if_geneve: Add Support for Geneve (RFC8926)
geneve creates a generic network virtualization tunnel interface for Tentant Systems over an L3 (IP/UDP) underlay network that provides a Layer 2 (ethernet) or Layer 3 service using the geneve protocol. This implementation is based on RFC8926. Reviewed by: glebius, adrian Discussed with: zlei, kp Relnotes: yes Differential Revision: https://reviews.freebsd.org/D54172
This commit is contained in:
@@ -880,6 +880,10 @@ device vlan
|
||||
# frames in UDP packets according to RFC7348.
|
||||
device vxlan
|
||||
|
||||
# The `geneve' device implements the GENEVE encapsulation of virtual
|
||||
# overlays according to RFC8926.
|
||||
device geneve
|
||||
|
||||
# The `wlan' device provides generic code to support 802.11
|
||||
# drivers, including host AP mode; it is MANDATORY for the wi,
|
||||
# and ath drivers and will eventually be required by all 802.11 drivers.
|
||||
|
||||
@@ -4238,6 +4238,7 @@ net/if_stf.c optional stf inet inet6
|
||||
net/if_tuntap.c optional tuntap
|
||||
net/if_vlan.c optional vlan
|
||||
net/if_vxlan.c optional vxlan inet | vxlan inet6
|
||||
net/if_geneve.c optional geneve inet | geneve inet6
|
||||
net/ifdi_if.m optional ether pci iflib
|
||||
net/iflib.c optional ether pci iflib
|
||||
net/mp_ring.c optional ether iflib
|
||||
|
||||
@@ -4385,6 +4385,7 @@ prison_priv_check(struct ucred *cred, int priv)
|
||||
case PRIV_NET_SETIFVNET:
|
||||
case PRIV_NET_SETIFFIB:
|
||||
case PRIV_NET_OVPN:
|
||||
case PRIV_NET_GENEVE:
|
||||
case PRIV_NET_ME:
|
||||
case PRIV_NET_WG:
|
||||
|
||||
|
||||
@@ -169,6 +169,7 @@ SUBDIR= \
|
||||
if_tuntap \
|
||||
if_vlan \
|
||||
if_vxlan \
|
||||
if_geneve \
|
||||
${_if_wg} \
|
||||
iflib \
|
||||
${_igc} \
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
.PATH: ${SRCTOP}/sys/net
|
||||
|
||||
KMOD= if_geneve
|
||||
SRCS= if_geneve.c
|
||||
SRCS+= opt_inet.h opt_inet6.h
|
||||
|
||||
.include <bsd.kmod.mk>
|
||||
@@ -2273,6 +2273,8 @@ const struct ifcap_nv_bit_name ifcap2_nv_bit_names[] = {
|
||||
CAP2NV(RXTLS4),
|
||||
CAP2NV(RXTLS6),
|
||||
CAP2NV(IPSEC_OFFLOAD),
|
||||
CAP2NV(GENEVE_HWCSUM),
|
||||
CAP2NV(GENEVE_HWTSO),
|
||||
{0, NULL}
|
||||
};
|
||||
#undef CAPNV
|
||||
|
||||
+5
-1
@@ -255,7 +255,9 @@ struct if_data {
|
||||
#define IFCAP_B_RXTLS4 32 /* can do TLS receive for TCP */
|
||||
