[PATCH 14/18] common/cnxk: flow rule config for non-inplace

Tue, 27 Jan 2026 22:05:13 -0800 

Adds flow rule for non-inplace security action
configuration

Signed-off-by: Rahul Bhansali <[email protected]>
---
 drivers/common/cnxk/roc_npc.c | 13 ++++++++++++-
 drivers/common/cnxk/roc_npc.h |  3 +++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/drivers/common/cnxk/roc_npc.c b/drivers/common/cnxk/roc_npc.c
index 7846913417..acf0007e05 100644
--- a/drivers/common/cnxk/roc_npc.c
+++ b/drivers/common/cnxk/roc_npc.c
@@ -613,10 +613,12 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct 
roc_npc_attr *attr,
        const struct roc_npc_action_mark *act_mark;
        const struct roc_npc_action_meter *act_mtr;
        const struct roc_npc_action_queue *act_q;
+       const struct roc_npc_sec_action *sec_act;
        const struct roc_npc_action_vf *vf_act;
        uint8_t has_spi_to_sa_act = 0;
        int sel_act, req_act = 0;
        uint16_t pf_func, vf_id;
+       bool is_non_inp = false;
        int errcode = 0;
        int mark = 0;
        int rq = 0;
@@ -704,6 +706,15 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct 
roc_npc_attr *attr,
                         *  session_protocol ==
                         *    NPC_SECURITY_PROTOCOL_IPSEC
                         */
+
+                       if (!actions->no_sec_action) {
+                               sec_act = (const struct roc_npc_sec_action 
*)actions->conf;
+                               sec_action = actions;
+                               is_non_inp = sec_act ? sec_act->is_non_inp : 
false;
+                       } else {
+                               is_non_inp = actions->is_non_inp;
+                       }
+
                        req_act |= ROC_NPC_ACTION_TYPE_SEC;
                        rq = 0;
                        roc_nix = roc_npc->roc_nix;
@@ -724,7 +735,6 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct 
roc_npc_attr *attr,
 
                        if (roc_nix_inl_dev_is_probed())
                                flow->is_inline_dev = 1;
-                       sec_action = actions;
                        break;
                case ROC_NPC_ACTION_TYPE_VLAN_STRIP:
                        req_act |= ROC_NPC_ACTION_TYPE_VLAN_STRIP;
@@ -931,6 +941,7 @@ npc_parse_actions(struct roc_npc *roc_npc, const struct 
roc_npc_attr *attr,
                        flow->npc_action |= (uint64_t)rq << 20;
                        flow->npc_action2 =
                                roc_nix_inl_inb_ipsec_profile_id_get(roc_nix, 
true) << 8;
+                       flow->npc_action2 |= is_non_inp ? (1ULL << 15) : 0;
                } else {
                        flow->npc_action = NIX_RX_ACTIONOP_UCAST_IPSEC;
                        flow->npc_action |= (uint64_t)rq << 20;
diff --git a/drivers/common/cnxk/roc_npc.h b/drivers/common/cnxk/roc_npc.h
index b7565806c0..62385e4481 100644
--- a/drivers/common/cnxk/roc_npc.h
+++ b/drivers/common/cnxk/roc_npc.h
@@ -204,6 +204,8 @@ struct roc_npc_action {
        enum roc_npc_action_type type; /**< Action type. */
        const void *conf;              /**< Pointer to action configuration 
object. */
        uint16_t rss_repte_pf_func;    /**< Per flow tmp var for rss 
representee pffunc */
+       bool is_non_inp;               /**< Non inplace config */
+       bool no_sec_action;            /**< No security action */
 };
 
 struct roc_npc_action_sample {
@@ -282,6 +284,7 @@ struct roc_npc_sec_action {
         * XOR
         */
        enum roc_npc_sec_action_alg alg;
+       bool is_non_inp;
 };
 
 struct roc_npc_attr {
-- 
2.34.1

Reply via email to