FD.io VPP  v19.01.3-6-g70449b9b9
Vector Packet Processing
flow.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vnet/vnet.h>
17 #include <vppinfra/vec.h>
18 #include <vppinfra/format.h>
19 #include <vlib/unix/cj.h>
20 #include <assert.h>
21 
22 #include <vnet/ip/ip.h>
23 #include <vnet/ethernet/ethernet.h>
25 #include <vnet/vxlan/vxlan.h>
26 #include <dpdk/device/dpdk.h>
27 
28 #include <dpdk/device/dpdk_priv.h>
29 #include <vppinfra/error.h>
30 
31 /* constant structs */
32 static const struct rte_flow_attr ingress = {.ingress = 1 };
33 static const struct rte_flow_item_eth any_eth[2] = { };
34 static const struct rte_flow_item_vlan any_vlan[2] = { };
35 
36 static int
38 {
39  struct rte_flow_item_ipv4 ip4[2] = { };
40  struct rte_flow_item_ipv6 ip6[2] = { };
41  struct rte_flow_item_udp udp[2] = { };
42  struct rte_flow_item_tcp tcp[2] = { };
43  struct rte_flow_action_mark mark = { 0 };
44  struct rte_flow_item *item, *items = 0;
45  struct rte_flow_action *action, *actions = 0;
46 
47  enum
48  {
49  vxlan_hdr_sz = sizeof (vxlan_header_t),
50  raw_sz = sizeof (struct rte_flow_item_raw)
51  };
52 
53  union
54  {
55  struct rte_flow_item_raw item;
56  u8 val[raw_sz + vxlan_hdr_sz];
57  } raw[2];
58 
59  u16 src_port, dst_port, src_port_mask, dst_port_mask;
60  u8 protocol;
61  int rv = 0;
62 
63  if (f->actions & (~xd->supported_flow_actions))
64  return VNET_FLOW_ERROR_NOT_SUPPORTED;
65 
66  /* Match items */
67  /* Ethernet */
68  vec_add2 (items, item, 1);
69  item->type = RTE_FLOW_ITEM_TYPE_ETH;
70  item->spec = any_eth;
71  item->mask = any_eth + 1;
72 
73  /* VLAN */
74  if (f->type != VNET_FLOW_TYPE_IP4_VXLAN)
75  {
76  vec_add2 (items, item, 1);
77  item->type = RTE_FLOW_ITEM_TYPE_VLAN;
78  item->spec = any_vlan;
79  item->mask = any_vlan + 1;
80  }
81 
82  /* IP */
83  vec_add2 (items, item, 1);
84  if (f->type == VNET_FLOW_TYPE_IP6_N_TUPLE)
85  {
86  vnet_flow_ip6_n_tuple_t *t6 = &f->ip6_n_tuple;
87  clib_memcpy_fast (ip6[0].hdr.src_addr, &t6->src_addr.addr, 16);
88  clib_memcpy_fast (ip6[1].hdr.src_addr, &t6->src_addr.mask, 16);
89  clib_memcpy_fast (ip6[0].hdr.dst_addr, &t6->dst_addr.addr, 16);
90  clib_memcpy_fast (ip6[1].hdr.dst_addr, &t6->dst_addr.mask, 16);
91  item->type = RTE_FLOW_ITEM_TYPE_IPV6;
92  item->spec = ip6;
93  item->mask = ip6 + 1;
94 
95  src_port = t6->src_port.port;
96  dst_port = t6->dst_port.port;
97  src_port_mask = t6->src_port.mask;
98  dst_port_mask = t6->dst_port.mask;
99  protocol = t6->protocol;
100  }
101  else if (f->type == VNET_FLOW_TYPE_IP4_N_TUPLE)
102  {
103  vnet_flow_ip4_n_tuple_t *t4 = &f->ip4_n_tuple;
104  ip4[0].hdr.src_addr = t4->src_addr.addr.as_u32;
105  ip4[1].hdr.src_addr = t4->src_addr.mask.as_u32;
106  ip4[0].hdr.dst_addr = t4->dst_addr.addr.as_u32;
107  ip4[1].hdr.dst_addr = t4->dst_addr.mask.as_u32;
108  item->type = RTE_FLOW_ITEM_TYPE_IPV4;
109  item->spec = ip4;
110  item->mask = ip4 + 1;
111 
112  src_port = t4->src_port.port;
113  dst_port = t4->dst_port.port;
114  src_port_mask = t4->src_port.mask;
115  dst_port_mask = t4->dst_port.mask;
116  protocol = t4->protocol;
117  }
118  else if (f->type == VNET_FLOW_TYPE_IP4_VXLAN)
119  {
120  vnet_flow_ip4_vxlan_t *v4 = &f->ip4_vxlan;
121  ip4[0].hdr.src_addr = v4->src_addr.as_u32;
122  ip4[1].hdr.src_addr = -1;
123  ip4[0].hdr.dst_addr = v4->dst_addr.as_u32;
124  ip4[1].hdr.dst_addr = -1;
125  item->type = RTE_FLOW_ITEM_TYPE_IPV4;
126  item->spec = ip4;
127  item->mask = ip4 + 1;
128 
129  dst_port = v4->dst_port;
130  dst_port_mask = -1;
131  src_port = 0;
132  src_port_mask = 0;
133  protocol = IP_PROTOCOL_UDP;
134  }
135  else
136  {
137  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
138  goto done;
139  }
140 
141  /* Layer 4 */
142  vec_add2 (items, item, 1);
143  if (protocol == IP_PROTOCOL_UDP)
144  {
145  udp[0].hdr.src_port = clib_host_to_net_u16 (src_port);
146  udp[1].hdr.src_port = clib_host_to_net_u16 (src_port_mask);
147  udp[0].hdr.dst_port = clib_host_to_net_u16 (dst_port);
148  udp[1].hdr.dst_port = clib_host_to_net_u16 (dst_port_mask);
149  item->type = RTE_FLOW_ITEM_TYPE_UDP;
150  item->spec = udp;
151  item->mask = udp + 1;
152  }
153  else if (protocol == IP_PROTOCOL_TCP)
154  {
155  tcp[0].hdr.src_port = clib_host_to_net_u16 (src_port);
156  tcp[1].hdr.src_port = clib_host_to_net_u16 (src_port_mask);
157  tcp[0].hdr.dst_port = clib_host_to_net_u16 (dst_port);
158  tcp[1].hdr.dst_port = clib_host_to_net_u16 (dst_port_mask);
159  item->type = RTE_FLOW_ITEM_TYPE_TCP;
160  item->spec = tcp;
161  item->mask = tcp + 1;
162  }
163  else
164  {
165  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
166  goto done;
167  }
168 
169  /* Tunnel header match */
170  if (f->type == VNET_FLOW_TYPE_IP4_VXLAN)
171  {
172  u32 vni = f->ip4_vxlan.vni;
173  vxlan_header_t spec_hdr = {
174  .flags = VXLAN_FLAGS_I,
175  .vni_reserved = clib_host_to_net_u32 (vni << 8)
176  };
177  vxlan_header_t mask_hdr = {
178  .flags = 0xff,
179  .vni_reserved = clib_host_to_net_u32 (((u32) - 1) << 8)
180  };
181 
182  clib_memset (raw, 0, sizeof raw);
183  raw[0].item.relative = 1;
184  raw[0].item.length = vxlan_hdr_sz;
185 
186  clib_memcpy_fast (raw[0].val + raw_sz, &spec_hdr, vxlan_hdr_sz);
187  raw[0].item.pattern = raw[0].val + raw_sz;
188  clib_memcpy_fast (raw[1].val + raw_sz, &mask_hdr, vxlan_hdr_sz);
189  raw[1].item.pattern = raw[1].val + raw_sz;
190 
191  vec_add2 (items, item, 1);
192  item->type = RTE_FLOW_ITEM_TYPE_RAW;
193  item->spec = raw;
194  item->mask = raw + 1;
195  }
196 
197  vec_add2 (items, item, 1);
198  item->type = RTE_FLOW_ITEM_TYPE_END;
199 
200  /* Actions */
201  vec_add2 (actions, action, 1);
202  action->type = RTE_FLOW_ACTION_TYPE_PASSTHRU;
203 
204  vec_add2 (actions, action, 1);
205  mark.id = fe->mark;
206  action->type = RTE_FLOW_ACTION_TYPE_MARK;
207  action->conf = &mark;
208 
209  vec_add2 (actions, action, 1);
210  action->type = RTE_FLOW_ACTION_TYPE_END;
211 
212  rv = rte_flow_validate (xd->device_index, &ingress, items, actions,
213  &xd->last_flow_error);
214  if (rv != 0)
215  {
216  if (rv == -EINVAL)
217  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
218  else if (rv == -EEXIST)
219  rv = VNET_FLOW_ERROR_ALREADY_EXISTS;
220  else
221  rv = VNET_FLOW_ERROR_INTERNAL;
222 
223  goto done;
224  }
225 
226  fe->handle = rte_flow_create (xd->device_index, &ingress, items, actions,
227  &xd->last_flow_error);
228 
229 done:
230  vec_free (items);
231  vec_free (actions);
232  return rv;
233 }
234 
235 int
237  u32 flow_index, uword * private_data)
238 {
239  dpdk_main_t *dm = &dpdk_main;
240  vnet_flow_t *flow = vnet_get_flow (flow_index);
241  dpdk_device_t *xd = vec_elt_at_index (dm->devices, dev_instance);
242  dpdk_flow_entry_t *fe;
243  dpdk_flow_lookup_entry_t *fle = 0;
244  int rv;
245 
246  /* recycle old flow lookup entries only after the main loop counter
247  increases - i.e. previously DMA'ed packets were handled */
248  if (vec_len (xd->parked_lookup_indexes) > 0 &&
250  {
251  u32 *fl_index;
252 
253  vec_foreach (fl_index, xd->parked_lookup_indexes)
254  pool_put_index (xd->flow_lookup_entries, *fl_index);
256  }
257 
258  if (op == VNET_FLOW_DEV_OP_DEL_FLOW)
259  {
260  ASSERT (*private_data >= vec_len (xd->flow_entries));
261 
262  fe = vec_elt_at_index (xd->flow_entries, *private_data);
263 
264  if ((rv = rte_flow_destroy (xd->device_index, fe->handle,
265  &xd->last_flow_error)))
266  return VNET_FLOW_ERROR_INTERNAL;
267 
268  if (fe->mark)
269  {
270  /* make sure no action is taken for in-flight (marked) packets */
271  fle = pool_elt_at_index (xd->flow_lookup_entries, fe->mark);
272  clib_memset (fle, -1, sizeof (*fle));
275  }
276 
277  clib_memset (fe, 0, sizeof (*fe));
278  pool_put (xd->flow_entries, fe);
279 
280  goto disable_rx_offload;
281  }
