* [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD
@ 2019-04-17 15:45 Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
` (7 more replies)
0 siblings, 8 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev; +Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev, Igor Russkikh
This patchset implements MACSEC hardware offload configuration in
Atlantic PMD via experimental PMD API.
There is an agreement to work on 19.08 timeframe for the generic
MACSEC API inside of rte_security.
v2 changes:
- Removed public API changes for macsec, leave only PMD experimental
API for MACSEC in a form, similar to what ixgbe driver provides.
- Joined doc and features update into commit where macsec features
gets actually enabled
Igor Russkikh (2):
net/atlantic: bump internal driver version
net/atlantic: public experimental macsec API
Pavel Belous (5):
net/atlantic: macsec hardware structures declaration
net/atlantic: enable macsec configuration
net/atlantic: macsec firmware interface
net/atlantic: interrupt handling of macsec events
net/atlantic: implement macsec statistics
doc/guides/nics/atlantic.rst | 6 +
doc/guides/nics/features/atlantic.ini | 1 +
drivers/net/atlantic/Makefile | 1 +
drivers/net/atlantic/atl_common.h | 2 +-
drivers/net/atlantic/atl_ethdev.c | 364 +++++++++++++++++-
drivers/net/atlantic/atl_ethdev.h | 14 +-
drivers/net/atlantic/atl_types.h | 39 ++
drivers/net/atlantic/hw_atl/hw_atl_utils.h | 148 +++++++
.../net/atlantic/hw_atl/hw_atl_utils_fw2x.c | 51 +++
drivers/net/atlantic/meson.build | 1 +
drivers/net/atlantic/rte_pmd_atlantic.c | 102 +++++
drivers/net/atlantic/rte_pmd_atlantic.h | 41 ++
.../net/atlantic/rte_pmd_atlantic_version.map | 12 +
13 files changed, 765 insertions(+), 17 deletions(-)
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.c
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.h
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 1/7] net/atlantic: macsec hardware structures declaration Igor Russkikh
` (6 subsequent siblings)
7 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev; +Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev, Igor Russkikh
This patchset implements MACSEC hardware offload configuration in
Atlantic PMD via experimental PMD API.
There is an agreement to work on 19.08 timeframe for the generic
MACSEC API inside of rte_security.
v2 changes:
- Removed public API changes for macsec, leave only PMD experimental
API for MACSEC in a form, similar to what ixgbe driver provides.
- Joined doc and features update into commit where macsec features
gets actually enabled
Igor Russkikh (2):
net/atlantic: bump internal driver version
net/atlantic: public experimental macsec API
Pavel Belous (5):
net/atlantic: macsec hardware structures declaration
net/atlantic: enable macsec configuration
net/atlantic: macsec firmware interface
net/atlantic: interrupt handling of macsec events
net/atlantic: implement macsec statistics
doc/guides/nics/atlantic.rst | 6 +
doc/guides/nics/features/atlantic.ini | 1 +
drivers/net/atlantic/Makefile | 1 +
drivers/net/atlantic/atl_common.h | 2 +-
drivers/net/atlantic/atl_ethdev.c | 364 +++++++++++++++++-
drivers/net/atlantic/atl_ethdev.h | 14 +-
drivers/net/atlantic/atl_types.h | 39 ++
drivers/net/atlantic/hw_atl/hw_atl_utils.h | 148 +++++++
.../net/atlantic/hw_atl/hw_atl_utils_fw2x.c | 51 +++
drivers/net/atlantic/meson.build | 1 +
drivers/net/atlantic/rte_pmd_atlantic.c | 102 +++++
drivers/net/atlantic/rte_pmd_atlantic.h | 41 ++
.../net/atlantic/rte_pmd_atlantic_version.map | 12 +
13 files changed, 765 insertions(+), 17 deletions(-)
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.c
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.h
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 1/7] net/atlantic: macsec hardware structures declaration
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration Igor Russkikh
` (5 subsequent siblings)
7 siblings, 1 reply; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
Here we define hardware and software configuration structures
for macsec interface. MACSEC itself is implemented in Phy module,
but its configuration is done via firmware interface
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_types.h | 37 ++++++
drivers/net/atlantic/hw_atl/hw_atl_utils.h | 148 +++++++++++++++++++++
2 files changed, 185 insertions(+)
diff --git a/drivers/net/atlantic/atl_types.h b/drivers/net/atlantic/atl_types.h
index 3edaf0c7c047..3cc9e96089e8 100644
--- a/drivers/net/atlantic/atl_types.h
+++ b/drivers/net/atlantic/atl_types.h
@@ -59,6 +59,39 @@ struct aq_rss_parameters {
u8 indirection_table[HW_ATL_B0_RSS_REDIRECTION_MAX];
};
+/* Macsec stuff */
+struct aq_macsec_config {
+ struct {
+ u32 macsec_enabled;
+ u32 encryption_enabled;
+ u32 replay_protection_enabled;
+ } common;
+
+ struct {
+ u32 idx;
+ u32 mac[2]; /* 6 bytes */
+ } txsc;
+
+ struct {
+ u32 idx;
+ u32 an; /* association number on the local side */
+ u32 pn; /* packet number on the local side */
+ u32 key[4]; /* 128 bit key */
+ } txsa;
+
+ struct {
+ u32 mac[2]; /* 6 bytes */
+ u32 pi;
+ } rxsc;
+
+ struct {
+ u32 idx;
+ u32 an; /* association number on the remote side */
+ u32 pn; /* packet number on the remote side */
+ u32 key[4]; /* 128 bit key */
+ } rxsa;
+};
+
struct aq_hw_cfg_s {
bool is_lro;
bool is_rss;
@@ -75,6 +108,7 @@ struct aq_hw_cfg_s {
uint32_t flow_control;
struct aq_rss_parameters aq_rss;
+ struct aq_macsec_config aq_macsec;
};
struct aq_hw_s {
@@ -143,6 +177,9 @@ struct aq_fw_ops {
int (*set_eeprom)(struct aq_hw_s *self, int dev_addr,
u32 *data, u32 len);
+ int (*send_macsec_req)(struct aq_hw_s *self,
+ struct macsec_msg_fw_request *req,
+ struct macsec_msg_fw_response *response);
};
struct atl_sw_stats {
diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils.h b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
index f2a87826c0d1..b7c531573623 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils.h
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
@@ -351,6 +351,154 @@ struct smbus_write_request {
u32 length;
} __attribute__((__packed__));
+enum macsec_msg_type {
+ macsec_cfg_msg = 0,
+ macsec_add_rx_sc_msg,
+ macsec_add_tx_sc_msg,
+ macsec_add_rx_sa_msg,
+ macsec_add_tx_sa_msg,
+ macsec_get_stats_msg,
+};
+
+struct macsec_cfg {
+ uint32_t enabled;
+ uint32_t egress_threshold;
+ uint32_t ingress_threshold;
+ uint32_t interrupts_enabled;
+} __attribute__((__packed__));
+
+struct add_rx_sc {
+ uint32_t index;
+ uint32_t pi; /* Port identifier */
+ uint32_t sci[2]; /* Secure Channel identifier */
+ uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+ uint32_t tci;
+ uint32_t tci_mask;
+ uint32_t mac_sa[2];
+ uint32_t sa_mask; /* 0: ignore mac_sa */
+ uint32_t mac_da[2];
+ uint32_t da_mask; /* 0: ignore mac_da */
+ uint32_t validate_frames; /* 0: strict, 1:check, 2:disabled */
+ uint32_t replay_protect; /* 1: enabled, 0:disabled */
+ uint32_t anti_replay_window; /* default 0 */
+ /* 1: auto_rollover enabled (when SA next_pn is saturated */
+ uint32_t an_rol;
+} __attribute__((__packed__));
+
+struct add_tx_sc {
+ uint32_t index;
+ uint32_t pi; /* Port identifier */
+ uint32_t sci[2]; /* Secure Channel identifier */
+ uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+ uint32_t tci; /* TCI value, used if packet is not explicitly tagged */
+ uint32_t tci_mask;
+ uint32_t mac_sa[2];
+ uint32_t sa_mask; /* 0: ignore mac_sa */
+ uint32_t mac_da[2];
+ uint32_t da_mask; /* 0: ignore mac_da */
+ uint32_t protect;
+ uint32_t curr_an; /* SA index which currently used */
+} __attribute__((__packed__));
+
+struct add_rx_sa {
+ uint32_t index;
+ uint32_t next_pn;
+ uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct add_tx_sa {
+ uint32_t index;
+ uint32_t next_pn;
+ uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct get_stats {
+ uint32_t version_only;
+ uint32_t ingress_sa_index;
+ uint32_t egress_sa_index;
+ uint32_t egress_sc_index;
+} __attribute__((__packed__));
+
+struct macsec_stats {
+ uint32_t api_version;
+ /* Ingress Common Counters */
+ uint64_t in_ctl_pkts;
+ uint64_t in_tagged_miss_pkts;
+ uint64_t in_untagged_miss_pkts;
+ uint64_t in_notag_pkts;
+ uint64_t in_untagged_pkts;
+ uint64_t in_bad_tag_pkts;
+ uint64_t in_no_sci_pkts;
+ uint64_t in_unknown_sci_pkts;
+ uint64_t in_ctrl_prt_pass_pkts;
+ uint64_t in_unctrl_prt_pass_pkts;
+ uint64_t in_ctrl_prt_fail_pkts;
+ uint64_t in_unctrl_prt_fail_pkts;
+ uint64_t in_too_long_pkts;
+ uint64_t in_igpoc_ctl_pkts;
+ uint64_t in_ecc_error_pkts;
+ uint64_t in_unctrl_hit_drop_redir;
+
+ /* Egress Common Counters */
+ uint64_t out_ctl_pkts;
+ uint64_t out_unknown_sa_pkts;
+ uint64_t out_untagged_pkts;
+ uint64_t out_too_long;
+ uint64_t out_ecc_error_pkts;
+ uint64_t out_unctrl_hit_drop_redir;
+
+ /* Ingress SA Counters */
+ uint64_t in_untagged_hit_pkts;
+ uint64_t in_ctrl_hit_drop_redir_pkts;
+ uint64_t in_not_using_sa;
+ uint64_t in_unused_sa;
+ uint64_t in_not_valid_pkts;
+ uint64_t in_invalid_pkts;
+ uint64_t in_ok_pkts;
+ uint64_t in_late_pkts;
+ uint64_t in_delayed_pkts;
+ uint64_t in_unchecked_pkts;
+ uint64_t in_validated_octets;
+ uint64_t in_decrypted_octets;
+
+ /* Egress SA Counters */
+ uint64_t out_sa_hit_drop_redirect;
+ uint64_t out_sa_protected2_pkts;
+ uint64_t out_sa_protected_pkts;
+ uint64_t out_sa_encrypted_pkts;
+
+ /* Egress SC Counters */
+ uint64_t out_sc_protected_pkts;
+ uint64_t out_sc_encrypted_pkts;
+ uint64_t out_sc_protected_octets;
+ uint64_t out_sc_encrypted_octets;
+
+ /* SA Counters expiration info */
+ uint32_t egress_threshold_expired;
+ uint32_t ingress_threshold_expired;
+ uint32_t egress_expired;
+ uint32_t ingress_expired;
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_request {
+ uint32_t offset; /* not used */
+ uint32_t msg_type;
+
+ union {
+ struct macsec_cfg cfg;
+ struct add_rx_sc rxsc;
+ struct add_tx_sc txsc;
+ struct add_rx_sa rxsa;
+ struct add_tx_sa txsa;
+ struct get_stats stats;
+ };
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_response {
+ uint32_t result;
+ struct macsec_stats stats;
+} __attribute__((__packed__));
+
#define HAL_ATLANTIC_UTILS_CHIP_MIPS 0x00000001U
#define HAL_ATLANTIC_UTILS_CHIP_TPO2 0x00000002U
#define HAL_ATLANTIC_UTILS_CHIP_RPF2 0x00000004U
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 1/7] net/atlantic: macsec hardware structures declaration
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 1/7] net/atlantic: macsec hardware structures declaration Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
0 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
Here we define hardware and software configuration structures
for macsec interface. MACSEC itself is implemented in Phy module,
but its configuration is done via firmware interface
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_types.h | 37 ++++++
drivers/net/atlantic/hw_atl/hw_atl_utils.h | 148 +++++++++++++++++++++
2 files changed, 185 insertions(+)
diff --git a/drivers/net/atlantic/atl_types.h b/drivers/net/atlantic/atl_types.h
index 3edaf0c7c047..3cc9e96089e8 100644
--- a/drivers/net/atlantic/atl_types.h
+++ b/drivers/net/atlantic/atl_types.h
@@ -59,6 +59,39 @@ struct aq_rss_parameters {
u8 indirection_table[HW_ATL_B0_RSS_REDIRECTION_MAX];
};
+/* Macsec stuff */
+struct aq_macsec_config {
+ struct {
+ u32 macsec_enabled;
+ u32 encryption_enabled;
+ u32 replay_protection_enabled;
+ } common;
+
+ struct {
+ u32 idx;
+ u32 mac[2]; /* 6 bytes */
+ } txsc;
+
+ struct {
+ u32 idx;
+ u32 an; /* association number on the local side */
+ u32 pn; /* packet number on the local side */
+ u32 key[4]; /* 128 bit key */
+ } txsa;
+
+ struct {
+ u32 mac[2]; /* 6 bytes */
+ u32 pi;
+ } rxsc;
+
+ struct {
+ u32 idx;
+ u32 an; /* association number on the remote side */
+ u32 pn; /* packet number on the remote side */
+ u32 key[4]; /* 128 bit key */
+ } rxsa;
+};
+
struct aq_hw_cfg_s {
bool is_lro;
bool is_rss;
@@ -75,6 +108,7 @@ struct aq_hw_cfg_s {
uint32_t flow_control;
struct aq_rss_parameters aq_rss;
+ struct aq_macsec_config aq_macsec;
};
struct aq_hw_s {
@@ -143,6 +177,9 @@ struct aq_fw_ops {
int (*set_eeprom)(struct aq_hw_s *self, int dev_addr,
u32 *data, u32 len);
+ int (*send_macsec_req)(struct aq_hw_s *self,
+ struct macsec_msg_fw_request *req,
+ struct macsec_msg_fw_response *response);
};
struct atl_sw_stats {
diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils.h b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
index f2a87826c0d1..b7c531573623 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils.h
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
@@ -351,6 +351,154 @@ struct smbus_write_request {
u32 length;
} __attribute__((__packed__));
+enum macsec_msg_type {
+ macsec_cfg_msg = 0,
+ macsec_add_rx_sc_msg,
+ macsec_add_tx_sc_msg,
+ macsec_add_rx_sa_msg,
+ macsec_add_tx_sa_msg,
+ macsec_get_stats_msg,
+};
+
+struct macsec_cfg {
+ uint32_t enabled;
+ uint32_t egress_threshold;
+ uint32_t ingress_threshold;
+ uint32_t interrupts_enabled;
+} __attribute__((__packed__));
+
+struct add_rx_sc {
+ uint32_t index;
+ uint32_t pi; /* Port identifier */
+ uint32_t sci[2]; /* Secure Channel identifier */
+ uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+ uint32_t tci;
+ uint32_t tci_mask;
+ uint32_t mac_sa[2];
+ uint32_t sa_mask; /* 0: ignore mac_sa */
+ uint32_t mac_da[2];
+ uint32_t da_mask; /* 0: ignore mac_da */
+ uint32_t validate_frames; /* 0: strict, 1:check, 2:disabled */
+ uint32_t replay_protect; /* 1: enabled, 0:disabled */
+ uint32_t anti_replay_window; /* default 0 */
+ /* 1: auto_rollover enabled (when SA next_pn is saturated */
+ uint32_t an_rol;
+} __attribute__((__packed__));
+
+struct add_tx_sc {
+ uint32_t index;
+ uint32_t pi; /* Port identifier */
+ uint32_t sci[2]; /* Secure Channel identifier */
+ uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+ uint32_t tci; /* TCI value, used if packet is not explicitly tagged */
+ uint32_t tci_mask;
+ uint32_t mac_sa[2];
+ uint32_t sa_mask; /* 0: ignore mac_sa */
+ uint32_t mac_da[2];
+ uint32_t da_mask; /* 0: ignore mac_da */
+ uint32_t protect;
+ uint32_t curr_an; /* SA index which currently used */
+} __attribute__((__packed__));
+
+struct add_rx_sa {
+ uint32_t index;
+ uint32_t next_pn;
+ uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct add_tx_sa {
+ uint32_t index;
+ uint32_t next_pn;
+ uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct get_stats {
+ uint32_t version_only;
+ uint32_t ingress_sa_index;
+ uint32_t egress_sa_index;
+ uint32_t egress_sc_index;
+} __attribute__((__packed__));
+
+struct macsec_stats {
+ uint32_t api_version;
+ /* Ingress Common Counters */
+ uint64_t in_ctl_pkts;
+ uint64_t in_tagged_miss_pkts;
+ uint64_t in_untagged_miss_pkts;
+ uint64_t in_notag_pkts;
+ uint64_t in_untagged_pkts;
+ uint64_t in_bad_tag_pkts;
+ uint64_t in_no_sci_pkts;
+ uint64_t in_unknown_sci_pkts;
+ uint64_t in_ctrl_prt_pass_pkts;
+ uint64_t in_unctrl_prt_pass_pkts;
+ uint64_t in_ctrl_prt_fail_pkts;
+ uint64_t in_unctrl_prt_fail_pkts;
+ uint64_t in_too_long_pkts;
+ uint64_t in_igpoc_ctl_pkts;
+ uint64_t in_ecc_error_pkts;
+ uint64_t in_unctrl_hit_drop_redir;
+
+ /* Egress Common Counters */
+ uint64_t out_ctl_pkts;
+ uint64_t out_unknown_sa_pkts;
+ uint64_t out_untagged_pkts;
+ uint64_t out_too_long;
+ uint64_t out_ecc_error_pkts;
+ uint64_t out_unctrl_hit_drop_redir;
+
+ /* Ingress SA Counters */
+ uint64_t in_untagged_hit_pkts;
+ uint64_t in_ctrl_hit_drop_redir_pkts;
+ uint64_t in_not_using_sa;
+ uint64_t in_unused_sa;
+ uint64_t in_not_valid_pkts;
+ uint64_t in_invalid_pkts;
+ uint64_t in_ok_pkts;
+ uint64_t in_late_pkts;
+ uint64_t in_delayed_pkts;
+ uint64_t in_unchecked_pkts;
+ uint64_t in_validated_octets;
+ uint64_t in_decrypted_octets;
+
+ /* Egress SA Counters */
+ uint64_t out_sa_hit_drop_redirect;
+ uint64_t out_sa_protected2_pkts;
+ uint64_t out_sa_protected_pkts;
+ uint64_t out_sa_encrypted_pkts;
+
+ /* Egress SC Counters */
+ uint64_t out_sc_protected_pkts;
+ uint64_t out_sc_encrypted_pkts;
+ uint64_t out_sc_protected_octets;
+ uint64_t out_sc_encrypted_octets;
+
+ /* SA Counters expiration info */
+ uint32_t egress_threshold_expired;
+ uint32_t ingress_threshold_expired;
+ uint32_t egress_expired;
+ uint32_t ingress_expired;
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_request {
+ uint32_t offset; /* not used */
+ uint32_t msg_type;
+
+ union {
+ struct macsec_cfg cfg;
+ struct add_rx_sc rxsc;
+ struct add_tx_sc txsc;
+ struct add_rx_sa rxsa;
+ struct add_tx_sa txsa;
+ struct get_stats stats;
+ };
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_response {
+ uint32_t result;
+ struct macsec_stats stats;
+} __attribute__((__packed__));
+
#define HAL_ATLANTIC_UTILS_CHIP_MIPS 0x00000001U
#define HAL_ATLANTIC_UTILS_CHIP_TPO2 0x00000002U
#define HAL_ATLANTIC_UTILS_CHIP_RPF2 0x00000004U
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 1/7] net/atlantic: macsec hardware structures declaration Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 17:14 ` Ferruh Yigit
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 3/7] net/atlantic: macsec firmware interface Igor Russkikh
` (4 subsequent siblings)
7 siblings, 2 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
This is a driver side of macsec configuration routines.
It fills in config structures and sends requests to FW
for configuration activities.
We declare macsec offload bits in DPDK offload capabilities.
Also update documentation with feature matrix for the
enabled feature.
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
doc/guides/nics/atlantic.rst | 6 +
doc/guides/nics/features/atlantic.ini | 1 +
drivers/net/atlantic/atl_ethdev.c | 216 ++++++++++++++++++++++++++
drivers/net/atlantic/atl_ethdev.h | 12 ++
4 files changed, 235 insertions(+)
diff --git a/doc/guides/nics/atlantic.rst b/doc/guides/nics/atlantic.rst
index 80591b13c185..22f2410d0e9a 100644
--- a/doc/guides/nics/atlantic.rst
+++ b/doc/guides/nics/atlantic.rst
@@ -19,6 +19,12 @@ Supported features
- RSS (Receive Side Scaling)
- Checksum offload
- Jumbo Frame upto 16K
+- MACSEC offload
+
+Experimental API features
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- MACSEC PMD API is considered as experimental and is subject to change/removal in next DPDK releases.
Configuration Information
^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/doc/guides/nics/features/atlantic.ini b/doc/guides/nics/features/atlantic.ini
index 5ed095b14323..2bb8ecc01789 100644
--- a/doc/guides/nics/features/atlantic.ini
+++ b/doc/guides/nics/features/atlantic.ini
@@ -20,6 +20,7 @@ VLAN filter = Y
Flow control = Y
CRC offload = Y
VLAN offload = Y
+MACsec offload = Y
L3 checksum offload = Y
L4 checksum offload = Y
Packet type parsing = Y
diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index 8327863cd9b6..1e91f162f6c2 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -167,6 +167,7 @@ static struct rte_pci_driver rte_atl_pmd = {
| DEV_RX_OFFLOAD_UDP_CKSUM \
| DEV_RX_OFFLOAD_TCP_CKSUM \
| DEV_RX_OFFLOAD_JUMBO_FRAME \
+ | DEV_RX_OFFLOAD_MACSEC_STRIP \
| DEV_RX_OFFLOAD_VLAN_FILTER)
#define ATL_TX_OFFLOADS (DEV_TX_OFFLOAD_VLAN_INSERT \
@@ -174,6 +175,7 @@ static struct rte_pci_driver rte_atl_pmd = {
| DEV_TX_OFFLOAD_UDP_CKSUM \
| DEV_TX_OFFLOAD_TCP_CKSUM \
| DEV_TX_OFFLOAD_TCP_TSO \
+ | DEV_TX_OFFLOAD_MACSEC_INSERT \
| DEV_TX_OFFLOAD_MULTI_SEGS)
static const struct rte_eth_desc_lim rx_desc_lim = {
@@ -698,6 +700,205 @@ atl_dev_reset(struct rte_eth_dev *dev)
return ret;
}
+static int
+atl_dev_configure_macsec(struct rte_eth_dev *dev)
+{
+ struct aq_hw_s *hw = ATL_DEV_PRIVATE_TO_HW(dev->data->dev_private);
+ struct aq_hw_cfg_s *cf = ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+ struct aq_macsec_config *aqcfg = &cf->aq_macsec;
+ struct macsec_msg_fw_request msg_macsec;
+ struct macsec_msg_fw_response response;
+
+ if (!aqcfg->common.macsec_enabled ||
+ hw->aq_fw_ops->send_macsec_req == NULL)
+ return 0;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Creating set of sc/sa structures from parameters provided by DPDK */
+
+ /* Configure macsec */
+ msg_macsec.msg_type = macsec_cfg_msg;
+ msg_macsec.cfg.enabled = aqcfg->common.macsec_enabled;
+ msg_macsec.cfg.interrupts_enabled = 1;
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure TX SC */
+
+ msg_macsec.msg_type = macsec_add_tx_sc_msg;
+ msg_macsec.txsc.index = 0; /* TXSC always one (??) */
+ msg_macsec.txsc.protect = aqcfg->common.encryption_enabled;
+
+ /* MAC addr for TX */
+ msg_macsec.txsc.mac_sa[0] = rte_bswap32(aqcfg->txsc.mac[1]);
+ msg_macsec.txsc.mac_sa[1] = rte_bswap32(aqcfg->txsc.mac[0]);
+ msg_macsec.txsc.sa_mask = 0x3f;
+
+ msg_macsec.txsc.da_mask = 0;
+ msg_macsec.txsc.tci = 0x0B;
+ msg_macsec.txsc.curr_an = 0; /* SA index which currently used */
+
+ /*
+ * Creating SCI (Secure Channel Identifier).
+ * SCI constructed from Source MAC and Port identifier
+ */
+ uint32_t sci_hi_part = (msg_macsec.txsc.mac_sa[1] << 16) |
+ (msg_macsec.txsc.mac_sa[0] >> 16);
+ uint32_t sci_low_part = (msg_macsec.txsc.mac_sa[0] << 16);
+
+ uint32_t port_identifier = 1;
+
+ msg_macsec.txsc.sci[1] = sci_hi_part;
+ msg_macsec.txsc.sci[0] = sci_low_part | port_identifier;
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure RX SC */
+
+ msg_macsec.msg_type = macsec_add_rx_sc_msg;
+ msg_macsec.rxsc.index = aqcfg->rxsc.pi;
+ msg_macsec.rxsc.replay_protect =
+ aqcfg->common.replay_protection_enabled;
+ msg_macsec.rxsc.anti_replay_window = 0;
+
+ /* MAC addr for RX */
+ msg_macsec.rxsc.mac_da[0] = rte_bswap32(aqcfg->rxsc.mac[1]);
+ msg_macsec.rxsc.mac_da[1] = rte_bswap32(aqcfg->rxsc.mac[0]);
+ msg_macsec.rxsc.da_mask = 0;//0x3f;
+
+ msg_macsec.rxsc.sa_mask = 0;
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure RX SC */
+
+ msg_macsec.msg_type = macsec_add_tx_sa_msg;
+ msg_macsec.txsa.index = aqcfg->txsa.idx;
+ msg_macsec.txsa.next_pn = aqcfg->txsa.pn;
+
+ msg_macsec.txsa.key[0] = rte_bswap32(aqcfg->txsa.key[3]);
+ msg_macsec.txsa.key[1] = rte_bswap32(aqcfg->txsa.key[2]);
+ msg_macsec.txsa.key[2] = rte_bswap32(aqcfg->txsa.key[1]);
+ msg_macsec.txsa.key[3] = rte_bswap32(aqcfg->txsa.key[0]);
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure RX SA */
+
+ msg_macsec.msg_type = macsec_add_rx_sa_msg;
+ msg_macsec.rxsa.index = aqcfg->rxsa.idx;
+ msg_macsec.rxsa.next_pn = aqcfg->rxsa.pn;
+
+ msg_macsec.rxsa.key[0] = rte_bswap32(aqcfg->rxsa.key[3]);
+ msg_macsec.rxsa.key[1] = rte_bswap32(aqcfg->rxsa.key[2]);
+ msg_macsec.rxsa.key[2] = rte_bswap32(aqcfg->rxsa.key[1]);
+ msg_macsec.rxsa.key[3] = rte_bswap32(aqcfg->rxsa.key[0]);
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ return 0;
+}
+
+int atl_macsec_enable(struct rte_eth_dev *dev,
+ uint8_t encr, uint8_t repl_prot)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.common.macsec_enabled = 1;
+ cfg->aq_macsec.common.encryption_enabled = encr;
+ cfg->aq_macsec.common.replay_protection_enabled = repl_prot;
+
+ return 0;
+}
+
+int atl_macsec_disable(struct rte_eth_dev *dev)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.common.macsec_enabled = 0;
+
+ return 0;
+}
+
+int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ memset(&cfg->aq_macsec.txsc.mac, 0, sizeof(cfg->aq_macsec.txsc.mac));
+ memcpy((uint8_t *)&cfg->aq_macsec.txsc.mac + 2, mac, ETHER_ADDR_LEN);
+
+ return 0;
+}
+
+int atl_macsec_config_rxsc(struct rte_eth_dev *dev,
+ uint8_t *mac, uint16_t pi)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ memset(&cfg->aq_macsec.rxsc.mac, 0, sizeof(cfg->aq_macsec.rxsc.mac));
+ memcpy((uint8_t *)&cfg->aq_macsec.rxsc.mac + 2, mac, ETHER_ADDR_LEN);
+ cfg->aq_macsec.rxsc.pi = pi;
+
+ return 0;
+}
+
+int atl_macsec_select_txsa(struct rte_eth_dev *dev,
+ uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.txsa.idx = idx;
+ cfg->aq_macsec.txsa.pn = pn;
+ cfg->aq_macsec.txsa.an = an;
+
+ memcpy(&cfg->aq_macsec.txsa.key, key, 16);
+ return 0;
+}
+
+int atl_macsec_select_rxsa(struct rte_eth_dev *dev,
+ uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.rxsa.idx = idx;
+ cfg->aq_macsec.rxsa.pn = pn;
+ cfg->aq_macsec.rxsa.an = an;
+
+ memcpy(&cfg->aq_macsec.rxsa.key, key, 16);
+ return 0;
+}
static int
atl_dev_stats_get(struct rte_eth_dev *dev, struct rte_eth_stats *stats)
@@ -1532,6 +1733,21 @@ atl_rss_hash_conf_get(struct rte_eth_dev *dev,
return 0;
}
+static bool
+is_device_supported(struct rte_eth_dev *dev, struct rte_pci_driver *drv)
+{
+ if (strcmp(dev->device->driver->name, drv->driver.name))
+ return false;
+
+ return true;
+}
+
+bool
+is_atlantic_supported(struct rte_eth_dev *dev)
+{
+ return is_device_supported(dev, &rte_atl_pmd);
+}
+
RTE_PMD_REGISTER_PCI(net_atlantic, rte_atl_pmd);
RTE_PMD_REGISTER_PCI_TABLE(net_atlantic, pci_id_atl_map);
RTE_PMD_REGISTER_KMOD_DEP(net_atlantic, "* igb_uio | uio_pci_generic");
diff --git a/drivers/net/atlantic/atl_ethdev.h b/drivers/net/atlantic/atl_ethdev.h
index 1e29999b539c..b162138c59d3 100644
--- a/drivers/net/atlantic/atl_ethdev.h
+++ b/drivers/net/atlantic/atl_ethdev.h
@@ -104,4 +104,16 @@ uint16_t atl_xmit_pkts(void *tx_queue, struct rte_mbuf **tx_pkts,
uint16_t atl_prep_pkts(void *tx_queue, struct rte_mbuf **tx_pkts,
uint16_t nb_pkts);
+int atl_macsec_enable(struct rte_eth_dev *dev, uint8_t encr, uint8_t repl_prot);
+int atl_macsec_disable(struct rte_eth_dev *dev);
+int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac);
+int atl_macsec_config_rxsc(struct rte_eth_dev *dev,
+ uint8_t *mac, uint16_t pi);
+int atl_macsec_select_txsa(struct rte_eth_dev *dev, uint8_t idx,
+ uint8_t an, uint32_t pn, uint8_t *key);
+int atl_macsec_select_rxsa(struct rte_eth_dev *dev, uint8_t idx,
+ uint8_t an, uint32_t pn, uint8_t *key);
+
+bool is_atlantic_supported(struct rte_eth_dev *dev);
+
#endif /* _ATLANTIC_ETHDEV_H_ */
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 17:14 ` Ferruh Yigit
1 sibling, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
This is a driver side of macsec configuration routines.
It fills in config structures and sends requests to FW
for configuration activities.
We declare macsec offload bits in DPDK offload capabilities.
Also update documentation with feature matrix for the
enabled feature.
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
doc/guides/nics/atlantic.rst | 6 +
doc/guides/nics/features/atlantic.ini | 1 +
drivers/net/atlantic/atl_ethdev.c | 216 ++++++++++++++++++++++++++
drivers/net/atlantic/atl_ethdev.h | 12 ++
4 files changed, 235 insertions(+)
diff --git a/doc/guides/nics/atlantic.rst b/doc/guides/nics/atlantic.rst
index 80591b13c185..22f2410d0e9a 100644
--- a/doc/guides/nics/atlantic.rst
+++ b/doc/guides/nics/atlantic.rst
@@ -19,6 +19,12 @@ Supported features
- RSS (Receive Side Scaling)
- Checksum offload
- Jumbo Frame upto 16K
+- MACSEC offload
+
+Experimental API features
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- MACSEC PMD API is considered as experimental and is subject to change/removal in next DPDK releases.
Configuration Information
^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/doc/guides/nics/features/atlantic.ini b/doc/guides/nics/features/atlantic.ini
index 5ed095b14323..2bb8ecc01789 100644
--- a/doc/guides/nics/features/atlantic.ini
+++ b/doc/guides/nics/features/atlantic.ini
@@ -20,6 +20,7 @@ VLAN filter = Y
Flow control = Y
CRC offload = Y
VLAN offload = Y
+MACsec offload = Y
L3 checksum offload = Y
L4 checksum offload = Y
Packet type parsing = Y
diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index 8327863cd9b6..1e91f162f6c2 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -167,6 +167,7 @@ static struct rte_pci_driver rte_atl_pmd = {
| DEV_RX_OFFLOAD_UDP_CKSUM \
| DEV_RX_OFFLOAD_TCP_CKSUM \
| DEV_RX_OFFLOAD_JUMBO_FRAME \
+ | DEV_RX_OFFLOAD_MACSEC_STRIP \
| DEV_RX_OFFLOAD_VLAN_FILTER)
#define ATL_TX_OFFLOADS (DEV_TX_OFFLOAD_VLAN_INSERT \
@@ -174,6 +175,7 @@ static struct rte_pci_driver rte_atl_pmd = {
| DEV_TX_OFFLOAD_UDP_CKSUM \
| DEV_TX_OFFLOAD_TCP_CKSUM \
| DEV_TX_OFFLOAD_TCP_TSO \
+ | DEV_TX_OFFLOAD_MACSEC_INSERT \
| DEV_TX_OFFLOAD_MULTI_SEGS)
static const struct rte_eth_desc_lim rx_desc_lim = {
@@ -698,6 +700,205 @@ atl_dev_reset(struct rte_eth_dev *dev)
return ret;
}
+static int
+atl_dev_configure_macsec(struct rte_eth_dev *dev)
+{
+ struct aq_hw_s *hw = ATL_DEV_PRIVATE_TO_HW(dev->data->dev_private);
+ struct aq_hw_cfg_s *cf = ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+ struct aq_macsec_config *aqcfg = &cf->aq_macsec;
+ struct macsec_msg_fw_request msg_macsec;
+ struct macsec_msg_fw_response response;
+
+ if (!aqcfg->common.macsec_enabled ||
+ hw->aq_fw_ops->send_macsec_req == NULL)
+ return 0;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Creating set of sc/sa structures from parameters provided by DPDK */
+
+ /* Configure macsec */
+ msg_macsec.msg_type = macsec_cfg_msg;
+ msg_macsec.cfg.enabled = aqcfg->common.macsec_enabled;
+ msg_macsec.cfg.interrupts_enabled = 1;
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure TX SC */
+
+ msg_macsec.msg_type = macsec_add_tx_sc_msg;
+ msg_macsec.txsc.index = 0; /* TXSC always one (??) */
+ msg_macsec.txsc.protect = aqcfg->common.encryption_enabled;
+
+ /* MAC addr for TX */
+ msg_macsec.txsc.mac_sa[0] = rte_bswap32(aqcfg->txsc.mac[1]);
+ msg_macsec.txsc.mac_sa[1] = rte_bswap32(aqcfg->txsc.mac[0]);
+ msg_macsec.txsc.sa_mask = 0x3f;
+
+ msg_macsec.txsc.da_mask = 0;
+ msg_macsec.txsc.tci = 0x0B;
+ msg_macsec.txsc.curr_an = 0; /* SA index which currently used */
+
+ /*
+ * Creating SCI (Secure Channel Identifier).
+ * SCI constructed from Source MAC and Port identifier
+ */
+ uint32_t sci_hi_part = (msg_macsec.txsc.mac_sa[1] << 16) |
+ (msg_macsec.txsc.mac_sa[0] >> 16);
+ uint32_t sci_low_part = (msg_macsec.txsc.mac_sa[0] << 16);
+
+ uint32_t port_identifier = 1;
+
+ msg_macsec.txsc.sci[1] = sci_hi_part;
+ msg_macsec.txsc.sci[0] = sci_low_part | port_identifier;
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure RX SC */
+
+ msg_macsec.msg_type = macsec_add_rx_sc_msg;
+ msg_macsec.rxsc.index = aqcfg->rxsc.pi;
+ msg_macsec.rxsc.replay_protect =
+ aqcfg->common.replay_protection_enabled;
+ msg_macsec.rxsc.anti_replay_window = 0;
+
+ /* MAC addr for RX */
+ msg_macsec.rxsc.mac_da[0] = rte_bswap32(aqcfg->rxsc.mac[1]);
+ msg_macsec.rxsc.mac_da[1] = rte_bswap32(aqcfg->rxsc.mac[0]);
+ msg_macsec.rxsc.da_mask = 0;//0x3f;
+
+ msg_macsec.rxsc.sa_mask = 0;
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure RX SC */
+
+ msg_macsec.msg_type = macsec_add_tx_sa_msg;
+ msg_macsec.txsa.index = aqcfg->txsa.idx;
+ msg_macsec.txsa.next_pn = aqcfg->txsa.pn;
+
+ msg_macsec.txsa.key[0] = rte_bswap32(aqcfg->txsa.key[3]);
+ msg_macsec.txsa.key[1] = rte_bswap32(aqcfg->txsa.key[2]);
+ msg_macsec.txsa.key[2] = rte_bswap32(aqcfg->txsa.key[1]);
+ msg_macsec.txsa.key[3] = rte_bswap32(aqcfg->txsa.key[0]);
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+ /* Configure RX SA */
+
+ msg_macsec.msg_type = macsec_add_rx_sa_msg;
+ msg_macsec.rxsa.index = aqcfg->rxsa.idx;
+ msg_macsec.rxsa.next_pn = aqcfg->rxsa.pn;
+
+ msg_macsec.rxsa.key[0] = rte_bswap32(aqcfg->rxsa.key[3]);
+ msg_macsec.rxsa.key[1] = rte_bswap32(aqcfg->rxsa.key[2]);
+ msg_macsec.rxsa.key[2] = rte_bswap32(aqcfg->rxsa.key[1]);
+ msg_macsec.rxsa.key[3] = rte_bswap32(aqcfg->rxsa.key[0]);
+
+ hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+ if (response.result)
+ return -1;
+
+ return 0;
+}
+
+int atl_macsec_enable(struct rte_eth_dev *dev,
+ uint8_t encr, uint8_t repl_prot)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.common.macsec_enabled = 1;
+ cfg->aq_macsec.common.encryption_enabled = encr;
+ cfg->aq_macsec.common.replay_protection_enabled = repl_prot;
+
+ return 0;
+}
+
+int atl_macsec_disable(struct rte_eth_dev *dev)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.common.macsec_enabled = 0;
+
+ return 0;
+}
+
+int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ memset(&cfg->aq_macsec.txsc.mac, 0, sizeof(cfg->aq_macsec.txsc.mac));
+ memcpy((uint8_t *)&cfg->aq_macsec.txsc.mac + 2, mac, ETHER_ADDR_LEN);
+
+ return 0;
+}
+
+int atl_macsec_config_rxsc(struct rte_eth_dev *dev,
+ uint8_t *mac, uint16_t pi)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ memset(&cfg->aq_macsec.rxsc.mac, 0, sizeof(cfg->aq_macsec.rxsc.mac));
+ memcpy((uint8_t *)&cfg->aq_macsec.rxsc.mac + 2, mac, ETHER_ADDR_LEN);
+ cfg->aq_macsec.rxsc.pi = pi;
+
+ return 0;
+}
+
+int atl_macsec_select_txsa(struct rte_eth_dev *dev,
+ uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.txsa.idx = idx;
+ cfg->aq_macsec.txsa.pn = pn;
+ cfg->aq_macsec.txsa.an = an;
+
+ memcpy(&cfg->aq_macsec.txsa.key, key, 16);
+ return 0;
+}
+
+int atl_macsec_select_rxsa(struct rte_eth_dev *dev,
+ uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct aq_hw_cfg_s *cfg =
+ ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+ cfg->aq_macsec.rxsa.idx = idx;
+ cfg->aq_macsec.rxsa.pn = pn;
+ cfg->aq_macsec.rxsa.an = an;
+
+ memcpy(&cfg->aq_macsec.rxsa.key, key, 16);
+ return 0;
+}
static int
atl_dev_stats_get(struct rte_eth_dev *dev, struct rte_eth_stats *stats)
@@ -1532,6 +1733,21 @@ atl_rss_hash_conf_get(struct rte_eth_dev *dev,
return 0;
}
+static bool
+is_device_supported(struct rte_eth_dev *dev, struct rte_pci_driver *drv)
+{
+ if (strcmp(dev->device->driver->name, drv->driver.name))
+ return false;
+
+ return true;
+}
+
+bool
+is_atlantic_supported(struct rte_eth_dev *dev)
+{
+ return is_device_supported(dev, &rte_atl_pmd);
+}
+
RTE_PMD_REGISTER_PCI(net_atlantic, rte_atl_pmd);
RTE_PMD_REGISTER_PCI_TABLE(net_atlantic, pci_id_atl_map);
RTE_PMD_REGISTER_KMOD_DEP(net_atlantic, "* igb_uio | uio_pci_generic");
diff --git a/drivers/net/atlantic/atl_ethdev.h b/drivers/net/atlantic/atl_ethdev.h
index 1e29999b539c..b162138c59d3 100644
--- a/drivers/net/atlantic/atl_ethdev.h
+++ b/drivers/net/atlantic/atl_ethdev.h
@@ -104,4 +104,16 @@ uint16_t atl_xmit_pkts(void *tx_queue, struct rte_mbuf **tx_pkts,
uint16_t atl_prep_pkts(void *tx_queue, struct rte_mbuf **tx_pkts,
uint16_t nb_pkts);
+int atl_macsec_enable(struct rte_eth_dev *dev, uint8_t encr, uint8_t repl_prot);
+int atl_macsec_disable(struct rte_eth_dev *dev);
+int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac);
+int atl_macsec_config_rxsc(struct rte_eth_dev *dev,
+ uint8_t *mac, uint16_t pi);
+int atl_macsec_select_txsa(struct rte_eth_dev *dev, uint8_t idx,
+ uint8_t an, uint32_t pn, uint8_t *key);
+int atl_macsec_select_rxsa(struct rte_eth_dev *dev, uint8_t idx,
+ uint8_t an, uint32_t pn, uint8_t *key);
+
+bool is_atlantic_supported(struct rte_eth_dev *dev);
+
#endif /* _ATLANTIC_ETHDEV_H_ */
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 3/7] net/atlantic: macsec firmware interface
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
` (2 preceding siblings ...)
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 4/7] net/atlantic: interrupt handling of macsec events Igor Russkikh
` (3 subsequent siblings)
7 siblings, 1 reply; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
Implementation of firmware interface for macsec configuration.
Structure with config data is written into FW memory, then we trigger
FW to execute the request and wait for result.
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_types.h | 2 +
.../net/atlantic/hw_atl/hw_atl_utils_fw2x.c | 51 +++++++++++++++++++
2 files changed, 53 insertions(+)
diff --git a/drivers/net/atlantic/atl_types.h b/drivers/net/atlantic/atl_types.h
index 3cc9e96089e8..dbaf2c635f50 100644
--- a/drivers/net/atlantic/atl_types.h
+++ b/drivers/net/atlantic/atl_types.h
@@ -128,6 +128,8 @@ struct aq_hw_s {
struct hw_atl_stats_s last_stats;
struct aq_stats_s curr_stats;
+ u32 caps_lo;
+
u64 speed;
unsigned int chip_features;
u32 fw_ver_actual;
diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c b/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
index f215ceb70435..89a3759b89b4 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
@@ -62,6 +62,7 @@ static int aq_fw2x_set_state(struct aq_hw_s *self,
static int aq_fw2x_init(struct aq_hw_s *self)
{
int err = 0;
+ struct hw_aq_atl_utils_mbox mbox;
/* check 10 times by 1ms */
AQ_HW_WAIT_FOR(0U != (self->mbox_addr =
@@ -70,6 +71,12 @@ static int aq_fw2x_init(struct aq_hw_s *self)
AQ_HW_WAIT_FOR(0U != (self->rpc_addr =
aq_hw_read_reg(self, HW_ATL_FW2X_MPI_RPC_ADDR)),
1000U, 100U);
+
+ /* Read caps */
+ hw_atl_utils_mpi_read_stats(self, &mbox);
+
+ self->caps_lo = mbox.info.caps_lo;
+
return err;
}
@@ -623,6 +630,49 @@ static int aq_fw2x_set_eeprom(struct aq_hw_s *self, int dev_addr,
return 0;
}
+static int aq_fw2x_send_macsec_request(struct aq_hw_s *self,
+ struct macsec_msg_fw_request *req,
+ struct macsec_msg_fw_response *response)
+{
+ int err = 0;
+ u32 mpi_opts = 0;
+
+ if (!response || !response)
+ return 0;
+
+ if ((self->caps_lo & BIT(CAPS_LO_MACSEC)) == 0)
+ return -EOPNOTSUPP;
+
+ /* Write macsec request to cfg memory */
+ err = hw_atl_utils_fw_upload_dwords(self, self->rpc_addr,
+ (u32 *)(void *)req,
+ RTE_ALIGN(sizeof(*req) / sizeof(u32), sizeof(u32)));
+
+ if (err < 0)
+ return err;
+
+ /* Toggle 0x368.CAPS_LO_MACSEC bit */
+ mpi_opts = aq_hw_read_reg(self, HW_ATL_FW2X_MPI_CONTROL_ADDR);
+ mpi_opts ^= BIT(CAPS_LO_MACSEC);
+
+ aq_hw_write_reg(self, HW_ATL_FW2X_MPI_CONTROL_ADDR, mpi_opts);
+
+ /* Wait until REQUEST_BIT matched in 0x370 */
+ AQ_HW_WAIT_FOR((aq_hw_read_reg(self, HW_ATL_FW2X_MPI_STATE_ADDR) &
+ BIT(CAPS_LO_MACSEC)) == (mpi_opts & BIT(CAPS_LO_MACSEC)),
+ 1000U, 10000U);
+
+ if (err < 0)
+ return err;
+
+ /* Read status of write operation */
+ err = hw_atl_utils_fw_downld_dwords(self, self->rpc_addr + sizeof(u32),
+ (u32 *)(void *)response,
+ RTE_ALIGN(sizeof(*response) / sizeof(u32), sizeof(u32)));
+
+ return err;
+}
+
const struct aq_fw_ops aq_fw_2x_ops = {
.init = aq_fw2x_init,
.deinit = aq_fw2x_deinit,
@@ -641,4 +691,5 @@ const struct aq_fw_ops aq_fw_2x_ops = {
.led_control = aq_fw2x_led_control,
.get_eeprom = aq_fw2x_get_eeprom,
.set_eeprom = aq_fw2x_set_eeprom,
+ .send_macsec_req = aq_fw2x_send_macsec_request,
};
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 3/7] net/atlantic: macsec firmware interface
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 3/7] net/atlantic: macsec firmware interface Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
0 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
Implementation of firmware interface for macsec configuration.
Structure with config data is written into FW memory, then we trigger
FW to execute the request and wait for result.
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_types.h | 2 +
.../net/atlantic/hw_atl/hw_atl_utils_fw2x.c | 51 +++++++++++++++++++
2 files changed, 53 insertions(+)
diff --git a/drivers/net/atlantic/atl_types.h b/drivers/net/atlantic/atl_types.h
index 3cc9e96089e8..dbaf2c635f50 100644
--- a/drivers/net/atlantic/atl_types.h
+++ b/drivers/net/atlantic/atl_types.h
@@ -128,6 +128,8 @@ struct aq_hw_s {
struct hw_atl_stats_s last_stats;
struct aq_stats_s curr_stats;
+ u32 caps_lo;
+
u64 speed;
unsigned int chip_features;
u32 fw_ver_actual;
diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c b/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
index f215ceb70435..89a3759b89b4 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
@@ -62,6 +62,7 @@ static int aq_fw2x_set_state(struct aq_hw_s *self,
static int aq_fw2x_init(struct aq_hw_s *self)
{
int err = 0;
+ struct hw_aq_atl_utils_mbox mbox;
/* check 10 times by 1ms */
AQ_HW_WAIT_FOR(0U != (self->mbox_addr =
@@ -70,6 +71,12 @@ static int aq_fw2x_init(struct aq_hw_s *self)
AQ_HW_WAIT_FOR(0U != (self->rpc_addr =
aq_hw_read_reg(self, HW_ATL_FW2X_MPI_RPC_ADDR)),
1000U, 100U);
+
+ /* Read caps */
+ hw_atl_utils_mpi_read_stats(self, &mbox);
+
+ self->caps_lo = mbox.info.caps_lo;
+
return err;
}
@@ -623,6 +630,49 @@ static int aq_fw2x_set_eeprom(struct aq_hw_s *self, int dev_addr,
return 0;
}
+static int aq_fw2x_send_macsec_request(struct aq_hw_s *self,
+ struct macsec_msg_fw_request *req,
+ struct macsec_msg_fw_response *response)
+{
+ int err = 0;
+ u32 mpi_opts = 0;
+
+ if (!response || !response)
+ return 0;
+
+ if ((self->caps_lo & BIT(CAPS_LO_MACSEC)) == 0)
+ return -EOPNOTSUPP;
+
+ /* Write macsec request to cfg memory */
+ err = hw_atl_utils_fw_upload_dwords(self, self->rpc_addr,
+ (u32 *)(void *)req,
+ RTE_ALIGN(sizeof(*req) / sizeof(u32), sizeof(u32)));
+
+ if (err < 0)
+ return err;
+
+ /* Toggle 0x368.CAPS_LO_MACSEC bit */
+ mpi_opts = aq_hw_read_reg(self, HW_ATL_FW2X_MPI_CONTROL_ADDR);
+ mpi_opts ^= BIT(CAPS_LO_MACSEC);
+
+ aq_hw_write_reg(self, HW_ATL_FW2X_MPI_CONTROL_ADDR, mpi_opts);
+
+ /* Wait until REQUEST_BIT matched in 0x370 */
+ AQ_HW_WAIT_FOR((aq_hw_read_reg(self, HW_ATL_FW2X_MPI_STATE_ADDR) &
+ BIT(CAPS_LO_MACSEC)) == (mpi_opts & BIT(CAPS_LO_MACSEC)),
+ 1000U, 10000U);
+
+ if (err < 0)
+ return err;
+
+ /* Read status of write operation */
+ err = hw_atl_utils_fw_downld_dwords(self, self->rpc_addr + sizeof(u32),
+ (u32 *)(void *)response,
+ RTE_ALIGN(sizeof(*response) / sizeof(u32), sizeof(u32)));
+
+ return err;
+}
+
const struct aq_fw_ops aq_fw_2x_ops = {
.init = aq_fw2x_init,
.deinit = aq_fw2x_deinit,
@@ -641,4 +691,5 @@ const struct aq_fw_ops aq_fw_2x_ops = {
.led_control = aq_fw2x_led_control,
.get_eeprom = aq_fw2x_get_eeprom,
.set_eeprom = aq_fw2x_set_eeprom,
+ .send_macsec_req = aq_fw2x_send_macsec_request,
};
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 4/7] net/atlantic: interrupt handling of macsec events
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
` (3 preceding siblings ...)
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 3/7] net/atlantic: macsec firmware interface Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 5/7] net/atlantic: implement macsec statistics Igor Russkikh
` (2 subsequent siblings)
7 siblings, 1 reply; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
MACSEC should be configured only after link up event, thus we use
link interrupt to file an alarm for configuration.
FW also uses link interrupt line to indicate incoming events from
MACSEC. These may include key expiration, packet counter wrap, etc.
We pass these events to the upper layers.
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_ethdev.c | 66 ++++++++++++++++++++++++++-----
drivers/net/atlantic/atl_ethdev.h | 2 +-
2 files changed, 57 insertions(+), 11 deletions(-)
diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index 1e91f162f6c2..dfcb3029b92f 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -4,6 +4,7 @@
#include <rte_string_fns.h>
#include <rte_ethdev_pci.h>
+#include <rte_alarm.h>
#include "atl_ethdev.h"
#include "atl_common.h"
@@ -1070,13 +1071,20 @@ atl_dev_supported_ptypes_get(struct rte_eth_dev *dev)
return NULL;
}
+static void
+atl_dev_delayed_handler(void *param)
+{
+ struct rte_eth_dev *dev = (struct rte_eth_dev *)param;
+
+ atl_dev_configure_macsec(dev);
+}
+
+
/* return 0 means link status changed, -1 means not changed */
static int
atl_dev_link_update(struct rte_eth_dev *dev, int wait __rte_unused)
{
struct aq_hw_s *hw = ATL_DEV_PRIVATE_TO_HW(dev->data->dev_private);
- struct atl_interrupt *intr =
- ATL_DEV_PRIVATE_TO_INTR(dev->data->dev_private);
struct rte_eth_link link, old;
int err = 0;
@@ -1103,8 +1111,6 @@ atl_dev_link_update(struct rte_eth_dev *dev, int wait __rte_unused)
return 0;
}
- intr->flags &= ~ATL_FLAG_NEED_LINK_CONFIG;
-
link.link_status = ETH_LINK_UP;
link.link_duplex = ETH_LINK_FULL_DUPLEX;
link.link_speed = hw->aq_link_status.mbps;
@@ -1114,6 +1120,10 @@ atl_dev_link_update(struct rte_eth_dev *dev, int wait __rte_unused)
if (link.link_status == old.link_status)
return -1;
+ if (rte_eal_alarm_set(1000 * 1000,
+ atl_dev_delayed_handler, (void *)dev) < 0)
+ PMD_DRV_LOG(ERR, "rte_eal_alarm_set fail");
+
return 0;
}
@@ -1191,8 +1201,9 @@ atl_dev_interrupt_get_status(struct rte_eth_dev *dev)
hw_atl_b0_hw_irq_read(hw, &cause);
atl_disable_intr(hw);
- intr->flags = cause & BIT(ATL_IRQ_CAUSE_LINK) ?
- ATL_FLAG_NEED_LINK_UPDATE : 0;
+
+ if (cause & BIT(ATL_IRQ_CAUSE_LINK))
+ intr->flags |= ATL_FLAG_NEED_LINK_UPDATE;
return 0;
}
@@ -1257,15 +1268,50 @@ atl_dev_interrupt_action(struct rte_eth_dev *dev,
{
struct atl_interrupt *intr =
ATL_DEV_PRIVATE_TO_INTR(dev->data->dev_private);
+ struct atl_adapter *adapter =
+ (struct atl_adapter *)dev->data->dev_private;
+ struct aq_hw_s *hw = &adapter->hw;
+
+ if (!(intr->flags & ATL_FLAG_NEED_LINK_UPDATE))
+ goto done;
- if (intr->flags & ATL_FLAG_NEED_LINK_UPDATE) {
- atl_dev_link_update(dev, 0);
- intr->flags &= ~ATL_FLAG_NEED_LINK_UPDATE;
+ intr->flags &= ~ATL_FLAG_NEED_LINK_UPDATE;
+
+ /* Notify userapp if link status changed */
+ if (!atl_dev_link_update(dev, 0)) {
atl_dev_link_status_print(dev);
_rte_eth_dev_callback_process(dev,
RTE_ETH_EVENT_INTR_LSC, NULL);
+ } else {
+ if (hw->aq_fw_ops->send_macsec_req == NULL)
+ goto done;
+
+ /* Check macsec Keys expired */
+ struct get_stats req = { 0 };
+ struct macsec_msg_fw_request msg = { 0 };
+ struct macsec_msg_fw_response resp = { 0 };
+
+ req.ingress_sa_index = 0x0;
+ req.egress_sc_index = 0x0;
+ req.egress_sa_index = 0x0;
+ msg.msg_type = macsec_get_stats_msg;
+ msg.stats = req;
+
+ int err = hw->aq_fw_ops->send_macsec_req(hw, &msg, &resp);
+ if (err) {
+ PMD_DRV_LOG(ERR, "send_macsec_req fail");
+ goto done;
+ }
+ if (resp.stats.egress_threshold_expired ||
+ resp.stats.ingress_threshold_expired ||
+ resp.stats.egress_expired ||
+ resp.stats.ingress_expired) {
+ PMD_DRV_LOG(INFO, "RTE_ETH_EVENT_MACSEC");
+ _rte_eth_dev_callback_process(dev,
+ RTE_ETH_EVENT_MACSEC, NULL);
+ }
}
-
+done:
atl_enable_intr(dev);
rte_intr_enable(intr_handle);
diff --git a/drivers/net/atlantic/atl_ethdev.h b/drivers/net/atlantic/atl_ethdev.h
index b162138c59d3..f547571b5c97 100644
--- a/drivers/net/atlantic/atl_ethdev.h
+++ b/drivers/net/atlantic/atl_ethdev.h
@@ -34,7 +34,7 @@
(&((struct atl_adapter *)adapter)->hw_cfg)
#define ATL_FLAG_NEED_LINK_UPDATE (uint32_t)(1 << 0)
-#define ATL_FLAG_NEED_LINK_CONFIG (uint32_t)(4 << 0)
+#define ATL_FLAG_MACSEC (uint32_t)(4 << 0)
struct atl_interrupt {
uint32_t flags;
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 4/7] net/atlantic: interrupt handling of macsec events
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 4/7] net/atlantic: interrupt handling of macsec events Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
0 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
MACSEC should be configured only after link up event, thus we use
link interrupt to file an alarm for configuration.
FW also uses link interrupt line to indicate incoming events from
MACSEC. These may include key expiration, packet counter wrap, etc.
We pass these events to the upper layers.
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_ethdev.c | 66 ++++++++++++++++++++++++++-----
drivers/net/atlantic/atl_ethdev.h | 2 +-
2 files changed, 57 insertions(+), 11 deletions(-)
diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index 1e91f162f6c2..dfcb3029b92f 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -4,6 +4,7 @@
#include <rte_string_fns.h>
#include <rte_ethdev_pci.h>
+#include <rte_alarm.h>
#include "atl_ethdev.h"
#include "atl_common.h"
@@ -1070,13 +1071,20 @@ atl_dev_supported_ptypes_get(struct rte_eth_dev *dev)
return NULL;
}
+static void
+atl_dev_delayed_handler(void *param)
+{
+ struct rte_eth_dev *dev = (struct rte_eth_dev *)param;
+
+ atl_dev_configure_macsec(dev);
+}
+
+
/* return 0 means link status changed, -1 means not changed */
static int
atl_dev_link_update(struct rte_eth_dev *dev, int wait __rte_unused)
{
struct aq_hw_s *hw = ATL_DEV_PRIVATE_TO_HW(dev->data->dev_private);
- struct atl_interrupt *intr =
- ATL_DEV_PRIVATE_TO_INTR(dev->data->dev_private);
struct rte_eth_link link, old;
int err = 0;
@@ -1103,8 +1111,6 @@ atl_dev_link_update(struct rte_eth_dev *dev, int wait __rte_unused)
return 0;
}
- intr->flags &= ~ATL_FLAG_NEED_LINK_CONFIG;
-
link.link_status = ETH_LINK_UP;
link.link_duplex = ETH_LINK_FULL_DUPLEX;
link.link_speed = hw->aq_link_status.mbps;
@@ -1114,6 +1120,10 @@ atl_dev_link_update(struct rte_eth_dev *dev, int wait __rte_unused)
if (link.link_status == old.link_status)
return -1;
+ if (rte_eal_alarm_set(1000 * 1000,
+ atl_dev_delayed_handler, (void *)dev) < 0)
+ PMD_DRV_LOG(ERR, "rte_eal_alarm_set fail");
+
return 0;
}
@@ -1191,8 +1201,9 @@ atl_dev_interrupt_get_status(struct rte_eth_dev *dev)
hw_atl_b0_hw_irq_read(hw, &cause);
atl_disable_intr(hw);
- intr->flags = cause & BIT(ATL_IRQ_CAUSE_LINK) ?
- ATL_FLAG_NEED_LINK_UPDATE : 0;
+
+ if (cause & BIT(ATL_IRQ_CAUSE_LINK))
+ intr->flags |= ATL_FLAG_NEED_LINK_UPDATE;
return 0;
}
@@ -1257,15 +1268,50 @@ atl_dev_interrupt_action(struct rte_eth_dev *dev,
{
struct atl_interrupt *intr =
ATL_DEV_PRIVATE_TO_INTR(dev->data->dev_private);
+ struct atl_adapter *adapter =
+ (struct atl_adapter *)dev->data->dev_private;
+ struct aq_hw_s *hw = &adapter->hw;
+
+ if (!(intr->flags & ATL_FLAG_NEED_LINK_UPDATE))
+ goto done;
- if (intr->flags & ATL_FLAG_NEED_LINK_UPDATE) {
- atl_dev_link_update(dev, 0);
- intr->flags &= ~ATL_FLAG_NEED_LINK_UPDATE;
+ intr->flags &= ~ATL_FLAG_NEED_LINK_UPDATE;
+
+ /* Notify userapp if link status changed */
+ if (!atl_dev_link_update(dev, 0)) {
atl_dev_link_status_print(dev);
_rte_eth_dev_callback_process(dev,
RTE_ETH_EVENT_INTR_LSC, NULL);
+ } else {
+ if (hw->aq_fw_ops->send_macsec_req == NULL)
+ goto done;
+
+ /* Check macsec Keys expired */
+ struct get_stats req = { 0 };
+ struct macsec_msg_fw_request msg = { 0 };
+ struct macsec_msg_fw_response resp = { 0 };
+
+ req.ingress_sa_index = 0x0;
+ req.egress_sc_index = 0x0;
+ req.egress_sa_index = 0x0;
+ msg.msg_type = macsec_get_stats_msg;
+ msg.stats = req;
+
+ int err = hw->aq_fw_ops->send_macsec_req(hw, &msg, &resp);
+ if (err) {
+ PMD_DRV_LOG(ERR, "send_macsec_req fail");
+ goto done;
+ }
+ if (resp.stats.egress_threshold_expired ||
+ resp.stats.ingress_threshold_expired ||
+ resp.stats.egress_expired ||
+ resp.stats.ingress_expired) {
+ PMD_DRV_LOG(INFO, "RTE_ETH_EVENT_MACSEC");
+ _rte_eth_dev_callback_process(dev,
+ RTE_ETH_EVENT_MACSEC, NULL);
+ }
}
-
+done:
atl_enable_intr(dev);
rte_intr_enable(intr_handle);
diff --git a/drivers/net/atlantic/atl_ethdev.h b/drivers/net/atlantic/atl_ethdev.h
index b162138c59d3..f547571b5c97 100644
--- a/drivers/net/atlantic/atl_ethdev.h
+++ b/drivers/net/atlantic/atl_ethdev.h
@@ -34,7 +34,7 @@
(&((struct atl_adapter *)adapter)->hw_cfg)
#define ATL_FLAG_NEED_LINK_UPDATE (uint32_t)(1 << 0)
-#define ATL_FLAG_NEED_LINK_CONFIG (uint32_t)(4 << 0)
+#define ATL_FLAG_MACSEC (uint32_t)(4 << 0)
struct atl_interrupt {
uint32_t flags;
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 5/7] net/atlantic: implement macsec statistics
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
` (4 preceding siblings ...)
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 4/7] net/atlantic: interrupt handling of macsec events Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 6/7] net/atlantic: bump internal driver version Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 7/7] net/atlantic: public experimental macsec API Igor Russkikh
7 siblings, 1 reply; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
We add extra xstat fields to include macsec counters and stats
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_ethdev.c | 82 +++++++++++++++++++++++++++++--
1 file changed, 77 insertions(+), 5 deletions(-)
diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index dfcb3029b92f..4e6124aa318e 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -193,14 +193,27 @@ static const struct rte_eth_desc_lim tx_desc_lim = {
.nb_mtu_seg_max = ATL_TX_MAX_SEG,
};
+enum atl_xstats_type {
+ XSTATS_TYPE_MSM = 0,
+ XSTATS_TYPE_MACSEC,
+};
+
#define ATL_XSTATS_FIELD(name) { \
#name, \
- offsetof(struct aq_stats_s, name) \
+ offsetof(struct aq_stats_s, name), \
+ XSTATS_TYPE_MSM \
+}
+
+#define ATL_MACSEC_XSTATS_FIELD(name) { \
+ #name, \
+ offsetof(struct macsec_stats, name), \
+ XSTATS_TYPE_MACSEC \
}
struct atl_xstats_tbl_s {
const char *name;
unsigned int offset;
+ enum atl_xstats_type type;
};
static struct atl_xstats_tbl_s atl_xstats_tbl[] = {
@@ -218,6 +231,38 @@ static struct atl_xstats_tbl_s atl_xstats_tbl[] = {
ATL_XSTATS_FIELD(mbtc),
ATL_XSTATS_FIELD(bbrc),
ATL_XSTATS_FIELD(bbtc),
+ /* Ingress Common Counters */
+ ATL_MACSEC_XSTATS_FIELD(in_ctl_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_tagged_miss_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_untagged_miss_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_notag_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_untagged_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_bad_tag_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_no_sci_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_unknown_sci_pkts),
+ /* Ingress SA Counters */
+ ATL_MACSEC_XSTATS_FIELD(in_untagged_hit_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_not_using_sa),
+ ATL_MACSEC_XSTATS_FIELD(in_unused_sa),
+ ATL_MACSEC_XSTATS_FIELD(in_not_valid_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_invalid_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_ok_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_unchecked_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_validated_octets),
+ ATL_MACSEC_XSTATS_FIELD(in_decrypted_octets),
+ /* Egress Common Counters */
+ ATL_MACSEC_XSTATS_FIELD(out_ctl_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_unknown_sa_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_untagged_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_too_long),
+ /* Egress SC Counters */
+ ATL_MACSEC_XSTATS_FIELD(out_sc_protected_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_sc_encrypted_pkts),
+ /* Egress SA Counters */
+ ATL_MACSEC_XSTATS_FIELD(out_sa_hit_drop_redirect),
+ ATL_MACSEC_XSTATS_FIELD(out_sa_protected2_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_sa_protected_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_sa_encrypted_pkts),
};
static const struct eth_dev_ops atl_eth_dev_ops = {
@@ -968,19 +1013,46 @@ static int
atl_dev_xstats_get(struct rte_eth_dev *dev, struct rte_eth_xstat *stats,
unsigned int n)
{
- struct atl_adapter *adapter = ATL_DEV_TO_ADAPTER(dev);
+ struct atl_adapter *adapter =
+ (struct atl_adapter *)dev->data->dev_private;
struct aq_hw_s *hw = &adapter->hw;
+ struct get_stats req = { 0 };
+ struct macsec_msg_fw_request msg = { 0 };
+ struct macsec_msg_fw_response resp = { 0 };
+ int err = -1;
unsigned int i;
if (!stats)
return 0;
+ if (hw->aq_fw_ops->send_macsec_req != NULL) {
+ req.ingress_sa_index = 0xff;
+ req.egress_sc_index = 0xff;
+ req.egress_sa_index = 0xff;
+
+ msg.msg_type = macsec_get_stats_msg;
+ msg.stats = req;
+
+ err = hw->aq_fw_ops->send_macsec_req(hw, &msg, &resp);
+ }
+
for (i = 0; i < n && i < RTE_DIM(atl_xstats_tbl); i++) {
stats[i].id = i;
- stats[i].value = *(u64 *)((uint8_t *)&hw->curr_stats +
- atl_xstats_tbl[i].offset);
- }
+ switch (atl_xstats_tbl[i].type) {
+ case XSTATS_TYPE_MSM:
+ stats[i].value = *(u64 *)((uint8_t *)&hw->curr_stats +
+ atl_xstats_tbl[i].offset);
+ break;
+ case XSTATS_TYPE_MACSEC:
+ if (err)
+ goto done;
+ stats[i].value = *(u64 *)((uint8_t *)&resp.stats +
+ atl_xstats_tbl[i].offset);
+ break;
+ }
+ }
+done:
return i;
}
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 5/7] net/atlantic: implement macsec statistics
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 5/7] net/atlantic: implement macsec statistics Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
0 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
From: Pavel Belous <pavel.belous@aquantia.com>
We add extra xstat fields to include macsec counters and stats
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_ethdev.c | 82 +++++++++++++++++++++++++++++--
1 file changed, 77 insertions(+), 5 deletions(-)
diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index dfcb3029b92f..4e6124aa318e 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -193,14 +193,27 @@ static const struct rte_eth_desc_lim tx_desc_lim = {
.nb_mtu_seg_max = ATL_TX_MAX_SEG,
};
+enum atl_xstats_type {
+ XSTATS_TYPE_MSM = 0,
+ XSTATS_TYPE_MACSEC,
+};
+
#define ATL_XSTATS_FIELD(name) { \
#name, \
- offsetof(struct aq_stats_s, name) \
+ offsetof(struct aq_stats_s, name), \
+ XSTATS_TYPE_MSM \
+}
+
+#define ATL_MACSEC_XSTATS_FIELD(name) { \
+ #name, \
+ offsetof(struct macsec_stats, name), \
+ XSTATS_TYPE_MACSEC \
}
struct atl_xstats_tbl_s {
const char *name;
unsigned int offset;
+ enum atl_xstats_type type;
};
static struct atl_xstats_tbl_s atl_xstats_tbl[] = {
@@ -218,6 +231,38 @@ static struct atl_xstats_tbl_s atl_xstats_tbl[] = {
ATL_XSTATS_FIELD(mbtc),
ATL_XSTATS_FIELD(bbrc),
ATL_XSTATS_FIELD(bbtc),
+ /* Ingress Common Counters */
+ ATL_MACSEC_XSTATS_FIELD(in_ctl_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_tagged_miss_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_untagged_miss_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_notag_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_untagged_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_bad_tag_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_no_sci_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_unknown_sci_pkts),
+ /* Ingress SA Counters */
+ ATL_MACSEC_XSTATS_FIELD(in_untagged_hit_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_not_using_sa),
+ ATL_MACSEC_XSTATS_FIELD(in_unused_sa),
+ ATL_MACSEC_XSTATS_FIELD(in_not_valid_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_invalid_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_ok_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_unchecked_pkts),
+ ATL_MACSEC_XSTATS_FIELD(in_validated_octets),
+ ATL_MACSEC_XSTATS_FIELD(in_decrypted_octets),
+ /* Egress Common Counters */
+ ATL_MACSEC_XSTATS_FIELD(out_ctl_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_unknown_sa_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_untagged_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_too_long),
+ /* Egress SC Counters */
+ ATL_MACSEC_XSTATS_FIELD(out_sc_protected_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_sc_encrypted_pkts),
+ /* Egress SA Counters */
+ ATL_MACSEC_XSTATS_FIELD(out_sa_hit_drop_redirect),
+ ATL_MACSEC_XSTATS_FIELD(out_sa_protected2_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_sa_protected_pkts),
+ ATL_MACSEC_XSTATS_FIELD(out_sa_encrypted_pkts),
};
static const struct eth_dev_ops atl_eth_dev_ops = {
@@ -968,19 +1013,46 @@ static int
atl_dev_xstats_get(struct rte_eth_dev *dev, struct rte_eth_xstat *stats,
unsigned int n)
{
- struct atl_adapter *adapter = ATL_DEV_TO_ADAPTER(dev);
+ struct atl_adapter *adapter =
+ (struct atl_adapter *)dev->data->dev_private;
struct aq_hw_s *hw = &adapter->hw;
+ struct get_stats req = { 0 };
+ struct macsec_msg_fw_request msg = { 0 };
+ struct macsec_msg_fw_response resp = { 0 };
+ int err = -1;
unsigned int i;
if (!stats)
return 0;
+ if (hw->aq_fw_ops->send_macsec_req != NULL) {
+ req.ingress_sa_index = 0xff;
+ req.egress_sc_index = 0xff;
+ req.egress_sa_index = 0xff;
+
+ msg.msg_type = macsec_get_stats_msg;
+ msg.stats = req;
+
+ err = hw->aq_fw_ops->send_macsec_req(hw, &msg, &resp);
+ }
+
for (i = 0; i < n && i < RTE_DIM(atl_xstats_tbl); i++) {
stats[i].id = i;
- stats[i].value = *(u64 *)((uint8_t *)&hw->curr_stats +
- atl_xstats_tbl[i].offset);
- }
+ switch (atl_xstats_tbl[i].type) {
+ case XSTATS_TYPE_MSM:
+ stats[i].value = *(u64 *)((uint8_t *)&hw->curr_stats +
+ atl_xstats_tbl[i].offset);
+ break;
+ case XSTATS_TYPE_MACSEC:
+ if (err)
+ goto done;
+ stats[i].value = *(u64 *)((uint8_t *)&resp.stats +
+ atl_xstats_tbl[i].offset);
+ break;
+ }
+ }
+done:
return i;
}
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 6/7] net/atlantic: bump internal driver version
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
` (5 preceding siblings ...)
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 5/7] net/atlantic: implement macsec statistics Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 7/7] net/atlantic: public experimental macsec API Igor Russkikh
7 siblings, 1 reply; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
Version is synced with internal Aquantia's driver versioning
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_common.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/atlantic/atl_common.h b/drivers/net/atlantic/atl_common.h
index b3a0aa5cd212..54b3a3934044 100644
--- a/drivers/net/atlantic/atl_common.h
+++ b/drivers/net/atlantic/atl_common.h
@@ -5,7 +5,7 @@
#ifndef AQ_COMMON_H
#define AQ_COMMON_H
-#define ATL_PMD_DRIVER_VERSION "0.4.1"
+#define ATL_PMD_DRIVER_VERSION "0.6.7"
#define PCI_VENDOR_ID_AQUANTIA 0x1D6A
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 6/7] net/atlantic: bump internal driver version
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 6/7] net/atlantic: bump internal driver version Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
0 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev
Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev,
Igor Russkikh, Pavel Belous
Version is synced with internal Aquantia's driver versioning
Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/atl_common.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/atlantic/atl_common.h b/drivers/net/atlantic/atl_common.h
index b3a0aa5cd212..54b3a3934044 100644
--- a/drivers/net/atlantic/atl_common.h
+++ b/drivers/net/atlantic/atl_common.h
@@ -5,7 +5,7 @@
#ifndef AQ_COMMON_H
#define AQ_COMMON_H
-#define ATL_PMD_DRIVER_VERSION "0.4.1"
+#define ATL_PMD_DRIVER_VERSION "0.6.7"
#define PCI_VENDOR_ID_AQUANTIA 0x1D6A
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 7/7] net/atlantic: public experimental macsec API
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
` (6 preceding siblings ...)
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 6/7] net/atlantic: bump internal driver version Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
7 siblings, 1 reply; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev; +Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev, Igor Russkikh
Add public visible macsec API functions.
These are wrappers over internal configuration routines,
validating and converting port no into dev pointer
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/Makefile | 1 +
drivers/net/atlantic/meson.build | 1 +
drivers/net/atlantic/rte_pmd_atlantic.c | 102 ++++++++++++++++++
drivers/net/atlantic/rte_pmd_atlantic.h | 41 +++++++
.../net/atlantic/rte_pmd_atlantic_version.map | 12 +++
5 files changed, 157 insertions(+)
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.c
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.h
diff --git a/drivers/net/atlantic/Makefile b/drivers/net/atlantic/Makefile
index 62dcdbffa69c..263f12b5575f 100644
--- a/drivers/net/atlantic/Makefile
+++ b/drivers/net/atlantic/Makefile
@@ -31,5 +31,6 @@ SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_utils.c
SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_llh.c
SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_utils_fw2x.c
SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_b0.c
+SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += rte_pmd_atlantic.c
include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/net/atlantic/meson.build b/drivers/net/atlantic/meson.build
index 28fb97cace6e..60b84684ec0a 100644
--- a/drivers/net/atlantic/meson.build
+++ b/drivers/net/atlantic/meson.build
@@ -9,4 +9,5 @@ sources = files(
'hw_atl/hw_atl_llh.c',
'hw_atl/hw_atl_utils_fw2x.c',
'hw_atl/hw_atl_utils.c',
+ 'rte_pmd_atlantic.c',
)
diff --git a/drivers/net/atlantic/rte_pmd_atlantic.c b/drivers/net/atlantic/rte_pmd_atlantic.c
new file mode 100644
index 000000000000..5bf4da27fdd0
--- /dev/null
+++ b/drivers/net/atlantic/rte_pmd_atlantic.c
@@ -0,0 +1,102 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Aquantia Corporation
+ */
+
+#include <rte_ethdev_driver.h>
+
+#include "rte_pmd_atlantic.h"
+#include "atl_ethdev.h"
+
+
+__rte_experimental int
+rte_pmd_atl_macsec_enable(uint16_t port,
+ uint8_t encr, uint8_t repl_prot)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_enable(dev, encr, repl_prot);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_disable(uint16_t port)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_disable(dev);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_config_txsc(uint16_t port, uint8_t *mac)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_config_txsc(dev, mac);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_config_rxsc(uint16_t port, uint8_t *mac, uint16_t pi)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_config_rxsc(dev, mac, pi);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_select_txsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_select_txsa(dev, idx, an, pn, key);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_select_rxsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_select_rxsa(dev, idx, an, pn, key);
+}
diff --git a/drivers/net/atlantic/rte_pmd_atlantic.h b/drivers/net/atlantic/rte_pmd_atlantic.h
new file mode 100644
index 000000000000..6a1925266156
--- /dev/null
+++ b/drivers/net/atlantic/rte_pmd_atlantic.h
@@ -0,0 +1,41 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Aquantia Corporation
+ */
+
+/**
+ * @file rte_pmd_atlantic.h
+ * atlantic PMD specific functions.
+ *
+ **/
+
+#ifndef _PMD_ATLANTIC_H_
+#define _PMD_ATLANTIC_H_
+
+#include <rte_ethdev_driver.h>
+
+/**
+ * Enable MACsec offload.
+ *
+ * @param port
+ * The port identifier of the Ethernet device.
+ * @param en
+ * 1 - Enable encryption (encrypt and add integrity signature).
+ * 0 - Disable encryption (only add integrity signature).
+ * @param rp
+ * 1 - Enable replay protection.
+ * 0 - Disable replay protection.
+ * @return
+ * - (0) if successful.
+ * - (-ENODEV) if *port* invalid.
+ * - (-ENOTSUP) if hardware doesn't support this feature.
+ */
+int rte_pmd_atl_macsec_enable(uint16_t port, uint8_t en, uint8_t rp);
+int rte_pmd_atl_macsec_disable(uint16_t port);
+int rte_pmd_atl_macsec_config_txsc(uint16_t port, uint8_t *mac);
+int rte_pmd_atl_macsec_config_rxsc(uint16_t port, uint8_t *mac, uint16_t pi);
+int rte_pmd_atl_macsec_select_txsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key);
+int rte_pmd_atl_macsec_select_rxsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key);
+
+#endif /* _PMD_ATLANTIC_H_ */
diff --git a/drivers/net/atlantic/rte_pmd_atlantic_version.map b/drivers/net/atlantic/rte_pmd_atlantic_version.map
index 521e51f411fb..b16faa999f43 100644
--- a/drivers/net/atlantic/rte_pmd_atlantic_version.map
+++ b/drivers/net/atlantic/rte_pmd_atlantic_version.map
@@ -2,3 +2,15 @@ DPDK_18.11 {
local: *;
};
+
+EXPERIMENTAL {
+ global:
+
+ rte_pmd_atl_macsec_enable;
+ rte_pmd_atl_macsec_disable;
+ rte_pmd_atl_macsec_config_txsc;
+ rte_pmd_atl_macsec_config_rxsc;
+ rte_pmd_atl_macsec_select_txsa;
+ rte_pmd_atl_macsec_select_rxsa;
+};
+
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [dpdk-dev] [PATCH v2 7/7] net/atlantic: public experimental macsec API
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 7/7] net/atlantic: public experimental macsec API Igor Russkikh
@ 2019-04-17 15:45 ` Igor Russkikh
0 siblings, 0 replies; 18+ messages in thread
From: Igor Russkikh @ 2019-04-17 15:45 UTC (permalink / raw)
To: dev; +Cc: ferruh.yigit, thomas, arybchenko, konstantin.ananyev, Igor Russkikh
Add public visible macsec API functions.
These are wrappers over internal configuration routines,
validating and converting port no into dev pointer
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
drivers/net/atlantic/Makefile | 1 +
drivers/net/atlantic/meson.build | 1 +
drivers/net/atlantic/rte_pmd_atlantic.c | 102 ++++++++++++++++++
drivers/net/atlantic/rte_pmd_atlantic.h | 41 +++++++
.../net/atlantic/rte_pmd_atlantic_version.map | 12 +++
5 files changed, 157 insertions(+)
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.c
create mode 100644 drivers/net/atlantic/rte_pmd_atlantic.h
diff --git a/drivers/net/atlantic/Makefile b/drivers/net/atlantic/Makefile
index 62dcdbffa69c..263f12b5575f 100644
--- a/drivers/net/atlantic/Makefile
+++ b/drivers/net/atlantic/Makefile
@@ -31,5 +31,6 @@ SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_utils.c
SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_llh.c
SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_utils_fw2x.c
SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += hw_atl_b0.c
+SRCS-$(CONFIG_RTE_LIBRTE_ATLANTIC_PMD) += rte_pmd_atlantic.c
include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/net/atlantic/meson.build b/drivers/net/atlantic/meson.build
index 28fb97cace6e..60b84684ec0a 100644
--- a/drivers/net/atlantic/meson.build
+++ b/drivers/net/atlantic/meson.build
@@ -9,4 +9,5 @@ sources = files(
'hw_atl/hw_atl_llh.c',
'hw_atl/hw_atl_utils_fw2x.c',
'hw_atl/hw_atl_utils.c',
+ 'rte_pmd_atlantic.c',
)
diff --git a/drivers/net/atlantic/rte_pmd_atlantic.c b/drivers/net/atlantic/rte_pmd_atlantic.c
new file mode 100644
index 000000000000..5bf4da27fdd0
--- /dev/null
+++ b/drivers/net/atlantic/rte_pmd_atlantic.c
@@ -0,0 +1,102 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Aquantia Corporation
+ */
+
+#include <rte_ethdev_driver.h>
+
+#include "rte_pmd_atlantic.h"
+#include "atl_ethdev.h"
+
+
+__rte_experimental int
+rte_pmd_atl_macsec_enable(uint16_t port,
+ uint8_t encr, uint8_t repl_prot)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_enable(dev, encr, repl_prot);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_disable(uint16_t port)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_disable(dev);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_config_txsc(uint16_t port, uint8_t *mac)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_config_txsc(dev, mac);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_config_rxsc(uint16_t port, uint8_t *mac, uint16_t pi)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_config_rxsc(dev, mac, pi);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_select_txsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_select_txsa(dev, idx, an, pn, key);
+}
+
+__rte_experimental int
+rte_pmd_atl_macsec_select_rxsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key)
+{
+ struct rte_eth_dev *dev;
+
+ RTE_ETH_VALID_PORTID_OR_ERR_RET(port, -ENODEV);
+
+ dev = &rte_eth_devices[port];
+
+ if (!is_atlantic_supported(dev))
+ return -ENOTSUP;
+
+ return atl_macsec_select_rxsa(dev, idx, an, pn, key);
+}
diff --git a/drivers/net/atlantic/rte_pmd_atlantic.h b/drivers/net/atlantic/rte_pmd_atlantic.h
new file mode 100644
index 000000000000..6a1925266156
--- /dev/null
+++ b/drivers/net/atlantic/rte_pmd_atlantic.h
@@ -0,0 +1,41 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Aquantia Corporation
+ */
+
+/**
+ * @file rte_pmd_atlantic.h
+ * atlantic PMD specific functions.
+ *
+ **/
+
+#ifndef _PMD_ATLANTIC_H_
+#define _PMD_ATLANTIC_H_
+
+#include <rte_ethdev_driver.h>
+
+/**
+ * Enable MACsec offload.
+ *
+ * @param port
+ * The port identifier of the Ethernet device.
+ * @param en
+ * 1 - Enable encryption (encrypt and add integrity signature).
+ * 0 - Disable encryption (only add integrity signature).
+ * @param rp
+ * 1 - Enable replay protection.
+ * 0 - Disable replay protection.
+ * @return
+ * - (0) if successful.
+ * - (-ENODEV) if *port* invalid.
+ * - (-ENOTSUP) if hardware doesn't support this feature.
+ */
+int rte_pmd_atl_macsec_enable(uint16_t port, uint8_t en, uint8_t rp);
+int rte_pmd_atl_macsec_disable(uint16_t port);
+int rte_pmd_atl_macsec_config_txsc(uint16_t port, uint8_t *mac);
+int rte_pmd_atl_macsec_config_rxsc(uint16_t port, uint8_t *mac, uint16_t pi);
+int rte_pmd_atl_macsec_select_txsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key);
+int rte_pmd_atl_macsec_select_rxsa(uint16_t port, uint8_t idx, uint8_t an,
+ uint32_t pn, uint8_t *key);
+
+#endif /* _PMD_ATLANTIC_H_ */
diff --git a/drivers/net/atlantic/rte_pmd_atlantic_version.map b/drivers/net/atlantic/rte_pmd_atlantic_version.map
index 521e51f411fb..b16faa999f43 100644
--- a/drivers/net/atlantic/rte_pmd_atlantic_version.map
+++ b/drivers/net/atlantic/rte_pmd_atlantic_version.map
@@ -2,3 +2,15 @@ DPDK_18.11 {
local: *;
};
+
+EXPERIMENTAL {
+ global:
+
+ rte_pmd_atl_macsec_enable;
+ rte_pmd_atl_macsec_disable;
+ rte_pmd_atl_macsec_config_txsc;
+ rte_pmd_atl_macsec_config_rxsc;
+ rte_pmd_atl_macsec_select_txsa;
+ rte_pmd_atl_macsec_select_rxsa;
+};
+
--
2.17.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
@ 2019-04-17 17:14 ` Ferruh Yigit
2019-04-17 17:14 ` Ferruh Yigit
1 sibling, 1 reply; 18+ messages in thread
From: Ferruh Yigit @ 2019-04-17 17:14 UTC (permalink / raw)
To: Igor Russkikh, dev; +Cc: thomas, arybchenko, konstantin.ananyev, Pavel Belous
On 4/17/2019 4:45 PM, Igor Russkikh wrote:
> From: Pavel Belous <pavel.belous@aquantia.com>
>
> This is a driver side of macsec configuration routines.
> It fills in config structures and sends requests to FW
> for configuration activities.
>
> We declare macsec offload bits in DPDK offload capabilities.
>
> Also update documentation with feature matrix for the
> enabled feature.
>
> Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
> Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
<...>
> @@ -698,6 +700,205 @@ atl_dev_reset(struct rte_eth_dev *dev)
> return ret;
> }
>
> +static int
> +atl_dev_configure_macsec(struct rte_eth_dev *dev)
The build is broken in this patch [1] because static function defined but not
used, indeed this is similar for other functions but they don't cause a build
error since they are not static.
It can be good to add the APIs using these functions and functions in same patch.
[1]
.../dpdk/drivers/net/atlantic/atl_ethdev.c:704:1: error:
‘atl_dev_configure_macsec’ defined but not used [-Werror=unused-function]
atl_dev_configure_macsec(struct rte_eth_dev *dev)
^~~~~~~~~~~~~~~~~~~~~~~~
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration
2019-04-17 17:14 ` Ferruh Yigit
@ 2019-04-17 17:14 ` Ferruh Yigit
0 siblings, 0 replies; 18+ messages in thread
From: Ferruh Yigit @ 2019-04-17 17:14 UTC (permalink / raw)
To: Igor Russkikh, dev; +Cc: thomas, arybchenko, konstantin.ananyev, Pavel Belous
On 4/17/2019 4:45 PM, Igor Russkikh wrote:
> From: Pavel Belous <pavel.belous@aquantia.com>
>
> This is a driver side of macsec configuration routines.
> It fills in config structures and sends requests to FW
> for configuration activities.
>
> We declare macsec offload bits in DPDK offload capabilities.
>
> Also update documentation with feature matrix for the
> enabled feature.
>
> Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
> Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
<...>
> @@ -698,6 +700,205 @@ atl_dev_reset(struct rte_eth_dev *dev)
> return ret;
> }
>
> +static int
> +atl_dev_configure_macsec(struct rte_eth_dev *dev)
The build is broken in this patch [1] because static function defined but not
used, indeed this is similar for other functions but they don't cause a build
error since they are not static.
It can be good to add the APIs using these functions and functions in same patch.
[1]
.../dpdk/drivers/net/atlantic/atl_ethdev.c:704:1: error:
‘atl_dev_configure_macsec’ defined but not used [-Werror=unused-function]
atl_dev_configure_macsec(struct rte_eth_dev *dev)
^~~~~~~~~~~~~~~~~~~~~~~~
^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2019-04-17 17:14 UTC | newest]
Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-17 15:45 [dpdk-dev] [PATCH v2 0/7] add MACSEC hw offload to atlantic PMD Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 1/7] net/atlantic: macsec hardware structures declaration Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 17:14 ` Ferruh Yigit
2019-04-17 17:14 ` Ferruh Yigit
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 3/7] net/atlantic: macsec firmware interface Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 4/7] net/atlantic: interrupt handling of macsec events Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 5/7] net/atlantic: implement macsec statistics Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 6/7] net/atlantic: bump internal driver version Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
2019-04-17 15:45 ` [dpdk-dev] [PATCH v2 7/7] net/atlantic: public experimental macsec API Igor Russkikh
2019-04-17 15:45 ` Igor Russkikh
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).