[v2,11/17] net/cnxk: add PMD APIs for IPsec SA base and flush

Message ID 20241001060055.3747591-11-ndabilpuram@marvell.com (mailing list archive)
State Accepted
Delegated to: Jerin Jacob
Headers
Series [v2,01/17] net/cnxk: added telemetry support do dump SA information |

Checks

Context Check Description
ci/checkpatch warning coding style issues

Commit Message

Nithin Dabilpuram Oct. 1, 2024, 6 a.m. UTC
From: Srujana Challa <schalla@marvell.com>

Introduces new PMD APIs for Inline IPsec, including hardware SA
flush and obtaining the base address for the inline device sa table.
This allows applications to directly manage IPsec SAs.
This patch also updates the rte_pmd_cnxk_hw_sa_read|write() API's to
get use portid instead of device pointer as input.

Signed-off-by: Srujana Challa <schalla@marvell.com>
---
 drivers/common/cnxk/roc_nix_inl.c  |  9 +++++
 drivers/net/cnxk/cnxk_ethdev_sec.c | 64 ++++++++++++++++++++----------
 drivers/net/cnxk/rte_pmd_cnxk.h    | 48 +++++++++++++++++++---
 drivers/net/cnxk/version.map       |  2 +
 4 files changed, 97 insertions(+), 26 deletions(-)
  

Patch

diff --git a/drivers/common/cnxk/roc_nix_inl.c b/drivers/common/cnxk/roc_nix_inl.c
index d0328921a7..23ffd4391a 100644
--- a/drivers/common/cnxk/roc_nix_inl.c
+++ b/drivers/common/cnxk/roc_nix_inl.c
@@ -1685,6 +1685,7 @@  roc_nix_inl_sa_sync(struct roc_nix *roc_nix, void *sa, bool inb,
 	struct roc_cpt_lf *outb_lf = NULL;
 	union cpt_lf_ctx_reload reload;
 	union cpt_lf_ctx_flush flush;
+	union cpt_lf_ctx_err err;
 	bool get_inl_lf = true;
 	uintptr_t rbase;
 	struct nix *nix;
@@ -1726,6 +1727,14 @@  roc_nix_inl_sa_sync(struct roc_nix *roc_nix, void *sa, bool inb,
 		case ROC_NIX_INL_SA_OP_FLUSH:
 			flush.s.cptr = ((uintptr_t)sa) >> 7;
 			plt_write64(flush.u, rbase + CPT_LF_CTX_FLUSH);
+			plt_atomic_thread_fence(__ATOMIC_ACQ_REL);
+			/* Read a CSR to ensure that the FLUSH operation is complete */
+			err.u = plt_read64(rbase + CPT_LF_CTX_ERR);
+
+			if (err.s.flush_st_flt) {
+				plt_warn("CTX flush could not complete");
+				return -EIO;
+			}
 			break;
 		case ROC_NIX_INL_SA_OP_RELOAD:
 			reload.s.cptr = ((uintptr_t)sa) >> 7;
diff --git a/drivers/net/cnxk/cnxk_ethdev_sec.c b/drivers/net/cnxk/cnxk_ethdev_sec.c
index cdd5656817..ec129b6584 100644
--- a/drivers/net/cnxk/cnxk_ethdev_sec.c
+++ b/drivers/net/cnxk/cnxk_ethdev_sec.c
@@ -297,47 +297,71 @@  cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev,
 	return NULL;
 }
 
+union rte_pmd_cnxk_ipsec_hw_sa *
+rte_pmd_cnxk_hw_session_base_get(uint16_t portid, bool inb)
+{
+	struct rte_eth_dev *eth_dev = &rte_eth_devices[portid];
+	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+	uintptr_t sa_base;
+
+	if (inb)
+		sa_base = roc_nix_inl_inb_sa_base_get(&dev->nix, dev->inb.inl_dev);
+	else
+		sa_base = roc_nix_inl_outb_sa_base_get(&dev->nix);
+
+	return (union rte_pmd_cnxk_ipsec_hw_sa *)sa_base;
+}
+
+int
+rte_pmd_cnxk_sa_flush(uint16_t portid, union rte_pmd_cnxk_ipsec_hw_sa *sess, bool inb)
+{
+	struct rte_eth_dev *eth_dev = &rte_eth_devices[portid];
+	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+
+	return roc_nix_inl_sa_sync(&dev->nix, sess, inb, ROC_NIX_INL_SA_OP_FLUSH);
+}
+
 int
-rte_pmd_cnxk_hw_sa_read(void *device, void *__sess, union rte_pmd_cnxk_ipsec_hw_sa *data,
-			uint32_t len)
+rte_pmd_cnxk_hw_sa_read(uint16_t portid, void *sess, union rte_pmd_cnxk_ipsec_hw_sa *data,
+			uint32_t len, bool inb)
 {
-	struct rte_security_session *sess = __sess;
-	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
+	struct rte_eth_dev *eth_dev = &rte_eth_devices[portid];
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
 	struct cnxk_eth_sec_sess *eth_sec;
+	void *sa;
 	int rc;
 
 	eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
-	if (eth_sec == NULL)
-		return -EINVAL;
+	if (eth_sec)
+		sa = eth_sec->sa;
+	else
+		sa = sess;
 
-	rc = roc_nix_inl_sa_sync(&dev->nix, eth_sec->sa, eth_sec->inb, ROC_NIX_INL_SA_OP_FLUSH);
+	rc = roc_nix_inl_sa_sync(&dev->nix, sa, inb, ROC_NIX_INL_SA_OP_FLUSH);
 	if (rc)
 		return -EINVAL;
-	rte_delay_ms(1);
-	memcpy(data, eth_sec->sa, len);
+
+	memcpy(data, sa, len);
 
 	return 0;
 }
 
 int
-rte_pmd_cnxk_hw_sa_write(void *device, void *__sess, union rte_pmd_cnxk_ipsec_hw_sa *data,
-			 uint32_t len)
+rte_pmd_cnxk_hw_sa_write(uint16_t portid, void *sess, union rte_pmd_cnxk_ipsec_hw_sa *data,
+			 uint32_t len, bool inb)
 {
-	struct rte_security_session *sess = __sess;
-	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
+	struct rte_eth_dev *eth_dev = &rte_eth_devices[portid];
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
 	struct cnxk_eth_sec_sess *eth_sec;
-	int rc = -EINVAL;
+	void *sa;
 
 	eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
-	if (eth_sec == NULL)
-		return rc;
-	rc = roc_nix_inl_ctx_write(&dev->nix, data, eth_sec->sa, eth_sec->inb, len);
-	if (rc)
-		return rc;
+	if (eth_sec)
+		sa = eth_sec->sa;
+	else
+		sa = sess;
 
-	return 0;
+	return roc_nix_inl_ctx_write(&dev->nix, data, sa, inb, len);
 }
 
 union rte_pmd_cnxk_cpt_res_s *
diff --git a/drivers/net/cnxk/rte_pmd_cnxk.h b/drivers/net/cnxk/rte_pmd_cnxk.h
index 70f2f96fd4..ecd112e881 100644
--- a/drivers/net/cnxk/rte_pmd_cnxk.h
+++ b/drivers/net/cnxk/rte_pmd_cnxk.h
@@ -492,7 +492,7 @@  union rte_pmd_cnxk_cpt_res_s {
 /**
  * Read HW SA context from session.
  *
- * @param device
+ * @param portid
  *   Port identifier of Ethernet device.
  * @param sess
  *   Handle of the security session as void *.
@@ -500,17 +500,19 @@  union rte_pmd_cnxk_cpt_res_s {
  *   Destination pointer to copy SA context for application.
  * @param len
  *   Length of SA context to copy into data parameter.
+ * @param inb
+ *   Determines the type of specified SA.
  *
  * @return
  *   0 on success, a negative errno value otherwise.
  */
 __rte_experimental
-int rte_pmd_cnxk_hw_sa_read(void *device, void *sess,
-			    union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len);
+int rte_pmd_cnxk_hw_sa_read(uint16_t portid, void *sess, union rte_pmd_cnxk_ipsec_hw_sa *data,
+			    uint32_t len, bool inb);
 /**
  * Write HW SA context to session.
  *
- * @param device
+ * @param portid
  *   Port identifier of Ethernet device.
  * @param sess
  *   Handle of the security session as void *.
@@ -518,13 +520,15 @@  int rte_pmd_cnxk_hw_sa_read(void *device, void *sess,
  *   Source data pointer from application to copy SA context into session.
  * @param len
  *   Length of SA context to copy from data parameter.
+ * @param inb
+ *   Determines the type of specified SA.
  *
  * @return
  *   0 on success, a negative errno value otherwise.
  */
 __rte_experimental
-int rte_pmd_cnxk_hw_sa_write(void *device, void *sess,
-			     union rte_pmd_cnxk_ipsec_hw_sa *data, uint32_t len);
+int rte_pmd_cnxk_hw_sa_write(uint16_t portid, void *sess, union rte_pmd_cnxk_ipsec_hw_sa *data,
+			     uint32_t len, bool inb);
 
 /**
  * Get pointer to CPT result info for inline inbound processed pkt.
@@ -542,4 +546,36 @@  int rte_pmd_cnxk_hw_sa_write(void *device, void *sess,
  */
 __rte_experimental
 union rte_pmd_cnxk_cpt_res_s *rte_pmd_cnxk_inl_ipsec_res(struct rte_mbuf *mbuf);
+
+/**
+ * Get pointer to the Inline Inbound or Outbound SA table base.
+ *
+ * @param portid
+ *   Port identifier of Ethernet device.
+ * @param inb
+ *   Determines the type of SA base to be returned.
+ *   When inb is true, the method returns the Inbound SA base.
+ *   When inb is false, the method returns the Outbound SA base.
+ *
+ * @return
+ *   Pointer to Inbound or Outbound SA base.
+ */
+__rte_experimental
+union rte_pmd_cnxk_ipsec_hw_sa *rte_pmd_cnxk_hw_session_base_get(uint16_t portid, bool inb);
+
+/**
+ * Executes a CPT flush on the specified session.
+ *
+ * @param portid
+ *   Port identifier of Ethernet device.
+ * @param sess
+ *   Handle of the session on which the CPT flush will be executed.
+ * @param inb
+ *   Determines the type of SA to be flushed, Inbound or Outbound.
+ *
+ * @return
+ *   0 upon success, a negative errno value otherwise.
+ */
+__rte_experimental
+int rte_pmd_cnxk_sa_flush(uint16_t portid, union rte_pmd_cnxk_ipsec_hw_sa *sess, bool inb);
 #endif /* _PMD_CNXK_H_ */
diff --git a/drivers/net/cnxk/version.map b/drivers/net/cnxk/version.map
index 1ad0616bdf..7e8703df5c 100644
--- a/drivers/net/cnxk/version.map
+++ b/drivers/net/cnxk/version.map
@@ -10,7 +10,9 @@  EXPERIMENTAL {
 	rte_pmd_cnxk_hw_sa_write;
 
 	# added in 23.11
+	rte_pmd_cnxk_hw_session_base_get;
 	rte_pmd_cnxk_inl_ipsec_res;
+	rte_pmd_cnxk_sa_flush;
 };
 
 INTERNAL {