On Fri, Apr 09, 2021 at 01:03:49PM +0800, wenxu@xxxxxxxxx wrote:
> From: wenxu <wenxu@xxxxxxxxx>
>
> For the vlan packet the h_vlan_encapsulated_proto should be set
> on the flow_dissector_key_basic->n_porto flow_dissector.
>
> Fixes: a82055af5959 ("netfilter: nft_payload: add VLAN offload support")
> Fixes: 89d8fd44abfb ("netfilter: nft_payload: add C-VLAN offload support")
> Signed-off-by: wenxu <wenxu@xxxxxxxxx>
> ---
> net/netfilter/nft_payload.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c
> index cb1c8c2..84c5ecc 100644
> --- a/net/netfilter/nft_payload.c
> +++ b/net/netfilter/nft_payload.c
> @@ -233,8 +233,8 @@ static int nft_payload_offload_ll(struct nft_offload_ctx *ctx,
> if (!nft_payload_offload_mask(reg, priv->len, sizeof(__be16)))
> return -EOPNOTSUPP;
>
> - NFT_OFFLOAD_MATCH(FLOW_DISSECTOR_KEY_VLAN, vlan,
> - vlan_tpid, sizeof(__be16), reg);
> + NFT_OFFLOAD_MATCH(FLOW_DISSECTOR_KEY_BASIC, basic,
> + n_proto, sizeof(__be16), reg);
nftables already sets KEY_BASIC accordingly to 0x8100.
# nft --debug=netlink add rule netdev x y vlan id 100
netdev
[ meta load iiftype => reg 1 ]
[ cmp eq reg 1 0x00000001 ]
[ payload load 2b @ link header + 12 => reg 1 ]
[ cmp eq reg 1 0x00000081 ] <----------------------------- HERE
[ payload load 2b @ link header + 14 => reg 1 ]
[ bitwise reg 1 = ( reg 1 & 0x0000ff0f ) ^ 0x00000000 ]
[ cmp eq reg 1 0x00006400 ]
What are you trying to fix?
