Re: [PATCH RFC,net-next 04/10] cls_flower: add translator to flow_action representation
From: Jakub Kicinski <hidden>
Date: 2018-09-26 22:01:52
On Tue, 25 Sep 2018 21:19:55 +0200, Pablo Neira Ayuso wrote:
quoted hunk ↗ jump to hunk
This implements TC action to flow_action translation from cls_flower. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- net/sched/cls_flower.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 123 insertions(+), 1 deletion(-)diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c index e1dd60a2ecb8..a96a80f01c6d 100644 --- a/net/sched/cls_flower.c +++ b/net/sched/cls_flower.c@@ -28,6 +28,14 @@ #include <net/dst.h> #include <net/dst_metadata.h> +#include <net/tc_act/tc_mirred.h> +#include <net/tc_act/tc_vlan.h> +#include <net/tc_act/tc_tunnel_key.h> +#include <net/tc_act/tc_pedit.h> +#include <net/tc_act/tc_csum.h> +#include <net/tc_act/tc_gact.h> +#include <net/tc_act/tc_skbedit.h> +#include <net/tc_act/tc_mirred.h> struct fl_flow_key { int indev_ifindex;@@ -101,6 +109,7 @@ struct cls_fl_filter { u32 in_hw_count; struct rcu_work rwork; struct net_device *hw_dev; + struct flow_action action; }; static const struct rhashtable_params mask_ht_params = {@@ -294,6 +303,107 @@ static void fl_hw_destroy_filter(struct tcf_proto *tp, struct cls_fl_filter *f, tcf_block_offload_dec(block, &f->flags); } +static int fl_hw_setup_action(struct flow_action *flow_action, + const struct tcf_exts *exts)
The function doesn't seem very flower-specific?
+{
+ const struct tc_action *act;
+ int num_acts = 0, i, j, k;
+
+ if (!exts)
+ return 0;
+
+ tcf_exts_for_each_action(i, act, exts) {
+ if (is_tcf_pedit(act))
+ num_acts += tcf_pedit_nkeys(act);
+ else
+ num_acts++;
+ }
+
+ if (!num_acts)
+ return 0;
+
+ if (flow_action_init(flow_action, num_acts) < 0)
+ return -ENOMEM;
+
+ j = 0;
+ tcf_exts_for_each_action(i, act, exts) {
+ struct flow_action_key *key;
+
+ key = &flow_action->keys[j];
+ if (is_tcf_gact_ok(act)) {
+ key->id = FLOW_ACTION_KEY_ACCEPT;
+ } else if (is_tcf_gact_shot(act)) {
+ key->id = FLOW_ACTION_KEY_DROP;
+ } else if (is_tcf_gact_trap(act)) {
+ key->id = FLOW_ACTION_KEY_TRAP;
+ } else if (is_tcf_gact_goto_chain(act)) {
+ key->id = FLOW_ACTION_KEY_GOTO;
+ key->chain_index = tcf_gact_goto_chain_index(act);
+ } else if (is_tcf_mirred_egress_redirect(act)) {
+ key->id = FLOW_ACTION_KEY_REDIRECT;
+ key->dev = tcf_mirred_dev(act);
+ } else if (is_tcf_mirred_egress_mirror(act)) {
+ key->id = FLOW_ACTION_KEY_MIRRED;
+ key->dev = tcf_mirred_dev(act);
+ } else if (is_tcf_vlan(act)) {
+ switch (tcf_vlan_action(act)) {
+ case TCA_VLAN_ACT_PUSH:
+ key->id = FLOW_ACTION_KEY_VLAN_PUSH;
+ key->vlan.vid = tcf_vlan_push_vid(act);
+ key->vlan.proto = tcf_vlan_push_proto(act);
+ key->vlan.prio = tcf_vlan_push_prio(act);
+ break;
+ case TCA_VLAN_ACT_POP:
+ key->id = FLOW_ACTION_KEY_VLAN_POP;
+ break;
+ case TCA_VLAN_ACT_MODIFY:
+ key->id = FLOW_ACTION_KEY_VLAN_MANGLE;
+ key->vlan.vid = tcf_vlan_push_vid(act);
+ key->vlan.proto = tcf_vlan_push_proto(act);
+ key->vlan.prio = tcf_vlan_push_prio(act);
+ break;
+ }
+ } else if (is_tcf_tunnel_set(act)) {
+ key->id = FLOW_ACTION_KEY_TUNNEL_ENCAP;
+ key->tunnel = tcf_tunnel_info(act);
+ } else if (is_tcf_tunnel_release(act)) {
+ key->id = FLOW_ACTION_KEY_TUNNEL_DECAP;
+ key->tunnel = tcf_tunnel_info(act);
+ } else if (is_tcf_pedit(act)) {
+ for (k = 0; k < tcf_pedit_nkeys(act); k++) {
+ switch (tcf_pedit_cmd(act, k)) {
+ case TCA_PEDIT_KEY_EX_CMD_SET:
+ key->id = FLOW_ACTION_KEY_MANGLE;
+ break;
+ case TCA_PEDIT_KEY_EX_CMD_ADD:
+ key->id = FLOW_ACTION_KEY_ADD;
+ break;
+ default:
+ WARN_ON_ONCE(1);
+ break;
+ }
+
+ key->mangle.htype = tcf_pedit_htype(act, k);
+ key->mangle.mask = tcf_pedit_mask(act, k);
+ key->mangle.val = tcf_pedit_val(act, k);
+ key->mangle.offset = tcf_pedit_offset(act, k);
+ key = &flow_action->keys[++j];
+ }
+ } else if (is_tcf_csum(act)) {
+ key->id = FLOW_ACTION_KEY_CSUM;
+ key->csum_flags = tcf_csum_update_flags(act);
+ } else if (is_tcf_skbedit_mark(act)) {
+ key->id = FLOW_ACTION_KEY_MARK;
+ key->mark = tcf_skbedit_mark(act);
+ }Why the permissiveness? Shouldn't we error out if we there is an unknown action? else -EOPNOTSUPP + extack?
+ + if (!is_tcf_pedit(act)) + j++; + } + + return 0; +} + static int fl_hw_replace_filter(struct tcf_proto *tp, struct cls_fl_filter *f, struct netlink_ext_ack *extack)