[dpdk-dev] [RFC v2 7/7] app/testpmd: macsec adding RX/TX SC using rte_security interface

Fri, 25 Oct 2019 10:56:40 -0700 

From: Pavel Belous <pavel.bel...@aquantia.com>

Signed-off-by: Pavel Belous <pavel.bel...@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russk...@aquantia.com>
---
 app/test-pmd/cmdline.c | 11 +++++-----
 app/test-pmd/macsec.c  | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++
 app/test-pmd/macsec.h  |  2 ++
 3 files changed, 63 insertions(+), 6 deletions(-)

diff --git a/app/test-pmd/cmdline.c b/app/test-pmd/cmdline.c
index 10f48f8..a1f895c 100644
--- a/app/test-pmd/cmdline.c
+++ b/app/test-pmd/cmdline.c
@@ -14304,13 +14304,12 @@ cmd_set_macsec_sc_parsed(
        int ret = -ENOTSUP;
        int is_tx = (strcmp(res->tx_rx, "tx") == 0) ? 1 : 0;
 
-#ifdef RTE_LIBRTE_IXGBE_PMD
        ret = is_tx ?
-               rte_pmd_ixgbe_macsec_config_txsc(res->port_id,
-                               res->mac.addr_bytes) :
-               rte_pmd_ixgbe_macsec_config_rxsc(res->port_id,
-                               res->mac.addr_bytes, res->pi);
-#endif
+               config_macsec_txsc(res->port_id,
+                                res->mac) :
+               config_macsec_rxsc(res->port_id,
+                                res->mac, res->pi);
+
        RTE_SET_USED(is_tx);
 
        switch (ret) {
diff --git a/app/test-pmd/macsec.c b/app/test-pmd/macsec.c
index fc7976d..ffba467 100644
--- a/app/test-pmd/macsec.c
+++ b/app/test-pmd/macsec.c
@@ -80,3 +80,59 @@ int set_macsec_on_off(portid_t port_id, int on, int en, int 
rp)
        return err;
 }
 
+int config_macsec_txsc(portid_t port_id, struct rte_ether_addr mac)
+{
+       struct rte_security_session_conf macsec_conf;
+       struct rte_security_ctx *ctx;
+       int err = 0;
+
+       ctx = rte_eth_dev_get_sec_ctx(port_id);
+
+       if (!ctx) {
+               err = -ENOTSUP;
+               goto done;
+       }
+
+       macsec_conf.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+       macsec_conf.protocol = RTE_SECURITY_PROTOCOL_MACSEC;
+
+       macsec_conf.macsec.op = RTE_SECURITY_MACSEC_OP_ADD_TXSC;
+
+       rte_memcpy(&macsec_conf.macsec.txsc_options.s_mac, mac.addr_bytes, 
sizeof(struct rte_ether_addr));
+       macsec_conf.macsec.txsc_options.encrypt = 
macsec_param.encryption_enabled;
+       macsec_conf.macsec.txsc_options.protect = 1;
+
+       err = rte_security_session_update(ctx, macsec_param.session, 
&macsec_conf);
+
+done:
+       return err;
+}
+
+int config_macsec_rxsc(portid_t port_id, struct rte_ether_addr mac, uint16_t 
pi)
+{
+       struct rte_security_session_conf macsec_conf;
+       struct rte_security_ctx *ctx;
+       int err = 0;
+
+       ctx = rte_eth_dev_get_sec_ctx(port_id);
+       if (!ctx) {
+               err = -ENOTSUP;
+               goto done;
+       }
+
+       macsec_conf.action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;
+       macsec_conf.protocol = RTE_SECURITY_PROTOCOL_MACSEC;
+       macsec_conf.macsec.op = RTE_SECURITY_MACSEC_OP_ADD_RXSC;
+
+       rte_memcpy(&macsec_conf.macsec.txsc_options.s_mac, mac.addr_bytes, 
sizeof(struct rte_ether_addr));
+       macsec_conf.macsec.rxsc_options.anti_replay_window = 0;
+       macsec_conf.macsec.rxsc_options.replay_protection = 
macsec_param.replay_protection_enabled;
+       macsec_conf.macsec.rxsc_options.auto_rollover_enabled = true;
+       macsec_conf.macsec.rxsc_options.port_ident = pi;
+
+       err = rte_security_session_update(ctx, macsec_param.session, 
&macsec_conf);
+
+done:
+       return err;
+}
+
diff --git a/app/test-pmd/macsec.h b/app/test-pmd/macsec.h
index 42a534f..e155937 100644
--- a/app/test-pmd/macsec.h
+++ b/app/test-pmd/macsec.h
@@ -8,5 +8,7 @@
 #include "testpmd.h"
 
 int set_macsec_on_off(portid_t port_id, int on, int en, int rp);
+int config_macsec_txsc(portid_t port_id, struct rte_ether_addr mac);
+int config_macsec_rxsc(portid_t port_id, struct rte_ether_addr mac, uint16_t 
pi);
 
 #endif
-- 
2.7.4

Reply via email to