git.baikalelectronics.ru Git - kernel.git/commit

author	Paul Blakey <paulb@mellanox.com>
	Mon, 11 Nov 2019 23:34:29 +0000 (00:34 +0100)
committer	Saeed Mahameed <saeedm@mellanox.com>
	Wed, 13 Nov 2019 21:49:33 +0000 (13:49 -0800)
commit	1821a59230a9d3d3d39407f9967cdcb2eff0a6e0
tree	4d849d601d3570342ed0c8a0a8300675e9bc0a8c	tree \| snapshot
parent	b1cc732bd0deaa45e0c8407f9a3703fd0520401b	commit \| diff

net/mlx5: Add new chain for netfilter flow table offload

Netfilter tables (nftables) implements a software datapath that
comes after tc ingress datapath. The datapath supports offloading
such rules via the flow table offload API.

This API is currently only used by NFT and it doesn't provide the
global priority in regards to tc offload, so we assume offloading such
rules must come after tc. It does provide a flow table priority
parameter, so we need to provide some supported priority range.

For that, split fastpath prio to two, flow table offload and tc offload,
with one dedicated priority chain for flow table offload.

Next patch will re-use the multi chain API to access this chain by
allowing access to this chain by the fdb_sub_namespace.

Signed-off-by: Paul Blakey <paulb@mellanox.com>
Reviewed-by: Mark Bloch <markb@mellanox.com>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>

drivers/net/ethernet/mellanox/mlx5/core/eswitch.h		diff \| blob \| history
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c		diff \| blob \| history
include/linux/mlx5/fs.h		diff \| blob \| history