2023-08-30 17:31:07 +02:00
|
|
|
// SPDX-License-Identifier: GPL-2.0+
|
|
|
|
/* Microchip VCAP API
|
|
|
|
*
|
|
|
|
* Copyright (c) 2022 Microchip Technology Inc. and its subsidiaries.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/types.h>
|
|
|
|
|
|
|
|
#include "vcap_api_private.h"
|
|
|
|
|
|
|
|
static int keyfield_size_table[] = {
|
|
|
|
[VCAP_FIELD_BIT] = sizeof(struct vcap_u1_key),
|
|
|
|
[VCAP_FIELD_U32] = sizeof(struct vcap_u32_key),
|
|
|
|
[VCAP_FIELD_U48] = sizeof(struct vcap_u48_key),
|
|
|
|
[VCAP_FIELD_U56] = sizeof(struct vcap_u56_key),
|
|
|
|
[VCAP_FIELD_U64] = sizeof(struct vcap_u64_key),
|
|
|
|
[VCAP_FIELD_U72] = sizeof(struct vcap_u72_key),
|
|
|
|
[VCAP_FIELD_U112] = sizeof(struct vcap_u112_key),
|
|
|
|
[VCAP_FIELD_U128] = sizeof(struct vcap_u128_key),
|
|
|
|
};
|
|
|
|
|
|
|
|
static int actionfield_size_table[] = {
|
|
|
|
[VCAP_FIELD_BIT] = sizeof(struct vcap_u1_action),
|
|
|
|
[VCAP_FIELD_U32] = sizeof(struct vcap_u32_action),
|
|
|
|
[VCAP_FIELD_U48] = sizeof(struct vcap_u48_action),
|
|
|
|
[VCAP_FIELD_U56] = sizeof(struct vcap_u56_action),
|
|
|
|
[VCAP_FIELD_U64] = sizeof(struct vcap_u64_action),
|
|
|
|
[VCAP_FIELD_U72] = sizeof(struct vcap_u72_action),
|
|
|
|
[VCAP_FIELD_U112] = sizeof(struct vcap_u112_action),
|
|
|
|
[VCAP_FIELD_U128] = sizeof(struct vcap_u128_action),
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Moving a rule in the VCAP address space */
|
|
|
|
struct vcap_rule_move {
|
|
|
|
int addr; /* address to move */
|
|
|
|
int offset; /* change in address */
|
|
|
|
int count; /* blocksize of addresses to move */
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Stores the filter cookie and chain id that enabled the port */
|
|
|
|
struct vcap_enabled_port {
|
|
|
|
struct list_head list; /* for insertion in enabled ports list */
|
|
|
|
struct net_device *ndev; /* the enabled port */
|
|
|
|
unsigned long cookie; /* filter that enabled the port */
|
|
|
|
int src_cid; /* source chain id */
|
|
|
|
int dst_cid; /* destination chain id */
|
|
|
|
};
|
|
|
|
|
|
|
|
void vcap_iter_set(struct vcap_stream_iter *itr, int sw_width,
|
|
|
|
const struct vcap_typegroup *tg, u32 offset)
|
|
|
|
{
|
|
|
|
memset(itr, 0, sizeof(*itr));
|
|
|
|
itr->offset = offset;
|
|
|
|
itr->sw_width = sw_width;
|
|
|
|
itr->regs_per_sw = DIV_ROUND_UP(sw_width, 32);
|
|
|
|
itr->tg = tg;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_iter_skip_tg(struct vcap_stream_iter *itr)
|
|
|
|
{
|
|
|
|
/* Compensate the field offset for preceding typegroups.
|
|
|
|
* A typegroup table ends with an all-zero terminator.
|
|
|
|
*/
|
|
|
|
while (itr->tg->width && itr->offset >= itr->tg->offset) {
|
|
|
|
itr->offset += itr->tg->width;
|
|
|
|
itr->tg++; /* next typegroup */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void vcap_iter_update(struct vcap_stream_iter *itr)
|
|
|
|
{
|
|
|
|
int sw_idx, sw_bitpos;
|
|
|
|
|
|
|
|
/* Calculate the subword index and bitposition for current bit */
|
|
|
|
sw_idx = itr->offset / itr->sw_width;
|
|
|
|
sw_bitpos = itr->offset % itr->sw_width;
|
|
|
|
/* Calculate the register index and bitposition for current bit */
|
|
|
|
itr->reg_idx = (sw_idx * itr->regs_per_sw) + (sw_bitpos / 32);
|
|
|
|
itr->reg_bitpos = sw_bitpos % 32;
|
|
|
|
}
|
|
|
|
|
|
|
|
void vcap_iter_init(struct vcap_stream_iter *itr, int sw_width,
|
|
|
|
const struct vcap_typegroup *tg, u32 offset)
|
|
|
|
{
|
|
|
|
vcap_iter_set(itr, sw_width, tg, offset);
|
|
|
|
vcap_iter_skip_tg(itr);
|
|
|
|
vcap_iter_update(itr);
|
|
|
|
}
|
|
|
|
|
|
|
|
void vcap_iter_next(struct vcap_stream_iter *itr)
|
|
|
|
{
|
|
|
|
itr->offset++;
|
|
|
|
vcap_iter_skip_tg(itr);
|
|
|
|
vcap_iter_update(itr);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_set_bit(u32 *stream, struct vcap_stream_iter *itr, bool value)
|
|
|
|
{
|
|
|
|
u32 mask = BIT(itr->reg_bitpos);
|
|
|
|
u32 *p = &stream[itr->reg_idx];
|
|
|
|
|
|
|
|
if (value)
|
|
|
|
*p |= mask;
|
|
|
|
else
|
|
|
|
*p &= ~mask;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_bit(u32 *stream, struct vcap_stream_iter *itr, bool val)
|
|
|
|
{
|
|
|
|
/* When intersected by a type group field, stream the type group bits
|
|
|
|
* before continuing with the value bit
|
|
|
|
*/
|
|
|
|
while (itr->tg->width &&
|
|
|
|
itr->offset >= itr->tg->offset &&
|
|
|
|
itr->offset < itr->tg->offset + itr->tg->width) {
|
|
|
|
int tg_bitpos = itr->tg->offset - itr->offset;
|
|
|
|
|
|
|
|
vcap_set_bit(stream, itr, (itr->tg->value >> tg_bitpos) & 0x1);
|
|
|
|
itr->offset++;
|
|
|
|
vcap_iter_update(itr);
|
|
|
|
}
|
|
|
|
vcap_set_bit(stream, itr, val);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_field(u32 *stream, struct vcap_stream_iter *itr,
|
|
|
|
int width, const u8 *value)
|
|
|
|
{
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
/* Loop over the field value bits and add the value bits one by one to
|
|
|
|
* the output stream.
|
|
|
|
*/
|
|
|
|
for (idx = 0; idx < width; idx++) {
|
|
|
|
u8 bidx = idx & GENMASK(2, 0);
|
|
|
|
|
|
|
|
/* Encode one field value bit */
|
|
|
|
vcap_encode_bit(stream, itr, (value[idx / 8] >> bidx) & 0x1);
|
|
|
|
vcap_iter_next(itr);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_typegroups(u32 *stream, int sw_width,
|
|
|
|
const struct vcap_typegroup *tg,
|
|
|
|
bool mask)
|
|
|
|
{
|
|
|
|
struct vcap_stream_iter iter;
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
/* Mask bits must be set to zeros (inverted later when writing to the
|
|
|
|
* mask cache register), so that the mask typegroup bits consist of
|
|
|
|
* match-1 or match-0, or both
|
|
|
|
*/
|
|
|
|
vcap_iter_set(&iter, sw_width, tg, 0);
|
|
|
|
while (iter.tg->width) {
|
|
|
|
/* Set position to current typegroup bit */
|
|
|
|
iter.offset = iter.tg->offset;
|
|
|
|
vcap_iter_update(&iter);
|
|
|
|
for (idx = 0; idx < iter.tg->width; idx++) {
|
|
|
|
/* Iterate over current typegroup bits. Mask typegroup
|
|
|
|
* bits are always set
|
|
|
|
*/
|
|
|
|
if (mask)
|
|
|
|
vcap_set_bit(stream, &iter, 0x1);
|
|
|
|
else
|
|
|
|
vcap_set_bit(stream, &iter,
|
|
|
|
(iter.tg->value >> idx) & 0x1);
|
|
|
|
iter.offset++;
|
|
|
|
vcap_iter_update(&iter);
|
|
|
|
}
|
|
|
|
iter.tg++; /* next typegroup */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool vcap_bitarray_zero(int width, u8 *value)
|
|
|
|
{
|
|
|
|
int bytes = DIV_ROUND_UP(width, BITS_PER_BYTE);
|
|
|
|
u8 total = 0, bmask = 0xff;
|
|
|
|
int rwidth = width;
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
for (idx = 0; idx < bytes; ++idx, rwidth -= BITS_PER_BYTE) {
|
|
|
|
if (rwidth && rwidth < BITS_PER_BYTE)
|
|
|
|
bmask = (1 << rwidth) - 1;
|
|
|
|
total += value[idx] & bmask;
|
|
|
|
}
|
|
|
|
return total == 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool vcap_get_bit(u32 *stream, struct vcap_stream_iter *itr)
|
|
|
|
{
|
|
|
|
u32 mask = BIT(itr->reg_bitpos);
|
|
|
|
u32 *p = &stream[itr->reg_idx];
|
|
|
|
|
|
|
|
return !!(*p & mask);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_decode_field(u32 *stream, struct vcap_stream_iter *itr,
|
|
|
|
int width, u8 *value)
|
|
|
|
{
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
/* Loop over the field value bits and get the field bits and
|
|
|
|
* set them in the output value byte array
|
|
|
|
*/
|
|
|
|
for (idx = 0; idx < width; idx++) {
|
|
|
|
u8 bidx = idx & 0x7;
|
|
|
|
|
|
|
|
/* Decode one field value bit */
|
|
|
|
if (vcap_get_bit(stream, itr))
|
|
|
|
*value |= 1 << bidx;
|
|
|
|
vcap_iter_next(itr);
|
|
|
|
if (bidx == 7)
|
|
|
|
value++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Verify that the type id in the stream matches the type id of the keyset */
|
|
|
|
static bool vcap_verify_keystream_keyset(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
u32 *keystream,
|
|
|
|
u32 *mskstream,
|
|
|
|
enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
const struct vcap_info *vcap = &vctrl->vcaps[vt];
|
|
|
|
const struct vcap_field *typefld;
|
|
|
|
const struct vcap_typegroup *tgt;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
struct vcap_stream_iter iter;
|
|
|
|
const struct vcap_set *info;
|
|
|
|
u32 value = 0;
|
|
|
|
u32 mask = 0;
|
|
|
|
|
|
|
|
if (vcap_keyfield_count(vctrl, vt, keyset) == 0)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
info = vcap_keyfieldset(vctrl, vt, keyset);
|
|
|
|
/* Check that the keyset is valid */
|
|
|
|
if (!info)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* a type_id of value -1 means that there is no type field */
|
|
|
|
if (info->type_id == (u8)-1)
|
|
|
|
return true;
|
|
|
|
|
|
|
|
/* Get a valid typegroup for the specific keyset */
|
|
|
|
tgt = vcap_keyfield_typegroup(vctrl, vt, keyset);
|
|
|
|
if (!tgt)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
fields = vcap_keyfields(vctrl, vt, keyset);
|
|
|
|
if (!fields)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
typefld = &fields[VCAP_KF_TYPE];
|
|
|
|
vcap_iter_init(&iter, vcap->sw_width, tgt, typefld->offset);
|
|
|
|
vcap_decode_field(mskstream, &iter, typefld->width, (u8 *)&mask);
|
|
|
|
/* no type info if there are no mask bits */
|
|
|
|
if (vcap_bitarray_zero(typefld->width, (u8 *)&mask))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* Get the value of the type field in the stream and compare to the
|
|
|
|
* one define in the vcap keyset
|
|
|
|
*/
|
|
|
|
vcap_iter_init(&iter, vcap->sw_width, tgt, typefld->offset);
|
|
|
|
vcap_decode_field(keystream, &iter, typefld->width, (u8 *)&value);
|
|
|
|
|
|
|
|
return (value & mask) == (info->type_id & mask);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Verify that the typegroup bits have the correct values */
|
|
|
|
static int vcap_verify_typegroups(u32 *stream, int sw_width,
|
|
|
|
const struct vcap_typegroup *tgt, bool mask,
|
|
|
|
int sw_max)
|
|
|
|
{
|
|
|
|
struct vcap_stream_iter iter;
|
|
|
|
int sw_cnt, idx;
|
|
|
|
|
|
|
|
vcap_iter_set(&iter, sw_width, tgt, 0);
|
|
|
|
sw_cnt = 0;
|
|
|
|
while (iter.tg->width) {
|
|
|
|
u32 value = 0;
|
|
|
|
u32 tg_value = iter.tg->value;
|
|
|
|
|
|
|
|
if (mask)
|
|
|
|
tg_value = (1 << iter.tg->width) - 1;
|
|
|
|
/* Set position to current typegroup bit */
|
|
|
|
iter.offset = iter.tg->offset;
|
|
|
|
vcap_iter_update(&iter);
|
|
|
|
for (idx = 0; idx < iter.tg->width; idx++) {
|
|
|
|
/* Decode one typegroup bit */
|
|
|
|
if (vcap_get_bit(stream, &iter))
|
|
|
|
value |= 1 << idx;
|
|
|
|
iter.offset++;
|
|
|
|
vcap_iter_update(&iter);
|
|
|
|
}
|
|
|
|
if (value != tg_value)
|
|
|
|
return -EINVAL;
|
|
|
|
iter.tg++; /* next typegroup */
|
|
|
|
sw_cnt++;
|
|
|
|
/* Stop checking more typegroups */
|
|
|
|
if (sw_max && sw_cnt >= sw_max)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find the subword width of the key typegroup that matches the stream data */
|
|
|
|
static int vcap_find_keystream_typegroup_sw(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, u32 *stream,
|
|
|
|
bool mask, int sw_max)
|
|
|
|
{
|
|
|
|
const struct vcap_typegroup **tgt;
|
|
|
|
int sw_idx, res;
|
|
|
|
|
|
|
|
tgt = vctrl->vcaps[vt].keyfield_set_typegroups;
|
|
|
|
/* Try the longest subword match first */
|
|
|
|
for (sw_idx = vctrl->vcaps[vt].sw_count; sw_idx >= 0; sw_idx--) {
|
|
|
|
if (!tgt[sw_idx])
|
|
|
|
continue;
|
|
|
|
|
|
|
|
res = vcap_verify_typegroups(stream, vctrl->vcaps[vt].sw_width,
|
|
|
|
tgt[sw_idx], mask, sw_max);
|
|
|
|
if (res == 0)
|
|
|
|
return sw_idx;
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Verify that the typegroup information, subword count, keyset and type id
|
|
|
|
* are in sync and correct, return the list of matchin keysets
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
vcap_find_keystream_keysets(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
u32 *keystream,
|
|
|
|
u32 *mskstream,
|
|
|
|
bool mask, int sw_max,
|
|
|
|
struct vcap_keyset_list *kslist)
|
|
|
|
{
|
|
|
|
const struct vcap_set *keyfield_set;
|
|
|
|
int sw_count, idx;
|
|
|
|
|
|
|
|
sw_count = vcap_find_keystream_typegroup_sw(vctrl, vt, keystream, mask,
|
|
|
|
sw_max);
|
|
|
|
if (sw_count < 0)
|
|
|
|
return sw_count;
|
|
|
|
|
|
|
|
keyfield_set = vctrl->vcaps[vt].keyfield_set;
|
|
|
|
for (idx = 0; idx < vctrl->vcaps[vt].keyfield_set_size; ++idx) {
|
|
|
|
if (keyfield_set[idx].sw_per_item != sw_count)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (vcap_verify_keystream_keyset(vctrl, vt, keystream,
|
|
|
|
mskstream, idx))
|
|
|
|
vcap_keyset_list_add(kslist, idx);
|
|
|
|
}
|
|
|
|
if (kslist->cnt > 0)
|
|
|
|
return 0;
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_find_keystream_keysets);
|
|
|
|
|
|
|
|
/* Read key data from a VCAP address and discover if there are any rule keysets
|
|
|
|
* here
|
|
|
|
*/
|
|
|
|
int vcap_addr_keysets(struct vcap_control *vctrl,
|
|
|
|
struct net_device *ndev,
|
|
|
|
struct vcap_admin *admin,
|
|
|
|
int addr,
|
|
|
|
struct vcap_keyset_list *kslist)
|
|
|
|
{
|
|
|
|
enum vcap_type vt = admin->vtype;
|
|
|
|
int keyset_sw_regs, idx;
|
|
|
|
u32 key = 0, mask = 0;
|
|
|
|
|
|
|
|
/* Read the cache at the specified address */
|
|
|
|
keyset_sw_regs = DIV_ROUND_UP(vctrl->vcaps[vt].sw_width, 32);
|
|
|
|
vctrl->ops->update(ndev, admin, VCAP_CMD_READ, VCAP_SEL_ALL, addr);
|
|
|
|
vctrl->ops->cache_read(ndev, admin, VCAP_SEL_ENTRY, 0,
|
|
|
|
keyset_sw_regs);
|
|
|
|
/* Skip uninitialized key/mask entries */
|
|
|
|
for (idx = 0; idx < keyset_sw_regs; ++idx) {
|
|
|
|
key |= ~admin->cache.keystream[idx];
|
|
|
|
mask |= admin->cache.maskstream[idx];
|
|
|
|
}
|
|
|
|
if (key == 0 && mask == 0)
|
|
|
|
return -EINVAL;
|
|
|
|
/* Decode and locate the keysets */
|
|
|
|
return vcap_find_keystream_keysets(vctrl, vt, admin->cache.keystream,
|
|
|
|
admin->cache.maskstream, false, 0,
|
|
|
|
kslist);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_addr_keysets);
|
|
|
|
|
|
|
|
/* Return the list of keyfields for the keyset */
|
|
|
|
const struct vcap_field *vcap_keyfields(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
/* Check that the keyset exists in the vcap keyset list */
|
|
|
|
if (keyset >= vctrl->vcaps[vt].keyfield_set_size)
|
|
|
|
return NULL;
|
|
|
|
return vctrl->vcaps[vt].keyfield_set_map[keyset];
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the keyset information for the keyset */
|
|
|
|
const struct vcap_set *vcap_keyfieldset(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
const struct vcap_set *kset;
|
|
|
|
|
|
|
|
/* Check that the keyset exists in the vcap keyset list */
|
|
|
|
if (keyset >= vctrl->vcaps[vt].keyfield_set_size)
|
|
|
|
return NULL;
|
|
|
|
kset = &vctrl->vcaps[vt].keyfield_set[keyset];
|
|
|
|
if (kset->sw_per_item == 0 || kset->sw_per_item > vctrl->vcaps[vt].sw_count)
|
|
|
|
return NULL;
|
|
|
|
return kset;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_keyfieldset);
|
|
|
|
|
|
|
|
/* Return the typegroup table for the matching keyset (using subword size) */
|
|
|
|
const struct vcap_typegroup *
|
|
|
|
vcap_keyfield_typegroup(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
const struct vcap_set *kset = vcap_keyfieldset(vctrl, vt, keyset);
|
|
|
|
|
|
|
|
/* Check that the keyset is valid */
|
|
|
|
if (!kset)
|
|
|
|
return NULL;
|
|
|
|
return vctrl->vcaps[vt].keyfield_set_typegroups[kset->sw_per_item];
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the number of keyfields in the keyset */
|
|
|
|
int vcap_keyfield_count(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
/* Check that the keyset exists in the vcap keyset list */
|
|
|
|
if (keyset >= vctrl->vcaps[vt].keyfield_set_size)
|
|
|
|
return 0;
|
|
|
|
return vctrl->vcaps[vt].keyfield_set_map_size[keyset];
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_keyfield(struct vcap_rule_internal *ri,
|
|
|
|
const struct vcap_client_keyfield *kf,
|
|
|
|
const struct vcap_field *rf,
|
|
|
|
const struct vcap_typegroup *tgt)
|
|
|
|
{
|
|
|
|
int sw_width = ri->vctrl->vcaps[ri->admin->vtype].sw_width;
|
|
|
|
struct vcap_cache_data *cache = &ri->admin->cache;
|
|
|
|
struct vcap_stream_iter iter;
|
|
|
|
const u8 *value, *mask;
|
|
|
|
|
|
|
|
/* Encode the fields for the key and the mask in their respective
|
|
|
|
* streams, respecting the subword width.
