Re: [PATCH net-next 00/12] Unmask upper DSCP bits - part 4 (last)

Fri, 06 Sep 2024 10:13:40 -0700 

On 9/5/24 10:51 AM, Ido Schimmel wrote:
> tl;dr - This patchset finishes to unmask the upper DSCP bits in the IPv4
> flow key in preparation for allowing IPv4 FIB rules to match on DSCP. No
> functional changes are expected.
> 
> The TOS field in the IPv4 flow key ('flowi4_tos') is used during FIB
> lookup to match against the TOS selector in FIB rules and routes.
> 
> It is currently impossible for user space to configure FIB rules that
> match on the DSCP value as the upper DSCP bits are either masked in the
> various call sites that initialize the IPv4 flow key or along the path
> to the FIB core.
> 
> In preparation for adding a DSCP selector to IPv4 and IPv6 FIB rules, we
> need to make sure the entire DSCP value is present in the IPv4 flow key.
> This patchset finishes to unmask the upper DSCP bits by adjusting all
> the callers of ip_route_output_key() to properly initialize the full
> DSCP value in the IPv4 flow key.
> 
> No functional changes are expected as commit 1fa3314c14c6 ("ipv4:
> Centralize TOS matching") moved the masking of the upper DSCP bits to
> the core where 'flowi4_tos' is matched against the TOS selector.
> 
> Ido Schimmel (12):
>   netfilter: br_netfilter: Unmask upper DSCP bits in
>     br_nf_pre_routing_finish()
>   ipv4: ip_gre: Unmask upper DSCP bits in ipgre_open()
>   bpf: lwtunnel: Unmask upper DSCP bits in bpf_lwt_xmit_reroute()
>   ipv4: icmp: Unmask upper DSCP bits in icmp_reply()
>   ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev()
>   ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit()
>   ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit()
>   ipv4: netfilter: Unmask upper DSCP bits in ip_route_me_harder()
>   netfilter: nft_flow_offload: Unmask upper DSCP bits in
>     nft_flow_route()
>   netfilter: nf_dup4: Unmask upper DSCP bits in nf_dup_ipv4_route()
>   ipv4: udp_tunnel: Unmask upper DSCP bits in udp_tunnel_dst_lookup()
>   sctp: Unmask upper DSCP bits in sctp_v4_get_dst()
> 
>  net/bridge/br_netfilter_hooks.c  |  3 ++-
>  net/core/lwt_bpf.c               |  3 ++-
>  net/ipv4/icmp.c                  |  2 +-
>  net/ipv4/ip_gre.c                |  3 ++-
>  net/ipv4/ip_tunnel.c             | 11 ++++++-----
>  net/ipv4/netfilter.c             |  3 ++-
>  net/ipv4/netfilter/nf_dup_ipv4.c |  3 ++-
>  net/ipv4/udp_tunnel_core.c       |  3 ++-
>  net/netfilter/nft_flow_offload.c |  3 ++-
>  net/sctp/protocol.c              |  3 ++-
>  10 files changed, 23 insertions(+), 14 deletions(-)
> 

For the set:
Reviewed-by: David Ahern <[email protected]>

Reply via email to