From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, thomas.lendacky@amd.com,
f.fainelli@gmail.com, ariel.elior@cavium.com,
michael.chan@broadcom.com, santosh@chelsio.com,
madalin.bucur@nxp.com, yisen.zhuang@huawei.com,
salil.mehta@huawei.com, jeffrey.t.kirsher@intel.com,
tariqt@mellanox.com, saeedm@mellanox.com, jiri@mellanox.com,
idosch@mellanox.com, ganeshgr@chelsio.com,
jakub.kicinski@netronome.com, linux-net-drivers@solarflare.com,
peppe.cavallaro@st.com, alexandre.torgue@st.com,
joabreu@synopsys.com, grygorii.strashko@ti.com, andrew@lunn.ch,
vivien.didelot@savoirfairelinux.com
Subject: [PATCH RFC,net-next 03/10] flow_dissector: add flow action infrastructure
Date: Tue, 25 Sep 2018 21:19:54 +0200 [thread overview]
Message-ID: <20180925192001.2482-4-pablo@netfilter.org> (raw)
In-Reply-To: <20180925192001.2482-1-pablo@netfilter.org>
This patch adds new infrastructure that defines actions that you can
perform in existing network drivers. This infrastructure allows us to
avoid the direct dependency with the software TC action infrastructure.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
include/net/flow_dissector.h | 70 ++++++++++++++++++++++++++++++++++++++++++++
net/core/flow_dissector.c | 18 ++++++++++++
2 files changed, 88 insertions(+)
diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h
index 965a82b8d881..925c208816f1 100644
--- a/include/net/flow_dissector.h
+++ b/include/net/flow_dissector.h
@@ -402,8 +402,78 @@ void flow_rule_match_enc_keyid(const struct flow_rule *rule,
void flow_rule_match_enc_opts(const struct flow_rule *rule,
struct flow_match_enc_opts *out);
+enum flow_action_key_id {
+ FLOW_ACTION_KEY_ACCEPT = 0,
+ FLOW_ACTION_KEY_DROP,
+ FLOW_ACTION_KEY_TRAP,
+ FLOW_ACTION_KEY_GOTO,
+ FLOW_ACTION_KEY_REDIRECT,
+ FLOW_ACTION_KEY_MIRRED,
+ FLOW_ACTION_KEY_VLAN_PUSH,
+ FLOW_ACTION_KEY_VLAN_POP,
+ FLOW_ACTION_KEY_VLAN_MANGLE,
+ FLOW_ACTION_KEY_TUNNEL_ENCAP,
+ FLOW_ACTION_KEY_TUNNEL_DECAP,
+ FLOW_ACTION_KEY_MANGLE,
+ FLOW_ACTION_KEY_ADD,
+ FLOW_ACTION_KEY_CSUM,
+ FLOW_ACTION_KEY_MARK,
+};
+
+/* This is mirroring enum pedit_header_type definition for easy mapping between
+ * tc pedit action. Legacy TCA_PEDIT_KEY_EX_HDR_TYPE_NETWORK is mapped to
+ * FLOW_ACT_MANGLE_UNSPEC, which is supported by no driver.
+ */
+enum flow_act_mangle_base {
+ FLOW_ACT_MANGLE_UNSPEC = 0,
+ FLOW_ACT_MANGLE_HDR_TYPE_ETH,
+ FLOW_ACT_MANGLE_HDR_TYPE_IP4,
+ FLOW_ACT_MANGLE_HDR_TYPE_IP6,
+ FLOW_ACT_MANGLE_HDR_TYPE_TCP,
+ FLOW_ACT_MANGLE_HDR_TYPE_UDP,
+};
+
+struct flow_action_key {
+ enum flow_action_key_id id;
+ union {
+ u32 chain_index; /* FLOW_ACTION_KEY_GOTO */
+ struct net_device *dev; /* FLOW_ACTION_KEY_REDIRECT */
+ struct { /* FLOW_ACTION_KEY_VLAN */
+ u16 vid;
+ __be16 proto;
+ u8 prio;
+ } vlan;
+ struct { /* FLOW_ACTION_KEY_PACKET_EDIT */
+ enum flow_act_mangle_base htype;
+ u32 offset;
+ u32 mask;
+ u32 val;
+ } mangle;
+ const struct ip_tunnel_info *tunnel; /* FLOW_ACTION_KEY_TUNNEL_ENCAP */
+ u32 csum_flags; /* FLOW_ACTION_KEY_CSUM */
+ u32 mark; /* FLOW_ACTION_KEY_MARK */
+ };
+};
+
+struct flow_action {
+ int num_keys;
+ struct flow_action_key *keys;
+};
+
+int flow_action_init(struct flow_action *flow_action, int num_acts);
+void flow_action_free(struct flow_action *flow_action);
+
+static inline bool flow_action_has_keys(const struct flow_action *action)
+{
+ return action->num_keys;
+}
+
+#define flow_action_for_each(__i, __act, __actions) \
