From: Jakub Kicinski <kuba@kernel.org>
To: netdev@vger.kernel.org
Cc: pabeni@redhat.com, willemdebruijn.kernel@gmail.com,
borisp@nvidia.com, gal@nvidia.com, cratiu@nvidia.com,
rrameshbabu@nvidia.com, steffen.klassert@secunet.com,
tariqt@nvidia.com, Raed Salem <raeds@nvidia.com>,
Jakub Kicinski <kuba@kernel.org>
Subject: [RFC net-next 13/15] net/mlx5e: Configure PSP Rx flow steering rules
Date: Thu, 9 May 2024 20:04:33 -0700 [thread overview]
Message-ID: <20240510030435.120935-14-kuba@kernel.org> (raw)
In-Reply-To: <20240510030435.120935-1-kuba@kernel.org>
From: Raed Salem <raeds@nvidia.com>
Set the Rx PSP flow steering rule where PSP packet is identified and
decrypted using the dedicated UDP destination port number 1000. If packet
is decrypted then a PSP marker and syndrome are added to metadata so SW can
use it later on in Rx data path.
The rule is set as part of init_rx netdev profile implementation.
Signed-off-by: Raed Salem <raeds@nvidia.com>
Signed-off-by: Rahul Rameshbabu <rrameshbabu@nvidia.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---
.../mellanox/mlx5/core/en_accel/en_accel.h | 14 +++++-
.../mellanox/mlx5/core/en_accel/nisp_fs.c | 46 ++++++++++++++++---
.../mellanox/mlx5/core/en_accel/nisp_fs.h | 7 +++
3 files changed, 60 insertions(+), 7 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h
index cea997847fa4..38d2c73a0f79 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h
@@ -231,12 +231,24 @@ static inline void mlx5e_accel_tx_finish(struct mlx5e_txqsq *sq,
static inline int mlx5e_accel_init_rx(struct mlx5e_priv *priv)
{
- return mlx5e_ktls_init_rx(priv);
+ int err;
+
+ err = mlx5_accel_nisp_fs_init_rx_tables(priv);
+ if (err)
+ goto out;
+
+ err = mlx5e_ktls_init_rx(priv);
+ if (err)
+ mlx5_accel_nisp_fs_cleanup_rx_tables(priv);
+
+out:
+ return err;
}
static inline void mlx5e_accel_cleanup_rx(struct mlx5e_priv *priv)
{
mlx5e_ktls_cleanup_rx(priv);
+ mlx5_accel_nisp_fs_cleanup_rx_tables(priv);
}
static inline int mlx5e_accel_init_tx(struct mlx5e_priv *priv)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.c
index 11f583d13bdd..0d80f646e5b8 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.c
@@ -468,9 +468,6 @@ static void accel_nisp_fs_cleanup_rx(struct mlx5e_nisp_fs *fs)
if (!fs->rx_fs)
return;
- for (i = 0; i < ACCEL_FS_NISP_NUM_TYPES; i++)
- accel_nisp_fs_rx_ft_put(fs, i);
-
accel_nisp = fs->rx_fs;
for (i = 0; i < ACCEL_FS_NISP_NUM_TYPES; i++) {
fs_prot = &accel_nisp->fs_prot[i];
@@ -496,13 +493,50 @@ static int accel_nisp_fs_init_rx(struct mlx5e_nisp_fs *fs)
mutex_init(&fs_prot->prot_mutex);
}
- for (i = 0; i < ACCEL_FS_NISP_NUM_TYPES; i++)
- accel_nisp_fs_rx_ft_get(fs, ACCEL_FS_NISP4);
-
fs->rx_fs = accel_nisp;
+
return 0;
}
+void mlx5_accel_nisp_fs_cleanup_rx_tables(struct mlx5e_priv *priv)
+{
+ int i;
+
+ if (!priv->nisp)
+ return;
+
+ for (i = 0; i < ACCEL_FS_NISP_NUM_TYPES; i++)
+ accel_nisp_fs_rx_ft_put(priv->nisp->fs, i);
+}
+
+int mlx5_accel_nisp_fs_init_rx_tables(struct mlx5e_priv *priv)
+{
+ enum accel_fs_nisp_type i;
+ struct mlx5e_nisp_fs *fs;
+ int err;
+
+ if (!priv->nisp)
+ return 0;
+
+ fs = priv->nisp->fs;
+ for (i = 0; i < ACCEL_FS_NISP_NUM_TYPES; i++) {
+ err = accel_nisp_fs_rx_ft_get(fs, i);
+ if (err)
+ goto out_err;
+ }
+
+ return 0;
+
+out_err:
+ i--;
+ while (i >= 0) {
+ accel_nisp_fs_rx_ft_put(fs, i);
+ --i;
+ }
+
+ return err;
+}
+
static int accel_nisp_fs_tx_create_ft_table(struct mlx5e_nisp_fs *fs)
{
int inlen = MLX5_ST_SZ_BYTES(create_flow_group_in);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.h b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.h
index 11cdc447a401..8c44dd51317c 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/nisp_fs.h
@@ -12,6 +12,8 @@ struct mlx5e_nisp_fs *mlx5e_accel_nisp_fs_init(struct mlx5e_priv *priv);
void mlx5e_accel_nisp_fs_cleanup(struct mlx5e_nisp_fs *fs);
int mlx5_accel_nisp_fs_init_tx_tables(struct mlx5e_priv *priv);
void mlx5_accel_nisp_fs_cleanup_tx_tables(struct mlx5e_priv *priv);
+int mlx5_accel_nisp_fs_init_rx_tables(struct mlx5e_priv *priv);
+void mlx5_accel_nisp_fs_cleanup_rx_tables(struct mlx5e_priv *priv);
#else
static inline int mlx5_accel_nisp_fs_init_tx_tables(struct mlx5e_priv *priv)
{
@@ -19,5 +21,10 @@ static inline int mlx5_accel_nisp_fs_init_tx_tables(struct mlx5e_priv *priv)
}
static inline void mlx5_accel_nisp_fs_cleanup_tx_tables(struct mlx5e_priv *priv) { }
+static inline int mlx5_accel_nisp_fs_init_rx_tables(struct mlx5e_priv *priv)
+{
+ return 0;
+}
+static inline void mlx5_accel_nisp_fs_cleanup_rx_tables(struct mlx5e_priv *priv) { }
#endif /* CONFIG_MLX5_EN_PSP */
#endif /* __MLX5_NISP_FS_H__ */
--
2.45.0
next prev parent reply other threads:[~2024-05-10 3:04 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-10 3:04 [RFC net-next 00/15] add basic PSP encryption for TCP connections Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 01/15] psp: add documentation Jakub Kicinski
2024-05-10 22:19 ` Saeed Mahameed
2024-05-11 0:11 ` Jakub Kicinski
2024-05-11 9:41 ` Vadim Fedorenko
2024-05-11 16:25 ` David Ahern
2024-06-26 13:57 ` Sasha Levin
2024-05-13 1:24 ` Willem de Bruijn
2024-05-29 17:35 ` Jakub Kicinski
2024-05-30 0:47 ` Willem de Bruijn
2024-05-30 19:51 ` Jakub Kicinski
2024-05-30 20:15 ` Jakub Kicinski
2024-05-30 21:03 ` Willem de Bruijn
2024-05-31 13:56 ` Willem de Bruijn
2024-06-05 0:08 ` Jakub Kicinski
2024-06-05 20:11 ` Willem de Bruijn
2024-06-05 22:24 ` Jakub Kicinski
2024-06-06 2:40 ` Willem de Bruijn
2024-06-27 15:14 ` Lance Richardson
2024-06-27 22:33 ` Jakub Kicinski
2024-06-28 19:33 ` Lance Richardson
2024-06-28 23:41 ` Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 02/15] psp: base PSP device support Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 03/15] net: modify core data structures for PSP datapath support Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 04/15] tcp: add datapath logic for PSP with inline key exchange Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 05/15] psp: add op for rotation of secret state Jakub Kicinski
2024-05-16 19:59 ` Lance Richardson
2024-05-29 17:43 ` Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 06/15] net: psp: add socket security association code Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 07/15] net: psp: update the TCP MSS to reflect PSP packet overhead Jakub Kicinski
2024-05-13 1:47 ` Willem de Bruijn
2024-05-29 17:48 ` Jakub Kicinski
2024-05-30 0:52 ` Willem de Bruijn
2024-05-10 3:04 ` [RFC net-next 08/15] psp: track generations of secret state Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 09/15] net/mlx5e: Support PSP offload functionality Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 10/15] net/mlx5e: Implement PSP operations .assoc_add and .assoc_del Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 11/15] net/mlx5e: Implement PSP Tx data path Jakub Kicinski
2024-05-10 3:04 ` [RFC net-next 12/15] net/mlx5e: Add PSP steering in local NIC RX Jakub Kicinski
2024-05-13 1:52 ` Willem de Bruijn
2024-05-10 3:04 ` Jakub Kicinski [this message]
2024-05-10 3:04 ` [RFC net-next 14/15] net/mlx5e: Add Rx data path offload Jakub Kicinski
2024-05-13 1:54 ` Willem de Bruijn
2024-05-29 18:38 ` Jakub Kicinski
2024-05-30 9:04 ` Cosmin Ratiu
2024-05-10 3:04 ` [RFC net-next 15/15] net/mlx5e: Implement PSP key_rotate operation Jakub Kicinski
2024-05-29 9:16 ` [RFC net-next 00/15] add basic PSP encryption for TCP connections Boris Pismenny
2024-05-29 18:50 ` Jakub Kicinski
2024-05-29 20:01 ` Boris Pismenny
2024-05-29 20:38 ` Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240510030435.120935-14-kuba@kernel.org \
--to=kuba@kernel.org \
--cc=borisp@nvidia.com \
--cc=cratiu@nvidia.com \
--cc=gal@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=raeds@nvidia.com \
--cc=rrameshbabu@nvidia.com \
--cc=steffen.klassert@secunet.com \
--cc=tariqt@nvidia.com \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.