Commit 3e4cf1dd authored by Jianbo Liu's avatar Jianbo Liu Committed by Saeed Mahameed
Browse files

net/mlx5e: kTLS, Fix protection domain in use syndrome when devlink reload 



There are DEK objects cached in DEK pool after kTLS is used, and they
are freed only in mlx5e_ktls_cleanup().

mlx5e_destroy_mdev_resources() is called in mlx5e_suspend() to
free mdev resources, including protection domain (PD). However, PD is
still referenced by the cached DEK objects in this case, because
profile->cleanup() (and therefore mlx5e_ktls_cleanup()) is called
after mlx5e_suspend() during devlink reload. So the following FW
syndrome is generated:

 mlx5_cmd_out_err:803:(pid 12948): DEALLOC_PD(0x801) op_mod(0x0) failed,
    status bad resource state(0x9), syndrome (0xef0c8a), err(-22)

To avoid this syndrome, move DEK pool destruction to
mlx5e_ktls_cleanup_tx(), which is called by profile->cleanup_tx(). And
move pool creation to mlx5e_ktls_init_tx() for symmetry.

Fixes: f741db1a ("net/mlx5e: kTLS, Improve connection rate by using fast update encryption key")
Signed-off-by: default avatarJianbo Liu <jianbol@nvidia.com>
Reviewed-by: default avatarTariq Toukan <tariqt@nvidia.com>
Signed-off-by: default avatarSaeed Mahameed <saeedm@nvidia.com>
parent eb02b93a

drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.c

+0 −8
Original line number Diff line number Diff line
@@ -188,7 +188,6 @@ static void mlx5e_tls_debugfs_init(struct mlx5e_tls *tls, 


int mlx5e_ktls_init(struct mlx5e_priv *priv)

{

	struct mlx5_crypto_dek_pool *dek_pool;

	struct mlx5e_tls *tls;



	if (!mlx5e_is_ktls_device(priv->mdev))
@@ -199,12 +198,6 @@ int mlx5e_ktls_init(struct mlx5e_priv *priv) 
		return -ENOMEM;

	tls->mdev = priv->mdev;



	dek_pool = mlx5_crypto_dek_pool_create(priv->mdev, MLX5_ACCEL_OBJ_TLS_KEY);

	if (IS_ERR(dek_pool)) {

		kfree(tls);

		return PTR_ERR(dek_pool);

	}

	tls->dek_pool = dek_pool;

	priv->tls = tls;



	mlx5e_tls_debugfs_init(tls, priv->dfs_root);
@@ -222,7 +215,6 @@ void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) 
	debugfs_remove_recursive(tls->debugfs.dfs);

	tls->debugfs.dfs = NULL;



	mlx5_crypto_dek_pool_destroy(tls->dek_pool);

	kfree(priv->tls);

	priv->tls = NULL;

}

drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c

+26 −3
Original line number Diff line number Diff line
@@ -908,28 +908,51 @@ static void mlx5e_tls_tx_debugfs_init(struct mlx5e_tls *tls, 


int mlx5e_ktls_init_tx(struct mlx5e_priv *priv)

{

	struct mlx5_crypto_dek_pool *dek_pool;

	struct mlx5e_tls *tls = priv->tls;

	int err;



	if (!mlx5e_is_ktls_device(priv->mdev))

		return 0;



	/* DEK pool could be used by either or both of TX and RX. But we have to

	 * put the creation here to avoid syndrome when doing devlink reload.

	 */

	dek_pool = mlx5_crypto_dek_pool_create(priv->mdev, MLX5_ACCEL_OBJ_TLS_KEY);

	if (IS_ERR(dek_pool))

		return PTR_ERR(dek_pool);

	tls->dek_pool = dek_pool;



	if (!mlx5e_is_ktls_tx(priv->mdev))

		return 0;



	priv->tls->tx_pool = mlx5e_tls_tx_pool_init(priv->mdev, &priv->tls->sw_stats);

	if (!priv->tls->tx_pool)

		return -ENOMEM;

	if (!priv->tls->tx_pool) {

		err = -ENOMEM;

		goto err_tx_pool_init;

	}



	mlx5e_tls_tx_debugfs_init(tls, tls->debugfs.dfs);



	return 0;



err_tx_pool_init:

	mlx5_crypto_dek_pool_destroy(dek_pool);

	return err;

}



void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv)

{

	if (!mlx5e_is_ktls_tx(priv->mdev))

		return;

		goto dek_pool_destroy;



	debugfs_remove_recursive(priv->tls->debugfs.dfs_tx);

	priv->tls->debugfs.dfs_tx = NULL;



	mlx5e_tls_tx_pool_cleanup(priv->tls->tx_pool);

	priv->tls->tx_pool = NULL;



dek_pool_destroy:

	if (mlx5e_is_ktls_device(priv->mdev))

		mlx5_crypto_dek_pool_destroy(priv->tls->dek_pool);

}