|
|
|
|
*/
|
|
|
|
switch (kf->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
value = &kf->data.u1.value;
|
|
|
|
mask = &kf->data.u1.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
value = (const u8 *)&kf->data.u32.value;
|
|
|
|
mask = (const u8 *)&kf->data.u32.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
value = kf->data.u48.value;
|
|
|
|
mask = kf->data.u48.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
value = kf->data.u56.value;
|
|
|
|
mask = kf->data.u56.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
value = kf->data.u64.value;
|
|
|
|
mask = kf->data.u64.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
value = kf->data.u72.value;
|
|
|
|
mask = kf->data.u72.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
value = kf->data.u112.value;
|
|
|
|
mask = kf->data.u112.mask;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
value = kf->data.u128.value;
|
|
|
|
mask = kf->data.u128.mask;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
vcap_iter_init(&iter, sw_width, tgt, rf->offset);
|
|
|
|
vcap_encode_field(cache->keystream, &iter, rf->width, value);
|
|
|
|
vcap_iter_init(&iter, sw_width, tgt, rf->offset);
|
|
|
|
vcap_encode_field(cache->maskstream, &iter, rf->width, mask);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_keyfield_typegroups(struct vcap_control *vctrl,
|
|
|
|
struct vcap_rule_internal *ri,
|
|
|
|
const struct vcap_typegroup *tgt)
|
|
|
|
{
|
|
|
|
int sw_width = vctrl->vcaps[ri->admin->vtype].sw_width;
|
|
|
|
struct vcap_cache_data *cache = &ri->admin->cache;
|
|
|
|
|
|
|
|
/* Encode the typegroup bits for the key and the mask in their streams,
|
|
|
|
* respecting the subword width.
|
|
|
|
*/
|
|
|
|
vcap_encode_typegroups(cache->keystream, sw_width, tgt, false);
|
|
|
|
vcap_encode_typegroups(cache->maskstream, sw_width, tgt, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Copy data from src to dst but reverse the data in chunks of 32bits.
|
|
|
|
* For example if src is 00:11:22:33:44:55 where 55 is LSB the dst will
|
|
|
|
* have the value 22:33:44:55:00:11.
|
|
|
|
*/
|
|
|
|
static void vcap_copy_to_w32be(u8 *dst, const u8 *src, int size)
|
|
|
|
{
|
|
|
|
for (int idx = 0; idx < size; ++idx) {
|
|
|
|
int first_byte_index = 0;
|
|
|
|
int nidx;
|
|
|
|
|
|
|
|
first_byte_index = size - (((idx >> 2) + 1) << 2);
|
|
|
|
if (first_byte_index < 0)
|
|
|
|
first_byte_index = 0;
|
|
|
|
nidx = idx + first_byte_index - (idx & ~0x3);
|
|
|
|
dst[nidx] = src[idx];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
vcap_copy_from_client_keyfield(struct vcap_rule *rule,
|
|
|
|
struct vcap_client_keyfield *dst,
|
|
|
|
const struct vcap_client_keyfield *src)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
const struct vcap_client_keyfield_data *sdata;
|
|
|
|
struct vcap_client_keyfield_data *ddata;
|
|
|
|
int size;
|
|
|
|
|
|
|
|
dst->ctrl.type = src->ctrl.type;
|
|
|
|
dst->ctrl.key = src->ctrl.key;
|
|
|
|
INIT_LIST_HEAD(&dst->ctrl.list);
|
|
|
|
sdata = &src->data;
|
|
|
|
ddata = &dst->data;
|
|
|
|
|
|
|
|
if (!ri->admin->w32be) {
|
|
|
|
memcpy(ddata, sdata, sizeof(dst->data));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
size = keyfield_size_table[dst->ctrl.type] / 2;
|
|
|
|
|
|
|
|
switch (dst->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
memcpy(ddata, sdata, sizeof(dst->data));
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
vcap_copy_to_w32be(ddata->u48.value, src->data.u48.value, size);
|
|
|
|
vcap_copy_to_w32be(ddata->u48.mask, src->data.u48.mask, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
vcap_copy_to_w32be(ddata->u56.value, sdata->u56.value, size);
|
|
|
|
vcap_copy_to_w32be(ddata->u56.mask, sdata->u56.mask, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
vcap_copy_to_w32be(ddata->u64.value, sdata->u64.value, size);
|
|
|
|
vcap_copy_to_w32be(ddata->u64.mask, sdata->u64.mask, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
vcap_copy_to_w32be(ddata->u72.value, sdata->u72.value, size);
|
|
|
|
vcap_copy_to_w32be(ddata->u72.mask, sdata->u72.mask, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
vcap_copy_to_w32be(ddata->u112.value, sdata->u112.value, size);
|
|
|
|
vcap_copy_to_w32be(ddata->u112.mask, sdata->u112.mask, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
vcap_copy_to_w32be(ddata->u128.value, sdata->u128.value, size);
|
|
|
|
vcap_copy_to_w32be(ddata->u128.mask, sdata->u128.mask, size);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
vcap_copy_from_client_actionfield(struct vcap_rule *rule,
|
|
|
|
struct vcap_client_actionfield *dst,
|
|
|
|
const struct vcap_client_actionfield *src)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
const struct vcap_client_actionfield_data *sdata;
|
|
|
|
struct vcap_client_actionfield_data *ddata;
|
|
|
|
int size;
|
|
|
|
|
|
|
|
dst->ctrl.type = src->ctrl.type;
|
|
|
|
dst->ctrl.action = src->ctrl.action;
|
|
|
|
INIT_LIST_HEAD(&dst->ctrl.list);
|
|
|
|
sdata = &src->data;
|
|
|
|
ddata = &dst->data;
|
|
|
|
|
|
|
|
if (!ri->admin->w32be) {
|
|
|
|
memcpy(ddata, sdata, sizeof(dst->data));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
size = actionfield_size_table[dst->ctrl.type];
|
|
|
|
|
|
|
|
switch (dst->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
memcpy(ddata, sdata, sizeof(dst->data));
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
vcap_copy_to_w32be(ddata->u48.value, sdata->u48.value, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
vcap_copy_to_w32be(ddata->u56.value, sdata->u56.value, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
vcap_copy_to_w32be(ddata->u64.value, sdata->u64.value, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
vcap_copy_to_w32be(ddata->u72.value, sdata->u72.value, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
vcap_copy_to_w32be(ddata->u112.value, sdata->u112.value, size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
vcap_copy_to_w32be(ddata->u128.value, sdata->u128.value, size);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_encode_rule_keyset(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
const struct vcap_client_keyfield *ckf;
|
|
|
|
const struct vcap_typegroup *tg_table;
|
|
|
|
struct vcap_client_keyfield tempkf;
|
|
|
|
const struct vcap_field *kf_table;
|
|
|
|
int keyset_size;
|
|
|
|
|
|
|
|
/* Get a valid set of fields for the specific keyset */
|
|
|
|
kf_table = vcap_keyfields(ri->vctrl, ri->admin->vtype, ri->data.keyset);
|
|
|
|
if (!kf_table) {
|
|
|
|
pr_err("%s:%d: no fields available for this keyset: %d\n",
|
|
|
|
__func__, __LINE__, ri->data.keyset);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Get a valid typegroup for the specific keyset */
|
|
|
|
tg_table = vcap_keyfield_typegroup(ri->vctrl, ri->admin->vtype,
|
|
|
|
ri->data.keyset);
|
|
|
|
if (!tg_table) {
|
|
|
|
pr_err("%s:%d: no typegroups available for this keyset: %d\n",
|
|
|
|
__func__, __LINE__, ri->data.keyset);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Get a valid size for the specific keyset */
|
|
|
|
keyset_size = vcap_keyfield_count(ri->vctrl, ri->admin->vtype,
|
|
|
|
ri->data.keyset);
|
|
|
|
if (keyset_size == 0) {
|
|
|
|
pr_err("%s:%d: zero field count for this keyset: %d\n",
|
|
|
|
__func__, __LINE__, ri->data.keyset);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Iterate over the keyfields (key, mask) in the rule
|
|
|
|
* and encode these bits
|
|
|
|
*/
|
|
|
|
if (list_empty(&ri->data.keyfields)) {
|
|
|
|
pr_err("%s:%d: no keyfields in the rule\n", __func__, __LINE__);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list) {
|
|
|
|
/* Check that the client entry exists in the keyset */
|
|
|
|
if (ckf->ctrl.key >= keyset_size) {
|
|
|
|
pr_err("%s:%d: key %d is not in vcap\n",
|
|
|
|
__func__, __LINE__, ckf->ctrl.key);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
vcap_copy_from_client_keyfield(&ri->data, &tempkf, ckf);
|
|
|
|
vcap_encode_keyfield(ri, &tempkf, &kf_table[ckf->ctrl.key],
|
|
|
|
tg_table);
|
|
|
|
}
|
|
|
|
/* Add typegroup bits to the key/mask bitstreams */
|
|
|
|
vcap_encode_keyfield_typegroups(ri->vctrl, ri, tg_table);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the list of actionfields for the actionset */
|
|
|
|
const struct vcap_field *
|
|
|
|
vcap_actionfields(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
/* Check that the actionset exists in the vcap actionset list */
|
|
|
|
if (actionset >= vctrl->vcaps[vt].actionfield_set_size)
|
|
|
|
return NULL;
|
|
|
|
return vctrl->vcaps[vt].actionfield_set_map[actionset];
|
|
|
|
}
|
|
|
|
|
|
|
|
const struct vcap_set *
|
|
|
|
vcap_actionfieldset(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
const struct vcap_set *aset;
|
|
|
|
|
|
|
|
/* Check that the actionset exists in the vcap actionset list */
|
|
|
|
if (actionset >= vctrl->vcaps[vt].actionfield_set_size)
|
|
|
|
return NULL;
|
|
|
|
aset = &vctrl->vcaps[vt].actionfield_set[actionset];
|
|
|
|
if (aset->sw_per_item == 0 || aset->sw_per_item > vctrl->vcaps[vt].sw_count)
|
|
|
|
return NULL;
|
|
|
|
return aset;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the typegroup table for the matching actionset (using subword size) */
|
|
|
|
const struct vcap_typegroup *
|
|
|
|
vcap_actionfield_typegroup(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
const struct vcap_set *aset = vcap_actionfieldset(vctrl, vt, actionset);
|
|
|
|
|
|
|
|
/* Check that the actionset is valid */
|
|
|
|
if (!aset)
|
|
|
|
return NULL;
|
|
|
|
return vctrl->vcaps[vt].actionfield_set_typegroups[aset->sw_per_item];
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the number of actionfields in the actionset */
|
|
|
|
int vcap_actionfield_count(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
/* Check that the actionset exists in the vcap actionset list */
|
|
|
|
if (actionset >= vctrl->vcaps[vt].actionfield_set_size)
|
|
|
|
return 0;
|
|
|
|
return vctrl->vcaps[vt].actionfield_set_map_size[actionset];
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_actionfield(struct vcap_rule_internal *ri,
|
|
|
|
const struct vcap_client_actionfield *af,
|
|
|
|
const struct vcap_field *rf,
|
|
|
|
const struct vcap_typegroup *tgt)
|
|
|
|
{
|
|
|
|
int act_width = ri->vctrl->vcaps[ri->admin->vtype].act_width;
|
|
|
|
|
|
|
|
struct vcap_cache_data *cache = &ri->admin->cache;
|
|
|
|
struct vcap_stream_iter iter;
|
|
|
|
const u8 *value;
|
|
|
|
|
|
|
|
/* Encode the action field in the stream, respecting the subword width */
|
|
|
|
switch (af->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
value = &af->data.u1.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
value = (const u8 *)&af->data.u32.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
value = af->data.u48.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
value = af->data.u56.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
value = af->data.u64.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
value = af->data.u72.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
value = af->data.u112.value;
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
value = af->data.u128.value;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
vcap_iter_init(&iter, act_width, tgt, rf->offset);
|
|
|
|
vcap_encode_field(cache->actionstream, &iter, rf->width, value);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_encode_actionfield_typegroups(struct vcap_rule_internal *ri,
|
|
|
|
const struct vcap_typegroup *tgt)
|
|
|
|
{
|
|
|
|
int sw_width = ri->vctrl->vcaps[ri->admin->vtype].act_width;
|
|
|
|
struct vcap_cache_data *cache = &ri->admin->cache;
|
|
|
|
|
|
|
|
/* Encode the typegroup bits for the actionstream respecting the subword
|
|
|
|
* width.
|
|
|
|
*/
|
|
|
|
vcap_encode_typegroups(cache->actionstream, sw_width, tgt, false);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_encode_rule_actionset(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
const struct vcap_client_actionfield *caf;
|
|
|
|
const struct vcap_typegroup *tg_table;
|
|
|
|
struct vcap_client_actionfield tempaf;
|
|
|
|
const struct vcap_field *af_table;
|
|
|
|
int actionset_size;
|
|
|
|
|
|
|
|
/* Get a valid set of actionset fields for the specific actionset */
|
|
|
|
af_table = vcap_actionfields(ri->vctrl, ri->admin->vtype,
|
|
|
|
ri->data.actionset);
|
|
|
|
if (!af_table) {
|
|
|
|
pr_err("%s:%d: no fields available for this actionset: %d\n",
|
|
|
|
__func__, __LINE__, ri->data.actionset);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Get a valid typegroup for the specific actionset */
|
|
|
|
tg_table = vcap_actionfield_typegroup(ri->vctrl, ri->admin->vtype,
|
|
|
|
ri->data.actionset);
|
|
|
|
if (!tg_table) {
|
|
|
|
pr_err("%s:%d: no typegroups available for this actionset: %d\n",
|
|
|
|
__func__, __LINE__, ri->data.actionset);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Get a valid actionset size for the specific actionset */
|
|
|
|
actionset_size = vcap_actionfield_count(ri->vctrl, ri->admin->vtype,
|
|
|
|
ri->data.actionset);
|
|
|
|
if (actionset_size == 0) {
|
|
|
|
pr_err("%s:%d: zero field count for this actionset: %d\n",
|
|
|
|
__func__, __LINE__, ri->data.actionset);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Iterate over the actionfields in the rule
|
|
|
|
* and encode these bits
|
|
|
|
*/
|
|
|
|
if (list_empty(&ri->data.actionfields))
|
|
|
|
pr_warn("%s:%d: no actionfields in the rule\n",
|
|
|
|
__func__, __LINE__);
|
|
|
|
list_for_each_entry(caf, &ri->data.actionfields, ctrl.list) {
|
|
|
|
/* Check that the client action exists in the actionset */
|
|
|
|
if (caf->ctrl.action >= actionset_size) {
|
|
|
|
pr_err("%s:%d: action %d is not in vcap\n",
|
|
|
|
__func__, __LINE__, caf->ctrl.action);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
vcap_copy_from_client_actionfield(&ri->data, &tempaf, caf);
|
|
|
|
vcap_encode_actionfield(ri, &tempaf,
|
|
|
|
&af_table[caf->ctrl.action], tg_table);
|
|
|
|
}
|
|
|
|
/* Add typegroup bits to the entry bitstreams */
|
|
|
|
vcap_encode_actionfield_typegroups(ri, tg_table);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_encode_rule(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_encode_rule_keyset(ri);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
err = vcap_encode_rule_actionset(ri);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int vcap_api_check(struct vcap_control *ctrl)
|
|
|
|
{
|
|
|
|
if (!ctrl) {
|
|
|
|
pr_err("%s:%d: vcap control is missing\n", __func__, __LINE__);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
if (!ctrl->ops || !ctrl->ops->validate_keyset ||
|
|
|
|
!ctrl->ops->add_default_fields || !ctrl->ops->cache_erase ||
|
|
|
|
!ctrl->ops->cache_write || !ctrl->ops->cache_read ||
|
|
|
|
!ctrl->ops->init || !ctrl->ops->update || !ctrl->ops->move ||
|
|
|
|
!ctrl->ops->port_info) {
|
|
|
|
pr_err("%s:%d: client operations are missing\n",
|
|
|
|
__func__, __LINE__);
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
void vcap_erase_cache(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
ri->vctrl->ops->cache_erase(ri->admin);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Update the keyset for the rule */
|
|
|
|
int vcap_set_rule_set_keyset(struct vcap_rule *rule,
|
|
|
|
enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
const struct vcap_set *kset;
|
|
|
|
int sw_width;
|
|
|
|
|
|
|
|
kset = vcap_keyfieldset(ri->vctrl, ri->admin->vtype, keyset);
|
|
|
|
/* Check that the keyset is valid */
|
|
|
|
if (!kset)
|
|
|
|
return -EINVAL;
|
|
|
|
ri->keyset_sw = kset->sw_per_item;
|
|
|
|
sw_width = ri->vctrl->vcaps[ri->admin->vtype].sw_width;
|
|
|
|
ri->keyset_sw_regs = DIV_ROUND_UP(sw_width, 32);
|
|
|
|
ri->data.keyset = keyset;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_set_rule_set_keyset);
|
|
|
|
|
|
|
|
/* Update the actionset for the rule */
|
|
|
|
int vcap_set_rule_set_actionset(struct vcap_rule *rule,
|
|
|
|
enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
const struct vcap_set *aset;
|
|
|
|
int act_width;
|
|
|
|
|
|
|
|
aset = vcap_actionfieldset(ri->vctrl, ri->admin->vtype, actionset);
|
|
|
|
/* Check that the actionset is valid */
|
|
|
|
if (!aset)
|
|
|
|
return -EINVAL;
|
|
|
|
ri->actionset_sw = aset->sw_per_item;
|
|
|
|
act_width = ri->vctrl->vcaps[ri->admin->vtype].act_width;
|
|
|
|
ri->actionset_sw_regs = DIV_ROUND_UP(act_width, 32);
|
|
|
|
ri->data.actionset = actionset;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_set_rule_set_actionset);
|
|
|
|
|
|
|
|
/* Check if a rule with this id exists */
|
|
|
|
static bool vcap_rule_exists(struct vcap_control *vctrl, u32 id)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
/* Look for the rule id in all vcaps */
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list)
|
|
|
|
list_for_each_entry(ri, &admin->rules, list)
|
|
|
|
if (ri->data.id == id)
|
|
|
|
return true;
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find a rule with a provided rule id return a locked vcap */
|
|
|
|
static struct vcap_rule_internal *
|
|
|
|
vcap_get_locked_rule(struct vcap_control *vctrl, u32 id)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
/* Look for the rule id in all vcaps */
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_for_each_entry(ri, &admin->rules, list)
|
|
|
|
if (ri->data.id == id)
|
|
|
|
return ri;
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find a rule id with a provided cookie */
|
|
|
|
int vcap_lookup_rule_by_cookie(struct vcap_control *vctrl, u64 cookie)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int id = 0;
|
|
|
|
|
|
|
|
/* Look for the rule id in all vcaps */
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_for_each_entry(ri, &admin->rules, list) {
|
|
|
|
if (ri->data.cookie == cookie) {
|
|
|
|
id = ri->data.id;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
if (id)
|
|
|
|
return id;
|
|
|
|
}
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_lookup_rule_by_cookie);
|
|
|
|
|
2023-10-24 12:59:35 +02:00
|
|
|
/* Get number of rules in a vcap instance lookup chain id range */
|
|
|
|
int vcap_admin_rule_count(struct vcap_admin *admin, int cid)
|
|
|
|
{
|
|
|
|
int max_cid = roundup(cid + 1, VCAP_CID_LOOKUP_SIZE);
|
|
|
|
int min_cid = rounddown(cid, VCAP_CID_LOOKUP_SIZE);
|
|
|
|
struct vcap_rule_internal *elem;
|
|
|
|
int count = 0;
|
|
|
|
|
|
|
|
list_for_each_entry(elem, &admin->rules, list) {
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
if (elem->data.vcap_chain_id >= min_cid &&
|
|
|
|
elem->data.vcap_chain_id < max_cid)
|
|
|
|
++count;
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_admin_rule_count);
|
|
|
|
|
2023-08-30 17:31:07 +02:00
|
|
|
/* Make a copy of the rule, shallow or full */
|
|
|
|
static struct vcap_rule_internal *vcap_dup_rule(struct vcap_rule_internal *ri,
|
|
|
|
bool full)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield *caf, *newcaf;
|
|
|
|
struct vcap_client_keyfield *ckf, *newckf;
|
|
|
|
struct vcap_rule_internal *duprule;
|
|
|
|
|
|
|
|
/* Allocate the client part */
|
|
|
|
duprule = kzalloc(sizeof(*duprule), GFP_KERNEL);
|
|
|
|
if (!duprule)
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
*duprule = *ri;
|
|
|
|
/* Not inserted in the VCAP */
|
|
|
|
INIT_LIST_HEAD(&duprule->list);
|
|
|
|
/* No elements in these lists */
|
|
|
|
INIT_LIST_HEAD(&duprule->data.keyfields);
|
|
|
|
INIT_LIST_HEAD(&duprule->data.actionfields);
|
|
|
|
|
|
|
|
/* A full rule copy includes keys and actions */
|
|
|
|
if (!full)
|
|
|
|
return duprule;
|
|
|
|
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list) {
|
|
|
|
newckf = kmemdup(ckf, sizeof(*newckf), GFP_KERNEL);
|
|
|
|
if (!newckf)
|
2023-10-24 12:59:35 +02:00
|
|
|
goto err;
|
2023-08-30 17:31:07 +02:00
|
|
|
list_add_tail(&newckf->ctrl.list, &duprule->data.keyfields);
|
|
|
|
}
|
|
|
|
|
|
|
|
list_for_each_entry(caf, &ri->data.actionfields, ctrl.list) {
|
|
|
|
newcaf = kmemdup(caf, sizeof(*newcaf), GFP_KERNEL);
|
|
|
|
if (!newcaf)
|
2023-10-24 12:59:35 +02:00
|
|
|
goto err;
|
2023-08-30 17:31:07 +02:00
|
|
|
list_add_tail(&newcaf->ctrl.list, &duprule->data.actionfields);
|
|
|
|
}
|
|
|
|
|
|
|
|
return duprule;
|
2023-10-24 12:59:35 +02:00
|
|
|
|
|
|
|
err:
|
|
|
|
list_for_each_entry_safe(ckf, newckf, &duprule->data.keyfields, ctrl.list) {
|
|
|
|
list_del(&ckf->ctrl.list);
|
|
|
|
kfree(ckf);
|
|
|
|
}
|
|
|
|
|
|
|
|
list_for_each_entry_safe(caf, newcaf, &duprule->data.actionfields, ctrl.list) {
|
|
|
|
list_del(&caf->ctrl.list);
|
|
|
|
kfree(caf);
|
|
|
|
}
|
|
|
|
|
|
|
|
kfree(duprule);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
2023-08-30 17:31:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_apply_width(u8 *dst, int width, int bytes)
|
|
|
|
{
|
|
|
|
u8 bmask;
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
for (idx = 0; idx < bytes; idx++) {
|
|
|
|
if (width > 0)
|
|
|
|
if (width < 8)
|
|
|
|
bmask = (1 << width) - 1;
|
|
|
|
else
|
|
|
|
bmask = ~0;
|
|
|
|
else
|
|
|
|
bmask = 0;
|
|
|
|
dst[idx] &= bmask;
|
|
|
|
width -= 8;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_from_w32be(u8 *dst, u8 *src, int size, int width)
|
|
|
|
{
|
|
|
|
int idx, ridx, wstart, nidx;
|
|
|
|
int tail_bytes = (((size + 4) >> 2) << 2) - size;
|
|
|
|
|
|
|
|
for (idx = 0, ridx = size - 1; idx < size; ++idx, --ridx) {
|
|
|
|
wstart = (idx >> 2) << 2;
|
|
|
|
nidx = wstart + 3 - (idx & 0x3);
|
|
|
|
if (nidx >= size)
|
|
|
|
nidx -= tail_bytes;
|
|
|
|
dst[nidx] = src[ridx];
|
|
|
|
}
|
|
|
|
|
|
|
|
vcap_apply_width(dst, width, size);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_action_bit_field(struct vcap_u1_action *field, u8 *value)
|
|
|
|
{
|
|
|
|
field->value = (*value) & 0x1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_limited_actionfield(u8 *dstvalue, u8 *srcvalue,
|
|
|
|
int width, int bytes)
|
|
|
|
{
|
|
|
|
memcpy(dstvalue, srcvalue, bytes);
|
|
|
|
vcap_apply_width(dstvalue, width, bytes);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_to_client_actionfield(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_client_actionfield *field,
|
|
|
|
u8 *value, u16 width)
|
|
|
|
{
|
|
|
|
int field_size = actionfield_size_table[field->ctrl.type];
|
|
|
|
|
|
|
|
if (ri->admin->w32be) {
|
|
|
|
switch (field->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
vcap_copy_action_bit_field(&field->data.u1, value);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
vcap_copy_limited_actionfield((u8 *)&field->data.u32.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
vcap_copy_from_w32be(field->data.u48.value, value,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
vcap_copy_from_w32be(field->data.u56.value, value,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
vcap_copy_from_w32be(field->data.u64.value, value,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
vcap_copy_from_w32be(field->data.u72.value, value,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
vcap_copy_from_w32be(field->data.u112.value, value,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
vcap_copy_from_w32be(field->data.u128.value, value,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
2023-10-24 12:59:35 +02:00
|
|
|
}
|
2023-08-30 17:31:07 +02:00
|
|
|
} else {
|
|
|
|
switch (field->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
vcap_copy_action_bit_field(&field->data.u1, value);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
vcap_copy_limited_actionfield((u8 *)&field->data.u32.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
vcap_copy_limited_actionfield(field->data.u48.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
vcap_copy_limited_actionfield(field->data.u56.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
vcap_copy_limited_actionfield(field->data.u64.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
vcap_copy_limited_actionfield(field->data.u72.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
vcap_copy_limited_actionfield(field->data.u112.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
vcap_copy_limited_actionfield(field->data.u128.value,
|
|
|
|
value,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
2023-10-24 12:59:35 +02:00
|
|
|
}
|
2023-08-30 17:31:07 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_key_bit_field(struct vcap_u1_key *field,
|
|
|
|
u8 *value, u8 *mask)
|
|
|
|
{
|
|
|
|
field->value = (*value) & 0x1;
|
|
|
|
field->mask = (*mask) & 0x1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_limited_keyfield(u8 *dstvalue, u8 *dstmask,
|
|
|
|
u8 *srcvalue, u8 *srcmask,
|
|
|
|
int width, int bytes)
|
|
|
|
{
|
|
|
|
memcpy(dstvalue, srcvalue, bytes);
|
|
|
|
vcap_apply_width(dstvalue, width, bytes);
|
|
|
|
memcpy(dstmask, srcmask, bytes);
|
|
|
|
vcap_apply_width(dstmask, width, bytes);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_copy_to_client_keyfield(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_client_keyfield *field,
|
|
|
|
u8 *value, u8 *mask, u16 width)
|
|
|
|
{
|
|
|
|
int field_size = keyfield_size_table[field->ctrl.type] / 2;
|
|
|
|
|
|
|
|
if (ri->admin->w32be) {
|
|
|
|
switch (field->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
vcap_copy_key_bit_field(&field->data.u1, value, mask);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
vcap_copy_limited_keyfield((u8 *)&field->data.u32.value,
|
|
|
|
(u8 *)&field->data.u32.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
vcap_copy_from_w32be(field->data.u48.value, value,
|
|
|
|
field_size, width);
|
|
|
|
vcap_copy_from_w32be(field->data.u48.mask, mask,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
vcap_copy_from_w32be(field->data.u56.value, value,
|
|
|
|
field_size, width);
|
|
|
|
vcap_copy_from_w32be(field->data.u56.mask, mask,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
vcap_copy_from_w32be(field->data.u64.value, value,
|
|
|
|
field_size, width);
|
|
|
|
vcap_copy_from_w32be(field->data.u64.mask, mask,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
vcap_copy_from_w32be(field->data.u72.value, value,
|
|
|
|
field_size, width);
|
|
|
|
vcap_copy_from_w32be(field->data.u72.mask, mask,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
vcap_copy_from_w32be(field->data.u112.value, value,
|
|
|
|
field_size, width);
|
|
|
|
vcap_copy_from_w32be(field->data.u112.mask, mask,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
vcap_copy_from_w32be(field->data.u128.value, value,
|
|
|
|
field_size, width);
|
|
|
|
vcap_copy_from_w32be(field->data.u128.mask, mask,
|
|
|
|
field_size, width);
|
|
|
|
break;
|
2023-10-24 12:59:35 +02:00
|
|
|
}
|
2023-08-30 17:31:07 +02:00
|
|
|
} else {
|
|
|
|
switch (field->ctrl.type) {
|
|
|
|
case VCAP_FIELD_BIT:
|
|
|
|
vcap_copy_key_bit_field(&field->data.u1, value, mask);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U32:
|
|
|
|
vcap_copy_limited_keyfield((u8 *)&field->data.u32.value,
|
|
|
|
(u8 *)&field->data.u32.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U48:
|
|
|
|
vcap_copy_limited_keyfield(field->data.u48.value,
|
|
|
|
field->data.u48.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U56:
|
|
|
|
vcap_copy_limited_keyfield(field->data.u56.value,
|
|
|
|
field->data.u56.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U64:
|
|
|
|
vcap_copy_limited_keyfield(field->data.u64.value,
|
|
|
|
field->data.u64.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U72:
|
|
|
|
vcap_copy_limited_keyfield(field->data.u72.value,
|
|
|
|
field->data.u72.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U112:
|
|
|
|
vcap_copy_limited_keyfield(field->data.u112.value,
|
|
|
|
field->data.u112.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
|
|
|
case VCAP_FIELD_U128:
|
|
|
|
vcap_copy_limited_keyfield(field->data.u128.value,
|
|
|
|
field->data.u128.mask,
|
|
|
|
value, mask,
|
|
|
|
width, field_size);
|
|
|
|
break;
|
2023-10-24 12:59:35 +02:00
|
|
|
}
|
2023-08-30 17:31:07 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_rule_alloc_keyfield(struct vcap_rule_internal *ri,
|
|
|
|
const struct vcap_field *keyfield,
|
|
|
|
enum vcap_key_field key,
|
|
|
|
u8 *value, u8 *mask)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield *field;
|
|
|
|
|
|
|
|
field = kzalloc(sizeof(*field), GFP_KERNEL);
|
|
|
|
if (!field)
|
|
|
|
return;
|
|
|
|
INIT_LIST_HEAD(&field->ctrl.list);
|
|
|
|
field->ctrl.key = key;
|
|
|
|
field->ctrl.type = keyfield->type;
|
|
|
|
vcap_copy_to_client_keyfield(ri, field, value, mask, keyfield->width);
|
|
|
|
list_add_tail(&field->ctrl.list, &ri->data.keyfields);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Read key data from a VCAP address and discover if there is a rule keyset
|
|
|
|
* here
|
|
|
|
*/
|
|
|
|
static bool
|
|
|
|
vcap_verify_actionstream_actionset(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
u32 *actionstream,
|
|
|
|
enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
const struct vcap_typegroup *tgt;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
const struct vcap_set *info;
|
|
|
|
|
|
|
|
if (vcap_actionfield_count(vctrl, vt, actionset) == 0)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
info = vcap_actionfieldset(vctrl, vt, actionset);
|
|
|
|
/* Check that the actionset is valid */
|
|
|
|
if (!info)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* a type_id of value -1 means that there is no type field */
|
|
|
|
if (info->type_id == (u8)-1)
|
|
|
|
return true;
|
|
|
|
|
|
|
|
/* Get a valid typegroup for the specific actionset */
|
|
|
|
tgt = vcap_actionfield_typegroup(vctrl, vt, actionset);
|
|
|
|
if (!tgt)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
fields = vcap_actionfields(vctrl, vt, actionset);
|
|
|
|
if (!fields)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* Later this will be expanded with a check of the type id */
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find the subword width of the action typegroup that matches the stream data
|
|
|
|
*/
|
|
|
|
static int vcap_find_actionstream_typegroup_sw(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt, u32 *stream,
|
|
|
|
int sw_max)
|
|
|
|
{
|
|
|
|
const struct vcap_typegroup **tgt;
|
|
|
|
int sw_idx, res;
|
|
|
|
|
|
|
|
tgt = vctrl->vcaps[vt].actionfield_set_typegroups;
|
|
|
|
/* Try the longest subword match first */
|
|
|
|
for (sw_idx = vctrl->vcaps[vt].sw_count; sw_idx >= 0; sw_idx--) {
|
|
|
|
if (!tgt[sw_idx])
|
|
|
|
continue;
|
|
|
|
res = vcap_verify_typegroups(stream, vctrl->vcaps[vt].act_width,
|
|
|
|
tgt[sw_idx], false, sw_max);
|
|
|
|
if (res == 0)
|
|
|
|
return sw_idx;
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Verify that the typegroup information, subword count, actionset and type id
|
|
|
|
* are in sync and correct, return the actionset
|
|
|
|
*/
|
|
|
|
static enum vcap_actionfield_set
|
|
|
|
vcap_find_actionstream_actionset(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vt,
|
|
|
|
u32 *stream,
|
|
|
|
int sw_max)
|
|
|
|
{
|
|
|
|
const struct vcap_set *actionfield_set;
|
|
|
|
int sw_count, idx;
|
|
|
|
bool res;
|
|
|
|
|
|
|
|
sw_count = vcap_find_actionstream_typegroup_sw(vctrl, vt, stream,
|
|
|
|
sw_max);
|
|
|
|
if (sw_count < 0)
|
|
|
|
return sw_count;
|
|
|
|
|
|
|
|
actionfield_set = vctrl->vcaps[vt].actionfield_set;
|
|
|
|
for (idx = 0; idx < vctrl->vcaps[vt].actionfield_set_size; ++idx) {
|
|
|
|
if (actionfield_set[idx].sw_per_item != sw_count)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
res = vcap_verify_actionstream_actionset(vctrl, vt,
|
|
|
|
stream, idx);
|
|
|
|
if (res)
|
|
|
|
return idx;
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Store action value in an element in a list for the client */
|
|
|
|
static void vcap_rule_alloc_actionfield(struct vcap_rule_internal *ri,
|
|
|
|
const struct vcap_field *actionfield,
|
|
|
|
enum vcap_action_field action,
|
|
|
|
u8 *value)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield *field;
|
|
|
|
|
|
|
|
field = kzalloc(sizeof(*field), GFP_KERNEL);
|
|
|
|
if (!field)
|
|
|
|
return;
|
|
|
|
INIT_LIST_HEAD(&field->ctrl.list);
|
|
|
|
field->ctrl.action = action;
|
|
|
|
field->ctrl.type = actionfield->type;
|
|
|
|
vcap_copy_to_client_actionfield(ri, field, value, actionfield->width);
|
|
|
|
list_add_tail(&field->ctrl.list, &ri->data.actionfields);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_decode_actionset(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
struct vcap_control *vctrl = ri->vctrl;
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
const struct vcap_field *actionfield;
|
|
|
|
enum vcap_actionfield_set actionset;
|
|
|
|
enum vcap_type vt = admin->vtype;
|
|
|
|
const struct vcap_typegroup *tgt;
|
|
|
|
struct vcap_stream_iter iter;
|
|
|
|
int idx, res, actfield_count;
|
|
|
|
u32 *actstream;
|
|
|
|
u8 value[16];
|
|
|
|
|
|
|
|
actstream = admin->cache.actionstream;
|
|
|
|
res = vcap_find_actionstream_actionset(vctrl, vt, actstream, 0);
|
|
|
|
if (res < 0) {
|
|
|
|
pr_err("%s:%d: could not find valid actionset: %d\n",
|
|
|
|
__func__, __LINE__, res);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
actionset = res;
|
|
|
|
actfield_count = vcap_actionfield_count(vctrl, vt, actionset);
|
|
|
|
actionfield = vcap_actionfields(vctrl, vt, actionset);
|
|
|
|
tgt = vcap_actionfield_typegroup(vctrl, vt, actionset);
|
|
|
|
/* Start decoding the stream */
|
|
|
|
for (idx = 0; idx < actfield_count; ++idx) {
|
|
|
|
if (actionfield[idx].width <= 0)
|
|
|
|
continue;
|
|
|
|
/* Get the action */
|
|
|
|
memset(value, 0, DIV_ROUND_UP(actionfield[idx].width, 8));
|
|
|
|
vcap_iter_init(&iter, vctrl->vcaps[vt].act_width, tgt,
|
|
|
|
actionfield[idx].offset);
|
|
|
|
vcap_decode_field(actstream, &iter, actionfield[idx].width,
|
|
|
|
value);
|
|
|
|
/* Skip if no bits are set */
|
|
|
|
if (vcap_bitarray_zero(actionfield[idx].width, value))
|
|
|
|
continue;
|
|
|
|
vcap_rule_alloc_actionfield(ri, &actionfield[idx], idx, value);
|
|
|
|
/* Later the action id will also be checked */
|
|
|
|
}
|
|
|
|
return vcap_set_rule_set_actionset((struct vcap_rule *)ri, actionset);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_decode_keyset(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
struct vcap_control *vctrl = ri->vctrl;
|
|
|
|
struct vcap_stream_iter kiter, miter;
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
enum vcap_keyfield_set keysets[10];
|
|
|
|
const struct vcap_field *keyfield;
|
|
|
|
enum vcap_type vt = admin->vtype;
|
|
|
|
const struct vcap_typegroup *tgt;
|
|
|
|
struct vcap_keyset_list matches;
|
|
|
|
enum vcap_keyfield_set keyset;
|
|
|
|
int idx, res, keyfield_count;
|
|
|
|
u32 *maskstream;
|
|
|
|
u32 *keystream;
|
|
|
|
u8 value[16];
|
|
|
|
u8 mask[16];
|
|
|
|
|
|
|
|
keystream = admin->cache.keystream;
|
|
|
|
maskstream = admin->cache.maskstream;
|
|
|
|
matches.keysets = keysets;
|
|
|
|
matches.cnt = 0;
|
|
|
|
matches.max = ARRAY_SIZE(keysets);
|
|
|
|
res = vcap_find_keystream_keysets(vctrl, vt, keystream, maskstream,
|
|
|
|
false, 0, &matches);
|
|
|
|
if (res < 0) {
|
|
|
|
pr_err("%s:%d: could not find valid keysets: %d\n",
|
|
|
|
__func__, __LINE__, res);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
keyset = matches.keysets[0];
|
|
|
|
keyfield_count = vcap_keyfield_count(vctrl, vt, keyset);
|
|
|
|
keyfield = vcap_keyfields(vctrl, vt, keyset);
|
|
|
|
tgt = vcap_keyfield_typegroup(vctrl, vt, keyset);
|
|
|
|
/* Start decoding the streams */
|
|
|
|
for (idx = 0; idx < keyfield_count; ++idx) {
|
|
|
|
if (keyfield[idx].width <= 0)
|
|
|
|
continue;
|
|
|
|
/* First get the mask */
|
|
|
|
memset(mask, 0, DIV_ROUND_UP(keyfield[idx].width, 8));
|
|
|
|
vcap_iter_init(&miter, vctrl->vcaps[vt].sw_width, tgt,
|
|
|
|
keyfield[idx].offset);
|
|
|
|
vcap_decode_field(maskstream, &miter, keyfield[idx].width,
|
|
|
|
mask);
|
|
|
|
/* Skip if no mask bits are set */
|
|
|
|
if (vcap_bitarray_zero(keyfield[idx].width, mask))
|
|
|
|
continue;
|
|
|
|
/* Get the key */
|
|
|
|
memset(value, 0, DIV_ROUND_UP(keyfield[idx].width, 8));
|
|
|
|
vcap_iter_init(&kiter, vctrl->vcaps[vt].sw_width, tgt,
|
|
|
|
keyfield[idx].offset);
|
|
|
|
vcap_decode_field(keystream, &kiter, keyfield[idx].width,
|
|
|
|
value);
|
|
|
|
vcap_rule_alloc_keyfield(ri, &keyfield[idx], idx, value, mask);
|
|
|
|
}
|
|
|
|
return vcap_set_rule_set_keyset((struct vcap_rule *)ri, keyset);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Read VCAP content into the VCAP cache */
|
|
|
|
static int vcap_read_rule(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
int sw_idx, ent_idx = 0, act_idx = 0;
|
|
|
|
u32 addr = ri->addr;
|
|
|
|
|
|
|
|
if (!ri->size || !ri->keyset_sw_regs || !ri->actionset_sw_regs) {
|
|
|
|
pr_err("%s:%d: rule is empty\n", __func__, __LINE__);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
vcap_erase_cache(ri);
|
|
|
|
/* Use the values in the streams to read the VCAP cache */
|
|
|
|
for (sw_idx = 0; sw_idx < ri->size; sw_idx++, addr++) {
|
|
|
|
ri->vctrl->ops->update(ri->ndev, admin, VCAP_CMD_READ,
|
|
|
|
VCAP_SEL_ALL, addr);
|
|
|
|
ri->vctrl->ops->cache_read(ri->ndev, admin,
|
|
|
|
VCAP_SEL_ENTRY, ent_idx,
|
|
|
|
ri->keyset_sw_regs);
|
|
|
|
ri->vctrl->ops->cache_read(ri->ndev, admin,
|
|
|
|
VCAP_SEL_ACTION, act_idx,
|
|
|
|
ri->actionset_sw_regs);
|
|
|
|
if (sw_idx == 0)
|
|
|
|
ri->vctrl->ops->cache_read(ri->ndev, admin,
|
|
|
|
VCAP_SEL_COUNTER,
|
|
|
|
ri->counter_id, 0);
|
|
|
|
ent_idx += ri->keyset_sw_regs;
|
|
|
|
act_idx += ri->actionset_sw_regs;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Write VCAP cache content to the VCAP HW instance */
|
|
|
|
static int vcap_write_rule(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
int sw_idx, ent_idx = 0, act_idx = 0;
|
|
|
|
u32 addr = ri->addr;
|
|
|
|
|
|
|
|
if (!ri->size || !ri->keyset_sw_regs || !ri->actionset_sw_regs) {
|
|
|
|
pr_err("%s:%d: rule is empty\n", __func__, __LINE__);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Use the values in the streams to write the VCAP cache */
|
|
|
|
for (sw_idx = 0; sw_idx < ri->size; sw_idx++, addr++) {
|
|
|
|
ri->vctrl->ops->cache_write(ri->ndev, admin,
|
|
|
|
VCAP_SEL_ENTRY, ent_idx,
|
|
|
|
ri->keyset_sw_regs);
|
|
|
|
ri->vctrl->ops->cache_write(ri->ndev, admin,
|
|
|
|
VCAP_SEL_ACTION, act_idx,
|
|
|
|
ri->actionset_sw_regs);
|
|
|
|
ri->vctrl->ops->update(ri->ndev, admin, VCAP_CMD_WRITE,
|
|
|
|
VCAP_SEL_ALL, addr);
|
|
|
|
ent_idx += ri->keyset_sw_regs;
|
|
|
|
act_idx += ri->actionset_sw_regs;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_write_counter(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_counter *ctr)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
|
|
|
|
admin->cache.counter = ctr->value;
|
|
|
|
admin->cache.sticky = ctr->sticky;
|
|
|
|
ri->vctrl->ops->cache_write(ri->ndev, admin, VCAP_SEL_COUNTER,
|
|
|
|
ri->counter_id, 0);
|
|
|
|
ri->vctrl->ops->update(ri->ndev, admin, VCAP_CMD_WRITE,
|
|
|
|
VCAP_SEL_COUNTER, ri->addr);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert a chain id to a VCAP lookup index */
|
|
|
|
int vcap_chain_id_to_lookup(struct vcap_admin *admin, int cur_cid)
|
|
|
|
{
|
|
|
|
int lookup_first = admin->vinst * admin->lookups_per_instance;
|
|
|
|
int lookup_last = lookup_first + admin->lookups_per_instance;
|
|
|
|
int cid_next = admin->first_cid + VCAP_CID_LOOKUP_SIZE;
|
|
|
|
int cid = admin->first_cid;
|
|
|
|
int lookup;
|
|
|
|
|
|
|
|
for (lookup = lookup_first; lookup < lookup_last; ++lookup,
|
|
|
|
cid += VCAP_CID_LOOKUP_SIZE, cid_next += VCAP_CID_LOOKUP_SIZE)
|
|
|
|
if (cur_cid >= cid && cur_cid < cid_next)
|
|
|
|
return lookup;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_chain_id_to_lookup);
|
|
|
|
|
|
|
|
/* Lookup a vcap instance using chain id */
|
|
|
|
struct vcap_admin *vcap_find_admin(struct vcap_control *vctrl, int cid)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
if (vcap_api_check(vctrl))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
if (cid >= admin->first_cid && cid <= admin->last_cid)
|
|
|
|
return admin;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_find_admin);
|
|
|
|
|
|
|
|
/* Is this the last admin instance ordered by chain id and direction */
|
|
|
|
static bool vcap_admin_is_last(struct vcap_control *vctrl,
|
|
|
|
struct vcap_admin *admin,
|
|
|
|
bool ingress)
|
|
|
|
{
|
|
|
|
struct vcap_admin *iter, *last = NULL;
|
|
|
|
int max_cid = 0;
|
|
|
|
|
|
|
|
list_for_each_entry(iter, &vctrl->list, list) {
|
|
|
|
if (iter->first_cid > max_cid &&
|
|
|
|
iter->ingress == ingress) {
|
|
|
|
last = iter;
|
|
|
|
max_cid = iter->first_cid;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!last)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return admin == last;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Calculate the value used for chaining VCAP rules */
|
|
|
|
int vcap_chain_offset(struct vcap_control *vctrl, int from_cid, int to_cid)
|
|
|
|
{
|
|
|
|
int diff = to_cid - from_cid;
|
|
|
|
|
|
|
|
if (diff < 0) /* Wrong direction */
|
|
|
|
return diff;
|
|
|
|
to_cid %= VCAP_CID_LOOKUP_SIZE;
|
|
|
|
if (to_cid == 0) /* Destination aligned to a lookup == no chaining */
|
|
|
|
return 0;
|
|
|
|
diff %= VCAP_CID_LOOKUP_SIZE; /* Limit to a value within a lookup */
|
|
|
|
return diff;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_chain_offset);
|
|
|
|
|
|
|
|
/* Is the next chain id in one of the following lookups
|
|
|
|
* For now this does not support filters linked to other filters using
|
|
|
|
* keys and actions. That will be added later.
|
|
|
|
*/
|
|
|
|
bool vcap_is_next_lookup(struct vcap_control *vctrl, int src_cid, int dst_cid)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int next_cid;
|
|
|
|
|
|
|
|
if (vcap_api_check(vctrl))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* The offset must be at least one lookup so round up one chain */
|
|
|
|
next_cid = roundup(src_cid + 1, VCAP_CID_LOOKUP_SIZE);
|
|
|
|
|
|
|
|
if (dst_cid < next_cid)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
admin = vcap_find_admin(vctrl, dst_cid);
|
|
|
|
if (!admin)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_is_next_lookup);
|
|
|
|
|
|
|
|
/* Check if there is room for a new rule */
|
|
|
|
static int vcap_rule_space(struct vcap_admin *admin, int size)
|
|
|
|
{
|
|
|
|
if (admin->last_used_addr - size < admin->first_valid_addr) {
|
|
|
|
pr_err("%s:%d: No room for rule size: %u, %u\n",
|
|
|
|
__func__, __LINE__, size, admin->first_valid_addr);
|
|
|
|
return -ENOSPC;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add the keyset typefield to the list of rule keyfields */
|
|
|
|
static int vcap_add_type_keyfield(struct vcap_rule *rule)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
enum vcap_keyfield_set keyset = rule->keyset;
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
const struct vcap_set *kset;
|
|
|
|
int ret = -EINVAL;
|
|
|
|
|
|
|
|
kset = vcap_keyfieldset(ri->vctrl, vt, keyset);
|
|
|
|
if (!kset)
|
|
|
|
return ret;
|
|
|
|
if (kset->type_id == (u8)-1) /* No type field is needed */
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
fields = vcap_keyfields(ri->vctrl, vt, keyset);
|
|
|
|
if (!fields)
|
|
|
|
return -EINVAL;
|
|
|
|
if (fields[VCAP_KF_TYPE].width > 1) {
|
|
|
|
ret = vcap_rule_add_key_u32(rule, VCAP_KF_TYPE,
|
|
|
|
kset->type_id, 0xff);
|
|
|
|
} else {
|
|
|
|
if (kset->type_id)
|
|
|
|
ret = vcap_rule_add_key_bit(rule, VCAP_KF_TYPE,
|
|
|
|
VCAP_BIT_1);
|
|
|
|
else
|
|
|
|
ret = vcap_rule_add_key_bit(rule, VCAP_KF_TYPE,
|
|
|
|
VCAP_BIT_0);
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add the actionset typefield to the list of rule actionfields */
|
|
|
|
static int vcap_add_type_actionfield(struct vcap_rule *rule)
|
|
|
|
{
|
|
|
|
enum vcap_actionfield_set actionset = rule->actionset;
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
const struct vcap_set *aset;
|
|
|
|
int ret = -EINVAL;
|
|
|
|
|
|
|
|
aset = vcap_actionfieldset(ri->vctrl, vt, actionset);
|
|
|
|
if (!aset)
|
|
|
|
return ret;
|
|
|
|
if (aset->type_id == (u8)-1) /* No type field is needed */
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
fields = vcap_actionfields(ri->vctrl, vt, actionset);
|
|
|
|
if (!fields)
|
|
|
|
return -EINVAL;
|
|
|
|
if (fields[VCAP_AF_TYPE].width > 1) {
|
|
|
|
ret = vcap_rule_add_action_u32(rule, VCAP_AF_TYPE,
|
|
|
|
aset->type_id);
|
|
|
|
} else {
|
|
|
|
if (aset->type_id)
|
|
|
|
ret = vcap_rule_add_action_bit(rule, VCAP_AF_TYPE,
|
|
|
|
VCAP_BIT_1);
|
|
|
|
else
|
|
|
|
ret = vcap_rule_add_action_bit(rule, VCAP_AF_TYPE,
|
|
|
|
VCAP_BIT_0);
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add a keyset to a keyset list */
|
|
|
|
bool vcap_keyset_list_add(struct vcap_keyset_list *keysetlist,
|
|
|
|
enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
if (keysetlist->cnt < keysetlist->max) {
|
|
|
|
/* Avoid duplicates */
|
|
|
|
for (idx = 0; idx < keysetlist->cnt; ++idx)
|
|
|
|
if (keysetlist->keysets[idx] == keyset)
|
|
|
|
return keysetlist->cnt < keysetlist->max;
|
|
|
|
keysetlist->keysets[keysetlist->cnt++] = keyset;
|
|
|
|
}
|
|
|
|
return keysetlist->cnt < keysetlist->max;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_keyset_list_add);
|
|
|
|
|
|
|
|
/* Add a actionset to a actionset list */
|
|
|
|
static bool vcap_actionset_list_add(struct vcap_actionset_list *actionsetlist,
|
|
|
|
enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
if (actionsetlist->cnt < actionsetlist->max) {
|
|
|
|
/* Avoid duplicates */
|
|
|
|
for (idx = 0; idx < actionsetlist->cnt; ++idx)
|
|
|
|
if (actionsetlist->actionsets[idx] == actionset)
|
|
|
|
return actionsetlist->cnt < actionsetlist->max;
|
|
|
|
actionsetlist->actionsets[actionsetlist->cnt++] = actionset;
|
|
|
|
}
|
|
|
|
return actionsetlist->cnt < actionsetlist->max;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* map keyset id to a string with the keyset name */
|
|
|
|
const char *vcap_keyset_name(struct vcap_control *vctrl,
|
|
|
|
enum vcap_keyfield_set keyset)
|
|
|
|
{
|
|
|
|
return vctrl->stats->keyfield_set_names[keyset];
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_keyset_name);
|
|
|
|
|
|
|
|
/* map key field id to a string with the key name */
|
|
|
|
const char *vcap_keyfield_name(struct vcap_control *vctrl,
|
|
|
|
enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
return vctrl->stats->keyfield_names[key];
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_keyfield_name);
|
|
|
|
|
|
|
|
/* map actionset id to a string with the actionset name */
|
|
|
|
const char *vcap_actionset_name(struct vcap_control *vctrl,
|
|
|
|
enum vcap_actionfield_set actionset)
|
|
|
|
{
|
|
|
|
return vctrl->stats->actionfield_set_names[actionset];
|
|
|
|
}
|
|
|
|
|
|
|
|
/* map action field id to a string with the action name */
|
|
|
|
const char *vcap_actionfield_name(struct vcap_control *vctrl,
|
|
|
|
enum vcap_action_field action)
|
|
|
|
{
|
|
|
|
return vctrl->stats->actionfield_names[action];
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the keyfield that matches a key in a keyset */
|
|
|
|
static const struct vcap_field *
|
|
|
|
vcap_find_keyset_keyfield(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vtype,
|
|
|
|
enum vcap_keyfield_set keyset,
|
|
|
|
enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
int idx, count;
|
|
|
|
|
|
|
|
fields = vcap_keyfields(vctrl, vtype, keyset);
|
|
|
|
if (!fields)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
/* Iterate the keyfields of the keyset */
|
|
|
|
count = vcap_keyfield_count(vctrl, vtype, keyset);
|
|
|
|
for (idx = 0; idx < count; ++idx) {
|
|
|
|
if (fields[idx].width == 0)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (key == idx)
|
|
|
|
return &fields[idx];
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Match a list of keys against the keysets available in a vcap type */
|
|
|
|
static bool _vcap_rule_find_keysets(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_keyset_list *matches)
|
|
|
|
{
|
|
|
|
const struct vcap_client_keyfield *ckf;
|
|
|
|
int keyset, found, keycount, map_size;
|
|
|
|
const struct vcap_field **map;
|
|
|
|
enum vcap_type vtype;
|
|
|
|
|
|
|
|
vtype = ri->admin->vtype;
|
|
|
|
map = ri->vctrl->vcaps[vtype].keyfield_set_map;
|
|
|
|
map_size = ri->vctrl->vcaps[vtype].keyfield_set_size;
|
|
|
|
|
|
|
|
/* Get a count of the keyfields we want to match */
|
|
|
|
keycount = 0;
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list)
|
|
|
|
++keycount;
|
|
|
|
|
|
|
|
matches->cnt = 0;
|
|
|
|
/* Iterate the keysets of the VCAP */
|
|
|
|
for (keyset = 0; keyset < map_size; ++keyset) {
|
|
|
|
if (!map[keyset])
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Iterate the keys in the rule */
|
|
|
|
found = 0;
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list)
|
|
|
|
if (vcap_find_keyset_keyfield(ri->vctrl, vtype,
|
|
|
|
keyset, ckf->ctrl.key))
|
|
|
|
++found;
|
|
|
|
|
|
|
|
/* Save the keyset if all keyfields were found */
|
|
|
|
if (found == keycount)
|
|
|
|
if (!vcap_keyset_list_add(matches, keyset))
|
|
|
|
/* bail out when the quota is filled */
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return matches->cnt > 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Match a list of keys against the keysets available in a vcap type */
|
|
|
|
bool vcap_rule_find_keysets(struct vcap_rule *rule,
|
|
|
|
struct vcap_keyset_list *matches)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
|
|
|
|
return _vcap_rule_find_keysets(ri, matches);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_find_keysets);
|
|
|
|
|
|
|
|
/* Return the actionfield that matches a action in a actionset */
|
|
|
|
static const struct vcap_field *
|
|
|
|
vcap_find_actionset_actionfield(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vtype,
|
|
|
|
enum vcap_actionfield_set actionset,
|
|
|
|
enum vcap_action_field action)
|
|
|
|
{
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
int idx, count;
|
|
|
|
|
|
|
|
fields = vcap_actionfields(vctrl, vtype, actionset);
|
|
|
|
if (!fields)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
/* Iterate the actionfields of the actionset */
|
|
|
|
count = vcap_actionfield_count(vctrl, vtype, actionset);
|
|
|
|
for (idx = 0; idx < count; ++idx) {
|
|
|
|
if (fields[idx].width == 0)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (action == idx)
|
|
|
|
return &fields[idx];
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Match a list of actions against the actionsets available in a vcap type */
|
|
|
|
static bool vcap_rule_find_actionsets(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_actionset_list *matches)
|
|
|
|
{
|
|
|
|
int actionset, found, actioncount, map_size;
|
|
|
|
const struct vcap_client_actionfield *ckf;
|
|
|
|
const struct vcap_field **map;
|
|
|
|
enum vcap_type vtype;
|
|
|
|
|
|
|
|
vtype = ri->admin->vtype;
|
|
|
|
map = ri->vctrl->vcaps[vtype].actionfield_set_map;
|
|
|
|
map_size = ri->vctrl->vcaps[vtype].actionfield_set_size;
|
|
|
|
|
|
|
|
/* Get a count of the actionfields we want to match */
|
|
|
|
actioncount = 0;
|
|
|
|
list_for_each_entry(ckf, &ri->data.actionfields, ctrl.list)
|
|
|
|
++actioncount;
|
|
|
|
|
|
|
|
matches->cnt = 0;
|
|
|
|
/* Iterate the actionsets of the VCAP */
|
|
|
|
for (actionset = 0; actionset < map_size; ++actionset) {
|
|
|
|
if (!map[actionset])
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Iterate the actions in the rule */
|
|
|
|
found = 0;
|
|
|
|
list_for_each_entry(ckf, &ri->data.actionfields, ctrl.list)
|
|
|
|
if (vcap_find_actionset_actionfield(ri->vctrl, vtype,
|
|
|
|
actionset,
|
|
|
|
ckf->ctrl.action))
|
|
|
|
++found;
|
|
|
|
|
|
|
|
/* Save the actionset if all actionfields were found */
|
|
|
|
if (found == actioncount)
|
|
|
|
if (!vcap_actionset_list_add(matches, actionset))
|
|
|
|
/* bail out when the quota is filled */
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return matches->cnt > 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Validate a rule with respect to available port keys */
|
|
|
|
int vcap_val_rule(struct vcap_rule *rule, u16 l3_proto)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_keyset_list matches = {};
|
|
|
|
enum vcap_keyfield_set keysets[10];
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = vcap_api_check(ri->vctrl);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
if (!ri->admin) {
|
|
|
|
ri->data.exterr = VCAP_ERR_NO_ADMIN;
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
if (!ri->ndev) {
|
|
|
|
ri->data.exterr = VCAP_ERR_NO_NETDEV;
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
matches.keysets = keysets;
|
|
|
|
matches.max = ARRAY_SIZE(keysets);
|
|
|
|
if (ri->data.keyset == VCAP_KFS_NO_VALUE) {
|
|
|
|
/* Iterate over rule keyfields and select keysets that fits */
|
|
|
|
if (!_vcap_rule_find_keysets(ri, &matches)) {
|
|
|
|
ri->data.exterr = VCAP_ERR_NO_KEYSET_MATCH;
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/* prepare for keyset validation */
|
|
|
|
keysets[0] = ri->data.keyset;
|
|
|
|
matches.cnt = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Pick a keyset that is supported in the port lookups */
|
|
|
|
ret = ri->vctrl->ops->validate_keyset(ri->ndev, ri->admin, rule,
|
|
|
|
&matches, l3_proto);
|
|
|
|
if (ret < 0) {
|
|
|
|
pr_err("%s:%d: keyset validation failed: %d\n",
|
|
|
|
__func__, __LINE__, ret);
|
|
|
|
ri->data.exterr = VCAP_ERR_NO_PORT_KEYSET_MATCH;
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
/* use the keyset that is supported in the port lookups */
|
|
|
|
ret = vcap_set_rule_set_keyset(rule, ret);
|
|
|
|
if (ret < 0) {
|
|
|
|
pr_err("%s:%d: keyset was not updated: %d\n",
|
|
|
|
__func__, __LINE__, ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
if (ri->data.actionset == VCAP_AFS_NO_VALUE) {
|
|
|
|
struct vcap_actionset_list matches = {};
|
|
|
|
enum vcap_actionfield_set actionsets[10];
|
|
|
|
|
|
|
|
matches.actionsets = actionsets;
|
|
|
|
matches.max = ARRAY_SIZE(actionsets);
|
|
|
|
|
|
|
|
/* Find an actionset that fits the rule actions */
|
|
|
|
if (!vcap_rule_find_actionsets(ri, &matches)) {
|
|
|
|
ri->data.exterr = VCAP_ERR_NO_ACTIONSET_MATCH;
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
ret = vcap_set_rule_set_actionset(rule, actionsets[0]);
|
|
|
|
if (ret < 0) {
|
|
|
|
pr_err("%s:%d: actionset was not updated: %d\n",
|
|
|
|
__func__, __LINE__, ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
vcap_add_type_keyfield(rule);
|
|
|
|
vcap_add_type_actionfield(rule);
|
|
|
|
/* Add default fields to this rule */
|
|
|
|
ri->vctrl->ops->add_default_fields(ri->ndev, ri->admin, rule);
|
|
|
|
|
|
|
|
/* Rule size is the maximum of the entry and action subword count */
|
|
|
|
ri->size = max(ri->keyset_sw, ri->actionset_sw);
|
|
|
|
|
|
|
|
/* Finally check if there is room for the rule in the VCAP */
|
|
|
|
return vcap_rule_space(ri->admin, ri->size);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_val_rule);
|
|
|
|
|
|
|
|
/* Entries are sorted with increasing values of sort_key.
|
|
|
|
* I.e. Lowest numerical sort_key is first in list.
|
|
|
|
* In order to locate largest keys first in list we negate the key size with
|
|
|
|
* (max_size - size).
|
|
|
|
*/
|
|
|
|
static u32 vcap_sort_key(u32 max_size, u32 size, u8 user, u16 prio)
|
|
|
|
{
|
|
|
|
return ((max_size - size) << 24) | (user << 16) | prio;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* calculate the address of the next rule after this (lower address and prio) */
|
|
|
|
static u32 vcap_next_rule_addr(u32 addr, struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
return ((addr - ri->size) / ri->size) * ri->size;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Assign a unique rule id and autogenerate one if id == 0 */
|
|
|
|
static u32 vcap_set_rule_id(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
if (ri->data.id != 0)
|
|
|
|
return ri->data.id;
|
|
|
|
|
|
|
|
for (u32 next_id = 1; next_id < ~0; ++next_id) {
|
|
|
|
if (!vcap_rule_exists(ri->vctrl, next_id)) {
|
|
|
|
ri->data.id = next_id;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return ri->data.id;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_insert_rule(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_rule_move *move)
|
|
|
|
{
|
|
|
|
int sw_count = ri->vctrl->vcaps[ri->admin->vtype].sw_count;
|
|
|
|
struct vcap_rule_internal *duprule, *iter, *elem = NULL;
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
u32 addr;
|
|
|
|
|
|
|
|
ri->sort_key = vcap_sort_key(sw_count, ri->size, ri->data.user,
|
|
|
|
ri->data.priority);
|
|
|
|
|
|
|
|
/* Insert the new rule in the list of rule based on the sort key
|
|
|
|
* If the rule needs to be inserted between existing rules then move
|
|
|
|
* these rules to make room for the new rule and update their start
|
|
|
|
* address.
