From patchwork Tue Feb 4 19:49:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959830 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EEB72C02198 for ; Tue, 4 Feb 2025 21:16:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=hReqSOryWSBxLxcCjPL69wHXkkJ0+0vpCdAHzzOtlNo=; b=LJKSHclw+x4/RuJ9NKvH0lHroG iWfM0rUBJdAVjvN2T0bBSSzztyoPZyvMpCMES7pnQaH/nbrrMdC2rZpOMuxJBCumsbw0wbTMtvxNC mZK0e0U4B2ocGUTZHOSGrwZsBEeUXA7/S2l/Jb/trUJ1Hrx2OYKnx7conegUfoxOmXAfFrNdWK+pj QeaKTct9nGbmLSP91Ke8ocyDGnHjdSJxWpP0rlrze+nTQ2BBLNqiQk3wmgBe6clrt6Epbtr7Ypid2 Fuaqz/hrYf0GiMrlnObdpor0Q0YcRz/8//gVD6xguKUK72rlJtAsh7tF0U+xUTnD/mDjkNn35fROD 6v+/X+ZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHA-00000001ZJx-2Brd; Tue, 04 Feb 2025 21:16:08 +0000 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvi-00000001QJ3-2oM5; Tue, 04 Feb 2025 19:49:55 +0000 Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5dca468c5e4so5145674a12.1; Tue, 04 Feb 2025 11:49:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698593; x=1739303393; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hReqSOryWSBxLxcCjPL69wHXkkJ0+0vpCdAHzzOtlNo=; b=iqfsoyvC9/TjHOLl4KxcAWzwoBM/xvB2UihBjBXeJtyWbu9ZMUTrHUgzzxQbPtfDQ7 Fc22bnogWQsptebyGP3wIEGiCKCGzZqhTvJTJxluBxMCf6flx+qmRuAFUgvP1U2gxzI/ gVNUvd7Q0lu8R9G3fIVn9rBMOkWIkbIMy/vCduCy0gB0n431fJC/jlCHT1JvQ7dG3O/a CY8e6G/n2z4g+HfaldBf7RgHKZlkcaX4jvkSn8R59sz1mKqbZ7rL/fiG+ulPP948kaRe Ynzj5QNhlxNUOI6asiKddGGd60qPkusFVPBwYwMTSOuG7lDNrk+OT7iZ9h4+APVn660h rMog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698593; x=1739303393; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hReqSOryWSBxLxcCjPL69wHXkkJ0+0vpCdAHzzOtlNo=; b=HNjlbsfK+J4dVKHROKQTP8Rchog3Ps1Aj97ng+8eeWBEPhH7J55KSDQr8dWLbFfSdn 6CY/c+EMcmYJLJve17hkeMrgGcVBCokesMlLOv84oFc7gXFYK97PSQxdxSSowxlJOzGB KrtfGmuJobc2Z89guVOlMwjCXrYY+46da1dsuT+Y/jFtzOiIPzDVx0Lj+KDQ4wexQJoC zP2ywCTWLikOIfhK0Hy+q6W7CNdmFCmqXfxdPhpv3o44aoutSoqnqN/74ObuDytWa9om rZ/iw8Qa9gjYTQ0nbTy7u6wDlTgjeqpWpUO20o6RIv4ZyhL5nOpbYPUMZlNgRTknukei 2yOA== X-Forwarded-Encrypted: i=1; AJvYcCV08o4zmZ8HP56ElTzlVKXF5V3Sz6k0ms/rIUZGSWs+4KkdzkuU29j2Tv0REohsuhSCLFpWxhZDttaDCgR+q0Bb@lists.infradead.org, AJvYcCVXI0BlNcE73qkgE2OjIg/b8jqNBvq4vgA6GAo/zZW/O1wCtQPmkXDfWtVFZLbAspMlHHJPyhdTSC5QlE3LM6M=@lists.infradead.org X-Gm-Message-State: AOJu0Yx9SudZ07BIIJ2K9i08OvbJUq56AORW358Ybfz4oJaPCHB4mvy6 3oZGwTVXw5OibJQSun0n6/vLjnGAB+KiD4XDB8IVC6bGiyuamVWh X-Gm-Gg: ASbGnctJ48m0XCd52fJlRfN710eqzL3kOAao0R2qKOP/9jL2jhtQKm9ulSr0icyBmKu PBzNWYWCkuMVsBttHZykv3UvkVui3TsCBal6zPQHWVsyI63vA6IIP8ASFt2IA4XT+3Ve1sCu9sr m3ufLtQbJNPJIiPNC7G2VMt/6SRMyLgdx+t9ABjRJ+jsSiRK6xYOaakpCP7n7fWPYoxokPwb4P1 BmZQFXZm2PavPc1tzZ2SXQgp391h6SuaFzix8wgoIZKsdnERtiehwIKX+tuKhT8qM33lFm7acaA QqShyz+XqzAFjTDBOPvfHso6mSiGjzOkxc5MFQGY1USZXu8aWRZe0YKetgcmkx6Vwtj1t6nFNVZ DKK9E51Xgbt3SSYvC4S1M6xSraFADvsoo X-Google-Smtp-Source: AGHT+IGtVUW9tbXkyeQh+dXG56PVOCAX6Na2o6XwACfLwRut5izfY5IpER9JhHtUBftowoAmLl2eWA== X-Received: by 2002:a17:907:94c5:b0:aa6:8e9e:1b5 with SMTP id a640c23a62f3a-ab6cfc872f7mr2875947766b.3.1738698592608; Tue, 04 Feb 2025 11:49:52 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:52 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 01/14] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Tue, 4 Feb 2025 20:49:08 +0100 Message-ID: <20250204194921.46692-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_114954_715006_71CD776A X-CRM114-Status: GOOD ( 19.81 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 97c6eb8847a0..b9292eb40907 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -306,6 +306,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -335,6 +421,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -343,6 +430,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -464,7 +554,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -761,7 +852,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 46a6d280b09c..b4baee519e18 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Tue Feb 4 19:49:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959831 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EE469C02199 for ; Tue, 4 Feb 2025 21:16:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=uYHS436MhCvQPNlHTWPNiRlg7kt4orCDQn4NLGRznHk=; b=ewSvuIVlLTfAbMuXx/ckFP6O/h 4n8Q0yAkIQJF7H+zju/biWJ3FSGfh3JsVUsx+gnp+mKfb5Gfaiip65Giuz8WZxvhy9i/qa9YUWaVR 6vMZ2hU70hatKXrmnX48ToUgmU9TtA/JRnYd6MEDcBbu0DqWkCCSr8ScYzHbFYqUu/WqDNnVki48W rw8pI72SsWFOpN1BYJnfYnxGwPKTM3kTTIEjx6SPHTJuaTqhwrU5oIQNmU/k2huUU2maraXByWbGx 4Fy1o149opungo/vMSpWsO55pXmmfmu5xOoN1DNLrkSyBGGOoyjLnTAqgtlyQ4tvDDhxFLoUqhQkj MO8ATvVg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHB-00000001ZLB-230x; Tue, 04 Feb 2025 21:16:09 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvj-00000001QJZ-2JEG; Tue, 04 Feb 2025 19:49:56 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-ab751a7f67bso126146066b.1; Tue, 04 Feb 2025 11:49:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698594; x=1739303394; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uYHS436MhCvQPNlHTWPNiRlg7kt4orCDQn4NLGRznHk=; b=jAaRLHCf8qz3h6toHoFEJyJt92/k3IZuzsb0S1M10i7FTZBrxJwxUt3wCtq6meZa9z 1Ll2dX2xiec6/TuRF9rDGBSh+SFftAfNpKziEhriTrub93Qe7jhdxtZVJ/jtBqp7GWIc qFVnmO4inVjJo5zWaOexqnAuNFCqoENOmYlF+ruRS9hqNuzgXDmtJ6DOzGi71b3EYXYe hQ+yIY5bXkGMoNSb1Rg07HX29qDj/06X3JMlmCsvd+10uFYnL2//8clpUIWBwdDfL9cY sMeAln+jzHFFPffN4NxoVPjRZAyFK3jNecd4/Mo5XQXH/PjngsWM5Modlzd92v6pqFcM Qtmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698594; x=1739303394; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uYHS436MhCvQPNlHTWPNiRlg7kt4orCDQn4NLGRznHk=; b=JfaNQ3fNb+qySPMT2HUAJ2j7Kep3hPM4ULl8R3IlCGIGqIow5PAVwqNjIx3ewd04lZ qFs8jHxrGX0M4aKAc2YP8Ob2bubDltVSrqz9iAGQ6EuZ1N7RyTGjFbeOSCXcBAkcEVkM l+y73yD9JBRtr6W1ueAZ2Vpr2LOSFwNC5J2LA9Lc23lckZugbkUv62/rN1p0LFKYPGxl ttsBlBziPFgTmY6S7FwLn36bYmBvSgumIw/E+OcKwgKQ6gN8DGeoFPpuLa1Su0R5JXLD LEo9czCjyiSgC8sHn1teriKsG0tfuFb6LbGgnhc1v1UiBcKNLVAm8fP3cBoJrt0JU7iq 0SDw== X-Forwarded-Encrypted: i=1; AJvYcCU10qv8cnyV8ybLbu93bN5Ad+IEpyVPgmUOjS6C/rth0Bk6rZLX/Kv8f6h+W6AzU+aHxOYZfWEb/bZgX+AAAo34@lists.infradead.org, AJvYcCUnGS5FO6eMVMXJw3890FJfSeu+RBV3YpyBnis3VsaNNw9jxHLYVViPttokcAK61RQKeKiCmpZUoSU8yDN5jKo=@lists.infradead.org X-Gm-Message-State: AOJu0YxOS/3p0hQspssvf6NyJLr0n2CFS3YuPkI3qTZfleRvL5C1vWND F4b3ds5Y7Hc4A8b1r41qTpERd9m3GCxT4pkZwAeBLekjoJEhPZRp X-Gm-Gg: ASbGncvUdtEjlnCoJlgsjsVVVfxUoiAvtoLTgZDkr6kdR5Ns+ppyouQwaK873ybYPVC q1SPz1rzm6c66yXldltez3C+iPzbFQqRoYxeCTPnqaVJ9M+mmhvGRYO7W0FayEyQXg5snP2A/yB gNMv2Duh/cjE1XAdyBQ9SJetyS785nbHslVp/GS8aNnqE3PhLSpEZLUmrU+4UBna9Sn32oMtDQm WEL21Ql9ACa9lfVjrqXnUzAEJeczxa+iP63JQ/go3VgnAx6EnJ6NXqpIRxfFGDXPtzvLE2Y3C17 YrrG7RtU8gDnFSbnn3Uo8k61NRQFM46F60dI6f9FNDxBng+jzQsM1d/V80lJZ9RAsdV1R1EiFoU scECA08vXax4jld6zKEGSpsTf+n2P3JwF X-Google-Smtp-Source: AGHT+IFfJwb9MQyefWJ9mzFYp2BV5PmqGkhxPrYjuZLqNPTns6xWOMQoNOZAbpkulbWsZqH9uAZmRw== X-Received: by 2002:a17:906:1691:b0:ab6:d686:de7 with SMTP id a640c23a62f3a-ab6d6860fc7mr2382446866b.44.1738698593832; Tue, 04 Feb 2025 11:49:53 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:53 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 02/14] netfilter: flow: remove hw_outdev, out.hw_ifindex and out.hw_ifidx Date: Tue, 4 Feb 2025 20:49:09 +0100 Message-ID: <20250204194921.46692-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_114955_586685_B62063E6 X-CRM114-Status: GOOD ( 15.21 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Now always info->outdev == info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 2 -- net/netfilter/nf_flow_table_core.c | 1 - net/netfilter/nf_flow_table_offload.c | 2 +- net/netfilter/nft_flow_offload.c | 4 ---- 4 files changed, 1 insertion(+), 8 deletions(-) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index d711642e78b5..4ab32fb61865 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -145,7 +145,6 @@ struct flow_offload_tuple { }; struct { u32 ifidx; - u32 hw_ifidx; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; @@ -211,7 +210,6 @@ struct nf_flow_route { } in; struct { u32 ifindex; - u32 hw_ifindex; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c index 9d8361526f82..1e5d3735c028 100644 --- a/net/netfilter/nf_flow_table_core.c +++ b/net/netfilter/nf_flow_table_core.c @@ -127,7 +127,6 @@ static int flow_offload_fill_route(struct flow_offload *flow, memcpy(flow_tuple->out.h_source, route->tuple[dir].out.h_source, ETH_ALEN); flow_tuple->out.ifidx = route->tuple[dir].out.ifindex; - flow_tuple->out.hw_ifidx = route->tuple[dir].out.hw_ifindex; dst_release(dst); break; case FLOW_OFFLOAD_XMIT_XFRM: diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..d8f7bfd60ac6 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -555,7 +555,7 @@ static void flow_offload_redirect(struct net *net, switch (this_tuple->xmit_type) { case FLOW_OFFLOAD_XMIT_DIRECT: this_tuple = &flow->tuplehash[dir].tuple; - ifindex = this_tuple->out.hw_ifidx; + ifindex = this_tuple->out.ifidx; break; case FLOW_OFFLOAD_XMIT_NEIGH: other_tuple = &flow->tuplehash[!dir].tuple; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b4baee519e18..5ef2f4ba7ab8 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -80,7 +80,6 @@ static int nft_dev_fill_forward_path(const struct nf_flow_route *route, struct nft_forward_info { const struct net_device *indev; const struct net_device *outdev; - const struct net_device *hw_outdev; struct id { __u16 id; __be16 proto; @@ -159,8 +158,6 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, } info->outdev = info->indev; - info->hw_outdev = info->indev; - if (nf_flowtable_hw_offload(flowtable) && nft_is_valid_ether_device(info->indev)) info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; @@ -212,7 +209,6 @@ static void nft_dev_forward_path(struct nf_flow_route *route, memcpy(route->tuple[dir].out.h_source, info.h_source, ETH_ALEN); memcpy(route->tuple[dir].out.h_dest, info.h_dest, ETH_ALEN); route->tuple[dir].out.ifindex = info.outdev->ifindex; - route->tuple[dir].out.hw_ifindex = info.hw_outdev->ifindex; route->tuple[dir].xmit_type = info.xmit_type; } } From patchwork Tue Feb 4 19:49:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959803 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 29D00C02193 for ; Tue, 4 Feb 2025 20:06:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ib9AvLEqJNS6gnJbPJClceeQRzwP8bycAwF1f+d+KWA=; b=v61ZewqW63ZC+0rG+Az1C1In7M 8tNVXiRK+OkLnMrk/22JEFmvy3gvOl8RSLgp3ciNmSs2urS7XLbNwPgbg2i2YBLkuby+EI614tM+2 4iduZufm4ABQG/pp05FdZjgoaRQxiHKhggkrRDxjSpRewimozVUorn/JIJk85hMqmOcLSpBcfY18i /+im2oyI5CEWi7HVCmpdikrv8Ndsmggu/f8TNpF6xX21L4Cl2+3M2bp+UmhCmH6fh5hyR8AOy8Iz7 eDea87W2Jycc5BR6G+6XpoZ48DVZeac00MlWPtIX7F07sqToFccMA9DCnC8TmV0N/oxzr9uwnlICF BX6if8WQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfPBs-00000001UOH-0KIU; Tue, 04 Feb 2025 20:06:36 +0000 Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvk-00000001QJw-2eHH; Tue, 04 Feb 2025 19:49:57 +0000 Received: by mail-ed1-x52f.google.com with SMTP id 4fb4d7f45d1cf-5da12292b67so9829866a12.3; Tue, 04 Feb 2025 11:49:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698595; x=1739303395; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ib9AvLEqJNS6gnJbPJClceeQRzwP8bycAwF1f+d+KWA=; b=c+KKJa5CoKGpAtkgzPoYgJV5jUXu1zIuxeUXi56CUp1z5AkQCYQvTDtKYxtJUOUpLm +HyYSmmt4SvSZUViIJYt4QsQOg00DnA+Vc3ReC5bEE1L7fKRcSvg5utmWKOmnjWpR6iM SE18beGBWzJDgsa7PvFU7FRwYnkHY8pft2jomobOAT+rB1E0i4aAkntFCIn1tsR5o2hY 7AwubI6L/gYLv94TQNXnwyjOxo9Zte/bbOlyEL7JVbOEl8myKUOoV21CM+7MLVg91Kt4 jdwoP6NIeQGIvdB4ujJP0vL4Z0TP/El99gJD64zWM2IyJdFhW3/hQ+rTc8MP2//Vx0b3 7Zmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698595; x=1739303395; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ib9AvLEqJNS6gnJbPJClceeQRzwP8bycAwF1f+d+KWA=; b=czyCFQSw4c32W4Giw7sks25U8Mn2DSTFYTyQPrzTS2LDhiUr6kb45H1obA7a9hRjtP QKdl4V9haoBWCy9ztox6PdEqW8VZGB01vjQVkEkDlX6OVrg1q37sP8HCqI56Qba2goT0 P3eS4UZFUU8uyofEJsrWDjAU/v3zwmLQ64Aes6cFBQHb+F1htojXRcOejbppNpudv8Be 9PzXCACR19uXXStyUMZu/piYS70/9mpf+usEg/C5q1aEVtVOTcmAIzoN8fedXiAs7hPf QwY4xw0FbXnoCpJ4wGaRoq+oG7VbJvmuk50ybRuV4JFeGoR3olwlXh/3UC1F9lw1rvEC 5RSg== X-Forwarded-Encrypted: i=1; AJvYcCW7rmsROFUx3zf+1T9ANznpc24SIb03BqHwDY9FKwSyrABUazxx6PeXY2WH1ORwMLuMGJ0ZHdX5VFJoupOpIWgm@lists.infradead.org, AJvYcCXvuvUka77nKM75huzXBEH2DG0OucjyLrrNEdtRwuORchDS+HQftvPPCNGau/JqM2yT5fBB86RuGyxNrKDIeSI=@lists.infradead.org X-Gm-Message-State: AOJu0YwfmtSwzLuMBaVprMv8NXejeeOk79c/PXqbep3MSUqav07jt1qO /3t6NpndXyEJZU8BKxleFAbMxfn5lDhDOknA6LSIiYCzZjSJbKpt X-Gm-Gg: ASbGnctkdiXBUvHdKoDtNNiQBUkM5pPglHk9jOwqqYh2aY1FBS+0CiseHZFuKs39SqU 0xmWDSw6qvjIt+9dMAPaQ9TKovOdPYzXa9OJbDocoPCBghvmZ9ilpdlIaWzeddbIomanlsy66qf 8bd0E++yZ6GR2eGKAaIC3BO080KlyBw/5nqGFmrDeMUzsvXk/RqxZABi+Np6Huikdg8TRdkZFOg m+DDu875EjAesk6JT3YJ7N9W2gEuMDr7hewpzryIWgvMHiH8IEGSsnduBZi5PMwTUlQgfzbemMt hoQpLmW6skFjJ/PzKDITVOjvHFMQ7W/AR+7wrUBlSECdLnlzgi1pypruKJr0NcdpaXF4+qG6a7A Nj7FNCLQORaVfixcHnle6Et/zYsZkstjX X-Google-Smtp-Source: AGHT+IGf3IkwvSSJoKILC1ANmqlMUZbmn5SVVf78+zzm+WJ3NpPA8bAAleXtOAgaw/lW6KLqcZmgsA== X-Received: by 2002:a05:6402:4604:b0:5d0:9054:b119 with SMTP id 4fb4d7f45d1cf-5dcdb762aaamr643520a12.21.1738698594982; Tue, 04 Feb 2025 11:49:54 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:54 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 03/14] netfilter: bridge: Add conntrack double vlan and pppoe Date: Tue, 4 Feb 2025 20:49:10 +0100 Message-ID: <20250204194921.46692-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_114956_667840_A6BD7065 X-CRM114-Status: GOOD ( 14.36 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra --- net/bridge/netfilter/nf_conntrack_bridge.c | 81 ++++++++++++++++++---- 1 file changed, 69 insertions(+), 12 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..6411bfb53fad 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -242,53 +242,110 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, { struct nf_hook_state bridge_state = *state; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + __be16 outer_proto; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): { + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph = (struct ppp_hdr *)(skb->data); + + offset = PPPOE_SES_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + switch (ph->proto) { + case htons(PPP_IP): + skb->protocol = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + skb->protocol = htons(ETH_P_IPV6); + break; + default: + nf_ct_set(skb, NULL, IP_CT_UNTRACKED); + return NF_ACCEPT; + } + data_len = ntohs(ph->hdr.length) - 2; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + case htons(ETH_P_8021Q): { + struct vlan_hdr *vhdr = (struct vlan_hdr *)(skb->data); + + offset = VLAN_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + skb->protocol = vhdr->h_vlan_encapsulated_proto; + data_len = U32_MAX; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + default: + data_len = U32_MAX; + break; + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, From patchwork Tue Feb 4 19:49:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959804 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5788FC02193 for ; Tue, 4 Feb 2025 20:06:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=kkGaA4c7zu7TuRSY1s83dH0+lqC3nn6Z4nZphc3xrDs=; b=CyJrTZ4HhmcYD/BigJAK4f2Fbc 6SPto7NxjRotuO53ZXm2XWw7hab+9QI3gkgUKreys1b5/7ZFX07xN2GbOl8/6a3XWSNSEPisy4See dHezsftZumzgsL8mh2kmsyYjQIfnqJmoVr9RnELuWt2CQVuldnEYqpmtgYmWNbsphhK3C4cE4rOq1 FNarrsuwq2AnMd9x4LxbenbfcO7Te32xuikzzjlWdtTr91GG72PZiiqE2qsgeXjYd31lJfxayC8Tq /uWiWDPNZlUmdK/0q+wBC1RD0Ahi23poj1bnE4LQrOt8TnLZ+YjnZOrRNS6Tf9R8fp8WI0vWwS29v 0vy/f2Jw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfPC2-00000001UPK-1bHI; Tue, 04 Feb 2025 20:06:46 +0000 Received: from mail-ej1-x633.google.com ([2a00:1450:4864:20::633]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvm-00000001QKS-1KF5; Tue, 04 Feb 2025 19:49:59 +0000 Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-aaf900cc7fbso1227369366b.3; Tue, 04 Feb 2025 11:49:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698596; x=1739303396; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kkGaA4c7zu7TuRSY1s83dH0+lqC3nn6Z4nZphc3xrDs=; b=IhIBX7SQD7n+cLs+SS8OWyo/0mCbFfHdaHEJRIMifFvqpqNny59T/clCVOGXcnEEjb tvh8Ui6Y5U073MOOuPGalahhEyVIeK3pOgcYKZIzRw19czHgAzg3ftLDg5Z9wcgsjvy3 r15pYjQXwIVZoi0/pc5SLW8/ym8tSnT2AOCuEA4X+N/8TsLRjSykv+1OWWi1f1EEKp41 BoSRFYs4Ota9ba571k4u7ktXvJPLXuW8O/xLcnvXSg54kqdbaWx5QKKhL0W/8mOltIHB pwdUrmt02EINN8tqWon6Uct+zxMoxpOPuLzrKYuzglIdFkbMFiZh6R5gpWw4wW3hm4GF 5WHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698596; x=1739303396; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kkGaA4c7zu7TuRSY1s83dH0+lqC3nn6Z4nZphc3xrDs=; b=iVdeqdPgyACxTGdRiVZuXM7a6sIf4nl4EkBAXZF77HrTst9bKgvHvZp8n2Qb8SwayD ETJUzhLMnXpyDsU7oyDfLt/jRBbKVn7YXsHL2TmAbtwjnBxiTn64bT6kdoyLZ2yTIwdn 0Kn6HylonfI4Ar//PS3ffVak2ioC1SOrPFlnpaJFyM9WeD+5L4vM+huLYufeXzrFTwZS IUHXUV5C9Pk8JWvvKdXlr3eoJVNApegXpdbGYR79nMa8H2QGuEvyo0oSjbLt8p7aDBLj rAYw6cKd/rptg2gwTAyTDbTL/i2+IqS9rSrrSsJ3D84p34uDZ18keJ0ha8fdDV0tcZfo Y7Og== X-Forwarded-Encrypted: i=1; AJvYcCUhPb+3Zkju6JrSpM8u7qnAULx/Mc30ySy2aKEqk+G9JPtlgX7ypxWbpe7u9d86oY7LqRF0KxmwD7vPD3WGKTQ8@lists.infradead.org, AJvYcCXY7poibnhqf5BFp46ftBtkIdvY6XdRMcPETWDgC4UsGTCR5k0tXLBILjWUAVsq0VzMGLVr0JjIFdVsAZSrlaw=@lists.infradead.org X-Gm-Message-State: AOJu0YwF/kdJqlKGDEbPbLY/daqakNEuGwn9o7ngUyJMjxCYt334Sl+X XBR7F+Me4CAzzm90CXq7g2CjfEf/qRdBG6YiwXm1sZJu98K8hQn0 X-Gm-Gg: ASbGncvIEZGhI4KnWJHHjVAMllL/mJbHj8xeuwPc+cGUJfwAvRFwrUP5M/OG7V4pq/l qwrFd6xDL2+VLfNppqY1OomMRJ+HQYw4XAjU1HXMSAylUuF4ViUYkA7Zpi+H6FAWlRvi+/lV46B jYz34K+srKY+qffBW6VDok1NNRas36gz4dVo0joX4tw160fYjqyi5hwCMpKiSFDSXJ5AguydO0g bPtZAWmGZhHliGy0QXOOYRQHazqdTAuqAGqtBA5erKlvF9JfYou46DFBgZCfjjaT1cUf+pzkZ+Z OIUMoL9xFoFDZmmm4K3us9SOTh571F21NhbmcIHAHIGBw0tL+lshN0UhYP5NbZ9iJiUHKj2kWZb uRhaO/0G3MWmHxaDj7eY3bYJ4zhXoVf+h X-Google-Smtp-Source: AGHT+IGs4CC5gM167ZayoImsZp06NKQRfeGwh8m9DaNw+WB4zUAYvUsoKlU1KSkyxVdKrRT1PS7NMw== X-Received: by 2002:a17:907:944c:b0:aa6:7220:f12f with SMTP id a640c23a62f3a-ab6cfce5fdfmr2766061766b.18.1738698596201; Tue, 04 Feb 2025 11:49:56 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:55 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 04/14] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Tue, 4 Feb 2025 20:49:11 +0100 Message-ID: <20250204194921.46692-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_114958_350736_8988D228 X-CRM114-Status: GOOD ( 12.59 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 19a553550c76..7c7080c1a67d 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Tue Feb 4 19:49:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959805 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 12A31C02193 for ; Tue, 4 Feb 2025 20:06:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=nsPCevqpueBx6GSFI4rD1h7XgDDvXf62bnEByGQFocw=; b=0wQx1Q2d8PhUHPF9Gs0Ya7R8mG aWtHJyOgB27fLno9doj4l3twiMfO+LkdCp7/QxWg7X4PnjGAa5jauRVXk7hZ6AU0Md4VRGeztfuut hih1PPOwTzNRe0stGNlvJOa9q+X+2i4f6Rvg7M7ajzE4ZhPNEtv1dcDThbSpDgCmP2SNNCM8qTu32 zLc2nXsGMnMjKCGlDm8H8fiSaaLZNUfaVpn4GOkwRZtZi7NhSS/LMpQFellMSx8EZTa8Wp+mbokRl PHCzTVnPRgTxjNJhglQYC3Zk4tc6wvgYujAA9fHXMCCkI4+YdN5V/Ok8nC3rFYdZT0CaggZ1HCbxc eS7gBt0g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfPCD-00000001URJ-484b; Tue, 04 Feb 2025 20:06:57 +0000 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvn-00000001QKi-0G1E; Tue, 04 Feb 2025 19:50:00 +0000 Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5d3d479b1e6so8346987a12.2; Tue, 04 Feb 2025 11:49:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698598; x=1739303398; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=nsPCevqpueBx6GSFI4rD1h7XgDDvXf62bnEByGQFocw=; b=DLSenMxMjEKOYV/+qi/26Y9muHR0cFcHCpGjodn+ODDOEATMJUturcBgdF6FHTsXGx zbZP1mDCDZ6lVb7vQ3gPeWr+BTFw0meams4y37amntHgszvWl4TdrbvAIh6OOBOn/maR RrBTmWjlAH/x3+BI74ZudbtmvIjgzlVW7Gnx35MgjxbEzb3r9GJQSqOUOMu7JZzwuEHa ZOdPMNvNbktPaZHynwZ7AE5OOHuyfnQ9C2VygiDjH2SpI55cFpP7xImkASrg8QiQ8Kzx iwaX/ns/UNIPEsdG5eHvW75pSrvSNuw1svnqV7/4I0sDwg596ijbb8kF5Y+JR2AIgoZ4 OOxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698598; x=1739303398; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nsPCevqpueBx6GSFI4rD1h7XgDDvXf62bnEByGQFocw=; b=wYQNBQOiCW/M5UbXCAIzKFgOyYtZzAhwQTYVeoQTBb5hN/qv3v0td9mDgzAF6yYKqZ FmoqJFfN7vR+2L76wBkCDi6Wi7Qo/uEs54nngMT8y/sT0lxmZKlTINnobiPdAqEspevi o1S35/jkL3N8TLIWv5ttKJAhZyUQK81MwOO+klJuha2vMPkS4cPJc1XSFMWh9C8lhEXv BBz4efCSqxXjDO0OFQy8LTSSTw7YNfSZ4XCpNg0TS3ym8X2HspG/nnawkSN+GbxQytOH YpNJcyaCHc3yFcplU4DMcP7Fyjdfk93WjxN/3qZWpyWB6+CpSF666taZP+5ep3/RRC73 37hA== X-Forwarded-Encrypted: i=1; AJvYcCW8J6YbfgvQpd6n61eELM9ZIFaP5uaPeLMuzD9VnZD/p2NFolUqON3fjcUniJ9+A40wRLCf3QvNZXkjzOh43qo=@lists.infradead.org, AJvYcCWrvXbkjJyOjXzDlmAY0KsHC/mgO3juEQSZUl/LAA1c7h12CN00kjAbUXIa1ou+HR/0QNMtBFuhooKEsbTL1Bbm@lists.infradead.org X-Gm-Message-State: AOJu0YxlbHgLwUtjBTUVa0WIRgn0SWA9k4jV/7vUAMkTNGXTGUq111QO deZ4bSKsp4TD/EFPmTmO4OWDg4yaTpmhOm3bM890ExXu+8/pdi8n X-Gm-Gg: ASbGnct0Ck5TZYdL0AT4lEtK4TvbMSrGkvUX0z4DBhRCBsRbu3owkvv17OTacurwdTA /3xTJuqzfaDICVSNvoflpsHNmV6+cEdCwJ398qpscmuuRUIm7MTIbc26f8e92PoBMWkchqVVflh v9v+7FpFDMciEbuJf68hkOSV4CtVm/iFLggEsYRW0l+qN4u9ry+VR/Ek7VuRkP2nI0fpf9bUXGo pEDnrSfcPIeSVmnMCCVe6j2lVjSY+1pyz7DQjXuSqrbu3jqnNaH2/PMD6x5JzHqFSAUO16MA/qh 7NbfAJc+tG//dXSagxL10mI5INHmr2PDv7L1E3F2Ck/mfV9gqX8QidJoC4dOX2PgsD/GqdP3uga VKeUxVEQ/sN8aFjlcqiKgCSALYbzEUZNM X-Google-Smtp-Source: AGHT+IGsvAO6yB125nXkOzzJQ5/yZRvVQfJ0zTUKb3SHTgAx94hlT9r32V6YfG08Gq0AwS0+7SB3aw== X-Received: by 2002:a05:6402:42ca:b0:5dc:caab:9447 with SMTP id 4fb4d7f45d1cf-5dcdb7297ffmr798822a12.18.1738698597522; Tue, 04 Feb 2025 11:49:57 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:57 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 05/14] bridge: Add filling forward path from port to port Date: Tue, 4 Feb 2025 20:49:12 +0100 Message-ID: <20250204194921.46692-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_114959_111433_099128F2 X-CRM114-Status: GOOD ( 16.68 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org If a port is passed as argument instead of the master, then: At br_fill_forward_path(): find the master and use it to fill the forward path. At br_vlan_fill_forward_path_pvid(): lookup vlan group from port instead. Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 19 ++++++++++++++----- net/bridge/br_private.h | 2 ++ net/bridge/br_vlan.c | 6 +++++- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0ab4613aa07a..c7646afc8b96 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -383,16 +383,25 @@ static int br_del_slave(struct net_device *dev, struct net_device *slave_dev) static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { + struct net_bridge_port *src, *dst; struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + struct net_device *br_dev; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); + br = netdev_priv(br_dev); + } else { + src = NULL; + br = netdev_priv(ctx->dev); + } - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 1054b8a88edc..a0b950390a16 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1584,6 +1584,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, @@ -1753,6 +1754,7 @@ static inline int nbp_get_num_vlan_infos(struct net_bridge_port *p, } static inline void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index d9a69ec9affe..07dae3655c26 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group(p); + else + vg = br_vlan_group(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Tue Feb 4 19:49:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959832 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 389D8C0219A for ; Tue, 4 Feb 2025 21:16:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=CaTNlLcx8N/VOWeG8N/sMwOA19H7daJ4VH5LDcsIDAY=; b=DbWjCFbn0pyZsh6YLvaH2ilnL2 JUFeRCZdqVKME3AMYTZn/Ccq1X7H7gf00kwMAc/vi/Wc+Eb9BD8uvHFEuygeBkUtPdeaMsR7hRG00 mWYUUZGt1HEXF0KizKBvk8RbPyzFFpgm9JVosw3nLW3FrFNvAh7LORyz6JE+mytfERu0EjAZAHI79 9Zoyl3w9gQFksd0uvPDCd9Pdd+3ef9CjCsdLe387m+LcpOGTvhIXfJ0mgpd+1tniaLwEgbuQITo2G UW0B0XndqTdSJEh7zs0ynI5wuf1ii002FaCz74y8NbES/Zr+f3MG42zbikyzoMcO17iKzawfd1c1m nEZ7dSXQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHB-00000001ZLv-3apN; Tue, 04 Feb 2025 21:16:09 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvo-00000001QLA-0NSm; Tue, 04 Feb 2025 19:50:01 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-aaecf50578eso49986666b.2; Tue, 04 Feb 2025 11:50:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698599; x=1739303399; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=CaTNlLcx8N/VOWeG8N/sMwOA19H7daJ4VH5LDcsIDAY=; b=lA2DSYwe3R78G4LWE6WMNF+VrChlYrg2ZroQ4YOh3JSaXfrnFlRzfWmEdRErN0FVOB tnrkB5e/QTFtjQGbExqxDViNSOWeAC9rWCda5ATuw+S0TJC0A8mlzkgrhyGcNaNU2qGa cU311eiZ0+ca342kL9ehG69p5hxxX5bm4VODccWzrU92CNlcTMFyczlMq7GY1FY0qbkN bcNgtrFUHacNTL5Lx7F5vtn+lBuUwddsfGFGrJU8pAmPbl4hhrslSCek2T8Y1Y3QGozP 03B3hf6bwI9HOsnBK3624N5kQgLWz+hQV7iis6FA0y6ZznaFO1hHgnY6I6AjLArCYPLE ULTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698599; x=1739303399; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CaTNlLcx8N/VOWeG8N/sMwOA19H7daJ4VH5LDcsIDAY=; b=fkRRtynEdBBnLQJXfCnfq8rfKaox/pxqX8g5S2XsP4yfJ1g7ByTOYg86xy/0j6fe7r rpZN3kPu86ekjydA8fcU+sETw/7foEaPuHUCmt8ydQvkPUugmuoAt4Nuy+Gx/rpRd8KL n6T+83VksfwlT+5e+ZRSAlzIyKUf6RS/oh5f01REnLo3NI4gkvTk9TysJSxc+h/DHLj1 meo1YGxmSyyh6JVoFpouFJdAL6H+w/3MXXcHuTn5r6/FP2T/tFGncwjFYWr39+UNfGeX 02z0vxP4gHH4f24CzLmcr3vB7YFxYdLDziRUY4+zewaDEgPXwJ9e9Nfe1ZCqd53SjWBf w1aQ== X-Forwarded-Encrypted: i=1; AJvYcCUFhBPS/i09clS0rkBfjvVGSHOFl+UcA0CIPOB0sRI79rvLN0+hPaF2xkDvorYdP7W5/Lv61nybRjfuQfY1OXo=@lists.infradead.org, AJvYcCWmuxlI6p2uELP3WI6iiva5UPz+5EWzg2VpgxNzmxZwRQTeW9ff3dLyLSWtCz7vC2VDUmO2s3jXrJ6BTYxpn6n0@lists.infradead.org X-Gm-Message-State: AOJu0Yw9uy5tHk+Z9O/sPT6TKUueq5t618TpQuten0ELon//t4BkO0PN f7Z0FRsZmWqWRz2qVIrGe7dzmsRx7jpAFcGK86+VkxZnC/87X6SmxDrbEZ/k X-Gm-Gg: ASbGncvLnjIJZvxynD2Yb+upvMcp7TsyyXapmw5xXNseQHFY+FjmrClcEZuhR6+S3hq vssdQf2d0dRjujtq8cE31JNbQAHLUMnOp5K+qzlmH6AIN/50xGBKND8jVr+NgBjqo3oCU+HO7Qt XX/U/4OoRiblauXgJSk5GHGPkRyrP9AYKYFsEtyC4oA9XSs8YxluXjqrq6PqPWn4FYJFasS+JqF JvssSKWNZ1BqT/eHtrf7qMqjWzu32+WMmwnvSrXIP0y/au4xe/Jo49qEAZ2wytOOAr9ZxS4wvHA r4a8bVM+1NAwb/2j1jCMm2IzSSQlbnduehL+5jp+Z5nnnfpV3Rv1gjJ9f/zdWFaKKZN1H3Xa9T9 wwV6qxjvYf/jL8yskeHwCKcQQqLcwbgGp X-Google-Smtp-Source: AGHT+IEn1JUbmSDDmV4FTAJZUTLPh7UPgcV8aDhV23EvUqrbyMWgBZiKGFEz4RZTiOX9pR12aKTGfQ== X-Received: by 2002:a17:907:3f8f:b0:ab6:61cb:ced2 with SMTP id a640c23a62f3a-ab6cfcc6f27mr3006053266b.9.1738698598722; Tue, 04 Feb 2025 11:49:58 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:58 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 06/14] net: core: dev: Add dev_fill_bridge_path() Date: Tue, 4 Feb 2025 20:49:13 +0100 Message-ID: <20250204194921.46692-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115000_140614_977FC408 X-CRM114-Status: GOOD ( 17.76 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 ++ net/core/dev.c | 66 +++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 2a59034a5fa2..872235e30629 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3280,6 +3280,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index c0021cbd28fc..179f738f80d2 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -713,44 +713,84 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; return ret; } + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + if (br_dev->netdev_ops->ndo_fill_forward_path(ctx, path) < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + return dev_fill_forward_path_common(ctx, stack); +} +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /* must be called under rcu_read_lock(), as we dont take a reference */ From patchwork Tue Feb 4 19:49:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959833 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 87DF1C0219B for ; Tue, 4 Feb 2025 21:16:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=8xE+ROyc/mcQ2fBT7crVscR/jU0rSEqZAJgDthtdCdc=; b=t4nCaWkeQ9IDnkkbIxl2Zr5zN0 /4him983hGgOg91xJqaz8of/SOym9I+Tq3b+J14E41LskcgxoN8WUpn1d2In7YwtlVCGSobdmmbFF /GewGX4lDtvN6zBvSwTjBDtCJUpMxS4lYCK409MG0eHX2Vl3lr8kw1g+D/bp0mPbQsLNkb/gopYo8 zwbstrfTFI5qElTxw2ec53LitegwmCSVG71UutWaKgaSd0sCxET1GVZ/s5bRuIcCLMs1APEZsJ6ch eve5YHYFlyDpDfYoxCATOq+und8cjGp16z+evCkrBbnYJHlXICV60ZtjNggI/AuDnVJqwQYRaQ4ar 1cGn6EFg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHC-00000001ZMS-0l9y; Tue, 04 Feb 2025 21:16:10 +0000 Received: from mail-ej1-x62d.google.com ([2a00:1450:4864:20::62d]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvp-00000001QLo-3wb0; Tue, 04 Feb 2025 19:50:03 +0000 Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-ab6f636d821so921312066b.1; Tue, 04 Feb 2025 11:50:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698600; x=1739303400; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8xE+ROyc/mcQ2fBT7crVscR/jU0rSEqZAJgDthtdCdc=; b=O/ykA7q99kgX2Gp6lboBhTiJ7xExn8RVc0hG3jcCrFhRk4qPxfEsOEdvzzPvOVpV+2 SIr9v3ofGxgdeDP+giRu+QDXc8M5c0xZhlIwDzHEGZFtQ2wFZnMrcrGERS1hZrhcjsZN OZDUA524ZpWkhTz1onJgyCl4Iyq4gQY8rCDF/YgLOTCUl/3eL65ilSq3o66j603A6JVo u1SD4kkIco8cd77REAHt9hTDfmzNVlQ0bMRP8CqCVKEjfHFE48/7rX6MNKHILpFJjii1 0SQXBQnBiC43snuihZg18VLeuhoqHv+ouaFWFU0s1rsVCOHBSRWXtMspJHuDtdXJE0tn 3OcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698600; x=1739303400; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8xE+ROyc/mcQ2fBT7crVscR/jU0rSEqZAJgDthtdCdc=; b=IGiDUnnZ0Y8iP9fJC2RU35A9uBWkbH0HUXMDhuYXXdZKNA3fUwKZae2o6Mgm39oKO+ OoJqCIFsuLxPgVNN6bzskDXEsfEpxiA6B81fmfhq5XfuDOLOBjL/ZDpZTR3iXsUC/b1/ IV4mHzO0oocZoldRC0LKxXo8zm+B8cH1q04z10N+PgVAXoDETza0GxenyfcMm0vhVcG4 c5vC2TPQ2OrdzLPLhKk2Bgkg/4hlKFVe+rGU6ILj/Pd9ki84tF5NZOhBEZIVLZ9Ur40k XM+z/xbI0qHtJL6faBufiap80L7uhitcBFhRPzj7sRNAK4dwdWLk2gpq+3ISZ8a5dTo3 kveA== X-Forwarded-Encrypted: i=1; AJvYcCUdSVSuOFjWluFD6NT5vYwrGRfKvzrBHMbQGtuJDGBuuOvY54uWE5zjTvkUiZSdLv89jcU5Olz0wsAi4fY7NSM6@lists.infradead.org, AJvYcCV0zxAgdFyya14KDSlD87RJVSqdgkjqfnVZxofAsP2Q1+VDs+vHe2gY0EYQqAYtS6cpNqUXQK4u2Gn8rDeiJvs=@lists.infradead.org X-Gm-Message-State: AOJu0YwvF0AECWaQuzg1zHuKggoWHboFX1+3WRAYyMyqI+rGPFG64oQd FWxNlIzhRuiLX7ixBpyUTXj3X5+hWsWvtiD3V/l9XvMR0yWZGOk3 X-Gm-Gg: ASbGnctiZ67GgTrkzyMX7RDRnaBQqlt3rNnh5TMoqGw/T7loyT7D0o53cJ3BCBXltLk Xj8eeb4tOefIuRpJSBrwhf/2gnDRg8eDejgpprCJk2xNjh29k4Xu67Yw9rcVK0BdKHWSSDo9dwV U/v/pmIp3HB3ZKdE+KEIY5Um6P/1CsMjkGWTGcTU/nItSM3D6StJJZbrinKnY7NA9FrgpNvXPZk rv/LeESgULpmREok/hC5XQL7FaHDJdtE9wfoFfAD8oeANqQo7YDGL41YxFcJcG89f/s4GhSCCPK 9l4QPehP2dawKbE7Qc8UJgILQLzakNncCVvcqCFahYKzQ74GOEiGpsuR0LCqfBQ57E9kj3I4hyy JvyQ3O6/My/qtMajHqaKOauMiSr0McoRE X-Google-Smtp-Source: AGHT+IGHC1MVQan6DyAcHVPJFsYpMQ/lz7RSHxdEh7BdqhTUwrDVwvLIusKNv2NoZZcDS32oCD5V0A== X-Received: by 2002:a17:907:3d8d:b0:aa6:9503:aa73 with SMTP id a640c23a62f3a-ab6cfdc5f5cmr3418392666b.51.1738698599948; Tue, 04 Feb 2025 11:49:59 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.49.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:49:59 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 07/14] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Tue, 4 Feb 2025 20:49:14 +0100 Message-ID: <20250204194921.46692-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115001_980589_A1410619 X-CRM114-Status: GOOD ( 10.98 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index 4ab32fb61865..a7f5d6166088 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -340,6 +340,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index d8f7bfd60ac6..3cc30ebfa6ff 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Tue Feb 4 19:49:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959806 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4DA99C02193 for ; Tue, 4 Feb 2025 20:07:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=pk+qY6px5gG3FxqwFvW1Op3xt7LAoxtK3/4BHj1Cflg=; b=3urricRlk4CiUlRzVH7RBcJSTi uLpOAdMqyT8DM8ujp22eeFV93QZJJWnAyfip7uEH6Qy23B82F3yh9YZya7q+xdz2Ii/3VFHT2ppz7 /v6tJPd2Lg5S36yGODslM42FL4EirWcpqGZJbJq5EmSPh4muUB1t2yYjPzC2V7GVdfugLBoOxjxZe oxy0YjJpgkXPX7WFaVJsCOzAYw92/tujiPDj9XVGx38gPjKIC5L2C15clenrRfVIUhDk6mEHKZu++ 8QAOLGr3n0PpC1kyzxa9yhyvmvfMFMvcCBkaYHcFEsK9odF07PyzxmibNIJQtHrfeAYb+JhLaNCKA UpDm0gyQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfPCj-00000001UTL-1m9r; Tue, 04 Feb 2025 20:07:29 +0000 Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvq-00000001QM7-42xN; Tue, 04 Feb 2025 19:50:04 +0000 Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-aa67ac42819so898324466b.0; Tue, 04 Feb 2025 11:50:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698601; x=1739303401; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pk+qY6px5gG3FxqwFvW1Op3xt7LAoxtK3/4BHj1Cflg=; b=aoklQFXZERL06DXcK49GIGYW92oWq49943RkSowT0oFAw+ByKIgVtaBZW7v/UwlLrs UAQwScqgLl9vILysSs1D6pi2mB+1u7GtDLnxnm7Pv11k88jF+AYcdNS7WoNzeXkt0Kzk dC8jHpKpCrCUTYAyYkVy9hEVyIRNNPuLpxutpPmg0Ll0aZBerA8TeVg4nasOSffh0ZPj zjTqfJacD6cWqnc2KTw1Kc7GuXOlzT/KNA+gjbymL82AFDzfnYOUsvecvji98BxKrqmt xCYNlGLEhzcyh2eT69XSw4p9aWhPo1/KB61O4ayucaFQm7GxIcqheSTARp+mLTNREtDT PRWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698601; x=1739303401; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pk+qY6px5gG3FxqwFvW1Op3xt7LAoxtK3/4BHj1Cflg=; b=DanH5jZfqJ6NJopQ95azyigLq2VbrJ7MLsoBiALZ8NDn5RbEDKfWmL3T3lkZvtGQgb fCzI0FnHojZ/QxpMBl2Dg7uA2/HS7R+sio+MKYJgnlGx/OdupH6dW29uofK1+kNwYG/p rJc5tNNvoQ3JaTpVWak6c58NZVTC7ddYs2uAIbc8sXiR/P/0RuzrB60CmIUtQaXpOO53 xxFAWt+sgTtSS5MDa4wwZb7RqR1py+NlKtTbX2zLrbtGPDIx+eqU2XvHXuUutc8GkbxP u/5wZfiB9P38AT/5Q7HIewjJKbbGKYVyFZ5RQUq4rxJxFuBpBnqlSiQ2HlOWk2SRb+OB D5WA== X-Forwarded-Encrypted: i=1; AJvYcCU3Cgbqs60o9OZKPDHy3lPNmJE6rgm+a7QpaALbl7E3RCbjLQYRF+ZCc8GQvQ1CaUpntWvByNDJ/xkTyRWc4e0=@lists.infradead.org, AJvYcCV8RLhLgpXsL98/SL+0hjjTtHiox6vgc/LbbFVFRgcMFju450iTuKH4Bas98UcyUbxu8H2WxXkJUH6fDrShOYx4@lists.infradead.org X-Gm-Message-State: AOJu0YzTGlLWGaOrku4TYFBSwCC9huDlIksutVLPrXKQDAnN5KY6ewG7 bCYMLEi/KT84bPQMtpKJSgg7YkMc59KyHFoFcNhUA28jtv7NK5ns X-Gm-Gg: ASbGncv4Fn6o7H/Pl/SU9TRrjOxawLTf15HFHDOkGFvaK2DY+QBlVHK3U1nm4CwR+Xs pwVrtbK4IUVPt9ja3WqGeAdMCfLBHlXmqHrR/vAfY/HMaQMrHigLrLdWV+SXVP0hJqszQRyLDk5 3PVhN3UpcSnMuMeizAmuDnsmcO1h7GfvTyaa5fXSUiWVJmbNQURQ7ylFx/GuCnQdFV/LvtkC/r0 Jga7m02niWNs32QzQGa9JHD6z41M2x5ds8zWgQvue+8wLSs8B63cGaJhREiOiJMrS37Hknt0C/k pEVlcq1a06q5GOwJYMQqTkbiwzhgga44wtyJQn8uJJonmaClosukS2k+8wmC12U6mHxNJQd/qow nT2jqJYOdpL7QQUuGgHAtp49dYB4uZdSf X-Google-Smtp-Source: AGHT+IEajcS3ZyEn4iy3BF71r5OWuaA3wC0VPy1tuH9m7gdyTO3QjqxLaSnyY8eDmuFb6ii+jRnHzw== X-Received: by 2002:a17:907:3f11:b0:ab2:d721:ed92 with SMTP id a640c23a62f3a-ab6cfdbe5a4mr2881889066b.45.1738698601046; Tue, 04 Feb 2025 11:50:01 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:00 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 08/14] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Tue, 4 Feb 2025 20:49:15 +0100 Message-ID: <20250204194921.46692-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115003_004956_0D2F89E1 X-CRM114-Status: GOOD ( 12.07 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Tue Feb 4 19:49:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959807 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A4969C02193 for ; Tue, 4 Feb 2025 20:07:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=KfNQ5cmnsawBulJakMMTQobb95EzKwEtX4OwcNbEVcc=; b=GzSu+qP/TsevfigBX86LLNI+zN 3Qcj2hsE8msE5l4uXlCmlsPM+HNlUcwOvJ5JC1bbgEHYFBJ2Ku6fvbAPA8prSWRoXUfXUxyOH0Fsm uVR60XxNmccVqahAbSJw08bN8a90Qu6x5BW80NcRjZ7rS/mQDXcQ09mu6ZlD43iLwdnN2BktAoTP9 zzUn/dYZF9suvwfr/O63FfLXB0ZM3e/pSAobFgwVw9NlwQHQE1sXIXVZ9g6h4hlFGRbOCVSc8dwIQ ywLWrFJWfVmUbDmF+XU3LRXQVajt+Hbti5FEdzT+edsMkEYd5emi5wSbbqHyE1fis2J1Pk/cZDTtv One5/RoQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfPCt-00000001UUM-358d; Tue, 04 Feb 2025 20:07:39 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvs-00000001QMe-17b5; Tue, 04 Feb 2025 19:50:05 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-aaec61d0f65so1065049666b.1; Tue, 04 Feb 2025 11:50:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698602; x=1739303402; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KfNQ5cmnsawBulJakMMTQobb95EzKwEtX4OwcNbEVcc=; b=lTJnDbGMP8vszaANsafTJfezJah4xbMUGgz6W6cdVtvdy9Qv5vauk1S9LTM7ZxlYuw pu9cKPFH1cSjpGRC7IUZ1+mdeans1tcKvFuETGNwxWfbhQNXGsiUUCgbd6Jiis0dCpPv 432OVi2Fu4Lqn0EzyEfZRSmkvdlb7dijhoklkzbXfE6+5Gt0wdnl4wvOtDP3W+rQdyEq iWTvVMUI+0+PfHHl776HM1MluFkmxCVHDUszIYpguYjcbri6BEai5X3MtFRH1dkh5ewj WyrKIkJajbrjJyHDP9le+zEh8Ar0MLWJODOTr6qnAf2KAutsTRI67Nlz2TZ0faAWEq7F sstw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698602; x=1739303402; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KfNQ5cmnsawBulJakMMTQobb95EzKwEtX4OwcNbEVcc=; b=X4RpY40QxGV0b/6W0M09JEz5Hgt/7370iSVPdzrHo6r+ZCEJtD2GI1A0dsl0vdBDAB b6pqtmkvoPla3qck7oZuM18WbAa5Q+dkmx35EmjlvJ8/vl6+U+Z3J/9vKeqlJvXRBp+h 4UimP+LM6WEKIRxRqehBOEOT3+XgZOztPry+EgPIV3fWABzc8UCu+9aDsoCFfb/8EaLZ zNdwYrl6cNFClFUtun6MKQBvjdoc7q89dwZdjBXPpLs9+son8OYeqJ0bbsjs8gh1BzdK rZk9OJRPjDQPp/kz7OyWLyQc6AGVWqg8hAgMOz/TMIUm5NggYfI5DpF1wVv2o1uXEeGg xKIg== X-Forwarded-Encrypted: i=1; AJvYcCWSlh1H6TG9iL14uiejWigzsZMd7Dmb59vHth7c0ecUmaseweknj2if57qkby8HbRUTAvGlCabKjE2WCFVgRj3Y@lists.infradead.org, AJvYcCWqjllmlJvpqftF0FA+qWcl6aqJHrsLoanMIWpGF5yA72ssn9DoNAp7dTGUAXUWSf/SIE4KaxWSOZhAiH5hN7U=@lists.infradead.org X-Gm-Message-State: AOJu0Yyom/2s9xqLA0wJWTJ2T4kbYHGJ5BHENTxDbd53LdNEnVHnk4gH 5WSGBlRPqohhN0+uwV6MFOvHJwTUQgu/t+vxKZuy88m1TnpqyRGx X-Gm-Gg: ASbGncvP9b4eM8/37Cfc9GhOqwhIrVRCJNTePdOOEUTqghOm82xP8WWLCbHGw368Gme 48XhIy7FevqtWqC2esfdpHkEK0xDZR4hUURhYVrAEi2KukRe1lLB6FoOjWiqF7ggXE/0W4cilGg w0y9HZwOG+7jCDxGbQig+3Yg8N7TWuqj0JumGd90q23UWx1Q+1Le06F/tknnH9KMN7YDFRK2fYZ ef0EOzY3yx5pBrFZTw0wIRHwmtzNNagxv6BnfS89mobOQaPGR8eiHf/ZMZyWzzKLg3HKQplS8AI 6cms3vOf8kYKXiw9vN7fZdCZfpGkeb+SWCz5CRzbzJFykPLgq8otbTU4AZuxzupXmruWZyCdKmH ODFT099YhRWephm5Jb/O9BoDtwtJr93zY X-Google-Smtp-Source: AGHT+IF0i6wSQMkgrmjCQzY0taa6wuEGcCy7CIK6oAwJpMPmap+r+O5XJX2h9JbKqG9hmQnHQyXFmA== X-Received: by 2002:a17:907:c0d:b0:aab:c78c:a705 with SMTP id a640c23a62f3a-ab6cfe41079mr2625537666b.52.1738698602307; Tue, 04 Feb 2025 11:50:02 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:02 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 09/14] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Tue, 4 Feb 2025 20:49:16 +0100 Message-ID: <20250204194921.46692-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115004_313598_90597263 X-CRM114-Status: GOOD ( 11.72 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 5ef2f4ba7ab8..323c531c7046 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Tue Feb 4 19:49:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959808 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EEAABC02194 for ; Tue, 4 Feb 2025 20:07:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=YD6b5qBYFLlwxICe6lp/ac9MTF KzaVwpPgIhEgYkDOfR4jBkFpOtxljTe+XzdaGEiZFRpgjCqr+Ym89A2kDHCtmbP92hC45ji8zR9tg 670PcUIfq4cfeA+DRsj4FP6KIPnDN209j5JkqugH25FS4jug7FOiAAYYonEuksXx550dwzMQcuq2S 31d1Eh9FZh/3DFN8dhZncYcewVuHXq47ZcvgVlULslDMcPX4vSMoXpd4zLrr/pYpz5tZdQrteirPW gfv6nIIJMWMKbl+zNXAGxSjRYutseu6WLmsgY5Z7tL73/DZP0EPySzBtpbk4avOqp1RrEZ2upxYfB U801xldQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfPD5-00000001UXl-0ALG; Tue, 04 Feb 2025 20:07:51 +0000 Received: from mail-ej1-x630.google.com ([2a00:1450:4864:20::630]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvt-00000001QMy-253U; Tue, 04 Feb 2025 19:50:06 +0000 Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-ab7515df1faso176702666b.2; Tue, 04 Feb 2025 11:50:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698604; x=1739303404; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=E/SB9WV8o/Hbr1TcqVxrxS6vDXCtTkgT2aATfv6KYrxuxSODWaMSbiOZa4M4oNMjOl TnY42yQvrPU+kJBXetum6UFk9sULsa+FzgXziqJBxx675/NmNesTCJv7L7oy5QVHbXMM 9UuAoJoXMFJEpkDUZj6d9JipBBxh84NqEWhBKvKiQasTYNn1LA4vPh+L1meO1rQnzu2E roHxzefR1j0g5eGrkfA6DW3NvpaM/BvijEkI/V4QpGvn0IGMkBNbGwW5kDKgKuQ4uf3c 1/aT2p85JYHgEbsszkwis6LPDXiEBoosy2kG046Sy/qtCsuFkT24SOaGtj6hV+nJUFwL 