* [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage
@ 2024-07-09 16:38 Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 01/10] net/sched: flower: refactor control flag definitions Asbjørn Sloth Tønnesen
` (10 more replies)
0 siblings, 11 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
This series reworks the recently added TCA_FLOWER_KEY_ENC_FLAGS
attribute, to be more like TCA_FLOWER_KEY_FLAGS, and use the unused
u32 flags field in FLOW_DISSECTOR_KEY_ENC_CONTROL, instead of adding
a new flags field as FLOW_DISSECTOR_KEY_ENC_FLAGS.
I have defined the new FLOW_DIS_F_* and TCA_FLOWER_KEY_FLAGS_*
flags to co-exist with the existing flags, so the meaning
of the flags field in struct flow_dissector_key_control is not
depending on the context it is used in. If we run out of bits
then we can always split them up later, if we really want to.
Future flags might also be valid in both contexts.
iproute2 RFC patch: (needs update of uAPI headers)
https://lore.kernel.org/897379f1850a50d8c320ca3facd06c5f03943bac.1719506876.git.dcaratti@redhat.com/
---
Changelog:
v3:
- Retitle patch 1 (tunnel flags -> control flags)
v2: https://lore.kernel.org/20240705133348.728901-1-ast@fiberby.net/
- Refactor flower control flag definitions
(requested by Jakub and Alexander)
- Add Tested-by from Davide Caratti on patch 3-10.
v1: https://lore.kernel.org/20240703104600.455125-1-ast@fiberby.net/
- Change netlink attribute type from NLA_U32 to NLA_BE32.
- Ensure that the FLOW_DISSECTOR_KEY_ENC_CONTROL
is also masked for non-IP.
- Fix preexisting typo in kdoc for struct flow_dissector_key_control
(all suggested by Davide)
RFC: https://lore.kernel.org/20240611235355.177667-1-ast@fiberby.net/
Asbjørn Sloth Tønnesen (10):
net/sched: flower: refactor control flag definitions
net/sched: flower: define new tunnel flags
net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS
net/sched: cls_flower: add policy for TCA_FLOWER_KEY_FLAGS
flow_dissector: prepare for encapsulated control flags
flow_dissector: set encapsulated control flags from tun_flags
net/sched: cls_flower: add tunnel flags to fl_{set,dump}_key_flags()
net/sched: cls_flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage
flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS
flow_dissector: set encapsulation control flags for non-IP
include/net/flow_dissector.h | 30 ++++----
include/net/ip_tunnels.h | 12 ---
include/uapi/linux/pkt_cls.h | 11 ++-
net/core/flow_dissector.c | 50 ++++++------
net/sched/cls_flower.c | 142 ++++++++++++++++++++---------------
5 files changed, 135 insertions(+), 110 deletions(-)
--
2.45.2
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH net-next v3 01/10] net/sched: flower: refactor control flag definitions
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 02/10] net/sched: flower: define new tunnel flags Asbjørn Sloth Tønnesen
` (9 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Redefine the flower control flags as an enum, so they are
included in BTF info.
Make the kernel-side enum a more explicit superset of
TCA_FLOWER_KEY_FLAGS_*, new flags still need to be added to
both enums, but at least the bit position only has to be
defined once.
FLOW_DIS_ENCAPSULATION is never set for mask, so it can't be
exposed to userspace in an unsupported flags mask error message,
so it will be placed one bit position above the last uAPI flag.
Suggested-by: Alexander Lobakin <aleksander.lobakin@intel.com>
Suggested-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
---
include/net/flow_dissector.h | 14 +++++++++++---
include/uapi/linux/pkt_cls.h | 3 +++
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h
index 3e47e123934d4..c3fce070b9129 100644
--- a/include/net/flow_dissector.h
+++ b/include/net/flow_dissector.h
@@ -7,6 +7,7 @@
#include <linux/siphash.h>
#include <linux/string.h>
#include <uapi/linux/if_ether.h>
+#include <uapi/linux/pkt_cls.h>
struct bpf_prog;
struct net;
@@ -24,9 +25,16 @@ struct flow_dissector_key_control {
u32 flags;
};
-#define FLOW_DIS_IS_FRAGMENT BIT(0)
-#define FLOW_DIS_FIRST_FRAG BIT(1)
-#define FLOW_DIS_ENCAPSULATION BIT(2)
+/* The control flags are kept in sync with TCA_FLOWER_KEY_FLAGS_*, as those
+ * flags are exposed to userspace in some error paths, ie. unsupported flags.
+ */
+enum flow_dissector_ctrl_flags {
+ FLOW_DIS_IS_FRAGMENT = TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT,
+ FLOW_DIS_FIRST_FRAG = TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST,
+
+ /* These flags are internal to the kernel */
+ FLOW_DIS_ENCAPSULATION = (TCA_FLOWER_KEY_FLAGS_MAX << 1),
+};
enum flow_dissect_ret {
FLOW_DISSECT_RET_OUT_GOOD,
diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h
index b6d38f5fd7c05..12db276f0c11e 100644
--- a/include/uapi/linux/pkt_cls.h
+++ b/include/uapi/linux/pkt_cls.h
@@ -677,8 +677,11 @@ enum {
enum {
TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT = (1 << 0),
TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST = (1 << 1),
+ __TCA_FLOWER_KEY_FLAGS_MAX,
};
+#define TCA_FLOWER_KEY_FLAGS_MAX (__TCA_FLOWER_KEY_FLAGS_MAX - 1)
+
enum {
TCA_FLOWER_KEY_CFM_OPT_UNSPEC,
TCA_FLOWER_KEY_CFM_MD_LEVEL,
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 02/10] net/sched: flower: define new tunnel flags
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 01/10] net/sched: flower: refactor control flag definitions Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS Asbjørn Sloth Tønnesen
` (8 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Define new TCA_FLOWER_KEY_FLAGS_* flags for use in struct
flow_dissector_key_control, covering the same flags as
currently exposed through TCA_FLOWER_KEY_ENC_FLAGS.