#define IFCAP_B_RXTLS6 33 /* can do TLS receive for TCP6 */
|
||||
#define IFCAP_B_IPSEC_OFFLOAD 34 /* inline IPSEC offload */
|
||||
#define __IFCAP_B_SIZE 35
|
||||
#define IFCAP_B_GENEVE_HWCSUM 35 /* can do IFCAN_HWCSUM on GENEVE */
|
||||
#define IFCAP_B_GENEVE_HWTSO 36 /* can do IFCAP_TSO on GENEVE */
|
||||
#define __IFCAP_B_SIZE 37
|
||||
|
||||
#define IFCAP_B_MAX (__IFCAP_B_MAX - 1)
|
||||
#define IFCAP_B_SIZE (__IFCAP_B_SIZE)
|
||||
@@ -299,6 +301,8 @@ struct if_data {
|
||||
#define IFCAP2_RXTLS4 (IFCAP_B_RXTLS4 - 32)
|
||||
#define IFCAP2_RXTLS6 (IFCAP_B_RXTLS6 - 32)
|
||||
#define IFCAP2_IPSEC_OFFLOAD (IFCAP_B_IPSEC_OFFLOAD - 32)
|
||||
#define IFCAP2_GENEVE_HWCSUM (IFCAP_B_GENEVE_HWCSUM - 32)
|
||||
#define IFCAP2_GENEVE_HWTSO (IFCAP_B_GENEVE_HWTSO - 32)
|
||||
|
||||
#define IFCAP2_BIT(x) (1UL << (x))
|
||||
|
||||
|
||||
+3967
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,70 @@
|
||||
/*-
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*
|
||||
* Copyright (c) 2025-2026 Pouria Mousavizadeh Tehrani <pouria@FreeBSD.org>
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifndef _NET_IF_GENEVE_H_
|
||||
#define _NET_IF_GENEVE_H_
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#ifdef _KERNEL
|
||||
struct genevehdr {
|
||||
#if BYTE_ORDER == LITTLE_ENDIAN
|
||||
uint8_t geneve_optlen:6, /* Opt Len */
|
||||
geneve_ver:2; /* version */
|
||||
uint8_t geneve_flags:6, /* GENEVE Flags */
|
||||
geneve_critical:1, /* critical options present */
|
||||
geneve_control:1; /* control packets */
|
||||
#endif
|
||||
#if BYTE_ORDER == BIG_ENDIAN
|
||||
uint8_t geneve_ver:2, /* version */
|
||||
geneve_optlen:6; /* Opt Len */
|
||||
uint8_t geneve_control:1, /* control packets */
|
||||
geneve_critical:1, /* critical options present */
|
||||
geneve_flags:6; /* GENEVE Flags */
|
||||
#endif
|
||||
uint16_t geneve_proto; /* protocol type (follows Ethertypes) */
|
||||
uint32_t geneve_vni; /* virtual network identifier */
|
||||
} __packed;
|
||||
|
||||
struct geneveudphdr {
|
||||
struct udphdr geneve_udp;
|
||||
struct genevehdr geneve_hdr;
|
||||
} __packed;
|
||||
#endif /* _KERNEL */
|
||||
|
||||
struct geneve_params {
|
||||
uint16_t ifla_proto;
|
||||
};
|
||||
|
||||
#define GENEVE_VNI_MAX (1 << 24)
|
||||
|
||||
#define GENEVE_PROTO_ETHER 0x6558 /* Ethernet */
|
||||
