Commit f91ddd3a authored by Mark Zhang's avatar Mark Zhang Committed by Leon Romanovsky
Browse files

net/mlx5: Add IPSec priorities in RDMA namespaces 



Add IPSec flow steering priorities in RDMA namespaces. This allows
adding tables/rules to forward RoCEv2 traffic to the IPSec crypto
tables in NIC_TX domain, and accept RoCEv2 traffic from NIC_RX domain.

Signed-off-by: default avatarMark Zhang <markzhang@nvidia.com>
Signed-off-by: default avatarPatrisious Haddad <phaddad@nvidia.com>
Reviewed-by: default avatarMaor Gottlieb <maorg@nvidia.com>
Reviewed-by: default avatarLeon Romanovsky <leonro@nvidia.com>
Signed-off-by: default avatarSaeed Mahameed <saeedm@nvidia.com>
Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
parent 4f226b71

drivers/net/ethernet/mellanox/mlx5/core/fs_core.c

+33 −2
Original line number Diff line number Diff line
@@ -219,19 +219,30 @@ static struct init_tree_node egress_root_fs = { 
};



enum {

	RDMA_RX_IPSEC_PRIO,

	RDMA_RX_COUNTERS_PRIO,

	RDMA_RX_BYPASS_PRIO,

	RDMA_RX_KERNEL_PRIO,

};



#define RDMA_RX_IPSEC_NUM_PRIOS 1

#define RDMA_RX_IPSEC_NUM_LEVELS 2

#define RDMA_RX_IPSEC_MIN_LEVEL  (RDMA_RX_IPSEC_NUM_LEVELS)



#define RDMA_RX_BYPASS_MIN_LEVEL MLX5_BY_PASS_NUM_REGULAR_PRIOS

#define RDMA_RX_KERNEL_MIN_LEVEL (RDMA_RX_BYPASS_MIN_LEVEL + 1)

#define RDMA_RX_COUNTERS_MIN_LEVEL (RDMA_RX_KERNEL_MIN_LEVEL + 2)



static struct init_tree_node rdma_rx_root_fs = {

	.type = FS_TYPE_NAMESPACE,

	.ar_size = 3,

	.ar_size = 4,

	.children = (struct init_tree_node[]) {

		[RDMA_RX_IPSEC_PRIO] =

		ADD_PRIO(0, RDMA_RX_IPSEC_MIN_LEVEL, 0,

			 FS_CHAINING_CAPS,

			 ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,

				ADD_MULTIPLE_PRIO(RDMA_RX_IPSEC_NUM_PRIOS,

						  RDMA_RX_IPSEC_NUM_LEVELS))),

		[RDMA_RX_COUNTERS_PRIO] =

		ADD_PRIO(0, RDMA_RX_COUNTERS_MIN_LEVEL, 0,

			 FS_CHAINING_CAPS,
@@ -254,15 +265,20 @@ static struct init_tree_node rdma_rx_root_fs = { 


enum {

	RDMA_TX_COUNTERS_PRIO,

	RDMA_TX_IPSEC_PRIO,

	RDMA_TX_BYPASS_PRIO,

};



#define RDMA_TX_BYPASS_MIN_LEVEL MLX5_BY_PASS_NUM_PRIOS

#define RDMA_TX_COUNTERS_MIN_LEVEL (RDMA_TX_BYPASS_MIN_LEVEL + 1)



#define RDMA_TX_IPSEC_NUM_PRIOS 1

#define RDMA_TX_IPSEC_PRIO_NUM_LEVELS 1

#define RDMA_TX_IPSEC_MIN_LEVEL  (RDMA_TX_COUNTERS_MIN_LEVEL + RDMA_TX_IPSEC_NUM_PRIOS)



static struct init_tree_node rdma_tx_root_fs = {

	.type = FS_TYPE_NAMESPACE,

	.ar_size = 2,

	.ar_size = 3,

	.children = (struct init_tree_node[]) {

		[RDMA_TX_COUNTERS_PRIO] =

		ADD_PRIO(0, RDMA_TX_COUNTERS_MIN_LEVEL, 0,
@@ -270,6 +286,13 @@ static struct init_tree_node rdma_tx_root_fs = { 
			 ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,

				ADD_MULTIPLE_PRIO(MLX5_RDMA_TX_NUM_COUNTERS_PRIOS,

						  RDMA_TX_COUNTERS_PRIO_NUM_LEVELS))),

		[RDMA_TX_IPSEC_PRIO] =

		ADD_PRIO(0, RDMA_TX_IPSEC_MIN_LEVEL, 0,

			 FS_CHAINING_CAPS,

			 ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,

				ADD_MULTIPLE_PRIO(RDMA_TX_IPSEC_NUM_PRIOS,

						  RDMA_TX_IPSEC_PRIO_NUM_LEVELS))),



		[RDMA_TX_BYPASS_PRIO] =

		ADD_PRIO(0, RDMA_TX_BYPASS_MIN_LEVEL, 0,

			 FS_CHAINING_CAPS_RDMA_TX,
@@ -2368,6 +2391,14 @@ struct mlx5_flow_namespace *mlx5_get_flow_namespace(struct mlx5_core_dev *dev, 
		root_ns = steering->rdma_tx_root_ns;

		prio = RDMA_TX_COUNTERS_PRIO;

		break;

	case MLX5_FLOW_NAMESPACE_RDMA_RX_IPSEC:

		root_ns = steering->rdma_rx_root_ns;

		prio = RDMA_RX_IPSEC_PRIO;

		break;

	case MLX5_FLOW_NAMESPACE_RDMA_TX_IPSEC:

		root_ns = steering->rdma_tx_root_ns;

		prio = RDMA_TX_IPSEC_PRIO;

		break;

	default: /* Must be NIC RX */

		WARN_ON(!is_nic_rx_ns(type));

		root_ns = steering->root_ns;

include/linux/mlx5/fs.h

+2 −0
Original line number Diff line number Diff line
@@ -103,6 +103,8 @@ enum mlx5_flow_namespace_type { 
	MLX5_FLOW_NAMESPACE_PORT_SEL,

	MLX5_FLOW_NAMESPACE_RDMA_RX_COUNTERS,

	MLX5_FLOW_NAMESPACE_RDMA_TX_COUNTERS,

	MLX5_FLOW_NAMESPACE_RDMA_RX_IPSEC,

	MLX5_FLOW_NAMESPACE_RDMA_TX_IPSEC,

};



enum {