From: "Michael S. Tsirkin" <mst@redhat.com>
To: Daniel Jurgens <danielj@nvidia.com>
Cc: netdev@vger.kernel.org, jasowang@redhat.com, pabeni@redhat.com,
virtualization@lists.linux.dev, parav@nvidia.com,
shshitrit@nvidia.com, yohadt@nvidia.com,
xuanzhuo@linux.alibaba.com, eperezma@redhat.com, jgg@ziepe.ca,
kevin.tian@intel.com, kuba@kernel.org, andrew+netdev@lunn.ch,
edumazet@google.com
Subject: Re: [PATCH net-next v12 09/12] virtio_net: Implement IPv4 ethtool flow rules
Date: Mon, 24 Nov 2025 16:51:59 -0500 [thread overview]
Message-ID: <20251124164600-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <20251119191524.4572-10-danielj@nvidia.com>
On Wed, Nov 19, 2025 at 01:15:20PM -0600, Daniel Jurgens wrote:
> Add support for IP_USER type rules from ethtool.
>
> Example:
> $ ethtool -U ens9 flow-type ip4 src-ip 192.168.51.101 action -1
> Added rule with ID 1
>
> The example rule will drop packets with the source IP specified.
>
> Signed-off-by: Daniel Jurgens <danielj@nvidia.com>
> Reviewed-by: Parav Pandit <parav@nvidia.com>
> Reviewed-by: Shahar Shitrit <shshitrit@nvidia.com>
> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com>
> ---
> v4:
> - Fixed bug in protocol check of parse_ip4
> - (u8 *) to (void *) casting.
> - Alignment issues.
>
> v12
> - refactor calculate_flow_sizes to remove goto. MST
> - refactor build_and_insert to remove goto validate. MST
> - Move parse_ip4 l3_mask check to TCP/UDP patch. MST
> - Check saddr/daddr mask before copying in parse_ip4. MST
> - Remove tos check in setup_ip_key_mask.
So if user attempts to set a filter by tos now, what blocks it?
because parse_ip4 seems to ignore it ...
> - check l4_4_bytes mask is 0 in setup_ip_key_mask. MST
> - changed return of setup_ip_key_mask to -EINVAL.
> - BUG_ON if key overflows u8 size in calculate_flow_sizes. MST
> ---
> ---
> drivers/net/virtio_net.c | 119 +++++++++++++++++++++++++++++++++++++--
> 1 file changed, 113 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
> index 5e49cd78904f..b0b9972fe624 100644
> --- a/drivers/net/virtio_net.c
> +++ b/drivers/net/virtio_net.c
> @@ -5894,6 +5894,34 @@ static bool validate_eth_mask(const struct virtnet_ff *ff,
> return true;
> }
>
> +static bool validate_ip4_mask(const struct virtnet_ff *ff,
> + const struct virtio_net_ff_selector *sel,
> + const struct virtio_net_ff_selector *sel_cap)
> +{
> + bool partial_mask = !!(sel_cap->flags & VIRTIO_NET_FF_MASK_F_PARTIAL_MASK);
> + struct iphdr *cap, *mask;
> +
> + cap = (struct iphdr *)&sel_cap->mask;
> + mask = (struct iphdr *)&sel->mask;
> +
> + if (mask->saddr &&
> + !check_mask_vs_cap(&mask->saddr, &cap->saddr,
> + sizeof(__be32), partial_mask))
> + return false;
> +
> + if (mask->daddr &&
> + !check_mask_vs_cap(&mask->daddr, &cap->daddr,
> + sizeof(__be32), partial_mask))
> + return false;
> +
> + if (mask->protocol &&
> + !check_mask_vs_cap(&mask->protocol, &cap->protocol,
> + sizeof(u8), partial_mask))
> + return false;
> +
> + return true;
> +}
> +
> static bool validate_mask(const struct virtnet_ff *ff,
> const struct virtio_net_ff_selector *sel)
> {
> @@ -5905,11 +5933,36 @@ static bool validate_mask(const struct virtnet_ff *ff,
> switch (sel->type) {
> case VIRTIO_NET_FF_MASK_TYPE_ETH:
> return validate_eth_mask(ff, sel, sel_cap);
> +
> + case VIRTIO_NET_FF_MASK_TYPE_IPV4:
> + return validate_ip4_mask(ff, sel, sel_cap);
> }
>
> return false;
> }
>
> +static void parse_ip4(struct iphdr *mask, struct iphdr *key,
> + const struct ethtool_rx_flow_spec *fs)
> +{
> + const struct ethtool_usrip4_spec *l3_mask = &fs->m_u.usr_ip4_spec;
> + const struct ethtool_usrip4_spec *l3_val = &fs->h_u.usr_ip4_spec;
> +
> + if (mask->saddr) {
> + mask->saddr = l3_mask->ip4src;
> + key->saddr = l3_val->ip4src;
> + }
So if mast->saddr is already set you over-write it?
But what sets it? Don't you really mean l3_mask->ip4src maybe?
> +
> + if (mask->daddr) {
> + mask->daddr = l3_mask->ip4dst;
> + key->daddr = l3_val->ip4dst;
> + }
> +}
Same question.
next prev parent reply other threads:[~2025-11-24 21:52 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-19 19:15 [PATCH net-next v12 00/12] virtio_net: Add ethtool flow rules support Daniel Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 01/12] virtio_pci: Remove supported_cap size build assert Daniel Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 02/12] virtio: Add config_op for admin commands Daniel Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 03/12] virtio: Expose generic device capability operations Daniel Jurgens
2025-11-24 20:30 ` Michael S. Tsirkin
2025-11-24 22:24 ` Dan Jurgens
2025-11-24 22:27 ` Michael S. Tsirkin
2025-11-19 19:15 ` [PATCH net-next v12 04/12] virtio: Expose object create and destroy API Daniel Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 05/12] virtio_net: Query and set flow filter caps Daniel Jurgens
2025-11-20 1:51 ` Jakub Kicinski
2025-11-20 15:39 ` Dan Jurgens
2025-11-24 21:01 ` Michael S. Tsirkin
2025-11-25 0:05 ` Dan Jurgens
2025-11-24 22:54 ` Michael S. Tsirkin
2025-11-26 6:11 ` Dan Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 06/12] virtio_net: Create a FF group for ethtool steering Daniel Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 07/12] virtio_net: Implement layer 2 ethtool flow rules Daniel Jurgens
2025-11-24 21:05 ` Michael S. Tsirkin
2025-11-26 16:25 ` Dan Jurgens
2025-11-26 18:00 ` Michael S. Tsirkin
2025-11-25 14:25 ` Michael S. Tsirkin
2025-11-25 15:39 ` Dan Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 08/12] virtio_net: Use existing classifier if possible Daniel Jurgens
2025-11-24 22:04 ` Michael S. Tsirkin
2025-11-24 22:31 ` Dan Jurgens
2025-11-24 22:38 ` Michael S. Tsirkin
2025-11-19 19:15 ` [PATCH net-next v12 09/12] virtio_net: Implement IPv4 ethtool flow rules Daniel Jurgens
2025-11-24 21:51 ` Michael S. Tsirkin [this message]
2025-11-24 22:41 ` Dan Jurgens
2025-11-26 5:48 ` Dan Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 10/12] virtio_net: Add support for IPv6 ethtool steering Daniel Jurgens
2025-11-24 21:59 ` Michael S. Tsirkin
2025-11-24 23:04 ` Dan Jurgens
2025-11-24 23:12 ` Michael S. Tsirkin
2025-11-25 0:10 ` Dan Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 11/12] virtio_net: Add support for TCP and UDP ethtool rules Daniel Jurgens
2025-11-24 22:02 ` Michael S. Tsirkin
2025-11-24 22:47 ` Dan Jurgens
2025-11-19 19:15 ` [PATCH net-next v12 12/12] virtio_net: Add get ethtool flow rules ops Daniel Jurgens
2025-11-19 20:22 ` [PATCH net-next v12 00/12] virtio_net: Add ethtool flow rules support Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251124164600-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=andrew+netdev@lunn.ch \
--cc=danielj@nvidia.com \
--cc=edumazet@google.com \
--cc=eperezma@redhat.com \
--cc=jasowang@redhat.com \
--cc=jgg@ziepe.ca \
--cc=kevin.tian@intel.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=parav@nvidia.com \
--cc=shshitrit@nvidia.com \
--cc=virtualization@lists.linux.dev \
--cc=xuanzhuo@linux.alibaba.com \
--cc=yohadt@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.