review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Eyal Birger <eyal.birger@gmail.com>
	Fri, 26 Aug 2022 11:47:00 +0000 (14:47 +0300)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Mon, 29 Aug 2022 08:44:08 +0000 (10:44 +0200)
commit	2c2493b9da9166478fe072e3054f8a5741dadb02
tree	556475adbb9572c9ed40a5a92ee75fee2292a481	tree \| snapshot
parent	abc340b38ba25cd6c7aa2c0bd9150d30738c82d0	commit \| diff

xfrm: lwtunnel: add lwtunnel support for xfrm interfaces in collect_md mode

Allow specifying the xfrm interface if_id and link as part of a route
metadata using the lwtunnel infrastructure.

This allows for example using a single xfrm interface in collect_md
mode as the target of multiple routes each specifying a different if_id.

With the appropriate changes to iproute2, considering an xfrm device
ipsec1 in collect_md mode one can for example add a route specifying
an if_id like so:

ip route add <SUBNET> dev ipsec1 encap xfrm if_id 1

In which case traffic routed to the device via this route would use
if_id in the xfrm interface policy lookup.

Or in the context of vrf, one can also specify the "link" property:

ip route add <SUBNET> dev ipsec1 encap xfrm if_id 1 link_dev eth15

Note: LWT_XFRM_LINK uses NLA_U32 similar to IFLA_XFRM_LINK even though
internally "link" is signed. This is consistent with other _LINK
attributes in other devices as well as in bpf and should not have an
effect as device indexes can't be negative.

Reviewed-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

include/net/dst_metadata.h		diff \| blob \| history
include/uapi/linux/lwtunnel.h		diff \| blob \| history
net/core/lwtunnel.c		diff \| blob \| history
net/xfrm/xfrm_interface.c		diff \| blob \| history