#define GENEVE_PROTO_INHERIT 0x0 /* inherit inner layer 3 headers */
|
||||
#define GENEVE_UDPPORT 6081
|
||||
|
||||
#endif /* _NET_IF_GENEVE_H_ */
|
||||
@@ -61,10 +61,14 @@
|
||||
#define IFCAP_RXTLS4_NAME "RXTLS4"
|
||||
#define IFCAP_RXTLS6_NAME "RXTLS6"
|
||||
#define IFCAP_IPSEC_OFFLOAD_NAME "IPSEC"
|
||||
#define IFCAP_GENEVE_HWCSUM_NAME "GENEVE_HWCSUM"
|
||||
#define IFCAP_GENEVE_HWTSO_NAME "GENEVE_HWTSO"
|
||||
|
||||
#define IFCAP2_RXTLS4_NAME IFCAP_RXTLS4_NAME
|
||||
#define IFCAP2_RXTLS6_NAME IFCAP_RXTLS6_NAME
|
||||
#define IFCAP2_IPSEC_OFFLOAD_NAME IFCAP_IPSEC_OFFLOAD_NAME
|
||||
#define IFCAP2_RXTLS4_NAME IFCAP_RXTLS4_NAME
|
||||
#define IFCAP2_RXTLS6_NAME IFCAP_RXTLS6_NAME
|
||||
#define IFCAP2_IPSEC_OFFLOAD_NAME IFCAP_IPSEC_OFFLOAD_NAME
|
||||
#define IFCAP2_GENEVE_HWCSUM_NAME IFCAP_GENEVE_HWCSUM_NAME
|
||||
#define IFCAP2_GENEVE_HWTSO_NAME IFCAP_GENEVE_HWTSO_NAME
|
||||
|
||||
#ifdef _WANT_IFCAP_BIT_NAMES
|
||||
static const char *ifcap_bit_names[] = {
|
||||
@@ -103,6 +107,8 @@ static const char *ifcap_bit_names[] = {
|
||||
IFCAP_RXTLS4_NAME,
|
||||
IFCAP_RXTLS6_NAME,
|
||||
IFCAP_IPSEC_OFFLOAD_NAME,
|
||||
IFCAP_GENEVE_HWCSUM_NAME,
|
||||
IFCAP_GENEVE_HWTSO_NAME,
|
||||
};
|
||||
|
||||
#ifdef IFCAP_B_SIZE
|
||||
|
||||
@@ -286,4 +286,48 @@ enum {
|
||||
|
||||
#define IFLA_GRE_MAX (__IFLA_GRE_MAX - 1)
|
||||
|
||||
/* IFLA_INFO_DATA geneve attributes */
|
||||
enum {
|
||||
IFLA_GENEVE_UNSPEC,
|
||||
IFLA_GENEVE_ID,
|
||||
IFLA_GENEVE_PROTOCOL,
|
||||
IFLA_GENEVE_LOCAL,
|
||||
IFLA_GENEVE_REMOTE,
|
||||
IFLA_GENEVE_LOCAL_PORT,
|
||||
IFLA_GENEVE_PORT,
|
||||
IFLA_GENEVE_PORT_RANGE,
|
||||
IFLA_GENEVE_DF,
|
||||
IFLA_GENEVE_TTL,
|
||||
IFLA_GENEVE_TTL_INHERIT,
|
||||
IFLA_GENEVE_DSCP_INHERIT,
|
||||
IFLA_GENEVE_COLLECT_METADATA,
|
||||
IFLA_GENEVE_FTABLE_LEARN,
|
||||
IFLA_GENEVE_FTABLE_FLUSH,
|
||||
IFLA_GENEVE_FTABLE_MAX,
|
||||
IFLA_GENEVE_FTABLE_TIMEOUT,
|
||||
IFLA_GENEVE_FTABLE_COUNT,
|
||||
IFLA_GENEVE_FTABLE_NOSPACE_CNT,
|
||||
IFLA_GENEVE_FTABLE_LOCK_UP_FAIL_CNT,
|
||||
IFLA_GENEVE_MC_IFNAME,
|
||||
IFLA_GENEVE_MC_IFINDEX,
|
||||
IFLA_GENEVE_TXCSUM_CNT,
|
||||
IFLA_GENEVE_TSO_CNT,
|
||||
IFLA_GENEVE_RXCSUM_CNT,
|
||||
__IFLA_GENEVE_MAX,
|
||||
};
|
||||
#define IFLA_GENEVE_MAX (__IFLA_GENEVE_MAX - 1)
|
||||
|
||||
enum ifla_geneve_df {
|
||||
IFLA_GENEVE_DF_UNSET,
|
||||
IFLA_GENEVE_DF_SET,
|
||||
IFLA_GENEVE_DF_INHERIT,
|
||||
__IFLA_GENEVE_DF_MAX,
|
||||
};
|
||||
#define IFLA_GENEVE_DF_MAX (__IFLA_GENEVE_DF_MAX - 1)
|
||||
|
||||
struct ifla_geneve_port_range {
|
||||
uint16_t low;
|
||||
uint16_t high;
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
+3
-3
@@ -680,7 +680,7 @@ m_epg_pagelen(const struct mbuf *m, int pidx, int pgoff)
|
||||
#define CSUM_INNER_IP_TSO 0x00020000
|
||||
|
||||
#define CSUM_ENCAP_VXLAN 0x00040000 /* VXLAN outer encapsulation */
|
||||
#define CSUM_ENCAP_RSVD1 0x00080000
|
||||
#define CSUM_ENCAP_GENEVE 0x00080000 /* GENEVE outer encapsulation */
|
||||
|
||||
/* Flags used to indicate that the checksum was verified by hardware. */
|
||||
#define CSUM_INNER_L3_CALC 0x00100000
|
||||
@@ -702,7 +702,7 @@ m_epg_pagelen(const struct mbuf *m, int pidx, int pgoff)
|
||||
CSUM_INNER_IP6_TSO | CSUM_IP6_UDP | CSUM_IP6_TCP | CSUM_IP6_SCTP | \
|
||||
CSUM_IP6_TSO | CSUM_IP6_ISCSI | CSUM_INNER_IP | CSUM_INNER_IP_UDP | \
|
||||
CSUM_INNER_IP_TCP | CSUM_INNER_IP_TSO | CSUM_ENCAP_VXLAN | \
|
||||
CSUM_ENCAP_RSVD1 | CSUM_SND_TAG)
|
||||
CSUM_ENCAP_GENEVE | CSUM_SND_TAG)
|
||||
|
||||
#define CSUM_FLAGS_RX (CSUM_INNER_L3_CALC | CSUM_INNER_L3_VALID | \
|
||||
CSUM_INNER_L4_CALC | CSUM_INNER_L4_VALID | CSUM_L3_CALC | CSUM_L3_VALID | \
|
||||
@@ -718,7 +718,7 @@ m_epg_pagelen(const struct mbuf *m, int pidx, int pgoff)
|
||||
"\11CSUM_INNER_IP6_TSO\12CSUM_IP6_UDP\13CSUM_IP6_TCP\14CSUM_IP6_SCTP" \
|
||||
"\15CSUM_IP6_TSO\16CSUM_IP6_ISCSI\17CSUM_INNER_IP\20CSUM_INNER_IP_UDP" \
|
||||
"\21CSUM_INNER_IP_TCP\22CSUM_INNER_IP_TSO\23CSUM_ENCAP_VXLAN" \
|
||||
"\24CSUM_ENCAP_RSVD1\25CSUM_INNER_L3_CALC\26CSUM_INNER_L3_VALID" \
|
||||
"\24CSUM_ENCAP_GENEVE\25CSUM_INNER_L3_CALC\26CSUM_INNER_L3_VALID" \
|
||||
"\27CSUM_INNER_L4_CALC\30CSUM_INNER_L4_VALID\31CSUM_L3_CALC" \
|
||||
"\32CSUM_L3_VALID\33CSUM_L4_CALC\34CSUM_L4_VALID\35CSUM_L5_CALC" \
|
||||
"\36CSUM_L5_VALID\37CSUM_COALESCED\40CSUM_SND_TAG"
|
||||
|
||||
@@ -355,6 +355,7 @@
|
||||
#define PRIV_NET_OVPN 422 /* Administer OpenVPN DCO. */
|
||||
#define PRIV_NET_ME 423 /* Administer ME interface. */
|
||||
#define PRIV_NET_WG 424 /* Administer WireGuard interface. */
|
||||
#define PRIV_NET_GENEVE 425 /* Administer geneve. */
|
||||
|
||||
/*
|
||||
* 802.11-related privileges.
|
||||
|
||||
Reference in New Issue
Block a user