282 
283  if (op != VNET_FLOW_DEV_OP_ADD_FLOW)
284  return VNET_FLOW_ERROR_NOT_SUPPORTED;
285 
286  pool_get (xd->flow_entries, fe);
287  fe->flow_index = flow->index;
288 
289  if (flow->actions == 0)
290  {
291  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
292  goto done;
293  }
294 
295  /* if we need to mark packets, assign one mark */
296  if (flow->actions & (VNET_FLOW_ACTION_MARK |
297  VNET_FLOW_ACTION_REDIRECT_TO_NODE |
298  VNET_FLOW_ACTION_BUFFER_ADVANCE))
299  {
300  /* reserve slot 0 */
301  if (xd->flow_lookup_entries == 0)
305  fe->mark = fle - xd->flow_lookup_entries;
306 
307  /* install entry in the lookup table */
308  clib_memset (fle, -1, sizeof (*fle));
309  if (flow->actions & VNET_FLOW_ACTION_MARK)
310  fle->flow_id = flow->mark_flow_id;
311  if (flow->actions & VNET_FLOW_ACTION_REDIRECT_TO_NODE)
313  if (flow->actions & VNET_FLOW_ACTION_BUFFER_ADVANCE)
314  fle->buffer_advance = flow->buffer_advance;
315  }
316  else
317  fe->mark = 0;
318 
319  if ((xd->flags & DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD) == 0)
320  {
321  xd->flags |= DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD;
322  dpdk_device_setup (xd);
323  }
324 
325  switch (flow->type)
326  {
327  case VNET_FLOW_TYPE_IP4_N_TUPLE:
328  case VNET_FLOW_TYPE_IP6_N_TUPLE:
329  case VNET_FLOW_TYPE_IP4_VXLAN:
330  if ((rv = dpdk_flow_add (xd, flow, fe)))
331  goto done;
332  break;
333  default:
334  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
335  goto done;
336  }
337 
338  *private_data = fe - xd->flow_entries;
339 
340 done:
341  if (rv)
342  {
343  clib_memset (fe, 0, sizeof (*fe));
344  pool_put (xd->flow_entries, fe);
345  if (fle)
346  {
347  clib_memset (fle, -1, sizeof (*fle));
348  pool_put (xd->flow_lookup_entries, fle);
349  }
350  }
351 disable_rx_offload:
352  if ((xd->flags & DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD) != 0
353  && pool_elts (xd->flow_entries) == 0)
354  {
355  xd->flags &= ~DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD;
356  dpdk_device_setup (xd);
357  }
358 
359  return rv;
360 }
361 
362 u8 *
363 format_dpdk_flow (u8 * s, va_list * args)
364 {
365  u32 dev_instance = va_arg (*args, u32);
366  u32 flow_index = va_arg (*args, u32);
367  uword private_data = va_arg (*args, uword);
368  dpdk_main_t *dm = &dpdk_main;
369  dpdk_device_t *xd = vec_elt_at_index (dm->devices, dev_instance);
370  dpdk_flow_entry_t *fe;
371 
372  if (flow_index == ~0)
373  {
374  s = format (s, "%-25s: %U\n", "supported flow actions",
376  s = format (s, "%-25s: %d\n", "last DPDK error type",
377  xd->last_flow_error.type);
378  s = format (s, "%-25s: %s\n", "last DPDK error message",
379  xd->last_flow_error.message ? xd->last_flow_error.message :
380  "n/a");
381  return s;
382  }
383 
384  if (private_data >= vec_len (xd->flow_entries))
385  return format (s, "unknown flow");
386 
387  fe = vec_elt_at_index (xd->flow_entries, private_data);
388  s = format (s, "mark %u", fe->mark);
389  return s;
390 }
391 
392 /*
393  * fd.io coding-style-patch-verification: ON
394  *
395  * Local Variables:
396  * eval: (c-set-style "gnu")
397  * End:
398  */
vnet_flow_type_t type
Definition: flow.h:121
dpdk_main_t dpdk_main
Definition: init.c:43
#define clib_memcpy_fast(a, b, c)
Definition: string.h:81
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
#define EINVAL
Definition: string.h:93
u16 flags
Definition: dpdk.h:216
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
Definition: vec.h:525
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:564
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:419
u32 supported_flow_actions
Definition: dpdk.h:237
struct rte_flow * handle
Definition: dpdk.h:186
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:236
unsigned char u8
Definition: types.h:56
#define vec_reset_length(v)
Reset vector length to zero NULL-pointer tolerant.
