lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20210413132448.4141787-1-ciorneiioana@gmail.com>
Date:   Tue, 13 Apr 2021 16:24:43 +0300
From:   Ioana Ciornei <ciorneiioana@...il.com>
To:     davem@...emloft.net, kuba@...nel.org, netdev@...r.kernel.org
Cc:     ruxandra.radulescu@....com, Ioana Ciornei <ioana.ciornei@....com>
Subject: [PATCH net-next 0/5] dpaa2-switch: add tc hardware offload on ingress traffic

From: Ioana Ciornei <ioana.ciornei@....com>

This patch set adds tc hardware offload on ingress traffic in
dpaa2-switch. The cls flower and matchall classifiers are supported
using the same ACL infrastructure supported by the dpaa2-switch.

The first patch creates a new structure to hold all the necessary
information related to an ACL table. This structure is used in the next
patches to create a link between each switch port and the table used.
Multiple ports can share the same ACL table when they also share the
ingress tc block. Also, some small changes in the priority of the
default STP trap is done in the second patch.

The support for cls flower is added in the 3rd patch, while the 4th
one builds on top of the infrastructure put in place and adds cls
matchall support.

The following flow keys are supported:
 - Ethernet: dst_mac/src_mac
 - IPv4: dst_ip/src_ip/ip_proto/tos
 - VLAN: vlan_id/vlan_prio/vlan_tpid/vlan_dei
 - L4: dst_port/src_port

Each filter can support only one action from the following list:
 - drop
 - mirred egress redirect
 - trap

With the last patch, we reuse the dpaa2_switch_acl_entry_add() function
added previously instead of open-coding the install of a new ACL entry
into the table.

Ioana Ciornei (5):
  dpaa2-switch: create a central dpaa2_switch_acl_tbl structure
  dpaa2-switch: install default STP trap rule with the highest priority
  dpaa2-switch: add tc flower hardware offload on ingress traffic
  dpaa2-switch: add tc matchall filter support
  dpaa2-switch: reuse dpaa2_switch_acl_entry_add() for STP frames trap

 drivers/net/ethernet/freescale/dpaa2/Makefile |   2 +-
 .../freescale/dpaa2/dpaa2-switch-flower.c     | 492 ++++++++++++++++++
 .../ethernet/freescale/dpaa2/dpaa2-switch.c   | 363 ++++++++++---
 .../ethernet/freescale/dpaa2/dpaa2-switch.h   |  64 ++-
 .../net/ethernet/freescale/dpaa2/dpsw-cmd.h   |   1 +
 drivers/net/ethernet/freescale/dpaa2/dpsw.c   |  35 ++
 drivers/net/ethernet/freescale/dpaa2/dpsw.h   |   3 +
 7 files changed, 893 insertions(+), 67 deletions(-)
 create mode 100644 drivers/net/ethernet/freescale/dpaa2/dpaa2-switch-flower.c

-- 
2.30.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