Re: [PATCH net-next v2 12/14] octeontx2-pf: ipsec: Process CPT metapackets

[Tanmay Jagdale <tanmay@marvell.com>]

On 2025-06-20 at 16:36:57, Simon Horman (horms@kernel.org) wrote:
> On Wed, Jun 18, 2025 at 05:00:06PM +0530, Tanmay Jagdale wrote:
> > CPT hardware forwards decrypted IPsec packets to NIX via the X2P bus
> > as metapackets which are of 256 bytes in length. Each metapacket
> > contains CPT_PARSE_HDR_S and initial bytes of the decrypted packet
> > that helps NIX RX in classifying and submitting to CPU. Additionally,
> > CPT also sets BIT(11) of the channel number to indicate that it's a
> > 2nd pass packet from CPT.
> > 
> > Since the metapackets are not complete packets, they don't have to go
> > through L3/L4 layer length and checksum verification so these are
> > disabled via the NIX_LF_INLINE_RQ_CFG mailbox during IPsec initialization.
> > 
> > The CPT_PARSE_HDR_S contains a WQE pointer to the complete decrypted
> > packet. Add code in the rx NAPI handler to parse the header and extract
> > WQE pointer. Later, use this WQE pointer to construct the skb, set the
> > XFRM packet mode flags to indicate successful decryption before submitting
> > it to the network stack.
> > 
> > Signed-off-by: Tanmay Jagdale <tanmay@marvell.com>
> > ---
> > Changes in V2:
> > - Removed unnecessary casts
> > - Don't convert complete cpt_parse_hdr from BE to LE and just
> >   convert required fields
> > - Fixed logic to avoid repeated calculation for start and end in sg
> > 
> > V1 Link: https://lore.kernel.org/netdev/20250502132005.611698-15-tanmay@marvell.com/
> > 
> >  .../marvell/octeontx2/nic/cn10k_ipsec.c       | 52 +++++++++++++++++++
> >  .../marvell/octeontx2/nic/cn10k_ipsec.h       | 48 +++++++++++++++++
> >  .../marvell/octeontx2/nic/otx2_common.h       |  2 +
> >  .../marvell/octeontx2/nic/otx2_struct.h       | 16 ++++++
> >  .../marvell/octeontx2/nic/otx2_txrx.c         | 29 +++++++++--
> >  5 files changed, 144 insertions(+), 3 deletions(-)
> > 
> > diff --git a/drivers/net/ethernet/marvell/octeontx2/nic/cn10k_ipsec.c b/drivers/net/ethernet/marvell/octeontx2/nic/cn10k_ipsec.c
> > index 5cb6bc835e56..a95878378334 100644
> > --- a/drivers/net/ethernet/marvell/octeontx2/nic/cn10k_ipsec.c
> > +++ b/drivers/net/ethernet/marvell/octeontx2/nic/cn10k_ipsec.c
> > @@ -346,6 +346,58 @@ static int cn10k_outb_cpt_init(struct net_device *netdev)
> >  	return ret;
> >  }
> >  
> > +struct nix_wqe_rx_s *cn10k_ipsec_process_cpt_metapkt(struct otx2_nic *pfvf,
> > +						     struct nix_cqe_rx_s *cqe,
> > +						     struct sk_buff *skb,
> > +						     int qidx)
> > +{
> > +	struct nix_rx_sg_s *sg = &cqe->sg;
> > +	struct nix_wqe_rx_s *wqe = NULL;
> > +	u64 *seg_addr = &sg->seg_addr;
> > +	struct cpt_parse_hdr_s *cptp;
> > +	struct xfrm_offload *xo;
> > +	struct xfrm_state *xs;
> > +	struct sec_path *sp;
> > +	void *va;
> > +
> > +	/* CPT_PARSE_HDR_S is present in the beginning of the buffer */
> > +	va = phys_to_virt(otx2_iova_to_phys(pfvf->iommu_domain, *seg_addr));
> > +
> > +	cptp = (struct cpt_parse_hdr_s *)va;
> > +
> > +	/* Convert the wqe_ptr from CPT_PARSE_HDR_S to a CPU usable pointer */
> > +	wqe = phys_to_virt(otx2_iova_to_phys(pfvf->iommu_domain,
> > +					     be64_to_cpu(cptp->wqe_ptr)));
> 
> Hi Tanmay,
Hi Simon,

> 
> be64_to_cpu expects a __be64 argument, but the type of cptp->wqe_ptr is u64.
> Or, IOW, be64_to_cpu expects to be based a big endian value but
> the type of it's argument is host byte order.
Okay. I will fix the structure definition to use __be types.

> 
> > +
> > +	/* Get the XFRM state pointer stored in SA context */
> > +	xs = pfvf->ipsec.inb_sa->base +
> > +	     (be32_to_cpu(cptp->cookie) * pfvf->ipsec.sa_tbl_entry_sz) + 1024;
> 
> Likewise with cookie here.
ACK.

> 
> :Flagged by Sparse.
> 
> ...
> 
With Regards,
Tanmay