Put the new flags under FLOW_DIS_F_*. The idea is that we can
later, move the existing flags under FLOW_DIS_F_* as well.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
---
include/net/flow_dissector.h | 7 ++++++-
include/uapi/linux/pkt_cls.h | 4 ++++
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h
index c3fce070b9129..460ea65b9e592 100644
--- a/include/net/flow_dissector.h
+++ b/include/net/flow_dissector.h
@@ -17,7 +17,8 @@ struct sk_buff;
* struct flow_dissector_key_control:
* @thoff: Transport header offset
* @addr_type: Type of key. One of FLOW_DISSECTOR_KEY_*
- * @flags: Key flags. Any of FLOW_DIS_(IS_FRAGMENT|FIRST_FRAGENCAPSULATION)
+ * @flags: Key flags.
+ * Any of FLOW_DIS_(IS_FRAGMENT|FIRST_FRAG|ENCAPSULATION|F_*)
*/
struct flow_dissector_key_control {
u16 thoff;
@@ -31,6 +32,10 @@ struct flow_dissector_key_control {
enum flow_dissector_ctrl_flags {
FLOW_DIS_IS_FRAGMENT = TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT,
FLOW_DIS_FIRST_FRAG = TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST,
+ FLOW_DIS_F_TUNNEL_CSUM = TCA_FLOWER_KEY_FLAGS_TUNNEL_CSUM,
+ FLOW_DIS_F_TUNNEL_DONT_FRAGMENT = TCA_FLOWER_KEY_FLAGS_TUNNEL_DONT_FRAGMENT,
+ FLOW_DIS_F_TUNNEL_OAM = TCA_FLOWER_KEY_FLAGS_TUNNEL_OAM,
+ FLOW_DIS_F_TUNNEL_CRIT_OPT = TCA_FLOWER_KEY_FLAGS_TUNNEL_CRIT_OPT,
/* These flags are internal to the kernel */
FLOW_DIS_ENCAPSULATION = (TCA_FLOWER_KEY_FLAGS_MAX << 1),
diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h
index 12db276f0c11e..3dc4388e944cb 100644
--- a/include/uapi/linux/pkt_cls.h
+++ b/include/uapi/linux/pkt_cls.h
@@ -677,6 +677,10 @@ enum {
enum {
TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT = (1 << 0),
TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST = (1 << 1),
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CSUM = (1 << 2),
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_DONT_FRAGMENT = (1 << 3),
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_OAM = (1 << 4),
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CRIT_OPT = (1 << 5),
__TCA_FLOWER_KEY_FLAGS_MAX,
};
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 01/10] net/sched: flower: refactor control flag definitions Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 02/10] net/sched: flower: define new tunnel flags Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-12 1:54 ` Jakub Kicinski
2024-07-09 16:38 ` [PATCH net-next v3 04/10] net/sched: cls_flower: add policy for TCA_FLOWER_KEY_FLAGS Asbjørn Sloth Tønnesen
` (7 subsequent siblings)
10 siblings, 1 reply; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Prepare fl_set_key_flags/fl_dump_key_flags() for use with
TCA_FLOWER_KEY_ENC_FLAGS{,_MASK}.
This patch adds an encap argument, similar to fl_set_key_ip/
fl_dump_key_ip(), and determine the flower keys based on the
encap argument, and use them in the rest of the two functions.
Since these functions are so far, only called with encap set false,
then there is no functional change.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
net/sched/cls_flower.c | 40 ++++++++++++++++++++++++++++++----------
1 file changed, 30 insertions(+), 10 deletions(-)
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index eef570c577ac7..6a5cecfd95619 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -1166,19 +1166,28 @@ static void fl_set_key_flag(u32 flower_key, u32 flower_mask,
}
}
-static int fl_set_key_flags(struct nlattr **tb, u32 *flags_key,
+static int fl_set_key_flags(struct nlattr **tb, bool encap, u32 *flags_key,
u32 *flags_mask, struct netlink_ext_ack *extack)
{
+ int fl_key, fl_mask;
u32 key, mask;
+ if (encap) {
+ fl_key = TCA_FLOWER_KEY_ENC_FLAGS;
+ fl_mask = TCA_FLOWER_KEY_ENC_FLAGS_MASK;
+ } else {
+ fl_key = TCA_FLOWER_KEY_FLAGS;
+ fl_mask = TCA_FLOWER_KEY_FLAGS_MASK;
+ }
+
/* mask is mandatory for flags */
- if (!tb[TCA_FLOWER_KEY_FLAGS_MASK]) {
+ if (NL_REQ_ATTR_CHECK(extack, NULL, tb, fl_mask)) {
NL_SET_ERR_MSG(extack, "Missing flags mask");
return -EINVAL;
}
- key = be32_to_cpu(nla_get_be32(tb[TCA_FLOWER_KEY_FLAGS]));
- mask = be32_to_cpu(nla_get_be32(tb[TCA_FLOWER_KEY_FLAGS_MASK]));
+ key = be32_to_cpu(nla_get_be32(tb[fl_key]));
+ mask = be32_to_cpu(nla_get_be32(tb[fl_mask]));
*flags_key = 0;
*flags_mask = 0;
@@ -2086,7 +2095,7 @@ static int fl_set_key(struct net *net, struct nlattr **tb,
return ret;
if (tb[TCA_FLOWER_KEY_FLAGS]) {
- ret = fl_set_key_flags(tb, &key->control.flags,
+ ret = fl_set_key_flags(tb, false, &key->control.flags,
&mask->control.flags, extack);
if (ret)
return ret;
@@ -3084,12 +3093,22 @@ static void fl_get_key_flag(u32 dissector_key, u32 dissector_mask,
}
}
-static int fl_dump_key_flags(struct sk_buff *skb, u32 flags_key, u32 flags_mask)
+static int fl_dump_key_flags(struct sk_buff *skb, bool encap,
+ u32 flags_key, u32 flags_mask)
{
- u32 key, mask;
+ int fl_key, fl_mask;
__be32 _key, _mask;
+ u32 key, mask;
int err;
+ if (encap) {
+ fl_key = TCA_FLOWER_KEY_ENC_FLAGS;
+ fl_mask = TCA_FLOWER_KEY_ENC_FLAGS_MASK;
+ } else {
+ fl_key = TCA_FLOWER_KEY_FLAGS;
+ fl_mask = TCA_FLOWER_KEY_FLAGS_MASK;
+ }
+
if (!memchr_inv(&flags_mask, 0, sizeof(flags_mask)))
