FD.io VPP  v19.08.1-401-g8e4ed521a
Vector Packet Processing
flow.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vnet/vnet.h>
17 #include <vppinfra/vec.h>
18 #include <vppinfra/format.h>
19 #include <vlib/unix/cj.h>
20 #include <assert.h>
21 
22 #include <vnet/ip/ip.h>
23 #include <vnet/ethernet/ethernet.h>
24 #include <vnet/ethernet/arp_packet.h>
25 #include <vnet/vxlan/vxlan.h>
26 #include <dpdk/device/dpdk.h>
27 
28 #include <dpdk/device/dpdk_priv.h>
29 #include <vppinfra/error.h>
30 
31 /* constant structs */
32 static const struct rte_flow_attr ingress = {.ingress = 1 };
33 static const struct rte_flow_item_eth any_eth[2] = { };
34 static const struct rte_flow_item_vlan any_vlan[2] = { };
35 
36 static int
37 dpdk_flow_add (dpdk_device_t * xd, vnet_flow_t * f, dpdk_flow_entry_t * fe)
38 {
39  struct rte_flow_item_ipv4 ip4[2] = { };
40  struct rte_flow_item_ipv6 ip6[2] = { };
41  struct rte_flow_item_udp udp[2] = { };
42  struct rte_flow_item_tcp tcp[2] = { };
43  struct rte_flow_action_mark mark = { 0 };
44  struct rte_flow_action_queue queue = { 0 };
45  struct rte_flow_item *item, *items = 0;
46  struct rte_flow_action *action, *actions = 0;
47 
48  enum
49  {
50  vxlan_hdr_sz = sizeof (vxlan_header_t),
51  raw_sz = sizeof (struct rte_flow_item_raw)
52  };
53 
54  union
55  {
56  struct rte_flow_item_raw item;
57  u8 val[raw_sz + vxlan_hdr_sz];
58  } raw[2];
59 
60  u16 src_port, dst_port, src_port_mask, dst_port_mask;
61  u8 protocol;
62  int rv = 0;
63 
64  if (f->actions & (~xd->supported_flow_actions))
65  return VNET_FLOW_ERROR_NOT_SUPPORTED;
66 
67  /* Match items */
68  /* Ethernet */
69  vec_add2 (items, item, 1);
70  item->type = RTE_FLOW_ITEM_TYPE_ETH;
71  item->spec = any_eth;
72  item->mask = any_eth + 1;
73 
74  /* VLAN */
75  if (f->type != VNET_FLOW_TYPE_IP4_VXLAN)
76  {
77  vec_add2 (items, item, 1);
78  item->type = RTE_FLOW_ITEM_TYPE_VLAN;
79  item->spec = any_vlan;
80  item->mask = any_vlan + 1;
81  }
82 
83  /* IP */
84  vec_add2 (items, item, 1);
85  if (f->type == VNET_FLOW_TYPE_IP6_N_TUPLE)
86  {
87  vnet_flow_ip6_n_tuple_t *t6 = &f->ip6_n_tuple;
88  clib_memcpy_fast (ip6[0].hdr.src_addr, &t6->src_addr.addr, 16);
89  clib_memcpy_fast (ip6[1].hdr.src_addr, &t6->src_addr.mask, 16);
90  clib_memcpy_fast (ip6[0].hdr.dst_addr, &t6->dst_addr.addr, 16);
91  clib_memcpy_fast (ip6[1].hdr.dst_addr, &t6->dst_addr.mask, 16);
92  item->type = RTE_FLOW_ITEM_TYPE_IPV6;
93  item->spec = ip6;
94  item->mask = ip6 + 1;
95 
96  src_port = t6->src_port.port;
97  dst_port = t6->dst_port.port;
98  src_port_mask = t6->src_port.mask;
99  dst_port_mask = t6->dst_port.mask;
100  protocol = t6->protocol;
101  }
102  else if (f->type == VNET_FLOW_TYPE_IP4_N_TUPLE)
103  {
104  vnet_flow_ip4_n_tuple_t *t4 = &f->ip4_n_tuple;
105  ip4[0].hdr.src_addr = t4->src_addr.addr.as_u32;
106  ip4[1].hdr.src_addr = t4->src_addr.mask.as_u32;
107  ip4[0].hdr.dst_addr = t4->dst_addr.addr.as_u32;
108  ip4[1].hdr.dst_addr = t4->dst_addr.mask.as_u32;
109  item->type = RTE_FLOW_ITEM_TYPE_IPV4;
110  item->spec = ip4;
111  item->mask = ip4 + 1;
112 
113  src_port = t4->src_port.port;
114  dst_port = t4->dst_port.port;
115  src_port_mask = t4->src_port.mask;
116  dst_port_mask = t4->dst_port.mask;
117  protocol = t4->protocol;
118  }
119  else if (f->type == VNET_FLOW_TYPE_IP4_VXLAN)
120  {
121  vnet_flow_ip4_vxlan_t *v4 = &f->ip4_vxlan;
122  ip4[0].hdr.src_addr = v4->src_addr.as_u32;
123  ip4[1].hdr.src_addr = -1;
124  ip4[0].hdr.dst_addr = v4->dst_addr.as_u32;
125  ip4[1].hdr.dst_addr = -1;
126  item->type = RTE_FLOW_ITEM_TYPE_IPV4;
127  item->spec = ip4;
128  item->mask = ip4 + 1;
129 
130  dst_port = v4->dst_port;
131  dst_port_mask = -1;
132  src_port = 0;
133  src_port_mask = 0;
134  protocol = IP_PROTOCOL_UDP;
135  }
136  else
137  {
138  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
139  goto done;
140  }
141 
142  /* Layer 4 */
143  vec_add2 (items, item, 1);
144  if (protocol == IP_PROTOCOL_UDP)
145  {
146  udp[0].hdr.src_port = clib_host_to_net_u16 (src_port);
147  udp[1].hdr.src_port = clib_host_to_net_u16 (src_port_mask);
148  udp[0].hdr.dst_port = clib_host_to_net_u16 (dst_port);
149  udp[1].hdr.dst_port = clib_host_to_net_u16 (dst_port_mask);
150  item->type = RTE_FLOW_ITEM_TYPE_UDP;
151  item->spec = udp;
152  item->mask = udp + 1;
153  }
154  else if (protocol == IP_PROTOCOL_TCP)
155  {
156  tcp[0].hdr.src_port = clib_host_to_net_u16 (src_port);
157  tcp[1].hdr.src_port = clib_host_to_net_u16 (src_port_mask);
158  tcp[0].hdr.dst_port = clib_host_to_net_u16 (dst_port);
159  tcp[1].hdr.dst_port = clib_host_to_net_u16 (dst_port_mask);
160  item->type = RTE_FLOW_ITEM_TYPE_TCP;
161  item->spec = tcp;
162  item->mask = tcp + 1;
163  }
164  else
165  {
166  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
167  goto done;
168  }
169 
170  /* Tunnel header match */
171  if (f->type == VNET_FLOW_TYPE_IP4_VXLAN)
172  {
173  u32 vni = f->ip4_vxlan.vni;
174  vxlan_header_t spec_hdr = {
175  .flags = VXLAN_FLAGS_I,
176  .vni_reserved = clib_host_to_net_u32 (vni << 8)
177  };
178  vxlan_header_t mask_hdr = {
179  .flags = 0xff,
180  .vni_reserved = clib_host_to_net_u32 (((u32) - 1) << 8)
181  };
182 
183  clib_memset (raw, 0, sizeof raw);
184  raw[0].item.relative = 1;
185  raw[0].item.length = vxlan_hdr_sz;
186 
187  clib_memcpy_fast (raw[0].val + raw_sz, &spec_hdr, vxlan_hdr_sz);
188  raw[0].item.pattern = raw[0].val + raw_sz;
189  clib_memcpy_fast (raw[1].val + raw_sz, &mask_hdr, vxlan_hdr_sz);
190  raw[1].item.pattern = raw[1].val + raw_sz;
191 
192  vec_add2 (items, item, 1);
193  item->type = RTE_FLOW_ITEM_TYPE_RAW;
194  item->spec = raw;
195  item->mask = raw + 1;
196  }
197 
198  vec_add2 (items, item, 1);
199  item->type = RTE_FLOW_ITEM_TYPE_END;
200 
201  /* Actions */
202  vec_add2 (actions, action, 1);
203  action->type = RTE_FLOW_ACTION_TYPE_PASSTHRU;
204 
205  if (f->actions & VNET_FLOW_ACTION_REDIRECT_TO_QUEUE)
206  {
207  vec_add2 (actions, action, 1);
208  queue.index = f->redirect_queue;
209  action->type = RTE_FLOW_ACTION_TYPE_QUEUE;
210  action->conf = &queue;
211  }
212 
213  if (f->actions & VNET_FLOW_ACTION_MARK)
214  {
215  vec_add2 (actions, action, 1);
216  mark.id = fe->mark;
217  action->type = RTE_FLOW_ACTION_TYPE_MARK;
218  action->conf = &mark;
219  }
220 
221  vec_add2 (actions, action, 1);
222  action->type = RTE_FLOW_ACTION_TYPE_END;
223 
224  rv = rte_flow_validate (xd->device_index, &ingress, items, actions,
225  &xd->last_flow_error);
226 
227  if (rv)
228  {
229  if (rv == -EINVAL)
230  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
231  else if (rv == -EEXIST)
232  rv = VNET_FLOW_ERROR_ALREADY_EXISTS;
233  else
