1. Patchew
  2. linux
  3. [PATCH net-next 0/3] net: dsa: sync dsa_mall_policer_tc_entry with FLOW_ACTION_POLICE
  4. View patch

[PATCH net-next 1/3] net: dsa: sync dsa_mall_policer_tc_entry with FLOW_ACTION_POLICE

David Yang posted 3 patches 1 week, 6 days ago
There is a newer version of this series
[PATCH net-next 1/3] net: dsa: sync dsa_mall_policer_tc_entry with FLOW_ACTION_POLICE
Posted by David Yang 1 week, 6 days ago 
New options were introduced to FLOW_ACTION_POLICE
after struct dsa_mall_policer_tc_entry was added. The following commands
will succeed on DSA ports:

  tc qdisc add dev lan1 handle ffff: ingress
  tc filter add dev lan1 ingress matchall skip_sw action police \
    pkts_rate 80000 pkts_burst 100 mtu 1000 conform-exceed ok

resulting 1. burst_pkt, rate_pkt_ps, etc. being ignored; 2. burst and
rate_bytes_per_sec set to 0 without any error.

Instead of making decisions for drivers, extend struct
dsa_mall_policer_tc_entry to all options for FLOW_ACTION_POLICE in favor
of full functionalities, such as packet rate mode.

Drivers must reject unsupported combinations.

Signed-off-by: David Yang <mmyangfl@gmail.com>
---
 include/net/dsa.h | 11 +++++++++++
 net/dsa/user.c    |  7 +++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/include/net/dsa.h b/include/net/dsa.h
index 6b2b5ed64ea4..4c177b168ec8 100644
--- a/include/net/dsa.h
+++ b/include/net/dsa.h
@@ -21,6 +21,7 @@
 #include <linux/phylink.h>
 #include <net/devlink.h>
 #include <net/switchdev.h>
+#include <net/flow_offload.h>
 
 struct dsa_8021q_context;
 struct tc_action;
@@ -220,6 +221,16 @@ struct dsa_mall_mirror_tc_entry {
 struct dsa_mall_policer_tc_entry {
 	u32 burst;
 	u64 rate_bytes_per_sec;
+	u64 peakrate_bytes_ps;
+	u32 avrate;
+	u16 overhead;
+	u64 burst_pkt;
+	u64 rate_pkt_ps;
+	u32 mtu;
+	struct {
+		enum flow_action_id act_id;
+		u32 extval;
+	} exceed, notexceed;
 };
 
 /* TC matchall entry */
diff --git a/net/dsa/user.c b/net/dsa/user.c
index f59d66f0975d..4c9cff629d5c 100644
--- a/net/dsa/user.c
+++ b/net/dsa/user.c
@@ -1497,8 +1497,11 @@ dsa_user_add_cls_matchall_police(struct net_device *dev,
 	mall_tc_entry->cookie = cls->cookie;
 	mall_tc_entry->type = DSA_PORT_MALL_POLICER;
 	policer = &mall_tc_entry->policer;
-	policer->rate_bytes_per_sec = act->police.rate_bytes_ps;
-	policer->burst = act->police.burst;
+	/* so sad, flow_offload.h did not export the type of act->police, and
+	 * it's a nightmare to copy it field by field
+	 */
+	static_assert(sizeof(act->police) == sizeof(*policer));
+	memcpy(policer, &act->police, sizeof(*policer));
 
 	err = ds->ops->port_policer_add(ds, dp->index, policer);
 	if (err) {
-- 
2.51.0
Re: [PATCH net-next 1/3] net: dsa: sync dsa_mall_policer_tc_entry with FLOW_ACTION_POLICE
Posted by Jakub Kicinski 1 week, 2 days ago 
On Mon, 26 Jan 2026 14:13:29 +0800 David Yang wrote:
> -	policer->rate_bytes_per_sec = act->police.rate_bytes_ps;
> -	policer->burst = act->police.burst;
> +	/* so sad, flow_offload.h did not export the type of act->police, and
> +	 * it's a nightmare to copy it field by field
> +	 */
> +	static_assert(sizeof(act->police) == sizeof(*policer));
> +	memcpy(policer, &act->police, sizeof(*policer));

This is of course an unacceptable hack. Nobody will realize that
there's a layout dependency here, not to mention struct randomization.
If someone adds fields presumably they will have to update
dsa_mall_policer_tc_entry_type() anyway, so we aren't saving much with this hack

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.