| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230819163515.2266246-3-victor@mojatatu.com>
Date: Sat, 19 Aug 2023 13:35:13 -0300
From: Victor Nogueira <victor@...atatu.com>
To: jhs@...atatu.com,
xiyou.wangcong@...il.com,
jiri@...nulli.us,
davem@...emloft.net,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
netdev@...r.kernel.org
Cc: mleitner@...hat.com,
vladbu@...dia.com,
horms@...nel.org,
pctammela@...atatu.com,
kernel@...atatu.com
Subject: [PATCH net-next v2 2/3] net/sched: cls_api: Expose tc block ports to the datapath
The datapath can now find the block of the port in which the packet arrived
at. It can then use it for various activities.
In the next patch we show a simple action that multicasts to all ports
excep for the port in which the packet arrived on.
Co-developed-by: Jamal Hadi Salim <jhs@...atatu.com>
Signed-off-by: Jamal Hadi Salim <jhs@...atatu.com>
Co-developed-by: Pedro Tammela <pctammela@...atatu.com>
Signed-off-by: Pedro Tammela <pctammela@...atatu.com>
Signed-off-by: Victor Nogueira <victor@...atatu.com>
---
include/net/sch_generic.h | 4 ++++
net/sched/cls_api.c | 10 +++++++++-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h
index 824a0ecb5afc..c5defb166ef6 100644
--- a/include/net/sch_generic.h
+++ b/include/net/sch_generic.h
@@ -440,6 +440,8 @@ struct qdisc_skb_cb {
};
#define QDISC_CB_PRIV_LEN 20
unsigned char data[QDISC_CB_PRIV_LEN];
+ /* This should allow eBPF to continue to align */
+ u32 block_index;
};
typedef void tcf_chain_head_change_t(struct tcf_proto *tp_head, void *priv);
@@ -488,6 +490,8 @@ struct tcf_block {
struct mutex proto_destroy_lock; /* Lock for proto_destroy hashtable. */
};
+struct tcf_block *tcf_block_lookup(struct net *net, u32 block_index);
+
static inline bool lockdep_tcf_chain_is_locked(struct tcf_chain *chain)
{
return lockdep_is_held(&chain->filter_chain_lock);
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index a976792ef02f..00e776cdd3fc 100644
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -1011,12 +1011,13 @@ static struct tcf_block *tcf_block_create(struct net *net, struct Qdisc *q,
return block;
}
-static struct tcf_block *tcf_block_lookup(struct net *net, u32 block_index)
+struct tcf_block *tcf_block_lookup(struct net *net, u32 block_index)
{
struct tcf_net *tn = net_generic(net, tcf_net_id);
return idr_find(&tn->idr, block_index);
}
+EXPORT_SYMBOL(tcf_block_lookup);
static struct tcf_block *tcf_block_refcnt_get(struct net *net, u32 block_index)
{
@@ -1737,9 +1738,13 @@ int tcf_classify(struct sk_buff *skb,
const struct tcf_proto *tp,
struct tcf_result *res, bool compat_mode)
{
+ struct qdisc_skb_cb *qdisc_cb = qdisc_skb_cb(skb);
+
#if !IS_ENABLED(CONFIG_NET_TC_SKB_EXT)
u32 last_executed_chain = 0;
+ qdisc_cb->block_index = block ? block->index : 0;
+
return __tcf_classify(skb, tp, tp, res, compat_mode, NULL, 0,
&last_executed_chain);
#else
@@ -1751,6 +1756,7 @@ int tcf_classify(struct sk_buff *skb,
int ret;
if (block) {
+ qdisc_cb->block_index = block->index;
ext = skb_ext_find(skb, TC_SKB_EXT);
if (ext && (ext->chain || ext->act_miss)) {
@@ -1778,6 +1784,8 @@ int tcf_classify(struct sk_buff *skb,
tp = rcu_dereference_bh(fchain->filter_chain);
last_executed_chain = fchain->index;
}
+ } else {
+ qdisc_cb->block_index = 0;
}
ret = __tcf_classify(skb, tp, orig_tp, res, compat_mode, n, act_index,
--
2.25.1
Powered by blists - more mailing lists