patch 'net/cnxk: update SA userdata and keep original cookie' has been queued to stable release 23.11.2

Xueming Li xuemingl at nvidia.com
Fri Jul 12 12:44:59 CEST 2024

Previous message (by thread): patch 'net/cnxk: fix extbuf handling for multisegment packet' has been queued to stable release 23.11.2
Next message (by thread): patch 'net/cnxk: fix outbound security with higher packet burst' has been queued to stable release 23.11.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to stable release 23.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 07/14/24. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://git.dpdk.org/dpdk-stable/log/?h=23.11-staging

This queued commit can be viewed at:
https://git.dpdk.org/dpdk-stable/commit/?h=23.11-staging&id=49dc3e454e807a9f05c1d7470e6d76a493fc6a0c

Thanks.

Xueming Li <xuemingl at nvidia.com>

---
>From 49dc3e454e807a9f05c1d7470e6d76a493fc6a0c Mon Sep 17 00:00:00 2001
From: Nithin Dabilpuram <ndabilpuram at marvell.com>
Date: Tue, 28 May 2024 12:35:17 +0530
Subject: [PATCH] net/cnxk: update SA userdata and keep original cookie
Cc: Xueming Li <xuemingl at nvidia.com>

[ upstream commit 590ee5cd95b7161b36608fcfb8c76574f6cd1459 ]

Update SA userdata as part of session_update() and
keep the original cookie that is used to identify
SA.

Fixes: 8efa348e8160 ("net/cnxk: support custom SA index")

Signed-off-by: Nithin Dabilpuram <ndabilpuram at marvell.com>
---
 drivers/net/cnxk/cn10k_ethdev_sec.c | 57 ++++++++++++++++++++++++++++-
 1 file changed, 55 insertions(+), 2 deletions(-)

diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 575d0fabd5..4719f6b863 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -1087,8 +1087,8 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
 {
 	struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
 	struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
-	struct roc_ot_ipsec_inb_sa *inb_sa_dptr;
 	struct rte_security_ipsec_xform *ipsec;
+	struct cn10k_sec_sess_priv sess_priv;
 	struct rte_crypto_sym_xform *crypto;
 	struct cnxk_eth_sec_sess *eth_sec;
 	bool inbound;
@@ -1109,6 +1109,11 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
 	eth_sec->spi = conf->ipsec.spi;
 
 	if (inbound) {
+		struct roc_ot_ipsec_inb_sa *inb_sa_dptr, *inb_sa;
+		struct cn10k_inb_priv_data *inb_priv;
+
+		inb_sa = eth_sec->sa;
+		inb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa);
 		inb_sa_dptr = (struct roc_ot_ipsec_inb_sa *)dev->inb.sa_dptr;
 		memset(inb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa));
 
@@ -1116,26 +1121,74 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
 					       true);
 		if (rc)
 			return -EINVAL;
+		/* Use cookie for original data */
+		inb_sa_dptr->w1.s.cookie = inb_sa->w1.s.cookie;
+
+		if (ipsec->options.stats == 1) {
+			/* Enable mib counters */
+			inb_sa_dptr->w0.s.count_mib_bytes = 1;
+			inb_sa_dptr->w0.s.count_mib_pkts = 1;
+		}
+
+		/* Enable out-of-place processing */
+		if (ipsec->options.ingress_oop)
+			inb_sa_dptr->w0.s.pkt_format = ROC_IE_OT_SA_PKT_FMT_FULL;
 
 		rc = roc_nix_inl_ctx_write(&dev->nix, inb_sa_dptr, eth_sec->sa,
 					   eth_sec->inb,
 					   sizeof(struct roc_ot_ipsec_inb_sa));
 		if (rc)
 			return -EINVAL;
+
+		/* Save userdata in inb private area */
+		inb_priv->userdata = conf->userdata;
 	} else {
-		struct roc_ot_ipsec_outb_sa *outb_sa_dptr;
+		struct roc_ot_ipsec_outb_sa *outb_sa_dptr, *outb_sa;
+		struct cn10k_outb_priv_data *outb_priv;
+		struct cnxk_ipsec_outb_rlens *rlens;
 
