@@ -51,6 +51,7 @@ enum mlx5dr_action_type {
MLX5DR_ACTION_TYP_DEST_ARRAY,
MLX5DR_ACTION_TYP_POP_IPV6_ROUTE_EXT,
MLX5DR_ACTION_TYP_PUSH_IPV6_ROUTE_EXT,
+ MLX5DR_ACTION_TYP_NAT64,
MLX5DR_ACTION_TYP_MAX,
};
@@ -868,6 +869,34 @@ mlx5dr_action_create_reformat_ipv6_ext(struct mlx5dr_context *ctx,
uint32_t log_bulk_size,
uint32_t flags);
+enum mlx5dr_action_nat64_flags {
+ MLX5DR_ACTION_NAT64_V4_TO_V6 = 1 << 0,
+ MLX5DR_ACTION_NAT64_V6_TO_V4 = 1 << 1,
+ /* Indicates if to backup ipv4 addresses in last two registers */
+ MLX5DR_ACTION_NAT64_BACKUP_ADDR = 1 << 2,
+};
+
+struct mlx5dr_action_nat64_attr {
+ uint8_t num_of_registers;
+ uint8_t *registers;
+ enum mlx5dr_action_nat64_flags flags;
+};
+
+/* Create direct rule nat64 action.
+ *
+ * @param[in] ctx
+ * The context in which the new action will be created.
+ * @param[in] attr
+ * The relevant attribute of the NAT action.
+ * @param[in] flags
+ * Action creation flags. (enum mlx5dr_action_flags)
+ * @return pointer to mlx5dr_action on success NULL otherwise.
+ */
+struct mlx5dr_action *
+mlx5dr_action_create_nat64(struct mlx5dr_context *ctx,
+ struct mlx5dr_action_nat64_attr *attr,
+ uint32_t flags);
+
/* Destroy direct rule action.
*
* @param[in] action
@@ -31,6 +31,7 @@ static const uint32_t action_order_arr[MLX5DR_TABLE_TYPE_MAX][MLX5DR_ACTION_TYP_
BIT(MLX5DR_ACTION_TYP_ASO_CT),
BIT(MLX5DR_ACTION_TYP_PUSH_VLAN),
BIT(MLX5DR_ACTION_TYP_PUSH_VLAN),
+ BIT(MLX5DR_ACTION_TYP_NAT64),
BIT(MLX5DR_ACTION_TYP_MODIFY_HDR),
BIT(MLX5DR_ACTION_TYP_INSERT_HEADER) |
BIT(MLX5DR_ACTION_TYP_PUSH_IPV6_ROUTE_EXT) |
@@ -52,6 +53,7 @@ static const uint32_t action_order_arr[MLX5DR_TABLE_TYPE_MAX][MLX5DR_ACTION_TYP_
BIT(MLX5DR_ACTION_TYP_ASO_CT),
BIT(MLX5DR_ACTION_TYP_PUSH_VLAN),
BIT(MLX5DR_ACTION_TYP_PUSH_VLAN),
+ BIT(MLX5DR_ACTION_TYP_NAT64),
BIT(MLX5DR_ACTION_TYP_MODIFY_HDR),
BIT(MLX5DR_ACTION_TYP_INSERT_HEADER) |
BIT(MLX5DR_ACTION_TYP_PUSH_IPV6_ROUTE_EXT) |
@@ -75,6 +77,7 @@ static const uint32_t action_order_arr[MLX5DR_TABLE_TYPE_MAX][MLX5DR_ACTION_TYP_
BIT(MLX5DR_ACTION_TYP_ASO_CT),
BIT(MLX5DR_ACTION_TYP_PUSH_VLAN),
BIT(MLX5DR_ACTION_TYP_PUSH_VLAN),
+ BIT(MLX5DR_ACTION_TYP_NAT64),
BIT(MLX5DR_ACTION_TYP_MODIFY_HDR),
BIT(MLX5DR_ACTION_TYP_INSERT_HEADER) |
BIT(MLX5DR_ACTION_TYP_PUSH_IPV6_ROUTE_EXT) |
@@ -246,6 +249,310 @@ static void mlx5dr_action_put_shared_stc(struct mlx5dr_action *action,
mlx5dr_action_put_shared_stc_nic(ctx, stc_type, MLX5DR_TABLE_TYPE_FDB);
}
+static struct mlx5dr_action *
+mlx5dr_action_create_nat64_copy_state(struct mlx5dr_context *ctx,
+ struct mlx5dr_action_nat64_attr *attr,
+ uint32_t flags)
+{
+ __be64 modify_action_data[MLX5DR_ACTION_NAT64_MAX_MODIFY_ACTIONS];
+ struct mlx5dr_action_mh_pattern pat[2];
+ struct mlx5dr_action *action;
+ uint32_t packet_len_field;
+ uint8_t *action_ptr;
+ uint32_t ttl_field;
+ uint32_t src_addr;
+ uint32_t dst_addr;
+ bool is_v4_to_v6;
+
+ is_v4_to_v6 = attr->flags & MLX5DR_ACTION_NAT64_V4_TO_V6;
+
+ if (is_v4_to_v6) {
+ packet_len_field = MLX5_MODI_OUT_IPV4_TOTAL_LEN;
+ ttl_field = MLX5_MODI_OUT_IPV4_TTL;
+ src_addr = MLX5_MODI_OUT_SIPV4;
+ dst_addr = MLX5_MODI_OUT_DIPV4;
+ } else {
+ packet_len_field = MLX5_MODI_OUT_IPV6_PAYLOAD_LEN;
+ ttl_field = MLX5_MODI_OUT_IPV6_HOPLIMIT;
+ src_addr = MLX5_MODI_OUT_SIPV6_31_0;
+ dst_addr = MLX5_MODI_OUT_DIPV6_31_0;
+ }
+
+ memset(modify_action_data, 0, sizeof(modify_action_data));
+ action_ptr = (uint8_t *)modify_action_data;
+
+ if (attr->flags & MLX5DR_ACTION_NAT64_BACKUP_ADDR) {
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field, src_addr);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_SRC_IP]);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field, dst_addr);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_DST_IP]);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+ }
+
+ /* | 8 bit - 8 bit - 16 bit |
+ * | ttl - protocol - packet-len |
+ */
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field, packet_len_field);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_CONTROL]);
+ MLX5_SET(copy_action_in, action_ptr, dst_offset, 0);/* 16 bits in the lsb */
+ MLX5_SET(copy_action_in, action_ptr, length, 16);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_NOP);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field, MLX5_MODI_OUT_IP_PROTOCOL);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_CONTROL]);
+ MLX5_SET(copy_action_in, action_ptr, dst_offset, 16);
+ MLX5_SET(copy_action_in, action_ptr, length, 8);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_NOP);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field, ttl_field);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_CONTROL]);
+ MLX5_SET(copy_action_in, action_ptr, dst_offset, 24);
+ MLX5_SET(copy_action_in, action_ptr, length, 8);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ /* set sip and dip to 0, in order to have new csum */
+ if (is_v4_to_v6) {
+ MLX5_SET(set_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_SET);
+ MLX5_SET(set_action_in, action_ptr, field, MLX5_MODI_OUT_SIPV4);
+ MLX5_SET(set_action_in, action_ptr, data, 0);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(set_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_SET);
+ MLX5_SET(set_action_in, action_ptr, field, MLX5_MODI_OUT_DIPV4);
+ MLX5_SET(set_action_in, action_ptr, data, 0);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+ }
+
+ pat[0].data = modify_action_data;
+ pat[0].sz = (action_ptr - (uint8_t *)modify_action_data);
+
+ action = mlx5dr_action_create_modify_header(ctx, 1, pat, 0, flags);
+ if (!action) {
+ DR_LOG(ERR, "Failed to create copy for NAT64: action_sz: %zu, flags: 0x%x\n",
+ pat[0].sz, flags);
+ return NULL;
