[net-next,00/16] mlxsw: Introduce ACL traps

Message ID	20200224073558.26500-1-jiri@resnulli.us
Headers	show Return-Path: <netdev-owner@vger.kernel.org> From: Jiri Pirko <jiri@resnulli.us> To: netdev@vger.kernel.org Cc: davem@davemloft.net, kuba@kernel.org, idosch@mellanox.com, mlxsw@mellanox.com Subject: [patch net-next 00/16] mlxsw: Introduce ACL traps Date: Mon, 24 Feb 2020 08:35:42 +0100 Message-Id: <20200224073558.26500-1-jiri@resnulli.us> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk
Series	mlxsw: Introduce ACL traps \| expand [net-next,00/16] mlxsw: Introduce ACL traps [net-next,01/16] mlxsw: spectrum_trap: Set unreg_action to be SET_FW_DEFAULT [net-next,02/16] mlxsw: core: Allow to register disabled traps using MLXSW_RXL_DIS [net-next,03/16] mlxsw: spectrum_trap: Use listener->en/dis_action instead of hard-coded values [net-next,04/16] mlxsw: spectrum_trap: Prepare mlxsw_core_trap_action_set() to handle not only acti… [net-next,05/16] devlink: add ACL generic packet traps [net-next,06/16] mlxsw: spectrum_acl: Track ingress and egress block bindings [net-next,07/16] mlxsw: spectrum_flower: Disable mixed bound blocks to contain action drop [net-next,08/16] mlxsw: spectrum_acl: Pass the ingress indication down to flex action [net-next,09/16] mlxsw: acl_flex_actions: Trap all ACL dropped packets to DISCARD__ACL traps [net-next,10/16] mlxsw: core: Allow to enable/disable rx_listener for trap [net-next,11/16] mlxsw: core: Extend MLXSW_RXL_DIS to register disabled trap group [net-next,12/16] mlxsw: spectrum_trap: Introduce dummy group with thin policer [net-next,13/16] mlxsw: spectrum_trap: Add ACL devlink-trap support [net-next,14/16] selftests: introduce test for mlxsw tc flower restrictions [net-next,15/16] selftests: pass pref and handle to devlink_trap_drop_ helpers [net-next,16/16] selftests: devlink_trap_acl_drops: Add ACL traps test

Message ID

20200224073558.26500-1-jiri@resnulli.us

Headers

From: Jiri Pirko <jiri@resnulli.us>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, kuba@kernel.org, idosch@mellanox.com,
	mlxsw@mellanox.com
Subject: [patch net-next 00/16] mlxsw: Introduce ACL traps
Date: Mon, 24 Feb 2020 08:35:42 +0100
Message-Id: <20200224073558.26500-1-jiri@resnulli.us>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Series

mlxsw: Introduce ACL traps | expand

Message

Jiri Pirko Feb. 24, 2020, 7:35 a.m. UTC

From: Jiri Pirko <jiri@mellanox.com>

This patchset allows to track packets that are dropped in HW by ACL.

Unlike the existing mlxsw traps, ACL traps are "source traps".
That means the action is not controlled by HPKT register but directly
in ACL TRAP action. When devlink user changes action from drop to trap
and vice versa, it would be needed to go over all instances of ACL TRAP
action and do change. That does not scale. Instead, resolve this
by introducing "dummy" group with "thin" policer. The purpose of
this policer is to drop as many packets as possible. The ones
that pass through are going to be dropped in devlink code - patch #6
takes care of that.

First four patches are preparation for introduction of ACL traps in mlxsw
so it possible to easily change from drop to trap for source traps
as well - by changing group to "dummy" and back.

Jiri Pirko (16):
  mlxsw: spectrum_trap: Set unreg_action to be SET_FW_DEFAULT
  mlxsw: core: Allow to register disabled traps using MLXSW_RXL_DIS
  mlxsw: spectrum_trap: Use listener->en/dis_action instead of
    hard-coded values
  mlxsw: spectrum_trap: Prepare mlxsw_core_trap_action_set() to handle
    not only action
  devlink: add ACL generic packet traps
  mlxsw: spectrum_acl: Track ingress and egress block bindings
  mlxsw: spectrum_flower: Disable mixed bound blocks to contain action
    drop
  mlxsw: spectrum_acl: Pass the ingress indication down to flex action
  mlxsw: acl_flex_actions: Trap all ACL dropped packets to DISCARD_*_ACL
    traps
  mlxsw: core: Allow to enable/disable rx_listener for trap
  mlxsw: core: Extend MLXSW_RXL_DIS to register disabled trap group
  mlxsw: spectrum_trap: Introduce dummy group with thin policer
  mlxsw: spectrum_trap: Add ACL devlink-trap support
  selftests: introduce test for mlxsw tc flower restrictions
  selftests: pass pref and handle to devlink_trap_drop_* helpers
  selftests: devlink_trap_acl_drops: Add ACL traps test

 .../networking/devlink/devlink-trap.rst       |   9 ++
 drivers/net/ethernet/mellanox/mlxsw/core.c    |  77 ++++++---
 drivers/net/ethernet/mellanox/mlxsw/core.h    |  83 ++++++----
 .../mellanox/mlxsw/core_acl_flex_actions.c    |   8 +-
 .../mellanox/mlxsw/core_acl_flex_actions.h    |   2 +-
 drivers/net/ethernet/mellanox/mlxsw/reg.h     |   2 +
 .../net/ethernet/mellanox/mlxsw/spectrum.h    |   9 +-
 .../ethernet/mellanox/mlxsw/spectrum_acl.c    |  37 ++++-
 .../ethernet/mellanox/mlxsw/spectrum_flower.c |  21 ++-
 .../ethernet/mellanox/mlxsw/spectrum_trap.c   |  59 +++++--
 drivers/net/ethernet/mellanox/mlxsw/trap.h    |   2 +
 include/net/devlink.h                         |   9 ++
 net/core/devlink.c                            |   3 +
 .../net/mlxsw/devlink_trap_acl_drops.sh       | 151 ++++++++++++++++++
 .../net/mlxsw/devlink_trap_l2_drops.sh        |  28 ++--
 .../net/mlxsw/devlink_trap_l3_drops.sh        |  44 ++---
 .../net/mlxsw/devlink_trap_tunnel_vxlan.sh    |   4 +-
 .../net/mlxsw/tc_flower_restrictions.sh       | 100 ++++++++++++
 .../selftests/net/forwarding/devlink_lib.sh   |   7 +-
 19 files changed, 539 insertions(+), 116 deletions(-)
 create mode 100755 tools/testing/selftests/drivers/net/mlxsw/devlink_trap_acl_drops.sh
 create mode 100755 tools/testing/selftests/drivers/net/mlxsw/tc_flower_restrictions.sh

Comments

David Miller Feb. 24, 2020, 7:55 p.m. UTC | #1

From: Jiri Pirko <jiri@resnulli.us>
Date: Mon, 24 Feb 2020 08:35:42 +0100

> This patchset allows to track packets that are dropped in HW by ACL.
> 
> Unlike the existing mlxsw traps, ACL traps are "source traps".
> That means the action is not controlled by HPKT register but directly
> in ACL TRAP action. When devlink user changes action from drop to trap
> and vice versa, it would be needed to go over all instances of ACL TRAP
> action and do change. That does not scale. Instead, resolve this
> by introducing "dummy" group with "thin" policer. The purpose of
> this policer is to drop as many packets as possible. The ones
> that pass through are going to be dropped in devlink code - patch #6
> takes care of that.
> 
> First four patches are preparation for introduction of ACL traps in mlxsw
> so it possible to easily change from drop to trap for source traps
> as well - by changing group to "dummy" and back.

Looks good, series applied, thanks Jiri.