change wifi driver to cypress

hc

2024-01-05 071106ecf68c401173c58808b1cf5f68cc50d390

 kernel/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
..
..
@@ -40,7 +40,7 @@
40
40
 #include "en.h"
41
41
 #include "en_accel/ipsec.h"
42
42
 #include "en_accel/ipsec_rxtx.h"
43
-
43
+#include "en_accel/ipsec_fs.h"
44
44
 
45
45
 static struct mlx5e_ipsec_sa_entry *to_ipsec_sa_entry(struct xfrm_state *x)
46
46
 {
..
..
@@ -75,18 +75,23 @@
75
75
 	return ret;
76
76
 }
77
77
 
78
-static int mlx5e_ipsec_sadb_rx_add(struct mlx5e_ipsec_sa_entry *sa_entry)
78
+static int  mlx5e_ipsec_sadb_rx_add(struct mlx5e_ipsec_sa_entry *sa_entry,
79
+				    unsigned int handle)
79
80
 {
80
81
 	struct mlx5e_ipsec *ipsec = sa_entry->ipsec;
82
+	struct mlx5e_ipsec_sa_entry *_sa_entry;
81
83
 	unsigned long flags;
82
-	int ret;
83
84
 
84
-	ret = ida_simple_get(&ipsec->halloc, 1, 0, GFP_KERNEL);
85
-	if (ret < 0)
86
-		return ret;
85
+	rcu_read_lock();
86
+	hash_for_each_possible_rcu(ipsec->sadb_rx, _sa_entry, hlist, handle)
87
+		if (_sa_entry->handle == handle) {
88
+			rcu_read_unlock();
89
+			return  -EEXIST;
90
+		}
91
+	rcu_read_unlock();
87
92
 
88
93
 	spin_lock_irqsave(&ipsec->sadb_rx_lock, flags);
89
-	sa_entry->handle = ret;
94
+	sa_entry->handle = handle;
90
95
 	hash_add_rcu(ipsec->sadb_rx, &sa_entry->hlist, sa_entry->handle);
91
96
 	spin_unlock_irqrestore(&ipsec->sadb_rx_lock, flags);
92
97
 
..
..
@@ -103,21 +108,11 @@
103
108
 	spin_unlock_irqrestore(&ipsec->sadb_rx_lock, flags);
104
109
 }
105
110
 
106
-static void mlx5e_ipsec_sadb_rx_free(struct mlx5e_ipsec_sa_entry *sa_entry)
107
-{
108
-	struct mlx5e_ipsec *ipsec = sa_entry->ipsec;
109
-
110
-	/* xfrm already doing sync rcu between del and free callbacks */
111
-
112
-	ida_simple_remove(&ipsec->halloc, sa_entry->handle);
113
-}
114
-
115
111
 static bool mlx5e_ipsec_update_esn_state(struct mlx5e_ipsec_sa_entry *sa_entry)
116
112
 {
117
113
 	struct xfrm_replay_state_esn *replay_esn;
118
-	u32 seq_bottom;
114
+	u32 seq_bottom = 0;
119
115
 	u8 overlap;
120
-	u32 *esn;
121
116
 
122
117
 	if (!(sa_entry->x->props.flags & XFRM_STATE_ESN)) {
123
118
 		sa_entry->esn_state.trigger = 0;
..
..
@@ -125,16 +120,16 @@
125
120
 	}
126
121
 
127
122
 	replay_esn = sa_entry->x->replay_esn;
128
-	seq_bottom = replay_esn->seq - replay_esn->replay_window + 1;
123
+	if (replay_esn->seq >= replay_esn->replay_window)
124
+		seq_bottom = replay_esn->seq - replay_esn->replay_window + 1;
125
+
129
126
 	overlap = sa_entry->esn_state.overlap;
130
127
 
131
128
 	sa_entry->esn_state.esn = xfrm_replay_seqhi(sa_entry->x,
132
129
 						    htonl(seq_bottom));
133
-	esn = &sa_entry->esn_state.esn;
134
130
 
135
131
 	sa_entry->esn_state.trigger = 1;
136
132
 	if (unlikely(overlap && seq_bottom < MLX5E_IPSEC_ESN_SCOPE_MID)) {
137
-		++(*esn);
138
133
 		sa_entry->esn_state.overlap = 0;
139
134
 		return true;
140
135
 	} else if (unlikely(!overlap &&
..
..
@@ -199,11 +194,19 @@
199
194
 	attrs->flags |= (x->props.mode == XFRM_MODE_TRANSPORT) ?
200
195
 			MLX5_ACCEL_ESP_FLAGS_TRANSPORT :
201
196
 			MLX5_ACCEL_ESP_FLAGS_TUNNEL;
197
+
198
+	/* spi */
199
+	attrs->spi = x->id.spi;
200
+
201
+	/* source , destination ips */
202
+	memcpy(&attrs->saddr, x->props.saddr.a6, sizeof(attrs->saddr));
203
+	memcpy(&attrs->daddr, x->id.daddr.a6, sizeof(attrs->daddr));
204
+	attrs->is_ipv6 = (x->props.family != AF_INET);
202
205
 }
203
206
 
