tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / include / net / flow_offload.h
at v5.8 561 lines 15 kB view raw
1#ifndef _NET_FLOW_OFFLOAD_H 2#define _NET_FLOW_OFFLOAD_H 3 4#include <linux/kernel.h> 5#include <linux/list.h> 6#include <linux/netlink.h> 7#include <net/flow_dissector.h> 8 9struct flow_match { 10 struct flow_dissector *dissector; 11 void *mask; 12 void *key; 13}; 14 15struct flow_match_meta { 16 struct flow_dissector_key_meta *key, *mask; 17}; 18 19struct flow_match_basic { 20 struct flow_dissector_key_basic *key, *mask; 21}; 22 23struct flow_match_control { 24 struct flow_dissector_key_control *key, *mask; 25}; 26 27struct flow_match_eth_addrs { 28 struct flow_dissector_key_eth_addrs *key, *mask; 29}; 30 31struct flow_match_vlan { 32 struct flow_dissector_key_vlan *key, *mask; 33}; 34 35struct flow_match_ipv4_addrs { 36 struct flow_dissector_key_ipv4_addrs *key, *mask; 37}; 38 39struct flow_match_ipv6_addrs { 40 struct flow_dissector_key_ipv6_addrs *key, *mask; 41}; 42 43struct flow_match_ip { 44 struct flow_dissector_key_ip *key, *mask; 45}; 46 47struct flow_match_ports { 48 struct flow_dissector_key_ports *key, *mask; 49}; 50 51struct flow_match_icmp { 52 struct flow_dissector_key_icmp *key, *mask; 53}; 54 55struct flow_match_tcp { 56 struct flow_dissector_key_tcp *key, *mask; 57}; 58 59struct flow_match_mpls { 60 struct flow_dissector_key_mpls *key, *mask; 61}; 62 63struct flow_match_enc_keyid { 64 struct flow_dissector_key_keyid *key, *mask; 65}; 66 67struct flow_match_enc_opts { 68 struct flow_dissector_key_enc_opts *key, *mask; 69}; 70 71struct flow_match_ct { 72 struct flow_dissector_key_ct *key, *mask; 73}; 74 75struct flow_rule; 76 77void flow_rule_match_meta(const struct flow_rule *rule, 78 struct flow_match_meta *out); 79void flow_rule_match_basic(const struct flow_rule *rule, 80 struct flow_match_basic *out); 81void flow_rule_match_control(const struct flow_rule *rule, 82 struct flow_match_control *out); 83void flow_rule_match_eth_addrs(const struct flow_rule *rule, 84 struct flow_match_eth_addrs *out); 85void flow_rule_match_vlan(const struct flow_rule *rule, 86 struct flow_match_vlan *out); 87void flow_rule_match_cvlan(const struct flow_rule *rule, 88 struct flow_match_vlan *out); 89void flow_rule_match_ipv4_addrs(const struct flow_rule *rule, 90 struct flow_match_ipv4_addrs *out); 91void flow_rule_match_ipv6_addrs(const struct flow_rule *rule, 92 struct flow_match_ipv6_addrs *out); 93void flow_rule_match_ip(const struct flow_rule *rule, 94 struct flow_match_ip *out); 95void flow_rule_match_ports(const struct flow_rule *rule, 96 struct flow_match_ports *out); 97void flow_rule_match_tcp(const struct flow_rule *rule, 98 struct flow_match_tcp *out); 99void flow_rule_match_icmp(const struct flow_rule *rule, 100 struct flow_match_icmp *out); 101void flow_rule_match_mpls(const struct flow_rule *rule, 102 struct flow_match_mpls *out); 103void flow_rule_match_enc_control(const struct flow_rule *rule, 104 struct flow_match_control *out); 105void flow_rule_match_enc_ipv4_addrs(const struct flow_rule *rule, 106 struct flow_match_ipv4_addrs *out); 107void flow_rule_match_enc_ipv6_addrs(const struct flow_rule *rule, 108 struct flow_match_ipv6_addrs *out); 109void flow_rule_match_enc_ip(const struct flow_rule *rule, 110 struct flow_match_ip *out); 111void flow_rule_match_enc_ports(const struct flow_rule *rule, 112 struct flow_match_ports *out); 113void flow_rule_match_enc_keyid(const struct flow_rule *rule, 114 struct flow_match_enc_keyid *out); 115void flow_rule_match_enc_opts(const struct flow_rule *rule, 116 struct flow_match_enc_opts *out); 117void flow_rule_match_ct(const struct flow_rule *rule, 118 struct flow_match_ct *out); 119 120enum flow_action_id { 121 FLOW_ACTION_ACCEPT = 0, 122 FLOW_ACTION_DROP, 123 FLOW_ACTION_TRAP, 124 FLOW_ACTION_GOTO, 125 FLOW_ACTION_REDIRECT, 126 FLOW_ACTION_MIRRED, 127 FLOW_ACTION_REDIRECT_INGRESS, 128 FLOW_ACTION_MIRRED_INGRESS, 129 FLOW_ACTION_VLAN_PUSH, 130 FLOW_ACTION_VLAN_POP, 131 FLOW_ACTION_VLAN_MANGLE, 132 FLOW_ACTION_TUNNEL_ENCAP, 133 FLOW_ACTION_TUNNEL_DECAP, 134 FLOW_ACTION_MANGLE, 135 FLOW_ACTION_ADD, 136 FLOW_ACTION_CSUM, 137 FLOW_ACTION_MARK, 138 FLOW_ACTION_PTYPE, 139 FLOW_ACTION_PRIORITY, 140 FLOW_ACTION_WAKE, 141 FLOW_ACTION_QUEUE, 142 FLOW_ACTION_SAMPLE, 143 FLOW_ACTION_POLICE, 144 FLOW_ACTION_CT, 145 FLOW_ACTION_CT_METADATA, 146 FLOW_ACTION_MPLS_PUSH, 147 FLOW_ACTION_MPLS_POP, 148 FLOW_ACTION_MPLS_MANGLE, 149 FLOW_ACTION_GATE, 150 NUM_FLOW_ACTIONS, 151}; 152 153/* This is mirroring enum pedit_header_type definition for easy mapping between 154 * tc pedit action. Legacy TCA_PEDIT_KEY_EX_HDR_TYPE_NETWORK is mapped to 155 * FLOW_ACT_MANGLE_UNSPEC, which is supported by no driver. 156 */ 157enum flow_action_mangle_base { 158 FLOW_ACT_MANGLE_UNSPEC = 0, 159 FLOW_ACT_MANGLE_HDR_TYPE_ETH, 160 FLOW_ACT_MANGLE_HDR_TYPE_IP4, 161 FLOW_ACT_MANGLE_HDR_TYPE_IP6, 162 FLOW_ACT_MANGLE_HDR_TYPE_TCP, 163 FLOW_ACT_MANGLE_HDR_TYPE_UDP, 164}; 165 166enum flow_action_hw_stats_bit { 167 FLOW_ACTION_HW_STATS_IMMEDIATE_BIT, 168 FLOW_ACTION_HW_STATS_DELAYED_BIT, 169 FLOW_ACTION_HW_STATS_DISABLED_BIT, 170 171 FLOW_ACTION_HW_STATS_NUM_BITS 172}; 173 174enum flow_action_hw_stats { 175 FLOW_ACTION_HW_STATS_IMMEDIATE = 176 BIT(FLOW_ACTION_HW_STATS_IMMEDIATE_BIT), 177 FLOW_ACTION_HW_STATS_DELAYED = BIT(FLOW_ACTION_HW_STATS_DELAYED_BIT), 178 FLOW_ACTION_HW_STATS_ANY = FLOW_ACTION_HW_STATS_IMMEDIATE | 179 FLOW_ACTION_HW_STATS_DELAYED, 180 FLOW_ACTION_HW_STATS_DISABLED = 181 BIT(FLOW_ACTION_HW_STATS_DISABLED_BIT), 182 FLOW_ACTION_HW_STATS_DONT_CARE = BIT(FLOW_ACTION_HW_STATS_NUM_BITS) - 1, 183}; 184 185typedef void (*action_destr)(void *priv); 186 187struct flow_action_cookie { 188 u32 cookie_len; 189 u8 cookie[]; 190}; 191 192struct flow_action_cookie *flow_action_cookie_create(void *data, 193 unsigned int len, 194 gfp_t gfp); 195void flow_action_cookie_destroy(struct flow_action_cookie *cookie); 196 197struct flow_action_entry { 198 enum flow_action_id id; 199 enum flow_action_hw_stats hw_stats; 200 action_destr destructor; 201 void *destructor_priv; 202 union { 203 u32 chain_index; /* FLOW_ACTION_GOTO */ 204 struct net_device *dev; /* FLOW_ACTION_REDIRECT */ 205 struct { /* FLOW_ACTION_VLAN */ 206 u16 vid; 207 __be16 proto; 208 u8 prio; 209 } vlan; 210 struct { /* FLOW_ACTION_MANGLE */ 211 /* FLOW_ACTION_ADD */ 212 enum flow_action_mangle_base htype; 213 u32 offset; 214 u32 mask; 215 u32 val; 216 } mangle; 217 struct ip_tunnel_info *tunnel; /* FLOW_ACTION_TUNNEL_ENCAP */ 218 u32 csum_flags; /* FLOW_ACTION_CSUM */ 219 u32 mark; /* FLOW_ACTION_MARK */ 220 u16 ptype; /* FLOW_ACTION_PTYPE */ 221 u32 priority; /* FLOW_ACTION_PRIORITY */ 222 struct { /* FLOW_ACTION_QUEUE */ 223 u32 ctx; 224 u32 index; 225 u8 vf; 226 } queue; 227 struct { /* FLOW_ACTION_SAMPLE */ 228 struct psample_group *psample_group; 229 u32 rate; 230 u32 trunc_size; 231 bool truncate; 232 } sample; 233 struct { /* FLOW_ACTION_POLICE */ 234 s64 burst; 235 u64 rate_bytes_ps; 236 } police; 237 struct { /* FLOW_ACTION_CT */ 238 int action; 239 u16 zone; 240 struct nf_flowtable *flow_table; 241 } ct; 242 struct { 243 unsigned long cookie; 244 u32 mark; 245 u32 labels[4]; 246 } ct_metadata; 247 struct { /* FLOW_ACTION_MPLS_PUSH */ 248 u32 label; 249 __be16 proto; 250 u8 tc; 251 u8 bos; 252 u8 ttl; 253 } mpls_push; 254 struct { /* FLOW_ACTION_MPLS_POP */ 255 __be16 proto; 256 } mpls_pop; 257 struct { /* FLOW_ACTION_MPLS_MANGLE */ 258 u32 label; 259 u8 tc; 260 u8 bos; 261 u8 ttl; 262 } mpls_mangle; 263 struct { 264 u32 index; 265 s32 prio; 266 u64 basetime; 267 u64 cycletime; 268 u64 cycletimeext; 269 u32 num_entries; 270 struct action_gate_entry *entries; 271 } gate; 272 }; 273 struct flow_action_cookie *cookie; /* user defined action cookie */ 274}; 275 276struct flow_action { 277 unsigned int num_entries; 278 struct flow_action_entry entries[]; 279}; 280 281static inline bool flow_action_has_entries(const struct flow_action *action) 282{ 283 return action->num_entries; 284} 285 286/** 287 * flow_action_has_one_action() - check if exactly one action is present 288 * @action: tc filter flow offload action 289 * 290 * Returns true if exactly one action is present. 291 */ 292static inline bool flow_offload_has_one_action(const struct flow_action *action) 293{ 294 return action->num_entries == 1; 295} 296 297#define flow_action_for_each(__i, __act, __actions) \ 298 for (__i = 0, __act = &(__actions)->entries[0]; \ 299 __i < (__actions)->num_entries; \ 300 __act = &(__actions)->entries[++__i]) 301 302static inline bool 303flow_action_mixed_hw_stats_check(const struct flow_action *action, 304 struct netlink_ext_ack *extack) 305{ 306 const struct flow_action_entry *action_entry; 307 u8 uninitialized_var(last_hw_stats); 308 int i; 309 310 if (flow_offload_has_one_action(action)) 311 return true; 312 313 flow_action_for_each(i, action_entry, action) { 314 if (i && action_entry->hw_stats != last_hw_stats) { 315 NL_SET_ERR_MSG_MOD(extack, "Mixing HW stats types for actions is not supported"); 316 return false; 317 } 318 last_hw_stats = action_entry->hw_stats; 319 } 320 return true; 321} 322 323static inline const struct flow_action_entry * 324flow_action_first_entry_get(const struct flow_action *action) 325{ 326 WARN_ON(!flow_action_has_entries(action)); 327 return &action->entries[0]; 328} 329 330static inline bool 331__flow_action_hw_stats_check(const struct flow_action *action, 332 struct netlink_ext_ack *extack, 333 bool check_allow_bit, 334 enum flow_action_hw_stats_bit allow_bit) 335{ 336 const struct flow_action_entry *action_entry; 337 338 if (!flow_action_has_entries(action)) 339 return true; 340 if (!flow_action_mixed_hw_stats_check(action, extack)) 341 return false; 342 343 action_entry = flow_action_first_entry_get(action); 344 345 /* Zero is not a legal value for hw_stats, catch anyone passing it */ 346 WARN_ON_ONCE(!action_entry->hw_stats); 347 348 if (!check_allow_bit && 349 ~action_entry->hw_stats & FLOW_ACTION_HW_STATS_ANY) { 350 NL_SET_ERR_MSG_MOD(extack, "Driver supports only default HW stats type \"any\""); 351 return false; 352 } else if (check_allow_bit && 353 !(action_entry->hw_stats & BIT(allow_bit))) { 354 NL_SET_ERR_MSG_MOD(extack, "Driver does not support selected HW stats type"); 355 return false; 356 } 357 return true; 358} 359 360static inline bool 361flow_action_hw_stats_check(const struct flow_action *action, 362 struct netlink_ext_ack *extack, 363 enum flow_action_hw_stats_bit allow_bit) 364{ 365 return __flow_action_hw_stats_check(action, extack, true, allow_bit); 366} 367 368static inline bool 369flow_action_basic_hw_stats_check(const struct flow_action *action, 370 struct netlink_ext_ack *extack) 371{ 372 return __flow_action_hw_stats_check(action, extack, false, 0); 373} 374 375struct flow_rule { 376 struct flow_match match; 377 struct flow_action action; 378}; 379 380struct flow_rule *flow_rule_alloc(unsigned int num_actions); 381 382static inline bool flow_rule_match_key(const struct flow_rule *rule, 383 enum flow_dissector_key_id key) 384{ 385 return dissector_uses_key(rule->match.dissector, key); 386} 387 388struct flow_stats { 389 u64 pkts; 390 u64 bytes; 391 u64 lastused; 392 enum flow_action_hw_stats used_hw_stats; 393 bool used_hw_stats_valid; 394}; 395 396static inline void flow_stats_update(struct flow_stats *flow_stats, 397 u64 bytes, u64 pkts, u64 lastused, 398 enum flow_action_hw_stats used_hw_stats) 399{ 400 flow_stats->pkts += pkts; 401 flow_stats->bytes += bytes; 402 flow_stats->lastused = max_t(u64, flow_stats->lastused, lastused); 403 404 /* The driver should pass value with a maximum of one bit set. 405 * Passing FLOW_ACTION_HW_STATS_ANY is invalid. 406 */ 407 WARN_ON(used_hw_stats == FLOW_ACTION_HW_STATS_ANY); 408 flow_stats->used_hw_stats |= used_hw_stats; 409 flow_stats->used_hw_stats_valid = true; 410} 411 412enum flow_block_command { 413 FLOW_BLOCK_BIND, 414 FLOW_BLOCK_UNBIND, 415}; 416 417enum flow_block_binder_type { 418 FLOW_BLOCK_BINDER_TYPE_UNSPEC, 419 FLOW_BLOCK_BINDER_TYPE_CLSACT_INGRESS, 420 FLOW_BLOCK_BINDER_TYPE_CLSACT_EGRESS, 421}; 422 423struct flow_block { 424 struct list_head cb_list; 425}; 426 427struct netlink_ext_ack; 428 429struct flow_block_offload { 430 enum flow_block_command command; 431 enum flow_block_binder_type binder_type; 432 bool block_shared; 433 bool unlocked_driver_cb; 434 struct net *net; 435 struct flow_block *block; 436 struct list_head cb_list; 437 struct list_head *driver_block_list; 438 struct netlink_ext_ack *extack; 439}; 440 441enum tc_setup_type; 442typedef int flow_setup_cb_t(enum tc_setup_type type, void *type_data, 443 void *cb_priv); 444 445struct flow_block_cb; 446 447struct flow_block_indr { 448 struct list_head list; 449 struct net_device *dev; 450 enum flow_block_binder_type binder_type; 451 void *data; 452 void *cb_priv; 453 void (*cleanup)(struct flow_block_cb *block_cb); 454}; 455 456struct flow_block_cb { 457 struct list_head driver_list; 458 struct list_head list; 459 flow_setup_cb_t *cb; 460 void *cb_ident; 461 void *cb_priv; 462 void (*release)(void *cb_priv); 463 struct flow_block_indr indr; 464 unsigned int refcnt; 465}; 466 467struct flow_block_cb *flow_block_cb_alloc(flow_setup_cb_t *cb, 468 void *cb_ident, void *cb_priv, 469 void (*release)(void *cb_priv)); 470struct flow_block_cb *flow_indr_block_cb_alloc(flow_setup_cb_t *cb, 471 void *cb_ident, void *cb_priv, 472 void (*release)(void *cb_priv), 473 struct flow_block_offload *bo, 474 struct net_device *dev, void *data, 475 void *indr_cb_priv, 476 void (*cleanup)(struct flow_block_cb *block_cb)); 477void flow_block_cb_free(struct flow_block_cb *block_cb); 478 479struct flow_block_cb *flow_block_cb_lookup(struct flow_block *block, 480 flow_setup_cb_t *cb, void *cb_ident); 481 482void *flow_block_cb_priv(struct flow_block_cb *block_cb); 483void flow_block_cb_incref(struct flow_block_cb *block_cb); 484unsigned int flow_block_cb_decref(struct flow_block_cb *block_cb); 485 486static inline void flow_block_cb_add(struct flow_block_cb *block_cb, 487 struct flow_block_offload *offload) 488{ 489 list_add_tail(&block_cb->list, &offload->cb_list); 490} 491 492static inline void flow_block_cb_remove(struct flow_block_cb *block_cb, 493 struct flow_block_offload *offload) 494{ 495 list_move(&block_cb->list, &offload->cb_list); 496} 497 498static inline void flow_indr_block_cb_remove(struct flow_block_cb *block_cb, 499 struct flow_block_offload *offload) 500{ 501 list_del(&block_cb->indr.list); 502 list_move(&block_cb->list, &offload->cb_list); 503} 504 505bool flow_block_cb_is_busy(flow_setup_cb_t *cb, void *cb_ident, 506 struct list_head *driver_block_list); 507 508int flow_block_cb_setup_simple(struct flow_block_offload *f, 509 struct list_head *driver_list, 510 flow_setup_cb_t *cb, 511 void *cb_ident, void *cb_priv, bool ingress_only); 512 513enum flow_cls_command { 514 FLOW_CLS_REPLACE, 515 FLOW_CLS_DESTROY, 516 FLOW_CLS_STATS, 517 FLOW_CLS_TMPLT_CREATE, 518 FLOW_CLS_TMPLT_DESTROY, 519}; 520 521struct flow_cls_common_offload { 522 u32 chain_index; 523 __be16 protocol; 524 u32 prio; 525 struct netlink_ext_ack *extack; 526}; 527 528struct flow_cls_offload { 529 struct flow_cls_common_offload common; 530 enum flow_cls_command command; 531 unsigned long cookie; 532 struct flow_rule *rule; 533 struct flow_stats stats; 534 u32 classid; 535}; 536 537static inline struct flow_rule * 538flow_cls_offload_flow_rule(struct flow_cls_offload *flow_cmd) 539{ 540 return flow_cmd->rule; 541} 542 543static inline void flow_block_init(struct flow_block *flow_block) 544{ 545 INIT_LIST_HEAD(&flow_block->cb_list); 546} 547 548typedef int flow_indr_block_bind_cb_t(struct net_device *dev, void *cb_priv, 549 enum tc_setup_type type, void *type_data, 550 void *data, 551 void (*cleanup)(struct flow_block_cb *block_cb)); 552 553int flow_indr_dev_register(flow_indr_block_bind_cb_t *cb, void *cb_priv); 554void flow_indr_dev_unregister(flow_indr_block_bind_cb_t *cb, void *cb_priv, 555 void (*release)(void *cb_priv)); 556int flow_indr_dev_setup_offload(struct net_device *dev, 557 enum tc_setup_type type, void *data, 558 struct flow_block_offload *bo, 559 void (*cleanup)(struct flow_block_cb *block_cb)); 560 561#endif /* _NET_FLOW_OFFLOAD_H */