From patchwork Sun Oct 13 18:54:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833536 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 11985CF2579 for ; Sun, 13 Oct 2024 18:58:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=GbZ+4AfljpB6Mob7lVDrAx0dHSaVOpAjB7zGVS+eC1Y=; b=mJYNwqyb8LPgiNmQ+Mqqef6+Aa YF99FLzGU97NotSvItHojDtV+qQujl+jZE//OyIOPuUOKoSguXZJD3oJe54rXKcMMx8Z/UH/5VqEn 4pCoKRvDZ9wXVj7Sy43yLXUF46NHfKlajTr4X/vhA2buDFV/XnrLK331mjJ6xiqicTWaNWXFnCmyp dLWVkV/LIumDSWmyASZ8xAqydsJZU0uIzyjbTBRxIrnjaIVkQOnV5zBGvh7DLLxgKOs+Z6pv11S3g EKRjTj6zTwDfl63+EYNkiVUnDRhmUeq7abaBiQFyvPiPZCJjuB2YUpYiImrDvjx5HJITT4Addr90z MnOKPqyg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03nN-000000035Bl-0E1e; Sun, 13 Oct 2024 18:58:25 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kc-000000034Xz-3ZFZ; Sun, 13 Oct 2024 18:55:36 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-a9963e47b69so570259966b.1; Sun, 13 Oct 2024 11:55:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845733; x=1729450533; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=GbZ+4AfljpB6Mob7lVDrAx0dHSaVOpAjB7zGVS+eC1Y=; b=GL45tKWrxshfBGXbhw2tpDuMBz7JSJhHjPS5DnRvub0gCGblMfh1yR0QGGxqcYOkfv 0kUy0DcP4TgBd5yPjLWUrIJcITeH3EkE3bBYKw0OksqyqWjlWXWMGt8jdJyb8TLC9rOE 7lOiluXVo3h3lGp+cHt456DgX8gv+JR93jpUieHBVgkjiWYXOPxrszowNbi0Dp4F5GS/ 5VxF6VqRDeFM9R3ceTFwVmcu++sdHk1Xo0M9aiYXi88JGR34nioG0HKTWD4qUNW3IYhF HyGcj4vftH/h5/2c6oQQvkKd1YCJPlo3Zj2o+c4XOPlZcC0g3PY3z+CHL3/9Zt02BBMQ un8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845733; x=1729450533; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GbZ+4AfljpB6Mob7lVDrAx0dHSaVOpAjB7zGVS+eC1Y=; b=o38zIR6wzDx9cVx19pqDoV1S3TscZXvlF5zxQEOUIKTbCDfS9Mq38/Z40EBcy9824V DJ2ZkTIlWCPZgX0dMaMlwrs+/aUAoZtKvcHXau+/8LAFwkeILfoAYMWvKdBqwiU0FHPB 4gWTaJFSrDid52D63+DIoB3qMHZ50o7wfrLEa/uNeG0LoAUVQ5nRp6RNufRO+zOcXZ+M qLO16uy10YFjJx09LdEBRc5h9F1Aknba30ayKSa2HpP4ccwxfTtgu411bvDsjO72QANf DLFjTmlDTQ9JFa26wsCT7ueLi1eXO03kcXZzphwUaEac5c6T4uduX6yFhzOWURiY4VHo dypQ== X-Forwarded-Encrypted: i=1; AJvYcCV/jl40jSQxoB4w4ypXjjepqhPKSXAjclJz3Kp8A2BukQayvq/m8er5Wh5XL7CiQQUD//jIewuAHkF+gCKfDjc=@lists.infradead.org, AJvYcCVNWGJb4qEfHx/8H8AM5bQsYlSw+qMEI27onMKVQ0NbHeO7dsb8Vmw9pUSZul+bHX+4wJOIhIKVQPEFQ2uuIjuk@lists.infradead.org X-Gm-Message-State: AOJu0YxkwN/4LnqMt+W+wnIV7Y09YBAj/pe6GX4aekqeRB5C7DXtut08 EpQUi8Oa1j1zvaC16VD/0pv4OqN2nCcWB4pftkDkXFG/qKo1ZqfJ X-Google-Smtp-Source: AGHT+IHBwmUQlNXjLHzouwP3A/HnrJ9ShbIZ6PYI3ty3qPemvkmnTevcw0/QiFnh3+dIcw+vQiViIw== X-Received: by 2002:a17:907:d1a:b0:a9a:72c:f36f with SMTP id a640c23a62f3a-a9a072cf878mr239291766b.50.1728845732725; Sun, 13 Oct 2024 11:55:32 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:32 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 01/12] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Sun, 13 Oct 2024 20:54:57 +0200 Message-ID: <20241013185509.4430-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115534_915539_C5AB6D02 X-CRM114-Status: GOOD ( 19.31 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 98edcaa37b38..9221ddb6f07a 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -302,6 +302,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static inline int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static inline int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -331,6 +417,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -339,6 +426,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -458,7 +548,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -753,7 +844,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index e8f800788c4a..bb15aa55e6fb 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Sun Oct 13 18:54:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833537 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 22581CF2579 for ; Sun, 13 Oct 2024 18:59:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=pfUb9HJ+s1GLLmxcujXBQ1+8qs5ZhQwuVS6uJsoTo/c=; b=YdLlamKFLYml19bXRiQVsck1hO OS9NBWX/AHZwTrqVVBWGH9DcGK5902ItUFhPClGdR9TNlaksZhxSBchTbIK4mWrcdlctIkGFvOOgF oKh8N9+U0VyjmmKCHNpxemvywkPA++q9F12THN2z2lcuqEf5XbbzYyokNWVYLhFksC0F7Rsk6kCyh cvNSfdo6C/fIkHndgxoDJ+GcNZfRYaGQIg/h6m2tchoj696Bt38vNBhrhyTcBHaw7XXjU9it6jdLH Dg5tgAF/pZ8kR2fOXM0xtmLvPr1l0zb7r19iBArnAub/qXyG211VyKB3utDyPvqr9ydO/Y9lNlHVX qzBq224A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03oh-000000035VL-4BTb; Sun, 13 Oct 2024 18:59:48 +0000 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kd-000000034Y8-45vG; Sun, 13 Oct 2024 18:55:37 +0000 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-a994cd82a3bso529004166b.2; Sun, 13 Oct 2024 11:55:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845734; x=1729450534; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pfUb9HJ+s1GLLmxcujXBQ1+8qs5ZhQwuVS6uJsoTo/c=; b=KIzX0WpKhF5fxODZyuF//67Sw+AB8xNI1E71a5KEx29oGQqwBxkZ8m91nwggj0Y2UP vGsrvdOe059ivc1feiHpr2mEOx/gsZxkmLQkfDu/MJLrqbAeT1aeCIUbiTZSn/qsF80m rJxy/tSrTi60kDIn7R3ZQZ/DmHmCqzn5ghMwX3AQkRC8v9rOqvsQwfhFr2wFMhbTZR8f lJsJKCgc3spMdren1Aj4Mg2D2EYvkGxEPmmvbvYF8YpojHpopmYvSHHZ23uxvJyIdvLq fcpZWY20cPYOAFgle2EJb9x6Lh9gnhDavp6RJoOfNXmbpeLS5WOz3++uTBJ/aa8PsMVe Besg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845734; x=1729450534; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pfUb9HJ+s1GLLmxcujXBQ1+8qs5ZhQwuVS6uJsoTo/c=; b=D68ucnzuKoQ82zndnzcEKIVvQZk6utdiMxrAi101wLUHhsjaY4qNfvzYypIEH4lSPT uoT2to1+1RmI/B66/1rHH5OlowKd1ybV3l2M50r9wJTLsNiP7nc9qItfkrwHxKlBsiQA FhKOjtD8C/9FYMx8w+hmtfsjSh1YlFMkDDGZsDv2J4yFBCwgvcQygNcC/lGjmHehf8tp c7jC+6lGN1jLFkAn/3oTlG1krqVDZgCQnIYtCCW5Qi5Jam2TiwXMGe1nw/Ml3bDHL33j DBTYY7EReJeww8OsPOWdZ+R8zYhSKWEDR3Xsj6IKwg+ixJSzDUtLu99PAt7aPHAyrk+D MNBQ== X-Forwarded-Encrypted: i=1; AJvYcCUMiVBDZAVhRxTUA8Aq1hDr0GlLgunYW4rj8/7olBW7WmPak287M8s340YZ3pY8a7TniArJRZpZPsjeQ9qBW6DS@lists.infradead.org, AJvYcCWAzfZi9pLEnk0itIfP0wRlsG0CIziS3u2vLUX1GWCBFYX/48r9zq0QytFKCEj69MrZzuxuMiVINPSh2OuU2Y8=@lists.infradead.org X-Gm-Message-State: AOJu0YxHIsQGV/k4N6fJAXNA45bQCHr2xTxYuOayZusahnvO/PEUQ1Aq soNbX5pqxJeCF5gm0CXxeq/bhD2laZuaNKuaiwMxtF7t+P9x/YHW X-Google-Smtp-Source: AGHT+IH+8DzpaIYRj4WDn5wY606h6B8yn6VPFaENvcSZa4TDlxRT2Jmn8BI4I5TivbHspBA60sKu/Q== X-Received: by 2002:a17:907:6d14:b0:a8d:5472:b591 with SMTP id a640c23a62f3a-a99b93a86b0mr765431566b.5.1728845734027; Sun, 13 Oct 2024 11:55:34 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:33 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 02/12] netfilter: bridge: Add conntrack double vlan and pppoe Date: Sun, 13 Oct 2024 20:54:58 +0200 Message-ID: <20241013185509.4430-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115536_036022_200E12D0 X-CRM114-Status: GOOD ( 13.47 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra Signed-off-by: Vladimir Oltean --- net/bridge/netfilter/nf_conntrack_bridge.c | 86 ++++++++++++++++++---- 1 file changed, 73 insertions(+), 13 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..fb2f79396aa0 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -241,56 +241,116 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { struct nf_hook_state bridge_state = *state; + __be16 outer_proto, inner_proto; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph = (struct ppp_hdr *)(skb->data); + + data_len = ntohs(ph->hdr.length) - 2; + offset = PPPOE_SES_HLEN; + outer_proto = skb->protocol; + switch (ph->proto) { + case htons(PPP_IP): + inner_proto = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + inner_proto = htons(ETH_P_IPV6); + break; + default: + return NF_ACCEPT; + } + break; + case htons(ETH_P_8021Q): + struct vlan_hdr *vhdr = (struct vlan_hdr *)(skb->data); + + data_len = 0xffffffff; + offset = VLAN_HLEN; + outer_proto = skb->protocol; + inner_proto = vhdr->h_vlan_encapsulated_proto; + break; + default: + data_len = 0xffffffff; + break; + } + + if (offset) { + switch (inner_proto) { + case htons(ETH_P_IP): + case htons(ETH_P_IPV6): + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = inner_proto; + break; + default: + return NF_ACCEPT; + } + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } - static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { From patchwork Sun Oct 13 18:54:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833538 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2D5B0CF2576 for ; Sun, 13 Oct 2024 19:01:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Qi0AlNa47OjnLX+zdNkH8pnYspHiUC9rPn7VlkLtCao=; b=kZX37lnWgGQHN5DYeTTTyy7JEp 5F/J05keQEp50lFmtgjOGprCF37VJaAwvlUM6hOUckxzGHMlAeC+TlojM5LuR0ySKKEibEjsHJiqA 6mDGT3rKrN1FF1cJzoElEOTXZ9xZUmtlEJYWNGyRP14WtU3SYFhn9+xsLSsUUXNiGxtBWSXr9O8WV nQHdOKHrYtjUcj2r5bs/0CQSwcZX9iX+9buqj90eAC80EeJdHYrEe9xyTodPfDphWozoBGPUBoBCU jZUuyR25dEGlbwMCeySZqRYS7RWZFf769hORJ+KUFdVyMgl2M9csnsJ/2VpbsKfKMis+PhgV1IzBt y3znZadQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03q5-000000035l0-03TJ; Sun, 13 Oct 2024 19:01:13 +0000 Received: from mail-ej1-x62c.google.com ([2a00:1450:4864:20::62c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kf-000000034Yc-2Ixz; Sun, 13 Oct 2024 18:55:39 +0000 Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-a99d1b7b5f5so240947466b.0; Sun, 13 Oct 2024 11:55:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845736; x=1729450536; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Qi0AlNa47OjnLX+zdNkH8pnYspHiUC9rPn7VlkLtCao=; b=BGKZHjBVFYINb203U1CSV6H3jsQUQ+Y4cmR2x153TGNO/mbDdtuL+4uZiKPPFIZIn/ m/lEmly5CBhqm1gARd8r+g1+1uBfaBHCwGEe/tHfHLmzDWtjP4SLS+jLUkhP4Cjj+hkb XzQxf+2fWia6ntXbtIAXfi5QXjO8VQYhokkwgLVGmbher81RifhL0GBRNG9COQ0GO1aZ nge27BfuaYFxm8wfmwy3JSEI1uA5oylUkLx3gbjzVGKfGjWbF13Z9RS8C/axKzkH+MEI JTKPin3qUIY90acEy4KJ/ps3/BEJLiXfCzppOZvRK5ltAxDLJNO5KYuIBmGXndi/jqpg wDjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845736; x=1729450536; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Qi0AlNa47OjnLX+zdNkH8pnYspHiUC9rPn7VlkLtCao=; b=TomJ8s0DFsLlE7Bzp7tV278GOKznq5AENwZsL9Mk45iCPQl3UrfBWEULOzmXBcieuk MnEU9w1AlOM4FSF2tFbtDeMs46VQeL6xdQsjmDAj28NmtB9ELdNItkHBP3SEDhh+d0uS PrucziC7lQhgqIBSsQ94y4BG3a4L8IrZfalZM578Vb8O5rHi3Gb1xZBBdrfcmc6kEjuY xnMWelHQlZtTkkqv6/bzJoIu4MNd/Pzrcz4b41zktjYrKU/vR72/PnIE2N7PgpizICOT JGQUw3S7VRx0dkj28Mr4Ne9cb2pCaBLfgtB23/hQZLg/hEfgUyq0jqfVvP586o5ooqOo 1bHA== X-Forwarded-Encrypted: i=1; AJvYcCVXi11wYluS84IU30Bm3HYAPj2iC3AL/utnln3d8CAArIHVO9m+LAYWBpLOfIxt9n3um4C34RJzUeKXFINy6iA=@lists.infradead.org, AJvYcCX90PyUWR6eTLvqU9njlPM21NYxpMjl+9hGQO0Wbug1BYf9ckf0tNumeOz8vVUqH3d2lnrUgGvATeGQDqeYmHES@lists.infradead.org X-Gm-Message-State: AOJu0YzUO0uZHdZc0fcePiVhK93a8QHYBtsHSrIgA7rL2CZHR1MI4JOI Fyh/XY9sdZZzJWv0aTM+wuiXDJB7CcvY/68Ie24hsXqnNSuh8miJ X-Google-Smtp-Source: AGHT+IHVDWLkh2asCKPkqAFL6v1zfW7f+2znEwYnsBE2sJ/tzUwV2TxOCxBYdSzOWLcdLwlQKhvF3w== X-Received: by 2002:a17:907:2da4:b0:a99:ffb5:1db6 with SMTP id a640c23a62f3a-a99ffb55507mr289530366b.24.1728845735564; Sun, 13 Oct 2024 11:55:35 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:35 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 03/12] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Sun, 13 Oct 2024 20:54:59 +0200 Message-ID: <20241013185509.4430-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115537_616820_573C87A7 X-CRM114-Status: GOOD ( 11.64 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 7010541fcca6..91aa3fa43d31 