From: Saeed Mahameed <saeed@kernel.org>
To: Daniel Zahka <daniel.zahka@gmail.com>
Cc: "Donald Hunter" <donald.hunter@gmail.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Paolo Abeni" <pabeni@redhat.com>,
"Simon Horman" <horms@kernel.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Andrew Lunn" <andrew+netdev@lunn.ch>,
"Saeed Mahameed" <saeedm@nvidia.com>,
"Leon Romanovsky" <leon@kernel.org>,
"Tariq Toukan" <tariqt@nvidia.com>,
"Boris Pismenny" <borisp@nvidia.com>,
"Kuniyuki Iwashima" <kuniyu@google.com>,
"Willem de Bruijn" <willemb@google.com>,
"David Ahern" <dsahern@kernel.org>,
"Neal Cardwell" <ncardwell@google.com>,
"Patrisious Haddad" <phaddad@nvidia.com>,
"Raed Salem" <raeds@nvidia.com>,
"Jianbo Liu" <jianbol@nvidia.com>,
"Dragos Tatulea" <dtatulea@nvidia.com>,
"Rahul Rameshbabu" <rrameshbabu@nvidia.com>,
"Stanislav Fomichev" <sdf@fomichev.me>,
"Toke Høiland-Jørgensen" <toke@redhat.com>,
"Alexander Lobakin" <aleksander.lobakin@intel.com>,
"Kiran Kella" <kiran.kella@broadcom.com>,
"Jacob Keller" <jacob.e.keller@intel.com>,
netdev@vger.kernel.org
Subject: Re: [PATCH net-next v10 11/19] net/mlx5e: Support PSP offload functionality
Date: Tue, 2 Sep 2025 23:05:52 -0700 [thread overview]
Message-ID: <aLfawAgTtPDK_ZWf@x130> (raw)
In-Reply-To: <20250828162953.2707727-12-daniel.zahka@gmail.com>
On 28 Aug 09:29, Daniel Zahka wrote:
>From: Raed Salem <raeds@nvidia.com>
>
>Add PSP offload related IFC structs, layouts, and enumerations. Implement
>.set_config and .rx_spi_alloc PSP device operations. Driver does not need
>to make use of the .set_config operation. Stub .assoc_add and .assoc_del
>PSP operations.
>
>Introduce the MLX5_EN_PSP configuration option for enabling PSP offload
>support on mlx5 devices.
>
>Signed-off-by: Raed Salem <raeds@nvidia.com>
>Signed-off-by: Rahul Rameshbabu <rrameshbabu@nvidia.com>
>Signed-off-by: Cosmin Ratiu <cratiu@nvidia.com>
>Signed-off-by: Daniel Zahka <daniel.zahka@gmail.com>
>---
>
>Notes:
> v7:
> - use flexible array declaration instead of 0-length array declaration
> in struct mlx5_ifc_psp_gen_spi_out_bits
> v4:
> - remove unneeded psp.c/psp.h files
> - remove unneeded struct psp_key_spi usage
> v1:
> - https://lore.kernel.org/netdev/20240510030435.120935-10-kuba@kernel.org/
>
> .../net/ethernet/mellanox/mlx5/core/Kconfig | 11 ++
> .../net/ethernet/mellanox/mlx5/core/Makefile | 2 +
> drivers/net/ethernet/mellanox/mlx5/core/en.h | 3 +
> .../ethernet/mellanox/mlx5/core/en/params.c | 4 +-
> .../mellanox/mlx5/core/en_accel/psp.c | 140 ++++++++++++++++++
> .../mellanox/mlx5/core/en_accel/psp.h | 47 ++++++
> .../mellanox/mlx5/core/en_accel/psp_offload.c | 44 ++++++
> .../net/ethernet/mellanox/mlx5/core/en_main.c | 9 ++
> drivers/net/ethernet/mellanox/mlx5/core/fw.c | 6 +
> .../net/ethernet/mellanox/mlx5/core/main.c | 1 +
> .../mellanox/mlx5/core/steering/hws/definer.c | 2 +-
> include/linux/mlx5/device.h | 4 +
> include/linux/mlx5/mlx5_ifc.h | 95 +++++++++++-
> 13 files changed, 361 insertions(+), 7 deletions(-)
> create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp.c
> create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp.h
> create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en_accel/psp_offload.c
>
[...]
>
>+struct mlx5_ifc_psp_cap_bits {
>+ u8 reserved_at_0[0x1];
The below cap is not set or checked in the whole series:
The only occurrence is this definition.
$ git grep psp_crypto_offload tmp/psp
tmp/psp:include/linux/mlx5/mlx5_ifc.h: u8 psp_crypto_offload[0x1]; /* Set by the driver */
This should be at least checked in mlx5_is_psp_device();
>+ u8 psp_crypto_offload[0x1]; /* Set by the driver */
This comment is not true, the cap is advertised by FW on a psp
capable device. Nothing is needed from driver.
On CX7 and CX8 (FW already PSP capable, without this series):
$ mlx5ctl 0000:17:00.0 cap -i cmd_hca_cap | grep psp
psp_old: 0x0 (0)
psp: 0x1 (1)
$ mlx5ctl 0000:17:00.0 cap -i psp_cap
Node: psp_cap
psp_crypto_offload: 0x1 (1)
^^^^^^^ (Advertised by FW already)
psp_crypto_esp_aes_gcm_256_encrypt: 0x1 (1)
psp_crypto_esp_aes_gcm_128_encrypt: 0x1 (1)
psp_crypto_esp_aes_gcm_256_decrypt: 0x1 (1)
psp_crypto_esp_aes_gcm_128_decrypt: 0x1 (1)
log_max_num_of_psp_spi: 0xb (11)
On Cx6-LX (Crypto, but not psp capable):
$ mlx5ctl 0000:97:00.0 cap -i cmd_hca_cap | grep -E "psp|crypto"
psp_old: 0x0 (0)
psp: 0x0 (0)
crypto: 0x1 (1)
$ mlx5ctl 0000:97:00.0 cap -i psp_cap
Error : opcode 0, syndrome 0x3d6c79 fw status 3 status 0
query cap (0x1e) failed opcode 0x100 opmod 0x3d
I will clean this up as part of my mlx5-next PR, my cleanup will cause a
conflict when re-basing this series on top of the PR+netdev, so just take
my changes "current" to resolve the conflict.
>+ u8 reserved_at_2[0x1];
>+ u8 psp_crypto_esp_aes_gcm_256_encrypt[0x1];
>+ u8 psp_crypto_esp_aes_gcm_128_encrypt[0x1];
>+ u8 psp_crypto_esp_aes_gcm_256_decrypt[0x1];
>+ u8 psp_crypto_esp_aes_gcm_128_decrypt[0x1];
>+ u8 reserved_at_7[0x4];
>+ u8 log_max_num_of_psp_spi[0x5];
>+ u8 reserved_at_10[0x7f0];
>+};
next prev parent reply other threads:[~2025-09-03 6:05 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-28 16:29 [PATCH net-next v10 00/19] add basic PSP encryption for TCP connections Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 01/19] psp: add documentation Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 02/19] psp: base PSP device support Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 03/19] net: modify core data structures for PSP datapath support Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 04/19] tcp: add datapath logic for PSP with inline key exchange Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 05/19] psp: add op for rotation of device key Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 06/19] net: move sk_validate_xmit_skb() to net/core/dev.c Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 07/19] net: tcp: allow tcp_timewait_sock to validate skbs before handing to device Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 08/19] net: psp: add socket security association code Daniel Zahka
2025-09-02 10:43 ` Paolo Abeni
2025-09-03 2:58 ` Daniel Zahka
2025-09-03 8:57 ` Paolo Abeni
2025-09-02 13:13 ` Paolo Abeni
2025-08-28 16:29 ` [PATCH net-next v10 09/19] net: psp: update the TCP MSS to reflect PSP packet overhead Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 10/19] psp: track generations of device key Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 11/19] net/mlx5e: Support PSP offload functionality Daniel Zahka
2025-09-03 6:05 ` Saeed Mahameed [this message]
2025-08-28 16:29 ` [PATCH net-next v10 12/19] net/mlx5e: Implement PSP operations .assoc_add and .assoc_del Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 13/19] psp: provide encapsulation helper for drivers Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 14/19] net/mlx5e: Implement PSP Tx data path Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 15/19] net/mlx5e: Add PSP steering in local NIC RX Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 16/19] net/mlx5e: Configure PSP Rx flow steering rules Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 17/19] psp: provide decapsulation and receive helper for drivers Daniel Zahka
2025-09-02 10:28 ` Paolo Abeni
2025-09-03 3:10 ` Daniel Zahka
2025-09-03 9:01 ` Paolo Abeni
2025-08-28 16:29 ` [PATCH net-next v10 18/19] net/mlx5e: Add Rx data path offload Daniel Zahka
2025-08-28 16:29 ` [PATCH net-next v10 19/19] net/mlx5e: Implement PSP key_rotate operation Daniel Zahka
2025-09-02 19:41 ` [PATCH net-next v10 00/19] add basic PSP encryption for TCP connections Saeed Mahameed
2025-09-02 20:08 ` Jakub Kicinski
2025-09-03 2:47 ` Saeed Mahameed
2025-09-03 22:32 ` Jakub Kicinski
2025-09-03 15:51 ` Daniel Zahka
2025-09-03 22:26 ` Saeed Mahameed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aLfawAgTtPDK_ZWf@x130 \
--to=saeed@kernel.org \
--cc=aleksander.lobakin@intel.com \
--cc=andrew+netdev@lunn.ch \
--cc=borisp@nvidia.com \
--cc=corbet@lwn.net \
--cc=daniel.zahka@gmail.com \
--cc=davem@davemloft.net \
--cc=donald.hunter@gmail.com \
--cc=dsahern@kernel.org \
--cc=dtatulea@nvidia.com \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=jacob.e.keller@intel.com \
--cc=jianbol@nvidia.com \
--cc=kiran.kella@broadcom.com \
--cc=kuba@kernel.org \
--cc=kuniyu@google.com \
--cc=leon@kernel.org \
--cc=ncardwell@google.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=phaddad@nvidia.com \
--cc=raeds@nvidia.com \
--cc=rrameshbabu@nvidia.com \
--cc=saeedm@nvidia.com \
--cc=sdf@fomichev.me \
--cc=tariqt@nvidia.com \
--cc=toke@redhat.com \
--cc=willemb@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.