openwrt/target/linux/mediatek/patches-4.9/0056-net-mediatek-add-hw-nat-support.patch

120 lines
3.7 KiB
Diff
Raw Normal View History

From 043efc0e619e04661be2b1889382db2fdd378145 Mon Sep 17 00:00:00 2001
From: John Crispin <john@phrozen.org>
Date: Thu, 10 Aug 2017 16:34:36 +0200
Subject: [PATCH 56/57] net: mediatek: add hw nat support
Signed-off-by: John Crispin <john@phrozen.org>
---
drivers/net/ethernet/mediatek/Kconfig | 7 +++++++
drivers/net/ethernet/mediatek/Makefile | 1 +
drivers/net/ethernet/mediatek/mtk_eth_soc.c | 13 +++++++++++++
net/netfilter/nf_conntrack_proto_tcp.c | 19 +++++++++++++++++++
4 files changed, 40 insertions(+)
--- a/drivers/net/ethernet/mediatek/Kconfig
+++ b/drivers/net/ethernet/mediatek/Kconfig
@@ -14,4 +14,11 @@ config NET_MEDIATEK_SOC
This driver supports the gigabit ethernet MACs in the
MediaTek MT2701/MT7623 chipset family.
+config NET_MEDIATEK_HNAT
+ tristate "MediaTek MT7623 hardware NAT support"
+ depends on NET_MEDIATEK_SOC && NF_CONNTRACK && NF_CONNTRACK_IPV4 && IP_NF_NAT && IP_NF_TARGET_MASQUERADE
+ ---help---
+ This driver supports the hardwaer NAT in the
+ MediaTek MT2701/MT7623 chipset family.
+
endif #NET_VENDOR_MEDIATEK
--- a/drivers/net/ethernet/mediatek/Makefile
+++ b/drivers/net/ethernet/mediatek/Makefile
@@ -3,3 +3,4 @@
#
obj-$(CONFIG_NET_MEDIATEK_SOC) += mtk_eth_soc.o
+obj-$(CONFIG_NET_MEDIATEK_HNAT) += mtk_hnat/
--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
@@ -23,6 +23,10 @@
#include <linux/reset.h>
#include <linux/tcp.h>
+#if defined(CONFIG_NET_MEDIATEK_HNAT) || defined(CONFIG_NET_MEDIATEK_HNAT_MODULE)
+#include "mtk_hnat/nf_hnat_mtk.h"
+#endif
+
#include "mtk_eth_soc.h"
static int mtk_msg_level = -1;
@@ -649,6 +653,11 @@ static int mtk_tx_map(struct sk_buff *sk
return -ENOMEM;
/* set the forward port */
+#if defined(CONFIG_NET_MEDIATEK_HNAT) || defined(CONFIG_NET_MEDIATEK_HNAT_MODULE)
+ if (HNAT_SKB_CB2(skb)->magic == 0x78681415)
+ fport |= 0x4 << TX_DMA_FPORT_SHIFT;
+ else
+#endif
fport = (mac->id + 1) << TX_DMA_FPORT_SHIFT;
txd4 |= fport;
@@ -1013,6 +1022,10 @@ static int mtk_poll_rx(struct napi_struc
RX_DMA_VID(trxd.rxd3))
__vlan_hwaccel_put_tag(skb, htons(ETH_P_8021Q),
RX_DMA_VID(trxd.rxd3));
+#if defined(CONFIG_NET_MEDIATEK_HNAT) || defined(CONFIG_NET_MEDIATEK_HNAT_MODULE)
+ *(u32 *)(skb->head) = trxd.rxd4;
+ skb_hnat_alg(skb) = 0;
+#endif
skb_record_rx_queue(skb, 0);
napi_gro_receive(napi, skb);
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -11,6 +11,7 @@
#include <linux/types.h>
#include <linux/timer.h>
#include <linux/module.h>
+#include <linux/inetdevice.h>
#include <linux/in.h>
#include <linux/tcp.h>
#include <linux/spinlock.h>
@@ -19,6 +20,7 @@
#include <net/ip6_checksum.h>
#include <asm/unaligned.h>
+#include <net/ip.h>
#include <net/tcp.h>
#include <linux/netfilter.h>
@@ -53,6 +55,11 @@ static int nf_ct_tcp_max_retrans __read_
/* FIXME: Examine ipfilter's timeouts and conntrack transitions more
closely. They're more complex. --RR */
+#ifndef IPV4_DEVCONF_DFLT
+ #define IPV4_DEVCONF_DFLT(net, attr) \
+ IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
+#endif
+
static const char *const tcp_conntrack_names[] = {
"NONE",
"SYN_SENT",
@@ -519,6 +526,18 @@ static bool tcp_in_window(const struct n
if (nf_ct_tcp_no_window_check)
return true;
+ if (net) {
+ if ((net->ipv4.devconf_all && net->ipv4.devconf_dflt && net->ipv6.devconf_all) &&
+ net->ipv6.devconf_dflt) {
+ if ((IPV4_DEVCONF_DFLT(net, FORWARDING) ||
+ IPV4_DEVCONF_ALL(net, FORWARDING)) ||
+ (net->ipv6.devconf_all->forwarding ||
+ net->ipv6.devconf_dflt->forwarding)) {
+ return true;
+ }
+ }
+ }
+
/*
* Get the required data from the packet.
*/