Merge branch 'Add FOU support for externally controlled ipip devices'

int __gue_build_header(struct sk_buff *skb, struct ip_tunnel_encap *e,

		       u8 *protocol, __be16 *sport, int type);

int register_fou_bpf(void);

#endif

	__u8			flow_flags;

};

struct ip_tunnel_encap {

	u16			type;

	u16			flags;

	__be16			sport;

	__be16			dport;

};

/* Flags for ip_tunnel_info mode. */

#define IP_TUNNEL_INFO_TX	0x01	/* represents tx tunnel parameters */

#define IP_TUNNEL_INFO_IPV6	0x02	/* key contains IPv6 addresses */

#define IP_TUNNEL_OPTS_MAX					\

	GENMASK((sizeof_field(struct ip_tunnel_info,		\

			      options_len) * BITS_PER_BYTE) - 1, 0)

struct ip_tunnel_info {

	struct ip_tunnel_key	key;

	struct ip_tunnel_encap	encap;

#ifdef CONFIG_DST_CACHE

	struct dst_cache	dst_cache;

#endif

};

#endif

struct ip_tunnel_encap {

	u16			type;

	u16			flags;

	__be16			sport;

	__be16			dport;

};

struct ip_tunnel_prl_entry {

	struct ip_tunnel_prl_entry __rcu *next;

	__be32				addr;

				   __be32 remote, __be32 local,

				   __be32 key);

void ip_tunnel_md_udp_encap(struct sk_buff *skb, struct ip_tunnel_info *info);

int ip_tunnel_rcv(struct ip_tunnel *tunnel, struct sk_buff *skb,

		  const struct tnl_ptk_info *tpi, struct metadata_dst *tun_dst,

		  bool log_ecn_error);

	return hlen;

}

static inline int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t,

static inline int ip_tunnel_encap(struct sk_buff *skb,

				  struct ip_tunnel_encap *e,

				  u8 *protocol, struct flowi4 *fl4)

{

	const struct ip_tunnel_encap_ops *ops;

	int ret = -EINVAL;

	if (t->encap.type == TUNNEL_ENCAP_NONE)

	if (e->type == TUNNEL_ENCAP_NONE)

		return 0;

	if (t->encap.type >= MAX_IPTUN_ENCAP_OPS)

	if (e->type >= MAX_IPTUN_ENCAP_OPS)

		return -EINVAL;

	rcu_read_lock();

	ops = rcu_dereference(iptun_encaps[t->encap.type]);

	ops = rcu_dereference(iptun_encaps[e->type]);

	if (likely(ops && ops->build_header))

		ret = ops->build_header(skb, &t->encap, protocol, fl4);

		ret = ops->build_header(skb, e, protocol, fl4);

	rcu_read_unlock();

	return ret;

obj-$(CONFIG_IP_MROUTE_COMMON) += ipmr_base.o

obj-$(CONFIG_NET_IPIP) += ipip.o

gre-y := gre_demux.o

fou-y := fou_core.o fou_nl.o

fou-y := fou_core.o fou_nl.o fou_bpf.o

obj-$(CONFIG_NET_FOU) += fou.o

obj-$(CONFIG_NET_IPGRE_DEMUX) += gre.o

obj-$(CONFIG_NET_IPGRE) += ip_gre.o

// SPDX-License-Identifier: GPL-2.0-only

/* Unstable Fou Helpers for TC-BPF hook

 *

 * These are called from SCHED_CLS BPF programs. Note that it is

 * allowed to break compatibility for these functions since the interface they

 * are exposed through to BPF programs is explicitly unstable.

 */

#include <linux/bpf.h>

#include <linux/btf_ids.h>

#include <net/dst_metadata.h>

#include <net/fou.h>

struct bpf_fou_encap {

	__be16 sport;

	__be16 dport;

};

enum bpf_fou_encap_type {

	FOU_BPF_ENCAP_FOU,

	FOU_BPF_ENCAP_GUE,

};

__diag_push();

__diag_ignore_all("-Wmissing-prototypes",

		  "Global functions as their definitions will be in BTF");

/* bpf_skb_set_fou_encap - Set FOU encap parameters

 *

 * This function allows for using GUE or FOU encapsulation together with an

 * ipip device in collect-metadata mode.

 *

 * It is meant to be used in BPF tc-hooks and after a call to the

 * bpf_skb_set_tunnel_key helper, responsible for setting IP addresses.

 *

 * Parameters:

 * @skb_ctx	Pointer to ctx (__sk_buff) in TC program. Cannot be NULL

 * @encap	Pointer to a `struct bpf_fou_encap` storing UDP src and

 * 		dst ports. If sport is set to 0 the kernel will auto-assign a

 * 		port. This is similar to using `encap-sport auto`.

 * 		Cannot be NULL

 * @type	Encapsulation type for the packet. Their definitions are

 * 		specified in `enum bpf_fou_encap_type`

 */

__bpf_kfunc int bpf_skb_set_fou_encap(struct __sk_buff *skb_ctx,

				      struct bpf_fou_encap *encap, int type)

{

	struct sk_buff *skb = (struct sk_buff *)skb_ctx;

	struct ip_tunnel_info *info = skb_tunnel_info(skb);

	if (unlikely(!encap))

		return -EINVAL;

	if (unlikely(!info || !(info->mode & IP_TUNNEL_INFO_TX)))

		return -EINVAL;

	switch (type) {

	case FOU_BPF_ENCAP_FOU:

		info->encap.type = TUNNEL_ENCAP_FOU;

		break;

	case FOU_BPF_ENCAP_GUE:

		info->encap.type = TUNNEL_ENCAP_GUE;

		break;

	default:

		info->encap.type = TUNNEL_ENCAP_NONE;

	}

	if (info->key.tun_flags & TUNNEL_CSUM)

		info->encap.flags |= TUNNEL_ENCAP_FLAG_CSUM;

	info->encap.sport = encap->sport;

	info->encap.dport = encap->dport;

	return 0;

}

/* bpf_skb_get_fou_encap - Get FOU encap parameters

 *

 * This function allows for reading encap metadata from a packet received

 * on an ipip device in collect-metadata mode.

 *

 * Parameters:

 * @skb_ctx	Pointer to ctx (__sk_buff) in TC program. Cannot be NULL

 * @encap	Pointer to a struct bpf_fou_encap storing UDP source and

 * 		destination port. Cannot be NULL

 */

__bpf_kfunc int bpf_skb_get_fou_encap(struct __sk_buff *skb_ctx,

				      struct bpf_fou_encap *encap)

{

	struct sk_buff *skb = (struct sk_buff *)skb_ctx;

	struct ip_tunnel_info *info = skb_tunnel_info(skb);

	if (unlikely(!info))

		return -EINVAL;

	encap->sport = info->encap.sport;

	encap->dport = info->encap.dport;

	return 0;

}

__diag_pop()

BTF_SET8_START(fou_kfunc_set)

BTF_ID_FLAGS(func, bpf_skb_set_fou_encap)

BTF_ID_FLAGS(func, bpf_skb_get_fou_encap)

BTF_SET8_END(fou_kfunc_set)

static const struct btf_kfunc_id_set fou_bpf_kfunc_set = {

	.owner = THIS_MODULE,

	.set   = &fou_kfunc_set,

};

int register_fou_bpf(void)

{

	return register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_CLS,

					 &fou_bpf_kfunc_set);

}

	if (ret < 0)

		goto unregister;

	ret = register_fou_bpf();

	if (ret < 0)

		goto kfunc_failed;

	ret = ip_tunnel_encap_add_fou_ops();

	if (ret == 0)

		return 0;

kfunc_failed:

	genl_unregister_family(&fou_nl_family);

unregister:

	unregister_pernet_device(&fou_net_ops);