Hi Radu,
> -----Original Message-----
> From: Nicolau, Radu
> Sent: Wednesday, January 17, 2018 11:19 AM
> To: dev@dpdk.org
> Cc: Lu, Wenzhuo <wenzhuo...@intel.com>; Ananyev, Konstantin
> <konstantin.anan...@intel.com>; Zhao, XinfengX
> <xinfengx.z...@intel.com>; De Lara Guarch, Pablo
> <pablo.de.lara.gua...@intel.com>; Nicolau, Radu <radu.nico...@intel.com>
> Subject: [PATCH] net/ixgbe: check if security capabilities are enabled by HW
>
> Check if the security enable bits are not fused before setting
> offload capabilities for security
In theory dev_info_get() - could be called at any stage of device configuration
or even when RX/TX is active.
Do you really want to assert SECRXCTRL at that moment?
Probably better to do this only once at init time and then just use some stored
value?
Konstantin
>
> Signed-off-by: Radu Nicolau <radu.nico...@intel.com>
> ---
> drivers/net/ixgbe/ixgbe_ethdev.c | 6 ++++--
> drivers/net/ixgbe/ixgbe_ipsec.c | 15 +++++++++++++++
> drivers/net/ixgbe/ixgbe_ipsec.h | 1 +
> 3 files changed, 20 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/ixgbe/ixgbe_ethdev.c
> b/drivers/net/ixgbe/ixgbe_ethdev.c
> index 43e0132..4f2ab2f 100644
> --- a/drivers/net/ixgbe/ixgbe_ethdev.c
> +++ b/drivers/net/ixgbe/ixgbe_ethdev.c
> @@ -3685,8 +3685,10 @@ ixgbe_dev_info_get(struct rte_eth_dev *dev, struct
> rte_eth_dev_info *dev_info)
> dev_info->tx_offload_capa |= DEV_TX_OFFLOAD_OUTER_IPV4_CKSUM;
>
> #ifdef RTE_LIBRTE_SECURITY
> - dev_info->rx_offload_capa |= DEV_RX_OFFLOAD_SECURITY;
> - dev_info->tx_offload_capa |= DEV_TX_OFFLOAD_SECURITY;
> + if (ixgbe_crypto_capable(dev)) {
> + dev_info->rx_offload_capa |= DEV_RX_OFFLOAD_SECURITY;
> + dev_info->tx_offload_capa |= DEV_TX_OFFLOAD_SECURITY;
> + }
> #endif
>
> dev_info->default_rxconf = (struct rte_eth_rxconf) {
> diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c
> index 97f025a8..a495679 100644
> --- a/drivers/net/ixgbe/ixgbe_ipsec.c
> +++ b/drivers/net/ixgbe/ixgbe_ipsec.c
> @@ -602,6 +602,21 @@ ixgbe_crypto_capabilities_get(void *device __rte_unused)
>
>
> int
> +ixgbe_crypto_capable(struct rte_eth_dev *dev)
> +{
> + struct ixgbe_hw *hw = IXGBE_DEV_PRIVATE_TO_HW(dev->data->dev_private);
> + uint32_t reg_i, reg, capable = 1;
> + /* test if rx crypto can be enabled and then write back initial value*/
> + reg_i = IXGBE_READ_REG(hw, IXGBE_SECRXCTRL);
> + IXGBE_WRITE_REG(hw, IXGBE_SECRXCTRL, 0);
> + reg = IXGBE_READ_REG(hw, IXGBE_SECRXCTRL);
> + if (reg != 0)
> + capable = 0;
> + IXGBE_WRITE_REG(hw, IXGBE_SECRXCTRL, reg_i);
> + return capable;
> +}
> +
> +int
> ixgbe_crypto_enable_ipsec(struct rte_eth_dev *dev)
> {
> struct ixgbe_hw *hw = IXGBE_DEV_PRIVATE_TO_HW(dev->data->dev_private);
> diff --git a/drivers/net/ixgbe/ixgbe_ipsec.h b/drivers/net/ixgbe/ixgbe_ipsec.h
> index acd9f3e..eeba39f 100644
> --- a/drivers/net/ixgbe/ixgbe_ipsec.h
> +++ b/drivers/net/ixgbe/ixgbe_ipsec.h
> @@ -112,6 +112,7 @@ struct ixgbe_ipsec {
>
> struct rte_security_ctx *
> ixgbe_ipsec_ctx_create(struct rte_eth_dev *dev);
> +int ixgbe_crypto_capable(struct rte_eth_dev *dev);
> int ixgbe_crypto_enable_ipsec(struct rte_eth_dev *dev);
> int ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,
> const void *ip_spec,
> --
> 2.7.5
