public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-05-24 10:39:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/drivers/net/ethernet/microchip/vcap/vcap_api_client.h

285 lines
8.4 KiB
C
Raw Normal View History

net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* SPDX-License-Identifier: GPL-2.0+ */
/* Copyright (C) 2022 Microchip Technology Inc. and its subsidiaries.
* Microchip VCAP API
*/
#ifndef __VCAP_API_CLIENT__
#define __VCAP_API_CLIENT__
#include <linux/types.h>
#include <linux/list.h>
#include <linux/netdevice.h>
#include <net/flow_offload.h>
#include "vcap_api.h"
/* Client supplied VCAP rule key control part */
struct vcap_client_keyfield_ctrl {
struct list_head list; /* For insertion into a rule */
enum vcap_key_field key;
enum vcap_field_type type;
};
struct vcap_u1_key {
u8 value;
u8 mask;
};
struct vcap_u32_key {
u32 value;
u32 mask;
};
struct vcap_u48_key {
u8 value[6];
u8 mask[6];
};
struct vcap_u56_key {
u8 value[7];
u8 mask[7];
};
struct vcap_u64_key {
u8 value[8];
u8 mask[8];
};
struct vcap_u72_key {
u8 value[9];
u8 mask[9];
};
struct vcap_u112_key {
u8 value[14];
u8 mask[14];
};
struct vcap_u128_key {
u8 value[16];
u8 mask[16];
};
/* Client supplied VCAP rule field data */
struct vcap_client_keyfield_data {
union {
struct vcap_u1_key u1;
struct vcap_u32_key u32;
struct vcap_u48_key u48;
struct vcap_u56_key u56;
struct vcap_u64_key u64;
struct vcap_u72_key u72;
struct vcap_u112_key u112;
struct vcap_u128_key u128;
};
};
/* Client supplied VCAP rule key (value, mask) */
struct vcap_client_keyfield {
struct vcap_client_keyfield_ctrl ctrl;
struct vcap_client_keyfield_data data;
};
/* Client supplied VCAP rule action control part */
struct vcap_client_actionfield_ctrl {
struct list_head list; /* For insertion into a rule */
enum vcap_action_field action;
enum vcap_field_type type;
};
struct vcap_u1_action {
u8 value;
};
struct vcap_u32_action {
u32 value;
};
struct vcap_u48_action {
u8 value[6];
};
struct vcap_u56_action {
u8 value[7];
};
struct vcap_u64_action {
u8 value[8];
};
struct vcap_u72_action {
u8 value[9];
};
struct vcap_u112_action {
u8 value[14];
};
struct vcap_u128_action {
u8 value[16];
};
struct vcap_client_actionfield_data {
union {
struct vcap_u1_action u1;
struct vcap_u32_action u32;
struct vcap_u48_action u48;
struct vcap_u56_action u56;
struct vcap_u64_action u64;
struct vcap_u72_action u72;
struct vcap_u112_action u112;
struct vcap_u128_action u128;
};
};
struct vcap_client_actionfield {
struct vcap_client_actionfield_ctrl ctrl;
struct vcap_client_actionfield_data data;
};
enum vcap_bit {
VCAP_BIT_ANY,
VCAP_BIT_0,
VCAP_BIT_1
};
net: microchip: sparx5: Add support for IS2 VCAP rule counters This adds API methods to set and get a rule counter. A VCAP instance may contain the counter as part of the VCAP cache area, and this counter may be one or more bits in width. This type of counter automatically increments it value when the rule is hit. Other VCAP instances have a dedicated counter area outside of the VCAP and in this case the rule must contain the counter id to be able to locate the counter value. In this case there must also be a rule action that updates the counter using the rule id when the rule is hit. The Sparx5 IS2 VCAP uses a dedicated counter area. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-11 14:05:17 +01:00
struct vcap_counter {
u32 value;
bool sticky;
};
net: microchip: vcap api: Use src and dst chain id to chain VCAP lookups This adds both the source and destination chain id to the information kept for enabled port lookups. This allows enabling and disabling a chain of lookups by walking the chain information for a port. This changes the way that VCAP lookups are enabled from userspace: instead of one matchall rule that enables all the 4 Sparx5 IS2 lookups, you need a matchall rule per lookup. In practice that is done by adding one matchall rule in chain 0 to goto IS2 Lookup 0, and then for each lookup you add a rule per lookup (low priority) that does a goto to the next lookup chain. Examples: If you want IS2 Lookup 0 to be enabled you add the same matchall filter as before: tc filter add dev eth12 ingress chain 0 prio 1000 handle 1000 matchall \ skip_sw action goto chain 8000000 If you also want to enable lookup 1 to 3 in IS2 and chain them you need to add the following matchall filters: tc filter add dev eth12 ingress chain 8000000 prio 1000 handle 1000 \ matchall skip_sw action goto chain 8100000 tc filter add dev eth12 ingress chain 8100000 prio 1000 handle 1000 \ matchall skip_sw action goto chain 8200000 tc filter add dev eth12 ingress chain 8200000 prio 1000 handle 1000 \ matchall skip_sw action goto chain 8300000 Signed-off-by: Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-01-14 14:42:39 +01:00