204
207
 static inline int mlx5e_xfrm_validate_state(struct xfrm_state *x)
205
208
 {
206
-	struct net_device *netdev = x->xso.dev;
209
+	struct net_device *netdev = x->xso.real_dev;
207
210
 	struct mlx5e_priv *priv;
208
211
 
209
212
 	priv = netdev_priv(netdev);
..
..
@@ -278,14 +281,34 @@
278
281
 	return 0;
279
282
 }
280
283
 
284
+static int mlx5e_xfrm_fs_add_rule(struct mlx5e_priv *priv,
285
+				  struct mlx5e_ipsec_sa_entry *sa_entry)
286
+{
287
+	if (!mlx5_is_ipsec_device(priv->mdev))
288
+		return 0;
289
+
290
+	return mlx5e_accel_ipsec_fs_add_rule(priv, &sa_entry->xfrm->attrs,
291
+					     sa_entry->ipsec_obj_id,
292
+					     &sa_entry->ipsec_rule);
293
+}
294
+
295
+static void mlx5e_xfrm_fs_del_rule(struct mlx5e_priv *priv,
296
+				   struct mlx5e_ipsec_sa_entry *sa_entry)
297
+{
298
+	if (!mlx5_is_ipsec_device(priv->mdev))
299
+		return;
300
+
301
+	mlx5e_accel_ipsec_fs_del_rule(priv, &sa_entry->xfrm->attrs,
302
+				      &sa_entry->ipsec_rule);
303
+}
304
+
281
305
 static int mlx5e_xfrm_add_state(struct xfrm_state *x)
282
306
 {
283
307
 	struct mlx5e_ipsec_sa_entry *sa_entry = NULL;
284
-	struct net_device *netdev = x->xso.dev;
308
+	struct net_device *netdev = x->xso.real_dev;
285
309
 	struct mlx5_accel_esp_xfrm_attrs attrs;
286
310
 	struct mlx5e_priv *priv;
287
-	__be32 saddr[4] = {0}, daddr[4] = {0}, spi;
288
-	bool is_ipv6 = false;
311
+	unsigned int sa_handle;
289
312
 	int err;
290
313
 
291
314
 	priv = netdev_priv(netdev);
..
..
@@ -303,20 +326,6 @@
303
326
 	sa_entry->x = x;
304
327
 	sa_entry->ipsec = priv->ipsec;
305
328
 
306
-	/* Add the SA to handle processed incoming packets before the add SA
307
-	 * completion was received
308
-	 */
309
-	if (x->xso.flags & XFRM_OFFLOAD_INBOUND) {
310
-		err = mlx5e_ipsec_sadb_rx_add(sa_entry);
311
-		if (err) {
312
-			netdev_info(netdev, "Failed adding to SADB_RX: %d\n", err);
313
-			goto err_entry;
314
-		}
315
-	} else {
316
-		sa_entry->set_iv_op = (x->props.flags & XFRM_STATE_ESN) ?
317
-				mlx5e_ipsec_set_iv_esn : mlx5e_ipsec_set_iv;
318
-	}
319
-
320
329
 	/* check esn */
321
330
 	mlx5e_ipsec_update_esn_state(sa_entry);
322
331
 
..
..
@@ -327,41 +336,45 @@
327
336
 					   MLX5_ACCEL_XFRM_FLAG_REQUIRE_METADATA);
328
337
 	if (IS_ERR(sa_entry->xfrm)) {
329
338
 		err = PTR_ERR(sa_entry->xfrm);
330
-		goto err_sadb_rx;
339
+		goto err_sa_entry;
331
340
 	}
332
341
 
333
342
 	/* create hw context */
334
-	if (x->props.family == AF_INET) {
335
-		saddr[3] = x->props.saddr.a4;
336
-		daddr[3] = x->id.daddr.a4;
337
-	} else {
338
-		memcpy(saddr, x->props.saddr.a6, sizeof(saddr));
339
-		memcpy(daddr, x->id.daddr.a6, sizeof(daddr));
340
-		is_ipv6 = true;
341
-	}
342
-	spi = x->id.spi;
343
343
 	sa_entry->hw_context =
344
344
 			mlx5_accel_esp_create_hw_context(priv->mdev,
345
345
 							 sa_entry->xfrm,
346
-							 saddr, daddr, spi,
347
-							 is_ipv6);
346
+							 &sa_handle);
348
347
 	if (IS_ERR(sa_entry->hw_context)) {
349
348
 		err = PTR_ERR(sa_entry->hw_context);
350
349
 		goto err_xfrm;
351
350
 	}
352
351
 
352
+	sa_entry->ipsec_obj_id = sa_handle;
353
+	err = mlx5e_xfrm_fs_add_rule(priv, sa_entry);
354
+	if (err)
355
+		goto err_hw_ctx;
356
+
357
+	if (x->xso.flags & XFRM_OFFLOAD_INBOUND) {
358
+		err = mlx5e_ipsec_sadb_rx_add(sa_entry, sa_handle);
359
+		if (err)
360
+			goto err_add_rule;
361
+	} else {
362
+		sa_entry->set_iv_op = (x->props.flags & XFRM_STATE_ESN) ?
363
+				mlx5e_ipsec_set_iv_esn : mlx5e_ipsec_set_iv;
364
+	}
365
+
353
366
 	x->xso.offload_handle = (unsigned long)sa_entry;
354
367
 	goto out;
355
368
 
369
+err_add_rule:
370
+	mlx5e_xfrm_fs_del_rule(priv, sa_entry);
371
+err_hw_ctx:
372
+	mlx5_accel_esp_free_hw_context(priv->mdev, sa_entry->hw_context);
356
373
 err_xfrm:
357
374
 	mlx5_accel_esp_destroy_xfrm(sa_entry->xfrm);
358
-err_sadb_rx:
359
-	if (x->xso.flags & XFRM_OFFLOAD_INBOUND) {
360
-		mlx5e_ipsec_sadb_rx_del(sa_entry);
361
-		mlx5e_ipsec_sadb_rx_free(sa_entry);
362
-	}
363
-err_entry:
375
+err_sa_entry:
364
376
 	kfree(sa_entry);
377
+
365
378
 out:
366
379
 	return err;
367
380
 }
..
..
@@ -380,18 +393,17 @@
380
393
 static void mlx5e_xfrm_free_state(struct xfrm_state *x)
381
394
 {
382
395
 	struct mlx5e_ipsec_sa_entry *sa_entry = to_ipsec_sa_entry(x);
396
+	struct mlx5e_priv *priv = netdev_priv(x->xso.dev);
383
397
 
384
398
 	if (!sa_entry)
385
399
 		return;
386
400
 
387
401
 	if (sa_entry->hw_context) {
388
402
 		flush_workqueue(sa_entry->ipsec->wq);
389
-		mlx5_accel_esp_free_hw_context(sa_entry->hw_context);
403
+		mlx5e_xfrm_fs_del_rule(priv, sa_entry);
404
+		mlx5_accel_esp_free_hw_context(sa_entry->xfrm->mdev, sa_entry->hw_context);
390
405
 		mlx5_accel_esp_destroy_xfrm(sa_entry->xfrm);
391
406
 	}
392
-
393
-	if (x->xso.flags & XFRM_OFFLOAD_INBOUND)
394
-		mlx5e_ipsec_sadb_rx_free(sa_entry);
395
407
 
396
408
 	kfree(sa_entry);
397
409
 }
..
..
@@ -422,6 +434,8 @@
422
434
 		kfree(ipsec);
423
435
 		return -ENOMEM;
424
436
 	}
437
+
438
+	mlx5e_accel_ipsec_fs_init(priv);
425
439
 	netdev_dbg(priv->netdev, "IPSec attached to netdevice\n");
426
440
 	return 0;
427
441
 }
..
..
@@ -433,7 +447,7 @@
433
447
 	if (!ipsec)
434
448
 		return;
435
449
 
436
-	drain_workqueue(ipsec->wq);
450
+	mlx5e_accel_ipsec_fs_cleanup(priv);
437
451
 	destroy_workqueue(ipsec->wq);
438
452
 
439
453
 	ida_destroy(&ipsec->halloc);
..
..
@@ -540,6 +554,9 @@
540
554
 		return;
541
555
 	}
542
556
 
557
+	if (mlx5_is_ipsec_device(mdev))
558
+		netdev->gso_partial_features |= NETIF_F_GSO_ESP;
559
+
543
560
 	mlx5_core_dbg(mdev, "mlx5e: ESP GSO capability turned on\n");
544
561
 	netdev->features |= NETIF_F_GSO_ESP;
545
562
 	netdev->hw_features |= NETIF_F_GSO_ESP;