2021-10-06 13:08:34

by Volodymyr Mytnyk

[permalink] [raw]
Subject: [PATCH net-next] flow_offload: add l4 port range match

From: Volodymyr Mytnyk <[email protected]>

Current flow offload API doen't allow to offload l4 port range
match dissector (FLOW_DISSECTOR_KEY_PORTS_RANGE) in the driver,
as is no relevant data struct that will hold this information
and pass it to the driver.

Thus, to make offload of l4 port range possible by other drivers
add dedicated dissector port range struct to get min and max
value provided by user.

- add flow_dissector_key_ports_range to store
l4 port range match.
- add flow_match_ports_range key/mask

tc cmd example:
tc qd add dev PORT clsact
tc filter add dev PORT protocol ip ingress \
flower skip_sw ip_proto udp src_port 2-37 action drop

Signed-off-by: Volodymyr Mytnyk <[email protected]>
---
include/net/flow_dissector.h | 10 ++++++++++
include/net/flow_offload.h | 6 ++++++
net/core/flow_offload.c | 7 +++++++
3 files changed, 23 insertions(+)

diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h
index ffd386ea0dbb..8eada83a816e 100644
--- a/include/net/flow_dissector.h
+++ b/include/net/flow_dissector.h
@@ -177,6 +177,16 @@ struct flow_dissector_key_ports {
};

/**
+ * struct flow_dissector_key_ports_range:
+ * @tp_min: min port number in range
+ * @tp_max: max port number in range
+ */
+struct flow_dissector_key_ports_range {
+ struct flow_dissector_key_ports tp_min;
+ struct flow_dissector_key_ports tp_max;
+};
+
+/**
* flow_dissector_key_icmp:
* type: ICMP type
* code: ICMP code
diff --git a/include/net/flow_offload.h b/include/net/flow_offload.h
index dc5c1e69cd9f..cb480afa674d 100644
--- a/include/net/flow_offload.h
+++ b/include/net/flow_offload.h
@@ -48,6 +48,10 @@ struct flow_match_ports {
struct flow_dissector_key_ports *key, *mask;
};

+struct flow_match_ports_range {
+ struct flow_dissector_key_ports_range *key, *mask;
+};
+
struct flow_match_icmp {
struct flow_dissector_key_icmp *key, *mask;
};
@@ -94,6 +98,8 @@ void flow_rule_match_ip(const struct flow_rule *rule,
struct flow_match_ip *out);
void flow_rule_match_ports(const struct flow_rule *rule,
struct flow_match_ports *out);
+void flow_rule_match_ports_range(const struct flow_rule *rule,
+ struct flow_match_ports_range *out);
void flow_rule_match_tcp(const struct flow_rule *rule,
struct flow_match_tcp *out);
void flow_rule_match_icmp(const struct flow_rule *rule,
diff --git a/net/core/flow_offload.c b/net/core/flow_offload.c
index 715b67f6c62f..d218c1deb40b 100644
--- a/net/core/flow_offload.c
+++ b/net/core/flow_offload.c
@@ -104,6 +104,13 @@ void flow_rule_match_ports(const struct flow_rule *rule,
}
EXPORT_SYMBOL(flow_rule_match_ports);

+void flow_rule_match_ports_range(const struct flow_rule *rule,
+ struct flow_match_ports_range *out)
+{
+ FLOW_DISSECTOR_MATCH(rule, FLOW_DISSECTOR_KEY_PORTS_RANGE, out);
+}
+EXPORT_SYMBOL(flow_rule_match_ports_range);
+
void flow_rule_match_tcp(const struct flow_rule *rule,
struct flow_match_tcp *out)
{
--
2.7.4


2021-10-07 00:43:16

by Jakub Kicinski

[permalink] [raw]
Subject: Re: [PATCH net-next] flow_offload: add l4 port range match

On Wed, 6 Oct 2021 16:06:54 +0300 Volodymyr Mytnyk wrote:
> From: Volodymyr Mytnyk <[email protected]>
>
> Current flow offload API doen't allow to offload l4 port range
> match dissector (FLOW_DISSECTOR_KEY_PORTS_RANGE) in the driver,
> as is no relevant data struct that will hold this information
> and pass it to the driver.
>
> Thus, to make offload of l4 port range possible by other drivers
> add dedicated dissector port range struct to get min and max
> value provided by user.
>
> - add flow_dissector_key_ports_range to store
> l4 port range match.
> - add flow_match_ports_range key/mask
>
> tc cmd example:
> tc qd add dev PORT clsact
> tc filter add dev PORT protocol ip ingress \
> flower skip_sw ip_proto udp src_port 2-37 action drop
>
> Signed-off-by: Volodymyr Mytnyk <[email protected]>

A driver implementation needs to be posted in the same series.
Otherwise it's an API with no in-tree user. Let's consider this
posting an RFC.

2021-10-07 15:02:57

by Volodymyr Mytnyk [C]

[permalink] [raw]
Subject: Re: [PATCH net-next] flow_offload: add l4 port range match

Hi Jakub,

> > From: Volodymyr Mytnyk <[email protected]>
> >
> > Current flow offload API doen't allow to offload l4 port range
> > match dissector (FLOW_DISSECTOR_KEY_PORTS_RANGE) in the driver,
> > as is no relevant data struct that will hold this information
> > and pass it to the driver.
> >
> > Thus, to make offload of l4 port range possible by other drivers
> > add dedicated dissector port range struct to get min and max
> > value provided by user.
> >
> > - add flow_dissector_key_ports_range to store
> >?? l4 port range match.
> > - add flow_match_ports_range key/mask
> >
> > tc cmd example:
> >???? tc qd add dev PORT clsact
> >???? tc filter add dev PORT protocol ip ingress \
> >???????? flower skip_sw ip_proto udp src_port 2-37 action drop
> >
> > Signed-off-by: Volodymyr Mytnyk <[email protected]>
>
> A driver implementation needs to be posted in the same series.
> Otherwise it's an API with no in-tree user. Let's consider this
> posting an RFC.
>
Ok, thanks for the comment. Will post RFC with driver code usage included.

Regards,
Volodymyr