From patchwork Wed Jun 16 21:16:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Westphal X-Patchwork-Id: 1493087 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4G4ygk5tvQz9sRf for ; Thu, 17 Jun 2021 07:17:22 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233963AbhFPVT2 (ORCPT ); Wed, 16 Jun 2021 17:19:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60400 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233836AbhFPVT2 (ORCPT ); Wed, 16 Jun 2021 17:19:28 -0400 Received: from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc [IPv6:2a0a:51c0:0:12e:520::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E9ABEC061574 for ; Wed, 16 Jun 2021 14:17:21 -0700 (PDT) Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.92) (envelope-from ) id 1ltcuW-0002St-0q; Wed, 16 Jun 2021 23:17:20 +0200 From: Florian Westphal To: Cc: jake.owen@superloop.com, Florian Westphal Subject: [PATCH nft 0/8] Enableruntime queue selection via jhash, numgen and map statement Date: Wed, 16 Jun 2021 23:16:44 +0200 Message-Id: <20210616211652.11765-1-fw@strlen.de> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Back in 2016 Liping Zhang added support to kernel and libnftnl to specify a source register containing the queue number to use. This was never added to nft itself, so allow this. On linearization side, check if attached expression is a range. If its not, allocate a new register and set NFTNL_EXPR_QUEUE_SREG_QNUM attribute after generating the lowlevel expressions for the kernel. On delinarization we need to check for presence of NFTNL_EXPR_QUEUE_SREG_QNUM and decode the expression(s) when present. Also need to do postprocessing for STMT_QUEUE so that the protocol context is set correctly, without this only raw payload expressions will be shown (@nh,32,...) instead of 'ip ...'. Unfortunately, it turned out that just removing the eval checks to allow arbitrary statements as 'num' argument results in parser problems. One example is this: queue num jhash ip saddr mod 4 bypass This fails because scanner is still in 'ip' state, not 'queue', when "bypass" is read, so this will not be recognized as belonging to the queue statement. This series solves this in the following way: 1. On output, nft will now always prepend the flags, i.e. queue flags bypass num 42 2. On input, 'queue num' is restricted to numbers and ranges. This is backwards compatible because range and value were the only permitted inputs (eval step rejects non-constant expressions). 3. To use numgen or jhash, new grammar is added: queue flags bypass to jhash ip saddr mod 4 I've restricted the 'to' expressions to numgen, (sym)hash and map for now. This can be relaxed later on if other usecases become available. Florian Westphal (8): evaluate: fix hash expression maxval parser: restrict queue num expressiveness src: add queue expr and flags to queue_stmt_alloc parser: add queue_stmt_compat parser: new queue flag input format src: queue: allow use of arbitrary queue expressions tests: extend queue testcases for new sreg support src: queue: allow use of MAP statement for queue number retrieval doc/statements.txt | 10 +++- include/statement.h | 3 +- src/evaluate.c | 21 +++++---- src/netlink_delinearize.c | 56 +++++++++++++++------- src/netlink_linearize.c | 28 +++++++++-- src/parser_bison.y | 38 ++++++++++++--- src/parser_json.c | 22 ++++----- src/statement.c | 30 +++++++++--- tests/py/any/queue.t | 18 ++++++-- tests/py/any/queue.t.json | 90 ++++++++++++++++++++++++++++++++++++ tests/py/any/queue.t.payload | 25 ++++++++++ 11 files changed, 281 insertions(+), 60 deletions(-)