| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200714142106.386354-7-idosch@idosch.org>
Date: Tue, 14 Jul 2020 17:20:59 +0300
From: Ido Schimmel <idosch@...sch.org>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org, jiri@...lanox.com,
petrm@...lanox.com, amitc@...lanox.com, mlxsw@...lanox.com,
Ido Schimmel <idosch@...lanox.com>
Subject: [PATCH net-next 06/13] mlxsw: spectrum_span: Add support for mirroring towards CPU port
From: Ido Schimmel <idosch@...lanox.com>
The Spectrum-2 and Spectrum-3 ASICs are able to mirror packets towards
the CPU. These packets are then trapped like any other packet, but with
a special packet trap and additional metadata such as why the packet was
mirrored.
The ability to mirror packets towards the CPU will be utilized by a
subsequent patch set that will mirror packets that were dropped by the
ASIC for various buffer-related reasons, such as tail-drop and
early-drop.
Add mirroring towards the CPU as a new SPAN agent type and re-use the
functions that mirror to a physical port where possible.
Reviewed-by: Jiri Pirko <jiri@...lanox.com>
Signed-off-by: Petr Machata <petrm@...lanox.com>
Signed-off-by: Ido Schimmel <idosch@...lanox.com>
---
.../ethernet/mellanox/mlxsw/spectrum_span.c | 88 +++++++++++++++++++
1 file changed, 88 insertions(+)
diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c
index 0ef9505d336f..0336edb29cc3 100644
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c
@@ -128,6 +128,38 @@ void mlxsw_sp_span_fini(struct mlxsw_sp *mlxsw_sp)
kfree(mlxsw_sp->span);
}
+static bool mlxsw_sp1_span_cpu_can_handle(const struct net_device *dev)
+{
+ return !dev;
+}
+
+static int mlxsw_sp1_span_entry_cpu_parms(struct mlxsw_sp *mlxsw_sp,
+ const struct net_device *to_dev,
+ struct mlxsw_sp_span_parms *sparmsp)
+{
+ return -EOPNOTSUPP;
+}
+
+static int
+mlxsw_sp1_span_entry_cpu_configure(struct mlxsw_sp_span_entry *span_entry,
+ struct mlxsw_sp_span_parms sparms)
+{
+ return -EOPNOTSUPP;
+}
+
+static void
+mlxsw_sp1_span_entry_cpu_deconfigure(struct mlxsw_sp_span_entry *span_entry)
+{
+}
+
+static const
+struct mlxsw_sp_span_entry_ops mlxsw_sp1_span_entry_ops_cpu = {
+ .can_handle = mlxsw_sp1_span_cpu_can_handle,
+ .parms_set = mlxsw_sp1_span_entry_cpu_parms,
+ .configure = mlxsw_sp1_span_entry_cpu_configure,
+ .deconfigure = mlxsw_sp1_span_entry_cpu_deconfigure,
+};
+
static int
mlxsw_sp_span_entry_phys_parms(struct mlxsw_sp *mlxsw_sp,
const struct net_device *to_dev,
@@ -633,6 +665,7 @@ struct mlxsw_sp_span_entry_ops mlxsw_sp_span_entry_ops_vlan = {
static const
struct mlxsw_sp_span_entry_ops *mlxsw_sp1_span_entry_ops_arr[] = {
+ &mlxsw_sp1_span_entry_ops_cpu,
&mlxsw_sp_span_entry_ops_phys,
#if IS_ENABLED(CONFIG_NET_IPGRE)
&mlxsw_sp_span_entry_ops_gretap4,
@@ -643,8 +676,49 @@ struct mlxsw_sp_span_entry_ops *mlxsw_sp1_span_entry_ops_arr[] = {
&mlxsw_sp_span_entry_ops_vlan,
};
+static bool mlxsw_sp2_span_cpu_can_handle(const struct net_device *dev)
+{
+ return !dev;
+}
+
+static int mlxsw_sp2_span_entry_cpu_parms(struct mlxsw_sp *mlxsw_sp,
+ const struct net_device *to_dev,
+ struct mlxsw_sp_span_parms *sparmsp)
+{
+ sparmsp->dest_port = mlxsw_sp->ports[MLXSW_PORT_CPU_PORT];
+ return 0;
+}
+
+static int
+mlxsw_sp2_span_entry_cpu_configure(struct mlxsw_sp_span_entry *span_entry,
+ struct mlxsw_sp_span_parms sparms)
+{
+ /* Mirroring to the CPU port is like mirroring to any other physical
+ * port. Its local port is used instead of that of the physical port.
+ */
+ return mlxsw_sp_span_entry_phys_configure(span_entry, sparms);
+}
+
+static void
+mlxsw_sp2_span_entry_cpu_deconfigure(struct mlxsw_sp_span_entry *span_entry)
+{
+ enum mlxsw_reg_mpat_span_type span_type;
+
+ span_type = MLXSW_REG_MPAT_SPAN_TYPE_LOCAL_ETH;
+ mlxsw_sp_span_entry_deconfigure_common(span_entry, span_type);
+}
+
+static const
+struct mlxsw_sp_span_entry_ops mlxsw_sp2_span_entry_ops_cpu = {
+ .can_handle = mlxsw_sp2_span_cpu_can_handle,
+ .parms_set = mlxsw_sp2_span_entry_cpu_parms,
+ .configure = mlxsw_sp2_span_entry_cpu_configure,
+ .deconfigure = mlxsw_sp2_span_entry_cpu_deconfigure,
+};
+
static const
struct mlxsw_sp_span_entry_ops *mlxsw_sp2_span_entry_ops_arr[] = {
+ &mlxsw_sp2_span_entry_ops_cpu,
&mlxsw_sp_span_entry_ops_phys,
#if IS_ENABLED(CONFIG_NET_IPGRE)
&mlxsw_sp_span_entry_ops_gretap4,
@@ -1540,6 +1614,13 @@ static int mlxsw_sp1_span_init(struct mlxsw_sp *mlxsw_sp)
{
size_t arr_size = ARRAY_SIZE(mlxsw_sp1_span_entry_ops_arr);
+ /* Must be first to avoid NULL pointer dereference by subsequent
+ * can_handle() callbacks.
+ */
+ if (WARN_ON(mlxsw_sp1_span_entry_ops_arr[0] !=
+ &mlxsw_sp1_span_entry_ops_cpu))
+ return -EINVAL;
+
mlxsw_sp->span->span_trigger_ops_arr = mlxsw_sp1_span_trigger_ops_arr;
mlxsw_sp->span->span_entry_ops_arr = mlxsw_sp1_span_entry_ops_arr;
mlxsw_sp->span->span_entry_ops_arr_size = arr_size;
@@ -1561,6 +1642,13 @@ static int mlxsw_sp2_span_init(struct mlxsw_sp *mlxsw_sp)
{
size_t arr_size = ARRAY_SIZE(mlxsw_sp2_span_entry_ops_arr);
+ /* Must be first to avoid NULL pointer dereference by subsequent
+ * can_handle() callbacks.
+ */
+ if (WARN_ON(mlxsw_sp2_span_entry_ops_arr[0] !=
+ &mlxsw_sp2_span_entry_ops_cpu))
+ return -EINVAL;
+
mlxsw_sp->span->span_trigger_ops_arr = mlxsw_sp2_span_trigger_ops_arr;
mlxsw_sp->span->span_entry_ops_arr = mlxsw_sp2_span_entry_ops_arr;
mlxsw_sp->span->span_entry_ops_arr_size = arr_size;
--
2.26.2
Powered by blists - more mailing lists