matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'net-next'

This commit is contained in:
Stephen Hemminger 2017-05-03 09:28:10 -07:00
parent cbc7929b21 cfd2e727f0
commit 5bffc12ef4
44 changed files with 1221 additions and 989 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/libnetlink.h
View File

@ -21,6 +21,7 @@ struct rtnl_handle {
int proto;
FILE *dump_fp;
#define RTNL_HANDLE_F_LISTEN_ALL_NSID 0x01
#define RTNL_HANDLE_F_SUPPRESS_NLERR 0x02
int flags;
};

31
include/linux/bpf.h
View File

@ -81,6 +81,7 @@ enum bpf_cmd {
BPF_OBJ_GET,
BPF_PROG_ATTACH,
BPF_PROG_DETACH,
BPF_PROG_TEST_RUN,
};
enum bpf_map_type {
@ -96,6 +97,8 @@ enum bpf_map_type {
BPF_MAP_TYPE_LRU_HASH,
BPF_MAP_TYPE_LRU_PERCPU_HASH,
BPF_MAP_TYPE_LPM_TRIE,
BPF_MAP_TYPE_ARRAY_OF_MAPS,
BPF_MAP_TYPE_HASH_OF_MAPS,
};
enum bpf_prog_type {
@ -152,6 +155,7 @@ union bpf_attr {
__u32 value_size; /* size of value in bytes */
__u32 max_entries; /* max number of entries in a map */
__u32 map_flags; /* prealloc or not */
__u32 inner_map_fd; /* fd pointing to the inner map */
};
struct { /* anonymous struct used by BPF_MAP_*_ELEM commands */
@ -186,6 +190,17 @@ union bpf_attr {
__u32 attach_type;
__u32 attach_flags;
};
struct { /* anonymous struct used by BPF_PROG_TEST_RUN command */
__u32 prog_fd;
__u32 retval;
__u32 data_size_in;
__u32 data_size_out;
__aligned_u64 data_in;
__aligned_u64 data_out;
__u32 repeat;
__u32 duration;
} test;
} __attribute__((aligned(8)));
/* BPF helper function descriptions:
@ -456,6 +471,17 @@ union bpf_attr {
* Return:
* > 0 length of the string including the trailing NUL on success
* < 0 error
*
* u64 bpf_get_socket_cookie(skb)
* Get the cookie for the socket stored inside sk_buff.
* @skb: pointer to skb
* Return: 8 Bytes non-decreasing number on success or 0 if the socket
* field is missing inside sk_buff
*
* u32 bpf_get_socket_uid(skb)
* Get the owner uid of the socket stored inside sk_buff.
* @skb: pointer to skb
* Return: uid of the socket owner on success or overflowuid if failed.
*/
#define __BPF_FUNC_MAPPER(FN) \
FN(unspec), \
@ -503,7 +529,9 @@ union bpf_attr {
FN(get_numa_node_id), \
FN(skb_change_head), \
FN(xdp_adjust_head), \
FN(probe_read_str),
FN(probe_read_str), \
FN(get_socket_cookie), \
FN(get_socket_uid),
/* integer value in 'imm' field of BPF_CALL instruction selects which helper
* function eBPF program intends to call
@ -574,6 +602,7 @@ struct __sk_buff {
__u32 tc_classid;
__u32 data;
__u32 data_end;
__u32 napi_id;
};
struct bpf_tunnel_key {

74
include/linux/devlink.h
View File

@ -65,8 +65,12 @@ enum devlink_command {
#define DEVLINK_CMD_ESWITCH_MODE_SET /* obsolete, never use this! */ \
DEVLINK_CMD_ESWITCH_SET
/* add new commands above here */
DEVLINK_CMD_DPIPE_TABLE_GET,
DEVLINK_CMD_DPIPE_ENTRIES_GET,
DEVLINK_CMD_DPIPE_HEADERS_GET,
DEVLINK_CMD_DPIPE_TABLE_COUNTERS_SET,
/* add new commands above here */
__DEVLINK_CMD_MAX,
DEVLINK_CMD_MAX = __DEVLINK_CMD_MAX - 1
};
@ -115,6 +119,11 @@ enum devlink_eswitch_inline_mode {
DEVLINK_ESWITCH_INLINE_MODE_TRANSPORT,
};
enum devlink_eswitch_encap_mode {
DEVLINK_ESWITCH_ENCAP_MODE_NONE,
DEVLINK_ESWITCH_ENCAP_MODE_BASIC,
};
enum devlink_attr {
/* don't change the order or add anything between, this is ABI! */
DEVLINK_ATTR_UNSPEC,
@ -148,10 +157,73 @@ enum devlink_attr {
DEVLINK_ATTR_ESWITCH_MODE, /* u16 */
DEVLINK_ATTR_ESWITCH_INLINE_MODE, /* u8 */
DEVLINK_ATTR_DPIPE_TABLES, /* nested */
DEVLINK_ATTR_DPIPE_TABLE, /* nested */
DEVLINK_ATTR_DPIPE_TABLE_NAME, /* string */
DEVLINK_ATTR_DPIPE_TABLE_SIZE, /* u64 */
DEVLINK_ATTR_DPIPE_TABLE_MATCHES, /* nested */
DEVLINK_ATTR_DPIPE_TABLE_ACTIONS, /* nested */
DEVLINK_ATTR_DPIPE_TABLE_COUNTERS_ENABLED, /* u8 */
DEVLINK_ATTR_DPIPE_ENTRIES, /* nested */
DEVLINK_ATTR_DPIPE_ENTRY, /* nested */
DEVLINK_ATTR_DPIPE_ENTRY_INDEX, /* u64 */
DEVLINK_ATTR_DPIPE_ENTRY_MATCH_VALUES, /* nested */
DEVLINK_ATTR_DPIPE_ENTRY_ACTION_VALUES, /* nested */
DEVLINK_ATTR_DPIPE_ENTRY_COUNTER, /* u64 */
DEVLINK_ATTR_DPIPE_MATCH, /* nested */
DEVLINK_ATTR_DPIPE_MATCH_VALUE, /* nested */
DEVLINK_ATTR_DPIPE_MATCH_TYPE, /* u32 */
DEVLINK_ATTR_DPIPE_ACTION, /* nested */
DEVLINK_ATTR_DPIPE_ACTION_VALUE, /* nested */
DEVLINK_ATTR_DPIPE_ACTION_TYPE, /* u32 */
DEVLINK_ATTR_DPIPE_VALUE,
DEVLINK_ATTR_DPIPE_VALUE_MASK,
DEVLINK_ATTR_DPIPE_VALUE_MAPPING, /* u32 */
DEVLINK_ATTR_DPIPE_HEADERS, /* nested */
DEVLINK_ATTR_DPIPE_HEADER, /* nested */
DEVLINK_ATTR_DPIPE_HEADER_NAME, /* string */
DEVLINK_ATTR_DPIPE_HEADER_ID, /* u32 */
DEVLINK_ATTR_DPIPE_HEADER_FIELDS, /* nested */
DEVLINK_ATTR_DPIPE_HEADER_GLOBAL, /* u8 */
DEVLINK_ATTR_DPIPE_HEADER_INDEX, /* u32 */
DEVLINK_ATTR_DPIPE_FIELD, /* nested */
DEVLINK_ATTR_DPIPE_FIELD_NAME, /* string */
DEVLINK_ATTR_DPIPE_FIELD_ID, /* u32 */
DEVLINK_ATTR_DPIPE_FIELD_BITWIDTH, /* u32 */
DEVLINK_ATTR_DPIPE_FIELD_MAPPING_TYPE, /* u32 */
DEVLINK_ATTR_PAD,
DEVLINK_ATTR_ESWITCH_ENCAP_MODE, /* u8 */
/* add new attributes above here, update the policy in devlink.c */
__DEVLINK_ATTR_MAX,
DEVLINK_ATTR_MAX = __DEVLINK_ATTR_MAX - 1
};
/* Mapping between internal resource described by the field and system
* structure
*/
enum devlink_dpipe_field_mapping_type {
DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE,
DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX,
};
/* Match type - specify the type of the match */
enum devlink_dpipe_match_type {
DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT,
};
/* Action type - specify the action type */
enum devlink_dpipe_action_type {
DEVLINK_DPIPE_ACTION_TYPE_FIELD_MODIFY,
};
#endif /* _LINUX_DEVLINK_H_ */

1
include/linux/if_arp.h
View File

@ -95,6 +95,7 @@
#define ARPHRD_IP6GRE 823 /* GRE over IPv6 */
#define ARPHRD_NETLINK 824 /* Netlink header */
#define ARPHRD_6LOWPAN 825 /* IPv6 over LoWPAN */
#define ARPHRD_VSOCKMON 826 /* Vsock monitor header */
#define ARPHRD_VOID 0xFFFF /* Void type, nothing is known */
#define ARPHRD_NONE 0xFFFE /* zero header length */

12
include/linux/if_link.h
View File

@ -321,6 +321,7 @@ enum {
IFLA_BRPORT_MCAST_FLOOD,
IFLA_BRPORT_MCAST_TO_UCAST,
IFLA_BRPORT_VLAN_TUNNEL,
IFLA_BRPORT_BCAST_FLOOD,
__IFLA_BRPORT_MAX
};
#define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1)
@ -536,11 +537,18 @@ enum {
#define IFLA_PPP_MAX (__IFLA_PPP_MAX - 1)
/* GTP section */
enum ifla_gtp_role {
GTP_ROLE_GGSN = 0,
GTP_ROLE_SGSN,
};
enum {
IFLA_GTP_UNSPEC,
IFLA_GTP_FD0,
IFLA_GTP_FD1,
IFLA_GTP_PDP_HASHSIZE,
IFLA_GTP_ROLE,
__IFLA_GTP_MAX,
};
#define IFLA_GTP_MAX (__IFLA_GTP_MAX - 1)
@ -878,7 +886,9 @@ enum {
/* XDP section */
#define XDP_FLAGS_UPDATE_IF_NOEXIST (1U << 0)
#define XDP_FLAGS_MASK (XDP_FLAGS_UPDATE_IF_NOEXIST)
#define XDP_FLAGS_SKB_MODE (2U << 0)
#define XDP_FLAGS_MASK (XDP_FLAGS_UPDATE_IF_NOEXIST | \
XDP_FLAGS_SKB_MODE)
enum {
IFLA_XDP_UNSPEC,

1
include/linux/if_packet.h
View File

@ -66,6 +66,7 @@ struct sockaddr_ll {
#define PACKET_FANOUT_CBPF 6
#define PACKET_FANOUT_EBPF 7
#define PACKET_FANOUT_FLAG_ROLLOVER 0x1000
#define PACKET_FANOUT_FLAG_UNIQUEID 0x2000
#define PACKET_FANOUT_FLAG_DEFRAG 0x8000
struct tpacket_stats {

3
include/linux/if_tunnel.h
View File

@ -75,6 +75,7 @@ enum {
IFLA_IPTUN_ENCAP_SPORT,
IFLA_IPTUN_ENCAP_DPORT,
IFLA_IPTUN_COLLECT_METADATA,
IFLA_IPTUN_FWMARK,
__IFLA_IPTUN_MAX,
};
#define IFLA_IPTUN_MAX (__IFLA_IPTUN_MAX - 1)
@ -132,6 +133,7 @@ enum {
IFLA_GRE_ENCAP_DPORT,
IFLA_GRE_COLLECT_METADATA,
IFLA_GRE_IGNORE_DF,
IFLA_GRE_FWMARK,
__IFLA_GRE_MAX,
};
@ -147,6 +149,7 @@ enum {
IFLA_VTI_OKEY,
IFLA_VTI_LOCAL,
IFLA_VTI_REMOTE,
IFLA_VTI_FWMARK,
__IFLA_VTI_MAX,
};

2
include/linux/ipv6.h
View File

@ -183,6 +183,8 @@ enum {
DEVCONF_SEG6_REQUIRE_HMAC,
DEVCONF_ENHANCED_DAD,
DEVCONF_ADDR_GEN_MODE,
DEVCONF_DISABLE_POLICY,
DEVCONF_ACCEPT_RA_RT_INFO_MIN_PLEN,
DEVCONF_MAX
};

2
include/linux/mpls_iptunnel.h
View File

@ -16,11 +16,13 @@
/* MPLS tunnel attributes
* [RTA_ENCAP] = {
* [MPLS_IPTUNNEL_DST]
* [MPLS_IPTUNNEL_TTL]
* }
*/
enum {
MPLS_IPTUNNEL_UNSPEC,
MPLS_IPTUNNEL_DST,
MPLS_IPTUNNEL_TTL,
__MPLS_IPTUNNEL_MAX,
};
#define MPLS_IPTUNNEL_MAX (__MPLS_IPTUNNEL_MAX - 1)

48
include/linux/netlink.h
View File

@ -50,12 +50,12 @@ struct nlmsghdr {
/* Flags values */
#define NLM_F_REQUEST 1 /* It is request message. */
#define NLM_F_MULTI 2 /* Multipart message, terminated by NLMSG_DONE */
#define NLM_F_ACK 4 /* Reply with ack, with zero or error code */
#define NLM_F_ECHO 8 /* Echo this request */
#define NLM_F_DUMP_INTR 16 /* Dump was inconsistent due to sequence change */
#define NLM_F_DUMP_FILTERED 32 /* Dump was filtered as requested */
#define NLM_F_REQUEST 0x01 /* It is request message. */
#define NLM_F_MULTI 0x02 /* Multipart message, terminated by NLMSG_DONE */
#define NLM_F_ACK 0x04 /* Reply with ack, with zero or error code */
#define NLM_F_ECHO 0x08 /* Echo this request */
#define NLM_F_DUMP_INTR 0x10 /* Dump was inconsistent due to sequence change */
#define NLM_F_DUMP_FILTERED 0x20 /* Dump was filtered as requested */
/* Modifiers to GET request */
#define NLM_F_ROOT 0x100 /* specify tree root */
@ -69,6 +69,10 @@ struct nlmsghdr {
#define NLM_F_CREATE 0x400 /* Create, if it does not exist */
#define NLM_F_APPEND 0x800 /* Add to end of list */
/* Flags for ACK message */
#define NLM_F_CAPPED 0x100 /* request was capped */
#define NLM_F_ACK_TLVS 0x200 /* extended ACK TVLs were included */
/*
4.4BSD ADD NLM_F_CREATE|NLM_F_EXCL
4.4BSD CHANGE NLM_F_REPLACE
@ -101,6 +105,37 @@ struct nlmsghdr {
struct nlmsgerr {
int error;
struct nlmsghdr msg;
/*
* followed by the message contents unless NETLINK_CAP_ACK was set
* or the ACK indicates success (error == 0)
* message length is aligned with NLMSG_ALIGN()
*/
/*
* followed by TLVs defined in enum nlmsgerr_attrs
* if NETLINK_EXT_ACK was set
*/
};
/**
* enum nlmsgerr_attrs - nlmsgerr attributes
* @NLMSGERR_ATTR_UNUSED: unused
* @NLMSGERR_ATTR_MSG: error message string (string)
* @NLMSGERR_ATTR_OFFS: offset of the invalid attribute in the original
* message, counting from the beginning of the header (u32)
* @NLMSGERR_ATTR_COOKIE: arbitrary subsystem specific cookie to
* be used - in the success case - to identify a created
* object or operation or similar (binary)
* @__NLMSGERR_ATTR_MAX: number of attributes
* @NLMSGERR_ATTR_MAX: highest attribute number
*/
enum nlmsgerr_attrs {
NLMSGERR_ATTR_UNUSED,
NLMSGERR_ATTR_MSG,
NLMSGERR_ATTR_OFFS,
NLMSGERR_ATTR_COOKIE,
__NLMSGERR_ATTR_MAX,
NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1
};
#define NETLINK_ADD_MEMBERSHIP 1
@ -113,6 +148,7 @@ struct nlmsgerr {
#define NETLINK_LISTEN_ALL_NSID 8
#define NETLINK_LIST_MEMBERSHIPS 9
#define NETLINK_CAP_ACK 10
#define NETLINK_EXT_ACK 11
struct nl_pktinfo {
__u32 group;

10
include/linux/netlink_diag.h
View File

@ -38,6 +38,7 @@ enum {
NETLINK_DIAG_GROUPS,
NETLINK_DIAG_RX_RING,
NETLINK_DIAG_TX_RING,
NETLINK_DIAG_FLAGS,
__NETLINK_DIAG_MAX,
};
@ -50,5 +51,14 @@ enum {
#define NDIAG_SHOW_GROUPS 0x00000002 /* show groups of a netlink socket */
/* deprecated since 4.6 */
#define NDIAG_SHOW_RING_CFG 0x00000004 /* show ring configuration */
#define NDIAG_SHOW_FLAGS 0x00000008 /* show flags of a netlink socket */
/* flags */
#define NDIAG_FLAG_CB_RUNNING 0x00000001
#define NDIAG_FLAG_PKTINFO 0x00000002
#define NDIAG_FLAG_BROADCAST_ERROR 0x00000004
#define NDIAG_FLAG_NO_ENOBUFS 0x00000008
#define NDIAG_FLAG_LISTEN_ALL_NSID 0x00000010
#define NDIAG_FLAG_CAP_ACK 0x00000020
#endif

5
include/linux/pkt_cls.h
View File

@ -432,6 +432,11 @@ enum {
TCA_FLOWER_KEY_ARP_THA, /* ETH_ALEN */
TCA_FLOWER_KEY_ARP_THA_MASK, /* ETH_ALEN */
TCA_FLOWER_KEY_MPLS_TTL, /* u8 - 8 bits */
TCA_FLOWER_KEY_MPLS_BOS, /* u8 - 1 bit */
TCA_FLOWER_KEY_MPLS_TC, /* u8 - 3 bits */
TCA_FLOWER_KEY_MPLS_LABEL, /* be32 - 20 bits */
__TCA_FLOWER_MAX,
};

8
include/linux/pkt_sched.h
View File

@ -617,6 +617,14 @@ struct tc_drr_stats {
#define TC_QOPT_BITMASK 15
#define TC_QOPT_MAX_QUEUE 16
enum {
TC_MQPRIO_HW_OFFLOAD_NONE, /* no offload requested */
TC_MQPRIO_HW_OFFLOAD_TCS, /* offload TCs, no queue counts */
__TC_MQPRIO_HW_OFFLOAD_MAX
};
#define TC_MQPRIO_HW_OFFLOAD_MAX (__TC_MQPRIO_HW_OFFLOAD_MAX - 1)
struct tc_mqprio_qopt {
__u8 num_tc;
__u8 prio_tc_map[TC_QOPT_BITMASK + 1];

4
include/linux/rtnetlink.h
View File

@ -122,6 +122,8 @@ enum {
RTM_NEWNETCONF = 80,
#define RTM_NEWNETCONF RTM_NEWNETCONF
RTM_DELNETCONF,
#define RTM_DELNETCONF RTM_DELNETCONF
RTM_GETNETCONF = 82,
#define RTM_GETNETCONF RTM_GETNETCONF
@ -319,6 +321,7 @@ enum rtattr_type_t {
RTA_EXPIRES,
RTA_PAD,
RTA_UID,
RTA_TTL_PROPAGATE,
__RTA_MAX
};
@ -545,6 +548,7 @@ enum {
TCA_STATS2,
TCA_STAB,
TCA_PAD,
TCA_DUMP_INVISIBLE,
__TCA_MAX
};

32
include/linux/sctp.h
View File

@ -115,6 +115,8 @@ typedef __s32 sctp_assoc_t;
#define SCTP_PR_SUPPORTED 113
#define SCTP_DEFAULT_PRINFO 114
#define SCTP_PR_ASSOC_STATUS 115
#define SCTP_PR_STREAM_STATUS 116
#define SCTP_RECONFIG_SUPPORTED 117
#define SCTP_ENABLE_STREAM_RESET 118
#define SCTP_RESET_STREAMS 119
#define SCTP_RESET_ASSOC 120
@ -502,6 +504,28 @@ struct sctp_stream_reset_event {
__u16 strreset_stream_list[];
};
#define SCTP_ASSOC_RESET_DENIED 0x0004
#define SCTP_ASSOC_RESET_FAILED 0x0008
struct sctp_assoc_reset_event {
__u16 assocreset_type;
__u16 assocreset_flags;
__u32 assocreset_length;
sctp_assoc_t assocreset_assoc_id;
__u32 assocreset_local_tsn;
__u32 assocreset_remote_tsn;
};
#define SCTP_ASSOC_CHANGE_DENIED 0x0004
#define SCTP_ASSOC_CHANGE_FAILED 0x0008
struct sctp_stream_change_event {
__u16 strchange_type;
__u16 strchange_flags;
__u32 strchange_length;
sctp_assoc_t strchange_assoc_id;
__u16 strchange_instrms;
__u16 strchange_outstrms;
};
/*
* Described in Section 7.3
* Ancillary Data and Notification Interest Options
@ -518,6 +542,8 @@ struct sctp_event_subscribe {
__u8 sctp_authentication_event;
__u8 sctp_sender_dry_event;
__u8 sctp_stream_reset_event;
__u8 sctp_assoc_reset_event;
__u8 sctp_stream_change_event;
};
/*
@ -543,6 +569,8 @@ union sctp_notification {
struct sctp_authkey_event sn_authkey_event;
struct sctp_sender_dry_event sn_sender_dry_event;
struct sctp_stream_reset_event sn_strreset_event;
struct sctp_assoc_reset_event sn_assocreset_event;
struct sctp_stream_change_event sn_strchange_event;
};
/* Section 5.3.1
@ -572,6 +600,10 @@ enum sctp_sn_type {
#define SCTP_SENDER_DRY_EVENT SCTP_SENDER_DRY_EVENT
SCTP_STREAM_RESET_EVENT,
#define SCTP_STREAM_RESET_EVENT SCTP_STREAM_RESET_EVENT
SCTP_ASSOC_RESET_EVENT,
#define SCTP_ASSOC_RESET_EVENT SCTP_ASSOC_RESET_EVENT
SCTP_STREAM_CHANGE_EVENT,
#define SCTP_STREAM_CHANGE_EVENT SCTP_STREAM_CHANGE_EVENT
};
/* Notification error codes used to fill up the error fields in some

54
include/linux/seg6.h Normal file
View File

@ -0,0 +1,54 @@
/*
* SR-IPv6 implementation
*
* Author:
* David Lebrun <david.lebrun@uclouvain.be>
*
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*/
#ifndef _LINUX_SEG6_H
#define _LINUX_SEG6_H
#include <linux/types.h>
#include <linux/in6.h> /* For struct in6_addr. */
/*
* SRH
*/
struct ipv6_sr_hdr {
__u8 nexthdr;
__u8 hdrlen;
__u8 type;
__u8 segments_left;
__u8 first_segment;
__u8 flags;
__u16 reserved;
struct in6_addr segments[0];
};
#define SR6_FLAG1_PROTECTED (1 << 6)
#define SR6_FLAG1_OAM (1 << 5)
#define SR6_FLAG1_ALERT (1 << 4)
#define SR6_FLAG1_HMAC (1 << 3)
#define SR6_TLV_INGRESS 1
#define SR6_TLV_EGRESS 2
#define SR6_TLV_OPAQUE 3
#define SR6_TLV_PADDING 4
#define SR6_TLV_HMAC 5
#define sr_has_hmac(srh) ((srh)->flags & SR6_FLAG1_HMAC)
struct sr6_tlv {
__u8 type;
__u8 len;
__u8 data[0];
};
#endif

32
include/linux/seg6_genl.h Normal file
View File

@ -0,0 +1,32 @@
#ifndef _LINUX_SEG6_GENL_H
#define _LINUX_SEG6_GENL_H
#define SEG6_GENL_NAME "SEG6"
#define SEG6_GENL_VERSION 0x1
enum {
SEG6_ATTR_UNSPEC,
SEG6_ATTR_DST,
SEG6_ATTR_DSTLEN,
SEG6_ATTR_HMACKEYID,
SEG6_ATTR_SECRET,
SEG6_ATTR_SECRETLEN,
SEG6_ATTR_ALGID,
SEG6_ATTR_HMACINFO,
__SEG6_ATTR_MAX,
};
#define SEG6_ATTR_MAX (__SEG6_ATTR_MAX - 1)
enum {
SEG6_CMD_UNSPEC,
SEG6_CMD_SETHMAC,
SEG6_CMD_DUMPHMAC,
SEG6_CMD_SET_TUNSRC,
SEG6_CMD_GET_TUNSRC,
__SEG6_CMD_MAX,
};
#define SEG6_CMD_MAX (__SEG6_CMD_MAX - 1)
#endif

22
include/linux/seg6_hmac.h Normal file
View File

@ -0,0 +1,22 @@
#ifndef _LINUX_SEG6_HMAC_H
#define _LINUX_SEG6_HMAC_H
#include <linux/types.h>
#include <linux/seg6.h>
#define SEG6_HMAC_SECRET_LEN 64
#define SEG6_HMAC_FIELD_LEN 32
struct sr6_tlv_hmac {
struct sr6_tlv tlvhdr;
__u16 reserved;
__be32 hmackeyid;
__u8 hmac[SEG6_HMAC_FIELD_LEN];
};
enum {
SEG6_HMAC_ALGO_SHA1 = 1,
SEG6_HMAC_ALGO_SHA256 = 2,
};
#endif

39
include/linux/seg6_iptunnel.h Normal file
View File

@ -0,0 +1,39 @@
/*
* SR-IPv6 implementation
*
* Author:
* David Lebrun <david.lebrun@uclouvain.be>
*
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*/
#ifndef _LINUX_SEG6_IPTUNNEL_H
#define _LINUX_SEG6_IPTUNNEL_H
#include <linux/seg6.h> /* For struct ipv6_sr_hdr. */
enum {
SEG6_IPTUNNEL_UNSPEC,
SEG6_IPTUNNEL_SRH,
__SEG6_IPTUNNEL_MAX,
};
#define SEG6_IPTUNNEL_MAX (__SEG6_IPTUNNEL_MAX - 1)
struct seg6_iptunnel_encap {
int mode;
struct ipv6_sr_hdr srh[0];
};
#define SEG6_IPTUN_ENCAP_SIZE(x) ((sizeof(*x)) + (((x)->srh->hdrlen + 1) << 3))
enum {
SEG6_IPTUN_MODE_INLINE,
SEG6_IPTUN_MODE_ENCAP,
};
#endif

932
include/linux/sysctl.h
View File

@ -1,932 +0,0 @@
/*
* sysctl.h: General linux system control interface
*
* Begun 24 March 1995, Stephen Tweedie
*
****************************************************************
****************************************************************
**
** WARNING:
** The values in this file are exported to user space via
** the sysctl() binary interface. Do *NOT* change the
** numbering of any existing values here, and do not change
** any numbers within any one set of values. If you have to
** redefine an existing interface, use a new number for it.
** The kernel will then return -ENOTDIR to any application using
** the old binary interface.
**
****************************************************************
****************************************************************
*/
#ifndef _LINUX_SYSCTL_H
#define _LINUX_SYSCTL_H
#include <linux/kernel.h>
#include <linux/types.h>
#define CTL_MAXNAME 10 /* how many path components do we allow in a
call to sysctl? In other words, what is
the largest acceptable value for the nlen
member of a struct __sysctl_args to have? */
struct __sysctl_args {
int *name;
int nlen;
void *oldval;
size_t *oldlenp;
void *newval;
size_t newlen;
unsigned long __unused[4];
};
/* Define sysctl names first */
/* Top-level names: */
enum
{
CTL_KERN=1, /* General kernel info and control */
CTL_VM=2, /* VM management */
CTL_NET=3, /* Networking */
CTL_PROC=4, /* removal breaks strace(1) compilation */
CTL_FS=5, /* Filesystems */
CTL_DEBUG=6, /* Debugging */
CTL_DEV=7, /* Devices */
CTL_BUS=8, /* Busses */
CTL_ABI=9, /* Binary emulation */
CTL_CPU=10, /* CPU stuff (speed scaling, etc) */
CTL_ARLAN=254, /* arlan wireless driver */
CTL_S390DBF=5677, /* s390 debug */
CTL_SUNRPC=7249, /* sunrpc debug */
CTL_PM=9899, /* frv power management */
CTL_FRV=9898, /* frv specific sysctls */
};
/* CTL_BUS names: */
enum
{
CTL_BUS_ISA=1 /* ISA */
};
/* /proc/sys/fs/inotify/ */
enum
{
INOTIFY_MAX_USER_INSTANCES=1, /* max instances per user */
INOTIFY_MAX_USER_WATCHES=2, /* max watches per user */
INOTIFY_MAX_QUEUED_EVENTS=3 /* max queued events per instance */
};
/* CTL_KERN names: */
enum
{
KERN_OSTYPE=1, /* string: system version */
KERN_OSRELEASE=2, /* string: system release */
KERN_OSREV=3, /* int: system revision */
KERN_VERSION=4, /* string: compile time info */
KERN_SECUREMASK=5, /* struct: maximum rights mask */
KERN_PROF=6, /* table: profiling information */
KERN_NODENAME=7, /* string: hostname */
KERN_DOMAINNAME=8, /* string: domainname */
KERN_PANIC=15, /* int: panic timeout */
KERN_REALROOTDEV=16, /* real root device to mount after initrd */
KERN_SPARC_REBOOT=21, /* reboot command on Sparc */
KERN_CTLALTDEL=22, /* int: allow ctl-alt-del to reboot */
KERN_PRINTK=23, /* struct: control printk logging parameters */
KERN_NAMETRANS=24, /* Name translation */
KERN_PPC_HTABRECLAIM=25, /* turn htab reclaimation on/off on PPC */
KERN_PPC_ZEROPAGED=26, /* turn idle page zeroing on/off on PPC */
KERN_PPC_POWERSAVE_NAP=27, /* use nap mode for power saving */
KERN_MODPROBE=28, /* string: modprobe path */
KERN_SG_BIG_BUFF=29, /* int: sg driver reserved buffer size */
KERN_ACCT=30, /* BSD process accounting parameters */
KERN_PPC_L2CR=31, /* l2cr register on PPC */
KERN_RTSIGNR=32, /* Number of rt sigs queued */
KERN_RTSIGMAX=33, /* Max queuable */
KERN_SHMMAX=34, /* long: Maximum shared memory segment */
KERN_MSGMAX=35, /* int: Maximum size of a messege */
KERN_MSGMNB=36, /* int: Maximum message queue size */
KERN_MSGPOOL=37, /* int: Maximum system message pool size */
KERN_SYSRQ=38, /* int: Sysreq enable */
KERN_MAX_THREADS=39, /* int: Maximum nr of threads in the system */
KERN_RANDOM=40, /* Random driver */
KERN_SHMALL=41, /* int: Maximum size of shared memory */
KERN_MSGMNI=42, /* int: msg queue identifiers */
KERN_SEM=43, /* struct: sysv semaphore limits */
KERN_SPARC_STOP_A=44, /* int: Sparc Stop-A enable */
KERN_SHMMNI=45, /* int: shm array identifiers */
KERN_OVERFLOWUID=46, /* int: overflow UID */
KERN_OVERFLOWGID=47, /* int: overflow GID */
KERN_SHMPATH=48, /* string: path to shm fs */
KERN_HOTPLUG=49, /* string: path to uevent helper (deprecated) */
KERN_IEEE_EMULATION_WARNINGS=50, /* int: unimplemented ieee instructions */
KERN_S390_USER_DEBUG_LOGGING=51, /* int: dumps of user faults */
KERN_CORE_USES_PID=52, /* int: use core or core.%pid */
KERN_TAINTED=53, /* int: various kernel tainted flags */
KERN_CADPID=54, /* int: PID of the process to notify on CAD */
KERN_PIDMAX=55, /* int: PID # limit */
KERN_CORE_PATTERN=56, /* string: pattern for core-file names */
KERN_PANIC_ON_OOPS=57, /* int: whether we will panic on an oops */
KERN_HPPA_PWRSW=58, /* int: hppa soft-power enable */
KERN_HPPA_UNALIGNED=59, /* int: hppa unaligned-trap enable */
KERN_PRINTK_RATELIMIT=60, /* int: tune printk ratelimiting */
KERN_PRINTK_RATELIMIT_BURST=61, /* int: tune printk ratelimiting */
KERN_PTY=62, /* dir: pty driver */
KERN_NGROUPS_MAX=63, /* int: NGROUPS_MAX */
KERN_SPARC_SCONS_PWROFF=64, /* int: serial console power-off halt */
KERN_HZ_TIMER=65, /* int: hz timer on or off */
KERN_UNKNOWN_NMI_PANIC=66, /* int: unknown nmi panic flag */
KERN_BOOTLOADER_TYPE=67, /* int: boot loader type */
KERN_RANDOMIZE=68, /* int: randomize virtual address space */
KERN_SETUID_DUMPABLE=69, /* int: behaviour of dumps for setuid core */
KERN_SPIN_RETRY=70, /* int: number of spinlock retries */
KERN_ACPI_VIDEO_FLAGS=71, /* int: flags for setting up video after ACPI sleep */
KERN_IA64_UNALIGNED=72, /* int: ia64 unaligned userland trap enable */
KERN_COMPAT_LOG=73, /* int: print compat layer messages */
KERN_MAX_LOCK_DEPTH=74, /* int: rtmutex's maximum lock depth */
KERN_NMI_WATCHDOG=75, /* int: enable/disable nmi watchdog */
KERN_PANIC_ON_NMI=76, /* int: whether we will panic on an unrecovered */
KERN_PANIC_ON_WARN=77, /* int: call panic() in WARN() functions */
};
/* CTL_VM names: */
enum
{
VM_UNUSED1=1, /* was: struct: Set vm swapping control */
VM_UNUSED2=2, /* was; int: Linear or sqrt() swapout for hogs */
VM_UNUSED3=3, /* was: struct: Set free page thresholds */
VM_UNUSED4=4, /* Spare */
VM_OVERCOMMIT_MEMORY=5, /* Turn off the virtual memory safety limit */
VM_UNUSED5=6, /* was: struct: Set buffer memory thresholds */
VM_UNUSED7=7, /* was: struct: Set cache memory thresholds */
VM_UNUSED8=8, /* was: struct: Control kswapd behaviour */
VM_UNUSED9=9, /* was: struct: Set page table cache parameters */
VM_PAGE_CLUSTER=10, /* int: set number of pages to swap together */
VM_DIRTY_BACKGROUND=11, /* dirty_background_ratio */
VM_DIRTY_RATIO=12, /* dirty_ratio */
VM_DIRTY_WB_CS=13, /* dirty_writeback_centisecs */
VM_DIRTY_EXPIRE_CS=14, /* dirty_expire_centisecs */
VM_NR_PDFLUSH_THREADS=15, /* nr_pdflush_threads */
VM_OVERCOMMIT_RATIO=16, /* percent of RAM to allow overcommit in */
VM_PAGEBUF=17, /* struct: Control pagebuf parameters */
VM_HUGETLB_PAGES=18, /* int: Number of available Huge Pages */
VM_SWAPPINESS=19, /* Tendency to steal mapped memory */
VM_LOWMEM_RESERVE_RATIO=20,/* reservation ratio for lower memory zones */
VM_MIN_FREE_KBYTES=21, /* Minimum free kilobytes to maintain */
VM_MAX_MAP_COUNT=22, /* int: Maximum number of mmaps/address-space */
VM_LAPTOP_MODE=23, /* vm laptop mode */
VM_BLOCK_DUMP=24, /* block dump mode */
VM_HUGETLB_GROUP=25, /* permitted hugetlb group */
VM_VFS_CACHE_PRESSURE=26, /* dcache/icache reclaim pressure */
VM_LEGACY_VA_LAYOUT=27, /* legacy/compatibility virtual address space layout */
VM_SWAP_TOKEN_TIMEOUT=28, /* default time for token time out */
VM_DROP_PAGECACHE=29, /* int: nuke lots of pagecache */
VM_PERCPU_PAGELIST_FRACTION=30,/* int: fraction of pages in each percpu_pagelist */
VM_ZONE_RECLAIM_MODE=31, /* reclaim local zone memory before going off node */
VM_MIN_UNMAPPED=32, /* Set min percent of unmapped pages */
VM_PANIC_ON_OOM=33, /* panic at out-of-memory */
VM_VDSO_ENABLED=34, /* map VDSO into new processes? */
VM_MIN_SLAB=35, /* Percent pages ignored by zone reclaim */
};
/* CTL_NET names: */
enum
{
NET_CORE=1,
NET_ETHER=2,
NET_802=3,
NET_UNIX=4,
NET_IPV4=5,
NET_IPX=6,
NET_ATALK=7,
NET_NETROM=8,
NET_AX25=9,
NET_BRIDGE=10,
NET_ROSE=11,
NET_IPV6=12,
NET_X25=13,
NET_TR=14,
NET_DECNET=15,
NET_ECONET=16,
NET_SCTP=17,
NET_LLC=18,
NET_NETFILTER=19,
NET_DCCP=20,
NET_IRDA=412,
};
/* /proc/sys/kernel/random */
enum
{
RANDOM_POOLSIZE=1,
RANDOM_ENTROPY_COUNT=2,
RANDOM_READ_THRESH=3,
RANDOM_WRITE_THRESH=4,
RANDOM_BOOT_ID=5,
RANDOM_UUID=6
};
/* /proc/sys/kernel/pty */
enum
{
PTY_MAX=1,
PTY_NR=2
};
/* /proc/sys/bus/isa */
enum
{
BUS_ISA_MEM_BASE=1,
BUS_ISA_PORT_BASE=2,
BUS_ISA_PORT_SHIFT=3
};
/* /proc/sys/net/core */
enum
{
NET_CORE_WMEM_MAX=1,
NET_CORE_RMEM_MAX=2,
NET_CORE_WMEM_DEFAULT=3,
NET_CORE_RMEM_DEFAULT=4,
/* was NET_CORE_DESTROY_DELAY */
NET_CORE_MAX_BACKLOG=6,
NET_CORE_FASTROUTE=7,
NET_CORE_MSG_COST=8,
NET_CORE_MSG_BURST=9,
NET_CORE_OPTMEM_MAX=10,
NET_CORE_HOT_LIST_LENGTH=11,
NET_CORE_DIVERT_VERSION=12,
NET_CORE_NO_CONG_THRESH=13,
NET_CORE_NO_CONG=14,
NET_CORE_LO_CONG=15,
NET_CORE_MOD_CONG=16,
NET_CORE_DEV_WEIGHT=17,
NET_CORE_SOMAXCONN=18,
NET_CORE_BUDGET=19,
NET_CORE_AEVENT_ETIME=20,
NET_CORE_AEVENT_RSEQTH=21,
NET_CORE_WARNINGS=22,
};
/* /proc/sys/net/ethernet */
/* /proc/sys/net/802 */
/* /proc/sys/net/unix */
enum
{
NET_UNIX_DESTROY_DELAY=1,
NET_UNIX_DELETE_DELAY=2,
NET_UNIX_MAX_DGRAM_QLEN=3,
};
/* /proc/sys/net/netfilter */
enum
{
NET_NF_CONNTRACK_MAX=1,
NET_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT=2,
NET_NF_CONNTRACK_TCP_TIMEOUT_SYN_RECV=3,
NET_NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED=4,
NET_NF_CONNTRACK_TCP_TIMEOUT_FIN_WAIT=5,
NET_NF_CONNTRACK_TCP_TIMEOUT_CLOSE_WAIT=6,
NET_NF_CONNTRACK_TCP_TIMEOUT_LAST_ACK=7,
NET_NF_CONNTRACK_TCP_TIMEOUT_TIME_WAIT=8,
NET_NF_CONNTRACK_TCP_TIMEOUT_CLOSE=9,
NET_NF_CONNTRACK_UDP_TIMEOUT=10,
NET_NF_CONNTRACK_UDP_TIMEOUT_STREAM=11,
NET_NF_CONNTRACK_ICMP_TIMEOUT=12,
NET_NF_CONNTRACK_GENERIC_TIMEOUT=13,
NET_NF_CONNTRACK_BUCKETS=14,
NET_NF_CONNTRACK_LOG_INVALID=15,
NET_NF_CONNTRACK_TCP_TIMEOUT_MAX_RETRANS=16,
NET_NF_CONNTRACK_TCP_LOOSE=17,
NET_NF_CONNTRACK_TCP_BE_LIBERAL=18,
NET_NF_CONNTRACK_TCP_MAX_RETRANS=19,
NET_NF_CONNTRACK_SCTP_TIMEOUT_CLOSED=20,
NET_NF_CONNTRACK_SCTP_TIMEOUT_COOKIE_WAIT=21,
NET_NF_CONNTRACK_SCTP_TIMEOUT_COOKIE_ECHOED=22,
NET_NF_CONNTRACK_SCTP_TIMEOUT_ESTABLISHED=23,
NET_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_SENT=24,
NET_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD=25,
NET_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT=26,
NET_NF_CONNTRACK_COUNT=27,
NET_NF_CONNTRACK_ICMPV6_TIMEOUT=28,
NET_NF_CONNTRACK_FRAG6_TIMEOUT=29,
NET_NF_CONNTRACK_FRAG6_LOW_THRESH=30,
NET_NF_CONNTRACK_FRAG6_HIGH_THRESH=31,
NET_NF_CONNTRACK_CHECKSUM=32,
};
/* /proc/sys/net/ipv4 */
enum
{
/* v2.0 compatibile variables */
NET_IPV4_FORWARD=8,
NET_IPV4_DYNADDR=9,
NET_IPV4_CONF=16,
NET_IPV4_NEIGH=17,
NET_IPV4_ROUTE=18,
NET_IPV4_FIB_HASH=19,
NET_IPV4_NETFILTER=20,
NET_IPV4_TCP_TIMESTAMPS=33,
NET_IPV4_TCP_WINDOW_SCALING=34,
NET_IPV4_TCP_SACK=35,
NET_IPV4_TCP_RETRANS_COLLAPSE=36,
NET_IPV4_DEFAULT_TTL=37,
NET_IPV4_AUTOCONFIG=38,
NET_IPV4_NO_PMTU_DISC=39,
NET_IPV4_TCP_SYN_RETRIES=40,
NET_IPV4_IPFRAG_HIGH_THRESH=41,
NET_IPV4_IPFRAG_LOW_THRESH=42,
NET_IPV4_IPFRAG_TIME=43,
NET_IPV4_TCP_MAX_KA_PROBES=44,
NET_IPV4_TCP_KEEPALIVE_TIME=45,
NET_IPV4_TCP_KEEPALIVE_PROBES=46,
NET_IPV4_TCP_RETRIES1=47,
NET_IPV4_TCP_RETRIES2=48,
NET_IPV4_TCP_FIN_TIMEOUT=49,
NET_IPV4_IP_MASQ_DEBUG=50,
NET_TCP_SYNCOOKIES=51,
NET_TCP_STDURG=52,
NET_TCP_RFC1337=53,
NET_TCP_SYN_TAILDROP=54,
NET_TCP_MAX_SYN_BACKLOG=55,
NET_IPV4_LOCAL_PORT_RANGE=56,
NET_IPV4_ICMP_ECHO_IGNORE_ALL=57,
NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS=58,
NET_IPV4_ICMP_SOURCEQUENCH_RATE=59,
NET_IPV4_ICMP_DESTUNREACH_RATE=60,
NET_IPV4_ICMP_TIMEEXCEED_RATE=61,
NET_IPV4_ICMP_PARAMPROB_RATE=62,
NET_IPV4_ICMP_ECHOREPLY_RATE=63,
NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES=64,
NET_IPV4_IGMP_MAX_MEMBERSHIPS=65,
NET_TCP_TW_RECYCLE=66,
NET_IPV4_ALWAYS_DEFRAG=67,
NET_IPV4_TCP_KEEPALIVE_INTVL=68,
NET_IPV4_INET_PEER_THRESHOLD=69,
NET_IPV4_INET_PEER_MINTTL=70,
NET_IPV4_INET_PEER_MAXTTL=71,
NET_IPV4_INET_PEER_GC_MINTIME=72,
NET_IPV4_INET_PEER_GC_MAXTIME=73,
NET_TCP_ORPHAN_RETRIES=74,
NET_TCP_ABORT_ON_OVERFLOW=75,
NET_TCP_SYNACK_RETRIES=76,
NET_TCP_MAX_ORPHANS=77,
NET_TCP_MAX_TW_BUCKETS=78,
NET_TCP_FACK=79,
NET_TCP_REORDERING=80,
NET_TCP_ECN=81,
NET_TCP_DSACK=82,
NET_TCP_MEM=83,
NET_TCP_WMEM=84,
NET_TCP_RMEM=85,
NET_TCP_APP_WIN=86,
NET_TCP_ADV_WIN_SCALE=87,
NET_IPV4_NONLOCAL_BIND=88,
NET_IPV4_ICMP_RATELIMIT=89,
NET_IPV4_ICMP_RATEMASK=90,
NET_TCP_TW_REUSE=91,
NET_TCP_FRTO=92,
NET_TCP_LOW_LATENCY=93,
NET_IPV4_IPFRAG_SECRET_INTERVAL=94,
NET_IPV4_IGMP_MAX_MSF=96,
NET_TCP_NO_METRICS_SAVE=97,
NET_TCP_DEFAULT_WIN_SCALE=105,
NET_TCP_MODERATE_RCVBUF=106,
NET_TCP_TSO_WIN_DIVISOR=107,
NET_TCP_BIC_BETA=108,
NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR=109,
NET_TCP_CONG_CONTROL=110,
NET_TCP_ABC=111,
NET_IPV4_IPFRAG_MAX_DIST=112,
NET_TCP_MTU_PROBING=113,
NET_TCP_BASE_MSS=114,
NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS=115,
NET_TCP_DMA_COPYBREAK=116,
NET_TCP_SLOW_START_AFTER_IDLE=117,
NET_CIPSOV4_CACHE_ENABLE=118,
NET_CIPSOV4_CACHE_BUCKET_SIZE=119,
NET_CIPSOV4_RBM_OPTFMT=120,
NET_CIPSOV4_RBM_STRICTVALID=121,
NET_TCP_AVAIL_CONG_CONTROL=122,
NET_TCP_ALLOWED_CONG_CONTROL=123,
NET_TCP_MAX_SSTHRESH=124,
NET_TCP_FRTO_RESPONSE=125,
};
enum {
NET_IPV4_ROUTE_FLUSH=1,
NET_IPV4_ROUTE_MIN_DELAY=2, /* obsolete since 2.6.25 */
NET_IPV4_ROUTE_MAX_DELAY=3, /* obsolete since 2.6.25 */
NET_IPV4_ROUTE_GC_THRESH=4,
NET_IPV4_ROUTE_MAX_SIZE=5,
NET_IPV4_ROUTE_GC_MIN_INTERVAL=6,
NET_IPV4_ROUTE_GC_TIMEOUT=7,
NET_IPV4_ROUTE_GC_INTERVAL=8, /* obsolete since 2.6.38 */
NET_IPV4_ROUTE_REDIRECT_LOAD=9,
NET_IPV4_ROUTE_REDIRECT_NUMBER=10,
NET_IPV4_ROUTE_REDIRECT_SILENCE=11,
NET_IPV4_ROUTE_ERROR_COST=12,
NET_IPV4_ROUTE_ERROR_BURST=13,
NET_IPV4_ROUTE_GC_ELASTICITY=14,
NET_IPV4_ROUTE_MTU_EXPIRES=15,
NET_IPV4_ROUTE_MIN_PMTU=16,
NET_IPV4_ROUTE_MIN_ADVMSS=17,
NET_IPV4_ROUTE_SECRET_INTERVAL=18,
NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS=19,
};
enum
{
NET_PROTO_CONF_ALL=-2,
NET_PROTO_CONF_DEFAULT=-3
/* And device ifindices ... */
};
enum
{
NET_IPV4_CONF_FORWARDING=1,
NET_IPV4_CONF_MC_FORWARDING=2,
NET_IPV4_CONF_PROXY_ARP=3,
NET_IPV4_CONF_ACCEPT_REDIRECTS=4,
NET_IPV4_CONF_SECURE_REDIRECTS=5,
NET_IPV4_CONF_SEND_REDIRECTS=6,
NET_IPV4_CONF_SHARED_MEDIA=7,
NET_IPV4_CONF_RP_FILTER=8,
NET_IPV4_CONF_ACCEPT_SOURCE_ROUTE=9,
NET_IPV4_CONF_BOOTP_RELAY=10,
NET_IPV4_CONF_LOG_MARTIANS=11,
NET_IPV4_CONF_TAG=12,
NET_IPV4_CONF_ARPFILTER=13,
NET_IPV4_CONF_MEDIUM_ID=14,
NET_IPV4_CONF_NOXFRM=15,
NET_IPV4_CONF_NOPOLICY=16,
NET_IPV4_CONF_FORCE_IGMP_VERSION=17,
NET_IPV4_CONF_ARP_ANNOUNCE=18,
NET_IPV4_CONF_ARP_IGNORE=19,
NET_IPV4_CONF_PROMOTE_SECONDARIES=20,
NET_IPV4_CONF_ARP_ACCEPT=21,
NET_IPV4_CONF_ARP_NOTIFY=22,
};
/* /proc/sys/net/ipv4/netfilter */
enum
{
NET_IPV4_NF_CONNTRACK_MAX=1,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT=2,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_RECV=3,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED=4,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_FIN_WAIT=5,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_CLOSE_WAIT=6,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_LAST_ACK=7,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_TIME_WAIT=8,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_CLOSE=9,
NET_IPV4_NF_CONNTRACK_UDP_TIMEOUT=10,
NET_IPV4_NF_CONNTRACK_UDP_TIMEOUT_STREAM=11,
NET_IPV4_NF_CONNTRACK_ICMP_TIMEOUT=12,
NET_IPV4_NF_CONNTRACK_GENERIC_TIMEOUT=13,
NET_IPV4_NF_CONNTRACK_BUCKETS=14,
NET_IPV4_NF_CONNTRACK_LOG_INVALID=15,
NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_MAX_RETRANS=16,
NET_IPV4_NF_CONNTRACK_TCP_LOOSE=17,
NET_IPV4_NF_CONNTRACK_TCP_BE_LIBERAL=18,
NET_IPV4_NF_CONNTRACK_TCP_MAX_RETRANS=19,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_CLOSED=20,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_COOKIE_WAIT=21,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_COOKIE_ECHOED=22,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_ESTABLISHED=23,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_SENT=24,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD=25,
NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT=26,
NET_IPV4_NF_CONNTRACK_COUNT=27,
NET_IPV4_NF_CONNTRACK_CHECKSUM=28,
};
/* /proc/sys/net/ipv6 */
enum {
NET_IPV6_CONF=16,
NET_IPV6_NEIGH=17,
NET_IPV6_ROUTE=18,
NET_IPV6_ICMP=19,
NET_IPV6_BINDV6ONLY=20,
NET_IPV6_IP6FRAG_HIGH_THRESH=21,
NET_IPV6_IP6FRAG_LOW_THRESH=22,
NET_IPV6_IP6FRAG_TIME=23,
NET_IPV6_IP6FRAG_SECRET_INTERVAL=24,
NET_IPV6_MLD_MAX_MSF=25,
};
enum {
NET_IPV6_ROUTE_FLUSH=1,
NET_IPV6_ROUTE_GC_THRESH=2,
NET_IPV6_ROUTE_MAX_SIZE=3,
NET_IPV6_ROUTE_GC_MIN_INTERVAL=4,
NET_IPV6_ROUTE_GC_TIMEOUT=5,
NET_IPV6_ROUTE_GC_INTERVAL=6,
NET_IPV6_ROUTE_GC_ELASTICITY=7,
NET_IPV6_ROUTE_MTU_EXPIRES=8,
NET_IPV6_ROUTE_MIN_ADVMSS=9,
NET_IPV6_ROUTE_GC_MIN_INTERVAL_MS=10
};
enum {
NET_IPV6_FORWARDING=1,
NET_IPV6_HOP_LIMIT=2,
NET_IPV6_MTU=3,
NET_IPV6_ACCEPT_RA=4,
NET_IPV6_ACCEPT_REDIRECTS=5,
NET_IPV6_AUTOCONF=6,
NET_IPV6_DAD_TRANSMITS=7,
NET_IPV6_RTR_SOLICITS=8,
NET_IPV6_RTR_SOLICIT_INTERVAL=9,
NET_IPV6_RTR_SOLICIT_DELAY=10,
NET_IPV6_USE_TEMPADDR=11,
NET_IPV6_TEMP_VALID_LFT=12,
NET_IPV6_TEMP_PREFERED_LFT=13,
NET_IPV6_REGEN_MAX_RETRY=14,
NET_IPV6_MAX_DESYNC_FACTOR=15,
NET_IPV6_MAX_ADDRESSES=16,
NET_IPV6_FORCE_MLD_VERSION=17,
NET_IPV6_ACCEPT_RA_DEFRTR=18,
NET_IPV6_ACCEPT_RA_PINFO=19,
NET_IPV6_ACCEPT_RA_RTR_PREF=20,
NET_IPV6_RTR_PROBE_INTERVAL=21,
NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
NET_IPV6_PROXY_NDP=23,
NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
NET_IPV6_ACCEPT_RA_FROM_LOCAL=26,
__NET_IPV6_MAX
};
/* /proc/sys/net/ipv6/icmp */
enum {
NET_IPV6_ICMP_RATELIMIT=1
};
/* /proc/sys/net/<protocol>/neigh/<dev> */
enum {
NET_NEIGH_MCAST_SOLICIT=1,
NET_NEIGH_UCAST_SOLICIT=2,
NET_NEIGH_APP_SOLICIT=3,
NET_NEIGH_RETRANS_TIME=4,
NET_NEIGH_REACHABLE_TIME=5,
NET_NEIGH_DELAY_PROBE_TIME=6,
NET_NEIGH_GC_STALE_TIME=7,
NET_NEIGH_UNRES_QLEN=8,
NET_NEIGH_PROXY_QLEN=9,
NET_NEIGH_ANYCAST_DELAY=10,
NET_NEIGH_PROXY_DELAY=11,
NET_NEIGH_LOCKTIME=12,
NET_NEIGH_GC_INTERVAL=13,
NET_NEIGH_GC_THRESH1=14,
NET_NEIGH_GC_THRESH2=15,
NET_NEIGH_GC_THRESH3=16,
NET_NEIGH_RETRANS_TIME_MS=17,
NET_NEIGH_REACHABLE_TIME_MS=18,
};
/* /proc/sys/net/dccp */
enum {
NET_DCCP_DEFAULT=1,
};
/* /proc/sys/net/ipx */
enum {
NET_IPX_PPROP_BROADCASTING=1,
NET_IPX_FORWARDING=2
};
/* /proc/sys/net/llc */
enum {
NET_LLC2=1,
NET_LLC_STATION=2,
};
/* /proc/sys/net/llc/llc2 */
enum {
NET_LLC2_TIMEOUT=1,
};
/* /proc/sys/net/llc/station */
enum {
NET_LLC_STATION_ACK_TIMEOUT=1,
};
/* /proc/sys/net/llc/llc2/timeout */
enum {
NET_LLC2_ACK_TIMEOUT=1,
NET_LLC2_P_TIMEOUT=2,
NET_LLC2_REJ_TIMEOUT=3,
NET_LLC2_BUSY_TIMEOUT=4,
};
/* /proc/sys/net/appletalk */
enum {
NET_ATALK_AARP_EXPIRY_TIME=1,
NET_ATALK_AARP_TICK_TIME=2,
NET_ATALK_AARP_RETRANSMIT_LIMIT=3,
NET_ATALK_AARP_RESOLVE_TIME=4
};
/* /proc/sys/net/netrom */
enum {
NET_NETROM_DEFAULT_PATH_QUALITY=1,
NET_NETROM_OBSOLESCENCE_COUNT_INITIALISER=2,
NET_NETROM_NETWORK_TTL_INITIALISER=3,
NET_NETROM_TRANSPORT_TIMEOUT=4,
NET_NETROM_TRANSPORT_MAXIMUM_TRIES=5,
NET_NETROM_TRANSPORT_ACKNOWLEDGE_DELAY=6,
NET_NETROM_TRANSPORT_BUSY_DELAY=7,
NET_NETROM_TRANSPORT_REQUESTED_WINDOW_SIZE=8,
NET_NETROM_TRANSPORT_NO_ACTIVITY_TIMEOUT=9,
NET_NETROM_ROUTING_CONTROL=10,
NET_NETROM_LINK_FAILS_COUNT=11,
NET_NETROM_RESET=12
};
/* /proc/sys/net/ax25 */
enum {
NET_AX25_IP_DEFAULT_MODE=1,
NET_AX25_DEFAULT_MODE=2,
NET_AX25_BACKOFF_TYPE=3,
NET_AX25_CONNECT_MODE=4,
NET_AX25_STANDARD_WINDOW=5,
NET_AX25_EXTENDED_WINDOW=6,
NET_AX25_T1_TIMEOUT=7,
NET_AX25_T2_TIMEOUT=8,
NET_AX25_T3_TIMEOUT=9,
NET_AX25_IDLE_TIMEOUT=10,
NET_AX25_N2=11,
NET_AX25_PACLEN=12,
NET_AX25_PROTOCOL=13,
NET_AX25_DAMA_SLAVE_TIMEOUT=14
};
/* /proc/sys/net/rose */
enum {
NET_ROSE_RESTART_REQUEST_TIMEOUT=1,
NET_ROSE_CALL_REQUEST_TIMEOUT=2,
NET_ROSE_RESET_REQUEST_TIMEOUT=3,
NET_ROSE_CLEAR_REQUEST_TIMEOUT=4,
NET_ROSE_ACK_HOLD_BACK_TIMEOUT=5,
NET_ROSE_ROUTING_CONTROL=6,
NET_ROSE_LINK_FAIL_TIMEOUT=7,
NET_ROSE_MAX_VCS=8,
NET_ROSE_WINDOW_SIZE=9,
NET_ROSE_NO_ACTIVITY_TIMEOUT=10
};
/* /proc/sys/net/x25 */
enum {
NET_X25_RESTART_REQUEST_TIMEOUT=1,
NET_X25_CALL_REQUEST_TIMEOUT=2,
NET_X25_RESET_REQUEST_TIMEOUT=3,
NET_X25_CLEAR_REQUEST_TIMEOUT=4,
NET_X25_ACK_HOLD_BACK_TIMEOUT=5,
NET_X25_FORWARD=6
};
/* /proc/sys/net/token-ring */
enum
{
NET_TR_RIF_TIMEOUT=1
};
/* /proc/sys/net/decnet/ */
enum {
NET_DECNET_NODE_TYPE = 1,
NET_DECNET_NODE_ADDRESS = 2,
NET_DECNET_NODE_NAME = 3,
NET_DECNET_DEFAULT_DEVICE = 4,
NET_DECNET_TIME_WAIT = 5,
NET_DECNET_DN_COUNT = 6,
NET_DECNET_DI_COUNT = 7,
NET_DECNET_DR_COUNT = 8,
NET_DECNET_DST_GC_INTERVAL = 9,
NET_DECNET_CONF = 10,
NET_DECNET_NO_FC_MAX_CWND = 11,
NET_DECNET_MEM = 12,
NET_DECNET_RMEM = 13,
NET_DECNET_WMEM = 14,
NET_DECNET_DEBUG_LEVEL = 255
};
/* /proc/sys/net/decnet/conf/<dev> */
enum {
NET_DECNET_CONF_LOOPBACK = -2,
NET_DECNET_CONF_DDCMP = -3,
NET_DECNET_CONF_PPP = -4,
NET_DECNET_CONF_X25 = -5,
NET_DECNET_CONF_GRE = -6,
NET_DECNET_CONF_ETHER = -7
/* ... and ifindex of devices */
};
/* /proc/sys/net/decnet/conf/<dev>/ */
enum {
NET_DECNET_CONF_DEV_PRIORITY = 1,
NET_DECNET_CONF_DEV_T1 = 2,
NET_DECNET_CONF_DEV_T2 = 3,
NET_DECNET_CONF_DEV_T3 = 4,
NET_DECNET_CONF_DEV_FORWARDING = 5,
NET_DECNET_CONF_DEV_BLKSIZE = 6,
NET_DECNET_CONF_DEV_STATE = 7
};
/* /proc/sys/net/sctp */
enum {
NET_SCTP_RTO_INITIAL = 1,
NET_SCTP_RTO_MIN = 2,
NET_SCTP_RTO_MAX = 3,
NET_SCTP_RTO_ALPHA = 4,
NET_SCTP_RTO_BETA = 5,
NET_SCTP_VALID_COOKIE_LIFE = 6,
NET_SCTP_ASSOCIATION_MAX_RETRANS = 7,
NET_SCTP_PATH_MAX_RETRANS = 8,
NET_SCTP_MAX_INIT_RETRANSMITS = 9,
NET_SCTP_HB_INTERVAL = 10,
NET_SCTP_PRESERVE_ENABLE = 11,
NET_SCTP_MAX_BURST = 12,
NET_SCTP_ADDIP_ENABLE = 13,
NET_SCTP_PRSCTP_ENABLE = 14,
NET_SCTP_SNDBUF_POLICY = 15,
NET_SCTP_SACK_TIMEOUT = 16,
NET_SCTP_RCVBUF_POLICY = 17,
};
/* /proc/sys/net/bridge */
enum {
NET_BRIDGE_NF_CALL_ARPTABLES = 1,
NET_BRIDGE_NF_CALL_IPTABLES = 2,
NET_BRIDGE_NF_CALL_IP6TABLES = 3,
NET_BRIDGE_NF_FILTER_VLAN_TAGGED = 4,
NET_BRIDGE_NF_FILTER_PPPOE_TAGGED = 5,
};
/* proc/sys/net/irda */
enum {
NET_IRDA_DISCOVERY=1,
NET_IRDA_DEVNAME=2,
NET_IRDA_DEBUG=3,
NET_IRDA_FAST_POLL=4,
NET_IRDA_DISCOVERY_SLOTS=5,
NET_IRDA_DISCOVERY_TIMEOUT=6,
NET_IRDA_SLOT_TIMEOUT=7,
NET_IRDA_MAX_BAUD_RATE=8,
NET_IRDA_MIN_TX_TURN_TIME=9,
NET_IRDA_MAX_TX_DATA_SIZE=10,
NET_IRDA_MAX_TX_WINDOW=11,
NET_IRDA_MAX_NOREPLY_TIME=12,
NET_IRDA_WARN_NOREPLY_TIME=13,
NET_IRDA_LAP_KEEPALIVE_TIME=14,
};
/* CTL_FS names: */
enum
{
FS_NRINODE=1, /* int:current number of allocated inodes */
FS_STATINODE=2,
FS_MAXINODE=3, /* int:maximum number of inodes that can be allocated */
FS_NRDQUOT=4, /* int:current number of allocated dquots */
FS_MAXDQUOT=5, /* int:maximum number of dquots that can be allocated */
FS_NRFILE=6, /* int:current number of allocated filedescriptors */
FS_MAXFILE=7, /* int:maximum number of filedescriptors that can be allocated */
FS_DENTRY=8,
FS_NRSUPER=9, /* int:current number of allocated super_blocks */
FS_MAXSUPER=10, /* int:maximum number of super_blocks that can be allocated */
FS_OVERFLOWUID=11, /* int: overflow UID */
FS_OVERFLOWGID=12, /* int: overflow GID */
FS_LEASES=13, /* int: leases enabled */
FS_DIR_NOTIFY=14, /* int: directory notification enabled */
FS_LEASE_TIME=15, /* int: maximum time to wait for a lease break */
FS_DQSTATS=16, /* disc quota usage statistics and control */
FS_XFS=17, /* struct: control xfs parameters */
FS_AIO_NR=18, /* current system-wide number of aio requests */
FS_AIO_MAX_NR=19, /* system-wide maximum number of aio requests */
FS_INOTIFY=20, /* inotify submenu */
FS_OCFS2=988, /* ocfs2 */
};
/* /proc/sys/fs/quota/ */
enum {
FS_DQ_LOOKUPS = 1,
FS_DQ_DROPS = 2,
FS_DQ_READS = 3,
FS_DQ_WRITES = 4,
FS_DQ_CACHE_HITS = 5,
FS_DQ_ALLOCATED = 6,
FS_DQ_FREE = 7,
FS_DQ_SYNCS = 8,
FS_DQ_WARNINGS = 9,
};
/* CTL_DEBUG names: */
/* CTL_DEV names: */
enum {
DEV_CDROM=1,
DEV_HWMON=2,
DEV_PARPORT=3,
DEV_RAID=4,
DEV_MAC_HID=5,
DEV_SCSI=6,
DEV_IPMI=7,
};
/* /proc/sys/dev/cdrom */
enum {
DEV_CDROM_INFO=1,
DEV_CDROM_AUTOCLOSE=2,
DEV_CDROM_AUTOEJECT=3,
DEV_CDROM_DEBUG=4,
DEV_CDROM_LOCK=5,
DEV_CDROM_CHECK_MEDIA=6
};
/* /proc/sys/dev/parport */
enum {
DEV_PARPORT_DEFAULT=-3
};
/* /proc/sys/dev/raid */
enum {
DEV_RAID_SPEED_LIMIT_MIN=1,
DEV_RAID_SPEED_LIMIT_MAX=2
};
/* /proc/sys/dev/parport/default */
enum {
DEV_PARPORT_DEFAULT_TIMESLICE=1,
DEV_PARPORT_DEFAULT_SPINTIME=2
};
/* /proc/sys/dev/parport/parport n */
enum {
DEV_PARPORT_SPINTIME=1,
DEV_PARPORT_BASE_ADDR=2,
DEV_PARPORT_IRQ=3,
DEV_PARPORT_DMA=4,
DEV_PARPORT_MODES=5,
DEV_PARPORT_DEVICES=6,
DEV_PARPORT_AUTOPROBE=16
};
/* /proc/sys/dev/parport/parport n/devices/ */
enum {
DEV_PARPORT_DEVICES_ACTIVE=-3,
};
/* /proc/sys/dev/parport/parport n/devices/device n */
enum {
DEV_PARPORT_DEVICE_TIMESLICE=1,
};
/* /proc/sys/dev/mac_hid */
enum {
DEV_MAC_HID_KEYBOARD_SENDS_LINUX_KEYCODES=1,
DEV_MAC_HID_KEYBOARD_LOCK_KEYCODES=2,
DEV_MAC_HID_MOUSE_BUTTON_EMULATION=3,
DEV_MAC_HID_MOUSE_BUTTON2_KEYCODE=4,
DEV_MAC_HID_MOUSE_BUTTON3_KEYCODE=5,
DEV_MAC_HID_ADB_MOUSE_SENDS_KEYCODES=6
};
/* /proc/sys/dev/scsi */
enum {
DEV_SCSI_LOGGING_LEVEL=1,
};
/* /proc/sys/dev/ipmi */
enum {
DEV_IPMI_POWEROFF_POWERCYCLE=1,
};
/* /proc/sys/abi */
enum
{
ABI_DEFHANDLER_COFF=1, /* default handler for coff binaries */
ABI_DEFHANDLER_ELF=2, /* default handler for ELF binaries */
ABI_DEFHANDLER_LCALL7=3,/* default handler for procs using lcall7 */
ABI_DEFHANDLER_LIBCSO=4,/* default handler for an libc.so ELF interp */
ABI_TRACE=5, /* tracing flags */
ABI_FAKE_UTSNAME=6, /* fake target utsname information */
};
#endif /* _LINUX_SYSCTL_H */

8
include/linux/xfrm.h
View File

@ -303,6 +303,7 @@ enum xfrm_attr_type_t {
XFRMA_PROTO, /* __u8 */
XFRMA_ADDRESS_FILTER, /* struct xfrm_address_filter */
XFRMA_PAD,
XFRMA_OFFLOAD_DEV, /* struct xfrm_state_offload */
__XFRMA_MAX
#define XFRMA_MAX (__XFRMA_MAX - 1)
@ -494,6 +495,13 @@ struct xfrm_address_filter {
__u8 dplen;
};
struct xfrm_user_offload {
int ifindex;
__u8 flags;
};
#define XFRM_OFFLOAD_IPV6 1
#define XFRM_OFFLOAD_INBOUND 2
/* backwards compatibility for userspace */
#define XFRMGRP_ACQUIRE 1
#define XFRMGRP_EXPIRE 2

2
ip/Makefile
View File

@ -9,7 +9,7 @@ IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o ipnetns.o \
link_iptnl.o link_gre6.o iplink_bond.o iplink_bond_slave.o iplink_hsr.o \
iplink_bridge.o iplink_bridge_slave.o ipfou.o iplink_ipvlan.o \
iplink_geneve.o iplink_vrf.o iproute_lwtunnel.o ipmacsec.o ipila.o \
ipvrf.o iplink_xstats.o
ipvrf.o iplink_xstats.o ipseg6.o
RTMONOBJ=rtmon.o

3
ip/ip.c
View File

@ -52,7 +52,7 @@ static void usage(void)
"where OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |\n"
" tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |\n"
" netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |\n"
" vrf }\n"
" vrf | sr }\n"
" OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n"
" -h[uman-readable] | -iec |\n"
" -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |\n"
@ -101,6 +101,7 @@ static const struct cmd {
{ "netns", do_netns },
{ "netconf", do_ipnetconf },
{ "vrf", do_ipvrf},
{ "sr", do_seg6 },
{ "help", do_help },
{ 0 }
};

1
ip/ip_common.h
View File

@ -60,6 +60,7 @@ int do_iptoken(int argc, char **argv);
int do_ipvrf(int argc, char **argv);
void vrf_reset(void);
int netns_identify_pid(const char *pidstr, char *name, int len);
int do_seg6(int argc, char **argv);
int iplink_get(unsigned int flags, char *name, __u32 filt_mask);
int iplink_ifla_xstats(int argc, char **argv);

7
ip/iplink.c
View File

@ -612,9 +612,12 @@ int iplink_parse(int argc, char **argv, struct iplink_req *req,
if (get_integer(&mtu, *argv, 0))
invarg("Invalid \"mtu\" value\n", *argv);
addattr_l(&req->n, sizeof(*req), IFLA_MTU, &mtu, 4);
} else if (strcmp(*argv, "xdp") == 0) {
} else if (strcmp(*argv, "xdpgeneric") == 0 ||
strcmp(*argv, "xdp") == 0) {
bool generic = strcmp(*argv, "xdpgeneric") == 0;
NEXT_ARG();
if (xdp_parse(&argc, &argv, req))
if (xdp_parse(&argc, &argv, req, generic))
exit(-1);
} else if (strcmp(*argv, "netns") == 0) {
NEXT_ARG();

46
ip/iplink_xdp.c
View File

@ -19,41 +19,56 @@
extern int force;
struct xdp_req {
struct iplink_req *req;
__u32 flags;
};
static void xdp_ebpf_cb(void *raw, int fd, const char *annotation)
{
__u32 flags = !force ? XDP_FLAGS_UPDATE_IF_NOEXIST : 0;
struct iplink_req *req = raw;
struct rtattr *xdp;
struct xdp_req *xdp = raw;
struct iplink_req *req = xdp->req;
struct rtattr *xdp_attr;
xdp = addattr_nest(&req->n, sizeof(*req), IFLA_XDP);
xdp_attr = addattr_nest(&req->n, sizeof(*req), IFLA_XDP);
addattr32(&req->n, sizeof(*req), IFLA_XDP_FD, fd);
addattr32(&req->n, sizeof(*req), IFLA_XDP_FLAGS, flags);
addattr_nest_end(&req->n, xdp);
if (xdp->flags)
addattr32(&req->n, sizeof(*req), IFLA_XDP_FLAGS, xdp->flags);
addattr_nest_end(&req->n, xdp_attr);
}
static const struct bpf_cfg_ops bpf_cb_ops = {
.ebpf_cb = xdp_ebpf_cb,
};
static int xdp_delete(struct iplink_req *req)
static int xdp_delete(struct xdp_req *xdp)
{
xdp_ebpf_cb(req, -1, NULL);
xdp_ebpf_cb(xdp, -1, NULL);
return 0;
}
int xdp_parse(int *argc, char ***argv, struct iplink_req *req)
int xdp_parse(int *argc, char ***argv, struct iplink_req *req, bool generic)
{
struct bpf_cfg_in cfg = {
.argc = *argc,
.argv = *argv,
};
struct xdp_req xdp = {
.req = req,
};
if (!force)
xdp.flags |= XDP_FLAGS_UPDATE_IF_NOEXIST;
if (generic)
xdp.flags |= XDP_FLAGS_SKB_MODE;
if (*argc == 1) {
if (strcmp(**argv, "none") == 0 ||
strcmp(**argv, "off") == 0)
return xdp_delete(req);
return xdp_delete(&xdp);
}
if (bpf_parse_common(BPF_PROG_TYPE_XDP, &cfg, &bpf_cb_ops, req))
if (bpf_parse_common(BPF_PROG_TYPE_XDP, &cfg, &bpf_cb_ops, &xdp))
return -1;
*argc = cfg.argc;
@ -64,12 +79,17 @@ int xdp_parse(int *argc, char ***argv, struct iplink_req *req)
void xdp_dump(FILE *fp, struct rtattr *xdp)
{
struct rtattr *tb[IFLA_XDP_MAX + 1];
__u32 flags = 0;
parse_rtattr_nested(tb, IFLA_XDP_MAX, xdp);
if (!tb[IFLA_XDP_ATTACHED] ||
!rta_getattr_u8(tb[IFLA_XDP_ATTACHED]))
return;
fprintf(fp, "xdp ");
/* More to come here in future for 'ip -d link' (digest, etc) ... */
if (tb[IFLA_XDP_FLAGS])
flags = rta_getattr_u32(tb[IFLA_XDP_FLAGS]);
fprintf(fp, "xdp%s ",
flags & XDP_FLAGS_SKB_MODE ? "generic" : "");
}

36
ip/ipnetconf.c
View File

@ -19,6 +19,7 @@
#include <sys/time.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <errno.h>
#include "rt_names.h"
#include "utils.h"
@ -55,6 +56,7 @@ int print_netconf(const struct sockaddr_nl *who, struct rtnl_ctrl_data *ctrl,
struct netconfmsg *ncm = NLMSG_DATA(n);
int len = n->nlmsg_len;
struct rtattr *tb[NETCONFA_MAX+1];
int ifindex = 0;
if (n->nlmsg_type == NLMSG_ERROR)
return -1;
@ -76,6 +78,12 @@ int print_netconf(const struct sockaddr_nl *who, struct rtnl_ctrl_data *ctrl,
parse_rtattr(tb, NETCONFA_MAX, netconf_rta(ncm),
NLMSG_PAYLOAD(n, sizeof(*ncm)));
if (tb[NETCONFA_IFINDEX])
ifindex = rta_getattr_u32(tb[NETCONFA_IFINDEX]);
if (filter.ifindex && filter.ifindex != ifindex)
return 0;
switch (ncm->ncm_family) {
case AF_INET:
fprintf(fp, "ipv4 ");
@ -92,9 +100,7 @@ int print_netconf(const struct sockaddr_nl *who, struct rtnl_ctrl_data *ctrl,
}
if (tb[NETCONFA_IFINDEX]) {
int *ifindex = (int *)rta_getattr_str(tb[NETCONFA_IFINDEX]);
switch (*ifindex) {
switch (ifindex) {
case NETCONFA_IFINDEX_ALL:
fprintf(fp, "all ");
break;
@ -102,7 +108,7 @@ int print_netconf(const struct sockaddr_nl *who, struct rtnl_ctrl_data *ctrl,
fprintf(fp, "default ");
break;
default:
fprintf(fp, "dev %s ", ll_index_to_name(*ifindex));
fprintf(fp, "dev %s ", ll_index_to_name(ifindex));
break;
}
}
@ -168,8 +174,6 @@ static int do_show(int argc, char **argv)
ipnetconf_reset_filter(0);
filter.family = preferred_family;
if (filter.family == AF_UNSPEC)
filter.family = AF_INET;
while (argc > 0) {
if (strcmp(*argv, "dev") == 0) {
@ -185,11 +189,11 @@ static int do_show(int argc, char **argv)
}
ll_init_map(&rth);
if (filter.ifindex) {
if (filter.ifindex && filter.family != AF_UNSPEC) {
req.ncm.ncm_family = filter.family;
if (filter.ifindex)
addattr_l(&req.n, sizeof(req), NETCONFA_IFINDEX,
&filter.ifindex, sizeof(filter.ifindex));
addattr_l(&req.n, sizeof(req), NETCONFA_IFINDEX,
&filter.ifindex, sizeof(filter.ifindex));
if (rtnl_send(&rth, &req.n, req.n.nlmsg_len) < 0) {
perror("Can not send request");
@ -197,16 +201,26 @@ static int do_show(int argc, char **argv)
}
rtnl_listen(&rth, print_netconf, stdout);
} else {
rth.flags = RTNL_HANDLE_F_SUPPRESS_NLERR;
dump:
if (rtnl_wilddump_request(&rth, filter.family, RTM_GETNETCONF) < 0) {
perror("Cannot send dump request");
exit(1);
}
if (rtnl_dump_filter(&rth, print_netconf2, stdout) < 0) {
/* kernel does not support netconf dump on AF_UNSPEC;
* fall back to requesting by family
*/
if (errno == EOPNOTSUPP &&
filter.family == AF_UNSPEC) {
filter.family = AF_INET;
goto dump;
}
perror("RTNETLINK answers");
fprintf(stderr, "Dump terminated\n");
exit(1);
}
if (preferred_family == AF_UNSPEC) {
if (preferred_family == AF_UNSPEC && filter.family == AF_INET) {
preferred_family = AF_INET6;
filter.family = AF_INET6;
goto dump;

28
ip/iproute.c
View File

@ -77,6 +77,7 @@ static void usage(void)
fprintf(stderr, "NODE_SPEC := [ TYPE ] PREFIX [ tos TOS ]\n");
fprintf(stderr, " [ table TABLE_ID ] [ proto RTPROTO ]\n");
fprintf(stderr, " [ scope SCOPE ] [ metric METRIC ]\n");
fprintf(stderr, " [ ttl-propagate { enabled | disabled } ]\n");
fprintf(stderr, "INFO_SPEC := NH OPTIONS FLAGS [ nexthop NH ]...\n");
fprintf(stderr, "NH := [ encap ENCAPTYPE ENCAPHDR ] [ via [ FAMILY ] ADDRESS ]\n");
fprintf(stderr, " [ dev STRING ] [ weight NUMBER ] NHFLAGS\n");
@ -98,8 +99,10 @@ static void usage(void)
fprintf(stderr, "TIME := NUMBER[s|ms]\n");
fprintf(stderr, "BOOL := [1|0]\n");
fprintf(stderr, "FEATURES := ecn\n");
fprintf(stderr, "ENCAPTYPE := [ mpls | ip | ip6 ]\n");
fprintf(stderr, "ENCAPHDR := [ MPLSLABEL ]\n");
fprintf(stderr, "ENCAPTYPE := [ mpls | ip | ip6 | seg6 ]\n");
fprintf(stderr, "ENCAPHDR := [ MPLSLABEL | SEG6HDR ]\n");
fprintf(stderr, "SEG6HDR := [ mode SEGMODE ] segs ADDR1,ADDRi,ADDRn [hmac HMACKEYID] [cleanup]\n");
fprintf(stderr, "SEGMODE := [ encap | inline ]\n");
exit(-1);
}
@ -715,6 +718,13 @@ int print_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
fprintf(fp, "%u", pref);
}
}
if (tb[RTA_TTL_PROPAGATE]) {
fprintf(fp, "ttl-propagate ");
if (rta_getattr_u8(tb[RTA_TTL_PROPAGATE]))
fprintf(fp, "enabled");
else
fprintf(fp, "disabled");
}
fprintf(fp, "\n");
fflush(fp);
return 0;
@ -1185,6 +1195,20 @@ static int iproute_modify(int cmd, unsigned int flags, int argc, char **argv)
if (rta->rta_len > RTA_LENGTH(0))
addraw_l(&req.n, 1024, RTA_DATA(rta), RTA_PAYLOAD(rta));
} else if (strcmp(*argv, "ttl-propagate") == 0) {
__u8 ttl_prop;
NEXT_ARG();
if (matches(*argv, "enabled") == 0)
ttl_prop = 1;
else if (matches(*argv, "disabled") == 0)
ttl_prop = 0;
else
invarg("\"ttl-propagate\" value is invalid\n",
*argv);
addattr8(&req.n, sizeof(req), RTA_TTL_PROPAGATE,
ttl_prop);
} else {
int type;
inet_prefix dst;

185
ip/iproute_lwtunnel.c
View File

@ -19,6 +19,13 @@
#include <linux/ila.h>
#include <linux/lwtunnel.h>
#include <linux/mpls_iptunnel.h>
#ifndef __USE_KERNEL_IPV6_DEFS
#define __USE_KERNEL_IPV6_DEFS
#endif
#include <linux/seg6.h>
#include <linux/seg6_iptunnel.h>
#include <linux/seg6_hmac.h>
#include <errno.h>
#include "rt_names.h"
@ -39,6 +46,8 @@ static const char *format_encap_type(int type)
return "ila";
case LWTUNNEL_ENCAP_BPF:
return "bpf";
case LWTUNNEL_ENCAP_SEG6:
return "seg6";
default:
return "unknown";
}
@ -69,12 +78,49 @@ static int read_encap_type(const char *name)
return LWTUNNEL_ENCAP_ILA;
else if (strcmp(name, "bpf") == 0)
return LWTUNNEL_ENCAP_BPF;
else if (strcmp(name, "seg6") == 0)
return LWTUNNEL_ENCAP_SEG6;
else if (strcmp(name, "help") == 0)
encap_type_usage();
return LWTUNNEL_ENCAP_NONE;
}
static void print_encap_seg6(FILE *fp, struct rtattr *encap)
{
struct rtattr *tb[SEG6_IPTUNNEL_MAX+1];
struct seg6_iptunnel_encap *tuninfo;
struct ipv6_sr_hdr *srh;
int i;
parse_rtattr_nested(tb, SEG6_IPTUNNEL_MAX, encap);
if (!tb[SEG6_IPTUNNEL_SRH])
return;
tuninfo = RTA_DATA(tb[SEG6_IPTUNNEL_SRH]);
fprintf(fp, "mode %s ",
(tuninfo->mode == SEG6_IPTUN_MODE_ENCAP) ? "encap" : "inline");
srh = tuninfo->srh;
fprintf(fp, "segs %d [ ", srh->first_segment + 1);
for (i = srh->first_segment; i >= 0; i--)
fprintf(fp, "%s ",
rt_addr_n2a(AF_INET6, 16, &srh->segments[i]));
fprintf(fp, "] ");
if (sr_has_hmac(srh)) {
unsigned int offset = ((srh->hdrlen + 1) << 3) - 40;
struct sr6_tlv_hmac *tlv;
tlv = (struct sr6_tlv_hmac *)((char *)srh + offset);
fprintf(fp, "hmac 0x%X ", ntohl(tlv->hmackeyid));
}
}
static void print_encap_mpls(FILE *fp, struct rtattr *encap)
{
struct rtattr *tb[MPLS_IPTUNNEL_MAX+1];
@ -84,6 +130,9 @@ static void print_encap_mpls(FILE *fp, struct rtattr *encap)
if (tb[MPLS_IPTUNNEL_DST])
fprintf(fp, " %s ",
format_host_rta(AF_MPLS, tb[MPLS_IPTUNNEL_DST]));
if (tb[MPLS_IPTUNNEL_TTL])
fprintf(fp, "ttl %u ",
rta_getattr_u8(tb[MPLS_IPTUNNEL_TTL]));
}
static void print_encap_ip(FILE *fp, struct rtattr *encap)
@ -238,15 +287,121 @@ void lwt_print_encap(FILE *fp, struct rtattr *encap_type,
case LWTUNNEL_ENCAP_BPF:
print_encap_bpf(fp, encap);
break;
case LWTUNNEL_ENCAP_SEG6:
print_encap_seg6(fp, encap);
break;
}
}
static int parse_encap_seg6(struct rtattr *rta, size_t len, int *argcp,
char ***argvp)
{
int mode_ok = 0, segs_ok = 0, hmac_ok = 0;
struct seg6_iptunnel_encap *tuninfo;
struct ipv6_sr_hdr *srh;
char **argv = *argvp;
char segbuf[1024];
int argc = *argcp;
int encap = -1;
__u32 hmac = 0;
int nsegs = 0;
int srhlen;
char *s;
int i;
while (argc > 0) {
if (strcmp(*argv, "mode") == 0) {
NEXT_ARG();
if (mode_ok++)
duparg2("mode", *argv);
if (strcmp(*argv, "encap") == 0)
encap = 1;
else if (strcmp(*argv, "inline") == 0)
encap = 0;
else
invarg("\"mode\" value is invalid\n", *argv);
} else if (strcmp(*argv, "segs") == 0) {
NEXT_ARG();
if (segs_ok++)
duparg2("segs", *argv);
if (encap == -1)
invarg("\"segs\" provided before \"mode\"\n",
*argv);
strncpy(segbuf, *argv, 1024);
segbuf[1023] = 0;
} else if (strcmp(*argv, "hmac") == 0) {
NEXT_ARG();
if (hmac_ok++)
duparg2("hmac", *argv);
get_u32(&hmac, *argv, 0);
} else {
break;
}
argc--; argv++;
}
s = segbuf;
for (i = 0; *s; *s++ == ',' ? i++ : *s);
nsegs = i + 1;
if (!encap)
nsegs++;
srhlen = 8 + 16*nsegs;
if (hmac)
srhlen += 40;
tuninfo = malloc(sizeof(*tuninfo) + srhlen);
memset(tuninfo, 0, sizeof(*tuninfo) + srhlen);
if (encap)
tuninfo->mode = SEG6_IPTUN_MODE_ENCAP;
else
tuninfo->mode = SEG6_IPTUN_MODE_INLINE;
srh = tuninfo->srh;
srh->hdrlen = (srhlen >> 3) - 1;
srh->type = 4;
srh->segments_left = nsegs - 1;
srh->first_segment = nsegs - 1;
if (hmac)
srh->flags |= SR6_FLAG1_HMAC;
i = srh->first_segment;
for (s = strtok(segbuf, ","); s; s = strtok(NULL, ",")) {
inet_get_addr(s, NULL, &srh->segments[i]);
i--;
}
if (hmac) {
struct sr6_tlv_hmac *tlv;
tlv = (struct sr6_tlv_hmac *)((char *)srh + srhlen - 40);
tlv->tlvhdr.type = SR6_TLV_HMAC;
tlv->tlvhdr.len = 38;
tlv->hmackeyid = htonl(hmac);
}
rta_addattr_l(rta, len, SEG6_IPTUNNEL_SRH, tuninfo,
sizeof(*tuninfo) + srhlen);
free(tuninfo);
*argcp = argc + 1;
*argvp = argv - 1;
return 0;
}
static int parse_encap_mpls(struct rtattr *rta, size_t len,
int *argcp, char ***argvp)
{
inet_prefix addr;
int argc = *argcp;
char **argv = *argvp;
int ttl_ok = 0;
if (get_addr(&addr, *argv, AF_MPLS)) {
fprintf(stderr,
@ -258,8 +413,31 @@ static int parse_encap_mpls(struct rtattr *rta, size_t len,
rta_addattr_l(rta, len, MPLS_IPTUNNEL_DST, &addr.data,
addr.bytelen);
*argcp = argc;
*argvp = argv;
argc--;
argv++;
while (argc > 0) {
if (strcmp(*argv, "ttl") == 0) {
__u8 ttl;
NEXT_ARG();
if (ttl_ok++)
duparg2("ttl", *argv);
if (get_u8(&ttl, *argv, 0))
invarg("\"ttl\" value is invalid\n", *argv);
rta_addattr8(rta, len, MPLS_IPTUNNEL_TTL, ttl);
} else {
break;
}
argc--; argv++;
}
/* argv is currently the first unparsed argument,
* but the lwt_parse_encap() caller will move to the next,
* so step back
*/
*argcp = argc + 1;
*argvp = argv - 1;
return 0;
}
@ -573,6 +751,9 @@ int lwt_parse_encap(struct rtattr *rta, size_t len, int *argcp, char ***argvp)
if (parse_encap_bpf(rta, len, &argc, &argv) < 0)
exit(-1);
break;
case LWTUNNEL_ENCAP_SEG6:
parse_encap_seg6(rta, len, &argc, &argv);
break;
default:
fprintf(stderr, "Error: unsupported encap type\n");
break;

238
ip/ipseg6.c Normal file
View File

@ -0,0 +1,238 @@
/*
* seg6.c "ip sr/seg6"
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* version 2 as published by the Free Software Foundation;
*
* Author: David Lebrun <david.lebrun@uclouvain.be>
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <sys/ioctl.h>
#include <linux/if.h>
#include <linux/genetlink.h>
#include <linux/seg6_genl.h>
#include <linux/seg6_hmac.h>
#include "utils.h"
#include "ip_common.h"
#include "libgenl.h"
#define HMAC_KEY_PROMPT "Enter secret for HMAC key ID (blank to delete): "
static void usage(void)
{
fprintf(stderr, "Usage: ip sr { COMMAND | help }\n");
fprintf(stderr, " ip sr hmac show\n");
fprintf(stderr, " ip sr hmac set KEYID ALGO\n");
fprintf(stderr, " ip sr tunsrc show\n");
fprintf(stderr, " ip sr tunsrc set ADDRESS\n");
fprintf(stderr, "where ALGO := { sha1 | sha256 }\n");
exit(-1);
}
static struct rtnl_handle grth = { .fd = -1 };
static int genl_family = -1;
#define SEG6_REQUEST(_req, _bufsiz, _cmd, _flags) \
GENL_REQUEST(_req, _bufsiz, genl_family, 0, \
SEG6_GENL_VERSION, _cmd, _flags)
static struct {
unsigned int cmd;
struct in6_addr addr;
__u32 keyid;
const char *pass;
__u8 alg_id;
} opts;
static int process_msg(const struct sockaddr_nl *who, struct nlmsghdr *n,
void *arg)
{
struct rtattr *attrs[SEG6_ATTR_MAX + 1];
struct genlmsghdr *ghdr;
FILE *fp = (FILE *)arg;
int len = n->nlmsg_len;
if (n->nlmsg_type != genl_family)
return -1;
len -= NLMSG_LENGTH(GENL_HDRLEN);
if (len < 0)
return -1;
ghdr = NLMSG_DATA(n);
parse_rtattr(attrs, SEG6_ATTR_MAX, (void *)ghdr + GENL_HDRLEN, len);
switch (ghdr->cmd) {
case SEG6_CMD_DUMPHMAC:
{
char secret[64];
char *algstr;
__u8 slen = rta_getattr_u8(attrs[SEG6_ATTR_SECRETLEN]);
__u8 alg_id = rta_getattr_u8(attrs[SEG6_ATTR_ALGID]);
memset(secret, 0, 64);
if (slen > 63) {
fprintf(stderr, "HMAC secret length %d > 63, "
"truncated\n", slen);
slen = 63;
}
memcpy(secret, RTA_DATA(attrs[SEG6_ATTR_SECRET]), slen);
switch (alg_id) {
case SEG6_HMAC_ALGO_SHA1:
algstr = "sha1";
break;
case SEG6_HMAC_ALGO_SHA256:
algstr = "sha256";
break;
default:
algstr = "<unknown>";
}
fprintf(fp, "hmac %u ",
rta_getattr_u32(attrs[SEG6_ATTR_HMACKEYID]));
fprintf(fp, "algo %s ", algstr);
fprintf(fp, "secret \"%s\" ", secret);
fprintf(fp, "\n");
break;
}
case SEG6_CMD_GET_TUNSRC:
{
fprintf(fp, "tunsrc addr %s\n",
rt_addr_n2a(AF_INET6, 16,
RTA_DATA(attrs[SEG6_ATTR_DST])));
break;
}
}
return 0;
}
static int seg6_do_cmd(void)
{
SEG6_REQUEST(req, 1024, opts.cmd, NLM_F_REQUEST);
int repl = 0, dump = 0;
if (genl_family < 0) {
if (rtnl_open_byproto(&grth, 0, NETLINK_GENERIC) < 0) {
fprintf(stderr, "Cannot open generic netlink socket\n");
exit(1);
}
genl_family = genl_resolve_family(&grth, SEG6_GENL_NAME);
if (genl_family < 0)
exit(1);
req.n.nlmsg_type = genl_family;
}
switch (opts.cmd) {
case SEG6_CMD_SETHMAC:
{
addattr32(&req.n, sizeof(req), SEG6_ATTR_HMACKEYID, opts.keyid);
addattr8(&req.n, sizeof(req), SEG6_ATTR_SECRETLEN,
strlen(opts.pass));
addattr8(&req.n, sizeof(req), SEG6_ATTR_ALGID, opts.alg_id);
if (strlen(opts.pass))
addattr_l(&req.n, sizeof(req), SEG6_ATTR_SECRET,
opts.pass, strlen(opts.pass));
break;
}
case SEG6_CMD_SET_TUNSRC:
addattr_l(&req.n, sizeof(req), SEG6_ATTR_DST, &opts.addr,
sizeof(struct in6_addr));
break;
case SEG6_CMD_DUMPHMAC:
dump = 1;
break;
case SEG6_CMD_GET_TUNSRC:
repl = 1;
break;
}
if (!repl && !dump) {
if (rtnl_talk(&grth, &req.n, NULL, 0) < 0)
return -1;
} else if (repl) {
if (rtnl_talk(&grth, &req.n, &req.n, sizeof(req)) < 0)
return -2;
if (process_msg(NULL, &req.n, stdout) < 0) {
fprintf(stderr, "Error parsing reply\n");
exit(1);
}
} else {
req.n.nlmsg_flags |= NLM_F_DUMP;
req.n.nlmsg_seq = grth.dump = ++grth.seq;
if (rtnl_send(&grth, &req, req.n.nlmsg_len) < 0) {
perror("Failed to send dump request");
exit(1);
}
if (rtnl_dump_filter(&grth, process_msg, stdout) < 0) {
fprintf(stderr, "Dump terminated\n");
exit(1);
}
}
return 0;
}
int do_seg6(int argc, char **argv)
{
if (argc < 1 || matches(*argv, "help") == 0)
usage();
memset(&opts, 0, sizeof(opts));
if (matches(*argv, "hmac") == 0) {
NEXT_ARG();
if (matches(*argv, "show") == 0) {
opts.cmd = SEG6_CMD_DUMPHMAC;
} else if (matches(*argv, "set") == 0) {
NEXT_ARG();
if (get_u32(&opts.keyid, *argv, 0) || opts.keyid == 0)
invarg("hmac KEYID value is invalid", *argv);
NEXT_ARG();
if (strcmp(*argv, "sha1") == 0) {
opts.alg_id = SEG6_HMAC_ALGO_SHA1;
} else if (strcmp(*argv, "sha256") == 0) {
opts.alg_id = SEG6_HMAC_ALGO_SHA256;
} else {
invarg("hmac ALGO value is invalid", *argv);
}
opts.cmd = SEG6_CMD_SETHMAC;
opts.pass = getpass(HMAC_KEY_PROMPT);
} else {
invarg("unknown", *argv);
}
} else if (matches(*argv, "tunsrc") == 0) {
NEXT_ARG();
if (matches(*argv, "show") == 0) {
opts.cmd = SEG6_CMD_GET_TUNSRC;
} else if (matches(*argv, "set") == 0) {
NEXT_ARG();
opts.cmd = SEG6_CMD_SET_TUNSRC;
if (!inet_get_addr(*argv, NULL, &opts.addr))
invarg("tunsrc ADDRESS value is invalid",
*argv);
} else {
invarg("unknown", *argv);
}
} else {
invarg("unknown", *argv);
}
return seg6_do_cmd();
}

19
ip/ipxfrm.c
View File

@ -862,6 +862,25 @@ void xfrm_xfrma_print(struct rtattr *tb[], __u16 family,
}
fprintf(fp, "%s", _SL_);
}
if (tb[XFRMA_OFFLOAD_DEV]) {
struct xfrm_user_offload *xuo;
if (prefix)
fputs(prefix, fp);
fprintf(fp, "crypto offload parameters: ");
if (RTA_PAYLOAD(tb[XFRMA_OFFLOAD_DEV]) < sizeof(*xuo)) {
fprintf(fp, "(ERROR truncated)");
fprintf(fp, "%s", _SL_);
return;
}
xuo = (struct xfrm_user_offload *)
RTA_DATA(tb[XFRMA_OFFLOAD_DEV]);
fprintf(fp, "dev %s dir %s", ll_index_to_name(xuo->ifindex),
(xuo->flags & XFRM_OFFLOAD_INBOUND) ? "in" : "out");
fprintf(fp, "%s", _SL_);
}
}
static int xfrm_selector_iszero(struct xfrm_selector *s)

16
ip/link_gre.c
View File

@ -42,11 +42,13 @@ static void print_usage(FILE *f)
" [ [no]encap-csum ]\n"
" [ [no]encap-csum6 ]\n"
" [ [no]encap-remcsum ]\n"
" [ fwmark MARK ]\n"
"\n"
"Where: ADDR := { IP_ADDRESS | any }\n"
" TOS := { NUMBER | inherit }\n"
" TTL := { 1..255 | inherit }\n"
" KEY := { DOTTED_QUAD | NUMBER }\n"
" MARK := { 0x0..0xffffffff }\n"
);
}
@ -91,6 +93,7 @@ static int gre_parse_opt(struct link_util *lu, int argc, char **argv,
__u16 encapsport = 0;
__u16 encapdport = 0;
__u8 metadata = 0;
__u32 fwmark = 0;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
@ -160,6 +163,9 @@ get_failed:
if (greinfo[IFLA_GRE_COLLECT_METADATA])
metadata = 1;
if (greinfo[IFLA_GRE_FWMARK])
fwmark = rta_getattr_u32(greinfo[IFLA_GRE_FWMARK]);
}
while (argc > 0) {
@ -305,6 +311,10 @@ get_failed:
encapflags |= ~TUNNEL_ENCAP_FLAG_REMCSUM;
} else if (strcmp(*argv, "external") == 0) {
metadata = 1;
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
} else
usage();
argc--; argv++;
@ -335,6 +345,7 @@ get_failed:
addattr32(n, 1024, IFLA_GRE_LINK, link);
addattr_l(n, 1024, IFLA_GRE_TTL, &ttl, 1);
addattr_l(n, 1024, IFLA_GRE_TOS, &tos, 1);
addattr32(n, 1024, IFLA_GRE_FWMARK, fwmark);
} else {
addattr_l(n, 1024, IFLA_GRE_COLLECT_METADATA, NULL, 0);
}
@ -426,6 +437,11 @@ static void gre_print_direct_opt(FILE *f, struct rtattr *tb[])
fputs("icsum ", f);
if (oflags & GRE_CSUM)
fputs("ocsum ", f);
if (tb[IFLA_GRE_FWMARK] && rta_getattr_u32(tb[IFLA_GRE_FWMARK])) {
fprintf(f, "fwmark 0x%x ",
rta_getattr_u32(tb[IFLA_GRE_FWMARK]));
}
}
static void gre_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])

24
ip/link_gre6.c
View File

@ -43,6 +43,7 @@ static void print_usage(FILE *f)
" [ tclass TCLASS ]\n"
" [ flowlabel FLOWLABEL ]\n"
" [ dscp inherit ]\n"
" [ fwmark MARK ]\n"
" [ dev PHYS_DEV ]\n"
" [ noencap ]\n"
" [ encap { fou | gue | none } ]\n"
@ -57,7 +58,8 @@ static void print_usage(FILE *f)
" KEY := { DOTTED_QUAD | NUMBER }\n"
" ELIM := { none | 0..255 }(default=%d)\n"
" TCLASS := { 0x0..0xff | inherit }\n"
" FLOWLABEL := { 0x0..0xfffff | inherit }\n",
" FLOWLABEL := { 0x0..0xfffff | inherit }\n"
" MARK := { 0x0..0xffffffff | inherit }\n",
DEFAULT_TNL_HOP_LIMIT, IPV6_DEFAULT_TNL_ENCAP_LIMIT
);
}
@ -103,6 +105,7 @@ static int gre_parse_opt(struct link_util *lu, int argc, char **argv,
__u16 encapsport = 0;
__u16 encapdport = 0;
int len;
__u32 fwmark = 0;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
@ -174,6 +177,9 @@ get_failed:
if (greinfo[IFLA_GRE_ENCAP_DPORT])
encapdport = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_DPORT]);
if (greinfo[IFLA_GRE_FWMARK])
fwmark = rta_getattr_u32(greinfo[IFLA_GRE_FWMARK]);
}
while (argc > 0) {
@ -339,6 +345,16 @@ get_failed:
encapflags |= TUNNEL_ENCAP_FLAG_REMCSUM;
} else if (strcmp(*argv, "noencap-remcsum") == 0) {
encapflags &= ~TUNNEL_ENCAP_FLAG_REMCSUM;
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (strcmp(*argv, "inherit") == 0) {
flags |= IP6_TNL_F_USE_ORIG_FWMARK;
fwmark = 0;
} else {
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
flags &= ~IP6_TNL_F_USE_ORIG_FWMARK;
}
} else
usage();
argc--; argv++;
@ -356,6 +372,7 @@ get_failed:
addattr_l(n, 1024, IFLA_GRE_ENCAP_LIMIT, &encap_limit, 1);
addattr_l(n, 1024, IFLA_GRE_FLOWINFO, &flowinfo, 4);
addattr32(n, 1024, IFLA_GRE_FLAGS, flags);
addattr32(n, 1024, IFLA_GRE_FWMARK, fwmark);
addattr16(n, 1024, IFLA_GRE_ENCAP_TYPE, encaptype);
addattr16(n, 1024, IFLA_GRE_ENCAP_FLAGS, encapflags);
@ -461,6 +478,11 @@ static void gre_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
if (oflags & GRE_CSUM)
fputs("ocsum ", f);
if (flags & IP6_TNL_F_USE_ORIG_FWMARK)
fprintf(f, "fwmark inherit ");
else if (tb[IFLA_GRE_FWMARK] && rta_getattr_u32(tb[IFLA_GRE_FWMARK]))
fprintf(f, "fwmark 0x%x ", rta_getattr_u32(tb[IFLA_GRE_FWMARK]));
if (tb[IFLA_GRE_ENCAP_TYPE] &&
rta_getattr_u16(tb[IFLA_GRE_ENCAP_TYPE]) != TUNNEL_ENCAP_NONE) {
__u16 type = rta_getattr_u16(tb[IFLA_GRE_ENCAP_TYPE]);

23
ip/link_ip6tnl.c
View File

@ -41,7 +41,7 @@ static void print_usage(FILE *f)
" [ tclass TCLASS ]\n"
" [ flowlabel FLOWLABEL ]\n"
" [ dscp inherit ]\n"
" [ fwmark inherit ]\n"
" [ fwmark MARK ]\n"
" [ noencap ]\n"
" [ encap { fou | gue | none } ]\n"
" [ encap-sport PORT ]\n"
@ -55,7 +55,8 @@ static void print_usage(FILE *f)
" ELIM := { none | 0..255 }(default=%d)\n"
" HLIM := 0..255 (default=%d)\n"
" TCLASS := { 0x0..0xff | inherit }\n"
" FLOWLABEL := { 0x0..0xfffff | inherit }\n",
" FLOWLABEL := { 0x0..0xfffff | inherit }\n"
" MARK := { 0x0..0xffffffff | inherit }\n",
IPV6_DEFAULT_TNL_ENCAP_LIMIT, DEFAULT_TNL_HOP_LIMIT
);
}
@ -99,6 +100,7 @@ static int ip6tunnel_parse_opt(struct link_util *lu, int argc, char **argv,
__u16 encapsport = 0;
__u16 encapdport = 0;
__u8 metadata = 0;
__u32 fwmark = 0;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
@ -153,6 +155,9 @@ get_failed:
proto = rta_getattr_u8(iptuninfo[IFLA_IPTUN_PROTO]);
if (iptuninfo[IFLA_IPTUN_COLLECT_METADATA])
metadata = 1;
if (iptuninfo[IFLA_IPTUN_FWMARK])
fwmark = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FWMARK]);
}
while (argc > 0) {
@ -252,9 +257,14 @@ get_failed:
flags |= IP6_TNL_F_RCV_DSCP_COPY;
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0)
invarg("not inherit", *argv);
flags |= IP6_TNL_F_USE_ORIG_FWMARK;
if (strcmp(*argv, "inherit") == 0) {
flags |= IP6_TNL_F_USE_ORIG_FWMARK;
fwmark = 0;
} else {
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
flags &= ~IP6_TNL_F_USE_ORIG_FWMARK;
}
} else if (strcmp(*argv, "noencap") == 0) {
encaptype = TUNNEL_ENCAP_NONE;
} else if (strcmp(*argv, "encap") == 0) {
@ -308,6 +318,7 @@ get_failed:
addattr32(n, 1024, IFLA_IPTUN_FLOWINFO, flowinfo);
addattr32(n, 1024, IFLA_IPTUN_FLAGS, flags);
addattr32(n, 1024, IFLA_IPTUN_LINK, link);
addattr32(n, 1024, IFLA_IPTUN_FWMARK, fwmark);
addattr16(n, 1024, IFLA_IPTUN_ENCAP_TYPE, encaptype);
addattr16(n, 1024, IFLA_IPTUN_ENCAP_FLAGS, encapflags);
@ -398,6 +409,8 @@ static void ip6tunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb
if (flags & IP6_TNL_F_USE_ORIG_FWMARK)
fprintf(f, "fwmark inherit ");
else if (tb[IFLA_IPTUN_FWMARK] && rta_getattr_u32(tb[IFLA_IPTUN_FWMARK]))
fprintf(f, "fwmark 0x%x ", rta_getattr_u32(tb[IFLA_IPTUN_FWMARK]));
if (tb[IFLA_IPTUN_ENCAP_TYPE] &&
rta_getattr_u16(tb[IFLA_IPTUN_ENCAP_TYPE]) !=

16
ip/link_iptnl.c
View File

@ -52,10 +52,12 @@ static void print_usage(FILE *f, int sit)
" [ isatap ]\n");
}
fprintf(f, " [ external ]\n");
fprintf(f, " [ fwmark MARK ]\n");
fprintf(f, "\n");
fprintf(f, "Where: ADDR := { IP_ADDRESS | any }\n");
fprintf(f, " TOS := { NUMBER | inherit }\n");
fprintf(f, " TTL := { 1..255 | inherit }\n");
fprintf(f, " MARK := { 0x0..0xffffffff }\n");
}
static void usage(int sit) __attribute__((noreturn));
@ -101,6 +103,7 @@ static int iptunnel_parse_opt(struct link_util *lu, int argc, char **argv,
__u16 encapsport = 0;
__u16 encapdport = 0;
__u8 metadata = 0;
__u32 fwmark = 0;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
@ -179,6 +182,10 @@ get_failed:
rta_getattr_u16(iptuninfo[IFLA_IPTUN_6RD_RELAY_PREFIXLEN]);
if (iptuninfo[IFLA_IPTUN_COLLECT_METADATA])
metadata = 1;
if (iptuninfo[IFLA_IPTUN_FWMARK])
fwmark = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FWMARK]);
}
while (argc > 0) {
@ -301,6 +308,10 @@ get_failed:
ip6rdprefixlen = 16;
ip6rdrelayprefix = 0;
ip6rdrelayprefixlen = 0;
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
} else
usage(strcmp(lu->id, "sit") == 0);
argc--, argv++;
@ -322,6 +333,7 @@ get_failed:
addattr8(n, 1024, IFLA_IPTUN_TTL, ttl);
addattr8(n, 1024, IFLA_IPTUN_TOS, tos);
addattr8(n, 1024, IFLA_IPTUN_PMTUDISC, pmtudisc);
addattr32(n, 1024, IFLA_IPTUN_FWMARK, fwmark);
addattr16(n, 1024, IFLA_IPTUN_ENCAP_TYPE, encaptype);
addattr16(n, 1024, IFLA_IPTUN_ENCAP_FLAGS, encapflags);
@ -471,6 +483,10 @@ static void iptunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[
else
fputs("noencap-remcsum ", f);
}
if (tb[IFLA_IPTUN_FWMARK] && rta_getattr_u32(tb[IFLA_IPTUN_FWMARK]))
fprintf(f, "fwmark 0x%x ",
rta_getattr_u32(tb[IFLA_IPTUN_FWMARK]));
}
static void iptunnel_print_help(struct link_util *lu, int argc, char **argv,

16
ip/link_vti.c
View File

@ -31,9 +31,11 @@ static void print_usage(FILE *f)
" [ local ADDR ]\n"
" [ [i|o]key KEY ]\n"
" [ dev PHYS_DEV ]\n"
" [ fwmark MARK ]\n"
"\n"
"Where: ADDR := { IP_ADDRESS }\n"
" KEY := { DOTTED_QUAD | NUMBER }\n"
" MARK := { 0x0..0xffffffff }\n"
);
}
@ -67,6 +69,7 @@ static int vti_parse_opt(struct link_util *lu, int argc, char **argv,
unsigned int saddr = 0;
unsigned int daddr = 0;
unsigned int link = 0;
unsigned int fwmark = 0;
int len;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
@ -109,6 +112,9 @@ get_failed:
if (vtiinfo[IFLA_VTI_LINK])
link = rta_getattr_u8(vtiinfo[IFLA_VTI_LINK]);
if (vtiinfo[IFLA_VTI_FWMARK])
fwmark = rta_getattr_u32(vtiinfo[IFLA_VTI_FWMARK]);
}
while (argc > 0) {
@ -180,6 +186,10 @@ get_failed:
*argv);
exit(-1);
}
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
} else
usage();
argc--; argv++;
@ -189,6 +199,7 @@ get_failed:
addattr32(n, 1024, IFLA_VTI_OKEY, okey);
addattr_l(n, 1024, IFLA_VTI_LOCAL, &saddr, 4);
addattr_l(n, 1024, IFLA_VTI_REMOTE, &daddr, 4);
addattr32(n, 1024, IFLA_VTI_FWMARK, fwmark);
if (link)
addattr32(n, 1024, IFLA_VTI_LINK, link);
@ -242,6 +253,11 @@ static void vti_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
inet_ntop(AF_INET, RTA_DATA(tb[IFLA_VTI_OKEY]), s2, sizeof(s2));
fprintf(f, "okey %s ", s2);
}
if (tb[IFLA_VTI_FWMARK] && rta_getattr_u32(tb[IFLA_VTI_FWMARK])) {
fprintf(f, "fwmark 0x%x ",
rta_getattr_u32(tb[IFLA_VTI_FWMARK]));
}
}
static void vti_print_help(struct link_util *lu, int argc, char **argv,

15
ip/link_vti6.c
View File

@ -32,10 +32,12 @@ static void usage(void)
fprintf(stderr, " type { vti6 } [ remote ADDR ] [ local ADDR ]\n");
fprintf(stderr, " [ [i|o]key KEY ]\n");
fprintf(stderr, " [ dev PHYS_DEV ]\n");
fprintf(stderr, " [ fwmark MARK ]\n");
fprintf(stderr, "\n");
fprintf(stderr, "Where: NAME := STRING\n");
fprintf(stderr, " ADDR := { IPV6_ADDRESS }\n");
fprintf(stderr, " KEY := { DOTTED_QUAD | NUMBER }\n");
fprintf(stderr, " MARK := { 0x0..0xffffffff }\n");
exit(-1);
}
@ -62,6 +64,7 @@ static int vti6_parse_opt(struct link_util *lu, int argc, char **argv,
unsigned int ikey = 0;
unsigned int okey = 0;
unsigned int link = 0;
__u32 fwmark = 0;
int len;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
@ -104,6 +107,9 @@ get_failed:
if (vtiinfo[IFLA_VTI_LINK])
link = rta_getattr_u8(vtiinfo[IFLA_VTI_LINK]);
if (vtiinfo[IFLA_VTI_FWMARK])
fwmark = rta_getattr_u32(vtiinfo[IFLA_VTI_FWMARK]);
}
while (argc > 0) {
@ -178,6 +184,10 @@ get_failed:
link = if_nametoindex(*argv);
if (link == 0)
exit(-1);
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
} else
usage();
argc--; argv++;
@ -187,6 +197,7 @@ get_failed:
addattr32(n, 1024, IFLA_VTI_OKEY, okey);
addattr_l(n, 1024, IFLA_VTI_LOCAL, &saddr, sizeof(saddr));
addattr_l(n, 1024, IFLA_VTI_REMOTE, &daddr, sizeof(daddr));
addattr32(n, 1024, IFLA_VTI_FWMARK, fwmark);
if (link)
addattr32(n, 1024, IFLA_VTI_LINK, link);
@ -239,6 +250,10 @@ static void vti6_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
inet_ntop(AF_INET, RTA_DATA(tb[IFLA_VTI_OKEY]), s2, sizeof(s2));
fprintf(f, "okey %s ", s2);
}
if (tb[IFLA_VTI_FWMARK] && rta_getattr_u32(tb[IFLA_VTI_FWMARK])) {
fprintf(f, "fwmark 0x%x ", rta_getattr_u32(tb[IFLA_VTI_FWMARK]));
}
}
struct link_util vti6_link_util = {

2
ip/xdp.h
View File

@ -3,7 +3,7 @@
#include "utils.h"
int xdp_parse(int *argc, char ***argv, struct iplink_req *req);
int xdp_parse(int *argc, char ***argv, struct iplink_req *req, bool generic);
void xdp_dump(FILE *fp, struct rtattr *tb);
#endif /* __XDP__ */

49
ip/xfrm_state.c
View File

@ -60,6 +60,7 @@ static void usage(void)
fprintf(stderr, " [ replay-seq-hi SEQ ] [ replay-oseq-hi SEQ ]\n");
fprintf(stderr, " [ flag FLAG-LIST ] [ sel SELECTOR ] [ LIMIT-LIST ] [ encap ENCAP ]\n");
fprintf(stderr, " [ coa ADDR[/PLEN] ] [ ctx CTX ] [ extra-flag EXTRA-FLAG-LIST ]\n");
fprintf(stderr, " [ offload [dev DEV] dir DIR ]\n");
fprintf(stderr, "Usage: ip xfrm state allocspi ID [ mode MODE ] [ mark MARK [ mask MASK ] ]\n");
fprintf(stderr, " [ reqid REQID ] [ seq SEQ ] [ min SPI max SPI ]\n");
fprintf(stderr, "Usage: ip xfrm state { delete | get } ID [ mark MARK [ mask MASK ] ]\n");
@ -108,6 +109,7 @@ static void usage(void)
fprintf(stderr, "LIMIT := { time-soft | time-hard | time-use-soft | time-use-hard } SECONDS |\n");
fprintf(stderr, " { byte-soft | byte-hard } SIZE | { packet-soft | packet-hard } COUNT\n");
fprintf(stderr, "ENCAP := { espinudp | espinudp-nonike } SPORT DPORT OADDR\n");
fprintf(stderr, "DIR := in | out\n");
exit(-1);
}
@ -264,6 +266,24 @@ static int xfrm_state_extra_flag_parse(__u32 *extra_flags, int *argcp, char ***a
return 0;
}
static int xfrm_offload_dir_parse(__u8 *dir, int *argcp, char ***argvp)
{
int argc = *argcp;
char **argv = *argvp;
if (strcmp(*argv, "in") == 0)
*dir = XFRM_OFFLOAD_INBOUND;
else if (strcmp(*argv, "out") == 0)
*dir = 0;
else
invarg("DIR value is invalid", *argv);
*argcp = argc;
*argvp = argv;
return 0;
}
static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv)
{
struct rtnl_handle rth;
@ -283,6 +303,10 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv)
};
struct xfrm_replay_state replay = {};
struct xfrm_replay_state_esn replay_esn = {};
struct xfrm_user_offload xuo = {};
unsigned int ifindex = 0;
__u8 dir = 0;
bool is_offload = false;
__u32 replay_window = 0;
__u32 seq = 0, oseq = 0, seq_hi = 0, oseq_hi = 0;
char *idp = NULL;
@ -394,6 +418,25 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv)
xfrm_sctx_parse((char *)&ctx.str, context, &ctx.sctx);
addattr_l(&req.n, sizeof(req.buf), XFRMA_SEC_CTX,
(void *)&ctx, ctx.sctx.len);
} else if (strcmp(*argv, "offload") == 0) {
is_offload = true;
NEXT_ARG();
if (strcmp(*argv, "dev") == 0) {
NEXT_ARG();
ifindex = ll_name_to_index(*argv);
if (!ifindex) {
invarg("value after \"offload dev\" is invalid", *argv);
is_offload = false;
}
NEXT_ARG();
}
if (strcmp(*argv, "dir") == 0) {
NEXT_ARG();
xfrm_offload_dir_parse(&dir, &argc, &argv);
} else {
invarg("value after \"offload dir\" is invalid", *argv);
is_offload = false;
}
} else {
/* try to assume ALGO */
int type = xfrm_algotype_getbyname(*argv);
@ -531,6 +574,12 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv)
exit(-1);
}
if (is_offload) {
xuo.ifindex = ifindex;
xuo.flags = dir;
addattr_l(&req.n, sizeof(req.buf), XFRMA_OFFLOAD_DEV, &xuo,
sizeof(xuo));
}
if (req.xsinfo.flags & XFRM_STATE_ESN ||
replay_window > (sizeof(replay.bitmap) * 8)) {
replay_esn.seq = seq;

3
lib/libnetlink.c
View File

@ -299,7 +299,8 @@ static void rtnl_dump_error(const struct rtnl_handle *rth,
errno == EOPNOTSUPP))
return;
perror("RTNETLINK answers");
if (!(rth->flags & RTNL_HANDLE_F_SUPPRESS_NLERR))
perror("RTNETLINK answers");
}
}

19
man/man8/ip-link.8.in
View File

@ -126,7 +126,7 @@ ip-link \- network device configuration
.RB "[ " port_guid " eui64 ] ]"
.br
.in -9
.RB "[ " xdp " { " off " | "
.RB "[ { " xdp " | " xdpgeneric " } { " off " | "
.br
.in +8
.BR object
@ -1572,8 +1572,23 @@ which may impact security and/or performance. (e.g. VF multicast promiscuous mod
.TP
.B xdp object "|" pinned "|" off
set (or unset) a XDP ("express data path") BPF program to run on every
set (or unset) a XDP ("eXpress Data Path") BPF program to run on every
packet at driver level.
.B ip link
output will indicate a
.B xdp
flag for the networking device. If the driver does not have native XDP
support, the kernel will fall back to a slower, driver-independent "generic"
XDP variant. The
.B ip link
output will in that case indicate
.B xdpgeneric
instead of
.B xdp
only. If the driver does have native XDP support, but the program is
loaded under
.B xdpgeneric object "|" pinned
then the kernel will use the generic XDP variant instead of the native one.
.B off
(or

58
man/man8/ip-route.8.in
View File

@ -75,7 +75,9 @@ replace " } "
.B scope
.IR SCOPE " ] [ "
.B metric
.IR METRIC " ]"
.IR METRIC " ] [ "
.B ttl-propagate
.RB "{ " enabled " | " disabled " } ]"
.ti -8
.IR INFO_SPEC " := " "NH OPTIONS FLAGS" " ["
@ -174,12 +176,14 @@ throw " | " unreachable " | " prohibit " | " blackhole " | " nat " ]"
.ti -8
.IR ENCAP " := [ "
.IR MPLS " | " IP | " BPF " ] "
.IR MPLS " | " IP " | " BPF " | " SEG6 " ] "
.ti -8
.IR ENCAP_MPLS " := "
.BR mpls " [ "
.IR LABEL " ]"
.IR LABEL " ] ["
.B ttl
.IR TTL " ]"
.ti -8
.IR ENCAP_IP " := "
@ -193,7 +197,6 @@ throw " | " unreachable " | " prohibit " | " blackhole " | " nat " ]"
.B ttl
.IR TTL " ]"
.ti -8
.IR ENCAP_BPF " := "
.BR bpf " [ "
@ -206,6 +209,16 @@ throw " | " unreachable " | " prohibit " | " blackhole " | " nat " ]"
.B headroom
.IR SIZE " ]"
.ti -8
.IR ENCAP_SEG6 " := "
.B seg6
.BR mode " [ "
.BR encap " | " inline " ] "
.B segs
.IR SEGMENTS " [ "
.B hmac
.IR KEYID " ]"
.SH DESCRIPTION
.B ip route
is used to manipulate entries in the kernel routing tables.
@ -652,6 +665,8 @@ is a string specifying the supported encapsulation type. Namely:
.BI bpf
- Execution of BPF program
.sp
.BI seg6
- encapsulation type IPv6 Segment Routing
.in -8
.I ENCAPHDR
@ -664,6 +679,11 @@ is a set of encapsulation attributes specific to the
.I MPLSLABEL
- mpls label stack with labels separated by
.I "/"
.sp
.B ttl
.I TTL
- TTL to use for MPLS header or 0 to inherit from IP header
.in -2
.sp
@ -703,6 +723,25 @@ is a set of encapsulation attributes specific to the
.in -2
.sp
.B seg6
.in +2
.B mode inline
- Directly insert Segment Routing Header after IPv6 header
.sp
.B mode encap
- Encapsulate packet in an outer IPv6 header with SRH
.sp
.I SEGMENTS
- List of comma-separated IPv6 addresses
.sp
.I KEYID
- Numerical value in decimal representation. See \fBip-sr\fR(8).
.in -2
.sp
.in -8
.TP
@ -710,6 +749,12 @@ is a set of encapsulation attributes specific to the
the route will be deleted after the expires time.
.B Only
support IPv6 at present.
.TP
.BR ttl-propagate " { " enabled " | " disabled " } "
Control whether TTL should be propagated from any encap into the
un-encapsulated packet, overriding any global configuration. Only
supported for MPLS at present.
.RE
.TP
@ -986,6 +1031,11 @@ ip route add 10.1.1.0/30 encap mpls 200/300 via 10.1.1.1 dev eth0
.RS 4
Adds an ipv4 route with mpls encapsulation attributes attached to it.
.RE
.PP
ip -6 route add 2001:db8:1::/64 encap seg6 mode encap segs 2001:db8:42::1,2001:db8:ffff::2 dev eth0
.RS 4
Adds an IPv6 route with SRv6 encapsulation and two segments attached.
.RE
.SH SEE ALSO
.br
.BR ip (8)

58
man/man8/ip-sr.8 Normal file
View File

@ -0,0 +1,58 @@
.TH IP\-SR 8 "14 Apr 2017" "iproute2" "Linux"
.SH "NAME"
ip-sr \- IPv6 Segment Routing management
.SH SYNOPSIS
.sp
.ad l
.in +8
.ti -8
.B ip sr
.RI " { " COMMAND " | "
.BR help " }"
.sp
.ti -8
.ti -8
.B ip sr hmac show
.ti -8
.B ip sr hmac set
.I KEYID ALGO
.ti -8
.B ip sr tunsrc show
.ti -8
.B ip sr tunsrc set
.I ADDRESS
.SH DESCRIPTION
The \fBip sr\fR command is used to configure IPv6 Segment Routing (SRv6)
internal parameters.
.PP
Those parameters include the mapping between an HMAC key ID and its associated
hashing algorithm and secret, and the IPv6 address to use as source for encapsulated
packets.
.PP
The \fBip sr hmac set\fR command prompts for a passphrase that will be used as the
HMAC secret for the corresponding key ID. A blank passphrase removes the mapping.
The currently supported algorithms for \fIALGO\fR are \fBsha1\fR and \fBsha256\fR.
.PP
If the tunnel source is set to the address :: (which is the default), then an address
of the egress interface will be selected. As this operation may hinder performances,
it is recommended to set a non-default address.
.SH EXAMPLES
.PP
.SS Configure an HMAC mapping for key ID 42 and hashing algorithm SHA-256
.nf
# ip sr hmac set 42 sha256
.PP
.SS Set the tunnel source address to 2001:db8::1
.nf
# ip sr tunsrc set 2001:db8::1
.SH SEE ALSO
.br
.BR ip-route (8)
.SH AUTHOR
David Lebrun <david.lebrun@uclouvain.be>

25
tc/tc_qdisc.c
View File

@ -34,7 +34,7 @@ static int usage(void)
fprintf(stderr, " [ stab [ help | STAB_OPTIONS] ]\n");
fprintf(stderr, " [ [ QDISC_KIND ] [ help | OPTIONS ] ]\n");
fprintf(stderr, "\n");
fprintf(stderr, " tc qdisc show [ dev STRING ] [ ingress | clsact ]\n");
fprintf(stderr, " tc qdisc show [ dev STRING ] [ ingress | clsact ] [ invisible ]\n");
fprintf(stderr, "Where:\n");
fprintf(stderr, "QDISC_KIND := { [p|b]fifo | tbf | prio | cbq | red | etc. }\n");
fprintf(stderr, "OPTIONS := ... try tc qdisc add <desired QDISC_KIND> help\n");
@ -292,6 +292,7 @@ static int tc_qdisc_list(int argc, char **argv)
{
struct tcmsg t = { .tcm_family = AF_UNSPEC };
char d[16] = {};
bool dump_invisible = false;
while (argc > 0) {
if (strcmp(*argv, "dev") == 0) {
@ -306,6 +307,8 @@ static int tc_qdisc_list(int argc, char **argv)
t.tcm_parent = TC_H_INGRESS;
} else if (matches(*argv, "help") == 0) {
usage();
} else if (strcmp(*argv, "invisible") == 0) {
dump_invisible = true;
} else {
fprintf(stderr, "What is \"%s\"? Try \"tc qdisc help\".\n", *argv);
return -1;
@ -325,7 +328,25 @@ static int tc_qdisc_list(int argc, char **argv)
filter_ifindex = t.tcm_ifindex;
}
if (rtnl_dump_request(&rth, RTM_GETQDISC, &t, sizeof(t)) < 0) {
if (dump_invisible) {
struct {
struct nlmsghdr n;
struct tcmsg t;
char buf[256];
} req = {
.n.nlmsg_type = RTM_GETQDISC,
.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
};
req.t.tcm_family = AF_UNSPEC;
addattr(&req.n, 256, TCA_DUMP_INVISIBLE);
if (rtnl_dump_request_n(&rth, &req.n) < 0) {
perror("Cannot send dump request");
return 1;
}
} else if (rtnl_dump_request(&rth, RTM_GETQDISC, &t, sizeof(t)) < 0) {
perror("Cannot send dump request");
return 1;
}