From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
by inbox.dpdk.org (Postfix) with ESMTP id 6207D43BED;
Mon, 26 Feb 2024 14:35:53 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
by mails.dpdk.org (Postfix) with ESMTP id 17F8242E51;
Mon, 26 Feb 2024 14:35:48 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
[67.231.148.174])
by mails.dpdk.org (Postfix) with ESMTP id 6002242E37
for <dev@dpdk.org>; Mon, 26 Feb 2024 14:35:46 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
by mx0a-0016f401.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id
41Q9t1Ri014596 for <dev@dpdk.org>; Mon, 26 Feb 2024 05:35:45 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=
from:to:cc:subject:date:message-id:in-reply-to:references
:mime-version:content-transfer-encoding:content-type; s=
pfpt0220; bh=oUKF2ZqHdb2zjdqkaeh9WtCsqqtl0bc4aqXWJE7rERE=; b=JI6
beo5s2AOBjuACcVu+GnCXMXDEqRcFLp2C7mZdtLbrmpYxvatchViUmRrYO58gWLa
Aaq/Ix+da1eRevtItXVN5eoMq0sh33AKLnn+zKGyOeIJ+plr+1ibcNsR7JfzZ83k
PKZA8k2Ty4pgdPubnFlkED1Aj9ggZjnlA6RD1CBJX91AbxswB9O54elsNGKdrTJL
I7ItaCWnRaakbFsv4Q1YMSPaR6v2bHLoiOmhNsLuluupZIg2iC/mWXykZbfglwVr
TiBHQQYAJJRiP21O37igzXOLEbTTlAHl5ydQPTs2F1LUb2kEKqZklTGmDwIHxWmg
Oa9xffsiWGa6DI0McWw==
Received: from dc6wp-exch02.marvell.com ([4.21.29.225])
by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3wgre8rj9g-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <dev@dpdk.org>; Mon, 26 Feb 2024 05:35:45 -0800 (PST)
Received: from DC6WP-EXCH02.marvell.com (10.76.176.209) by
DC6WP-EXCH02.marvell.com (10.76.176.209) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.2.1258.12; Mon, 26 Feb 2024 05:35:44 -0800
Received: from maili.marvell.com (10.69.176.80) by DC6WP-EXCH02.marvell.com
(10.76.176.209) with Microsoft SMTP Server id 15.2.1258.12 via Frontend
Transport; Mon, 26 Feb 2024 05:35:44 -0800
Received: from hyd1588t430.caveonetworks.com (unknown [10.29.52.204])
by maili.marvell.com (Postfix) with ESMTP id 0ABFC3F703F;
Mon, 26 Feb 2024 05:35:41 -0800 (PST)
From: Nithin Dabilpuram <ndabilpuram@marvell.com>
To: Nithin Dabilpuram <ndabilpuram@marvell.com>, Kiran Kumar K
<kirankumark@marvell.com>, Sunil Kumar Kori <skori@marvell.com>, Satha Rao
<skoteshwar@marvell.com>
CC: <dev@dpdk.org>
Subject: [PATCH v5 02/14] net/cnxk: add IPsec SA defines for PMD API
Date: Mon, 26 Feb 2024 19:05:24 +0530
Message-ID: <20240226133536.2456406-2-ndabilpuram@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20240226133536.2456406-1-ndabilpuram@marvell.com>
References: <20240208085956.1741174-1-ndabilpuram@marvell.com>
<20240226133536.2456406-1-ndabilpuram@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: l-2EsD9MFdT7TxpD0Y7Z8chQHpod6BeC
X-Proofpoint-GUID: l-2EsD9MFdT7TxpD0Y7Z8chQHpod6BeC
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26
definitions=2024-02-26_09,2024-02-26_01,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Define inbound and outbound IPsec data type for PMD API's
rte_pmd_cnxk_hw_sa_read() and rte_pmd_cnxk_hw_sa_write().
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
---
drivers/net/cnxk/cn10k_ethdev_sec.c | 18 +-
drivers/net/cnxk/rte_pmd_cnxk.h | 397 +++++++++++++++++++++++++++-
2 files changed, 411 insertions(+), 4 deletions(-)
diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 575d0fabd5..05ec49d981 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -14,6 +14,20 @@
#include <cnxk_security.h>
#include <roc_priv.h>
+PLT_STATIC_ASSERT(offsetof(struct rte_pmd_cnxk_ipsec_inb_sa, ctx.ar_winbits) ==
+ offsetof(struct roc_ot_ipsec_inb_sa, ctx.ar_winbits));
+
+PLT_STATIC_ASSERT(offsetof(struct rte_pmd_cnxk_ipsec_outb_sa, ctx.mib_pkts) ==
+ offsetof(struct roc_ot_ipsec_outb_sa, ctx.mib_pkts));
+
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_CTX_MAX_CKEY_LEN == ROC_CTX_MAX_CKEY_LEN);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN == RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN);
+
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_AR_WIN_SIZE_MIN == ROC_AR_WIN_SIZE_MIN);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_AR_WIN_SIZE_MAX == ROC_AR_WIN_SIZE_MAX);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_LOG_MIN_AR_WIN_SIZE_M1 == ROC_LOG_MIN_AR_WIN_SIZE_M1);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_AR_WINBITS_SZ == ROC_AR_WINBITS_SZ);
+
static struct rte_cryptodev_capabilities cn10k_eth_sec_crypto_caps[] = {
{ /* AES GCM */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -1143,7 +1157,7 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
int
rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
- void *data, uint32_t len)
+ union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
@@ -1166,7 +1180,7 @@ rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
int
rte_pmd_cnxk_hw_sa_write(void *device, struct rte_security_session *sess,
- void *data, uint32_t len)
+ union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
diff --git a/drivers/net/cnxk/rte_pmd_cnxk.h b/drivers/net/cnxk/rte_pmd_cnxk.h
index 7827c33ac9..43f2a7ed9b 100644
--- a/drivers/net/cnxk/rte_pmd_cnxk.h
+++ b/drivers/net/cnxk/rte_pmd_cnxk.h
@@ -60,6 +60,399 @@ struct rte_pmd_cnxk_sec_action {
enum rte_pmd_cnxk_sec_action_alg alg;
};
+#define RTE_PMD_CNXK_CTX_MAX_CKEY_LEN 32
+#define RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN 128
+
+/** Anti reply window size supported */
+#define RTE_PMD_CNXK_AR_WIN_SIZE_MIN 64
+#define RTE_PMD_CNXK_AR_WIN_SIZE_MAX 4096
+#define RTE_PMD_CNXK_LOG_MIN_AR_WIN_SIZE_M1 5
+
+/** u64 array size to fit anti replay window bits */
+#define RTE_PMD_CNXK_AR_WINBITS_SZ (RTE_ALIGN_CEIL(RTE_PMD_CNXK_AR_WIN_SIZE_MAX, 64) / 64)
+
+/** Outer header info for Inbound or Outbound */
+union rte_pmd_cnxk_ipsec_outer_ip_hdr {
+ struct {
+ /** IPv4 destination */
+ uint32_t dst_addr;
+ /** IPv4 source */
+ uint32_t src_addr;
+ } ipv4;
+ struct {
+ /** IPv6 source */
+ uint8_t src_addr[16];
+ /** IPv6 destination */
+ uint8_t dst_addr[16];
+ } ipv6;
+};
+
+/** Inbound IPsec context update region */
+struct rte_pmd_cnxk_ipsec_inb_ctx_update_reg {
+ /** Highest sequence number received */
+ uint64_t ar_base;
+ /** Valid bit for 64-bit words of replay window */
+ uint64_t ar_valid_mask;
+ /** Hard life for SA */
+ uint64_t hard_life;
+ /** Soft life for SA */
+ uint64_t soft_life;
+ /** MIB octets */
+ uint64_t mib_octs;
+ /** MIB packets */
+ uint64_t mib_pkts;
+ /** AR window bits */
+ uint64_t ar_winbits[RTE_PMD_CNXK_AR_WINBITS_SZ];
+};
+
+/** Outbound IPsec IV data */
+union rte_pmd_cnxk_ipsec_outb_iv {
+ uint64_t u64[2];
+ /** IV debug - 16B*/
+ uint8_t iv_dbg[16];
+ struct {
+ /** IV debug - 8B */
+ uint8_t iv_dbg1[4];
+ /** Salt */
+ uint8_t salt[4];
+
+ uint32_t rsvd;
+ /** IV debug - 8B */
+ uint8_t iv_dbg2[4];
+ } s;
+};
+
+/** Outbound IPsec context update region */
+struct rte_pmd_cnxk_ipsec_outb_ctx_update_reg {
+ union {
+ struct {
+ uint64_t reserved_0_2 : 3;
+ uint64_t address : 57;
+ uint64_t mode : 4;
+ } s;
+ uint64_t u64;
+ } err_ctl;
+
+ uint64_t esn_val;
+ uint64_t hard_life;
+ uint64_t soft_life;
+ uint64_t mib_octs;
+ uint64_t mib_pkts;
+};
+
+/**
+ * Inbound IPsec SA
+ */
+struct rte_pmd_cnxk_ipsec_inb_sa {
+ /** Word0 */
+ union {
+ struct {
+ /** AR window size */
+ uint64_t ar_win : 3;
+ /** Hard life enable */
+ uint64_t hard_life_dec : 1;
+ /** Soft life enable */
+ uint64_t soft_life_dec : 1;
+
+ /** Count global octets */
+ uint64_t count_glb_octets : 1;
+ /** Count global pkts */
+ uint64_t count_glb_pkts : 1;
+ /** Count bytes */
+ uint64_t count_mib_bytes : 1;
+
+ /** Count pkts */
+ uint64_t count_mib_pkts : 1;
+ /** HW context offset */
+ uint64_t hw_ctx_off : 7;
+
+ /** Context ID */
+ uint64_t ctx_id : 16;
+
+ /** Original packet free absolute */
+ uint64_t orig_pkt_fabs : 1;
+ /** Original packet free */
+ uint64_t orig_pkt_free : 1;
+ /** PKIND for second pass */
+ uint64_t pkind : 6;
+
+ uint64_t rsvd0 : 1;
+ /** Ether type overwrite */
+ uint64_t et_ovrwr : 1;
+ /** Packet output type */
+ uint64_t pkt_output : 2;
+ /** Packet format type */
+ uint64_t pkt_format : 1;
+ /** Defrag option */
+ uint64_t defrag_opt : 2;
+ /** Reserved for X2P dest */
+ uint64_t x2p_dst : 1;
+
+ /** Context push size */
+ uint64_t ctx_push_size : 7;
+ uint64_t rsvd1 : 1;
+
+ /** Context header size */
+ uint64_t ctx_hdr_size : 2;
+ /** AOP enable */
+ uint64_t aop_valid : 1;
+ uint64_t rsvd2 : 1;
+ /** Context size */
+ uint64_t ctx_size : 4;
+ } s;
+ uint64_t u64;
+ } w0;
+
+ /** Word1 */
+ union {
+ struct {
+ /** Original packet aura */
+ uint64_t orig_pkt_aura : 20;
+ uint64_t rsvd3 : 4;
+ /** Original packet free offset */
+ uint64_t orig_pkt_foff : 8;
+ /** SA cookie */
+ uint64_t cookie : 32;
+ } s;
+ uint64_t u64;
+ } w1;
+
+ /** Word 2 */
+ union {
+ struct {
+ /** SA valid */
+ uint64_t valid : 1;
+ /** SA direction */
+ uint64_t dir : 1;
+ uint64_t rsvd11 : 1;
+ uint64_t rsvd4 : 1;
+ /** IPsec mode */
+ uint64_t ipsec_mode : 1;
+ /** IPsec protocol */
+ uint64_t ipsec_protocol : 1;
+ /** AES key length */
+ uint64_t aes_key_len : 2;
+
+ /** Encryption algo */
+ uint64_t enc_type : 3;
+ /** Soft life and hard life unit */
+ uint64_t life_unit : 1;
+ /** Authentication algo */
+ uint64_t auth_type : 4;
+
+ /** Encapsulation type */
+ uint64_t encap_type : 2;
+ /** Ether type override enable */
+ uint64_t et_ovrwr_ddr_en : 1;
+ /** ESN enable */
+ uint64_t esn_en : 1;
+ /** Transport mode L4 checksum incrementally update */
+ uint64_t tport_l4_incr_csum : 1;
+ /** Outer IP header verification */
+ uint64_t ip_hdr_verify : 2;
+ /** UDP enacapsulation ports verification */
+ uint64_t udp_ports_verify : 1;
+
+ /** Return 64B of L2/L3 header on error */
+ uint64_t l3hdr_on_err : 1;
+ uint64_t rsvd6 : 6;
+ uint64_t rsvd12 : 1;
+
+ /** SPI */
+ uint64_t spi : 32;
+ } s;
+ uint64_t u64;
+ } w2;
+
+ /** Word3 */
+ uint64_t rsvd7;
+
+ /** Word4 - Word7 */
+ uint8_t cipher_key[RTE_PMD_CNXK_CTX_MAX_CKEY_LEN];
+
+ /** Word8 - Word9 */
+ union {
+ struct {
+ uint32_t rsvd8;
+ /** IV salt */
+ uint8_t salt[4];
+ } s;
+ uint64_t u64;
+ } w8;
+ uint64_t rsvd9;
+
+ /** Word10 */
+ union {
+ struct {
+ uint64_t rsvd10 : 32;
+ /** UDP encapsulation source port */
+ uint64_t udp_src_port : 16;
+ /** UDP encapsulation destination port */
+ uint64_t udp_dst_port : 16;
+ } s;
+ uint64_t u64;
+ } w10;
+
+ /** Word11 - Word14 */
+ union rte_pmd_cnxk_ipsec_outer_ip_hdr outer_hdr;
+
+ /** Word15 - Word30 */
+ uint8_t hmac_opad_ipad[RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN];
+
+ /** Word31 - Word100 */
+ struct rte_pmd_cnxk_ipsec_inb_ctx_update_reg ctx;
+};
+
+/**
+ * Outbound IPsec SA
+ */
+struct rte_pmd_cnxk_ipsec_outb_sa {
+ /** Word0 */
+ union {
+ struct {
+ /** ESN enable */
+ uint64_t esn_en : 1;
+ /** IP ID generation type */
+ uint64_t ip_id : 1;
+ uint64_t rsvd0 : 1;
+ /** Hard life enable */
+ uint64_t hard_life_dec : 1;
+ /** Soft life enable */
+ uint64_t soft_life_dec : 1;
+
+ /** Count global octets */
+ uint64_t count_glb_octets : 1;
+ /** Count global pkts */
+ uint64_t count_glb_pkts : 1;
+ /** Count bytes */
+ uint64_t count_mib_bytes : 1;
+
+ /** Count pkts */
+ uint64_t count_mib_pkts : 1;
+ /** HW context offset */
+ uint64_t hw_ctx_off : 7;
+
+ /** Context ID */
+ uint64_t ctx_id : 16;
+ uint64_t rsvd1 : 16;
+
+ /** Context push size */
+ uint64_t ctx_push_size : 7;
+ uint64_t rsvd2 : 1;
+
+ /** Context header size */
+ uint64_t ctx_hdr_size : 2;
+ /** AOP enable */
+ uint64_t aop_valid : 1;
+ uint64_t rsvd3 : 1;
+ /** Context size */
+ uint64_t ctx_size : 4;
+ } s;
+ uint64_t u64;
+ } w0;
+
+ /** Word1 */
+ union {
+ struct {
+ uint64_t rsvd4 : 32;
+ /** SA cookie */
+ uint64_t cookie : 32;
+ } s;
+ uint64_t u64;
+ } w1;
+
+ /** Word 2 */
+ union {
+ struct {
+ /** SA valid */
+ uint64_t valid : 1;
+ /** SA direction */
+ uint64_t dir : 1;
+ uint64_t rsvd11 : 1;
+ uint64_t rsvd5 : 1;
+ /** IPsec mode */
+ uint64_t ipsec_mode : 1;
+ /** IPsec protocol */
+ uint64_t ipsec_protocol : 1;
+
+ /** AES key length */
+ uint64_t aes_key_len : 2;
+
+ /** Encryption algo */
+ uint64_t enc_type : 3;
+ /** Soft life and hard life unit */
+ uint64_t life_unit : 1;
+ /** Authentication algo */
+ uint64_t auth_type : 4;
+
+ /** Encapsulation type */
+ uint64_t encap_type : 2;
+ /** DF source */
+ uint64_t ipv4_df_src_or_ipv6_flw_lbl_src : 1;
+ /** DSCP source */
+ uint64_t dscp_src : 1;
+ /** IV source */
+ uint64_t iv_src : 2;
+ /** IPID value in outer header */
+ uint64_t ipid_gen : 1;
+ uint64_t rsvd6 : 1;
+
+ uint64_t rsvd7 : 7;
+ uint64_t rsvd12 : 1;
+
+ /** SPI */
+ uint64_t spi : 32;
+ } s;
+ uint64_t u64;
+ } w2;
+
+ /** Word3 */
+ uint64_t rsvd8;
+
+ /** Word4 - Word7 */
+ uint8_t cipher_key[RTE_PMD_CNXK_CTX_MAX_CKEY_LEN];
+
+ /** Word8 - Word9 */
+ union rte_pmd_cnxk_ipsec_outb_iv iv;
+
+ /** Word10 */
+ union {
+ struct {
+ uint64_t rsvd9 : 4;
+ /** Outer header IPv4 DF or IPv6 flow label */
+ uint64_t ipv4_df_or_ipv6_flw_lbl : 20;
+
+ /** DSCP for outer header */
+ uint64_t dscp : 6;
+ uint64_t rsvd10 : 2;
+
+ /** UDP encapsulation destination port */
+ uint64_t udp_dst_port : 16;
+
+ /** UDP encapsulation source port */
+ uint64_t udp_src_port : 16;
+ } s;
+ uint64_t u64;
+ } w10;
+
+ /** Word11 - Word14 */
+ union rte_pmd_cnxk_ipsec_outer_ip_hdr outer_hdr;
+
+ /** Word15 - Word30 */
+ uint8_t hmac_opad_ipad[RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN];
+
+ /** Word31 - Word36 */
+ struct rte_pmd_cnxk_ipsec_outb_ctx_update_reg ctx;
+};
+
+/** Inbound/Outbound IPsec SA */
+union rte_pmd_cnxk_ipsec_hw_sa {
+ /** Inbound SA */
+ struct rte_pmd_cnxk_ipsec_inb_sa inb;
+ /** Outbound SA */
+ struct rte_pmd_cnxk_ipsec_outb_sa outb;
+};
+
/**
* Read HW SA context from session.
*
@@ -77,7 +470,7 @@ struct rte_pmd_cnxk_sec_action {
*/
__rte_experimental
int rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
- void *data, uint32_t len);
+ union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len);
/**
* Write HW SA context to session.
*
@@ -95,7 +488,7 @@ int rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
*/
__rte_experimental
int rte_pmd_cnxk_hw_sa_write(void *device, struct rte_security_session *sess,
- void *data, uint32_t len);
+ union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len);
/**
* Get pointer to CPT result info for inline inbound processed pkt.
--
2.25.1