From patchwork Mon Oct 2 15:44:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: edward.cree@amd.com X-Patchwork-Id: 13406402 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4FD8E1CFB0 for ; Mon, 2 Oct 2023 15:45:52 +0000 (UTC) Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2054.outbound.protection.outlook.com [40.107.220.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9C36FB3 for ; Mon, 2 Oct 2023 08:45:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fyGU7fVcALIVFNjF8jQYC1RScUJaayxsRWvtD3bdnzXq43qPZ3VC8T87wy2HvAd0ZeKWKLvBnYdVLKnDcudD9FnyZuBq/r1zLHHEQn+qS5ZuVOU0kYWuNoLKl6hRlju8TvUO3MtRM16U0xdarckubktEUnsr9UWHoAbcoCM/onNi4LvYJ+JaTFpBzllsZPKWc6ATmKYe329tLwY1P2n8LxvNdNyGZinD5tH6oa0uTlE1reh2id+tIGrR2t9/DCmSzPk2FTtHbTEpJymaraDOhQSod4/SNWNHMQ6/xuiq/0ojf78MHRU9nQvbjlXB8nB1ypg5VsLVnriBHqM8x7ARMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1geHowjXj6Lv22Qa2lehK62n7AKj++XdpsW9aNWzcBQ=; b=gi/CAn9nSR51c70XK9U2CBszpWdyyuogHAySw//XV0glrkH/caJxLcVlBaRUyI1xanpz4jQPMYjHzJnXI8/zvn2MHkN+d5qNOc7wtBZLDTQwoQmvqNVXs+AcGdCorWnkrIlDn91OykI9K4eJUQKtbmP5kRpJFKfcUNH2RIyZA5j97KYVrlDl7/Wkz8VrjpVhfbEJyWCbGMj33Vg4TXtSmUmaN7RniFm5DYiq7tBgilFR49G/o7XzPpsrxnxUfM3FNgP8hVg4sMRh/f1iU3l6MhF20tmDq0mWXSia8SBRs1npO3Di3xi9c9MrS3kXIoiQtnbHQBQvBmDnUz8hUXC8nQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=davemloft.net smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1geHowjXj6Lv22Qa2lehK62n7AKj++XdpsW9aNWzcBQ=; b=nCeK70wWoVJfsKEdq44yxtIeWDhmex0UTfBzjJY8CGGegVbNdvADWeC90OJzy2Z16XK2qFI1xskZd1Tx0IBN/9m5AOSX+ObQR2pMYVSKIZqVjoLG4RvfKoefn1xANsLHGEr52vHT7LC72BHJ/apILem1CiF25aR3KA5qoYu4MT8= Received: from DM6PR02CA0052.namprd02.prod.outlook.com (2603:10b6:5:177::29) by PH7PR12MB5974.namprd12.prod.outlook.com (2603:10b6:510:1d9::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.28; Mon, 2 Oct 2023 15:45:47 +0000 Received: from CY4PEPF0000EDD2.namprd03.prod.outlook.com (2603:10b6:5:177:cafe::c8) by DM6PR02CA0052.outlook.office365.com (2603:10b6:5:177::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.29 via Frontend Transport; Mon, 2 Oct 2023 15:45:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; pr=C Received: from SATLEXMB03.amd.com (165.204.84.17) by CY4PEPF0000EDD2.mail.protection.outlook.com (10.167.241.206) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 2 Oct 2023 15:45:46 +0000 Received: from SATLEXMB06.amd.com (10.181.40.147) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:44 -0500 Received: from SATLEXMB03.amd.com (10.181.40.144) by SATLEXMB06.amd.com (10.181.40.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:44 -0500 Received: from xcbecree41x.xilinx.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Mon, 2 Oct 2023 10:45:24 -0500 From: To: , , , , CC: Edward Cree , , , Subject: [PATCH net-next 1/4] sfc: support TC left-hand-side rules on foreign netdevs Date: Mon, 2 Oct 2023 16:44:41 +0100 Message-ID: <890f07cf815ae31e7cd5b37cafb72801791f1c75.1696261222.git.ecree.xilinx@gmail.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000EDD2:EE_|PH7PR12MB5974:EE_ X-MS-Office365-Filtering-Correlation-Id: a241344f-3063-446b-0083-08dbc35ea4ee X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yhXSCCCiH8DthMMA619UaxTUVb/Ij5X/SK6ietYZ0AwbNLbtEYHrbUx/SSFfgyWO4Zxu45lztf0w/ESSzLrGoNrB2ZQ81IAMhztmqh97p3u0ly479mPctQHDyBX+x3wqxFvxcDi7IeGEDvsIJ3xnU/7laCWbbjpfweYvdDRZsU3RUgW32ZsqCpxOGgS9hMzHfg7k5IE2mjYtLUye9+W3IFoX+WABSzgI/d0bqoK+1jHHE+29wNjsgHeLt9RoV3c9YMLpmIOnpKLBx1VpRZlwzhAq4IfqXjvNXleeuMUJaPLlI1yodWD7Dbg+Ow3/QAh5UB0adbWWIsmyUx5tfOzE8lP6P/uIoNXq7B2/ef5S6Eh99vj6kjpMa04nm7XrdnwC3iaGRCAejiReDKu8TuZ3IccWISfC7Qecen7AMX1ucMfTRxerVYMGRCFWu70IJBCRBTjwCjCshUxiTHmP4OnqXeLfJ97tITrs+OsgDQxewtP0DQyt0Ku6xZvBmWRXPgf2HzYGmVHyzpbEq4suuC1i0fKhl04KoGAzt44yncNwlzo16QECizd8gw4ZRLSaMyEtLYR9ttr2mCrDzHtfhZdC0Uv/to1jtUMvIbpileXoLDi6N0y32R5uxhUYk29Mmwl4FGlxIwMHWpHxdVUdFrEDyp752b1F9uGJuHmvdBNs3+kBtz1YLid3Dm265vEclY3xXJHZ/2xS178ZUsyMM5vuc4ZnUIl0dfWDp/CRD4wMQgwJOV3nt/kA6ys0FMnf8TFDZE8OPDZBCl+yciKRo12Nug== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(136003)(376002)(346002)(396003)(230922051799003)(186009)(82310400011)(451199024)(1800799009)(64100799003)(36840700001)(40470700004)(46966006)(26005)(70206006)(70586007)(110136005)(30864003)(2906002)(2876002)(8676002)(4326008)(5660300002)(316002)(54906003)(8936002)(41300700001)(9686003)(478600001)(6666004)(36860700001)(336012)(426003)(83380400001)(47076005)(82740400003)(81166007)(356005)(40460700003)(40480700001)(55446002)(36756003)(86362001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2023 15:45:46.3366 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a241344f-3063-446b-0083-08dbc35ea4ee X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000EDD2.