From patchwork Fri Oct 1 13:40:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 100273 X-Patchwork-Delegate: jerinj@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id BDAF3A0032; Fri, 1 Oct 2021 15:43:40 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DDDD641217; Fri, 1 Oct 2021 15:41:49 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id CB83141217 for ; Fri, 1 Oct 2021 15:41:47 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 191AGFYq009954 for ; Fri, 1 Oct 2021 06:41:46 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=W4lZ7WXvFbVMKfzr3Oi2pvmU5pYhiF8i6TnL4pxnfm4=; b=X0JObN/RVVohcoTO7qXNkxliaxVTUEhXLk8HW+SxZcwohB1vePrwtLBDVX9L8u8+lH2S TkUGgBXQJ0Hc0TiKMgrQ+fC2+8OW0zWaj4w1pLQ0d+n2fl9AxMq/TxKqUStGJCTFlyqm 5S3Yo0j45rIEMmfk14mp7Wu+Vnsg8q1WMQCRL3nztqSzDKP2+AsRL125J8jhCX0cfeBT oal0TKa60ZF9Kt2wAfDfD4r2HyrTuWCeGWB2MzyZvKeIRJL9hUS5XhqCFh+MVYbtTCWd wWmuNImbA7Jd0nkY+PMuyD7JXfrT7iDzu60tGo4p86uxzGsuDkpnhi1+w11lpKXbgGOi lg== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com with ESMTP id 3bdrxmhxer-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Fri, 01 Oct 2021 06:41:46 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 1 Oct 2021 06:41:44 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Fri, 1 Oct 2021 06:41:44 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 853E93F7055; Fri, 1 Oct 2021 06:41:42 -0700 (PDT) From: Nithin Dabilpuram To: , Nithin Dabilpuram , "Kiran Kumar K" , Sunil Kumar Kori , Satha Rao CC: , Satheesh Paul Date: Fri, 1 Oct 2021 19:10:21 +0530 Message-ID: <20211001134022.22700-28-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20211001134022.22700-1-ndabilpuram@marvell.com> References: <20210902021505.17607-1-ndabilpuram@marvell.com> <20211001134022.22700-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: MG4rOHfL5M3_p5_a5A2TACC3sP7zcYCb X-Proofpoint-ORIG-GUID: MG4rOHfL5M3_p5_a5A2TACC3sP7zcYCb X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-10-01_02,2021-10-01_02,2020-04-07_01 Subject: [dpdk-dev] [PATCH v3 27/28] net/cnxk: support configuring channel mask via devargs X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Satheesh Paul This patch adds support to configure channel mask which will be used by rte flow when adding flow rules with inline IPsec action. Signed-off-by: Satheesh Paul --- doc/guides/nics/cnxk.rst | 20 +++++++++++++++++++ drivers/net/cnxk/cnxk_ethdev_sec.c | 39 +++++++++++++++++++++++++++++++++++++- 2 files changed, 58 insertions(+), 1 deletion(-) diff --git a/doc/guides/nics/cnxk.rst b/doc/guides/nics/cnxk.rst index b542437..dd955d3 100644 --- a/doc/guides/nics/cnxk.rst +++ b/doc/guides/nics/cnxk.rst @@ -255,6 +255,26 @@ Runtime Config Options With the above configuration, inbound encrypted traffic from both the ports is received by ipsec inline device. +- ``Inline IPsec device channel and mask`` (default ``none``) + + Set channel and channel mask configuration for the inline IPSec device. This + will be used when creating flow rules with RTE_FLOW_ACTION_TYPE_SECURITY + action. + + By default, RTE Flow API sets the channel number of the port on which the + rule is created in the MCAM entry and matches it exactly. This behaviour can + be modified using the ``inl_cpt_channel`` ``devargs`` parameter. + + For example:: + + -a 0002:1d:00.0,inl_cpt_channel=0x100/0xf00 + + With the above configuration, RTE Flow rules API will set the channel + and channel mask as 0x100 and 0xF00 in the MCAM entries of the flow rules + created with RTE_FLOW_ACTION_TYPE_SECURITY action. Since channel number is + set with this custom mask, inbound encrypted traffic from all ports with + matching channel number pattern will be directed to the inline IPSec device. + .. note:: Above devarg parameters are configurable per device, user needs to pass the diff --git a/drivers/net/cnxk/cnxk_ethdev_sec.c b/drivers/net/cnxk/cnxk_ethdev_sec.c index c76e230..ae3e49c 100644 --- a/drivers/net/cnxk/cnxk_ethdev_sec.c +++ b/drivers/net/cnxk/cnxk_ethdev_sec.c @@ -6,6 +6,13 @@ #define CNXK_NIX_INL_SELFTEST "selftest" #define CNXK_NIX_INL_IPSEC_IN_MAX_SPI "ipsec_in_max_spi" +#define CNXK_INL_CPT_CHANNEL "inl_cpt_channel" + +struct inl_cpt_channel { + bool is_multi_channel; + uint16_t channel; + uint16_t mask; +}; #define CNXK_NIX_INL_DEV_NAME RTE_STR(cnxk_nix_inl_dev_) #define CNXK_NIX_INL_DEV_NAME_LEN \ @@ -137,13 +144,37 @@ parse_selftest(const char *key, const char *value, void *extra_args) } static int +parse_inl_cpt_channel(const char *key, const char *value, void *extra_args) +{ + RTE_SET_USED(key); + uint16_t chan = 0, mask = 0; + char *next = 0; + + /* next will point to the separator '/' */ + chan = strtol(value, &next, 16); + mask = strtol(++next, 0, 16); + + if (chan > GENMASK(12, 0) || mask > GENMASK(12, 0)) + return -EINVAL; + + ((struct inl_cpt_channel *)extra_args)->channel = chan; + ((struct inl_cpt_channel *)extra_args)->mask = mask; + ((struct inl_cpt_channel *)extra_args)->is_multi_channel = true; + + return 0; +} + +static int nix_inl_parse_devargs(struct rte_devargs *devargs, struct roc_nix_inl_dev *inl_dev) { uint32_t ipsec_in_max_spi = BIT(8) - 1; + struct inl_cpt_channel cpt_channel; struct rte_kvargs *kvlist; uint8_t selftest = 0; + memset(&cpt_channel, 0, sizeof(cpt_channel)); + if (devargs == NULL) goto null_devargs; @@ -155,11 +186,16 @@ nix_inl_parse_devargs(struct rte_devargs *devargs, &selftest); rte_kvargs_process(kvlist, CNXK_NIX_INL_IPSEC_IN_MAX_SPI, &parse_ipsec_in_max_spi, &ipsec_in_max_spi); + rte_kvargs_process(kvlist, CNXK_INL_CPT_CHANNEL, &parse_inl_cpt_channel, + &cpt_channel); rte_kvargs_free(kvlist); null_devargs: inl_dev->ipsec_in_max_spi = ipsec_in_max_spi; inl_dev->selftest = selftest; + inl_dev->channel = cpt_channel.channel; + inl_dev->chan_mask = cpt_channel.mask; + inl_dev->is_multi_channel = cpt_channel.is_multi_channel; return 0; exit: return -EINVAL; @@ -275,4 +311,5 @@ RTE_PMD_REGISTER_KMOD_DEP(cnxk_nix_inl, "vfio-pci"); RTE_PMD_REGISTER_PARAM_STRING(cnxk_nix_inl, CNXK_NIX_INL_SELFTEST "=1" - CNXK_NIX_INL_IPSEC_IN_MAX_SPI "=<1-65535>"); + CNXK_NIX_INL_IPSEC_IN_MAX_SPI "=<1-65535>" + CNXK_INL_CPT_CHANNEL "=<1-4095>/<1-4095>");