From patchwork Tue Feb 25 20:16:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990921 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B8819C021B8 for ; Tue, 25 Feb 2025 20:45:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=VGr0DGFtdF9vUQZNuQxbjKzErqMA9pCa8F2vVWAZr6U=; b=ghoIu9H1IBR7cFnDbm0U4KGzhA iBOpcjpCyLE+h5iPZSERg8C893FF/jBgBW3JHr8Kh2OydMmmg6dR/TXXDnEVyozgfdHPQ6dDZ+RdT heGkYTQGQJiNbwHdoYMSLxMN7bm+ut/OHgUEv0femTGh/fGCVLEVXsvAfwcL6yspISzx3NM9V3tNB PLBNpjF5EMP9+cG7JZfjWx0J8+nyjgOO1EQtUYjWabh9+ywZzVouqwezh9d5i5Cznd19vMmRDNdU3 KeE1q+l3dNFbz27Dv+Jm+miEL+eYOUSOvHAAkux/nZF6XVhaAV9rTeIjvpO96uSa+jlKL1ArDmKM6 McMqsJ2w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1nb-00000001QJU-3I1g; Tue, 25 Feb 2025 20:45:03 +0000 Received: from mail-ej1-f46.google.com ([209.85.218.46]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1Lw-00000001Kc0-3XeP; Tue, 25 Feb 2025 20:16:30 +0000 Received: by mail-ej1-f46.google.com with SMTP id a640c23a62f3a-aaee2c5ee6eso874429366b.1; Tue, 25 Feb 2025 12:16:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514587; x=1741119387; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VGr0DGFtdF9vUQZNuQxbjKzErqMA9pCa8F2vVWAZr6U=; b=Zo10iyH8cbq2IRz3rSsd3v5Vk8pASG9C5s1zi/mxwcgKtV/LGhrl7yWWo3SkWbjVHp xBkOt5mGdz3ePD05v45b7tcJhaWx0e6tE9UsAl+bllj58WUPiiVvTrWZnS9/Cg/dByt/ Ymqu5uUKP3C/9bHD/qB5aVxcCizuoCkIHGampxzuNJlZ3UMAru+8NK9ezAEek4nTdPeJ ilA3Pn6FmZMqbEKP1W4l2vGdszwlecIJ/WcQgX/27mnbOazM14P1Yqe4Rg3rc+AlnJCn q4vsTCblNOIoJxsfVSZpJUu2TcXQa/3Sq8h6/2XevmCpdxvtQSfnmUkoJFOvOrvBnAYc /uTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514587; x=1741119387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VGr0DGFtdF9vUQZNuQxbjKzErqMA9pCa8F2vVWAZr6U=; b=RAoiZQG6shhH4bxGsNUztonpQdza9Ofod6C5tzwSKjKJ4/R+dWpTtLDkUM9K1Oeuxk yU9M1uWLVrlcmtadun5f+pfVIFL9h3hIMBoL9/DmB0NJoClxDtS2TeMHkPklBQpDAje5 1N1a3Ajw+3UdASriJsaVYGw/LKy4Mi0IqcnvBPpJ+W//OYOtmU80ftdzyflp/iiF5rEK bZelC3JoXeW1IRv9Z7gHF+XisjZuOykusn1aRGIBQNBkEVoMiMP/eRigE/XjMGKJOaTF psEKULIl6d+Sep2IsbHjRHEFErcC7h/QGrNJTk/c/9KDh0pZjOqqFKW6TYNblnd88ZzM V1eg== X-Forwarded-Encrypted: i=1; AJvYcCV8z+NFuP1OgYGkC/nx9Uo7W2L8yji4XpRtoyYamSY/4xpVYwp5TWYQDUnNafF3ogSguIO2wXeXI2zK8aKgfBg=@lists.infradead.org, AJvYcCVQHy8VzujWK0SQplkq83NslHjuBnj6q2H4CnsVfZtF6LVzADfpGNaBrwnTq576gzGMhFU5J6ZekDpmWnDdXuFC@lists.infradead.org X-Gm-Message-State: AOJu0YzC0mCWpVjtfZ/oMojit913C5OLIaziQ18yvyjz+ovWVRg0fTRT 3OW+YNoQcT6/qtrZzZTVLhLTyhiPkkFMQQvXdSrJdrpmnudMLhC+ X-Gm-Gg: ASbGncseOMdVZgUGzETv7h0zBtN4Z7SgsZvFcVKqbTgn5DV3VZeQ5mRCpFA+THdUd6M NLzclvWCi82vF33+F/XS+upfS1RbtOuMQTgjd2fsJmDzZBSEY9gZ44BhWgnFQ0GnLpYg5mmP+3s aMnMKj9kSZ3FEpFDhvYgAlEZ2YeqdPDXU0OVl17dNiF06pW50EFXD5eStfcrhgvrwp3ommhKuhk vH0uE7fTjZZVojWxfJl6bvsK2TiBO0GXHf8YF9EvGUrW/jFPFtC5LOLmf9KTLmVPL7Oi40eebq6 rt9oivPhTVDC3mz2+SCgPmBhZlrKa5eIPVPLcsqYgqePWFLYW20UYtp0iTXkHACzu3d/XL8UYdP dJAij80juMghXlPrDQmktDN87XxRzGDdcAVOPJoETTIQ= X-Google-Smtp-Source: AGHT+IG7sLxHYiybRWl9YJCo5iA5Z9C/AE9Kvx3ntJoO+nw0ZthDGzLRup7krhlAo4HpsCIa/bhOBA== X-Received: by 2002:a17:906:30d4:b0:ab7:e3cb:ca81 with SMTP id a640c23a62f3a-abeeee9faefmr52882166b.30.1740514586548; Tue, 25 Feb 2025 12:16:26 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:26 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 01/14] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct Date: Tue, 25 Feb 2025 21:16:03 +0100 Message-ID: <20250225201616.21114-2-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121628_919006_7C1063BC X-CRM114-Status: GOOD ( 20.08 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Loosely based on wenxu's patches: "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable". Fixed double vlan and pppoe packets, almost entirely rewriting the patch. After this patch, it is possible to transmit packets in the fastpath with outgoing encaps, without using vlan- and/or pppoe-devices. This makes it possible to use more different kinds of network setups. For example, when bridge tagging is used to egress vlan tagged packets using the forward fastpath. Another example is passing 802.1q tagged packets through a bridge using the bridge fastpath. This also makes the software fastpath process more similar to the hardware offloaded fastpath process, where encaps are also pushed. After applying this patch, always info->outdev = info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++- net/netfilter/nft_flow_offload.c | 6 +- 2 files changed, 96 insertions(+), 6 deletions(-) diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c index 8cd4cf7ae211..d0c3c459c4d2 100644 --- a/net/netfilter/nf_flow_table_ip.c +++ b/net/netfilter/nf_flow_table_ip.c @@ -306,6 +306,92 @@ static bool nf_flow_skb_encap_protocol(struct sk_buff *skb, __be16 proto, return false; } +static int nf_flow_vlan_inner_push(struct sk_buff *skb, __be16 proto, u16 id) +{ + struct vlan_hdr *vhdr; + + if (skb_cow_head(skb, VLAN_HLEN)) + return -1; + + __skb_push(skb, VLAN_HLEN); + skb_reset_network_header(skb); + + vhdr = (struct vlan_hdr *)(skb->data); + vhdr->h_vlan_TCI = htons(id); + vhdr->h_vlan_encapsulated_proto = skb->protocol; + skb->protocol = proto; + + return 0; +} + +static int nf_flow_ppoe_push(struct sk_buff *skb, u16 id) +{ + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + int data_len = skb->len + 2; + __be16 proto; + + if (skb_cow_head(skb, PPPOE_SES_HLEN)) + return -1; + + if (skb->protocol == htons(ETH_P_IP)) + proto = htons(PPP_IP); + else if (skb->protocol == htons(ETH_P_IPV6)) + proto = htons(PPP_IPV6); + else + return -1; + + __skb_push(skb, PPPOE_SES_HLEN); + skb_reset_network_header(skb); + + ph = (struct ppp_hdr *)(skb->data); + ph->hdr.ver = 1; + ph->hdr.type = 1; + ph->hdr.code = 0; + ph->hdr.sid = htons(id); + ph->hdr.length = htons(data_len); + ph->proto = proto; + skb->protocol = htons(ETH_P_PPP_SES); + + return 0; +} + +static int nf_flow_encap_push(struct sk_buff *skb, + struct flow_offload_tuple_rhash *tuplehash, + unsigned short *type) +{ + int i = 0, ret = 0; + + if (!tuplehash->tuple.encap_num) + return 0; + + if (tuplehash->tuple.encap[i].proto == htons(ETH_P_8021Q) || + tuplehash->tuple.encap[i].proto == htons(ETH_P_8021AD)) { + __vlan_hwaccel_put_tag(skb, tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + i++; + if (i >= tuplehash->tuple.encap_num) + return 0; + } + + switch (tuplehash->tuple.encap[i].proto) { + case htons(ETH_P_8021Q): + *type = ETH_P_8021Q; + ret = nf_flow_vlan_inner_push(skb, + tuplehash->tuple.encap[i].proto, + tuplehash->tuple.encap[i].id); + break; + case htons(ETH_P_PPP_SES): + *type = ETH_P_PPP_SES; + ret = nf_flow_ppoe_push(skb, + tuplehash->tuple.encap[i].id); + break; + } + return ret; +} + static void nf_flow_encap_pop(struct sk_buff *skb, struct flow_offload_tuple_rhash *tuplehash) { @@ -335,6 +421,7 @@ static void nf_flow_encap_pop(struct sk_buff *skb, static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, const struct flow_offload_tuple_rhash *tuplehash, + struct flow_offload_tuple_rhash *other_tuplehash, unsigned short type) { struct net_device *outdev; @@ -343,6 +430,9 @@ static unsigned int nf_flow_queue_xmit(struct net *net, struct sk_buff *skb, if (!outdev) return NF_DROP; + if (nf_flow_encap_push(skb, other_tuplehash, &type) < 0) + return NF_DROP; + skb->dev = outdev; dev_hard_header(skb, skb->dev, type, tuplehash->tuple.out.h_dest, tuplehash->tuple.out.h_source, skb->len); @@ -462,7 +552,8 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IP); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IP); if (ret == NF_DROP) flow_offload_teardown(flow); break; @@ -757,7 +848,8 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, ret = NF_STOLEN; break; case FLOW_OFFLOAD_XMIT_DIRECT: - ret = nf_flow_queue_xmit(state->net, skb, tuplehash, ETH_P_IPV6); + ret = nf_flow_queue_xmit(state->net, skb, tuplehash, + &flow->tuplehash[!dir], ETH_P_IPV6); if (ret == NF_DROP) flow_offload_teardown(flow); break; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 46a6d280b09c..b4baee519e18 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -124,13 +124,12 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, info->indev = NULL; break; } - if (!info->outdev) - info->outdev = path->dev; info->encap[info->num_encaps].id = path->encap.id; info->encap[info->num_encaps].proto = path->encap.proto; info->num_encaps++; if (path->type == DEV_PATH_PPPOE) memcpy(info->h_dest, path->encap.h_dest, ETH_ALEN); + info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; break; case DEV_PATH_BRIDGE: if (is_zero_ether_addr(info->h_source)) @@ -158,8 +157,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; } } - if (!info->outdev) - info->outdev = info->indev; + info->outdev = info->indev; info->hw_outdev = info->indev; From patchwork Tue Feb 25 20:16:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990926 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E40B0C021B2 for ; Tue, 25 Feb 2025 20:46:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=J5bTe8o8mQH1ZgXMn95h4dZTVT YL5WgzDK6teX21UlShzMwhQl4AR2EP1KdJA6eNC3yj0M1vZBjJTzdXGhdCXtXZSO0ZG6F2VqJ+XIe EK7BYt9AEdWTobpUjMFj6ndQa6Xvn/QCw1E/WXr48lXoLnNLEOcogcjBFSgV085S60SY7lPz6CZjK oKA7HDrkmIIW7xg6HE4IaMqfl9Ri1L6gk9b/quwwjyMbcD59bQbFz44B0lg4TvZwM2IdUUueXDTXE Hl/6crX8FEzmfAUrnhsdk5rxbfk8oe5wCkJGt7XO4IFmaErhFgKZ4g13el+42Ma2CUNBg+r9e6QVK 7YCRoNMQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1p7-00000001Qak-0IVJ; Tue, 25 Feb 2025 20:46:37 +0000 Received: from mail-ej1-x62d.google.com ([2a00:1450:4864:20::62d]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1Ly-00000001Kca-0rCm; Tue, 25 Feb 2025 20:16:31 +0000 Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-abb892fe379so911887766b.0; Tue, 25 Feb 2025 12:16:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514588; x=1741119388; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=eT00FkwtOm3oNJ4/N70wso75wmv3upA/VqrKVSfZithoT9CC8Iv2y5etI5kilIStG3 KABpx8o1Y6QsIb4wT4KwHLWqc4t8XhR14E2PJalljUtbRqioh9Us1Ql3GuDwAo6GrZ7W yqJp89vHImP8QnxYfU6g3wk+HkGJQPBOQnchuSZhO3TWcCqrq/XbSEK4LaOiRRgusSR5 mXepIG0bVGm5b8EUsjMouiGXfRehVhNtRRskFk9D2ltV6nXCMaNq+9pFZ4Mnw9v/v4bQ CnI3+fHYfua5PgkVqoZ1ZuUM3qr46yM2jLytH/1mHTDBiQZZu6B6gWsXwstATUHPDDr/ fvyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514588; x=1741119388; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h3xV3TA0ockrC7/s5OEcRj/pNoR8pLIoTTKhN2eYQLw=; b=Natv0RXEghkGfDEWA6LNya2yxPFh61C60p1mIXYT9gO9b5XrP1r/rbYkWl1xXYkUX+ 7mm59iXYSgq/qSMIk+450pAHRwvr2V26hUF8Mx5nzhlh1c5Tx8LD8ui7PUAV1su2DZaT GpUYrIo7oBcx8uUlxLK09T27uInSlw8X7V4KMfJOKs8tYkSyAk12SBctI8watPwGOfu/ ysADpLADeDTUN8spLYlaBj5L/zqkf1vEl0rQRZErO5c1H+i1dfL5+Q6dn94x9Ial5MYO D+qwJX/iaCjEUvHtRAHv/8J5qGudedtUoC49HLMvsTMEvxYypv1FwZL2ImdEFa9pYysE zHVw== X-Forwarded-Encrypted: i=1; AJvYcCUzN3esBrujxlQUr42dHPXcwjB1FZbfvPTozpTeXzfXsx3gN/7TanODiM+5aVx/njNRFaq1U1p2jN3tVDGMYRY=@lists.infradead.org, AJvYcCVfacVtuiaTiDLn5mNkgAW0SJYlMqSQgTfhMv1ia1YBNd5e5krV1Q+PFEmMOnt0Lh6Qv/PCjcKYaPoYsXSbj5S3@lists.infradead.org X-Gm-Message-State: AOJu0Yxv1WiqlwKPfsiAForUfn30Py3baEeCfswh+LMBMjjLMTWjSQwJ /3ruiqy4sRVPcAx6IW2/zNxkD4fq0MvIYivyWHl4IfW6FbnQ25l5 X-Gm-Gg: ASbGnctRgUGXIknHKiZJSCE0SDMwY6NsgR9kMI0W0ejUhrfxmOTHp2UsnLMgLSNGngA wou18s6CR5bqa2h/eV2X67dWNKhKvdGugmyyhTt7w6VbQbLmwYcIisoSX5TvbiKEsqXGhQmfDAJ s8exuGqwNS4fECBvCQj/AG3cLcAIJmrKUjsUYke4lDtL10qbVSqetfkQJV92c31eXq7fwoT1JMj bOco/Ef5tgDSRjsY35J51DHlDGDyrGeaQ+RF5XwHKuJGBDD073Aq/wYpnhYDZumf8qnPeyoGPEZ U23vxCUt/1KDUIMrWKuQuPtHtPVgbIG6xtcR+xvUEdB3InimKI+xVFoK/FxcHfB0UClwJp3rQm4 jUg16zPke0pYj2ZBHMax5wXreFGc7winx7tFEy1njpb4= X-Google-Smtp-Source: AGHT+IFi5xh5+qQVymlO946K7Lt3PSU8gs3AiUL8uPpi5lpGCGAduFw1hnHU+RygxLF/r/WZYXOsOg== X-Received: by 2002:a05:6402:2812:b0:5df:25e8:26d2 with SMTP id 4fb4d7f45d1cf-5e444853ee3mr10719586a12.5.1740514588315; Tue, 25 Feb 2025 12:16:28 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:28 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 02/14] netfilter: flow: remove hw_outdev, out.hw_ifindex and out.hw_ifidx Date: Tue, 25 Feb 2025 21:16:04 +0100 Message-ID: <20250225201616.21114-3-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121630_243470_75023098 X-CRM114-Status: GOOD ( 15.27 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Now always info->outdev == info->hw_outdev, so the netfilter code can be further cleaned up by removing: * hw_outdev from struct nft_forward_info * out.hw_ifindex from struct nf_flow_route * out.hw_ifidx from struct flow_offload_tuple Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 2 -- net/netfilter/nf_flow_table_core.c | 1 - net/netfilter/nf_flow_table_offload.c | 2 +- net/netfilter/nft_flow_offload.c | 4 ---- 4 files changed, 1 insertion(+), 8 deletions(-) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index d711642e78b5..4ab32fb61865 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -145,7 +145,6 @@ struct flow_offload_tuple { }; struct { u32 ifidx; - u32 hw_ifidx; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; @@ -211,7 +210,6 @@ struct nf_flow_route { } in; struct { u32 ifindex; - u32 hw_ifindex; u8 h_source[ETH_ALEN]; u8 h_dest[ETH_ALEN]; } out; diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c index 9d8361526f82..1e5d3735c028 100644 --- a/net/netfilter/nf_flow_table_core.c +++ b/net/netfilter/nf_flow_table_core.c @@ -127,7 +127,6 @@ static int flow_offload_fill_route(struct flow_offload *flow, memcpy(flow_tuple->out.h_source, route->tuple[dir].out.h_source, ETH_ALEN); flow_tuple->out.ifidx = route->tuple[dir].out.ifindex; - flow_tuple->out.hw_ifidx = route->tuple[dir].out.hw_ifindex; dst_release(dst); break; case FLOW_OFFLOAD_XMIT_XFRM: diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index e06bc36f49fe..d8f7bfd60ac6 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -555,7 +555,7 @@ static void flow_offload_redirect(struct net *net, switch (this_tuple->xmit_type) { case FLOW_OFFLOAD_XMIT_DIRECT: this_tuple = &flow->tuplehash[dir].tuple; - ifindex = this_tuple->out.hw_ifidx; + ifindex = this_tuple->out.ifidx; break; case FLOW_OFFLOAD_XMIT_NEIGH: other_tuple = &flow->tuplehash[!dir].tuple; diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b4baee519e18..5ef2f4ba7ab8 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -80,7 +80,6 @@ static int nft_dev_fill_forward_path(const struct nf_flow_route *route, struct nft_forward_info { const struct net_device *indev; const struct net_device *outdev; - const struct net_device *hw_outdev; struct id { __u16 id; __be16 proto; @@ -159,8 +158,6 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, } info->outdev = info->indev; - info->hw_outdev = info->indev; - if (nf_flowtable_hw_offload(flowtable) && nft_is_valid_ether_device(info->indev)) info->xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; @@ -212,7 +209,6 @@ static void nft_dev_forward_path(struct nf_flow_route *route, memcpy(route->tuple[dir].out.h_source, info.h_source, ETH_ALEN); memcpy(route->tuple[dir].out.h_dest, info.h_dest, ETH_ALEN); route->tuple[dir].out.ifindex = info.outdev->ifindex; - route->tuple[dir].out.hw_ifindex = info.hw_outdev->ifindex; route->tuple[dir].xmit_type = info.xmit_type; } } From patchwork Tue Feb 25 20:16:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990927 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 007BBC021B2 for ; Tue, 25 Feb 2025 20:48:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=UfYbeyZ1bd63VW/0XhpY3Qp0NO IcivDM1Sa2XYB/u/QMvlO/B2nOGIPwldha2GuqsJugDtFqKsD0PqvU7t0g/mnKj9Tc4Wu4hUtzh7g JicZiHupBM4mSkflUUPfY7TqD/VfzEXKbzZexZBINTXGg60xIiW1DGFiaz588yspvpIKIIywLCVS3 8T/ije303FjHaBhlGPHvBJrF3FSN5fjuVJkDALMDxDSgehGkpmIheBI7k2TOvnQdyGwXqbCjeLLlh OFwZ6Npf0/Fvr7J7A9i+vOKvd5ztmwd//67y9m0qb7bjmE7MLtEcwYyahB6/ngOznV30FQCJFw2a6 +3oNwe0Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1qc-00000001QqC-0KMl; Tue, 25 Feb 2025 20:48:10 +0000 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1Lz-00000001Kd3-0e4F; Tue, 25 Feb 2025 20:16:32 +0000 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-ab771575040so31020466b.1; Tue, 25 Feb 2025 12:16:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514590; x=1741119390; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=GhUs+wc89wO7jHlCFQdxY5GIL/uPI2yPPg3GuKyIivbaJGA2+wUMETZbJ4Yu2ekB+R V+nC/4luDoXl9ViIX4kyFmOl2TreUAFBr7UHA0fYkd0Vnw+PF+UQbYbzgShie56yApBV +aDDp9JfvORiLii9lNJitOwv+YFfmX22UFit1WZMFxTnp9O4OxmtFPhNReBpCho3akuC Y/g43+5VXyxjePZRavOF7ZsJZXja2BGeclEcu96XEuY6E3RWdtS7YMKALkHtqaybTS/C C5xdZyQhaIbGi+veUhu9ocoII9hVtW9cZPA2TXlnGVMt61diUMHUZDFNkobeXDr0C8KW hOew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514590; x=1741119390; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+rhlCg4/52AHm6e8tJsmpQptNUxepmsLI5spztxpn6c=; b=gBUQKSnz4+2REqajXxhwaqKwa2JkbuzDC6MJ9/JwMbXYjEuQYDDXm+fMAL4iIhXDvF AcLZhNPQlIGrgikzXH5qyqExbJvoqBf+7KMB3rMnwsR+k4hMbaMKfoLOcxo6nJ8Kw9r9 wu8rrq1M2ctaHq4w0MwXM6bksuJ0VBqVkAFPBHQ+xbj/z/0khalAHpebRA4zoUMTB1KU OuKKjpd6dufRNJ+zo+y/1wZMYenf0uUl1eWTmg9ACGctxXixX4sSeZYmGiYuCU3Nerzp ZCP/H3jqhCdbNlA+P0eOOQnyTdyl9e1jBlYP5MU3OA+eU87N+rBCSvPkwCFogill5NfB KVhA== X-Forwarded-Encrypted: i=1; AJvYcCVySZ5smwot7amcbhLtDaSfR3/JAgHC6Sc89QtBCS1mEAhqb2ccXCHpHV1ZJfzUbcJXYiCB+Iu1/n+eHU9ebp8=@lists.infradead.org, AJvYcCXIBAMQtV6Axx7EfdQffDz9gx7QotS8uBK69kMZgTg2n/hLGpP7p7Pqe+I0lEjuyGW1/ykpn3KG6zOVtS1bxel0@lists.infradead.org X-Gm-Message-State: AOJu0YxgeSizT1scLevx37Tt9Ix4gP4X7bJJYLENjdJdHDHmi3rnq+lM ZyQwl4SpBOSHaHU4jU2fqt6FhZOkAZa/ki3gKO8GhvRt10jfCdMl X-Gm-Gg: ASbGncvXRvazCIn+4cI4GkDtJbnEU00Op/j6fQlsJTeodTMzGEJszCFwWT+4gFgZhbb zNUiBOl4KR0qpVbbzUx1zTPKr3nRrlrBwvSmQMF/acBs7m0fqjCMYFHQVAFbJsPA2alSQf+RlmI vqDOrqSmsFGYJKy64qkUz17zuTRmfNdVBbSoxGuC9mYt62NsK1ozvH69a//eib6S2b9uDU2gbz3 /dmAVwiRuRgU4PGHUDB4XD7vvfn3ueumGeTxwIBQhbg0o88u/rD1w5YoPj6Qly/MKSbC81jTbBX XekeNKa9WviIHazNzdIcV5EBDgMkRO9buoRKEnYnfmO7ltFSaep1W5E21M++x4DSf1eEuXKEqC9 TANJ9KckXMw8qPODQU4yzWL52uzKbkop0ce9SmoilGRw= X-Google-Smtp-Source: AGHT+IGjYzWXLvnzGLyEXex+ETYVw5Q0C/1jRBzHoDa33wNIkf6eiEa2/vyA43CLHzQ2U9WVtqxm+Q== X-Received: by 2002:a17:907:780e:b0:ab7:798:e16e with SMTP id a640c23a62f3a-abc0ae91168mr1674875466b.15.1740514589399; Tue, 25 Feb 2025 12:16:29 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:29 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 03/14] netfilter: bridge: Add conntrack double vlan and pppoe Date: Tue, 25 Feb 2025 21:16:05 +0100 Message-ID: <20250225201616.21114-4-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121631_191590_AB763108 X-CRM114-Status: GOOD ( 14.45 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to conntrack 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets that are passing a bridge. Signed-off-by: Eric Woudstra --- net/bridge/netfilter/nf_conntrack_bridge.c | 83 ++++++++++++++++++---- 1 file changed, 71 insertions(+), 12 deletions(-) diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 816bb0fde718..4b4e3751fb13 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -242,53 +242,112 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, { struct nf_hook_state bridge_state = *state; enum ip_conntrack_info ctinfo; + int ret, offset = 0; struct nf_conn *ct; - u32 len; - int ret; + __be16 outer_proto; + u32 len, data_len; ct = nf_ct_get(skb, &ctinfo); if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED) return NF_ACCEPT; + switch (skb->protocol) { + case htons(ETH_P_PPP_SES): { + struct ppp_hdr { + struct pppoe_hdr hdr; + __be16 proto; + } *ph; + + offset = PPPOE_SES_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + ph = (struct ppp_hdr *)(skb->data); + switch (ph->proto) { + case htons(PPP_IP): + skb->protocol = htons(ETH_P_IP); + break; + case htons(PPP_IPV6): + skb->protocol = htons(ETH_P_IPV6); + break; + default: + nf_ct_set(skb, NULL, IP_CT_UNTRACKED); + return NF_ACCEPT; + } + data_len = ntohs(ph->hdr.length) - 2; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + case htons(ETH_P_8021Q): { + struct vlan_hdr *vhdr; + + offset = VLAN_HLEN; + if (!pskb_may_pull(skb, offset)) + return NF_ACCEPT; + outer_proto = skb->protocol; + vhdr = (struct vlan_hdr *)(skb->data); + skb->protocol = vhdr->h_vlan_encapsulated_proto; + data_len = U32_MAX; + skb_pull_rcsum(skb, offset); + skb_reset_network_header(skb); + break; + } + default: + data_len = U32_MAX; + break; + } + + ret = NF_ACCEPT; switch (skb->protocol) { case htons(ETH_P_IP): if (!pskb_may_pull(skb, sizeof(struct iphdr))) - return NF_ACCEPT; + goto do_not_track; len = skb_ip_totlen(skb); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ip_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV4; ret = nf_ct_br_defrag4(skb, &bridge_state); break; case htons(ETH_P_IPV6): if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return NF_ACCEPT; + goto do_not_track; len = sizeof(struct ipv6hdr) + ntohs(ipv6_hdr(skb)->payload_len); + if (data_len < len) + len = data_len; if (pskb_trim_rcsum(skb, len)) - return NF_ACCEPT; + goto do_not_track; if (nf_ct_br_ipv6_check(skb)) - return NF_ACCEPT; + goto do_not_track; bridge_state.pf = NFPROTO_IPV6; ret = nf_ct_br_defrag6(skb, &bridge_state); break; default: nf_ct_set(skb, NULL, IP_CT_UNTRACKED); - return NF_ACCEPT; + goto do_not_track; } - if (ret != NF_ACCEPT) - return ret; + if (ret == NF_ACCEPT) + ret = nf_conntrack_in(skb, &bridge_state); - return nf_conntrack_in(skb, &bridge_state); +do_not_track: + if (offset) { + skb_push_rcsum(skb, offset); + skb_reset_network_header(skb); + skb->protocol = outer_proto; + } + return ret; } static unsigned int