From patchwork Tue May 16 22:59:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tony Duan X-Patchwork-Id: 1782373 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=Nvidia.com header.i=@Nvidia.com header.a=rsa-sha256 header.s=selector2 header.b=GtMn2wLm; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QLWtH5HdKz20dn for ; Wed, 17 May 2023 09:00:39 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1pz3ef-0008Mx-Mt; Tue, 16 May 2023 23:00:29 +0000 Received: from mail-co1nam11on2073.outbound.protection.outlook.com ([40.107.220.73] helo=NAM11-CO1-obe.outbound.protection.outlook.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1pz3ec-0008JJ-RX for kernel-team@lists.ubuntu.com; Tue, 16 May 2023 23:00:27 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QRb9Ti+2MUytz4Sz/dYiV2PFR71DzhIHEfDamnNjpORP9+6XTzNxrP7BhpFUc4zRbKtHSfWstRSf1AFGggYMsoOyrSJj2Z/FqO9eLhf8Hd2gZckfyOlMzVrm0xCh5VdF9ju4XUsw6xTB4jrCocqaqIzcVXZvcnWuhVjNSBkOpXdvMNlQDUO7GG4iEd9ynHlmMsNroBqtjDrOz+M6jmM5VLOfmUZUqKx2FxLJL0+DNhBDF39CTglsqNpr8px11cz+aOvxuyf8c49WJR3SIWD95eI6pKlI5b6dMF4xYwrVA+dJ7qFyHolumbdBcp3O6Vvqcyd2qrW4lekPJ9y0YuYgGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AD748EAEds5M+PJgUIct87RnT5bMCxFJbHbO/YSMnSg=; b=QXTcXP0r9R/JRmL/lNFmCsVILmT4TMR7vmGaXiZUh2wByjZQfJhbZy6f64tlizc5vBoa4xiRHxrrEnE9XMKbLAHyIb99sZ5Ah/8rbBSezji9XxN/JX9qhGN+v6nXTHHf3jjUOE+WD02bkProlLlY0yjuYuP1EZMTTnd0V9NW54P9hJh5g//12BMszpHPmk7NtefQSwSLw3o1x8QAlBVo8vXqsh9PoTfE4h7hFSAmDLV7FUXmXwDeLwHI8x7NPda3RTRuupRK/9WPzjYUT2N+uv8PABEaGCj367Z19j6ytsQEmewqYzNdHaMdRBO9EWonQFhgHu43/I0FUC9rKy+13g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=canonical.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AD748EAEds5M+PJgUIct87RnT5bMCxFJbHbO/YSMnSg=; b=GtMn2wLmPyFKcyig7qM3AK0zjrimA3DFKVqEFeoEcytlcgsoQgOnBL18jRmFM/nYjAmWQ1mSjbCCE51QYqA7RFZLRsy8KGMH7uU4uifuTYEeKKKt0t1UtE9WEfe4RSLoqiMDTc77C8vYbyTyuxLEntYDdt5GsjZqZVYYspmqnaiTMH4Yh6vnt28PbniekMeGWO+bt4aZgTC7krKGqvxLhHSgy8N4TlpXMxCqOkFFEcOZ+0paRgxQATpAxMSUua0jl9vowmrsE92m70NgpY2ZUKTe9I/L1we5UQHE24j2IJMu8ldRZARvMGHG6eJZoYjIDhtZOndlOTpSPC09AoWt3w== Received: from BYAPR02CA0047.namprd02.prod.outlook.com (2603:10b6:a03:54::24) by SJ0PR12MB6735.namprd12.prod.outlook.com (2603:10b6:a03:479::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.30; Tue, 16 May 2023 23:00:23 +0000 Received: from CO1NAM11FT006.eop-nam11.prod.protection.outlook.com (2603:10b6:a03:54:cafe::c8) by BYAPR02CA0047.outlook.office365.com (2603:10b6:a03:54::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.33 via Frontend Transport; Tue, 16 May 2023 23:00:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by CO1NAM11FT006.mail.protection.outlook.com (10.13.174.246) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6411.17 via Frontend Transport; Tue, 16 May 2023 23:00:23 +0000 Received: from rnnvmail204.nvidia.com (10.129.68.6) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Tue, 16 May 2023 16:00:09 -0700 Received: from rnnvmail204.nvidia.com (10.129.68.6) by rnnvmail204.nvidia.com (10.129.68.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Tue, 16 May 2023 16:00:09 -0700 Received: from mtl123.mtl.labs.mlnx (10.127.8.10) by mail.nvidia.com (10.129.68.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37 via Frontend Transport; Tue, 16 May 2023 16:00:08 -0700 Received: from sw-mtx-008.mtx.labs.mlnx. (sw-mtx-008.mtx.labs.mlnx [10.9.150.35]) by mtl123.mtl.labs.mlnx (8.14.4/8.14.4) with ESMTP id 34GMxxSh019536; Wed, 17 May 2023 02:00:05 +0300 From: Tony Duan To: Subject: [SRU][J:linux-bluefield][PATCH v2 03/10] netfilter: flowtable: allow unidirectional rules Date: Tue, 16 May 2023 17:59:52 -0500 Message-ID: <1684277999-18029-4-git-send-email-yifeid@nvidia.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1684277999-18029-1-git-send-email-yifeid@nvidia.com> References: <1684277999-18029-1-git-send-email-yifeid@nvidia.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT006:EE_|SJ0PR12MB6735:EE_ X-MS-Office365-Filtering-Correlation-Id: 6a26d0d4-1dc7-4190-a436-08db56615483 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: phgeosg3WTKb/Ku4/HVxr+80MM/MxO8tB8/PBOpBLQaC+qY8aiZwGn1h7tV/mVORyJ0JJMTy5dMC40+T3EO2yrWznHGwlQCAzfOgSKB7K18YqaO3gU6DPJsUF3CGyU4GvNx/vGe4fRGm2WgCpFpgGioX96C4y8DdmwWLQ7J8GaRbM8ssVFC2RABxERCR1kyWuXI9+RonpwBcYWiicD8EBaQXyyXUnerygxuJ+m8ZA82LB4KukdtM9NRwIvD1H7PNR9kVDK+oxUDKRvk26mxU5OlFDNbpF7RMH6ez2famalq63W3GGeFRe6CU52dQDl/Tyw1dScvDJ5fKiSDbkpuq4DKv+HTdFhunxA41Q4Q01nyQDii/SHMYauzYgqTcXy6Fp8gjsCy7M5wMzlqo8mXRqr1dhLzN0IGXox6sxGj3rrGQpFm6E+tMRMR5XFdqsC/QiLGK1FqHQM78yUzygvzd2RV37E+TIQeZpXHrrvew3S+pBzp3THcg9B46I+UQ1f++r8A7WTXW14gznDGBW8AUZQBjXorz85AJDKzJQIUCWlG8y2mtLpQPLR9wkKGvenfVGhuBTVKwIycPFpquJzwMoIpCY6O5gPTDWBUttkz2pOfwjDIBaOBtMKROZJRwMKTWof63TaB5QVrjdPpumVmehyqRIb8Yi8f59xqrZo/D8so0EziZvj4UJu/SQ3hLLYRQ81Pihsn9um/o+uFZSo0jglpYskj1nIYr087nvytrwUTvBsO0p3yc5gNkWEUZesKO+FNk03PlciFj5T8s8v2RvYSeaAWsfveMJmc6ghSIPUs= X-Forefront-Antispam-Report: CIP:216.228.117.160; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge1.nvidia.com; CAT:NONE; SFS:(13230028)(4636009)(396003)(346002)(136003)(376002)(39860400002)(451199021)(36840700001)(40470700004)(46966006)(36756003)(2906002)(40460700003)(356005)(7636003)(316002)(5660300002)(8676002)(8936002)(82310400005)(41300700001)(40480700001)(36860700001)(6666004)(478600001)(336012)(26005)(186003)(86362001)(2616005)(966005)(6916009)(47076005)(4326008)(70586007)(83380400001)(70206006)(82740400003)(54906003); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 May 2023 23:00:23.1693 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6a26d0d4-1dc7-4190-a436-08db56615483 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.160]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT006.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6735 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: bodong@nvidia.com, vlad@nvidia.com, cascardo@canonical.com, dann.frazier@canonical.com Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Vlad Buslov BugLink: https://bugs.launchpad.net/bugs/2019264 Modify flow table offload to support unidirectional connections by extending enum nf_flow_flags with new "NF_FLOW_HW_BIDIRECTIONAL" flag. Only offload reply direction when the flag is set. This infrastructure change is necessary to support offloading UDP NEW connections in original direction in following patches in series. Signed-off-by: Vlad Buslov Signed-off-by: David S. Miller (cherry picked from commit 8f84780b84d645d6e35467f4a6f3236b20d7f4b2) Signed-off-by: Paul Blakey Signed-off-by: Tony Duan --- include/net/netfilter/nf_flow_table.h | 1 + net/netfilter/nf_flow_table_offload.c | 12 ++++++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h index 9c93e49..aa50136 100644 --- a/include/net/netfilter/nf_flow_table.h +++ b/include/net/netfilter/nf_flow_table.h @@ -164,6 +164,7 @@ enum nf_flow_flags { NF_FLOW_HW_DYING, NF_FLOW_HW_DEAD, NF_FLOW_HW_PENDING, + NF_FLOW_HW_BIDIRECTIONAL, }; enum flow_offload_type { diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c index fdbc9fb..2e93a36 100644 --- a/net/netfilter/nf_flow_table_offload.c +++ b/net/netfilter/nf_flow_table_offload.c @@ -886,8 +886,9 @@ static int flow_offload_rule_add(struct flow_offload_work *offload, ok_count += flow_offload_tuple_add(offload, flow_rule[0], FLOW_OFFLOAD_DIR_ORIGINAL); - ok_count += flow_offload_tuple_add(offload, flow_rule[1], - FLOW_OFFLOAD_DIR_REPLY); + if (test_bit(NF_FLOW_HW_BIDIRECTIONAL, &offload->flow->flags)) + ok_count += flow_offload_tuple_add(offload, flow_rule[1], + FLOW_OFFLOAD_DIR_REPLY); if (ok_count == 0) return -ENOENT; @@ -917,7 +918,8 @@ static void flow_offload_work_del(struct flow_offload_work *offload) { clear_bit(IPS_HW_OFFLOAD_BIT, &offload->flow->ct->status); flow_offload_tuple_del(offload, FLOW_OFFLOAD_DIR_ORIGINAL); - flow_offload_tuple_del(offload, FLOW_OFFLOAD_DIR_REPLY); + if (test_bit(NF_FLOW_HW_BIDIRECTIONAL, &offload->flow->flags)) + flow_offload_tuple_del(offload, FLOW_OFFLOAD_DIR_REPLY); set_bit(NF_FLOW_HW_DEAD, &offload->flow->flags); } @@ -936,7 +938,9 @@ static void flow_offload_work_stats(struct flow_offload_work *offload) u64 lastused; flow_offload_tuple_stats(offload, FLOW_OFFLOAD_DIR_ORIGINAL, &stats[0]); - flow_offload_tuple_stats(offload, FLOW_OFFLOAD_DIR_REPLY, &stats[1]); + if (test_bit(NF_FLOW_HW_BIDIRECTIONAL, &offload->flow->flags)) + flow_offload_tuple_stats(offload, FLOW_OFFLOAD_DIR_REPLY, + &stats[1]); lastused = max_t(u64, stats[0].lastused, stats[1].lastused); offload->flow->timeout = max_t(u64, offload->flow->timeout,