1 // SPDX-License-Identifier: BSD-3-Clause OR GPL-2.0
2 /* Copyright (c) 2017-2018 Mellanox Technologies. All rights reserved */
3 
4 #include <net/ip_tunnels.h>
5 #include <net/ip6_tunnel.h>
6 
7 #include "spectrum_ipip.h"
8 
9 struct ip_tunnel_parm
10 mlxsw_sp_ipip_netdev_parms4(const struct net_device *ol_dev)
11 {
12 	struct ip_tunnel *tun = netdev_priv(ol_dev);
13 
14 	return tun->parms;
15 }
16 
17 struct __ip6_tnl_parm
18 mlxsw_sp_ipip_netdev_parms6(const struct net_device *ol_dev)
19 {
20 	struct ip6_tnl *tun = netdev_priv(ol_dev);
21 
22 	return tun->parms;
23 }
24 
25 static bool mlxsw_sp_ipip_parms4_has_ikey(struct ip_tunnel_parm parms)
26 {
27 	return !!(parms.i_flags & TUNNEL_KEY);
28 }
29 
30 static bool mlxsw_sp_ipip_parms4_has_okey(struct ip_tunnel_parm parms)
31 {
32 	return !!(parms.o_flags & TUNNEL_KEY);
33 }
34 
35 static u32 mlxsw_sp_ipip_parms4_ikey(struct ip_tunnel_parm parms)
36 {
37 	return mlxsw_sp_ipip_parms4_has_ikey(parms) ?
38 		be32_to_cpu(parms.i_key) : 0;
39 }
40 
41 static u32 mlxsw_sp_ipip_parms4_okey(struct ip_tunnel_parm parms)
42 {
43 	return mlxsw_sp_ipip_parms4_has_okey(parms) ?
44 		be32_to_cpu(parms.o_key) : 0;
45 }
46 
47 static union mlxsw_sp_l3addr
48 mlxsw_sp_ipip_parms4_saddr(struct ip_tunnel_parm parms)
49 {
50 	return (union mlxsw_sp_l3addr) { .addr4 = parms.iph.saddr };
51 }
52 
53 static union mlxsw_sp_l3addr
54 mlxsw_sp_ipip_parms6_saddr(struct __ip6_tnl_parm parms)
55 {
56 	return (union mlxsw_sp_l3addr) { .addr6 = parms.laddr };
57 }
58 
59 static union mlxsw_sp_l3addr
60 mlxsw_sp_ipip_parms4_daddr(struct ip_tunnel_parm parms)
61 {
62 	return (union mlxsw_sp_l3addr) { .addr4 = parms.iph.daddr };
63 }
64 
65 static union mlxsw_sp_l3addr
66 mlxsw_sp_ipip_parms6_daddr(struct __ip6_tnl_parm parms)
67 {
68 	return (union mlxsw_sp_l3addr) { .addr6 = parms.raddr };
69 }
70 
71 union mlxsw_sp_l3addr
72 mlxsw_sp_ipip_netdev_saddr(enum mlxsw_sp_l3proto proto,
73 			   const struct net_device *ol_dev)
74 {
75 	struct ip_tunnel_parm parms4;
76 	struct __ip6_tnl_parm parms6;
77 
78 	switch (proto) {
79 	case MLXSW_SP_L3_PROTO_IPV4:
80 		parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
81 		return mlxsw_sp_ipip_parms4_saddr(parms4);
82 	case MLXSW_SP_L3_PROTO_IPV6:
83 		parms6 = mlxsw_sp_ipip_netdev_parms6(ol_dev);
84 		return mlxsw_sp_ipip_parms6_saddr(parms6);
85 	}
86 
87 	WARN_ON(1);
88 	return (union mlxsw_sp_l3addr) {0};
89 }
90 
91 static __be32 mlxsw_sp_ipip_netdev_daddr4(const struct net_device *ol_dev)
92 {
93 
94 	struct ip_tunnel_parm parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
95 
96 	return mlxsw_sp_ipip_parms4_daddr(parms4).addr4;
97 }
98 
99 static union mlxsw_sp_l3addr
