From patchwork Mon Feb 17 13:41:02 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977861 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2069.outbound.protection.outlook.com [40.107.243.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F1D321CFE8 for ; Mon, 17 Feb 2025 13:42:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799727; cv=fail; b=GMA0OlNw6gw5ZFnMHG7YUnwegXFtOApdfYl+dcAs7fLlupaZF/bZdRbHmEo+yPdMbL9zSV8D6riADMcKsyuSTTHUH+jAfH+tq75guplmYsVGFzLgw0BPaXrXBZ9Btgbt1HuDuVWk+xouz2WHbLA2gGaV7I/zxFI6HtXatUXHZ5g= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799727; c=relaxed/simple; bh=gORVHcfpJkQOcL6xhwCHRywBsNvCdJhvATlmFuXhS2k=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=V7m6JH15Sd1dni1gXV+mRGCAzRwgFLLSaTAp/v2PH/B0tJofym/ucFSQkceZ+HcrTgLno+Q0DjPpkV5gJRB9XmWDp9ThARVqY5ui/4xm3JeDwlYafhRTKdiFWjj0/2XlxDIUz9zOzmP0F0Wbd6OcRSzZ5jiK0dQRXjY27M9Tngk= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=G/a4jbcZ; arc=fail smtp.client-ip=40.107.243.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="G/a4jbcZ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=H+PU/nN2x1yKPQW50osLOr95ftqOnec7vIBjwat0ZhKmq26HVH0M5fqBT8paRhSoc9VVj/I0dkgzg2qm0VsXwpQALFMouiLEkXRbAvTDadHmEc3z3YcWnJ03pedgM70NBJ+4v5e2CwkrAcSEdDg2E6k46kSr8XO+Mk0zS1KTs2w1OuaHl44FHrtSSfEv9TW4Ltdy+TtQriTbg1x+iW/DnxxVnq321aKX525XNpqZymKfFXGoUWPKU3x56SGqzA07ivSmnXlkABFb7zOPHaEC1CEt6g3kBhnDS8yqNCXWdeDyw31HTi3IjoNfhPvMO88QSNlLcWiAHmmWbKU6ruDlSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/aNCv97DWhKUeBl4WjJ9ek8l1mfHi4NLhN9Pi7jy6I4=; b=opBGzyRStdgHxDNvv0saX9kOJLc8/W1iOwgGyJhMa4TrRIK4IHemq/0Hd70my9hT4MuOcgRFevuHxA6DbCmMLW6NxpqZ28TCoM2gpEhrtRB2ixqXfWCWIsfD5bM3QXquEAFwvhKddQrF7fD005u/hzRgz6J9x7DovJBBZ+CY4NixeYM2FVC1jOcx2mB/Hd+tRROkNNYtJF2jqzzqmAHN+pGBleGzk6q9zDGShr6a4KcmSg6e6zV2u7fIn8Uhy5Gifd1rgSTJdrMQ54Aw39Ky9SLaUh7bdgb+tK5Xeu7F/Df9xnAB5xlKUQy/7nkQkKBxTis4j/f4JihWgPCog+f2rA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/aNCv97DWhKUeBl4WjJ9ek8l1mfHi4NLhN9Pi7jy6I4=; b=G/a4jbcZigHbBPNXEdGvDY8QQ2IgjnuHWI6VuMfFnjtxv+1xaeujOi34YU1B3zosabb0jqautiAmQC791O3ofFCHcADHnNJ4ANjSPIpWVT1uAhB7n3XuULN9UEa/IUy1MInC1RYoZ6hdSKiTx1nmQV6/ApxxuxKu1or2BNgsS9Qce21AUzc050qnslxPGfSB9T6KqsiX83cC8rZNt7x1Er2PddZy5ugwwWkP2smPmAgKCDueJ//B/vsyXyiJdgaewtQNvitBJzgGTZS22z94DNBY5fl8lC5h1a8rCTbMhIMGAMg45zHFWAj9SOPKSoQZYzHk/UA2/VjoL3Hw8qI6xg== Received: from DS2PEPF00004560.namprd21.prod.outlook.com (2603:10b6:f:fc00::50e) by CY8PR12MB7268.namprd12.prod.outlook.com (2603:10b6:930:54::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.19; Mon, 17 Feb 2025 13:42:03 +0000 Received: from DS1PEPF00017099.namprd05.prod.outlook.com (2603:10b6:2c:400:0:1007:0:7) by DS2PEPF00004560.outlook.office365.com (2603:10b6:f:fc00::50e) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8466.12 via Frontend Transport; Mon, 17 Feb 2025 13:42:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF00017099.mail.protection.outlook.com (10.167.18.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:03 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:41:51 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:41:48 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 1/8] net: fib_rules: Add port mask attributes Date: Mon, 17 Feb 2025 15:41:02 +0200 Message-ID: <20250217134109.311176-2-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017099:EE_|CY8PR12MB7268:EE_ X-MS-Office365-Filtering-Correlation-Id: 8ba81c12-b05d-46c2-78eb-08dd4f58dc91 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|82310400026|36860700013; X-Microsoft-Antispam-Message-Info: joKCy5f9ZiG9XNuLojzTlOiqrTkRJ+Vl1ZKLxltF5X5ogeGLoFU051TBwdxM3geyb6yYwiIO3ZB+R8pIbIgxQ6xjCm/0W34pjIBbILo/9XMwJp9pvZ/vgA8bqAVw/ZsEnDMYXILXdYU8Eu4EfZO4qKhHY/j2iESgXECQWsEJ2U4V3zReIEGHCNbkTGT8/JF0v447lk+fBGhvzRNYlAxLksi3WtBeGW0hO2A4yKBaFf8x1YJdOJtwHtJ3ACxQFSmojhcGjSMWmCCZwzo1IuU44d2luZW4IWq2MNfbdy/uOGxM2zpca5wC01Q/hcZrSKuXgSsgl2gdEwWbOdbP1Ydsz3kmuTMFGoBnGXs+TlbJ0cwDuSAOxaa1GEyIEEYF0j3Di+SEfmS2we0TTakIZaBRRZEZ1xquMiIYDnXuZPhI2nH+Jq0taCn5lbPtSpnMbfG3jCiF/gST/4GDslAEr6x2SumS5Ft6Ip5Mbtqp6BHTaUm/oAopJ1XS/HT2EfaqOa0GhH1URLJlaw6yi1dPZQnxvWZYiobY35IJCWPeM7N1XO56xmQL95JerQkecBdPB/4YB1odn4TGkf9VHg6Qc4w69OPaIk1uj0NxsW+R68AnDUaAw6OeBNnZSFR3oqtmoFuuW7fTsAkgZZqmuLiHfSC9IXuNd2F2vyVTWVp6EItCDTiyecO6BVPvLgKOvyK+iJtPfxHMMk1uRUCnpi2RrNjaDGS8JnpFlhVWHlQCabW7nIlLTpDIxeGkbP8IDQgtYqMCL2RMVl9emxPnqhjUnOuH1M908wD1QvhOp8ypDG3iosISSY2zGW3G7i7N2OjnmMNzCVbUOb9YE56SUcf034CejoijdlPgoMb7PayF1N0jzCLwrdXrpQHxJOfLgXv8jrhJ++qhg6felRcyZfcJLntxeccOBxT/rKSrW3hLT4q0U5zE5QmgcGNoPqlStjQOpims2HFDloNNsDE5smyE9vd4cktB8S2O5DY81Fj9SSX+yRZRqoDfW/lTuS/4GE1FsfoGGjIxfNKh3bjUE9q7JYy7rElyzNmg+1SwgBfASU54P6IsYngaSf+TASsKqTNKWAG5/bDPKdRb1gTCD5fRIOH81G8lszwAGkfS4fcjwdMMseQCZC5SA0kGeaK69XbAKb+7HZPezVsg12zKs7lSwuumyB20Em/oxiFURv3QAOFalAQhyFffPV+RuA1fC2l5+V3X4/DoklMD9NwgQkXzHkJsR9O9akgvIFowpCCJJvsKs4OKOimMaOQp6EbqN/9yjnOphgFQSa7TbG5qNKTSV5G3EryLdBkYRdklqzFR7jupbsGKG2IMgH62u90m6CM7evPUsw9jJWc/dg7U3YL5tCCxPVHwSn366C96mSyJCG9FnCUmkl46hh/Omq49SfFxDp7BczZmGydu8WAeSah7oZGieWO4pbx9u09IquQ9NUAJ0BjorMuSsHorRwAbaLl5mSXWRk+l7ypQqEkK+qdhDAcSiKE8mn3gcxp4/vn73El3dTM= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(1800799024)(376014)(82310400026)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:03.1153 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8ba81c12-b05d-46c2-78eb-08dd4f58dc91 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017099.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7268 X-Patchwork-Delegate: kuba@kernel.org Add attributes that allow matching on source and destination ports with a mask. Matching on the source port with a mask is needed in deployments where users encode path information into certain bits of the UDP source port. Temporarily set the type of the attributes to 'NLA_REJECT' while support is being added. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- include/uapi/linux/fib_rules.h | 2 ++ net/core/fib_rules.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/include/uapi/linux/fib_rules.h b/include/uapi/linux/fib_rules.h index 00e9890ca3c0..95ec01b15c65 100644 --- a/include/uapi/linux/fib_rules.h +++ b/include/uapi/linux/fib_rules.h @@ -70,6 +70,8 @@ enum { FRA_DSCP, /* dscp */ FRA_FLOWLABEL, /* flowlabel */ FRA_FLOWLABEL_MASK, /* flowlabel mask */ + FRA_SPORT_MASK, /* sport mask */ + FRA_DPORT_MASK, /* dport mask */ __FRA_MAX }; diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index 424b4cd4e9e5..f5b1900770ec 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c @@ -784,6 +784,8 @@ static const struct nla_policy fib_rule_policy[FRA_MAX + 1] = { [FRA_DSCP] = NLA_POLICY_MAX(NLA_U8, INET_DSCP_MASK >> 2), [FRA_FLOWLABEL] = { .type = NLA_BE32 }, [FRA_FLOWLABEL_MASK] = { .type = NLA_BE32 }, + [FRA_SPORT_MASK] = { .type = NLA_REJECT }, + [FRA_DPORT_MASK] = { .type = NLA_REJECT }, }; int fib_newrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh, From patchwork Mon Feb 17 13:41:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977863 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2083.outbound.protection.outlook.com [40.107.93.