Commit 88e2f284 authored by David S. Miller's avatar David S. Miller

Merge branch 'Add-MPLS-actions-to-TC'

John Hurley says:

====================
Add MPLS actions to TC

This patchset introduces a new TC action module that allows the
manipulation of the MPLS headers of packets. The code impliments
functionality including push, pop, and modify.

Also included are tests for the new funtionality. Note that these will
require iproute2 changes to be submitted soon.

NOTE: these patches are applied to net-next along with the patch:
[PATCH net 1/1] net: openvswitch: fix csum updates for MPLS actions
This patch has been accepted into net but, at time of posting, is not yet
in net-next.

v6-v7:
- add extra tests for setting max/min and exceeding range of fields -
  patch 5 (Roman Mashak)
v5-v6:
- add CONFIG_NET_ACT_MPLS to tc-testing config file - patch 5
  (Davide Caratti)
v4-v5:
- move mpls_hdr() call to after skb_ensure_writable - patch 3
  (Willem de Bruijn)
- move mpls_dec_ttl to helper - patch 4 (Willem de Bruijn)
- add iproute2 usage example to commit msg - patch 4 (David Ahern)
- align label validation with mpls core code - patch 4 (David Ahern)
- improve extack message for no proto in mpls pop - patch 4 (David Ahern)
v3-v4:
- refactor and reuse OvS code (Cong Wang)
- use csum API rather than skb_post*rscum to update skb->csum (Cong Wang)
- remove unnecessary warning (Cong Wang)
- add comments to uapi attributes (David Ahern)
- set strict type policy check for TCA_MPLS_UNSPEC (David Ahern)
- expand/improve extack messages (David Ahern)
- add option to manually set BOS
v2-v3:
- remove a few unnecessary line breaks (Jiri Pirko)
- retract hw offload patch from set (resubmit with driver changes) (Jiri)
v1->v2:
- ensure TCA_ID_MPLS does not conflict with TCA_ID_CTINFO (Davide Caratti)
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents af144a98 6fb8dbca
...@@ -3447,6 +3447,10 @@ int skb_ensure_writable(struct sk_buff *skb, int write_len); ...@@ -3447,6 +3447,10 @@ int skb_ensure_writable(struct sk_buff *skb, int write_len);
int __skb_vlan_pop(struct sk_buff *skb, u16 *vlan_tci); int __skb_vlan_pop(struct sk_buff *skb, u16 *vlan_tci);
int skb_vlan_pop(struct sk_buff *skb); int skb_vlan_pop(struct sk_buff *skb);
int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci); int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci);
int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto);
int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto);
int skb_mpls_update_lse(struct sk_buff *skb, __be32 mpls_lse);
int skb_mpls_dec_ttl(struct sk_buff *skb);
struct sk_buff *pskb_extract(struct sk_buff *skb, int off, int to_copy, struct sk_buff *pskb_extract(struct sk_buff *skb, int off, int to_copy,
gfp_t gfp); gfp_t gfp);
......
/* SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) */
/* Copyright (C) 2019 Netronome Systems, Inc. */
#ifndef __NET_TC_MPLS_H
#define __NET_TC_MPLS_H
#include <linux/tc_act/tc_mpls.h>
#include <net/act_api.h>
struct tcf_mpls_params {
int tcfm_action;
u32 tcfm_label;
u8 tcfm_tc;
u8 tcfm_ttl;
u8 tcfm_bos;
__be16 tcfm_proto;
struct rcu_head rcu;
};
#define ACT_MPLS_TC_NOT_SET 0xff
#define ACT_MPLS_BOS_NOT_SET 0xff
#define ACT_MPLS_LABEL_NOT_SET 0xffffffff
struct tcf_mpls {
struct tc_action common;
struct tcf_mpls_params __rcu *mpls_p;
};
#define to_mpls(a) ((struct tcf_mpls *)a)
#endif /* __NET_TC_MPLS_H */
...@@ -104,8 +104,9 @@ enum tca_id { ...@@ -104,8 +104,9 @@ enum tca_id {
TCA_ID_SIMP = TCA_ACT_SIMP, TCA_ID_SIMP = TCA_ACT_SIMP,
TCA_ID_IFE = TCA_ACT_IFE, TCA_ID_IFE = TCA_ACT_IFE,
TCA_ID_SAMPLE = TCA_ACT_SAMPLE, TCA_ID_SAMPLE = TCA_ACT_SAMPLE,
/* other actions go here */
TCA_ID_CTINFO, TCA_ID_CTINFO,
TCA_ID_MPLS,
/* other actions go here */
__TCA_ID_MAX = 255 __TCA_ID_MAX = 255
}; };
......
