X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fnet%2Focteontx2%2Fotx2_ethdev_sec.c;h=a155594e25d3be44fbd256240c4d8c98d0ea29f9;hb=465f7e5804fa2ddc50a8d5239b78e2cb2e8fbd6a;hp=9ea0dc49965e75dc7633a77a65c1a1416ef6b023;hpb=41a18d8b9631231e1f7de8b5afdf9870e2b41e38;p=dpdk.git diff --git a/drivers/net/octeontx2/otx2_ethdev_sec.c b/drivers/net/octeontx2/otx2_ethdev_sec.c index 9ea0dc4996..a155594e25 100644 --- a/drivers/net/octeontx2/otx2_ethdev_sec.c +++ b/drivers/net/octeontx2/otx2_ethdev_sec.c @@ -19,17 +19,7 @@ #include "otx2_ethdev_sec.h" #include "otx2_ipsec_fp.h" #include "otx2_sec_idev.h" - -#define ETH_SEC_MAX_PKT_LEN 1450 - -#define AH_HDR_LEN 12 -#define AES_GCM_IV_LEN 8 -#define AES_GCM_MAC_LEN 16 -#define AES_CBC_IV_LEN 16 -#define SHA1_HMAC_LEN 12 - -#define AES_GCM_ROUNDUP_BYTE_LEN 4 -#define AES_CBC_ROUNDUP_BYTE_LEN 16 +#include "otx2_security.h" struct eth_sec_tag_const { RTE_STD_C11 @@ -239,7 +229,7 @@ ipsec_sa_const_set(struct rte_security_ipsec_xform *ipsec, sess->partial_len += sizeof(struct rte_esp_hdr); sess->roundup_len = sizeof(struct rte_esp_tail); } else if (ipsec->proto == RTE_SECURITY_IPSEC_SA_PROTO_AH) { - sess->partial_len += AH_HDR_LEN; + sess->partial_len += OTX2_SEC_AH_HDR_LEN; } else { return -EINVAL; } @@ -249,9 +239,9 @@ ipsec_sa_const_set(struct rte_security_ipsec_xform *ipsec, if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) { if (xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) { - sess->partial_len += AES_GCM_IV_LEN; - sess->partial_len += AES_GCM_MAC_LEN; - sess->roundup_byte = AES_GCM_ROUNDUP_BYTE_LEN; + sess->partial_len += OTX2_SEC_AES_GCM_IV_LEN; + sess->partial_len += OTX2_SEC_AES_GCM_MAC_LEN; + sess->roundup_byte = OTX2_SEC_AES_GCM_ROUNDUP_BYTE_LEN; } return 0; } @@ -266,14 +256,14 @@ ipsec_sa_const_set(struct rte_security_ipsec_xform *ipsec, return -EINVAL; } if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) { - sess->partial_len += AES_CBC_IV_LEN; - sess->roundup_byte = AES_CBC_ROUNDUP_BYTE_LEN; + sess->partial_len += OTX2_SEC_AES_CBC_IV_LEN; + sess->roundup_byte = OTX2_SEC_AES_CBC_ROUNDUP_BYTE_LEN; } else { return -EINVAL; } if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) - sess->partial_len += SHA1_HMAC_LEN; + sess->partial_len += OTX2_SEC_SHA1_HMAC_LEN; else return -EINVAL; @@ -745,7 +735,7 @@ eth_sec_ipsec_cfg(struct rte_eth_dev *eth_dev, uint8_t tt) req->ipsec_cfg0.sa_pow2_size = rte_log2_u32(sizeof(struct otx2_ipsec_fp_in_sa)); - req->ipsec_cfg0.lenm1_max = ETH_SEC_MAX_PKT_LEN - 1; + req->ipsec_cfg0.lenm1_max = NIX_MAX_FRS - 1; req->ipsec_cfg1.sa_idx_w = rte_log2_u32(dev->ipsec_in_max_spi); req->ipsec_cfg1.sa_idx_max = dev->ipsec_in_max_spi - 1; @@ -753,6 +743,34 @@ eth_sec_ipsec_cfg(struct rte_eth_dev *eth_dev, uint8_t tt) return otx2_mbox_process(mbox); } +int +otx2_eth_sec_update_tag_type(struct rte_eth_dev *eth_dev) +{ + struct otx2_eth_dev *dev = otx2_eth_pmd_priv(eth_dev); + struct otx2_mbox *mbox = dev->mbox; + struct nix_aq_enq_rsp *rsp; + struct nix_aq_enq_req *aq; + int ret; + + aq = otx2_mbox_alloc_msg_nix_aq_enq(mbox); + aq->qidx = 0; /* Read RQ:0 context */ + aq->ctype = NIX_AQ_CTYPE_RQ; + aq->op = NIX_AQ_INSTOP_READ; + + ret = otx2_mbox_process_msg(mbox, (void *)&rsp); + if (ret < 0) { + otx2_err("Could not read RQ context"); + return ret; + } + + /* Update tag type */ + ret = eth_sec_ipsec_cfg(eth_dev, rsp->rq.sso_tt); + if (ret < 0) + otx2_err("Could not update sec eth tag type"); + + return ret; +} + int otx2_eth_sec_init(struct rte_eth_dev *eth_dev) {