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 955C821D3E5 for ; Mon, 17 Feb 2025 13:42:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.83 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799731; cv=fail; b=jYmNDykV7Qb6BAH0BK4ndK0yfxPtTQ1x2WcVoHXcMHSc7hQxG36wb2Zcou5nOUOBbaDxhSGY5nCmnO+myOM529DU4NdlaVrJJ3UtUe9ZygaWat7ATFNhK1eGGmu5OSEKDoderqDf07m5HN5A6JAQE5x1YvqCyEhAQ8ofyuQEusI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799731; c=relaxed/simple; bh=OrO6Wm9znof9xJH9trhkj/szxO4gXL7u1/7dhS9BjQc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=qXTc0Z6rhoOISWHSOK3Pq7gT3yYrG8nHu+m/N+ldQK+hdiUJU+k6CBsFWgZqEv5U44lZoMxRibpUjBqj6c+ENSakraD3Wz3j11asBBkOvgXaUuSdo7GlEN1ilHaCeJ5ng3i/EoGeLtBSuqmNcsDpMpzyoC7INNK3kW7vCbdMVxA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=nwL8GFjE; arc=fail smtp.client-ip=40.107.93.83 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="nwL8GFjE" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=muEbbZC2H6+y8oQGfmrmbGwasP6/6N4gICaLKK/9Bw2/76YtuOrSXgRe+j4EHi2qVb6fJz6jR+HMkyW6GKtFh62gHqpO0WRe8aksTIcIj74KNzp9ygOuZYf6YVkRMMiMaGavn0LnAHG8g/L8UhJ+j5etZEjOigqctdNs0WlsxMAQSOLEntdAk4UAuJZSHs2ykCp6Kefn3TANh4+rTIRCYcAi9CSFJs04LJLM7jx9qmFkTtV3AzE3+ZOzSv91/mHngVBFFn1+38HVRvFaVODX3dZOrmAgQkr5vr8w/JhfYP49JtZRJN15ZnCZT8rBgrbUadwYylHunsWIKrVpsOPNcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FwSFyYRhE3Uowu63HMU6tFUD+4ax8QhA7nd1zYHZKmI=; b=oMA6BS3hDgmoWDMCa2NzdmyV4tWHAiV7138UW2+Ijmkouc6uX8GSoMU+uh2w/q7akMcMOueljh4YNnqZsUjQ+rWAvsdGwGiQrxLY9fJSr8xowbcjLD5t+xPwT5eCNgP2CXHwSs2BZjCxKQBG8yuVEyRyQ2NY06YxYbI/xyEfs0eRUk0Xm+L1hMhV8WSnBRttr169XqWjwF+r1ny5hNTvky5g5LNxTqPuUUmUCX/sJtxQFWMCUWjnN3kW8fDrv/C68h1zTY9vVL1jpUJ7M5irUZYoEYA4UvIO/aBEZArd3heVeBESaTRlyM8sDKVQVp1s8xtv6vDGdCijnEshE5ErlA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FwSFyYRhE3Uowu63HMU6tFUD+4ax8QhA7nd1zYHZKmI=; b=nwL8GFjEXE2rOTSVJ/YXbbhzpNzQs6xWOdIjtJ+76WM6a3SRYAuruhBFzoCvLgilzmb3iI6wceiKDUpKP5f1arJGNGYb7hlc1guQanWG4G38Syz0UkevKQrVMcMjWCGKkQV+oggis8sdOsXLVZcyw9xa4J3xdyE3BHDoCJuXwhdI2eAdO8C18ugtWPEdXpx+i7wOAJmObc6LKhNo/mSED3kSKW6mnopSf3zq7Ta06qmgrLe/gL2fQhY/62DDc5fwZyJ1P3f8fKI+kH8xytq7ofEhthuISsi4xz2nD1izeeJSGcQit2P8vHwpa9oSVIilFra43cBMbiCwX9CoVQy5FA== Received: from DS7PR07CA0018.namprd07.prod.outlook.com (2603:10b6:5:3af::27) by CH2PR12MB4261.namprd12.prod.outlook.com (2603:10b6:610:a9::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.14; Mon, 17 Feb 2025 13:42:05 +0000 Received: from DS1PEPF00017097.namprd05.prod.outlook.com (2603:10b6:5:3af:cafe::73) by DS7PR07CA0018.outlook.office365.com (2603:10b6:5:3af::27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8445.18 via Frontend Transport; Mon, 17 Feb 2025 13:42:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF00017097.mail.protection.outlook.com (10.167.18.101) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:05 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:41:54 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:41:51 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 2/8] net: fib_rules: Add port mask support Date: Mon, 17 Feb 2025 15:41:03 +0200 Message-ID: <20250217134109.311176-3-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017097:EE_|CH2PR12MB4261:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c610b94-298e-43d8-34c1-08dd4f58ddea X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|36860700013|1800799024; X-Microsoft-Antispam-Message-Info: dLfT2ydlW9gOYXLEDPEWw4/C7d/thz74P5a3Ts1AnL3NoWKbpSTem+3zzgErYAUov//63BRcjnMvb5w8svvN1AmMWyrp520KEvcTBQ6dp8IuF2nPiSYOUdEVHC2WzjnVivxqOQsy3UJpEuYN6ePhzGs4nctEbxv3Uz1p+R2x1f3HYiIqDx6kTWBpxr4YX7bw47nVpK85vjoea+yhywTv41PU/2G9bmT6uSISc366JCdp7Bj+dbmsk/H8HjVS+yGQNDtGhy8mzhECp6ek6d2O4dbM1q6wQI0MGKa1otIXNGv+DTjZw4O8sCxkm49rzm0U1wHQWlIBiEnmNLHNfzjDn+jER6b3i9IZEwAYYtV494g2h/7y+V6Zei+8nNQKg39y/QxkfVmWq16B19BRojXBlplM+3PIqCwcbg8G1tEk5j5aiTPJzzC3kqadcT/6jCqkeOv7//4ZrjHSRGOXTwbQeNQoDQmnzCI3rKcQ4pmCeGdIb4x03E/Bgby7P22/3iP8IZhI3xUKPT2Lnp15V20E1c2kMQ7hL0Z7Qv/nsyU4tfujFV3N7NszfX5tbeUFLe+hHc+cWKutM8VhFawRdl814D8Kw/W0A59w8euEk0DvdVuNnXUf2KZj7DK7oXDUS9cD5m6eZroPBBOuTKam9210rzlC48d33YHg7rBHKosmXXzHJZKLZw1BxkUZAa5oD9vIL3B4Kzjlt2840SMvPYxdGPiu5aMztwh3mbj97uAVAzXVdvMuRJh2dOhVHoHWgMTydDGtH3CwfyQQ9Yq1pdz/Z5HTW1qQq3ou+i9YkhnLa6P2q8a/UldHKiDtGDwPiD+0PeQ1x96Agae1pMzXE4LVBpOkFXHVB7XeTM/xDyyYVIdzgukYYvqGf0iCeyym3OHgOFJXrxkx6UNHuTRVyhGhcGPx2Rxkx9sHS5VqaqZv4YpPc0METZNBTpZbf2LHPxFmXukuy7zLLO772S3bAlD0rPWa6NdF/rAQ4Rv+fNCV5YBEDYtnGp1xIQxgdYCASAW3gn+phHswnsFeLudXQKIGZG1uex+fU5zsQSwtER0SsDVm9QItBhpDJSihadvr/ddcj74fZ2pXV76oL0yiQtDyRssq0RNKDwphkrug7HMEdunPGWPzOZkbaD8tuYg+mbYk29rM2iBeOI5yGQpvxhaz9jLEBgQoIKT7Kmoyg9oGW4dISBLK40AbG+dMVZ9Pqz6vbDogqDoIt7+m6dvZ67tnat1kxswPkgWQ0GgM6eJaoL34MA8sn/A2F1YnSc/JqDHWaFOX2PrxmmPa0pS26YAhOufFfvH9gPQTSF3XDb8lhgpVSRulF/ULhjehrAlFR5HjVHsRzbFtl/bD5lC+e+UKGPMyA2XEiLbhGPiSP4z1cj8BQgd4xU2jC0ukb6UbwFk1eeQkXvxR2SboZscUmh+9sq9m+EkhUHOl+H7XDcgPAZ9sVOv67p0tOHthWNuTweJ1lldtfQtpE4jKFnYPLujRIQYZ3yf+YoaRKFOdKKz/9Sg= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(376014)(82310400026)(36860700013)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:05.3745 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c610b94-298e-43d8-34c1-08dd4f58ddea X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017097.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4261 X-Patchwork-Delegate: kuba@kernel.org Add support for configuring and deleting rules that match on source and destination ports using a mask as well as support for dumping such rules to user space. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- include/net/fib_rules.h | 8 +++++ net/core/fib_rules.c | 67 ++++++++++++++++++++++++++++++++++++++++- 2 files changed, 74 insertions(+), 1 deletion(-) diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h index 710caacad9da..cfeb2fd0f5db 100644 --- a/include/net/fib_rules.h +++ b/include/net/fib_rules.h @@ -43,6 +43,8 @@ struct fib_rule { struct fib_kuid_range uid_range; struct fib_rule_port_range sport_range; struct fib_rule_port_range dport_range; + u16 sport_mask; + u16 dport_mask; struct rcu_head rcu; }; @@ -159,6 +161,12 @@ static inline bool fib_rule_port_range_compare(struct fib_rule_port_range *a, a->end == b->end; } +static inline bool +fib_rule_port_is_range(const struct fib_rule_port_range *range) +{ + return range->start != range->end; +} + static inline bool fib_rule_requires_fldissect(struct fib_rule *rule) { return rule->iifindex != LOOPBACK_IFINDEX && (rule->ip_proto || diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index f5b1900770ec..ba6beaa63f44 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c @@ -481,11 +481,17 @@ static struct fib_rule *rule_find(struct fib_rules_ops *ops, &rule->sport_range)) continue; + if (rule->sport_mask && r->sport_mask != rule->sport_mask) + continue; + if (fib_rule_port_range_set(&rule->dport_range) && !fib_rule_port_range_compare(&r->dport_range, &rule->dport_range)) continue; + if (rule->dport_mask && r->dport_mask != rule->dport_mask) + continue; + if (!ops->compare(r, frh, tb)) continue; return r; @@ -515,6 +521,33 @@ static int fib_nl2rule_l3mdev(struct nlattr *nla, struct fib_rule *nlrule, } #endif +static int fib_nl2rule_port_mask(const struct nlattr *mask_attr, + const struct fib_rule_port_range *range, + u16 *port_mask, + struct netlink_ext_ack *extack) +{ + if (!fib_rule_port_range_valid(range)) { + NL_SET_ERR_MSG_ATTR(extack, mask_attr, + "Cannot specify port mask without port value"); + return -EINVAL; + } + + if (fib_rule_port_is_range(range)) { + NL_SET_ERR_MSG_ATTR(extack, mask_attr, + "Cannot specify port mask for port range"); + return -EINVAL; + } + + if (range->start & ~nla_get_u16(mask_attr)) { + NL_SET_ERR_MSG_ATTR(extack, mask_attr, "Invalid port mask"); + return -EINVAL; + } + + *port_mask = nla_get_u16(mask_attr); + + return 0; +} + static int fib_nl2rule(struct net *net, struct nlmsghdr *nlh, struct netlink_ext_ack *extack, struct fib_rules_ops *ops, @@ -644,6 +677,16 @@ static int fib_nl2rule(struct net *net, struct nlmsghdr *nlh, NL_SET_ERR_MSG(extack, "Invalid sport range"); goto errout_free; } + if (!fib_rule_port_is_range(&nlrule->sport_range)) + nlrule->sport_mask = U16_MAX; + } + + if (tb[FRA_SPORT_MASK]) { + err = fib_nl2rule_port_mask(tb[FRA_SPORT_MASK], + &nlrule->sport_range, + &nlrule->sport_mask, extack); + if (err) + goto errout_free; } if (tb[FRA_DPORT_RANGE]) { @@ -653,6 +696,16 @@ static int fib_nl2rule(struct net *net, struct nlmsghdr *nlh, NL_SET_ERR_MSG(extack, "Invalid dport range"); goto errout_free; } + if (!fib_rule_port_is_range(&nlrule->dport_range)) + nlrule->dport_mask = U16_MAX; + } + + if (tb[FRA_DPORT_MASK]) { + err = fib_nl2rule_port_mask(tb[FRA_DPORT_MASK], + &nlrule->dport_range, + &nlrule->dport_mask, extack); + if (err) + goto errout_free; } *rule = nlrule; @@ -751,10 +804,16 @@ static int rule_exists(struct fib_rules_ops *ops, struct fib_rule_hdr *frh, &rule->sport_range)) continue; + if (r->sport_mask != rule->sport_mask) + continue; + if (!fib_rule_port_range_compare(&r->dport_range, &rule->dport_range)) continue; + if (r->dport_mask != rule->dport_mask) + continue; + if (!ops->compare(r, frh, tb)) continue; return 1; @@ -1051,7 +1110,9 @@ static inline size_t fib_rule_nlmsg_size(struct fib_rules_ops *ops, + nla_total_size(1) /* FRA_PROTOCOL */ + nla_total_size(1) /* FRA_IP_PROTO */ + nla_total_size(sizeof(struct fib_rule_port_range)) /* FRA_SPORT_RANGE */ - + nla_total_size(sizeof(struct fib_rule_port_range)); /* FRA_DPORT_RANGE */ + + nla_total_size(sizeof(struct fib_rule_port_range)) /* FRA_DPORT_RANGE */ + + nla_total_size(2) /* FRA_SPORT_MASK */ + + nla_total_size(2); /* FRA_DPORT_MASK */ if (ops->nlmsg_payload) payload += ops->nlmsg_payload(rule); @@ -1119,8 +1180,12 @@ static int fib_nl_fill_rule(struct sk_buff *skb, struct fib_rule *rule, nla_put_uid_range(skb, &rule->uid_range)) || (fib_rule_port_range_set(&rule->sport_range) && nla_put_port_range(skb, FRA_SPORT_RANGE, &rule->sport_range)) || + (rule->sport_mask && nla_put_u16(skb, FRA_SPORT_MASK, + rule->sport_mask)) || (fib_rule_port_range_set(&rule->dport_range) && nla_put_port_range(skb, FRA_DPORT_RANGE, &rule->dport_range)) || + (rule->dport_mask && nla_put_u16(skb, FRA_DPORT_MASK, + rule->dport_mask)) || (rule->ip_proto && nla_put_u8(skb, FRA_IP_PROTO, rule->ip_proto))) goto nla_put_failure; From patchwork Mon Feb 17 13:41:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977862 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2066.outbound.protection.outlook.com [40.107.236.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DC2DE21D3CF for ; Mon, 17 Feb 2025 13:42:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.66 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799730; cv=fail; b=mV5eFkfo6p+OMqGmuCLq2BVL4ZJHK9d2ZssZCZivCEXTGNEAc53+YoNILgYjw1qH68SI8mSsgrRzj863MwsbGS75MCtz8Bw2p15xPqrBtN9WVspdIE3qE09gPzVwepg0k0iLx+cNszSsWj9HLwignoqN8WLY/wjmrx9n92QBVnE= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799730; c=relaxed/simple; bh=pKPNZFR63za6lTSg9URIv8KEVYyksq1gClF5TnIpE1M=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ggTVOa6Px/3XkOp2nkUvzfYiMtUVu2Ak7Q5iWqwYOkyWDv7thTwpTGdiPlvln+997Q1Jme+VPMDMvQ+z3XUKQdQXYUTHNHYtoAJXn1mgLSXMBfcC6yMaId0ogTzLxQ6Aaa00oe4ZXzXcdq91zyulzfB5wLrjg5Rsj/IQFG9kXVw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=sAvTaCSq; arc=fail smtp.client-ip=40.107.236.66 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="sAvTaCSq" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=zH/hj0KQevPwINApo0zE2tJsuN5W8ybckX/Hu6LHzN8Q5N8AvRBUEC3qPo/vSTUv7ekIuZoAuiUOWnVdyMmiQUZwVicRb9RLHCZVJobju1sNx6D9CFXcafjKKnRx3yOX6zhYbteFULixLvTMDX4GzrcXM30+WVk8bpT/Kf5YwgOz52yKoqg18BuQiFiI5uEaw7jICC3OctpjlQfUnNi5I1+GLcvdpF+Cu3vq7AhJIb/kgtsLZfJ330xfqz6Kk7kEN5QXFhPmhE0UpTL11lsZFzVWQg1+4FqGkTh9f6VaFh7ZZR2ymcQ6L8W7/qmNeGALJgZa2C3bwmUmqiE6Q3HB0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Bu0R2o5cH9t1XN5XN5XaQm5Vqka9S+kFxaMuc2vpzpU=; b=cdkXAHqQx6r5KmvRfe0Mel7LohkvGPOI+yXd2QARFAfCktryj6Yqic4wY91zW/YrtnzFS7DHxp4hhruzeuKSPiqgqjDX28XhCOvArj1R8QZSyQSbaQSEEk4bd6YuOzQjxgbMfr3rlD9VTFpHRakkNZ4pRAqh6L6YJvoS/pfmJHMvH+DUW4Xo5OkwlXVu8fGwXBUvGJDOoMw7GTeVXO44am9jrIVBbXcOemBnoY2EyKWb83y/sFd6DIj5zwjpuAv2zDqucNLXaI6DO4HvuI1SXuxcbfUu2VdkwncChh8tx5gqf6ekQPRCPaFW2mlkewXdHgwfhA12Hd3vuIfOKzdQ0w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bu0R2o5cH9t1XN5XN5XaQm5Vqka9S+kFxaMuc2vpzpU=; b=sAvTaCSqDM5Tc46lxnr3pISR/2oHuibAsPHfzDgA6WOES9eKh3FUeSojW2zjEHzql2Sws9eATj/5CwbzxODGqjMSCDu2EGVfWEzSjFPvLjdsea0sqaXmrBxUXYbgLekIgq88QdGPvN3FzFE7K8Z2Ag3rCBE6Z/GP+Uco9rWHcHHdXCO10AKbZGszmRN7ew6N9bmW7A6uH5VT7FJz2Hdvagy67T/3oe5ROEkTWBr/schpGIhi+KJL0RNGF2LrH2d7/QSXtr/yusYKikO2bwRXqtJ6IaMQ7jw9hWguBTj5+DXX2sqgWExj+Ju3eYIvdiuS+/p/566Ib3mYhDub5lHctA== Received: from BY3PR05CA0006.namprd05.prod.outlook.com (2603:10b6:a03:254::11) by SN7PR12MB8001.namprd12.prod.outlook.com (2603:10b6:806:340::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.19; Mon, 17 Feb 2025 13:42:04 +0000 Received: from SJ5PEPF000001F6.namprd05.prod.outlook.com (2603:10b6:a03:254:cafe::35) by BY3PR05CA0006.outlook.office365.com (2603:10b6:a03:254::11) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8466.9 via Frontend Transport; Mon, 17 Feb 2025 13:42:04 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by SJ5PEPF000001F6.mail.protection.outlook.com (10.167.242.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:03 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:41:57 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:41:54 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 3/8] ipv4: fib_rules: Add port mask matching Date: Mon, 17 Feb 2025 15:41:04 +0200 Message-ID: <20250217134109.311176-4-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001F6:EE_|SN7PR12MB8001:EE_ X-MS-Office365-Filtering-Correlation-Id: af45783c-7465-47c5-0cd9-08dd4f58dcff X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|82310400026|36860700013; X-Microsoft-Antispam-Message-Info: kTm6MSMpGt+qZbwoCpKb8zdN2fQOK8GT+njbKuSFdI1ENT4JWFHH0iVkWAaXBFNv8Lz9LWHhRQLh4ISkgYlflrr6279RKoxnHzfT9gaBS1hJgwhkaVXM/d0JgVAZUOwL+Sd4izoPBF6fRCD20ZYKlhYGzdzhFXK7Ci56Tqa+UTMO6PKo9m6iSz8Mc1Ui9CGzIqJTyuSazUFGjodbHXSZFtAMnZFtid9UayeivPli3ZpZCY5AouDm+AgL4xqD9kK+kB2JBhuT7Z3+iOvhH2/Pi2qckZZBItM8Dpc8zEA+ngBIiMJdW/NPF7fgmsp2EcckRDAso58RcrtdNPFVvCu+XnBB3YfaJ22cqMlpeBBIHwguuIajtv1NwyW27WMIuzTLDbMOm56KPwMZ7ylMw9ix/aho2wciAAIXYJ/fhcJ11DdAuCcrMq1voGOVr0AX02J0aMRZ9ZXPjTv2ssZZyrbjxwEXRds2bFHR5Ucm4SxACDd75vegkmCWJPE77dozCn/YzBbl/Uf49lmLRnrvYQBilA0tVkJStBwAqHwE8LQGFuO81aK00WHnlvyNZ2rUrcs/mK2lRbUVkra8ynV4x+9egeC1FmtE3SR7o+Ta10M2iFJijiHaBFrTdxn8WFZ/jmXQTmxWcdQWAxmiqo1n4sEqE9mDrHgZK9KglbGD5dLRm/B3dIhg0sUewrTzEfnt6aiqjZx0znCggzE4NUqufFRGIYcDrfm4M9tHL2bXHhfS8hzsMDzWGvTu+AjMf9H2o53IfLMi9Q5oFzcePROu7li55ifhVhowQ1kSiT8MlwXuHnZLOc4WeQ5kVJ2U22p1H/eGL/oVxK0mUQofLs16QFi3SiRQuADksrxu5IoYdRghlEU7Iong/FJR3yJYa60dj+/VpZR6sTUCPhwOTdYVn/ISKDB1g5x3TNF77fNLTn9H3uVKIA7wyctLssjxdfa5buixxaDsjpjMLCnhfPO2Vr202ECzZptMWYCQAQrBmbpQyb60eute2CGNeqCmDLEmhNw/JKDU2L1rW7G8jqEdD/KDhHcb78z6Z+xBjRFLGVnyP0unqOKR7lxU5GeRKnzuWE9IJkaUkMHye12XRUMj++MlOhdOqcTkA9Ep/AX/NIH7XyuwXihbaFCeHjwbW+efm36ZjaQvFgJBXcJrPjCCofnq4bvYJnz1d3y0Y7iIImDNdVpl53pOcr8ykHNz2V4/mSYxKNpkFyFV5H3Dbcc1U8ZApISPCRA4jqjexHC+WWhRg/2VNoGAmao3r4xYBF7AaT+9jdBUHbLkzFJBhB7xCMaHR9IO2B09PztyA4OV1NqJtOQKjJvS+eGIdl1trBKgzZ13h0a95OsbHhkmGhHg4TKVBqLlNo0epb+oOsI5JuaU0nR268hIJo47/cu/fxhE66q7gh1GSn46t+H6llCTG2w4QoTkXaprIgf3J+y/L4ZqF5NzgWTR1YlabJvxt61i3dxHLp1s5bL1LyRORnCHnqDFN0DXL0q9WIas5AptcS3AIh4= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230040)(376014)(1800799024)(82310400026)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:03.9584 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: af45783c-7465-47c5-0cd9-08dd4f58dcff X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001F6.