forked from Minki/linux
net: atlantic: MACSec ingress offload HW bindings
This patch adds the Atlantic HW-specific bindings for MACSec ingress, e.g. register addresses / structs, helper function, etc, which will be used by actual callback implementations. Signed-off-by: Mark Starovoytov <mstarovoitov@marvell.com> Signed-off-by: Igor Russkikh <irusskikh@marvell.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
27736563ce
commit
b8f8a0b7b5
@ -0,0 +1,77 @@
|
||||
/* SPDX-License-Identifier: GPL-2.0-only */
|
||||
/* Atlantic Network Driver
|
||||
* Copyright (C) 2020 Marvell International Ltd.
|
||||
*/
|
||||
|
||||
#ifndef MSS_INGRESS_REGS_HEADER
|
||||
#define MSS_INGRESS_REGS_HEADER
|
||||
|
||||
#define MSS_INGRESS_CTL_REGISTER_ADDR 0x0000800E
|
||||
#define MSS_INGRESS_LUT_ADDR_CTL_REGISTER_ADDR 0x00008080
|
||||
#define MSS_INGRESS_LUT_CTL_REGISTER_ADDR 0x00008081
|
||||
#define MSS_INGRESS_LUT_DATA_CTL_REGISTER_ADDR 0x000080A0
|
||||
|
||||
struct mss_ingress_ctl_register {
|
||||
union {
|
||||
struct {
|
||||
unsigned int soft_reset : 1;
|
||||
unsigned int operation_point_to_point : 1;
|
||||
unsigned int create_sci : 1;
|
||||
/* Unused */
|
||||
unsigned int mask_short_length_error : 1;
|
||||
unsigned int drop_kay_packet : 1;
|
||||
unsigned int drop_igprc_miss : 1;
|
||||
/* Unused */
|
||||
unsigned int check_icv : 1;
|
||||
unsigned int clear_global_time : 1;
|
||||
unsigned int clear_count : 1;
|
||||
unsigned int high_prio : 1;
|
||||
unsigned int remove_sectag : 1;
|
||||
unsigned int global_validate_frames : 2;
|
||||
unsigned int icv_lsb_8bytes_enabled : 1;
|
||||
unsigned int reserved0 : 2;
|
||||
} bits_0;
|
||||
unsigned short word_0;
|
||||
};
|
||||
union {
|
||||
struct {
|
||||
unsigned int reserved0 : 16;
|
||||
} bits_1;
|
||||
unsigned short word_1;
|
||||
};
|
||||
};
|
||||
|
||||
struct mss_ingress_lut_addr_ctl_register {
|
||||
union {
|
||||
struct {
|
||||
unsigned int lut_addr : 9;
|
||||
unsigned int reserved0 : 3;
|
||||
/* 0x0 : Ingress Pre-Security MAC Control FIlter
|
||||
* (IGPRCTLF) LUT
|
||||
* 0x1 : Ingress Pre-Security Classification LUT (IGPRC)
|
||||
* 0x2 : Ingress Packet Format (IGPFMT) SAKey LUT
|
||||
* 0x3 : Ingress Packet Format (IGPFMT) SC/SA LUT
|
||||
* 0x4 : Ingress Post-Security Classification LUT
|
||||
* (IGPOC)
|
||||
* 0x5 : Ingress Post-Security MAC Control Filter
|
||||
* (IGPOCTLF) LUT
|
||||
* 0x6 : Ingress MIB (IGMIB)
|
||||
*/
|
||||
unsigned int lut_select : 4;
|
||||
} bits_0;
|
||||
unsigned short word_0;
|
||||
};
|
||||
};
|
||||
|
||||
struct mss_ingress_lut_ctl_register {
|
||||
union {
|
||||
struct {
|
||||
unsigned int reserved0 : 14;
|
||||
unsigned int lut_read : 1;
|
||||
unsigned int lut_write : 1;
|
||||
} bits_0;
|
||||
unsigned short word_0;
|
||||
};
|
||||
};
|
||||
|
||||
#endif /* MSS_INGRESS_REGS_HEADER */
|
File diff suppressed because it is too large
Load Diff
@ -9,6 +9,27 @@
|
||||
#include "aq_hw.h"
|
||||
#include "macsec_struct.h"
|
||||
|
||||
#define NUMROWS_INGRESSPRECTLFRECORD 24
|
||||
#define ROWOFFSET_INGRESSPRECTLFRECORD 0
|
||||
|
||||
#define NUMROWS_INGRESSPRECLASSRECORD 48
|
||||
#define ROWOFFSET_INGRESSPRECLASSRECORD 0
|
||||
|
||||
#define NUMROWS_INGRESSPOSTCLASSRECORD 48
|
||||
#define ROWOFFSET_INGRESSPOSTCLASSRECORD 0
|
||||
|
||||
#define NUMROWS_INGRESSSCRECORD 32
|
||||
#define ROWOFFSET_INGRESSSCRECORD 0
|
||||
|
||||
#define NUMROWS_INGRESSSARECORD 32
|
||||
#define ROWOFFSET_INGRESSSARECORD 32
|
||||
|
||||
#define NUMROWS_INGRESSSAKEYRECORD 32
|
||||
#define ROWOFFSET_INGRESSSAKEYRECORD 0
|
||||
|
||||
#define NUMROWS_INGRESSPOSTCTLFRECORD 24
|
||||
#define ROWOFFSET_INGRESSPOSTCTLFRECORD 0
|
||||
|
||||
#define NUMROWS_EGRESSCTLFRECORD 24
|
||||
#define ROWOFFSET_EGRESSCTLFRECORD 0
|
||||
|
||||
@ -114,6 +135,133 @@ int aq_mss_set_egress_sakey_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_egress_sakey_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress
|
||||
* Pre-MACSec CTL Filter table, and unpack it into the fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 23).
|
||||
*/
|
||||
