From patchwork Tue Feb 25 20:16:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990924 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 45528C021B2 for ; Tue, 25 Feb 2025 20:45:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=VGr0DGFtdF9vUQZNuQxbjKzErqMA9pCa8F2vVWAZr6U=; b=LGT0TSaS3AZOgcFIyQekoAv0sC K1vLOJzJihtkcXXInvqNnE54raJcLQlEb+z/URP/wt7kWW1T/HAFJNyfgNAgky2jQBDuHNKhaDpAE c/dKZbdwpUH8xSiKWzaUYpInxkNntx+Es1ucuOBGa30umXsOBZKIHZyO8l9i4dr4llXVCVwGbSsM6 vK4DuHv/H56lEEE+0G91dMq3EjXeAALjq8oWWGeXVqLjKQsDj30Z2BlRVOehJF5LIFXg3pq6vBi+J yHdHUZqfUC6b7JRAxub1Huqno2qDR1WDdtK2vFDIe3X0PBOZM4inIISeAyGBP27WBGbU6vdzZ9QCK /IbTN2FA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1nb-00000001QJQ-1HZ2; Tue, 25 Feb 2025 20:45:03 +0000 Received: from mail-ej1-f46.google.com ([209.85.218.46]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1Lw-00000001Kc0-3XeP; Tue, 25 Feb 2025 20:16:30 +0000 Received: by mail-ej1-f46.google.com with SMTP id a640c23a62f3a-aaee2c5ee6eso874429366b.1; Tue, 25 Feb 2025 12:16:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514587; x=1741119387; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VGr0DGFtdF9vUQZNuQxbjKzErqMA9pCa8F2vVWAZr6U=; b=Zo10iyH8cbq2IRz3rSsd3v5Vk8pASG9C5s1zi/mxwcgKtV/LGhrl7yWWo3SkWbjVHp xBkOt5mGdz3ePD05v45b7tcJhaWx0e6tE9UsAl+bllj58WUPiiVvTrWZnS9/Cg/dByt/ Ymqu5uUKP3C/9bHD/qB5aVxcCizuoCkIHGampxzuNJlZ3UMAru+8NK9ezAEek4nTdPeJ ilA3Pn6FmZMqbEKP1W4l2vGdszwlecIJ/WcQgX/27mnbOazM14P1Yqe4Rg3rc+AlnJCn q4vsTCblNOIoJxsfVSZpJUu2TcXQa/3Sq8h6/2XevmCpdxvtQSfnmUkoJFOvOrvBnAYc /uTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514587; x=1741119387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VGr0DGFtdF9vUQZNuQxbjKzErqMA9pCa8F2vVWAZr6U=; b=RAoiZQG6shhH4bxGsNUztonpQdza9Ofod6C5tzwSKjKJ4/R+dWpTtLDkUM9K1Oeuxk yU9M1uWLVrlcmtadun5f+pfVIFL9h3hIMBoL9/DmB0NJoClxDtS2TeMHkPklBQpDAje5 1N1a3Ajw+3UdASriJsaVYGw/LKy4Mi0IqcnvBPpJ+W//OYOtmU80ftdzyflp/iiF5rEK bZelC3JoXeW1IRv9Z7gHF+XisjZuOykusn1aRGIBQNBkEVoMiMP/eRigE/XjMGKJOaTF psEKULIl6d+Sep2IsbHjRHEFErcC7h/QGrNJTk/c/9KDh0pZjOqqFKW6TYNblnd88ZzM V1eg== X-Forwarded-Encrypted: i=1; AJvYcCV8z+NFuP1OgYGkC/nx9Uo7W2L8yji4XpRtoyYamSY/4xpVYwp5TWYQDUnNafF3ogSguIO2wXeXI2zK8aKgfBg=@lists.infradead.org, AJvYcCVQHy8VzujWK0SQplkq83NslHjuBnj6q2H4CnsVfZtF6LVzADfpGNaBrwnTq576gzGMhFU5J6ZekDpmWnDdXuFC@lists.infradead.org X-Gm-Message-State: AOJu0YzC0mCWpVjtfZ/oMojit913C5OLIaziQ18yvyjz+ovWVRg0fTRT 3OW+YNoQcT6/qtrZzZTVLhLTyhiPkkFMQQvXdSrJdrpmnudMLhC+ X-Gm-Gg: ASbGncseOMdVZgUGzETv7h0zBtN4Z7SgsZvFcVKqbTgn5DV3VZeQ5mRCpFA+THdUd6M NLzclvWCi82vF33+F/XS+upfS1RbtOuMQTgjd2fsJmDzZBSEY9gZ44BhWgnFQ0GnLpYg5mmP+3s aMnMKj9kSZ3FEpFDhvYgAlEZ2YeqdPDXU0OVl17dNiF06pW50EFXD5eStfcrhgvrwp3ommhKuhk vH0uE7fTjZZVojWxfJl6bvsK2TiBO0GXHf8YF9EvGUrW/jFPFtC5LOLmf9KTLmVPL7Oi40eebq6 rt9oivPhTVDC3mz2+SCgPmBhZlrKa5eIPVPLcsqYgqePWFLYW20UYtp0iTXkHACzu3d/XL8UYdP dJAij80juMghXlPrDQmktDN87XxRzGDdcAVOPJoETTIQ= X-Google-Smtp-Source: AGHT+IG7sLxHYiybRWl9YJCo5iA5Z9C/AE9Kvx3ntJoO+nw0ZthDGzLRup7krhlAo4HpsCIa/bhOBA== X-Received: by 2002:a17:906:30d4:b0:ab7:e3cb:ca81 with SMTP id a640c23a62f3a-abeeee9faefmr52882166b.30.1740514586548; Tue, 25 Feb 2025 12:16:26 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:26 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 01/14] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Tue, 25 Feb 2025 21:16:03 +0100 Message-ID: <20250225201616.21114-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121628_919006_7C1063BC X-CRM114-Status: GOOD ( 20.08 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 8cd4cf7ae211..d0c3c459c4d2 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -306,6 +306,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -335,6 +421,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -343,6 +430,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -462,7 +552,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -757,7 +848,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 46a6d280b09c..b4baee519e18 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Tue Feb 25 20:16:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990930 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B98A7C021B2 for ; Tue, 25 Feb 2025 20:46:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=uPCl/bBozEOkfi4C4Sw+Rqu4M3 w+8HGqaIGgKc/r/3xJQ714nY4AL0pbCi6zgR/6q0a7HbD+tbJlA8P5wajh6sJZH1CufAF9tRxMcBz 0Q+ChMvyreh2J7SH03zZ7nFqr2zJ+iZjCO38cS3oBFR3z+wL9s0f9AzqY6pigdO44BPa/ceyP+q0L 4/nYNd2t7u2zdz54sXXvyFrzctNm2S2HLvaG+E/fkjR9rE/0Cqz5OdkE4IOf6XYNoxmJFZV4h99io XWd0UG8xpzEjgGedbKHXKS1mTehcegElNRrUQcd3ieX5WBgJ4EEZvwZlgSTOTlMmdRHXEuk+cKZDt 6B7kWp+w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1p6-00000001QaJ-2AkH; Tue, 25 Feb 2025 20:46:36 +0000 Received: from mail-ej1-x62d.google.com ([2a00:1450:4864:20::62d]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1Ly-00000001Kca-0rCm; Tue, 25 Feb 2025 20:16:31 +0000 Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-abb892fe379so911887766b.0; Tue, 25 Feb 2025 12:16:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514588; x=1741119388; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=eT00FkwtOm3oNJ4/N70wso75wmv3upA/VqrKVSfZithoT9CC8Iv2y5etI5kilIStG3 KABpx8o1Y6QsIb4wT4KwHLWqc4t8XhR14E2PJalljUtbRqioh9Us1Ql3GuDwAo6GrZ7W yqJp89vHImP8QnxYfU6g3wk+HkGJQPBOQnchuSZhO3TWcCqrq/XbSEK4LaOiRRgusSR5 mXepIG0bVGm5b8EUsjMouiGXfRehVhNtRRskFk9D2ltV6nXCMaNq+9pFZ4Mnw9v/v4bQ CnI3+fHYfua5PgkVqoZ1ZuUM3qr46yM2jLytH/1mHTDBiQZZu6B6gWsXwstATUHPDDr/ fvyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514588; x=1741119388; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=Natv0RXEghkGfDEWA6LNya2yxPFh61C60p1mIXYT9gO9b5XrP1r/rbYkWl1xXYkUX+ 7mm59iXYSgq/qSMIk+450pAHRwvr2V26hUF8Mx5nzhlh1c5Tx8LD8ui7PUAV1su2DZaT GpUYrIo7oBcx8uUlxLK09T27uInSlw8X7V4KMfJOKs8tYkSyAk12SBctI8watPwGOfu/ ysADpLADeDTUN8spLYlaBj5L/zqkf1vEl0rQRZErO5c1H+i1dfL5+Q6dn94x9Ial5MYO D+qwJX/iaCjEUvHtRAHv/8J5qGudedtUoC49HLMvsTMEvxYypv1FwZL2ImdEFa9pYysE zHVw== X-Forwarded-Encrypted: i=1; AJvYcCUzN3esBrujxlQUr42dHPXcwjB1FZbfvPTozpTeXzfXsx3gN/7TanODiM+5aVx/njNRFaq1U1p2jN3tVDGMYRY=@lists.infradead.org, AJvYcCVfacVtuiaTiDLn5mNkgAW0SJYlMqSQgTfhMv1ia1YBNd5e5krV1Q+PFEmMOnt0Lh6Qv/PCjcKYaPoYsXSbj5S3@lists.infradead.org X-Gm-Message-State: AOJu0Yxv1WiqlwKPfsiAForUfn30Py3baEeCfswh+LMBMjjLMTWjSQwJ /3ruiqy4sRVPcAx6IW2/zNxkD4fq0MvIYivyWHl4IfW6FbnQ25l5 X-Gm-Gg: ASbGnctRgUGXIknHKiZJSCE0SDMwY6NsgR9kMI0W0ejUhrfxmOTHp2UsnLMgLSNGngA wou18s6CR5bqa2h/eV2X67dWNKhKvdGugmyyhTt7w6VbQbLmwYcIisoSX5TvbiKEsqXGhQmfDAJ s8exuGqwNS4fECBvCQj/AG3cLcAIJmrKUjsUYke4lDtL10qbVSqetfkQJV92c31eXq7fwoT1JMj bOco/Ef5tgDSRjsY35J51DHlDGDyrGeaQ+RF5XwHKuJGBDD073Aq/wYpnhYDZumf8qnPeyoGPEZ U23vxCUt/1KDUIMrWKuQuPtHtPVgbIG6xtcR+xvUEdB3InimKI+xVFoK/FxcHfB0UClwJp3rQm4 jUg16zPke0pYj2ZBHMax5wXreFGc7winx7tFEy1njpb4= X-Google-Smtp-Source: AGHT+IFi5xh5+qQVymlO946K7Lt3PSU8gs3AiUL8uPpi5lpGCGAduFw1hnHU+RygxLF/r/WZYXOsOg== X-Received: by 2002:a05:6402:2812:b0:5df:25e8:26d2 with SMTP id 4fb4d7f45d1cf-5e444853ee3mr10719586a12.5.1740514588315; Tue, 25 Feb 2025 12:16:28 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:28 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 02/14] netfilter: flow: remove hw_outdev, out.hw_ifindex and out.hw_ifidx Date: Tue, 25 Feb 2025 21:16:04 +0100 Message-ID: <20250225201616.21114-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121630_243470_75023098 X-CRM114-Status: GOOD ( 15.27 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Now always info->outdev == info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 2 -- net/netfilter/nf_flow_table_core.c | 1 - net/netfilter/nf_flow_table_offload.c | 2 +- net/netfilter/nft_flow_offload.c | 4 ---- 4 files changed, 1 insertion(+), 8 deletions(-) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index d711642e78b5..4ab32fb61865 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -145,7 +145,6 @@ struct flow_offload_tuple { }; struct { u32 ifidx; - u32 hw_ifidx; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; @@ -211,7 +210,6 @@ struct nf_flow_route { } in; struct { u32 ifindex; - u32 hw_ifindex; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c index 9d8361526f82..1e5d3735c028 100644 --- a/net/netfilter/nf_flow_table_core.c +++ b/net/netfilter/nf_flow_table_core.c @@ -127,7 +127,6 @@ static int flow_offload_fill_route(struct flow_offload *flow, memcpy(flow_tuple->out.h_source, route->tuple[dir].out.h_source, ETH_ALEN); flow_tuple->out.ifidx = route->tuple[dir].out.ifindex; - flow_tuple->out.hw_ifidx = route->tuple[dir].out.hw_ifindex; dst_release(dst); break; case FLOW_OFFLOAD_XMIT_XFRM: diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..d8f7bfd60ac6 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -555,7 +555,7 @@ static void flow_offload_redirect(struct net *net, switch (this_tuple->xmit_type) { case FLOW_OFFLOAD_XMIT_DIRECT: this_tuple = &flow->tuplehash[dir].tuple; - ifindex = this_tuple->out.hw_ifidx; + ifindex = this_tuple->out.ifidx; break; case FLOW_OFFLOAD_XMIT_NEIGH: other_tuple = &flow->tuplehash[!dir].tuple; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b4baee519e18..5ef2f4ba7ab8 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -80,7 +80,6 @@ static int nft_dev_fill_forward_path(const struct nf_flow_route *route, struct nft_forward_info { const struct net_device *indev; const struct net_device *outdev; - const struct net_device *hw_outdev; struct id { __u16 id; __be16 proto; @@ -159,8 +158,6 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, } info->outdev = info->indev; - info->hw_outdev = info->indev; - if (nf_flowtable_hw_offload(flowtable) && nft_is_valid_ether_device(info->indev)) info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; @@ -212,7 +209,6 @@ static void nft_dev_forward_path(struct nf_flow_route *route, memcpy(route->tuple[dir].out.h_source, info.h_source, ETH_ALEN); memcpy(route->tuple[dir].out.h_dest, info.h_dest, ETH_ALEN); route->tuple[dir].out.ifindex = info.outdev->ifindex; - route->tuple[dir].out.hw_ifindex = info.hw_outdev->ifindex; route->tuple[dir].xmit_type = info.xmit_type; } } From patchwork Tue Feb 25 20:16:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990931 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8924BC021B8 for ; Tue, 25 Feb 2025 20:48:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=VxNp3iBOsYDjj2LRx9z+nSwmgd 0E7TXWB/LvIbQkKHPdC8ON3VL7RCeon26yAtq1MufabSednv/UTd9qVJHMUV//YTRRx7SqyKYGck2 PAvS/NZ/jkkPg9O0YuFrGvUInpbISX3wIWtm+4GozRr/d65BBm9CPUDDdvlMXYeCmPygNUsI1Gg3d rt5e7Y0kuGz/BVpA4tiGDK+TxPGQ3Ypq5Y+7ol7XpBItq6jUWlgHzhDJji3thjGhI5VNCavjYPGyq l0LHMkk+F061SR034ESTCfOzT3CKIgeyG7nwq3Nfl6nvkewC9CVHDnIUFgTU1Bz74AVivCw5kdfwY rT26lLog==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1qb-00000001Qpv-2U4G; Tue, 25 Feb 2025 20:48:09 +0000 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1Lz-00000001Kd3-0e4F; Tue, 25 Feb 2025 20:16:32 +0000 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-ab771575040so31020466b.1; Tue, 25 Feb 2025 12:16:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514590; x=1741119390; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=GhUs+wc89wO7jHlCFQdxY5GIL/uPI2yPPg3GuKyIivbaJGA2+wUMETZbJ4Yu2ekB+R V+nC/4luDoXl9ViIX4kyFmOl2TreUAFBr7UHA0fYkd0Vnw+PF+UQbYbzgShie56yApBV +aDDp9JfvORiLii9lNJitOwv+YFfmX22UFit1WZMFxTnp9O4OxmtFPhNReBpCho3akuC Y/g43+5VXyxjePZRavOF7ZsJZXja2BGeclEcu96XEuY6E3RWdtS7YMKALkHtqaybTS/C C5xdZyQhaIbGi+veUhu9ocoII9hVtW9cZPA2TXlnGVMt61diUMHUZDFNkobeXDr0C8KW hOew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514590; x=1741119390; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=gBUQKSnz4+2REqajXxhwaqKwa2JkbuzDC6MJ9/JwMbXYjEuQYDDXm+fMAL4iIhXDvF AcLZhNPQlIGrgikzXH5qyqExbJvoqBf+7KMB3rMnwsR+k4hMbaMKfoLOcxo6nJ8Kw9r9 wu8rrq1M2ctaHq4w0MwXM6bksuJ0VBqVkAFPBHQ+xbj/z/0khalAHpebRA4zoUMTB1KU OuKKjpd6dufRNJ+zo+y/1wZMYenf0uUl1eWTmg9ACGctxXixX4sSeZYmGiYuCU3Nerzp ZCP/H3jqhCdbNlA+P0eOOQnyTdyl9e1jBlYP5MU3OA+eU87N+rBCSvPkwCFogill5NfB KVhA== X-Forwarded-Encrypted: i=1; AJvYcCVySZ5smwot7amcbhLtDaSfR3/JAgHC6Sc89QtBCS1mEAhqb2ccXCHpHV1ZJfzUbcJXYiCB+Iu1/n+eHU9ebp8=@lists.infradead.org, AJvYcCXIBAMQtV6Axx7EfdQffDz9gx7QotS8uBK69kMZgTg2n/hLGpP7p7Pqe+I0lEjuyGW1/ykpn3KG6zOVtS1bxel0@lists.infradead.org X-Gm-Message-State: AOJu0YxgeSizT1scLevx37Tt9Ix4gP4X7bJJYLENjdJdHDHmi3rnq+lM ZyQwl4SpBOSHaHU4jU2fqt6FhZOkAZa/ki3gKO8GhvRt10jfCdMl X-Gm-Gg: ASbGncvXRvazCIn+4cI4GkDtJbnEU00Op/j6fQlsJTeodTMzGEJszCFwWT+4gFgZhbb zNUiBOl4KR0qpVbbzUx1zTPKr3nRrlrBwvSmQMF/acBs7m0fqjCMYFHQVAFbJsPA2alSQf+RlmI vqDOrqSmsFGYJKy64qkUz17zuTRmfNdVBbSoxGuC9mYt62NsK1ozvH69a//eib6S2b9uDU2gbz3 /dmAVwiRuRgU4PGHUDB4XD7vvfn3ueumGeTxwIBQhbg0o88u/rD1w5YoPj6Qly/MKSbC81jTbBX XekeNKa9WviIHazNzdIcV5EBDgMkRO9buoRKEnYnfmO7ltFSaep1W5E21M++x4DSf1eEuXKEqC9 TANJ9KckXMw8qPODQU4yzWL52uzKbkop0ce9SmoilGRw= X-Google-Smtp-Source: AGHT+IGjYzWXLvnzGLyEXex+ETYVw5Q0C/1jRBzHoDa33wNIkf6eiEa2/vyA43CLHzQ2U9WVtqxm+Q== X-Received: by 2002:a17:907:780e:b0:ab7:798:e16e with SMTP id a640c23a62f3a-abc0ae91168mr1674875466b.15.1740514589399; Tue, 25 Feb 2025 12:16:29 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:29 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 03/14] netfilter: bridge: Add conntrack double vlan and pppoe Date: Tue, 25 Feb 2025 21:16:05 +0100 Message-ID: <20250225201616.21114-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121631_191590_AB763108 X-CRM114-Status: GOOD ( 14.45 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra --- net/bridge/netfilter/nf_conntrack_bridge.c | 83 ++++++++++++++++++---- 1 file changed, 71 insertions(+), 12 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..4b4e3751fb13 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -242,53 +242,112 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, { struct nf_hook_state bridge_state = *state; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + __be16 outer_proto; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): { + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + + offset = PPPOE_SES_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + ph = (struct ppp_hdr *)(skb->data); + switch (ph->proto) { + case htons(PPP_IP): + skb->protocol = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + skb->protocol = htons(ETH_P_IPV6); + break; + default: + nf_ct_set(skb, NULL, IP_CT_UNTRACKED); + return NF_ACCEPT; + } + data_len = ntohs(ph->hdr.length) - 2; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + case htons(ETH_P_8021Q): { + struct vlan_hdr *vhdr; + + offset = VLAN_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + vhdr = (struct vlan_hdr *)(skb->data); + skb->protocol = vhdr->h_vlan_encapsulated_proto; + data_len = U32_MAX; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + default: + data_len = U32_MAX; + break; + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, From patchwork Tue Feb 25 20:16:06 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990932 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 211F8C021B2 for ; Tue, 25 Feb 2025 20:49:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=1dgQv04DvN5OmrC8jGTw4ZaKyS ZB4tgYnkArqxvfzzErmpB+xMdsFO9dEcPrb6MCNVCV5sCZxBB+SSBgKg1p4rf4PD3Di5aBTvwUxnG GTHuu94/UGz1jb8nNpGtKL78ryxxEyJ1JxPw0hmI45ntrimtCFxWpEa+CUkJX89uxr36l2cGcLGd3 o4hDKlBMXjAmWjuz5QT9Mu6dmbHd/KTBP3uWV3TAqb5+SXzYU3lCTr6WA0Us1ZMeCifEF3JT3fznS mhnT+A7vwJUdHp6z+9Aqj+O8zCkcm8fcZocogwDzH7EG7od5al5y0l9WrdSt6pEEyev2AakmIxfnn YXlpN76w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1s5-00000001Qyu-2Ags; Tue, 25 Feb 2025 20:49:41 +0000 Received: from mail-ej1-f41.google.com ([209.85.218.41]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M0-00000001Kdt-2hyG; Tue, 25 Feb 2025 20:16:33 +0000 Received: by mail-ej1-f41.google.com with SMTP id