From: John Fastabend <john.fastabend@gmail.com>
To: tgraf@suug.ch, simon.horman@netronome.com, sfeldma@gmail.com
Cc: netdev@vger.kernel.org, jhs@mojatatu.com, davem@davemloft.net,
gerlitz.or@gmail.com, andy@greyhouse.net, ast@plumgrid.com
Subject: [net-next PATCH v3 07/12] net: rocker: add set rule ops
Date: Tue, 20 Jan 2015 12:29:10 -0800 [thread overview]
Message-ID: <20150120202909.1741.1884.stgit@nitbit.x32> (raw)
In-Reply-To: <20150120202404.1741.8658.stgit@nitbit.x32>
Implement set rule operations for existing rocker tables.
Signed-off-by: John Fastabend <john.r.fastabend@intel.com>
---
drivers/net/ethernet/rocker/rocker.c | 421 ++++++++++++++++++++++++++++++++++
1 file changed, 420 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/rocker/rocker.c b/drivers/net/ethernet/rocker/rocker.c
index d2ea451..51290882 100644
--- a/drivers/net/ethernet/rocker/rocker.c
+++ b/drivers/net/ethernet/rocker/rocker.c
@@ -3830,6 +3830,422 @@ static struct net_flow_hdr_node **rocker_get_hgraph(struct net_device *d)
{
return rocker_header_nodes;
}
+
+static u32 rocker_goto_value(u32 id)
+{
+ switch (id) {
+ case ROCKER_FLOW_TABLE_ID_INGRESS_PORT:
+ return ROCKER_OF_DPA_TABLE_ID_INGRESS_PORT;
+ case ROCKER_FLOW_TABLE_ID_VLAN:
+ return ROCKER_OF_DPA_TABLE_ID_VLAN;
+ case ROCKER_FLOW_TABLE_ID_TERMINATION_MAC:
+ return ROCKER_OF_DPA_TABLE_ID_TERMINATION_MAC;
+ case ROCKER_FLOW_TABLE_ID_UNICAST_ROUTING:
+ return ROCKER_OF_DPA_TABLE_ID_UNICAST_ROUTING;
+ case ROCKER_FLOW_TABLE_ID_MULTICAST_ROUTING:
+ return ROCKER_OF_DPA_TABLE_ID_MULTICAST_ROUTING;
+ case ROCKER_FLOW_TABLE_ID_BRIDGING:
+ return ROCKER_OF_DPA_TABLE_ID_BRIDGING;
+ case ROCKER_FLOW_TABLE_ID_ACL_POLICY:
+ return ROCKER_OF_DPA_TABLE_ID_ACL_POLICY;
+ default:
+ return 0;
+ }
+}
+
+static int rocker_flow_set_ig_port(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ struct rocker_port *rocker_port = netdev_priv(dev);
+ enum rocker_of_dpa_table_id goto_tbl;
+ u32 in_lport_mask, in_lport;
+ int flags = 0;
+
+ /* ingress port table only supports one field/mask/action this
+ * simplifies the key construction and we can assume the values
+ * are the correct types/mask/action by valid check above. The
+ * user could pass multiple match/actions in a message with the
+ * same field multiple times currently the valid test does not
+ * catch this and we just use the first specified.