return 0;
@@ -3105,11 +3124,11 @@ static int fl_dump_key_flags(struct sk_buff *skb, u32 flags_key, u32 flags_mask)
_key = cpu_to_be32(key);
_mask = cpu_to_be32(mask);
- err = nla_put(skb, TCA_FLOWER_KEY_FLAGS, 4, &_key);
+ err = nla_put(skb, fl_key, 4, &_key);
if (err)
return err;
- return nla_put(skb, TCA_FLOWER_KEY_FLAGS_MASK, 4, &_mask);
+ return nla_put(skb, fl_mask, 4, &_mask);
}
static int fl_dump_key_geneve_opt(struct sk_buff *skb,
@@ -3632,7 +3651,8 @@ static int fl_dump_key(struct sk_buff *skb, struct net *net,
if (fl_dump_key_ct(skb, &key->ct, &mask->ct))
goto nla_put_failure;
- if (fl_dump_key_flags(skb, key->control.flags, mask->control.flags))
+ if (fl_dump_key_flags(skb, false, key->control.flags,
+ mask->control.flags))
goto nla_put_failure;
if (fl_dump_key_val(skb, &key->hash.hash, TCA_FLOWER_KEY_HASH,
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 04/10] net/sched: cls_flower: add policy for TCA_FLOWER_KEY_FLAGS
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (2 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 05/10] flow_dissector: prepare for encapsulated control flags Asbjørn Sloth Tønnesen
` (6 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
This policy guards fl_set_key_flags() from seeing flags
not used in the context of TCA_FLOWER_KEY_FLAGS.
In order For the policy check to be performed with the
correct endianness, then we also needs to change the
attribute type to NLA_BE32 (Thanks Davide).
TCA_FLOWER_KEY_FLAGS{,_MASK} already has a be32 comment
in include/uapi/linux/pkt_cls.h.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
net/sched/cls_flower.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index 6a5cecfd95619..fc9a9a0b4897c 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -41,6 +41,10 @@
#define TCA_FLOWER_KEY_CT_FLAGS_MASK \
(TCA_FLOWER_KEY_CT_FLAGS_MAX - 1)
+#define TCA_FLOWER_KEY_FLAGS_POLICY_MASK \
+ (TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT | \
+ TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST)
+
#define TUNNEL_FLAGS_PRESENT (\
_BITUL(IP_TUNNEL_CSUM_BIT) | \
_BITUL(IP_TUNNEL_DONT_FRAGMENT_BIT) | \
@@ -676,8 +680,10 @@ static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
[TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK] = { .type = NLA_U16 },
[TCA_FLOWER_KEY_ENC_UDP_DST_PORT] = { .type = NLA_U16 },
[TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK] = { .type = NLA_U16 },
- [TCA_FLOWER_KEY_FLAGS] = { .type = NLA_U32 },
- [TCA_FLOWER_KEY_FLAGS_MASK] = { .type = NLA_U32 },
+ [TCA_FLOWER_KEY_FLAGS] = NLA_POLICY_MASK(NLA_BE32,
+ TCA_FLOWER_KEY_FLAGS_POLICY_MASK),
+ [TCA_FLOWER_KEY_FLAGS_MASK] = NLA_POLICY_MASK(NLA_BE32,
+ TCA_FLOWER_KEY_FLAGS_POLICY_MASK),
[TCA_FLOWER_KEY_ICMPV4_TYPE] = { .type = NLA_U8 },
[TCA_FLOWER_KEY_ICMPV4_TYPE_MASK] = { .type = NLA_U8 },
[TCA_FLOWER_KEY_ICMPV4_CODE] = { .type = NLA_U8 },
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 05/10] flow_dissector: prepare for encapsulated control flags
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (3 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 04/10] net/sched: cls_flower: add policy for TCA_FLOWER_KEY_FLAGS Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 06/10] flow_dissector: set encapsulated control flags from tun_flags Asbjørn Sloth Tønnesen
` (5 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Rename skb_flow_dissect_set_enc_addr_type() to
skb_flow_dissect_set_enc_control(), and make it set both
addr_type and flags in FLOW_DISSECTOR_KEY_ENC_CONTROL.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
net/core/flow_dissector.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index e64a263798070..1614c6708ea7c 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -299,9 +299,10 @@ void skb_flow_dissect_meta(const struct sk_buff *skb,
EXPORT_SYMBOL(skb_flow_dissect_meta);
static void
-skb_flow_dissect_set_enc_addr_type(enum flow_dissector_key_id type,
- struct flow_dissector *flow_dissector,
- void *target_container)
+skb_flow_dissect_set_enc_control(enum flow_dissector_key_id type,
+ u32 ctrl_flags,
+ struct flow_dissector *flow_dissector,
+ void *target_container)
{
struct flow_dissector_key_control *ctrl;
@@ -312,6 +313,7 @@ skb_flow_dissect_set_enc_addr_type(enum flow_dissector_key_id type,
FLOW_DISSECTOR_KEY_ENC_CONTROL,
target_container);
ctrl->addr_type = type;
+ ctrl->flags = ctrl_flags;
}
void
@@ -367,6 +369,7 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
{
struct ip_tunnel_info *info;
struct ip_tunnel_key *key;
+ u32 ctrl_flags = 0;
/* A quick check to see if there might be something to do. */
if (!dissector_uses_key(flow_dissector,
@@ -395,9 +398,9 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
switch (ip_tunnel_info_af(info)) {
case AF_INET:
- skb_flow_dissect_set_enc_addr_type(FLOW_DISSECTOR_KEY_IPV4_ADDRS,
- flow_dissector,
- target_container);
+ skb_flow_dissect_set_enc_control(FLOW_DISSECTOR_KEY_IPV4_ADDRS,
+ ctrl_flags, flow_dissector,
+ target_container);
if (dissector_uses_key(flow_dissector,
FLOW_DISSECTOR_KEY_ENC_IPV4_ADDRS)) {
struct flow_dissector_key_ipv4_addrs *ipv4;
