From: David Ahern <dsahern@kernel.org>
To: netdev@vger.kernel.org, davem@davemloft.net
Cc: David Ahern <dsahern@gmail.com>
Subject: [PATCH v2 net-next 05/11] net/mpls: Plumb support for filtering route dumps
Date: Mon, 15 Oct 2018 18:56:45 -0700 [thread overview]
Message-ID: <20181016015651.22696-6-dsahern@kernel.org> (raw)
In-Reply-To: <20181016015651.22696-1-dsahern@kernel.org>
From: David Ahern <dsahern@gmail.com>
Implement kernel side filtering of routes by egress device index and
protocol. MPLS uses only a single table and route type.
Signed-off-by: David Ahern <dsahern@gmail.com>
---
net/mpls/af_mpls.c | 42 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
index bfcb4759c9ee..48f4cbd9fb38 100644
--- a/net/mpls/af_mpls.c
+++ b/net/mpls/af_mpls.c
@@ -2067,12 +2067,35 @@ static int mpls_valid_fib_dump_req(struct net *net, const struct nlmsghdr *nlh,
}
#endif
+static bool mpls_rt_uses_dev(struct mpls_route *rt,
+ const struct net_device *dev)
+{
+ struct net_device *nh_dev;
+
+ if (rt->rt_nhn == 1) {
+ struct mpls_nh *nh = rt->rt_nh;
+
+ nh_dev = rtnl_dereference(nh->nh_dev);
+ if (dev == nh_dev)
+ return true;
+ } else {
+ for_nexthops(rt) {
+ nh_dev = rtnl_dereference(nh->nh_dev);
+ if (nh_dev == dev)
+ return true;
+ } endfor_nexthops(rt);
+ }
+
+ return false;
+}
+
static int mpls_dump_routes(struct sk_buff *skb, struct netlink_callback *cb)
{
const struct nlmsghdr *nlh = cb->nlh;
struct net *net = sock_net(skb->sk);
struct mpls_route __rcu **platform_label;
struct fib_dump_filter filter = {};
+ unsigned int flags = NLM_F_MULTI;
size_t platform_labels;
unsigned int index;
@@ -2084,6 +2107,14 @@ static int mpls_dump_routes(struct sk_buff *skb, struct netlink_callback *cb)
err = mpls_valid_fib_dump_req(net, nlh, &filter, cb->extack);
if (err < 0)
return err;
+
+ /* for MPLS, there is only 1 table with fixed type and flags.
+ * If either are set in the filter then return nothing.
+ */
+ if ((filter.table_id && filter.table_id != RT_TABLE_MAIN) ||
+ (filter.rt_type && filter.rt_type != RTN_UNICAST) ||
+ filter.flags)
+ return skb->len;
}
index = cb->args[0];
@@ -2092,15 +2123,24 @@ static int mpls_dump_routes(struct sk_buff *skb, struct netlink_callback *cb)
platform_label = rtnl_dereference(net->mpls.platform_label);
platform_labels = net->mpls.platform_labels;
+
+ if (filter.filter_set)
+ flags |= NLM_F_DUMP_FILTERED;
+
for (; index < platform_labels; index++) {
struct mpls_route *rt;
+
rt = rtnl_dereference(platform_label[index]);
if (!rt)
continue;
+ if ((filter.dev && !mpls_rt_uses_dev(rt, filter.dev)) ||
+ (filter.protocol && rt->rt_protocol != filter.protocol))
+ continue;
+
if (mpls_dump_route(skb, NETLINK_CB(cb->skb).portid,
cb->nlh->nlmsg_seq, RTM_NEWROUTE,
- index, rt, NLM_F_MULTI) < 0)
+ index, rt, flags) < 0)
break;
}
cb->args[0] = index;
--
2.11.0
next prev parent reply other threads:[~2018-10-16 9:44 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-16 1:56 [PATCH v2 net-next 00/11] net: Kernel side filtering for route dumps David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 01/11] netlink: Add answer_flags to netlink_callback David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 02/11] net: Add struct for fib dump filter David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 03/11] net/ipv4: Plumb support for filtering route dumps David Ahern
2019-07-19 4:17 ` Hangbin Liu
2019-07-19 16:55 ` David Ahern
2019-07-22 3:00 ` Hangbin Liu
2018-10-16 1:56 ` [PATCH v2 net-next 04/11] net/ipv6: " David Ahern
2018-10-16 1:56 ` David Ahern [this message]
2018-10-16 1:56 ` [PATCH v2 net-next 06/11] ipmr: Refactor mr_rtm_dumproute David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 07/11] net: Plumb support for filtering ipv4 and ipv6 multicast route dumps David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 08/11] net: Enable kernel side filtering of " David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 09/11] net/mpls: Handle " David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 10/11] net/ipv6: Bail early if user only wants cloned entries David Ahern
2018-10-16 1:56 ` [PATCH v2 net-next 11/11] net/ipv4: Bail early if user only wants prefix entries David Ahern
2018-10-16 6:30 ` [PATCH v2 net-next 00/11] net: Kernel side filtering for route dumps David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181016015651.22696-6-dsahern@kernel.org \
--to=dsahern@kernel.org \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).