From: "Ananyev, Konstantin" <konstantin.ananyev@intel.com>
To: "Nicolau, Radu" <radu.nicolau@intel.com>, "dev@dpdk.org" <dev@dpdk.org>
Cc: "Lu, Wenzhuo" <wenzhuo.lu@intel.com>,
"Zhao, XinfengX" <xinfengx.zhao@intel.com>,
"De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>
Subject: Re: [dpdk-dev] [PATCH] net/ixgbe: check if security capabilities are enabled by HW
Date: Wed, 17 Jan 2018 11:34:25 +0000 [thread overview]
Message-ID: <2601191342CEEE43887BDE71AB9772588627EE87@irsmsx105.ger.corp.intel.com> (raw)
In-Reply-To: <1516187946-30607-1-git-send-email-radu.nicolau@intel.com>
Hi Radu,
> -----Original Message-----
> From: Nicolau, Radu
> Sent: Wednesday, January 17, 2018 11:19 AM
> To: dev@dpdk.org
> Cc: Lu, Wenzhuo <wenzhuo.lu@intel.com>; Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhao, XinfengX
> <xinfengx.zhao@intel.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
> Subject: [PATCH] net/ixgbe: check if security capabilities are enabled by HW
>
> Check if the security enable bits are not fused before setting
> offload capabilities for security
In theory dev_info_get() - could be called at any stage of device configuration
or even when RX/TX is active.
Do you really want to assert SECRXCTRL at that moment?
Probably better to do this only once at init time and then just use some stored value?
Konstantin
>
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> ---
> drivers/net/ixgbe/ixgbe_ethdev.c | 6 ++++--
> drivers/net/ixgbe/ixgbe_ipsec.c | 15 +++++++++++++++
> drivers/net/ixgbe/ixgbe_ipsec.h | 1 +
> 3 files changed, 20 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/ixgbe/ixgbe_ethdev.c b/drivers/net/ixgbe/ixgbe_ethdev.c
> index 43e0132..4f2ab2f 100644
> --- a/drivers/net/ixgbe/ixgbe_ethdev.c
> +++ b/drivers/net/ixgbe/ixgbe_ethdev.c
> @@ -3685,8 +3685,10 @@ ixgbe_dev_info_get(struct rte_eth_dev *dev, struct rte_eth_dev_info *dev_info)
> dev_info->tx_offload_capa |= DEV_TX_OFFLOAD_OUTER_IPV4_CKSUM;
>
> #ifdef RTE_LIBRTE_SECURITY
> - dev_info->rx_offload_capa |= DEV_RX_OFFLOAD_SECURITY;
> - dev_info->tx_offload_capa |= DEV_TX_OFFLOAD_SECURITY;
> + if (ixgbe_crypto_capable(dev)) {
> + dev_info->rx_offload_capa |= DEV_RX_OFFLOAD_SECURITY;
> + dev_info->tx_offload_capa |= DEV_TX_OFFLOAD_SECURITY;
> + }
> #endif
>
> dev_info->default_rxconf = (struct rte_eth_rxconf) {
> diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c
> index 97f025a8..a495679 100644
> --- a/drivers/net/ixgbe/ixgbe_ipsec.c
> +++ b/drivers/net/ixgbe/ixgbe_ipsec.c
> @@ -602,6 +602,21 @@ ixgbe_crypto_capabilities_get(void *device __rte_unused)
>
>
> int
> +ixgbe_crypto_capable(struct rte_eth_dev *dev)
> +{
> + struct ixgbe_hw *hw = IXGBE_DEV_PRIVATE_TO_HW(dev->data->dev_private);
> + uint32_t reg_i, reg, capable = 1;
> + /* test if rx crypto can be enabled and then write back initial value*/
> + reg_i = IXGBE_READ_REG(hw, IXGBE_SECRXCTRL);
> + IXGBE_WRITE_REG(hw, IXGBE_SECRXCTRL, 0);
> + reg = IXGBE_READ_REG(hw, IXGBE_SECRXCTRL);
> + if (reg != 0)
> + capable = 0;
> + IXGBE_WRITE_REG(hw, IXGBE_SECRXCTRL, reg_i);
> + return capable;
> +}
> +
> +int
> ixgbe_crypto_enable_ipsec(struct rte_eth_dev *dev)
> {
> struct ixgbe_hw *hw = IXGBE_DEV_PRIVATE_TO_HW(dev->data->dev_private);
> diff --git a/drivers/net/ixgbe/ixgbe_ipsec.h b/drivers/net/ixgbe/ixgbe_ipsec.h
> index acd9f3e..eeba39f 100644
> --- a/drivers/net/ixgbe/ixgbe_ipsec.h
> +++ b/drivers/net/ixgbe/ixgbe_ipsec.h
> @@ -112,6 +112,7 @@ struct ixgbe_ipsec {
>
> struct rte_security_ctx *
> ixgbe_ipsec_ctx_create(struct rte_eth_dev *dev);
> +int ixgbe_crypto_capable(struct rte_eth_dev *dev);
> int ixgbe_crypto_enable_ipsec(struct rte_eth_dev *dev);
> int ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,
> const void *ip_spec,
> --
> 2.7.5
next prev parent reply other threads:[~2018-01-17 11:34 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-17 11:19 Radu Nicolau
2018-01-17 11:34 ` Ananyev, Konstantin [this message]
2018-01-17 11:40 ` Nicolau, Radu
2018-01-17 11:54 ` [dpdk-dev] [PATCH v2] " Radu Nicolau
2018-01-17 22:47 ` Ananyev, Konstantin
2018-01-18 0:43 ` Zhang, Helin
2018-01-18 14:58 ` Ferruh Yigit
2018-01-20 9:45 ` Zhang, Helin
2018-01-18 12:46 ` [dpdk-dev] [PATCH v3] net/ixgbe: check security enable bits Radu Nicolau
2018-01-22 10:23 ` Ananyev, Konstantin
2018-01-23 2:06 ` Zhang, Helin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2601191342CEEE43887BDE71AB9772588627EE87@irsmsx105.ger.corp.intel.com \
--to=konstantin.ananyev@intel.com \
--cc=dev@dpdk.org \
--cc=pablo.de.lara.guarch@intel.com \
--cc=radu.nicolau@intel.com \
--cc=wenzhuo.lu@intel.com \
--cc=xinfengx.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).