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB8001 X-Patchwork-Delegate: kuba@kernel.org Extend IPv4 FIB rules to match on source and destination ports using a mask. Note that the mask is only set when not matching on a range. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- include/net/fib_rules.h | 11 +++++++++++ net/ipv4/fib_rules.c | 8 ++++---- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h index cfeb2fd0f5db..5927910ec06e 100644 --- a/include/net/fib_rules.h +++ b/include/net/fib_rules.h @@ -148,6 +148,17 @@ static inline bool fib_rule_port_inrange(const struct fib_rule_port_range *a, ntohs(port) <= a->end; } +static inline bool fib_rule_port_match(const struct fib_rule_port_range *range, + u16 port_mask, __be16 port) +{ + if ((range->start ^ ntohs(port)) & port_mask) + return false; + if (!port_mask && fib_rule_port_range_set(range) && + !fib_rule_port_inrange(range, port)) + return false; + return true; +} + static inline bool fib_rule_port_range_valid(const struct fib_rule_port_range *a) { return a->start != 0 && a->end != 0 && a->end < 0xffff && diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c index 041c46787d94..6b3d6a957822 100644 --- a/net/ipv4/fib_rules.c +++ b/net/ipv4/fib_rules.c @@ -201,12 +201,12 @@ INDIRECT_CALLABLE_SCOPE int fib4_rule_match(struct fib_rule *rule, if (rule->ip_proto && (rule->ip_proto != fl4->flowi4_proto)) return 0; - if (fib_rule_port_range_set(&rule->sport_range) && - !fib_rule_port_inrange(&rule->sport_range, fl4->fl4_sport)) + if (!fib_rule_port_match(&rule->sport_range, rule->sport_mask, + fl4->fl4_sport)) return 0; - if (fib_rule_port_range_set(&rule->dport_range) && - !fib_rule_port_inrange(&rule->dport_range, fl4->fl4_dport)) + if (!fib_rule_port_match(&rule->dport_range, rule->dport_mask, + fl4->fl4_dport)) return 0; return 1; From patchwork Mon Feb 17 13:41:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977864 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2081.outbound.protection.outlook.com [40.107.92.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C59B721D58B for ; Mon, 17 Feb 2025 13:42:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.81 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799733; cv=fail; b=iMreaZqLu/p0Wqon8VMt4j3gveYOsDClJ5PRg3d+epB7p+Qyk5AMLlatbIG4SjDFvd7zvaaWjf6lCnHwBLmxr/kmJpL7HDn0K7A1KPsxgOgFWKOk4uVGrSr4CgZidTHHgH7wV8rTCXyVBOpRMPnH/bpmMys9yfPXu4nmcAp6jg4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799733; c=relaxed/simple; bh=C4j+1/X8NGz+FKujazjzXAdZK/ZAU4y1dmN+f/4EmAE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=lo/GGZTokX+sZLbtAVcKVu4kOFqfzCNARpoy/wD+Wzfl5A5dStr+DczJQq/CFzCE3KamOD7uLbNgIDA5eyvPR3hCQ1eYU12phyrjAFYaOkI6qlX4SBLqfy4TJqW403sD+8eIPR9kSuzI0o+4MgZDBPU5FWAMVwm0Fhr9nNvLA6c= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=lq0BId6f; arc=fail smtp.client-ip=40.107.92.81 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="lq0BId6f" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=uMZYPe9R1auhQUkjL/buIc3QYb41lNVaGe7S6R08+4GZKS0sA8lqgnwnIRxupxX7KUjfsuLU4Vebi6ESFy0175jv8JPzSu+QAwIi+7PNT2K7P5KKJfL8PrjUZB4qPb4/bHi212T/4OFpFLzorM8QNftGdKDY+T5XmVtzePJ+HuEKLsRA5YLCesXXnf05DZQkHvkgRMZvptJDXOS9BJwp6taPXvz+gH11hMZqpoeU2MDqk5RZWimIjAcwxiXsr7u3ggI8q+b0zE5suDJ2R2Pa3YmwteLIgHQ3/G5QYP7qTG19+SBFzGXLgtQUBJmhnaRqixuj81gzoVsOeInr8ExLiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TbL+SUZJyw6E+5Rlt/tpL50K3gZ/K5lyZzfIp36h8W0=; b=EQtqHgomQxhOlBpY+aU9cNSgvoLjzGYQ92ce6+NiKw4SS6KSzAAvuWlj9XQPndGOQ7w/hfDfjG9QNaEk6dpv0jrLMAFg8TKHfXOacXLs+YEtsF26BqsGcUhRXxsIKbreNrMzIdGaCPUBFO7QQXk6c7vbx99fY/MHjbChDDC8yc8iySQi9i33JQDWcJosqILmvxFbLkodLObT1Rohba0EKpE97Sf/lRr+73Zq5ZUMuHmkGGjaCrHWgiPxMrOMJGqhiOVE0hJhK+4b8O83a1SVFDVV6htwYX/QX4UZ1X5QGUafrc44fTcIZXMjNGSEGTHH1UU0AK+V3epfFBmnIkPrAA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TbL+SUZJyw6E+5Rlt/tpL50K3gZ/K5lyZzfIp36h8W0=; b=lq0BId6fs64dUT5RuAQ8ODtjyEHWcI4ws3i9+P0keOz0UI517V3RcTzH/k1CrY6xuO0RTWYJUs/PhbkOrhcf4wkr+TLd1ap4QKlk2SqhoV7fQ63Ulcro9a3lAW3sfK8FpKFVQNjaKuzyPUO5ONxL+s6Tyko9wDhsB6NimL6mZq2ZE5EmjHk5flyvBFJCBiszWrbfoDq3+IiL5o3w0hqn03C1JOkKzO+lxPDPqx1MedL/s9VbYuXk7At+tJ1Hso46wA0mwhipAHLbzhEf14P251He3ClUac8HB+ra93eXL0rdMHTX33G/cqwsgIj2VpxyhUHLzzQXVoxZFtMqkQHQpw== Received: from DS2PEPF00004553.namprd21.prod.outlook.com (2603:10b6:f:fc00::51b) by SA1PR12MB8858.namprd12.prod.outlook.com (2603:10b6:806:385::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.18; Mon, 17 Feb 2025 13:42:09 +0000 Received: from DS1PEPF00017099.namprd05.prod.outlook.com (2603:10b6:2c:400:0:1007:0:7) by DS2PEPF00004553.outlook.office365.com (2603:10b6:f:fc00::51b) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8466.10 via Frontend Transport; Mon, 17 Feb 2025 13:42:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF00017099.mail.protection.outlook.com (10.167.18.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:08 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:42:01 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:41:57 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 4/8] ipv6: fib_rules: Add port mask matching Date: Mon, 17 Feb 2025 15:41:05 +0200 Message-ID: <20250217134109.311176-5-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017099:EE_|SA1PR12MB8858:EE_ X-MS-Office365-Filtering-Correlation-Id: 4b5e6f5e-fbb7-4c61-ef08-08dd4f58dff2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: APZaoaDHtVIabEEFzdMggotZ3tthRdofse8roQ449sZCt5Er5RhMs6q0NP5w0XMEgsm73DextdEmhc0N9KWmg0qgUGg8Ql1SIJ7BzTDkzIxGnTrSm/RNK2ug5qPdXxrXfEq2/NbggdHPvZTj3A1XBEbEDKCK2pKtEijdMMl4OvdU4OXyy8S6ZZkH79Rz2J4vqRqNfGDgmUMYK5r3hxGV/XKWJl8jYwIr/6kLvW6hTGa5jrQai33hWAslIkdEYZw+U12qanKVAbq5cWaDqZtNl/JTwn9jhDQXj2P7nA+fZKzC1m/rT9JB4P81cm7ISAdBG4oG0N8lGrFzPMYfAqZO+fnmfrRhMCamJkR/igyhql1BJaPju8yhqOb5Lg8GezwsrYQrzeesDLgVLBv+RCSX4LqQmhVvU5bMqhTwojWIETwT0qZCfX0EIOiX2aVlMFEUXUF0OAEH8EPYbUJPuCHVJcCBRchN4FSVzv0awI55M6UIKEsq5uMyeXwlllvNMAjvHEIYoAMq1KzTSNlOR8LQxIu8+G4UHUP4HzXW4BcocP8yUr0xC0qp1fDPrrCR9slW0s7v+h8zCFJHiGEhuexYyX6u0jd7TeaTJGDwq6r8U8oG/vtQ+Ewg3tuCAtAzRkhLATedRLxCv5V/i/i3R2VLrnbl5TGDtWsq/vgUijECanpLFFsM/1Fk4Npr9ZUMMOdMX0hin6r+UezTPI/DblVbTsOUBY5MUv3SLP2oLmgCxwDmocgHGbHNMSh8RRmAsb5+/VSyeMDj0hTgYEInQAArOpFHvGCmTxfjuLoPTj9NLxP1j9jRwSITKYvaRiASEMkls71NLl78Vbgn0psw/UvYo93eApApA6U5Tpn8u0kgs5n53OYdjJmRwHj+Z+QYPyL7mH37MgQOZU0IiafTZP+uFiFdzH8gJygKe47xjtw3QTbAKoDZMNLH3rdk6F7zatj3MbnxDjiWxwoXgyUJ1UQfjuCxgi9ojhfhe/lKKXQAnHrgawFx3Qv0cS9NXdKWc/RYpBUOwMMBV2Qnm6hbseFHgZF44i7xzTSCfWzQYBdDm2WJHNfvA4GaLmUqV9OqRKCRPeOo+wlAA/JEEwAVUoWFGWyHi2msC3GMcupqRTC4RoUaUfZOPgPBtthhrzte0ae62oLy9PjwYogf+6OZEymC3E5fZUn9V31M/Ij+DzOJazTS7wdRco6YPYniV7xsCa7EEkgXWJ3WmcGAltfdIZRHRgfb6/+tq+NaxWwGMdRF2zflPPXJGAo22MYxWnjGYG1awsb8VW9pPdzzCxBZwxGm0NanPQOIxjSy6AGLxNRCWeCJg8md8PuBVkahzooDN4a6noGVIE2qyujbaV+qPJbz/0TU0pFz2TUtXLtiIC+rrgHrVTEtHIaVwtPTY+lc9ImtKEu1zWt0Ksops3RZ4VwnRWEf/abDZNJ7UFcABUOjTJud3PZSIGBolNybqyFIGSVmhG5lfld089DpFgfcvAKmXX8KVAp6ix7p+4WkQqlu4zw= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(376014)(82310400026)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:08.8028 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4b5e6f5e-fbb7-4c61-ef08-08dd4f58dff2 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017099.