diff options
Diffstat (limited to 'examples/ip_pipeline')
| -rw-r--r-- | examples/ip_pipeline/Makefile | 1 | ||||
| -rw-r--r-- | examples/ip_pipeline/action.c | 67 | ||||
| -rw-r--r-- | examples/ip_pipeline/action.h | 1 | ||||
| -rw-r--r-- | examples/ip_pipeline/cli.c | 831 | ||||
| -rw-r--r-- | examples/ip_pipeline/conn.c | 1 | ||||
| -rw-r--r-- | examples/ip_pipeline/cryptodev.c | 117 | ||||
| -rw-r--r-- | examples/ip_pipeline/cryptodev.h | 43 | ||||
| -rw-r--r-- | examples/ip_pipeline/examples/flow_crypto.cli | 58 | ||||
| -rw-r--r-- | examples/ip_pipeline/hash_func.h | 357 | ||||
| -rw-r--r-- | examples/ip_pipeline/hash_func_arm64.h | 232 | ||||
| -rw-r--r-- | examples/ip_pipeline/link.c | 1 | ||||
| -rw-r--r-- | examples/ip_pipeline/main.c | 9 | ||||
| -rw-r--r-- | examples/ip_pipeline/meson.build | 3 | ||||
| -rw-r--r-- | examples/ip_pipeline/pipeline.c | 79 | ||||
| -rw-r--r-- | examples/ip_pipeline/pipeline.h | 16 | ||||
| -rw-r--r-- | examples/ip_pipeline/thread.c | 70 |
16 files changed, 1245 insertions, 641 deletions
diff --git a/examples/ip_pipeline/Makefile b/examples/ip_pipeline/Makefile index 3fb98ce3..41ba7df2 100644 --- a/examples/ip_pipeline/Makefile +++ b/examples/ip_pipeline/Makefile @@ -18,6 +18,7 @@ SRCS-y += swq.c SRCS-y += tap.c SRCS-y += thread.c SRCS-y += tmgr.c +SRCS-y += cryptodev.c # Build using pkg-config variables if possible $(shell pkg-config --exists libdpdk) diff --git a/examples/ip_pipeline/action.c b/examples/ip_pipeline/action.c index a29c2b36..d2104aad 100644 --- a/examples/ip_pipeline/action.c +++ b/examples/ip_pipeline/action.c @@ -7,9 +7,9 @@ #include <string.h> #include <rte_string_fns.h> +#include <rte_table_hash_func.h> #include "action.h" -#include "hash_func.h" /** * Input port @@ -57,35 +57,35 @@ port_in_action_profile_create(const char *name, (params->lb.f_hash == NULL)) { switch (params->lb.key_size) { case 8: - params->lb.f_hash = hash_default_key8; + params->lb.f_hash = rte_table_hash_crc_key8; break; case 16: - params->lb.f_hash = hash_default_key16; + params->lb.f_hash = rte_table_hash_crc_key16; break; case 24: - params->lb.f_hash = hash_default_key24; + params->lb.f_hash = rte_table_hash_crc_key24; break; case 32: - params->lb.f_hash = hash_default_key32; + params->lb.f_hash = rte_table_hash_crc_key32; break; case 40: - params->lb.f_hash = hash_default_key40; + params->lb.f_hash = rte_table_hash_crc_key40; break; case 48: - params->lb.f_hash = hash_default_key48; + params->lb.f_hash = rte_table_hash_crc_key48; break; case 56: - params->lb.f_hash = hash_default_key56; + params->lb.f_hash = rte_table_hash_crc_key56; break; case 64: - params->lb.f_hash = hash_default_key64; + params->lb.f_hash = rte_table_hash_crc_key64; break; default: @@ -192,35 +192,35 @@ table_action_profile_create(const char *name, (params->lb.f_hash == NULL)) { switch (params->lb.key_size) { case 8: - params->lb.f_hash = hash_default_key8; + params->lb.f_hash = rte_table_hash_crc_key8; break; case 16: - params->lb.f_hash = hash_default_key16; + params->lb.f_hash = rte_table_hash_crc_key16; break; case 24: - params->lb.f_hash = hash_default_key24; + params->lb.f_hash = rte_table_hash_crc_key24; break; case 32: - params->lb.f_hash = hash_default_key32; + params->lb.f_hash = rte_table_hash_crc_key32; break; case 40: - params->lb.f_hash = hash_default_key40; + params->lb.f_hash = rte_table_hash_crc_key40; break; case 48: - params->lb.f_hash = hash_default_key48; + params->lb.f_hash = rte_table_hash_crc_key48; break; case 56: - params->lb.f_hash = hash_default_key56; + params->lb.f_hash = rte_table_hash_crc_key56; break; case 64: - params->lb.f_hash = hash_default_key64; + params->lb.f_hash = rte_table_hash_crc_key64; break; default: @@ -333,6 +333,39 @@ table_action_profile_create(const char *name, } } + if (params->action_mask & (1LLU << RTE_TABLE_ACTION_SYM_CRYPTO)) { + status = rte_table_action_profile_action_register(ap, + RTE_TABLE_ACTION_SYM_CRYPTO, + ¶ms->sym_crypto); + + if (status) { + rte_table_action_profile_free(ap); + return NULL; + } + } + + if (params->action_mask & (1LLU << RTE_TABLE_ACTION_TAG)) { + status = rte_table_action_profile_action_register(ap, + RTE_TABLE_ACTION_TAG, + NULL); + + if (status) { + rte_table_action_profile_free(ap); + return NULL; + } + } + + if (params->action_mask & (1LLU << RTE_TABLE_ACTION_DECAP)) { + status = rte_table_action_profile_action_register(ap, + RTE_TABLE_ACTION_DECAP, + NULL); + + if (status) { + rte_table_action_profile_free(ap); + return NULL; + } + } + status = rte_table_action_profile_freeze(ap); if (status) { rte_table_action_profile_free(ap); diff --git a/examples/ip_pipeline/action.h b/examples/ip_pipeline/action.h index 417200e8..cde17e69 100644 --- a/examples/ip_pipeline/action.h +++ b/examples/ip_pipeline/action.h @@ -53,6 +53,7 @@ struct table_action_profile_params { struct rte_table_action_nat_config nat; struct rte_table_action_ttl_config ttl; struct rte_table_action_stats_config stats; + struct rte_table_action_sym_crypto_config sym_crypto; }; struct table_action_profile { diff --git a/examples/ip_pipeline/cli.c b/examples/ip_pipeline/cli.c index 102a1d6b..d1e55407 100644 --- a/examples/ip_pipeline/cli.c +++ b/examples/ip_pipeline/cli.c @@ -12,6 +12,8 @@ #include <rte_ethdev.h> #include "cli.h" + +#include "cryptodev.h" #include "kni.h" #include "link.h" #include "mempool.h" @@ -785,6 +787,65 @@ cmd_kni(char **tokens, } } +static const char cmd_cryptodev_help[] = +"cryptodev <cryptodev_name>\n" +" dev <device_name> | dev_id <device_id>\n" +" queue <n_queues> <queue_size>\n"; + +static void +cmd_cryptodev(char **tokens, + uint32_t n_tokens, + char *out, + size_t out_size) +{ + struct cryptodev_params params; + char *name; + + memset(¶ms, 0, sizeof(params)); + if (n_tokens != 7) { + snprintf(out, out_size, MSG_ARG_MISMATCH, tokens[0]); + return; + } + + name = tokens[1]; + + if (strcmp(tokens[2], "dev") == 0) + params.dev_name = tokens[3]; + else if (strcmp(tokens[2], "dev_id") == 0) { + if (parser_read_uint32(¶ms.dev_id, tokens[3]) < 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "dev_id"); + return; + } + } else { + snprintf(out, out_size, MSG_ARG_INVALID, + "cryptodev"); + return; + } + + if (strcmp(tokens[4], "queue")) { + snprintf(out, out_size, MSG_ARG_NOT_FOUND, + "4"); + return; + } + + if (parser_read_uint32(¶ms.n_queues, tokens[5]) < 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "q"); + return; + } + + if (parser_read_uint32(¶ms.queue_size, tokens[6]) < 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "queue_size"); + return; + } + + if (cryptodev_create(name, ¶ms) == NULL) { + snprintf(out, out_size, MSG_CMD_FAIL, tokens[0]); + return; + } +} static const char cmd_port_in_action_profile_help[] = "port in action profile <profile_name>\n" @@ -961,13 +1022,19 @@ static const char cmd_table_action_profile_help[] = " tc <n_tc>\n" " stats none | pkts | bytes | both]\n" " [tm spp <n_subports_per_port> pps <n_pipes_per_subport>]\n" -" [encap ether | vlan | qinq | mpls | pppoe]\n" +" [encap ether | vlan | qinq | mpls | pppoe |\n" +" vxlan offset <ether_offset> ipv4 | ipv6 vlan on | off]\n" " [nat src | dst\n" " proto udp | tcp]\n" " [ttl drop | fwd\n" " stats none | pkts]\n" " [stats pkts | bytes | both]\n" -" [time]\n"; +" [time]\n" +" [sym_crypto dev <CRYPTODEV_NAME> offset <op_offset> " +" mempool_create <mempool_name>\n" +" mempool_init <mempool_name>]\n" +" [tag]\n" +" [decap]\n"; static void cmd_table_action_profile(char **tokens, @@ -1157,6 +1224,8 @@ cmd_table_action_profile(char **tokens, } /* tm */ if ((t0 < n_tokens) && (strcmp(tokens[t0], "encap") == 0)) { + uint32_t n_extra_tokens = 0; + if (n_tokens < t0 + 2) { snprintf(out, out_size, MSG_ARG_MISMATCH, "action profile encap"); @@ -1173,13 +1242,61 @@ cmd_table_action_profile(char **tokens, p.encap.encap_mask = 1LLU << RTE_TABLE_ACTION_ENCAP_MPLS; else if (strcmp(tokens[t0 + 1], "pppoe") == 0) p.encap.encap_mask = 1LLU << RTE_TABLE_ACTION_ENCAP_PPPOE; - else { + else if (strcmp(tokens[t0 + 1], "vxlan") == 0) { + if (n_tokens < t0 + 2 + 5) { + snprintf(out, out_size, MSG_ARG_MISMATCH, + "action profile encap vxlan"); + return; + } + + if (strcmp(tokens[t0 + 2], "offset") != 0) { + snprintf(out, out_size, MSG_ARG_NOT_FOUND, + "vxlan: offset"); + return; + } + + if (parser_read_uint32(&p.encap.vxlan.data_offset, + tokens[t0 + 2 + 1]) != 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "vxlan: ether_offset"); + return; + } + + if (strcmp(tokens[t0 + 2 + 2], "ipv4") == 0) + p.encap.vxlan.ip_version = 1; + else if (strcmp(tokens[t0 + 2 + 2], "ipv6") == 0) + p.encap.vxlan.ip_version = 0; + else { + snprintf(out, out_size, MSG_ARG_INVALID, + "vxlan: ipv4 or ipv6"); + return; + } + + if (strcmp(tokens[t0 + 2 + 3], "vlan") != 0) { + snprintf(out, out_size, MSG_ARG_NOT_FOUND, + "vxlan: vlan"); + return; + } + + if (strcmp(tokens[t0 + 2 + 4], "on") == 0) + p.encap.vxlan.vlan = 1; + else if (strcmp(tokens[t0 + 2 + 4], "off") == 0) + p.encap.vxlan.vlan = 0; + else { + snprintf(out, out_size, MSG_ARG_INVALID, + "vxlan: on or off"); + return; + } + + p.encap.encap_mask = 1LLU << RTE_TABLE_ACTION_ENCAP_VXLAN; + n_extra_tokens = 5; + } else { snprintf(out, out_size, MSG_ARG_MISMATCH, "encap"); return; } p.action_mask |= 1LLU << RTE_TABLE_ACTION_ENCAP; - t0 += 2; + t0 += 2 + n_extra_tokens; } /* encap */ if ((t0 < n_tokens) && (strcmp(tokens[t0], "nat") == 0)) { @@ -1285,6 +1402,67 @@ cmd_table_action_profile(char **tokens, t0 += 1; } /* time */ + if ((t0 < n_tokens) && (strcmp(tokens[t0], "sym_crypto") == 0)) { + struct cryptodev *cryptodev; + struct mempool *mempool; + + if (n_tokens < t0 + 9 || + strcmp(tokens[t0 + 1], "dev") || + strcmp(tokens[t0 + 3], "offset") || + strcmp(tokens[t0 + 5], "mempool_create") || + strcmp(tokens[t0 + 7], "mempool_init")) { + snprintf(out, out_size, MSG_ARG_MISMATCH, + "table action profile sym_crypto"); + return; + } + + cryptodev = cryptodev_find(tokens[t0 + 2]); + if (cryptodev == NULL) { + snprintf(out, out_size, MSG_ARG_INVALID, + "table action profile sym_crypto"); + return; + } + + p.sym_crypto.cryptodev_id = cryptodev->dev_id; + + if (parser_read_uint32(&p.sym_crypto.op_offset, + tokens[t0 + 4]) != 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "table action profile sym_crypto"); + return; + } + + mempool = mempool_find(tokens[t0 + 6]); + if (mempool == NULL) { + snprintf(out, out_size, MSG_ARG_INVALID, + "table action profile sym_crypto"); + return; + } + p.sym_crypto.mp_create = mempool->m; + + mempool = mempool_find(tokens[t0 + 8]); + if (mempool == NULL) { + snprintf(out, out_size, MSG_ARG_INVALID, + "table action profile sym_crypto"); + return; + } + p.sym_crypto.mp_init = mempool->m; + + p.action_mask |= 1LLU << RTE_TABLE_ACTION_SYM_CRYPTO; + + t0 += 9; + } /* sym_crypto */ + + if ((t0 < n_tokens) && (strcmp(tokens[t0], "tag") == 0)) { + p.action_mask |= 1LLU << RTE_TABLE_ACTION_TAG; + t0 += 1; + } /* tag */ + + if ((t0 < n_tokens) && (strcmp(tokens[t0], "decap") == 0)) { + p.action_mask |= 1LLU << RTE_TABLE_ACTION_DECAP; + t0 += 1; + } /* decap */ + if (t0 < n_tokens) { snprintf(out, out_size, MSG_ARG_MISMATCH, tokens[0]); return; @@ -1366,6 +1544,7 @@ static const char cmd_pipeline_port_in_help[] = " | tap <tap_name> mempool <mempool_name> mtu <mtu>\n" " | kni <kni_name>\n" " | source mempool <mempool_name> file <file_name> bpp <n_bytes_per_pkt>\n" +" | cryptodev <cryptodev_name> rxq <queue_id>\n" " [action <port_in_action_profile_name>]\n" " [disabled]\n"; @@ -1538,6 +1717,26 @@ cmd_pipeline_port_in(char **tokens, } t0 += 7; + } else if (strcmp(tokens[t0], "cryptodev") == 0) { + if (n_tokens < t0 + 3) { + snprintf(out, out_size, MSG_ARG_MISMATCH, + "pipeline port in cryptodev"); + return; + } + + p.type = PORT_IN_CRYPTODEV; + + p.dev_name = tokens[t0 + 1]; + if (parser_read_uint16(&p.rxq.queue_id, tokens[t0 + 3]) != 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "rxq"); + return; + } + + p.cryptodev.arg_callback = NULL; + p.cryptodev.f_callback = NULL; + + t0 += 4; } else { snprintf(out, out_size, MSG_ARG_INVALID, tokens[0]); return; @@ -1584,7 +1783,8 @@ static const char cmd_pipeline_port_out_help[] = " | tmgr <tmgr_name>\n" " | tap <tap_name>\n" " | kni <kni_name>\n" -" | sink [file <file_name> pkts <max_n_pkts>]\n"; +" | sink [file <file_name> pkts <max_n_pkts>]\n" +" | cryptodev <cryptodev_name> txq <txq_id> offset <crypto_op_offset>\n"; static void cmd_pipeline_port_out(char **tokens, @@ -1718,6 +1918,41 @@ cmd_pipeline_port_out(char **tokens, return; } } + + } else if (strcmp(tokens[6], "cryptodev") == 0) { + if (n_tokens != 12) { + snprintf(out, out_size, MSG_ARG_MISMATCH, + "pipeline port out cryptodev"); + return; + } + + p.type = PORT_OUT_CRYPTODEV; + + p.dev_name = tokens[7]; + + if (strcmp(tokens[8], "txq")) { + snprintf(out, out_size, MSG_ARG_MISMATCH, + "pipeline port out cryptodev"); + return; + } + + if (parser_read_uint16(&p.cryptodev.queue_id, tokens[9]) + != 0) { + snprintf(out, out_size, MSG_ARG_INVALID, "queue_id"); + return; + } + + if (strcmp(tokens[10], "offset")) { + snprintf(out, out_size, MSG_ARG_MISMATCH, + "pipeline port out cryptodev"); + return; + } + + if (parser_read_uint32(&p.cryptodev.op_offset, tokens[11]) + != 0) { + snprintf(out, out_size, MSG_ARG_INVALID, "queue_id"); + return; + } } else { snprintf(out, out_size, MSG_ARG_INVALID, tokens[0]); return; @@ -2861,11 +3096,31 @@ parse_match(char **tokens, * [label1 <label> <tc> <ttl> * [label2 <label> <tc> <ttl> * [label3 <label> <tc> <ttl>]]] - * | pppoe <da> <sa> <session_id>] + * | pppoe <da> <sa> <session_id> + * | vxlan ether <da> <sa> + * [vlan <pcp> <dei> <vid>] + * ipv4 <sa> <da> <dscp> <ttl> + * | ipv6 <sa> <da> <flow_label> <dscp> <hop_limit> + * udp <sp> <dp> + * vxlan <vni>] * [nat ipv4 | ipv6 <addr> <port>] * [ttl dec | keep] * [stats] * [time] + * [sym_crypto + * encrypt | decrypt + * type + * | cipher + * cipher_algo <algo> cipher_key <key> cipher_iv <iv> + * | cipher_auth + * cipher_algo <algo> cipher_key <key> cipher_iv <iv> + * auth_algo <algo> auth_key <key> digest_size <size> + * | aead + * aead_algo <algo> aead_key <key> aead_iv <iv> aead_aad <aad> + * digest_size <size> + * data_offset <data_offset>] + * [tag <tag>] + * [decap <n>] * * where: * <pa> ::= g | y | r | drop @@ -3254,6 +3509,122 @@ parse_table_action_encap(char **tokens, return 1 + 4; } + /* vxlan */ + if (n_tokens && (strcmp(tokens[0], "vxlan") == 0)) { + uint32_t n = 0; + + n_tokens--; + tokens++; + n++; + + /* ether <da> <sa> */ + if ((n_tokens < 3) || + strcmp(tokens[0], "ether") || + parse_mac_addr(tokens[1], &a->encap.vxlan.ether.da) || + parse_mac_addr(tokens[2], &a->encap.vxlan.ether.sa)) + return 0; + + n_tokens -= 3; + tokens += 3; + n += 3; + + /* [vlan <pcp> <dei> <vid>] */ + if (strcmp(tokens[0], "vlan") == 0) { + uint32_t pcp, dei, vid; + + if ((n_tokens < 4) || + parser_read_uint32(&pcp, tokens[1]) || + (pcp > 7) || + parser_read_uint32(&dei, tokens[2]) || + (dei > 1) || + parser_read_uint32(&vid, tokens[3]) || + (vid > 0xFFF)) + return 0; + + a->encap.vxlan.vlan.pcp = pcp; + a->encap.vxlan.vlan.dei = dei; + a->encap.vxlan.vlan.vid = vid; + + n_tokens -= 4; + tokens += 4; + n += 4; + } + + /* ipv4 <sa> <da> <dscp> <ttl> + | ipv6 <sa> <da> <flow_label> <dscp> <hop_limit> */ + if (strcmp(tokens[0], "ipv4") == 0) { + struct in_addr sa, da; + uint8_t dscp, ttl; + + if ((n_tokens < 5) || + parse_ipv4_addr(tokens[1], &sa) || + parse_ipv4_addr(tokens[2], &da) || + parser_read_uint8(&dscp, tokens[3]) || + (dscp > 64) || + parser_read_uint8(&ttl, tokens[4])) + return 0; + + a->encap.vxlan.ipv4.sa = rte_be_to_cpu_32(sa.s_addr); + a->encap.vxlan.ipv4.da = rte_be_to_cpu_32(da.s_addr); + a->encap.vxlan.ipv4.dscp = dscp; + a->encap.vxlan.ipv4.ttl = ttl; + + n_tokens -= 5; + tokens += 5; + n += 5; + } else if (strcmp(tokens[0], "ipv6") == 0) { + struct in6_addr sa, da; + uint32_t flow_label; + uint8_t dscp, hop_limit; + + if ((n_tokens < 6) || + parse_ipv6_addr(tokens[1], &sa) || + parse_ipv6_addr(tokens[2], &da) || + parser_read_uint32(&flow_label, tokens[3]) || + parser_read_uint8(&dscp, tokens[4]) || + (dscp > 64) || + parser_read_uint8(&hop_limit, tokens[5])) + return 0; + + memcpy(a->encap.vxlan.ipv6.sa, sa.s6_addr, 16); + memcpy(a->encap.vxlan.ipv6.da, da.s6_addr, 16); + a->encap.vxlan.ipv6.flow_label = flow_label; + a->encap.vxlan.ipv6.dscp = dscp; + a->encap.vxlan.ipv6.hop_limit = hop_limit; + + n_tokens -= 6; + tokens += 6; + n += 6; + } else + return 0; + + /* udp <sp> <dp> */ + if ((n_tokens < 3) || + strcmp(tokens[0], "udp") || + parser_read_uint16(&a->encap.vxlan.udp.sp, tokens[1]) || + parser_read_uint16(&a->encap.vxlan.udp.dp, tokens[2])) + return 0; + + n_tokens -= 3; + tokens += 3; + n += 3; + + /* vxlan <vni> */ + if ((n_tokens < 2) || + strcmp(tokens[0], "vxlan") || + parser_read_uint32(&a->encap.vxlan.vxlan.vni, tokens[1]) || + (a->encap.vxlan.vxlan.vni > 0xFFFFFF)) + return 0; + + n_tokens -= 2; + tokens += 2; + n += 2; + + a->encap.type = RTE_TABLE_ACTION_ENCAP_VXLAN; + a->action_mask |= 1 << RTE_TABLE_ACTION_ENCAP; + return 1 + n; + } + return 0; } @@ -3348,6 +3719,400 @@ parse_table_action_time(char **tokens, return 1; } +static void +parse_free_sym_crypto_param_data(struct rte_table_action_sym_crypto_params *p) +{ + struct rte_crypto_sym_xform *xform[2] = {NULL}; + uint32_t i; + + xform[0] = p->xform; + if (xform[0]) + xform[1] = xform[0]->next; + + for (i = 0; i < 2; i++) { + if (xform[i] == NULL) + continue; + + switch (xform[i]->type) { + case RTE_CRYPTO_SYM_XFORM_CIPHER: + if (xform[i]->cipher.key.data) + free(xform[i]->cipher.key.data); + if (p->cipher_auth.cipher_iv.val) + free(p->cipher_auth.cipher_iv.val); + if (p->cipher_auth.cipher_iv_update.val) + free(p->cipher_auth.cipher_iv_update.val); + break; + case RTE_CRYPTO_SYM_XFORM_AUTH: + if (xform[i]->auth.key.data) + free(xform[i]->cipher.key.data); + if (p->cipher_auth.auth_iv.val) + free(p->cipher_auth.cipher_iv.val); + if (p->cipher_auth.auth_iv_update.val) + free(p->cipher_auth.cipher_iv_update.val); + break; + case RTE_CRYPTO_SYM_XFORM_AEAD: + if (xform[i]->aead.key.data) + free(xform[i]->cipher.key.data); + if (p->aead.iv.val) + free(p->aead.iv.val); + if (p->aead.aad.val) + free(p->aead.aad.val); + break; + default: + continue; + } + } + +} + +static struct rte_crypto_sym_xform * +parse_table_action_cipher(struct rte_table_action_sym_crypto_params *p, + char **tokens, uint32_t n_tokens, uint32_t encrypt, + uint32_t *used_n_tokens) +{ + struct rte_crypto_sym_xform *xform_cipher; + int status; + size_t len; + + if (n_tokens < 7 || strcmp(tokens[1], "cipher_algo") || + strcmp(tokens[3], "cipher_key") || + strcmp(tokens[5], "cipher_iv")) + return NULL; + + xform_cipher = calloc(1, sizeof(*xform_cipher)); + if (xform_cipher == NULL) + return NULL; + + xform_cipher->type = RTE_CRYPTO_SYM_XFORM_CIPHER; + xform_cipher->cipher.op = encrypt ? RTE_CRYPTO_CIPHER_OP_ENCRYPT : + RTE_CRYPTO_CIPHER_OP_DECRYPT; + + /* cipher_algo */ + status = rte_cryptodev_get_cipher_algo_enum( + &xform_cipher->cipher.algo, tokens[2]); + if (status < 0) + goto error_exit; + + /* cipher_key */ + len = strlen(tokens[4]); + xform_cipher->cipher.key.data = calloc(1, len / 2 + 1); + if (xform_cipher->cipher.key.data == NULL) + goto error_exit; + + status = parse_hex_string(tokens[4], + xform_cipher->cipher.key.data, + (uint32_t *)&len); + if (status < 0) + goto error_exit; + + xform_cipher->cipher.key.length = (uint16_t)len; + + /* cipher_iv */ + len = strlen(tokens[6]); + + p->cipher_auth.cipher_iv.val = calloc(1, len / 2 + 1); + if (p->cipher_auth.cipher_iv.val == NULL) + goto error_exit; + + status = parse_hex_string(tokens[6], + p->cipher_auth.cipher_iv.val, + (uint32_t *)&len); + if (status < 0) + goto error_exit; + + xform_cipher->cipher.iv.length = (uint16_t)len; + xform_cipher->cipher.iv.offset = RTE_TABLE_ACTION_SYM_CRYPTO_IV_OFFSET; + p->cipher_auth.cipher_iv.length = (uint32_t)len; + *used_n_tokens = 7; + + return xform_cipher; + +error_exit: + if (xform_cipher->cipher.key.data) + free(xform_cipher->cipher.key.data); + + if (p->cipher_auth.cipher_iv.val) { + free(p->cipher_auth.cipher_iv.val); + p->cipher_auth.cipher_iv.val = NULL; + } + + free(xform_cipher); + + return NULL; +} + +static struct rte_crypto_sym_xform * +parse_table_action_cipher_auth(struct rte_table_action_sym_crypto_params *p, + char **tokens, uint32_t n_tokens, uint32_t encrypt, + uint32_t *used_n_tokens) +{ + struct rte_crypto_sym_xform *xform_cipher; + struct rte_crypto_sym_xform *xform_auth; + int status; + size_t len; + + if (n_tokens < 13 || + strcmp(tokens[7], "auth_algo") || + strcmp(tokens[9], "auth_key") || + strcmp(tokens[11], "digest_size")) + return