DPDK patches and discussions
 help / color / mirror / Atom feed
From: Radu Nicolau <radu.nicolau@intel.com>
To: Jingjing Wu <jingjing.wu@intel.com>, Beilei Xing <beilei.xing@intel.com>
Cc: dev@dpdk.org, declan.doherty@intel.com, abhijit.sinha@intel.com,
	qi.z.zhang@intel.com, bruce.richardson@intel.com,
	konstantin.ananyev@intel.com,
	Radu Nicolau <radu.nicolau@intel.com>
Subject: [dpdk-dev] [PATCH v8 1/7] common/iavf: add iAVF IPsec inline crypto support
Date: Fri, 15 Oct 2021 11:15:05 +0100	[thread overview]
Message-ID: <20211015101511.699128-2-radu.nicolau@intel.com> (raw)
In-Reply-To: <20211015101511.699128-1-radu.nicolau@intel.com>

Add support for inline crypto for IPsec.

Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Signed-off-by: Abhijit Sinha <abhijit.sinha@intel.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
 drivers/common/iavf/iavf_type.h             |   1 +
 drivers/common/iavf/virtchnl.h              |  17 +-
 drivers/common/iavf/virtchnl_inline_ipsec.h | 553 ++++++++++++++++++++
 3 files changed, 569 insertions(+), 2 deletions(-)
 create mode 100644 drivers/common/iavf/virtchnl_inline_ipsec.h

diff --git a/drivers/common/iavf/iavf_type.h b/drivers/common/iavf/iavf_type.h
index 73dfb47e70..51267ca3b3 100644
--- a/drivers/common/iavf/iavf_type.h
+++ b/drivers/common/iavf/iavf_type.h
@@ -723,6 +723,7 @@ enum iavf_tx_desc_dtype_value {
 	IAVF_TX_DESC_DTYPE_NOP		= 0x1, /* same as Context desc */
 	IAVF_TX_DESC_DTYPE_CONTEXT	= 0x1,
 	IAVF_TX_DESC_DTYPE_FCOE_CTX	= 0x2,
+	IAVF_TX_DESC_DTYPE_IPSEC	= 0x3,
 	IAVF_TX_DESC_DTYPE_FILTER_PROG	= 0x8,
 	IAVF_TX_DESC_DTYPE_DDP_CTX	= 0x9,
 	IAVF_TX_DESC_DTYPE_FLEX_DATA	= 0xB,
diff --git a/drivers/common/iavf/virtchnl.h b/drivers/common/iavf/virtchnl.h
index 067f715945..269578f7c0 100644
--- a/drivers/common/iavf/virtchnl.h
+++ b/drivers/common/iavf/virtchnl.h
@@ -38,6 +38,8 @@
  * value in current and future projects
  */
 
+#include "virtchnl_inline_ipsec.h"
+
 /* Error Codes */
 enum virtchnl_status_code {
 	VIRTCHNL_STATUS_SUCCESS				= 0,
@@ -133,7 +135,8 @@ enum virtchnl_ops {
 	VIRTCHNL_OP_DISABLE_CHANNELS = 31,
 	VIRTCHNL_OP_ADD_CLOUD_FILTER = 32,
 	VIRTCHNL_OP_DEL_CLOUD_FILTER = 33,
-	/* opcodes 34, 35, 36, and 37 are reserved */
+	VIRTCHNL_OP_INLINE_IPSEC_CRYPTO = 34,
+	/* opcodes 35 and 36 are reserved */
 	VIRTCHNL_OP_DCF_CONFIG_BW = 37,
 	VIRTCHNL_OP_DCF_VLAN_OFFLOAD = 38,
 	VIRTCHNL_OP_DCF_CMD_DESC = 39,
@@ -225,6 +228,8 @@ static inline const char *virtchnl_op_str(enum virtchnl_ops v_opcode)
 		return "VIRTCHNL_OP_ADD_CLOUD_FILTER";
 	case VIRTCHNL_OP_DEL_CLOUD_FILTER:
 		return "VIRTCHNL_OP_DEL_CLOUD_FILTER";
+	case VIRTCHNL_OP_INLINE_IPSEC_CRYPTO:
+		return "VIRTCHNL_OP_INLINE_IPSEC_CRYPTO";
 	case VIRTCHNL_OP_DCF_CMD_DESC:
 		return "VIRTCHNL_OP_DCF_CMD_DESC";
 	case VIRTCHNL_OP_DCF_CMD_BUFF:
@@ -385,7 +390,7 @@ VIRTCHNL_CHECK_STRUCT_LEN(16, virtchnl_vsi_resource);
 #define VIRTCHNL_VF_OFFLOAD_REQ_QUEUES		BIT(6)
 /* used to negotiate communicating link speeds in Mbps */
 #define VIRTCHNL_VF_CAP_ADV_LINK_SPEED		BIT(7)
-	/* BIT(8) is reserved */
+#define VIRTCHNL_VF_OFFLOAD_INLINE_IPSEC_CRYPTO	BIT(8)
 #define VIRTCHNL_VF_LARGE_NUM_QPAIRS		BIT(9)
 #define VIRTCHNL_VF_OFFLOAD_CRC			BIT(10)
 #define VIRTCHNL_VF_OFFLOAD_VLAN_V2		BIT(15)
@@ -2291,6 +2296,14 @@ virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 				      sizeof(struct virtchnl_queue_vector);
 		}
 		break;
+
+	case VIRTCHNL_OP_INLINE_IPSEC_CRYPTO:
+	{
+		struct inline_ipsec_msg *iim = (struct inline_ipsec_msg *)msg;
+		valid_len =
+			virtchnl_inline_ipsec_val_msg_len(iim->ipsec_opcode);
+		break;
+	}
 	/* These are always errors coming from the VF. */
 	case VIRTCHNL_OP_EVENT:
 	case VIRTCHNL_OP_UNKNOWN:
diff --git a/drivers/common/iavf/virtchnl_inline_ipsec.h b/drivers/common/iavf/virtchnl_inline_ipsec.h
new file mode 100644
index 0000000000..1e9134501e
--- /dev/null
+++ b/drivers/common/iavf/virtchnl_inline_ipsec.h
@@ -0,0 +1,553 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2001-2021 Intel Corporation
+ */
+
+#ifndef _VIRTCHNL_INLINE_IPSEC_H_
+#define _VIRTCHNL_INLINE_IPSEC_H_
+
+#define VIRTCHNL_IPSEC_MAX_CRYPTO_CAP_NUM	3
+#define VIRTCHNL_IPSEC_MAX_ALGO_CAP_NUM		16
+#define VIRTCHNL_IPSEC_MAX_TX_DESC_NUM		128
+#define VIRTCHNL_IPSEC_MAX_CRYPTO_ITEM_NUMBER	2
+#define VIRTCHNL_IPSEC_MAX_KEY_LEN		128
+#define VIRTCHNL_IPSEC_MAX_SA_DESTROY_NUM	8
+#define VIRTCHNL_IPSEC_SA_DESTROY		0
+#define VIRTCHNL_IPSEC_BROADCAST_VFID		0xFFFFFFFF
+#define VIRTCHNL_IPSEC_INVALID_REQ_ID		0xFFFF
+#define VIRTCHNL_IPSEC_INVALID_SA_CFG_RESP	0xFFFFFFFF
+#define VIRTCHNL_IPSEC_INVALID_SP_CFG_RESP	0xFFFFFFFF
+
+/* crypto type */
+#define VIRTCHNL_AUTH		1
+#define VIRTCHNL_CIPHER		2
+#define VIRTCHNL_AEAD		3
+
+/* caps enabled */
+#define VIRTCHNL_IPSEC_ESN_ENA			BIT(0)
+#define VIRTCHNL_IPSEC_UDP_ENCAP_ENA		BIT(1)
+#define VIRTCHNL_IPSEC_SA_INDEX_SW_ENA		BIT(2)
+#define VIRTCHNL_IPSEC_AUDIT_ENA		BIT(3)
+#define VIRTCHNL_IPSEC_BYTE_LIMIT_ENA		BIT(4)
+#define VIRTCHNL_IPSEC_DROP_ON_AUTH_FAIL_ENA	BIT(5)
+#define VIRTCHNL_IPSEC_ARW_CHECK_ENA		BIT(6)
+#define VIRTCHNL_IPSEC_24BIT_SPI_ENA		BIT(7)
+
+/* algorithm type */
+/* Hash Algorithm */
+#define VIRTCHNL_HASH_NO_ALG	0 /* NULL algorithm */
+#define VIRTCHNL_AES_CBC_MAC	1 /* AES-CBC-MAC algorithm */
+#define VIRTCHNL_AES_CMAC	2 /* AES CMAC algorithm */
+#define VIRTCHNL_AES_GMAC	3 /* AES GMAC algorithm */
+#define VIRTCHNL_AES_XCBC_MAC	4 /* AES XCBC algorithm */
+#define VIRTCHNL_MD5_HMAC	5 /* HMAC using MD5 algorithm */
+#define VIRTCHNL_SHA1_HMAC	6 /* HMAC using 128 bit SHA algorithm */
+#define VIRTCHNL_SHA224_HMAC	7 /* HMAC using 224 bit SHA algorithm */
+#define VIRTCHNL_SHA256_HMAC	8 /* HMAC using 256 bit SHA algorithm */
+#define VIRTCHNL_SHA384_HMAC	9 /* HMAC using 384 bit SHA algorithm */