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8858 X-Patchwork-Delegate: kuba@kernel.org Extend IPv6 FIB rules to match on source and destination ports using a mask. Note that the mask is only set when not matching on a range. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- net/ipv6/fib6_rules.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c index 40af8fd6efa7..0144d01417d9 100644 --- a/net/ipv6/fib6_rules.c +++ b/net/ipv6/fib6_rules.c @@ -340,12 +340,12 @@ INDIRECT_CALLABLE_SCOPE int fib6_rule_match(struct fib_rule *rule, if (rule->ip_proto && (rule->ip_proto != fl6->flowi6_proto)) return 0; - if (fib_rule_port_range_set(&rule->sport_range) && - !fib_rule_port_inrange(&rule->sport_range, fl6->fl6_sport)) + if (!fib_rule_port_match(&rule->sport_range, rule->sport_mask, + fl6->fl6_sport)) return 0; - if (fib_rule_port_range_set(&rule->dport_range) && - !fib_rule_port_inrange(&rule->dport_range, fl6->fl6_dport)) + if (!fib_rule_port_match(&rule->dport_range, rule->dport_mask, + fl6->fl6_dport)) return 0; return 1; From patchwork Mon Feb 17 13:41:06 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977865 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2047.outbound.protection.outlook.com [40.107.92.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9308521CC73 for ; Mon, 17 Feb 2025 13:42:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.47 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799740; cv=fail; b=PsN1XsUPd26+KkPt+K2Ylt5kRL3pZlPiuooXwZYoZOiMnn3XyrTSwkn4Yy1+t8rlcNUNZWGINNoX5XYphjQ7Xg0xcCNwUF7natSJfkpyvja6jsmGFxmJj44fg99lyrX3TMOD/eoSTMGz319hYPc9NMVE9x4veozwpQ9oqChEp0w= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799740; c=relaxed/simple; bh=npiFWyl6xuwZGT2Nuhl7nBiQsF+Ksll3AD05WxG4oCg=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=G9xDB+RBU0w9cRcEQg4Amiv/NjwmCJe1eS4IpQvQjxjRXdIkKQvQFy+piCY+ZHB32pay0h5rB06F7wdmHwCVALHMLw5J9DWzJOIP9NxwzIjO10bNqQWCunS0hmTpjW0oZjO9yRh8HY8DChhQZ3l2MuCvcizFIe9NK4mH9pscC4A= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=VpmCZYBg; arc=fail smtp.client-ip=40.107.92.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="VpmCZYBg" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=MOUJAoorvWU59XXYp5W+vMwGg+QDAtzfTa+EN5yL2usOkw79ZzbJr7dIhp++yZFuywoNujQ8sm9HmViUCQHPLvDvoylMdMldXs0LE4N8Q0pnQ76VjfQOSIczs5/3R1QedlU5ASbJZsMj1JIadjyAHXwqCAn4W2LcSgtj0QxafggfF6kgoINu8LLsiKIYhebqh89Acd+HbHJwGNfr9SpVOQTEjLIBXCxpwkLVAoaAGHcSlB4XTOQIud0/40Qnk4Vm4xYSpMf08s2FNKl/uiQwK3+A4F9jtzqO3K/8zSKVcR4Muo64qVSz0teFA0nNarG6YclLNAA747xDWWLgDObgOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=m4LXOoPCj1Yd0stAH0ToM+9J8yTKsScrB/64DWxI6yI=; b=wUlLOclXYYCClh/OAvIWPLPyvLVaHaON+QRDtNct4+NNIES7h4CvZx0vtxGo0MUQ8HSWbeOcn3dpSyrFppt4Gyr6XLPpRRSmQFMy0facIHVI25Ey5jAi4YpGHjuk62yxNL/jQJGR5/ighBE6ofyKxF8xtnIQQ88z1gUy8GtyPn0BPPpQ09IxzT35hFL8DqthObCi5w7UrVchWI0CAH3AoqBoJhcwD87a/vjdLDHr1mKtLqjeKECQTWXmqKHpMSH1CYpyo3uboE/Ul7G6BgrURw52ye+uojRpj0CkcolWajDH2uxCRtwlupKmMch5H0c+IKpgNLgTbwtXNoW9M4TC4g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=m4LXOoPCj1Yd0stAH0ToM+9J8yTKsScrB/64DWxI6yI=; b=VpmCZYBgcaFn3s+21ds3HyUNWVeHfkzoyQqvPrmHoUt3d5YktFlVKK6K0j3wVEM1HfmsWmCP+p02xh3UyI5v1xUfzaLcwrYF6uFxwbxU4L83slbAqMAa6LNqPTJaaz2T980uA4fx39PAHcrhS2XDybsJ5+IKJaYtnS/qZtL7AxxNbOEdnDew5NRoo9QUOdjNRDdIQzacPzQ5dTkdYNh4BLkkgDfRIm5VG2xkA0FDd4o62JFTqb3gROwydElHzIv+079mIxoCrVaqLiMwdEJhlkgQ1HeJPKSVV49VNX/Axl6OIIXsHpqiLe5Txq/+Fnqy8HAbYYt2wRyzKKeVsELr4A== Received: from DS2PEPF00004564.namprd21.prod.outlook.com (2603:10b6:f:fc00::51c) by DS0PR12MB8197.namprd12.prod.outlook.com (2603:10b6:8:f1::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.14; Mon, 17 Feb 2025 13:42:13 +0000 Received: from DS1PEPF00017099.namprd05.prod.outlook.com (2603:10b6:2c:400:0:1007:0:7) by DS2PEPF00004564.outlook.office365.com (2603:10b6:f:fc00::51c) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8466.12 via Frontend Transport; Mon, 17 Feb 2025 13:42:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF00017099.mail.protection.outlook.com (10.167.18.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:13 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:42:04 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:42:01 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 5/8] net: fib_rules: Enable port mask usage Date: Mon, 17 Feb 2025 15:41:06 +0200 Message-ID: <20250217134109.311176-6-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017099:EE_|DS0PR12MB8197:EE_ X-MS-Office365-Filtering-Correlation-Id: b1752168-5023-4e1d-bbb9-08dd4f58e2a8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|36860700013|82310400026|376014; X-Microsoft-Antispam-Message-Info: nFCWywjyFFgOye3TTDpMMscB6dDB3LB4iH5kY+8o10HBSVa+C+yQ72ep47gQhA2u9lTmhZhfmI5Y7bl+0CZ/5EkyFi/lvvMIGYfqIB81iktKYZvdjFAM5W3WNYB0Nbzx0fusJPTZBdRfjPdZ9zC7xZOrR9uJJBJWouhOxvZ4Ct9TbsFtktW+zqD1HmwYuZwQzM40YDpItN7Qe335uc1KMmILxYjDluBRRkfkm29LxBACwTEkJzIOGO5BOBlLDfJt5Da/i6vXbFArXSYxcWzks9d/nzuAJKHPmPz6XagA43CDhTiNWmOnUnZyx7m7txuEnGKVbo3xap5Io5+1p2867WrS15tbrPyN9J8I/T/WlBJyAB287DqrcS1uJPst5OXgjV8iib9BqVGBn/5KwmpwGTzgZxtzap4KyCpRYAX38ZWcj11GAGj6kLkT5rZm/Rqb9XCo8Nnyz4jvR+9XEZ/ShRk81D4ZU6pbggsYDOrvOk8tP6Vafth1+/boBAF5Gml97rqj9M8p9LzXHXGIidpjwA1wQfq9tqePdK+hzowzsnTm1Cc++fRTad/XtktIsvE5jLi7mT84DHkBYSKvXDIR3y7YqF/7GXfpJoFD8xECnu4K06YkRSm3TOlWgduoi0GPVOWKvxuht0JKtCimQTzmYa9Bi9hlvqxrGMd8CuhRaa38yJ1SzIpzls/+Ajq3ELNhK7I5djBE4cWf1zXCZ9vOQbb5G1/wwBRgU2RTkhdYpM0gv3ZD3j7AFO2cozvuqu6IbWFFvciGfOsyVZml45BRVz1DxTSiFfo7CmnqjL7mLzZFw7dXf1Jt/aJp9SHUQpQXhw6t5dj8LTGjzQhom+WPuKehOxmbhYi/FoJXpK2bOm/NSBBup+oiLR3jCrDTSz4uxkYh5EQjVZxPyuv+FT+SYP7DQuqZdj7qk6nxnQpQi6yj9Ij6jb4sHcF8aAlziTf6AtepzVArqVr6RTxqezcNsrwQeCCBlQAyDA9RD7AMx4DJcTNfLpyWOfNC0VTTUVvfAtWKjW1YzWQyWHWYUojM+xt5f9tDCfLouctfUrwBGLLYmtU0RaIJi1CEbJEbW0APsmDZ90x21THYZalz4lhVrSHgZOFtDrvjWI6/mjhky6Gs1VyenywU9kPMg46iKQYv5+awAp/vTdcE2KiSEpgeBPP6YkD9xFRqjdO8IAtUTU72n7iatRm00XfrtcxNZuY3I7YNkEEklxHqjcvMyXdZVEguHI/9kVROsIpsi+a8PELUgnnVtaRhao7O7smfOsjjEFwwE/8sjMYstbo3lvIAanM0+a8jJri9laUlfyjk20uZ+RH6P6KnmPkh5zarWfef2rNtRHFNX3QOIXh5JXzl3dpEPxe0lBb2jP1lvLCdrzZzrgVqYuAik6/gBrj+0LEAvsww6jA6YCCjgst20aLgwNldAIQHK73MSX9P+5imrZ7XnzBB4DkC4LD29ciVoPDmhTY4R4lJ45x6xZ1UAGR85K6rmwaHbqFub7GQEuyZdfA= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(1800799024)(36860700013)(82310400026)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:13.3809 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b1752168-5023-4e1d-bbb9-08dd4f58e2a8 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017099.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8197 X-Patchwork-Delegate: kuba@kernel.org Allow user space to configure FIB rules that match on the source and destination ports with a mask, now that support has been added to the FIB rule core and the IPv4 and IPv6 address families. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- net/core/fib_rules.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index ba6beaa63f44..5ddd34cbe7f6 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c @@ -843,8 +843,8 @@ static const struct nla_policy fib_rule_policy[FRA_MAX + 1] = { [FRA_DSCP] = NLA_POLICY_MAX(NLA_U8, INET_DSCP_MASK >> 2), [FRA_FLOWLABEL] = { .type = NLA_BE32 }, [FRA_FLOWLABEL_MASK] = { .type = NLA_BE32 }, - [FRA_SPORT_MASK] = { .type = NLA_REJECT }, - [FRA_DPORT_MASK] = { .type = NLA_REJECT }, + [FRA_SPORT_MASK] = { .type = NLA_U16 }, + [FRA_DPORT_MASK] = { .type = NLA_U16 }, }; int fib_newrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh, From patchwork Mon Feb 17 13:41:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977866 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2079.outbound.protection.outlook.com [40.107.220.