Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0542e13b authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch '10GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue 



Jeff Kirsher says:

====================
10GbE Intel Wired LAN Driver Updates 2018-01-23

This series contains updates to ixgbe only.

Shannon Nelson provides an implementation of the ipsec hardware offload
feature for the ixgbe driver for these devices: x540, x550, 82599.

The ixgbe NICs support ipsec offload for 1024 Rx and 1024 Tx Security
Associations (SAs), using up to 128 inbound IP addresses, and using the
rfc4106(gcm(aes)) encryption.  This code does not yet support checksum
offload, or TSO in conjunction with the ipsec offload - those will be
added in the future.

This code shows improvements in both packet throughput and CPU utilization.
For example, here are some quicky numbers that show the magnitude of the
performance gain on a single run of "iperf -c <dest>" with the ipsec
offload on both ends of a point-to-point connection:

	9.4 Gbps - normal case
	7.6 Gbps - ipsec with offload
	343 Mbps - ipsec no offload
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents c89b517d 85bc2663

drivers/net/ethernet/intel/ixgbe/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -42,3 +42,4 @@ ixgbe-$(CONFIG_IXGBE_DCB) += ixgbe_dcb.o ixgbe_dcb_82598.o \ 
ixgbe-$(CONFIG_IXGBE_HWMON) += ixgbe_sysfs.o

ixgbe-$(CONFIG_DEBUG_FS) += ixgbe_debugfs.o

ixgbe-$(CONFIG_FCOE:m=y) += ixgbe_fcoe.o

ixgbe-$(CONFIG_XFRM_OFFLOAD) += ixgbe_ipsec.o

drivers/net/ethernet/intel/ixgbe/ixgbe.h

+31 −2
Original line number Diff line number Diff line
@@ -52,6 +52,7 @@ 
#ifdef CONFIG_IXGBE_DCA

#include <linux/dca.h>

#endif

#include "ixgbe_ipsec.h"



#include <net/xdp.h>

#include <net/busy_poll.h>
@@ -171,10 +172,11 @@ enum ixgbe_tx_flags { 
	IXGBE_TX_FLAGS_CC	= 0x08,

	IXGBE_TX_FLAGS_IPV4	= 0x10,

	IXGBE_TX_FLAGS_CSUM	= 0x20,

	IXGBE_TX_FLAGS_IPSEC	= 0x40,



	/* software defined flags */

	IXGBE_TX_FLAGS_SW_VLAN	= 0x40,

	IXGBE_TX_FLAGS_FCOE	= 0x80,

	IXGBE_TX_FLAGS_SW_VLAN	= 0x80,

	IXGBE_TX_FLAGS_FCOE	= 0x100,

};



/* VLAN info */
@@ -629,15 +631,18 @@ struct ixgbe_adapter { 
#define IXGBE_FLAG2_EEE_CAPABLE			BIT(14)

#define IXGBE_FLAG2_EEE_ENABLED			BIT(15)

#define IXGBE_FLAG2_RX_LEGACY			BIT(16)

#define IXGBE_FLAG2_IPSEC_ENABLED		BIT(17)



	/* Tx fast path data */

	int num_tx_queues;

	u16 tx_itr_setting;

	u16 tx_work_limit;

	u64 tx_ipsec;



	/* Rx fast path data */

	int num_rx_queues;

	u16 rx_itr_setting;

	u64 rx_ipsec;



	/* Port number used to identify VXLAN traffic */

	__be16 vxlan_port;
@@ -781,6 +786,10 @@ struct ixgbe_adapter { 


#define IXGBE_RSS_KEY_SIZE     40  /* size of RSS Hash Key in bytes */

	u32 *rss_key;



#ifdef CONFIG_XFRM

	struct ixgbe_ipsec *ipsec;

#endif /* CONFIG_XFRM */

};



static inline u8 ixgbe_max_rss_indices(struct ixgbe_adapter *adapter)
@@ -1011,4 +1020,24 @@ void ixgbe_store_key(struct ixgbe_adapter *adapter); 
void ixgbe_store_reta(struct ixgbe_adapter *adapter);

s32 ixgbe_negotiate_fc(struct ixgbe_hw *hw, u32 adv_reg, u32 lp_reg,

		       u32 adv_sym, u32 adv_asm, u32 lp_sym, u32 lp_asm);

#ifdef CONFIG_XFRM_OFFLOAD

void ixgbe_init_ipsec_offload(struct ixgbe_adapter *adapter);

void ixgbe_stop_ipsec_offload(struct ixgbe_adapter *adapter);

void ixgbe_ipsec_restore(struct ixgbe_adapter *adapter);

void ixgbe_ipsec_rx(struct ixgbe_ring *rx_ring,

		    union ixgbe_adv_rx_desc *rx_desc,

		    struct sk_buff *skb);

int ixgbe_ipsec_tx(struct ixgbe_ring *tx_ring, struct ixgbe_tx_buffer *first,

		   struct ixgbe_ipsec_tx_data *itd);

#else

static inline void ixgbe_init_ipsec_offload(struct ixgbe_adapter *adapter) { };

static inline void ixgbe_stop_ipsec_offload(struct ixgbe_adapter *adapter) { };

static inline void ixgbe_ipsec_restore(struct ixgbe_adapter *adapter) { };

static inline void ixgbe_ipsec_rx(struct ixgbe_ring *rx_ring,

				  union ixgbe_adv_rx_desc *rx_desc,

				  struct sk_buff *skb) { };

static inline int ixgbe_ipsec_tx(struct ixgbe_ring *tx_ring,

				 struct ixgbe_tx_buffer *first,

				 struct ixgbe_ipsec_tx_data *itd) { return 0; };

#endif /* CONFIG_XFRM_OFFLOAD */

#endif /* _IXGBE_H_ */

drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c

+2 −0
Original line number Diff line number Diff line
@@ -115,6 +115,8 @@ static const struct ixgbe_stats ixgbe_gstrings_stats[] = { 
	{"tx_hwtstamp_timeouts", IXGBE_STAT(tx_hwtstamp_timeouts)},

	{"tx_hwtstamp_skipped", IXGBE_STAT(tx_hwtstamp_skipped)},

	{"rx_hwtstamp_cleared", IXGBE_STAT(rx_hwtstamp_cleared)},

	{"tx_ipsec", IXGBE_STAT(tx_ipsec)},

	{"rx_ipsec", IXGBE_STAT(rx_ipsec)},

#ifdef IXGBE_FCOE

	{"fcoe_bad_fccrc", IXGBE_STAT(stats.fccrc)},

	{"rx_fcoe_dropped", IXGBE_STAT(stats.fcoerpdc)},

drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c

0 → 100644
+941 −0

File added.

Preview size limit exceeded, changes collapsed.

drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.h

0 → 100644
+93 −0
Original line number Diff line number Diff line 
/*******************************************************************************



  Intel 10 Gigabit PCI Express Linux driver

  Copyright(c) 2017 Oracle and/or its affiliates. All rights reserved.



  This program is free software; you can redistribute it and/or modify it

  under the terms and conditions of the GNU General Public License,

  version 2, as published by the Free Software Foundation.



  This program is distributed in the hope it will be useful, but WITHOUT

  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for

  more details.



  You should have received a copy of the GNU General Public License along with

  this program.  If not, see <http://www.gnu.org/licenses/>.



  The full GNU General Public License is included in this distribution in

  the file called "COPYING".



  Contact Information:

  Linux NICS <linux.nics@intel.com>

  e1000-devel Mailing List <e1000-devel@lists.sourceforge.net>

  Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497



*******************************************************************************/



#ifndef _IXGBE_IPSEC_H_

#define _IXGBE_IPSEC_H_



#define IXGBE_IPSEC_MAX_SA_COUNT	1024

#define IXGBE_IPSEC_MAX_RX_IP_COUNT	128

#define IXGBE_IPSEC_BASE_RX_INDEX	0

#define IXGBE_IPSEC_BASE_TX_INDEX	IXGBE_IPSEC_MAX_SA_COUNT



#define IXGBE_RXTXIDX_IPS_EN		0x00000001

#define IXGBE_RXIDX_TBL_SHIFT		1

enum ixgbe_ipsec_tbl_sel {

	ips_rx_ip_tbl	=	0x01,

	ips_rx_spi_tbl	=	0x02,

	ips_rx_key_tbl	=	0x03,

};



#define IXGBE_RXTXIDX_IDX_SHIFT		3

#define IXGBE_RXTXIDX_READ		0x40000000

#define IXGBE_RXTXIDX_WRITE		0x80000000



#define IXGBE_RXMOD_VALID		0x00000001

#define IXGBE_RXMOD_PROTO_ESP		0x00000004

#define IXGBE_RXMOD_DECRYPT		0x00000008

#define IXGBE_RXMOD_IPV6		0x00000010



struct rx_sa {

	struct hlist_node hlist;

	struct xfrm_state *xs;

	__be32 ipaddr[4];

	u32 key[4];

	u32 salt;

	u32 mode;

	u8  iptbl_ind;

	bool used;

	bool decrypt;

};



struct rx_ip_sa {

	__be32 ipaddr[4];

	u32 ref_cnt;

	bool used;

};



struct tx_sa {

	struct xfrm_state *xs;

	u32 key[4];

	u32 salt;

	bool encrypt;

	bool used;

};



struct ixgbe_ipsec_tx_data {

	u32 flags;

	u16 trailer_len;

	u16 sa_idx;

};



struct ixgbe_ipsec {

	u16 num_rx_sa;

	u16 num_tx_sa;

	struct rx_ip_sa *ip_tbl;

	struct rx_sa *rx_tbl;

	struct tx_sa *tx_tbl;

	DECLARE_HASHTABLE(rx_sa_list, 10);

};

#endif /* _IXGBE_IPSEC_H_ */