Re: [PATCH net-next v2 4/6] net: microchip: sparx5: add support for apptrust

From: Daniel.Machon
Date: Mon Oct 03 2022 - 02:54:10 EST


> > Make use of set/getapptrust() to implement per-selector trust and trust
> > order.
> >
> > Signed-off-by: Daniel Machon <daniel.machon@xxxxxxxxxxxxx>
> > ---
> > .../ethernet/microchip/sparx5/sparx5_dcb.c | 116 ++++++++++++++++++
> > .../ethernet/microchip/sparx5/sparx5_main.h | 3 +
> > .../ethernet/microchip/sparx5/sparx5_port.c | 4 +-
> > .../ethernet/microchip/sparx5/sparx5_port.h | 2 +
> > .../ethernet/microchip/sparx5/sparx5_qos.c | 4 +
> > 5 files changed, 127 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c b/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c
> > index db17c124dac8..10aeb422b1ae 100644
> > --- a/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c
> > +++ b/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c
> > @@ -8,6 +8,22 @@
> >
> > #include "sparx5_port.h"
> >
> > +static const struct sparx5_dcb_apptrust {
> > + u8 selectors[256];
> > + int nselectors;
> > + char *names;
>
> I think this should be just "name".

I dont think so. This is a str representation of all the selector values.
"names" makes more sense to me.

>
> > +} *apptrust[SPX5_PORTS];
> > +
> > +/* Sparx5 supported apptrust configurations */
> > +static const struct sparx5_dcb_apptrust apptrust_conf[4] = {
> > + /* Empty *must* be first */
> > + { { 0 }, 0, "empty" },
> > + { { IEEE_8021QAZ_APP_SEL_DSCP }, 1, "dscp" },
> > + { { DCB_APP_SEL_PCP }, 1, "pcp" },
> > + { { IEEE_8021QAZ_APP_SEL_DSCP,
> > + DCB_APP_SEL_PCP }, 2, "dscp pcp" },
> > +};
> > +
> > /* Validate app entry.
> > *
> > * Check for valid selectors and valid protocol and priority ranges.
> > @@ -37,12 +53,59 @@ static int sparx5_dcb_app_validate(struct net_device *dev,
> > return err;
> > }
> >
> > +/* Validate apptrust configuration.
> > + *
> > + * Return index of supported apptrust configuration if valid, otherwise return
> > + * error.
> > + */
> > +static int sparx5_dcb_apptrust_validate(struct net_device *dev, u8 *selectors,
> > + int nselectors, int *err)
> > +{
> > + bool match;
> > + int i, ii;
> > +
> > + for (i = 0; i < ARRAY_SIZE(apptrust_conf); i++) {
>
> I would do this here:
>
> if (apptrust_conf[i].nselectors != nselectors) continue;
>
> to avoid having to think about the semantics of comparing to all those
> zeroes in apptrust_conf.selectors array.

Yes, that would be good.

>
> > + match = true;
> > + for (ii = 0; ii < nselectors; ii++) {
> > + if (apptrust_conf[i].selectors[ii] !=
> > + *(selectors + ii)) {
> > + match = false;
> > + break;
> > + }
> > + }
> > + if (match)
> > + break;
> > + }
> > +
> > + /* Requested trust configuration is not supported */
> > + if (!match) {
> > + netdev_err(dev, "Valid apptrust configurations are:\n");
> > + for (i = 0; i < ARRAY_SIZE(apptrust_conf); i++)
> > + pr_info("order: %s\n", apptrust_conf[i].names);
> > + *err = -EOPNOTSUPP;
> > + }
> > +
> > + return i;
> > +}