nf_ct_bridge_in(void *priv, struct sk_buff *skb, From patchwork Tue Feb 25 20:16:06 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990928 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EF9B4C021B2 for ; Tue, 25 Feb 2025 20:49:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=E/OBmHweYC+BmmLBskqBqwt6ZD s+k/YEyXQRaR+10IRY/1y1zVnGdD5AcXmW8v6y+tLDHYsW6MIedEJja/bZsfBqsat60hSeWwQfxsf SXHpNgCAQFn4wqcfr5oy3k6FIWuoNKnhTCP7CLm0dYFzOIjTk7RI3awgLmCorroXpI0EJEytYnSOS K+aSOJG1CeJjBk8B8X43VmVq2/ZngC7qum9cyJDiAQvaD8y9T1Lz5CoHsJNxOiY8bD/Gasu2xugES S4bG9qzxLmApyhs29SpnIrHoHvRu/68BrQigcguTi5hQfm1SVw567rGjtVye+5vSULPKtRjI74/x4 RyzIslyw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1s6-00000001QzB-09n3; Tue, 25 Feb 2025 20:49:42 +0000 Received: from mail-ej1-f41.google.com ([209.85.218.41]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M0-00000001Kdt-2hyG; Tue, 25 Feb 2025 20:16:33 +0000 Received: by mail-ej1-f41.google.com with SMTP id a640c23a62f3a-abb892fe379so911893566b.0; Tue, 25 Feb 2025 12:16:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514591; x=1741119391; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=huU1PLN3EHU467/JSrQppanLYQFLNasGi1Uu0J75+Whe4lo7HC65r3cRcleIvqxS/6 Em2Fpwam69JDh03EWOi7R4EGPkbC19PIE6HrBM2uR+gB2SX0/MJ8zDX1MIE14pqh6YJl ilu0yFpSE21D0G0gpNuCgxWDp4ENatYb9lCUvAc55YIZwrBOnu0WkLnjbb1F71RIDLt2 rsN7F9f38NobhXOQFo+fz9HdHEOWSLYIHvugVnZFlPE3HTMEnh3nMvru5SiLihNc0zEv gtpgDQ40MuBO7e0/4J9HaIPMgUlPQRChzTDVCheFocAasrEOJ/dhuo2VsVQLsipQW2cS 97RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514591; x=1741119391; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ukwtTV0ExXBJKM7v4LhbJXSMG6hQJqW8GgzzDxNF23M=; b=IQwMS2TPYS4ZnlnB8iizpi2xrP1vi5nzhDJ6ehOGiqPH7/2o12A4mGfVqeE+Qrdjr6 cNWILfO8P58ZgDv+yLwSh86Ja2RltRXGYNJjr8gNjNhe/5bwYKO47k0ksEJZssEBOEwA pT2twIVaJWT7OeGfKZz6pNRQ7afw55ZAe66yzAurch4lYE2ox5jWKekPKw9BylgFEgrY NV2aZbv8X66AK4XN1t12DDq0SucXCCJ3b/7LgHEI4/g+h/3tFAlKdMlNGzDRd8NMHgsG ktyTj+V4bKPtzUEvzRqiv8+j9qvzGvnEpt+SCjL3RSgj6kc/EkUGsrY1MN6QgNWmTOV/ LFTQ== X-Forwarded-Encrypted: i=1; AJvYcCWViSWGJVZcisrnG+ZCNYGhzh2rwnVrl+hLIbjfx1sB4on2wog0DSwRJ6ZpYnF3rGZcPP2o9Vvb6i2PcXazVVU=@lists.infradead.org, AJvYcCXn6Cc7IR2NELnXqTghoeS6w6Tox1nBerQ27BDXA/QXvuDVTZWdLLGEEisPw2mVf3lYMFF7gnAXjBtExFhiwc2Q@lists.infradead.org X-Gm-Message-State: AOJu0Yy3o+Kv9/cxcbneVyB/QXRSDMfLDemhPM28GGtZIx2nds6lWv79 Tc1VN8FrP4/+/X0QyYBwUzaJG3AJRvwqhKRRP3HsYAFlwIecYHF0 X-Gm-Gg: ASbGncu9Zm/DVKnTywgIdbif+zGdk8VBeoNdseYNJy+RfumyOjdNXb8DZVmex7Qg46d Deh0BaSadB9zDVA6AawShlbPziFqm6mT9zA2ofzG6a/pWRqrH0KkjUy6goLykL6ByAbKDWervZ4 lA5RwUe3ImAPDNYTOtlMMYSTmzMDb9bYTSN8DEXg6VhQ5yamkUUtp2QkYzeOiiDVQufnezJ4a4X NJ+S3WS2KJ5wKC+LBPq6swYdr7MqiPYyyKzfwBKdAP1YXfKG9oVv9d9RFKvEVxJyeJPZKR7muHE z7dLe5IXZ0IQFIOgdF3qxPaCxdy0HElmkactSVe98PYQjzVZyR0zbaIT7Q/jH450u6uVBe8l3fc lOq41TSIO6Dv3UzThkvNUXVVQi+7Pe5/toGXtuEOejD0= X-Google-Smtp-Source: AGHT+IFELKJeBL47E24AYBhFNQB8kxvH4OvNCfLa7OLiE5g3zAvMls9N3TtS1GIRuC8kJEKI8Wmk4Q== X-Received: by 2002:a05:6402:210d:b0:5df:6a:54ea with SMTP id 4fb4d7f45d1cf-5e4457abbc9mr11921566a12.11.1740514590457; Tue, 25 Feb 2025 12:16:30 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:30 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 04/14] netfilter: nft_chain_filter: Add bridge double vlan and pppoe Date: Tue, 25 Feb 2025 21:16:06 +0100 Message-ID: <20250225201616.21114-5-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121632_684358_8A2E85EE X-CRM114-Status: GOOD ( 12.31 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This adds the capability to evaluate 802.1ad, QinQ, PPPoE and PPPoE-in-Q packets in the bridge filter chain. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_chain_filter.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c index 19a553550c76..7c7080c1a67d 100644 --- a/net/netfilter/nft_chain_filter.c +++ b/net/netfilter/nft_chain_filter.c @@ -232,11 +232,27 @@ nft_do_chain_bridge(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { + struct ethhdr *ethh = eth_hdr(skb); struct nft_pktinfo pkt; + int thoff; nft_set_pktinfo(&pkt, skb, state); - switch (eth_hdr(skb)->h_proto) { + switch (ethh->h_proto) { + case htons(ETH_P_PPP_SES): + thoff = PPPOE_SES_HLEN; + ethh += thoff; + break; + case htons(ETH_P_8021Q): + thoff = VLAN_HLEN; + ethh += thoff; + break; + default: + thoff = 0; + break; + } + + switch (ethh->h_proto) { case htons(ETH_P_IP): nft_set_pktinfo_ipv4_validate(&pkt); break; @@ -248,6 +264,8 @@ nft_do_chain_bridge(void *priv, break; } + pkt.thoff += thoff; + return nft_do_chain(&pkt, priv); } From patchwork Tue Feb 25 20:16:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990934 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 21EDEC021B2 for ; Tue, 25 Feb 2025 20:51:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=glD7coNk2GO9/l1adKLN+uo1Xfh2D3YWudU7CjoMsSA=; b=ODukzeiwhM3kMGvqAZtddIPfWj buQGfbSKdH1MxKs8Hwmls00p4B107t0gnCSDHQhrybmnuGTwVmNid5jpRM4sqxI+9xwS34lynePy/ QKQCtsz0xSPo6rV+bhP3+Ns23erfROJuVJXZtZYwzWnkHjqb5He5b6ILQr2AEkx1OBGCtEX+tiKiX /NissD87UK/fJ6yW7iX199k461HOmtuD4aArh3NVYRjcdSyGZVbag9QkU1bY2tayHwlp6YIpXygLl 4vlkRe3PIwBqNl6pk7AuKhNzZpiQn77XnqSDhZ7KussSvf4PLg8DB3woItTE4GiMAfgfQzSIp75CV OFEafY/w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1tb-00000001RAC-1FIQ; Tue, 25 Feb 2025 20:51:15 +0000 Received: from mail-ej1-f54.google.com ([209.85.218.54]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M1-00000001KeC-25Oc; Tue, 25 Feb 2025 20:16:34 +0000 Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-abb81285d33so40104266b.0; Tue, 25 Feb 2025 12:16:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514592; x=1741119392; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=glD7coNk2GO9/l1adKLN+uo1Xfh2D3YWudU7CjoMsSA=; b=BrEPxAvnADjMEynAkJHcjtRfL2FbVE9Ot9fu0t7CiU6oJHfqqMEYwh1LMpXbZidzvm qXIMF14+b8y3PAzxDD5V4s9xO/NmUlbkzOUY05qC+1UoL7jhX4mTYW/mPgCyflTnazlG ldhBOp8Fdx0HKzB5jdnt5TfrJ6JzVb3vgqqTCZIRa1S6RfW6h9M/HVLvjFvzmBXnnzmq FhYSKkAbgmRhcBc5oArBF8PWpVXQaw2Jcj8S+s+hAs4IDSPDicE+cxrfBe6nM67tA2rz vKt+RNi2mgEixFyWM237s6B4xBeiRCu68KawdYdDoE/ooAlL23xKSTtF/dP/DKiQbdoB HJpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514592; x=1741119392; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=glD7coNk2GO9/l1adKLN+uo1Xfh2D3YWudU7CjoMsSA=; b=h3ftvnZysFN6woImVnuaWdblQJkhXefJ90xyHMKVcfo3Z8UxL4QyB32EMxVjgDbzzo 6TaYBksPbvdmIz19K242eemglBTk5HkmcfhyxFtEGIciRxIDfULKD2swC+/Q3/ZiZjFO nlV2yLmKF10rIOkHwW+VFMgEpImLrtz/lm4Y2RRJni7/XRWA7grE5uzFXg5lM4CDMj3P 6BE8lEOYESzyZceKyL85zu+HzP9IU3ng68AI1sjiYLMCFFMBYaQ/bPkregj8kxrSf7Ot /IBxdc7/42xb/Hshg5+OBJCZZ2+qq9kYFdd2jrtUGklcADeF5wBi7KhItIghWD9VUXkN JC4w== X-Forwarded-Encrypted: i=1; AJvYcCVz70pAskrqV92n5q+tp3BdpyjOhv5a2c+ZP/hR+01v8mlKANDbA9Iz8LvUg/H2LhtZxLiRtLIIXVv1PFLhKLM=@lists.infradead.org, AJvYcCX2ICrcMV+LeKCiJCal+/rZVRsVQRk31m+3oWLm6mB7Kd6egaabM2qyZnzflvgy/TgXaUpMQQEMemapcD6FYfc+@lists.infradead.org X-Gm-Message-State: AOJu0Yx+ELbMsynjM8j/w19Z8/ncopfx3mSyZ+H5YtD+CB5LSg9nXhFL 02QTiCgxa+TD5T2JrMSdYGLQfTvs+qV4Rxi2OSC4A+/eYJxB2pZP X-Gm-Gg: ASbGncsxM6w6SIGz1DPfy6abFCwbF+6rPuIuLPylhbyADlxWiW8wWxK5LqbZfOVzpN9 /MDs/Xxg3gfhIpadgtPXiE4svTWjzoB/2VWH8WLHuxOEaJjKl3Bpj7MviqnDUOnif++rAx/mHTE knmMrugKz13hDB8FskTJGGCavtzl2zwavkiBx9znVCdkCu2liq83TY0wwwJt5bA8+40K3yWRqB2 JandVn1GsgPz3HR+ywf+qGU91IyGkOgx2JP1EqQM4KMhTXOUlYFsA0GBUagp+XekmaOr2pGVwrP m52poefENHfqfPRTNug4kIsRMexYJPFhYvcYJlEC4BYMVkNl5nNTY+chnxWEyrlMC4yysuHd0mW QGNwPFmch0K8/XAtOvqjDU0/wu10nAGTm95+mRxWbhks= X-Google-Smtp-Source: AGHT+IEjvw2ycbh6O1a2xVehSVYNCqn405b5ejvhuSsYBKJJvxe4gk715VpktRuefN5csP8lyNYY2Q== X-Received: by 2002:a17:907:3da7:b0:ab7:98e8:dcd4 with SMTP id a640c23a62f3a-abc09a097c7mr1694058566b.20.1740514591509; Tue, 25 Feb 2025 12:16:31 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:31 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 05/14] bridge: Add filling forward path from port to port Date: Tue, 25 Feb 2025 21:16:07 +0100 Message-ID: <20250225201616.21114-6-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121633_533993_61938147 X-CRM114-Status: GOOD ( 16.81 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org If a port is passed as argument instead of the master, then: At br_fill_forward_path(): find the master and use it to fill the forward path. At br_vlan_fill_forward_path_pvid(): lookup vlan group from port instead. Changed call to br_vlan_group() into br_vlan_group_rcu() while at it. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/bridge/br_device.c | 19 ++++++++++++++----- net/bridge/br_private.h | 2 ++ net/bridge/br_vlan.c | 6 +++++- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0ab4613aa07a..c7646afc8b96 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -383,16 +383,25 @@ static int br_del_slave(struct net_device *dev, struct net_device *slave_dev) static int br_fill_forward_path(struct net_device_path_ctx *ctx, struct net_device_path *path) { + struct net_bridge_port *src, *dst; struct net_bridge_fdb_entry *f; - struct net_bridge_port *dst; struct net_bridge *br; - if (netif_is_bridge_port(ctx->dev)) - return -1; + if (netif_is_bridge_port(ctx->dev)) { + struct net_device *br_dev; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev) + return -1; - br = netdev_priv(ctx->dev); + src = br_port_get_rcu(ctx->dev); + br = netdev_priv(br_dev); + } else { + src = NULL; + br = netdev_priv(ctx->dev); + } - br_vlan_fill_forward_path_pvid(br, ctx, path); + br_vlan_fill_forward_path_pvid(br, src, ctx, path); f = br_fdb_find_rcu(br, ctx->daddr, path->bridge.vlan_id); if (!f) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 1054b8a88edc..a0b950390a16 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -1584,6 +1584,7 @@ bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, const struct net_bridge_vlan *range_end); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path); int br_vlan_fill_forward_path_mode(struct net_bridge *br, @@ -1753,6 +1754,7 @@ static inline int nbp_get_num_vlan_infos(struct net_bridge_port *p, } static inline void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index d9a69ec9affe..a18c7da12ebd 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1441,6 +1441,7 @@ int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); void br_vlan_fill_forward_path_pvid(struct net_bridge *br, + struct net_bridge_port *p, struct net_device_path_ctx *ctx, struct net_device_path *path) { @@ -1453,7 +1454,10 @@ void br_vlan_fill_forward_path_pvid(struct net_bridge *br, if (!br_opt_get(br, BROPT_VLAN_ENABLED)) return; - vg = br_vlan_group(br); + if (p) + vg = nbp_vlan_group_rcu(p); + else + vg = br_vlan_group_rcu(br); if (idx >= 0 && ctx->vlan[idx].proto == br->vlan_proto) { From patchwork Tue Feb 25 20:16:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990935 