int aq_mss_get_ingress_prectlf_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_prectlf_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress Pre-MACSec CTL Filter table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 23).
|
||||
*/
|
||||
int aq_mss_set_ingress_prectlf_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_prectlf_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress
|
||||
* Pre-MACSec Packet Classifier table, and unpack it into the fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 47).
|
||||
*/
|
||||
int aq_mss_get_ingress_preclass_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_preclass_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress Pre-MACSec Packet Classifier table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 47).
|
||||
*/
|
||||
int aq_mss_set_ingress_preclass_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_preclass_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress SC
|
||||
* Lookup table, and unpack it into the fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 31).
|
||||
*/
|
||||
int aq_mss_get_ingress_sc_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_sc_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress SC Lookup table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 31).
|
||||
*/
|
||||
int aq_mss_set_ingress_sc_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_sc_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress SA
|
||||
* Lookup table, and unpack it into the fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 31).
|
||||
*/
|
||||
int aq_mss_get_ingress_sa_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_sa_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress SA Lookup table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 31).
|
||||
*/
|
||||
int aq_mss_set_ingress_sa_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_sa_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress SA
|
||||
* Key Lookup table, and unpack it into the fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 31).
|
||||
*/
|
||||
int aq_mss_get_ingress_sakey_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_sakey_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress SA Key Lookup table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 31).
|
||||
*/
|
||||
int aq_mss_set_ingress_sakey_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_sakey_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress
|
||||
* Post-MACSec Packet Classifier table, and unpack it into the
|
||||
* fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 48).
|
||||
*/
|
||||
int aq_mss_get_ingress_postclass_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_postclass_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress Post-MACSec Packet Classifier table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 48).
|
||||
*/
|
||||
int aq_mss_set_ingress_postclass_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_postclass_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Read the raw table data from the specified row of the Ingress
|
||||
* Post-MACSec CTL Filter table, and unpack it into the fields of rec.
|
||||
* rec - [OUT] The raw table row data will be unpacked into the fields of rec.
|
||||
* table_index - The table row to read (max 23).
|
||||
*/
|
||||
int aq_mss_get_ingress_postctlf_record(struct aq_hw_s *hw,
|
||||
struct aq_mss_ingress_postctlf_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Pack the fields of rec, and write the packed data into the
|
||||
* specified row of the Ingress Post-MACSec CTL Filter table.
|
||||
* rec - [IN] The bitfield values to write to the table row.
|
||||
* table_index - The table row to write(max 23).
|
||||
*/
|
||||
int aq_mss_set_ingress_postctlf_record(struct aq_hw_s *hw,
|
||||
const struct aq_mss_ingress_postctlf_record *rec,
|
||||
u16 table_index);
|
||||
|
||||
/*! Get Egress SA expired. */
|
||||
int aq_mss_get_egress_sa_expired(struct aq_hw_s *hw, u32 *expired);
|
||||
/*! Get Egress SA threshold expired. */
|
||||
|
@ -314,4 +314,387 @@ struct aq_mss_egress_sakey_record {
|
||||
u32 key[8];
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress Pre-MACSec
|
||||
* CTL Filter table.