@@ -410,9 +413,9 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
}
break;
case AF_INET6:
- skb_flow_dissect_set_enc_addr_type(FLOW_DISSECTOR_KEY_IPV6_ADDRS,
- flow_dissector,
- target_container);
+ skb_flow_dissect_set_enc_control(FLOW_DISSECTOR_KEY_IPV6_ADDRS,
+ ctrl_flags, flow_dissector,
+ target_container);
if (dissector_uses_key(flow_dissector,
FLOW_DISSECTOR_KEY_ENC_IPV6_ADDRS)) {
struct flow_dissector_key_ipv6_addrs *ipv6;
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 06/10] flow_dissector: set encapsulated control flags from tun_flags
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (4 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 05/10] flow_dissector: prepare for encapsulated control flags Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 07/10] net/sched: cls_flower: add tunnel flags to fl_{set,dump}_key_flags() Asbjørn Sloth Tønnesen
` (4 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Set the new FLOW_DIS_F_TUNNEL_* encapsulated control flags, based
on if their counter-part is set in tun_flags.
These flags are not userspace visible yet, as the code to dump
encapsulated control flags will first be added, and later activated
in the following patches.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
net/core/flow_dissector.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index 1614c6708ea7c..a0263a4c5489e 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -396,6 +396,15 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
key = &info->key;
+ if (test_bit(IP_TUNNEL_CSUM_BIT, key->tun_flags))
+ ctrl_flags |= FLOW_DIS_F_TUNNEL_CSUM;
+ if (test_bit(IP_TUNNEL_DONT_FRAGMENT_BIT, key->tun_flags))
+ ctrl_flags |= FLOW_DIS_F_TUNNEL_DONT_FRAGMENT;
+ if (test_bit(IP_TUNNEL_OAM_BIT, key->tun_flags))
+ ctrl_flags |= FLOW_DIS_F_TUNNEL_OAM;
+ if (test_bit(IP_TUNNEL_CRIT_OPT_BIT, key->tun_flags))
+ ctrl_flags |= FLOW_DIS_F_TUNNEL_CRIT_OPT;
+
switch (ip_tunnel_info_af(info)) {
case AF_INET:
skb_flow_dissect_set_enc_control(FLOW_DISSECTOR_KEY_IPV4_ADDRS,
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 07/10] net/sched: cls_flower: add tunnel flags to fl_{set,dump}_key_flags()
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (5 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 06/10] flow_dissector: set encapsulated control flags from tun_flags Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 08/10] net/sched: cls_flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (3 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Prepare to set and dump the tunnel flags.
This code won't see any of these flags yet, as these flags
aren't allowed by the NLA_POLICY_MASK, and the functions
doesn't get called with encap set to true yet.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
net/sched/cls_flower.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index fc9a9a0b4897c..2a440f11fe1fa 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -1204,6 +1204,21 @@ static int fl_set_key_flags(struct nlattr **tb, bool encap, u32 *flags_key,
TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST,
FLOW_DIS_FIRST_FRAG);
+ fl_set_key_flag(key, mask, flags_key, flags_mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CSUM,
+ FLOW_DIS_F_TUNNEL_CSUM);
+
+ fl_set_key_flag(key, mask, flags_key, flags_mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_DONT_FRAGMENT,
+ FLOW_DIS_F_TUNNEL_DONT_FRAGMENT);
+
+ fl_set_key_flag(key, mask, flags_key, flags_mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_OAM, FLOW_DIS_F_TUNNEL_OAM);
+
+ fl_set_key_flag(key, mask, flags_key, flags_mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CRIT_OPT,
+ FLOW_DIS_F_TUNNEL_CRIT_OPT);
+
return 0;
}
@@ -3127,6 +3142,21 @@ static int fl_dump_key_flags(struct sk_buff *skb, bool encap,
TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST,
FLOW_DIS_FIRST_FRAG);
+ fl_get_key_flag(flags_key, flags_mask, &key, &mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CSUM,
+ FLOW_DIS_F_TUNNEL_CSUM);
+
+ fl_get_key_flag(flags_key, flags_mask, &key, &mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_DONT_FRAGMENT,
+ FLOW_DIS_F_TUNNEL_DONT_FRAGMENT);
+
+ fl_get_key_flag(flags_key, flags_mask, &key, &mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_OAM, FLOW_DIS_F_TUNNEL_OAM);
+
+ fl_get_key_flag(flags_key, flags_mask, &key, &mask,
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CRIT_OPT,
+ FLOW_DIS_F_TUNNEL_CRIT_OPT);
+
_key = cpu_to_be32(key);
_mask = cpu_to_be32(mask);
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 08/10] net/sched: cls_flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (6 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 07/10] net/sched: cls_flower: add tunnel flags to fl_{set,dump}_key_flags() Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 09/10] flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS Asbjørn Sloth Tønnesen
` (2 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
This patch changes how TCA_FLOWER_KEY_ENC_FLAGS is used, so that
it is used with TCA_FLOWER_KEY_FLAGS_* flags, in the same way as
TCA_FLOWER_KEY_FLAGS is currently used.
