diff mbox series

[RFC,v2,7/7] app/testpmd: macsec adding RX/TX SC using rte_security interface

Message ID cb4bcf69c4b7f098313d0987b30a49c281ee8d78.1571928488.git.Pavel.Belous@aquantia.com (mailing list archive)
State RFC, archived
Delegated to: akhil goyal
Headers
Series RFC: Support MACSEC offload in the RTE_SECURITY infrastructure. |

Checks

Context Check Description
ci/checkpatch warning coding style issues
ci/Intel-compilation fail Compilation issues

Commit Message

Pavel Belous Oct. 25, 2019, 5:54 p.m. UTC 
  From: Pavel Belous <Pavel.Belous@aquantia.com>

Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
 app/test-pmd/cmdline.c | 11 +++++-----
 app/test-pmd/macsec.c  | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++
 app/test-pmd/macsec.h  |  2 ++
 3 files changed, 63 insertions(+), 6 deletions(-)
diff mbox series

Patch

diff --git a/app/test-pmd/cmdline.c b/app/test-pmd/cmdline.c
index 10f48f8..a1f895c 100644
--- a/app/test-pmd/cmdline.c
+++ b/app/test-pmd/cmdline.c
@@ -14304,13 +14304,12 @@  cmd_set_macsec_sc_parsed(
 	int ret = -ENOTSUP;
 	int is_tx = (strcmp(res->tx_rx, "tx") == 0) ? 1 : 0;
 
-#ifdef RTE_LIBRTE_IXGBE_PMD
 	ret = is_tx ?
-		rte_pmd_ixgbe_macsec_config_txsc(res->port_id,
-				res->mac.addr_bytes) :
-		rte_pmd_ixgbe_macsec_config_rxsc(res->port_id,
-				res->mac.addr_bytes, res->pi);
-#endif
+		config_macsec_txsc(res->port_id,
+                                res->mac) :
+	        config_macsec_rxsc(res->port_id,
+                                res->mac, res->pi);
+
 	RTE_SET_USED(is_tx);
 
 	switch (ret) {
diff --git a/app/test-pmd/macsec.c b/app/test-pmd/macsec.c
index fc7976d..ffba467 100644
--- a/app/test-pmd/macsec.c
+++ b/app/test-pmd/macsec.c
@@ -80,3 +80,59 @@  int set_macsec_on_off(portid_t port_id, int on, int en, int rp)
 	return err;
 }
 
+int config_macsec_txsc(portid_t port_id, struct rte_ether_addr mac)
+{
+	struct rte_security_session_conf macsec_conf;
+	struct rte_security_ctx *ctx;
+	int err = 0;
+
+	ctx = rte_eth_dev_get_sec_ctx(port_id);
+
+	if (!ctx) {
+		err = -ENOTSUP;
+		goto done;
+	}
+
+	macsec_conf.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+	macsec_conf.protocol = RTE_SECURITY_PROTOCOL_MACSEC;
+
+	macsec_conf.macsec.op = RTE_SECURITY_MACSEC_OP_ADD_TXSC;
+
+	rte_memcpy(&macsec_conf.macsec.txsc_options.s_mac, mac.addr_bytes, sizeof(struct rte_ether_addr));
+	macsec_conf.macsec.txsc_options.encrypt = macsec_param.encryption_enabled;
+	macsec_conf.macsec.txsc_options.protect = 1;
+
+	err = rte_security_session_update(ctx, macsec_param.session, &macsec_conf);
+
+done:
+	return err;
+}
+
+int config_macsec_rxsc(portid_t port_id, struct rte_ether_addr mac, uint16_t pi)
+{
+	struct rte_security_session_conf macsec_conf;
+	struct rte_security_ctx *ctx;
+	int err = 0;
+
+	ctx = rte_eth_dev_get_sec_ctx(port_id);
+	if (!ctx) {
+		err = -ENOTSUP;
+		goto done;
+	}
+
+	macsec_conf.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+	macsec_conf.protocol = RTE_SECURITY_PROTOCOL_MACSEC;
+	macsec_conf.macsec.op = RTE_SECURITY_MACSEC_OP_ADD_RXSC;
+
+	rte_memcpy(&macsec_conf.macsec.txsc_options.s_mac, mac.addr_bytes, sizeof(struct rte_ether_addr));
+	macsec_conf.macsec.rxsc_options.anti_replay_window = 0;
+	macsec_conf.macsec.rxsc_options.replay_protection = macsec_param.replay_protection_enabled;
+	macsec_conf.macsec.rxsc_options.auto_rollover_enabled = true;
+	macsec_conf.macsec.rxsc_options.port_ident = pi;
+
+	err = rte_security_session_update(ctx, macsec_param.session, &macsec_conf);
+
+done:
+	return err;
+}
+
diff --git a/app/test-pmd/macsec.h b/app/test-pmd/macsec.h
index 42a534f..e155937 100644
--- a/app/test-pmd/macsec.h
+++ b/app/test-pmd/macsec.h
@@ -8,5 +8,7 @@ 
 #include "testpmd.h"
 
 int set_macsec_on_off(portid_t port_id, int on, int en, int rp);
+int config_macsec_txsc(portid_t port_id, struct rte_ether_addr mac);
+int config_macsec_rxsc(portid_t port_id, struct rte_ether_addr mac, uint16_t pi);
 
 #endif