Jakub Kicinski
2023-Apr-08 03:03 UTC
[Bridge] [PATCH net-next] net/bridge: add drop reasons for bridge forwarding
On Thu, 6 Apr 2023 19:30:34 +0800 (CST) yang.yang29 at zte.com.cn wrote:> From: xu xin <xu.xin16 at zte.com.cn> > > This creates six drop reasons as follows, which will help users know the > specific reason why bridge drops the packets when forwarding. > > 1) SKB_DROP_REASON_BRIDGE_FWD_NO_BACKUP_PORT: failed to get a backup > port link when the destination port is down. > > 2) SKB_DROP_REASON_BRIDGE_FWD_SAME_PORT: destination port is the same > with originating port when forwarding by a bridge. > > 3) SKB_DROP_REASON_BRIDGE_NON_FORWARDING_STATE: the bridge's state is > not forwarding. > > 4) SKB_DROP_REASON_BRIDGE_NOT_ALLOWED_EGRESS: the packet is not allowed > to go out through the port due to vlan filtering. > > 5) SKB_DROP_REASON_BRIDGE_SWDEV_NOT_ALLOWED_EGRESS: the packet is not > allowed to go out through the port which is offloaded by a hardware > switchdev, checked by nbp_switchdev_allowed_egress(). > > 6) SKB_DROP_REASON_BRIDGE_BOTH_PORT_ISOLATED: both source port and dest > port are in BR_ISOLATED state when bridge forwarding.> @@ -338,6 +344,33 @@ enum skb_drop_reason { > * for another host. > */ > SKB_DROP_REASON_IPV6_NDISC_NS_OTHERHOST, > + /** @SKB_DROP_REASON_BRIDGE_FWD_NO_BACKUP_PORT: failed to get a backup > + * port link when the destination port is down. > + */That's not valid kdoc. Text can be on the same line as the value only in one-line comments. Otherwise: /** * @VALUE: bla bla bla * more blas. */> +static inline bool should_deliver(const struct net_bridge_port *p, const struct sk_buff *skb, > + enum skb_drop_reason *need_reason) > { > struct net_bridge_vlan_group *vg; > + enum skb_drop_reason reason; > > vg = nbp_vlan_group_rcu(p); > - return ((p->flags & BR_HAIRPIN_MODE) || skb->dev != p->dev) && > - p->state == BR_STATE_FORWARDING && br_allowed_egress(vg, skb) && > - nbp_switchdev_allowed_egress(p, skb) && > - !br_skb_isolated(p, skb); > + if (!(p->flags & BR_HAIRPIN_MODE) && skb->dev == p->dev) { > + reason = SKB_DROP_REASON_BRIDGE_FWD_SAME_PORT; > + goto undeliverable; > + } > + if (p->state != BR_STATE_FORWARDING) { > + reason = SKB_DROP_REASON_BRIDGE_NON_FORWARDING_STATE; > + goto undeliverable; > + } > + if (!br_allowed_egress(vg, skb)) { > + reason = SKB_DROP_REASON_BRIDGE_NOT_ALLOWED_EGRESS; > + goto undeliverable; > + } > + if (!nbp_switchdev_allowed_egress(p, skb)) { > + reason = SKB_DROP_REASON_BRIDGE_SWDEV_NOT_ALLOWED_EGRESS; > + goto undeliverable; > + } > + if (br_skb_isolated(p, skb)) { > + reason = SKB_DROP_REASON_BRIDGE_BOTH_PORT_ISOLATED; > + goto undeliverable; > + } > + return true; > + > +undeliverable: > + if (need_reason) > + *need_reason = reason; > + return false;You can return the reason from this function. That's the whole point of SKB_NOT_DROPPED_YET existing and being equal to 0. Which is not to say that I know whether the reasons are worth adding here. We'll need to hear from bridge experts on that.
xu xin
2023-Apr-12 01:33 UTC
[Bridge] [PATCH net-next] net/bridge: add drop reasons for bridge forwarding
>On Thu, 6 Apr 2023 19:30:34 +0800 (CST) yang.yang29 at zte.com.cn wrote: >> From: xu xin <xu.xin16 at zte.com.cn> >> >> This creates six drop reasons as follows, which will help users know the >> specific reason why bridge drops the packets when forwarding. >> >> 1) SKB_DROP_REASON_BRIDGE_FWD_NO_BACKUP_PORT: failed to get a backup >> port link when the destination port is down. >> >> 2) SKB_DROP_REASON_BRIDGE_FWD_SAME_PORT: destination port is the same >> with originating port when forwarding by a bridge. >> >> 3) SKB_DROP_REASON_BRIDGE_NON_FORWARDING_STATE: the bridge's state is >> not forwarding. >> >> 4) SKB_DROP_REASON_BRIDGE_NOT_ALLOWED_EGRESS: the packet is not allowed >> to go out through the port due to vlan filtering. >> >> 5) SKB_DROP_REASON_BRIDGE_SWDEV_NOT_ALLOWED_EGRESS: the packet is not >> allowed to go out through the port which is offloaded by a hardware >> switchdev, checked by nbp_switchdev_allowed_egress(). >> >> 6) SKB_DROP_REASON_BRIDGE_BOTH_PORT_ISOLATED: both source port and dest >> port are in BR_ISOLATED state when bridge forwarding. > >> @@ -338,6 +344,33 @@ enum skb_drop_reason { >> * for another host. >> */ >> SKB_DROP_REASON_IPV6_NDISC_NS_OTHERHOST, >> + /** @SKB_DROP_REASON_BRIDGE_FWD_NO_BACKUP_PORT: failed to get a backup >> + * port link when the destination port is down. >> + */ > >That's not valid kdoc. Text can be on the same line as the value only >in one-line comments. Otherwise: > /** > * @VALUE: bla bla bla > * more blas. > */ >Ok, I didn't notice that.>> +static inline bool should_deliver(const struct net_bridge_port *p, const struct sk_buff *skb, >> + enum skb_drop_reason *need_reason) >> { >> struct net_bridge_vlan_group *vg; >> + enum skb_drop_reason reason; >> >> vg = nbp_vlan_group_rcu(p); >> - return ((p->flags & BR_HAIRPIN_MODE) || skb->dev != p->dev) && >> - p->state == BR_STATE_FORWARDING && br_allowed_egress(vg, skb) && >> - nbp_switchdev_allowed_egress(p, skb) && >> - !br_skb_isolated(p, skb); >> + if (!(p->flags & BR_HAIRPIN_MODE) && skb->dev == p->dev) { >> + reason = SKB_DROP_REASON_BRIDGE_FWD_SAME_PORT; >> + goto undeliverable; >> + } >> + if (p->state != BR_STATE_FORWARDING) { >> + reason = SKB_DROP_REASON_BRIDGE_NON_FORWARDING_STATE; >> + goto undeliverable; >> + } >> + if (!br_allowed_egress(vg, skb)) { >> + reason = SKB_DROP_REASON_BRIDGE_NOT_ALLOWED_EGRESS; >> + goto undeliverable; >> + } >> + if (!nbp_switchdev_allowed_egress(p, skb)) { >> + reason = SKB_DROP_REASON_BRIDGE_SWDEV_NOT_ALLOWED_EGRESS; >> + goto undeliverable; >> + } >> + if (br_skb_isolated(p, skb)) { >> + reason = SKB_DROP_REASON_BRIDGE_BOTH_PORT_ISOLATED; >> + goto undeliverable; >> + } >> + return true; >> + >> +undeliverable: >> + if (need_reason) >> + *need_reason = reason; >> + return false; > >You can return the reason from this function. That's the whole point of >SKB_NOT_DROPPED_YET existing and being equal to 0. >If returning the reasons, then the funtion will have to be renamed because 'should_deliever()' is expected to return a non-zero value when it's ok to deliever. I don't want to change the name here, and it's better to keep its name and use the pointer to store the reasons.>Which is not to say that I know whether the reasons are worth adding >here. We'll need to hear from bridge experts on that.
Jakub Kicinski
2023-Apr-12 01:49 UTC
[Bridge] [PATCH net-next] net/bridge: add drop reasons for bridge forwarding
On Wed, 12 Apr 2023 09:33:10 +0800 xu xin wrote:> >You can return the reason from this function. That's the whole point of > >SKB_NOT_DROPPED_YET existing and being equal to 0. > > If returning the reasons, then the funtion will have to be renamed because > 'should_deliever()' is expected to return a non-zero value when it's ok to > deliever. I don't want to change the name here, and it's better to keep its > name and use the pointer to store the reasons.Sure. You have to touch all callers, anyway, you can as well adjust the name.