From 5c43b9811dd88dd2d18d88a253212474bb665896 Mon Sep 17 00:00:00 2001 From: Xiaoping Fan Date: Fri, 26 Feb 2016 15:01:53 -0800 Subject: [PATCH 1/3] net: patch linux kernel to support shortcut-fe 1, add a new flag 'fast_forwarded' in skb structure. 2, put a hook in '__netif_receive_skb_core' to deliver packet to shortcut-fe. Change-Id: Icaa7c172a06df1c3bc89ff89814d1136772fe217 Signed-off-by: Xiaoping Fan msm: ipq806x: exporting TCP sequence check parameters This is for use in NSS connection manager. Change-Id: I01d30c0ab552308c439353c0d51d3d0ab3aa7699 Signed-off-by: Pamidipati, Vijay Signed-off-by: Murat Sezgin --- include/linux/skbuff.h | 3 +++ net/Kconfig | 3 +++ net/core/dev.c | 25 +++++++++++++++++++++++++ net/netfilter/nf_conntrack_proto_tcp.c | 10 ++++++++++ 4 files changed, 41 insertions(+) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 9a0c945..56f4007 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -738,6 +738,9 @@ struct sk_buff { #endif __u8 ipvs_property:1; __u8 inner_protocol_type:1; +#ifdef CONFIG_SHORTCUT_FE + __u8 fast_forwarded:1; +#endif __u8 remcsum_offload:1; #ifdef CONFIG_NET_SWITCHDEV __u8 offload_fwd_mark:1; diff --git a/net/Kconfig b/net/Kconfig index b4621e1..6ba72cf 100644 --- a/net/Kconfig +++ b/net/Kconfig @@ -444,3 +444,6 @@ config HAVE_CBPF_JIT # Extended BPF JIT (eBPF) config HAVE_EBPF_JIT bool + +config SHORTCUT_FE + bool "Enables kernel network stack path for Shortcut Forwarding Engine" diff --git a/net/core/dev.c b/net/core/dev.c index ca39cd2..74cd937 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -2929,8 +2929,17 @@ static int xmit_one(struct sk_buff *skb, struct net_device *dev, unsigned int len; int rc; +#ifdef CONFIG_SHORTCUT_FE + /* If this skb has been fast forwarded then we don't want it to + * go to any taps (by definition we're trying to bypass them). + */ + if (!skb->fast_forwarded) { +#endif if (!list_empty(&ptype_all) || !list_empty(&dev->ptype_all)) dev_queue_xmit_nit(skb, dev); +#ifdef CONFIG_SHORTCUT_FE + } +#endif #ifdef CONFIG_ETHERNET_PACKET_MANGLE if (!dev->eth_mangle_tx || @@ -4061,6 +4070,11 @@ void netdev_rx_handler_unregister(struct net_device *dev) } EXPORT_SYMBOL_GPL(netdev_rx_handler_unregister); +#ifdef CONFIG_SHORTCUT_FE +int (*fast_nat_recv)(struct sk_buff *skb) __rcu __read_mostly; +EXPORT_SYMBOL_GPL(fast_nat_recv); +#endif + /* * Limit the use of PFMEMALLOC reserves to those protocols that implement * the special handling of PFMEMALLOC skbs. @@ -4108,6 +4122,9 @@ static int __netif_receive_skb_core(struct sk_buff *skb, bool pfmemalloc) bool deliver_exact = false; int ret = NET_RX_DROP; __be16 type; +#ifdef CONFIG_SHORTCUT_FE + int (*fast_recv)(struct sk_buff *skb); +#endif net_timestamp_check(!netdev_tstamp_prequeue, skb); @@ -4134,6 +4151,14 @@ static int __netif_receive_skb_core(struct sk_buff *skb, bool pfmemalloc) goto out; } +#ifdef CONFIG_SHORTCUT_FE + fast_recv = rcu_dereference(fast_nat_recv); + if (fast_recv && fast_recv(skb)) { + ret = NET_RX_SUCCESS; + goto out; + } +#endif + #ifdef CONFIG_NET_CLS_ACT if (skb->tc_verd & TC_NCLS) { skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index f24b626..4581481 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c @@ -34,12 +34,22 @@ #include /* Do not check the TCP window for incoming packets */ +#ifdef CONFIG_SHORTCUT_FE +int nf_ct_tcp_no_window_check __read_mostly = 0; +EXPORT_SYMBOL_GPL(nf_ct_tcp_no_window_check); +#else static int nf_ct_tcp_no_window_check __read_mostly = 1; +#endif /* "Be conservative in what you do, be liberal in what you accept from others." If it's non-zero, we mark only out of window RST segments as INVALID. */ +#ifdef CONFIG_SHORTCUT_FE +int nf_ct_tcp_be_liberal __read_mostly = 0; +EXPORT_SYMBOL_GPL(nf_ct_tcp_be_liberal); +#else static int nf_ct_tcp_be_liberal __read_mostly = 0; +#endif /* If it is set to zero, we disable picking up already established connections. */ -- 2.7.4