From nobody Tue Aug 20 12:43:50 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wp8KM2ZlFz5T4Gt; Tue, 20 Aug 2024 12:43:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wp8KL31Qsz4TJN; Tue, 20 Aug 2024 12:43:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724157830; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GToH70GJNSBL1fyAsll9Q/qAo9BZ09Jd1UWdVEI77as=; b=pt48nFBKOPEwdsYVOzZmbIoQvpPnU0uzc9OFERz+SAGKDBPLZgs3XLLTdggrqtx1zHDlIb fzm7bnwJKKQPAOAZ6/JHyapCLjLozqEfbbz694L6fAvtQLLTcW384hMfLyR/E4oB1vqz4c 3hb5Lcu5zTpNW9RYVOrfhJMXBl0gBpJmYKiMpntE7dvVYsXpx9KopzrvkhHvDtcSnRnfBt JbU3+AISknl5eJS+4j87ScGpvG2YEHAYNdvEs5T/xMv0AzRN1lsNiqpNiwJDhLolfQDZ+u CMNbEPitsV48UnEX/ZIY6oAQ6Vbo3klML4hRJmdnGykp2WG7cGxb1FNBiRHrJw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724157830; a=rsa-sha256; cv=none; b=VBuc7ted1FhC2slfUL/lAK5DI4HxGk+mgAJ1eIDzza9O/38P/Vs6otEbZn3UCDyu8sNz0y XwVwJGMCDLd/hZ5slREW6ptKDWKMlX4Xg0Zl8C1JSNxGRTEy662bcTldQA7z41iQm3x0cI F0pjJp73U9ascMmscbDXOFbzi8SVVxtn1hBjtnvqRDDrK4MLQxZfd+qXvYIpWiRCWpa7sE a5TN2uaPJ13yDT9f9/XgMLmx2EKm2bZN61W4z1svTo+2QUuc/DBamjFyfgjue1cAEnkqUD 7oXoG5eRJVMDstzwbPO7SOJuKGZCDuwdy+QRz5DDrVSEiMIwe34YtAwZ+fqh/g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724157830; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GToH70GJNSBL1fyAsll9Q/qAo9BZ09Jd1UWdVEI77as=; b=vKPtI5sfGQ1T3xIwH3RqPaq2UzCJp9zbcj3DIXGAdjV9rCxjaN6w5HRkoycT6NCOCtAFQ6 hx+We2VzfLh0ffuD2X/4pDdN0zbuGyR+gSr2yERwS9aBPb8+5ACdRtJumnCgQdpUkDoWiG 2OFIM6dbNfMH9TsM4pD3e2FUgo7UjSCsj8mCJleVaHmPreDXXFm1MW5fGZIEjKUyNaF5AI suXDWlsby2yRoDFS+l9Rhx4oL3ll38X/z0Xb0k7fePqBPHgdvR4yCOJxopJgfRhYz5bo4/ TJgKDPUSB9PCfpBqJ5yXajL93ZvKQeWgjiA1IZEKIXkBquZ9hSeETNzna46YXQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wp8KL2ZJ8z10sy; Tue, 20 Aug 2024 12:43:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KChoTP054452; Tue, 20 Aug 2024 12:43:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KChoVd054449; Tue, 20 Aug 2024 12:43:50 GMT (envelope-from git) Date: Tue, 20 Aug 2024 12:43:50 GMT Message-Id: <202408201243.47KChoVd054449@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 84abf7e26d19 - main - ipsec_offload: support vlans List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 84abf7e26d1981a26cc3cd1842d5cefeb2253754 Auto-Submitted: auto-generated The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=84abf7e26d1981a26cc3cd1842d5cefeb2253754 commit 84abf7e26d1981a26cc3cd1842d5cefeb2253754 Author: Konstantin Belousov AuthorDate: 2024-07-17 05:55:56 +0000 Commit: Konstantin Belousov CommitDate: 2024-08-20 12:42:12 +0000 ipsec_offload: support vlans Sponsored by: NVIDIA networking --- sys/net/if_vlan.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 90 insertions(+), 1 deletion(-) diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c index 4349a6c99291..45489138fdef 100644 --- a/sys/net/if_vlan.c +++ b/sys/net/if_vlan.c @@ -44,6 +44,7 @@ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_ipsec.h" #include "opt_kern_tls.h" #include "opt_vlan.h" #include "opt_ratelimit.h" @@ -184,6 +185,7 @@ struct ifvlan { void *ifv_cookie; int ifv_pflags; /* special flags we have set on parent */ int ifv_capenable; + int ifv_capenable2; int ifv_encaplen; /* encapsulation length */ int ifv_mtufudge; /* MTU fudged by this much */ int ifv_mintu; /* min transmission unit */ @@ -1750,6 +1752,7 @@ vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t vid, ifv->ifv_mintu = ETHERMIN; ifv->ifv_pflags = 0; ifv->ifv_capenable = -1; + ifv->ifv_capenable2 = -1; /* * If the parent supports the VLAN_MTU capability, @@ -2008,13 +2011,90 @@ vlan_link_state(struct ifnet *ifp) NET_EPOCH_EXIT(et); } +#ifdef IPSEC_OFFLOAD +#define VLAN_IPSEC_METHOD(exp) \ + if_t p; \ + struct ifvlan *ifv; \ + int error; \ + \ + ifv = ifp->if_softc; \ + VLAN_SLOCK(); \ + if (TRUNK(ifv) != NULL) { \ + p = PARENT(ifv); \ + if_ref(p); \ + error = p->if_ipsec_accel_m->exp; \ + if_rele(p); \ + } else { \ + error = ENXIO; \ + } \ + VLAN_SUNLOCK(); \ + return (error); + + +static int +vlan_if_spdadd(if_t ifp, void *sp, void *inp, void **priv) +{ + VLAN_IPSEC_METHOD(if_spdadd(ifp, sp, inp, priv)); +} + +static int +vlan_if_spddel(if_t ifp, void *sp, void *priv) +{ + VLAN_IPSEC_METHOD(if_spddel(ifp, sp, priv)); +} + +static int +vlan_if_sa_newkey(if_t ifp, void *sav, u_int drv_spi, void **privp) +{ + VLAN_IPSEC_METHOD(if_sa_newkey(ifp, sav, drv_spi, privp)); +} + +static int +vlan_if_sa_deinstall(if_t ifp, u_int drv_spi, void *priv) +{ + VLAN_IPSEC_METHOD(if_sa_deinstall(ifp, drv_spi, priv)); +} + +static int +vlan_if_sa_cnt(if_t ifp, void *sa, uint32_t drv_spi, void *priv, + struct seclifetime *lt) +{ + VLAN_IPSEC_METHOD(if_sa_cnt(ifp, sa, drv_spi, priv, lt)); +} + +static int +vlan_if_ipsec_hwassist(if_t ifp, void *sav, u_int drv_spi,void *priv) +{ + if_t trunk; + + NET_EPOCH_ASSERT(); + trunk = vlan_trunkdev(ifp); + if (trunk == NULL) + return (0); + return (trunk->if_ipsec_accel_m->if_hwassist(trunk, sav, + drv_spi, priv)); +} + +static const struct if_ipsec_accel_methods vlan_if_ipsec_accel_methods = { + .if_spdadd = vlan_if_spdadd, + .if_spddel = vlan_if_spddel, + .if_sa_newkey = vlan_if_sa_newkey, + .if_sa_deinstall = vlan_if_sa_deinstall, + .if_sa_cnt = vlan_if_sa_cnt, + .if_hwassist = vlan_if_ipsec_hwassist, +}; + +#undef VLAN_IPSEC_METHOD +#endif /* IPSEC_OFFLOAD */ + static void vlan_capabilities(struct ifvlan *ifv) { struct ifnet *p; struct ifnet *ifp; struct ifnet_hw_tsomax hw_tsomax; - int cap = 0, ena = 0, mena; + int cap = 0, ena = 0, mena, cap2 = 0, ena2 = 0; + int mena2 __unused; u_long hwa = 0; NET_EPOCH_ASSERT(); @@ -2025,6 +2105,7 @@ vlan_capabilities(struct ifvlan *ifv) /* Mask parent interface enabled capabilities disabled by user. */ mena = p->if_capenable & ifv->ifv_capenable; + mena2 = p->if_capenable2 & ifv->ifv_capenable2; /* * If the parent interface can do checksum offloading @@ -2129,7 +2210,15 @@ vlan_capabilities(struct ifvlan *ifv) ifp->if_capabilities = cap; ifp->if_capenable = ena; + ifp->if_capabilities2 = cap2; + ifp->if_capenable2 = ena2; ifp->if_hwassist = hwa; + +#ifdef IPSEC_OFFLOAD + cap2 |= p->if_capabilities2 & IFCAP2_BIT(IFCAP2_IPSEC_OFFLOAD); + ena2 |= mena2 & IFCAP2_BIT(IFCAP2_IPSEC_OFFLOAD); + ifp->if_ipsec_accel_m = &vlan_if_ipsec_accel_methods; +#endif } static void