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
/* Copyright (C) 2019 Netronome Systems, Inc. */
#ifndef __LINUX_TC_MPLS_H
#define __LINUX_TC_MPLS_H
#include <linux/pkt_cls.h>
#define TCA_MPLS_ACT_POP 1
#define TCA_MPLS_ACT_PUSH 2
#define TCA_MPLS_ACT_MODIFY 3
#define TCA_MPLS_ACT_DEC_TTL 4
struct tc_mpls {
tc_gen; /* generic TC action fields. */
int m_action; /* action of type TCA_MPLS_ACT_*. */
};
enum {
TCA_MPLS_UNSPEC,
TCA_MPLS_TM, /* struct tcf_t; time values associated with action. */
TCA_MPLS_PARMS, /* struct tc_mpls; action type and general TC fields. */
TCA_MPLS_PAD,
TCA_MPLS_PROTO, /* be16; eth_type of pushed or next (for pop) header. */
TCA_MPLS_LABEL, /* u32; MPLS label. Lower 20 bits are used. */
TCA_MPLS_TC, /* u8; MPLS TC field. Lower 3 bits are used. */
TCA_MPLS_TTL, /* u8; MPLS TTL field. Must not be 0. */
TCA_MPLS_BOS, /* u8; MPLS BOS field. Either 1 or 0. */
__TCA_MPLS_MAX,
};
#define TCA_MPLS_MAX (__TCA_MPLS_MAX - 1)
#endif
...@@ -59,6 +59,7 @@ ...@@ -59,6 +59,7 @@
#include <linux/errqueue.h> #include <linux/errqueue.h>
#include <linux/prefetch.h> #include <linux/prefetch.h>
#include <linux/if_vlan.h> #include <linux/if_vlan.h>
#include <linux/mpls.h>
#include <net/protocol.h> #include <net/protocol.h>
#include <net/dst.h> #include <net/dst.h>
...@@ -66,6 +67,7 @@ ...@@ -66,6 +67,7 @@
#include <net/checksum.h> #include <net/checksum.h>
#include <net/ip6_checksum.h> #include <net/ip6_checksum.h>
#include <net/xfrm.h> #include <net/xfrm.h>
#include <net/mpls.h>
#include <linux/uaccess.h> #include <linux/uaccess.h>
#include <trace/events/skb.h> #include <trace/events/skb.h>
...@@ -5425,6 +5427,173 @@ int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci) ...@@ -5425,6 +5427,173 @@ int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci)
} }
EXPORT_SYMBOL(skb_vlan_push); EXPORT_SYMBOL(skb_vlan_push);
/* Update the ethertype of hdr and the skb csum value if required. */
static void skb_mod_eth_type(struct sk_buff *skb, struct ethhdr *hdr,
__be16 ethertype)
{
if (skb->ip_summed == CHECKSUM_COMPLETE) {
__be16 diff[] = { ~hdr->h_proto, ethertype };
skb->csum = csum_partial((char *)diff, sizeof(diff), skb->csum);
}
hdr->h_proto = ethertype;
}
/**
* skb_mpls_push() - push a new MPLS header after the mac header
*
* @skb: buffer
* @mpls_lse: MPLS label stack entry to push
* @mpls_proto: ethertype of the new MPLS header (expects 0x8847 or 0x8848)
*
* Expects skb->data at mac header.
*
* Returns 0 on success, -errno otherwise.