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 13928C021B2 for ; Tue, 25 Feb 2025 20:52:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=vgvvO4mRAt67HclOcho5/or4Z9zLgPRzxsVdNZtTjYg=; b=YhADC/1tBgvs+t0Q60Q1J/kFvQ j7cDfNexsYHBLcgS9HPnDzrt+foF3eZ0IA7U2hCHyUGPrvoTNIUNeVC9tUvpc44ALAhh1lpJtlN4j tps7+o3ijDnksnhjETXS5DrKTZ5R1oJJdUxtFgAw+WYj6tK+tSJwYLXGtkjb7iugQ6axD6B9tQP9A 3MMLYy/ANh3dEnheRQFBseXESy+KEbcUPaqLYeRZt99TM14GViBx/mYxlBl7O3NueFR2rtTQjJZdc u0mzQzaTi/SCwjYRz71ua8Uw8adWpmbp+nFP9uTgMCwG/KJDU5riB/h9KUzBVJw+YTH1ozAArDkXU pkIvvmlg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1v5-00000001RHT-0xct; Tue, 25 Feb 2025 20:52:47 +0000 Received: from mail-ej1-x636.google.com ([2a00:1450:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M2-00000001Keb-2544; Tue, 25 Feb 2025 20:16:35 +0000 Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-aaec111762bso407720866b.2; Tue, 25 Feb 2025 12:16:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514593; x=1741119393; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vgvvO4mRAt67HclOcho5/or4Z9zLgPRzxsVdNZtTjYg=; b=NzHCu8xC0IDjTiRAOmyRT6bRgFBhHcNvk0r6f61qq3l3d2HKc0pedn3ZVyZD74nyJ6 A+A0elDi2MaS58XM4/73Aacb3Eriz5h+ioJux7MM0ZiUoYGLdZJNT26QBRURrkiludFt Tjnhv6Z1JqPUXWty1RCHi9YR+DQgifVcGypc5E/3PvD3bL/NMcEuCKX7Yl1Bl9xJK87N FUFyTFl5yDYntuFB+9BXDSBvbu62ESzr4bJEmYMH42oWBRXwircixia5UuB2YV/LYz1C cSv/qhTNjvJXcpCMn0G9U7orwZhbladnA1OQPS5p48CluZPvTJivzIgxA6cE3BzJxXIY eMkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514593; x=1741119393; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vgvvO4mRAt67HclOcho5/or4Z9zLgPRzxsVdNZtTjYg=; b=T2kNYu1hKQd8jGUyi48tDiGk5UdRREPoXMwoxD7syqvIgaDnNFZgp0NjtKpWwmLyrc tWYcf4krmBOLxYhnG9khtecdeSWMor4JW/PDPYuG3nNPqVDVjeMIOIVEji13BVjFG3Qg WDVVHbzC0bLX8ej6nnCEeT1zVzxDDF/zinwj+uEWGb5yoBJ4biO+Xt+bp7TK9HQet47A 9/3v4dy4jFTsBZUmgeLIHFhsTw9xS222uiTiSKMylBoWI0y9NIe2EwZB2FfDlzPldaTE LTrNLwDIRZI2bM9bo4BQGVk3QlDlQPymYbGqsyOvMeevzr5X99XsMG28pKxAd9kyng5k IYUw== X-Forwarded-Encrypted: i=1; AJvYcCVPTH1ZWT3467xytPF4WmnLgKcMYbW0HwWCGx5CR/b1ev/PuEUe5Xb4eDF21ZW+sPfBs2NvC6kvwzKGDr3MSHIL@lists.infradead.org, AJvYcCXQjKEAN8XasGYH/vSV3LqlB1zLMGCss+SOxsyjaxvBR6HAfzU/yzvn9fVejILe/z00wxRlj5JkgTXKeIWUesA=@lists.infradead.org X-Gm-Message-State: AOJu0YxytLnISVs53fTEl72FJASCS9V0LdE2afwxRNKQp8X7RwFjwEB5 anUjGDLiL4eWsQjSBtNTTCrzlvW00Pf+d/93iDEGP3rloanoC7gK X-Gm-Gg: ASbGncu1nGIBR7nHazIdwPIXVepSVVqnA1Brg0lMX/RfoZU4MutkS9S8QTwopuwSwue WLmmaNrt37px2vx+5Zz3Vz01rrgv2OsY02K+WhZSXQx8QGp1C+iqThxs8bHzLbgSwtC69G8/yG/ dHngiBy8Aw7t3BsgqAoR/F14MyWQY9q/3IOlsAuBpyup6G4TVNbq3zEXsdRgLzteQAUZ8uTe2QA f4LR32hGzlKQRrDepJdpShFzCXX6kQFfoIaW/OuIMFWy5nUX0jw3ZWiIUwrv0c8zO8iA4s9mLKS xl7PpIu0ZGshdhwfgVNzpR36YCWmxOHbYBZptnYCotXdLh+QrlhTvU2tpFvf6BlBJyzoGQ+DuS3 RXT2uf+bPEIavCkr4fEvPJYHLHOMCZIDqpm4dTnVXBxI= X-Google-Smtp-Source: AGHT+IHYa/rnJMcG6bw4DaLIqU4PpMQ2X1tUCpndBeXitg+IOobUcH2l24ISv9vbXMdXY/Di07mP4g== X-Received: by 2002:a17:906:31d1:b0:abb:e95e:f2c3 with SMTP id a640c23a62f3a-abeeef4216amr55910166b.41.1740514592646; Tue, 25 Feb 2025 12:16:32 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:32 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 06/14] net: core: dev: Add dev_fill_bridge_path() Date: Tue, 25 Feb 2025 21:16:08 +0100 Message-ID: <20250225201616.21114-7-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121634_534918_209E6F97 X-CRM114-Status: GOOD ( 17.66 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org New function dev_fill_bridge_path(), similar to dev_fill_forward_path(). It handles starting from a bridge port instead of the bridge master. The structures ctx and nft_forward_info need to be already filled in with the (vlan) encaps. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 2 ++ net/core/dev.c | 66 +++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 13 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 9a387d456592..695445927598 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3289,6 +3289,8 @@ void dev_remove_offload(struct packet_offload *po); int dev_get_iflink(const struct net_device *dev); int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb); +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack); int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, struct net_device_path_stack *stack); struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags, diff --git a/net/core/dev.c b/net/core/dev.c index 18064be6cf3e..d5f4fae840a2 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -714,44 +714,84 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack) return &stack->path[k]; } -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, - struct net_device_path_stack *stack) +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) { const struct net_device *last_dev; - struct net_device_path_ctx ctx = { - .dev = dev, - }; struct net_device_path *path; int ret = 0; - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); - stack->num_paths = 0; - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) { - last_dev = ctx.dev; + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) { + last_dev = ctx->dev; path = dev_fwd_path(stack); if (!path) return -1; memset(path, 0, sizeof(struct net_device_path)); - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path); + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path); if (ret < 0) return -1; - if (WARN_ON_ONCE(last_dev == ctx.dev)) + if (WARN_ON_ONCE(last_dev == ctx->dev)) return -1; } - if (!ctx.dev) + if (!ctx->dev) return ret; path = dev_fwd_path(stack); if (!path) return -1; path->type = DEV_PATH_ETHERNET; - path->dev = ctx.dev; + path->dev = ctx->dev; return ret; } + +int dev_fill_bridge_path(struct net_device_path_ctx *ctx, + struct net_device_path_stack *stack) +{ + const struct net_device *last_dev, *br_dev; + struct net_device_path *path; + + stack->num_paths = 0; + + if (!ctx->dev || !netif_is_bridge_port(ctx->dev)) + return -1; + + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev); + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path) + return -1; + + last_dev = ctx->dev; + path = dev_fwd_path(stack); + if (!path) + return -1; + + memset(path, 0, sizeof(struct net_device_path)); + if (br_dev->netdev_ops->ndo_fill_forward_path(ctx, path) < 0) + return -1; + + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev)) + return -1; + + return dev_fill_forward_path_common(ctx, stack); +} +EXPORT_SYMBOL_GPL(dev_fill_bridge_path); + +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr, + struct net_device_path_stack *stack) +{ + struct net_device_path_ctx ctx = { + .dev = dev, + }; + + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr)); + + stack->num_paths = 0; + + return dev_fill_forward_path_common(&ctx, stack); +} EXPORT_SYMBOL_GPL(dev_fill_forward_path); /* must be called under rcu_read_lock(), as we dont take a reference */ From patchwork Tue Feb 25 20:16:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990936 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 43FA4C021B2 for ; Tue, 25 Feb 2025 20:54:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=hKM219gYBPA0Te9jzeHsnsF8Fz /Xa7nL6e5FodL0KxfV2fP0jdYV2ja0qUVcbqqxAm0NvCVxcjOClBpft3+Vc0WudDqY1Lhgzo1FFHU WYpSlsKYzkCRI4FPaTjIHxGsALEyI0n4j30VuqiifWHElpKPVSvvssoKGKA3UlrkRPG6uNQNNvEUU 5JtNgO0iQ24W87NXKJy6jwwE4hvOf9hbkhO9gKWXHO1IdMt2A5rLA05oGv2L39a8RMKk1IiticXX9 Jr0bpeF6ZTOPr0brxDkUUS0kwNrG4oJjLi3F8hfK9sB1dNivA8mtfhXjIx5evbB3MTWHOkLvptlK/ O2/iUbJg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1wb-00000001RW8-1cec; Tue, 25 Feb 2025 20:54:21 +0000 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M3-00000001Kf3-0ivb; Tue, 25 Feb 2025 20:16:36 +0000 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-aaec111762bso407725166b.2; Tue, 25 Feb 2025 12:16:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514594; x=1741119394; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=EjGJd/JMGyYrKQ58H0RcjEBiZ8ZII48zJww5m3tKNWvZ2qlZu/Kjtkq/i/He8G3MuI r27NU6pOje2OIZk1BfhoGt2MMYg+7I46ODJw9/HGo5Tzz15FiCCqJk/64DwGcHtCK52H AKnNRetFg16ZmsJzZCn34e/mE0QXVntGnBKHjXa8qNp4C8Mwh8kpy+ElYOWi4PMeJKSb FbrzH9ysX/H428QTnRx55D5xsA2O68Cb5a+91J5XOb69/sPAaaM8U0UxYPewKOAJAdMA F785WJBtlTop9I/B2KEha7WXYaMrqVWyYLsc4BFh+ngg3uAJy4R81B+ZvaE9aIYT7aBG hwkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514594; x=1741119394; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MAJ1+kbz8lZ4YwPg+OV3VOfAm0Jd01XhEIX1QeYwh3U=; b=Q7puNcvOpW0OaUHyHnAVDmZFrQSujUs3Z4ftUPnTewMMOYrTaNCzsUtXXA7Sni476h bJRyo1gFvBIunt7HDQ5ZpuFUoJN4mqlwU1HoYrPqsNs0JGVUzhIVnTG+Tm2ZcclU2dlH IaBfUyZ2WEGfd74qqqppAD/0NK/tKJbViLeOhx6NtMTt7Yo9xEjZ5l09Bb9lIzr/6iBZ 78lo7ZSc4LNG3CDnMWrNcWr2gU/czvtUdSojk+XaxOj5Ncs7VSNlCvP8NZ6pyuU4hlc0 Ju6W9k6LdJKrXjFCtk9zQemCtAUQVk2JZDip7jnhWp63BwB8LsYgPYfYMCACWvOEVxNF E+uQ== X-Forwarded-Encrypted: i=1; AJvYcCUPFJazfcxhhb/CNuBPeZ2Yqq4F8+7ZKzhgMp6cRpLB3K0RgyEz2BCQ56hhXMJQXZ0+v+JMooV2xzJxg4Vcp6s=@lists.infradead.org, AJvYcCVwKmx3L6q1EUQrSGto8i0dOAYsL/GNQImwy6NqJ78ntgnYMIEFXcBx3xbeBIwlussxrZ4SXZQtHY+GC0oB+UHR@lists.infradead.org X-Gm-Message-State: AOJu0YyUv+oNL2SEC5Tdi/0XOviYObCEMV5YevVP9rdHWHIBzUbuhXQa fcdT+0VxsOpxmvV1wZn5Y/powfznJYGn7awii/Zg+aj+ttepmTUx X-Gm-Gg: ASbGncuxVZ36ykYVfxAJSzS/BSuXU69n0ymVDySLo5O2kJFhbxg7DuWdY5yUifgnUU+ OshPjVSOMFUHmdJgEhQQp3bye9b8xc6ewqS6VfULHYIBSYb7kjDA28r0emWPkfjAxYMd15bxr9Y tlzY8TqcfiR2LswrqoOIvqXlvsF/0Wje3S6L6wSsPN2nVixO4SdXrkmJmUmX2oyOmkbEhjKrDYh ZRdl53wvNt/pc+dmmHZ+0Jjbe0OsMBInzzm23/ozkBQIzwtu71bHIyUENZuP4OdnKsyBXwWCz73 iO2QlWYdlrHnEQk5DcOipfNHSIS0PrpEUXY83+JxG8CxTttOaJzeT6t0c+1WwqwrOJv2cr0s+Ss 9wEis779JSRuU0ZDHW4RU/PUXrr9uBY0OFJPcEhKgK1k= X-Google-Smtp-Source: AGHT+IEwV1DfGXJRPjYjfUai9IFb7gVR/sM912MZVVj4qwykjTK4A5haj0vlM9CKbuHOZqsSxaDDSQ== X-Received: by 2002:a17:906:3181:b0:abe:ea93:2ca3 with SMTP id a640c23a62f3a-abeeedfd836mr54526066b.29.1740514593664; Tue, 25 Feb 2025 12:16:33 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:33 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 07/14] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge() Date: Tue, 25 Feb 2025 21:16:09 +0100 Message-ID: <20250225201616.21114-8-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121635_220264_5E8619B7 X-CRM114-Status: GOOD ( 10.77 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Add nf_flow_rule_bridge(). It only calls the common rule and adds the redirect. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/netfilter/nf_flow_table.h | 3 +++ net/netfilter/nf_flow_table_offload.c | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index 4ab32fb61865..a7f5d6166088 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -340,6 +340,9 @@ void nf_flow_table_offload_flush_cleanup(struct nf_flowtable *flowtable); int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, struct net_device *dev, enum flow_block_command cmd); +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule); int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule); diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index d8f7bfd60ac6..3cc30ebfa6ff 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -679,6 +679,19 @@ nf_flow_rule_route_common(struct net *net, const struct flow_offload *flow, return 0; } +int nf_flow_rule_bridge(struct net *net, struct flow_offload *flow, + enum flow_offload_tuple_dir dir, + struct nf_flow_rule *flow_rule) +{ + if (nf_flow_rule_route_common(net, flow, dir, flow_rule) < 0) + return -1; + + flow_offload_redirect(net, flow, dir, flow_rule); + + return 0; +} +EXPORT_SYMBOL_GPL(nf_flow_rule_bridge); + int nf_flow_rule_route_ipv4(struct net *net, struct flow_offload *flow, enum flow_offload_tuple_dir dir, struct nf_flow_rule *flow_rule) From patchwork Tue Feb 25 20:16:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990944 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 88F93C021B2 for ; Tue, 25 Feb 2025 20:55:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=BjLTV1PBMAO2qvJq2cGu8n+UOT r1ZpY5G3gI45M5nt+1ophg936M/CCQNYa3FAgp+8YvDxv7bVJwEKspmGoCD+xHa7Ni8HQf1NOHguq yc5w7+IfIIbT48P0gcMNASaGhmlG1zkihDTHy9JchqwnxZzksq8X5YJfRlrl6+9UMeJwAvk85nWyZ lmfox21laIKj4yuxGymg5HWvCjVnoglaZscMPaOSUdLsJF/uz7kziKVsBeEiRVuLVWOD5ea+oLk2n wC4dTxwpBGwSXowGf5CrpSboxkpujuBRONy60Ry8/U+0mQXqgTb7hlYLxamrbtIg5HKzjeXGyN7TJ /7a+Mdzg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1y5-00000001Rkq-2WhX; Tue, 25 Feb 2025 20:55:53 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M4-00000001Kfk-2H14; Tue, 25 Feb 2025 20:16:37 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-abba1b74586so882276666b.2; Tue, 25 Feb 2025 12:16:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514595; x=1741119395; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=nc7qv9Pp5eNHjGqLE3quqUQkKFLHLLvkCQvbJ2avRb9SZoy148J91UOWoPQIa1cbJu h2020sKRVA0Af/4YDQ/LoaAOLceeKEOpZKVyHYgdkJPOVEnk4pibOJIT9YW7mCBb1IL7 QvL8AH512ZYFG7jQA/g+Az32HsW1bu8JjdvGXFdSSssRLNf/laxkUQqoDXSmf3Yn/SuS tD4kx7R0366UZmBJ6C4CrqYv8r6WH/5PlKRjOeBBLo1DOhj4y+Ay0oWv1QUbrdOL156E v0BPad12ZEd9ZBXyvaTc7OOJja0ZtueoSsbpT+GyHxUElFtij4aID4gBKDzCIzN41nUG d3OA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514595; x=1741119395; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6/OfFtkDCpNUsNNnB4udxCcQxzWSEZIHYYoj3YjYWKw=; b=gdxEElFNhxHxZNn42hqWEK7h8kQ0AuwrCvO1IFLSwzPR/0d7gBtQeOYQj6lIZLuQiL 6VX1zRigOde5qonv+CBqcJyHFfBzURZ7FEBpywb78LR9yR40RuU9nXp75EWs3s2jZ3YJ 0HVGGi8Nhf916rpO9YHmQL16CeokTtuaDjhG3swMX90PtJ6C/OhCEPol8RunX0ISjNgZ XnVIc1ve2122YiQEWKHYwHRC4Iyk0Hb1Pr/7cQ5Xq04Je5mqWTkb+BrQejQLw0fyy/qN cG9NQuDo3AMZWfTIkVYBsmctAiDcoWDwMelpNyUy1D1d2DurxetWB91WT5nOrvMPphd4 P59w== X-Forwarded-Encrypted: i=1; AJvYcCWdiN6nW5YV1Qvm7NoMxvAeysvkdM228/GxDBiWIiWbKsrhKdBdj+WhbSJ8bWvVO/lYV/xhZm5jiz7eO30w3UND@lists.infradead.org, AJvYcCXHOC5piKnXsvlup2271+POPcjJwu+z3b8ql0IlG2Q06gimZUujVdsPxGMi7O4Gna/14tk1O6laH8yqbjtf/OM=@lists.infradead.org X-Gm-Message-State: AOJu0YwmNs0MJZmj/nYguNM6GAzPbnh4gQbN3YlnXJzq9oJNGIcMpLU1 3bgXStucvLFEAagPVerfRIkGhrQpepNO6A2oIKrziaa53iMxOhYX X-Gm-Gg: ASbGncswWV/piwViE5E5jBuT8Og10Y+rA3tklJTKm4pOCxCGFGvX1fxqHqcQxBGHXNU LdV4ZFXZ0BEc/O0G7RNznQyMORoMv2HriRSTCuaX9E1xQ0NknWJigCjp8j3zWpu1s1GSqkgTqck vXI8Acxf8faTL/9cLDD4jVZpetbpdTzJn6QhTO/m6Wi9OUhlUZEIyMCUOmRNvAJ4CzC5cMHlK9t JMQ+36fyCAdepOcZJnhXtLk8insknogUOULBnW0z/KWf8wf5VJhKMRBaJyGdrrBIqAUmXMWgpcK 3RrY+9/kmhf8tD62xceLkEPjlapDGP4pXEMHrB8tuFmLlMK0+GOCO/gdbWIjxWjh/q4KCV1Wtfj 1IDPkKi1B1xjysC8UMo9Jd77W0jUWI/pmqRGF6n+CwjA= X-Google-Smtp-Source: AGHT+IGqtwnhdQCtSmqLRlPPBdMfue3nuq7Am6Qo/bcDgts/ZRrpNQ6gtoEj1aOcPx9OCd4I+DxgEQ== X-Received: by 2002:a17:907:1ca4:b0:ab6:d575:9540 with SMTP id a640c23a62f3a-abed1076c86mr522915866b.50.1740514594765; Tue, 25 Feb 2025 12:16:34 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:34 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 08/14] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge Date: Tue, 25 Feb 2025 21:16:10 +0100 Message-ID: <20250225201616.21114-9-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121636_578462_85C4BFC7 X-CRM114-Status: GOOD ( 12.23 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This will allow a flowtable to be added to the nft bridge family. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nf_flow_table_inet.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index b0f199171932..80b238196f29 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -65,6 +65,16 @@ static int nf_flow_rule_route_inet(struct net *net, return err; } +static struct nf_flowtable_type flowtable_bridge = { + .family = NFPROTO_BRIDGE, + .init = nf_flow_table_init, + .setup = nf_flow_table_offload_setup, + .action = nf_flow_rule_bridge, + .free = nf_flow_table_free, + .hook = nf_flow_offload_inet_hook, + .owner = THIS_MODULE, +}; + static struct nf_flowtable_type flowtable_inet = { .family = NFPROTO_INET, .init = nf_flow_table_init, @@ -97,6 +107,7 @@ static struct nf_flowtable_type flowtable_ipv6 = { static int __init nf_flow_inet_module_init(void) { + nft_register_flowtable_type(&flowtable_bridge); nft_register_flowtable_type(&flowtable_ipv4); nft_register_flowtable_type(&flowtable_ipv6); nft_register_flowtable_type(&flowtable_inet); @@ -109,6 +120,7 @@ static void __exit nf_flow_inet_module_exit(void) nft_unregister_flowtable_type(&flowtable_inet); nft_unregister_flowtable_type(&flowtable_ipv6); nft_unregister_flowtable_type(&flowtable_ipv4); + nft_unregister_flowtable_type(&flowtable_bridge); } module_init(nf_flow_inet_module_init); @@ -118,5 +130,6 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pablo Neira Ayuso "); MODULE_ALIAS_NF_FLOWTABLE(AF_INET); MODULE_ALIAS_NF_FLOWTABLE(AF_INET6); +MODULE_ALIAS_NF_FLOWTABLE(AF_BRIDGE); MODULE_ALIAS_NF_FLOWTABLE(1); /* NFPROTO_INET */ MODULE_DESCRIPTION("Netfilter flow table mixed IPv4/IPv6 module"); From patchwork Tue Feb 25 20:16:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990945 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6F880C021B2 for ; Tue, 25 Feb 2025 20:57:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=n/DOtRU67It3seQyg2IDBe0IMn ct7VQItlyORzwgcvDUE79aRa/c47q6YF6esAppHSDn4fjzaCwB+L40JzP+uQeSLhqVfrlWwRaUnoi z1jEmKVhVoMDuO86SnA4cmBRmKmR4fkSr5j7QGrEOxIDh7zCS6oA+HQUtGtOuB65tqUK68WGCw6lh P7pW4Ufm1hqfpTCDIQ7lUeFnkfjtmtnjGpTV6hQxglmqOHFvfxgwgtZT+O6kx/G0+qPnaCjJl7VSh MX+sLk+fJfcU8lP3D3KqHfCGg9QrX6wMIWUlB597ZVA9MrkHXwltyEV08SCU2qrLEdTWmfHPTHhgc XC5rVvaw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn1za-00000001S2q-2KQr; Tue, 25 Feb 2025 20:57:26 +0000 Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M5-00000001KgC-2i0w; Tue, 25 Feb 2025 20:16:38 +0000 Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5e095d47a25so11089512a12.0; Tue, 25 Feb 2025 12:16:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514596; x=1741119396; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=PRC5ggObCR4HijMGj7Ku25gjDk8gtWlxhMkwDZ78gRudoednGrCH8IMx8VxR6KpQ+k 0yw2ZhrO1uxLw4pDLNjdvuQrk/ST3knX282PfBK6zrK2xXrEIb6SeqeQZbd/gt6oesIP CGrHvrc5TSWT76W+6HTxbVq4M+r7wUMcn13NplqlLAF2t5LJErW8d7CFrE7DcACCjtsj LNgjKkGjOfXlKaHraPKQMzKicnXD7ovSqmK6iCEzU6D0quQvUXvx26IkQ97pIcTyr6Fr AujQcpok1o51jcJNwCAcN5xytyXpv7DeSqpDugBWdE0YYce8DU6xC8z9Fy+3H9BjeCmI xcSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514596; x=1741119396; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gr1wMzwLJ3r114jkr+fSh/N13xzOYrfc9OnXbfM4Z7I=; b=d/pw+5EoMHiYptRX2Kt/0vsvrukqNG4YkX3vpkPSNvL6B18/8dBb4IRxGKxOF7jXBZ rt67MX/8GXjnhqyIFvmFLxsWxD3odgfSXeEGdfy5p1UA1jLdYPtGZoHKVzhAN6orAGHX f0AYgaRelnQoPkWbg1bmTfcpoqhjfnzfn/xEZJC/DvgItyTn5ltyePmi0MGvA6MagnsC DgblQEB8irbbwpBBrvPB4PUo76ThHNYhsG2C+S/LO3dWcNVlAumzCvM/YKrnaE0d+mY5 4yM5RGT1KKHqf7y0tDxYwxSw7J+9lPglUjUwkqOemJSPOS4gKLIh2rtCh8rgtWF5ppUH sG0w== X-Forwarded-Encrypted: i=1; AJvYcCVsQ4vmnTAh3YFKHknRjXF4ON4q/mwuj+XcLvBVoRxCNPieHGqoKT5jsjF3YoCzWZh5grlpHsUaSyLVlD83Tz4=@lists.infradead.org, AJvYcCXnkrKJYzX2DMwCTaCDDDDmQ55GXwaoH8a1GR/yqQrAdPg/XZfxdlIn0h5u1LWRqX6/Fg7B5tHxDTFxhjtZXt25@lists.infradead.org X-Gm-Message-State: AOJu0Yw21WeHR7wirA+gBzocbtiCyoKtCIcFYM7uTR771sazvEimqqhA UVOkYBEHvf4iBroJDKrRvf8Nh5MqwKqUs/BrrBAFu3XdvDOEljzl X-Gm-Gg: ASbGnculHUqEhL7655xBTtoXVc426cOAJT3/q6A0I6jUUzQ1RAGlVM9ZvlH3A2flDs6 mli7UaygXcoS9ATFFgkjMLmOtALca6PmaZ9d8g/uCijKDLPey6CGJN7qpnXoQ2N1ZdTYy8F3dkj zpNR6tpLh8iBp09XGPmdgShBEI6TFocwxvgny4gCqPTnH3/G/ULIVjzHYDSEJLKuNlCd456vluF YPiGdh5Tb9jYQfF/Ps+uVnkdIwVTaWmvFPKK0FYmAAZNqb0v65PsevPwKtrusFJaX06iRUwhNvG d3MhTKUVEoevLNgBLDnS8d+/Ukhk1XkSlOWLgCtCFql43LrodYysXunqjIzHsYxrnQvHdNv7zXy aRdV7h+5z3SKjWTFFZGEPes5vn3QqemE++SZvCJ5aswQ= X-Google-Smtp-Source: AGHT+IFQrPMr/zga3A1PXJqgdsJBXZ3US5klRSnZht6r010E2CvDfRMDZ8BFvHY6Z6/b4s4s1eKUxw== X-Received: by 2002:a17:906:30c4:b0:abe:ea7e:d1af with SMTP id a640c23a62f3a-abeea7ed9e3mr122695566b.50.1740514595791; Tue, 25 Feb 2025 12:16:35 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:35 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 09/14] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate Date: Tue, 25 Feb 2025 21:16:11 +0100 Message-ID: <20250225201616.21114-10-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121637_689689_26E24647 X-CRM114-Status: GOOD ( 11.58 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Need to add NFPROTO_BRIDGE to nft_flow_offload_validate() to support the bridge-fastpath. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 5ef2f4ba7ab8..323c531c7046 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -421,7 +421,8 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, if (ctx->family != NFPROTO_IPV4 && ctx->family != NFPROTO_IPV6 && - ctx->family != NFPROTO_INET) + ctx->family != NFPROTO_INET && + ctx->family != NFPROTO_BRIDGE) return -EOPNOTSUPP; return nft_chain_validate_hooks(ctx->chain, hook_mask); From patchwork Tue Feb 25 20:16:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990946 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 475F3C021B8 for ; Tue, 25 Feb 2025 20:59:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=yP1heGO14WxPvhZsVErzrSDpdP fNr0vqusvW7QOTlOpm/tVKhWx1AHg724GIgf7ts2p556Ik5tL0Y8Osh6TF0QNWwABx9vuiYMjXf5q f4C4AZymU7muHB3BxeF+6PYFvgVohyin3YGHVskKwTZPHUbIENPWysQSlsASf/ENP7bxlcx52wfjA 1Km/sBvt2i3cQnpp1L6dbCJRk029BZeWC1NFY6UxkqdVPuhhMiFAe/PNVqkBqql8wzFUiIYlHQ1Df MAMKGX/9pV7f7VTyewoDoWI7hbE6w3yEwwfzfocNa85pc2OaCZgWQFtiHOgfJndLA/+BAcOQ7HlCj f1QkI8XQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn215-00000001SDV-22TK; Tue, 25 Feb 2025 20:58:59 +0000 Received: from mail-ej1-x62f.google.com ([2a00:1450:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M6-00000001Kgu-2fQY; Tue, 25 Feb 2025 20:16:39 +0000 Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-abb7f539c35so1171749866b.1; Tue, 25 Feb 2025 12:16:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514597; x=1741119397; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=HCwZnWbjKXIEBVCr6Js9OsKir2vh5VBFOPz6o7A0lLhkkIyLNRq3aCZh2qgOSPuH3O 0QWUgPlmsLM8VoBFZVHy/3EbR0Lm1itIl2XTZ3RA727F6Wg2YlqCe/+i0f7zxW3Uzubw KVtOOEsZOLatR1fx+U8e7wll1nURnaC+hjctTN9NOmsxv1CWNI6fnyIrMGm+iCNl8+p9 4gazjnc4KkUXskOr30ruzvSLZcENY0/E2aK6GyoXtFydUW07j3uir3di20k4l2ce/klR JVHOQNbQPAdZOafJPDt+IvzoRYYTkvi7yjI2rqnHd6dgPv8lhsnStisobDOx9k76i6w6 Y6Eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514597; x=1741119397; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mNvAyhAv6GepxNEYkCskllQBVi38mrCeZ4SsbbR7WSY=; b=ZqfFJ+zW14YsJv8UYvTWciQHRtaTznJMbUSfzQwsrOkabDTAjglA+4pVoA4hFFGoZp FNZFPdj2k2NF2hq0UoKIhqiJNAegzGZvCcpNXFVy6RbEyXTzBkPcX8NBnk7r2/6RY4Tv 8CPCOy9QxM4YoGndAVJpZurrAmZ3e7xZ8aAABf5A4ojAFebg4fguPXO14JSK02S089+O cylkcoFz6tJT7nU5cwzJs9FSPuFO2OcB5At5bZyfkwKc+IH+ZYcjr5aWT+u8Ht52axKp nJHnsGbYbbaXBMO4MgbgVeP7XxtbqZG/98RWZJVgwyaZmvpYi6YZBs+lLvpCaDLWk+JB yU7Q== X-Forwarded-Encrypted: i=1; AJvYcCUr6XPGEw7rRcmc9nHgA2vl5hvutSlRTyMycPqo2M6eqcS6Sx89RUdzSMpyyatmhQWKo9NSdL3CxUbYuC84BNw=@lists.infradead.org, AJvYcCWwPd9wlZECIfuZEiplLmnTzCnmTFKCl6Z6w4KMGE4CADC+x8bF52Oje7Ujn/T3BUfSbLXCQqsDubK/kv7AmNdG@lists.infradead.org X-Gm-Message-State: AOJu0Yys+O0pA1FwXbEXKaQC3D2py20ZZzgWLUe+V7TYCYlgpAOHIrKE c1IopPlRi3ks2pGmte+Fgk91EkYaJeZygt7amRrZwhycrPHvxCBQ X-Gm-Gg: ASbGncvgqLebDrhZ7AQ5nL8A/vsGdizBOupx/DpH+K2/Uvq3Bxwmw/jWoqR3CQO3M/6 T8UwTjz/WvT9tjKidJkg4mJxuy2RZJIhZxnVQ1IMSdDHmasL+n1DtzZd7clqrm5skeow6BKcYa9 s/1I2hKJPFWFUcbT0EBiBwjJnCsHRw0YSzyeJ4zS+iXTic+63U6gCPux/VB6oBz12K211er5Nqi 6W5Bs4rEZBbSDkPPn+Ob6vm9+hJ6WKTiE9P6L8cHEG3gBqKDP6TNWKu1gFvX7zI3IbiVphuYFlA w3NB0Y/s9K2ZmN4rIFnY+hFStv+RL9S8tms9k6QXG+vxQhBxG2Wb8bOsw1UPkm+9waK87goYs8O 0Z4KFgl4bwiQ23A/pQEJ+RUUmN1Q9pligEPDPxGZGMrI= X-Google-Smtp-Source: AGHT+IGxUdijvIUHSsavOxjOEGtqnGWOKkNqobQSxe06Fq+xOGdhhx0QApPI1c+j5z6WHzO8JVwaLA== X-Received: by 2002:a17:907:1ca4:b0:ab6:d575:9540 with SMTP id a640c23a62f3a-abed1076c86mr522925566b.50.1740514597100; Tue, 25 Feb 2025 12:16:37 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:36 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 10/14] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() Date: Tue, 25 Feb 2025 21:16:12 +0100 Message-ID: <20250225201616.21114-11-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121638_689799_890D5ABE X-CRM114-Status: GOOD ( 12.97 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In case of using mediatek wireless, in nft_dev_fill_forward_path(), the forward path is filled, ending with mediatek wlan1. Because DEV_PATH_MTK_WDMA is unknown inside nft_dev_path_info() it returns with info.indev = NULL. Then nft_dev_forward_path() returns without setting the direct transmit parameters. This results in a neighbor transmit, and direct transmit not possible. But we want to use it for flow between bridged interfaces. So this patch adds DEV_PATH_MTK_WDMA to nft_dev_path_info() and makes direct transmission possible. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 323c531c7046..b9e6d9e6df66 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -105,6 +105,7 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, switch (path->type) { case DEV_PATH_ETHERNET: case DEV_PATH_DSA: + case DEV_PATH_MTK_WDMA: case DEV_PATH_VLAN: case DEV_PATH_PPPOE: info->indev = path->dev; @@ -117,6 +118,10 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, i = stack->num_paths; break; } + if (path->type == DEV_PATH_MTK_WDMA) { + i = stack->num_paths; + break; + } /* DEV_PATH_VLAN and DEV_PATH_PPPOE */ if (info->num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) { From patchwork Tue Feb 25 20:16:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990947 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 523FFC021B8 for ; Tue, 25 Feb 2025 21:00:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=BVAkTZii1Gy4XRugZsnKaWDIV+1UdUIxS1E1wVQkwnU=; b=429TLBkMozN/ShGgI92RjLj2J4 taf0/IZxnfY+MyOWa25TFlFRsGuSSnVY40A4ASPfqovdZrPwEAWzxLR1SFJFB8/z3NN/B1DlTOe+L I0SbdTv/TsxMVS3x4aJ9ZJLSoYb3jNzPN5Zd3F82zJ76XDPTtcfr7FVkmzA439bye2E31lhexun2i dQsUqC89Xd9AEaqrtuAyO6fPkEDWOUUSgGbN7bn2S1cTqbx06tELSE8RVEvDjaNm/xuk5HXLcTjD/ OUIsjlDn9MN0/cOu37aXVk3o2UxTpM2oO2VDP5QvZTUXXl1SGoH0FZPw8WCE2FN3hneU8D7iaCtiZ XowS28Dg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn22a-00000001SRh-20WL; Tue, 25 Feb 2025 21:00:32 +0000 Received: from mail-ej1-x632.google.com ([2a00:1450:4864:20::632]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M8-00000001KhL-06t4; Tue, 25 Feb 2025 20:16:41 +0000 Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-abba1b74586so882284966b.2; Tue, 25 Feb 2025 12:16:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514598; x=1741119398; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=BVAkTZii1Gy4XRugZsnKaWDIV+1UdUIxS1E1wVQkwnU=; b=PqE4Ce+f3hqVXxsLNle2n5BK2Z/3lK+QA3gPDtBseVQGsbFG1vssYFEKKchALqTXGO MrLTerJKBtr5n83IX22Q2PnXhy3U6QGkQe3ULPV4BuR9XnNsOslO1WiDa/oKl1cWMC3p Z9eOcPaxclKGkekkgTDXaLPvOTDmfxw1f83DDuetsp12d4RIhli1lL5xwxjAgOhpYtiM 64God9GKZI6a2YKKhqQjkfHLW/8paq4G5brLE4Nht1vz02uknEjOL2AlS2q5Q9o6g2KW PbUy7hZENw6N4eK6rmfQZA5CNWjP7u9eVmMZ2MWKDEDut8iD4KmYrBVIq/XKLVLih53P HHzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514598; x=1741119398; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BVAkTZii1Gy4XRugZsnKaWDIV+1UdUIxS1E1wVQkwnU=; b=Q7l9B7Xvcom23Z9AqZOJ9WD/dfh6uCwNWWkBY4dV/+Lp/ErD34pbCJP9PpKNhgtjOt iiNkHgzX+OglvBgkOzIm3JuMs0y6/I2pJGP5E95tGPlc411Uo5Y41xUejxRvkDOpn4O/ TC42NMAvFASoRkRcBw+oMeLEoCTcDq8BwvpYYQqCQiWZrvaG9AMTmW2bKZQuYo+VMV2d ALi0RzklmpojaUVUcRyb7OGOi8+rlbgIORcAM1wj8MV3RgLI6mO865GZ5uBJh9qNiL+2 RbUGlawO4cYSe31yiY61xaLUWuYvmg+xUtm2Z8zjuf3YX/4p7+eT1POGXdw0/07mozcN apTw== X-Forwarded-Encrypted: i=1; AJvYcCUuP4TgdCwgo6/4WQwrwa6iliGNHDJZwy7KCpM1IW13osK00bAAOajVgfuNTtfzSeeH29ScmZOkxrMQQu9Xh6DM@lists.infradead.org, AJvYcCWyymLk3s6ZyG3aS61Mc0lP5pGXzp/RqPH5r7/69YXwhR+sD5TQBiObGZi7UNQMySv9r7GjJeC3cNKtM7rXloE=@lists.infradead.org X-Gm-Message-State: AOJu0YyrjOn3isZ/dobDUtHhIC1FnxSdN+Yp39FIimxxSy2Vt7ZRP+X/ Q7YM3dRm3q/EwN6t0A0In4t4fIBHgG4xuQQMaCLj4kUyl4rK70Rp X-Gm-Gg: ASbGncvuXoW1vNbpCT1ZUR7DRACKe/mzw8toklO9azMHxRpkDdcaimSiuNeKCPSpLej ujtyaMJLgwHhwGKG5vdeyrcSy30LcQrTAggF6WbybGrbONBlesv+hTFV0rEvq0+ExtyIxBKpVLQ ZYhgOFjzCrcn29jwNLz17VcBKeQk06p1dZnPXe2rGNrPAbMP6S4zlnT+GOA46sjkrYSSBvFVK+0 zzyd9z8exvMGKc72ozgXGKOpEELfM4x7pkn6OYg9a8+57WRpGITdwoIj/EgY+Ojb5I9vAP8wa3R PDDSAkBnQx56fmA5JH4E0Wqe89yIogq3HLTEmiW92m0QEfkj7KD7OiJVpXkuU6ToIVfWUhQ9TnO dNPUrUQA83b7ddCwTbypQc9JUlAlIj0BGhHNwq7Z8J3c= X-Google-Smtp-Source: AGHT+IFK/xb0AH8q2XIcdgGFCG2/1S/vlx3qUjtu2T+2XCeJrxRROpGepkKKWsPoi8GIWtQoo7ZUrw== X-Received: by 2002:a17:906:a952:b0:abe:eebf:ae54 with SMTP id a640c23a62f3a-abeeebfc352mr51844866b.20.1740514598236; Tue, 25 Feb 2025 12:16:38 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:37 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 11/14] netfilter: nft_flow_offload: No ingress_vlan forward info for dsa user port Date: Tue, 25 Feb 2025 21:16:13 +0100 Message-ID: <20250225201616.21114-12-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121640_061148_7FCE145D X-CRM114-Status: GOOD ( 11.47 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org The bitfield info->ingress_vlans and corresponding vlan encap are used for a switchdev user port. However, they should not be set for a dsa user port. Reviewed-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index b9e6d9e6df66..c95fad495460 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -116,6 +116,11 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, break; if (path->type == DEV_PATH_DSA) { i = stack->num_paths; + if (!info->num_encaps || + !(info->ingress_vlans & BIT(info->num_encaps - 1))) + break; + info->num_encaps--; + info->ingress_vlans &= ~BIT(info->num_encaps - 1); break; } if (path->type == DEV_PATH_MTK_WDMA) { From patchwork Tue Feb 25 20:16:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990962 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 94E11C021B2 for ; Tue, 25 Feb 2025 21:02:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=KGHKkM4qxKd9EB0pt79Yst8lznP4qD+tbsrDkGhaAL8=; b=ZgGwrlZmJkcWcGVjwNOxxuyFkS sGPb6JcOHhKAy4mvccze8HBnW87JXa0gHosjeOvfiGVuWvrkAWS/D1KhXM1aBnABBYijUxjnfuLPw wgwbkYV90vRNWpKAMi5ljr99qpLKufMpG5IbqztKg78WQOFfJJylC8EBWCjq6xYOYKDOIVtVOZzIw 5sJyjnDTDLPNtceIae8V74LkPN1ItsQ0fHhL2lD4SJ94s+5RAb1pH3CiILeeHn+a5jpNNzxy6cmYR jeTRv5cMjhKdOvLmK0MdVpLhf8+HUDpW6R9euDciWJNrZrJv3WfKJHdST38D67anq/BK1hFTdcnk/ MgtQmqxw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn245-00000001Son-37Rp; Tue, 25 Feb 2025 21:02:05 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1M8-00000001Khk-3cay; Tue, 25 Feb 2025 20:16:41 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-abb7a6ee2deso924426266b.0; Tue, 25 Feb 2025 12:16:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514599; x=1741119399; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KGHKkM4qxKd9EB0pt79Yst8lznP4qD+tbsrDkGhaAL8=; b=DWCEhDupGgh7CWsgQhpqlmTae4CznNp5PBAqT9Mr/2J5Xc05nA6cRPWHjjO7eFYPyn lxipaVxld+30seT8knrcKy/A8t5NmN8X9P9SeJ1subJuSP0x62JOkTplGA+M4v67/VuJ GUIrabgU1Ry2Z0ShnFXE2uG/5xzM1Vh9Sc13aC2pzVHlEL55fVdWqRgjOfvf+cC7jyBU 5X4U2Oc1hui1IvnfDo8q4L8AekKLQJB/Oru5J/B9j50cDOK5EQSVM+6d/e7Z5Qo3cLIm BLceY66u0BaEEs+EWnB/Tj8qLk90WRECvgbYdRpYMclQXnCY5Zob18v+sIOK9WUjdMSx 9k4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514599; x=1741119399; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KGHKkM4qxKd9EB0pt79Yst8lznP4qD+tbsrDkGhaAL8=; b=TsZo94DCDkO9q9zYvtuRZ3GmDvdzuxHm3gLEh1M9YSDliCjj+TshgAx0Nxc9P5yyDS jjUypGI/6r6V5Ag6z4ZyaVwh4zoMb7Xhu4Kypo0EcIk+AatluQ9i3cb2E+UG7d/vSRnZ IeKlPF3HjcJ0sY685J1y7mBuRgTEDYLvLZecbfmW/o+0vuZ7yINF9kykDzy9tJL0fH2e qn3kHMm4JggJt667fr0l03MLPPCNYNVvMmP3zP94qBlse7QOT9jYp/HGTceDhdDyXbpP GdRKJZ6SDGMAncyBPA/OKKBahp/T0S7noPhDRA0xJdgrCl+0YC3lGmcX/pIm9O/RrDXj 0seA== X-Forwarded-Encrypted: i=1; AJvYcCWlGCHvoUNUiKK+vQUgjIsDFQqaMsmg1uBk458YEIoSBYYjG74bHq4BLDCl8j0+nChuNCfMB2n1YyeZGJv+0Rg=@lists.infradead.org, AJvYcCX2oZbj3qxw8RWnuNpARxrgdpe1MHTUfXdp6gWmZEAHtoahQ8DpXkNjVsae2tJ+Ueo0O8nbOAo5eGABabZcjWOL@lists.infradead.org X-Gm-Message-State: AOJu0Yz9V212meXpOpMohrljGqE3D97n4eXjHLvh4qdL05nDhFEjM0KS 8BfqtY9ECSo16WrUXnZH06pKYYdzDsKZXUqevs6PT/f/93l09AYF X-Gm-Gg: ASbGnctMXGwIt92mO9A7aQPKk1sA5TBegT28dljflQ+9xqU3orUu0eL9isyMWqfrjOE z4sYvH3MSv+09mBEu2x/5cPv4I/Y8HA+QodC2XRbmdKhmns/jIEGNw/R88kWCOzWsQXKszajXP9 1VtEmYwbocZzuNmaAbzq6iYl+mhY+pJW+1IWZaF000DZXIozq4e5HboCO6f6ny2Ra16k2jdGGbI lxJmYNTLaYkZS8vRcc8+7bvGeD4n6CtFJCP85xebbi2oag5KUFQkE4x/d1XlnosYjlWlfnfOz5m NvYDxrfLC8Se5ruHnIkLV/5ey/ZG6+HBzyhQyfZ02jtVTlrUlIfqP+O5Bvdq4I3nRGGPMeu1wIW pd7h/yiUJ0eowoGALErDpwWhG81Jx4KCmpTCjMlQ7K8Q= X-Google-Smtp-Source: AGHT+IGi2J/TnVCJd90qLZXF9lqOCTre926lpkEhBqqXbPwSB79k3fejjuPTlF2AD8MG8+y85aZBLg== X-Received: by 2002:a17:907:da0:b0:abe:cee1:6a9 with SMTP id a640c23a62f3a-abeeef36315mr55361166b.43.1740514599361; Tue, 25 Feb 2025 12:16:39 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:39 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 12/14] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign Date: Tue, 25 Feb 2025 21:16:14 +0100 Message-ID: <20250225201616.21114-13-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121640_929035_BFAB298D X-CRM114-Status: GOOD ( 21.88 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org In network setup as below: fastpath bypass .