From d073f650cdef24dce957099e55b660124fe2e0a4 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Fri, 23 Mar 2018 12:53:44 +0100 Subject: kernel: add support for enabling hardware flow offload via iptables Signed-off-by: Felix Fietkau --- .../650-netfilter-add-xt_OFFLOAD-target.patch | 35 +++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'target/linux/generic') diff --git a/target/linux/generic/hack-4.14/650-netfilter-add-xt_OFFLOAD-target.patch b/target/linux/generic/hack-4.14/650-netfilter-add-xt_OFFLOAD-target.patch index 7296cfa6c4..a322e605a2 100644 --- a/target/linux/generic/hack-4.14/650-netfilter-add-xt_OFFLOAD-target.patch +++ b/target/linux/generic/hack-4.14/650-netfilter-add-xt_OFFLOAD-target.patch @@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o --- /dev/null +++ b/net/netfilter/xt_FLOWOFFLOAD.c -@@ -0,0 +1,351 @@ +@@ -0,0 +1,364 @@ +/* + * Copyright (C) 2018 Felix Fietkau + * @@ -109,6 +109,7 @@ Signed-off-by: Felix Fietkau +#include +#include +#include ++#include +#include +#include +#include @@ -335,6 +336,7 @@ Signed-off-by: Felix Fietkau +static unsigned int +flowoffload_tg(struct sk_buff *skb, const struct xt_action_param *par) +{ ++ const struct xt_flowoffload_target_info *info = par->targinfo; + enum ip_conntrack_info ctinfo; + enum ip_conntrack_dir dir; + struct nf_flow_route route; @@ -387,6 +389,9 @@ Signed-off-by: Felix Fietkau + xt_flowoffload_check_device(xt_in(par)); + xt_flowoffload_check_device(xt_out(par)); + ++ if (info->flags & XT_FLOWOFFLOAD_HW) ++ nf_flow_offload_hw_add(xt_net(par), flow, ct); ++ + return XT_CONTINUE; + +err_flow_add: @@ -401,6 +406,11 @@ Signed-off-by: Felix Fietkau + +static int flowoffload_chk(const struct xt_tgchk_param *par) +{ ++ struct xt_flowoffload_target_info *info = par->targinfo; ++ ++ if (info->flags & ~XT_FLOWOFFLOAD_MASK) ++ return -EINVAL; ++ + return 0; +} + @@ -408,6 +418,8 @@ Signed-off-by: Felix Fietkau + .family = NFPROTO_UNSPEC, + .name = "FLOWOFFLOAD", + .revision = 0, ++ .targetsize = sizeof(struct xt_flowoffload_target_info), ++ .usersize = sizeof(struct xt_flowoffload_target_info), + .checkentry = flowoffload_chk, + .target = flowoffload_tg, + .me = THIS_MODULE, @@ -415,6 +427,7 @@ Signed-off-by: Felix Fietkau + +static int xt_flowoffload_table_init(struct nf_flowtable *table) +{ ++ table->flags = NF_FLOWTABLE_F_HW; + nf_flow_table_init(table); + return 0; +} @@ -460,3 +473,23 @@ Signed-off-by: Felix Fietkau #include #include #include +--- /dev/null ++++ b/include/uapi/linux/netfilter/xt_FLOWOFFLOAD.h +@@ -0,0 +1,17 @@ ++/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ ++#ifndef _XT_FLOWOFFLOAD_H ++#define _XT_FLOWOFFLOAD_H ++ ++#include ++ ++enum { ++ XT_FLOWOFFLOAD_HW = 1 << 0, ++ ++ XT_FLOWOFFLOAD_MASK = XT_FLOWOFFLOAD_HW ++}; ++ ++struct xt_flowoffload_target_info { ++ __u32 flags; ++}; ++ ++#endif /* _XT_FLOWOFFLOAD_H */ -- cgit v1.2.3