From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 6207D43BED;
	Mon, 26 Feb 2024 14:35:53 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 17F8242E51;
	Mon, 26 Feb 2024 14:35:48 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 6002242E37
 for <dev@dpdk.org>; Mon, 26 Feb 2024 14:35:46 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id
 41Q9t1Ri014596 for <dev@dpdk.org>; Mon, 26 Feb 2024 05:35:45 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=
 from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding:content-type; s=
 pfpt0220; bh=oUKF2ZqHdb2zjdqkaeh9WtCsqqtl0bc4aqXWJE7rERE=; b=JI6
 beo5s2AOBjuACcVu+GnCXMXDEqRcFLp2C7mZdtLbrmpYxvatchViUmRrYO58gWLa
 Aaq/Ix+da1eRevtItXVN5eoMq0sh33AKLnn+zKGyOeIJ+plr+1ibcNsR7JfzZ83k
 PKZA8k2Ty4pgdPubnFlkED1Aj9ggZjnlA6RD1CBJX91AbxswB9O54elsNGKdrTJL
 I7ItaCWnRaakbFsv4Q1YMSPaR6v2bHLoiOmhNsLuluupZIg2iC/mWXykZbfglwVr
 TiBHQQYAJJRiP21O37igzXOLEbTTlAHl5ydQPTs2F1LUb2kEKqZklTGmDwIHxWmg
 Oa9xffsiWGa6DI0McWw==
Received: from dc6wp-exch02.marvell.com ([4.21.29.225])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3wgre8rj9g-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 26 Feb 2024 05:35:45 -0800 (PST)
Received: from DC6WP-EXCH02.marvell.com (10.76.176.209) by
 DC6WP-EXCH02.marvell.com (10.76.176.209) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1258.12; Mon, 26 Feb 2024 05:35:44 -0800
Received: from maili.marvell.com (10.69.176.80) by DC6WP-EXCH02.marvell.com
 (10.76.176.209) with Microsoft SMTP Server id 15.2.1258.12 via Frontend
 Transport; Mon, 26 Feb 2024 05:35:44 -0800
Received: from hyd1588t430.caveonetworks.com (unknown [10.29.52.204])
 by maili.marvell.com (Postfix) with ESMTP id 0ABFC3F703F;
 Mon, 26 Feb 2024 05:35:41 -0800 (PST)
From: Nithin Dabilpuram <ndabilpuram@marvell.com>
To: Nithin Dabilpuram <ndabilpuram@marvell.com>, Kiran Kumar K
 <kirankumark@marvell.com>, Sunil Kumar Kori <skori@marvell.com>, Satha Rao
 <skoteshwar@marvell.com>
CC: <dev@dpdk.org>
Subject: [PATCH v5 02/14] net/cnxk: add IPsec SA defines for PMD API
Date: Mon, 26 Feb 2024 19:05:24 +0530
Message-ID: <20240226133536.2456406-2-ndabilpuram@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20240226133536.2456406-1-ndabilpuram@marvell.com>
References: <20240208085956.1741174-1-ndabilpuram@marvell.com>
 <20240226133536.2456406-1-ndabilpuram@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: l-2EsD9MFdT7TxpD0Y7Z8chQHpod6BeC
X-Proofpoint-GUID: l-2EsD9MFdT7TxpD0Y7Z8chQHpod6BeC
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2024-02-26_09,2024-02-26_01,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Define inbound and outbound IPsec data type for PMD API's
rte_pmd_cnxk_hw_sa_read() and rte_pmd_cnxk_hw_sa_write().

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
---
 drivers/net/cnxk/cn10k_ethdev_sec.c |  18 +-
 drivers/net/cnxk/rte_pmd_cnxk.h     | 397 +++++++++++++++++++++++++++-
 2 files changed, 411 insertions(+), 4 deletions(-)

diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 575d0fabd5..05ec49d981 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -14,6 +14,20 @@
 #include <cnxk_security.h>
 #include <roc_priv.h>
 
+PLT_STATIC_ASSERT(offsetof(struct rte_pmd_cnxk_ipsec_inb_sa, ctx.ar_winbits) ==
+		  offsetof(struct roc_ot_ipsec_inb_sa, ctx.ar_winbits));
+
+PLT_STATIC_ASSERT(offsetof(struct rte_pmd_cnxk_ipsec_outb_sa, ctx.mib_pkts) ==
+		  offsetof(struct roc_ot_ipsec_outb_sa, ctx.mib_pkts));
+
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_CTX_MAX_CKEY_LEN == ROC_CTX_MAX_CKEY_LEN);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN == RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN);
+
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_AR_WIN_SIZE_MIN == ROC_AR_WIN_SIZE_MIN);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_AR_WIN_SIZE_MAX == ROC_AR_WIN_SIZE_MAX);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_LOG_MIN_AR_WIN_SIZE_M1 == ROC_LOG_MIN_AR_WIN_SIZE_M1);
+PLT_STATIC_ASSERT(RTE_PMD_CNXK_AR_WINBITS_SZ == ROC_AR_WINBITS_SZ);
+
 static struct rte_cryptodev_capabilities cn10k_eth_sec_crypto_caps[] = {
 	{	/* AES GCM */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -1143,7 +1157,7 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
 
 int
 rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
-			void *data, uint32_t len)
+			union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
@@ -1166,7 +1180,7 @@ rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
 
 int
 rte_pmd_cnxk_hw_sa_write(void *device, struct rte_security_session *sess,
-			 void *data, uint32_t len)
+			 union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len)
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
diff --git a/drivers/net/cnxk/rte_pmd_cnxk.h b/drivers/net/cnxk/rte_pmd_cnxk.h
index 7827c33ac9..43f2a7ed9b 100644
--- a/drivers/net/cnxk/rte_pmd_cnxk.h
+++ b/drivers/net/cnxk/rte_pmd_cnxk.h
@@ -60,6 +60,399 @@ struct rte_pmd_cnxk_sec_action {
 	enum rte_pmd_cnxk_sec_action_alg alg;
 };
 
+#define RTE_PMD_CNXK_CTX_MAX_CKEY_LEN	   32
+#define RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN 128
+
+/** Anti reply window size supported */
+#define RTE_PMD_CNXK_AR_WIN_SIZE_MIN	    64
+#define RTE_PMD_CNXK_AR_WIN_SIZE_MAX	    4096
+#define RTE_PMD_CNXK_LOG_MIN_AR_WIN_SIZE_M1 5
+
+/** u64 array size to fit anti replay window bits */
+#define RTE_PMD_CNXK_AR_WINBITS_SZ (RTE_ALIGN_CEIL(RTE_PMD_CNXK_AR_WIN_SIZE_MAX, 64) / 64)
+
+/** Outer header info for Inbound or Outbound */
+union rte_pmd_cnxk_ipsec_outer_ip_hdr {
+	struct {
+		/** IPv4 destination */
+		uint32_t dst_addr;
+		/** IPv4 source */
+		uint32_t src_addr;
+	} ipv4;
+	struct {
+		/** IPv6 source */
+		uint8_t src_addr[16];
+		/** IPv6 destination */
+		uint8_t dst_addr[16];
+	} ipv6;
+};
+
+/** Inbound IPsec context update region */
+struct rte_pmd_cnxk_ipsec_inb_ctx_update_reg {
+	/** Highest sequence number received */
+	uint64_t ar_base;
+	/** Valid bit for 64-bit words of replay window */
+	uint64_t ar_valid_mask;
+	/** Hard life for SA */
+	uint64_t hard_life;
+	/** Soft life for SA */
+	uint64_t soft_life;
+	/** MIB octets */
+	uint64_t mib_octs;
+	/** MIB packets */
+	uint64_t mib_pkts;
+	/** AR window bits */
+	uint64_t ar_winbits[RTE_PMD_CNXK_AR_WINBITS_SZ];
+};
+
+/** Outbound IPsec IV data */
+union rte_pmd_cnxk_ipsec_outb_iv {
+	uint64_t u64[2];
+	/** IV debug - 16B*/
+	uint8_t iv_dbg[16];
+	struct {
+		/** IV debug - 8B */
+		uint8_t iv_dbg1[4];
+		/** Salt */
+		uint8_t salt[4];
+
+		uint32_t rsvd;
+		/** IV debug - 8B */
+		uint8_t iv_dbg2[4];
+	} s;
+};
+
+/** Outbound IPsec context update region */
+struct rte_pmd_cnxk_ipsec_outb_ctx_update_reg {
+	union {
+		struct {
+			uint64_t reserved_0_2 : 3;
+			uint64_t address : 57;
+			uint64_t mode : 4;
+		} s;
+		uint64_t u64;
+	} err_ctl;
+
+	uint64_t esn_val;
+	uint64_t hard_life;
+	uint64_t soft_life;
+	uint64_t mib_octs;
+	uint64_t mib_pkts;
+};
+
+/**
+ * Inbound IPsec SA
+ */
+struct rte_pmd_cnxk_ipsec_inb_sa {
+	/** Word0 */
+	union {
+		struct {
+			/** AR window size */
+			uint64_t ar_win : 3;
+			/** Hard life enable */
+			uint64_t hard_life_dec : 1;
+			/** Soft life enable */
+			uint64_t soft_life_dec : 1;
+
+			/** Count global octets */
+			uint64_t count_glb_octets : 1;
+			/** Count global pkts */
+			uint64_t count_glb_pkts : 1;
+			/** Count bytes */
+			uint64_t count_mib_bytes : 1;
+
+			/** Count pkts */
+			uint64_t count_mib_pkts : 1;
+			/** HW context offset */
+			uint64_t hw_ctx_off : 7;
+
+			/** Context ID */
+			uint64_t ctx_id : 16;
+
+			/** Original packet free absolute */
+			uint64_t orig_pkt_fabs : 1;
+			/** Original packet free */
+			uint64_t orig_pkt_free : 1;
+			/** PKIND for second pass */
+			uint64_t pkind : 6;
+
+			uint64_t rsvd0 : 1;
+			/** Ether type overwrite */
+			uint64_t et_ovrwr : 1;
+			/** Packet output type */
+			uint64_t pkt_output : 2;
+			/** Packet format type */
+			uint64_t pkt_format : 1;
+			/** Defrag option */
+			uint64_t defrag_opt : 2;
+			/** Reserved for X2P dest */
+			uint64_t x2p_dst : 1;
+
+			/** Context push size */
+			uint64_t ctx_push_size : 7;
+			uint64_t rsvd1 : 1;
+
+			/** Context header size */
+			uint64_t ctx_hdr_size : 2;
+			/** AOP enable */
+			uint64_t aop_valid : 1;
+			uint64_t rsvd2 : 1;
+			/** Context size */
+			uint64_t ctx_size : 4;
+		} s;
+		uint64_t u64;
+	} w0;
+
+	/** Word1 */
+	union {
+		struct {
+			/** Original packet aura */
+			uint64_t orig_pkt_aura : 20;
+			uint64_t rsvd3 : 4;
+			/** Original packet free offset */
+			uint64_t orig_pkt_foff : 8;
+			/** SA cookie */
+			uint64_t cookie : 32;
+		} s;
+		uint64_t u64;
+	} w1;
+
+	/** Word 2 */
+	union {
+		struct {
+			/** SA valid */
+			uint64_t valid : 1;
+			/** SA direction */
+			uint64_t dir : 1;
+			uint64_t rsvd11 : 1;
+			uint64_t rsvd4 : 1;
+			/** IPsec mode */
+			uint64_t ipsec_mode : 1;
+			/** IPsec protocol */
+			uint64_t ipsec_protocol : 1;
+			/** AES key length */
+			uint64_t aes_key_len : 2;
+
+			/** Encryption algo */
+			uint64_t enc_type : 3;
+			/** Soft life and hard life unit */
+			uint64_t life_unit : 1;
+			/** Authentication algo */
+			uint64_t auth_type : 4;
+
+			/** Encapsulation type */
+			uint64_t encap_type : 2;
+			/** Ether type override enable */
+			uint64_t et_ovrwr_ddr_en : 1;
+			/** ESN enable */
+			uint64_t esn_en : 1;
+			/** Transport mode L4 checksum incrementally update */
+			uint64_t tport_l4_incr_csum : 1;
+			/** Outer IP header verification */
+			uint64_t ip_hdr_verify : 2;
+			/** UDP enacapsulation ports verification */
+			uint64_t udp_ports_verify : 1;
+
+			/** Return 64B of L2/L3 header on error */
+			uint64_t l3hdr_on_err : 1;
+			uint64_t rsvd6 : 6;
+			uint64_t rsvd12 : 1;
+
+			/** SPI */
+			uint64_t spi : 32;
+		} s;
+		uint64_t u64;
+	} w2;
+
+	/** Word3 */
+	uint64_t rsvd7;
+
+	/** Word4 - Word7 */
+	uint8_t cipher_key[RTE_PMD_CNXK_CTX_MAX_CKEY_LEN];
+
+	/** Word8 - Word9 */
+	union {
+		struct {
+			uint32_t rsvd8;
+			/** IV salt */
+			uint8_t salt[4];
+		} s;
+		uint64_t u64;
+	} w8;
+	uint64_t rsvd9;
+
+	/** Word10 */
+	union {
+		struct {
+			uint64_t rsvd10 : 32;
+			/** UDP encapsulation source port */
+			uint64_t udp_src_port : 16;
+			/** UDP encapsulation destination port */
+			uint64_t udp_dst_port : 16;
+		} s;
+		uint64_t u64;
+	} w10;
+
+	/** Word11 - Word14 */
+	union rte_pmd_cnxk_ipsec_outer_ip_hdr outer_hdr;
+
+	/** Word15 - Word30 */
+	uint8_t hmac_opad_ipad[RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN];
+
+	/** Word31 - Word100 */
+	struct rte_pmd_cnxk_ipsec_inb_ctx_update_reg ctx;
+};
+
+/**
+ * Outbound IPsec SA
+ */
+struct rte_pmd_cnxk_ipsec_outb_sa {
+	/** Word0 */
+	union {
+		struct {
+			/** ESN enable */
+			uint64_t esn_en : 1;
+			/** IP ID generation type */
+			uint64_t ip_id : 1;
+			uint64_t rsvd0 : 1;
+			/** Hard life enable */
+			uint64_t hard_life_dec : 1;
+			/** Soft life enable */
+			uint64_t soft_life_dec : 1;
+
+			/** Count global octets */
+			uint64_t count_glb_octets : 1;
+			/** Count global pkts */
+			uint64_t count_glb_pkts : 1;
+			/** Count bytes */
+			uint64_t count_mib_bytes : 1;
+
+			/** Count pkts */
+			uint64_t count_mib_pkts : 1;
+			/** HW context offset */
+			uint64_t hw_ctx_off : 7;
+
+			/** Context ID */
+			uint64_t ctx_id : 16;
+			uint64_t rsvd1 : 16;
+
+			/** Context push size */
+			uint64_t ctx_push_size : 7;
+			uint64_t rsvd2 : 1;
+
+			/** Context header size */
+			uint64_t ctx_hdr_size : 2;
+			/** AOP enable */
+			uint64_t aop_valid : 1;
+			uint64_t rsvd3 : 1;
+			/** Context size */
+			uint64_t ctx_size : 4;
+		} s;
+		uint64_t u64;
+	} w0;
+
+	/** Word1 */
+	union {
+		struct {
+			uint64_t rsvd4 : 32;
+			/** SA cookie */
+			uint64_t cookie : 32;
+		} s;
+		uint64_t u64;
+	} w1;
+
+	/** Word 2 */
+	union {
+		struct {
+			/** SA valid */
+			uint64_t valid : 1;
+			/** SA direction */
+			uint64_t dir : 1;
+			uint64_t rsvd11 : 1;
+			uint64_t rsvd5 : 1;
+			/** IPsec mode */
+			uint64_t ipsec_mode : 1;
+			/** IPsec protocol */
+			uint64_t ipsec_protocol : 1;
+
+			/** AES key length */
+			uint64_t aes_key_len : 2;
+
+			/** Encryption algo */
+			uint64_t enc_type : 3;
+			/** Soft life and hard life unit */
+			uint64_t life_unit : 1;
+			/** Authentication algo */
+			uint64_t auth_type : 4;
+
+			/** Encapsulation type */
+			uint64_t encap_type : 2;
+			/** DF source */
+			uint64_t ipv4_df_src_or_ipv6_flw_lbl_src : 1;
+			/** DSCP source */
+			uint64_t dscp_src : 1;
+			/** IV source */
+			uint64_t iv_src : 2;
+			/** IPID value in outer header */
+			uint64_t ipid_gen : 1;
+			uint64_t rsvd6 : 1;
+
+			uint64_t rsvd7 : 7;
+			uint64_t rsvd12 : 1;
+
+			/** SPI */
+			uint64_t spi : 32;
+		} s;
+		uint64_t u64;
+	} w2;
+
+	/** Word3 */
+	uint64_t rsvd8;
+
+	/** Word4 - Word7 */
+	uint8_t cipher_key[RTE_PMD_CNXK_CTX_MAX_CKEY_LEN];
+
+	/** Word8 - Word9 */
+	union rte_pmd_cnxk_ipsec_outb_iv iv;
+
+	/** Word10 */
+	union {
+		struct {
+			uint64_t rsvd9 : 4;
+			/** Outer header IPv4 DF or IPv6 flow label */
+			uint64_t ipv4_df_or_ipv6_flw_lbl : 20;
+
+			/** DSCP for outer header */
+			uint64_t dscp : 6;
+			uint64_t rsvd10 : 2;
+
+			/** UDP encapsulation destination port */
+			uint64_t udp_dst_port : 16;
+
+			/** UDP encapsulation source port */
+			uint64_t udp_src_port : 16;
+		} s;
+		uint64_t u64;
+	} w10;
+
+	/** Word11 - Word14 */
+	union rte_pmd_cnxk_ipsec_outer_ip_hdr outer_hdr;
+
+	/** Word15 - Word30 */
+	uint8_t hmac_opad_ipad[RTE_PMD_CNXK_CTX_MAX_OPAD_IPAD_LEN];
+
+	/** Word31 - Word36 */
+	struct rte_pmd_cnxk_ipsec_outb_ctx_update_reg ctx;
+};
+
+/** Inbound/Outbound IPsec SA */
+union rte_pmd_cnxk_ipsec_hw_sa {
+	/** Inbound SA */
+	struct rte_pmd_cnxk_ipsec_inb_sa inb;
+	/** Outbound SA */
+	struct rte_pmd_cnxk_ipsec_outb_sa outb;
+};
+
 /**
  * Read HW SA context from session.
  *
@@ -77,7 +470,7 @@ struct rte_pmd_cnxk_sec_action {
  */
 __rte_experimental
 int rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
-			    void *data, uint32_t len);
+			    union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len);
 /**
  * Write HW SA context to session.
  *
@@ -95,7 +488,7 @@ int rte_pmd_cnxk_hw_sa_read(void *device, struct rte_security_session *sess,
  */
 __rte_experimental
 int rte_pmd_cnxk_hw_sa_write(void *device, struct rte_security_session *sess,
-			     void *data, uint32_t len);
+			     union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len);
 
 /**
  * Get pointer to CPT result info for inline inbound processed pkt.
-- 
2.25.1