Commit 6ffcea79 authored by Jarno Rajahalme's avatar Jarno Rajahalme Committed by David S. Miller

openvswitch: Refactor labels initialization.

Refactoring conntrack labels initialization makes changes in later
patches easier to review.
Signed-off-by: default avatarJarno Rajahalme <jarno@ovn.org>
Acked-by: default avatarPravin B Shelar <pshelar@ovn.org>
Acked-by: default avatarJoe Stringer <joe@ovn.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent b87cec38
...@@ -227,19 +227,12 @@ int ovs_ct_put_key(const struct sw_flow_key *key, struct sk_buff *skb) ...@@ -227,19 +227,12 @@ int ovs_ct_put_key(const struct sw_flow_key *key, struct sk_buff *skb)
return 0; return 0;
} }
static int ovs_ct_set_mark(struct sk_buff *skb, struct sw_flow_key *key, static int ovs_ct_set_mark(struct nf_conn *ct, struct sw_flow_key *key,
u32 ct_mark, u32 mask) u32 ct_mark, u32 mask)
{ {
#if IS_ENABLED(CONFIG_NF_CONNTRACK_MARK) #if IS_ENABLED(CONFIG_NF_CONNTRACK_MARK)
enum ip_conntrack_info ctinfo;
struct nf_conn *ct;
u32 new_mark; u32 new_mark;
/* The connection could be invalid, in which case set_mark is no-op. */
ct = nf_ct_get(skb, &ctinfo);
if (!ct)
return 0;
new_mark = ct_mark | (ct->mark & ~(mask)); new_mark = ct_mark | (ct->mark & ~(mask));
if (ct->mark != new_mark) { if (ct->mark != new_mark) {
ct->mark = new_mark; ct->mark = new_mark;
...@@ -254,50 +247,66 @@ static int ovs_ct_set_mark(struct sk_buff *skb, struct sw_flow_key *key, ...@@ -254,50 +247,66 @@ static int ovs_ct_set_mark(struct sk_buff *skb, struct sw_flow_key *key,
#endif #endif
} }
static int ovs_ct_set_labels(struct sk_buff *skb, struct sw_flow_key *key, static struct nf_conn_labels *ovs_ct_get_conn_labels(struct nf_conn *ct)
const struct ovs_key_ct_labels *labels,
const struct ovs_key_ct_labels *mask)
{ {
enum ip_conntrack_info ctinfo;
struct nf_conn_labels *cl; struct nf_conn_labels *cl;
struct nf_conn *ct;
/* The connection could be invalid, in which case set_label is no-op.*/
ct = nf_ct_get(skb, &ctinfo);
if (!ct)
return 0;
cl = nf_ct_labels_find(ct); cl = nf_ct_labels_find(ct);
if (!cl) { if (!cl) {
nf_ct_labels_ext_add(ct); nf_ct_labels_ext_add(ct);
cl = nf_ct_labels_find(ct); cl = nf_ct_labels_find(ct);
} }
return cl;
}
/* Initialize labels for a new, yet to be committed conntrack entry. Note that
* since the new connection is not yet confirmed, and thus no-one else has
* access to it's labels, we simply write them over. Also, we refrain from
* triggering events, as receiving change events before the create event would
* be confusing.
*/
static int ovs_ct_init_labels(struct nf_conn *ct, struct sw_flow_key *key,
const struct ovs_key_ct_labels *labels,
const struct ovs_key_ct_labels *mask)
{
struct nf_conn_labels *cl;
u32 *dst;
int i;
cl = ovs_ct_get_conn_labels(ct);
if (!cl) if (!cl)
return -ENOSPC; return -ENOSPC;
if (nf_ct_is_confirmed(ct)) { dst = (u32 *)cl->bits;
/* Triggers a change event, which makes sense only for for (i = 0; i < OVS_CT_LABELS_LEN_32; i++)
* confirmed connections. dst[i] = (dst[i] & ~mask->ct_labels_32[i]) |
*/ (labels->ct_labels_32[i] & mask->ct_labels_32[i]);
int err = nf_connlabels_replace(ct, labels->ct_labels_32,
mask->ct_labels_32,
OVS_CT_LABELS_LEN_32);
if (err)
return err;
} else {
u32 *dst = (u32 *)cl->bits;
const u32 *msk = mask->ct_labels_32;
const u32 *lbl = labels->ct_labels_32;
int i;
/* No-one else has access to the non-confirmed entry, copy memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN);
* labels over, keeping any bits we are not explicitly setting.
*/ return 0;
for (i = 0; i < OVS_CT_LABELS_LEN_32; i++) }
dst[i] = (dst[i] & ~msk[i]) | (lbl[i] & msk[i]);
} static int ovs_ct_set_labels(struct nf_conn *ct, struct sw_flow_key *key,
const struct ovs_key_ct_labels *labels,
const struct ovs_key_ct_labels *mask)
{
struct nf_conn_labels *cl;
int err;
cl = ovs_ct_get_conn_labels(ct);
if (!cl)
return -ENOSPC;
err = nf_connlabels_replace(ct, labels->ct_labels_32,
mask->ct_labels_32,
OVS_CT_LABELS_LEN_32);
if (err)
return err;
memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN);
ovs_ct_get_labels(ct, &key->ct.labels);
return 0; return 0;
} }
...@@ -877,25 +886,36 @@ static int ovs_ct_commit(struct net *net, struct sw_flow_key *key, ...@@ -877,25 +886,36 @@ static int ovs_ct_commit(struct net *net, struct sw_flow_key *key,
const struct ovs_conntrack_info *info, const struct ovs_conntrack_info *info,
struct sk_buff *skb) struct sk_buff *skb)
{ {
enum ip_conntrack_info ctinfo;
struct nf_conn *ct;
int err; int err;
err = __ovs_ct_lookup(net, key, info, skb); err = __ovs_ct_lookup(net, key, info, skb);
if (err) if (err)
return err; return err;
/* The connection could be invalid, in which case this is a no-op.*/
ct = nf_ct_get(skb, &ctinfo);
if (!ct)
return 0;
/* Apply changes before confirming the connection so that the initial /* Apply changes before confirming the connection so that the initial
* conntrack NEW netlink event carries the values given in the CT * conntrack NEW netlink event carries the values given in the CT
* action. * action.
*/ */
if (info->mark.mask) { if (info->mark.mask) {
err = ovs_ct_set_mark(skb, key, info->mark.value, err = ovs_ct_set_mark(ct, key, info->mark.value,
info->mark.mask); info->mark.mask);
if (err) if (err)
return err; return err;
} }
if (labels_nonzero(&info->labels.mask)) { if (labels_nonzero(&info->labels.mask)) {
err = ovs_ct_set_labels(skb, key, &info->labels.value, if (!nf_ct_is_confirmed(ct))
&info->labels.mask); err = ovs_ct_init_labels(ct, key, &info->labels.value,
&info->labels.mask);
else
err = ovs_ct_set_labels(ct, key, &info->labels.value,
&info->labels.mask);
if (err) if (err)
return err; return err;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment