From patchwork Thu Dec 19 12:37:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leon Romanovsky X-Patchwork-Id: 13915029 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C7B01221447; Thu, 19 Dec 2024 12:37:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734611857; cv=none; b=YUQEtzd1jywiZ5zwyxLm7H3LhCy0EvkOZ1WsIrGH01JiC21dYr2REuQaGSn3d5EhvGkPe36+Cp+chgopGzXx0bZ+ZDEeNVUTZf+M8WFj6xVOywWasisOGb5qL4JD4G3c+nV47NybhB+sFUPyDJF+6aDDYlEqMuusapLn/UCqhcM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734611857; c=relaxed/simple; bh=iTa+ur7lm+4z/RqHiWarKbLC9Qqkyo0J2aItQd06+kA=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=pF1AgxLtpreUBsA5hMgPGfmQqGpjNTMTKGsdYF0+VghDvG+n1vUZqbQdSCYK3O6yIrkGw9HYQx6Hrj5S2jsK7PLURVrbF3369erXAnLffHxY39MrIYOsrg9XUXPmRefu/nzkhJCy5jcQvHlam8vxp2jvJubon8DuNARzfRZfygA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=LFyHH90v; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="LFyHH90v" Received: by smtp.kernel.org (Postfix) with ESMTPSA id AD090C4CECE; Thu, 19 Dec 2024 12:37:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1734611857; bh=iTa+ur7lm+4z/RqHiWarKbLC9Qqkyo0J2aItQd06+kA=; h=From:To:Cc:Subject:Date:From; b=LFyHH90v7aIIaiYgtuCkgNduif2EcRXx+t1NKd7L1JnKgp9JhZhnEOSlm4mq5hs8Y 6KOUOnY+Ox80NZ6TDiY23JfeIOdNvobIpOdA6QS9ywdFu0dbA3FOY6XfpOIqDbUy8W 1ZINLSJE220I6N3v3/y0cFy5e7hAdIp8CQYlAm8x3XG2o46sRdpYygpXV7ipsBrDNa mT5pP8APZt4w3AFD60pC2UIolum9bf1RKsZi0ABswVkGRLf8/MO7aXZWHnr+ft87oS krYLDiy3AcMy44LN7D0yJ6eFAOmGg4MvU8cPpznL+wZzWC13I2wBNGcNOCYHbYVKDM Mwe/5FBFWzAww== From: Leon Romanovsky To: Steffen Klassert Cc: Jianbo Liu , Andrew Lunn , Eric Dumazet , Herbert Xu , Jakub Kicinski , Jonathan Corbet , linux-doc@vger.kernel.org, linux-rdma@vger.kernel.org, netdev@vger.kernel.org, Paolo Abeni , Potnuri Bharat Teja , Saeed Mahameed , Tariq Toukan Subject: [PATCH ipsec-next 1/2] xfrm: Support ESN context update to hardware for TX Date: Thu, 19 Dec 2024 14:37:29 +0200 Message-ID: <874f965d786606b0b4351c976f50271349f68b03.1734611621.git.leon@kernel.org> X-Mailer: git-send-email 2.47.1 Precedence: bulk X-Mailing-List: linux-rdma@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Jianbo Liu Previously xfrm_dev_state_advance_esn() was added for RX only. But it's possible that ESN context also need to be synced to hardware for TX, so call it for outbound in this patch. Signed-off-by: Jianbo Liu Signed-off-by: Leon Romanovsky --- Documentation/networking/xfrm_device.rst | 3 ++- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 3 +++ drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 3 +++ net/xfrm/xfrm_replay.c | 1 + 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Documentation/networking/xfrm_device.rst b/Documentation/networking/xfrm_device.rst index bfea9d8579ed..66f6e9a9b59a 100644 --- a/Documentation/networking/xfrm_device.rst +++ b/Documentation/networking/xfrm_device.rst @@ -169,7 +169,8 @@ the stack in xfrm_input(). hand the packet to napi_gro_receive() as usual -In ESN mode, xdo_dev_state_advance_esn() is called from xfrm_replay_advance_esn(). +In ESN mode, xdo_dev_state_advance_esn() is called from +xfrm_replay_advance_esn() for RX, and xfrm_replay_overflow_offload_esn for TX. Driver will check packet seq number and update HW ESN state machine if needed. Packet offload mode: diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c index bc3af0054406..e56e4f238795 100644 --- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c +++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c @@ -6559,6 +6559,9 @@ static void cxgb4_advance_esn_state(struct xfrm_state *x) { struct adapter *adap = netdev2adap(x->xso.dev); + if (x->xso.dir != XFRM_DEV_OFFLOAD_IN) + return; + if (!mutex_trylock(&uld_mutex)) { dev_dbg(adap->pdev_dev, "crypto uld critical resource is under use\n"); diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c index ca92e518be76..3dd4f2492090 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c @@ -980,6 +980,9 @@ static void mlx5e_xfrm_advance_esn_state(struct xfrm_state *x) struct mlx5e_ipsec_sa_entry *sa_entry_shadow; bool need_update; + if (x->xso.dir != XFRM_DEV_OFFLOAD_IN) + return; + need_update = mlx5e_ipsec_update_esn_state(sa_entry); if (!need_update) return; diff --git a/net/xfrm/xfrm_replay.c b/net/xfrm/xfrm_replay.c index bc56c6305725..e500aebbad22 100644 --- a/net/xfrm/xfrm_replay.c +++ b/net/xfrm/xfrm_replay.c @@ -729,6 +729,7 @@ static int xfrm_replay_overflow_offload_esn(struct xfrm_state *x, struct sk_buff } replay_esn->oseq = oseq; + xfrm_dev_state_advance_esn(x); if (xfrm_aevent_is_on(net)) xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); From patchwork Thu Dec 19 12:37:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leon Romanovsky X-Patchwork-Id: 13915030 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 81841221DAD; Thu, 19 Dec 2024 12:37:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734611862; cv=none; b=PUaLeV/hmyM9yUjC8+Qvx30p/UuFwle4XHVMQwzXzQ2qzEZ4MRCe8TeyaE2awRXhv3Tgqz46tmonMYPNJgOKTl2W95u1A39Qxn2SlXUMTkY4Chcj65/kSdracfhU8Ebf5sgMZb5OpCHUkKIVEgaXYugES30jj790Bs6Ljk0peJI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734611862; c=relaxed/simple; bh=kebG8IY9GuK7BjBaFN081v5919vSr25Swd0HHOeXBh0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qgBmUAhEvYqSca+ME4u/JgyUsa20aZx6AUeUUZGZqskK12b3UBYUeLcCDLmjp9boAjpTDghZ5wf0UaIVJWVgYABlmcI0AeOuyeZ033oic5EGMQkvi1AHqT5+FYcVStWlDqhNMwgegXWzks8Y6a1A1TRASeJzgz79gAsPzwlSr9g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=JZhBOmsf; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="JZhBOmsf" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 66995C4CECE; Thu, 19 Dec 2024 12:37:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1734611862; bh=kebG8IY9GuK7BjBaFN081v5919vSr25Swd0HHOeXBh0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=JZhBOmsfx0fOSnnSBuJhTuJM9WVmH8YDdBai9AIMChs8JvcDepD2U9RM1+/7W/En1 gafX3cAO/JfN3GZDdeRnKIZTerzu7SwH0zC6GCkA1Lu+uKeuZIlrADVfoRYAbBzRLO xUYWAsWNTQzH2OKz4y+SvUme2ePdqjItDAMkqF7mdOkPBUQyp2J21/qXlDy1gxkSQS yO6rIFNst/gbh2d87q2wV/npOOwfLhkrtqCgeFu17OiyZJkYp39jI8KlDfoyg3NjAA qPcyR2Swm4ls/ISesM2Qx/NwshrysdV1q8eiCk/VA44vMzxKjngcITCB875i24zNJZ 0cbyu/GsNg9Yw== From: Leon Romanovsky To: Steffen Klassert Cc: Jianbo Liu , Andrew Lunn , Eric Dumazet , Jakub Kicinski , linux-rdma@vger.kernel.org, netdev@vger.kernel.org, Paolo Abeni , Saeed Mahameed , Tariq Toukan Subject: [PATCH ipsec-next 2/2] net/mlx5e: Update TX ESN context for IPSec hardware offload Date: Thu, 19 Dec 2024 14:37:30 +0200 Message-ID: X-Mailer: git-send-email 2.47.1 In-Reply-To: <874f965d786606b0b4351c976f50271349f68b03.1734611621.git.leon@kernel.org> References: <874f965d786606b0b4351c976f50271349f68b03.1734611621.git.leon@kernel.org> Precedence: bulk X-Mailing-List: linux-rdma@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Jianbo Liu ESN context must be synced between software and hardware for both RX and TX. As the call to xfrm_dev_state_advance_esn() is added for TX, this patch add the missing logic for TX. So the update is also checked on every packet sent, to see if need to trigger ESN update worker. Signed-off-by: Jianbo Liu Signed-off-by: Tariq Toukan Signed-off-by: Leon Romanovsky --- .../mellanox/mlx5/core/en_accel/ipsec.c | 40 +++++++------------ 1 file changed, 15 insertions(+), 25 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c index 3dd4f2492090..8489b0a0e8bd 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c @@ -94,25 +94,14 @@ static bool mlx5e_ipsec_update_esn_state(struct mlx5e_ipsec_sa_entry *sa_entry) u32 esn, esn_msb; u8 overlap; - switch (x->xso.type) { - case XFRM_DEV_OFFLOAD_PACKET: - switch (x->xso.dir) { - case XFRM_DEV_OFFLOAD_IN: - esn = x->replay_esn->seq; - esn_msb = x->replay_esn->seq_hi; - break; - case XFRM_DEV_OFFLOAD_OUT: - esn = x->replay_esn->oseq; - esn_msb = x->replay_esn->oseq_hi; - break; - default: - WARN_ON(true); - return false; - } - break; - case XFRM_DEV_OFFLOAD_CRYPTO: - /* Already parsed by XFRM core */ + switch (x->xso.dir) { + case XFRM_DEV_OFFLOAD_IN: esn = x->replay_esn->seq; + esn_msb = x->replay_esn->seq_hi; + break; + case XFRM_DEV_OFFLOAD_OUT: + esn = x->replay_esn->oseq; + esn_msb = x->replay_esn->oseq_hi; break; default: WARN_ON(true); @@ -121,11 +110,15 @@ static bool mlx5e_ipsec_update_esn_state(struct mlx5e_ipsec_sa_entry *sa_entry) overlap = sa_entry->esn_state.overlap; - if (esn >= x->replay_esn->replay_window) - seq_bottom = esn - x->replay_esn->replay_window + 1; + if (!x->replay_esn->replay_window) { + seq_bottom = esn; + } else { + if (esn >= x->replay_esn->replay_window) + seq_bottom = esn - x->replay_esn->replay_window + 1; - if (x->xso.type == XFRM_DEV_OFFLOAD_CRYPTO) - esn_msb = xfrm_replay_seqhi(x, htonl(seq_bottom)); + if (x->xso.type == XFRM_DEV_OFFLOAD_CRYPTO) + esn_msb = xfrm_replay_seqhi(x, htonl(seq_bottom)); + } if (sa_entry->esn_state.esn_msb) sa_entry->esn_state.esn = esn; @@ -980,9 +973,6 @@ static void mlx5e_xfrm_advance_esn_state(struct xfrm_state *x) struct mlx5e_ipsec_sa_entry *sa_entry_shadow; bool need_update; - if (x->xso.dir != XFRM_DEV_OFFLOAD_IN) - return; - need_update = mlx5e_ipsec_update_esn_state(sa_entry); if (!need_update) return;