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B60AF21CC60 for ; Mon, 17 Feb 2025 13:42:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.79 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799741; cv=fail; b=ET2BtTmThz31Z3bC1IfZcUsILyEgjEM6aKXy8L5A46vLeNNKGf2DlJl7nyc6bzSWFD9mi9tosrHLrOYqnVM+GR76NHmazrYE0lsdtj66zjxOYJ+F++7xgDvxEW62iqn0cxdh/t+Ll9qESWpdSzRF6NOrBDAybWw9kosd67gXrHo= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799741; c=relaxed/simple; bh=e3IiDkCxRzUsk95YAoQXyJgfi3nnPlGirNFHc9VtHZM=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=iIFTcrim0WBEuq+giRXzsjGc+QZbCbEz6Mg8IIl86eqfQ7tZllJh0gjaIVYOxmGe9644VvGsusdfvMciULD+n3yJJw9QhqJJQhHDc2nbpf0m/yyZOlzvFELCeug3i85Ani/iP/QRbP79np7a56CA39Fttqmi/v5KrkL8PzqtPmE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=jOXCBerB; arc=fail smtp.client-ip=40.107.220.79 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="jOXCBerB" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JVZyd+qveP9/IS62wrYP8Rj9kggbn7Vt++r5hWvWD6FrpvX8T153qfNwuT8HmMXUt0KvdaAgsa15WAmbQgsbFrJ+FQ5ksjd9ZkrngYhky+diKnkPCUwFkutAiXbcAR63K+HsZpeFSnF6cgjXgOQ64z+np72dnQLVxI28v7DjL3kAQyGckTMq/MXIhKHGr1Kkn8RrEiugbTDzSGLdzImW/UGdfe0fCp8HCdSzSMptrMuCsUuMlTl5MZSPeIay7M2+MexFdvNntce47hmee0+fmmlqVMJ2oEqt5bqzMvieFkCHSQF0XHHFEILIC4PjBuEXmOe8OOxSYz29GKEpl78zCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rMfDmwUPMPruvLyvSRkz90XQITwMvQ4ri5SYPiaCwjQ=; b=vAZHXW4vyAt708ODOYR8Hk7G5ST9jfXi+2wW2lGaCtTZzyfD7WvDUgskvmNidCBa5Q8aWCSIgCOgXAZlIUgMkTf5i/lB5p7j6tOjya9mlI58Q5bisdAJUH4UzGtR6Ldg2yBOw5ExV/1tddoECeWOX+erDDxsJFweM6d42X04kJawPxOPckLSFFWmjXGqowgzAWoui9E45lWGFrZeJRYYhcdJgixNccIXMAyvOeyR9HiDSLfr35WQK1CNH9aaPs2kBLes6GgGdYEcuUJT2kCNGgmUaf+Je2qD1F0DCoYdJaLS9tyR5V5+luBI+V4O4YIYVG9pQVKiJufjDoWtj9sTUg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rMfDmwUPMPruvLyvSRkz90XQITwMvQ4ri5SYPiaCwjQ=; b=jOXCBerBaUmbhitMbNfpJKBMTFsswZpDI2uQOE/+X/KVx6BRa01T9DliYTOHBPWQVCFBv1fsErIPFQEmeV/ecceoS5soJFuE+KUdl2gDZy6Pet89+WHWuEKXNXPXunthx//0Ful/M+u37W4jhQmNcQhf5gXyabr+NVMyaglAoT8925qhg4RVYN1thZ5iSDw6Y6W2Hc85qFDG1jOekYfW8f6/iHilwhlD3VAl6epjTODvTlgktC+Y7NuFJ19QSkXp/qlUWnGU10nMsBrrYNPOikERY4uYoQ6WhLiIVvMzoRcVgVXlMMSMFdcln+d+mUUgbL4zCf72Zv58J+1GIqLyhw== Received: from DS2PEPF00004555.namprd21.prod.outlook.com (2603:10b6:f:fc00::50a) by MN2PR12MB4440.namprd12.prod.outlook.com (2603:10b6:208:26e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.19; Mon, 17 Feb 2025 13:42:16 +0000 Received: from DS1PEPF00017099.namprd05.prod.outlook.com (2603:10b6:2c:400:0:1007:0:7) by DS2PEPF00004555.outlook.office365.com (2603:10b6:f:fc00::50a) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8466.10 via Frontend Transport; Mon, 17 Feb 2025 13:42:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF00017099.mail.protection.outlook.com (10.167.18.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:16 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:42:07 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:42:04 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 6/8] netlink: specs: Add FIB rule port mask attributes Date: Mon, 17 Feb 2025 15:41:07 +0200 Message-ID: <20250217134109.311176-7-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017099:EE_|MN2PR12MB4440:EE_ X-MS-Office365-Filtering-Correlation-Id: 351e7980-36cd-4684-f786-08dd4f58e449 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|36860700013|82310400026|1800799024; X-Microsoft-Antispam-Message-Info: wZ7plwiAqp705NyAGZfztH1O84O3RMKBtJXwO/8G0ZW+U5srJ2UW5/FsCBXLpU7mNMtR2lLJ0IcwsCFVPd9ZdxpsA6p+cQAAosDjwbANF14T38ybwoFbhdyx0v5DwmIn+FdHiBcqLY06q0g9UnWGVdX3+1RY+4TYokX8S/JJ44VAL1DkDSK9BZfUmNTQH4LrssH38YTvwCy3ccDaE5GqmqeuPIOx2tgM70ze5BMs4CT479haBfQJCcQJeeMvq4BjfH3zXZV3J6in/IWJJbs82YK3+rvReYe5LKlic3cQV2L3L3F14gmKWpc9AadduoWvgtUy1HItuitljnpKqZO3dvp4D++nHoGLJS9wVYNNMnSMB89PhtvZgRE976eg/OQAsTeLx1txVPH3X26T2UDCfhh1U4zO4GgsnD0Rk1ChUGlzQr5lYBURCRIN9w0gicvLv4cHCF4F2HZPCSDWB4cTJ1aifbSjTbiQ4ifNYCZRQhWSl+d+dcNWpmkWkKF6SzMLfvsCijBsHfZLP4aa+fG72AIs/biPEHLuSG1sXmBac0U9Fa8gY1Q4achm7pWe81JXLz+OT0o1UHovEltVmeZH2+4gJuATI7sJB+1jNCvuP8ncJWuV1KEVqdBSqdoO/7ftCcK9PtDpBpRfxW8LogvB3WJlQER4rzizznYlJ7KVaDrRiPZWO+NuqIheWlohbjVvfjSEqqvrDR7RK8dAKyCY8NdkVtJ406GytIFfFyU2pWt9+OVuocWMjLAK2ZTZkMtow6Kdwxs+sv+KUJPQQ9MpiQod+emv5v/3AzkoL9HZ7sbxTIbE2tbw0BdXF7dCM5inaquIgm7X4ESAIh8B1AO7clLzRgMr3NDPq5ZgtW7tchXKnc1T8g/nNHPeM56OG28MfAn3SVMufu0TsXAykRSl6qTpogYy6Suh1mYj/7a27qqj3ebvq5og3AZQSj2jxJgsGtBoiQpnIxDVNJ15LWcOzwAe7Cd4+vZxu4O8seANrDLGFYSMmoJgDIqQ1QOXF851SZUNxIxouxvbRPCEHH7km9IwacaFy9JSzGFJ3q+qTfsGxb7BOnFVvvvsCDAw1UZnaeAbcZI6jlgk5eLhFKnOW7f28C0aNt3FiJIpiN/POFMsMGMUO4j4IQNjsOZxf8FXK+UjPFooJOdwEoWskpGcHUiKP5yY+0BEy8gr6p9wQKBonb/zAs/l9NhJ83Hd2EBjNGCEMILEnMyOP/afp4QAjwODtRM7LBNcdPARlNuTFzDlL1POgsJxTZYgRZLnlzlJ1ac+iTUcshrnwS37s2PXu34v4Z7XM4BVlWT5BpX3ca9DIAzIfBkDVhpkzz1hHXprLkxYZ0ThdnEdcla85CpKsaWr1M882LwUzKJJ2+fmxzIHHjufFkQ19kQAt2Aw2A3Db7ju28aRPwiA1o77lmZaXdO9ffbdNbmrBTeoeIX2FGyjFOKS986fBn7nO7eC4TSGnwEVlCXeEtjm9UI92q+mNsxiKwcACN1ZgLdulwphWWU= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(376014)(36860700013)(82310400026)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:16.0841 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 351e7980-36cd-4684-f786-08dd4f58e449 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017099.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4440 X-Patchwork-Delegate: kuba@kernel.org Add new port mask attributes to the spec. Example: # ./tools/net/ynl/cli.py --spec Documentation/netlink/specs/rt_rule.yaml \ --do newrule \ --json '{"family": 2, "sport-range": { "start": 12345, "end": 12345 }, "sport-mask": 65535, "action": 1, "table": 1}' None # ./tools/net/ynl/cli.py --spec Documentation/netlink/specs/rt_rule.yaml \ --do newrule \ --json '{"family": 2, "dport-range": { "start": 54321, "end": 54321 }, "dport-mask": 65535, "action": 1, "table": 2}' None $ ./tools/net/ynl/cli.py --spec Documentation/netlink/specs/rt_rule.yaml \ --dump getrule --json '{"family": 2}' --output-json | jq '.[]' [...] { "table": 2, "suppress-prefixlen": "0xffffffff", "protocol": 0, "priority": 32764, "dport-range": { "start": 54321, "end": 54321 }, "dport-mask": "0xffff", "family": 2, "dst-len": 0, "src-len": 0, "tos": 0, "action": "to-tbl", "flags": 0 } { "table": 1, "suppress-prefixlen": "0xffffffff", "protocol": 0, "priority": 32765, "sport-range": { "start": 12345, "end": 12345 }, "sport-mask": "0xffff", "family": 2, "dst-len": 0, "src-len": 0, "tos": 0, "action": "to-tbl", "flags": 0 } [...] Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- Documentation/netlink/specs/rt_rule.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Documentation/netlink/specs/rt_rule.yaml b/Documentation/netlink/specs/rt_rule.yaml index a9debac3058a..b30c924087fa 100644 --- a/Documentation/netlink/specs/rt_rule.yaml +++ b/Documentation/netlink/specs/rt_rule.yaml @@ -182,6 +182,14 @@ attribute-sets: type: u32 byte-order: big-endian display-hint: hex + - + name: sport-mask + type: u16 + display-hint: hex + - + name: dport-mask + type: u16 + display-hint: hex operations: enum-model: directional @@ -215,6 +223,8 @@ operations: - dscp - flowlabel - flowlabel-mask + - sport-mask + - dport-mask - name: newrule-ntf doc: Notify a rule creation From patchwork Mon Feb 17 13:41:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977867 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2053.outbound.protection.outlook.com [40.107.237.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0209A21C18A for ; Mon, 17 Feb 2025 13:42:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.53 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799745; cv=fail; b=i2rc00OpVfqUivRhC4FZr8qO/adnOeqCD1L4AQjewAAAaTDB/IfZhUaAvvkfNfQN744mykDR8Ce3Bd+Fq8NiOJz1O398YZy9Sbo+CeJ/KVMX9xLeg2qIBomcEMaZ6H0a/lTz8OqmfcB+ztzI0VNKyf9nJkvBCTvtZEHh+AfQ0cQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799745; c=relaxed/simple; bh=DilJQkOSLa+gPIu4yP+RcJ+eZemrkVcm2KwiezFIStI=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=YDcguw9/ylY0nY3YiRdS0B940eqektLFQ0K1bhFMTG3IXCUF03nMXKgccOKR5V7PvT1H0Mo+SxUFPvr93WzU7WT2VxEYftFkhfmelbQy3w9EmrE9r7T9NgOYcRJRO8b+jTn23mMzSqV8YhhRUlsfBwTd3VZPqLy7CJbwkX7yIAo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=l1BM5VaD; arc=fail smtp.client-ip=40.107.237.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="l1BM5VaD" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=peMKW8WDO+AobKTH/z8VXFLshsmIyrfEnyJQaR6YgbQ1g8TTFVdlCMhGtKS9oLPnmWOjDCNWETOIXvknTe8zSBxQZia2EkvFp065jHak8m0hHItNBwca7R/zGoWQCnBM6tcJ5GMHsLHH5V1u4CqPEUra6bFusBOUWfYtT+31OHcd+kMPxvTnWMxYkBGxBXwlbCF3vt5ZhTiRNlwGY+GcHYvRaUHkFg6yYcb+M2HKRgSnM0r6A/UeVVNu3lUdXQf6wJ9sgMVgnYaOW3O3CqH9zHHv2YPE521VAN1DTYy8dLXzOaVCE8jbRR96O3LQB4PZ8CShLDBUtBiCq+/hp4sIug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=F4FwNpd6UBFnjPgFbpsnuaBuFvpi1vEt9OYlG+x4sdA=; b=FO4eq5DJ30pa+7spXavkIWcw6/7WVZ0IXRu1dBLgbP/KTya+RVmG8e8QdgWHWXzjg0X8E+2yIJAeooIwA/fVzxp9QYz3K+ubxgOt82DwOILMZLtwWhPGOB2kHoUDHv27/B2Kz994VO08cwNPtMo4eirYTzN6dKyH3cIkcUoF1hlrdqKepvOHWXEVYdFFiS82aCHKdEBjuNHF6ha+bmPAQMeWvTrGWYXNRBQAXTDvirHeaMGzNCuFGieNRP8tyjCGJvGaRQV0B7Aq+gSEWgii8BL28a82ivFnLwhms3eoxmtD/Nzh1au9UJQfvjmq87MQYfJVM4p5ksjyasBNB09/kA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F4FwNpd6UBFnjPgFbpsnuaBuFvpi1vEt9OYlG+x4sdA=; b=l1BM5VaDefuNe2keXG5dBrWa8qiXsEuyZ0/HbmaSnsA2NmNHanHfrEfX9XknGbq7AY6KbZ7ArBWaTqW45SJ58G5q3jnzeEOxSGxN46ib9AWztjlK0ZfSBWTfLEgMV5LdlICtqT1/+G7IweXZrtwh5f8Us+etknx4VIdnXfdSX2LI2WnrbyDllN4dFmuOB9pVhrVgM9tmblk3EiCz9WrV5IuUjAu0NUYCA9D57wsZUmUe5Ty3hnSQqW/2JzjfMB6hCPpkdB9c3JyD6NolQMbnAiGkaoaaXBOC0NWcPry8wsdaX0M3lz99JJpyJe+ZMCkLQ8leUjrMPhHP3xOq7xsmhA== Received: from DS7PR03CA0256.namprd03.prod.outlook.com (2603:10b6:5:3b3::21) by CY5PR12MB6179.namprd12.prod.outlook.com (2603:10b6:930:24::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.18; Mon, 17 Feb 2025 13:42:20 +0000 Received: from DS1PEPF0001709A.namprd05.prod.outlook.com (2603:10b6:5:3b3:cafe::8b) by DS7PR03CA0256.outlook.office365.com (2603:10b6:5:3b3::21) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8445.17 via Frontend Transport; Mon, 17 Feb 2025 13:42:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF0001709A.mail.protection.outlook.com (10.167.18.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:20 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:42:10 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:42:07 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 7/8] selftests: fib_rule_tests: Add port range match tests Date: Mon, 17 Feb 2025 15:41:08 +0200 Message-ID: <20250217134109.311176-8-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF0001709A:EE_|CY5PR12MB6179:EE_ X-MS-Office365-Filtering-Correlation-Id: dec82b4f-4e0a-4542-029d-08dd4f58e6c6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|376014|1800799024; X-Microsoft-Antispam-Message-Info: u4NiTHZgzIYnfdz1PlvwyKSiSv7dyKa8thvFLNjyoyhX0RtCXpLBEQbgBdwgzsv4LQYYG8gVOYgqVk1NQUH66kTNSOQ1kYV0yr3AATyYvwWiGKmr9Ove1EF4g9hrTS0UQGSlHDCRwttySrD5df4iuMfYIWYojc9fdvx1OI79zHL7nZuIKVwyo6cC/IB0MMevNQoRsmjFkOGMTqTPVTb9f59Q3USeYGRdrUOqaZcDTKjKFP59+Lne88+Ozx3c4rXZgSJCtBFLQKds2r7R92bB73YPAWUvyxPKLiXfNIOyzKHvFLt4J8/ka34QTZvSUmr69BUYhEwLnfAtosRpOygUMwv9YaO26UmQYNlxT8vZ6HBnzBKYm1NBCYyCbLS5NJ8V4azms3A1NPfpYUGE3nYPyxuU/m5h1DH/UAsuM+ZP8R8GlSdCj0r5UadBhAhyMYHBsWpFYavpStG97B/PDq+1YAlEo0AcNOfEio1KcHDnUt/7w/kxktxaLg2DJK+ZWe9zLCXhUUGL3yw+roiIO7Zuu8GbJidRDR1Gzn50EftSwKdltaDrRV8ezErl5T6wHqhAqiJ8trYH4eHeqlKqdRoXkUI4wAu0eHroizr36H2PEyat6JmpbKihHPyYoJAk5p2qkjKgy224gbhEPQDlaQjc95kjNX8VXDFikLe/SYq+9HXZt/rIYXs0+iMTJYkR4tiV/HDBN2SICdXgEaTK4IPH9DOCz1ySIWIpVAbLXitOUH3jSBlTYZFQQ6h9O2EazP3vpppJM8aUCl/wp8l5vAodOnvS8irV06zAUBdoRlIK4U49JFqtS2GVVwKwr66cBjiRZA6bwiDeTn6BR6IXzf1ddkUVfs/o/2Ke6oK4Z6NYc3+azn/Fw4bbL/Gpf4e8MpQPpuX8WbKNQpXp8E60L9sWymmJM+3L2xPmoZ0HXuLvBV/YSkUBpKp+nBJmOYDrOhzh9cWNwzpR1+IdIWAkdm4YRZ35bCD3AYxNj+V9gEcZi3GzORoSFbBwmkJsMQUk3Iwt9gH72zihLcn//bGfL/7ZDBKcUvZvnzr3xtolRjwM68MAiDKYoR+D2VmJ2q7RokAESLGmhFgwNZaApurQS3hqrUcM850Qz2MVN7eUZFkPyG7OEdNKHsIM83jSuYpw2P9kWGHqf1m0FUT8Sfqfdc+AKjdrIiHOuyHl9mo7RvPR56reSX5CklXDHN7DfMXtxW1d64fjkwx8HfOZ2oCcGmQJ6i1tWCTxPdDpgWQsBu5YgsIQ4x3Cmoi6zfk5clVDZFtIdbsQRYKJCLxjy2GxrZqnK9Xlq8ITyd6t1XrbXk6V0KF6/Bsyj1y158YRhqboopzSs+JajscBaHb2QCYRz/0G2BPQNWlZcbruLIO7+nlQX3RfIJmJmOagGs+O0OjkHIlJ+hdW/XnEHup00LKzjBiY2+z9ZFjoWHg5Hp153o4LaI3xuTLmsZ8hzISOpYFeMxFDjXo8aME2XOkGucKbRMS0VvM/dS6oDOt540FnmZDoXY0= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(376014)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:20.2837 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: dec82b4f-4e0a-4542-029d-08dd4f58e6c6 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF0001709A.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6179 X-Patchwork-Delegate: kuba@kernel.org Currently, only matching on specific ports is tested. Add port range testing to make sure this use case does not regress. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- tools/testing/selftests/net/fib_rule_tests.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tools/testing/selftests/net/fib_rule_tests.sh b/tools/testing/selftests/net/fib_rule_tests.sh index 847936363a12..12a6e219d683 100755 --- a/tools/testing/selftests/net/fib_rule_tests.sh +++ b/tools/testing/selftests/net/fib_rule_tests.sh @@ -256,6 +256,14 @@ fib_rule6_test() fib_rule6_test_match_n_redirect "$match" "$match" \ "$getnomatch" "sport and dport redirect to table" \ "sport and dport no redirect to table" + + match="sport 100-200 dport 300-400" + getmatch="sport 100 dport 400" + getnomatch="sport 100 dport 401" + fib_rule6_test_match_n_redirect "$match" "$getmatch" \ + "$getnomatch" \ + "sport and dport range redirect to table" \ + "sport and dport range no redirect to table" fi fib_check_iproute_support "ipproto" "ipproto" @@ -525,6 +533,14 @@ fib_rule4_test() fib_rule4_test_match_n_redirect "$match" "$match" \ "$getnomatch" "sport and dport redirect to table" \ "sport and dport no redirect to table" + + match="sport 100-200 dport 300-400" + getmatch="sport 100 dport 400" + getnomatch="sport 100 dport 401" + fib_rule4_test_match_n_redirect "$match" "$getmatch" \ + "$getnomatch" \ + "sport and dport range redirect to table" \ + "sport and dport range no redirect to table" fi fib_check_iproute_support "ipproto" "ipproto" From patchwork Mon Feb 17 13:41:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13977868 X-Patchwork-Delegate: kuba@kernel.org Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2086.outbound.protection.outlook.com [40.107.243.