net/octeontx2: support non-ethernet L2 header

In the inline inound path, a custom header would be present at L3 which
has sequence number & SPI. L2 need to be adjusted such that the eventual
packet would have L3 after L2. Remove assumption of L2 type in this
handling.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>

diff --git a/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h b/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h
index b2b1f77..089a3d0 100644 (file)
--- a/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h
+++ b/drivers/crypto/octeontx2/otx2_ipsec_anti_replay.h
@@ -166,8 +166,9 @@ winupdate:
 }
 
 static inline int
-cpt_ipsec_ip_antireplay_check(struct otx2_ipsec_fp_in_sa *sa, char *data)
+cpt_ipsec_ip_antireplay_check(struct otx2_ipsec_fp_in_sa *sa, void *l3_ptr)
 {
+       struct otx2_ipsec_fp_res_hdr *hdr = l3_ptr;
        uint64_t seq_in_sa;
        uint32_t seqh = 0;
        uint32_t seql;
@@ -176,14 +177,12 @@ cpt_ipsec_ip_antireplay_check(struct otx2_ipsec_fp_in_sa *sa, char *data)
        int ret;
 
        esn = sa->ctl.esn_en;
-       seql = rte_be_to_cpu_32(*((uint32_t *)(data +
-                       OTX2_IPSEC_SEQNO_LO_INDEX)));
+       seql = rte_be_to_cpu_32(hdr->seq_no_lo);
 
        if (!esn)
                seq = (uint64_t)seql;
        else {
-               seqh = rte_be_to_cpu_32(*((uint32_t *)(data +
-                               OTX2_IPSEC_SEQNO_HI_INDEX)));
+               seqh = rte_be_to_cpu_32(hdr->seq_no_hi);
                seq = ((uint64_t)seqh << 32) | seql;
        }
 

diff --git a/drivers/crypto/octeontx2/otx2_ipsec_fp.h b/drivers/crypto/octeontx2/otx2_ipsec_fp.h
index a33041d..4be22d4 100644 (file)
--- a/drivers/crypto/octeontx2/otx2_ipsec_fp.h
+++ b/drivers/crypto/octeontx2/otx2_ipsec_fp.h
@@ -10,14 +10,13 @@
 
 /* Macros for anti replay and ESN */
 #define OTX2_IPSEC_MAX_REPLAY_WIN_SZ   1024
-#define OTX2_IPSEC_SAINDEX_SZ          4
-#define OTX2_IPSEC_SEQNO_LO            4
 
-#define OTX2_IPSEC_SEQNO_LO_INDEX      (RTE_ETHER_HDR_LEN + \
-                                        OTX2_IPSEC_SAINDEX_SZ)
-
-#define OTX2_IPSEC_SEQNO_HI_INDEX      (OTX2_IPSEC_SEQNO_LO_INDEX + \
-                                        OTX2_IPSEC_SEQNO_LO)
+struct otx2_ipsec_fp_res_hdr {
+       uint32_t spi;
+       uint32_t seq_no_lo;
+       uint32_t seq_no_hi;
+       uint32_t rsvd;
+};
 
 enum {
        OTX2_IPSEC_FP_SA_DIRECTION_INBOUND = 0,

diff --git a/drivers/net/octeontx2/otx2_rx.h b/drivers/net/octeontx2/otx2_rx.h
index 257492a..ea29aec 100644 (file)
--- a/drivers/net/octeontx2/otx2_rx.h
+++ b/drivers/net/octeontx2/otx2_rx.h
@@ -41,7 +41,6 @@
 
 /* Inline IPsec offsets */
 
-#define INLINE_INB_RPTR_HDR            16
 /* nix_cqe_hdr_s + nix_rx_parse_s + nix_rx_sg_s + nix_iova_s */
 #define INLINE_CPT_RESULT_OFFSET       80
 
@@ -239,14 +238,18 @@ nix_rx_sec_sa_get(const void * const lookup_mem, int spi, uint16_t port)
 }
 
 static __rte_always_inline uint64_t
-nix_rx_sec_mbuf_update(const struct nix_cqe_hdr_s *cq, struct rte_mbuf *m,
+nix_rx_sec_mbuf_update(const struct nix_rx_parse_s *rx,
+                      const struct nix_cqe_hdr_s *cq, struct rte_mbuf *m,
                       const void * const lookup_mem)
 {
+       uint8_t *l2_ptr, *l3_ptr, *l2_ptr_actual, *l3_ptr_actual;
        struct otx2_ipsec_fp_in_sa *sa;
-       struct rte_ipv4_hdr *ipv4;
-       uint16_t m_len;
+       uint16_t m_len, l2_len, ip_len;
+       struct rte_ipv6_hdr *ip6h;
+       struct rte_ipv4_hdr *iph;
+       uint16_t *ether_type;
        uint32_t spi;
-       char *data;
+       int i;
 
        if (unlikely(nix_rx_sec_cptres_get(cq) != OTX2_SEC_COMP_GOOD))
                return PKT_RX_SEC_OFFLOAD | PKT_RX_SEC_OFFLOAD_FAILED;
@@ -257,22 +260,38 @@ nix_rx_sec_mbuf_update(const struct nix_cqe_hdr_s *cq, struct rte_mbuf *m,
        sa = nix_rx_sec_sa_get(lookup_mem, spi, m->port);
        *rte_security_dynfield(m) = sa->udata64;
 
-       data = rte_pktmbuf_mtod(m, char *);
+       l2_ptr = rte_pktmbuf_mtod(m, uint8_t *);
+       l2_len = rx->lcptr - rx->laptr;
+       l3_ptr = RTE_PTR_ADD(l2_ptr, l2_len);
 
        if (sa->replay_win_sz) {
-               if (cpt_ipsec_ip_antireplay_check(sa, data) < 0)
+               if (cpt_ipsec_ip_antireplay_check(sa, l3_ptr) < 0)
                        return PKT_RX_SEC_OFFLOAD | PKT_RX_SEC_OFFLOAD_FAILED;
        }
 
-       memcpy(data + INLINE_INB_RPTR_HDR, data, RTE_ETHER_HDR_LEN);
+       l2_ptr_actual = RTE_PTR_ADD(l2_ptr,
+                                   sizeof(struct otx2_ipsec_fp_res_hdr));
+       l3_ptr_actual = RTE_PTR_ADD(l3_ptr,
+                                   sizeof(struct otx2_ipsec_fp_res_hdr));
 
-       m->data_off += INLINE_INB_RPTR_HDR;
+       for (i = l2_len - RTE_ETHER_TYPE_LEN - 1; i >= 0; i--)
+               l2_ptr_actual[i] = l2_ptr[i];
 
-       ipv4 = (struct rte_ipv4_hdr *)(data + INLINE_INB_RPTR_HDR +
-                                      RTE_ETHER_HDR_LEN);
+       m->data_off += sizeof(struct otx2_ipsec_fp_res_hdr);
 
-       m_len = rte_be_to_cpu_16(ipv4->total_length) + RTE_ETHER_HDR_LEN;
+       ether_type = RTE_PTR_SUB(l3_ptr_actual, RTE_ETHER_TYPE_LEN);
 
+       iph = (struct rte_ipv4_hdr *)l3_ptr_actual;
+       if ((iph->version_ihl >> 4) == 4) {
+               ip_len = rte_be_to_cpu_16(iph->total_length);
+               *ether_type = rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4);
+       } else {
+               ip6h = (struct rte_ipv6_hdr *)iph;
+               ip_len = rte_be_to_cpu_16(ip6h->payload_len);
+               *ether_type = rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6);
+       }
+
+       m_len = ip_len + l2_len;
        m->data_len = m_len;
        m->pkt_len = m_len;
        return PKT_RX_SEC_OFFLOAD;
@@ -322,7 +341,7 @@ otx2_nix_cqe_to_mbuf(const struct nix_cqe_hdr_s *cq, const uint32_t tag,
        if ((flag & NIX_RX_OFFLOAD_SECURITY_F) &&
            cq->cqe_type == NIX_XQE_TYPE_RX_IPSECH) {
                *(uint64_t *)(&mbuf->rearm_data) = val;
-               ol_flags |= nix_rx_sec_mbuf_update(cq, mbuf, lookup_mem);
+               ol_flags |= nix_rx_sec_mbuf_update(rx, cq, mbuf, lookup_mem);
                mbuf->ol_flags = ol_flags;
                return;
        }