git.baikalelectronics.ru Git - kernel.git/commit

author	David Ahern <dsahern@gmail.com>
	Tue, 26 Jun 2018 23:21:18 +0000 (16:21 -0700)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Thu, 28 Jun 2018 22:02:02 +0000 (00:02 +0200)
commit	8a363098699f999ef5b04bebec9c40a2d32adfae
tree	260a0a5f0d8139c99ac26e1941cace8f838dc5cc	tree \| snapshot
parent	bb96acccb02a5530d7be0ed2e74c4c120e1675a5	commit \| diff

bpf: Change bpf_fib_lookup to return lookup status

For ACLs implemented using either FIB rules or FIB entries, the BPF
program needs the FIB lookup status to be able to drop the packet.
Since the bpf_fib_lookup API has not reached a released kernel yet,
change the return code to contain an encoding of the FIB lookup
result and return the nexthop device index in the params struct.

In addition, inform the BPF program of any post FIB lookup reason as
to why the packet needs to go up the stack.

The fib result for unicast routes must have an egress device, so remove
the check that it is non-NULL.

Signed-off-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

include/uapi/linux/bpf.h		diff \| blob \| history
net/core/filter.c		diff \| blob \| history
samples/bpf/xdp_fwd_kern.c		diff \| blob \| history