|
|
|
|
*/
|
|
|
|
list_for_each_entry(iter, &admin->rules, list) {
|
|
|
|
if (ri->sort_key < iter->sort_key) {
|
|
|
|
elem = iter;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!elem) {
|
|
|
|
ri->addr = vcap_next_rule_addr(admin->last_used_addr, ri);
|
|
|
|
admin->last_used_addr = ri->addr;
|
|
|
|
|
|
|
|
/* Add a copy of the rule to the VCAP list */
|
|
|
|
duprule = vcap_dup_rule(ri, ri->state == VCAP_RS_DISABLED);
|
|
|
|
if (IS_ERR(duprule))
|
|
|
|
return PTR_ERR(duprule);
|
|
|
|
|
|
|
|
list_add_tail(&duprule->list, &admin->rules);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Reuse the space of the current rule */
|
|
|
|
addr = elem->addr + elem->size;
|
|
|
|
ri->addr = vcap_next_rule_addr(addr, ri);
|
|
|
|
addr = ri->addr;
|
|
|
|
|
|
|
|
/* Add a copy of the rule to the VCAP list */
|
|
|
|
duprule = vcap_dup_rule(ri, ri->state == VCAP_RS_DISABLED);
|
|
|
|
if (IS_ERR(duprule))
|
|
|
|
return PTR_ERR(duprule);
|
|
|
|
|
|
|
|
/* Add before the current entry */
|
|
|
|
list_add_tail(&duprule->list, &elem->list);
|
|
|
|
|
|
|
|
/* Update the current rule */
|
|
|
|
elem->addr = vcap_next_rule_addr(addr, elem);
|
|
|
|
addr = elem->addr;
|
|
|
|
|
|
|
|
/* Update the address in the remaining rules in the list */
|
|
|
|
list_for_each_entry_continue(elem, &admin->rules, list) {
|
|
|
|
elem->addr = vcap_next_rule_addr(addr, elem);
|
|
|
|
addr = elem->addr;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Update the move info */
|
|
|
|
move->addr = admin->last_used_addr;
|
|
|
|
move->count = ri->addr - addr;
|
|
|
|
move->offset = admin->last_used_addr - addr;
|
|
|
|
admin->last_used_addr = addr;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_move_rules(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_rule_move *move)
|
|
|
|
{
|
|
|
|
ri->vctrl->ops->move(ri->ndev, ri->admin, move->addr,
|
|
|
|
move->offset, move->count);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if the chain is already used to enable a VCAP lookup for this port */
|
|
|
|
static bool vcap_is_chain_used(struct vcap_control *vctrl,
|
|
|
|
struct net_device *ndev, int src_cid)
|
|
|
|
{
|
|
|
|
struct vcap_enabled_port *eport;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list)
|
|
|
|
list_for_each_entry(eport, &admin->enabled, list)
|
|
|
|
if (eport->src_cid == src_cid && eport->ndev == ndev)
|
|
|
|
return true;
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Fetch the next chain in the enabled list for the port */
|
|
|
|
static int vcap_get_next_chain(struct vcap_control *vctrl,
|
|
|
|
struct net_device *ndev,
|
|
|
|
int dst_cid)
|
|
|
|
{
|
|
|
|
struct vcap_enabled_port *eport;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
list_for_each_entry(eport, &admin->enabled, list) {
|
|
|
|
if (eport->ndev != ndev)
|
|
|
|
continue;
|
|
|
|
if (eport->src_cid == dst_cid)
|
|
|
|
return eport->dst_cid;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool vcap_path_exist(struct vcap_control *vctrl, struct net_device *ndev,
|
|
|
|
int dst_cid)
|
|
|
|
{
|
|
|
|
int cid = rounddown(dst_cid, VCAP_CID_LOOKUP_SIZE);
|
|
|
|
struct vcap_enabled_port *eport = NULL;
|
|
|
|
struct vcap_enabled_port *elem;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int tmp;
|
|
|
|
|
|
|
|
if (cid == 0) /* Chain zero is always available */
|
|
|
|
return true;
|
|
|
|
|
|
|
|
/* Find first entry that starts from chain 0*/
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
list_for_each_entry(elem, &admin->enabled, list) {
|
|
|
|
if (elem->src_cid == 0 && elem->ndev == ndev) {
|
|
|
|
eport = elem;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (eport)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!eport)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
tmp = eport->dst_cid;
|
|
|
|
while (tmp != cid && tmp != 0)
|
|
|
|
tmp = vcap_get_next_chain(vctrl, ndev, tmp);
|
|
|
|
|
|
|
|
return !!tmp;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Internal clients can always store their rules in HW
|
|
|
|
* External clients can store their rules if the chain is enabled all
|
|
|
|
* the way from chain 0, otherwise the rule will be cached until
|
|
|
|
* the chain is enabled.
|
|
|
|
*/
|
|
|
|
static void vcap_rule_set_state(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
if (ri->data.user <= VCAP_USER_QOS)
|
|
|
|
ri->state = VCAP_RS_PERMANENT;
|
|
|
|
else if (vcap_path_exist(ri->vctrl, ri->ndev, ri->data.vcap_chain_id))
|
|
|
|
ri->state = VCAP_RS_ENABLED;
|
|
|
|
else
|
|
|
|
ri->state = VCAP_RS_DISABLED;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Encode and write a validated rule to the VCAP */
|
|
|
|
int vcap_add_rule(struct vcap_rule *rule)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_rule_move move = {0};
|
|
|
|
struct vcap_counter ctr = {0};
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = vcap_api_check(ri->vctrl);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
/* Insert the new rule in the list of vcap rules */
|
|
|
|
mutex_lock(&ri->admin->lock);
|
|
|
|
|
|
|
|
vcap_rule_set_state(ri);
|
|
|
|
ret = vcap_insert_rule(ri, &move);
|
|
|
|
if (ret < 0) {
|
|
|
|
pr_err("%s:%d: could not insert rule in vcap list: %d\n",
|
|
|
|
__func__, __LINE__, ret);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
if (move.count > 0)
|
|
|
|
vcap_move_rules(ri, &move);
|
|
|
|
|
|
|
|
/* Set the counter to zero */
|
|
|
|
ret = vcap_write_counter(ri, &ctr);
|
|
|
|
if (ret)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (ri->state == VCAP_RS_DISABLED) {
|
|
|
|
/* Erase the rule area */
|
|
|
|
ri->vctrl->ops->init(ri->ndev, ri->admin, ri->addr, ri->size);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
vcap_erase_cache(ri);
|
|
|
|
ret = vcap_encode_rule(ri);
|
|
|
|
if (ret) {
|
|
|
|
pr_err("%s:%d: rule encoding error: %d\n", __func__, __LINE__, ret);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = vcap_write_rule(ri);
|
|
|
|
if (ret) {
|
|
|
|
pr_err("%s:%d: rule write error: %d\n", __func__, __LINE__, ret);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
out:
|
|
|
|
mutex_unlock(&ri->admin->lock);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_add_rule);
|
|
|
|
|
|
|
|
/* Allocate a new rule with the provided arguments */
|
|
|
|
struct vcap_rule *vcap_alloc_rule(struct vcap_control *vctrl,
|
|
|
|
struct net_device *ndev, int vcap_chain_id,
|
|
|
|
enum vcap_user user, u16 priority,
|
|
|
|
u32 id)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int err, maxsize;
|
|
|
|
|
|
|
|
err = vcap_api_check(vctrl);
|
|
|
|
if (err)
|
|
|
|
return ERR_PTR(err);
|
|
|
|
if (!ndev)
|
|
|
|
return ERR_PTR(-ENODEV);
|
|
|
|
/* Get the VCAP instance */
|
|
|
|
admin = vcap_find_admin(vctrl, vcap_chain_id);
|
|
|
|
if (!admin)
|
|
|
|
return ERR_PTR(-ENOENT);
|
|
|
|
/* Sanity check that this VCAP is supported on this platform */
|
|
|
|
if (vctrl->vcaps[admin->vtype].rows == 0)
|
|
|
|
return ERR_PTR(-EINVAL);
|
|
|
|
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
/* Check if a rule with this id already exists */
|
|
|
|
if (vcap_rule_exists(vctrl, id)) {
|
|
|
|
err = -EINVAL;
|
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if there is room for the rule in the block(s) of the VCAP */
|
|
|
|
maxsize = vctrl->vcaps[admin->vtype].sw_count; /* worst case rule size */
|
|
|
|
if (vcap_rule_space(admin, maxsize)) {
|
|
|
|
err = -ENOSPC;
|
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Create a container for the rule and return it */
|
|
|
|
ri = kzalloc(sizeof(*ri), GFP_KERNEL);
|
|
|
|
if (!ri) {
|
|
|
|
err = -ENOMEM;
|
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
|
|
|
|
ri->data.vcap_chain_id = vcap_chain_id;
|
|
|
|
ri->data.user = user;
|
|
|
|
ri->data.priority = priority;
|
|
|
|
ri->data.id = id;
|
|
|
|
ri->data.keyset = VCAP_KFS_NO_VALUE;
|
|
|
|
ri->data.actionset = VCAP_AFS_NO_VALUE;
|
|
|
|
INIT_LIST_HEAD(&ri->list);
|
|
|
|
INIT_LIST_HEAD(&ri->data.keyfields);
|
|
|
|
INIT_LIST_HEAD(&ri->data.actionfields);
|
|
|
|
ri->ndev = ndev;
|
|
|
|
ri->admin = admin; /* refer to the vcap instance */
|
|
|
|
ri->vctrl = vctrl; /* refer to the client */
|
|
|
|
|
|
|
|
if (vcap_set_rule_id(ri) == 0) {
|
|
|
|
err = -EINVAL;
|
|
|
|
goto out_free;
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
return (struct vcap_rule *)ri;
|
|
|
|
|
|
|
|
out_free:
|
|
|
|
kfree(ri);
|
|
|
|
out_unlock:
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
return ERR_PTR(err);
|
|
|
|
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_alloc_rule);
|
|
|
|
|
|
|
|
/* Free mem of a rule owned by client after the rule as been added to the VCAP */
|
|
|
|
void vcap_free_rule(struct vcap_rule *rule)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_client_actionfield *caf, *next_caf;
|
|
|
|
struct vcap_client_keyfield *ckf, *next_ckf;
|
|
|
|
|
|
|
|
/* Deallocate the list of keys and actions */
|
|
|
|
list_for_each_entry_safe(ckf, next_ckf, &ri->data.keyfields, ctrl.list) {
|
|
|
|
list_del(&ckf->ctrl.list);
|
|
|
|
kfree(ckf);
|
|
|
|
}
|
|
|
|
list_for_each_entry_safe(caf, next_caf, &ri->data.actionfields, ctrl.list) {
|
|
|
|
list_del(&caf->ctrl.list);
|
|
|
|
kfree(caf);
|
|
|
|
}
|
|
|
|
/* Deallocate the rule */
|
|
|
|
kfree(rule);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_free_rule);
|
|
|
|
|
|
|
|
/* Decode a rule from the VCAP cache and return a copy */
|
|
|
|
struct vcap_rule *vcap_decode_rule(struct vcap_rule_internal *elem)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
ri = vcap_dup_rule(elem, elem->state == VCAP_RS_DISABLED);
|
|
|
|
if (IS_ERR(ri))
|
|
|
|
return ERR_PTR(PTR_ERR(ri));
|
|
|
|
|
|
|
|
if (ri->state == VCAP_RS_DISABLED)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
err = vcap_read_rule(ri);
|
|
|
|
if (err)
|
|
|
|
return ERR_PTR(err);
|
|
|
|
|
|
|
|
err = vcap_decode_keyset(ri);
|
|
|
|
if (err)
|
|
|
|
return ERR_PTR(err);
|
|
|
|
|
|
|
|
err = vcap_decode_actionset(ri);
|
|
|
|
if (err)
|
|
|
|
return ERR_PTR(err);
|
|
|
|
|
|
|
|
out:
|
|
|
|
return &ri->data;
|
|
|
|
}
|
|
|
|
|
|
|
|
struct vcap_rule *vcap_get_rule(struct vcap_control *vctrl, u32 id)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *elem;
|
|
|
|
struct vcap_rule *rule;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(vctrl);
|
|
|
|
if (err)
|
|
|
|
return ERR_PTR(err);
|
|
|
|
|
|
|
|
elem = vcap_get_locked_rule(vctrl, id);
|
|
|
|
if (!elem)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
rule = vcap_decode_rule(elem);
|
|
|
|
mutex_unlock(&elem->admin->lock);
|
|
|
|
return rule;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_get_rule);
|
|
|
|
|
|
|
|
/* Update existing rule */
|
|
|
|
int vcap_mod_rule(struct vcap_rule *rule)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_counter ctr;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(ri->vctrl);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
|
|
|
|
if (!vcap_get_locked_rule(ri->vctrl, ri->data.id))
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
vcap_rule_set_state(ri);
|
|
|
|
if (ri->state == VCAP_RS_DISABLED)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/* Encode the bitstreams to the VCAP cache */
|
|
|
|
vcap_erase_cache(ri);
|
|
|
|
err = vcap_encode_rule(ri);
|
|
|
|
if (err)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
err = vcap_write_rule(ri);
|
|
|
|
if (err)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
memset(&ctr, 0, sizeof(ctr));
|
|
|
|
err = vcap_write_counter(ri, &ctr);
|
|
|
|
|
|
|
|
out:
|
|
|
|
mutex_unlock(&ri->admin->lock);
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_mod_rule);
|
|
|
|
|
|
|
|
/* Return the alignment offset for a new rule address */
|
|
|
|
static int vcap_valid_rule_move(struct vcap_rule_internal *el, int offset)
|
|
|
|
{
|
|
|
|
return (el->addr + offset) % el->size;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Update the rule address with an offset */
|
|
|
|
static void vcap_adjust_rule_addr(struct vcap_rule_internal *el, int offset)
|
|
|
|
{
|
|
|
|
el->addr += offset;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Rules needs to be moved to fill the gap of the deleted rule */
|
|
|
|
static int vcap_fill_rule_gap(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
struct vcap_rule_internal *elem;
|
|
|
|
struct vcap_rule_move move;
|
|
|
|
int gap = 0, offset = 0;
|
|
|
|
|
|
|
|
/* If the first rule is deleted: Move other rules to the top */
|
|
|
|
if (list_is_first(&ri->list, &admin->rules))
|
|
|
|
offset = admin->last_valid_addr + 1 - ri->addr - ri->size;
|
|
|
|
|
|
|
|
/* Locate gaps between odd size rules and adjust the move */
|
|
|
|
elem = ri;
|
|
|
|
list_for_each_entry_continue(elem, &admin->rules, list)
|
|
|
|
gap += vcap_valid_rule_move(elem, ri->size);
|
|
|
|
|
|
|
|
/* Update the address in the remaining rules in the list */
|
|
|
|
elem = ri;
|
|
|
|
list_for_each_entry_continue(elem, &admin->rules, list)
|
|
|
|
vcap_adjust_rule_addr(elem, ri->size + gap + offset);
|
|
|
|
|
|
|
|
/* Update the move info */
|
|
|
|
move.addr = admin->last_used_addr;
|
|
|
|
move.count = ri->addr - admin->last_used_addr - gap;
|
|
|
|
move.offset = -(ri->size + gap + offset);
|
|
|
|
|
|
|
|
/* Do the actual move operation */
|
|
|
|
vcap_move_rules(ri, &move);
|
|
|
|
|
|
|
|
return gap + offset;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Delete rule in a VCAP instance */
|
|
|
|
int vcap_del_rule(struct vcap_control *vctrl, struct net_device *ndev, u32 id)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri, *elem;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int gap = 0, err;
|
|
|
|
|
|
|
|
/* This will later also handle rule moving */
|
|
|
|
if (!ndev)
|
|
|
|
return -ENODEV;
|
|
|
|
err = vcap_api_check(vctrl);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
/* Look for the rule id in all vcaps */
|
|
|
|
ri = vcap_get_locked_rule(vctrl, id);
|
|
|
|
if (!ri)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
admin = ri->admin;
|
|
|
|
|
|
|
|
if (ri->addr > admin->last_used_addr)
|
|
|
|
gap = vcap_fill_rule_gap(ri);
|
|
|
|
|
|
|
|
/* Delete the rule from the list of rules and the cache */
|
|
|
|
list_del(&ri->list);
|
|
|
|
vctrl->ops->init(ndev, admin, admin->last_used_addr, ri->size + gap);
|
|
|
|
vcap_free_rule(&ri->data);
|
|
|
|
|
|
|
|
/* Update the last used address, set to default when no rules */
|
|
|
|
if (list_empty(&admin->rules)) {
|
|
|
|
admin->last_used_addr = admin->last_valid_addr + 1;
|
|
|
|
} else {
|
|
|
|
elem = list_last_entry(&admin->rules, struct vcap_rule_internal,
|
|
|
|
list);
|
|
|
|
admin->last_used_addr = elem->addr;
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_del_rule);
|
|
|
|
|
|
|
|
/* Delete all rules in the VCAP instance */
|
|
|
|
int vcap_del_rules(struct vcap_control *vctrl, struct vcap_admin *admin)
|
|
|
|
{
|
|
|
|
struct vcap_enabled_port *eport, *next_eport;
|
|
|
|
struct vcap_rule_internal *ri, *next_ri;
|
|
|
|
int ret = vcap_api_check(vctrl);
|
|
|
|
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_for_each_entry_safe(ri, next_ri, &admin->rules, list) {
|
|
|
|
vctrl->ops->init(ri->ndev, admin, ri->addr, ri->size);
|
|
|
|
list_del(&ri->list);
|
|
|
|
vcap_free_rule(&ri->data);
|
|
|
|
}
|
|
|
|
admin->last_used_addr = admin->last_valid_addr;
|
|
|
|
|
|
|
|
/* Remove list of enabled ports */
|
|
|
|
list_for_each_entry_safe(eport, next_eport, &admin->enabled, list) {
|
|
|
|
list_del(&eport->list);
|
|
|
|
kfree(eport);
|
|
|
|
}
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_del_rules);
|
|
|
|
|
|
|
|
/* Find a client key field in a rule */
|
|
|
|
static struct vcap_client_keyfield *
|
|
|
|
vcap_find_keyfield(struct vcap_rule *rule, enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_client_keyfield *ckf;
|
|
|
|
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list)
|
|
|
|
if (ckf->ctrl.key == key)
|
|
|
|
return ckf;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find information on a key field in a rule */
|
|
|
|
const struct vcap_field *vcap_lookup_keyfield(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
enum vcap_keyfield_set keyset = rule->keyset;
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
|
|
|
|
if (keyset == VCAP_KFS_NO_VALUE)
|
|
|
|
return NULL;
|
|
|
|
fields = vcap_keyfields(ri->vctrl, vt, keyset);
|
|
|
|
if (!fields)
|
|
|
|
return NULL;
|
|
|
|
return &fields[key];
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_lookup_keyfield);
|
|
|
|
|
|
|
|
/* Check if the keyfield is already in the rule */
|
|
|
|
static bool vcap_keyfield_unique(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
const struct vcap_client_keyfield *ckf;
|
|
|
|
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list)
|
|
|
|
if (ckf->ctrl.key == key)
|
|
|
|
return false;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if the keyfield is in the keyset */
|
|
|
|
static bool vcap_keyfield_match_keyset(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
enum vcap_keyfield_set keyset = rule->keyset;
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
|
|
|
|
/* the field is accepted if the rule has no keyset yet */
|
|
|
|
if (keyset == VCAP_KFS_NO_VALUE)
|
|
|
|
return true;
|
|
|
|
fields = vcap_keyfields(ri->vctrl, vt, keyset);
|
|
|
|
if (!fields)
|
|
|
|
return false;
|
|
|
|
/* if there is a width there is a way */
|
|
|
|
return fields[key].width > 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_rule_add_key(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field key,
|
|
|
|
enum vcap_field_type ftype,
|
|
|
|
struct vcap_client_keyfield_data *data)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_client_keyfield *field;
|
|
|
|
|
|
|
|
if (!vcap_keyfield_unique(rule, key)) {
|
|
|
|
pr_warn("%s:%d: keyfield %s is already in the rule\n",
|
|
|
|
__func__, __LINE__,
|
|
|
|
vcap_keyfield_name(ri->vctrl, key));
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!vcap_keyfield_match_keyset(rule, key)) {
|
|
|
|
pr_err("%s:%d: keyfield %s does not belong in the rule keyset\n",
|
|
|
|
__func__, __LINE__,
|
|
|
|
vcap_keyfield_name(ri->vctrl, key));
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
field = kzalloc(sizeof(*field), GFP_KERNEL);
|
|
|
|
if (!field)
|
|
|
|
return -ENOMEM;
|
|
|
|
memcpy(&field->data, data, sizeof(field->data));
|
|
|
|
field->ctrl.key = key;
|
|
|
|
field->ctrl.type = ftype;
|
|
|
|
list_add_tail(&field->ctrl.list, &rule->keyfields);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_rule_set_key_bitsize(struct vcap_u1_key *u1, enum vcap_bit val)
|
|
|
|
{
|
|
|
|
switch (val) {
|
|
|
|
case VCAP_BIT_0:
|
|
|
|
u1->value = 0;
|
|
|
|
u1->mask = 1;
|
|
|
|
break;
|
|
|
|
case VCAP_BIT_1:
|
|
|
|
u1->value = 1;
|
|
|
|
u1->mask = 1;
|
|
|
|
break;
|
|
|
|
case VCAP_BIT_ANY:
|
|
|
|
u1->value = 0;
|
|
|
|
u1->mask = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add a bit key with value and mask to the rule */
|
|
|
|
int vcap_rule_add_key_bit(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
enum vcap_bit val)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield_data data;
|
|
|
|
|
|
|
|
vcap_rule_set_key_bitsize(&data.u1, val);
|
|
|
|
return vcap_rule_add_key(rule, key, VCAP_FIELD_BIT, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_key_bit);
|
|
|
|
|
|
|
|
/* Add a 32 bit key field with value and mask to the rule */
|
|
|
|
int vcap_rule_add_key_u32(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
u32 value, u32 mask)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield_data data;
|
|
|
|
|
|
|
|
data.u32.value = value;
|
|
|
|
data.u32.mask = mask;
|
|
|
|
return vcap_rule_add_key(rule, key, VCAP_FIELD_U32, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_key_u32);
|
|
|
|
|
|
|
|
/* Add a 48 bit key with value and mask to the rule */
|
|
|
|
int vcap_rule_add_key_u48(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
struct vcap_u48_key *fieldval)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield_data data;
|
|
|
|
|
|
|
|
memcpy(&data.u48, fieldval, sizeof(data.u48));
|
|
|
|
return vcap_rule_add_key(rule, key, VCAP_FIELD_U48, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_key_u48);
|
|
|
|
|
|
|
|
/* Add a 72 bit key with value and mask to the rule */
|
|
|
|
int vcap_rule_add_key_u72(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
struct vcap_u72_key *fieldval)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield_data data;
|
|
|
|
|
|
|
|
memcpy(&data.u72, fieldval, sizeof(data.u72));
|
|
|
|
return vcap_rule_add_key(rule, key, VCAP_FIELD_U72, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_key_u72);
|
|
|
|
|
|
|
|
/* Add a 128 bit key with value and mask to the rule */
|
|
|
|
int vcap_rule_add_key_u128(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
struct vcap_u128_key *fieldval)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield_data data;
|
|
|
|
|
|
|
|
memcpy(&data.u128, fieldval, sizeof(data.u128));
|
|
|
|
return vcap_rule_add_key(rule, key, VCAP_FIELD_U128, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_key_u128);
|
|
|
|
|
|
|
|
int vcap_rule_get_key_u32(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
u32 *value, u32 *mask)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield *ckf;
|
|
|
|
|
|
|
|
ckf = vcap_find_keyfield(rule, key);
|
|
|
|
if (!ckf)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
*value = ckf->data.u32.value;
|
|
|
|
*mask = ckf->data.u32.mask;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_get_key_u32);
|
|
|
|
|
|
|
|
/* Find a client action field in a rule */
|
|
|
|
struct vcap_client_actionfield *
|
|
|
|
vcap_find_actionfield(struct vcap_rule *rule, enum vcap_action_field act)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = (struct vcap_rule_internal *)rule;
|
|
|
|
struct vcap_client_actionfield *caf;
|
|
|
|
|
|
|
|
list_for_each_entry(caf, &ri->data.actionfields, ctrl.list)
|
|
|
|
if (caf->ctrl.action == act)
|
|
|
|
return caf;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_find_actionfield);
|
|
|
|
|
|
|
|
/* Check if the actionfield is already in the rule */
|
|
|
|
static bool vcap_actionfield_unique(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field act)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
const struct vcap_client_actionfield *caf;
|
|
|
|
|
|
|
|
list_for_each_entry(caf, &ri->data.actionfields, ctrl.list)
|
|
|
|
if (caf->ctrl.action == act)
|
|
|
|
return false;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if the actionfield is in the actionset */
|
|
|
|
static bool vcap_actionfield_match_actionset(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field action)
|
|
|
|
{
|
|
|
|
enum vcap_actionfield_set actionset = rule->actionset;
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
|
|
|
|
/* the field is accepted if the rule has no actionset yet */
|
|
|
|
if (actionset == VCAP_AFS_NO_VALUE)
|
|
|
|
return true;
|
|
|
|
fields = vcap_actionfields(ri->vctrl, vt, actionset);
|
|
|
|
if (!fields)
|
|
|
|
return false;
|
|
|
|
/* if there is a width there is a way */
|
|
|
|
return fields[action].width > 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int vcap_rule_add_action(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field action,
|
|
|
|
enum vcap_field_type ftype,
|
|
|
|
struct vcap_client_actionfield_data *data)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_client_actionfield *field;
|
|
|
|
|
|
|
|
if (!vcap_actionfield_unique(rule, action)) {
|
|
|
|
pr_warn("%s:%d: actionfield %s is already in the rule\n",
|
|
|
|
__func__, __LINE__,
|
|
|
|
vcap_actionfield_name(ri->vctrl, action));
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!vcap_actionfield_match_actionset(rule, action)) {
|
|
|
|
pr_err("%s:%d: actionfield %s does not belong in the rule actionset\n",
|
|
|
|
__func__, __LINE__,
|
|
|
|
vcap_actionfield_name(ri->vctrl, action));
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
field = kzalloc(sizeof(*field), GFP_KERNEL);
|
|
|
|
if (!field)
|
|
|
|
return -ENOMEM;
|
|
|
|
memcpy(&field->data, data, sizeof(field->data));
|
|
|
|
field->ctrl.action = action;
|
|
|
|
field->ctrl.type = ftype;
|
|
|
|
list_add_tail(&field->ctrl.list, &rule->actionfields);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void vcap_rule_set_action_bitsize(struct vcap_u1_action *u1,
|
|
|
|
enum vcap_bit val)
|
|
|
|
{
|
|
|
|
switch (val) {
|
|
|
|
case VCAP_BIT_0:
|
|
|
|
u1->value = 0;
|
|
|
|
break;
|
|
|
|
case VCAP_BIT_1:
|
|
|
|
u1->value = 1;
|
|
|
|
break;
|
|
|
|
case VCAP_BIT_ANY:
|
|
|
|
u1->value = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add a bit action with value to the rule */
|
|
|
|
int vcap_rule_add_action_bit(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field action,
|
|
|
|
enum vcap_bit val)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield_data data;
|
|
|
|
|
|
|
|
vcap_rule_set_action_bitsize(&data.u1, val);
|
|
|
|
return vcap_rule_add_action(rule, action, VCAP_FIELD_BIT, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_action_bit);
|
|
|
|
|
|
|
|
/* Add a 32 bit action field with value to the rule */
|
|
|
|
int vcap_rule_add_action_u32(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field action,
|
|
|
|
u32 value)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield_data data;
|
|
|
|
|
|
|
|
data.u32.value = value;
|
|
|
|
return vcap_rule_add_action(rule, action, VCAP_FIELD_U32, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_add_action_u32);
|
|
|
|
|
|
|
|
static int vcap_read_counter(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_counter *ctr)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin = ri->admin;
|
|
|
|
|
|
|
|
ri->vctrl->ops->update(ri->ndev, admin, VCAP_CMD_READ, VCAP_SEL_COUNTER,
|
|
|
|
ri->addr);
|
|
|
|
ri->vctrl->ops->cache_read(ri->ndev, admin, VCAP_SEL_COUNTER,
|
|
|
|
ri->counter_id, 0);
|
|
|
|
ctr->value = admin->cache.counter;
|
|
|
|
ctr->sticky = admin->cache.sticky;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Copy to host byte order */
|
|
|
|
void vcap_netbytes_copy(u8 *dst, u8 *src, int count)
|
|
|
|
{
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
for (idx = 0; idx < count; ++idx, ++dst)
|
|
|
|
*dst = src[count - idx - 1];
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_netbytes_copy);
|
|
|
|
|
|
|
|
/* Convert validation error code into tc extact error message */
|
|
|
|
void vcap_set_tc_exterr(struct flow_cls_offload *fco, struct vcap_rule *vrule)
|
|
|
|
{
|
|
|
|
switch (vrule->exterr) {
|
|
|
|
case VCAP_ERR_NONE:
|
|
|
|
break;
|
|
|
|
case VCAP_ERR_NO_ADMIN:
|
|
|
|
NL_SET_ERR_MSG_MOD(fco->common.extack,
|
|
|
|
"Missing VCAP instance");
|
|
|
|
break;
|
|
|
|
case VCAP_ERR_NO_NETDEV:
|
|
|
|
NL_SET_ERR_MSG_MOD(fco->common.extack,
|
|
|
|
"Missing network interface");
|
|
|
|
break;
|
|
|
|
case VCAP_ERR_NO_KEYSET_MATCH:
|
|
|
|
NL_SET_ERR_MSG_MOD(fco->common.extack,
|
|
|
|
"No keyset matched the filter keys");
|
|
|
|
break;
|
|
|
|
case VCAP_ERR_NO_ACTIONSET_MATCH:
|
|
|
|
NL_SET_ERR_MSG_MOD(fco->common.extack,
|
|
|
|
"No actionset matched the filter actions");
|
|
|
|
break;
|
|
|
|
case VCAP_ERR_NO_PORT_KEYSET_MATCH:
|
|
|
|
NL_SET_ERR_MSG_MOD(fco->common.extack,
|
|
|
|
"No port keyset matched the filter keys");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_set_tc_exterr);
|
|
|
|
|
|
|
|
/* Write a rule to VCAP HW to enable it */
|
|
|
|
static int vcap_enable_rule(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield *af, *naf;
|
|
|
|
struct vcap_client_keyfield *kf, *nkf;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
vcap_erase_cache(ri);
|
|
|
|
err = vcap_encode_rule(ri);
|
|
|
|
if (err)
|
|
|
|
goto out;
|
|
|
|
err = vcap_write_rule(ri);
|
|
|
|
if (err)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/* Deallocate the list of keys and actions */
|
|
|
|
list_for_each_entry_safe(kf, nkf, &ri->data.keyfields, ctrl.list) {
|
|
|
|
list_del(&kf->ctrl.list);
|
|
|
|
kfree(kf);
|
|
|
|
}
|
|
|
|
list_for_each_entry_safe(af, naf, &ri->data.actionfields, ctrl.list) {
|
|
|
|
list_del(&af->ctrl.list);
|
|
|
|
kfree(af);
|
|
|
|
}
|
|
|
|
ri->state = VCAP_RS_ENABLED;
|
|
|
|
out:
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Enable all disabled rules for a specific chain/port in the VCAP HW */
|
|
|
|
static int vcap_enable_rules(struct vcap_control *vctrl,
|
|
|
|
struct net_device *ndev, int chain)
|
|
|
|
{
|
|
|
|
int next_chain = chain + VCAP_CID_LOOKUP_SIZE;
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int err = 0;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
if (!(chain >= admin->first_cid && chain <= admin->last_cid))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Found the admin, now find the offloadable rules */
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_for_each_entry(ri, &admin->rules, list) {
|
|
|
|
/* Is the rule in the lookup defined by the chain */
|
|
|
|
if (!(ri->data.vcap_chain_id >= chain &&
|
|
|
|
ri->data.vcap_chain_id < next_chain)) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ri->ndev != ndev)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (ri->state != VCAP_RS_DISABLED)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
err = vcap_enable_rule(ri);
|
|
|
|
if (err)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
if (err)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Read and erase a rule from VCAP HW to disable it */
|
|
|
|
static int vcap_disable_rule(struct vcap_rule_internal *ri)
|
|
|
|
{
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_read_rule(ri);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
err = vcap_decode_keyset(ri);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
err = vcap_decode_actionset(ri);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
|
|
|
|
ri->state = VCAP_RS_DISABLED;
|
|
|
|
ri->vctrl->ops->init(ri->ndev, ri->admin, ri->addr, ri->size);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Disable all enabled rules for a specific chain/port in the VCAP HW */
|
|
|
|
static int vcap_disable_rules(struct vcap_control *vctrl,
|
|
|
|
struct net_device *ndev, int chain)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int err = 0;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
if (!(chain >= admin->first_cid && chain <= admin->last_cid))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Found the admin, now find the rules on the chain */
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_for_each_entry(ri, &admin->rules, list) {
|
|
|
|
if (ri->data.vcap_chain_id != chain)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (ri->ndev != ndev)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (ri->state != VCAP_RS_ENABLED)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
err = vcap_disable_rule(ri);
|
|
|
|
if (err)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
if (err)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if this port is already enabled for this VCAP instance */
|
|
|
|
static bool vcap_is_enabled(struct vcap_control *vctrl, struct net_device *ndev,
|
|
|
|
int dst_cid)
|
|
|
|
{
|
|
|
|
struct vcap_enabled_port *eport;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list)
|
|
|
|
list_for_each_entry(eport, &admin->enabled, list)
|
|
|
|
if (eport->dst_cid == dst_cid && eport->ndev == ndev)
|
|
|
|
return true;
