From patchwork Mon May 29 11:48:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258466 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0353C6D18 for ; Mon, 29 May 2023 11:49:45 +0000 (UTC) Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2080.outbound.protection.outlook.com [40.107.243.80]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6CEA49B for ; Mon, 29 May 2023 04:49:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cTf81e5UOlVd7YcLJWeAzl/OOHtpLW9kg7U9BiU7rGp0cgGhMUY8sSC7dL4a2o3y/tu4bLpUddvlRD0zRQwG0ZWuFtM6R8VlAOEi8+7TedqQJE9UllEM7tCYP74H7+ALfQseNFIK6vnEs1K6l/J0TdOHJpcaW/KyZ3PSalbaQHuEMF6UTItbGHqF0yYuAU/r3CxUtUkX8J5yDQi9fXsXt0iFBb0EWrYxKJf3XQUfFRC21GbFOBzurjmBq0kDKNjJSns24GzqYyrd/4aqMS9raPy1dovAzMC4BMqbcjZBE4gsl8BYid7O5o/TE1F4dVDRWop8kHInELiTwTb5gFTYLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ddChwO0XV2RfxJFWAOa8FJ3HKcgwhT0IXU/U9IfVtqE=; b=NndkphmjjZ/0NU4S9SQY58AexHlItXElVMe9/FKPxB9STTRRALB2lL8Zw0i8rl6OdHGFXdkRncEw8WCMGZRH608sLFKVDzXiZr7hQt7dXCP1CbcTfd5wd0vSipydkvPO4r4qwA0E4aScMf0F4Be5ewyUvBpLbz5aMijwa+jl6+kmClfKArXFga1QW0E/32+hwxtZ3CrpNBRkHV/aGSEYGMPD79Lj+AtRaw/iwvCMneAMI5yLBK3KVE7UEXsEJr++BHZvn9NnjnzJ1h6yw/QbSbFJFdkSBqZOmImqpWAp5juwccBWASheE5zs9x6AkGyiSiK2ie0CFjDPyGSYRn8q+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ddChwO0XV2RfxJFWAOa8FJ3HKcgwhT0IXU/U9IfVtqE=; b=krG6uIXjoEuAlMR1A4gI3ZSnl63Dd4gWJidxvsCER7HS8T/bBkQs8+7Lz1KTApoHd1rkcLOgiw6TYuyLeJUMjUnABjsejQHbqQTl7T9zXCxL5jIfSWQ1hSCqEWv8vJZ0RxK05EHakLV08bmRI8RSS8vJz65IyBnB/TyRVM2xRje7Fz7r6mD8k41RS4brKQTX4J2v3LOsB3br1ABp1EiJyoC3zjIdLnWaOFoXkp926dcbhSz7AHDv0diFN3tFVWS78IXx2MWOsN/5oHWpzRTOnPu44cnHvwOkBuy1mC9ZeAq0r9lns5UN7CuLftkuYDVk3MQb7M/7+vhgIXUdHDY1Vg== Received: from SJ0PR03CA0035.namprd03.prod.outlook.com (2603:10b6:a03:33e::10) by SJ2PR12MB9190.namprd12.prod.outlook.com (2603:10b6:a03:554::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:49:42 +0000 Received: from DM6NAM11FT108.eop-nam11.prod.protection.outlook.com (2603:10b6:a03:33e:cafe::8e) by SJ0PR03CA0035.outlook.office365.com (2603:10b6:a03:33e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23 via Frontend Transport; Mon, 29 May 2023 11:49:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT108.mail.protection.outlook.com (10.13.172.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:49:41 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:49:31 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:49:25 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 1/8] skbuff: bridge: Add layer 2 miss indication Date: Mon, 29 May 2023 14:48:28 +0300 Message-ID: <20230529114835.372140-2-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT108:EE_|SJ2PR12MB9190:EE_ X-MS-Office365-Filtering-Correlation-Id: 68351df6-ab21-4da4-9747-08db603aca0e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wCcnaSyvSw8Wf5E7PWDgi6q5mLZL+P2vyEc3XZKKkPF1qQgjKVUKTFo/O+opX7Mn3CoG/IheVLjn2ZPOQtaRswjbc70eN7myrEKnGAwCYlCGUs2VC900rC534cU3hXz+Oygr3emgkm3xiyldR1YqOOpZRc6kjmMnRN45ijwlhv+lqxzLW8+VqRhdRBITYe41N6tLalLoFOBWjhpgL+Voo2XpGc+kli4WAU6xt/N6ooWeg8rBNFzpEVW738V9acK48h/D9P/U7wpU28kVjB2GYee7ynZW8CuGm3FE9XGFhu8cUd7TPVV0ukv70FNy4o1n2JB+rZqTyENFsmVPOaR8rShCft8prJg6kAwL0jH2os8w8QoDqj81dfppSTI5S/Jk8TQsaglVghmQuiGZmB8Ip4Gt2sJWmdbPdjzoLKtGE47fyVVhIHxFKBNanyJxNx38xVjHYg4jbTrHeMJrkB2pCWaOMBooZC4jYJCzXHMBcNlXq470wCZtUejhh8rDE4+fUwgdusBQFswtn/zEgY2JiKall5fXMFxK7WVFFO0sdthF2ALCmMQu+7n9te3IJuviStXy8gl1QHPGFWjzYgI1WDR+yBVpTp2IaHz7R1VHpmA2TKGlIrcWsUgVy5kVxIwbN7LiAdfwUVPJiUeHdSEM21aVYGpH1bnPfKQsGEptFBAMSRarSs2hOi5FMMsT5x+ERsz9EQ4bkeemxIgY3Sky/U2s98k3AS/VRP5cxA3FqAgRQtbClEw+XbdNzX8S6OG9 X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(39860400002)(136003)(396003)(376002)(346002)(451199021)(40470700004)(46966006)(36840700001)(26005)(1076003)(2906002)(316002)(186003)(16526019)(40480700001)(40460700003)(5660300002)(107886003)(41300700001)(36756003)(7416002)(8676002)(8936002)(478600001)(82740400003)(7636003)(36860700001)(356005)(54906003)(426003)(336012)(82310400005)(86362001)(110136005)(4326008)(2616005)(47076005)(70586007)(70206006)(83380400001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:49:41.5974 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 68351df6-ab21-4da4-9747-08db603aca0e X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT108.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB9190 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org For EVPN non-DF (Designated Forwarder) filtering we need to be able to prevent decapsulated traffic from being flooded to a multi-homed host. Filtering of multicast and broadcast traffic can be achieved using the following flower filter: # tc filter add dev bond0 egress pref 1 proto all flower indev vxlan0 dst_mac 01:00:00:00:00:00/01:00:00:00:00:00 action drop Unlike broadcast and multicast traffic, it is not currently possible to filter unknown unicast traffic. The classification into unknown unicast is performed by the bridge driver, but is not visible to other layers such as tc. Solve this by adding a new 'l2_miss' bit to the tc skb extension. Clear the bit whenever a packet enters the bridge (received from a bridge port or transmitted via the bridge) and set it if the packet did not match an FDB or MDB entry. If there is no skb extension and the bit needs to be cleared, then do not allocate one as no extension is equivalent to the bit being cleared. The bit is not set for broadcast packets as they never perform a lookup and therefore never incur a miss. A bit that is set for every flooded packet would also work for the current use case, but it does not allow us to differentiate between registered and unregistered multicast traffic, which might be useful in the future. To keep the performance impact to a minimum, the marking of packets is guarded by the 'tc_skb_ext_tc' static key. When 'false', the skb is not touched and an skb extension is not allocated. Instead, only a 5 bytes nop is executed, as demonstrated below for the call site in br_handle_frame(). Before the patch: ``` memset(skb->cb, 0, sizeof(struct br_input_skb_cb)); c37b09: 49 c7 44 24 28 00 00 movq $0x0,0x28(%r12) c37b10: 00 00 p = br_port_get_rcu(skb->dev); c37b12: 49 8b 44 24 10 mov 0x10(%r12),%rax memset(skb->cb, 0, sizeof(struct br_input_skb_cb)); c37b17: 49 c7 44 24 30 00 00 movq $0x0,0x30(%r12) c37b1e: 00 00 c37b20: 49 c7 44 24 38 00 00 movq $0x0,0x38(%r12) c37b27: 00 00 ``` After the patch (when static key is disabled): ``` memset(skb->cb, 0, sizeof(struct br_input_skb_cb)); c37c29: 49 c7 44 24 28 00 00 movq $0x0,0x28(%r12) c37c30: 00 00 c37c32: 49 8d 44 24 28 lea 0x28(%r12),%rax c37c37: 48 c7 40 08 00 00 00 movq $0x0,0x8(%rax) c37c3e: 00 c37c3f: 48 c7 40 10 00 00 00 movq $0x0,0x10(%rax) c37c46: 00 #ifdef CONFIG_HAVE_JUMP_LABEL_HACK static __always_inline bool arch_static_branch(struct static_key *key, bool branch) { asm_volatile_goto("1:" c37c47: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) br_tc_skb_miss_set(skb, false); p = br_port_get_rcu(skb->dev); c37c4c: 49 8b 44 24 10 mov 0x10(%r12),%rax ``` Subsequent patches will extend the flower classifier to be able to match on the new 'l2_miss' bit and enable / disable the static key when filters that match on it are added / deleted. Signed-off-by: Ido Schimmel Acked-by: Nikolay Aleksandrov Acked-by: Jakub Kicinski --- Notes: v2: * Use tc skb extension instead of adding a bit to the skb. * Do not mark broadcast packets as they never perform a lookup and therefore never incur a miss. include/linux/skbuff.h | 1 + net/bridge/br_device.c | 1 + net/bridge/br_forward.c | 3 +++ net/bridge/br_input.c | 1 + net/bridge/br_private.h | 27 +++++++++++++++++++++++++++ 5 files changed, 33 insertions(+) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 5951904413ab..e2f48ddb2f7c 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -330,6 +330,7 @@ struct tc_skb_ext { u8 post_ct_snat:1; u8 post_ct_dnat:1; u8 act_miss:1; /* Set if act_miss_cookie is used */ + u8 l2_miss:1; /* Set by bridge upon FDB or MDB miss */ }; #endif diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 8eca8a5c80c6..9a5ea06236bd 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -39,6 +39,7 @@ netdev_tx_t br_dev_xmit(struct sk_buff *skb, struct net_device *dev) u16 vid = 0; memset(skb->cb, 0, sizeof(struct br_input_skb_cb)); + br_tc_skb_miss_set(skb, false); rcu_read_lock(); nf_ops = rcu_dereference(nf_br_ops); diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c index 84d6dd5e5b1a..6116eba1bd89 100644 --- a/net/bridge/br_forward.c +++ b/net/bridge/br_forward.c @@ -203,6 +203,8 @@ void br_flood(struct net_bridge *br, struct sk_buff *skb, struct net_bridge_port *prev = NULL; struct net_bridge_port *p; + br_tc_skb_miss_set(skb, pkt_type != BR_PKT_BROADCAST); + list_for_each_entry_rcu(p, &br->port_list, list) { /* Do not flood unicast traffic to ports that turn it off, nor * other traffic if flood off, except for traffic we originate @@ -295,6 +297,7 @@ void br_multicast_flood(struct net_bridge_mdb_entry *mdst, allow_mode_include = false; } else { p = NULL; + br_tc_skb_miss_set(skb, true); } while (p || rp) { diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c index fc17b9fd93e6..c34a0b0901b0 100644 --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c @@ -334,6 +334,7 @@ static rx_handler_result_t br_handle_frame(struct sk_buff **pskb) return RX_HANDLER_CONSUMED; memset(skb->cb, 0, sizeof(struct br_input_skb_cb)); + br_tc_skb_miss_set(skb, false); p = br_port_get_rcu(skb->dev); if (p->flags & BR_VLAN_TUNNEL) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 2119729ded2b..a63b32c1638e 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -754,6 +755,32 @@ void br_boolopt_multi_get(const struct net_bridge *br, struct br_boolopt_multi *bm); void br_opt_toggle(struct net_bridge *br, enum net_bridge_opts opt, bool on); +#if IS_ENABLED(CONFIG_NET_TC_SKB_EXT) +static inline void br_tc_skb_miss_set(struct sk_buff *skb, bool miss) +{ + struct tc_skb_ext *ext; + + if (!tc_skb_ext_tc_enabled()) + return; + + ext = skb_ext_find(skb, TC_SKB_EXT); + if (ext) { + ext->l2_miss = miss; + return; + } + if (!miss) + return; + ext = tc_skb_ext_alloc(skb); + if (!ext) + return; + ext->l2_miss = true; +} +#else +static inline void br_tc_skb_miss_set(struct sk_buff *skb, bool miss) +{ +} +#endif + /* br_device.c */ void br_dev_setup(struct net_device *dev); void br_dev_delete(struct net_device *dev, struct list_head *list); From patchwork Mon May 29 11:48:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258467 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 639C4A53 for ; Mon, 29 May 2023 11:49:59 +0000 (UTC) Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2087.outbound.protection.outlook.com [40.107.243.87]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D6D5F9B for ; Mon, 29 May 2023 04:49:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=knO44x5Dc3Bt/B/jlylumZ8dl4eaYFDU9fJJXddua0I06F/4lXSFUxYed3LEfWE5iZkdkIAvthaa+ZcrxcIKY/6/m+5reTYxcc7coOk1FmoZuQ/EHagZYe/w9g+GN8rbbVpDLTCeGcmEWrH88TGPwA78WBrEdjfuwaOsXVX8OJZO1VcJVS13QQXjixvj921kbBPJneZ2ocD6l2l0+rpLXM82SUALcGW2zCxmv/za5Riyf+R4O6wuYg/RrUT5AvB/NlGQENKlAbdNVCm9NqnmDLOzXhN4hX5LmoBUHk54laFG1fXIEllKpBRsi8cs+L1yve+LjqlGNOhlzf1GIC3DbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zX3ZXapMoybqW9SxbIxK65G+JaqV1YHwVd/wK5hmo1U=; b=GYmEbm49uXDfp1Iz33IlrK7btqW1W5cAfSw4m1ak42f3YRVdntBKZkkFMhWItR84V8FuqCXTHsr4CGBMK+/QsUpBL9gi+I/lXG+vwwCIaftmm0cLmoK3SUqmLXidi3d/LHvl9wof+Nlx7SXn6Z2fl6j0mjN7/U8Ii7sQ7ILiNMBYtxEzpX7s/bXTxud3aduIlpE7AI2AKBmAqdRNU3rcU/DGyDL47d/l66rFc8438yMb10AbDTJXRoD09/hE5e8NwhVU5XtfktX8ulJfWBgsamddio4CJ3YjAKx1koKdch31ijpEU9cePM1Z/DoQrtoU50Ud+HhTZ5cMVZl4yV8csQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zX3ZXapMoybqW9SxbIxK65G+JaqV1YHwVd/wK5hmo1U=; b=afrUuKCbsY6iJgJDzVWcreeB9AyFHJc0dpdouhqT/hMSQhAdFst9Wxq2E6SvUIitecW+QlI9S3PNFBzx0qtZ59L5zpFgHHYsTfPi+wdJekRc35/ui5BrE684/lQ9Am5iO9uLc6IIt7UnrXZVaLrPLnxUM1HYJuPWY/HQdCpbLAaDCWT/PdIP8jEi0n2s3eg34Z0iwR9jMhOcGhfZT+gsghUtBRMlPz7XkmHv2qpwIfTO4xyLrmvZSOxgGId7Dcn4Yky8ALMdJufvMCOlpqsFqTO+CxLBJtkKm/cNwdKd6SZo2Npqv1awvJUnvcUEB5AGb/oUj4FEePCTdehHc/6yYg== Received: from SJ0PR03CA0035.namprd03.prod.outlook.com (2603:10b6:a03:33e::10) by LV8PR12MB9262.namprd12.prod.outlook.com (2603:10b6:408:1e7::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:49:54 +0000 Received: from DM6NAM11FT108.eop-nam11.prod.protection.outlook.com (2603:10b6:a03:33e:cafe::f0) by SJ0PR03CA0035.outlook.office365.com (2603:10b6:a03:33e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23 via Frontend Transport; Mon, 29 May 2023 11:49:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT108.mail.protection.outlook.com (10.13.172.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:49:54 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:49:37 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:49:31 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 2/8] flow_dissector: Dissect layer 2 miss from tc skb extension Date: Mon, 29 May 2023 14:48:29 +0300 Message-ID: <20230529114835.372140-3-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT108:EE_|LV8PR12MB9262:EE_ X-MS-Office365-Filtering-Correlation-Id: 04d89ba5-e710-47a9-1920-08db603ad1af X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Epm7knEe8hCFj4tXbZEPaKU0Pz8gIMkQmWHTggGD1AUYYRmsfUz1LSMu3AUqATIY5tB4Eu/Wd08p6RsW+AOgcWF6tWzqaP8oWlokw6PpUOuw9TSJTYdkfmSR12Ifn3Cm0QIlfKDXevuCuDay7kd+Eo7QDYQpTMQlyaLRZbrs+QZU7+y5Q+RiO51/PzotUF7xKLOjCSpICeowoT4Zeof4Pzk/YA4iq+xUlS0X9GSYDyUCs0aqPocPYsx8XKfO2fxOophVG03K3vRLkGixdomlzIzH1XXm68UBKzZ1/52yghnRTugRV9ldeUmylh12waCbcsCD2Tvc/yfxrSbcz6KEVE4kfbcccEwv6HibRrIOnrts3pUowEJVogFj9fMzF3lo0tu5ATjh5e/MjhU0aKQAl1CWHv5dSR/QYEsdrGw4kOtVaNjfNDlXE5qFecrCY5CA+Ib1SJ8lU/kXxSJkxyOvTe+MYIswLUNUr02FLVM/8NX3nyvUhko3qQ2fJpYaPbdywOxXt/qg18SM0dIvcDYwVlT+xLtGGQPR0FMRk5NrWKFtyZUd8lIwrZpvTb4MmkV2sSk5Dt4HsyI8s5hAAcJB/ITlL29jsbwlAGRkeAIst2mk5P8L6/9RLnRKLzaK7Oj3wqQYMY2zN0x3cxFDy5JXwJGy69fD9QvgNz2rC5H/2rLHf618mxXvXucgzlbeV62ZRmMTqJh7shLkjoE5jE/yfhJRJVxAsAw/f6oLBm5lXzQMcBBrlPyyNMgcY8ba/4Sp X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(136003)(376002)(346002)(396003)(39860400002)(451199021)(46966006)(40470700004)(36840700001)(36860700001)(40460700003)(47076005)(5660300002)(316002)(70586007)(70206006)(107886003)(7416002)(4326008)(82310400005)(36756003)(82740400003)(7636003)(8676002)(8936002)(356005)(41300700001)(86362001)(40480700001)(110136005)(54906003)(2906002)(2616005)(186003)(16526019)(336012)(426003)(478600001)(1076003)(26005);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:49:54.3934 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 04d89ba5-e710-47a9-1920-08db603ad1af X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT108.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR12MB9262 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Extend the 'FLOW_DISSECTOR_KEY_META' key with a new 'l2_miss' field and populate it from a field with the same name in the tc skb extension. This field is set by the bridge driver for packets that incur an FDB or MDB miss. The next patch will extend the flower classifier to be able to match on layer 2 misses. Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * Split from flower patch. * Use tc skb extension instead of 'skb->l2_miss'. include/net/flow_dissector.h | 2 ++ net/core/flow_dissector.c | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h index 85b2281576ed..8b41668c77fc 100644 --- a/include/net/flow_dissector.h +++ b/include/net/flow_dissector.h @@ -243,10 +243,12 @@ struct flow_dissector_key_ip { * struct flow_dissector_key_meta: * @ingress_ifindex: ingress ifindex * @ingress_iftype: ingress interface type + * @l2_miss: packet did not match an L2 entry during forwarding */ struct flow_dissector_key_meta { int ingress_ifindex; u16 ingress_iftype; + u8 l2_miss; }; /** diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c index 25fb0bbc310f..481ca4080cbd 100644 --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -241,6 +242,15 @@ void skb_flow_dissect_meta(const struct sk_buff *skb, FLOW_DISSECTOR_KEY_META, target_container); meta->ingress_ifindex = skb->skb_iif; +#if IS_ENABLED(CONFIG_NET_TC_SKB_EXT) + if (tc_skb_ext_tc_enabled()) { + struct tc_skb_ext *ext; + + ext = skb_ext_find(skb, TC_SKB_EXT); + if (ext) + meta->l2_miss = ext->l2_miss; + } +#endif } EXPORT_SYMBOL(skb_flow_dissect_meta); From patchwork Mon May 29 11:48:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258468 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 78FAB63A1 for ; Mon, 29 May 2023 11:50:04 +0000 (UTC) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2061d.outbound.protection.outlook.com [IPv6:2a01:111:f400:7ea9::61d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 36903A7 for ; Mon, 29 May 2023 04:50:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QYE8j1HH4ix9hisSAR6j5e6eTqRd+NHVDWW1dVndL9WIyLmulXNmPNJ9Dl5JgLxAeNMT/BYYOWR7WN6/nsPK8pAw3zeNxSvc0yJ5LcXS7+bI/y6vvvQ5DVIoP1uia+9H30DTuyl1RGO4dPyOZdtZqrpEycYamioF2xDgXUV0fQYCwn37G0OzGIlMXTfwe5CZXgplBKs6SJ0Kpi8VakgtxobWqYe1nXrdzUPklOsXh/UeTohLD5L0usjSIhcfl7dUXerCCBt5EOlkHqlNqM51N0rZ+nT1ESAeaB+Fnn2nknI+aGvjSZZ9zLDQcVdS3x4rRtcxEyPVx+wqbFE3JVDbNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5vc5/tMt9sFwrCWq6+YtiD/d1QZ16Bt400idyZhPc9A=; b=YKT94+z/BcecxRohxBQulsh+x9RnDgnImqiJLTzv+/vd/A0D04kFXn7SDcHMOasBT1EHU2FBCcRRrpo8DZnObzJXNKsTo6qNhJZD8ubNtK6fO0Mv4o1yfYcxWFfR3Oqt/nWL2sJlj+E1OoipG3kPYXiNPdbu6SWKVmK/GgR3H2PFz3u1Xy4dEdxs4G/BBDgKeCnV5QWGIl2kzCtir6lNkO4zENWA42WWcfktAXmVkwLFVoEyBV5P5d6Io75RGL5QkThyBuOJtcrEwwvV0038o2AAZpF6KCqylD0K2J1sJeSfqhkivA3O6NvhgiVhwX9MT6lSE6RmxAnCEuFthzCFBA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5vc5/tMt9sFwrCWq6+YtiD/d1QZ16Bt400idyZhPc9A=; b=i2MFec745JGKMBK8ultW23XMD0DZo4Av+wpan+mRmvqnje8U4DnmJIH+HFfBgGuZsTRAtTfH9eMtiqTVxPW3BB0EWKqVkTgQuI+/322XmwvP5ZIyBLLlQnWvm2iy8uY1g1gFG5WRYnYq5ruQwgn5ufoJ3jkX4OASsE9TDzJ8UFOseSqttz7gyWUD1UWFjzeQj9FQeWPMZY+x65FU83L7mFoh+rNRuGpi6PRzHB1X089kEb/q7lWTUHYh+HmHaluD4aDGa3jeD2KQerHmqv7nx4IdNIhDhLztSNHoVdVWgD6ZZ+jZ7UiGILz3dGjp4gDm4AzN1PkWGqql0AfWJslAHA== Received: from DM6PR05CA0049.namprd05.prod.outlook.com (2603:10b6:5:335::18) by IA0PR12MB8301.namprd12.prod.outlook.com (2603:10b6:208:40b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:49:56 +0000 Received: from DM6NAM11FT036.eop-nam11.prod.protection.outlook.com (2603:10b6:5:335:cafe::20) by DM6PR05CA0049.outlook.office365.com (2603:10b6:5:335::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:49:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DM6NAM11FT036.mail.protection.outlook.com (10.13.172.64) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:49:56 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:49:43 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:49:37 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 3/8] net/sched: flower: Allow matching on layer 2 miss Date: Mon, 29 May 2023 14:48:30 +0300 Message-ID: <20230529114835.372140-4-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT036:EE_|IA0PR12MB8301:EE_ X-MS-Office365-Filtering-Correlation-Id: 8a285fc5-147c-44a7-d836-08db603ad2fd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3fNI5GGrYE2SKsHWHWNsHxNazYsjfr/u2DFt2vjgnHrpDlSZp1OP1aDuMuZkMj6oUKQA8+cPOw7OWiyv9Ph4TMEaXUvfdiZBmglKevjXyu7MyJY3r7t5E3SVXTp/Ml46NzGHytSCosk8kxlBsevsrdNoAdxlDHQW5oN8jDUYbKlNNZTFw7h3FlC2naIRY3Ji+qzYYOjkoEshxzvZU6pni4XTkkuWOucqfrgPFn7fmPRgKB9mEzaG2NwdE5HU0O6AoUv2Cyt4pFgm4HQ9k1cWuKiboRV05Fo/XO+9EKrwtdQvVPDdtwFxOnwumATPSJBbzjt8UzzDNN0+SKKZlhzYnxriSlftDF4YtNCt7VWerjtzdm642SxdRjQLw3ajIqzZCPfX69vc8AOu7pyrivqnKv4jRDz/TkIwT5E2Pco0uHWj2rvigJqOt2JitR+sBgYgOR8dRSM+0NmE53EUvKjLuNxX1SejPGH0TJDvS0dsVqfcVVDVS4oyEi9woPtS5creC5xX97xkp6BNMNLk1HUYNkAyBypNUygZDuR90Az/Rkv9yznCJGM0yt63/zMpN7XqQqEDgLTf+yKm5WNaWgU9E8Q4aQXrP37PcUdT32LQSeSvFGUVn160p/HkXXQS4gcueeNAjd2XGzOJKeQCcaz0RIYAMYSDcHyQZAxHkBhsUG1K0Rf6RACMJdswS0lkYeAssGlz8x3kKnKqWju+zbwD4KFIsd81V4RgY/dQNjvozpfuiLqEgIiF0At1jkHQYgsk X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(39860400002)(136003)(396003)(376002)(346002)(451199021)(40470700004)(46966006)(36840700001)(26005)(1076003)(2906002)(6666004)(316002)(186003)(16526019)(40480700001)(40460700003)(5660300002)(107886003)(41300700001)(36756003)(7416002)(8676002)(8936002)(478600001)(82740400003)(7636003)(36860700001)(356005)(54906003)(426003)(336012)(82310400005)(86362001)(110136005)(4326008)(2616005)(47076005)(70586007)(70206006)(83380400001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:49:56.5715 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8a285fc5-147c-44a7-d836-08db603ad2fd X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT036.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8301 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, SPF_HELO_PASS,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Add the 'TCA_FLOWER_L2_MISS' netlink attribute that allows user space to match on packets that encountered a layer 2 miss. The miss indication is set as metadata in the tc skb extension by the bridge driver upon FDB or MDB lookup miss and dissected by the flow dissector to the 'FLOW_DISSECTOR_KEY_META' key. The use of this skb extension is guarded by the 'tc_skb_ext_tc' static key. As such, enable / disable this key when filters that match on layer 2 miss are added / deleted. Tested: # cat tc_skb_ext_tc.py #!/usr/bin/env -S drgn -s vmlinux refcount = prog["tc_skb_ext_tc"].key.enabled.counter.value_() print(f"tc_skb_ext_tc reference count is {refcount}") # ./tc_skb_ext_tc.py tc_skb_ext_tc reference count is 0 # tc filter add dev swp1 egress proto all handle 101 pref 1 flower src_mac 00:11:22:33:44:55 action drop # tc filter add dev swp1 egress proto all handle 102 pref 2 flower src_mac 00:11:22:33:44:55 l2_miss true action drop # tc filter add dev swp1 egress proto all handle 103 pref 3 flower src_mac 00:11:22:33:44:55 l2_miss false action drop # ./tc_skb_ext_tc.py tc_skb_ext_tc reference count is 2 # tc filter replace dev swp1 egress proto all handle 102 pref 2 flower src_mac 00:01:02:03:04:05 l2_miss false action drop # ./tc_skb_ext_tc.py tc_skb_ext_tc reference count is 2 # tc filter del dev swp1 egress proto all handle 103 pref 3 flower # tc filter del dev swp1 egress proto all handle 102 pref 2 flower # tc filter del dev swp1 egress proto all handle 101 pref 1 flower # ./tc_skb_ext_tc.py tc_skb_ext_tc reference count is 0 Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * Split flow_dissector changes to a previous patch. * Use tc skb extension instead of 'skb->l2_miss'. include/uapi/linux/pkt_cls.h | 2 ++ net/sched/cls_flower.c | 30 ++++++++++++++++++++++++++++-- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h index 648a82f32666..00933dda7b10 100644 --- a/include/uapi/linux/pkt_cls.h +++ b/include/uapi/linux/pkt_cls.h @@ -594,6 +594,8 @@ enum { TCA_FLOWER_KEY_L2TPV3_SID, /* be32 */ + TCA_FLOWER_L2_MISS, /* u8 */ + __TCA_FLOWER_MAX, }; diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c index 9dbc43388e57..04adcde9eb81 100644 --- a/net/sched/cls_flower.c +++ b/net/sched/cls_flower.c @@ -120,6 +120,7 @@ struct cls_fl_filter { u32 handle; u32 flags; u32 in_hw_count; + u8 needs_tc_skb_ext:1; struct rcu_work rwork; struct net_device *hw_dev; /* Flower classifier is unlocked, which means that its reference counter @@ -415,6 +416,8 @@ static struct cls_fl_head *fl_head_dereference(struct tcf_proto *tp) static void __fl_destroy_filter(struct cls_fl_filter *f) { + if (f->needs_tc_skb_ext) + tc_skb_ext_tc_disable(); tcf_exts_destroy(&f->exts); tcf_exts_put_net(&f->exts); kfree(f); @@ -615,7 +618,8 @@ static void *fl_get(struct tcf_proto *tp, u32 handle) } static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = { - [TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC }, + [TCA_FLOWER_UNSPEC] = { .strict_start_type = + TCA_FLOWER_L2_MISS }, [TCA_FLOWER_CLASSID] = { .type = NLA_U32 }, [TCA_FLOWER_INDEV] = { .type = NLA_STRING, .len = IFNAMSIZ }, @@ -720,7 +724,7 @@ static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = { [TCA_FLOWER_KEY_PPPOE_SID] = { .type = NLA_U16 }, [TCA_FLOWER_KEY_PPP_PROTO] = { .type = NLA_U16 }, [TCA_FLOWER_KEY_L2TPV3_SID] = { .type = NLA_U32 }, - + [TCA_FLOWER_L2_MISS] = NLA_POLICY_MAX(NLA_U8, 1), }; static const struct nla_policy @@ -1668,6 +1672,10 @@ static int fl_set_key(struct net *net, struct nlattr **tb, mask->meta.ingress_ifindex = 0xffffffff; } + fl_set_key_val(tb, &key->meta.l2_miss, TCA_FLOWER_L2_MISS, + &mask->meta.l2_miss, TCA_FLOWER_UNSPEC, + sizeof(key->meta.l2_miss)); + fl_set_key_val(tb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST, mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK, sizeof(key->eth.dst)); @@ -2085,6 +2093,11 @@ static int fl_check_assign_mask(struct cls_fl_head *head, return ret; } +static bool fl_needs_tc_skb_ext(const struct fl_flow_key *mask) +{ + return mask->meta.l2_miss; +} + static int fl_set_parms(struct net *net, struct tcf_proto *tp, struct cls_fl_filter *f, struct fl_flow_mask *mask, unsigned long base, struct nlattr **tb, @@ -2121,6 +2134,14 @@ static int fl_set_parms(struct net *net, struct tcf_proto *tp, return -EINVAL; } + /* Enable tc skb extension if filter matches on data extracted from + * this extension. + */ + if (fl_needs_tc_skb_ext(&mask->key)) { + f->needs_tc_skb_ext = 1; + tc_skb_ext_tc_enable(); + } + return 0; } @@ -3074,6 +3095,11 @@ static int fl_dump_key(struct sk_buff *skb, struct net *net, goto nla_put_failure; } + if (fl_dump_key_val(skb, &key->meta.l2_miss, + TCA_FLOWER_L2_MISS, &mask->meta.l2_miss, + TCA_FLOWER_UNSPEC, sizeof(key->meta.l2_miss))) + goto nla_put_failure; + if (fl_dump_key_val(skb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST, mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK, sizeof(key->eth.dst)) || From patchwork Mon May 29 11:48:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258469 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 204136FD8 for ; Mon, 29 May 2023 11:50:09 +0000 (UTC) Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2077.outbound.protection.outlook.com [40.107.244.77]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C5A0D9B for ; Mon, 29 May 2023 