net/mlx5: Add MACsec priorities in RDMA namespaces

Add MACsec flow steering priorities in RDMA namespaces. This allows
adding tables/rules to forward RoCEv2 traffic to the MACsec crypto
tables in NIC_TX domain, and accept RoCEv2 traffic from NIC_RX domain.

Signed-off-by: Patrisious Haddad <phaddad@nvidia.com>
Reviewed-by: Maor Gottlieb <maorg@nvidia.com>
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
index 4ef04aa287719ee469ca8f0e47453b7929719fd1..cc27908bb1135f2b477deab0449fa54d2bfc9c69 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
@@ -224,6 +224,7 @@ static struct init_tree_node egress_root_fs = {
 
 enum {
        RDMA_RX_IPSEC_PRIO,
+       RDMA_RX_MACSEC_PRIO,
        RDMA_RX_COUNTERS_PRIO,
        RDMA_RX_BYPASS_PRIO,
        RDMA_RX_KERNEL_PRIO,
@@ -237,9 +238,13 @@ enum {
 #define RDMA_RX_KERNEL_MIN_LEVEL (RDMA_RX_BYPASS_MIN_LEVEL + 1)
 #define RDMA_RX_COUNTERS_MIN_LEVEL (RDMA_RX_KERNEL_MIN_LEVEL + 2)
 
+#define RDMA_RX_MACSEC_NUM_PRIOS 1
+#define RDMA_RX_MACSEC_PRIO_NUM_LEVELS 2
+#define RDMA_RX_MACSEC_MIN_LEVEL  (RDMA_RX_COUNTERS_MIN_LEVEL + RDMA_RX_MACSEC_NUM_PRIOS)
+
 static struct init_tree_node rdma_rx_root_fs = {
        .type = FS_TYPE_NAMESPACE,
-       .ar_size = 4,
+       .ar_size = 5,
        .children = (struct init_tree_node[]) {
                [RDMA_RX_IPSEC_PRIO] =
                ADD_PRIO(0, RDMA_RX_IPSEC_MIN_LEVEL, 0,
@@ -247,6 +252,12 @@ static struct init_tree_node rdma_rx_root_fs = {
                         ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,
                                ADD_MULTIPLE_PRIO(RDMA_RX_IPSEC_NUM_PRIOS,
                                                  RDMA_RX_IPSEC_NUM_LEVELS))),
+               [RDMA_RX_MACSEC_PRIO] =
+               ADD_PRIO(0, RDMA_RX_MACSEC_MIN_LEVEL, 0,
+                        FS_CHAINING_CAPS,
+                        ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,
+                               ADD_MULTIPLE_PRIO(RDMA_RX_MACSEC_NUM_PRIOS,
+                                                 RDMA_RX_MACSEC_PRIO_NUM_LEVELS))),
                [RDMA_RX_COUNTERS_PRIO] =
                ADD_PRIO(0, RDMA_RX_COUNTERS_MIN_LEVEL, 0,
                         FS_CHAINING_CAPS,
@@ -270,6 +281,7 @@ static struct init_tree_node rdma_rx_root_fs = {
 enum {
        RDMA_TX_COUNTERS_PRIO,
        RDMA_TX_IPSEC_PRIO,
+       RDMA_TX_MACSEC_PRIO,
        RDMA_TX_BYPASS_PRIO,
 };
 
@@ -280,9 +292,13 @@ enum {
 #define RDMA_TX_IPSEC_PRIO_NUM_LEVELS 1
 #define RDMA_TX_IPSEC_MIN_LEVEL  (RDMA_TX_COUNTERS_MIN_LEVEL + RDMA_TX_IPSEC_NUM_PRIOS)
 
+#define RDMA_TX_MACSEC_NUM_PRIOS 1
+#define RDMA_TX_MACESC_PRIO_NUM_LEVELS 1
+#define RDMA_TX_MACSEC_MIN_LEVEL  (RDMA_TX_COUNTERS_MIN_LEVEL + RDMA_TX_MACSEC_NUM_PRIOS)
+
 static struct init_tree_node rdma_tx_root_fs = {
        .type = FS_TYPE_NAMESPACE,
-       .ar_size = 3,
+       .ar_size = 4,
        .children = (struct init_tree_node[]) {
                [RDMA_TX_COUNTERS_PRIO] =
                ADD_PRIO(0, RDMA_TX_COUNTERS_MIN_LEVEL, 0,
@@ -296,7 +312,12 @@ static struct init_tree_node rdma_tx_root_fs = {
                         ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,
                                ADD_MULTIPLE_PRIO(RDMA_TX_IPSEC_NUM_PRIOS,
                                                  RDMA_TX_IPSEC_PRIO_NUM_LEVELS))),
-
+               [RDMA_TX_MACSEC_PRIO] =
+               ADD_PRIO(0, RDMA_TX_MACSEC_MIN_LEVEL, 0,
+                        FS_CHAINING_CAPS,
+                        ADD_NS(MLX5_FLOW_TABLE_MISS_ACTION_DEF,
+                               ADD_MULTIPLE_PRIO(RDMA_TX_MACSEC_NUM_PRIOS,
+                                                 RDMA_TX_MACESC_PRIO_NUM_LEVELS))),
                [RDMA_TX_BYPASS_PRIO] =
                ADD_PRIO(0, RDMA_TX_BYPASS_MIN_LEVEL, 0,
                         FS_CHAINING_CAPS_RDMA_TX,
@@ -2403,6 +2424,14 @@ struct mlx5_flow_namespace *mlx5_get_flow_namespace(struct mlx5_core_dev *dev,
                root_ns = steering->rdma_tx_root_ns;
                prio = RDMA_TX_IPSEC_PRIO;
                break;
+       case MLX5_FLOW_NAMESPACE_RDMA_RX_MACSEC:
+               root_ns = steering->rdma_rx_root_ns;
+               prio = RDMA_RX_MACSEC_PRIO;
+               break;
+       case MLX5_FLOW_NAMESPACE_RDMA_TX_MACSEC:
+               root_ns = steering->rdma_tx_root_ns;
+               prio = RDMA_TX_MACSEC_PRIO;
+               break;
        default: /* Must be NIC RX */
                WARN_ON(!is_nic_rx_ns(type));
                root_ns = steering->root_ns;

diff --git a/include/linux/mlx5/fs.h b/include/linux/mlx5/fs.h
index 2cb404c7ea1312b228f4a3ac918b6803bfb8390b..091ff1240959a670724a06c6e3f15e89e306e169 100644 (file)
--- a/include/linux/mlx5/fs.h
+++ b/include/linux/mlx5/fs.h
@@ -105,6 +105,8 @@ enum mlx5_flow_namespace_type {
        MLX5_FLOW_NAMESPACE_RDMA_TX_COUNTERS,
        MLX5_FLOW_NAMESPACE_RDMA_RX_IPSEC,
        MLX5_FLOW_NAMESPACE_RDMA_TX_IPSEC,
+       MLX5_FLOW_NAMESPACE_RDMA_RX_MACSEC,
+       MLX5_FLOW_NAMESPACE_RDMA_TX_MACSEC,
 };
 
 enum {