* [PATCH 03/10] net/cnxk: fix extbuf handling for multisegment packet [not found] <20240517074448.3146611-1-ndabilpuram@marvell.com> @ 2024-05-17 7:44 ` Nithin Dabilpuram 2024-05-17 7:44 ` [PATCH 05/10] net/cnxk: update SA userdata and keep original cookie Nithin Dabilpuram ` (2 subsequent siblings) 3 siblings, 0 replies; 6+ messages in thread From: Nithin Dabilpuram @ 2024-05-17 7:44 UTC (permalink / raw) To: Nithin Dabilpuram, Kiran Kumar K, Sunil Kumar Kori, Satha Rao, Harman Kalra Cc: jerinj, dev, Rakesh Kudurumalla, stable From: Rakesh Kudurumalla <rkudurumalla@marvell.com> Avoid double free of extbuf when during TX path in multisegmented packet with extbuf as one of segment. Fixes: dd9446991212 ("net/cnxk: add transmit completion handler") Cc: stable@dpdk.org Signed-off-by: Rakesh Kudurumalla <rkudurumalla@marvell.com> --- drivers/net/cnxk/cn9k_tx.h | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/cnxk/cn9k_tx.h b/drivers/net/cnxk/cn9k_tx.h index 6fc9e4d758..b56881c561 100644 --- a/drivers/net/cnxk/cn9k_tx.h +++ b/drivers/net/cnxk/cn9k_tx.h @@ -117,6 +117,7 @@ cn9k_nix_prefree_seg(struct rte_mbuf *m, struct rte_mbuf **extm, struct cn9k_eth send_hdr->w1.sqe_id = sqe_id & txq->tx_compl.nb_desc_mask; txq->tx_compl.ptr[send_hdr->w1.sqe_id] = m; + m->next = NULL; } return 1; } else { -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 05/10] net/cnxk: update SA userdata and keep original cookie [not found] <20240517074448.3146611-1-ndabilpuram@marvell.com> 2024-05-17 7:44 ` [PATCH 03/10] net/cnxk: fix extbuf handling for multisegment packet Nithin Dabilpuram @ 2024-05-17 7:44 ` Nithin Dabilpuram 2024-05-17 7:44 ` [PATCH 07/10] net/cnxk: fix issue with outbound security higher pkt burst Nithin Dabilpuram [not found] ` <20240528070522.3857626-1-ndabilpuram@marvell.com> 3 siblings, 0 replies; 6+ messages in thread From: Nithin Dabilpuram @ 2024-05-17 7:44 UTC (permalink / raw) To: Nithin Dabilpuram, Kiran Kumar K, Sunil Kumar Kori, Satha Rao, Harman Kalra Cc: jerinj, dev, stable Update SA userdata as part of session_update() and keep the original cookie that is used to identify SA. Fixes: 8efa348e8160 ("net/cnxk: support custom SA index") Cc: stable@dpdk.org Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com> --- drivers/net/cnxk/cn10k_ethdev_sec.c | 57 ++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 2 deletions(-) diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c index af27d3bbc1..eed4c29218 100644 --- a/drivers/net/cnxk/cn10k_ethdev_sec.c +++ b/drivers/net/cnxk/cn10k_ethdev_sec.c @@ -1101,8 +1101,8 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess, { struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device; struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev); - struct roc_ot_ipsec_inb_sa *inb_sa_dptr; struct rte_security_ipsec_xform *ipsec; + struct cn10k_sec_sess_priv sess_priv; struct rte_crypto_sym_xform *crypto; struct cnxk_eth_sec_sess *eth_sec; bool inbound; @@ -1123,6 +1123,11 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess, eth_sec->spi = conf->ipsec.spi; if (inbound) { + struct roc_ot_ipsec_inb_sa *inb_sa_dptr, *inb_sa; + struct cn10k_inb_priv_data *inb_priv; + + inb_sa = eth_sec->sa; + inb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa); inb_sa_dptr = (struct roc_ot_ipsec_inb_sa *)dev->inb.sa_dptr; memset(inb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa)); @@ -1130,26 +1135,74 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess, true); if (rc) return -EINVAL; + /* Use cookie for original data */ + inb_sa_dptr->w1.s.cookie = inb_sa->w1.s.cookie; + + if (ipsec->options.stats == 1) { + /* Enable mib counters */ + inb_sa_dptr->w0.s.count_mib_bytes = 1; + inb_sa_dptr->w0.s.count_mib_pkts = 1; + } + + /* Enable out-of-place processing */ + if (ipsec->options.ingress_oop) + inb_sa_dptr->w0.s.pkt_format = ROC_IE_OT_SA_PKT_FMT_FULL; rc = roc_nix_inl_ctx_write(&dev->nix, inb_sa_dptr, eth_sec->sa, eth_sec->inb, sizeof(struct roc_ot_ipsec_inb_sa)); if (rc) return -EINVAL; + + /* Save userdata in inb private area */ + inb_priv->userdata = conf->userdata; } else { - struct roc_ot_ipsec_outb_sa *outb_sa_dptr; + struct roc_ot_ipsec_outb_sa *outb_sa_dptr, *outb_sa; + struct cn10k_outb_priv_data *outb_priv; + struct cnxk_ipsec_outb_rlens *rlens; + outb_sa = eth_sec->sa; + outb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa); + rlens = &outb_priv->rlens; outb_sa_dptr = (struct roc_ot_ipsec_outb_sa *)dev->outb.sa_dptr; memset(outb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa)); rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto); if (rc) return -EINVAL; + + /* Save rlen info */ + cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto); + + if (ipsec->options.stats == 1) { + /* Enable mib counters */ + outb_sa_dptr->w0.s.count_mib_bytes = 1; + outb_sa_dptr->w0.s.count_mib_pkts = 1; + } + + sess_priv.u64 = 0; + sess_priv.sa_idx = outb_priv->sa_idx; + sess_priv.roundup_byte = rlens->roundup_byte; + sess_priv.roundup_len = rlens->roundup_len; + sess_priv.partial_len = rlens->partial_len; + sess_priv.mode = outb_sa_dptr->w2.s.ipsec_mode; + sess_priv.outer_ip_ver = outb_sa_dptr->w2.s.outer_ip_ver; + /* Propagate inner checksum enable from SA to fast path */ + sess_priv.chksum = + (!ipsec->options.ip_csum_enable << 1 | !ipsec->options.l4_csum_enable); + sess_priv.dec_ttl = ipsec->options.dec_ttl; + if (roc_feature_nix_has_inl_ipsec_mseg() && dev->outb.cpt_eng_caps & BIT_ULL(35)) + sess_priv.nixtx_off = 1; + rc = roc_nix_inl_ctx_write(&dev->nix, outb_sa_dptr, eth_sec->sa, eth_sec->inb, sizeof(struct roc_ot_ipsec_outb_sa)); if (rc) return -EINVAL; + + /* Save userdata */ + outb_priv->userdata = conf->userdata; + sess->fast_mdata = sess_priv.u64; } return 0; -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 07/10] net/cnxk: fix issue with outbound security higher pkt burst [not found] <20240517074448.3146611-1-ndabilpuram@marvell.com> 2024-05-17 7:44 ` [PATCH 03/10] net/cnxk: fix extbuf handling for multisegment packet Nithin Dabilpuram 2024-05-17 7:44 ` [PATCH 05/10] net/cnxk: update SA userdata and keep original cookie Nithin Dabilpuram @ 2024-05-17 7:44 ` Nithin Dabilpuram [not found] ` <20240528070522.3857626-1-ndabilpuram@marvell.com> 3 siblings, 0 replies; 6+ messages in thread From: Nithin Dabilpuram @ 2024-05-17 7:44 UTC (permalink / raw) To: Nithin Dabilpuram, Kiran Kumar K, Sunil Kumar Kori, Satha Rao, Harman Kalra Cc: jerinj, dev, stable Fix issue with outbound security path while handling mixed traffic i.e both plain and inline outbound pkts being present as part of burst and burst size is > 32. The loop needs to be broken when we don't have space for 4 pkts in LMT lines for CPT considering both the full lmt lines and partial lmt lines used. Fixes: 55bfac717c72 ("net/cnxk: support Tx security offload on cn10k") Cc: stable@dpdk.org Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com> --- drivers/net/cnxk/cn10k_tx.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/net/cnxk/cn10k_tx.h b/drivers/net/cnxk/cn10k_tx.h index 3818b0445a..84b08403c0 100644 --- a/drivers/net/cnxk/cn10k_tx.h +++ b/drivers/net/cnxk/cn10k_tx.h @@ -2272,7 +2272,8 @@ cn10k_nix_xmit_pkts_vector(void *tx_queue, uint64_t *ws, } for (i = 0; i < burst; i += NIX_DESCS_PER_LOOP) { - if (flags & NIX_TX_OFFLOAD_SECURITY_F && c_lnum + 2 > 16) { + if (flags & NIX_TX_OFFLOAD_SECURITY_F && + (((int)((16 - c_lnum) << 1) - c_loff) < 4)) { burst = i; break; } -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
[parent not found: <20240528070522.3857626-1-ndabilpuram@marvell.com>]
* [PATCH v2 03/10] net/cnxk: fix extbuf handling for multisegment packet [not found] ` <20240528070522.3857626-1-ndabilpuram@marvell.com> @ 2024-05-28 7:05 ` Nithin Dabilpuram 2024-05-28 7:05 ` [PATCH v2 05/10] net/cnxk: update SA userdata and keep original cookie Nithin Dabilpuram 2024-05-28 7:05 ` [PATCH v2 07/10] net/cnxk: fix issue with outbound security higher pkt burst Nithin Dabilpuram 2 siblings, 0 replies; 6+ messages in thread From: Nithin Dabilpuram @ 2024-05-28 7:05 UTC (permalink / raw) To: Nithin Dabilpuram, Kiran Kumar K, Sunil Kumar Kori, Satha Rao, Harman Kalra Cc: jerinj, dev, Rakesh Kudurumalla, stable From: Rakesh Kudurumalla <rkudurumalla@marvell.com> Avoid double free of extbuf when during TX path in multisegmented packet with extbuf as one of segment. Fixes: dd9446991212 ("net/cnxk: add transmit completion handler") Cc: stable@dpdk.org Signed-off-by: Rakesh Kudurumalla <rkudurumalla@marvell.com> --- drivers/net/cnxk/cn9k_tx.h | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/cnxk/cn9k_tx.h b/drivers/net/cnxk/cn9k_tx.h index 6fc9e4d758..b56881c561 100644 --- a/drivers/net/cnxk/cn9k_tx.h +++ b/drivers/net/cnxk/cn9k_tx.h @@ -117,6 +117,7 @@ cn9k_nix_prefree_seg(struct rte_mbuf *m, struct rte_mbuf **extm, struct cn9k_eth send_hdr->w1.sqe_id = sqe_id & txq->tx_compl.nb_desc_mask; txq->tx_compl.ptr[send_hdr->w1.sqe_id] = m; + m->next = NULL; } return 1; } else { -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 05/10] net/cnxk: update SA userdata and keep original cookie [not found] ` <20240528070522.3857626-1-ndabilpuram@marvell.com> 2024-05-28 7:05 ` [PATCH v2 03/10] net/cnxk: fix extbuf handling for multisegment packet Nithin Dabilpuram @ 2024-05-28 7:05 ` Nithin Dabilpuram 2024-05-28 7:05 ` [PATCH v2 07/10] net/cnxk: fix issue with outbound security higher pkt burst Nithin Dabilpuram 2 siblings, 0 replies; 6+ messages in thread From: Nithin Dabilpuram @ 2024-05-28 7:05 UTC (permalink / raw) To: Nithin Dabilpuram, Kiran Kumar K, Sunil Kumar Kori, Satha Rao, Harman Kalra Cc: jerinj, dev, stable Update SA userdata as part of session_update() and keep the original cookie that is used to identify SA. Fixes: 8efa348e8160 ("net/cnxk: support custom SA index") Cc: stable@dpdk.org Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com> --- drivers/net/cnxk/cn10k_ethdev_sec.c | 57 ++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 2 deletions(-) diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c index af27d3bbc1..eed4c29218 100644 --- a/drivers/net/cnxk/cn10k_ethdev_sec.c +++ b/drivers/net/cnxk/cn10k_ethdev_sec.c @@ -1101,8 +1101,8 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess, { struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device; struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev); - struct roc_ot_ipsec_inb_sa *inb_sa_dptr; struct rte_security_ipsec_xform *ipsec; + struct cn10k_sec_sess_priv sess_priv; struct rte_crypto_sym_xform *crypto; struct cnxk_eth_sec_sess *eth_sec; bool inbound; @@ -1123,6 +1123,11 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess, eth_sec->spi = conf->ipsec.spi; if (inbound) { + struct roc_ot_ipsec_inb_sa *inb_sa_dptr, *inb_sa; + struct cn10k_inb_priv_data *inb_priv; + + inb_sa = eth_sec->sa; + inb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa); inb_sa_dptr = (struct roc_ot_ipsec_inb_sa *)dev->inb.sa_dptr; memset(inb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa)); @@ -1130,26 +1135,74 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess, true); if (rc) return -EINVAL; + /* Use cookie for original data */ + inb_sa_dptr->w1.s.cookie = inb_sa->w1.s.cookie; + + if (ipsec->options.stats == 1) { + /* Enable mib counters */ + inb_sa_dptr->w0.s.count_mib_bytes = 1; + inb_sa_dptr->w0.s.count_mib_pkts = 1; + } + + /* Enable out-of-place processing */ + if (ipsec->options.ingress_oop) + inb_sa_dptr->w0.s.pkt_format = ROC_IE_OT_SA_PKT_FMT_FULL; rc = roc_nix_inl_ctx_write(&dev->nix, inb_sa_dptr, eth_sec->sa, eth_sec->inb, sizeof(struct roc_ot_ipsec_inb_sa)); if (rc) return -EINVAL; + + /* Save userdata in inb private area */ + inb_priv->userdata = conf->userdata; } else { - struct roc_ot_ipsec_outb_sa *outb_sa_dptr; + struct roc_ot_ipsec_outb_sa *outb_sa_dptr, *outb_sa; + struct cn10k_outb_priv_data *outb_priv; + struct cnxk_ipsec_outb_rlens *rlens; + outb_sa = eth_sec->sa; + outb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa); + rlens = &outb_priv->rlens; outb_sa_dptr = (struct roc_ot_ipsec_outb_sa *)dev->outb.sa_dptr; memset(outb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa)); rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto); if (rc) return -EINVAL; + + /* Save rlen info */ + cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto); + + if (ipsec->options.stats == 1) { + /* Enable mib counters */ + outb_sa_dptr->w0.s.count_mib_bytes = 1; + outb_sa_dptr->w0.s.count_mib_pkts = 1; + } + + sess_priv.u64 = 0; + sess_priv.sa_idx = outb_priv->sa_idx; + sess_priv.roundup_byte = rlens->roundup_byte; + sess_priv.roundup_len = rlens->roundup_len; + sess_priv.partial_len = rlens->partial_len; + sess_priv.mode = outb_sa_dptr->w2.s.ipsec_mode; + sess_priv.outer_ip_ver = outb_sa_dptr->w2.s.outer_ip_ver; + /* Propagate inner checksum enable from SA to fast path */ + sess_priv.chksum = + (!ipsec->options.ip_csum_enable << 1 | !ipsec->options.l4_csum_enable); + sess_priv.dec_ttl = ipsec->options.dec_ttl; + if (roc_feature_nix_has_inl_ipsec_mseg() && dev->outb.cpt_eng_caps & BIT_ULL(35)) + sess_priv.nixtx_off = 1; + rc = roc_nix_inl_ctx_write(&dev->nix, outb_sa_dptr, eth_sec->sa, eth_sec->inb, sizeof(struct roc_ot_ipsec_outb_sa)); if (rc) return -EINVAL; + + /* Save userdata */ + outb_priv->userdata = conf->userdata; + sess->fast_mdata = sess_priv.u64; } return 0; -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 07/10] net/cnxk: fix issue with outbound security higher pkt burst [not found] ` <20240528070522.3857626-1-ndabilpuram@marvell.com> 2024-05-28 7:05 ` [PATCH v2 03/10] net/cnxk: fix extbuf handling for multisegment packet Nithin Dabilpuram 2024-05-28 7:05 ` [PATCH v2 05/10] net/cnxk: update SA userdata and keep original cookie Nithin Dabilpuram @ 2024-05-28 7:05 ` Nithin Dabilpuram 2 siblings, 0 replies; 6+ messages in thread From: Nithin Dabilpuram @ 2024-05-28 7:05 UTC (permalink / raw) To: Nithin Dabilpuram, Kiran Kumar K, Sunil Kumar Kori, Satha Rao, Harman Kalra Cc: jerinj, dev, stable Fix issue with outbound security path while handling mixed traffic i.e both plain and inline outbound pkts being present as part of burst and burst size is > 32. The loop needs to be broken when we don't have space for 4 pkts in LMT lines for CPT considering both the full lmt lines and partial lmt lines used. Fixes: 55bfac717c72 ("net/cnxk: support Tx security offload on cn10k") Cc: stable@dpdk.org Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com> --- drivers/net/cnxk/cn10k_tx.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/net/cnxk/cn10k_tx.h b/drivers/net/cnxk/cn10k_tx.h index 3818b0445a..84b08403c0 100644 --- a/drivers/net/cnxk/cn10k_tx.h +++ b/drivers/net/cnxk/cn10k_tx.h @@ -2272,7 +2272,8 @@ cn10k_nix_xmit_pkts_vector(void *tx_queue, uint64_t *ws, } for (i = 0; i < burst; i += NIX_DESCS_PER_LOOP) { - if (flags & NIX_TX_OFFLOAD_SECURITY_F && c_lnum + 2 > 16) { + if (flags & NIX_TX_OFFLOAD_SECURITY_F && + (((int)((16 - c_lnum) << 1) - c_loff) < 4)) { burst = i; break; } -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-05-28 7:05 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <20240517074448.3146611-1-ndabilpuram@marvell.com> 2024-05-17 7:44 ` [PATCH 03/10] net/cnxk: fix extbuf handling for multisegment packet Nithin Dabilpuram 2024-05-17 7:44 ` [PATCH 05/10] net/cnxk: update SA userdata and keep original cookie Nithin Dabilpuram 2024-05-17 7:44 ` [PATCH 07/10] net/cnxk: fix issue with outbound security higher pkt burst Nithin Dabilpuram [not found] ` <20240528070522.3857626-1-ndabilpuram@marvell.com> 2024-05-28 7:05 ` [PATCH v2 03/10] net/cnxk: fix extbuf handling for multisegment packet Nithin Dabilpuram 2024-05-28 7:05 ` [PATCH v2 05/10] net/cnxk: update SA userdata and keep original cookie Nithin Dabilpuram 2024-05-28 7:05 ` [PATCH v2 07/10] net/cnxk: fix issue with outbound security higher pkt burst Nithin Dabilpuram
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).