| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230412040752.14220-1-saeed@kernel.org>
Date: Tue, 11 Apr 2023 21:07:37 -0700
From: Saeed Mahameed <saeed@...nel.org>
To: "David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Eric Dumazet <edumazet@...gle.com>
Cc: Saeed Mahameed <saeedm@...dia.com>, netdev@...r.kernel.org,
Tariq Toukan <tariqt@...dia.com>
Subject: [pull request][net-next 00/15] mlx5 updates 2023-04-11
From: Saeed Mahameed <saeedm@...dia.com>
This series provides some updates to mlx5 driver
For more information please see detailed tag log below.
Please pull and let me know if there is any problem.
Thanks,
Saeed.
The following changes since commit 4de00f0acc722f43046dca06fe1336597d1250ab:
gve: Unify duplicate GQ min pkt desc size constants (2023-04-11 15:47:14 +0200)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux.git tags/mlx5-updates-2023-04-11
for you to fetch changes up to 108ff8215b55903545abafa198f83624a20f44c8:
net/mlx5: DR, Add modify-header-pattern ICM pool (2023-04-11 20:57:38 -0700)
----------------------------------------------------------------
mlx5-updates-2023-04-11
1) Vlad adds the support for linux bridge multicast offload support
Patches #1 through #9
Synopsis
Vlad Says:
==============
Implement support of bridge multicast offload in mlx5. Handle port object
attribute SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED notification to toggle multicast
offload and bridge snooping support on bridge. Handle port object
SWITCHDEV_OBJ_ID_PORT_MDB notification to attach a bridge port to MDB.
Steering architecture
Existing offload infrastructure relies on two levels of flow tables - bridge
ingress and egress. For multicast offload the architecture is extended with
additional layer of per-port multicast replication tables. Such tables filter
loopback traffic (so packets are not replicated to their source port) and pop
VLAN headers for "untagged" VLANs. The tables are referenced by the MDB rules in
egress table. MDB egress rule can point to multiple per-port multicast tables,
which causes matching multicast traffic to be replicated to all of them, and,
consecutively, to several bridge ports:
+--------+--+
+---------------------------------------> Port 1 | |
| +-^------+--+
| |
| |
+-----------------------------------------+ | +---------------------------+ |
| EGRESS table | | +--> PORT 1 multicast table | |
+----------------------------------+ +-----------------------------------------+ | | +---------------------------+ |
| INGRESS table | | | | | | | |
+----------------------------------+ | dst_mac=P1,vlan=X -> pop vlan, goto P1 +--+ | | FG0: | |
| | | dst_mac=P1,vlan=Y -> pop vlan, goto P1 | | | src_port=dst_port -> drop | |
| src_mac=M1,vlan=X -> goto egress +---> dst_mac=P2,vlan=X -> pop vlan, goto P2 +--+ | | FG1: | |
| ... | | dst_mac=P2,vlan=Y -> goto P2 | | | | VLAN X -> pop, goto port | |
| | | dst_mac=MDB1,vlan=Y -> goto mcast P1,P2 +-----+ | ... | |
+----------------------------------+ | | | | | VLAN Y -> pop, goto port +-------+
+-----------------------------------------+ | | | FG3: |
| | | matchall -> goto port |
| | | |
| | +---------------------------+
| |
| |
| | +--------+--+
+---------------------------------------> Port 2 | |
| +-^------+--+
| |
| |
| +---------------------------+ |
+--> PORT 2 multicast table | |
+---------------------------+ |
| | |
| FG0: | |
| src_port=dst_port -> drop | |
| FG1: | |
| VLAN X -> pop, goto port | |
| ... | |
| | |
| FG3: | |
| matchall -> goto port +-------+
| |
+---------------------------+
Patches overview:
- Patch 1 adds hardware definition bits for capabilities required to replicate
multicast packets to multiple per-port tables. These bits are used by
following patches to only attempt multicast offload if firmware and hardware
provide necessary support.
- Pathces 2-4 patches are preparations and refactoring.
- Patch 5 implements necessary infrastructure to toggle multicast offload
via SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED port object attribute notification.
This also enabled IGMP and MLD snooping.
- Patch 6 implements per-port multicast replication tables. It only supports
filtering of loopback packets.
- Patch 7 extends per-port multicast tables with VLAN pop support for 'untagged'
VLANs.
- Patch 8 handles SWITCHDEV_OBJ_ID_PORT_MDB port object notifications. It
creates MDB replication rules in egress table that can replicate packets to
multiple per-port multicast tables.
- Patch 9 adds tracepoints for MDB events.
==============
2) Parav Create a new allocation profile for SFs, to save on memory
3) Yevgeny provides some initial patches for upcoming software steering
support new pattern/arguments type of modify_header actions.
Starting with ConnectX-6 DX, we use a new design of modify_header FW object.
The current modify_header object allows for having only limited number of
these FW objects, which means that we are limited in the number of offloaded
flows that require modify_header action.
As a preparation Yevgeny provides the following 4 patches:
- Patch 1: Add required mlx5_ifc HW bits
- Patch 2, 3: Add new WQE type and opcode that is required for pattern/arg
support and adds appropriate support in dr_send.c
- Patch 4: Add ICM pool for modify-header-pattern objects and implement
patterns cache, allowing patterns reuse for different flows
----------------------------------------------------------------
Parav Pandit (1):
net/mlx5: Create a new profile for SFs
Vlad Buslov (9):
net/mlx5: Add mlx5_ifc definitions for bridge multicast support
net/mlx5: Bridge, increase bridge tables sizes
net/mlx5: Bridge, move additional data structures to priv header
net/mlx5: Bridge, extract code to lookup parent bridge of port
net/mlx5: Bridge, snoop igmp/mld packets
net/mlx5: Bridge, add per-port multicast replication tables
net/mlx5: Bridge, support multicast VLAN pop
net/mlx5: Bridge, implement mdb offload
net/mlx5: Bridge, add tracepoints for multicast
Yevgeny Kliteynik (5):
net/mlx5: DR, Set counter ID on the last STE for STEv1 TX
net/mlx5: Add mlx5_ifc bits for modify header argument
net/mlx5: Add new WQE for updating flow table
net/mlx5: DR, Prepare sending new WQE type
net/mlx5: DR, Add modify-header-pattern ICM pool
drivers/net/ethernet/mellanox/mlx5/core/Makefile | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 6 +-
.../ethernet/mellanox/mlx5/core/en/rep/bridge.c | 16 +
.../net/ethernet/mellanox/mlx5/core/esw/bridge.c | 287 +++--
.../net/ethernet/mellanox/mlx5/core/esw/bridge.h | 17 +
.../ethernet/mellanox/mlx5/core/esw/bridge_mcast.c | 1126 ++++++++++++++++++++
.../ethernet/mellanox/mlx5/core/esw/bridge_priv.h | 181 ++++
.../mlx5/core/esw/diag/bridge_tracepoint.h | 35 +
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/main.c | 9 +
.../net/ethernet/mellanox/mlx5/core/mlx5_core.h | 1 +
.../ethernet/mellanox/mlx5/core/sf/dev/driver.c | 2 +-
.../ethernet/mellanox/mlx5/core/steering/dr_cmd.c | 6 +
.../mellanox/mlx5/core/steering/dr_domain.c | 45 +-
.../mellanox/mlx5/core/steering/dr_icm_pool.c | 41 +-
.../ethernet/mellanox/mlx5/core/steering/dr_ptrn.c | 43 +
.../ethernet/mellanox/mlx5/core/steering/dr_send.c | 60 +-
.../mellanox/mlx5/core/steering/dr_ste_v1.c | 7 +-
.../mellanox/mlx5/core/steering/dr_types.h | 11 +
include/linux/mlx5/device.h | 2 +
include/linux/mlx5/driver.h | 1 +
include/linux/mlx5/mlx5_ifc.h | 35 +-
include/linux/mlx5/qp.h | 10 +
23 files changed, 1783 insertions(+), 164 deletions(-)
create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/esw/bridge_mcast.c
create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/steering/dr_ptrn.c
Powered by blists - more mailing lists