1. 11 Dec, 2018 11 commits
    • Eli Britstein's avatar
      net/mlx5e: Support header rewrite actions with remote port mirroring · 1cc26d74
      Eli Britstein authored
      A rule with the following actions is split to a two level FDB:
      1. Forward to local mirror vport
      2. Header rewrite
      3. Forward to local vport
      In the first level flow table, forward the packet to the local port and
      forward the packet to the second level flow table for header rewrite and
      local port forwarding. This configuration fails when mirroring to a
      remote encapsulated destination because currently an FTE cannot support
      encap and table destinations.
      
      Use the extended destination capabilities to configure the first level
      flow table with a multi-destination FTE to the uplink and second level
      table and the second level flow table for the header rewrite and local
      port forwarding.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      1cc26d74
    • Eli Britstein's avatar
      net/mlx5e: Replace the split logic with extended destination · 38c9d269
      Eli Britstein authored
      Currently the FTE encap flag applies to all destinations.
      To support mirroring encapsulated traffic to a local port the driver
      split the two destinations to two flow table entries:
      Table#0: - FWD to the local vport
               - Goto table#1
      Table#1: - Encap and FWD to wire
      The firmware extended destination capabilities enable the driver to set
      an encapsulation flag per destination.
      
      Remove the split logic and use the extended destination mechanism
      instead.
      
      Note that split technique is still required for pedit and VLAN push
      scenarios.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      38c9d269
    • Eli Britstein's avatar
      net/mlx5e: Annul encap action ordering requirement · a18e879d
      Eli Britstein authored
      Currently a FW syndrome is emitted if the driver configures a
      multi-destination FTE where the first destination is a tunneled uplink
      port and the second destination is a local vPort.
      
      Support this scenario by creating a multi-destination FTE using the
      firmware's extended destination capabilities.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      a18e879d
    • Eli Britstein's avatar
      net/mlx5e: Move flow attr reformat action bit to per dest flags · f493f155
      Eli Britstein authored
      Flow attr reformat action bit is moved from the global action bits to a
      per destination flags field, as a pre-step for adding additional flags
      to support encapsulation properties per destination, with no
      functionality change.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      f493f155
    • Eli Britstein's avatar
      net/mlx5e: Refactor eswitch flow attr for destination specific properties · df65a573
      Eli Britstein authored
      Currently the eswitch flow attr structure stores each destination
      specific property in its own specific array.
      Group them in an array of destination structures as a pre-step towards
      adding additional destination specific field properties.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      df65a573
    • Eli Britstein's avatar
      net/mlx5: E-Switch, Rename esw attr mirror count field · e85e02ba
      Eli Britstein authored
      The mirror count esw attributes field is used to determine if splitting
      the rule to two FTEs is required while programming e-switch mirroring.
      Rename it to split count, making it clearer with no functional change.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Reviewed-by: default avatarOr Gerlitz <ogerlitz@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      e85e02ba
    • Eli Britstein's avatar
      net/mlx5: Consider encapsulation properties when comparing destinations · 1228e912
      Eli Britstein authored
      Currently the driver identifies identical vport destinations by
      comparing the vport ID. The FW extended destination feature enables the
      driver to forward the packet to the same vport with multiple
      encapsulation properties.
      
      Change the vport destination comparison logic to compare
      the encapsulation properties in addition to the vport ID.
      Signed-off-by: default avatarEli Britstein <elibr@mellanox.com>
      Acked-by: default avatarOr Gerlitz <ogerlitz@mellanox.com>
      Reviewed-by: default avatarOz Shlomo <ozsh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      1228e912
    • Daniel Borkmann's avatar
      bpf: fix up uapi helper description and sync bpf header with tools · 0bd72117
      Daniel Borkmann authored
      Minor markup fixup from bpf-next into net-next merge in the BPF helper
      description of bpf_sk_lookup_tcp() and bpf_sk_lookup_udp(). Also sync
      up the copy of bpf.h from tooling infrastructure.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Reviewed-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0bd72117
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next · addb0679
      David S. Miller authored
      Daniel Borkmann says:
      
      ====================
      pull-request: bpf-next 2018-12-11
      
      The following pull-request contains BPF updates for your *net-next* tree.
      
      It has three minor merge conflicts, resolutions:
      
      1) tools/testing/selftests/bpf/test_verifier.c
      
       Take first chunk with alignment_prevented_execution.
      
      2) net/core/filter.c
      
        [...]
        case bpf_ctx_range_ptr(struct __sk_buff, flow_keys):
        case bpf_ctx_range(struct __sk_buff, wire_len):
              return false;
        [...]
      
      3) include/uapi/linux/bpf.h
      
        Take the second chunk for the two cases each.
      
      The main changes are:
      
      1) Add support for BPF line info via BTF and extend libbpf as well
         as bpftool's program dump to annotate output with BPF C code to
         facilitate debugging and introspection, from Martin.
      
      2) Add support for BPF_ALU | BPF_ARSH | BPF_{K,X} in interpreter
         and all JIT backends, from Jiong.
      
      3) Improve BPF test coverage on archs with no efficient unaligned
         access by adding an "any alignment" flag to the BPF program load
         to forcefully disable verifier alignment checks, from David.
      
      4) Add a new bpf_prog_test_run_xattr() API to libbpf which allows for
         proper use of BPF_PROG_TEST_RUN with data_out, from Lorenz.
      
      5) Extend tc BPF programs to use a new __sk_buff field called wire_len
         for more accurate accounting of packets going to wire, from Petar.
      
      6) Improve bpftool to allow dumping the trace pipe from it and add
         several improvements in bash completion and map/prog dump,
         from Quentin.
      
      7) Optimize arm64 BPF JIT to always emit movn/movk/movk sequence for
         kernel addresses and add a dedicated BPF JIT backend allocator,
         from Ard.
      
      8) Add a BPF helper function for IR remotes to report mouse movements,
         from Sean.
      
      9) Various cleanups in BPF prog dump e.g. to make UAPI bpf_prog_info
         member naming consistent with existing conventions, from Yonghong
         and Song.
      
      10) Misc cleanups and improvements in allowing to pass interface name
          via cmdline for xdp1 BPF example, from Matteo.
      
      11) Fix a potential segfault in BPF sample loader's kprobes handling,
          from Daniel T.
      
      12) Fix SPDX license in libbpf's README.rst, from Andrey.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      addb0679
    • David Ahern's avatar
      neighbor: gc_list changes should be protected by table lock · 8cc196d6
      David Ahern authored
      Adding and removing neighbor entries to / from the gc_list need to be
      done while holding the table lock; a couple of places were missed in the
      original patch.
      
      Move the list_add_tail in neigh_alloc to ___neigh_create where the lock
      is already obtained. Since neighbor entries should rarely be moved
      to/from PERMANENT state, add lock/unlock around the gc_list changes in
      neigh_change_state rather than extending the lock hold around all
      neighbor updates.
      
      Fixes: 58956317 ("neighbor: Improve garbage collection")
      Reported-by: default avatarAndrei Vagin <avagin@gmail.com>
      Reported-by: syzbot+6cc2fd1d3bdd2e007363@syzkaller.appspotmail.com
      Reported-by: syzbot+35e87b87c00f386b041f@syzkaller.appspotmail.com
      Reported-by: syzbot+b354d1fb59091ea73c37@syzkaller.appspotmail.com
      Reported-by: syzbot+3ddead5619658537909b@syzkaller.appspotmail.com
      Reported-by: syzbot+424d47d5c456ce8b2bbe@syzkaller.appspotmail.com
      Reported-by: syzbot+e4d42eb35f6a27b0a628@syzkaller.appspotmail.com
      Signed-off-by: default avatarDavid Ahern <dsahern@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8cc196d6
    • David S. Miller's avatar
      Merge tag 'mlx5e-updates-2018-12-10' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux · 93698321
      David S. Miller authored
      Saeed Mahameed:
      
      ====================
      mlx5e-updates-2018-12-10 (gre)
      
      This patch set adds GRE offloading support to Mellanox ethernet driver.
      
      Patches 1-5 replace the existing egdev mechanism with the new TC indirect
      block binds mechanism that was introduced by Netronome:
      7f76fa36 ("net: sched: register callbacks for indirect tc block binds")
      
      Patches 6-9 add GRE offloading support along with some required
      refactoring work.
      
      Patch 10, Add netif_is_gretap()/netif_is_ip6gretap()
       - Changed the is_gretap_dev and is_ip6gretap_dev logic from structure
         comparison to string comparison of the rtnl_link_ops kind field.
      
      Patch 11, add GRE offloading support to mlx5.
      
      Patch 12 removes the egdev mechanism from TC as it is no longer used by
      any of the drivers.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      93698321
  2. 10 Dec, 2018 29 commits