+ */
+ in_lport = rule->matches[0].value_u32;
+ in_lport_mask = rule->matches[0].mask_u32;
+ goto_tbl = rocker_goto_value(rule->actions[0].args[0].value_u16);
+
+ return rocker_flow_tbl_ig_port(rocker_port, flags,
+ in_lport, in_lport_mask,
+ goto_tbl);
+}
+
+static int rocker_flow_set_vlan(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ struct rocker_port *rocker_port = netdev_priv(dev);
+ __be16 vlan_id, vlan_id_mask, new_vlan_id;
+ bool untagged, have_in_lport = false;
+ enum rocker_of_dpa_table_id goto_tbl;
+ int i, flags = 0;
+ u32 in_lport;
+
+ goto_tbl = ROCKER_OF_DPA_TABLE_ID_TERMINATION_MAC;
+
+ /* If user does not specify vid match default to any */
+ vlan_id = htons(1);
+ vlan_id_mask = 0;
+
+ for (i = 0; rule->matches && rule->matches[i].instance; i++) {
+ switch (rule->matches[i].instance) {
+ case ROCKER_HEADER_INSTANCE_IN_LPORT:
+ in_lport = rule->matches[i].value_u32;
+ have_in_lport = true;
+ break;
+ case ROCKER_HEADER_INSTANCE_VLAN_OUTER:
+ if (rule->matches[i].field != HEADER_VLAN_VID)
+ break;
+
+ vlan_id = htons(rule->matches[i].value_u16);
+ vlan_id_mask = htons(rule->matches[i].mask_u16);
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ if (!have_in_lport)
+ return -EINVAL;
+
+ /* If user does not specify a new vlan id use default vlan id */
+ new_vlan_id = rocker_port_vid_to_vlan(rocker_port, vlan_id, &untagged);
+
+ for (i = 0; rule->actions && rule->actions[i].uid; i++) {
+ struct net_flow_action_arg *arg = &rule->actions[i].args[0];
+
+ switch (rule->actions[i].uid) {
+ case ACTION_SET_VLAN_ID:
+ new_vlan_id = htons(arg->value_u16);
+ if (new_vlan_id)
+ untagged = false;
+ break;
+ }
+ }
+
+ return rocker_flow_tbl_vlan(rocker_port, flags, in_lport,
+ vlan_id, vlan_id_mask, goto_tbl,
+ untagged, new_vlan_id);
+}
+
+static int rocker_flow_set_term_mac(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ struct rocker_port *rocker_port = netdev_priv(dev);
+ __be16 vlan_id, vlan_id_mask, ethtype = 0;
+ const u8 *eth_dst, *eth_dst_mask;
+ u32 in_lport, in_lport_mask;
+ int i, flags = 0;
+ bool copy_to_cpu;
+
+ /* If user does not specify vid match default to any */
+ vlan_id = rocker_port->internal_vlan_id;
+ vlan_id_mask = 0;
+
+ /* If user does not specify in_lport match default to any */
+ in_lport = rocker_port->lport;
+ in_lport_mask = 0;
+
+ /* If user does not specify a mac address match any */
+ eth_dst = rocker_port->dev->dev_addr;
+ eth_dst_mask = zero_mac;
+
+ for (i = 0; rule->matches && rule->matches[i].instance; i++) {
+ switch (rule->matches[i].instance) {
+ case ROCKER_HEADER_INSTANCE_IN_LPORT:
+ in_lport = rule->matches[i].value_u32;
+ in_lport_mask = rule->matches[i].mask_u32;
+ break;
+ case ROCKER_HEADER_INSTANCE_VLAN_OUTER:
+ if (rule->matches[i].field != HEADER_VLAN_VID)
+ break;
+
+ vlan_id = htons(rule->matches[i].value_u16);
+ vlan_id_mask = htons(rule->matches[i].mask_u16);
+ break;
+ case ROCKER_HEADER_INSTANCE_ETHERNET:
+ switch (rule->matches[i].field) {
+ case HEADER_ETHERNET_DST_MAC:
+ eth_dst = (u8 *)&rule->matches[i].value_u64;
+ eth_dst_mask = (u8 *)&rule->matches[i].mask_u64;
+ break;
+ case HEADER_ETHERNET_ETHERTYPE:
+ ethtype = htons(rule->matches[i].value_u16);
+ break;
+ default:
+ return -EINVAL;
+ }
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ if (!ethtype)
+ return -EINVAL;
+
+ /* By default do not copy to cpu */
+ copy_to_cpu = false;
+
+ for (i = 0; rule->actions && rule->actions[i].uid; i++) {
+ switch (rule->actions[i].uid) {
+ case ACTION_COPY_TO_CPU:
+ copy_to_cpu = true;
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ return rocker_flow_tbl_term_mac(rocker_port, in_lport, in_lport_mask,
+ ethtype, eth_dst, eth_dst_mask,
+ vlan_id, vlan_id_mask,
+ copy_to_cpu, flags);
+}
+
+static int rocker_flow_set_ucast_routing(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ return -EOPNOTSUPP;
+}
+
+static int rocker_flow_set_mcast_routing(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ return -EOPNOTSUPP;
+}
+
+static int rocker_flow_set_bridge(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ enum rocker_of_dpa_table_id goto_tbl;
+ struct rocker_port *rocker_port = netdev_priv(dev);
+ u32 in_lport, in_lport_mask, group_id, tunnel_id;
+ __be16 vlan_id, vlan_id_mask;
+ const u8 *eth_dst, *eth_dst_mask;
+ int i, flags = 0;
+ bool copy_to_cpu;
+
+ goto_tbl = ROCKER_OF_DPA_TABLE_ID_ACL_POLICY;
+
+ /* If user does not specify vid match default to any */
+ vlan_id = rocker_port->internal_vlan_id;
+ vlan_id_mask = 0;
+
+ /* If user does not specify in_lport match default to any */
+ in_lport = rocker_port->lport;
+ in_lport_mask = 0;
+
+ /* If user does not specify a mac address match any */
+ eth_dst = rocker_port->dev->dev_addr;
+ eth_dst_mask = NULL;
+
+ /* Do not support for tunnel_id yet. */
+ tunnel_id = 0;
+
+ for (i = 0; rule->matches && rule->matches[i].instance; i++) {
+ switch (rule->matches[i].instance) {
+ case ROCKER_HEADER_INSTANCE_IN_LPORT:
+ in_lport = rule->matches[i].value_u32;
+ in_lport_mask = rule->matches[i].mask_u32;
+ break;
+ case ROCKER_HEADER_INSTANCE_VLAN_OUTER:
+ if (rule->matches[i].field != HEADER_VLAN_VID)
+ break;
+
+ vlan_id = htons(rule->matches[i].value_u16);
+ vlan_id_mask = htons(rule->matches[i].mask_u16);
+ break;
+ case ROCKER_HEADER_INSTANCE_ETHERNET:
+ switch (rule->matches[i].field) {
+ case HEADER_ETHERNET_DST_MAC:
+ eth_dst = (u8 *)&rule->matches[i].value_u64;
+ eth_dst_mask = (u8 *)&rule->matches[i].mask_u64;
+ break;
+ default:
+ return -EINVAL;
+ }
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ /* By default do not copy to cpu and skip group assignment */
+ copy_to_cpu = false;
+ group_id = ROCKER_GROUP_NONE;
+
+ for (i = 0; rule->actions && rule->actions[i].uid; i++) {
+ struct net_flow_action_arg *arg = &rule->actions[i].args[0];
+
+ switch (rule->actions[i].uid) {
+ case ACTION_COPY_TO_CPU:
+ copy_to_cpu = true;
+ break;
+ case ROCKER_ACTION_SET_GROUP_ID:
+ group_id = arg->value_u32;
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ /* Ignoring eth_dst_mask it seems to cause a EINVAL return code */
+ return rocker_flow_tbl_bridge(rocker_port, flags,
+ eth_dst, eth_dst_mask,
+ vlan_id, tunnel_id,
+ goto_tbl, group_id, copy_to_cpu);
+}
+
+static int rocker_flow_set_acl(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ struct rocker_port *rocker_port = netdev_priv(dev);
+ u32 in_lport, in_lport_mask, group_id, tunnel_id;
+ __be16 vlan_id, vlan_id_mask, ethtype = 0;
+ const u8 *eth_dst, *eth_src, *eth_dst_mask, *eth_src_mask;
+ u8 protocol, protocol_mask, dscp, dscp_mask;
+ int i, flags = 0;
+
+ /* If user does not specify vid match default to any */
+ vlan_id = rocker_port->internal_vlan_id;
+ vlan_id_mask = 0;
+
+ /* If user does not specify in_lport match default to any */
+ in_lport = rocker_port->lport;
+ in_lport_mask = 0;
+
+ /* If user does not specify a mac address match any */
+ eth_dst = rocker_port->dev->dev_addr;
+ eth_src = zero_mac;
+ eth_dst_mask = NULL;
+ eth_src_mask = NULL;
+
+ /* If user does not set protocol/dscp mask them out */
+ protocol = 0;
+ dscp = 0;
+ protocol_mask = 0;
+ dscp_mask = 0;
+
+ /* Do not support for tunnel_id yet. */
+ tunnel_id = 0;
+
+ for (i = 0; rule->matches && rule->matches[i].instance; i++) {
+ switch (rule->matches[i].instance) {
+ case ROCKER_HEADER_INSTANCE_IN_LPORT:
+ in_lport = rule->matches[i].value_u32;
+ in_lport_mask = rule->matches[i].mask_u32;
+ break;
+ case ROCKER_HEADER_INSTANCE_VLAN_OUTER:
+ if (rule->matches[i].field != HEADER_VLAN_VID)
+ break;
+
+ vlan_id = htons(rule->matches[i].value_u16);
+ vlan_id_mask = htons(rule->matches[i].mask_u16);
+ break;
+ case ROCKER_HEADER_INSTANCE_ETHERNET:
+ switch (rule->matches[i].field) {
+ case HEADER_ETHERNET_SRC_MAC:
+ eth_src = (u8 *)&rule->matches[i].value_u64;
+ eth_src_mask = (u8 *)&rule->matches[i].mask_u64;
+ break;
+ case HEADER_ETHERNET_DST_MAC:
+ eth_dst = (u8 *)&rule->matches[i].value_u64;
+ eth_dst_mask = (u8 *)&rule->matches[i].mask_u64;
+ break;
+ case HEADER_ETHERNET_ETHERTYPE:
+ ethtype = htons(rule->matches[i].value_u16);
+ break;
+ default:
+ return -EINVAL;
+ }
+ break;
+ case ROCKER_HEADER_INSTANCE_IPV4:
+ switch (rule->matches[i].field) {
+ case HEADER_IPV4_PROTOCOL:
+ protocol = rule->matches[i].value_u8;
+ protocol_mask = rule->matches[i].mask_u8;
+ break;
+ case HEADER_IPV4_DSCP:
+ dscp = rule->matches[i].value_u8;
+ dscp_mask = rule->matches[i].mask_u8;
+ break;
+ default:
+ return -EINVAL;
+ }
+ default:
+ return -EINVAL;
+ }
+ }
+
+ /* By default do not copy to cpu and skip group assignment */
+ group_id = ROCKER_GROUP_NONE;
+
+ for (i = 0; rule->actions && rule->actions[i].uid; i++) {
+ switch (rule->actions[i].uid) {
+ case ROCKER_ACTION_SET_GROUP_ID:
+ group_id = rule->actions[i].args[0].value_u32;
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ return rocker_flow_tbl_acl(rocker_port, flags,
+ in_lport, in_lport_mask,
+ eth_src, eth_src_mask,
+ eth_dst, eth_dst_mask, ethtype,
+ vlan_id, vlan_id_mask,
+ protocol, protocol_mask,
+ dscp, dscp_mask,
+ group_id);
+}
+
+static int rocker_set_rules(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ int err = -EINVAL;
+
+ switch (rule->table_id) {
+ case ROCKER_FLOW_TABLE_ID_INGRESS_PORT:
+ err = rocker_flow_set_ig_port(dev, rule);
+ break;
+ case ROCKER_FLOW_TABLE_ID_VLAN:
+ err = rocker_flow_set_vlan(dev, rule);
+ break;
+ case ROCKER_FLOW_TABLE_ID_TERMINATION_MAC:
+ err = rocker_flow_set_term_mac(dev, rule);
+ break;
+ case ROCKER_FLOW_TABLE_ID_UNICAST_ROUTING:
+ err = rocker_flow_set_ucast_routing(dev, rule);
+ break;
+ case ROCKER_FLOW_TABLE_ID_MULTICAST_ROUTING:
+ err = rocker_flow_set_mcast_routing(dev, rule);
+ break;
+ case ROCKER_FLOW_TABLE_ID_BRIDGING:
+ err = rocker_flow_set_bridge(dev, rule);
+ break;
+ case ROCKER_FLOW_TABLE_ID_ACL_POLICY:
+ err = rocker_flow_set_acl(dev, rule);
+ break;
+ default:
+ break;
+ }
+
+ return err;
+}
+
+static int rocker_del_rules(struct net_device *dev,
+ struct net_flow_rule *rule)
+{
+ return -EOPNOTSUPP;
+}
#endif
static const struct net_device_ops rocker_port_netdev_ops = {
@@ -3852,6 +4268,9 @@ static const struct net_device_ops rocker_port_netdev_ops = {
.ndo_flow_get_actions = rocker_get_actions,
.ndo_flow_get_tbl_graph = rocker_get_tgraph,
.ndo_flow_get_hdr_graph = rocker_get_hgraph,
+
+ .ndo_flow_set_rule = rocker_set_rules,
+ .ndo_flow_del_rule = rocker_del_rules,
#endif
};
@@ -4084,7 +4503,7 @@ static int rocker_probe_port(struct rocker *rocker, unsigned int port_number)
err = rocker_init_flow_tables(rocker_port);
if (err) {
- dev_err(&pdev->dev, "install flow table failed\n");
+ dev_err(&pdev->dev, "install rule table failed\n");
goto err_port_ig_tbl;
}
next prev parent reply other threads:[~2015-01-20 20:29 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-20 20:26 [net-next PATCH v3 00/12] Flow API John Fastabend
2015-01-20 20:26 ` [net-next PATCH v3 01/12] net: flow_table: create interface for hw match/action tables John Fastabend
2015-01-22 4:37 ` Simon Horman
2015-01-20 20:27 ` [net-next PATCH v3 02/12] net: flow_table: add rule, delete rule John Fastabend
2015-01-20 20:27 ` [net-next PATCH v3 03/12] net: flow: implement flow cache for get routines John Fastabend
2015-01-20 20:27 ` [net-next PATCH v3 04/12] net: flow_table: create a set of common headers and actions John Fastabend
2015-01-20 20:59 ` John W. Linville
2015-01-20 22:10 ` John Fastabend
2015-01-20 20:28 ` [net-next PATCH v3 05/12] net: flow_table: add validation functions for rules John Fastabend
2015-01-20 20:28 ` [net-next PATCH v3 06/12] net: rocker: add pipeline model for rocker switch John Fastabend
2015-01-20 20:29 ` John Fastabend [this message]
2015-01-20 20:29 ` [net-next PATCH v3 08/12] net: rocker: add group_id slices and drop explicit goto John Fastabend
2015-01-20 20:30 ` [net-next PATCH v3 09/12] net: rocker: add multicast path to bridging John Fastabend
2015-01-20 20:30 ` [net-next PATCH v3 10/12] net: rocker: add cookie to group acls and use flow_id to set cookie John Fastabend
2015-01-20 20:31 ` [net-next PATCH v3 11/12] net: rocker: have flow api calls set cookie value John Fastabend
2015-01-20 20:31 ` [net-next PATCH v3 12/12] net: rocker: implement delete flow routine John Fastabend
2015-01-22 12:52 ` [net-next PATCH v3 00/12] Flow API Pablo Neira Ayuso
2015-01-22 13:37 ` Thomas Graf
2015-01-22 14:00 ` Pablo Neira Ayuso
2015-01-22 15:00 ` Jamal Hadi Salim
2015-01-22 15:13 ` Thomas Graf
2015-01-22 15:28 ` Jamal Hadi Salim
2015-01-22 15:37 ` Thomas Graf
2015-01-22 15:44 ` Jamal Hadi Salim
2015-01-23 10:10 ` Thomas Graf
2015-01-23 10:24 ` Jiri Pirko
2015-01-23 11:08 ` Thomas Graf
2015-01-23 11:39 ` Jiri Pirko
2015-01-23 12:28 ` Thomas Graf
2015-01-23 13:43 ` Jiri Pirko
2015-01-23 14:07 ` Thomas Graf
2015-01-23 15:25 ` Jiri Pirko
2015-01-23 15:43 ` John Fastabend
2015-01-23 15:56 ` Jiri Pirko
2015-01-23 15:49 ` Thomas Graf
2015-01-23 16:00 ` Jiri Pirko
2015-01-23 15:34 ` John Fastabend
2015-01-23 15:53 ` Jiri Pirko
2015-01-23 16:00 ` Thomas Graf
2015-01-23 16:08 ` John Fastabend
2015-01-23 16:16 ` Jiri Pirko
2015-01-24 13:04 ` Jamal Hadi Salim
2015-01-23 17:46 ` Thomas Graf
2015-01-23 19:59 ` John Fastabend
2015-01-23 23:16 ` Thomas Graf
2015-01-24 13:22 ` Jamal Hadi Salim
2015-01-24 13:34 ` Thomas Graf
2015-01-24 13:01 ` Jamal Hadi Salim
2015-01-26 8:26 ` Simon Horman
2015-01-26 12:26 ` Jamal Hadi Salim
2015-01-27 4:28 ` David Ahern
2015-01-27 4:58 ` Andy Gospodarek
2015-01-27 15:54 ` Jamal Hadi Salim
2015-01-24 12:36 ` Jamal Hadi Salim
2015-01-22 15:48 ` Jiri Pirko
2015-01-22 17:58 ` Thomas Graf
2015-01-22 16:49 ` Pablo Neira Ayuso
2015-01-22 17:10 ` John Fastabend
2015-01-22 17:44 ` Thomas Graf
2015-01-24 12:34 ` Jamal Hadi Salim
2015-01-24 13:48 ` Thomas Graf
2015-01-23 9:00 ` David Miller
2015-01-22 16:58 ` John Fastabend
2015-01-23 10:49 ` Thomas Graf
2015-01-23 16:42 ` John Fastabend
2015-01-24 12:29 ` Jamal Hadi Salim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150120202909.1741.1884.stgit@nitbit.x32 \
--to=john.fastabend@gmail.com \
--cc=andy@greyhouse.net \
--cc=ast@plumgrid.com \
--cc=davem@davemloft.net \
--cc=gerlitz.or@gmail.com \
--cc=jhs@mojatatu.com \
--cc=netdev@vger.kernel.org \
--cc=sfeldma@gmail.com \
--cc=simon.horman@netronome.com \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.