Message
Ivan Malov
June 7, 2023, 1:02 p.m. UTC
On EF100 hardware, match-action engine (MAE) can be equipped with an assistance table for connection tracking (CT). In it, an entry key is a set of exact match fields: an EtherType, a pair of IP addresses, a L4 protocol ID and a pair of L4 port numbers. An entry response can provide matching packets with a mark value and additional data to be plumbed to NAT action. In addition, an update to mark-and-sweep counter can be done. This table was designed with larger capacity in mind, so moving the above match criteria out of an action rule (AR) specification to a CT entry increases the likelihood of reusing AR entries and improves the total flow engine capacity. Make use of that. Changes in v2: * Found and fixed my own mistake in [15/34] * Fixed [16/34] as per 0-day robot report * Added missing release notes to [27/34] * Added missing release notes to [30/34] Changes in v3: * Fixed release notes in [27/34] * Rebased on dpdk to fix CI Changes in v4: * Applied review notes in [05/34], [08/34], [09/34] and [10/34]. Denis Pryazhennikov (11): common/sfc_efx/base: update MCDI headers common/sfc_efx/base: detect MCDI Table Access API support common/sfc_efx/base: add API to list HW tables common/sfc_efx/base: add macro to get indexed QWORD field common/sfc_efx/base: add API to get HW table desc common/sfc_efx/base: add API to insert data to HW table common/sfc_efx/base: add API to delete entry from HW table net/sfc: add MCDI wrappers for BCAM tables net/sfc: add functions to manipulate MCDI table fields net/sfc: attach to HW table API net/sfc: add API to manage HW Conntrack table Ivan Malov (23): net/sfc: make entry pointer optional in MAE resource helpers net/sfc: turn flow create/destroy methods into lock wrappers net/sfc: let driver-internal flows use VF representor action net/sfc: extend generic flow API to allow for internal flows net/sfc: switch driver-internal flows to use generic methods net/sfc: move MAE flow parsing method to MAE-specific source net/sfc: move MAE counter stream start to action set handler net/sfc: prepare MAE outer rules for action rule indirection net/sfc: turn MAE flow action rules into shareable resources common/sfc_efx/base: provide an API to clone MAE match specs common/sfc_efx/base: add API to read back MAE match criteria common/sfc_efx/base: match on conntrack mark in action rules common/sfc_efx/base: add API to request MAE conntrack lookup net/sfc: make use of conntrack assistance for transfer flows common/sfc_efx/base: support NAT edits in MAE net/sfc: add support for IPv4 NAT offload to MAE backend net/sfc: rename SW structures used by transfer flow counters net/sfc: rework MAE action rule counter representation in SW net/sfc: support indirect count action in transfer flows common/sfc_efx/base: rework MAE counter provisioning helpers net/sfc: indicate MAE counter type in use for transfer flows common/sfc_efx/base: support conntrack assistance counters net/sfc: use conntrack assistance counters in transfer flows doc/guides/nics/features/sfc.ini | 4 + doc/guides/nics/sfc_efx.rst | 10 + doc/guides/rel_notes/release_23_07.rst | 18 + drivers/common/sfc_efx/base/efx.h | 198 +- drivers/common/sfc_efx/base/efx_impl.h | 5 +- drivers/common/sfc_efx/base/efx_mae.c | 383 ++- drivers/common/sfc_efx/base/efx_mcdi.h | 4 + drivers/common/sfc_efx/base/efx_regs_mcdi.h | 2557 ++++++++++++++++++- drivers/common/sfc_efx/base/efx_table.c | 506 ++++ drivers/common/sfc_efx/base/hunt_nic.c | 2 + drivers/common/sfc_efx/base/medford2_nic.c | 2 + drivers/common/sfc_efx/base/medford_nic.c | 2 + drivers/common/sfc_efx/base/meson.build | 1 + drivers/common/sfc_efx/base/rhead_nic.c | 9 + drivers/common/sfc_efx/base/siena_nic.c | 2 + drivers/common/sfc_efx/version.map | 14 + drivers/net/sfc/meson.build | 6 +- drivers/net/sfc/sfc.c | 27 +- drivers/net/sfc/sfc.h | 3 + drivers/net/sfc/sfc_flow.c | 246 +- drivers/net/sfc/sfc_flow.h | 45 +- drivers/net/sfc/sfc_mae.c | 1899 ++++++++++---- drivers/net/sfc/sfc_mae.h | 131 +- drivers/net/sfc/sfc_mae_counter.c | 146 +- drivers/net/sfc/sfc_mae_counter.h | 16 +- drivers/net/sfc/sfc_mae_ct.c | 201 ++ drivers/net/sfc/sfc_mae_ct.h | 68 + drivers/net/sfc/sfc_repr.c | 20 +- drivers/net/sfc/sfc_repr_proxy.c | 53 +- drivers/net/sfc/sfc_repr_proxy.h | 2 +- drivers/net/sfc/sfc_repr_proxy_api.h | 3 + drivers/net/sfc/sfc_switch.c | 7 +- drivers/net/sfc/sfc_switch.h | 10 + drivers/net/sfc/sfc_tbl_meta.c | 71 + drivers/net/sfc/sfc_tbl_meta.h | 37 + drivers/net/sfc/sfc_tbl_meta_cache.c | 253 ++ drivers/net/sfc/sfc_tbl_meta_cache.h | 25 + drivers/net/sfc/sfc_tbls.c | 207 ++ drivers/net/sfc/sfc_tbls.h | 286 +++ 39 files changed, 6609 insertions(+), 870 deletions(-) create mode 100644 drivers/common/sfc_efx/base/efx_table.c create mode 100644 drivers/net/sfc/sfc_mae_ct.c create mode 100644 drivers/net/sfc/sfc_mae_ct.h create mode 100644 drivers/net/sfc/sfc_tbl_meta.c create mode 100644 drivers/net/sfc/sfc_tbl_meta.h create mode 100644 drivers/net/sfc/sfc_tbl_meta_cache.c create mode 100644 drivers/net/sfc/sfc_tbl_meta_cache.h create mode 100644 drivers/net/sfc/sfc_tbls.c create mode 100644 drivers/net/sfc/sfc_tbls.h
Comments
On 6/7/23 16:02, Ivan Malov wrote: > On EF100 hardware, match-action engine (MAE) can be equipped > with an assistance table for connection tracking (CT). In it, > an entry key is a set of exact match fields: an EtherType, a > pair of IP addresses, a L4 protocol ID and a pair of L4 port > numbers. An entry response can provide matching packets with > a mark value and additional data to be plumbed to NAT action. > In addition, an update to mark-and-sweep counter can be done. > > This table was designed with larger capacity in mind, > so moving the above match criteria out of an action > rule (AR) specification to a CT entry increases the > likelihood of reusing AR entries and improves the > total flow engine capacity. Make use of that. > > Changes in v2: > * Found and fixed my own mistake in [15/34] > * Fixed [16/34] as per 0-day robot report > * Added missing release notes to [27/34] > * Added missing release notes to [30/34] > > Changes in v3: > * Fixed release notes in [27/34] > * Rebased on dpdk to fix CI > > Changes in v4: > * Applied review notes in [05/34], [08/34], [09/34] and [10/34]. My ack from the previous version is lost.
On 6/7/2023 2:02 PM, Ivan Malov wrote: > On EF100 hardware, match-action engine (MAE) can be equipped > with an assistance table for connection tracking (CT). In it, > an entry key is a set of exact match fields: an EtherType, a > pair of IP addresses, a L4 protocol ID and a pair of L4 port > numbers. An entry response can provide matching packets with > a mark value and additional data to be plumbed to NAT action. > In addition, an update to mark-and-sweep counter can be done. > > This table was designed with larger capacity in mind, > so moving the above match criteria out of an action > rule (AR) specification to a CT entry increases the > likelihood of reusing AR entries and improves the > total flow engine capacity. Make use of that. > > Changes in v2: > * Found and fixed my own mistake in [15/34] > * Fixed [16/34] as per 0-day robot report > * Added missing release notes to [27/34] > * Added missing release notes to [30/34] > > Changes in v3: > * Fixed release notes in [27/34] > * Rebased on dpdk to fix CI > > Changes in v4: > * Applied review notes in [05/34], [08/34], [09/34] and [10/34]. > > Denis Pryazhennikov (11): > common/sfc_efx/base: update MCDI headers > common/sfc_efx/base: detect MCDI Table Access API support > common/sfc_efx/base: add API to list HW tables > common/sfc_efx/base: add macro to get indexed QWORD field > common/sfc_efx/base: add API to get HW table desc > common/sfc_efx/base: add API to insert data to HW table > common/sfc_efx/base: add API to delete entry from HW table > net/sfc: add MCDI wrappers for BCAM tables > net/sfc: add functions to manipulate MCDI table fields > net/sfc: attach to HW table API > net/sfc: add API to manage HW Conntrack table > > Ivan Malov (23): > net/sfc: make entry pointer optional in MAE resource helpers > net/sfc: turn flow create/destroy methods into lock wrappers > net/sfc: let driver-internal flows use VF representor action > net/sfc: extend generic flow API to allow for internal flows > net/sfc: switch driver-internal flows to use generic methods > net/sfc: move MAE flow parsing method to MAE-specific source > net/sfc: move MAE counter stream start to action set handler > net/sfc: prepare MAE outer rules for action rule indirection > net/sfc: turn MAE flow action rules into shareable resources > common/sfc_efx/base: provide an API to clone MAE match specs > common/sfc_efx/base: add API to read back MAE match criteria > common/sfc_efx/base: match on conntrack mark in action rules > common/sfc_efx/base: add API to request MAE conntrack lookup > net/sfc: make use of conntrack assistance for transfer flows Well done Ivan ;)
On 6/8/2023 1:33 PM, Andrew Rybchenko wrote: > On 6/7/23 16:02, Ivan Malov wrote: >> On EF100 hardware, match-action engine (MAE) can be equipped >> with an assistance table for connection tracking (CT). In it, >> an entry key is a set of exact match fields: an EtherType, a >> pair of IP addresses, a L4 protocol ID and a pair of L4 port >> numbers. An entry response can provide matching packets with >> a mark value and additional data to be plumbed to NAT action. >> In addition, an update to mark-and-sweep counter can be done. >> >> This table was designed with larger capacity in mind, >> so moving the above match criteria out of an action >> rule (AR) specification to a CT entry increases the >> likelihood of reusing AR entries and improves the >> total flow engine capacity. Make use of that. >> >> Changes in v2: >> * Found and fixed my own mistake in [15/34] >> * Fixed [16/34] as per 0-day robot report >> * Added missing release notes to [27/34] >> * Added missing release notes to [30/34] >> >> Changes in v3: >> * Fixed release notes in [27/34] >> * Rebased on dpdk to fix CI >> >> Changes in v4: >> * Applied review notes in [05/34], [08/34], [09/34] and [10/34]. > > My ack from the previous version is lost. > > Can you please apply Andrew's ack to each commit for next version?
On 6/7/2023 2:02 PM, Ivan Malov wrote: > On EF100 hardware, match-action engine (MAE) can be equipped > with an assistance table for connection tracking (CT). In it, > an entry key is a set of exact match fields: an EtherType, a > pair of IP addresses, a L4 protocol ID and a pair of L4 port > numbers. An entry response can provide matching packets with > a mark value and additional data to be plumbed to NAT action. > In addition, an update to mark-and-sweep counter can be done. > > This table was designed with larger capacity in mind, > so moving the above match criteria out of an action > rule (AR) specification to a CT entry increases the > likelihood of reusing AR entries and improves the > total flow engine capacity. Make use of that. > > Changes in v2: > * Found and fixed my own mistake in [15/34] > * Fixed [16/34] as per 0-day robot report > * Added missing release notes to [27/34] > * Added missing release notes to [30/34] > > Changes in v3: > * Fixed release notes in [27/34] > * Rebased on dpdk to fix CI > > Changes in v4: > * Applied review notes in [05/34], [08/34], [09/34] and [10/34]. > > Denis Pryazhennikov (11): > common/sfc_efx/base: update MCDI headers > common/sfc_efx/base: detect MCDI Table Access API support > common/sfc_efx/base: add API to list HW tables > common/sfc_efx/base: add macro to get indexed QWORD field > common/sfc_efx/base: add API to get HW table desc > common/sfc_efx/base: add API to insert data to HW table > common/sfc_efx/base: add API to delete entry from HW table > net/sfc: add MCDI wrappers for BCAM tables > net/sfc: add functions to manipulate MCDI table fields > net/sfc: attach to HW table API > net/sfc: add API to manage HW Conntrack table > > Ivan Malov (23): > net/sfc: make entry pointer optional in MAE resource helpers > net/sfc: turn flow create/destroy methods into lock wrappers > net/sfc: let driver-internal flows use VF representor action > net/sfc: extend generic flow API to allow for internal flows > net/sfc: switch driver-internal flows to use generic methods > net/sfc: move MAE flow parsing method to MAE-specific source > net/sfc: move MAE counter stream start to action set handler > net/sfc: prepare MAE outer rules for action rule indirection > net/sfc: turn MAE flow action rules into shareable resources > common/sfc_efx/base: provide an API to clone MAE match specs > common/sfc_efx/base: add API to read back MAE match criteria > common/sfc_efx/base: match on conntrack mark in action rules > common/sfc_efx/base: add API to request MAE conntrack lookup > net/sfc: make use of conntrack assistance for transfer flows > common/sfc_efx/base: support NAT edits in MAE > net/sfc: add support for IPv4 NAT offload to MAE backend > net/sfc: rename SW structures used by transfer flow counters > net/sfc: rework MAE action rule counter representation in SW > net/sfc: support indirect count action in transfer flows > common/sfc_efx/base: rework MAE counter provisioning helpers > net/sfc: indicate MAE counter type in use for transfer flows > common/sfc_efx/base: support conntrack assistance counters > net/sfc: use conntrack assistance counters in transfer flows > Series applied to dpdk-next-net/main, thanks.