From patchwork Tue Oct 9 22:24:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 981551 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42VBcb6mxVz9sBk for ; Wed, 10 Oct 2018 09:25:03 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727787AbeJJFoC (ORCPT ); Wed, 10 Oct 2018 01:44:02 -0400 Received: from mail.us.es ([193.147.175.20]:46352 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726989AbeJJFoC (ORCPT ); Wed, 10 Oct 2018 01:44:02 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id B58556D999 for ; Wed, 10 Oct 2018 00:24:54 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id BACE5DA87C for ; Wed, 10 Oct 2018 00:24:54 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id A8A5EDA85D; Wed, 10 Oct 2018 00:24:54 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id DC516DA846; Wed, 10 Oct 2018 00:24:52 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Wed, 10 Oct 2018 00:24:52 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id 8ED7F4265A31; Wed, 10 Oct 2018 00:24:52 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Cc: davem@davemloft.net, netdev@vger.kernel.org, roopa@cumulusnetworks.com, amir@vadai.me, pshelar@ovn.org, u9012063@gmail.com, daniel@iogearbox.net, jakub.kicinski@netronome.com Subject: [PATCH net-next 2/3] net: act_tunnel_key: support for tunnel type Date: Wed, 10 Oct 2018 00:24:38 +0200 Message-Id: <20181009222439.29399-3-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181009222439.29399-1-pablo@netfilter.org> References: <20181009222439.29399-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch allows you to set an explicit tunnel driver type in the metadata template. In case of misconfiguration, ie. if the packets ends up in the wrong tunnel device, the packet is dropped. Signed-off-by: Pablo Neira Ayuso --- include/uapi/linux/tc_act/tc_tunnel_key.h | 1 + net/sched/act_tunnel_key.c | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/include/uapi/linux/tc_act/tc_tunnel_key.h b/include/uapi/linux/tc_act/tc_tunnel_key.h index be384d63e1b5..b9822433e7f1 100644 --- a/include/uapi/linux/tc_act/tc_tunnel_key.h +++ b/include/uapi/linux/tc_act/tc_tunnel_key.h @@ -41,6 +41,7 @@ enum { */ TCA_TUNNEL_KEY_ENC_TOS, /* u8 */ TCA_TUNNEL_KEY_ENC_TTL, /* u8 */ + TCA_TUNNEL_KEY_ENC_TYPE, /* u32 */ __TCA_TUNNEL_KEY_MAX, }; diff --git a/net/sched/act_tunnel_key.c b/net/sched/act_tunnel_key.c index 4cca8f274662..7852715603e9 100644 --- a/net/sched/act_tunnel_key.c +++ b/net/sched/act_tunnel_key.c @@ -195,6 +195,7 @@ static const struct nla_policy tunnel_key_policy[TCA_TUNNEL_KEY_MAX + 1] = { [TCA_TUNNEL_KEY_ENC_OPTS] = { .type = NLA_NESTED }, [TCA_TUNNEL_KEY_ENC_TOS] = { .type = NLA_U8 }, [TCA_TUNNEL_KEY_ENC_TTL] = { .type = NLA_U8 }, + [TCA_TUNNEL_KEY_ENC_TYPE] = { .type = NLA_U32 }, }; static int tunnel_key_init(struct net *net, struct nlattr *nla, @@ -215,6 +216,7 @@ static int tunnel_key_init(struct net *net, struct nlattr *nla, __be16 flags; u8 tos, ttl; int ret = 0; + u32 type; int err; if (!nla) { @@ -278,6 +280,10 @@ static int tunnel_key_init(struct net *net, struct nlattr *nla, if (tb[TCA_TUNNEL_KEY_ENC_TTL]) ttl = nla_get_u8(tb[TCA_TUNNEL_KEY_ENC_TTL]); + type = TUNNEL_TYPE_UNSPEC; + if (tb[TCA_TUNNEL_KEY_ENC_TYPE]) + type = nla_get_u32(tb[TCA_TUNNEL_KEY_ENC_TYPE]); + if (tb[TCA_TUNNEL_KEY_ENC_IPV4_SRC] && tb[TCA_TUNNEL_KEY_ENC_IPV4_DST]) { __be32 saddr; @@ -320,6 +326,7 @@ static int tunnel_key_init(struct net *net, struct nlattr *nla, goto release_tun_meta; } + metadata->u.tun_info.type = type; metadata->u.tun_info.mode |= IP_TUNNEL_INFO_TX; break; default: @@ -522,6 +529,8 @@ static int tunnel_key_dump(struct sk_buff *skb, struct tc_action *a, if (key->ttl && nla_put_u8(skb, TCA_TUNNEL_KEY_ENC_TTL, key->ttl)) goto nla_put_failure; + if (nla_put_u32(skb, TCA_TUNNEL_KEY_ENC_TYPE, info->type)) + goto nla_put_failure; } tcf_tm_dump(&tm, &t->tcf_tm);