#
1267f722 |
|
26-Jan-2024 |
Amit Cohen <amcohen@nvidia.com> |
mlxsw: Use refcount_t for reference counting mlxsw driver uses 'unsigned int' for reference counters in several structures. Instead, use refcount_t type which allows us to catch overflow and underflow issues. Change the type of the counters and use the appropriate API. Signed-off-by: Amit Cohen <amcohen@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Simon Horman <horms@kernel.org> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
|
#
d0d449c7 |
|
11-Aug-2023 |
Ido Schimmel <idosch@nvidia.com> |
mlxsw: core_acl_flex_actions: Add IGNORE_ACTION Add the IGNORE_ACTION which is used to ignore basic switching functions such as learning on a per-packet basis. The action will be prepended to the FORWARDING_ACTION in subsequent patches. Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: Petr Machata <petrm@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
d89318bb |
|
26-Sep-2022 |
Kees Cook <keescook@chromium.org> |
mlxsw: core_acl_flex_actions: Split memcpy() of struct flow_action_cookie flexible array To work around a misbehavior of the compiler's ability to see into composite flexible array structs (as detailed in the coming memcpy() hardening series[1]), split the memcpy() of the header and the payload so no false positive run-time overflow warning will be generated. [1] https://lore.kernel.org/linux-hardening/20220901065914.1417829-2-keescook@chromium.org Cc: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Petr Machata <petrm@nvidia.com> Link: https://lore.kernel.org/r/20220927004033.1942992-1-keescook@chromium.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
#
62783827 |
|
30-Jun-2022 |
Jilin Yuan <yuanjilin@cdjrlc.com> |
mellanox/mlxsw: fix repeated words in comments Delete the redundant word 'action'. Delete the redundant word 'refer'. Delete the redundant word 'for'. Signed-off-by: Jilin Yuan <yuanjilin@cdjrlc.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
d7809b62 |
|
06-Feb-2022 |
Danielle Ratson <danieller@nvidia.com> |
mlxsw: Support FLOW_ACTION_MANGLE for SIP and DIP IPv4 addresses Spectrum-2 supports an ACL action SIP_DIP, which allows IPv4 and IPv6 source and destination addresses change. Offload suitable mangles to the IPv4 address change action. Signed-off-by: Danielle Ratson <danieller@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
e3541022 |
|
06-Feb-2022 |
Danielle Ratson <danieller@nvidia.com> |
mlxsw: core_acl_flex_actions: Add SIP_DIP_ACTION Add fields related to SIP_DIP_ACTION, which is used for changing of SIP and DIP addresses. Signed-off-by: Danielle Ratson <danieller@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
c934757d |
|
01-Dec-2021 |
Amit Cohen <amcohen@nvidia.com> |
mlxsw: Use u16 for local_port field instead of u8 Currently, local_port field is saved as u8, which means that maximum 256 ports can be used. As preparation for Spectrum-4, which will support more than 256 ports, local_port field should be extended. Save local_port as u16 to allow use of additional ports. Signed-off-by: Amit Cohen <amcohen@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
ca19ea63 |
|
16-Mar-2021 |
Ido Schimmel <idosch@nvidia.com> |
mlxsw: core_acl_flex_actions: Add mirror sampler action Add core functionality required to support mirror sampler action in the policy engine. The switch driver (e.g., 'mlxsw_spectrum') is required to implement the sampler_add() / sampler_del() callbacks that perform the necessary configuration before the sampler action can be installed. The next patch will implement it for Spectrum-{2,3}, while Spectrum-1 will return an error, given it is not supported. Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Jiri Pirko <jiri@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
deee0abc |
|
15-Jul-2020 |
Ido Schimmel <idosch@mellanox.com> |
mlxsw: core_acl_flex_actions: Add police action Add core functionality required to support police action in the policy engine. The utilized hardware policers are stored in a hash table keyed by the flow action index. This allows to support policer sharing between multiple ACL rules. Signed-off-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
#
d25b8f6e |
|
15-Jul-2020 |
Ido Schimmel <idosch@mellanox.com> |
mlxsw: core_acl_flex_actions: Work around hardware limitation In the policy engine, each ACL rule points to an action block where the ACL actions are stored. Each action block consists of one or more action sets. Each action set holds one or more individual actions, up to a maximum queried from the device. For example: Action set #1 Action set #2 +----------+ +--------------+ +--------------+ | ACL rule +----------> Action #1 | +-----> Action #4 | +----------+ +--------------+ | +--------------+ | Action #2 | | | Action #5 | +--------------+ | +--------------+ | Action #3 +------+ | | +--------------+ +--------------+ <---------+ Action block +-----------------> The hardware has a limitation that prevents a policing action (MLXSW_AFA_POLCNT_CODE when used with a policer, not a counter) from being configured in the same action set with a trap action (i.e., MLXSW_AFA_TRAP_CODE or MLXSW_AFA_TRAPWU_CODE). Note that the latter used to implement multiple actions: 'trap', 'mirred', 'drop'. Work around this limitation by teaching mlxsw_afa_block_append_action() to create a new action set not only when there is no more room left in the current set, but also when there is a conflict between previously mentioned actions. Signed-off-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
