Blob Blame History Raw
From eaccce1b85efafbea1607ff88d7259541f311ee2 Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Wed, 5 Jun 2019 13:10:31 +0200
Subject: [PATCH] tc/actions: introduce support for goto chain action

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1714660
Upstream Status: iproute2.git commit d19f72f7898a7

commit d19f72f7898a78ef76628833c204afb96f9a05cd
Author: Jiri Pirko <jiri@mellanox.com>
Date:   Tue May 16 19:29:37 2017 +0200

    tc/actions: introduce support for goto chain action

    Allow user to set control action "goto" with filter chain index as
    a parameter.

    Signed-off-by: Jiri Pirko <jiri@mellanox.com>
---
 man/man8/tc-ife.8    |  2 +-
 man/man8/tc-pedit.8  |  2 +-
 man/man8/tc-police.8 |  2 +-
 man/man8/tc-vlan.8   |  2 +-
 tc/m_connmark.c      |  3 ++-
 tc/m_gact.c          |  6 ++++--
 tc/m_pedit.c         |  3 ++-
 tc/m_police.c        |  6 ++++--
 tc/m_skbmod.c        |  3 ++-
 tc/m_vlan.c          |  3 ++-
 tc/tc_util.c         | 24 +++++++++++++++++++++++-
 11 files changed, 43 insertions(+), 13 deletions(-)

diff --git a/man/man8/tc-ife.8 b/man/man8/tc-ife.8
index a8f1f287d1502..24595cc6d615c 100644
--- a/man/man8/tc-ife.8
+++ b/man/man8/tc-ife.8
@@ -34,7 +34,7 @@ IFE - encapsulate/decapsulate metadata
 
 .ti -8
 .IR CONTROL " := { "
-.BR reclassify " | " use " | " pipe " | " drop " | " continue " | " ok " }"
+.BR reclassify " | " use " | " pipe " | " drop " | " continue " | " ok " | " goto " " chain " " CHAIN_INDEX " }"
 .SH DESCRIPTION
 The
 .B ife
diff --git a/man/man8/tc-pedit.8 b/man/man8/tc-pedit.8
index 82d4217bc9589..bbd725c4d0ba1 100644
--- a/man/man8/tc-pedit.8
+++ b/man/man8/tc-pedit.8
@@ -82,7 +82,7 @@ pedit - generic packet editor action
 
 .ti -8
 .IR CONTROL " := {"
-.BR reclassify " | " pipe " | " drop " | " shot " | " continue " | " pass " }"
+.BR reclassify " | " pipe " | " drop " | " shot " | " continue " | " pass " | " goto " " chain " " CHAIN_INDEX " }"
 .SH DESCRIPTION
 The
 .B pedit
diff --git a/man/man8/tc-police.8 b/man/man8/tc-police.8
index 620c28813fc7e..bcc5f438825d1 100644
--- a/man/man8/tc-police.8
+++ b/man/man8/tc-police.8
@@ -30,7 +30,7 @@ police - policing action
 
 .ti -8
 .IR EXCEEDACT/NOTEXCEEDACT " := { "
-.BR pipe " | " ok " | " reclassify " | " drop " | " continue " }"
+.BR pipe " | " ok " | " reclassify " | " drop " | " continue " | " goto " " chain " " CHAIN_INDEX " }"
 .SH DESCRIPTION
 The
 .B police
diff --git a/man/man8/tc-vlan.8 b/man/man8/tc-vlan.8
index a526f66b60b4c..f5ffc25f054ed 100644
--- a/man/man8/tc-vlan.8
+++ b/man/man8/tc-vlan.8
@@ -26,7 +26,7 @@ vlan - vlan manipulation module
 
