| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230406065706.59664-11-gautam.dawar@amd.com>
Date: Thu, 6 Apr 2023 12:26:55 +0530
From: Gautam Dawar <gautam.dawar@....com>
To: <linux-net-drivers@....com>, <jasowang@...hat.com>,
Edward Cree <ecree.xilinx@...il.com>,
Martin Habets <habetsm.xilinx@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
"Jakub Kicinski" <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Richard Cochran <richardcochran@...il.com>,
<linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>
CC: <eperezma@...hat.com>, <harpreet.anand@....com>,
<tanuj.kamde@....com>, <koushik.dutta@....com>,
Gautam Dawar <gautam.dawar@....com>
Subject: [PATCH net-next v3 10/14] sfc: implement filters for receiving traffic
Implement unicast, broadcast and unknown multicast
filters for receiving different types of traffic.
Signed-off-by: Gautam Dawar <gautam.dawar@....com>
---
drivers/net/ethernet/sfc/ef100_vdpa.c | 162 ++++++++++++++++++++++
drivers/net/ethernet/sfc/ef100_vdpa.h | 36 ++++-
drivers/net/ethernet/sfc/ef100_vdpa_ops.c | 15 +-
3 files changed, 211 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/sfc/ef100_vdpa.c b/drivers/net/ethernet/sfc/ef100_vdpa.c
index 4ba57827a6cd..24c384832177 100644
--- a/drivers/net/ethernet/sfc/ef100_vdpa.c
+++ b/drivers/net/ethernet/sfc/ef100_vdpa.c
@@ -16,12 +16,171 @@
#include "mcdi_filters.h"
#include "mcdi_functions.h"
#include "ef100_netdev.h"
+#include "filter.h"
+#include "efx.h"
+#define EFX_INVALID_FILTER_ID -1
+
+/* vDPA queues starts from 2nd VI or qid 1 */
+#define EF100_VDPA_BASE_RX_QID 1
+
+static const char * const filter_names[] = { "bcast", "ucast", "mcast" };
static struct virtio_device_id ef100_vdpa_id_table[] = {
{ .device = VIRTIO_ID_NET, .vendor = PCI_VENDOR_ID_REDHAT_QUMRANET },
{ 0 },
};
+static int ef100_vdpa_set_mac_filter(struct efx_nic *efx,
+ struct efx_filter_spec *spec,
+ u32 qid, u8 *mac_addr)
+{
+ struct vdpa_device *vdev = &efx->vdpa_nic->vdpa_dev;
+ int rc;
+
+ efx_filter_init_rx(spec, EFX_FILTER_PRI_AUTO, 0, qid);
+
+ if (mac_addr) {
+ rc = efx_filter_set_eth_local(spec, EFX_FILTER_VID_UNSPEC,
+ mac_addr);
+ if (rc) {
+ dev_err(&vdev->dev,
+ "Filter set eth local failed, err: %d\n", rc);
+ return rc;
+ }
+ } else {
+ efx_filter_set_mc_def(spec);
+ }
+
+ rc = efx_filter_insert_filter(efx, spec, true);
+ if (rc < 0)
+ dev_err(&vdev->dev,
+ "Filter insert failed, err: %d\n", rc);
+
+ return rc;
+}
+
+static int ef100_vdpa_delete_filter(struct ef100_vdpa_nic *vdpa_nic,
+ enum ef100_vdpa_mac_filter_type type)
+{
+ struct vdpa_device *vdev = &vdpa_nic->vdpa_dev;
+ int rc = 0;
+
+ if (vdpa_nic->filters[type].filter_id == EFX_INVALID_FILTER_ID)
+ return rc;
+
+ rc = efx_filter_remove_id_safe(vdpa_nic->efx,
+ EFX_FILTER_PRI_AUTO,
+ vdpa_nic->filters[type].filter_id);
+ if (rc) {
+ dev_err(&vdev->dev, "%s filter id: %d remove failed, err: %d\n",
+ filter_names[type], vdpa_nic->filters[type].filter_id,
+ rc);
+ return rc;
+ }
+
+ vdpa_nic->filters[type].filter_id = EFX_INVALID_FILTER_ID;
+ vdpa_nic->filter_cnt--;
+
+ return 0;
+}
+
+int ef100_vdpa_add_filter(struct ef100_vdpa_nic *vdpa_nic,
+ enum ef100_vdpa_mac_filter_type type)
+{
+ struct vdpa_device *vdev = &vdpa_nic->vdpa_dev;
+ struct efx_nic *efx = vdpa_nic->efx;
+ /* Configure filter on base Rx queue only */
+ u32 qid = EF100_VDPA_BASE_RX_QID;
+ struct efx_filter_spec *spec;
+ u8 baddr[ETH_ALEN];
+ int rc;
+
+ /* remove existing filter */
+ rc = ef100_vdpa_delete_filter(vdpa_nic, type);
+ if (rc < 0) {
+ dev_err(&vdev->dev, "%s MAC filter deletion failed, err: %d",
+ filter_names[type], rc);
+ return rc;
+ }
+
+ /* Configure MAC Filter */
+ spec = &vdpa_nic->filters[type].spec;
+ if (type == EF100_VDPA_BCAST_MAC_FILTER) {
+ eth_broadcast_addr(baddr);
+ rc = ef100_vdpa_set_mac_filter(efx, spec, qid, baddr);
+ } else if (type == EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER) {
+ rc = ef100_vdpa_set_mac_filter(efx, spec, qid, NULL);
+ } else {
+ /* Ensure we have a valid mac address */
+ if (!vdpa_nic->mac_configured ||
+ !is_valid_ether_addr(vdpa_nic->mac_address)) {
+ dev_dbg(&vdev->dev,
+ "%s: unicast MAC not configured\n", __func__);
+ return -EINVAL;
+ }
+
+ rc = ef100_vdpa_set_mac_filter(efx, spec, qid,
+ vdpa_nic->mac_address);
+ }
+
+ if (rc >= 0) {
+ vdpa_nic->filters[type].filter_id = rc;
+ vdpa_nic->filter_cnt++;
+
+ return 0;
+ }
+
+ dev_err(&vdev->dev, "%s MAC filter insert failed, err: %d\n",
+ filter_names[type], rc);
+
+ if (type != EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER) {
+ ef100_vdpa_filter_remove(vdpa_nic);
+ return rc;
+ }
+
+ return 0;
+}
+
+int ef100_vdpa_filter_remove(struct ef100_vdpa_nic *vdpa_nic)
+{
+ enum ef100_vdpa_mac_filter_type filter;
+ int err = 0;
+ int rc;
+
+ for (filter = EF100_VDPA_BCAST_MAC_FILTER;
+ filter <= EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER; filter++) {
+ rc = ef100_vdpa_delete_filter(vdpa_nic, filter);
+ if (rc < 0)
+ /* store status of last failed filter remove */
+ err = rc;
+ }
+ return err;
+}
+
+int ef100_vdpa_filter_configure(struct ef100_vdpa_nic *vdpa_nic)
+{
+ struct vdpa_device *vdev = &vdpa_nic->vdpa_dev;
+ enum ef100_vdpa_mac_filter_type filter;
+ int rc;
+
+ /* remove existing filters, if any */
+ rc = ef100_vdpa_filter_remove(vdpa_nic);
+ if (rc < 0) {
+ dev_err(&vdev->dev,
+ "MAC filter deletion failed, err: %d", rc);
+ return rc;
+ }
+
+ for (filter = EF100_VDPA_BCAST_MAC_FILTER;
+ filter <= EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER; filter++) {
+ rc = ef100_vdpa_add_filter(vdpa_nic, filter);
+ if (rc < 0)
+ return rc;
+ }
+
+ return 0;
+}
+
int ef100_vdpa_init(struct efx_probe_data *probe_data)
{
struct efx_nic *efx = &probe_data->efx;
@@ -185,6 +344,9 @@ static struct ef100_vdpa_nic *ef100_vdpa_create(struct efx_nic *efx,
goto err_put_device;
}
+ for (i = 0; i < EF100_VDPA_MAC_FILTER_NTYPES; i++)
+ vdpa_nic->filters[i].filter_id = EFX_INVALID_FILTER_ID;
+
rc = get_net_config(vdpa_nic);
if (rc)
goto err_put_device;
diff --git a/drivers/net/ethernet/sfc/ef100_vdpa.h b/drivers/net/ethernet/sfc/ef100_vdpa.h
index d2d457692008..cf86e1dde2a2 100644
--- a/drivers/net/ethernet/sfc/ef100_vdpa.h
+++ b/drivers/net/ethernet/sfc/ef100_vdpa.h
@@ -73,6 +73,22 @@ enum ef100_vdpa_vq_type {
EF100_VDPA_VQ_NTYPES
};
+/**
+ * enum ef100_vdpa_mac_filter_type - vdpa filter types
+ *
+ * @EF100_VDPA_BCAST_MAC_FILTER: Broadcast MAC filter
+ * @EF100_VDPA_UCAST_MAC_FILTER: Unicast MAC filter
+ * @EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER: Unknown multicast MAC filter to allow
+ * IPv6 Neighbor Solicitation Message
+ * @EF100_VDPA_MAC_FILTER_NTYPES: Number of vDPA filter types
+ */
+enum ef100_vdpa_mac_filter_type {
+ EF100_VDPA_BCAST_MAC_FILTER,
+ EF100_VDPA_UCAST_MAC_FILTER,
+ EF100_VDPA_UNKNOWN_MCAST_MAC_FILTER,
+ EF100_VDPA_MAC_FILTER_NTYPES,
+};
+
/**
* struct ef100_vdpa_vring_info - vDPA vring data structure
*
@@ -108,6 +124,17 @@ struct ef100_vdpa_vring_info {
struct vdpa_callback cb;
};
+/**
+ * struct ef100_vdpa_filter - vDPA filter data structure
+ *
+ * @filter_id: filter id of this filter
+ * @efx_filter_spec: hardware filter specs for this vdpa device
+ */
+struct ef100_vdpa_filter {
+ s32 filter_id;
+ struct efx_filter_spec spec;
+};
+
/**
* struct ef100_vdpa_nic - vDPA NIC data structure
*
@@ -117,6 +144,7 @@ struct ef100_vdpa_vring_info {
* @lock: Managing access to vdpa config operations
* @pf_index: PF index of the vDPA VF
* @vf_index: VF index of the vDPA VF
+ * @filter_cnt: total number of filters created on this vdpa device
* @status: device status as per VIRTIO spec
* @features: negotiated feature bits
* @max_queue_pairs: maximum number of queue pairs supported
@@ -124,6 +152,7 @@ struct ef100_vdpa_vring_info {
* @vring: vring information of the vDPA device.
* @mac_address: mac address of interface associated with this vdpa device
* @mac_configured: true after MAC address is configured
+ * @filters: details of all filters created on this vdpa device
* @cfg_cb: callback for config change
*/
struct ef100_vdpa_nic {
@@ -134,6 +163,7 @@ struct ef100_vdpa_nic {
struct mutex lock;
u32 pf_index;
u32 vf_index;
+ u32 filter_cnt;
u8 status;
u64 features;
u32 max_queue_pairs;
@@ -141,6 +171,7 @@ struct ef100_vdpa_nic {
struct ef100_vdpa_vring_info vring[EF100_VDPA_MAX_QUEUES_PAIRS * 2];
u8 *mac_address;
bool mac_configured;
+ struct ef100_vdpa_filter filters[EF100_VDPA_MAC_FILTER_NTYPES];
struct vdpa_callback cfg_cb;
};
@@ -148,7 +179,10 @@ int ef100_vdpa_init(struct efx_probe_data *probe_data);
void ef100_vdpa_fini(struct efx_probe_data *probe_data);
int ef100_vdpa_register_mgmtdev(struct efx_nic *efx);
void ef100_vdpa_unregister_mgmtdev(struct efx_nic *efx);
-void ef100_vdpa_irq_vectors_free(void *data);
+int ef100_vdpa_filter_configure(struct ef100_vdpa_nic *vdpa_nic);
+int ef100_vdpa_filter_remove(struct ef100_vdpa_nic *vdpa_nic);
+int ef100_vdpa_add_filter(struct ef100_vdpa_nic *vdpa_nic,
+ enum ef100_vdpa_mac_filter_type type);
int ef100_vdpa_init_vring(struct ef100_vdpa_nic *vdpa_nic, u16 idx);
void ef100_vdpa_irq_vectors_free(void *data);
int ef100_vdpa_reset(struct vdpa_device *vdev);
diff --git a/drivers/net/ethernet/sfc/ef100_vdpa_ops.c b/drivers/net/ethernet/sfc/ef100_vdpa_ops.c
index 13f657d56578..b3b3ae42541c 100644
--- a/drivers/net/ethernet/sfc/ef100_vdpa_ops.c
+++ b/drivers/net/ethernet/sfc/ef100_vdpa_ops.c
@@ -261,6 +261,7 @@ static void ef100_reset_vdpa_device(struct ef100_vdpa_nic *vdpa_nic)
vdpa_nic->vdpa_state = EF100_VDPA_STATE_INITIALIZED;
vdpa_nic->status = 0;
vdpa_nic->features = 0;
+ ef100_vdpa_filter_remove(vdpa_nic);
for (i = 0; i < (vdpa_nic->max_queue_pairs * 2); i++)
reset_vring(vdpa_nic, i);
ef100_vdpa_irq_vectors_free(vdpa_nic->efx->pci_dev);
@@ -309,9 +310,19 @@ static int start_vdpa_device(struct ef100_vdpa_nic *vdpa_nic)
}
}
+ rc = ef100_vdpa_filter_configure(vdpa_nic);
+ if (rc < 0) {
+ dev_err(&vdpa_nic->vdpa_dev.dev,
+ "%s: vdpa configure filter failed, err: %d\n",
+ __func__, rc);
+ goto err_filter_configure;
+ }
+
vdpa_nic->vdpa_state = EF100_VDPA_STATE_STARTED;
return 0;
+err_filter_configure:
+ ef100_vdpa_filter_remove(vdpa_nic);
clear_vring:
for (j = 0; j < i; j++)
delete_vring(vdpa_nic, j);
@@ -679,8 +690,10 @@ static void ef100_vdpa_set_config(struct vdpa_device *vdev, unsigned int offset,
}
memcpy((u8 *)&vdpa_nic->net_config + offset, buf, len);
- if (is_valid_ether_addr(vdpa_nic->mac_address))
+ if (is_valid_ether_addr(vdpa_nic->mac_address)) {
vdpa_nic->mac_configured = true;
+ ef100_vdpa_add_filter(vdpa_nic, EF100_VDPA_UCAST_MAC_FILTER);
+ }
}
static int ef100_vdpa_suspend(struct vdpa_device *vdev)
--
2.30.1
Powered by blists - more mailing lists