From patchwork Sun Feb 9 11:10:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966773 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B74D5C02199 for ; Sun, 9 Feb 2025 11:14:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Jv+cLmILsq6/Q63wf4VLe/fU0JLiD7L+ZSaxXE2WQYo=; b=G5yn91VInGruaEajUAoqf64agm RddFcFVb5+idC1gi2m2Cy2Uh+VvHYO5adoV8ySSp60RW306nkeuE6qE23nw2/e8d78zzLVtUXcGNp lCi/SEPo6F0j0bVXnZSPIvooJTqa/tWJqiStac45UTa8yenzhpf+/bHxTRnPJfK5bqNnoAWInqSZT 0QJUrHjFLljpy3PSA18k8T+p/QLdT5om1VM/1yfZfSkearDA3rEzB/8yFI42JO2izm90q3XIwUjyu bhlF/mbViehMlFPYhLFb1nbmNimuO45zeJGIHWQHkSo9mc+ShrDuiA6K72mamnWNQfnawtv9GEbLc wQYKlX8g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5GD-0000000Ehck-3maG; Sun, 09 Feb 2025 11:14:01 +0000 Received: from mail-ed1-x535.google.com ([2a00:1450:4864:20::535]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5D4-0000000EgXC-2LAI; Sun, 09 Feb 2025 11:10:47 +0000 Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-5dcea56d6e2so6290579a12.1; Sun, 09 Feb 2025 03:10:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099445; x=1739704245; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Jv+cLmILsq6/Q63wf4VLe/fU0JLiD7L+ZSaxXE2WQYo=; b=UV3FLH6m8p2UzHJeA93/rHZvIfFQBWG3+m/7LsNRiw1cPFdfKdpRIS1xO5uML9qmdw pi7Yn4OuvJh+h0kWKH+msQ+B0vy06LR/H9bO1LqVwzGqYGWGNWkV0ixanamRYkmm7eK2 Zx44XvnLyDPNHwNhZMq+pphY5lP15HXAVHqAuxOs3csgA1BZpuSYvhTfkuojw8eNt9HV sG6emoldfMIa/DZAFtzdIYfbw5akc6vh7sFf022PLPId3gx1FOMzJmNKqvKz2vmSjJdi 7xuQsKZ3oTnvZnkInjP0YTtBze97VIRYJT+V50/cDnPi3eQvc/ghzZ8moll5dPrWlb50 wmLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099445; x=1739704245; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Jv+cLmILsq6/Q63wf4VLe/fU0JLiD7L+ZSaxXE2WQYo=; b=nB7JFmwxS3pTRaBBDxa6NFlBFxR0H3iGkrs+ieCTQjB+j4SMe9QZuvqSFzWA+TfU71 KzgKr5eXQRCrfIsTi+4HLHLF0a6JEkw2XquoVQzaZT++L5S1WdYRUbONA5a4Z31B8LdB RjV0qrbagnz4rYs5+sXBtxRlwE+R3YBkmAS7z3JEPi678q5T7O1LxQD/AI2ew3N9PXzJ Uju/f+N03WBZzw8tKjKKp/F1vVNFIJCrEWLup4xeipVIDquYUhJy2mEKoQ1O9kCHzcNC rsVlVEkjtc5XEV4iXea/dL3X6PPAjaW6LepByULD3LXS9DAqwLA//rGEvTr6mkCgsDdi BEzA== X-Forwarded-Encrypted: i=1; AJvYcCUa0DQk6hIAv0OgYWKwqQ2rfg/rzcJNCifhNBHJTHWy/V3lifw8dlhXKJecKbL7HAmAvN9F7WGL6J6KhjGqHE/C@lists.infradead.org, AJvYcCVXaTEJCSNTsNAmi02ulNtQupzLXaXWhKAp7iOfRjwzc0jdbcyYiiWB3oFDwc/0/PhFC+agdLFElaY7kwGxBXA=@lists.infradead.org X-Gm-Message-State: AOJu0Yw0fMJc9gNfIoRWMuN1W6yyqdNd8TgTRCIvA12o1DjUHICc0PiH Y9udAc1MGZ+xNjihfbfmHTc9qWp2jztx7JbOAz4ZL4KI9GpGlWPG X-Gm-Gg: ASbGncv7DoS4dMgtVramNaNK2DueArO4uklALBuMdI59DffR506OR1kuRe2eGgWKBjh D95RP9AHkpK94vpmFwoGehtX5Ly+eWv2Ufr/dLvXfNgxsN87P4dVoATiqI7k6s2L/8mlY+HpuRT aiy2+k0VEKBR7vfX7BjhCG7Gql0Ng+rSFn0Y8h7TEQg6VDXhrSoPb1Syai8CcCFrBbo3gg4Bo21 QHB4/qHRVJhGDf994Xn5PFswyUP3we8ySOoQgtP2THZ5vVgtWT33bbS3sae6Hqk/zE8W+MqomS4 0udErif1TFPi28havoiHsw3dcutBuGr7QHFkfDMGFEEMkaKVCK0kdp4pQ+dVVSzEsvm6xfAaNhn mAhWwFR+lU3haS5zSxUyVIK2Ny+Z5pLDA X-Google-Smtp-Source: AGHT+IFXYULiROmtF4EyTfGufju+UjViGw3XLxQmSmt9lA2TpOAIjz2H8Xb5sfx3OKtKl9zdly0ehQ== X-Received: by 2002:a17:906:3586:b0:ab7:97ca:e8f6 with SMTP id a640c23a62f3a-ab797caed01mr570807566b.54.1739099443030; Sun, 09 Feb 2025 03:10:43 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:42 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 01/14] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Sun, 9 Feb 2025 12:10:21 +0100 Message-ID: <20250209111034.241571-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031046_619008_E5965E79 X-CRM114-Status: GOOD ( 19.43 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 97c6eb8847a0..b9292eb40907 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -306,6 +306,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -335,6 +421,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -343,6 +430,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -464,7 +554,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -761,7 +852,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 46a6d280b09c..b4baee519e18 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Sun Feb 9 11:10:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966793 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C77B3C02199 for ; Sun, 9 Feb 2025 11:15:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=uOrEQaRHBJOAAhkPnSiasb9WHT dV31BZnKSlb78fMne8ucadaT6vYowyqP2x6wumenEd2Q+J+9zyjV6ixtnTkL/emKpLdxOyUrTI43p WOFdZdc6wsojhXrL0+AwBzqGSF8D3va4KxkHLsLoOeCxrJbLXOHZ4ji0Z/J8Mo0V6kxQnZfrOeYQW UMJT8VEGvPaREtVymP6+mzcUTvMz36T5aiDZUvPMchAdMhqVzjHs7wDgm/k5Ac7DrVoj7cF0a/h5Q VbgjPzhxckvSjXnieghnVTV4x+hAcNHkGx2Xt7WKrHw3xDiUp72oX7DIB3XWBPvQzsd+kxudFg53A XJVUSeIA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5HZ-0000000Ei07-3rQp; Sun, 09 Feb 2025 11:15:25 +0000 Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5D5-0000000EgXL-26Ss; Sun, 09 Feb 2025 11:10:48 +0000 Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-aa67ac42819so542778566b.0; Sun, 09 Feb 2025 03:10:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099446; x=1739704246; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=nJTofOMnDmXE7GRT2vfrQZQIDQAiS27p++QgRWkOdgaa6PVLgj4TZpBx062vWdDhJI FrPagwcS69G4rmlieLS8Tr3J+WODuyFk/Kzlw4lznQnsJ+kzDIlY1JmKy0ZGmBZrLG9d mpJBj9HI7x4wunh4tgOZnJNwBTBuu+8aBXkT0zCzW9Jq+UG2mbxbHVulMww0YkFZWXSs jy0NmKc42hPI3bX2HlcLlU8fYAo75gqAmfQujCv+UPMl9U7Mf0HgXhX9S2oxhCLqvZaH YYdtNrXfNnJ/FsJCNAVnmWIlpsSByedqZM/LJ25UAJ7u00DER4Iybizd2r5BqXogtsBa NHYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099446; x=1739704246; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=ZXTpRjld0CdHvHEPT2sMz5AeBaVrZCG/c2KJSQna0hz6VhsVEu8NWlLxmEGMKcltRV 5UZGjD+zzBWFTT1sv0SDzPC8YFXxjG7kaOB9BfwzxHBvWZwZX1d+X83iIYG1oMMH/n0R sm6ObxdWQudJKIYUAgKAl1Oc2dcoqBB5IVOpcN5ZnoaGbV947+wpP8amxqa3z3Mfyrk5 aA9WEQmH3ptEWEm3WDxNh3WPcsnFnhs67sG/kOXJ2ac1EuqB77xfelFaUBu5UBuMnNxo QbiGlAQ4Q8lBPN6MX7Lr23mRzRQeXZS5wcUJxL6klT+/aYek2Ea4QPZrDcffFBEAGyrI R1gg== X-Forwarded-Encrypted: i=1; AJvYcCVuZmNk7+kIitdGYmI1z/XrjwiLEBJRJxoU+nj+Q5ZFVcGmIMIW44hx7pAjZHi2okdvreIl3qRIRxZvGuXx7J2T@lists.infradead.org, AJvYcCXt8XYgYbCOl11ca5vLx7YrJ7QxZNTwqnNw44w1b2UX7e8jGJN2J+GibjpYhVsyavrHEe72BJi42DQA+7qpfy0=@lists.infradead.org X-Gm-Message-State: AOJu0YyZuw/8wJRE5hLFTuXOgIztdbSsteAUdFM15kWKFd+dkVxun6V7 y1rm3BR5QBVp/8XGpsaqZWSp/CckgGjGL6vRe6lvU5jlf/chvJz3 X-Gm-Gg: ASbGncuwh9WneZISDYPdKel5fyuHQ7cX1MHsNT3oDSak0fz9bnlNdewZdFfX5mhTThJ 2/vZbrg95KYKO44QGcKFvs5vfiM5WWqjXOrbrGYwZVMN9Mx1TJ3UQbLagtdybkHbFkaXdyDhyAZ CfgyDeYeX5buRDbz/cFM7KuHNMyVQAruzSzA0Zebtd4owExQgyj2Vn285LY2VoEjwpN5B+7XlUg P/gtFskk2RYNXA73UNo7ixhvRsdubC01nsFAjMFGVowguTambMpLqMyzb3+a1hCdndNxNLe71ET I8z6vNQ7t4BYZYK1zgwoIRtPl7t3e74M6yl+PG9rgOR7cvTYYWR16JnO/0MbB3ZtN7ObOa9OX5S TQX7obtaduYoQ+g7M+F//zKLwrgOANBCl X-Google-Smtp-Source: AGHT+IGgn06hMTlVvi9pNiIOCGf289zNj88FfDXoxW/6B8WNNLYcdoNWmCMQN1J0/mTfbfKOoidTdg== X-Received: by 2002:a17:906:4fd6:b0:aab:d7ef:d44 with SMTP id a640c23a62f3a-ab789aecd06mr902224966b.24.1739099445427; Sun, 09 Feb 2025 03:10:45 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:44 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 02/14] netfilter: flow: remove hw_outdev, out.hw_ifindex and out.hw_ifidx Date: Sun, 9 Feb 2025 12:10:22 +0100 Message-ID: <20250209111034.241571-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031047_538296_497BA192 X-CRM114-Status: GOOD ( 15.14 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Now always info->outdev == info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 2 -- net/netfilter/nf_flow_table_core.c | 1 - net/netfilter/nf_flow_table_offload.c | 2 +- net/netfilter/nft_flow_offload.c | 4 ---- 4 files changed, 1 insertion(+), 8 deletions(-) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index d711642e78b5..4ab32fb61865 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -145,7 +145,6 @@ struct flow_offload_tuple { }; struct { u32 ifidx; - u32 hw_ifidx; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; @@ -211,7 +210,6 @@ struct nf_flow_route { } in; struct { u32 ifindex; - u32 hw_ifindex; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c index 9d8361526f82..1e5d3735c028 100644 --- a/net/netfilter/nf_flow_table_core.c +++ b/net/netfilter/nf_flow_table_core.c @@ -127,7 +127,6 @@ static int flow_offload_fill_route(struct flow_offload *flow, memcpy(flow_tuple->out.h_source, route->tuple[dir].out.h_source, ETH_ALEN); flow_tuple->out.ifidx = route->tuple[dir].out.ifindex; - flow_tuple->out.hw_ifidx = route->tuple[dir].out.hw_ifindex; dst_release(dst); break; case FLOW_OFFLOAD_XMIT_XFRM: diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..d8f7bfd60ac6 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -555,7 +555,7 @@ static void flow_offload_redirect(struct net *net, switch (this_tuple->xmit_type) { case FLOW_OFFLOAD_XMIT_DIRECT: this_tuple = &flow->tuplehash[dir].tuple; - ifindex = this_tuple->out.hw_ifidx; + ifindex = this_tuple->out.ifidx; break; case FLOW_OFFLOAD_XMIT_NEIGH: other_tuple = &flow->tuplehash[!dir].tuple; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b4baee519e18..5ef2f4ba7ab8 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -80,7 +80,6 @@ static int nft_dev_fill_forward_path(const struct nf_flow_route *route, struct nft_forward_info { const struct net_device *indev; const struct net_device *outdev; - const struct net_device *hw_outdev; struct id { __u16 id; __be16 proto; @@ -159,8 +158,6 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, } info->outdev = info->indev; - info->hw_outdev = info->indev; - if (nf_flowtable_hw_offload(flowtable) && nft_is_valid_ether_device(info->indev)) info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; @@ -212,7 +209,6 @@ static void nft_dev_forward_path(struct nf_flow_route *route, memcpy(route->tuple[dir].out.h_source, info.h_source, ETH_ALEN); memcpy(route->tuple[dir].out.h_dest, info.h_dest, ETH_ALEN); route->tuple[dir].out.ifindex = info.outdev->ifindex; - route->tuple[dir].out.hw_ifindex = info.hw_outdev->ifindex; route->tuple[dir].xmit_type = info.xmit_type; } } From patchwork Sun Feb 9 11:10:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966794 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EE504C02199 for ; Sun, 9 Feb 2025 11:16:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=APe7rh5s7CJUwNWE5JGWSHSoTh QqQP7JvaFMwMoqnqyImFe816pkVKYUEsOFAvvHD5P4zpDnXVJxc42qDejen8icuYT+3v2kxBL2q2G aj3dXY5/b6bqHu50vsRj+FkNnHOqey4ubz/dEWoHdOtfUl32lipdh6PM3WVRfv3MNbDmDqgMlPKZe AHAFtdEey+sUpRnFXNRT/V8Jr6LzQrQXONUbgVtLX2n0fO9OPXYvPNxs2farlqiqzQFeeo4TTaGAU O1kBuvX0Y+/jbAVKvDY5O9Reeu3+9ACzFUYHx5H60jLs/GKLUshBLMRrtGnVPHDfzBWwyso0DfUFR 9TdnLO1A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5Ix-0000000EiKS-0Kxv; Sun, 09 Feb 2025 11:16:51 +0000 Received: from mail-ed1-x52e.google.com ([2a00:1450:4864:20::52e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5D6-0000000EgY3-3s6P; Sun, 09 Feb 2025 11:10:50 +0000 Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-5de74599749so391162a12.1; Sun, 09 Feb 2025 03:10:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099447; x=1739704247; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=BpRmv91Qn4JbZOmXMT+MfppsyxjfTdoxeIgt4dCFHmpH8FKAJeCaBSFdCjleVWxV4R vQILFU8BRU6aClXQgV5hQh6hMVIlfJo4XlWr8Q6207EzDyH7HeXaZo6Iy/9mH5NefxG5 gAykPVBXnIC6JIq4AIPw6EDZ9JiIhOc9z/wQLkYaTMT4N4tQ/8eFVInBpvEvIgGA5zwa 9VdOoqoC4fbSbOiwx6T6qWokShHsVVZiqz77Zb3E5H0GS164X4I+3i5yuFr0uxr5+KBi tQJ6CFcX3hVR+pHaW6zh6NaZA0MRvYf8DDYcTmeVDVjibaoJv3eeLyQwl8hsRzuxEdGj ivHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099447; x=1739704247; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=pWtLVaJGSNKUwS5SPobYhAfSPuQVRaTgepnHgbKJTncRXE2p7omdy2FzBTJhoMfJ+o 3vfDjU+bhVHDej5DhivuZLj3NSRm32K4gkTlc6ZEyDAFnZSzkY+a5aguqKISiV0ZU33a evmdV+j8D8gE35aB6L+rcuaonwrW5gC9pZQuQsT2+Atn5qIgXs2lSLinZD26E/jFhYRc SUKAPQtJkaDp/7Wjh6EF7dgiw0eygika4ec856J374UbH4PG6jvyPfXbabIcKA2Z0ikK WOAMya3aGt2JYxD6QRraQg+6hCCE2HeGCaYdcGEfaiZDHhUpfiEnjzzJkvzpN9lhWuNA ix2g== X-Forwarded-Encrypted: i=1; AJvYcCUz56qrlwLp7MtTv7SoI6iDMcFSOasfT6U9PI0Op8x5yY9D25Piu8ky8HepJu2B/hIMD1bL/R5U4boUZ6laz18=@lists.infradead.org, AJvYcCWNwS8R0A3Fm0axUSKJUaS6TNwxlkeF/69vtw0ptkXc6XzxhdjwF3b98kXavGbe6/d6IFiKzK9O3ahJQPfn1y92@lists.infradead.org X-Gm-Message-State: AOJu0YwHjbroNOGpslVRrzsJHcUzCKgHc+WZpE/YSHxe87VYt0AF1+2n Ens5Pe4L8Gze3/saUO3/VGaWytUpsCe7P/+1Ob7SBEebgPpaTXFy X-Gm-Gg: ASbGnctTp9ggL25USYf+naNW0+7DdhGMtrzPNgig77YxQor3CBIjQzkYtneFQ14Img3 DqehzKVhJuSHimLtwzg/ZMSuXD9OpISPcJsWagMXqdfps9uIaCE4wBihlOuNaQuSBGvqP+CcUHp vi19YWlWOZr+DKcruRzYf6gImG2SGw7XuwUSon+RHm7kfkACNWd7wEe6k1oeTreFJu0LuoCTJkS JNKq7xLOILTGQsjpxnAgitWfYlWnz+Z4BJ5cECDDyUBXM6ekPZ8EDPNVOKel6V2coIDWtb+2N0K yY7VghgoNhhY4ogYPmXgtWcnCC9PEG95nbKFFEnnCTJutmBEbbmni6NihLW7hv8y0b8eHYGqhA0 iiILN/63afTKVPlSIxlh7sVjgE8RCWD6y X-Google-Smtp-Source: AGHT+IEJGx8wQoo1dMKGJULnbHYNaXYTUKaNfqX5z4+uVPE/Bt8Onuv1jKMr9kAQ8Pgh/X+AOmc+8w== X-Received: by 2002:a17:907:c04:b0:ab7:e71:adb5 with SMTP id a640c23a62f3a-ab789cbe4f0mr1245719366b.35.1739099447174; Sun, 09 Feb 2025 03:10:47 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:46 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 03/14] netfilter: bridge: Add conntrack double vlan and pppoe Date: Sun, 9 Feb 2025 12:10:23 +0100 Message-ID: <20250209111034.241571-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031048_963469_E0CDD884 X-CRM114-Status: GOOD ( 14.22 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra --- net/bridge/netfilter/nf_conntrack_bridge.c | 83 ++++++++++++++++++---- 1 file changed, 71 insertions(+), 12 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..4b4e3751fb13 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -242,53 +242,112 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, { struct nf_hook_state bridge_state = *state; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + __be16 outer_proto; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): { + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + + offset = PPPOE_SES_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + ph = (struct ppp_hdr *)(skb->data); + switch (ph->proto) { + case htons(PPP_IP): + skb->protocol = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + skb->protocol = htons(ETH_P_IPV6); + break; + default: + nf_ct_set(skb, NULL, IP_CT_UNTRACKED); + return NF_ACCEPT; + } + data_len = ntohs(ph->hdr.length) - 2; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + case htons(ETH_P_8021Q): { + struct vlan_hdr *vhdr; + + offset = VLAN_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + vhdr = (struct vlan_hdr *)(skb->data); + skb->protocol = vhdr->h_vlan_encapsulated_proto; + data_len = U32_MAX; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + default: + data_len = U32_MAX; + break; + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, From patchwork Sun Feb 9 11:10:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966795 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3811BC02199 for ; Sun, 9 Feb 2025 11:18:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=o3vCbnYqtjx3z11MbHxasTKRDF VFctaeM+x0cJHMUzOIvnwK3s/pLTXQn0zYy0UK8u21/WgqovYkT23pmpP01+h4DYrgJfjv4NAFWb6 MYBPxk/tMFCVUPLseNRRBxYmFA6a+K+FcL4LIy3ldS9hUc6TvI8pZXgGKYgEmKKwCWmUY9/ZGZPJF gP74CBpe++7tRZxc5SEBShdHNydhBxn9G0Po/il2aVgFWxYNkpH9BaWxO8pZJoHqfa7tks/MRoPJX uD2oG6IE4EW40kU/WgJLhE4MNuS4FtT2H7wYB3HlWjpiuo4beqdNbUaRzEdFKZYT7wev4JpLPZQs9 AGaLWs9A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5KJ-0000000Eiaw-1jU1; Sun, 09 Feb 2025 11:18:15 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5D8-0000000EgYk-2sZd; Sun, 09 Feb 2025 11:10:51 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-ab7917fc0c2so337511666b.0; Sun, 09 Feb 2025 03:10:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099449; x=1739704249; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=FTqYt8q+7XJIHujUDlv/f34ctJZBuA7+sbnA05qBV0OTxV5dBbK5Bluf69GVbx+dM8 