From patchwork Thu Jul 1 09:29:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anoob Joseph X-Patchwork-Id: 95110 X-Patchwork-Delegate: jerinj@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E9059A0A0C; Thu, 1 Jul 2021 11:29:46 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 4A87C40141; Thu, 1 Jul 2021 11:29:46 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 5AD0640040 for ; Thu, 1 Jul 2021 11:29:44 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 1619BFE9030281 for ; Thu, 1 Jul 2021 02:29:43 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=mJWhNl59PExDOinJISgDf1r2m1ukwF8hvtdWUrsE6t4=; b=B8c91HvA/Fe3UPrW+VJ58zpEzq6m0bwsc4sDeDda+a0R06ywSC9Y3ydOqpbH7nCi20Ny ErWx6GiuVT+yYgOUfhfqQHG6O9ANZJ8gcybcFhIz0lf2Eva3/6ZIdln29rB3EgAEstYN hNQSv/Z/Qhi5nWEES7xF+VEK6XT1ii9Mg7vdi+4FI0F/boaA5bEBHdVD74d/w8+o8n1M dEW5ptnuQ6sVabgETxvKjpxgqAmcXAd4pO84DS7H3u72hPL7KBMjJ0XgKIaZfJPD/94l 6vEJOrzOtNF+Pbm99ZNFwzyB0EJyvWrP4vjrkEdBMxCEOVjdGHP7bG4rERtc2kyGT7q1 oQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com with ESMTP id 39gxj0jtmy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Thu, 01 Jul 2021 02:29:43 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Thu, 1 Jul 2021 02:29:41 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Thu, 1 Jul 2021 02:29:41 -0700 Received: from HY-LT1002.marvell.com (unknown [10.193.70.1]) by maili.marvell.com (Postfix) with ESMTP id BC7943F709F; Thu, 1 Jul 2021 02:29:38 -0700 (PDT) From: Anoob Joseph To: Akhil Goyal , Jerin Jacob CC: Anoob Joseph , Ankur Dwivedi , Tejasree Kondoj , Date: Thu, 1 Jul 2021 14:59:29 +0530 Message-ID: <1625131769-31114-1-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-Proofpoint-GUID: C9Vt2jYlsNaFpGnrcmRZKGMlYRDbQK4R X-Proofpoint-ORIG-GUID: C9Vt2jYlsNaFpGnrcmRZKGMlYRDbQK4R X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-01_06:2021-06-30, 2021-07-01 signatures=0 Subject: [dpdk-dev] [PATCH] net/octeontx2: support non-ethernet L2 hdr X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" In the inline inound path, a custom header would be present at L3 which has sequence number & SPI. L2 need to be adjusted such that the eventual packet would have L3 after L2. Remove assumption of L2 type in this handling. Signed-off-by: Anoob Joseph Acked-by: Jerin Jacob --- drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h | 9 ++--- drivers/crypto/octeontx2/otx2_ipsec_fp.h | 13 +++---- drivers/net/octeontx2/otx2_rx.h | 45 ++++++++++++++++------- 3 files changed, 42 insertions(+), 25 deletions(-) diff --git a/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h b/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h index b2b1f77..089a3d0 100644 --- a/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h +++ b/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h @@ -166,8 +166,9 @@ anti_replay_check(struct otx2_ipsec_replay *replay, uint64_t seq, } static inline int -cpt_ipsec_ip_antireplay_check(struct otx2_ipsec_fp_in_sa *sa, char *data) +cpt_ipsec_ip_antireplay_check(struct otx2_ipsec_fp_in_sa *sa, void *l3_ptr) { + struct otx2_ipsec_fp_res_hdr *hdr = l3_ptr; uint64_t seq_in_sa; uint32_t seqh = 0; uint32_t seql; @@ -176,14 +177,12 @@ cpt_ipsec_ip_antireplay_check(struct otx2_ipsec_fp_in_sa *sa, char *data) int ret; esn = sa->ctl.esn_en; - seql = rte_be_to_cpu_32(*((uint32_t *)(data + - OTX2_IPSEC_SEQNO_LO_INDEX))); + seql = rte_be_to_cpu_32(hdr->seq_no_lo); if (!esn) seq = (uint64_t)seql; else { - seqh = rte_be_to_cpu_32(*((uint32_t *)(data + - OTX2_IPSEC_SEQNO_HI_INDEX))); + seqh = rte_be_to_cpu_32(hdr->seq_no_hi); seq = ((uint64_t)seqh << 32) | seql; } diff --git a/drivers/crypto/octeontx2/otx2_ipsec_fp.h b/drivers/crypto/octeontx2/otx2_ipsec_fp.h index a33041d..4be22d4 100644 --- a/drivers/crypto/octeontx2/otx2_ipsec_fp.h +++ b/drivers/crypto/octeontx2/otx2_ipsec_fp.h @@ -10,14 +10,13 @@ /* Macros for anti replay and ESN */ #define OTX2_IPSEC_MAX_REPLAY_WIN_SZ 1024 -#define OTX2_IPSEC_SAINDEX_SZ 4 -#define OTX2_IPSEC_SEQNO_LO 4 -#define OTX2_IPSEC_SEQNO_LO_INDEX (RTE_ETHER_HDR_LEN + \ - OTX2_IPSEC_SAINDEX_SZ) - -#define OTX2_IPSEC_SEQNO_HI_INDEX (OTX2_IPSEC_SEQNO_LO_INDEX + \ - OTX2_IPSEC_SEQNO_LO) +struct otx2_ipsec_fp_res_hdr { + uint32_t spi; + uint32_t seq_no_lo; + uint32_t seq_no_hi; + uint32_t rsvd; +}; enum { OTX2_IPSEC_FP_SA_DIRECTION_INBOUND = 0, diff --git a/drivers/net/octeontx2/otx2_rx.h b/drivers/net/octeontx2/otx2_rx.h index 257492a..ea29aec 100644 --- a/drivers/net/octeontx2/otx2_rx.h +++ b/drivers/net/octeontx2/otx2_rx.h @@ -41,7 +41,6 @@ /* Inline IPsec offsets */ -#define INLINE_INB_RPTR_HDR 16 /* nix_cqe_hdr_s + nix_rx_parse_s + nix_rx_sg_s + nix_iova_s */ #define INLINE_CPT_RESULT_OFFSET 80 @@ -239,14 +238,18 @@ nix_rx_sec_sa_get(const void * const lookup_mem, int spi, uint16_t port) } static __rte_always_inline uint64_t -nix_rx_sec_mbuf_update(const struct nix_cqe_hdr_s *cq, struct rte_mbuf *m, +nix_rx_sec_mbuf_update(const struct nix_rx_parse_s *rx, + const struct nix_cqe_hdr_s *cq, struct rte_mbuf *m, const void * const lookup_mem) { + uint8_t *l2_ptr, *l3_ptr, *l2_ptr_actual, *l3_ptr_actual; struct otx2_ipsec_fp_in_sa *sa; - struct rte_ipv4_hdr *ipv4; - uint16_t m_len; + uint16_t m_len, l2_len, ip_len; + struct rte_ipv6_hdr *ip6h; + struct rte_ipv4_hdr *iph; + uint16_t *ether_type; uint32_t spi; - char *data; + int i; if (unlikely(nix_rx_sec_cptres_get(cq) != OTX2_SEC_COMP_GOOD)) return PKT_RX_SEC_OFFLOAD | PKT_RX_SEC_OFFLOAD_FAILED; @@ -257,22 +260,38 @@ nix_rx_sec_mbuf_update(const struct nix_cqe_hdr_s *cq, struct rte_mbuf *m, sa = nix_rx_sec_sa_get(lookup_mem, spi, m->port); *rte_security_dynfield(m) = sa->udata64; - data = rte_pktmbuf_mtod(m, char *); + l2_ptr = rte_pktmbuf_mtod(m, uint8_t *); + l2_len = rx->lcptr - rx->laptr; + l3_ptr = RTE_PTR_ADD(l2_ptr, l2_len); if (sa->replay_win_sz) { - if (cpt_ipsec_ip_antireplay_check(sa, data) < 0) + if (cpt_ipsec_ip_antireplay_check(sa, l3_ptr) < 0) return PKT_RX_SEC_OFFLOAD | PKT_RX_SEC_OFFLOAD_FAILED; } - memcpy(data + INLINE_INB_RPTR_HDR, data, RTE_ETHER_HDR_LEN); + l2_ptr_actual = RTE_PTR_ADD(l2_ptr, + sizeof(struct otx2_ipsec_fp_res_hdr)); + l3_ptr_actual = RTE_PTR_ADD(l3_ptr, + sizeof(struct otx2_ipsec_fp_res_hdr)); - m->data_off += INLINE_INB_RPTR_HDR; + for (i = l2_len - RTE_ETHER_TYPE_LEN - 1; i >= 0; i--) + l2_ptr_actual[i] = l2_ptr[i]; - ipv4 = (struct rte_ipv4_hdr *)(data + INLINE_INB_RPTR_HDR + - RTE_ETHER_HDR_LEN); + m->data_off += sizeof(struct otx2_ipsec_fp_res_hdr); - m_len = rte_be_to_cpu_16(ipv4->total_length) + RTE_ETHER_HDR_LEN; + ether_type = RTE_PTR_SUB(l3_ptr_actual, RTE_ETHER_TYPE_LEN); + iph = (struct rte_ipv4_hdr *)l3_ptr_actual; + if ((iph->version_ihl >> 4) == 4) { + ip_len = rte_be_to_cpu_16(iph->total_length); + *ether_type = rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4); + } else { + ip6h = (struct rte_ipv6_hdr *)iph; + ip_len = rte_be_to_cpu_16(ip6h->payload_len); + *ether_type = rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6); + } + + m_len = ip_len + l2_len; m->data_len = m_len; m->pkt_len = m_len; return PKT_RX_SEC_OFFLOAD; @@ -322,7 +341,7 @@ otx2_nix_cqe_to_mbuf(const struct nix_cqe_hdr_s *cq, const uint32_t tag, if ((flag & NIX_RX_OFFLOAD_SECURITY_F) && cq->cqe_type == NIX_XQE_TYPE_RX_IPSECH) { *(uint64_t *)(&mbuf->rearm_data) = val; - ol_flags |= nix_rx_sec_mbuf_update(cq, mbuf, lookup_mem); + ol_flags |= nix_rx_sec_mbuf_update(rx, cq, mbuf, lookup_mem); mbuf->ol_flags = ol_flags; return; }