1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright 2017 6WIND S.A. 3 * Copyright 2017 Mellanox Technologies, Ltd 4 */ 5 6 /** 7 * @file 8 * Flow API operations for mlx4 driver. 9 */ 10 11 #include <arpa/inet.h> 12 #include <errno.h> 13 #include <stdalign.h> 14 #include <stddef.h> 15 #include <stdint.h> 16 #include <string.h> 17 #include <sys/queue.h> 18 19 /* Verbs headers do not support -pedantic. */ 20 #ifdef PEDANTIC 21 #pragma GCC diagnostic ignored "-Wpedantic" 22 #endif 23 #include <infiniband/verbs.h> 24 #ifdef PEDANTIC 25 #pragma GCC diagnostic error "-Wpedantic" 26 #endif 27 28 #include <rte_byteorder.h> 29 #include <rte_errno.h> 30 #include <ethdev_driver.h> 31 #include <rte_ether.h> 32 #include <rte_flow.h> 33 #include <rte_flow_driver.h> 34 #include <rte_malloc.h> 35 36 /* PMD headers. */ 37 #include "mlx4.h" 38 #include "mlx4_glue.h" 39 #include "mlx4_flow.h" 40 #include "mlx4_rxtx.h" 41 #include "mlx4_utils.h" 42 43 /** Static initializer for a list of subsequent item types. */ 44 #define NEXT_ITEM(...) \ 45 (const enum rte_flow_item_type []){ \ 46 __VA_ARGS__, RTE_FLOW_ITEM_TYPE_END, \ 47 } 48 49 /** Processor structure associated with a flow item. */ 50 struct mlx4_flow_proc_item { 51 /** Bit-mask for fields supported by this PMD. */ 52 const void *mask_support; 53 /** Bit-mask to use when @p item->mask is not provided. */ 54 const void *mask_default; 55 /** Size in bytes for @p mask_support and @p mask_default. */ 56 const unsigned int mask_sz; 57 /** Merge a pattern item into a flow rule handle. */ 58 int (*merge)(struct rte_flow *flow, 59 const struct rte_flow_item *item, 60 const struct mlx4_flow_proc_item *proc, 61 struct rte_flow_error *error); 62 /** Size in bytes of the destination structure. */ 63 const unsigned int dst_sz; 64 /** List of possible subsequent items. */ 65 const enum rte_flow_item_type *const next_item; 66 }; 67 68 /** Shared resources for drop flow rules. */ 69 struct mlx4_drop { 70 struct ibv_qp *qp; /**< QP target. */ 71 struct ibv_cq *cq; /**< CQ associated with above QP. */ 72 struct mlx4_priv *priv; /**< Back pointer to private data. */ 73 uint32_t refcnt; /**< Reference count. */ 74 }; 75 76 /** 77 * Convert supported RSS hash field types between DPDK and Verbs formats. 78 * 79 * This function returns the supported (default) set when @p types has 80 * special value 0. 81 * 82 * @param priv 83 * Pointer to private structure. 84 * @param types 85 * Depending on @p verbs_to_dpdk, hash types in either DPDK (see struct 86 * rte_eth_rss_conf) or Verbs format. 87 * @param verbs_to_dpdk 88 * A zero value converts @p types from DPDK to Verbs, a nonzero value 89 * performs the reverse operation. 90 * 91 * @return 92 * Converted RSS hash fields on success, (uint64_t)-1 otherwise and 93 * rte_errno is set. 94 */ 95 uint64_t 96 mlx4_conv_rss_types(struct mlx4_priv *priv, uint64_t types, int verbs_to_dpdk) 97 { 98 enum { 99 INNER, 100 IPV4, IPV4_1, IPV4_2, IPV6, IPV6_1, IPV6_2, IPV6_3, 101 TCP, UDP, 102 IPV4_TCP, IPV4_UDP, IPV6_TCP, IPV6_TCP_1, IPV6_UDP, IPV6_UDP_1, 103 }; 104 enum { 105 VERBS_IPV4 = IBV_RX_HASH_SRC_IPV4 | IBV_RX_HASH_DST_IPV4, 106 VERBS_IPV6 = IBV_RX_HASH_SRC_IPV6 | IBV_RX_HASH_DST_IPV6, 107 VERBS_TCP = IBV_RX_HASH_SRC_PORT_TCP | IBV_RX_HASH_DST_PORT_TCP, 108 VERBS_UDP = IBV_RX_HASH_SRC_PORT_UDP | IBV_RX_HASH_DST_PORT_UDP, 109 }; 110 static const uint64_t dpdk[] = { 111 [INNER] = 0, 112 [IPV4] = ETH_RSS_IPV4, 113 [IPV4_1] = ETH_RSS_FRAG_IPV4, 114 [IPV4_2] = ETH_RSS_NONFRAG_IPV4_OTHER, 115 [IPV6] = ETH_RSS_IPV6, 116 [IPV6_1] = ETH_RSS_FRAG_IPV6, 117 [IPV6_2] = ETH_RSS_NONFRAG_IPV6_OTHER, 118 [IPV6_3] = ETH_RSS_IPV6_EX, 119 [TCP] = 0, 120 [UDP] = 0, 121 [IPV4_TCP] = ETH_RSS_NONFRAG_IPV4_TCP, 122 [IPV4_UDP] = ETH_RSS_NONFRAG_IPV4_UDP, 123 [IPV6_TCP] = ETH_RSS_NONFRAG_IPV6_TCP, 124 [IPV6_TCP_1] = ETH_RSS_IPV6_TCP_EX, 125 [IPV6_UDP] = ETH_RSS_NONFRAG_IPV6_UDP, 126 [IPV6_UDP_1] = ETH_RSS_IPV6_UDP_EX, 127 }; 128 static const uint64_t verbs[RTE_DIM(dpdk)] = { 129 [INNER] = IBV_RX_HASH_INNER, 130 [IPV4] = VERBS_IPV4, 131 [IPV4_1] = VERBS_IPV4, 132 [IPV4_2] = VERBS_IPV4, 133 [IPV6] = VERBS_IPV6, 134 [IPV6_1] = VERBS_IPV6, 135 [IPV6_2] = VERBS_IPV6, 136 [IPV6_3] = VERBS_IPV6, 137 [TCP] = VERBS_TCP, 138 [UDP] = VERBS_UDP, 139 [IPV4_TCP] = VERBS_IPV4 | VERBS_TCP, 140 [IPV4_UDP] = VERBS_IPV4 | VERBS_UDP, 141 [IPV6_TCP] = VERBS_IPV6 | VERBS_TCP, 142 [IPV6_TCP_1] = VERBS_IPV6 | VERBS_TCP, 143 [IPV6_UDP] = VERBS_IPV6 | VERBS_UDP, 144 [IPV6_UDP_1] = VERBS_IPV6 | VERBS_UDP, 145 }; 146 const uint64_t *in = verbs_to_dpdk ? verbs : dpdk; 147 const uint64_t *out = verbs_to_dpdk ? dpdk : verbs; 148 uint64_t seen = 0; 149 uint64_t conv = 0; 150 unsigned int i; 151 152 if (!types) { 153 if (!verbs_to_dpdk) 154 return priv->hw_rss_sup; 155 types = priv->hw_rss_sup; 156 } 157 for (i = 0; i != RTE_DIM(dpdk); ++i) 158 if (in[i] && (types & in[i]) == in[i]) { 159 seen |= types & in[i]; 160 conv |= out[i]; 161 } 162 if ((verbs_to_dpdk || (conv & priv->hw_rss_sup) == conv) && 163 !(types & ~seen)) 164 return conv; 165 rte_errno = ENOTSUP; 166 return (uint64_t)-1; 167 } 168 169 /** 170 * Merge Ethernet pattern item into flow rule handle. 171 * 172 * Additional mlx4-specific constraints on supported fields: 173 * 174 * - No support for partial masks, except in the specific case of matching 175 * all multicast traffic (@p spec->dst and @p mask->dst equal to 176 * 01:00:00:00:00:00). 177 * - Not providing @p item->spec or providing an empty @p mask->dst is 178 * *only* supported if the rule doesn't specify additional matching 179 * criteria (i.e. rule is promiscuous-like). 180 * 181 * @param[in, out] flow 182 * Flow rule handle to update. 183 * @param[in] item 184 * Pattern item to merge. 185 * @param[in] proc 186 * Associated item-processing object. 