x64: add sfe support for docker

package/lean/shortcut-fe/Makefile

@@ -15,7 +15,7 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=shortcut-fe
-PKG_RELEASE:=5
+PKG_RELEASE:=9
 
 include $(INCLUDE_DIR)/package.mk
 

package/lean/shortcut-fe/src/fast-classifier.c

@@ -310,15 +310,8 @@ rx_exit:
  * We look up the rtable entry for the address and, from its neighbour
  * structure, obtain the hardware address.  This means this function also
  * works if the neighbours are routers too.
- *
- * 21/10/17, quarkysg
- * - modified method signature to accept dst_entry from caller.  It will be used in place of existing method logic to lookup
- *   destination routes, which fails when packets are policy routed.
- *
- * 22/12/17, quarkysg
- * - changed method signature to accept sk_buff * instead, to make it more efficient.
  */
-static bool fast_classifier_find_dev_and_mac_addr(struct sk_buff *skb, sfe_ip_addr_t *addr, struct net_device **dev, u8 *mac_addr, bool is_v4)
+static bool fast_classifier_find_dev_and_mac_addr(sfe_ip_addr_t *addr, struct net_device **dev, u8 *mac_addr, bool is_v4)
 {
 	struct neighbour *neigh;
 	struct rtable *rt;
@@ -326,17 +319,6 @@ static bool fast_classifier_find_dev_and_mac_addr(struct sk_buff *skb, sfe_ip_ad
 	struct dst_entry *dst;
 	struct net_device *mac_dev;
 
-	/*
-	 * If we have skb provided, use it as the original code is unable
-	 * to lookup routes that are policy routed.
-	 *
-	 * quarkysg, 22/12/17
-	 */
-	if (unlikely(skb)) {
-		dst = skb_dst(skb);
-		goto skip_dst_lookup;
-	}
-
 	/*
 	 * Look up the rtable entry for the IP address then get the hardware
 	 * address from its neighbour structure.  This means this works when the
@@ -358,25 +340,18 @@ static bool fast_classifier_find_dev_and_mac_addr(struct sk_buff *skb, sfe_ip_ad
 		dst = (struct dst_entry *)rt6;
 	}
 
-skip_dst_lookup:	// quarkysg, 21/10/17
 	rcu_read_lock();
 	neigh = dst_neigh_lookup(dst, addr);
 	if (unlikely(!neigh)) {
 		rcu_read_unlock();
-		// only release dst_entry found in this method, quarkysg, 21/10/17
-		if (likely(!skb)) {
-			dst_release(dst);
-		}
+		dst_release(dst);
 		goto ret_fail;
 	}
 
 	if (unlikely(!(neigh->nud_state & NUD_VALID))) {
 		rcu_read_unlock();
 		neigh_release(neigh);
-		// only release dst_entry found in this method, quarkysg, 21/10/17
-		if (likely(!skb)) {
-			dst_release(dst);
-		}
+		dst_release(dst);
 		goto ret_fail;
 	}
 
@@ -384,10 +359,7 @@ skip_dst_lookup:	// quarkysg, 21/10/17
 	if (!mac_dev) {
 		rcu_read_unlock();
 		neigh_release(neigh);
-		// only release dst_entry found in this method, quarkysg, 21/10/17
-		if (likely(!skb)) {
-			dst_release(dst);
-		}
+		dst_release(dst);
 		goto ret_fail;
 	}
 
@@ -397,10 +369,7 @@ skip_dst_lookup:	// quarkysg, 21/10/17
 	*dev = mac_dev;
 	rcu_read_unlock();
 	neigh_release(neigh);
-	// only release dst_entry found in this method, quarkysg, 21/10/17
-	if (likely(!skb)) {
-		dst_release(dst);
-	}
+	dst_release(dst);
 
 	return true;
 
@@ -1049,27 +1018,26 @@ static unsigned int fast_classifier_post_routing(struct sk_buff *skb, bool is_v4
 	 * Get the net device and MAC addresses that correspond to the various source and
 	 * destination host addresses.
 	 */
-	if (!fast_classifier_find_dev_and_mac_addr(NULL, &sic.src_ip, &src_dev, sic.src_mac, is_v4)) {
+	if (!fast_classifier_find_dev_and_mac_addr(&sic.src_ip, &src_dev, sic.src_mac, is_v4)) {
 		fast_classifier_incr_exceptions(FAST_CL_EXCEPTION_NO_SRC_DEV);
 		return NF_ACCEPT;
 	}
 
-	if (!fast_classifier_find_dev_and_mac_addr(NULL, &sic.src_ip_xlate, &dev, sic.src_mac_xlate, is_v4)) {
+	if (!fast_classifier_find_dev_and_mac_addr(&sic.src_ip_xlate, &dev, sic.src_mac_xlate, is_v4)) {
 		fast_classifier_incr_exceptions(FAST_CL_EXCEPTION_NO_SRC_XLATE_DEV);
 		goto done1;
 	}
 
 	dev_put(dev);
 
-	if (!fast_classifier_find_dev_and_mac_addr(NULL, &sic.dest_ip, &dev, sic.dest_mac, is_v4)) {
+	if (!fast_classifier_find_dev_and_mac_addr(&sic.dest_ip, &dev, sic.dest_mac, is_v4)) {
 		fast_classifier_incr_exceptions(FAST_CL_EXCEPTION_NO_DEST_DEV);
 		goto done1;
 	}
 
 	dev_put(dev);
 
-	// we pass in sk_buff(skb) to enable acceleration of policy routed packets, quarkysg, 22/12/17
-	if (!fast_classifier_find_dev_and_mac_addr(skb, &sic.dest_ip_xlate, &dest_dev, sic.dest_mac_xlate, is_v4)) {
+	if (!fast_classifier_find_dev_and_mac_addr(&sic.dest_ip_xlate, &dest_dev, sic.dest_mac_xlate, is_v4)) {
 		fast_classifier_incr_exceptions(FAST_CL_EXCEPTION_NO_DEST_XLATE_DEV);
 		goto done1;
 	}
@@ -1722,7 +1690,7 @@ static int __init fast_classifier_init(void)
 	int result = -1;
 	size_t i, j;
 
-	printk(KERN_ALERT "fast-classifier (PBR safe v2.2): starting up\n");
+	printk(KERN_ALERT "fast-classifier: starting up\n");
 	DEBUG_INFO("SFE CM init\n");
 
 	hash_init(fc_conn_ht);
@@ -1813,7 +1781,7 @@ static int __init fast_classifier_init(void)
 	}
 #endif
 
-	printk(KERN_ALERT "fast-classifier (PBR safe v2.2): registered\n");
+	printk(KERN_ALERT "fast-classifier: registered\n");
 
 	spin_lock_init(&sc->lock);
 
@@ -1867,7 +1835,7 @@ static void __exit fast_classifier_exit(void)
 	int result = -1;
 
 	DEBUG_INFO("SFE CM exit\n");
-	printk(KERN_ALERT "fast-classifier (PBR safe v2.2): shutting down\n");
+	printk(KERN_ALERT "fast-classifier: shutting down\n");
 
 	/*
 	 * Unregister our sync callback.

target/linux/x86/Makefile

@@ -13,7 +13,7 @@ FEATURES:=squashfs vdi vmdk pcmcia fpu
 SUBTARGETS:=64 generic legacy geode 
 MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 
-KERNEL_PATCHVER:=4.19
+KERNEL_PATCHVER:=4.9
 
 KERNELNAME:=bzImage