vNJ+rFzh8oO9yoo35oT4LMPMF5h0bptFe/LectJYM+wkHKBa4qoO7B/BKMNdkyv2zVo/ vM+A9i4W909seSijnvKRks0aZTvSOvS6P1cKY2vyQ2B3qUalbSgv4NvIn8RbwPuGiJkS 2jsmrPcYDFocURna86/5h9wsSmbUdijZeUaK9IUIvxKOfW4sJujM6+ErQR4u8bq7AEL7 oDIBk+yE4zTy4ztqYmUoXksL8gnYPiW8r2x/YQBNkZ5PRTlE2KKVIAUf5AHP6SrrKr2+ R77Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099449; x=1739704249; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=vc6xsKYqKWRpzinYYB9CsAYjqMvfqTRxRrFbvEtNn+etJClDAxkFdPsZnID0BMtdWS 0iaIPON/oAUA/6Vnt2npgKEOxq2WRUp98mQzUMqUeACFoE6Ca1WMxcvpxtZShRdfiJIl 0MJTcb7C9qkYMuhxhhTy8Ssbm1RJLCZct9JQ4Fc9ZU/omhLsxrNuorkohJrpoAmF2XZ5 eJsIIrhv6VFoRnKEiBDMHwfUEZ2Fr/SwH9J97W2SbCQMUFRsjRw82Hnp2aEaUXTaIOdj YrameqmrQPIUbrk+gkWqgeVU13UWZ5eirxVRDJFgo521eSI7NkqlExPDa46p4DVnfsHW YDoA== X-Forwarded-Encrypted: i=1; AJvYcCWcFZBxs0l5IVp0FXVWNwku5r5dZXj3sC4jPc75sUVCXmKcXqsMiM/4d/Wl8YWYOcK8VYqs/X7q4P8DY/wwIV65@lists.infradead.org, AJvYcCXDxRQKVJWjwuQGjy/og2neVdCo3+33y6VYcrmUZRkRndyGYGE18ydmSBryPTW2ATMbyzCxHj2vTee8bTDoMb4=@lists.infradead.org X-Gm-Message-State: AOJu0YyUlWv6fS2qm++zCji5hMeZI6XfUY0UVZAEAzEkeHn9zi2vj7oR IsLPDv+/VWHxW64cGsYc0BflfMRUjWfw5BkUNrN7WDkpT9skr/j9 X-Gm-Gg: ASbGnctW6cv53tfWeSQWaccldjPDOnosT9nb+dnZUAoBaYwu6AOGNt6FmmZTaEszsbW c+pCnarYh4ySh1H6tWS3BDWZDcEC9CFOjIvu9GtPDrj6DiNvE25rbLUTSwZXitOFBPGE19RXSnB 5Pwr7eUL0Iw5iTm7vbZzJ0fzyMTlnzPz0OfJUHH94FMfTf7/EnFNnrFXbJoFW9v5idS13aapyZn 6PJjdACPAM7UklLXjfOddqh+yp1N9rODr6fGQDAlppm00JmyT0V8UWniZuYFJ8kde3VvCE+gQsD JsYA8SBIypRSFNvGnNHWOddYnlwZLQaZr+1n0L5e7ZBFOPLGfoKYT/ohrMjvMdoiIx3FIeqVeFv hzTtH0MAR02czrN++ohrUx6EBTf4V3AFK X-Google-Smtp-Source: AGHT+IFQ0RozlZVD0Ur8OeqIX9zHHE/nY2BIcLmW4b68G+IKqL2kYQbbZ+HNgEJWAQaRsfBoOg4giA== X-Received: by 2002:a17:907:7f08:b0:aae:fd36:f511 with SMTP id a640c23a62f3a-ab789d3431bmr1087121966b.47.1739099448924; Sun, 09 Feb 2025 03:10:48 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:48 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 04/14] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Sun, 9 Feb 2025 12:10:24 +0100 Message-ID: <20250209111034.241571-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031050_727857_AE7EE81D X-CRM114-Status: GOOD ( 12.18 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 19a553550c76..7c7080c1a67d 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Sun Feb 9 11:10:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966799 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 45ED6C02199 for ; Sun, 9 Feb 2025 11:19:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=u4xHwXg6EmPjQs4unBR1swhwZyfltEqvFEeKEtV+1dA=; b=y0AISJS7qE22IVmA6ieP2h51TQ 2L/taM5tLETzuZmQskyVoTToMYLpSWddKpfqcmhgPGi6Ygf8ixemqADxvydPJE0yzmZn1vGRAERH7 rOxTFp703hMhEqNWfKQt6/yOJROzbkKFoH8O98lW+075mV8SK9lRI7fAOfIXNkppfN7DMypB5tCuz eoGDLjywnsIHJcrzXUmpg8TeTupIbJESUnp7ZGrPt8xdmx6EHszhhxqfKfQ0MoN4IgQh4ydszmwzU 8U+q6ek0JN6dh6fkWUaRLLCr6uSbQ9YgyjuJluJO8JT2ym+eTLNBWTAGhBqkIWnU9D/6HdGrPspJt xAdWj+mQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5Lf-0000000Eiie-1cV0; Sun, 09 Feb 2025 11:19:39 +0000 Received: from mail-ed1-x52b.google.com ([2a00:1450:4864:20::52b]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DB-0000000EgZY-0PCM; Sun, 09 Feb 2025 11:10:54 +0000 Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-5de4d4adac9so3861346a12.3; Sun, 09 Feb 2025 03:10:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099451; x=1739704251; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=u4xHwXg6EmPjQs4unBR1swhwZyfltEqvFEeKEtV+1dA=; b=bI0Cj4thg68qVTxEgzZGDn7DdLdqA/RfEqejaMCPEyf9KKBlPt2n6wj7AEIomJaRDZ dj7WYvjN3YBdZbEckhh6fYAMenDcMr/YJM1apP15uVsFH51A4VDe/jo0BaDefprUwQ6Y W6K615HjnCrIpsehVSm1Ziw3AQ8p+HT+YIYiwCbeP95qUZqwQQ/QUEUCfci7sbtvpCDB fPfmgjgNOI46yNzyPF0QbXyLrfLrNxFWMi5fx6HFbmUo0H5KJ939rcJ4zQc7LtwIU9R3 l6THxhSaCUDY8DNJma3bQHvtVRD/g9cSF7XNLxqFYbnZgmWY3bztQ+VKwj047B/LJzPL x4fQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099451; x=1739704251; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=u4xHwXg6EmPjQs4unBR1swhwZyfltEqvFEeKEtV+1dA=; b=B92bWcaQtksQSyWqewrYnZ+14Nyyp7D3pnIr2faWd4p/XlN3MLX9nm2t3vRpN2hmA6 VIhvp7tE4oXfc9rLvKRagJ4M5IPTVVqQd/PkQF8OxMbXoohD0sH/PuvxeDc/WkwYwrsU w3zfn3qu+C/4Ap61i+jAzg+3qggBDGrtPVVJ6cSoEMCL/SVvdR0DmbQSoO6gBlMwzsIn NtnUnRbSrk+rwU4dMZA9TWQIhjR0g/yS2A/pU63WBGAeL1FCgJOzzCW3CwF4v57FX1nm tPfEiF7CCHgaM58lNCOTdHTmQT7t4N/mpgjovAj8pWpRm2vHZPgUFz6/seMIxdmX0UlM thGQ== X-Forwarded-Encrypted: i=1; AJvYcCVDq821hGobFbWD/dIVpCVIIXLHenvTBUR+XHTWaRHnc612TKm+xf/Vhp8RG89Odqou7/as8maHkzCEtK2MX4A=@lists.infradead.org, AJvYcCViL3E+31ofwhBPXUEyo03H6GCm8hXtTlM3ppTCWl5ARBCxUvdU3bI6thTD7NXzgaSlu9VbIvILSOKQMyc4k3u6@lists.infradead.org X-Gm-Message-State: AOJu0Ywg4IO8LhC9AP9U2T9al3df5S73iv/guIrmHxYEeJdkzG/yqSiQ Xg5b4MNW+ZT8o5aeI/gAghQjOM3ByaXj3AOFx3iN6oxvRkfkGGpu X-Gm-Gg: ASbGncsMhBkuQ/OiY6yfkBXT52UFchC6AhctuyTR6uKUKU7JBQGhgjvPZY+KM3sHDMy 1dwkSJ7/gvhsanshdJSIAQJai0N05l1y7mDLHBx9K7rZtL45ZbZg2Z8aWH/OZqsSqUeYD+41BZR NdSW/v/ja2o1FoL7RIwtd0QqkIA2/TLJMpH0fjc2aCX20mLzhUg2xiI6UUGQxy5XRAb9bLxARIV /VPC2zu4RdDC/Vw/TDAGBG1S1gCGQ1Aj5Kk6O7hFOcN8hUZ1MdTmPcBPI4KhMIq/wQJUYXNsPEF DKU67uJWiHDhA7b6k+QvvAj8vG1JAlRo4Q1C+NfVpVR03dE4E/4qKleNJGt+ZSoQSJeW4fbPXZz Y+NZd0CR4+QzXYSW9hDNqh1JYBDJ/0YCv X-Google-Smtp-Source: AGHT+IGqAcPNkOC3T2w/JTV+drwdUFB600X7DdmAkY02Ru++v+0yQjzJWGShHhhfTBkgM87Q9bKjbw== X-Received: by 2002:a17:907:3da4:b0:ab7:b422:c075 with SMTP id a640c23a62f3a-ab7b422d13fmr154639366b.23.1739099451247; Sun, 09 Feb 2025 03:10:51 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:50 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 05/14] bridge: Add filling forward path from port to port Date: Sun, 9 Feb 2025 12:10:25 +0100 Message-ID: <20250209111034.241571-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031053_133744_7E5967B9 X-CRM114-Status: GOOD ( 16.35 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org If a port is passed as argument instead of the master, then: At br_fill_forward_path(): find the master and use it to fill the forward path. At br_vlan_fill_forward_path_pvid(): lookup vlan group from port instead. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 19 ++++++++++++++----- net/bridge/br_private.h | 2 ++ net/bridge/br_vlan.c | 6 +++++- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0ab4613aa07a..c7646afc8b96 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -383,16 +383,25 @@ static int br_del_slave(struct net_device *dev, struct net_device *slave_dev) static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { + struct net_bridge_port *src, *dst; struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + struct net_device *br_dev; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); + br = netdev_priv(br_dev); + } else { + src = NULL; + br = netdev_priv(ctx->dev); + } - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 1054b8a88edc..a0b950390a16 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1584,6 +1584,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, @@ -1753,6 +1754,7 @@ static inline int nbp_get_num_vlan_infos(struct net_bridge_port *p, } static inline void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index d9a69ec9affe..07dae3655c26 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group(p); + else + vg = br_vlan_group(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Sun Feb 9 11:10:26 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966800 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3CC8DC02199 for ; Sun, 9 Feb 2025 11:21:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=fiV2XWtkfGXlde1QnvjR6tvTdGG2fr19IqREO8Jjig4=; b=pi/r02YhR//sQHj9C7BoRj9wBS jACDbzYVrEuVeIUPJEmuGwrSbOJeF5t5hpnZZpLhFrf5hme5f306ObBswS8cajpJ1RHkT3Z6QKtp2 KjKcYXUh6KWOCea+YX1JuE99ULB3yHKGjo0zAJRGAfXCc3+6fAe/Jy+jCZqXSWVHUW7Fgj95ddXxB NYf46Jjs1USKxkuULlTgqBjw34VhWPH2rQBkW+95Ipm3Pq2w315qAd0GjLz7ydq6lzZZxWtvXosXo UW5byad/3JLPmG1dJvX1OzefCPlIboHjjnPHHzkRumgqc5rNl6NUGK4ruuGaedKM7h5RKmv4Ueiu5 9an8mIhQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5N1-0000000Eisf-1b8v; Sun, 09 Feb 2025 11:21:03 +0000 Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DC-0000000EgaI-3Za6; Sun, 09 Feb 2025 11:10:55 +0000 Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5de5a853090so2476804a12.3; Sun, 09 Feb 2025 03:10:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099453; x=1739704253; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=fiV2XWtkfGXlde1QnvjR6tvTdGG2fr19IqREO8Jjig4=; b=Tv4IS6GJb361VWzI4x85Fd8heQX4YzYmzDzWr83Dl9e9mTBZC1Nh8a8lO5zwoEOani imZdxnI0j7OdXFb4kFFjoFQAm47wzWiJyZTDkWqc42605CnkQ+ARP5jAp2+YebokdpPD GvBbz9P+868pjHCKcEN03sxlul7yGCHtrGQ4axrEkfB4Z5L+M6XiiLEYeh97Ewm0XqsY P/x5WWRJH18AI3HSWBuCYQzT5Q8B5oFO3ZH4YA8SHsHVppoLYCuxt5xp0YUtP31zagqQ Y8G2ftIkcQ4nAGF/ohJD19C4vVdCvdjwfyqivGF4SHAxn4eXuxG2BYcu5ut2UL+cZERV u4fA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099453; x=1739704253; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fiV2XWtkfGXlde1QnvjR6tvTdGG2fr19IqREO8Jjig4=; b=fXzEseOiMpnHotd/DqO4abzvOh/RXy1UX6lzOr0gtt4zIncJJKDsDb3YAzQ4sym+4E lRsqPFgJxoJygc9Ic9ccH4+BrCfN+XQsekHoEm48n8uwqGrR/GVtQ45lXOaJSrXc/bXA GWnDnl9wVa9G9IA9kZG9yYlQJ7lXuu/BfkIkbXqY6Yu8k00LFSwmoaxGW1TFcjwOzIt5 Ck6F3Hukb9Dv6euL8TocTA1XM8tF6Ts5FrErlHJanxVL9pRwftH5XP86/T93VMOPRE8O nEn07AaXFsuX6rb3L5FQeVa7m8Tm1o5ucskDJfxyVYX5qPRrC69HiVyH8kNMWwX5osW9 ycoA== X-Forwarded-Encrypted: i=1; AJvYcCW5bVEwiy64Z4kL8nYgJOsMMD36AaXNBUOUBGAOsa6ksMZ238CaESg5IgylA0iLi/h5EAjITBqUL0iTTKo9k/Cg@lists.infradead.org, AJvYcCWPHOoVSoPI2gDl891/nd3Vp8sbHl2OGNFetGzwdRYkFXrFmjRpQBVAMnOnAULqD5U1p7/d43vF2EH/u7dqVH4=@lists.infradead.org X-Gm-Message-State: AOJu0Yxp7yVjxRwOoWwenVNmaMfXF2BwyQqTYAM0GcdMvEDxlJmqsEca rht9CDZyj2aJB5Gaq/24dllMVuOlknLH6cqO+E5il1AbqXp4Dp6s X-Gm-Gg: ASbGncu3I54axZpWSJvRA9t09+VFocfIpaL7aJeei/Uh8Jfd5GODmiA/81DVkVLcwMr CGPrMUU97oYD87r7Sl2SCekeB4o0mdRjXUTRfxL5092A1CVbN5RVhnlU371mcPGKBXGqhDQXdOd U+ECx0FeAqeF5Xx3fpqofQoIGgzP1+rRkyUbyNSz0L4yST8XVIcKxUfSIwyoHwb7netZYm9Phfh bxH5pmzpxAALuliQuw4CIt5IDb/XQIgsUwQOz89tqcXSV861nayL0hiBzETbjwnbfrPQKEuqn0x +U1H+zo0pUBqw9DqPUJ4es/MlwmmKjEn+XxzqfPSQ3vhc5zP5+KagvgTi0Vfnr0sgBk42WEj9U/ P7b5dhwnCFc7+9ThL3+DnyadpYVoNqpvz X-Google-Smtp-Source: AGHT+IEmLnqa0nGSLzn3hjiFdgZfX9hAmJ8z1fc9klOPfXuoZo6FdGrvL+huNkWGACzBiYRhNwKTyw== X-Received: by 2002:a17:907:6d16:b0:ab7:3e27:ff04 with SMTP id a640c23a62f3a-ab789a9f58bmr979157866b.3.1739099452941; Sun, 09 Feb 2025 03:10:52 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:52 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 06/14] net: core: dev: Add dev_fill_bridge_path() Date: Sun, 9 Feb 2025 12:10:26 +0100 Message-ID: <20250209111034.241571-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031054_889850_644978CF X-CRM114-Status: GOOD ( 17.43 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 ++ net/core/dev.c | 66 +++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 5429581f2299..9f925dc3d1d1 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3281,6 +3281,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index d5ab9a4b318e..70d767cb8bc9 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -714,44 +714,84 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; return ret; } + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + if (br_dev->netdev_ops->ndo_fill_forward_path(ctx, path) < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + return dev_fill_forward_path_common(ctx, stack); +} +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /* must be called under rcu_read_lock(), as we dont take a reference */ From patchwork Sun Feb 9 11:10:27 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966801 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C4F95C02199 for ; Sun, 9 Feb 2025 11:22:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=Kw0SbQYkpXzYhEgJ+ZAk3jEfuh mVl0fljBneL69ATXedqU0nrlzhy19nNm56cZEE4ZpcLBuVZcFwVCbqvGhqHxGzcCGUoLABYn1xAM+ WFMLnr57LZG59otL7Qvglwspx2SLgnSrKZ0KyLkYEyuoC6wYJ4/UvBUhF0q4VdrApsKA3CAVCo1lD qSJeTB8SrBt5MiMiTqIad/nwFv0Z6OqkOLPylfYYTej3aiYjw4u49WgXFthdUot0wSrcfvze9Ke59 GUgzSGq1WvQwQTYcIiDfFyfX9XG3y7RhbRFTVcQKRARsIynkyTPPgzIkAdvuIZ/LG4VE4ABB5p4nA em9zW82Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5ON-0000000Ej8B-3nK4; Sun, 09 Feb 2025 11:22:27 +0000 Received: from mail-ej1-x62c.google.com ([2a00:1450:4864:20::62c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DE-0000000Egaw-26tI; Sun, 09 Feb 2025 11:10:57 +0000 Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-ab744d5e567so668364066b.1; Sun, 09 Feb 2025 03:10:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099455; x=1739704255; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=mSCvlQ1v1fArBLzbX7fASjmEbPS81YJB+T46ehBzLJJ9evpjR4BLVwjE5hwpoTbhKJ k70FEX23o/pcQamr31XNcLAQF5QaTiteu/FfofA5aIS25LMXJceKZtRdX5sbbCJvPj+K jmYYsEkDXXY2Odt+H815PDLVPVMuzvdfArQi84RYCTU6XhICY6pByf24nwpMREsDUQkC sNEH/hYiJbLQia2JlIS3thmDmPt8uhGvB5DqIW2Hyul34L8sTk6vVnRaehFyU6HPXLCi Dacu+zBvqY1ubWJu6kI+m/uWkv2vz7l/k/sBk4nDP3WO2widtD9cVZeg10rDU8PyMmpB +JVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099455; x=1739704255; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=iv1K/rCoYX3jmKPCntz5EMbrdD5Y6LYowd7wwUm99u7Ht7EonTAonGz71ML+COG0YM s5vJbioIdrGGb9UgtjEaoMDqISmX5qw4Q3V3Dzp6THoGIo6EeU7JL5ulzXgw+eZRY3Oj cnl++c4Dem/88JfgkOjYREdnIA3pGJoDGzJwSuf0rPAz6t4w1aSoVoURALTNwUQURkPX ieP4x3SWRo+gnHZx+7g39FYeUSWzyMetPErbaaH/BVwT2OQDAF2kVS5zJAfEnUPRgh2H 7VUDRXVM9dpH+ftHJPbFDqwEtGFroGlwsa5RSjfxD4yC9YFl6/p/UBZ6pTTg54tuAyaL L8ag== X-Forwarded-Encrypted: i=1; AJvYcCUv6u/lb2/oCLziw69g2pxhmgm2hmUHNMqoapKD9V1t9t2NsfHeMk75iFU09p0EsN4y0x98tkf7J8J/atDxOyQF@lists.infradead.org, AJvYcCVx3TDffm9UNjm88iSh9UlgKcUbTYICMLMlZGYx29igEa8aprcbWfmCOAuCpKPlUFfyQeyReEqwSljQYZl7DeU=@lists.infradead.org X-Gm-Message-State: AOJu0YzDdHa+oRw7dS182UmP6IqA8cU1txJIytJfrYJ7jBxtUEfS9M2o +XXH77mQZG8oDsuGu36V3CZoYgWlBH8GENalXwQW9+jzHH2+eCfM X-Gm-Gg: ASbGncuyae2w9v9vF73FUy2ICzULj3jUhuOe2MyX3Jjl8KUrNAjMm0Fzluak3HBArEO Jsdscs9sZQDVL8AImaPB54vAvSqjxzn1MXnJ8hiyDA0KcX5dCcdUg5A02F/Wy4AffhS6VMXwFPI J/txqxcFDCfehuQOoyLSOzLd6JOcnXvv8d4p8Kt5+dmeVNCPBeCPd+kqpY2ud3kkf3NcgQebJb9 3fYGpHxPcjVMZ0prW0yrPcxdIRTNYyhhiCDhMa2oJhnNMmVhX2CwCLuX4gtdH617oFSYZEPsWcH P2Ndj7kxS5ni06KV7VosmD2JySiO/uNTd/SAoHIC8VfRos80SnspWyRHkBbNiXfBfesPYqiULuV Nlmnn253asasLHrdgJVOWdylJVy12Dg4Z X-Google-Smtp-Source: AGHT+IETHQR7T52RBo2+4AcJP5+zLkS5jFUxhqgYRmiNsDGC4K0ZODmmfPCzwNhYWr95O8KmQOhA2A== X-Received: by 2002:a17:907:ca0a:b0:ab7:a318:611e with SMTP id a640c23a62f3a-ab7a3186356mr452158166b.18.1739099454708; Sun, 09 Feb 2025 03:10:54 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:53 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 07/14] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Sun, 9 Feb 2025 12:10:27 +0100 Message-ID: <20250209111034.241571-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031056_551800_F6BC6ED2 X-CRM114-Status: GOOD ( 10.65 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index 4ab32fb61865..a7f5d6166088 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -340,6 +340,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index d8f7bfd60ac6..3cc30ebfa6ff 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Sun Feb 9 11:10:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966802 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BECADC02199 for ; Sun, 9 Feb 2025 11:23:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=uMRMddQbzryokNMsY5LA1MWYCs UrKx3SKcKGeTAPeHMfCObjotvdkQP+WGLt/yzr7Kt1/34omAlCSgST3yH+40njuswc1jar07+tP9Y F/IOZH0jc6hfjLK7mCVwmbVReUfbTZaRqAsdEERd3S6vCEUy0Je03+1VhY2l8aRaVa/B8MsCqMZT5 1rTteuwxGyd0h2ePjtj9ANSuZsEoqnTxZWtJCCCNQliwE7FbI39EzyVAgkMznsNLWHtqCVhm4gYG1 G1UAe4KMQgWeuUnXeaWsdW8OMdIYmax5rC8y5DZLOKfMzuR59901sIX+rBv5WnMLhD3cugFFOxlcg c78+zLgw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5Pj-0000000EjJv-3Y3e; Sun, 09 Feb 2025 11:23:51 +0000 Received: from mail-ej1-x62d.google.com ([2a00:1450:4864:20::62d]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DF-0000000Egbq-42Bq; Sun, 09 Feb 2025 11:10:59 +0000 Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-aaecf50578eso684496666b.2; Sun, 09 Feb 2025 03:10:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099456; x=1739704256; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=W0PKTWIRheYk6+WTBtkvoILPtC4D+YmR2CLz8wOxkXYU0bN9nW17Vo7k19s3G8F/Eo ci5WN83YhYA7SkEENSgrNgWfw+5m+iBW7Qv/eU0Nzg9XQ+cU99GxfmGs811/aIOZyro/ yd7u4RBZMLrr1cmyP3rWzbg96NJ+lm3Aw8jA+kdt9JzzKFpQLfTJ4yYul4gT0DMfaUjl bvv9QOVVlQsiuKWD2rTptzReYXrkXAhnsVeNhoFXbLC+9U2FMP7HEISUwZEanWnqlkKO 58vWSnS15TSUFjb84KJ0ot9eFPbm9Ms+/3IOx6/gsGnGrsEHwko6p41g6/iTJZoL/sni IfGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099456; x=1739704256; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=MuIhE7PtHPFHI3N2kXYGoRHjwN2W9cs07OqzFmrGGZWRUwhhC837g57/gjS9uLG6PH 0mbMzmGvFGR+rW2bM4IIMY9TO/3IIXdgUqw+ZszhhaFcU73gHbpfEQFWD13njQvxleB9 fw/ul98UzmFj7si+jiYW42Amd4plT9k9/0rtmkXdRL47/qK+WsOFjxfi4fdsotudEWgh 3Yil8ut0CDu5OlCvjhCFsrlWivvp45lFT32llS7GsTTrwYlPYaUgqpds5E581R3IWUS+ 1kuycbhG2RIf1hpJtHMitvQkyrdcZl6hActGQ0ZlhFbtO1Rcm8TIoo3S6usSoF1pIPhF yJDQ== X-Forwarded-Encrypted: i=1; AJvYcCVgWkgYeVrStf0oF4KAOAyF2vzFdfLSJNFMwV4QXLZq0KlLZLLKfycysyFOSLw9c6IsJ99/0Z6KZ1Kpw7vvOBH+@lists.infradead.org, AJvYcCVmsgFEpulLEJt4STGdaAyBdZSWO2lROx954uTUvNlIMAexj/Xm0kd25l6aQg4Uz1a0L9BT2+VIOU1gaEnPPyM=@lists.infradead.org X-Gm-Message-State: AOJu0Yyqs35bwDFD9VBBxMWjqeTLqbD/aaDDjWI8pflBMIbpHF6QfvE2 42xtcrl1Ife+82BwReJSrUonhGfRwI3iK9cnYLE6GFjbblgIfa+W X-Gm-Gg: ASbGncunJiRsphyp/bVzPoav40Gb5GvevBPvPh6ndf2IabT9RBxW5eWob5w9ZMNsPLm UQm4gGpIi3AzB1a1tcg0ceMhhIZlQQq1oZmn/vYLtQkC+IVaACz7qoCUhLRsL3c7LaI3dhU9kDG wP14eX5F+FAHufIyDejDOkEilsYHKSbQCXfFLuuCRCdGcD8A3o7DSjxy6VDxmjIzeyQpwEHiyDo 5c3G1MQA40aT+9Cz69u2QeGA1z2CIknsaPPl7CSDjPPoRm4GE/wT+n8aWSWRdrJvyLS1G//DREZ SdwX9V84L23AXg95vMdHDPaKib83+OLnHxeFbtTzGlJnlZvTumjM+KQ62eoqn+4bGDN+qtiYEhD 1lZ4iiWcoN2iNXOC2n/TnLeslxZzHuRkj X-Google-Smtp-Source: AGHT+IF7fuTwyISchVVytHDMJeeoIfh3ZpQJUt8rRdvlwIphExmlssHSJ85LTIMEOJAJqtrSBebVEg== X-Received: by 2002:a17:906:31cf:b0:ab7:8fcd:1f1b with SMTP id a640c23a62f3a-ab78fcd2196mr966938266b.7.1739099456462; Sun, 09 Feb 2025 03:10:56 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:56 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 08/14] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Sun, 9 Feb 2025 12:10:28 +0100 Message-ID: <20250209111034.241571-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031057_998173_D554FBC1 X-CRM114-Status: GOOD ( 12.10 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Sun Feb 9 11:10:29 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966807 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B9A3DC02199 for ; Sun, 9 Feb 2025 11:25:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=mwAGZF+DrNR85iJE2hW42oSm8J /Bl7wVTr5NML03H3p9STB5NggNAWXOLEQHuyMen2ow4Ur9fz05VK5ZeHpxViYmle8vHhQ72ewT/pK VCu9AxFR00eafof4AA5B/UHCle40iR/yuMw/bzsYYEmRpEiwLT4D+Fh3ZBRknN2ysMbbIKmlSP4pT Glz2T06giHndu2z+9LqJPSpfDUtxXhRADGifrql2iIq4bKxUxyb1Lammni7IRS8R0xhoKcsItZcZm ReJkYhrStRu8r8lLJJmrLwxLS7y22i+zJIQfItEZuX1IKOqi3o3rQHTUzNblGnZtKiSRQrHl+EfZc a8THfOoQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5R6-0000000EjSH-3kBi; Sun, 09 Feb 2025 11:25:16 +0000 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DH-0000000Egca-1clb; Sun, 09 Feb 2025 11:11:00 +0000 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-ab7c14b880dso297866b.1; Sun, 09 Feb 2025 03:10:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099458; x=1739704258; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=VB7mpvtMwzmtqcj0G3tcmK7o4zh/OiOdXowZFh3sg0fsMDmDTjXbOCb41VLadAnfYV oWzsruI76gKYdmInjJ8wFOGuidOeGkxb6s1LDJEI5ALe+ZFgOStGgjF7eiIYBdy8nwaw 8PcTRWgAJ/GF1FjovyBDn7vmS/O+7fsICx4mbYjpdz+0CjF3PrZO28ZpT+QAgGXg4KH5 fTLZiiRAnxK0kjzqaPJ2NV+f8VMc2xmDtsiZrJjNjlgMHCUMYjBI6sOt0jgjZOx69ZR4 H3Si9wZPBZcLNclTtki7r4L1oQw/oHIlHhLhH+zmxV/jlHFQctfNCT61ccsS+NGRG39c j0Uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099458; x=1739704258; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=ui+Tww0flvpMwWZ/v2rxkSVo93hi1U5Vry8U6wFRlMcFTLKVqnAySe+4xIJr2NU0L8 dw9Ylv4ZF983fL5X7ohje3tPluXpfpQbH1OMxWbquKwud3UV9UzsMUDfZYyxYy6+m+wC Jc7zRuiAOS+7BUsqFNW4vS3hpCPJKq6S0JBFp/NI8r3B5/CYf4ReLoEnVzOVxAoXnmUx YaKz6v5ixZw1gHUtx/JFSH0rmSJhOmVjvDu0uq4sIFdhfFMJpm9/zJCNj5C5dyY5erlz UqoXbUQWNhHTCUhuCsloLkf12ylMiK3N7eLc4y7ktdjiqpjwRpaw/28iMYU4OKx5ydpO HehQ== X-Forwarded-Encrypted: i=1; AJvYcCU5ipzu8VgAtlAI7Rq4VEYVdSiKsYAgGVNc9wneuohjx8utnjKuWzLtLcDhiF4v/4Jbio3QnvmisErTXd9mlyU=@lists.infradead.org, AJvYcCX8MmNAQf5g4GW82EA+cOJFIsArb17kZ5ppeC7s6MOW98ZsiEbEbdi0T6zdu3d49ELk1oXyQQSxhP4NaUI9yXjI@lists.infradead.org X-Gm-Message-State: AOJu0Yy6zQsZ+y2X80h4OxdSXFcuRy/UYEqdmESrHoMb/v8n/a2FXhFA /FEEzUZaio4By6k3VDm8czearxBxpQr60kFJ41yhUDRZ2LsoY7TI X-Gm-Gg: ASbGncucyWGKHZZcLDqx4hQBgDnWmQcUFJG5jHMepgAmCWD5Z1gc6pKHVWRAZbKFB15 L/10petWaaGbbbIPdMbe5YCx+0s0IN93uA15G/3+LOkBCMO+3S9ytQ0y94qVmjiDEHTV1gm1soB Qd5zSnfMSfDEnnYYUCO9wz+pEG0jfY198sFmiaGwnUCtD/wFtmfs3DZNwxekJGArgtdn4rOno0J Ym32S9yKasbK197Tt1XQ5yRZXYHD4tT5jOpmSQbMJa8G3rfFXkvfXV4I4wcFRB2CEVRpp3hPRK0 rjVH7OBraVmqjHEhTCrfGhMi01DTLGxOzX1oFGOeO/fKZREFzX2k8XzOliE/pOyqPmW1YNrR3zR OUw4t62uag320RgL+41F589hRl1OsM9IE X-Google-Smtp-Source: AGHT+IFLIZqtdyB586XGL7BZF3ltsD3dhHx63zKrEdsvwLszqHVFUdLBJLGnB6J6lNIv2VbhyBQi/A== X-Received: by 2002:a17:907:2d91:b0:ab2:b863:b7fa with SMTP id a640c23a62f3a-ab789c1ce64mr946683266b.44.1739099457511; Sun, 09 Feb 2025 03:10:57 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:57 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 09/14] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Sun, 9 Feb 2025 12:10:29 +0100 Message-ID: <20250209111034.241571-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031059_426623_127C1681 X-CRM114-Status: GOOD ( 11.26 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 5ef2f4ba7ab8..323c531c7046 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Sun Feb 9 11:10:30 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966808 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0FF10C02199 for ; Sun, 9 Feb 2025 11:25:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=S6kxtShhsdXkehMNYuFP7/CXv9 +ddC8vYQHXWoBfGVoQzYfR9/710NgzEH2hgWrH5hHYD7Bp0IMhuquaZGVzj3ppHx+27oK7jH7/7Az /LsoEdWM+qi6GuUrtJ9kY5Q92awGJTyDz9+zQG2FpPQWcGWl9+nOzGE1jUi8cICsssJ8p97jzr+5l Fc42jj7R41iOgdL+qYHUgv92z8ymIWI8EJGfVsbbkDfztgiiPI8rTJYzaPskvCX6ObegPsyAZgZue C+UgzNeQ8XuxH8l3rqmAKqJ+hZu+4bLQoAauTH706XtQ0f8aWPb4WsuoNjOs4YU+0CsmECn0P8JkF dpsXvyIw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5RG-0000000EjUs-0xHT; Sun, 09 Feb 2025 11:25:26 +0000 Received: from mail-ej1-x62c.google.com ([2a00:1450:4864:20::62c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DI-0000000EgdH-33ou; Sun, 09 Feb 2025 11:11:01 +0000 Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-ab771575040so665152266b.1; Sun, 09 Feb 2025 03:11:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099459; x=1739704259; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=CzRR7tljg5u++HuONKShmvWlHsHPokQywrg0eZVSvCO/weJkI3h89hYUdsUbzXq/7D X2ziV1MmQLzA0iOzCrwOHAhq0JBucFylKxFQkYYia8UD3rmSD+d0kvvOIXoHRwvgzQzj biwKiQHkwtVb8ze1FWZntISPay8syrouW0KwwGu9/dftkIaZDfXMoC3LrNNLbzUU6iKx ztfMRqnRnpZQhuGNE9rS90Z8xByvzRQsMb+8k/l5XUSqhyIF3nR6C5N5Y14zhV+6VSXJ B8gSOfa02iLiLY328ikanaYw0Try6+bqgk5huQrnWQ4iHGnopztwllDxu1dxEPGtn4+d AhUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099459; x=1739704259; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=BjjgeFXICyVBeon5ExmCzg6jOaULIDn6hCGf79OaMXR9sGlDDtjE92YJxV8SkGeLrf losu0ZDnr4NKCS3MFJHonG30DsojtswSkGBkTL5p6Vy4nBXPb96Rf8nm6+4mLCssh3na vVFfCKaHrTc+URDTDGcpKtV62ZHVKiiNKrtTKNmY9HOO61r0PYmVyYadH1a6n5HO5xdR oRU0DEmKush1rz3bVBQHW/JCoINCben+lbDGuCoz+SO025GySOp5O3dlDIps7DI8Ai9E mqIQlGq2yDC2RgrghWn6K7pORXoo48yzN2vroPxdzTju7K3XmOSdwu6bbTHHshoWsQFM Y8QQ== X-Forwarded-Encrypted: i=1; AJvYcCUB5S/dqeYWZvSb3HKFAF+/mcB+BolN7XeXNW4euwrN0WOh7FPNd1K0UUEBZMKX4fw2sDFvUjEXhmgtMhYyCX4x@lists.infradead.org, AJvYcCW55oP7o+jNpI8N23zVTOVnKFBPlFuoOgSzTbXhFXxi2kKaUBcnPu1XZ90C2wkiilyJ4Y0pvoCAP4uAy9JOMmQ=@lists.infradead.org X-Gm-Message-State: AOJu0YydDUQBoi7WVCClfAmVaoQFpAp+t1SZLkF9BmK6QQvIe1tgeF1O ArCJcp4RrxbO8scSZH9xLKJGEX8fxSXnGbVOx7zoQrdsuP2XtCiM X-Gm-Gg: ASbGncv6A0oukPtiGHbfkbVy1P5JtLd9Vgas6vQDZ6A+5TlYBOOc4AG93AMtKJfXffT nWX46sKSN2zIbIclvAOKbaPYdUP8PjsNHMxpmo19qhDuGST5DRboaPsVvckqxz1EumQeI9Lhy4U todbykfov/zBa8fldB1EEtuMfKiNbd2p2gAuYxM+o5UZw4n8+T8xGMi2HbwHztK5xaVGdw9omht t7XYF6b8DHrVFFj/ZIW4xm9sJ+gx3GIRSMgpCcuDnyycoNMAyg3/TachNCp6+koMDtWqEGHMErh jhSomlW0o+R/PjeLIPYp6nGea9DseCprMS3FuI9kSMIQLmgeSKhVBY1uQbzIo0oc+Q+WTrTMHCn XuGNqsGLgTIxnd40v2+uQ/d1EaW/7VZsZ X-Google-Smtp-Source: AGHT+IFJaFbx7ete5KJozyvNC8/oWulX5RI94rWh7h2VsoTHF0Lp2lI///kU0TTT1M4WqEm7capUsA== X-Received: by 2002:a17:907:9719:b0:ab2:f255:59f5 with SMTP id a640c23a62f3a-ab789b4a40dmr1114278166b.16.1739099459229; Sun, 09 Feb 2025 03:10:59 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:10:58 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 10/14] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Sun, 9 Feb 2025 12:10:30 +0100 Message-ID: <20250209111034.241571-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031100_781972_60B321F4 X-CRM114-Status: GOOD ( 12.74 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 323c531c7046..b9e6d9e6df66 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -105,6 +105,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -117,6 +118,10 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, i = stack->num_paths; break; } + if (path->type == DEV_PATH_MTK_WDMA) { + i = stack->num_paths; + break; + } /* DEV_PATH_VLAN and DEV_PATH_PPPOE */ if (info->num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) { From patchwork Sun Feb 9 11:10:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966809 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6AC7AC02199 for ; Sun, 9 Feb 2025 11:26:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=x342s989e3SqEpDprSMMdkIM/WvPO0edPGoockwe0Ec=; b=S79hR+eUeyVwvIJmnZLJHzBtBH +3gFqWsf8Y3qZcDO5Hok93W1oRhNSGv2+jQmhKdLPO59XzQcHlgsQvTSWLngeZjKeVynwy8Dh4qDS TnuDebshv4fGq1KXxtUJXw0xGQTtPkzpYmXMHebu92WHwKxE43WXpm8Xb2f5ogf3fL+U3dT2XmScA OXstt6TNLZuTis1VclwbxOJ2a6UZSUoNwQKm1JAHEh0IlO22I5OCwY9U/XLqXVal5iTtitZGGKOVf 1D2rOGFgUjF7Lt3HEcGJN98X6pLRuB0DoGdn1yMZlbe/IOPTo+GxOKiHKqhEE0JKB9IkoD7OTiMIO IJYtBV2w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5Sg-0000000EjcT-28Wz; Sun, 09 Feb 2025 11:26:54 +0000 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DL-0000000Egel-0RPf; Sun, 09 Feb 2025 11:11:04 +0000 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-ab7c14b880dso303466b.1; Sun, 09 Feb 2025 03:11:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099462; x=1739704262; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=x342s989e3SqEpDprSMMdkIM/WvPO0edPGoockwe0Ec=; b=BY41/XT6T/7eeXk4+S7VBiTpzWZJwgJZGEFtwrTSDvw/OezL+Sgus2/19kDqkeZ9bt sGtLp6pchkm7dZCTpjrlrsDzqfo2zRaxQIhWmpjs1pInkS5M0V591ELCG+7YT7Eq2BxH 2wSk01fGwNgrwHeLosKYcyzNl+Vwg+9hkkch3WVZyjEyQMJlcZhldJ2BPqdZBln1eoTC E0N99Pr+u3xD5mYJ7BiKOgX36V+U+hLLfm++Z02gpMzLaIMJ8bUzh08rtbTRl0M3VrYs 8RznXl8/8101DeMCaYdhCPKm3Ok4czpw33Jt1ppU25Xa+g/5mCjF8bumWhcvlsObTPvG 5H8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099462; x=1739704262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x342s989e3SqEpDprSMMdkIM/WvPO0edPGoockwe0Ec=; b=ol33+BKs2TkJfigHDImDsbMLz9cZJhYEGg43nl2cTAHp1/Ia6J0dSdg2C4DMASwOx2 9JJ7DGTRvGnta6qfJVqr9KnuHDu+ipNMbOBvqpvRshNtafaycbRkiJ3lrQG5+L2/1U8z Opvb6HtDW9C8VOHHkVY8p64goTjAST37GMXgLx6sZ2TPcblODQ6UZ5PNdxZfJKrguWUr r5ihQtvlFutsSAKsicQCBu6SxO7qCnldt25trp5xXBoK78ylx0ryIqxY64c2jzE+/81I srgUY7FVVza6u70ROOezGgUV0WWdxdcr4xeyBLxmQ6dVW67dNCAzwmsFUj98F4Gzn3HP OT1g== X-Forwarded-Encrypted: i=1; AJvYcCVCNxr5uqidbRwo6H3ZJmR2yWUpucjer1oExFJKbtAHGn8JHG2D7g08p1SM2lJesOseZ4/15mhPlOqNQ011CTW6@lists.infradead.org, AJvYcCVg5LXfjmLczLA0gEX42+kztdkgG4FKBLo/6diYvRz5mK1hGGVkvAs2CU1TV2sX5hIUBlIMitQm4UTAkIVfuME=@lists.infradead.org X-Gm-Message-State: AOJu0YzgDyuW/zAHp959AenE9efn3eSyDTb+3ti0Ru3oAaFQ4PfMc55Z zJVVv/oZmQ40KNVEsxBHbKxROgVOt7t634dWDTjLW9dJoZpqhVxc X-Gm-Gg: ASbGncsy/LW9fWwelRWnYk0r5Y81C0/aw4y7QbgJy4JgWNp7v8FUMbUXNzVs4fM5aMi Bi0aGUlwxjG2GQ+b3vdTsCDXPRPCrnQX9SIfJyUdxOw9ShweTwikIWmC2N2tS4qSUdmePzUpSFW 2Cl0oTbvVsapaJAqZdVEhoMBd8Ot4pcUyABGn71NKlazILr3i5m7QK0qArVASObqOnxn2x6SJjH v/f1gjoz73vvf78eAsTu0uITP5P9OeUL3qmAeqsZyPIrcOPbfvriCNiWrOL8ahwaRl8PTRY9QVb i73bjuM92X3eNJcF7+FVEsOvY3k2IU4RKCCNAONLHIUzFFVSlWCmjLmnBqMvBS1F1dO18mIXh44 wq2h87dSBUB4seEWOZ6GV57G6wreZ+pZx X-Google-Smtp-Source: AGHT+IGzFOqbzdxNGu8XFTKkecQMR7PLLsHBIzTQkjtLs9gLGZn/h4ghB6cukLwFR4KP5Q7Rs/NF3g== X-Received: by 2002:a17:907:c283:b0:aa6:66eb:9c06 with SMTP id a640c23a62f3a-ab789a9be1fmr1119975466b.5.1739099461657; Sun, 09 Feb 2025 03:11:01 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.10.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:11:00 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 11/14] netfilter: nft_flow_offload: No ingress_vlan forward info for dsa user port Date: Sun, 9 Feb 2025 12:10:31 +0100 Message-ID: <20250209111034.241571-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031103_149882_8DE85E6A X-CRM114-Status: GOOD ( 11.34 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org The bitfield info->ingress_vlans and correcponding vlan encap are used for a switchdev user port. However, they should not be set for a dsa user port. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b9e6d9e6df66..c95fad495460 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -116,6 +116,11 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; if (path->type == DEV_PATH_DSA) { i = stack->num_paths; + if (!info->num_encaps || + !(info->ingress_vlans & BIT(info->num_encaps - 1))) + break; + info->num_encaps--; + info->ingress_vlans &= ~BIT(info->num_encaps - 1); break; } if (path->type == DEV_PATH_MTK_WDMA) { From patchwork Sun Feb 9 11:10:32 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966810 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 848ECC02199 for ; Sun, 9 Feb 2025 11:28:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MLFyWCTCUD6FnAh+KZFSquDAE29p8xniCarl03N5Ju8=; b=aowUPHSIPpf5xR4KF+DeK4Zing A1+A7oZlw2sYvq6l6Q6DbQbVEPCpzyCKqo8KB84yxA8s0QkmdvRwgYKg0Oq2hhrBHHjMSK042QM7U LNOdWf+cTZGirvBQ6tQh1MXtfegnayYd8aQfoHdQInnuJ+MfjoieEfx8qJrg5nz8PF1atp6xu8qW5 rXq2MS5QlJRDmuJVr+qlDndwFgpGo92nYpHrc03KuHW8YGJ2VXNAlznb19N7Zwg1xUTaxf+R340Hv 4maDsAIBUn2dEH5EvY0B4aCorUNzAM6SkmzTImT5gcfVgArQO2s4i1LCDAlFIVm8xhgNix4LI1QOR 3FWWzEJg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5U2-0000000Ejod-2cdA; Sun, 09 Feb 2025 11:28:18 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DN-0000000Egfw-1VAx; Sun, 09 Feb 2025 11:11:06 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-ab78d9c5542so361584066b.1; Sun, 09 Feb 2025 03:11:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099464; x=1739704264; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MLFyWCTCUD6FnAh+KZFSquDAE29p8xniCarl03N5Ju8=; b=Eb7zxJiluq6wYUxumc42d7191dUMsWmjbST2cp7rjDoleYSUw4g/a5l8vMHtS8L0K1 fK41P1MTp2QR4OApgQ8/NpeD/n/dVqonsSi6W0lma5ELCAkF958yuCU5dpQsq+hn2b2x MX/5raTYwfdZUCZTj+rEBcw1jHm6WQqugHATK0BfMqsJy130aIeliD4jgpazABOs8qC8 cPn/BtGAMwVS9wNBuhTXpHn7FdM2D1kV2hLpkFj5TI+bcqMQg5xC2NIO/CIcK2K5kVK5 j9j8SkuZcYyDJ0nctjIwfY+LqvRVGki67cxBKAKruoPkAhgyQbcNF8XFwM+a2nsG7i6o b4ZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099464; x=1739704264; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MLFyWCTCUD6FnAh+KZFSquDAE29p8xniCarl03N5Ju8=; b=IftAMAADAoFfhtlSWag+d+EOp0ukpUC8ZhRNxnuWE/k7lkwBmw0aEEK1LQj5YGZmvK HSPO4NnwVaRG/MkwtJaf8iHEBf32pmzmndtmnLgn2+UI8Duk7PL3EHBzU1ZfKXnTO7/r i6nuTcsO2kc7tn9pjMAkFY5W66GfIRmrn38P2ius00pX8/99dzEmow/1lYjJyVKvRdGo cgiUyoeIqtR2I+ophswPkYRtEP7XC5PaLPi8dqW6R6J0lnBnmxqyXoXwVS75L6USgidr kWAHNycDEi2LkqQwajBceUQuo1HfblgDhOQAMRe3ItDlXiHzudbVF/g2NjhjklKu5G46 dfIw== X-Forwarded-Encrypted: i=1; AJvYcCWOBKVf3zFclFQEj/VCnlAPsBbEEcbSvyfrT9pSS0HJbcS/e+BOiTM5HE08cU6ho8ZQiNA0UqA3z50HMFh0CM03@lists.infradead.org, AJvYcCWmi3up0S0bYsRtS8ovcnNr6J2Q2m2lVV+MatN7/IOmHCwSynQnHDRYuLLlrtCLLhuHTn0Q3k2yqXj0sOzHTMM=@lists.infradead.org X-Gm-Message-State: AOJu0Ywlywsf+GuXGF783b+XIUN+AwKvWGScOihKZ9maSSjpzMSVOmdC hL2RpQ3h/iiAbSRnQ/fN3ZJpKPZtAeOH0JDDUvR0/SrDfhjctvnu X-Gm-Gg: ASbGncv8NhpPfAahbqVEkuQ91cpoXJnKqbkTqedmpWU/eitaHe797agRvHlLavDal5w YcyjYJqgnPFHq8S+MPYwvPDnsR40HUzcWEf0gPA2fjktfd2Bh4mrgHzk8UCSzntNzB47A3i8sed 4m1YpVQyxRYzR0XcaMs4eYXs6DQpOZF3pWZ/jcIUiSC//UB3yVgpPgZpKPYeSrV91QNoy39nl2H Qs9+3CvEqxUMiuMF5KX8X1UDHkSk+ukV+8L27VRqW7D5qrbg/SG/zHXilgCGvL3/5o/Vg0iBLI/ iXUakDiGQL49xNdGpXYrpTaZ8QL79cEbKE+pqe4T9xMQkZ68BBXBcSZFOZp3AKclrAVnIUkOGyR X9nF7AUbHOwktWVVdX1r8WSTGqMfv2veB X-Google-Smtp-Source: AGHT+IGN8/DQL79zfdxqO4LqCoTnCvHIJd2uCvtrisnz+3oFM0ZFwhG8ZkytPuFS7pOFlrgKVEXQFA== X-Received: by 2002:a17:907:7f8c:b0:ab7:a48e:baad with SMTP id a640c23a62f3a-ab7a48ecc06mr470923266b.4.1739099463484; Sun, 09 Feb 2025 03:11:03 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.11.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:11:03 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 12/14] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign Date: Sun, 9 Feb 2025 12:10:32 +0100 Message-ID: <20250209111034.241571-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031105_397819_B887C734 X-CRM114-Status: GOOD ( 21.75 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. The same problem for all foreignly added dsa vlans on the bridge. First add the vlan, trying only native devices. If this fails, we know this may be a vlan from a foreign device. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG_HW is set only when there if no foreign device involved. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/switchdev.h | 1 + net/bridge/br_private.h | 10 ++++++++++ net/bridge/br_switchdev.c | 15 +++++++++++++++ net/bridge/br_vlan.c | 7 ++++++- net/switchdev/switchdev.c | 2 +- 5 files changed, 33 insertions(+), 2 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 8346b0d29542..ee500706496b 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -15,6 +15,7 @@ #define SWITCHDEV_F_NO_RECURSE BIT(0) #define SWITCHDEV_F_SKIP_EOPNOTSUPP BIT(1) #define SWITCHDEV_F_DEFER BIT(2) +#define SWITCHDEV_F_NO_FOREIGN BIT(3) enum switchdev_attr_id { SWITCHDEV_ATTR_ID_UNDEFINED, diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index a0b950390a16..b950db453d8d 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** @@ -2184,6 +2185,8 @@ void br_switchdev_mdb_notify(struct net_device *dev, int type); int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, bool changed, struct netlink_ext_ack *extack); +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack); int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid); void br_switchdev_init(struct net_bridge *br); @@ -2267,6 +2270,13 @@ static inline int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, return -EOPNOTSUPP; } +static inline int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, + u16 flags, bool changed, + struct netlink_ext_ack *extack) +{ + return -EOPNOTSUPP; +} + static inline int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { return -EOPNOTSUPP; diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 7b41ee8740cb..efa7a055b8f9 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -187,6 +187,21 @@ int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, return switchdev_port_obj_add(dev, &v.obj, extack); } +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack) +{ + struct switchdev_obj_port_vlan v = { + .obj.orig_dev = dev, + .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN, + .obj.flags = SWITCHDEV_F_NO_FOREIGN, + .flags = flags, + .vid = vid, + .changed = changed, + }; + + return switchdev_port_obj_add(dev, &v.obj, extack); +} + int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { struct switchdev_obj_port_vlan v = { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 07dae3655c26..3e50adaf8e1b 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -109,6 +109,11 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, /* Try switchdev op first. In case it is not supported, fallback to * 8021q add. */ + err = br_switchdev_port_vlan_no_foreign_add(dev, v->vid, flags, false, extack); + if (err != -EOPNOTSUPP) { + v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV | BR_VLFLAG_TAGGING_BY_SWITCHDEV; + return err; + } err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); @@ -1491,7 +1496,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c index 6488ead9e464..c48f66643e99 100644 --- a/net/switchdev/switchdev.c +++ b/net/switchdev/switchdev.c @@ -749,7 +749,7 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev, /* Event is neither on a bridge nor a LAG. Check whether it is on an * interface that is in a bridge with us. */ - if (!foreign_dev_check_cb) + if (!foreign_dev_check_cb || port_obj_info->obj->flags & SWITCHDEV_F_NO_FOREIGN) return err; br = netdev_master_upper_dev_get(dev); From patchwork Sun Feb 9 11:10:33 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966814 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5E664C02199 for ; Sun, 9 Feb 2025 11:29:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=21wGozzdg/kg90PQGRE5o7in49y5R5W2VgpxxyORYJo=; b=AFhXvhmBMP9KMY4XOJaKJYYiaS qxJMQJj5CURexY9bUTjePuUcKRUHdyn2eym+lBXR+4TdR+UZDhljqn2FRCYr2N73M1EigIDUJNBlA 6KDvjkX6qyyY38DVXaQt4mczUnDJqK/dgua65+hOaKiSi2SAK0sQq1yBR/UakDXwhkbKnlnRBpFVj syXPJPWfNKAQ0paXETYMT8xGQEo8mPf58xebqgMuT3L3ZQwGAHtLk8ZdRZKIrnFNqziikv3rDM7if YkxpiLVx+N5vtjPksaxdwI7avzd71Vt1w9Bureq4lypbn1/4L1gxwN/jF/Oc+ovG8t2V3pFXc3aIB EZKDWT6g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5VP-0000000Ek0M-2OXu; Sun, 09 Feb 2025 11:29:43 +0000 Received: from mail-ej1-x634.google.com ([2a00:1450:4864:20::634]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DO-0000000Egh8-3yYm; Sun, 09 Feb 2025 11:11:08 +0000 Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-ab7a4b40cc1so188369166b.0; Sun, 09 Feb 2025 03:11:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099465; x=1739704265; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=21wGozzdg/kg90PQGRE5o7in49y5R5W2VgpxxyORYJo=; b=YMentjWm+GqcYeBECQ39HTjaCod8Lc2ou7qsqWyjB9nnhiBjFoS1iXnpCbekT9fTp+ JIyyht5YJs5iDWUvMoz7rlIWebZYjil7gLuVa8zrJ/kDXsxTlCkAWRx/IbYkPxSUAH/G d5d0u2e2rS7p5STlIgKx1V2rf9onMd4yED0Yq7S2MSF5ZKiKLJBTf8Ofl5Bpuzg3oCpG I0YNuhMViUGzMdVBNZGjgKVPMMF589Ms5kkHQkETr8sgZZH/xz7c4K/nLKkG2nmXz6nd SIJwfv4/S1VLdGwmFkrIZs1pp2iZxVJN0BOrNxaZGjzdMKk5Lx2ZeWxbwAuIuC0bMAMB s2WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099465; x=1739704265; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=21wGozzdg/kg90PQGRE5o7in49y5R5W2VgpxxyORYJo=; b=gFYxL0ouADNqlQ/90DKPzS06hCM/ag4qTb/TRPUjxqC5lSCsfod8tVnWlP2882EqP6 BkScjQPQPBBBgkza8fiXzRayfYi9SGT7/p1Aa5jMc8JXm8IwGm2eBz9nth8GG1/ycTQl lDK14x07rJVZ+G0pqDuMWJW5ppVAORVuNCgHSqWblhwBGWHyavTfCjtFW+rnN/ZgQ4jh RhL5754sxWp1MOtjvMCVOhVHpw+1vmccGqiwVn1GheTDWktqvO8manEJXE+f0IiGje9m CvjTr/L4nhLGZyHQvibEogBYnxgWap+gTfexPu89ZPJaw4PgkOdUgQQBrpufnvgYw7FT iRNw== X-Forwarded-Encrypted: i=1; AJvYcCWc1wjhYdfKqQRs4edDkZh78Boegl+/dFFszeYYFTnjli7bFr7wPSd6Oqu50c4u6G5qsTsSN86wdgGq85Ivcalx@lists.infradead.org, AJvYcCXNKNu7deNT96L78NGSJ8PoIyYcoVOIQu9//AiR8DeZOJU400z3ECDj9WWcn623GqNjPiAHxhfRLl6iNIyUYm4=@lists.infradead.org X-Gm-Message-State: AOJu0YzFZW7gTnV4M4q/iCOEZtUgLEWFEhtsDluhojzc3xPftQ1Fc+t/ EgQOcRV3KelB+uhwvkweXCdtl2oLIclFF4N1BEE148I+TKM3zIKB X-Gm-Gg: ASbGncvDybOXarmNhOe8xKOQtq9fhlxNH0E0cVYBdqQEcJ+4fK6TV/PWmteiTq8nZ3Q BeW3gLu3hvoiLB06AwDViyTlZSUAQifPMi+eAuk7+KqqrAkt8TAh6PV3oMGQPVJR/wCk6wqH10Z Tzx55I3Jc456a1W+l+uGSiCqIwKl5lBKLOPmAfcPx5Xmq/GogtmmYAo3vacLl7QZRVs12wimQNN cQz53L+2wIeZfjRqPPtHfEpNLNEf2m2tEK4d6kCGpC1kwZPrNLMQSztkGHSQAQ5/5xXByrzc1yY YfKRdWdKtoPP0ezSm1fG79R5gZakuqSif3/x0GbgU45mjPaf8TfnYGoLBHqFNvSt7iQZWePlu65 88Y6dmkv2N+TCxDLxcCHnNXF1V7r0+CB3 X-Google-Smtp-Source: AGHT+IFCN56S7YNhxymBxkzw1XBWVzH4BKvgunr9+9DooHHAtJHeUPUaPpWkQeeGjmJ70qNtwfqBzw== X-Received: by 2002:a17:907:60c9:b0:ab7:bf2f:422e with SMTP id a640c23a62f3a-ab7bf2f54cemr32650866b.27.1739099465160; Sun, 09 Feb 2025 03:11:05 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.11.