|
||||
*/
|
||||
struct aq_mss_ingress_prectlf_record {
|
||||
/*! This is used to store the 48 bit value used to compare SA, DA
|
||||
* or halfDA+half SA value.
|
||||
*/
|
||||
u32 sa_da[2];
|
||||
/*! This is used to store the 16 bit ethertype value used for
|
||||
* comparison.
|
||||
*/
|
||||
u32 eth_type;
|
||||
/*! The match mask is per-nibble. 0 means don't care, i.e. every
|
||||
* value will match successfully. The total data is 64 bit, i.e.
|
||||
* 16 nibbles masks.
|
||||
*/
|
||||
u32 match_mask;
|
||||
/*! 0: No compare, i.e. This entry is not used
|
||||
* 1: compare DA only
|
||||
* 2: compare SA only
|
||||
* 3: compare half DA + half SA
|
||||
* 4: compare ether type only
|
||||
* 5: compare DA + ethertype
|
||||
* 6: compare SA + ethertype
|
||||
* 7: compare DA+ range.
|
||||
*/
|
||||
u32 match_type;
|
||||
/*! 0: Bypass the remaining modules if matched.
|
||||
* 1: Forward to next module for more classifications.
|
||||
*/
|
||||
u32 action;
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress Pre-MACSec
|
||||
* Packet Classifier table.
|
||||
*/
|
||||
struct aq_mss_ingress_preclass_record {
|
||||
/*! The 64 bit SCI field used to compare with extracted value.
|
||||
* Should have SCI value in case TCI[SCI_SEND] == 0. This will be
|
||||
* used for ICV calculation.
|
||||
*/
|
||||
u32 sci[2];
|
||||
/*! The 8 bit TCI field used to compare with extracted value. */
|
||||
u32 tci;
|
||||
/*! 8 bit encryption offset. */
|
||||
u32 encr_offset;
|
||||
/*! The 16 bit Ethertype (in the clear) field used to compare with
|
||||
* extracted value.
|
||||
*/
|
||||
u32 eth_type;
|
||||
/*! This is to specify the 40bit SNAP header if the SNAP header's
|
||||
* mask is enabled.
|
||||
*/
|
||||
u32 snap[2];
|
||||
/*! This is to specify the 24bit LLC header if the LLC header's
|
||||
* mask is enabled.
|
||||
*/
|
||||
u32 llc;
|
||||
/*! The 48 bit MAC_SA field used to compare with extracted value. */
|
||||
u32 mac_sa[2];
|
||||
/*! The 48 bit MAC_DA field used to compare with extracted value. */
|
||||
u32 mac_da[2];
|
||||
/*! 0: this is to compare with non-LPBK packet
|
||||
* 1: this is to compare with LPBK packet.
|
||||
* This value is used to compare with a controlled-tag which goes
|
||||
* with the packet when looped back from Egress port.
|
||||
*/
|
||||
u32 lpbk_packet;
|
||||
/*! The value of this bit mask will affects how the SC index and SA
|
||||
* index created.
|
||||
* 2'b00: 1 SC has 4 SA.
|
||||
* SC index is equivalent to {SC_Index[4:2], 1'b0}.
|
||||
* SA index is equivalent to {SC_Index[4:2], SECTAG's AN[1:0]}
|
||||
* Here AN bits are not compared.
|
||||
* 2'b10: 1 SC has 2 SA.
|
||||
* SC index is equivalent to SC_Index[4:1]
|
||||
* SA index is equivalent to {SC_Index[4:1], SECTAG's AN[0]}
|
||||
* Compare AN[1] field only
|
||||
* 2'b11: 1 SC has 1 SA. No SC entry exists for the specific SA.
|
||||
* SA index is equivalent to SC_Index[4:0]
|
||||
* AN[1:0] bits are compared.
|
||||
* NOTE: This design is to supports different usage of AN. User
|
||||
* can either ping-pong buffer 2 SA by using only the AN[0] bit.
|
||||
* Or use 4 SA per SC by use AN[1:0] bits. Or even treat each SA
|
||||
* as independent. i.e. AN[1:0] is just another matching pointer
|
||||
* to select SA.
|
||||
*/
|
||||
u32 an_mask;
|
||||
/*! This is bit mask to enable comparison the upper 6 bits TCI
|
||||
* field, which does not include the AN field.
|
||||
* 0: don't compare
|
||||
* 1: enable comparison of the bits.
|
||||
*/
|
||||
u32 tci_mask;
|
||||
/*! 0: don't care
|
||||
* 1: enable comparison of SCI.
|
||||
*/
|
||||
u32 sci_mask;
|
||||
/*! Mask is per-byte.
|
||||
* 0: don't care
|
||||
* 1: enable comparison of Ethertype.
|
||||
*/
|
||||
u32 eth_type_mask;
|
||||
/*! Mask is per-byte.
|
||||
* 0: don't care and no SNAP header exist.
|
||||
* 1: compare the SNAP header.
|
||||
* If this bit is set to 1, the extracted filed will assume the
|
||||
* SNAP header exist as encapsulated in 802.3 (RFC 1042). I.E. the
|
||||
* next 5 bytes after the the LLC header is SNAP header.
|
||||
*/
|
||||
u32 snap_mask;
|
||||
/*! Mask is per-byte.
|
||||
* 0: don't care and no LLC header exist.
|
||||
* 1: compare the LLC header.
|
||||
* If this bit is set to 1, the extracted filed will assume the
|
||||
* LLC header exist as encapsulated in 802.3 (RFC 1042). I.E. the
|
||||
* next three bytes after the 802.3MAC header is LLC header.
|
||||
*/
|
||||
u32 llc_mask;
|
||||
/*! Reserved. This bit should be always 0. */
|
||||
u32 _802_2_encapsulate;
|
||||
/*! Mask is per-byte.
|
||||
* 0: don't care
|
||||
* 1: enable comparison of MAC_SA.
|
||||
*/
|
||||
u32 sa_mask;
|
||||
/*! Mask is per-byte.
|
||||
* 0: don't care
|
||||
* 1: enable comparison of MAC_DA.
|
||||
*/
|
||||
u32 da_mask;
|
||||
/*! 0: don't care
|
||||
* 1: enable checking if this is loopback packet or not.
|
||||
*/
|
||||
u32 lpbk_mask;
|
||||
/*! If packet matches and tagged as controlled-packet. This SC/SA
|
||||
* index is used for later SC and SA table lookup.
|
||||
*/
|
||||
u32 sc_idx;
|
||||
/*! 0: the packets will be sent to MAC FIFO
|
||||
* 1: The packets will be sent to Debug/Loopback FIFO.
|
||||
* If the above's action is drop. This bit has no meaning.
|
||||
*/
|
||||
u32 proc_dest;
|
||||
/*! 0: Process: Forward to next two modules for 802.1AE decryption.
|
||||
* 1: Process but keep SECTAG: Forward to next two modules for
|
||||
* 802.1AE decryption but keep the MACSEC header with added error
|
||||
* code information. ICV will be stripped for all control packets.
|
||||
* 2: Bypass: Bypass the next two decryption modules but processed
|
||||
* by post-classification.
|
||||
* 3: Drop: drop this packet and update counts accordingly.
|
||||
*/
|
||||
u32 action;
|
||||
/*! 0: This is a controlled-port packet if matched.
|
||||
* 1: This is an uncontrolled-port packet if matched.
|
||||
*/
|
||||
u32 ctrl_unctrl;
|
||||
/*! Use the SCI value from the Table if 'SC' bit of the input
|
||||
* packet is not present.
|
||||
*/
|
||||
u32 sci_from_table;
|
||||
/*! Reserved. */
|
||||
u32 reserved;
|
||||
/*! 0: Not valid entry. This entry is not used
|
||||
* 1: valid entry.
|
||||
*/
|
||||
u32 valid;
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress SC Lookup table. */
|
||||
struct aq_mss_ingress_sc_record {
|
||||
/*! This is to specify when the SC was first used. Set by HW. */
|
||||
u32 stop_time;
|
||||
/*! This is to specify when the SC was first used. Set by HW. */
|
||||
u32 start_time;
|
||||
/*! 0: Strict
|
||||
* 1: Check
|
||||
* 2: Disabled.
|
||||
*/
|
||||
u32 validate_frames;
|
||||
/*! 1: Replay control enabled.
|
||||
* 0: replay control disabled.
|
||||
*/
|
||||
u32 replay_protect;
|
||||
/*! This is to specify the window range for anti-replay. Default is 0.
|
||||
* 0: is strict order enforcement.
|
||||
*/
|
||||
u32 anti_replay_window;
|
||||
/*! 0: when none of the SA related to SC has inUse set.
|
||||
* 1: when either of the SA related to the SC has inUse set.
|
||||
* This bit is set by HW.
|
||||
*/
|
||||
u32 receiving;
|
||||
/*! 0: when hardware processed the SC for the first time, it clears
|
||||
* this bit
|
||||
* 1: This bit is set by SW, when it sets up the SC.
|
||||
*/
|
||||
u32 fresh;
|
||||
/*! 0: The AN number will not automatically roll over if Next_PN is
|
||||
* saturated.
|
||||
* 1: The AN number will automatically roll over if Next_PN is
|
||||
* saturated.
|
||||
* Rollover is valid only after expiry. Normal roll over between
|
||||
* SA's should be normal process.
|
||||
*/
|
||||
u32 an_rol;
|
||||
/*! Reserved. */
|
||||
u32 reserved;
|
||||
/*! 0: Invalid SC
|
||||
* 1: Valid SC.
|
||||
*/
|
||||
u32 valid;
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress SA Lookup table. */
|
||||
struct aq_mss_ingress_sa_record {
|
||||
/*! This is to specify when the SC was first used. Set by HW. */
|
||||
u32 stop_time;
|
||||
/*! This is to specify when the SC was first used. Set by HW. */
|
||||
u32 start_time;
|
||||
/*! This is updated by HW to store the expected NextPN number for
|
||||
* anti-replay.
|
||||
*/
|
||||
u32 next_pn;
|
||||
/*! The Next_PN number is going to wrapped around from 0XFFFF_FFFF
|
||||
* to 0. set by HW.
|
||||
*/
|
||||
u32 sat_nextpn;
|
||||
/*! 0: This SA is not yet used.
|
||||
* 1: This SA is inUse.
|
||||
*/
|
||||
u32 in_use;
|
||||
/*! 0: when hardware processed the SC for the first time, it clears
|
||||
* this timer
|
||||
* 1: This bit is set by SW, when it sets up the SC.
|
||||
*/
|
||||
u32 fresh;
|
||||
/*! Reserved. */
|
||||
u32 reserved;
|
||||
/*! 0: Invalid SA.
|
||||
* 1: Valid SA.
|
||||
*/
|
||||
u32 valid;
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress SA Key
|
||||
* Lookup table.
|
||||
*/
|
||||
struct aq_mss_ingress_sakey_record {
|
||||
/*! Key for AES-GCM processing. */
|
||||
u32 key[8];
|
||||
/*! AES key size
|
||||
* 00 - 128bits
|
||||
* 01 - 192bits
|
||||
* 10 - 256bits
|
||||
* 11 - reserved.
|
||||
*/
|
||||
u32 key_len;
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress Post-
|
||||
* MACSec Packet Classifier table.
|
||||
*/
|
||||
struct aq_mss_ingress_postclass_record {
|
||||
/*! The 8 bit value used to compare with extracted value for byte 0. */
|
||||
u32 byte0;
|
||||
/*! The 8 bit value used to compare with extracted value for byte 1. */
|
||||
u32 byte1;
|
||||
/*! The 8 bit value used to compare with extracted value for byte 2. */
|
||||
u32 byte2;
|
||||
/*! The 8 bit value used to compare with extracted value for byte 3. */
|
||||
u32 byte3;
|
||||
/*! Ethertype in the packet. */
|
||||
u32 eth_type;
|
||||
/*! Ether Type value > 1500 (0x5dc). */
|
||||
u32 eth_type_valid;
|
||||
/*! VLAN ID after parsing. */
|
||||
u32 vlan_id;
|
||||
/*! VLAN priority after parsing. */
|
||||
u32 vlan_up;
|
||||
/*! Valid VLAN coding. */
|
||||
u32 vlan_valid;
|
||||
/*! SA index. */
|
||||
u32 sai;
|
||||
/*! SAI hit, i.e. controlled packet. */
|
||||
u32 sai_hit;
|
||||
/*! Mask for payload ethertype field. */
|
||||
u32 eth_type_mask;
|
||||
/*! 0~63: byte location used extracted by packets comparator, which
|
||||
* can be anything from the first 64 bytes of the MAC packets.
