Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 809420,
    "url": "http://patchwork.ozlabs.org/api/1.2/patches/809420/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/1504478435-13160-8-git-send-email-pablo@netfilter.org/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/1.2/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<1504478435-13160-8-git-send-email-pablo@netfilter.org>",
    "list_archive_url": null,
    "date": "2017-09-03T22:40:18",
    "name": "[30/47] netfilter: rt: add support to fetch path mss",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": false,
    "hash": "527c38f0d422a0c6508c8e64c9a7b16281f55dca",
    "submitter": {
        "id": 1315,
        "url": "http://patchwork.ozlabs.org/api/1.2/people/1315/?format=api",
        "name": "Pablo Neira Ayuso",
        "email": "pablo@netfilter.org"
    },
    "delegate": {
        "id": 6139,
        "url": "http://patchwork.ozlabs.org/api/1.2/users/6139/?format=api",
        "username": "pablo",
        "first_name": "Pablo",
        "last_name": "Neira",
        "email": "pablo@netfilter.org"
    },
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/1504478435-13160-8-git-send-email-pablo@netfilter.org/mbox/",
    "series": [
        {
            "id": 1282,
            "url": "http://patchwork.ozlabs.org/api/1.2/series/1282/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=1282",
            "date": "2017-09-03T22:40:11",
            "name": null,
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/1282/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/809420/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/809420/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<netfilter-devel-owner@vger.kernel.org>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org",
        "Authentication-Results": "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netfilter-devel-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)",
        "Received": [
            "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xlny62R9Pz9s8J\n\tfor <incoming@patchwork.ozlabs.org>;\n\tMon,  4 Sep 2017 08:41:02 +1000 (AEST)",
            "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1753318AbdICWlA (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);\n\tSun, 3 Sep 2017 18:41:00 -0400",
            "from mail.us.es ([193.147.175.20]:52722 \"EHLO mail.us.es\"\n\trhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP\n\tid S1753265AbdICWk5 (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);\n\tSun, 3 Sep 2017 18:40:57 -0400",
            "from antivirus1-rhel7.int (unknown [192.168.2.11])\n\tby mail.us.es (Postfix) with ESMTP id 846B2190F62\n\tfor <netfilter-devel@vger.kernel.org>;\n\tMon,  4 Sep 2017 00:40:30 +0200 (CEST)",
            "from antivirus1-rhel7.int (localhost [127.0.0.1])\n\tby antivirus1-rhel7.int (Postfix) with ESMTP id 753D72DC87\n\tfor <netfilter-devel@vger.kernel.org>;\n\tMon,  4 Sep 2017 00:40:30 +0200 (CEST)",
            "by antivirus1-rhel7.int (Postfix, from userid 99)\n\tid 6ADEFA8271; Mon,  4 Sep 2017 00:40:30 +0200 (CEST)",
            "from antivirus1-rhel7.int (localhost [127.0.0.1])\n\tby antivirus1-rhel7.int (Postfix) with ESMTP id 5342FDA2AF;\n\tMon,  4 Sep 2017 00:40:28 +0200 (CEST)",
            "from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int\n\t(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); \n\tMon, 04 Sep 2017 00:40:28 +0200 (CEST)",
            "from salvia.here (unknown [31.4.193.113])\n\t(Authenticated sender: 1984lsi)\n\tby entrada.int (Postfix) with ESMTPA id F3BBD4265A20;\n\tMon,  4 Sep 2017 00:40:27 +0200 (CEST)"
        ],
        "X-Spam-Checker-Version": "SpamAssassin 3.4.1 (2015-04-28) on\n\tantivirus1-rhel7.int",
        "X-Spam-Level": "",
        "X-Spam-Status": "No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50,\n\tSMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1",
        "X-Virus-Status": "clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int)",
        "X-SMTPAUTHUS": "auth mail.us.es",
        "From": "Pablo Neira Ayuso <pablo@netfilter.org>",
        "To": "netfilter-devel@vger.kernel.org",
        "Cc": "davem@davemloft.net, netdev@vger.kernel.org",
        "Subject": "[PATCH 30/47] netfilter: rt: add support to fetch path mss",
        "Date": "Mon,  4 Sep 2017 00:40:18 +0200",
        "Message-Id": "<1504478435-13160-8-git-send-email-pablo@netfilter.org>",
        "X-Mailer": "git-send-email 2.1.4",
        "In-Reply-To": "<1504478435-13160-1-git-send-email-pablo@netfilter.org>",
        "References": "<1504478435-13160-1-git-send-email-pablo@netfilter.org>",
        "X-Virus-Scanned": "ClamAV using ClamSMTP",
        "Sender": "netfilter-devel-owner@vger.kernel.org",
        "Precedence": "bulk",
        "List-ID": "<netfilter-devel.vger.kernel.org>",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org"
    },
    "content": "From: Florian Westphal <fw@strlen.de>\n\nto be used in combination with tcp option set support to mimic\niptables TCPMSS --clamp-mss-to-pmtu.\n\nv2: Eric Dumazet points out dst must be initialized.\n\nSigned-off-by: Florian Westphal <fw@strlen.de>\nSigned-off-by: Pablo Neira Ayuso <pablo@netfilter.org>\n---\n include/uapi/linux/netfilter/nf_tables.h |  2 +\n net/netfilter/nft_rt.c                   | 66 ++++++++++++++++++++++++++++++++\n 2 files changed, 68 insertions(+)",
    "diff": "diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h\nindex 40fd199f7531..b49da72efa68 100644\n--- a/include/uapi/linux/netfilter/nf_tables.h\n+++ b/include/uapi/linux/netfilter/nf_tables.h\n@@ -811,11 +811,13 @@ enum nft_meta_keys {\n  * @NFT_RT_CLASSID: realm value of packet's route (skb->dst->tclassid)\n  * @NFT_RT_NEXTHOP4: routing nexthop for IPv4\n  * @NFT_RT_NEXTHOP6: routing nexthop for IPv6\n+ * @NFT_RT_TCPMSS: fetch current path tcp mss\n  */\n enum nft_rt_keys {\n \tNFT_RT_CLASSID,\n \tNFT_RT_NEXTHOP4,\n \tNFT_RT_NEXTHOP6,\n+\tNFT_RT_TCPMSS,\n };\n \n /**\ndiff --git a/net/netfilter/nft_rt.c b/net/netfilter/nft_rt.c\nindex c7383d8f88d0..e142e65d3176 100644\n--- a/net/netfilter/nft_rt.c\n+++ b/net/netfilter/nft_rt.c\n@@ -23,6 +23,42 @@ struct nft_rt {\n \tenum nft_registers\tdreg:8;\n };\n \n+static u16 get_tcpmss(const struct nft_pktinfo *pkt, const struct dst_entry *skbdst)\n+{\n+\tu32 minlen = sizeof(struct ipv6hdr), mtu = dst_mtu(skbdst);\n+\tconst struct sk_buff *skb = pkt->skb;\n+\tconst struct nf_afinfo *ai;\n+\tstruct flowi fl;\n+\n+\tmemset(&fl, 0, sizeof(fl));\n+\n+\tswitch (nft_pf(pkt)) {\n+\tcase NFPROTO_IPV4:\n+\t\tfl.u.ip4.daddr = ip_hdr(skb)->saddr;\n+\t\tminlen = sizeof(struct iphdr);\n+\t\tbreak;\n+\tcase NFPROTO_IPV6:\n+\t\tfl.u.ip6.daddr = ipv6_hdr(skb)->saddr;\n+\t\tbreak;\n+\t}\n+\n+\tai = nf_get_afinfo(nft_pf(pkt));\n+\tif (ai) {\n+\t\tstruct dst_entry *dst = NULL;\n+\n+\t\tai->route(nft_net(pkt), &dst, &fl, false);\n+\t\tif (dst) {\n+\t\t\tmtu = min(mtu, dst_mtu(dst));\n+\t\t\tdst_release(dst);\n+\t\t}\n+\t}\n+\n+\tif (mtu <= minlen || mtu > 0xffff)\n+\t\treturn TCP_MSS_DEFAULT;\n+\n+\treturn mtu - minlen;\n+}\n+\n static void nft_rt_get_eval(const struct nft_expr *expr,\n \t\t\t    struct nft_regs *regs,\n \t\t\t    const struct nft_pktinfo *pkt)\n@@ -57,6 +93,9 @@ static void nft_rt_get_eval(const struct nft_expr *expr,\n \t\t\t\t\t &ipv6_hdr(skb)->daddr),\n \t\t       sizeof(struct in6_addr));\n \t\tbreak;\n+\tcase NFT_RT_TCPMSS:\n+\t\tnft_reg_store16(dest, get_tcpmss(pkt, dst));\n+\t\tbreak;\n \tdefault:\n \t\tWARN_ON(1);\n \t\tgoto err;\n@@ -94,6 +133,9 @@ static int nft_rt_get_init(const struct nft_ctx *ctx,\n \tcase NFT_RT_NEXTHOP6:\n \t\tlen = sizeof(struct in6_addr);\n \t\tbreak;\n+\tcase NFT_RT_TCPMSS:\n+\t\tlen = sizeof(u16);\n+\t\tbreak;\n \tdefault:\n \t\treturn -EOPNOTSUPP;\n \t}\n@@ -118,6 +160,29 @@ static int nft_rt_get_dump(struct sk_buff *skb,\n \treturn -1;\n }\n \n+static int nft_rt_validate(const struct nft_ctx *ctx, const struct nft_expr *expr,\n+\t\t\t   const struct nft_data **data)\n+{\n+\tconst struct nft_rt *priv = nft_expr_priv(expr);\n+\tunsigned int hooks;\n+\n+\tswitch (priv->key) {\n+\tcase NFT_RT_NEXTHOP4:\n+\tcase NFT_RT_NEXTHOP6:\n+\tcase NFT_RT_CLASSID:\n+\t\treturn 0;\n+\tcase NFT_RT_TCPMSS:\n+\t\thooks = (1 << NF_INET_FORWARD) |\n+\t\t\t(1 << NF_INET_LOCAL_OUT) |\n+\t\t\t(1 << NF_INET_POST_ROUTING);\n+\t\tbreak;\n+\tdefault:\n+\t\treturn -EINVAL;\n+\t}\n+\n+\treturn nft_chain_validate_hooks(ctx->chain, hooks);\n+}\n+\n static struct nft_expr_type nft_rt_type;\n static const struct nft_expr_ops nft_rt_get_ops = {\n \t.type\t\t= &nft_rt_type,\n@@ -125,6 +190,7 @@ static const struct nft_expr_ops nft_rt_get_ops = {\n \t.eval\t\t= nft_rt_get_eval,\n \t.init\t\t= nft_rt_get_init,\n \t.dump\t\t= nft_rt_get_dump,\n+\t.validate\t= nft_rt_validate,\n };\n \n static struct nft_expr_type nft_rt_type __read_mostly = {\n",
    "prefixes": [
        "30/47"
    ]
}