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:11:04 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 13/14] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW for bridge-fastpath Date: Sun, 9 Feb 2025 12:10:33 +0100 Message-ID: <20250209111034.241571-14-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031106_994946_5C95B515 X-CRM114-Status: GOOD ( 15.36 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This patch introduces DEV_PATH_BR_VLAN_KEEP_HW. It is needed in the bridge fastpath for switchdevs supporting SWITCHDEV_OBJ_ID_PORT_VLAN. It is similar to DEV_PATH_BR_VLAN_TAG, with the correcponding bit in ingress_vlans set. In the forward fastpath it is not needed. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 1 + net/bridge/br_device.c | 4 ++++ net/bridge/br_vlan.c | 18 +++++++++++------- net/netfilter/nft_flow_offload.c | 3 +++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 9f925dc3d1d1..923dbfc589ba 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -869,6 +869,7 @@ struct net_device_path { DEV_PATH_BR_VLAN_TAG, DEV_PATH_BR_VLAN_UNTAG, DEV_PATH_BR_VLAN_UNTAG_HW, + DEV_PATH_BR_VLAN_KEEP_HW, } vlan_mode; u16 vlan_id; __be16 vlan_proto; diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c7646afc8b96..112fd8556217 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -430,6 +430,10 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, case DEV_PATH_BR_VLAN_UNTAG: ctx->num_vlans--; break; + case DEV_PATH_BR_VLAN_KEEP_HW: + if (!src) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + break; case DEV_PATH_BR_VLAN_KEEP: break; } diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 3e50adaf8e1b..8ac1a7a22b2e 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1494,13 +1494,17 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) return 0; - if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; - else - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; - + if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + } else { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; + } return 0; } diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c95fad495460..c0c310c569cd 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -148,6 +148,9 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, case DEV_PATH_BR_VLAN_UNTAG_HW: info->ingress_vlans |= BIT(info->num_encaps - 1); break; + case DEV_PATH_BR_VLAN_KEEP_HW: + info->ingress_vlans |= BIT(info->num_encaps); + fallthrough; case DEV_PATH_BR_VLAN_TAG: info->encap[info->num_encaps].id = path->bridge.vlan_id; info->encap[info->num_encaps].proto = path->bridge.vlan_proto; From patchwork Sun Feb 9 11:10:34 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13966815 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 04459C02199 for ; Sun, 9 Feb 2025 11:31:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=M9FFMVsY4benF21bI+blvubarE y5WoOCASXtpkczQKmrx3K7zjOOp7Na9fVMBghlBdaMa8NDtAQhE/hcKM7k4BnaVQc/PgTjZKmmHRh KqI4wXkv13wnNB/dePnW3YEErpcgTvkxluONpb3vOklv8g6mwMDBNngpSDc6e9ORPSOhpiOxZ7OIv cNVtcCirBP4XpazPnhHO4QWLoehq1VJFF4dASSloo4rOKBxRjupPWVVxG0xh8YxZLHyKUHx0uxn4V +LKmACRLp5a0j+YFG4fv+YrK2tp0ebp0+NopekB+B5obUjKnuhP+vkV6xmvlm+edsJMSSJmbFWAVy M2FmkK4g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1th5Wm-0000000EkBb-0fng; Sun, 09 Feb 2025 11:31:08 +0000 Received: from mail-ej1-x634.google.com ([2a00:1450:4864:20::634]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1th5DQ-0000000EgiI-27Kp; Sun, 09 Feb 2025 11:11:09 +0000 Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-aa67ac42819so542794166b.0; Sun, 09 Feb 2025 03:11:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1739099467; x=1739704267; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=MT3QeS9vh9LlqAG1lZyjfYciC92evBIjcpDMjwe2xKAROS6nUR0LMSDsv0qu6i8Jmg EIt6UAy4q2FbqpXxJTgrt+l+cERJjgUPbc+envWLAd5l+u6vbss1sCb6chgxFxphjX8x wf5dlarCkFhdtcvbMAqSmEMj8jJ8TLH83WM46i6klzcLss7JQtssta3XJPfab8/sBYox Xr6QuZ7R0h5H3W8CwQ/1gOjmADPRX3wE2KgwXW0K4NUM0zDDNzvpe8n1mErF94d2KuOW vK8+VMCCzf4R0xzqIfMQ1cmnTUmZKD8Yi/1k1alpBvMvHryFZMQAV+BkqBnf2ZlgVCcn 2+tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739099467; x=1739704267; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=rUyU11Dlfpn98TrM4pMPA9OLGZHr2DY8oDBdPmadMqxk17dHkVvHD9mgVi3nj1DLz0 V+iVIwXHeI2rK9R4MZvqxPAoNmAyYjuVudeEO1F6PQOsZ1bMsKY2DM96voVa7D5Sxk1s 5LzOSvWUSlGP+n9RuuwhOpZZDCzb+Dn+XG/sZQU3uhlCBsDiFBZtDY4hyeEnOFQQOfk3 5iQRDiEPMWWYSvaY3z0oJywlsGans5J4PtvAJcCxwTnjQZGkmPI94yXkfyvR33DJElcQ RB7UAy56MiCDt1b4C9bkUEKHlwj6KQX7guvJC9zm6OdebgOV+4ipug0RQ79tOPsV6vMZ J3KQ== X-Forwarded-Encrypted: i=1; AJvYcCWidBSUyEgSoV49G+/DwCfVwhhqW0I8SStagZfzm6Nk68h3YfhIitViximH79oRLyM1RmtCdj1kqPGcgaEcIA2R@lists.infradead.org, AJvYcCWx2+Bd6bi/aiCmLGNnv25izgnU+xXw3yh+MP+HDV6mF2+Sf8xDdfTPiWBmYkn+oRLvc4p2qMiIHCvkd9RY9XU=@lists.infradead.org X-Gm-Message-State: AOJu0YxbPqwMGRTwVBFTL1LWreM3cqQiSg0yF3USS5cPimhVa5AcU6XY 5FSkXftbaKdkSt6vFMjmBs1HiFz6Z3HN4kfd4HMRdSnRw6LBkLXB X-Gm-Gg: ASbGncvuxis4Dt9Zm45AFy46QwCR652vMU58xPzA39bwfnzBFYaKrH7msp5eDHNxVML ukPZ1uO4FbuID6SKclASv4TXs4fjEAeZhNSBbl2Y37+r9yPWCV7vH6Mr9h7pIeHikB1iPABIRQE 45tJt+etAbPxTO20SQ4IxlSBsQpWLCVSeCUbnAwYxyAbCS17K98bNWipORYo/I6TN/80/bHKiP9 aBXwP2ErmNWDCC6m6hu5IJEgBqhY0EXujR3aCZpXVSSNTc3mKA196JROQrkDmybDBqYjZxTc/vU z8ol+IrthRmlAIKdlnkZHjvVwHp/cj5ZNEx02UYUVWgwC5v3jMBq65FyyycJMUQUJhpKuWhAgX3 prIeT9jKqdonU2MKvd6D7k67rD++oC6T9 X-Google-Smtp-Source: AGHT+IGZRF6k7gUou0armnQJpdzdTVsxQVaZTHzDyoIUAwWtfIpjPHiTBin2asf2/t+io5MqclVHSQ== X-Received: by 2002:a17:907:971e:b0:ab7:a1a4:8da4 with SMTP id a640c23a62f3a-ab7a1a49004mr506860966b.33.1739099466925; Sun, 09 Feb 2025 03:11:06 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ab79afc7452sm357516366b.163.2025.02.09.03.11.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Feb 2025 03:11:05 -0800 (PST) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Andrew Lunn , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Lorenzo Bianconi , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v6 net-next 14/14] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Sun, 9 Feb 2025 12:10:34 +0100 Message-ID: <20250209111034.241571-15-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250209111034.241571-1-ericwouds@gmail.com> References: <20250209111034.241571-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250209_031108_558661_20432494 X-CRM114-Status: GOOD ( 19.33 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 142 +++++++++++++++++++++++++++++-- 1 file changed, 137 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c0c310c569cd..03a0b5f7e8d2 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -193,6 +193,128 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_ctx ctx = {}; + struct net_device_path_stack stack; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + + if (th[dir].tuple.in_vlan_ingress & BIT(i)) + continue; + + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + const struct net_device *in_dev, *out_dev; + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + struct pppoe_hdr *phdr; + struct vlan_hdr *vhdr; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -311,6 +433,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = flowtable->type->family != NFPROTO_BRIDGE; struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -364,14 +487,21 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_add; + if (tcph) flow_offload_ct_tcp(ct); @@ -419,8 +549,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: