Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3f7496aa authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'mlx5-sriov-updates' 



Saeed Mahameed says:

====================
Mellanox 100G ethernet SRIOV Upgrades

This series introduces new features and upgrades for mlx5 etherenet SRIOV,
while the first patch provides a bug fixes for a compilation issue introduced
buy the previous aRFS series for when CONFIG_RFS_ACCEL=y and CONFIG_MLX5_CORE_EN=n.

Changes from V0:
    - 1st patch: Don't add a new Kconfig flag.  Instead, compile out en_arfs.c \
contents when CONFIG_RFS_ACCEL=n

SRIOV upgrades:
    - Use synchronize_irq instead of the vport events spin_lock
    - Fix memory leak in error flow
    - Added full VST support
    - Spoofcheck support
    - Trusted VF promiscuous and allmulti support

VST and Spoofcheck in details:
    - Adding Low level firmware commands support for creating ACLs
     (Access Control Lists) Flow tables.  ACLs are regular flow tables with
     the only exception that they are bound to a specific e-Switch vport (VF)
     and they can be one of two types
        > egress ACL: filters traffic going from e-Switch to VF.
        > ingress ACL: filters traffic going from VF to e-Switch.
    - Ingress/Egress ACLs (per vport) for VF VST mode filtering.
    - Ingress/Egress ACLs (per vport) for VF spoofcheck filtering.
    - Ingress/Egress ACLs (per vport) configuration:
        > Created only when at least one of (VST, spoofcheck) is configured.
	> if (!spoofchk && !vst) allow all traffic.  i.e. no ACLs.
        > if (spoofchk && vst) allow only untagged traffic with smac=original mac \
                sent from the VF.
        > if (spoofchk && !vst) allow only traffic with smac=original mac sent from \
the VF.  > if (!spoofchk && vst) allow only untagged traffic.

Trusted VF promiscuous and allmulti support in details:
    - Added two flow groups for allmulti and promisc VFs to the e-Switch FDB table
        > Allmulti group: One rule that forwards any mcast traffic coming from
                          either uplink or VFs/PF vports.
        > Promisc group: One rule that forwards all unmatched traffic coming from \
                uplink.
    - Add vport context change event handling for promisc and allmulti
      If VF is trusted respect the request and:
        > if allmulti request: add the vport to the allmulti group.
          and to all other L2 mcast address in the FDB table.
        > if promisc request: add the vport to the promisc group.
        > Note: A promisc VF can only see traffic that was not explicitly matched to
                or requested by any other VF.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 27540247 1edc57e2

drivers/net/ethernet/mellanox/mlx5/core/Makefile

+1 −2
Original line number Diff line number Diff line
@@ -6,7 +6,6 @@ mlx5_core-y := main.o cmd.o debugfs.o fw.o eq.o uar.o pagealloc.o \ 


mlx5_core-$(CONFIG_MLX5_CORE_EN) += wq.o eswitch.o \

		en_main.o en_fs.o en_ethtool.o en_tx.o en_rx.o \

		en_txrx.o en_clock.o vxlan.o en_tc.o

		en_txrx.o en_clock.o vxlan.o en_tc.o en_arfs.o



mlx5_core-$(CONFIG_MLX5_CORE_EN_DCB) +=  en_dcbnl.o
 
mlx5_core-$(CONFIG_RFS_ACCEL) +=  en_arfs.o

drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c

+3 −0
Original line number Diff line number Diff line
@@ -30,6 +30,8 @@ 
 * SOFTWARE.

 */



#ifdef CONFIG_RFS_ACCEL



#include <linux/hash.h>

#include <linux/mlx5/fs.h>

#include <linux/ip.h>
@@ -747,3 +749,4 @@ int mlx5e_rx_flow_steer(struct net_device *dev, const struct sk_buff *skb, 
	spin_unlock_bh(&arfs->arfs_lock);

	return arfs_rule->filter_id;

}

#endif

drivers/net/ethernet/mellanox/mlx5/core/en_main.c

+17 −0
Original line number Diff line number Diff line
@@ -2438,6 +2438,21 @@ static int mlx5e_set_vf_vlan(struct net_device *dev, int vf, u16 vlan, u8 qos) 
					   vlan, qos);

}



static int mlx5e_set_vf_spoofchk(struct net_device *dev, int vf, bool setting)

{

	struct mlx5e_priv *priv = netdev_priv(dev);

	struct mlx5_core_dev *mdev = priv->mdev;



	return mlx5_eswitch_set_vport_spoofchk(mdev->priv.eswitch, vf + 1, setting);

}



static int mlx5e_set_vf_trust(struct net_device *dev, int vf, bool setting)

