lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230307113621.64153-11-gautam.dawar@amd.com>
Date:   Tue, 7 Mar 2023 17:06:12 +0530
From:   Gautam Dawar <gautam.dawar@....com>
To:     <linux-net-drivers@....com>, <jasowang@...hat.com>,
        Edward Cree <ecree.xilinx@...il.com>,
        Martin Habets <habetsm.xilinx@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        "Jakub Kicinski" <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Richard Cochran <richardcochran@...il.com>,
        <linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>
CC:     <eperezma@...hat.com>, <harpreet.anand@....com>,
        <tanuj.kamde@....com>, <koushik.dutta@....com>,
        Gautam Dawar <gautam.dawar@....com>
Subject: [PATCH net-next v2 10/14] sfc: implement filters for receiving traffic

Implement unicast, broadcast and unknown multicast
filters for receiving different types of traffic.

Signed-off-by: Gautam Dawar <gautam.dawar@....com>
---
 drivers/net/ethernet/sfc/ef100_vdpa.c     | 157 ++++++++++++++++++++++
 drivers/net/ethernet/sfc/ef100_vdpa.h     |  36 ++++-
 drivers/net/ethernet/sfc/ef100_vdpa_ops.c |  17 ++-
 3 files changed, 207 insertions(+), 3 deletions(-)

diff --git a/drivers/net/ethernet/sfc/ef100_vdpa.c b/drivers/net/ethernet/sfc/ef100_vdpa.c
index 4ba57827a6cd..5c9f29f881a6 100644
--- a/drivers/net/ethernet/sfc/ef100_vdpa.c
+++ b/drivers/net/ethernet/sfc/ef100_vdpa.c
@@ -16,12 +16,166 @@
 #include "mcdi_filters.h"
 #include "mcdi_functions.h"
 #include "ef100_netdev.h"
+#include "filter.h"
+#include "efx.h"
 
+#define EFX_INVALID_FILTER_ID -1
+
+/* vDPA queues starts from 2nd VI or qid 1 */
+#define EF100_VDPA_BASE_RX_QID 1
+
+static const char * const filter_names[] = { "bcast", "ucast", "mcast" };
 static struct virtio_device_id ef100_vdpa_id_table[] = {
 	{ .device = VIRTIO_ID_NET, .vendor = PCI_VENDOR_ID_REDHAT_QUMRANET },
 	{ 0 },
 };
 