+#define VIRTCHNL_SHA512_HMAC	10 /* HMAC using 512 bit SHA algorithm */
+#define VIRTCHNL_SHA3_224_HMAC	11 /* HMAC using 224 bit SHA3 algorithm */
+#define VIRTCHNL_SHA3_256_HMAC	12 /* HMAC using 256 bit SHA3 algorithm */
+#define VIRTCHNL_SHA3_384_HMAC	13 /* HMAC using 384 bit SHA3 algorithm */
+#define VIRTCHNL_SHA3_512_HMAC	14 /* HMAC using 512 bit SHA3 algorithm */
+/* Cipher Algorithm */
+#define VIRTCHNL_CIPHER_NO_ALG	15 /* NULL algorithm */
+#define VIRTCHNL_3DES_CBC	16 /* Triple DES algorithm in CBC mode */
+#define VIRTCHNL_AES_CBC	17 /* AES algorithm in CBC mode */
+#define VIRTCHNL_AES_CTR	18 /* AES algorithm in Counter mode */
+/* AEAD Algorithm */
+#define VIRTCHNL_AES_CCM	19 /* AES algorithm in CCM mode */
+#define VIRTCHNL_AES_GCM	20 /* AES algorithm in GCM mode */
+#define VIRTCHNL_CHACHA20_POLY1305 21 /* algorithm of ChaCha20-Poly1305 */
+
+/* protocol type */
+#define VIRTCHNL_PROTO_ESP	1
+#define VIRTCHNL_PROTO_AH	2
+#define VIRTCHNL_PROTO_RSVD1	3
+
+/* sa mode */
+#define VIRTCHNL_SA_MODE_TRANSPORT	1
+#define VIRTCHNL_SA_MODE_TUNNEL		2
+#define VIRTCHNL_SA_MODE_TRAN_TUN	3
+#define VIRTCHNL_SA_MODE_UNKNOWN	4
+
+/* sa direction */
+#define VIRTCHNL_DIR_INGRESS		1
+#define VIRTCHNL_DIR_EGRESS		2
+#define VIRTCHNL_DIR_INGRESS_EGRESS	3
+
+/* sa termination */
+#define VIRTCHNL_TERM_SOFTWARE	1
+#define VIRTCHNL_TERM_HARDWARE	2
+
+/* sa ip type */
+#define VIRTCHNL_IPV4	1
+#define VIRTCHNL_IPV6	2
+
+/* for virtchnl_ipsec_resp */
+enum inline_ipsec_resp {
+	INLINE_IPSEC_SUCCESS = 0,
+	INLINE_IPSEC_FAIL = -1,
+	INLINE_IPSEC_ERR_FIFO_FULL = -2,
+	INLINE_IPSEC_ERR_NOT_READY = -3,
+	INLINE_IPSEC_ERR_VF_DOWN = -4,
+	INLINE_IPSEC_ERR_INVALID_PARAMS = -5,
+	INLINE_IPSEC_ERR_NO_MEM = -6,
+};
+
+/* Detailed opcodes for DPDK and IPsec use */
+enum inline_ipsec_ops {
+	INLINE_IPSEC_OP_GET_CAP = 0,
+	INLINE_IPSEC_OP_GET_STATUS = 1,
+	INLINE_IPSEC_OP_SA_CREATE = 2,
+	INLINE_IPSEC_OP_SA_UPDATE = 3,
+	INLINE_IPSEC_OP_SA_DESTROY = 4,
+	INLINE_IPSEC_OP_SP_CREATE = 5,
+	INLINE_IPSEC_OP_SP_DESTROY = 6,
+	INLINE_IPSEC_OP_SA_READ = 7,
+	INLINE_IPSEC_OP_EVENT = 8,
+	INLINE_IPSEC_OP_RESP = 9,
+};
+
+/* Not all valid, if certain field is invalid, set 1 for all bits */
+struct virtchnl_algo_cap  {
+	u32 algo_type;
+
+	u16 block_size;
+
+	u16 min_key_size;
+	u16 max_key_size;
+	u16 inc_key_size;
+
+	u16 min_iv_size;
+	u16 max_iv_size;
+	u16 inc_iv_size;
+
+	u16 min_digest_size;
+	u16 max_digest_size;
+	u16 inc_digest_size;
+
+	u16 min_aad_size;
+	u16 max_aad_size;
+	u16 inc_aad_size;
+} __rte_packed;
+
+/* vf record the capability of crypto from the virtchnl */
+struct virtchnl_sym_crypto_cap {
+	u8 crypto_type;
+	u8 algo_cap_num;
+	struct virtchnl_algo_cap algo_cap_list[VIRTCHNL_IPSEC_MAX_ALGO_CAP_NUM];
+} __rte_packed;
+
+/* VIRTCHNL_OP_GET_IPSEC_CAP
+ * VF pass virtchnl_ipsec_cap to PF
+ * and PF return capability of ipsec from virtchnl.
+ */
+struct virtchnl_ipsec_cap {
+	/* max number of SA per VF */
+	u16 max_sa_num;
+
+	/* IPsec SA Protocol - value ref VIRTCHNL_PROTO_XXX */
+	u8 virtchnl_protocol_type;
+
+	/* IPsec SA Mode - value ref VIRTCHNL_SA_MODE_XXX */
+	u8 virtchnl_sa_mode;
+
+	/* IPSec SA Direction - value ref VIRTCHNL_DIR_XXX */
+	u8 virtchnl_direction;
+
+	/* termination mode - value ref VIRTCHNL_TERM_XXX */
+	u8 termination_mode;
+
+	/* number of supported crypto capability */
+	u8 crypto_cap_num;
+
+	/* descriptor ID */
+	u16 desc_id;
+
+	/* capabilities enabled - value ref VIRTCHNL_IPSEC_XXX_ENA */
+	u32 caps_enabled;
+
+	/* crypto capabilities */
+	struct virtchnl_sym_crypto_cap cap[VIRTCHNL_IPSEC_MAX_CRYPTO_CAP_NUM];
+} __rte_packed;
+
+/* configuration of crypto function */
+struct virtchnl_ipsec_crypto_cfg_item {
+	u8 crypto_type;
+
+	u32 algo_type;
+
+	/* Length of valid IV data. */
+	u16 iv_len;
+
+	/* Length of digest */
+	u16 digest_len;
+
+	/* SA salt */
+	u32 salt;
+
+	/* The length of the symmetric key */
+	u16 key_len;
+
+	/* key data buffer */
+	u8 key_data[VIRTCHNL_IPSEC_MAX_KEY_LEN];
+} __rte_packed;
+
+struct virtchnl_ipsec_sym_crypto_cfg {
+	struct virtchnl_ipsec_crypto_cfg_item
+		items[VIRTCHNL_IPSEC_MAX_CRYPTO_ITEM_NUMBER];
+};
+
+/* VIRTCHNL_OP_IPSEC_SA_CREATE
+ * VF send this SA configuration to PF using virtchnl;
+ * PF create SA as configuration and PF driver will return
+ * an unique index (sa_idx) for the created SA.
+ */
+struct virtchnl_ipsec_sa_cfg {
+	/* IPsec SA Protocol - AH/ESP */
+	u8 virtchnl_protocol_type;
+
+	/* termination mode - value ref VIRTCHNL_TERM_XXX */
+	u8 virtchnl_termination;
+
+	/* type of outer IP - IPv4/IPv6 */
+	u8 virtchnl_ip_type;
+
+	/* type of esn - !0:enable/0:disable */
+	u8 esn_enabled;
+
+	/* udp encap - !0:enable/0:disable */
+	u8 udp_encap_enabled;
+
+	/* IPSec SA Direction - value ref VIRTCHNL_DIR_XXX */
+	u8 virtchnl_direction;
+
+	/* reserved */
+	u8 reserved1;
+
+	/* SA security parameter index */
+	u32 spi;
+
+	/* outer src ip address */
+	u8 src_addr[16];
+
+	/* outer dst ip address */
+	u8 dst_addr[16];
+
+	/* SPD reference. Used to link an SA with its policy.
+	 * PF drivers may ignore this field.
+	 */
+	u16 spd_ref;
+
+	/* high 32 bits of esn */
+	u32 esn_hi;
+
+	/* low 32 bits of esn */
+	u32 esn_low;
+
+	/* When enabled, sa_index must be valid */
+	u8 sa_index_en;
+
+	/* SA index when sa_index_en is true */
+	u32 sa_index;
+
+	/* auditing mode - enable/disable */
+	u8 audit_en;
+
+	/* lifetime byte limit - enable/disable
+	 * When enabled, byte_limit_hard and byte_limit_soft
+	 * must be valid.
+	 */
+	u8 byte_limit_en;
+
+	/* hard byte limit count */
+	u64 byte_limit_hard;
+
+	/* soft byte limit count */
+	u64 byte_limit_soft;
+
+	/* drop on authentication failure - enable/disable */
+	u8 drop_on_auth_fail_en;
+
+	/* anti-reply window check - enable/disable
+	 * When enabled, arw_size must be valid.
+	 */
+	u8 arw_check_en;
+
+	/* size of arw window, offset by 1. Setting to 0
+	 * represents ARW window size of 1. Setting to 127
+	 * represents ARW window size of 128
+	 */
+	u8 arw_size;
+
+	/* no ip offload mode - enable/disable
+	 * When enabled, ip type and address must not be valid.
+	 */
+	u8 no_ip_offload_en;
+
+	/* SA Domain. Used to logical separate an SADB into groups.
+	 * PF drivers supporting a single group ignore this field.
+	 */
+	u16 sa_domain;
+
+	/* crypto configuration */
+	struct virtchnl_ipsec_sym_crypto_cfg crypto_cfg;
+} __rte_packed;
+
+/* VIRTCHNL_OP_IPSEC_SA_UPDATE
+ * VF send configuration of index of SA to PF
+ * PF will update SA according to configuration
+ */
+struct virtchnl_ipsec_sa_update {
+	u32 sa_index; /* SA to update */
+	u32 esn_hi; /* high 32 bits of esn */
+	u32 esn_low; /* low 32 bits of esn */
+} __rte_packed;
+
+/* VIRTCHNL_OP_IPSEC_SA_DESTROY
+ * VF send configuration of index of SA to PF
+ * PF will destroy SA according to configuration
+ * flag bitmap indicate all SA or just selected SA will
+ * be destroyed
+ */
+struct virtchnl_ipsec_sa_destroy {
+	/* All zero bitmap indicates all SA will be destroyed.
+	 * Non-zero bitmap indicates the selected SA in
+	 * array sa_index will be destroyed.
+	 */
+	u8 flag;
+
+	/* selected SA index */
+	u32 sa_index[VIRTCHNL_IPSEC_MAX_SA_DESTROY_NUM];
+} __rte_packed;
+
+/* VIRTCHNL_OP_IPSEC_SA_READ
+ * VF send this SA configuration to PF using virtchnl;
+ * PF read SA and will return configuration for the created SA.
+ */
+struct virtchnl_ipsec_sa_read {
+	/* SA valid - invalid/valid */
+	u8 valid;
+
+	/* SA active - inactive/active */
+	u8 active;
+
+	/* SA SN rollover - not_rollover/rollover */
+	u8 sn_rollover;
+
+	/* IPsec SA Protocol - AH/ESP */
+	u8 virtchnl_protocol_type;
+
+	/* termination mode - value ref VIRTCHNL_TERM_XXX */
+	u8 virtchnl_termination;
+
+	/* auditing mode - enable/disable */
+	u8 audit_en;
+
+	/* lifetime byte limit - enable/disable
+	 * When set to limit, byte_limit_hard and byte_limit_soft
+	 * must be valid.
+	 */
+	u8 byte_limit_en;
+
+	/* hard byte limit count */
+	u64 byte_limit_hard;
+
+	/* soft byte limit count */
+	u64 byte_limit_soft;
+
+	/* drop on authentication failure - enable/disable */
+	u8 drop_on_auth_fail_en;
+
+	/* anti-replay window check - enable/disable
+	 * When set to check, arw_size, arw_top, and arw must be valid
+	 */
+	u8 arw_check_en;
+
+	/* size of arw window, offset by 1. Setting to 0
+	 * represents ARW window size of 1. Setting to 127
+	 * represents ARW window size of 128
+	 */
+	u8 arw_size;
+
+	/* reserved */
+	u8 reserved1;
+
+	/* top of anti-replay-window */
+	u64 arw_top;
+
+	/* anti-replay-window */
+	u8 arw[16];
+
+	/* packets processed  */
+	u64 packets_processed;
+
+	/* bytes processed  */
+	u64 bytes_processed;
+
+	/* packets dropped  */
+	u32 packets_dropped;
+
+	/* authentication failures */
+	u32 auth_fails;
+
+	/* ARW check failures */
+	u32 arw_fails;
+
+	/* type of esn - enable/disable */
+	u8 esn;
+
+	/* IPSec SA Direction - value ref VIRTCHNL_DIR_XXX */
+	u8 virtchnl_direction;
+
+	/* SA security parameter index */
+	u32 spi;
+
+	/* SA salt */
+	u32 salt;
+
+	/* high 32 bits of esn */
+	u32 esn_hi;
+
+	/* low 32 bits of esn */
+	u32 esn_low;
+
+	/* SA Domain. Used to logical separate an SADB into groups.
+	 * PF drivers supporting a single group ignore this field.
+	 */
+	u16 sa_domain;
+
+	/* SPD reference. Used to link an SA with its policy.
+	 * PF drivers may ignore this field.
+	 */
+	u16 spd_ref;
+
+	/* crypto configuration. Salt and keys are set to 0 */
+	struct virtchnl_ipsec_sym_crypto_cfg crypto_cfg;
+} __rte_packed;
+
+
+#define VIRTCHNL_IPSEC_INBOUND_SPD_TBL_IPV4	(0)
+#define VIRTCHNL_IPSEC_INBOUND_SPD_TBL_IPV6	(1)
+
+/* Add allowlist entry in IES */
+struct virtchnl_ipsec_sp_cfg {
+	u32 spi;
+	u32 dip[4];
+
+	/* Drop frame if true or redirect to QAT if false. */
+	u8 drop;
+
+	/* Congestion domain. For future use. */
+	u8 cgd;
+
+	/* 0 for IPv4 table, 1 for IPv6 table. */
+	u8 table_id;
+
+	/* Set TC (congestion domain) if true. For future use. */
+	u8 set_tc;
+} __rte_packed;
+
+
+/* Delete allowlist entry in IES */
+struct virtchnl_ipsec_sp_destroy {
+	/* 0 for IPv4 table, 1 for IPv6 table. */
+	u8 table_id;
+	u32 rule_id;
+} __rte_packed;
+
+/* Response from IES to allowlist operations */
+struct virtchnl_ipsec_sp_cfg_resp {
+	u32 rule_id;
+};
+
+struct virtchnl_ipsec_sa_cfg_resp {
+	u32 sa_handle;
+};
+
+#define INLINE_IPSEC_EVENT_RESET	0x1
+#define INLINE_IPSEC_EVENT_CRYPTO_ON	0x2
+#define INLINE_IPSEC_EVENT_CRYPTO_OFF	0x4
+
+struct virtchnl_ipsec_event {
+	u32 ipsec_event_data;
+};
+
+#define INLINE_IPSEC_STATUS_AVAILABLE	0x1
+#define INLINE_IPSEC_STATUS_UNAVAILABLE	0x2
+
+struct virtchnl_ipsec_status {
+	u32 status;
+};
+
+struct virtchnl_ipsec_resp {
+	u32 resp;
+};
+
+/* Internal message descriptor for VF <-> IPsec communication */
+struct inline_ipsec_msg {
+	u16 ipsec_opcode;
+	u16 req_id;
+
+	union {
+		/* IPsec request */
+		struct virtchnl_ipsec_sa_cfg sa_cfg[0];
+		struct virtchnl_ipsec_sp_cfg sp_cfg[0];
+		struct virtchnl_ipsec_sa_update sa_update[0];
+		struct virtchnl_ipsec_sa_destroy sa_destroy[0];
+		struct virtchnl_ipsec_sp_destroy sp_destroy[0];
+
+		/* IPsec response */
+		struct virtchnl_ipsec_sa_cfg_resp sa_cfg_resp[0];
+		struct virtchnl_ipsec_sp_cfg_resp sp_cfg_resp[0];
+		struct virtchnl_ipsec_cap ipsec_cap[0];
+		struct virtchnl_ipsec_status ipsec_status[0];
+		/* response to del_sa, del_sp, update_sa */
+		struct virtchnl_ipsec_resp ipsec_resp[0];
+
+		/* IPsec event (no req_id is required) */
+		struct virtchnl_ipsec_event event[0];
+
+		/* Reserved */
+		struct virtchnl_ipsec_sa_read sa_read[0];
+	} ipsec_data;
+} __rte_packed;
+
+static inline u16 virtchnl_inline_ipsec_val_msg_len(u16 opcode)
+{
+	u16 valid_len = sizeof(struct inline_ipsec_msg);
+
+	switch (opcode) {
+	case INLINE_IPSEC_OP_GET_CAP:
+	case INLINE_IPSEC_OP_GET_STATUS:
+		break;
+	case INLINE_IPSEC_OP_SA_CREATE:
+		valid_len += sizeof(struct virtchnl_ipsec_sa_cfg);
+		break;
+	case INLINE_IPSEC_OP_SP_CREATE:
+		valid_len += sizeof(struct virtchnl_ipsec_sp_cfg);
+		break;
+	case INLINE_IPSEC_OP_SA_UPDATE:
+		valid_len += sizeof(struct virtchnl_ipsec_sa_update);
+		break;
+	case INLINE_IPSEC_OP_SA_DESTROY:
+		valid_len += sizeof(struct virtchnl_ipsec_sa_destroy);
+		break;
+	case INLINE_IPSEC_OP_SP_DESTROY:
+		valid_len += sizeof(struct virtchnl_ipsec_sp_destroy);
+		break;
+	/* Only for msg length calculation of response to VF in case of
+	 * inline ipsec failure.
+	 */
+	case INLINE_IPSEC_OP_RESP:
+		valid_len += sizeof(struct virtchnl_ipsec_resp);
+		break;
+	default:
+		valid_len = 0;
+		break;
+	}
+
+	return valid_len;
+}
+
+#endif /* _VIRTCHNL_INLINE_IPSEC_H_ */
-- 
2.25.1


  reply	other threads:[~2021-10-15 10:27 UTC|newest]

Thread overview: 128+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-09 14:24 [dpdk-dev] [PATCH 0/4] iavf: " Radu Nicolau
2021-09-09 14:24 ` [dpdk-dev] [PATCH 1/4] common/iavf: " Radu Nicolau
2021-09-09 14:24 ` [dpdk-dev] [PATCH 2/4] net/iavf: " Radu Nicolau
2021-09-09 14:24 ` [dpdk-dev] [PATCH 3/4] net/iavf: Add xstats support for inline IPsec crypto Radu Nicolau
2021-09-09 14:24 ` [dpdk-dev] [PATCH 4/4] net/iavf: add watchdog for VFLR Radu Nicolau
2021-09-15 13:32 ` [dpdk-dev] [PATCH v2 0/4] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-09-15 13:32   ` [dpdk-dev] [PATCH v2 1/4] common/iavf: " Radu Nicolau
2021-09-15 13:32   ` [dpdk-dev] [PATCH v2 2/4] net/iavf: " Radu Nicolau
2021-09-18  5:28     ` Wu, Jingjing
2021-09-20 13:44       ` Nicolau, Radu
2021-09-15 13:32   ` [dpdk-dev] [PATCH v2 3/4] net/iavf: Add xstats support for inline IPsec crypto Radu Nicolau
2021-09-15 13:32   ` [dpdk-dev] [PATCH v2 4/4] net/iavf: add watchdog for VFLR Radu Nicolau
2021-09-20 13:51 ` [dpdk-dev] [PATCH v3 0/6] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-09-20 13:51   ` [dpdk-dev] [PATCH v3 1/6] common/iavf: " Radu Nicolau
2021-09-20 13:51   ` [dpdk-dev] [PATCH v3 2/6] net/iavf: rework tx path Radu Nicolau
2021-09-20 13:51   ` [dpdk-dev] [PATCH v3 3/6] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-09-20 13:52   ` [dpdk-dev] [PATCH v3 4/6] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-09-20 13:52   ` [dpdk-dev] [PATCH v3 5/6] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-09-20 13:52   ` [dpdk-dev] [PATCH v3 6/6] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-01  9:51 ` [dpdk-dev] [PATCH v4 0/6] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-01  9:51   ` [dpdk-dev] [PATCH v4 1/6] common/iavf: " Radu Nicolau
2021-10-01  9:51   ` [dpdk-dev] [PATCH v4 2/6] net/iavf: rework tx path Radu Nicolau
2021-10-04  1:24     ` Wu, Jingjing
2021-10-01  9:51   ` [dpdk-dev] [PATCH v4 3/6] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-04  1:34     ` Wu, Jingjing
2021-10-01  9:51   ` [dpdk-dev] [PATCH v4 4/6] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-04  1:50     ` Wu, Jingjing
2021-10-01  9:51   ` [dpdk-dev] [PATCH v4 5/6] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-04  2:01     ` Wu, Jingjing
2021-10-01  9:51   ` [dpdk-dev] [PATCH v4 6/6] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-04  2:15     ` Wu, Jingjing
2021-10-04 11:18       ` Nicolau, Radu
2021-10-04 14:21         ` Nicolau, Radu
2021-10-08  6:19         ` Wu, Jingjing
2021-10-08 10:09           ` Nicolau, Radu
2021-10-06  9:28 ` [dpdk-dev] [PATCH v5 0/6] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-06  9:28   ` [dpdk-dev] [PATCH v5 1/6] common/iavf: " Radu Nicolau
2021-10-06  9:28   ` [dpdk-dev] [PATCH v5 2/6] net/iavf: rework tx path Radu Nicolau
2021-10-06  9:28   ` [dpdk-dev] [PATCH v5 3/6] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-06  9:28   ` [dpdk-dev] [PATCH v5 4/6] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-06  9:28   ` [dpdk-dev] [PATCH v5 5/6] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-06  9:28   ` [dpdk-dev] [PATCH v5 6/6] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-08 10:19 ` [dpdk-dev] [PATCH v6 0/6] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-08 10:19   ` [dpdk-dev] [PATCH v6 1/6] common/iavf: " Radu Nicolau
2021-10-08 10:20   ` [dpdk-dev] [PATCH v6 2/6] net/iavf: rework tx path Radu Nicolau
2021-10-08 10:20   ` [dpdk-dev] [PATCH v6 3/6] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-08 10:20   ` [dpdk-dev] [PATCH v6 4/6] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-08 10:20   ` [dpdk-dev] [PATCH v6 5/6] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-08 10:20   ` [dpdk-dev] [PATCH v6 6/6] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-13 15:33 ` [dpdk-dev] [PATCH v7 0/6] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-13 15:33   ` [dpdk-dev] [PATCH v7 1/6] common/iavf: " Radu Nicolau
2021-10-13 15:33   ` [dpdk-dev] [PATCH v7 2/6] net/iavf: rework tx path Radu Nicolau
2021-10-13 15:33   ` [dpdk-dev] [PATCH v7 3/6] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-13 15:33   ` [dpdk-dev] [PATCH v7 4/6] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-13 15:33   ` [dpdk-dev] [PATCH v7 5/6] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-13 15:33   ` [dpdk-dev] [PATCH v7 6/6] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-15 10:15 ` [dpdk-dev] [PATCH v8 0/7] iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-15 10:15   ` Radu Nicolau [this message]
2021-10-15 10:15   ` [dpdk-dev] [PATCH v8 2/7] net/iavf: rework tx path Radu Nicolau
2021-10-15 10:15   ` [dpdk-dev] [PATCH v8 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-15 10:15   ` [dpdk-dev] [PATCH v8 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-15 10:15   ` [dpdk-dev] [PATCH v8 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-15 10:15   ` [dpdk-dev] [PATCH v8 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-18  5:34     ` Wu, Jingjing
2021-10-15 10:15   ` [dpdk-dev] [PATCH v8 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-18 10:10 ` [dpdk-dev] [PATCH v9 0/7] iavf: add iAVF IPsec " Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 1/7] common/iavf: " Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 2/7] net/iavf: rework tx path Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-18 10:10   ` [dpdk-dev] [PATCH v9 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-19  9:23 ` [dpdk-dev] [PATCH v10 0/7] iavf: add iAVF IPsec " Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 1/7] common/iavf: " Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 2/7] net/iavf: rework tx path Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-19  9:23   ` [dpdk-dev] [PATCH v10 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-26 10:38 ` [dpdk-dev] [PATCH v11 0/7] iavf: add iAVF IPsec " Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 1/7] common/iavf: " Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 2/7] net/iavf: rework tx path Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-26 10:38   ` [dpdk-dev] [PATCH v11 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-26 12:30   ` [dpdk-dev] [PATCH v11 0/7] iavf: add iAVF IPsec " Zhang, Qi Z
2021-10-26 13:56 ` [dpdk-dev] [PATCH v12 " Radu Nicolau
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 1/7] common/iavf: " Radu Nicolau
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 2/7] net/iavf: rework tx path Radu Nicolau
2021-10-27  0:43     ` Zhang, Qi Z
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-27  0:36     ` Zhang, Qi Z
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-26 13:56   ` [dpdk-dev] [PATCH v12 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-27  0:36   ` [dpdk-dev] [PATCH v12 0/7] iavf: add iAVF IPsec " Zhang, Qi Z
2021-10-28 14:47   ` Ferruh Yigit
2021-10-28 15:52 ` [dpdk-dev] [PATCH v13 " Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 1/7] common/iavf: " Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 2/7] net/iavf: rework tx path Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-10-28 15:52   ` [dpdk-dev] [PATCH v13 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-28 16:04 ` [dpdk-dev] [PATCH v13 0/7] iavf: add iAVF IPsec " Radu Nicolau
2021-10-28 16:04   ` [dpdk-dev] [PATCH v13 1/7] common/iavf: " Radu Nicolau
2021-10-28 16:04   ` [dpdk-dev] [PATCH v13 2/7] net/iavf: rework Tx path Radu Nicolau
2021-10-28 16:04   ` [dpdk-dev] [PATCH v13 3/7] net/iavf: add support for asynchronous virt channel messages Radu Nicolau
2021-10-29 20:33     ` Ferruh Yigit
2021-10-28 16:04   ` [dpdk-dev] [PATCH v13 4/7] net/iavf: add iAVF IPsec inline crypto support Radu Nicolau
2021-10-29 17:33     ` Ferruh Yigit
2021-10-30 20:41     ` David Marchand
2021-11-01 10:45       ` Ferruh Yigit
2021-11-01 11:36         ` Ferruh Yigit
2021-11-01 11:41           ` Ferruh Yigit
2021-10-28 16:04   ` [dpdk-dev] [PATCH v13 5/7] net/iavf: add xstats support for inline IPsec crypto Radu Nicolau
2021-10-29 19:32     ` Ferruh Yigit
2021-10-28 16:04   ` [dpdk-dev] [PATCH v13 6/7] net/iavf: add watchdog for VFLR Radu Nicolau
2021-11-05 11:54     ` Ferruh Yigit
2021-10-28 16:05   ` [dpdk-dev] [PATCH v13 7/7] net/iavf: update doc with inline crypto support Radu Nicolau
2021-10-29 13:27     ` Ferruh Yigit
2021-10-29  2:21   ` [dpdk-dev] [PATCH v13 0/7] iavf: add iAVF IPsec " Zhang, Qi Z

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211015101511.699128-2-radu.nicolau@intel.com \
    --to=radu.nicolau@intel.com \
    --cc=abhijit.sinha@intel.com \
    --cc=beilei.xing@intel.com \
    --cc=bruce.richardson@intel.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=jingjing.wu@intel.com \
    --cc=konstantin.ananyev@intel.com \
    --cc=qi.z.zhang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).