{

	struct mlx5e_priv *priv = netdev_priv(dev);

	struct mlx5_core_dev *mdev = priv->mdev;



	return mlx5_eswitch_set_vport_trust(mdev->priv.eswitch, vf + 1, setting);

}

static int mlx5_vport_link2ifla(u8 esw_link)

{

	switch (esw_link) {
@@ -2607,6 +2622,8 @@ static const struct net_device_ops mlx5e_netdev_ops_sriov = { 
#endif

	.ndo_set_vf_mac          = mlx5e_set_vf_mac,

	.ndo_set_vf_vlan         = mlx5e_set_vf_vlan,

	.ndo_set_vf_spoofchk     = mlx5e_set_vf_spoofchk,

	.ndo_set_vf_trust        = mlx5e_set_vf_trust,

	.ndo_get_vf_config       = mlx5e_get_vf_config,

	.ndo_set_vf_link_state   = mlx5e_set_vf_link_state,

	.ndo_get_vf_stats        = mlx5e_get_vf_stats,

drivers/net/ethernet/mellanox/mlx5/core/eswitch.c

+918 −58

File changed.

Preview size limit exceeded, changes collapsed.

drivers/net/ethernet/mellanox/mlx5/core/eswitch.h

+38 −5
Original line number Diff line number Diff line
@@ -88,18 +88,40 @@ struct l2addr_node { 
	kfree(ptr);                                         \

})



struct vport_ingress {

	struct mlx5_flow_table *acl;

	struct mlx5_flow_group *allow_untagged_spoofchk_grp;

	struct mlx5_flow_group *allow_spoofchk_only_grp;

	struct mlx5_flow_group *allow_untagged_only_grp;

	struct mlx5_flow_group *drop_grp;

	struct mlx5_flow_rule  *allow_rule;

	struct mlx5_flow_rule  *drop_rule;

};



struct vport_egress {

	struct mlx5_flow_table *acl;

	struct mlx5_flow_group *allowed_vlans_grp;

	struct mlx5_flow_group *drop_grp;

	struct mlx5_flow_rule  *allowed_vlan;

	struct mlx5_flow_rule  *drop_rule;

};



struct mlx5_vport {

	struct mlx5_core_dev    *dev;

	int                     vport;

	struct hlist_head       uc_list[MLX5_L2_ADDR_HASH_SIZE];

	struct hlist_head       mc_list[MLX5_L2_ADDR_HASH_SIZE];

	struct mlx5_flow_rule   *promisc_rule;

	struct mlx5_flow_rule   *allmulti_rule;

	struct work_struct      vport_change_handler;



	/* This spinlock protects access to vport data, between

	 * "esw_vport_disable" and ongoing interrupt "mlx5_eswitch_vport_event"

	 * once vport marked as disabled new interrupts are discarded.

	 */

	spinlock_t              lock; /* vport events sync */

	struct vport_ingress    ingress;

	struct vport_egress     egress;



	u16                     vlan;

	u8                      qos;

	bool                    spoofchk;

	bool                    trusted;

	bool                    enabled;

	u16                     enabled_events;

};
@@ -113,6 +135,8 @@ struct mlx5_l2_table { 
struct mlx5_eswitch_fdb {

	void *fdb;

	struct mlx5_flow_group *addr_grp;

	struct mlx5_flow_group *allmulti_grp;

	struct mlx5_flow_group *promisc_grp;

};



struct mlx5_eswitch {
@@ -124,6 +148,11 @@ struct mlx5_eswitch { 
	struct mlx5_vport       *vports;

	int                     total_vports;

	int                     enabled_vports;

	/* Synchronize between vport change events

	 * and async SRIOV admin state changes

	 */

	struct mutex            state_lock;

	struct esw_mc_addr      *mc_promisc;

};



/* E-Switch API */
@@ -138,6 +167,10 @@ int mlx5_eswitch_set_vport_state(struct mlx5_eswitch *esw, 
				 int vport, int link_state);

int mlx5_eswitch_set_vport_vlan(struct mlx5_eswitch *esw,

				int vport, u16 vlan, u8 qos);

int mlx5_eswitch_set_vport_spoofchk(struct mlx5_eswitch *esw,

				    int vport, bool spoofchk);

int mlx5_eswitch_set_vport_trust(struct mlx5_eswitch *esw,

				 int vport_num, bool setting);

int mlx5_eswitch_get_vport_config(struct mlx5_eswitch *esw,

				  int vport, struct ifla_vf_info *ivi);

int mlx5_eswitch_get_vport_stats(struct mlx5_eswitch *esw,