From patchwork Wed Sep 28 12:45:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 117052 X-Patchwork-Delegate: jerinj@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A20DCA00C4; Wed, 28 Sep 2022 14:45:55 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 95CB1427F3; Wed, 28 Sep 2022 14:45:55 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 35F884113C for ; Wed, 28 Sep 2022 14:45:52 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA4cpX003076; Wed, 28 Sep 2022 05:45:51 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=ovZ6oE3Ll0O9gVynE8ttD0B+KuSjIn+MH0g4TFkqp9s=; b=StJAorTF9JcCd8LihH/UEWNHK5cxr6cH7+aDc/O0a6RyK/BrUrqPRLkho9b3P4IgmChG /Ml/y6ffZhYoao9k+gaNFdEGrH2aywJzKQJQzEHVKb/m5BlPvPh0P7d9J+aFCDBnoNXb 8K+RjY0pihE3CzWSBTmG7hJvgCli0TjvT3sswrWgtTauH5V33MY7NEoqz2GsrQUTO9Bn OHmjNhmQZD/5Hh+FqHol2aVgVrpH51MaAM3i0mxpAtqsC8aDBm+axKBQ1o8Ew8KVvmuK J2AQ7bZ04AVuC1IoPLMfUsnDtsULNfTg2GvoS5WNXbcc/p2zAUXNXccEuhi1pTc1i6qs /g== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jvjkk8skd-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:45:42 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 28 Sep 2022 05:45:29 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 28 Sep 2022 05:45:29 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id DBAF53F7068; Wed, 28 Sep 2022 05:45:24 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH 1/5] common/cnxk: add ROC APIs for MACsec Date: Wed, 28 Sep 2022 18:15:12 +0530 Message-ID: <20220928124516.93050-2-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220928124516.93050-1-gakhil@marvell.com> References: <20220928122253.23108-4-gakhil@marvell.com> <20220928124516.93050-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: B1Kw_whNCTCgfiyu39uPtNrPWYZdDKTn X-Proofpoint-ORIG-GUID: B1Kw_whNCTCgfiyu39uPtNrPWYZdDKTn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_05,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added mbox related to configuration of MACsec. Signed-off-by: Ankur Dwivedi Signed-off-by: Vamsi Attunuru Signed-off-by: Akhil Goyal --- drivers/common/cnxk/meson.build | 3 + drivers/common/cnxk/roc_api.h | 3 + drivers/common/cnxk/roc_dev.c | 86 +++++ drivers/common/cnxk/roc_mbox.h | 361 ++++++++++++++++++++- drivers/common/cnxk/roc_mcs.c | 347 +++++++++++++++++++++ drivers/common/cnxk/roc_mcs.h | 431 ++++++++++++++++++++++++++ drivers/common/cnxk/roc_mcs_priv.h | 52 ++++ drivers/common/cnxk/roc_mcs_sec_cfg.c | 425 +++++++++++++++++++++++++ drivers/common/cnxk/roc_mcs_stats.c | 230 ++++++++++++++ drivers/common/cnxk/roc_priv.h | 3 + drivers/common/cnxk/version.map | 33 ++ 11 files changed, 1971 insertions(+), 3 deletions(-) create mode 100644 drivers/common/cnxk/roc_mcs.c create mode 100644 drivers/common/cnxk/roc_mcs.h create mode 100644 drivers/common/cnxk/roc_mcs_priv.h create mode 100644 drivers/common/cnxk/roc_mcs_sec_cfg.c create mode 100644 drivers/common/cnxk/roc_mcs_stats.c diff --git a/drivers/common/cnxk/meson.build b/drivers/common/cnxk/meson.build index 127fcbcdc5..02264016e3 100644 --- a/drivers/common/cnxk/meson.build +++ b/drivers/common/cnxk/meson.build @@ -26,6 +26,9 @@ sources = files( 'roc_irq.c', 'roc_ie_ot.c', 'roc_mbox.c', + 'roc_mcs.c', + 'roc_mcs_sec_cfg.c', + 'roc_mcs_stats.c', 'roc_model.c', 'roc_nix.c', 'roc_nix_bpf.c', diff --git a/drivers/common/cnxk/roc_api.h b/drivers/common/cnxk/roc_api.h index 072f16d77d..bcc8746927 100644 --- a/drivers/common/cnxk/roc_api.h +++ b/drivers/common/cnxk/roc_api.h @@ -106,4 +106,7 @@ /* NIX Inline dev */ #include "roc_nix_inl.h" +/* MACsec */ +#include "roc_mcs.h" + #endif /* _ROC_API_H_ */ diff --git a/drivers/common/cnxk/roc_dev.c b/drivers/common/cnxk/roc_dev.c index 59128a3552..b4d492ed08 100644 --- a/drivers/common/cnxk/roc_dev.c +++ b/drivers/common/cnxk/roc_dev.c @@ -501,6 +501,91 @@ pf_vf_mbox_send_up_msg(struct dev *dev, void *rec_msg) } } +static int +mbox_up_handler_mcs_intr_notify(struct dev *dev, struct mcs_intr_info *info, struct msg_rsp *rsp) +{ + struct roc_mcs_event_desc desc = {0}; + struct roc_mcs *mcs; + + plt_base_dbg("pf:%d/vf:%d msg id 0x%x (%s) from: pf:%d/vf:%d", dev_get_pf(dev->pf_func), + dev_get_vf(dev->pf_func), info->hdr.id, mbox_id2name(info->hdr.id), + dev_get_pf(info->hdr.pcifunc), dev_get_vf(info->hdr.pcifunc)); + + mcs = roc_mcs_dev_get(info->mcs_id); + if (!mcs) + goto exit; + + if (info->intr_mask) { + switch (info->intr_mask) { + case MCS_CPM_RX_SECTAG_V_EQ1_INT: + desc.type = ROC_MCS_EVENT_SECTAG_VAL_ERR; + desc.subtype = ROC_MCS_EVENT_RX_SECTAG_V_EQ1; + break; + case MCS_CPM_RX_SECTAG_E_EQ0_C_EQ1_INT: + desc.type = ROC_MCS_EVENT_SECTAG_VAL_ERR; + desc.subtype = ROC_MCS_EVENT_RX_SECTAG_E_EQ0_C_EQ1; + break; + case MCS_CPM_RX_SECTAG_SL_GTE48_INT: + desc.type = ROC_MCS_EVENT_SECTAG_VAL_ERR; + desc.subtype = ROC_MCS_EVENT_RX_SECTAG_SL_GTE48; + break; + case MCS_CPM_RX_SECTAG_ES_EQ1_SC_EQ1_INT: + desc.type = ROC_MCS_EVENT_SECTAG_VAL_ERR; + desc.subtype = ROC_MCS_EVENT_RX_SECTAG_ES_EQ1_SC_EQ1; + break; + case MCS_CPM_RX_SECTAG_SC_EQ1_SCB_EQ1_INT: + desc.type = ROC_MCS_EVENT_SECTAG_VAL_ERR; + desc.subtype = ROC_MCS_EVENT_RX_SECTAG_SC_EQ1_SCB_EQ1; + break; + case MCS_CPM_RX_PACKET_XPN_EQ0_INT: + desc.type = ROC_MCS_EVENT_RX_SA_PN_HARD_EXP; + desc.metadata.sa_idx = info->sa_id; + break; + case MCS_CPM_RX_PN_THRESH_REACHED_INT: + desc.type = ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP; + desc.metadata.sa_idx = info->sa_id; + break; + case MCS_CPM_TX_PACKET_XPN_EQ0_INT: + desc.type = ROC_MCS_EVENT_TX_SA_PN_HARD_EXP; + desc.metadata.sa_idx = info->sa_id; + break; + case MCS_CPM_TX_PN_THRESH_REACHED_INT: + desc.type = ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP; + desc.metadata.sa_idx = info->sa_id; + break; + case MCS_CPM_TX_SA_NOT_VALID_INT: + desc.type = ROC_MCS_EVENT_SA_NOT_VALID; + break; + case MCS_BBE_RX_DFIFO_OVERFLOW_INT: + case MCS_BBE_TX_DFIFO_OVERFLOW_INT: + desc.type = ROC_MCS_EVENT_FIFO_OVERFLOW; + desc.subtype = ROC_MCS_EVENT_DATA_FIFO_OVERFLOW; + desc.metadata.lmac_id = info->lmac_id; + break; + case MCS_BBE_RX_PLFIFO_OVERFLOW_INT: + case MCS_BBE_TX_PLFIFO_OVERFLOW_INT: + desc.type = ROC_MCS_EVENT_FIFO_OVERFLOW; + desc.subtype = ROC_MCS_EVENT_POLICY_FIFO_OVERFLOW; + desc.metadata.lmac_id = info->lmac_id; + break; + case MCS_PAB_RX_CHAN_OVERFLOW_INT: + case MCS_PAB_TX_CHAN_OVERFLOW_INT: + desc.type = ROC_MCS_EVENT_FIFO_OVERFLOW; + desc.subtype = ROC_MCS_EVENT_PKT_ASSM_FIFO_OVERFLOW; + desc.metadata.lmac_id = info->lmac_id; + break; + default: + goto exit; + } + + mcs_event_cb_process(mcs, &desc); + } + +exit: + rsp->hdr.rc = 0; + return 0; +} + static int mbox_up_handler_cgx_link_event(struct dev *dev, struct cgx_link_info_msg *msg, struct msg_rsp *rsp) @@ -589,6 +674,7 @@ mbox_process_msgs_up(struct dev *dev, struct mbox_msghdr *req) return err; \ } MBOX_UP_CGX_MESSAGES + MBOX_UP_MCS_MESSAGES #undef M } diff --git a/drivers/common/cnxk/roc_mbox.h b/drivers/common/cnxk/roc_mbox.h index 688c70b4ee..05f96ce192 100644 --- a/drivers/common/cnxk/roc_mbox.h +++ b/drivers/common/cnxk/roc_mbox.h @@ -267,16 +267,56 @@ struct mbox_msghdr { M(NIX_READ_INLINE_IPSEC_CFG, 0x8023, nix_read_inline_ipsec_cfg, \ msg_req, nix_inline_ipsec_cfg) \ M(NIX_LF_INLINE_RQ_CFG, 0x8024, nix_lf_inline_rq_cfg, \ - nix_rq_cpt_field_mask_cfg_req, msg_rsp) - + nix_rq_cpt_field_mask_cfg_req, msg_rsp) \ + M(MCS_ALLOC_RESOURCES, 0xa000, mcs_alloc_resources, mcs_alloc_rsrc_req,\ + mcs_alloc_rsrc_rsp) \ + M(MCS_FREE_RESOURCES, 0xa001, mcs_free_resources, mcs_free_rsrc_req, \ + msg_rsp) \ + M(MCS_FLOWID_ENTRY_WRITE, 0xa002, mcs_flowid_entry_write, \ + mcs_flowid_entry_write_req, msg_rsp) \ + M(MCS_SECY_PLCY_WRITE, 0xa003, mcs_secy_plcy_write, \ + mcs_secy_plcy_write_req, msg_rsp) \ + M(MCS_RX_SC_CAM_WRITE, 0xa004, mcs_rx_sc_cam_write, \ + mcs_rx_sc_cam_write_req, msg_rsp) \ + M(MCS_SA_PLCY_WRITE, 0xa005, mcs_sa_plcy_write, \ + mcs_sa_plcy_write_req, msg_rsp) \ + M(MCS_TX_SC_SA_MAP_WRITE, 0xa006, mcs_tx_sc_sa_map_write, \ + mcs_tx_sc_sa_map, msg_rsp) \ + M(MCS_RX_SC_SA_MAP_WRITE, 0xa007, mcs_rx_sc_sa_map_write, \ + mcs_rx_sc_sa_map, msg_rsp) \ + M(MCS_FLOWID_ENA_ENTRY, 0xa008, mcs_flowid_ena_entry, \ + mcs_flowid_ena_dis_entry, msg_rsp) \ + M(MCS_PN_TABLE_WRITE, 0xa009, mcs_pn_table_write, \ + mcs_pn_table_write_req, msg_rsp) \ + M(MCS_SET_ACTIVE_LMAC, 0xa00a, mcs_set_active_lmac, \ + mcs_set_active_lmac, msg_rsp) \ + M(MCS_GET_HW_INFO, 0xa00b, mcs_get_hw_info, msg_req, mcs_hw_info) \ + M(MCS_GET_FLOWID_STATS, 0xa00c, mcs_get_flowid_stats, mcs_stats_req, \ + mcs_flowid_stats) \ + M(MCS_GET_SECY_STATS, 0xa00d, mcs_get_secy_stats, mcs_stats_req, \ + mcs_secy_stats) \ + M(MCS_GET_SC_STATS, 0xa00e, mcs_get_sc_stats, mcs_stats_req, \ + mcs_sc_stats) \ + M(MCS_GET_SA_STATS, 0xa00f, mcs_get_sa_stats, mcs_stats_req, \ + mcs_sa_stats) \ + M(MCS_GET_PORT_STATS, 0xa010, mcs_get_port_stats, mcs_stats_req, \ + mcs_port_stats) \ + M(MCS_CLEAR_STATS, 0xa011, mcs_clear_stats, mcs_clear_stats, msg_rsp) \ + M(MCS_INTR_CFG, 0xa012, mcs_intr_cfg, mcs_intr_cfg, msg_rsp) \ + M(MCS_SET_LMAC_MODE, 0xa013, mcs_set_lmac_mode, mcs_set_lmac_mode, \ + msg_rsp) \ + /* Messages initiated by AF (range 0xC00 - 0xDFF) */ #define MBOX_UP_CGX_MESSAGES \ M(CGX_LINK_EVENT, 0xC00, cgx_link_event, cgx_link_info_msg, msg_rsp) \ M(CGX_PTP_RX_INFO, 0xC01, cgx_ptp_rx_info, cgx_ptp_rx_info_msg, msg_rsp) +#define MBOX_UP_MCS_MESSAGES \ + M(MCS_INTR_NOTIFY, 0xE00, mcs_intr_notify, mcs_intr_info, msg_rsp) + enum { #define M(_name, _id, _1, _2, _3) MBOX_MSG_##_name = _id, - MBOX_MESSAGES MBOX_UP_CGX_MESSAGES + MBOX_MESSAGES MBOX_UP_CGX_MESSAGES MBOX_UP_MCS_MESSAGES #undef M }; @@ -645,6 +685,321 @@ struct cgx_set_link_mode_rsp { int __io status; }; +/* MCS mbox structures */ +enum mcs_direction { + MCS_RX, + MCS_TX, +}; + +enum mcs_rsrc_type { + MCS_RSRC_TYPE_FLOWID, + MCS_RSRC_TYPE_SECY, + MCS_RSRC_TYPE_SC, + MCS_RSRC_TYPE_SA, +}; + +struct mcs_alloc_rsrc_req { + struct mbox_msghdr hdr; + uint8_t __io rsrc_type; + uint8_t __io rsrc_cnt; /* Resources count */ + uint8_t __io mcs_id; /* MCS block ID */ + uint8_t __io dir; /* Macsec ingress or egress side */ + uint8_t __io all; /* Allocate all resource type one each */ + uint64_t __io rsvd; +}; + +struct mcs_alloc_rsrc_rsp { + struct mbox_msghdr hdr; + uint8_t __io flow_ids[128]; /* Index of reserved entries */ + uint8_t __io secy_ids[128]; + uint8_t __io sc_ids[128]; + uint8_t __io sa_ids[256]; + uint8_t __io rsrc_type; + uint8_t __io rsrc_cnt; /* No of entries reserved */ + uint8_t __io mcs_id; + uint8_t __io dir; + uint8_t __io all; + uint8_t __io rsvd[256]; +}; + +struct mcs_free_rsrc_req { + struct mbox_msghdr hdr; + uint8_t __io rsrc_id; /* Index of the entry to be freed */ + uint8_t __io rsrc_type; + uint8_t __io mcs_id; + uint8_t __io dir; + uint8_t __io all; /* Free all the cam resources */ + uint64_t __io rsvd; +}; + +struct mcs_flowid_entry_write_req { + struct mbox_msghdr hdr; + uint64_t __io data[4]; + uint64_t __io mask[4]; + uint64_t __io sci; /* CNF10K-B for tx_secy_mem_map */ + uint8_t __io flow_id; + uint8_t __io secy_id; /* secyid for which flowid is mapped */ + /* sc_id is Valid if dir = MCS_TX, SC_CAM id mapped to flowid */ + uint8_t __io sc_id; + uint8_t __io ena; /* Enable tcam entry */ + uint8_t __io ctr_pkt; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_secy_plcy_write_req { + struct mbox_msghdr hdr; + uint64_t __io plcy; + uint8_t __io secy_id; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +/* RX SC_CAM mapping */ +struct mcs_rx_sc_cam_write_req { + struct mbox_msghdr hdr; + uint64_t __io sci; /* SCI */ + uint64_t __io secy_id; /* secy index mapped to SC */ + uint8_t __io sc_id; /* SC CAM entry index */ + uint8_t __io mcs_id; + uint64_t __io rsvd; +}; + +struct mcs_sa_plcy_write_req { + struct mbox_msghdr hdr; + uint64_t __io plcy[2][9]; /* Support 2 SA policy */ + uint8_t __io sa_index[2]; + uint8_t __io sa_cnt; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_tx_sc_sa_map { + struct mbox_msghdr hdr; + uint8_t __io sa_index0; + uint8_t __io sa_index1; + uint8_t __io rekey_ena; + uint8_t __io sa_index0_vld; + uint8_t __io sa_index1_vld; + uint8_t __io tx_sa_active; + uint64_t __io sectag_sci; + uint8_t __io sc_id; /* used as index for SA_MEM_MAP */ + uint8_t __io mcs_id; + uint64_t __io rsvd; +}; + +struct mcs_rx_sc_sa_map { + struct mbox_msghdr hdr; + uint8_t __io sa_index; + uint8_t __io sa_in_use; + uint8_t __io sc_id; + /* an range is 0-3, sc_id + an used as index SA_MEM_MAP */ + uint8_t __io an; + uint8_t __io mcs_id; + uint64_t __io rsvd; +}; + +struct mcs_flowid_ena_dis_entry { + struct mbox_msghdr hdr; + uint8_t __io flow_id; + uint8_t __io ena; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_pn_table_write_req { + struct mbox_msghdr hdr; + uint64_t __io next_pn; + uint8_t __io pn_id; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_cam_entry_read_req { + struct mbox_msghdr hdr; + uint8_t __io rsrc_type; /* TCAM/SECY/SC/SA/PN */ + uint8_t __io rsrc_id; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_cam_entry_read_rsp { + struct mbox_msghdr hdr; + uint64_t __io reg_val[10]; + uint8_t __io rsrc_type; + uint8_t __io rsrc_id; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_hw_info { + struct mbox_msghdr hdr; + uint8_t __io num_mcs_blks; /* Number of MCS blocks */ + uint8_t __io tcam_entries; /* RX/TX Tcam entries per mcs block */ + uint8_t __io secy_entries; /* RX/TX SECY entries per mcs block */ + uint8_t __io sc_entries; /* RX/TX SC CAM entries per mcs block */ + uint8_t __io sa_entries; /* PN table entries = SA entries */ + uint64_t __io rsvd[16]; +}; + +struct mcs_set_active_lmac { + struct mbox_msghdr hdr; + uint32_t __io lmac_bmap; /* bitmap of active lmac per mcs block */ + uint8_t __io mcs_id; + uint16_t channel_base; /* MCS channel base */ + uint64_t __io rsvd; +}; + +#define MCS_CPM_RX_SECTAG_V_EQ1_INT BIT_ULL(0) +#define MCS_CPM_RX_SECTAG_E_EQ0_C_EQ1_INT BIT_ULL(1) +#define MCS_CPM_RX_SECTAG_SL_GTE48_INT BIT_ULL(2) +#define MCS_CPM_RX_SECTAG_ES_EQ1_SC_EQ1_INT BIT_ULL(3) +#define MCS_CPM_RX_SECTAG_SC_EQ1_SCB_EQ1_INT BIT_ULL(4) +#define MCS_CPM_RX_PACKET_XPN_EQ0_INT BIT_ULL(5) +#define MCS_CPM_RX_PN_THRESH_REACHED_INT BIT_ULL(6) +#define MCS_CPM_TX_PACKET_XPN_EQ0_INT BIT_ULL(7) +#define MCS_CPM_TX_PN_THRESH_REACHED_INT BIT_ULL(8) +#define MCS_CPM_TX_SA_NOT_VALID_INT BIT_ULL(9) +#define MCS_BBE_RX_DFIFO_OVERFLOW_INT BIT_ULL(10) +#define MCS_BBE_RX_PLFIFO_OVERFLOW_INT BIT_ULL(11) +#define MCS_BBE_TX_DFIFO_OVERFLOW_INT BIT_ULL(12) +#define MCS_BBE_TX_PLFIFO_OVERFLOW_INT BIT_ULL(13) +#define MCS_PAB_RX_CHAN_OVERFLOW_INT BIT_ULL(14) +#define MCS_PAB_TX_CHAN_OVERFLOW_INT BIT_ULL(15) + +struct mcs_intr_cfg { + struct mbox_msghdr hdr; + uint64_t __io intr_mask; /* Interrupt enable mask */ + uint8_t __io mcs_id; +}; + +struct mcs_intr_info { + struct mbox_msghdr hdr; + uint64_t __io intr_mask; + int __io sa_id; + uint8_t __io mcs_id; + uint8_t __io lmac_id; + uint64_t __io rsvd[4]; +}; + +struct mcs_set_lmac_mode { + struct mbox_msghdr hdr; + uint8_t __io mode; /* '1' for internal bypass mode (passthrough), '0' for MCS processing */ + uint8_t __io lmac_id; + uint8_t __io mcs_id; + uint64_t __io rsvd; +}; + +struct mcs_stats_req { + struct mbox_msghdr hdr; + uint8_t __io id; + uint8_t __io mcs_id; + uint8_t __io dir; + uint64_t __io rsvd; +}; + +struct mcs_flowid_stats { + struct mbox_msghdr hdr; + uint64_t __io tcam_hit_cnt; + uint64_t __io rsvd; +}; + +struct mcs_secy_stats { + struct mbox_msghdr hdr; + uint64_t __io ctl_pkt_bcast_cnt; + uint64_t __io ctl_pkt_mcast_cnt; + uint64_t __io ctl_pkt_ucast_cnt; + uint64_t __io ctl_octet_cnt; + uint64_t __io unctl_pkt_bcast_cnt; + uint64_t __io unctl_pkt_mcast_cnt; + uint64_t __io unctl_pkt_ucast_cnt; + uint64_t __io unctl_octet_cnt; + /* Valid only for RX */ + uint64_t __io octet_decrypted_cnt; + uint64_t __io octet_validated_cnt; + uint64_t __io pkt_port_disabled_cnt; + uint64_t __io pkt_badtag_cnt; + uint64_t __io pkt_nosa_cnt; + uint64_t __io pkt_nosaerror_cnt; + uint64_t __io pkt_tagged_ctl_cnt; + uint64_t __io pkt_untaged_cnt; + uint64_t __io pkt_ctl_cnt; /* CN10K-B */ + uint64_t __io pkt_notag_cnt; /* CNF10K-B */ + /* Valid only for TX */ + uint64_t __io octet_encrypted_cnt; + uint64_t __io octet_protected_cnt; + uint64_t __io pkt_noactivesa_cnt; + uint64_t __io pkt_toolong_cnt; + uint64_t __io pkt_untagged_cnt; + uint64_t __io rsvd[4]; +}; + +struct mcs_port_stats { + struct mbox_msghdr hdr; + uint64_t __io tcam_miss_cnt; + uint64_t __io parser_err_cnt; + uint64_t __io preempt_err_cnt; /* CNF10K-B */ + uint64_t __io sectag_insert_err_cnt; + uint64_t __io rsvd[4]; +}; + +/* Only for CN10K-B */ +struct mcs_sa_stats { + struct mbox_msghdr hdr; + /* RX */ + uint64_t __io pkt_invalid_cnt; + uint64_t __io pkt_nosaerror_cnt; + uint64_t __io pkt_notvalid_cnt; + uint64_t __io pkt_ok_cnt; + uint64_t __io pkt_nosa_cnt; + /* TX */ + uint64_t __io pkt_encrypt_cnt; + uint64_t __io pkt_protected_cnt; + uint64_t __io rsvd[4]; +}; + +struct mcs_sc_stats { + struct mbox_msghdr hdr; + /* RX */ + uint64_t __io hit_cnt; + uint64_t __io pkt_invalid_cnt; + uint64_t __io pkt_late_cnt; + uint64_t __io pkt_notvalid_cnt; + uint64_t __io pkt_unchecked_cnt; + uint64_t __io pkt_delay_cnt; /* CNF10K-B */ + uint64_t __io pkt_ok_cnt; /* CNF10K-B */ + uint64_t __io octet_decrypt_cnt; /* CN10K-B */ + uint64_t __io octet_validate_cnt; /* CN10K-B */ + /* TX */ + uint64_t __io pkt_encrypt_cnt; + uint64_t __io pkt_protected_cnt; + uint64_t __io octet_encrypt_cnt; /* CN10K-B */ + uint64_t __io octet_protected_cnt; /* CN10K-B */ + uint64_t __io rsvd[4]; +}; + +struct mcs_clear_stats { + struct mbox_msghdr hdr; +#define MCS_FLOWID_STATS 0 +#define MCS_SECY_STATS 1 +#define MCS_SC_STATS 2 +#define MCS_SA_STATS 3 +#define MCS_PORT_STATS 4 + uint8_t __io type; /* FLOWID, SECY, SC, SA, PORT */ + /* type = PORT, If id = FF(invalid) port no is derived from pcifunc */ + uint8_t __io id; + uint8_t __io mcs_id; + uint8_t __io dir; + uint8_t __io all; /* All resources stats mapped to PF are cleared */ +}; + /* NPA mbox message formats */ /* NPA mailbox error codes diff --git a/drivers/common/cnxk/roc_mcs.c b/drivers/common/cnxk/roc_mcs.c new file mode 100644 index 0000000000..769f74a512 --- /dev/null +++ b/drivers/common/cnxk/roc_mcs.c @@ -0,0 +1,347 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#include "roc_api.h" +#include "roc_priv.h" + +struct mcs_event_cb { + TAILQ_ENTRY(mcs_event_cb) next; + enum roc_mcs_event_type event; + roc_mcs_dev_cb_fn cb_fn; + void *cb_arg; + void *ret_param; + uint32_t active; +}; +TAILQ_HEAD(mcs_event_cb_list, mcs_event_cb); + +PLT_STATIC_ASSERT(ROC_MCS_MEM_SZ >= (sizeof(struct mcs_priv) + sizeof(struct mcs_event_cb_list))); + +TAILQ_HEAD(roc_mcs_head, roc_mcs); +/* Local mcs tailq list */ +static struct roc_mcs_head roc_mcs_head = TAILQ_HEAD_INITIALIZER(roc_mcs_head); + +int +roc_mcs_hw_info_get(struct roc_mcs_hw_info *hw_info) +{ + struct mcs_hw_info *hw; + struct npa_lf *npa; + int rc; + + MCS_SUPPORT_CHECK; + + if (hw_info == NULL) + return -EINVAL; + + /* Use mbox handler of first probed pci_func for + * initial mcs mbox communication. + */ + npa = idev_npa_obj_get(); + if (!npa) + return MCS_ERR_DEVICE_NOT_FOUND; + + mbox_alloc_msg_mcs_get_hw_info(npa->mbox); + rc = mbox_process_msg(npa->mbox, (void *)&hw); + if (rc) + return rc; + + hw_info->num_mcs_blks = hw->num_mcs_blks; + hw_info->tcam_entries = hw->tcam_entries; + hw_info->secy_entries = hw->secy_entries; + hw_info->sc_entries = hw->sc_entries; + hw_info->sa_entries = hw->sa_entries; + + return