From patchwork Fri May 31 16:15:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Igor Russkikh X-Patchwork-Id: 53967 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9CBAE1B9BC; Fri, 31 May 2019 18:15:02 +0200 (CEST) Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-eopbgr780078.outbound.protection.outlook.com [40.107.78.78]) by dpdk.org (Postfix) with ESMTP id EBAEA1B9BC for ; Fri, 31 May 2019 18:15:01 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=AQUANTIA1COM.onmicrosoft.com; s=selector1-AQUANTIA1COM-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KcLW/U/n0k6YTgyLvXDCJS+kuTmGePgrd9JxTwpZP+8=; b=eoILzjO00Lxi2HqoY/cNc97HY+bhI++leEVWeEK5mWlrhOnIJJMvfXujeKpY9o/K4VQ+Z1wiPDMOV1Jwub4Vk89CvIztKWknfk1X+fhJsGaHVbBDBTwRMVT0sXfliJ9CMnEf2kPuHnJpRAN5NCIzYfYwzL1wwWb2yWf8EJg9Q3E= Received: from MWHPR11MB1968.namprd11.prod.outlook.com (10.175.54.143) by MWHPR11MB1262.namprd11.prod.outlook.com (10.169.236.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1922.23; Fri, 31 May 2019 16:15:00 +0000 Received: from MWHPR11MB1968.namprd11.prod.outlook.com ([fe80::fd20:d79e:4027:a437]) by MWHPR11MB1968.namprd11.prod.outlook.com ([fe80::fd20:d79e:4027:a437%3]) with mapi id 15.20.1943.016; Fri, 31 May 2019 16:15:00 +0000 From: Igor Russkikh To: "dev@dpdk.org" CC: "ferruh.yigit@intel.com" , Pavel Belous , John McNamara , Konstantin Ananyev , Thomas Monjalon , Akhil Goyal , Declan Doherty , Igor Russkikh Thread-Topic: [RFC 5/5] net/atlantic: macsec security context draft Thread-Index: AQHVF8v+3LcRfvTRE0iMnFrOR5xg8g== Date: Fri, 31 May 2019 16:15:00 +0000 Message-ID: References: <4595add642bf8ca1114488657d12a973b966e8f5.1559319237.git.igor.russkikh@aquantia.com> In-Reply-To: <4595add642bf8ca1114488657d12a973b966e8f5.1559319237.git.igor.russkikh@aquantia.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: HE1PR0401CA0056.eurprd04.prod.outlook.com (2603:10a6:3:19::24) To MWHPR11MB1968.namprd11.prod.outlook.com (2603:10b6:300:111::15) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Igor.Russkikh@aquantia.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [95.79.108.179] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 56e5f9c2-335e-4817-24d8-08d6e5e32115 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MWHPR11MB1262; x-ms-traffictypediagnostic: MWHPR11MB1262: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2803; x-forefront-prvs: 00540983E2 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(136003)(39850400004)(366004)(346002)(376002)(189003)(199004)(256004)(14444005)(50226002)(66946007)(81166006)(8676002)(11346002)(44832011)(81156014)(14454004)(7736002)(478600001)(72206003)(5660300002)(1730700003)(476003)(2351001)(76176011)(2616005)(26005)(66446008)(71200400001)(186003)(73956011)(71190400001)(68736007)(66556008)(15650500001)(66476007)(64756008)(118296001)(2501003)(25786009)(99286004)(6916009)(305945005)(6116002)(6436002)(4326008)(5640700003)(6512007)(3846002)(102836004)(52116002)(36756003)(2906002)(8936002)(446003)(86362001)(6506007)(54906003)(316002)(107886003)(66066001)(386003)(53936002)(6486002)(486006); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1262; H:MWHPR11MB1968.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: aquantia.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: 4PRvcUsr2Sg3y6FhK0w/RYFh+C7oYv33UvaHj0PGjh8vhQmds3CV8U1HqEjZRiUVpei1V+LH/h7KYLG6GjJKh+LfrJsG/h9h15/MSPqyzdrHEceYDP40YcaKrilTg+DUNv28jELWzKwI5el1LA+57d0680GaCin8kZk5W0AXo1AAD5k8acm+b6+XLoPzbS9WF9ZrDYQB0GCP6i2eCVOGzsR1HywF3/E+GBTucyTgnNpAnUxUWq7XIHMPQZb/MPcwQpb/J9UNkInfe3/gyFf3LDl/FHYc70oudov+ZzlWe7Qhhb7jgpGFGTPE4SNRHh2HyahnI8pu9PDGWuSwkIVWxQiAAakls3gQmXK+Qm0Z2a76OE/ztgs1eCRjPrZfeaqiVBukIh1Yzrons8xfoB2EiYXT6BxH42PUVkgJrsu3upo= MIME-Version: 1.0 X-OriginatorOrg: aquantia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 56e5f9c2-335e-4817-24d8-08d6e5e32115 X-MS-Exchange-CrossTenant-originalarrivaltime: 31 May 2019 16:15:00.0669 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: irusski@aquantia.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1262 Subject: [dpdk-dev] [RFC 5/5] net/atlantic: macsec security context draft X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" --- drivers/net/atlantic/atl_ethdev.c | 116 ++++++++++++++++++++++++++++++ drivers/net/atlantic/meson.build | 1 + 2 files changed, 117 insertions(+) diff --git a/drivers/net/atlantic/atl_ethdev.c b/drivers/net/atlantic/atl_ethdev.c index c9c1795a1639..b6fcf36f0f27 100644 --- a/drivers/net/atlantic/atl_ethdev.c +++ b/drivers/net/atlantic/atl_ethdev.c @@ -5,6 +5,9 @@ #include #include #include +#include +#include +#include #include "atl_ethdev.h" #include "atl_common.h" @@ -122,6 +125,7 @@ static int eth_atl_pci_remove(struct rte_pci_device *pci_dev); static void atl_dev_info_get(struct rte_eth_dev *dev, struct rte_eth_dev_info *dev_info); +static int atl_macsec_ctx_create(struct rte_eth_dev *dev); int atl_logtype_init; int atl_logtype_driver; @@ -412,6 +416,10 @@ eth_atl_dev_init(struct rte_eth_dev *eth_dev) hw->aq_nic_cfg = &adapter->hw_cfg; + /* Initialize security_ctx only for primary process*/ + if (atl_macsec_ctx_create(eth_dev)) + return -ENOMEM; + /* disable interrupt */ atl_disable_intr(hw); @@ -475,6 +483,8 @@ eth_atl_dev_uninit(struct rte_eth_dev *eth_dev) rte_free(eth_dev->data->mac_addrs); eth_dev->data->mac_addrs = NULL; + rte_free(eth_dev->security_ctx); + return 0; } @@ -1872,6 +1882,112 @@ atl_rss_hash_conf_get(struct rte_eth_dev *dev, return 0; } +static const struct rte_security_capability * +atl_crypto_capabilities_get(void *device __rte_unused) +{ + static const struct rte_cryptodev_capabilities + aes_gcm_gmac_crypto_capabilities[] = { + { /* AES GMAC (128-bit) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_GMAC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + }, } + }, } + }, + }; + + static const struct rte_security_capability + alt_security_capabilities[] = { + { + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_MACSEC, + {.macsec = { + /* + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .options = { 0 } + */ + } }, + .crypto_capabilities = aes_gcm_gmac_crypto_capabilities, + .ol_flags = 0 + }, + { + .action = RTE_SECURITY_ACTION_TYPE_NONE + } + }; + + return alt_security_capabilities; +} + +static int atl_macsec_create_session(void *device, + struct rte_security_session_conf *conf, + struct rte_security_session *sess, + struct rte_mempool *mp) +{ + +} + +static int atl_macsec_update_session(void *device, + struct rte_security_session *sess, + struct rte_security_session_conf *conf) +{ + +} + +static unsigned int atl_macsec_session_get_size(void *device) +{ + +} + +static int atl_macsec_destroy_session(void *device, + struct rte_security_session *sess) +{ + +} + +static const struct rte_security_capability *atl_macsec_capabilities_get( + void *device) +{ + +} + +static struct rte_security_ops atl_security_ops = { + .session_create = atl_macsec_create_session, + .session_update = atl_macsec_update_session, + .session_get_size = atl_macsec_session_get_size, + .session_stats_get = NULL, + .session_destroy = atl_macsec_destroy_session, + .set_pkt_metadata = NULL, + .capabilities_get = atl_macsec_capabilities_get, +}; + +static int +atl_macsec_ctx_create(struct rte_eth_dev *dev) +{ + struct rte_security_ctx *ctx = NULL; + + ctx = rte_malloc("rte_security_instances_ops", + sizeof(struct rte_security_ctx), 0); + if (ctx) { + ctx->device = (void *)dev; + ctx->ops = &atl_security_ops; + ctx->sess_cnt = 0; + dev->security_ctx = ctx; + } else { + return -ENOMEM; + } + return 0; +} + + static bool is_device_supported(struct rte_eth_dev *dev, struct rte_pci_driver *drv) { diff --git a/drivers/net/atlantic/meson.build b/drivers/net/atlantic/meson.build index 60b84684ec0a..d14855bdb218 100644 --- a/drivers/net/atlantic/meson.build +++ b/drivers/net/atlantic/meson.build @@ -11,3 +11,4 @@ sources = files( 'hw_atl/hw_atl_utils.c', 'rte_pmd_atlantic.c', ) +deps += ['security'] \ No newline at end of file