@@ -481,12 +481,7 @@ int mlx5e_ktls_rx_resync(struct net_device *netdev, struct sock *sk,
void mlx5e_ktls_handle_rx_skb(struct mlx5e_rq *rq, struct sk_buff *skb,
struct mlx5_cqe64 *cqe, u32 *cqe_bcnt)
{
- u8 tls_offload = get_cqe_tls_offload(cqe);
-
- if (likely(tls_offload == CQE_TLS_OFFLOAD_NOT_DECRYPTED))
- return;
-
- switch (tls_offload) {
+ switch (get_cqe_tls_offload(cqe)) {
case CQE_TLS_OFFLOAD_DECRYPTED:
skb->decrypted = 1;
rq->stats->tls_decrypted_packets++;
@@ -355,19 +355,13 @@ static int tls_update_resync_sn(struct net_device *netdev,
return 0;
}
-void mlx5e_tls_handle_rx_skb(struct mlx5e_rq *rq, struct sk_buff *skb,
- struct mlx5_cqe64 *cqe, u32 *cqe_bcnt)
+/* FPGA tls rx handler */
+void mlx5e_tls_handle_rx_skb_metadata(struct mlx5e_rq *rq, struct sk_buff *skb,
+ u32 *cqe_bcnt)
{
struct mlx5e_tls_metadata *mdata;
struct mlx5e_priv *priv;
- if (likely(mlx5_accel_is_ktls_rx(rq->mdev)))
- return mlx5e_ktls_handle_rx_skb(rq, skb, cqe, cqe_bcnt);
-
- /* FPGA */
- if (!is_metadata_hdr_valid(skb))
- return;
-
/* Use the metadata */
mdata = (struct mlx5e_tls_metadata *)(skb->data + ETH_HLEN);
switch (mdata->content.recv.syndrome) {
@@ -34,6 +34,7 @@
#ifndef __MLX5E_TLS_RXTX_H__
#define __MLX5E_TLS_RXTX_H__
+#include "accel/accel.h"
#include "en_accel/ktls_txrx.h"
#ifdef CONFIG_MLX5_EN_TLS
@@ -49,11 +50,32 @@ bool mlx5e_tls_handle_tx_skb(struct net_device *netdev, struct mlx5e_txqsq *sq,
void mlx5e_tls_handle_tx_wqe(struct mlx5e_txqsq *sq, struct mlx5_wqe_ctrl_seg *cseg,
struct mlx5e_accel_tx_tls_state *state);
-void mlx5e_tls_handle_rx_skb(struct mlx5e_rq *rq, struct sk_buff *skb,
- struct mlx5_cqe64 *cqe, u32 *cqe_bcnt);
+void mlx5e_tls_handle_rx_skb_metadata(struct mlx5e_rq *rq, struct sk_buff *skb,
+ u32 *cqe_bcnt);
+
+static inline bool mlx5e_accel_is_tls(struct mlx5_cqe64 *cqe, struct sk_buff *skb)
+{
+ return get_cqe_tls_offload(cqe) || is_metadata_hdr_valid(skb);
+}
+
+static inline void
+mlx5e_tls_handle_rx_skb(struct mlx5e_rq *rq, struct sk_buff *skb,
+ struct mlx5_cqe64 *cqe, u32 *cqe_bcnt)
+{
+ if (likely(mlx5e_accel_is_tls(cqe, skb)))
+ return mlx5e_ktls_handle_rx_skb(rq, skb, cqe, cqe_bcnt);
+
+ /* FPGA */
+ return mlx5e_tls_handle_rx_skb_metadata(rq, skb, cqe_bcnt);
+}
#else
+static inline bool
+mlx5e_accel_is_tls(struct mlx5_cqe64 *cqe, struct sk_buff *skb) { return false; }
+static inline void
+mlx5e_tls_handle_rx_skb(struct mlx5e_rq *rq, struct sk_buff *skb,
+ struct mlx5_cqe64 *cqe, u32 *cqe_bcnt) {}
static inline u16 mlx5e_tls_get_stop_room(struct mlx5e_txqsq *sq)
{
return 0;
@@ -1019,9 +1019,8 @@ static inline void mlx5e_build_rx_skb(struct mlx5_cqe64 *cqe,
skb->mac_len = ETH_HLEN;
-#ifdef CONFIG_MLX5_EN_TLS
- mlx5e_tls_handle_rx_skb(rq, skb, cqe, &cqe_bcnt);
-#endif
+ if (unlikely(mlx5e_accel_is_tls(cqe, skb)))
+ mlx5e_tls_handle_rx_skb(rq, skb, cqe, &cqe_bcnt);
if (lro_num_seg > 1) {
mlx5e_lro_update_hdr(skb, cqe, cqe_bcnt);
Prior to this patch mlx5e tls rx handler was called unconditionally on all rx packets and the decision whether a packet is a valid tls packet is done inside that function. A function call can be expensive especially for regular rx packet rate. To avoid this, check the tls validity before jumping into the tls rx handler. While at it, split between kTLS device offload rx handler and FPGA tls rx handler using a similar method. Signed-off-by: Saeed Mahameed <saeedm@mellanox.com> --- .../mellanox/mlx5/core/en_accel/ktls_rx.c | 7 +---- .../mellanox/mlx5/core/en_accel/tls_rxtx.c | 12 +++------ .../mellanox/mlx5/core/en_accel/tls_rxtx.h | 26 +++++++++++++++++-- .../net/ethernet/mellanox/mlx5/core/en_rx.c | 5 ++-- 4 files changed, 30 insertions(+), 20 deletions(-)