+		outb_sa = eth_sec->sa;
+		outb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa);
+		rlens = &outb_priv->rlens;
 		outb_sa_dptr = (struct roc_ot_ipsec_outb_sa *)dev->outb.sa_dptr;
 		memset(outb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa));
 
 		rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto);
 		if (rc)
 			return -EINVAL;
+
+		/* Save rlen info */
+		cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto);
+
+		if (ipsec->options.stats == 1) {
+			/* Enable mib counters */
+			outb_sa_dptr->w0.s.count_mib_bytes = 1;
+			outb_sa_dptr->w0.s.count_mib_pkts = 1;
+		}
+
+		sess_priv.u64 = 0;
+		sess_priv.sa_idx = outb_priv->sa_idx;
+		sess_priv.roundup_byte = rlens->roundup_byte;
+		sess_priv.roundup_len = rlens->roundup_len;
+		sess_priv.partial_len = rlens->partial_len;
+		sess_priv.mode = outb_sa_dptr->w2.s.ipsec_mode;
+		sess_priv.outer_ip_ver = outb_sa_dptr->w2.s.outer_ip_ver;
+		/* Propagate inner checksum enable from SA to fast path */
+		sess_priv.chksum =
+			(!ipsec->options.ip_csum_enable << 1 | !ipsec->options.l4_csum_enable);
+		sess_priv.dec_ttl = ipsec->options.dec_ttl;
+		if (roc_feature_nix_has_inl_ipsec_mseg() && dev->outb.cpt_eng_caps & BIT_ULL(35))
+			sess_priv.nixtx_off = 1;
+
 		rc = roc_nix_inl_ctx_write(&dev->nix, outb_sa_dptr, eth_sec->sa,
 					   eth_sec->inb,
 					   sizeof(struct roc_ot_ipsec_outb_sa));
 		if (rc)
 			return -EINVAL;
+
+		/* Save userdata */
+		outb_priv->userdata = conf->userdata;
+		sess->fast_mdata = sess_priv.u64;
 	}
 
 	return 0;
-- 
2.34.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2024-07-12 18:40:17.458461024 +0800
+++ 0073-net-cnxk-update-SA-userdata-and-keep-original-cookie.patch	2024-07-12 18:40:14.196594216 +0800
@@ -1 +1 @@
-From 590ee5cd95b7161b36608fcfb8c76574f6cd1459 Mon Sep 17 00:00:00 2001
+From 49dc3e454e807a9f05c1d7470e6d76a493fc6a0c Mon Sep 17 00:00:00 2001
@@ -4,0 +5,3 @@
+Cc: Xueming Li <xuemingl at nvidia.com>
+
+[ upstream commit 590ee5cd95b7161b36608fcfb8c76574f6cd1459 ]
@@ -11 +13,0 @@
-Cc: stable at dpdk.org
@@ -19 +21 @@
-index af27d3bbc1..eed4c29218 100644
+index 575d0fabd5..4719f6b863 100644
@@ -22 +24 @@
-@@ -1101,8 +1101,8 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
+@@ -1087,8 +1087,8 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
@@ -32 +34 @@
-@@ -1123,6 +1123,11 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
+@@ -1109,6 +1109,11 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
@@ -44 +46 @@
-@@ -1130,26 +1135,74 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,
+@@ -1116,26 +1121,74 @@ cn10k_eth_sec_session_update(void *device, struct rte_security_session *sess,

Previous message (by thread): patch 'net/cnxk: fix extbuf handling for multisegment packet' has been queued to stable release 23.11.2
Next message (by thread): patch 'net/cnxk: fix outbound security with higher packet burst' has been queued to stable release 23.11.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list