 Dec 2024 10:00:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=CFsTTuW6zvJV2/j0dvEGRR2IPJ0CE10zFwh/NOpRTtg=; b=PbtZOHfxxjZoJSQ1waHlMxsF8w 70zeKkeYwNjRQ/u6/CyJSlhpOhgCnrUuWo99yY7xaHphmJE97kJVzHN3CwidCyN3qeE5JNBhygciC 16WocW+KX3vy34fPzY5HaYcPwQHX9jWnhdFgpemk0FXhS/QVFpRG5gEgRPAnzNvFEWM+CjYDstZb6 nlveWPBNXXxoWsapi9SBN7U4K6gX7m0LBEEeD1Pbi1hlSnFcTpEmxaEwT23bfm3AuYI1aEG0bM/1h 0391Cxi5eux8owxq/but2knlosdXfbD0JgpWYHBCcWuyJUHdcf1goBKuApuvKV1vMvEjArUgcvyLq KpzOZIdg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKx2F-0000000B371-1ix8; Tue, 10 Dec 2024 10:00:07 +0000 Received: from mail-ed1-x52a.google.com ([2a00:1450:4864:20::52a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwp7-0000000AzJT-2xes; Tue, 10 Dec 2024 09:46:34 +0000 Received: by mail-ed1-x52a.google.com with SMTP id 4fb4d7f45d1cf-5d3e8f64d5dso4369475a12.3; Tue, 10 Dec 2024 01:46:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823992; x=1734428792; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=CFsTTuW6zvJV2/j0dvEGRR2IPJ0CE10zFwh/NOpRTtg=; b=mgcw86mCaIqm1DAaeazp3haLrAdqi8iNpb5/o8K0LgihPe0ApFrPDrayOzL7+QCgEU fQE8/qjaP7U0aMA96nk87TT5JnJU7adtacThnuOrlmKZRXXBU3MgYPl+aOvWyDqxe9A+ CG/gsfZx5W59LxQy0xBCxSUPxVcB/3DeNZOBp3jggGtLnOsT4g7cBvl7aC1+pP6kAnAT dR8IKC+7Kpz1mr9hMpGjtvhmHMzjGh3oQZXIEl4oWl/bSbs3v0n8Eam32urgKgS00E+c 0sICs9Cb9imma8KyE5b83rovS4nqflyXK6z/yWJ8pIyVfbxaBLNFm2PfXWLtnELd0vfK zFUQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823992; x=1734428792; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CFsTTuW6zvJV2/j0dvEGRR2IPJ0CE10zFwh/NOpRTtg=; b=pufpAAXFclOMs58WvkyIJRYXN2/2XtceerPoupV2ke8ZQIx7mOPbFVMxe+N0ANZTOL GkCzuvvGWdPud5lgjccURDqtqC47vOIbV6SOS//VBVfndnA29tbaPVliNIUEN5fXLqts ydlJCaAa1L1BESengu+BUHCa4hPycL91WZou+d85JMTapc9E6mwxFTzkfj1CqpcIE7ah Aouay0RBsM9iNm7qJET7dkSoAYr0vUueyyxO7dnu70AiIWnBF6uMtz0Tt+9mnkA9Vx1u Hf/beC8ZJXrl/ZzFuO3PuBo+EQ2pcXsZpeBRcivv3O8BW+xofzKaH6fGxLJd1ljxas4T OMlw== X-Forwarded-Encrypted: i=1; AJvYcCVHJKWdXtCS+WJpYmuLcr6R6j/a2cOXEQG99qyNwYsfHcrelA3ByBkGCxUTGAoBJVMVjVHmT9ahEZrqGtny5Jdo@lists.infradead.org, AJvYcCWnDrMdAnxdQhna2z839s451c9zGBRWTsQ1GRnECvrZZmp1FoYW9mAgCbiHO0rpcF7QUHiXuuk1V9H8F64chrY=@lists.infradead.org X-Gm-Message-State: AOJu0YyBy+wvteSLKC2Nqy+UD+ouvmsLJOKL7HUtww5bKSGS17YiGUWT h5bTRAiICrn3fSiGgmciw6Pa+xmQgpuAHEdjY9Qjo9eeen3AFQp5 X-Gm-Gg: ASbGncs2IWk0MpqqVKdCX4/B8f7Z6nHaUpfEvZhj3WloenWTlu5Z9uW4Pxxev1FNOzT 8sgVQazKwj2EtjTChDkg9JiQAiokI43ktGiU+ORaAUFhitgbiUS0GCloX+JvmImKQoEOjc0qIcQ 0C+rmD5QaC4jRuroRIFWJ1ygoz5Zl/+tyt/LbHB842bvmPNkEWNuSN4UspO9Tq2oWNkGOfwR+bB lplDfUsjJ5kTDKm8PBK9NMvp26iD7SMJzcjbCuDdk46ir9Grdu1EuMklOdNrJRAudbo35TlJVpF eaaG2AsccXpFa5khSrmBM/5glU0rXSCmD+lQD2owGpNoJR7nJxUhIM4zYY4ioYGr4DGjELM= X-Google-Smtp-Source: AGHT+IGoxFgsuKE4ejuRzVCEJrbEw9zjzZMSxooOe80MGRVJD8eFS/tnxR2FJpuGaoBio2IEBDhCgA== X-Received: by 2002:a50:9fae:0:b0:5d3:cff5:634f with SMTP id 4fb4d7f45d1cf-5d3cff563a7mr12659584a12.24.1733823991675; Tue, 10 Dec 2024 01:46:31 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:31 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 12/13] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW for bridge-fastpath Date: Tue, 10 Dec 2024 10:45:00 +0100 Message-ID: <20241210094501.3069-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014633_773228_4D9D444A X-CRM114-Status: GOOD ( 15.16 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This patch introduces DEV_PATH_BR_VLAN_KEEP_HW. It is needed in the bridge fastpath for switchdevs supporting SWITCHDEV_OBJ_ID_PORT_VLAN. It is similar to DEV_PATH_BR_VLAN_TAG, with the correcponding bit in ingress_vlans set. In the forward fastpath it is not needed. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 1 + net/bridge/br_device.c | 4 ++++ net/bridge/br_vlan.c | 18 +++++++++++------- net/netfilter/nft_flow_offload.c | 3 +++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 6dbc442f9706..8be40145c1d9 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -870,6 +870,7 @@ struct net_device_path { DEV_PATH_BR_VLAN_TAG, DEV_PATH_BR_VLAN_UNTAG, DEV_PATH_BR_VLAN_UNTAG_HW, + DEV_PATH_BR_VLAN_KEEP_HW, } vlan_mode; u16 vlan_id; __be16 vlan_proto; diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c7646afc8b96..112fd8556217 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -430,6 +430,10 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, case DEV_PATH_BR_VLAN_UNTAG: ctx->num_vlans--; break; + case DEV_PATH_BR_VLAN_KEEP_HW: + if (!src) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + break; case DEV_PATH_BR_VLAN_KEEP: break; } diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 0decce5d586a..6a2ca7a5854d 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1494,13 +1494,17 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) return 0; - if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; - else - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; - + if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + } else { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; + } return 0; } diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 387e5574c31f..ed0e9b499971 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -149,6 +149,9 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, case DEV_PATH_BR_VLAN_UNTAG_HW: info->ingress_vlans |= BIT(info->num_encaps - 1); break; + case DEV_PATH_BR_VLAN_KEEP_HW: + info->ingress_vlans |= BIT(info->num_encaps); + fallthrough; case DEV_PATH_BR_VLAN_TAG: info->encap[info->num_encaps].id = path->bridge.vlan_id; info->encap[info->num_encaps].proto = path->bridge.vlan_proto; From patchwork Tue Dec 10 09:45:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13901201 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B1D69E7717F for ; Tue, 10 Dec 2024 10:01:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=kjMfgZPTOt1wzklPxYQo1KoCry3saUouaCrKRGjXlrM=; b=0ooL9tnPisEJgkjm1h8h04IkhU hHnJcsT5M3WIx980chDX/HYdJQRXr0v2GFJKB1kqC9yn79R+zaUP/s9CDVI0RtamQrIhAATp4nPmw opSD7NZ/GbiClByCl2ypuZu6J80Na5zzRdV//mmRbza6++VNWiY8JLw386pIJXNwTWinemn602NXp ZtMyXKfDv34YnoG873rCtrTNszHpQcUq/CHxu+hUCJkYm1udOXkOaxp6DP7QXJYEucH8uS2wvCaXH 7wwJUe7DcsUCiwRm+FQX20mV8ogAhV+chCJ8ujctA/lYuUQTH1nRNmBNI5AdC/sK0s+Rkd461zQr9 Xdc1kDNA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tKx3H-0000000B3QF-1YFY; Tue, 10 Dec 2024 10:01:11 +0000 Received: from mail-ed1-x529.google.com ([2a00:1450:4864:20::529]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tKwpA-0000000AzKz-38B6; Tue, 10 Dec 2024 09:46:37 +0000 Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-5d3ecae02beso3176553a12.0; Tue, 10 Dec 2024 01:46:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733823995; x=1734428795; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kjMfgZPTOt1wzklPxYQo1KoCry3saUouaCrKRGjXlrM=; b=FsFrrBEvgvXH90PQGRZSE5mpQ88fA/snPd7n9LlmBM04bKoO2lLUDJwuVCOl+R7RWd F9f/QhLMQKwFqQgFR8bG6koMI0Vc/mrUPh7jeqSlpNhjkDCS1k/7M8ZDTgy4p5iFc+ud XU/a1hcM8h+VjmKpj8sK55uB05JfMEEYihbp8D5JRrNx+blMsBga1wXyrw/M1muiSRqI YwQsxqPf7wEpiiIKdrgtjEuNhoN9uJ7F1w9trd3zq36+BiApcn7AW0lu8XDQ7AKnUzuX MGc61u5xbx26Q53p82gaA3tzZjlIk1LmESNjSDinuEKqklZb2iiXEVLzyicYUBkP+XTM