xref: /openbmc/linux/drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c (revision 93707cbabcc8baf2b2b5f4a99c1f08ee83eb7abd) 
1 /*
2  * drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c
3  * Copyright (c) 2017 Mellanox Technologies. All rights reserved.
4  * Copyright (c) 2017 Petr Machata <petrm@mellanox.com>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 3. Neither the names of the copyright holders nor the names of its
15  *    contributors may be used to endorse or promote products derived from
16  *    this software without specific prior written permission.
17  *
18  * Alternatively, this software may be distributed under the terms of the
19  * GNU General Public License ("GPL") version 2 as published by the Free
20  * Software Foundation.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
26  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
27  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32  * POSSIBILITY OF SUCH DAMAGE.
33  */
34 
35 #include <net/ip_tunnels.h>
36 
37 #include "spectrum_ipip.h"
38 
39 struct ip_tunnel_parm
40 mlxsw_sp_ipip_netdev_parms4(const struct net_device *ol_dev)
41 {
42 	struct ip_tunnel *tun = netdev_priv(ol_dev);
43 
44 	return tun->parms;
45 }
46 
47 static bool mlxsw_sp_ipip_parms4_has_ikey(struct ip_tunnel_parm parms)
48 {
49 	return !!(parms.i_flags & TUNNEL_KEY);
50 }
51 
52 static bool mlxsw_sp_ipip_parms4_has_okey(struct ip_tunnel_parm parms)
53 {
54 	return !!(parms.o_flags & TUNNEL_KEY);
55 }
56 
57 static u32 mlxsw_sp_ipip_parms4_ikey(struct ip_tunnel_parm parms)
58 {
59 	return mlxsw_sp_ipip_parms4_has_ikey(parms) ?
60 		be32_to_cpu(parms.i_key) : 0;
61 }
62 
63 static u32 mlxsw_sp_ipip_parms4_okey(struct ip_tunnel_parm parms)
64 {
65 	return mlxsw_sp_ipip_parms4_has_okey(parms) ?
66 		be32_to_cpu(parms.o_key) : 0;
67 }
68 
69 static union mlxsw_sp_l3addr
70 mlxsw_sp_ipip_parms4_saddr(struct ip_tunnel_parm parms)
71 {
72 	return (union mlxsw_sp_l3addr) { .addr4 = parms.iph.saddr };
73 }
74 
75 static union mlxsw_sp_l3addr
76 mlxsw_sp_ipip_parms4_daddr(struct ip_tunnel_parm parms)
77 {
78 	return (union mlxsw_sp_l3addr) { .addr4 = parms.iph.daddr };
79 }
80 
81 union mlxsw_sp_l3addr
82 mlxsw_sp_ipip_netdev_saddr(enum mlxsw_sp_l3proto proto,
83 			   const struct net_device *ol_dev)
84 {
85 	struct ip_tunnel_parm parms4;
86 
87 	switch (proto) {
88 	case MLXSW_SP_L3_PROTO_IPV4:
89 		parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
90 		return mlxsw_sp_ipip_parms4_saddr(parms4);
91 	case MLXSW_SP_L3_PROTO_IPV6:
92 		break;
93 	}
94 
95 	WARN_ON(1);
96 	return (union mlxsw_sp_l3addr) {0};
97 }
98 
99 static __be32 mlxsw_sp_ipip_netdev_daddr4(const struct net_device *ol_dev)
100 {
101 
102 	struct ip_tunnel_parm parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
103 
104 	return mlxsw_sp_ipip_parms4_daddr(parms4).addr4;
105 }
106 
107 static union mlxsw_sp_l3addr
108 mlxsw_sp_ipip_netdev_daddr(enum mlxsw_sp_l3proto proto,
109 			   const struct net_device *ol_dev)
110 {
111 	struct ip_tunnel_parm parms4;
112 
113 	switch (proto) {
114 	case MLXSW_SP_L3_PROTO_IPV4:
115 		parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
116 		return mlxsw_sp_ipip_parms4_daddr(parms4);
117 	case MLXSW_SP_L3_PROTO_IPV6:
118 		break;
119 	}
120 
121 	WARN_ON(1);
122 	return (union mlxsw_sp_l3addr) {0};
123 }
124 
125 static int
126 mlxsw_sp_ipip_nexthop_update_gre4(struct mlxsw_sp *mlxsw_sp, u32 adj_index,
127 				  struct mlxsw_sp_ipip_entry *ipip_entry)
128 {
129 	u16 rif_index = mlxsw_sp_ipip_lb_rif_index(ipip_entry->ol_lb);
130 	__be32 daddr4 = mlxsw_sp_ipip_netdev_daddr4(ipip_entry->ol_dev);
131 	char ratr_pl[MLXSW_REG_RATR_LEN];
132 
133 	mlxsw_reg_ratr_pack(ratr_pl, MLXSW_REG_RATR_OP_WRITE_WRITE_ENTRY,
134 			    true, MLXSW_REG_RATR_TYPE_IPIP,
135 			    adj_index, rif_index);
136 	mlxsw_reg_ratr_ipip4_entry_pack(ratr_pl, be32_to_cpu(daddr4));
137 
138 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(ratr), ratr_pl);
139 }
140 
141 static int
142 mlxsw_sp_ipip_fib_entry_op_gre4_rtdp(struct mlxsw_sp *mlxsw_sp,
143 				     u32 tunnel_index,
144 				     struct mlxsw_sp_ipip_entry *ipip_entry)
145 {
146 	u16 rif_index = mlxsw_sp_ipip_lb_rif_index(ipip_entry->ol_lb);
147 	char rtdp_pl[MLXSW_REG_RTDP_LEN];
148 	struct ip_tunnel_parm parms;
149 	unsigned int type_check;
150 	bool has_ikey;
151 	u32 daddr4;
152 	u32 ikey;
153 
154 	parms = mlxsw_sp_ipip_netdev_parms4(ipip_entry->ol_dev);
155 	has_ikey = mlxsw_sp_ipip_parms4_has_ikey(parms);
156 	ikey = mlxsw_sp_ipip_parms4_ikey(parms);
157 
158 	mlxsw_reg_rtdp_pack(rtdp_pl, MLXSW_REG_RTDP_TYPE_IPIP, tunnel_index);
159 
160 	type_check = has_ikey ?
161 		MLXSW_REG_RTDP_IPIP_TYPE_CHECK_ALLOW_GRE_KEY :
162 		MLXSW_REG_RTDP_IPIP_TYPE_CHECK_ALLOW_GRE;
163 
164 	/* Linux demuxes tunnels based on packet SIP (which must match tunnel
165 	 * remote IP). Thus configure decap so that it filters out packets that
166 	 * are not IPv4 or have the wrong SIP. IPIP_DECAP_ERROR trap is
167 	 * generated for packets that fail this criterion. Linux then handles
168 	 * such packets in slow path and generates ICMP destination unreachable.
169 	 */
170 	daddr4 = be32_to_cpu(mlxsw_sp_ipip_netdev_daddr4(ipip_entry->ol_dev));
171 	mlxsw_reg_rtdp_ipip4_pack(rtdp_pl, rif_index,
172 				  MLXSW_REG_RTDP_IPIP_SIP_CHECK_FILTER_IPV4,
173 				  type_check, has_ikey, daddr4, ikey);
174 
175 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(rtdp), rtdp_pl);
176 }
177 
178 static int
179 mlxsw_sp_ipip_fib_entry_op_gre4_ralue(struct mlxsw_sp *mlxsw_sp,
180 				      u32 dip, u8 prefix_len, u16 ul_vr_id,
181 				      enum mlxsw_reg_ralue_op op,
182 				      u32 tunnel_index)
183 {
184 	char ralue_pl[MLXSW_REG_RALUE_LEN];
185 
186 	mlxsw_reg_ralue_pack4(ralue_pl, MLXSW_REG_RALXX_PROTOCOL_IPV4, op,
187 			      ul_vr_id, prefix_len, dip);
188 	mlxsw_reg_ralue_act_ip2me_tun_pack(ralue_pl, tunnel_index);
189 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(ralue), ralue_pl);
190 }
191 
192 static int mlxsw_sp_ipip_fib_entry_op_gre4(struct mlxsw_sp *mlxsw_sp,
193 					struct mlxsw_sp_ipip_entry *ipip_entry,
194 					enum mlxsw_reg_ralue_op op,
195 					u32 tunnel_index)
196 {
197 	u16 ul_vr_id = mlxsw_sp_ipip_lb_ul_vr_id(ipip_entry->ol_lb);
198 	__be32 dip;
199 	int err;
200 
201 	err = mlxsw_sp_ipip_fib_entry_op_gre4_rtdp(mlxsw_sp, tunnel_index,
202 						   ipip_entry);
203 	if (err)
204 		return err;
205 
206 	dip = mlxsw_sp_ipip_netdev_saddr(MLXSW_SP_L3_PROTO_IPV4,
207 					 ipip_entry->ol_dev).addr4;
208 	return mlxsw_sp_ipip_fib_entry_op_gre4_ralue(mlxsw_sp, be32_to_cpu(dip),
209 						     32, ul_vr_id, op,
210 						     tunnel_index);
211 }
212 
213 static bool mlxsw_sp_ipip_tunnel_complete(enum mlxsw_sp_l3proto proto,
214 					  const struct net_device *ol_dev)
215 {
216 	union mlxsw_sp_l3addr saddr = mlxsw_sp_ipip_netdev_saddr(proto, ol_dev);
217 	union mlxsw_sp_l3addr daddr = mlxsw_sp_ipip_netdev_daddr(proto, ol_dev);
218 	union mlxsw_sp_l3addr naddr = {0};
219 
220 	/* Tunnels with unset local or remote address are valid in Linux and
221 	 * used for lightweight tunnels (LWT) and Non-Broadcast Multi-Access
222 	 * (NBMA) tunnels. In principle these can be offloaded, but the driver
223 	 * currently doesn't support this. So punt.
224 	 */
225 	return memcmp(&saddr, &naddr, sizeof(naddr)) &&
226 	       memcmp(&daddr, &naddr, sizeof(naddr));
227 }
228 
229 static bool mlxsw_sp_ipip_can_offload_gre4(const struct mlxsw_sp *mlxsw_sp,
230 					   const struct net_device *ol_dev,
231 					   enum mlxsw_sp_l3proto ol_proto)
232 {
233 	struct ip_tunnel *tunnel = netdev_priv(ol_dev);
234 	__be16 okflags = TUNNEL_KEY; /* We can't offload any other features. */
235 	bool inherit_ttl = tunnel->parms.iph.ttl == 0;
236 	bool inherit_tos = tunnel->parms.iph.tos & 0x1;
237 
238 	return (tunnel->parms.i_flags & ~okflags) == 0 &&
239 	       (tunnel->parms.o_flags & ~okflags) == 0 &&
240 	       inherit_ttl && inherit_tos &&
241 	       mlxsw_sp_ipip_tunnel_complete(MLXSW_SP_L3_PROTO_IPV4, ol_dev);
242 }
243 
244 static struct mlxsw_sp_rif_ipip_lb_config
245 mlxsw_sp_ipip_ol_loopback_config_gre4(struct mlxsw_sp *mlxsw_sp,
246 				      const struct net_device *ol_dev)
247 {
248 	struct ip_tunnel_parm parms = mlxsw_sp_ipip_netdev_parms4(ol_dev);
249 	enum mlxsw_reg_ritr_loopback_ipip_type lb_ipipt;
250 
251 	lb_ipipt = mlxsw_sp_ipip_parms4_has_okey(parms) ?
252 		MLXSW_REG_RITR_LOOPBACK_IPIP_TYPE_IP_IN_GRE_KEY_IN_IP :
253 		MLXSW_REG_RITR_LOOPBACK_IPIP_TYPE_IP_IN_GRE_IN_IP;
254 	return (struct mlxsw_sp_rif_ipip_lb_config){
255 		.lb_ipipt = lb_ipipt,
256 		.okey = mlxsw_sp_ipip_parms4_okey(parms),
257 		.ul_protocol = MLXSW_SP_L3_PROTO_IPV4,
258 		.saddr = mlxsw_sp_ipip_netdev_saddr(MLXSW_SP_L3_PROTO_IPV4,
259 						    ol_dev),
260 	};
261 }
262 
263 static int
264 mlxsw_sp_ipip_ol_netdev_change_gre4(struct mlxsw_sp *mlxsw_sp,
265 				    struct mlxsw_sp_ipip_entry *ipip_entry,
266 				    struct netlink_ext_ack *extack)
267 {
268 	union mlxsw_sp_l3addr old_saddr, new_saddr;
269 	union mlxsw_sp_l3addr old_daddr, new_daddr;
270 	struct ip_tunnel_parm new_parms;
271 	bool update_tunnel = false;
272 	bool update_decap = false;
273 	bool update_nhs = false;
274 	int err = 0;
275 
276 	new_parms = mlxsw_sp_ipip_netdev_parms4(ipip_entry->ol_dev);
277 
278 	new_saddr = mlxsw_sp_ipip_parms4_saddr(new_parms);
279 	old_saddr = mlxsw_sp_ipip_parms4_saddr(ipip_entry->parms4);
280 	new_daddr = mlxsw_sp_ipip_parms4_daddr(new_parms);
281 	old_daddr = mlxsw_sp_ipip_parms4_daddr(ipip_entry->parms4);
282 
283 	if (!mlxsw_sp_l3addr_eq(&new_saddr, &old_saddr)) {
284 		u16 ul_tb_id = mlxsw_sp_ipip_dev_ul_tb_id(ipip_entry->ol_dev);
285 
286 		/* Since the local address has changed, if there is another
287 		 * tunnel with a matching saddr, both need to be demoted.
288 		 */
289 		if (mlxsw_sp_ipip_demote_tunnel_by_saddr(mlxsw_sp,
290 							 MLXSW_SP_L3_PROTO_IPV4,
291 							 new_saddr, ul_tb_id,
292 							 ipip_entry)) {
293 			mlxsw_sp_ipip_entry_demote_tunnel(mlxsw_sp, ipip_entry);
294 			return 0;
295 		}
296 
297 		update_tunnel = true;
298 	} else if ((mlxsw_sp_ipip_parms4_okey(ipip_entry->parms4) !=
299 		    mlxsw_sp_ipip_parms4_okey(new_parms)) ||
300 		   ipip_entry->parms4.link != new_parms.link) {
301 		update_tunnel = true;
302 	} else if (!mlxsw_sp_l3addr_eq(&new_daddr, &old_daddr)) {
303 		update_nhs = true;
304 	} else if (mlxsw_sp_ipip_parms4_ikey(ipip_entry->parms4) !=
305 		   mlxsw_sp_ipip_parms4_ikey(new_parms)) {
306 		update_decap = true;
307 	}
308 
309 	if (update_tunnel)
310 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
311 							  true, true, true,
312 							  extack);
313 	else if (update_nhs)
314 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
315 							  false, false, true,
316 							  extack);
317 	else if (update_decap)
318 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
319 							  false, false, false,
320 							  extack);
321 
322 	ipip_entry->parms4 = new_parms;
323 	return err;
324 }
325 
326 static const struct mlxsw_sp_ipip_ops mlxsw_sp_ipip_gre4_ops = {
327 	.dev_type = ARPHRD_IPGRE,
328 	.ul_proto = MLXSW_SP_L3_PROTO_IPV4,
329 	.nexthop_update = mlxsw_sp_ipip_nexthop_update_gre4,
330 	.fib_entry_op = mlxsw_sp_ipip_fib_entry_op_gre4,
331 	.can_offload = mlxsw_sp_ipip_can_offload_gre4,
332 	.ol_loopback_config = mlxsw_sp_ipip_ol_loopback_config_gre4,
333 	.ol_netdev_change = mlxsw_sp_ipip_ol_netdev_change_gre4,
334 };
335 
336 const struct mlxsw_sp_ipip_ops *mlxsw_sp_ipip_ops_arr[] = {
337 	[MLXSW_SP_IPIP_TYPE_GRE4] = &mlxsw_sp_ipip_gre4_ops,
338 };
339