projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 5debe0b 3c863c3)
Merge branch 'nfp-ct-offload'
authorDavid S. Miller <davem@davemloft.net>
Wed, 2 Jun 2021 21:04:42 +0000 (14:04 -0700)
committerDavid S. Miller <davem@davemloft.net>
Wed, 2 Jun 2021 21:04:42 +0000 (14:04 -0700)
commit53c7bb553056d3a6713ea413576c6d1b0c3f0f61
tree95ed46c2333c65f2a30d80ed19588255a610e29dtree | snapshot
parent5debe0b30bac2b921722d7419f02acee6f02fa71commit | diff
parent3c863c300c0959aeeef13f797c85ea58f6b291c6commit | diff
Merge branch 'nfp-ct-offload'

Simon Horman says:

====================
Introduce conntrack offloading to the nfp driver

Louis Peens says:

This is the first in a series of patches to offload conntrack
to the nfp. The approach followed is to flatten out three
different flow rules into a single offloaded flow. The three
different flows are:

1) The rule sending the packet to conntrack (pre_ct)
2) The rule matching on +trk+est after a packet has been through
   conntrack. (post_ct)
3) The rule received via callback from the netfilter (nft)

In order to offload a flow we need a combination of all three flows, but
they could be added/deleted at different times and in different order.

To solve this we save potential offloadable CT flows in the driver,
and every time we receive a callback we check against these saved flows
for valid merges. Once we have a valid combination of all three flows
this will be offloaded to the NFP. This is demonstrated in the diagram
below.

+-------------+                      +----------+
| pre_ct flow +--------+             | nft flow |
+-------------+        v             +------+---+
                  +----------+              |
                  | tc_merge +--------+     |
                  +----------+        v     v
+--------------+       ^           +-------------+
| post_ct flow +-------+       +---+nft_tc merge |
+--------------+               |   +-------------+
                               |
                               |
                               |
                               v
                        Offload to nfp

This series is only up to the point of the pre_ct and post_ct
merges into the tc_merge. Follow up series will continue
to add the nft flows and merging of these flows with the result
of the pre_ct and post_ct merged flows.

Changes since v2:
- nfp: flower-ct: add zone table entry when handling pre/post_ct flows
    Fixed another docstring. Should finally have the patch check
    environment properly configured now to avoid more of these.
- nfp: flower-ct: add tc merge functionality
    Fixed warning found by "kernel test robot <lkp@intel.com>"
    Added code comment explaining chain_index comparison

Changes since v1:
- nfp: flower-ct: add ct zone table
    Fixed unused variable compile warning
    Fixed missing colon in struct description
====================

Acked-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Domain: System / Kernel;