From patchwork Wed Apr 17 15:45:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Igor Russkikh X-Patchwork-Id: 52880 X-Patchwork-Delegate: ferruh.yigit@amd.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E47351B758; Wed, 17 Apr 2019 17:45:35 +0200 (CEST) Received: from NAM05-CO1-obe.outbound.protection.outlook.com (mail-eopbgr720087.outbound.protection.outlook.com [40.107.72.87]) by dpdk.org (Postfix) with ESMTP id BF2821B73C for ; Wed, 17 Apr 2019 17:45:33 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=AQUANTIA1COM.onmicrosoft.com; s=selector1-aquantia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nksbjvBauA0gTfCl1rbWL94FpDS4sPVvYht+d211IVE=; b=jQhlX2nQHfvHqDd+gARloWK5LewRSOLok+ZlLQ4qjGywHVxjwm+RtlvGGeffk+nX5+OCiXXLRWwfKWVuoIaxogp1ajLpiRB2xwsC2qTVnT8k5fL5AvBYBqLRInhsMAZKctDwEOnNqn/U5QEmALdXymeNALR6B49cEfgn2OJRDl4= Received: from DM6PR11MB3625.namprd11.prod.outlook.com (20.178.230.149) by DM6PR11MB3466.namprd11.prod.outlook.com (20.176.123.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1792.19; Wed, 17 Apr 2019 15:45:30 +0000 Received: from DM6PR11MB3625.namprd11.prod.outlook.com ([fe80::f035:2c20:5a61:7653]) by DM6PR11MB3625.namprd11.prod.outlook.com ([fe80::f035:2c20:5a61:7653%3]) with mapi id 15.20.1813.011; Wed, 17 Apr 2019 15:45:30 +0000 From: Igor Russkikh To: "dev@dpdk.org" CC: "ferruh.yigit@intel.com" , "thomas@monjalon.net" , "arybchenko@solarflare.com" , "konstantin.ananyev@intel.com" , Igor Russkikh , Pavel Belous Thread-Topic: [PATCH v2 2/7] net/atlantic: enable macsec configuration Thread-Index: AQHU9TSWmJUDzQe65EupVNTWzaYyAg== Date: Wed, 17 Apr 2019 15:45:30 +0000 Message-ID: <75675c055efff4b0ea26bf32049cabd98c252c8f.1555515863.git.igor.russkikh@aquantia.com> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BYAPR07CA0027.namprd07.prod.outlook.com (2603:10b6:a02:bc::40) To DM6PR11MB3625.namprd11.prod.outlook.com (2603:10b6:5:13a::21) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Igor.Russkikh@aquantia.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [95.79.108.179] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: c8b652f3-b3c9-4078-6fd0-08d6c34bb884 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600140)(711020)(4605104)(2017052603328)(7193020); SRVR:DM6PR11MB3466; x-ms-traffictypediagnostic: DM6PR11MB3466: x-microsoft-antispam-prvs: x-forefront-prvs: 0010D93EFE x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(376002)(346002)(396003)(39850400004)(136003)(199004)(189003)(118296001)(2616005)(5660300002)(76176011)(71190400001)(256004)(476003)(6486002)(71200400001)(97736004)(6436002)(11346002)(446003)(14444005)(486006)(44832011)(26005)(186003)(2501003)(52116002)(6506007)(66066001)(4326008)(102836004)(478600001)(86362001)(386003)(25786009)(6512007)(68736007)(72206003)(5640700003)(107886003)(8936002)(2351001)(106356001)(2906002)(6116002)(8676002)(1730700003)(36756003)(7736002)(54906003)(53936002)(3846002)(14454004)(305945005)(99286004)(50226002)(105586002)(316002)(81156014)(81166006)(6916009); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB3466; H:DM6PR11MB3625.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: aquantia.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: qjLiEoRi4BwnQ6qecE5Qup45XLD4uNUCXCoHZzuXsQnSonEauKmnwt88mTq/acIamIXD0cD4/LhtNIwQnfsT99o98bdzLncMDr261GtYvLPCpQ81DuvByqCqHN5W4z4K9h4ka7jqobLktKYyDo32HS/qvC4cGlFRMrcyZOGk7ZMxg7wN4zTsrPHkRQxUlS4fijJd1crr0CpF7TL/KjA5fy7R0yrxq1Z5M0CufklzL2SUTLlbc3Q6971w7F7OSsV2ZK3bM9lIRjBTErRF8FWH46DLaTB9BRvMGdFd+xiuhwzb+b/eNoRyMSprMA9RbClLtXbrFYBa2wt41O/iC/yQZvIfxrs7z0t+4W2VQAMG6n3Al8uPT8gnEpnrKM39IXfOlp8LN2MyIzQf6U9fim70rkBYARzCXQwvUHy3AwgnN/8= MIME-Version: 1.0 X-OriginatorOrg: aquantia.com X-MS-Exchange-CrossTenant-Network-Message-Id: c8b652f3-b3c9-4078-6fd0-08d6c34bb884 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2019 15:45:30.7556 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3466 Subject: [dpdk-dev] [PATCH v2 2/7] net/atlantic: enable macsec configuration X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Pavel Belous This is a driver side of macsec configuration routines. It fills in config structures and sends requests to FW for configuration activities. We declare macsec offload bits in DPDK offload capabilities. Also update documentation with feature matrix for the enabled feature. Signed-off-by: Pavel Belous Signed-off-by: Igor Russkikh --- doc/guides/nics/atlantic.rst | 6 + doc/guides/nics/features/atlantic.ini | 1 + drivers/net/atlantic/atl_ethdev.c | 216 ++++++++++++++++++++++++++ drivers/net/atlantic/atl_ethdev.h | 12 ++ 4 files changed, 235 insertions(+) diff --git a/doc/guides/nics/atlantic.rst b/doc/guides/nics/atlantic.rst index 80591b13c185..22f2410d0e9a 100644 --- a/doc/guides/nics/atlantic.rst +++ b/doc/guides/nics/atlantic.rst @@ -19,6 +19,12 @@ Supported features - RSS (Receive Side Scaling) - Checksum offload - Jumbo Frame upto 16K +- MACSEC offload + +Experimental API features +^^^^^^^^^^^^^^^^^^^^^^^^^ + +- MACSEC PMD API is considered as experimental and is subject to change/removal in next DPDK releases. Configuration Information ^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/doc/guides/nics/features/atlantic.ini b/doc/guides/nics/features/atlantic.ini index 5ed095b14323..2bb8ecc01789 100644 --- a/doc/guides/nics/features/atlantic.ini +++ b/doc/guides/nics/features/atlantic.ini @@ -20,6 +20,7 @@ VLAN filter = Y Flow control = Y CRC offload = Y VLAN offload = Y +MACsec offload = Y L3 checksum offload = Y L4 checksum offload = Y Packet type parsing = Y diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c index 8327863cd9b6..1e91f162f6c2 100644 --- a/drivers/net/atlantic/atl_ethdev.c +++ b/drivers/net/atlantic/atl_ethdev.c @@ -167,6 +167,7 @@ static struct rte_pci_driver rte_atl_pmd = { | DEV_RX_OFFLOAD_UDP_CKSUM \ | DEV_RX_OFFLOAD_TCP_CKSUM \ | DEV_RX_OFFLOAD_JUMBO_FRAME \ + | DEV_RX_OFFLOAD_MACSEC_STRIP \ | DEV_RX_OFFLOAD_VLAN_FILTER) #define ATL_TX_OFFLOADS (DEV_TX_OFFLOAD_VLAN_INSERT \ @@ -174,6 +175,7 @@ static struct rte_pci_driver rte_atl_pmd = { | DEV_TX_OFFLOAD_UDP_CKSUM \ | DEV_TX_OFFLOAD_TCP_CKSUM \ | DEV_TX_OFFLOAD_TCP_TSO \ + | DEV_TX_OFFLOAD_MACSEC_INSERT \ | DEV_TX_OFFLOAD_MULTI_SEGS) static const struct rte_eth_desc_lim rx_desc_lim = { @@ -698,6 +700,205 @@ atl_dev_reset(struct rte_eth_dev *dev) return ret; } +static int +atl_dev_configure_macsec(struct rte_eth_dev *dev) +{ + struct aq_hw_s *hw = ATL_DEV_PRIVATE_TO_HW(dev->data->dev_private); + struct aq_hw_cfg_s *cf = ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + struct aq_macsec_config *aqcfg = &cf->aq_macsec; + struct macsec_msg_fw_request msg_macsec; + struct macsec_msg_fw_response response; + + if (!aqcfg->common.macsec_enabled || + hw->aq_fw_ops->send_macsec_req == NULL) + return 0; + + memset(&msg_macsec, 0, sizeof(msg_macsec)); + + /* Creating set of sc/sa structures from parameters provided by DPDK */ + + /* Configure macsec */ + msg_macsec.msg_type = macsec_cfg_msg; + msg_macsec.cfg.enabled = aqcfg->common.macsec_enabled; + msg_macsec.cfg.interrupts_enabled = 1; + + hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response); + + if (response.result) + return -1; + + memset(&msg_macsec, 0, sizeof(msg_macsec)); + + /* Configure TX SC */ + + msg_macsec.msg_type = macsec_add_tx_sc_msg; + msg_macsec.txsc.index = 0; /* TXSC always one (??) */ + msg_macsec.txsc.protect = aqcfg->common.encryption_enabled; + + /* MAC addr for TX */ + msg_macsec.txsc.mac_sa[0] = rte_bswap32(aqcfg->txsc.mac[1]); + msg_macsec.txsc.mac_sa[1] = rte_bswap32(aqcfg->txsc.mac[0]); + msg_macsec.txsc.sa_mask = 0x3f; + + msg_macsec.txsc.da_mask = 0; + msg_macsec.txsc.tci = 0x0B; + msg_macsec.txsc.curr_an = 0; /* SA index which currently used */ + + /* + * Creating SCI (Secure Channel Identifier). + * SCI constructed from Source MAC and Port identifier + */ + uint32_t sci_hi_part = (msg_macsec.txsc.mac_sa[1] << 16) | + (msg_macsec.txsc.mac_sa[0] >> 16); + uint32_t sci_low_part = (msg_macsec.txsc.mac_sa[0] << 16); + + uint32_t port_identifier = 1; + + msg_macsec.txsc.sci[1] = sci_hi_part; + msg_macsec.txsc.sci[0] = sci_low_part | port_identifier; + + hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response); + + if (response.result) + return -1; + + memset(&msg_macsec, 0, sizeof(msg_macsec)); + + /* Configure RX SC */ + + msg_macsec.msg_type = macsec_add_rx_sc_msg; + msg_macsec.rxsc.index = aqcfg->rxsc.pi; + msg_macsec.rxsc.replay_protect = + aqcfg->common.replay_protection_enabled; + msg_macsec.rxsc.anti_replay_window = 0; + + /* MAC addr for RX */ + msg_macsec.rxsc.mac_da[0] = rte_bswap32(aqcfg->rxsc.mac[1]); + msg_macsec.rxsc.mac_da[1] = rte_bswap32(aqcfg->rxsc.mac[0]); + msg_macsec.rxsc.da_mask = 0;//0x3f; + + msg_macsec.rxsc.sa_mask = 0; + + hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response); + + if (response.result) + return -1; + + memset(&msg_macsec, 0, sizeof(msg_macsec)); + + /* Configure RX SC */ + + msg_macsec.msg_type = macsec_add_tx_sa_msg; + msg_macsec.txsa.index = aqcfg->txsa.idx; + msg_macsec.txsa.next_pn = aqcfg->txsa.pn; + + msg_macsec.txsa.key[0] = rte_bswap32(aqcfg->txsa.key[3]); + msg_macsec.txsa.key[1] = rte_bswap32(aqcfg->txsa.key[2]); + msg_macsec.txsa.key[2] = rte_bswap32(aqcfg->txsa.key[1]); + msg_macsec.txsa.key[3] = rte_bswap32(aqcfg->txsa.key[0]); + + hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response); + + if (response.result) + return -1; + + memset(&msg_macsec, 0, sizeof(msg_macsec)); + + /* Configure RX SA */ + + msg_macsec.msg_type = macsec_add_rx_sa_msg; + msg_macsec.rxsa.index = aqcfg->rxsa.idx; + msg_macsec.rxsa.next_pn = aqcfg->rxsa.pn; + + msg_macsec.rxsa.key[0] = rte_bswap32(aqcfg->rxsa.key[3]); + msg_macsec.rxsa.key[1] = rte_bswap32(aqcfg->rxsa.key[2]); + msg_macsec.rxsa.key[2] = rte_bswap32(aqcfg->rxsa.key[1]); + msg_macsec.rxsa.key[3] = rte_bswap32(aqcfg->rxsa.key[0]); + + hw->aq_fw_ops->send_macsec_req(hw, &msg_macsec, &response); + + if (response.result) + return -1; + + return 0; +} + +int atl_macsec_enable(struct rte_eth_dev *dev, + uint8_t encr, uint8_t repl_prot) +{ + struct aq_hw_cfg_s *cfg = + ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + + cfg->aq_macsec.common.macsec_enabled = 1; + cfg->aq_macsec.common.encryption_enabled = encr; + cfg->aq_macsec.common.replay_protection_enabled = repl_prot; + + return 0; +} + +int atl_macsec_disable(struct rte_eth_dev *dev) +{ + struct aq_hw_cfg_s *cfg = + ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + + cfg->aq_macsec.common.macsec_enabled = 0; + + return 0; +} + +int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac) +{ + struct aq_hw_cfg_s *cfg = + ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + + memset(&cfg->aq_macsec.txsc.mac, 0, sizeof(cfg->aq_macsec.txsc.mac)); + memcpy((uint8_t *)&cfg->aq_macsec.txsc.mac + 2, mac, ETHER_ADDR_LEN); + + return 0; +} + +int atl_macsec_config_rxsc(struct rte_eth_dev *dev, + uint8_t *mac, uint16_t pi) +{ + struct aq_hw_cfg_s *cfg = + ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + + memset(&cfg->aq_macsec.rxsc.mac, 0, sizeof(cfg->aq_macsec.rxsc.mac)); + memcpy((uint8_t *)&cfg->aq_macsec.rxsc.mac + 2, mac, ETHER_ADDR_LEN); + cfg->aq_macsec.rxsc.pi = pi; + + return 0; +} + +int atl_macsec_select_txsa(struct rte_eth_dev *dev, + uint8_t idx, uint8_t an, + uint32_t pn, uint8_t *key) +{ + struct aq_hw_cfg_s *cfg = + ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + + cfg->aq_macsec.txsa.idx = idx; + cfg->aq_macsec.txsa.pn = pn; + cfg->aq_macsec.txsa.an = an; + + memcpy(&cfg->aq_macsec.txsa.key, key, 16); + return 0; +} + +int atl_macsec_select_rxsa(struct rte_eth_dev *dev, + uint8_t idx, uint8_t an, + uint32_t pn, uint8_t *key) +{ + struct aq_hw_cfg_s *cfg = + ATL_DEV_PRIVATE_TO_CFG(dev->data->dev_private); + + cfg->aq_macsec.rxsa.idx = idx; + cfg->aq_macsec.rxsa.pn = pn; + cfg->aq_macsec.rxsa.an = an; + + memcpy(&cfg->aq_macsec.rxsa.key, key, 16); + return 0; +} static int atl_dev_stats_get(struct rte_eth_dev *dev, struct rte_eth_stats *stats) @@ -1532,6 +1733,21 @@ atl_rss_hash_conf_get(struct rte_eth_dev *dev, return 0; } +static bool +is_device_supported(struct rte_eth_dev *dev, struct rte_pci_driver *drv) +{ + if (strcmp(dev->device->driver->name, drv->driver.name)) + return false; + + return true; +} + +bool +is_atlantic_supported(struct rte_eth_dev *dev) +{ + return is_device_supported(dev, &rte_atl_pmd); +} + RTE_PMD_REGISTER_PCI(net_atlantic, rte_atl_pmd); RTE_PMD_REGISTER_PCI_TABLE(net_atlantic, pci_id_atl_map); RTE_PMD_REGISTER_KMOD_DEP(net_atlantic, "* igb_uio | uio_pci_generic"); diff --git a/drivers/net/atlantic/atl_ethdev.h b/drivers/net/atlantic/atl_ethdev.h index 1e29999b539c..b162138c59d3 100644 --- a/drivers/net/atlantic/atl_ethdev.h +++ b/drivers/net/atlantic/atl_ethdev.h @@ -104,4 +104,16 @@ uint16_t atl_xmit_pkts(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t atl_prep_pkts(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts); +int atl_macsec_enable(struct rte_eth_dev *dev, uint8_t encr, uint8_t repl_prot); +int atl_macsec_disable(struct rte_eth_dev *dev); +int atl_macsec_config_txsc(struct rte_eth_dev *dev, uint8_t *mac); +int atl_macsec_config_rxsc(struct rte_eth_dev *dev, + uint8_t *mac, uint16_t pi); +int atl_macsec_select_txsa(struct rte_eth_dev *dev, uint8_t idx, + uint8_t an, uint32_t pn, uint8_t *key); +int atl_macsec_select_rxsa(struct rte_eth_dev *dev, uint8_t idx, + uint8_t an, uint32_t pn, uint8_t *key); + +bool is_atlantic_supported(struct rte_eth_dev *dev); + #endif /* _ATLANTIC_ETHDEV_H_ */