[20/20] net/cnxk: add option to override outbound inline sa iv
Checks
Commit Message
Add option to override outbound inline sa iv for debug
purposes via environment variable. User can set env variable as:
export CN10K_ETH_SEC_IV_OVR="0x0, 0x0,..."
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
---
drivers/net/cnxk/cn10k_ethdev_sec.c | 62 +++++++++++++++++++++++++++++++++++++
1 file changed, 62 insertions(+)
Comments
On Mon, Feb 7, 2022 at 1:02 PM Nithin Dabilpuram
<ndabilpuram@marvell.com> wrote:
>
> Add option to override outbound inline sa iv for debug
sa -> SA
IV -> IV
Please check the subject too
> purposes via environment variable. User can set env variable as:
> export CN10K_ETH_SEC_IV_OVR="0x0, 0x0,..."
Please add a table for environment variables and usage in
doc/guides/platform/cnxk.rst
for the following ones as a separate patch and extended the new one there.
rivers/common/cnxk/roc_bphy_irq.c: env = getenv("BPHY_INTR_MLOCK_DISABLE");
drivers/common/cnxk/roc_mbox.c: var = getenv("ROC_CN10K_MBOX_TIMEOUT");
drivers/common/cnxk/roc_mbox.c: var_to = getenv("ROC_MBOX_TIMEOUT");
>
> Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
> ---
> drivers/net/cnxk/cn10k_ethdev_sec.c | 62 +++++++++++++++++++++++++++++++++++++
> 1 file changed, 62 insertions(+)
>
> diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
> index a2a53c1..a514345 100644
> --- a/drivers/net/cnxk/cn10k_ethdev_sec.c
> +++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
> @@ -252,6 +252,63 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
> cnxk_pktmbuf_free_no_cache(mbuf);
> }
>
> +static void
> +outb_dbg_iv_update(struct roc_ot_ipsec_outb_sa *outb_sa, const char *__iv_str)
> +{
> + uint8_t *iv_dbg = outb_sa->iv.iv_dbg;
> + char *iv_str = strdup(__iv_str);
> + char *iv_b = NULL, len = 16;
> + char *save;
> + int i;
> +
> + if (!iv_str)
> + return;
> +
> + if (outb_sa->w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_GCM ||
> + outb_sa->w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_CTR ||
> + outb_sa->w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_CCM ||
> + outb_sa->w2.s.auth_type == ROC_IE_OT_SA_AUTH_AES_GMAC) {
> + memset(outb_sa->iv.s.iv_dbg1, 0, sizeof(outb_sa->iv.s.iv_dbg1));
> + memset(outb_sa->iv.s.iv_dbg2, 0, sizeof(outb_sa->iv.s.iv_dbg2));
> +
> + iv_dbg = outb_sa->iv.s.iv_dbg1;
> + for (i = 0; i < 4; i++) {
> + iv_b = strtok_r(i ? NULL : iv_str, ",", &save);
> + if (!iv_b)
> + break;
> + iv_dbg[i] = strtoul(iv_b, NULL, 0);
> + }
> + *(uint32_t *)iv_dbg = rte_be_to_cpu_32(*(uint32_t *)iv_dbg);
> +
> + iv_dbg = outb_sa->iv.s.iv_dbg2;
> + for (i = 0; i < 4; i++) {
> + iv_b = strtok_r(NULL, ",", &save);
> + if (!iv_b)
> + break;
> + iv_dbg[i] = strtoul(iv_b, NULL, 0);
> + }
> + *(uint32_t *)iv_dbg = rte_be_to_cpu_32(*(uint32_t *)iv_dbg);
> +
> + } else {
> + iv_dbg = outb_sa->iv.iv_dbg;
> + memset(iv_dbg, 0, sizeof(outb_sa->iv.iv_dbg));
> +
> + for (i = 0; i < len; i++) {
> + iv_b = strtok_r(i ? NULL : iv_str, ",", &save);
> + if (!iv_b)
> + break;
> + iv_dbg[i] = strtoul(iv_b, NULL, 0);
> + }
> + *(uint64_t *)iv_dbg = rte_be_to_cpu_64(*(uint64_t *)iv_dbg);
> + *(uint64_t *)&iv_dbg[8] =
> + rte_be_to_cpu_64(*(uint64_t *)&iv_dbg[8]);
> + }
> +
> + /* Update source of IV */
> + outb_sa->w2.s.iv_src = ROC_IE_OT_SA_IV_SRC_FROM_SA;
> + free(iv_str);
> +}
> +
> static int
> cn10k_eth_sec_session_create(void *device,
> struct rte_security_session_conf *conf,
> @@ -390,6 +447,7 @@ cn10k_eth_sec_session_create(void *device,
> struct cn10k_outb_priv_data *outb_priv;
> struct cnxk_ipsec_outb_rlens *rlens;
> uint64_t sa_base = dev->outb.sa_base;
> + const char *iv_str;
> uint32_t sa_idx;
>
> PLT_STATIC_ASSERT(sizeof(struct cn10k_outb_priv_data) <
> @@ -416,6 +474,10 @@ cn10k_eth_sec_session_create(void *device,
> goto mempool_put;
> }
>
> + iv_str = getenv("CN10K_ETH_SEC_IV_OVR");
> + if (iv_str)
> + outb_dbg_iv_update(outb_sa_dptr, iv_str);
> +
> /* Save userdata */
> outb_priv->userdata = conf->userdata;
> outb_priv->sa_idx = sa_idx;
> --
> 2.8.4
>
@@ -252,6 +252,63 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
cnxk_pktmbuf_free_no_cache(mbuf);
}
+static void
+outb_dbg_iv_update(struct roc_ot_ipsec_outb_sa *outb_sa, const char *__iv_str)
+{
+ uint8_t *iv_dbg = outb_sa->iv.iv_dbg;
+ char *iv_str = strdup(__iv_str);
+ char *iv_b = NULL, len = 16;
+ char *save;
+ int i;
+
+ if (!iv_str)
+ return;
+
+ if (outb_sa->w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_GCM ||
+ outb_sa->w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_CTR ||
+ outb_sa->w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_CCM ||
+ outb_sa->w2.s.auth_type == ROC_IE_OT_SA_AUTH_AES_GMAC) {
+ memset(outb_sa->iv.s.iv_dbg1, 0, sizeof(outb_sa->iv.s.iv_dbg1));
+ memset(outb_sa->iv.s.iv_dbg2, 0, sizeof(outb_sa->iv.s.iv_dbg2));
+
+ iv_dbg = outb_sa->iv.s.iv_dbg1;
+ for (i = 0; i < 4; i++) {
+ iv_b = strtok_r(i ? NULL : iv_str, ",", &save);
+ if (!iv_b)
+ break;
+ iv_dbg[i] = strtoul(iv_b, NULL, 0);
+ }
+ *(uint32_t *)iv_dbg = rte_be_to_cpu_32(*(uint32_t *)iv_dbg);
+
+ iv_dbg = outb_sa->iv.s.iv_dbg2;
+ for (i = 0; i < 4; i++) {
+ iv_b = strtok_r(NULL, ",", &save);
+ if (!iv_b)
+ break;
+ iv_dbg[i] = strtoul(iv_b, NULL, 0);
+ }
+ *(uint32_t *)iv_dbg = rte_be_to_cpu_32(*(uint32_t *)iv_dbg);
+
+ } else {
+ iv_dbg = outb_sa->iv.iv_dbg;
+ memset(iv_dbg, 0, sizeof(outb_sa->iv.iv_dbg));
+
+ for (i = 0; i < len; i++) {
+ iv_b = strtok_r(i ? NULL : iv_str, ",", &save);
+ if (!iv_b)
+ break;
+ iv_dbg[i] = strtoul(iv_b, NULL, 0);
+ }
+ *(uint64_t *)iv_dbg = rte_be_to_cpu_64(*(uint64_t *)iv_dbg);
+ *(uint64_t *)&iv_dbg[8] =
+ rte_be_to_cpu_64(*(uint64_t *)&iv_dbg[8]);
+ }
+
+ /* Update source of IV */
+ outb_sa->w2.s.iv_src = ROC_IE_OT_SA_IV_SRC_FROM_SA;
+ free(iv_str);
+}
+
static int
cn10k_eth_sec_session_create(void *device,
struct rte_security_session_conf *conf,
@@ -390,6 +447,7 @@ cn10k_eth_sec_session_create(void *device,
struct cn10k_outb_priv_data *outb_priv;
struct cnxk_ipsec_outb_rlens *rlens;
uint64_t sa_base = dev->outb.sa_base;
+ const char *iv_str;
uint32_t sa_idx;
PLT_STATIC_ASSERT(sizeof(struct cn10k_outb_priv_data) <
@@ -416,6 +474,10 @@ cn10k_eth_sec_session_create(void *device,
goto mempool_put;
}
+ iv_str = getenv("CN10K_ETH_SEC_IV_OVR");
+ if (iv_str)
+ outb_dbg_iv_update(outb_sa_dptr, iv_str);
+
/* Save userdata */
outb_priv->userdata = conf->userdata;
outb_priv->sa_idx = sa_idx;