2Y2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698604; x=1739303404; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=pf5shwH8gYgxX/F9cfazf4/uxEOK7f1FNPAqweT0eqDobAhf/72gaqTc20UJeUu4VW 75N8RPuddEnvpjT+206LDn2rE2HiyriLZXhwuUwwbU1yTMpyFy7pSWxdxVGpfNzk4rDQ 1nevqjfraW+yULapf4mpOiKQtVDh5Z+ESC21kkDzsbzdRsHhW4DrJeWazeSBglr3/C/v hJkgWOBurEcF7Dj+qsFhz4qTAWNNpOrBZeYSufysYU7dHj7NIfxtpvURx6cejWlKhUuz Cf1rJAwbRlWeCTvjJ58OVz20yx5mG1/bnsK5cGpNKVp2gpAUvYbv8TXnirV8wrMEjxWi e0ag== X-Forwarded-Encrypted: i=1; AJvYcCWXoiAOdH5xPpX2MAlk31JJ5zatLMioh0kRjyZRfpOwWHwzRvMxC6VBa6SQNXVhF1ZQZvJgRIsxqdGSWTD5mvIo@lists.infradead.org, AJvYcCXysEtYF8IP5jmel9A1EtGTEvTIgV4JKaI+/lMd3BIwJ0heml6tkudzAJ2JlkwfAEdZps0G2hp3hzxey3Qg1Qc=@lists.infradead.org X-Gm-Message-State: AOJu0YzQrXkUHDkhILb4vNNAttjVeMLlfHeY0Wm0rOomgIuvVVxK4Zc2 xP8dYhuDgM5Yg3wZ1350+1A4O0QPS15Q/OKZnlfwTO4ePailf5Vb X-Gm-Gg: ASbGncs79kL6BX4yo71w7VGWtFlq85UkFcZ9QLzMnvU//J3FrsTY6XhOQAZX7nEcGvN 74oh6Ark99YU5l5BC4PrVYP0jV5XJhlv2Pnda4vcwkOhYxJ8cB4+QKsHGrYC0u1kmKfH5FBpONX +zDe7Gu29GNISbKquugQ6ZznQqVundUj4l5ifDQnqx0gWOCICKmYjdk5a9+IQep9dugcDXLjUVA cR3jObN+v8lvMTwRmVzyegHzMC2C2CO7lkPE1mYN1qckZE1A2P5EtbqNY8tZaaw8FFH34QxUtrN 65q0V2s8cBSsq1ET1QcVB8vS6w8+JoQEcqlFno2R00SnI9OpJ2XYTIbbCtEns6z9H+n8mq4FfxD iN3mJj7ABwZtKrXBa5LxTyE2mPGEjI9xp X-Google-Smtp-Source: AGHT+IF3Pc3NKrXdQnXqPQwcc/aC4MWpA9WJONMBdLCJSxY43xKupXfl7aBElhm4x8MYzyDeLkdj+A== X-Received: by 2002:a17:907:3f20:b0:ab6:dc00:e2e8 with SMTP id a640c23a62f3a-ab6dc010668mr2925881766b.3.1738698603538; Tue, 04 Feb 2025 11:50:03 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:03 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 10/14] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Tue, 4 Feb 2025 20:49:17 +0100 Message-ID: <20250204194921.46692-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115005_540573_89815C0B X-CRM114-Status: GOOD ( 13.00 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 323c531c7046..b9e6d9e6df66 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -105,6 +105,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -117,6 +118,10 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, i = stack->num_paths; break; } + if (path->type == DEV_PATH_MTK_WDMA) { + i = stack->num_paths; + break; + } /* DEV_PATH_VLAN and DEV_PATH_PPPOE */ if (info->num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) { From patchwork Tue Feb 4 19:49:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959834 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AFEC8C0219C for ; Tue, 4 Feb 2025 21:16:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=kADY7+7zs3VYeS9qt3VMln59cnXFpf9BaZ+2EYseZ2I=; b=oNF8ZZgk7ojilPMY0w3q+mUghY MF7RwX6PrFHJNgGpsXzltcrg7uONblKfJ2FXBTQYWyc/fIQWOPajIBIyn87Kx2/5hw6e1i7bt8buW w8z7LFynNHmTchaHHRPkH3cfnD9lfxNpYMXpe8rcLdko9l5WyG7qE4eeYW3H5MLqVOdZKFv//vxOm /2eSRh8AwwHKPwVEh4xbGYNkVIknQxKTpN0WAQ6TcFZ2sHA+m36UcGxrmu1i/7YaHdYkICLo+T8/I LSLoWVSuRdSNAHWSIevYumrKN8I5Clv2qkj4We5lnETnud0StoQPcrLM781Mi7AB/6vckZGnbQmdF 8Le9QvYA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHD-00000001ZOz-15NV; Tue, 04 Feb 2025 21:16:11 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvu-00000001QNa-1fw4; Tue, 04 Feb 2025 19:50:07 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-ab737e5674bso384030166b.1; Tue, 04 Feb 2025 11:50:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698605; x=1739303405; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kADY7+7zs3VYeS9qt3VMln59cnXFpf9BaZ+2EYseZ2I=; b=Cw/VbGNw7n0Wh4VxUvn/Wd3nMTY3Smd85cTnlfLkJBo+ZwGORyYT8Kj0klWUu9AoL7 gcoHQnAy8oAtaRcDAIv2OU84k8gdyY2thCU10BCbUPUo5mtsaLoXXyGgoriayEO4sOmn OgFoQVAokIOfV5jfssUCjUyUH3mofy8LPya5Ag97Mgs20wlL803JcwOqyQd6yr9xwL/p Xnk3KyUcCFVt4h3ySrAHSJuJxP7DHDPS9QkqOzWS/q8F24pQ0iJFhrDch+o1FjPuDrBr 6IlaArdYNI4kd3Agm7An+8h/amkOZcfAkGA+j1qT8mSGghHs0Z4zakUoMx1uLVOTggkO WHig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698605; x=1739303405; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kADY7+7zs3VYeS9qt3VMln59cnXFpf9BaZ+2EYseZ2I=; b=ApnTP29zKmkll/k6TPTwGwQA7l/RwJGaeZ0vjoVMfYixaGW5RSNFX9mdt++ZlL/pSY lyDDtrr3vncmnNI/PRxGX7iY2a1TsTG+I3OUBmB6xclfXtuoTyldO6Q/f8Ed+J40uzT7 Mit/Apzlp4pu1ETT0xxFEG+7VyAnyiTZMBT95ZVx/KsKtacXQepKZaYHSuB4n7JyTNPs Arlx5Yh6FQbjMnLhntTzmayI9BXrvfw9wPXz9CB+9PFp+/OzDlqQ2d07wZrXSoLFKhjG H0bnZOMvJLha16cyvPNXRfSzhEFtfRzCyMLugR1rp2PMaMcT4xinT3hSLI77zLE4NGLl 5zoA== X-Forwarded-Encrypted: i=1; AJvYcCVN4Ww8U+m9uiigmzyssIcavoC73niW1f6juQJtOoYgdCfau4RV0H6+RJIij3aL5VvqW5aMM67yQAjoRwb8Mys=@lists.infradead.org, AJvYcCWD09DPK4+XeKRgSr1nEoAKDLBtHLKrDhYgMSIHHTcfP0kCEKmZyTI+o5+cxzeJZg0A5mprtTUIaDoMvtjr1ixB@lists.infradead.org X-Gm-Message-State: AOJu0YzF88dhEo5iKf+Me7zo2+iqHzbIn+IprYhq2JFG/piaxpI/y7kr Vjd/pWJP0fdCZqMdsog3IjZvd2HHhLG0138P8MVguEgJHl320+bY X-Gm-Gg: ASbGncsfI/KqKLXcK8S0KmPhL7GPzwqdmZmaZy1Y+vO3dvE7aSqdF2R9Innvjd7tj8r XIdALsAQZKVLta3XWy2hCR8vjb2M1TcKVTJyGwVw23ThDLxDU66Gn78p1vz3hKYd/zcRI+u6oF7 8sy86/KFI6bSDu4dOXSus43CGcaHB6QBZEY5oF96U6MK2HG6EMX7RKUQC6enG7GC0+WDmgpsVhl 72DK1COZ57PZoXBllrYWFqsMEK4N5bxw4oDsV78w+k2gmARYOthz8SYY5fUUO3mDqZpQZAcPKOR YlRl4BgS00kje9GWZ9ZQHneWp/ZfQrGg0CQ4sCuAUJOizWjt1+Kk7y47+sdL5kZepaKdpmeImdN scpywbnjAZKvUTbFMByvJ4WmR2FyR9ikF X-Google-Smtp-Source: AGHT+IH3HgcqoQXvsnACIc49AeekhK/1g6HjbR0l0xWDGPW12A6kFCC7xX3W36OSBC5BU9r+MqXOrg== X-Received: by 2002:a17:907:2d8b:b0:ab6:621a:f87e with SMTP id a640c23a62f3a-ab6cfda41e1mr3469521966b.41.1738698604888; Tue, 04 Feb 2025 11:50:04 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:04 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 11/14] netfilter: nft_flow_offload: No ingress_vlan forward info for dsa user port Date: Tue, 4 Feb 2025 20:49:18 +0100 Message-ID: <20250204194921.46692-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115006_445039_606531B1 X-CRM114-Status: GOOD ( 11.40 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org The bitfield info->ingress_vlans and correcponding vlan encap are used for a switchdev user port. However, they should not be set for a dsa user port. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b9e6d9e6df66..c95fad495460 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -116,6 +116,11 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; if (path->type == DEV_PATH_DSA) { i = stack->num_paths; + if (!info->num_encaps || + !(info->ingress_vlans & BIT(info->num_encaps - 1))) + break; + info->num_encaps--; + info->ingress_vlans &= ~BIT(info->num_encaps - 1); break; } if (path->type == DEV_PATH_MTK_WDMA) { From patchwork Tue Feb 4 19:49:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959835 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F2611C02198 for ; Tue, 4 Feb 2025 21:16:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ywfhqy65gecHUZNjOnVj4qWLVObwqyLJf6dZ8Q6nRgU=; b=i2w+TdlK0SwMtW+EIcwjdbpZfD C0YFLFxRT86jbe7V2e7PBgtphs+WiQREeF6aMAYBmZA9Mc7lo9Ms4niwIJ5KGMFsgR1ZMWW1H6xmn Lis+1Y2bZmqbVBjx56JSfuXtk6ODeW/L88XoaKNYvzsQhaDsjfR1JpZZgrKx8kaXeo6kWw5wpDtjv Jd1IBoGobRnf4RuRROA5do8IM3fcytNz1rqFpnylDNTuUa1G098fb1KgqZvqZmCB6kYSQTGl0Y/SC lo0W+6QiDWBq98eLhhw4bLBwTma+yBmzRm21A/r1u+2b8Q7q3I1nZ0fYNUjnRAThCu+cvjrruhPCy tucQ0Ulw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHE-00000001ZR8-2NFn; Tue, 04 Feb 2025 21:16:12 +0000 Received: from mail-ej1-x632.google.com ([2a00:1450:4864:20::632]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvw-00000001QNy-2Hjv; Tue, 04 Feb 2025 19:50:09 +0000 Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-ab6f636d821so921333066b.1; Tue, 04 Feb 2025 11:50:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698607; x=1739303407; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ywfhqy65gecHUZNjOnVj4qWLVObwqyLJf6dZ8Q6nRgU=; b=VFpSoooAkpJq9+e7hxG72XP68aqZKnFkpK9WPHbUEzdUexAc2iU1wGNKOoieybSZs6 uaE26cjTpmChPMUXFHUgwp66eWZ5cIo6Ft2/lq3LNTQHw35chEoRUS+spHJzIrbS6iDj pV+IAiNntcORCl4tQDIpbc9TEMkitWVSl5DUsQz+NGQLWJamT6nD46pemHhh2czFMF+U aVutziK9+byfmDf0TZQQLjCVPO+ICjCaXKDufdVnwlU2f2n9eyMf44yVxTwch8gZC962 ZFhF2SJ8SGCiDn1R03wAusrIbnr0YbNlrL2/j+UrJybpIm4SkUAY3+L838oFSOlhG9pk 