Add tunnel_key action.

Author: Alexander Chernikov

src/tc/actions/action.rs

@@ -14,6 +14,7 @@ use crate::tc::TcStats2;
 
 use super::{
     TcActionMirror, TcActionMirrorOption, TcActionNat, TcActionNatOption,
+    TcActionTunnelKey, TcActionTunnelKeyOption,
 };
 
 /// TODO: determine when and why to use this as opposed to the buffer's `kind`.
@@ -287,6 +288,10 @@ pub enum TcActionOption {
     ///
     /// These options type can be used to perform network address translation.
     Nat(TcActionNatOption),
+    /// Tunnel key options.
+    ///
+    /// These options type can be used to assign encapsulation properties to the packet.
+    TunnelKey(TcActionTunnelKeyOption),
     /// Other action types not yet supported by this library.
     Other(DefaultNla),
 }
@@ -296,6 +301,7 @@ impl Nla for TcActionOption {
         match self {
             Self::Mirror(nla) => nla.value_len(),
             Self::Nat(nla) => nla.value_len(),
+            Self::TunnelKey(nla) => nla.value_len(),
             Self::Other(nla) => nla.value_len(),
         }
     }
@@ -304,6 +310,7 @@ impl Nla for TcActionOption {
         match self {
             Self::Mirror(nla) => nla.emit_value(buffer),
             Self::Nat(nla) => nla.emit_value(buffer),
+            Self::TunnelKey(nla) => nla.emit_value(buffer),
             Self::Other(nla) => nla.emit_value(buffer),
         }
     }
@@ -312,6 +319,7 @@ impl Nla for TcActionOption {
         match self {
             Self::Mirror(nla) => nla.kind(),
             Self::Nat(nla) => nla.kind(),
+            Self::TunnelKey(nla) => nla.kind(),
             Self::Other(nla) => nla.kind(),
         }
     }
@@ -335,6 +343,10 @@ where
                 TcActionNatOption::parse(buf)
                     .context("failed to parse nat action")?,
             ),
+            TcActionTunnelKey::KIND => Self::TunnelKey(
+                TcActionTunnelKeyOption::parse(buf)
+                    .context("failed to parse tunnel_key action")?,
+            ),
             _ => Self::Other(
                 DefaultNla::parse(buf)
                     .context("failed to parse action options")?,

src/tc/actions/mod.rs

@@ -16,13 +16,17 @@ pub use self::mirror::{
     TcMirrorBuffer,
 };
 pub use self::nat::{TcActionNat, TcActionNatOption, TcNat, TcNatBuffer};
+pub use self::tunnel_key::{
+    TcActionTunnelKey, TcActionTunnelKeyOption, TcTunnelKey,
+};
 
 mod action;
 mod header;
 mod message;
 mod mirror;
 mod nat;
 mod nat_flag;
+mod tunnel_key;
 
 #[cfg(test)]
 pub mod tests;

src/tc/actions/tests/mod.rs

@@ -5,3 +5,4 @@ pub mod header;
 pub mod message;
 pub mod mirror;
 pub mod nat;
+pub mod tunnel_key;

src/tc/actions/tests/tunnel_key.rs

@@ -0,0 +1,205 @@
+// SPDX-License-Identifier: MIT
+
+use netlink_packet_utils::nla::NlaBuffer;
+use netlink_packet_utils::{Emitable, Parseable};
+
+use crate::tc::{
+    TcAction, TcActionAttribute, TcActionGeneric, TcActionOption,
+    TcActionTunnelKeyOption, TcActionType, TcStats2, TcStatsBasic,
+    TcStatsQueue, TcTunnelKey, Tcf,
+};
+use std::net::{Ipv4Addr, Ipv6Addr};
+
+//      > tc actions add action tunnel_key set id 33 src_ip 1.2.3.4 dst_ip 2.3.4.5 dst_port 4789 tos 1 ttl 2
+//      > tools/nl_dump.py dump_actions tunnel_key
+//      Note: 5.15 and 6.8 kernels do NOT set NLA_F_NESTED for TCA_ACT_OPTIONS
+#[test]
+fn get_tunnel_key_vxlan_action_ipv4() {
+    let raw = vec![
+        0xD4, 0x00, 0x01, 0x00, 0x0F, 0x00, 0x01, 0x00, 0x74, 0x75, 0x6E, 0x6E,
+        0x65, 0x6C, 0x5F, 0x6B, 0x65, 0x79, 0x00, 0x00, 0x44, 0x00, 0x04, 0x00,
+        0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x07, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x7C, 0x00, 0x02, 0x80, 0x1C, 0x00, 0x02, 0x00,
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00,
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
+        0x08, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x21, 0x08, 0x00, 0x03, 0x00,
+        0x01, 0x02, 0x03, 0x04, 0x08, 0x00, 0x04, 0x00, 0x02, 0x03, 0x04, 0x05,
+        0x06, 0x00, 0x09, 0x00, 0x12, 0xB5, 0x00, 0x00, 0x05, 0x00, 0x0A, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x0C, 0x00, 0x01, 0x00, 0x00, 0x00,
+        0x05, 0x00, 0x0D, 0x00, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x01, 0x00,
+        0xB0, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xB0, 0x23, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    ];
+
+    let expected = TcAction {
+        tab: 1,
+        attributes: vec![
+            TcActionAttribute::Kind("tunnel_key".to_string()),
+            TcActionAttribute::Stats(vec![
+                TcStats2::Basic(TcStatsBasic {
+                    bytes: 0,
+                    packets: 0,
+                }),
+                TcStats2::BasicHw(TcStatsBasic {
+                    bytes: 0,
+                    packets: 0,
+                }),
+                TcStats2::Queue(TcStatsQueue {
+                    qlen: 0,
+                    backlog: 0,
+                    drops: 0,
+                    requeues: 0,
+                    overlimits: 0,
+                }),
+            ]),
+            TcActionAttribute::Options(vec![
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::Parms(
+                    TcTunnelKey {
+                        generic: TcActionGeneric {
+                            index: 2,
+                            capab: 0,
+                            action: TcActionType::Pipe,
+                            refcnt: 1,
+                            bindcnt: 0,
+                        },
+                        t_action: 1,
+                    },
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncKeyId(
+                    33,
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncIpv4Src(
+                    "1.2.3.4".parse::<Ipv4Addr>().unwrap(),
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncIpv4Dst(
+                    "2.3.4.5".parse::<Ipv4Addr>().unwrap(),
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncDstPort(
+                    4789,
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::NoCsum(
+                    false,
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncTos(1)),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncTtl(2)),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::Tm(Tcf {
+                    install: 9136,
+                    lastuse: 9136,
+                    expires: 0,
+                    firstuse: 0,
+                })),
+            ]),
+        ],
+    };
+
+    assert_eq!(expected, TcAction::parse(&NlaBuffer::new(&raw)).unwrap());
+
+    let mut buf = vec![0; expected.buffer_len()];
+
+    expected.emit(&mut buf);
+
+    assert_eq!(buf, raw);
+}
+
+//      > tc actions add action tunnel_key set id 33 src_ip 2a00:1:: dst_ip 2a01:2:: dst_port 4789 tos 1 ttl 2
+//      > tools/nl_dump.py dump_actions tunnel_key
+//      Note: 5.15 and 6.8 kernels do NOT set NLA_F_NESTED for TCA_ACT_OPTIONS
+#[test]
+fn test_action_tunnel_key_vxlan_ipv6() {
+    let raw = vec![
+        0xEC, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x01, 0x00, 0x74, 0x75, 0x6E, 0x6E,
+        0x65, 0x6C, 0x5F, 0x6B, 0x65, 0x79, 0x00, 0x00, 0x44, 0x00, 0x04, 0x00,
+        0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x07, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x94, 0x00, 0x02, 0x80, 0x1C, 0x00, 0x02, 0x00,
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00,
+        0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
+        0x08, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x21, 0x14, 0x00, 0x05, 0x00,
+        0x2A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x06, 0x00, 0x2A, 0x01, 0x00, 0x02,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x06, 0x00, 0x09, 0x00, 0x12, 0xB5, 0x00, 0x00, 0x05, 0x00, 0x0A, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x0C, 0x00, 0x01, 0x00, 0x00, 0x00,
+        0x05, 0x00, 0x0D, 0x00, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x01, 0x00,
+        0xFB, 0x71, 0x3A, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFB, 0x71, 0x3A, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    ];
+
+    let expected = TcAction {
+        tab: 0,
+        attributes: vec![
+            TcActionAttribute::Kind("tunnel_key".to_string()),
+            TcActionAttribute::Stats(vec![
+                TcStats2::Basic(TcStatsBasic {
+                    bytes: 0,
+                    packets: 0,
+                }),
+                TcStats2::BasicHw(TcStatsBasic {
+                    bytes: 0,
+                    packets: 0,
+                }),
+                TcStats2::Queue(TcStatsQueue {
+                    qlen: 0,
+                    backlog: 0,
+                    drops: 0,
+                    requeues: 0,
+                    overlimits: 0,
+                }),
+            ]),
+            TcActionAttribute::Options(vec![
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::Parms(
+                    TcTunnelKey {
+                        generic: TcActionGeneric {
+                            index: 1,
+                            capab: 0,
+                            action: TcActionType::Pipe,
+                            refcnt: 1,
+                            bindcnt: 1,
+                        },
+                        t_action: 1,
+                    },
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncKeyId(
+                    33,
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncIpv6Src(
+                    "2a00:1::".parse::<Ipv6Addr>().unwrap(),
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncIpv6Dst(
+                    "2a01:2::".parse::<Ipv6Addr>().unwrap(),
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncDstPort(
+                    4789,
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::NoCsum(
+                    false,
+                )),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncTos(1)),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::EncTtl(2)),
+                TcActionOption::TunnelKey(TcActionTunnelKeyOption::Tm(Tcf {
+                    install: 3830267,
+                    lastuse: 3830267,
+                    expires: 0,
+                    firstuse: 0,
+                })),
+            ]),
+        ],
+    };
+
+    assert_eq!(expected, TcAction::parse(&NlaBuffer::new(&raw)).unwrap());
+
+    let mut buf = vec![0; expected.buffer_len()];
+
+    expected.emit(&mut buf);
+
+    assert_eq!(buf, raw);
+}