1. 01 Jul, 2024 1 commit
  2. 29 Jun, 2024 18 commits
  3. 28 Jun, 2024 21 commits
    • David S. Miller's avatar
      Merge branch 'net-selftests-mirroring-cleanup' into main · 748e3bbf
      David S. Miller authored
      Petr Machata says:
      
      ====================
      selftest: Clean-up and stabilize mirroring tests
      
      The mirroring selftests work by sending ICMP traffic between two hosts.
      Along the way, this traffic is mirrored to a gretap netdevice, and counter
      taps are then installed strategically along the path of the mirrored
      traffic to verify the mirroring took place.
      
      The problem with this is that besides mirroring the primary traffic, any
      other service traffic is mirrored as well. At the same time, because the
      tests need to work in HW-offloaded scenarios, the ability of the device to
      do arbitrary packet inspection should not be taken for granted. Most tests
      therefore simply use matchall, one uses flower to match on IP address.
      As a result, the selftests are noisy.
      
      mirror_test() accommodated this noisiness by giving the counters an
      allowance of several packets. But that only works up to a point, and on
      busy systems won't be always enough.
      
      In this patch set, clean up and stabilize the mirroring selftests. The
      original intention was to port the tests over to UDP, but the logic of
      ICMP ends up being so entangled in the mirroring selftests that the
      changes feel overly invasive. Instead, ICMP is kept, but where possible,
      we match on ICMP message type, thus filtering out hits by other ICMP
      messages.
      
      Where this is not practical (where the counter tap is put on a device
      that carries encapsulated packets), switch the counter condition to _at
      least_ X observed packets. This is less robust, but barely so --
      probably the only scenario that this would not catch is something like
      erroneous packet duplication, which would hopefully get caught by the
      numerous other tests in this extensive suite.
      
      - Patches #1 to #3 clean up parameters at various helpers.
      
      - Patches #4 to #6 stabilize the mirroring selftests as described above.
      
      - Mirroring tests currently allow testing SW datapath even on HW
        netdevices by trapping traffic to the SW datapath. This complicates
        the tests a bit without a good reason: to test SW datapath, just run
        the selftests on the veth topology. Thus in patch #7, drop support for
        this dual SW/HW testing.
      
      - At this point, some cleanups were either made possible by the previous
        patches, or were always possible. In patches #8 to #11, realize these
        cleanups.
      
      - In patch #12, fix mlxsw mirror_gre selftest to respect setting TESTS.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      748e3bbf
    • Petr Machata's avatar
      selftests: mlxsw: mirror_gre: Obey TESTS · 098ba97d
      Petr Machata authored
      This test is unusual in that overriding TESTS does not change the tests to
      be run. Split the individual tests into several functions and invoke them
      through tests_run() as appropriate.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      098ba97d
    • Petr Machata's avatar
      selftests: libs: Drop unused functions · 06704a0d
      Petr Machata authored
      Nothing calls these.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      06704a0d
    • Petr Machata's avatar
      selftests: libs: Drop slow_path_trap_install()/_uninstall() · 4e9cd3d0
      Petr Machata authored
      These functions are not used anymore.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4e9cd3d0
    • Petr Machata's avatar
      selftests: mirror_gre_lag_lacp: Drop unnecessary code · 95d33989
      Petr Machata authored
      The selftest does not use functions from mirror_gre_lib, ditch the import.
      
      It does not use arping either, so drop the require_command as well.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      95d33989
    • Petr Machata's avatar
      selftests: mlxsw: mirror_gre: Simplify · 388b2d98
      Petr Machata authored
      After the previous patch, the function test_span_failable() is always
      called with should_fail=1. Drop the argument and streamline the code.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      388b2d98
    • Petr Machata's avatar
      selftests: mirror: Drop dual SW/HW testing · d361d78f
      Petr Machata authored
      The mirroring tests are currently run in a skip_hw and optionally a skip_sw
      mode. The former tests the SW datapath, the latter the HW datapath, if
      available. In order to be able to test SW datapath on HW loopbacks, traps
      are installed on ingress to get traffic from the HW datapath to the SW one.
      This adds an unnecessary complexity when it would be much simpler to just
      use a veth-based topology to test the SW datapath. Thus drop all the code
      that supports this dual testing.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d361d78f
    • Petr Machata's avatar
      selftests: mirror: mirror_test(): Allow exact count of packets · a86e0df9
      Petr Machata authored
      The mirroring selftests work by sending ICMP traffic between two hosts.
      Along the way, this traffic is mirrored to a gretap netdevice, and counter
      taps are then installed strategically along the path of the mirrored
      traffic to verify the mirroring took place.
      
      The problem with this is that besides mirroring the primary traffic, any
      other service traffic is mirrored as well. At the same time, because the
      tests need to work in HW-offloaded scenarios, the ability of the device to
      do arbitrary packet inspection should not be taken for granted. Most tests
      therefore simply use matchall, one uses flower to match on IP address.
      
      As a result, the selftests are noisy, because besides the primary ICMP
      traffic, any amount of other service traffic is mirrored as well.
      
      mirror_test() accommodated this noisiness by giving the counters an
      allowance of several packets. But in the previous patch, where possible,
      counter taps were changed to match only on an exact ICMP message. At least
      in those cases, we can demand an exact number of packets to match.
      
      Where the tap is installed on a connective netdevice, the exact matching is
      not practical (though with u32, anything is possible). In those places,
      there should still be some leeway -- and probably bigger than before,
      because experience shows that these tests are very noisy.
      
      To that end, change mirror_test() so that it can be either called with an
      exact number to expect, or with an expression. Where leeway is needed,
      adjust callers to pass a ">= 10" instead of mere 10.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a86e0df9
    • Petr Machata's avatar
      selftests: mirror: do_test_span_dir_ips(): Install accurate taps · 83341535
      Petr Machata authored
      The mirroring selftests work by sending ICMP traffic between two hosts.
      Along the way, this traffic is mirrored to a gretap netdevice, and counter
      taps are then installed strategically along the path of the mirrored
      traffic to verify the mirroring took place.
      
      The problem with this is that besides mirroring the primary traffic, any
      other service traffic is mirrored as well. At the same time, because the
      tests need to work in HW-offloaded scenarios, the ability of the device to
      do arbitrary packet inspection should not be taken for granted. Most tests
      therefore simply use matchall, one uses flower to match on IP address.
      
      As a result, the selftests are noisy, because besides the primary ICMP
      traffic, any amount of other service traffic is mirrored as well.
      
      However, often the counter tap is installed at the remote end of the gretap
      tunnel. Since this is a SW-datapath scenario anyway, we can make the filter
      arbitrarily accurate.
      
      Thus in this patch, add parameters forward_type and backward_type to
      several mirroring test helpers, as some other helpers already have. Then
      change do_test_span_dir_ips() to instead of installing one generic tap and
      using it for test in both directions, install the tap for each direction
      separately, matching on the ICMP type given by these parameters.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      83341535
    • Petr Machata's avatar
      selftests: mirror_gre_lag_lacp: Check counters at tunnel · 95e7b860
      Petr Machata authored
      The test works by sending packets through a tunnel, whence they are
      forwarded to a LAG. One of the LAG children is removed from the LAG prior
      to the exercise, and the test then counts how many packets pass through the
      other one. The issue with this is that it counts all packets, not just the
      encapsulated ones.
      
      So instead add a second gretap endpoint to receive the sent packets, and
      check reception counters there.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      95e7b860
    • Petr Machata's avatar
      selftests: lib: tc_rule_stats_get(): Move default to argument definition · 9b5d5f27
      Petr Machata authored
      The argument $dir has a fallback value of "ingress". Move the fallback from
      the usage site to the argument definition block to make the fact clearer.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9b5d5f27
    • Petr Machata's avatar
      selftests: mirror: Drop direction argument from several functions · 28e67746
      Petr Machata authored
      The argument is not used by these functions except to propagate it for
      ultimately no purpose.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      28e67746
    • Petr Machata's avatar
      selftests: libs: Expand "$@" where possible · d5fbb2eb
      Petr Machata authored
      In some functions, argument-forwarding through "$@" without listing the
      individual arguments explicitly is fundamental to the operation of a
      function. E.g. xfail_on_veth() should be able to run various tests in the
      fail-to-xfail regime, and usage of "$@" is appropriate as an abstraction
      mechanism. For functions such as simple_if_init(), $@ is a handy way to
      pass an array.
      
      In other functions, it's merely a mechanism to save some typing, which
      however ends up obscuring the real arguments and makes life hard for those
      that end up reading the code.
      
      This patch adds some of the implicit function arguments and correspondingly
      expands $@'s. In several cases this will come in handy as following patches
      adjust the parameter lists.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d5fbb2eb
    • David S. Miller's avatar
      Merge branch 'net-flash-modees-firmware' into main · c977ac49
      David S. Miller authored
      Danielle Ratson says:
      
      ====================
      Add ability to flash modules' firmware
      
      CMIS compliant modules such as QSFP-DD might be running a firmware that
      can be updated in a vendor-neutral way by exchanging messages between
      the host and the module as described in section 7.2.2 of revision
      4.0 of the CMIS standard.
      
      According to the CMIS standard, the firmware update process is done
      using a CDB commands sequence.
      
      CDB (Command Data Block Message Communication) reads and writes are
      performed on memory map pages 9Fh-AFh according to the CMIS standard,
      section 8.12 of revision 4.0.
      
      Add a pair of new ethtool messages that allow:
      
      * User space to trigger firmware update of transceiver modules
      
      * The kernel to notify user space about the progress of the process
      
      The user interface is designed to be asynchronous in order to avoid RTNL
      being held for too long and to allow several modules to be updated
      simultaneously. The interface is designed with CMIS compliant modules in
      mind, but kept generic enough to accommodate future use cases, if these
      arise.
      
      The kernel interface that will implement the firmware update using CDB
      command will include 2 layers that will be added under ethtool:
      
      * The upper layer that will be triggered from the module layer, is
       cmis_ fw_update.
      * The lower one is cmis_cdb.
      
      In the future there might be more operations to implement using CDB
      commands. Therefore, the idea is to keep the cmis_cdb interface clean and
      the cmis_fw_update specific to the cdb commands handling it.
      
      The communication between the kernel and the driver will be done using
      two ethtool operations that enable reading and writing the transceiver
      module EEPROM.
      The operation ethtool_ops::get_module_eeprom_by_page, that is already
      implemented, will be used for reading from the EEPROM the CDB reply,
      e.g. reading module setting, state, etc.
      The operation ethtool_ops::set_module_eeprom_by_page, that is added in
      the current patchset, will be used for writing to the EEPROM the CDB
      command such as start firmware image, run firmware image, etc.
      
      Therefore in order for a driver to implement module flashing, that
      driver needs to implement the two functions mentioned above.
      
      Patchset overview:
      Patch #1-#2: Implement the EEPROM writing in mlxsw.
      Patch #3: Define the interface between the kernel and user space.
      Patch #4: Add ability to notify the flashing firmware progress.
      Patch #5: Veto operations during flashing.
      Patch #6: Add extended compliance codes.
      Patch #7: Add the cdb layer.
      Patch #8: Add the fw_update layer.
      Patch #9: Add ability to flash transceiver modules' firmware.
      
      v8:
      	Patch #7:
      	* In the ethtool_cmis_wait_for_cond() evaluate the condition once more
      	  to decide if the error code should be -ETIMEDOUT or something else.
      	* s/netdev_err/netdev_err_once.
      
      v7:
      	Patch #4:
      		* Return -ENOMEM instead of PTR_ERR(attr) on
      		  ethnl_module_fw_flash_ntf_put_err().
      	Patch #9:
      		* Fix Warning for not unlocking the spin_lock in the error flow
                	  on module_flash_fw_work_list_add().
      		* Avoid the fall-through on ethnl_sock_priv_destroy().
      