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5974 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org From: Edward Cree Allow a tunnel netdevice (such as a vxlan) to offload conntrack lookups, in much the same way as efx netdevs. To ensure this rule does not overlap with other tunnel rules on the same sip,dip,dport tuple, register a pseudo encap match of a new type (EFX_TC_EM_PSEUDO_OR), which unlike PSEUDO_MASK may only be referenced once (because an actual Outer Rule in hardware exists, although its fw_id is not recorded in the encap match entry). Reviewed-by: Pieter Jansen van Vuuren Signed-off-by: Edward Cree --- drivers/net/ethernet/sfc/mae.c | 6 +- drivers/net/ethernet/sfc/tc.c | 213 +++++++++++++++++++++++++++++++++ drivers/net/ethernet/sfc/tc.h | 5 + 3 files changed, 222 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/sfc/mae.c b/drivers/net/ethernet/sfc/mae.c index c3e2b4a21d10..d1c8872efac9 100644 --- a/drivers/net/ethernet/sfc/mae.c +++ b/drivers/net/ethernet/sfc/mae.c @@ -1705,8 +1705,10 @@ static int efx_mae_insert_lhs_outer_rule(struct efx_nic *efx, /* action */ act = &rule->lhs_act; - MCDI_SET_DWORD(inbuf, MAE_OUTER_RULE_INSERT_IN_ENCAP_TYPE, - MAE_MCDI_ENCAP_TYPE_NONE); + rc = efx_mae_encap_type_to_mae_type(act->tun_type); + if (rc < 0) + return rc; + MCDI_SET_DWORD(inbuf, MAE_OUTER_RULE_INSERT_IN_ENCAP_TYPE, rc); /* We always inhibit CT lookup on TCP_INTERESTING_FLAGS, since the * SW path needs to process the packet to update the conntrack tables * on connection establishment (SYN) or termination (FIN, RST). diff --git a/drivers/net/ethernet/sfc/tc.c b/drivers/net/ethernet/sfc/tc.c index 834f000ba1c4..257bec75e952 100644 --- a/drivers/net/ethernet/sfc/tc.c +++ b/drivers/net/ethernet/sfc/tc.c @@ -642,6 +642,15 @@ static int efx_tc_flower_record_encap_match(struct efx_nic *efx, return -EEXIST; } break; + case EFX_TC_EM_PSEUDO_OR: + /* old EM corresponds to an OR that has to be unique + * (it must not overlap with any other OR, whether + * direct-EM or pseudo). + */ + NL_SET_ERR_MSG_FMT_MOD(extack, + "%s encap match conflicts with existing pseudo(OR) entry", + em_type ? "Pseudo" : "Direct"); + return -EEXIST; default: /* Unrecognised pseudo-type. Just say no */ NL_SET_ERR_MSG_FMT_MOD(extack, "%s encap match conflicts with existing pseudo(%d) entry", @@ -872,6 +881,93 @@ static bool efx_tc_rule_is_lhs_rule(struct flow_rule *fr, return false; } +/* A foreign LHS rule has matches on enc_ keys at the TC layer (including an + * implied match on enc_ip_proto UDP). Translate these into non-enc_ keys, + * so that we can use the same MAE machinery as local LHS rules (and so that + * the lhs_rules entries have uniform semantics). It may seem odd to do it + * this way round, given that the corresponding fields in the MAE MCDIs are + * all ENC_, but (a) we don't have enc_L2 or enc_ip_proto in struct + * efx_tc_match_fields and (b) semantically an LHS rule doesn't have inner + * fields so it's just matching on *the* header rather than the outer header. + * Make sure that the non-enc_ keys were not already being matched on, as that + * would imply a rule that needed a triple lookup. (Hardware can do that, + * with OR-AR-CT-AR, but it halves packet rate so we avoid it where possible; + * see efx_tc_flower_flhs_needs_ar().) + */ +static int efx_tc_flower_translate_flhs_match(struct efx_tc_match *match) +{ + int rc = 0; + +#define COPY_MASK_AND_VALUE(_key, _ekey) ({ \ + if (match->mask._key) { \ + rc = -EOPNOTSUPP; \ + } else { \ + match->mask._key = match->mask._ekey; \ + match->mask._ekey = 0; \ + match->value._key = match->value._ekey; \ + match->value._ekey = 0; \ + } \ + rc; \ +}) +#define COPY_FROM_ENC(_key) COPY_MASK_AND_VALUE(_key, enc_##_key) + if (match->mask.ip_proto) + return -EOPNOTSUPP; + match->mask.ip_proto = ~0; + match->value.ip_proto = IPPROTO_UDP; + if (COPY_FROM_ENC(src_ip) || COPY_FROM_ENC(dst_ip)) + return rc; +#ifdef CONFIG_IPV6 + if (!ipv6_addr_any(&match->mask.src_ip6)) + return -EOPNOTSUPP; + match->mask.src_ip6 = match->mask.enc_src_ip6; + memset(&match->mask.enc_src_ip6, 0, sizeof(struct in6_addr)); + if (!ipv6_addr_any(&match->mask.dst_ip6)) + return -EOPNOTSUPP; + match->mask.dst_ip6 = match->mask.enc_dst_ip6; + memset(&match->mask.enc_dst_ip6, 0, sizeof(struct in6_addr)); +#endif + if (COPY_FROM_ENC(ip_tos) || COPY_FROM_ENC(ip_ttl)) + return rc; + /* should really copy enc_ip_frag but we don't have that in + * parse_match yet + */ + if (COPY_MASK_AND_VALUE(l4_sport, enc_sport) || + COPY_MASK_AND_VALUE(l4_dport, enc_dport)) + return rc; + return 0; +#undef COPY_FROM_ENC +#undef COPY_MASK_AND_VALUE +} + +/* If a foreign LHS rule wants to match on keys that are only available after + * encap header identification and parsing, then it can't be done in the Outer + * Rule lookup, because that lookup determines the encap type used to parse + * beyond the outer headers. Thus, such rules must use the OR-AR-CT-AR lookup + * sequence, with an EM (struct efx_tc_encap_match) in the OR step. + * Return true iff the passed match requires this. + */ +static bool efx_tc_flower_flhs_needs_ar(struct efx_tc_match *match) +{ + /* matches on inner-header keys can't be done in OR */ + return match->mask.eth_proto || + match->mask.vlan_tci[0] || match->mask.vlan_tci[1] || + match->mask.vlan_proto[0] || match->mask.vlan_proto[1] || + memchr_inv(match->mask.eth_saddr, 0, ETH_ALEN) || + memchr_inv(match->mask.eth_daddr, 0, ETH_ALEN) || + match->mask.ip_proto || + match->mask.ip_tos || match->mask.ip_ttl || + match->mask.src_ip || match->mask.dst_ip || +#ifdef CONFIG_IPV6 + !ipv6_addr_any(&match->mask.src_ip6) || + !ipv6_addr_any(&match->mask.dst_ip6) || +#endif + match->mask.ip_frag || match->mask.ip_firstfrag || + match->mask.l4_sport || match->mask.l4_dport || + match->mask.tcp_flags || + /* nor can VNI */ + match->mask.enc_keyid; +} + static int efx_tc_flower_handle_lhs_actions(struct efx_nic *efx, struct flow_cls_offload *tc, struct flow_rule *fr, @@ -1354,6 +1450,119 @@ static int efx_tc_incomplete_mangle(struct efx_tc_mangler_state *mung, return 0; } +static int efx_tc_flower_replace_foreign_lhs(struct efx_nic *efx, + struct flow_cls_offload *tc, + struct flow_rule *fr, + struct efx_tc_match *match, + struct net_device *net_dev) +{ + struct netlink_ext_ack *extack = tc->common.extack; + struct efx_tc_lhs_rule *rule, *old; + enum efx_encap_type type; + int rc; + + if (tc->common.chain_index) { + NL_SET_ERR_MSG_MOD(extack, "LHS rule only allowed in chain 0"); + return -EOPNOTSUPP; + } + + if (!efx_tc_match_is_encap(&match->mask)) { + /* This is not a tunnel decap rule, ignore it */ + netif_dbg(efx, drv, efx->net_dev, "Ignoring foreign LHS filter without encap match\n"); + return -EOPNOTSUPP; + } + + if (efx_tc_flower_flhs_needs_ar(match)) { + NL_SET_ERR_MSG_MOD(extack, "Match keys not available in Outer Rule"); + return -EOPNOTSUPP; + } + + type = efx_tc_indr_netdev_type(net_dev); + if (type == EFX_ENCAP_TYPE_NONE) { + NL_SET_ERR_MSG_MOD(extack, "Egress encap match on unsupported tunnel device\n"); + return -EOPNOTSUPP; + } + + rc = efx_mae_check_encap_type_supported(efx, type); + if (rc) { + NL_SET_ERR_MSG_FMT_MOD(extack, + "Firmware reports no support for %s encap match", + efx_tc_encap_type_name(type)); + return rc; + } + /* Reserve the outer tuple with a pseudo Encap Match */ + rc = efx_tc_flower_record_encap_match(efx, match, type, + EFX_TC_EM_PSEUDO_OR, 0, 0, + extack); + if (rc) + return rc; + + if (match->mask.ct_state_trk && match->value.ct_state_trk) { + NL_SET_ERR_MSG_MOD(extack, "LHS rule can never match +trk"); + rc = -EOPNOTSUPP; + goto release_encap_match; + } + /* LHS rules are always -trk, so we don't need to match on that */ + match->mask.ct_state_trk = 0; + match->value.ct_state_trk = 0; + + rc = efx_tc_flower_translate_flhs_match(match); + if (rc) { + NL_SET_ERR_MSG_MOD(extack, "LHS rule cannot match on inner fields"); + goto release_encap_match; + } + + rc = efx_mae_match_check_caps_lhs(efx, &match->mask, extack); + if (rc) + goto release_encap_match; + + rule = kzalloc(sizeof(*rule), GFP_USER); + if (!rule) { + rc = -ENOMEM; + goto release_encap_match; + } + rule->cookie = tc->cookie; + old = rhashtable_lookup_get_insert_fast(&efx->tc->lhs_rule_ht, + &rule->linkage, + efx_tc_lhs_rule_ht_params); + if (old) { + netif_dbg(efx, drv, efx->net_dev, + "Already offloaded rule (cookie %lx)\n", tc->cookie); + rc = -EEXIST; + NL_SET_ERR_MSG_MOD(extack, "Rule already offloaded"); + goto release; + } + + /* Parse actions */ + rc = efx_tc_flower_handle_lhs_actions(efx, tc, fr, net_dev, rule); + if (rc) + goto release; + + rule->match = *match; + rule->lhs_act.tun_type = type; + + rc = efx_mae_insert_lhs_rule(efx, rule, EFX_TC_PRIO_TC); + if (rc) { + NL_SET_ERR_MSG_MOD(extack, "Failed to insert rule in hw"); + goto release; + } + netif_dbg(efx, drv, efx->net_dev, + "Successfully parsed lhs rule (cookie %lx)\n", + tc->cookie); + return 0; + +release: + efx_tc_flower_release_lhs_actions(efx, &rule->lhs_act); + if (!old) + rhashtable_remove_fast(&efx->tc->lhs_rule_ht, &rule->linkage, + efx_tc_lhs_rule_ht_params); + kfree(rule); +release_encap_match: + if (match->encap) + efx_tc_flower_release_encap_match(efx, match->encap); + return rc; +} + static int efx_tc_flower_replace_foreign(struct efx_nic *efx, struct net_device *net_dev, struct flow_cls_offload *tc) @@ -1387,6 +1596,10 @@ static int efx_tc_flower_replace_foreign(struct efx_nic *efx, match.value.ingress_port = rc; match.mask.ingress_port = ~0; + if (efx_tc_rule_is_lhs_rule(fr, &match)) + return efx_tc_flower_replace_foreign_lhs(efx, tc, fr, &match, + net_dev); + if (tc->common.chain_index) { struct efx_tc_recirc_id *rid; diff --git a/drivers/net/ethernet/sfc/tc.h b/drivers/net/ethernet/sfc/tc.h index 4dd2c378fd9f..c4cb52dda057 100644 --- a/drivers/net/ethernet/sfc/tc.h +++ b/drivers/net/ethernet/sfc/tc.h @@ -140,10 +140,14 @@ static inline bool efx_tc_match_is_encap(const struct efx_tc_match_fields *mask) * The pseudo encap match may be referenced again by an encap match * with different values for these fields, but all masks must match the * first (stored in our child_* fields). + * @EFX_TC_EM_PSEUDO_OR: registered by an fLHS rule that fits in the OR + * table. The &struct efx_tc_lhs_rule already holds the HW OR entry. + * Only one reference to this encap match may exist. */ enum efx_tc_em_pseudo_type { EFX_TC_EM_DIRECT, EFX_TC_EM_PSEUDO_MASK, + EFX_TC_EM_PSEUDO_OR, }; struct efx_tc_encap_match { @@ -183,6 +187,7 @@ struct efx_tc_action_set_list { }; struct efx_tc_lhs_action { + enum efx_encap_type tun_type; struct efx_tc_recirc_id *rid; struct efx_tc_ct_zone *zone; struct efx_tc_counter_index *count; From patchwork Mon Oct 2 15:44:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: edward.cree@amd.com X-Patchwork-Id: 13406403 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 