Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/806213/?format=api
{ "id": 806213, "url": "http://patchwork.ozlabs.org/api/patches/806213/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/20170827110618.20599-2-saeedm@mellanox.com/", "project": { "id": 7, "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api", "name": "Linux network development", "link_name": "netdev", "list_id": "netdev.vger.kernel.org", "list_email": "netdev@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170827110618.20599-2-saeedm@mellanox.com>", "list_archive_url": null, "date": "2017-08-27T11:06:15", "name": "[net-next,1/4] net: Add SRIOV VGT+ support", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "f2e708adeda84563158b785b8080adc9c8fe5ea7", "submitter": { "id": 65299, "url": "http://patchwork.ozlabs.org/api/people/65299/?format=api", "name": "Saeed Mahameed", "email": "saeedm@mellanox.com" }, "delegate": { "id": 34, "url": "http://patchwork.ozlabs.org/api/users/34/?format=api", "username": "davem", "first_name": "David", "last_name": "Miller", "email": "davem@davemloft.net" }, "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/20170827110618.20599-2-saeedm@mellanox.com/mbox/", "series": [ { "id": 10, "url": "http://patchwork.ozlabs.org/api/series/10/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=10", "date": "2017-08-27T11:06:14", "name": "SRIOV VF VGT+ and violation counters support", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/10/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/806213/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/806213/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<netdev-owner@vger.kernel.org>", "X-Original-To": "patchwork-incoming@ozlabs.org", "Delivered-To": "patchwork-incoming@ozlabs.org", "Authentication-Results": "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)", "Received": [ "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xgCCf6KzWz9s7v\n\tfor <patchwork-incoming@ozlabs.org>;\n\tSun, 27 Aug 2017 21:21:50 +1000 (AEST)", "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1751300AbdH0LVn (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tSun, 27 Aug 2017 07:21:43 -0400", "from mail-il-dmz.mellanox.com ([193.47.165.129]:37289 \"EHLO\n\tmellanox.co.il\" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org\n\twith ESMTP id S1751132AbdH0LV3 (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Sun, 27 Aug 2017 07:21:29 -0400", "from Internal Mail-Server by MTLPINE2 (envelope-from\n\tsaeedm@mellanox.com)\n\twith ESMTPS (AES256-SHA encrypted); 27 Aug 2017 14:21:24 +0300", "from sws.mtl.labs.mlnx (reg-l-vrt-045-015.mtl.labs.mlnx\n\t[10.135.45.15])\n\tby labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v7RBLOYB028221;\n\tSun, 27 Aug 2017 14:21:24 +0300" ], "From": "Saeed Mahameed <saeedm@mellanox.com>", "To": "\"David S. Miller\" <davem@davemloft.net>", "Cc": "netdev@vger.kernel.org, Eugenia Emantayev <eugenia@mellanox.com>,\n\tMohamad Haj Yahia <mohamad@mellanox.com>,\n\tSaeed Mahameed <saeedm@mellanox.com>", "Subject": "[PATCH net-next 1/4] net: Add SRIOV VGT+ support", "Date": "Sun, 27 Aug 2017 14:06:15 +0300", "Message-Id": "<20170827110618.20599-2-saeedm@mellanox.com>", "X-Mailer": "git-send-email 2.13.0", "In-Reply-To": "<20170827110618.20599-1-saeedm@mellanox.com>", "References": "<20170827110618.20599-1-saeedm@mellanox.com>", "Sender": "netdev-owner@vger.kernel.org", "Precedence": "bulk", "List-ID": "<netdev.vger.kernel.org>", "X-Mailing-List": "netdev@vger.kernel.org" }, "content": "From: Mohamad Haj Yahia <mohamad@mellanox.com>\n\nVGT+ is a security feature that gives the administrator the ability of\ncontrolling the allowed vlan-ids list that can be transmitted/received\nfrom/to the VF.\nThe allowed vlan-ids list is called \"trunk\".\nAdmin can add/remove a range of allowed vlan-ids via iptool.\nExample:\nAfter this series of configuration :\n1) ip link set eth3 vf 0 trunk add 10 100 (allow vlan-id 10-100, default tpid 0x8100)\n2) ip link set eth3 vf 0 trunk add 105 proto 802.1q (allow vlan-id 105 tpid 0x8100)\n3) ip link set eth3 vf 0 trunk add 105 proto 802.1ad (allow vlan-id 105 tpid 0x88a8)\n4) ip link set eth3 vf 0 trunk rem 90 (block vlan-id 90)\n5) ip link set eth3 vf 0 trunk rem 50 60 (block vlan-ids 50-60)\n\nThe VF 0 can only communicate on vlan-ids: 10-49,61-89,91-100,105 with\ntpid 0x8100 and vlan-id 105 with tpid 0x88a8.\n\nFor this purpose we added the following netlink sr-iov commands:\n\n1) IFLA_VF_VLAN_RANGE: used to add/remove allowed vlan-ids range.\nWe added the ifla_vf_vlan_range struct to specify the range we want to\nadd/remove from the userspace.\nWe added ndo_add_vf_vlan_trunk_range and ndo_del_vf_vlan_trunk_range\nnetdev ops to add/remove allowed vlan-ids range in the netdev.\n\n2) IFLA_VF_VLAN_TRUNK: used to query the allowed vlan-ids trunk.\nWe added trunk bitmap to the ifla_vf_info struct to get the current\nallowed vlan-ids trunk from the netdev.\nWe added ifla_vf_vlan_trunk struct for sending the allowed vlan-ids\ntrunk to the userspace.\n\nSigned-off-by: Mohamad Haj Yahia <mohamad@mellanox.com>\nSigned-off-by: Eugenia Emantayev <eugenia@mellanox.com>\nSigned-off-by: Saeed Mahameed <saeedm@mellanox.com>\n---\n include/linux/if_link.h | 2 +\n include/linux/netdevice.h | 12 +++++\n include/uapi/linux/if_link.h | 20 ++++++++\n net/core/rtnetlink.c | 109 +++++++++++++++++++++++++++++++------------\n 4 files changed, 114 insertions(+), 29 deletions(-)", "diff": "diff --git a/include/linux/if_link.h b/include/linux/if_link.h\nindex 0b17c585b5cd..da70af27e42e 100644\n--- a/include/linux/if_link.h\n+++ b/include/linux/if_link.h\n@@ -25,6 +25,8 @@ struct ifla_vf_info {\n \t__u32 max_tx_rate;\n \t__u32 rss_query_en;\n \t__u32 trusted;\n+\t__u64 trunk_8021q[VF_VLAN_BITMAP];\n+\t__u64 trunk_8021ad[VF_VLAN_BITMAP];\n \t__be16 vlan_proto;\n };\n #endif /* _LINUX_IF_LINK_H */\ndiff --git a/include/linux/netdevice.h b/include/linux/netdevice.h\nindex c5475b37a631..10633cabc58f 100644\n--- a/include/linux/netdevice.h\n+++ b/include/linux/netdevice.h\n@@ -959,6 +959,10 @@ struct xfrmdev_ops {\n * Hash Key. This is needed since on some devices VF share this information\n * with PF and querying it may introduce a theoretical security risk.\n * int (*ndo_set_vf_rss_query_en)(struct net_device *dev, int vf, bool setting);\n+ * int (*ndo_add_vf_vlan_trunk_range)(struct net_device *dev, int vf,\n+ *\t\t\t\t u16 start_vid, u16 end_vid, __be16 proto);\n+ * int (*ndo_del_vf_vlan_trunk_range)(struct net_device *dev, int vf,\n+ *\t\t\t\t u16 start_vid, u16 end_vid, __be16 proto);\n * int (*ndo_get_vf_port)(struct net_device *dev, int vf, struct sk_buff *skb);\n * int (*ndo_setup_tc)(struct net_device *dev, enum tc_setup_type type,\n *\t\t void *type_data);\n@@ -1208,6 +1212,14 @@ struct net_device_ops {\n \tint\t\t\t(*ndo_set_vf_rss_query_en)(\n \t\t\t\t\t\t struct net_device *dev,\n \t\t\t\t\t\t int vf, bool setting);\n+\tint\t\t\t(*ndo_add_vf_vlan_trunk_range)(\n+\t\t\t\t\t\t struct net_device *dev,\n+\t\t\t\t\t\t int vf, u16 start_vid,\n+\t\t\t\t\t\t u16 end_vid, __be16 proto);\n+\tint\t\t\t(*ndo_del_vf_vlan_trunk_range)(\n+\t\t\t\t\t\t struct net_device *dev,\n+\t\t\t\t\t\t int vf, u16 start_vid,\n+\t\t\t\t\t\t u16 end_vid, __be16 proto);\n \tint\t\t\t(*ndo_setup_tc)(struct net_device *dev,\n \t\t\t\t\t\tenum tc_setup_type type,\n \t\t\t\t\t\tvoid *type_data);\ndiff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h\nindex 8d062c58d5cb..3aa895c5fbc1 100644\n--- a/include/uapi/linux/if_link.h\n+++ b/include/uapi/linux/if_link.h\n@@ -168,6 +168,8 @@ enum {\n #ifndef __KERNEL__\n #define IFLA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg))))\n #define IFLA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifinfomsg))\n+#define BITS_PER_BYTE 8\n+#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))\n #endif\n \n enum {\n@@ -645,6 +647,8 @@ enum {\n \tIFLA_VF_IB_NODE_GUID,\t/* VF Infiniband node GUID */\n \tIFLA_VF_IB_PORT_GUID,\t/* VF Infiniband port GUID */\n \tIFLA_VF_VLAN_LIST,\t/* nested list of vlans, option for QinQ */\n+\tIFLA_VF_VLAN_RANGE,\t/* add/delete vlan range filtering */\n+\tIFLA_VF_VLAN_TRUNK,\t/* vlan trunk filtering */\n \t__IFLA_VF_MAX,\n };\n \n@@ -669,6 +673,7 @@ enum {\n \n #define IFLA_VF_VLAN_INFO_MAX (__IFLA_VF_VLAN_INFO_MAX - 1)\n #define MAX_VLAN_LIST_LEN 1\n+#define VF_VLAN_N_VID 4096\n \n struct ifla_vf_vlan_info {\n \t__u32 vf;\n@@ -677,6 +682,21 @@ struct ifla_vf_vlan_info {\n \t__be16 vlan_proto; /* VLAN protocol either 802.1Q or 802.1ad */\n };\n \n+struct ifla_vf_vlan_range {\n+\t__u32 vf;\n+\t__u32 start_vid; /* 1 - 4095 */\n+\t__u32 end_vid; /* 1 - 4095 */\n+\t__u32 setting;\n+\t__be16 vlan_proto; /* VLAN protocol either 802.1Q or 802.1ad */\n+};\n+\n+#define VF_VLAN_BITMAP\tDIV_ROUND_UP(VF_VLAN_N_VID, sizeof(__u64) * BITS_PER_BYTE)\n+struct ifla_vf_vlan_trunk {\n+\t__u32 vf;\n+\t__u64 allowed_vlans_8021q_bm[VF_VLAN_BITMAP];\n+\t__u64 allowed_vlans_8021ad_bm[VF_VLAN_BITMAP];\n+};\n+\n struct ifla_vf_tx_rate {\n \t__u32 vf;\n \t__u32 rate; /* Max TX bandwidth in Mbps, 0 disables throttling */\ndiff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c\nindex a78fd61da0ec..56909f11d88e 100644\n--- a/net/core/rtnetlink.c\n+++ b/net/core/rtnetlink.c\n@@ -827,6 +827,7 @@ static inline int rtnl_vfinfo_size(const struct net_device *dev,\n \t\t\t nla_total_size(MAX_VLAN_LIST_LEN *\n \t\t\t\t\tsizeof(struct ifla_vf_vlan_info)) +\n \t\t\t nla_total_size(sizeof(struct ifla_vf_spoofchk)) +\n+\t\t\t nla_total_size(sizeof(struct ifla_vf_vlan_trunk)) +\n \t\t\t nla_total_size(sizeof(struct ifla_vf_tx_rate)) +\n \t\t\t nla_total_size(sizeof(struct ifla_vf_rate)) +\n \t\t\t nla_total_size(sizeof(struct ifla_vf_link_state)) +\n@@ -1098,31 +1099,43 @@ static noinline_for_stack int rtnl_fill_vfinfo(struct sk_buff *skb,\n \tstruct ifla_vf_link_state vf_linkstate;\n \tstruct ifla_vf_vlan_info vf_vlan_info;\n \tstruct ifla_vf_spoofchk vf_spoofchk;\n+\tstruct ifla_vf_vlan_trunk *vf_trunk;\n \tstruct ifla_vf_tx_rate vf_tx_rate;\n \tstruct ifla_vf_stats vf_stats;\n \tstruct ifla_vf_trust vf_trust;\n \tstruct ifla_vf_vlan vf_vlan;\n \tstruct ifla_vf_rate vf_rate;\n \tstruct ifla_vf_mac vf_mac;\n-\tstruct ifla_vf_info ivi;\n+\tstruct ifla_vf_info *ivi;\n \n-\tmemset(&ivi, 0, sizeof(ivi));\n+\tivi = kzalloc(sizeof(*ivi), GFP_KERNEL);\n+\tif (!ivi)\n+\t\treturn -ENOMEM;\n+\n+\tvf_trunk = kzalloc(sizeof(*vf_trunk), GFP_KERNEL);\n+\tif (!vf_trunk) {\n+\t\tkfree(ivi);\n+\t\treturn -ENOMEM;\n+\t}\n \n \t/* Not all SR-IOV capable drivers support the\n \t * spoofcheck and \"RSS query enable\" query. Preset to\n \t * -1 so the user space tool can detect that the driver\n \t * didn't report anything.\n \t */\n-\tivi.spoofchk = -1;\n-\tivi.rss_query_en = -1;\n-\tivi.trusted = -1;\n+\tivi->spoofchk = -1;\n+\tivi->rss_query_en = -1;\n+\tivi->trusted = -1;\n+\tmemset(ivi->mac, 0, sizeof(ivi->mac));\n+\tmemset(ivi->trunk_8021q, 0, sizeof(ivi->trunk_8021q));\n+\tmemset(ivi->trunk_8021ad, 0, sizeof(ivi->trunk_8021ad));\n \t/* The default value for VF link state is \"auto\"\n \t * IFLA_VF_LINK_STATE_AUTO which equals zero\n \t */\n-\tivi.linkstate = 0;\n+\tivi->linkstate = 0;\n \t/* VLAN Protocol by default is 802.1Q */\n-\tivi.vlan_proto = htons(ETH_P_8021Q);\n-\tif (dev->netdev_ops->ndo_get_vf_config(dev, vfs_num, &ivi))\n+\tivi->vlan_proto = htons(ETH_P_8021Q);\n+\tif (dev->netdev_ops->ndo_get_vf_config(dev, vfs_num, ivi))\n \t\treturn 0;\n \n \tmemset(&vf_vlan_info, 0, sizeof(vf_vlan_info));\n@@ -1135,21 +1148,24 @@ static noinline_for_stack int rtnl_fill_vfinfo(struct sk_buff *skb,\n \t\tvf_spoofchk.vf =\n \t\tvf_linkstate.vf =\n \t\tvf_rss_query_en.vf =\n-\t\tvf_trust.vf = ivi.vf;\n-\n-\tmemcpy(vf_mac.mac, ivi.mac, sizeof(ivi.mac));\n-\tvf_vlan.vlan = ivi.vlan;\n-\tvf_vlan.qos = ivi.qos;\n-\tvf_vlan_info.vlan = ivi.vlan;\n-\tvf_vlan_info.qos = ivi.qos;\n-\tvf_vlan_info.vlan_proto = ivi.vlan_proto;\n-\tvf_tx_rate.rate = ivi.max_tx_rate;\n-\tvf_rate.min_tx_rate = ivi.min_tx_rate;\n-\tvf_rate.max_tx_rate = ivi.max_tx_rate;\n-\tvf_spoofchk.setting = ivi.spoofchk;\n-\tvf_linkstate.link_state = ivi.linkstate;\n-\tvf_rss_query_en.setting = ivi.rss_query_en;\n-\tvf_trust.setting = ivi.trusted;\n+\t\tvf_trunk->vf =\n+\t\tvf_trust.vf = ivi->vf;\n+\n+\tmemcpy(vf_mac.mac, ivi->mac, sizeof(ivi->mac));\n+\tmemcpy(vf_trunk->allowed_vlans_8021q_bm, ivi->trunk_8021q, sizeof(ivi->trunk_8021q));\n+\tmemcpy(vf_trunk->allowed_vlans_8021ad_bm, ivi->trunk_8021ad, sizeof(ivi->trunk_8021ad));\n+\tvf_vlan.vlan = ivi->vlan;\n+\tvf_vlan.qos = ivi->qos;\n+\tvf_vlan_info.vlan = ivi->vlan;\n+\tvf_vlan_info.qos = ivi->qos;\n+\tvf_vlan_info.vlan_proto = ivi->vlan_proto;\n+\tvf_tx_rate.rate = ivi->max_tx_rate;\n+\tvf_rate.min_tx_rate = ivi->min_tx_rate;\n+\tvf_rate.max_tx_rate = ivi->max_tx_rate;\n+\tvf_spoofchk.setting = ivi->spoofchk;\n+\tvf_linkstate.link_state = ivi->linkstate;\n+\tvf_rss_query_en.setting = ivi->rss_query_en;\n+\tvf_trust.setting = ivi->trusted;\n \tvf = nla_nest_start(skb, IFLA_VF_INFO);\n \tif (!vf)\n \t\tgoto nla_put_vfinfo_failure;\n@@ -1167,7 +1183,9 @@ static noinline_for_stack int rtnl_fill_vfinfo(struct sk_buff *skb,\n \t\t sizeof(vf_rss_query_en),\n \t\t &vf_rss_query_en) ||\n \t nla_put(skb, IFLA_VF_TRUST,\n-\t\t sizeof(vf_trust), &vf_trust))\n+\t\t sizeof(vf_trust), &vf_trust) ||\n+\t nla_put(skb, IFLA_VF_VLAN_TRUNK,\n+\t\t sizeof(*vf_trunk), vf_trunk))\n \t\tgoto nla_put_vf_failure;\n \tvfvlanlist = nla_nest_start(skb, IFLA_VF_VLAN_LIST);\n \tif (!vfvlanlist)\n@@ -1202,12 +1220,16 @@ static noinline_for_stack int rtnl_fill_vfinfo(struct sk_buff *skb,\n \t}\n \tnla_nest_end(skb, vfstats);\n \tnla_nest_end(skb, vf);\n+\tkfree(vf_trunk);\n+\tkfree(ivi);\n \treturn 0;\n \n nla_put_vf_failure:\n \tnla_nest_cancel(skb, vf);\n nla_put_vfinfo_failure:\n \tnla_nest_cancel(skb, vfinfo);\n+\tkfree(vf_trunk);\n+\tkfree(ivi);\n \treturn -EMSGSIZE;\n }\n \n@@ -1784,6 +1806,26 @@ static int do_setvfinfo(struct net_device *dev, struct nlattr **tb)\n \t\t\treturn err;\n \t}\n \n+\tif (tb[IFLA_VF_VLAN_RANGE]) {\n+\t\tstruct ifla_vf_vlan_range *ivvr =\n+\t\t\t\t\tnla_data(tb[IFLA_VF_VLAN_RANGE]);\n+\t\tbool add = !!ivvr->setting;\n+\n+\t\terr = -EOPNOTSUPP;\n+\t\tif (add && ops->ndo_add_vf_vlan_trunk_range)\n+\t\t\terr = ops->ndo_add_vf_vlan_trunk_range(dev, ivvr->vf,\n+\t\t\t\t\t\t\t ivvr->start_vid,\n+\t\t\t\t\t\t\t ivvr->end_vid,\n+\t\t\t\t\t\t\t ivvr->vlan_proto);\n+\t\telse if (!add && ops->ndo_del_vf_vlan_trunk_range)\n+\t\t\terr = ops->ndo_del_vf_vlan_trunk_range(dev, ivvr->vf,\n+\t\t\t\t\t\t\t ivvr->start_vid,\n+\t\t\t\t\t\t\t ivvr->end_vid,\n+\t\t\t\t\t\t\t ivvr->vlan_proto);\n+\t\tif (err < 0)\n+\t\t\treturn err;\n+\t}\n+\n \tif (tb[IFLA_VF_VLAN_LIST]) {\n \t\tstruct ifla_vf_vlan_info *ivvl[MAX_VLAN_LIST_LEN];\n \t\tstruct nlattr *attr;\n@@ -1815,21 +1857,30 @@ static int do_setvfinfo(struct net_device *dev, struct nlattr **tb)\n \n \tif (tb[IFLA_VF_TX_RATE]) {\n \t\tstruct ifla_vf_tx_rate *ivt = nla_data(tb[IFLA_VF_TX_RATE]);\n-\t\tstruct ifla_vf_info ivf;\n+\t\tstruct ifla_vf_info *ivf;\n+\n+\t\tivf = kzalloc(sizeof(*ivf), GFP_KERNEL);\n+\t\tif (!ivf)\n+\t\t\treturn -ENOMEM;\n \n \t\terr = -EOPNOTSUPP;\n \t\tif (ops->ndo_get_vf_config)\n-\t\t\terr = ops->ndo_get_vf_config(dev, ivt->vf, &ivf);\n-\t\tif (err < 0)\n+\t\t\terr = ops->ndo_get_vf_config(dev, ivt->vf, ivf);\n+\t\tif (err < 0) {\n+\t\t\tkfree(ivf);\n \t\t\treturn err;\n+\t\t}\n \n \t\terr = -EOPNOTSUPP;\n \t\tif (ops->ndo_set_vf_rate)\n \t\t\terr = ops->ndo_set_vf_rate(dev, ivt->vf,\n-\t\t\t\t\t\t ivf.min_tx_rate,\n+\t\t\t\t\t\t ivf->min_tx_rate,\n \t\t\t\t\t\t ivt->rate);\n-\t\tif (err < 0)\n+\t\tif (err < 0) {\n+\t\t\tkfree(ivf);\n \t\t\treturn err;\n+\t\t}\n+\t\tkfree(ivf);\n \t}\n \n \tif (tb[IFLA_VF_RATE]) {\n", "prefixes": [ "net-next", "1/4" ] }