From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id CFB12A00C4;
	Wed, 28 Sep 2022 20:24:37 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id AB4B74281E;
	Wed, 28 Sep 2022 20:24:32 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 0C85442802
 for <dev@dpdk.org>; Wed, 28 Sep 2022 20:24:30 +0200 (CEST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SFPZU0029114;
 Wed, 28 Sep 2022 11:24:29 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=kIk6ND3mVhz6qvUiP6omMIwPPUNMHkje+cA0qTeh+BY=;
 b=c8efcFmAAMjRfVwjHjzlMvbkQDzEhpdnKE9mVQOplikbqv8uJcURXiZem+sznT4S3lRb
 0iDZ4vS6SH1JXKMQBY364jCHfFQ4ONHMDmLeep4fkPFGBgylGLgsk9ZhLdDyHu2Q/C5P
 Ad+P4KgTm++3fPC6g5g39p5DY0W20Mnri9CaZU1yq5WrAPJW3LINe+eQXyGQiEn1oL3k
 riuKkn7ufLHPJFRnKKduljcmSY13CKCsRHvRNNol8W/B0h8f0eVNhtKaz/Dx73ZKny64
 hMfNiz4FLYgB0NIUnNsqtIs6q0zjLVlDFUXQfDgKy2Jmhp0s4jtXtrj1t0dV1kX9vEFx gw== 
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jvrvjgu4n-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Wed, 28 Sep 2022 11:24:29 -0700
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Wed, 28 Sep 2022 11:24:27 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Wed, 28 Sep 2022 11:24:27 -0700
Received: from localhost.localdomain (unknown [10.28.36.102])
 by maili.marvell.com (Postfix) with ESMTP id 140E33F70FD;
 Wed, 28 Sep 2022 11:24:22 -0700 (PDT)
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
CC: <thomas@monjalon.net>, <olivier.matz@6wind.com>, <orika@nvidia.com>,
 <david.marchand@redhat.com>, <hemant.agrawal@nxp.com>,
 <vattunuru@marvell.com>, <ferruh.yigit@xilinx.com>,
 <andrew.rybchenko@oktetlabs.ru>, <konstantin.v.ananyev@yandex.ru>,
 <jiawenwu@trustnetic.com>, <yisen.zhuang@huawei.com>,
 <irusskikh@marvell.com>, <qiming.yang@intel.com>, <jerinj@marvell.com>,
 <adwivedi@marvell.com>, Akhil Goyal <gakhil@marvell.com>
Subject: [PATCH v3 2/3] ethdev: add MACsec flow item
Date: Wed, 28 Sep 2022 23:54:09 +0530
Message-ID: <20220928182410.309053-3-gakhil@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20220928182410.309053-1-gakhil@marvell.com>
References: <20220928122253.23108-1-gakhil@marvell.com>
 <20220928182410.309053-1-gakhil@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-GUID: gdMldUZzSQa9HSpEOJZmIIFw_TxH5foK
X-Proofpoint-ORIG-GUID: gdMldUZzSQa9HSpEOJZmIIFw_TxH5foK
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1
 definitions=2022-09-28_07,2022-09-28_01,2022-06-22_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

A new flow item is defined for MACsec flows which can be
offloaded to an inline device. If the flow matches with
MACsec header, device will process as per the security
session created using rte_security APIs.
If an error comes while MACsec processing in HW, PMD will
notify with the events defined in this patch.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Ori Kam <orika@nvidia.com>
---
 lib/ethdev/rte_ethdev.h | 76 +++++++++++++++++++++++++++++++++++++++++
 lib/ethdev/rte_flow.h   | 18 ++++++++++
 2 files changed, 94 insertions(+)

diff --git a/lib/ethdev/rte_ethdev.h b/lib/ethdev/rte_ethdev.h
index 19e2a8eb3f..8082d5e9e2 100644
--- a/lib/ethdev/rte_ethdev.h
+++ b/lib/ethdev/rte_ethdev.h
@@ -3579,6 +3579,82 @@ rte_eth_tx_buffer_count_callback(struct rte_mbuf **pkts, uint16_t unsent,
 int
 rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id, uint32_t free_cnt);
 
+/**
+ * Subtypes for MACsec offload event(@ref RTE_ETH_EVENT_MACSEC) raised by
+ * Ethernet device.
+ */
+enum rte_eth_event_macsec_subtype {
+	/** Notifies unknown MACsec subevent. */
+	RTE_ETH_SUBEVENT_MACSEC_UNKNOWN,
+	/**
+	 * Subevent of RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR sectag validation events
+	 *	Validation check: SecTag.TCI.V = 1
+	 */
+	RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_V_EQ1,
+	/**
+	 * Subevent of RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR sectag validation events
+	 *	Validation check: SecTag.TCI.E = 0 && SecTag.TCI.C = 1
+	 */
+	RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_E_EQ0_C_EQ1,
+	/**
+	 * Subevent of RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR sectag validation events
+	 *	Validation check: SecTag.SL >= 'd48
+	 */
+	RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_SL_GTE48,
+	/**
+	 * Subevent of RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR sectag validation events
+	 *	Validation check: SecTag.TCI.ES = 1 && SecTag.TCI.SC = 1
+	 */
+	RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_ES_EQ1_SC_EQ1,
+	/**
+	 * Subevent of RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR sectag validation events
+	 *	Validation check: SecTag.TCI.SC = 1 && SecTag.TCI.SCB = 1
+	 */
+	RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_SC_EQ1_SCB_EQ1,
+};
+
+/**
+ * Event types for MACsec offload event(@ref RTE_ETH_EVENT_MACSEC) raised by
+ * eth device.
+ */
+enum rte_eth_event_macsec_type {
+	/** Notifies unknown MACsec event. */
+	RTE_ETH_EVENT_MACSEC_UNKNOWN,
+	/** Notifies Sectag validation failure events. */
+	RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR,
+	/** Notifies Rx SA hard expiry events. */
+	RTE_ETH_EVENT_MACSEC_RX_SA_PN_HARD_EXP,
+	/** Notifies Rx SA soft expiry events. */
+	RTE_ETH_EVENT_MACSEC_RX_SA_PN_SOFT_EXP,
+	/** Notifies Tx SA hard expiry events. */
+	RTE_ETH_EVENT_MACSEC_TX_SA_PN_HARD_EXP,
+	/** Notifies Tx SA soft events. */
+	RTE_ETH_EVENT_MACSEC_TX_SA_PN_SOFT_EXP,
+	/** Notifies Invalid SA event. */
+	RTE_ETH_EVENT_MACSEC_SA_NOT_VALID,
+};
+
+/**
+ * Descriptor for @ref RTE_ETH_EVENT_MACSEC event. Used by eth dev to send extra
+ * information of the MACsec offload event.
+ */
+struct rte_eth_event_macsec_desc {
+	/** Type of RTE_ETH_EVENT_MACSEC_* event. */
+	enum rte_eth_event_macsec_type type;
+	/** Type of RTE_ETH_SUBEVENT_MACSEC_* subevent. */
+	enum rte_eth_event_macsec_subtype subtype;
+	/**
+	 * Event specific metadata.
+	 *
+	 * For the following events, *userdata* registered
+	 * with the *rte_security_session* would be returned
+	 * as metadata,
+	 *
+	 * @see struct rte_security_session_conf.
+	 */
+	uint64_t metadata;
+};
+
 /**
  * Subtypes for IPsec offload event(@ref RTE_ETH_EVENT_IPSEC) raised by
  * eth device.
diff --git a/lib/ethdev/rte_flow.h b/lib/ethdev/rte_flow.h
index 96147a149a..e966488965 100644
--- a/lib/ethdev/rte_flow.h
+++ b/lib/ethdev/rte_flow.h
@@ -35,6 +35,7 @@
 #include <rte_l2tpv2.h>
 #include <rte_ppp.h>
 #include <rte_gre.h>
+#include <rte_macsec.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -626,6 +627,13 @@ enum rte_flow_item_type {
 	 * See struct rte_flow_item_gre_opt.
 	 */
 	RTE_FLOW_ITEM_TYPE_GRE_OPTION,
+
+	/**
+	 * Matches MACsec Ethernet Header.
+	 *
+	 * See struct rte_flow_item_macsec.
+	 */
+	RTE_FLOW_ITEM_TYPE_MACSEC,
 };
 
 /**
@@ -1099,6 +1107,16 @@ struct rte_flow_item_gre_opt {
 	struct rte_gre_hdr_opt_sequence sequence;
 };
 
+/**
+ * RTE_FLOW_ITEM_TYPE_MACSEC.
+ *
+ * Matches MACsec header.
+ */
+struct rte_flow_item_macsec {
+	struct rte_macsec_hdr macsec_hdr;
+};
+
+
 /**
  * RTE_FLOW_ITEM_TYPE_FUZZY
  *
-- 
2.25.1