234  rv = VNET_FLOW_ERROR_INTERNAL;
235  goto done;
236  }
237 
238  fe->handle = rte_flow_create (xd->device_index, &ingress, items, actions,
239  &xd->last_flow_error);
240 
241  if (!fe->handle)
242  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
243 
244 done:
245  vec_free (items);
246  vec_free (actions);
247  return rv;
248 }
249 
250 int
251 dpdk_flow_ops_fn (vnet_main_t * vnm, vnet_flow_dev_op_t op, u32 dev_instance,
252  u32 flow_index, uword * private_data)
253 {
254  dpdk_main_t *dm = &dpdk_main;
255  vnet_flow_t *flow = vnet_get_flow (flow_index);
256  dpdk_device_t *xd = vec_elt_at_index (dm->devices, dev_instance);
257  dpdk_flow_entry_t *fe;
258  dpdk_flow_lookup_entry_t *fle = 0;
259  int rv;
260 
261  /* recycle old flow lookup entries only after the main loop counter
262  increases - i.e. previously DMA'ed packets were handled */
263  if (vec_len (xd->parked_lookup_indexes) > 0 &&
264  xd->parked_loop_count != dm->vlib_main->main_loop_count)
265  {
266  u32 *fl_index;
267 
268  vec_foreach (fl_index, xd->parked_lookup_indexes)
269  pool_put_index (xd->flow_lookup_entries, *fl_index);
270  vec_reset_length (xd->flow_lookup_entries);
271  }
272 
273  if (op == VNET_FLOW_DEV_OP_DEL_FLOW)
274  {
275  ASSERT (*private_data >= vec_len (xd->flow_entries));
276 
277  fe = vec_elt_at_index (xd->flow_entries, *private_data);
278 
279  if ((rv = rte_flow_destroy (xd->device_index, fe->handle,
280  &xd->last_flow_error)))
281  return VNET_FLOW_ERROR_INTERNAL;
282 
283  if (fe->mark)
284  {
285  /* make sure no action is taken for in-flight (marked) packets */
286  fle = pool_elt_at_index (xd->flow_lookup_entries, fe->mark);
287  clib_memset (fle, -1, sizeof (*fle));
288  vec_add1 (xd->parked_lookup_indexes, fe->mark);
289  xd->parked_loop_count = dm->vlib_main->main_loop_count;
290  }
291 
292  clib_memset (fe, 0, sizeof (*fe));
293  pool_put (xd->flow_entries, fe);
294 
295  goto disable_rx_offload;
296  }
297 
298  if (op != VNET_FLOW_DEV_OP_ADD_FLOW)
299  return VNET_FLOW_ERROR_NOT_SUPPORTED;
300 
301  pool_get (xd->flow_entries, fe);
302  fe->flow_index = flow->index;
303 
304  if (flow->actions == 0)
305  {
306  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
307  goto done;
308  }
309 
310  /* if we need to mark packets, assign one mark */
311  if (flow->actions & (VNET_FLOW_ACTION_MARK |
312  VNET_FLOW_ACTION_REDIRECT_TO_NODE |
313  VNET_FLOW_ACTION_BUFFER_ADVANCE))
314  {
315  /* reserve slot 0 */
316  if (xd->flow_lookup_entries == 0)
317  pool_get_aligned (xd->flow_lookup_entries, fle,
318  CLIB_CACHE_LINE_BYTES);
319  pool_get_aligned (xd->flow_lookup_entries, fle, CLIB_CACHE_LINE_BYTES);
320  fe->mark = fle - xd->flow_lookup_entries;
321 
322  /* install entry in the lookup table */
323  clib_memset (fle, -1, sizeof (*fle));
324  if (flow->actions & VNET_FLOW_ACTION_MARK)
325  fle->flow_id = flow->mark_flow_id;
326  if (flow->actions & VNET_FLOW_ACTION_REDIRECT_TO_NODE)
327  fle->next_index = flow->redirect_device_input_next_index;
328  if (flow->actions & VNET_FLOW_ACTION_BUFFER_ADVANCE)
329  fle->buffer_advance = flow->buffer_advance;
330  }
331  else
332  fe->mark = 0;
333 
334  if ((xd->flags & DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD) == 0)
335  {
336  xd->flags |= DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD;
337  dpdk_device_setup (xd);
338  }
339 
340  switch (flow->type)
341  {
342  case VNET_FLOW_TYPE_IP4_N_TUPLE:
343  case VNET_FLOW_TYPE_IP6_N_TUPLE:
344  case VNET_FLOW_TYPE_IP4_VXLAN:
345  if ((rv = dpdk_flow_add (xd, flow, fe)))
346  goto done;
347  break;
348  default:
349  rv = VNET_FLOW_ERROR_NOT_SUPPORTED;
350  goto done;
351  }
352 
353  *private_data = fe - xd->flow_entries;
354 
355 done:
356  if (rv)
357  {
358  clib_memset (fe, 0, sizeof (*fe));
359  pool_put (xd->flow_entries, fe);
360  if (fle)
361  {
362  clib_memset (fle, -1, sizeof (*fle));
363  pool_put (xd->flow_lookup_entries, fle);
364  }
365  }
366 disable_rx_offload:
367  if ((xd->flags & DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD) != 0
368  && pool_elts (xd->flow_entries) == 0)
369  {
370  xd->flags &= ~DPDK_DEVICE_FLAG_RX_FLOW_OFFLOAD;
371  dpdk_device_setup (xd);
372  }
373 
374  return rv;
375 }
376 
377 u8 *
378 format_dpdk_flow (u8 * s, va_list * args)
379 {
380  u32 dev_instance = va_arg (*args, u32);
381  u32 flow_index = va_arg (*args, u32);
382  uword private_data = va_arg (*args, uword);
383  dpdk_main_t *dm = &dpdk_main;
384  dpdk_device_t *xd = vec_elt_at_index (dm->devices, dev_instance);
385  dpdk_flow_entry_t *fe;
386 
387  if (flow_index == ~0)
388  {
389  s = format (s, "%-25s: %U\n", "supported flow actions",
390  format_flow_actions, xd->supported_flow_actions);
391  s = format (s, "%-25s: %d\n", "last DPDK error type",
392  xd->last_flow_error.type);
393  s = format (s, "%-25s: %s\n", "last DPDK error message",
394  xd->last_flow_error.message ? xd->last_flow_error.message :
395  "n/a");
396  return s;
397  }
398 
399  if (private_data >= vec_len (xd->flow_entries))
400  return format (s, "unknown flow");
401 
402  fe = vec_elt_at_index (xd->flow_entries, private_data);
403  s = format (s, "mark %u", fe->mark);
404  return s;
405 }
406 
407 /*
408  * fd.io coding-style-patch-verification: ON
409  *
410  * Local Variables:
411  * eval: (c-set-style "gnu")
412  * End:
413  */
vnet_flow_t::type
vnet_flow_type_t type
Definition: flow.h:121
dpdk_main
dpdk_main_t dpdk_main
Definition: init.c:45
clib_memcpy_fast
#define clib_memcpy_fast(a, b, c)
Definition: string.h:81
clib_memset
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
EINVAL
#define EINVAL
Definition: string.h:93
dpdk_device_t::flags
u16 flags
Definition: dpdk.h:209
vec_add1
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
Definition: vec.h:522
arp_packet.h
vec_add2
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:560
format
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:424
dpdk_device_t::supported_flow_actions
u32 supported_flow_actions
Definition: dpdk.h:230
dpdk_flow_entry_t::handle
struct rte_flow * handle
Definition: dpdk.h:179
pool_get
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:236
u8
unsigned char u8
Definition: types.h:56
vec_reset_length
#define vec_reset_length(v)
Reset vector length to zero NULL-pointer tolerant.
Definition: vec_bootstrap.h:178
src_port
u16 src_port
Definition: udp.api:41
VXLAN_FLAGS_I
#define VXLAN_FLAGS_I
Definition: vxlan_packet.h:52
any_eth
static const struct rte_flow_item_eth any_eth[2]
Definition: flow.c:33
vnet_flow_t::mark_flow_id
u32 mark_flow_id
Definition: flow.h:130
vec_elt_at_index
#define vec_elt_at_index(v, i)
Get vector value at index i checking that i is in bounds.
Definition: vec_bootstrap.h:187
u32
unsigned int u32
Definition: types.h:88
dpdk_device_setup
void dpdk_device_setup(dpdk_device_t *xd)
Definition: common.c:40
dpdk_flow_lookup_entry_t::buffer_advance
i16 buffer_advance
Definition: dpdk.h:186
dpdk_device_t::parked_loop_count
u32 parked_loop_count
Definition: dpdk.h:234
ingress
static const struct rte_flow_attr ingress
Definition: flow.c:32
pool_elt_at_index
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:514
vnet_flow_t::redirect_queue
u32 redirect_queue
Definition: flow.h:137
dpdk_priv.h
protocol
vl_api_ip_proto_t protocol
Definition: punt.api:39
dpdk_flow_add
static int dpdk_flow_add(dpdk_device_t *xd, vnet_flow_t *f, dpdk_flow_entry_t *fe)
Definition: flow.c:37
u16
unsigned short u16
Definition: types.h:57
pool_put
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:286
vnet_get_flow
vnet_flow_t * vnet_get_flow(u32 flow_index)
Definition: flow.c:57
vnet_flow_t::index
u32 index
Definition: flow.h:124
vnet_flow_t::buffer_advance
i32 buffer_advance
Definition: flow.h:140
pool_get_aligned
#define pool_get_aligned(P, E, A)
Allocate an object E from a pool P with alignment A.
Definition: pool.h:230
vnet_flow_t::actions
u32 actions
Definition: flow.h:127
vnet_flow_dev_op_t
vnet_flow_dev_op_t
Definition: interface.h:87
format_flow_actions
format_function_t format_flow_actions
Definition: flow.h:183
dpdk_flow_entry_t
Definition: dpdk.h:175
dpdk_main_t::devices
dpdk_device_t * devices
Definition: dpdk.h:396
dpdk_device_t::flow_lookup_entries
dpdk_flow_lookup_entry_t * flow_lookup_entries
Definition: dpdk.h:232
dpdk_device_t::parked_lookup_indexes
u32 * parked_lookup_indexes
Definition: dpdk.h:233
format_dpdk_flow
u8 * format_dpdk_flow(u8 *s, va_list *args)
Definition: flow.c:378
vec_free
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:341
dpdk_flow_ops_fn
int dpdk_flow_ops_fn(vnet_main_t *vnm, vnet_flow_dev_op_t op, u32 dev_instance, u32 flow_index, uword *private_data)
Definition: flow.c:251
dpdk_flow_entry_t::flow_index
u32 flow_index
Definition: dpdk.h:177
vxlan_header_t
Definition: vxlan_packet.h:44
any_vlan
static const struct rte_flow_item_vlan any_vlan[2]
Definition: flow.c:34
vnet_main_t
Definition: vnet.h:51
vxlan_header_t::flags
u8 flags
Definition: vxlan_packet.h:45
pool_put_index
#define pool_put_index(p, i)
Free pool element with given index.
Definition: pool.h:311
ASSERT
#define ASSERT(truth)
Definition: error_bootstrap.h:69
dpdk_device_t::device_index
dpdk_portid_t device_index
Definition: dpdk.h:195
dpdk_device_t
Definition: dpdk.h:189
vnet_flow_t
Definition: flow.h:118
dpdk_flow_lookup_entry_t
Definition: dpdk.h:182
vec_len
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
Definition: vec_bootstrap.h:143
uword
u64 uword
Definition: types.h:112
vni
u32 vni
Definition: vxlan_gbp.api:42
dpdk_flow_lookup_entry_t::next_index
u16 next_index
Definition: dpdk.h:185
vnet_flow_t::redirect_device_input_next_index
u32 redirect_device_input_next_index
Definition: flow.h:134
vec_foreach
#define vec_foreach(var, vec)
Vector iterator.
Definition: vec_bootstrap.h:197
dpdk_device_t::flow_entries
dpdk_flow_entry_t * flow_entries
Definition: dpdk.h:231
dst_port
u16 dst_port
Definition: udp.api:42
CLIB_CACHE_LINE_BYTES
#define CLIB_CACHE_LINE_BYTES
Definition: cache.h:59
vlib_main_t::main_loop_count
u32 main_loop_count
Definition: main.h:99
dpdk_flow_lookup_entry_t::flow_id
u32 flow_id
Definition: dpdk.h:184
dpdk_device_t::last_flow_error
struct rte_flow_error last_flow_error
Definition: dpdk.h:235
flow
icmpr_flow_t * flow
Definition: main.c:123
vec.h
CLIB vectors are ubiquitous dynamically resized arrays with by user defined "headers".
dpdk_flow_entry_t::mark
u32 mark
Definition: dpdk.h:178
dpdk_main_t
Definition: dpdk.h:392
dpdk_main_t::vlib_main
vlib_main_t * vlib_main
Definition: dpdk.h:418
pool_elts
static uword pool_elts(void *v)
Number of active elements in a pool.
Definition: pool.h:128