Patchwork bpf filter : support for vlan tag

login
register
mail settings
Submitter Eric Dumazet
Date Oct. 16, 2012, 6:46 a.m.
Message ID <1350369998.3954.563.camel@edumazet-glaptop>
Download mbox | patch
Permalink /patch/191730/
State RFC
Delegated to: David Miller
Headers show

Comments

Eric Dumazet - Oct. 16, 2012, 6:46 a.m.
On Mon, 2012-10-15 at 19:10 -0700, Ani Sinha wrote:
> Hi :
> 
> I was looking at the kernel side implementation of the BPF filter. I
> do not see any code that supports filtering of packets based on
> provided vlan tag information from the skbuff. This will make it
> impossible to provide any filter to tcpdump that will filter packets
> based on the tag information if libpcap uses the kernel filter.
> 
> Any help will be much appreciated.

Right, we need a basic support, using a new ancillary definition.

Is the following patch enough to address your need, or do you also need
access to vlan_tx_tag_present() ?



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
danborkmann@iogearbox.net - Oct. 16, 2012, 11 a.m.
On Tue, Oct 16, 2012 at 8:46 AM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
> On Mon, 2012-10-15 at 19:10 -0700, Ani Sinha wrote:
>> Hi :
>>
>> I was looking at the kernel side implementation of the BPF filter. I
>> do not see any code that supports filtering of packets based on
>> provided vlan tag information from the skbuff. This will make it
>> impossible to provide any filter to tcpdump that will filter packets
>> based on the tag information if libpcap uses the kernel filter.
>>
>> Any help will be much appreciated.
>
> Right, we need a basic support, using a new ancillary definition.
>
> Is the following patch enough to address your need, or do you also need
> access to vlan_tx_tag_present() ?

I like this patch, it's especially useful to speed up processing for
packet analyzers. vlan_tx_tag_present() might also be good to have if
this doesn't waste to much room for future ancillary operations.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/include/linux/filter.h b/include/linux/filter.h
index 24d251f..0218e41 100644
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -123,6 +123,7 @@  enum {
 	BPF_S_ANC_CPU,
 	BPF_S_ANC_ALU_XOR_X,
 	BPF_S_ANC_SECCOMP_LD_W,
+	BPF_S_ANC_VLAN_TAG,
 };
 
 #endif /* __LINUX_FILTER_H__ */
diff --git a/net/core/filter.c b/net/core/filter.c
index 3d92ebb..de4a5dc 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -341,6 +341,9 @@  load_b:
 		case BPF_S_ANC_CPU:
 			A = raw_smp_processor_id();
 			continue;
+		case BPF_S_ANC_VLAN_TAG:
+			A = vlan_tx_tag_get(skb);
+			continue;
 		case BPF_S_ANC_NLATTR: {
 			struct nlattr *nla;
 
@@ -600,6 +603,7 @@  int sk_chk_filter(struct sock_filter *filter, unsigned int flen)
 			ANCILLARY(RXHASH);
 			ANCILLARY(CPU);
 			ANCILLARY(ALU_XOR_X);
+			ANCILLARY(VLAN_TAG);
 			}
 		}
 		ftest->code = code;