187 * @param[out] error 188 * Perform verbose error reporting if not NULL. 189 * 190 * @return 191 * 0 on success, a negative errno value otherwise and rte_errno is set. 192 */ 193 static int 194 mlx4_flow_merge_eth(struct rte_flow *flow, 195 const struct rte_flow_item *item, 196 const struct mlx4_flow_proc_item *proc, 197 struct rte_flow_error *error) 198 { 199 const struct rte_flow_item_eth *spec = item->spec; 200 const struct rte_flow_item_eth *mask = 201 spec ? (item->mask ? item->mask : proc->mask_default) : NULL; 202 struct ibv_flow_spec_eth *eth; 203 const char *msg; 204 unsigned int i; 205 206 if (mask) { 207 uint32_t sum_dst = 0; 208 uint32_t sum_src = 0; 209 210 for (i = 0; i != sizeof(mask->dst.addr_bytes); ++i) { 211 sum_dst += mask->dst.addr_bytes[i]; 212 sum_src += mask->src.addr_bytes[i]; 213 } 214 if (sum_src) { 215 msg = "mlx4 does not support source MAC matching"; 216 goto error; 217 } else if (!sum_dst) { 218 flow->promisc = 1; 219 } else if (sum_dst == 1 && mask->dst.addr_bytes[0] == 1) { 220 if (!(spec->dst.addr_bytes[0] & 1)) { 221 msg = "mlx4 does not support the explicit" 222 " exclusion of all multicast traffic"; 223 goto error; 224 } 225 flow->allmulti = 1; 226 } else if (sum_dst != (UINT8_C(0xff) * RTE_ETHER_ADDR_LEN)) { 227 msg = "mlx4 does not support matching partial" 228 " Ethernet fields"; 229 goto error; 230 } 231 } 232 if (!flow->ibv_attr) 233 return 0; 234 if (flow->promisc) { 235 flow->ibv_attr->type = IBV_FLOW_ATTR_ALL_DEFAULT; 236 return 0; 237 } 238 if (flow->allmulti) { 239 flow->ibv_attr->type = IBV_FLOW_ATTR_MC_DEFAULT; 240 return 0; 241 } 242 ++flow->ibv_attr->num_of_specs; 243 eth = (void *)((uintptr_t)flow->ibv_attr + flow->ibv_attr_size); 244 *eth = (struct ibv_flow_spec_eth) { 245 .type = IBV_FLOW_SPEC_ETH, 246 .size = sizeof(*eth), 247 }; 248 if (!mask) { 249 eth->val.dst_mac[0] = 0xff; 250 flow->ibv_attr->type = IBV_FLOW_ATTR_ALL_DEFAULT; 251 flow->promisc = 1; 252 return 0; 253 } 254 memcpy(eth->val.dst_mac, spec->dst.addr_bytes, RTE_ETHER_ADDR_LEN); 255 memcpy(eth->mask.dst_mac, mask->dst.addr_bytes, RTE_ETHER_ADDR_LEN); 256 /* Remove unwanted bits from values. */ 257 for (i = 0; i < RTE_ETHER_ADDR_LEN; ++i) 258 eth->val.dst_mac[i] &= eth->mask.dst_mac[i]; 259 260 return 0; 261 error: 262 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 263 item, msg); 264 } 265 266 /** 267 * Merge VLAN pattern item into flow rule handle. 268 * 269 * Additional mlx4-specific constraints on supported fields: 270 * 271 * - Matching *all* VLAN traffic by omitting @p item->spec or providing an 272 * empty @p item->mask would also include non-VLAN traffic. Doing so is 273 * therefore unsupported. 274 * - No support for partial masks. 275 * 276 * @param[in, out] flow 277 * Flow rule handle to update. 278 * @param[in] item 279 * Pattern item to merge. 280 * @param[in] proc 281 * Associated item-processing object. 282 * @param[out] error 283 * Perform verbose error reporting if not NULL. 284 * 285 * @return 286 * 0 on success, a negative errno value otherwise and rte_errno is set. 287 */ 288 static int 289 mlx4_flow_merge_vlan(struct rte_flow *flow, 290 const struct rte_flow_item *item, 291 const struct mlx4_flow_proc_item *proc, 292 struct rte_flow_error *error) 293 { 294 const struct rte_flow_item_vlan *spec = item->spec; 295 const struct rte_flow_item_vlan *mask = 296 spec ? (item->mask ? item->mask : proc->mask_default) : NULL; 297 struct ibv_flow_spec_eth *eth; 298 const char *msg; 299 300 if (!mask || !mask->tci) { 301 msg = "mlx4 cannot match all VLAN traffic while excluding" 302 " non-VLAN traffic, TCI VID must be specified"; 303 goto error; 304 } 305 if (mask->tci != RTE_BE16(0x0fff)) { 306 msg = "mlx4 does not support partial TCI VID matching"; 307 goto error; 308 } 309 if (!flow->ibv_attr) 310 return 0; 311 eth = (void *)((uintptr_t)flow->ibv_attr + flow->ibv_attr_size - 312 sizeof(*eth)); 313 eth->val.vlan_tag = spec->tci; 314 eth->mask.vlan_tag = mask->tci; 315 eth->val.vlan_tag &= eth->mask.vlan_tag; 316 if (flow->ibv_attr->type == IBV_FLOW_ATTR_ALL_DEFAULT) 317 flow->ibv_attr->type = IBV_FLOW_ATTR_NORMAL; 318 return 0; 319 error: 320 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 321 item, msg); 322 } 323 324 /** 325 * Merge IPv4 pattern item into flow rule handle. 326 * 327 * Additional mlx4-specific constraints on supported fields: 328 * 329 * - No support for partial masks. 330 * 331 * @param[in, out] flow 332 * Flow rule handle to update. 333 * @param[in] item 334 * Pattern item to merge. 335 * @param[in] proc 336 * Associated item-processing object. 337 * @param[out] error 338 * Perform verbose error reporting if not NULL. 339 * 340 * @return 341 * 0 on success, a negative errno value otherwise and rte_errno is set. 342 */ 343 static int 344 mlx4_flow_merge_ipv4(struct rte_flow *flow, 345 const struct rte_flow_item *item, 346 const struct mlx4_flow_proc_item *proc, 347 struct rte_flow_error *error) 348 { 349 const struct rte_flow_item_ipv4 *spec = item->spec; 350 const struct rte_flow_item_ipv4 *mask = 351 spec ? (item->mask ? item->mask : proc->mask_default) : NULL; 352 struct ibv_flow_spec_ipv4 *ipv4; 353 const char *msg; 354 355 if (mask && 356 ((uint32_t)(mask->hdr.src_addr + 1) > UINT32_C(1) || 357 (uint32_t)(mask->hdr.dst_addr + 1) > UINT32_C(1))) { 358 msg = "mlx4 does not support matching partial IPv4 fields"; 359 goto error; 360 } 361 if (!flow->ibv_attr) 362 return 0; 363 ++flow->ibv_attr->num_of_specs; 364 ipv4 = (void *)((uintptr_t)flow->ibv_attr + flow->ibv_attr_size); 365 *ipv4 = (struct ibv_flow_spec_ipv4) { 366 .type = IBV_FLOW_SPEC_IPV4, 367 .size = sizeof(*ipv4), 368 }; 369 if (!spec) 370 return 0; 371 ipv4->val = (struct ibv_flow_ipv4_filter) { 372 .src_ip = spec->hdr.src_addr, 373 .dst_ip = spec->hdr.dst_addr, 374 }; 375 ipv4->mask = (struct ibv_flow_ipv4_filter) { 376 .src_ip = mask->hdr.src_addr, 377 .dst_ip = mask->hdr.dst_addr, 378 }; 379 /* Remove unwanted bits from values. */ 380 ipv4->val.src_ip &= ipv4->mask.src_ip; 381 ipv4->val.dst_ip &= ipv4->mask.dst_ip; 382 return 0; 383 error: 384 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 385 item, msg); 386 } 387 388 /** 389 * Merge UDP pattern item into flow rule handle. 390 * 391 * Additional mlx4-specific constraints on supported fields: 392 * 393 * - No support for partial masks. 394 * - Due to HW/FW limitation, flow rule priority is not taken into account 395 * when matching UDP destination ports, doing is therefore only supported 396 * at the highest priority level (0). 397 * 398 * @param[in, out] flow 399 * Flow rule handle to update. 400 * @param[in] item 401 * Pattern item to merge. 402 * @param[in] proc 403 * Associated item-processing object. 404 * @param[out] error 405 * Perform verbose error reporting if not NULL. 406 * 407 * @return 408 * 0 on success, a negative errno value otherwise and rte_errno is set. 409 */ 410 static int 411 mlx4_flow_merge_udp(struct rte_flow *flow, 412 const struct rte_flow_item *item, 413 const struct mlx4_flow_proc_item *proc, 414 struct rte_flow_error *error) 415 { 416 const struct rte_flow_item_udp *spec = item->spec; 417 const struct rte_flow_item_udp *mask = 418 spec ? (item->mask ? item->mask : proc->mask_default) : NULL; 419 struct ibv_flow_spec_tcp_udp *udp; 420 const char *msg; 421 422 if (mask && 423 ((uint16_t)(mask->hdr.src_port + 1) > UINT16_C(1) || 424 (uint16_t)(mask->hdr.dst_port + 1) > UINT16_C(1))) { 425 msg = "mlx4 does not support matching partial UDP fields"; 426 goto error; 427 } 428 if (mask && mask->hdr.dst_port && flow->priority) { 429 msg = "combining UDP destination port matching with a nonzero" 430 " priority level is not supported"; 431 goto error; 432 } 433 if (!flow->ibv_attr) 434 return 0; 435 ++flow->ibv_attr->num_of_specs; 436 udp = (void *)((uintptr_t)flow->ibv_attr + flow->ibv_attr_size); 437 *udp = (struct ibv_flow_spec_tcp_udp) { 438 .type = IBV_FLOW_SPEC_UDP, 439 .size = sizeof(*udp), 440 }; 441 if (!spec) 442 return 0; 443 udp->val.dst_port = spec->hdr.dst_port; 444 udp->val.src_port = spec->hdr.src_port; 445 udp->mask.dst_port = mask->hdr.dst_port; 446 udp->mask.src_port = mask->hdr.src_port; 447 /* Remove unwanted bits from values. */ 448 udp->val.src_port &= udp->mask.src_port; 449 udp->val.dst_port &= udp->mask.dst_port; 450 return 0; 451 error: 452 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 453 item, msg); 454 } 455 456 /** 457 * Merge TCP pattern item into flow rule handle. 458 * 459 * Additional mlx4-specific constraints on supported fields: 460 * 461 * - No support for partial masks. 462 * 463 * @param[in, out] flow 464 * Flow rule handle to update. 465 * @param[in] item 466 * Pattern item to merge. 467 * @param[in] proc 468 * Associated item-processing object. 469 * @param[out] error 470 * Perform verbose error reporting if not NULL. 471 * 472 * @return 473 * 0 on success, a negative errno value otherwise and rte_errno is set. 474 */ 475 static int 476 mlx4_flow_merge_tcp(struct rte_flow *flow, 477 const struct rte_flow_item *item, 478 const struct mlx4_flow_proc_item *proc, 479 struct rte_flow_error *error) 480 { 481 const struct rte_flow_item_tcp *spec = item->spec; 482 const struct rte_flow_item_tcp *mask = 483 spec ? (item->mask ? item->mask : proc->mask_default) : NULL; 484 struct ibv_flow_spec_tcp_udp *tcp; 485 const char *msg; 486 487 if (mask && 488 ((uint16_t)(mask->hdr.src_port + 1) > UINT16_C(1) || 489 (uint16_t)(mask->hdr.dst_port + 1) > UINT16_C(1))) { 490 msg = "mlx4 does not support matching partial TCP fields"; 491 goto error; 492 } 493 if (!flow->ibv_attr) 494 return 0; 495 ++flow->ibv_attr->num_of_specs; 496 tcp = (void *)((uintptr_t)flow->ibv_attr + flow->ibv_attr_size); 497 *tcp = (struct ibv_flow_spec_tcp_udp) { 498 .type = IBV_FLOW_SPEC_TCP, 499 .size = sizeof(*tcp), 500 }; 501 if (!spec) 502 return 0; 503 tcp->val.dst_port = spec->hdr.dst_port; 504 tcp->val.src_port = spec->hdr.src_port; 505 tcp->mask.dst_port = mask->hdr.dst_port; 506 tcp->mask.src_port = mask->hdr.src_port; 507 /* Remove unwanted bits from values. */ 508 tcp->val.src_port &= tcp->mask.src_port; 509 tcp->val.dst_port &= tcp->mask.dst_port; 510 return 0; 511 error: 512 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 513 item, msg); 514 } 515 516 /** 517 * Perform basic sanity checks on a pattern item. 518 * 519 * @param[in] item 520 * Item specification. 521 * @param[in] proc 522 * Associated item-processing object. 523 * @param[out] error 524 * Perform verbose error reporting if not NULL. 525 * 526 * @return 527 * 0 on success, a negative errno value otherwise and rte_errno is set. 528 */ 529 static int 530 mlx4_flow_item_check(const struct rte_flow_item *item, 531 const struct mlx4_flow_proc_item *proc, 532 struct rte_flow_error *error) 533 { 534 const uint8_t *mask; 535 unsigned int i; 536 537 /* item->last and item->mask cannot exist without item->spec. */ 538 if (!item->spec && (item->mask || item->last)) 539 return rte_flow_error_set 540 (error, EINVAL, RTE_FLOW_ERROR_TYPE_ITEM, item, 541 "\"mask\" or \"last\" field provided without a" 542 " corresponding \"spec\""); 543 /* No spec, no mask, no problem. */ 544 if (!item->spec) 545 return 0; 546 mask = item->mask ? 547 (const uint8_t *)item->mask : 548 (const uint8_t *)proc->mask_default; 549 MLX4_ASSERT(mask); 550 /* 551 * Single-pass check to make sure that: 552 * - Mask is supported, no bits are set outside proc->mask_support. 553 * - Both item->spec and item->last are included in mask. 554 */ 555 for (i = 0; i != proc->mask_sz; ++i) { 556 if (!mask[i]) 557 continue; 558 if ((mask[i] | ((const uint8_t *)proc->mask_support)[i]) != 559 ((const uint8_t *)proc->mask_support)[i]) 560 return rte_flow_error_set 561 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 562 item, "unsupported field found in \"mask\""); 563 if (item->last && 564 (((const uint8_t *)item->spec)[i] & mask[i]) != 565 (((const uint8_t *)item->last)[i] & mask[i])) 566 return rte_flow_error_set 567 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 568 item, 569 "range between \"spec\" and \"last\"" 570 " is larger than \"mask\""); 571 } 572 return 0; 573 } 574 575 /** Graph of supported items and associated actions. */ 576 static const struct mlx4_flow_proc_item mlx4_flow_proc_item_list[] = { 577 [RTE_FLOW_ITEM_TYPE_END] = { 578 .next_item = NEXT_ITEM(RTE_FLOW_ITEM_TYPE_ETH), 579 }, 580 [RTE_FLOW_ITEM_TYPE_ETH] = { 581 .next_item = NEXT_ITEM(RTE_FLOW_ITEM_TYPE_VLAN, 582 RTE_FLOW_ITEM_TYPE_IPV4), 583 .mask_support = &(const struct rte_flow_item_eth){ 584 /* Only destination MAC can be matched. */ 585 .dst.addr_bytes = "\xff\xff\xff\xff\xff\xff", 586 }, 587 .mask_default = &rte_flow_item_eth_mask, 588 .mask_sz = sizeof(struct rte_flow_item_eth), 589 .merge = mlx4_flow_merge_eth, 590 .dst_sz = sizeof(struct ibv_flow_spec_eth), 591 }, 592 [RTE_FLOW_ITEM_TYPE_VLAN] = { 593 .next_item = NEXT_ITEM(RTE_FLOW_ITEM_TYPE_IPV4), 594 .mask_support = &(const struct rte_flow_item_vlan){ 595 /* Only TCI VID matching is supported. */ 596 .tci = RTE_BE16(0x0fff), 597 }, 598 .mask_default = &rte_flow_item_vlan_mask, 599 .mask_sz = sizeof(struct rte_flow_item_vlan), 600 .merge = mlx4_flow_merge_vlan, 601 .dst_sz = 0, 602 }, 603 [RTE_FLOW_ITEM_TYPE_IPV4] = { 604 .next_item = NEXT_ITEM(RTE_FLOW_ITEM_TYPE_UDP, 605 RTE_FLOW_ITEM_TYPE_TCP), 606 .mask_support = &(const struct rte_flow_item_ipv4){ 607 .hdr = { 608 .src_addr = RTE_BE32(0xffffffff), 609 .dst_addr = RTE_BE32(0xffffffff), 610 }, 611 }, 612 .mask_default = &rte_flow_item_ipv4_mask, 613 .mask_sz = sizeof(struct rte_flow_item_ipv4), 614 .merge = mlx4_flow_merge_ipv4, 615 .dst_sz = sizeof(struct ibv_flow_spec_ipv4), 616 }, 617 [RTE_FLOW_ITEM_TYPE_UDP] = { 618 .mask_support = &(const struct rte_flow_item_udp){ 619 .hdr = { 620 .src_port = RTE_BE16(0xffff), 621 .dst_port = RTE_BE16(0xffff), 622 }, 623 }, 624 .mask_default = &rte_flow_item_udp_mask, 625 .mask_sz = sizeof(struct rte_flow_item_udp), 626 .merge = mlx4_flow_merge_udp, 627 .dst_sz = sizeof(struct ibv_flow_spec_tcp_udp), 628 }, 629 [RTE_FLOW_ITEM_TYPE_TCP] = { 630 .mask_support = &(const struct rte_flow_item_tcp){ 631 .hdr = { 632 .src_port = RTE_BE16(0xffff), 633 .dst_port = RTE_BE16(0xffff), 634 }, 635 }, 636 .mask_default = &rte_flow_item_tcp_mask, 637 .mask_sz = sizeof(struct rte_flow_item_tcp), 638 .merge = mlx4_flow_merge_tcp, 639 .dst_sz = sizeof(struct ibv_flow_spec_tcp_udp), 640 }, 641 }; 642 643 /** 644 * Make sure a flow rule is supported and initialize associated structure. 645 * 646 * @param priv 647 * Pointer to private structure. 648 * @param[in] attr 649 * Flow rule attributes. 650 * @param[in] pattern 651 * Pattern specification (list terminated by the END pattern item). 652 * @param[in] actions 653 * Associated actions (list terminated by the END action). 654 * @param[out] error 655 * Perform verbose error reporting if not NULL. 656 * @param[in, out] addr 657 * Buffer where the resulting flow rule handle pointer must be stored. 658 * If NULL, stop processing after validation stage. 659 * 660 * @return 661 * 0 on success, a negative errno value otherwise and rte_errno is set. 662 */ 663 static int 664 mlx4_flow_prepare(struct mlx4_priv *priv, 665 const struct rte_flow_attr *attr, 666 const struct rte_flow_item pattern[], 667 const struct rte_flow_action actions[], 668 struct rte_flow_error *error, 669 struct rte_flow **addr) 670 { 671 const struct rte_flow_item *item; 672 const struct rte_flow_action *action; 673 const struct mlx4_flow_proc_item *proc; 674 struct rte_flow temp = { .ibv_attr_size = sizeof(*temp.ibv_attr) }; 675 struct rte_flow *flow = &temp; 676 const char *msg = NULL; 677 int overlap; 678 679 if (attr->group) 680 return rte_flow_error_set 681 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ATTR_GROUP, 682 NULL, "groups are not supported"); 683 if (attr->priority > MLX4_FLOW_PRIORITY_LAST) 684 return rte_flow_error_set 685 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ATTR_PRIORITY, 686 NULL, "maximum priority level is " 687 MLX4_STR_EXPAND(MLX4_FLOW_PRIORITY_LAST)); 688 if (attr->egress) 689 return rte_flow_error_set 690 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ATTR_EGRESS, 691 NULL, "egress is not supported"); 692 if (attr->transfer) 693 return rte_flow_error_set 694 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ATTR_TRANSFER, 695 NULL, "transfer is not supported"); 696 if (!attr->ingress) 697 return rte_flow_error_set 698 (error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ATTR_INGRESS, 699 NULL, "only ingress is supported"); 700 fill: 701 overlap = 0; 702 proc = mlx4_flow_proc_item_list; 703 flow->priority = attr->priority; 704 /* Go over pattern. */ 705 for (item = pattern; item->type; ++item) { 706 const struct mlx4_flow_proc_item *next = NULL; 707 unsigned int i; 708 int err; 709 710 if (item->type == RTE_FLOW_ITEM_TYPE_VOID) 711 continue; 712 if (item->type == MLX4_FLOW_ITEM_TYPE_INTERNAL) { 713 flow->internal = 1; 714 continue; 715 } 716 if (flow->promisc || flow->allmulti) { 717 msg = "mlx4 does not support additional matching" 718 " criteria combined with indiscriminate" 719 " matching on Ethernet headers"; 720 goto exit_item_not_supported; 721 } 722 for (i = 0; proc->next_item && proc->next_item[i]; ++i) { 723 if (proc->next_item[i] == item->type) { 724 next = &mlx4_flow_proc_item_list[item->type]; 725 break; 726 } 727 } 728 if (!next) 729 goto exit_item_not_supported; 730 proc = next; 731 /* 732 * Perform basic sanity checks only once, while handle is 733 * not allocated. 