noctra/iproute2-next
1
0
Fork 0
Code Issues Pull Requests Releases Activity

ip: vxlan: Support IFLA_VXLAN_RESERVED_BITS

Browse Source 
A new attribute, IFLA_VXLAN_RESERVED_BITS, was added in Linux kernel
commit 6c11379b104e ("vxlan: Add an attribute to make VXLAN header
validation configurable") (See the link below for the full patchset).

The payload is a 64-bit binary field that covers the VXLAN header. The set
bits indicate which bits in a VXLAN packet header should be allowed to
carry 1's. Support the new attribute through a CLI keyword "reserved_bits".

Link: https://patch.msgid.link/173378643250.273075.13832548579412179113.git-patchwork-notify@kernel.org
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
This commit is contained in:
Petr Machata
2025-01-20 16:43:06 +01:00
committed by David Ahern
parent fe4100df83
commit 1db4f56878
2 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ip/iplink_vxlan.c
View File

@@ -52,6 +52,7 @@ static void print_explain(FILE *f)
" [ dev PHYS_DEV ]\n" " [ dev PHYS_DEV ]\n"
" [ dstport PORT ]\n" " [ dstport PORT ]\n"
" [ srcport MIN MAX ]\n" " [ srcport MIN MAX ]\n"
" [ reserved_bits VALUE ]\n"
" [ [no]learning ]\n" " [ [no]learning ]\n"
" [ [no]proxy ]\n" " [ [no]proxy ]\n"
" [ [no]rsc ]\n" " [ [no]rsc ]\n"
@@ -337,6 +338,17 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
check_duparg(&attrs, IFLA_VXLAN_LOCALBYPASS, check_duparg(&attrs, IFLA_VXLAN_LOCALBYPASS,
*argv, *argv); *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_LOCALBYPASS, 0); addattr8(n, 1024, IFLA_VXLAN_LOCALBYPASS, 0);
} else if (strcmp(*argv, "reserved_bits") == 0) {
NEXT_ARG();
__be64 bits;
check_duparg(&attrs, IFLA_VXLAN_RESERVED_BITS,
*argv, *argv);
if (get_be64(&bits, *argv, 0))
invarg("reserved_bits", *argv);
addattr_l(n, 1024, IFLA_VXLAN_RESERVED_BITS,
&bits, sizeof(bits));
} else if (!matches(*argv, "external")) { } else if (!matches(*argv, "external")) {
check_duparg(&attrs, IFLA_VXLAN_COLLECT_METADATA, check_duparg(&attrs, IFLA_VXLAN_COLLECT_METADATA,
*argv, *argv); *argv, *argv);
@@ -601,6 +613,14 @@ static void vxlan_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
((maxaddr = rta_getattr_u32(tb[IFLA_VXLAN_LIMIT])) != 0)) ((maxaddr = rta_getattr_u32(tb[IFLA_VXLAN_LIMIT])) != 0))
print_uint(PRINT_ANY, "limit", "maxaddr %u ", maxaddr); print_uint(PRINT_ANY, "limit", "maxaddr %u ", maxaddr);
if (tb[IFLA_VXLAN_RESERVED_BITS]) {
__be64 reserved_bits =
rta_getattr_u64(tb[IFLA_VXLAN_RESERVED_BITS]);
print_0xhex(PRINT_ANY, "reserved_bits",
"reserved_bits %#llx ", ntohll(reserved_bits));
}
if (tb[IFLA_VXLAN_GBP]) if (tb[IFLA_VXLAN_GBP])
print_null(PRINT_ANY, "gbp", "gbp ", NULL); print_null(PRINT_ANY, "gbp", "gbp ", NULL);
if (tb[IFLA_VXLAN_GPE]) if (tb[IFLA_VXLAN_GPE])

9
man/man8/ip-link.8.in
View File

@@ -632,6 +632,8 @@ the following additional arguments are supported:
] [ ] [
.BI srcport " MIN MAX " .BI srcport " MIN MAX "
] [ ] [
.BI reserved_bits " VALUE "
] [
.RB [ no ] learning .RB [ no ] learning
] [ ] [
.RB [ no ] proxy .RB [ no ] proxy
@@ -725,6 +727,13 @@ bit is not set.
- specifies the range of port numbers to use as UDP - specifies the range of port numbers to use as UDP
source ports to communicate to the remote VXLAN tunnel endpoint. source ports to communicate to the remote VXLAN tunnel endpoint.
.sp
.BI reserved_bits " VALUE "
- by default the kernel rejects packets that have bits set outside of the fields
required by the features enabled on the VXLAN netdevice. \fBreserved_bits\fR is
a 64-bit quantity specifying which bits it should be possible to set in a VXLAN
header. Each bit set in the value is a tolerated bit set in a packet.
.sp .sp
.RB [ no ] learning .RB [ no ] learning
- specifies if unknown source link layer addresses and IP addresses - specifies if unknown source link layer addresses and IP addresses