From patchwork Wed Aug 17 19:11:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115211 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 39E57A0032; Wed, 17 Aug 2022 21:12:14 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DEE4E406A2; Wed, 17 Aug 2022 21:12:13 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id F3CF64068E for ; Wed, 17 Aug 2022 21:12:12 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27HGqmn8032513; Wed, 17 Aug 2022 12:12:11 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=r9RzLlhWSvIxFxpR+y5tpzI6DDszrMWs/oKcv5KoUko=; b=ai+30OiGm9A+MjNzg+jceoLWDBjXGxcEZyAo2tFqm/NS6G+VYL5gOovttjfrmAPdXDkE I4dpKqd8pfX3lbHELTDKZJu1ouTLUIjdugGGSNdUjQK4erwhN+MZYhQPeQ4DRiWXB/0m YSJdX3XV8Bh8nYCvg/JXPYjvqVnRMyxCdLGNCzEAefKo7UUFsDTqvbl4gUEP7wcyi0MC l/XrRjQg/WV0hRB5DkPSl+ol7ZXAT6twYkSKbjZMCD5+gA6CKJea7qzjvlmouaF4MpTM kSA3xKpLszbqFV/R4N33MNEjjEgv5Hg/ial9+CHJLry1YKHSlHmm0PFbVmhOPKGjgnHp +w== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3j0v1q2n0w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 17 Aug 2022 12:12:11 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 17 Aug 2022 12:12:09 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 17 Aug 2022 12:12:09 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 30F843F70F3; Wed, 17 Aug 2022 12:11:48 -0700 (PDT) From: Nithin Dabilpuram To: Olivier Matz CC: , , , "Nithin Dabilpuram" Subject: [PATCH v2 1/5] mbuf: clarify meta data needed for Outbound Inline Date: Thu, 18 Aug 2022 00:41:42 +0530 Message-ID: <20220817191146.30085-1-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220707072921.13448-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: EQbuwK5qk3s_41QAbCsFfFarj26eYkK9 X-Proofpoint-GUID: EQbuwK5qk3s_41QAbCsFfFarj26eYkK9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-17_13,2022-08-16_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Clarify mbuf meta data needed for Outbound Inline processing. Application needs to provide mbuf.l3_len and L3 type in mbuf.ol_flags so that like tunnel mode using mbuf.l2_len, transport mode can make use of l3_len and l3_type to determine perform proper transport mode IPsec processing. Signed-off-by: Nithin Dabilpuram --- v2: - Modified ipsec-secgw to do ether type update for outbound path. doc/guides/nics/features.rst | 2 +- lib/mbuf/rte_mbuf_core.h | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst index 7f6cb91..b4a8e98 100644 --- a/doc/guides/nics/features.rst +++ b/doc/guides/nics/features.rst @@ -431,7 +431,7 @@ protocol operations. See security library and PMD documentation for more details * **[uses] rte_eth_rxconf,rte_eth_rxmode**: ``offloads:RTE_ETH_RX_OFFLOAD_SECURITY``, * **[uses] rte_eth_txconf,rte_eth_txmode**: ``offloads:RTE_ETH_TX_OFFLOAD_SECURITY``. -* **[uses] mbuf**: ``mbuf.l2_len``. +* **[uses] mbuf**: ``mbuf.l2_len``, ``mbuf.l3_len``, ``mbuf.ol_flags``. * **[implements] rte_security_ops**: ``session_create``, ``session_update``, ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``, ``get_userdata``, ``capabilities_get``. diff --git a/lib/mbuf/rte_mbuf_core.h b/lib/mbuf/rte_mbuf_core.h index 3d6ddd6..b62a7c6 100644 --- a/lib/mbuf/rte_mbuf_core.h +++ b/lib/mbuf/rte_mbuf_core.h @@ -267,7 +267,8 @@ extern "C" { /** * Request security offload processing on the TX packet. * To use Tx security offload, the user needs to fill l2_len in mbuf - * indicating L2 header size and where L3 header starts. + * indicating L2 header size and where L3 header starts. Similarly, + * l3_len should also be filled along with ol_flags reflecting current L3 type. */ #define RTE_MBUF_F_TX_SEC_OFFLOAD (1ULL << 43) #define PKT_TX_SEC_OFFLOAD RTE_DEPRECATED(PKT_TX_SEC_OFFLOAD) \ From patchwork Wed Aug 17 19:11:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115212 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E1574A0032; Wed, 17 Aug 2022 21:12:19 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id BB524415D7; Wed, 17 Aug 2022 21:12:15 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id BE5C541181 for ; Wed, 17 Aug 2022 21:12:14 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27HI5FWP006723 for ; Wed, 17 Aug 2022 12:12:14 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=j41rwEB4PnLBYm8i7mVw3nMl2TxAX/xGaP4fUzm1S14=; b=SB43XRiJkWWnoD1+ej0uFmfugDUWJA0s62mUZejcVilUh3Zkhu9srfKVq8VAF7e3qEDj smXVtpAKo4mlA7Tg6QNAiE7wBzaAsHPq+LuDsHz1+ifsMFWRtheMe7cEo1OxeghT29Or o+caq2gHcsD27YNyZy1jRHRQ2atgdfY2a5AUrRZcbn7cZOqXt7E7Kr9lBdUpVB1uAcL4 eUVYEyayGr5ITY+plfhbonyIH5ID8XVFovV6INxuWhT4cuVy7y6n0vr4UVJcVhQe3r5+ ALu8cnc6oSEDEyfnlk7g2i358hSSKJ9ktMeOkVF+1o7DSzWJ7b//UoEFCpMWC88I5Ew6 CQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3j0v1q2n0y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Wed, 17 Aug 2022 12:12:14 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 17 Aug 2022 12:12:12 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 17 Aug 2022 12:12:12 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 79A343F70FF; Wed, 17 Aug 2022 12:11:51 -0700 (PDT) From: Nithin Dabilpuram To: Akhil Goyal CC: , , Nithin Dabilpuram Subject: [PATCH v2 2/5] security: clarify L2 header requirement for outbound inline Date: Thu, 18 Aug 2022 00:41:43 +0530 Message-ID: <20220817191146.30085-2-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220817191146.30085-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220817191146.30085-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: KHpFvNmBEwEp_EwNPP4eA5EB12R7_agw X-Proofpoint-GUID: KHpFvNmBEwEp_EwNPP4eA5EB12R7_agw X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-17_13,2022-08-16_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Clarify that for Outbound Inline IPsec processing, L2 header needs to be up to date with ether type which will be applicable post IPsec processing as the IPsec offload only touches L3 and above. Signed-off-by: Nithin Dabilpuram --- doc/guides/prog_guide/rte_security.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst index 72ca0bd..be158f6 100644 --- a/doc/guides/prog_guide/rte_security.rst +++ b/doc/guides/prog_guide/rte_security.rst @@ -146,7 +146,9 @@ adding the relevant protocol headers and encrypting the data before sending the packet out. The software should make sure that the buffer has required head room and tail room for any protocol header addition. The software may also do early fragmentation if the resultant packet is expected -to cross the MTU size. +to cross the MTU size. The software should also make sure that L2 header contents +are updated with the final L2 header which is expected post IPsec processing as +the IPsec offload will only update L3 and above in egress path. .. note:: From patchwork Wed Aug 17 19:11:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115213 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 59F83A0032; Wed, 17 Aug 2022 21:12:26 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 803DB41181; Wed, 17 Aug 2022 21:12:20 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 9DE6A4068E for ; Wed, 17 Aug 2022 21:12:18 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27HGooHZ032224 for ; Wed, 17 Aug 2022 12:12:18 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=4vDrsBbmHZ7wY3uRyP+S5uTUv9qGv2icpuU7+elJDbQ=; b=UYKDQ3D94n67GAQ08MtDHOG11YNcO9nxnLLz8OMz6SMNN589CiKjw3v1zQie09Ba/fDw 3sNr5HkuRQYENyp8gQTAobgBASKVYrmuP9acysaIDKX8aloFFyyi/3RZTK12e0ygSTgo +ohSpGV8DT8R7eO8zzOUIBT0vGGL7uNgtAGlkf0Ndwpg3gqcK78PBRm+oPuwAn9uMhIs pnVNVdDiLyig3sslWRzsje4/VeonEaTdN6RWH0PKO9lO+Jy7Dh0d6hHN2LZXzpZJ+13d 8I5ywewpEIgG9PjYRa/LJDKxrXtALJcRJwOoDW+Lx+fK5UjwhBWH/1LWSnzDjUCxl4e/ zQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3j0v1q2n1d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Wed, 17 Aug 2022 12:12:18 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 17 Aug 2022 12:12:16 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 17 Aug 2022 12:12:16 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id A83D53F7124; Wed, 17 Aug 2022 12:11:53 -0700 (PDT) From: Nithin Dabilpuram To: Nithin Dabilpuram , Kiran Kumar K , Sunil Kumar Kori , Satha Rao CC: , , Subject: [PATCH v2 3/5] net/cnxk: remove L2 header update for outbound inline pkts Date: Thu, 18 Aug 2022 00:41:44 +0530 Message-ID: <20220817191146.30085-3-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220817191146.30085-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220817191146.30085-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: jjKAx7SO-WaaZlPxkaiiBbTMeyxohgF4 X-Proofpoint-GUID: jjKAx7SO-WaaZlPxkaiiBbTMeyxohgF4 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-17_13,2022-08-16_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Remove L2 header update for outbound inline packets as application is already taking care of the same. Signed-off-by: Nithin Dabilpuram --- drivers/net/cnxk/cn10k_tx.h | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/drivers/net/cnxk/cn10k_tx.h b/drivers/net/cnxk/cn10k_tx.h index ea13866..4bd47ef 100644 --- a/drivers/net/cnxk/cn10k_tx.h +++ b/drivers/net/cnxk/cn10k_tx.h @@ -362,15 +362,6 @@ cn10k_nix_prep_sec_vec(struct rte_mbuf *m, uint64x2_t *cmd0, uint64x2_t *cmd1, dptr += l2_len; - if (sess_priv.mode == ROC_IE_SA_MODE_TUNNEL) { - if (sess_priv.outer_ip_ver == ROC_IE_SA_IP_VERSION_4) - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4); - else - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6); - } - ucode_cmd[1] = dptr; ucode_cmd[2] = dptr; @@ -490,14 +481,6 @@ cn10k_nix_prep_sec(struct rte_mbuf *m, uint64_t *cmd, uintptr_t *nixtx_addr, dptr += l2_len; - if (sess_priv.mode == ROC_IE_SA_MODE_TUNNEL) { - if (sess_priv.outer_ip_ver == ROC_IE_SA_IP_VERSION_4) - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4); - else - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6); - } ucode_cmd[1] = dptr; ucode_cmd[2] = dptr; From patchwork Wed Aug 17 19:11:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115214 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 99A98A0032; Wed, 17 Aug 2022 21:12:32 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6D8E2427EC; Wed, 17 Aug 2022 21:12:23 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 3DF66427EC for ; Wed, 17 Aug 2022 21:12:21 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27HGWH0f010849 for ; Wed, 17 Aug 2022 12:12:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=PKddEyx75atNxv2YJCYPDpXMK2XMaA0mnn7156z4kDY=; b=ej3d5VIs+GwWS166iRH2TMAOrG8723VVJ6gdPr130o3GZ8HWNLAQhFcUVBDhjVVjgBUK 2Yd5BEB8DbqBoWsVOr6p5OvIPVM93nWVzK9hyxCe3Ych8E9ngfvGtSwkut66i52TmtQ/ osYFykaWBo0xrSXAIhTdlmcrtvy/vACVrMTTOJ4+URzD6u99oSQpodWGN7P43RhH2YG5 36ZmSa1PCnpiNZFp2qPdSMLTB/VPoCqyJfAuDzGnAs/x52RcW4IJBBwv3/o3axc9EjrR eIY91AZdzT4mDcnERdofaE+qeHPykrwyoUjA33vXME6Wuos71vj6CT7hDnquIClj+0zz KQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3j0tjyaxkr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Wed, 17 Aug 2022 12:12:20 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 17 Aug 2022 12:12:18 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Wed, 17 Aug 2022 12:12:18 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 79E5D3F712F; Wed, 17 Aug 2022 12:11:56 -0700 (PDT) From: Nithin Dabilpuram To: Akhil Goyal CC: , , Nithin Dabilpuram Subject: [PATCH v2 4/5] app/test: update L2 header based on tunnel IP version Date: Thu, 18 Aug 2022 00:41:45 +0530 Message-ID: <20220817191146.30085-4-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220817191146.30085-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220817191146.30085-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: O1A9GMeyR2ZlQGr6bkymAVuUl0Pj9qKw X-Proofpoint-GUID: O1A9GMeyR2ZlQGr6bkymAVuUl0Pj9qKw X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-17_13,2022-08-16_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Update L2 header based on tunnel IP version. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal --- app/test/test_security_inline_proto.c | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index 5f26a04..b282e7d 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -418,15 +418,29 @@ copy_buf_to_pkt_segs(const uint8_t *buf, unsigned int len, rte_memcpy(seg_buf, buf + copied, (size_t) len); } +static bool +is_outer_ipv4(struct ipsec_test_data *td) +{ + bool outer_ipv4; + + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS || + td->ipsec_xform.mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) + outer_ipv4 = (((td->input_text.data[0] & 0xF0) >> 4) == IPVERSION); + else + outer_ipv4 = (td->ipsec_xform.tunnel.type == RTE_SECURITY_IPSEC_TUNNEL_IPV4); + return outer_ipv4; +} + static inline struct rte_mbuf * -init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len) +init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len, bool outer_ipv4) { struct rte_mbuf *pkt; pkt = rte_pktmbuf_alloc(mp); if (pkt == NULL) return NULL; - if (((data[0] & 0xF0) >> 4) == IPVERSION) { + + if (outer_ipv4) { rte_memcpy(rte_pktmbuf_append(pkt, RTE_ETHER_HDR_LEN), &dummy_ipv4_eth_hdr, RTE_ETHER_HDR_LEN); pkt->l3_len = sizeof(struct rte_ipv4_hdr); @@ -711,6 +725,7 @@ test_ipsec_with_reassembly(struct reassembly_vector *vector, struct rte_security_ctx *ctx; unsigned int i, nb_rx = 0, j; uint32_t ol_flags; + bool outer_ipv4; int ret = 0; burst_sz = vector->burst ? ENCAP_DECAP_BURST_SZ : 1; @@ -740,11 +755,15 @@ test_ipsec_with_reassembly(struct reassembly_vector *vector, memset(tx_pkts_burst, 0, sizeof(tx_pkts_burst[0]) * nb_tx); memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_tx); + memcpy(&sa_data, vector->sa_data, sizeof(struct ipsec_test_data)); + sa_data.ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS; + outer_ipv4 = is_outer_ipv4(&sa_data); + for (i = 0; i < nb_tx; i += vector->nb_frags) { for (j = 0; j < vector->nb_frags; j++) { tx_pkts_burst[i+j] = init_packet(mbufpool, vector->frags[j]->data, - vector->frags[j]->len); + vector->frags[j]->len, outer_ipv4); if (tx_pkts_burst[i+j] == NULL) { ret = -1; printf("\n packed init failed\n"); @@ -963,6 +982,7 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, int nb_rx = 0, nb_sent; uint32_t ol_flags; int i, j = 0, ret; + bool outer_ipv4; memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_pkts); @@ -994,9 +1014,11 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, if (ret) goto out; } + outer_ipv4 = is_outer_ipv4(td); + for (i = 0; i < nb_pkts; i++) { tx_pkts_burst[i] = init_packet(mbufpool, td->input_text.data, - td->input_text.len); + td->input_text.len, outer_ipv4); if (tx_pkts_burst[i] == NULL) { while (i--) rte_pktmbuf_free(tx_pkts_burst[i]); @@ -1194,6 +1216,7 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[], struct rte_security_session *ses; struct rte_security_ctx *ctx; uint32_t ol_flags; + bool outer_ipv4; int i, ret; if (td[0].aead) { @@ -1224,10 +1247,11 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[], if (ret) goto out; } + outer_ipv4 = is_outer_ipv4(td); for (i = 0; i < nb_pkts; i++) { tx_pkt = init_packet(mbufpool, td[i].input_text.data, - td[i].input_text.len); + td[i].input_text.len, outer_ipv4); if (tx_pkt == NULL) { ret = TEST_FAILED; goto out; From patchwork Wed Aug 17 19:11:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115215 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 88A67A0032; Wed, 17 Aug 2022 21:12:38 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 529F442802; Wed, 17 Aug 2022 21:12:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 79124427F7 for ; Wed, 17 Aug 2022 21:12:26 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27HGLluR010862; Wed, 17 Aug 2022 12:12:22 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=LGvQZrgVC5ghUCxhtJbCPg+P6zYF/zx+JmbhZaTaYi8=; b=GX6Gloy2wdGoJw9xUA3WYIqiIkUBGBE7acpp0zB6ogUSBJLbx43U+eIEvX5nQpTaahaT NZwzb8pOPSZrD7YAuxL8blxS3rnWGJKQ6Br2rs+1bAxqm+qMCp/2qyngeIP4Xu0A3r/K uoXOwtYHEPtc7PF9HWhYpNifOLD6X1NqzEoyson76wfZcAwnIcYTWa1SzHzFDUk141Eu LCno8TQ8gmLNjQW/56oHjfpTmxT8yzxKwVKFSOPlH1zAfWsoEjHyRtFY+2rSAfUbEKal /3aL9BJ2Pkx6zETPbLGTz1dh+fPTChLjYS0/lrXhUb3kKAVZl24xdd1EYfJzSWTh212J aQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3j0tjyaxkt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 17 Aug 2022 12:12:22 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 17 Aug 2022 12:12:21 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Wed, 17 Aug 2022 12:12:21 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 8A6B53F70D1; Wed, 17 Aug 2022 12:11:58 -0700 (PDT) From: Nithin Dabilpuram To: Ruifeng Wang , Radu Nicolau , Akhil Goyal CC: , , Nithin Dabilpuram Subject: [PATCH v2 5/5] examples/ipsec-secgw: update ether type using tunnel info Date: Thu, 18 Aug 2022 00:41:46 +0530 Message-ID: <20220817191146.30085-5-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220817191146.30085-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220817191146.30085-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: S39TxnR4Igy6YjQwy58KEWB4bGsHOWdt X-Proofpoint-GUID: S39TxnR4Igy6YjQwy58KEWB4bGsHOWdt X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-17_13,2022-08-16_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Update ether type for outbound SA processing based on tunnel header information in both NEON functions for poll mode and event mode worker functions. Signed-off-by: Nithin Dabilpuram Reviewed-by: Ruifeng Wang Acked-by: Akhil Goyal --- examples/ipsec-secgw/ipsec_neon.h | 41 +++++++++++++++++++++++++------------ examples/ipsec-secgw/ipsec_worker.c | 30 +++++++++++++++++++-------- 2 files changed, 49 insertions(+), 22 deletions(-) diff --git a/examples/ipsec-secgw/ipsec_neon.h b/examples/ipsec-secgw/ipsec_neon.h index 3f2d0a0..9c0498b 100644 --- a/examples/ipsec-secgw/ipsec_neon.h +++ b/examples/ipsec-secgw/ipsec_neon.h @@ -18,12 +18,13 @@ extern xmm_t val_eth[RTE_MAX_ETHPORTS]; */ static inline void processx4_step3(struct rte_mbuf *pkts[FWDSTEP], uint16_t dst_port[FWDSTEP], - uint64_t tx_offloads, bool ip_cksum, uint8_t *l_pkt) + uint64_t tx_offloads, bool ip_cksum, bool is_ipv4, uint8_t *l_pkt) { uint32x4_t te[FWDSTEP]; uint32x4_t ve[FWDSTEP]; uint32_t *p[FWDSTEP]; struct rte_mbuf *pkt; + uint32_t val; uint8_t i; for (i = 0; i < FWDSTEP; i++) { @@ -38,7 +39,15 @@ processx4_step3(struct rte_mbuf *pkts[FWDSTEP], uint16_t dst_port[FWDSTEP], te[i] = vld1q_u32(p[i]); /* Update last 4 bytes */ - ve[i] = vsetq_lane_u32(vgetq_lane_u32(te[i], 3), ve[i], 3); + val = vgetq_lane_u32(te[i], 3); +#if RTE_BYTE_ORDER == RTE_LITTLE_ENDIAN + val &= 0xFFFFUL << 16; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6); +#else + val &= 0xFFFFUL; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6) << 16; +#endif + ve[i] = vsetq_lane_u32(val, ve[i], 3); vst1q_u32(p[i], ve[i]); if (ip_cksum) { @@ -64,10 +73,11 @@ processx4_step3(struct rte_mbuf *pkts[FWDSTEP], uint16_t dst_port[FWDSTEP], */ static inline void process_packet(struct rte_mbuf *pkt, uint16_t *dst_port, uint64_t tx_offloads, - bool ip_cksum, uint8_t *l_pkt) + bool ip_cksum, bool is_ipv4, uint8_t *l_pkt) { struct rte_ether_hdr *eth_hdr; uint32x4_t te, ve; + uint32_t val; /* Check if it is a large packet */ if (pkt->pkt_len - RTE_ETHER_HDR_LEN > mtu_size) @@ -78,7 +88,15 @@ process_packet(struct rte_mbuf *pkt, uint16_t *dst_port, uint64_t tx_offloads, te = vld1q_u32((uint32_t *)eth_hdr); ve = vreinterpretq_u32_s32(val_eth[dst_port[0]]); - ve = vcopyq_laneq_u32(ve, 3, te, 3); + val = vgetq_lane_u32(te, 3); +#if RTE_BYTE_ORDER == RTE_LITTLE_ENDIAN + val &= 0xFFFFUL << 16; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6); +#else + val &= 0xFFFFUL; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6) << 16; +#endif + ve = vsetq_lane_u32(val, ve, 3); vst1q_u32((uint32_t *)eth_hdr, ve); if (ip_cksum) { @@ -223,14 +241,14 @@ send_multi_pkts(struct rte_mbuf **pkts, uint16_t dst_port[MAX_PKT_BURST], lp = pnum; lp[0] = 1; - processx4_step3(pkts, dst_port, tx_offloads, ip_cksum, &l_pkt); + processx4_step3(pkts, dst_port, tx_offloads, ip_cksum, is_ipv4, &l_pkt); /* dp1: */ dp1 = vld1q_u16(dst_port); for (i = FWDSTEP; i != k; i += FWDSTEP) { - processx4_step3(&pkts[i], &dst_port[i], tx_offloads, - ip_cksum, &l_pkt); + processx4_step3(&pkts[i], &dst_port[i], tx_offloads, ip_cksum, is_ipv4, + &l_pkt); /* * dp2: @@ -268,20 +286,17 @@ send_multi_pkts(struct rte_mbuf **pkts, uint16_t dst_port[MAX_PKT_BURST], /* Process up to last 3 packets one by one. */ switch (nb_rx % FWDSTEP) { case 3: - process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, - &l_pkt); + process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, is_ipv4, &l_pkt); GROUP_PORT_STEP(dlp, dst_port, lp, pnum, i); i++; /* fallthrough */ case 2: - process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, - &l_pkt); + process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, is_ipv4, &l_pkt); GROUP_PORT_STEP(dlp, dst_port, lp, pnum, i); i++; /* fallthrough */ case 1: - process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, - &l_pkt); + process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, is_ipv4, &l_pkt); GROUP_PORT_STEP(dlp, dst_port, lp, pnum, i); } diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-secgw/ipsec_worker.c index 803157d..5e69450 100644 --- a/examples/ipsec-secgw/ipsec_worker.c +++ b/examples/ipsec-secgw/ipsec_worker.c @@ -53,11 +53,8 @@ process_ipsec_get_pkt_type(struct rte_mbuf *pkt, uint8_t **nlp) } static inline void -update_mac_addrs(struct rte_mbuf *pkt, uint16_t portid) +update_mac_addrs(struct rte_ether_hdr *ethhdr, uint16_t portid) { - struct rte_ether_hdr *ethhdr; - - ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); memcpy(ðhdr->src_addr, ðaddr_tbl[portid].src, RTE_ETHER_ADDR_LEN); memcpy(ðhdr->dst_addr, ðaddr_tbl[portid].dst, RTE_ETHER_ADDR_LEN); } @@ -374,7 +371,7 @@ process_ipsec_ev_inbound(struct ipsec_ctx *ctx, struct route_table *rt, /* else, we have a matching route */ /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + update_mac_addrs(rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *), port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); @@ -392,6 +389,7 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, struct rte_event *ev) { struct rte_ipsec_session *sess; + struct rte_ether_hdr *ethhdr; struct sa_ctx *sa_ctx; struct rte_mbuf *pkt; uint16_t port_id = 0; @@ -430,6 +428,7 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, goto drop_pkt_and_exit; } + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); /* Check if the packet has to be bypassed */ if (sa_idx == BYPASS) { port_id = get_route(pkt, rt, type); @@ -467,6 +466,9 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, /* Mark the packet for Tx security offload */ pkt->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD; + /* Update ether type */ + ethhdr->ether_type = (IS_IP4(sa->flags) ? rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4) : + rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6)); /* Get the port to which this pkt need to be submitted */ port_id = sa->portid; @@ -476,7 +478,7 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, pkt->l2_len = RTE_ETHER_HDR_LEN; /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + update_mac_addrs(ethhdr, port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); @@ -494,6 +496,7 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, struct ipsec_traffic *t, struct sa_ctx *sa_ctx) { struct rte_ipsec_session *sess; + struct rte_ether_hdr *ethhdr; uint32_t sa_idx, i, j = 0; uint16_t port_id = 0; struct rte_mbuf *pkt; @@ -505,7 +508,8 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, port_id = route4_pkt(pkt, rt->rt4_ctx); if (port_id != RTE_MAX_ETHPORTS) { /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); + update_mac_addrs(ethhdr, port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); ev_vector_attr_update(vec, pkt); @@ -520,7 +524,8 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, port_id = route6_pkt(pkt, rt->rt6_ctx); if (port_id != RTE_MAX_ETHPORTS) { /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); + update_mac_addrs(ethhdr, port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); ev_vector_attr_update(vec, pkt); @@ -553,7 +558,14 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, pkt->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD; port_id = sa->portid; - update_mac_addrs(pkt, port_id); + + /* Fetch outer ip type and update */ + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); + ethhdr->ether_type = (IS_IP4(sa->flags) ? + rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4) : + rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6)); + update_mac_addrs(ethhdr, port_id); + ipsec_event_pre_forward(pkt, port_id); ev_vector_attr_update(vec, pkt); vec->mbufs[j++] = pkt;