734 */ 735 if (flow == &temp) { 736 err = mlx4_flow_item_check(item, proc, error); 737 if (err) 738 return err; 739 } 740 if (proc->merge) { 741 err = proc->merge(flow, item, proc, error); 742 if (err) 743 return err; 744 } 745 flow->ibv_attr_size += proc->dst_sz; 746 } 747 /* Go over actions list. */ 748 for (action = actions; action->type; ++action) { 749 /* This one may appear anywhere multiple times. */ 750 if (action->type == RTE_FLOW_ACTION_TYPE_VOID) 751 continue; 752 /* Fate-deciding actions may appear exactly once. */ 753 if (overlap) { 754 msg = "cannot combine several fate-deciding actions," 755 " choose between DROP, QUEUE or RSS"; 756 goto exit_action_not_supported; 757 } 758 overlap = 1; 759 switch (action->type) { 760 const struct rte_flow_action_queue *queue; 761 const struct rte_flow_action_rss *rss; 762 const uint8_t *rss_key; 763 uint32_t rss_key_len; 764 uint64_t fields; 765 unsigned int i; 766 767 case RTE_FLOW_ACTION_TYPE_DROP: 768 flow->drop = 1; 769 break; 770 case RTE_FLOW_ACTION_TYPE_QUEUE: 771 if (flow->rss) 772 break; 773 queue = action->conf; 774 if (queue->index >= ETH_DEV(priv)->data->nb_rx_queues) { 775 msg = "queue target index beyond number of" 776 " configured Rx queues"; 777 goto exit_action_not_supported; 778 } 779 flow->rss = mlx4_rss_get 780 (priv, 0, mlx4_rss_hash_key_default, 1, 781 &queue->index); 782 if (!flow->rss) { 783 msg = "not enough resources for additional" 784 " single-queue RSS context"; 785 goto exit_action_not_supported; 786 } 787 break; 788 case RTE_FLOW_ACTION_TYPE_RSS: 789 if (flow->rss) 790 break; 791 rss = action->conf; 792 /* Default RSS configuration if none is provided. */ 793 if (rss->key_len) { 794 rss_key = rss->key; 795 rss_key_len = rss->key_len; 796 } else { 797 rss_key = mlx4_rss_hash_key_default; 798 rss_key_len = MLX4_RSS_HASH_KEY_SIZE; 799 } 800 /* Sanity checks. */ 801 for (i = 0; i < rss->queue_num; ++i) 802 if (rss->queue[i] >= 803 ETH_DEV(priv)->data->nb_rx_queues) 804 break; 805 if (i != rss->queue_num) { 806 msg = "queue index target beyond number of" 807 " configured Rx queues"; 808 goto exit_action_not_supported; 809 } 810 if (!rte_is_power_of_2(rss->queue_num)) { 811 msg = "for RSS, mlx4 requires the number of" 812 " queues to be a power of two"; 813 goto exit_action_not_supported; 814 } 815 if (rss_key_len != sizeof(flow->rss->key)) { 816 msg = "mlx4 supports exactly one RSS hash key" 817 " length: " 818 MLX4_STR_EXPAND(MLX4_RSS_HASH_KEY_SIZE); 819 goto exit_action_not_supported; 820 } 821 for (i = 1; i < rss->queue_num; ++i) 822 if (rss->queue[i] - rss->queue[i - 1] != 1) 823 break; 824 if (i != rss->queue_num) { 825 msg = "mlx4 requires RSS contexts to use" 826 " consecutive queue indices only"; 827 goto exit_action_not_supported; 828 } 829 if (rss->queue[0] % rss->queue_num) { 830 msg = "mlx4 requires the first queue of a RSS" 831 " context to be aligned on a multiple" 832 " of the context size"; 833 goto exit_action_not_supported; 834 } 835 if (rss->func && 836 rss->func != RTE_ETH_HASH_FUNCTION_TOEPLITZ) { 837 msg = "the only supported RSS hash function" 838 " is Toeplitz"; 839 goto exit_action_not_supported; 840 } 841 if (rss->level) { 842 msg = "a nonzero RSS encapsulation level is" 843 " not supported"; 844 goto exit_action_not_supported; 845 } 846 rte_errno = 0; 847 fields = mlx4_conv_rss_types(priv, rss->types, 0); 848 if (fields == (uint64_t)-1 && rte_errno) { 849 msg = "unsupported RSS hash type requested"; 850 goto exit_action_not_supported; 851 } 852 flow->rss = mlx4_rss_get 853 (priv, fields, rss_key, rss->queue_num, 854 rss->queue); 855 if (!flow->rss) { 856 msg = "either invalid parameters or not enough" 857 " resources for additional multi-queue" 858 " RSS context"; 859 goto exit_action_not_supported; 860 } 861 break; 862 default: 863 goto exit_action_not_supported; 864 } 865 } 866 /* When fate is unknown, drop traffic. */ 867 if (!overlap) 868 flow->drop = 1; 869 /* Validation ends here. */ 870 if (!addr) { 871 if (flow->rss) 872 mlx4_rss_put(flow->rss); 873 return 0; 874 } 875 if (flow == &temp) { 876 /* Allocate proper handle based on collected data. */ 877 const struct mlx4_malloc_vec vec[] = { 878 { 879 .align = alignof(struct rte_flow), 880 .size = sizeof(*flow), 881 .addr = (void **)&flow, 882 }, 883 { 884 .align = alignof(struct ibv_flow_attr), 885 .size = temp.ibv_attr_size, 886 .addr = (void **)&temp.ibv_attr, 887 }, 888 }; 889 890 if (!mlx4_zmallocv(__func__, vec, RTE_DIM(vec))) { 891 if (temp.rss) 892 mlx4_rss_put(temp.rss); 893 return rte_flow_error_set 894 (error, -rte_errno, 895 RTE_FLOW_ERROR_TYPE_UNSPECIFIED, NULL, 896 "flow rule handle allocation failure"); 897 } 898 /* Most fields will be updated by second pass. */ 899 *flow = (struct rte_flow){ 900 .ibv_attr = temp.ibv_attr, 901 .ibv_attr_size = sizeof(*flow->ibv_attr), 902 .rss = temp.rss, 903 }; 904 *flow->ibv_attr = (struct ibv_flow_attr){ 905 .type = IBV_FLOW_ATTR_NORMAL, 906 .size = sizeof(*flow->ibv_attr), 907 .priority = attr->priority, 908 .port = priv->port, 909 }; 910 goto fill; 911 } 912 *addr = flow; 913 return 0; 914 exit_item_not_supported: 915 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ITEM, 916 item, msg ? msg : "item not supported"); 917 exit_action_not_supported: 918 return rte_flow_error_set(error, ENOTSUP, RTE_FLOW_ERROR_TYPE_ACTION, 919 action, msg ? msg : "action not supported"); 920 } 921 922 /** 923 * Validate a flow supported by the NIC. 924 * 925 * @see rte_flow_validate() 926 * @see rte_flow_ops 927 */ 928 static int 929 mlx4_flow_validate(struct rte_eth_dev *dev, 930 const struct rte_flow_attr *attr, 931 const struct rte_flow_item pattern[], 932 const struct rte_flow_action actions[], 933 struct rte_flow_error *error) 934 { 935 struct mlx4_priv *priv = dev->data->dev_private; 936 937 return mlx4_flow_prepare(priv, attr, pattern, actions, error, NULL); 938 } 939 940 /** 941 * Get a drop flow rule resources instance. 942 * 943 * @param priv 944 * Pointer to private structure. 945 * 946 * @return 947 * Pointer to drop flow resources on success, NULL otherwise and rte_errno 948 * is set. 949 */ 950 static struct mlx4_drop * 951 mlx4_drop_get(struct mlx4_priv *priv) 952 { 953 struct mlx4_drop *drop = priv->drop; 954 955 if (drop) { 956 MLX4_ASSERT(drop->refcnt); 957 MLX4_ASSERT(drop->priv == priv); 958 ++drop->refcnt; 959 return drop; 960 } 961 drop = rte_malloc(__func__, sizeof(*drop), 0); 962 if (!drop) 963 goto error; 964 *drop = (struct mlx4_drop){ 965 .priv = priv, 966 .refcnt = 1, 967 }; 968 drop->cq = mlx4_glue->create_cq(priv->ctx, 1, NULL, NULL, 0); 969 if (!drop->cq) 970 goto error; 971 drop->qp = mlx4_glue->create_qp 972 (priv->pd, 973 &(struct ibv_qp_init_attr){ 974 .send_cq = drop->cq, 975 .recv_cq = drop->cq, 976 .qp_type = IBV_QPT_RAW_PACKET, 977 }); 978 if (!drop->qp) 979 goto error; 980 priv->drop = drop; 981 return drop; 982 error: 983 if (drop) { 984 if (drop->qp) 985 claim_zero(mlx4_glue->destroy_qp(drop->qp)); 986 if (drop->cq) 987 claim_zero(mlx4_glue->destroy_cq(drop->cq)); 988 rte_free(drop); 989 } 990 rte_errno = ENOMEM; 991 return NULL; 992 } 993 994 /** 995 * Give back a drop flow rule resources instance. 996 * 997 * @param drop 998 * Pointer to drop flow rule resources. 999 */ 1000 static void 1001 mlx4_drop_put(struct mlx4_drop *drop) 1002 { 1003 MLX4_ASSERT(drop->refcnt); 1004 if (--drop->refcnt) 1005 return; 1006 drop->priv->drop = NULL; 1007 claim_zero(mlx4_glue->destroy_qp(drop->qp)); 1008 claim_zero(mlx4_glue->destroy_cq(drop->cq)); 1009 rte_free(drop); 1010 } 1011 1012 /** 1013 * Toggle a configured flow rule. 1014 * 1015 * @param priv 1016 * Pointer to private structure. 1017 * @param flow 1018 * Flow rule handle to toggle. 1019 * @param enable 1020 * Whether associated Verbs flow must be created or removed. 1021 * @param[out] error 1022 * Perform verbose error reporting if not NULL. 1023 * 1024 * @return 1025 * 0 on success, a negative errno value otherwise and rte_errno is set. 1026 */ 1027 static int 1028 mlx4_flow_toggle(struct mlx4_priv *priv, 1029 struct rte_flow *flow, 1030 int enable, 1031 struct rte_flow_error *error) 1032 { 1033 struct ibv_qp *qp = NULL; 1034 const char *msg; 1035 int err; 1036 1037 if (!enable) { 1038 if (!flow->ibv_flow) 1039 return 0; 1040 claim_zero(mlx4_glue->destroy_flow(flow->ibv_flow)); 1041 flow->ibv_flow = NULL; 1042 if (flow->drop) 1043 mlx4_drop_put(priv->drop); 1044 else if (flow->rss) 1045 mlx4_rss_detach(flow->rss); 1046 return 0; 1047 } 1048 MLX4_ASSERT(flow->ibv_attr); 1049 if (!flow->internal && 1050 !priv->isolated && 1051 flow->ibv_attr->priority == MLX4_FLOW_PRIORITY_LAST) { 1052 if (flow->ibv_flow) { 1053 claim_zero(mlx4_glue->destroy_flow(flow->ibv_flow)); 1054 flow->ibv_flow = NULL; 1055 if (flow->drop) 1056 mlx4_drop_put(priv->drop); 1057 else if (flow->rss) 1058 mlx4_rss_detach(flow->rss); 1059 } 1060 err = EACCES; 1061 msg = ("priority level " 1062 MLX4_STR_EXPAND(MLX4_FLOW_PRIORITY_LAST) 1063 " is reserved when not in isolated mode"); 1064 goto error; 1065 } 1066 if (flow->rss) { 1067 struct mlx4_rss *rss = flow->rss; 1068 int missing = 0; 1069 unsigned int i; 1070 1071 /* Stop at the first nonexistent target queue. */ 1072 for (i = 0; i != rss->queues; ++i) 1073 if (rss->queue_id[i] >= 1074 ETH_DEV(priv)->data->nb_rx_queues || 1075 !ETH_DEV(priv)->data->rx_queues[rss->queue_id[i]]) { 1076 missing = 1; 1077 break; 1078 } 1079 if (flow->ibv_flow) { 1080 if (missing ^ !flow->drop) 1081 return 0; 1082 /* Verbs flow needs updating. */ 1083 claim_zero(mlx4_glue->destroy_flow(flow->ibv_flow)); 1084 flow->ibv_flow = NULL; 1085 if (flow->drop) 1086 mlx4_drop_put(priv->drop); 1087 else 1088 mlx4_rss_detach(rss); 1089 } 1090 if (!missing) { 1091 err = mlx4_rss_attach(rss); 1092 if (err) { 1093 err = -err; 1094 msg = "cannot create indirection table or hash" 1095 " QP to associate flow rule with"; 1096 goto error; 1097 } 1098 qp = rss->qp; 1099 } 1100 /* A missing target queue drops traffic implicitly. */ 1101 flow->drop = missing; 1102 } 1103 if (flow->drop) { 1104 if (flow->ibv_flow) 1105 return 0; 1106 mlx4_drop_get(priv); 1107 if (!priv->drop) { 1108 err = rte_errno; 1109 msg = "resources for drop flow rule cannot be created"; 1110 goto error; 1111 } 1112 qp = priv->drop->qp; 1113 } 1114 MLX4_ASSERT(qp); 1115 if (flow->ibv_flow) 1116 return 0; 1117 flow->ibv_flow = mlx4_glue->create_flow(qp, flow->ibv_attr); 1118 if (flow->ibv_flow) 1119 return 0; 1120 if (flow->drop) 1121 mlx4_drop_put(priv->drop); 1122 else if (flow->rss) 1123 mlx4_rss_detach(flow->rss); 1124 err = errno; 1125 msg = "flow rule rejected by device"; 1126 error: 1127 return rte_flow_error_set 1128 (error, err, RTE_FLOW_ERROR_TYPE_HANDLE, flow, msg); 1129 } 1130 1131 /** 1132 * Create a flow. 1133 * 1134 * @see rte_flow_create() 1135 * @see rte_flow_ops 1136 */ 1137 static struct rte_flow * 1138 mlx4_flow_create(struct rte_eth_dev *dev, 1139 const struct rte_flow_attr *attr, 1140 const struct rte_flow_item pattern[], 1141 const struct rte_flow_action actions[], 1142 struct rte_flow_error *error) 1143 { 1144 struct mlx4_priv *priv = dev->data->dev_private; 1145 struct rte_flow *flow; 1146 int err; 1147 1148 err = mlx4_flow_prepare(priv, attr, pattern, actions, error, &flow); 1149 if (err) 1150 return NULL; 1151 err = mlx4_flow_toggle(priv, flow, priv->started, error); 1152 if (!err) { 1153 struct rte_flow *curr = LIST_FIRST(&priv->flows); 1154 1155 /* New rules are inserted after internal ones. */ 1156 if (!curr || !curr->internal) { 1157 LIST_INSERT_HEAD(&priv->flows, flow, next); 1158 } else { 1159 while (LIST_NEXT(curr, next) && 1160 LIST_NEXT(curr, next)->internal) 1161 curr = LIST_NEXT(curr, next); 1162 LIST_INSERT_AFTER(curr, flow, next); 1163 } 1164 return flow; 1165 } 1166 if (flow->rss) 1167 mlx4_rss_put(flow->rss); 1168 rte_flow_error_set(error, -err, RTE_FLOW_ERROR_TYPE_UNSPECIFIED, NULL, 1169 error->message); 1170 rte_free(flow); 1171 return NULL; 1172 } 1173 1174 /** 1175 * Configure isolated mode. 1176 * 1177 * @see rte_flow_isolate() 1178 * @see rte_flow_ops 1179 */ 1180 static int 1181 mlx4_flow_isolate(struct rte_eth_dev *dev, 1182 int enable, 1183 struct rte_flow_error *error) 1184 { 1185 struct mlx4_priv *priv = dev->data->dev_private; 1186 1187 if (!!enable == !!priv->isolated) 1188 return 0; 1189 priv->isolated = !!enable; 1190 if (mlx4_flow_sync(priv, error)) { 1191 priv->isolated = !enable; 1192 return -rte_errno; 1193 } 1194 return 0; 1195 } 1196 1197 /** 1198 * Destroy a flow rule. 1199 * 1200 * @see rte_flow_destroy() 1201 * @see rte_flow_ops 1202 */ 1203 static int 1204 mlx4_flow_destroy(struct rte_eth_dev *dev, 1205 struct rte_flow *flow, 1206 struct rte_flow_error *error) 1207 { 1208 struct mlx4_priv *priv = dev->data->dev_private; 1209 int err = mlx4_flow_toggle(priv, flow, 0, error); 1210 1211 if (err) 1212 return err; 1213 LIST_REMOVE(flow, next); 1214 if (flow->rss) 1215 mlx4_rss_put(flow->rss); 1216 rte_free(flow); 1217 return 0; 1218 } 1219 1220 /** 1221 * Destroy user-configured flow rules. 