From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
by inbox.dpdk.org (Postfix) with ESMTP id 9E58542C4E;
Wed, 7 Jun 2023 17:29:51 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
by mails.dpdk.org (Postfix) with ESMTP id C9B2F42DAE;
Wed, 7 Jun 2023 17:29:03 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
[67.231.148.174])
by mails.dpdk.org (Postfix) with ESMTP id 5448942DAE
for <dev@dpdk.org>; Wed, 7 Jun 2023 17:29:02 +0200 (CEST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
357Dvl05028208; Wed, 7 Jun 2023 08:29:01 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
h=from : to : cc :
subject : date : message-id : in-reply-to : references : mime-version :
content-transfer-encoding : content-type; s=pfpt0220;
bh=YAdFEOetmyP/vPinKuSsaInJH7KlT2OFIa3YsTi4nn4=;
b=BfxWEBw8st1gY0CX9BplgIe8EiFYQeq67GLmOdA5RK+RQXhRPg+d78kImKdMRBaML9IR
Ko1ZT1m+cu3L/wGxPqAYgjFO5gyDsZqYQUc3pmsRYgElj2wgZDkgFhjOJn0cjk1LBKDg
ICikammmpftSmAhfECjTfc8S9VtpK5FK9/a03Ryoj/uXyZ7SChyu5YIP6xvyLjSZVaVh
NY3Ji7NTIQIMV3aGoZRMA7kSqJDfFT5jJcyQPvU73AbXcigeJsNOwNRduAoKOuKhGg7z
gJf4yjZ1OO0Y41cZ+SKrWwaPCTDohT+TGY51vnUdt48NW5VG8HR7VDnaEd+HPMG7OI23 Fw==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3r2a7bv7xw-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
Wed, 07 Jun 2023 08:29:01 -0700
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
(10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48;
Wed, 7 Jun 2023 08:28:59 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
(10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend
Transport; Wed, 7 Jun 2023 08:28:59 -0700
Received: from localhost.localdomain (unknown [10.28.36.102])
by maili.marvell.com (Postfix) with ESMTP id 315933F708E;
Wed, 7 Jun 2023 08:28:56 -0700 (PDT)
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
CC: <thomas@monjalon.net>, <david.marchand@redhat.com>,
<vattunuru@marvell.com>, <jerinj@marvell.com>, <adwivedi@marvell.com>,
<ndabilpuram@marvell.com>, Akhil Goyal <gakhil@marvell.com>
Subject: [PATCH v2 12/15] net/cnxk: add MACsec initialization
Date: Wed, 7 Jun 2023 20:58:16 +0530
Message-ID: <20230607152819.226838-13-gakhil@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20230607152819.226838-1-gakhil@marvell.com>
References: <20230523200401.1945974-1-gakhil@marvell.com>
<20230607152819.226838-1-gakhil@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: fSjzZxJw5bmKckm29kfgtBJni_JvaPZG
X-Proofpoint-GUID: fSjzZxJw5bmKckm29kfgtBJni_JvaPZG
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26
definitions=2023-06-07_07,2023-06-07_01,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Added initialization routines for MACsec for
cn10kb platform.
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
drivers/net/cnxk/cn10k_ethdev_sec.c | 6 ++
drivers/net/cnxk/cnxk_ethdev.c | 13 +++
drivers/net/cnxk/cnxk_ethdev.h | 14 +++
drivers/net/cnxk/cnxk_ethdev_mcs.c | 151 ++++++++++++++++++++++++++++
drivers/net/cnxk/cnxk_ethdev_mcs.h | 61 +++++++++++
drivers/net/cnxk/meson.build | 1 +
6 files changed, 246 insertions(+)
create mode 100644 drivers/net/cnxk/cnxk_ethdev_mcs.c
create mode 100644 drivers/net/cnxk/cnxk_ethdev_mcs.h
diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 5bc547051d..8dd2c8b7a5 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -1090,9 +1090,15 @@ cn10k_eth_sec_ops_override(void)
init_once = 1;
/* Update platform specific ops */
+ cnxk_eth_sec_ops.macsec_sa_create = NULL;
+ cnxk_eth_sec_ops.macsec_sc_create = NULL;
+ cnxk_eth_sec_ops.macsec_sa_destroy = NULL;
+ cnxk_eth_sec_ops.macsec_sc_destroy = NULL;
cnxk_eth_sec_ops.session_create = cn10k_eth_sec_session_create;
cnxk_eth_sec_ops.session_destroy = cn10k_eth_sec_session_destroy;
cnxk_eth_sec_ops.capabilities_get = cn10k_eth_sec_capabilities_get;
cnxk_eth_sec_ops.session_update = cn10k_eth_sec_session_update;
cnxk_eth_sec_ops.session_stats_get = cn10k_eth_sec_session_stats_get;
+ cnxk_eth_sec_ops.macsec_sc_stats_get = NULL;
+ cnxk_eth_sec_ops.macsec_sa_stats_get = NULL;
}
diff --git a/drivers/net/cnxk/cnxk_ethdev.c b/drivers/net/cnxk/cnxk_ethdev.c
index 916198d802..5368f0777d 100644
--- a/drivers/net/cnxk/cnxk_ethdev.c
+++ b/drivers/net/cnxk/cnxk_ethdev.c
@@ -1961,6 +1961,16 @@ cnxk_eth_dev_init(struct rte_eth_dev *eth_dev)
if (rc)
goto free_mac_addrs;
+ if (roc_feature_nix_has_macsec()) {
+ rc = cnxk_mcs_dev_init(dev, 0);
+ if (rc) {
+ plt_err("Failed to init MCS");
+ goto free_mac_addrs;
+ }
+ dev->rx_offload_capa |= RTE_ETH_RX_OFFLOAD_MACSEC_STRIP;
+ dev->tx_offload_capa |= RTE_ETH_TX_OFFLOAD_MACSEC_INSERT;
+ }
+
plt_nix_dbg("Port=%d pf=%d vf=%d ver=%s hwcap=0x%" PRIx64
" rxoffload_capa=0x%" PRIx64 " txoffload_capa=0x%" PRIx64,
eth_dev->data->port_id, roc_nix_get_pf(nix),
@@ -2058,6 +2068,9 @@ cnxk_eth_dev_uninit(struct rte_eth_dev *eth_dev, bool reset)
}
eth_dev->data->nb_rx_queues = 0;
+ if (roc_feature_nix_has_macsec())
+ cnxk_mcs_dev_fini(dev);
+
/* Free security resources */
nix_security_release(dev);
diff --git a/drivers/net/cnxk/cnxk_ethdev.h b/drivers/net/cnxk/cnxk_ethdev.h
index e280d6c05e..d5bb06b823 100644
--- a/drivers/net/cnxk/cnxk_ethdev.h
+++ b/drivers/net/cnxk/cnxk_ethdev.h
@@ -395,6 +395,9 @@ struct cnxk_eth_dev {
/* Reassembly dynfield/flag offsets */
int reass_dynfield_off;
int reass_dynflag_bit;
+
+ /* MCS device */
+ struct cnxk_mcs_dev *mcs_dev;
};
struct cnxk_eth_rxq_sp {
@@ -623,6 +626,17 @@ int cnxk_nix_cman_config_set(struct rte_eth_dev *dev, const struct rte_eth_cman_
int cnxk_nix_cman_config_get(struct rte_eth_dev *dev, struct rte_eth_cman_config *config);
+int cnxk_mcs_dev_init(struct cnxk_eth_dev *dev, uint8_t mcs_idx);
+void cnxk_mcs_dev_fini(struct cnxk_eth_dev *dev);
+
+struct cnxk_macsec_sess *cnxk_eth_macsec_sess_get_by_sess(struct cnxk_eth_dev *dev,
+ const struct rte_security_session *sess);
+int cnxk_mcs_flow_configure(struct rte_eth_dev *eth_dev, const struct rte_flow_attr *attr,
+ const struct rte_flow_item pattern[],
+ const struct rte_flow_action actions[], struct rte_flow_error *error,
+ void **mcs_flow);
+int cnxk_mcs_flow_destroy(struct cnxk_eth_dev *eth_dev, void *mcs_flow);
+
/* Other private functions */
int nix_recalc_mtu(struct rte_eth_dev *eth_dev);
int nix_mtr_validate(struct rte_eth_dev *dev, uint32_t id);
diff --git a/drivers/net/cnxk/cnxk_ethdev_mcs.c b/drivers/net/cnxk/cnxk_ethdev_mcs.c
new file mode 100644
index 0000000000..b0205f45c5
--- /dev/null
+++ b/drivers/net/cnxk/cnxk_ethdev_mcs.c
@@ -0,0 +1,151 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2023 Marvell.
+ */
+
+#include <cnxk_ethdev.h>
+#include <cnxk_ethdev_mcs.h>
+#include <roc_mcs.h>
+
+static int
+cnxk_mcs_event_cb(void *userdata, struct roc_mcs_event_desc *desc, void *cb_arg)
+{
+ struct rte_eth_event_macsec_desc d = {0};
+
+ d.metadata = (uint64_t)userdata;
+
+ switch (desc->type) {
+ case ROC_MCS_EVENT_SECTAG_VAL_ERR:
+ d.type = RTE_ETH_EVENT_MACSEC_SECTAG_VAL_ERR;
+ switch (desc->subtype) {
+ case ROC_MCS_EVENT_RX_SECTAG_V_EQ1:
+ d.subtype = RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_V_EQ1;
+ break;
+ case ROC_MCS_EVENT_RX_SECTAG_E_EQ0_C_EQ1:
+ d.subtype = RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_E_EQ0_C_EQ1;
+ break;
+ case ROC_MCS_EVENT_RX_SECTAG_SL_GTE48:
+ d.subtype = RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_SL_GTE48;
+ break;
+ case ROC_MCS_EVENT_RX_SECTAG_ES_EQ1_SC_EQ1:
+ d.subtype = RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_ES_EQ1_SC_EQ1;
+ break;
+ case ROC_MCS_EVENT_RX_SECTAG_SC_EQ1_SCB_EQ1:
+ d.subtype = RTE_ETH_SUBEVENT_MACSEC_RX_SECTAG_SC_EQ1_SCB_EQ1;
+ break;
+ default:
+ plt_err("Unknown MACsec sub event : %d", desc->subtype);
+ }
+ break;
+ case ROC_MCS_EVENT_RX_SA_PN_HARD_EXP:
+ d.type = RTE_ETH_EVENT_MACSEC_RX_SA_PN_HARD_EXP;
+ break;
+ case ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP:
+ d.type = RTE_ETH_EVENT_MACSEC_RX_SA_PN_SOFT_EXP;
+ break;
+ case ROC_MCS_EVENT_TX_SA_PN_HARD_EXP:
+ d.type = RTE_ETH_EVENT_MACSEC_TX_SA_PN_HARD_EXP;
+ break;
+ case ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP:
+ d.type = RTE_ETH_EVENT_MACSEC_TX_SA_PN_SOFT_EXP;
+ break;
+ default:
+ plt_err("Unknown MACsec event type: %d", desc->type);
+ }
+
+ rte_eth_dev_callback_process(cb_arg, RTE_ETH_EVENT_MACSEC, &d);
+
+ return 0;
+}
+
+void
+cnxk_mcs_dev_fini(struct cnxk_eth_dev *dev)
+{
+ struct cnxk_mcs_dev *mcs_dev = dev->mcs_dev;
+ int rc;
+
+ rc = roc_mcs_event_cb_unregister(mcs_dev->mdev, ROC_MCS_EVENT_SECTAG_VAL_ERR);
+ if (rc)
+ plt_err("Failed to unregister MCS event callback: rc: %d", rc);
+
+ rc = roc_mcs_event_cb_unregister(mcs_dev->mdev, ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP);
+ if (rc)
+ plt_err("Failed to unregister MCS event callback: rc: %d", rc);
+
+ rc = roc_mcs_event_cb_unregister(mcs_dev->mdev, ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP);
+ if (rc)
+ plt_err("Failed to unregister MCS event callback: rc: %d", rc);
+
+ /* Cleanup MACsec dev */
+ roc_mcs_dev_fini(mcs_dev->mdev);
+
+ plt_free(mcs_dev);
+}
+
+int
+cnxk_mcs_dev_init(struct cnxk_eth_dev *dev, uint8_t mcs_idx)
+{
+ struct roc_mcs_intr_cfg intr_cfg = {0};
+ struct roc_mcs_hw_info hw_info = {0};
+ struct cnxk_mcs_dev *mcs_dev;
+ int rc;
+
+ rc = roc_mcs_hw_info_get(&hw_info);
+ if (rc) {
+ plt_err("MCS HW info get failed: rc: %d ", rc);
+ return rc;
+ }
+
+ mcs_dev = plt_zmalloc(sizeof(struct cnxk_mcs_dev), PLT_CACHE_LINE_SIZE);
+ if (!mcs_dev)
+ return -ENOMEM;
+
+ mcs_dev->idx = mcs_idx;
+ mcs_dev->mdev = roc_mcs_dev_init(mcs_dev->idx);
+ if (!mcs_dev->mdev) {
+ plt_free(mcs_dev);
+ return rc;
+ }
+ mcs_dev->port_id = dev->eth_dev->data->port_id;
+
+ intr_cfg.intr_mask =
+ ROC_MCS_CPM_RX_SECTAG_V_EQ1_INT | ROC_MCS_CPM_RX_SECTAG_E_EQ0_C_EQ1_INT |
+ ROC_MCS_CPM_RX_SECTAG_SL_GTE48_INT | ROC_MCS_CPM_RX_SECTAG_ES_EQ1_SC_EQ1_INT |
+ ROC_MCS_CPM_RX_SECTAG_SC_EQ1_SCB_EQ1_INT | ROC_MCS_CPM_RX_PACKET_XPN_EQ0_INT |
+ ROC_MCS_CPM_RX_PN_THRESH_REACHED_INT | ROC_MCS_CPM_TX_PACKET_XPN_EQ0_INT |
+ ROC_MCS_CPM_TX_PN_THRESH_REACHED_INT | ROC_MCS_CPM_TX_SA_NOT_VALID_INT |
+ ROC_MCS_BBE_RX_DFIFO_OVERFLOW_INT | ROC_MCS_BBE_RX_PLFIFO_OVERFLOW_INT |
+ ROC_MCS_BBE_TX_DFIFO_OVERFLOW_INT | ROC_MCS_BBE_TX_PLFIFO_OVERFLOW_INT |
+ ROC_MCS_PAB_RX_CHAN_OVERFLOW_INT | ROC_MCS_PAB_TX_CHAN_OVERFLOW_INT;
+
+ rc = roc_mcs_intr_configure(mcs_dev->mdev, &intr_cfg);
+ if (rc) {
+ plt_err("Failed to configure MCS interrupts: rc: %d", rc);
+ plt_free(mcs_dev);
+ return rc;
+ }
+
+ rc = roc_mcs_event_cb_register(mcs_dev->mdev, ROC_MCS_EVENT_SECTAG_VAL_ERR,
+ cnxk_mcs_event_cb, dev->eth_dev, mcs_dev);
+ if (rc) {
+ plt_err("Failed to register MCS event callback: rc: %d", rc);
+ plt_free(mcs_dev);
+ return rc;
+ }
+ rc = roc_mcs_event_cb_register(mcs_dev->mdev, ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP,
+ cnxk_mcs_event_cb, dev->eth_dev, mcs_dev);
+ if (rc) {
+ plt_err("Failed to register MCS event callback: rc: %d", rc);
+ plt_free(mcs_dev);
+ return rc;
+ }
+ rc = roc_mcs_event_cb_register(mcs_dev->mdev, ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP,
+ cnxk_mcs_event_cb, dev->eth_dev, mcs_dev);
+ if (rc) {
+ plt_err("Failed to register MCS event callback: rc: %d", rc);
+ plt_free(mcs_dev);
+ return rc;
+ }
+ dev->mcs_dev = mcs_dev;
+
+ return 0;
+}
diff --git a/drivers/net/cnxk/cnxk_ethdev_mcs.h b/drivers/net/cnxk/cnxk_ethdev_mcs.h
new file mode 100644
index 0000000000..762c299fb8
--- /dev/null
+++ b/drivers/net/cnxk/cnxk_ethdev_mcs.h
@@ -0,0 +1,61 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2023 Marvell.
+ */
+
+#include <cnxk_ethdev.h>
+
+#define CNXK_MACSEC_HASH_KEY 16
+
+struct cnxk_mcs_dev {
+ uint64_t default_sci;
+ void *mdev;
+ uint8_t port_id;
+ uint8_t idx;
+};
+
+struct cnxk_mcs_event_data {
+ /* Valid for below events
+ * - ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP
+ * - ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP
+ */
+ struct {
+ uint8_t secy_idx;
+ uint8_t sc_idx;
+ uint8_t sa_idx;
+ };
+ /* Valid for below event
+ * - ROC_MCS_EVENT_FIFO_OVERFLOW
+ *
+ * Upon fatal error notification on a MCS port, driver resets below attributes of active
+ * flow entities(sc & sa) and then resets the port.
+ * - Reset NEXT_PN of active SAs to 1.
+ * - Reset TX active SA for each SC, TX_SA_ACTIVE = 0, SA_INDEX0_VLD = 1.
+ * - Clear SA_IN_USE for active ANs in RX_SA_MAP_MEM.
+ * - Clear all stats mapping to this port.
+ * - Reactivate SA_IN_USE for active ANs in RX_SA_MAP_MEM.
+ *
+ * UMD driver notifies the following flow entity(sc & sa) details in application callback,
+ * application is expected to exchange the Tx/Rx NEXT_PN, TX_SA_ACTIVE, active RX SC AN
+ * details with peer device so that peer device can resets it's MACsec flow states and than
+ * resume packet transfers.
+ */
+ struct {
+ uint16_t *tx_sa_array; /* Tx SAs whose PN memories were reset (NEXT_PN=1) */
+ uint16_t *rx_sa_array; /* Rx SAs whose PN memories were reset (NEXT_PN=1) */
+ uint16_t *tx_sc_array; /* Tx SCs whose active SAs were reset (TX_SA_ACTIVE=0) */
+ uint16_t *rx_sc_array; /* Rx SCs whose state was reset */
+ uint8_t *sc_an_array; /* AN of Rx SCs(in rx_sc_array) which were reactivated */
+ uint8_t num_tx_sa; /* num entries in tx_sa_array */
+ uint8_t num_rx_sa; /* num entries in rx_sa_array */
+ uint8_t num_tx_sc; /* num entries in tx_sc_array */
+ uint8_t num_rx_sc; /* num entries in rx_sc_array */
+ uint8_t lmac_id; /* lmac_id/port which was recovered from fatal error */
+ };
+};
+
+struct cnxk_mcs_event_desc {
+ struct rte_eth_dev *eth_dev;
+ enum roc_mcs_event_type type;
+ enum roc_mcs_event_subtype subtype;
+ struct cnxk_mcs_event_data metadata;
+};
diff --git a/drivers/net/cnxk/meson.build b/drivers/net/cnxk/meson.build
index 62b8bb90fb..ae6a7d9aac 100644
--- a/drivers/net/cnxk/meson.build
+++ b/drivers/net/cnxk/meson.build
@@ -22,6 +22,7 @@ sources = files(
'cnxk_ethdev.c',
'cnxk_ethdev_cman.c',
'cnxk_ethdev_devargs.c',
+ 'cnxk_ethdev_mcs.c',
'cnxk_ethdev_mtr.c',
'cnxk_ethdev_ops.c',
'cnxk_ethdev_sec.c',
--
2.25.1