----------------------------------------. / \ | IP - forwarding | | / \ v | / wan ... | / | | | | | brlan.1 | | | +-------------------------------+ | | vlan 1 | | | | | | brlan (vlan-filtering) | | | +---------------+ | | | DSA-SWITCH | | | vlan 1 | | | | to | | | | untagged 1 vlan 1 | | +---------------+---------------+ . / \ ----->wlan1 lan0 . . . ^ ^ vlan 1 tagged packets untagged packets br_vlan_fill_forward_path_mode() sets DEV_PATH_BR_VLAN_UNTAG_HW when filling in from brlan.1 towards wlan1. But it should be set to DEV_PATH_BR_VLAN_UNTAG in this case. Using BR_VLFLAG_ADDED_BY_SWITCHDEV is not correct. The dsa switchdev adds it as a foreign port. The same problem for all foreignly added dsa vlans on the bridge. First add the vlan, trying only native devices. If this fails, we know this may be a vlan from a foreign device. Use BR_VLFLAG_TAGGING_BY_SWITCHDEV to make sure DEV_PATH_BR_VLAN_UNTAG_HW is set only when there if no foreign device involved. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/net/switchdev.h | 1 + net/bridge/br_private.h | 10 ++++++++++ net/bridge/br_switchdev.c | 15 +++++++++++++++ net/bridge/br_vlan.c | 7 ++++++- net/switchdev/switchdev.c | 2 +- 5 files changed, 33 insertions(+), 2 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 8346b0d29542..ee500706496b 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -15,6 +15,7 @@ #define SWITCHDEV_F_NO_RECURSE BIT(0) #define SWITCHDEV_F_SKIP_EOPNOTSUPP BIT(1) #define SWITCHDEV_F_DEFER BIT(2) +#define SWITCHDEV_F_NO_FOREIGN BIT(3) enum switchdev_attr_id { SWITCHDEV_ATTR_ID_UNDEFINED, diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index a0b950390a16..b950db453d8d 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -180,6 +180,7 @@ enum { BR_VLFLAG_MCAST_ENABLED = BIT(2), BR_VLFLAG_GLOBAL_MCAST_ENABLED = BIT(3), BR_VLFLAG_NEIGH_SUPPRESS_ENABLED = BIT(4), + BR_VLFLAG_TAGGING_BY_SWITCHDEV = BIT(5), }; /** @@ -2184,6 +2185,8 @@ void br_switchdev_mdb_notify(struct net_device *dev, int type); int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, bool changed, struct netlink_ext_ack *extack); +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack); int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid); void br_switchdev_init(struct net_bridge *br); @@ -2267,6 +2270,13 @@ static inline int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, return -EOPNOTSUPP; } +static inline int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, + u16 flags, bool changed, + struct netlink_ext_ack *extack) +{ + return -EOPNOTSUPP; +} + static inline int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { return -EOPNOTSUPP; diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 7b41ee8740cb..efa7a055b8f9 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -187,6 +187,21 @@ int br_switchdev_port_vlan_add(struct net_device *dev, u16 vid, u16 flags, return switchdev_port_obj_add(dev, &v.obj, extack); } +int br_switchdev_port_vlan_no_foreign_add(struct net_device *dev, u16 vid, u16 flags, + bool changed, struct netlink_ext_ack *extack) +{ + struct switchdev_obj_port_vlan v = { + .obj.orig_dev = dev, + .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN, + .obj.flags = SWITCHDEV_F_NO_FOREIGN, + .flags = flags, + .vid = vid, + .changed = changed, + }; + + return switchdev_port_obj_add(dev, &v.obj, extack); +} + int br_switchdev_port_vlan_del(struct net_device *dev, u16 vid) { struct switchdev_obj_port_vlan v = { diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index a18c7da12ebd..aea94d401a30 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -109,6 +109,11 @@ static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, /* Try switchdev op first. In case it is not supported, fallback to * 8021q add. */ + err = br_switchdev_port_vlan_no_foreign_add(dev, v->vid, flags, false, extack); + if (err != -EOPNOTSUPP) { + v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV | BR_VLFLAG_TAGGING_BY_SWITCHDEV; + return err; + } err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); if (err == -EOPNOTSUPP) return vlan_vid_add(dev, br->vlan_proto, v->vid); @@ -1491,7 +1496,7 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) + else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; else path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c index 6488ead9e464..c48f66643e99 100644 --- a/net/switchdev/switchdev.c +++ b/net/switchdev/switchdev.c @@ -749,7 +749,7 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev, /* Event is neither on a bridge nor a LAG. Check whether it is on an * interface that is in a bridge with us. */ - if (!foreign_dev_check_cb) + if (!foreign_dev_check_cb || port_obj_info->obj->flags & SWITCHDEV_F_NO_FOREIGN) return err; br = netdev_master_upper_dev_get(dev); From patchwork Tue Feb 25 20:16:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990963 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9A5E9C021B2 for ; Tue, 25 Feb 2025 21:03:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=lqvEEiGjtfCg1O2c4wJsc9rlXi5oFjjuoYnCbbZ/cQM=; b=VjILSzIdIW6up4a/7RufmwhcCr M9hi74rLqU/wDeByMij5y+Ay5dsclVMa4DJpZGullykyv8UupJAFsP0K/Mg9x9akjhmjy+cU7TKqE 4DQ911C2wMR6D1ShL6LKBJqXQbyMDjPSsvcs+l1s3anwI1tiolU9CY6e+heAnO2W7vOBSQ3h4L99a Hk5ALKx2osJCEJXfnv7g8pb+yeFif85n59PBBskpHyuuCdS8Sl2WqaCsj/faYhzh6cdBacaoU5+Hk 9pIo88KnzPcbKtDnQDqfpbUa9OXA7lN1FvrAGu/ubRANPKoLoSM/xoifMp+w1HdWKJh79jeNqI2A1 httnPoVw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn25a-00000001TB8-2vXM; Tue, 25 Feb 2025 21:03:38 +0000 Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1MA-00000001KiE-0DAE; Tue, 25 Feb 2025 20:16:43 +0000 Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5ded368fcd9so8843065a12.1; Tue, 25 Feb 2025 12:16:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514601; x=1741119401; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lqvEEiGjtfCg1O2c4wJsc9rlXi5oFjjuoYnCbbZ/cQM=; b=R9fwMaG4deIV/f0V36+tt7h5FmOjyhLokGj87GPVx5RolNe+du55Ln0qL4wzB6O2jz vyIvUq1v5fTn10zSjOPCAHh5Rf8vuJFijlCAqGm4jah4uOXt4SWfdo6EXnMytA2Yybcj 88gmSCcz3CD1r0ew2gjFnPQPEqwuD9zppCLrWUNb4woLyQ71NXDXn+1fL+BxGUicO75i rQ9d42xoCbo1QITkf0sAErMBO1oBSZMbGt50RvEioT77qtPeJDoHi2u6dQgF7Dq0mLpc M2L/27p4JN1o7lfBd9xo9bkoFf8eJmyN4PUH6PGoslNTy3cf3t3nWbS58Q+20u6+lLqM NZAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514601; x=1741119401; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lqvEEiGjtfCg1O2c4wJsc9rlXi5oFjjuoYnCbbZ/cQM=; b=sv880hmfMP+U0jczmPZD/qy7qNNbupVoyXUAv2uuJau9aTipvXiSTszd3+SZa0mlJY TXCDA8Tx2q4Ct1VSVpbw5vi71TY7b7YUw0Qkwtq1pqCNMS5jqsw7yE62RlALqY2g7aYC nHMwxpf6XIi5Cy1P7sEdpM0lh3PjCj6kH+StVTCYCFJFYjs7uFE5C75XMPm04YpaWJ0d CiOHoFLPOlo+0fkAYcPtpOJj0VayQUPTXJkDRS5fIpfmExqZXfPHsYEpHDx/2HUATva3 9KWPl9nH6JBCQPtLeXlPA4VUGA54ltgGbYlSSjqsuG/OAaVyPOP3TfWGOZbUppbnplgO ujHA== X-Forwarded-Encrypted: i=1; AJvYcCVMwDZn/C4X91yuxZFn4rU08sGDLfZ7p12vyy3u/wyg05D/Ky0Hn/KwBAufcT9CVUWidS2i/8OZDT637movlk9n@lists.infradead.org, AJvYcCVeHEqFKpZSlN8Wgz4kSuK4yN9EPF174KxpF94+OvU3R8gt/nLK+mATMZgR+xAFj4eTBgSqmrNTP1KWXd7tfGc=@lists.infradead.org X-Gm-Message-State: AOJu0YzyL61OZrBk+HjpECgFaTZhEfDDVWN0bVqb6vfGs+tDXiHor9De bhOdyNYYIi+N9lcZ3rGfT2wivWChXhAoptOJXqz4mXEv0TJCbbe7 X-Gm-Gg: ASbGncu98Kv6qAu37v1LFxbTnN/HUGeJjrawEbFHo/94j6wKmaN9SsoqP40p8c1cC+l 1orvo4LtmKPKPWAsTJi6gjPjbT8XT1AtHqFnEi3GTwIyLwE5J24INKx45quZ1l0LEJelf1d8vtB 6Pfe/CNCTCxMml5WkciXYi4QyG5g7+SW6rdSvtpWvFBxUVIo/TvN6818f/BOEdjSxJEidaAQkDX Fs20E+zGDvOJ1JnG08kgYLjfwbqBE5EPjDxasVZiQuHr7D3El2k5oVlz0HG/ZK3MNM1oDE/l3Ra CJtEovIJsblfEZn17HV0frl4/8MjFGHFHlMErCG3ShhlFoqbdH8WrlNBO0ZN6KGRE9dgWehMbi8 v8s+B9swAph9DVV5HKAJA0RmGtYzEDRcvsaf1jDx/Xr8= X-Google-Smtp-Source: AGHT+IHhGusG5BMLrTa3hM8cjvDcEm75Lf8vLAMleB4CleirSzLNiv+mlxD0ehZbqG9bpzWHQ5wVQQ== X-Received: by 2002:a17:907:3e0d:b0:abb:b209:aba7 with SMTP id a640c23a62f3a-abeeedcf3bbmr43896266b.26.1740514600495; Tue, 25 Feb 2025 12:16:40 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:40 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 13/14] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW for bridge-fastpath Date: Tue, 25 Feb 2025 21:16:15 +0100 Message-ID: <20250225201616.21114-14-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121642_090519_2A889682 X-CRM114-Status: GOOD ( 15.58 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org This patch introduces DEV_PATH_BR_VLAN_KEEP_HW. It is needed in the bridge fastpath for switchdevs supporting SWITCHDEV_OBJ_ID_PORT_VLAN. It is similar to DEV_PATH_BR_VLAN_TAG, with the correcponding bit in ingress_vlans set. In the forward fastpath it is not needed. Acked-by: Nikolay Aleksandrov Signed-off-by: Eric Woudstra --- include/linux/netdevice.h | 1 + net/bridge/br_device.c | 4 ++++ net/bridge/br_vlan.c | 18 +++++++++++------- net/netfilter/nft_flow_offload.c | 3 +++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 695445927598..9ac7142ee493 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -869,6 +869,7 @@ struct net_device_path { DEV_PATH_BR_VLAN_TAG, DEV_PATH_BR_VLAN_UNTAG, DEV_PATH_BR_VLAN_UNTAG_HW, + DEV_PATH_BR_VLAN_KEEP_HW, } vlan_mode; u16 vlan_id; __be16 vlan_proto; diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c7646afc8b96..112fd8556217 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -430,6 +430,10 @@ static int br_fill_forward_path(struct net_device_path_ctx *ctx, case DEV_PATH_BR_VLAN_UNTAG: ctx->num_vlans--; break; + case DEV_PATH_BR_VLAN_KEEP_HW: + if (!src) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + break; case DEV_PATH_BR_VLAN_KEEP: break; } diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index aea94d401a30..114d47d5f90f 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c @@ -1494,13 +1494,17 @@ int br_vlan_fill_forward_path_mode(struct net_bridge *br, if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) return 0; - if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; - else if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; - else - path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; - + if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; + } else { + if (v->priv_flags & BR_VLFLAG_TAGGING_BY_SWITCHDEV) + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; + else + path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; + } return 0; } diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c95fad495460..c0c310c569cd 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -148,6 +148,9 @@ static void nft_dev_path_info(const struct net_device_path_stack *stack, case DEV_PATH_BR_VLAN_UNTAG_HW: info->ingress_vlans |= BIT(info->num_encaps - 1); break; + case DEV_PATH_BR_VLAN_KEEP_HW: + info->ingress_vlans |= BIT(info->num_encaps); + fallthrough; case DEV_PATH_BR_VLAN_TAG: info->encap[info->num_encaps].id = path->bridge.vlan_id; info->encap[info->num_encaps].proto = path->bridge.vlan_proto; From patchwork Tue Feb 25 20:16:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Woudstra X-Patchwork-Id: 13990964 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8BF06C021B2 for ; Tue, 25 Feb 2025 21:05:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=lrN2POMpfSeXEFbzS4+P+CzQAG ygazvsofUf+t+1uvIHxBibZ7kyf/XwwY5Hl5NG8blPJQICzZuwRi7dOds2jFEJRtgzNTVvRdDHnF/ /6VCrk5Y1kn7XaKKBCEnjMQZq0/TXvCks8SWAuIc6CVDa6HmtvJLbfwSTlD0GJIr5qlkEoTQxb4+y JZzyIWM2isDZqWw3TgT1682HXFtffze7udLd/bBZb6cdBcuFahoBU+cZ0UhlaYFpNsND4qbqB+Qp7 Qo2tI3ZlgYN94mLc9s0UJr57lMc34T1dS8NtXy8Gw+1GIHqbDLQNHfeOdgm9VfiFAilkKPzR1Mmm7 d3z5dxgA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tn275-00000001TX6-2oj4; Tue, 25 Feb 2025 21:05:11 +0000 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tn1MB-00000001Kih-1u2y; Tue, 25 Feb 2025 20:16:44 +0000 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-ab744d5e567so32159166b.1; Tue, 25 Feb 2025 12:16:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740514602; x=1741119402; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=kEz6AnqnSR8tvG6atPUaxmbHfOTowQCVf5thmVQSZ6kIjRxbeK48Q1ia40L2wyNjOs t1LGIdJrDvNqVFEDDIUWQAf+HtOMj4/ZQiya+t6DuQCNestYAOAhhHwmO2woJ2XBIrLC VFR4CM3GYPeI0qEhMekJyizZb94zGZDe9wGuwdOvjCEulaYtPedqmA/nTkWG3BtQtlg2 y9R6ZVnPkHz1+F3jXr643CADxuxT6jpEOinnabQIA4bVQ/H/R7B0sdU6BZoafSpEtjyT dYVWRjiGEGmqVlxUcZ29SoM+FELbXiz9qwN2dcv1WKjN//qyrx5/R11BqHgfZUW8EIsM Cnug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740514602; x=1741119402; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E8P5h61gnv0DfF0R+vjh2CpjgGHUfjM4UjNVV+Pbc34=; b=AL7GD/Wcv2ReTpUvjFbVmmcZqBRp2bwCIH2YDq0fIOr4wLdp6HLM3uA+G+RJ/hGHel +ANZMmEB8B43KFl+wZjlJQiKI7VbYcWaxgnO9uIfo3YkxIVCirlyingXOveh5VfSBXKI DmP8ZclCaqIVTFjLS5NUUMtnTvYXCxbkRw1QZgT1VgQcD9GcpzkfrDkQKTv6wpCtJ0sr aWrZqcMax0tuAxrUF0ZuSQR6SfwfBZu4s35UZTJnzaHHq/CxKzkUqAWekAlGIfqgUy37 D3Lg/yi9J8z+E6dM9ZQ5GAiHoBEGJE/rqgVroQPxAaq/LePkJvp+g4BMUIfr5LltKX/f yuLQ== X-Forwarded-Encrypted: i=1; AJvYcCXJSm7RaJBA3/vlVVZGUx8Tm+8E+u7vcTjUIPdlEiAQwvYTJUVHh6OpCS4woW3Sbwssb6cm/YgP/bEEB7i3QvM=@lists.infradead.org, AJvYcCXhHfUOqaox62AlV4DVgVnokKR+VB0NF4zM6oe1QkqJ+LWRzHqUvc3/nmuUQGJzSFVllFS1zLdmdCP9/Grlgw67@lists.infradead.org X-Gm-Message-State: AOJu0YxfF7PMh7MsvrfkJYELeaGHMtea5PgLEnN6irYVVRkVLSsDeJY6 43l3ZsGKRpe6n5uxUrfZLAJEj+lphnapEBMMlb1WwUztjrvMDOzn X-Gm-Gg: ASbGncuKeD0XDiw9IPSf/lHGK0ut4/VWSan9naeBOspoYqUwUVS1qN+Rc1mmUFJI3xv En0epTuNawkIIIm1Ehc6Sy5QAinYKlDHEYJJn4uhuBrP6skO7G+A8SsiFmK1rNtJDb8VqxgH0g8 R4QA9/IhN5DqpTSCXyIOM8gOLf3ndMhHg31nL76A9lCh5RTPzomLCAPkSV2GyVA8FnfDOBqOBZy D0Oa6p87hpmAijkflfwLQnHZ12bpXqVzjHMY8LhfLwUqSQ1AfQtT3J5KpBjuGU6DZponP17pAVy v89w890WsKAc3pMsJafkIi2c0t1HSDt941SGP+R4yZNVp7MgFcM8qnPr1BEnX5lbWIn1faTCbXe D5aYzuCRQxTAvs9AEdwV2YA/hvuBHp1TXvC8UCuz5n/c= X-Google-Smtp-Source: AGHT+IErCNHvUEetSRKi2Fz/dRzAsZ4C8dWcnPsAPVqwFDmd0GWTebWBy4vbvP5wLftQ4Gc/RXx2yA== X-Received: by 2002:a17:907:7fa4:b0:aba:e1eb:1a90 with SMTP id a640c23a62f3a-abc0abb3bb2mr2093020566b.0.1740514601742; Tue, 25 Feb 2025 12:16:41 -0800 (PST) Received: from corebook.localdomain (2001-1c00-020d-1300-1b1c-4449-176a-89ea.cable.dynamic.v6.ziggo.nl. [2001:1c00:20d:1300:1b1c:4449:176a:89ea]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-abed201218fsm194319666b.104.2025.02.25.12.16.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Feb 2025 12:16:41 -0800 (PST) From: Eric Woudstra To: Andrew Lunn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Pablo Neira Ayuso , Jozsef Kadlecsik , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Matthias Brugger , AngeloGioacchino Del Regno , Kuniyuki Iwashima , Sebastian Andrzej Siewior , Joe Damato , Alexander Lobakin , Vladimir Oltean , "Frank Wunderlich" , Daniel Golle Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Eric Woudstra Subject: [PATCH v7 net-next 14/14] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval() Date: Tue, 25 Feb 2025 21:16:16 +0100 Message-ID: <20250225201616.21114-15-ericwouds@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250225201616.21114-1-ericwouds@gmail.com> References: <20250225201616.21114-1-ericwouds@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250225_121643_491594_15B02101 X-CRM114-Status: GOOD ( 19.67 ) X-BeenThere: linux-mediatek@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-mediatek" Errors-To: linux-mediatek-bounces+linux-mediatek=archiver.kernel.org@lists.infradead.org Edit nft_flow_offload_eval() to make it possible to handle a flowtable of the nft bridge family. Use nft_flow_offload_bridge_init() to fill the flow tuples. It uses nft_dev_fill_bridge_path() in each direction. Signed-off-by: Eric Woudstra --- net/netfilter/nft_flow_offload.c | 142 +++++++++++++++++++++++++++++-- 1 file changed, 137 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index c0c310c569cd..03a0b5f7e8d2 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -193,6 +193,128 @@ static bool nft_flowtable_find_dev(const struct net_device *dev, return found; } +static int nft_dev_fill_bridge_path(struct flow_offload *flow, + struct nft_flowtable *ft, + enum ip_conntrack_dir dir, + const struct net_device *src_dev, + const struct net_device *dst_dev, + unsigned char *src_ha, + unsigned char *dst_ha) +{ + struct flow_offload_tuple_rhash *th = flow->tuplehash; + struct net_device_path_ctx ctx = {}; + struct net_device_path_stack stack; + struct nft_forward_info info = {}; + int i, j = 0; + + for (i = th[dir].tuple.encap_num - 1; i >= 0 ; i--) { + if (info.num_encaps >= NF_FLOW_TABLE_ENCAP_MAX) + return -1; + + if (th[dir].tuple.in_vlan_ingress & BIT(i)) + continue; + + info.encap[info.num_encaps].id = th[dir].tuple.encap[i].id; + info.encap[info.num_encaps].proto = th[dir].tuple.encap[i].proto; + info.num_encaps++; + + if (th[dir].tuple.encap[i].proto == htons(ETH_P_PPP_SES)) + continue; + + if (ctx.num_vlans >= NET_DEVICE_PATH_VLAN_MAX) + return -1; + ctx.vlan[ctx.num_vlans].id = th[dir].tuple.encap[i].id; + ctx.vlan[ctx.num_vlans].proto = th[dir].tuple.encap[i].proto; + ctx.num_vlans++; + } + ctx.dev = src_dev; + ether_addr_copy(ctx.daddr, dst_ha); + + if (dev_fill_bridge_path(&ctx, &stack) < 0) + return -1; + + nft_dev_path_info(&stack, &info, dst_ha, &ft->data); + + if (!info.indev || info.indev != dst_dev) + return -1; + + th[!dir].tuple.iifidx = info.indev->ifindex; + for (i = info.num_encaps - 1; i >= 0; i--) { + th[!dir].tuple.encap[j].id = info.encap[i].id; + th[!dir].tuple.encap[j].proto = info.encap[i].proto; + if (info.ingress_vlans & BIT(i)) + th[!dir].tuple.in_vlan_ingress |= BIT(j); + j++; + } + th[!dir].tuple.encap_num = info.num_encaps; + + th[dir].tuple.mtu = dst_dev->mtu; + ether_addr_copy(th[dir].tuple.out.h_source, src_ha); + ether_addr_copy(th[dir].tuple.out.h_dest, dst_ha); + th[dir].tuple.out.ifidx = info.outdev->ifindex; + th[dir].tuple.xmit_type = FLOW_OFFLOAD_XMIT_DIRECT; + + return 0; +} + +static int nft_flow_offload_bridge_init(struct flow_offload *flow, + const struct nft_pktinfo *pkt, + enum ip_conntrack_dir dir, + struct nft_flowtable *ft) +{ + const struct net_device *in_dev, *out_dev; + struct ethhdr *eth = eth_hdr(pkt->skb); + struct flow_offload_tuple *tuple; + struct pppoe_hdr *phdr; + struct vlan_hdr *vhdr; + int err, i = 0; + + in_dev = nft_in(pkt); + if (!in_dev || !nft_flowtable_find_dev(in_dev, ft)) + return -1; + + out_dev = nft_out(pkt); + if (!out_dev || !nft_flowtable_find_dev(out_dev, ft)) + return -1; + + tuple = &flow->tuplehash[!dir].tuple; + + if (skb_vlan_tag_present(pkt->skb)) { + tuple->encap[i].id = skb_vlan_tag_get(pkt->skb); + tuple->encap[i].proto = pkt->skb->vlan_proto; + i++; + } + switch (pkt->skb->protocol) { + case htons(ETH_P_8021Q): + vhdr = (struct vlan_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(vhdr->h_vlan_TCI); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + case htons(ETH_P_PPP_SES): + phdr = (struct pppoe_hdr *)skb_network_header(pkt->skb); + tuple->encap[i].id = ntohs(phdr->sid); + tuple->encap[i].proto = pkt->skb->protocol; + i++; + break; + } + tuple->encap_num = i; + + err = nft_dev_fill_bridge_path(flow, ft, !dir, out_dev, in_dev, + eth->h_dest, eth->h_source); + if (err < 0) + return err; + + memset(tuple->encap, 0, sizeof(tuple->encap)); + + err = nft_dev_fill_bridge_path(flow, ft, dir, in_dev, out_dev, + eth->h_source, eth->h_dest); + if (err < 0) + return err; + + return 0; +} + static void nft_dev_forward_path(struct nf_flow_route *route, const struct nf_conn *ct, enum ip_conntrack_dir dir, @@ -311,6 +433,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, { struct nft_flow_offload *priv = nft_expr_priv(expr); struct nf_flowtable *flowtable = &priv->flowtable->data; + bool routing = flowtable->type->family != NFPROTO_BRIDGE; struct tcphdr _tcph, *tcph = NULL; struct nf_flow_route route = {}; enum ip_conntrack_info ctinfo; @@ -364,14 +487,21 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, goto out; dir = CTINFO2DIR(ctinfo); - if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) - goto err_flow_route; + if (routing) { + if (nft_flow_route(pkt, ct, &route, dir, priv->flowtable) < 0) + goto err_flow_route; + } flow = flow_offload_alloc(ct); if (!flow) goto err_flow_alloc; - flow_offload_route_init(flow, &route); + if (routing) + flow_offload_route_init(flow, &route); + else + if (nft_flow_offload_bridge_init(flow, pkt, dir, priv->flowtable) < 0) + goto err_flow_add; + if (tcph) flow_offload_ct_tcp(ct); @@ -419,8 +549,10 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, err_flow_add: flow_offload_free(flow); err_flow_alloc: - dst_release(route.tuple[dir].dst); - dst_release(route.tuple[!dir].dst); + if (routing) { + dst_release(route.tuple[dir].dst); + dst_release(route.tuple[!dir].dst); + } err_flow_route: clear_bit(IPS_OFFLOAD_BIT, &ct->status); out: