mbox series

[net-next,00/12] mlx5 TLS TX HW offload support

Message ID 1562340622-4423-1-git-send-email-tariqt@mellanox.com
Headers show
Series mlx5 TLS TX HW offload support | expand

Message

Tariq Toukan July 5, 2019, 3:30 p.m. UTC 
Hi Dave,

This series from Eran and me, adds TLS TX HW offload support to
the mlx5 driver.

This offloads the kTLS encryption process from kernel to the 
Mellanox NIC, saving CPU cycles and improving utilization.

Upon a new TLS connection request, driver is responsible to create
a dedicated HW context and configure it according to the crypto info,
so HW can do the encryption itself.

When the HW context gets out-of-sync (i.e. due to packets retransmission),
driver is responsible for the re-sync process.
This is done by posting special resync descriptors to the HW.

Feature is supported on Mellanox Connect-X 6DX, and newer.
Series was tested on SimX simulator.

Series generated against net-next commit [1], with Saeed's request pulled [2]:

[1] c4cde5804d51 Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
[2] git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux.git tags/mlx5-updates-2019-07-04-v2

Changes from last pull request:
Fixed comments from Jakub:
Patch 4:
- Replace zero  memset with a call to memzero_explicit().
Patch 11:
- Fix stats counters names.
- Drop TLS SKB with non-matching netdev.

Regards,
Tariq

Eran Ben Elisha (1):
  net/mlx5e: Tx, Don't implicitly assume SKB-less wqe has one WQEBB

Tariq Toukan (11):
  net/mlx5: Accel, Expose accel wrapper for IPsec FPGA function
  net/mlx5: Kconfig, Better organize compilation flags
  net/mlx5: Add crypto library to support create/destroy encryption key
  net/mlx5: Accel, Add core TLS support for the Connect-X family
  net/mlx5e: Move helper functions to a new txrx datapath header
  net/mlx5e: Tx, Enforce L4 inline copy when needed
  net/mlx5e: Tx, Make SQ WQE fetch function type generic
  net/mlx5e: Tx, Unconstify SQ stop room
  net/mlx5e: Re-work TIS creation functions
  net/mlx5e: Introduce a fenced NOP WQE posting function
  net/mlx5e: Add kTLS TX HW offload support

 drivers/net/ethernet/mellanox/mlx5/core/Kconfig    |  52 ++-
 drivers/net/ethernet/mellanox/mlx5/core/Makefile   |  10 +-
 .../net/ethernet/mellanox/mlx5/core/accel/ipsec.c  |   9 +
 .../net/ethernet/mellanox/mlx5/core/accel/ipsec.h  |   7 +-
 .../net/ethernet/mellanox/mlx5/core/accel/tls.c    |  45 +-
 .../net/ethernet/mellanox/mlx5/core/accel/tls.h    |  51 ++-
 drivers/net/ethernet/mellanox/mlx5/core/en.h       | 114 +----
 drivers/net/ethernet/mellanox/mlx5/core/en/txrx.h  | 208 ++++++++++
 drivers/net/ethernet/mellanox/mlx5/core/en/xdp.h   |   1 +
 .../mellanox/mlx5/core/en_accel/en_accel.h         |   1 +
 .../mellanox/mlx5/core/en_accel/ipsec_rxtx.h       |   1 +
 .../ethernet/mellanox/mlx5/core/en_accel/ktls.c    |  93 +++++
 .../ethernet/mellanox/mlx5/core/en_accel/ktls.h    |  97 +++++
 .../ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c | 459 +++++++++++++++++++++
 .../net/ethernet/mellanox/mlx5/core/en_accel/tls.c |   5 +
 .../net/ethernet/mellanox/mlx5/core/en_accel/tls.h |  11 +-
 .../mellanox/mlx5/core/en_accel/tls_rxtx.c         |   7 +-
 .../mellanox/mlx5/core/en_accel/tls_rxtx.h         |   1 +
 drivers/net/ethernet/mellanox/mlx5/core/en_main.c  |  27 +-
 drivers/net/ethernet/mellanox/mlx5/core/en_stats.c |  28 +-
 drivers/net/ethernet/mellanox/mlx5/core/en_stats.h |  14 +
 drivers/net/ethernet/mellanox/mlx5/core/en_tx.c    |  98 ++---
 .../net/ethernet/mellanox/mlx5/core/fpga/ipsec.h   |  75 ----
 drivers/net/ethernet/mellanox/mlx5/core/fw.c       |   6 +
 .../net/ethernet/mellanox/mlx5/core/ipoib/ipoib.c  |  14 +-
 .../net/ethernet/mellanox/mlx5/core/ipoib/ipoib.h  |   2 +
 .../ethernet/mellanox/mlx5/core/ipoib/ipoib_vlan.c |   2 +-
 .../net/ethernet/mellanox/mlx5/core/lib/crypto.c   |  72 ++++
 drivers/net/ethernet/mellanox/mlx5/core/lib/mlx5.h |   5 +
 drivers/net/ethernet/mellanox/mlx5/core/main.c     |   2 +-
 include/linux/mlx5/accel.h                         |   2 +-
 31 files changed, 1232 insertions(+), 287 deletions(-)
 create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en/txrx.h
 create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.c
 create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.h
 create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c
 create mode 100644 drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.c

Comments

Jakub Kicinski July 5, 2019, 8:19 p.m. UTC | #1 
On Fri,  5 Jul 2019 18:30:10 +0300, Tariq Toukan wrote:
> Hi Dave,
> 
> This series from Eran and me, adds TLS TX HW offload support to
> the mlx5 driver.
> 
> This offloads the kTLS encryption process from kernel to the 
> Mellanox NIC, saving CPU cycles and improving utilization.
> 
> Upon a new TLS connection request, driver is responsible to create
> a dedicated HW context and configure it according to the crypto info,
> so HW can do the encryption itself.
> 
> When the HW context gets out-of-sync (i.e. due to packets retransmission),
> driver is responsible for the re-sync process.
> This is done by posting special resync descriptors to the HW.
> 
> Feature is supported on Mellanox Connect-X 6DX, and newer.
> Series was tested on SimX simulator.
> 
> Series generated against net-next commit [1], with Saeed's request pulled [2]:
> 
> [1] c4cde5804d51 Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
> [2] git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux.git tags/mlx5-updates-2019-07-04-v2
> 
> Changes from last pull request:
> Fixed comments from Jakub:
> Patch 4:
> - Replace zero  memset with a call to memzero_explicit().
> Patch 11:
> - Fix stats counters names.
> - Drop TLS SKB with non-matching netdev.

You guys probably really want to make 5.3 with this, so please feel free
to follow up on the comments to patch 12 separately.

Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
David Miller July 5, 2019, 11:29 p.m. UTC | #2 
From: Tariq Toukan <tariqt@mellanox.com>
Date: Fri,  5 Jul 2019 18:30:10 +0300

> This series from Eran and me, adds TLS TX HW offload support to
> the mlx5 driver.

Series applied, please deal with any further feedback you get from
Jakub et al.

Thanks.
Tariq Toukan July 7, 2019, 6:44 a.m. UTC | #3 
On 7/6/2019 2:29 AM, David Miller wrote:
> From: Tariq Toukan <tariqt@mellanox.com>
> Date: Fri,  5 Jul 2019 18:30:10 +0300
> 
>> This series from Eran and me, adds TLS TX HW offload support to
>> the mlx5 driver.
> 
> Series applied, please deal with any further feedback you get from
> Jakub et al.
> 
> Thanks.
> 

I will followup with patches addressing Jakub's feedback.

Thanks,
Tariq
Jakub Kicinski July 17, 2019, 5:41 p.m. UTC | #4 
On Sun, 7 Jul 2019 06:44:27 +0000, Tariq Toukan wrote:
> On 7/6/2019 2:29 AM, David Miller wrote:
> > From: Tariq Toukan <tariqt@mellanox.com>
> > Date: Fri,  5 Jul 2019 18:30:10 +0300
> >   
> >> This series from Eran and me, adds TLS TX HW offload support to
> >> the mlx5 driver.  
> > 
> > Series applied, please deal with any further feedback you get from
> > Jakub et al.
> 
> I will followup with patches addressing Jakub's feedback.

Ping.
Tariq Toukan July 18, 2019, 7:40 a.m. UTC | #5 
On 7/17/2019 8:41 PM, Jakub Kicinski wrote:
> On Sun, 7 Jul 2019 06:44:27 +0000, Tariq Toukan wrote:
>> On 7/6/2019 2:29 AM, David Miller wrote:
>>> From: Tariq Toukan <tariqt@mellanox.com>
>>> Date: Fri,  5 Jul 2019 18:30:10 +0300
>>>    
>>>> This series from Eran and me, adds TLS TX HW offload support to
>>>> the mlx5 driver.
>>>
>>> Series applied, please deal with any further feedback you get from
>>> Jakub et al.
>>
>> I will followup with patches addressing Jakub's feedback.
> 
> Ping.
> 

Hi Jakub,

I'm waiting for the window to open:
http://vger.kernel.org/~davem/net-next.html

Do you think these can already go to net as fixes?

Regards,
Tariq
Jakub Kicinski July 18, 2019, 5:08 p.m. UTC | #6 
On Thu, 18 Jul 2019 07:40:22 +0000, Tariq Toukan wrote:
> On 7/17/2019 8:41 PM, Jakub Kicinski wrote:
> > On Sun, 7 Jul 2019 06:44:27 +0000, Tariq Toukan wrote:  
> >> On 7/6/2019 2:29 AM, David Miller wrote:  
> >>> From: Tariq Toukan <tariqt@mellanox.com>
> >>> Date: Fri,  5 Jul 2019 18:30:10 +0300
> >>>      
> >>>> This series from Eran and me, adds TLS TX HW offload support to
> >>>> the mlx5 driver.  
> >>>
> >>> Series applied, please deal with any further feedback you get from
> >>> Jakub et al.  
> >>
> >> I will followup with patches addressing Jakub's feedback.  
> > 
> > Ping.
> >   
> 
> Hi Jakub,
> 
> I'm waiting for the window to open:
> http://vger.kernel.org/~davem/net-next.html
> 
> Do you think these can already go to net as fixes?

Yes, certainly. It's documentation and renaming a stat before it makes
it into an official release.
David Miller July 18, 2019, 7:09 p.m. UTC | #7 
From: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Thu, 18 Jul 2019 10:08:47 -0700

> Yes, certainly. It's documentation and renaming a stat before it makes
> it into an official release.

Agreed.
Tariq Toukan July 21, 2019, 3:19 p.m. UTC | #8 
On 7/18/2019 10:09 PM, David Miller wrote:
> From: Jakub Kicinski <jakub.kicinski@netronome.com>
> Date: Thu, 18 Jul 2019 10:08:47 -0700
> 
>> Yes, certainly. It's documentation and renaming a stat before it makes
>> it into an official release.
> 
> Agreed.
> 

Ack.
I'll prepare and send this week.

Tariq