Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 53592b36 authored by Shmulik Ladkani's avatar Shmulik Ladkani Committed by David S. Miller
Browse files

net/sched: act_mirred: Implement ingress actions 



Up until now, 'action mirred' supported only egress actions (either
TCA_EGRESS_REDIR or TCA_EGRESS_MIRROR).

This patch implements the corresponding ingress actions
TCA_INGRESS_REDIR and TCA_INGRESS_MIRROR.

This allows attaching filters whose target is to hand matching skbs into
the rx processing of a specified device.

Signed-off-by: default avatarShmulik Ladkani <shmulik.ladkani@gmail.com>
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Cong Wang <xiyou.wangcong@gmail.com>
Tested-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
Acked-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 5724b8b5

net/sched/act_mirred.c

+45 −6
Original line number Diff line number Diff line
@@ -33,6 +33,25 @@ 
static LIST_HEAD(mirred_list);

static DEFINE_SPINLOCK(mirred_list_lock);



static bool tcf_mirred_is_act_redirect(int action)

{

	return action == TCA_EGRESS_REDIR || action == TCA_INGRESS_REDIR;

}



static u32 tcf_mirred_act_direction(int action)

{

	switch (action) {

	case TCA_EGRESS_REDIR:

	case TCA_EGRESS_MIRROR:

		return AT_EGRESS;

	case TCA_INGRESS_REDIR:

	case TCA_INGRESS_MIRROR:

		return AT_INGRESS;

	default:

		BUG();

	}

}



static void tcf_mirred_release(struct tc_action *a, int bind)

{

	struct tcf_mirred *m = to_mirred(a);
@@ -97,6 +116,8 @@ static int tcf_mirred_init(struct net *net, struct nlattr *nla, 
	switch (parm->eaction) {

	case TCA_EGRESS_MIRROR:

	case TCA_EGRESS_REDIR:

	case TCA_INGRESS_REDIR:

	case TCA_INGRESS_MIRROR:

		break;

	default:

		if (exists)
@@ -156,15 +177,20 @@ static int tcf_mirred(struct sk_buff *skb, const struct tc_action *a, 
		      struct tcf_result *res)

{

	struct tcf_mirred *m = to_mirred(a);

	bool m_mac_header_xmit;

	struct net_device *dev;

	struct sk_buff *skb2;

	int retval, err;

	int retval, err = 0;

	int m_eaction;

	int mac_len;

	u32 at;



	tcf_lastuse_update(&m->tcf_tm);

	bstats_cpu_update(this_cpu_ptr(m->common.cpu_bstats), skb);



	rcu_read_lock();

	m_mac_header_xmit = READ_ONCE(m->tcfm_mac_header_xmit);

	m_eaction = READ_ONCE(m->tcfm_eaction);

	retval = READ_ONCE(m->tcf_action);

	dev = rcu_dereference(m->tcfm_dev);

	if (unlikely(!dev)) {
@@ -183,23 +209,36 @@ static int tcf_mirred(struct sk_buff *skb, const struct tc_action *a, 
	if (!skb2)

		goto out;



	if (!(at & AT_EGRESS)) {

		if (m->tcfm_mac_header_xmit)

	/* If action's target direction differs than filter's direction,

	 * and devices expect a mac header on xmit, then mac push/pull is

	 * needed.

	 */

	if (at != tcf_mirred_act_direction(m_eaction) && m_mac_header_xmit) {

		if (at & AT_EGRESS) {

			/* caught at egress, act ingress: pull mac */

			mac_len = skb_network_header(skb) - skb_mac_header(skb);

			skb_pull_rcsum(skb2, mac_len);

		} else {

			/* caught at ingress, act egress: push mac */

			skb_push_rcsum(skb2, skb->mac_len);

		}

	}



	/* mirror is always swallowed */

	if (m->tcfm_eaction != TCA_EGRESS_MIRROR)

	if (tcf_mirred_is_act_redirect(m_eaction))

		skb2->tc_verd = SET_TC_FROM(skb2->tc_verd, at);



	skb2->skb_iif = skb->dev->ifindex;

	skb2->dev = dev;

	if (tcf_mirred_act_direction(m_eaction) & AT_EGRESS)

		err = dev_queue_xmit(skb2);

	else

		err = netif_receive_skb(skb2);



	if (err) {

out:

		qstats_overlimit_inc(this_cpu_ptr(m->common.cpu_qstats));

		if (m->tcfm_eaction != TCA_EGRESS_MIRROR)

		if (tcf_mirred_is_act_redirect(m_eaction))

			retval = TC_ACT_SHOT;

	}

	rcu_read_unlock();