Where TCA_FLOWER_KEY_FLAGS uses {key,mask}->control.flags, then
TCA_FLOWER_KEY_ENC_FLAGS now uses {key,mask}->enc_control.flags,
therefore {key,mask}->enc_flags is now unused.
As the generic fl_set_key_flags/fl_dump_key_flags() is used with
encap set to true, then fl_{set,dump}_key_enc_flags() is removed.
This breaks unreleased userspace API (net-next since 2024-06-04).
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
include/uapi/linux/pkt_cls.h | 4 +--
net/sched/cls_flower.c | 56 +++++++++---------------------------
2 files changed, 15 insertions(+), 45 deletions(-)
diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h
index 3dc4388e944cb..d36d9cdf0c008 100644
--- a/include/uapi/linux/pkt_cls.h
+++ b/include/uapi/linux/pkt_cls.h
@@ -554,8 +554,8 @@ enum {
TCA_FLOWER_KEY_SPI, /* be32 */
TCA_FLOWER_KEY_SPI_MASK, /* be32 */
- TCA_FLOWER_KEY_ENC_FLAGS, /* u32 */
- TCA_FLOWER_KEY_ENC_FLAGS_MASK, /* u32 */
+ TCA_FLOWER_KEY_ENC_FLAGS, /* be32 */
+ TCA_FLOWER_KEY_ENC_FLAGS_MASK, /* be32 */
__TCA_FLOWER_MAX,
};
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index 2a440f11fe1fa..e2239ab013555 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -45,11 +45,11 @@
(TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT | \
TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST)
-#define TUNNEL_FLAGS_PRESENT (\
- _BITUL(IP_TUNNEL_CSUM_BIT) | \
- _BITUL(IP_TUNNEL_DONT_FRAGMENT_BIT) | \
- _BITUL(IP_TUNNEL_OAM_BIT) | \
- _BITUL(IP_TUNNEL_CRIT_OPT_BIT))
+#define TCA_FLOWER_KEY_ENC_FLAGS_POLICY_MASK \
+ (TCA_FLOWER_KEY_FLAGS_TUNNEL_CSUM | \
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_DONT_FRAGMENT | \
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_OAM | \
+ TCA_FLOWER_KEY_FLAGS_TUNNEL_CRIT_OPT)
struct fl_flow_key {
struct flow_dissector_key_meta meta;
@@ -745,10 +745,10 @@ static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
[TCA_FLOWER_KEY_SPI_MASK] = { .type = NLA_U32 },
[TCA_FLOWER_L2_MISS] = NLA_POLICY_MAX(NLA_U8, 1),
[TCA_FLOWER_KEY_CFM] = { .type = NLA_NESTED },
- [TCA_FLOWER_KEY_ENC_FLAGS] = NLA_POLICY_MASK(NLA_U32,
- TUNNEL_FLAGS_PRESENT),
- [TCA_FLOWER_KEY_ENC_FLAGS_MASK] = NLA_POLICY_MASK(NLA_U32,
- TUNNEL_FLAGS_PRESENT),
+ [TCA_FLOWER_KEY_ENC_FLAGS] = NLA_POLICY_MASK(NLA_BE32,
+ TCA_FLOWER_KEY_ENC_FLAGS_POLICY_MASK),
+ [TCA_FLOWER_KEY_ENC_FLAGS_MASK] = NLA_POLICY_MASK(NLA_BE32,
+ TCA_FLOWER_KEY_ENC_FLAGS_POLICY_MASK),
};
static const struct nla_policy
@@ -1866,21 +1866,6 @@ static int fl_set_key_cfm(struct nlattr **tb,
return 0;
}
-static int fl_set_key_enc_flags(struct nlattr **tb, u32 *flags_key,
- u32 *flags_mask, struct netlink_ext_ack *extack)
-{
- /* mask is mandatory for flags */
- if (NL_REQ_ATTR_CHECK(extack, NULL, tb, TCA_FLOWER_KEY_ENC_FLAGS_MASK)) {
- NL_SET_ERR_MSG(extack, "missing enc_flags mask");
- return -EINVAL;
- }
-
- *flags_key = nla_get_u32(tb[TCA_FLOWER_KEY_ENC_FLAGS]);
- *flags_mask = nla_get_u32(tb[TCA_FLOWER_KEY_ENC_FLAGS_MASK]);
-
- return 0;
-}
-
static int fl_set_key(struct net *net, struct nlattr **tb,
struct fl_flow_key *key, struct fl_flow_key *mask,
struct netlink_ext_ack *extack)
@@ -2123,8 +2108,8 @@ static int fl_set_key(struct net *net, struct nlattr **tb,
}
if (tb[TCA_FLOWER_KEY_ENC_FLAGS])
- ret = fl_set_key_enc_flags(tb, &key->enc_flags.flags,
- &mask->enc_flags.flags, extack);
+ ret = fl_set_key_flags(tb, true, &key->enc_control.flags,
+ &mask->enc_control.flags, extack);
return ret;
}
@@ -3381,22 +3366,6 @@ static int fl_dump_key_cfm(struct sk_buff *skb,
return err;
}
-static int fl_dump_key_enc_flags(struct sk_buff *skb,
- struct flow_dissector_key_enc_flags *key,
- struct flow_dissector_key_enc_flags *mask)
-{
- if (!memchr_inv(mask, 0, sizeof(*mask)))
- return 0;
-
- if (nla_put_u32(skb, TCA_FLOWER_KEY_ENC_FLAGS, key->flags))
- return -EMSGSIZE;
-
- if (nla_put_u32(skb, TCA_FLOWER_KEY_ENC_FLAGS_MASK, mask->flags))
- return -EMSGSIZE;
-
- return 0;
-}
-
static int fl_dump_key_options(struct sk_buff *skb, int enc_opt_type,
struct flow_dissector_key_enc_opts *enc_opts)
{
@@ -3699,7 +3668,8 @@ static int fl_dump_key(struct sk_buff *skb, struct net *net,
if (fl_dump_key_cfm(skb, &key->cfm, &mask->cfm))
goto nla_put_failure;
- if (fl_dump_key_enc_flags(skb, &key->enc_flags, &mask->enc_flags))
+ if (fl_dump_key_flags(skb, true, key->enc_control.flags,
+ mask->enc_control.flags))
goto nla_put_failure;
return 0;
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 09/10] flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (7 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 08/10] net/sched: cls_flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 10/10] flow_dissector: set encapsulation control flags for non-IP Asbjørn Sloth Tønnesen
2024-07-09 16:52 ` [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Davide Caratti
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Now that TCA_FLOWER_KEY_ENC_FLAGS is unused, as it's
former data is stored behind TCA_FLOWER_KEY_ENC_CONTROL,
then remove the last bits of FLOW_DISSECTOR_KEY_ENC_FLAGS.
