From patchwork Mon Aug 22 14:38:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115332 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3F30EA0540; Mon, 22 Aug 2022 16:38:26 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2399C40A81; Mon, 22 Aug 2022 16:38:26 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id EF0E040694 for ; Mon, 22 Aug 2022 16:38:24 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27MATEWJ009447; Mon, 22 Aug 2022 07:38:21 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=8+nypCGtHewVXXTuTWy4SSnNbvALWIdzlpDH6D+mG1E=; b=FCBAfJDWmzfsvueRS6mBiMpei4UTnxmtPifH6VsHpHh3xG0xEElzdq+VhVWYdDWOmLZt 2VQo4p5oEXV/7TXMb+SmrkA+JTdwlu0JZu7RZ5LYqWosBUcE7AVFWNORE+caYC+Cywrz sUGuViq6/qeO5xqKb7LbSnejzfEo/NE75J2G2vUUhnU1RPfXk3EI+O2gbT8e9Vw18eLl iIXGB/qfdAj4TwY8XHJHadif/YwnHePrLKJc0tw5hHCPk2HbGlB+UTQXtTOP21u1I/hb ve4HCsmyqJmhUSs6KSR8kguaGPGAYbpFBOyT1mIHLswSDoUmhb40bjHwlW1ANQd8YHaG 1A== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3j2y4jxy3e-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 22 Aug 2022 07:38:21 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 22 Aug 2022 07:38:20 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Mon, 22 Aug 2022 07:38:19 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 1A9C73F704B; Mon, 22 Aug 2022 07:38:17 -0700 (PDT) From: Nithin Dabilpuram To: Olivier Matz CC: , , , , Nithin Dabilpuram Subject: [PATCH v3 1/5] mbuf: clarify meta data needed for Outbound Inline Date: Mon, 22 Aug 2022 20:08:08 +0530 Message-ID: <20220822143812.30010-1-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220707072921.13448-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: wxH12s7zSdejIm4jVKVRQomVoSwkdsWn X-Proofpoint-ORIG-GUID: wxH12s7zSdejIm4jVKVRQomVoSwkdsWn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-22_08,2022-08-22_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Clarify mbuf meta data needed for Outbound Inline processing. Application needs to provide mbuf.l3_len and L3 type in mbuf.ol_flags so that like tunnel mode using mbuf.l2_len, transport mode can make use of l3_len and l3_type to determine perform proper transport mode IPsec processing. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal --- v3: - Addressed comments on patch 4/5 and added acks. v2: - Modified ipsec-secgw to do ether type update for outbound path. doc/guides/nics/features.rst | 2 +- lib/mbuf/rte_mbuf_core.h | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst index 7f6cb91..b4a8e98 100644 --- a/doc/guides/nics/features.rst +++ b/doc/guides/nics/features.rst @@ -431,7 +431,7 @@ protocol operations. See security library and PMD documentation for more details * **[uses] rte_eth_rxconf,rte_eth_rxmode**: ``offloads:RTE_ETH_RX_OFFLOAD_SECURITY``, * **[uses] rte_eth_txconf,rte_eth_txmode**: ``offloads:RTE_ETH_TX_OFFLOAD_SECURITY``. -* **[uses] mbuf**: ``mbuf.l2_len``. +* **[uses] mbuf**: ``mbuf.l2_len``, ``mbuf.l3_len``, ``mbuf.ol_flags``. * **[implements] rte_security_ops**: ``session_create``, ``session_update``, ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``, ``get_userdata``, ``capabilities_get``. diff --git a/lib/mbuf/rte_mbuf_core.h b/lib/mbuf/rte_mbuf_core.h index 3d6ddd6..b62a7c6 100644 --- a/lib/mbuf/rte_mbuf_core.h +++ b/lib/mbuf/rte_mbuf_core.h @@ -267,7 +267,8 @@ extern "C" { /** * Request security offload processing on the TX packet. * To use Tx security offload, the user needs to fill l2_len in mbuf - * indicating L2 header size and where L3 header starts. + * indicating L2 header size and where L3 header starts. Similarly, + * l3_len should also be filled along with ol_flags reflecting current L3 type. */ #define RTE_MBUF_F_TX_SEC_OFFLOAD (1ULL << 43) #define PKT_TX_SEC_OFFLOAD RTE_DEPRECATED(PKT_TX_SEC_OFFLOAD) \ From patchwork Mon Aug 22 14:38:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115333 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C3DCAA0540; Mon, 22 Aug 2022 16:38:30 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id E1EEB410FA; Mon, 22 Aug 2022 16:38:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 7729A410F9 for ; Mon, 22 Aug 2022 16:38:27 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27MDXWOd011931; Mon, 22 Aug 2022 07:38:24 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=j41rwEB4PnLBYm8i7mVw3nMl2TxAX/xGaP4fUzm1S14=; b=Q+MfSRrdzScwjYmoqRnNZQGYllywYpBBSTu6+W/BZIJ6kYibK5qlU+MSx6pWxNjs3dBX rkNHpSSCqv6TtURqfoNLSzQgsG24HCHSPYmFH5/c0JYL3hWjZDhlrk3dsVw2NwZY3/v/ oj5cq3z7eT4luV27qMTVIrSg5ImFcm20gshQ34ZmIslhpx8N0fFi4no058FyLc/CjWzz aZrHJyJ+xD+C1ae9zwdbhIm+42+Dg9RAm+iV68Uq5uKVjUgR6K5JGee/6hIFcGarT4nF SjUtn9wQmUptzb5Bi9enHWwEwhQ9szipCYs52MnywYH0RVbN9fkIuJHeaR+Z3fMjmtB8 0w== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3j4askg7gm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 22 Aug 2022 07:38:23 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Mon, 22 Aug 2022 07:38:22 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Mon, 22 Aug 2022 07:38:22 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id A85653F7058; Mon, 22 Aug 2022 07:38:20 -0700 (PDT) From: Nithin Dabilpuram To: Akhil Goyal CC: , , , "Nithin Dabilpuram" Subject: [PATCH v3 2/5] security: clarify L2 header requirement for outbound inline Date: Mon, 22 Aug 2022 20:08:09 +0530 Message-ID: <20220822143812.30010-2-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220822143812.30010-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220822143812.30010-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: cEF-Y4Cs1A84Ezbapen_wFQ7vOTC8OS2 X-Proofpoint-ORIG-GUID: cEF-Y4Cs1A84Ezbapen_wFQ7vOTC8OS2 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-22_08,2022-08-22_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Clarify that for Outbound Inline IPsec processing, L2 header needs to be up to date with ether type which will be applicable post IPsec processing as the IPsec offload only touches L3 and above. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal --- doc/guides/prog_guide/rte_security.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst index 72ca0bd..be158f6 100644 --- a/doc/guides/prog_guide/rte_security.rst +++ b/doc/guides/prog_guide/rte_security.rst @@ -146,7 +146,9 @@ adding the relevant protocol headers and encrypting the data before sending the packet out. The software should make sure that the buffer has required head room and tail room for any protocol header addition. The software may also do early fragmentation if the resultant packet is expected -to cross the MTU size. +to cross the MTU size. The software should also make sure that L2 header contents +are updated with the final L2 header which is expected post IPsec processing as +the IPsec offload will only update L3 and above in egress path. .. note:: From patchwork Mon Aug 22 14:38:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115334 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3AB57A0540; Mon, 22 Aug 2022 16:38:36 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id ADCBB427EB; Mon, 22 Aug 2022 16:38:31 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 20765427EA for ; Mon, 22 Aug 2022 16:38:30 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27MAFnS3010463; Mon, 22 Aug 2022 07:38:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=4vDrsBbmHZ7wY3uRyP+S5uTUv9qGv2icpuU7+elJDbQ=; b=i8qpmXTcDUOSboSxk+8YPW3w5Pd4zxwMOlwjanJdp61g3sOZTIiBl1jYG9i2j9u5PT8K KO0Mb2m2ZPD0Kq5+QWy7nptJB1/+pW4sO4a8F5XROV8wkX5vGX3KjWMftFBIwNyb93Wr nGWqsdlDR8EeeNrjty8T8Fov9p6bnAvsUX045G4EzVPLY92TkplQwS8VtfnIo0GkdsTH OiC5bNo3Wp4rgrots5QgdSuxJpbg7MWRjavALaQRQ9Es+80S6r4CMFWKCNXQPhqD9rHV J3ac9IesWBhMnjb+Zofl3YALDXbGmlqRVx9cWOtkDKBCQtIH7Skkd4VrZOHx2xFmTiAZ dA== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3j2y4jxy3m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 22 Aug 2022 07:38:27 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Mon, 22 Aug 2022 07:38:25 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Mon, 22 Aug 2022 07:38:25 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 0A62A3F704B; Mon, 22 Aug 2022 07:38:22 -0700 (PDT) From: Nithin Dabilpuram To: Nithin Dabilpuram , Kiran Kumar K , Sunil Kumar Kori , Satha Rao CC: , , , Subject: [PATCH v3 3/5] net/cnxk: remove L2 header update for outbound inline pkts Date: Mon, 22 Aug 2022 20:08:10 +0530 Message-ID: <20220822143812.30010-3-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220822143812.30010-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220822143812.30010-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: 7QXwkA8uzhAP4wA3EaoP0TNSfYrNk5l7 X-Proofpoint-ORIG-GUID: 7QXwkA8uzhAP4wA3EaoP0TNSfYrNk5l7 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-22_08,2022-08-22_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Remove L2 header update for outbound inline packets as application is already taking care of the same. Signed-off-by: Nithin Dabilpuram --- drivers/net/cnxk/cn10k_tx.h | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/drivers/net/cnxk/cn10k_tx.h b/drivers/net/cnxk/cn10k_tx.h index ea13866..4bd47ef 100644 --- a/drivers/net/cnxk/cn10k_tx.h +++ b/drivers/net/cnxk/cn10k_tx.h @@ -362,15 +362,6 @@ cn10k_nix_prep_sec_vec(struct rte_mbuf *m, uint64x2_t *cmd0, uint64x2_t *cmd1, dptr += l2_len; - if (sess_priv.mode == ROC_IE_SA_MODE_TUNNEL) { - if (sess_priv.outer_ip_ver == ROC_IE_SA_IP_VERSION_4) - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4); - else - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6); - } - ucode_cmd[1] = dptr; ucode_cmd[2] = dptr; @@ -490,14 +481,6 @@ cn10k_nix_prep_sec(struct rte_mbuf *m, uint64_t *cmd, uintptr_t *nixtx_addr, dptr += l2_len; - if (sess_priv.mode == ROC_IE_SA_MODE_TUNNEL) { - if (sess_priv.outer_ip_ver == ROC_IE_SA_IP_VERSION_4) - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4); - else - *((uint16_t *)(dptr - 2)) = - rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6); - } ucode_cmd[1] = dptr; ucode_cmd[2] = dptr; From patchwork Mon Aug 22 14:38:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115335 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C81B7A0540; Mon, 22 Aug 2022 16:38:41 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 85957427F2; Mon, 22 Aug 2022 16:38:35 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 957AF427F9 for ; Mon, 22 Aug 2022 16:38:33 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27MDXFM3011695; Mon, 22 Aug 2022 07:38:29 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=Rv/w2zIP7hNjKEoJr9SH/W9o4cpc8TgLllt1IYd0z1U=; b=hResOXVnYFKKsZZIrQpBPkbmkPc7e6hQDmbNUP8WGx5kHUUgOjGW0///cFQPJWc3T0kZ hxmFNHwhqEcmD8XgLZtXFEdnnJPyLVLvI2ao8vC1N/PykS0OuXrfRJsvDySA6mgzT4Xk 21qXmLdU5e8TveDntGdJK1U65o1Yd5wusIhw83+2TYYfDdeUuu9llu+ag0fNTxlcI23E a2xhceQNNkVQd5Misn7bszvinaESC7MnsUeK/ZvN2bO2v+oSSS/ocSoyMCRbSsISN98S vbP+jpwZzp8KdSHfeFK1bRhaGwd7EtT2u3zY9Z0sA1dAT96o5Qy1FDk2+BadVAL3p88t yw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3j4askg7gv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 22 Aug 2022 07:38:29 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 22 Aug 2022 07:38:27 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Mon, 22 Aug 2022 07:38:27 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 173173F7058; Mon, 22 Aug 2022 07:38:25 -0700 (PDT) From: Nithin Dabilpuram To: Akhil Goyal CC: , , , "Nithin Dabilpuram" Subject: [PATCH v3 4/5] app/test: update L2 header based on tunnel IP version Date: Mon, 22 Aug 2022 20:08:11 +0530 Message-ID: <20220822143812.30010-4-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220822143812.30010-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220822143812.30010-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: z6UKaNkkLf1qlVYa0KmBTfAEwJxXVqHM X-Proofpoint-ORIG-GUID: z6UKaNkkLf1qlVYa0KmBTfAEwJxXVqHM X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-22_08,2022-08-22_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Update L2 header based on tunnel IP version in the application as driver/HW is not expected to update L2 ether type post Outbound Inline protocol offload processing. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal --- app/test/test_security_inline_proto.c | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index 5f26a04..b282e7d 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -418,15 +418,29 @@ copy_buf_to_pkt_segs(const uint8_t *buf, unsigned int len, rte_memcpy(seg_buf, buf + copied, (size_t) len); } +static bool +is_outer_ipv4(struct ipsec_test_data *td) +{ + bool outer_ipv4; + + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS || + td->ipsec_xform.mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) + outer_ipv4 = (((td->input_text.data[0] & 0xF0) >> 4) == IPVERSION); + else + outer_ipv4 = (td->ipsec_xform.tunnel.type == RTE_SECURITY_IPSEC_TUNNEL_IPV4); + return outer_ipv4; +} + static inline struct rte_mbuf * -init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len) +init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len, bool outer_ipv4) { struct rte_mbuf *pkt; pkt = rte_pktmbuf_alloc(mp); if (pkt == NULL) return NULL; - if (((data[0] & 0xF0) >> 4) == IPVERSION) { + + if (outer_ipv4) { rte_memcpy(rte_pktmbuf_append(pkt, RTE_ETHER_HDR_LEN), &dummy_ipv4_eth_hdr, RTE_ETHER_HDR_LEN); pkt->l3_len = sizeof(struct rte_ipv4_hdr); @@ -711,6 +725,7 @@ test_ipsec_with_reassembly(struct reassembly_vector *vector, struct rte_security_ctx *ctx; unsigned int i, nb_rx = 0, j; uint32_t ol_flags; + bool outer_ipv4; int ret = 0; burst_sz = vector->burst ? ENCAP_DECAP_BURST_SZ : 1; @@ -740,11 +755,15 @@ test_ipsec_with_reassembly(struct reassembly_vector *vector, memset(tx_pkts_burst, 0, sizeof(tx_pkts_burst[0]) * nb_tx); memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_tx); + memcpy(&sa_data, vector->sa_data, sizeof(struct ipsec_test_data)); + sa_data.ipsec_xform.