net: fib_rules: Add port mask support

Add support for configuring and deleting rules that match on source and destination ports using a mask as well as support for dumping such rules to user space. Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Guillaume Nault <gnault@redhat.com> Reviewed-by: David Ahern <dsahern@kernel.org> Link: https://patch.msgid.link/20250217134109.311176-3-idosch@nvidia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
author: Ido Schimmel <idosch@nvidia.com> 2025-02-17 15:41:03 +0200
committer: Jakub Kicinski <kuba@kernel.org> 2025-02-19 18:43:38 -0800
commit: da7665947b668ef7882b40888171e941db11f06a (patch)
tree: 586c0b13b74e754485802bc6ad112190ecb96e9d /include
parent: 39f970aead3c5afd81d7f4e866a8f3f8fec3dabc (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h
index 710caacad9da..cfeb2fd0f5db 100644
--- a/include/net/fib_rules.h
+++ b/include/net/fib_rules.h
@@ -43,6 +43,8 @@ struct fib_rule {
 	struct fib_kuid_range	uid_range;
 	struct fib_rule_port_range	sport_range;
 	struct fib_rule_port_range	dport_range;
+	u16			sport_mask;
+	u16			dport_mask;
 	struct rcu_head		rcu;
 };
 
@@ -159,6 +161,12 @@ static inline bool fib_rule_port_range_compare(struct fib_rule_port_range *a,
 		a->end == b->end;
 }
 
+static inline bool
+fib_rule_port_is_range(const struct fib_rule_port_range *range)
+{
+	return range->start != range->end;
+}
+
 static inline bool fib_rule_requires_fldissect(struct fib_rule *rule)
 {
 	return rule->iifindex != LOOPBACK_IFINDEX && (rule->ip_proto ||
author	Ido Schimmel <idosch@nvidia.com>	2025-02-17 15:41:03 +0200
committer	Jakub Kicinski <kuba@kernel.org>	2025-02-19 18:43:38 -0800
commit	da7665947b668ef7882b40888171e941db11f06a (patch)
tree	586c0b13b74e754485802bc6ad112190ecb96e9d /include
parent	39f970aead3c5afd81d7f4e866a8f3f8fec3dabc (diff)