100 mlxsw_sp_ipip_netdev_daddr(enum mlxsw_sp_l3proto proto,
101 			   const struct net_device *ol_dev)
102 {
103 	struct ip_tunnel_parm parms4;
104 	struct __ip6_tnl_parm parms6;
105 
106 	switch (proto) {
107 	case MLXSW_SP_L3_PROTO_IPV4:
108 		parms4 = mlxsw_sp_ipip_netdev_parms4(ol_dev);
109 		return mlxsw_sp_ipip_parms4_daddr(parms4);
110 	case MLXSW_SP_L3_PROTO_IPV6:
111 		parms6 = mlxsw_sp_ipip_netdev_parms6(ol_dev);
112 		return mlxsw_sp_ipip_parms6_daddr(parms6);
113 	}
114 
115 	WARN_ON(1);
116 	return (union mlxsw_sp_l3addr) {0};
117 }
118 
119 bool mlxsw_sp_l3addr_is_zero(union mlxsw_sp_l3addr addr)
120 {
121 	union mlxsw_sp_l3addr naddr = {0};
122 
123 	return !memcmp(&addr, &naddr, sizeof(naddr));
124 }
125 
126 static int
127 mlxsw_sp_ipip_nexthop_update_gre4(struct mlxsw_sp *mlxsw_sp, u32 adj_index,
128 				  struct mlxsw_sp_ipip_entry *ipip_entry)
129 {
130 	u16 rif_index = mlxsw_sp_ipip_lb_rif_index(ipip_entry->ol_lb);
131 	__be32 daddr4 = mlxsw_sp_ipip_netdev_daddr4(ipip_entry->ol_dev);
132 	char ratr_pl[MLXSW_REG_RATR_LEN];
133 
134 	mlxsw_reg_ratr_pack(ratr_pl, MLXSW_REG_RATR_OP_WRITE_WRITE_ENTRY,
135 			    true, MLXSW_REG_RATR_TYPE_IPIP,
136 			    adj_index, rif_index);
137 	mlxsw_reg_ratr_ipip4_entry_pack(ratr_pl, be32_to_cpu(daddr4));
138 
139 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(ratr), ratr_pl);
140 }
141 
142 static int
143 mlxsw_sp_ipip_fib_entry_op_gre4_rtdp(struct mlxsw_sp *mlxsw_sp,
144 				     u32 tunnel_index,
145 				     struct mlxsw_sp_ipip_entry *ipip_entry)
146 {
147 	u16 rif_index = mlxsw_sp_ipip_lb_rif_index(ipip_entry->ol_lb);
148 	u16 ul_rif_id = mlxsw_sp_ipip_lb_ul_rif_id(ipip_entry->ol_lb);
149 	char rtdp_pl[MLXSW_REG_RTDP_LEN];
150 	struct ip_tunnel_parm parms;
151 	unsigned int type_check;
152 	bool has_ikey;
153 	u32 daddr4;
154 	u32 ikey;
155 
156 	parms = mlxsw_sp_ipip_netdev_parms4(ipip_entry->ol_dev);
157 	has_ikey = mlxsw_sp_ipip_parms4_has_ikey(parms);
158 	ikey = mlxsw_sp_ipip_parms4_ikey(parms);
159 
160 	mlxsw_reg_rtdp_pack(rtdp_pl, MLXSW_REG_RTDP_TYPE_IPIP, tunnel_index);
161 	mlxsw_reg_rtdp_egress_router_interface_set(rtdp_pl, ul_rif_id);
162 
163 	type_check = has_ikey ?
164 		MLXSW_REG_RTDP_IPIP_TYPE_CHECK_ALLOW_GRE_KEY :
165 		MLXSW_REG_RTDP_IPIP_TYPE_CHECK_ALLOW_GRE;
166 
167 	/* Linux demuxes tunnels based on packet SIP (which must match tunnel
168 	 * remote IP). Thus configure decap so that it filters out packets that
169 	 * are not IPv4 or have the wrong SIP. IPIP_DECAP_ERROR trap is
170 	 * generated for packets that fail this criterion. Linux then handles
171 	 * such packets in slow path and generates ICMP destination unreachable.
172 	 */
173 	daddr4 = be32_to_cpu(mlxsw_sp_ipip_netdev_daddr4(ipip_entry->ol_dev));
174 	mlxsw_reg_rtdp_ipip4_pack(rtdp_pl, rif_index,
175 				  MLXSW_REG_RTDP_IPIP_SIP_CHECK_FILTER_IPV4,
176 				  type_check, has_ikey, daddr4, ikey);
177 
178 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(rtdp), rtdp_pl);
179 }
180 
181 static int
182 mlxsw_sp_ipip_fib_entry_op_gre4_ralue(struct mlxsw_sp *mlxsw_sp,
183 				      u32 dip, u8 prefix_len, u16 ul_vr_id,
184 				      enum mlxsw_reg_ralue_op op,
185 				      u32 tunnel_index)
186 {
187 	char ralue_pl[MLXSW_REG_RALUE_LEN];
188 
189 	mlxsw_reg_ralue_pack4(ralue_pl, MLXSW_REG_RALXX_PROTOCOL_IPV4, op,
190 			      ul_vr_id, prefix_len, dip);
191 	mlxsw_reg_ralue_act_ip2me_tun_pack(ralue_pl, tunnel_index);
192 	return mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(ralue), ralue_pl);
193 }
194 
195 static int mlxsw_sp_ipip_fib_entry_op_gre4(struct mlxsw_sp *mlxsw_sp,
196 					struct mlxsw_sp_ipip_entry *ipip_entry,
197 					enum mlxsw_reg_ralue_op op,
198 					u32 tunnel_index)
199 {
200 	u16 ul_vr_id = mlxsw_sp_ipip_lb_ul_vr_id(ipip_entry->ol_lb);
201 	__be32 dip;
202 	int err;
203 
204 	err = mlxsw_sp_ipip_fib_entry_op_gre4_rtdp(mlxsw_sp, tunnel_index,
205 						   ipip_entry);
206 	if (err)
207 		return err;
208 
209 	dip = mlxsw_sp_ipip_netdev_saddr(MLXSW_SP_L3_PROTO_IPV4,
210 					 ipip_entry->ol_dev).addr4;
211 	return mlxsw_sp_ipip_fib_entry_op_gre4_ralue(mlxsw_sp, be32_to_cpu(dip),
212 						     32, ul_vr_id, op,
213 						     tunnel_index);
214 }
215 
216 static bool mlxsw_sp_ipip_tunnel_complete(enum mlxsw_sp_l3proto proto,
217 					  const struct net_device *ol_dev)
218 {
219 	union mlxsw_sp_l3addr saddr = mlxsw_sp_ipip_netdev_saddr(proto, ol_dev);
220 	union mlxsw_sp_l3addr daddr = mlxsw_sp_ipip_netdev_daddr(proto, ol_dev);
221 
222 	/* Tunnels with unset local or remote address are valid in Linux and
223 	 * used for lightweight tunnels (LWT) and Non-Broadcast Multi-Access
224 	 * (NBMA) tunnels. In principle these can be offloaded, but the driver
225 	 * currently doesn't support this. So punt.
226 	 */
227 	return !mlxsw_sp_l3addr_is_zero(saddr) &&
228 	       !mlxsw_sp_l3addr_is_zero(daddr);
229 }
230 
231 static bool mlxsw_sp_ipip_can_offload_gre4(const struct mlxsw_sp *mlxsw_sp,
232 					   const struct net_device *ol_dev,
233 					   enum mlxsw_sp_l3proto ol_proto)
234 {
235 	struct ip_tunnel *tunnel = netdev_priv(ol_dev);
236 	__be16 okflags = TUNNEL_KEY; /* We can't offload any other features. */
237 	bool inherit_ttl = tunnel->parms.iph.ttl == 0;
238 	bool inherit_tos = tunnel->parms.iph.tos & 0x1;
239 
240 	return (tunnel->parms.i_flags & ~okflags) == 0 &&
241 	       (tunnel->parms.o_flags & ~okflags) == 0 &&
242 	       inherit_ttl && inherit_tos &&
243 	       mlxsw_sp_ipip_tunnel_complete(MLXSW_SP_L3_PROTO_IPV4, ol_dev);
244 }
245 
246 static struct mlxsw_sp_rif_ipip_lb_config
247 mlxsw_sp_ipip_ol_loopback_config_gre4(struct mlxsw_sp *mlxsw_sp,
248 				      const struct net_device *ol_dev)
249 {
250 	struct ip_tunnel_parm parms = mlxsw_sp_ipip_netdev_parms4(ol_dev);
251 	enum mlxsw_reg_ritr_loopback_ipip_type lb_ipipt;
252 
253 	lb_ipipt = mlxsw_sp_ipip_parms4_has_okey(parms) ?