NULL; + + xform_auth = calloc(1, sizeof(*xform_auth)); + if (xform_auth == NULL) + return NULL; + + xform_auth->type = RTE_CRYPTO_SYM_XFORM_AUTH; + xform_auth->auth.op = encrypt ? RTE_CRYPTO_AUTH_OP_GENERATE : + RTE_CRYPTO_AUTH_OP_VERIFY; + + /* auth_algo */ + status = rte_cryptodev_get_auth_algo_enum(&xform_auth->auth.algo, + tokens[8]); + if (status < 0) + goto error_exit; + + /* auth_key */ + len = strlen(tokens[10]); + xform_auth->auth.key.data = calloc(1, len / 2 + 1); + if (xform_auth->auth.key.data == NULL) + goto error_exit; + + status = parse_hex_string(tokens[10], + xform_auth->auth.key.data, (uint32_t *)&len); + if (status < 0) + goto error_exit; + + xform_auth->auth.key.length = (uint16_t)len; + + if (strcmp(tokens[11], "digest_size")) + goto error_exit; + + status = parser_read_uint16(&xform_auth->auth.digest_length, + tokens[12]); + if (status < 0) + goto error_exit; + + xform_cipher = parse_table_action_cipher(p, tokens, 7, encrypt, + used_n_tokens); + if (xform_cipher == NULL) + goto error_exit; + + *used_n_tokens += 6; + + if (encrypt) { + xform_cipher->next = xform_auth; + return xform_cipher; + } else { + xform_auth->next = xform_cipher; + return xform_auth; + } + +error_exit: + if (xform_auth->auth.key.data) + free(xform_auth->auth.key.data); + if (p->cipher_auth.auth_iv.val) { + free(p->cipher_auth.auth_iv.val); + p->cipher_auth.auth_iv.val = 0; + } + + free(xform_auth); + + return NULL; +} + +static struct rte_crypto_sym_xform * +parse_table_action_aead(struct rte_table_action_sym_crypto_params *p, + char **tokens, uint32_t n_tokens, uint32_t encrypt, + uint32_t *used_n_tokens) +{ + struct rte_crypto_sym_xform *xform_aead; + int status; + size_t len; + + if (n_tokens < 11 || strcmp(tokens[1], "aead_algo") || + strcmp(tokens[3], "aead_key") || + strcmp(tokens[5], "aead_iv") || + strcmp(tokens[7], "aead_aad") || + strcmp(tokens[9], "digest_size")) + return NULL; + + xform_aead = calloc(1, sizeof(*xform_aead)); + if (xform_aead == NULL) + return NULL; + + xform_aead->type = RTE_CRYPTO_SYM_XFORM_AEAD; + xform_aead->aead.op = encrypt ? RTE_CRYPTO_AEAD_OP_ENCRYPT : + RTE_CRYPTO_AEAD_OP_DECRYPT; + + /* aead_algo */ + status = rte_cryptodev_get_aead_algo_enum(&xform_aead->aead.algo, + tokens[2]); + if (status < 0) + goto error_exit; + + /* aead_key */ + len = strlen(tokens[4]); + xform_aead->aead.key.data = calloc(1, len / 2 + 1); + if (xform_aead->aead.key.data == NULL) + goto error_exit; + + status = parse_hex_string(tokens[4], xform_aead->aead.key.data, + (uint32_t *)&len); + if (status < 0) + goto error_exit; + + xform_aead->aead.key.length = (uint16_t)len; + + /* aead_iv */ + len = strlen(tokens[6]); + p->aead.iv.val = calloc(1, len / 2 + 1); + if (p->aead.iv.val == NULL) + goto error_exit; + + status = parse_hex_string(tokens[6], p->aead.iv.val, + (uint32_t *)&len); + if (status < 0) + goto error_exit; + + xform_aead->aead.iv.length = (uint16_t)len; + xform_aead->aead.iv.offset = RTE_TABLE_ACTION_SYM_CRYPTO_IV_OFFSET; + p->aead.iv.length = (uint32_t)len; + + /* aead_aad */ + len = strlen(tokens[8]); + p->aead.aad.val = calloc(1, len / 2 + 1); + if (p->aead.aad.val == NULL) + goto error_exit; + + status = parse_hex_string(tokens[8], p->aead.aad.val, (uint32_t *)&len); + if (status < 0) + goto error_exit; + + xform_aead->aead.aad_length = (uint16_t)len; + p->aead.aad.length = (uint32_t)len; + + /* digest_size */ + status = parser_read_uint16(&xform_aead->aead.digest_length, + tokens[10]); + if (status < 0) + goto error_exit; + + *used_n_tokens = 11; + + return xform_aead; + +error_exit: + if (xform_aead->aead.key.data) + free(xform_aead->aead.key.data); + if (p->aead.iv.val) { + free(p->aead.iv.val); + p->aead.iv.val = NULL; + } + if (p->aead.aad.val) { + free(p->aead.aad.val); + p->aead.aad.val = NULL; + } + + free(xform_aead); + + return NULL; +} + + +static uint32_t +parse_table_action_sym_crypto(char **tokens, + uint32_t n_tokens, + struct table_rule_action *a) +{ + struct rte_table_action_sym_crypto_params *p = &a->sym_crypto; + struct rte_crypto_sym_xform *xform = NULL; + uint32_t used_n_tokens; + uint32_t encrypt; + int status; + + if ((n_tokens < 12) || + strcmp(tokens[0], "sym_crypto") || + strcmp(tokens[2], "type")) + return 0; + + memset(p, 0, sizeof(*p)); + + if (strcmp(tokens[1], "encrypt") == 0) + encrypt = 1; + else + encrypt = 0; + + status = parser_read_uint32(&p->data_offset, tokens[n_tokens - 1]); + if (status < 0) + return 0; + + if (strcmp(tokens[3], "cipher") == 0) { + tokens += 3; + n_tokens -= 3; + + xform = parse_table_action_cipher(p, tokens, n_tokens, encrypt, + &used_n_tokens); + } else if (strcmp(tokens[3], "cipher_auth") == 0) { + tokens += 3; + n_tokens -= 3; + + xform = parse_table_action_cipher_auth(p, tokens, n_tokens, + encrypt, &used_n_tokens); + } else if (strcmp(tokens[3], "aead") == 0) { + tokens += 3; + n_tokens -= 3; + + xform = parse_table_action_aead(p, tokens, n_tokens, encrypt, + &used_n_tokens); + } + + if (xform == NULL) + return 0; + + p->xform = xform; + + if (strcmp(tokens[used_n_tokens], "data_offset")) { + parse_free_sym_crypto_param_data(p); + return 0; + } + + a->action_mask |= 1 << RTE_TABLE_ACTION_SYM_CRYPTO; + + return used_n_tokens + 5; +} + +static uint32_t +parse_table_action_tag(char **tokens, + uint32_t n_tokens, + struct table_rule_action *a) +{ + if ((n_tokens < 2) || + strcmp(tokens[0], "tag")) + return 0; + + if (parser_read_uint32(&a->tag.tag, tokens[1])) + return 0; + + a->action_mask |= 1 << RTE_TABLE_ACTION_TAG; + return 2; +} + +static uint32_t +parse_table_action_decap(char **tokens, + uint32_t n_tokens, + struct table_rule_action *a) +{ + if ((n_tokens < 2) || + strcmp(tokens[0], "decap")) + return 0; + + if (parser_read_uint16(&a->decap.n, tokens[1])) + return 0; + + a->action_mask |= 1 << RTE_TABLE_ACTION_DECAP; + return 2; +} + static uint32_t parse_table_action(char **tokens, uint32_t n_tokens, @@ -3492,6 +4257,47 @@ parse_table_action(char **tokens, n_tokens -= n; } + if (n_tokens && (strcmp(tokens[0], "sym_crypto") == 0)) { + uint32_t n; + + n = parse_table_action_sym_crypto(tokens, n_tokens, a); + if (n == 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "action sym_crypto"); + } + + tokens += n; + n_tokens -= n; + } + + if (n_tokens && (strcmp(tokens[0], "tag") == 0)) { + uint32_t n; + + n = parse_table_action_tag(tokens, n_tokens, a); + if (n == 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "action tag"); + return 0; + } + + tokens += n; + n_tokens -= n; + } + + if (n_tokens && (strcmp(tokens[0], "decap") == 0)) { + uint32_t n; + + n = parse_table_action_decap(tokens, n_tokens, a); + if (n == 0) { + snprintf(out, out_size, MSG_ARG_INVALID, + "action decap"); + return 0; + } + + tokens += n; + n_tokens -= n; + } + if (n_tokens0 - n_tokens == 1) { snprintf(out, out_size, MSG_ARG_INVALID, "action"); return 0; @@ -3579,6 +4385,9 @@ cmd_pipeline_table_rule_add(char **tokens, snprintf(out, out_size, MSG_CMD_FAIL, tokens[0]); return; } + + if (a.action_mask & 1 << RTE_TABLE_ACTION_SYM_CRYPTO) + parse_free_sym_crypto_param_data(&a.sym_crypto); } @@ -4570,6 +5379,11 @@ cmd_help(char **tokens, uint32_t n_tokens, char *out, size_t out_size) return; } + if (strcmp(tokens[0], "cryptodev") == 0) { + snprintf(out, out_size, "\n%s\n", cmd_cryptodev_help); + return; + } + if ((n_tokens == 4) && (strcmp(tokens[0], "port") == 0) && (strcmp(tokens[1], "in") == 0) && @@ -4860,6 +5674,11 @@ cli_process(char *in, char *out, size_t out_size) return; } + if (strcmp(tokens[0], "cryptodev") == 0) { + cmd_cryptodev(tokens, n_tokens, out, out_size); + return; + } + if (strcmp(tokens[0], "port") == 0) { cmd_port_in_action_profile(tokens, n_tokens, out, out_size); return; diff --git a/examples/ip_pipeline/conn.c b/examples/ip_pipeline/conn.c index 6b08e9e8..30fca80c 100644 --- a/examples/ip_pipeline/conn.c +++ b/examples/ip_pipeline/conn.c @@ -8,7 +8,6 @@ #include <unistd.h> #include <sys/types.h> -#define __USE_GNU #include <sys/socket.h> #include <sys/epoll.h> diff --git a/examples/ip_pipeline/cryptodev.c b/examples/ip_pipeline/cryptodev.c new file mode 100644 index 00000000..c4ba72be --- /dev/null +++ b/examples/ip_pipeline/cryptodev.c @@ -0,0 +1,117 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2018 Intel Corporation + */ + +#include <stdlib.h> +#include <stdio.h> + +#include <rte_cryptodev.h> +#include <rte_cryptodev_pmd.h> +#include <rte_string_fns.h> + +#include "cryptodev.h" + +static struct cryptodev_list cryptodev_list; + +int +cryptodev_init(void) +{ + TAILQ_INIT(&cryptodev_list); + + return 0; +} + +struct cryptodev * +cryptodev_find(const char *name) +{ + struct cryptodev *cryptodev; + + if (name == NULL) + return NULL; + + TAILQ_FOREACH(cryptodev, &cryptodev_list, node) + if (strcmp(cryptodev->name, name) == 0) + return cryptodev; + + return NULL; +} + +struct cryptodev * +cryptodev_next(struct cryptodev *cryptodev) +{ + return (cryptodev == NULL) ? + TAILQ_FIRST(&cryptodev_list) : + TAILQ_NEXT(cryptodev, node); +} + +struct cryptodev * +cryptodev_create(const char *name, struct cryptodev_params *params) +{ + struct rte_cryptodev_info dev_info; + struct rte_cryptodev_config dev_conf; + struct rte_cryptodev_qp_conf queue_conf; + struct cryptodev *cryptodev; + uint32_t dev_id, i; + uint32_t socket_id; + int status; + + /* Check input params */ + if ((name == NULL) || + cryptodev_find(name) || + (params->n_queues == 0) || + (params->queue_size == 0)) + return NULL; + + if (params->dev_name) { + status = rte_cryptodev_get_dev_id(params->dev_name); + if (status == -1) + return NULL; + + dev_id = (uint32_t)status; + } else { + if (rte_cryptodev_pmd_is_valid_dev(params->dev_id) == 0) + return NULL; + + dev_id = params->dev_id; + } + + socket_id = rte_cryptodev_socket_id(dev_id); + rte_cryptodev_info_get(dev_id, &dev_info); + + if (dev_info.max_nb_queue_pairs < params->n_queues) + return NULL; + if (dev_info.feature_flags & RTE_CRYPTODEV_FF_HW_ACCELERATED) + return NULL; + + dev_conf.socket_id = socket_id; + dev_conf.nb_queue_pairs = params->n_queues; + + status = rte_cryptodev_configure(dev_id, &dev_conf); + if (status < 0) + return NULL; + + queue_conf.nb_descriptors = params->queue_size; + for (i = 0; i < params->n_queues; i++) { + status = rte_cryptodev_queue_pair_setup(dev_id, i, + &queue_conf, socket_id, NULL); + if (status < 0) + return NULL; + } + + if (rte_cryptodev_start(dev_id) < 0) + return NULL; + + cryptodev = calloc(1, sizeof(struct cryptodev)); + if (cryptodev == NULL) { + rte_cryptodev_stop(dev_id); + return NULL; + } + + strlcpy(cryptodev->name, name, sizeof(cryptodev->name)); + cryptodev->dev_id = dev_id; + cryptodev->n_queues = params->n_queues; + + TAILQ_INSERT_TAIL(&cryptodev_list, cryptodev, node); + + return cryptodev; +} diff --git a/examples/ip_pipeline/cryptodev.h b/examples/ip_pipeline/cryptodev.h new file mode 100644 index 00000000..d06b3f2f --- /dev/null +++ b/examples/ip_pipeline/cryptodev.h @@ -0,0 +1,43 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2018 Intel Corporation + */ + +#ifndef _INCLUDE_SYM_C_H_ +#define _INCLUDE_SYM_C_H_ + +#include <stdint.h> +#include <sys/queue.h> + +#include <rte_cryptodev.h> + +#include "common.h" + +struct cryptodev { + TAILQ_ENTRY(cryptodev) node; + char name[NAME_SIZE]; + uint16_t dev_id; + uint32_t n_queues; +}; + +TAILQ_HEAD(cryptodev_list, cryptodev); + +int +cryptodev_init(void); + +struct cryptodev * +cryptodev_find(const char *name); + +struct cryptodev * +cryptodev_next(struct cryptodev *cryptodev); + +struct cryptodev_params { + const char *dev_name; + uint32_t dev_id; /**< Valid only when *dev_name* is NULL. */ + uint32_t n_queues; + uint32_t queue_size; +}; + +struct cryptodev * +cryptodev_create(const char *name, struct cryptodev_params *params); + +#endif diff --git a/examples/ip_pipeline/examples/flow_crypto.cli b/examples/ip_pipeline/examples/flow_crypto.cli new file mode 100644 index 00000000..9b639deb --- /dev/null +++ b/examples/ip_pipeline/examples/flow_crypto.cli @@ -0,0 +1,58 @@ +; SPDX-License-Identifier: BSD-3-Clause +; Copyright(c) 2018 Intel Corporation + +; ________________ +; LINK0 RXQ0 --->| |---> CRYPTO0 TXQ0 +; | Flow | +; CRYPTO0 RXQ0-->| Classification |---> LINK0 TXQ0 +; |________________| +; | +; +-----------> SINK0 (flow lookup miss) +; +; Input packet: Ethernet/IPv4 +; +; Packet buffer layout: +; # Field Name Offset (Bytes) Size (Bytes) +; 0 Mbuf 0 128 +; 1 Headroom 128 128 +; 2 Ethernet header 256 14 +; 3 IPv4 header 280 20 +; 4 Packet 256 1536 +; 5 Crypto Operation 1792 160 + +mempool MEMPOOL0 buffer 2304 pool 32K cache 256 cpu 1 +mempool MEMPOOL_SESSION0 buffer 1024 pool 1024 cache 128 cpu 1 + +link LINK0 dev 0000:81:00.0 rxq 1 128 MEMPOOL0 txq 1 512 promiscuous on + +#Cryptodev +cryptodev CRYPTO0 dev crypto_aesni_gcm0 queue 1 1024 + +table action profile AP0 ipv4 offset 270 fwd sym_crypto dev CRYPTO0 offset 1792 mempool_create MEMPOOL_SESSION0 mempool_init MEMPOOL_SESSION0 +table action profile AP1 ipv4 offset 270 fwd + +pipeline PIPELINE0 period 10 offset_port_id 0 cpu 1 + +pipeline PIPELINE0 port in bsz 32 link LINK0 rxq 0 +pipeline PIPELINE0 port in bsz 32 cryptodev CRYPTO0 rxq 0 + +pipeline PIPELINE0 port out bsz 32 cryptodev CRYPTO0 txq 0 offset 1792 +pipeline PIPELINE0 port out bsz 32 link LINK0 txq 0 +pipeline PIPELINE0 port out bsz 32 sink + +pipeline PIPELINE0 table match hash ext key 8 mask FFFFFFFF00000000 offset 282 buckets 1K size 4K action AP0 +pipeline PIPELINE0 table match stub action AP1 + +pipeline PIPELINE0 port in 0 table 0 +pipeline PIPELINE0 port in 1 table 1 + +thread 24 pipeline PIPELINE0 enable + +pipeline PIPELINE0 table 0 rule add match default action fwd port 2 + +#AES-GCM encrypt +pipeline PIPELINE0 table 0 rule add match hash ipv4_addr 100.0.0.10 action fwd port 0 sym_crypto encrypt type aead aead_algo aes-gcm aead_key 000102030405060708090a0b0c0d0e0f aead_iv 000102030405060708090a0b aead_aad 000102030405060708090a0b0c0d0e0f digest_size 8 data_offset 290 +#AES-GCM decrypt +#pipeline PIPELINE0 table 0 rule add match hash ipv4_addr 100.0.0.10 action fwd port 0 sym_crypto decrypt type aead aead_algo aes-gcm aead_key 000102030405060708090a0b0c0d0e0f aead_iv 000102030405060708090a0b aead_aad 000102030405060708090a0b0c0d0e0f digest_size 8 data_offset 290 + +pipeline PIPELINE0 table 1 rule add match default action fwd port 1 diff --git a/examples/ip_pipeline/hash_func.h b/examples/ip_pipeline/hash_func.h deleted file mode 100644 index f1b9d944..00000000 --- a/examples/ip_pipeline/hash_func.h +++ /dev/null @@ -1,357 +0,0 @@ -/* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2010-2018 Intel Corporation - */ - -#ifndef __INCLUDE_HASH_FUNC_H__ -#define __INCLUDE_HASH_FUNC_H__ - -static inline uint64_t -hash_xor_key8(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0; - - xor0 = seed ^ (k[0] & m[0]); - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key16(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key24(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - - xor0 ^= k[2] & m[2]; - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key32(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0, xor1; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - xor1 = (k[2] & m[2]) ^ (k[3] & m[3]); - - xor0 ^= xor1; - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key40(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0, xor1; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - xor1 = (k[2] & m[2]) ^ (k[3] & m[3]); - - xor0 ^= xor1; - - xor0 ^= k[4] & m[4]; - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key48(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0, xor1, xor2; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - xor1 = (k[2] & m[2]) ^ (k[3] & m[3]); - xor2 = (k[4] & m[4]) ^ (k[5] & m[5]); - - xor0 ^= xor1; - - xor0 ^= xor2; - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key56(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0, xor1, xor2; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - xor1 = (k[2] & m[2]) ^ (k[3] & m[3]); - xor2 = (k[4] & m[4]) ^ (k[5] & m[5]); - - xor0 ^= xor1; - xor2 ^= k[6] & m[6]; - - xor0 ^= xor2; - - return (xor0 >> 32) ^ xor0; -} - -static inline uint64_t -hash_xor_key64(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t xor0, xor1, xor2, xor3; - - xor0 = ((k[0] & m[0]) ^ seed) ^ (k[1] & m[1]); - xor1 = (k[2] & m[2]) ^ (k[3] & m[3]); - xor2 = (k[4] & m[4]) ^ (k[5] & m[5]); - xor3 = (k[6] & m[6]) ^ (k[7] & m[7]); - - xor0 ^= xor1; - xor2 ^= xor3; - - xor0 ^= xor2; - - return (xor0 >> 32) ^ xor0; -} - -#if defined(RTE_ARCH_X86_64) - -#include <x86intrin.h> - -static inline uint64_t -hash_crc_key8(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t crc0; - - crc0 = _mm_crc32_u64(seed, k[0] & m[0]); - - return crc0; -} - -static inline uint64_t -hash_crc_key16(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, crc0, crc1; - - k0 = k[0] & m[0]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key24(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, k2, crc0, crc1; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc0 = _mm_crc32_u64(crc0, k2); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key32(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, k2, crc0, crc1, crc2, crc3; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc2 = _mm_crc32_u64(k2, k[3] & m[3]); - crc3 = k2 >> 32; - - crc0 = _mm_crc32_u64(crc0, crc1); - crc1 = _mm_crc32_u64(crc2, crc3); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key40(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, k2, crc0, crc1, crc2, crc3; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc2 = _mm_crc32_u64(k2, k[3] & m[3]); - crc3 = _mm_crc32_u64(k2 >> 32, k[4] & m[4]); - - crc0 = _mm_crc32_u64(crc0, crc1); - crc1 = _mm_crc32_u64(crc2, crc3); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key48(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, k2, k5, crc0, crc1, crc2, crc3; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - k5 = k[5] & m[5]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc2 = _mm_crc32_u64(k2, k[3] & m[3]); - crc3 = _mm_crc32_u64(k2 >> 32, k[4] & m[4]); - - crc0 = _mm_crc32_u64(crc0, (crc1 << 32) ^ crc2); - crc1 = _mm_crc32_u64(crc3, k5); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key56(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, k2, k5, crc0, crc1, crc2, crc3, crc4, crc5; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - k5 = k[5] & m[5]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc2 = _mm_crc32_u64(k2, k[3] & m[3]); - crc3 = _mm_crc32_u64(k2 >> 32, k[4] & m[4]); - - crc4 = _mm_crc32_u64(k5, k[6] & m[6]); - crc5 = k5 >> 32; - - crc0 = _mm_crc32_u64(crc0, (crc1 << 32) ^ crc2); - crc1 = _mm_crc32_u64(crc3, (crc4 << 32) ^ crc5); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key64(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint64_t k0, k2, k5, crc0, crc1, crc2, crc3, crc4, crc5; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - k5 = k[5] & m[5]; - - crc0 = _mm_crc32_u64(k0, seed); - crc1 = _mm_crc32_u64(k0 >> 32, k[1] & m[1]); - - crc2 = _mm_crc32_u64(k2, k[3] & m[3]); - crc3 = _mm_crc32_u64(k2 >> 32, k[4] & m[4]); - - crc4 = _mm_crc32_u64(k5, k[6] & m[6]); - crc5 = _mm_crc32_u64(k5 >> 32, k[7] & m[7]); - - crc0 = _mm_crc32_u64(crc0, (crc1 << 32) ^ crc2); - crc1 = _mm_crc32_u64(crc3, (crc4 << 32) ^ crc5); - - crc0 ^= crc1; - - return crc0; -} - -#define hash_default_key8 hash_crc_key8 -#define hash_default_key16 hash_crc_key16 -#define hash_default_key24 hash_crc_key24 -#define hash_default_key32 hash_crc_key32 -#define hash_default_key40 hash_crc_key40 -#define hash_default_key48 hash_crc_key48 -#define hash_default_key56 hash_crc_key56 -#define hash_default_key64 hash_crc_key64 - -#elif defined(RTE_ARCH_ARM64) -#include "hash_func_arm64.h" -#else - -#define hash_default_key8 hash_xor_key8 -#define hash_default_key16 hash_xor_key16 -#define hash_default_key24 hash_xor_key24 -#define hash_default_key32 hash_xor_key32 -#define hash_default_key40 hash_xor_key40 -#define hash_default_key48 hash_xor_key48 -#define hash_default_key56 hash_xor_key56 -#define hash_default_key64 hash_xor_key64 - -#endif - -#endif diff --git a/examples/ip_pipeline/hash_func_arm64.h b/examples/ip_pipeline/hash_func_arm64.h deleted file mode 100644 index 50df8167..00000000 --- a/examples/ip_pipeline/hash_func_arm64.h +++ /dev/null @@ -1,232 +0,0 @@ -/* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2017-2018 Linaro Limited. - */ -#ifndef __HASH_FUNC_ARM64_H__ -#define __HASH_FUNC_ARM64_H__ - -#define _CRC32CX(crc, val) \ - __asm__("crc32cx %w[c], %w[c], %x[v]":[c] "+r" (crc):[v] "r" (val)) - -static inline uint64_t -hash_crc_key8(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key; - uint64_t *m = mask; - uint32_t crc0; - - crc0 = seed; - _CRC32CX(crc0, k[0] & m[0]); - - return crc0; -} - -static inline uint64_t -hash_crc_key16(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0; - uint64_t *m = mask; - uint32_t crc0, crc1; - - k0 = k[0] & m[0]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key24(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0, k2; - uint64_t *m = mask; - uint32_t crc0, crc1; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - _CRC32CX(crc0, k2); - - crc0 ^= crc1; - - return crc0; -} - -static inline uint64_t -hash_crc_key32(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0, k2; - uint64_t *m = mask; - uint32_t crc0, crc1, crc2, crc3; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - crc2 = k2; - _CRC32CX(crc2, k[3] & m[3]); - crc3 = k2 >> 32; - - _CRC32CX(crc0, crc1); - _CRC32CX(crc2, crc3); - - crc0 ^= crc2; - - return crc0; -} - -static inline uint64_t -hash_crc_key40(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0, k2; - uint64_t *m = mask; - uint32_t crc0, crc1, crc2, crc3; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - crc2 = k2; - _CRC32CX(crc2, k[3] & m[3]); - crc3 = k2 >> 32; - _CRC32CX(crc3, k[4] & m[4]); - - _CRC32CX(crc0, crc1); - _CRC32CX(crc2, crc3); - - crc0 ^= crc2; - - return crc0; -} - -static inline uint64_t -hash_crc_key48(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0, k2, k5; - uint64_t *m = mask; - uint32_t crc0, crc1, crc2, crc3; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - k5 = k[5] & m[5]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - crc2 = k2; - _CRC32CX(crc2, k[3] & m[3]); - crc3 = k2 >> 32; - _CRC32CX(crc3, k[4] & m[4]); - - _CRC32CX(crc0, ((uint64_t)crc1 << 32) ^ crc2); - _CRC32CX(crc3, k5); - - crc0 ^= crc3; - - return crc0; -} - -static inline uint64_t -hash_crc_key56(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0, k2, k5; - uint64_t *m = mask; - uint32_t crc0, crc1, crc2, crc3, crc4, crc5; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - k5 = k[5] & m[5]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - crc2 = k2; - _CRC32CX(crc2, k[3] & m[3]); - crc3 = k2 >> 32; - _CRC32CX(crc3, k[4] & m[4]); - - crc4 = k5; - _CRC32CX(crc4, k[6] & m[6]); - crc5 = k5 >> 32; - - _CRC32CX(crc0, ((uint64_t)crc1 << 32) ^ crc2); - _CRC32CX(crc3, ((uint64_t)crc4 << 32) ^ crc5); - - crc0 ^= crc3; - - return crc0; -} - -static inline uint64_t -hash_crc_key64(void *key, void *mask, __rte_unused uint32_t key_size, - uint64_t seed) -{ - uint64_t *k = key, k0, k2, k5; - uint64_t *m = mask; - uint32_t crc0, crc1, crc2, crc3, crc4, crc5; - - k0 = k[0] & m[0]; - k2 = k[2] & m[2]; - k5 = k[5] & m[5]; - - crc0 = k0; - _CRC32CX(crc0, seed); - crc1 = k0 >> 32; - _CRC32CX(crc1, k[1] & m[1]); - - crc2 = k2; - _CRC32CX(crc2, k[3] & m[3]); - crc3 = k2 >> 32; - _CRC32CX(crc3, k[4] & m[4]); - - crc4 = k5; - _CRC32CX(crc4, k[6] & m[6]); - crc5 = k5 >> 32; - _CRC32CX(crc5, k[7] & m[7]); - - _CRC32CX(crc0, ((uint64_t)crc1 << 32) ^ crc2); - _CRC32CX(crc3, ((uint64_t)crc4 << 32) ^ crc5); - - crc0 ^= crc3; - - return crc0; -} - -#define hash_default_key8 hash_crc_key8 -#define hash_default_key16 hash_crc_key16 -#define hash_default_key24 hash_crc_key24 -#define hash_default_key32 hash_crc_key32 -#define hash_default_key40 hash_crc_key40 -#define hash_default_key48 hash_crc_key48 -#define hash_default_key56 hash_crc_key56 -#define hash_default_key64 hash_crc_key64 - -#endif diff --git a/examples/ip_pipeline/link.c b/examples/ip_pipeline/link.c index 392a890f..787eb866 100644 --- a/examples/ip_pipeline/link.c +++ b/examples/ip_pipeline/link.c @@ -48,7 +48,6 @@ static struct rte_eth_conf port_conf_default = { .mq_mode = ETH_MQ_RX_NONE, .max_rx_pkt_len = 9000, /* Jumbo frame max packet len */ .split_hdr_size = 0, /* Header split buffer size */ - .offloads = DEV_RX_OFFLOAD_CRC_STRIP, }, .rx_adv_conf = { .rss_conf = { diff --git a/examples/ip_pipeline/main.c b/examples/ip_pipeline/main.c index a69facee..97d1e91c 100644 --- a/examples/ip_pipeline/main.c +++ b/examples/ip_pipeline/main.c @@ -14,6 +14,7 @@ #include "cli.h" #include "conn.h" #include "kni.h" +#include "cryptodev.h" #include "link.h" #include "mempool.h" #include "pipeline.h" @@ -210,6 +211,14 @@ main(int argc, char **argv) return status; } + /* Sym Crypto */ + status = cryptodev_init(); + if (status) { + printf("Error: Cryptodev initialization failed (%d)\n", + status); + return status; + } + /* Action */ status = port_in_action_profile_init(); if (status) { diff --git a/examples/ip_pipeline/meson.build b/examples/ip_pipeline/meson.build index a9f2ea44..5e5fe647 100644 --- a/examples/ip_pipeline/meson.build +++ b/examples/ip_pipeline/meson.build @@ -21,5 +21,6 @@ sources = files( 'swq.c', 'tap.c', 'thread.c', - 'tmgr.c' + 'tmgr.c', + 'cryptodev.c' ) diff --git a/examples/ip_pipeline/pipeline.c b/examples/ip_pipeline/pipeline.c index 43fe8677..b23d6c09 100644 --- a/examples/ip_pipeline/pipeline.c +++ b/examples/ip_pipeline/pipeline.c @@ -18,10 +18,12 @@ #include <rte_port_source_sink.h> #include <rte_port_fd.h> #include <rte_port_sched.h> +#include <rte_port_sym_crypto.h> #include <rte_table_acl.h> #include <rte_table_array.h> #include <rte_table_hash.h> +#include <rte_table_hash_func.h> #include <rte_table_lpm.h> #include <rte_table_lpm_ipv6.h> #include <rte_table_stub.h> @@ -35,8 +37,7 @@ #include "tap.h" #include "tmgr.h" #include "swq.h" - -#include "hash_func.h" +#include "cryptodev.h" #ifndef PIPELINE_MSGQ_SIZE #define PIPELINE_MSGQ_SIZE 64 @@ -163,6 +164,7 @@ pipeline_port_in_create(const char *pipeline_name, struct rte_port_kni_reader_params kni; #endif struct rte_port_source_params source; + struct rte_port_sym_crypto_reader_params sym_crypto; } pp; struct pipeline *pipeline; @@ -296,6 +298,27 @@ pipeline_port_in_create(const char *pipeline_name, break; } + case PORT_IN_CRYPTODEV: + { + struct cryptodev *cryptodev; + + cryptodev = cryptodev_find(params->dev_name); + if (cryptodev == NULL) + return -1; + + if (params->rxq.queue_id > cryptodev->n_queues - 1) + return -1; + + pp.sym_crypto.cryptodev_id = cryptodev->dev_id; + pp.sym_crypto.queue_id = params->cryptodev.queue_id; + pp.sym_crypto.f_callback = params->cryptodev.f_callback; + pp.sym_crypto.arg_callback = params->cryptodev.arg_callback; + p.ops = &rte_port_sym_crypto_reader_ops; + p.arg_create = &pp.sym_crypto; + + break; + } + default: return -1; } @@ -385,6 +408,7 @@ pipeline_port_out_create(const char *pipeline_name, struct rte_port_kni_writer_params kni; #endif struct rte_port_sink_params sink; + struct rte_port_sym_crypto_writer_params sym_crypto; } pp; union { @@ -394,6 +418,7 @@ pipeline_port_out_create(const char *pipeline_name, #ifdef RTE_LIBRTE_KNI struct rte_port_kni_writer_nodrop_params kni; #endif + struct rte_port_sym_crypto_writer_nodrop_params sym_crypto; } pp_nodrop; struct pipeline *pipeline; @@ -549,6 +574,40 @@ pipeline_port_out_create(const char *pipeline_name, break; } + case PORT_OUT_CRYPTODEV: + { + struct cryptodev *cryptodev; + + cryptodev = cryptodev_find(params->dev_name); + if (cryptodev == NULL) + return -1; + + if (params->cryptodev.queue_id >= cryptodev->n_queues) + return -1; + + pp.sym_crypto.cryptodev_id = cryptodev->dev_id; + pp.sym_crypto.queue_id = params->cryptodev.queue_id; + pp.sym_crypto.tx_burst_sz = params->burst_size; + pp.sym_crypto.crypto_op_offset = params->cryptodev.op_offset; + + pp_nodrop.sym_crypto.cryptodev_id = cryptodev->dev_id; + pp_nodrop.sym_crypto.queue_id = params->cryptodev.queue_id; + pp_nodrop.sym_crypto.tx_burst_sz = params->burst_size; + pp_nodrop.sym_crypto.n_retries = params->retry; + pp_nodrop.sym_crypto.crypto_op_offset = + params->cryptodev.op_offset; + + if (params->retry == 0) { + p.ops = &rte_port_sym_crypto_writer_ops; + p.arg_create = &pp.sym_crypto; + } else { + p.ops = &rte_port_sym_crypto_writer_nodrop_ops; + p.arg_create = &pp_nodrop.sym_crypto; + } + + break; + } + default: return -1; } @@ -818,28 +877,28 @@ pipeline_table_create(const char *pipeline_name, switch (params->match.hash.key_size) { case 8: - f_hash = hash_default_key8; + f_hash = rte_table_hash_crc_key8; break; case 16: - f_hash = hash_default_key16; + f_hash = rte_table_hash_crc_key16; break; case 24: - f_hash = hash_default_key24; + f_hash = rte_table_hash_crc_key24; break; case 32: - f_hash = hash_default_key32; + f_hash = rte_table_hash_crc_key32; break; case 40: - f_hash = hash_default_key40; + f_hash = rte_table_hash_crc_key40; break; case 48: - f_hash = hash_default_key48; + f_hash = rte_table_hash_crc_key48; break; case 56: - f_hash = hash_default_key56; + f_hash = rte_table_hash_crc_key56; break; case 64: - f_hash = hash_default_key64; + f_hash = rte_table_hash_crc_key64; break; default: return -1; diff --git a/examples/ip_pipeline/pipeline.h b/examples/ip_pipeline/pipeline.h index a953a29f..e5b1d5d0 100644 --- a/examples/ip_pipeline/pipeline.h +++ b/examples/ip_pipeline/pipeline.h @@ -27,6 +27,7 @@ enum port_in_type { PORT_IN_TAP, PORT_IN_KNI, PORT_IN_SOURCE, + PORT_IN_CRYPTODEV, }; struct port_in_params { @@ -48,6 +49,12 @@ struct port_in_params { const char *file_name; uint32_t n_bytes_per_pkt; } source; + + struct { + uint16_t queue_id; + void *f_callback; + void *arg_callback; + } cryptodev; }; uint32_t burst_size; @@ -62,6 +69,7 @@ enum port_out_type { PORT_OUT_TAP, PORT_OUT_KNI, PORT_OUT_SINK, + PORT_OUT_CRYPTODEV, }; struct port_out_params { @@ -76,6 +84,11 @@ struct port_out_params { const char *file_name; uint32_t max_n_pkts; } sink; + + struct { + uint16_t queue_id; + uint32_t op_offset; + } cryptodev; }; uint32_t burst_size; int retry; @@ -268,6 +281,9 @@ struct table_rule_action { struct rte_table_action_ttl_params ttl; struct rte_table_action_stats_params stats; struct rte_table_action_time_params time; + struct rte_table_action_sym_crypto_params sym_crypto; + struct rte_table_action_tag_params tag; + struct rte_table_action_decap_params decap; }; int diff --git a/examples/ip_pipeline/thread.c b/examples/ip_pipeline/thread.c index 7fc03332..4bd971fd 100644 --- a/examples/ip_pipeline/thread.c +++ b/examples/ip_pipeline/thread.c @@ -2244,29 +2244,37 @@ match_convert(struct table_rule_match *mh, ml->acl_add.field_value[0].mask_range.u8 = mh->match.acl.proto_mask; - ml->acl_add.field_value[1].value.u32 = sa32[0]; + ml->acl_add.field_value[1].value.u32 = + rte_be_to_cpu_32(sa32[0]); ml->acl_add.field_value[1].mask_range.u32 = sa32_depth[0]; - ml->acl_add.field_value[2].value.u32 = sa32[1]; + ml->acl_add.field_value[2].value.u32 = + rte_be_to_cpu_32(sa32[1]); ml->acl_add.field_value[2].mask_range.u32 = sa32_depth[1]; - ml->acl_add.field_value[3].value.u32 = sa32[2]; + ml->acl_add.field_value[3].value.u32 = + rte_be_to_cpu_32(sa32[2]); ml->acl_add.field_value[3].mask_range.u32 = sa32_depth[2]; - ml->acl_add.field_value[4].value.u32 = sa32[3]; + ml->acl_add.field_value[4].value.u32 = + rte_be_to_cpu_32(sa32[3]); ml->acl_add.field_value[4].mask_range.u32 = sa32_depth[3]; - ml->acl_add.field_value[5].value.u32 = da32[0]; + ml->acl_add.field_value[5].value.u32 = + rte_be_to_cpu_32(da32[0]); ml->acl_add.field_value[5].mask_range.u32 = da32_depth[0]; - ml->acl_add.field_value[6].value.u32 = da32[1]; + ml->acl_add.field_value[6].value.u32 = + rte_be_to_cpu_32(da32[1]); ml->acl_add.field_value[6].mask_range.u32 = da32_depth[1]; - ml->acl_add.field_value[7].value.u32 = da32[2]; + ml->acl_add.field_value[7].value.u32 = + rte_be_to_cpu_32(da32[2]); ml->acl_add.field_value[7].mask_range.u32 = da32_depth[2]; - ml->acl_add.field_value[8].value.u32 = da32[3]; + ml->acl_add.field_value[8].value.u32 = + rte_be_to_cpu_32(da32[3]); ml->acl_add.field_value[8].mask_range.u32 = da32_depth[3]; @@ -2308,36 +2316,36 @@ match_convert(struct table_rule_match *mh, mh->match.acl.proto_mask; ml->acl_delete.field_value[1].value.u32 = - sa32[0]; + rte_be_to_cpu_32(sa32[0]); ml->acl_delete.field_value[1].mask_range.u32 = sa32_depth[0]; ml->acl_delete.field_value[2].value.u32 = - sa32[1]; + rte_be_to_cpu_32(sa32[1]); ml->acl_delete.field_value[2].mask_range.u32 = sa32_depth[1]; ml->acl_delete.field_value[3].value.u32 = - sa32[2]; + rte_be_to_cpu_32(sa32[2]); ml->acl_delete.field_value[3].mask_range.u32 = sa32_depth[2]; ml->acl_delete.field_value[4].value.u32 = - sa32[3]; + rte_be_to_cpu_32(sa32[3]); ml->acl_delete.field_value[4].mask_range.u32 = sa32_depth[3]; ml->acl_delete.field_value[5].value.u32 = - da32[0]; + rte_be_to_cpu_32(da32[0]); ml->acl_delete.field_value[5].mask_range.u32 = da32_depth[0]; ml->acl_delete.field_value[6].value.u32 = - da32[1]; + rte_be_to_cpu_32(da32[1]); ml->acl_delete.field_value[6].mask_range.u32 = da32_depth[1]; ml->acl_delete.field_value[7].value.u32 = - da32[2]; + rte_be_to_cpu_32(da32[2]); ml->acl_delete.field_value[7].mask_range.u32 = da32_depth[2]; ml->acl_delete.field_value[8].value.u32 = - da32[3]; + rte_be_to_cpu_32(da32[3]); ml->acl_delete.field_value[8].mask_range.u32 = da32_depth[3]; @@ -2476,6 +2484,36 @@ action_convert(struct rte_table_action *a, return status; } + if (action->action_mask & (1LLU << RTE_TABLE_ACTION_SYM_CRYPTO)) { + status = rte_table_action_apply(a, + data, + RTE_TABLE_ACTION_SYM_CRYPTO, + &action->sym_crypto); + + if (status) + return status; + } + + if (action->action_mask & (1LLU << RTE_TABLE_ACTION_TAG)) { + status = rte_table_action_apply(a, + data, + RTE_TABLE_ACTION_TAG, + &action->tag); + + if (status) + return status; + } + + if (action->action_mask & (1LLU << RTE_TABLE_ACTION_DECAP)) { + status = rte_table_action_apply(a, + data, + RTE_TABLE_ACTION_DECAP, + &action->decap); + + if (status) + return status; + } + return 0; } |