u16 src_port
Definition: udp.api:41
#define VXLAN_FLAGS_I
Definition: vxlan_packet.h:52
static const struct rte_flow_item_eth any_eth[2]
Definition: flow.c:33
u32 mark_flow_id
Definition: flow.h:130
#define vec_elt_at_index(v, i)
Get vector value at index i checking that i is in bounds.
unsigned int u32
Definition: types.h:88
void dpdk_device_setup(dpdk_device_t *xd)
Definition: common.c:40
i16 buffer_advance
Definition: dpdk.h:193
u32 parked_loop_count
Definition: dpdk.h:241
static const struct rte_flow_attr ingress
Definition: flow.c:32
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:511
static int dpdk_flow_add(dpdk_device_t *xd, vnet_flow_t *f, dpdk_flow_entry_t *fe)
Definition: flow.c:37
unsigned short u16
Definition: types.h:57
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:286
vnet_flow_t * vnet_get_flow(u32 flow_index)
Definition: flow.c:57
u32 index
Definition: flow.h:124
i32 buffer_advance
Definition: flow.h:140
#define pool_get_aligned(P, E, A)
Allocate an object E from a pool P with alignment A.
Definition: pool.h:230
u32 actions
Definition: flow.h:127
vnet_flow_dev_op_t
Definition: interface.h:86
format_function_t format_flow_actions
Definition: flow.h:183
Definition: dpdk.h:182
dpdk_device_t * devices
Definition: dpdk.h:411
dpdk_flow_lookup_entry_t * flow_lookup_entries
Definition: dpdk.h:239
u32 * parked_lookup_indexes
Definition: dpdk.h:240
u8 * format_dpdk_flow(u8 *s, va_list *args)
Definition: flow.c:363
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:341
int dpdk_flow_ops_fn(vnet_main_t *vnm, vnet_flow_dev_op_t op, u32 dev_instance, u32 flow_index, uword *private_data)
Definition: flow.c:236
u32 flow_index
Definition: dpdk.h:184
static const struct rte_flow_item_vlan any_vlan[2]
Definition: flow.c:34
#define pool_put_index(p, i)
Free pool element with given index.
Definition: pool.h:311
#define ASSERT(truth)
dpdk_portid_t device_index
Definition: dpdk.h:202
Definition: dpdk.h:189
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
u64 uword
Definition: types.h:112
u32 vni
Definition: vxlan_gbp.api:36
u16 next_index
Definition: dpdk.h:192
u32 redirect_device_input_next_index
Definition: flow.h:134
#define vec_foreach(var, vec)
Vector iterator.
dpdk_flow_entry_t * flow_entries
Definition: dpdk.h:238
u16 dst_port
Definition: udp.api:42
#define CLIB_CACHE_LINE_BYTES
Definition: cache.h:59
u32 main_loop_count
Definition: main.h:77
u32 flow_id
Definition: dpdk.h:191
struct rte_flow_error last_flow_error
Definition: dpdk.h:242
icmpr_flow_t * flow
Definition: main.c:123
CLIB vectors are ubiquitous dynamically resized arrays with by user defined "headers".
u32 mark
Definition: dpdk.h:185
vlib_main_t * vlib_main
Definition: dpdk.h:442
static uword pool_elts(void *v)
Number of active elements in a pool.
Definition: pool.h:128