254 		MLXSW_REG_RITR_LOOPBACK_IPIP_TYPE_IP_IN_GRE_KEY_IN_IP :
255 		MLXSW_REG_RITR_LOOPBACK_IPIP_TYPE_IP_IN_GRE_IN_IP;
256 	return (struct mlxsw_sp_rif_ipip_lb_config){
257 		.lb_ipipt = lb_ipipt,
258 		.okey = mlxsw_sp_ipip_parms4_okey(parms),
259 		.ul_protocol = MLXSW_SP_L3_PROTO_IPV4,
260 		.saddr = mlxsw_sp_ipip_netdev_saddr(MLXSW_SP_L3_PROTO_IPV4,
261 						    ol_dev),
262 	};
263 }
264 
265 static int
266 mlxsw_sp_ipip_ol_netdev_change_gre4(struct mlxsw_sp *mlxsw_sp,
267 				    struct mlxsw_sp_ipip_entry *ipip_entry,
268 				    struct netlink_ext_ack *extack)
269 {
270 	union mlxsw_sp_l3addr old_saddr, new_saddr;
271 	union mlxsw_sp_l3addr old_daddr, new_daddr;
272 	struct ip_tunnel_parm new_parms;
273 	bool update_tunnel = false;
274 	bool update_decap = false;
275 	bool update_nhs = false;
276 	int err = 0;
277 
278 	new_parms = mlxsw_sp_ipip_netdev_parms4(ipip_entry->ol_dev);
279 
280 	new_saddr = mlxsw_sp_ipip_parms4_saddr(new_parms);
281 	old_saddr = mlxsw_sp_ipip_parms4_saddr(ipip_entry->parms4);
282 	new_daddr = mlxsw_sp_ipip_parms4_daddr(new_parms);
283 	old_daddr = mlxsw_sp_ipip_parms4_daddr(ipip_entry->parms4);
284 
285 	if (!mlxsw_sp_l3addr_eq(&new_saddr, &old_saddr)) {
286 		u16 ul_tb_id = mlxsw_sp_ipip_dev_ul_tb_id(ipip_entry->ol_dev);
287 
288 		/* Since the local address has changed, if there is another
289 		 * tunnel with a matching saddr, both need to be demoted.
290 		 */
291 		if (mlxsw_sp_ipip_demote_tunnel_by_saddr(mlxsw_sp,
292 							 MLXSW_SP_L3_PROTO_IPV4,
293 							 new_saddr, ul_tb_id,
294 							 ipip_entry)) {
295 			mlxsw_sp_ipip_entry_demote_tunnel(mlxsw_sp, ipip_entry);
296 			return 0;
297 		}
298 
299 		update_tunnel = true;
300 	} else if ((mlxsw_sp_ipip_parms4_okey(ipip_entry->parms4) !=
301 		    mlxsw_sp_ipip_parms4_okey(new_parms)) ||
302 		   ipip_entry->parms4.link != new_parms.link) {
303 		update_tunnel = true;
304 	} else if (!mlxsw_sp_l3addr_eq(&new_daddr, &old_daddr)) {
305 		update_nhs = true;
306 	} else if (mlxsw_sp_ipip_parms4_ikey(ipip_entry->parms4) !=
307 		   mlxsw_sp_ipip_parms4_ikey(new_parms)) {
308 		update_decap = true;
309 	}
310 
311 	if (update_tunnel)
312 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
313 							  true, true, true,
314 							  extack);
315 	else if (update_nhs)
316 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
317 							  false, false, true,
318 							  extack);
319 	else if (update_decap)
320 		err = __mlxsw_sp_ipip_entry_update_tunnel(mlxsw_sp, ipip_entry,
321 							  false, false, false,
322 							  extack);
323 
324 	ipip_entry->parms4 = new_parms;
325 	return err;
326 }
327 
328 static const struct mlxsw_sp_ipip_ops mlxsw_sp_ipip_gre4_ops = {
329 	.dev_type = ARPHRD_IPGRE,
330 	.ul_proto = MLXSW_SP_L3_PROTO_IPV4,
331 	.nexthop_update = mlxsw_sp_ipip_nexthop_update_gre4,
332 	.fib_entry_op = mlxsw_sp_ipip_fib_entry_op_gre4,
333 	.can_offload = mlxsw_sp_ipip_can_offload_gre4,
334 	.ol_loopback_config = mlxsw_sp_ipip_ol_loopback_config_gre4,
335 	.ol_netdev_change = mlxsw_sp_ipip_ol_netdev_change_gre4,
336 };
337 
338 const struct mlxsw_sp_ipip_ops *mlxsw_sp_ipip_ops_arr[] = {
339 	[MLXSW_SP_IPIP_TYPE_GRE4] = &mlxsw_sp_ipip_gre4_ops,
340 };
341