cls_api: add translator to flow_action representation
authorPablo Neira Ayuso <pablo@netfilter.org>
Sat, 2 Feb 2019 11:50:46 +0000 (12:50 +0100)
committerDavid S. Miller <davem@davemloft.net>
Wed, 6 Feb 2019 18:38:25 +0000 (10:38 -0800)
This patch implements a new function to translate from native TC action
to the new flow_action representation. Moreover, this patch also updates
cls_flower to use this new function.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/pkt_cls.h
net/sched/cls_api.c
net/sched/cls_flower.c

index 74a7582ad47cce939058c7716f9b58bbf0692602..c470c100b92623e57ce4ba7200a653f4bcb687dc 100644 (file)
@@ -620,6 +620,8 @@ tcf_match_indev(struct sk_buff *skb, int ifindex)
 }
 #endif /* CONFIG_NET_CLS_IND */
 
+int tc_setup_flow_action(struct flow_action *flow_action,
+                        const struct tcf_exts *exts);
 int tc_setup_cb_call(struct tcf_block *block, enum tc_setup_type type,
                     void *type_data, bool err_stop);
 unsigned int tcf_exts_num_actions(struct tcf_exts *exts);
index 57713c63ac567c64415f37fe6babe4956e011738..02cf6d2fa0e10253bfd2c8b2fb9090ed327e1960 100644 (file)
 #include <net/pkt_sched.h>
 #include <net/pkt_cls.h>
 #include <net/tc_act/tc_pedit.h>
+#include <net/tc_act/tc_mirred.h>
+#include <net/tc_act/tc_vlan.h>
+#include <net/tc_act/tc_tunnel_key.h>
+#include <net/tc_act/tc_csum.h>
+#include <net/tc_act/tc_gact.h>
+#include <net/tc_act/tc_skbedit.h>
+#include <net/tc_act/tc_mirred.h>
 
 extern const struct nla_policy rtm_tca_policy[TCA_MAX + 1];
 
@@ -2516,6 +2523,98 @@ int tc_setup_cb_call(struct tcf_block *block, enum tc_setup_type type,
 }
 EXPORT_SYMBOL(tc_setup_cb_call);
 
+int tc_setup_flow_action(struct flow_action *flow_action,
+                        const struct tcf_exts *exts)
+{
+       const struct tc_action *act;
+       int i, j, k;
+
+       if (!exts)
+               return 0;
+
+       j = 0;
+       tcf_exts_for_each_action(i, act, exts) {
+               struct flow_action_entry *entry;
+
+               entry = &flow_action->entries[j];
+               if (is_tcf_gact_ok(act)) {
+                       entry->id = FLOW_ACTION_ACCEPT;
+               } else if (is_tcf_gact_shot(act)) {
+                       entry->id = FLOW_ACTION_DROP;
+               } else if (is_tcf_gact_trap(act)) {
+                       entry->id = FLOW_ACTION_TRAP;
+               } else if (is_tcf_gact_goto_chain(act)) {
+                       entry->id = FLOW_ACTION_GOTO;
+                       entry->chain_index = tcf_gact_goto_chain_index(act);
+               } else if (is_tcf_mirred_egress_redirect(act)) {
+                       entry->id = FLOW_ACTION_REDIRECT;
+                       entry->dev = tcf_mirred_dev(act);
+               } else if (is_tcf_mirred_egress_mirror(act)) {
+                       entry->id = FLOW_ACTION_MIRRED;
+                       entry->dev = tcf_mirred_dev(act);
+               } else if (is_tcf_vlan(act)) {
+                       switch (tcf_vlan_action(act)) {
+                       case TCA_VLAN_ACT_PUSH:
+                               entry->id = FLOW_ACTION_VLAN_PUSH;
+                               entry->vlan.vid = tcf_vlan_push_vid(act);
+                               entry->vlan.proto = tcf_vlan_push_proto(act);
+                               entry->vlan.prio = tcf_vlan_push_prio(act);
+                               break;
+                       case TCA_VLAN_ACT_POP:
+                               entry->id = FLOW_ACTION_VLAN_POP;
+                               break;
+                       case TCA_VLAN_ACT_MODIFY:
+                               entry->id = FLOW_ACTION_VLAN_MANGLE;
+                               entry->vlan.vid = tcf_vlan_push_vid(act);
+                               entry->vlan.proto = tcf_vlan_push_proto(act);
+                               entry->vlan.prio = tcf_vlan_push_prio(act);
+                               break;
+                       default:
+                               goto err_out;
+                       }
+               } else if (is_tcf_tunnel_set(act)) {
+                       entry->id = FLOW_ACTION_TUNNEL_ENCAP;
+                       entry->tunnel = tcf_tunnel_info(act);
+               } else if (is_tcf_tunnel_release(act)) {
+                       entry->id = FLOW_ACTION_TUNNEL_DECAP;
+                       entry->tunnel = tcf_tunnel_info(act);
+               } else if (is_tcf_pedit(act)) {
+                       for (k = 0; k < tcf_pedit_nkeys(act); k++) {
+                               switch (tcf_pedit_cmd(act, k)) {
+                               case TCA_PEDIT_KEY_EX_CMD_SET:
+                                       entry->id = FLOW_ACTION_MANGLE;
+                                       break;
+                               case TCA_PEDIT_KEY_EX_CMD_ADD:
+                                       entry->id = FLOW_ACTION_ADD;
+                                       break;
+                               default:
+                                       goto err_out;
+                               }
+                               entry->mangle.htype = tcf_pedit_htype(act, k);
+                               entry->mangle.mask = tcf_pedit_mask(act, k);
+                               entry->mangle.val = tcf_pedit_val(act, k);
+                               entry->mangle.offset = tcf_pedit_offset(act, k);
+                               entry = &flow_action->entries[++j];
+                       }
+               } else if (is_tcf_csum(act)) {
+                       entry->id = FLOW_ACTION_CSUM;
+                       entry->csum_flags = tcf_csum_update_flags(act);
+               } else if (is_tcf_skbedit_mark(act)) {
+                       entry->id = FLOW_ACTION_MARK;
+                       entry->mark = tcf_skbedit_mark(act);
+               } else {
+                       goto err_out;
+               }
+
+               if (!is_tcf_pedit(act))
+                       j++;
+       }
+       return 0;
+err_out:
+       return -EOPNOTSUPP;
+}
+EXPORT_SYMBOL(tc_setup_flow_action);
+
 unsigned int tcf_exts_num_actions(struct tcf_exts *exts)
 {
        unsigned int num_acts = 0;
index 0062c9133a2291cec1150fced96d84f395c34865..48c54ef52a98801de1bb425b6028e4e43bef6009 100644 (file)
@@ -394,6 +394,12 @@ static int fl_hw_replace_filter(struct tcf_proto *tp,
        cls_flower.exts = &f->exts;
        cls_flower.classid = f->res.classid;
 
+       err = tc_setup_flow_action(&cls_flower.rule->action, &f->exts);
+       if (err) {
+               kfree(cls_flower.rule);
+               return err;
+       }
+
        err = tc_setup_cb_call(block, TC_SETUP_CLSFLOWER, &cls_flower, skip_sw);
        kfree(cls_flower.rule);
 
@@ -1483,6 +1489,14 @@ static int fl_reoffload(struct tcf_proto *tp, bool add, tc_setup_cb_t *cb,
                        cls_flower.rule->match.mask = &mask->key;
                        cls_flower.rule->match.key = &f->mkey;
                        cls_flower.exts = &f->exts;
+
+                       err = tc_setup_flow_action(&cls_flower.rule->action,
+                                                  &f->exts);
+                       if (err) {
+                               kfree(cls_flower.rule);
+                               return err;
+                       }
+
                        cls_flower.classid = f->res.classid;
 
                        err = cb(TC_SETUP_CLSFLOWER, &cls_flower, cb_priv);