From patchwork Thu Apr 4 16:07:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eyal Birger X-Patchwork-Id: 1077472 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Tis/rYbK"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44ZntV4jchz9sNw for ; Fri, 5 Apr 2019 03:08:34 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728040AbfDDQId (ORCPT ); Thu, 4 Apr 2019 12:08:33 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:34596 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726790AbfDDQIc (ORCPT ); Thu, 4 Apr 2019 12:08:32 -0400 Received: by mail-wr1-f67.google.com with SMTP id p10so4541721wrq.1 for ; Thu, 04 Apr 2019 09:08:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=ttrRwnSYdIVJpU/jUoxH0VMpmcewi1Cee9BkhStg/IE=; b=Tis/rYbKowolyduUBAXCVaskueFjf3ABUq1O8iQirEB/QvnOn+SzmBZwNWrswumM3h XnA9VPdlPmFhUVgGry0VpxD049HECbRoCHk+cT6LahunUfPopiE3zsPJj6WmT5Cly9tJ w9E4Wv9z5J9+q70K6iTjdtwiEbpierkMFpKDvXqLkX391iKvEmQNM4aNYWasdAd5Txi6 GzWQ1yUTHZuNMd1ddlMFQ+Zg1P7YyHIU8K63DhfyIcCsRNRXELupd+T/RdUImTQ2Xbxf HjVLIlScInsNZhCFSqITzVjbaVX2NYau0AL1yCWivhCjuE3GG9uO+KeFc5g1ayU7iX2Z Y6hA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=ttrRwnSYdIVJpU/jUoxH0VMpmcewi1Cee9BkhStg/IE=; b=qUu2TtMEhrZkVYvX1uloMF3yPCnD2r7MRt/yfMaxBC2ULUieopT7d+m6cnHy3M832k 4AO0pxKT/Zt86JAUEJx8A2NzkJmJeFmyDpcvJ0Bh/Jic1MZyTOS7fwOZEVbxmxiKghc7 4S2DAP5q3N/dzN1HbLhl7IBQdfJH3x0OuqGJbLIRP6nKn9p0jEg2iXdUCAoTjajcmgV9 3AfH1yxvUP89K8cwU98euM0Wh70QGXN43EN82bvO3CXCngnb6jqXffAiKaqkTmUpDv2t eSofoscUfnUeZWZTn30QkIl8ezcvWF1jw/JIPmb3CdhIlxSGzUe1uQ3JwWVqEQcsi1rS 0aVQ== X-Gm-Message-State: APjAAAVO5KbB83ZjrBieemidMdpBDiywsG780/hf6DrWOmsCXeBJjUXF YNTmq5ru0h5gMh8xoIqnm/zj8AciS6g= X-Google-Smtp-Source: APXvYqzXMHLByeZv/Hy1juqrLhs/FyPZbqjcwuThjbdPLxFLziL9yIGq5kQLemqQ9T9JMNVwnQWQHg== X-Received: by 2002:a5d:4a43:: with SMTP id v3mr5091770wrs.126.1554394109731; Thu, 04 Apr 2019 09:08:29 -0700 (PDT) Received: from jimi.lan ([176.230.77.214]) by smtp.gmail.com with ESMTPSA id z23sm10093366wma.0.2019.04.04.09.08.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 04 Apr 2019 09:08:28 -0700 (PDT) From: Eyal Birger To: netdev@vger.kernel.org Cc: antony@phenome.org, Eyal Birger Subject: [PATCH iproute2-next] ip xfrm: support setting/printing XFRMA_IF_ID attribute in states/policies Date: Thu, 4 Apr 2019 19:07:38 +0300 Message-Id: <20190404160738.18687-1-eyal.birger@gmail.com> X-Mailer: git-send-email 2.17.1 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The XFRMA_IF_ID attribute is set in policies/states for them to be associated with an XFRM interface (4.19+). Add support for setting / displaying this attribute. Note that 0 is a valid value therefore set XFRMA_IF_ID if any value was provided in command line. Tested-by: Antony Antony Signed-off-by: Eyal Birger --- ip/ipxfrm.c | 8 ++++++++ ip/xfrm_policy.c | 12 +++++++++++- ip/xfrm_state.c | 11 +++++++++++ 3 files changed, 30 insertions(+), 1 deletion(-) diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c index b153b863..32f56093 100644 --- a/ip/ipxfrm.c +++ b/ip/ipxfrm.c @@ -891,6 +891,14 @@ void xfrm_xfrma_print(struct rtattr *tb[], __u16 family, (xuo->flags & XFRM_OFFLOAD_INBOUND) ? "in" : "out"); fprintf(fp, "%s", _SL_); } + if (tb[XFRMA_IF_ID]) { + __u32 if_id = rta_getattr_u32(tb[XFRMA_IF_ID]); + + if (prefix) + fputs(prefix, fp); + fprintf(fp, "if_id %#x", if_id); + fprintf(fp, "%s", _SL_); + } } static int xfrm_selector_iszero(struct xfrm_selector *s) diff --git a/ip/xfrm_policy.c b/ip/xfrm_policy.c index feccaada..4a63e9ab 100644 --- a/ip/xfrm_policy.c +++ b/ip/xfrm_policy.c @@ -55,7 +55,7 @@ static void usage(void) fprintf(stderr, "Usage: ip xfrm policy { add | update } SELECTOR dir DIR [ ctx CTX ]\n"); fprintf(stderr, " [ mark MARK [ mask MASK ] ] [ index INDEX ] [ ptype PTYPE ]\n"); fprintf(stderr, " [ action ACTION ] [ priority PRIORITY ] [ flag FLAG-LIST ]\n"); - fprintf(stderr, " [ LIMIT-LIST ] [ TMPL-LIST ]\n"); + fprintf(stderr, " [ if_id IF_ID ] [ LIMIT-LIST ] [ TMPL-LIST ]\n"); fprintf(stderr, "Usage: ip xfrm policy { delete | get } { SELECTOR | index INDEX } dir DIR\n"); fprintf(stderr, " [ ctx CTX ] [ mark MARK [ mask MASK ] ] [ ptype PTYPE ]\n"); fprintf(stderr, "Usage: ip xfrm policy { deleteall | list } [ nosock ] [ SELECTOR ] [ dir DIR ]\n"); @@ -270,6 +270,8 @@ static int xfrm_policy_modify(int cmd, unsigned int flags, int argc, char **argv struct xfrm_user_sec_ctx sctx; char str[CTX_BUF_SIZE]; } ctx = {}; + bool is_if_id_set = false; + __u32 if_id = 0; while (argc > 0) { if (strcmp(*argv, "dir") == 0) { @@ -338,6 +340,11 @@ static int xfrm_policy_modify(int cmd, unsigned int flags, int argc, char **argv xfrm_tmpl_parse(tmpl, &argc, &argv); tmpls_len += sizeof(*tmpl); + } else if (strcmp(*argv, "if_id") == 0) { + NEXT_ARG(); + if (get_u32(&if_id, *argv, 0)) + invarg("IF_ID value is invalid", *argv); + is_if_id_set = true; } else { if (selp) duparg("unknown", *argv); @@ -380,6 +387,9 @@ static int xfrm_policy_modify(int cmd, unsigned int flags, int argc, char **argv (void *)&ctx, ctx.sctx.len); } + if (is_if_id_set) + addattr32(&req.n, sizeof(req.buf), XFRMA_IF_ID, if_id); + if (rtnl_open_byproto(&rth, 0, NETLINK_XFRM) < 0) exit(1); diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c index 09292da9..93601437 100644 --- a/ip/xfrm_state.c +++ b/ip/xfrm_state.c @@ -62,6 +62,7 @@ static void usage(void) fprintf(stderr, " [ coa ADDR[/PLEN] ] [ ctx CTX ] [ extra-flag EXTRA-FLAG-LIST ]\n"); fprintf(stderr, " [ offload [dev DEV] dir DIR ]\n"); fprintf(stderr, " [ output-mark OUTPUT-MARK ]\n"); ++ fprintf(stderr, " [ if_id IF_ID ]\n"); fprintf(stderr, "Usage: ip xfrm state allocspi ID [ mode MODE ] [ mark MARK [ mask MASK ] ]\n"); fprintf(stderr, " [ reqid REQID ] [ seq SEQ ] [ min SPI max SPI ]\n"); fprintf(stderr, "Usage: ip xfrm state { delete | get } ID [ mark MARK [ mask MASK ] ]\n"); @@ -326,6 +327,8 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv) char str[CTX_BUF_SIZE]; } ctx = {}; __u32 output_mark = 0; + bool is_if_id_set = false; + __u32 if_id = 0; while (argc > 0) { if (strcmp(*argv, "mode") == 0) { @@ -445,6 +448,11 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv) NEXT_ARG(); if (get_u32(&output_mark, *argv, 0)) invarg("value after \"output-mark\" is invalid", *argv); + } else if (strcmp(*argv, "if_id") == 0) { + NEXT_ARG(); + if (get_u32(&if_id, *argv, 0)) + invarg("value after \"if_id\" is invalid", *argv); + is_if_id_set = true; } else { /* try to assume ALGO */ int type = xfrm_algotype_getbyname(*argv); @@ -627,6 +635,9 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv) } } + if (is_if_id_set) + addattr32(&req.n, sizeof(req.buf), XFRMA_IF_ID, if_id); + if (xfrm_xfrmproto_is_ipsec(req.xsinfo.id.proto)) { switch (req.xsinfo.mode) { case XFRM_MODE_TRANSPORT: