Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6ffcea79 authored by Jarno Rajahalme's avatar Jarno Rajahalme Committed by David S. Miller
Browse files

openvswitch: Refactor labels initialization. 



Refactoring conntrack labels initialization makes changes in later
patches easier to review.

Signed-off-by: default avatarJarno Rajahalme <jarno@ovn.org>
Acked-by: default avatarPravin B Shelar <pshelar@ovn.org>
Acked-by: default avatarJoe Stringer <joe@ovn.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent b87cec38

net/openvswitch/conntrack.c

+62 −42
Original line number Diff line number Diff line
@@ -227,19 +227,12 @@ int ovs_ct_put_key(const struct sw_flow_key *key, struct sk_buff *skb) 
	return 0;

}



static int ovs_ct_set_mark(struct sk_buff *skb, struct sw_flow_key *key,

static int ovs_ct_set_mark(struct nf_conn *ct, struct sw_flow_key *key,

			   u32 ct_mark, u32 mask)

{

#if IS_ENABLED(CONFIG_NF_CONNTRACK_MARK)

	enum ip_conntrack_info ctinfo;

	struct nf_conn *ct;

	u32 new_mark;



	/* The connection could be invalid, in which case set_mark is no-op. */

	ct = nf_ct_get(skb, &ctinfo);

	if (!ct)

		return 0;



	new_mark = ct_mark | (ct->mark & ~(mask));

	if (ct->mark != new_mark) {

		ct->mark = new_mark;
@@ -254,50 +247,66 @@ static int ovs_ct_set_mark(struct sk_buff *skb, struct sw_flow_key *key, 
#endif

}



static int ovs_ct_set_labels(struct sk_buff *skb, struct sw_flow_key *key,

			     const struct ovs_key_ct_labels *labels,

			     const struct ovs_key_ct_labels *mask)

static struct nf_conn_labels *ovs_ct_get_conn_labels(struct nf_conn *ct)

{

	enum ip_conntrack_info ctinfo;

	struct nf_conn_labels *cl;

	struct nf_conn *ct;



	/* The connection could be invalid, in which case set_label is no-op.*/

	ct = nf_ct_get(skb, &ctinfo);

	if (!ct)

		return 0;



	cl = nf_ct_labels_find(ct);

	if (!cl) {

		nf_ct_labels_ext_add(ct);

		cl = nf_ct_labels_find(ct);

	}



	return cl;

}



/* Initialize labels for a new, yet to be committed conntrack entry.  Note that

 * since the new connection is not yet confirmed, and thus no-one else has

 * access to it's labels, we simply write them over.  Also, we refrain from

 * triggering events, as receiving change events before the create event would

 * be confusing.

 */

static int ovs_ct_init_labels(struct nf_conn *ct, struct sw_flow_key *key,

			      const struct ovs_key_ct_labels *labels,

			      const struct ovs_key_ct_labels *mask)

{

	struct nf_conn_labels *cl;

	u32 *dst;

	int i;



	cl = ovs_ct_get_conn_labels(ct);

	if (!cl)

		return -ENOSPC;



	if (nf_ct_is_confirmed(ct)) {

		/* Triggers a change event, which makes sense only for

		 * confirmed connections.

		 */

		int err = nf_connlabels_replace(ct, labels->ct_labels_32,

	dst = (u32 *)cl->bits;

	for (i = 0; i < OVS_CT_LABELS_LEN_32; i++)

		dst[i] = (dst[i] & ~mask->ct_labels_32[i]) |

			(labels->ct_labels_32[i] & mask->ct_labels_32[i]);



	memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN);



	return 0;

}



static int ovs_ct_set_labels(struct nf_conn *ct, struct sw_flow_key *key,

			     const struct ovs_key_ct_labels *labels,

			     const struct ovs_key_ct_labels *mask)

{

	struct nf_conn_labels *cl;

	int err;



	cl = ovs_ct_get_conn_labels(ct);

	if (!cl)

		return -ENOSPC;



	err = nf_connlabels_replace(ct, labels->ct_labels_32,

				    mask->ct_labels_32,

				    OVS_CT_LABELS_LEN_32);

	if (err)

		return err;

	} else {

		u32 *dst = (u32 *)cl->bits;

		const u32 *msk = mask->ct_labels_32;

		const u32 *lbl = labels->ct_labels_32;

		int i;



		/* No-one else has access to the non-confirmed entry, copy

		 * labels over, keeping any bits we are not explicitly setting.

		 */

		for (i = 0; i < OVS_CT_LABELS_LEN_32; i++)

			dst[i] = (dst[i] & ~msk[i]) | (lbl[i] & msk[i]);

	}

	memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN);



	ovs_ct_get_labels(ct, &key->ct.labels);

	return 0;

}
@@ -877,24 +886,35 @@ static int ovs_ct_commit(struct net *net, struct sw_flow_key *key, 
			 const struct ovs_conntrack_info *info,

			 struct sk_buff *skb)

{

	enum ip_conntrack_info ctinfo;

	struct nf_conn *ct;

	int err;



	err = __ovs_ct_lookup(net, key, info, skb);

	if (err)

		return err;



	/* The connection could be invalid, in which case this is a no-op.*/

	ct = nf_ct_get(skb, &ctinfo);

	if (!ct)

		return 0;



	/* Apply changes before confirming the connection so that the initial

	 * conntrack NEW netlink event carries the values given in the CT

	 * action.

	 */

	if (info->mark.mask) {

		err = ovs_ct_set_mark(skb, key, info->mark.value,

		err = ovs_ct_set_mark(ct, key, info->mark.value,

				      info->mark.mask);

		if (err)

			return err;

	}

	if (labels_nonzero(&info->labels.mask)) {

		err = ovs_ct_set_labels(skb, key, &info->labels.value,

		if (!nf_ct_is_confirmed(ct))

			err = ovs_ct_init_labels(ct, key, &info->labels.value,

						 &info->labels.mask);

		else

			err = ovs_ct_set_labels(ct, key, &info->labels.value,

						&info->labels.mask);

		if (err)

			return err;