452C01CFB1 for ; Mon, 2 Oct 2023 15:45:53 +0000 (UTC) Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2060.outbound.protection.outlook.com [40.107.93.60]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F7EFD7 for ; Mon, 2 Oct 2023 08:45:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YXXwrPyFLFAJ7zhY6356HNHOffpeJEfo5cI1Ou4jzBaD2QFiFbrEhvEeIII4jQrhzA7AaaN09FJGX2OuUUnJTlkADCRNQ9iZW74jlXRVPoNEw/CxS724BzChZqfT7Fr16YZio1sXY0kTl0OFwmnWbeH3olA8lDtOuK9CoW4YMSMACqu/Ib4B7gvLXH5myLAzZoAYO5LAG4eY4aDnUbA2CQrBsH8qFeTe0kLNYxboXKdW9T6fB+2lEltJXkVbe550OufWYo2MP9h7kEzGwpNGvEFdhloUZ5wz+pnpsfQZWYarmmOwyfFqF2vNBIavOUWmdt6SHXLpIwCiQp7g2F+onQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M5DAjSOY17WUdOmUPxr3hoZP87K1+hN/zKiK0eR0Oag=; b=ClTeHHn130A8rQ1JtcxfJv7Gchlx/e7y1s774Zqlu9u4YqfEWjpwOa/P6Sfakn3Ejtm7GMfLnnytVWJdLmw3nlO392tmMqn6CH5pR2Vvsnfs5cfkW3mli84AdYME/RVeZN77OPA4dPZ8uVzWoTcCMwMsMRHDQcjDbsi8vaeyxBu56pOQweETYo+wM0p191PJkPUY1Wp9DQRy6S8StRyGKXYtPlGq7Ar2O4eFaPSkUtAKeKEcz5tSQx7KYqeFHHm7N3JP0wyH0/G2HF12S1Tw46AGbnYcKHh3/EGvZ2zbjYsGE+IRT+V3psZKK6X6FX0K19JH8vysGFz9we9+m4IdoA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=davemloft.net smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M5DAjSOY17WUdOmUPxr3hoZP87K1+hN/zKiK0eR0Oag=; b=nnKIvMVJ/WdCbkE9XXM+2gxx1FuDIQwnD3dLuDC0PvAzJISEohySwDJaNClQE7jcTjJyUicfi8vSPHw3+Ieq6iMuJ81jAcTIKYC9S1BW37qjL7Fus3h0loUKVHCEixsypZJYbjE68tEPujoRAdzBvGA8pPh22ZrrdLpQSn2jmL8= Received: from DM6PR14CA0064.namprd14.prod.outlook.com (2603:10b6:5:18f::41) by DM6PR12MB4941.namprd12.prod.outlook.com (2603:10b6:5:1b8::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.30; Mon, 2 Oct 2023 15:45:47 +0000 Received: from CY4PEPF0000E9DA.namprd05.prod.outlook.com (2603:10b6:5:18f:cafe::e6) by DM6PR14CA0064.outlook.office365.com (2603:10b6:5:18f::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.30 via Frontend Transport; Mon, 2 Oct 2023 15:45:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9DA.mail.protection.outlook.com (10.167.241.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.14 via Frontend Transport; Mon, 2 Oct 2023 15:45:46 +0000 Received: from SATLEXMB05.amd.com (10.181.40.146) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:45 -0500 Received: from SATLEXMB03.amd.com (10.181.40.144) by SATLEXMB05.amd.com (10.181.40.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:45 -0500 Received: from xcbecree41x.xilinx.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Mon, 2 Oct 2023 10:45:44 -0500 From: To: , , , , CC: Edward Cree , , , Subject: [PATCH net-next 2/4] sfc: offload foreign RHS rules without an encap match Date: Mon, 2 Oct 2023 16:44:42 +0100 Message-ID: X-Mailer: git-send-email 2.27.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9DA:EE_|DM6PR12MB4941:EE_ X-MS-Office365-Filtering-Correlation-Id: 062d1f15-f1f0-4a06-9642-08dbc35ea509 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 93NYhX1UHK1BqkcAxCJ5Kkk0tU41wz6eZSdZf3h+w+qZkd2ln0gDfHoQwQ5qwEufkmeiRNibSfAaE2l8PZ/iDssZ4tNtVeC+9M142JEMQoi8IqQjjND2DY4rirwxR1GEZcbimd8OH3Ibn7upCkJtZHZqMqqMOCk1IY00QBC7ro3wEXZikuwUQmyaQ/6wMz+KbU0V1hKnwyyIvPhChG14j1DJMV2kAU8sEW4k9x2+gCIPh4vpx4r2ptqkJQOqUk9bzYKJqFD783uIuE7pDmZF7Go3y8PJlbIyeOf8s/yQSi9d9T8vSRc6wgBixBLk08zBLxmhBWdiPUjUHTUcxmC3t3u3/NVrcQFfThO/tio3LC6c1eirBPiflfHrUhYMDDA71rGPXe2ig1sSKtonGjkEvRQg0nX62acm58ZnaZdJifHsnrb1RhFBXxrSd0rLxOKg+kqcfgwdoj9zIcL3rvRzfCetqttgtndVnd9jA6qv5GfSlDO5vDZEZ1oqKGcb1D/Hcqr/VlrGanuS+309Z5+VuNBQ8y+FQwn3oDtIpxZiAfGlgB0lBdFNMGCy80xt+6Dyr1F09huSDRH2jBe3d/D1+kylJVid+5kjb9ozpz8XlS4JroWgdEOgrQ+nhn/D9q/S3p0cFciQ36SuoAVe3agSbtO78ew89kzCWYE8Ai1+U3fgjfUXszW/qnrAW++1MHdfTPudmEf8Go3Xm1U+UpDoRLDlZdY9h0n2HLxEWFIMJWrlW7Hd27pYuEOG1PVpv+rdSvgPonHO8TwCTs9o0Rn4tQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(39860400002)(346002)(396003)(230922051799003)(64100799003)(451199024)(1800799009)(82310400011)(186009)(46966006)(40470700004)(36840700001)(40460700003)(40480700001)(478600001)(47076005)(81166007)(36860700001)(55446002)(86362001)(356005)(82740400003)(41300700001)(2876002)(2906002)(426003)(9686003)(336012)(83380400001)(26005)(36756003)(70586007)(54906003)(5660300002)(70206006)(316002)(110136005)(8936002)(8676002)(4326008)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2023 15:45:46.5174 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 062d1f15-f1f0-4a06-9642-08dbc35ea509 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9DA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4941 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org From: Edward Cree Normally, if a TC filter on a tunnel netdev does not match on any encap fields, we decline to offload it, as it cannot meet our requirement for a tuple for the encap match. However, if the rule has a nonzero chain_index, then for a packet to reach the rule, it must already have matched a LHS rule which will have included an encap match and determined the tunnel type, so in that case we can offload the right-hand-side rule. Reviewed-by: Pieter Jansen van Vuuren Signed-off-by: Edward Cree --- drivers/net/ethernet/sfc/tc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/sfc/tc.c b/drivers/net/ethernet/sfc/tc.c index 257bec75e952..f4172fc6bd4f 100644 --- a/drivers/net/ethernet/sfc/tc.c +++ b/drivers/net/ethernet/sfc/tc.c @@ -1683,7 +1683,7 @@ static int efx_tc_flower_replace_foreign(struct efx_nic *efx, extack); if (rc) goto release; - } else { + } else if (!tc->common.chain_index) { /* This is not a tunnel decap rule, ignore it */ netif_dbg(efx, drv, efx->net_dev, "Ignoring foreign filter without encap match\n"); From patchwork Mon Oct 2 15:44:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: edward.cree@amd.com X-Patchwork-Id: 13406401 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 48EE81CFA6 for ; Mon, 2 Oct 2023 15:45:52 +0000 (UTC) Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2057.outbound.protection.outlook.com [40.107.223.57]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F0CC6D8 for ; Mon, 2 Oct 2023 08:45:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SY8A///KGDVsk32SfYbAiZRYyOTcXK2CaHQkc2Pb/qIa4LovyQsw6kG+gBs8iFJ74GkEjbDYuBv3xO7+euLJRTa/XSu6QFsBB34L4/oeR+C46BKHkqVASLxjehLJFeYcFrOfCe3iphVqbQbzxWV//i1vgoukHdo+5QE+05WROZasS79QD2hQ/27ujROYeuRrwPEOivwfDRg7dwPgGoaYqs9KcOWQVKBPV6u/WBpf8fXBlqNgb+mc9srzJ0DhPUc19GfKxVwYPdn9sov0bthC6/mOBI1bqh3hhuEciWYvihL6R/N3lSGcnUgPaIIy5kFnRtC7mKV+XL1Xh2v6+ZxWvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yOaznqtpMH9jlvdp6fF5fumxDh4r0qqVPyQptVrU0LY=; b=jvl2ot6wMOt6MQDwCMhTgjxICNzeBuFbGuRod7TSVGATuGVDvcR2nCmb+3rzIioi+XVw4lGXuuMp5nF4pElQtyHbEy5HQtBDlaIV61SeMrXMaQ7CMQ7Z/q6PA9EQdP/PfKEM0bbfD0TG99BCMYfVd9wngCEjAB58jUeZdOJ/M635sBjGAO6L9i9axs302+s17nTWz0FIAoawboawnQ7IqZk8w5hMpkNz7yi2C6eTRsSwYPa3sEusbz+yRapgMM/+BxJ2Y9YaY1PXsI25Z0XchMRUZBmun3z5oIxttzT+lLMAACbjLfrmnGqwTtBC0j8y0irLA+KPezcbJ+82ChYaTQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=davemloft.net smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yOaznqtpMH9jlvdp6fF5fumxDh4r0qqVPyQptVrU0LY=; b=QYvyOO/uzIS9kOjJQ5C5uJhvnpDNFcsdNzPbIfII6yz3h2M2Ctq6K7E7f3dAq2p9TSJkJkkuCcIgCgJr8e3hp20jaWAod/RnRPYu+wHrXyXaRo+uYXhdHUL9sAQgG7lzxHLyL38/oLGCUh1hUiZy38f5qlugwIt051P2LEgVEPk= Received: from DM6PR02CA0042.namprd02.prod.outlook.com (2603:10b6:5:177::19) by BL1PR12MB5078.namprd12.prod.outlook.com (2603:10b6:208:313::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.31; Mon, 2 Oct 2023 15:45:48 +0000 Received: from CY4PEPF0000EDD2.namprd03.prod.outlook.com (2603:10b6:5:177:cafe::bf) by DM6PR02CA0042.outlook.office365.com (2603:10b6:5:177::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.30 via Frontend Transport; Mon, 2 Oct 2023 15:45:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; pr=C Received: from SATLEXMB03.amd.com (165.204.84.17) by CY4PEPF0000EDD2.mail.protection.outlook.com (10.167.241.206) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 2 Oct 2023 15:45:48 +0000 Received: from SATLEXMB05.amd.com (10.181.40.146) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:47 -0500 Received: from SATLEXMB03.amd.com (10.181.40.144) by SATLEXMB05.amd.com (10.181.40.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:46 -0500 Received: from xcbecree41x.xilinx.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Mon, 2 Oct 2023 10:45:45 -0500 From: To: , , , , CC: Edward Cree , , , Subject: [PATCH net-next 3/4] sfc: ensure an extack msg from efx_tc_flower_replace_foreign EOPNOTSUPPs Date: Mon, 2 Oct 2023 16:44:43 +0100 Message-ID: <60e3aaba6d6874f76d9c67b804cd1bac297bc7b7.1696261222.git.ecree.xilinx@gmail.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000EDD2:EE_|BL1PR12MB5078:EE_ X-MS-Office365-Filtering-Correlation-Id: 0b4df7e9-c623-4f40-e0db-08dbc35ea5f1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: eJgqmOSKGZ3eGaFZIFfaz/lQVepzGpiO1ffYPDqWV+oBZv1Ua3l1JxtswWMhyl5B6PSr1wGJvm92c7jV+G/nXyZUryJH31AGis/2xSMw0DeAfCeRUbBw2PdviNJ4x+WEn9tzRjSu8AqqQJja3cWB8EwcSKf6z0OJ6Ij+LKUQKjWTMH9IZLPt6PLYHQQN+DaQhXDo7sz4PEVGb7qQtp7w+LLWVs5AssbEWAMqYLC8kEsEkL0YcSd3v8ynvx+/llq3UcyBVxj51+Km/3iozjMhG0aNwHZGyMoKpQz1sPSYyy9URjqiCAemkWeDPXZQjko7GH5JuVYlMMq/zjPs27bfo1z6UjIYswymh6+OSbBddnRM0OIypIa+6O7QEUfVpGJOt/T24aEQjcusPILL8kdaM1K13ot80TLpjsGXnR9WLLRycBGlZL5uYhMuzKXjQv3WsR8/eKmRJuJCKAt3AY+rd6CqXsy3hX55j6BczZDivZE0xrahP4di+bNUEm1IFoGt1Pu2nzwzNKsOuHTvZFSjMVhwCh/x34HU+sz6RB1WOPps1JEfLDBolQGtRU/VOuaWvHIuNfkLpUcMv1kdtcK/HIXkXi6o4MCg/xYvB/CWZblrUpYAgPusdFRW7vzmjRpvPDk6FZrvT7b9xpPwF+VQ+7k6WZIlKTZWniuwuEMV0mptsNGKVTWHbcsZ8DZEJF9JzhkRNQEctNdxF6O/aa0rCiH0YWTWCTB3OyopECqRxp8gau4k1SbyyEy+TddrtdxocAxUsd7Xl2euQoUBfyGrDw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(39860400002)(346002)(136003)(376002)(230922051799003)(1800799009)(451199024)(186009)(82310400011)(64100799003)(36840700001)(40470700004)(46966006)(478600001)(336012)(83380400001)(426003)(26005)(9686003)(36756003)(2876002)(41300700001)(316002)(110136005)(54906003)(70206006)(70586007)(5660300002)(8676002)(8936002)(4326008)(2906002)(36860700001)(81166007)(47076005)(356005)(86362001)(55446002)(82740400003)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2023 15:45:48.0397 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0b4df7e9-c623-4f40-e0db-08dbc35ea5f1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000EDD2.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5078 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org From: Edward Cree There were a few places where no extack error message was set, or the extack was not forwarded to callees, potentially resulting in a return of -EOPNOTSUPP with no additional information. Make sure to populate the error message in these cases. In practice this does us no good as TC indirect block callbacks don't come with an extack to fill in; but maybe they will someday and when debugging it's possible to provide a fake extack and emit its message to the console. Reviewed-by: Pieter Jansen van Vuuren Signed-off-by: Edward Cree --- drivers/net/ethernet/sfc/tc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/sfc/tc.c b/drivers/net/ethernet/sfc/tc.c index f4172fc6bd4f..6acd30f2db1e 100644 --- a/drivers/net/ethernet/sfc/tc.c +++ b/drivers/net/ethernet/sfc/tc.c @@ -1580,7 +1580,7 @@ static int efx_tc_flower_replace_foreign(struct efx_nic *efx, /* Parse match */ memset(&match, 0, sizeof(match)); - rc = efx_tc_flower_parse_match(efx, fr, &match, NULL); + rc = efx_tc_flower_parse_match(efx, fr, &match, extack); if (rc) return rc; /* The rule as given to us doesn't specify a source netdevice. @@ -1629,6 +1629,7 @@ static int efx_tc_flower_replace_foreign(struct efx_nic *efx, if (match.mask.ct_state_est && !match.value.ct_state_est) { if (match.value.tcp_syn_fin_rst) { /* Can't offload this combination */ + NL_SET_ERR_MSG_MOD(extack, "TCP flags and -est conflict for offload"); rc = -EOPNOTSUPP; goto release; } @@ -1655,7 +1656,7 @@ static int efx_tc_flower_replace_foreign(struct efx_nic *efx, goto release; } - rc = efx_mae_match_check_caps(efx, &match.mask, NULL); + rc = efx_mae_match_check_caps(efx, &match.mask, extack); if (rc) goto release; @@ -1743,6 +1744,7 @@ static int efx_tc_flower_replace_foreign(struct efx_nic *efx, goto release; } if (!efx_tc_flower_action_order_ok(act, EFX_TC_AO_COUNT)) { + NL_SET_ERR_MSG_MOD(extack, "Count action violates action order (can't happen)"); rc = -EOPNOTSUPP; goto release; } From patchwork Mon Oct 2 15:44:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: edward.cree@amd.com X-Patchwork-Id: 13406404 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 196B11CFBD for ; Mon, 2 Oct 2023 15:45:53 +0000 (UTC) Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2059.outbound.protection.outlook.com [40.107.243.59]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 869FCA4 for ; Mon, 2 Oct 2023 08:45:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bMINuaTRs3gQOdGvGQRZYdvylGGkPyIGsc89rbx9KOHBlkP+bqB+iWNMdedO3RL3LHVU99ZWkchM3FUrueYRxXGmJ0QUe68evqmxB1+H76HELujxfcm3oBBSWJamY5B5qegnhsvo169/J2XpAAUz6ivpWj91fQyPi8Gg2NzrICsfp9Q9zx3C8reukXEvbLvhjJeTbWg3VEBdSasGkbNkIjejqfSdETB9/2N4YWWAl1y+qiv3tdky5hETToad9zIehoRpGYbDLC465xId8ZXnitfSSiP1L3ZehDRKWTkZR0dupds6GwloTXH78ZjMJ6spQ+g4wEAZ+hJ3gdRKLAftZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M7x30oJI0NJiYFR+W4yJGDCsh2jpNDnb8disCj7RED4=; b=Wq2WKWLG4BfKL5ZnpqT2c4ZA6i3R49P89uR6EcCLYsaM/R693qsQmzili2dUQHrn9e8M6dwbMStxuibq07DsNzJeG6PECZtgXZ5UPfxDdXjGkiz2UNQLp4kr+60wbygHHBO6pBGt+HD0Vxn7qWnxfalI0ExEEf+3UrHrb9FqOZIoqmTyzhtRgUITull8eYTf1hsVdLhcF80vMEeXPK/twUDcJbebXElmz2FhsjPSGb6BcNGW10VbmDlJ3R0tULe3lwtdMkN569lR+EZLEAsy78xZeHVZar4uqlwkNPgD7bgZ4CykeyZ0QhxIzH3oNnoj8vL4J0szRslpVVFkgL4jFw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=davemloft.net smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M7x30oJI0NJiYFR+W4yJGDCsh2jpNDnb8disCj7RED4=; b=15TLsxdkVYBL4F3aL37YO7ekDHrJymK9WgSGPBji2+eFvIrceW9wR+WDYDvgClqtOOTh/LmZ5B00mfMudUj6EYPbfj0o7x2jBlYelpUL3JWsYRdeI4KuevYhAIk0qMRHAZEobSoI7R+mApFcTsG2ySwJ5e0n56M8WBmBJvht4vQ= Received: from CYZPR05CA0013.namprd05.prod.outlook.com (2603:10b6:930:89::11) by CYXPR12MB9443.namprd12.prod.outlook.com (2603:10b6:930:db::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.29; Mon, 2 Oct 2023 15:45:49 +0000 Received: from CY4PEPF0000E9D6.namprd05.prod.outlook.com (2603:10b6:930:89:cafe::6b) by CYZPR05CA0013.outlook.office365.com (2603:10b6:930:89::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.23 via Frontend Transport; Mon, 2 Oct 2023 15:45:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9D6.mail.protection.outlook.com (10.167.241.80) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 2 Oct 2023 15:45:49 +0000 Received: from SATLEXMB06.amd.com (10.181.40.147) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:48 -0500 Received: from SATLEXMB03.amd.com (10.181.40.144) by SATLEXMB06.amd.com (10.181.40.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 10:45:48 -0500 Received: from xcbecree41x.xilinx.com (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Mon, 2 Oct 2023 10:45:47 -0500 From: To: , , , , CC: Edward Cree , , , Subject: [PATCH net-next 4/4] sfc: support TC rules which require OR-AR-CT-AR flow Date: Mon, 2 Oct 2023 16:44:44 +0100 Message-ID: X-Mailer: git-send-email 2.27.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9D6:EE_|CYXPR12MB9443:EE_ X-MS-Office365-Filtering-Correlation-Id: dd2c937b-ed3e-4971-4e16-08dbc35ea692 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1vTPHTCu5XMmU5wUoEm63FuwPwgt2eyV1gT8snF6P6XzS4FqGz/hldK4qd3XcBFxfhykCRz+Un01b7FlViQTLkPMTWfR7UHWT16/Tj0zC2S2DfV/k4Z7va/aKOjN48HTAjuogGgfeEQWEpX0LBRmf2ur7tc5CfNgPl6AGr3in85he79kv1MwLOFvYsYywgDhbp+705O5IX47vy8zRnA+mOLiSkkOU9riF54jOaXuSkXmYr+OOYAatSO25/e5GbftC+wNk0TLP5OKmU4CKk+X4VCCL3U9ZK6rtG+It+esud0MbAV0Z1x0meegABhlZMmPiShvUhCbxWZ7FPeUc6wdlmgX7T76hzRLamzTMHWGIJGCE+ZUWOyWdwHKaGkouGgz/kwDO3s0EyqV/baPMEeVIpOt5fsqlIVzYj2TBIcqbHhcNshzmKKOFnIRs3gYnSNE0jDOy+wsXwaFqRHvJ2sd1uLHFaAKGl6BpEGGeewWoI5ahleXQtog/a4p+NtEakzEZ1UDMNda90pIpZ5BkfaoOF4JCPoe5twzOf816+Fuqba0UqLZhYJA5XWUTW1gBRAritCQ33gN38ySwIusIQySwngQxS4LRhHEMYP7TQINAhi3bWK9YdXMcQTnA0qq3QvIkHld3NOTBz9NZOL2/aZCw97MPF5SabdME11xVy8aKzzm39WIgzJ2Prdg7RlSE3Z83gmZR3bBgTtyzd9x4mcxcmZ+GSZzBEOGrlKSwm0MaR/rSn7v6pDte1rGv7Zqq79FMLsNsnNX0aeiNXCeefk7HXUM2baB6n7MR7sWvAhA4zg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(376002)(396003)(39860400002)(136003)(230922051799003)(82310400011)(451199024)(64100799003)(1800799009)(186009)(36840700001)(40470700004)(46966006)(40460700003)(336012)(426003)(5660300002)(2876002)(2906002)(6666004)(86362001)(356005)(55446002)(9686003)(478600001)(81166007)(36756003)(40480700001)(82740400003)(8676002)(26005)(4326008)(36860700001)(316002)(47076005)(110136005)(70586007)(8936002)(70206006)(54906003)(83380400001)(41300700001)(36900700001)(309714004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2023 15:45:49.0911 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: dd2c937b-ed3e-4971-4e16-08dbc35ea692 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9D6.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYXPR12MB9443 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org From: Edward Cree When a foreign LHS rule (TC rule from a tunnel netdev which requests conntrack lookup) matches on inner headers or enc_key_id, these matches cannot be performed by the Outer Rule table, as the keys are only available after the tunnel type has been identified (by the OR lookup) and the rest of the headers parsed accordingly. Offload such rules with an Action Rule, using the LOOKUP_CONTROL section of the AR response to specify the conntrack and/or recirculation actions, combined with an Outer Rule which performs only the usual Encap Match duties. This processing flow, as it requires two AR lookups per packet, is less performant than OR-CT-AR, so only use it where necessary. Reviewed-by: Pieter Jansen van Vuuren Signed-off-by: Edward Cree --- drivers/net/ethernet/sfc/mae.c | 53 +++++++++++++++ drivers/net/ethernet/sfc/tc.c | 116 +++++++++++++++++++++++++++++++-- drivers/net/ethernet/sfc/tc.h | 1 + 3 files changed, 165 insertions(+), 5 deletions(-) diff --git a/drivers/net/ethernet/sfc/mae.c b/drivers/net/ethernet/sfc/mae.c index d1c8872efac9..021980a958b7 100644 --- a/drivers/net/ethernet/sfc/mae.c +++ b/drivers/net/ethernet/sfc/mae.c @@ -1736,9 +1736,60 @@ static int efx_mae_insert_lhs_outer_rule(struct efx_nic *efx, return 0; } +static int efx_mae_populate_match_criteria(MCDI_DECLARE_STRUCT_PTR(match_crit), + const struct efx_tc_match *match); + +static int efx_mae_insert_lhs_action_rule(struct efx_nic *efx, + struct efx_tc_lhs_rule *rule, + u32 prio) +{ + MCDI_DECLARE_BUF(inbuf, MC_CMD_MAE_ACTION_RULE_INSERT_IN_LEN(MAE_FIELD_MASK_VALUE_PAIRS_V2_LEN)); + MCDI_DECLARE_BUF(outbuf, MC_CMD_MAE_ACTION_RULE_INSERT_OUT_LEN); + struct efx_tc_lhs_action *act = &rule->lhs_act; + MCDI_DECLARE_STRUCT_PTR(match_crit); + MCDI_DECLARE_STRUCT_PTR(response); + size_t outlen; + int rc; + + match_crit = _MCDI_DWORD(inbuf, MAE_ACTION_RULE_INSERT_IN_MATCH_CRITERIA); + response = _MCDI_DWORD(inbuf, MAE_ACTION_RULE_INSERT_IN_RESPONSE); + MCDI_STRUCT_SET_DWORD(response, MAE_ACTION_RULE_RESPONSE_ASL_ID, + MC_CMD_MAE_ACTION_SET_LIST_ALLOC_OUT_ACTION_SET_LIST_ID_NULL); + MCDI_STRUCT_SET_DWORD(response, MAE_ACTION_RULE_RESPONSE_AS_ID, + MC_CMD_MAE_ACTION_SET_ALLOC_OUT_ACTION_SET_ID_NULL); + EFX_POPULATE_DWORD_5(*_MCDI_STRUCT_DWORD(response, MAE_ACTION_RULE_RESPONSE_LOOKUP_CONTROL), + MAE_ACTION_RULE_RESPONSE_DO_CT, !!act->zone, + MAE_ACTION_RULE_RESPONSE_DO_RECIRC, + act->rid && !act->zone, + MAE_ACTION_RULE_RESPONSE_CT_VNI_MODE, + MAE_CT_VNI_MODE_ZERO, + MAE_ACTION_RULE_RESPONSE_RECIRC_ID, + act->rid ? act->rid->fw_id : 0, + MAE_ACTION_RULE_RESPONSE_CT_DOMAIN, + act->zone ? act->zone->zone : 0); + MCDI_STRUCT_SET_DWORD(response, MAE_ACTION_RULE_RESPONSE_COUNTER_ID, + act->count ? act->count->cnt->fw_id : + MC_CMD_MAE_COUNTER_ALLOC_OUT_COUNTER_ID_NULL); + MCDI_SET_DWORD(inbuf, MAE_ACTION_RULE_INSERT_IN_PRIO, prio); + rc = efx_mae_populate_match_criteria(match_crit, &rule->match); + if (rc) + return rc; + + rc = efx_mcdi_rpc(efx, MC_CMD_MAE_ACTION_RULE_INSERT, inbuf, sizeof(inbuf), + outbuf, sizeof(outbuf), &outlen); + if (rc) + return rc; + if (outlen < sizeof(outbuf)) + return -EIO; + rule->fw_id = MCDI_DWORD(outbuf, MAE_ACTION_RULE_INSERT_OUT_AR_ID); + return 0; +} + int efx_mae_insert_lhs_rule(struct efx_nic *efx, struct efx_tc_lhs_rule *rule, u32 prio) { + if (rule->is_ar) + return efx_mae_insert_lhs_action_rule(efx, rule, prio); return efx_mae_insert_lhs_outer_rule(efx, rule, prio); } @@ -1772,6 +1823,8 @@ static int efx_mae_remove_lhs_outer_rule(struct efx_nic *efx, int efx_mae_remove_lhs_rule(struct efx_nic *efx, struct efx_tc_lhs_rule *rule) { + if (rule->is_ar) + return efx_mae_delete_rule(efx, rule->fw_id); return efx_mae_remove_lhs_outer_rule(efx, rule); } diff --git a/drivers/net/ethernet/sfc/tc.c b/drivers/net/ethernet/sfc/tc.c index 6acd30f2db1e..3d76b7598631 100644 --- a/drivers/net/ethernet/sfc/tc.c +++ b/drivers/net/ethernet/sfc/tc.c @@ -978,9 +978,12 @@ static int efx_tc_flower_handle_lhs_actions(struct efx_nic *efx, struct netlink_ext_ack *extack = tc->common.extack; struct efx_tc_lhs_action *act = &rule->lhs_act; const struct flow_action_entry *fa; + enum efx_tc_counter_type ctype; bool pipe = true; int i; + ctype = rule->is_ar ? EFX_TC_COUNTER_TYPE_AR : EFX_TC_COUNTER_TYPE_OR; + flow_action_for_each(i, fa, &fr->action) { struct efx_tc_ct_zone *ct_zone; struct efx_tc_recirc_id *rid; @@ -1013,7 +1016,7 @@ static int efx_tc_flower_handle_lhs_actions(struct efx_nic *efx, return -EOPNOTSUPP; } cnt = efx_tc_flower_get_counter_index(efx, tc->cookie, - EFX_TC_COUNTER_TYPE_OR); + ctype); if (IS_ERR(cnt)) { NL_SET_ERR_MSG_MOD(extack, "Failed to obtain a counter"); return PTR_ERR(cnt); @@ -1450,6 +1453,110 @@ static int efx_tc_incomplete_mangle(struct efx_tc_mangler_state *mung, return 0; } +static int efx_tc_flower_replace_foreign_lhs_ar(struct efx_nic *efx, + struct flow_cls_offload *tc, + struct flow_rule *fr, + struct efx_tc_match *match, + struct net_device *net_dev) +{ + struct netlink_ext_ack *extack = tc->common.extack; + struct efx_tc_lhs_rule *rule, *old; + enum efx_encap_type type; + int rc; + + type = efx_tc_indr_netdev_type(net_dev); + if (type == EFX_ENCAP_TYPE_NONE) { + NL_SET_ERR_MSG_MOD(extack, "Egress encap match on unsupported tunnel device"); + return -EOPNOTSUPP; + } + + rc = efx_mae_check_encap_type_supported(efx, type); + if (rc) { + NL_SET_ERR_MSG_FMT_MOD(extack, + "Firmware reports no support for %s encap match", + efx_tc_encap_type_name(type)); + return rc; + } + /* This is an Action Rule, so it needs a separate Encap Match in the + * Outer Rule table. Insert that now. + */ + rc = efx_tc_flower_record_encap_match(efx, match, type, + EFX_TC_EM_DIRECT, 0, 0, extack); + if (rc) + return rc; + + match->mask.recirc_id = 0xff; + if (match->mask.ct_state_trk && match->value.ct_state_trk) { + NL_SET_ERR_MSG_MOD(extack, "LHS rule can never match +trk"); + rc = -EOPNOTSUPP; + goto release_encap_match; + } + /* LHS rules are always -trk, so we don't need to match on that */ + match->mask.ct_state_trk = 0; + match->value.ct_state_trk = 0; + /* We must inhibit match on TCP SYN/FIN/RST, so that SW can see + * the packet and update the conntrack table. + * Outer Rules will do that with CT_TCP_FLAGS_INHIBIT, but Action + * Rules don't have that; instead they support matching on + * TCP_SYN_FIN_RST (aka TCP_INTERESTING_FLAGS), so use that. + * This is only strictly needed if there will be a DO_CT action, + * which we don't know yet, but typically there will be and it's + * simpler not to bother checking here. + */ + match->mask.tcp_syn_fin_rst = true; + + rc = efx_mae_match_check_caps(efx, &match->mask, extack); + if (rc) + goto release_encap_match; + + rule = kzalloc(sizeof(*rule), GFP_USER); + if (!rule) { + rc = -ENOMEM; + goto release_encap_match; + } + rule->cookie = tc->cookie; + rule->is_ar = true; + old = rhashtable_lookup_get_insert_fast(&efx->tc->lhs_rule_ht, + &rule->linkage, + efx_tc_lhs_rule_ht_params); + if (old) { + netif_dbg(efx, drv, efx->net_dev, + "Already offloaded rule (cookie %lx)\n", tc->cookie); + rc = -EEXIST; + NL_SET_ERR_MSG_MOD(extack, "Rule already offloaded"); + goto release; + } + + /* Parse actions */ + rc = efx_tc_flower_handle_lhs_actions(efx, tc, fr, net_dev, rule); + if (rc) + goto release; + + rule->match = *match; + rule->lhs_act.tun_type = type; + + rc = efx_mae_insert_lhs_rule(efx, rule, EFX_TC_PRIO_TC); + if (rc) { + NL_SET_ERR_MSG_MOD(extack, "Failed to insert rule in hw"); + goto release; + } + netif_dbg(efx, drv, efx->net_dev, + "Successfully parsed lhs rule (cookie %lx)\n", + tc->cookie); + return 0; + +release: + efx_tc_flower_release_lhs_actions(efx, &rule->lhs_act); + if (!old) + rhashtable_remove_fast(&efx->tc->lhs_rule_ht, &rule->linkage, + efx_tc_lhs_rule_ht_params); + kfree(rule); +release_encap_match: + if (match->encap) + efx_tc_flower_release_encap_match(efx, match->encap); + return rc; +} + static int efx_tc_flower_replace_foreign_lhs(struct efx_nic *efx, struct flow_cls_offload *tc, struct flow_rule *fr, @@ -1472,10 +1579,9 @@ static int efx_tc_flower_replace_foreign_lhs(struct efx_nic *efx, return -EOPNOTSUPP; } - if (efx_tc_flower_flhs_needs_ar(match)) { - NL_SET_ERR_MSG_MOD(extack, "Match keys not available in Outer Rule"); - return -EOPNOTSUPP; - } + if (efx_tc_flower_flhs_needs_ar(match)) + return efx_tc_flower_replace_foreign_lhs_ar(efx, tc, fr, match, + net_dev); type = efx_tc_indr_netdev_type(net_dev); if (type == EFX_ENCAP_TYPE_NONE) { diff --git a/drivers/net/ethernet/sfc/tc.h b/drivers/net/ethernet/sfc/tc.h index c4cb52dda057..86e38ea7988c 100644 --- a/drivers/net/ethernet/sfc/tc.h +++ b/drivers/net/ethernet/sfc/tc.h @@ -208,6 +208,7 @@ struct efx_tc_lhs_rule { struct efx_tc_lhs_action lhs_act; struct rhash_head linkage; u32 fw_id; + bool is_ar; /* Action Rule (for OR-AR-CT-AR sequence) */ }; enum efx_tc_rule_prios {