#
ce10d7d4 |
|
21-Jun-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: spectrum_acl: Support FLOW_ACTION_MANGLE for TCP, UDP ports Spectrum-2 supports an ACL action L4_PORT, which allows TCP and UDP source and destination port number change. Offload suitable mangles to this action. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
faad0525 |
|
21-Jun-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: core_acl_flex_actions: Add L4_PORT_ACTION Add fields related to L4_PORT_ACTION, which is used for changing of TCP and UDP port numbers. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
c391eb83 |
|
21-Apr-2020 |
Dan Carpenter <dan.carpenter@oracle.com> |
mlxsw: Fix some IS_ERR() vs NULL bugs The mlxsw_sp_acl_rulei_create() function is supposed to return an error pointer from mlxsw_afa_block_create(). The problem is that these functions both return NULL instead of error pointers. Half the callers expect NULL and half expect error pointers so it could lead to a NULL dereference on failure. This patch changes both of them to return error pointers and changes all the callers which checked for NULL to check for IS_ERR() instead. Fixes: 4cda7d8d7098 ("mlxsw: core: Introduce flexible actions support") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
9b4b16bb |
|
26-Mar-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: spectrum_flower: Offload FLOW_ACTION_MANGLE Offload action pedit ex munge when used with a flower classifier. Only allow setting of DSCP, ECN, or the whole DSField in IPv4 and IPv6 packets. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
50e4ee4b |
|
26-Mar-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: core: Add DSCP, ECN, dscp_rw to QOS_ACTION The QOS_ACTION is used for manipulating the QOS attributes of the packet. Add the defines and helpers related to DSCP and ECN fields, and dscp_rw. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
571ca1f1 |
|
26-Mar-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: core: Rename mlxsw_afa_qos_cmd to mlxsw_afa_qos_switch_prio_cmd The original idea was to reuse this set of actions for ECN rewrite as well, but on second look, it's not such a great idea. These two items should each have its own command. Rename the existing enum to make it obvious that it belongs to switch_prio_cmd. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
463957e3 |
|
19-Mar-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: spectrum_flower: Offload FLOW_ACTION_PRIORITY Offload action skbedit priority when keyed to a flower classifier. The skb->priority field in Linux is very generic, so only allow setting the bottom 8 priorities and bounce anything else. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
4d745f8c |
|
19-Mar-2020 |
Petr Machata <petrm@mellanox.com> |
mlxsw: core: Add QOS_ACTION The QOS_ACTION is used for manipulating the QoS attributes of a packet. Add the corresponding defines and helpers, in particular for the switch_priority override. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
6de9fcee |
|
25-Feb-2020 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: spectrum_trap: Lookup and pass cookie down to devlink_trap_report() Use the cookie index received along with the packet to lookup original flow_offload cookie binary and pass it down to devlink_trap_report(). Add "fa_cookie" metadata to the ACL trap. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
6d19d2bd |
|
25-Feb-2020 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core_acl_flex_actions: Implement flow_offload action cookie offload Track cookies coming down to driver by flow_offload. Assign a cookie_index to each unique cookie binary. Use previously defined "Trap with userdef" flex action to ask HW to pass cookie_index alongside with the dropped packets. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
ec121651 |
|
25-Feb-2020 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core_acl_flex_actions: Add trap with userdef action Expose "Trap action with userdef". It is the same as already defined "Trap action" with a difference that it would ask the policy engine to pass arbitrary value (userdef) alongside with received packets. This would be later on used to carry cookie index. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
3e6cacaf |
|
24-Feb-2020 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: acl_flex_actions: Trap all ACL dropped packets to DISCARD_*_ACL traps Introduce a new set of traps: DISCARD_INGRESS_ACL and DISCARD_EGRESS_ACL Set the trap_action from NOP to TRAP which causes the packets dropped by the TRAP action to be trapped under new trap IDs, depending on the ingress/egress binding point. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