a640c23a62f3a-abb892fe379so911893566b.0; Tue, 25 Feb 2025 12:16:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514591; x=1741119391; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=huU1PLN3EHU467/JSrQppanLYQFLNasGi1Uu0J75+Whe4lo7HC65r3cRcleIvqxS/6 Em2Fpwam69JDh03EWOi7R4EGPkbC19PIE6HrBM2uR+gB2SX0/MJ8zDX1MIE14pqh6YJl ilu0yFpSE21D0G0gpNuCgxWDp4ENatYb9lCUvAc55YIZwrBOnu0WkLnjbb1F71RIDLt2 rsN7F9f38NobhXOQFo+fz9HdHEOWSLYIHvugVnZFlPE3HTMEnh3nMvru5SiLihNc0zEv gtpgDQ40MuBO7e0/4J9HaIPMgUlPQRChzTDVCheFocAasrEOJ/dhuo2VsVQLsipQW2cS 97RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514591; x=1741119391; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=IQwMS2TPYS4ZnlnB8iizpi2xrP1vi5nzhDJ6ehOGiqPH7/2o12A4mGfVqeE+Qrdjr6 cNWILfO8P58ZgDv+yLwSh86Ja2RltRXGYNJjr8gNjNhe/5bwYKO47k0ksEJZssEBOEwA pT2twIVaJWT7OeGfKZz6pNRQ7afw55ZAe66yzAurch4lYE2ox5jWKekPKw9BylgFEgrY NV2aZbv8X66AK4XN1t12DDq0SucXCCJ3b/7LgHEI4/g+h/3tFAlKdMlNGzDRd8NMHgsG ktyTj+V4bKPtzUEvzRqiv8+j9qvzGvnEpt+SCjL3RSgj6kc/EkUGsrY1MN6QgNWmTOV/ LFTQ== X-Forwarded-Encrypted: i=1; AJvYcCWViSWGJVZcisrnG+ZCNYGhzh2rwnVrl+hLIbjfx1sB4on2wog0DSwRJ6ZpYnF3rGZcPP2o9Vvb6i2PcXazVVU=@lists.infradead.org, AJvYcCXn6Cc7IR2NELnXqTghoeS6w6Tox1nBerQ27BDXA/QXvuDVTZWdLLGEEisPw2mVf3lYMFF7gnAXjBtExFhiwc2Q@lists.infradead.org X-Gm-Message-State: AOJu0Yy3o+Kv9/cxcbneVyB/QXRSDMfLDemhPM28GGtZIx2nds6lWv79 Tc1VN8FrP4/+/X0QyYBwUzaJG3AJRvwqhKRRP3HsYAFlwIecYHF0 X-Gm-Gg: ASbGncu9Zm/DVKnTywgIdbif+zGdk8VBeoNdseYNJy+RfumyOjdNXb8DZVmex7Qg46d Deh0BaSadB9zDVA6AawShlbPziFqm6mT9zA2ofzG6a/pWRqrH0KkjUy6goLykL6ByAbKDWervZ4 lA5RwUe3ImAPDNYTOtlMMYSTmzMDb9bYTSN8DEXg6VhQ5yamkUUtp2QkYzeOiiDVQufnezJ4a4X NJ+S3WS2KJ5wKC+LBPq6swYdr7MqiPYyyKzfwBKdAP1YXfKG9oVv9d9RFKvEVxJyeJPZKR7muHE z7dLe5IXZ0IQFIOgdF3qxPaCxdy0HElmkactSVe98PYQjzVZyR0zbaIT7Q/jH450u6uVBe8l3fc lOq41TSIO6Dv3UzThkvNUXVVQi+7Pe5/toGXtuEOejD0= X-Google-Smtp-Source: AGHT+IFELKJeBL47E24AYBhFNQB8kxvH4OvNCfLa7OLiE5g3zAvMls9N3TtS1GIRuC8kJEKI8Wmk4Q== X-Received: by 2002:a05:6402:210d:b0:5df:6a:54ea with SMTP id 4fb4d7f45d1cf-5e4457abbc9mr11921566a12.11.1740514590457; Tue, 25 Feb 2025 12:16:30 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:30 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 04/14] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Tue, 25 Feb 2025 21:16:06 +0100 Message-ID: <20250225201616.21114-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121632_684358_8A2E85EE X-CRM114-Status: GOOD ( 12.31 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 19a553550c76..7c7080c1a67d 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Tue Feb 25 20:16:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990937 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DB349C021B2 for ; Tue, 25 Feb 2025 20:51:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=glD7coNk2GO9/l1adKLN+uo1Xfh2D3YWudU7CjoMsSA=; b=R53HNHkpBIScQud1CdlV0TNE3h xTg1eYRdgoRo1+MTavsKOxx4mrJUJysZECzIHiSWTucYo+LaJdMa2dLucBpIkbPQU63fba4Zt4SJg lP6gqGlfGh/0/UYfdyXshRRX1r25+D25z7LEqEf2f82+Pp2Qxd3ItWzIdMFM0YFo2Q+dWwTRpeAqj XYw8xPcN+CdKgi2hFTIlHE19aeZRGWGB1oWeZ9Nx7G5BTBOLe14cruVB7DaWQ0EQLpfeeh+R2zE2+ UXWWzg0rF7k6aySsRjxaNIL8SEnUQj+gFon0TKEyoYSWIcG8+Ss9ZlYNv6A5IfR1gOAJt6j8WtR4M 8LMHneYQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1ta-00000001R9w-3Imo; Tue, 25 Feb 2025 20:51:14 +0000 Received: from mail-ej1-f54.google.com ([209.85.218.54]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M1-00000001KeC-25Oc; Tue, 25 Feb 2025 20:16:34 +0000 Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-abb81285d33so40104266b.0; Tue, 25 Feb 2025 12:16:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514592; x=1741119392; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=glD7coNk2GO9/l1adKLN+uo1Xfh2D3YWudU7CjoMsSA=; b=BrEPxAvnADjMEynAkJHcjtRfL2FbVE9Ot9fu0t7CiU6oJHfqqMEYwh1LMpXbZidzvm qXIMF14+b8y3PAzxDD5V4s9xO/NmUlbkzOUY05qC+1UoL7jhX4mTYW/mPgCyflTnazlG ldhBOp8Fdx0HKzB5jdnt5TfrJ6JzVb3vgqqTCZIRa1S6RfW6h9M/HVLvjFvzmBXnnzmq FhYSKkAbgmRhcBc5oArBF8PWpVXQaw2Jcj8S+s+hAs4IDSPDicE+cxrfBe6nM67tA2rz vKt+RNi2mgEixFyWM237s6B4xBeiRCu68KawdYdDoE/ooAlL23xKSTtF/dP/DKiQbdoB HJpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514592; x=1741119392; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=glD7coNk2GO9/l1adKLN+uo1Xfh2D3YWudU7CjoMsSA=; b=h3ftvnZysFN6woImVnuaWdblQJkhXefJ90xyHMKVcfo3Z8UxL4QyB32EMxVjgDbzzo 6TaYBksPbvdmIz19K242eemglBTk5HkmcfhyxFtEGIciRxIDfULKD2swC+/Q3/ZiZjFO nlV2yLmKF10rIOkHwW+VFMgEpImLrtz/lm4Y2RRJni7/XRWA7grE5uzFXg5lM4CDMj3P 6BE8lEOYESzyZceKyL85zu+HzP9IU3ng68AI1sjiYLMCFFMBYaQ/bPkregj8kxrSf7Ot /IBxdc7/42xb/Hshg5+OBJCZZ2+qq9kYFdd2jrtUGklcADeF5wBi7KhItIghWD9VUXkN JC4w== X-Forwarded-Encrypted: i=1; AJvYcCVz70pAskrqV92n5q+tp3BdpyjOhv5a2c+ZP/hR+01v8mlKANDbA9Iz8LvUg/H2LhtZxLiRtLIIXVv1PFLhKLM=@lists.infradead.org, AJvYcCX2ICrcMV+LeKCiJCal+/rZVRsVQRk31m+3oWLm6mB7Kd6egaabM2qyZnzflvgy/TgXaUpMQQEMemapcD6FYfc+@lists.infradead.org X-Gm-Message-State: AOJu0Yx+ELbMsynjM8j/w19Z8/ncopfx3mSyZ+H5YtD+CB5LSg9nXhFL 02QTiCgxa+TD5T2JrMSdYGLQfTvs+qV4Rxi2OSC4A+/eYJxB2pZP X-Gm-Gg: ASbGncsxM6w6SIGz1DPfy6abFCwbF+6rPuIuLPylhbyADlxWiW8wWxK5LqbZfOVzpN9 /MDs/Xxg3gfhIpadgtPXiE4svTWjzoB/2VWH8WLHuxOEaJjKl3Bpj7MviqnDUOnif++rAx/mHTE knmMrugKz13hDB8FskTJGGCavtzl2zwavkiBx9znVCdkCu2liq83TY0wwwJt5bA8+40K3yWRqB2 JandVn1GsgPz3HR+ywf+qGU91IyGkOgx2JP1EqQM4KMhTXOUlYFsA0GBUagp+XekmaOr2pGVwrP m52poefENHfqfPRTNug4kIsRMexYJPFhYvcYJlEC4BYMVkNl5nNTY+chnxWEyrlMC4yysuHd0mW QGNwPFmch0K8/XAtOvqjDU0/wu10nAGTm95+mRxWbhks= X-Google-Smtp-Source: AGHT+IEjvw2ycbh6O1a2xVehSVYNCqn405b5ejvhuSsYBKJJvxe4gk715VpktRuefN5csP8lyNYY2Q== X-Received: by 2002:a17:907:3da7:b0:ab7:98e8:dcd4 with SMTP id a640c23a62f3a-abc09a097c7mr1694058566b.20.1740514591509; Tue, 25 Feb 2025 12:16:31 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:31 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 05/14] bridge: Add filling forward path from port to port Date: Tue, 25 Feb 2025 21:16:07 +0100 Message-ID: <20250225201616.21114-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121633_533993_61938147 X-CRM114-Status: GOOD ( 16.81 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org If a port is passed as argument instead of the master, then: At br_fill_forward_path(): find the master and use it to fill the forward path. At br_vlan_fill_forward_path_pvid(): lookup vlan group from port instead. Changed call to br_vlan_group() into br_vlan_group_rcu() while at it. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 19 ++++++++++++++----- net/bridge/br_private.h | 2 ++ net/bridge/br_vlan.c | 6 +++++- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0ab4613aa07a..c7646afc8b96 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -383,16 +383,25 @@ static int br_del_slave(struct net_device *dev, struct net_device *slave_dev) static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { + struct net_bridge_port *src, *dst; struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + struct net_device *br_dev; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); + br = netdev_priv(br_dev); + } else { + src = NULL; + br = netdev_priv(ctx->dev); + } - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 1054b8a88edc..a0b950390a16 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1584,6 +1584,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, @@ -1753,6 +1754,7 @@ static inline int nbp_get_num_vlan_infos(struct net_bridge_port *p, } static inline void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index d9a69ec9affe..a18c7da12ebd 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group_rcu(p); + else + vg = br_vlan_group_rcu(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Tue Feb 25 20:16:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990938 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 52CECC021B8 for ; Tue, 25 Feb 2025 20:52:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=vgvvO4mRAt67HclOcho5/or4Z9zLgPRzxsVdNZtTjYg=; b=s1TQKT2V8fKyzkXwCPxv68IsES 