Yotam Gigi's avatar Yotam Gigi Committed by David S. Miller
net: Introduce ife encapsulation module

This module is responsible for the ife encapsulation protocol
encode/decode logics. That module can:
 - ife_encode: encode skb and reserve space for the ife meta header
 - ife_decode: decode skb and extract the meta header size
 - ife_tlv_meta_encode - encodes one tlv entry into the reserved ife
   header space.
 - ife_tlv_meta_decode - decodes one tlv entry from the packet
 - ife_tlv_meta_next - advance to the next tlv

Reviewed-by: default avatarJiri Pirko <>
Signed-off-by: default avatarYotam Gigi <>
Signed-off-by: default avatarJamal Hadi Salim <>
Signed-off-by: default avatarRoman Mashak <>
Signed-off-by: default avatarDavid S. Miller <>
M: Yotam Gigi <>
M: Jamal Hadi Salim <>
F: net/ife
F: include/net/ife.h
F: include/uapi/linux/ife.h
#ifndef __NET_IFE_H
#define __NET_IFE_H
#include <linux/etherdevice.h>
#include <linux/rtnetlink.h>
#include <linux/module.h>
#include <uapi/linux/ife.h>
void *ife_encode(struct sk_buff *skb, u16 metalen);
void *ife_decode(struct sk_buff *skb, u16 *metalen);
void *ife_tlv_meta_decode(void *skbdata, u16 *attrtype, u16 *dlen, u16 *totlen);
int ife_tlv_meta_encode(void *skbdata, u16 attrtype, u16 dlen,
const void *dval);
void *ife_tlv_meta_next(void *skbdata);
static inline void *ife_encode(struct sk_buff *skb, u16 metalen)
return NULL;
static inline void *ife_decode(struct sk_buff *skb, u16 *metalen)
return NULL;
static inline void *ife_tlv_meta_decode(void *skbdata, u16 *attrtype, u16 *dlen,
u16 *totlen)
return NULL;
static inline int ife_tlv_meta_encode(void *skbdata, u16 attrtype, u16 dlen,
const void *dval)
return 0;
static inline void *ife_tlv_meta_next(void *skbdata)
return NULL;
#endif /* __NET_IFE_H */
......@@ -195,6 +195,7 @@ header-y += if_tun.h
header-y += if_tunnel.h
header-y += if_vlan.h
header-y += if_x25.h
header-y += ife.h
header-y += igmp.h
header-y += ila.h
header-y += in6.h
#ifndef __UAPI_IFE_H
#define __UAPI_IFE_H
enum {
/*Can be overridden at runtime by module option*/
#define IFE_META_MAX (__IFE_META_MAX - 1)
......@@ -391,6 +391,7 @@ source "net/caif/Kconfig"
source "net/ceph/Kconfig"
source "net/nfc/Kconfig"
source "net/psample/Kconfig"
source "net/ife/Kconfig"
bool "Network light weight tunnels"
......@@ -71,6 +71,7 @@ obj-$(CONFIG_CEPH_LIB) += ceph/
obj-$(CONFIG_BATMAN_ADV) += batman-adv/
obj-$(CONFIG_NFC) += nfc/
obj-$(CONFIG_PSAMPLE) += psample/
obj-$(CONFIG_NET_IFE) += ife/
obj-$(CONFIG_OPENVSWITCH) += openvswitch/
obj-$(CONFIG_VSOCKETS) += vmw_vsock/
obj-$(CONFIG_MPLS) += mpls/
# IFE subsystem configuration
menuconfig NET_IFE
depends on NET
tristate "Inter-FE based on IETF ForCES InterFE LFB"
default n
Say Y here to add support of IFE encapsulation protocol
For details refer to netdev01 paper:
"Distributing Linux Traffic Control Classifier-Action Subsystem"
Authors: Jamal Hadi Salim and Damascene M. Joachimpillai
To compile this support as a module, choose M here: the module will
be called ife.
# Makefile for the IFE encapsulation protocol
obj-$(CONFIG_NET_IFE) += ife.o
* net/ife/ife.c - Inter-FE protocol based on ForCES WG InterFE LFB
* Copyright (c) 2015 Jamal Hadi Salim <>
* Copyright (c) 2017 Yotam Gigi <>
* Refer to: draft-ietf-forces-interfelfb-03 and netdev01 paper:
* "Distributing Linux Traffic Control Classifier-Action Subsystem"
* Authors: Jamal Hadi Salim and Damascene M. Joachimpillai
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation.
#include <linux/types.h>
#include <linux/kernel.h>
#include <linux/string.h>
#include <linux/errno.h>
#include <linux/skbuff.h>
#include <linux/rtnetlink.h>
#include <linux/module.h>
#include <linux/init.h>
#include <net/net_namespace.h>
#include <net/netlink.h>
#include <net/pkt_sched.h>
#include <linux/etherdevice.h>
#include <net/ife.h>
struct ifeheadr {
__be16 metalen;
u8 tlv_data[];
void *ife_encode(struct sk_buff *skb, u16 metalen)
* where ORIGDATA = original ethernet header ...
int hdrm = metalen + IFE_METAHDRLEN;
int total_push = hdrm + skb->dev->hard_header_len;
struct ifeheadr *ifehdr;
struct ethhdr *iethh; /* inner ether header */
int skboff = 0;
int err;
err = skb_cow_head(skb, total_push);
if (unlikely(err))
return NULL;
iethh = (struct ethhdr *) skb->data;
__skb_push(skb, total_push);
memcpy(skb->data, iethh, skb->dev->hard_header_len);
skboff += skb->dev->hard_header_len;
/* total metadata length */
ifehdr = (struct ifeheadr *) (skb->data + skboff);
metalen += IFE_METAHDRLEN;
ifehdr->metalen = htons(metalen);
return ifehdr->tlv_data;
void *ife_decode(struct sk_buff *skb, u16 *metalen)
struct ifeheadr *ifehdr;
int total_pull;
u16 ifehdrln;
ifehdr = (struct ifeheadr *) (skb->data + skb->dev->hard_header_len);
ifehdrln = ntohs(ifehdr->metalen);
total_pull = skb->dev->hard_header_len + ifehdrln;
if (unlikely(ifehdrln < 2))
return NULL;
if (unlikely(!pskb_may_pull(skb, total_pull)))
return NULL;
skb_set_mac_header(skb, total_pull);
__skb_pull(skb, total_pull);
*metalen = ifehdrln - IFE_METAHDRLEN;
return &ifehdr->tlv_data;
struct meta_tlvhdr {
__be16 type;
__be16 len;
/* Caller takes care of presenting data in network order
void *ife_tlv_meta_decode(void *skbdata, u16 *attrtype, u16 *dlen, u16 *totlen)
struct meta_tlvhdr *tlv = (struct meta_tlvhdr *) skbdata;
*dlen = ntohs(tlv->len) - NLA_HDRLEN;
*attrtype = ntohs(tlv->type);
if (totlen)
*totlen = nla_total_size(*dlen);
return skbdata + sizeof(struct meta_tlvhdr);
void *ife_tlv_meta_next(void *skbdata)
struct meta_tlvhdr *tlv = (struct meta_tlvhdr *) skbdata;
u16 tlvlen = ntohs(tlv->len);
tlvlen = NLA_ALIGN(tlvlen);
return skbdata + tlvlen;
/* Caller takes care of presenting data in network order
int ife_tlv_meta_encode(void *skbdata, u16 attrtype, u16 dlen, const void *dval)
__be32 *tlv = (__be32 *) (skbdata);
u16 totlen = nla_total_size(dlen); /*alignment + hdr */
char *dptr = (char *) tlv + NLA_HDRLEN;
u32 htlv = attrtype << 16 | (dlen + NLA_HDRLEN);
*tlv = htonl(htlv);
memset(dptr, 0, totlen - NLA_HDRLEN);
memcpy(dptr, dval, dlen);
return totlen;
MODULE_AUTHOR("Jamal Hadi Salim <>");
MODULE_AUTHOR("Yotam Gigi <>");