3128f3a1 |
|
24-Feb-2020 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: spectrum_acl: Pass the ingress indication down to flex action The ACL flex action will have to know if it is in ingress or egress, so it can use correct trap ID. Pass the ingress indication down to it. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
1255ea6b |
|
23-Feb-2020 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core_acl_flex_actions: Rename Trap / Discard Action to Trap Action The Trap / Discard Action action got renamed in PRM, so rename it in the code as well. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
9948a064 |
|
09-Aug-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: Replace license text with SPDX identifiers and adjust copyrights Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
caebd1b3 |
|
03-Aug-2018 |
Nir Dotan <nird@mellanox.com> |
mlxsw: core_acl_flex_actions: Remove redundant mirror resource destruction In previous patch mlxsw_afa_resource_del() was added to avoid a duplicate resource detruction scenario. For mirror actions, such duplicate destruction leads to a crash as in: # tc qdisc add dev swp49 ingress # tc filter add dev swp49 parent ffff: \ protocol ip chain 100 pref 10 \ flower skip_sw dst_ip 192.168.101.1 action drop # tc filter add dev swp49 parent ffff: \ protocol ip pref 10 \ flower skip_sw dst_ip 192.168.101.1 action goto chain 100 \ action mirred egress mirror dev swp4 Therefore add a call to mlxsw_afa_resource_del() in mlxsw_afa_mirror_destroy() in order to clear that resource from rule's resources. Fixes: d0d13c1858a1 ("mlxsw: spectrum_acl: Add support for mirror action") Signed-off-by: Nir Dotan <nird@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
7cc61694 |
|
03-Aug-2018 |
Nir Dotan <nird@mellanox.com> |
mlxsw: core_acl_flex_actions: Remove redundant counter destruction Each tc flower rule uses a hidden count action. As counter resource may not be available due to limited HW resources, update _counter_create() and _counter_destroy() pair to follow previously introduced symmetric error condition handling, add a call to mlxsw_afa_resource_del() as part of the counter resource destruction. Fixes: c18c1e186ba8 ("mlxsw: core: Make counter index allocated inside the action append") Signed-off-by: Nir Dotan <nird@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
dda0a3a3 |
|
03-Aug-2018 |
Nir Dotan <nird@mellanox.com> |
mlxsw: core_acl_flex_actions: Remove redundant resource destruction Some ACL actions require the allocation of a separate resource prior to applying the action itself. When facing an error condition during the setup phase of the action, resource should be destroyed. For such actions the destruction was done twice which is dangerous and lead to a potential crash. The destruction took place first upon error on action setup phase and then as the rule was destroyed. The following sequence generated a crash: # tc qdisc add dev swp49 ingress # tc filter add dev swp49 parent ffff: \ protocol ip chain 100 pref 10 \ flower skip_sw dst_ip 192.168.101.1 action drop # tc filter add dev swp49 parent ffff: \ protocol ip pref 10 \ flower skip_sw dst_ip 192.168.101.1 action goto chain 100 \ action mirred egress mirror dev swp4 Therefore add mlxsw_afa_resource_del() as a complement of mlxsw_afa_resource_add() to add symmetry to resource_list membership handling. Call this from mlxsw_afa_fwd_entry_ref_destroy() to make the _fwd_entry_ref_create() and _fwd_entry_ref_destroy() pair of calls a NOP. Fixes: 140ce421217e ("mlxsw: core: Convert fwd_entry_ref list to be generic per-block resource list") Signed-off-by: Nir Dotan <nird@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
3757b255 |
|
03-Aug-2018 |
Nir Dotan <nird@mellanox.com> |
mlxsw: core_acl_flex_actions: Return error for conflicting actions Spectrum switch ACL action set is built in groups of three actions which may point to additional actions. A group holds a single record which can be set as goto record for pointing at a following group or can be set to mark the termination of the lookup. This is perfectly adequate for handling a series of actions to be executed on a packet. While the SW model allows configuration of conflicting actions where it is clear that some actions will never execute, the mlxsw driver must block such configurations as it creates a conflict over the single terminate/goto record value. For a conflicting actions configuration such as: # tc filter add dev swp49 parent ffff: \ protocol ip pref 10 \ flower skip_sw dst_ip 192.168.101.1 \ action goto chain 100 \ action mirred egress mirror dev swp4 Where it is clear that the last action will never execute, the mlxsw driver was issuing a warning instead of returning an error. Therefore replace that warning with an error for this specific case. Fixes: 4cda7d8d7098 ("mlxsw: core: Introduce flexible actions support") Signed-off-by: Nir Dotan <nird@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
9c10812a |
|
24-Jul-2018 |
Nir Dotan <nird@mellanox.com> |
mlxsw: core_acl_flex_actions: Add extack messages Return extack messages for failures in action set creation. Errors may occur when action is not currently supported or due to lack of resources. Signed-off-by: Nir Dotan <nird@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
ad7769ca |
|
24-Jul-2018 |
Nir Dotan <nird@mellanox.com> |
mlxsw: spectrum_acl: Propagate extack pointer Propagate extack pointer in order to add extack messages for ACL. In the follow-up patches, appropriate messages will be added in various points. Signed-off-by: Nir Dotan <nird@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
9912e6b8 |
|
18-Jul-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: spectrum_acl: Add initial Spectrum-2 ACL implementation Utilize only C-TCAM for now. Do very minimal A-TCAM initialization in order to make C-TCAM work. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
0f27e80a |
|
18-Jul-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: acl: Introduce activity get operation for action block/set In Spectrum-2, activity cannot be find out by TCAM rule (PTCEv2 register), but rather by associated action set. For that purpose, extend action ops to allow query activity from PEFA register. Block activity is decided according to activity of the first set. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
0317a6f4 |
|
08-Jul-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core_acl_flex_actions: Fix helper to get the first KVD linear index The helper should return always KVD linear index of the second set. It is unused now, but going to be used soon. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
5b9488fd |
|
08-Jul-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core_acl_flex_actions: Allow the first set to be dummy In Spectrum-2, the real action sets are always in KVD linear. The first set is always empty and contains only pointer to the first real set in KVD linear. So provide possibility to specify the first set is the dummy one. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
49bae2f3 |
|
09-Mar-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: spectrum: Fix gact_ok offloading For ok GACT action, TERMINATE binding_cmd should be used in action set passed down to HW. Fixes: b2925957ec1a9 ("mlxsw: spectrum_flower: Offload "ok" termination action") Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reported-by: Alexander Petrovskiy <alexpe@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
079c9f39 |
|
27-Feb-2018 |
Petr Machata <petrm@mellanox.com> |
mlxsw: spectrum: Keep mirror netdev in mlxsw_sp_span_entry Currently the only mirror action supported by mlxsw is mirror to another mlxsw physical port. Correspondingly, span_entry, which tracks each mlxsw mirror in the system, currently holds a u8 number of the destination port. To extend this system to mirror to gretap and ip6gretap netdevices, have struct mlxsw_sp_span_entry actually hold the destination netdevice itself. This change then trickles down in obvious manner to SPAN module API and mirror-related interfaces in struct mlxsw_afa_ops. To prevent use of invalid pointer, NETDEV_UNREGISTER needs to be hooked and the corresponding SPAN entry invalidated. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
98977089 |
|
27-Feb-2018 |
Petr Machata <petrm@mellanox.com> |
mlxsw: span: Remove span_entry by span_id Instead of removing span_entry by the port number, allow removing by SPAN id. That simplifies some code right here, and for mirroring to soft netdevices, avoids problems with netdevice pointer invalidation and reuse. Rename mlxsw_sp_span_entry_find() to mlxsw_sp_span_entry_find_by_port() and keep it--follow-up patches will make use of it. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
d0d13c18 |
|
19-Jan-2018 |
Arkadi Sharshevsky <arkadis@mellanox.com> |
mlxsw: spectrum_acl: Add support for mirror action Add support for mirror action. Only one mirror action can be set per rule. Signed-off-by: Arkadi Sharshevsky <arkadis@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
db0553b2 |
|
19-Jan-2018 |
Arkadi Sharshevsky <arkadis@mellanox.com> |
mlxsw: spectrum_acl: Add support for mirroring action The patch extends the trap action for mirroring. Signed-off-by: Arkadi Sharshevsky <arkadis@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
c18c1e18 |
|
19-Jan-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core: Make counter index allocated inside the action append So far, the caller of mlxsw_afa_block_append_counter needed to allocate counter index by hand. Benefit from the previously introduced resource infra and counter_index_get/put callbacks, and allocate the counter index in place where it is needed, inside the action append function. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
140ce421 |
|
19-Jan-2018 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core: Convert fwd_entry_ref list to be generic per-block resource list Since the resource list needs to be used also for other entries different to fwd_entry_ref, make the list generic. For that purpose, introduce a resource structure with couple of helpers that the code which need to store a per-block resource should use. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
26787243 |
|
03-Oct-2017 |
Yotam Gigi <yotamg@mellanox.com> |
mlxsw: acl: Introduce ACL trap and forward action Use trap/discard flex action to implement trap and forward. The action will later be used for multicast routing, as the multicast routing mechanism is done using ACL flexible actions in Spectrum hardware. Using that action, it will be possible to implement a trap-and-forward route. Signed-off-by: Yotam Gigi <yotamg@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
2a52a8c6 |
|
25-Sep-2017 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: spectrum_acl: Propagate errors from mlxsw_afa_block_jump/continue Propagate error instead of doing WARN_ON right away. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
9cb3fa94 |
|
19-Sep-2017 |
Yotam Gigi <yotamg@mellanox.com> |
mlxsw: acl: Change trap ACL action to get the trap_id as a parameter Allow the trap ACL action to be configured with different traps. This allows the multicast router offloading code to use that same ACL action with the multicast router traps. By using different traps, the multicast router can have different trap policies and can handle the packet differently. Signed-off-by: Yotam Gigi <yotamg@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
4b8a79ff |
|
19-Sep-2017 |
Yotam Gigi <yotamg@mellanox.com> |
mlxsw: acl: Introduce mcrouter ACL action The Spectrum multicast forwarding is done using an ACL action. Add the mcrouter ACL action that will be used to offload the multicast router logic. Signed-off-by: Yotam Gigi <yotamg@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
df7eea96 |
|
06-Jun-2017 |
Jiri Pirko <jiri@mellanox.com> |
acl: Introduce ACL trap action Use trap/discard flex action to implement trap. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Yotam Gigi <yotamg@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
ac44dd43 |
|
18-Apr-2017 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: spectrum: Implement action to set FID Implement part of multipurpose Virtual Router and Forwarding Domain Action that takes care of setting up FID. We need to use it to be able to forward packets using ACL action when no FID is associated on RX. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
938ab608 |
|
11-Mar-2017 |
Arkadi Sharshevsky <arkadis@mellanox.com> |
mlxsw: spectrum: Add support for Policing and Counting action block Add support for Policing and Counting action block. This action block will be used to bind counter to TCAM entries. Signed-off-by: Arkadi Sharshevsky <arkadis@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
a150201a |
|
09-Mar-2017 |
Petr Machata <petrm@mellanox.com> |
mlxsw: spectrum: Add support for vlan modify TC action Add VLAN action offloading. Invoke it from Spectrum flower handler for "vlan modify" actions. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
0c921a89 |
|
14-Feb-2017 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: acl: Use PBS type for forward action Current behaviour of "mirred redirect" action (forward) offload is a bit odd. For matched packets the action forwards them to the desired destination, but it also lets the packet duplicates to go the original way down (bridge, router, etc). That is more like "mirred mirror". Fix this by using PBS type which behaves exactly like "mirred redirect". Note that PBS does not support loopback mode. Fixes: 4cda7d8d7098 ("mlxsw: core: Introduce flexible actions support") Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
b05d0cfa |
|
08-Feb-2017 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: acl: Fix mlxsw_afa_block_commit error path No rollback is needed since the chain is in consistent state and mlxsw_afa_block_destroy() will take care of putting it away. So remove the one we have now which is wrong. Also move the set of 'finished' flag to the beginning of the function, because the block is certainly unusable for future action addition no matter if the function succeeds or not. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Fixes: 4cda7d8d7098 ("mlxsw: core: Introduce flexible actions support") Signed-off-by: Jiri Pirko <jiri@mellanox.com> Acked-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
4cda7d8d |
|
03-Feb-2017 |
Jiri Pirko <jiri@mellanox.com> |
mlxsw: core: Introduce flexible actions support Each entry which is matched during ACL lookup points to an action set. This action set contains up to three separate actions. If more actions are needed to be chained, the extended set is created to hold them in KVD linear area. This patch implements handling of sets and encoding of actions. Currectly, only two actions are supported. Drop and forward. Forward action uses PBS pointer to KVD linear area, so the action code needs to take care of this as well. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|