DPDK patches and discussions
 help / color / mirror / Atom feed
From: Jiawen Wu <jiawenwu@trustnetic.com>
To: dev@dpdk.org
Cc: Jiawen Wu <jiawenwu@trustnetic.com>
Subject: [dpdk-dev] [PATCH v2 32/37] net/txgbe: add macsec setting
Date: Wed, 11 Nov 2020 14:49:31 +0800
Message-ID: <20201111064936.768604-33-jiawenwu@trustnetic.com> (raw)
In-Reply-To: <20201111064936.768604-1-jiawenwu@trustnetic.com>

Add macsec register enable and setting reset operations.
Add macsec offload suuport.

Signed-off-by: Jiawen Wu <jiawenwu@trustnetic.com>
---
 doc/guides/nics/features/txgbe.ini |  1 +
 drivers/net/txgbe/txgbe_ethdev.c   | 87 ++++++++++++++++++++++++++++++
 drivers/net/txgbe/txgbe_ethdev.h   | 17 ++++++
 drivers/net/txgbe/txgbe_rxtx.c     |  3 ++
 4 files changed, 108 insertions(+)

diff --git a/doc/guides/nics/features/txgbe.ini b/doc/guides/nics/features/txgbe.ini
index ffeecfd20..6f721ff1c 100644
--- a/doc/guides/nics/features/txgbe.ini
+++ b/doc/guides/nics/features/txgbe.ini
@@ -33,6 +33,7 @@ VLAN offload         = P
 QinQ offload         = P
 L3 checksum offload  = P
 L4 checksum offload  = P
+MACsec offload       = P
 Inner L3 checksum    = P
 Inner L4 checksum    = P
 Packet type parsing  = Y
diff --git a/drivers/net/txgbe/txgbe_ethdev.c b/drivers/net/txgbe/txgbe_ethdev.c
index 22bc2c004..5f7db6b7b 100644
--- a/drivers/net/txgbe/txgbe_ethdev.c
+++ b/drivers/net/txgbe/txgbe_ethdev.c
@@ -487,6 +487,8 @@ eth_txgbe_dev_init(struct rte_eth_dev *eth_dev, void *init_params __rte_unused)
 
 	PMD_INIT_FUNC_TRACE();
 
+	txgbe_dev_macsec_setting_reset(eth_dev);
+
 	eth_dev->dev_ops = &txgbe_eth_dev_ops;
 	eth_dev->rx_queue_count       = txgbe_dev_rx_queue_count;
 	eth_dev->rx_descriptor_status = txgbe_dev_rx_descriptor_status;
@@ -1549,6 +1551,8 @@ txgbe_dev_start(struct rte_eth_dev *dev)
 	uint16_t vf, idx;
 	uint32_t *link_speeds;
 	struct txgbe_tm_conf *tm_conf = TXGBE_DEV_TM_CONF(dev);
+	struct txgbe_macsec_setting *macsec_setting =
+				TXGBE_DEV_MACSEC_SETTING(dev);
 
 	PMD_INIT_FUNC_TRACE();
 
@@ -1763,6 +1767,10 @@ txgbe_dev_start(struct rte_eth_dev *dev)
 	 */
 	txgbe_dev_link_update(dev, 0);
 
+	/* setup the macsec ctrl register */
+	if (macsec_setting->offload_en)
+		txgbe_dev_macsec_register_enable(dev, macsec_setting);
+
 	wr32m(hw, TXGBE_LEDCTL, 0xFFFFFFFF, TXGBE_LEDCTL_ORD_MASK);
 
 	txgbe_read_stats_registers(hw, hw_stats);
@@ -5142,6 +5150,85 @@ txgbe_clear_all_l2_tn_filter(struct rte_eth_dev *dev)
 	return 0;
 }
 
+void
+txgbe_dev_macsec_setting_reset(struct rte_eth_dev *dev)
+{
+	struct txgbe_macsec_setting *macsec = TXGBE_DEV_MACSEC_SETTING(dev);
+
+	macsec->offload_en = 0;
+	macsec->encrypt_en = 0;
+	macsec->replayprotect_en = 0;
+}
+
+void
+txgbe_dev_macsec_register_enable(struct rte_eth_dev *dev,
+				struct txgbe_macsec_setting *macsec_setting)
+{
+	struct txgbe_hw *hw = TXGBE_DEV_HW(dev);
+	uint32_t ctrl;
+	uint8_t en = macsec_setting->encrypt_en;
+	uint8_t rp = macsec_setting->replayprotect_en;
+
+	/**
+	 * Workaround:
+	 * As no txgbe_disable_sec_rx_path equivalent is
+	 * implemented for tx in the base code, and we are
+	 * not allowed to modify the base code in DPDK, so
+	 * just call the hand-written one directly for now.
+	 * The hardware support has been checked by
+	 * txgbe_disable_sec_rx_path().
+	 */
+	txgbe_disable_sec_tx_path(hw);
+
+	/* Enable Ethernet CRC (required by MACsec offload) */
+	ctrl = rd32(hw, TXGBE_SECRXCTL);
+	ctrl |= TXGBE_SECRXCTL_CRCSTRIP;
+	wr32(hw, TXGBE_SECRXCTL, ctrl);
+
+	/* Enable the TX and RX crypto engines */
+	ctrl = rd32(hw, TXGBE_SECTXCTL);
+	ctrl &= ~TXGBE_SECTXCTL_XDSA;
+	wr32(hw, TXGBE_SECTXCTL, ctrl);
+
+	ctrl = rd32(hw, TXGBE_SECRXCTL);
+	ctrl &= ~TXGBE_SECRXCTL_XDSA;
+	wr32(hw, TXGBE_SECRXCTL, ctrl);
+
+	ctrl = rd32(hw, TXGBE_SECTXIFG);
+	ctrl &= ~TXGBE_SECTXIFG_MIN_MASK;
+	ctrl |= TXGBE_SECTXIFG_MIN(0x3);
+	wr32(hw, TXGBE_SECTXIFG, ctrl);
+
+	/* Enable SA lookup */
+	ctrl = rd32(hw, TXGBE_LSECTXCTL);
+	ctrl &= ~TXGBE_LSECTXCTL_MODE_MASK;
+	ctrl |= en ? TXGBE_LSECTXCTL_MODE_AENC : TXGBE_LSECTXCTL_MODE_AUTH;
+	ctrl &= ~TXGBE_LSECTXCTL_PNTRH_MASK;
+	ctrl |= TXGBE_LSECTXCTL_PNTRH(TXGBE_MACSEC_PNTHRSH);
+	wr32(hw, TXGBE_LSECTXCTL, ctrl);
+
+	ctrl = rd32(hw, TXGBE_LSECRXCTL);
+	ctrl &= ~TXGBE_LSECRXCTL_MODE_MASK;
+	ctrl |= TXGBE_LSECRXCTL_MODE_STRICT;
+	ctrl &= ~TXGBE_LSECRXCTL_POSTHDR;
+	if (rp)
+		ctrl |= TXGBE_LSECRXCTL_REPLAY;
+	else
+		ctrl &= ~TXGBE_LSECRXCTL_REPLAY;
+	wr32(hw, TXGBE_LSECRXCTL, ctrl);
+
+	/* Start the data paths */
+	txgbe_enable_sec_rx_path(hw);
+	/**
+	 * Workaround:
+	 * As no txgbe_enable_sec_rx_path equivalent is
+	 * implemented for tx in the base code, and we are
+	 * not allowed to modify the base code in DPDK, so
+	 * just call the hand-written one directly for now.
+	 */
+	txgbe_enable_sec_tx_path(hw);
+}
+
 static const struct eth_dev_ops txgbe_eth_dev_ops = {
 	.dev_configure              = txgbe_dev_configure,
 	.dev_infos_get              = txgbe_dev_info_get,
diff --git a/drivers/net/txgbe/txgbe_ethdev.h b/drivers/net/txgbe/txgbe_ethdev.h
index 5f988eead..73e3fe8da 100644
--- a/drivers/net/txgbe/txgbe_ethdev.h
+++ b/drivers/net/txgbe/txgbe_ethdev.h
@@ -62,6 +62,8 @@
 #define TXGBE_MISC_VEC_ID               RTE_INTR_VEC_ZERO_OFFSET
 #define TXGBE_RX_VEC_START              RTE_INTR_VEC_RXTX_OFFSET
 
+#define TXGBE_MACSEC_PNTHRSH            0xFFFFFE00
+
 #define TXGBE_MAX_FDIR_FILTER_NUM       (1024 * 32)
 #define TXGBE_MAX_L2_TN_FILTER_NUM      128
 
@@ -270,6 +272,12 @@ struct rte_flow {
 	void *rule;
 };
 
+struct txgbe_macsec_setting {
+	uint8_t offload_en;
+	uint8_t encrypt_en;
+	uint8_t replayprotect_en;
+};
+
 /* The configuration of bandwidth */
 struct txgbe_bw_conf {
 	uint8_t tc_num; /* Number of TCs. */
@@ -343,6 +351,7 @@ struct txgbe_tm_conf {
 struct txgbe_adapter {
 	struct txgbe_hw             hw;
 	struct txgbe_hw_stats       stats;
+	struct txgbe_macsec_setting macsec_setting;
 	struct txgbe_hw_fdir_info   fdir;
 	struct txgbe_interrupt      intr;
 	struct txgbe_stat_mappings  stat_mappings;
@@ -374,6 +383,9 @@ struct txgbe_adapter {
 #define TXGBE_DEV_STATS(dev) \
 	(&((struct txgbe_adapter *)(dev)->data->dev_private)->stats)
 
+#define TXGBE_DEV_MACSEC_SETTING(dev) \
+	(&((struct txgbe_adapter *)(dev)->data->dev_private)->macsec_setting)
+
 #define TXGBE_DEV_INTR(dev) \
 	(&((struct txgbe_adapter *)(dev)->data->dev_private)->intr)
 
@@ -578,6 +590,11 @@ int txgbe_action_rss_same(const struct rte_flow_action_rss *comp,
 int txgbe_config_rss_filter(struct rte_eth_dev *dev,
 		struct txgbe_rte_flow_rss_conf *conf, bool add);
 
+void txgbe_dev_macsec_register_enable(struct rte_eth_dev *dev,
+		struct txgbe_macsec_setting *macsec_setting);
+
+void txgbe_dev_macsec_setting_reset(struct rte_eth_dev *dev);
+
 static inline int
 txgbe_ethertype_filter_lookup(struct txgbe_filter_info *filter_info,
 			      uint16_t ethertype)
diff --git a/drivers/net/txgbe/txgbe_rxtx.c b/drivers/net/txgbe/txgbe_rxtx.c
index 209660656..857feba9b 100644
--- a/drivers/net/txgbe/txgbe_rxtx.c
+++ b/drivers/net/txgbe/txgbe_rxtx.c
@@ -56,6 +56,9 @@ static const u64 TXGBE_TX_OFFLOAD_MASK = (PKT_TX_IP_CKSUM |
 		PKT_TX_L4_MASK |
 		PKT_TX_TCP_SEG |
 		PKT_TX_TUNNEL_MASK |
+#ifdef RTE_LIBRTE_MACSEC
+		PKT_TX_MACSEC |
+#endif
 		PKT_TX_OUTER_IP_CKSUM |
 		TXGBE_TX_IEEE1588_TMST);
 
-- 
2.18.4




  parent reply	other threads:[~2020-11-11  6:59 UTC|newest]

Thread overview: 48+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-11  6:48 [dpdk-dev] [PATCH v2 00/37] net: add txgbe PMD part 2 Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 01/37] net/txgbe: add ntuple filter init and uninit Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 02/37] net/txgbe: support ntuple filter add and delete Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 03/37] net/txgbe: add ntuple parse rule Jiawen Wu
2020-11-11 16:06   ` Ferruh Yigit
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 04/37] net/txgbe: support ntuple filter remove operaion Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 05/37] net/txgbe: support ethertype filter add and delete Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 06/37] net/txgbe: add ethertype parse rule Jiawen Wu
2020-11-11 16:02   ` Ferruh Yigit
2020-11-11 16:04     ` Ferruh Yigit
2020-11-12  1:57       ` Wang, Haiyue
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 07/37] net/txgbe: support syn filter add and delete Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 08/37] net/txgbe: add syn filter parse rule Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 09/37] net/txgbe: add L2 tunnel filter init and uninit Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 10/37] net/txgbe: config L2 tunnel filter with e-tag Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 11/37] net/txgbe: support L2 tunnel filter add and delete Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 12/37] net/txgbe: add L2 tunnel filter parse rule Jiawen Wu
2020-11-11 16:10   ` Ferruh Yigit
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 13/37] net/txgbe: add FDIR filter init and uninit Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 14/37] net/txgbe: configure FDIR filter Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 15/37] net/txgbe: support FDIR add and delete operations Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 16/37] net/txgbe: add FDIR parse normal rule Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 17/37] net/txgbe: add FDIR parse tunnel rule Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 18/37] net/txgbe: add FDIR restore operation Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 19/37] net/txgbe: add RSS filter parse rule Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 20/37] net/txgbe: add RSS filter restore operation Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 21/37] net/txgbe: add filter list init and uninit Jiawen Wu
2020-11-11 16:10   ` Ferruh Yigit
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 22/37] net/txgbe: add generic flow API Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 23/37] net/txgbe: add flow API create function Jiawen Wu
2020-11-11 16:11   ` Ferruh Yigit
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 24/37] net/txgbe: add flow API destroy function Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 25/37] net/txgbe: add flow API flush function Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 26/37] net/txgbe: support UDP tunnel port add and delete Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 27/37] net/txgbe: add TM configuration init and uninit Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 28/37] net/txgbe: add TM capabilities get operation Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 29/37] net/txgbe: support TM shaper profile add and delete Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 30/37] net/txgbe: support TM node " Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 31/37] net/txgbe: add TM hierarchy commit Jiawen Wu
2020-11-11  6:49 ` Jiawen Wu [this message]
2020-11-11 16:13   ` [dpdk-dev] [PATCH v2 32/37] net/txgbe: add macsec setting Ferruh Yigit
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 33/37] net/txgbe: add IPsec context creation Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 34/37] net/txgbe: add security session create operation Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 35/37] net/txgbe: support security session destroy Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 36/37] net/txgbe: add security offload in Rx and Tx process Jiawen Wu
2020-11-11  6:49 ` [dpdk-dev] [PATCH v2 37/37] net/txgbe: add security type in flow action Jiawen Wu
2020-11-11 16:00 ` [dpdk-dev] [PATCH v2 00/37] net: add txgbe PMD part 2 Ferruh Yigit
2020-11-11 16:09   ` Ferruh Yigit

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201111064936.768604-33-jiawenwu@trustnetic.com \
    --to=jiawenwu@trustnetic.com \
    --cc=dev@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
		dev@dpdk.org
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git