9QUKOttjmDT/SQV9L1ntYLqSXSbWQ4d7SjGiQwTgoIMVckDKjqs601C7PAmr5/Stll2fgcsIfyAmB A9Bv2yfhIIb2iIFr9p40W2ADioGgd1mLXFjdrxu2m2bACWg7xWQocKaETByN1IxdC4yBN7Gntxwwf VbZOD2cHOYjKkpDdH3yUlArda/4vsctDxQxIdoHk1br8r9KBj7TH5Sc5X9AU15SMDQUZMxOwFpZ6E 1m4fLBXz7zj7dL6YhVDHv0LIu2KeMMyrEm16bu3noNHsEKPMH6WKw/aUcCQP0qbdmAy2lj57H6ket Nk5onbPg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1v4-00000001RHD-321e; Tue, 25 Feb 2025 20:52:46 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M2-00000001Keb-2544; Tue, 25 Feb 2025 20:16:35 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-aaec111762bso407720866b.2; Tue, 25 Feb 2025 12:16:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514593; x=1741119393; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vgvvO4mRAt67HclOcho5/or4Z9zLgPRzxsVdNZtTjYg=; b=NzHCu8xC0IDjTiRAOmyRT6bRgFBhHcNvk0r6f61qq3l3d2HKc0pedn3ZVyZD74nyJ6 A+A0elDi2MaS58XM4/73Aacb3Eriz5h+ioJux7MM0ZiUoYGLdZJNT26QBRURrkiludFt Tjnhv6Z1JqPUXWty1RCHi9YR+DQgifVcGypc5E/3PvD3bL/NMcEuCKX7Yl1Bl9xJK87N FUFyTFl5yDYntuFB+9BXDSBvbu62ESzr4bJEmYMH42oWBRXwircixia5UuB2YV/LYz1C cSv/qhTNjvJXcpCMn0G9U7orwZhbladnA1OQPS5p48CluZPvTJivzIgxA6cE3BzJxXIY eMkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514593; x=1741119393; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vgvvO4mRAt67HclOcho5/or4Z9zLgPRzxsVdNZtTjYg=; b=T2kNYu1hKQd8jGUyi48tDiGk5UdRREPoXMwoxD7syqvIgaDnNFZgp0NjtKpWwmLyrc tWYcf4krmBOLxYhnG9khtecdeSWMor4JW/PDPYuG3nNPqVDVjeMIOIVEji13BVjFG3Qg WDVVHbzC0bLX8ej6nnCEeT1zVzxDDF/zinwj+uEWGb5yoBJ4biO+Xt+bp7TK9HQet47A 9/3v4dy4jFTsBZUmgeLIHFhsTw9xS222uiTiSKMylBoWI0y9NIe2EwZB2FfDlzPldaTE LTrNLwDIRZI2bM9bo4BQGVk3QlDlQPymYbGqsyOvMeevzr5X99XsMG28pKxAd9kyng5k IYUw== X-Forwarded-Encrypted: i=1; AJvYcCVPTH1ZWT3467xytPF4WmnLgKcMYbW0HwWCGx5CR/b1ev/PuEUe5Xb4eDF21ZW+sPfBs2NvC6kvwzKGDr3MSHIL@lists.infradead.org, AJvYcCXQjKEAN8XasGYH/vSV3LqlB1zLMGCss+SOxsyjaxvBR6HAfzU/yzvn9fVejILe/z00wxRlj5JkgTXKeIWUesA=@lists.infradead.org X-Gm-Message-State: AOJu0YxytLnISVs53fTEl72FJASCS9V0LdE2afwxRNKQp8X7RwFjwEB5 anUjGDLiL4eWsQjSBtNTTCrzlvW00Pf+d/93iDEGP3rloanoC7gK X-Gm-Gg: ASbGncu1nGIBR7nHazIdwPIXVepSVVqnA1Brg0lMX/RfoZU4MutkS9S8QTwopuwSwue WLmmaNrt37px2vx+5Zz3Vz01rrgv2OsY02K+WhZSXQx8QGp1C+iqThxs8bHzLbgSwtC69G8/yG/ dHngiBy8Aw7t3BsgqAoR/F14MyWQY9q/3IOlsAuBpyup6G4TVNbq3zEXsdRgLzteQAUZ8uTe2QA f4LR32hGzlKQRrDepJdpShFzCXX6kQFfoIaW/OuIMFWy5nUX0jw3ZWiIUwrv0c8zO8iA4s9mLKS xl7PpIu0ZGshdhwfgVNzpR36YCWmxOHbYBZptnYCotXdLh+QrlhTvU2tpFvf6BlBJyzoGQ+DuS3 RXT2uf+bPEIavCkr4fEvPJYHLHOMCZIDqpm4dTnVXBxI= X-Google-Smtp-Source: AGHT+IHYa/rnJMcG6bw4DaLIqU4PpMQ2X1tUCpndBeXitg+IOobUcH2l24ISv9vbXMdXY/Di07mP4g== X-Received: by 2002:a17:906:31d1:b0:abb:e95e:f2c3 with SMTP id a640c23a62f3a-abeeef4216amr55910166b.41.1740514592646; Tue, 25 Feb 2025 12:16:32 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:32 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 06/14] net: core: dev: Add dev_fill_bridge_path() Date: Tue, 25 Feb 2025 21:16:08 +0100 Message-ID: <20250225201616.21114-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121634_534918_209E6F97 X-CRM114-Status: GOOD ( 17.66 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 ++ net/core/dev.c | 66 +++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 9a387d456592..695445927598 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3289,6 +3289,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index 18064be6cf3e..d5f4fae840a2 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -714,44 +714,84 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; return ret; } + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + if (br_dev->netdev_ops->ndo_fill_forward_path(ctx, path) < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + return dev_fill_forward_path_common(ctx, stack); +} +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /* must be called under rcu_read_lock(), as we dont take a reference */ From patchwork Tue Feb 25 20:16:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990939 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 329F5C021B2 for ; Tue, 25 Feb 2025 20:54:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=jvGWQR8g6lQQtRnafhAUvNoomy MV4ucmTTmroGRi23q1ig++vs83IxFqPnAgEGotMxNXBx0Il3oQVUOnCHdbDeX6qQQJ0hQZBwPrFc6 4W0px68dS7/2U09bKKlF6LmEprGVROkxB2cIEtI0wyeMFDtAR0912eYx+CKk8lDomKFHcSf2r4JO2 wtuJGVxiSI+BJTQF9pqd4mOEBDZ1KXgBcIVFnZ0YYRAlOyu7B/rA2WSoaAJE/p3wraGf2cdtEwaKS Uf9u8kz2FDkgnLo04WhMYqWE7vfsulxoUf2I1IvX4XcqDR3/g5Z5fnHE6B8NqcqkyZDKS8k237Dw0 HjACuDSw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1wa-00000001RVo-2ovA; Tue, 25 Feb 2025 20:54:20 +0000 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M3-00000001Kf3-0ivb; Tue, 25 Feb 2025 20:16:36 +0000 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-aaec111762bso407725166b.2; Tue, 25 Feb 2025 12:16:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514594; x=1741119394; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=EjGJd/JMGyYrKQ58H0RcjEBiZ8ZII48zJww5m3tKNWvZ2qlZu/Kjtkq/i/He8G3MuI r27NU6pOje2OIZk1BfhoGt2MMYg+7I46ODJw9/HGo5Tzz15FiCCqJk/64DwGcHtCK52H AKnNRetFg16ZmsJzZCn34e/mE0QXVntGnBKHjXa8qNp4C8Mwh8kpy+ElYOWi4PMeJKSb FbrzH9ysX/H428QTnRx55D5xsA2O68Cb5a+91J5XOb69/sPAaaM8U0UxYPewKOAJAdMA F785WJBtlTop9I/B2KEha7WXYaMrqVWyYLsc4BFh+ngg3uAJy4R81B+ZvaE9aIYT7aBG hwkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514594; x=1741119394; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=Q7puNcvOpW0OaUHyHnAVDmZFrQSujUs3Z4ftUPnTewMMOYrTaNCzsUtXXA7Sni476h bJRyo1gFvBIunt7HDQ5ZpuFUoJN4mqlwU1HoYrPqsNs0JGVUzhIVnTG+Tm2ZcclU2dlH IaBfUyZ2WEGfd74qqqppAD/0NK/tKJbViLeOhx6NtMTt7Yo9xEjZ5l09Bb9lIzr/6iBZ 78lo7ZSc4LNG3CDnMWrNcWr2gU/czvtUdSojk+XaxOj5Ncs7VSNlCvP8NZ6pyuU4hlc0 Ju6W9k6LdJKrXjFCtk9zQemCtAUQVk2JZDip7jnhWp63BwB8LsYgPYfYMCACWvOEVxNF E+uQ== X-Forwarded-Encrypted: i=1; AJvYcCUPFJazfcxhhb/CNuBPeZ2Yqq4F8+7ZKzhgMp6cRpLB3K0RgyEz2BCQ56hhXMJQXZ0+v+JMooV2xzJxg4Vcp6s=@lists.infradead.org, AJvYcCVwKmx3L6q1EUQrSGto8i0dOAYsL/GNQImwy6NqJ78ntgnYMIEFXcBx3xbeBIwlussxrZ4SXZQtHY+GC0oB+UHR@lists.infradead.org X-Gm-Message-State: AOJu0YyUv+oNL2SEC5Tdi/0XOviYObCEMV5YevVP9rdHWHIBzUbuhXQa fcdT+0VxsOpxmvV1wZn5Y/powfznJYGn7awii/Zg+aj+ttepmTUx X-Gm-Gg: ASbGncuxVZ36ykYVfxAJSzS/BSuXU69n0ymVDySLo5O2kJFhbxg7DuWdY5yUifgnUU+ OshPjVSOMFUHmdJgEhQQp3bye9b8xc6ewqS6VfULHYIBSYb7kjDA28r0emWPkfjAxYMd15bxr9Y tlzY8TqcfiR2LswrqoOIvqXlvsF/0Wje3S6L6wSsPN2nVixO4SdXrkmJmUmX2oyOmkbEhjKrDYh ZRdl53wvNt/pc+dmmHZ+0Jjbe0OsMBInzzm23/ozkBQIzwtu71bHIyUENZuP4OdnKsyBXwWCz73 iO2QlWYdlrHnEQk5DcOipfNHSIS0PrpEUXY83+JxG8CxTttOaJzeT6t0c+1WwqwrOJv2cr0s+Ss 9wEis779JSRuU0ZDHW4RU/PUXrr9uBY0OFJPcEhKgK1k= X-Google-Smtp-Source: AGHT+IEwV1DfGXJRPjYjfUai9IFb7gVR/sM912MZVVj4qwykjTK4A5haj0vlM9CKbuHOZqsSxaDDSQ== X-Received: by 2002:a17:906:3181:b0:abe:ea93:2ca3 with SMTP id a640c23a62f3a-abeeedfd836mr54526066b.29.1740514593664; Tue, 25 Feb 2025 12:16:33 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:33 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 07/14] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Tue, 25 Feb 2025 21:16:09 +0100 Message-ID: <20250225201616.21114-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121635_220264_5E8619B7 X-CRM114-Status: GOOD ( 10.77 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index 4ab32fb61865..a7f5d6166088 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -340,6 +340,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index d8f7bfd60ac6..3cc30ebfa6ff 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Tue Feb 25 20:16:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990948 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BAD71C021B2 for ; Tue, 25 Feb 2025 20:56:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=Xdt1iASI70DtbpcIhCgMkknIcC dDmsIOICL7zDJ/dG9+R5vGm1Ma3S8Vwx5pCUifPN7+Hajy6Xa0LpbTSqsTSs62f8DXG43kc7BgV3i a0GH3h4R9YZ7iAwS9rFichWdgw5QONUJmgW+PyXxn53cXsaUL+MtkK6TjEkc1VYAqffyOUeqYLmoy 1sxLrRVlYUH/4BIdlXqD/OOGy5R0ofvlRV7QrtBQOAprXVZiHBbj2CfpRjKTo6bFcxNndO5kaW2+o iUxDJHE+Kte3nBewsw4K+27eEL2+hb/9SkfsqkDyeD/9BsKLNukHAiukVin/CajeR4P9iu6GqzX6W PvNh1/hA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1y5-00000001RkX-0RSu; Tue, 25 Feb 2025 20:55:53 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M4-00000001Kfk-2H14; Tue, 25 Feb 2025 20:16:37 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-abba1b74586so882276666b.2; Tue, 25 Feb 2025 12:16:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514595; x=1741119395; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=nc7qv9Pp5eNHjGqLE3quqUQkKFLHLLvkCQvbJ2avRb9SZoy148J91UOWoPQIa1cbJu h2020sKRVA0Af/4YDQ/LoaAOLceeKEOpZKVyHYgdkJPOVEnk4pibOJIT9YW7mCBb1IL7 QvL8AH512ZYFG7jQA/g+Az32HsW1bu8JjdvGXFdSSssRLNf/laxkUQqoDXSmf3Yn/SuS tD4kx7R0366UZmBJ6C4CrqYv8r6WH/5PlKRjOeBBLo1DOhj4y+Ay0oWv1QUbrdOL156E v0BPad12ZEd9ZBXyvaTc7OOJja0ZtueoSsbpT+GyHxUElFtij4aID4gBKDzCIzN41nUG d3OA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514595; x=1741119395; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=gdxEElFNhxHxZNn42hqWEK7h8kQ0AuwrCvO1IFLSwzPR/0d7gBtQeOYQj6lIZLuQiL 6VX1zRigOde5qonv+CBqcJyHFfBzURZ7FEBpywb78LR9yR40RuU9nXp75EWs3s2jZ3YJ 0HVGGi8Nhf916rpO9YHmQL16CeokTtuaDjhG3swMX90PtJ6C/OhCEPol8RunX0ISjNgZ XnVIc1ve2122YiQEWKHYwHRC4Iyk0Hb1Pr/7cQ5Xq04Je5mqWTkb+BrQejQLw0fyy/qN cG9NQuDo3AMZWfTIkVYBsmctAiDcoWDwMelpNyUy1D1d2DurxetWB91WT5nOrvMPphd4 P59w== X-Forwarded-Encrypted: i=1; AJvYcCWdiN6nW5YV1Qvm7NoMxvAeysvkdM228/GxDBiWIiWbKsrhKdBdj+WhbSJ8bWvVO/lYV/xhZm5jiz7eO30w3UND@lists.infradead.org, AJvYcCXHOC5piKnXsvlup2271+POPcjJwu+z3b8ql0IlG2Q06gimZUujVdsPxGMi7O4Gna/14tk1O6laH8yqbjtf/OM=@lists.infradead.org X-Gm-Message-State: AOJu0YwmNs0MJZmj/nYguNM6GAzPbnh4gQbN3YlnXJzq9oJNGIcMpLU1 3bgXStucvLFEAagPVerfRIkGhrQpepNO6A2oIKrziaa53iMxOhYX X-Gm-Gg: ASbGncswWV/piwViE5E5jBuT8Og10Y+rA3tklJTKm4pOCxCGFGvX1fxqHqcQxBGHXNU LdV4ZFXZ0BEc/O0G7RNznQyMORoMv2HriRSTCuaX9E1xQ0NknWJigCjp8j3zWpu1s1GSqkgTqck vXI8Acxf8faTL/9cLDD4jVZpetbpdTzJn6QhTO/m6Wi9OUhlUZEIyMCUOmRNvAJ4CzC5cMHlK9t JMQ+36fyCAdepOcZJnhXtLk8insknogUOULBnW0z/KWf8wf5VJhKMRBaJyGdrrBIqAUmXMWgpcK 3RrY+9/kmhf8tD62xceLkEPjlapDGP4pXEMHrB8tuFmLlMK0+GOCO/gdbWIjxWjh/q4KCV1Wtfj 1IDPkKi1B1xjysC8UMo9Jd77W0jUWI/pmqRGF6n+CwjA= X-Google-Smtp-Source: AGHT+IGqtwnhdQCtSmqLRlPPBdMfue3nuq7Am6Qo/bcDgts/ZRrpNQ6gtoEj1aOcPx9OCd4I+DxgEQ== X-Received: by 2002:a17:907:1ca4:b0:ab6:d575:9540 with SMTP id a640c23a62f3a-abed1076c86mr522915866b.50.1740514594765; Tue, 25 Feb 2025 12:16:34 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:34 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 08/14] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Tue, 25 Feb 2025 21:16:10 +0100 Message-ID: <20250225201616.21114-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121636_578462_85C4BFC7 X-CRM114-Status: GOOD ( 12.23 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Tue Feb 25 20:16:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990949 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 32F2AC021B8 for ; Tue, 25 Feb 2025 20:57:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=oMX+BpHngWNByFadptT7bx/BSz 8tTcndGCFLP2Bs4Ule8mNDnEtz0t9UBqld+3JBNmrQRs1hKxLgBAVi0tNe7pLBLIcfQtVU+02jNwG korTeckvM5WLH4YFuUjxsTDpmWsFR0PFTUfhUNfqJBvKe3k1cAbGTDhNB9r/NZvablhAE64DGQ72g Otk7OSwUO8cBzxm3xY0ekEuyIxqtBg1i8EMwjgLGM0KWJvxNhZfwbpprYyzaTAYE3sES8UKtTDMRB apOLrpU0zeer/8+CJNZZoAPcXcQH6KFFXCSAdcprQoC7jKQWRsgi82bbAA0YhP7ajN1QjGp/7PYP/ 0K8kDx8Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1za-00000001S2X-0DxF; Tue, 25 Feb 2025 20:57:26 +0000 Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M5-00000001KgC-2i0w; Tue, 25 Feb 2025 20:16:38 +0000 Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5e095d47a25so11089512a12.0; Tue, 25 Feb 2025 12:16:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514596; x=1741119396; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=PRC5ggObCR4HijMGj7Ku25gjDk8gtWlxhMkwDZ78gRudoednGrCH8IMx8VxR6KpQ+k 0yw2ZhrO1uxLw4pDLNjdvuQrk/ST3knX282PfBK6zrK2xXrEIb6SeqeQZbd/gt6oesIP CGrHvrc5TSWT76W+6HTxbVq4M+r7wUMcn13NplqlLAF2t5LJErW8d7CFrE7DcACCjtsj LNgjKkGjOfXlKaHraPKQMzKicnXD7ovSqmK6iCEzU6D0quQvUXvx26IkQ97pIcTyr6Fr AujQcpok1o51jcJNwCAcN5xytyXpv7DeSqpDugBWdE0YYce8DU6xC8z9Fy+3H9BjeCmI xcSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514596; x=1741119396; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=d/pw+5EoMHiYptRX2Kt/0vsvrukqNG4YkX3vpkPSNvL6B18/8dBb4IRxGKxOF7jXBZ rt67MX/8GXjnhqyIFvmFLxsWxD3odgfSXeEGdfy5p1UA1jLdYPtGZoHKVzhAN6orAGHX f0AYgaRelnQoPkWbg1bmTfcpoqhjfnzfn/xEZJC/DvgItyTn5ltyePmi0MGvA6MagnsC DgblQEB8irbbwpBBrvPB4PUo76ThHNYhsG2C+S/LO3dWcNVlAumzCvM/YKrnaE0d+mY5 4yM5RGT1KKHqf7y0tDxYwxSw7J+9lPglUjUwkqOemJSPOS4gKLIh2rtCh8rgtWF5ppUH sG0w== X-Forwarded-Encrypted: i=1; AJvYcCVsQ4vmnTAh3YFKHknRjXF4ON4q/mwuj+XcLvBVoRxCNPieHGqoKT5jsjF3YoCzWZh5grlpHsUaSyLVlD83Tz4=@lists.infradead.org, AJvYcCXnkrKJYzX2DMwCTaCDDDDmQ55GXwaoH8a1GR/yqQrAdPg/XZfxdlIn0h5u1LWRqX6/Fg7B5tHxDTFxhjtZXt25@lists.infradead.org X-Gm-Message-State: AOJu0Yw21WeHR7wirA+gBzocbtiCyoKtCIcFYM7uTR771sazvEimqqhA UVOkYBEHvf4iBroJDKrRvf8Nh5MqwKqUs/BrrBAFu3XdvDOEljzl X-Gm-Gg: ASbGnculHUqEhL7655xBTtoXVc426cOAJT3/q6A0I6jUUzQ1RAGlVM9ZvlH3A2flDs6 mli7UaygXcoS9ATFFgkjMLmOtALca6PmaZ9d8g/uCijKDLPey6CGJN7qpnXoQ2N1ZdTYy8F3dkj zpNR6tpLh8iBp09XGPmdgShBEI6TFocwxvgny4gCqPTnH3/G/ULIVjzHYDSEJLKuNlCd456vluF YPiGdh5Tb9jYQfF/Ps+uVnkdIwVTaWmvFPKK0FYmAAZNqb0v65PsevPwKtrusFJaX06iRUwhNvG d3MhTKUVEoevLNgBLDnS8d+/Ukhk1XkSlOWLgCtCFql43LrodYysXunqjIzHsYxrnQvHdNv7zXy aRdV7h+5z3SKjWTFFZGEPes5vn3QqemE++SZvCJ5aswQ= X-Google-Smtp-Source: AGHT+IFQrPMr/zga3A1PXJqgdsJBXZ3US5klRSnZht6r010E2CvDfRMDZ8BFvHY6Z6/b4s4s1eKUxw== X-Received: by 2002:a17:906:30c4:b0:abe:ea7e:d1af with SMTP id a640c23a62f3a-abeea7ed9e3mr122695566b.50.1740514595791; Tue, 25 Feb 2025 12:16:35 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:35 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 09/14] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Tue, 25 Feb 2025 21:16:11 +0100 Message-ID: <20250225201616.21114-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121637_689689_26E24647 X-CRM114-Status: GOOD ( 11.58 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 5ef2f4ba7ab8..323c531c7046 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Tue Feb 25 20:16:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990950 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A1010C021B8 for ; Tue, 25 Feb 2025 20:59:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=z/qNdRgR342bsfnPwou2sIc3ef J8OBg5bUyjPcsliD7bjS5cdXk3ZL06tgW9hUJwgBAl+d/j1gN2wlH+nJudhAricff32LDn8ZLUrk6 CZinCqxBJxrcN6KHmts4j4RrN0pUK/QoX5YBD9hZLc9ZWYX2V90RpHJQ0gFpT3a4dbv5acG/uRHpQ 5aFBVsJH37IXOitJgzhEOyyWtq26vNTkSRxcR2LrleizjI9X0/oGbQG3V3FV1lsV09XxA10yMVtAP 7RSMDnUOIjoo8AYXZt4jm4TlCEHyD8gurwN5jIbBZVd/wz4fAmKDg1wmX2Qq/+0uxA5T4KZT1PXSF yCgz69yA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn214-00000001SDD-49yT; Tue, 25 Feb 2025 20:58:58 +0000 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M6-00000001Kgu-2fQY; Tue, 25 Feb 2025 20:16:39 +0000 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-abb7f539c35so1171749866b.1; Tue, 25 Feb 2025 12:16:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514597; x=1741119397; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=HCwZnWbjKXIEBVCr6Js9OsKir2vh5VBFOPz6o7A0lLhkkIyLNRq3aCZh2qgOSPuH3O 0QWUgPlmsLM8VoBFZVHy/3EbR0Lm1itIl2XTZ3RA727F6Wg2YlqCe/+i0f7zxW3Uzubw KVtOOEsZOLatR1fx+U8e7wll1nURnaC+hjctTN9NOmsxv1CWNI6fnyIrMGm+iCNl8+p9 4gazjnc4KkUXskOr30ruzvSLZcENY0/E2aK6GyoXtFydUW07j3uir3di20k4l2ce/klR JVHOQNbQPAdZOafJPDt+IvzoRYYTkvi7yjI2rqnHd6dgPv8lhsnStisobDOx9k76i6w6 Y6Eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514597; x=1741119397; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=ZqfFJ+zW14YsJv8UYvTWciQHRtaTznJMbUSfzQwsrOkabDTAjglA+4pVoA4hFFGoZp FNZFPdj2k2NF2hq0UoKIhqiJNAegzGZvCcpNXFVy6RbEyXTzBkPcX8NBnk7r2/6RY4Tv 8CPCOy9QxM4YoGndAVJpZurrAmZ3e7xZ8aAABf5A4ojAFebg4fguPXO14JSK02S089+O cylkcoFz6tJT7nU5cwzJs9FSPuFO2OcB5At5bZyfkwKc+IH+ZYcjr5aWT+u8Ht52axKp nJHnsGbYbbaXBMO4MgbgVeP7XxtbqZG/98RWZJVgwyaZmvpYi6YZBs+lLvpCaDLWk+JB yU7Q== X-Forwarded-Encrypted: i=1; AJvYcCUr6XPGEw7rRcmc9nHgA2vl5hvutSlRTyMycPqo2M6eqcS6Sx89RUdzSMpyyatmhQWKo9NSdL3CxUbYuC84BNw=@lists.infradead.org, AJvYcCWwPd9wlZECIfuZEiplLmnTzCnmTFKCl6Z6w4KMGE4CADC+x8bF52Oje7Ujn/T3BUfSbLXCQqsDubK/kv7AmNdG@lists.infradead.org X-Gm-Message-State: AOJu0Yys+O0pA1FwXbEXKaQC3D2py20ZZzgWLUe+V7TYCYlgpAOHIrKE c1IopPlRi3ks2pGmte+Fgk91EkYaJeZygt7amRrZwhycrPHvxCBQ X-Gm-Gg: ASbGncvgqLebDrhZ7AQ5nL8A/vsGdizBOupx/DpH+K2/Uvq3Bxwmw/jWoqR3CQO3M/6 T8UwTjz/WvT9tjKidJkg4mJxuy2RZJIhZxnVQ1IMSdDHmasL+n1DtzZd7clqrm5skeow6BKcYa9 s/1I2hKJPFWFUcbT0EBiBwjJnCsHRw0YSzyeJ4zS+iXTic+63U6gCPux/VB6oBz12K211er5Nqi 6W5Bs4rEZBbSDkPPn+Ob6vm9+hJ6WKTiE9P6L8cHEG3gBqKDP6TNWKu1gFvX7zI3IbiVphuYFlA w3NB0Y/s9K2ZmN4rIFnY+hFStv+RL9S8tms9k6QXG+vxQhBxG2Wb8bOsw1UPkm+9waK87goYs8O 0Z4KFgl4bwiQ23A/pQEJ+RUUmN1Q9pligEPDPxGZGMrI= X-Google-Smtp-Source: AGHT+IGxUdijvIUHSsavOxjOEGtqnGWOKkNqobQSxe06Fq+xOGdhhx0QApPI1c+j5z6WHzO8JVwaLA== X-Received: by 2002:a17:907:1ca4:b0:ab6:d575:9540 with SMTP id a640c23a62f3a-abed1076c86mr522925566b.50.1740514597100; Tue, 25 Feb 2025 12:16:37 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:36 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 10/14] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Tue, 25 Feb 2025 21:16:12 +0100 Message-ID: <20250225201616.21114-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121638_689799_890D5ABE X-CRM114-Status: GOOD ( 12.97 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 323c531c7046..b9e6d9e6df66 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -105,6 +105,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -117,6 +118,10 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, i = stack->num_paths; break; } + if (path->type == DEV_PATH_MTK_WDMA) { + i = stack->num_paths; + break; + } /* DEV_PATH_VLAN and DEV_PATH_PPPOE */ if (info->num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) { From patchwork Tue Feb 25 20:16:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990951 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 401B5C021B8 for ; Tue, 25 Feb 2025 21:00:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=BVAkTZii1Gy4XRugZsnKaWDIV+1UdUIxS1E1wVQkwnU=; b=Fs2OPpJxYmqzxJl5nM5cJY98oB uQoHOzXs20956TzptKTETNRMLTmCjYsQ6MsJFBwbPfmXGPuBPML8A5alywuMh3fIyLCDkXmAx+TQy dLwp6wo88bq7Ryu5c7EBRfh8ySeGBy5BVa1Z2GYheAuxGX/WUMSCqPzLug35Ue37K13w83lvvhYSS IPT9R3/Pl7Ebo7/iIabzkF+Yhngnf11R2KXPRlnGAMzgytBMkkPOxUOwpXfQetFY9yXkRAyXXWWBP kjCWF9h8yW6x3xNhiBDFXQf/1pZiA5RMwxVGDDzYWOAm8egUjevqH6BOYrJ0BlJr8D/98b1Fn8ZxB SL71QYmw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn22Z-00000001SRN-4BB2; Tue, 25 Feb 2025 21:00:31 +0000 Received: from mail-ej1-x632.google.com ([2a00:1450:4864:20::632]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M8-00000001KhL-06t4; Tue, 25 Feb 2025 20:16:41 +0000 Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-abba1b74586so882284966b.2; Tue, 25 Feb 2025 12:16:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514598; x=1741119398; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=BVAkTZii1Gy4XRugZsnKaWDIV+1UdUIxS1E1wVQkwnU=; b=PqE4Ce+f3hqVXxsLNle2n5BK2Z/3lK+QA3gPDtBseVQGsbFG1vssYFEKKchALqTXGO MrLTerJKBtr5n83IX22Q2PnXhy3U6QGkQe3ULPV4BuR9XnNsOslO1WiDa/oKl1cWMC3p Z9eOcPaxclKGkekkgTDXaLPvOTDmfxw1f83DDuetsp12d4RIhli1lL5xwxjAgOhpYtiM 64God9GKZI6a2YKKhqQjkfHLW/8paq4G5brLE4Nht1vz02uknEjOL2AlS2q5Q9o6g2KW PbUy7hZENw6N4eK6rmfQZA5CNWjP7u9eVmMZ2MWKDEDut8iD4KmYrBVIq/XKLVLih53P HHzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514598; x=1741119398; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BVAkTZii1Gy4XRugZsnKaWDIV+1UdUIxS1E1wVQkwnU=; b=Q7l9B7Xvcom23Z9AqZOJ9WD/dfh6uCwNWWkBY4dV/+Lp/ErD34pbCJP9PpKNhgtjOt iiNkHgzX+OglvBgkOzIm3JuMs0y6/I2pJGP5E95tGPlc411Uo5Y41xUejxRvkDOpn4O/ TC42NMAvFASoRkRcBw+oMeLEoCTcDq8BwvpYYQqCQiWZrvaG9AMTmW2bKZQuYo+VMV2d ALi0RzklmpojaUVUcRyb7OGOi8+rlbgIORcAM1wj8MV3RgLI6mO865GZ5uBJh9qNiL+2 RbUGlawO4cYSe31yiY61xaLUWuYvmg+xUtm2Z8zjuf3YX/4p7+eT1POGXdw0/07mozcN apTw== X-Forwarded-Encrypted: i=1; AJvYcCUuP4TgdCwgo6/4WQwrwa6iliGNHDJZwy7KCpM1IW13osK00bAAOajVgfuNTtfzSeeH29ScmZOkxrMQQu9Xh6DM@lists.infradead.org, AJvYcCWyymLk3s6ZyG3aS61Mc0lP5pGXzp/RqPH5r7/69YXwhR+sD5TQBiObGZi7UNQMySv9r7GjJeC3cNKtM7rXloE=@lists.infradead.org X-Gm-Message-State: AOJu0YyrjOn3isZ/dobDUtHhIC1FnxSdN+Yp39FIimxxSy2Vt7ZRP+X/ Q7YM3dRm3q/EwN6t0A0In4t4fIBHgG4xuQQMaCLj4kUyl4rK70Rp X-Gm-Gg: ASbGncvuXoW1vNbpCT1ZUR7DRACKe/mzw8toklO9azMHxRpkDdcaimSiuNeKCPSpLej ujtyaMJLgwHhwGKG5vdeyrcSy30LcQrTAggF6WbybGrbONBlesv+hTFV0rEvq0+ExtyIxBKpVLQ ZYhgOFjzCrcn29jwNLz17VcBKeQk06p1dZnPXe2rGNrPAbMP6S4zlnT+GOA46sjkrYSSBvFVK+0 zzyd9z8exvMGKc72ozgXGKOpEELfM4x7pkn6OYg9a8+57WRpGITdwoIj/EgY+Ojb5I9vAP8wa3R PDDSAkBnQx56fmA5JH4E0Wqe89yIogq3HLTEmiW92m0QEfkj7KD7OiJVpXkuU6ToIVfWUhQ9TnO dNPUrUQA83b7ddCwTbypQc9JUlAlIj0BGhHNwq7Z8J3c= X-Google-Smtp-Source: AGHT+IFK/xb0AH8q2XIcdgGFCG2/1S/vlx3qUjtu2T+2XCeJrxRROpGepkKKWsPoi8GIWtQoo7ZUrw== X-Received: by 2002:a17:906:a952:b0:abe:eebf:ae54 with SMTP id a640c23a62f3a-abeeebfc352mr51844866b.20.1740514598236; Tue, 25 Feb 2025 12:16:38 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:37 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 11/14] netfilter: nft_flow_offload: No ingress_vlan forward info for dsa user port Date: Tue, 25 Feb 2025 21:16:13 +0100 Message-ID: <20250225201616.21114-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121640_061148_7FCE145D X-CRM114-Status: GOOD ( 11.47 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The bitfield info->ingress_vlans and corresponding vlan encap are used for a switchdev user port. However, they should not be set for a dsa user port. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b9e6d9e6df66..c95fad495460 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -116,6 +116,11 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; if (path->type == DEV_PATH_DSA) { i = stack->num_paths; + if (!info->num_encaps || + !(info->ingress_vlans & BIT(info->num_encaps - 1))) + break; + info->num_encaps--; + info->ingress_vlans &= ~BIT(info->num_encaps - 1); break; } if (path->type == DEV_PATH_MTK_WDMA) { From patchwork Tue Feb 25 20:16:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990967 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B1204C021B8 for ; Tue, 25 Feb 2025 21:02:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=KGHKkM4qxKd9EB0pt79Yst8lznP4qD+tbsrDkGhaAL8=; b=ixXG10fUJyadV9ugHyuorGkwFm HdhjlpnQn56N3R4UzkNosjoppZ3g/daZpUiJ9dYjCIIQMXqsifThN4yFc0qZx+2apQFx/P8l09GPE i5UWpZFDLVSxvO4unZB8kWYQtV5ibo4NFvsm8FV0Nio/RIuSzIkXAq3EI4PZG6XR2bd/V6LbjTZZ9 kxk6XS/q7moU0xYF+hZ/JAydGTKspmyOzIZsnp+63mMjYWcfzecTjAdJnNXBhjcVUfh2IhRQZlGCh HNNgZUPolTflsV2nytUf9GbCkJTqI0nsXooWU29NmbjghN0Hyhmy1mllqe0FCSpfu9i5SioZzLFDa sB7QLIDg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn245-00000001SoV-0uWe; Tue, 25 Feb 2025 21:02:05 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M8-00000001Khk-3cay; Tue, 25 Feb 2025 20:16:41 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-abb7a6ee2deso924426266b.0; Tue, 25 Feb 2025 12:16:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514599; x=1741119399; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KGHKkM4qxKd9EB0pt79Yst8lznP4qD+tbsrDkGhaAL8=; b=DWCEhDupGgh7CWsgQhpqlmTae4CznNp5PBAqT9Mr/2J5Xc05nA6cRPWHjjO7eFYPyn lxipaVxld+30seT8knrcKy/A8t5NmN8X9P9SeJ1subJuSP0x62JOkTplGA+M4v67/VuJ GUIrabgU1Ry2Z0ShnFXE2uG/5xzM1Vh9Sc13aC2pzVHlEL55fVdWqRgjOfvf+cC7jyBU 5X4U2Oc1hui1IvnfDo8q4L8AekKLQJB/Oru5J/B9j50cDOK5EQSVM+6d/e7Z5Qo3cLIm BLceY66u0BaEEs+EWnB/Tj8qLk90WRECvgbYdRpYMclQXnCY5Zob18v+sIOK9WUjdMSx 9k4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514599; x=1741119399; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KGHKkM4qxKd9EB0pt79Yst8lznP4qD+tbsrDkGhaAL8=; b=TsZo94DCDkO9q9zYvtuRZ3GmDvdzuxHm3gLEh1M9YSDliCjj+TshgAx0Nxc9P5yyDS jjUypGI/6r6V5Ag6z4ZyaVwh4zoMb7Xhu4Kypo0EcIk+AatluQ9i3cb2E+UG7d/vSRnZ IeKlPF3HjcJ0sY685J1y7mBuRgTEDYLvLZecbfmW/o+0vuZ7yINF9kykDzy9tJL0fH2e qn3kHMm4JggJt667fr0l03MLPPCNYNVvMmP3zP94qBlse7QOT9jYp/HGTceDhdDyXbpP GdRKJZ6SDGMAncyBPA/OKKBahp/T0S7noPhDRA0xJdgrCl+0YC3lGmcX/pIm9O/RrDXj 0seA== X-Forwarded-Encrypted: i=1; AJvYcCWlGCHvoUNUiKK+vQUgjIsDFQqaMsmg1uBk458YEIoSBYYjG74bHq4BLDCl8j0+nChuNCfMB2n1YyeZGJv+0Rg=@lists.infradead.org, AJvYcCX2oZbj3qxw8RWnuNpARxrgdpe1MHTUfXdp6gWmZEAHtoahQ8DpXkNjVsae2tJ+Ueo0O8nbOAo5eGABabZcjWOL@lists.infradead.org X-Gm-Message-State: AOJu0Yz9V212meXpOpMohrljGqE3D97n4eXjHLvh4qdL05nDhFEjM0KS 8BfqtY9ECSo16WrUXnZH06pKYYdzDsKZXUqevs6PT/f/93l09AYF X-Gm-Gg: ASbGnctMXGwIt92mO9A7aQPKk1sA5TBegT28dljflQ+9xqU3orUu0eL9isyMWqfrjOE z4sYvH3MSv+09mBEu2x/5cPv4I/Y8HA+QodC2XRbmdKhmns/jIEGNw/R88kWCOzWsQXKszajXP9 1VtEmYwbocZzuNmaAbzq6iYl+mhY+pJW+1IWZaF000DZXIozq4e5HboCO6f6ny2Ra16k2jdGGbI lxJmYNTLaYkZS8vRcc8+7bvGeD4n6CtFJCP85xebbi2oag5KUFQkE4x/d1XlnosYjlWlfnfOz5m NvYDxrfLC8Se5ruHnIkLV/5ey/ZG6+HBzyhQyfZ02jtVTlrUlIfqP+O5Bvdq4I3nRGGPMeu1wIW pd7h/yiUJ0eowoGALErDpwWhG81Jx4KCmpTCjMlQ7K8Q= X-Google-Smtp-Source: AGHT+IGi2J/TnVCJd90qLZXF9lqOCTre926lpkEhBqqXbPwSB79k3fejjuPTlF2AD8MG8+y85aZBLg== X-Received: by 2002:a17:907:da0:b0:abe:cee1:6a9 with SMTP id a640c23a62f3a-abeeef36315mr55361166b.43.1740514599361; Tue, 25 Feb 2025 12:16:39 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:39 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 12/14] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign Date: Tue, 25 Feb 2025 21:16:14 +0100 Message-ID: <20250225201616.21114-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121640_929035_BFAB298D X-CRM114-Status: GOOD ( 21.88 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. The same problem for all foreignly added dsa vlans on the bridge. First add the vlan, trying only native devices. If this fails, we know this may be a vlan from a foreign device. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG_HW is set only when there if no foreign device involved. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/switchdev.h | 1 + net/bridge/br_private.h | 10 ++++++++++ net/bridge/br_switchdev.c | 15 +++++++++++++++ net/bridge/br_vlan.c | 7 ++++++- net/switchdev/switchdev.c | 2 +- 5 files changed, 33 insertions(+), 2 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 8346b0d29542..ee500706496b 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -15,6 +15,7 @@ #define SWITCHDEV_F_NO_RECURSE BIT(0) #define SWITCHDEV_F_SKIP_EOPNOTSUPP BIT(1) #define SWITCHDEV_F_DEFER BIT(2) +#define SWITCHDEV_F_NO_FOREIGN BIT(3) enum switchdev_attr_id { SWITCHDEV_ATTR_ID_UNDEFINED, diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index a0b950390a16..b950db453d8d 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** @@ -2184,6 +2185,8 @@ void br_switchdev_mdb_notify(struct net_device *dev, int type); int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, bool changed, struct netlink_ext_ack *extack); +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack); int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid); void br_switchdev_init(struct net_bridge *br); @@ -2267,6 +2270,13 @@ static inline int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, return -EOPNOTSUPP; } +static inline int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, + u16 flags, bool changed, + struct netlink_ext_ack *extack) +{ + return -EOPNOTSUPP; +} + static inline int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { return -EOPNOTSUPP; diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 7b41ee8740cb..efa7a055b8f9 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -187,6 +187,21 @@ int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, return switchdev_port_obj_add(dev, &v.obj, extack); } +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack) +{ + struct switchdev_obj_port_vlan v = { + .obj.orig_dev = dev, + .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN, + .obj.flags = SWITCHDEV_F_NO_FOREIGN, + .flags = flags, + .vid = vid, + .changed = changed, + }; + + return switchdev_port_obj_add(dev, &v.obj, extack); +} + int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { struct switchdev_obj_port_vlan v = { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index a18c7da12ebd..aea94d401a30 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -109,6 +109,11 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, /* Try switchdev op first. In case it is not supported, fallback to * 8021q add. */ + err = br_switchdev_port_vlan_no_foreign_add(dev, v->vid, flags, false, extack); + if (err != -EOPNOTSUPP) { + v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV | BR_VLFLAG_TAGGING_BY_SWITCHDEV; + return err; + } err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); @@ -1491,7 +1496,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c index 6488ead9e464..c48f66643e99 100644 --- a/net/switchdev/switchdev.c +++ b/net/switchdev/switchdev.c @@ -749,7 +749,7 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev, /* Event is neither on a bridge nor a LAG. Check whether it is on an * interface that is in a bridge with us. */ - if (!foreign_dev_check_cb) + if (!foreign_dev_check_cb || port_obj_info->obj->flags & SWITCHDEV_F_NO_FOREIGN) return err; br = netdev_master_upper_dev_get(dev); From patchwork Tue Feb 25 20:16:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990968 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DC216C021B8 for ; Tue, 25 Feb 2025 21:03:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=lqvEEiGjtfCg1O2c4wJsc9rlXi5oFjjuoYnCbbZ/cQM=; b=ezKkR4jK00hEs3FBntuhk5ndXp 9B+fbz/MHVo/zu2KbaLKge/hxWAcJWVzPEx8Q0tJ6Y+hkeV6A4SSQGX6MCWQPoNLDfXKdqyMMo4Ag OI25yfrdGxcMhoNo7SrAklQT6LC3cTQOo2FAQO0mG4NBeNpKTN6KfwO63HMTw7d2HzdUxHi6uYW+y 5Omoj5It/oMTWB1sYyqNh0fU0MCiQo6cjokx+5Tv7z5avQ2jzeF6YDdtwDsxTB0YbCNxzbpWjgNPV JblbkXdqSD3udX1fzGnxaRlL9yG3/VmO8kAn+Ze7LBu36+uR7a0Jnxl5cdbtYpBIevtYrt+yO3DxR 2FKzvDoA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn25a-00000001TAo-0ore; Tue, 25 Feb 2025 21:03:38 +0000 Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1MA-00000001KiE-0DAE; Tue, 25 Feb 2025 20:16:43 +0000 Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5ded368fcd9so8843065a12.1; Tue, 25 Feb 2025 12:16:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514601; x=1741119401; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lqvEEiGjtfCg1O2c4wJsc9rlXi5oFjjuoYnCbbZ/cQM=; b=R9fwMaG4deIV/f0V36+tt7h5FmOjyhLokGj87GPVx5RolNe+du55Ln0qL4wzB6O2jz vyIvUq1v5fTn10zSjOPCAHh5Rf8vuJFijlCAqGm4jah4uOXt4SWfdo6EXnMytA2Yybcj 88gmSCcz3CD1r0ew2gjFnPQPEqwuD9zppCLrWUNb4woLyQ71NXDXn+1fL+BxGUicO75i rQ9d42xoCbo1QITkf0sAErMBO1oBSZMbGt50RvEioT77qtPeJDoHi2u6dQgF7Dq0mLpc M2L/27p4JN1o7lfBd9xo9bkoFf8eJmyN4PUH6PGoslNTy3cf3t3nWbS58Q+20u6+lLqM NZAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514601; x=1741119401; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lqvEEiGjtfCg1O2c4wJsc9rlXi5oFjjuoYnCbbZ/cQM=; b=sv880hmfMP+U0jczmPZD/qy7qNNbupVoyXUAv2uuJau9aTipvXiSTszd3+SZa0mlJY TXCDA8Tx2q4Ct1VSVpbw5vi71TY7b7YUw0Qkwtq1pqCNMS5jqsw7yE62RlALqY2g7aYC nHMwxpf6XIi5Cy1P7sEdpM0lh3PjCj6kH+StVTCYCFJFYjs7uFE5C75XMPm04YpaWJ0d CiOHoFLPOlo+0fkAYcPtpOJj0VayQUPTXJkDRS5fIpfmExqZXfPHsYEpHDx/2HUATva3 9KWPl9nH6JBCQPtLeXlPA4VUGA54ltgGbYlSSjqsuG/OAaVyPOP3TfWGOZbUppbnplgO ujHA== X-Forwarded-Encrypted: i=1; AJvYcCVMwDZn/C4X91yuxZFn4rU08sGDLfZ7p12vyy3u/wyg05D/Ky0Hn/KwBAufcT9CVUWidS2i/8OZDT637movlk9n@lists.infradead.org, AJvYcCVeHEqFKpZSlN8Wgz4kSuK4yN9EPF174KxpF94+OvU3R8gt/nLK+mATMZgR+xAFj4eTBgSqmrNTP1KWXd7tfGc=@lists.infradead.org