1. 14 Oct, 2021 7 commits
    • Florian Westphal's avatar
      netfilter: ip6tables: allow use of ip6t_do_table as hookfn · 44b5990e
      Florian Westphal authored
      This is possible now that the xt_table structure is passed via *priv.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      44b5990e
    • Florian Westphal's avatar
      netfilter: arp_tables: allow use of arpt_do_table as hookfn · e8d225b6
      Florian Westphal authored
      This is possible now that the xt_table structure is passed in via *priv.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      e8d225b6
    • Florian Westphal's avatar
      netfilter: iptables: allow use of ipt_do_table as hookfn · 8844e010
      Florian Westphal authored
      This is possible now that the xt_table structure is passed in via *priv.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      8844e010
    • Pablo Neira Ayuso's avatar
      af_packet: Introduce egress hook · 0d7308c0
      Pablo Neira Ayuso authored
      Add egress hook for AF_PACKET sockets that have the PACKET_QDISC_BYPASS
      socket option set to on, which allows packets to escape without being
      filtered in the egress path.
      
      This patch only updates the AF_PACKET path, it does not update
      dev_direct_xmit() so the XDP infrastructure has a chance to bypass
      Netfilter.
      
      [lukas: acquire rcu_read_lock, fix typos, rebase]
      Signed-off-by: default avatarLukas Wunner <lukas@wunner.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      0d7308c0
    • Lukas Wunner's avatar
      netfilter: Introduce egress hook · 42df6e1d
      Lukas Wunner authored
      Support classifying packets with netfilter on egress to satisfy user
      requirements such as:
      * outbound security policies for containers (Laura)
      * filtering and mangling intra-node Direct Server Return (DSR) traffic
        on a load balancer (Laura)
      * filtering locally generated traffic coming in through AF_PACKET,
        such as local ARP traffic generated for clustering purposes or DHCP
        (Laura; the AF_PACKET plumbing is contained in a follow-up commit)
      * L2 filtering from ingress and egress for AVB (Audio Video Bridging)
        and gPTP with nftables (Pablo)
      * in the future: in-kernel NAT64/NAT46 (Pablo)
      
      The egress hook introduced herein complements the ingress hook added by
      commit e687ad60 ("netfilter: add netfilter ingress hook after
      handle_ing() under unique static key").  A patch for nftables to hook up
      egress rules from user space has been submitted separately, so users may
      immediately take advantage of the feature.
      
      Alternatively or in addition to netfilter, packets can be classified
      with traffic control (tc).  On ingress, packets are classified first by
      tc, then by netfilter.  On egress, the order is reversed for symmetry.
      Conceptually, tc and netfilter can be thought of as layers, with
      netfilter layered above tc.
      
      Traffic control is capable of redirecting packets to another interface
      (man 8 tc-mirred).  E.g., an ingress packet may be redirected from the
      host namespace to a container via a veth connection:
      tc ingress (host) -> tc egress (veth host) -> tc ingress (veth container)
      
      In this case, netfilter egress classifying is not performed when leaving
      the host namespace!  That's because the packet is still on the tc layer.
      If tc redirects the packet to a physical interface in the host namespace
      such that it leaves the system, the packet is never subjected to
      netfilter egress classifying.  That is only logical since it hasn't
      passed through netfilter ingress classifying either.
      
      Packets can alternatively be redirected at the netfilter layer using
      nft fwd.  Such a packet *is* subjected to netfilter egress classifying
      since it has reached the netfilter layer.
      
      Internally, the skb->nf_skip_egress flag controls whether netfilter is
      invoked on egress by __dev_queue_xmit().  Because __dev_queue_xmit() may
      be called recursively by tunnel drivers such as vxlan, the flag is
      reverted to false after sch_handle_egress().  This ensures that
      netfilter is applied both on the overlay and underlying network.
      
      Interaction between tc and netfilter is possible by setting and querying
      skb->mark.
      
      If netfilter egress classifying is not enabled on any interface, it is
      patched out of the data path by way of a static_key and doesn't make a
      performance difference that is discernible from noise:
      
      Before:             1537 1538 1538 1537 1538 1537 Mb/sec
      After:              1536 1534 1539 1539 1539 1540 Mb/sec
      Before + tc accept: 1418 1418 1418 1419 1419 1418 Mb/sec
      After  + tc accept: 1419 1424 1418 1419 1422 1420 Mb/sec
      Before + tc drop:   1620 1619 1619 1619 1620 1620 Mb/sec
      After  + tc drop:   1616 1624 1625 1624 1622 1619 Mb/sec
      
      When netfilter egress classifying is enabled on at least one interface,
      a minimal performance penalty is incurred for every egress packet, even
      if the interface it's transmitted over doesn't have any netfilter egress
      rules configured.  That is caused by checking dev->nf_hooks_egress
      against NULL.
      
      Measurements were performed on a Core i7-3615QM.  Commands to reproduce:
      ip link add dev foo type dummy
      ip link set dev foo up
      modprobe pktgen
      echo "add_device foo" > /proc/net/pktgen/kpktgend_3
      samples/pktgen/pktgen_bench_xmit_mode_queue_xmit.sh -i foo -n 400000000 -m "11:11:11:11:11:11" -d 1.1.1.1
      
      Accept all traffic with tc:
      tc qdisc add dev foo clsact
      tc filter add dev foo egress bpf da bytecode '1,6 0 0 0,'
      
      Drop all traffic with tc:
      tc qdisc add dev foo clsact
      tc filter add dev foo egress bpf da bytecode '1,6 0 0 2,'
      
      Apply this patch when measuring packet drops to avoid errors in dmesg:
      https://lore.kernel.org/netdev/a73dda33-57f4-95d8-ea51-ed483abd6a7a@iogearbox.net/Signed-off-by: default avatarLukas Wunner <lukas@wunner.de>
      Cc: Laura García Liébana <nevola@gmail.com>
      Cc: John Fastabend <john.fastabend@gmail.com>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Thomas Graf <tgraf@suug.ch>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      42df6e1d
    • Lukas Wunner's avatar
      netfilter: Generalize ingress hook include file · 17d20784
      Lukas Wunner authored
      Prepare for addition of a netfilter egress hook by generalizing the
      ingress hook include file.
      
      No functional change intended.
      Signed-off-by: default avatarLukas Wunner <lukas@wunner.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      17d20784
    • Lukas Wunner's avatar
      netfilter: Rename ingress hook include file · 7463acfb
      Lukas Wunner authored
      Prepare for addition of a netfilter egress hook by renaming
      <linux/netfilter_ingress.h> to <linux/netfilter_netdev.h>.
      
      The egress hook also necessitates a refactoring of the include file,
      but that is done in a separate commit to ease reviewing.
      
      No functional change intended.
      Signed-off-by: default avatarLukas Wunner <lukas@wunner.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      7463acfb
  2. 07 Oct, 2021 30 commits
    • Pablo Neira Ayuso's avatar
      netfilter: nft_dynset: relax superfluous check on set updates · 7b139489
      Pablo Neira Ayuso authored
      Relax this condition to make add and update commands idempotent for sets
      with no timeout. The eval function already checks if the set element
      timeout is available and updates it if the update command is used.
      
      Fixes: 22fe54d5 ("netfilter: nf_tables: add support for dynamic set updates")
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      7b139489
    • Dust Li's avatar
      ipvs: add sysctl_run_estimation to support disable estimation · 2232642e
      Dust Li authored
      estimation_timer will iterate the est_list to do estimation
      for each ipvs stats. When there are lots of services, the
      list can be very large.
      We found that estimation_timer() run for more then 200ms on a
      machine with 104 CPU and 50K services.
      
      yunhong-cgl jiang report the same phenomenon before:
      https://www.spinics.net/lists/lvs-devel/msg05426.html
      
      In some cases(for example a large K8S cluster with many ipvs services),
      ipvs estimation may not be needed. So adding a sysctl blob to allow
      users to disable this completely.
      
      Default is: 1 (enable)
      
      Cc: yunhong-cgl jiang <xintian1976@gmail.com>
      Signed-off-by: default avatarDust Li <dust.li@linux.alibaba.com>
      Acked-by: default avatarJulian Anastasov <ja@ssi.bg>
      Acked-by: default avatarSimon Horman <horms@verge.net.au>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      2232642e
    • Gustavo A. R. Silva's avatar
      ethernet: ti: cpts: Use devm_kcalloc() instead of devm_kzalloc() · c514fbb6
      Gustavo A. R. Silva authored
      Use 2-factor multiplication argument form devm_kcalloc() instead
      of devm_kzalloc().
      
      Link: https://github.com/KSPP/linux/issues/162Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Link: https://lore.kernel.org/r/20211006181115.GA913499@embeddedorSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      c514fbb6
    • Gustavo A. R. Silva's avatar
      36371876
    • Gustavo A. R. Silva's avatar
      net: mana: Use kcalloc() instead of kzalloc() · 149ef7b2
      Gustavo A. R. Silva authored
      Use 2-factor multiplication argument form kcalloc() instead
      of kzalloc().
      
      Link: https://github.com/KSPP/linux/issues/162Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Reviewed-by: default avatarDexuan Cui <decui@microsoft.com>
      Link: https://lore.kernel.org/r/20211006180927.GA913456@embeddedorSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      149ef7b2
    • Gustavo A. R. Silva's avatar
      2b8a0f15
    • David S. Miller's avatar
      Merge tag 'wireless-drivers-next-2021-10-07' of... · 44cc24b0
      David S. Miller authored
      Merge tag 'wireless-drivers-next-2021-10-07' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next
      
      Kalle Valo says:
      
      ====================
      wireless-drivers-next patches for v5.16
      
      First set of patches for v5.16. ath11k getting most of new features
      this time. Other drivers also have few new features, and of course the
      usual set of fixes and cleanups all over.
      
      Major changes:
      
      rtw88
      
      * support adaptivity for ETSI/JP DFS region
      
      * 8821c: support RFE type4 wifi NIC
      
      brcmfmac
      
      * DMI nvram filename quirk for Cyberbook T116 tablet
      
      ath9k
      
      * load calibration data and pci init values via nvmem subsystem
      
      ath11k
      
      * include channel rx and tx time in survey dump statistics
      
      * support for setting fixed Wi-Fi 6 rates from user space
      
      * support for 80P80 and 160 MHz bandwidths
      
      * spectral scan support for QCN9074
      
      * support for calibration data files per radio
      
      * support for calibration data via eeprom
      
      * support for rx decapsulation offload (data frames in 802.3 format)
      
      * support channel 2 in 6 GHz band
      
      ath10k
      
      * include frame time stamp in beacon and probe response frames
      
      wcn36xx
      
      * enable Idle Mode Power Save (IMPS) to reduce power consumption during idle
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      44cc24b0
    • David S. Miller's avatar
      Merge branch 'dev_addr-fw-helpers' · 5a98dcf5
      David S. Miller authored
      Jakub Kicinski says:
      
      ====================
      net: add a helpers for loading netdev->dev_addr from FW
      
      We're trying to make all writes to netdev->dev_addr go via helpers.
      A lot of places pass netdev->dev_addr to of_get_ethdev_address() and
      device_get_ethdev_addr() so this set adds new functions which wrap
      the functionality.
      
      v2 performs suggested code moves, adds a couple additional clean ups
      on the device property side, and an extra patch converting drivers
      which can benefit from device_get_ethdev_address().
      
      v3 removes OF_NET and corrects kdoc.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5a98dcf5
    • Jakub Kicinski's avatar
      ethernet: make more use of device_get_ethdev_address() · 894b0fb0
      Jakub Kicinski authored
      Convert a few drivers to device_get_ethdev_address(),
      saving a few LoC.
      
      The check if addr is valid in netsec is superfluous,
      device_get_ethdev_addr() already checks that (in
      fwnode_get_mac_addr()).
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      894b0fb0
    • Jakub Kicinski's avatar
      ethernet: use device_get_ethdev_address() · b8eeac56
      Jakub Kicinski authored
      Use the new device_get_ethdev_address() helper for the cases
      where dev->dev_addr is passed in directly as the destination.
      
        @@
        expression dev, np;
        @@
        - device_get_mac_address(np, dev->dev_addr, ETH_ALEN)
        + device_get_ethdev_address(np, dev)
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b8eeac56
    • Jakub Kicinski's avatar
      eth: fwnode: add a helper for loading netdev->dev_addr · d9eb4490
      Jakub Kicinski authored
      Commit 406f42fa ("net-next: When a bond have a massive amount
      of VLANs...") introduced a rbtree for faster Ethernet address look
      up. To maintain netdev->dev_addr in this tree we need to make all
      the writes to it got through appropriate helpers.
      
      There is a handful of drivers which pass netdev->dev_addr as
      the destination buffer to device_get_mac_address(). Add a helper
      which takes a dev pointer instead, so it can call an appropriate
      helper.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d9eb4490
    • Jakub Kicinski's avatar
      eth: fwnode: remove the addr len from mac helpers · 0a14501e
      Jakub Kicinski authored
      All callers pass in ETH_ALEN and the function itself
      will return -EINVAL for any other address length.
      Just assume it's ETH_ALEN like all other mac address
      helpers (nvm, of, platform).
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0a14501e
    • Jakub Kicinski's avatar
      eth: fwnode: change the return type of mac address helpers · 8017c4d8
      Jakub Kicinski authored
      fwnode_get_mac_address() and device_get_mac_address()
      return a pointer to the buffer that was passed to them
      on success or NULL on failure. None of the callers
      care about the actual value, only if it's NULL or not.
      
      These semantics differ from of_get_mac_address() which
      returns an int so to avoid confusion make the device
      helpers return an errno.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8017c4d8
    • Jakub Kicinski's avatar
      device property: move mac addr helpers to eth.c · 433baf07
      Jakub Kicinski authored
      Move the mac address helpers out, eth.c already contains
      a bunch of similar helpers.
      Suggested-by: default avatarHeikki Krogerus <heikki.krogerus@linux.intel.com>
      Acked-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Reviewed-by: default avatarHeikki Krogerus <heikki.krogerus@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      433baf07
    • Jakub Kicinski's avatar
      ethernet: use of_get_ethdev_address() · 9ca01b25
      Jakub Kicinski authored
      Use the new of_get_ethdev_address() helper for the cases
      where dev->dev_addr is passed in directly as the destination.
      
        @@
        expression dev, np;
        @@
        - of_get_mac_address(np, dev->dev_addr)
        + of_get_ethdev_address(np, dev)
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9ca01b25
    • Jakub Kicinski's avatar
      of: net: add a helper for loading netdev->dev_addr · d466effe
      Jakub Kicinski authored
      Commit 406f42fa ("net-next: When a bond have a massive amount
      of VLANs...") introduced a rbtree for faster Ethernet address look
      up. To maintain netdev->dev_addr in this tree we need to make all
      the writes to it got through appropriate helpers.
      
      There are roughly 40 places where netdev->dev_addr is passed
      as the destination to a of_get_mac_address() call. Add a helper
      which takes a dev pointer instead, so it can call an appropriate
      helper.
      
      Note that of_get_mac_address() already assumes the address is
      6 bytes long (ETH_ALEN) so use eth_hw_addr_set().
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d466effe
    • Jakub Kicinski's avatar
      of: net: move of_net under net/ · e330fb14
      Jakub Kicinski authored
      Rob suggests to move of_net.c from under drivers/of/ somewhere
      to the networking code.
      Suggested-by: default avatarRob Herring <robh@kernel.org>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Reviewed-by: default avatarRob Herring <robh@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e330fb14
    • David S. Miller's avatar
      Merge branch 'nfc-pn533-const' · 944b33ca
      David S. Miller authored
      Rikard Falkeborn says:
      
      ====================
      nfc: pn533: Constify ops-structs
      
      Constify a couple of ops-structs. This allows the compiler to put the
      static structs in read-only memory.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      944b33ca
    • Rikard Falkeborn's avatar
      nfc: pn533: Constify pn533_phy_ops · bc642817
      Rikard Falkeborn authored
      Neither the driver or the core modifies the pn533_phy_ops struct, so
      make them const to allow the compiler to put the static structs in
      read-only memory.
      Signed-off-by: default avatarRikard Falkeborn <rikard.falkeborn@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bc642817
    • Rikard Falkeborn's avatar
      nfc: pn533: Constify serdev_device_ops · be5f60d8
      Rikard Falkeborn authored
      The only usage of pn532_serdev_ops is to pass its address to
      serdev_device_set_client_ops(), which takes a pointer to const
      serdev_device_ops as argument. Make it const to allow the compiler to
      put it in read-only memory.
      Signed-off-by: default avatarRikard Falkeborn <rikard.falkeborn@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      be5f60d8
    • Jakub Kicinski's avatar
      Merge branch 'add-mdiobus_modify_changed-helper' · 6d99f85e
      Jakub Kicinski authored
      Russell King says:
      
      ====================
      Add mdiobus_modify_changed() helper
      
      Sean Anderson's recent patch series is introducing more read-write
      operations on the MDIO bus that only need to happen if a change is
      being made.
      
      We have similar logic in __mdiobus_modify_changed(), but we didn't
      add its correponding locked variant mdiobus_modify_changed() as we
      had very few users. Now that we are getting more, let's add the
      helper.
      ====================
      
      Link: https://lore.kernel.org/r/YV2UIa2eU+UjmWaE@shell.armlinux.org.ukSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      6d99f85e
    • Russell King (Oracle)'s avatar
      net: phylink: use mdiobus_modify_changed() helper · 078e0b53
      Russell King (Oracle) authored
      Use the mdiobus_modify_changed() helper in the C22 PCS advertisement
      helper.
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      078e0b53
    • Russell King (Oracle)'s avatar
      net: mdio: add mdiobus_modify_changed() · 79365f36
      Russell King (Oracle) authored
      Add mdiobus_modify_changed() helper to reflect the phylib and similar
      equivalents. This will avoid this functionality being open-coded, as
      has already happened in phylink, and it looks like other users will be
      appearing soon.
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      79365f36
    • Jakub Kicinski's avatar
      Merge branch 'ethtool-add-ability-to-control-transceiver-modules-power-mode' · 4c827082
      Jakub Kicinski authored
      Ido Schimmel says:
      
      ====================
      ethtool: Add ability to control transceiver modules' power mode
      
      This patchset extends the ethtool netlink API to allow user space to
      control transceiver modules. Two specific APIs are added, but the plan
      is to extend the interface with more APIs in the future (see "Future
      plans").
      
      This submission is a complete rework of a previous submission [1] that
      tried to achieve the same goal by allowing user space to write to the
      EEPROMs of these modules. It was rejected as it could have enabled user
      space binary blob drivers.
      
      However, the main issue is that by directly writing to some pages of
      these EEPROMs, we are interfering with the entity that is controlling
      the modules (kernel / device firmware). In addition, some functionality
      cannot be implemented solely by writing to the EEPROM, as it requires
      the assertion / de-assertion of hardware signals (e.g., "ResetL" pin in
      SFF-8636).
      
      Motivation
      ==========
      
      The kernel can currently dump the contents of module EEPROMs to user
      space via the ethtool legacy ioctl API or the new netlink API. These
      dumps can then be parsed by ethtool(8) according to the specification
      that defines the memory map of the EEPROM. For example, SFF-8636 [2] for
      QSFP and CMIS [3] for QSFP-DD.
      
      In addition to read-only elements, these specifications also define
      writeable elements that can be used to control the behavior of the
      module. For example, controlling whether the module is put in low or
      high power mode to limit its power consumption.
      
      The CMIS specification even defines a message exchange mechanism (CDB,
      Command Data Block) on top of the module's memory map. This allows the
      host to send various commands to the module. For example, to update its
      firmware.
      
      Implementation
      ==============
      
      The ethtool netlink API is extended with two new messages,
      'ETHTOOL_MSG_MODULE_SET' and 'ETHTOOL_MSG_MODULE_GET', that allow user
      space to set and get transceiver module parameters. Specifically, the
      'ETHTOOL_A_MODULE_POWER_MODE_POLICY' attribute allows user space to
      control the power mode policy of the module in order to limit its power
      consumption. See detailed description in patch #1.
      
      The user API is designed to be generic enough so that it could be used
      for modules with different memory maps (e.g., SFF-8636, CMIS).
      
      The only implementation of the device driver API in this series is for a
      MAC driver (mlxsw) where the module is controlled by the device's
      firmware, but it is designed to be generic enough so that it could also
      be used by implementations where the module is controlled by the kernel.
      
      Testing and introspection
      =========================
      
      See detailed description in patches #1 and #5.
      
      Patchset overview
      =================
      
      Patch #1 adds the initial infrastructure in ethtool along with the
      ability to control transceiver modules' power mode.
      
      Patches #2-#3 add required device registers in mlxsw.
      
      Patch #4 implements in mlxsw the ethtool operations added in patch #1.
      
      Patch #5 adds extended link states in order to allow user space to
      troubleshoot link down issues related to transceiver modules.
      
      Patch #6 adds support for these extended states in mlxsw.
      
      Future plans
      ============
      
      * Extend 'ETHTOOL_MSG_MODULE_SET' to control Tx output among other
      attributes.
      
      * Add new ethtool message(s) to update firmware on transceiver modules.
      
      * Extend ethtool(8) to parse more diagnostic information from CMIS
      modules. No kernel changes required.
      
