[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [PATCH v3 5/6] virtio-net: Add flow filter match entry, action and requests
Define flow filter match key for the defined types.
Currently it covers the most common filter types and value
of Ethernet header, IP addresses, TCP and UDP ports.
Define generic flow filter add and delete requests and its transport
using a control virtqueue command and flow filter virtqueue(s).
Fixes: https://github.com/oasis-tcs/virtio-spec/issues/179
Signed-off-by: Heng Qi <hengqi@linux.alibaba.com>
Signed-off-by: Parav Pandit <parav@nvidia.com>
---
changelog:
v1->v2:
- squashed with match fields definition patch of v1
- added length to the flexible array defintion struct to benefit
from future runtime length bound checkers listed in
https://people.kernel.org/kees/bounded-flexible-arrays-in-c
- renamed value to key
- addressed comments from Satananda
- merged destination and action to one struct
v0->v1:
- reworded add flow request text to consider optional mask
- replaced respond with set
- added mask flag to the type
---
device-types/net/description.tex | 209 +++++++++++++++++++++++++++++++
1 file changed, 209 insertions(+)
diff --git a/device-types/net/description.tex b/device-types/net/description.tex
index c52ed41..486f661 100644
--- a/device-types/net/description.tex
+++ b/device-types/net/description.tex
@@ -1270,6 +1270,50 @@ \subsubsection{Flow Filter}\label{sec:Device Types / Network Device / Device Ope
};
\end{lstlisting}
+\begin{lstlisting}
+struct virtio_ff_match_entry {
+ le16 type;
+ u8 mask_present;
+ u8 key_mask_len; /* sum of length of fields key and mask */
+ le64 fields_bmap;
+ u8 key[];
+ u8 mask[]; /* optional, only present when mask_present is set to 1 */
+};
+
+struct virtio_ff_match {
+ u8 num_entries; /* indicates number of valid entries */
+ u8 reserved[7];
+ struct virtio_ff_match_entry entries[];
+};
+
+#define VIRTIO_NET_FF_DEST_TYPE_RQ 0
+
+struct virtio_ff_action_forward {
+ u8 dest_type;
+ u8 reserved[3];
+ union {
+ le16 vq_index;
+ le32 reserved1;
+ };
+};
+
+#define VIRTIO_NET_FF_ACTION_DROP 0
+#define VIRTIO_NET_FF_ACTION_FORWARD 1
+
+struct virtio_ff_action_entry {
+ u8 action;
+ u8 len; /* indicates the length of value in bytes */
+ u8 value[];
+};
+
+struct virtio_ff_action {
+ u8 num_entries; /* indicates number of valid entries */
+ u8 reserved[7];
+ struct virtio_ff_action_entry entries[];
+};
+
+\end{lstlisting}
+
The \field{type} corresponds to following table:
\begin{tabular}{|l|l|l|}
@@ -1316,6 +1360,21 @@ \subsubsection{Flow Filter}\label{sec:Device Types / Network Device / Device Ope
\hline
\end{tabular}
+For the \field{type} of VIRTIO_NET_FF_ETH_HDR, the match entry
+\field{key} and \field{mask} are in following format:
+
+\begin{lstlisting}
+struct virtio_net_ff_match_eth_hdr {
+ u8 dmac[6];
+ u8 smac[6];
+ le16 ether_type;
+};
+\end{lstlisting}
+
+The \field{dmac} is valid when VIRTIO_NET_FF_DST_MAC is set.
+The \field{smac} is valid when VIRTIO_NET_FF_SRC_MAC is set.
+The \field{ether_type} is valid when VIRTIO_NET_FF_ETHER_TYPE is set.
+
For the \field{type} of VIRTIO_NET_FF_VLAN_TAG_HDR, VLAN tag fields
are represented by a bitmap in \field{fields_bmap} are following:
@@ -1344,6 +1403,20 @@ \subsubsection{Flow Filter}\label{sec:Device Types / Network Device / Device Ope
\hline
\end{tabular}
+For the \field{type} of VIRTIO_NET_FF_IPV4_HDR, match entry
+\field{key} and \field{mask} are in following format:
+
+\begin{lstlisting}
+struct virtio_net_ff_match_ipv4_hdr {
+ le32 reserved[3];
+ le32 sip;
+ le32 dip;
+};
+\end{lstlisting}
+
+The \field{sip} is valid when VIRTIO_NET_FF_SRC_IPV4 is set.
+The \field{dip} is valid when VIRTIO_NET_FF_DST_IPV4 is set.
+
For the \field{type} of VIRTIO_NET_FF_IPV6_HDR, header fields
are represented by a bitmap in \field{fields_bmap} are following:
@@ -1359,6 +1432,20 @@ \subsubsection{Flow Filter}\label{sec:Device Types / Network Device / Device Ope
\hline
\end{tabular}
+For the \field{type} of VIRTIO_NET_FF_IPV4_HDR, match entry
+\field{key} and \field{mask} are in following format:
+
+\begin{lstlisting}
+struct virtio_net_ff_match_ipv6_hdr {
+ le32 reserved[2];
+ u8 sip[16];
+ u8 dip[16];
+};
+\end{lstlisting}
+
+The \field{sip} is valid when VIRTIO_NET_FF_SRC_IPV6 is set.
+The \field{dip} is valid when VIRTIO_NET_FF_DST_IPV6 is set.
+
For the \field{type} of VIRTIO_NET_FF_TCP_HDR, header fields
are represented by a bitmap in \field{fields_bmap} are following:
@@ -1374,6 +1461,20 @@ \subsubsection{Flow Filter}\label{sec:Device Types / Network Device / Device Ope
\hline
\end{tabular}
+For the \field{type} of VIRTIO_NET_FF_TCP_HDR, match entry
+\field{key} and \field{mask} are in following format:
+
+\begin{lstlisting}
+struct virtio_ndr_ff_match_tcp_hdr {
+ le16 sport;
+ le16 dport;
+ le32 reserved[4];
+};
+\end{lstlisting}
+
+The \field{sport} is valid when VIRTIO_NET_FF_SRC_TCP_PORT is set.
+This \field{dport} is valid when VIRTIO_NET_FF_DST_TCP_PORT is set.
+
For the \field{type} of VIRTIO_NET_FF_UDP_HDR, header fields
are represented by a bitmap in \field{fields_bmap} are following:
@@ -1389,6 +1490,89 @@ \subsubsection{Flow Filter}\label{sec:Device Types / Network Device / Device Ope
\hline
\end{tabular}
+For the \field{type} of VIRTIO_NET_FF_UDP_HDR, match entry
+\field{key} and \field{mask} are in following format:
+
+\begin{lstlisting}
+struct virtio_ndr_ff_match_udp_hdr {
+ le16 sport;
+ le16 dport;
+ le32 reserved;
+};
+\end{lstlisting}
+
+The \field{sport} is valid when VIRTIO_NET_FF_SRC_UDP_PORT is set.
+This \field{dport} is valid when VIRTIO_NET_FF_DST_UDP_PORT is set.
+
+\paragraph{Flow Filter Request}
+\label{sec:Device Types / Network Device / Device Operation / Flow Filter / Flow Filter Request}
+
+Two flow filter requests are supported by the device.
+
+\begin{itemize}
+\item Add or replace a flow filter using a request \field{struct virtio_net_ff_add}.
+
+\item Delete an existing flow filter using a request \field{struct virtio_net_ff_del}.
+
+\end{itemize}
+
+\begin{lstlisting}
+#define VIRTIO_NET_FF_OP_ADD 0
+#define VIRTIO_NET_FF_OP_DEL 1
+
+struct virtio_net_ff_add {
+ u8 op; /* VIRTIO_NET_FF_REQ_OP_ADD */
+ u8 priority; /* higher the value, higher priority */
+ u16 group_id;
+ le32 id;
+ struct virtio_ff_match match;
+ struct virtio_ff_action action;
+};
+
+struct virtio_net_ff_del {
+ u8 op; /* VIRTIO_NET_FF_REQ_OP_DEL */
+ u8 reserved[3];
+ le32 id;
+};
+
+struct virtio_net_ff_result {
+ le16 status;
+};
+
+#define VIRTIO_NET_FF_RESULT_OK 0
+#define VIRTIO_NET_FF_RESULT_ERR 1
+
+struct virtio_net_ff_req {
+ /* Device-readable part */
+ union {
+ struct virtio_net_ff_add add;
+ struct virtio_net_ff_del del;
+ };
+ /* Device-writable part */
+ struct virtio_net_ff_result result;
+};
+\end{lstlisting}
+
+When the flow filter request is sent using a flow filter virtqueue,
+the descriptors points to \field{struct virtio_net_ff_req}.
+
+When adding a flow filter entry using request \field{struct virtio_net_ff_add},
+the \field{match.match_entries} indidates number of valid array entries \field{match.entries}.
+for each of the array entry the
+For each of the valid entry in \field{match.entries}, the field \field{type}
+and \field{key} are in the format described in
+\ref{sec:Device Types / Network Device / Device Operation / Flow Filter / Match Types and Fields}.
+When the \field{mask_present} is set, the field \field{mask} is present and it has
+exact same format as \field{key}.
+
+The field \field{key_mask_len} represents the total length of fields
+\field{key} and \field{mask}.
+
+When the device completes the request, \field{status} is updated
+by the device; when the request is successful, \field{status} is
+set to VIRTIO_NET_FF_RESULT_OK, on error, \field{status} is
+set to VIRTIO_NET_FF_RESULT_ERR.
+
\subsubsection{Control Virtqueue}\label{sec:Device Types / Network Device / Device Operation / Control Virtqueue}
The driver uses the control virtqueue (if VIRTIO_NET_F_CTRL_VQ is
@@ -2067,6 +2251,7 @@ \subsubsection{Control Virtqueue}\label{sec:Device Types / Network Device / Devi
#define VIRTIO_NET_CTRL_FF_GROUP_ADD 2
#define VIRTIO_NET_CTRL_FF_GROUP_DEL 3
#define VIRTIO_NET_CTRL_FF_TRANSPORT_MODE_SET 4
+ #define VIRTIO_NET_CTRL_FF_REQ 5
\end{lstlisting}
\subparagraph{Flow Filter Capabilities Get}\label{sec:Device Types / Network Device / Device Operation / Control Virtqueue / Flow Filter / Flow Filter Capabilities Get}
@@ -2182,6 +2367,30 @@ \subsubsection{Control Virtqueue}\label{sec:Device Types / Network Device / Devi
\field{mode} is set to 1, it indicates that the driver will use
flow filter virtqueue(s) for transporting flow filter requests.
+\subparagraph{Flow Filter Requests}\label{sec:Device Types / Network Device / Device Operation / Control Virtqueue / Flow Filter / Flow Filter Requests}
+
+When the driver has successfully set flow filter transport mode as control
+virtqueue using command VIRTIO_NET_CTRL_FF_TRANSPORT_MODE_SET, the
+flow filter requests are transported using command
+VIRTIO_NET_CTRL_FF_REQ over a control virtqueue.
+
+\begin{lstlisting}
+struct virtio_net_ctrl_ff_req {
+ union {
+ struct virtio_net_ff_add add;
+ struct virtio_net_ff_del del;
+ };
+};
+
+\end{lstlisting}
+
+The \field{command-specific-data} is in format of
+\field{struct virtio_net_ctrl_ff_req}.
+
+When the flow filter request command is successful, the
+\field{command-specific-result} is in format of
+\field{struct virtio_net_ff_result}.
+
\subsubsection{Legacy Interface: Framing Requirements}\label{sec:Device
Types / Network Device / Legacy Interface: Framing Requirements}
--
2.34.1
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]