X-Gm-Message-State: AOJu0YzyL61OZrBk+HjpECgFaTZhEfDDVWN0bVqb6vfGs+tDXiHor9De bhOdyNYYIi+N9lcZ3rGfT2wivWChXhAoptOJXqz4mXEv0TJCbbe7 X-Gm-Gg: ASbGncu98Kv6qAu37v1LFxbTnN/HUGeJjrawEbFHo/94j6wKmaN9SsoqP40p8c1cC+l 1orvo4LtmKPKPWAsTJi6gjPjbT8XT1AtHqFnEi3GTwIyLwE5J24INKx45quZ1l0LEJelf1d8vtB 6Pfe/CNCTCxMml5WkciXYi4QyG5g7+SW6rdSvtpWvFBxUVIo/TvN6818f/BOEdjSxJEidaAQkDX Fs20E+zGDvOJ1JnG08kgYLjfwbqBE5EPjDxasVZiQuHr7D3El2k5oVlz0HG/ZK3MNM1oDE/l3Ra CJtEovIJsblfEZn17HV0frl4/8MjFGHFHlMErCG3ShhlFoqbdH8WrlNBO0ZN6KGRE9dgWehMbi8 v8s+B9swAph9DVV5HKAJA0RmGtYzEDRcvsaf1jDx/Xr8= X-Google-Smtp-Source: AGHT+IHhGusG5BMLrTa3hM8cjvDcEm75Lf8vLAMleB4CleirSzLNiv+mlxD0ehZbqG9bpzWHQ5wVQQ== X-Received: by 2002:a17:907:3e0d:b0:abb:b209:aba7 with SMTP id a640c23a62f3a-abeeedcf3bbmr43896266b.26.1740514600495; Tue, 25 Feb 2025 12:16:40 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:40 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 13/14] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW for bridge-fastpath Date: Tue, 25 Feb 2025 21:16:15 +0100 Message-ID: <20250225201616.21114-14-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121642_090519_2A889682 X-CRM114-Status: GOOD ( 15.58 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This patch introduces DEV_PATH_BR_VLAN_KEEP_HW. It is needed in the bridge fastpath for switchdevs supporting SWITCHDEV_OBJ_ID_PORT_VLAN. It is similar to DEV_PATH_BR_VLAN_TAG, with the correcponding bit in ingress_vlans set. In the forward fastpath it is not needed. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 1 + net/bridge/br_device.c | 4 ++++ net/bridge/br_vlan.c | 18 +++++++++++------- net/netfilter/nft_flow_offload.c | 3 +++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 695445927598..9ac7142ee493 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -869,6 +869,7 @@ struct net_device_path { DEV_PATH_BR_VLAN_TAG, DEV_PATH_BR_VLAN_UNTAG, DEV_PATH_BR_VLAN_UNTAG_HW, + DEV_PATH_BR_VLAN_KEEP_HW, } vlan_mode; u16 vlan_id; __be16 vlan_proto; diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c7646afc8b96..112fd8556217 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -430,6 +430,10 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, case DEV_PATH_BR_VLAN_UNTAG: ctx->num_vlans--; break; + case DEV_PATH_BR_VLAN_KEEP_HW: + if (!src) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + break; case DEV_PATH_BR_VLAN_KEEP: break; } diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index aea94d401a30..114d47d5f90f 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1494,13 +1494,17 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) return 0; - if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; - else - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; - + if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + } else { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; + } return 0; } diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c95fad495460..c0c310c569cd 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -148,6 +148,9 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, case DEV_PATH_BR_VLAN_UNTAG_HW: info->ingress_vlans |= BIT(info->num_encaps - 1); break; + case DEV_PATH_BR_VLAN_KEEP_HW: + info->ingress_vlans |= BIT(info->num_encaps); + fallthrough; case DEV_PATH_BR_VLAN_TAG: info->encap[info->num_encaps].id = path->bridge.vlan_id; info->encap[info->num_encaps].proto = path->bridge.vlan_proto; From patchwork Tue Feb 25 20:16:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990969 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 469B1C021B8 for ; Tue, 25 Feb 2025 21:05:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=Z2Y/lshDtLYxqeYYyKs6ymXTrG gpj8Tu41+3818CmASe6HnqIfYr6O4v0J1rV53d3YXEFQt38LZ5u2yVvJh1LdPM215GPskoVxtEFr8 suwjGUhjAN0+Dd0LhglPVXD1+uBumk99aqCj8CiXCNlQOpE9BCD3GbPL4PL6awkDSTQt8AMHnHrwA DU6OaGxKvS3ZPEqAaeL5MJawIFyLhSkX2nZ4Fpr7tumTNT4Z2HDS21fEYceA3THlUL6EqxnpIQ16t KO6keN5T++XKqFV/hyz/jmEZfmAvr8iRY69i88399tMJhtB1xBBUJlGh9rypvlgTI2EWK7zssjbOA IGqGtOhQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn275-00000001TWW-0XY4; Tue, 25 Feb 2025 21:05:11 +0000 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1MB-00000001Kih-1u2y; Tue, 25 Feb 2025 20:16:44 +0000 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-ab744d5e567so32159166b.1; Tue, 25 Feb 2025 12:16:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514602; x=1741119402; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=kEz6AnqnSR8tvG6atPUaxmbHfOTowQCVf5thmVQSZ6kIjRxbeK48Q1ia40L2wyNjOs t1LGIdJrDvNqVFEDDIUWQAf+HtOMj4/ZQiya+t6DuQCNestYAOAhhHwmO2woJ2XBIrLC VFR4CM3GYPeI0qEhMekJyizZb94zGZDe9wGuwdOvjCEulaYtPedqmA/nTkWG3BtQtlg2 y9R6ZVnPkHz1+F3jXr643CADxuxT6jpEOinnabQIA4bVQ/H/R7B0sdU6BZoafSpEtjyT dYVWRjiGEGmqVlxUcZ29SoM+FELbXiz9qwN2dcv1WKjN//qyrx5/R11BqHgfZUW8EIsM Cnug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514602; x=1741119402; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=AL7GD/Wcv2ReTpUvjFbVmmcZqBRp2bwCIH2YDq0fIOr4wLdp6HLM3uA+G+RJ/hGHel +ANZMmEB8B43KFl+wZjlJQiKI7VbYcWaxgnO9uIfo3YkxIVCirlyingXOveh5VfSBXKI DmP8ZclCaqIVTFjLS5NUUMtnTvYXCxbkRw1QZgT1VgQcD9GcpzkfrDkQKTv6wpCtJ0sr aWrZqcMax0tuAxrUF0ZuSQR6SfwfBZu4s35UZTJnzaHHq/CxKzkUqAWekAlGIfqgUy37 D3Lg/yi9J8z+E6dM9ZQ5GAiHoBEGJE/rqgVroQPxAaq/LePkJvp+g4BMUIfr5LltKX/f yuLQ== X-Forwarded-Encrypted: i=1; AJvYcCXJSm7RaJBA3/vlVVZGUx8Tm+8E+u7vcTjUIPdlEiAQwvYTJUVHh6OpCS4woW3Sbwssb6cm/YgP/bEEB7i3QvM=@lists.infradead.org, AJvYcCXhHfUOqaox62AlV4DVgVnokKR+VB0NF4zM6oe1QkqJ+LWRzHqUvc3/nmuUQGJzSFVllFS1zLdmdCP9/Grlgw67@lists.infradead.org X-Gm-Message-State: AOJu0YxfF7PMh7MsvrfkJYELeaGHMtea5PgLEnN6irYVVRkVLSsDeJY6 43l3ZsGKRpe6n5uxUrfZLAJEj+lphnapEBMMlb1WwUztjrvMDOzn X-Gm-Gg: ASbGncuKeD0XDiw9IPSf/lHGK0ut4/VWSan9naeBOspoYqUwUVS1qN+Rc1mmUFJI3xv En0epTuNawkIIIm1Ehc6Sy5QAinYKlDHEYJJn4uhuBrP6skO7G+A8SsiFmK1rNtJDb8VqxgH0g8 R4QA9/IhN5DqpTSCXyIOM8gOLf3ndMhHg31nL76A9lCh5RTPzomLCAPkSV2GyVA8FnfDOBqOBZy D0Oa6p87hpmAijkflfwLQnHZ12bpXqVzjHMY8LhfLwUqSQ1AfQtT3J5KpBjuGU6DZponP17pAVy v89w890WsKAc3pMsJafkIi2c0t1HSDt941SGP+R4yZNVp7MgFcM8qnPr1BEnX5lbWIn1faTCbXe D5aYzuCRQxTAvs9AEdwV2YA/hvuBHp1TXvC8UCuz5n/c= X-Google-Smtp-Source: AGHT+IErCNHvUEetSRKi2Fz/dRzAsZ4C8dWcnPsAPVqwFDmd0GWTebWBy4vbvP5wLftQ4Gc/RXx2yA== X-Received: by 2002:a17:907:7fa4:b0:aba:e1eb:1a90 with SMTP id a640c23a62f3a-abc0abb3bb2mr2093020566b.0.1740514601742; Tue, 25 Feb 2025 12:16:41 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:41 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 14/14] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Tue, 25 Feb 2025 21:16:16 +0100 Message-ID: <20250225201616.21114-15-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121643_491594_15B02101 X-CRM114-Status: GOOD ( 19.67 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 142 +++++++++++++++++++++++++++++-- 1 file changed, 137 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c0c310c569cd..03a0b5f7e8d2 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -193,6 +193,128 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_ctx ctx = {}; + struct net_device_path_stack stack; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + + if (th[dir].tuple.in_vlan_ingress & BIT(i)) + continue; + + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + const struct net_device *in_dev, *out_dev; + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + struct pppoe_hdr *phdr; + struct vlan_hdr *vhdr; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -311,6 +433,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = flowtable->type->family != NFPROTO_BRIDGE; struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -364,14 +487,21 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_add; + if (tcph) flow_offload_ct_tcp(ct); @@ -419,8 +549,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: