sfc: support offloading ct(nat) action in RHS rules

If an IP address and/or L4 port for NAPT is available from a CT match,
 the MAE will perform the edits; if no CT lookup has been performed for
 this packet, the CT lookup did not return a match, or the matched CT
 entry did not include NAPT, the action will have no effect.

Reviewed-by: Pieter Jansen van Vuuren <pieter.jansen-van-vuuren@amd.com>
Signed-off-by: Edward Cree <ecree.xilinx@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/drivers/net/ethernet/sfc/mae.c b/drivers/net/ethernet/sfc/mae.c
index 021980a958b77227076d98d56300ce61d1f71dc6..10709d828a636d23a448bb61cc414826ee7a12dc 100644 (file)
--- a/drivers/net/ethernet/sfc/mae.c
+++ b/drivers/net/ethernet/sfc/mae.c
@@ -1291,10 +1291,11 @@ int efx_mae_alloc_action_set(struct efx_nic *efx, struct efx_tc_action_set *act)
        size_t outlen;
        int rc;
 
-       MCDI_POPULATE_DWORD_4(inbuf, MAE_ACTION_SET_ALLOC_IN_FLAGS,
+       MCDI_POPULATE_DWORD_5(inbuf, MAE_ACTION_SET_ALLOC_IN_FLAGS,
                              MAE_ACTION_SET_ALLOC_IN_VLAN_PUSH, act->vlan_push,
                              MAE_ACTION_SET_ALLOC_IN_VLAN_POP, act->vlan_pop,
                              MAE_ACTION_SET_ALLOC_IN_DECAP, act->decap,
+                             MAE_ACTION_SET_ALLOC_IN_DO_NAT, act->do_nat,
                              MAE_ACTION_SET_ALLOC_IN_DO_DECR_IP_TTL,
                              act->do_ttl_dec);
 

diff --git a/drivers/net/ethernet/sfc/tc.c b/drivers/net/ethernet/sfc/tc.c
index 3d76b75986317dc315a1462b9ab2143474125c5e..6db3d7ed3a867e8d5c0cadc55cfd07e6a2335bd9 100644 (file)
--- a/drivers/net/ethernet/sfc/tc.c
+++ b/drivers/net/ethernet/sfc/tc.c
@@ -2457,6 +2457,14 @@ static int efx_tc_flower_replace(struct efx_nic *efx,
                        NL_SET_ERR_MSG_MOD(extack, "Cannot offload tunnel decap action without tunnel device");
                        rc = -EOPNOTSUPP;
                        goto release;
+               case FLOW_ACTION_CT:
+                       if (fa->ct.action != TCA_CT_ACT_NAT) {
+                               rc = -EOPNOTSUPP;
+                               NL_SET_ERR_MSG_FMT_MOD(extack, "Can only offload CT 'nat' action in RHS rules, not %d", fa->ct.action);
+                               goto release;
+                       }
+                       act->do_nat = 1;
+                       break;
                default:
                        NL_SET_ERR_MSG_FMT_MOD(extack, "Unhandled action %u",
                                               fa->id);

diff --git a/drivers/net/ethernet/sfc/tc.h b/drivers/net/ethernet/sfc/tc.h
index 86e38ea7988cceda7dccc6f0ab7ba33c4b409f46..7b5190078beee0a2eb4aab13ed9a27e16934dd18 100644 (file)
--- a/drivers/net/ethernet/sfc/tc.h
+++ b/drivers/net/ethernet/sfc/tc.h
@@ -48,6 +48,7 @@ struct efx_tc_encap_action; /* see tc_encap_actions.h */
  * @vlan_push: the number of vlan headers to push
  * @vlan_pop: the number of vlan headers to pop
  * @decap: used to indicate a tunnel header decapsulation should take place
+ * @do_nat: perform NAT/NPT with values returned by conntrack match
  * @do_ttl_dec: used to indicate IP TTL / Hop Limit should be decremented
  * @deliver: used to indicate a deliver action should take place
  * @vlan_tci: tci fields for vlan push actions
@@ -68,6 +69,7 @@ struct efx_tc_action_set {
        u16 vlan_push:2;
        u16 vlan_pop:2;
        u16 decap:1;
+       u16 do_nat:1;
        u16 do_ttl_dec:1;
        u16 deliver:1;
        __be16 vlan_tci[2];