ipv6: Add a sysctl to control multipath hash fields

A subsequent patch will add a new multipath hash policy where the packet
fields used for multipath hash calculation are determined by user space.
This patch adds a sysctl that allows user space to set these fields.

The packet fields are represented using a bitmask and are common between
IPv4 and IPv6 to allow user space to use the same numbering across both
protocols. For example, to hash based on standard 5-tuple:

 # sysctl -w net.ipv6.fib_multipath_hash_fields=0x0037
 net.ipv6.fib_multipath_hash_fields = 0x0037

To avoid introducing holes in 'struct netns_sysctl_ipv6', move the
'bindv6only' field after the multipath hash fields.

The kernel rejects unknown fields, for example:

 # sysctl -w net.ipv6.fib_multipath_hash_fields=0x1000
 sysctl: setting key "net.ipv6.fib_multipath_hash_fields": Invalid argument

Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
index afdcdc0691d6386863711c6f68bbc446a9c14471..4246cc4ae35b9ec256b86af595c2a2f6993c758f 100644 (file)
--- a/Documentation/networking/ip-sysctl.rst
+++ b/Documentation/networking/ip-sysctl.rst
@@ -1773,6 +1773,33 @@ fib_multipath_hash_policy - INTEGER
        - 1 - Layer 4 (standard 5-tuple)
        - 2 - Layer 3 or inner Layer 3 if present
 
+fib_multipath_hash_fields - UNSIGNED INTEGER
+       When fib_multipath_hash_policy is set to 3 (custom multipath hash), the
+       fields used for multipath hash calculation are determined by this
+       sysctl.
+
+       This value is a bitmask which enables various fields for multipath hash
+       calculation.
+
+       Possible fields are:
+
+       ====== ============================
+       0x0001 Source IP address
+       0x0002 Destination IP address
+       0x0004 IP protocol
+       0x0008 Flow Label
+       0x0010 Source port
+       0x0020 Destination port
+       0x0040 Inner source IP address
+       0x0080 Inner destination IP address
+       0x0100 Inner IP protocol
+       0x0200 Inner Flow Label
+       0x0400 Inner source port
+       0x0800 Inner destination port
+       ====== ============================
+
+       Default: 0x0007 (source IP, destination IP and IP protocol)
+
 anycast_src_echo_reply - BOOLEAN
        Controls the use of anycast addresses as source addresses for ICMPv6
        echo reply

diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 448bf2b34759e9642a7caa70d55e78e67e515b15..f2d0ecc257bb28e6dd162d180c371e2b0487c8e3 100644 (file)
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -926,11 +926,19 @@ static inline int ip6_multipath_hash_policy(const struct net *net)
 {
        return net->ipv6.sysctl.multipath_hash_policy;
 }
+static inline u32 ip6_multipath_hash_fields(const struct net *net)
+{
+       return net->ipv6.sysctl.multipath_hash_fields;
+}
 #else
 static inline int ip6_multipath_hash_policy(const struct net *net)
 {
        return 0;
 }
+static inline u32 ip6_multipath_hash_fields(const struct net *net)
+{
+       return 0;
+}
 #endif
 
 /*

diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index 6153c8067009ae94373cde5ced34d93022c10208..bde0b7adb4a3e6b8a4973f1b79e9669df5e07ffa 100644 (file)
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -28,8 +28,9 @@ struct netns_sysctl_ipv6 {
        int ip6_rt_gc_elasticity;
        int ip6_rt_mtu_expires;
        int ip6_rt_min_advmss;
-       u8 bindv6only;
+       u32 multipath_hash_fields;
        u8 multipath_hash_policy;
+       u8 bindv6only;
        u8 flowlabel_consistency;
        u8 auto_flowlabels;
        int icmpv6_time;

diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 33d2d6a4e28cc6eae11033445793f32265eb09b8..2d650dc24349b3369c271328c70a2214b9651fda 100644 (file)
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -32,6 +32,7 @@
 #include <net/lwtunnel.h>
 #include <net/fib_notifier.h>
 
+#include <net/ip_fib.h>
 #include <net/ip6_fib.h>
 #include <net/ip6_route.h>
 
@@ -2355,6 +2356,10 @@ static int __net_init fib6_net_init(struct net *net)
        if (err)
                return err;
 
+       /* Default to 3-tuple */
+       net->ipv6.sysctl.multipath_hash_fields =
+               FIB_MULTIPATH_HASH_FIELD_DEFAULT_MASK;
+
        spin_lock_init(&net->ipv6.fib6_gc_lock);
        rwlock_init(&net->ipv6.fib6_walker_lock);
        INIT_LIST_HEAD(&net->ipv6.fib6_walkers);

diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index 27102c3d6e1da00c194b43259d6db5b38234833a..ce23c8f7ceb3e4bea047de8c50273fb0a3d3fc02 100644 (file)
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -17,6 +17,7 @@
 #include <net/addrconf.h>
 #include <net/inet_frag.h>
 #include <net/netevent.h>
+#include <net/ip_fib.h>
 #ifdef CONFIG_NETLABEL
 #include <net/calipso.h>
 #endif
@@ -24,6 +25,8 @@
 static int two = 2;
 static int flowlabel_reflect_max = 0x7;
 static int auto_flowlabels_max = IP6_AUTO_FLOW_LABEL_MAX;
+static u32 rt6_multipath_hash_fields_all_mask =
+       FIB_MULTIPATH_HASH_FIELD_ALL_MASK;
 
 static int proc_rt6_multipath_hash_policy(struct ctl_table *table, int write,
                                          void *buffer, size_t *lenp, loff_t *ppos)
@@ -151,6 +154,15 @@ static struct ctl_table ipv6_table_template[] = {
                .extra1         = SYSCTL_ZERO,
                .extra2         = &two,
        },
+       {
+               .procname       = "fib_multipath_hash_fields",
+               .data           = &init_net.ipv6.sysctl.multipath_hash_fields,
+               .maxlen         = sizeof(u32),
+               .mode           = 0644,
+               .proc_handler   = proc_douintvec_minmax,
+               .extra1         = SYSCTL_ONE,
+               .extra2         = &rt6_multipath_hash_fields_all_mask,
+       },
        {
                .procname       = "seg6_flowlabel",
                .data           = &init_net.ipv6.sysctl.seg6_flowlabel,