From patchwork Fri May 31 16:14:48 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Igor Russkikh <igor.russkikh@aquantia.com>
X-Patchwork-Id: 53964
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@dpdk.org
Delivered-To: patchwork@dpdk.org
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 8C5CE1B9AF;
	Fri, 31 May 2019 18:14:52 +0200 (CEST)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com
	(mail-eopbgr780070.outbound.protection.outlook.com [40.107.78.70])
	by dpdk.org (Postfix) with ESMTP id B164D1B9A3
	for <dev@dpdk.org>; Fri, 31 May 2019 18:14:50 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=AQUANTIA1COM.onmicrosoft.com;
	s=selector1-AQUANTIA1COM-onmicrosoft-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=+txudga9IkJsAbOf6uTW8RF1f46g7d5lM1nzilNBvlY=;
	b=ZSzJmJJeIFKzbHotuHlbbV7YdzpcqH2q9goAEczGyLROvbYkzZwvF+PjIkNxMfwXG3lYPrKjlg+863bEbHD7PdDQKa3jMhzvQA6aX2QcuMdV8jTI0AGD6XgFpgE4ZkSxgHXazNxzfmCgyEZhAcSbaQDwygarp49NCThf7sY7dqI=
Received: from MWHPR11MB1968.namprd11.prod.outlook.com (10.175.54.143) by
	MWHPR11MB1262.namprd11.prod.outlook.com (10.169.236.147) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.1922.23; Fri, 31 May 2019 16:14:48 +0000
Received: from MWHPR11MB1968.namprd11.prod.outlook.com
	([fe80::fd20:d79e:4027:a437]) by
	MWHPR11MB1968.namprd11.prod.outlook.com
	([fe80::fd20:d79e:4027:a437%3]) with mapi id 15.20.1943.016;
	Fri, 31 May 2019 16:14:48 +0000
From: Igor Russkikh <Igor.Russkikh@aquantia.com>
To: "dev@dpdk.org" <dev@dpdk.org>
CC: "ferruh.yigit@intel.com" <ferruh.yigit@intel.com>, Pavel Belous
	<Pavel.Belous@aquantia.com>, John McNamara <john.mcnamara@intel.com>,
	Konstantin Ananyev <konstantin.ananyev@intel.com>, Thomas Monjalon
	<thomas@monjalon.net>, Akhil Goyal <akhil.goyal@nxp.com>, Declan Doherty
	<declan.doherty@intel.com>, Igor Russkikh <Igor.Russkikh@aquantia.com>
Thread-Topic: [RFC 2/5] app/testpmd: macsec on command draft via security
	context
Thread-Index: AQHVF8v4ZNO8ylb0CUKs+MwCwK9cPg==
Date: Fri, 31 May 2019 16:14:48 +0000
Message-ID: 
 <a49e7420fe45b0308b9ccf98e0c74925b9d78a68.1559319237.git.igor.russkikh@aquantia.com>
References: 
 <4595add642bf8ca1114488657d12a973b966e8f5.1559319237.git.igor.russkikh@aquantia.com>
In-Reply-To: 
 <4595add642bf8ca1114488657d12a973b966e8f5.1559319237.git.igor.russkikh@aquantia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: HE1PR0401CA0056.eurprd04.prod.outlook.com
	(2603:10a6:3:19::24) To MWHPR11MB1968.namprd11.prod.outlook.com
	(2603:10b6:300:111::15)
authentication-results: spf=none (sender IP is )
	smtp.mailfrom=Igor.Russkikh@aquantia.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [95.79.108.179]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a9a71632-bc50-4a17-1052-08d6e5e31a3b
x-microsoft-antispam: BCL:0; PCL:0;
	RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020);
	SRVR:MWHPR11MB1262;
x-ms-traffictypediagnostic: MWHPR11MB1262:
x-microsoft-antispam-prvs: 
 <MWHPR11MB12627231B159E693EC494A6F98190@MWHPR11MB1262.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 00540983E2
x-forefront-antispam-report: SFV:NSPM;
	SFS:(10009020)(396003)(136003)(39850400004)(366004)(346002)(376002)(189003)(199004)(256004)(14444005)(50226002)(66946007)(81166006)(8676002)(11346002)(44832011)(81156014)(14454004)(7736002)(478600001)(72206003)(5660300002)(1730700003)(476003)(2351001)(76176011)(2616005)(26005)(66446008)(71200400001)(186003)(73956011)(71190400001)(68736007)(66556008)(15650500001)(66476007)(64756008)(118296001)(2501003)(25786009)(99286004)(6916009)(305945005)(6116002)(6436002)(4326008)(5640700003)(6512007)(3846002)(102836004)(52116002)(36756003)(2906002)(8936002)(446003)(86362001)(6506007)(54906003)(316002)(107886003)(66066001)(386003)(53936002)(6486002)(486006);
	DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1262;
	H:MWHPR11MB1968.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en;
	PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: aquantia.com does not designate
	permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 
 +qVFct2BhUQtGnNwd5WuIaNYESC7AbIjtHHPzyduzrtBi0T22QWKE1N/htjhYTPZ3261d/oTFztIQ/aMk7pjP97ZCW3hH95jjpkKwDomMMqaJ+csaviijZTBGn2MB8FfNxFn4v6Q3QVBIrPJe1zuUyHBm3g03CmZMlZASpMR+6h0G9aQpcQXXrftCfYpoJYkCM8rAyKCPV+yox+OFck2ogmY9nsK/t5tEdCn3afoL2KICtwIfshwDIsZG4zbU1zrNRxxkmSKoPsp2KHV6AjdgOt9JWLHvg+9uoT5AaDJryOdzOIGJ25Bcrke4rTGE+H/OTmRvp8GYpNcqeNja5Ss3oZ6zNRDPKhVLWumnYGAoAIB/IQd4IAio3uL/jO0JxhPhQLDn7Vd0hg2uEXQJScPmaNvqwUwkZF6lS8QtPtcmqY=
MIME-Version: 1.0
X-OriginatorOrg: aquantia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 a9a71632-bc50-4a17-1052-08d6e5e31a3b
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 May 2019 16:14:48.6284
	(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: irusski@aquantia.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1262
Subject: [dpdk-dev] [RFC 2/5] app/testpmd: macsec on command draft via
	security context
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
	<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
	<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Here we create/get security mempool, get sec_ctx, and then
request session creation with macsec specific session configuration.

encrypt and replay_protection parameters are really not a global macsec
attributes, they are related to tx and rx security connection properties.

But we keep testpmd commands structure the same for now and will redesign
it in later commits.

Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
 app/test-pmd/cmdline.c | 54 +++++++++++++++++++++++++++++++++++-------
 1 file changed, 46 insertions(+), 8 deletions(-)

diff --git a/app/test-pmd/cmdline.c b/app/test-pmd/cmdline.c
index c1042dd98214..dbee3d958c2e 100644
--- a/app/test-pmd/cmdline.c
+++ b/app/test-pmd/cmdline.c
@@ -46,6 +46,7 @@
 #include <rte_devargs.h>
 #include <rte_flow.h>
 #include <rte_gro.h>
+#include <rte_security.h>
 
 #include <cmdline_rdline.h>
 #include <cmdline_parse.h>
@@ -13991,6 +13992,12 @@ struct cmd_macsec_offload_on_result {
 	cmdline_fixed_string_t rp_on_off;
 };
 
+/* Temporary static storage until testpmd macsec commands get reformatted */
+int macsec_encrypt;
+int macsec_replay_protection;
+struct rte_security_session_conf macsec_conf;
+struct rte_security_session *macsec_session;
+
 /* Common CLI fields for MACsec offload disable */
 cmdline_parse_token_string_t cmd_macsec_offload_on_set =
 	TOKEN_STRING_INITIALIZER
@@ -14029,6 +14036,23 @@ cmdline_parse_token_string_t cmd_macsec_offload_on_rp_on_off =
 		(struct cmd_macsec_offload_on_result,
 		 rp_on_off, "on#off");
 
+static struct rte_mempool *get_security_pool()
+{
+	struct rte_mempool *pool = rte_mempool_lookup("testpmd_security_pool");
+	int session_size = 256;
+
+	if (!pool) {
+		pool = rte_mempool_create("testpmd_security_pool",
+				256,
+				session_size,
+				256,
+				0, NULL, NULL, NULL,
+				NULL, SOCKET_ID_ANY,
+				0);
+	}
+	return pool;
+}
+
 static void
 cmd_set_macsec_offload_on_parsed(
 	void *parsed_result,
@@ -14036,11 +14060,13 @@ cmd_set_macsec_offload_on_parsed(
 	__attribute__((unused)) void *data)
 {
 	struct cmd_macsec_offload_on_result *res = parsed_result;
-	int ret = -ENOTSUP;
+	int ret = 0;
+	struct rte_security_ctx *ctx;
 	portid_t port_id = res->port_id;
 	int en = (strcmp(res->en_on_off, "on") == 0) ? 1 : 0;
 	int rp = (strcmp(res->rp_on_off, "on") == 0) ? 1 : 0;
 	struct rte_eth_dev_info dev_info;
+	struct rte_security_session_conf macsec_conf;
 
 	if (port_id_is_invalid(port_id, ENABLED_WARN))
 		return;
@@ -14049,17 +14075,29 @@ cmd_set_macsec_offload_on_parsed(
 		return;
 	}
 
-	rte_eth_dev_info_get(port_id, &dev_info);
-	if (dev_info.tx_offload_capa & DEV_TX_OFFLOAD_MACSEC_INSERT) {
-#ifdef RTE_LIBRTE_IXGBE_PMD
-		ret = rte_pmd_ixgbe_macsec_enable(port_id, en, rp);
-#endif
+	ctx = rte_eth_dev_get_sec_ctx(port_id);
+	if (!ctx) {
+		ret = ENOTSUP;
+		goto done;
+	}
+
+	macsec_conf.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+	macsec_conf.protocol = RTE_SECURITY_PROTOCOL_MACSEC;
+	/** should be moved to SC properties */
+	macsec_encrypt = en;
+	macsec_replay_protection = rp;
+
+	/* Use of the same mempool for session header and private data */
+	macsec_session = rte_security_session_create(ctx, &macsec_conf, get_security_pool());
+
+	if (macsec_session == NULL) {
+		ret = -ENOTSUP;
 	}
-	RTE_SET_USED(en);
-	RTE_SET_USED(rp);
 
+done:
 	switch (ret) {
 	case 0:
+		/* TBD: To delete? */
 		ports[port_id].dev_conf.txmode.offloads |=
 						DEV_TX_OFFLOAD_MACSEC_INSERT;
 		cmd_reconfig_device_queue(port_id, 1, 1);