Merge branch 'net-fib_rules-add-dscp-mask-support'

        name: dport-mask

        type: u16

        display-hint: hex

      -

        name: dscp-mask

        type: u8

        display-hint: hex

operations:

  enum-model: directional

            - flowlabel-mask

            - sport-mask

            - dport-mask

            - dscp-mask

    -

      name: newrule-ntf

      doc: Notify a rule creation

	FRA_FLOWLABEL_MASK,	/* flowlabel mask */

	FRA_SPORT_MASK,	/* sport mask */

	FRA_DPORT_MASK,	/* dport mask */

	FRA_DSCP_MASK,	/* dscp mask */

	__FRA_MAX

};

	[FRA_FLOWLABEL_MASK] = { .type = NLA_BE32 },

	[FRA_SPORT_MASK] = { .type = NLA_U16 },

	[FRA_DPORT_MASK] = { .type = NLA_U16 },

	[FRA_DSCP_MASK] = NLA_POLICY_MASK(NLA_U8, INET_DSCP_MASK >> 2),

};

int fib_newrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh,

	u8			dst_len;

	u8			src_len;

	dscp_t			dscp;

	dscp_t			dscp_mask;

	u8			dscp_full:1;	/* DSCP or TOS selector */

	__be32			src;

	__be32			srcmask;

	 * to mask the upper three DSCP bits prior to matching to maintain

	 * legacy behavior.

	 */

	if (r->dscp_full && r->dscp != inet_dsfield_to_dscp(fl4->flowi4_tos))

	if (r->dscp_full &&

	    (r->dscp ^ inet_dsfield_to_dscp(fl4->flowi4_tos)) & r->dscp_mask)

		return 0;

	else if (!r->dscp_full && r->dscp &&

		 !fib_dscp_masked_match(r->dscp, fl4))

	}

	rule4->dscp = inet_dsfield_to_dscp(nla_get_u8(nla) << 2);

	rule4->dscp_mask = inet_dsfield_to_dscp(INET_DSCP_MASK);

	rule4->dscp_full = true;

	return 0;

}

static int fib4_nl2rule_dscp_mask(const struct nlattr *nla,

				  struct fib4_rule *rule4,

				  struct netlink_ext_ack *extack)

{

	dscp_t dscp_mask;

	if (!rule4->dscp_full) {

		NL_SET_ERR_MSG_ATTR(extack, nla,

				    "Cannot specify DSCP mask without DSCP value");

		return -EINVAL;

	}

	dscp_mask = inet_dsfield_to_dscp(nla_get_u8(nla) << 2);

	if (rule4->dscp & ~dscp_mask) {

		NL_SET_ERR_MSG_ATTR(extack, nla, "Invalid DSCP mask");

		return -EINVAL;

	}

	rule4->dscp_mask = dscp_mask;

	return 0;

}

static int fib4_rule_configure(struct fib_rule *rule, struct sk_buff *skb,

			       struct fib_rule_hdr *frh,

			       struct nlattr **tb,

	    fib4_nl2rule_dscp(tb[FRA_DSCP], rule4, extack) < 0)

		goto errout;

	if (tb[FRA_DSCP_MASK] &&

	    fib4_nl2rule_dscp_mask(tb[FRA_DSCP_MASK], rule4, extack) < 0)

		goto errout;

	/* split local/main if they are not already split */

	err = fib_unmerge(net);

	if (err)

			return 0;

	}

	if (tb[FRA_DSCP_MASK]) {

		dscp_t dscp_mask;

		dscp_mask = inet_dsfield_to_dscp(nla_get_u8(tb[FRA_DSCP_MASK]) << 2);

		if (!rule4->dscp_full || rule4->dscp_mask != dscp_mask)

			return 0;

	}

#ifdef CONFIG_IP_ROUTE_CLASSID

	if (tb[FRA_FLOW] && (rule4->tclassid != nla_get_u32(tb[FRA_FLOW])))

		return 0;

	if (rule4->dscp_full) {

		frh->tos = 0;

		if (nla_put_u8(skb, FRA_DSCP,

			       inet_dscp_to_dsfield(rule4->dscp) >> 2))

			       inet_dscp_to_dsfield(rule4->dscp) >> 2) ||

		    nla_put_u8(skb, FRA_DSCP_MASK,

			       inet_dscp_to_dsfield(rule4->dscp_mask) >> 2))

			goto nla_put_failure;

	} else {

		frh->tos = inet_dscp_to_dsfield(rule4->dscp);

	return nla_total_size(4) /* dst */

	       + nla_total_size(4) /* src */

	       + nla_total_size(4) /* flow */

	       + nla_total_size(1); /* dscp */

	       + nla_total_size(1) /* dscp */

	       + nla_total_size(1); /* dscp mask */

}

static void fib4_rule_flush_cache(struct fib_rules_ops *ops)

	__be32			flowlabel;

	__be32			flowlabel_mask;

	dscp_t			dscp;

	dscp_t			dscp_mask;

	u8			dscp_full:1;	/* DSCP or TOS selector */

};

			return 0;

	}

	if (r->dscp && r->dscp != ip6_dscp(fl6->flowlabel))

	if ((r->dscp ^ ip6_dscp(fl6->flowlabel)) & r->dscp_mask)

		return 0;

	if ((r->flowlabel ^ flowi6_get_flowlabel(fl6)) & r->flowlabel_mask)

	}

	rule6->dscp = inet_dsfield_to_dscp(nla_get_u8(nla) << 2);

	rule6->dscp_mask = inet_dsfield_to_dscp(INET_DSCP_MASK);

	rule6->dscp_full = true;

	return 0;

}

static int fib6_nl2rule_dscp_mask(const struct nlattr *nla,

				  struct fib6_rule *rule6,

				  struct netlink_ext_ack *extack)

{

	dscp_t dscp_mask;

	if (!rule6->dscp_full) {

		NL_SET_ERR_MSG_ATTR(extack, nla,

				    "Cannot specify DSCP mask without DSCP value");

		return -EINVAL;

	}

	dscp_mask = inet_dsfield_to_dscp(nla_get_u8(nla) << 2);

	if (rule6->dscp & ~dscp_mask) {

		NL_SET_ERR_MSG_ATTR(extack, nla, "Invalid DSCP mask");

		return -EINVAL;

	}

	rule6->dscp_mask = dscp_mask;

	return 0;

}

static int fib6_nl2rule_flowlabel(struct nlattr **tb, struct fib6_rule *rule6,

				  struct netlink_ext_ack *extack)

{

		goto errout;

	}

	rule6->dscp = inet_dsfield_to_dscp(frh->tos);

	rule6->dscp_mask = frh->tos ? inet_dsfield_to_dscp(INET_DSCP_MASK) : 0;

	if (tb[FRA_DSCP] && fib6_nl2rule_dscp(tb[FRA_DSCP], rule6, extack) < 0)

		goto errout;

	if (tb[FRA_DSCP_MASK] &&

	    fib6_nl2rule_dscp_mask(tb[FRA_DSCP_MASK], rule6, extack) < 0)

		goto errout;

	if ((tb[FRA_FLOWLABEL] || tb[FRA_FLOWLABEL_MASK]) &&

	    fib6_nl2rule_flowlabel(tb, rule6, extack) < 0)

		goto errout;

			return 0;

	}

	if (tb[FRA_DSCP_MASK]) {

		dscp_t dscp_mask;

		dscp_mask = inet_dsfield_to_dscp(nla_get_u8(tb[FRA_DSCP_MASK]) << 2);

		if (!rule6->dscp_full || rule6->dscp_mask != dscp_mask)

			return 0;

	}

	if (tb[FRA_FLOWLABEL] &&

	    nla_get_be32(tb[FRA_FLOWLABEL]) != rule6->flowlabel)

		return 0;

	if (rule6->dscp_full) {

		frh->tos = 0;

		if (nla_put_u8(skb, FRA_DSCP,

			       inet_dscp_to_dsfield(rule6->dscp) >> 2))

			       inet_dscp_to_dsfield(rule6->dscp) >> 2) ||

		    nla_put_u8(skb, FRA_DSCP_MASK,

			       inet_dscp_to_dsfield(rule6->dscp_mask) >> 2))

			goto nla_put_failure;

	} else {

		frh->tos = inet_dscp_to_dsfield(rule6->dscp);

	return nla_total_size(16) /* dst */

	       + nla_total_size(16) /* src */

	       + nla_total_size(1) /* dscp */

	       + nla_total_size(1) /* dscp mask */

	       + nla_total_size(4) /* flowlabel */

	       + nla_total_size(4); /* flowlabel mask */

}