*/
int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto)
{
struct mpls_shim_hdr *lse;
int err;
if (unlikely(!eth_p_mpls(mpls_proto)))
return -EINVAL;
/* Networking stack does not allow simultaneous Tunnel and MPLS GSO. */
if (skb->encapsulation)
return -EINVAL;
err = skb_cow_head(skb, MPLS_HLEN);
if (unlikely(err))
return err;
if (!skb->inner_protocol) {
skb_set_inner_network_header(skb, skb->mac_len);
skb_set_inner_protocol(skb, skb->protocol);
}
skb_push(skb, MPLS_HLEN);
memmove(skb_mac_header(skb) - MPLS_HLEN, skb_mac_header(skb),
skb->mac_len);
skb_reset_mac_header(skb);
skb_set_network_header(skb, skb->mac_len);
lse = mpls_hdr(skb);
lse->label_stack_entry = mpls_lse;
skb_postpush_rcsum(skb, lse, MPLS_HLEN);
if (skb->dev && skb->dev->type == ARPHRD_ETHER)
skb_mod_eth_type(skb, eth_hdr(skb), mpls_proto);
skb->protocol = mpls_proto;
return 0;
}
EXPORT_SYMBOL_GPL(skb_mpls_push);
/**
* skb_mpls_pop() - pop the outermost MPLS header
*
* @skb: buffer
* @next_proto: ethertype of header after popped MPLS header
*
* Expects skb->data at mac header.
*
* Returns 0 on success, -errno otherwise.
*/
int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto)
{
int err;
if (unlikely(!eth_p_mpls(skb->protocol)))
return -EINVAL;
err = skb_ensure_writable(skb, skb->mac_len + MPLS_HLEN);
if (unlikely(err))
return err;
skb_postpull_rcsum(skb, mpls_hdr(skb), MPLS_HLEN);
memmove(skb_mac_header(skb) + MPLS_HLEN, skb_mac_header(skb),
skb->mac_len);
__skb_pull(skb, MPLS_HLEN);
skb_reset_mac_header(skb);
skb_set_network_header(skb, skb->mac_len);
if (skb->dev && skb->dev->type == ARPHRD_ETHER) {
struct ethhdr *hdr;
/* use mpls_hdr() to get ethertype to account for VLANs. */
hdr = (struct ethhdr *)((void *)mpls_hdr(skb) - ETH_HLEN);
skb_mod_eth_type(skb, hdr, next_proto);
}
skb->protocol = next_proto;
return 0;
}
EXPORT_SYMBOL_GPL(skb_mpls_pop);
/**
* skb_mpls_update_lse() - modify outermost MPLS header and update csum
*
* @skb: buffer
* @mpls_lse: new MPLS label stack entry to update to
*
* Expects skb->data at mac header.
*
* Returns 0 on success, -errno otherwise.
*/
int skb_mpls_update_lse(struct sk_buff *skb, __be32 mpls_lse)
{
int err;
if (unlikely(!eth_p_mpls(skb->protocol)))
return -EINVAL;
err = skb_ensure_writable(skb, skb->mac_len + MPLS_HLEN);
if (unlikely(err))
return err;
if (skb->ip_summed == CHECKSUM_COMPLETE) {
__be32 diff[] = { ~mpls_hdr(skb)->label_stack_entry, mpls_lse };
skb->csum = csum_partial((char *)diff, sizeof(diff), skb->csum);
}
mpls_hdr(skb)->label_stack_entry = mpls_lse;
return 0;
}
EXPORT_SYMBOL_GPL(skb_mpls_update_lse);
/**
* skb_mpls_dec_ttl() - decrement the TTL of the outermost MPLS header
*
* @skb: buffer
*
* Expects skb->data at mac header.
*
* Returns 0 on success, -errno otherwise.
*/
int skb_mpls_dec_ttl(struct sk_buff *skb)
{
u32 lse;
u8 ttl;
if (unlikely(!eth_p_mpls(skb->protocol)))
return -EINVAL;
lse = be32_to_cpu(mpls_hdr(skb)->label_stack_entry);
ttl = (lse & MPLS_LS_TTL_MASK) >> MPLS_LS_TTL_SHIFT;
if (!--ttl)
return -EINVAL;
lse &= ~MPLS_LS_TTL_MASK;
lse |= ttl << MPLS_LS_TTL_SHIFT;
return skb_mpls_update_lse(skb, cpu_to_be32(lse));
}
EXPORT_SYMBOL_GPL(skb_mpls_dec_ttl);
/** /**
* alloc_skb_with_frags - allocate skb with page frags * alloc_skb_with_frags - allocate skb with page frags
* *
......
...@@ -160,49 +160,14 @@ static int do_execute_actions(struct datapath *dp, struct sk_buff *skb, ...@@ -160,49 +160,14 @@ static int do_execute_actions(struct datapath *dp, struct sk_buff *skb,
struct sw_flow_key *key, struct sw_flow_key *key,
const struct nlattr *attr, int len); const struct nlattr *attr, int len);
static void update_ethertype(struct sk_buff *skb, struct ethhdr *hdr,
__be16 ethertype)
{
if (skb->ip_summed == CHECKSUM_COMPLETE) {
__be16 diff[] = { ~(hdr->h_proto), ethertype };
skb->csum = csum_partial((char *)diff, sizeof(diff), skb->csum);
}
hdr->h_proto = ethertype;
}
static int push_mpls(struct sk_buff *skb, struct sw_flow_key *key, static int push_mpls(struct sk_buff *skb, struct sw_flow_key *key,
const struct ovs_action_push_mpls *mpls) const struct ovs_action_push_mpls *mpls)
{ {
struct mpls_shim_hdr *new_mpls_lse; int err;
/* Networking stack do not allow simultaneous Tunnel and MPLS GSO. */
if (skb->encapsulation)
return -ENOTSUPP;
if (skb_cow_head(skb, MPLS_HLEN) < 0)
return -ENOMEM;
if (!skb->inner_protocol) {
skb_set_inner_network_header(skb, skb->mac_len);
skb_set_inner_protocol(skb, skb->protocol);
}
skb_push(skb, MPLS_HLEN);
memmove(skb_mac_header(skb) - MPLS_HLEN, skb_mac_header(skb),
skb->mac_len);
skb_reset_mac_header(skb);
skb_set_network_header(skb, skb->mac_len);
new_mpls_lse = mpls_hdr(skb);
new_mpls_lse->label_stack_entry = mpls->mpls_lse;
skb_postpush_rcsum(skb, new_mpls_lse, MPLS_HLEN);
if (ovs_key_mac_proto(key) == MAC_PROTO_ETHERNET) err = skb_mpls_push(skb, mpls->mpls_lse, mpls->mpls_ethertype);
update_ethertype(skb, eth_hdr(skb), mpls->mpls_ethertype); if (err)
skb->protocol = mpls->mpls_ethertype; return err;
invalidate_flow_key(key); invalidate_flow_key(key);
return 0; return 0;
...@@ -213,31 +178,10 @@ static int pop_mpls(struct sk_buff *skb, struct sw_flow_key *key, ...@@ -213,31 +178,10 @@ static int pop_mpls(struct sk_buff *skb, struct sw_flow_key *key,
{ {
int err; int err;
err = skb_ensure_writable(skb, skb->mac_len + MPLS_HLEN); err = skb_mpls_pop(skb, ethertype);
if (unlikely(err)) if (err)
return err; return err;
skb_postpull_rcsum(skb, mpls_hdr(skb), MPLS_HLEN);
memmove(skb_mac_header(skb) + MPLS_HLEN, skb_mac_header(skb),
skb->mac_len);
__skb_pull(skb, MPLS_HLEN);
skb_reset_mac_header(skb);
skb_set_network_header(skb, skb->mac_len);
if (ovs_key_mac_proto(key) == MAC_PROTO_ETHERNET) {
struct ethhdr *hdr;
/* mpls_hdr() is used to locate the ethertype field correctly in the
* presence of VLAN tags.
