net: atlantic: MACSec offload skeleton

This patch adds basic functionality for MACSec offloading for Atlantic
NICs.

MACSec offloading functionality is enabled if network card has
appropriate FW that has MACSec offloading enabled in config.

Actual functionality (ingress, egress, etc) will be added in follow-up
patches.

Signed-off-by: Dmitry Bogdanov <dbogdanov@marvell.com>
Signed-off-by: Mark Starovoytov <mstarovoitov@marvell.com>
Signed-off-by: Igor Russkikh <irusskikh@marvell.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Dmitry Bogdanov 2020-03-25 15:52:39 +03:00 коммит произвёл David S. Miller
Родитель c850240b6c
Коммит 62c1c2e606
10 изменённых файлов: 373 добавлений и 8 удалений

Просмотреть файл

@ -20,6 +20,7 @@ config AQTION
tristate "aQuantia AQtion(tm) Support"
depends on PCI
depends on X86_64 || ARM64 || COMPILE_TEST
depends on MACSEC || MACSEC=n
---help---
This enables the support for the aQuantia AQtion(tm) Ethernet card.

Просмотреть файл

@ -8,6 +8,8 @@
obj-$(CONFIG_AQTION) += atlantic.o
ccflags-y += -I$(src)
atlantic-objs := aq_main.o \
aq_nic.o \
aq_pci_func.o \
@ -24,4 +26,6 @@ atlantic-objs := aq_main.o \
hw_atl/hw_atl_utils_fw2x.o \
hw_atl/hw_atl_llh.o
atlantic-$(CONFIG_MACSEC) += aq_macsec.o
atlantic-$(CONFIG_PTP_1588_CLOCK) += aq_ptp.o

Просмотреть файл

@ -343,6 +343,12 @@ struct aq_fw_ops {
int (*get_eee_rate)(struct aq_hw_s *self, u32 *rate,
u32 *supported_rates);
u32 (*get_link_capabilities)(struct aq_hw_s *self);
int (*send_macsec_req)(struct aq_hw_s *self,
struct macsec_msg_fw_request *msg,
struct macsec_msg_fw_response *resp);
};
#endif /* AQ_HW_H */

Просмотреть файл

@ -0,0 +1,174 @@
// SPDX-License-Identifier: GPL-2.0-only
/* Atlantic Network Driver
* Copyright (C) 2020 Marvell International Ltd.
*/
#include "aq_macsec.h"
#include "aq_nic.h"
#include <linux/rtnetlink.h>
static int aq_mdo_dev_open(struct macsec_context *ctx)
{
return 0;
}
static int aq_mdo_dev_stop(struct macsec_context *ctx)
{
return 0;
}
static int aq_mdo_add_secy(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_upd_secy(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_del_secy(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_add_txsa(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_upd_txsa(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_del_txsa(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_add_rxsc(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_upd_rxsc(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_del_rxsc(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_add_rxsa(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_upd_rxsa(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static int aq_mdo_del_rxsa(struct macsec_context *ctx)
{
return -EOPNOTSUPP;
}
static void aq_check_txsa_expiration(struct aq_nic_s *nic)
{
}
const struct macsec_ops aq_macsec_ops = {
.mdo_dev_open = aq_mdo_dev_open,
.mdo_dev_stop = aq_mdo_dev_stop,
.mdo_add_secy = aq_mdo_add_secy,
.mdo_upd_secy = aq_mdo_upd_secy,
.mdo_del_secy = aq_mdo_del_secy,
.mdo_add_rxsc = aq_mdo_add_rxsc,
.mdo_upd_rxsc = aq_mdo_upd_rxsc,
.mdo_del_rxsc = aq_mdo_del_rxsc,
.mdo_add_rxsa = aq_mdo_add_rxsa,
.mdo_upd_rxsa = aq_mdo_upd_rxsa,
.mdo_del_rxsa = aq_mdo_del_rxsa,
.mdo_add_txsa = aq_mdo_add_txsa,
.mdo_upd_txsa = aq_mdo_upd_txsa,
.mdo_del_txsa = aq_mdo_del_txsa,
};
int aq_macsec_init(struct aq_nic_s *nic)
{
struct aq_macsec_cfg *cfg;
u32 caps_lo;
if (!nic->aq_fw_ops->get_link_capabilities)
return 0;
caps_lo = nic->aq_fw_ops->get_link_capabilities(nic->aq_hw);
if (!(caps_lo & BIT(CAPS_LO_MACSEC)))
return 0;
nic->macsec_cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
if (!nic->macsec_cfg)
return -ENOMEM;
nic->ndev->features |= NETIF_F_HW_MACSEC;
nic->ndev->macsec_ops = &aq_macsec_ops;
return 0;
}
void aq_macsec_free(struct aq_nic_s *nic)
{
kfree(nic->macsec_cfg);
nic->macsec_cfg = NULL;
}
int aq_macsec_enable(struct aq_nic_s *nic)
{
struct macsec_msg_fw_response resp = { 0 };
struct macsec_msg_fw_request msg = { 0 };
struct aq_hw_s *hw = nic->aq_hw;
int ret = 0;
if (!nic->macsec_cfg)
return 0;
rtnl_lock();
if (nic->aq_fw_ops->send_macsec_req) {
struct macsec_cfg_request cfg = { 0 };
cfg.enabled = 1;
cfg.egress_threshold = 0xffffffff;
cfg.ingress_threshold = 0xffffffff;
cfg.interrupts_enabled = 1;
msg.msg_type = macsec_cfg_msg;
msg.cfg = cfg;
ret = nic->aq_fw_ops->send_macsec_req(hw, &msg, &resp);
if (ret)
goto unlock;
}
unlock:
rtnl_unlock();
return ret;
}
void aq_macsec_work(struct aq_nic_s *nic)
{
if (!nic->macsec_cfg)
return;
if (!netif_carrier_ok(nic->ndev))
return;
rtnl_lock();
aq_check_txsa_expiration(nic);
rtnl_unlock();
}