      [1] https://lore.kernel.org/netdev/20210623075925.2610908-1-idosch@idosch.org/
      [2] https://members.snia.org/document/dl/26418
      [3] http://www.qsfp-dd.com/wp-content/uploads/2021/05/CMIS5p0.pdf
      
      Previous versions:
      [4] https://lore.kernel.org/netdev/20211003073219.1631064-1-idosch@idosch.org/
      [5] https://lore.kernel.org/netdev/20210824130344.1828076-1-idosch@idosch.org/
      [6] https://lore.kernel.org/netdev/20210818155202.1278177-1-idosch@idosch.org/
      [7] https://lore.kernel.org/netdev/20210809102152.719961-1-idosch@idosch.org/
      ====================
      
      Link: https://lore.kernel.org/r/20211006104647.2357115-1-idosch@idosch.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      4c827082
    • Ido Schimmel's avatar
      mlxsw: Add support for transceiver module extended state · 235dbbec
      Ido Schimmel authored
      Add support for the transceiver module extended state and sub-state
      added in previous patch. The extended state is meant to describe link
      issues related to transceiver modules.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      235dbbec
    • Ido Schimmel's avatar
      ethtool: Add transceiver module extended state · 3dfb5112
      Ido Schimmel authored
      Add an extended state and sub-state to describe link issues related to
      transceiver modules.
      
      The 'ETHTOOL_LINK_EXT_SUBSTATE_MODULE_CMIS_NOT_READY' extended sub-state
      tells user space that port is unable to gain a carrier because the CMIS
      Module State Machine did not reach the ModuleReady (Fully Operational)
      state. For example, if the module is stuck at ModuleLowPwr or
      ModuleFault state. In case of the latter, user space can read the fault
      reason from the module's EEPROM and potentially reset it.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      3dfb5112
    • Ido Schimmel's avatar
      mlxsw: Add ability to control transceiver modules' power mode · 0455dc50
      Ido Schimmel authored
      Implement support for ethtool_ops::.get_module_power_mode and
      ethtool_ops::set_module_power_mode.
      
      The get operation is implemented using the Management Cable IO and
      Notifications (MCION) register that reports the operational power mode
      of the module and its presence. In case a module is not present, its
      operational power mode is not reported to ethtool and user space. If not
      set before, the power mode policy is reported as "high", which is the
      default on Mellanox systems.
      
      The set operation is implemented using the Port Module Memory Map
      Properties (PMMP) register. The register instructs the device's firmware
      to transition a plugged-in module to / out of low power mode by writing
      to its memory map.
      
      When the power mode policy is set to 'auto', a module will not
      transition to low power mode as long as any ports using it are
      administratively up. Example:
      
       # devlink port split swp11 count 4
      
       # ethtool --set-module swp11s0 power-mode-policy auto
      
       $ ethtool --show-module swp11s0
       Module parameters for swp11s0:
       power-mode-policy auto
       power-mode low
      
       # ip link set dev swp11s0 up
      
       # ip link set dev swp11s1 up
      
       $ ethtool --show-module swp11s0
       Module parameters for swp11s0:
       power-mode-policy auto
       power-mode high
      
       # ip link set dev swp11s1 down
      
       $ ethtool --show-module swp11s0
       Module parameters for swp11s0:
       power-mode-policy auto
       power-mode high
      
       # ip link set dev swp11s0 down
      
       $ ethtool --show-module swp11s0
       Module parameters for swp11s0:
       power-mode-policy auto
       power-mode low
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      0455dc50
    • Ido Schimmel's avatar
      mlxsw: reg: Add Management Cable IO and Notifications register · fc53f5fb
      Ido Schimmel authored
      Add the Management Cable IO and Notifications register. It will be used
      to retrieve the power mode status of a module in subsequent patches and
      whether a module is present in a cage or not.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      fc53f5fb
    • Ido Schimmel's avatar
      mlxsw: reg: Add Port Module Memory Map Properties register · f10ba086
      Ido Schimmel authored
      Add the Port Module Memory Map Properties register. It will be used to
      set the power mode of a module in subsequent patches.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      f10ba086
    • Ido Schimmel's avatar
      ethtool: Add ability to control transceiver modules' power mode · 353407d9
      Ido Schimmel authored
      Add a pair of new ethtool messages, 'ETHTOOL_MSG_MODULE_SET' and
      'ETHTOOL_MSG_MODULE_GET', that can be used to control transceiver
      modules parameters and retrieve their status.
      
      The first parameter to control is the power mode of the module. It is
      only relevant for paged memory modules, as flat memory modules always
      operate in low power mode.
      
      When a paged memory module is in low power mode, its power consumption
      is reduced to the minimum, the management interface towards the host is
      available and the data path is deactivated.
      
      User space can choose to put modules that are not currently in use in
      low power mode and transition them to high power mode before putting the
      associated ports administratively up. This is useful for user space that
      favors reduced power consumption and lower temperatures over reduced
      link up times. In QSFP-DD modules the transition from low power mode to
      high power mode can take a few seconds and this transition is only
      expected to get longer with future / more complex modules.
      
      User space can control the power mode of the module via the power mode
      policy attribute ('ETHTOOL_A_MODULE_POWER_MODE_POLICY'). Possible
      values:
      
      * high: Module is always in high power mode.
      
      * auto: Module is transitioned by the host to high power mode when the
        first port using it is put administratively up and to low power mode
        when the last port using it is put administratively down.
      
      The operational power mode of the module is available to user space via
      the 'ETHTOOL_A_MODULE_POWER_MODE' attribute. The attribute is not
      reported to user space when a module is not plugged-in.
      
      The user API is designed to be generic enough so that it could be used
      for modules with different memory maps (e.g., SFF-8636, CMIS).
      
      The only implementation of the device driver API in this series is for a
      MAC driver (mlxsw) where the module is controlled by the device's
      firmware, but it is designed to be generic enough so that it could also
      be used by implementations where the module is controlled by the CPU.
      
      CMIS testing
      ============
      
       # ethtool -m swp11
       Identifier                                : 0x18 (QSFP-DD Double Density 8X Pluggable Transceiver (INF-8628))
       ...
       Module State                              : 0x03 (ModuleReady)
       LowPwrAllowRequestHW                      : Off
       LowPwrRequestSW                           : Off
      
      The module is not in low power mode, as it is not forced by hardware
      (LowPwrAllowRequestHW is off) or by software (LowPwrRequestSW is off).
      
      The power mode can be queried from the kernel. In case
      LowPwrAllowRequestHW was on, the kernel would need to take into account
      the state of the LowPwrRequestHW signal, which is not visible to user
      space.
      
       $ ethtool --show-module swp11
       Module parameters for swp11:
       power-mode-policy high
       power-mode high
      
      Change the power mode policy to 'auto':
      
       # ethtool --set-module swp11 power-mode-policy auto
      
      Query the power mode again:
      
       $ ethtool --show-module swp11
       Module parameters for swp11:
       power-mode-policy auto
       power-mode low
      
      Verify with the data read from the EEPROM:
      
       # ethtool -m swp11
       Identifier                                : 0x18 (QSFP-DD Double Density 8X Pluggable Transceiver (INF-8628))
       ...
       Module State                              : 0x01 (ModuleLowPwr)
       LowPwrAllowRequestHW                      : Off
       LowPwrRequestSW                           : On
      
      Put the associated port administratively up which will instruct the host
      to transition the module to high power mode:
      
       # ip link set dev swp11 up
      
      Query the power mode again:
      
       $ ethtool --show-module swp11
       Module parameters for swp11:
       power-mode-policy auto
       power-mode high
      
      Verify with the data read from the EEPROM:
      
       # ethtool -m swp11
       Identifier                                : 0x18 (QSFP-DD Double Density 8X Pluggable Transceiver (INF-8628))
       ...
       Module State                              : 0x03 (ModuleReady)
       LowPwrAllowRequestHW                      : Off
       LowPwrRequestSW                           : Off
      
      Put the associated port administratively down which will instruct the
      host to transition the module to low power mode:
      
       # ip link set dev swp11 down
      
      Query the power mode again:
      
       $ ethtool --show-module swp11
       Module parameters for swp11:
       power-mode-policy auto
       power-mode low
      
      Verify with the data read from the EEPROM:
      
       # ethtool -m swp11
       Identifier                                : 0x18 (QSFP-DD Double Density 8X Pluggable Transceiver (INF-8628))
       ...
       Module State                              : 0x01 (ModuleLowPwr)
       LowPwrAllowRequestHW                      : Off
       LowPwrRequestSW                           : On
      
      SFF-8636 testing
      ================
      
       # ethtool -m swp13
       Identifier                                : 0x11 (QSFP28)
       ...
       Extended identifier description           : 5.0W max. Power consumption,  High Power Class (> 3.5 W) enabled
       Power set                                 : Off
       Power override                            : On
       ...
       Transmit avg optical power (Channel 1)    : 0.7733 mW / -1.12 dBm
       Transmit avg optical power (Channel 2)    : 0.7649 mW / -1.16 dBm
       Transmit avg optical power (Channel 3)    : 0.7790 mW / -1.08 dBm
       Transmit avg optical power (Channel 4)    : 0.7837 mW / -1.06 dBm
       Rcvr signal avg optical power(Channel 1)  : 0.9302 mW / -0.31 dBm
       Rcvr signal avg optical power(Channel 2)  : 0.9079 mW / -0.42 dBm
       Rcvr signal avg optical power(Channel 3)  : 0.8993 mW / -0.46 dBm
       Rcvr signal avg optical power(Channel 4)  : 0.8778 mW / -0.57 dBm
      
      The module is not in low power mode, as it is not forced by hardware
      (Power override is on) or by software (Power set is off).
      
      The power mode can be queried from the kernel. In case Power override
      was off, the kernel would need to take into account the state of the
      LPMode signal, which is not visible to user space.
      
       $ ethtool --show-module swp13
       Module parameters for swp13:
       power-mode-policy high
       power-mode high
      
      Change the power mode policy to 'auto':
      
       # ethtool --set-module swp13 power-mode-policy auto
      
      Query the power mode again:
      
       $ ethtool --show-module swp13
       Module parameters for swp13:
       power-mode-policy auto
       power-mode low
      
      Verify with the data read from the EEPROM:
      
       # ethtool -m swp13
       Identifier                                : 0x11 (QSFP28)
       Extended identifier description           : 5.0W max. Power consumption,  High Power Class (> 3.5 W) not enabled
       Power set                                 : On
       Power override                            : On
       ...
       Transmit avg optical power (Channel 1)    : 0.0000 mW / -inf dBm
       Transmit avg optical power (Channel 2)    : 0.0000 mW / -inf dBm
       Transmit avg optical power (Channel 3)    : 0.0000 mW / -inf dBm
       Transmit avg optical power (Channel 4)    : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 1)  : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 2)  : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 3)  : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 4)  : 0.0000 mW / -inf dBm
      
      Put the associated port administratively up which will instruct the host
      to transition the module to high power mode:
      
       # ip link set dev swp13 up
      
      Query the power mode again:
      
       $ ethtool --show-module swp13
       Module parameters for swp13:
       power-mode-policy auto
       power-mode high
      
      Verify with the data read from the EEPROM:
      
       # ethtool -m swp13
       Identifier                                : 0x11 (QSFP28)
       ...
       Extended identifier description           : 5.0W max. Power consumption,  High Power Class (> 3.5 W) enabled
       Power set                                 : Off
       Power override                            : On
       ...
       Transmit avg optical power (Channel 1)    : 0.7934 mW / -1.01 dBm
       Transmit avg optical power (Channel 2)    : 0.7859 mW / -1.05 dBm
       Transmit avg optical power (Channel 3)    : 0.7885 mW / -1.03 dBm
       Transmit avg optical power (Channel 4)    : 0.7985 mW / -0.98 dBm
       Rcvr signal avg optical power(Channel 1)  : 0.9325 mW / -0.30 dBm
       Rcvr signal avg optical power(Channel 2)  : 0.9034 mW / -0.44 dBm
       Rcvr signal avg optical power(Channel 3)  : 0.9086 mW / -0.42 dBm
       Rcvr signal avg optical power(Channel 4)  : 0.8885 mW / -0.51 dBm
      
      Put the associated port administratively down which will instruct the
      host to transition the module to low power mode:
      
       # ip link set dev swp13 down
      
      Query the power mode again:
      
       $ ethtool --show-module swp13
       Module parameters for swp13:
       power-mode-policy auto
       power-mode low
      
      Verify with the data read from the EEPROM:
      
       # ethtool -m swp13
       Identifier                                : 0x11 (QSFP28)
       ...
       Extended identifier description           : 5.0W max. Power consumption,  High Power Class (> 3.5 W) not enabled
       Power set                                 : On
       Power override                            : On
       ...
       Transmit avg optical power (Channel 1)    : 0.0000 mW / -inf dBm
       Transmit avg optical power (Channel 2)    : 0.0000 mW / -inf dBm
       Transmit avg optical power (Channel 3)    : 0.0000 mW / -inf dBm
       Transmit avg optical power (Channel 4)    : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 1)  : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 2)  : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 3)  : 0.0000 mW / -inf dBm
       Rcvr signal avg optical power(Channel 4)  : 0.0000 mW / -inf dBm
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      353407d9
  3. 06 Oct, 2021 3 commits