X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=lib%2Flibrte_ether%2Frte_flow.h;h=07ec217ca67885267e28ae1a5ab73e5f0924a8ce;hb=b8f19c924a7d83fdab02ef1fccdc223cb8b3781d;hp=b1a1b975717fc37ebed59a28055ec6260acf1680;hpb=576f459eb2a900c9868ff868093e06a59fa584ea;p=dpdk.git diff --git a/lib/librte_ether/rte_flow.h b/lib/librte_ether/rte_flow.h index b1a1b97571..07ec217ca6 100644 --- a/lib/librte_ether/rte_flow.h +++ b/lib/librte_ether/rte_flow.h @@ -50,6 +50,7 @@ #include #include #include +#include #ifdef __cplusplus extern "C" { @@ -336,6 +337,20 @@ enum rte_flow_item_type { * See struct rte_flow_item_gtp. */ RTE_FLOW_ITEM_TYPE_GTPU, + + /** + * Matches a ESP header. + * + * See struct rte_flow_item_esp. + */ + RTE_FLOW_ITEM_TYPE_ESP, + + /** + * Matches a GENEVE header. + * + * See struct rte_flow_item_geneve. + */ + RTE_FLOW_ITEM_TYPE_GENEVE, }; /** @@ -786,6 +801,47 @@ static const struct rte_flow_item_gtp rte_flow_item_gtp_mask = { }; #endif +/** + * RTE_FLOW_ITEM_TYPE_ESP + * + * Matches an ESP header. + */ +struct rte_flow_item_esp { + struct esp_hdr hdr; /**< ESP header definition. */ +}; + +/** Default mask for RTE_FLOW_ITEM_TYPE_ESP. */ +#ifndef __cplusplus +static const struct rte_flow_item_esp rte_flow_item_esp_mask = { + .hdr = { + .spi = 0xffffffff, + }, +}; +#endif + +/** + * RTE_FLOW_ITEM_TYPE_GENEVE. + * + * Matches a GENEVE header. + */ +struct rte_flow_item_geneve { + /** + * Version (2b), length of the options fields (6b), OAM packet (1b), + * critical options present (1b), reserved 0 (6b). + */ + rte_be16_t ver_opt_len_o_c_rsvd0; + rte_be16_t protocol; /**< Protocol type. */ + uint8_t vni[3]; /**< Virtual Network Identifier. */ + uint8_t rsvd1; /**< Reserved, normally 0x00. */ +}; + +/** Default mask for RTE_FLOW_ITEM_TYPE_GENEVE. */ +#ifndef __cplusplus +static const struct rte_flow_item_geneve rte_flow_item_geneve_mask = { + .vni = "\xff\xff\xff", +}; +#endif + /** * Matching pattern item definition. * @@ -967,6 +1023,22 @@ enum rte_flow_action_type { * See struct rte_flow_action_vf. */ RTE_FLOW_ACTION_TYPE_VF, + + /** + * Traffic metering and policing (MTR). + * + * See struct rte_flow_action_meter. + * See file rte_mtr.h for MTR object configuration. + */ + RTE_FLOW_ACTION_TYPE_METER, + + /** + * Redirects packets to security engine of current device for security + * processing as specified by security session. + * + * See struct rte_flow_action_security. + */ + RTE_FLOW_ACTION_TYPE_SECURITY }; /** @@ -1059,6 +1131,51 @@ struct rte_flow_action_vf { uint32_t id; /**< VF ID to redirect packets to. */ }; +/** + * RTE_FLOW_ACTION_TYPE_METER + * + * Traffic metering and policing (MTR). + * + * Packets matched by items of this type can be either dropped or passed to the + * next item with their color set by the MTR object. + * + * Non-terminating by default. + */ +struct rte_flow_action_meter { + uint32_t mtr_id; /**< MTR object ID created with rte_mtr_create(). */ +}; + +/** + * RTE_FLOW_ACTION_TYPE_SECURITY + * + * Perform the security action on flows matched by the pattern items + * according to the configuration of the security session. + * + * This action modifies the payload of matched flows. For INLINE_CRYPTO, the + * security protocol headers and IV are fully provided by the application as + * specified in the flow pattern. The payload of matching packets is + * encrypted on egress, and decrypted and authenticated on ingress. + * For INLINE_PROTOCOL, the security protocol is fully offloaded to HW, + * providing full encapsulation and decapsulation of packets in security + * protocols. The flow pattern specifies both the outer security header fields + * and the inner packet fields. The security session specified in the action + * must match the pattern parameters. + * + * The security session specified in the action must be created on the same + * port as the flow action that is being specified. + * + * The ingress/egress flow attribute should match that specified in the + * security session if the security session supports the definition of the + * direction. + * + * Multiple flows can be configured to use the same security session. + * + * Non-terminating by default. + */ +struct rte_flow_action_security { + void *security_session; /**< Pointer to security session structure. */ +}; + /** * Definition of a single action. * @@ -1150,6 +1267,8 @@ struct rte_flow_error { * * -ENOSYS: underlying device does not support this functionality. * + * -EIO: underlying device is removed. + * * -EINVAL: unknown or invalid rule specification. * * -ENOTSUP: valid but unsupported rule specification (e.g. partial @@ -1168,7 +1287,7 @@ struct rte_flow_error { * state (see rte_eth_dev_rx_queue_stop() and rte_eth_dev_stop()). */ int -rte_flow_validate(uint8_t port_id, +rte_flow_validate(uint16_t port_id, const struct rte_flow_attr *attr, const struct rte_flow_item pattern[], const struct rte_flow_action actions[], @@ -1195,7 +1314,7 @@ rte_flow_validate(uint8_t port_id, * rte_flow_validate(). */ struct rte_flow * -rte_flow_create(uint8_t port_id, +rte_flow_create(uint16_t port_id, const struct rte_flow_attr *attr, const struct rte_flow_item pattern[], const struct rte_flow_action actions[], @@ -1222,7 +1341,7 @@ rte_flow_create(uint8_t port_id, * 0 on success, a negative errno value otherwise and rte_errno is set. */ int -rte_flow_destroy(uint8_t port_id, +rte_flow_destroy(uint16_t port_id, struct rte_flow *flow, struct rte_flow_error *error); @@ -1243,7 +1362,7 @@ rte_flow_destroy(uint8_t port_id, * 0 on success, a negative errno value otherwise and rte_errno is set. */ int -rte_flow_flush(uint8_t port_id, +rte_flow_flush(uint16_t port_id, struct rte_flow_error *error); /** @@ -1271,7 +1390,7 @@ rte_flow_flush(uint8_t port_id, * 0 on success, a negative errno value otherwise and rte_errno is set. */ int -rte_flow_query(uint8_t port_id, +rte_flow_query(uint16_t port_id, struct rte_flow *flow, enum rte_flow_action_type action, void *data, @@ -1319,7 +1438,31 @@ rte_flow_query(uint8_t port_id, * 0 on success, a negative errno value otherwise and rte_errno is set. */ int -rte_flow_isolate(uint8_t port_id, int set, struct rte_flow_error *error); +rte_flow_isolate(uint16_t port_id, int set, struct rte_flow_error *error); + +/** + * Initialize flow error structure. + * + * @param[out] error + * Pointer to flow error structure (may be NULL). + * @param code + * Related error code (rte_errno). + * @param type + * Cause field and error types. + * @param cause + * Object responsible for the error. + * @param message + * Human-readable error message. + * + * @return + * Negative error code (errno value) and rte_errno is set. + */ +int +rte_flow_error_set(struct rte_flow_error *error, + int code, + enum rte_flow_error_type type, + const void *cause, + const char *message); /** * Generic flow representation.