lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Jul 2014 10:15:50 -0700 From: Cong Wang <cwang@...pensource.com> To: Antonio Quartulli <antonio@...hcoding.com> Cc: David Miller <davem@...emloft.net>, netdev <netdev@...r.kernel.org>, sergei.shtylyov@...entembedded.com, Eric Dumazet <eric.dumazet@...il.com>, Antonio Quartulli <antonio@...n-mesh.com>, Jamal Hadi Salim <jhs@...atatu.com> Subject: Re: [PATCHv2] skbedit: allow the user to specify bitmask for mark On Wed, Jul 23, 2014 at 1:03 AM, Antonio Quartulli <antonio@...hcoding.com> wrote: > From: Antonio Quartulli <antonio@...n-mesh.com> > > The user may want to use only some bits of the skb mark in > his skbedit rules because the remaining part might be used by > something else. > > Introduce the "mask" parameter to the skbedit actor in order > to implement such functionality. > > When the mask is specified, only those bits selected by the > latter are altered really changed by the actor, while the > rest is left untouched. > > Cc: Jamal Hadi Salim <jhs@...atatu.com> > Signed-off-by: Antonio Quartulli <antonio@...n-mesh.com> > --- > > Jamal, I'm not adding your Signed-off because the patches has new part with > respect to v1. > > > Changes from v1: > - use '&=' tcf_skbedit() to clean the mark > - extend tcf_skbedit_dump() in order to send the mask as well > > > > > > include/net/tc_act/tc_skbedit.h | 1 + > include/uapi/linux/tc_act/tc_skbedit.h | 2 ++ > net/sched/act_skbedit.c | 24 +++++++++++++++++++++--- > 3 files changed, 24 insertions(+), 3 deletions(-) > > diff --git a/include/net/tc_act/tc_skbedit.h b/include/net/tc_act/tc_skbedit.h > index 0df9a0d..a385c68 100644 > --- a/include/net/tc_act/tc_skbedit.h > +++ b/include/net/tc_act/tc_skbedit.h > @@ -26,6 +26,7 @@ struct tcf_skbedit { > u32 flags; > u32 priority; > u32 mark; > + u32 mask; > u16 queue_mapping; > /* XXX: 16-bit pad here? */ > }; > diff --git a/include/uapi/linux/tc_act/tc_skbedit.h b/include/uapi/linux/tc_act/tc_skbedit.h > index 7a2e910..c7c8c5f 100644 > --- a/include/uapi/linux/tc_act/tc_skbedit.h > +++ b/include/uapi/linux/tc_act/tc_skbedit.h > @@ -27,6 +27,7 @@ > #define SKBEDIT_F_PRIORITY 0x1 > #define SKBEDIT_F_QUEUE_MAPPING 0x2 > #define SKBEDIT_F_MARK 0x4 > +#define SKBEDIT_F_MASK 0x8 > > struct tc_skbedit { > tc_gen; > @@ -39,6 +40,7 @@ enum { > TCA_SKBEDIT_PRIORITY, > TCA_SKBEDIT_QUEUE_MAPPING, > TCA_SKBEDIT_MARK, > + TCA_SKBEDIT_MASK, > __TCA_SKBEDIT_MAX > }; > #define TCA_SKBEDIT_MAX (__TCA_SKBEDIT_MAX - 1) > diff --git a/net/sched/act_skbedit.c b/net/sched/act_skbedit.c > index fcfeeaf..6111b06 100644 > --- a/net/sched/act_skbedit.c > +++ b/net/sched/act_skbedit.c > @@ -43,8 +43,12 @@ static int tcf_skbedit(struct sk_buff *skb, const struct tc_action *a, > if (d->flags & SKBEDIT_F_QUEUE_MAPPING && > skb->dev->real_num_tx_queues > d->queue_mapping) > skb_set_queue_mapping(skb, d->queue_mapping); > - if (d->flags & SKBEDIT_F_MARK) > - skb->mark = d->mark; > + if (d->flags & SKBEDIT_F_MARK) { > + /* unset all the bits in the mask */ > + skb->mark &= ~d->mask; > + /* assign the mark value for the masked bit only */ > + skb->mark |= d->mark & d->mask; > + } > > spin_unlock(&d->tcf_lock); > return d->tcf_action; > @@ -55,6 +59,7 @@ static const struct nla_policy skbedit_policy[TCA_SKBEDIT_MAX + 1] = { > [TCA_SKBEDIT_PRIORITY] = { .len = sizeof(u32) }, > [TCA_SKBEDIT_QUEUE_MAPPING] = { .len = sizeof(u16) }, > [TCA_SKBEDIT_MARK] = { .len = sizeof(u32) }, > + [TCA_SKBEDIT_MASK] = { .len = sizeof(u32) }, > }; > > static int tcf_skbedit_init(struct net *net, struct nlattr *nla, > @@ -64,7 +69,7 @@ static int tcf_skbedit_init(struct net *net, struct nlattr *nla, > struct nlattr *tb[TCA_SKBEDIT_MAX + 1]; > struct tc_skbedit *parm; > struct tcf_skbedit *d; > - u32 flags = 0, *priority = NULL, *mark = NULL; > + u32 flags = 0, *priority = NULL, *mark = NULL, *mask = NULL; > u16 *queue_mapping = NULL; > int ret = 0, err; > > @@ -93,6 +98,11 @@ static int tcf_skbedit_init(struct net *net, struct nlattr *nla, > mark = nla_data(tb[TCA_SKBEDIT_MARK]); > } > > + if (tb[TCA_SKBEDIT_MASK] != NULL) { > + flags |= SKBEDIT_F_MASK; > + mask = nla_data(tb[TCA_SKBEDIT_MASK]); > + } > + > if (!flags) > return -EINVAL; > > @@ -123,6 +133,10 @@ static int tcf_skbedit_init(struct net *net, struct nlattr *nla, > d->queue_mapping = *queue_mapping; > if (flags & SKBEDIT_F_MARK) > d->mark = *mark; > + /* default behaviour is to use all the bits */ > + d->mask = 0xffffffff; > + if (flags & SKBEDIT_F_MASK) > + d->mask = *mask; > > d->tcf_action = parm->action; > > @@ -160,6 +174,10 @@ static int tcf_skbedit_dump(struct sk_buff *skb, struct tc_action *a, > nla_put(skb, TCA_SKBEDIT_MARK, sizeof(d->mark), > &d->mark)) > goto nla_put_failure; > + if ((d->flags & SKBEDIT_F_MASK) && > + nla_put(skb, TCA_SKBEDIT_MASK, sizeof(d->mask), > + &d->mark)) > + goto nla_put_failure; > t.install = jiffies_to_clock_t(jiffies - d->tcf_tm.install); > t.lastuse = jiffies_to_clock_t(jiffies - d->tcf_tm.lastuse); > t.expires = jiffies_to_clock_t(d->tcf_tm.expires); > -- > 1.8.5.5 > > -- > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists