]> git.proxmox.com Git - mirror_ubuntu-eoan-kernel.git/blob - drivers/net/ethernet/mellanox/mlx5/core/eswitch.c
projects / mirror_ubuntu-eoan-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'omap-for-v5.0/fixes-rc7-signed' of git://git.kernel.org/pub/scm/linux...
[mirror_ubuntu-eoan-kernel.git] / drivers / net / ethernet / mellanox / mlx5 / core / eswitch.c
1 /*
2 * Copyright (c) 2015, Mellanox Technologies. All rights reserved.
3 *
4 * This software is available to you under a choice of one of two
5 * licenses. You may choose to be licensed under the terms of the GNU
6 * General Public License (GPL) Version 2, available from the file
7 * COPYING in the main directory of this source tree, or the
8 * OpenIB.org BSD license below:
9 *
10 * Redistribution and use in source and binary forms, with or
11 * without modification, are permitted provided that the following
12 * conditions are met:
13 *
14 * - Redistributions of source code must retain the above
15 * copyright notice, this list of conditions and the following
16 * disclaimer.
17 *
18 * - Redistributions in binary form must reproduce the above
19 * copyright notice, this list of conditions and the following
20 * disclaimer in the documentation and/or other materials
21 * provided with the distribution.
22 *
23 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
27 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
29 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
30 * SOFTWARE.
31 */
32
33 #include <linux/etherdevice.h>
34 #include <linux/mlx5/driver.h>
35 #include <linux/mlx5/mlx5_ifc.h>
36 #include <linux/mlx5/vport.h>
37 #include <linux/mlx5/fs.h>
38 #include "mlx5_core.h"
39 #include "lib/eq.h"
40 #include "eswitch.h"
41 #include "fs_core.h"
42
43 #define UPLINK_VPORT 0xFFFF
44
45 enum {
46 MLX5_ACTION_NONE = 0,
47 MLX5_ACTION_ADD = 1,
48 MLX5_ACTION_DEL = 2,
49 };
50
51 /* Vport UC/MC hash node */
52 struct vport_addr {
53 struct l2addr_node node;
54 u8 action;
55 u32 vport;
56 struct mlx5_flow_handle *flow_rule;
57 bool mpfs; /* UC MAC was added to MPFs */
58 /* A flag indicating that mac was added due to mc promiscuous vport */
59 bool mc_promisc;
60 };
61
62 enum {
63 UC_ADDR_CHANGE = BIT(0),
64 MC_ADDR_CHANGE = BIT(1),
65 PROMISC_CHANGE = BIT(3),
66 };
67
68 /* Vport context events */
69 #define SRIOV_VPORT_EVENTS (UC_ADDR_CHANGE | \
70 MC_ADDR_CHANGE | \
71 PROMISC_CHANGE)
72
73 static int arm_vport_context_events_cmd(struct mlx5_core_dev *dev, u16 vport,
74 u32 events_mask)
75 {
76 int in[MLX5_ST_SZ_DW(modify_nic_vport_context_in)] = {0};
77 int out[MLX5_ST_SZ_DW(modify_nic_vport_context_out)] = {0};
78 void *nic_vport_ctx;
79
80 MLX5_SET(modify_nic_vport_context_in, in,
81 opcode, MLX5_CMD_OP_MODIFY_NIC_VPORT_CONTEXT);
82 MLX5_SET(modify_nic_vport_context_in, in, field_select.change_event, 1);
83 MLX5_SET(modify_nic_vport_context_in, in, vport_number, vport);
84 if (vport)
85 MLX5_SET(modify_nic_vport_context_in, in, other_vport, 1);
86 nic_vport_ctx = MLX5_ADDR_OF(modify_nic_vport_context_in,
87 in, nic_vport_context);
88
89 MLX5_SET(nic_vport_context, nic_vport_ctx, arm_change_event, 1);
90
91 if (events_mask & UC_ADDR_CHANGE)
92 MLX5_SET(nic_vport_context, nic_vport_ctx,
93 event_on_uc_address_change, 1);
94 if (events_mask & MC_ADDR_CHANGE)
95 MLX5_SET(nic_vport_context, nic_vport_ctx,
96 event_on_mc_address_change, 1);
97 if (events_mask & PROMISC_CHANGE)
98 MLX5_SET(nic_vport_context, nic_vport_ctx,
99 event_on_promisc_change, 1);
100
101 return mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out));
102 }
103
104 /* E-Switch vport context HW commands */
105 static int modify_esw_vport_context_cmd(struct mlx5_core_dev *dev, u16 vport,
106 void *in, int inlen)
107 {
108 u32 out[MLX5_ST_SZ_DW(modify_esw_vport_context_out)] = {0};
109
110 MLX5_SET(modify_esw_vport_context_in, in, opcode,
111 MLX5_CMD_OP_MODIFY_ESW_VPORT_CONTEXT);
112 MLX5_SET(modify_esw_vport_context_in, in, vport_number, vport);
113 if (vport)
114 MLX5_SET(modify_esw_vport_context_in, in, other_vport, 1);
115 return mlx5_cmd_exec(dev, in, inlen, out, sizeof(out));
116 }
117
118 static int modify_esw_vport_cvlan(struct mlx5_core_dev *dev, u32 vport,
119 u16 vlan, u8 qos, u8 set_flags)
120 {
121 u32 in[MLX5_ST_SZ_DW(modify_esw_vport_context_in)] = {0};
122
123 if (!MLX5_CAP_ESW(dev, vport_cvlan_strip) ||
124 !MLX5_CAP_ESW(dev, vport_cvlan_insert_if_not_exist))
125 return -EOPNOTSUPP;
126
127 esw_debug(dev, "Set Vport[%d] VLAN %d qos %d set=%x\n",
128 vport, vlan, qos, set_flags);
129
130 if (set_flags & SET_VLAN_STRIP)
131 MLX5_SET(modify_esw_vport_context_in, in,
132 esw_vport_context.vport_cvlan_strip, 1);
133
134 if (set_flags & SET_VLAN_INSERT) {
135 /* insert only if no vlan in packet */
136 MLX5_SET(modify_esw_vport_context_in, in,
137 esw_vport_context.vport_cvlan_insert, 1);
138
139 MLX5_SET(modify_esw_vport_context_in, in,
140 esw_vport_context.cvlan_pcp, qos);
141 MLX5_SET(modify_esw_vport_context_in, in,
142 esw_vport_context.cvlan_id, vlan);
143 }
144
145 MLX5_SET(modify_esw_vport_context_in, in,
146 field_select.vport_cvlan_strip, 1);
147 MLX5_SET(modify_esw_vport_context_in, in,
148 field_select.vport_cvlan_insert, 1);
149
150 return modify_esw_vport_context_cmd(dev, vport, in, sizeof(in));
151 }
152
153 /* E-Switch FDB */
154 static struct mlx5_flow_handle *
155 __esw_fdb_set_vport_rule(struct mlx5_eswitch *esw, u32 vport, bool rx_rule,
156 u8 mac_c[ETH_ALEN], u8 mac_v[ETH_ALEN])
157 {
158 int match_header = (is_zero_ether_addr(mac_c) ? 0 :
159 MLX5_MATCH_OUTER_HEADERS);
160 struct mlx5_flow_handle *flow_rule = NULL;
161 struct mlx5_flow_act flow_act = {0};
162 struct mlx5_flow_destination dest = {};
163 struct mlx5_flow_spec *spec;
164 void *mv_misc = NULL;
165 void *mc_misc = NULL;
166 u8 *dmac_v = NULL;
167 u8 *dmac_c = NULL;
168
169 if (rx_rule)
170 match_header |= MLX5_MATCH_MISC_PARAMETERS;
171
172 spec = kvzalloc(sizeof(*spec), GFP_KERNEL);
173 if (!spec)
174 return NULL;
175
176 dmac_v = MLX5_ADDR_OF(fte_match_param, spec->match_value,
177 outer_headers.dmac_47_16);
178 dmac_c = MLX5_ADDR_OF(fte_match_param, spec->match_criteria,
179 outer_headers.dmac_47_16);
180
181 if (match_header & MLX5_MATCH_OUTER_HEADERS) {
182 ether_addr_copy(dmac_v, mac_v);
183 ether_addr_copy(dmac_c, mac_c);
184 }
185
186 if (match_header & MLX5_MATCH_MISC_PARAMETERS) {
187 mv_misc = MLX5_ADDR_OF(fte_match_param, spec->match_value,
188 misc_parameters);
189 mc_misc = MLX5_ADDR_OF(fte_match_param, spec->match_criteria,
190 misc_parameters);
191 MLX5_SET(fte_match_set_misc, mv_misc, source_port, UPLINK_VPORT);
192 MLX5_SET_TO_ONES(fte_match_set_misc, mc_misc, source_port);
193 }
194
195 dest.type = MLX5_FLOW_DESTINATION_TYPE_VPORT;
196 dest.vport.num = vport;
197
198 esw_debug(esw->dev,
199 "\tFDB add rule dmac_v(%pM) dmac_c(%pM) -> vport(%d)\n",
200 dmac_v, dmac_c, vport);
201 spec->match_criteria_enable = match_header;
202 flow_act.action = MLX5_FLOW_CONTEXT_ACTION_FWD_DEST;
203 flow_rule =
204 mlx5_add_flow_rules(esw->fdb_table.legacy.fdb, spec,
205 &flow_act, &dest, 1);
206 if (IS_ERR(flow_rule)) {
207 esw_warn(esw->dev,
208 "FDB: Failed to add flow rule: dmac_v(%pM) dmac_c(%pM) -> vport(%d), err(%ld)\n",
209 dmac_v, dmac_c, vport, PTR_ERR(flow_rule));
210 flow_rule = NULL;
211 }
212
213 kvfree(spec);
214 return flow_rule;
215 }
216
217 static struct mlx5_flow_handle *
218 esw_fdb_set_vport_rule(struct mlx5_eswitch *esw, u8 mac[ETH_ALEN], u32 vport)
219 {
220 u8 mac_c[ETH_ALEN];
221
222 eth_broadcast_addr(mac_c);
223 return __esw_fdb_set_vport_rule(esw, vport, false, mac_c, mac);
224 }
225
226 static struct mlx5_flow_handle *
227 esw_fdb_set_vport_allmulti_rule(struct mlx5_eswitch *esw, u32 vport)
228 {
229 u8 mac_c[ETH_ALEN];
230 u8 mac_v[ETH_ALEN];
231
232 eth_zero_addr(mac_c);
233 eth_zero_addr(mac_v);
234 mac_c[0] = 0x01;
235 mac_v[0] = 0x01;
236 return __esw_fdb_set_vport_rule(esw, vport, false, mac_c, mac_v);
237 }
238
239 static struct mlx5_flow_handle *
240 esw_fdb_set_vport_promisc_rule(struct mlx5_eswitch *esw, u32 vport)
241 {
242 u8 mac_c[ETH_ALEN];
243 u8 mac_v[ETH_ALEN];
244
245 eth_zero_addr(mac_c);
246 eth_zero_addr(mac_v);
247 return __esw_fdb_set_vport_rule(esw, vport, true, mac_c, mac_v);
248 }
249
250 static int esw_create_legacy_fdb_table(struct mlx5_eswitch *esw)
251 {
252 int inlen = MLX5_ST_SZ_BYTES(create_flow_group_in);
253 struct mlx5_flow_table_attr ft_attr = {};
254 struct mlx5_core_dev *dev = esw->dev;
255 struct mlx5_flow_namespace *root_ns;
256 struct mlx5_flow_table *fdb;
257 struct mlx5_flow_group *g;
258 void *match_criteria;
259 int table_size;
260 u32 *flow_group_in;
261 u8 *dmac;
262 int err = 0;
263
264 esw_debug(dev, "Create FDB log_max_size(%d)\n",
265 MLX5_CAP_ESW_FLOWTABLE_FDB(dev, log_max_ft_size));
266
267 root_ns = mlx5_get_fdb_sub_ns(dev, 0);
268 if (!root_ns) {
269 esw_warn(dev, "Failed to get FDB flow namespace\n");
270 return -EOPNOTSUPP;
271 }
272
273 flow_group_in = kvzalloc(inlen, GFP_KERNEL);
274 if (!flow_group_in)
275 return -ENOMEM;
276
277 table_size = BIT(MLX5_CAP_ESW_FLOWTABLE_FDB(dev, log_max_ft_size));
278
279 ft_attr.max_fte = table_size;
280 fdb = mlx5_create_flow_table(root_ns, &ft_attr);
281 if (IS_ERR(fdb)) {
282 err = PTR_ERR(fdb);
283 esw_warn(dev, "Failed to create FDB Table err %d\n", err);
284 goto out;
285 }
286 esw->fdb_table.legacy.fdb = fdb;
287
288 /* Addresses group : Full match unicast/multicast addresses */
289 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable,
290 MLX5_MATCH_OUTER_HEADERS);
291 match_criteria = MLX5_ADDR_OF(create_flow_group_in, flow_group_in, match_criteria);
292 dmac = MLX5_ADDR_OF(fte_match_param, match_criteria, outer_headers.dmac_47_16);
293 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 0);
294 /* Preserve 2 entries for allmulti and promisc rules*/
295 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, table_size - 3);
296 eth_broadcast_addr(dmac);
297 g = mlx5_create_flow_group(fdb, flow_group_in);
298 if (IS_ERR(g)) {
299 err = PTR_ERR(g);
300 esw_warn(dev, "Failed to create flow group err(%d)\n", err);
301 goto out;
302 }
303 esw->fdb_table.legacy.addr_grp = g;
304
305 /* Allmulti group : One rule that forwards any mcast traffic */
306 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable,
307 MLX5_MATCH_OUTER_HEADERS);
308 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, table_size - 2);
309 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, table_size - 2);
310 eth_zero_addr(dmac);
311 dmac[0] = 0x01;
312 g = mlx5_create_flow_group(fdb, flow_group_in);
313 if (IS_ERR(g)) {
314 err = PTR_ERR(g);
315 esw_warn(dev, "Failed to create allmulti flow group err(%d)\n", err);
316 goto out;
317 }
318 esw->fdb_table.legacy.allmulti_grp = g;
319
320 /* Promiscuous group :
321 * One rule that forward all unmatched traffic from previous groups
322 */
323 eth_zero_addr(dmac);
324 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable,
325 MLX5_MATCH_MISC_PARAMETERS);
326 MLX5_SET_TO_ONES(fte_match_param, match_criteria, misc_parameters.source_port);
327 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, table_size - 1);
328 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, table_size - 1);
329 g = mlx5_create_flow_group(fdb, flow_group_in);
330 if (IS_ERR(g)) {
331 err = PTR_ERR(g);
332 esw_warn(dev, "Failed to create promisc flow group err(%d)\n", err);
333 goto out;
334 }
335 esw->fdb_table.legacy.promisc_grp = g;
336
337 out:
338 if (err) {
339 if (!IS_ERR_OR_NULL(esw->fdb_table.legacy.allmulti_grp)) {
340 mlx5_destroy_flow_group(esw->fdb_table.legacy.allmulti_grp);
341 esw->fdb_table.legacy.allmulti_grp = NULL;
342 }
343 if (!IS_ERR_OR_NULL(esw->fdb_table.legacy.addr_grp)) {
344 mlx5_destroy_flow_group(esw->fdb_table.legacy.addr_grp);
345 esw->fdb_table.legacy.addr_grp = NULL;
346 }
347 if (!IS_ERR_OR_NULL(esw->fdb_table.legacy.fdb)) {
348 mlx5_destroy_flow_table(esw->fdb_table.legacy.fdb);
349 esw->fdb_table.legacy.fdb = NULL;
350 }
351 }
352
353 kvfree(flow_group_in);
354 return err;
355 }
356
357 static void esw_destroy_legacy_fdb_table(struct mlx5_eswitch *esw)
358 {
359 if (!esw->fdb_table.legacy.fdb)
360 return;
361
362 esw_debug(esw->dev, "Destroy FDB Table\n");
363 mlx5_destroy_flow_group(esw->fdb_table.legacy.promisc_grp);
364 mlx5_destroy_flow_group(esw->fdb_table.legacy.allmulti_grp);
365 mlx5_destroy_flow_group(esw->fdb_table.legacy.addr_grp);
366 mlx5_destroy_flow_table(esw->fdb_table.legacy.fdb);
367 esw->fdb_table.legacy.fdb = NULL;
368 esw->fdb_table.legacy.addr_grp = NULL;
369 esw->fdb_table.legacy.allmulti_grp = NULL;
370 esw->fdb_table.legacy.promisc_grp = NULL;
371 }
372
373 /* E-Switch vport UC/MC lists management */
374 typedef int (*vport_addr_action)(struct mlx5_eswitch *esw,
375 struct vport_addr *vaddr);
376
377 static int esw_add_uc_addr(struct mlx5_eswitch *esw, struct vport_addr *vaddr)
378 {
379 u8 *mac = vaddr->node.addr;
380 u32 vport = vaddr->vport;
381 int err;
382
383 /* Skip mlx5_mpfs_add_mac for PFs,
384 * it is already done by the PF netdev in mlx5e_execute_l2_action
385 */
386 if (!vport)
387 goto fdb_add;
388
389 err = mlx5_mpfs_add_mac(esw->dev, mac);
390 if (err) {
391 esw_warn(esw->dev,
392 "Failed to add L2 table mac(%pM) for vport(%d), err(%d)\n",
393 mac, vport, err);
394 return err;
395 }
396 vaddr->mpfs = true;
397
398 fdb_add:
399 /* SRIOV is enabled: Forward UC MAC to vport */
400 if (esw->fdb_table.legacy.fdb && esw->mode == SRIOV_LEGACY)
401 vaddr->flow_rule = esw_fdb_set_vport_rule(esw, mac, vport);
402
403 esw_debug(esw->dev, "\tADDED UC MAC: vport[%d] %pM fr(%p)\n",
404 vport, mac, vaddr->flow_rule);
405
406 return 0;
407 }
408
409 static int esw_del_uc_addr(struct mlx5_eswitch *esw, struct vport_addr *vaddr)
410 {
411 u8 *mac = vaddr->node.addr;
412 u32 vport = vaddr->vport;
413 int err = 0;
414
415 /* Skip mlx5_mpfs_del_mac for PFs,
416 * it is already done by the PF netdev in mlx5e_execute_l2_action
417 */
418 if (!vport || !vaddr->mpfs)
419 goto fdb_del;
420
421 err = mlx5_mpfs_del_mac(esw->dev, mac);
422 if (err)
423 esw_warn(esw->dev,
424 "Failed to del L2 table mac(%pM) for vport(%d), err(%d)\n",
425 mac, vport, err);
426 vaddr->mpfs = false;
427
428 fdb_del:
429 if (vaddr->flow_rule)
430 mlx5_del_flow_rules(vaddr->flow_rule);
431 vaddr->flow_rule = NULL;
432
433 return 0;
434 }
435
436 static void update_allmulti_vports(struct mlx5_eswitch *esw,
437 struct vport_addr *vaddr,
438 struct esw_mc_addr *esw_mc)
439 {
440 u8 *mac = vaddr->node.addr;
441 u32 vport_idx = 0;
442
443 for (vport_idx = 0; vport_idx < esw->total_vports; vport_idx++) {
444 struct mlx5_vport *vport = &esw->vports[vport_idx];
445 struct hlist_head *vport_hash = vport->mc_list;
446 struct vport_addr *iter_vaddr =
447 l2addr_hash_find(vport_hash,
448 mac,
449 struct vport_addr);
450 if (IS_ERR_OR_NULL(vport->allmulti_rule) ||
451 vaddr->vport == vport_idx)
452 continue;
453 switch (vaddr->action) {
454 case MLX5_ACTION_ADD:
455 if (iter_vaddr)
456 continue;
457 iter_vaddr = l2addr_hash_add(vport_hash, mac,
458 struct vport_addr,
459 GFP_KERNEL);
460 if (!iter_vaddr) {
461 esw_warn(esw->dev,
462 "ALL-MULTI: Failed to add MAC(%pM) to vport[%d] DB\n",
463 mac, vport_idx);
464 continue;
465 }
466 iter_vaddr->vport = vport_idx;
467 iter_vaddr->flow_rule =
468 esw_fdb_set_vport_rule(esw,
469 mac,
470 vport_idx);
471 iter_vaddr->mc_promisc = true;
472 break;
473 case MLX5_ACTION_DEL:
474 if (!iter_vaddr)
475 continue;
476 mlx5_del_flow_rules(iter_vaddr->flow_rule);
477 l2addr_hash_del(iter_vaddr);
478 break;
479 }
480 }
481 }
482
483 static int esw_add_mc_addr(struct mlx5_eswitch *esw, struct vport_addr *vaddr)
484 {
485 struct hlist_head *hash = esw->mc_table;
486 struct esw_mc_addr *esw_mc;
487 u8 *mac = vaddr->node.addr;
488 u32 vport = vaddr->vport;
489
490 if (!esw->fdb_table.legacy.fdb)
491 return 0;
492
493 esw_mc = l2addr_hash_find(hash, mac, struct esw_mc_addr);
494 if (esw_mc)
495 goto add;
496
497 esw_mc = l2addr_hash_add(hash, mac, struct esw_mc_addr, GFP_KERNEL);
498 if (!esw_mc)
499 return -ENOMEM;
500
501 esw_mc->uplink_rule = /* Forward MC MAC to Uplink */
502 esw_fdb_set_vport_rule(esw, mac, UPLINK_VPORT);
503
504 /* Add this multicast mac to all the mc promiscuous vports */
505 update_allmulti_vports(esw, vaddr, esw_mc);
506
507 add:
508 /* If the multicast mac is added as a result of mc promiscuous vport,
509 * don't increment the multicast ref count
510 */
511 if (!vaddr->mc_promisc)
512 esw_mc->refcnt++;
513
514 /* Forward MC MAC to vport */
515 vaddr->flow_rule = esw_fdb_set_vport_rule(esw, mac, vport);
516 esw_debug(esw->dev,
517 "\tADDED MC MAC: vport[%d] %pM fr(%p) refcnt(%d) uplinkfr(%p)\n",
518 vport, mac, vaddr->flow_rule,
519 esw_mc->refcnt, esw_mc->uplink_rule);
520 return 0;
521 }
522
523 static int esw_del_mc_addr(struct mlx5_eswitch *esw, struct vport_addr *vaddr)
524 {
525 struct hlist_head *hash = esw->mc_table;
526 struct esw_mc_addr *esw_mc;
527 u8 *mac = vaddr->node.addr;
528 u32 vport = vaddr->vport;
529
530 if (!esw->fdb_table.legacy.fdb)
531 return 0;
532
533 esw_mc = l2addr_hash_find(hash, mac, struct esw_mc_addr);
534 if (!esw_mc) {
535 esw_warn(esw->dev,
536 "Failed to find eswitch MC addr for MAC(%pM) vport(%d)",
537 mac, vport);
538 return -EINVAL;
539 }
540 esw_debug(esw->dev,
541 "\tDELETE MC MAC: vport[%d] %pM fr(%p) refcnt(%d) uplinkfr(%p)\n",
542 vport, mac, vaddr->flow_rule, esw_mc->refcnt,
543 esw_mc->uplink_rule);
544
545 if (vaddr->flow_rule)
546 mlx5_del_flow_rules(vaddr->flow_rule);
547 vaddr->flow_rule = NULL;
548
549 /* If the multicast mac is added as a result of mc promiscuous vport,
550 * don't decrement the multicast ref count.
551 */
552 if (vaddr->mc_promisc || (--esw_mc->refcnt > 0))
553 return 0;
554
555 /* Remove this multicast mac from all the mc promiscuous vports */
556 update_allmulti_vports(esw, vaddr, esw_mc);
557
558 if (esw_mc->uplink_rule)
559 mlx5_del_flow_rules(esw_mc->uplink_rule);
560
561 l2addr_hash_del(esw_mc);
562 return 0;
563 }
564
565 /* Apply vport UC/MC list to HW l2 table and FDB table */
566 static void esw_apply_vport_addr_list(struct mlx5_eswitch *esw,
567 u32 vport_num, int list_type)
568 {
569 struct mlx5_vport *vport = &esw->vports[vport_num];
570 bool is_uc = list_type == MLX5_NVPRT_LIST_TYPE_UC;
571 vport_addr_action vport_addr_add;
572 vport_addr_action vport_addr_del;
573 struct vport_addr *addr;
574 struct l2addr_node *node;
575 struct hlist_head *hash;
576 struct hlist_node *tmp;
577 int hi;
578
579 vport_addr_add = is_uc ? esw_add_uc_addr :
580 esw_add_mc_addr;
581 vport_addr_del = is_uc ? esw_del_uc_addr :
582 esw_del_mc_addr;
583
584 hash = is_uc ? vport->uc_list : vport->mc_list;
585 for_each_l2hash_node(node, tmp, hash, hi) {
586 addr = container_of(node, struct vport_addr, node);
587 switch (addr->action) {
588 case MLX5_ACTION_ADD:
589 vport_addr_add(esw, addr);
590 addr->action = MLX5_ACTION_NONE;
591 break;
592 case MLX5_ACTION_DEL:
593 vport_addr_del(esw, addr);
594 l2addr_hash_del(addr);
595 break;
596 }
597 }
598 }
599
600 /* Sync vport UC/MC list from vport context */
601 static void esw_update_vport_addr_list(struct mlx5_eswitch *esw,
602 u32 vport_num, int list_type)
603 {
604 struct mlx5_vport *vport = &esw->vports[vport_num];
605 bool is_uc = list_type == MLX5_NVPRT_LIST_TYPE_UC;
606 u8 (*mac_list)[ETH_ALEN];
607 struct l2addr_node *node;
608 struct vport_addr *addr;
609 struct hlist_head *hash;
610 struct hlist_node *tmp;
611 int size;
612 int err;
613 int hi;
614 int i;
615
616 size = is_uc ? MLX5_MAX_UC_PER_VPORT(esw->dev) :
617 MLX5_MAX_MC_PER_VPORT(esw->dev);
618
619 mac_list = kcalloc(size, ETH_ALEN, GFP_KERNEL);
620 if (!mac_list)
621 return;
622
623 hash = is_uc ? vport->uc_list : vport->mc_list;
624
625 for_each_l2hash_node(node, tmp, hash, hi) {
626 addr = container_of(node, struct vport_addr, node);
627 addr->action = MLX5_ACTION_DEL;
628 }
629
630 if (!vport->enabled)
631 goto out;
632
633 err = mlx5_query_nic_vport_mac_list(esw->dev, vport_num, list_type,
634 mac_list, &size);
635 if (err)
636 goto out;
637 esw_debug(esw->dev, "vport[%d] context update %s list size (%d)\n",
638 vport_num, is_uc ? "UC" : "MC", size);
639
640 for (i = 0; i < size; i++) {
641 if (is_uc && !is_valid_ether_addr(mac_list[i]))
642 continue;
643
644 if (!is_uc && !is_multicast_ether_addr(mac_list[i]))
645 continue;
646
647 addr = l2addr_hash_find(hash, mac_list[i], struct vport_addr);
648 if (addr) {
649 addr->action = MLX5_ACTION_NONE;
650 /* If this mac was previously added because of allmulti
651 * promiscuous rx mode, its now converted to be original
652 * vport mac.
653 */
654 if (addr->mc_promisc) {
655 struct esw_mc_addr *esw_mc =
656 l2addr_hash_find(esw->mc_table,
657 mac_list[i],
658 struct esw_mc_addr);
659 if (!esw_mc) {
660 esw_warn(esw->dev,
661 "Failed to MAC(%pM) in mcast DB\n",
662 mac_list[i]);
663 continue;
664 }
665 esw_mc->refcnt++;
666 addr->mc_promisc = false;
667 }
668 continue;
669 }
670
671 addr = l2addr_hash_add(hash, mac_list[i], struct vport_addr,
672 GFP_KERNEL);
673 if (!addr) {
674 esw_warn(esw->dev,
675 "Failed to add MAC(%pM) to vport[%d] DB\n",
676 mac_list[i], vport_num);
677 continue;
678 }
679 addr->vport = vport_num;
680 addr->action = MLX5_ACTION_ADD;
681 }
682 out:
683 kfree(mac_list);
684 }
685
686 /* Sync vport UC/MC list from vport context
687 * Must be called after esw_update_vport_addr_list
688 */
689 static void esw_update_vport_mc_promisc(struct mlx5_eswitch *esw, u32 vport_num)
690 {
691 struct mlx5_vport *vport = &esw->vports[vport_num];
692 struct l2addr_node *node;
693 struct vport_addr *addr;
694 struct hlist_head *hash;
695 struct hlist_node *tmp;
696 int hi;
697
698 hash = vport->mc_list;
699
700 for_each_l2hash_node(node, tmp, esw->mc_table, hi) {
701 u8 *mac = node->addr;
702
703 addr = l2addr_hash_find(hash, mac, struct vport_addr);
704 if (addr) {
705 if (addr->action == MLX5_ACTION_DEL)
706 addr->action = MLX5_ACTION_NONE;
707 continue;
708 }
709 addr = l2addr_hash_add(hash, mac, struct vport_addr,
710 GFP_KERNEL);
711 if (!addr) {
712 esw_warn(esw->dev,
713 "Failed to add allmulti MAC(%pM) to vport[%d] DB\n",
714 mac, vport_num);
715 continue;
716 }
717 addr->vport = vport_num;
718 addr->action = MLX5_ACTION_ADD;
719 addr->mc_promisc = true;
720 }
721 }
722
723 /* Apply vport rx mode to HW FDB table */
724 static void esw_apply_vport_rx_mode(struct mlx5_eswitch *esw, u32 vport_num,
725 bool promisc, bool mc_promisc)
726 {
727 struct esw_mc_addr *allmulti_addr = &esw->mc_promisc;
728 struct mlx5_vport *vport = &esw->vports[vport_num];
729
730 if (IS_ERR_OR_NULL(vport->allmulti_rule) != mc_promisc)
731 goto promisc;
732
733 if (mc_promisc) {
734 vport->allmulti_rule =
735 esw_fdb_set_vport_allmulti_rule(esw, vport_num);
736 if (!allmulti_addr->uplink_rule)
737 allmulti_addr->uplink_rule =
738 esw_fdb_set_vport_allmulti_rule(esw,
739 UPLINK_VPORT);
740 allmulti_addr->refcnt++;
741 } else if (vport->allmulti_rule) {
742 mlx5_del_flow_rules(vport->allmulti_rule);
743 vport->allmulti_rule = NULL;
744
745 if (--allmulti_addr->refcnt > 0)
746 goto promisc;
747
748 if (allmulti_addr->uplink_rule)
749 mlx5_del_flow_rules(allmulti_addr->uplink_rule);
750 allmulti_addr->uplink_rule = NULL;
751 }
752
753 promisc:
754 if (IS_ERR_OR_NULL(vport->promisc_rule) != promisc)
755 return;
756
757 if (promisc) {
758 vport->promisc_rule = esw_fdb_set_vport_promisc_rule(esw,
759 vport_num);
760 } else if (vport->promisc_rule) {
761 mlx5_del_flow_rules(vport->promisc_rule);
762 vport->promisc_rule = NULL;
763 }
764 }
765
766 /* Sync vport rx mode from vport context */
767 static void esw_update_vport_rx_mode(struct mlx5_eswitch *esw, u32 vport_num)
768 {
769 struct mlx5_vport *vport = &esw->vports[vport_num];
770 int promisc_all = 0;
771 int promisc_uc = 0;
772 int promisc_mc = 0;
773 int err;
774
775 err = mlx5_query_nic_vport_promisc(esw->dev,
776 vport_num,
777 &promisc_uc,
778 &promisc_mc,
779 &promisc_all);
780 if (err)
781 return;
782 esw_debug(esw->dev, "vport[%d] context update rx mode promisc_all=%d, all_multi=%d\n",
783 vport_num, promisc_all, promisc_mc);
784
785 if (!vport->info.trusted || !vport->enabled) {
786 promisc_uc = 0;
787 promisc_mc = 0;
788 promisc_all = 0;
789 }
790
791 esw_apply_vport_rx_mode(esw, vport_num, promisc_all,
792 (promisc_all || promisc_mc));
793 }
794
795 static void esw_vport_change_handle_locked(struct mlx5_vport *vport)
796 {
797 struct mlx5_core_dev *dev = vport->dev;
798 struct mlx5_eswitch *esw = dev->priv.eswitch;
799 u8 mac[ETH_ALEN];
800
801 mlx5_query_nic_vport_mac_address(dev, vport->vport, mac);
802 esw_debug(dev, "vport[%d] Context Changed: perm mac: %pM\n",
803 vport->vport, mac);
804
805 if (vport->enabled_events & UC_ADDR_CHANGE) {
806 esw_update_vport_addr_list(esw, vport->vport,
807 MLX5_NVPRT_LIST_TYPE_UC);
808 esw_apply_vport_addr_list(esw, vport->vport,
809 MLX5_NVPRT_LIST_TYPE_UC);
810 }
811
812 if (vport->enabled_events & MC_ADDR_CHANGE) {
813 esw_update_vport_addr_list(esw, vport->vport,
814 MLX5_NVPRT_LIST_TYPE_MC);
815 }
816
817 if (vport->enabled_events & PROMISC_CHANGE) {
818 esw_update_vport_rx_mode(esw, vport->vport);
819 if (!IS_ERR_OR_NULL(vport->allmulti_rule))
820 esw_update_vport_mc_promisc(esw, vport->vport);
821 }
822
823 if (vport->enabled_events & (PROMISC_CHANGE | MC_ADDR_CHANGE)) {
824 esw_apply_vport_addr_list(esw, vport->vport,
825 MLX5_NVPRT_LIST_TYPE_MC);
826 }
827
828 esw_debug(esw->dev, "vport[%d] Context Changed: Done\n", vport->vport);
829 if (vport->enabled)
830 arm_vport_context_events_cmd(dev, vport->vport,
831 vport->enabled_events);
832 }
833
834 static void esw_vport_change_handler(struct work_struct *work)
835 {
836 struct mlx5_vport *vport =
837 container_of(work, struct mlx5_vport, vport_change_handler);
838 struct mlx5_eswitch *esw = vport->dev->priv.eswitch;
839
840 mutex_lock(&esw->state_lock);
841 esw_vport_change_handle_locked(vport);
842 mutex_unlock(&esw->state_lock);
843 }
844
845 static int esw_vport_enable_egress_acl(struct mlx5_eswitch *esw,
846 struct mlx5_vport *vport)
847 {
848 int inlen = MLX5_ST_SZ_BYTES(create_flow_group_in);
849 struct mlx5_flow_group *vlan_grp = NULL;
850 struct mlx5_flow_group *drop_grp = NULL;
851 struct mlx5_core_dev *dev = esw->dev;
852 struct mlx5_flow_namespace *root_ns;
853 struct mlx5_flow_table *acl;
854 void *match_criteria;
855 u32 *flow_group_in;
856 /* The egress acl table contains 2 rules:
857 * 1)Allow traffic with vlan_tag=vst_vlan_id
858 * 2)Drop all other traffic.
859 */
860 int table_size = 2;
861 int err = 0;
862
863 if (!MLX5_CAP_ESW_EGRESS_ACL(dev, ft_support))
864 return -EOPNOTSUPP;
865
866 if (!IS_ERR_OR_NULL(vport->egress.acl))
867 return 0;
868
869 esw_debug(dev, "Create vport[%d] egress ACL log_max_size(%d)\n",
870 vport->vport, MLX5_CAP_ESW_EGRESS_ACL(dev, log_max_ft_size));
871
872 root_ns = mlx5_get_flow_vport_acl_namespace(dev, MLX5_FLOW_NAMESPACE_ESW_EGRESS,
873 vport->vport);
874 if (!root_ns) {
875 esw_warn(dev, "Failed to get E-Switch egress flow namespace for vport (%d)\n", vport->vport);
876 return -EOPNOTSUPP;
877 }
878
879 flow_group_in = kvzalloc(inlen, GFP_KERNEL);
880 if (!flow_group_in)
881 return -ENOMEM;
882
883 acl = mlx5_create_vport_flow_table(root_ns, 0, table_size, 0, vport->vport);
884 if (IS_ERR(acl)) {
885 err = PTR_ERR(acl);
886 esw_warn(dev, "Failed to create E-Switch vport[%d] egress flow Table, err(%d)\n",
887 vport->vport, err);
888 goto out;
889 }
890
891 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable, MLX5_MATCH_OUTER_HEADERS);
892 match_criteria = MLX5_ADDR_OF(create_flow_group_in, flow_group_in, match_criteria);
893 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.cvlan_tag);
894 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.first_vid);
895 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 0);
896 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, 0);
897
898 vlan_grp = mlx5_create_flow_group(acl, flow_group_in);
899 if (IS_ERR(vlan_grp)) {
900 err = PTR_ERR(vlan_grp);
901 esw_warn(dev, "Failed to create E-Switch vport[%d] egress allowed vlans flow group, err(%d)\n",
902 vport->vport, err);
903 goto out;
904 }
905
906 memset(flow_group_in, 0, inlen);
907 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 1);
908 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, 1);
909 drop_grp = mlx5_create_flow_group(acl, flow_group_in);
910 if (IS_ERR(drop_grp)) {
911 err = PTR_ERR(drop_grp);
912 esw_warn(dev, "Failed to create E-Switch vport[%d] egress drop flow group, err(%d)\n",
913 vport->vport, err);
914 goto out;
915 }
916
917 vport->egress.acl = acl;
918 vport->egress.drop_grp = drop_grp;
919 vport->egress.allowed_vlans_grp = vlan_grp;
920 out:
921 kvfree(flow_group_in);
922 if (err && !IS_ERR_OR_NULL(vlan_grp))
923 mlx5_destroy_flow_group(vlan_grp);
924 if (err && !IS_ERR_OR_NULL(acl))
925 mlx5_destroy_flow_table(acl);
926 return err;
927 }
928
929 static void esw_vport_cleanup_egress_rules(struct mlx5_eswitch *esw,
930 struct mlx5_vport *vport)
931 {
932 if (!IS_ERR_OR_NULL(vport->egress.allowed_vlan))
933 mlx5_del_flow_rules(vport->egress.allowed_vlan);
934
935 if (!IS_ERR_OR_NULL(vport->egress.drop_rule))
936 mlx5_del_flow_rules(vport->egress.drop_rule);
937
938 vport->egress.allowed_vlan = NULL;
939 vport->egress.drop_rule = NULL;
940 }
941
942 static void esw_vport_disable_egress_acl(struct mlx5_eswitch *esw,
943 struct mlx5_vport *vport)
944 {
945 if (IS_ERR_OR_NULL(vport->egress.acl))
946 return;
947
948 esw_debug(esw->dev, "Destroy vport[%d] E-Switch egress ACL\n", vport->vport);
949
950 esw_vport_cleanup_egress_rules(esw, vport);
951 mlx5_destroy_flow_group(vport->egress.allowed_vlans_grp);
952 mlx5_destroy_flow_group(vport->egress.drop_grp);
953 mlx5_destroy_flow_table(vport->egress.acl);
954 vport->egress.allowed_vlans_grp = NULL;
955 vport->egress.drop_grp = NULL;
956 vport->egress.acl = NULL;
957 }
958
959 static int esw_vport_enable_ingress_acl(struct mlx5_eswitch *esw,
960 struct mlx5_vport *vport)
961 {
962 int inlen = MLX5_ST_SZ_BYTES(create_flow_group_in);
963 struct mlx5_core_dev *dev = esw->dev;
964 struct mlx5_flow_namespace *root_ns;
965 struct mlx5_flow_table *acl;
966 struct mlx5_flow_group *g;
967 void *match_criteria;
968 u32 *flow_group_in;
969 /* The ingress acl table contains 4 groups
970 * (2 active rules at the same time -
971 * 1 allow rule from one of the first 3 groups.
972 * 1 drop rule from the last group):
973 * 1)Allow untagged traffic with smac=original mac.
974 * 2)Allow untagged traffic.
975 * 3)Allow traffic with smac=original mac.
976 * 4)Drop all other traffic.
977 */
978 int table_size = 4;
979 int err = 0;
980
981 if (!MLX5_CAP_ESW_INGRESS_ACL(dev, ft_support))
982 return -EOPNOTSUPP;
983
984 if (!IS_ERR_OR_NULL(vport->ingress.acl))
985 return 0;
986
987 esw_debug(dev, "Create vport[%d] ingress ACL log_max_size(%d)\n",
988 vport->vport, MLX5_CAP_ESW_INGRESS_ACL(dev, log_max_ft_size));
989
990 root_ns = mlx5_get_flow_vport_acl_namespace(dev, MLX5_FLOW_NAMESPACE_ESW_INGRESS,
991 vport->vport);
992 if (!root_ns) {
993 esw_warn(dev, "Failed to get E-Switch ingress flow namespace for vport (%d)\n", vport->vport);
994 return -EOPNOTSUPP;
995 }
996
997 flow_group_in = kvzalloc(inlen, GFP_KERNEL);
998 if (!flow_group_in)
999 return -ENOMEM;
1000
1001 acl = mlx5_create_vport_flow_table(root_ns, 0, table_size, 0, vport->vport);
1002 if (IS_ERR(acl)) {
1003 err = PTR_ERR(acl);
1004 esw_warn(dev, "Failed to create E-Switch vport[%d] ingress flow Table, err(%d)\n",
1005 vport->vport, err);
1006 goto out;
1007 }
1008 vport->ingress.acl = acl;
1009
1010 match_criteria = MLX5_ADDR_OF(create_flow_group_in, flow_group_in, match_criteria);
1011
1012 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable, MLX5_MATCH_OUTER_HEADERS);
1013 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.cvlan_tag);
1014 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.smac_47_16);
1015 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.smac_15_0);
1016 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 0);
1017 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, 0);
1018
1019 g = mlx5_create_flow_group(acl, flow_group_in);
1020 if (IS_ERR(g)) {
1021 err = PTR_ERR(g);
1022 esw_warn(dev, "Failed to create E-Switch vport[%d] ingress untagged spoofchk flow group, err(%d)\n",
1023 vport->vport, err);
1024 goto out;
1025 }
1026 vport->ingress.allow_untagged_spoofchk_grp = g;
1027
1028 memset(flow_group_in, 0, inlen);
1029 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable, MLX5_MATCH_OUTER_HEADERS);
1030 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.cvlan_tag);
1031 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 1);
1032 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, 1);
1033
1034 g = mlx5_create_flow_group(acl, flow_group_in);
1035 if (IS_ERR(g)) {
1036 err = PTR_ERR(g);
1037 esw_warn(dev, "Failed to create E-Switch vport[%d] ingress untagged flow group, err(%d)\n",
1038 vport->vport, err);
1039 goto out;
1040 }
1041 vport->ingress.allow_untagged_only_grp = g;
1042
1043 memset(flow_group_in, 0, inlen);
1044 MLX5_SET(create_flow_group_in, flow_group_in, match_criteria_enable, MLX5_MATCH_OUTER_HEADERS);
1045 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.smac_47_16);
1046 MLX5_SET_TO_ONES(fte_match_param, match_criteria, outer_headers.smac_15_0);
1047 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 2);
1048 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, 2);
1049
1050 g = mlx5_create_flow_group(acl, flow_group_in);
1051 if (IS_ERR(g)) {
1052 err = PTR_ERR(g);
1053 esw_warn(dev, "Failed to create E-Switch vport[%d] ingress spoofchk flow group, err(%d)\n",
1054 vport->vport, err);
1055 goto out;
1056 }
1057 vport->ingress.allow_spoofchk_only_grp = g;
1058
1059 memset(flow_group_in, 0, inlen);
1060 MLX5_SET(create_flow_group_in, flow_group_in, start_flow_index, 3);
1061 MLX5_SET(create_flow_group_in, flow_group_in, end_flow_index, 3);
1062
1063 g = mlx5_create_flow_group(acl, flow_group_in);
1064 if (IS_ERR(g)) {
1065 err = PTR_ERR(g);
1066 esw_warn(dev, "Failed to create E-Switch vport[%d] ingress drop flow group, err(%d)\n",
1067 vport->vport, err);
1068 goto out;
1069 }
1070 vport->ingress.drop_grp = g;
1071
1072 out:
1073 if (err) {
1074 if (!IS_ERR_OR_NULL(vport->ingress.allow_spoofchk_only_grp))
1075 mlx5_destroy_flow_group(
1076 vport->ingress.allow_spoofchk_only_grp);
1077 if (!IS_ERR_OR_NULL(vport->ingress.allow_untagged_only_grp))
1078 mlx5_destroy_flow_group(
1079 vport->ingress.allow_untagged_only_grp);
1080 if (!IS_ERR_OR_NULL(vport->ingress.allow_untagged_spoofchk_grp))
1081 mlx5_destroy_flow_group(
1082 vport->ingress.allow_untagged_spoofchk_grp);
1083 if (!IS_ERR_OR_NULL(vport->ingress.acl))
1084 mlx5_destroy_flow_table(vport->ingress.acl);
1085 }
1086
1087 kvfree(flow_group_in);
1088 return err;
1089 }
1090
1091 static void esw_vport_cleanup_ingress_rules(struct mlx5_eswitch *esw,
1092 struct mlx5_vport *vport)
1093 {
1094 if (!IS_ERR_OR_NULL(vport->ingress.drop_rule))
1095 mlx5_del_flow_rules(vport->ingress.drop_rule);
1096
1097 if (!IS_ERR_OR_NULL(vport->ingress.allow_rule))
1098 mlx5_del_flow_rules(vport->ingress.allow_rule);
1099
1100 vport->ingress.drop_rule = NULL;
1101 vport->ingress.allow_rule = NULL;
1102 }
1103
1104 static void esw_vport_disable_ingress_acl(struct mlx5_eswitch *esw,
1105 struct mlx5_vport *vport)
1106 {
1107 if (IS_ERR_OR_NULL(vport->ingress.acl))
1108 return;
1109
1110 esw_debug(esw->dev, "Destroy vport[%d] E-Switch ingress ACL\n", vport->vport);
1111
1112 esw_vport_cleanup_ingress_rules(esw, vport);
1113 mlx5_destroy_flow_group(vport->ingress.allow_spoofchk_only_grp);
1114 mlx5_destroy_flow_group(vport->ingress.allow_untagged_only_grp);
1115 mlx5_destroy_flow_group(vport->ingress.allow_untagged_spoofchk_grp);
1116 mlx5_destroy_flow_group(vport->ingress.drop_grp);
1117 mlx5_destroy_flow_table(vport->ingress.acl);
1118 vport->ingress.acl = NULL;
1119 vport->ingress.drop_grp = NULL;
1120 vport->ingress.allow_spoofchk_only_grp = NULL;
1121 vport->ingress.allow_untagged_only_grp = NULL;
1122 vport->ingress.allow_untagged_spoofchk_grp = NULL;
1123 }
1124
1125 static int esw_vport_ingress_config(struct mlx5_eswitch *esw,
1126 struct mlx5_vport *vport)
1127 {
1128 struct mlx5_fc *counter = vport->ingress.drop_counter;
1129 struct mlx5_flow_destination drop_ctr_dst = {0};
1130 struct mlx5_flow_destination *dst = NULL;
1131 struct mlx5_flow_act flow_act = {0};
1132 struct mlx5_flow_spec *spec;
1133 int dest_num = 0;
1134 int err = 0;
1135 u8 *smac_v;
1136
1137 esw_vport_cleanup_ingress_rules(esw, vport);
1138
1139 if (!vport->info.vlan && !vport->info.qos && !vport->info.spoofchk) {
1140 esw_vport_disable_ingress_acl(esw, vport);
1141 return 0;
1142 }
1143
1144 err = esw_vport_enable_ingress_acl(esw, vport);
1145 if (err) {
1146 mlx5_core_warn(esw->dev,
1147 "failed to enable ingress acl (%d) on vport[%d]\n",
1148 err, vport->vport);
1149 return err;
1150 }
1151
1152 esw_debug(esw->dev,
1153 "vport[%d] configure ingress rules, vlan(%d) qos(%d)\n",
1154 vport->vport, vport->info.vlan, vport->info.qos);
1155
1156 spec = kvzalloc(sizeof(*spec), GFP_KERNEL);
1157 if (!spec) {
1158 err = -ENOMEM;
1159 goto out;
1160 }
1161
1162 if (vport->info.vlan || vport->info.qos)
1163 MLX5_SET_TO_ONES(fte_match_param, spec->match_criteria, outer_headers.cvlan_tag);
1164
1165 if (vport->info.spoofchk) {
1166 MLX5_SET_TO_ONES(fte_match_param, spec->match_criteria, outer_headers.smac_47_16);
1167 MLX5_SET_TO_ONES(fte_match_param, spec->match_criteria, outer_headers.smac_15_0);
1168 smac_v = MLX5_ADDR_OF(fte_match_param,
1169 spec->match_value,
1170 outer_headers.smac_47_16);
1171 ether_addr_copy(smac_v, vport->info.mac);
1172 }
1173
1174 spec->match_criteria_enable = MLX5_MATCH_OUTER_HEADERS;
1175 flow_act.action = MLX5_FLOW_CONTEXT_ACTION_ALLOW;
1176 vport->ingress.allow_rule =
1177 mlx5_add_flow_rules(vport->ingress.acl, spec,
1178 &flow_act, NULL, 0);
1179 if (IS_ERR(vport->ingress.allow_rule)) {
1180 err = PTR_ERR(vport->ingress.allow_rule);
1181 esw_warn(esw->dev,
1182 "vport[%d] configure ingress allow rule, err(%d)\n",
1183 vport->vport, err);
1184 vport->ingress.allow_rule = NULL;
1185 goto out;
1186 }
1187
1188 memset(spec, 0, sizeof(*spec));
1189 flow_act.action = MLX5_FLOW_CONTEXT_ACTION_DROP;
1190
1191 /* Attach drop flow counter */
1192 if (counter) {
1193 flow_act.action |= MLX5_FLOW_CONTEXT_ACTION_COUNT;
1194 drop_ctr_dst.type = MLX5_FLOW_DESTINATION_TYPE_COUNTER;
1195 drop_ctr_dst.counter_id = mlx5_fc_id(counter);
1196 dst = &drop_ctr_dst;
1197 dest_num++;
1198 }
1199 vport->ingress.drop_rule =
1200 mlx5_add_flow_rules(vport->ingress.acl, spec,
1201 &flow_act, dst, dest_num);
1202 if (IS_ERR(vport->ingress.drop_rule)) {
1203 err = PTR_ERR(vport->ingress.drop_rule);
1204 esw_warn(esw->dev,
1205 "vport[%d] configure ingress drop rule, err(%d)\n",
1206 vport->vport, err);
1207 vport->ingress.drop_rule = NULL;
1208 goto out;
1209 }
1210
1211 out:
1212 if (err)
1213 esw_vport_cleanup_ingress_rules(esw, vport);
1214 kvfree(spec);
1215 return err;
1216 }
1217
1218 static int esw_vport_egress_config(struct mlx5_eswitch *esw,
1219 struct mlx5_vport *vport)
1220 {
1221 struct mlx5_fc *counter = vport->egress.drop_counter;
1222 struct mlx5_flow_destination drop_ctr_dst = {0};
1223 struct mlx5_flow_destination *dst = NULL;
1224 struct mlx5_flow_act flow_act = {0};
1225 struct mlx5_flow_spec *spec;
1226 int dest_num = 0;
1227 int err = 0;
1228
1229 esw_vport_cleanup_egress_rules(esw, vport);
1230
1231 if (!vport->info.vlan && !vport->info.qos) {
1232 esw_vport_disable_egress_acl(esw, vport);
1233 return 0;
1234 }
1235
1236 err = esw_vport_enable_egress_acl(esw, vport);
1237 if (err) {
1238 mlx5_core_warn(esw->dev,
1239 "failed to enable egress acl (%d) on vport[%d]\n",
1240 err, vport->vport);
1241 return err;
1242 }
1243
1244 esw_debug(esw->dev,
1245 "vport[%d] configure egress rules, vlan(%d) qos(%d)\n",
1246 vport->vport, vport->info.vlan, vport->info.qos);
1247
1248 spec = kvzalloc(sizeof(*spec), GFP_KERNEL);
1249 if (!spec) {
1250 err = -ENOMEM;
1251 goto out;
1252 }
1253
1254 /* Allowed vlan rule */
1255 MLX5_SET_TO_ONES(fte_match_param, spec->match_criteria, outer_headers.cvlan_tag);
1256 MLX5_SET_TO_ONES(fte_match_param, spec->match_value, outer_headers.cvlan_tag);
1257 MLX5_SET_TO_ONES(fte_match_param, spec->match_criteria, outer_headers.first_vid);
1258 MLX5_SET(fte_match_param, spec->match_value, outer_headers.first_vid, vport->info.vlan);
1259
1260 spec->match_criteria_enable = MLX5_MATCH_OUTER_HEADERS;
1261 flow_act.action = MLX5_FLOW_CONTEXT_ACTION_ALLOW;
1262 vport->egress.allowed_vlan =
1263 mlx5_add_flow_rules(vport->egress.acl, spec,
1264 &flow_act, NULL, 0);
1265 if (IS_ERR(vport->egress.allowed_vlan)) {
1266 err = PTR_ERR(vport->egress.allowed_vlan);
1267 esw_warn(esw->dev,
1268 "vport[%d] configure egress allowed vlan rule failed, err(%d)\n",
1269 vport->vport, err);
1270 vport->egress.allowed_vlan = NULL;
1271 goto out;
1272 }
1273
1274 /* Drop others rule (star rule) */
1275 memset(spec, 0, sizeof(*spec));
1276 flow_act.action = MLX5_FLOW_CONTEXT_ACTION_DROP;
1277
1278 /* Attach egress drop flow counter */
1279 if (counter) {
1280 flow_act.action |= MLX5_FLOW_CONTEXT_ACTION_COUNT;
1281 drop_ctr_dst.type = MLX5_FLOW_DESTINATION_TYPE_COUNTER;
1282 drop_ctr_dst.counter_id = mlx5_fc_id(counter);
1283 dst = &drop_ctr_dst;
1284 dest_num++;
1285 }
1286 vport->egress.drop_rule =
1287 mlx5_add_flow_rules(vport->egress.acl, spec,
1288 &flow_act, dst, dest_num);
1289 if (IS_ERR(vport->egress.drop_rule)) {
1290 err = PTR_ERR(vport->egress.drop_rule);
1291 esw_warn(esw->dev,
1292 "vport[%d] configure egress drop rule failed, err(%d)\n",
1293 vport->vport, err);
1294 vport->egress.drop_rule = NULL;
1295 }
1296 out:
1297 kvfree(spec);
1298 return err;
1299 }
1300
1301 /* Vport QoS management */
1302 static int esw_create_tsar(struct mlx5_eswitch *esw)
1303 {
1304 u32 tsar_ctx[MLX5_ST_SZ_DW(scheduling_context)] = {0};
1305 struct mlx5_core_dev *dev = esw->dev;
1306 int err;
1307
1308 if (!MLX5_CAP_GEN(dev, qos) || !MLX5_CAP_QOS(dev, esw_scheduling))
1309 return 0;
1310
1311 if (esw->qos.enabled)
1312 return -EEXIST;
1313
1314 err = mlx5_create_scheduling_element_cmd(dev,
1315 SCHEDULING_HIERARCHY_E_SWITCH,
1316 tsar_ctx,
1317 &esw->qos.root_tsar_id);
1318 if (err) {
1319 esw_warn(esw->dev, "E-Switch create TSAR failed (%d)\n", err);
1320 return err;
1321 }
1322
1323 esw->qos.enabled = true;
1324 return 0;
1325 }
1326
1327 static void esw_destroy_tsar(struct mlx5_eswitch *esw)
1328 {
1329 int err;
1330
1331 if (!esw->qos.enabled)
1332 return;
1333
1334 err = mlx5_destroy_scheduling_element_cmd(esw->dev,
1335 SCHEDULING_HIERARCHY_E_SWITCH,
1336 esw->qos.root_tsar_id);
1337 if (err)
1338 esw_warn(esw->dev, "E-Switch destroy TSAR failed (%d)\n", err);
1339
1340 esw->qos.enabled = false;
1341 }
1342
1343 static int esw_vport_enable_qos(struct mlx5_eswitch *esw, int vport_num,
1344 u32 initial_max_rate, u32 initial_bw_share)
1345 {
1346 u32 sched_ctx[MLX5_ST_SZ_DW(scheduling_context)] = {0};
1347 struct mlx5_vport *vport = &esw->vports[vport_num];
1348 struct mlx5_core_dev *dev = esw->dev;
1349 void *vport_elem;
1350 int err = 0;
1351
1352 if (!esw->qos.enabled || !MLX5_CAP_GEN(dev, qos) ||
1353 !MLX5_CAP_QOS(dev, esw_scheduling))
1354 return 0;
1355
1356 if (vport->qos.enabled)
1357 return -EEXIST;
1358
1359 MLX5_SET(scheduling_context, sched_ctx, element_type,
1360 SCHEDULING_CONTEXT_ELEMENT_TYPE_VPORT);
1361 vport_elem = MLX5_ADDR_OF(scheduling_context, sched_ctx,
1362 element_attributes);
1363 MLX5_SET(vport_element, vport_elem, vport_number, vport_num);
1364 MLX5_SET(scheduling_context, sched_ctx, parent_element_id,
1365 esw->qos.root_tsar_id);
1366 MLX5_SET(scheduling_context, sched_ctx, max_average_bw,
1367 initial_max_rate);
1368 MLX5_SET(scheduling_context, sched_ctx, bw_share, initial_bw_share);
1369
1370 err = mlx5_create_scheduling_element_cmd(dev,
1371 SCHEDULING_HIERARCHY_E_SWITCH,
1372 sched_ctx,
1373 &vport->qos.esw_tsar_ix);
1374 if (err) {
1375 esw_warn(esw->dev, "E-Switch create TSAR vport element failed (vport=%d,err=%d)\n",
1376 vport_num, err);
1377 return err;
1378 }
1379
1380 vport->qos.enabled = true;
1381 return 0;
1382 }
1383
1384 static void esw_vport_disable_qos(struct mlx5_eswitch *esw, int vport_num)
1385 {
1386 struct mlx5_vport *vport = &esw->vports[vport_num];
1387 int err = 0;
1388
1389 if (!vport->qos.enabled)
1390 return;
1391
1392 err = mlx5_destroy_scheduling_element_cmd(esw->dev,
1393 SCHEDULING_HIERARCHY_E_SWITCH,
1394 vport->qos.esw_tsar_ix);
1395 if (err)
1396 esw_warn(esw->dev, "E-Switch destroy TSAR vport element failed (vport=%d,err=%d)\n",
1397 vport_num, err);
1398
1399 vport->qos.enabled = false;
1400 }
1401
1402 static int esw_vport_qos_config(struct mlx5_eswitch *esw, int vport_num,
1403 u32 max_rate, u32 bw_share)
1404 {
1405 u32 sched_ctx[MLX5_ST_SZ_DW(scheduling_context)] = {0};
1406 struct mlx5_vport *vport = &esw->vports[vport_num];
1407 struct mlx5_core_dev *dev = esw->dev;
1408 void *vport_elem;
1409 u32 bitmask = 0;
1410 int err = 0;
1411
1412 if (!MLX5_CAP_GEN(dev, qos) || !MLX5_CAP_QOS(dev, esw_scheduling))
1413 return -EOPNOTSUPP;
1414
1415 if (!vport->qos.enabled)
1416 return -EIO;
1417
1418 MLX5_SET(scheduling_context, sched_ctx, element_type,
1419 SCHEDULING_CONTEXT_ELEMENT_TYPE_VPORT);
1420 vport_elem = MLX5_ADDR_OF(scheduling_context, sched_ctx,
1421 element_attributes);
1422 MLX5_SET(vport_element, vport_elem, vport_number, vport_num);
1423 MLX5_SET(scheduling_context, sched_ctx, parent_element_id,
1424 esw->qos.root_tsar_id);
1425 MLX5_SET(scheduling_context, sched_ctx, max_average_bw,
1426 max_rate);
1427 MLX5_SET(scheduling_context, sched_ctx, bw_share, bw_share);
1428 bitmask |= MODIFY_SCHEDULING_ELEMENT_IN_MODIFY_BITMASK_MAX_AVERAGE_BW;
1429 bitmask |= MODIFY_SCHEDULING_ELEMENT_IN_MODIFY_BITMASK_BW_SHARE;
1430
1431 err = mlx5_modify_scheduling_element_cmd(dev,
1432 SCHEDULING_HIERARCHY_E_SWITCH,
1433 sched_ctx,
1434 vport->qos.esw_tsar_ix,
1435 bitmask);
1436 if (err) {
1437 esw_warn(esw->dev, "E-Switch modify TSAR vport element failed (vport=%d,err=%d)\n",
1438 vport_num, err);
1439 return err;
1440 }
1441
1442 return 0;
1443 }
1444
1445 static void node_guid_gen_from_mac(u64 *node_guid, u8 mac[ETH_ALEN])
1446 {
1447 ((u8 *)node_guid)[7] = mac[0];
1448 ((u8 *)node_guid)[6] = mac[1];
1449 ((u8 *)node_guid)[5] = mac[2];
1450 ((u8 *)node_guid)[4] = 0xff;
1451 ((u8 *)node_guid)[3] = 0xfe;
1452 ((u8 *)node_guid)[2] = mac[3];
1453 ((u8 *)node_guid)[1] = mac[4];
1454 ((u8 *)node_guid)[0] = mac[5];
1455 }
1456
1457 static void esw_apply_vport_conf(struct mlx5_eswitch *esw,
1458 struct mlx5_vport *vport)
1459 {
1460 int vport_num = vport->vport;
1461
1462 if (!vport_num)
1463 return;
1464
1465 mlx5_modify_vport_admin_state(esw->dev,
1466 MLX5_VPORT_STATE_OP_MOD_ESW_VPORT,
1467 vport_num,
1468 vport->info.link_state);
1469 mlx5_modify_nic_vport_mac_address(esw->dev, vport_num, vport->info.mac);
1470 mlx5_modify_nic_vport_node_guid(esw->dev, vport_num, vport->info.node_guid);
1471 modify_esw_vport_cvlan(esw->dev, vport_num, vport->info.vlan, vport->info.qos,
1472 (vport->info.vlan || vport->info.qos));
1473
1474 /* Only legacy mode needs ACLs */
1475 if (esw->mode == SRIOV_LEGACY) {
1476 esw_vport_ingress_config(esw, vport);
1477 esw_vport_egress_config(esw, vport);
1478 }
1479 }
1480
1481 static void esw_vport_create_drop_counters(struct mlx5_vport *vport)
1482 {
1483 struct mlx5_core_dev *dev = vport->dev;
1484
1485 if (MLX5_CAP_ESW_INGRESS_ACL(dev, flow_counter)) {
1486 vport->ingress.drop_counter = mlx5_fc_create(dev, false);
1487 if (IS_ERR(vport->ingress.drop_counter)) {
1488 esw_warn(dev,
1489 "vport[%d] configure ingress drop rule counter failed\n",
1490 vport->vport);
1491 vport->ingress.drop_counter = NULL;
1492 }
1493 }
1494
1495 if (MLX5_CAP_ESW_EGRESS_ACL(dev, flow_counter)) {
1496 vport->egress.drop_counter = mlx5_fc_create(dev, false);
1497 if (IS_ERR(vport->egress.drop_counter)) {
1498 esw_warn(dev,
1499 "vport[%d] configure egress drop rule counter failed\n",
1500 vport->vport);
1501 vport->egress.drop_counter = NULL;
1502 }
1503 }
1504 }
1505
1506 static void esw_vport_destroy_drop_counters(struct mlx5_vport *vport)
1507 {
1508 struct mlx5_core_dev *dev = vport->dev;
1509
1510 if (vport->ingress.drop_counter)
1511 mlx5_fc_destroy(dev, vport->ingress.drop_counter);
1512 if (vport->egress.drop_counter)
1513 mlx5_fc_destroy(dev, vport->egress.drop_counter);
1514 }
1515
1516 static void esw_enable_vport(struct mlx5_eswitch *esw, int vport_num,
1517 int enable_events)
1518 {
1519 struct mlx5_vport *vport = &esw->vports[vport_num];
1520
1521 mutex_lock(&esw->state_lock);
1522 WARN_ON(vport->enabled);
1523
1524 esw_debug(esw->dev, "Enabling VPORT(%d)\n", vport_num);
1525
1526 /* Create steering drop counters for ingress and egress ACLs */
1527 if (vport_num && esw->mode == SRIOV_LEGACY)
1528 esw_vport_create_drop_counters(vport);
1529
1530 /* Restore old vport configuration */
1531 esw_apply_vport_conf(esw, vport);
1532
1533 /* Attach vport to the eswitch rate limiter */
1534 if (esw_vport_enable_qos(esw, vport_num, vport->info.max_rate,
1535 vport->qos.bw_share))
1536 esw_warn(esw->dev, "Failed to attach vport %d to eswitch rate limiter", vport_num);
1537
1538 /* Sync with current vport context */
1539 vport->enabled_events = enable_events;
1540 vport->enabled = true;
1541
1542 /* only PF is trusted by default */
1543 if (!vport_num)
1544 vport->info.trusted = true;
1545
1546 esw_vport_change_handle_locked(vport);
1547
1548 esw->enabled_vports++;
1549 esw_debug(esw->dev, "Enabled VPORT(%d)\n", vport_num);
1550 mutex_unlock(&esw->state_lock);
1551 }
1552
1553 static void esw_disable_vport(struct mlx5_eswitch *esw, int vport_num)
1554 {
1555 struct mlx5_vport *vport = &esw->vports[vport_num];
1556
1557 if (!vport->enabled)
1558 return;
1559
1560 esw_debug(esw->dev, "Disabling vport(%d)\n", vport_num);
1561 /* Mark this vport as disabled to discard new events */
1562 vport->enabled = false;
1563
1564 /* Wait for current already scheduled events to complete */
1565 flush_workqueue(esw->work_queue);
1566 /* Disable events from this vport */
1567 arm_vport_context_events_cmd(esw->dev, vport->vport, 0);
1568 mutex_lock(&esw->state_lock);
1569 /* We don't assume VFs will cleanup after themselves.
1570 * Calling vport change handler while vport is disabled will cleanup
1571 * the vport resources.
1572 */
1573 esw_vport_change_handle_locked(vport);
1574 vport->enabled_events = 0;
1575 esw_vport_disable_qos(esw, vport_num);
1576 if (vport_num && esw->mode == SRIOV_LEGACY) {
1577 mlx5_modify_vport_admin_state(esw->dev,
1578 MLX5_VPORT_STATE_OP_MOD_ESW_VPORT,
1579 vport_num,
1580 MLX5_VPORT_ADMIN_STATE_DOWN);
1581 esw_vport_disable_egress_acl(esw, vport);
1582 esw_vport_disable_ingress_acl(esw, vport);
1583 esw_vport_destroy_drop_counters(vport);
1584 }
1585 esw->enabled_vports--;
1586 mutex_unlock(&esw->state_lock);
1587 }
1588
1589 static int eswitch_vport_event(struct notifier_block *nb,
1590 unsigned long type, void *data)
1591 {
1592 struct mlx5_eswitch *esw = mlx5_nb_cof(nb, struct mlx5_eswitch, nb);
1593 struct mlx5_eqe *eqe = data;
1594 struct mlx5_vport *vport;
1595 u16 vport_num;
1596
1597 vport_num = be16_to_cpu(eqe->data.vport_change.vport_num);
1598 vport = &esw->vports[vport_num];
1599 if (vport->enabled)
1600 queue_work(esw->work_queue, &vport->vport_change_handler);
1601
1602 return NOTIFY_OK;
1603 }
1604
1605 /* Public E-Switch API */
1606 #define ESW_ALLOWED(esw) ((esw) && MLX5_ESWITCH_MANAGER((esw)->dev))
1607
1608 int mlx5_eswitch_enable_sriov(struct mlx5_eswitch *esw, int nvfs, int mode)
1609 {
1610 int err;
1611 int i, enabled_events;
1612
1613 if (!ESW_ALLOWED(esw) ||
1614 !MLX5_CAP_ESW_FLOWTABLE_FDB(esw->dev, ft_support)) {
1615 esw_warn(esw->dev, "E-Switch FDB is not supported, aborting ...\n");
1616 return -EOPNOTSUPP;
1617 }
1618
1619 if (!MLX5_CAP_ESW_INGRESS_ACL(esw->dev, ft_support))
1620 esw_warn(esw->dev, "E-Switch ingress ACL is not supported by FW\n");
1621
1622 if (!MLX5_CAP_ESW_EGRESS_ACL(esw->dev, ft_support))
1623 esw_warn(esw->dev, "E-Switch engress ACL is not supported by FW\n");
1624
1625 esw_info(esw->dev, "E-Switch enable SRIOV: nvfs(%d) mode (%d)\n", nvfs, mode);
1626
1627 esw->mode = mode;
1628
1629 mlx5_lag_update(esw->dev);
1630
1631 if (mode == SRIOV_LEGACY) {
1632 err = esw_create_legacy_fdb_table(esw);
1633 } else {
1634 mlx5_reload_interface(esw->dev, MLX5_INTERFACE_PROTOCOL_ETH);
1635 mlx5_reload_interface(esw->dev, MLX5_INTERFACE_PROTOCOL_IB);
1636 err = esw_offloads_init(esw, nvfs + 1);
1637 }
1638
1639 if (err)
1640 goto abort;
1641
1642 err = esw_create_tsar(esw);
1643 if (err)
1644 esw_warn(esw->dev, "Failed to create eswitch TSAR");
1645
1646 /* Don't enable vport events when in SRIOV_OFFLOADS mode, since:
1647 * 1. L2 table (MPFS) is programmed by PF/VF representors netdevs set_rx_mode
1648 * 2. FDB/Eswitch is programmed by user space tools
1649 */
1650 enabled_events = (mode == SRIOV_LEGACY) ? SRIOV_VPORT_EVENTS : 0;
1651 for (i = 0; i <= nvfs; i++)
1652 esw_enable_vport(esw, i, enabled_events);
1653
1654 if (mode == SRIOV_LEGACY) {
1655 MLX5_NB_INIT(&esw->nb, eswitch_vport_event, NIC_VPORT_CHANGE);
1656 mlx5_eq_notifier_register(esw->dev, &esw->nb);
1657 }
1658
1659 esw_info(esw->dev, "SRIOV enabled: active vports(%d)\n",
1660 esw->enabled_vports);
1661 return 0;
1662
1663 abort:
1664 esw->mode = SRIOV_NONE;
1665
1666 if (mode == SRIOV_OFFLOADS) {
1667 mlx5_reload_interface(esw->dev, MLX5_INTERFACE_PROTOCOL_IB);
1668 mlx5_reload_interface(esw->dev, MLX5_INTERFACE_PROTOCOL_ETH);
1669 }
1670
1671 return err;
1672 }
1673
1674 void mlx5_eswitch_disable_sriov(struct mlx5_eswitch *esw)
1675 {
1676 struct esw_mc_addr *mc_promisc;
1677 int old_mode;
1678 int nvports;
1679 int i;
1680
1681 if (!ESW_ALLOWED(esw) || esw->mode == SRIOV_NONE)
1682 return;
1683
1684 esw_info(esw->dev, "disable SRIOV: active vports(%d) mode(%d)\n",
1685 esw->enabled_vports, esw->mode);
1686
1687 mc_promisc = &esw->mc_promisc;
1688 nvports = esw->enabled_vports;
1689
1690 if (esw->mode == SRIOV_LEGACY)
1691 mlx5_eq_notifier_unregister(esw->dev, &esw->nb);
1692
1693 for (i = 0; i < esw->total_vports; i++)
1694 esw_disable_vport(esw, i);
1695
1696 if (mc_promisc && mc_promisc->uplink_rule)
1697 mlx5_del_flow_rules(mc_promisc->uplink_rule);
1698
1699 esw_destroy_tsar(esw);
1700
1701 if (esw->mode == SRIOV_LEGACY)
1702 esw_destroy_legacy_fdb_table(esw);
1703 else if (esw->mode == SRIOV_OFFLOADS)
1704 esw_offloads_cleanup(esw, nvports);
1705
1706 old_mode = esw->mode;
1707 esw->mode = SRIOV_NONE;
1708
1709 mlx5_lag_update(esw->dev);
1710
1711 if (old_mode == SRIOV_OFFLOADS) {
1712 mlx5_reload_interface(esw->dev, MLX5_INTERFACE_PROTOCOL_IB);
1713 mlx5_reload_interface(esw->dev, MLX5_INTERFACE_PROTOCOL_ETH);
1714 }
1715 }
1716
1717 int mlx5_eswitch_init(struct mlx5_core_dev *dev)
1718 {
1719 int total_vports = MLX5_TOTAL_VPORTS(dev);
1720 struct mlx5_eswitch *esw;
1721 int vport_num;
1722 int err;
1723
1724 if (!MLX5_VPORT_MANAGER(dev))
1725 return 0;
1726
1727 esw_info(dev,
1728 "Total vports %d, per vport: max uc(%d) max mc(%d)\n",
1729 total_vports,
1730 MLX5_MAX_UC_PER_VPORT(dev),
1731 MLX5_MAX_MC_PER_VPORT(dev));
1732
1733 esw = kzalloc(sizeof(*esw), GFP_KERNEL);
1734 if (!esw)
1735 return -ENOMEM;
1736
1737 esw->dev = dev;
1738
1739 esw->work_queue = create_singlethread_workqueue("mlx5_esw_wq");
1740 if (!esw->work_queue) {
1741 err = -ENOMEM;
1742 goto abort;
1743 }
1744
1745 esw->vports = kcalloc(total_vports, sizeof(struct mlx5_vport),
1746 GFP_KERNEL);
1747 if (!esw->vports) {
1748 err = -ENOMEM;
1749 goto abort;
1750 }
1751
1752 err = esw_offloads_init_reps(esw);
1753 if (err)
1754 goto abort;
1755
1756 hash_init(esw->offloads.encap_tbl);
1757 hash_init(esw->offloads.mod_hdr_tbl);
1758 mutex_init(&esw->state_lock);
1759
1760 for (vport_num = 0; vport_num < total_vports; vport_num++) {
1761 struct mlx5_vport *vport = &esw->vports[vport_num];
1762
1763 vport->vport = vport_num;
1764 vport->info.link_state = MLX5_VPORT_ADMIN_STATE_AUTO;
1765 vport->dev = dev;
1766 INIT_WORK(&vport->vport_change_handler,
1767 esw_vport_change_handler);
1768 }
1769
1770 esw->total_vports = total_vports;
1771 esw->enabled_vports = 0;
1772 esw->mode = SRIOV_NONE;
1773 esw->offloads.inline_mode = MLX5_INLINE_MODE_NONE;
1774 if (MLX5_CAP_ESW_FLOWTABLE_FDB(dev, reformat) &&
1775 MLX5_CAP_ESW_FLOWTABLE_FDB(dev, decap))
1776 esw->offloads.encap = DEVLINK_ESWITCH_ENCAP_MODE_BASIC;
1777 else
1778 esw->offloads.encap = DEVLINK_ESWITCH_ENCAP_MODE_NONE;
1779
1780 dev->priv.eswitch = esw;
1781 return 0;
1782 abort:
1783 if (esw->work_queue)
1784 destroy_workqueue(esw->work_queue);
1785 esw_offloads_cleanup_reps(esw);
1786 kfree(esw->vports);
1787 kfree(esw);
1788 return err;
1789 }
1790
1791 void mlx5_eswitch_cleanup(struct mlx5_eswitch *esw)
1792 {
1793 if (!esw || !MLX5_VPORT_MANAGER(esw->dev))
1794 return;
1795
1796 esw_info(esw->dev, "cleanup\n");
1797
1798 esw->dev->priv.eswitch = NULL;
1799 destroy_workqueue(esw->work_queue);
1800 esw_offloads_cleanup_reps(esw);
1801 kfree(esw->vports);
1802 kfree(esw);
1803 }
1804
1805 /* Vport Administration */
1806 #define LEGAL_VPORT(esw, vport) (vport >= 0 && vport < esw->total_vports)
1807
1808 int mlx5_eswitch_set_vport_mac(struct mlx5_eswitch *esw,
1809 int vport, u8 mac[ETH_ALEN])
1810 {
1811 struct mlx5_vport *evport;
1812 u64 node_guid;
1813 int err = 0;
1814
1815 if (!MLX5_CAP_GEN(esw->dev, vport_group_manager))
1816 return -EPERM;
1817 if (!LEGAL_VPORT(esw, vport) || is_multicast_ether_addr(mac))
1818 return -EINVAL;
1819
1820 mutex_lock(&esw->state_lock);
1821 evport = &esw->vports[vport];
1822
1823 if (evport->info.spoofchk && !is_valid_ether_addr(mac))
1824 mlx5_core_warn(esw->dev,
1825 "Set invalid MAC while spoofchk is on, vport(%d)\n",
1826 vport);
1827
1828 err = mlx5_modify_nic_vport_mac_address(esw->dev, vport, mac);
1829 if (err) {
1830 mlx5_core_warn(esw->dev,
1831 "Failed to mlx5_modify_nic_vport_mac vport(%d) err=(%d)\n",
1832 vport, err);
1833 goto unlock;
1834 }
1835
1836 node_guid_gen_from_mac(&node_guid, mac);
1837 err = mlx5_modify_nic_vport_node_guid(esw->dev, vport, node_guid);
1838 if (err)
1839 mlx5_core_warn(esw->dev,
1840 "Failed to set vport %d node guid, err = %d. RDMA_CM will not function properly for this VF.\n",
1841 vport, err);
1842
1843 ether_addr_copy(evport->info.mac, mac);
1844 evport->info.node_guid = node_guid;
1845 if (evport->enabled && esw->mode == SRIOV_LEGACY)
1846 err = esw_vport_ingress_config(esw, evport);
1847
1848 unlock:
1849 mutex_unlock(&esw->state_lock);
1850 return err;
1851 }
1852
1853 int mlx5_eswitch_set_vport_state(struct mlx5_eswitch *esw,
1854 int vport, int link_state)
1855 {
1856 struct mlx5_vport *evport;
1857 int err = 0;
1858
1859 if (!ESW_ALLOWED(esw))
1860 return -EPERM;
1861 if (!LEGAL_VPORT(esw, vport))
1862 return -EINVAL;
1863
1864 mutex_lock(&esw->state_lock);
1865 evport = &esw->vports[vport];
1866
1867 err = mlx5_modify_vport_admin_state(esw->dev,
1868 MLX5_VPORT_STATE_OP_MOD_ESW_VPORT,
1869 vport, link_state);
1870 if (err) {
1871 mlx5_core_warn(esw->dev,
1872 "Failed to set vport %d link state, err = %d",
1873 vport, err);
1874 goto unlock;
1875 }
1876
1877 evport->info.link_state = link_state;
1878
1879 unlock:
1880 mutex_unlock(&esw->state_lock);
1881 return 0;
1882 }
1883
1884 int mlx5_eswitch_get_vport_config(struct mlx5_eswitch *esw,
1885 int vport, struct ifla_vf_info *ivi)
1886 {
1887 struct mlx5_vport *evport;
1888
1889 if (!MLX5_CAP_GEN(esw->dev, vport_group_manager))
1890 return -EPERM;
1891 if (!LEGAL_VPORT(esw, vport))
1892 return -EINVAL;
1893
1894 evport = &esw->vports[vport];
1895
1896 memset(ivi, 0, sizeof(*ivi));
1897 ivi->vf = vport - 1;
1898
1899 mutex_lock(&esw->state_lock);
1900 ether_addr_copy(ivi->mac, evport->info.mac);
1901 ivi->linkstate = evport->info.link_state;
1902 ivi->vlan = evport->info.vlan;
1903 ivi->qos = evport->info.qos;
1904 ivi->spoofchk = evport->info.spoofchk;
1905 ivi->trusted = evport->info.trusted;
1906 ivi->min_tx_rate = evport->info.min_rate;
1907 ivi->max_tx_rate = evport->info.max_rate;
1908 mutex_unlock(&esw->state_lock);
1909
1910 return 0;
1911 }
1912
1913 int __mlx5_eswitch_set_vport_vlan(struct mlx5_eswitch *esw,
1914 int vport, u16 vlan, u8 qos, u8 set_flags)
1915 {
1916 struct mlx5_vport *evport;
1917 int err = 0;
1918
1919 if (!ESW_ALLOWED(esw))
1920 return -EPERM;
1921 if (!LEGAL_VPORT(esw, vport) || (vlan > 4095) || (qos > 7))
1922 return -EINVAL;
1923
1924 mutex_lock(&esw->state_lock);
1925 evport = &esw->vports[vport];
1926
1927 err = modify_esw_vport_cvlan(esw->dev, vport, vlan, qos, set_flags);
1928 if (err)
1929 goto unlock;
1930
1931 evport->info.vlan = vlan;
1932 evport->info.qos = qos;
1933 if (evport->enabled && esw->mode == SRIOV_LEGACY) {
1934 err = esw_vport_ingress_config(esw, evport);
1935 if (err)
1936 goto unlock;
1937 err = esw_vport_egress_config(esw, evport);
1938 }
1939
1940 unlock:
1941 mutex_unlock(&esw->state_lock);
1942 return err;
1943 }
1944
1945 int mlx5_eswitch_set_vport_vlan(struct mlx5_eswitch *esw,
1946 int vport, u16 vlan, u8 qos)
1947 {
1948 u8 set_flags = 0;
1949
1950 if (vlan || qos)
1951 set_flags = SET_VLAN_STRIP | SET_VLAN_INSERT;
1952
1953 return __mlx5_eswitch_set_vport_vlan(esw, vport, vlan, qos, set_flags);
1954 }
1955
1956 int mlx5_eswitch_set_vport_spoofchk(struct mlx5_eswitch *esw,
1957 int vport, bool spoofchk)
1958 {
1959 struct mlx5_vport *evport;
1960 bool pschk;
1961 int err = 0;
1962
1963 if (!ESW_ALLOWED(esw))
1964 return -EPERM;
1965 if (!LEGAL_VPORT(esw, vport))
1966 return -EINVAL;
1967
1968 mutex_lock(&esw->state_lock);
1969 evport = &esw->vports[vport];
1970 pschk = evport->info.spoofchk;
1971 evport->info.spoofchk = spoofchk;
1972 if (pschk && !is_valid_ether_addr(evport->info.mac))
1973 mlx5_core_warn(esw->dev,
1974 "Spoofchk in set while MAC is invalid, vport(%d)\n",
1975 evport->vport);
1976 if (evport->enabled && esw->mode == SRIOV_LEGACY)
1977 err = esw_vport_ingress_config(esw, evport);
1978 if (err)
1979 evport->info.spoofchk = pschk;
1980 mutex_unlock(&esw->state_lock);
1981
1982 return err;
1983 }
1984
1985 int mlx5_eswitch_set_vport_trust(struct mlx5_eswitch *esw,
1986 int vport, bool setting)
1987 {
1988 struct mlx5_vport *evport;
1989
1990 if (!ESW_ALLOWED(esw))
1991 return -EPERM;
1992 if (!LEGAL_VPORT(esw, vport))
1993 return -EINVAL;
1994
1995 mutex_lock(&esw->state_lock);
1996 evport = &esw->vports[vport];
1997 evport->info.trusted = setting;
1998 if (evport->enabled)
1999 esw_vport_change_handle_locked(evport);
2000 mutex_unlock(&esw->state_lock);
2001
2002 return 0;
2003 }
2004
2005 static u32 calculate_vports_min_rate_divider(struct mlx5_eswitch *esw)
2006 {
2007 u32 fw_max_bw_share = MLX5_CAP_QOS(esw->dev, max_tsar_bw_share);
2008 struct mlx5_vport *evport;
2009 u32 max_guarantee = 0;
2010 int i;
2011
2012 for (i = 0; i < esw->total_vports; i++) {
2013 evport = &esw->vports[i];
2014 if (!evport->enabled || evport->info.min_rate < max_guarantee)
2015 continue;
2016 max_guarantee = evport->info.min_rate;
2017 }
2018
2019 return max_t(u32, max_guarantee / fw_max_bw_share, 1);
2020 }
2021
2022 static int normalize_vports_min_rate(struct mlx5_eswitch *esw, u32 divider)
2023 {
2024 u32 fw_max_bw_share = MLX5_CAP_QOS(esw->dev, max_tsar_bw_share);
2025 struct mlx5_vport *evport;
2026 u32 vport_max_rate;
2027 u32 vport_min_rate;
2028 u32 bw_share;
2029 int err;
2030 int i;
2031
2032 for (i = 0; i < esw->total_vports; i++) {
2033 evport = &esw->vports[i];
2034 if (!evport->enabled)
2035 continue;
2036 vport_min_rate = evport->info.min_rate;
2037 vport_max_rate = evport->info.max_rate;
2038 bw_share = MLX5_MIN_BW_SHARE;
2039
2040 if (vport_min_rate)
2041 bw_share = MLX5_RATE_TO_BW_SHARE(vport_min_rate,
2042 divider,
2043 fw_max_bw_share);
2044
2045 if (bw_share == evport->qos.bw_share)
2046 continue;
2047
2048 err = esw_vport_qos_config(esw, i, vport_max_rate,
2049 bw_share);
2050 if (!err)
2051 evport->qos.bw_share = bw_share;
2052 else
2053 return err;
2054 }
2055
2056 return 0;
2057 }
2058
2059 int mlx5_eswitch_set_vport_rate(struct mlx5_eswitch *esw, int vport,
2060 u32 max_rate, u32 min_rate)
2061 {
2062 u32 fw_max_bw_share = MLX5_CAP_QOS(esw->dev, max_tsar_bw_share);
2063 bool min_rate_supported = MLX5_CAP_QOS(esw->dev, esw_bw_share) &&
2064 fw_max_bw_share >= MLX5_MIN_BW_SHARE;
2065 bool max_rate_supported = MLX5_CAP_QOS(esw->dev, esw_rate_limit);
2066 struct mlx5_vport *evport;
2067 u32 previous_min_rate;
2068 u32 divider;
2069 int err = 0;
2070
2071 if (!ESW_ALLOWED(esw))
2072 return -EPERM;
2073 if (!LEGAL_VPORT(esw, vport))
2074 return -EINVAL;
2075 if ((min_rate && !min_rate_supported) || (max_rate && !max_rate_supported))
2076 return -EOPNOTSUPP;
2077
2078 mutex_lock(&esw->state_lock);
2079 evport = &esw->vports[vport];
2080
2081 if (min_rate == evport->info.min_rate)
2082 goto set_max_rate;
2083
2084 previous_min_rate = evport->info.min_rate;
2085 evport->info.min_rate = min_rate;
2086 divider = calculate_vports_min_rate_divider(esw);
2087 err = normalize_vports_min_rate(esw, divider);
2088 if (err) {
2089 evport->info.min_rate = previous_min_rate;
2090 goto unlock;
2091 }
2092
2093 set_max_rate:
2094 if (max_rate == evport->info.max_rate)
2095 goto unlock;
2096
2097 err = esw_vport_qos_config(esw, vport, max_rate, evport->qos.bw_share);
2098 if (!err)
2099 evport->info.max_rate = max_rate;
2100
2101 unlock:
2102 mutex_unlock(&esw->state_lock);
2103 return err;
2104 }
2105
2106 static int mlx5_eswitch_query_vport_drop_stats(struct mlx5_core_dev *dev,
2107 int vport_idx,
2108 struct mlx5_vport_drop_stats *stats)
2109 {
2110 struct mlx5_eswitch *esw = dev->priv.eswitch;
2111 struct mlx5_vport *vport = &esw->vports[vport_idx];
2112 u64 rx_discard_vport_down, tx_discard_vport_down;
2113 u64 bytes = 0;
2114 int err = 0;
2115
2116 if (!vport->enabled || esw->mode != SRIOV_LEGACY)
2117 return 0;
2118
2119 if (vport->egress.drop_counter)
2120 mlx5_fc_query(dev, vport->egress.drop_counter,
2121 &stats->rx_dropped, &bytes);
2122
2123 if (vport->ingress.drop_counter)
2124 mlx5_fc_query(dev, vport->ingress.drop_counter,
2125 &stats->tx_dropped, &bytes);
2126
2127 if (!MLX5_CAP_GEN(dev, receive_discard_vport_down) &&
2128 !MLX5_CAP_GEN(dev, transmit_discard_vport_down))
2129 return 0;
2130
2131 err = mlx5_query_vport_down_stats(dev, vport_idx,
2132 &rx_discard_vport_down,
2133 &tx_discard_vport_down);
2134 if (err)
2135 return err;
2136
2137 if (MLX5_CAP_GEN(dev, receive_discard_vport_down))
2138 stats->rx_dropped += rx_discard_vport_down;
2139 if (MLX5_CAP_GEN(dev, transmit_discard_vport_down))
2140 stats->tx_dropped += tx_discard_vport_down;
2141
2142 return 0;
2143 }
2144
2145 int mlx5_eswitch_get_vport_stats(struct mlx5_eswitch *esw,
2146 int vport,
2147 struct ifla_vf_stats *vf_stats)
2148 {
2149 int outlen = MLX5_ST_SZ_BYTES(query_vport_counter_out);
2150 u32 in[MLX5_ST_SZ_DW(query_vport_counter_in)] = {0};
2151 struct mlx5_vport_drop_stats stats = {0};
2152 int err = 0;
2153 u32 *out;
2154
2155 if (!ESW_ALLOWED(esw))
2156 return -EPERM;
2157 if (!LEGAL_VPORT(esw, vport))
2158 return -EINVAL;
2159
2160 out = kvzalloc(outlen, GFP_KERNEL);
2161 if (!out)
2162 return -ENOMEM;
2163
2164 MLX5_SET(query_vport_counter_in, in, opcode,
2165 MLX5_CMD_OP_QUERY_VPORT_COUNTER);
2166 MLX5_SET(query_vport_counter_in, in, op_mod, 0);
2167 MLX5_SET(query_vport_counter_in, in, vport_number, vport);
2168 if (vport)
2169 MLX5_SET(query_vport_counter_in, in, other_vport, 1);
2170
2171 memset(out, 0, outlen);
2172 err = mlx5_cmd_exec(esw->dev, in, sizeof(in), out, outlen);
2173 if (err)
2174 goto free_out;
2175
2176 #define MLX5_GET_CTR(p, x) \
2177 MLX5_GET64(query_vport_counter_out, p, x)
2178
2179 memset(vf_stats, 0, sizeof(*vf_stats));
2180 vf_stats->rx_packets =
2181 MLX5_GET_CTR(out, received_eth_unicast.packets) +
2182 MLX5_GET_CTR(out, received_ib_unicast.packets) +
2183 MLX5_GET_CTR(out, received_eth_multicast.packets) +
2184 MLX5_GET_CTR(out, received_ib_multicast.packets) +
2185 MLX5_GET_CTR(out, received_eth_broadcast.packets);
2186
2187 vf_stats->rx_bytes =
2188 MLX5_GET_CTR(out, received_eth_unicast.octets) +
2189 MLX5_GET_CTR(out, received_ib_unicast.octets) +
2190 MLX5_GET_CTR(out, received_eth_multicast.octets) +
2191 MLX5_GET_CTR(out, received_ib_multicast.octets) +
2192 MLX5_GET_CTR(out, received_eth_broadcast.octets);
2193
2194 vf_stats->tx_packets =
2195 MLX5_GET_CTR(out, transmitted_eth_unicast.packets) +
2196 MLX5_GET_CTR(out, transmitted_ib_unicast.packets) +
2197 MLX5_GET_CTR(out, transmitted_eth_multicast.packets) +
2198 MLX5_GET_CTR(out, transmitted_ib_multicast.packets) +
2199 MLX5_GET_CTR(out, transmitted_eth_broadcast.packets);
2200
2201 vf_stats->tx_bytes =
2202 MLX5_GET_CTR(out, transmitted_eth_unicast.octets) +
2203 MLX5_GET_CTR(out, transmitted_ib_unicast.octets) +
2204 MLX5_GET_CTR(out, transmitted_eth_multicast.octets) +
2205 MLX5_GET_CTR(out, transmitted_ib_multicast.octets) +
2206 MLX5_GET_CTR(out, transmitted_eth_broadcast.octets);
2207
2208 vf_stats->multicast =
2209 MLX5_GET_CTR(out, received_eth_multicast.packets) +
2210 MLX5_GET_CTR(out, received_ib_multicast.packets);
2211
2212 vf_stats->broadcast =
2213 MLX5_GET_CTR(out, received_eth_broadcast.packets);
2214
2215 err = mlx5_eswitch_query_vport_drop_stats(esw->dev, vport, &stats);
2216 if (err)
2217 goto free_out;
2218 vf_stats->rx_dropped = stats.rx_dropped;
2219 vf_stats->tx_dropped = stats.tx_dropped;
2220
2221 free_out:
2222 kvfree(out);
2223 return err;
2224 }
2225
2226 u8 mlx5_eswitch_mode(struct mlx5_eswitch *esw)
2227 {
2228 return ESW_ALLOWED(esw) ? esw->mode : SRIOV_NONE;
2229 }
2230 EXPORT_SYMBOL_GPL(mlx5_eswitch_mode);
2231
2232 bool mlx5_esw_lag_prereq(struct mlx5_core_dev *dev0, struct mlx5_core_dev *dev1)
2233 {
2234 if ((dev0->priv.eswitch->mode == SRIOV_NONE &&
2235 dev1->priv.eswitch->mode == SRIOV_NONE) ||
2236 (dev0->priv.eswitch->mode == SRIOV_OFFLOADS &&
2237 dev1->priv.eswitch->mode == SRIOV_OFFLOADS))
2238 return true;
2239
2240 return false;
2241 }
Ubuntu Eoan Linux kernel mirror