 .ti -8
 .IR CONTROL " := { "
-.BR reclassify " | " pipe " | " drop " | " continue " | " pass " }"
+.BR reclassify " | " pipe " | " drop " | " continue " | " pass " | " goto " " chain " " CHAIN_INDEX " }"
 .SH DESCRIPTION
 The
 .B vlan
diff --git a/tc/m_connmark.c b/tc/m_connmark.c
index 3c2274bc0d2af..37d7185415490 100644
--- a/tc/m_connmark.c
+++ b/tc/m_connmark.c
@@ -30,7 +30,8 @@ explain(void)
 	fprintf(stderr, "Usage: ... connmark [zone ZONE] [CONTROL] [index <INDEX>]\n");
 	fprintf(stderr, "where :\n"
 		"\tZONE is the conntrack zone\n"
-		"\tCONTROL := reclassify|pipe|drop|continue|ok\n");
+		"\tCONTROL := reclassify | pipe | drop | continue | ok |\n"
+		"\t           goto chain <CHAIN_INDEX>\n");
 }
 
 static void
diff --git a/tc/m_gact.c b/tc/m_gact.c
index bc3860bbe4441..c04c00bbded3c 100644
--- a/tc/m_gact.c
+++ b/tc/m_gact.c
@@ -45,7 +45,8 @@ explain(void)
 #ifdef CONFIG_GACT_PROB
 	fprintf(stderr, "Usage: ... gact <ACTION> [RAND] [INDEX]\n");
 	fprintf(stderr,
-		"Where: \tACTION := reclassify | drop | continue | pass | pipe\n"
+		"Where: \tACTION := reclassify | drop | continue | pass | pipe |\n"
+		"       \t          goto chain <CHAIN_INDEX>\n"
 			"\tRAND := random <RANDTYPE> <ACTION> <VAL>\n"
 			"\tRANDTYPE := netrand | determ\n"
 			"\tVAL : = value not exceeding 10000\n"
@@ -54,7 +55,8 @@ explain(void)
 #else
 	fprintf(stderr, "Usage: ... gact <ACTION> [INDEX]\n");
 	fprintf(stderr,
-		"Where: \tACTION := reclassify | drop | continue | pass | pipe\n"
+		"Where: \tACTION := reclassify | drop | continue | pass | pipe |\n"
+		"       \t          goto chain <CHAIN_INDEX>\n"
 		"\tINDEX := index value used\n"
 		"\n");
 #endif
diff --git a/tc/m_pedit.c b/tc/m_pedit.c
index b7d26b4540beb..5d89ab1d832ab 100644
--- a/tc/m_pedit.c
+++ b/tc/m_pedit.c
@@ -45,7 +45,8 @@ static void explain(void)
 		"\t\tCMD:= clear | invert | set <setval>| add <addval> | retain\n"
 		"\t<LAYERED>:= ip <ipdata> | ip6 <ip6data>\n"
 		" \t\t| udp <udpdata> | tcp <tcpdata> | icmp <icmpdata>\n"
-		"\tCONTROL:= reclassify | pipe | drop | continue | pass\n"
+		"\tCONTROL:= reclassify | pipe | drop | continue | pass |\n"
+		"\t          goto chain <CHAIN_INDEX>\n"
 		"\tNOTE: if 'ex' is set, extended functionality will be supported (kernel >= 4.11)\n"
 		"For Example usage look at the examples directory\n");
 
diff --git a/tc/m_police.c b/tc/m_police.c
index 2b73969de5daf..86117db0482ec 100644
--- a/tc/m_police.c
+++ b/tc/m_police.c
@@ -41,7 +41,8 @@ static void usage(void)
 	fprintf(stderr, "Where: CONTROL := conform-exceed <EXCEEDACT>[/NOTEXCEEDACT]\n");
 	fprintf(stderr, "                  Define how to handle packets which exceed (<EXCEEDACT>)\n");
 	fprintf(stderr, "                  or conform (<NOTEXCEEDACT>) the configured bandwidth limit.\n");
-	fprintf(stderr, "       EXCEEDACT/NOTEXCEEDACT := { pipe | ok | reclassify | drop | continue }\n");
+	fprintf(stderr, "       EXCEEDACT/NOTEXCEEDACT := { pipe | ok | reclassify | drop | continue |\n");
+	fprintf(stderr, "                                   goto chain <CHAIN_INDEX> }\n");
 	exit(-1);
 }
 
@@ -150,7 +151,8 @@ int act_parse_police(struct action_util *a, int *argc_p, char ***argv_p,
 			   matches(*argv, "shot") == 0 ||
 			   matches(*argv, "continue") == 0 ||
 			   matches(*argv, "pass") == 0 ||
-			   matches(*argv, "pipe") == 0) {
+			   matches(*argv, "pipe") == 0 ||
+			   matches(*argv, "goto") == 0) {
 			if (parse_action_control(&argc, &argv, &p.action, false))
 				return -1;
 		} else if (strcmp(*argv, "conform-exceed") == 0) {
diff --git a/tc/m_skbmod.c b/tc/m_skbmod.c
index 1ccd474309348..ba79308ba8354 100644
--- a/tc/m_skbmod.c
+++ b/tc/m_skbmod.c
@@ -36,7 +36,8 @@ static void skbmod_explain(void)
 		"\tDMAC := 6 byte Destination MAC address\n"
 		"\tSMAC := optional 6 byte Source MAC address\n"
 		"\tETYPE := optional 16 bit ethertype\n"
-		"\tCONTROL := reclassify|pipe|drop|continue|ok\n"
+		"\tCONTROL := reclassify | pipe | drop | continue | ok |\n"
+		"\t           goto chain <CHAIN_INDEX>\n"
 		"\tINDEX := skbmod index value to use\n");
 }
 
diff --git a/tc/m_vlan.c b/tc/m_vlan.c
index 2441b06847ecd..cccb4996b05f3 100644
--- a/tc/m_vlan.c
+++ b/tc/m_vlan.c
@@ -32,7 +32,8 @@ static void explain(void)
 	fprintf(stderr, "       vlan modify [ protocol VLANPROTO ] id VLANID [ priority VLANPRIO ] [CONTROL]\n");
 	fprintf(stderr, "       VLANPROTO is one of 802.1Q or 802.1AD\n");
 	fprintf(stderr, "            with default: 802.1Q\n");
-	fprintf(stderr, "       CONTROL := reclassify | pipe | drop | continue | pass\n");
+	fprintf(stderr, "       CONTROL := reclassify | pipe | drop | continue | pass |\n");
+	fprintf(stderr, "                  goto chain <CHAIN_INDEX>\n");
 }
 
 static void usage(void)
diff --git a/tc/tc_util.c b/tc/tc_util.c
index 840222832690b..194185a0fa1d8 100644
--- a/tc/tc_util.c
+++ b/tc/tc_util.c
@@ -415,6 +415,8 @@ static const char *action_n2a(int action)
 {
 	static char buf[64];
 
+	if (TC_ACT_EXT_CMP(action, TC_ACT_GOTO_CHAIN))
+		return "goto";
 	switch (action) {
 	case TC_ACT_UNSPEC:
 		return "continue";
@@ -458,6 +460,7 @@ static int action_a2n(char *arg, int *result, bool allow_num)
 		{"ok", TC_ACT_OK},
 		{"reclassify", TC_ACT_RECLASSIFY},
 		{"pipe", TC_ACT_PIPE},
+		{"goto", TC_ACT_GOTO_CHAIN},
 		{ NULL },
 	}, *iter;
 
@@ -497,6 +500,22 @@ int parse_action_control(int *argc_p, char ***argv_p,
 		fprintf(stderr, "Bad action type %s\n", *argv);
 		return -1;
 	}
+	if (result == TC_ACT_GOTO_CHAIN) {
+		__u32 chain_index;
+
+		NEXT_ARG();
+		if (matches(*argv, "chain") != 0) {
+			fprintf(stderr, "\"chain index\" expected\n");
+			return -1;
+		}
+		NEXT_ARG();
+		if (get_u32(&chain_index, *argv, 10) ||
+		    chain_index > TC_ACT_EXT_VAL_MASK) {
+			fprintf(stderr, "Illegal \"chain index\"\n");
+			return -1;
+		}
+		result |= chain_index;
+	}
 	NEXT_ARG_FWD();
 	*argc_p = argc;
 	*argv_p = argv;
@@ -604,7 +623,10 @@ int parse_action_control_slash(int *argc_p, char ***argv_p,
 void print_action_control(FILE *f, const char *prefix,
 			  int action, const char *suffix)
 {
-	fprintf(f, "%s%s%s", prefix, action_n2a(action), suffix);
+	fprintf(f, "%s%s", prefix, action_n2a(action));
+	if (TC_ACT_EXT_CMP(action, TC_ACT_GOTO_CHAIN))
+		fprintf(f, " chain %u", action & TC_ACT_EXT_VAL_MASK);
+	fprintf(f, "%s", suffix);
 }
 
 int get_linklayer(unsigned int *val, const char *arg)
-- 
2.21.0