AY9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733823995; x=1734428795; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kjMfgZPTOt1wzklPxYQo1KoCry3saUouaCrKRGjXlrM=; b=GmalsHvP7ZTB7oqmwet78XI5L032xDIFc7nAfRwdOkz6Fy1xz3koCVyO/F03K2vEh/ xaqEvUKU+O9A3mAZef4gyWhx7KoXkm2CVPYQJEcvJK5FbOxeCdz0yaUbH3G98TRr/RKR YQa74B69LR5tvmhs38qXpvwE940v1KBkMxWHQi36e5pJSjVlUFXmRfeQq85QIjbxt6W9 UuUsHxDxDvt7r+T11Nif/ryOR6dMvsNdGP7NfFosxpHykzQ5hlhU304OcYL/dhui5eS/ L4vLal1dlj997xuZ6zhIVP+fbi/tt2m5Lzy4xKHXlTVL0Rm4T8la5x1FNSlwyvoF0/An GdlA== X-Forwarded-Encrypted: i=1; AJvYcCVjPbX8ypFhkHYyH9KI/fJFmKhYQLRcQBr++jKMyxUeKRlY+RSNVIyUpEjrjALO4t4fw2bha9yAcv82P7VXzZui@lists.infradead.org, AJvYcCXjuPxVvxiC7op5ZE5JmB4lf5eInJAWGXKbVOOx/NuY0MrlnWASAesDzOdMVuSfe9TY8VovSv8I/1kgVpGsW6M=@lists.infradead.org X-Gm-Message-State: AOJu0YzV1zBqdWzSfRhTr0tJ8Kn6AdYYkmx7mZpZz1zvp57s18CJpD0K 0y/7dlDdl+zijKpM1CemNlidPmC8NWy6ewjtIC++YjyejsFudX45 X-Gm-Gg: ASbGnctiq5hwe8/C9an/eMxxEJCyEJ9YDN5iV1n2XQWQgh+7P7Bya606TU7ezFcItcD 0VcNwrXf9xgz0JQXtu1ViFstB0FJOGis8ljNRMMIqZX3Be9zPFlJkZKgzRGpfe/R0ZKUkmUuasq FcXOy8lgnkNPE5X00g3c+HNz5l+xIlTUoDed6VQXKAVCi5eHDiTTYUQSuHqfC/FaCVTReZHAbTk enYcHbKzYoTLiNQolKmlEd2Znr4R+mepfUZTBz9pKFQ+IvXQUSf5z93mpMVuC/DlDCSm5JfviUj 1Y7yRdKLkxvmzPd1n/dPeIuUw5dxevOmxFhJ1Jt0eINo8ca2M3SltSolYNIJZJn6S9yJOic= X-Google-Smtp-Source: AGHT+IFAu59kegmItDpMGH7TM0Tzld+Gwydm4Aw22u8I6s2WTgEkJzLS/k6ir2kKhoX3eegXigdJOA== X-Received: by 2002:a05:6402:51cb:b0:5d2:7346:3ecb with SMTP id 4fb4d7f45d1cf-5d3be69d3admr15117186a12.12.1733823994692; Tue, 10 Dec 2024 01:46:34 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5d14b609e56sm7313936a12.40.2024.12.10.01.46.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 01:46:33 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , David Ahern , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH RFC v3 net-next 13/13] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Tue, 10 Dec 2024 10:45:01 +0100 Message-ID: <20241210094501.3069-14-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241210094501.3069-1-ericwouds@gmail.com> References: <20241210094501.3069-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_014636_785155_BFB6B7B2 X-CRM114-Status: GOOD ( 19.03 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 144 +++++++++++++++++++++++++++++-- 1 file changed, 139 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index ed0e9b499971..b17a3ef79852 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -196,6 +196,131 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_stack stack; + struct net_device_path_ctx ctx = {}; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + + if (th[dir].tuple.in_vlan_ingress & BIT(i)) + continue; + + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.out.hw_ifidx = info.hw_outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + const struct net_device *out_dev; + const struct net_device *in_dev; + struct pppoe_hdr *phdr; + struct vlan_hdr *vhdr; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, pkt, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, pkt, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -306,6 +431,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = (flowtable->type->family != NFPROTO_BRIDGE); struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -359,14 +485,20 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_route; if (tcph) { ct->proto.tcp.seen[0].flags |= IP_CT_TCP_FLAG_BE_LIBERAL; @@ -419,8 +551,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: