From patchwork Wed Apr 10 11:18:40 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Igor Russkikh <igor.russkikh@aquantia.com>
X-Patchwork-Id: 52567
X-Patchwork-Delegate: ferruh.yigit@amd.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@dpdk.org
Delivered-To: patchwork@dpdk.org
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 424935689;
	Wed, 10 Apr 2019 13:18:44 +0200 (CEST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com
	(mail-eopbgr790077.outbound.protection.outlook.com [40.107.79.77])
	by dpdk.org (Postfix) with ESMTP id 1FD305592
	for <dev@dpdk.org>; Wed, 10 Apr 2019 13:18:42 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=AQUANTIA1COM.onmicrosoft.com; s=selector1-aquantia-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=fEN/3aV1EOskfOINKeraXqm36dkydOJYkOhDOnQa2wM=;
	b=e+qeoLfGUxmhYou0eGAnz8S+JrRTYEG37HPR/gz7aAgDxMVBGFX4qWWFboRzJs50jeErT5TOZuOa6ElKLPnJBIKBhVARj4XvUfLQkRWsj081aFeylMUMqGHN86BHaikyfael9lrFjcyDdhiK0GyE3hWj57asJycE9plRa+CDs7g=
Received: from BN8PR11MB3618.namprd11.prod.outlook.com (20.178.219.85) by
	BN8PR11MB3540.namprd11.prod.outlook.com (20.178.218.78) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.1771.21; Wed, 10 Apr 2019 11:18:40 +0000
Received: from BN8PR11MB3618.namprd11.prod.outlook.com
	([fe80::9d38:1845:842d:a489]) by
	BN8PR11MB3618.namprd11.prod.outlook.com
	([fe80::9d38:1845:842d:a489%3]) with mapi id 15.20.1771.016;
	Wed, 10 Apr 2019 11:18:40 +0000
From: Igor Russkikh <Igor.Russkikh@aquantia.com>
To: "dev@dpdk.org" <dev@dpdk.org>
CC: Pavel Belous <Pavel.Belous@aquantia.com>, Wenzhuo Lu
	<wenzhuo.lu@intel.com>, Jingjing Wu <jingjing.wu@intel.com>, Bernard
	Iremonger <bernard.iremonger@intel.com>, John McNamara
	<john.mcnamara@intel.com>, Marko Kovacevic <marko.kovacevic@intel.com>,
	Konstantin Ananyev <konstantin.ananyev@intel.com>, Thomas Monjalon
	<thomas@monjalon.net>, Ferruh Yigit <ferruh.yigit@intel.com>, Andrew
	Rybchenko <arybchenko@solarflare.com>, Igor Russkikh
	<Igor.Russkikh@aquantia.com>
Thread-Topic: [PATCH  01/10] ethdev: introduce MACSEC device ops
Thread-Index: AQHU748mXHLLDK9oYE6FEmEkoBUS2w==
Date: Wed, 10 Apr 2019 11:18:40 +0000
Message-ID: 
 <69b3fcf19cb3e11fae93281f40a1bbc0ec5a2e38.1554894242.git.igor.russkikh@aquantia.com>
References: <cover.1554894242.git.igor.russkikh@aquantia.com>
In-Reply-To: <cover.1554894242.git.igor.russkikh@aquantia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: BYAPR05CA0061.namprd05.prod.outlook.com
	(2603:10b6:a03:74::38) To BN8PR11MB3618.namprd11.prod.outlook.com
	(2603:10b6:408:85::21)
authentication-results: spf=none (sender IP is )
	smtp.mailfrom=Igor.Russkikh@aquantia.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [95.79.108.179]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fa3dd50a-de3a-4242-b206-08d6bda64886
x-microsoft-antispam: BCL:0; PCL:0;
	RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(7193020);
	SRVR:BN8PR11MB3540;
x-ms-traffictypediagnostic: BN8PR11MB3540:
x-microsoft-antispam-prvs: 
 <BN8PR11MB35403E84B3F4A16E7B415C7C982E0@BN8PR11MB3540.namprd11.prod.outlook.com>
x-forefront-prvs: 00032065B2
x-forefront-antispam-report: SFV:NSPM;
	SFS:(10009020)(396003)(39850400004)(376002)(366004)(136003)(346002)(199004)(189003)(486006)(107886003)(6506007)(316002)(2616005)(386003)(54906003)(7416002)(53936002)(8936002)(68736007)(446003)(6916009)(476003)(72206003)(2501003)(105586002)(11346002)(44832011)(99286004)(2351001)(52116002)(186003)(26005)(118296001)(106356001)(14454004)(102836004)(76176011)(71200400001)(81156014)(7736002)(14444005)(8676002)(81166006)(25786009)(256004)(6116002)(5660300002)(71190400001)(1730700003)(5640700003)(2906002)(66066001)(6512007)(478600001)(6486002)(50226002)(305945005)(97736004)(4326008)(3846002)(36756003)(6436002)(86362001);
	DIR:OUT; SFP:1101; SCL:1; SRVR:BN8PR11MB3540;
	H:BN8PR11MB3618.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en;
	PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: aquantia.com does not designate
	permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 
 aBqlm+3kEcbHpT/YoIkKTtHiX4FkKQe0ydqw8lwDR050/lTSmKHCVbR3CzZqm/J6J+D/BW2LmY9SaqrRhJqmE3NKMe0QWO+zwBPxFPNW3y6s1i9okwMqhYjeJh2tV65WiT89QBs1E/9g9JsTiYlkFEt00eUihdYsCVR1JFpCMDN8hn6jH2zDfxPlt/xZWxr2jGU2KtzZW7buEOs+mC/E4ZxoLer35ibvkA3vSYY7cwKj1tK3WHD5RM2Ao/S9lQ/Ar+sMh5ueIoPNSGq63ZQMXTuG4pIUvFXcymKV4vZ5/FCwa7aO/MfAj3XEslUuYLuFDG5szrKBMurZGQcTZziOFb89XfeA8SyprTjh8KCHdjoJG0xmWrThOUR1lkLp4usqNVZHYwNvuzKWXChpeWQfTYfOpsuBKhXqAF+rxfTn57Q=
MIME-Version: 1.0
X-OriginatorOrg: aquantia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 fa3dd50a-de3a-4242-b206-08d6bda64886
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Apr 2019 11:18:40.2504
	(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3540
Subject: [dpdk-dev] [PATCH  01/10] ethdev: introduce MACSEC device ops
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
	<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
	<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

MACSEC related device ops, API and parameters are taken from the
existing ixgbe PMD ops

Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
 lib/librte_ethdev/rte_ethdev.c      |  87 +++++++++++++++++++++
 lib/librte_ethdev/rte_ethdev.h      | 115 ++++++++++++++++++++++++++++
 lib/librte_ethdev/rte_ethdev_core.h |  23 ++++++
 3 files changed, 225 insertions(+)

diff --git a/lib/librte_ethdev/rte_ethdev.c b/lib/librte_ethdev/rte_ethdev.c
index 243beb4dd5ef..315c31dc667d 100644
--- a/lib/librte_ethdev/rte_ethdev.c
+++ b/lib/librte_ethdev/rte_ethdev.c
@@ -4367,6 +4367,93 @@ rte_eth_dev_pool_ops_supported(uint16_t port_id, const char *pool)
 	return (*dev->dev_ops->pool_ops_supported)(dev, pool);
 }
 
+int
+rte_eth_macsec_enable(uint16_t port_id,
+		      uint8_t encr, uint8_t repl_prot)
+{
+	struct rte_eth_dev *dev;
+
+	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
+	dev = &rte_eth_devices[port_id];
+
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->macsec_enable, -ENOTSUP);
+	return eth_err(port_id, (*dev->dev_ops->macsec_enable)
+				(dev, encr, repl_prot));
+}
+
+int
+rte_eth_macsec_disable(uint16_t port_id)
+{
+	struct rte_eth_dev *dev;
+
+	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
+	dev = &rte_eth_devices[port_id];
+
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->macsec_disable, -ENOTSUP);
+	return eth_err(port_id, (*dev->dev_ops->macsec_disable)
+				(dev));
+}
+
+int
+rte_eth_macsec_config_rxsc(uint16_t port_id,
+			   uint8_t *mac, uint16_t pi)
+{
+	struct rte_eth_dev *dev;
+
+	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
+	dev = &rte_eth_devices[port_id];
+
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->macsec_config_rxsc, -ENOTSUP);
+	return eth_err(port_id, (*dev->dev_ops->macsec_config_rxsc)
+				(dev, mac, pi));
+}
+
+int
+rte_eth_macsec_config_txsc(uint16_t port_id,
+			   uint8_t *mac)
+{
+	struct rte_eth_dev *dev;
+
+	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
+	dev = &rte_eth_devices[port_id];
+
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->macsec_config_txsc, -ENOTSUP);
+	return eth_err(port_id, (*dev->dev_ops->macsec_config_txsc)
+				(dev, mac));
+}
+
+int
+rte_eth_macsec_select_rxsa(uint16_t port_id,
+					uint8_t idx, uint8_t an,
+					uint32_t pn, uint8_t *key)
+{
+	struct rte_eth_dev *dev;
+
+	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
+	dev = &rte_eth_devices[port_id];
+
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->macsec_select_rxsa, -ENOTSUP);
+	return eth_err(port_id, (*dev->dev_ops->macsec_select_rxsa)
+				(dev, idx, an, pn, key));
+}
+
+int
+rte_eth_macsec_select_txsa(uint16_t port_id,
+					uint8_t idx, uint8_t an,
+					uint32_t pn, uint8_t *key)
+{
+	struct rte_eth_dev *dev;
+
+	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
+	dev = &rte_eth_devices[port_id];
+
+	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->macsec_select_txsa, -ENOTSUP);
+	return eth_err(port_id, (*dev->dev_ops->macsec_select_txsa)
+				(dev, idx, an, pn, key));
+}
+
+
+
 /**
  * A set of values to describe the possible states of a switch domain.
  */
diff --git a/lib/librte_ethdev/rte_ethdev.h b/lib/librte_ethdev/rte_ethdev.h
index 40a068fe8337..0e4e889653ad 100644
--- a/lib/librte_ethdev/rte_ethdev.h
+++ b/lib/librte_ethdev/rte_ethdev.h
@@ -3872,6 +3872,121 @@ rte_eth_dev_pool_ops_supported(uint16_t port_id, const char *pool);
 void *
 rte_eth_dev_get_sec_ctx(uint16_t port_id);
 
+/**
+ * Enable MACsec offload.
+ *
+ * @param port_id
+ *   The port identifier of the Ethernet device.
+ * @param encr
+ *    1 - Enable encryption (encrypt and add integrity signature).
+ *    0 - Disable encryption (only add integrity signature).
+ * @param repl_prot
+ *    1 - Enable replay protection.
+ *    0 - Disable replay protection.
+ * @return
+ *   - (0) if successful.
+ *   - (-ENODEV) if *port* invalid.
+ *   - (-ENOTSUP) if hardware doesn't support this feature.
+ */
+int
+rte_eth_macsec_enable(uint16_t port_id,
+		      uint8_t encr, uint8_t repl_prot);
+
+/**
+ * Disable MACsec offload.
+ *
+ * @param port_id
+ *   The port identifier of the Ethernet device.
+ * @return
+ *   - (0) if successful.
+ *   - (-ENODEV) if *port* invalid.
+ *   - (-ENOTSUP) if hardware doesn't support this feature.
+ */
+int
+rte_eth_macsec_disable(uint16_t port_id);
+
+/**
+ * Configure Rx SC (Secure Connection).
+ *
+ * @param port_id
+ *   The port identifier of the Ethernet device.
+ * @param mac
+ *   The MAC address on the remote side.
+ * @param pi
+ *   The PI (port identifier) on the remote side.
+ * @return
+ *   - (0) if successful.
+ *   - (-ENODEV) if *port* invalid.
+ *   - (-ENOTSUP) if hardware doesn't support this feature.
+ */
+int
+rte_eth_macsec_config_rxsc(uint16_t port_id,
+			   uint8_t *mac, uint16_t pi);
+
+/**
+ * Configure Tx SC (Secure Connection).
+ *
+ * @param port_id
+ *   The port identifier of the Ethernet device.
+ * @param mac
+ *   The MAC address on the local side.
+ * @return
+ *   - (0) if successful.
+ *   - (-ENODEV) if *port* invalid.
+ *   - (-ENOTSUP) if hardware doesn't support this feature.
+ */
+int
+rte_eth_macsec_config_txsc(uint16_t port_id,
+			   uint8_t *mac);
+
+/**
+ * Enable Rx SA (Secure Association).
+ *
+ * @param port_id
+ *   The port identifier of the Ethernet device.
+ * @param idx
+ *   The SA to be enabled (0 or 1)
+ * @param an
+ *   The association number on the remote side.
+ * @param pn
+ *   The packet number on the remote side.
+ * @param key
+ *   The key on the remote side.
+ * @return
+ *   - (0) if successful.
+ *   - (-ENODEV) if *port* invalid.
+ *   - (-ENOTSUP) if hardware doesn't support this feature.
+ *   - (-EINVAL) if bad parameter.
+ */
+int
+rte_eth_macsec_select_rxsa(uint16_t port_id,
+			   uint8_t idx, uint8_t an,
+			   uint32_t pn, uint8_t *key);
+
+/**
+ * Enable Tx SA (Secure Association).
+ *
+ * @param port_id
+ *   The port identifier of the Ethernet device.
+ * @param idx
+ *   The SA to be enabled (0 or 1).
+ * @param an
+ *   The association number on the local side.
+ * @param pn
+ *   The packet number on the local side.
+ * @param key
+ *   The key on the local side.
+ * @return
+ *   - (0) if successful.
+ *   - (-ENODEV) if *port* invalid.
+ *   - (-ENOTSUP) if hardware doesn't support this feature.
+ *   - (-EINVAL) if bad parameter.
+ */
+int
+rte_eth_macsec_select_txsa(uint16_t port_id,
+			   uint8_t idx, uint8_t an,
+			   uint32_t pn, uint8_t *key);
+
 
 #include <rte_ethdev_core.h>
 
diff --git a/lib/librte_ethdev/rte_ethdev_core.h b/lib/librte_ethdev/rte_ethdev_core.h
index 8f03f83f62cf..6434a9065756 100644
--- a/lib/librte_ethdev/rte_ethdev_core.h
+++ b/lib/librte_ethdev/rte_ethdev_core.h
@@ -377,6 +377,20 @@ typedef int (*eth_pool_ops_supported_t)(struct rte_eth_dev *dev,
 						const char *pool);
 /**< @internal Test if a port supports specific mempool ops */
 
+typedef int (*eth_macsec_enable_t)(struct rte_eth_dev *dev,
+				   uint8_t encr, uint8_t repl_prot);
+typedef int (*eth_macsec_disable_t)(struct rte_eth_dev *dev);
+typedef int (*eth_macsec_config_rxsc_t)(struct rte_eth_dev *dev,
+					uint8_t *mac, uint16_t pi);
+typedef int (*eth_macsec_config_txsc_t)(struct rte_eth_dev *dev,
+					uint8_t *mac);
+typedef int (*eth_macsec_select_rxsa_t)(struct rte_eth_dev *dev,
+					uint8_t idx, uint8_t an,
+					uint32_t pn, uint8_t *key);
+typedef int (*eth_macsec_select_txsa_t)(struct rte_eth_dev *dev,
+					uint8_t idx, uint8_t an,
+					uint32_t pn, uint8_t *key);
+
 /**
  * @internal A structure containing the functions exported by an Ethernet driver.
  */
@@ -509,6 +523,15 @@ struct eth_dev_ops {
 
 	eth_pool_ops_supported_t pool_ops_supported;
 	/**< Test if a port supports specific mempool ops */
+
+	eth_macsec_enable_t macsec_enable; /** macsec function enable */
+	eth_macsec_disable_t macsec_disable; /** macsec function disable */
+	eth_macsec_config_rxsc_t macsec_config_rxsc; /** macsec configure rx */
+	eth_macsec_config_txsc_t macsec_config_txsc; /** macsec configure tx */
+	eth_macsec_select_rxsa_t macsec_select_rxsa;
+	/** macsec select rx security association */
+	eth_macsec_select_txsa_t macsec_select_txsa;
+	/** macsec select tx security association */
 };
 
 /**