cmm offload is now working

2026-05-14 07:29:45 +08:00
parent 1dab92663d
commit 839576a15f
6 changed files with 270 additions and 0 deletions
--- a/patches/ask/upstream/libnetfilter-conntrack/03-debug-messages-v2.patch
+++ b/patches/ask/upstream/libnetfilter-conntrack/03-debug-messages-v2.patch
@@ -0,0 +1,158 @@
+diff --git a/src/conntrack/parse_mnl.c b/src/conntrack/parse_mnl.c
+index 72abc67..941075a 100644
+--- a/src/conntrack/parse_mnl.c
+++ b/src/conntrack/parse_mnl.c
+@@ -13,6 +13,24 @@
+ #include <libmnl/libmnl.h>
+ #include <limits.h>
+ #include <endian.h>
+#include <stdio.h>
+#include <stdarg.h>
+
+static void ask_nfct_dbg(const char *fmt, ...)
+{
+	FILE *f;
+	va_list ap;
+
+	f = fopen("/tmp/libnfct-cmm.log", "a");
+	if (!f)
+		return;
+
+	va_start(ap, fmt);
+	vfprintf(f, fmt, ap);
+	va_end(ap);
+
+	fclose(f);
+}
+ 
+ static int
+ nfct_parse_ip_attr_cb(const struct nlattr *attr, void *data)
+@@ -863,25 +881,44 @@ nfct_parse_comcerto_fp_attr_cb(const struct nlattr *attr, void *data)
+ 	const struct nlattr **tb = data;
+ 	int type = mnl_attr_get_type(attr);
+ 
+-	if (mnl_attr_type_valid(attr, CTA_COMCERTO_FP_MAX) < 0)
+-		return MNL_CB_OK;
+    ask_nfct_dbg("nested fp attr raw_type=0x%x type=%u len=%u payload_len=%u\n",
+            attr->nla_type, type, attr->nla_len,
+            mnl_attr_get_payload_len(attr));
+
+	if (mnl_attr_type_valid(attr, CTA_COMCERTO_FP_MAX) < 0) {
+        ask_nfct_dbg("nested fp attr type invalid raw_type=0x%x type=%u max=%u\n",
+                attr->nla_type, type, CTA_COMCERTO_FP_MAX);
+        return MNL_CB_OK;
+	}
+ 
+ 	switch(type) {
+ 	case CTA_COMCERTO_FP_MARK:
+ 	case CTA_COMCERTO_FP_IFINDEX:
+ 	case CTA_COMCERTO_FP_IIF:
+ 	case CTA_COMCERTO_FP_UNDERLYING_IIF:
+-		if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
+-			return MNL_CB_OK;
+		if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) {
+            ask_nfct_dbg("nested fp attr U32 validation failed type=%u raw_type=0x%x len=%u payload_len=%u\n",
+                    type, attr->nla_type, attr->nla_len,
+                    mnl_attr_get_payload_len(attr));
+            return MNL_CB_OK;
+        }
+ 		break;
+ 	case CTA_COMCERTO_FP_UNDERLYING_VID:
+-		if (mnl_attr_validate(attr, MNL_TYPE_U16) < 0)
+-			return MNL_CB_OK;
+		if (mnl_attr_validate(attr, MNL_TYPE_U16) < 0) {
+            ask_nfct_dbg("nested fp attr U16 validation failed type=%u raw_type=0x%x len=%u payload_len=%u\n",
+                    type, attr->nla_type, attr->nla_len,
+                    mnl_attr_get_payload_len(attr));
+            return MNL_CB_OK;
+        }
+ 		break;
+ 	case CTA_COMCERTO_FP_XFRM_HANDLE:
+ 		/* 4 x u32 = 16 bytes */
+-		if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC, 16) < 0)
+-			return MNL_CB_OK;
+        if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC, 16) < 0) {
+            ask_nfct_dbg("nested fp attr XFRM validation failed type=%u raw_type=0x%x len=%u payload_len=%u\n",
+                    type, attr->nla_type, attr->nla_len,
+                    mnl_attr_get_payload_len(attr));
+            return MNL_CB_OK;
+        }
+ 		break;
+ 	}
+ 	tb[type] = attr;
+@@ -893,9 +930,23 @@ nfct_parse_comcerto_fp(const struct nlattr *attr, struct nf_conntrack *ct,
+ 		       int dir)
+ {
+ 	struct nlattr *tb[CTA_COMCERTO_FP_MAX+1] = {};
+-
+-	if (mnl_attr_parse_nested(attr, nfct_parse_comcerto_fp_attr_cb, tb) < 0)
+-		return -1;
+    ask_nfct_dbg("enter nfct_parse_comcerto_fp dir=%d outer_raw_type=0x%x outer_type=%u len=%u payload_len=%u\n",
+            dir, attr->nla_type, mnl_attr_get_type(attr),
+            attr->nla_len, mnl_attr_get_payload_len(attr));
+
+    if (mnl_attr_parse_nested(attr, nfct_parse_comcerto_fp_attr_cb, tb) < 0) {
+        ask_nfct_dbg("mnl_attr_parse_nested FAILED dir=%d\n", dir);
+        return -1;
+    }
+
+    ask_nfct_dbg("fp nested result dir=%d mark=%d ifindex=%d iif=%d underlying_iif=%d vid=%d xfrm=%d\n",
+            dir,
+            !!tb[CTA_COMCERTO_FP_MARK],
+            !!tb[CTA_COMCERTO_FP_IFINDEX],
+            !!tb[CTA_COMCERTO_FP_IIF],
+            !!tb[CTA_COMCERTO_FP_UNDERLYING_IIF],
+            !!tb[CTA_COMCERTO_FP_UNDERLYING_VID],
+            !!tb[CTA_COMCERTO_FP_XFRM_HANDLE]);
+ 
+ 	if (tb[CTA_COMCERTO_FP_IIF]) {
+ 		ct->fp_info[dir].iif =
+@@ -984,6 +1035,11 @@ nfct_parse_conntrack_attr_cb(const struct nlattr *attr, void *data)
+ {
+ 	const struct nlattr **tb = data;
+ 	int type = mnl_attr_get_type(attr);
+    if (type == CTA_LAYERSCAPE_FP_ORIG || type == CTA_LAYERSCAPE_FP_REPLY) {
+        ask_nfct_dbg("top fp attr raw_type=0x%x type=%u len=%u payload_len=%u\n",
+                attr->nla_type, type, attr->nla_len,
+                mnl_attr_get_payload_len(attr));
+    }
+ 
+ 	if (mnl_attr_type_valid(attr, CTA_MAX) < 0)
+ 		return MNL_CB_OK;
+@@ -1023,8 +1079,12 @@ nfct_parse_conntrack_attr_cb(const struct nlattr *attr, void *data)
+ 	/* NXP ASK: Comcerto fast path and QoS */
+ 	case CTA_LAYERSCAPE_FP_ORIG:
+ 	case CTA_LAYERSCAPE_FP_REPLY:
+-		if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0)
+        if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0) {
+			ask_nfct_dbg("top fp attr nested validation failed raw_type=0x%x type=%u len=%u payload_len=%u\n",
+				     attr->nla_type, type, attr->nla_len,
+				     mnl_attr_get_payload_len(attr));
+ 			return MNL_CB_OK;
+		}
+ 		break;
+ 	case CTA_QOSCONNMARK:
+ 		if (mnl_attr_validate(attr, MNL_TYPE_U64) < 0)
+@@ -1168,12 +1228,22 @@ nfct_payload_parse(const void *payload, size_t payload_len,
+ 		 * Do not abort the entire conntrack dump if one fast-path
+ 		 * extension block cannot be represented by this userspace.
+ 		 */
+        ask_nfct_dbg("payload parse: saw CTA_LAYERSCAPE_FP_ORIG raw_type=0x%x type=%u len=%u payload_len=%u\n",
+                tb[CTA_LAYERSCAPE_FP_ORIG]->nla_type,
+                mnl_attr_get_type(tb[CTA_LAYERSCAPE_FP_ORIG]),
+                tb[CTA_LAYERSCAPE_FP_ORIG]->nla_len,
+                mnl_attr_get_payload_len(tb[CTA_LAYERSCAPE_FP_ORIG]));
+ 		nfct_parse_comcerto_fp(tb[CTA_LAYERSCAPE_FP_ORIG], ct,
+ 					 __DIR_ORIG);
+ 	}
+ 
+ 	if (tb[CTA_LAYERSCAPE_FP_REPLY]) {
+ 		/* See CTA_LAYERSCAPE_FP_ORIG handling above. */
+        ask_nfct_dbg("payload parse: saw CTA_LAYERSCAPE_FP_REPLY raw_type=0x%x type=%u len=%u payload_len=%u\n",
+                tb[CTA_LAYERSCAPE_FP_REPLY]->nla_type,
+                mnl_attr_get_type(tb[CTA_LAYERSCAPE_FP_REPLY]),
+                tb[CTA_LAYERSCAPE_FP_REPLY]->nla_len,
+                mnl_attr_get_payload_len(tb[CTA_LAYERSCAPE_FP_REPLY]));
+ 		nfct_parse_comcerto_fp(tb[CTA_LAYERSCAPE_FP_REPLY], ct,
+ 					 __DIR_REPL);
+ 	}
--- a/patches/ask/upstream/libnetfilter-conntrack/04-libnfct-add-missing-enum.patch
+++ b/patches/ask/upstream/libnetfilter-conntrack/04-libnfct-add-missing-enum.patch
@@ -0,0 +1,12 @@
+diff --git a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h
+index 418870a..510b5a8 100644
+--- a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h
+++ b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h
+@@ -60,6 +60,7 @@ enum ctattr_type {
+ 	CTA_SYNPROXY,
+ 	CTA_FILTER,
+ 	CTA_STATUS_MASK,
+	CTA_TIMESTAMP_EVENT,
+ 	/* NXP ASK: Layerscape fast path attributes - order must match kernel! */
+ 	CTA_LAYERSCAPE_FP_ORIG,
+ 	CTA_LAYERSCAPE_FP_REPLY,