/* Enable/Disable the VCAP instance lookups */
net: microchip: sparx5: Add tc matchall filter and enable VCAP lookups Use a tc matchall rule with a goto action to the VCAP specific chain to enable the VCAP lookups. If the matchall rule is removed the VCAP lookups will be disabled again using its cookie as lookup to find the VCAP instance. To enable the Sparx5 IS2 VCAP on eth0 you would use this command: tc filter add dev eth0 ingress prio 5 handle 5 matchall \ skip_sw action goto chain 8000000 as the first lookup in IS2 has chain id 8000000 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:15 +01:00
int vcap_enable_lookups(struct vcap_control *vctrl, struct net_device *ndev,
net: microchip: vcap api: Use src and dst chain id to chain VCAP lookups This adds both the source and destination chain id to the information kept for enabled port lookups. This allows enabling and disabling a chain of lookups by walking the chain information for a port. This changes the way that VCAP lookups are enabled from userspace: instead of one matchall rule that enables all the 4 Sparx5 IS2 lookups, you need a matchall rule per lookup. In practice that is done by adding one matchall rule in chain 0 to goto IS2 Lookup 0, and then for each lookup you add a rule per lookup (low priority) that does a goto to the next lookup chain. Examples: If you want IS2 Lookup 0 to be enabled you add the same matchall filter as before: tc filter add dev eth12 ingress chain 0 prio 1000 handle 1000 matchall \ skip_sw action goto chain 8000000 If you also want to enable lookup 1 to 3 in IS2 and chain them you need to add the following matchall filters: tc filter add dev eth12 ingress chain 8000000 prio 1000 handle 1000 \ matchall skip_sw action goto chain 8100000 tc filter add dev eth12 ingress chain 8100000 prio 1000 handle 1000 \ matchall skip_sw action goto chain 8200000 tc filter add dev eth12 ingress chain 8200000 prio 1000 handle 1000 \ matchall skip_sw action goto chain 8300000 Signed-off-by: Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-01-14 14:42:39 +01:00
int from_cid, int to_cid, unsigned long cookie,
bool enable);
net: microchip: sparx5: Add tc matchall filter and enable VCAP lookups Use a tc matchall rule with a goto action to the VCAP specific chain to enable the VCAP lookups. If the matchall rule is removed the VCAP lookups will be disabled again using its cookie as lookup to find the VCAP instance. To enable the Sparx5 IS2 VCAP on eth0 you would use this command: tc filter add dev eth0 ingress prio 5 handle 5 matchall \ skip_sw action goto chain 8000000 as the first lookup in IS2 has chain id 8000000 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:15 +01:00
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* VCAP rule operations */
/* Allocate a rule and fill in the basic information */
struct vcap_rule *vcap_alloc_rule(struct vcap_control *vctrl,
struct net_device *ndev,
int vcap_chain_id,
enum vcap_user user,
u16 priority,
u32 id);
/* Free mem of a rule owned by client */
void vcap_free_rule(struct vcap_rule *rule);
/* Validate a rule before adding it to the VCAP */
int vcap_val_rule(struct vcap_rule *rule, u16 l3_proto);
/* Add rule to a VCAP instance */
int vcap_add_rule(struct vcap_rule *rule);
/* Delete rule in a VCAP instance */
int vcap_del_rule(struct vcap_control *vctrl, struct net_device *ndev, u32 id);
net: microchip: sparx5: Support for copying and modifying rules in the API This adds support for making a copy of a rule and modify keys and actions to differentiate the copy. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-23 16:25:42 +01:00
/* Make a full copy of an existing rule with a new rule id */
struct vcap_rule *vcap_copy_rule(struct vcap_rule *rule);
net: microchip: vcap: Add vcap_get_rule Add function vcap_get_rule which returns a rule based on the internal rule id. The entire functionality of reading and decoding the rule from the VCAP was inside vcap_api_debugfs file. So move the entire implementation in vcap_api as this is used also by vcap_get_rule. Signed-off-by: Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2022-12-03 11:43:45 +01:00