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Enable this port and chain id in a VCAP instance */
|
|
|
|
static int vcap_enable(struct vcap_control *vctrl, struct net_device *ndev,
|
|
|
|
unsigned long cookie, int src_cid, int dst_cid)
|
|
|
|
{
|
|
|
|
struct vcap_enabled_port *eport;
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
|
|
|
|
if (src_cid >= dst_cid)
|
|
|
|
return -EFAULT;
|
|
|
|
|
|
|
|
admin = vcap_find_admin(vctrl, dst_cid);
|
|
|
|
if (!admin)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
eport = kzalloc(sizeof(*eport), GFP_KERNEL);
|
|
|
|
if (!eport)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
eport->ndev = ndev;
|
|
|
|
eport->cookie = cookie;
|
|
|
|
eport->src_cid = src_cid;
|
|
|
|
eport->dst_cid = dst_cid;
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_add_tail(&eport->list, &admin->enabled);
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
|
|
|
|
if (vcap_path_exist(vctrl, ndev, src_cid)) {
|
|
|
|
/* Enable chained lookups */
|
|
|
|
while (dst_cid) {
|
|
|
|
admin = vcap_find_admin(vctrl, dst_cid);
|
|
|
|
if (!admin)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
vcap_enable_rules(vctrl, ndev, dst_cid);
|
|
|
|
dst_cid = vcap_get_next_chain(vctrl, ndev, dst_cid);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Disable this port and chain id for a VCAP instance */
|
|
|
|
static int vcap_disable(struct vcap_control *vctrl, struct net_device *ndev,
|
|
|
|
unsigned long cookie)
|
|
|
|
{
|
|
|
|
struct vcap_enabled_port *elem, *eport = NULL;
|
|
|
|
struct vcap_admin *found = NULL, *admin;
|
|
|
|
int dst_cid;
|
|
|
|
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
list_for_each_entry(elem, &admin->enabled, list) {
|
|
|
|
if (elem->cookie == cookie && elem->ndev == ndev) {
|
|
|
|
eport = elem;
|
|
|
|
found = admin;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (eport)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!eport)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
/* Disable chained lookups */
|
|
|
|
dst_cid = eport->dst_cid;
|
|
|
|
while (dst_cid) {
|
|
|
|
admin = vcap_find_admin(vctrl, dst_cid);
|
|
|
|
if (!admin)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
vcap_disable_rules(vctrl, ndev, dst_cid);
|
|
|
|
dst_cid = vcap_get_next_chain(vctrl, ndev, dst_cid);
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_lock(&found->lock);
|
|
|
|
list_del(&eport->list);
|
|
|
|
mutex_unlock(&found->lock);
|
|
|
|
kfree(eport);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Enable/Disable the VCAP instance lookups */
|
|
|
|
int vcap_enable_lookups(struct vcap_control *vctrl, struct net_device *ndev,
|
|
|
|
int src_cid, int dst_cid, unsigned long cookie,
|
|
|
|
bool enable)
|
|
|
|
{
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(vctrl);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
|
|
|
|
if (!ndev)
|
|
|
|
return -ENODEV;
|
|
|
|
|
|
|
|
/* Source and destination must be the first chain in a lookup */
|
|
|
|
if (src_cid % VCAP_CID_LOOKUP_SIZE)
|
|
|
|
return -EFAULT;
|
|
|
|
if (dst_cid % VCAP_CID_LOOKUP_SIZE)
|
|
|
|
return -EFAULT;
|
|
|
|
|
|
|
|
if (enable) {
|
|
|
|
if (vcap_is_enabled(vctrl, ndev, dst_cid))
|
|
|
|
return -EADDRINUSE;
|
|
|
|
if (vcap_is_chain_used(vctrl, ndev, src_cid))
|
|
|
|
return -EADDRNOTAVAIL;
|
|
|
|
err = vcap_enable(vctrl, ndev, cookie, src_cid, dst_cid);
|
|
|
|
} else {
|
|
|
|
err = vcap_disable(vctrl, ndev, cookie);
|
|
|
|
}
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_enable_lookups);
|
|
|
|
|
|
|
|
/* Is this chain id the last lookup of all VCAPs */
|
|
|
|
bool vcap_is_last_chain(struct vcap_control *vctrl, int cid, bool ingress)
|
|
|
|
{
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int lookup;
|
|
|
|
|
|
|
|
if (vcap_api_check(vctrl))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
admin = vcap_find_admin(vctrl, cid);
|
|
|
|
if (!admin)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (!vcap_admin_is_last(vctrl, admin, ingress))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* This must be the last lookup in this VCAP type */
|
|
|
|
lookup = vcap_chain_id_to_lookup(admin, cid);
|
|
|
|
return lookup == admin->lookups - 1;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_is_last_chain);
|
|
|
|
|
|
|
|
/* Set a rule counter id (for certain vcaps only) */
|
|
|
|
void vcap_rule_set_counter_id(struct vcap_rule *rule, u32 counter_id)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
|
|
|
|
ri->counter_id = counter_id;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_set_counter_id);
|
|
|
|
|
|
|
|
int vcap_rule_set_counter(struct vcap_rule *rule, struct vcap_counter *ctr)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(ri->vctrl);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
if (!ctr) {
|
|
|
|
pr_err("%s:%d: counter is missing\n", __func__, __LINE__);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_lock(&ri->admin->lock);
|
|
|
|
err = vcap_write_counter(ri, ctr);
|
|
|
|
mutex_unlock(&ri->admin->lock);
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_set_counter);
|
|
|
|
|
|
|
|
int vcap_rule_get_counter(struct vcap_rule *rule, struct vcap_counter *ctr)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(ri->vctrl);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
if (!ctr) {
|
|
|
|
pr_err("%s:%d: counter is missing\n", __func__, __LINE__);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_lock(&ri->admin->lock);
|
|
|
|
err = vcap_read_counter(ri, ctr);
|
|
|
|
mutex_unlock(&ri->admin->lock);
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_get_counter);
|
|
|
|
|
|
|
|
/* Get a copy of a client key field */
|
|
|
|
static int vcap_rule_get_key(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field key,
|
|
|
|
struct vcap_client_keyfield *ckf)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield *field;
|
|
|
|
|
|
|
|
field = vcap_find_keyfield(rule, key);
|
|
|
|
if (!field)
|
|
|
|
return -EINVAL;
|
|
|
|
memcpy(ckf, field, sizeof(*ckf));
|
|
|
|
INIT_LIST_HEAD(&ckf->ctrl.list);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find a keyset having the same size as the provided rule, where the keyset
|
|
|
|
* does not have a type id.
|
|
|
|
*/
|
|
|
|
static int vcap_rule_get_untyped_keyset(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_keyset_list *matches)
|
|
|
|
{
|
|
|
|
struct vcap_control *vctrl = ri->vctrl;
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_set *keyfield_set;
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
keyfield_set = vctrl->vcaps[vt].keyfield_set;
|
|
|
|
for (idx = 0; idx < vctrl->vcaps[vt].keyfield_set_size; ++idx) {
|
|
|
|
if (keyfield_set[idx].sw_per_item == ri->keyset_sw &&
|
|
|
|
keyfield_set[idx].type_id == (u8)-1) {
|
|
|
|
vcap_keyset_list_add(matches, idx);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Get the keysets that matches the rule key type/mask */
|
|
|
|
int vcap_rule_get_keysets(struct vcap_rule_internal *ri,
|
|
|
|
struct vcap_keyset_list *matches)
|
|
|
|
{
|
|
|
|
struct vcap_control *vctrl = ri->vctrl;
|
|
|
|
enum vcap_type vt = ri->admin->vtype;
|
|
|
|
const struct vcap_set *keyfield_set;
|
|
|
|
struct vcap_client_keyfield kf = {};
|
|
|
|
u32 value, mask;
|
|
|
|
int err, idx;
|
|
|
|
|
|
|
|
err = vcap_rule_get_key(&ri->data, VCAP_KF_TYPE, &kf);
|
|
|
|
if (err)
|
|
|
|
return vcap_rule_get_untyped_keyset(ri, matches);
|
|
|
|
|
|
|
|
if (kf.ctrl.type == VCAP_FIELD_BIT) {
|
|
|
|
value = kf.data.u1.value;
|
|
|
|
mask = kf.data.u1.mask;
|
|
|
|
} else if (kf.ctrl.type == VCAP_FIELD_U32) {
|
|
|
|
value = kf.data.u32.value;
|
|
|
|
mask = kf.data.u32.mask;
|
|
|
|
} else {
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
keyfield_set = vctrl->vcaps[vt].keyfield_set;
|
|
|
|
for (idx = 0; idx < vctrl->vcaps[vt].keyfield_set_size; ++idx) {
|
|
|
|
if (keyfield_set[idx].sw_per_item != ri->keyset_sw)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (keyfield_set[idx].type_id == (u8)-1) {
|
|
|
|
vcap_keyset_list_add(matches, idx);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((keyfield_set[idx].type_id & mask) == value)
|
|
|
|
vcap_keyset_list_add(matches, idx);
|
|
|
|
}
|
|
|
|
if (matches->cnt > 0)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Collect packet counts from all rules with the same cookie */
|
|
|
|
int vcap_get_rule_count_by_cookie(struct vcap_control *vctrl,
|
|
|
|
struct vcap_counter *ctr, u64 cookie)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri;
|
|
|
|
struct vcap_counter temp = {};
|
|
|
|
struct vcap_admin *admin;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(vctrl);
|
|
|
|
if (err)
|
|
|
|
return err;
|
|
|
|
|
|
|
|
/* Iterate all rules in each VCAP instance */
|
|
|
|
list_for_each_entry(admin, &vctrl->list, list) {
|
|
|
|
mutex_lock(&admin->lock);
|
|
|
|
list_for_each_entry(ri, &admin->rules, list) {
|
|
|
|
if (ri->data.cookie != cookie)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
err = vcap_read_counter(ri, &temp);
|
|
|
|
if (err)
|
|
|
|
goto unlock;
|
|
|
|
ctr->value += temp.value;
|
|
|
|
|
|
|
|
/* Reset the rule counter */
|
|
|
|
temp.value = 0;
|
|
|
|
temp.sticky = 0;
|
|
|
|
err = vcap_write_counter(ri, &temp);
|
|
|
|
if (err)
|
|
|
|
goto unlock;
|
|
|
|
}
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
}
|
|
|
|
return err;
|
|
|
|
|
|
|
|
unlock:
|
|
|
|
mutex_unlock(&admin->lock);
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_get_rule_count_by_cookie);
|
|
|
|
|
|
|
|
static int vcap_rule_mod_key(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field key,
|
|
|
|
enum vcap_field_type ftype,
|
|
|
|
struct vcap_client_keyfield_data *data)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield *field;
|
|
|
|
|
|
|
|
field = vcap_find_keyfield(rule, key);
|
|
|
|
if (!field)
|
|
|
|
return vcap_rule_add_key(rule, key, ftype, data);
|
|
|
|
memcpy(&field->data, data, sizeof(field->data));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Modify a 32 bit key field with value and mask in the rule */
|
|
|
|
int vcap_rule_mod_key_u32(struct vcap_rule *rule, enum vcap_key_field key,
|
|
|
|
u32 value, u32 mask)
|
|
|
|
{
|
|
|
|
struct vcap_client_keyfield_data data;
|
|
|
|
|
|
|
|
data.u32.value = value;
|
|
|
|
data.u32.mask = mask;
|
|
|
|
return vcap_rule_mod_key(rule, key, VCAP_FIELD_U32, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_mod_key_u32);
|
|
|
|
|
2023-10-24 12:59:35 +02:00
|
|
|
/* Remove a key field with value and mask in the rule */
|
|
|
|
int vcap_rule_rem_key(struct vcap_rule *rule, enum vcap_key_field key)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_client_keyfield *field;
|
|
|
|
|
|
|
|
field = vcap_find_keyfield(rule, key);
|
|
|
|
if (!field) {
|
|
|
|
pr_err("%s:%d: key %s is not in the rule\n",
|
|
|
|
__func__, __LINE__, vcap_keyfield_name(ri->vctrl, key));
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
/* Deallocate the key field */
|
|
|
|
list_del(&field->ctrl.list);
|
|
|
|
kfree(field);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_rem_key);
|
|
|
|
|
2023-08-30 17:31:07 +02:00
|
|
|
static int vcap_rule_mod_action(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field action,
|
|
|
|
enum vcap_field_type ftype,
|
|
|
|
struct vcap_client_actionfield_data *data)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield *field;
|
|
|
|
|
|
|
|
field = vcap_find_actionfield(rule, action);
|
|
|
|
if (!field)
|
|
|
|
return vcap_rule_add_action(rule, action, ftype, data);
|
|
|
|
memcpy(&field->data, data, sizeof(field->data));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Modify a 32 bit action field with value in the rule */
|
|
|
|
int vcap_rule_mod_action_u32(struct vcap_rule *rule,
|
|
|
|
enum vcap_action_field action,
|
|
|
|
u32 value)
|
|
|
|
{
|
|
|
|
struct vcap_client_actionfield_data data;
|
|
|
|
|
|
|
|
data.u32.value = value;
|
|
|
|
return vcap_rule_mod_action(rule, action, VCAP_FIELD_U32, &data);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_rule_mod_action_u32);
|
|
|
|
|
|
|
|
/* Drop keys in a keylist and any keys that are not supported by the keyset */
|
|
|
|
int vcap_filter_rule_keys(struct vcap_rule *rule,
|
|
|
|
enum vcap_key_field keylist[], int length,
|
|
|
|
bool drop_unsupported)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(rule);
|
|
|
|
struct vcap_client_keyfield *ckf, *next_ckf;
|
|
|
|
const struct vcap_field *fields;
|
|
|
|
enum vcap_key_field key;
|
|
|
|
int err = 0;
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
if (length > 0) {
|
|
|
|
err = -EEXIST;
|
|
|
|
list_for_each_entry_safe(ckf, next_ckf,
|
|
|
|
&ri->data.keyfields, ctrl.list) {
|
|
|
|
key = ckf->ctrl.key;
|
|
|
|
for (idx = 0; idx < length; ++idx)
|
|
|
|
if (key == keylist[idx]) {
|
|
|
|
list_del(&ckf->ctrl.list);
|
|
|
|
kfree(ckf);
|
|
|
|
idx++;
|
|
|
|
err = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (drop_unsupported) {
|
|
|
|
err = -EEXIST;
|
|
|
|
fields = vcap_keyfields(ri->vctrl, ri->admin->vtype,
|
|
|
|
rule->keyset);
|
|
|
|
if (!fields)
|
|
|
|
return err;
|
|
|
|
list_for_each_entry_safe(ckf, next_ckf,
|
|
|
|
&ri->data.keyfields, ctrl.list) {
|
|
|
|
key = ckf->ctrl.key;
|
|
|
|
if (fields[key].width == 0) {
|
|
|
|
list_del(&ckf->ctrl.list);
|
|
|
|
kfree(ckf);
|
|
|
|
err = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_filter_rule_keys);
|
|
|
|
|
2023-10-24 12:59:35 +02:00
|
|
|
/* Select the keyset from the list that results in the smallest rule size */
|
|
|
|
enum vcap_keyfield_set
|
|
|
|
vcap_select_min_rule_keyset(struct vcap_control *vctrl,
|
|
|
|
enum vcap_type vtype,
|
|
|
|
struct vcap_keyset_list *kslist)
|
|
|
|
{
|
|
|
|
enum vcap_keyfield_set ret = VCAP_KFS_NO_VALUE;
|
|
|
|
const struct vcap_set *kset;
|
|
|
|
int max = 100, idx;
|
|
|
|
|
|
|
|
for (idx = 0; idx < kslist->cnt; ++idx) {
|
|
|
|
kset = vcap_keyfieldset(vctrl, vtype, kslist->keysets[idx]);
|
|
|
|
if (!kset)
|
|
|
|
continue;
|
|
|
|
if (kset->sw_per_item >= max)
|
|
|
|
continue;
|
|
|
|
max = kset->sw_per_item;
|
|
|
|
ret = kslist->keysets[idx];
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_select_min_rule_keyset);
|
|
|
|
|
2023-08-30 17:31:07 +02:00
|
|
|
/* Make a full copy of an existing rule with a new rule id */
|
|
|
|
struct vcap_rule *vcap_copy_rule(struct vcap_rule *erule)
|
|
|
|
{
|
|
|
|
struct vcap_rule_internal *ri = to_intrule(erule);
|
|
|
|
struct vcap_client_actionfield *caf;
|
|
|
|
struct vcap_client_keyfield *ckf;
|
|
|
|
struct vcap_rule *rule;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = vcap_api_check(ri->vctrl);
|
|
|
|
if (err)
|
|
|
|
return ERR_PTR(err);
|
|
|
|
|
|
|
|
rule = vcap_alloc_rule(ri->vctrl, ri->ndev, ri->data.vcap_chain_id,
|
|
|
|
ri->data.user, ri->data.priority, 0);
|
|
|
|
if (IS_ERR(rule))
|
|
|
|
return rule;
|
|
|
|
|
|
|
|
list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list) {
|
|
|
|
/* Add a key duplicate in the new rule */
|
|
|
|
err = vcap_rule_add_key(rule,
|
|
|
|
ckf->ctrl.key,
|
|
|
|
ckf->ctrl.type,
|
|
|
|
&ckf->data);
|
|
|
|
if (err)
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
list_for_each_entry(caf, &ri->data.actionfields, ctrl.list) {
|
|
|
|
/* Add a action duplicate in the new rule */
|
|
|
|
err = vcap_rule_add_action(rule,
|
|
|
|
caf->ctrl.action,
|
|
|
|
caf->ctrl.type,
|
|
|
|
&caf->data);
|
|
|
|
if (err)
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
return rule;
|
|
|
|
err:
|
|
|
|
vcap_free_rule(rule);
|
|
|
|
return ERR_PTR(err);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(vcap_copy_rule);
|
|
|
|
|
|
|
|
#ifdef CONFIG_VCAP_KUNIT_TEST
|
|
|
|
#include "vcap_api_kunit.c"
|
|
|
|
#endif
|