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E068D21C18A for ; Mon, 17 Feb 2025 13:42:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.86 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799750; cv=fail; b=scgH1Ng3+FtvSV8YLWTqZK34uoJ62TKtXgzF9S381pIKE8bT8mLFFfjrreAiNC+Yz5OW6fSItR6cx12rYu32bW5bTIqNEYuXoCyH491OK2xrt1koZW9MkLT1Tda7Ymc3x6WguF75DxWtPY4mUEpkTBNHL+Lh2Mbkyzj1H3vPNZg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1739799750; c=relaxed/simple; bh=e/q1GwghJsJln8zwlVDKOMh3c/7T5auKElnyE0nImPc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=eioKmoSOwdlVnnaB/LxwMPCaetZj8IRVURgVYOAZp6+tOqizUy6Ijz6DsiI9PedQFGYV2JQ3RrJ0H72MyYuqXBdmYFJncHlIvAHvmDCQmXUYvdU+02srnurQSE/pvDSu6NTS8OT8I3Mm0leClPvNRElRTRmQRY+zf1uo5kP8r0o= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=bMmw+AwV; arc=fail smtp.client-ip=40.107.243.86 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="bMmw+AwV" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=rerEM22NMrD2W1FhqKesiYTK05U864LshjcWstIfK0bF3i3BVbOrdVWWAmBC5v+ltlRyUxuhQ2nzbMXRch2uCHNs8OCDHQJzXzMcQSTdj+XXazfir8nodORCyPzm9rTQfSD0wYBLu+WdAhz2Hl1/BSQZrIrPREO6IwnrDqW9YIK6GUbhInHYkGV7hlyt4L1xeYQxvuRr/yVB7YzOuViQks6C1wm5PoT2/PrepbOrIQDjILAwqlPuNRgD1bXVmrPVRbV3dtbkMskHTS1foyhpsrNj+dbm9HKNedwCX+7cmjtV39glBvIz05CTTTLb1cspn3yGeWwiISWMpRCcwHncPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0L2UmyFVIAM71C4WevtT7HAPLuAy+S9zqKFT0/i2x3k=; b=wGZ1/ZW3BhH6Ln9Sv3nElwOvYFJeUWU105j/jEckmaxkTiZW+3AOPPNMHa5tbgeXRRygCsdufVyVLE+jfwPzpiBk4Q/CUnyMPT5e4KvhzmK4xDEq1AQ57cjyBvKZRbUGOuep0YJUNgxNaKC3dqcsRTy/+XZ6yC3J1h77Gf3Q5wDGdbQuUDNYvVxpees4jYQ0NzFJFhJA4ADi+qNHG3syD8CPl4rK/QbLO8CT0FR+fuzlbDYFl1ScuRKGJKEyA+NzoYAnjozP7284TRhVmy6Rs5bqaEIFGwXXsFRYie06/tPvLiFGdQ3Gi1oHiJ3xr8txEieNRVj1KePrj8rFG3YoAA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0L2UmyFVIAM71C4WevtT7HAPLuAy+S9zqKFT0/i2x3k=; b=bMmw+AwVH6P0KDat8pwc8BcARCSI/c1XIf6KLOr0lrtXem9l0KtUDHh2txosBkCtEfUNm25I06n0RGarleRyQLMbWihlzUsYh35TLMTRDkktJqXKpR3B3pWvcOpp9l1XQYTwK8gIDOUrkUkngCCvuJsVLNTfjRLOMWXAcfUyFRaPibYVJs5HeG7YogZPpN+DF11M3TfZjNNDj4nNdMM9Cq55sFV3dZzx3wD7oFBxQIp2hGvYKbaiFpdqikyFgL+FGIumDBTCGOhihfPJ2j8qRB3nymDhx+wGJamfTZlW7n82IDx+bx8f/XM2APW9f7sbxX1e9uvwCIA9wyZdDsykNg== Received: from BYAPR21CA0028.namprd21.prod.outlook.com (2603:10b6:a03:114::38) by MW4PR12MB6804.namprd12.prod.outlook.com (2603:10b6:303:20d::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8422.18; Mon, 17 Feb 2025 13:42:24 +0000 Received: from SJ5PEPF000001F5.namprd05.prod.outlook.com (2603:10b6:a03:114:cafe::26) by BYAPR21CA0028.outlook.office365.com (2603:10b6:a03:114::38) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8466.12 via Frontend Transport; Mon, 17 Feb 2025 13:42:24 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by SJ5PEPF000001F5.mail.protection.outlook.com (10.167.242.73) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8466.11 via Frontend Transport; Mon, 17 Feb 2025 13:42:24 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Mon, 17 Feb 2025 05:42:13 -0800 Received: from shredder.nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Mon, 17 Feb 2025 05:42:10 -0800 From: Ido Schimmel To: CC: , , , , , , , , , Ido Schimmel Subject: [PATCH net-next 8/8] selftests: fib_rule_tests: Add port mask match tests Date: Mon, 17 Feb 2025 15:41:09 +0200 Message-ID: <20250217134109.311176-9-idosch@nvidia.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250217134109.311176-1-idosch@nvidia.com> References: <20250217134109.311176-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001F5:EE_|MW4PR12MB6804:EE_ X-MS-Office365-Filtering-Correlation-Id: af492f0d-0a32-4f57-c273-08dd4f58e915 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|36860700013|1800799024|82310400026; X-Microsoft-Antispam-Message-Info: HkpBUG7RnijGOWHWLTCOreVVOc1YHZ1Tb9ljslLRKAEgVN8CkIY+qO+HUwgk6il3lNgmpC5oXKJHP1X9hxuVKRHvg9LSlgkM8E6MjEXS5NXE+mzD03g3sIeWkTJODPir2w0/vLZ2tT5KlT8PNlfmZ0lyV6C7gu7+e4vLNm3xiPi8AfrGQTNsIYq4nq0Fl7i1J+NH2TC5CBSLJzUZQa/BFO+ktg1SPk5NM3Z34KhGYk7o/gZwAsytWpm44QczsJigF1s/UuBKrKLGn+qCKcSg337OlwoZPcjRayFvrIo3gfwSbnDpKZM+0vEE6bY7d57vtV+jBFxoYlTmO7RftdTa6ekG3SicbMaQ2mkHrEqvruf/uUQboubOHi6aa4vmlTkaRcTHIynAG3nJ50BPZDsdPdWY9+C65vaVUFlJbHD7BzKXolr4j/Tryw4DoS7IuvjVRSFvzYMgmN4ptxDBvkLd0g6t4L78uM9PMk4EuD+Fp3QTlq0yI+NPD27t0cKZ1r3JJ8BCUVq1AJOaujJffj9AFuj5UQE4kZikT2/olUAEO044nqFiuRfnnZYOsqTZ+857IvLSl+gQdp2BaISbykRtxF5hcURRwZDadbNLK8GbdwGDmr96w7VVxhFL+o3egvW3rmnutADsH/SS1eqh8Mplo27yDF+xTS4J+76sStk13yDyu3uKTFps626rybDqrXoHyFFWakWk15PDTnBZm52KjmJxo2TQNnll6wTKCm0zvs/hnDLc8/Hj7ln2HCUFYgYzWcf4DJd7qnAldRMFIdIeFcu4qTgWeUlAiapj/Q9aSwO+ctOO9pmhDcSKzNoHbe5eymhHvYxEpE9wNYwxZFbEkn3m+ELQGWFYR96eNc2mvKnu1V09cZVJOHjL6coq6i72FcHi7DjbBLEa8YLbr6+h11lFjZpckai2zEsGzW9vlyp+MlyBIuK8N3LrJW62YhCb1TddMIn/qml8hai8T9E//TfA8jxIC3OJ/2esFX+28YTNHPVhknT548iLUxyODBD+SesQuVq6NcFDVGmNCvmRHBFhSmgOeT+rLjierjdZovqcJcYkMnZKGxu6scBKfMsL9o6EXQ2KMPrlU6fZsuOKQ2eT3jKENghDi2Fil4kUVMsu8zv0hcOIv02diXGpru9cKApzSOpScWrKNrSuEEQIUwRlv5Yk5hNk7dW5Y4uwN4w0cEw8MTlidzofUDnC5l+e3gYB4CMaaXL/g+f6GGvqZ9uF1fkxmKqta4qrE1xpBI42iue+JM+RgkyCF9bNjlSewlquJri2Edglt27SwmPijnWQAlBTPFSIskD/xsKuX1DuG9wzwof+0RicNsXPQ5n8o1JjRpUdz4BTAOUDEhpoM+uQkQli8eIDetw4STtBZYjyFSV/+clI2EsDRYuVc72mLh5RRk/6uGbvIGKG6Nns49DqCO+ZCe70J63QSwwBxWj6xiwCe3gIViOFv3On9KVYGNqeCNsAauO9+ArniGdNFgTJn4+EaWDipuF0Un6iEp0= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230040)(376014)(36860700013)(1800799024)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Feb 2025 13:42:24.2399 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: af492f0d-0a32-4f57-c273-08dd4f58e915 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001F5.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB6804 X-Patchwork-Delegate: kuba@kernel.org Add tests for FIB rules that match on source and destination ports with a mask. Test both good and bad flows. # ./fib_rule_tests.sh IPv6 FIB rule tests [...] TEST: rule6 check: sport and dport redirect to table [ OK ] TEST: rule6 check: sport and dport no redirect to table [ OK ] TEST: rule6 del by pref: sport and dport redirect to table [ OK ] TEST: rule6 check: sport and dport range redirect to table [ OK ] TEST: rule6 check: sport and dport range no redirect to table [ OK ] TEST: rule6 del by pref: sport and dport range redirect to table [ OK ] TEST: rule6 check: sport and dport masked redirect to table [ OK ] TEST: rule6 check: sport and dport masked no redirect to table [ OK ] TEST: rule6 del by pref: sport and dport masked redirect to table [ OK ] [...] Tests passed: 292 Tests failed: 0 Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel --- tools/testing/selftests/net/fib_rule_tests.sh | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tools/testing/selftests/net/fib_rule_tests.sh b/tools/testing/selftests/net/fib_rule_tests.sh index 12a6e219d683..06c51d7ceb4a 100755 --- a/tools/testing/selftests/net/fib_rule_tests.sh +++ b/tools/testing/selftests/net/fib_rule_tests.sh @@ -266,6 +266,16 @@ fib_rule6_test() "sport and dport range no redirect to table" fi + ip rule help 2>&1 | grep sport | grep -q MASK + if [ $? -eq 0 ]; then + match="sport 0x0f00/0xff00 dport 0x000f/0x00ff" + getmatch="sport 0x0f11 dport 0x220f" + getnomatch="sport 0x1f11 dport 0x221f" + fib_rule6_test_match_n_redirect "$match" "$getmatch" \ + "$getnomatch" "sport and dport masked redirect to table" \ + "sport and dport masked no redirect to table" + fi + fib_check_iproute_support "ipproto" "ipproto" if [ $? -eq 0 ]; then match="ipproto tcp" @@ -543,6 +553,16 @@ fib_rule4_test() "sport and dport range no redirect to table" fi + ip rule help 2>&1 | grep sport | grep -q MASK + if [ $? -eq 0 ]; then + match="sport 0x0f00/0xff00 dport 0x000f/0x00ff" + getmatch="sport 0x0f11 dport 0x220f" + getnomatch="sport 0x1f11 dport 0x221f" + fib_rule4_test_match_n_redirect "$match" "$getmatch" \ + "$getnomatch" "sport and dport masked redirect to table" \ + "sport and dport masked no redirect to table" + fi + fib_check_iproute_support "ipproto" "ipproto" if [ $? -eq 0 ]; then match="ipproto tcp"