FLOW_DISSECTOR_KEY_ENC_FLAGS is unreleased, and have been
in net-next since 2024-06-04.
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
include/net/flow_dissector.h | 9 ---------
include/net/ip_tunnels.h | 12 ------------
net/core/flow_dissector.c | 16 +---------------
net/sched/cls_flower.c | 3 ---
4 files changed, 1 insertion(+), 39 deletions(-)
diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h
index 460ea65b9e592..ced79dc8e8560 100644
--- a/include/net/flow_dissector.h
+++ b/include/net/flow_dissector.h
@@ -342,14 +342,6 @@ struct flow_dissector_key_cfm {
#define FLOW_DIS_CFM_MDL_MASK GENMASK(7, 5)
#define FLOW_DIS_CFM_MDL_MAX 7
-/**
- * struct flow_dissector_key_enc_flags: tunnel metadata control flags
- * @flags: tunnel control flags
- */
-struct flow_dissector_key_enc_flags {
- u32 flags;
-};
-
enum flow_dissector_key_id {
FLOW_DISSECTOR_KEY_CONTROL, /* struct flow_dissector_key_control */
FLOW_DISSECTOR_KEY_BASIC, /* struct flow_dissector_key_basic */
@@ -384,7 +376,6 @@ enum flow_dissector_key_id {
FLOW_DISSECTOR_KEY_L2TPV3, /* struct flow_dissector_key_l2tpv3 */
FLOW_DISSECTOR_KEY_CFM, /* struct flow_dissector_key_cfm */
FLOW_DISSECTOR_KEY_IPSEC, /* struct flow_dissector_key_ipsec */
- FLOW_DISSECTOR_KEY_ENC_FLAGS, /* struct flow_dissector_key_enc_flags */
FLOW_DISSECTOR_KEY_MAX,
};
diff --git a/include/net/ip_tunnels.h b/include/net/ip_tunnels.h
index 3877315cf8b8c..1db2417b8ff52 100644
--- a/include/net/ip_tunnels.h
+++ b/include/net/ip_tunnels.h
@@ -247,18 +247,6 @@ static inline bool ip_tunnel_is_options_present(const unsigned long *flags)
return ip_tunnel_flags_intersect(flags, present);
}
-static inline void ip_tunnel_set_encflags_present(unsigned long *flags)
-{
- IP_TUNNEL_DECLARE_FLAGS(present) = { };
-
- __set_bit(IP_TUNNEL_CSUM_BIT, present);
- __set_bit(IP_TUNNEL_DONT_FRAGMENT_BIT, present);
- __set_bit(IP_TUNNEL_OAM_BIT, present);
- __set_bit(IP_TUNNEL_CRIT_OPT_BIT, present);
-
- ip_tunnel_flags_or(flags, flags, present);
-}
-
static inline bool ip_tunnel_flags_is_be16_compat(const unsigned long *flags)
{
IP_TUNNEL_DECLARE_FLAGS(supp) = { };
diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index a0263a4c5489e..1a9ca129fddde 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -385,9 +385,7 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
!dissector_uses_key(flow_dissector,
FLOW_DISSECTOR_KEY_ENC_IP) &&
!dissector_uses_key(flow_dissector,
- FLOW_DISSECTOR_KEY_ENC_OPTS) &&
- !dissector_uses_key(flow_dissector,
- FLOW_DISSECTOR_KEY_ENC_FLAGS))
+ FLOW_DISSECTOR_KEY_ENC_OPTS))
return;
info = skb_tunnel_info(skb);
@@ -489,18 +487,6 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
IP_TUNNEL_GENEVE_OPT_BIT);
enc_opt->dst_opt_type = val < __IP_TUNNEL_FLAG_NUM ? val : 0;
}
-
- if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_ENC_FLAGS)) {
- struct flow_dissector_key_enc_flags *enc_flags;
- IP_TUNNEL_DECLARE_FLAGS(flags) = {};
-
- enc_flags = skb_flow_dissector_target(flow_dissector,
- FLOW_DISSECTOR_KEY_ENC_FLAGS,
- target_container);
- ip_tunnel_set_encflags_present(flags);
- ip_tunnel_flags_and(flags, flags, info->key.tun_flags);
- enc_flags->flags = bitmap_read(flags, IP_TUNNEL_CSUM_BIT, 32);
- }
}
EXPORT_SYMBOL(skb_flow_dissect_tunnel_info);
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index e2239ab013555..897d6b683cc6f 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -85,7 +85,6 @@ struct fl_flow_key {
struct flow_dissector_key_l2tpv3 l2tpv3;
struct flow_dissector_key_ipsec ipsec;
struct flow_dissector_key_cfm cfm;
- struct flow_dissector_key_enc_flags enc_flags;
} __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
struct fl_flow_mask_range {
@@ -2223,8 +2222,6 @@ static void fl_init_dissector(struct flow_dissector *dissector,
FLOW_DISSECTOR_KEY_IPSEC, ipsec);
FL_KEY_SET_IF_MASKED(mask, keys, cnt,
FLOW_DISSECTOR_KEY_CFM, cfm);
- FL_KEY_SET_IF_MASKED(mask, keys, cnt,
- FLOW_DISSECTOR_KEY_ENC_FLAGS, enc_flags);
skb_flow_dissector_init(dissector, keys, cnt);
}
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH net-next v3 10/10] flow_dissector: set encapsulation control flags for non-IP
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (8 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 09/10] flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS Asbjørn Sloth Tønnesen
@ 2024-07-09 16:38 ` Asbjørn Sloth Tønnesen
2024-07-09 16:52 ` [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Davide Caratti
10 siblings, 0 replies; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-09 16:38 UTC (permalink / raw)
To: netdev
Cc: Asbjørn Sloth Tønnesen, Davide Caratti, Ilya Maximets,
Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S. Miller,
Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern,
Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Make sure to set encapsulated control flags also for non-IP
packets, such that it's possible to allow matching on e.g.
TUNNEL_OAM on a geneve packet carrying a non-IP packet.
Suggested-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.net>
Tested-by: Davide Caratti <dcaratti@redhat.com>
---
net/core/flow_dissector.c | 4 ++++
net/sched/cls_flower.c | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index 1a9ca129fddde..ada1e39b557e0 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -434,6 +434,10 @@ skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
ipv6->dst = key->u.ipv6.dst;
}
break;
+ default:
+ skb_flow_dissect_set_enc_control(0, ctrl_flags, flow_dissector,
+ target_container);
+ break;
}
if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_ENC_KEYID)) {
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index 897d6b683cc6f..38b2df387c1e1 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -2199,7 +2199,8 @@ static void fl_init_dissector(struct flow_dissector *dissector,
FL_KEY_SET_IF_MASKED(mask, keys, cnt,
FLOW_DISSECTOR_KEY_ENC_IPV6_ADDRS, enc_ipv6);
if (FL_KEY_IS_MASKED(mask, enc_ipv4) ||
- FL_KEY_IS_MASKED(mask, enc_ipv6))
+ FL_KEY_IS_MASKED(mask, enc_ipv6) ||
+ FL_KEY_IS_MASKED(mask, enc_control))
FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_ENC_CONTROL,
enc_control);
FL_KEY_SET_IF_MASKED(mask, keys, cnt,
--
2.45.2
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
` (9 preceding siblings ...)
2024-07-09 16:38 ` [PATCH net-next v3 10/10] flow_dissector: set encapsulation control flags for non-IP Asbjørn Sloth Tønnesen
@ 2024-07-09 16:52 ` Davide Caratti
10 siblings, 0 replies; 15+ messages in thread
From: Davide Caratti @ 2024-07-09 16:52 UTC (permalink / raw)
To: Asbjørn Sloth Tønnesen
Cc: netdev, Ilya Maximets, Jamal Hadi Salim, Cong Wang, Jiri Pirko,
David S. Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
David Ahern, Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
hello,
On Tue, Jul 9, 2024 at 6:38 PM Asbjørn Sloth Tønnesen <ast@fiberby.net> wrote:
>
> This series reworks the recently added TCA_FLOWER_KEY_ENC_FLAGS
> attribute, to be more like TCA_FLOWER_KEY_FLAGS, and use the unused
> u32 flags field in FLOW_DISSECTOR_KEY_ENC_CONTROL, instead of adding
> a new flags field as FLOW_DISSECTOR_KEY_ENC_FLAGS.
for the series:
Reviewed-by: Davide Caratti <dcaratti@redhat.com>
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS
2024-07-09 16:38 ` [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS Asbjørn Sloth Tønnesen
@ 2024-07-12 1:54 ` Jakub Kicinski
2024-07-13 1:14 ` Asbjørn Sloth Tønnesen
0 siblings, 1 reply; 15+ messages in thread
From: Jakub Kicinski @ 2024-07-12 1:54 UTC (permalink / raw)
To: Asbjørn Sloth Tønnesen
Cc: netdev, Davide Caratti, Ilya Maximets, Jamal Hadi Salim,
Cong Wang, Jiri Pirko, David S. Miller, Eric Dumazet, Paolo Abeni,
David Ahern, Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
On Tue, 9 Jul 2024 16:38:17 +0000 Asbjørn Sloth Tønnesen wrote:
> + if (NL_REQ_ATTR_CHECK(extack, NULL, tb, fl_mask)) {
Does this work with nest as NULL?
tb here is corresponding to attrs from tca[TCA_OPTIONS], so IIRC we need
to pass tca[TCA_OPTIONS] as nest here. Otherwise the decoder will look
for attribute with ID fl_mask at the root level, and the root attrs are
from the TCA_ enum.