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS; + outer_ipv4 = is_outer_ipv4(&sa_data); + for (i = 0; i < nb_tx; i += vector->nb_frags) { for (j = 0; j < vector->nb_frags; j++) { tx_pkts_burst[i+j] = init_packet(mbufpool, vector->frags[j]->data, - vector->frags[j]->len); + vector->frags[j]->len, outer_ipv4); if (tx_pkts_burst[i+j] == NULL) { ret = -1; printf("\n packed init failed\n"); @@ -963,6 +982,7 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, int nb_rx = 0, nb_sent; uint32_t ol_flags; int i, j = 0, ret; + bool outer_ipv4; memset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * nb_pkts); @@ -994,9 +1014,11 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td, if (ret) goto out; } + outer_ipv4 = is_outer_ipv4(td); + for (i = 0; i < nb_pkts; i++) { tx_pkts_burst[i] = init_packet(mbufpool, td->input_text.data, - td->input_text.len); + td->input_text.len, outer_ipv4); if (tx_pkts_burst[i] == NULL) { while (i--) rte_pktmbuf_free(tx_pkts_burst[i]); @@ -1194,6 +1216,7 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[], struct rte_security_session *ses; struct rte_security_ctx *ctx; uint32_t ol_flags; + bool outer_ipv4; int i, ret; if (td[0].aead) { @@ -1224,10 +1247,11 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[], if (ret) goto out; } + outer_ipv4 = is_outer_ipv4(td); for (i = 0; i < nb_pkts; i++) { tx_pkt = init_packet(mbufpool, td[i].input_text.data, - td[i].input_text.len); + td[i].input_text.len, outer_ipv4); if (tx_pkt == NULL) { ret = TEST_FAILED; goto out; From patchwork Mon Aug 22 14:38:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 115336 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8A5AAA0540; Mon, 22 Aug 2022 16:38:48 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9AC504282B; Mon, 22 Aug 2022 16:38:37 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 5A9BE427EA for ; Mon, 22 Aug 2022 16:38:35 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27MDX9qr011661; Mon, 22 Aug 2022 07:38:32 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=mqYkO32KAVW4Mch5djXDQuw7LS1UqV9nnkC0/32xGGM=; b=WDfjMyXDN/1cafuSWI5n+8/qgms1EOwLqXGv6sOHylolO1OU3oWk7nL+SDMV8f1TQvhv vRYM9s8H/lIOEHM51CCOma5zojnZ1w3ZYSujIeVPtARPBPeT/7QAzBU7OKPWqE/v/283 8RjLpwFmFISHZJYeA8rMckNVGU6btdk/kAP6YJirnK3+eZiNuhdDjsFDBHETmdXkVYkj 3TMCUjweGwH0k7q2rY5kL+FL8Stieg7FdQR+/i8VkVMKwFGmg9DtFzuiqrWqyBP0NWUF PWQtI+yXvZ+YffT6iJ8bY4tcmdQOFIqb+g8ADGuu+8QqYIHEPHK+JjrXaJKEXDWgHZC+ Uw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3j4askg7h3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 22 Aug 2022 07:38:31 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Mon, 22 Aug 2022 07:38:30 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Mon, 22 Aug 2022 07:38:30 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 5EF903F704B; Mon, 22 Aug 2022 07:38:28 -0700 (PDT) From: Nithin Dabilpuram To: Ruifeng Wang , Radu Nicolau , Akhil Goyal CC: , , Nithin Dabilpuram Subject: [PATCH v3 5/5] examples/ipsec-secgw: update ether type using tunnel info Date: Mon, 22 Aug 2022 20:08:12 +0530 Message-ID: <20220822143812.30010-5-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220822143812.30010-1-ndabilpuram@marvell.com> References: <20220707072921.13448-1-ndabilpuram@marvell.com> <20220822143812.30010-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: fEAJUNjdq8mgmYO56VEaHoZFv9gE61-8 X-Proofpoint-ORIG-GUID: fEAJUNjdq8mgmYO56VEaHoZFv9gE61-8 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-22_08,2022-08-22_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Update ether type for outbound SA processing based on tunnel header information in both NEON functions for poll mode and event mode worker functions. Signed-off-by: Nithin Dabilpuram Reviewed-by: Ruifeng Wang Acked-by: Akhil Goyal --- examples/ipsec-secgw/ipsec_neon.h | 41 +++++++++++++++++++++++++------------ examples/ipsec-secgw/ipsec_worker.c | 30 +++++++++++++++++++-------- 2 files changed, 49 insertions(+), 22 deletions(-) diff --git a/examples/ipsec-secgw/ipsec_neon.h b/examples/ipsec-secgw/ipsec_neon.h index 3f2d0a0..9c0498b 100644 --- a/examples/ipsec-secgw/ipsec_neon.h +++ b/examples/ipsec-secgw/ipsec_neon.h @@ -18,12 +18,13 @@ extern xmm_t val_eth[RTE_MAX_ETHPORTS]; */ static inline void processx4_step3(struct rte_mbuf *pkts[FWDSTEP], uint16_t dst_port[FWDSTEP], - uint64_t tx_offloads, bool ip_cksum, uint8_t *l_pkt) + uint64_t tx_offloads, bool ip_cksum, bool is_ipv4, uint8_t *l_pkt) { uint32x4_t te[FWDSTEP]; uint32x4_t ve[FWDSTEP]; uint32_t *p[FWDSTEP]; struct rte_mbuf *pkt; + uint32_t val; uint8_t i; for (i = 0; i < FWDSTEP; i++) { @@ -38,7 +39,15 @@ processx4_step3(struct rte_mbuf *pkts[FWDSTEP], uint16_t dst_port[FWDSTEP], te[i] = vld1q_u32(p[i]); /* Update last 4 bytes */ - ve[i] = vsetq_lane_u32(vgetq_lane_u32(te[i], 3), ve[i], 3); + val = vgetq_lane_u32(te[i], 3); +#if RTE_BYTE_ORDER == RTE_LITTLE_ENDIAN + val &= 0xFFFFUL << 16; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6); +#else + val &= 0xFFFFUL; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6) << 16; +#endif + ve[i] = vsetq_lane_u32(val, ve[i], 3); vst1q_u32(p[i], ve[i]); if (ip_cksum) { @@ -64,10 +73,11 @@ processx4_step3(struct rte_mbuf *pkts[FWDSTEP], uint16_t dst_port[FWDSTEP], */ static inline void process_packet(struct rte_mbuf *pkt, uint16_t *dst_port, uint64_t tx_offloads, - bool ip_cksum, uint8_t *l_pkt) + bool ip_cksum, bool is_ipv4, uint8_t *l_pkt) { struct rte_ether_hdr *eth_hdr; uint32x4_t te, ve; + uint32_t val; /* Check if it is a large packet */ if (pkt->pkt_len - RTE_ETHER_HDR_LEN > mtu_size) @@ -78,7 +88,15 @@ process_packet(struct rte_mbuf *pkt, uint16_t *dst_port, uint64_t tx_offloads, te = vld1q_u32((uint32_t *)eth_hdr); ve = vreinterpretq_u32_s32(val_eth[dst_port[0]]); - ve = vcopyq_laneq_u32(ve, 3, te, 3); + val = vgetq_lane_u32(te, 3); +#if RTE_BYTE_ORDER == RTE_LITTLE_ENDIAN + val &= 0xFFFFUL << 16; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6); +#else + val &= 0xFFFFUL; + val |= rte_cpu_to_be_16(is_ipv4 ? RTE_ETHER_TYPE_IPV4 : RTE_ETHER_TYPE_IPV6) << 16; +#endif + ve = vsetq_lane_u32(val, ve, 3); vst1q_u32((uint32_t *)eth_hdr, ve); if (ip_cksum) { @@ -223,14 +241,14 @@ send_multi_pkts(struct rte_mbuf **pkts, uint16_t dst_port[MAX_PKT_BURST], lp = pnum; lp[0] = 1; - processx4_step3(pkts, dst_port, tx_offloads, ip_cksum, &l_pkt); + processx4_step3(pkts, dst_port, tx_offloads, ip_cksum, is_ipv4, &l_pkt); /* dp1: */ dp1 = vld1q_u16(dst_port); for (i = FWDSTEP; i != k; i += FWDSTEP) { - processx4_step3(&pkts[i], &dst_port[i], tx_offloads, - ip_cksum, &l_pkt); + processx4_step3(&pkts[i], &dst_port[i], tx_offloads, ip_cksum, is_ipv4, + &l_pkt); /* * dp2: @@ -268,20 +286,17 @@ send_multi_pkts(struct rte_mbuf **pkts, uint16_t dst_port[MAX_PKT_BURST], /* Process up to last 3 packets one by one. */ switch (nb_rx % FWDSTEP) { case 3: - process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, - &l_pkt); + process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, is_ipv4, &l_pkt); GROUP_PORT_STEP(dlp, dst_port, lp, pnum, i); i++; /* fallthrough */ case 2: - process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, - &l_pkt); + process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, is_ipv4, &l_pkt); GROUP_PORT_STEP(dlp, dst_port, lp, pnum, i); i++; /* fallthrough */ case 1: - process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, - &l_pkt); + process_packet(pkts[i], dst_port + i, tx_offloads, ip_cksum, is_ipv4, &l_pkt); GROUP_PORT_STEP(dlp, dst_port, lp, pnum, i); } diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-secgw/ipsec_worker.c index 803157d..5e69450 100644 --- a/examples/ipsec-secgw/ipsec_worker.c +++ b/examples/ipsec-secgw/ipsec_worker.c @@ -53,11 +53,8 @@ process_ipsec_get_pkt_type(struct rte_mbuf *pkt, uint8_t **nlp) } static inline void -update_mac_addrs(struct rte_mbuf *pkt, uint16_t portid) +update_mac_addrs(struct rte_ether_hdr *ethhdr, uint16_t portid) { - struct rte_ether_hdr *ethhdr; - - ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); memcpy(ðhdr->src_addr, ðaddr_tbl[portid].src, RTE_ETHER_ADDR_LEN); memcpy(ðhdr->dst_addr, ðaddr_tbl[portid].dst, RTE_ETHER_ADDR_LEN); } @@ -374,7 +371,7 @@ process_ipsec_ev_inbound(struct ipsec_ctx *ctx, struct route_table *rt, /* else, we have a matching route */ /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + update_mac_addrs(rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *), port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); @@ -392,6 +389,7 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, struct rte_event *ev) { struct rte_ipsec_session *sess; + struct rte_ether_hdr *ethhdr; struct sa_ctx *sa_ctx; struct rte_mbuf *pkt; uint16_t port_id = 0; @@ -430,6 +428,7 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, goto drop_pkt_and_exit; } + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); /* Check if the packet has to be bypassed */ if (sa_idx == BYPASS) { port_id = get_route(pkt, rt, type); @@ -467,6 +466,9 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, /* Mark the packet for Tx security offload */ pkt->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD; + /* Update ether type */ + ethhdr->ether_type = (IS_IP4(sa->flags) ? rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4) : + rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6)); /* Get the port to which this pkt need to be submitted */ port_id = sa->portid; @@ -476,7 +478,7 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, pkt->l2_len = RTE_ETHER_HDR_LEN; /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + update_mac_addrs(ethhdr, port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); @@ -494,6 +496,7 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, struct ipsec_traffic *t, struct sa_ctx *sa_ctx) { struct rte_ipsec_session *sess; + struct rte_ether_hdr *ethhdr; uint32_t sa_idx, i, j = 0; uint16_t port_id = 0; struct rte_mbuf *pkt; @@ -505,7 +508,8 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, port_id = route4_pkt(pkt, rt->rt4_ctx); if (port_id != RTE_MAX_ETHPORTS) { /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); + update_mac_addrs(ethhdr, port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); ev_vector_attr_update(vec, pkt); @@ -520,7 +524,8 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, port_id = route6_pkt(pkt, rt->rt6_ctx); if (port_id != RTE_MAX_ETHPORTS) { /* Update mac addresses */ - update_mac_addrs(pkt, port_id); + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); + update_mac_addrs(ethhdr, port_id); /* Update the event with the dest port */ ipsec_event_pre_forward(pkt, port_id); ev_vector_attr_update(vec, pkt); @@ -553,7 +558,14 @@ ipsec_ev_route_pkts(struct rte_event_vector *vec, struct route_table *rt, pkt->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD; port_id = sa->portid; - update_mac_addrs(pkt, port_id); + + /* Fetch outer ip type and update */ + ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *); + ethhdr->ether_type = (IS_IP4(sa->flags) ? + rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4) : + rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6)); + update_mac_addrs(ethhdr, port_id); + ipsec_event_pre_forward(pkt, port_id); ev_vector_attr_update(vec, pkt); vec->mbufs[j++] = pkt;