|
||||
* This byte location counted from MAC' DA address. i.e. set to 0
|
||||
* will point to byte 0 of DA address.
|
||||
*/
|
||||
u32 byte3_location;
|
||||
/*! Mask for Byte Offset 3. */
|
||||
u32 byte3_mask;
|
||||
/*! 0~63: byte location used extracted by packets comparator, which
|
||||
* can be anything from the first 64 bytes of the MAC packets.
|
||||
* This byte location counted from MAC' DA address. i.e. set to 0
|
||||
* will point to byte 0 of DA address.
|
||||
*/
|
||||
u32 byte2_location;
|
||||
/*! Mask for Byte Offset 2. */
|
||||
u32 byte2_mask;
|
||||
/*! 0~63: byte location used extracted by packets comparator, which
|
||||
* can be anything from the first 64 bytes of the MAC packets.
|
||||
* This byte location counted from MAC' DA address. i.e. set to 0
|
||||
* will point to byte 0 of DA address.
|
||||
*/
|
||||
u32 byte1_location;
|
||||
/*! Mask for Byte Offset 1. */
|
||||
u32 byte1_mask;
|
||||
/*! 0~63: byte location used extracted by packets comparator, which
|
||||
* can be anything from the first 64 bytes of the MAC packets.
|
||||
* This byte location counted from MAC' DA address. i.e. set to 0
|
||||
* will point to byte 0 of DA address.
|
||||
*/
|
||||
u32 byte0_location;
|
||||
/*! Mask for Byte Offset 0. */
|
||||
u32 byte0_mask;
|
||||
/*! Mask for Ethertype valid field. Indicates 802.3 vs. Other. */
|
||||
u32 eth_type_valid_mask;
|
||||
/*! Mask for VLAN ID field. */
|
||||
u32 vlan_id_mask;
|
||||
/*! Mask for VLAN UP field. */
|
||||
u32 vlan_up_mask;
|
||||
/*! Mask for VLAN valid field. */
|
||||
u32 vlan_valid_mask;
|
||||
/*! Mask for SAI. */
|
||||
u32 sai_mask;
|
||||
/*! Mask for SAI_HIT. */
|
||||
u32 sai_hit_mask;
|
||||
/*! Action if only first level matches and second level does not.
|
||||
* 0: pass
|
||||
* 1: drop (fail).
|
||||
*/
|
||||
u32 firstlevel_actions;
|
||||
/*! Action if both first and second level matched.
|
||||
* 0: pass
|
||||
* 1: drop (fail).
|
||||
*/
|
||||
u32 secondlevel_actions;
|
||||
/*! Reserved. */
|
||||
u32 reserved;
|
||||
/*! 0: Not valid entry. This entry is not used
|
||||
* 1: valid entry.
|
||||
*/
|
||||
u32 valid;
|
||||
};
|
||||
|
||||
/*! Represents the bitfields of a single row in the Ingress Post-
|
||||
* MACSec CTL Filter table.
|
||||
*/
|
||||
struct aq_mss_ingress_postctlf_record {
|
||||
/*! This is used to store the 48 bit value used to compare SA, DA
|
||||
* or halfDA+half SA value.
|
||||
*/
|
||||
u32 sa_da[2];
|
||||
/*! This is used to store the 16 bit ethertype value used for
|
||||
* comparison.
|
||||
*/
|
||||
u32 eth_type;
|
||||
/*! The match mask is per-nibble. 0 means don't care, i.e. every
|
||||
* value will match successfully. The total data is 64 bit, i.e.
|
||||
* 16 nibbles masks.
|
||||
*/
|
||||
u32 match_mask;
|
||||
/*! 0: No compare, i.e. This entry is not used
|
||||
* 1: compare DA only
|
||||
* 2: compare SA only
|
||||
* 3: compare half DA + half SA
|
||||
* 4: compare ether type only
|
||||
* 5: compare DA + ethertype
|
||||
* 6: compare SA + ethertype
|
||||
* 7: compare DA+ range.
|
||||
*/
|
||||
u32 match_type;
|
||||
/*! 0: Bypass the remaining modules if matched.
|
||||
* 1: Forward to next module for more classifications.
|
||||
*/
|
||||
u32 action;
|
||||
};
|
||||
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user