[PATCH net-next 4/5] net/mlx5e: CT: Filter legacy rules that are unrelated to nic

From: Tariq Toukan
Date: Wed Mar 19 2025 - 10:37:26 EST

Next message: Christian König: "Re: [PATCH v2] drm/nouveau: prime: fix ttm_bo_delayed_delete oops"
Previous message: Mark Rutland: "Re: [PATCH 6/7] uprobes: Allow the use of uprobe_warn() in arch code"
In reply to: Tariq Toukan: "[PATCH net-next 5/5] net/mlx5e: TC, Don't offload CT commit if it's the last action"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Paul Blakey <paulb@xxxxxxxxxx>

In nic mode CT setup where we do hairpin between the two
nics, both nics register to the same flow table (per zone),
and try to offload all rules on it.

Instead, filter the rules that originated from the relevant nic
(so only one side is offloaded for each nic).

Signed-off-by: Paul Blakey <paulb@xxxxxxxxxx>
Reviewed-by: Jianbo Liu <jianbol@xxxxxxxxxx>
Signed-off-by: Tariq Toukan <tariqt@xxxxxxxxxx>
---
.../ethernet/mellanox/mlx5/core/en/tc_ct.c | 29 +++++++++++++++++++
1 file changed, 29 insertions(+)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c b/drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c
index a065e8fafb1d..81332cd4a582 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c
@@ -1349,6 +1349,32 @@ mlx5_tc_ct_block_flow_offload_stats(struct mlx5_ct_ft *ft,
return 0;
}

+static bool
+mlx5_tc_ct_filter_legacy_non_nic_flows(struct mlx5_ct_ft *ft,
+ struct flow_cls_offload *flow)
+{
+ struct flow_rule *rule = flow_cls_offload_flow_rule(flow);
+ struct mlx5_tc_ct_priv *ct_priv = ft->ct_priv;
+ struct flow_match_meta match;
+ struct net_device *netdev;
+ bool same_dev = false;
+
+ if (!is_mdev_legacy_mode(ct_priv->dev) ||
+ !flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_META))
+ return true;
+
+ flow_rule_match_meta(rule, &match);
+
+ if (!(match.key->ingress_ifindex & match.mask->ingress_ifindex))
+ return true;
+
+ netdev = dev_get_by_index(&init_net, match.key->ingress_ifindex);
+ same_dev = ct_priv->netdev == netdev;
+ dev_put(netdev);
+
+ return same_dev;
+}
+
static int
mlx5_tc_ct_block_flow_offload(enum tc_setup_type type, void *type_data,
void *cb_priv)
@@ -1361,6 +1387,9 @@ mlx5_tc_ct_block_flow_offload(enum tc_setup_type type, void *type_data,

switch (f->command) {
case FLOW_CLS_REPLACE:
+ if (!mlx5_tc_ct_filter_legacy_non_nic_flows(ft, f))
+ return -EOPNOTSUPP;
+
return mlx5_tc_ct_block_flow_offload_add(ft, f);
case FLOW_CLS_DESTROY:
return mlx5_tc_ct_block_flow_offload_del(ft, f);
--
2.31.1

Next message: Christian König: "Re: [PATCH v2] drm/nouveau: prime: fix ttm_bo_delayed_delete oops"
Previous message: Mark Rutland: "Re: [PATCH 6/7] uprobes: Allow the use of uprobe_warn() in arch code"
In reply to: Tariq Toukan: "[PATCH net-next 5/5] net/mlx5e: TC, Don't offload CT commit if it's the last action"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]