*/
hdr = (struct ethhdr *)((void *)mpls_hdr(skb) - ETH_HLEN);
update_ethertype(skb, hdr, ethertype);
}
if (eth_p_mpls(skb->protocol))
skb->protocol = ethertype;
invalidate_flow_key(key); invalidate_flow_key(key);
return 0; return 0;
} }
...@@ -249,19 +193,12 @@ static int set_mpls(struct sk_buff *skb, struct sw_flow_key *flow_key, ...@@ -249,19 +193,12 @@ static int set_mpls(struct sk_buff *skb, struct sw_flow_key *flow_key,
__be32 lse; __be32 lse;
int err; int err;
err = skb_ensure_writable(skb, skb->mac_len + MPLS_HLEN);
if (unlikely(err))
return err;
stack = mpls_hdr(skb); stack = mpls_hdr(skb);
lse = OVS_MASKED(stack->label_stack_entry, *mpls_lse, *mask); lse = OVS_MASKED(stack->label_stack_entry, *mpls_lse, *mask);
if (skb->ip_summed == CHECKSUM_COMPLETE) { err = skb_mpls_update_lse(skb, lse);
__be32 diff[] = { ~(stack->label_stack_entry), lse }; if (err)
return err;
skb->csum = csum_partial((char *)diff, sizeof(diff), skb->csum);
}
stack->label_stack_entry = lse;
flow_key->mpls.top_lse = lse; flow_key->mpls.top_lse = lse;
return 0; return 0;
} }
......
...@@ -842,6 +842,17 @@ config NET_ACT_CSUM ...@@ -842,6 +842,17 @@ config NET_ACT_CSUM
To compile this code as a module, choose M here: the To compile this code as a module, choose M here: the
module will be called act_csum. module will be called act_csum.
config NET_ACT_MPLS
tristate "MPLS manipulation"
depends on NET_CLS_ACT
help
Say Y here to push or pop MPLS headers.
If unsure, say N.
To compile this code as a module, choose M here: the
module will be called act_mpls.
config NET_ACT_VLAN config NET_ACT_VLAN
tristate "Vlan manipulation" tristate "Vlan manipulation"
depends on NET_CLS_ACT depends on NET_CLS_ACT
......
...@@ -18,6 +18,7 @@ obj-$(CONFIG_NET_ACT_PEDIT) += act_pedit.o ...@@ -18,6 +18,7 @@ obj-$(CONFIG_NET_ACT_PEDIT) += act_pedit.o
obj-$(CONFIG_NET_ACT_SIMP) += act_simple.o obj-$(CONFIG_NET_ACT_SIMP) += act_simple.o
obj-$(CONFIG_NET_ACT_SKBEDIT) += act_skbedit.o obj-$(CONFIG_NET_ACT_SKBEDIT) += act_skbedit.o
obj-$(CONFIG_NET_ACT_CSUM) += act_csum.o obj-$(CONFIG_NET_ACT_CSUM) += act_csum.o
obj-$(CONFIG_NET_ACT_MPLS) += act_mpls.o
obj-$(CONFIG_NET_ACT_VLAN) += act_vlan.o obj-$(CONFIG_NET_ACT_VLAN) += act_vlan.o
obj-$(CONFIG_NET_ACT_BPF) += act_bpf.o obj-$(CONFIG_NET_ACT_BPF) += act_bpf.o
obj-$(CONFIG_NET_ACT_CONNMARK) += act_connmark.o obj-$(CONFIG_NET_ACT_CONNMARK) += act_connmark.o
......
This diff is collapsed.
...@@ -42,6 +42,7 @@ CONFIG_NET_ACT_CTINFO=m ...@@ -42,6 +42,7 @@ CONFIG_NET_ACT_CTINFO=m
CONFIG_NET_ACT_SKBMOD=m CONFIG_NET_ACT_SKBMOD=m
CONFIG_NET_ACT_IFE=m CONFIG_NET_ACT_IFE=m
CONFIG_NET_ACT_TUNNEL_KEY=m CONFIG_NET_ACT_TUNNEL_KEY=m
CONFIG_NET_ACT_MPLS=m
CONFIG_NET_IFE_SKBMARK=m CONFIG_NET_IFE_SKBMARK=m
CONFIG_NET_IFE_SKBPRIO=m CONFIG_NET_IFE_SKBPRIO=m
CONFIG_NET_IFE_SKBTCINDEX=m CONFIG_NET_IFE_SKBTCINDEX=m
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment