* [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing
@ 2020-11-10 7:53 Zahari Doychev
2020-11-14 3:12 ` David Ahern
0 siblings, 1 reply; 5+ messages in thread
From: Zahari Doychev @ 2020-11-10 7:53 UTC (permalink / raw)
To: netdev; +Cc: dsahern, simon.horman, jhs, jianbol, Zahari Doychev
Currently the icmp and arp parsing functions are called with incorrect
ethtype in case of vlan or cvlan filter options. In this case either
cvlan_ethtype or vlan_ethtype has to be used. The ethtype is now updated
each time a vlan ethtype is matched during parsing.
Signed-off-by: Zahari Doychev <zahari.doychev@linux.com>
---
tc/f_flower.c | 52 +++++++++++++++++++++++----------------------------
1 file changed, 23 insertions(+), 29 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 00c919fd..58e1140d 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -1324,9 +1324,9 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
bool mpls_format_old = false;
bool mpls_format_new = false;
struct rtattr *tail;
- __be16 eth_type = TC_H_MIN(t->tcm_info);
+ __be16 tc_proto = TC_H_MIN(t->tcm_info);
+ __be16 eth_type = tc_proto;
__be16 vlan_ethtype = 0;
- __be16 cvlan_ethtype = 0;
__u8 ip_proto = 0xff;
__u32 flags = 0;
__u32 mtf = 0;
@@ -1464,6 +1464,8 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
&vlan_ethtype, n);
if (ret < 0)
return -1;
+ /* get new ethtype for later parsing */
+ eth_type = vlan_ethtype;
} else if (matches(*argv, "cvlan_id") == 0) {
__u16 vid;
@@ -1495,9 +1497,10 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
TCA_FLOWER_KEY_CVLAN_PRIO, cvlan_prio);
} else if (matches(*argv, "cvlan_ethtype") == 0) {
NEXT_ARG();
+ /* get new ethtype for later parsing */
ret = flower_parse_vlan_eth_type(*argv, vlan_ethtype,
TCA_FLOWER_KEY_CVLAN_ETH_TYPE,
- &cvlan_ethtype, n);
+ ð_type, n);
if (ret < 0)
return -1;
} else if (matches(*argv, "mpls") == 0) {
@@ -1627,9 +1630,7 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
}
} else if (matches(*argv, "ip_proto") == 0) {
NEXT_ARG();
- ret = flower_parse_ip_proto(*argv, cvlan_ethtype ?
- cvlan_ethtype : vlan_ethtype ?
- vlan_ethtype : eth_type,
+ ret = flower_parse_ip_proto(*argv, eth_type,
TCA_FLOWER_KEY_IP_PROTO,
&ip_proto, n);
if (ret < 0) {
@@ -1658,9 +1659,7 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
}
} else if (matches(*argv, "dst_ip") == 0) {
NEXT_ARG();
- ret = flower_parse_ip_addr(*argv, cvlan_ethtype ?
- cvlan_ethtype : vlan_ethtype ?
- vlan_ethtype : eth_type,
+ ret = flower_parse_ip_addr(*argv, eth_type,
TCA_FLOWER_KEY_IPV4_DST,
TCA_FLOWER_KEY_IPV4_DST_MASK,
TCA_FLOWER_KEY_IPV6_DST,
@@ -1672,9 +1671,7 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
}
} else if (matches(*argv, "src_ip") == 0) {
NEXT_ARG();
- ret = flower_parse_ip_addr(*argv, cvlan_ethtype ?
- cvlan_ethtype : vlan_ethtype ?
- vlan_ethtype : eth_type,
+ ret = flower_parse_ip_addr(*argv, eth_type,
TCA_FLOWER_KEY_IPV4_SRC,
TCA_FLOWER_KEY_IPV4_SRC_MASK,
TCA_FLOWER_KEY_IPV6_SRC,
@@ -1728,33 +1725,30 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
}
} else if (matches(*argv, "arp_tip") == 0) {
NEXT_ARG();
- ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
- vlan_ethtype : eth_type,
- TCA_FLOWER_KEY_ARP_TIP,
- TCA_FLOWER_KEY_ARP_TIP_MASK,
- n);
+ ret = flower_parse_arp_ip_addr(*argv, eth_type,
+ TCA_FLOWER_KEY_ARP_TIP,
+ TCA_FLOWER_KEY_ARP_TIP_MASK,
+ n);
if (ret < 0) {
fprintf(stderr, "Illegal \"arp_tip\"\n");
return -1;
}
} else if (matches(*argv, "arp_sip") == 0) {
NEXT_ARG();
- ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
- vlan_ethtype : eth_type,
- TCA_FLOWER_KEY_ARP_SIP,
- TCA_FLOWER_KEY_ARP_SIP_MASK,
- n);
+ ret = flower_parse_arp_ip_addr(*argv, eth_type,
+ TCA_FLOWER_KEY_ARP_SIP,
+ TCA_FLOWER_KEY_ARP_SIP_MASK,
+ n);
if (ret < 0) {
fprintf(stderr, "Illegal \"arp_sip\"\n");
return -1;
}
} else if (matches(*argv, "arp_op") == 0) {
NEXT_ARG();
- ret = flower_parse_arp_op(*argv, vlan_ethtype ?
- vlan_ethtype : eth_type,
- TCA_FLOWER_KEY_ARP_OP,
- TCA_FLOWER_KEY_ARP_OP_MASK,
- n);
+ ret = flower_parse_arp_op(*argv, eth_type,
+ TCA_FLOWER_KEY_ARP_OP,
+ TCA_FLOWER_KEY_ARP_OP_MASK,
+ n);
if (ret < 0) {
fprintf(stderr, "Illegal \"arp_op\"\n");
return -1;
@@ -1894,8 +1888,8 @@ parse_done:
return ret;
}
- if (eth_type != htons(ETH_P_ALL)) {
- ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, eth_type);
+ if (tc_proto != htons(ETH_P_ALL)) {
+ ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, tc_proto);
if (ret)
return ret;
}
--
2.28.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing
2020-11-10 7:53 [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing Zahari Doychev
@ 2020-11-14 3:12 ` David Ahern
2020-11-24 9:39 ` Roi Dayan
0 siblings, 1 reply; 5+ messages in thread
From: David Ahern @ 2020-11-14 3:12 UTC (permalink / raw)
To: Zahari Doychev, netdev; +Cc: simon.horman, jhs, jianbol
On 11/10/20 12:53 AM, Zahari Doychev wrote:
> Currently the icmp and arp parsing functions are called with incorrect
> ethtype in case of vlan or cvlan filter options. In this case either
> cvlan_ethtype or vlan_ethtype has to be used. The ethtype is now updated
> each time a vlan ethtype is matched during parsing.
>
> Signed-off-by: Zahari Doychev <zahari.doychev@linux.com>
> ---
> tc/f_flower.c | 52 +++++++++++++++++++++++----------------------------
> 1 file changed, 23 insertions(+), 29 deletions(-)
>
Thanks, looks much better.
applied to iproute2-next.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing
2020-11-14 3:12 ` David Ahern
@ 2020-11-24 9:39 ` Roi Dayan
2020-11-24 12:13 ` Roi Dayan
0 siblings, 1 reply; 5+ messages in thread
From: Roi Dayan @ 2020-11-24 9:39 UTC (permalink / raw)
To: David Ahern, Zahari Doychev, netdev; +Cc: simon.horman, jhs, jianbol
On 2020-11-14 5:12 AM, David Ahern wrote:
> On 11/10/20 12:53 AM, Zahari Doychev wrote:
>> Currently the icmp and arp parsing functions are called with incorrect
>> ethtype in case of vlan or cvlan filter options. In this case either
>> cvlan_ethtype or vlan_ethtype has to be used. The ethtype is now updated
>> each time a vlan ethtype is matched during parsing.
>>
>> Signed-off-by: Zahari Doychev <zahari.doychev@linux.com>
>> ---
>> tc/f_flower.c | 52 +++++++++++++++++++++++----------------------------
>> 1 file changed, 23 insertions(+), 29 deletions(-)
>>
>
> Thanks, looks much better.
>
> applied to iproute2-next.
>
Hi,
I didn't debug yet but with this commit I am failing to add a tc
rule I always could before. also the error msg doesn't make sense.
Example:
# tc filter add dev enp8s0f0 protocol 802.1Q parent ffff: prio 1 flower\
skip_hw dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50\
vlan_ethtype 0x800 vlan_id 100 vlan_prio 0 action vlan pop action\
mirred egress redirect dev enp8s0f0_0
Can't set "vlan_id" if ethertype isn't 802.1Q or 802.1AD
I used protocol 802.1Q and vlan_ethtype 0x800.
am i missing something? the rule should look different now?
