1 /* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */
2 /* Copyright (c) 2019 Mellanox Technologies. */
3 
4 #ifndef __MLX5E_KTLS_H__
5 #define __MLX5E_KTLS_H__
6 
7 #include <linux/tls.h>
8 #include <net/tls.h>
9 #include "en.h"
10 
11 #ifdef CONFIG_MLX5_EN_TLS
12 int mlx5_ktls_create_key(struct mlx5_core_dev *mdev,
13 			 struct tls_crypto_info *crypto_info,
14 			 u32 *p_key_id);
15 void mlx5_ktls_destroy_key(struct mlx5_core_dev *mdev, u32 key_id);
16 
mlx5e_is_ktls_device(struct mlx5_core_dev * mdev)17 static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev)
18 {
19 	if (is_kdump_kernel())
20 		return false;
21 
22 	if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx))
23 		return false;
24 
25 	if (!MLX5_CAP_GEN(mdev, log_max_dek))
26 		return false;
27 
28 	return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) ||
29 		MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256));
30 }
31 
mlx5e_ktls_type_check(struct mlx5_core_dev * mdev,struct tls_crypto_info * crypto_info)32 static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
33 					 struct tls_crypto_info *crypto_info)
34 {
35 	switch (crypto_info->cipher_type) {
36 	case TLS_CIPHER_AES_GCM_128:
37 		if (crypto_info->version == TLS_1_2_VERSION)
38 			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_128);
39 		break;
40 	case TLS_CIPHER_AES_GCM_256:
41 		if (crypto_info->version == TLS_1_2_VERSION)
42 			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_256);
43 		break;
44 	}
45 
46 	return false;
47 }
48 
49 void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv);
50 int mlx5e_ktls_init_tx(struct mlx5e_priv *priv);
51 void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv);
52 int mlx5e_ktls_init_rx(struct mlx5e_priv *priv);
53 void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv);
54 int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable);
55 struct mlx5e_ktls_resync_resp *
56 mlx5e_ktls_rx_resync_create_resp_list(void);
57 void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list);
58 
mlx5e_is_ktls_tx(struct mlx5_core_dev * mdev)59 static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev)
60 {
61 	return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx);
62 }
63 
64 bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev);
65 
66 struct mlx5e_tls_sw_stats {
67 	atomic64_t tx_tls_ctx;
68 	atomic64_t tx_tls_del;
69 	atomic64_t tx_tls_pool_alloc;
70 	atomic64_t tx_tls_pool_free;
71 	atomic64_t rx_tls_ctx;
72 	atomic64_t rx_tls_del;
73 };
74 
75 struct mlx5e_tls {
76 	struct mlx5e_tls_sw_stats sw_stats;
77 	struct workqueue_struct *rx_wq;
78 	struct mlx5e_tls_tx_pool *tx_pool;
79 };
80 
81 int mlx5e_ktls_init(struct mlx5e_priv *priv);
82 void mlx5e_ktls_cleanup(struct mlx5e_priv *priv);
83 
84 int mlx5e_ktls_get_count(struct mlx5e_priv *priv);
85 int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data);
86 int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data);
87 
88 #else
mlx5e_ktls_build_netdev(struct mlx5e_priv * priv)89 static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv)
90 {
91 }
92 
mlx5e_ktls_init_tx(struct mlx5e_priv * priv)93 static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv)
94 {
95 	return 0;
96 }
97 
mlx5e_ktls_cleanup_tx(struct mlx5e_priv * priv)98 static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv)
99 {
100 }
101 
mlx5e_ktls_init_rx(struct mlx5e_priv * priv)102 static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv)
103 {
104 	return 0;
105 }
106 
mlx5e_ktls_cleanup_rx(struct mlx5e_priv * priv)107 static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv)
108 {
109 }
110 
mlx5e_ktls_set_feature_rx(struct net_device * netdev,bool enable)111 static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable)
112 {
113 	netdev_warn(netdev, "kTLS is not supported\n");
114 	return -EOPNOTSUPP;
115 }
116 
117 static inline struct mlx5e_ktls_resync_resp *
mlx5e_ktls_rx_resync_create_resp_list(void)118 mlx5e_ktls_rx_resync_create_resp_list(void)
119 {
120 	return ERR_PTR(-EOPNOTSUPP);
121 }
122 
123 static inline void
mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp * resp_list)124 mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {}
125 
mlx5e_is_ktls_rx(struct mlx5_core_dev * mdev)126 static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev)
127 {
128 	return false;
129 }
130 
mlx5e_ktls_init(struct mlx5e_priv * priv)131 static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; }
mlx5e_ktls_cleanup(struct mlx5e_priv * priv)132 static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { }
mlx5e_ktls_get_count(struct mlx5e_priv * priv)133 static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; }
mlx5e_ktls_get_strings(struct mlx5e_priv * priv,uint8_t * data)134 static inline int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data)
135 {
136 	return 0;
137 }
138 
mlx5e_ktls_get_stats(struct mlx5e_priv * priv,u64 * data)139 static inline int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data)
140 {
141 	return 0;
142 }
143 #endif
144 
145 #endif /* __MLX5E_TLS_H__ */
146