This patch adds flags to request IPsec crypto offload for
transmitted packets, and to indicate crypto result for received
packets.
Signed-off-by: Boris Pismenny <bor...@mellanox.com>
Signed-off-by: Aviad Yehezkel <avia...@mellanox.com>
---
lib/librte_mbuf/rte_mbuf.c | 16 ++++++++++++++++
lib/librte_mbuf/rte_mbuf.h | 29 +++++++++++++++++++++++++++++
2 files changed, 45 insertions(+)
diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c
index 0e3e36a..39d0252 100644
--- a/lib/librte_mbuf/rte_mbuf.c
+++ b/lib/librte_mbuf/rte_mbuf.c
@@ -324,6 +324,10 @@ const char *rte_get_rx_ol_flag_name(uint64_t mask)
case PKT_RX_QINQ_STRIPPED: return "PKT_RX_QINQ_STRIPPED";
case PKT_RX_LRO: return "PKT_RX_LRO";
case PKT_RX_TIMESTAMP: return "PKT_RX_TIMESTAMP";
+ case PKT_RX_IPSEC_CRYPTO:
+ return "PKT_RX_IPSEC_CRYPTO";
+ case PKT_RX_IPSEC_CRYPTO_FAILED:
+ return "PKT_RX_IPSEC_CRYPTO_FAILED";
default: return NULL;
}
}
@@ -359,6 +363,12 @@ struct flag_mask {
{ PKT_RX_QINQ_STRIPPED, PKT_RX_QINQ_STRIPPED, NULL },
{ PKT_RX_LRO, PKT_RX_LRO, NULL },
{ PKT_RX_TIMESTAMP, PKT_RX_TIMESTAMP, NULL },
+ { PKT_RX_IPSEC_CRYPTO_UNKNOWN,
+ PKT_RX_IPSEC_CRYPTO_UNKNOWN, "PKT_RX_IPSEC_CRYPTO_UNKNOWN" },
+ { PKT_RX_IPSEC_CRYPTO,
+ PKT_RX_IPSEC_CRYPTO, NULL },
+ { PKT_RX_IPSEC_CRYPTO_FAILED,
+ PKT_RX_IPSEC_CRYPTO_FAILED, NULL },
};
const char *name;
unsigned int i;
@@ -410,6 +420,9 @@ const char *rte_get_tx_ol_flag_name(uint64_t mask)
case PKT_TX_TUNNEL_IPIP: return "PKT_TX_TUNNEL_IPIP";
case PKT_TX_TUNNEL_GENEVE: return "PKT_TX_TUNNEL_GENEVE";
case PKT_TX_MACSEC: return "PKT_TX_MACSEC";
+ case PKT_TX_IPSEC_CRYPTO_HW_TRAILER:
+ return "PKT_TX_IPSEC_CRYPTO_HW_TRAILER";
+ case PKT_TX_IPSEC_CRYPTO: return "PKT_TX_IPSEC_CRYPTO";
default: return NULL;
}
}
@@ -441,6 +454,9 @@ const char *rte_get_tx_ol_flag_name(uint64_t mask)
{ PKT_TX_TUNNEL_GENEVE, PKT_TX_TUNNEL_MASK,
"PKT_TX_TUNNEL_NONE" },
{ PKT_TX_MACSEC, PKT_TX_MACSEC, NULL },
+ { PKT_TX_IPSEC_CRYPTO_HW_TRAILER,
+ PKT_TX_IPSEC_CRYPTO_HW_TRAILER, NULL },
+ { PKT_TX_IPSEC_CRYPTO, PKT_TX_IPSEC_CRYPTO, NULL },
};
const char *name;
unsigned int i;
diff --git a/lib/librte_mbuf/rte_mbuf.h b/lib/librte_mbuf/rte_mbuf.h
index 1cb0310..b8ab7ed 100644
--- a/lib/librte_mbuf/rte_mbuf.h
+++ b/lib/librte_mbuf/rte_mbuf.h
@@ -190,10 +190,39 @@
#define PKT_RX_TIMESTAMP (1ULL << 17)
/* add new RX flags here */
+/**
+ * When IPsec packet is decrypted by hardware, this flag is set in the RX
+ * mbuf to indicate that the m->crpyto fields is valid and is set according to
+ * the result of decryption.
+ */
+
+/**
+ * Mask of bits used to determine the status of RX IPsec crypto.
+ * - PKT_RX_IPSEC_CRYPTO_UNKNOWN : no information about the RX IPsec crypto
+ * - PKT_RX_IPSEC_CRYPTO : decryption and authentication were
performed
+ * - PKT_RX_IPSEC_CRYPTO_FAILED : ipsec processing failed.
+ */
+#define PKT_RX_IPSEC_CRYPTO_UNKNOWN 0
+#define PKT_RX_IPSEC_CRYPTO (1ULL << 18)
+#define PKT_RX_IPSEC_CRYPTO_FAILED (1ULL << 19)
/* add new TX flags here */
/**
+ * Offload the IPsec encryption with software provided trailer.
+ * This flag must be set by the application to enable this
+ * offload feature for a packet to be transmitted.
+ */
+#define PKT_TX_IPSEC_CRYPTO (1ULL << 42)
+
+/**
+ * Offload the IPsec encryption and trailer construction.
+ * This flag must be set by the application to enable this
+ * offload feature for a packet to be transmitted.
+ */
+#define PKT_TX_IPSEC_CRYPTO_HW_TRAILER (1ULL << 43)
+
+/**
* Offload the MACsec. This flag must be set by the application to enable
* this offload feature for a packet to be transmitted.
*/
--
1.8.3.1
