DPDK patches and discussions
 help / color / mirror / Atom feed
From: <psatheesh@marvell.com>
To: Nithin Dabilpuram <ndabilpuram@marvell.com>,
	Kiran Kumar K <kirankumark@marvell.com>,
	Sunil Kumar Kori <skori@marvell.com>,
	Satha Rao <skoteshwar@marvell.com>
Cc: <dev@dpdk.org>, Satheesh Paul <psatheesh@marvell.com>,
	Jerin Jacob <jerinj@marvell.com>
Subject: [dpdk-dev] [PATCH v2 1/4] common/cnxk: support SPI to SA index
Date: Wed, 11 Jan 2023 11:08:11 +0530	[thread overview]
Message-ID: <20230111053814.979400-1-psatheesh@marvell.com> (raw)
In-Reply-To: <20221201042011.2977887-1-psatheesh@marvell.com>

From: Satheesh Paul <psatheesh@marvell.com>

In case of IPsec, the inbound SPI can be random. HW supports mapping
SPI to an arbitrary SA index. SPI to SA index is done using a lookup
in NPC cam entry with key as SPI, MATCH_ID, LFID. Adding mailbox API
changes to configure the match table and adding rte flow driver
changes to program the match table.

Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
---
v2:
* Addressed naming related comment.
* Added dependent patches in this series.

 drivers/common/cnxk/roc_mbox.h      | 28 ++++++++-
 drivers/common/cnxk/roc_npc.c       | 93 +++++++++++++++++++++++------
 drivers/common/cnxk/roc_npc.h       | 19 ++++++
 drivers/common/cnxk/roc_npc_parse.c |  4 ++
 4 files changed, 126 insertions(+), 18 deletions(-)

diff --git a/drivers/common/cnxk/roc_mbox.h b/drivers/common/cnxk/roc_mbox.h
index 8b0384c737..0989bddc3b 100644
--- a/drivers/common/cnxk/roc_mbox.h
+++ b/drivers/common/cnxk/roc_mbox.h
@@ -268,7 +268,11 @@ struct mbox_msghdr {
 	M(NIX_READ_INLINE_IPSEC_CFG, 0x8023, nix_read_inline_ipsec_cfg,        \
 	  msg_req, nix_inline_ipsec_cfg)				       \
 	M(NIX_LF_INLINE_RQ_CFG, 0x8024, nix_lf_inline_rq_cfg,                  \
-	  nix_rq_cpt_field_mask_cfg_req, msg_rsp)
+	  nix_rq_cpt_field_mask_cfg_req, msg_rsp)                              \
+	M(NIX_SPI_TO_SA_ADD, 0x8026, nix_spi_to_sa_add, nix_spi_to_sa_add_req, \
+	  nix_spi_to_sa_add_rsp)                                               \
+	M(NIX_SPI_TO_SA_DELETE, 0x8027, nix_spi_to_sa_delete,                  \
+	  nix_spi_to_sa_delete_req, msg_rsp)
 
 /* Messages initiated by AF (range 0xC00 - 0xDFF) */
 #define MBOX_UP_CGX_MESSAGES                                                   \
@@ -2048,4 +2052,26 @@ struct sdp_chan_info_msg {
 	struct sdp_node_info info;
 };
 
+/* For SPI to SA index add */
+struct nix_spi_to_sa_add_req {
+	struct mbox_msghdr hdr;
+	uint32_t __io sa_index;
+	uint32_t __io spi_index;
+	uint16_t __io match_id;
+	bool __io valid;
+};
+
+struct nix_spi_to_sa_add_rsp {
+	struct mbox_msghdr hdr;
+	uint16_t __io hash_index;
+	uint8_t __io way;
+	uint8_t __io is_duplicate;
+};
+
+/* To free SPI to SA index */
+struct nix_spi_to_sa_delete_req {
+	struct mbox_msghdr hdr;
+	uint16_t __io hash_index;
+	uint8_t __io way;
+};
 #endif /* __ROC_MBOX_H__ */
diff --git a/drivers/common/cnxk/roc_npc.c b/drivers/common/cnxk/roc_npc.c
index b38389b18a..b38396fd1e 100644
--- a/drivers/common/cnxk/roc_npc.c
+++ b/drivers/common/cnxk/roc_npc.c
@@ -341,20 +341,26 @@ roc_npc_validate_portid_action(struct roc_npc *roc_npc_src,
 }
 
 static int
-npc_parse_msns_action(struct roc_npc *roc_npc, const struct roc_npc_action *act,
-		      struct roc_npc_flow *flow, uint8_t *has_msns_action)
+npc_parse_spi_to_sa_action(struct roc_npc *roc_npc, const struct roc_npc_action *act,
+			   struct roc_npc_flow *flow, uint8_t *has_spi_to_sa_action)
 {
 	const struct roc_npc_sec_action *sec_action;
+	struct nix_spi_to_sa_add_req *req;
+	struct nix_spi_to_sa_add_rsp *rsp;
+	struct nix_inl_dev *inl_dev;
+	struct idev_cfg *idev;
 	union {
 		uint64_t reg;
 		union nix_rx_vtag_action_u act;
 	} vtag_act;
+	struct mbox *mbox;
+	int rc;
 
-	if (roc_npc->roc_nix->custom_sa_action == 0 ||
-	    roc_model_is_cn9k() == 1 || act->conf == NULL)
+	if (roc_npc->roc_nix->custom_sa_action == 0 || roc_model_is_cn9k() == 1 ||
+	    act->conf == NULL || flow->is_validate)
 		return 0;
 
-	*has_msns_action = true;
+	*has_spi_to_sa_action = true;
 	sec_action = act->conf;
 
 	vtag_act.reg = 0;
@@ -362,6 +368,12 @@ npc_parse_msns_action(struct roc_npc *roc_npc, const struct roc_npc_action *act,
 	vtag_act.act.sa_hi = sec_action->sa_hi;
 	vtag_act.act.sa_lo = sec_action->sa_lo;
 
+	idev = idev_get_cfg();
+	if (!idev)
+		return -1;
+
+	inl_dev = idev->nix_inl_dev;
+
 	switch (sec_action->alg) {
 	case ROC_NPC_SEC_ACTION_ALG0:
 		break;
@@ -373,6 +385,25 @@ npc_parse_msns_action(struct roc_npc *roc_npc, const struct roc_npc_action *act,
 		vtag_act.act.vtag1_valid = false;
 		vtag_act.act.vtag1_lid = ROC_NPC_SEC_ACTION_ALG2;
 		break;
+	case ROC_NPC_SEC_ACTION_ALG3:
+		vtag_act.act.vtag1_valid = false;
+		vtag_act.act.vtag1_lid = 0;
+		mbox = inl_dev->dev.mbox;
+		req = mbox_alloc_msg_nix_spi_to_sa_add(mbox);
+		if (req == NULL)
+			return -ENOSPC;
+		req->sa_index = sec_action->sa_index;
+		req->spi_index = plt_be_to_cpu_32(flow->spi_to_sa_info.spi);
+		req->match_id = flow->match_id;
+		req->valid = true;
+		rc = mbox_process_msg(mbox, (void *)&rsp);
+		if (rc)
+			return rc;
+		flow->spi_to_sa_info.hash_index = rsp->hash_index;
+		flow->spi_to_sa_info.way = rsp->way;
+		flow->spi_to_sa_info.duplicate = rsp->is_duplicate;
+		flow->spi_to_sa_info.has_action = true;
+		break;
 	default:
 		return -1;
 	}
@@ -389,12 +420,13 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct roc_npc_attr *attr,
 {
 	const struct roc_npc_action_port_id *act_portid;
 	struct npc *npc = roc_npc_to_npc_priv(roc_npc);
+	const struct roc_npc_action *sec_action = NULL;
 	const struct roc_npc_action_mark *act_mark;
 	const struct roc_npc_action_meter *act_mtr;
 	const struct roc_npc_action_queue *act_q;
 	const struct roc_npc_action_vf *vf_act;
 	bool vlan_insert_action = false;
-	uint8_t has_msns_act = 0;
+	uint8_t has_spi_to_sa_act = 0;
 	int sel_act, req_act = 0;
 	uint16_t pf_func, vf_id;
 	struct roc_nix *roc_nix;
@@ -421,6 +453,7 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct roc_npc_attr *attr,
 			}
 			mark = act_mark->id + 1;
 			req_act |= ROC_NPC_ACTION_TYPE_MARK;
+			flow->match_id = mark;
 			break;
 
 		case ROC_NPC_ACTION_TYPE_FLAG:
@@ -499,12 +532,7 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct roc_npc_attr *attr,
 				rq = inl_rq->qid;
 				pf_func = nix_inl_dev_pffunc_get();
 			}
-			rc = npc_parse_msns_action(roc_npc, actions, flow,
-						   &has_msns_act);
-			if (rc) {
-				errcode = NPC_ERR_ACTION_NOTSUP;
-				goto err_exit;
-			}
+			sec_action = actions;
 			break;
 		case ROC_NPC_ACTION_TYPE_VLAN_STRIP:
 			req_act |= ROC_NPC_ACTION_TYPE_VLAN_STRIP;
@@ -530,13 +558,19 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct roc_npc_attr *attr,
 		}
 	}
 
-	if (req_act & (ROC_NPC_ACTION_TYPE_VLAN_INSERT |
-		       ROC_NPC_ACTION_TYPE_VLAN_ETHTYPE_INSERT |
+	if (sec_action) {
+		rc = npc_parse_spi_to_sa_action(roc_npc, sec_action, flow, &has_spi_to_sa_act);
+		if (rc) {
+			errcode = NPC_ERR_ACTION_NOTSUP;
+			goto err_exit;
+		}
+	}
+
+	if (req_act & (ROC_NPC_ACTION_TYPE_VLAN_INSERT | ROC_NPC_ACTION_TYPE_VLAN_ETHTYPE_INSERT |
 		       ROC_NPC_ACTION_TYPE_VLAN_PCP_INSERT))
 		vlan_insert_action = true;
 
-	if ((req_act & (ROC_NPC_ACTION_TYPE_VLAN_INSERT |
-			ROC_NPC_ACTION_TYPE_VLAN_ETHTYPE_INSERT |
+	if ((req_act & (ROC_NPC_ACTION_TYPE_VLAN_INSERT | ROC_NPC_ACTION_TYPE_VLAN_ETHTYPE_INSERT |
 			ROC_NPC_ACTION_TYPE_VLAN_PCP_INSERT)) ==
 	    ROC_NPC_ACTION_TYPE_VLAN_PCP_INSERT) {
 		plt_err("PCP insert action can't be supported alone");
@@ -544,7 +578,7 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct roc_npc_attr *attr,
 		goto err_exit;
 	}
 
-	if (has_msns_act && (vlan_insert_action ||
+	if (has_spi_to_sa_act && (vlan_insert_action ||
 			     (req_act & ROC_NPC_ACTION_TYPE_VLAN_STRIP))) {
 		plt_err("Both MSNS and VLAN insert/strip action can't be supported"
 			" together");
@@ -1343,12 +1377,37 @@ npc_rss_group_free(struct npc *npc, struct roc_npc_flow *flow)
 	return 0;
 }
 
+static int
+roc_npc_delete_spi_to_sa_action(struct roc_npc *roc_npc, struct roc_npc_flow *flow)
+{
+	struct roc_nix *roc_nix = roc_npc->roc_nix;
+	struct nix_spi_to_sa_delete_req *req;
+	struct mbox *mbox;
+	struct nix *nix;
+
+	if (!flow->spi_to_sa_info.has_action || flow->spi_to_sa_info.duplicate)
+		return 0;
+
+	nix = roc_nix_to_nix_priv(roc_nix);
+	mbox = (&nix->dev)->mbox;
+	req = mbox_alloc_msg_nix_spi_to_sa_delete(mbox);
+	if (req == NULL)
+		return -ENOSPC;
+	req->hash_index = flow->spi_to_sa_info.hash_index;
+	req->way = flow->spi_to_sa_info.way;
+	return mbox_process_msg(mbox, NULL);
+}
+
 int
 roc_npc_flow_destroy(struct roc_npc *roc_npc, struct roc_npc_flow *flow)
 {
 	struct npc *npc = roc_npc_to_npc_priv(roc_npc);
 	int rc;
 
+	rc = roc_npc_delete_spi_to_sa_action(roc_npc, flow);
+	if (rc)
+		return rc;
+
 	rc = npc_rss_group_free(npc, flow);
 	if (rc != 0) {
 		plt_err("Failed to free rss action rc = %d", rc);
diff --git a/drivers/common/cnxk/roc_npc.h b/drivers/common/cnxk/roc_npc.h
index 1b4e5521cb..da5639e812 100644
--- a/drivers/common/cnxk/roc_npc.h
+++ b/drivers/common/cnxk/roc_npc.h
@@ -191,6 +191,14 @@ struct roc_npc_action_port_id {
 	uint32_t id;		/**< port ID. */
 };
 
+/**
+ * ESP Header
+ */
+struct roc_npc_item_esp_hdr {
+	uint32_t spi; /**< Security Parameters Index */
+	uint32_t seq; /**< packet sequence number */
+};
+
 struct roc_npc_action_queue {
 	uint16_t index; /**< Queue index to use. */
 };
@@ -242,6 +250,14 @@ struct roc_npc_flow_dump_data {
 	uint16_t ltype;
 };
 
+struct roc_npc_spi_to_sa_action_info {
+	uint32_t spi;
+	uint32_t hash_index;
+	uint8_t way;
+	bool duplicate;
+	bool has_action;
+};
+
 struct roc_npc_flow {
 	uint8_t nix_intf;
 	uint8_t enable;
@@ -261,6 +277,9 @@ struct roc_npc_flow {
 #define ROC_NPC_MAX_FLOW_PATTERNS 32
 	struct roc_npc_flow_dump_data dump_data[ROC_NPC_MAX_FLOW_PATTERNS];
 	uint16_t num_patterns;
+	struct roc_npc_spi_to_sa_action_info spi_to_sa_info;
+	bool is_validate;
+	uint16_t match_id;
 
 	TAILQ_ENTRY(roc_npc_flow) next;
 };
diff --git a/drivers/common/cnxk/roc_npc_parse.c b/drivers/common/cnxk/roc_npc_parse.c
index 947e1ec53d..c1af5f3087 100644
--- a/drivers/common/cnxk/roc_npc_parse.c
+++ b/drivers/common/cnxk/roc_npc_parse.c
@@ -731,6 +731,7 @@ int
 npc_parse_le(struct npc_parse_state *pst)
 {
 	const struct roc_npc_item_info *pattern = pst->pattern;
+	const struct roc_npc_item_esp_hdr *esp = NULL;
 	char hw_mask[NPC_MAX_EXTRACT_HW_LEN];
 	struct npc_parse_item_info info;
 	int lid, lt, lflags;
@@ -787,6 +788,9 @@ npc_parse_le(struct npc_parse_state *pst)
 	case ROC_NPC_ITEM_TYPE_ESP:
 		lt = NPC_LT_LE_ESP;
 		info.len = pst->pattern->size;
+		esp = (const struct roc_npc_item_esp_hdr *)pattern->spec;
+		if (esp)
+			pst->flow->spi_to_sa_info.spi = esp->spi;
 		break;
 	default:
 		return 0;
-- 
2.35.3


  parent reply	other threads:[~2023-01-11  5:38 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-01  4:20 [dpdk-dev] [PATCH 1/2] common/cnxk: add RTE Flow support for " psatheesh
2022-12-01  4:20 ` [dpdk-dev] [PATCH 2/2] net/cnxk: add validate flag for RTE flow for cnxk psatheesh
2023-01-11  5:38 ` psatheesh [this message]
2023-01-11  5:38   ` [dpdk-dev] [PATCH v2 2/4] net/cnxk: introduce flag for flow validate psatheesh
2023-01-11  5:38   ` [dpdk-dev] [PATCH v2 3/4] drivers: add IPsec rule reservation scheme for cnxk psatheesh
2023-01-11  5:38   ` [dpdk-dev] [PATCH v2 4/4] common/cnxk: fix dual VLAN parsing issue psatheesh
2023-01-11 16:58     ` Jerin Jacob

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230111053814.979400-1-psatheesh@marvell.com \
    --to=psatheesh@marvell.com \
    --cc=dev@dpdk.org \
    --cc=jerinj@marvell.com \
    --cc=kirankumark@marvell.com \
    --cc=ndabilpuram@marvell.com \
    --cc=skori@marvell.com \
    --cc=skoteshwar@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).