Looks like Donald covered flower in Documentation/netlink/specs/tc.yaml
so you should be able to try to hit this using the Python ynl CLI:
https://docs.kernel.org/next/userspace-api/netlink/intro-specs.html#simple-cli
But to be honest I'm not 100% sure if the YNL reverse parser works with
TC and its "sub-message" polymorphism ;)
--
pw-bot: cr
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS
2024-07-12 1:54 ` Jakub Kicinski
@ 2024-07-13 1:14 ` Asbjørn Sloth Tønnesen
2024-07-13 5:15 ` Jakub Kicinski
0 siblings, 1 reply; 15+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2024-07-13 1:14 UTC (permalink / raw)
To: Jakub Kicinski
Cc: netdev, Davide Caratti, Ilya Maximets, Jamal Hadi Salim,
Cong Wang, Jiri Pirko, David S. Miller, Eric Dumazet, Paolo Abeni,
David Ahern, Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
Hi Jakub,
On 7/12/24 1:54 AM, Jakub Kicinski wrote:
> On Tue, 9 Jul 2024 16:38:17 +0000 Asbjørn Sloth Tønnesen wrote:
>> + if (NL_REQ_ATTR_CHECK(extack, NULL, tb, fl_mask)) {
>
> Does this work with nest as NULL?
It does, but it gives less information:
* struct netlink_ext_ack - netlink extended ACK report struct
[..]
* @miss_nest: nest missing an attribute (%NULL if missing top level attr)
NL_REQ_ATTR_CHECK() doesn't check the value of nest, it just sets it.
That line originates from Davide's patch and is already in net-next:
1d17568e74de ("net/sched: cls_flower: add support for matching tunnel control flags")
It was added to that patch, after Jamal requested it.
https://lore.kernel.org/CAM0EoMkE3kzL28jg-nZiwQ0HnrFtm9HNBJwU1SJk7Z++yHzrMw@mail.gmail.com/
> tb here is corresponding to attrs from tca[TCA_OPTIONS], so IIRC we need
> to pass tca[TCA_OPTIONS] as nest here. Otherwise the decoder will look
> for attribute with ID fl_mask at the root level, and the root attrs are
> from the TCA_ enum.
>
> Looks like Donald covered flower in Documentation/netlink/specs/tc.yaml
> so you should be able to try to hit this using the Python ynl CLI:
> https://docs.kernel.org/next/userspace-api/netlink/intro-specs.html#simple-cli
> But to be honest I'm not 100% sure if the YNL reverse parser works with
> TC and its "sub-message" polymorphism ;)
After extending the spec to know about the enc_flags keys, I get this:
$ sudo ./tools/net/ynl/cli.py --spec Documentation/netlink/specs/tc.yaml --do newtfilter --json '{"chain": 0, "family":
0, "handle": 4, "ifindex": 22, "info": 262152, "kind": "flower", "options": { "flags": 0, "key-enc-flags": 8,
"key-eth-type": 2048}, "parent": 4294967283}'
Netlink error: Invalid argument
nl_len = 68 (52) nl_flags = 0x300 nl_type = 2
error: -22
extack: {'msg': 'Missing flags mask', 'miss-type': 111}
After propagating tca[TCA_OPTIONS] through:
Netlink error: Invalid argument
nl_len = 76 (60) nl_flags = 0x300 nl_type = 2
error: -22
extack: {'msg': 'Missing flags mask', 'miss-type': 111, 'miss-nest': 56}
In v4, I have added the propagation as the last patch.
--
Best regards
Asbjørn Sloth Tønnesen
Network Engineer
Fiberby - AS42541
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS
2024-07-13 1:14 ` Asbjørn Sloth Tønnesen
@ 2024-07-13 5:15 ` Jakub Kicinski
0 siblings, 0 replies; 15+ messages in thread
From: Jakub Kicinski @ 2024-07-13 5:15 UTC (permalink / raw)
To: Asbjørn Sloth Tønnesen
Cc: netdev, Davide Caratti, Ilya Maximets, Jamal Hadi Salim,
Cong Wang, Jiri Pirko, David S. Miller, Eric Dumazet, Paolo Abeni,
David Ahern, Simon Horman, Ratheesh Kannoth, Florian Westphal,
Alexander Lobakin, linux-kernel
On Sat, 13 Jul 2024 01:14:57 +0000 Asbjørn Sloth Tønnesen wrote:
> After propagating tca[TCA_OPTIONS] through:
>
> Netlink error: Invalid argument
> nl_len = 76 (60) nl_flags = 0x300 nl_type = 2
> error: -22
> extack: {'msg': 'Missing flags mask', 'miss-type': 111, 'miss-nest': 56}
>
> In v4, I have added the propagation as the last patch.
Sorry for the misdirection, I realized this morning that the Python
code can't descend at all. I only implemented decoding missing attrs
to names if they are at the root level. C YNL code can decode.. but
it can only do genetlink.. :)
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2024-07-13 5:15 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-09 16:38 [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 01/10] net/sched: flower: refactor control flag definitions Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 02/10] net/sched: flower: define new tunnel flags Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 03/10] net/sched: cls_flower: prepare fl_{set,dump}_key_flags() for ENC_FLAGS Asbjørn Sloth Tønnesen
2024-07-12 1:54 ` Jakub Kicinski
2024-07-13 1:14 ` Asbjørn Sloth Tønnesen
2024-07-13 5:15 ` Jakub Kicinski
2024-07-09 16:38 ` [PATCH net-next v3 04/10] net/sched: cls_flower: add policy for TCA_FLOWER_KEY_FLAGS Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 05/10] flow_dissector: prepare for encapsulated control flags Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 06/10] flow_dissector: set encapsulated control flags from tun_flags Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 07/10] net/sched: cls_flower: add tunnel flags to fl_{set,dump}_key_flags() Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 08/10] net/sched: cls_flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 09/10] flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS Asbjørn Sloth Tønnesen
2024-07-09 16:38 ` [PATCH net-next v3 10/10] flow_dissector: set encapsulation control flags for non-IP Asbjørn Sloth Tønnesen
2024-07-09 16:52 ` [PATCH net-next v3 00/10] flower: rework TCA_FLOWER_KEY_ENC_FLAGS usage Davide Caratti
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).