+ }
+
+ return action;
+}
+
+static struct mlx5dr_action *
+mlx5dr_action_create_nat64_repalce_state(struct mlx5dr_context *ctx,
+ struct mlx5dr_action_nat64_attr *attr,
+ uint32_t flags)
+{
+ uint32_t address_prefix[MLX5DR_ACTION_NAT64_HEADER_MINUS_ONE] = {0};
+ __be64 modify_action_data[MLX5DR_ACTION_NAT64_MAX_MODIFY_ACTIONS];
+ struct mlx5dr_action_mh_pattern pat[2];
+ static struct mlx5dr_action *action;
+ uint8_t header_size_in_dw;
+ uint8_t *action_ptr;
+ uint32_t eth_type;
+ bool is_v4_to_v6;
+ uint32_t ip_ver;
+ int i;
+
+ is_v4_to_v6 = attr->flags & MLX5DR_ACTION_NAT64_V4_TO_V6;
+
+ if (is_v4_to_v6) {
+ uint32_t nat64_well_known_pref[] = {0x00010000,
+ 0x9bff6400, 0x0, 0x0, 0x0,
+ 0x9bff6400, 0x0, 0x0, 0x0};
+
+ header_size_in_dw = MLX5DR_ACTION_NAT64_IPV6_HEADER;
+ ip_ver = MLX5DR_ACTION_NAT64_IPV6_VER;
+ eth_type = RTE_ETHER_TYPE_IPV6;
+ memcpy(address_prefix, nat64_well_known_pref,
+ MLX5DR_ACTION_NAT64_HEADER_MINUS_ONE * sizeof(uint32_t));
+ } else {
+ header_size_in_dw = MLX5DR_ACTION_NAT64_IPV4_HEADER;
+ ip_ver = MLX5DR_ACTION_NAT64_IPV4_VER;
+ eth_type = RTE_ETHER_TYPE_IPV4;
+ }
+
+ memset(modify_action_data, 0, sizeof(modify_action_data));
+ action_ptr = (uint8_t *)modify_action_data;
+
+ MLX5_SET(set_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_SET);
+ MLX5_SET(set_action_in, action_ptr, field, MLX5_MODI_OUT_ETHERTYPE);
+ MLX5_SET(set_action_in, action_ptr, length, 16);
+ MLX5_SET(set_action_in, action_ptr, data, eth_type);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ /* push empty header with ipv6 as version */
+ MLX5_SET(stc_ste_param_insert, action_ptr, action_type,
+ MLX5_MODIFICATION_TYPE_INSERT);
+ MLX5_SET(stc_ste_param_insert, action_ptr, inline_data, 0x1);
+ MLX5_SET(stc_ste_param_insert, action_ptr, insert_anchor,
+ MLX5_HEADER_ANCHOR_IPV6_IPV4);
+ MLX5_SET(stc_ste_param_insert, action_ptr, insert_size, 2);
+ MLX5_SET(stc_ste_param_insert, action_ptr, insert_argument, ip_ver);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ for (i = 0; i < header_size_in_dw - 1; i++) {
+ MLX5_SET(stc_ste_param_insert, action_ptr, action_type,
+ MLX5_MODIFICATION_TYPE_INSERT);
+ MLX5_SET(stc_ste_param_insert, action_ptr, inline_data, 0x1);
+ MLX5_SET(stc_ste_param_insert, action_ptr, insert_anchor,
+ MLX5_HEADER_ANCHOR_IPV6_IPV4);
+ MLX5_SET(stc_ste_param_insert, action_ptr, insert_size, 2);
+ MLX5_SET(stc_ste_param_insert, action_ptr, insert_argument,
+ htobe32(address_prefix[i]));
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+ }
+
+ /* Remove orig src/dst addr (8 bytes, 4 words) */
+ MLX5_SET(stc_ste_param_remove, action_ptr, action_type,
+ MLX5_MODIFICATION_TYPE_REMOVE);
+ MLX5_SET(stc_ste_param_remove, action_ptr, remove_start_anchor,
+ MLX5_HEADER_ANCHOR_IPV6_IPV4);
+ MLX5_SET(stc_ste_param_remove, action_ptr, remove_end_anchor,
+ MLX5_HEADER_ANCHOR_TCP_UDP);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ pat[0].data = modify_action_data;
+ pat[0].sz = action_ptr - (uint8_t *)modify_action_data;
+
+ action = mlx5dr_action_create_modify_header(ctx, 1, pat, 0, flags);
+ if (!action) {
+ DR_LOG(ERR, "Failed to create action: action_sz: %zu flags: 0x%x\n",
+ pat[0].sz, flags);
+ return NULL;
+ }
+
+ return action;
+}
+
+static struct mlx5dr_action *
+mlx5dr_action_create_nat64_copy_back_state(struct mlx5dr_context *ctx,
+ struct mlx5dr_action_nat64_attr *attr,
+ uint32_t flags)
+{
+ __be64 modify_action_data[MLX5DR_ACTION_NAT64_MAX_MODIFY_ACTIONS];
+ struct mlx5dr_action_mh_pattern pat[2];
+ struct mlx5dr_action *action;
+ uint32_t packet_len_field;
+ uint32_t packet_len_add;
+ uint8_t *action_ptr;
+ uint32_t ttl_field;
+ uint32_t src_addr;
+ uint32_t dst_addr;
+ bool is_v4_to_v6;
+
+ is_v4_to_v6 = attr->flags & MLX5DR_ACTION_NAT64_V4_TO_V6;
+
+ if (is_v4_to_v6) {
+ packet_len_field = MLX5_MODI_OUT_IPV6_PAYLOAD_LEN;
+ /* 2' comp to 20, to get -20 in add operation */
+ packet_len_add = MLX5DR_ACTION_NAT64_DEC_20;
+ ttl_field = MLX5_MODI_OUT_IPV6_HOPLIMIT;
+ src_addr = MLX5_MODI_OUT_SIPV6_31_0;
+ dst_addr = MLX5_MODI_OUT_DIPV6_31_0;
+ } else {
+ packet_len_field = MLX5_MODI_OUT_IPV4_TOTAL_LEN;
+ /* ipv4 len is including 20 bytes of the header, so add 20 over ipv6 len */
+ packet_len_add = MLX5DR_ACTION_NAT64_ADD_20;
+ ttl_field = MLX5_MODI_OUT_IPV4_TTL;
+ src_addr = MLX5_MODI_OUT_SIPV4;
+ dst_addr = MLX5_MODI_OUT_DIPV4;
+ }
+
+ memset(modify_action_data, 0, sizeof(modify_action_data));
+ action_ptr = (uint8_t *)modify_action_data;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_CONTROL]);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ packet_len_field);
+ MLX5_SET(copy_action_in, action_ptr, src_offset, 32);
+ MLX5_SET(copy_action_in, action_ptr, length, 16);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_NOP);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_CONTROL]);
+ MLX5_SET(copy_action_in, action_ptr, dst_field,
+ MLX5_MODI_OUT_IP_PROTOCOL);
+ MLX5_SET(copy_action_in, action_ptr, src_offset, 16);
+ MLX5_SET(copy_action_in, action_ptr, dst_offset, 0);
+ MLX5_SET(copy_action_in, action_ptr, length, 8);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_NOP);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_CONTROL]);
+ MLX5_SET(copy_action_in, action_ptr, dst_field, ttl_field);
+ MLX5_SET(copy_action_in, action_ptr, src_offset, 24);
+ MLX5_SET(copy_action_in, action_ptr, length, 8);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_NOP);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ /* if required Copy original addresses */
+ if (attr->flags & MLX5DR_ACTION_NAT64_BACKUP_ADDR) {
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_SRC_IP]);
+ MLX5_SET(copy_action_in, action_ptr, dst_field, src_addr);
+ MLX5_SET(copy_action_in, action_ptr, src_offset, 0);
+ MLX5_SET(copy_action_in, action_ptr, length, 32);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ MLX5_SET(copy_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_COPY);
+ MLX5_SET(copy_action_in, action_ptr, src_field,
+ attr->registers[MLX5DR_ACTION_NAT64_REG_DST_IP]);
+ MLX5_SET(copy_action_in, action_ptr, dst_field, dst_addr);
+ MLX5_SET(copy_action_in, action_ptr, src_offset, 0);
+ MLX5_SET(copy_action_in, action_ptr, length, 32);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+ }
+
+ /* take/add off 20 bytes ipv4/6 from/to the total size */
+ MLX5_SET(set_action_in, action_ptr, action_type, MLX5_MODIFICATION_TYPE_ADD);
+ MLX5_SET(set_action_in, action_ptr, field, packet_len_field);
+ MLX5_SET(set_action_in, action_ptr, data, packet_len_add);
+ MLX5_SET(set_action_in, action_ptr, length, 16);
+ action_ptr += MLX5DR_ACTION_DOUBLE_SIZE;
+
+ pat[0].data = modify_action_data;
+ pat[0].sz = action_ptr - (uint8_t *)modify_action_data;
+
+ action = mlx5dr_action_create_modify_header(ctx, 1, pat, 0, flags);
+ if (!action) {
+ DR_LOG(ERR, "Failed to create action: action_sz: %zu, flags: 0x%x\n",
+ pat[0].sz, flags);
+ return NULL;
+ }
+
+ return action;
+}
+
static void mlx5dr_action_print_combo(enum mlx5dr_action_type *user_actions)
{
DR_LOG(ERR, "Invalid action_type sequence");
@@ -2530,6 +2837,94 @@ mlx5dr_action_create_reformat_ipv6_ext(struct mlx5dr_context *ctx,
return NULL;
}
+static bool
+mlx5dr_action_nat64_validate_param(struct mlx5dr_action_nat64_attr *attr,
+ uint32_t flags)
+{
+ if (mlx5dr_action_is_root_flags(flags)) {
+ DR_LOG(ERR, "Nat64 action not supported for root");
+ rte_errno = ENOTSUP;
+ return false;
+ }
+
+ if (!(flags & MLX5DR_ACTION_FLAG_SHARED)) {
+ DR_LOG(ERR, "Nat64 action must be with SHARED flag");
+ rte_errno = EINVAL;
+ return false;
+ }
+
+ if (attr->num_of_registers > MLX5DR_ACTION_NAT64_REG_MAX) {
+ DR_LOG(ERR, "Nat64 action doesn't support more than %d registers",
+ MLX5DR_ACTION_NAT64_REG_MAX);
+ rte_errno = EINVAL;
+ return false;
+ }
+
+ if (attr->flags & MLX5DR_ACTION_NAT64_BACKUP_ADDR &&
+ attr->num_of_registers != MLX5DR_ACTION_NAT64_REG_MAX) {
+ DR_LOG(ERR, "Nat64 backup addr requires %d registers",
+ MLX5DR_ACTION_NAT64_REG_MAX);
+ rte_errno = EINVAL;
+ return false;
+ }
+
+ if (!(attr->flags & MLX5DR_ACTION_NAT64_V4_TO_V6 ||
+ attr->flags & MLX5DR_ACTION_NAT64_V6_TO_V4)) {
+ DR_LOG(ERR, "Nat64 backup addr requires one mode at least");
+ rte_errno = EINVAL;
+ return false;
+ }
+
+ return true;
+}
+
+struct mlx5dr_action *
+mlx5dr_action_create_nat64(struct mlx5dr_context *ctx,
+ struct mlx5dr_action_nat64_attr *attr,
+ uint32_t flags)
+{
+ struct mlx5dr_action *action;
+
+ if (!mlx5dr_action_nat64_validate_param(attr, flags))
+ return NULL;
+
+ action = mlx5dr_action_create_generic(ctx, flags, MLX5DR_ACTION_TYP_NAT64);
+ if (!action)
+ return NULL;
+
+ action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_COPY] =
+ mlx5dr_action_create_nat64_copy_state(ctx, attr, flags);
+ if (!action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_COPY]) {
+ DR_LOG(ERR, "Nat64 failed creating copy state");
+ goto free_action;
+ }
+
+ action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_REPLACE] =
+ mlx5dr_action_create_nat64_repalce_state(ctx, attr, flags);
+ if (!action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_REPLACE]) {
+ DR_LOG(ERR, "Nat64 failed creating replace state");
+ goto free_copy;
+ }
+
+ action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_COPYBACK] =
+ mlx5dr_action_create_nat64_copy_back_state(ctx, attr, flags);
+ if (!action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_COPYBACK]) {
+ DR_LOG(ERR, "Nat64 failed creating copyback state");
+ goto free_replace;
+ }
+
+ return action;
+
+
+free_replace:
+ mlx5dr_action_destroy(action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_REPLACE]);
+free_copy:
+ mlx5dr_action_destroy(action->nat64.stages[MLX5DR_ACTION_NAT64_STAGE_COPY]);
+free_action:
+ simple_free(action);
+ return NULL;
+}
+
static void mlx5dr_action_destroy_hws(struct mlx5dr_action *action)
{
struct mlx5dr_devx_obj *obj = NULL;
@@ -2604,6 +2999,10 @@ static void mlx5dr_action_destroy_hws(struct mlx5dr_action *action)
if (action->ipv6_route_ext.action[i])
mlx5dr_action_destroy(action->ipv6_route_ext.action[i]);
break;
+ case MLX5DR_ACTION_TYP_NAT64:
+ for (i = 0; i < MLX5DR_ACTION_NAT64_STAGES; i++)
+ mlx5dr_action_destroy(action->nat64.stages[i]);
+ break;
}
}
@@ -2878,6 +3277,28 @@ mlx5dr_action_setter_modify_header(struct mlx5dr_actions_apply_data *apply,
}
}
+static void
+mlx5dr_action_setter_nat64(struct mlx5dr_actions_apply_data *apply,
+ struct mlx5dr_actions_wqe_setter *setter)
+{
+ struct mlx5dr_rule_action *rule_action;
+ struct mlx5dr_action *cur_stage_action;
+ struct mlx5dr_action *action;
+ uint32_t stc_idx;
+
+ rule_action = &apply->rule_action[setter->idx_double];
+ action = rule_action->action;
+ cur_stage_action = action->nat64.stages[setter->stage_idx];
+
+ stc_idx = htobe32(cur_stage_action->stc[apply->tbl_type].offset);
+
+ apply->wqe_ctrl->stc_ix[MLX5DR_ACTION_STC_IDX_DW6] = stc_idx;
+ apply->wqe_ctrl->stc_ix[MLX5DR_ACTION_STC_IDX_DW7] = 0;
+
+ apply->wqe_data[MLX5DR_ACTION_OFFSET_DW6] = 0;
+ apply->wqe_data[MLX5DR_ACTION_OFFSET_DW7] = 0;
+}
+
static void
mlx5dr_action_setter_insert_ptr(struct mlx5dr_actions_apply_data *apply,
struct mlx5dr_actions_wqe_setter *setter)
@@ -3178,7 +3599,7 @@ int mlx5dr_action_template_process(struct mlx5dr_action_template *at)
struct mlx5dr_actions_wqe_setter *setter = at->setters;
struct mlx5dr_actions_wqe_setter *pop_setter = NULL;
struct mlx5dr_actions_wqe_setter *last_setter;
- int i;
+ int i, j;
/* Note: Given action combination must be valid */
@@ -3366,6 +3787,19 @@ int mlx5dr_action_template_process(struct mlx5dr_action_template *at)
setter->idx_ctr = i;
break;
+ case MLX5DR_ACTION_TYP_NAT64:
+ /* NAT64 requires 3 setters, each of them does specific modify header */
+ for (j = 0; j < MLX5DR_ACTION_NAT64_STAGES; j++) {
+ setter = mlx5dr_action_setter_find_first(last_setter,
+ ASF_DOUBLE | ASF_REMOVE);
+ setter->flags |= ASF_DOUBLE | ASF_MODIFY;
+ setter->set_double = &mlx5dr_action_setter_nat64;
+ setter->idx_double = i;
+ /* The stage indicates which modify-header to push */
+ setter->stage_idx = j;
+ }
+ break;
+
default:
DR_LOG(ERR, "Unsupported action type: %d", action_type[i]);
rte_errno = ENOTSUP;
@@ -11,6 +11,9 @@
/* Max number of internal subactions of ipv6_ext */
#define MLX5DR_ACTION_IPV6_EXT_MAX_SA 4
+/* Number of MH in NAT64 */
+#define MLX5DR_ACTION_NAT64_STAGES 3
+
enum mlx5dr_action_stc_idx {
MLX5DR_ACTION_STC_IDX_CTRL = 0,
MLX5DR_ACTION_STC_IDX_HIT = 1,
@@ -68,6 +71,34 @@ enum mlx5dr_action_stc_reparse {
MLX5DR_ACTION_STC_REPARSE_OFF,
};
+ /* 2' comp to 20, to get -20 in add operation */
+#define MLX5DR_ACTION_NAT64_DEC_20 0xffffffec
+
+enum {
+ MLX5DR_ACTION_NAT64_MAX_MODIFY_ACTIONS = 20,
+ MLX5DR_ACTION_NAT64_ADD_20 = 20,
+ MLX5DR_ACTION_NAT64_HEADER_MINUS_ONE = 9,
+ MLX5DR_ACTION_NAT64_IPV6_HEADER = 10,
+ MLX5DR_ACTION_NAT64_IPV4_HEADER = 5,
+ MLX5DR_ACTION_NAT64_IPV6_VER = 0x60000000,
+ MLX5DR_ACTION_NAT64_IPV4_VER = 0x45000000,
+};
+
+/* 3 stages for the nat64 action */
+enum mlx5dr_action_nat64_stages {
+ MLX5DR_ACTION_NAT64_STAGE_COPY = 0,
+ MLX5DR_ACTION_NAT64_STAGE_REPLACE = 1,
+ MLX5DR_ACTION_NAT64_STAGE_COPYBACK = 2,
+};
+
+/* Registers for keeping data from stage to stage */
+enum {
+ MLX5DR_ACTION_NAT64_REG_CONTROL = 0,
+ MLX5DR_ACTION_NAT64_REG_SRC_IP = 1,
+ MLX5DR_ACTION_NAT64_REG_DST_IP = 2,
+ MLX5DR_ACTION_NAT64_REG_MAX = 3,
+};
+
struct mlx5dr_action_default_stc {
struct mlx5dr_pool_chunk nop_ctr;
struct mlx5dr_pool_chunk nop_dw5;
@@ -109,6 +140,7 @@ struct mlx5dr_actions_wqe_setter {
uint8_t idx_double;
uint8_t idx_ctr;
uint8_t idx_hit;
+ uint8_t stage_idx;
uint8_t flags;
uint8_t extra_data;
};
@@ -184,6 +216,9 @@ struct mlx5dr_action {
uint8_t num_of_words;
bool decap;
} remove_header;
+ struct {
+ struct mlx5dr_action *stages[MLX5DR_ACTION_NAT64_STAGES];
+ } nat64;
};
};
@@ -28,6 +28,7 @@ const char *mlx5dr_debug_action_type_str[] = {
[MLX5DR_ACTION_TYP_REMOVE_HEADER] = "REMOVE_HEADER",
[MLX5DR_ACTION_TYP_POP_IPV6_ROUTE_EXT] = "POP_IPV6_ROUTE_EXT",
[MLX5DR_ACTION_TYP_PUSH_IPV6_ROUTE_EXT] = "PUSH_IPV6_ROUTE_EXT",
+ [MLX5DR_ACTION_TYP_NAT64] = "NAT64",
};
static_assert(ARRAY_SIZE(mlx5dr_debug_action_type_str) == MLX5DR_ACTION_TYP_MAX,