From patchwork Wed Apr 10 11:18:57 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Igor Russkikh <igor.russkikh@aquantia.com>
X-Patchwork-Id: 52571
X-Patchwork-Delegate: ferruh.yigit@amd.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@dpdk.org
Delivered-To: patchwork@dpdk.org
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id B3BBD5F14;
	Wed, 10 Apr 2019 13:19:01 +0200 (CEST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com
	(mail-eopbgr790052.outbound.protection.outlook.com [40.107.79.52])
	by dpdk.org (Postfix) with ESMTP id 7274E5F14
	for <dev@dpdk.org>; Wed, 10 Apr 2019 13:18:59 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=AQUANTIA1COM.onmicrosoft.com; s=selector1-aquantia-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=TAU4QqAneoiLAZuDzhjiczJqo5UnGW969KjMuFmWrVo=;
	b=JNwLqp3zGGfzl4fb+e/ivhHKo8+XqXvyu6bBOAKrkUUs0epVndF9RqNa7TaRqXd+MaR6uFvfO5LlvzkIIuE9iWEtRP9uKJwr3+2bKJ3SKBQ3vUCVrcaT3iTnakdhSt5tAExMaDIi0womZfO+8KcWDA50LBHcIi3XDqsiFoidpkE=
Received: from BN8PR11MB3618.namprd11.prod.outlook.com (20.178.219.85) by
	BN8PR11MB3540.namprd11.prod.outlook.com (20.178.218.78) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.1771.21; Wed, 10 Apr 2019 11:18:58 +0000
Received: from BN8PR11MB3618.namprd11.prod.outlook.com
	([fe80::9d38:1845:842d:a489]) by
	BN8PR11MB3618.namprd11.prod.outlook.com
	([fe80::9d38:1845:842d:a489%3]) with mapi id 15.20.1771.016;
	Wed, 10 Apr 2019 11:18:58 +0000
From: Igor Russkikh <Igor.Russkikh@aquantia.com>
To: "dev@dpdk.org" <dev@dpdk.org>
CC: Pavel Belous <Pavel.Belous@aquantia.com>, Wenzhuo Lu
	<wenzhuo.lu@intel.com>, Jingjing Wu <jingjing.wu@intel.com>, Bernard
	Iremonger <bernard.iremonger@intel.com>, John McNamara
	<john.mcnamara@intel.com>, Marko Kovacevic <marko.kovacevic@intel.com>,
	Konstantin Ananyev <konstantin.ananyev@intel.com>, Thomas Monjalon
	<thomas@monjalon.net>, Ferruh Yigit <ferruh.yigit@intel.com>, Andrew
	Rybchenko <arybchenko@solarflare.com>, Igor Russkikh
	<Igor.Russkikh@aquantia.com>
Thread-Topic: [PATCH  05/10] net/atlantic: macsec configuration code
Thread-Index: AQHU748wESZ28zL9VkOgPhS73FnaAQ==
Date: Wed, 10 Apr 2019 11:18:57 +0000
Message-ID: 
 <9ac2dcf2607b5eafff3e08d54e5236b12900ed38.1554894242.git.igor.russkikh@aquantia.com>
References: <cover.1554894242.git.igor.russkikh@aquantia.com>
In-Reply-To: <cover.1554894242.git.igor.russkikh@aquantia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: BYAPR05CA0061.namprd05.prod.outlook.com
	(2603:10b6:a03:74::38) To BN8PR11MB3618.namprd11.prod.outlook.com
	(2603:10b6:408:85::21)
authentication-results: spf=none (sender IP is )
	smtp.mailfrom=Igor.Russkikh@aquantia.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [95.79.108.179]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cd096549-7dbb-47d8-058f-08d6bda6530a
x-microsoft-antispam: BCL:0; PCL:0;
	RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(7193020);
	SRVR:BN8PR11MB3540;
x-ms-traffictypediagnostic: BN8PR11MB3540:
x-microsoft-antispam-prvs: 
 <BN8PR11MB3540CA780E9CE4D771F86E67982E0@BN8PR11MB3540.namprd11.prod.outlook.com>
x-forefront-prvs: 00032065B2
x-forefront-antispam-report: SFV:NSPM;
	SFS:(10009020)(396003)(39850400004)(376002)(366004)(136003)(346002)(199004)(189003)(486006)(107886003)(6506007)(316002)(2616005)(386003)(54906003)(7416002)(53936002)(8936002)(68736007)(446003)(6916009)(476003)(72206003)(2501003)(105586002)(11346002)(44832011)(99286004)(2351001)(52116002)(186003)(26005)(118296001)(106356001)(14454004)(102836004)(76176011)(71200400001)(81156014)(7736002)(14444005)(8676002)(81166006)(25786009)(256004)(6116002)(5660300002)(71190400001)(1730700003)(5640700003)(2906002)(66066001)(6512007)(478600001)(6486002)(50226002)(305945005)(97736004)(4326008)(3846002)(36756003)(6436002)(86362001);
	DIR:OUT; SFP:1101; SCL:1; SRVR:BN8PR11MB3540;
	H:BN8PR11MB3618.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en;
	PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: aquantia.com does not designate
	permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 
 fVyVuV/8gcMsVsctxxE7F7l4BXB5Of5nrn13v/+W6wUi02mcIISXNxSW4tOFXRvB+LR5WAWz30M/TWxlXR7l1Ft8GdUZcqScUupVz85q5nu0GoXVLudT7BqM53eUsaP/3KaDn35KWBcxvaHiEHaPdP1PbvuVb41fSsr1JQFfaCBvvYVzyZ5KldU3PN/OptBqGoCsp+NjO2hce45mpbbzTinyzxK3Vro2ywv7s50mKGogKsFrWcMgnu4fd6nribq3pyX0SIhipmWpSCK+3az8NFO/qn5kTU6gVEQtahuZ4CX7K2XHvjm0K3SQfbMJbROCCA7x5ik9Nt2TvMqAvcOjwxNUa8mVHjN4RVegR1S98/XLlBX38QPDKlTeD4hc5foNNXMUen0VkiAdBqlgSkHTwu33Ty0hArbbsDtNbFlwJEg=
MIME-Version: 1.0
X-OriginatorOrg: aquantia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 cd096549-7dbb-47d8-058f-08d6bda6530a
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Apr 2019 11:18:57.8362
	(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3540
Subject: [dpdk-dev] [PATCH  05/10] net/atlantic: macsec configuration code
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
	<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
	<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Pavel Belous <pavel.belous@aquantia.com>

This is a driver side of macsec configuration routines.
It fills in config structures and sends requests to FW
for configuration activities.

We also declare macsec offload bits in DPDK offload capabilities

Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
 drivers/net/atlantic/atl_ethdev.c | 220 ++++++++++++++++++++++++++++++
 1 file changed, 220 insertions(+)

diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c
index 8327863cd9b6..502ef5308b4d 100644
--- a/drivers/net/atlantic/atl_ethdev.c
+++ b/drivers/net/atlantic/atl_ethdev.c
@@ -122,6 +122,18 @@ static int eth_atl_pci_remove(struct rte_pci_device *pci_dev);
 static void atl_dev_info_get(struct rte_eth_dev *dev,
 				struct rte_eth_dev_info *dev_info);
 
+static int atl_macsec_enable(struct rte_eth_dev *dev, uint8_t encr,
+			     uint8_t repl_prot);
+static int atl_macsec_disable(struct rte_eth_dev *dev);
+static int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac);
+static int atl_macsec_config_rxsc(struct rte_eth_dev *dev,
+				  uint8_t *mac, uint16_t pi);
+static int atl_macsec_select_txsa(struct rte_eth_dev *dev, uint8_t idx,
+				  uint8_t an, uint32_t pn, uint8_t *key);
+
+static int atl_macsec_select_rxsa(struct rte_eth_dev *dev, uint8_t idx,
+				  uint8_t an, uint32_t pn, uint8_t *key);
+
 int atl_logtype_init;
 int atl_logtype_driver;
 
@@ -167,6 +179,7 @@ static struct rte_pci_driver rte_atl_pmd = {
 			| DEV_RX_OFFLOAD_UDP_CKSUM \
 			| DEV_RX_OFFLOAD_TCP_CKSUM \
 			| DEV_RX_OFFLOAD_JUMBO_FRAME \
+			| DEV_RX_OFFLOAD_MACSEC_STRIP \
 			| DEV_RX_OFFLOAD_VLAN_FILTER)
 
 #define ATL_TX_OFFLOADS (DEV_TX_OFFLOAD_VLAN_INSERT \
@@ -174,6 +187,7 @@ static struct rte_pci_driver rte_atl_pmd = {
 			| DEV_TX_OFFLOAD_UDP_CKSUM \
 			| DEV_TX_OFFLOAD_TCP_CKSUM \
 			| DEV_TX_OFFLOAD_TCP_TSO \
+			| DEV_TX_OFFLOAD_MACSEC_INSERT \
 			| DEV_TX_OFFLOAD_MULTI_SEGS)
 
 static const struct rte_eth_desc_lim rx_desc_lim = {
@@ -295,6 +309,13 @@ static const struct eth_dev_ops atl_eth_dev_ops = {
 	.reta_query           = atl_reta_query,
 	.rss_hash_update      = atl_rss_hash_update,
 	.rss_hash_conf_get    = atl_rss_hash_conf_get,
+
+	.macsec_enable        = atl_macsec_enable,
+	.macsec_disable       = atl_macsec_disable,
+	.macsec_config_rxsc   = atl_macsec_config_rxsc,
+	.macsec_config_txsc   = atl_macsec_config_txsc,
+	.macsec_select_rxsa   = atl_macsec_select_rxsa,
+	.macsec_select_txsa   = atl_macsec_select_txsa,
 };
 
 static inline int32_t
@@ -698,6 +719,205 @@ atl_dev_reset(struct rte_eth_dev *dev)
 	return ret;
 }
 
+static int
+atl_dev_configure_macsec(struct rte_eth_dev *dev)
+{
+	struct aq_hw_s *hw = ATL_DEV_PRIVATE_TO_HW(dev->data->dev_private);
+	struct aq_hw_cfg_s *cf = ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+	struct aq_macsec_config *aqcfg = &cf->aq_macsec;
+	struct macsec_msg_fw_request msg_macsec;
+	struct macsec_msg_fw_response response;
+
+	if (!aqcfg->common.macsec_enabled ||
+	    hw->aq_fw_ops->send_macsec_req == NULL)
+		return 0;
+
+	memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+	/* Creating set of sc/sa structures from parameters provided by DPDK */
+
+	/* Configure macsec */
+	msg_macsec.msg_type = macsec_cfg_msg;
+	msg_macsec.cfg.enabled = aqcfg->common.macsec_enabled;
+	msg_macsec.cfg.interrupts_enabled = 1;
+
+	hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+	if (response.result)
+		return -1;
+
+	memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+	/* Configure TX SC */
+
+	msg_macsec.msg_type = macsec_add_tx_sc_msg;
+	msg_macsec.txsc.index = 0; /* TXSC always one (??) */
+	msg_macsec.txsc.protect = aqcfg->common.encryption_enabled;
+
+	/* MAC addr for TX */
+	msg_macsec.txsc.mac_sa[0] = rte_bswap32(aqcfg->txsc.mac[1]);
+	msg_macsec.txsc.mac_sa[1] = rte_bswap32(aqcfg->txsc.mac[0]);
+	msg_macsec.txsc.sa_mask = 0x3f;
+
+	msg_macsec.txsc.da_mask = 0;
+	msg_macsec.txsc.tci = 0x0B;
+	msg_macsec.txsc.curr_an = 0; /* SA index which currently used */
+
+	/*
+	 * Creating SCI (Secure Channel Identifier).
+	 * SCI constructed from Source MAC and Port identifier
+	 */
+	uint32_t sci_hi_part = (msg_macsec.txsc.mac_sa[1] << 16) |
+			       (msg_macsec.txsc.mac_sa[0] >> 16);
+	uint32_t sci_low_part = (msg_macsec.txsc.mac_sa[0] << 16);
+
+	uint32_t port_identifier = 1;
+
+	msg_macsec.txsc.sci[1] = sci_hi_part;
+	msg_macsec.txsc.sci[0] = sci_low_part | port_identifier;
+
+	hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+	if (response.result)
+		return -1;
+
+	memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+	/* Configure RX SC */
+
+	msg_macsec.msg_type = macsec_add_rx_sc_msg;
+	msg_macsec.rxsc.index = aqcfg->rxsc.pi;
+	msg_macsec.rxsc.replay_protect =
+		aqcfg->common.replay_protection_enabled;
+	msg_macsec.rxsc.anti_replay_window = 0;
+
+	/* MAC addr for RX */
+	msg_macsec.rxsc.mac_da[0] = rte_bswap32(aqcfg->rxsc.mac[1]);
+	msg_macsec.rxsc.mac_da[1] = rte_bswap32(aqcfg->rxsc.mac[0]);
+	msg_macsec.rxsc.da_mask = 0;//0x3f;
+
+	msg_macsec.rxsc.sa_mask = 0;
+
+	hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+	if (response.result)
+		return -1;
+
+	memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+	/* Configure RX SC */
+
+	msg_macsec.msg_type = macsec_add_tx_sa_msg;
+	msg_macsec.txsa.index = aqcfg->txsa.idx;
+	msg_macsec.txsa.next_pn = aqcfg->txsa.pn;
+
+	msg_macsec.txsa.key[0] = rte_bswap32(aqcfg->txsa.key[3]);
+	msg_macsec.txsa.key[1] = rte_bswap32(aqcfg->txsa.key[2]);
+	msg_macsec.txsa.key[2] = rte_bswap32(aqcfg->txsa.key[1]);
+	msg_macsec.txsa.key[3] = rte_bswap32(aqcfg->txsa.key[0]);
+
+	hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+	if (response.result)
+		return -1;
+
+	memset(&msg_macsec, 0, sizeof(msg_macsec));
+
+	/* Configure RX SA */
+
+	msg_macsec.msg_type = macsec_add_rx_sa_msg;
+	msg_macsec.rxsa.index = aqcfg->rxsa.idx;
+	msg_macsec.rxsa.next_pn = aqcfg->rxsa.pn;
+
+	msg_macsec.rxsa.key[0] = rte_bswap32(aqcfg->rxsa.key[3]);
+	msg_macsec.rxsa.key[1] = rte_bswap32(aqcfg->rxsa.key[2]);
+	msg_macsec.rxsa.key[2] = rte_bswap32(aqcfg->rxsa.key[1]);
+	msg_macsec.rxsa.key[3] = rte_bswap32(aqcfg->rxsa.key[0]);
+
+	hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response);
+
+	if (response.result)
+		return -1;
+
+	return 0;
+}
+
+static int atl_macsec_enable(struct rte_eth_dev *dev,
+			     uint8_t encr, uint8_t repl_prot)
+{
+	struct aq_hw_cfg_s *cfg =
+		ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+	cfg->aq_macsec.common.macsec_enabled = 1;
+	cfg->aq_macsec.common.encryption_enabled = encr;
+	cfg->aq_macsec.common.replay_protection_enabled = repl_prot;
+
+	return 0;
+}
+
+static int atl_macsec_disable(struct rte_eth_dev *dev)
+{
+	struct aq_hw_cfg_s *cfg =
+		ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+	cfg->aq_macsec.common.macsec_enabled = 0;
+
+	return 0;
+}
+
+static int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac)
+{
+	struct aq_hw_cfg_s *cfg =
+		ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+	memset(&cfg->aq_macsec.txsc.mac, 0, sizeof(cfg->aq_macsec.txsc.mac));
+	memcpy((uint8_t *)&cfg->aq_macsec.txsc.mac + 2, mac, ETHER_ADDR_LEN);
+
+	return 0;
+}
+
+static int atl_macsec_config_rxsc(struct rte_eth_dev *dev,
+				  uint8_t *mac, uint16_t pi)
+{
+	struct aq_hw_cfg_s *cfg =
+		ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+	memset(&cfg->aq_macsec.rxsc.mac, 0, sizeof(cfg->aq_macsec.rxsc.mac));
+	memcpy((uint8_t *)&cfg->aq_macsec.rxsc.mac + 2, mac, ETHER_ADDR_LEN);
+	cfg->aq_macsec.rxsc.pi = pi;
+
+	return 0;
+}
+
+static int atl_macsec_select_txsa(struct rte_eth_dev *dev,
+				  uint8_t idx, uint8_t an,
+				  uint32_t pn, uint8_t *key)
+{
+	struct aq_hw_cfg_s *cfg =
+		ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+	cfg->aq_macsec.txsa.idx = idx;
+	cfg->aq_macsec.txsa.pn = pn;
+	cfg->aq_macsec.txsa.an = an;
+
+	memcpy(&cfg->aq_macsec.txsa.key, key, 16);
+	return 0;
+}
+
+static int atl_macsec_select_rxsa(struct rte_eth_dev *dev,
+				  uint8_t idx, uint8_t an,
+				  uint32_t pn, uint8_t *key)
+{
+	struct aq_hw_cfg_s *cfg =
+		ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private);
+
+	cfg->aq_macsec.rxsa.idx = idx;
+	cfg->aq_macsec.rxsa.pn = pn;
+	cfg->aq_macsec.rxsa.an = an;
+
+	memcpy(&cfg->aq_macsec.rxsa.key, key, 16);
+	return 0;
+}
 
 static int
 atl_dev_stats_get(struct rte_eth_dev *dev, struct rte_eth_stats *stats)