/* Get rule from a VCAP instance */
struct vcap_rule *vcap_get_rule(struct vcap_control *vctrl, u32 id);
net: microchip: vcap: Add vcap_mod_rule Add the function vcap_mod_rule which allows to update an existing rule in the vcap. It is required for the rule to exist in the vcap to be able to modify it. Signed-off-by: Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2022-12-03 11:43:46 +01:00
/* Update existing rule */
int vcap_mod_rule(struct vcap_rule *rule);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* Update the keyset for the rule */
int vcap_set_rule_set_keyset(struct vcap_rule *rule,
enum vcap_keyfield_set keyset);
/* Update the actionset for the rule */
int vcap_set_rule_set_actionset(struct vcap_rule *rule,
enum vcap_actionfield_set actionset);
net: microchip: sparx5: Add support for IS2 VCAP rule counters This adds API methods to set and get a rule counter. A VCAP instance may contain the counter as part of the VCAP cache area, and this counter may be one or more bits in width. This type of counter automatically increments it value when the rule is hit. Other VCAP instances have a dedicated counter area outside of the VCAP and in this case the rule must contain the counter id to be able to locate the counter value. In this case there must also be a rule action that updates the counter using the rule id when the rule is hit. The Sparx5 IS2 VCAP uses a dedicated counter area. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-11 14:05:17 +01:00
/* Set a rule counter id (for certain VCAPs only) */
void vcap_rule_set_counter_id(struct vcap_rule *rule, u32 counter_id);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* VCAP rule field operations */
int vcap_rule_add_key_bit(struct vcap_rule *rule, enum vcap_key_field key,
enum vcap_bit val);
int vcap_rule_add_key_u32(struct vcap_rule *rule, enum vcap_key_field key,
u32 value, u32 mask);
int vcap_rule_add_key_u48(struct vcap_rule *rule, enum vcap_key_field key,
struct vcap_u48_key *fieldval);
net: microchip: sparx5: Adding port keyset config and callback interface This provides a default port keyset configuration for the Sparx5 IS2 VCAP where all ports and all lookups in IS2 use the same keyset (MAC_ETYPE) for all types of traffic. This means that no matter what frame type is received on any front port it will generate the MAC_ETYPE keyset in the IS VCAP and any rule in the IS2 VCAP that uses this keyset will be matched against the keys in the MAC_ETYPE keyset. The callback interface used by the VCAP API is populated with Sparx5 specific handler functions that takes care of the actual reading and writing to data to the Sparx5 IS2 VCAP instance. A few functions are also added to the VCAP API to support addition of rule fields such as the ingress port mask and the lookup bit. The IS2 VCAP in Sparx5 is really divided in two instances with lookup 0 and 1 in the first instance and lookup 2 and 3 in the second instance. The lookup bit selects lookup 0 or 3 in the respective instance when it is set. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:09:00 +02:00
int vcap_rule_add_key_u72(struct vcap_rule *rule, enum vcap_key_field key,
struct vcap_u72_key *fieldval);
net: microchip: sparx5: Adding more tc flower keys for the IS2 VCAP This adds the following TC flower filter keys to Sparx5 for IS2: - ipv4_addr (sip and dip) - ipv6_addr (sip and dip) - control (IPv4 fragments) - portnum (tcp and udp port numbers) - basic (L3 and L4 protocol) - vlan (outer vlan tag info) - tcp (tcp flags) - ip (tos field) as well as an 128 bit keyfield interface on the VCAP API to set the IPv6 addresses. IS2 supports the classified VLAN information which amounts to the outer VLAN info in case of multiple tags. Here are some examples of the tc flower filter operations that are now supported for the IS2 VCAP: - IPv4 Addresses tc filter add dev eth12 ingress chain 8000000 prio 12 handle 12 \ protocol ip flower skip_sw dst_ip 1.0.1.1 src_ip 2.0.2.2 \ action trap action goto chain 81000000 - IPv6 Addresses tc filter add dev eth12 ingress chain 8000000 prio 13 handle 13 \ protocol ipv6 flower skip_sw dst_ip 1::1:1 src_ip 2::2:2 \ action trap action goto chain 81000000 - IPv4 fragments tc filter add dev eth12 ingress chain 8000000 prio 14 handle 14 \ protocol ip flower skip_sw dst_ip 3.0.3.3 src_ip 2.0.2.2 \ ip_flags frag/nofirstfrag action trap action goto chain 81000000 - TCP and UDP portnumbers tc filter add dev eth12 ingress chain 8000000 prio 21 handle 21 \ protocol ip flower skip_sw dst_ip 8.8.8.8 src_ip 2.0.2.2 \ ip_proto tcp dst_port 100 src_port 12000 action trap action goto chain 81000000 tc filter add dev eth12 ingress chain 8000000 prio 23 handle 23 \ protocol ipv6 flower skip_sw dst_ip 5::5:5 src_ip 2::2:2 \ ip_proto tcp dst_port 300 src_port 13000 action trap action goto chain 81000000 - Layer 3 and Layer 4 protocol info tc filter add dev eth12 ingress chain 8000000 prio 28 handle 28 \ protocol ipv4 flower skip_sw dst_ip 9.0.9.9 src_ip 2.0.2.2 \ ip_proto icmp action trap action goto chain 81000000 - VLAN tag info (outer tag) tc filter add dev eth12 ingress chain 8000000 prio 29 handle 29 \ protocol 802.1q flower skip_sw vlan_id 600 vlan_prio 6 \ vlan_ethtype ipv4 action trap action goto chain 81000000 tc filter add dev eth12 ingress chain 8000000 prio 31 handle 31 \ protocol 802.1q flower skip_sw vlan_id 600 vlan_prio 5 \ vlan_ethtype ipv6 action trap action goto chain 81000000 - TCP flags tc filter add dev eth12 ingress chain 8000000 prio 15 handle 15 \ protocol ip flower skip_sw dst_ip 4.0.4.4 src_ip 2.0.2.2 \ ip_proto tcp tcp_flags 0x2a/0x3f action trap action goto chain 81000000 - IP info (IPv4 TOS field) tc filter add dev eth12 ingress chain 8000000 prio 16 handle 16 \ protocol ip flower skip_sw ip_tos 0x35 dst_ip 5.0.5.5 \ src_ip 2.0.2.2 action trap action goto chain 81000000 Notes: - The "protocol all" selection is not supported yet. - The MAC address rule now needs to use non-ip and non "protocol all". Here is an example: tc filter add dev eth12 ingress chain 8000000 prio 10 handle 10 \ protocol 0xbeef flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap action goto chain 81000000 - The VLAN rules use classified VLAN information, and to get the classification information into the frame metadata, the ingress port need to be added to a bridge with the VID and vlan filtering enabled, like this (using VID 600 and four ports eth12, eth13, eth14 and eth15): ip link add name br5 type bridge ip link set dev br5 up ip link set eth12 master br5 ip link set eth13 master br5 ip link set eth14 master br5 ip link set eth15 master br5 sysctl -w net.ipv6.conf.eth12.disable_ipv6=1 sysctl -w net.ipv6.conf.eth13.disable_ipv6=1 sysctl -w net.ipv6.conf.eth14.disable_ipv6=1 sysctl -w net.ipv6.conf.eth15.disable_ipv6=1 sysctl -w net.ipv6.conf.br5.disable_ipv6=1 ip link set dev br5 type bridge vlan_filtering 1 bridge vlan add dev eth12 vid 600 bridge vlan add dev eth13 vid 600 bridge vlan add dev eth14 vid 600 bridge vlan add dev eth15 vid 600 bridge vlan add dev br5 vid 600 self Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:10 +01:00
int vcap_rule_add_key_u128(struct vcap_rule *rule, enum vcap_key_field key,
struct vcap_u128_key *fieldval);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
int vcap_rule_add_action_bit(struct vcap_rule *rule,
enum vcap_action_field action, enum vcap_bit val);
int vcap_rule_add_action_u32(struct vcap_rule *rule,
enum vcap_action_field action, u32 value);
net: sparx5: add support for tc flower mirred action. Add support for tc flower mirred action. Two VCAP actions are encoded in the rule - one for the port mask, and one for the port mask mode. When the rule is hit, the destination mask is OR'ed with the port mask. Also add new VCAP function for supporting 72-bit wide actions, and a tc helper for setting the port forwarding mask. Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2024-04-05 09:44:49 +02:00
int vcap_rule_add_action_u72(struct vcap_rule *rule, enum vcap_action_field action,
struct vcap_u72_action *fieldval);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
net: microchip: sparx5: Provide rule count, key removal and keyset select This provides these 3 functions in the VCAP API: - Count the number of rules in a VCAP lookup (chain) - Remove a key from a VCAP rule - Find the keyset that gives the smallest rule list from a list of keysets Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-03-07 14:41:00 +01:00
/* Get number of rules in a vcap instance lookup chain id range */
int vcap_admin_rule_count(struct vcap_admin *admin, int cid);
net: microchip: sparx5: Add support for IS2 VCAP rule counters This adds API methods to set and get a rule counter. A VCAP instance may contain the counter as part of the VCAP cache area, and this counter may be one or more bits in width. This type of counter automatically increments it value when the rule is hit. Other VCAP instances have a dedicated counter area outside of the VCAP and in this case the rule must contain the counter id to be able to locate the counter value. In this case there must also be a rule action that updates the counter using the rule id when the rule is hit. The Sparx5 IS2 VCAP uses a dedicated counter area. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-11 14:05:17 +01:00
/* VCAP rule counter operations */
net: microchip: sparx5: Add support for rule count by cookie This adds support for TC clients to get the packet count for a TC filter identified by its cookie. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-01-17 09:55:40 +01:00
int vcap_get_rule_count_by_cookie(struct vcap_control *vctrl,
struct vcap_counter *ctr, u64 cookie);
net: microchip: sparx5: Add support for IS2 VCAP rule counters This adds API methods to set and get a rule counter. A VCAP instance may contain the counter as part of the VCAP cache area, and this counter may be one or more bits in width. This type of counter automatically increments it value when the rule is hit. Other VCAP instances have a dedicated counter area outside of the VCAP and in this case the rule must contain the counter id to be able to locate the counter value. In this case there must also be a rule action that updates the counter using the rule id when the rule is hit. The Sparx5 IS2 VCAP uses a dedicated counter area. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-11 14:05:17 +01:00
int vcap_rule_set_counter(struct vcap_rule *rule, struct vcap_counter *ctr);
int vcap_rule_get_counter(struct vcap_rule *rule, struct vcap_counter *ctr);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* VCAP lookup operations */
net: microchip: sparx5: Find VCAP lookup from chain id Add a helper function that finds the lookup index in a VCAP instance from the chain id. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:11 +01:00
/* Convert a chain id to a VCAP lookup index */
int vcap_chain_id_to_lookup(struct vcap_admin *admin, int cur_cid);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* Lookup a vcap instance using chain id */
struct vcap_admin *vcap_find_admin(struct vcap_control *vctrl, int cid);
net: microchip: sparx5: Adding port keyset config and callback interface This provides a default port keyset configuration for the Sparx5 IS2 VCAP where all ports and all lookups in IS2 use the same keyset (MAC_ETYPE) for all types of traffic. This means that no matter what frame type is received on any front port it will generate the MAC_ETYPE keyset in the IS VCAP and any rule in the IS2 VCAP that uses this keyset will be matched against the keys in the MAC_ETYPE keyset. The callback interface used by the VCAP API is populated with Sparx5 specific handler functions that takes care of the actual reading and writing to data to the Sparx5 IS2 VCAP instance. A few functions are also added to the VCAP API to support addition of rule fields such as the ingress port mask and the lookup bit. The IS2 VCAP in Sparx5 is really divided in two instances with lookup 0 and 1 in the first instance and lookup 2 and 3 in the second instance. The lookup bit selects lookup 0 or 3 in the respective instance when it is set. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:09:00 +02:00
/* Find information on a key field in a rule */
const struct vcap_field *vcap_lookup_keyfield(struct vcap_rule *rule,
enum vcap_key_field key);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* Find a rule id with a provided cookie */
int vcap_lookup_rule_by_cookie(struct vcap_control *vctrl, u64 cookie);
net: microchip: sparx5: Add TC filter chaining support for IS0 and IS2 VCAPs This allows rules to be chained between VCAP instances, e.g. from IS0 Lookup 0 to IS0 Lookup 1, or from one of the IS0 Lookups to one of the IS2 Lookups. Chaining from an IS2 Lookup to another IS2 Lookup is not supported in the hardware. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2023-01-24 11:45:08 +01:00
/* Calculate the value used for chaining VCAP rules */
int vcap_chain_offset(struct vcap_control *vctrl, int from_cid, int to_cid);
net: microchip: sparx5: Adding TC goto action and action checking Add support for a goto action and ensure that a HW offloaded TC flower filter has a valid goto action and that pass and trap actions are not both used in the same filter. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:12 +01:00
/* Is the next chain id in the following lookup, possible in another VCAP */
bool vcap_is_next_lookup(struct vcap_control *vctrl, int cur_cid, int next_cid);
net: microchip: vcap api: Check chains when adding a tc flower filter This changes the way the chain information verified when adding a new tc flower filter. When adding a flower filter it is now checked that the filter contains a goto action to one of the IS2 VCAP lookups, except for the last lookup which may omit this goto action. It is also checked if you attempt to add multiple matchall filters to enable the same VCAP lookup. This will be rejected. Signed-off-by: Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-01-14 14:42:40 +01:00
/* Is this chain id the last lookup of all VCAPs */
net: microchip: sparx5: Add ingress information to VCAP instance This allows the check of the goto action to be specific to the ingress and egress VCAP instances. The debugfs support is also updated to show this information. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-01-27 14:08:28 +01:00
bool vcap_is_last_chain(struct vcap_control *vctrl, int cid, bool ingress);
net: microchip: sparx5: Support for copying and modifying rules in the API This adds support for making a copy of a rule and modify keys and actions to differentiate the copy. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-23 16:25:42 +01:00
/* Match a list of keys against the keysets available in a vcap type */
bool vcap_rule_find_keysets(struct vcap_rule *rule,
struct vcap_keyset_list *matches);
/* Return the keyset information for the keyset */
const struct vcap_set *vcap_keyfieldset(struct vcap_control *vctrl,
enum vcap_type vt,
enum vcap_keyfield_set keyset);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
/* Copy to host byte order */
void vcap_netbytes_copy(u8 *dst, u8 *src, int count);
net: sparx5: Correct spelling in comments Correct spelling in comments, as flagged by codespell. Signed-off-by: Simon Horman <horms@kernel.org> Reviewed-by: Daniel Machon <daniel.machon@microchip.com> Link: https://lore.kernel.org/r/20240424-lan743x-confirm-v2-4-f0480542e39f@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-04-24 16:13:26 +01:00
/* Convert validation error code into tc extack error message */
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
void vcap_set_tc_exterr(struct flow_cls_offload *fco, struct vcap_rule *vrule);
net: microchip: sparx5: Adding basic rule management in VCAP API This provides most of the rule handling needed to add a new rule to a VCAP. To add a rule a client must follow these steps: 1) Allocate a new rule (provide an id or get one automatically assigned) 2) Add keys to the rule 3) Add actions to the rule 4) Optionally set a keyset on the rule 5) Optionally set an actionset on the rule 6) Validate the rule (this will add keyset and actionset if not specified in the previous steps) 7) Add the rule (if the validation was successful) 8) Free the rule instance (a copy has been added to the VCAP) The validation step will fail if there are no keysets with the requested keys, or there are no actionsets with the requested actions. The validation will also fail if the keyset is not configured for the port for the requested protocol). Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:09:01 +02:00
/* Cleanup a VCAP instance */
int vcap_del_rules(struct vcap_control *vctrl, struct vcap_admin *admin);
net: microchip: sparx5: Match keys in configured port keysets This tries to match the keys in a rule with the keysets supported by the VCAP instance, and generate a list of keysets. This list is then validated against the list of keysets that is currently selected for the lookups (per port) in the VCAP configuration. The Sparx5 IS2 only has one actionset, so there is no actionset matching performed for now. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:13 +01:00
/* Add a keyset to a keyset list */
bool vcap_keyset_list_add(struct vcap_keyset_list *keysetlist,
enum vcap_keyfield_set keyset);
net: microchip: sparx5: Support for copying and modifying rules in the API This adds support for making a copy of a rule and modify keys and actions to differentiate the copy. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-23 16:25:42 +01:00
/* Drop keys in a keylist and any keys that are not supported by the keyset */
int vcap_filter_rule_keys(struct vcap_rule *rule,
enum vcap_key_field keylist[], int length,
bool drop_unsupported);
net: microchip: sparx5: Match keys in configured port keysets This tries to match the keys in a rule with the keysets supported by the VCAP instance, and generate a list of keysets. This list is then validated against the list of keysets that is currently selected for the lookups (per port) in the VCAP configuration. The Sparx5 IS2 only has one actionset, so there is no actionset matching performed for now. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-09 12:41:13 +01:00
/* map keyset id to a string with the keyset name */
const char *vcap_keyset_name(struct vcap_control *vctrl,
enum vcap_keyfield_set keyset);
/* map key field id to a string with the key name */
const char *vcap_keyfield_name(struct vcap_control *vctrl,
enum vcap_key_field key);
net: microchip: sparx5: Support for copying and modifying rules in the API This adds support for making a copy of a rule and modify keys and actions to differentiate the copy. Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-11-23 16:25:42 +01:00
/* Modify a 32 bit key field with value and mask in the rule */
int vcap_rule_mod_key_u32(struct vcap_rule *rule, enum vcap_key_field key,
u32 value, u32 mask);
/* Modify a 32 bit action field with value in the rule */
int vcap_rule_mod_action_u32(struct vcap_rule *rule,
enum vcap_action_field action,
u32 value);
net: microchip: vcap: Add vcap_rule_get_key_u32 Add the function vcap_rule_get_key_u32 which allows to get the value and the mask of a key that exist on the rule. If the key doesn't exist, it would return error. Signed-off-by: Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2022-12-03 11:43:47 +01:00
/* Get a 32 bit key field value and mask from the rule */
int vcap_rule_get_key_u32(struct vcap_rule *rule, enum vcap_key_field key,
u32 *value, u32 *mask);
sparx5: add support for configuring PSFP via tc Add support for tc actions gate and police, in order to implement support for configuring PSFP through tc. Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-02-02 11:43:55 +01:00
net: microchip: sparx5: Provide rule count, key removal and keyset select This provides these 3 functions in the VCAP API: - Count the number of rules in a VCAP lookup (chain) - Remove a key from a VCAP rule - Find the keyset that gives the smallest rule list from a list of keysets Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-03-07 14:41:00 +01:00
/* Remove a key field with value and mask in the rule */
int vcap_rule_rem_key(struct vcap_rule *rule, enum vcap_key_field key);
/* Select the keyset from the list that results in the smallest rule size */
enum vcap_keyfield_set
vcap_select_min_rule_keyset(struct vcap_control *vctrl, enum vcap_type vtype,
struct vcap_keyset_list *kslist);
sparx5: add support for configuring PSFP via tc Add support for tc actions gate and police, in order to implement support for configuring PSFP through tc. Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2023-02-02 11:43:55 +01:00
struct vcap_client_actionfield *
vcap_find_actionfield(struct vcap_rule *rule, enum vcap_action_field act);
net: microchip: sparx5: Adding initial tc flower support for VCAP API This adds initial TC flower filter support to Sparx5 for the IS2 VCAP. The support consists of the source and destination MAC addresses, and the trap and pass actions. This is how you can create a rule that test the functionality: tc qdisc add dev eth0 clsact tc filter add dev eth0 ingress chain 8000000 prio 10 handle 10 \ protocol all flower skip_sw \ dst_mac 0a:0b:0c:0d:0e:0f \ src_mac 2:0:0:0:0:1 \ action trap The IS2 chains in Sparx5 are assigned like this: - chain 8000000: IS2 Lookup 0 - chain 8100000: IS2 Lookup 1 - chain 8200000: IS2 Lookup 2 - chain 8300000: IS2 Lookup 3 Signed-off-by: Steen Hegelund <steen.hegelund@microchip.com> Tested-by: Casper Andersson <casper.casan@gmail.com> Reviewed-by: Casper Andersson <casper.casan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2022-10-20 15:08:59 +02:00
#endif /* __VCAP_API_CLIENT__ */
Reference in a new issue Copy permalink