      v6:
      	* Squash some of the last patch to patch #5 and patch #9.
      	Patch #3:
      		* Add paragraph in .rst file.
      	Patch #4:
      		* Reserve '1' more place on SKB for NUL terminator in
      		  the error message string.
      		* Add more prints on error flow, re-write the printing
      		  function and add ethnl_module_fw_flash_ntf_put_err().
      		* Change the communication method so notification will be
      		  sent in unicast instead of multicast.
      		* Add new 'struct ethnl_module_fw_flash_ntf_params' that holds
      		  the relevant info for unicast communication and use it to
      		  send notification to the specific socket.
      		* s/nla_put_u64_64bit/nla_put_uint/
      	Patch #7:
      		* In ethtool_cmis_cdb_init(), Use 'const' for the 'params'
      		  parameter.
      	Patch #8:
      		* Add a list field to struct ethtool_module_fw_flash for
      		  module_fw_flash_work_list that will be presented in the next
      		  patch.
      		* Move ethtool_cmis_fw_update() cleaning to a new function that
      		  will be represented in the next patch.
      		* Move some of the fields in struct ethtool_module_fw_flash to
      		  a separate struct, so ethtool_cmis_fw_update() will get only
      		  the relevant parameters for it.
      		* Edit the relevant functions to get the relevant params for
      		  them.
      		* s/CMIS_MODULE_READY_MAX_DURATION_USEC/CMIS_MODULE_READY_MAX_DURATION_MSEC
      	Patch #9:
      		* Add a paragraph in the commit message.
      		* Rename labels in module_flash_fw_schedule().
      		* Add info to genl_sk_priv_*() and implement the relevant
      		  callbacks, in order to handle properly a scenario of closing
      		  the socket from user space before the work item was ended.
      		* Add a list the holds all the ethtool_module_fw_flash struct
      		  that corresponds to the in progress work items.
      		* Add a new enum for the socket types.
      		* Use both above to identify a flashing socket, add it to the
      		  list and when closing socket affect only the flashing type.
      		* Create a new function that will get the work item instead of
      		  ethtool_cmis_fw_update().
      		* Edit the relevant functions to get the relevant params for
      		  them.
      		* The new function will call the old ethtool_cmis_fw_update(),
      		  and do the cleaning, so the existence of the list should be
      		  completely isolated in module.c.
      ===================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c977ac49
    • Danielle Ratson's avatar
      ethtool: Add ability to flash transceiver modules' firmware · 32b4c8b5
      Danielle Ratson authored
      Add the ability to flash the modules' firmware by implementing the
      interface between the user space and the kernel.
      
      Example from a succeeding implementation:
      
       # ethtool --flash-module-firmware swp40 file test.bin
      
       Transceiver module firmware flashing started for device swp40
       Transceiver module firmware flashing in progress for device swp40
       Progress: 99%
       Transceiver module firmware flashing completed for device swp40
      
      In addition, add infrastructure that allows modules to set socket-specific
      private data. This ensures that when a socket is closed from user space
      during the flashing process, the right socket halts sending notifications
      to user space until the work item is completed.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      32b4c8b5
    • Danielle Ratson's avatar
      ethtool: cmis_fw_update: add a layer for supporting firmware update using CDB · c4f78134
      Danielle Ratson authored
      According to the CMIS standard, the firmware update process is done using
      a CDB commands sequence.
      
      Implement a work that will be triggered from the module layer in the
      next patch the will initiate and execute all the CDB commands in order, to
      eventually complete the firmware update process.
      
      This flashing process includes, writing the firmware image, running the new
      firmware image and committing it after testing, so that it will run upon
      reset.
      
      This work will also notify user space about the progress of the firmware
      update process.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c4f78134
    • Danielle Ratson's avatar
      ethtool: cmis_cdb: Add a layer for supporting CDB commands · a39c84d7
      Danielle Ratson authored
      CDB (Command Data Block Message Communication) reads and writes are
      performed on memory map pages 9Fh-AFh according to the CMIS standard,
      section 8.20 of revision 5.2.
      Page 9Fh is used to specify the CDB command to be executed and also
      provides an area for a local payload (LPL).
      
      According to the CMIS standard, the firmware update process is done using
      a CDB commands sequence that will be implemented in the next patch.
      
      The kernel interface that will implement the firmware update using CDB
      command will include 2 layers that will be added under ethtool:
      
      * The upper layer that will be triggered from the module layer, is
        cmis_fw_update.
      * The lower one is cmis_cdb.
      
      In the future there might be more operations to implement using CDB
      commands. Therefore, the idea is to keep the CDB interface clean and the
      cmis_fw_update specific to the CDB commands handling it.
      
      These two layers will communicate using the API the consists of three
      functions:
      
      - struct ethtool_cmis_cdb *
        ethtool_cmis_cdb_init(struct net_device *dev,
      			struct ethtool_module_fw_flash_params *params);
      - void ethtool_cmis_cdb_fini(struct ethtool_cmis_cdb *cdb);
      - int ethtool_cmis_cdb_execute_cmd(struct net_device *dev,
      				   struct ethtool_cmis_cdb_cmd_args *args);
      
      Add the CDB layer to support initializing, finishing and executing CDB
      commands:
      
      * The initialization process will include creating of an ethtool_cmis_cdb
        instance, querying the module CDB support, entering and validating the
        password from user space (CMD 0x0000) and querying the module features
        (CMD 0x0040).
      
      * The finishing API will simply free the ethtool_cmis_cdb instance.
      
      * The executing process will write the CDB command to EEPROM using
        set_module_eeprom_by_page() that was presented earlier, and will
        process the reply from EEPROM.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a39c84d7
    • Danielle Ratson's avatar
      net: sfp: Add more extended compliance codes · e4f91936
      Danielle Ratson authored
      SFF-8024 is used to define various constants re-used in several SFF
      SFP-related specifications.
      
      Add SFF-8024 extended compliance code definitions for CMIS compliant
      modules and use them in the next patch to determine the firmware flashing
      work.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e4f91936
    • Danielle Ratson's avatar
      ethtool: Veto some operations during firmware flashing process · 31e0aa99
      Danielle Ratson authored
      Some operations cannot be performed during the firmware flashing
      process.
      
      For example:
      
      - Port must be down during the whole flashing process to avoid packet loss
        while committing reset for example.
      
      - Writing to EEPROM interrupts the flashing process, so operations like
        ethtool dump, module reset, get and set power mode should be vetoed.
      
      - Split port firmware flashing should be vetoed.
      
      In order to veto those scenarios, add a flag in 'struct net_device' that
      indicates when a firmware flash is taking place on the module and use it
      to prevent interruptions during the process.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      31e0aa99
    • Danielle Ratson's avatar
      ethtool: Add flashing transceiver modules' firmware notifications ability · d7d4cfc4
      Danielle Ratson authored
      Add progress notifications ability to user space while flashing modules'
      firmware by implementing the interface between the user space and the
      kernel.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d7d4cfc4
    • Danielle Ratson's avatar
      ethtool: Add an interface for flashing transceiver modules' firmware · 46fb3ba9
      Danielle Ratson authored
      CMIS compliant modules such as QSFP-DD might be running a firmware that
      can be updated in a vendor-neutral way by exchanging messages between
      the host and the module as described in section 7.3.1 of revision 5.2 of
      the CMIS standard.
      
      Add a pair of new ethtool messages that allow:
      
      * User space to trigger firmware update of transceiver modules
      
      * The kernel to notify user space about the progress of the process
      
      The user interface is designed to be asynchronous in order to avoid
      RTNL being held for too long and to allow several modules to be
      updated simultaneously. The interface is designed with CMIS compliant
      modules in mind, but kept generic enough to accommodate future use
      cases, if these arise.
      Signed-off-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Reviewed-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      46fb3ba9