Просмотреть файл

@ -0,0 +1,51 @@
/* SPDX-License-Identifier: GPL-2.0-only */
/* Atlantic Network Driver
* Copyright (C) 2020 Marvell International Ltd.
*/
#ifndef AQ_MACSEC_H
#define AQ_MACSEC_H
#include <linux/netdevice.h>
#if IS_ENABLED(CONFIG_MACSEC)
#include "net/macsec.h"
struct aq_nic_s;
#define AQ_MACSEC_MAX_SC 32
#define AQ_MACSEC_MAX_SA 32
enum aq_macsec_sc_sa {
aq_macsec_sa_sc_4sa_8sc,
aq_macsec_sa_sc_not_used,
aq_macsec_sa_sc_2sa_16sc,
aq_macsec_sa_sc_1sa_32sc,
};
struct aq_macsec_txsc {
};
struct aq_macsec_rxsc {
};
struct aq_macsec_cfg {
enum aq_macsec_sc_sa sc_sa;
/* Egress channel configuration */
unsigned long txsc_idx_busy;
struct aq_macsec_txsc aq_txsc[AQ_MACSEC_MAX_SC];
/* Ingress channel configuration */
unsigned long rxsc_idx_busy;
struct aq_macsec_rxsc aq_rxsc[AQ_MACSEC_MAX_SC];
};
extern const struct macsec_ops aq_macsec_ops;
int aq_macsec_init(struct aq_nic_s *nic);
void aq_macsec_free(struct aq_nic_s *nic);
int aq_macsec_enable(struct aq_nic_s *nic);
void aq_macsec_work(struct aq_nic_s *nic);
#endif
#endif /* AQ_MACSEC_H */

Просмотреть файл

@ -11,6 +11,7 @@
#include "aq_vec.h"
#include "aq_hw.h"
#include "aq_pci_func.h"
#include "aq_macsec.h"
#include "aq_main.h"
#include "aq_phy.h"
#include "aq_ptp.h"
@ -176,6 +177,9 @@ static int aq_nic_update_link_status(struct aq_nic_s *self)
aq_utils_obj_clear(&self->flags,
AQ_NIC_LINK_DOWN);
netif_carrier_on(self->ndev);
#if IS_ENABLED(CONFIG_MACSEC)
aq_macsec_enable(self);
#endif
netif_tx_wake_all_queues(self->ndev);
}
if (netif_carrier_ok(self->ndev) && !self->link_status.mbps) {
@ -217,6 +221,10 @@ static void aq_nic_service_task(struct work_struct *work)
if (err)
return;
#if IS_ENABLED(CONFIG_MACSEC)
aq_macsec_work(self);
#endif
mutex_lock(&self->fwreq_mutex);
if (self->aq_fw_ops->update_stats)
self->aq_fw_ops->update_stats(self->aq_hw);
@ -262,6 +270,10 @@ int aq_nic_ndev_register(struct aq_nic_s *self)
if (err)
goto err_exit;
#if IS_ENABLED(CONFIG_MACSEC)
aq_macsec_init(self);
#endif
mutex_lock(&self->fwreq_mutex);
err = self->aq_fw_ops->get_mac_permanent(self->aq_hw,
self->ndev->dev_addr);
@ -296,6 +308,10 @@ int aq_nic_ndev_register(struct aq_nic_s *self)
goto err_exit;
err_exit:
#if IS_ENABLED(CONFIG_MACSEC)
if (err)
aq_macsec_free(self);
#endif
return err;
}

Просмотреть файл

@ -17,6 +17,7 @@ struct aq_ring_s;
struct aq_hw_ops;
struct aq_fw_s;
struct aq_vec_s;
struct aq_macsec_cfg;
struct aq_ptp_s;
enum aq_rx_filter_type;
@ -129,6 +130,9 @@ struct aq_nic_s {
u32 irqvecs;
/* mutex to serialize FW interface access operations */
struct mutex fwreq_mutex;
#if IS_ENABLED(CONFIG_MACSEC)
struct aq_macsec_cfg *macsec_cfg;
#endif
/* PTP support */
struct aq_ptp_s *aq_ptp;
struct aq_hw_rx_fltrs_s aq_hw_rx_fltrs;

Просмотреть файл

@ -18,6 +18,7 @@
#include "hw_atl/hw_atl_b0.h"
#include "aq_filters.h"
#include "aq_drvinfo.h"
#include "aq_macsec.h"
static const struct pci_device_id aq_pci_tbl[] = {
{ PCI_VDEVICE(AQUANTIA, AQ_DEVICE_ID_0001), },
@ -324,6 +325,10 @@ static void aq_pci_remove(struct pci_dev *pdev)
aq_clear_rxnfc_all_rules(self);
if (self->ndev->reg_state == NETREG_REGISTERED)
unregister_netdev(self->ndev);
#if IS_ENABLED(CONFIG_MACSEC)
aq_macsec_free(self);
#endif
aq_nic_free_vectors(self);
aq_pci_free_irq_vectors(self);
iounmap(self->aq_hw->mmio);

Просмотреть файл

@ -319,6 +319,32 @@ struct __packed hw_atl_utils_settings {
u32 media_detect;
};
enum macsec_msg_type {
macsec_cfg_msg = 0,
macsec_add_rx_sc_msg,
macsec_add_tx_sc_msg,
macsec_add_rx_sa_msg,
macsec_add_tx_sa_msg,
macsec_get_stats_msg,
};
struct __packed macsec_cfg_request {
u32 enabled;
u32 egress_threshold;
u32 ingress_threshold;
u32 interrupts_enabled;
};
struct __packed macsec_msg_fw_request {
u32 msg_id; /* not used */
u32 msg_type;
struct macsec_cfg_request cfg;
};
struct __packed macsec_msg_fw_response {
u32 result;
};
enum hw_atl_rx_action_with_traffic {
HW_ATL_RX_DISCARD,
HW_ATL_RX_HOST,
@ -437,34 +463,43 @@ enum hw_atl_fw2x_caps_lo {
CAPS_LO_2P5GBASET_FD,
CAPS_LO_5GBASET_FD = 10,
CAPS_LO_10GBASET_FD,
CAPS_LO_AUTONEG,
CAPS_LO_SMBUS_READ,
CAPS_LO_SMBUS_WRITE,
CAPS_LO_MACSEC = 15,
CAPS_LO_RESERVED1,
CAPS_LO_WAKE_ON_LINK_FORCED,
CAPS_LO_HIGH_TEMP_WARNING = 29,
CAPS_LO_DRIVER_SCRATCHPAD = 30,
CAPS_LO_GLOBAL_FAULT = 31
};
/* 0x374
* Status register
*/
enum hw_atl_fw2x_caps_hi {
CAPS_HI_RESERVED1 = 0,
CAPS_HI_TPO2EN = 0,
CAPS_HI_10BASET_EEE,
CAPS_HI_RESERVED2,
CAPS_HI_PAUSE,
CAPS_HI_ASYMMETRIC_PAUSE,
CAPS_HI_100BASETX_EEE = 5,
CAPS_HI_RESERVED3,
CAPS_HI_RESERVED4,
CAPS_HI_PHY_BUF_SEND,
CAPS_HI_PHY_BUF_RECV,
CAPS_HI_1000BASET_FD_EEE,
CAPS_HI_2P5GBASET_FD_EEE,
CAPS_HI_5GBASET_FD_EEE = 10,
CAPS_HI_10GBASET_FD_EEE,
CAPS_HI_FW_REQUEST,
CAPS_HI_RESERVED6,
CAPS_HI_RESERVED7,
CAPS_HI_RESERVED8 = 15,
CAPS_HI_RESERVED9,
CAPS_HI_PHY_LOG,
CAPS_HI_EEE_AUTO_DISABLE_SETTINGS,
CAPS_HI_PFC = 15,
CAPS_HI_WAKE_ON_LINK,
CAPS_HI_CABLE_DIAG,
CAPS_HI_TEMPERATURE,
CAPS_HI_DOWNSHIFT,
CAPS_HI_PTP_AVB_EN_FW2X = 20,
CAPS_HI_MEDIA_DETECT,
CAPS_HI_THERMAL_SHUTDOWN,
CAPS_HI_LINK_DROP,
CAPS_HI_SLEEP_PROXY,
CAPS_HI_WOL,

Просмотреть файл

@ -55,6 +55,8 @@
#define HW_ATL_FW2X_CAP_EEE_5G_MASK BIT(CAPS_HI_5GBASET_FD_EEE)
#define HW_ATL_FW2X_CAP_EEE_10G_MASK BIT(CAPS_HI_10GBASET_FD_EEE)
#define HW_ATL_FW2X_CAP_MACSEC BIT(CAPS_LO_MACSEC)
#define HAL_ATLANTIC_WOL_FILTERS_COUNT 8
#define HAL_ATLANTIC_UTILS_FW2X_MSG_WOL 0x0E
@ -86,6 +88,7 @@ static int aq_fw2x_set_state(struct aq_hw_s *self,
static u32 aq_fw2x_mbox_get(struct aq_hw_s *self);
static u32 aq_fw2x_rpc_get(struct aq_hw_s *self);
static int aq_fw2x_settings_get(struct aq_hw_s *self, u32 *addr);
static u32 aq_fw2x_state_get(struct aq_hw_s *self);
static u32 aq_fw2x_state2_get(struct aq_hw_s *self);
static int aq_fw2x_init(struct aq_hw_s *self)
@ -619,11 +622,75 @@ static int aq_fw2x_settings_get(struct aq_hw_s *self, u32 *addr)
return err;
}
static u32 aq_fw2x_state_get(struct aq_hw_s *self)
{
return aq_hw_read_reg(self, HW_ATL_FW2X_MPI_STATE_ADDR);
}
static u32 aq_fw2x_state2_get(struct aq_hw_s *self)
{
return aq_hw_read_reg(self, HW_ATL_FW2X_MPI_STATE2_ADDR);
}
static u32 aq_fw2x_get_link_capabilities(struct aq_hw_s *self)
{
int err = 0;
u32 offset;
u32 val;
offset = self->mbox_addr +
offsetof(struct hw_atl_utils_mbox, info.caps_lo);
err = hw_atl_utils_fw_downld_dwords(self, offset, &val, 1);
if (err)
return 0;
return val;
}
static int aq_fw2x_send_macsec_req(struct aq_hw_s *hw,
struct macsec_msg_fw_request *req,
struct macsec_msg_fw_response *response)
{
u32 low_status, low_req = 0;
u32 dword_cnt;
u32 caps_lo;
u32 offset;
int err;
if (!req || !response)
return -EINVAL;
caps_lo = aq_fw2x_get_link_capabilities(hw);
if (!(caps_lo & BIT(CAPS_LO_MACSEC)))
return -EOPNOTSUPP;
/* Write macsec request to cfg memory */
dword_cnt = (sizeof(*req) + sizeof(u32) - 1) / sizeof(u32);
err = hw_atl_write_fwcfg_dwords(hw, (void *)req, dword_cnt);
if (err < 0)
return err;
/* Toggle 0x368.CAPS_LO_MACSEC bit */
low_req = aq_hw_read_reg(hw, HW_ATL_FW2X_MPI_CONTROL_ADDR);
low_req ^= HW_ATL_FW2X_CAP_MACSEC;
aq_hw_write_reg(hw, HW_ATL_FW2X_MPI_CONTROL_ADDR, low_req);
/* Wait FW to report back */
err = readx_poll_timeout_atomic(aq_fw2x_state_get, hw, low_status,
low_req != (low_status & BIT(CAPS_LO_MACSEC)), 1U, 10000U);
if (err)
return -EIO;
/* Read status of write operation */
offset = hw->rpc_addr + sizeof(u32);
err = hw_atl_utils_fw_downld_dwords(hw, offset, (u32 *)(void *)response,
sizeof(*response) / sizeof(u32));
return err;
}
const struct aq_fw_ops aq_fw_2x_ops = {
.init = aq_fw2x_init,
.deinit = aq_fw2x_deinit,
@ -645,4 +712,6 @@ const struct aq_fw_ops aq_fw_2x_ops = {
.led_control = aq_fw2x_led_control,
.set_phyloopback = aq_fw2x_set_phyloopback,
.adjust_ptp = aq_fw3x_adjust_ptp,
.get_link_capabilities = aq_fw2x_get_link_capabilities,
.send_macsec_req = aq_fw2x_send_macsec_req,
};