1222 * 1223 * This function skips internal flows rules. 1224 * 1225 * @see rte_flow_flush() 1226 * @see rte_flow_ops 1227 */ 1228 static int 1229 mlx4_flow_flush(struct rte_eth_dev *dev, 1230 struct rte_flow_error *error) 1231 { 1232 struct mlx4_priv *priv = dev->data->dev_private; 1233 struct rte_flow *flow = LIST_FIRST(&priv->flows); 1234 1235 while (flow) { 1236 struct rte_flow *next = LIST_NEXT(flow, next); 1237 1238 if (!flow->internal) 1239 mlx4_flow_destroy(dev, flow, error); 1240 flow = next; 1241 } 1242 return 0; 1243 } 1244 1245 /** 1246 * Helper function to determine the next configured VLAN filter. 1247 * 1248 * @param priv 1249 * Pointer to private structure. 1250 * @param vlan 1251 * VLAN ID to use as a starting point. 1252 * 1253 * @return 1254 * Next configured VLAN ID or a high value (>= 4096) if there is none. 1255 */ 1256 static uint16_t 1257 mlx4_flow_internal_next_vlan(struct mlx4_priv *priv, uint16_t vlan) 1258 { 1259 while (vlan < 4096) { 1260 if (ETH_DEV(priv)->data->vlan_filter_conf.ids[vlan / 64] & 1261 (UINT64_C(1) << (vlan % 64))) 1262 return vlan; 1263 ++vlan; 1264 } 1265 return vlan; 1266 } 1267 1268 /** 1269 * Generate internal flow rules. 1270 * 1271 * Various flow rules are created depending on the mode the device is in: 1272 * 1273 * 1. Promiscuous: 1274 * port MAC + broadcast + catch-all (VLAN filtering is ignored). 1275 * 2. All multicast: 1276 * port MAC/VLAN + broadcast + catch-all multicast. 1277 * 3. Otherwise: 1278 * port MAC/VLAN + broadcast MAC/VLAN. 1279 * 1280 * About MAC flow rules: 1281 * 1282 * - MAC flow rules are generated from @p dev->data->mac_addrs 1283 * (@p priv->mac array). 1284 * - An additional flow rule for Ethernet broadcasts is also generated. 1285 * - All these are per-VLAN if @p DEV_RX_OFFLOAD_VLAN_FILTER 1286 * is enabled and VLAN filters are configured. 1287 * 1288 * @param priv 1289 * Pointer to private structure. 1290 * @param[out] error 1291 * Perform verbose error reporting if not NULL. 1292 * 1293 * @return 1294 * 0 on success, a negative errno value otherwise and rte_errno is set. 1295 */ 1296 static int 1297 mlx4_flow_internal(struct mlx4_priv *priv, struct rte_flow_error *error) 1298 { 1299 struct rte_flow_attr attr = { 1300 .priority = MLX4_FLOW_PRIORITY_LAST, 1301 .ingress = 1, 1302 }; 1303 struct rte_flow_item_eth eth_spec; 1304 const struct rte_flow_item_eth eth_mask = { 1305 .dst.addr_bytes = "\xff\xff\xff\xff\xff\xff", 1306 }; 1307 const struct rte_flow_item_eth eth_allmulti = { 1308 .dst.addr_bytes = "\x01\x00\x00\x00\x00\x00", 1309 }; 1310 struct rte_flow_item_vlan vlan_spec; 1311 const struct rte_flow_item_vlan vlan_mask = { 1312 .tci = RTE_BE16(0x0fff), 1313 }; 1314 struct rte_flow_item pattern[] = { 1315 { 1316 .type = MLX4_FLOW_ITEM_TYPE_INTERNAL, 1317 }, 1318 { 1319 .type = RTE_FLOW_ITEM_TYPE_ETH, 1320 .spec = ð_spec, 1321 .mask = ð_mask, 1322 }, 1323 { 1324 /* Replaced with VLAN if filtering is enabled. */ 1325 .type = RTE_FLOW_ITEM_TYPE_END, 1326 }, 1327 { 1328 .type = RTE_FLOW_ITEM_TYPE_END, 1329 }, 1330 }; 1331 /* 1332 * Round number of queues down to their previous power of 2 to 1333 * comply with RSS context limitations. Extra queues silently do not 1334 * get RSS by default. 1335 */ 1336 uint32_t queues = 1337 rte_align32pow2(ETH_DEV(priv)->data->nb_rx_queues + 1) >> 1; 1338 uint16_t queue[queues]; 1339 struct rte_flow_action_rss action_rss = { 1340 .func = RTE_ETH_HASH_FUNCTION_DEFAULT, 1341 .level = 0, 1342 .types = 0, 1343 .key_len = MLX4_RSS_HASH_KEY_SIZE, 1344 .queue_num = queues, 1345 .key = mlx4_rss_hash_key_default, 1346 .queue = queue, 1347 }; 1348 struct rte_flow_action actions[] = { 1349 { 1350 .type = RTE_FLOW_ACTION_TYPE_RSS, 1351 .conf = &action_rss, 1352 }, 1353 { 1354 .type = RTE_FLOW_ACTION_TYPE_END, 1355 }, 1356 }; 1357 struct rte_ether_addr *rule_mac = ð_spec.dst; 1358 rte_be16_t *rule_vlan = 1359 (ETH_DEV(priv)->data->dev_conf.rxmode.offloads & 1360 DEV_RX_OFFLOAD_VLAN_FILTER) && 1361 !ETH_DEV(priv)->data->promiscuous ? 1362 &vlan_spec.tci : 1363 NULL; 1364 uint16_t vlan = 0; 1365 struct rte_flow *flow; 1366 unsigned int i; 1367 int err = 0; 1368 1369 /* Nothing to be done if there are no Rx queues. */ 1370 if (!queues) 1371 goto error; 1372 /* Prepare default RSS configuration. */ 1373 for (i = 0; i != queues; ++i) 1374 queue[i] = i; 1375 /* 1376 * Set up VLAN item if filtering is enabled and at least one VLAN 1377 * filter is configured. 1378 */ 1379 if (rule_vlan) { 1380 vlan = mlx4_flow_internal_next_vlan(priv, 0); 1381 if (vlan < 4096) { 1382 pattern[2] = (struct rte_flow_item){ 1383 .type = RTE_FLOW_ITEM_TYPE_VLAN, 1384 .spec = &vlan_spec, 1385 .mask = &vlan_mask, 1386 }; 1387 next_vlan: 1388 *rule_vlan = rte_cpu_to_be_16(vlan); 1389 } else { 1390 rule_vlan = NULL; 1391 } 1392 } 1393 for (i = 0; i != RTE_DIM(priv->mac) + 1; ++i) { 1394 const struct rte_ether_addr *mac; 1395 1396 /* Broadcasts are handled by an extra iteration. */ 1397 if (i < RTE_DIM(priv->mac)) 1398 mac = &priv->mac[i]; 1399 else 1400 mac = ð_mask.dst; 1401 if (rte_is_zero_ether_addr(mac)) 1402 continue; 1403 /* Check if MAC flow rule is already present. */ 1404 for (flow = LIST_FIRST(&priv->flows); 1405 flow && flow->internal; 1406 flow = LIST_NEXT(flow, next)) { 1407 const struct ibv_flow_spec_eth *eth = 1408 (const void *)((uintptr_t)flow->ibv_attr + 1409 sizeof(*flow->ibv_attr)); 1410 unsigned int j; 1411 1412 if (!flow->mac) 1413 continue; 1414 MLX4_ASSERT(flow->ibv_attr->type == 1415 IBV_FLOW_ATTR_NORMAL); 1416 MLX4_ASSERT(flow->ibv_attr->num_of_specs == 1); 1417 MLX4_ASSERT(eth->type == IBV_FLOW_SPEC_ETH); 1418 MLX4_ASSERT(flow->rss); 1419 if (rule_vlan && 1420 (eth->val.vlan_tag != *rule_vlan || 1421 eth->mask.vlan_tag != RTE_BE16(0x0fff))) 1422 continue; 1423 if (!rule_vlan && eth->mask.vlan_tag) 1424 continue; 1425 for (j = 0; j != sizeof(mac->addr_bytes); ++j) 1426 if (eth->val.dst_mac[j] != mac->addr_bytes[j] || 1427 eth->mask.dst_mac[j] != UINT8_C(0xff) || 1428 eth->val.src_mac[j] != UINT8_C(0x00) || 1429 eth->mask.src_mac[j] != UINT8_C(0x00)) 1430 break; 1431 if (j != sizeof(mac->addr_bytes)) 1432 continue; 1433 if (flow->rss->queues != queues || 1434 memcmp(flow->rss->queue_id, action_rss.queue, 1435 queues * sizeof(flow->rss->queue_id[0]))) 1436 continue; 1437 break; 1438 } 1439 if (!flow || !flow->internal) { 1440 /* Not found, create a new flow rule. */ 1441 memcpy(rule_mac, mac, sizeof(*mac)); 1442 flow = mlx4_flow_create(ETH_DEV(priv), &attr, pattern, 1443 actions, error); 1444 if (!flow) { 1445 err = -rte_errno; 1446 goto error; 1447 } 1448 } 1449 flow->select = 1; 1450 flow->mac = 1; 1451 } 1452 if (rule_vlan) { 1453 vlan = mlx4_flow_internal_next_vlan(priv, vlan + 1); 1454 if (vlan < 4096) 1455 goto next_vlan; 1456 } 1457 /* Take care of promiscuous and all multicast flow rules. */ 1458 if (ETH_DEV(priv)->data->promiscuous || 1459 ETH_DEV(priv)->data->all_multicast) { 1460 for (flow = LIST_FIRST(&priv->flows); 1461 flow && flow->internal; 1462 flow = LIST_NEXT(flow, next)) { 1463 if (ETH_DEV(priv)->data->promiscuous) { 1464 if (flow->promisc) 1465 break; 1466 } else { 1467 MLX4_ASSERT(ETH_DEV(priv)->data->all_multicast); 1468 if (flow->allmulti) 1469 break; 1470 } 1471 } 1472 if (flow && flow->internal) { 1473 MLX4_ASSERT(flow->rss); 1474 if (flow->rss->queues != queues || 1475 memcmp(flow->rss->queue_id, action_rss.queue, 1476 queues * sizeof(flow->rss->queue_id[0]))) 1477 flow = NULL; 1478 } 1479 if (!flow || !flow->internal) { 1480 /* Not found, create a new flow rule. */ 1481 if (ETH_DEV(priv)->data->promiscuous) { 1482 pattern[1].spec = NULL; 1483 pattern[1].mask = NULL; 1484 } else { 1485 MLX4_ASSERT(ETH_DEV(priv)->data->all_multicast); 1486 pattern[1].spec = ð_allmulti; 1487 pattern[1].mask = ð_allmulti; 1488 } 1489 pattern[2] = pattern[3]; 1490 flow = mlx4_flow_create(ETH_DEV(priv), &attr, pattern, 1491 actions, error); 1492 if (!flow) { 1493 err = -rte_errno; 1494 goto error; 1495 } 1496 } 1497 MLX4_ASSERT(flow->promisc || flow->allmulti); 1498 flow->select = 1; 1499 } 1500 error: 1501 /* Clear selection and clean up stale internal flow rules. */ 1502 flow = LIST_FIRST(&priv->flows); 1503 while (flow && flow->internal) { 1504 struct rte_flow *next = LIST_NEXT(flow, next); 1505 1506 if (!flow->select) 1507 claim_zero(mlx4_flow_destroy(ETH_DEV(priv), flow, 1508 error)); 1509 else 1510 flow->select = 0; 1511 flow = next; 1512 } 1513 return err; 1514 } 1515 1516 /** 1517 * Synchronize flow rules. 1518 * 1519 * This function synchronizes flow rules with the state of the device by 1520 * taking into account isolated mode and whether target queues are 1521 * configured. 1522 * 1523 * @param priv 1524 * Pointer to private structure. 1525 * @param[out] error 1526 * Perform verbose error reporting if not NULL. 1527 * 1528 * @return 1529 * 0 on success, a negative errno value otherwise and rte_errno is set. 1530 */ 1531 int 1532 mlx4_flow_sync(struct mlx4_priv *priv, struct rte_flow_error *error) 1533 { 1534 struct rte_flow *flow; 1535 int ret; 1536 1537 /* Internal flow rules are guaranteed to come first in the list. */ 1538 if (priv->isolated) { 1539 /* 1540 * Get rid of them in isolated mode, stop at the first 1541 * non-internal rule found. 1542 */ 1543 for (flow = LIST_FIRST(&priv->flows); 1544 flow && flow->internal; 1545 flow = LIST_FIRST(&priv->flows)) 1546 claim_zero(mlx4_flow_destroy(ETH_DEV(priv), flow, 1547 error)); 1548 } else { 1549 /* Refresh internal rules. */ 1550 ret = mlx4_flow_internal(priv, error); 1551 if (ret) 1552 return ret; 1553 } 1554 /* Toggle the remaining flow rules . */ 1555 LIST_FOREACH(flow, &priv->flows, next) { 1556 ret = mlx4_flow_toggle(priv, flow, priv->started, error); 1557 if (ret) 1558 return ret; 1559 } 1560 if (!priv->started) 1561 MLX4_ASSERT(!priv->drop); 1562 return 0; 1563 } 1564 1565 /** 1566 * Clean up all flow rules. 1567 * 1568 * Unlike mlx4_flow_flush(), this function takes care of all remaining flow 1569 * rules regardless of whether they are internal or user-configured. 1570 * 1571 * @param priv 1572 * Pointer to private structure. 1573 */ 1574 void 1575 mlx4_flow_clean(struct mlx4_priv *priv) 1576 { 1577 struct rte_flow *flow; 1578 1579 while ((flow = LIST_FIRST(&priv->flows))) 1580 mlx4_flow_destroy(ETH_DEV(priv), flow, NULL); 1581 MLX4_ASSERT(LIST_EMPTY(&priv->rss)); 1582 } 1583 1584 static const struct rte_flow_ops mlx4_flow_ops = { 1585 .validate = mlx4_flow_validate, 1586 .create = mlx4_flow_create, 1587 .destroy = mlx4_flow_destroy, 1588 .flush = mlx4_flow_flush, 1589 .isolate = mlx4_flow_isolate, 1590 }; 1591 1592 /** 1593 * Get rte_flow callbacks. 1594 * 1595 * @param dev 1596 * Pointer to Ethernet device structure. 1597 * @param ops 1598 * Pointer to operation-specific structure. 1599 * 1600 * @return 0 1601 */ 1602 int 1603 mlx4_flow_ops_get(struct rte_eth_dev *dev __rte_unused, 1604 const struct rte_flow_ops **ops) 1605 { 1606 *ops = &mlx4_flow_ops; 1607 return 0; 1608 } 1609