+static int ef100_vdpa_set_mac_filter(struct efx_nic *efx,
+				     struct efx_filter_spec *spec,
+				     u32 qid, u8 *mac_addr)
+{
+	int rc;
+
+	efx_filter_init_rx(spec, EFX_FILTER_PRI_AUTO, 0, qid);
+
+	if (mac_addr) {
+		rc = efx_filter_set_eth_local(spec, EFX_FILTER_VID_UNSPEC,
+					      mac_addr);
+		if (rc)
+			pci_err(efx->pci_dev,
+				"Filter set eth local failed, err: %d\n", rc);
+	} else {
+		efx_filter_set_mc_def(spec);
+	}
+
+	rc = efx_filter_insert_filter(efx, spec, true);
+	if (rc < 0)
+		pci_err(efx->pci_dev,
+			"Filter insert failed, err: %d\n", rc);
+
+	return rc;
+}
+
+static int ef100_vdpa_delete_filter(struct ef100_vdpa_nic *vdpa_nic,
+				    enum ef100_vdpa_mac_filter_type type)
+{
+	struct vdpa_device *vdev = &vdpa_nic->vdpa_dev;
+	int rc;
+
+	if (vdpa_nic->filters[type].filter_id == EFX_INVALID_FILTER_ID)
+		return rc;
+
+	rc = efx_filter_remove_id_safe(vdpa_nic->efx,
+				       EFX_FILTER_PRI_AUTO,
+				       vdpa_nic->filters[type].filter_id);
+	if (rc) {
+		dev_err(&vdev->dev, "%s filter id: %d remove failed, err: %d\n",
+			filter_names[type], vdpa_nic->filters[type].filter_id,
+			rc);
+	} else {
+		vdpa_nic->filters[type].filter_id = EFX_INVALID_FILTER_ID;
+		vdpa_nic->filter_cnt--;
+	}
+	return rc;
+}
+
+int ef100_vdpa_add_filter(struct ef100_vdpa_nic *vdpa_nic,
+			  enum ef100_vdpa_mac_filter_type type)
+{
+	struct vdpa_device *vdev = &vdpa_nic->vdpa_dev;
+	struct efx_nic *efx = vdpa_nic->efx;
+	/* Configure filter on base Rx queue only */
+	u32 qid = EF100_VDPA_BASE_RX_QID;
+	struct efx_filter_spec *spec;
+	u8 baddr[ETH_ALEN];
+	int rc;
+
+	/* remove existing filter */
+	rc = ef100_vdpa_delete_filter(vdpa_nic, type);
+	if (rc < 0) {
+		dev_err(&vdev->dev, "%s MAC filter deletion failed, err: %d",
+			filter_names[type], rc);
+		return rc;
+	}
+
+	/* Configure MAC Filter */
+	spec = &vdpa_nic->filters[type].spec;
+	if (type == EF100_VDPA_BCAST_MAC_FILTER) {
+		eth_broadcast_addr(baddr);
+		rc = ef100_vdpa_set_mac_filter(efx, spec, qid, baddr);
+	} else if (type == EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER) {
+		rc = ef100_vdpa_set_mac_filter(efx, spec, qid, NULL);
+	} else {
+		/* Ensure we have a valid mac address */
+		if (!vdpa_nic->mac_configured ||
+		    !is_valid_ether_addr(vdpa_nic->mac_address))
+			return -EINVAL;
+
+		rc = ef100_vdpa_set_mac_filter(efx, spec, qid,
+					       vdpa_nic->mac_address);
+	}
+
+	if (rc >= 0) {
+		vdpa_nic->filters[type].filter_id = rc;
+		vdpa_nic->filter_cnt++;
+
+		return 0;
+	}
+
+	dev_err(&vdev->dev, "%s MAC filter insert failed, err: %d\n",
+		filter_names[type], rc);
+
+	if (type != EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER) {
+		ef100_vdpa_filter_remove(vdpa_nic);
+		return rc;
+	}
+
+	return 0;
+}
+
+int ef100_vdpa_filter_remove(struct ef100_vdpa_nic *vdpa_nic)
+{
+	enum ef100_vdpa_mac_filter_type filter;
+	int err = 0;
+	int rc;
+
+	for (filter = EF100_VDPA_BCAST_MAC_FILTER;
+	     filter <= EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER; filter++) {
+		rc = ef100_vdpa_delete_filter(vdpa_nic, filter);
+		if (rc < 0)
+			/* store status of last failed filter remove */
+			err = rc;
+	}
+	return err;
+}
+
+int ef100_vdpa_filter_configure(struct ef100_vdpa_nic *vdpa_nic)
+{
+	struct vdpa_device *vdev = &vdpa_nic->vdpa_dev;
+	enum ef100_vdpa_mac_filter_type filter;
+	int rc;
+
+	/* remove existing filters, if any */
+	rc = ef100_vdpa_filter_remove(vdpa_nic);
+	if (rc < 0) {
+		dev_err(&vdev->dev,
+			"MAC filter deletion failed, err: %d", rc);
+		goto fail;
+	}
+
+	for (filter = EF100_VDPA_BCAST_MAC_FILTER;
+	     filter <= EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER; filter++) {
+		if (filter == EF100_VDPA_UCAST_MAC_FILTER &&
+		    !vdpa_nic->mac_configured)
+			continue;
+		rc = ef100_vdpa_add_filter(vdpa_nic, filter);
+		if (rc < 0)
+			goto fail;
+	}
+fail:
+	return rc;
+}
+
 int ef100_vdpa_init(struct efx_probe_data *probe_data)
 {
 	struct efx_nic *efx = &probe_data->efx;
@@ -185,6 +339,9 @@ static struct ef100_vdpa_nic *ef100_vdpa_create(struct efx_nic *efx,
 		goto err_put_device;
 	}
 
+	for (i = 0; i < EF100_VDPA_MAC_FILTER_NTYPES; i++)
+		vdpa_nic->filters[i].filter_id = EFX_INVALID_FILTER_ID;
+
 	rc = get_net_config(vdpa_nic);
 	if (rc)
 		goto err_put_device;
diff --git a/drivers/net/ethernet/sfc/ef100_vdpa.h b/drivers/net/ethernet/sfc/ef100_vdpa.h
index 58791402e454..49fb6be04eb3 100644
--- a/drivers/net/ethernet/sfc/ef100_vdpa.h
+++ b/drivers/net/ethernet/sfc/ef100_vdpa.h
@@ -72,6 +72,22 @@ enum ef100_vdpa_vq_type {
 	EF100_VDPA_VQ_NTYPES
 };
 
+/**
+ * enum ef100_vdpa_mac_filter_type - vdpa filter types
+ *
+ * @EF100_VDPA_BCAST_MAC_FILTER: Broadcast MAC filter
+ * @EF100_VDPA_UCAST_MAC_FILTER: Unicast MAC filter
+ * @EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER: Unknown multicast MAC filter to allow
+ *	IPv6 Neighbor Solicitation Message
+ * @EF100_VDPA_MAC_FILTER_NTYPES: Number of vDPA filter types
+ */
+enum ef100_vdpa_mac_filter_type {
+	EF100_VDPA_BCAST_MAC_FILTER,
+	EF100_VDPA_UCAST_MAC_FILTER,
+	EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER,
+	EF100_VDPA_MAC_FILTER_NTYPES,
+};
+
 /**
  * struct ef100_vdpa_vring_info - vDPA vring data structure
  *
@@ -107,6 +123,17 @@ struct ef100_vdpa_vring_info {
 	struct vdpa_callback cb;
 };
 
+/**
+ * struct ef100_vdpa_filter - vDPA filter data structure
+ *
+ * @filter_id: filter id of this filter
+ * @efx_filter_spec: hardware filter specs for this vdpa device
+ */
+struct ef100_vdpa_filter {
+	s32 filter_id;
+	struct efx_filter_spec spec;
+};
+
 /**
  *  struct ef100_vdpa_nic - vDPA NIC data structure
  *
@@ -116,6 +143,7 @@ struct ef100_vdpa_vring_info {
  * @lock: Managing access to vdpa config operations
  * @pf_index: PF index of the vDPA VF
  * @vf_index: VF index of the vDPA VF
+ * @filter_cnt: total number of filters created on this vdpa device
  * @status: device status as per VIRTIO spec
  * @features: negotiated feature bits
  * @max_queue_pairs: maximum number of queue pairs supported
@@ -123,6 +151,7 @@ struct ef100_vdpa_vring_info {
  * @vring: vring information of the vDPA device.
  * @mac_address: mac address of interface associated with this vdpa device
  * @mac_configured: true after MAC address is configured
+ * @filters: details of all filters created on this vdpa device
  * @cfg_cb: callback for config change
  */
 struct ef100_vdpa_nic {
@@ -133,6 +162,7 @@ struct ef100_vdpa_nic {
 	struct mutex lock;
 	u32 pf_index;
 	u32 vf_index;
+	u32 filter_cnt;
 	u8 status;
 	u64 features;
 	u32 max_queue_pairs;
@@ -140,6 +170,7 @@ struct ef100_vdpa_nic {
 	struct ef100_vdpa_vring_info vring[EF100_VDPA_MAX_QUEUES_PAIRS * 2];
 	u8 *mac_address;
 	bool mac_configured;
+	struct ef100_vdpa_filter filters[EF100_VDPA_MAC_FILTER_NTYPES];
 	struct vdpa_callback cfg_cb;
 };
 
@@ -147,7 +178,10 @@ int ef100_vdpa_init(struct efx_probe_data *probe_data);
 void ef100_vdpa_fini(struct efx_probe_data *probe_data);
 int ef100_vdpa_register_mgmtdev(struct efx_nic *efx);
 void ef100_vdpa_unregister_mgmtdev(struct efx_nic *efx);
-void ef100_vdpa_irq_vectors_free(void *data);
+int ef100_vdpa_filter_configure(struct ef100_vdpa_nic *vdpa_nic);
+int ef100_vdpa_filter_remove(struct ef100_vdpa_nic *vdpa_nic);
+int ef100_vdpa_add_filter(struct ef100_vdpa_nic *vdpa_nic,
+			  enum ef100_vdpa_mac_filter_type type);
 int ef100_vdpa_init_vring(struct ef100_vdpa_nic *vdpa_nic, u16 idx);
 void ef100_vdpa_irq_vectors_free(void *data);
 int ef100_vdpa_reset(struct vdpa_device *vdev);
diff --git a/drivers/net/ethernet/sfc/ef100_vdpa_ops.c b/drivers/net/ethernet/sfc/ef100_vdpa_ops.c
index 95a2177f85a2..db86c2693950 100644
--- a/drivers/net/ethernet/sfc/ef100_vdpa_ops.c
+++ b/drivers/net/ethernet/sfc/ef100_vdpa_ops.c
@@ -261,6 +261,7 @@ static void ef100_reset_vdpa_device(struct ef100_vdpa_nic *vdpa_nic)
 	vdpa_nic->vdpa_state = EF100_VDPA_STATE_INITIALIZED;
 	vdpa_nic->status = 0;
 	vdpa_nic->features = 0;
+	ef100_vdpa_filter_remove(vdpa_nic);
 	for (i = 0; i < (vdpa_nic->max_queue_pairs * 2); i++)
 		reset_vring(vdpa_nic, i);
 	ef100_vdpa_irq_vectors_free(vdpa_nic->efx->pci_dev);
@@ -295,7 +296,7 @@ static int start_vdpa_device(struct ef100_vdpa_nic *vdpa_nic)
 	rc = ef100_vdpa_irq_vectors_alloc(efx->pci_dev,
 					  vdpa_nic->max_queue_pairs * 2);
 	if (rc < 0) {
-		pci_err(efx->pci_dev,
+		dev_err(&vdpa_nic->vdpa_dev.dev,
 			"vDPA IRQ alloc failed for vf: %u err:%d\n",
 			nic_data->vf_index, rc);
 		return rc;
@@ -309,9 +310,19 @@ static int start_vdpa_device(struct ef100_vdpa_nic *vdpa_nic)
 		}
 	}
 
+	rc = ef100_vdpa_filter_configure(vdpa_nic);
+	if (rc < 0) {
+		dev_err(&vdpa_nic->vdpa_dev.dev,
+			"%s: vdpa configure filter failed, err: %d\n",
+			__func__, rc);
+		goto err_filter_configure;
+	}
+
 	vdpa_nic->vdpa_state = EF100_VDPA_STATE_STARTED;
 	return 0;
 
+err_filter_configure:
+	ef100_vdpa_filter_remove(vdpa_nic);
 clear_vring:
 	for (j = 0; j < i; j++)
 		delete_vring(vdpa_nic, j);
@@ -680,8 +691,10 @@ static void ef100_vdpa_set_config(struct vdpa_device *vdev, unsigned int offset,
 	}
 
 	memcpy((u8 *)&vdpa_nic->net_config + offset, buf, len);
-	if (is_valid_ether_addr(vdpa_nic->mac_address))
+	if (is_valid_ether_addr(vdpa_nic->mac_address)) {
 		vdpa_nic->mac_configured = true;
+		ef100_vdpa_add_filter(vdpa_nic, EF100_VDPA_UCAST_MAC_FILTER);
+	}
 }
 
 static int ef100_vdpa_suspend(struct vdpa_device *vdev)
-- 
2.30.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