rc; +} + +int +roc_mcs_active_lmac_set(struct roc_mcs *mcs, struct roc_mcs_set_active_lmac *lmac) +{ + struct mcs_set_active_lmac *req; + struct msg_rsp *rsp; + + /* Only needed for 105N */ + if (!roc_model_is_cnf10kb()) + return 0; + + if (lmac == NULL) + return -EINVAL; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_set_active_lmac(mcs->mbox); + if (req == NULL) + return -ENOMEM; + + req->lmac_bmap = lmac->lmac_bmap; + req->channel_base = lmac->channel_base; + req->mcs_id = mcs->idx; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_lmac_mode_set(struct roc_mcs *mcs, struct roc_mcs_set_lmac_mode *port) +{ + struct mcs_set_lmac_mode *req; + struct msg_rsp *rsp; + + if (port == NULL) + return -EINVAL; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_set_lmac_mode(mcs->mbox); + if (req == NULL) + return -ENOMEM; + + req->lmac_id = port->lmac_id; + req->mcs_id = mcs->idx; + req->mode = port->mode; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_intr_configure(struct roc_mcs *mcs, struct roc_mcs_intr_cfg *config) +{ + struct mcs_intr_cfg *req; + struct msg_rsp *rsp; + + if (config == NULL) + return -EINVAL; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_intr_cfg(mcs->mbox); + if (req == NULL) + return -ENOMEM; + + req->intr_mask = config->intr_mask; + req->mcs_id = mcs->idx; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_event_cb_register(struct roc_mcs *mcs, enum roc_mcs_event_type event, + roc_mcs_dev_cb_fn cb_fn, void *cb_arg, void *userdata) +{ + struct mcs_event_cb_list *cb_list = (struct mcs_event_cb_list *)roc_mcs_to_mcs_cb_list(mcs); + struct mcs_event_cb *cb; + + if (cb_fn == NULL || cb_arg == NULL || userdata == NULL) + return -EINVAL; + + MCS_SUPPORT_CHECK; + + TAILQ_FOREACH(cb, cb_list, next) { + if (cb->cb_fn == cb_fn && cb->cb_arg == cb_arg && cb->event == event) + break; + } + + if (cb == NULL) { + cb = plt_zmalloc(sizeof(struct mcs_event_cb), 0); + if (!cb) + return -ENOMEM; + + cb->cb_fn = cb_fn; + cb->cb_arg = cb_arg; + cb->event = event; + mcs->userdata = userdata; + TAILQ_INSERT_TAIL(cb_list, cb, next); + } + + return 0; +} + +int +roc_mcs_event_cb_unregister(struct roc_mcs *mcs, enum roc_mcs_event_type event) +{ + struct mcs_event_cb_list *cb_list = (struct mcs_event_cb_list *)roc_mcs_to_mcs_cb_list(mcs); + struct mcs_event_cb *cb, *next; + + MCS_SUPPORT_CHECK; + + for (cb = TAILQ_FIRST(cb_list); cb != NULL; cb = next) { + next = TAILQ_NEXT(cb, next); + + if (cb->event != event) + continue; + + if (cb->active == 0) { + TAILQ_REMOVE(cb_list, cb, next); + plt_free(cb); + } else { + return -EAGAIN; + } + } + + return 0; +} + +int +mcs_event_cb_process(struct roc_mcs *mcs, struct roc_mcs_event_desc *desc) +{ + struct mcs_event_cb_list *cb_list = (struct mcs_event_cb_list *)roc_mcs_to_mcs_cb_list(mcs); + struct mcs_event_cb mcs_cb; + struct mcs_event_cb *cb; + int rc = 0; + + TAILQ_FOREACH(cb, cb_list, next) { + if (cb->cb_fn == NULL || cb->event != desc->type) + continue; + + mcs_cb = *cb; + cb->active = 1; + mcs_cb.ret_param = desc; + + rc = mcs_cb.cb_fn(mcs->userdata, mcs_cb.ret_param, mcs_cb.cb_arg); + cb->active = 0; + } + + return rc; +} + +static int +mcs_alloc_bmap(uint16_t entries, void **mem, struct plt_bitmap **bmap) +{ + size_t bmap_sz; + int rc = 0; + + bmap_sz = plt_bitmap_get_memory_footprint(entries); + *mem = plt_zmalloc(bmap_sz, PLT_CACHE_LINE_SIZE); + if (*mem == NULL) + rc = -ENOMEM; + + *bmap = plt_bitmap_init(entries, *mem, bmap_sz); + if (!*bmap) { + plt_free(*mem); + *mem = NULL; + rc = -ENOMEM; + } + + return rc; +} + +static int +mcs_alloc_rsrc_bmap(struct roc_mcs *mcs) +{ + struct mcs_priv *priv = roc_mcs_to_mcs_priv(mcs); + struct mcs_hw_info *hw; + int rc; + + mbox_alloc_msg_mcs_get_hw_info(mcs->mbox); + rc = mbox_process_msg(mcs->mbox, (void *)&hw); + if (rc) + return rc; + + priv->num_mcs_blks = hw->num_mcs_blks; + priv->tcam_entries = hw->tcam_entries; + priv->secy_entries = hw->secy_entries; + priv->sc_entries = hw->sc_entries; + priv->sa_entries = hw->sa_entries; + + /* Allocate double the resources to accommodate both Tx & Rx */ + rc = mcs_alloc_bmap(priv->tcam_entries << 1, &priv->tcam_bmap_mem, &priv->tcam_bmap); + if (rc) + goto exit; + + rc = mcs_alloc_bmap(priv->secy_entries << 1, &priv->secy_bmap_mem, &priv->secy_bmap); + if (rc) + goto exit; + + rc = mcs_alloc_bmap(priv->sc_entries << 1, &priv->sc_bmap_mem, &priv->sc_bmap); + if (rc) + goto exit; + + rc = mcs_alloc_bmap(priv->sa_entries << 1, &priv->sa_bmap_mem, &priv->sa_bmap); + if (rc) + goto exit; + + return rc; + +exit: + plt_bitmap_free(priv->tcam_bmap); + plt_free(priv->tcam_bmap_mem); + plt_bitmap_free(priv->secy_bmap); + plt_free(priv->secy_bmap_mem); + plt_bitmap_free(priv->sc_bmap); + plt_free(priv->sc_bmap_mem); + plt_bitmap_free(priv->sa_bmap); + plt_free(priv->sa_bmap_mem); + + return rc; +} + +struct roc_mcs * +roc_mcs_dev_get(uint8_t mcs_idx) +{ + struct roc_mcs *mcs = NULL; + + TAILQ_FOREACH (mcs, &roc_mcs_head, next) { + if (mcs->idx == mcs_idx) + break; + } + + return mcs; +} + +struct roc_mcs * +roc_mcs_dev_init(uint8_t mcs_idx) +{ + struct mcs_event_cb_list *cb_list; + struct roc_mcs *mcs; + struct npa_lf *npa; + + mcs = plt_zmalloc(sizeof(struct roc_mcs), PLT_CACHE_LINE_SIZE); + if (!mcs) + return NULL; + + if (roc_model_is_cnf10kb()) { + npa = idev_npa_obj_get(); + if (!npa) + goto exit; + + mcs->mbox = npa->mbox; + } else { + /* Retrieve mbox handler for other roc models */ + ; + } + + mcs->idx = mcs_idx; + + /* Add any per mcsv initialization */ + if (mcs_alloc_rsrc_bmap(mcs)) + goto exit; + + TAILQ_INSERT_TAIL(&roc_mcs_head, mcs, next); + + cb_list = (struct mcs_event_cb_list *)roc_mcs_to_mcs_cb_list(mcs); + TAILQ_INIT(cb_list); + + return mcs; + +exit: + plt_free(mcs); + return NULL; +} + +void +roc_mcs_dev_fini(struct roc_mcs *mcs) +{ + struct mcs_priv *priv = roc_mcs_to_mcs_priv(mcs); + + TAILQ_REMOVE(&roc_mcs_head, mcs, next); + + plt_bitmap_free(priv->tcam_bmap); + plt_free(priv->tcam_bmap_mem); + plt_bitmap_free(priv->secy_bmap); + plt_free(priv->secy_bmap_mem); + plt_bitmap_free(priv->sc_bmap); + plt_free(priv->sc_bmap_mem); + plt_bitmap_free(priv->sa_bmap); + plt_free(priv->sa_bmap_mem); + + plt_free(mcs); +} diff --git a/drivers/common/cnxk/roc_mcs.h b/drivers/common/cnxk/roc_mcs.h new file mode 100644 index 0000000000..f2c8b3ae06 --- /dev/null +++ b/drivers/common/cnxk/roc_mcs.h @@ -0,0 +1,431 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#ifndef _ROC_MCS_H_ +#define _ROC_MCS_H_ + +struct roc_mcs_alloc_rsrc_req { + uint8_t rsrc_type; + uint8_t rsrc_cnt; /* Resources count */ + uint8_t mcs_id; /* MCS block ID */ + uint8_t dir; /* Macsec ingress or egress side */ + uint8_t all; /* Allocate all resource type one each */ +}; + +struct roc_mcs_alloc_rsrc_rsp { + uint8_t flow_ids[128]; /* Index of reserved entries */ + uint8_t secy_ids[128]; + uint8_t sc_ids[128]; + uint8_t sa_ids[256]; + uint8_t rsrc_type; + uint8_t rsrc_cnt; /* No of entries reserved */ + uint8_t mcs_id; + uint8_t dir; + uint8_t all; +}; + +struct roc_mcs_free_rsrc_req { + uint8_t rsrc_id; /* Index of the entry to be freed */ + uint8_t rsrc_type; + uint8_t mcs_id; + uint8_t dir; + uint8_t all; /* Free all the cam resources */ +}; + +struct roc_mcs_flowid_entry_write_req { + uint64_t data[4]; + uint64_t mask[4]; + uint64_t sci; /* 105N for tx_secy_mem_map */ + uint8_t flow_id; + uint8_t secy_id; /* secyid for which flowid is mapped */ + uint8_t sc_id; /* Valid if dir = MCS_TX, SC_CAM id mapped to flowid */ + uint8_t ena; /* Enable tcam entry */ + uint8_t ctr_pkt; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_secy_plcy_write_req { + uint64_t plcy; + uint8_t secy_id; + uint8_t mcs_id; + uint8_t dir; +}; + +/* RX SC_CAM mapping */ +struct roc_mcs_rx_sc_cam_write_req { + uint64_t sci; /* SCI */ + uint64_t secy_id; /* secy index mapped to SC */ + uint8_t sc_id; /* SC CAM entry index */ + uint8_t mcs_id; +}; + +struct roc_mcs_sa_plcy_write_req { + uint64_t plcy[2][9]; + uint8_t sa_index[2]; + uint8_t sa_cnt; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_tx_sc_sa_map { + uint8_t sa_index0; + uint8_t sa_index1; + uint8_t rekey_ena; + uint8_t sa_index0_vld; + uint8_t sa_index1_vld; + uint8_t tx_sa_active; + uint64_t sectag_sci; + uint8_t sc_id; /* used as index for SA_MEM_MAP */ + uint8_t mcs_id; +}; + +struct roc_mcs_rx_sc_sa_map { + uint8_t sa_index; + uint8_t sa_in_use; + uint8_t sc_id; + uint8_t an; /* value range 0-3, sc_id + an used as index SA_MEM_MAP */ + uint8_t mcs_id; +}; + +struct roc_mcs_flowid_ena_dis_entry { + uint8_t flow_id; + uint8_t ena; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_pn_table_write_req { + uint64_t next_pn; + uint8_t pn_id; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_cam_entry_read_req { + uint8_t rsrc_type; /* TCAM/SECY/SC/SA/PN */ + uint8_t rsrc_id; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_cam_entry_read_rsp { + uint64_t reg_val[10]; + uint8_t rsrc_type; + uint8_t rsrc_id; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_hw_info { + uint8_t num_mcs_blks; /* Number of MCS blocks */ + uint8_t tcam_entries; /* RX/TX Tcam entries per mcs block */ + uint8_t secy_entries; /* RX/TX SECY entries per mcs block */ + uint8_t sc_entries; /* RX/TX SC CAM entries per mcs block */ + uint8_t sa_entries; /* PN table entries = SA entries */ + uint64_t rsvd[16]; +}; + +#define ROC_MCS_CPM_RX_SECTAG_V_EQ1_INT BIT_ULL(0) +#define ROC_MCS_CPM_RX_SECTAG_E_EQ0_C_EQ1_INT BIT_ULL(1) +#define ROC_MCS_CPM_RX_SECTAG_SL_GTE48_INT BIT_ULL(2) +#define ROC_MCS_CPM_RX_SECTAG_ES_EQ1_SC_EQ1_INT BIT_ULL(3) +#define ROC_MCS_CPM_RX_SECTAG_SC_EQ1_SCB_EQ1_INT BIT_ULL(4) +#define ROC_MCS_CPM_RX_PACKET_XPN_EQ0_INT BIT_ULL(5) +#define ROC_MCS_CPM_RX_PN_THRESH_REACHED_INT BIT_ULL(6) +#define ROC_MCS_CPM_TX_PACKET_XPN_EQ0_INT BIT_ULL(7) +#define ROC_MCS_CPM_TX_PN_THRESH_REACHED_INT BIT_ULL(8) +#define ROC_MCS_CPM_TX_SA_NOT_VALID_INT BIT_ULL(9) +#define ROC_MCS_BBE_RX_DFIFO_OVERFLOW_INT BIT_ULL(10) +#define ROC_MCS_BBE_RX_PLFIFO_OVERFLOW_INT BIT_ULL(11) +#define ROC_MCS_BBE_TX_DFIFO_OVERFLOW_INT BIT_ULL(12) +#define ROC_MCS_BBE_TX_PLFIFO_OVERFLOW_INT BIT_ULL(13) +#define ROC_MCS_PAB_RX_CHAN_OVERFLOW_INT BIT_ULL(14) +#define ROC_MCS_PAB_TX_CHAN_OVERFLOW_INT BIT_ULL(15) + +struct roc_mcs_intr_cfg { + uint64_t intr_mask; /* Interrupt enable mask */ + uint8_t mcs_id; +}; + +struct roc_mcs_intr_info { + uint64_t intr_mask; + int sa_id; + uint8_t mcs_id; + uint8_t lmac_id; + uint64_t rsvd[4]; +}; + +struct roc_mcs_set_lmac_mode { + uint8_t mode; /* '1' for internal bypass mode (passthrough), '0' for MCS processing */ + uint8_t lmac_id; + uint8_t mcs_id; + uint64_t rsvd; +}; + +struct roc_mcs_set_active_lmac { + uint32_t lmac_bmap; /* bitmap of active lmac per mcs block */ + uint8_t mcs_id; + uint16_t channel_base; /* MCS channel base */ + uint64_t rsvd; +}; + +struct roc_mcs_stats_req { + uint8_t id; + uint8_t mcs_id; + uint8_t dir; +}; + +struct roc_mcs_flowid_stats { + uint64_t tcam_hit_cnt; +}; + +struct roc_mcs_secy_stats { + uint64_t ctl_pkt_bcast_cnt; + uint64_t ctl_pkt_mcast_cnt; + uint64_t ctl_pkt_ucast_cnt; + uint64_t ctl_octet_cnt; + uint64_t unctl_pkt_bcast_cnt; + uint64_t unctl_pkt_mcast_cnt; + uint64_t unctl_pkt_ucast_cnt; + uint64_t unctl_octet_cnt; + /* Valid only for RX */ + uint64_t octet_decrypted_cnt; + uint64_t octet_validated_cnt; + uint64_t pkt_port_disabled_cnt; + uint64_t pkt_badtag_cnt; + uint64_t pkt_nosa_cnt; + uint64_t pkt_nosaerror_cnt; + uint64_t pkt_tagged_ctl_cnt; + uint64_t pkt_untaged_cnt; + uint64_t pkt_ctl_cnt; /* CN10K-B */ + uint64_t pkt_notag_cnt; /* CNF10K-B */ + /* Valid only for TX */ + uint64_t octet_encrypted_cnt; + uint64_t octet_protected_cnt; + uint64_t pkt_noactivesa_cnt; + uint64_t pkt_toolong_cnt; + uint64_t pkt_untagged_cnt; +}; + +struct roc_mcs_sc_stats { + /* RX */ + uint64_t hit_cnt; + uint64_t pkt_invalid_cnt; + uint64_t pkt_late_cnt; + uint64_t pkt_notvalid_cnt; + uint64_t pkt_unchecked_cnt; + uint64_t pkt_delay_cnt; /* CNF10K-B */ + uint64_t pkt_ok_cnt; /* CNF10K-B */ + uint64_t octet_decrypt_cnt; /* CN10K-B */ + uint64_t octet_validate_cnt; /* CN10K-B */ + /* TX */ + uint64_t pkt_encrypt_cnt; + uint64_t pkt_protected_cnt; + uint64_t octet_encrypt_cnt; /* CN10K-B */ + uint64_t octet_protected_cnt; /* CN10K-B */ +}; + +/* Only for CN10K-B */ +struct roc_mcs_sa_stats { + /* RX */ + uint64_t pkt_invalid_cnt; + uint64_t pkt_nosaerror_cnt; + uint64_t pkt_notvalid_cnt; + uint64_t pkt_ok_cnt; + uint64_t pkt_nosa_cnt; + /* TX */ + uint64_t pkt_encrypt_cnt; + uint64_t pkt_protected_cnt; +}; + +struct roc_mcs_port_stats { + uint64_t tcam_miss_cnt; + uint64_t parser_err_cnt; + uint64_t preempt_err_cnt; /* CNF10K-B */ + uint64_t sectag_insert_err_cnt; +}; + +struct roc_mcs_clear_stats { + uint8_t type; /* FLOWID, SECY, SC, SA, PORT */ + /* type = PORT, If id = FF(invalid) port no is derived from pcifunc */ + uint8_t id; + uint8_t mcs_id; + uint8_t dir; + uint8_t all; /* All resources stats mapped to PF are cleared */ +}; + +enum roc_mcs_event_subtype { + ROC_MCS_SUBEVENT_UNKNOWN, + + /* subevents of ROC_MCS_EVENT_SECTAG_VAL_ERR sectag validation events + * ROC_MCS_EVENT_RX_SECTAG_V_EQ1 + * Validation check: SecTag.TCI.V = 1 + * ROC_MCS_EVENT_RX_SECTAG_E_EQ0_C_EQ1 + * Validation check: SecTag.TCI.E = 0 && SecTag.TCI.C = 1 + * ROC_MCS_EVENT_RX_SECTAG_SL_GTE48 + * Validation check: SecTag.SL >= 'd48 + * ROC_MCS_EVENT_RX_SECTAG_ES_EQ1_SC_EQ1 + * Validation check: SecTag.TCI.ES = 1 && SecTag.TCI.SC = 1 + * ROC_MCS_EVENT_RX_SECTAG_SC_EQ1_SCB_EQ1 + * Validation check: SecTag.TCI.SC = 1 && SecTag.TCI.SCB = 1 + */ + ROC_MCS_EVENT_RX_SECTAG_V_EQ1, + ROC_MCS_EVENT_RX_SECTAG_E_EQ0_C_EQ1, + ROC_MCS_EVENT_RX_SECTAG_SL_GTE48, + ROC_MCS_EVENT_RX_SECTAG_ES_EQ1_SC_EQ1, + ROC_MCS_EVENT_RX_SECTAG_SC_EQ1_SCB_EQ1, + + /* subevents of ROC_MCS_EVENT_FIFO_OVERFLOW error event + * ROC_MCS_EVENT_DATA_FIFO_OVERFLOW: + * Notifies data FIFO overflow fatal error in BBE unit. + * ROC_MCS_EVENT_POLICY_FIFO_OVERFLOW + * Notifies policy FIFO overflow fatal error in BBE unit. + * ROC_MCS_EVENT_PKT_ASSM_FIFO_OVERFLOW, + * Notifies output FIFO overflow fatal error in PAB unit. + */ + ROC_MCS_EVENT_DATA_FIFO_OVERFLOW, + ROC_MCS_EVENT_POLICY_FIFO_OVERFLOW, + ROC_MCS_EVENT_PKT_ASSM_FIFO_OVERFLOW, +}; + +enum roc_mcs_event_type { + ROC_MCS_EVENT_UNKNOWN, + + /* Notifies BBE_INT_DFIFO/PLFIFO_OVERFLOW or PAB_INT_OVERFLOW + * interrupts, it's a fatal error that causes packet corruption. + */ + ROC_MCS_EVENT_FIFO_OVERFLOW, + + /* Notifies CPM_RX_SECTAG_X validation error interrupt */ + ROC_MCS_EVENT_SECTAG_VAL_ERR, + /* Notifies CPM_RX_PACKET_XPN_EQ0 (SecTag.PN == 0 in ingress) interrupt */ + ROC_MCS_EVENT_RX_SA_PN_HARD_EXP, + /* Notifies CPM_RX_PN_THRESH_REACHED interrupt */ + ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP, + /* Notifies CPM_TX_PACKET_XPN_EQ0 (PN wrapped in egress) interrupt */ + ROC_MCS_EVENT_TX_SA_PN_HARD_EXP, + /* Notifies CPM_TX_PN_THRESH_REACHED interrupt */ + ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP, + /* Notifies CPM_TX_SA_NOT_VALID interrupt */ + ROC_MCS_EVENT_SA_NOT_VALID, +}; + +union roc_mcs_event_data { + /* Valid for below events + * - ROC_MCS_EVENT_RX_SA_PN_SOFT_EXP + * - ROC_MCS_EVENT_TX_SA_PN_SOFT_EXP + */ + struct { + uint8_t secy_idx; + uint8_t sc_idx; + uint8_t sa_idx; + uint8_t lmac_id; + }; +}; + +struct roc_mcs_event_desc { + enum roc_mcs_event_type type; + enum roc_mcs_event_subtype subtype; + union roc_mcs_event_data metadata; +}; + +/** User application callback to be registered for any notifications from + * driver. */ +typedef int (*roc_mcs_dev_cb_fn)(void *userdata, struct roc_mcs_event_desc *desc, void *cb_arg); + +struct roc_mcs { + TAILQ_ENTRY(roc_mcs) next; + struct plt_pci_device *pci_dev; + struct mbox *mbox; + void *userdata; + uint8_t idx; + +#define ROC_MCS_MEM_SZ (1 * 1024) + uint8_t reserved[ROC_MCS_MEM_SZ] __plt_cache_aligned; +} __plt_cache_aligned; + +/* Initialization */ +__roc_api struct roc_mcs *roc_mcs_dev_init(uint8_t mcs_idx); +__roc_api void roc_mcs_dev_fini(struct roc_mcs *mcs); +/* Get roc mcs dev structure */ +__roc_api struct roc_mcs *roc_mcs_dev_get(uint8_t mcs_idx); +/* HW info get */ +__roc_api int roc_mcs_hw_info_get(struct roc_mcs_hw_info *hw_info); +/* Active lmac bmap set */ +__roc_api int roc_mcs_active_lmac_set(struct roc_mcs *mcs, struct roc_mcs_set_active_lmac *lmac); +/* Port bypass mode set */ +__roc_api int roc_mcs_lmac_mode_set(struct roc_mcs *mcs, struct roc_mcs_set_lmac_mode *port); + +/* Resource allocation and free */ +__roc_api int roc_mcs_alloc_rsrc(struct roc_mcs *mcs, struct roc_mcs_alloc_rsrc_req *req, + struct roc_mcs_alloc_rsrc_rsp *rsp); +__roc_api int roc_mcs_free_rsrc(struct roc_mcs *mcs, struct roc_mcs_free_rsrc_req *req); +/* SA policy read and write */ +__roc_api int roc_mcs_sa_policy_write(struct roc_mcs *mcs, + struct roc_mcs_sa_plcy_write_req *sa_plcy); +__roc_api int roc_mcs_sa_policy_read(struct roc_mcs *mcs, + struct roc_mcs_sa_plcy_write_req *sa_plcy); +/* PN Table read and write */ +__roc_api int roc_mcs_pn_table_write(struct roc_mcs *mcs, + struct roc_mcs_pn_table_write_req *pn_table); +__roc_api int roc_mcs_pn_table_read(struct roc_mcs *mcs, + struct roc_mcs_pn_table_write_req *pn_table); +/* RX SC read, write and enable */ +__roc_api int roc_mcs_rx_sc_cam_write(struct roc_mcs *mcs, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam); +__roc_api int roc_mcs_rx_sc_cam_read(struct roc_mcs *mcs, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam); +__roc_api int roc_mcs_rx_sc_cam_enable(struct roc_mcs *mcs, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam); +/* SECY policy read and write */ +__roc_api int roc_mcs_secy_policy_write(struct roc_mcs *mcs, + struct roc_mcs_secy_plcy_write_req *secy_plcy); +__roc_api int roc_mcs_secy_policy_read(struct roc_mcs *mcs, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam); +/* RX SC-SA MAP read and write */ +__roc_api int roc_mcs_rx_sc_sa_map_write(struct roc_mcs *mcs, + struct roc_mcs_rx_sc_sa_map *rx_sc_sa_map); +__roc_api int roc_mcs_rx_sc_sa_map_read(struct roc_mcs *mcs, + struct roc_mcs_rx_sc_sa_map *rx_sc_sa_map); +/* TX SC-SA MAP read and write */ +__roc_api int roc_mcs_tx_sc_sa_map_write(struct roc_mcs *mcs, + struct roc_mcs_tx_sc_sa_map *tx_sc_sa_map); +__roc_api int roc_mcs_tx_sc_sa_map_read(struct roc_mcs *mcs, + struct roc_mcs_tx_sc_sa_map *tx_sc_sa_map); +/* Flow entry read, write and enable */ +__roc_api int roc_mcs_flowid_entry_write(struct roc_mcs *mcs, + struct roc_mcs_flowid_entry_write_req *flowid_req); +__roc_api int roc_mcs_flowid_entry_read(struct roc_mcs *mcs, + struct roc_mcs_flowid_entry_write_req *flowid_rsp); +__roc_api int roc_mcs_flowid_entry_enable(struct roc_mcs *mcs, + struct roc_mcs_flowid_ena_dis_entry *entry); + +/* Flow id stats get */ +__roc_api int roc_mcs_flowid_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_flowid_stats *stats); +/* Secy stats get */ +__roc_api int roc_mcs_secy_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_secy_stats *stats); +/* SC stats get */ +__roc_api int roc_mcs_sc_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_sc_stats *stats); +/* SA stats get */ +__roc_api int roc_mcs_sa_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_sa_stats *stats); +/* Port stats get */ +__roc_api int roc_mcs_port_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_port_stats *stats); +/* Clear stats */ +__roc_api int roc_mcs_stats_clear(struct roc_mcs *mcs, struct roc_mcs_clear_stats *mcs_req); + +/* Register user callback routines */ +__roc_api int roc_mcs_event_cb_register(struct roc_mcs *mcs, enum roc_mcs_event_type event, + roc_mcs_dev_cb_fn cb_fn, void *cb_arg, void *userdata); +/* Unregister user callback routines */ +__roc_api int roc_mcs_event_cb_unregister(struct roc_mcs *mcs, enum roc_mcs_event_type event); + +/* Configure interrupts */ +__roc_api int roc_mcs_intr_configure(struct roc_mcs *mcs, struct roc_mcs_intr_cfg *config); +#endif /* _ROC_MCS_H_ */ diff --git a/drivers/common/cnxk/roc_mcs_priv.h b/drivers/common/cnxk/roc_mcs_priv.h new file mode 100644 index 0000000000..c5199d3722 --- /dev/null +++ b/drivers/common/cnxk/roc_mcs_priv.h @@ -0,0 +1,52 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#ifndef _ROC_MCS_PRIV_H_ +#define _ROC_MCS_PRIV_H_ + +enum mcs_error_status { + MCS_ERR_PARAM = -900, + MCS_ERR_HW_NOTSUP = -901, + MCS_ERR_DEVICE_NOT_FOUND = -902, +}; + +#define MCS_SUPPORT_CHECK \ + do { \ + if (!(roc_model_is_cnf10kb() || roc_model_is_cn10kb_a0())) \ + return MCS_ERR_HW_NOTSUP; \ + } while (0) + +struct mcs_priv { + struct plt_bitmap *tcam_bmap; + void *tcam_bmap_mem; + struct plt_bitmap *secy_bmap; + void *secy_bmap_mem; + struct plt_bitmap *sc_bmap; + void *sc_bmap_mem; + struct plt_bitmap *sa_bmap; + void *sa_bmap_mem; + uint64_t default_sci; + uint32_t lmac_bmap; + uint8_t num_mcs_blks; + uint8_t tcam_entries; + uint8_t secy_entries; + uint8_t sc_entries; + uint8_t sa_entries; +}; + +static inline struct mcs_priv * +roc_mcs_to_mcs_priv(struct roc_mcs *roc_mcs) +{ + return (struct mcs_priv *)&roc_mcs->reserved[0]; +} + +static inline void * +roc_mcs_to_mcs_cb_list(struct roc_mcs *roc_mcs) +{ + return (void *)((uintptr_t)roc_mcs->reserved + sizeof(struct mcs_priv)); +} + +int mcs_event_cb_process(struct roc_mcs *mcs, struct roc_mcs_event_desc *desc); + +#endif /* _ROC_MCS_PRIV_H_ */ diff --git a/drivers/common/cnxk/roc_mcs_sec_cfg.c b/drivers/common/cnxk/roc_mcs_sec_cfg.c new file mode 100644 index 0000000000..fabc174308 --- /dev/null +++ b/drivers/common/cnxk/roc_mcs_sec_cfg.c @@ -0,0 +1,425 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#include "roc_api.h" +#include "roc_priv.h" + +int +roc_mcs_alloc_rsrc(struct roc_mcs *mcs, struct roc_mcs_alloc_rsrc_req *req, + struct roc_mcs_alloc_rsrc_rsp *rsp) +{ + struct mcs_priv *priv = roc_mcs_to_mcs_priv(mcs); + struct mcs_alloc_rsrc_req *rsrc_req; + struct mcs_alloc_rsrc_rsp *rsrc_rsp; + int rc, i; + + MCS_SUPPORT_CHECK; + + if (req == NULL || rsp == NULL) + return -EINVAL; + + rsrc_req = mbox_alloc_msg_mcs_alloc_resources(mcs->mbox); + if (rsrc_req == NULL) + return -ENOMEM; + + rsrc_req->rsrc_type = req->rsrc_type; + rsrc_req->rsrc_cnt = req->rsrc_cnt; + rsrc_req->mcs_id = req->mcs_id; + rsrc_req->dir = req->dir; + rsrc_req->all = req->all; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsrc_rsp); + if (rc) + return rc; + + if (rsrc_rsp->all) { + rsrc_rsp->rsrc_cnt = 1; + rsrc_rsp->rsrc_type = 0xFF; + } + + for (i = 0; i < rsrc_rsp->rsrc_cnt; i++) { + switch (rsrc_rsp->rsrc_type) { + case MCS_RSRC_TYPE_FLOWID: + rsp->flow_ids[i] = rsrc_rsp->flow_ids[i]; + plt_bitmap_set(priv->tcam_bmap, + rsp->flow_ids[i] + + ((req->dir == MCS_TX) ? priv->tcam_entries : 0)); + break; + case MCS_RSRC_TYPE_SECY: + rsp->secy_ids[i] = rsrc_rsp->secy_ids[i]; + plt_bitmap_set(priv->secy_bmap, + rsp->secy_ids[i] + + ((req->dir == MCS_TX) ? priv->secy_entries : 0)); + break; + case MCS_RSRC_TYPE_SC: + rsp->sc_ids[i] = rsrc_rsp->sc_ids[i]; + plt_bitmap_set(priv->sc_bmap, + rsp->sc_ids[i] + + ((req->dir == MCS_TX) ? priv->sc_entries : 0)); + break; + case MCS_RSRC_TYPE_SA: + rsp->sa_ids[2 * i] = rsrc_rsp->sa_ids[2 * i]; + rsp->sa_ids[2 * i + 1] = rsrc_rsp->sa_ids[2 * i + 1]; + plt_bitmap_set(priv->sa_bmap, + rsp->sa_ids[i] + + ((req->dir == MCS_TX) ? priv->sa_entries : 0)); + plt_bitmap_set(priv->sa_bmap, + rsp->sa_ids[2 * i + 1] + + ((req->dir == MCS_TX) ? priv->sa_entries : 0)); + break; + default: + rsp->flow_ids[i] = rsrc_rsp->flow_ids[i]; + rsp->secy_ids[i] = rsrc_rsp->secy_ids[i]; + rsp->sc_ids[i] = rsrc_rsp->sc_ids[i]; + rsp->sa_ids[2 * i] = rsrc_rsp->sa_ids[2 * i]; + rsp->sa_ids[2 * i + 1] = rsrc_rsp->sa_ids[2 * i + 1]; + plt_bitmap_set(priv->tcam_bmap, + rsp->flow_ids[i] + + ((req->dir == MCS_TX) ? priv->tcam_entries : 0)); + plt_bitmap_set(priv->secy_bmap, + rsp->secy_ids[i] + + ((req->dir == MCS_TX) ? priv->secy_entries : 0)); + plt_bitmap_set(priv->sc_bmap, + rsp->sc_ids[i] + + ((req->dir == MCS_TX) ? priv->sc_entries : 0)); + plt_bitmap_set(priv->sa_bmap, + rsp->sa_ids[i] + + ((req->dir == MCS_TX) ? priv->sa_entries : 0)); + plt_bitmap_set(priv->sa_bmap, + rsp->sa_ids[2 * i + 1] + + ((req->dir == MCS_TX) ? priv->sa_entries : 0)); + break; + } + } + rsp->rsrc_type = rsrc_rsp->rsrc_type; + rsp->rsrc_cnt = rsrc_rsp->rsrc_cnt; + rsp->mcs_id = rsrc_rsp->mcs_id; + rsp->dir = rsrc_rsp->dir; + rsp->all = rsrc_rsp->all; + + return 0; +} + +int +roc_mcs_free_rsrc(struct roc_mcs *mcs, struct roc_mcs_free_rsrc_req *free_req) +{ + struct mcs_priv *priv = roc_mcs_to_mcs_priv(mcs); + struct mcs_free_rsrc_req *req; + struct msg_rsp *rsp; + int rc; + + MCS_SUPPORT_CHECK; + + if (free_req == NULL) + return -EINVAL; + + req = mbox_alloc_msg_mcs_free_resources(mcs->mbox); + if (req == NULL) + return -ENOMEM; + + req->rsrc_id = free_req->rsrc_id; + req->rsrc_type = free_req->rsrc_type; + req->mcs_id = free_req->mcs_id; + req->dir = free_req->dir; + req->all = free_req->all; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsp); + if (rc) + return rc; + + switch (free_req->rsrc_type) { + case MCS_RSRC_TYPE_FLOWID: + plt_bitmap_clear(priv->tcam_bmap, + free_req->rsrc_id + + ((req->dir == MCS_TX) ? priv->tcam_entries : 0)); + break; + case MCS_RSRC_TYPE_SECY: + plt_bitmap_clear(priv->secy_bmap, + free_req->rsrc_id + + ((req->dir == MCS_TX) ? priv->secy_entries : 0)); + break; + case MCS_RSRC_TYPE_SC: + plt_bitmap_clear(priv->sc_bmap, + free_req->rsrc_id + ((req->dir == MCS_TX) ? priv->sc_entries : 0)); + break; + case MCS_RSRC_TYPE_SA: + plt_bitmap_clear(priv->sa_bmap, + free_req->rsrc_id + ((req->dir == MCS_TX) ? priv->sa_entries : 0)); + break; + default: + break; + } + + return rc; +} + +int +roc_mcs_sa_policy_write(struct roc_mcs *mcs, struct roc_mcs_sa_plcy_write_req *sa_plcy) +{ + struct mcs_sa_plcy_write_req *sa; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (sa_plcy == NULL) + return -EINVAL; + + sa = mbox_alloc_msg_mcs_sa_plcy_write(mcs->mbox); + if (sa == NULL) + return -ENOMEM; + + mbox_memcpy(sa->plcy, sa_plcy->plcy, sizeof(uint64_t) * 2 * 9); + sa->sa_index[0] = sa_plcy->sa_index[0]; + sa->sa_index[1] = sa_plcy->sa_index[1]; + sa->sa_cnt = sa_plcy->sa_cnt; + sa->mcs_id = sa_plcy->mcs_id; + sa->dir = sa_plcy->dir; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_sa_policy_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_sa_plcy_write_req *sa __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_pn_table_write(struct roc_mcs *mcs, struct roc_mcs_pn_table_write_req *pn_table) +{ + struct mcs_pn_table_write_req *pn; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (pn_table == NULL) + return -EINVAL; + + pn = mbox_alloc_msg_mcs_pn_table_write(mcs->mbox); + if (pn == NULL) + return -ENOMEM; + + pn->next_pn = pn_table->next_pn; + pn->pn_id = pn_table->pn_id; + pn->mcs_id = pn_table->mcs_id; + pn->dir = pn_table->dir; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_pn_table_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_pn_table_write_req *sa __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_rx_sc_cam_write(struct roc_mcs *mcs, struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam) +{ + struct mcs_rx_sc_cam_write_req *rx_sc; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (rx_sc_cam == NULL) + return -EINVAL; + + rx_sc = mbox_alloc_msg_mcs_rx_sc_cam_write(mcs->mbox); + if (rx_sc == NULL) + return -ENOMEM; + + rx_sc->sci = rx_sc_cam->sci; + rx_sc->secy_id = rx_sc_cam->secy_id; + rx_sc->sc_id = rx_sc_cam->sc_id; + rx_sc->mcs_id = rx_sc_cam->mcs_id; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_rx_sc_cam_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_rx_sc_cam_enable(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_secy_policy_write(struct roc_mcs *mcs, struct roc_mcs_secy_plcy_write_req *secy_plcy) +{ + struct mcs_secy_plcy_write_req *secy; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (secy_plcy == NULL) + return -EINVAL; + + secy = mbox_alloc_msg_mcs_secy_plcy_write(mcs->mbox); + if (secy == NULL) + return -ENOMEM; + + secy->plcy = secy_plcy->plcy; + secy->secy_id = secy_plcy->secy_id; + secy->mcs_id = secy_plcy->mcs_id; + secy->dir = secy_plcy->dir; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_secy_policy_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_rx_sc_cam_write_req *rx_sc_cam __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_rx_sc_sa_map_write(struct roc_mcs *mcs, struct roc_mcs_rx_sc_sa_map *rx_sc_sa_map) +{ + struct mcs_rx_sc_sa_map *sa_map; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (rx_sc_sa_map == NULL) + return -EINVAL; + + sa_map = mbox_alloc_msg_mcs_rx_sc_sa_map_write(mcs->mbox); + if (sa_map == NULL) + return -ENOMEM; + + sa_map->sa_index = rx_sc_sa_map->sa_index; + sa_map->sa_in_use = rx_sc_sa_map->sa_in_use; + sa_map->sc_id = rx_sc_sa_map->sc_id; + sa_map->an = rx_sc_sa_map->an; + sa_map->mcs_id = rx_sc_sa_map->mcs_id; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_rx_sc_sa_map_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_rx_sc_sa_map *rx_sc_sa_map __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_tx_sc_sa_map_write(struct roc_mcs *mcs, struct roc_mcs_tx_sc_sa_map *tx_sc_sa_map) +{ + struct mcs_tx_sc_sa_map *sa_map; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (tx_sc_sa_map == NULL) + return -EINVAL; + + sa_map = mbox_alloc_msg_mcs_tx_sc_sa_map_write(mcs->mbox); + if (sa_map == NULL) + return -ENOMEM; + + sa_map->sa_index0 = tx_sc_sa_map->sa_index0; + sa_map->sa_index1 = tx_sc_sa_map->sa_index1; + sa_map->rekey_ena = tx_sc_sa_map->rekey_ena; + sa_map->sa_index0_vld = tx_sc_sa_map->sa_index0_vld; + sa_map->sa_index1_vld = tx_sc_sa_map->sa_index1_vld; + sa_map->tx_sa_active = tx_sc_sa_map->tx_sa_active; + sa_map->sectag_sci = tx_sc_sa_map->sectag_sci; + sa_map->sc_id = tx_sc_sa_map->sc_id; + sa_map->mcs_id = tx_sc_sa_map->mcs_id; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_tx_sc_sa_map_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_tx_sc_sa_map *tx_sc_sa_map __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_flowid_entry_write(struct roc_mcs *mcs, struct roc_mcs_flowid_entry_write_req *flowid_req) +{ + struct mcs_flowid_entry_write_req *flow_req; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (flowid_req == NULL) + return -EINVAL; + + flow_req = mbox_alloc_msg_mcs_flowid_entry_write(mcs->mbox); + if (flow_req == NULL) + return -ENOMEM; + + mbox_memcpy(flow_req->data, flowid_req->data, sizeof(uint64_t) * 4); + mbox_memcpy(flow_req->mask, flowid_req->mask, sizeof(uint64_t) * 4); + flow_req->sci = flowid_req->sci; + flow_req->flow_id = flowid_req->flow_id; + flow_req->secy_id = flowid_req->secy_id; + flow_req->sc_id = flowid_req->sc_id; + flow_req->ena = flowid_req->ena; + flow_req->ctr_pkt = flowid_req->ctr_pkt; + flow_req->mcs_id = flowid_req->mcs_id; + flow_req->dir = flowid_req->dir; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} + +int +roc_mcs_flowid_entry_read(struct roc_mcs *mcs __plt_unused, + struct roc_mcs_flowid_entry_write_req *flowid_rsp __plt_unused) +{ + MCS_SUPPORT_CHECK; + + return -ENOTSUP; +} + +int +roc_mcs_flowid_entry_enable(struct roc_mcs *mcs, struct roc_mcs_flowid_ena_dis_entry *entry) +{ + struct mcs_flowid_ena_dis_entry *flow_entry; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (entry == NULL) + return -EINVAL; + + flow_entry = mbox_alloc_msg_mcs_flowid_ena_entry(mcs->mbox); + if (flow_entry == NULL) + return -ENOMEM; + + flow_entry->flow_id = entry->flow_id; + flow_entry->ena = entry->ena; + flow_entry->mcs_id = entry->mcs_id; + flow_entry->dir = entry->dir; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} diff --git a/drivers/common/cnxk/roc_mcs_stats.c b/drivers/common/cnxk/roc_mcs_stats.c new file mode 100644 index 0000000000..bd65826611 --- /dev/null +++ b/drivers/common/cnxk/roc_mcs_stats.c @@ -0,0 +1,230 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#include "roc_api.h" +#include "roc_priv.h" + +int +roc_mcs_flowid_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_flowid_stats *stats) +{ + struct mcs_flowid_stats *rsp; + struct mcs_stats_req *req; + int rc; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_get_flowid_stats(mcs->mbox); + if (req == NULL) + return -ENOSPC; + + req->id = mcs_req->id; + req->mcs_id = mcs_req->mcs_id; + req->dir = mcs_req->dir; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsp); + if (rc) + return rc; + + stats->tcam_hit_cnt = rsp->tcam_hit_cnt; + + return rc; +} + +int +roc_mcs_secy_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_secy_stats *stats) +{ + struct mcs_secy_stats *rsp; + struct mcs_stats_req *req; + int rc; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_get_secy_stats(mcs->mbox); + if (req == NULL) + return -ENOSPC; + + req->id = mcs_req->id; + req->mcs_id = mcs_req->mcs_id; + req->dir = mcs_req->dir; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsp); + if (rc) + return rc; + + stats->ctl_pkt_bcast_cnt = rsp->ctl_pkt_bcast_cnt; + stats->ctl_pkt_mcast_cnt = rsp->ctl_pkt_mcast_cnt; + stats->ctl_pkt_ucast_cnt = rsp->ctl_pkt_ucast_cnt; + stats->ctl_octet_cnt = rsp->ctl_octet_cnt; + stats->unctl_pkt_bcast_cnt = rsp->unctl_pkt_bcast_cnt; + stats->unctl_pkt_mcast_cnt = rsp->unctl_pkt_mcast_cnt; + stats->unctl_pkt_ucast_cnt = rsp->unctl_pkt_ucast_cnt; + stats->unctl_octet_cnt = rsp->unctl_octet_cnt; + + if (mcs_req->dir == MCS_RX) { + stats->octet_decrypted_cnt = rsp->octet_decrypted_cnt; + stats->octet_validated_cnt = rsp->octet_validated_cnt; + stats->pkt_port_disabled_cnt = rsp->pkt_port_disabled_cnt; + stats->pkt_badtag_cnt = rsp->pkt_badtag_cnt; + stats->pkt_nosa_cnt = rsp->pkt_nosa_cnt; + stats->pkt_nosaerror_cnt = rsp->pkt_nosaerror_cnt; + stats->pkt_tagged_ctl_cnt = rsp->pkt_tagged_ctl_cnt; + stats->pkt_untaged_cnt = rsp->pkt_untaged_cnt; + if (roc_model_is_cn10kb_a0()) + /* CN10K-B */ + stats->pkt_ctl_cnt = rsp->pkt_ctl_cnt; + else + /* CNF10K-B */ + stats->pkt_notag_cnt = rsp->pkt_notag_cnt; + } else { + stats->octet_encrypted_cnt = rsp->octet_encrypted_cnt; + stats->octet_protected_cnt = rsp->octet_protected_cnt; + stats->pkt_noactivesa_cnt = rsp->pkt_noactivesa_cnt; + stats->pkt_toolong_cnt = rsp->pkt_toolong_cnt; + stats->pkt_untagged_cnt = rsp->pkt_untagged_cnt; + } + + return rc; +} + +int +roc_mcs_sc_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_sc_stats *stats) +{ + struct mcs_stats_req *req; + struct mcs_sc_stats *rsp; + int rc; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_get_sc_stats(mcs->mbox); + if (req == NULL) + return -ENOSPC; + + req->id = mcs_req->id; + req->mcs_id = mcs_req->mcs_id; + req->dir = mcs_req->dir; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsp); + if (rc) + return rc; + + if (mcs_req->dir == MCS_RX) { + stats->hit_cnt = rsp->hit_cnt; + stats->pkt_invalid_cnt = rsp->pkt_invalid_cnt; + stats->pkt_late_cnt = rsp->pkt_late_cnt; + stats->pkt_notvalid_cnt = rsp->pkt_notvalid_cnt; + stats->pkt_unchecked_cnt = rsp->pkt_unchecked_cnt; + if (roc_model_is_cn10kb_a0()) { + stats->octet_decrypt_cnt = rsp->octet_decrypt_cnt; + stats->octet_validate_cnt = rsp->octet_validate_cnt; + } else { + stats->pkt_delay_cnt = rsp->pkt_delay_cnt; + stats->pkt_ok_cnt = rsp->pkt_ok_cnt; + } + } else { + stats->pkt_encrypt_cnt = rsp->pkt_encrypt_cnt; + stats->pkt_protected_cnt = rsp->pkt_protected_cnt; + if (roc_model_is_cn10kb_a0()) { + stats->octet_encrypt_cnt = rsp->octet_encrypt_cnt; + stats->octet_protected_cnt = rsp->octet_protected_cnt; + } + } + + return rc; +} + +int +roc_mcs_sa_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_sa_stats *stats) +{ + struct mcs_stats_req *req; + struct mcs_sa_stats *rsp; + int rc; + + if (!roc_model_is_cn10kb_a0()) + return MCS_ERR_HW_NOTSUP; + + req = mbox_alloc_msg_mcs_get_sa_stats(mcs->mbox); + if (req == NULL) + return -ENOSPC; + + req->id = mcs_req->id; + req->mcs_id = mcs_req->mcs_id; + req->dir = mcs_req->dir; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsp); + if (rc) + return rc; + + if (mcs_req->dir == MCS_RX) { + stats->pkt_invalid_cnt = rsp->pkt_invalid_cnt; + stats->pkt_nosaerror_cnt = rsp->pkt_nosaerror_cnt; + stats->pkt_notvalid_cnt = rsp->pkt_notvalid_cnt; + stats->pkt_ok_cnt = rsp->pkt_ok_cnt; + stats->pkt_nosa_cnt = rsp->pkt_nosa_cnt; + } else { + stats->pkt_encrypt_cnt = rsp->pkt_encrypt_cnt; + stats->pkt_protected_cnt = rsp->pkt_protected_cnt; + } + + return rc; +} + +int +roc_mcs_port_stats_get(struct roc_mcs *mcs, struct roc_mcs_stats_req *mcs_req, + struct roc_mcs_port_stats *stats) +{ + struct mcs_port_stats *rsp; + struct mcs_stats_req *req; + int rc; + + MCS_SUPPORT_CHECK; + + req = mbox_alloc_msg_mcs_get_port_stats(mcs->mbox); + if (req == NULL) + return -ENOSPC; + + req->id = mcs_req->id; + req->mcs_id = mcs_req->mcs_id; + req->dir = mcs_req->dir; + + rc = mbox_process_msg(mcs->mbox, (void *)&rsp); + if (rc) + return rc; + + stats->tcam_miss_cnt = rsp->tcam_miss_cnt; + stats->parser_err_cnt = rsp->parser_err_cnt; + if (roc_model_is_cnf10kb()) + stats->preempt_err_cnt = rsp->preempt_err_cnt; + + stats->sectag_insert_err_cnt = rsp->sectag_insert_err_cnt; + + return rc; +} + +int +roc_mcs_stats_clear(struct roc_mcs *mcs, struct roc_mcs_clear_stats *mcs_req) +{ + struct mcs_clear_stats *req; + struct msg_rsp *rsp; + + MCS_SUPPORT_CHECK; + + if (!roc_model_is_cn10kb_a0() && mcs_req->type == MCS_SA_STATS) + return MCS_ERR_HW_NOTSUP; + + req = mbox_alloc_msg_mcs_clear_stats(mcs->mbox); + if (req == NULL) + return -ENOSPC; + + req->type = mcs_req->type; + req->id = mcs_req->id; + req->mcs_id = mcs_req->mcs_id; + req->dir = mcs_req->dir; + req->all = mcs_req->all; + + return mbox_process_msg(mcs->mbox, (void *)&rsp); +} diff --git a/drivers/common/cnxk/roc_priv.h b/drivers/common/cnxk/roc_priv.h index 122d411fe7..b2b4aecedc 100644 --- a/drivers/common/cnxk/roc_priv.h +++ b/drivers/common/cnxk/roc_priv.h @@ -44,6 +44,9 @@ /* DPI */ #include "roc_dpi_priv.h" +/* MCS */ +#include "roc_mcs_priv.h" + /* REE */ #include "roc_ree_priv.h" diff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map index 276fec3660..5cdc70e0e0 100644 --- a/drivers/common/cnxk/version.map +++ b/drivers/common/cnxk/version.map @@ -99,6 +99,39 @@ INTERNAL { roc_model; roc_se_auth_key_set; roc_se_ciph_key_set; + roc_mcs_active_lmac_set; + roc_mcs_alloc_rsrc; + roc_mcs_dev_init; + roc_mcs_dev_fini; + roc_mcs_dev_get; + roc_mcs_event_cb_register; + roc_mcs_event_cb_unregister; + roc_mcs_flowid_entry_enable; + roc_mcs_flowid_entry_read; + roc_mcs_flowid_entry_write; + roc_mcs_flowid_stats_get; + roc_mcs_free_rsrc; + roc_mcs_hw_info_get; + roc_mcs_intr_configure; + roc_mcs_lmac_mode_set; + roc_mcs_pn_table_write; + roc_mcs_pn_table_read; + roc_mcs_port_stats_get; + roc_mcs_rx_sc_cam_enable; + roc_mcs_rx_sc_cam_read; + roc_mcs_rx_sc_cam_write; + roc_mcs_rx_sc_sa_map_read; + roc_mcs_rx_sc_sa_map_write; + roc_mcs_sa_policy_read; + roc_mcs_sa_policy_write; + roc_mcs_sa_stats_get; + roc_mcs_sc_stats_get; + roc_mcs_secy_policy_read; + roc_mcs_secy_policy_write; + roc_mcs_secy_stats_get; + roc_mcs_stats_clear; + roc_mcs_tx_sc_sa_map_read; + roc_mcs_tx_sc_sa_map_write; roc_nix_bpf_alloc; roc_nix_bpf_config; roc_nix_bpf_connect; From patchwork Wed Sep 28 12:45:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 117053 X-Patchwork-Delegate: jerinj@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A851CA00C4; Wed, 28 Sep 2022 14:46:03 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DF53C42825; Wed, 28 Sep 2022 14:45:57 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id AAF0F4113C for ; Wed, 28 Sep 2022 14:45:54 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA4cpY003076; Wed, 28 Sep 2022 05:45:53 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=58/O1mcwTDicOvDIlhmklHYq1AvzXWa785ByM9CWvns=; b=MMmFzqW8nNbZybH5/zgSb9J4J2AJGqdkVzKTCmaRPPPRhB/ewe0hd/X++XM7u9INRk2A NgarPHXJ727BbfSDqcgcGTEGcG5YoUdQOyS9MzUVag7HMsCaunN4X/qLqXEVEsojck47 71OddDQ8LUziOdv7yTF50sWwsbsOfUQMrG2plXXlIkzymOpxmln/Eor0EJagGu7tLalH 5Go8yba3z0S3hBeKgtSZ6Ro2U6pk0+YgoLYRfG1xVAiUkhx6yrSlUA/zcCSsJYINDBJc MmnRtEjsrU/mBU1a9a9Hlkqk091v0LKTHu2mU+9Bur1gQTs0+mVqJk4Ef0lJgGZoo5Gf 8w== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jvjkk8skd-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:45:51 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 28 Sep 2022 05:45:34 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Wed, 28 Sep 2022 05:45:34 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 304A53F7080; Wed, 28 Sep 2022 05:45:29 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH 2/5] common/cnxk: derive hash key for MACsec Date: Wed, 28 Sep 2022 18:15:13 +0530 Message-ID: <20220928124516.93050-3-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220928124516.93050-1-gakhil@marvell.com> References: <20220928122253.23108-4-gakhil@marvell.com> <20220928124516.93050-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: 6hwHOgjpzNrSNPQGNDK474LidMphZfDw X-Proofpoint-ORIG-GUID: 6hwHOgjpzNrSNPQGNDK474LidMphZfDw X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_06,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Signed-off-by: Akhil Goyal --- drivers/common/cnxk/roc_aes.c | 17 +++++++++++++++++ drivers/common/cnxk/roc_aes.h | 2 ++ drivers/common/cnxk/version.map | 1 + 3 files changed, 20 insertions(+) diff --git a/drivers/common/cnxk/roc_aes.c b/drivers/common/cnxk/roc_aes.c index f821c8b710..f69ecc1d58 100644 --- a/drivers/common/cnxk/roc_aes.c +++ b/drivers/common/cnxk/roc_aes.c @@ -206,3 +206,20 @@ roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key) cipher(k3, derived_key, aes_ks); } + +void +roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t hash_key[]) +{ + uint32_t aes_ks[KEY_SCHEDULE_LEN] = {0}; + uint8_t data[16] = {0x0}; + int i; + + if (len == 16) { + aes_key_expand(key, aes_ks); + cipher(data, hash_key, aes_ks); + for (i = 0; i < 16; i++) + plt_info(" 0x%x", hash_key[i]); + } else { + plt_err("\n AES-256 key conversion not supported"); + } +} diff --git a/drivers/common/cnxk/roc_aes.h b/drivers/common/cnxk/roc_aes.h index 954039139f..e3f6160e7c 100644 --- a/drivers/common/cnxk/roc_aes.h +++ b/drivers/common/cnxk/roc_aes.h @@ -10,5 +10,7 @@ */ void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key); +void __roc_api roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, + uint8_t *hash_key); #endif /* _ROC_AES_H_ */ diff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map index 5cdc70e0e0..38bf832388 100644 --- a/drivers/common/cnxk/version.map +++ b/drivers/common/cnxk/version.map @@ -29,6 +29,7 @@ INTERNAL { roc_ae_ec_grp_put; roc_ae_fpm_get; roc_ae_fpm_put; + roc_aes_hash_key_derive; roc_aes_xcbc_key_derive; roc_bphy_cgx_cpri_mode_change; roc_bphy_cgx_cpri_mode_misc; From patchwork Wed Sep 28 12:45:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 117055 X-Patchwork-Delegate: jerinj@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 717D4A00C4; Wed, 28 Sep 2022 14:46:17 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7B01942B6C; Wed, 28 Sep 2022 14:45:59 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 820B64113C for ; Wed, 28 Sep 2022 14:45:55 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA4cpZ003076; Wed, 28 Sep 2022 05:45:53 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=vkDMsPEoOIG2oyZqUDRdK4plrTZ62FKD3cxPMuDtOsw=; b=ieJtj46bsY2DWuTglpSnPmTqTOzmgRFKnWfa6+YMvPW2sQ4Yirh5H64fsxeKanWVLi0w Z+H8RZO++6XaLgyUjvHIrAPCkV16kJ8ZVXiWQLr+kROXPBHW/ErVCyEu8movoVsinJCz wM25LGS0CO/RHicHlNPLZCvnbxJEYdLr4krglF+t0PdHwmswp6N30JNrQCR6EN6jv4OB GcKx0jdmWWhR/LpOd1IEOBtSBAGnOCBYATSRrvKpDUlLjUaSKk4jxvvfvEPsglji5M2w eyBGJjqWwx7w207uS94cxN2Mt48cHM7xc9ZuZPWFjsUM54uzdqOPuj87y3jxQWj73Sdi RA== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jvjkk8skd-5 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:45:53 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 28 Sep 2022 05:45:39 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 28 Sep 2022 05:45:39 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 3EEF63F7053; Wed, 28 Sep 2022 05:45:35 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH 3/5] net/cnxk: support MACsec Date: Wed, 28 Sep 2022 18:15:14 +0530 Message-ID: <20220928124516.93050-4-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220928124516.93050-1-gakhil@marvell.com> References: <20220928122253.23108-4-gakhil@marvell.com> <20220928124516.93050-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: ZZ-JXnq0FiUXl3FK9woH6eZBwkNeiZmg X-Proofpoint-ORIG-GUID: ZZ-JXnq0FiUXl3FK9woH6eZBwkNeiZmg X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_06,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Signed-off-by: Akhil Goyal --- drivers/net/cnxk/cn10k_ethdev_mcs.c | 407 ++++++++++++++++++++++++++++ drivers/net/cnxk/cn10k_ethdev_mcs.h | 59 ++++ drivers/net/cnxk/cn10k_ethdev_sec.c | 11 +- drivers/net/cnxk/cn10k_flow.c | 14 + drivers/net/cnxk/cnxk_ethdev.h | 31 +++ drivers/net/cnxk/cnxk_ethdev_sec.c | 2 +- drivers/net/cnxk/meson.build | 1 + 7 files changed, 523 insertions(+), 2 deletions(-) create mode 100644 drivers/net/cnxk/cn10k_ethdev_mcs.c create mode 100644 drivers/net/cnxk/cn10k_ethdev_mcs.h diff --git a/drivers/net/cnxk/cn10k_ethdev_mcs.c b/drivers/net/cnxk/cn10k_ethdev_mcs.c new file mode 100644 index 0000000000..90363f8e17 --- /dev/null +++ b/drivers/net/cnxk/cn10k_ethdev_mcs.c @@ -0,0 +1,407 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#include +#include +#include + +static int +mcs_resource_alloc(struct cnxk_mcs_dev *mcs_dev, enum rte_security_macsec_direction dir, + uint8_t rsrc_id[], uint8_t rsrc_cnt, enum cnxk_mcs_rsrc_type type) +{ + struct roc_mcs_alloc_rsrc_req req = {0}; + struct roc_mcs_alloc_rsrc_rsp rsp = {0}; + int i; + + req.rsrc_type = type; + req.rsrc_cnt = rsrc_cnt; + req.mcs_id = mcs_dev->idx; + req.dir = dir; + + if (roc_mcs_alloc_rsrc(mcs_dev->mdev, &req, &rsp)) { + printf("error: Cannot allocate mcs resource.\n"); + return -1; + } + + for (i = 0; i < rsrc_cnt; i++) { + switch (rsp.rsrc_type) { + case CNXK_MCS_RSRC_TYPE_FLOWID: + rsrc_id[i] = rsp.flow_ids[i]; + break; + case CNXK_MCS_RSRC_TYPE_SECY: + rsrc_id[i] = rsp.secy_ids[i]; + break; + case CNXK_MCS_RSRC_TYPE_SC: + rsrc_id[i] = rsp.sc_ids[i]; + break; + case CNXK_MCS_RSRC_TYPE_SA: + rsrc_id[i] = rsp.sa_ids[i]; + break; + default : + printf("error: Invalid mcs resource allocated.\n"); + return -1; + } + } + return 0; +} + +int +cn10k_eth_macsec_sa_create(void *device, struct rte_security_macsec_sa *conf) +{ + struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device; + struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev); + struct cnxk_mcs_dev *mcs_dev = dev->mcs_dev; + struct roc_mcs_pn_table_write_req pn_req = {0}; + struct roc_mcs_sa_plcy_write_req req = {0}; + uint8_t hash_key[16] = {0}; + uint8_t sa_id = 0; + int ret = 0; + + ret = mcs_resource_alloc(mcs_dev, conf->dir, &sa_id, 1, CNXK_MCS_RSRC_TYPE_SA); + if (ret) { + printf("Failed to allocate SA id.\n"); + return -ENOMEM; + } + req.sa_index[0] = sa_id; + req.sa_cnt = 1; + req.mcs_id = mcs_dev->idx; + req.dir = conf->dir; + + if (conf->key.length != 16 || conf->key.length != 32) + return -EINVAL; + + memcpy(&req.plcy[0][0], conf->key.data, conf->key.length); + roc_aes_hash_key_derive(conf->key.data, conf->key.length, hash_key); + memcpy(&req.plcy[0][4], hash_key, CNXK_MACSEC_HASH_KEY); + memcpy(&req.plcy[0][6], conf->salt, RTE_SECURITY_MACSEC_SALT_LEN); + req.plcy[0][7] |= (uint64_t)conf->ssci << 32; + req.plcy[0][8] = conf->an & 0x3; + + ret = roc_mcs_sa_policy_write(mcs_dev->mdev, &req); + if (ret) { + printf("Failed to write SA policy.\n"); + return -EINVAL; + } + + pn_req.next_pn = conf->next_pn; + pn_req.pn_id = sa_id; + pn_req.mcs_id = mcs_dev->idx; + pn_req.dir = conf->dir; + + ret = roc_mcs_pn_table_write(mcs_dev->mdev, &pn_req); + if (ret) { + printf("Failed to write PN table.\n"); + return -EINVAL; + } + + return sa_id; +} + +int +cn10k_eth_macsec_sa_destroy(void *device, uint16_t sa_id) +{ + RTE_SET_USED(device); + RTE_SET_USED(sa_id); + + return 0; +} + +int +cn10k_eth_macsec_sc_create(void *device, struct rte_security_macsec_sc *conf) +{ + struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device; + struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev); + struct cnxk_mcs_dev *mcs_dev = dev->mcs_dev; + uint8_t sc_id = 0; + int i, ret = 0; + + ret = mcs_resource_alloc(mcs_dev, conf->dir, &sc_id, 1, CNXK_MCS_RSRC_TYPE_SC); + if (ret) { + printf("Failed to allocate SC id.\n"); + return -ENOMEM; + } + + if (conf->dir == RTE_SECURITY_MACSEC_DIR_TX) { + struct roc_mcs_tx_sc_sa_map req = {0}; + + req.mcs_id = mcs_dev->idx; + req.sa_index0 = conf->sc_tx.sa_id & 0x7F; + req.sa_index1 = conf->sc_tx.sa_id_rekey & 0x7F; + req.rekey_ena = conf->sc_tx.re_key_en; + req.sa_index0_vld = conf->sc_tx.active; + req.sa_index1_vld = conf->sc_tx.re_key_en && conf->sc_tx.active; + req.tx_sa_active = conf->sc_tx.active; + req.sectag_sci = conf->sc_tx.sci; + req.sc_id = sc_id; + req.mcs_id = mcs_dev->idx; + + ret = roc_mcs_tx_sc_sa_map_write(mcs_dev->mdev, &req); + if (ret) { + printf("Failed to map TX SC-SA"); + return -EINVAL; + } + } else { + for (i = 0; i < RTE_SECURITY_MACSEC_NUM_AN; i++) { + struct roc_mcs_rx_sc_sa_map req = {0}; + + req.mcs_id = mcs_dev->idx; + req.sa_index = conf->sc_rx.sa_id[i] & 0x7F; + req.sa_in_use = conf->sc_rx.sa_in_use[i]; + req.sc_id = sc_id; + req.an = i & 0x3; + req.mcs_id = mcs_dev->idx; + ret = roc_mcs_rx_sc_sa_map_write(mcs_dev->mdev, &req); + if (ret) { + printf("Failed to map RX SC-SA"); + return -EINVAL; + } + } + } + return sc_id; +} + +int +cn10k_eth_macsec_sc_destroy(void *device, uint16_t sc_id) +{ + RTE_SET_USED(device); + RTE_SET_USED(sc_id); + + return 0; +} + +struct cnxk_macsec_sess * +cnxk_eth_macsec_sess_get_by_sess(struct cnxk_eth_dev *dev, + const struct rte_security_session *sess) +{ + struct cnxk_macsec_sess *macsec_sess = NULL; + + TAILQ_FOREACH(macsec_sess, &dev->mcs_list, entry) { + if (macsec_sess->sess == sess) + return macsec_sess; + } + + return NULL; +} + +int +cn10k_eth_macsec_session_create(struct cnxk_eth_dev *dev, + struct rte_security_session_conf *conf, + struct rte_security_session *sess, + struct rte_mempool *mempool) +{ + struct rte_security_macsec_xform *xform = &conf->macsec; + struct cnxk_macsec_sess *macsec_sess_priv; + struct roc_mcs_secy_plcy_write_req req; + struct cnxk_mcs_dev *mcs_dev = dev->mcs_dev; + uint8_t secy_id = 0; + uint8_t sectag_tci = 0; + int ret = 0; + + ret = mcs_resource_alloc(mcs_dev, xform->dir, &secy_id, 1, CNXK_MCS_RSRC_TYPE_SECY); + if (ret) { + printf("Failed to allocate SECY id.\n"); + return -ENOMEM; + } + + req.secy_id = secy_id; + req.mcs_id = mcs_dev->idx; + req.dir = xform->dir; + req.plcy = 0L; + + if (xform->dir == RTE_SECURITY_MACSEC_DIR_TX) { + sectag_tci = ((uint8_t)xform->tx_secy.sectag_version << 5) | + ((uint8_t)xform->tx_secy.end_station << 4) | + ((uint8_t)xform->tx_secy.send_sci << 3) | + ((uint8_t)xform->tx_secy.scb << 2) | + ((uint8_t)xform->tx_secy.encrypt << 1) | + (uint8_t)xform->tx_secy.encrypt; + req.plcy = ((uint64_t)xform->tx_secy.mtu << 48) | + (((uint64_t)sectag_tci & 0x3F) << 40) | + (((uint64_t)xform->tx_secy.sectag_off & 0x7F) << 32) | + ((uint64_t)xform->tx_secy.sectag_insert_mode << 30) | + ((uint64_t)xform->tx_secy.icv_include_da_sa << 28) | + (((uint64_t)xform->cipher_off & 0x7F) << 20) | + ((uint64_t)xform->alg << 12) | + ((uint64_t)xform->tx_secy.protect_frames << 4) | + (uint64_t)xform->tx_secy.ctrl_port_enable; + } else { + req.plcy = ((uint64_t)xform->rx_secy.replay_win_sz << 32) | + ((uint64_t)xform->rx_secy.replay_protect << 30) | + ((uint64_t)xform->rx_secy.icv_include_da_sa << 28) | + (((uint64_t)xform->cipher_off & 0x7F) << 20) | + ((uint64_t)xform->alg << 12) | + ((uint64_t)xform->rx_secy.preserve_sectag << 9) | + ((uint64_t)xform->rx_secy.preserve_icv << 8) | + ((uint64_t)xform->rx_secy.validate_frames << 4) | + (uint64_t)xform->rx_secy.ctrl_port_enable; + } + + ret = roc_mcs_secy_policy_write(mcs_dev->mdev, &req); + if (ret) { + printf("\n Failed to configure SECY"); + return -EINVAL; + } + + /*get session priv*/ + if (rte_mempool_get(mempool, (void **)&macsec_sess_priv)) { + plt_err("Could not allocate security session private data"); + return -ENOMEM; + } + + macsec_sess_priv->sci = xform->sci; + macsec_sess_priv->sc_id = xform->sc_id; + macsec_sess_priv->secy_id = secy_id; + macsec_sess_priv->dir = xform->dir; + + TAILQ_INSERT_TAIL(&dev->mcs_list, macsec_sess_priv, entry); + set_sec_session_private_data(sess, (void *)macsec_sess_priv); + + return 0; +} + +int +cn10k_eth_macsec_session_destroy(void *device, struct rte_security_session *sess) +{ + RTE_SET_USED(device); + RTE_SET_USED(sess); + + return 0; +} + +int +cn10k_mcs_flow_configure(struct rte_eth_dev *eth_dev, + const struct rte_flow_attr *attr __rte_unused, + const struct rte_flow_item pattern[], + const struct rte_flow_action actions[], + struct rte_flow_error *error __rte_unused, + void **mcs_flow) +{ + struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev); + struct roc_mcs_flowid_entry_write_req req = {0}; + struct cnxk_mcs_dev *mcs_dev = dev->mcs_dev; + struct cnxk_mcs_flow_opts opts = {0}; + struct cnxk_macsec_sess *sess = cnxk_eth_macsec_sess_get_by_sess(dev, + (const struct rte_security_session *)actions->conf); + const struct rte_flow_item_eth *eth_item = NULL; + struct rte_ether_addr src; + struct rte_ether_addr dst; + int ret; + int i = 0; + + ret = mcs_resource_alloc(mcs_dev, sess->dir, &(sess->flow_id), 1, CNXK_MCS_RSRC_TYPE_FLOWID); + if (ret) { + printf("Failed to allocate FLow id.\n"); + return -ENOMEM; + } + req.sci = sess->sci; + req.flow_id = sess->flow_id; + req.secy_id = sess->secy_id; + req.sc_id = sess->sc_id; + req.ena = 1; + req.ctr_pkt = 0; /* TBD */ + req.mcs_id = mcs_dev->idx; + req.dir = sess->dir; + + while (pattern[i].type != RTE_FLOW_ITEM_TYPE_END) { + if (pattern[i].type == RTE_FLOW_ITEM_TYPE_ETH) + eth_item = pattern[i].spec; + else + printf("%s:%d unhandled flow item : %d", __func__, __LINE__, + pattern[i].type); + i++; + } + if (eth_item) { + dst = eth_item->hdr.dst_addr; + src = eth_item->hdr.src_addr; + + /* Find ways to fill opts */ + + req.data[0] = (uint64_t)dst.addr_bytes[0] << 40 | (uint64_t)dst.addr_bytes[1] << 32 | + (uint64_t)dst.addr_bytes[2] << 24 | (uint64_t)dst.addr_bytes[3] << 16 | + (uint64_t)dst.addr_bytes[4] << 8 | (uint64_t)dst.addr_bytes[5] | + (uint64_t)src.addr_bytes[5] << 48 | (uint64_t)src.addr_bytes[4] << 56; + req.data[1] = (uint64_t)src.addr_bytes[3] | (uint64_t)src.addr_bytes[2] << 8 | + (uint64_t)src.addr_bytes[1] << 16 | (uint64_t)src.addr_bytes[0] << 24 | + (uint64_t)eth_item->hdr.ether_type << 32 | + ((uint64_t)opts.outer_tag_id & 0xFFFF) << 48; + req.data[2] = ((uint64_t)opts.outer_tag_id & 0xF0000) | + ((uint64_t)opts.outer_priority & 0xF) << 4 | + ((uint64_t)opts.second_outer_tag_id & 0xFFFFF) << 8 | + ((uint64_t)opts.second_outer_priority & 0xF) << 28 | + ((uint64_t)opts.bonus_data << 32) | + ((uint64_t)opts.tag_match_bitmap << 48) | + ((uint64_t)opts.packet_type & 0xF) << 56 | + ((uint64_t)opts.outer_vlan_type & 0x7) << 60 | + ((uint64_t)opts.inner_vlan_type & 0x1) << 63; + req.data[3] = ((uint64_t)opts.inner_vlan_type & 0x6) | + ((uint64_t)opts.num_tags & 0x7F) << 2 | ((uint64_t)opts.express & 1) << 9 | + ((uint64_t)opts.port & 0x3) << 10 | + ((uint64_t)opts.flowid_user & 0xF) << 12; + + req.mask[0] = 0x0; + req.mask[1] = 0xFFFFFFFF00000000; + req.mask[2] = 0xFFFFFFFFFFFFFFFF; + req.mask[3] = 0xFFFFFFFFFFFFF3FF; + + ret = roc_mcs_flowid_entry_write(mcs_dev->mdev, &req); + if (ret) + return ret; + + *mcs_flow = &req; + } else { + printf("\nFlow not confirured"); + return -EINVAL; + } + return 0; +} + +int +cn10k_eth_macsec_sa_stats_get(void *device, uint16_t sa_id, + struct rte_security_macsec_sa_stats *stats) +{ + RTE_SET_USED(device); + RTE_SET_USED(sa_id); + RTE_SET_USED(stats); + + return 0; +} + +int +cn10k_eth_macsec_sc_stats_get(void *device, uint16_t sc_id, + struct rte_security_macsec_sc_stats *stats) +{ + RTE_SET_USED(device); + RTE_SET_USED(sc_id); + RTE_SET_USED(stats); + + return 0; +} + +void +cnxk_mcs_dev_fini(struct cnxk_mcs_dev *mcs_dev) +{ + /* Cleanup MACsec dev */ + roc_mcs_dev_fini(mcs_dev->mdev); + + plt_free(mcs_dev); +} + +struct cnxk_mcs_dev * +cnxk_mcs_dev_init(uint8_t mcs_idx) +{ + struct cnxk_mcs_dev *mcs_dev; + + mcs_dev = plt_zmalloc(sizeof(struct cnxk_mcs_dev), PLT_CACHE_LINE_SIZE); + if (!mcs_dev) + return NULL; + + mcs_dev->mdev = roc_mcs_dev_init(mcs_dev->idx); + if (!mcs_dev->mdev) { + plt_free(mcs_dev); + return NULL; + } + mcs_dev->idx = mcs_idx; + + return mcs_dev; +} diff --git a/drivers/net/cnxk/cn10k_ethdev_mcs.h b/drivers/net/cnxk/cn10k_ethdev_mcs.h new file mode 100644 index 0000000000..b905f4402a --- /dev/null +++ b/drivers/net/cnxk/cn10k_ethdev_mcs.h @@ -0,0 +1,59 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + +#include + +#define CNXK_MACSEC_HASH_KEY 16 + +struct cnxk_mcs_dev { + uint64_t default_sci; + void *mdev; + uint8_t port_id; + uint8_t idx; +}; + +enum cnxk_mcs_rsrc_type { + CNXK_MCS_RSRC_TYPE_FLOWID, + CNXK_MCS_RSRC_TYPE_SECY, + CNXK_MCS_RSRC_TYPE_SC, + CNXK_MCS_RSRC_TYPE_SA, +}; + +struct cnxk_mcs_flow_opts { + uint32_t outer_tag_id; + /**< {VLAN_ID[11:0]}, or 20-bit MPLS label*/ + uint8_t outer_priority; + /**< {PCP/Pbits, DE/CFI} or {1'b0, EXP} for MPLS.*/ + uint32_t second_outer_tag_id; + /**< {VLAN_ID[11:0]}, or 20-bit MPLS label*/ + uint8_t second_outer_priority; + /**< {PCP/Pbits, DE/CFI} or {1'b0, EXP} for MPLS. */ + uint16_t bonus_data; + /**< 2 bytes of additional bonus data extracted from one of the custom tags*/ + uint8_t tag_match_bitmap; + uint8_t packet_type; + uint8_t outer_vlan_type; + uint8_t inner_vlan_type; + uint8_t num_tags; + bool express; + uint8_t port; /**< port 0-3 */ + uint8_t flowid_user; +}; + +int cn10k_eth_macsec_sa_create(void *device, struct rte_security_macsec_sa *conf); +int cn10k_eth_macsec_sc_create(void *device, struct rte_security_macsec_sc *conf); + +int cn10k_eth_macsec_sa_destroy(void *device, uint16_t sa_id); +int cn10k_eth_macsec_sc_destroy(void *device, uint16_t sc_id); + +int cn10k_eth_macsec_sa_stats_get(void *device, uint16_t sa_id, + struct rte_security_macsec_sa_stats *stats); +int cn10k_eth_macsec_sc_stats_get(void *device, uint16_t sa_id, + struct rte_security_macsec_sc_stats *stats); + +int cn10k_eth_macsec_session_create(struct cnxk_eth_dev *dev, + struct rte_security_session_conf *conf, + struct rte_security_session *sess, + struct rte_mempool *mempool); +int cn10k_eth_macsec_session_destroy(void *device, struct rte_security_session *sess); diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c index 3795b0c78b..70fb1eb39a 100644 --- a/drivers/net/cnxk/cn10k_ethdev_sec.c +++ b/drivers/net/cnxk/cn10k_ethdev_sec.c @@ -9,6 +9,7 @@ #include #include +#include #include #include @@ -601,7 +602,9 @@ cn10k_eth_sec_session_create(void *device, if (conf->action_type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) return -ENOTSUP; - if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) + if (conf->protocol == RTE_SECURITY_PROTOCOL_MACSEC) + return cn10k_eth_macsec_session_create(dev, conf, sess, mempool); + else if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) return -ENOTSUP; if (rte_security_dynfield_register() < 0) @@ -1058,9 +1061,15 @@ cn10k_eth_sec_ops_override(void) init_once = 1; /* Update platform specific ops */ + cnxk_eth_sec_ops.macsec_sa_create = cn10k_eth_macsec_sa_create; + cnxk_eth_sec_ops.macsec_sc_create = cn10k_eth_macsec_sc_create; + cnxk_eth_sec_ops.macsec_sa_destroy = cn10k_eth_macsec_sa_destroy; + cnxk_eth_sec_ops.macsec_sc_destroy = cn10k_eth_macsec_sc_destroy; cnxk_eth_sec_ops.session_create = cn10k_eth_sec_session_create; cnxk_eth_sec_ops.session_destroy = cn10k_eth_sec_session_destroy; cnxk_eth_sec_ops.capabilities_get = cn10k_eth_sec_capabilities_get; cnxk_eth_sec_ops.session_update = cn10k_eth_sec_session_update; cnxk_eth_sec_ops.session_stats_get = cn10k_eth_sec_session_stats_get; + cnxk_eth_sec_ops.macsec_sc_stats_get = cn10k_eth_macsec_sc_stats_get; + cnxk_eth_sec_ops.macsec_sa_stats_get = cn10k_eth_macsec_sa_stats_get; } diff --git a/drivers/net/cnxk/cn10k_flow.c b/drivers/net/cnxk/cn10k_flow.c index 7df879a2bb..e95a73ec55 100644 --- a/drivers/net/cnxk/cn10k_flow.c +++ b/drivers/net/cnxk/cn10k_flow.c @@ -2,6 +2,7 @@ * Copyright(C) 2020 Marvell. */ #include +#include "cn10k_ethdev_mcs.h" #include "cn10k_flow.h" #include "cn10k_ethdev.h" #include "cn10k_rx.h" @@ -133,6 +134,7 @@ cn10k_flow_create(struct rte_eth_dev *eth_dev, const struct rte_flow_attr *attr, const struct rte_flow_action *act_q = NULL; struct roc_npc *npc = &dev->npc; struct roc_npc_flow *flow; + void *mcs_flow = NULL; int vtag_actions = 0; uint32_t req_act = 0; int i, rc; @@ -186,6 +188,18 @@ cn10k_flow_create(struct rte_eth_dev *eth_dev, const struct rte_flow_attr *attr, } } + if (actions[0].type == RTE_FLOW_ACTION_TYPE_SECURITY && + cnxk_eth_macsec_sess_get_by_sess(dev, actions[0].conf) != NULL) { + rc = cn10k_mcs_flow_configure(eth_dev, attr, pattern, actions, error, &mcs_flow); + if (rc) { + rte_flow_error_set(error, rc, + RTE_FLOW_ERROR_TYPE_ACTION, NULL, + "Failed to configure mcs flow"); + return NULL; + } + return (struct rte_flow *)mcs_flow; + } + flow = cnxk_flow_create(eth_dev, attr, pattern, actions, error); if (!flow) { if (mtr) diff --git a/drivers/net/cnxk/cnxk_ethdev.h b/drivers/net/cnxk/cnxk_ethdev.h index c09e9bff8e..4ae64060f1 100644 --- a/drivers/net/cnxk/cnxk_ethdev.h +++ b/drivers/net/cnxk/cnxk_ethdev.h @@ -337,6 +337,21 @@ struct cnxk_eth_dev_sec_outb { rte_spinlock_t lock; }; +/* MACsec session private data */ +struct cnxk_macsec_sess { + /* List entry */ + TAILQ_ENTRY(cnxk_macsec_sess) entry; + + /* Back pointer to session */ + struct rte_security_session *sess; + enum rte_security_macsec_direction dir; + uint64_t sci; + uint8_t secy_id; + uint8_t sc_id; + uint8_t flow_id; +}; +TAILQ_HEAD(cnxk_macsec_sess_list, cnxk_macsec_sess); + struct cnxk_eth_dev { /* ROC NIX */ struct roc_nix nix; @@ -437,6 +452,10 @@ struct cnxk_eth_dev { /* Reassembly dynfield/flag offsets */ int reass_dynfield_off; int reass_dynflag_bit; + + /* MCS device */ + struct cnxk_mcs_dev *mcs_dev; + struct cnxk_macsec_sess_list mcs_list; }; struct cnxk_eth_rxq_sp { @@ -649,6 +668,18 @@ cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev, int cnxk_nix_inl_meta_pool_cb(uint64_t *aura_handle, uint32_t buf_sz, uint32_t nb_bufs, bool destroy); +struct cnxk_mcs_dev * cnxk_mcs_dev_init(uint8_t mcs_idx); +void cnxk_mcs_dev_fini(struct cnxk_mcs_dev *mcs_dev); + +struct cnxk_macsec_sess * +cnxk_eth_macsec_sess_get_by_sess(struct cnxk_eth_dev *dev, + const struct rte_security_session *sess); +int cn10k_mcs_flow_configure(struct rte_eth_dev *eth_dev, + const struct rte_flow_attr *attr, + const struct rte_flow_item pattern[], + const struct rte_flow_action actions[], + struct rte_flow_error *error, void **mcs_flow); + /* Other private functions */ int nix_recalc_mtu(struct rte_eth_dev *eth_dev); int nix_mtr_validate(struct rte_eth_dev *dev, uint32_t id); diff --git a/drivers/net/cnxk/cnxk_ethdev_sec.c b/drivers/net/cnxk/cnxk_ethdev_sec.c index 9304b1465d..56fb2733a4 100644 --- a/drivers/net/cnxk/cnxk_ethdev_sec.c +++ b/drivers/net/cnxk/cnxk_ethdev_sec.c @@ -203,7 +203,7 @@ cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev, static unsigned int cnxk_eth_sec_session_get_size(void *device __rte_unused) { - return sizeof(struct cnxk_eth_sec_sess); + return RTE_MAX(sizeof(struct cnxk_macsec_sess), sizeof(struct cnxk_eth_sec_sess)); } struct rte_security_ops cnxk_eth_sec_ops = { diff --git a/drivers/net/cnxk/meson.build b/drivers/net/cnxk/meson.build index f347e98fce..34bba3fb23 100644 --- a/drivers/net/cnxk/meson.build +++ b/drivers/net/cnxk/meson.build @@ -106,6 +106,7 @@ sources += files( # CN10K sources += files( 'cn10k_ethdev.c', + 'cn10k_ethdev_mcs.c', 'cn10k_ethdev_sec.c', 'cn10k_flow.c', 'cn10k_rx_select.c', From patchwork Wed Sep 28 12:45:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 117056 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 14FF0A00C4; Wed, 28 Sep 2022 14:46:24 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 4699D42B72; Wed, 28 Sep 2022 14:46:00 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 09F41427F9 for ; Wed, 28 Sep 2022 14:45:55 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA4cpa003076; Wed, 28 Sep 2022 05:45:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=X08qDS9MR94/GUv7IyaYcG9/lJ6Q3B/52YdLCriWJY4=; b=f1hvVahXMnROyXNZlA83FOnY8alCsGaowfntJTH8m9lqX9RfJxYAZ51PNxTbXNmF94OW uqKK1StiRmCcMtL1ImHxu2lLFL4zYf305JGObu7JgKJAQRYrWPWaTfote2/bgBpvJQDu vRF7ZyW9LzCrU0qhr2sxvKfz5SSw3KU5yuU6ZObCkxS46Sx5fqjXR/cz46Z0xnwfcLIv p/No2ImzIXXzCsJkxs63MtrLudHbgOf/N8S4SR/oODGkL2JAcMzH5dEIvQldlt9dVv9X G/FShr6hTe450ju7jOF16/JKFo5M2sngdOVH+iD2GRc9z1wGtf6N1Ua5/7BA1Owec0le vw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jvjkk8skd-6 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:45:54 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 28 Sep 2022 05:45:45 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 28 Sep 2022 05:45:45 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 4D8253F7068; Wed, 28 Sep 2022 05:45:40 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH 4/5] test/security: add inline MACsec cases Date: Wed, 28 Sep 2022 18:15:15 +0530 Message-ID: <20220928124516.93050-5-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220928124516.93050-1-gakhil@marvell.com> References: <20220928122253.23108-4-gakhil@marvell.com> <20220928124516.93050-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: -uX1Qz2SC_JFJY4OtFsJNcGULKJibF4L X-Proofpoint-ORIG-GUID: -uX1Qz2SC_JFJY4OtFsJNcGULKJibF4L X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_06,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added MACsec inline cases for encryption cases. Signed-off-by: Akhil Goyal --- app/test/meson.build | 1 + app/test/test_security_inline_macsec.c | 821 ++++++ .../test_security_inline_macsec_vectors.h | 2318 +++++++++++++++++ 3 files changed, 3140 insertions(+) create mode 100644 app/test/test_security_inline_macsec.c create mode 100644 app/test/test_security_inline_macsec_vectors.h diff --git a/app/test/meson.build b/app/test/meson.build index d5cad72116..928df22014 100644 --- a/app/test/meson.build +++ b/app/test/meson.build @@ -126,6 +126,7 @@ test_sources = files( 'test_rwlock.c', 'test_sched.c', 'test_security.c', + 'test_security_inline_macsec.c', 'test_security_inline_proto.c', 'test_seqlock.c', 'test_service_cores.c', diff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c new file mode 100644 index 0000000000..dec7cb20df --- /dev/null +++ b/app/test/test_security_inline_macsec.c @@ -0,0 +1,821 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ + + +#include +#include + +#include +#include +#include + +#include "test.h" +#include "test_security_inline_macsec_vectors.h" + +#ifdef RTE_EXEC_ENV_WINDOWS +static int +test_inline_macsec(void) +{ + printf("Inline MACsec not supported on Windows, skipping test\n"); + return TEST_SKIPPED; +} + +#else + +#define NB_ETHPORTS_USED 1 +#define MEMPOOL_CACHE_SIZE 32 +#define MAX_PKT_BURST 32 +#define RTE_TEST_RX_DESC_DEFAULT 1024 +#define RTE_TEST_TX_DESC_DEFAULT 1024 +#define RTE_PORT_ALL (~(uint16_t)0x0) + +#define RX_PTHRESH 8 /**< Default values of RX prefetch threshold reg. */ +#define RX_HTHRESH 8 /**< Default values of RX host threshold reg. */ +#define RX_WTHRESH 0 /**< Default values of RX write-back threshold reg. */ + +#define TX_PTHRESH 32 /**< Default values of TX prefetch threshold reg. */ +#define TX_HTHRESH 0 /**< Default values of TX host threshold reg. */ +#define TX_WTHRESH 0 /**< Default values of TX write-back threshold reg. */ + +#define MAX_TRAFFIC_BURST 2048 +#define NB_MBUF 10240 + +#define MCS_INVALID_SA 0xFFFF +#define MCS_MAX_FLOWS 63 + +static struct rte_mempool *mbufpool; +static struct rte_mempool *sess_pool; +static struct rte_mempool *sess_priv_pool; +/* ethernet addresses of ports */ +static struct rte_ether_addr ports_eth_addr[RTE_MAX_ETHPORTS]; + +struct mcs_test_opts { + int val_frames; + int nb_td; + uint16_t mtu; + uint8_t sa_in_use; + bool protect_frames; + uint8_t sectag_insert_mode; + uint8_t nb_vlan; + uint16_t replay_win_sz; + uint8_t replay_protect; + uint8_t rekey_en; +}; + +static struct rte_eth_conf port_conf = { + .rxmode = { + .mq_mode = RTE_ETH_MQ_RX_NONE, + .split_hdr_size = 0, + .offloads = RTE_ETH_RX_OFFLOAD_CHECKSUM | + RTE_ETH_RX_OFFLOAD_SECURITY, + }, + .txmode = { + .mq_mode = RTE_ETH_MQ_TX_NONE, + .offloads = RTE_ETH_TX_OFFLOAD_SECURITY | + RTE_ETH_TX_OFFLOAD_MBUF_FAST_FREE, + }, + .lpbk_mode = 1, /* enable loopback */ +}; + +static struct rte_eth_rxconf rx_conf = { + .rx_thresh = { + .pthresh = RX_PTHRESH, + .hthresh = RX_HTHRESH, + .wthresh = RX_WTHRESH, + }, + .rx_free_thresh = 32, +}; + +static struct rte_eth_txconf tx_conf = { + .tx_thresh = { + .pthresh = TX_PTHRESH, + .hthresh = TX_HTHRESH, + .wthresh = TX_WTHRESH, + }, + .tx_free_thresh = 32, /* Use PMD default values */ + .tx_rs_thresh = 32, /* Use PMD default values */ +}; + +static uint16_t port_id; + +static uint64_t link_mbps; + +static struct rte_flow *default_flow[RTE_MAX_ETHPORTS]; + +static struct rte_mbuf **tx_pkts_burst; +static struct rte_mbuf **rx_pkts_burst; + +static inline struct rte_mbuf * +init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len) +{ + struct rte_mbuf *pkt; + + pkt = rte_pktmbuf_alloc(mp); + if (pkt == NULL) + return NULL; + + rte_memcpy(rte_pktmbuf_append(pkt, len), data, len); + + return pkt; +} + +static int +init_mempools(unsigned int nb_mbuf) +{ + struct rte_security_ctx *sec_ctx; + uint16_t nb_sess = 512; + uint32_t sess_sz; + char s[64]; + + if (mbufpool == NULL) { + snprintf(s, sizeof(s), "mbuf_pool"); + mbufpool = rte_pktmbuf_pool_create(s, nb_mbuf, + MEMPOOL_CACHE_SIZE, 0, + RTE_MBUF_DEFAULT_BUF_SIZE, SOCKET_ID_ANY); + if (mbufpool == NULL) { + printf("Cannot init mbuf pool\n"); + return TEST_FAILED; + } + printf("Allocated mbuf pool\n"); + } + + sec_ctx = rte_eth_dev_get_sec_ctx(port_id); + if (sec_ctx == NULL) { + printf("Device does not support Security ctx\n"); + return TEST_SKIPPED; + } + sess_sz = rte_security_session_get_size(sec_ctx); + if (sess_pool == NULL) { + snprintf(s, sizeof(s), "sess_pool"); + sess_pool = rte_mempool_create(s, nb_sess, sess_sz, + MEMPOOL_CACHE_SIZE, 0, + NULL, NULL, NULL, NULL, + SOCKET_ID_ANY, 0); + if (sess_pool == NULL) { + printf("Cannot init sess pool\n"); + return TEST_FAILED; + } + printf("Allocated sess pool\n"); + } + if (sess_priv_pool == NULL) { + snprintf(s, sizeof(s), "sess_priv_pool"); + sess_priv_pool = rte_mempool_create(s, nb_sess, sess_sz, + MEMPOOL_CACHE_SIZE, 0, + NULL, NULL, NULL, NULL, + SOCKET_ID_ANY, 0); + if (sess_priv_pool == NULL) { + printf("Cannot init sess_priv pool\n"); + return TEST_FAILED; + } + printf("Allocated sess_priv pool\n"); + } + + return 0; +} + +static void +fill_macsec_sa_conf(const struct mcs_test_vector *td, struct rte_security_macsec_sa *sa, + enum rte_security_macsec_direction dir, uint8_t an, uint8_t tci_off) +{ + sa->dir = dir; + + sa->key.data = td->sa_key.data; + sa->key.length = td->sa_key.len; + + memcpy((uint8_t *)sa->salt, (const uint8_t *)td->salt, RTE_SECURITY_MACSEC_SALT_LEN); + + /* AN is set as per the value in secure packet in test vector */ + sa->an = an & RTE_MACSEC_AN_MASK; + + sa->xpn = td->xpn; + /* Starting packet number which is expected to come next. It is taken + * from the test vector so that we can match the out packet. */ + sa->next_pn = td->secure_pkt.data[tci_off + 2]; +} + +static void +fill_macsec_sc_conf(const struct mcs_test_vector *td, struct rte_security_macsec_sc *sc_conf, + enum rte_security_macsec_direction dir, uint16_t sa_id[], uint8_t tci_off) +{ + int i; + + if (dir == RTE_SECURITY_MACSEC_DIR_TX) { + sc_conf->sc_tx.sa_id = sa_id[0]; + if (sa_id[1] != MCS_INVALID_SA) { + sc_conf->sc_tx.sa_id_rekey = sa_id[1]; + sc_conf->sc_tx.re_key_en = 1; + } + sc_conf->sc_tx.active = 1; + /* is SCI valid */ + if (td->secure_pkt.data[tci_off] & RTE_MACSEC_TCI_SC) { + memcpy(&sc_conf->sc_tx.sci, &td->secure_pkt.data[tci_off + 6], + sizeof(sc_conf->sc_tx.sci)); + sc_conf->sc_tx.sci = rte_be_to_cpu_64(sc_conf->sc_tx.sci); + } else if (td->secure_pkt.data[tci_off] & RTE_MACSEC_TCI_ES) { + /* sci = source_mac + port_id when ES.bit = 1 & SC.bit = 0 */ + const uint8_t *smac = td->plain_pkt.data + RTE_ETHER_ADDR_LEN; + uint8_t *ptr = (uint8_t *)&sc_conf->sc_tx.sci; + + ptr[0] = 0x01; /*TODO: port_id */ + ptr[1] = 0; + for (uint8_t j = 0; j < RTE_ETHER_ADDR_LEN; j++) + ptr[2 + j] = smac[RTE_ETHER_ADDR_LEN - 1 - j]; + } else { + /* use some default SCI */ + sc_conf->sc_tx.sci = 0xf1341e023a2b1c5d; + } + } else { + for (i = 0; i < RTE_SECURITY_MACSEC_NUM_AN; i++) { + sc_conf->sc_rx.sa_id[i] = sa_id[i]; + sc_conf->sc_rx.sa_in_use[i] = 1; + } + sc_conf->sc_rx.active = 1; + } +} + + +/* Create Inline MACsec session */ +static int +fill_session_conf(const struct mcs_test_vector *td, uint16_t portid __rte_unused, + const struct mcs_test_opts *opts, + struct rte_security_session_conf *sess_conf, + enum rte_security_macsec_direction dir, + uint16_t sc_id, + uint8_t tci_off) +{ +// struct rte_security_capability_idx sec_cap_idx; +// const struct rte_security_capability *sec_cap; + + sess_conf->action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL; + sess_conf->protocol = RTE_SECURITY_PROTOCOL_MACSEC; + sess_conf->macsec.dir = dir; + sess_conf->macsec.alg = td->alg; + sess_conf->macsec.cipher_off = 0; + sess_conf->macsec.sci = (uint64_t)td->secure_pkt.data[tci_off + 6]; + sess_conf->macsec.sc_id = sc_id; + if (dir == RTE_SECURITY_MACSEC_DIR_TX) { + sess_conf->macsec.tx_secy.mtu = opts->mtu; + sess_conf->macsec.tx_secy.sectag_off = (opts->sectag_insert_mode == 1) ? + 2 * RTE_ETHER_ADDR_LEN : + RTE_VLAN_HLEN; + sess_conf->macsec.tx_secy.sectag_insert_mode = opts->sectag_insert_mode; + sess_conf->macsec.tx_secy.icv_include_da_sa = 1; + sess_conf->macsec.tx_secy.ctrl_port_enable = 1; + sess_conf->macsec.tx_secy.sectag_version = 0; + sess_conf->macsec.tx_secy.end_station = + td->secure_pkt.data[tci_off] & RTE_MACSEC_TCI_ES; + sess_conf->macsec.tx_secy.send_sci = + td->secure_pkt.data[tci_off] & RTE_MACSEC_TCI_SC; + sess_conf->macsec.tx_secy.scb = + td->secure_pkt.data[tci_off] & RTE_MACSEC_TCI_SCB; + sess_conf->macsec.tx_secy.encrypt = 1; + } else { + sess_conf->macsec.rx_secy.replay_win_sz = opts->replay_win_sz; + sess_conf->macsec.rx_secy.replay_protect = opts->replay_protect; + sess_conf->macsec.rx_secy.validate_frames = opts->val_frames; + sess_conf->macsec.rx_secy.icv_include_da_sa = 1; + sess_conf->macsec.rx_secy.ctrl_port_enable = 1; + sess_conf->macsec.rx_secy.preserve_sectag = 0; + sess_conf->macsec.rx_secy.preserve_icv = 0; + } +// sec_cap = rte_security_capability_get(sec_ctx, &sec_cap_idx); +// if (sec_cap == NULL) { +// printf("No capabilities registered\n"); +// return TEST_SKIPPED; +// } + + return 0; +} +static int +create_default_flow(const struct mcs_test_vector *td, uint16_t portid, + enum rte_security_macsec_direction dir, void *sess) +{ + struct rte_flow_action action[2]; + struct rte_flow_item pattern[2]; + struct rte_flow_attr attr = {0}; + struct rte_flow_error err; + struct rte_flow *flow; + struct rte_flow_item_eth eth = {0}; + int ret; + + eth.has_vlan = 0; + if (dir == RTE_SECURITY_MACSEC_DIR_TX) + memcpy(ð.hdr, td->plain_pkt.data, RTE_ETHER_HDR_LEN); + else + memcpy(ð.hdr, td->secure_pkt.data, RTE_ETHER_HDR_LEN); + + pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH; + pattern[0].spec = ð + pattern[0].mask = &rte_flow_item_eth_mask; + pattern[0].last = ð + pattern[1].type = RTE_FLOW_ITEM_TYPE_END; + + action[0].type = RTE_FLOW_ACTION_TYPE_SECURITY; + action[0].conf = sess; + action[1].type = RTE_FLOW_ACTION_TYPE_END; + action[1].conf = NULL; + + attr.ingress = dir; + + ret = rte_flow_validate(portid, &attr, pattern, action, &err); + if (ret) { + printf("\nValidate flow failed, ret = %d\n", ret); + return -1; + } + flow = rte_flow_create(portid, &attr, pattern, action, &err); + if (flow == NULL) { + printf("\nDefault flow rule create failed\n"); + return -1; + } + + default_flow[portid] = flow; + + return 0; +} + +static void +destroy_default_flow(uint16_t portid) +{ + struct rte_flow_error err; + int ret; + + if (!default_flow[portid]) + return; + ret = rte_flow_destroy(portid, default_flow[portid], &err); + if (ret) { + printf("\nDefault flow rule destroy failed\n"); + return; + } + default_flow[portid] = NULL; +} + +static void +print_ethaddr(const char *name, const struct rte_ether_addr *eth_addr) +{ + char buf[RTE_ETHER_ADDR_FMT_SIZE]; + rte_ether_format_addr(buf, RTE_ETHER_ADDR_FMT_SIZE, eth_addr); + printf("%s%s", name, buf); +} + +/* Check the link status of all ports in up to 3s, and print them finally */ +static void +check_all_ports_link_status(uint16_t port_num, uint32_t port_mask) +{ +#define CHECK_INTERVAL 100 /* 100ms */ +#define MAX_CHECK_TIME 30 /* 3s (30 * 100ms) in total */ + uint16_t portid; + uint8_t count, all_ports_up, print_flag = 0; + struct rte_eth_link link; + int ret; + char link_status[RTE_ETH_LINK_MAX_STR_LEN]; + + printf("Checking link statuses...\n"); + fflush(stdout); + for (count = 0; count <= MAX_CHECK_TIME; count++) { + all_ports_up = 1; + for (portid = 0; portid < port_num; portid++) { + if ((port_mask & (1 << portid)) == 0) + continue; + memset(&link, 0, sizeof(link)); + ret = rte_eth_link_get_nowait(portid, &link); + if (ret < 0) { + all_ports_up = 0; + if (print_flag == 1) + printf("Port %u link get failed: %s\n", + portid, rte_strerror(-ret)); + continue; + } + + /* print link status if flag set */ + if (print_flag == 1) { + if (link.link_status && link_mbps == 0) + link_mbps = link.link_speed; + + rte_eth_link_to_str(link_status, + sizeof(link_status), &link); + printf("Port %d %s\n", portid, link_status); + continue; + } + /* clear all_ports_up flag if any link down */ + if (link.link_status == RTE_ETH_LINK_DOWN) { + all_ports_up = 0; + break; + } + } + /* after finally printing all link status, get out */ + if (print_flag == 1) + break; + + if (all_ports_up == 0) { + fflush(stdout); + rte_delay_ms(CHECK_INTERVAL); + } + + /* set the print_flag if all ports up or timeout */ + if (all_ports_up == 1 || count == (MAX_CHECK_TIME - 1)) + print_flag = 1; + } +} + +static int +test_macsec_post_process(struct rte_mbuf *m, const struct mcs_test_vector *td, + enum mcs_op op) +{ + const uint8_t *dptr; + uint16_t pkt_len; + + if (op == MCS_DECAP || op == MCS_ENCAP_DECAP || + op == MCS_VERIFY_ONLY || op == MCS_AUTH_VERIFY) { + dptr = td->plain_pkt.data; + pkt_len = td->plain_pkt.len; + } else { + dptr = td->secure_pkt.data; + pkt_len = td->secure_pkt.len; + } + + if (memcmp(rte_pktmbuf_mtod(m, uint8_t *), dptr, pkt_len)) { + printf("\nData comparison failed for td."); + rte_pktmbuf_dump(stdout, m, m->pkt_len); + rte_hexdump(stdout, "expected_data", dptr, pkt_len); + return TEST_FAILED; + } + + return TEST_SUCCESS; +} + +static int +test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs_test_opts *opts) +{ + uint16_t rx_sa_id[MCS_MAX_FLOWS][RTE_SECURITY_MACSEC_NUM_AN] = {0}; + uint16_t tx_sa_id[MCS_MAX_FLOWS][2] = {0}; + uint16_t rx_sc_id[MCS_MAX_FLOWS] = {0}; + uint16_t tx_sc_id[MCS_MAX_FLOWS] = {0}; + struct rte_security_session *rx_sess[MCS_MAX_FLOWS]; + struct rte_security_session *tx_sess[MCS_MAX_FLOWS]; + struct rte_security_session_conf sess_conf = {0}; + struct rte_security_macsec_sa sa_conf = {0}; + struct rte_security_macsec_sc sc_conf = {0}; + struct rte_security_ctx *ctx; + int nb_rx = 0, nb_sent; + int i, j = 0, ret; + uint8_t tci_off; + + memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * opts->nb_td); + + ctx = (struct rte_security_ctx *)rte_eth_dev_get_sec_ctx(port_id); + if (ctx == NULL) { + printf("Ethernet device doesn't support security features.\n"); + return TEST_SKIPPED; + } + + tci_off = (opts->sectag_insert_mode == 1) ? RTE_ETHER_HDR_LEN : + RTE_ETHER_HDR_LEN + (opts->nb_vlan * RTE_VLAN_HLEN); + + for (i = 0; i < opts->nb_td; i++) { + tx_pkts_burst[i] = init_packet(mbufpool, td[i]->plain_pkt.data, + td[i]->plain_pkt.len); + if (tx_pkts_burst[i] == NULL) { + while (i--) + rte_pktmbuf_free(tx_pkts_burst[i]); + ret = TEST_FAILED; + goto out; + } + + if (op == MCS_DECAP || op == MCS_ENCAP_DECAP || + op == MCS_VERIFY_ONLY || op == MCS_AUTH_VERIFY) { + for (j = 0; j < RTE_SECURITY_MACSEC_NUM_AN; j++) { + /* For simplicity, using same SA conf for all AN */ + fill_macsec_sa_conf(td[i], &sa_conf, + RTE_SECURITY_MACSEC_DIR_RX, j, tci_off); + rx_sa_id[i][j] = rte_security_macsec_sa_create(ctx, &sa_conf); + } + fill_macsec_sc_conf(td[i], &sc_conf, + RTE_SECURITY_MACSEC_DIR_RX, rx_sa_id[i], tci_off); + rx_sc_id[i] = rte_security_macsec_sc_create(ctx, &sc_conf); + + /* Create Inline IPsec session. */ + ret = fill_session_conf(td[i], port_id, opts, &sess_conf, + RTE_SECURITY_MACSEC_DIR_RX, rx_sc_id[i], tci_off); + if (ret) + return TEST_FAILED; + + rx_sess[i] = rte_security_session_create(ctx, &sess_conf, + sess_pool, sess_priv_pool); + if (rx_sess[i] == NULL) { + printf("SEC Session init failed.\n"); + return TEST_FAILED; + } + ret = create_default_flow(td[i], port_id, + RTE_SECURITY_MACSEC_DIR_RX, rx_sess[i]); + if (ret) + goto out; + } + if (op == MCS_ENCAP || op == MCS_ENCAP_DECAP || + op == MCS_AUTH_ONLY || op == MCS_AUTH_VERIFY) { + fill_macsec_sa_conf(td[i], &sa_conf, + RTE_SECURITY_MACSEC_DIR_TX, + td[i]->secure_pkt.data[tci_off] & RTE_MACSEC_AN_MASK, + tci_off); + tx_sa_id[i][0] = rte_security_macsec_sa_create(ctx, &sa_conf); + tx_sa_id[i][1] = MCS_INVALID_SA; + if (opts->rekey_en) { + /* Creating SA with same sa_conf for now. */ + tx_sa_id[i][1] = rte_security_macsec_sa_create(ctx, &sa_conf); + } + fill_macsec_sc_conf(td[i], &sc_conf, + RTE_SECURITY_MACSEC_DIR_TX, tx_sa_id[i], tci_off); + tx_sc_id[i] = rte_security_macsec_sc_create(ctx, &sc_conf); + + /* Create Inline IPsec session. */ + ret = fill_session_conf(td[i], port_id, opts, &sess_conf, + RTE_SECURITY_MACSEC_DIR_TX, tx_sc_id[i], tci_off); + if (ret) + return TEST_FAILED; + + tx_sess[i] = rte_security_session_create(ctx, &sess_conf, + sess_pool, sess_priv_pool); + if (tx_sess[i] == NULL) { + printf("SEC Session init failed.\n"); + return TEST_FAILED; + } + ret = create_default_flow(td[i], port_id, + RTE_SECURITY_MACSEC_DIR_TX, tx_sess[i]); + if (ret) + goto out; + + tx_pkts_burst[i]->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD; + } + } + + /* Send packet to ethdev for inline MACsec processing. */ + nb_sent = rte_eth_tx_burst(port_id, 0, tx_pkts_burst, opts->nb_td); + + if (nb_sent != opts->nb_td) { + printf("\nUnable to TX %d packets, sent: %i", opts->nb_td, nb_sent); + for ( ; nb_sent < opts->nb_td; nb_sent++) + rte_pktmbuf_free(tx_pkts_burst[nb_sent]); + ret = TEST_FAILED; + goto out; + } + + rte_pause(); + + /* Receive back packet on loopback interface. */ + do { + rte_delay_ms(1); + nb_rx += rte_eth_rx_burst(port_id, 0, + &rx_pkts_burst[nb_rx], + nb_sent - nb_rx); + if (nb_rx >= nb_sent) + break; + } while (j++ < 5 || nb_rx == 0); + + if (nb_rx != nb_sent) { + printf("\nUnable to RX all %d packets, received(%i)", + nb_sent, nb_rx); + while (--nb_rx >= 0) + rte_pktmbuf_free(rx_pkts_burst[nb_rx]); + ret = TEST_FAILED; + goto out; + } + + for (i = 0; i < nb_rx; i++) { + rte_pktmbuf_adj(rx_pkts_burst[i], RTE_ETHER_HDR_LEN); + + ret = test_macsec_post_process(rx_pkts_burst[i], td[i], op); + if (ret != TEST_SUCCESS) { + for ( ; i < nb_rx; i++) + rte_pktmbuf_free(rx_pkts_burst[i]); + goto out; + } + + rte_pktmbuf_free(rx_pkts_burst[i]); + rx_pkts_burst[i] = NULL; + } + +out: + destroy_default_flow(port_id); + + /* Destroy session so that other cases can create the session again */ + for (i = 0; i < opts->nb_td; i++) { + if (op == MCS_ENCAP || op == MCS_ENCAP_DECAP || + op == MCS_AUTH_ONLY || op == MCS_AUTH_VERIFY) { + rte_security_session_destroy(ctx, tx_sess[i]); + tx_sess[i] = NULL; + rte_security_macsec_sc_destroy(ctx, tx_sc_id[i]); + for (j = 0; j < 2; j++) + rte_security_macsec_sa_destroy(ctx, tx_sa_id[i][j]); + } + if (op == MCS_DECAP || op == MCS_ENCAP_DECAP || + op == MCS_VERIFY_ONLY || op == MCS_AUTH_VERIFY) { + rte_security_session_destroy(ctx, rx_sess[i]); + rx_sess[i] = NULL; + rte_security_macsec_sc_destroy(ctx, rx_sc_id[i]); + for (j = 0; j < RTE_SECURITY_MACSEC_NUM_AN; j++) + rte_security_macsec_sa_destroy(ctx, rx_sa_id[i][j]); + } + + } + + return ret; +} + +static int +test_inline_macsec_encap_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_cipher_vectors) / sizeof((list_mcs_cipher_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_cipher_vectors[i]; + err = test_macsec(&cur_td, MCS_ENCAP, &opts); + if (err) { + printf("\nCipher Auth Encryption case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nCipher Auth Encryption case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +ut_setup_inline_macsec(void) +{ + int ret; + + /* Start device */ + ret = rte_eth_dev_start(port_id); + if (ret < 0) { + printf("rte_eth_dev_start: err=%d, port=%d\n", + ret, port_id); + return ret; + } + /* always enable promiscuous */ + ret = rte_eth_promiscuous_enable(port_id); + if (ret != 0) { + printf("rte_eth_promiscuous_enable: err=%s, port=%d\n", + rte_strerror(-ret), port_id); + return ret; + } + + check_all_ports_link_status(1, RTE_PORT_ALL); + + return 0; +} + +static void +ut_teardown_inline_macsec(void) +{ + uint16_t portid; + int ret; + + /* port tear down */ + RTE_ETH_FOREACH_DEV(portid) { + ret = rte_eth_dev_stop(portid); + if (ret != 0) + printf("rte_eth_dev_stop: err=%s, port=%u\n", + rte_strerror(-ret), portid); + + } +} + +static int +inline_macsec_testsuite_setup(void) +{ + uint16_t nb_rxd; + uint16_t nb_txd; + uint16_t nb_ports; + int ret; + uint16_t nb_rx_queue = 1, nb_tx_queue = 1; + + printf("Start inline IPsec test.\n"); + + nb_ports = rte_eth_dev_count_avail(); + if (nb_ports < NB_ETHPORTS_USED) { + printf("At least %u port(s) used for test\n", + NB_ETHPORTS_USED); + return TEST_SKIPPED; + } + + ret = init_mempools(NB_MBUF); + if (ret) + return ret; + + if (tx_pkts_burst == NULL) { + tx_pkts_burst = (struct rte_mbuf **)rte_calloc("tx_buff", + MAX_TRAFFIC_BURST, + sizeof(void *), + RTE_CACHE_LINE_SIZE); + if (!tx_pkts_burst) + return TEST_FAILED; + + rx_pkts_burst = (struct rte_mbuf **)rte_calloc("rx_buff", + MAX_TRAFFIC_BURST, + sizeof(void *), + RTE_CACHE_LINE_SIZE); + if (!rx_pkts_burst) + return TEST_FAILED; + } + + printf("Generate %d packets\n", MAX_TRAFFIC_BURST); + + nb_rxd = RTE_TEST_RX_DESC_DEFAULT; + nb_txd = RTE_TEST_TX_DESC_DEFAULT; + + /* configuring port 0 for the test is enough */ + port_id = 0; + /* port configure */ + ret = rte_eth_dev_configure(port_id, nb_rx_queue, + nb_tx_queue, &port_conf); + if (ret < 0) { + printf("Cannot configure device: err=%d, port=%d\n", + ret, port_id); + return ret; + } + ret = rte_eth_macaddr_get(port_id, &ports_eth_addr[port_id]); + if (ret < 0) { + printf("Cannot get mac address: err=%d, port=%d\n", + ret, port_id); + return ret; + } + printf("Port %u ", port_id); + print_ethaddr("Address:", &ports_eth_addr[port_id]); + printf("\n"); + + /* tx queue setup */ + ret = rte_eth_tx_queue_setup(port_id, 0, nb_txd, + SOCKET_ID_ANY, &tx_conf); + if (ret < 0) { + printf("rte_eth_tx_queue_setup: err=%d, port=%d\n", + ret, port_id); + return ret; + } + /* rx queue steup */ + ret = rte_eth_rx_queue_setup(port_id, 0, nb_rxd, SOCKET_ID_ANY, + &rx_conf, mbufpool); + if (ret < 0) { + printf("rte_eth_rx_queue_setup: err=%d, port=%d\n", + ret, port_id); + return ret; + } + + return 0; +} + +static void +inline_macsec_testsuite_teardown(void) +{ + uint16_t portid; + int ret; + + /* port tear down */ + RTE_ETH_FOREACH_DEV(portid) { + ret = rte_eth_dev_reset(portid); + if (ret != 0) + printf("rte_eth_dev_reset: err=%s, port=%u\n", + rte_strerror(-ret), port_id); + } + rte_free(tx_pkts_burst); + rte_free(rx_pkts_burst); +} + + +static struct unit_test_suite inline_macsec_testsuite = { + .suite_name = "Inline MACsec Ethernet Device Unit Test Suite", + .unit_test_cases = { + TEST_CASE_NAMED_ST( + "MACsec encap(Cipher+Auth) known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_encap_all), + + TEST_CASES_END() /**< NULL terminate unit test array */ + }, +}; +static int +test_inline_macsec(void) +{ + inline_macsec_testsuite.setup = inline_macsec_testsuite_setup; + inline_macsec_testsuite.teardown = inline_macsec_testsuite_teardown; + return unit_test_suite_runner(&inline_macsec_testsuite); +} + +#endif /* !RTE_EXEC_ENV_WINDOWS */ + +REGISTER_TEST_COMMAND(inline_macsec_autotest, test_inline_macsec); diff --git a/app/test/test_security_inline_macsec_vectors.h b/app/test/test_security_inline_macsec_vectors.h new file mode 100644 index 0000000000..c7cbc79e3b --- /dev/null +++ b/app/test/test_security_inline_macsec_vectors.h @@ -0,0 +1,2318 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2022 Marvell. + */ +#ifndef _TEST_INLINE_MACSEC_VECTORS_H_ +#define _TEST_INLINE_MACSEC_VECTORS_H_ + +#define MCS_MAX_DATA_SZ 256 +#define MCS_MAX_KEY_LEN 32 +#define MCS_IV_LEN 12 +#define MCS_SALT_LEN 12 + +enum mcs_op { + MCS_NO_OP, + MCS_ENCAP, + MCS_DECAP, + MCS_ENCAP_DECAP, + MCS_AUTH_ONLY, + MCS_VERIFY_ONLY, + MCS_AUTH_VERIFY, +}; + +struct mcs_test_vector { + uint32_t test_idx; + enum rte_security_macsec_alg alg; + uint32_t ssci; + uint32_t xpn; + uint8_t salt[MCS_SALT_LEN]; + struct { + uint8_t data[MCS_MAX_KEY_LEN]; + uint16_t len; + } sa_key; + struct { + uint8_t data[MCS_MAX_KEY_LEN]; + uint16_t len; + } hash_key; + struct { + uint8_t data[MCS_MAX_DATA_SZ]; + uint16_t len; + } plain_pkt; + struct { + uint8_t data[MCS_MAX_DATA_SZ]; + uint16_t len; + } secure_pkt; +}; + +static const struct mcs_test_vector list_mcs_cipher_vectors[] = { +/* gcm_128_64B_cipher */ +{ + .test_idx = 0, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0x0, + .salt = {0}, + .sa_key = { + .data = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82 + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xE4, 0xE0, 0x17, 0x25, 0xD7, 0x24, 0xC1, 0x21, + 0x5C, 0x73, 0x09, 0xAD, 0x34, 0x53, 0x92, 0x57, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x40, 0x41, 0x42, + 0x43, 0x44, 0x45, 0x46, + }, + .len = 64, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2C, + /* SL */ + 0x0, + /* PN */ + 0x0, 0x0, 0x0, 0x2, + /* SCI */ + 0xFE, 0x2F, 0xCD, 0x14, 0x24, 0x1B, 0x88, 0x2C, + /* Secure Data */ + 0x39, 0x38, 0x97, 0x44, 0xA2, 0x6D, 0x71, 0x3D, + 0x14, 0x27, 0xC7, 0x3E, 0x02, 0x96, 0x81, 0xAD, + 0x47, 0x82, 0x2A, 0xCF, 0x19, 0x79, 0x12, 0x49, + 0x0F, 0x93, 0x5A, 0x32, 0x43, 0x79, 0xEF, 0x9D, + 0x70, 0xF8, 0xA9, 0xBE, 0x3D, 0x00, 0x5D, 0x22, + 0xDA, 0x87, 0x3D, 0xC1, 0xBE, 0x1B, 0x13, 0xD9, + 0x99, 0xDB, 0xF1, 0xC8, + /* ICV */ + 0x4B, 0xC4, 0xF8, 0xC6, 0x09, 0x78, 0xB9, 0xBB, + 0x5D, 0xC0, 0x04, 0xF3, 0x20, 0x7D, 0x14, 0x87, + }, + .len = 96, + }, +}, +/* gcm_128_54B_cipher */ +{ + .test_idx = 1, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0x0, + .xpn = 0, + .salt = {0}, + .sa_key = { + .data = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xE4, 0xE0, 0x17, 0x25, 0xD7, 0x24, 0xC1, 0x21, + 0x5C, 0x73, 0x09, 0xAD, 0x34, 0x53, 0x92, 0x57, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04, + }, + .len = 54, + }, + + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4C, + /* SL */ + 0x2A, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* Secure Data */ + 0x13, 0xB4, 0xC7, 0x2B, 0x38, 0x9D, 0xC5, 0x01, + 0x8E, 0x72, 0xA1, 0x71, 0xDD, 0x85, 0xA5, 0xD3, + 0x75, 0x22, 0x74, 0xD3, 0xA0, 0x19, 0xFB, 0xCA, + 0xED, 0x09, 0xA4, 0x25, 0xCD, 0x9B, 0x2E, 0x1C, + 0x9B, 0x72, 0xEE, 0xE7, 0xC9, 0xDE, 0x7D, 0x52, + 0xB3, 0xF3, + /* ICV */ + 0xD6, 0xA5, 0x28, 0x4F, 0x4A, 0x6D, 0x3F, 0xE2, + 0x2A, 0x5D, 0x6C, 0x2B, 0x96, 0x04, 0x94, 0xC3, + }, + .len = 78, + }, +}, +/* gcm_256_54B_cipher */ +{ + .test_idx = 2, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0x0, + .xpn = 0, + .salt = {0}, + .sa_key = { + .data = { + 0x69, 0x1D, 0x3E, 0xE9, 0x09, 0xD7, 0xF5, 0x41, + 0x67, 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x08, + 0x1F, 0x2B, 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, + 0xAB, 0x80, 0xBD, 0x52, 0x95, 0xAE, 0x6B, 0xE7, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x1E, 0x69, 0x3C, 0x48, 0x4A, 0xB8, 0x94, 0xB2, + 0x66, 0x69, 0xBC, 0x12, 0xE6, 0xD5, 0xD7, 0x76, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4C, + /* SL */ + 0x2A, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* Secure Data */ + 0xC1, 0x62, 0x3F, 0x55, 0x73, 0x0C, 0x93, 0x53, + 0x30, 0x97, 0xAD, 0xDA, 0xD2, 0x56, 0x64, 0x96, + 0x61, 0x25, 0x35, 0x2B, 0x43, 0xAD, 0xAC, 0xBD, + 0x61, 0xC5, 0xEF, 0x3A, 0xC9, 0x0B, 0x5B, 0xEE, + 0x92, 0x9C, 0xE4, 0x63, 0x0E, 0xA7, 0x9F, 0x6C, + 0xE5, 0x19, + /* ICV */ + 0x12, 0xAF, 0x39, 0xC2, 0xD1, 0xFD, 0xC2, 0x05, + 0x1F, 0x8B, 0x7B, 0x3C, 0x9D, 0x39, 0x7E, 0xF2, + }, + .len = 78, + }, +}, +/* gcm_128_xpn_54B_cipher */ +{ + .test_idx = 3, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, + 0x86, 0xA2, 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xE4, 0xE0, 0x17, 0x25, 0xD7, 0x24, 0xC1, 0x21, + 0x5C, 0x73, 0x09, 0xAD, 0x34, 0x53, 0x92, 0x57, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4C, + /* SL */ + 0x2A, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* Secure Data */ + 0x9C, 0xA4, 0x69, 0x84, 0x43, 0x02, 0x03, 0xED, + 0x41, 0x6E, 0xBD, 0xC2, 0xFE, 0x26, 0x22, 0xBA, + 0x3E, 0x5E, 0xAB, 0x69, 0x61, 0xC3, 0x63, 0x83, + 0x00, 0x9E, 0x18, 0x7E, 0x9B, 0x0C, 0x88, 0x56, + 0x46, 0x53, 0xB9, 0xAB, 0xD2, 0x16, 0x44, 0x1C, + 0x6A, 0xB6, + /* ICV */ + 0xF0, 0xA2, 0x32, 0xE9, 0xE4, 0x4C, 0x97, 0x8C, + 0xF7, 0xCD, 0x84, 0xD4, 0x34, 0x84, 0xD1, 0x01, + }, + .len = 78, + }, +}, +/* gcm_256_xpn_54B_cipher */ +{ + .test_idx = 4, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, + 0x86, 0xA2, 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x69, 0x1D, 0x3E, 0xE9, 0x09, 0xD7, 0xF5, 0x41, + 0x67, 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x08, + 0x1F, 0x2B, 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, + 0xAB, 0x80, 0xBD, 0x52, 0x95, 0xAE, 0x6B, 0xE7, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x1E, 0x69, 0x3C, 0x48, 0x4A, 0xB8, 0x94, 0xB2, + 0x66, 0x69, 0xBC, 0x12, 0xE6, 0xD5, 0xD7, 0x76, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4C, + /* SL */ + 0x2A, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* Secure Data */ + 0x88, 0xD9, 0xF7, 0xD1, 0xF1, 0x57, 0x8E, 0xE3, + 0x4B, 0xA7, 0xB1, 0xAB, 0xC8, 0x98, 0x93, 0xEF, + 0x1D, 0x33, 0x98, 0xC9, 0xF1, 0xDD, 0x3E, 0x47, + 0xFB, 0xD8, 0x55, 0x3E, 0x0F, 0xF7, 0x86, 0xEF, + 0x56, 0x99, 0xEB, 0x01, 0xEA, 0x10, 0x42, 0x0D, + 0x0E, 0xBD, + /* ICV */ + 0x39, 0xA0, 0xE2, 0x73, 0xC4, 0xC7, 0xF9, 0x5E, + 0xD8, 0x43, 0x20, 0x7D, 0x7A, 0x49, 0x7D, 0xFA, + }, + .len = 78, + }, +}, +/* gcm_128_60B_cipher */ +{ + .test_idx = 5, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0x0, + .xpn = 0x0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, + 0x6F, 0x62, 0x0F, 0xDC, 0xB5, 0x06, 0xB3, 0x45, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0x73, 0xA2, 0x3D, 0x80, 0x12, 0x1D, 0xE2, 0xD5, + 0xA8, 0x50, 0x25, 0x3F, 0xCF, 0x43, 0x12, 0x0E, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x02, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2E, + /* SL */ + 0x00, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x70, 0x1A, 0xFA, 0x1C, 0xC0, 0x39, 0xC0, 0xD7, + 0x65, 0x12, 0x8A, 0x66, 0x5D, 0xAB, 0x69, 0x24, + 0x38, 0x99, 0xBF, 0x73, 0x18, 0xCC, 0xDC, 0x81, + 0xC9, 0x93, 0x1D, 0xA1, 0x7F, 0xBE, 0x8E, 0xDD, + 0x7D, 0x17, 0xCB, 0x8B, 0x4C, 0x26, 0xFC, 0x81, + 0xE3, 0x28, 0x4F, 0x2B, 0x7F, 0xBA, 0x71, 0x3D, + /* ICV */ + 0x4F, 0x8D, 0x55, 0xE7, 0xD3, 0xF0, 0x6F, 0xD5, + 0xA1, 0x3C, 0x0C, 0x29, 0xB9, 0xD5, 0xB8, 0x80, + }, + .len = 92, + }, +}, +/* gcm_256_60B_cipher */ +{ + .test_idx = 6, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0x0, + .xpn = 0x0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0xE3, 0xC0, 0x8A, 0x8F, 0x06, 0xC6, 0xE3, 0xAD, + 0x95, 0xA7, 0x05, 0x57, 0xB2, 0x3F, 0x75, 0x48, + 0x3C, 0xE3, 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, + 0x25, 0x66, 0x62, 0x04, 0xC6, 0x9C, 0x0B, 0x72, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x28, 0x6D, 0x73, 0x99, 0x4E, 0xA0, 0xBA, 0x3C, + 0xFD, 0x1F, 0x52, 0xBF, 0x06, 0xA8, 0xAC, 0xF2, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x02, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2E, + /* SL */ + 0x00, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0xE2, 0x00, 0x6E, 0xB4, 0x2F, 0x52, 0x77, 0x02, + 0x2D, 0x9B, 0x19, 0x92, 0x5B, 0xC4, 0x19, 0xD7, + 0xA5, 0x92, 0x66, 0x6C, 0x92, 0x5F, 0xE2, 0xEF, + 0x71, 0x8E, 0xB4, 0xE3, 0x08, 0xEF, 0xEA, 0xA7, + 0xC5, 0x27, 0x3B, 0x39, 0x41, 0x18, 0x86, 0x0A, + 0x5B, 0xE2, 0xA9, 0x7F, 0x56, 0xAB, 0x78, 0x36, + /* ICV */ + 0x5C, 0xA5, 0x97, 0xCD, 0xBB, 0x3E, 0xDB, 0x8D, + 0x1A, 0x11, 0x51, 0xEA, 0x0A, 0xF7, 0xB4, 0x36, + }, + .len = 92, + }, +}, +/* gcm_128_xpn_60B_cipher */ +{ + .test_idx = 7, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, + 0x86, 0xA2, 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, + 0x6F, 0x62, 0x0F, 0xDC, 0xB5, 0x06, 0xB3, 0x45, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0x73, 0xA2, 0x3D, 0x80, 0x12, 0x1D, 0xE2, 0xD5, + 0xA8, 0x50, 0x25, 0x3F, 0xCF, 0x43, 0x12, 0x0E, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x02, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2E, + /* SL */ + 0x00, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x07, 0x12, 0xD9, 0x80, 0xCA, 0x50, 0xBB, 0xED, + 0x35, 0xA0, 0xFA, 0x56, 0x63, 0x38, 0x72, 0x9F, + 0xFA, 0x16, 0xD1, 0x9F, 0xFC, 0xF0, 0x7B, 0x3A, + 0x1E, 0x79, 0x19, 0xB3, 0x77, 0x6A, 0xAC, 0xEC, + 0x8A, 0x59, 0x37, 0x20, 0x8B, 0x48, 0x3A, 0x76, + 0x91, 0x98, 0x4D, 0x38, 0x07, 0x92, 0xE0, 0x7F, + /* ICV */ + 0xC2, 0xC3, 0xC7, 0x9F, 0x26, 0x3F, 0xA6, 0xBF, + 0xF8, 0xE7, 0x58, 0x1E, 0x2C, 0xE4, 0x5A, 0xF8, + }, + .len = 92, + }, +}, +/* gcm_256_xpn_60B_cipher */ +{ + .test_idx = 8, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, + 0x86, 0xA2, 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0xE3, 0xC0, 0x8A, 0x8F, 0x06, 0xC6, 0xE3, 0xAD, + 0x95, 0xA7, 0x05, 0x57, 0xB2, 0x3F, 0x75, 0x48, + 0x3C, 0xE3, 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, + 0x25, 0x66, 0x62, 0x04, 0xC6, 0x9C, 0x0B, 0x72, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x28, 0x6D, 0x73, 0x99, 0x4E, 0xA0, 0xBA, 0x3C, + 0xFD, 0x1F, 0x52, 0xBF, 0x06, 0xA8, 0xAC, 0xF2, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x02, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2E, + /* SL */ + 0x00, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x3E, 0xB0, 0x4A, 0x4B, 0xBF, 0x54, 0xC6, 0xEB, + 0x12, 0x22, 0xA9, 0xAE, 0xA0, 0x0C, 0x38, 0x68, + 0x7F, 0x6C, 0x35, 0x20, 0xD9, 0x76, 0xA3, 0xB6, + 0x94, 0x80, 0x06, 0x50, 0xCE, 0x65, 0x85, 0xE6, + 0x20, 0xA4, 0x19, 0x19, 0x17, 0xD2, 0xA6, 0x05, + 0xD8, 0x70, 0xC7, 0x8D, 0x27, 0x52, 0xCE, 0x49, + /* ICV */ + 0x3B, 0x44, 0x2A, 0xC0, 0xC8, 0x16, 0xD7, 0xAB, + 0xD7, 0x0A, 0xD6, 0x5C, 0x25, 0xD4, 0x64, 0x13, + }, + .len = 92, + }, +}, +/* gcm_128_61B_cipher */ +{ + .test_idx = 9, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0x0, + .xpn = 0x0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x01, 0x3F, 0xE0, 0x0B, 0x5F, 0x11, 0xBE, 0x7F, + 0x86, 0x6D, 0x0C, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xEB, 0x28, 0xDC, 0xB3, 0x61, 0xEE, 0x11, 0x10, + 0xF9, 0x8C, 0xA0, 0xC9, 0xA0, 0x7C, 0x88, 0xF7, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x00, + 0x06, + }, + .len = 61, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2F, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x3A, 0x4D, 0xE6, 0xFA, 0x32, 0x19, 0x10, 0x14, + 0xDB, 0xB3, 0x03, 0xD9, 0x2E, 0xE3, 0xA9, 0xE8, + 0xA1, 0xB5, 0x99, 0xC1, 0x4D, 0x22, 0xFB, 0x08, + 0x00, 0x96, 0xE1, 0x38, 0x11, 0x81, 0x6A, 0x3C, + 0x9C, 0x9B, 0xCF, 0x7C, 0x1B, 0x9B, 0x96, 0xDA, + 0x80, 0x92, 0x04, 0xE2, 0x9D, 0x0E, 0x2A, 0x76, + 0x42, + /* ICV */ + 0xBF, 0xD3, 0x10, 0xA4, 0x83, 0x7C, 0x81, 0x6C, + 0xCF, 0xA5, 0xAC, 0x23, 0xAB, 0x00, 0x39, 0x88, + }, + .len = 93, + }, +}, +/* gcm_256_61B_cipher */ +{ + .test_idx = 10, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0x0, + .xpn = 0x0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, + 0xC0, 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, + 0x9A, 0xC1, 0xC8, 0x0F, 0xEE, 0x1B, 0x62, 0x44, + 0x97, 0xEF, 0x94, 0x2E, 0x2F, 0x79, 0xA8, 0x23, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0xD0, 0x3D, 0x3B, 0x51, 0xFD, 0xF2, 0xAA, 0xCB, + 0x3A, 0x16, 0x5D, 0x7D, 0xC3, 0x62, 0xD9, 0x29, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x00, + 0x06, + }, + .len = 61, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2F, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x11, 0x02, 0x22, 0xFF, 0x80, 0x50, 0xCB, 0xEC, + 0xE6, 0x6A, 0x81, 0x3A, 0xD0, 0x9A, 0x73, 0xED, + 0x7A, 0x9A, 0x08, 0x9C, 0x10, 0x6B, 0x95, 0x93, + 0x89, 0x16, 0x8E, 0xD6, 0xE8, 0x69, 0x8E, 0xA9, + 0x02, 0xEB, 0x12, 0x77, 0xDB, 0xEC, 0x2E, 0x68, + 0xE4, 0x73, 0x15, 0x5A, 0x15, 0xA7, 0xDA, 0xEE, + 0xD4, + /* ICV */ + 0xA1, 0x0F, 0x4E, 0x05, 0x13, 0x9C, 0x23, 0xDF, + 0x00, 0xB3, 0xAA, 0xDC, 0x71, 0xF0, 0x59, 0x6A, + }, + .len = 93, + }, +}, +/* gcm_128_xpn_61B_cipher */ +{ + .test_idx = 11, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, + 0x86, 0xA2, 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x01, 0x3F, 0xE0, 0x0B, 0x5F, 0x11, 0xBE, 0x7F, + 0x86, 0x6D, 0x0C, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xEB, 0x28, 0xDC, 0xB3, 0x61, 0xEE, 0x11, 0x10, + 0xF9, 0x8C, 0xA0, 0xC9, 0xA0, 0x7C, 0x88, 0xF7, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x00, + 0x06, + }, + .len = 61, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2F, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x14, 0xC1, 0x76, 0x93, 0xBC, 0x82, 0x97, 0xEE, + 0x6C, 0x47, 0xC5, 0x65, 0xCB, 0xE0, 0x67, 0x9E, + 0x80, 0xF0, 0x0F, 0xCA, 0xF5, 0x92, 0xC9, 0xAA, + 0x04, 0x73, 0x92, 0x8E, 0x7F, 0x2F, 0x21, 0x6F, + 0xF5, 0xA0, 0x33, 0xDE, 0xC7, 0x51, 0x3F, 0x45, + 0xD3, 0x4C, 0xBB, 0x98, 0x1C, 0x5B, 0xD6, 0x4E, + 0x8B, + /* ICV */ + 0xD8, 0x4B, 0x8E, 0x2A, 0x78, 0xE7, 0x4D, 0xAF, + 0xEA, 0xA0, 0x38, 0x46, 0xFE, 0x93, 0x0C, 0x0E, + }, + .len = 93, + }, +}, +/* gcm_256_xpn_61B_cipher */ +{ + .test_idx = 12, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, + 0x86, 0xA2, 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, + 0xC0, 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, + 0x9A, 0xC1, 0xC8, 0x0F, 0xEE, 0x1B, 0x62, 0x44, + 0x97, 0xEF, 0x94, 0x2E, 0x2F, 0x79, 0xA8, 0x23, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0xD0, 0x3D, 0x3B, 0x51, 0xFD, 0xF2, 0xAA, 0xCB, + 0x3A, 0x16, 0x5D, 0x7D, 0xC3, 0x62, 0xD9, 0x29, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x00, + 0x06, + }, + .len = 61, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x2F, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x09, 0x96, 0xE0, 0xC9, 0xA5, 0x57, 0x74, 0xE0, + 0xA7, 0x92, 0x30, 0x4E, 0x7D, 0xC1, 0x50, 0xBD, + 0x67, 0xFD, 0x74, 0x7D, 0xD1, 0xB9, 0x41, 0x95, + 0x94, 0xBF, 0x37, 0x3D, 0x4A, 0xCE, 0x8F, 0x87, + 0xF5, 0xC1, 0x34, 0x9A, 0xFA, 0xC4, 0x91, 0xAA, + 0x0A, 0x40, 0xD3, 0x19, 0x90, 0x87, 0xB2, 0x9F, + 0xDF, + /* ICV */ + 0x80, 0x2F, 0x05, 0x0E, 0x69, 0x1F, 0x11, 0xA2, + 0xD9, 0xB3, 0x58, 0xF6, 0x99, 0x41, 0x84, 0xF5, + }, + .len = 93, + }, +}, +/* gcm_128_75B_cipher */ +{ + .test_idx = 13, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x88, 0xEE, 0x08, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, + 0xF6, 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xAE, 0x19, 0x11, 0x8C, 0x3B, 0x70, 0x4F, 0xCE, + 0x42, 0xAE, 0x0D, 0x15, 0xD2, 0xC1, 0x5C, 0x7A, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08, + }, + .len = 75, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4D, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0xC3, 0x1F, 0x53, 0xD9, 0x9E, 0x56, 0x87, 0xF7, + 0x36, 0x51, 0x19, 0xB8, 0x32, 0xD2, 0xAA, 0xE7, + 0x07, 0x41, 0xD5, 0x93, 0xF1, 0xF9, 0xE2, 0xAB, + 0x34, 0x55, 0x77, 0x9B, 0x07, 0x8E, 0xB8, 0xFE, + 0xAC, 0xDF, 0xEC, 0x1F, 0x8E, 0x3E, 0x52, 0x77, + 0xF8, 0x18, 0x0B, 0x43, 0x36, 0x1F, 0x65, 0x12, + 0xAD, 0xB1, 0x6D, 0x2E, 0x38, 0x54, 0x8A, 0x2C, + 0x71, 0x9D, 0xBA, 0x72, 0x28, 0xD8, 0x40, + /* ICV */ + 0x88, 0xF8, 0x75, 0x7A, 0xDB, 0x8A, 0xA7, 0x88, + 0xD8, 0xF6, 0x5A, 0xD6, 0x68, 0xBE, 0x70, 0xE7, + }, + .len = 99, + }, +}, +/* gcm_256_75B_cipher */ +{ + .test_idx = 14, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, + 0x74, 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, + 0x1F, 0xCE, 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, + 0x1A, 0x2C, 0xAA, 0x0F, 0xFE, 0x04, 0x07, 0xE5, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x9A, 0x5E, 0x55, 0x9A, 0x96, 0x45, 0x9C, 0x21, + 0xE4, 0x3C, 0x0D, 0xFF, 0x0F, 0xA4, 0x26, 0xF3, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08, + }, + .len = 75, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4D, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0xBA, 0x8A, 0xE3, 0x1B, 0xC5, 0x06, 0x48, 0x6D, + 0x68, 0x73, 0xE4, 0xFC, 0xE4, 0x60, 0xE7, 0xDC, + 0x57, 0x59, 0x1F, 0xF0, 0x06, 0x11, 0xF3, 0x1C, + 0x38, 0x34, 0xFE, 0x1C, 0x04, 0xAD, 0x80, 0xB6, + 0x68, 0x03, 0xAF, 0xCF, 0x5B, 0x27, 0xE6, 0x33, + 0x3F, 0xA6, 0x7C, 0x99, 0xDA, 0x47, 0xC2, 0xF0, + 0xCE, 0xD6, 0x8D, 0x53, 0x1B, 0xD7, 0x41, 0xA9, + 0x43, 0xCF, 0xF7, 0xA6, 0x71, 0x3B, 0xD0, + /* ICV */ + 0x26, 0x11, 0xCD, 0x7D, 0xAA, 0x01, 0xD6, 0x1C, + 0x5C, 0x88, 0x6D, 0xC1, 0xA8, 0x17, 0x01, 0x07, + }, + .len = 99, + }, +}, +/* gcm_128_xpn_75B_cipher */ +{ + .test_idx = 15, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x88, 0xEE, 0x08, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, + 0xF6, 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xAE, 0x19, 0x11, 0x8C, 0x3B, 0x70, 0x4F, 0xCE, + 0x42, 0xAE, 0x0D, 0x15, 0xD2, 0xC1, 0x5C, 0x7A, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08, + }, + .len = 75, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4D, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0xEA, 0xEC, 0xC6, 0xAF, 0x65, 0x12, 0xFC, 0x8B, + 0x6C, 0x8C, 0x43, 0xBC, 0x55, 0xB1, 0x90, 0xB2, + 0x62, 0x6D, 0x07, 0xD3, 0xD2, 0x18, 0xFA, 0xF5, + 0xDA, 0xA7, 0xD8, 0xF8, 0x00, 0xA5, 0x73, 0x31, + 0xEB, 0x43, 0xB5, 0xA1, 0x7A, 0x37, 0xE5, 0xB1, + 0xD6, 0x0D, 0x27, 0x5C, 0xCA, 0xF7, 0xAC, 0xD7, + 0x04, 0xCC, 0x9A, 0xCE, 0x2B, 0xF8, 0xBC, 0x8B, + 0x9B, 0x23, 0xB9, 0xAD, 0xF0, 0x2F, 0x87, + /* ICV */ + 0x34, 0x6B, 0x96, 0xD1, 0x13, 0x6A, 0x75, 0x4D, + 0xF0, 0xA6, 0xCD, 0xE1, 0x26, 0xC1, 0x07, 0xF8, + }, + .len = 99, + }, +}, +/* gcm_256_xpn_75B_cipher */ +{ + .test_idx = 16, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, + 0x74, 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, + 0x1F, 0xCE, 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, + 0x1A, 0x2C, 0xAA, 0x0F, 0xFE, 0x04, 0x07, 0xE5, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x9A, 0x5E, 0x55, 0x9A, 0x96, 0x45, 0x9C, 0x21, + 0xE4, 0x3C, 0x0D, 0xFF, 0x0F, 0xA4, 0x26, 0xF3, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08, + }, + .len = 75, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4D, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0xB0, 0xFE, 0xA3, 0x63, 0x18, 0xB9, 0xB3, 0x64, + 0x66, 0xC4, 0x6E, 0x9E, 0x1B, 0xDA, 0x1A, 0x26, + 0x68, 0x58, 0x19, 0x6E, 0x7E, 0x70, 0xD8, 0x82, + 0xAE, 0x70, 0x47, 0x56, 0x68, 0xCD, 0xE4, 0xEC, + 0x88, 0x3F, 0x6A, 0xC2, 0x36, 0x9F, 0x28, 0x4B, + 0xED, 0x1F, 0xE3, 0x2F, 0x42, 0x09, 0x2F, 0xDF, + 0xF5, 0x86, 0x8A, 0x3C, 0x64, 0xE5, 0x61, 0x51, + 0x92, 0xA7, 0xA3, 0x76, 0x0B, 0x34, 0xBC, + /* ICV */ + 0x85, 0x69, 0x2C, 0xD8, 0x15, 0xB6, 0x64, 0x71, + 0x1A, 0xEF, 0x91, 0x1D, 0xF7, 0x8D, 0x7F, 0x46, + }, + .len = 99, + }, +}, +}; + +static const struct mcs_test_vector list_mcs_integrity_vectors[] = { +/* gcm_128_54B_integrity */ +{ + .test_idx = 1, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, + 0x6F, 0x62, 0x0F, 0xDC, 0xB5, 0x06, 0xB3, 0x45, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0x73, 0xA2, 0x3D, 0x80, 0x12, 0x1D, 0xE2, 0xD5, + 0xA8, 0x50, 0x25, 0x3F, 0xCF, 0x43, 0x12, 0x0E, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x22, + /* SL */ + 0x2A, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + /* ICV */ + 0xF0, 0x94, 0x78, 0xA9, 0xB0, 0x90, 0x07, 0xD0, + 0x6F, 0x46, 0xE9, 0xB6, 0xA1, 0xDA, 0x25, 0xDD, + }, + .len = 86, + }, +}, +/* gcm_256_54B_integrity */ +{ + .test_idx = 2, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0xE3, 0xC0, 0x8A, 0x8F, 0x06, 0xC6, 0xE3, 0xAD, + 0x95, 0xA7, 0x05, 0x57, 0xB2, 0x3F, 0x75, 0x48, + 0x3C, 0xE3, 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, + 0x25, 0x66, 0x62, 0x04, 0xC6, 0x9C, 0x0B, 0x72, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x28, 0x6D, 0x73, 0x99, 0x4E, 0xA0, 0xBA, 0x3C, + 0xFD, 0x1F, 0x52, 0xBF, 0x06, 0xA8, 0xAC, 0xF2, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x22, + /* SL */ + 0x2A, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + /* ICV */ + 0x2F, 0x0B, 0xC5, 0xAF, 0x40, 0x9E, 0x06, 0xD6, + 0x09, 0xEA, 0x8B, 0x7D, 0x0F, 0xA5, 0xEA, 0x50, + }, + .len = 86, + }, +}, +/* gcm_128_xpn_54B_integrity */ +{ + .test_idx = 3, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, + 0x6F, 0x62, 0x0F, 0xDC, 0xB5, 0x06, 0xB3, 0x45, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0x73, 0xA2, 0x3D, 0x80, 0x12, 0x1D, 0xE2, 0xD5, + 0xA8, 0x50, 0x25, 0x3F, 0xCF, 0x43, 0x12, 0x0E, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x22, + /* SL */ + 0x2A, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + /* ICV */ + 0x17, 0xFE, 0x19, 0x81, 0xEB, 0xDD, 0x4A, 0xFC, + 0x50, 0x62, 0x69, 0x7E, 0x8B, 0xAA, 0x0C, 0x23, + }, + .len = 86, + }, +}, +/* gcm_256_xpn_54B_integrity */ +{ + .test_idx = 4, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0xE3, 0xC0, 0x8A, 0x8F, 0x06, 0xC6, 0xE3, 0xAD, + 0x95, 0xA7, 0x05, 0x57, 0xB2, 0x3F, 0x75, 0x48, + 0x3C, 0xE3, 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, + 0x25, 0x66, 0x62, 0x04, 0xC6, 0x9C, 0x0B, 0x72, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x28, 0x6D, 0x73, 0x99, 0x4E, 0xA0, 0xBA, 0x3C, + 0xFD, 0x1F, 0x52, 0xBF, 0x06, 0xA8, 0xAC, 0xF2, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + }, + .len = 54, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, + /* MAC SA */ + 0x7A, 0x0D, 0x46, 0xDF, 0x99, 0x8D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x22, + /* SL */ + 0x2A, + /* PN */ + 0xB2, 0xC2, 0x84, 0x65, + /* SCI */ + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x01, + /* ICV */ + 0x4D, 0xBD, 0x2F, 0x6A, 0x75, 0x4A, 0x6C, 0xF7, + 0x28, 0xCC, 0x12, 0x9B, 0xA6, 0x93, 0x15, 0x77, + }, + .len = 86, + }, +}, +/* gcm_128_60B_integrity */ +{ + .test_idx = 5, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xE4, 0xE0, 0x17, 0x25, 0xD7, 0x24, 0xC1, 0x21, + 0x5C, 0x73, 0x09, 0xAD, 0x34, 0x53, 0x92, 0x57, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x40, + /* SL */ + 0x00, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + /* ICV */ + 0x0C, 0x01, 0x7B, 0xC7, 0x3B, 0x22, 0x7D, 0xFC, + 0xC9, 0xBA, 0xFA, 0x1C, 0x41, 0xAC, 0xC3, 0x53, + }, + .len = 84, + }, +}, +/* gcm_256_60B_integrity */ +{ + .test_idx = 6, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x69, 0x1D, 0x3E, 0xE9, 0x09, 0xD7, 0xF5, 0x41, + 0x67, 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x08, + 0x1F, 0x2B, 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, + 0xAB, 0x80, 0xBD, 0x52, 0x95, 0xAE, 0x6B, 0xE7, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x1E, 0x69, 0x3C, 0x48, 0x4A, 0xB8, 0x94, 0xB2, + 0x66, 0x69, 0xBC, 0x12, 0xE6, 0xD5, 0xD7, 0x76, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x40, + /* SL */ + 0x00, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + /* ICV */ + 0x35, 0x21, 0x7C, 0x77, 0x4B, 0xBC, 0x31, 0xB6, + 0x31, 0x66, 0xBC, 0xF9, 0xD4, 0xAB, 0xED, 0x07, + }, + .len = 84, + }, +}, +/* gcm_128_xpn_60B_integrity */ +{ + .test_idx = 7, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xE4, 0xE0, 0x17, 0x25, 0xD7, 0x24, 0xC1, 0x21, + 0x5C, 0x73, 0x09, 0xAD, 0x34, 0x53, 0x92, 0x57, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x40, + /* SL */ + 0x00, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + /* ICV */ + 0xAB, 0xC4, 0x06, 0x85, 0xA3, 0xCF, 0x91, 0x1D, + 0x37, 0x87, 0xE4, 0x9D, 0xB6, 0xA7, 0x26, 0x5E, + }, + .len = 84, + }, +}, +/* gcm_256_xpn_60B_integrity */ +{ + .test_idx = 8, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x69, 0x1D, 0x3E, 0xE9, 0x09, 0xD7, 0xF5, 0x41, + 0x67, 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x08, + 0x1F, 0x2B, 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, + 0xAB, 0x80, 0xBD, 0x52, 0x95, 0xAE, 0x6B, 0xE7, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x1E, 0x69, 0x3C, 0x48, 0x4A, 0xB8, 0x94, 0xB2, + 0x66, 0x69, 0xBC, 0x12, 0xE6, 0xD5, 0xD7, 0x76, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + }, + .len = 60, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, + /* MAC SA */ + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x40, + /* SL */ + 0x00, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x03, + /* ICV */ + 0xAC, 0x21, 0x95, 0x7B, 0x83, 0x12, 0xAB, 0x3C, + 0x99, 0xAB, 0x46, 0x84, 0x98, 0x79, 0xC3, 0xF3, + }, + .len = 84, + }, +}, +/* gcm_128_65B_integrity */ +{ + .test_idx = 9, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x01, 0x3F, 0xE0, 0x0B, 0x5F, 0x11, 0xBE, 0x7F, + 0x86, 0x6D, 0x0C, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xEB, 0x28, 0xDC, 0xB3, 0x61, 0xEE, 0x11, 0x10, + 0xF9, 0x8C, 0xA0, 0xC9, 0xA0, 0x7C, 0x88, 0xF7, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + }, + .len = 65, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x23, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + /* ICV */ + 0x21, 0x78, 0x67, 0xE5, 0x0C, 0x2D, 0xAD, 0x74, + 0xC2, 0x8C, 0x3B, 0x50, 0xAB, 0xDF, 0x69, 0x5A, + }, + .len = 97, + }, +}, +/* gcm_256_65B_integrity */ +{ + .test_idx = 10, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, + 0xC0, 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, + 0x9A, 0xC1, 0xC8, 0x0F, 0xEE, 0x1B, 0x62, 0x44, + 0x97, 0xEF, 0x94, 0x2E, 0x2F, 0x79, 0xA8, 0x23, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0xD0, 0x3D, 0x3B, 0x51, 0xFD, 0xF2, 0xAA, 0xCB, + 0x3A, 0x16, 0x5D, 0x7D, 0xC3, 0x62, 0xD9, 0x29, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + }, + .len = 65, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x23, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + /* ICV */ + 0x6E, 0xE1, 0x60, 0xE8, 0xFA, 0xEC, 0xA4, 0xB3, + 0x6C, 0x86, 0xB2, 0x34, 0x92, 0x0C, 0xA9, 0x75, + }, + .len = 97, + }, +}, +/* gcm_128_xpn_65B_integrity */ +{ + .test_idx = 11, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x01, 0x3F, 0xE0, 0x0B, 0x5F, 0x11, 0xBE, 0x7F, + 0x86, 0x6D, 0x0C, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xEB, 0x28, 0xDC, 0xB3, 0x61, 0xEE, 0x11, 0x10, + 0xF9, 0x8C, 0xA0, 0xC9, 0xA0, 0x7C, 0x88, 0xF7, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + }, + .len = 65, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x23, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + /* ICV */ + 0x67, 0x85, 0x59, 0xB7, 0xE5, 0x2D, 0xB0, 0x06, + 0x82, 0xE3, 0xB8, 0x30, 0x34, 0xCE, 0xBE, 0x59, + }, + .len = 97, + }, +}, +/* gcm_256_xpn_65B_integrity */ +{ + .test_idx = 12, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .hash_key = { + .data = { + 0xD0, 0x3D, 0x3B, 0x51, 0xFD, 0xF2, 0xAA, 0xCB, + 0x3A, 0x16, 0x5D, 0x7D, 0xC3, 0x62, 0xD9, 0x29, + }, + .len = 16, + }, + .sa_key = { + .data = { + 0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, + 0xC0, 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, + 0x9A, 0xC1, 0xC8, 0x0F, 0xEE, 0x1B, 0x62, 0x44, + 0x97, 0xEF, 0x94, 0x2E, 0x2F, 0x79, 0xA8, 0x23, + }, + .len = 32, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + }, + .len = 65, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, + /* MAC SA */ + 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x23, + /* SL */ + 0x00, + /* PN */ + 0x89, 0x32, 0xD6, 0x12, + /* SCI */ + 0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6, + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x00, 0x05, + /* ICV */ + 0x84, 0xBA, 0xC8, 0xE5, 0x3D, 0x1E, 0xA3, 0x55, + 0xA5, 0xC7, 0xD3, 0x34, 0x84, 0x0A, 0xE9, 0x62, + }, + .len = 97, + }, +}, +/* gcm_128_79B_integrity */ +{ + .test_idx = 13, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x88, 0xEE, 0x08, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, + 0xF6, 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xAE, 0x19, 0x11, 0x8C, 0x3B, 0x70, 0x4F, 0xCE, + 0x42, 0xAE, 0x0D, 0x15, 0xD2, 0xC1, 0x5C, 0x7A, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + }, + .len = 79, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x41, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + /* ICV */ + 0x07, 0x92, 0x2B, 0x8E, 0xBC, 0xF1, 0x0B, 0xB2, + 0x29, 0x75, 0x88, 0xCA, 0x4C, 0x61, 0x45, 0x23, + }, + .len = 103, + }, +}, +/* gcm_256_79B_integrity */ +{ + .test_idx = 14, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_256, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, + 0x74, 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, + 0x1F, 0xCE, 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, + 0x1A, 0x2C, 0xAA, 0x0F, 0xFE, 0x04, 0x07, 0xE5, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x9A, 0x5E, 0x55, 0x9A, 0x96, 0x45, 0x9C, 0x21, + 0xE4, 0x3C, 0x0D, 0xFF, 0x0F, 0xA4, 0x26, 0xF3, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + }, + .len = 79, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x41, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + /* ICV */ + 0x00, 0xBD, 0xA1, 0xB7, 0xE8, 0x76, 0x08, 0xBC, + 0xBF, 0x47, 0x0F, 0x12, 0x15, 0x7F, 0x4C, 0x07, + }, + .len = 103, + }, +}, +/* gcm_128_xpn_79B_integrity */ +{ + .test_idx = 15, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_128, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x88, 0xEE, 0x08, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, + 0xF6, 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, + }, + .len = 16, + }, + .hash_key = { + .data = { + 0xAE, 0x19, 0x11, 0x8C, 0x3B, 0x70, 0x4F, 0xCE, + 0x42, 0xAE, 0x0D, 0x15, 0xD2, 0xC1, 0x5C, 0x7A, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + }, + .len = 79, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x41, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + /* ICV */ + 0xD0, 0xDC, 0x89, 0x6D, 0xC8, 0x37, 0x98, 0xA7, + 0x9F, 0x3C, 0x5A, 0x95, 0xBA, 0x3C, 0xDF, 0x9A, + }, + .len = 103, + }, +}, +/* gcm_256_xpn_79B_integrity */ +{ + .test_idx = 16, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_XPN_256, + .ssci = 0x7A30C118, + .xpn = 0xB0DF459C, /* Most significant 32 bits */ + .salt = { + 0xE6, 0x30, 0xE8, 0x1A, 0x48, 0xDE, 0x86, 0xA2, + 0x1C, 0x66, 0xFA, 0x6D, + }, + .sa_key = { + .data = { + 0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, + 0x74, 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, + 0x1F, 0xCE, 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, + 0x1A, 0x2C, 0xAA, 0x0F, 0xFE, 0x04, 0x07, 0xE5, + }, + .len = 32, + }, + .hash_key = { + .data = { + 0x9A, 0x5E, 0x55, 0x9A, 0x96, 0x45, 0x9C, 0x21, + 0xE4, 0x3C, 0x0D, 0xFF, 0x0F, 0xA4, 0x26, 0xF3, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* User Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + }, + .len = 79, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, + /* MAC SA */ + 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x41, + /* SL */ + 0x00, + /* PN */ + 0x2E, 0x58, 0x49, 0x5C, + /* SCI */ + /* Secure Data */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, + 0x4D, 0x00, 0x07, + /* ICV */ + 0x04, 0x24, 0x9A, 0x20, 0x8A, 0x65, 0xB9, 0x6B, + 0x3F, 0x32, 0x63, 0x00, 0x4C, 0xFD, 0x86, 0x7D, + }, + .len = 103, + }, +}, +}; + + + + +#endif From patchwork Wed Sep 28 12:45:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 117054 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6A157A00C4; Wed, 28 Sep 2022 14:46:10 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9BF954284D; Wed, 28 Sep 2022 14:45:58 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 06335427F1 for ; Wed, 28 Sep 2022 14:45:54 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA52oG027391; Wed, 28 Sep 2022 05:45:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=sW6msXZUkoYHZOE4QBouWd+LiyL+FWfQz3/0ArMmU8Q=; b=UbCF3aJQ/xBOeEIPkYET+0bKNfUM+CWX7kcc4gCMVFO53J1mVBNYNv8NbHQZ++aNB4NW +BQSini/dEEOJ39My4Ea0DcCrYla/gzPIsUzVkZ+OB4IHGkfeTicNAD8ZO7OutrCdXuS CJ1oSjenFyrpLvpOELnCnQ2+TKJs8uAYiDMFhqaJjZrWA+X/ktuneUVcEK7lTCRO0Q/K SEtIElFVTjZs8sL/XH7xVHuEhkvk4Ko2fgVdOlb9BQVAv3Zi+bIeuRaJFQCexuC3C0cG 0SUF2DW1rL6h/IlGAFJRAEShPJY3RPz+ssPlqHKbZjHOElPNNu5Wc+3Pc3VLgGeLwBV2 2w== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3jt1dpegds-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:45:53 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 28 Sep 2022 05:45:50 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Wed, 28 Sep 2022 05:45:50 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 9639D3F7053; Wed, 28 Sep 2022 05:45:45 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH 5/5] test/security: add more MACsec cases Date: Wed, 28 Sep 2022 18:15:16 +0530 Message-ID: <20220928124516.93050-6-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220928124516.93050-1-gakhil@marvell.com> References: <20220928122253.23108-4-gakhil@marvell.com> <20220928124516.93050-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: 4rinAjfujuLtnTq9dE_Egkqq_xjMbsLk X-Proofpoint-GUID: 4rinAjfujuLtnTq9dE_Egkqq_xjMbsLk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_05,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added more cases related to decap and auth + cipher. Signed-off-by: Akhil Goyal --- app/test/test_security_inline_macsec.c | 305 +++++++++++++++++ .../test_security_inline_macsec_vectors.h | 321 ++++++++++++++++++ 2 files changed, 626 insertions(+) diff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c index dec7cb20df..6d19a9377d 100644 --- a/app/test/test_security_inline_macsec.c +++ b/app/test/test_security_inline_macsec.c @@ -655,6 +655,283 @@ test_inline_macsec_encap_all(const void *data __rte_unused) return all_err; } +static int +test_inline_macsec_decap_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_cipher_vectors) / sizeof((list_mcs_cipher_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_cipher_vectors[i]; + err = test_macsec(&cur_td, MCS_DECAP, &opts); + if (err) { + printf("\nCipher Auth Decryption case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nCipher Auth Decryption case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_auth_only_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_integrity_vectors) / sizeof((list_mcs_integrity_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_integrity_vectors[i]; + err = test_macsec(&cur_td, MCS_AUTH_ONLY, &opts); + if (err) { + printf("\nAuth Generate case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nAuth Generate case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_verify_only_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_integrity_vectors) / sizeof((list_mcs_integrity_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_integrity_vectors[i]; + err = test_macsec(&cur_td, MCS_VERIFY_ONLY, &opts); + if (err) { + printf("\nAuth Verify case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nAuth Verify case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_encap_decap_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_cipher_vectors) / sizeof((list_mcs_cipher_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_cipher_vectors[i]; + err = test_macsec(&cur_td, MCS_ENCAP_DECAP, &opts); + if (err) { + printf("\nCipher Auth Encap-decap case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nCipher Auth Encap-decap case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + + +static int +test_inline_macsec_auth_verify_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_integrity_vectors) / sizeof((list_mcs_integrity_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_integrity_vectors[i]; + err = test_macsec(&cur_td, MCS_AUTH_VERIFY, &opts); + if (err) { + printf("\nAuth Generate + Verify case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nAuth Generate + Verify case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_multi_flow(const void *data __rte_unused) +{ + const struct mcs_test_vector *tv[MCS_MAX_FLOWS]; + struct mcs_test_vector iter[MCS_MAX_FLOWS]; + struct mcs_test_opts opts = {0}; + int i, err; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = MCS_MAX_FLOWS; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + for (i = 0; i < MCS_MAX_FLOWS; i++) { + memcpy(&iter[i].sa_key.data, sa_key, MCS_MULTI_FLOW_TD_KEY_SZ); + memcpy(&iter[i].plain_pkt.data, eth_addrs[i], 2 * RTE_ETHER_ADDR_LEN); + memcpy(&iter[i].plain_pkt.data[2 * RTE_ETHER_ADDR_LEN], plain_user_data, + MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ); + memcpy(&iter[i].secure_pkt.data, eth_addrs[i], 2 * RTE_ETHER_ADDR_LEN); + memcpy(&iter[i].secure_pkt.data[2 * RTE_ETHER_ADDR_LEN], secure_user_data, + MCS_MULTI_FLOW_TD_SECURE_DATA_SZ); + iter[i].sa_key.len = MCS_MULTI_FLOW_TD_KEY_SZ; + iter[i].hash_key.len = MCS_MULTI_FLOW_TD_KEY_SZ; + iter[i].plain_pkt.len = MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ + + (2 * RTE_ETHER_ADDR_LEN); + iter[i].secure_pkt.len = MCS_MULTI_FLOW_TD_SECURE_DATA_SZ + + (2 * RTE_ETHER_ADDR_LEN); + iter[i].alg = RTE_SECURITY_MACSEC_ALG_GCM_128; + iter[i].ssci = 0x0; + iter[i].xpn = 0x0; + tv[i] = (const struct mcs_test_vector *)&iter[i]; + } + err = test_macsec(tv, MCS_ENCAP_DECAP, &opts); + if (err) { + printf("\nCipher Auth Encryption multi flow failed"); + err = -1; + } else { + printf("\nCipher Auth Encryption multi flow Passed"); + err = 0; + } + return err; +} + +static int +test_inline_macsec_with_vlan(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_vlan_vectors) / sizeof((list_mcs_vlan_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_vlan_vectors[i]; + if (i == 0) { + opts.sectag_insert_mode = 1; + } else if (i == 1) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 1; + } else if (i == 2) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 2; + } + err = test_macsec(&cur_td, MCS_ENCAP, &opts); + if (err) { + printf("\n VLAN Encap case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\n VLAN Encap case %d passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + for (i = 0; i < size; i++) { + cur_td = &list_mcs_vlan_vectors[i]; + if (i == 0) { + opts.sectag_insert_mode = 1; + } else if (i == 1) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 1; + } else if (i == 2) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 2; + } + err = test_macsec(&cur_td, MCS_DECAP, &opts); + if (err) { + printf("\n VLAN Decap case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\n VLAN Decap case %d passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + + printf("\n%s: Success: %d, Failure: %d\n", __func__, (2 * size) + all_err, -all_err); + return all_err; +} + static int ut_setup_inline_macsec(void) { @@ -804,6 +1081,34 @@ static struct unit_test_suite inline_macsec_testsuite = { "MACsec encap(Cipher+Auth) known vector", ut_setup_inline_macsec, ut_teardown_inline_macsec, test_inline_macsec_encap_all), + TEST_CASE_NAMED_ST( + "MACsec decap(De-cipher+verify) known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_decap_all), + TEST_CASE_NAMED_ST( + "MACsec auth only known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_auth_only_all), + TEST_CASE_NAMED_ST( + "MACsec verify only known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_verify_only_all), + TEST_CASE_NAMED_ST( + "MACsec encap + decap known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_encap_decap_all), + TEST_CASE_NAMED_ST( + "MACsec auth + verify known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_auth_verify_all), + TEST_CASE_NAMED_ST( + "MACsec Encap + decap Multi flow", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_multi_flow), + TEST_CASE_NAMED_ST( + "MACsec Encap and decap with VLAN", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_with_vlan), TEST_CASES_END() /**< NULL terminate unit test array */ }, diff --git a/app/test/test_security_inline_macsec_vectors.h b/app/test/test_security_inline_macsec_vectors.h index c7cbc79e3b..36a5631aff 100644 --- a/app/test/test_security_inline_macsec_vectors.h +++ b/app/test/test_security_inline_macsec_vectors.h @@ -2312,7 +2312,328 @@ static const struct mcs_test_vector list_mcs_integrity_vectors[] = { }, }; +#define MCS_MULTI_FLOW_TD_KEY_SZ 16 +#define MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ 42 +#define MCS_MULTI_FLOW_TD_SECURE_DATA_SZ 66 +#define MCS_MULTI_FLOW_TD_KEY_SZ 16 +#define MCS_MAX_FLOWS 63 +uint8_t sa_key[MCS_MULTI_FLOW_TD_KEY_SZ] = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82, +}; +uint8_t eth_addrs[MCS_MAX_FLOWS][2 * RTE_ETHER_ADDR_LEN] = { + {0xE2, 0x00, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x02, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x03, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x04, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x05, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x06, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x07, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x08, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x09, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0F, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x10, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x11, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x12, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x13, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x14, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x15, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x16, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x17, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x18, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x19, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1F, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x20, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x21, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x22, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x23, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x24, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x25, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x26, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x27, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x28, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x29, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2F, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x30, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x31, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x32, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x33, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x34, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x35, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x36, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x37, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x38, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x39, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, +}; + +uint8_t plain_user_data[MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ] = { + /* User Data with Ethertype */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04, +}; + +uint8_t secure_user_data[MCS_MULTI_FLOW_TD_SECURE_DATA_SZ] = { + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4C, + /* SL */ + 0x2A, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* Secure Data */ + 0x13, 0xB4, 0xC7, 0x2B, 0x38, 0x9D, 0xC5, 0x01, + 0x8E, 0x72, 0xA1, 0x71, 0xDD, 0x85, 0xA5, 0xD3, + 0x75, 0x22, 0x74, 0xD3, 0xA0, 0x19, 0xFB, 0xCA, + 0xED, 0x09, 0xA4, 0x25, 0xCD, 0x9B, 0x2E, 0x1C, + 0x9B, 0x72, 0xEE, 0xE7, 0xC9, 0xDE, 0x7D, 0x52, + 0xB3, 0xF3, + /* ICV */ + 0xD6, 0xA5, 0x28, 0x4F, 0x4A, 0x6D, 0x3F, 0xE2, + 0x2A, 0x5D, 0x6C, 0x2B, 0x96, 0x04, 0x94, 0xC3, +}; + +static const struct mcs_test_vector list_mcs_vlan_vectors[] = { +/* No clear tag, VLAN after macsec header */ +{ + .test_idx = 1, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* User Data with VLAN Tag */ + 0x81, 0x00, 0x00, 0x02, 0x08, 0x00, 0x45, 0x00, + 0x00, 0x54, 0xF2, 0xFA, 0x40, 0x00, 0x40, 0x01, + 0xF7, 0x83, 0x14, 0x14, 0x14, 0x02, 0x14, 0x14, + 0x14, 0x01, 0x08, 0x00, 0xE9, 0xC5, 0x02, 0xAF, + 0x00, 0x01, 0xCB, 0x51, 0x6D, 0x38, 0x00, 0x00, + 0x00, 0x00, 0x13, 0x2D, 0x01, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, + 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, + 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, + 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, + 0x36, 0x37, + }, + .len = 102, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x20, + /* SL */ + 0x00, + /* PN */ + 0x00, 0x00, 0x00, 0x06, + /* SCI */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, 0x00, 0x01, + /* Secure Data */ + 0x81, 0x00, 0x00, 0x02, 0x08, 0x00, 0x45, 0x00, + 0x00, 0x54, 0xF2, 0xFA, 0x40, 0x00, 0x40, 0x01, + 0xF7, 0x83, 0x14, 0x14, 0x14, 0x02, 0x14, 0x14, + 0x14, 0x01, 0x08, 0x00, 0xE9, 0xC5, 0x02, 0xAF, + 0x00, 0x01, 0xCB, 0x51, 0x6D, 0x38, 0x00, 0x00, + 0x00, 0x00, 0x13, 0x2D, 0x01, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, + 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, + 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, + 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, + 0x36, 0x37, + /* ICV */ + 0x21, 0x68, 0xF1, 0x21, 0x19, 0xB7, 0xDF, 0x73, + 0x6F, 0x2A, 0x11, 0xEA, 0x8A, 0xBC, 0x8A, 0x79, + }, + .len = 134, + }, +}, +/* 1 vlan tag followed by MACsec */ +{ + .test_idx = 2, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* User Data */ + 0x81, 0x00, 0x00, 0x02, + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x88, 0x71, + 0x40, 0x00, 0x40, 0x01, 0x62, 0x0D, 0x14, 0x14, + 0x14, 0x02, 0x14, 0x14, 0x14, 0x01, 0x08, 0x00, + 0x77, 0xA6, 0x02, 0xB3, 0x00, 0x01, 0xBE, 0x52, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x8C, 0x47, + 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, + .len = 102, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* VLAN Tag before MACsec */ + 0x81, 0x00, 0x00, 0x02, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x20, + /* SL */ + 0x00, + /* PN */ + 0x00, 0x00, 0x00, 0x07, + /* SCI */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, 0x00, 0x01, + /* Secure Data */ + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x88, 0x71, + 0x40, 0x00, 0x40, 0x01, 0x62, 0x0D, 0x14, 0x14, + 0x14, 0x02, 0x14, 0x14, 0x14, 0x01, 0x08, 0x00, + 0x77, 0xA6, 0x02, 0xB3, 0x00, 0x01, 0xBE, 0x52, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x8C, 0x47, + 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + /* ICV */ + 0xF1, 0xC0, 0xA2, 0x6E, 0x99, 0xE5, 0xAB, 0x97, + 0x78, 0x79, 0x7D, 0x13, 0x35, 0x5E, 0x39, 0x4F, + }, + .len = 134, + }, +}, +/* 2 vlan tag followed by MACsec */ +{ + .test_idx = 3, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* User Data */ + 0x88, 0xA8, 0x00, 0x04, 0x81, 0x00, 0x00, 0x02, + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x70, 0x5B, + 0x40, 0x00, 0x40, 0x01, 0x29, 0xF9, 0x28, 0x28, + 0x28, 0x04, 0x28, 0x28, 0x28, 0x01, 0x08, 0x00, + 0x08, 0x02, 0x02, 0xE2, 0x00, 0x01, 0x60, 0x58, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x5C, 0xB7, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, + .len = 106, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* VLAN Tags before MACsec */ + 0x88, 0xA8, 0x00, 0x04, + 0x81, 0x00, 0x00, 0x02, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x20, + /* SL */ + 0x00, + /* PN */ + 0x00, 0x00, 0x00, 0x0E, + /* SCI */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, 0x00, 0x01, + /* Secure Data */ + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x70, 0x5B, + 0x40, 0x00, 0x40, 0x01, 0x29, 0xF9, 0x28, 0x28, + 0x28, 0x04, 0x28, 0x28, 0x28, 0x01, 0x08, 0x00, + 0x08, 0x02, 0x02, 0xE2, 0x00, 0x01, 0x60, 0x58, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x5C, 0xB7, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + /* ICV */ + 0xCC, 0x38, 0x21, 0x3A, 0xEE, 0x5F, 0xE3, 0x7F, + 0xA1, 0xBA, 0xBD, 0xBD, 0x65, 0x5B, 0xB3, 0xE5, + }, + .len = 138, + }, +}, +}; #endif