/* * Copyright (c) 2016, Mellanox Technologies. All rights reserved. * * This software is available to you under a choice of one of two * licenses. You may choose to be licensed under the terms of the GNU * General Public License (GPL) Version 2, available from the file * COPYING in the main directory of this source tree, or the * OpenIB.org BSD license below: * * Redistribution and use in source and binary forms, with or * without modification, are permitted provided that the following * conditions are met: * * - Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * - Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. #include <net/flow_dissector.h>#include <net/flow_offload.h>#include <net/sch_generic.h>#include <net/pkt_cls.h>#include <linux/mlx5/fs.h>#include <linux/mlx5/device.h>#include <linux/rhashtable.h>#include <linux/refcount.h>#include <linux/completion.h>#include <net/arp.h>#include <net/ipv6_stubs.h>#include <net/bareudp.h>#include <net/bonding.h>#include <net/dst_metadata.h>#include "devlink.h" #include "en.h" #include "en/tc/post_act.h" #include "en/tc/act_stats.h" #include "en_rep.h" #include "en/rep/tc.h" #include "en/rep/neigh.h" #include "en_tc.h" #include "eswitch.h" #include "fs_core.h" #include "en/port.h" #include "en/tc_tun.h" #include "en/mapping.h" #include "en/tc_ct.h" #include "en/mod_hdr.h" #include "en/tc_tun_encap.h" #include "en/tc/sample.h" #include "en/tc/act/act.h" #include "en/tc/post_meter.h" #include "lib/devcom.h" #include "lib/geneve.h" #include "lib/fs_chains.h" #include "diag/en_tc_tracepoint.h" #include <asm /div64.h>#include "lag/lag.h" #include "lag/mp.h" #define MLX5E_TC_TABLE_NUM_GROUPS 4#define MLX5E_TC_TABLE_MAX_GROUP_SIZE BIT(18)struct mlx5e_tc_table {/* Protects the dynamic assignment of the t parameter * which is the nic tc root table. struct mutex t_lock;struct mlx5e_priv *priv;struct mlx5_flow_table *t;struct mlx5_flow_table *miss_t;struct mlx5_fs_chains *chains;struct mlx5e_post_act *post_act;struct rhashtable ht;struct mod_hdr_tbl mod_hdr;struct mutex hairpin_tbl_lock; /* protects hairpin_tbl */ struct notifier_block netdevice_nb;struct netdev_net_notifier netdevice_nn;struct mlx5_tc_ct_priv *ct;struct mapping_ctx *mapping;struct dentry *dfs_root;/* tc action stats */ struct mlx5e_tc_act_stats_handle *action_stats_handle;struct mlx5e_tc_attr_to_reg_mapping mlx5e_tc_attr_to_reg_mappings[] = {/* For NIC rules we store the restore metadata directly * into reg_b that is passed to SW since we don't * jump between steering domains. struct mlx5e_tc_jump_state {bool jump_target;struct mlx5_flow_attr *jumping_attr;enum flow_action_id last_id;struct mlx5e_tc_table *mlx5e_tc_table_alloc(void )struct mlx5e_tc_table *tc;sizeof (*tc), GFP_KERNEL);return tc ? tc : ERR_PTR(-ENOMEM);void mlx5e_tc_table_free(struct mlx5e_tc_table *tc)struct mlx5_fs_chains *mlx5e_nic_chains(struct mlx5e_tc_table *tc)return tc->chains;/* To avoid false lock dependency warning set the tc_ht lock * class different than the lock class of the ht being used when deleting * last flow from a group and then deleting a group, we get into del_sw_flow_group() * which call rhashtable_destroy on fg->ftes_hash which will take ht->mutex but * it's different than the ht->mutex here. static struct lock_class_key tc_ht_lock_key;static struct lock_class_key tc_ht_wq_key;static void mlx5e_put_flow_tunnel_id(struct mlx5e_tc_flow *flow);static void free_flow_post_acts(struct mlx5e_tc_flow *flow);static void mlx5_free_flow_attr_actions(struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr);void struct mlx5_flow_spec *spec,enum mlx5e_tc_attr_to_reg type,void *headers_c = spec->match_criteria, *headers_v = spec->match_value, *fmask, *fval;int soffset = mlx5e_tc_attr_to_reg_mappings[type].soffset;int moffset = mlx5e_tc_attr_to_reg_mappings[type].moffset;int match_len = mlx5e_tc_attr_to_reg_mappings[type].mlen;//move to correct offset //zero val and mask //add current to mask //back to be32 and write void struct mlx5_flow_spec *spec,enum mlx5e_tc_attr_to_reg type,void *headers_c = spec->match_criteria, *headers_v = spec->match_value, *fmask, *fval;int soffset = mlx5e_tc_attr_to_reg_mappings[type].soffset;int moffset = mlx5e_tc_attr_to_reg_mappings[type].moffset;int match_len = mlx5e_tc_attr_to_reg_mappings[type].mlen;int struct mlx5_core_dev *mdev,struct mlx5e_tc_mod_hdr_acts *mod_hdr_acts,enum mlx5_flow_namespace_type ns,enum mlx5e_tc_attr_to_reg type,int moffset = mlx5e_tc_attr_to_reg_mappings[type].moffset;int mfield = mlx5e_tc_attr_to_reg_mappings[type].mfield;int mlen = mlx5e_tc_attr_to_reg_mappings[type].mlen;char *modact;int err;if (IS_ERR(modact))return PTR_ERR(modact);/* Firmware has 5bit length field and 0 means 32bits */ if (mlen == 32)return err;static struct mlx5e_tc_act_stats_handle *struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;if (is_mdev_switchdev_mode(priv->mdev)) {return uplink_priv->action_stats_handle;return tc->action_stats_handle;struct mlx5e_tc_int_port_priv *struct mlx5e_priv *priv)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;if (is_mdev_switchdev_mode(priv->mdev)) {return uplink_priv->int_port_priv;return NULL;struct mlx5e_flow_meters *struct mlx5_core_dev *dev)struct mlx5_eswitch *esw = dev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;struct mlx5e_priv *priv;if (is_mdev_switchdev_mode(dev)) {if (!uplink_priv->flow_meters)if (!IS_ERR(uplink_priv->flow_meters))return uplink_priv->flow_meters;return NULL;static struct mlx5_tc_ct_priv *struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;if (is_mdev_switchdev_mode(priv->mdev)) {return uplink_priv->ct_priv;return tc->ct;static struct mlx5e_tc_psample *struct mlx5e_priv *priv)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;if (is_mdev_switchdev_mode(priv->mdev)) {return uplink_priv->tc_psample;return NULL;static struct mlx5e_post_act *struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;if (is_mdev_switchdev_mode(priv->mdev)) {return uplink_priv->post_act;return tc->post_act;struct mlx5_flow_handle *struct mlx5e_priv *priv,struct mlx5_flow_spec *spec,struct mlx5_flow_attr *attr)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;if (is_mdev_switchdev_mode(priv->mdev))return mlx5_eswitch_add_offloaded_rule(esw, spec, attr);return mlx5e_add_offloaded_nic_rule(priv, spec, attr);void struct mlx5e_priv *priv,struct mlx5_flow_handle *rule,struct mlx5_flow_attr *attr)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;if (is_mdev_switchdev_mode(priv->mdev)) {return ;static bool struct mlx5_flow_attr *attr)return (((attr->action & MLX5_FLOW_CONTEXT_ACTION_EXECUTE_ASO) &&static int struct mlx5e_priv *priv,struct mlx5_flow_attr *attr)struct mlx5e_post_act *post_act = get_post_action(priv);struct mlx5e_post_meter_priv *post_meter;enum mlx5_flow_namespace_type ns_type;struct mlx5e_flow_meter_handle *meter;enum mlx5e_post_meter_type type;if (IS_ERR(post_act))return PTR_ERR(post_act);if (IS_ERR(meter)) {"Failed to get flow meter\n" );return PTR_ERR(meter);if (IS_ERR(post_meter)) {"Failed to init post meter\n" );goto err_meter_init;return 0;return PTR_ERR(post_meter);static void struct mlx5_eswitch *esw, struct mlx5_flow_attr *attr)struct mlx5_flow_handle *struct mlx5e_priv *priv,struct mlx5_flow_spec *spec,struct mlx5_flow_attr *attr)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;int err;if (!is_mdev_switchdev_mode(priv->mdev))return mlx5e_add_offloaded_nic_rule(priv, spec, attr);if (attr->flags & MLX5_ATTR_FLAG_SAMPLE)return mlx5e_tc_sample_offload(get_sample_priv(priv), spec, attr);if (is_flow_meter_action(attr)) {if (err)return ERR_PTR(err);return mlx5_eswitch_add_offloaded_rule(esw, spec, attr);void struct mlx5e_priv *priv,struct mlx5_flow_handle *rule,struct mlx5_flow_attr *attr)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;if (!is_mdev_switchdev_mode(priv->mdev)) {return ;if (attr->flags & MLX5_ATTR_FLAG_SAMPLE) {return ;if (attr->meter_attr.meter)int struct mlx5_core_dev *mdev,struct mlx5e_tc_mod_hdr_acts *mod_hdr_acts,enum mlx5_flow_namespace_type ns,enum mlx5e_tc_attr_to_reg type,int ret = mlx5e_tc_match_to_reg_set_and_get_id(mdev, mod_hdr_acts, ns, type, data);return ret < 0 ? ret : 0;void mlx5e_tc_match_to_reg_mod_hdr_change(struct mlx5_core_dev *mdev,struct mlx5e_tc_mod_hdr_acts *mod_hdr_acts,enum mlx5e_tc_attr_to_reg type,int act_id, u32 data)int moffset = mlx5e_tc_attr_to_reg_mappings[type].moffset;int mfield = mlx5e_tc_attr_to_reg_mappings[type].mfield;int mlen = mlx5e_tc_attr_to_reg_mappings[type].mlen;char *modact;/* Firmware has 5bit length field and 0 means 32bits */ if (mlen == 32)struct mlx5e_hairpin {struct mlx5_hairpin *pair;struct mlx5_core_dev *func_mdev;struct mlx5e_priv *func_priv;struct mlx5e_tir direct_tir;int num_channels;struct mlx5e_rqt indir_rqt;struct mlx5e_tir indir_tir[MLX5E_NUM_INDIR_TIRS];struct mlx5_ttc_table *ttc;struct mlx5e_hairpin_entry {/* a node of a hash table which keeps all the hairpin entries */ struct hlist_node hairpin_hlist;/* protects flows list */ /* flows sharing the same hairpin */ struct list_head flows;/* hpe's that were not fully initialized when dead peer update event * function traversed them. struct list_head dead_peer_wait_list;struct mlx5e_hairpin *hp;struct completion res_ready;static void mlx5e_tc_del_flow(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow);struct mlx5e_tc_flow *mlx5e_flow_get(struct mlx5e_tc_flow *flow)if (!flow || !refcount_inc_not_zero(&flow->refcnt))return ERR_PTR(-EINVAL);return flow;void mlx5e_flow_put(struct mlx5e_priv *priv, struct mlx5e_tc_flow *flow)if (refcount_dec_and_test(&flow->refcnt)) {bool mlx5e_is_eswitch_flow(struct mlx5e_tc_flow *flow)return flow_flag_test(flow, ESWITCH);bool mlx5e_is_ft_flow(struct mlx5e_tc_flow *flow)return flow_flag_test(flow, FT);bool mlx5e_is_offloaded_flow(struct mlx5e_tc_flow *flow)return flow_flag_test(flow, OFFLOADED);int mlx5e_get_flow_namespace(struct mlx5e_tc_flow *flow)return mlx5e_is_eswitch_flow(flow) ?static struct mlx5_core_dev *struct mlx5e_tc_flow *flow)return mlx5e_is_eswitch_flow(flow) ? flow->attr->esw_attr->counter_dev : flow->priv->mdev;static struct mod_hdr_tbl *struct mlx5e_priv *priv, struct mlx5e_tc_flow *flow)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;return mlx5e_get_flow_namespace(flow) == MLX5_FLOW_NAMESPACE_FDB ?int mlx5e_tc_attach_mod_hdr(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr)struct mlx5e_mod_hdr_handle *mh;if (IS_ERR(mh))return PTR_ERR(mh);return 0;void mlx5e_tc_detach_mod_hdr(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr)/* flow wasn't fully initialized */ if (!attr->mh)return ;static struct mlx5_core_dev *mlx5e_hairpin_get_mdev(struct net *net, int ifindex)struct mlx5_core_dev *mdev;struct net_device *netdev;struct mlx5e_priv *priv;if (!netdev)return ERR_PTR(-ENODEV);/* Mirred tc action holds a refcount on the ifindex net_device (see * net/sched/act_mirred.c:tcf_mirred_get_dev). So, it's okay to continue using mdev * after dev_put(netdev), while we're in the context of adding a tc flow. * * The mdev pointer corresponds to the peer/out net_device of a hairpin. It is then * stored in a hairpin object, which exists until all flows, that refer to it, get * removed. * * On the other hand, after a hairpin object has been created, the peer net_device may * be removed/unbound while there are still some hairpin flows that are using it. This * case is handled by mlx5e_tc_hairpin_update_dead_peer, which is hooked to * NETDEV_UNREGISTER event of the peer net_device. return mdev;static int mlx5e_hairpin_create_transport(struct mlx5e_hairpin *hp)struct mlx5e_tir_builder *builder;int err;false );if (!builder)return -ENOMEM;if (err)goto out;false );if (err)goto create_tir_err;return err;goto out;static void mlx5e_hairpin_destroy_transport(struct mlx5e_hairpin *hp)static int mlx5e_hairpin_create_indirect_rqt(struct mlx5e_hairpin *hp)struct mlx5e_priv *priv = hp->func_priv;struct mlx5_core_dev *mdev = priv->mdev;struct mlx5e_rss_params_indir indir;int err;if (err)return err;return err;static int mlx5e_hairpin_create_indirect_tirs(struct mlx5e_hairpin *hp)struct mlx5e_priv *priv = hp->func_priv;struct mlx5e_rss_params_hash rss_hash;enum mlx5_traffic_types tt, max_tt;struct mlx5e_tir_builder *builder;int err = 0;false );if (!builder)return -ENOMEM;for (tt = 0; tt < MLX5E_NUM_INDIR_TIRS; tt++) {struct mlx5e_rss_params_traffic_type rss_tt;false );false );false );if (err) {"create indirect tirs failed, %d\n" , err);goto err_destroy_tirs;return err;for (tt = 0; tt < max_tt; tt++)goto out;static void mlx5e_hairpin_destroy_indirect_tirs(struct mlx5e_hairpin *hp)int tt;for (tt = 0; tt < MLX5E_NUM_INDIR_TIRS; tt++)static void mlx5e_hairpin_set_ttc_params(struct mlx5e_hairpin *hp,struct ttc_params *ttc_params)struct mlx5_flow_table_attr *ft_attr = &ttc_params->ft_attr;int tt;sizeof (*ttc_params));for (tt = 0; tt < MLX5_NUM_TT; tt++) {static int mlx5e_hairpin_rss_init(struct mlx5e_hairpin *hp)struct mlx5e_priv *priv = hp->func_priv;struct ttc_params ttc_params;struct mlx5_ttc_table *ttc;int err;if (err)return err;if (err)goto err_create_indirect_tirs;if (IS_ERR(hp->ttc)) {goto err_create_ttc_table;false );"add hairpin: using %d channels rss ttc table id %x\n" ,return 0;return err;static void mlx5e_hairpin_rss_cleanup(struct mlx5e_hairpin *hp)static struct mlx5e_hairpin *struct mlx5e_priv *priv, struct mlx5_hairpin_params *params,int peer_ifindex)struct mlx5_core_dev *func_mdev, *peer_mdev;struct mlx5e_hairpin *hp;struct mlx5_hairpin *pair;int err;sizeof (*hp), GFP_KERNEL);if (!hp)return ERR_PTR(-ENOMEM);if (IS_ERR(peer_mdev)) {goto create_pair_err;if (IS_ERR(pair)) {goto create_pair_err;if (err)goto create_transport_err;if (hp->num_channels > 1) {if (err)goto rss_init_err;return hp;return ERR_PTR(err);static void mlx5e_hairpin_destroy(struct mlx5e_hairpin *hp)if (hp->num_channels > 1)static inline u32 hash_hairpin_info(u16 peer_vhca_id, u8 prio)return (peer_vhca_id << 16 | prio);static struct mlx5e_hairpin_entry *mlx5e_hairpin_get(struct mlx5e_priv *priv,struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5e_hairpin_entry *hpe;if (hpe->peer_vhca_id == peer_vhca_id && hpe->prio == prio) {return hpe;return NULL;static void mlx5e_hairpin_put(struct mlx5e_priv *priv,struct mlx5e_hairpin_entry *hpe)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);/* no more hairpin flows for us, release the hairpin pair */ if (!refcount_dec_and_mutex_lock(&hpe->refcnt, &tc->hairpin_tbl_lock))return ;if (!IS_ERR_OR_NULL(hpe->hp)) {"del hairpin: peer %s\n" ,#define UNKNOWN_MATCH_PRIO 8static int mlx5e_hairpin_get_prio(struct mlx5e_priv *priv,struct mlx5_flow_spec *spec, u8 *match_prio,struct netlink_ext_ack *extack)void *headers_c, *headers_v;bool vlan_present;#ifdef CONFIG_MLX5_CORE_EN_DCBif (priv->dcbx_dp.trust_state != MLX5_QPTS_TRUST_PCP) {"only PCP trust state supported for hairpin" );return -EOPNOTSUPP;#endif if (vlan_present) {if (!vlan_present || !prio_mask) {else if (prio_mask != 0x7) {"masked priority match not supported for hairpin" );return -EOPNOTSUPP;return 0;static int debugfs_hairpin_num_active_get(void *data, u64 *val)struct mlx5e_tc_table *tc = data;struct mlx5e_hairpin_entry *hpe;return 0;"%llu\n" );static int debugfs_hairpin_table_dump_show(struct seq_file *file, void *priv)struct mlx5e_tc_table *tc = file->private ;struct mlx5e_hairpin_entry *hpe;"Hairpin peer_vhca_id %u prio %u refcnt %u num_channels %u num_packets %lu\n" ,return 0;static void mlx5e_tc_debugfs_init(struct mlx5e_tc_table *tc,struct dentry *dfs_root)if (IS_ERR_OR_NULL(dfs_root))return ;"tc" , dfs_root);"hairpin_num_active" , 0444, tc->dfs_root, tc,"hairpin_table_dump" , 0444, tc->dfs_root, tc,static int mlx5e_hairpin_flow_add(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5e_tc_flow_parse_attr *parse_attr,struct netlink_ext_ack *extack)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct devlink *devlink = priv_to_devlink(priv->mdev);int peer_ifindex = parse_attr->mirred_ifindex[0];union devlink_param_value val = {};struct mlx5_hairpin_params params;struct mlx5_core_dev *peer_mdev;struct mlx5e_hairpin_entry *hpe;struct mlx5e_hairpin *hp;int err;if (IS_ERR(peer_mdev)) {"invalid ifindex of mirred device" );return PTR_ERR(peer_mdev);if (!MLX5_CAP_GEN(priv->mdev, hairpin) || !MLX5_CAP_GEN(peer_mdev, hairpin)) {"hairpin is not supported" );return -EOPNOTSUPP;if (err)return err;if (hpe) {if (IS_ERR(hpe->hp)) {goto out_err;goto attach_flow;sizeof (*hpe), GFP_KERNEL);if (!hpe) {return -ENOMEM;if (err) {goto out_err;if (err) {goto out_err;if (IS_ERR(hp)) {goto out_err;"add hairpin: tirn %x rqn %x peer %s sqn %x prio %d (log) data %d packets %d\n" ,if (hpe->hp->num_channels > 1) {else {return 0;return err;static void mlx5e_hairpin_flow_del(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow)/* flow wasn't fully initialized */ if (!flow->hpe)return ;struct mlx5_flow_handle *struct mlx5e_priv *priv,struct mlx5_flow_spec *spec,struct mlx5_flow_attr *attr)struct mlx5_flow_context *flow_context = &spec->flow_context;struct mlx5e_vlan_table *vlan = mlx5e_fs_get_vlan(priv->fs);struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_nic_flow_attr *nic_attr = attr->nic_attr;struct mlx5_flow_destination dest[2] = {};struct mlx5_fs_chains *nic_chains;struct mlx5_flow_act flow_act = {struct mlx5_flow_handle *rule;struct mlx5_flow_table *ft;int dest_ix = 0;if (attr->dest_ft) {else if (nic_attr->hairpin_ft) {else if (nic_attr->hairpin_tirn) {else if (attr->action & MLX5_FLOW_CONTEXT_ACTION_FWD_DEST) {if (attr->dest_chain) {if (IS_ERR(dest[dest_ix].ft))return ERR_CAST(dest[dest_ix].ft);else {if (dest[0].type == MLX5_FLOW_DESTINATION_TYPE_FLOW_TABLE &&if (flow_act.action & MLX5_FLOW_CONTEXT_ACTION_COUNT) {if (attr->action & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR)if (IS_ERR_OR_NULL(tc->t)) {/* Create the root table here if doesn't exist yet */ if (IS_ERR(tc->t)) {"Failed to create tc offload table\n" );goto err_ft_get;if (attr->chain || attr->prio)else if (IS_ERR(ft)) {goto err_ft_get;if (attr->outer_match_level != MLX5_MATCH_NONE)if (IS_ERR(rule))goto err_rule;return rule;if (attr->chain || attr->prio)if (attr->dest_chain)return ERR_CAST(rule);static int struct mlx5_core_dev *counter_dev,struct mlx5_flow_attr *attr)struct mlx5_fc *counter;true );if (IS_ERR(counter))return PTR_ERR(counter);return 0;static int struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct netlink_ext_ack *extack)struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5_flow_attr *attr = flow->attr;struct mlx5_core_dev *dev = priv->mdev;int err;if (flow_flag_test(flow, HAIRPIN)) {if (err)return err;if (attr->action & MLX5_FLOW_CONTEXT_ACTION_COUNT) {if (err)return err;if (attr->action & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR) {if (err)return err;return PTR_ERR_OR_ZERO(flow->rule[0]);void mlx5e_del_offloaded_nic_rule(struct mlx5e_priv *priv,struct mlx5_flow_handle *rule,struct mlx5_flow_attr *attr)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_fs_chains *nic_chains;if (attr->chain || attr->prio)if (attr->dest_chain)static void mlx5e_tc_del_nic_flow(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_flow_attr *attr = flow->attr;if (!IS_ERR_OR_NULL(flow->rule[0]))/* Remove root table if no rules are left to avoid * extra steering hops. if (!mlx5e_tc_num_filters(priv, MLX5_TC_FLAG(NIC_OFFLOAD)) &&if (attr->action & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR) {if (attr->action & MLX5_FLOW_CONTEXT_ACTION_COUNT)if (flow_flag_test(flow, HAIRPIN))struct mlx5_flow_handle *struct mlx5_eswitch *esw,struct mlx5e_tc_flow *flow,struct mlx5_flow_spec *spec,struct mlx5_flow_attr *attr)struct mlx5_flow_handle *rule;if (attr->flags & MLX5_ATTR_FLAG_SLOW_PATH)return mlx5_eswitch_add_offloaded_rule(esw, spec, attr);if (IS_ERR(rule))return rule;if (attr->esw_attr->split_count) {if (IS_ERR(flow->rule[1]))goto err_rule1;return rule;return flow->rule[1];void mlx5e_tc_unoffload_fdb_rules(struct mlx5_eswitch *esw,struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr)if (attr->flags & MLX5_ATTR_FLAG_SLOW_PATH)return mlx5_eswitch_del_offloaded_rule(esw, flow->rule[0], attr);if (attr->esw_attr->split_count)struct mlx5_flow_handle *struct mlx5_eswitch *esw,struct mlx5e_tc_flow *flow,struct mlx5_flow_spec *spec)struct mlx5e_tc_mod_hdr_acts mod_acts = {};struct mlx5e_mod_hdr_handle *mh = NULL;struct mlx5_flow_attr *slow_attr;struct mlx5_flow_handle *rule;bool fwd_and_modify_cap;int err;if (!slow_attr)return ERR_PTR(-ENOMEM);le);if (!fwd_and_modify_cap)goto skip_restore;if (err)goto err_get_chain;if (err)goto err_reg_set;if (IS_ERR(mh)) {goto err_attach;if (IS_ERR(rule)) {goto err_offload;return rule;if (fwd_and_modify_cap)if (fwd_and_modify_cap)return ERR_PTR(err);void mlx5e_tc_unoffload_from_slow_path(struct mlx5_eswitch *esw,struct mlx5e_tc_flow *flow)struct mlx5e_mod_hdr_handle *slow_mh = flow->attr->slow_mh;struct mlx5_flow_attr *slow_attr;if (!slow_attr) {"Unable to alloc attr to unoffload slow path rule\n" );return ;if (slow_mh) {if (slow_mh) {/* Caller must obtain uplink_priv->unready_flows_lock mutex before calling this * function. static void unready_flow_add(struct mlx5e_tc_flow *flow,struct list_head *unready_flows)/* Caller must obtain uplink_priv->unready_flows_lock mutex before calling this * function. static void unready_flow_del(struct mlx5e_tc_flow *flow)static void add_unready_flow(struct mlx5e_tc_flow *flow)struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *rpriv;struct mlx5_eswitch *esw;static void remove_unready_flow(struct mlx5e_tc_flow *flow)struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *rpriv;struct mlx5_eswitch *esw;if (flow_flag_test(flow, NOT_READY))bool mlx5e_tc_is_vf_tunnel(struct net_device *out_dev, struct net_device *route_dev)struct mlx5_core_dev *out_mdev, *route_mdev;struct mlx5e_priv *out_priv, *route_priv;if (out_mdev->coredev_type != MLX5_COREDEV_PF)return false ;if (route_mdev->coredev_type != MLX5_COREDEV_VF &&return false ;return mlx5e_same_hw_devs(out_priv, route_priv);int mlx5e_tc_query_route_vport(struct net_device *out_dev, struct net_device *route_dev, u16 *vport)struct mlx5e_priv *out_priv, *route_priv;struct mlx5_core_dev *route_mdev;struct mlx5_devcom_comp_dev *pos;struct mlx5_eswitch *esw;int err;if (!err)return err;if (!mlx5_lag_is_active(out_priv->mdev))return err;if (!err)break ;return err;static int struct netlink_ext_ack *extack)if (!(actions &"Rule must have at least one forward/drop action" );return -EOPNOTSUPP;if (!(~actions &"Rule cannot support forward+drop action" );return -EOPNOTSUPP;if (actions & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR &&"Drop with modify header action is not supported" );return -EOPNOTSUPP;return 0;static bool struct mlx5_flow_attr *attr)struct mlx5_esw_flow_attr *esw_attr = attr->esw_attr;int out_index;for (out_index = 0; out_index < MLX5_MAX_FLOW_FWD_VPORTS; out_index++)if (esw_attr->dests[out_index].flags & MLX5_ESW_DEST_ENCAP)return true ;return false ;static int struct mlx5e_tc_flow *flow, struct mlx5_flow_attr *attr)bool int_dest = false , ext_dest = false ;struct mlx5_esw_flow_attr *esw_attr;int i;if (flow->attr != attr ||return 0;if (!esw_attr->split_count ||return 0;if (esw_attr->dest_int_port &&return esw_attr->split_count + 1;for (i = esw_attr->split_count; i < esw_attr->out_count; i++) {/* external dest with encap is considered as internal by firmware */ if (esw_attr->dests[i].vport == MLX5_VPORT_UPLINK &&true ;else true ;if (ext_dest && int_dest)return esw_attr->split_count;return 0;static int struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr, int split_count)struct mlx5e_post_act *post_act = get_post_action(flow->priv);struct mlx5e_tc_flow_parse_attr *parse_attr, *parse_attr2;struct mlx5_esw_flow_attr *esw_attr, *esw_attr2;struct mlx5e_post_act_handle *handle;struct mlx5_flow_attr *attr2;int i, j, err;if (IS_ERR(post_act))return PTR_ERR(post_act);sizeof (*parse_attr), GFP_KERNEL);if (!attr2 || !parse_attr2) {goto err_free;if (IS_ERR(handle)) {goto err_free;for (i = split_count, j = 0; i < esw_attr->out_count; i++, j++)if (err)goto err_post_act_offload;if (err)goto err_post_act_set_handle;return 0;return err;static int struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr,struct netlink_ext_ack *extack)int extra_split;bool vf_tun;int err = 0;if (err)goto err_out;if (mlx5e_is_eswitch_flow(flow) && has_encap_dests(attr)) {if (err)goto err_out;if (extra_split > 0) {if (err)goto err_out;if (attr->action & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR) {if (err)goto err_out;if (attr->branch_true &&if (err)goto err_out;if (attr->branch_false &&if (err)goto err_out;if (attr->action & MLX5_FLOW_CONTEXT_ACTION_COUNT) {if (err)goto err_out;return err;static int struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct netlink_ext_ack *extack)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5_flow_attr *attr = flow->attr;struct mlx5_esw_flow_attr *esw_attr;int err = 0;/* We check chain range only for tc flows. * For ft flows, we checked attr->chain was originally 0 and set it to * FDB_FT_CHAIN which is outside tc range. * See mlx5e_rep_setup_ft_cb(). if (!mlx5e_is_ft_flow(flow) && attr->chain > max_chain) {"Requested chain is out of supported range" );goto err_out;if (attr->prio > max_prio) {"Requested priority is out of supported range" );goto err_out;if (flow_flag_test(flow, TUN_RX)) {if (err)goto err_out;if (!attr->chain && esw_attr->int_port &&/* If decap route device is internal port, change the * source vport value in reg_c0 back to uplink just in * case the rule performs goto chain > 0. If we have a miss * on chain > 0 we want the metadata regs to hold the * chain id so SW will resume handling of this packet * from the proper chain. if (err)goto err_out;if (flow_flag_test(flow, L3_TO_L2_DECAP)) {if (err)goto err_out;if (netif_is_ovs_master(parse_attr->filter_dev)) {struct mlx5e_tc_int_port *int_port;if (attr->chain) {"Internal port rule is only supported on chain 0" );goto err_out;if (attr->dest_chain) {"Internal port rule offload doesn't support goto action" );goto err_out;if (IS_ERR(int_port)) {goto err_out;if (err)goto err_out;if (err)goto err_out;/* we get here if one of the following takes place: * (1) there's no error * (2) there's an encap action and we don't have valid neigh if (flow_flag_test(flow, SLOW))else if (IS_ERR(flow->rule[0])) {goto err_out;return 0;return err;static bool mlx5_flow_has_geneve_opt(struct mlx5_flow_spec *spec)void *headers_v = MLX5_ADDR_OF(fte_match_param,return !!geneve_tlv_opt_0_data;static void free_branch_attr(struct mlx5e_tc_flow *flow, struct mlx5_flow_attr *attr)if (!attr)return ;static void mlx5e_tc_del_fdb_flow(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_flow_attr *attr = flow->attr;if (mlx5e_is_offloaded_flow(flow)) {if (flow_flag_test(flow, SLOW))else if (mlx5_flow_has_geneve_opt(&attr->parse_attr->spec))if (flow->decap_route)if (flow_flag_test(flow, L3_TO_L2_DECAP))if (flow->extra_split_attr) {struct mlx5_fc *mlx5e_tc_get_counter(struct mlx5e_tc_flow *flow)struct mlx5_flow_attr *attr;struct mlx5_flow_attr, list);return attr->counter;/* Iterate over tmp_list of flows attached to flow_list head. */ void mlx5e_put_flow_list(struct mlx5e_priv *priv, struct list_head *flow_list)struct mlx5e_tc_flow *flow, *tmp;static void mlx5e_tc_del_fdb_peer_flow(struct mlx5e_tc_flow *flow,int peer_index)struct mlx5_eswitch *esw = flow->priv->mdev->priv.eswitch;struct mlx5e_tc_flow *peer_flow;struct mlx5e_tc_flow *tmp;if (!flow_flag_test(flow, ESWITCH) ||return ;if (peer_index != mlx5_get_dev_index(peer_flow->priv->mdev))continue ;if (refcount_dec_and_test(&peer_flow->refcnt)) {if (list_empty(&flow->peer_flows))static void mlx5e_tc_del_fdb_peers_flow(struct mlx5e_tc_flow *flow)int i;for (i = 0; i < MLX5_MAX_PORTS; i++) {if (i == mlx5_get_dev_index(flow->priv->mdev))continue ;static void mlx5e_tc_del_flow(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow)if (mlx5e_is_eswitch_flow(flow)) {struct mlx5_devcom_comp_dev *devcom = flow->priv->mdev->priv.eswitch->devcom;if (!mlx5_devcom_for_each_peer_begin(devcom)) {return ;else {static bool flow_requires_tunnel_mapping(u32 chain, struct flow_cls_offload *f)struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct flow_action *flow_action = &rule->action;const struct flow_action_entry *act;int i;if (chain)return false ;switch (act->id) {case FLOW_ACTION_GOTO:return true ;case FLOW_ACTION_SAMPLE:return true ;default :continue ;return false ;static int struct mlx5e_priv *priv,struct flow_dissector_key_enc_opts *opts,struct netlink_ext_ack *extack,bool *dont_care)struct geneve_opt *opt;int off = 0;true ;while (opts->len > off) {struct geneve_opt *)&opts->data[off];if (!(*dont_care) || opt->opt_class || opt->type ||false ;if (opt->opt_class != htons(U16_MAX) ||"Partial match of tunnel options in chain > 0 isn't supported" );"Partial match of tunnel options in chain > 0 isn't supported" );return -EOPNOTSUPP;sizeof (struct geneve_opt) + opt->length * 4;return 0;#define COPY_DISSECTOR(rule, diss_key, dst)\struct flow_rule *__rule = (rule);\sizeof (*__dst));\static int mlx5e_get_flow_tunnel_id(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct flow_cls_offload *f,struct net_device *filter_dev)struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct netlink_ext_ack *extack = f->common.extack;struct mlx5e_tc_mod_hdr_acts *mod_hdr_acts;struct flow_match_enc_opts enc_opts_match;struct tunnel_match_enc_opts tun_enc_opts;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5_flow_attr *attr = flow->attr;struct mlx5e_rep_priv *uplink_rpriv;struct tunnel_match_key tunnel_key;bool enc_opts_is_dont_care = true ;struct mlx5_eswitch *esw;int err;sizeof (tunnel_key));if (tunnel_key.enc_control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS)else if (err)return err;if (err)goto err_enc_opts;if (!enc_opts_is_dont_care) {sizeof (tun_enc_opts));sizeof (*enc_opts_match.key));sizeof (*enc_opts_match.mask));if (err)goto err_enc_opts;if (attr->chain) {else {if (err)goto err_set;return 0;if (enc_opts_id)return err;static void mlx5e_put_flow_tunnel_id(struct mlx5e_tc_flow *flow)struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;struct mlx5_eswitch *esw;if (tun_id)if (enc_opts_id)void mlx5e_tc_set_ethertype(struct mlx5_core_dev *mdev,struct flow_match_basic *match, bool outer,void *headers_c, void *headers_v)bool ip_version_cap;if (ip_version_cap && match->mask->n_proto == htons(0xFFFF) &&else {struct mlx5_flow_spec *spec, bool outer)void *headers_v;if (outer)else /* Return ip_version converted from ethertype anyway */ if (!ip_version) {if (ethertype == ETH_P_IP || ethertype == ETH_P_ARP)else if (ethertype == ETH_P_IPV6)return ip_version;/* Tunnel device follows RFC 6040, see include/net/inet_ecn.h. * And changes inner ip_ecn depending on inner and outer ip_ecn as follows: * +---------+----------------------------------------+ * |Arriving | Arriving Outer Header | * | Inner +---------+---------+---------+----------+ * | Header | Not-ECT | ECT(0) | ECT(1) | CE | * +---------+---------+---------+---------+----------+ * | Not-ECT | Not-ECT | Not-ECT | Not-ECT | <drop> | * | ECT(0) | ECT(0) | ECT(0) | ECT(1) | CE* | * | ECT(1) | ECT(1) | ECT(1) | ECT(1)* | CE* | * | CE | CE | CE | CE | CE | * +---------+---------+---------+---------+----------+ * * Tc matches on inner after decapsulation on tunnel device, but hw offload matches * the inner ip_ecn value before hardware decap action. * * Cells marked are changed from original inner packet ip_ecn value during decap, and * so matching those values on inner ip_ecn before decap will fail. * * The following helper allows offload when inner ip_ecn won't be changed by outer ip_ecn, * except for the outer ip_ecn = CE, where in all cases inner ip_ecn will be changed to CE, * and such we can drop the inner ip_ecn=CE match. static int mlx5e_tc_verify_tunnel_ecn(struct mlx5e_priv *priv,struct flow_cls_offload *f,bool *match_inner_ecn)struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct netlink_ext_ack *extack = f->common.extack;struct flow_match_ip match;true ;if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_ENC_IP)) {if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_IP)) {if (outer_ecn_mask != 0 && outer_ecn_mask != INET_ECN_MASK) {"Partial match on enc_tos ecn bits isn't supported" );"Partial match on enc_tos ecn bits isn't supported" );return -EOPNOTSUPP;if (!outer_ecn_mask) {if (!inner_ecn_mask)return 0;"Matching on tos ecn bits without also matching enc_tos ecn bits isn't supported" );"Matching on tos ecn bits without also matching enc_tos ecn bits isn't supported" );return -EOPNOTSUPP;if (inner_ecn_mask && inner_ecn_mask != INET_ECN_MASK) {"Partial match on tos ecn bits with match on enc_tos ecn bits isn't supported" );"Partial match on tos ecn bits with match on enc_tos ecn bits isn't supported" );return -EOPNOTSUPP;if (!inner_ecn_mask)return 0;/* Both inner and outer have full mask on ecn */ if (outer_ecn_key == INET_ECN_ECT_1) {/* inner ecn might change by DECAP action */ "Match on enc_tos ecn = ECT(1) isn't supported" );"Match on enc_tos ecn = ECT(1) isn't supported" );return -EOPNOTSUPP;if (outer_ecn_key != INET_ECN_CE)return 0;if (inner_ecn_key != INET_ECN_CE) {/* Can't happen in software, as packet ecn will be changed to CE after decap */ "Match on tos enc_tos ecn = CE while match on tos ecn != CE isn't supported" );"Match on tos enc_tos ecn = CE while match on tos ecn != CE isn't supported" );return -EOPNOTSUPP;/* outer ecn = CE, inner ecn = CE, as decap will change inner ecn to CE in anycase, * drop match on inner ecn false ;return 0;static int parse_tunnel_attr(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5_flow_spec *spec,struct flow_cls_offload *f,struct net_device *filter_dev,bool *match_inner)struct mlx5e_tc_tunnel *tunnel = mlx5e_get_tc_tun(filter_dev);struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct netlink_ext_ack *extack = f->common.extack;bool needs_mapping, sets_mapping;int err;if (!mlx5e_is_eswitch_flow(flow)) {"Match on tunnel is not supported" );return -EOPNOTSUPP;if ((needs_mapping || sets_mapping) &&"Chains on tunnel devices isn't supported without register loopback support" );"Chains on tunnel devices isn't supported without register loopback support" );return -EOPNOTSUPP;if (!flow->attr->chain) {if (err) {"Failed to parse tunnel attributes" );"Failed to parse tunnel attributes" );return err;/* With mpls over udp we decapsulate using packet reformat * object if (!netif_is_bareudp(filter_dev))if (err)return err;else if (tunnel) {struct mlx5_flow_spec *tmp_spec;sizeof (*tmp_spec), GFP_KERNEL);if (!tmp_spec) {"Failed to allocate memory for tunnel tmp spec" );"Failed to allocate memory for tunnel tmp spec" );return -ENOMEM;sizeof (*tmp_spec));if (err) {"Failed to parse tunnel attributes" );"Failed to parse tunnel attributes" );else {if (mlx5_flow_has_geneve_opt(tmp_spec))if (err)return err;if (!needs_mapping && !sets_mapping)return 0;return mlx5e_get_flow_tunnel_id(priv, flow, f, filter_dev);static void *get_match_inner_headers_criteria(struct mlx5_flow_spec *spec)return MLX5_ADDR_OF(fte_match_param, spec->match_criteria,static void *get_match_inner_headers_value(struct mlx5_flow_spec *spec)return MLX5_ADDR_OF(fte_match_param, spec->match_value,static void *get_match_outer_headers_criteria(struct mlx5_flow_spec *spec)return MLX5_ADDR_OF(fte_match_param, spec->match_criteria,static void *get_match_outer_headers_value(struct mlx5_flow_spec *spec)return MLX5_ADDR_OF(fte_match_param, spec->match_value,void *mlx5e_get_match_headers_value(u32 flags, struct mlx5_flow_spec *spec)return (flags & MLX5_FLOW_CONTEXT_ACTION_DECAP) ?void *mlx5e_get_match_headers_criteria(u32 flags, struct mlx5_flow_spec *spec)return (flags & MLX5_FLOW_CONTEXT_ACTION_DECAP) ?static int mlx5e_flower_parse_meta(struct net_device *filter_dev,struct flow_cls_offload *f)struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct netlink_ext_ack *extack = f->common.extack;struct net_device *ingress_dev;struct flow_match_meta match;if (!flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_META))return 0;if (match.mask->l2_miss) {"Can't match on \" l2_miss\"" );return -EOPNOTSUPP;if (!match.mask->ingress_ifindex)return 0;if (match.mask->ingress_ifindex != 0xFFFFFFFF) {"Unsupported ingress ifindex mask" );return -EOPNOTSUPP;if (!ingress_dev) {"Can't find the ingress port to match on" );return -ENOENT;if (ingress_dev != filter_dev) {"Can't match on the ingress filter port" );return -EOPNOTSUPP;return 0;static bool skip_key_basic(struct net_device *filter_dev,struct flow_cls_offload *f)/* When doing mpls over udp decap, the user needs to provide * MPLS_UC as the protocol in order to be able to match on mpls * label fields. However, the actual ethertype is IP so we want to * avoid matching on this, otherwise we'll fail the match. if (netif_is_bareudp(filter_dev) && f->common.chain_index == 0)return true ;return false ;static int __parse_cls_flower(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5_flow_spec *spec,struct flow_cls_offload *f,struct net_device *filter_dev,struct netlink_ext_ack *extack = f->common.extack;void *headers_c = MLX5_ADDR_OF(fte_match_param, spec->match_criteria,void *headers_v = MLX5_ADDR_OF(fte_match_param, spec->match_value,void *misc_c = MLX5_ADDR_OF(fte_match_param, spec->match_criteria,void *misc_v = MLX5_ADDR_OF(fte_match_param, spec->match_value,void *misc_c_3 = MLX5_ADDR_OF(fte_match_param, spec->match_criteria,void *misc_v_3 = MLX5_ADDR_OF(fte_match_param, spec->match_value,struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct flow_dissector *dissector = rule->match.dissector;enum fs_flow_table_type fs_type;bool match_inner_ecn = true ;int err;if (dissector->used_keys &"Unsupported key" );"Unsupported key used: 0x%llx\n" ,return -EOPNOTSUPP;if (mlx5e_get_tc_tun(filter_dev)) {bool match_inner = false ;if (err)return err;if (match_inner) {/* header pointers should point to the inner headers * if the packet was decapsulated already. * outer headers are set by parse_tunnel_attr. if (err)return err;if (err)return err;if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_BASIC) &&struct flow_match_basic match;if (match.mask->n_proto)if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_VLAN) ||struct flow_dissector_key_vlan filter_dev_mask;struct flow_dissector_key_vlan filter_dev_key;struct flow_match_vlan match;if (is_vlan_dev(filter_dev)) {sizeof (*match.mask));else {if (match.mask->vlan_id ||if (match.key->vlan_tpid == htons(ETH_P_8021AD)) {else {if (!flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_CVLAN) &&else if (*match_level != MLX5_MATCH_NONE) {/* cvlan_tag enabled in match criteria and * disabled in match value means both S & C tags * don't exist (untagged of both) if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_CVLAN)) {struct flow_match_vlan match;if (match.mask->vlan_id ||if (!MLX5_CAP_FLOWTABLE_TYPE(priv->mdev, ft_field_support.outer_second_vid,"Matching on CVLAN is not supported" );return -EOPNOTSUPP;if (match.key->vlan_tpid == htons(ETH_P_8021AD)) {else {if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_ETH_ADDRS)) {struct flow_match_eth_addrs match;if (!is_zero_ether_addr(match.mask->src) ||if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_CONTROL)) {struct flow_match_control match;if (match.mask->flags & FLOW_DIS_IS_FRAGMENT) {/* the HW doesn't need L3 inline to match on frag=no */ if (!(match.key->flags & FLOW_DIS_IS_FRAGMENT))/* *** L2 attributes parsing up to here *** */ else if (!flow_rule_is_supp_control_flags(FLOW_DIS_IS_FRAGMENT,return -EOPNOTSUPP;if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_BASIC)) {struct flow_match_basic match;if (match.mask->ip_proto)if (addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS) {struct flow_match_ipv4_addrs match;sizeof (match.mask->src));sizeof (match.key->src));sizeof (match.mask->dst));sizeof (match.key->dst));if (match.mask->src || match.mask->dst)if (addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS) {struct flow_match_ipv6_addrs match;sizeof (match.mask->src));sizeof (match.key->src));sizeof (match.mask->dst));sizeof (match.key->dst));if (ipv6_addr_type(&match.mask->src) != IPV6_ADDR_ANY ||if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_IP)) {struct flow_match_ip match;if (match_inner_ecn) {if (match.mask->ttl &&"Matching on TTL is not supported" );return -EOPNOTSUPP;if (match.mask->tos || match.mask->ttl)/* *** L3 attributes parsing up to here *** */ if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_PORTS)) {struct flow_match_ports match;switch (ip_proto) {case IPPROTO_TCP:break ;case IPPROTO_UDP:break ;default :"Only UDP and TCP transports are supported for L4 matching" );"Only UDP and TCP transport are supported\n" );return -EINVAL;if (match.mask->src || match.mask->dst)if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_TCP)) {struct flow_match_tcp match;if (match.mask->flags)if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_ICMP)) {struct flow_match_icmp match;switch (ip_proto) {case IPPROTO_ICMP:if (!(MLX5_CAP_GEN(priv->mdev, flex_parser_protocols) &"Match on Flex protocols for ICMP is not supported" );return -EOPNOTSUPP;break ;case IPPROTO_ICMPV6:if (!(MLX5_CAP_GEN(priv->mdev, flex_parser_protocols) &"Match on Flex protocols for ICMPV6 is not supported" );return -EOPNOTSUPP;break ;default :"Code and type matching only with ICMP and ICMPv6" );"Code and type matching only with ICMP and ICMPv6\n" );return -EINVAL;if (match.mask->code || match.mask->type) {/* Currently supported only for MPLS over UDP */ if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_MPLS) &&"Matching on MPLS is supported only for MPLS over UDP" );"Matching on MPLS is supported only for MPLS over UDP\n" );return -EOPNOTSUPP;return 0;static int parse_cls_flower(struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5_flow_spec *spec,struct flow_cls_offload *f,struct net_device *filter_dev)struct netlink_ext_ack *extack = f->common.extack;struct mlx5_core_dev *dev = priv->mdev;struct mlx5_eswitch *esw = dev->priv.eswitch;struct mlx5e_rep_priv *rpriv = priv->ppriv;struct mlx5_eswitch_rep *rep;bool is_eswitch_flow;int err;if (!err && is_eswitch_flow) {if (rep->vport != MLX5_VPORT_UPLINK &&"Flow is not offloaded due to min inline setting" );"Flow is not offloaded due to min inline setting, required %d actual %d\n" ,return -EOPNOTSUPP;return err;struct mlx5_fields {#define OFFLOAD(fw_field, field_bsize, field_mask, field, off, match_field) \## fw_field, field_bsize, field_mask, \struct pedit_headers, field) + (off), \/* masked values are the same and there are no rewrites that do not have a * match. #define SAME_VAL_MASK(type, valp, maskp, matchvalp, matchmaskp) ({ \static bool cmp_val_mask(void *valp, void *maskp, void *matchvalp,void *matchmaskp, u8 bsize)bool same = false ;switch (bsize) {case 8:break ;case 16:break ;case 32:break ;return same;static struct mlx5_fields fields[] = {/* in linux iphdr tcp_flags is 8 bits long */ static u32 mask_field_get(void *mask, struct mlx5_fields *f)switch (f->field_bsize) {case 32:return be32_to_cpu(*(__be32 *)mask) & f->field_mask;case 16:return be16_to_cpu(*(__be16 *)mask) & (u16)f->field_mask;default :return *(u8 *)mask & (u8)f->field_mask;static void mask_field_clear(void *mask, struct mlx5_fields *f)switch (f->field_bsize) {case 32:break ;case 16:break ;default :break ;static int offload_pedit_fields(struct mlx5e_priv *priv,int namespace ,struct mlx5e_tc_flow_parse_attr *parse_attr,struct netlink_ext_ack *extack)struct pedit_headers *set_masks, *add_masks, *set_vals, *add_vals;struct pedit_headers_action *hdrs = parse_attr->hdrs;void *headers_c, *headers_v, *action, *vals_p;struct mlx5e_tc_mod_hdr_acts *mod_acts;void *s_masks_p, *a_masks_p;int i, first, last, next_z;struct mlx5_fields *f;unsigned long mask;for (i = 0; i < ARRAY_SIZE(fields); i++) {bool skip;void *)set_masks + f->offset;void *)add_masks + f->offset;if (!s_mask && !a_mask) /* nothing to offload here */ continue ;if (s_mask && a_mask) {"can't set and add to the same HW field" );"mlx5: can't set and add to the same HW field (%x)\n" ,return -EOPNOTSUPP;false ;if (s_mask) {void *match_mask = headers_c + f->match_offset;void *match_val = headers_v + f->match_offset;void *)set_vals + f->offset;/* don't rewrite if we have a match on the same value */ if (cmp_val_mask(vals_p, s_masks_p, match_val,true ;/* clear to denote we consumed this field */ else {void *)add_vals + f->offset;/* add 0 is no change */ if (!mask_field_get(vals_p, f))true ;/* clear to denote we consumed this field */ if (skip)continue ;if (first < next_z && next_z < last) {"rewrite of few sub-fields isn't supported" );"mlx5: rewrite of few sub-fields (mask %lx) isn't offloaded\n" ,return -EOPNOTSUPP;namespace , mod_acts);if (IS_ERR(action)) {"too many pedit actions, can't offload" );"mlx5: parsed %d pedit actions, can't do more\n" ,return PTR_ERR(action);if (cmd == MLX5_ACTION_TYPE_SET) {unsigned long field_mask = f->field_mask;int start;/* if field is bit sized it can start not from first bit */ /* length is num of bits to be written, zero means length of 32 */ if (f->field_bsize == 32)else if (f->field_bsize == 16)else if (f->field_bsize == 8)return 0;static const struct pedit_headers zero_masks = {};static int verify_offload_pedit_fields(struct mlx5e_priv *priv,struct mlx5e_tc_flow_parse_attr *parse_attr,struct netlink_ext_ack *extack)struct pedit_headers *cmd_masks;for (cmd = 0; cmd < __PEDIT_CMD_MAX; cmd++) {if (memcmp(cmd_masks, &zero_masks, sizeof (zero_masks))) {"attempt to offload an unsupported field" );"attempt to offload an unsupported field (cmd %d)\n" , cmd);"mask: " , DUMP_PREFIX_ADDRESS,sizeof (zero_masks), true );return -EOPNOTSUPP;return 0;static int alloc_tc_pedit_action(struct mlx5e_priv *priv, int namespace ,struct mlx5e_tc_flow_parse_attr *parse_attr,struct netlink_ext_ack *extack)int err;namespace , parse_attr, action_flags, extack);if (err)goto out_dealloc_parsed_actions;if (err)goto out_dealloc_parsed_actions;return 0;return err;struct ip_ttl_word {struct ipv6_hoplimit_word {static bool struct flow_action *flow_action)const struct flow_action_entry *act;int i;/* For IPv4 & IPv6 header check 4 byte word, * to determine that modified fields * are NOT ttl & hop_limit only. if (act->id != FLOW_ACTION_MANGLE &&continue ;if (htype == FLOW_ACT_MANGLE_HDR_TYPE_IP4) {struct ip_ttl_word *ttl_word =struct ip_ttl_word *)&mask;if (offset != offsetof(struct iphdr, ttl) ||return true ;else if (htype == FLOW_ACT_MANGLE_HDR_TYPE_IP6) {struct ipv6_hoplimit_word *hoplimit_word =struct ipv6_hoplimit_word *)&mask;if (offset != offsetof(struct ipv6hdr, payload_len) ||return true ;return false ;static bool modify_header_match_supported(struct mlx5e_priv *priv,struct mlx5_flow_spec *spec,struct flow_action *flow_action,struct netlink_ext_ack *extack)bool modify_ip_header;void *headers_c;void *headers_v;/* for non-IP we only re-write MACs, so we're okay */ if (MLX5_GET(fte_match_set_lyr_2_4, headers_c, ip_version) == 0 &&goto out_ok;if (modify_ip_header && ip_proto != IPPROTO_TCP &&"can't offload re-write of non TCP/UDP" );"can't offload re-write of ip proto %d\n" ,return false ;return true ;static bool struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct netlink_ext_ack *extack)struct mlx5_esw_flow_attr *esw_attr = flow->attr->esw_attr;if (esw_attr->split_count > 0 && !mlx5_esw_has_fwd_fdb(priv->mdev)) {"current firmware doesn't support split rule for port mirroring" );"current firmware doesn't support split rule for port mirroring\n" );return false ;return true ;static bool struct mlx5e_priv *priv,struct flow_action *flow_action,struct mlx5e_tc_flow_parse_attr *parse_attr,struct mlx5e_tc_flow *flow,struct netlink_ext_ack *extack)if (actions & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR &&return false ;if (mlx5e_is_eswitch_flow(flow) &&return false ;return true ;static bool same_port_devs(struct mlx5e_priv *priv, struct mlx5e_priv *peer_priv)return priv->mdev == peer_priv->mdev;bool mlx5e_same_hw_devs(struct mlx5e_priv *priv, struct mlx5e_priv *peer_priv)struct mlx5_core_dev *fmdev, *pmdev;return (fsystem_guid == psystem_guid);static int struct mlx5e_priv *priv,struct mlx5e_tc_flow *flow,struct mlx5_flow_attr *attr,struct netlink_ext_ack *extack)struct mlx5e_tc_flow_parse_attr *parse_attr = attr->parse_attr;struct pedit_headers_action *hdrs = parse_attr->hdrs;enum mlx5_flow_namespace_type ns_type;int err;if (!hdrs[TCA_PEDIT_KEY_EX_CMD_SET].pedits &&return 0;if (err)return err;if (parse_attr->mod_hdr_acts.num_actions > 0)return 0;/* In case all pedit actions are skipped, remove the MOD_HDR flag. */ if (ns_type != MLX5_FLOW_NAMESPACE_FDB)return 0;if (!((attr->action & MLX5_FLOW_CONTEXT_ACTION_VLAN_POP) ||return 0;static struct mlx5_flow_attr*struct mlx5_flow_attr *attr,enum mlx5_flow_namespace_type ns_type)struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5_flow_attr *attr2;sizeof (*parse_attr), GFP_KERNEL);if (!attr2 || !parse_attr) {return NULL;sizeof (attr2->ct_attr));if (ns_type == MLX5_FLOW_NAMESPACE_FDB) {return attr2;struct mlx5_flow_attr *struct mlx5e_tc_flow *flow)struct mlx5_esw_flow_attr *esw_attr;struct mlx5_flow_attr *attr;int i;for (i = 0; i < MLX5_MAX_FLOW_FWD_VPORTS; i++) {if (esw_attr->dests[i].flags & MLX5_ESW_DEST_ENCAP)return attr;return NULL;void struct mlx5e_tc_flow *flow)struct mlx5e_post_act *post_act = get_post_action(flow->priv);struct mlx5_flow_attr *attr;if (list_is_last(&attr->list, &flow->attrs))break ;static void struct mlx5e_tc_flow *flow)struct mlx5_flow_attr *attr, *tmp;if (list_is_last(&attr->list, &flow->attrs))break ;int struct mlx5e_tc_flow *flow)struct mlx5e_post_act *post_act = get_post_action(flow->priv);struct mlx5_flow_attr *attr;int err = 0;if (list_is_last(&attr->list, &flow->attrs))break ;if (err)break ;return err;/* TC filter rule HW translation: * * +---------------------+ * + ft prio (tc chain) + * + original match + * +---------------------+ * | * | if multi table action * | * v * +---------------------+ * + post act ft |<----. * + match fte id | | split on multi table action * + do actions |-----' * +---------------------+ * | * | * v * Do rest of the actions after last multi table action. static int struct mlx5e_tc_flow *flow, struct netlink_ext_ack *extack)struct mlx5e_post_act *post_act = get_post_action(flow->priv);struct mlx5_flow_attr *attr, *next_attr = NULL;struct mlx5e_post_act_handle *handle;int err;/* This is going in reverse order as needed. * The first entry is the last attribute. if (!next_attr) {/* Set counter action on last post act rule. */ if (next_attr && !(attr->flags & MLX5_ATTR_FLAG_TERMINATING)) {if (err)goto out_free;/* Don't add post_act rule for first attr (last in the list). * It's being handled by the caller. if (list_is_last(&attr->list, &flow->attrs))break ;if (err)goto out_free;if (err)goto out_free;if (IS_ERR(handle)) {goto out_free;if (attr->jumping_attr) {if (err)goto out_free;if (flow_flag_test(flow, SLOW))goto out;if (err)goto out_free;return 0;return err;static int struct mlx5e_priv *priv, struct mlx5_flow_attr *attr)struct mlx5e_post_act *post_act = get_post_action(priv);if (IS_ERR(post_act))return PTR_ERR(post_act);return 0;static int struct mlx5e_tc_flow *flow,struct mlx5e_tc_act_branch_ctrl *cond,struct mlx5_flow_attr **cond_attr,struct netlink_ext_ack *extack)struct mlx5_flow_attr *attr;int err = 0;if (!(*cond_attr))return -ENOMEM;switch (cond->act_id) {case FLOW_ACTION_DROP:break ;case FLOW_ACTION_ACCEPT:case FLOW_ACTION_PIPE:if (err)goto out_err;break ;case FLOW_ACTION_JUMP:if (*jump_count) {"Cannot offload flows with nested jumps" );goto out_err;if (err)goto out_err;break ;default :goto out_err;return err;return err;static void struct flow_action_entry *act, struct mlx5e_tc_act *tc_act,struct mlx5_flow_attr *attr, struct mlx5e_priv *priv,struct mlx5e_tc_jump_state *jump_state)if (!jump_state->jump_count)return ;/* Single tc action can instantiate multiple offload actions (e.g. pedit) * Jump only over a tc action if (act->id == jump_state->last_id && act->hw_index == jump_state->last_index)return ;/* nothing to do for intermediate actions */ if (--jump_state->jump_count > 1)return ;if (jump_state->jump_count == 1) { /* last action in the jump action list */ /* create a new attribute after this action */ true ;if (tc_act->is_terminating_action) { /* the branch ends here */ else { /* the branch continues executing the rest of the actions */ struct mlx5e_post_act *post_act;else if (jump_state->jump_count == 0) { /* first attr after the jump action list */ /* This is the post action for the jumping attribute (either red or green) * Use the stored jumping_attr to set the post act id on the jumping attribute static int struct flow_action_entry *act, struct mlx5e_tc_act *tc_act,struct mlx5e_tc_flow *flow, struct mlx5_flow_attr *attr,struct mlx5e_tc_jump_state *jump_state,struct netlink_ext_ack *extack)struct mlx5e_tc_act_branch_ctrl cond_true, cond_false;int err;if (!tc_act->get_branch_ctrl)return 0;if (err)goto out_err;if (jump_count)if (err)goto err_branch_false;if (jump_count && !jump_state->jumping_attr)/* branching action requires its own counter */ return 0;return err;static int struct mlx5e_tc_act_parse_state *parse_state,struct flow_action *flow_action)struct netlink_ext_ack *extack = parse_state->extack;struct mlx5e_tc_flow *flow = parse_state->flow;struct mlx5e_tc_jump_state jump_state = {};struct mlx5_flow_attr *attr = flow->attr;enum mlx5_flow_namespace_type ns_type;struct mlx5e_priv *priv = flow->priv;struct mlx5_flow_attr *prev_attr;struct flow_action_entry *act;struct mlx5e_tc_act *tc_act;int err, i, i_split = 0;bool is_missable;false ;false ;if (!tc_act) {"Not implemented offload action" );goto out_free_post_acts;if (tc_act->can_offload && !tc_act->can_offload(parse_state, act, i, attr)) {goto out_free_post_acts;if (err)goto out_free_post_acts;if (err)goto out_free_post_acts;/* Split attr for multi table act if not the last act. */ if (jump_state.jump_target ||false ;if (err)goto out_free_post_acts;if (!attr) {goto out_free_post_acts;if (is_missable) {/* Add counter to prev, and assign act to new (next) attr */ else if (!tc_act->stats_action) {if (err)goto out_free_post_acts;if (err)goto out_free_post_acts;return 0;return err;static int struct flow_action *flow_action,struct netlink_ext_ack *extack)if (!flow_action_has_entries(flow_action)) {"Flow action doesn't have any entries" );return -EINVAL;if (!flow_action_hw_stats_check(flow_action, extack,"Flow action HW stats type is not supported" );return -EOPNOTSUPP;return 0;static int struct mlx5e_priv *priv,struct flow_action *flow_action,struct mlx5e_tc_flow *flow,struct netlink_ext_ack *extack)struct mlx5e_tc_act_parse_state *parse_state;struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5_flow_attr *attr = flow->attr;int err;if (err)return err;if (err)return err;if (err)return err;if (err)return err;if (!actions_match_supported(priv, flow_action, parse_state->actions,return -EOPNOTSUPP;return 0;static bool is_merged_eswitch_vfs(struct mlx5e_priv *priv,struct net_device *peer_netdev)struct mlx5e_priv *peer_priv;return (MLX5_CAP_ESW(priv->mdev, merged_eswitch) &&static bool same_hw_reps(struct mlx5e_priv *priv,struct net_device *peer_netdev)struct mlx5e_priv *peer_priv;return mlx5e_eswitch_rep(priv->netdev) &&static bool is_lag_dev(struct mlx5e_priv *priv,struct net_device *peer_netdev)return ((mlx5_lag_is_sriov(priv->mdev) ||static bool is_multiport_eligible(struct mlx5e_priv *priv, struct net_device *out_dev)return same_hw_reps(priv, out_dev) && mlx5_lag_is_mpesw(priv->mdev);bool mlx5e_is_valid_eswitch_fwd_dev(struct mlx5e_priv *priv,struct net_device *out_dev)if (is_merged_eswitch_vfs(priv, out_dev))return true ;if (is_multiport_eligible(priv, out_dev))return true ;if (is_lag_dev(priv, out_dev))return true ;return mlx5e_eswitch_rep(out_dev) &&int mlx5e_set_fwd_to_int_port_actions(struct mlx5e_priv *priv,struct mlx5_flow_attr *attr,int ifindex,enum mlx5e_tc_int_port_type type,int out_index)struct mlx5_esw_flow_attr *esw_attr = attr->esw_attr;struct mlx5e_tc_int_port_priv *int_port_priv;struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5e_tc_int_port *dest_int_port;int err;if (IS_ERR(dest_int_port))return PTR_ERR(dest_int_port);if (err) {return err;/* Forward to root fdb for matching against the new source vport */ return 0;static int struct mlx5e_priv *priv,struct flow_action *flow_action,struct mlx5e_tc_flow *flow,struct netlink_ext_ack *extack)struct mlx5e_tc_act_parse_state *parse_state;struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5_flow_attr *attr = flow->attr;struct mlx5_esw_flow_attr *esw_attr;struct net_device *filter_dev;int err;if (err)return err;if (err)return err;/* Forward to/from internal port can only have 1 dest */ if ((netif_is_ovs_master(filter_dev) || esw_attr->dest_int_port) &&"Rules with internal port can have only one destination" );return -EOPNOTSUPP;/* Forward from tunnel/internal port to internal port is not supported */ if ((mlx5e_get_tc_tun(filter_dev) || netif_is_ovs_master(filter_dev)) &&"Forwarding from tunnel/internal port to internal port is not supported" );return -EOPNOTSUPP;if (err)return err;if (!actions_match_supported(priv, flow_action, parse_state->actions,return -EOPNOTSUPP;return 0;static void get_flags(int flags, unsigned long *flow_flags)unsigned long __flow_flags = 0;if (flags & MLX5_TC_FLAG(INGRESS))if (flags & MLX5_TC_FLAG(EGRESS))if (flags & MLX5_TC_FLAG(ESW_OFFLOAD))if (flags & MLX5_TC_FLAG(NIC_OFFLOAD))if (flags & MLX5_TC_FLAG(FT_OFFLOAD))static const struct rhashtable_params tc_ht_params = {struct mlx5e_tc_flow, node),struct mlx5e_tc_flow, cookie),sizeof (((struct mlx5e_tc_flow *)0)->cookie),true ,static struct rhashtable *get_tc_ht(struct mlx5e_priv *priv,unsigned long flags)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5e_rep_priv *rpriv;if (flags & MLX5_TC_FLAG(ESW_OFFLOAD)) {return &rpriv->tc_ht;else /* NIC offload */ return &tc->ht;static bool is_peer_flow_needed(struct mlx5e_tc_flow *flow)struct mlx5_esw_flow_attr *esw_attr = flow->attr->esw_attr;struct mlx5_flow_attr *attr = flow->attr;bool is_rep_ingress = esw_attr->in_rep->vport != MLX5_VPORT_UPLINK &&bool act_is_encap = !!(attr->action &bool esw_paired = mlx5_devcom_comp_is_ready(esw_attr->in_mdev->priv.eswitch->devcom);if (!esw_paired)return false ;if ((mlx5_lag_is_sriov(esw_attr->in_mdev) ||return true ;if (mlx5_lag_is_mpesw(esw_attr->in_mdev))return true ;return false ;struct mlx5_flow_attr *enum mlx5_flow_namespace_type type)sizeof (struct mlx5_esw_flow_attr) :sizeof (struct mlx5_nic_flow_attr);struct mlx5_flow_attr *attr;sizeof (*attr) + ex_attr_size, GFP_KERNEL);if (!attr)return attr;return attr;static void struct mlx5e_tc_flow *flow, struct mlx5_flow_attr *attr)struct mlx5_core_dev *counter_dev = get_flow_counter_dev(flow);struct mlx5_esw_flow_attr *esw_attr;if (!attr)return ;if (attr->post_act_handle)if (attr->action & MLX5_FLOW_CONTEXT_ACTION_COUNT)if (attr->action & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR) {if (mlx5e_is_eswitch_flow(flow)) {if (esw_attr->int_port)if (esw_attr->dest_int_port)static int struct mlx5e_priv *priv, int attr_size,struct flow_cls_offload *f, unsigned long flow_flags,struct mlx5e_tc_flow_parse_attr **__parse_attr,struct mlx5e_tc_flow **__flow)struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5_flow_attr *attr;struct mlx5e_tc_flow *flow;int err = -ENOMEM;int out_index;sizeof (*flow), GFP_KERNEL);sizeof (*parse_attr), GFP_KERNEL);if (!parse_attr || !flow)goto err_free;if (!attr)goto err_free;for (out_index = 0; out_index < MLX5_MAX_FLOW_FWD_VPORTS; out_index++)return 0;return err;static void struct mlx5_flow_attr *attr,struct mlx5e_tc_flow_parse_attr *parse_attr,struct flow_cls_offload *f)static void struct mlx5_flow_attr *attr,struct mlx5e_priv *priv,struct mlx5e_tc_flow_parse_attr *parse_attr,struct flow_cls_offload *f,struct mlx5_eswitch_rep *in_rep,struct mlx5_core_dev *in_mdev)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_esw_flow_attr *esw_attr = attr->esw_attr;if (MLX5_CAP_ESW(esw->dev, counter_eswitch_affinity) ==else static struct mlx5e_tc_flow *struct mlx5e_priv *priv,struct flow_cls_offload *f,unsigned long flow_flags,struct net_device *filter_dev,struct mlx5_eswitch_rep *in_rep,struct mlx5_core_dev *in_mdev)struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct netlink_ext_ack *extack = f->common.extack;struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5e_tc_flow *flow;int attr_size, err;sizeof (struct mlx5_esw_flow_attr);if (err)goto out;if (err)goto err_free;/* actions validation depends on parsing the ct matches first */ if (err)goto err_free;if (err)goto err_free;if (err) {if (!(err == -ENETUNREACH && mlx5_lag_is_multipath(in_mdev)))goto err_free;return flow;return ERR_PTR(err);static int mlx5e_tc_add_fdb_peer_flow(struct flow_cls_offload *f,struct mlx5e_tc_flow *flow,unsigned long flow_flags,struct mlx5_eswitch *peer_esw)struct mlx5e_priv *priv = flow->priv, *peer_priv;struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_esw_flow_attr *attr = flow->attr->esw_attr;struct mlx5e_tc_flow_parse_attr *parse_attr;int i = mlx5_get_dev_index(peer_esw->dev);struct mlx5e_rep_priv *peer_urpriv;struct mlx5e_tc_flow *peer_flow;struct mlx5_core_dev *in_mdev;int err = 0;/* in_mdev is assigned of which the packet originated from. * So packets redirected to uplink use the same mdev of the * original flow and packets redirected from uplink use the * peer mdev. * In multiport eswitch it's a special case that we need to * keep the original mdev. if (attr->in_rep->vport == MLX5_VPORT_UPLINK && !mlx5_lag_is_mpesw(priv->mdev))else if (IS_ERR(peer_flow)) {goto out;return err;static int struct mlx5e_priv *priv,struct flow_cls_offload *f,unsigned long flow_flags,struct net_device *filter_dev,struct mlx5e_tc_flow **__flow)struct mlx5_devcom_comp_dev *devcom = priv->mdev->priv.eswitch->devcom, *pos;struct mlx5e_rep_priv *rpriv = priv->ppriv;struct mlx5_eswitch_rep *in_rep = rpriv->rep;struct mlx5_core_dev *in_mdev = priv->mdev;struct mlx5_eswitch *peer_esw;struct mlx5e_tc_flow *flow;int err;if (IS_ERR(flow))return PTR_ERR(flow);if (!is_peer_flow_needed(flow)) {return 0;if (!mlx5_devcom_for_each_peer_begin(devcom)) {goto clean_flow;if (err)goto peer_clean;return 0;return err;static int struct mlx5e_priv *priv,struct flow_cls_offload *f,unsigned long flow_flags,struct net_device *filter_dev,struct mlx5e_tc_flow **__flow)struct flow_rule *rule = flow_cls_offload_flow_rule(f);struct netlink_ext_ack *extack = f->common.extack;struct mlx5e_tc_flow_parse_attr *parse_attr;struct mlx5e_tc_flow *flow;int attr_size, err;if (!MLX5_CAP_FLOWTABLE_NIC_RX(priv->mdev, ignore_flow_level)) {if (!tc_cls_can_offload_and_chain0(priv->netdev, &f->common))return -EOPNOTSUPP;else if (!tc_can_offload_extack(priv->netdev, f->common.extack)) {return -EOPNOTSUPP;sizeof (struct mlx5_nic_flow_attr);if (err)goto out;if (err)goto err_free;if (err)goto err_free;if (err)goto err_free;if (err)goto err_free;return 0;return err;static int struct mlx5e_priv *priv,struct flow_cls_offload *f,unsigned long flags,struct net_device *filter_dev,struct mlx5e_tc_flow **flow)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;unsigned long flow_flags;int err;if (!tc_can_offload_extack(priv->netdev, f->common.extack))return -EOPNOTSUPP;if (esw && esw->mode == MLX5_ESWITCH_OFFLOADS)else return err;static bool is_flow_rule_duplicate_allowed(struct net_device *dev,struct mlx5e_rep_priv *rpriv)/* Offloaded flow rule is allowed to duplicate on non-uplink representor * sharing tc block with other slaves of a lag device. Rpriv can be NULL if this * function is called from NIC mode. return netif_is_lag_port(dev) && rpriv && rpriv->rep->vport != MLX5_VPORT_UPLINK;/* As IPsec and TC order is not aligned between software and hardware-offload, * either IPsec offload or TC offload, not both, is allowed for a specific interface. static bool is_tc_ipsec_order_check_needed(struct net_device *filter, struct mlx5e_priv *priv)if (!IS_ENABLED(CONFIG_MLX5_EN_IPSEC))return false ;if (filter != priv->netdev)return false ;if (mlx5e_eswitch_vf_rep(priv->netdev))return false ;return true ;static int mlx5e_tc_block_ipsec_offload(struct net_device *filter, struct mlx5e_priv *priv)struct mlx5_core_dev *mdev = priv->mdev;if (!is_tc_ipsec_order_check_needed(filter, priv))return 0;if (mdev->num_block_tc)return -EBUSY;return 0;static void mlx5e_tc_unblock_ipsec_offload(struct net_device *filter, struct mlx5e_priv *priv)if (!is_tc_ipsec_order_check_needed(filter, priv))return ;int mlx5e_configure_flower(struct net_device *dev, struct mlx5e_priv *priv,struct flow_cls_offload *f, unsigned long flags)struct netlink_ext_ack *extack = f->common.extack;struct rhashtable *tc_ht = get_tc_ht(priv, flags);struct mlx5e_rep_priv *rpriv = priv->ppriv;struct mlx5e_tc_flow *flow;int err = 0;if (!mlx5_esw_hold(priv->mdev))return -EBUSY;if (err)goto esw_release;if (flow) {/* Same flow rule offloaded to non-uplink representor sharing tc block, * just return 0. if (is_flow_rule_duplicate_allowed(dev, rpriv) && flow->orig_dev != dev)goto rcu_unlock;"flow cookie already exists, ignoring" );"flow cookie %lx already exists, ignoring\n" ,goto rcu_unlock;if (flow)goto out;if (err)goto out;/* Flow rule offloaded to non-uplink representor sharing tc block, * set the flow's owner dev. if (is_flow_rule_duplicate_allowed(dev, rpriv))if (err)goto err_free;return 0;return err;static bool same_flow_direction(struct mlx5e_tc_flow *flow, int flags)bool dir_ingress = !!(flags & MLX5_TC_FLAG(INGRESS));bool dir_egress = !!(flags & MLX5_TC_FLAG(EGRESS));return flow_flag_test(flow, INGRESS) == dir_ingress &&int mlx5e_delete_flower(struct net_device *dev, struct mlx5e_priv *priv,struct flow_cls_offload *f, unsigned long flags)struct rhashtable *tc_ht = get_tc_ht(priv, flags);struct mlx5e_tc_flow *flow;int err;if (!flow || !same_flow_direction(flow, flags)) {goto errout;/* Only delete the flow if it doesn't have MLX5E_TC_FLOW_DELETED flag * set. if (flow_flag_test_and_set(flow, DELETED)) {goto errout;return 0;return err;int mlx5e_tc_fill_action_stats(struct mlx5e_priv *priv,struct flow_offload_action *fl_act)return mlx5e_tc_act_stats_fill_stats(get_act_stats_handle(priv), fl_act);int mlx5e_stats_flower(struct net_device *dev, struct mlx5e_priv *priv,struct flow_cls_offload *f, unsigned long flags)struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct rhashtable *tc_ht = get_tc_ht(priv, flags);struct mlx5e_tc_flow *flow;struct mlx5_fc *counter;int err = 0;if (IS_ERR(flow))return PTR_ERR(flow);if (!same_flow_direction(flow, flags)) {goto errout;if (mlx5e_is_offloaded_flow(flow)) {if (flow_flag_test(flow, USE_ACT_STATS)) {true ;else {if (!counter)goto errout;/* Under multipath it's possible for one rule to be currently * un-offloaded while the other rule is offloaded. if (esw && !mlx5_devcom_for_each_peer_begin(esw->devcom))goto out;if (flow_flag_test(flow, DUP)) {struct mlx5e_tc_flow *peer_flow;if (!flow_flag_test(peer_flow, OFFLOADED))continue ;if (flow_flag_test(flow, USE_ACT_STATS)) {true ;break ;if (!counter)goto no_peer_counter;if (esw)return err;static int apply_police_params(struct mlx5e_priv *priv, u64 rate,struct netlink_ext_ack *extack)struct mlx5e_rep_priv *rpriv = priv->ppriv;struct mlx5_eswitch *esw;int err;if (vport_num >= MLX5_VPORT_ECPF) {"Ingress rate limit is supported only for Eswitch ports connected to VFs" );return -EOPNOTSUPP;/* rate is given in bytes/sec. * First convert to bits/sec and then round to the nearest mbit/secs. * mbit means million bits. * Moreover, if rate is non zero we choose to configure to a minimum of * 1 mbit/sec. if (rate) {if (err)"failed applying action to hardware" );return err;static int const struct flow_action *action,const struct flow_action_entry *act,struct netlink_ext_ack *extack)if (act->police.notexceed.act_id != FLOW_ACTION_CONTINUE) {"Offload not supported when conform action is not continue" );return -EOPNOTSUPP;if (act->police.exceed.act_id != FLOW_ACTION_DROP) {"Offload not supported when exceed action is not drop" );return -EOPNOTSUPP;if (act->police.notexceed.act_id == FLOW_ACTION_ACCEPT &&"Offload not supported when conform action is ok, but action is not last" );return -EOPNOTSUPP;if (act->police.peakrate_bytes_ps ||"Offload not supported when peakrate/avrate/overhead is configured" );return -EOPNOTSUPP;return 0;static int scan_tc_matchall_fdb_actions(struct mlx5e_priv *priv,struct flow_action *flow_action,struct netlink_ext_ack *extack)struct mlx5e_rep_priv *rpriv = priv->ppriv;const struct flow_action_entry *act;int err;int i;if (!flow_action_has_entries(flow_action)) {"matchall called with no action" );return -EINVAL;if (!flow_offload_has_one_action(flow_action)) {"matchall policing support only a single action" );return -EOPNOTSUPP;if (!flow_action_basic_hw_stats_check(flow_action, extack)) {"Flow action HW stats type is not supported" );return -EOPNOTSUPP;switch (act->id) {case FLOW_ACTION_POLICE:if (err)return err;if (err)return err;break ;default :"mlx5 supports only police action for matchall" );return -EOPNOTSUPP;return 0;int mlx5e_tc_configure_matchall(struct mlx5e_priv *priv,struct tc_cls_matchall_offload *ma)struct netlink_ext_ack *extack = ma->common.extack;if (ma->common.prio != 1) {"only priority 1 is supported" );return -EINVAL;return scan_tc_matchall_fdb_actions(priv, &ma->rule->action, extack);int mlx5e_tc_delete_matchall(struct mlx5e_priv *priv,struct tc_cls_matchall_offload *ma)struct netlink_ext_ack *extack = ma->common.extack;return apply_police_params(priv, 0, extack);static void mlx5e_tc_hairpin_update_dead_peer(struct mlx5e_priv *priv,struct mlx5e_priv *peer_priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_core_dev *peer_mdev = peer_priv->mdev;struct mlx5e_hairpin_entry *hpe, *tmp;int bkt;if (!mlx5e_same_hw_devs(priv, peer_priv))return ;if (refcount_inc_not_zero(&hpe->refcnt))if (!IS_ERR_OR_NULL(hpe->hp) && hpe->peer_vhca_id == peer_vhca_id)static int mlx5e_tc_netdev_event(struct notifier_block *this ,unsigned long event, void *ptr)struct net_device *ndev = netdev_notifier_info_to_dev(ptr);struct mlx5e_priv *peer_priv;struct mlx5e_tc_table *tc;struct mlx5e_priv *priv;if (ndev->netdev_ops != &mlx5e_netdev_ops ||return NOTIFY_DONE;this , struct mlx5e_tc_table, netdevice_nb);if (priv == peer_priv ||return NOTIFY_DONE;return NOTIFY_DONE;static int mlx5e_tc_nic_create_miss_table(struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_flow_table **ft = &tc->miss_t;struct mlx5_flow_table_attr ft_attr = {};struct mlx5_flow_namespace *ns;int err = 0;if (IS_ERR(*ft)) {"failed to create tc nic miss table err=%d\n" , err);return err;static void mlx5e_tc_nic_destroy_miss_table(struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);int mlx5e_tc_nic_init(struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);struct mlx5_core_dev *dev = priv->mdev;struct mapping_ctx *chains_mapping;struct mlx5_chains_attr attr = {};int err;if (err)return err;"tc_ht_wq_key" , &tc_ht_wq_key, 0);sizeof (struct mlx5_mapped_obj),true );if (IS_ERR(chains_mapping)) {goto err_mapping;if (err)goto err_chains;if (MLX5_CAP_FLOWTABLE_NIC_RX(priv->mdev, ignore_flow_level))if (IS_ERR(tc->chains)) {goto err_miss;if (err) {"Failed to register netdev notifier\n" );goto err_reg;if (IS_ERR(tc->action_stats_handle)) {goto err_act_stats;return 0;return err;static void _mlx5e_tc_del_flow(void *ptr, void *arg)struct mlx5e_tc_flow *flow = ptr;struct mlx5e_priv *priv = flow->priv;void mlx5e_tc_nic_cleanup(struct mlx5e_priv *priv)struct mlx5e_tc_table *tc = mlx5e_fs_get_tc(priv->fs);if (tc->netdevice_nb.notifier_call)if (!IS_ERR_OR_NULL(tc->t)) {int mlx5e_tc_ht_init(struct rhashtable *tc_ht)int err;if (err)return err;"tc_ht_wq_key" , &tc_ht_wq_key, 0);return 0;void mlx5e_tc_ht_cleanup(struct rhashtable *tc_ht)int mlx5e_tc_esw_init(struct mlx5_rep_uplink_priv *uplink_priv)const size_t sz_enc_opts = sizeof (struct tunnel_match_enc_opts);struct netdev_phys_item_id ppid;struct mlx5e_rep_priv *rpriv;struct mapping_ctx *mapping;struct mlx5_eswitch *esw;struct mlx5e_priv *priv;int err = 0;struct mlx5e_rep_priv, uplink_priv);sizeof (struct tunnel_match_key),true );if (IS_ERR(mapping)) {goto err_tun_mapping;/* Two last values are reserved for stack devices slow path table mark * and bridge ingress push mark. true );if (IS_ERR(mapping)) {goto err_enc_opts_mapping;if (IS_ERR(uplink_priv->encap)) {goto err_register_fib_notifier;if (IS_ERR(uplink_priv->action_stats_handle)) {goto err_action_counter;false );if (!err) {sizeof (key));return 0;"Failed to initialize tc (eswitch), err: %d" , err);return err;void mlx5e_tc_esw_cleanup(struct mlx5_rep_uplink_priv *uplink_priv)struct mlx5e_rep_priv *rpriv;struct mlx5_eswitch *esw;struct mlx5e_priv *priv;struct mlx5e_rep_priv, uplink_priv);int mlx5e_tc_num_filters(struct mlx5e_priv *priv, unsigned long flags)struct rhashtable *tc_ht = get_tc_ht(priv, flags);return atomic_read(&tc_ht->nelems);void mlx5e_tc_clean_fdb_peer_flows(struct mlx5_eswitch *esw)struct mlx5e_tc_flow *flow, *tmp;int i;for (i = 0; i < MLX5_MAX_PORTS; i++) {if (i == mlx5_get_dev_index(esw->dev))continue ;void mlx5e_tc_reoffload_flows_work(struct work_struct *work)struct mlx5_rep_uplink_priv *rpriv =struct mlx5_rep_uplink_priv,struct mlx5e_tc_flow *flow, *tmp;if (!mlx5e_tc_add_fdb_flow(flow->priv, flow, NULL))static int mlx5e_setup_tc_cls_flower(struct mlx5e_priv *priv,struct flow_cls_offload *cls_flower,unsigned long flags)switch (cls_flower->command) {case FLOW_CLS_REPLACE:return mlx5e_configure_flower(priv->netdev, priv, cls_flower,case FLOW_CLS_DESTROY:return mlx5e_delete_flower(priv->netdev, priv, cls_flower,case FLOW_CLS_STATS:return mlx5e_stats_flower(priv->netdev, priv, cls_flower,default :return -EOPNOTSUPP;int mlx5e_setup_tc_block_cb(enum tc_setup_type type, void *type_data,void *cb_priv)unsigned long flags = MLX5_TC_FLAG(INGRESS);struct mlx5e_priv *priv = cb_priv;if (!priv->netdev || !netif_device_present(priv->netdev))return -EOPNOTSUPP;if (mlx5e_is_uplink_rep(priv))else switch (type) {case TC_SETUP_CLSFLOWER:return mlx5e_setup_tc_cls_flower(priv, type_data, flags);default :return -EOPNOTSUPP;static bool mlx5e_tc_restore_tunnel(struct mlx5e_priv *priv, struct sk_buff *skb,struct mlx5e_tc_update_priv *tc_priv,struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct tunnel_match_enc_opts enc_opts = {};struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;struct metadata_dst *tun_dst;struct tunnel_match_key key;struct net_device *dev;int err;if (!tun_id)return true ;if (err) {"Couldn't find tunnel for tun_id: %d, err: %d\n" ,return false ;if (enc_opts_id) {if (err) {"Couldn't find tunnel (opts) for tun_id: %d, err: %d\n" ,return false ;switch (key.enc_control.addr_type) {case FLOW_DISSECTOR_KEY_IPV4_ADDRS:break ;case FLOW_DISSECTOR_KEY_IPV6_ADDRS:break ;default :"Couldn't restore tunnel, unsupported addr_type: %d\n" ,return false ;if (!tun_dst) {"Couldn't restore tunnel, no tun_dst\n" );return false ;if (enc_opts.key.len) {if (enc_opts.key.dst_opt_type)struct dst_entry *)tun_dst);if (!dev) {"Couldn't find tunnel device with ifindex: %d\n" ,return false ;/* Set fwd_dev so we do dev_put() after datapath */ return true ;static bool mlx5e_tc_restore_skb_tc_meta(struct sk_buff *skb, struct mlx5_tc_ct_priv *ct_priv,struct mlx5_mapped_obj *mapped_obj, u32 zone_restore_id,struct mlx5e_tc_update_priv *tc_priv)struct mlx5e_priv *priv = netdev_priv(skb->dev);struct tc_skb_ext *tc_skb_ext;if (chain || act_miss_cookie) {if (!mlx5e_tc_ct_restore_flow(ct_priv, skb, zone_restore_id))return false ;if (!tc_skb_ext) {return false ;if (act_miss_cookie) {else {if (tc_priv)return mlx5e_tc_restore_tunnel(priv, skb, tc_priv, tunnel_id);return true ;static void mlx5e_tc_restore_skb_sample(struct mlx5e_priv *priv, struct sk_buff *skb,struct mlx5_mapped_obj *mapped_obj,struct mlx5e_tc_update_priv *tc_priv)if (!mlx5e_tc_restore_tunnel(priv, skb, tc_priv, mapped_obj->sample.tunnel_id)) {"Failed to restore tunnel info for sampled packet\n" );return ;static bool mlx5e_tc_restore_skb_int_port(struct mlx5e_priv *priv, struct sk_buff *skb,struct mlx5_mapped_obj *mapped_obj,struct mlx5e_tc_update_priv *tc_priv,struct mlx5_eswitch *esw = priv->mdev->priv.eswitch;struct mlx5_rep_uplink_priv *uplink_priv;struct mlx5e_rep_priv *uplink_rpriv;bool forward_tx = false ;/* Tunnel restore takes precedence over int port restore */ if (tunnel_id)return mlx5e_tc_restore_tunnel(priv, skb, tc_priv, tunnel_id);if (mlx5e_tc_int_port_dev_fwd(uplink_priv->int_port_priv, skb,/* Set fwd_dev for future dev_put */ return true ;return false ;bool mlx5e_tc_update_skb(struct mlx5_cqe64 *cqe, struct sk_buff *skb,struct mapping_ctx *mapping_ctx, u32 mapped_obj_id,struct mlx5_tc_ct_priv *ct_priv,struct mlx5e_tc_update_priv *tc_priv)struct mlx5e_priv *priv = netdev_priv(skb->dev);struct mlx5_mapped_obj mapped_obj;int err;if (err) {"Couldn't find mapped object for mapped_obj_id: %d, err: %d\n" ,return false ;switch (mapped_obj.type) {case MLX5_MAPPED_OBJ_CHAIN:case MLX5_MAPPED_OBJ_ACT_MISS:return mlx5e_tc_restore_skb_tc_meta(skb, ct_priv, &mapped_obj, zone_restore_id,case MLX5_MAPPED_OBJ_SAMPLE:true ;return true ;case MLX5_MAPPED_OBJ_INT_PORT_METADATA:return mlx5e_tc_restore_skb_int_port(priv, skb, &mapped_obj, tc_priv, tunnel_id);default :"Invalid mapped object type: %d\n" , mapped_obj.type);return false ;return false ;bool mlx5e_tc_update_skb_nic(struct mlx5_cqe64 *cqe, struct sk_buff *skb)struct mlx5e_priv *priv = netdev_priv(skb->dev);struct mlx5_tc_ct_priv *ct_priv;struct mapping_ctx *mapping_ctx;struct mlx5e_tc_table *tc;return mlx5e_tc_update_skb(cqe, skb, mapping_ctx, mapped_obj_id, ct_priv, zone_restore_id,static struct mapping_ctx *struct mlx5e_priv *priv)struct mlx5e_tc_table *tc;struct mlx5_eswitch *esw;struct mapping_ctx *ctx;if (is_mdev_switchdev_mode(priv->mdev)) {else {return ctx;int mlx5e_tc_action_miss_mapping_get(struct mlx5e_priv *priv, struct mlx5_flow_attr *attr,struct mlx5_mapped_obj mapped_obj = {};struct mlx5_eswitch *esw;struct mapping_ctx *ctx;int err;if (err)return err;if (!is_mdev_switchdev_mode(priv->mdev))return 0;if (IS_ERR(attr->act_id_restore_rule)) {goto err_rule;return 0;return err;void mlx5e_tc_action_miss_mapping_put(struct mlx5e_priv *priv, struct mlx5_flow_attr *attr,struct mapping_ctx *ctx = mlx5e_get_priv_obj_mapping(priv);if (is_mdev_switchdev_mode(priv->mdev))
Messung V0.5 in Prozent C=95 H=91 G=92
¤ Dauer der Verarbeitung: 0.61 Sekunden
(vorverarbeitet am 2026-04-28)
¤ *© Formatika GbR, Deutschland