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Sun Oct 13 18:55:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833539 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DFCBACF2576 for ; Sun, 13 Oct 2024 19:02:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=RADunMSsDBQJOkeIT+sKpwp5kwpbWqG3OFvDFge3gsI=; b=1NbrZfcl9//1ZqqAvDPkX5k1XI IXoP4UsqjkgHQoW+7JcHJB9Voueao4xa1b0UKPCUpv7fbkrmuwLEbhGyWDaYi77p5JEcPeeZPafjj /DhDKhpT/nteWR+cKerQ6F3hyjQdyzEuQzO4H4SEV08Pz+TfxpCxsRAfYMXNZ3BzWktFe0RehF4ev E9ywz2WorshpPiAJgRNLMFUP+Pk8A0hqsptdSoyFB7sAtZvihcI10VhisM1wcO65bWzyDkqURoxqu o+TE16Fmh9ips4NBSdjBL0ymp/586o7Q8qP5rJmb3erWj3UM9zWsDL3zvRAJyWBTn/bA04C9ebqQC FKX2qe+A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03rP-000000035tf-2RoI; Sun, 13 Oct 2024 19:02:35 +0000 Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kg-000000034Z0-48Ag; Sun, 13 Oct 2024 18:55:40 +0000 Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-a9a0ef5179dso34925066b.1; Sun, 13 Oct 2024 11:55:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845737; x=1729450537; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=RADunMSsDBQJOkeIT+sKpwp5kwpbWqG3OFvDFge3gsI=; b=hn2F0GWvS7ysfbht/Bwe/Qt6hQc5Gbl6QWW7yD030vF0wzA+2LmSwZAcKiKBepEfYN Z1ktXMKoq0S3vqvHnHzCKWHW2fDgE1QZ56VFr+Fm0ByfmWWKToBTH/GFVyNEteJSts9p 5m8BjVh/XusWuPTigeJ4R6GsefPZl3OEq7b02xwoxLGZ5ZTlyifdauQa2I8AOMpWDMI4 0RCyCxNIARrEHtPtLHqJTt1O7h+zrIwSR1dcSHdQfojOMOSpZK0S6k+sqQTfWqHUPHIa Apt5PyKQ01s38I/AIs0Sl/Y2ft436xkbkj/Wu10wE4dWOaV4N3l0LWVs3gngv+xfd4h0 ahrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845737; x=1729450537; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RADunMSsDBQJOkeIT+sKpwp5kwpbWqG3OFvDFge3gsI=; b=ACuwbolk5OknU9lxxQr2zbthE29N5FjV9oomckYUKZwbEHIO7+0HVoxncsvQ9fVvFZ K4jXIWhE4CPZ03BhRFs/LuWF/zqaWhGQeeGzAmPXcOpnDDRWmXTxmW/VXhGZIabOpAGl pnxugmw6bciUcjNfIf5eBrzCqMmjxlkHrSTtupfRVu7jU5kRWmxDQbilro/I4o+Y4Coc RZCbhj6zYyDvnZ5aqrGCpUYUeRtOlzW04OWsoPt6PuvDejjVnj5KYPmczAHT4PRUuGv/ /WsxzeuIksc38riq1O+v6GV4Tt8dNfEK1sU/oFKGi+rGNVS6twzACNFro2+8/piJYRWv +jBw== X-Forwarded-Encrypted: i=1; AJvYcCUKGwTH5Oi3zIbjaGRMqvefhDPYlvxp2m7m7D6lNFa8t1/U7NtZvNBW3kgUFxdY1ZUtQ62qrG4ulIHsSbVhlzfb@lists.infradead.org, AJvYcCVCZeznyjSWw2xWkcENQj81roBBb8GkXgK4IUOCwv6kecVd3WDVR+Rw+BmwWc1+3+yhZrO17hT73+jqv7+yHPE=@lists.infradead.org X-Gm-Message-State: AOJu0YxsBtD0mf63/z7dzNozUbIPmGj7FXDGIxk3jk5/FqNkwvij2Gnv jJucBkkjEtabBYA1gqX2A9+WSxti3poZrBd4QvtXrmsG0ZbxCKUh X-Google-Smtp-Source: AGHT+IEWUZNp7HCnVh3j+0U2jm4O/rsy5kDbUxyRD+CLZEqkudsSqyQJlj+0O92gLyoS4IpxQ9txiQ== X-Received: by 2002:a17:906:c14c:b0:a99:4ba9:c965 with SMTP id a640c23a62f3a-a99b9585b7amr898083266b.44.1728845736991; Sun, 13 Oct 2024 11:55:36 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:36 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 04/12] bridge: br_vlan_fill_forward_path_pvid: Add port to port Date: Sun, 13 Oct 2024 20:55:00 +0200 Message-ID: <20241013185509.4430-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115539_076091_1C54C144 X-CRM114-Status: GOOD ( 12.66 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Lookup vlan group from bridge port, if it is passed as argument. Signed-off-by: Eric Woudstra --- net/bridge/br_private.h | 1 + net/bridge/br_vlan.c | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index d4bedc87b1d8..8da7798f9368 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1581,6 +1581,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 9c2fffb827ab..1830d7d617cd 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group(p); + else + vg = br_vlan_group(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Sun Oct 13 18:55:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833540 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1D4D7CF2579 for ; Sun, 13 Oct 2024 19:04:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=OLdtf9AkfZZtftPmO+QTmZhKFxRRSQewBGWvAuWXxX0=; b=gxWwM2mwRu5YOBliEbX5knESrq n4OIwcZQPWmhJD3Q7tSwqbAnYzdSqiNYCS5IRelcE1/QFMG2iTCgD5iu2Emqsg2jD7sTUo9kDH/6M sMb8DrtkNooCf0Ut8jwyJ+40PDjoFb+BuZSTme/OwYIJmayMh/2vRZExRz3+5IXqBQ3kDZIaBooGW oF5g29wJ9KTYbS61m/G8mbu8Df6ullhWSDiHtInDWt5/QffvenOoRN18apeDGaeNNi++pAssri3er mHpSZOY+ePohVFQXi0Qe3OWAHg0FNROCEP+d+XRTEs3xCyJ7RNJV97tj4uy7aVDV/80cdTTDHA/qq /aag5HjA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03sn-0000000362N-0Whk; Sun, 13 Oct 2024 19:04:01 +0000 Received: from mail-ej1-x633.google.com ([2a00:1450:4864:20::633]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kj-000000034ZY-1NrV; Sun, 13 Oct 2024 18:55:42 +0000 Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-a99ea294480so159782966b.2; Sun, 13 Oct 2024 11:55:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845739; x=1729450539; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=OLdtf9AkfZZtftPmO+QTmZhKFxRRSQewBGWvAuWXxX0=; b=b0ao2SQPI6t/KSVRWJyPFnIqPSBYJfGPXewn9/gU+Wi7OPEEujdSX2ISx7ggjXG6V5 za5kLg4GBcVBh0mvVKZusDGNluDgMP6ohxG6poBvZpiGuIUPiKyFt8gGUM+Gl0EzKcdk hQYg9DMqcSj+NwSN9+aObNKU2XMG/cBU2ETWAsxhogbdF/GEloCETwv7z9q91+kYSYDL YpyZ0ask+1bpo6wvaJAsyWA9HbCDx4ROURD+i1XKCryFSYbzu1VgTqpHVPN3U6MU6Dnr 0A7w/6eNVtKVdfduHrJkYr+tBUrafOVCmavqqpozGSdYdfJ17ELOYUd1hccRLQbwB/I5 rq5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845739; x=1729450539; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OLdtf9AkfZZtftPmO+QTmZhKFxRRSQewBGWvAuWXxX0=; b=TP/hmoFVBxlIey3RnG1xDjqXdCIK7sQ3K78iafkS3jKYunTiiJ/xOREyp3uIsWZebG wFLXD+6EaFNsE+LT8BT2KbLDdZNTayC85rL0pgf/kr++dHLY+WbsaA84FKnRpL+4lQxu R8Go4X06zv1HtIOqHY5nBmrNGk2+IYnFEIijGyky8xYIyH5FV8xqFQ3/GuBPeer9VFBe vZNoJnCcIg9t4lN2un2SSfwJ0nT4FRGYUH06oDcwD6bkhyR2CiUrvLYEm2A+qwK+SZ0A sDZ1xkn+QxfAxjUNdi+jFA6+sMZPTd+ZEzSySGGrbhrMDHXrUWGtM848PjnRVX1hluEf Cw/A== X-Forwarded-Encrypted: i=1; AJvYcCU7BgV1vBy+Fo4pz4Pf63QRv4jiJs6SsiniPUQqk/+wUgbKlH4+hr0leZSmXLjSnpA9JaFaPdtOr0wJ9szqBjo=@lists.infradead.org, AJvYcCWGv1ryJNqjTSjEvlJrcCiyIWO2sUAW4ILsoMMhwKz1RvQDrk7qhaVegHV1vxgtX0SW7s4vT8UrZUMy5U38iIre@lists.infradead.org X-Gm-Message-State: AOJu0YzcYTG/XYTWO+z01b/KOUO2Qxm/BiXW/eYyHyL6TzrqNvLOuhuU goQ7pjmGQNBANAGxkjlkBGBDZvq6ks7mzq+8dT2y9wCPTrA1BISP X-Google-Smtp-Source: AGHT+IFGmTnwONoCtYAAkw85QCQZ49i2r3KEyVZKqIg/rOT96DkANV9Cgr1YZGISZ8fGwYKHbFWZBA== X-Received: by 2002:a05:6402:51cd:b0:5c9:492c:f7fa with SMTP id 4fb4d7f45d1cf-5c95ac09939mr9913132a12.1.1728845739130; Sun, 13 Oct 2024 11:55:39 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:37 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 05/12] bridge: br_fill_forward_path add port to port Date: Sun, 13 Oct 2024 20:55:01 +0200 Message-ID: <20241013185509.4430-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115541_388207_CC5FCAF8 X-CRM114-Status: GOOD ( 12.72 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org If handed a bridge port, use the bridge master to fill the forward path. Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 26b79feb385d..e242e091b4a6 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -384,15 +384,25 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; + struct net_bridge_port *src, *dst; + struct net_device *br_dev; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; + + br = netdev_priv(br_dev); - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); + } else { + br = netdev_priv(ctx->dev); + + br_vlan_fill_forward_path_pvid(br, NULL, ctx, path); + } f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) From patchwork Sun Oct 13 18:55:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833541 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EE659CF2579 for ; Sun, 13 Oct 2024 19:05:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=4/jTDX+7O0s0C1nzOWVEkFl+nOrYzHK0gi2J/aQ3w10=; b=hU/7fbgMZbbIslhlEAHYYQi6wA PvJeF4KXZWhm7Rir+EEbQtPmx3u7aDX0e0b2/38DmgegykGmlTEQDnZ3/iYUsxPR8xNehhe43Wk8N S05WSjeX+m+qesU1Bdn8b6Bi15KhORATg32ylY56bmxv+xv1vc6ZsULMtKrVDNmOWkz/2Q+gT/Dpf wipFxUYz6CokE6wDD3MhVUkt5JREAaP4HvpbfRE6htXuBgQQyC4cl8o+xjXNC6WvCXQBZ8HePK2f5 TTxMVID4nK5J8XS79a7hegOGRHZn+bFQpkiKzqbuj/Aek2TLc1r0DzKkMUay6T/y0TASUfJDnK9KE rJnUWpcA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03u8-0000000369L-03WB; Sun, 13 Oct 2024 19:05:24 +0000 Received: from mail-ej1-x630.google.com ([2a00:1450:4864:20::630]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kk-000000034Zj-1Uaz; Sun, 13 Oct 2024 18:55:44 +0000 Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-a9944c4d5d4so524625166b.0; Sun, 13 Oct 2024 11:55:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845740; x=1729450540; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4/jTDX+7O0s0C1nzOWVEkFl+nOrYzHK0gi2J/aQ3w10=; b=NHpuVOD0SodI+JzDziOxaDohwF8AlGMMnuKzdAF4KDMyEJQpyrUfC7Fu+BY1P0448g 2f3bmw6ulyLHAOB2M1P5h4k9jYmUgs6LVKTq1xNVoWyeKNemyGesCQYPa7hDej27wWwP aV1nHlfpcLGGnJ/X3NOtCEl0eTiKrsbsTTa0VECfMG5rjc1jZpK3VolCaEco8X/HchNe KwK8iHD5faHErL0x1pMctVlJDIIsFe0Rd2Cro7FU3PuqS423m1ernt0SrSyvcyAqL5ps xTV5knyI0iiPQmqUFH98miObPFbfHv+OjdhuGEAcW0F9Ox0lRuBMoP6i+Fur37jrCQHb 7Geg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845740; x=1729450540; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4/jTDX+7O0s0C1nzOWVEkFl+nOrYzHK0gi2J/aQ3w10=; b=Cz/hDZ8fH5qcvSj05T6jDFDSocgYnu73qG2nAjW+DXxUK+KtpdK8GW8ZzQ7ZQbWeFe lj21TQplhLEgxGHUaDIJOwVgL80DKlZbFTOfu7wLHdo0SQgCiK3E/7gLRhfU72dn+xtr 7gI/eM//QVV1h/kLbGeKMUv31uUsCO6T3P5K/O4BEO8qPexTNvJkp4paIoBfjJOMtOfj h86t1cFnw9y+2ulHaVa6wiSBKnKQKMy5MJFFyKFrsko0ACs1SFXPxQq6D6cZoGfxAwzs USeUKed0h0mDtvIDwlqV5JFJMIiSrTWeOx1FVMo+3E5w3rWbWGRTdwayvA+MXf3s5+bZ +Nqw== X-Forwarded-Encrypted: i=1; AJvYcCU76zVr5pclwABwSxGODK5Uc+kNwztQrk4GWQNtY3oLx+maS9kpoA/H48p4nXUSspPAAx2MVNoFMkykqMQrRYc=@lists.infradead.org, AJvYcCUwgQyfZd3Jpk1SUW7oFVfoYzsTtARfNplYFqUtPp7VOK/wtBeoGqnuG68gGlVcaEGimXixjeRFZsa75Ehsm6AK@lists.infradead.org X-Gm-Message-State: AOJu0Yx94n4XcDbz0iz2XDQBxysEBsAo9GIFlMYzdXZWzfFtDVkGC7K4 cWmgn703FuEXQewHsufo58HLbVR9XcqB0ECzGynp8gRGEg9Df/ot X-Google-Smtp-Source: AGHT+IF5ckEcH2Maqlc37cAezXjDdy5PfJSuqGGD7BCfFPOKEOulLZNTMAaU6eD/aTsuVoJCroKnXA== X-Received: by 2002:a17:907:7b9e:b0:a9a:11cf:2a73 with SMTP id a640c23a62f3a-a9a11cf3a9fmr36014066b.64.1728845740471; Sun, 13 Oct 2024 11:55:40 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:39 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 06/12] net: core: dev: Add dev_fill_bridge_path() Date: Sun, 13 Oct 2024 20:55:02 +0200 Message-ID: <20241013185509.4430-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115542_415492_89049988 X-CRM114-Status: GOOD ( 16.93 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 + net/core/dev.c | 77 ++++++++++++++++++++++++++++++++------- 2 files changed, 66 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index e87b5e488325..9d80f650345e 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3069,6 +3069,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index cd479f5f22f6..49959c4904fc 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -713,44 +713,95 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; + + return ret; +} + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + int ret = 0; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + ret = br_dev->netdev_ops->ndo_fill_forward_path(ctx, path); + if (ret < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + if (!netif_is_bridge_master(ctx->dev)) + return dev_fill_forward_path_common(ctx, stack); + + path = dev_fwd_path(stack); + if (!path) + return -1; + path->type = DEV_PATH_ETHERNET; + path->dev = ctx->dev; return ret; } +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /** From patchwork Sun Oct 13 18:55:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833542 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CE3D2CF2579 for ; Sun, 13 Oct 2024 19:06:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=pdMZzUqlItAKYCipC8R7CKRW4bj0To7qOhyuRvVgeD0=; b=JiR9lEIlb3O6AZSKwxi+Havv1s IQdvoy9JyzUNQA5NWdqQvGcQnBCVtz4tOOecigGEWXYWD3y0cdJavXgigb2BnrhKr3ord7W89tNFp cQ9m3dImVYFTQV2N5B91zpfcvgx7F+ZBe4SpprOAm4R8vlL5NkOiK8tqFxMVmrQOFDTgaCZ9ZkIG7 s/+I6Yw2XGMgycEtOMDGWwJIzb0eGXiwCqd9lJILLvKRKqdnDxCXLpC9584d4e/p8GJryO3y6q6y2 Go21lbtD5n3Fjim0tY3IAnDmGcdhshWSqWjoMb3XuBIBg/WqOK2cTjQi+fYEVV1lEyHRBBMQ9ks/i QPHJr1EA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03vV-000000036Na-33mz; Sun, 13 Oct 2024 19:06:49 +0000 Received: from mail-ej1-x634.google.com ([2a00:1450:4864:20::634]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kl-000000034aF-47R5; Sun, 13 Oct 2024 18:55:45 +0000 Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-a99f629a7aaso157398266b.1; Sun, 13 Oct 2024 11:55:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845742; x=1729450542; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pdMZzUqlItAKYCipC8R7CKRW4bj0To7qOhyuRvVgeD0=; b=TBfynMoyvolvYPyy9NuXTpLPjJP0AW9yIE4q0aVK6MAlqtbjygMdlc9oEkerBT2P0/ 8g0etae/EL3DjUf0E6ysKibxeuoxM8YhNeTW8wiKXDNSLiXr8iJTPTclPaqF+cak6L/b RNUZD+T7eBwV/GHAULezTsLhGYpBUWFtIUgaqbSDaah/VDIDolxcsUlatK7vx/ezbYhC BqA/PlAJluxKFyXtm2ZPQZgJfzwjupZG0e0pGpbd7bpF2WT02q81/H245iCDHdZyJFYe P8qz/XAIs4JR6wb8XHRyzz/8jtIWC4HXxoLb+c18NTqcwahJRo40ugqXbSJ8SitrnJTi wOtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845742; x=1729450542; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pdMZzUqlItAKYCipC8R7CKRW4bj0To7qOhyuRvVgeD0=; b=lgHhEZchQLumkTGJWy/RXFgadpqoweKxPOb0kqpeUbfgDSYRgRsyx/mrDNXH/4SIcb r5/+fIcrNN5GpEZXrnXb1TlKEAfuyRzECgLngZvAXIKIVQbXJa7d2NMs4oqalaylXqaU sc1Qt+pQbl0GrUxSfJcfWB3sLAMzvxxZNzHGVhq/iLjtRGlNpxb/9vxXmA9PURBD9DMn EkKggQlHsJPcSvr2Kv2aiIMb6jCAoVwt5N/PtYgcztvLp0jvxKUmJc8HO/1orkGw/ZmW dji7XHd3f4T9GOsVtdkdRfxvQmTKkc2IzwNfk83ayKVYqfbkc40/KohFwwrABnbHe8jP bkCg== X-Forwarded-Encrypted: i=1; AJvYcCWAeU/Y3kwYiXlReNhXKOgiiGaQK857qqmlDHlZODP8LJgE4ruYv65rbZs8S8sFQJc7AM0sHPPIGO6+3Prb59Y=@lists.infradead.org, AJvYcCXa5si7wYam35W8/fqUW9LYuPXvApFGuhvz//4aD7qgVnDhGYqD9j2CqtySGeltsvnhaTlL1bp9lwCVzrwSCSfC@lists.infradead.org X-Gm-Message-State: AOJu0Yxg+ptGaARQX9yFzDF2DDT67gyEFWXnGEHCXIHxEbWibMmg3zMy o5/wxe2OC62pXBN6DTnoXwbq5FogqVtA8N/00yrDObJzl349dsQV X-Google-Smtp-Source: AGHT+IFAKa7QLMgLrXfCGsTWPmLzzuX6LnZofD0LKyRsV4PvoJ/AEQnOQ8iMsxyM5aGIRLuo2u2udQ== X-Received: by 2002:a17:906:c10d:b0:a8d:43c5:9a16 with SMTP id a640c23a62f3a-a99b8775be2mr661651566b.6.1728845741903; Sun, 13 Oct 2024 11:55:41 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:41 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 07/12] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Sun, 13 Oct 2024 20:55:03 +0200 Message-ID: <20241013185509.4430-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115544_045748_B9E6C44B X-CRM114-Status: GOOD ( 10.20 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index b63d53bb9dd6..568019a3898a 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -341,6 +341,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..5543ce03a196 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Sun Oct 13 18:55:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833543 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 31669CF2579 for ; Sun, 13 Oct 2024 19:08:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=D6bOSx9F0JYNp5qomZcy7h/raSRvVGKNY4mEoIJa6U4=; b=NZ+VSPNNnnz0kWi+pgfikNXiBa 9U0lXrs6MsxzqQ8gY8qQYopH3DZ8WcIQlAINRWS0ThON6i+8VCRpmSOsNVFIJCK2n1m41MfA9OkS6 1/eYd0KaiHFcojItJ3oRAXDSQhrHwJv785qKAyDaraYlAH/YOSOvzFwfcbc9CJegiDjhdqnDAdWDf ht+VJ/327OqXcum/pKubjKeqas1jNVxULYP+HGLLRuX6+6CjRRAefYSkSgQmbvCKEU2Alkv+W0U68 9N1KJ6nA3WSJjOJnyadZ2puoXdVmVmeT8fQR0mVWn+gcknsNaPJxjxE/tYvctL0TQV1QrUVZis1PM BHaXyJEA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03wq-000000036WE-07xB; Sun, 13 Oct 2024 19:08:12 +0000 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03km-000000034aP-2m1u; Sun, 13 Oct 2024 18:55:46 +0000 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-a9944c4d5d4so524628066b.0; Sun, 13 Oct 2024 11:55:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845743; x=1729450543; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=D6bOSx9F0JYNp5qomZcy7h/raSRvVGKNY4mEoIJa6U4=; b=nndX1SrV8ZBYB72JLjnQjUIXx31Mp7yLJUI0XSNVSaTNZWkwm112SnmOWHWc93DUlF WauB8NsvTxU0oTmROhzusztHSiiY5Y7YRA0pBb5kHK7UVXHdq0v7zNgd1s0l5EDMC80u nFc2kRWtn6cHoSC/eG5oq6ZTycLzDAYc9u12mZf/kisahwO1r9lWI8DyllozLhGXdJDt rWoJu4nu3we+ka6Ydk6LQDUx9jDQrysU3i7Dpnj2NyURriLkNxG43isZ625UZ5GUnI+0 1+plmyH3KBh3y0mvzE0b0V52NAeOF9U5IEOTr5Zx6XwG/Rzfa89PRo8aCKGCwlzUyb3l h1IQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845743; x=1729450543; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D6bOSx9F0JYNp5qomZcy7h/raSRvVGKNY4mEoIJa6U4=; b=LriJnrxEC0d1PIvCRVjlMpVbMvbCDyz97QwYZcf/xYdNzqhQCLFikQZXzmB7Mhg50v zvHnlEka8dyT1VFCv/ezhUNUsJz4+dLUBjsp1ZtNjeVfII2pdhtjr4zJ8uKRe98HkmEK pa/t13e4ODjqKatoGQENjRhJVg1uqnbL8CaFB5h96DcKXGx8ND4CY3dxZeA4g7YceYtg hVj2rA22pczSuleOLbwTGu0gsqdrrVF/W3psYz2Gilb3dYqRRR0EKq3gm4hkxFzQ/1WW BI/xfp+IRuukD9FE7JyxNGn6gr5D7T9euw2zO0BS16uI2OO4K+Hvp6bvIxyTGGYJM1wh RrFg== X-Forwarded-Encrypted: i=1; AJvYcCV+nlN2aCGwmfaZoLz0qZwllH1YO62C5UqHKVJLG3EcjPiljKmfn0G4lYo9eKdowPNHcAr/hOpJh/Md1ElIWzs=@lists.infradead.org, AJvYcCW2eIO9h4GWB4j0eTKoU7kqhodS6vAPNG/pY7WcD2F3KUeXUUZjB3KjlW+51rpdV4Pk/ZCfGc4+NBHMxAZsicWc@lists.infradead.org X-Gm-Message-State: AOJu0YxHZ774/72b4bfCJjq/svuTtPVzlhfmtYxYu3LDAqshPae3oxn5 4WSzZIdfSzdPSWBHdRPQ43Ly6cSIUsev4XhO8m5SuIW9PNJbnHgk X-Google-Smtp-Source: AGHT+IHvTGJJwOKJ7kLklzvX+Gh+CAxx5/4phzgEMN5pvFmXb1du5QSwwE/bUW/IN4TfeZh8VQTOOg== X-Received: by 2002:a17:907:d01:b0:a8d:6648:813f with SMTP id a640c23a62f3a-a99b93239cemr785241466b.3.1728845743054; Sun, 13 Oct 2024 11:55:43 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:42 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 08/12] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Sun, 13 Oct 2024 20:55:04 +0200 Message-ID: <20241013185509.4430-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115544_749260_C05432C5 X-CRM114-Status: GOOD ( 11.66 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Sun Oct 13 18:55:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833544 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7AF00CF2576 for ; Sun, 13 Oct 2024 19:09:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=3I/LHRTPLqJJONKYwwXQsldQo/OPnYwvoagC0qSu+YY=; b=k9yPixTN4jpW79towfy7xHO0nj LHDEd5qZRknVPYBXx7/guJjVNbcVS+cFz6lpSwwX+MMlxkdQSPLJV8KcQot3g3g8rpm6rQ08RmPS5 wc3S/4mXOPp2i3vZepzxMTTyTlg31dKhr7XJ7rag0Sk2iPXirDeQ/KMSQn5uOXEWxVdOrvGJ0LEg9 n7nPIDWmhcc+lYVwu5Cleddz87dnKa/bJ0m2c60/gphrSdH3IMkTAjRiFt9QT9C6RCT8/iNUpDjau xS/Y08OWy8UrIzV7YkbKSf+gSSIPQb/7YXuow0tc8JepJ0wQLfyZfm8znCmCnSCvEjS6Se4AemleH 3mKu/ARg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03yA-000000036cZ-2K0J; Sun, 13 Oct 2024 19:09:34 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03ko-000000034bS-0SRW; Sun, 13 Oct 2024 18:55:47 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-a991fedbd04so357449766b.3; Sun, 13 Oct 2024 11:55:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845744; x=1729450544; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3I/LHRTPLqJJONKYwwXQsldQo/OPnYwvoagC0qSu+YY=; b=WstSTWlBjdU5EEBUow/qWivSG9IwrUjnM9R89i2+E46CuKmDXYFl7IiTV37qxmOvMg lyf82yAqtGsbk0NehWGPGJelJpLd2cP8UtiC1QBbENKBoljpC8DYJuy/FLwm+3gtzMI8 11Xmn5BF0axGVb58cAXBJDM0LEgBWVrSzlsGg1fTatWWy2/UnRNo2TulTSWnEYbepUex yO+Fis2QbBKVCC/q44vd5mJlLRgIfs32hI0JnUST0DDV4CHneOCoBY4oNXHGuzHRkYMD ZpVEHGCr+bBxtQse3otCYibv2F0OznjMbUFjgy0FZaxcu9aecFg9q5FmXJ8o18y5zl5U WaUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845744; x=1729450544; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3I/LHRTPLqJJONKYwwXQsldQo/OPnYwvoagC0qSu+YY=; b=NwJceU+ge+v5Bs9FIH/4Rv3Uzhx+XqH0eVWIjqNZHYiGYWOAy4x6kuFfKdNdXwUU2C eMuF3xZ0yEzoXc5pCrFaYyVH0d6m+40eO49B9J0RTGlcOw5BXUqM9IkNp339qGTTaYQQ 1kUVgMN/neWT9LSauFPVWlyGY7zkHuZ7iEcqgJpGMy5TY6QnBG4S7DPvg8Zebqq6LmjB mRMUGNyr5nBMo7vRb1/D9ZN5yZt4n468HNJfOwr3+6dZ+tVfjPuMT+U6YSe+CWj1X16x pZKZ5j/UUJvsTPcPLY9aC4t7LWJmxbNcGY6uVO2GxMPfdABS0cl+Cfqd1phUQusRj+eX 8jGA== X-Forwarded-Encrypted: i=1; AJvYcCVP6roOZRyCqXErC9YW+OdpEITecSypj7vcnvqeFEChdcPhAm/I7iYFgPFw9d1TcIuoz7AaAtk8OtEdwP27v2g=@lists.infradead.org, AJvYcCXUAqcxTXcju9TBOia1BjixYjlqKHMlAsksYf5oY7dyLkET9Eyx5ZJMVSc8fR/M8UH5B5t+wAor8F3VJqHZ20ZW@lists.infradead.org X-Gm-Message-State: AOJu0YyZa4x4gInA43AhwE8LtkXPDO9EsHrhGVndSrxScRssJAig+TeC W4EULoCp0PvthfGYf6mJ4aWVHeA/drjEqd9Kr+v084Sj8aI3CyLQ X-Google-Smtp-Source: AGHT+IEK/qY7kO3EuTXV/jRfrEbLu6Bs8uGBQ+icVQCx2B6S9pRxxPh+utvTvacXCNe8KWGJaLv35w== X-Received: by 2002:a05:6402:26d1:b0:5c5:da5e:68e with SMTP id 4fb4d7f45d1cf-5c95ac09876mr10710253a12.3.1728845744129; Sun, 13 Oct 2024 11:55:44 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:43 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 09/12] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Sun, 13 Oct 2024 20:55:05 +0200 Message-ID: <20241013185509.4430-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115546_166953_F9E7B66E X-CRM114-Status: GOOD ( 10.91 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index bb15aa55e6fb..6719a810e9b5 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Sun Oct 13 18:55:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833545 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 83A18CF2579 for ; Sun, 13 Oct 2024 19:09:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=9DH9O06Lp64TibMF8pahG9IPkhLX3XCOl3DriGpuFd0=; b=sGqnk02h6XTfGGRvrgkVfa1uZZ 80oG5dABy9tyCPOhC3qI+WrgM4DUbTLNyd+MlH/pNQU/VafRI2+tlBsNMeOtnLnVY1cUIJjftAP2W 6ZhoDLIXtGaSvx8696++FUaoUdeaqZCSNLKAUWIuAl3U7zbw8NSx1yloSIu0TsYl3iTLlHL7i6ODe WMAGJh/udQoakoEbgSa62BR0i6SVLTIUnVGJJmi+9RXiSphZKBayyZHvQj9kMy1UNLI6bXfbdyrD8 KVoCKF9xhogys6VWHKAqhvKyUHqJkJejZ47RAAss1D7Pp3cJjAcEqeLqY0RLl9o0dR7k6bOJ7/qcJ d/P5BgFQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03yK-000000036eI-0eeF; Sun, 13 Oct 2024 19:09:44 +0000 Received: from mail-ed1-x533.google.com ([2a00:1450:4864:20::533]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kp-000000034bs-1lR1; Sun, 13 Oct 2024 18:55:48 +0000 Received: by mail-ed1-x533.google.com with SMTP id 4fb4d7f45d1cf-5c97c7852e8so432497a12.1; Sun, 13 Oct 2024 11:55:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845746; x=1729450546; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9DH9O06Lp64TibMF8pahG9IPkhLX3XCOl3DriGpuFd0=; b=KwuEPAMZKQoi1AyB9+YUNKS/kGD0dZA4X3p6xZvQbSheqHUckvWVAudEQRBp9eQnLd R1akaLJWI9CJUrvX/hFqwWpeZyOIOW6xuab1w1J8YAVEJt40uYyF/svq01ULdrh52uVE qHlmO2KDES+G9A5EPmLWSCXxK/Qcp8K/9+wMo8uZGP6EMFN4AFG1F9jIYaXdTAesEggM 42Spuq8mD8e15EIeM39w/Dli1HEe1dN27SmTLakunBGZQz6w2PFMMGqYLJrW8SPPGNva 35XA0C08zhLePMfw3qN1BC40feYjw0HPyxM/nYPLlRt3U4igv/0G5PBzuJwW0E7qcISU DCfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845746; x=1729450546; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9DH9O06Lp64TibMF8pahG9IPkhLX3XCOl3DriGpuFd0=; b=rruYY6BOVdWOEoJF9lVJ9sOtM84Y/f2MjTE2Xrxj750m44td/iq1v+fnjYtIp3tltZ 2l9c3rOVgfKUBj2cTxgAlQxMq5woZ8gTA9m2IZAdDh8w43sJYYKctPx3YfAXvbxuG6OF KGlYM2zSfnUkySy3vXKNeDcNqXsGyNmfpg93O1GfaOR9MMNo/4lVgT1JwUhMi0/Sc1U2 p7PAPsvBYC38XITt8Xe5ox9Ky961SzGQnBmQJ/hCdM7tA+0iDe683p6ApIsnXedUtztd A9xMkNJ4cvnpNEVvC9Dz7lkHgrjLRPv8P9H2fCROILdKR9pgGn6Jp3x1AJ2KWJisvvlg DNnQ== X-Forwarded-Encrypted: i=1; AJvYcCWXFpaOarPWpaDxcffrfrn+8g+cLnJ5sX8tiGABivM5KOSBtoARQ5YZymU2RaBADAGIt4xo7NYM8GdOXT1Av20=@lists.infradead.org, AJvYcCXMfUrFlt+Nasysdj8x1tJDozuVle6JYUD103iJqjQwtEvBxeGc53qmjOnNuVALrf+uRC9a6wKOqKd5k4an3Xzh@lists.infradead.org X-Gm-Message-State: AOJu0Yy4HjEL3EWlZ4L7Cho7qigPFUzNleLDMAFrP2WeTBmzr35noDCu l0FQAaoRMnuJRm9Aftd7951CVQd+LdPVkLB9cH1LwMjPTnZTgenF X-Google-Smtp-Source: AGHT+IF3e958cm6WfptQrjYwvw+8nY6U3EWzISV9aoZ2s8HNdWFDat+7mlGlek7WSgxj3fgwgQWR5g== X-Received: by 2002:a17:907:7f12:b0:a99:f945:8776 with SMTP id a640c23a62f3a-a99f94588c4mr336725266b.24.1728845745513; Sun, 13 Oct 2024 11:55:45 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:45 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 10/12] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Sun, 13 Oct 2024 20:55:06 +0200 Message-ID: <20241013185509.4430-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115547_499227_3197A528 X-CRM114-Status: GOOD ( 12.62 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 6719a810e9b5..2923286d475e 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -106,6 +106,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -114,7 +115,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, if (path->type == DEV_PATH_ETHERNET) break; - if (path->type == DEV_PATH_DSA) { + if (path->type == DEV_PATH_DSA || path->type == DEV_PATH_MTK_WDMA) { i = stack->num_paths; break; } From patchwork Sun Oct 13 18:55:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833546 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 42AA6CF2576 for ; Sun, 13 Oct 2024 19:11:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=/wvQCHOWWIW7US3Y24oFxpAEUoI5Ll0qD/qvu+rx8QE=; b=bKAP+PPu00g5evt0Hyq3XYeAsz GEm1ujiq5veJJgBEevM4AWU2o5E9gOHbQMVyKWOy5dq0BHi6VmSLCrJtt9tpaUwxF66p/HwM2Qi95 5KObwi6LYNkKsb5jl7OfFnI0GHTUpyi8Qr/CZvWFqfRaxclwNQMnWoYH5UH0UIv+0kPStPI99KCDu aQpxyBX2PPtjrTsmFAz1i5kbt8FNz1EPWDaB3Ry2eQuzPU6yIeKmy3o+TIUjbbdk+CKiGl+RaIX/s RbsAj+Do+8/vugRZmXzxe7OXoWg2PblUg5dTO5v7OQbQkLCY2bUStZrLwbUt9la+fL2zhY9x63/ir B0cAAeWQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t03zm-000000036ln-0sHf; Sun, 13 Oct 2024 19:11:14 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03kq-000000034cY-1JhF; Sun, 13 Oct 2024 18:55:50 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-a99ffeea60bso108393966b.3; Sun, 13 Oct 2024 11:55:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845747; x=1729450547; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/wvQCHOWWIW7US3Y24oFxpAEUoI5Ll0qD/qvu+rx8QE=; b=Ris191bUauvVukcXLLC5UHc0dk0yAW+UyOAxYvtK+lv1akaz5hZ98E3WnnpvefhGTC ysxUUHAK00pUdzwckjSZDPRPmQ0INltro4LCrvMxVrYZZUOO8gwQFnnBzX2XeX2mDHb4 2uxDl5fdjyx54PYQShI34imrHHCUUjwElKb98uIWKa7B56rfe5vrX0AoEVy72ym+7niA bTEBOLGwSY+PYlyfz/NXjwHl35wV0uES7Le/FbewE9lz0KmZHfFcuHQOlhOqy+xA5Eu6 kdaAg6ktcY25ZHW8UbLSjNWDdYKwcuv1sSeI12X7LbwbZe94Jv6o7l/Zh7BRyYFL+A7u DBXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845747; x=1729450547; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/wvQCHOWWIW7US3Y24oFxpAEUoI5Ll0qD/qvu+rx8QE=; b=u6Smhwx3tL8IxW+g4EA4t1wiDywaeBfq+L06rMS8YQLUgkRfLGhzu9eYJ1rXPAW4Z3 Vk2nOQ2QP3dikSQxO9DJoGDAdUz3CliX6+Vgc50utilbrdO/e6XjU68UaiREdU9JFyG6 9ulErVmsHYu4oy6ngrKL5kCcBnFtUzSjnD52eQ4eB5iHD7S1tuGsnfjIZHU/DvlsY0SI U9e8sTwyRFxkLksObRJSDrYaDo88ETtxNCUyaVU/l574yhfGaw2qnCPcDnbBriRAW99r 8Jc/YRubjo1t2GDTdtb0s1zeprd22n9cEZIJaBv6ky24wna8ucbOutll4asKnLHO0Y/h 7POg== X-Forwarded-Encrypted: i=1; AJvYcCUS+jTgM44vBMcczhh1LVqvFgDWeqqSonjz7suvcipTlE4tPktYqg6SVDbSN7u2TSFerZsDwv4pjyysmO6u8PWT@lists.infradead.org, AJvYcCVlcbGpr2QNrlMkhkSgj1uHojDCLsE/BGRQqxsGfXOBcZlc1+VzDQM9agdDBYW0jKDf9HoWA1DT9Ym3UCqRKL0=@lists.infradead.org X-Gm-Message-State: AOJu0YzaoW4BVqosS7dPHmQTAYI0ONI8mW1A3sHh8eqi2kH4G88C/lX7 A5gqgpM1lAy9khXnwvhEHpOJkcJz9IzdxNo26BkkMFNzI5OFh6Vv X-Google-Smtp-Source: AGHT+IFcMh7X7AR/VKEwvdjIeYhwzK2WvA/EYBgn+NK/HakHY1UTKH1K6wSO2SOJbW3fWApGJV4UEA== X-Received: by 2002:a17:907:6d27:b0:a99:b592:edba with SMTP id a640c23a62f3a-a99b93a7d8amr743812866b.1.1728845746819; Sun, 13 Oct 2024 11:55:46 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:46 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa Date: Sun, 13 Oct 2024 20:55:07 +0200 Message-ID: <20241013185509.4430-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115548_392945_1EB73DA2 X-CRM114-Status: GOOD ( 17.67 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets Now that DEV_PATH_MTK_WDMA is added to nft_dev_path_info() the forward path is filled also when ending with the mediatek wlan1, info.indev not NULL now in nft_dev_forward_path(). This results in a direct transmit instead of a neighbor transmit. This is how it should be, But this fails. br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG is set when there is a dsa-switch inside the bridge. Signed-off-by: Eric Woudstra --- net/bridge/br_private.h | 1 + net/bridge/br_vlan.c | 18 +++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 8da7798f9368..7d427214cc7c 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 1830d7d617cd..b7877724b969 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -3,6 +3,7 @@ #include #include #include +#include #include #include "br_private.h" @@ -100,6 +101,19 @@ static void __vlan_flags_commit(struct net_bridge_vlan *v, u16 flags) __vlan_flags_update(v, flags, true); } +static inline bool br_vlan_tagging_by_switchdev(struct net_bridge *br) +{ +#if IS_ENABLED(CONFIG_NET_DSA) + struct net_bridge_port *p; + + list_for_each_entry(p, &br->port_list, list) { + if (dsa_user_dev_check(p->dev)) + return false; + } +#endif + return true; +} + static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, struct net_bridge_vlan *v, u16 flags, struct netlink_ext_ack *extack) @@ -113,6 +127,8 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV; + if (br_vlan_tagging_by_switchdev(br)) + v->priv_flags |= BR_VLFLAG_TAGGING_BY_SWITCHDEV; return err; } @@ -1491,7 +1507,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; From patchwork Sun Oct 13 18:55:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13833547 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 050F0CF2576 for ; Sun, 13 Oct 2024 19:12:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=nXqA2N6PSdeku8lbnGk/r0H6SHXM5r8C6mfKewggPXk=; b=WUnNSMLtN70JZjfmXvdKruXGkT LxlkL56h4kn0ppY6IIjlWZdOtZ71/DHZUO0xcAvjdxeKOAd9iQj/S9Y0aHTtYn4EvRK/pwtD9QMxD cOw4z/HS5k64TJvTr81uH+RsdgPqFINEXl7Ickt3OeZU6HOl8vP9HERhAkpRAYTpS2g7MxKeKmD5B od1sXYYTuUp9fg85JJ7q3IW4D/45OAxxXBGgtP4AQBXNg2fN/e9OZP1qpgNXRl6TKXcJfU73Esfy0 HQi1wl/mV2xo0FGjcZGXJiNtuvlIEgdF0mfeDJZEknmi9AvJ3GgvNFl7s+mp2qRu6zyWlLOEdSvNz YrBMkwmw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1t0417-000000036tA-2ONn; Sun, 13 Oct 2024 19:12:37 +0000 Received: from mail-ej1-x62b.google.com ([2a00:1450:4864:20::62b]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1t03ks-000000034dM-14D4; Sun, 13 Oct 2024 18:55:52 +0000 Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-a99ffeea60bso108395966b.3; Sun, 13 Oct 2024 11:55:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728845748; x=1729450548; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=nXqA2N6PSdeku8lbnGk/r0H6SHXM5r8C6mfKewggPXk=; b=Rte0WCRuTrXrl12If67/AGZ52xHsO7HJN4OI48ESAu4fiN4NiajB2pil7QpcNYxnzC dHgH6RUPf2+TnWjsCco5S4pQEysV2nfSTmHl/4I3F5olA6Z5wyox6uFjk17VpS+HMIs4 MwQNdpXepsSY4ucESszrU0fcHUHA9ZNYbopi4/xLoCeIzBy6DxTcNTA3DzkF3obeoyLj umZI5XmPKbSugNywVOwaTmpGkJHQj4+Vji57yKZgIA5RH7XS0GKenha5W6+cw0l8CocQ clujgyUSwaAOZctLYvO+XWPdipgRhFgjEauEZhNfDNvIg06rAOcv5xt7Wv4yHZA/qZrb 1wLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728845748; x=1729450548; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nXqA2N6PSdeku8lbnGk/r0H6SHXM5r8C6mfKewggPXk=; b=reHhoI3a07RGjpkr7/MJ31dRkZeBcFb0iqMJnT0x7ghIGJqa2OSrjOpRzbIM5viIMQ 2tKmdKDyuN1eNrZVx7vycVSwiQ8Lhfe0M7snMB0WvYCUh54BdTUUPSsuHTf9N7CPomHJ 14j7PyJ0hU32VBqZUflxrodzWf8V5RsdHU2Z1/KjOOkpy/aCGwJVRV+HUAM3Q7RDG54c cMnBpcuJuiu4A6NaZjCL0sH0ZMGPDC0JdFcqjujVIh16Uv62eb65Zqa7c2o+lc6Ufo/n dX+UNkdoagU+d/Pvrxo0Wb74qBQEsIxBgNq38qN7oUDyDKk0tNRehVStvkVa8OK57RFP vxtQ== X-Forwarded-Encrypted: i=1; AJvYcCWycg9vLYJkoSq7s6Poyx6pf/aTc6pllMlvmhi5+txuNSIVNroNG5d5YnE9HhtOfqQsNcAgFlWY/2GSaJOzlK4=@lists.infradead.org, AJvYcCXFSh066bxhMDG4kyMvMuf8wlKOU+ksdCUsmodYuHNS7X6pNgq1b934oVwK/lQdndOaugaAOU4ok2dE4Q2/m4K4@lists.infradead.org X-Gm-Message-State: AOJu0YxjZONC5pgX/DYKMb3iNak5H2Cbc+UjbNIY3pa7rxqewDbgeeWF hAY6Gki3LxWtFblKer0pJwyRUO3pZcIyK4mjQARbjFLEyiP9jRu7 X-Google-Smtp-Source: AGHT+IGDRNNl2WNHKk/RQYIt3X3ZUbDBl2cG/u3cyrPOyqik2hRlsXTDnJIYfMk+W8sAqccVFejf5w== X-Received: by 2002:a17:906:6a0f:b0:a9a:196:fc29 with SMTP id a640c23a62f3a-a9a0196fee5mr289924666b.61.1728845748194; Sun, 13 Oct 2024 11:55:48 -0700 (PDT) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9a12d384b9sm13500866b.172.2024.10.13.11.55.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 13 Oct 2024 11:55:47 -0700 (PDT) From: Eric Woudstra To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Jiri Pirko , Sebastian Andrzej Siewior , Lorenzo Bianconi , "Frank Wunderlich" , Daniel Golle , Eric Woudstra Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org Subject: [PATCH RFC v1 net-next 12/12] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Sun, 13 Oct 2024 20:55:08 +0200 Message-ID: <20241013185509.4430-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241013185509.4430-1-ericwouds@gmail.com> References: <20241013185509.4430-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241013_115550_320377_C85DF09A X-CRM114-Status: GOOD ( 18.82 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 142 +++++++++++++++++++++++++++++-- 1 file changed, 137 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 2923286d475e..bd4850691baa 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -184,6 +184,129 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_stack stack; + struct net_device_path_ctx ctx = {}; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.out.hw_ifidx = info.hw_outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + const struct net_device *out_dev; + const struct net_device *in_dev; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + struct vlan_hdr *vhdr; + + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + struct pppoe_hdr *phdr; + + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, pkt, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, pkt, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -294,6 +417,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = (flowtable->type->family != NFPROTO_BRIDGE); struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -347,14 +471,20 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_route; if (tcph) { ct->proto.tcp.seen[0].flags |= IP_CT_TCP_FLAG_BE_LIBERAL; @@ -407,8 +537,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: