[PATCH net-next v6 06/12] net: vxlan: make vxlan_snoop() return drop reasons

From: Menglong Dong
Date: Tue Oct 08 2024 - 10:27:37 EST


Change the return type of vxlan_snoop() from bool to enum
skb_drop_reason. In this commit, two drop reasons are introduced:

SKB_DROP_REASON_MAC_INVALID_SOURCE
SKB_DROP_REASON_VXLAN_ENTRY_EXISTS

Signed-off-by: Menglong Dong <dongml2@xxxxxxxxxxxxxxx>
Reviewed-by: Simon Horman <horms@xxxxxxxxxx>
---
v5:
- rename SKB_DROP_REASON_VXLAN_INVALID_SMAC to
SKB_DROP_REASON_MAC_INVALID_SOURCE in the commit log
v4:
- rename SKB_DROP_REASON_VXLAN_INVALID_SMAC to
SKB_DROP_REASON_MAC_INVALID_SOURCE
---
drivers/net/vxlan/vxlan_core.c | 17 +++++++++--------
include/net/dropreason-core.h | 9 +++++++++
2 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/drivers/net/vxlan/vxlan_core.c b/drivers/net/vxlan/vxlan_core.c
index 34b44755f663..1a81a3957327 100644
--- a/drivers/net/vxlan/vxlan_core.c
+++ b/drivers/net/vxlan/vxlan_core.c
@@ -1437,9 +1437,10 @@ static int vxlan_fdb_get(struct sk_buff *skb,
* and Tunnel endpoint.
* Return true if packet is bogus and should be dropped.
*/
-static bool vxlan_snoop(struct net_device *dev,
- union vxlan_addr *src_ip, const u8 *src_mac,
- u32 src_ifindex, __be32 vni)
+static enum skb_drop_reason vxlan_snoop(struct net_device *dev,
+ union vxlan_addr *src_ip,
+ const u8 *src_mac, u32 src_ifindex,
+ __be32 vni)
{
struct vxlan_dev *vxlan = netdev_priv(dev);
struct vxlan_fdb *f;
@@ -1447,7 +1448,7 @@ static bool vxlan_snoop(struct net_device *dev,

/* Ignore packets from invalid src-address */
if (!is_valid_ether_addr(src_mac))
- return true;
+ return SKB_DROP_REASON_MAC_INVALID_SOURCE;

#if IS_ENABLED(CONFIG_IPV6)
if (src_ip->sa.sa_family == AF_INET6 &&
@@ -1461,15 +1462,15 @@ static bool vxlan_snoop(struct net_device *dev,

if (likely(vxlan_addr_equal(&rdst->remote_ip, src_ip) &&
rdst->remote_ifindex == ifindex))
- return false;
+ return SKB_NOT_DROPPED_YET;

/* Don't migrate static entries, drop packets */
if (f->state & (NUD_PERMANENT | NUD_NOARP))
- return true;
+ return SKB_DROP_REASON_VXLAN_ENTRY_EXISTS;

/* Don't override an fdb with nexthop with a learnt entry */
if (rcu_access_pointer(f->nh))
- return true;
+ return SKB_DROP_REASON_VXLAN_ENTRY_EXISTS;

if (net_ratelimit())
netdev_info(dev,
@@ -1497,7 +1498,7 @@ static bool vxlan_snoop(struct net_device *dev,
spin_unlock(&vxlan->hash_lock[hash_index]);
}

- return false;
+ return SKB_NOT_DROPPED_YET;
}

static bool __vxlan_sock_release_prep(struct vxlan_sock *vs)
diff --git a/include/net/dropreason-core.h b/include/net/dropreason-core.h
index 98259d2b3e92..1cb8d7c953be 100644
--- a/include/net/dropreason-core.h
+++ b/include/net/dropreason-core.h
@@ -94,6 +94,8 @@
FN(TC_RECLASSIFY_LOOP) \
FN(VXLAN_INVALID_HDR) \
FN(VXLAN_VNI_NOT_FOUND) \
+ FN(MAC_INVALID_SOURCE) \
+ FN(VXLAN_ENTRY_EXISTS) \
FN(IP_TUNNEL_ECN) \
FNe(MAX)

@@ -429,6 +431,13 @@ enum skb_drop_reason {
SKB_DROP_REASON_VXLAN_INVALID_HDR,
/** @SKB_DROP_REASON_VXLAN_VNI_NOT_FOUND: no VXLAN device found for VNI */
SKB_DROP_REASON_VXLAN_VNI_NOT_FOUND,
+ /** @SKB_DROP_REASON_MAC_INVALID_SOURCE: source mac is invalid */
+ SKB_DROP_REASON_MAC_INVALID_SOURCE,
+ /**
+ * @SKB_DROP_REASON_VXLAN_ENTRY_EXISTS: trying to migrate a static
+ * entry or an entry pointing to a nexthop.
+ */
+ SKB_DROP_REASON_VXLAN_ENTRY_EXISTS,
/**
* @SKB_DROP_REASON_IP_TUNNEL_ECN: skb is dropped according to
* RFC 6040 4.2, see __INET_ECN_decapsulate() for detail.
--
2.39.5