04:50:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H1l3kfZ81HG6KRtfpw2XP2MTjosFyGwDSFn0km8O59s4RaTSJifgCbh7DUbHtfG1qj/MIbPa87D+9tWWgvzWQ8I7POPSTGScyY9TwbpNzYfV1r+ahIqJ2YWCtPd1BG5A/KA0gwXJUotVj8lpZs1QZPFGVj3tMSaINKjGfM9GNUM+stzZR2wNwL2d4AQx4BbPoAMSd3O0HzV1Enjpm68voab7pU/z7fwqWvMg4ySkxoFoEMKKwmDAeoJmuVaPLNjz3g7Z379q/ASEymqExrYd9RfBN99Wv+pwf6EoN9QGDG23PtPnxu1G8h25GShatZ1h1tlfXw5TgKUKIfHMBRIa/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=x/ztd8jNRxGM5OdrjSvsfbO+TrQBojFJ2clLMbUT4DY=; b=TzUCWFPQXdB9pzb61euwWkp+wb0sg+MK0uOYw3iNGJ0fGB5PMAZ50CUT0NJ2S7lDDgI7rMxpZAfh2zn5Rf+FxgN4IILx+FRMUGCb2XO2N5kM5s1t08Atb72q2SJKtjqcwvmnldGJfZHAZDVHk4qlbe3oZTCYOFrZanlVQpdyqr/MabVzAUBKZLLVc1tqp5+SsbgRGKC5nhUg4nrC+OU1vfzP/nOzlucjkwaYv2U2VEUZFgvfsZfW7RRTMaxtnLRFLbDQCeCAlH3TSrQGAX7gDTaqNw96/E/Lpd4/c2ZgMPnhZUOgvTR+EUm2JAzK7e4GJ92q7+5lPcqCCxQu/+Xr4g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x/ztd8jNRxGM5OdrjSvsfbO+TrQBojFJ2clLMbUT4DY=; b=WTYUZqsgch0ALyr/KfzdP0KPm49cAY9kHJ6dRY0EmgPynTCPuVcDlJEwwGQj7SaMWIPKyf5Gu9Artmfjv8Fi43yp+/7i0SvPzE7sW/t2u6XxOZ6L57V4Bax7IOwexwHfvFgoJRUnDECAKHbY50/8KkcEfluH5wFJw+NM0NvSbeE7n0r7/u5gZhZmKeOgVF3emkb/QYDm301fvo8E/7ke0/wAUixyCRofv8dguRf4xL9DnkT3T4IiFUBiBgcTdZvTDEoY84uy7P6G9w8z9xF90dWIMrRIOg6mN/9ZUHAflAg0PUeGvm9i3ukxwU9xjvgKjIeyNjh7dMKJy+3DNHsbyw== Received: from DM6PR06CA0070.namprd06.prod.outlook.com (2603:10b6:5:54::47) by PH8PR12MB7279.namprd12.prod.outlook.com (2603:10b6:510:221::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:50:05 +0000 Received: from DM6NAM11FT064.eop-nam11.prod.protection.outlook.com (2603:10b6:5:54:cafe::cc) by DM6PR06CA0070.outlook.office365.com (2603:10b6:5:54::47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23 via Frontend Transport; Mon, 29 May 2023 11:50:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT064.mail.protection.outlook.com (10.13.172.234) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:50:04 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:49:48 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:49:43 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 4/8] flow_offload: Reject matching on layer 2 miss Date: Mon, 29 May 2023 14:48:31 +0300 Message-ID: <20230529114835.372140-5-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT064:EE_|PH8PR12MB7279:EE_ X-MS-Office365-Filtering-Correlation-Id: 326c69ce-8ff3-419b-221e-08db603ad7f6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BPQ5gHftNEHnJmQnVDr9ZOq94D7g+D5QcUv3+8VxYYkA8bvWcjzUASl6wezTbqpgYQ2hqp1wRl6Mj8lA+d4z1eRh1SLA8r6ULLQD3AWfrnADDER2bQcwkyDp4q6bJ139JXL+nV/MXhuCOhM0j02SAespuTfVzWYna+YD48JyOkNKsVwjkBqTJCm6mC3ROcxTWF9VMel4f3oaly+OBi2fL4Sa4ssKrH3Ed/F8HPwb2MuocNoW00lV2MJ1SEV6tLb3AOM4Jp/PJzFGAJ3v4M8fWtPrMjQKrJqIu8/+FExRWM/qCMtRdByWbAU/PkxjTOAjRcKjMW1Nk/9A6SLapu/V7beiAfE1ryvh2ykKaHQcoRzq86ZAtDeixJOsfkvgSUtl0cOXGKUe/zMOz8ymQC5/JOYY6fojSx4RfLAaeXrT8Ojb1FUyJ/Kb/tlquXrdQrsEZtpnsNtJCC+UvCDMobioKF+pKGpQGp8jusVviNKgKqw0BK/ZKpG9s7LZmrck7A1MY312QUoLelZYyvQ/318d42Syk9mQGBYlyQFrcZq+3l+ujiFbcjpHd45buuS8mqslch9nYof+DoH0w1FLd9WxIb+8SSlJCea4A6eclTSBGohFcSkhBSC4MrDf9qfic42aDGhmtG6VHhSeOUtKVYf2T4UKfc40gJLYJdCHg8PGNH/eVf5afX7gNW9+ALj48PKHeJXv1QuZ8MaXgBth0oHQJmqm7xkZdBefh9HADI082v+btmw/dJ0NcI7LxUP0D3yA X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(396003)(136003)(39860400002)(346002)(376002)(451199021)(46966006)(40470700004)(36840700001)(107886003)(36860700001)(26005)(1076003)(41300700001)(6666004)(16526019)(186003)(47076005)(83380400001)(426003)(336012)(2616005)(478600001)(110136005)(40460700003)(54906003)(70206006)(356005)(82740400003)(4326008)(70586007)(7636003)(40480700001)(316002)(5660300002)(8676002)(8936002)(7416002)(86362001)(82310400005)(2906002)(36756003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:50:04.9252 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 326c69ce-8ff3-419b-221e-08db603ad7f6 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT064.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7279 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Adjust drivers that support the 'FLOW_DISSECTOR_KEY_META' key to reject filters that try to match on the newly added layer 2 miss field. Add an extack message to clearly communicate the failure reason to user space. The following users were not patched: 1. mtk_flow_offload_replace(): Only checks that the key is present, but does not do anything with it. 2. mlx5_tc_ct_set_tuple_match(): Used as part of netfilter offload, which does not make use of the new field, unlike tc. 3. get_netdev_from_rule() in nfp: Likewise. Example: # tc filter add dev swp1 egress pref 1 proto all flower skip_sw l2_miss true action drop Error: mlxsw_spectrum: Can't match on "l2_miss". We have an error talking to the kernel Acked-by: Elad Nachman Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * Expand commit message to explain why some users were not patched. .../net/ethernet/marvell/prestera/prestera_flower.c | 6 ++++++ drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 6 ++++++ drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c | 6 ++++++ drivers/net/ethernet/mscc/ocelot_flower.c | 10 ++++++++++ 4 files changed, 28 insertions(+) diff --git a/drivers/net/ethernet/marvell/prestera/prestera_flower.c b/drivers/net/ethernet/marvell/prestera/prestera_flower.c index 91a478b75cbf..3e20e71b0f81 100644 --- a/drivers/net/ethernet/marvell/prestera/prestera_flower.c +++ b/drivers/net/ethernet/marvell/prestera/prestera_flower.c @@ -148,6 +148,12 @@ static int prestera_flower_parse_meta(struct prestera_acl_rule *rule, __be16 key, mask; flow_rule_match_meta(f_rule, &match); + + if (match.mask->l2_miss) { + NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on \"l2_miss\""); + return -EOPNOTSUPP; + } + if (match.mask->ingress_ifindex != 0xFFFFFFFF) { NL_SET_ERR_MSG_MOD(f->common.extack, "Unsupported ingress ifindex mask"); diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c index e95414ef1f04..1b0906cb57ef 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c @@ -2587,6 +2587,12 @@ static int mlx5e_flower_parse_meta(struct net_device *filter_dev, return 0; flow_rule_match_meta(rule, &match); + + if (match.mask->l2_miss) { + NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on \"l2_miss\""); + return -EOPNOTSUPP; + } + if (!match.mask->ingress_ifindex) return 0; diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c index 594cdcb90b3d..6fec9223250b 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c @@ -294,6 +294,12 @@ static int mlxsw_sp_flower_parse_meta(struct mlxsw_sp_acl_rule_info *rulei, return 0; flow_rule_match_meta(rule, &match); + + if (match.mask->l2_miss) { + NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on \"l2_miss\""); + return -EOPNOTSUPP; + } + if (match.mask->ingress_ifindex != 0xFFFFFFFF) { NL_SET_ERR_MSG_MOD(f->common.extack, "Unsupported ingress ifindex mask"); return -EINVAL; diff --git a/drivers/net/ethernet/mscc/ocelot_flower.c b/drivers/net/ethernet/mscc/ocelot_flower.c index ee052404eb55..e0916afcddfb 100644 --- a/drivers/net/ethernet/mscc/ocelot_flower.c +++ b/drivers/net/ethernet/mscc/ocelot_flower.c @@ -592,6 +592,16 @@ ocelot_flower_parse_key(struct ocelot *ocelot, int port, bool ingress, return -EOPNOTSUPP; } + if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_META)) { + struct flow_match_meta match; + + flow_rule_match_meta(rule, &match); + if (match.mask->l2_miss) { + NL_SET_ERR_MSG_MOD(extack, "Can't match on \"l2_miss\""); + return -EOPNOTSUPP; + } + } + /* For VCAP ES0 (egress rewriter) we can match on the ingress port */ if (!ingress) { ret = ocelot_flower_parse_indev(ocelot, port, f, filter); From patchwork Mon May 29 11:48:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258470 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CF00B746A for ; Mon, 29 May 2023 11:50:10 +0000 (UTC) Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2076.outbound.protection.outlook.com [40.107.237.76]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D2AE9B for ; Mon, 29 May 2023 04:50:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WT1Sch4Rrr7kMFRMZpl95UTjLeD/tsxQBnPRM8FHAkTwAuxVLZwrS5aR5HPw8LhvvaG6mu/9HG1upBxoHB9R3ebk83sERkAB0hREb0LD3i77NOxVumhtIFz/ZnTty6K2POHyxNsWcmjcC0gCSGlOaqQ5fmh+1WVwIQQ+XPVbBYgOfbPbhV8xoEnapWafTT8Oq089tdzT3hlWduxh/6I8fZ4FP2xLF8red+BUsMAqvyNOuOma/+ZL62W2u9iVOL6WJk4A88IU4QiXq2fvHpe9pf6lzvjaRgIJab32CUvVO7wKTSnjIU9bVtQuaB5tTSPFoxLExAePfJIYTqNnDOH6TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VSdU3zwmLDiO+kyAaRsEdMZsXlHWLaaAmuYA+aih/7U=; b=OeHBEGDOzazBRXjGi5XaQOV6Eu0v/QrSAbprae6W3CrOtPrxX4Zzb0RqFDTmDFjNGA0b3P1l3tfpoZzsIb74huSroaqd//eyeBczOoQRSYeNHP1uJGgshf5GJwEYH9eiACpfYYdu5TdwlaApb6hWEoqshngcC0vUQPxSQWE2ykLhTCwAOtnZDz2vY3kzt6LDpE50JeBMpdbTEzNscNUFPTXOfV0xvuVz7h/TW3P9zJDS21AwEUi0KUFG5B+Nz6Ql0xWfq4gwxymia/VBQ2WdFA3zXMSvmR2kzgkDMizr9FQOcm89wBS5LPDCkptkYPHc0L6UD7iTxz19qrk8Sc404A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VSdU3zwmLDiO+kyAaRsEdMZsXlHWLaaAmuYA+aih/7U=; b=Mc1tYqsUuU/w9CfsCldpTCd4hdA8ncJrauRQ34SqY3HFhcHQwZLHfZ6hNIjJQgmaKdxbMh20aknuigB5SOZzv4WOZtBPdtugsh6CXT9RU8HSMNadMCv9GB4ADUzYmFCokX29t8cSItMzVUI0eWAsL9RKV7EJdIDiGms9We+55/wayWppYN0VlzHIp2QjbGXyj0aHh2TzulQHVBsYNMz+pdxtbZ+yCu1o97ENxml5GvX29IMkds7bEIg9qdANLQzEQth2O94SqW3pAMj1N+sh6K8BLIFE186HMAIj4g6800FlAxy2l/RExZ5i55dWU6GmSijikEuUNZMDIyM/y+aadw== Received: from DS7PR03CA0135.namprd03.prod.outlook.com (2603:10b6:5:3b4::20) by SA3PR12MB8763.namprd12.prod.outlook.com (2603:10b6:806:312::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:50:07 +0000 Received: from DM6NAM11FT039.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b4:cafe::30) by DS7PR03CA0135.outlook.office365.com (2603:10b6:5:3b4::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23 via Frontend Transport; Mon, 29 May 2023 11:50:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT039.mail.protection.outlook.com (10.13.172.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:50:07 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:49:54 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:49:48 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 5/8] mlxsw: spectrum_flower: Split iif parsing to a separate function Date: Mon, 29 May 2023 14:48:32 +0300 Message-ID: <20230529114835.372140-6-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT039:EE_|SA3PR12MB8763:EE_ X-MS-Office365-Filtering-Correlation-Id: 57489f9b-32dd-47c9-39ce-08db603ad951 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jBhAwmeXVeABhhK/rfFy7a7NE9k1d9fVJ3rE3KAnLOKhf32I5RDtPSlbIjOG29SvEKtpm2pF7HFjzDT6Lf0kKVtpOGgSYWEMVfLceylPkyzEtoiv5k0kLUyIGmwTTXh6GaXFA6qkFuZWE24QTxKh6C19M50/3yPCe2wj4jXBxc7ElV/bISjRsTQ6Hi5Cr2wNY+gsDEzWVNvxrqbvJ9emOdmRgLWP4fCKHei9uQQPPP4ujqcPidSuVclSvFFDJeM/Pk9K7dj6UnBe67yLw+9gfjrdkczX8JlS6WjsKXlM/g99WYTEGZBOIlu/O1APBUVZ4o6cX2P3hA7M3Lg757vtfUgaysL2gh2ntrmMAmX0WhKs7wit5xIY9ddW4QQFwB5GBWTy7lvo/wtymnQSsMuhnNJgBeP2+sCtof3UwhC69ZtCYrc8GcQD/u8xNNZGRjErXXBZ0Ru/5AHNrtzSbXIAeIfU4SxZARnR3sFviiDEVnbqq6thFCXgX1cgkN9hdr8p1LMehKy29Z22Srx6FSK68yi5qKWj03fuOb+1MR0WcVnNbLQtP/kYfsvxpE1+GP4F46hKNisYSOITsPxK3BtOsi9z/N3PfdvvKg4bpQmwBMguw39Gps1TZW2SWuVqTwyM3qw9Y/HBkuyaZusJ0cTlaAdShgCdHEeHTMfztTdelvlMjcH00FPZres2npRf77Ue9q4y6QK+Q8qcfDlwcwNLEqMHZKmbsdrSRFLWaUtKH1DwcokpyT6s908CuMIjWa6w X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(136003)(39860400002)(346002)(376002)(396003)(451199021)(46966006)(36840700001)(40470700004)(82310400005)(86362001)(41300700001)(40480700001)(40460700003)(4326008)(6666004)(316002)(7416002)(36756003)(70206006)(70586007)(107886003)(36860700001)(5660300002)(16526019)(186003)(478600001)(2906002)(1076003)(26005)(2616005)(47076005)(83380400001)(426003)(336012)(54906003)(8676002)(8936002)(82740400003)(356005)(7636003)(110136005);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:50:07.1999 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 57489f9b-32dd-47c9-39ce-08db603ad951 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT039.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB8763 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Currently, mlxsw only supports the 'ingress_ifindex' field in the 'FLOW_DISSECTOR_KEY_META' key, but subsequent patches are going to add support for the 'l2_miss' field as well. Split the parsing of the 'ingress_ifindex' field to a separate function to avoid nesting. No functional changes intended. Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * New patch. .../ethernet/mellanox/mlxsw/spectrum_flower.c | 54 +++++++++++-------- 1 file changed, 33 insertions(+), 21 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c index 6fec9223250b..2b0bae847eb9 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c @@ -281,45 +281,35 @@ static int mlxsw_sp_flower_parse_actions(struct mlxsw_sp *mlxsw_sp, return 0; } -static int mlxsw_sp_flower_parse_meta(struct mlxsw_sp_acl_rule_info *rulei, - struct flow_cls_offload *f, - struct mlxsw_sp_flow_block *block) +static int +mlxsw_sp_flower_parse_meta_iif(struct mlxsw_sp_acl_rule_info *rulei, + const struct mlxsw_sp_flow_block *block, + const struct flow_match_meta *match, + struct netlink_ext_ack *extack) { - struct flow_rule *rule = flow_cls_offload_flow_rule(f); struct mlxsw_sp_port *mlxsw_sp_port; struct net_device *ingress_dev; - struct flow_match_meta match; - - if (!flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_META)) - return 0; - - flow_rule_match_meta(rule, &match); - if (match.mask->l2_miss) { - NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on \"l2_miss\""); - return -EOPNOTSUPP; - } - - if (match.mask->ingress_ifindex != 0xFFFFFFFF) { - NL_SET_ERR_MSG_MOD(f->common.extack, "Unsupported ingress ifindex mask"); + if (match->mask->ingress_ifindex != 0xFFFFFFFF) { + NL_SET_ERR_MSG_MOD(extack, "Unsupported ingress ifindex mask"); return -EINVAL; } ingress_dev = __dev_get_by_index(block->net, - match.key->ingress_ifindex); + match->key->ingress_ifindex); if (!ingress_dev) { - NL_SET_ERR_MSG_MOD(f->common.extack, "Can't find specified ingress port to match on"); + NL_SET_ERR_MSG_MOD(extack, "Can't find specified ingress port to match on"); return -EINVAL; } if (!mlxsw_sp_port_dev_check(ingress_dev)) { - NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on non-mlxsw ingress port"); + NL_SET_ERR_MSG_MOD(extack, "Can't match on non-mlxsw ingress port"); return -EINVAL; } mlxsw_sp_port = netdev_priv(ingress_dev); if (mlxsw_sp_port->mlxsw_sp != block->mlxsw_sp) { - NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on a port from different device"); + NL_SET_ERR_MSG_MOD(extack, "Can't match on a port from different device"); return -EINVAL; } @@ -327,9 +317,31 @@ static int mlxsw_sp_flower_parse_meta(struct mlxsw_sp_acl_rule_info *rulei, MLXSW_AFK_ELEMENT_SRC_SYS_PORT, mlxsw_sp_port->local_port, 0xFFFFFFFF); + return 0; } +static int mlxsw_sp_flower_parse_meta(struct mlxsw_sp_acl_rule_info *rulei, + struct flow_cls_offload *f, + struct mlxsw_sp_flow_block *block) +{ + struct flow_rule *rule = flow_cls_offload_flow_rule(f); + struct flow_match_meta match; + + if (!flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_META)) + return 0; + + flow_rule_match_meta(rule, &match); + + if (match.mask->l2_miss) { + NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on \"l2_miss\""); + return -EOPNOTSUPP; + } + + return mlxsw_sp_flower_parse_meta_iif(rulei, block, &match, + f->common.extack); +} + static void mlxsw_sp_flower_parse_ipv4(struct mlxsw_sp_acl_rule_info *rulei, struct flow_cls_offload *f) { From patchwork Mon May 29 11:48:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258471 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2F1DD746A for ; Mon, 29 May 2023 11:50:16 +0000 (UTC) Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on20606.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eb2::606]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E6E339B for ; Mon, 29 May 2023 04:50:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZzHeFU6Pk3rt5hqcyZn+KuloqkyXfJcGld1Vm4TV2u6fjrIRC2gqRg92TZQVXelB+uYtopq4QyVwlv1dtb4o+vieDlWF2T13sGFzBv8cZ3AODw/nHpHEtbRvR/MS7sFFRG07TeW/hwsxFSO6BtP7ItcgsiDVhI54sR9VAk1wK5LXMMeSISQJGbEfauGGD6kaZB4fH6w3LV0v5fuli+5dYdftbq0X/UNYrVmuGF5yeiveDlHJNXuEgRaC9RErrJHSMzfd9seZ22+vaE3OXFC3L5moSl24jS690608gHfMQ8zO+7/CnGVJ4OUxFkQi+GHc2q4gkSe/WZdTZcdsPCfknQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pCuNlmQ0Y+rlYqtiEwRxPujaPtzLQLWlpsV08N4GMOk=; b=jweztk2nda+YdVrsZOakP8RtCKVzemyb8PAZsBnNKX1fMSm6eRRjKJ1K3D+pRU3HIAJEWxeYP/+UUBjtK0X0FJqXkgRngPi/RME5cmBVtITD3GsVpenLwjNr9yjo3nmhz9l/Vg/GYpRQk9+RetCCkE4FgUygfgnhpToauvHhl3qAZUNLjHRiMAT0zSG+KbgWojjacnqstVH50UGqAy9e0j9+xvaWuV7Mb+ViHSPVp6wwnmhArfHzJwrvD6xTYMqoThtPn13fq1uH83h4c5HPs4X1WpHenEdKcUE9xZXegYEpklDuuYmvHz4IYFRNIklK/I3m+rcUC9MhKOwfmm5N7A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pCuNlmQ0Y+rlYqtiEwRxPujaPtzLQLWlpsV08N4GMOk=; b=EFGsWBVAwZqd9fFLXAP7dEdobuvRRtmmnYYk6fxqaQkMRRFaF58BXe6WsPOoiZq3t7X6zlpFszvLQFkBJvi0ZjMGq5d5oj7ZY2mdZvsKAbtoojxVCyI/l4MbYt3GJxCYBAy/XCgkmMTIHW8tLaI597YSikfT90y67tq/3jeyu95Qd7HQeVSY7IX0X/q5dAQioqdjdLYrtyXv9GvgBbZ+7CqjT/PISpVQmAzYJG/7iKwPNhWjNQJwMux8t7qbQHaJFiQSw7gQeqMM4gpSVsFTW5T4JL4B3Vjd3nJXImYCFHAOMtRBYgQJ2kPrlYHCBCFkGd5BnmnkzRTM8ZHF+rGb/A== Received: from DM6PR05CA0040.namprd05.prod.outlook.com (2603:10b6:5:335::9) by DM4PR12MB6373.namprd12.prod.outlook.com (2603:10b6:8:a4::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:50:12 +0000 Received: from DM6NAM11FT036.eop-nam11.prod.protection.outlook.com (2603:10b6:5:335:cafe::62) by DM6PR05CA0040.outlook.office365.com (2603:10b6:5:335::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:50:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT036.mail.protection.outlook.com (10.13.172.64) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:50:12 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:50:00 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:49:54 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 6/8] mlxsw: spectrum_flower: Do not force matching on iif Date: Mon, 29 May 2023 14:48:33 +0300 Message-ID: <20230529114835.372140-7-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT036:EE_|DM4PR12MB6373:EE_ X-MS-Office365-Filtering-Correlation-Id: 709638a7-c7df-4df5-670a-08db603adc38 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: F7k5mFEOks2Ha9Jv5s09r1iOfpRzxYhtMIMuBGMeXoOLizQOX4iHCopTj4PLsgIdVixi++f3H9+wq2NCzahALUC8IjPKF1+iMvZ3qSzjuluUfqCPl4zK6FUgeOMruGBIQo27CDpAHFGECS/CxNYbhgb62JRoNPLqnzhKMOe7+Sp7m708buX9jAoxGGjZcvuBt+5tlbJAsA6PFAVuKa06afzht57SaNfqHZJky6/IvPijIjDmcsYxWpoCGGPf/MrJHKLsxW2wlNjWgtcsx1iUS2ypPxY+mNAK1s/J+vUb7I71PBdplM30tk6GYyWwngMCJsKvRYrnYupqbGSIElcNwTKyUMDr3aVZi9yiEbncItZP7BlpeVMzi+Quvi1dCyYaUVG+4/YD0jlBi/tUngOtCDLUaENgYMlFsbVnInnVrVXecQmtrO6oldy4A/SAAE+PGB5A2KSwzQd+cwqm3l1GPsyBMh52FTjpPC9FsInYodyICrrQxiZr9V46UBSwTCpdKdgT9N3C5byEmKmCaa9TSRsNwc9U5fGx59oqAh64jfcGI2mKZ7luzHZ08vQUVXaTiLGYAIJr8di5kwXcCiOtVu3wM7jd2eMDk9Bs3tNH6dbretEj93iw7xMXX2COoXpqSQF93BSv24iHUIDriMIE4L4f+NCPtDlzeFgW4idrtE4SAMgwEzI4ROVDAN+uJAlI3ItAo+U3A3iC0Arx6NIH6qDcxYubg+qoWgSEAfw12WgOgL8VdFtaD59mVw+pQCum X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(136003)(346002)(396003)(39860400002)(376002)(451199021)(40470700004)(36840700001)(46966006)(186003)(2906002)(2616005)(54906003)(110136005)(26005)(426003)(336012)(478600001)(1076003)(16526019)(47076005)(40460700003)(36860700001)(86362001)(8936002)(7636003)(82740400003)(356005)(41300700001)(8676002)(40480700001)(5660300002)(70586007)(36756003)(70206006)(6666004)(316002)(82310400005)(107886003)(7416002)(4326008);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:50:12.0704 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 709638a7-c7df-4df5-670a-08db603adc38 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT036.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6373 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, SPF_HELO_PASS,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Currently, mlxsw only supports the 'ingress_ifindex' field in the 'FLOW_DISSECTOR_KEY_META' key, but subsequent patches are going to add support for the 'l2_miss' field as well. It is valid to only match on 'l2_miss' without 'ingress_ifindex', so do not force matching on it. Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * New patch. drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c index 2b0bae847eb9..9c62c12e410b 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c @@ -290,6 +290,9 @@ mlxsw_sp_flower_parse_meta_iif(struct mlxsw_sp_acl_rule_info *rulei, struct mlxsw_sp_port *mlxsw_sp_port; struct net_device *ingress_dev; + if (!match->mask->ingress_ifindex) + return 0; + if (match->mask->ingress_ifindex != 0xFFFFFFFF) { NL_SET_ERR_MSG_MOD(extack, "Unsupported ingress ifindex mask"); return -EINVAL; From patchwork Mon May 29 11:48:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258472 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 15CD36FAA for ; Mon, 29 May 2023 11:50:21 +0000 (UTC) Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2057.outbound.protection.outlook.com [40.107.244.57]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CBF359B for ; Mon, 29 May 2023 04:50:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LVkj/KyTzdZn0rwn1jXOG/YKqaA9gJM5X7Sst95xSkUV8FXLhAm2UbC+P4RN+kIKqR7GS1EWW6/+kK3nOE4BgIy2RzJujX2EjCZoWSYxbx11c8fQ8nZKCigq/bDxI1PJRABOkgZB0ZAZ1hi97+wRXfnO6szmvEvfErOwIxQmt8Hh7aHEIAlnCoCaptxCO6nBPZZLUgN8GfohTgkWuS+OZLCqZISvObv8blbSnUjclsdiTt9JcFuoQB/n6/bHStLStxEAVWPGxFve6yn7RVsKpT5enG5SfItv9Uc8i/cZve4GgzEzTT0fhKSKxXwIoxW9nLQztkMFO+XkiTTd/lJffw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iYPpTZT3J06CTnlaPDCVlgNtqXiZsHdB+f4WN4iRJRc=; b=QThYMA9SJEFZvsn0Cw7/te/KTi59pj2YXjHa7IGc8qXyMycoZAc0lVNetnJRVTnIJP1i2IM137H0Iwc1EZNogLpHkd5YCnZW5bhVU9mZMOZ6TooXSx7ckc8mafeRzV4vEsgeLPKtQpmGILN4jxovL+wuXrfVccPEcTJYUnDIdoRat+1aoLhvxt1kGIjlGhMXlJbmd61JimdCNhStAuc/ab6INwBrMqLHgz4pj/15xi18lfSBYT9Man24OwFCUJ5yzzkeVAI9yx1vthxxt3401336utnszdjTkKToYyuoqHKjNO84x5LClbicOPW1jGHMotUlZT6H5yJlZ74gNG/UYQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iYPpTZT3J06CTnlaPDCVlgNtqXiZsHdB+f4WN4iRJRc=; b=QdUyW7a9s1lmvB4PW/kYIl/3TGzq8HtWldO0Uyr+BQ4k95R13tDQlkY7efZuJQTLNEkh72w+vOYwOO6fS96GslNE/pKxhMH80xlxe08pkpWKvxyJpFnO735S8DVInjIW4XngPNwcCeyyjpa7A0kLbrm9A6kPdh3Vc+CBYxOpWAMdc3Al/8xj54FEAdGlixUHr+4oBTtbM7qDzaf5XW/HxEjJXIaSYI/xW0RBbazxK8yyDDS3Y/r9L+YumDiwydF4lUkVsLFyzXDchTp4yRbXYTJDQrlEmpHjeAeYVXNc8xCfVYGzAHRfxlWYIThTBJHCPNNsO+VwSY2Q/Mv2B0+7iA== Received: from DM6PR11CA0057.namprd11.prod.outlook.com (2603:10b6:5:14c::34) by SJ2PR12MB8717.namprd12.prod.outlook.com (2603:10b6:a03:53d::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23; Mon, 29 May 2023 11:50:17 +0000 Received: from DM6NAM11FT044.eop-nam11.prod.protection.outlook.com (2603:10b6:5:14c:cafe::24) by DM6PR11CA0057.outlook.office365.com (2603:10b6:5:14c::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23 via Frontend Transport; Mon, 29 May 2023 11:50:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT044.mail.protection.outlook.com (10.13.173.185) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.20 via Frontend Transport; Mon, 29 May 2023 11:50:17 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:50:06 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:50:00 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 7/8] mlxsw: spectrum_flower: Add ability to match on layer 2 miss Date: Mon, 29 May 2023 14:48:34 +0300 Message-ID: <20230529114835.372140-8-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT044:EE_|SJ2PR12MB8717:EE_ X-MS-Office365-Filtering-Correlation-Id: dbe8bbca-cb61-4b06-186b-08db603adf55 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: pk51sHYLPVytYiedQjd29ooPkuj0xYqs9oRV0zNGHSj/qJqPAkrx6o7l1qN/19YwsnkWb5/bbeo0nQmjsQKK8rr5O7Bnl8BoMN4D/PffZTKkvmaVFciH7dnoyvCLzVG+FOpHTxKM9eDb7jVHn3UbxsokrWNlfRS4zboqZVktMtp4c4hsFu3AjlWea8f5cqOonBDwx61DMmVIbHm6v+6uxccsnKRZX01J8NWvJzLZn5lQF24bQbuI8CtgdvZuLHWHU33YhZC9ZIKhCSWD0LSiKCkjDJq02MnlbEzAf2Ogf5SAmGd19tgupJYr4F73MGmGaQf5cGVO8sNAeCTlQFoiSreMW1yMp/MhWv3bBflS0UkjV9oLakRfHmZAf0KYy0HMKUuigtu1CO62bHgoIfvUC1WCsVsN4vVS8+Bt5bpUAedaqSTJiMVioyhTmehHTL6/Mw5Zye3q8n8jJbrV8FTLY94fEHxcupYFMpyyXmoPkQAmmV2kbi44iu2jXv72jSLyXH+96OhgWlGfja+tAFAmsC3y3jaY8mu0kKTY1Gjeb/juAKMfCOqaBVF96BQh2wrPG3T6OOcrpDOwovMQeT8rDOMmL/C7KK+xS+5HVZwOw6I/hVZ0VX6opuRu/klKRRKj7iUhPyCfItWsSKeed1hEiZ2iqM6sMPn4o667keBkMZ7PtQA+4pWNCoSmu0ZidpyT4qyCVtw9XL9efLzJNYU8I1oQF+8Fa0oWTkvoPsuS1mbaKkz75smEgL6AivDXLfn5 X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(136003)(346002)(376002)(396003)(39860400002)(451199021)(40470700004)(36840700001)(46966006)(186003)(1076003)(16526019)(26005)(316002)(6666004)(2906002)(40480700001)(40460700003)(5660300002)(107886003)(41300700001)(36756003)(7416002)(8676002)(8936002)(478600001)(82740400003)(7636003)(356005)(36860700001)(54906003)(426003)(336012)(4326008)(110136005)(82310400005)(86362001)(66574015)(47076005)(2616005)(83380400001)(70586007)(70206006);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:50:17.2916 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: dbe8bbca-cb61-4b06-186b-08db603adf55 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT044.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8717 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Add the 'fdb_miss' key element to supported key blocks and make use of it to match on layer 2 miss. The key is only supported on Spectrum-{2,3,4}. An error is returned for Spectrum-1 since the key element is not present in any of its key blocks. Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * Use 'fdb_miss' key element instead of 'dmac_type'. drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c | 1 + drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.h | 3 ++- .../net/ethernet/mellanox/mlxsw/spectrum_acl_flex_keys.c | 2 ++ drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c | 6 ++---- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c b/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c index bd1a51a0a540..f0b2963ebac3 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c +++ b/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c @@ -42,6 +42,7 @@ static const struct mlxsw_afk_element_info mlxsw_afk_element_infos[] = { MLXSW_AFK_ELEMENT_INFO_BUF(DST_IP_64_95, 0x34, 4), MLXSW_AFK_ELEMENT_INFO_BUF(DST_IP_32_63, 0x38, 4), MLXSW_AFK_ELEMENT_INFO_BUF(DST_IP_0_31, 0x3C, 4), + MLXSW_AFK_ELEMENT_INFO_U32(FDB_MISS, 0x40, 0, 1), }; struct mlxsw_afk { diff --git a/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.h b/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.h index 3a037fe47211..65a4abadc7db 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.h +++ b/drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.h @@ -35,6 +35,7 @@ enum mlxsw_afk_element { MLXSW_AFK_ELEMENT_IP_DSCP, MLXSW_AFK_ELEMENT_VIRT_ROUTER_MSB, MLXSW_AFK_ELEMENT_VIRT_ROUTER_LSB, + MLXSW_AFK_ELEMENT_FDB_MISS, MLXSW_AFK_ELEMENT_MAX, }; @@ -69,7 +70,7 @@ struct mlxsw_afk_element_info { MLXSW_AFK_ELEMENT_INFO(MLXSW_AFK_ELEMENT_TYPE_BUF, \ _element, _offset, 0, _size) -#define MLXSW_AFK_ELEMENT_STORAGE_SIZE 0x40 +#define MLXSW_AFK_ELEMENT_STORAGE_SIZE 0x44 struct mlxsw_afk_element_inst { /* element instance in actual block */ enum mlxsw_afk_element element; diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_flex_keys.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_flex_keys.c index 00c32320f891..4dea39f2b304 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_flex_keys.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_flex_keys.c @@ -123,10 +123,12 @@ const struct mlxsw_afk_ops mlxsw_sp1_afk_ops = { }; static struct mlxsw_afk_element_inst mlxsw_sp_afk_element_info_mac_0[] = { + MLXSW_AFK_ELEMENT_INST_U32(FDB_MISS, 0x00, 3, 1), MLXSW_AFK_ELEMENT_INST_BUF(DMAC_0_31, 0x04, 4), }; static struct mlxsw_afk_element_inst mlxsw_sp_afk_element_info_mac_1[] = { + MLXSW_AFK_ELEMENT_INST_U32(FDB_MISS, 0x00, 3, 1), MLXSW_AFK_ELEMENT_INST_BUF(SMAC_0_31, 0x04, 4), }; diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c index 9c62c12e410b..72917f09e806 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c @@ -336,10 +336,8 @@ static int mlxsw_sp_flower_parse_meta(struct mlxsw_sp_acl_rule_info *rulei, flow_rule_match_meta(rule, &match); - if (match.mask->l2_miss) { - NL_SET_ERR_MSG_MOD(f->common.extack, "Can't match on \"l2_miss\""); - return -EOPNOTSUPP; - } + mlxsw_sp_acl_rulei_keymask_u32(rulei, MLXSW_AFK_ELEMENT_FDB_MISS, + match.key->l2_miss, match.mask->l2_miss); return mlxsw_sp_flower_parse_meta_iif(rulei, block, &match, f->common.extack); From patchwork Mon May 29 11:48:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ido Schimmel X-Patchwork-Id: 13258473 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 86DF76ABA for ; Mon, 29 May 2023 11:50:29 +0000 (UTC) Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2052.outbound.protection.outlook.com [40.107.243.52]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B2DD9B for ; Mon, 29 May 2023 04:50:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e3Phv0WAU9yXBmKRSZJzeFIsHTUxzqrWsKXiOwcFaKgTxdQPn/WaeLiqIJC9Am0gf4aToI8aYp1La+RhOAW2JlNJ4He3V2A5HVpuPDxQMbjMVzsmuxdFXF7ZjLs01p3ggJCBDO0iTETn+iHxOrBNPkPT5fRQ8cBL1D7atlObQKVu2LRnWWPR36rmpmGWxpZxXvGu+3hWjmuM5CPCPO/8TZuwPhwG63zVyX5VAx9c/7Kj2QEYYarYxziaABul90TSQJkdyoYYNA2r5MawGuOpeNz78ylGO9KrsB5fh6291e+GTKWkQvYxPy9ETY31yKO5s/hGt94iy70Mhv5iMFExPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nK99uMrv9P8CIuuJekSyubcmF0WnQsRK0fw00oTHym4=; b=BxIqzWPEOfT0L3iFrp7PBtbT+9N9VpiR0+yoNgWD++lpO2oy3lS/eg3ujypoC28qtOyWf0PSY9WvFu4WJZzDfCOiDWxmiXcM2QF6efn+HGeTOLUqiaDY0IVDFIFr1rKXE21dy4c6TOX4ihQWA1Hp42PXhQe6Mje8qZ6nWxJ/+RTVbEbbZ3P0tCZnIuar6p8S4Lsgm5AB9cdLo3cZ34LN+fc21H5ZT5PXxdQ3diLtfQgEQSSRZ51o520xggRjjwrbA1jI1mtE9I6pc4huEH9fIre/VLJMdDJRWM3ChEpXMK6kU3mW4mXYwkEYjKQ53ugzod7VySf4LwmKQNEPeOM7Cw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nK99uMrv9P8CIuuJekSyubcmF0WnQsRK0fw00oTHym4=; b=h1of+dFHcC3jOE8EuDXrjLcIlrhbbiCc/2vjaj2+WwbZxdEClWi6IhkGP8bWf1HXqd/IPTuYoYaDDgTEAoasH2MI7hg+ZhFdjARrIoy1oFlg1R9cUlQlE+FYz2EHF8oAmsb7P2K8O2wOUugGeSRXTfxYZty6zvWdatmoyfrLPYICmmql+JldHJUTWsoOx+GjMgXukrCYzlf+gsYnSd9ILywbTplOGWAmq3Q74wLla4+tw7QXC8DFft8cOJSRaIwOTPrdf1/4nPRE6UslS9MhyU45qsa1jZU8h1kERI+/0H/2YPu2cAU/FrdlXfEIHP1FbQg4OGHOY48lHvoPs+BcNw== Received: from DM6PR05CA0042.namprd05.prod.outlook.com (2603:10b6:5:335::11) by SN7PR12MB6839.namprd12.prod.outlook.com (2603:10b6:806:265::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.22; Mon, 29 May 2023 11:50:23 +0000 Received: from DM6NAM11FT036.eop-nam11.prod.protection.outlook.com (2603:10b6:5:335:cafe::1a) by DM6PR05CA0042.outlook.office365.com (2603:10b6:5:335::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:50:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT036.mail.protection.outlook.com (10.13.172.64) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.21 via Frontend Transport; Mon, 29 May 2023 11:50:22 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 29 May 2023 04:50:12 -0700 Received: from dev-r-vrt-155.mtr.labs.mlnx (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 29 May 2023 04:50:06 -0700 From: Ido Schimmel To: , CC: , , , , , , , , , , , , , , , , , , Ido Schimmel Subject: [PATCH net-next v2 8/8] selftests: forwarding: Add layer 2 miss test cases Date: Mon, 29 May 2023 14:48:35 +0300 Message-ID: <20230529114835.372140-9-idosch@nvidia.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230529114835.372140-1-idosch@nvidia.com> References: <20230529114835.372140-1-idosch@nvidia.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail202.nvidia.com (10.129.68.7) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT036:EE_|SN7PR12MB6839:EE_ X-MS-Office365-Filtering-Correlation-Id: 1e7a91fb-4f22-4909-0f7e-08db603ae2b6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 80V5u8mypkU+OEBkfdzjOsIgQe6y1OmhfoP/nw1nimRVtbkP+MISYS+bHIBk6mvFdLL3DtQHHa6x5TqnedZTtkeaJwLWHsWfbdvCyGlyNYWKuNHFdYSUVQUw6CleVhhsb403mRt1JdIGe5aU0y5SvEgBO2UYueNCSrZ7tQNDl+yQpPeTEu1VApWYCptOJooxeu591Wofoz+KqvZly0PHAk4QmJWn+NQvMISXihWAq1gC894LLB6raNslc4gF0Pva3rtVRoMtwM99ct+PGxvI208LSv9xlExsY+CbjCr13zk1VxIxchqQqRhM6PbsT2n9iDdz0BS2KoRR5gZ6kW1TgVYucUKyApoLKC9q/BrdJ2djXyTJa+M7CMyDh/cwfIBLIK5maYqlq3pN+Q4Mlad139APhKBmVba0fgSYLHhXIXaUP9whw3pGdhvkpkmBIjKrnfJ795fdeHtmwFkUHI7nPa7H1zrxYg+mJ+r286x4fD/AfZBGZhP991blDlmpAJ7H5WCCLfSNh7CNRv5/ZLSRtBYSEldy6x8HnjT+wdgRKzL6bibjagMa5XJlSTUcumpkQYfOZmHDAirhEsnzBaDYdJK7O40pgCWgyCFNl/mIfxM0Hrdt3al5OqlpVfRKE/XtrdQYUb3AapzsJnNTJ7LgLfQA8m+rUR+CnLHNmESDhJTZJOS8Bescin/2Pe63rZBy7xGmCOXlMm4y4JQJfDE0zOdXYFf0ysmb2SJlWKFtW50= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230028)(4636009)(376002)(39860400002)(136003)(346002)(396003)(451199021)(46966006)(40470700004)(36840700001)(40480700001)(356005)(7636003)(82740400003)(478600001)(36860700001)(47076005)(66574015)(2616005)(83380400001)(70586007)(70206006)(336012)(426003)(54906003)(110136005)(86362001)(4326008)(82310400005)(6666004)(30864003)(2906002)(16526019)(316002)(186003)(26005)(1076003)(41300700001)(7416002)(36756003)(5660300002)(107886003)(8936002)(8676002)(40460700003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 May 2023 11:50:22.9602 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1e7a91fb-4f22-4909-0f7e-08db603ae2b6 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT036.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6839 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Add test cases to verify that the bridge driver correctly marks layer 2 misses only when it should and that the flower classifier can match on this metadata. Example output: # ./tc_flower_l2_miss.sh TEST: L2 miss - Unicast [ OK ] TEST: L2 miss - Multicast (IPv4) [ OK ] TEST: L2 miss - Multicast (IPv6) [ OK ] TEST: L2 miss - Link-local multicast (IPv4) [ OK ] TEST: L2 miss - Link-local multicast (IPv6) [ OK ] TEST: L2 miss - Broadcast [ OK ] Signed-off-by: Ido Schimmel Reviewed-by: Nikolay Aleksandrov --- Notes: v2: * Test that broadcast does not hit miss filter. .../testing/selftests/net/forwarding/Makefile | 1 + .../net/forwarding/tc_flower_l2_miss.sh | 350 ++++++++++++++++++ 2 files changed, 351 insertions(+) create mode 100755 tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh diff --git a/tools/testing/selftests/net/forwarding/Makefile b/tools/testing/selftests/net/forwarding/Makefile index a474c60fe348..9d0062b542e5 100644 --- a/tools/testing/selftests/net/forwarding/Makefile +++ b/tools/testing/selftests/net/forwarding/Makefile @@ -83,6 +83,7 @@ TEST_PROGS = bridge_igmp.sh \ tc_chains.sh \ tc_flower_router.sh \ tc_flower.sh \ + tc_flower_l2_miss.sh \ tc_mpls_l2vpn.sh \ tc_police.sh \ tc_shblocks.sh \ diff --git a/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh b/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh new file mode 100755 index 000000000000..37b0369b5246 --- /dev/null +++ b/tools/testing/selftests/net/forwarding/tc_flower_l2_miss.sh @@ -0,0 +1,350 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +# +-----------------------+ +----------------------+ +# | H1 (vrf) | | H2 (vrf) | +# | + $h1 | | $h2 + | +# | | 192.0.2.1/28 | | 192.0.2.2/28 | | +# | | 2001:db8:1::1/64 | | 2001:db8:1::2/64 | | +# +----|------------------+ +------------------|---+ +# | | +# +----|-------------------------------------------------------------------|---+ +# | SW | | | +# | +-|-------------------------------------------------------------------|-+ | +# | | + $swp1 BR $swp2 + | | +# | +-----------------------------------------------------------------------+ | +# +----------------------------------------------------------------------------+ + +ALL_TESTS=" + test_l2_miss_unicast + test_l2_miss_multicast + test_l2_miss_ll_multicast + test_l2_miss_broadcast +" + +NUM_NETIFS=4 +source lib.sh +source tc_common.sh + +h1_create() +{ + simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64 +} + +h1_destroy() +{ + simple_if_fini $h1 192.0.2.1/28 2001:db8:1::1/64 +} + +h2_create() +{ + simple_if_init $h2 192.0.2.2/28 2001:db8:1::2/64 +} + +h2_destroy() +{ + simple_if_fini $h2 192.0.2.2/28 2001:db8:1::2/64 +} + +switch_create() +{ + ip link add name br1 up type bridge + ip link set dev $swp1 master br1 + ip link set dev $swp1 up + ip link set dev $swp2 master br1 + ip link set dev $swp2 up + + tc qdisc add dev $swp2 clsact +} + +switch_destroy() +{ + tc qdisc del dev $swp2 clsact + + ip link set dev $swp2 down + ip link set dev $swp2 nomaster + ip link set dev $swp1 down + ip link set dev $swp1 nomaster + ip link del dev br1 +} + +test_l2_miss_unicast() +{ + local dmac=00:01:02:03:04:05 + local dip=192.0.2.2 + local sip=192.0.2.1 + + RET=0 + + # Unknown unicast. + tc filter add dev $swp2 egress protocol ipv4 handle 101 pref 1 \ + flower indev $swp1 l2_miss true dst_mac $dmac src_ip $sip \ + dst_ip $dip action pass + # Known unicast. + tc filter add dev $swp2 egress protocol ipv4 handle 102 pref 1 \ + flower indev $swp1 l2_miss false dst_mac $dmac src_ip $sip \ + dst_ip $dip action pass + + # Before adding FDB entry. + $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 1 + check_err $? "Unknown unicast filter was not hit before adding FDB entry" + + tc_check_packets "dev $swp2 egress" 102 0 + check_err $? "Known unicast filter was hit before adding FDB entry" + + # Adding FDB entry. + bridge fdb replace $dmac dev $swp2 master static + + $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 1 + check_err $? "Unknown unicast filter was hit after adding FDB entry" + + tc_check_packets "dev $swp2 egress" 102 1 + check_err $? "Known unicast filter was not hit after adding FDB entry" + + # Deleting FDB entry. + bridge fdb del $dmac dev $swp2 master static + + $MZ $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 2 + check_err $? "Unknown unicast filter was not hit after deleting FDB entry" + + tc_check_packets "dev $swp2 egress" 102 1 + check_err $? "Known unicast filter was hit after deleting FDB entry" + + tc filter del dev $swp2 egress protocol ipv4 pref 1 handle 102 flower + tc filter del dev $swp2 egress protocol ipv4 pref 1 handle 101 flower + + log_test "L2 miss - Unicast" +} + +test_l2_miss_multicast_common() +{ + local proto=$1; shift + local sip=$1; shift + local dip=$1; shift + local mode=$1; shift + local name=$1; shift + + RET=0 + + # Unregistered multicast. + tc filter add dev $swp2 egress protocol $proto handle 101 pref 1 \ + flower indev $swp1 l2_miss true src_ip $sip dst_ip $dip \ + action pass + # Registered multicast. + tc filter add dev $swp2 egress protocol $proto handle 102 pref 1 \ + flower indev $swp1 l2_miss false src_ip $sip dst_ip $dip \ + action pass + + # Before adding MDB entry. + $MZ $mode $h1 -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 1 + check_err $? "Unregistered multicast filter was not hit before adding MDB entry" + + tc_check_packets "dev $swp2 egress" 102 0 + check_err $? "Registered multicast filter was hit before adding MDB entry" + + # Adding MDB entry. + bridge mdb replace dev br1 port $swp2 grp $dip permanent + + $MZ $mode $h1 -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 1 + check_err $? "Unregistered multicast filter was hit after adding MDB entry" + + tc_check_packets "dev $swp2 egress" 102 1 + check_err $? "Registered multicast filter was not hit after adding MDB entry" + + # Deleting MDB entry. + bridge mdb del dev br1 port $swp2 grp $dip + + $MZ $mode $h1 -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 2 + check_err $? "Unregistered multicast filter was not hit after deleting MDB entry" + + tc_check_packets "dev $swp2 egress" 102 1 + check_err $? "Registered multicast filter was hit after deleting MDB entry" + + tc filter del dev $swp2 egress protocol $proto pref 1 handle 102 flower + tc filter del dev $swp2 egress protocol $proto pref 1 handle 101 flower + + log_test "L2 miss - Multicast ($name)" +} + +test_l2_miss_multicast_ipv4() +{ + local proto="ipv4" + local sip=192.0.2.1 + local dip=239.1.1.1 + local mode="-4" + local name="IPv4" + + test_l2_miss_multicast_common $proto $sip $dip $mode $name +} + +test_l2_miss_multicast_ipv6() +{ + local proto="ipv6" + local sip=2001:db8:1::1 + local dip=ff0e::1 + local mode="-6" + local name="IPv6" + + test_l2_miss_multicast_common $proto $sip $dip $mode $name +} + +test_l2_miss_multicast() +{ + # Configure $swp2 as a multicast router port so that it will forward + # both registered and unregistered multicast traffic. + bridge link set dev $swp2 mcast_router 2 + + # Forwarding according to MDB entries only takes place when the bridge + # detects that there is a valid querier in the network. Set the bridge + # as the querier and assign it a valid IPv6 link-local address to be + # used as the source address for MLD queries. + ip link set dev br1 type bridge mcast_querier 1 + ip -6 address add fe80::1/64 nodad dev br1 + # Wait the default Query Response Interval (10 seconds) for the bridge + # to determine that there are no other queriers in the network. + sleep 10 + + test_l2_miss_multicast_ipv4 + test_l2_miss_multicast_ipv6 + + ip -6 address del fe80::1/64 dev br1 + ip link set dev br1 type bridge mcast_querier 0 + bridge link set dev $swp2 mcast_router 1 +} + +test_l2_miss_multicast_common2() +{ + local name=$1; shift + local dmac=$1; shift + local dip=224.0.0.1 + local sip=192.0.2.1 + +} + +test_l2_miss_ll_multicast_common() +{ + local proto=$1; shift + local dmac=$1; shift + local sip=$1; shift + local dip=$1; shift + local mode=$1; shift + local name=$1; shift + + RET=0 + + tc filter add dev $swp2 egress protocol $proto handle 101 pref 1 \ + flower indev $swp1 l2_miss true dst_mac $dmac src_ip $sip \ + dst_ip $dip action pass + + $MZ $mode $h1 -a own -b $dmac -t ip -A $sip -B $dip -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 1 + check_err $? "Filter was not hit" + + tc filter del dev $swp2 egress protocol $proto pref 1 handle 101 flower + + log_test "L2 miss - Link-local multicast ($name)" +} + +test_l2_miss_ll_multicast_ipv4() +{ + local proto=ipv4 + local dmac=01:00:5e:00:00:01 + local sip=192.0.2.1 + local dip=224.0.0.1 + local mode="-4" + local name="IPv4" + + test_l2_miss_ll_multicast_common $proto $dmac $sip $dip $mode $name +} + +test_l2_miss_ll_multicast_ipv6() +{ + local proto=ipv6 + local dmac=33:33:00:00:00:01 + local sip=2001:db8:1::1 + local dip=ff02::1 + local mode="-6" + local name="IPv6" + + test_l2_miss_ll_multicast_common $proto $dmac $sip $dip $mode $name +} + +test_l2_miss_ll_multicast() +{ + test_l2_miss_ll_multicast_ipv4 + test_l2_miss_ll_multicast_ipv6 +} + +test_l2_miss_broadcast() +{ + local dmac=ff:ff:ff:ff:ff:ff + local smac=00:01:02:03:04:05 + + RET=0 + + tc filter add dev $swp2 egress protocol all handle 101 pref 1 \ + flower l2_miss true dst_mac $dmac src_mac $smac \ + action pass + tc filter add dev $swp2 egress protocol all handle 102 pref 1 \ + flower l2_miss false dst_mac $dmac src_mac $smac \ + action pass + + $MZ $h1 -a $smac -b $dmac -c 1 -p 100 -q + + tc_check_packets "dev $swp2 egress" 101 0 + check_err $? "L2 miss filter was hit when should not" + + tc_check_packets "dev $swp2 egress" 102 1 + check_err $? "L2 no miss filter was not hit when should" + + tc filter del dev $swp2 egress protocol all pref 1 handle 102 flower + tc filter del dev $swp2 egress protocol all pref 1 handle 101 flower + + log_test "L2 miss - Broadcast" +} + +setup_prepare() +{ + h1=${NETIFS[p1]} + swp1=${NETIFS[p2]} + + swp2=${NETIFS[p3]} + h2=${NETIFS[p4]} + + vrf_prepare + h1_create + h2_create + switch_create +} + +cleanup() +{ + pre_cleanup + + switch_destroy + h2_destroy + h1_destroy + vrf_cleanup +} + +trap cleanup EXIT + +setup_prepare +setup_wait + +tests_run + +exit $EXIT_STATUS