+ for (__i = 0, __act = &(__actions)->keys[0]; __i < (__actions)->num_keys; __act = &(__actions)->keys[++__i])
+
struct flow_rule {
struct flow_match match;
+ struct flow_action action;
};
static inline bool flow_rule_match_key(const struct flow_rule *rule,
diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index 5a22381efccc..e25b235a8e10 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -195,6 +195,24 @@ void flow_rule_match_enc_opts(const struct flow_rule *rule,
}
EXPORT_SYMBOL(flow_rule_match_enc_opts);
+int flow_action_init(struct flow_action *flow_action, int num_acts)
+{
+ flow_action->keys = kmalloc(sizeof(struct flow_action_key) * num_acts,
+ GFP_KERNEL);
+ if (!flow_action->keys)
+ return -ENOMEM;
+
+ flow_action->num_keys = num_acts;
+ return 0;
+}
+EXPORT_SYMBOL(flow_action_init);
+
+void flow_action_free(struct flow_action *flow_action)
+{
+ kfree(flow_action->keys);
+}
+EXPORT_SYMBOL(flow_action_free);
+
/**
* skb_flow_get_be16 - extract be16 entity
* @skb: sk_buff to extract from
--
2.11.0
next prev parent reply other threads:[~2018-09-26 1:29 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-25 19:19 [PATCH RFC,net-next 00/10] add flow_rule infrastructure Pablo Neira Ayuso
2018-09-25 19:19 ` [PATCH RFC,net-next 01/10] flow_dissector: add flow_rule and flow_match structures and use them Pablo Neira Ayuso
2018-09-25 19:19 ` [PATCH RFC,net-next 02/10] net/mlx5e: allow two independent packet edit actions Pablo Neira Ayuso
2018-09-25 19:19 ` Pablo Neira Ayuso [this message]
2018-09-25 19:19 ` [PATCH RFC,net-next 04/10] cls_flower: add translator to flow_action representation Pablo Neira Ayuso
2018-09-26 15:47 ` Jakub Kicinski
2018-09-25 19:19 ` [PATCH RFC,net-next 05/10] cls_flower: add statistics retrieval infrastructure and use it Pablo Neira Ayuso
2018-09-25 19:19 ` [PATCH RFC,net-next 06/10] drivers: net: use flow action infrastructure Pablo Neira Ayuso
2018-09-25 19:19 ` [PATCH RFC,net-next 07/10] cls_flower: don't expose TC actions to drivers anymore Pablo Neira Ayuso
2018-09-25 19:19 ` [PATCH RFC,net-next 08/10] flow_dissector: add wake-up-on-lan and queue to flow_action Pablo Neira Ayuso
2018-09-26 18:51 ` Florian Fainelli
2018-09-25 19:20 ` [PATCH RFC,net-next 09/10] flow_dissector: add basic ethtool_rx_flow_spec to flow_rule structure translator Pablo Neira Ayuso
2018-09-25 19:20 ` [PATCH RFC,net-next 10/10] dsa: bcm_sf2: use flow_rule infrastructure Pablo Neira Ayuso
2018-09-26 18:41 ` Florian Fainelli
2018-09-26 15:51 ` [PATCH RFC,net-next 00/10] add " Jakub Kicinski
2018-09-26 18:41 ` Florian Fainelli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180925192001.2482-4-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=alexandre.torgue@st.com \
--cc=andrew@lunn.ch \
--cc=ariel.elior@cavium.com \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=ganeshgr@chelsio.com \
--cc=grygorii.strashko@ti.com \
--cc=idosch@mellanox.com \
--cc=jakub.kicinski@netronome.com \
--cc=jeffrey.t.kirsher@intel.com \
--cc=jiri@mellanox.com \
--cc=joabreu@synopsys.com \
--cc=linux-net-drivers@solarflare.com \
--cc=madalin.bucur@nxp.com \
--cc=michael.chan@broadcom.com \
--cc=netdev@vger.kernel.org \
--cc=peppe.cavallaro@st.com \
--cc=saeedm@mellanox.com \
--cc=salil.mehta@huawei.com \
--cc=santosh@chelsio.com \
--cc=tariqt@mellanox.com \
--cc=thomas.lendacky@amd.com \
--cc=vivien.didelot@savoirfairelinux.com \
--cc=yisen.zhuang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).