Thanks,
Roi
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing
2020-11-24 9:39 ` Roi Dayan
@ 2020-11-24 12:13 ` Roi Dayan
2020-11-24 13:41 ` Jamal Hadi Salim
0 siblings, 1 reply; 5+ messages in thread
From: Roi Dayan @ 2020-11-24 12:13 UTC (permalink / raw)
To: David Ahern, Zahari Doychev, netdev; +Cc: simon.horman, jhs, jianbol
On 2020-11-24 11:39 AM, Roi Dayan wrote:
>
>
> On 2020-11-14 5:12 AM, David Ahern wrote:
>> On 11/10/20 12:53 AM, Zahari Doychev wrote:
>>> Currently the icmp and arp parsing functions are called with incorrect
>>> ethtype in case of vlan or cvlan filter options. In this case either
>>> cvlan_ethtype or vlan_ethtype has to be used. The ethtype is now updated
>>> each time a vlan ethtype is matched during parsing.
>>>
>>> Signed-off-by: Zahari Doychev <zahari.doychev@linux.com>
>>> ---
>>> tc/f_flower.c | 52 +++++++++++++++++++++++----------------------------
>>> 1 file changed, 23 insertions(+), 29 deletions(-)
>>>
>>
>> Thanks, looks much better.
>>
>> applied to iproute2-next.
>>
>
> Hi,
>
> I didn't debug yet but with this commit I am failing to add a tc
> rule I always could before. also the error msg doesn't make sense.
>
> Example:
>
> # tc filter add dev enp8s0f0 protocol 802.1Q parent ffff: prio 1 flower\
> skip_hw dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50\
> vlan_ethtype 0x800 vlan_id 100 vlan_prio 0 action vlan pop action\
> mirred egress redirect dev enp8s0f0_0
>
>
> Can't set "vlan_id" if ethertype isn't 802.1Q or 802.1AD
>
>
> I used protocol 802.1Q and vlan_ethtype 0x800.
> am i missing something? the rule should look different now?
>
> Thanks,
> Roi
Hi,
I debugged this and it break vlan rules.
The issue is from this part of the change
@@ -1464,6 +1464,8 @@ static int flower_parse_opt(struct filter_util
*qu, char *handle,
&vlan_ethtype, n);
if (ret < 0)
return -1;
+ /* get new ethtype for later parsing */
+ eth_type = vlan_ethtype;
Now params vlan_id, vlan_prio check if eth_type is vlan but it's not.
it's 0x0800 as the example as it was set to the vlan_ethtype.
Need to continue check the outer, so tc_proto.
i'll prep a fix commit for review.
Thanks,
Roi
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing
2020-11-24 12:13 ` Roi Dayan
@ 2020-11-24 13:41 ` Jamal Hadi Salim
0 siblings, 0 replies; 5+ messages in thread
From: Jamal Hadi Salim @ 2020-11-24 13:41 UTC (permalink / raw)
To: Roi Dayan, David Ahern, Zahari Doychev, netdev; +Cc: simon.horman, jianbol
On 2020-11-24 7:13 a.m., Roi Dayan wrote:
>
>
> On 2020-11-24 11:39 AM, Roi Dayan wrote:
>>
>>
[..]
>> Hi,
>>
>> I didn't debug yet but with this commit I am failing to add a tc
>> rule I always could before. also the error msg doesn't make sense.
>>
>> Example:
>>
>> # tc filter add dev enp8s0f0 protocol 802.1Q parent ffff: prio 1 flower\
>> skip_hw dst_mac e4:11:22:11:4a:51 src_mac e4:11:22:11:4a:50\
>> vlan_ethtype 0x800 vlan_id 100 vlan_prio 0 action vlan pop action\
>> mirred egress redirect dev enp8s0f0_0
>>
>>
>> Can't set "vlan_id" if ethertype isn't 802.1Q or 802.1AD
>>
>>
>> I used protocol 802.1Q and vlan_ethtype 0x800.
>> am i missing something? the rule should look different now?
>>
>> Thanks,
>> Roi
>
>
> Hi,
>
> I debugged this and it break vlan rules.
> The issue is from this part of the change
>
We have a test for this in tdc. Maybe we should make it a rule to
run tdc tests on changes like these?
cheers,
jamal
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-11-24 13:41 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-10 7:53 [PATCH iproute2-next v2] tc flower: use right ethertype in icmp/arp parsing Zahari Doychev
2020-11-14 3:12 ` David Ahern
2020-11-24 9:39 ` Roi Dayan
2020-11-24 12:13 ` Roi Dayan
2020-11-24 13:41 ` Jamal Hadi Salim
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).