4T+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698607; x=1739303407; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ywfhqy65gecHUZNjOnVj4qWLVObwqyLJf6dZ8Q6nRgU=; b=Rk/ZoSx6vpUzuCLJaHZaeqSDx/lbsLzgs6u8j79qe7mN55oftvKIUtLwGA9yLB5cL7 E/v5De1tEbgGMMd47RvPEIuOOwc9zap4wY04QYnicPqPuLwcldeTLBtJHvb3FwpE066I vuvhWItQebLUNwdM90MIWrtsFGCORPM5aEp06Tg4SVif4h4Da/rPrBM3y/J6PXiMxlQi zjc2j4JCATY5JNH6aYTR0cQqfSSntcpBzQAeDJYjX1NL0goaW8HtylIjQePSvSgHtJKf WoTB9EmhNQiN77hBSUF0aaYFhheNtZPXFw0rqA738a4Fz/4AVTD5MNM+IeE4Due+Ov5M d8Og== X-Forwarded-Encrypted: i=1; AJvYcCV6Ue3UP6a6SwjDjXg93jeEKqJee3ijJ85qQ/i3vF9n1MTPyDfhJKSWsQmduymo7KP2H8sZBOXMpSvUjpOfUrY=@lists.infradead.org, AJvYcCXkMPKWF9U6z6jYHCColsQEIjqjrmn2oQPkP3VV2x2d843g1fNeEsdZjMtE17isit7AC99az02fD2S/WprbvbBL@lists.infradead.org X-Gm-Message-State: AOJu0YzaBhsnoBRaNtKmAEZW6uWswvpJkL0vMmG7YFgKh1kv5iBRBmnl PyHdtpahX/SsPDh+ykUPaRYqf5dT2y1K8nhiVg6vef2PW+LJYU9Y X-Gm-Gg: ASbGncvq/yDyAZsrQ/Ve1OTgLOoC1DFET75HuCfupvmwEv+ModDD3E0voK3O45WRtl0 dxY0FCh+yseGz4t4zbbP7K4Axw/Li8LtC2naXZndy8Sfdjgis7iQsp0WlNJ8wIZPw71gvXH0Gng 86ngq7YWUjD0ZS9fJigWJ0iFCUHTRIxTIDNF8/wX7d9j94gJ5geiPJAAu08Ia+3doazM3SJxIWw tusI2yYE0PUUsWaAH826c9Tq0jIvbs4Lm/wSpFwrIlDBPX1QWmzrrNYu2M2SRJwjZjk+OKdauvE xmnv/d+xkSs1dsWGv+yZm0Y/cUxDvQR8DyvRfEmES4pYzCPQBIX7bQDc5ocwXexj+t3YeO6jMaj JSqii73s3BYJkuSZwseAF8R9vhTAF1jIY X-Google-Smtp-Source: AGHT+IGsgydU2KJZsQJKjW2M6pU0tBQARxBwA2aC5NBjQPJ77IzmtjFUycypBk8vhFGyrZ07vWPvDQ== X-Received: by 2002:a17:907:94d5:b0:ab7:590a:7759 with SMTP id a640c23a62f3a-ab7590a7769mr193968666b.33.1738698606582; Tue, 04 Feb 2025 11:50:06 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:06 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 12/14] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign Date: Tue, 4 Feb 2025 20:49:19 +0100 Message-ID: <20250204194921.46692-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115008_589311_3AFFDE1B X-CRM114-Status: GOOD ( 21.81 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. The same problem for all foreignly added dsa vlans on the bridge. First add the vlan, trying only native devices. If this fails, we know this may be a vlan from a foreign device. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG_HW is set only when there if no foreign device involved. Signed-off-by: Eric Woudstra --- include/net/switchdev.h | 1 + net/bridge/br_private.h | 10 ++++++++++ net/bridge/br_switchdev.c | 15 +++++++++++++++ net/bridge/br_vlan.c | 7 ++++++- net/switchdev/switchdev.c | 2 +- 5 files changed, 33 insertions(+), 2 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 8346b0d29542..ee500706496b 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -15,6 +15,7 @@ #define SWITCHDEV_F_NO_RECURSE BIT(0) #define SWITCHDEV_F_SKIP_EOPNOTSUPP BIT(1) #define SWITCHDEV_F_DEFER BIT(2) +#define SWITCHDEV_F_NO_FOREIGN BIT(3) enum switchdev_attr_id { SWITCHDEV_ATTR_ID_UNDEFINED, diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index a0b950390a16..b950db453d8d 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** @@ -2184,6 +2185,8 @@ void br_switchdev_mdb_notify(struct net_device *dev, int type); int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, bool changed, struct netlink_ext_ack *extack); +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack); int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid); void br_switchdev_init(struct net_bridge *br); @@ -2267,6 +2270,13 @@ static inline int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, return -EOPNOTSUPP; } +static inline int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, + u16 flags, bool changed, + struct netlink_ext_ack *extack) +{ + return -EOPNOTSUPP; +} + static inline int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { return -EOPNOTSUPP; diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 7b41ee8740cb..efa7a055b8f9 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -187,6 +187,21 @@ int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, return switchdev_port_obj_add(dev, &v.obj, extack); } +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack) +{ + struct switchdev_obj_port_vlan v = { + .obj.orig_dev = dev, + .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN, + .obj.flags = SWITCHDEV_F_NO_FOREIGN, + .flags = flags, + .vid = vid, + .changed = changed, + }; + + return switchdev_port_obj_add(dev, &v.obj, extack); +} + int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { struct switchdev_obj_port_vlan v = { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 07dae3655c26..3e50adaf8e1b 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -109,6 +109,11 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, /* Try switchdev op first. In case it is not supported, fallback to * 8021q add. */ + err = br_switchdev_port_vlan_no_foreign_add(dev, v->vid, flags, false, extack); + if (err != -EOPNOTSUPP) { + v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV | BR_VLFLAG_TAGGING_BY_SWITCHDEV; + return err; + } err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); @@ -1491,7 +1496,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c index 6488ead9e464..c48f66643e99 100644 --- a/net/switchdev/switchdev.c +++ b/net/switchdev/switchdev.c @@ -749,7 +749,7 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev, /* Event is neither on a bridge nor a LAG. Check whether it is on an * interface that is in a bridge with us. */ - if (!foreign_dev_check_cb) + if (!foreign_dev_check_cb || port_obj_info->obj->flags & SWITCHDEV_F_NO_FOREIGN) return err; br = netdev_master_upper_dev_get(dev); From patchwork Tue Feb 4 19:49:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959836 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5F8BDC02199 for ; Tue, 4 Feb 2025 21:16:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=//RthvClo4JzPeEnG1PywSOoZnVfBt6m8pYgKggGTpU=; b=hbQBqVcg/JsaqPwUSaZ04ppwLL W2EBuybJJZ96oAl68OtTehWptKcpO5bKpP/prBxWsJkv9W3U0YXLu++E4muUUC3ZAewNwJOVrcmbW Q1tUaGZhRXdb6nJvLeZgXzDhD2RXFN/itvkkWRRLUNg1bD7GfzckMbG5fxlc846pHdfaTp+xyRCHI E4hAYZcNOnmYzAjbvoh8L0CAkIeIGJ7rZ1eMthRqS3wH2pFH4P1oXl/fPSApKPw9wPAmyu5KwVHbR POp8qbax1LtdOgckc1WwgDNJrNkzQ0Xu0CNs9lHFXoQPE4mpEttHfrdmGCsCWjkGN8zprWLScbhQt YY1oFueA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHE-00000001ZSH-45OG; Tue, 04 Feb 2025 21:16:12 +0000 Received: from mail-ej1-x635.google.com ([2a00:1450:4864:20::635]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvy-00000001QOx-2Jvu; Tue, 04 Feb 2025 19:50:12 +0000 Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-ab7483b9bf7so248541866b.3; Tue, 04 Feb 2025 11:50:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698609; x=1739303409; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=//RthvClo4JzPeEnG1PywSOoZnVfBt6m8pYgKggGTpU=; b=j9VFE5eAW8wrJhE/sAUOmqDC7UcsuBMlgtzDh6cjtsVIYBhugxIF/+1v7jv/RZjwOf i7ll4DgZaPgmVHYW95g8DHrx8bCdYdyv+XpC5NyYz+MvteCX29LW0xE97OgRB+Ew+8xu Qr0smIECokheXjQ+EkU4bGedZW3ITP3siYy03g8tvYFgOURGNhQJYxCoxiw7Ugs9mH/a wFaNmMVQSWpyR8xoEPv87AQl4Ar95+MdrFFKYgT/ywnVhowHLPMKtUlAGMZRquU67t6j GpzAembJS/0G5Uh4l6fSF7QRRR4kYd5rAhHDJo6mh7e3flm9v3572HFtcpRkFHKkzUwl MQhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698609; x=1739303409; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=//RthvClo4JzPeEnG1PywSOoZnVfBt6m8pYgKggGTpU=; b=DfSkkxbHzgWelRB6HIYe1R4VvaRmPA5W26sMwBoEKa97MXxYw5hvzKhClLE8ctCZmY JXK4uK9v1KNToJnpegBonOn/6dFyq4jAjl3M6S/C/YthHyNBBiQY8qgmrLmb2mgEUxgl 0pXoNVMFIGMXvCixg6mFFphf/Q+GovJWFIoDGL9OEt1qGRR6rGEZs290BzErDpQLaOop SdPb6UO2yUeFtlTpznevg1ph3AtMnZjYjegAn1kqwe4qV31A1a7CxjrE+O58U50LCa17 vjplCxyLKgTfhqbdSPXZXfK9JdOWlbxwk73K/NYe9fsbdaN0UptbzXiuSZBJyVXhxtbR H6cQ== X-Forwarded-Encrypted: i=1; AJvYcCUs1a5kxIsWUitog9yzCD21u2/ulA0De/+58G6pK5loo8Njr/W5FfQHwGd7d4/2B4GvVzreJviFWWpXkBIQ2MX9@lists.infradead.org, AJvYcCV4PQh3x5jePocaxBlhZ3SRiwjzb8eCpLUgo9zkNsKTKJKVPN0HFr0D1Cjy9Cf6BwQu46zhbLS919deFt5NPLs=@lists.infradead.org X-Gm-Message-State: AOJu0YyabySTvErSOf9LZhW5IpOewrD3frqh2zNmG9DbXgCcnL/rh+50 AD8T2QqtCJ+23YFeTfBr+k8pPSm10AW+kHzcYa/3FF9p2gCd2c0e X-Gm-Gg: ASbGncspdDuSHfR7nPeJmgPHLTpCqoAm5dL4JBX9tRdSFASBn1fuvKiSb4ZVzaGLRY5 ZqUkVdtkmPSXd3vbh6SZb/FxtuiM5SXLBnNgsooWK0Esa3tCZh0vP3NbaxX4t4oB4gA2k/xRfUk u/yERpqC5wzrTKAQjYeg2zBZ8V1pxq4SgwFQeodHyM/llgt3ReaKlVcQu+OL/Tovy4uMKK7c0si X0qDecuwh6S5SMOxAoSZbZmgre6vGKtZ7S9OGR0X6N41nnaIt5CoCTj7swDte0dXPzaYhBh56gW dCQGU78XwudT6UGECcFk8tYptRhTC8+iK0vKxHEQn2+qWlL8Uvs/KtJmr0TWpUC7rPj6bY6X0N3 xLO8dRxtmjxGeP/fKZmppY2XjQbvc7y88 X-Google-Smtp-Source: AGHT+IGt/6VgWu/uR4UpsMkru0toFiQ+1d3xhaiHmAvPsdOeeBceqic1mQLjOAWdzpkUw3jzvfdFrQ== X-Received: by 2002:a17:907:9714:b0:ab6:621e:7587 with SMTP id a640c23a62f3a-ab6cfcb3a0amr3155424666b.4.1738698608664; Tue, 04 Feb 2025 11:50:08 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:08 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 13/14] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW for bridge-fastpath Date: Tue, 4 Feb 2025 20:49:20 +0100 Message-ID: <20250204194921.46692-14-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115010_645210_39DD92B8 X-CRM114-Status: GOOD ( 15.41 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This patch introduces DEV_PATH_BR_VLAN_KEEP_HW. It is needed in the bridge fastpath for switchdevs supporting SWITCHDEV_OBJ_ID_PORT_VLAN. It is similar to DEV_PATH_BR_VLAN_TAG, with the correcponding bit in ingress_vlans set. In the forward fastpath it is not needed. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 1 + net/bridge/br_device.c | 4 ++++ net/bridge/br_vlan.c | 18 +++++++++++------- net/netfilter/nft_flow_offload.c | 3 +++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 872235e30629..5a7b0843dfad 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -868,6 +868,7 @@ struct net_device_path { DEV_PATH_BR_VLAN_TAG, DEV_PATH_BR_VLAN_UNTAG, DEV_PATH_BR_VLAN_UNTAG_HW, + DEV_PATH_BR_VLAN_KEEP_HW, } vlan_mode; u16 vlan_id; __be16 vlan_proto; diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c7646afc8b96..112fd8556217 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -430,6 +430,10 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, case DEV_PATH_BR_VLAN_UNTAG: ctx->num_vlans--; break; + case DEV_PATH_BR_VLAN_KEEP_HW: + if (!src) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + break; case DEV_PATH_BR_VLAN_KEEP: break; } diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 3e50adaf8e1b..8ac1a7a22b2e 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1494,13 +1494,17 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) return 0; - if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; - else - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; - + if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + } else { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; + } return 0; } diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c95fad495460..c0c310c569cd 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -148,6 +148,9 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, case DEV_PATH_BR_VLAN_UNTAG_HW: info->ingress_vlans |= BIT(info->num_encaps - 1); break; + case DEV_PATH_BR_VLAN_KEEP_HW: + info->ingress_vlans |= BIT(info->num_encaps); + fallthrough; case DEV_PATH_BR_VLAN_TAG: info->encap[info->num_encaps].id = path->bridge.vlan_id; info->encap[info->num_encaps].proto = path->bridge.vlan_proto; From patchwork Tue Feb 4 19:49:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13959837 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9F9B5C02194 for ; Tue, 4 Feb 2025 21:16:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=HrgHAZ1wkxIuk+6zp2MlzAm4+v XBYJhx0mC5d4L3IacZX+uuysWZWMtIGMTI5+VeAlJx7/lWHFslhDVG5th+/NWynUdOoq5TD8wilJw 3tvs3MMra/TKidCBx4fm3du7XH3i+Tq9Jy/8kQxjoZ3oeu6aaZxUlolHMLQpoNcuhMqOd0Tk9LOFs y/SZAXhAXs2vQiWBCHauL/AanCAY/4UbnaJy2urBRog5CSwxbO+1z6+Nzl0OzUl1pm3qzQWfFxqPM S4cmaPpzwy1Bt5O9E9mHKZ+cFmEbYvO64Aqx8rn/fARN9kMPr6ZlbG/A0S1zlh2gjVVJmsdPgj/kS 9dFVnKHg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tfQHG-00000001ZUg-0ouN; Tue, 04 Feb 2025 21:16:14 +0000 Received: from mail-ej1-x632.google.com ([2a00:1450:4864:20::632]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tfOvz-00000001QPi-1UlY; Tue, 04 Feb 2025 19:50:12 +0000 Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-ab6fb2940d4so22300966b.1; Tue, 04 Feb 2025 11:50:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738698610; x=1739303410; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=N+yCzvyQxhKppx0qG1NmPVXKvCu08U+wLA5Hkf34sJt4cT/tm5mjUUxgzSdDMBmE/I s1sKESk7hlBh/Aw48WmF0ddqYp9k5Db6GSOA8esJSZ0sTXxxUXSUrDaU73f8k7OpkFS0 om9EVnFuZDZUI0NG/A+S14k5U1glLHZ2txUn/jWU7s6GQGJpKzMOZ+WTFMGfXC3TcHIJ ItYXlyTCC8F97ZrPWuXomYSUjNEwq8kLsLltJSEWc6wasx9klu++sAs4jzLLkeA7uPI3 NLcyg3SvRzlHpYk47Z9JzFdPW2hkwt+99ACuYEziWl5RnKyqaL/kYuYlPK/8J9cvycE/ U+Ow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738698610; x=1739303410; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=L0ZdGtweB9UB9zqgiaJK99Qzwuo9SHtdBgTU3UhICqnRLW+mX47mnL2fxdpV1X6FvB LMUu5uQ0srfSeDh4WD2AuIpwMH9Vti4HrlHRSqcse2u9HAAfhiEZVih9vy7qWm+GGRYJ zJFgNaHPkLnMjPC3EeQbavoVrcxiV95h548MfMIwVv9VmXAwlaapX5HAqQ+vb5GgDG2L GyS5BoEqPLW0PpPWrXFQY5ZUoTBPZOYDHBe3KBugYjsI/KurWYGri0JIzno2PVixwo39 s30M3EIyT+4QbHAtU6SoNE6nOgrCCBpcMwztryYuu9CKk6wpz0yQ7izUc+LTZEzX6R5f Ekfw== X-Forwarded-Encrypted: i=1; AJvYcCU3bzYjQrhkXZkCFojwFN+XrdO5OodZpl4SETRVLRkR6Bsp19AYYeEel6tgSYCxRO3syi3/Kx0euXS/ktBXsbr/@lists.infradead.org, AJvYcCUxMpbAQOcXXT1+TI45PIXwof8jYuug4ENx4+6UqxoPcORXMOwO7bdswrmGOmk2WPll+fM02G9UWHEVLUuP3GQ=@lists.infradead.org X-Gm-Message-State: AOJu0YwC00qRAOnRY0o/6FeUs8SsNpnG9X/kUxh90udroKfHj3wV4DjV 0BTwrrdQHDhj3WCvehEE7H7GaoiVKYWIck4ys/rK2d5/aYdFwXzE X-Gm-Gg: ASbGncs0djLw/xPj87mRwU4kK5CFL/Tnf86b2zE7QdYfs+fKvnat+S6KDezQKS5al5L rVLbfPkec5+2jAXiTKqfLtndtqL9tZhBaZWkimI/BWbySUY8ncihZUDchIsYVOMDvjsS3txL/nv F9GyrFpKcMwUOS0Y2dFLUykLfqfDL7haNhkP71BVts4CLkbKjXAiVCxXjoQrth8QNGsZpbrMHTu +J3W9valdBWO1NKLScd2dVwSKly8OWcbdKwDkRHKn9OVJQrHU/4J/jzByUaqstpxecC18hhhE4e VJIXIwUKJMnxTDhP8/pDijSyltVFmyBFRT6i9/z5eYG0BHDfCS3R+qWi9oHgj85PY2/ss8VnEQ1 KJmRn8LoTHavA3iWVKaX5OrV1M2hp7VDw X-Google-Smtp-Source: AGHT+IEaPWaX8cpFgoktU0XxOZBCl8fVUKiJfRfuUx0hZEzWqrcdoDVy6k8mIpAoqS72uk21QIlM+g== X-Received: by 2002:a17:907:6d23:b0:ab6:8bb8:af2e with SMTP id a640c23a62f3a-ab75d481861mr16287166b.26.1738698609919; Tue, 04 Feb 2025 11:50:09 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab6e4a5635bsm964684466b.164.2025.02.04.11.50.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Feb 2025 11:50:09 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v5 net-next 14/14] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Tue, 4 Feb 2025 20:49:21 +0100 Message-ID: <20250204194921.46692-15-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250204194921.46692-1-ericwouds@gmail.com> References: <20250204194921.46692-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250204_115011_420324_6B410A6C X-CRM114-Status: GOOD ( 19.59 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 142 +++++++++++++++++++++++++++++-- 1 file changed, 137 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c0c310c569cd..03a0b5f7e8d2 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -193,6 +193,128 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_ctx ctx = {}; + struct net_device_path_stack stack; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + + if (th[dir].tuple.in_vlan_ingress & BIT(i)) + continue; + + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + const struct net_device *in_dev, *out_dev; + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + struct pppoe_hdr *phdr; + struct vlan_hdr *vhdr; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -311,6 +433,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = flowtable->type->family != NFPROTO_BRIDGE; struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -364,14 +487,21 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_add; + if (tcph) flow_offload_ct_tcp(ct); @@ -419,8 +549,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: