1 // SPDX-License-Identifier: BSD-3-Clause OR GPL-2.0
2 /* Copyright (c) 2017-2018 Mellanox Technologies. All rights reserved */
3 
4 #include <net/ip_tunnels.h>
5 #include <net/ip6_tunnel.h>
6 
7 #include "spectrum_ipip.h"
8 
9 struct ip_tunnel_parm
10 mlxsw_sp_ipip_netdev_parms4(const struct net_device *ol_dev)
11 {
12 	struct ip_tunnel *tun = netdev_priv(ol_dev);
13 
14 	return tun->parms;
15 }
16 
17 struct __ip6_tnl_parm
18 mlxsw_sp_ipip_netdev_parms6(const struct net_device *ol_dev)
19 {
20 	struct ip6_tnl *tun = netdev_priv(ol_dev);
21 
22 	return tun->parms;
23 }
24 
25 static bool mlxsw_sp_ipip_parms4_has_ikey(struct ip_tunnel_parm parms)
26 {
27 	return !!(parms.i_flags & TUNNEL_KEY);
28 }
29 
30 static bool mlxsw_sp_ipip_parms4_has_okey(struct ip_tunnel_parm parms)
31 {
32 	return !!(parms.o_flags & TUNNEL_KEY);
33 }
34 
35 static u32 mlxsw_sp_ipip_parms4_ikey(struct ip_tunnel_parm parms)
36 {
37 	return mlxsw_sp_ipip_parms4_has_ikey(parms) ?
38 		be32_to_cpu(parms.i_key) : 0;
39 }
40 
41 static u32 mlxsw_sp_ipip_parms4_okey(struct ip_tunnel_parm parms)
42 {
43 	return mlxsw_sp_ipip_parms4_has_okey(parms) ?
44 		be32_to_cpu(parms.o_key) : 0;
45 }
46 
47 static union mlxsw_sp_l3addr
48 mlxsw_sp_ipip_parms4_saddr(struct ip_tunnel_parm parms)
49 {
50 	return (union mlxsw_sp_l3addr) { .addr4 = parms.iph.saddr };
51 }
52 
53 static union mlxsw_sp_l3addr
54 mlxsw_sp_ipip_parms6_saddr(struct __ip6_tnl_parm parms)
55 {
56 	return (union mlxsw_sp_l3addr) { .addr6 = parms.laddr };
57 }
58 
59 static union mlxsw_sp_l3addr
60 mlxsw_sp_ipip_parms4_daddr(struct ip_tunnel_parm parms)
61 {
62 	return (union mlxsw_sp_l3addr) { .addr4 = parms.iph.daddr };
63 }
64 
65 static union mlxsw_sp_l3addr
66 mlxsw_sp_ipip_parms6_daddr(struct __ip6_tnl_parm parms)
67 {
68 	return (union mlxsw_sp_l3addr) { .addr6 = parms.raddr };
69 }
70 
71 union mlxsw_sp_l3addr
72 mlxsw_sp_ipip_netdev_saddr(enum mlxsw_sp_l3proto proto,
73 			   const struct net_device *ol_dev)
74 {
75 	struct ip_tunnel_parm parms4;
76 	struct __ip6_tnl_parm parms6;
77 
78 	switch (proto) {
79 	case MLXSW_SP_L3_PROTO_IPV4:
80 		parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
81 		return mlxsw_sp_ipip_parms4_saddr(parms4);
82 	case MLXSW_SP_L3_PROTO_IPV6:
83 		parms6 = mlxsw_sp_ipip_netdev_parms6(ol_dev);
84 		return mlxsw_sp_ipip_parms6_saddr(parms6);
85 	}
86 
87 	WARN_ON(1);
88 	return (union mlxsw_sp_l3addr) {0};
89 }
90 
91 static __be32 mlxsw_sp_ipip_netdev_daddr4(const struct net_device *ol_dev)
92 {
93 
94 	struct ip_tunnel_parm parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
95 
96 	return mlxsw_sp_ipip_parms4_daddr(parms4).addr4;
97 }
98 
99 static union mlxsw_sp_l3addr
100 mlxsw_sp_ipip_netdev_daddr(enum mlxsw_sp_l3proto proto,
101 			   const struct net_device *ol_dev)
102 {
103 	struct ip_tunnel_parm parms4;
104 	struct __ip6_tnl_parm parms6;
105 
106 	switch (proto) {
107 	case MLXSW_SP_L3_PROTO_IPV4:
108 		parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
109 		return mlxsw_sp_ipip_parms4_daddr(parms4);
110 	case MLXSW_SP_L3_PROTO_IPV6:
111 		parms6 = mlxsw_sp_ipip_netdev_parms6(ol_dev);
112 		return mlxsw_sp_ipip_parms6_daddr(parms6);
113 	}
114 
115 	WARN_ON(1);
116 	return (union mlxsw_sp_l3addr) {0};
117 }
118 
119 bool mlxsw_sp_l3addr_is_zero(union mlxsw_sp_l3addr addr)
120 {
121 	union mlxsw_sp_l3addr naddr = {0};
122 
123 	return !memcmp(&addr, &naddr, sizeof(naddr));
124 }
125 
126 static int
127 mlxsw_sp_ipip_nexthop_update_gre4(struct mlxsw_sp *mlxsw_sp, u32 adj_index,
128 				  struct mlxsw_sp_ipip_entry *ipip_entry)
129 {
130 	u16 rif_index = mlxsw_sp_ipip_lb_rif_index(ipip_entry->ol_lb);
131 	__be32 daddr4 = mlxsw_sp_ipip_netdev_daddr4(ipip_entry->ol_dev);
132 	char ratr_pl[MLXSW_REG_RATR_LEN];
133 
134 	mlxsw_reg_ratr_pack(ratr_pl, MLXSW_REG_RATR_OP_WRITE_WRITE_ENTRY,
135 			    true, MLXSW_REG_RATR_TYPE_IPIP,
136 			    adj_index, rif_index);
137 	mlxsw_reg_ratr_ipip4_entry_pack(ratr_pl, be32_to_cpu(daddr4));
138 
139 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(ratr), ratr_pl);
140 }
141 
142 static int
143 mlxsw_sp_ipip_fib_entry_op_gre4_rtdp(struct mlxsw_sp *mlxsw_sp,
144 				     u32 tunnel_index,
145 				     struct mlxsw_sp_ipip_entry *ipip_entry)
146 {
147 	u16 rif_index = mlxsw_sp_ipip_lb_rif_index(ipip_entry->ol_lb);
148 	char rtdp_pl[MLXSW_REG_RTDP_LEN];
149 	struct ip_tunnel_parm parms;
150 	unsigned int type_check;
151 	bool has_ikey;
152 	u32 daddr4;
153 	u32 ikey;
154 
155 	parms = mlxsw_sp_ipip_netdev_parms4(ipip_entry->ol_dev);
156 	has_ikey = mlxsw_sp_ipip_parms4_has_ikey(parms);
157 	ikey = mlxsw_sp_ipip_parms4_ikey(parms);
158 
159 	mlxsw_reg_rtdp_pack(rtdp_pl, MLXSW_REG_RTDP_TYPE_IPIP, tunnel_index);
160 
161 	type_check = has_ikey ?
162 		MLXSW_REG_RTDP_IPIP_TYPE_CHECK_ALLOW_GRE_KEY :
163 		MLXSW_REG_RTDP_IPIP_TYPE_CHECK_ALLOW_GRE;
164 
165 	/* Linux demuxes tunnels based on packet SIP (which must match tunnel
166 	 * remote IP). Thus configure decap so that it filters out packets that
167 	 * are not IPv4 or have the wrong SIP. IPIP_DECAP_ERROR trap is
168 	 * generated for packets that fail this criterion. Linux then handles
169 	 * such packets in slow path and generates ICMP destination unreachable.
170 	 */
171 	daddr4 = be32_to_cpu(mlxsw_sp_ipip_netdev_daddr4(ipip_entry->ol_dev));
172 	mlxsw_reg_rtdp_ipip4_pack(rtdp_pl, rif_index,
173 				  MLXSW_REG_RTDP_IPIP_SIP_CHECK_FILTER_IPV4,
174 				  type_check, has_ikey, daddr4, ikey);
175 
176 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(rtdp), rtdp_pl);
177 }
178 
179 static int
180 mlxsw_sp_ipip_fib_entry_op_gre4_ralue(struct mlxsw_sp *mlxsw_sp,
181 				      u32 dip, u8 prefix_len, u16 ul_vr_id,
182 				      enum mlxsw_reg_ralue_op op,
183 				      u32 tunnel_index)
184 {
185 	char ralue_pl[MLXSW_REG_RALUE_LEN];
186 
187 	mlxsw_reg_ralue_pack4(ralue_pl, MLXSW_REG_RALXX_PROTOCOL_IPV4, op,
188 			      ul_vr_id, prefix_len, dip);
189 	mlxsw_reg_ralue_act_ip2me_tun_pack(ralue_pl, tunnel_index);
190 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(ralue), ralue_pl);
191 }
192 
193 static int mlxsw_sp_ipip_fib_entry_op_gre4(struct mlxsw_sp *mlxsw_sp,
194 					struct mlxsw_sp_ipip_entry *ipip_entry,
195 					enum mlxsw_reg_ralue_op op,
196 					u32 tunnel_index)
197 {
198 	u16 ul_vr_id = mlxsw_sp_ipip_lb_ul_vr_id(ipip_entry->ol_lb);
199 	__be32 dip;
200 	int err;
201 
202 	err = mlxsw_sp_ipip_fib_entry_op_gre4_rtdp(mlxsw_sp, tunnel_index,
203 						   ipip_entry);
204 	if (err)
205 		return err;
206 
207 	dip = mlxsw_sp_ipip_netdev_saddr(MLXSW_SP_L3_PROTO_IPV4,
208 					 ipip_entry->ol_dev).addr4;
209 	return mlxsw_sp_ipip_fib_entry_op_gre4_ralue(mlxsw_sp, be32_to_cpu(dip),
210 						     32, ul_vr_id, op,
211 						     tunnel_index);
212 }
213 
214 static bool mlxsw_sp_ipip_tunnel_complete(enum mlxsw_sp_l3proto proto,
215 					  const struct net_device *ol_dev)
216 {
217 	union mlxsw_sp_l3addr saddr = mlxsw_sp_ipip_netdev_saddr(proto, ol_dev);
218 	union mlxsw_sp_l3addr daddr = mlxsw_sp_ipip_netdev_daddr(proto, ol_dev);
219 
220 	/* Tunnels with unset local or remote address are valid in Linux and
221 	 * used for lightweight tunnels (LWT) and Non-Broadcast Multi-Access
222 	 * (NBMA) tunnels. In principle these can be offloaded, but the driver
223 	 * currently doesn't support this. So punt.
224 	 */
225 	return !mlxsw_sp_l3addr_is_zero(saddr) &&
226 	       !mlxsw_sp_l3addr_is_zero(daddr);
227 }
228 
229 static bool mlxsw_sp_ipip_can_offload_gre4(const struct mlxsw_sp *mlxsw_sp,
230 					   const struct net_device *ol_dev,
231 					   enum mlxsw_sp_l3proto ol_proto)
232 {
233 	struct ip_tunnel *tunnel = netdev_priv(ol_dev);
234 	__be16 okflags = TUNNEL_KEY; /* We can't offload any other features. */
235 	bool inherit_ttl = tunnel->parms.iph.ttl == 0;
236 	bool inherit_tos = tunnel->parms.iph.tos & 0x1;
237 
238 	return (tunnel->parms.i_flags & ~okflags) == 0 &&
239 	       (tunnel->parms.o_flags & ~okflags) == 0 &&
240 	       inherit_ttl && inherit_tos &&
241 	       mlxsw_sp_ipip_tunnel_complete(MLXSW_SP_L3_PROTO_IPV4, ol_dev);
242 }
243 
244 static struct mlxsw_sp_rif_ipip_lb_config
245 mlxsw_sp_ipip_ol_loopback_config_gre4(struct mlxsw_sp *mlxsw_sp,
246 				      const struct net_device *ol_dev)
247 {
248 	struct ip_tunnel_parm parms = mlxsw_sp_ipip_netdev_parms4(ol_dev);
249 	enum mlxsw_reg_ritr_loopback_ipip_type lb_ipipt;
250 
251 	lb_ipipt = mlxsw_sp_ipip_parms4_has_okey(parms) ?
252 		MLXSW_REG_RITR_LOOPBACK_IPIP_TYPE_IP_IN_GRE_KEY_IN_IP :
253 		MLXSW_REG_RITR_LOOPBACK_IPIP_TYPE_IP_IN_GRE_IN_IP;
254 	return (struct mlxsw_sp_rif_ipip_lb_config){
255 		.lb_ipipt = lb_ipipt,
256 		.okey = mlxsw_sp_ipip_parms4_okey(parms),
257 		.ul_protocol = MLXSW_SP_L3_PROTO_IPV4,
258 		.saddr = mlxsw_sp_ipip_netdev_saddr(MLXSW_SP_L3_PROTO_IPV4,
259 						    ol_dev),
260 	};
261 }
262 
263 static int
264 mlxsw_sp_ipip_ol_netdev_change_gre4(struct mlxsw_sp *mlxsw_sp,
265 				    struct mlxsw_sp_ipip_entry *ipip_entry,
266 				    struct netlink_ext_ack *extack)
267 {
268 	union mlxsw_sp_l3addr old_saddr, new_saddr;
269 	union mlxsw_sp_l3addr old_daddr, new_daddr;
270 	struct ip_tunnel_parm new_parms;
271 	bool update_tunnel = false;
272 	bool update_decap = false;
273 	bool update_nhs = false;
274 	int err = 0;
275 
276 	new_parms = mlxsw_sp_ipip_netdev_parms4(ipip_entry->ol_dev);
277 
278 	new_saddr = mlxsw_sp_ipip_parms4_saddr(new_parms);
279 	old_saddr = mlxsw_sp_ipip_parms4_saddr(ipip_entry->parms4);
280 	new_daddr = mlxsw_sp_ipip_parms4_daddr(new_parms);
281 	old_daddr = mlxsw_sp_ipip_parms4_daddr(ipip_entry->parms4);
282 
283 	if (!mlxsw_sp_l3addr_eq(&new_saddr, &old_saddr)) {
284 		u16 ul_tb_id = mlxsw_sp_ipip_dev_ul_tb_id(ipip_entry->ol_dev);
285 
286 		/* Since the local address has changed, if there is another
287 		 * tunnel with a matching saddr, both need to be demoted.
288 		 */
289 		if (mlxsw_sp_ipip_demote_tunnel_by_saddr(mlxsw_sp,
290 							 MLXSW_SP_L3_PROTO_IPV4,
291 							 new_saddr, ul_tb_id,
292 							 ipip_entry)) {
293 			mlxsw_sp_ipip_entry_demote_tunnel(mlxsw_sp, ipip_entry);
294 			return 0;
295 		}
296 
297 		update_tunnel = true;
298 	} else if ((mlxsw_sp_ipip_parms4_okey(ipip_entry->parms4) !=
299 		    mlxsw_sp_ipip_parms4_okey(new_parms)) ||
300 		   ipip_entry->parms4.link != new_parms.link) {
301 		update_tunnel = true;
302 	} else if (!mlxsw_sp_l3addr_eq(&new_daddr, &old_daddr)) {
303 		update_nhs = true;
304 	} else if (mlxsw_sp_ipip_parms4_ikey(ipip_entry->parms4) !=
305 		   mlxsw_sp_ipip_parms4_ikey(new_parms)) {
306 		update_decap = true;
307 	}
308 
309 	if (update_tunnel)
310 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
311 							  true, true, true,
312 							  extack);
313 	else if (update_nhs)
314 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
315 							  false, false, true,
316 							  extack);
317 	else if (update_decap)
318 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
319 							  false, false, false,
320 							  extack);
321 
322 	ipip_entry->parms4 = new_parms;
323 	return err;
324 }
325 
326 static const struct mlxsw_sp_ipip_ops mlxsw_sp_ipip_gre4_ops = {
327 	.dev_type = ARPHRD_IPGRE,
328 	.ul_proto = MLXSW_SP_L3_PROTO_IPV4,
329 	.nexthop_update = mlxsw_sp_ipip_nexthop_update_gre4,
330 	.fib_entry_op = mlxsw_sp_ipip_fib_entry_op_gre4,
331 	.can_offload = mlxsw_sp_ipip_can_offload_gre4,
332 	.ol_loopback_config = mlxsw_sp_ipip_ol_loopback_config_gre4,
333 	.ol_netdev_change = mlxsw_sp_ipip_ol_netdev_change_gre4,
334 };
335 
336 const struct mlxsw_sp_ipip_ops *mlxsw_sp_ipip_ops_arr[] = {
337 	[MLXSW_SP_IPIP_TYPE_GRE4] = &mlxsw_sp_ipip_gre4_ops,
338 };
339