1. 01 Feb, 2023 25 commits
    • Jakub Kicinski's avatar
      Merge tag 'mlx5-updates-2023-01-30' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux · 71af6a2d
      Jakub Kicinski authored
      Saeed Mahameed says:
      
      ====================
      mlx5-updates-2023-01-30
      
      Add fast update encryption key
      
      Jianbo Liu Says:
      ================
      
      Data encryption keys (DEKs) are the keys used for data encryption and
      decryption operations. Starting from version 22.33.0783, firmware is
      optimized to accelerate the update of user keys into DEK object in
      hardware. The support for bulk allocation and destruction of DEK
      objects is added, and the bulk allocated DEKs are uninitialized, as
      the bulk creation requires no input key. When offload
      encryption/decryption, user gets one object from a bulk, and updates
      key by a new "modify DEK" command. This command is the same as create
      DEK object, but requires no heavy context memory allocation in
      firmware, which consumes most cpu cycles of the create DEK command.
      
      DEKs are cached internally by the NIC, so invalidating internal NIC
      caches is required before reusing DEKs. The SYNC_CRYPTO command is
      added to support it. DEK object can be reused, the keys in it can be
      updated after this command is executed.
      
      This patchset enhances the key creation and destruction flow, to get
      use of this new feature. Any user, for example, ktls, ipsec and
      macsec, can use it to offload keys. But, only ktls uses it, as others
      don't need many keys, and caching two many DEKs in pool is wasteful.
      
      There are two new data struts added:
          a. DEK pool. One pool is created for each key type. The bulks by
      the type, are placed in the pool's different bulk lists, according to
      the number of available and in_used DEKs in the bulk.
          b. DEK bulk. All DEKs in one bulk allocation are store here. There
      are two bitmaps to indicate the state of each DEK.
      
      New APIs are then added. When user need a DEK object,
          a. Fetch one bulk with avail DEKs, from the partial_list or
      avail_list, otherwise create new one.
          b. Pick one DEK, and set its need_sync and in_used bits to 1.
      Move the bulk to full_list if no more available keys, or put it to
      partial_list if the bulk is newly created.
          c. Update DEK object's key with user key, by the "modify DEK"
      command.
          d. Return DEK struct to user, then it gets the object id and fills
      it into the offload commands.
      When user free a DEK,
          a. Set in_use bit to 0. If all need_sync bits are 1 and all in_use
      bits of this bulk are 0, move it to sync_list.
          b. If the number of DEKs, which are freed by users, is over the
      threshold (128), schedule a workqueue to do the sync process.
      
      For the sync process, the SYNC_CRYPTO command is executed first. Then,
      for each bulks in partial_list, full_list and sync_list, reset
      need_sync bits of the freed DEK objects. If all need_sync bits in one
      bulk are zero, move it to avail_list.
      
      We already supported TIS pool to recycle the TISes. With this series
      and TIS pool, TLS CPS performance is improved greatly.
      And we tested https on the system:
          CPU: dual AMD EPYC 7763 64-Core processors
          RAM: 512G
          DEV: ConnectX-6 DX, with FW ver 22.33.0838 and TLS_OPTIMISE=true
      TLS CPS performance numbers are:
          Before: 11k connections/sec
          After: 101 connections/sec
      
      ================
      
      * tag 'mlx5-updates-2023-01-30' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux:
        net/mlx5e: kTLS, Improve connection rate by using fast update encryption key
        net/mlx5: Keep only one bulk of full available DEKs
        net/mlx5: Add async garbage collector for DEK bulk
        net/mlx5: Reuse DEKs after executing SYNC_CRYPTO command
        net/mlx5: Use bulk allocation for fast update encryption key
        net/mlx5: Add bulk allocation and modify_dek operation
        net/mlx5: Add support SYNC_CRYPTO command
        net/mlx5: Add new APIs for fast update encryption key
        net/mlx5: Refactor the encryption key creation
        net/mlx5: Add const to the key pointer of encryption key creation
        net/mlx5: Prepare for fast crypto key update if hardware supports it
        net/mlx5: Change key type to key purpose
        net/mlx5: Add IFC bits and enums for crypto key
        net/mlx5: Add IFC bits for general obj create param
        net/mlx5: Header file for crypto
      ====================
      
      Link: https://lore.kernel.org/r/20230131031201.35336-1-saeed@kernel.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      71af6a2d
    • Jakub Kicinski's avatar
      Merge branch '10GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue · c925ed5f
      Jakub Kicinski authored
      Tony Nguyen says:
      
      ====================
      Intel Wired LAN: Remove redundant Device Control Error Reporting Enable
      
      Bjorn Helgaas says:
      
      Since f26e58bf ("PCI/AER: Enable error reporting when AER is native"),
      the PCI core sets the Device Control bits that enable error reporting for
      PCIe devices.
      
      This series removes redundant calls to pci_enable_pcie_error_reporting()
      that do the same thing from several NIC drivers.
      
      There are several more drivers where this should be removed; I started with
      just the Intel drivers here.
      
      * '10GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue:
        ixgbe: Remove redundant pci_enable_pcie_error_reporting()
        igc: Remove redundant pci_enable_pcie_error_reporting()
        igb: Remove redundant pci_enable_pcie_error_reporting()
        ice: Remove redundant pci_enable_pcie_error_reporting()
        iavf: Remove redundant pci_enable_pcie_error_reporting()
        i40e: Remove redundant pci_enable_pcie_error_reporting()
        fm10k: Remove redundant pci_enable_pcie_error_reporting()
        e1000e: Remove redundant pci_enable_pcie_error_reporting()
      ====================
      
      Link: https://lore.kernel.org/r/20230130192519.686446-1-anthony.l.nguyen@intel.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      c925ed5f
    • Jakub Kicinski's avatar
      Merge branch 'selftests-mlxsw-convert-to-iproute2-dcb' · 67971c38
      Jakub Kicinski authored
      Petr Machata says:
      
      ====================
      selftests: mlxsw: Convert to iproute2 dcb
      
      There is a dedicated tool for configuration of DCB in iproute2. Use it
      in the selftests instead of lldpad.
      
      Patches #1-#3 convert three tests. Patch #4 drops the now-unnecessary
      lldpad helpers.
      ====================
      
      Link: https://lore.kernel.org/r/cover.1675096231.git.petrm@nvidia.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      67971c38
    • Petr Machata's avatar
      selftests: net: forwarding: lib: Drop lldpad_app_wait_set(), _del() · bd32ff68
      Petr Machata authored
      The existing users of these helpers have been converted to iproute2 dcb.
      Drop the helpers.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      bd32ff68
    • Petr Machata's avatar
      selftests: mlxsw: qos_defprio: Convert from lldptool to dcb · 5b3ef045
      Petr Machata authored
      Set up default port priority through the iproute2 dcb tool, which is easier
      to understand and manage.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      5b3ef045
    • Petr Machata's avatar
      selftests: mlxsw: qos_dscp_router: Convert from lldptool to dcb · 10d5bd0b
      Petr Machata authored
      Set up DSCP prioritization through the iproute2 dcb tool, which is easier
      to understand and manage.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      10d5bd0b
    • Petr Machata's avatar
      selftests: mlxsw: qos_dscp_bridge: Convert from lldptool to dcb · 1680801e
      Petr Machata authored
      Set up DSCP prioritization through the iproute2 dcb tool, which is easier
      to understand and manage.
      Signed-off-by: default avatarPetr Machata <petrm@nvidia.com>
      Reviewed-by: default avatarDanielle Ratson <danieller@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      1680801e
    • Jakub Kicinski's avatar
      Merge branch 'net-mdio-add-amlogic-gxl-mdio-mux-support' · 88b49402
      Jakub Kicinski authored
      Jerome Brunet says:
      
      ====================
      net: mdio: add amlogic gxl mdio mux support
      
      Add support for the MDIO multiplexer found in the Amlogic GXL SoC family.
      This multiplexer allows to choose between the external (SoC pins) MDIO bus,
      or the internal one leading to the integrated 10/100M PHY.
      
      This multiplexer has been handled with the mdio-mux-mmioreg generic driver
      so far. When it was added, it was thought the logic was handled by a
      single register.
      
      It turns out more than a single register need to be properly set.
      As long as the device is using the Amlogic vendor bootloader, or upstream
      u-boot with net support, it is working fine since the kernel is inheriting
      the bootloader settings. Without net support in the bootloader, this glue
      comes unset in the kernel and only the external path may operate properly.
      
      With this driver (and the associated change in
      arch/arm64/boot/dts/amlogic/meson-gxl.dtsi), the kernel no longer relies
      on the bootloader to set things up, fixing the problem.
      ====================
      
      Link: https://lore.kernel.org/r/20230130151616.375168-1-jbrunet@baylibre.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      88b49402
    • Jerome Brunet's avatar
      net: mdio: add amlogic gxl mdio mux support · 9a24e1ff
      Jerome Brunet authored
      Add support for the mdio mux and internal phy glue of the GXL SoC
      family
      Reported-by: default avatarDa Xue <da@lessconfused.com>
      Signed-off-by: default avatarJerome Brunet <jbrunet@baylibre.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      9a24e1ff
    • Jerome Brunet's avatar
      dt-bindings: net: add amlogic gxl mdio multiplexer · cc732d23
      Jerome Brunet authored
      Add documentation for the MDIO bus multiplexer found on the Amlogic GXL
      SoC family
      Reviewed-by: default avatarKrzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
      Signed-off-by: default avatarJerome Brunet <jbrunet@baylibre.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      cc732d23
    • Jakub Kicinski's avatar
      Merge branch 'tools-ynl-more-docs-and-basic-ethtool-support' · 1b98ac0f
      Jakub Kicinski authored
      Jakub Kicinski says:
      
      ====================
      tools: ynl: more docs and basic ethtool support
      
      I got discouraged from supporting ethtool in specs, because
      generating the user space C code seems a little tricky.
      The messages are ID'ed in a "directional" way (to and from
      kernel are separate ID "spaces"). There is value, however,
      in having the spec and being able to for example use it
      in Python.
      
      After paying off some technical debt - add a partial
      ethtool spec. Partial because the header for ethtool is almost
      a 1000 LoC, so converting in one sitting is tough. But adding
      new commands should be trivial now.
      
      Last but not least I add more docs, I realized that I've been
      sending a similar "instructions" email to people working on
      new families. It's now intro-specs.rst.
      ====================
      
      Link: https://lore.kernel.org/r/20230131023354.1732677-1-kuba@kernel.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      1b98ac0f
    • Jakub Kicinski's avatar
      tools: net: use python3 explicitly · 981cbcb0
      Jakub Kicinski authored
      The scripts require Python 3 and some distros are dropping
      Python 2 support.
      Reported-by: default avatarStanislav Fomichev <sdf@google.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      981cbcb0
    • Jakub Kicinski's avatar
      docs: netlink: add a starting guide for working with specs · 01e47a37
      Jakub Kicinski authored
      We have a bit of documentation about the internals of Netlink
      and the specs, but really the goal is for most people to not
      worry about those. Add a practical guide for beginners who
      want to poke at the specs.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      01e47a37
    • Jakub Kicinski's avatar
      netlink: specs: add partial specification for ethtool · b784db7a
      Jakub Kicinski authored
      Ethtool is one of the most actively developed families.
      With the changes to the CLI it should be possible to use
      the YNL based code for easy prototyping and development.
      Add a partial family definition. I've tested the string
      set and rings. I don't have any MAC Merge implementation
      to test with, but I added the definition for it, anyway,
      because it's last. New commands can simply be added at
      the end without having to worry about manually providing
      IDs / values.
      
      Set (with notification support - None is the response,
      the data is from the notification):
      
      $ sudo ./tools/net/ynl/cli.py \
          --spec Documentation/netlink/specs/ethtool.yaml \
          --do rings-set \
          --json '{"header":{"dev-name":"enp0s31f6"}, "rx":129}' \
          --subscribe monitor
      None
      [{'msg': {'header': {'dev-index': 2, 'dev-name': 'enp0s31f6'},
                'rx': 136,
                'rx-max': 4096,
                'tx': 256,
                'tx-max': 4096,
                'tx-push': 0},
        'name': 'rings-ntf'}]
      
      Do / dump (yes, the kernel requires that even for dump and even
      if empty - the "header" nest must be there):
      
      $ ./tools/net/ynl/cli.py \
          --spec Documentation/netlink/specs/ethtool.yaml \
          --do rings-get \
          --json '{"header":{"dev-index": 2}}'
      {'header': {'dev-index': 2, 'dev-name': 'enp0s31f6'},
       'rx': 136,
       'rx-max': 4096,
       'tx': 256,
       'tx-max': 4096,
       'tx-push': 0}
      
      $ ./tools/net/ynl/cli.py \
          --spec Documentation/netlink/specs/ethtool.yaml \
          --dump rings-get \
          --json '{"header":{}}'
      [{'header': {'dev-index': 2, 'dev-name': 'enp0s31f6'},
        'rx': 136,
        'rx-max': 4096,
        'tx': 256,
        'tx-max': 4096,
        'tx-push': 0},
       {'header': {'dev-index': 3, 'dev-name': 'wlp0s20f3'}, 'tx-push': 0},
       {'header': {'dev-index': 19, 'dev-name': 'enp58s0u1u1'},
        'rx': 100,
        'rx-max': 4096,
        'tx-push': 0}]
      
      And error reporting:
      
      $ ./tools/net/ynl/cli.py \
          --spec Documentation/netlink/specs/ethtool.yaml \
          --dump rings-get \
          --json '{"header":{"flags":5}}'
      Netlink error: Invalid argument
      nl_len = 68 (52) nl_flags = 0x300 nl_type = 2
      	error: -22	extack: {'msg': 'reserved bit set',
      	                         'bad-attr-offs': 24,
      				 'bad-attr': '.header.flags'}
      None
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      b784db7a
    • Jakub Kicinski's avatar
      netlink: specs: finish up operation enum-models · 8403bf04
      Jakub Kicinski authored
      I had a (bright?) idea of introducing the concept of enum-models
      to account for all the weird ways families enumerate their messages.
      I've never finished it because generating C code for each of them
      is pretty daunting. But for languages which can use ID values directly
      the support is simple enough, so clean this up a bit.
      
      "unified" model is what I recommend going forward.
      "directional" model is what ethtool uses.
      "notify-split" is used by the proposed DPLL code, but we can just
      make them use "unified", it hasn't been merged :)
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      8403bf04
    • Jakub Kicinski's avatar
      tools: ynl: load jsonschema on demand · 5c6674f6
      Jakub Kicinski authored
      The CLI script tries to validate jsonschema by default.
      It's seems better to validate too many times than too few.
      However, when copying the scripts to random servers having
      to install jsonschema is tedious. Load jsonschema via
      importlib, and let the user opt out.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      5c6674f6
    • Jakub Kicinski's avatar
      tools: ynl: use operation names from spec on the CLI · 8dfec0a8
      Jakub Kicinski authored
      When I wrote the first version of the Python code I was quite
      excited that we can generate class methods directly from the
      spec. Unfortunately we need to use valid identifiers for method
      names (specifically no dashes are allowed). Don't reuse those
      names on the CLI, it's much more natural to use the operation
      names exactly as listed in the spec.
      
      Instead of:
        ./cli --do rings_get
      use:
        ./cli --do rings-get
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      8dfec0a8
    • Jakub Kicinski's avatar
      tools: ynl: support pretty printing bad attribute names · 4cd2796f
      Jakub Kicinski authored
      One of my favorite features of the Netlink specs is that they
      make decoding structured extack a ton easier.
      Implement pretty printing bad attribute names in YNL.
      
      For example it will now say:
      
        'bad-attr': '.header.flags'
      
      rather than the useless:
      
        'bad-attr-offs': 32
      
      Proof:
      
        $ ./cli.py --spec ethtool.yaml --do rings_get \
           --json '{"header":{"dev-index":1, "flags":4}}'
        Netlink error: Invalid argument
        nl_len = 68 (52) nl_flags = 0x300 nl_type = 2
      	error: -22	extack: {'msg': 'reserved bit set',
      				 'bad-attr': '.header.flags'}
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      4cd2796f
    • Jakub Kicinski's avatar
      tools: ynl: support multi-attr · 90256f3f
      Jakub Kicinski authored
      Ethtool uses mutli-attr, add the support to YNL.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      90256f3f
    • Jakub Kicinski's avatar
      tools: ynl: support directional enum-model in CLI · fd0616d3
      Jakub Kicinski authored
      Support families which use different IDs for messages
      to and from the kernel.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      fd0616d3
    • Jakub Kicinski's avatar
      tools: ynl: add support for types needed by ethtool · 19b64b48
      Jakub Kicinski authored
      Ethtool needs support for handful of extra types.
      It doesn't have the definitions section yet.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      19b64b48
    • Jakub Kicinski's avatar
      tools: ynl: use the common YAML loading and validation code · 30a5c6c8
      Jakub Kicinski authored
      Adapt the common object hierarchy in code gen and CLI.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      30a5c6c8
    • Jakub Kicinski's avatar
      tools: ynl: add an object hierarchy to represent parsed spec · 3aacf828
      Jakub Kicinski authored
      There's a lot of copy and pasting going on between the "cli"
      and code gen when it comes to representing the parsed spec.
      Create a library which both can use.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      3aacf828
    • Jakub Kicinski's avatar
      tools: ynl: move the cli and netlink code around · 4e4480e8
      Jakub Kicinski authored
      Move the CLI code out of samples/ and the library part
      of it into tools/net/ynl/lib/. This way we can start
      sharing some code with the code gen.
      
      Initially I thought that code gen is too C-specific to
      share anything but basic stuff like calculating values
      for enums can easily be shared.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      4e4480e8
    • Jakub Kicinski's avatar
      tools: ynl-gen: prevent do / dump reordering · eaf317e7
      Jakub Kicinski authored
      An earlier fix tried to address generated code jumping around
      one code-gen run to another. Turns out dict()s are already
      ordered since Python 3.7, the problem is that we iterate over
      operation modes using a set(). Sets are unordered in Python.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      eaf317e7
  2. 31 Jan, 2023 15 commits