From: Daniel Zahka <daniel.zahka@gmail.com>
To: Donald Hunter <donald.hunter@gmail.com>,
Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>, Simon Horman <horms@kernel.org>,
Jonathan Corbet <corbet@lwn.net>,
Andrew Lunn <andrew+netdev@lunn.ch>
Cc: "Saeed Mahameed" <saeedm@nvidia.com>,
"Leon Romanovsky" <leon@kernel.org>,
"Tariq Toukan" <tariqt@nvidia.com>,
"Boris Pismenny" <borisp@nvidia.com>,
"Kuniyuki Iwashima" <kuniyu@google.com>,
"Willem de Bruijn" <willemb@google.com>,
"David Ahern" <dsahern@kernel.org>,
"Neal Cardwell" <ncardwell@google.com>,
"Patrisious Haddad" <phaddad@nvidia.com>,
"Raed Salem" <raeds@nvidia.com>,
"Jianbo Liu" <jianbol@nvidia.com>,
"Dragos Tatulea" <dtatulea@nvidia.com>,
"Rahul Rameshbabu" <rrameshbabu@nvidia.com>,
"Stanislav Fomichev" <sdf@fomichev.me>,
"Toke Høiland-Jørgensen" <toke@redhat.com>,
"Alexander Lobakin" <aleksander.lobakin@intel.com>,
"Kiran Kella" <kiran.kella@broadcom.com>,
"Jacob Keller" <jacob.e.keller@intel.com>,
netdev@vger.kernel.org
Subject: [PATCH net-next v7 16/19] net/mlx5e: Configure PSP Rx flow steering rules
Date: Wed, 20 Aug 2025 04:31:14 -0700 [thread overview]
Message-ID: <20250820113120.992829-17-daniel.zahka@gmail.com> (raw)
In-Reply-To: <20250820113120.992829-1-daniel.zahka@gmail.com>
From: Raed Salem <raeds@nvidia.com>
Set the Rx PSP flow steering rule where PSP packet is identified and
decrypted using the dedicated UDP destination port number 1000. If packet
is decrypted then a PSP marker and syndrome are added to metadata so SW can
use it later on in Rx data path.
The rule is set as part of init_rx netdev profile implementation.
Signed-off-by: Raed Salem <raeds@nvidia.com>
Signed-off-by: Rahul Rameshbabu <rrameshbabu@nvidia.com>
Signed-off-by: Cosmin Ratiu <cratiu@nvidia.com>
Signed-off-by: Daniel Zahka <daniel.zahka@gmail.com>
---
Notes:
v6:
- change loop index in mlx5_accel_psp_fs_init_rx_tables() to int to
avoid relying on udefined behavior.
v1:
- https://lore.kernel.org/netdev/20240510030435.120935-14-kuba@kernel.org/
.../mellanox/mlx5/core/en_accel/en_accel.h | 14 +++++-
.../mellanox/mlx5/core/en_accel/psp_fs.c | 43 ++++++++++++++++---
.../mellanox/mlx5/core/en_accel/psp_fs.h | 7 +++
3 files changed, 58 insertions(+), 6 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h
index 86496e332b03..f1ff79c863d0 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/en_accel.h
@@ -237,12 +237,24 @@ static inline void mlx5e_accel_tx_finish(struct mlx5e_txqsq *sq,
static inline int mlx5e_accel_init_rx(struct mlx5e_priv *priv)
{
- return mlx5e_ktls_init_rx(priv);
+ int err;
+
+ err = mlx5_accel_psp_fs_init_rx_tables(priv);
+ if (err)
+ goto out;
+
+ err = mlx5e_ktls_init_rx(priv);
+ if (err)
+ mlx5_accel_psp_fs_cleanup_rx_tables(priv);
+
+out:
+ return err;
}
static inline void mlx5e_accel_cleanup_rx(struct mlx5e_priv *priv)
{
mlx5e_ktls_cleanup_rx(priv);
+ mlx5_accel_psp_fs_cleanup_rx_tables(priv);
}
static inline int mlx5e_accel_init_tx(struct mlx5e_priv *priv)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.c
index 22809fbc5b43..f3b05c4f2fc0 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.c
@@ -469,9 +469,6 @@ static void accel_psp_fs_cleanup_rx(struct mlx5e_psp_fs *fs)
if (!fs->rx_fs)
return;
- for (i = 0; i < ACCEL_FS_PSP_NUM_TYPES; i++)
- accel_psp_fs_rx_ft_put(fs, i);
-
accel_psp = fs->rx_fs;
for (i = 0; i < ACCEL_FS_PSP_NUM_TYPES; i++) {
fs_prot = &accel_psp->fs_prot[i];
@@ -497,11 +494,47 @@ static int accel_psp_fs_init_rx(struct mlx5e_psp_fs *fs)
mutex_init(&fs_prot->prot_mutex);
}
+ fs->rx_fs = accel_psp;
+
+ return 0;
+}
+
+void mlx5_accel_psp_fs_cleanup_rx_tables(struct mlx5e_priv *priv)
+{
+ int i;
+
+ if (!priv->psp)
+ return;
+
for (i = 0; i < ACCEL_FS_PSP_NUM_TYPES; i++)
- accel_psp_fs_rx_ft_get(fs, ACCEL_FS_PSP4);
+ accel_psp_fs_rx_ft_put(priv->psp->fs, i);
+}
+
+int mlx5_accel_psp_fs_init_rx_tables(struct mlx5e_priv *priv)
+{
+ struct mlx5e_psp_fs *fs;
+ int err, i;
+
+ if (!priv->psp)
+ return 0;
+
+ fs = priv->psp->fs;
+ for (i = 0; i < ACCEL_FS_PSP_NUM_TYPES; i++) {
+ err = accel_psp_fs_rx_ft_get(fs, i);
+ if (err)
+ goto out_err;
+ }
- fs->rx_fs = accel_psp;
return 0;
+
+out_err:
+ i--;
+ while (i >= 0) {
+ accel_psp_fs_rx_ft_put(fs, i);
+ --i;
+ }
+
+ return err;
}
static int accel_psp_fs_tx_create_ft_table(struct mlx5e_psp_fs *fs)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.h b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.h
index d81aeea43505..02215ea67a2d 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_fs.h
@@ -12,6 +12,8 @@ struct mlx5e_psp_fs *mlx5e_accel_psp_fs_init(struct mlx5e_priv *priv);
void mlx5e_accel_psp_fs_cleanup(struct mlx5e_psp_fs *fs);
int mlx5_accel_psp_fs_init_tx_tables(struct mlx5e_priv *priv);
void mlx5_accel_psp_fs_cleanup_tx_tables(struct mlx5e_priv *priv);
+int mlx5_accel_psp_fs_init_rx_tables(struct mlx5e_priv *priv);
+void mlx5_accel_psp_fs_cleanup_rx_tables(struct mlx5e_priv *priv);
#else
static inline int mlx5_accel_psp_fs_init_tx_tables(struct mlx5e_priv *priv)
{
@@ -19,5 +21,10 @@ static inline int mlx5_accel_psp_fs_init_tx_tables(struct mlx5e_priv *priv)
}
static inline void mlx5_accel_psp_fs_cleanup_tx_tables(struct mlx5e_priv *priv) { }
+static inline int mlx5_accel_psp_fs_init_rx_tables(struct mlx5e_priv *priv)
+{
+ return 0;
+}
+static inline void mlx5_accel_psp_fs_cleanup_rx_tables(struct mlx5e_priv *priv) { }
#endif /* CONFIG_MLX5_EN_PSP */
#endif /* __MLX5_PSP_FS_H__ */
--
2.47.3
next prev parent reply other threads:[~2025-08-20 11:31 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-20 11:30 [PATCH net-next v7.0 00/19] add basic PSP encryption for TCP connections Daniel Zahka
2025-08-20 11:30 ` [PATCH net-next v7 01/19] psp: add documentation Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 02/19] psp: base PSP device support Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 03/19] net: modify core data structures for PSP datapath support Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 04/19] tcp: add datapath logic for PSP with inline key exchange Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 05/19] psp: add op for rotation of device key Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 06/19] net: move sk_validate_xmit_skb() to net/core/dev.c Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 07/19] net: tcp: allow tcp_timewait_sock to validate skbs before handing to device Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 08/19] net: psp: add socket security association code Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 09/19] net: psp: update the TCP MSS to reflect PSP packet overhead Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 10/19] psp: track generations of device key Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 11/19] net/mlx5e: Support PSP offload functionality Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 12/19] net/mlx5e: Implement PSP operations .assoc_add and .assoc_del Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 13/19] psp: provide encapsulation helper for drivers Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 14/19] net/mlx5e: Implement PSP Tx data path Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 15/19] net/mlx5e: Add PSP steering in local NIC RX Daniel Zahka
2025-08-20 11:31 ` Daniel Zahka [this message]
2025-08-20 11:31 ` [PATCH net-next v7 17/19] psp: provide decapsulation and receive helper for drivers Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 18/19] net/mlx5e: Add Rx data path offload Daniel Zahka
2025-08-20 11:31 ` [PATCH net-next v7 19/19] net/mlx5e: Implement PSP key_rotate operation Daniel Zahka
2025-08-20 14:06 ` [PATCH net-next v7.0 00/19] add basic PSP encryption for TCP connections Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250820113120.992829-17-daniel.zahka@gmail.com \
--to=daniel.zahka@gmail.com \
--cc=aleksander.lobakin@intel.com \
--cc=andrew+netdev@lunn.ch \
--cc=borisp@nvidia.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=donald.hunter@gmail.com \
--cc=dsahern@kernel.org \
--cc=dtatulea@nvidia.com \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=jacob.e.keller@intel.com \
--cc=jianbol@nvidia.com \
--cc=kiran.kella@broadcom.com \
--cc=kuba@kernel.org \
--cc=kuniyu@google.com \
--cc=leon@kernel.org \
--cc=ncardwell@google.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=phaddad@nvidia.com \
--cc=raeds@nvidia.com \
--cc=rrameshbabu@nvidia.com \
--cc=saeedm@nvidia.com \
--cc=sdf@fomichev.me \
--cc=tariqt@nvidia.com \
--cc=toke@redhat.com \
--cc=willemb@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.