From patchwork Fri Oct 25 17:54:08 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pavel Belous <Pavel.Belous@aquantia.com>
X-Patchwork-Id: 62026
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@dpdk.org
Delivered-To: patchwork@dpdk.org
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id EF8E01E85E;
	Fri, 25 Oct 2019 19:54:15 +0200 (CEST)
Received: from NAM05-DM3-obe.outbound.protection.outlook.com
	(mail-eopbgr730062.outbound.protection.outlook.com [40.107.73.62])
	by dpdk.org (Postfix) with ESMTP id 404DD1E543
	for <dev@dpdk.org>; Fri, 25 Oct 2019 19:54:10 +0200 (CEST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
	b=hIeWcN2zQ5FlbXZWjZgSyCx/SRuOwTCZ3ZMj6h8wdOl8WZxhBEjX11BMXDw4GBkr3UrF4PVHYZJjSiXPkTUkKyw1B1ObKERa9MKOGJZzH+4XRa7Z9zgJOfPR6uafS1c8wnxUx/UcvEE2N6v2XOgWSnzA0Uz1pxqVGbV14wWARxG+BgzKCkSBtS1LJwQtEOS+QhuremGMnhJanPuM+1qaSByZ6vRpEjRTY1/NKfYwg6loQVoPe0sFernaaJY1R2dJCHngm41dMM9B37IHiobBKYf4KAAF9mlbaNDPCchFihduGdV7pNjLlOOCniPa/bsMXUw6S2TvdSMsNsjLcVSkgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
	s=arcselector9901;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=bREUUGFmbXTWNCG8sq4FiRhKFNZRyrRZAdcEiwMlr6g=;
	b=NsjLQao9YhACTwAu/ANACjgF5O6ybBhQQKiegokcD9an3NYda6MMvDMY26QHEQnEB2CdLcijIGJHjx/GJEuigO3XT3Opy61rat+wvTzKNJ4A/OAEj6uY0Zf4b7J5rPd1iykg335+X+/ZUUcIXfD1ajPTyN+YM+k2GevdcDc5yM3ElLymcGCLUOcrGNjtvq8pSZXXi4ZgJxIFLufOknQDqJnpc7JfyhqaP3dPA/EdesEDBeri5BqXac3oGrwlC7svBopb8Bg/O5KXe+dHXIDSzcY7Ms6CA6wfG4Et/Rn+vepIcYN+ZbfxSv/AGJyS/sSWsOSBIEHiG0ZzwWPLsQOY8w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
	smtp.mailfrom=aquantia.com;
	dmarc=pass action=none header.from=aquantia.com;
	dkim=pass header.d=aquantia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=AQUANTIA1COM.onmicrosoft.com;
	s=selector2-AQUANTIA1COM-onmicrosoft-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=bREUUGFmbXTWNCG8sq4FiRhKFNZRyrRZAdcEiwMlr6g=;
	b=nzWymn/uS1mMiK5syDe+vFv1oRbzCctu2sr5w5H2H01yOOLZxPLJSYZkU4zw/nI9Q4RJ3n7HhzayN4ZadiWAClbZ4ofwrejqTwy5j8i+dZ1UIanKkuVEdmKIEQcCLQKlNPfszVtGebGjGzAR1kCmIzzJ9YMtUsDhE6FOqoWgyb4=
Received: from CY4PR1101MB2183.namprd11.prod.outlook.com (10.172.76.20) by
	CY4PR1101MB2311.namprd11.prod.outlook.com (10.174.53.140) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.2387.22; Fri, 25 Oct 2019 17:54:08 +0000
Received: from CY4PR1101MB2183.namprd11.prod.outlook.com
	([fe80::55e:4921:90d1:670a]) by
	CY4PR1101MB2183.namprd11.prod.outlook.com
	([fe80::55e:4921:90d1:670a%12]) with mapi id 15.20.2387.023;
	Fri, 25 Oct 2019 17:54:08 +0000
From: Pavel Belous <Pavel.Belous@aquantia.com>
To: "dev@dpdk.org" <dev@dpdk.org>
CC: Ferruh Yigit <ferruh.yigit@intel.com>, Akhil Goyal <akhil.goyal@nxp.com>,
	John McNamara <john.mcnamara@intel.com>, Declan Doherty
	<declan.doherty@intel.com>, Konstantin Ananyev
	<konstantin.ananyev@intel.com>, Thomas Monjalon <thomas@monjalon.net>,
	Igor Russkikh <Igor.Russkikh@aquantia.com>,
	Fenilkumar Patel <fenpatel@cisco.com>,
	Hitesh K Maisheri <hmaisher@cisco.com>, Pavel Belous
	<Pavel.Belous@aquantia.com>, Pavel Belous <Pavel.Belous@aquantia.com>
Thread-Topic: [RFC v2 6/7] app/testpmd: macsec on/off commands using
	rte_security interface
Thread-Index: AQHVi10zoxASa351/kOnkZ3JzXhnhA==
Date: Fri, 25 Oct 2019 17:54:08 +0000
Message-ID: 
 <357ff7d38cb313efe4278dc7cf175bb60bab398b.1571928488.git.Pavel.Belous@aquantia.com>
References: <cover.1571928488.git.Pavel.Belous@aquantia.com>
In-Reply-To: <cover.1571928488.git.Pavel.Belous@aquantia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: PR1PR01CA0020.eurprd01.prod.exchangelabs.com
	(2603:10a6:102::33) To CY4PR1101MB2183.namprd11.prod.outlook.com
	(2603:10b6:910:18::20)
authentication-results: spf=none (sender IP is )
	smtp.mailfrom=Pavel.Belous@aquantia.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.7.4
x-originating-ip: [95.79.108.179]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 86fb8cdb-7140-4301-b9c4-08d75974558f
x-ms-traffictypediagnostic: CY4PR1101MB2311:
x-ld-processed: 83e2e134-991c-4ede-8ced-34d47e38e6b1,ExtFwd
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <CY4PR1101MB2311FCB89A18D5F3D3604BBEE1650@CY4PR1101MB2311.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:1284;
x-forefront-prvs: 02015246A9
x-forefront-antispam-report: SFV:NSPM;
	SFS:(10009020)(1496009)(39850400004)(366004)(396003)(376002)(136003)(346002)(199004)(189003)(66476007)(66556008)(486006)(66446008)(64756008)(7736002)(476003)(36756003)(86362001)(2616005)(6486002)(446003)(71200400001)(118296001)(6512007)(5640700003)(71190400001)(44832011)(2906002)(6436002)(2351001)(11346002)(305945005)(66946007)(14454004)(5660300002)(508600001)(25786009)(4326008)(50226002)(66066001)(6116002)(2501003)(107886003)(3846002)(256004)(14444005)(54906003)(99286004)(6916009)(26005)(186003)(102836004)(76176011)(52116002)(386003)(6506007)(316002)(8676002)(1730700003)(81156014)(81166006)(8936002);
	DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1101MB2311;
	H:CY4PR1101MB2183.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en;
	PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: aquantia.com does not designate
	permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 TzEUuyrW8cokkrDJ02bkrJpE65Jff8k75IulShUTo4feTWe9BpuyaHYGzi/j8sKpWrvf3qXAGEBDQYm+GU/Q6teJS45klUX8y7trRG+8bLRHOLBYeIqhxrkZEHZxfNlIN8wgzhqO8TojpZWJxY7jYp/fVJmyNAt4BESeFwxwcaiHJusvnycGQIKyaaMbSqwRzbXWD8rYre0z0Ume0wLNCOB9RDlimWdCvAZ6Q3LGM3o71CSiwQZMo80InG5rPP5TwPFq9rWzqv45vFTa1GiLNQliTCcP1DPH5ReQocC9ckolmFZeIMZk3NlALRstCWLNdzCMUUixpjBrnsSV+aTLBOc0ruWbAmSSTlMlVLZ7JLrCueI5uxFljtN+ipvpSsMTZmAcgtDqYs0L7VS2sEYLw9tnEBRzEv3CcM4HIc7e3lQVTVP7cipwHyMNAeMcXQJn
MIME-Version: 1.0
X-OriginatorOrg: aquantia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 86fb8cdb-7140-4301-b9c4-08d75974558f
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Oct 2019 17:54:08.5184
	(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 39JxQMvAROGFymnZhNXH9CACeE206S3RWgZaKCsihxEijKpumebxRIsq6fCUMbsjxDHFZQ69i7X4qVkh4DEPvg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1101MB2311
Subject: [dpdk-dev] [RFC v2 6/7] app/testpmd: macsec on/off commands using
	rte_security interface
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
	<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
	<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Pavel Belous <Pavel.Belous@aquantia.com>

Here we create/get security mempool, get sec_ctx, and then
request session creation with macsec specific session configuration.

encrypt and replay_protection parameters are really not a global macsec
attributes, they are related to tx and rx security connection properties.

But we keep testpmd commands structure the same for now and will redesign
it in later commits.

Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
 app/test-pmd/Makefile    |  1 +
 app/test-pmd/cmdline.c   |  9 ++----
 app/test-pmd/macsec.c    | 82 ++++++++++++++++++++++++++++++++++++++++++++++++
 app/test-pmd/macsec.h    | 12 +++++++
 app/test-pmd/meson.build |  3 +-
 5 files changed, 100 insertions(+), 7 deletions(-)
 create mode 100644 app/test-pmd/macsec.c
 create mode 100644 app/test-pmd/macsec.h

diff --git a/app/test-pmd/Makefile b/app/test-pmd/Makefile
index d5258ea..14cd7f0 100644
--- a/app/test-pmd/Makefile
+++ b/app/test-pmd/Makefile
@@ -37,6 +37,7 @@ SRCS-y += noisy_vnf.c
 SRCS-$(CONFIG_RTE_LIBRTE_IEEE1588) += ieee1588fwd.c
 SRCS-$(CONFIG_RTE_LIBRTE_BPF) += bpf_cmd.c
 SRCS-y += util.c
+SRCS-y += macsec.c
 
 ifeq ($(CONFIG_RTE_LIBRTE_PMD_SOFTNIC), y)
 SRCS-y += softnicfwd.c
diff --git a/app/test-pmd/cmdline.c b/app/test-pmd/cmdline.c
index ffc8b70..10f48f8 100644
--- a/app/test-pmd/cmdline.c
+++ b/app/test-pmd/cmdline.c
@@ -75,6 +75,7 @@
 #include "cmdline_mtr.h"
 #include "cmdline_tm.h"
 #include "bpf_cmd.h"
+#include "macsec.h"
 
 static struct cmdline *testpmd_cl;
 
@@ -14124,9 +14125,7 @@ cmd_set_macsec_offload_on_parsed(
 		return;
 
 	if (dev_info.tx_offload_capa & DEV_TX_OFFLOAD_MACSEC_INSERT) {
-#ifdef RTE_LIBRTE_IXGBE_PMD
-		ret = rte_pmd_ixgbe_macsec_enable(port_id, en, rp);
-#endif
+		ret = set_macsec_on_off(port_id, 1, en, rp);
 	}
 	RTE_SET_USED(en);
 	RTE_SET_USED(rp);
@@ -14221,9 +14220,7 @@ cmd_set_macsec_offload_off_parsed(
 		return;
 
 	if (dev_info.tx_offload_capa & DEV_TX_OFFLOAD_MACSEC_INSERT) {
-#ifdef RTE_LIBRTE_IXGBE_PMD
-		ret = rte_pmd_ixgbe_macsec_disable(port_id);
-#endif
+		ret = set_macsec_on_off(port_id, 0, 0, 0);
 	}
 	switch (ret) {
 	case 0:
diff --git a/app/test-pmd/macsec.c b/app/test-pmd/macsec.c
new file mode 100644
index 0000000..fc7976d
--- /dev/null
+++ b/app/test-pmd/macsec.c
@@ -0,0 +1,82 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2010-2016 Intel Corporation.
+ * Copyright(c) 2014 6WIND S.A.
+ */
+
+#include <rte_ethdev.h>
+#include <rte_flow.h>
+#include <rte_security.h>
+#include "macsec.h"
+
+#define TESTPMD_MEMPOOL_NAME "testpmd_security_pool"
+
+struct macsec_params {
+	struct rte_mempool *mp;
+	struct rte_security_session *session;
+	int replay_protection_enabled;
+	int encryption_enabled;
+};
+
+static struct macsec_params macsec_param;
+
+static struct rte_mempool *get_security_pool(struct rte_security_ctx *ctx)
+{
+	struct rte_mempool *mp = rte_mempool_lookup(TESTPMD_MEMPOOL_NAME);
+
+	if (!mp) {
+		unsigned int ssize = rte_security_session_get_size(ctx);
+
+		if (ssize) {
+			mp = rte_mempool_create("testpmd_security_pool",
+				1, /* One sesion */
+				ssize,
+				0, 0, NULL, NULL, NULL, NULL,
+				SOCKET_ID_ANY, 0);
+		}
+	}
+
+	return mp;
+}
+
+int set_macsec_on_off(portid_t port_id, int on, int en, int rp)
+{
+	struct rte_security_session_conf macsec_conf;
+	struct rte_security_ctx *ctx;
+	struct rte_mempool *mp;
+	int err = 0;
+
+	ctx = rte_eth_dev_get_sec_ctx(port_id);
+
+	if (!ctx) {
+		err = -ENOTSUP;
+		goto done;
+	}
+
+	mp = get_security_pool(ctx);
+
+	macsec_conf.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+	macsec_conf.protocol = RTE_SECURITY_PROTOCOL_MACSEC;
+	macsec_conf.macsec.op = RTE_SECURITY_MACSEC_OP_CONFIG;
+
+	if (on) {
+		macsec_param.session = rte_security_session_create(ctx, &macsec_conf, mp);
+
+		if (!macsec_param.session) {
+			err = -ENOTSUP;
+			goto done;
+		}
+
+		macsec_param.replay_protection_enabled = rp;
+		macsec_param.encryption_enabled = en;
+	} else {
+		if (macsec_param.session) {
+			err = rte_security_session_destroy(ctx, macsec_param.session);
+		} else {
+			err = -ENOTSUP;
+		}
+	}
+
+done:
+	return err;
+}
+
diff --git a/app/test-pmd/macsec.h b/app/test-pmd/macsec.h
new file mode 100644
index 0000000..42a534f
--- /dev/null
+++ b/app/test-pmd/macsec.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Intel Corporation
+ */
+
+#ifndef _TESTPMD_MACSEC_H_
+#define _TESTPMD_MACSEC_H_
+
+#include "testpmd.h"
+
+int set_macsec_on_off(portid_t port_id, int on, int en, int rp);
+
+#endif
diff --git a/app/test-pmd/meson.build b/app/test-pmd/meson.build
index 6006c60..755bab2 100644
--- a/app/test-pmd/meson.build
+++ b/app/test-pmd/meson.build
@@ -22,7 +22,8 @@ sources = files('cmdline.c',
 	'rxonly.c',
 	'testpmd.c',
 	'txonly.c',
-	'util.c')
+	'util.c',
+	'macsec.c')
 
 deps += ['ethdev', 'gro', 'gso', 'cmdline', 'metrics', 'meter', 'bus_pci']
 if dpdk_conf.has('RTE_LIBRTE_PDUMP')