1 | /* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */ |
2 | /* Copyright (c) 2019 Mellanox Technologies. */ |
3 | |
4 | #ifndef __MLX5E_KTLS_H__ |
5 | #define __MLX5E_KTLS_H__ |
6 | |
7 | #include <linux/debugfs.h> |
8 | #include <linux/tls.h> |
9 | #include <net/tls.h> |
10 | #include "en.h" |
11 | |
12 | #ifdef CONFIG_MLX5_EN_TLS |
13 | #include "lib/crypto.h" |
14 | #include "lib/mlx5.h" |
15 | |
16 | struct mlx5_crypto_dek *mlx5_ktls_create_key(struct mlx5_crypto_dek_pool *dek_pool, |
17 | struct tls_crypto_info *crypto_info); |
18 | void mlx5_ktls_destroy_key(struct mlx5_crypto_dek_pool *dek_pool, |
19 | struct mlx5_crypto_dek *dek); |
20 | |
21 | static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev) |
22 | { |
23 | if (is_kdump_kernel()) |
24 | return false; |
25 | |
26 | if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx)) |
27 | return false; |
28 | |
29 | if (!MLX5_CAP_GEN(mdev, log_max_dek)) |
30 | return false; |
31 | |
32 | return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) || |
33 | MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256)); |
34 | } |
35 | |
36 | static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev, |
37 | struct tls_crypto_info *crypto_info) |
38 | { |
39 | switch (crypto_info->cipher_type) { |
40 | case TLS_CIPHER_AES_GCM_128: |
41 | if (crypto_info->version == TLS_1_2_VERSION) |
42 | return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128); |
43 | break; |
44 | case TLS_CIPHER_AES_GCM_256: |
45 | if (crypto_info->version == TLS_1_2_VERSION) |
46 | return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256); |
47 | break; |
48 | } |
49 | |
50 | return false; |
51 | } |
52 | |
53 | void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv); |
54 | int mlx5e_ktls_init_tx(struct mlx5e_priv *priv); |
55 | void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv); |
56 | int mlx5e_ktls_init_rx(struct mlx5e_priv *priv); |
57 | void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv); |
58 | int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable); |
59 | struct mlx5e_ktls_resync_resp * |
60 | mlx5e_ktls_rx_resync_create_resp_list(void); |
61 | void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list); |
62 | |
63 | static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev) |
64 | { |
65 | return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx) && |
66 | !mlx5_get_sd(dev: mdev); |
67 | } |
68 | |
69 | bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev); |
70 | |
71 | struct mlx5e_tls_sw_stats { |
72 | atomic64_t tx_tls_ctx; |
73 | atomic64_t tx_tls_del; |
74 | atomic64_t tx_tls_pool_alloc; |
75 | atomic64_t tx_tls_pool_free; |
76 | atomic64_t rx_tls_ctx; |
77 | atomic64_t rx_tls_del; |
78 | }; |
79 | |
80 | struct mlx5e_tls_debugfs { |
81 | struct dentry *dfs; |
82 | struct dentry *dfs_tx; |
83 | }; |
84 | |
85 | struct mlx5e_tls { |
86 | struct mlx5_core_dev *mdev; |
87 | struct mlx5e_tls_sw_stats sw_stats; |
88 | struct workqueue_struct *rx_wq; |
89 | struct mlx5e_tls_tx_pool *tx_pool; |
90 | struct mlx5_crypto_dek_pool *dek_pool; |
91 | struct mlx5e_tls_debugfs debugfs; |
92 | }; |
93 | |
94 | int mlx5e_ktls_init(struct mlx5e_priv *priv); |
95 | void mlx5e_ktls_cleanup(struct mlx5e_priv *priv); |
96 | |
97 | int mlx5e_ktls_get_count(struct mlx5e_priv *priv); |
98 | int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data); |
99 | int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data); |
100 | |
101 | #else |
102 | static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv) |
103 | { |
104 | } |
105 | |
106 | static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv) |
107 | { |
108 | return 0; |
109 | } |
110 | |
111 | static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv) |
112 | { |
113 | } |
114 | |
115 | static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv) |
116 | { |
117 | return 0; |
118 | } |
119 | |
120 | static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv) |
121 | { |
122 | } |
123 | |
124 | static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable) |
125 | { |
126 | netdev_warn(netdev, "kTLS is not supported\n" ); |
127 | return -EOPNOTSUPP; |
128 | } |
129 | |
130 | static inline struct mlx5e_ktls_resync_resp * |
131 | mlx5e_ktls_rx_resync_create_resp_list(void) |
132 | { |
133 | return ERR_PTR(-EOPNOTSUPP); |
134 | } |
135 | |
136 | static inline void |
137 | mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {} |
138 | |
139 | static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev) |
140 | { |
141 | return false; |
142 | } |
143 | |
144 | static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; } |
145 | static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { } |
146 | static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; } |
147 | static inline int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data) |
148 | { |
149 | return 0; |
150 | } |
151 | |
152 | static inline int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data) |
153 | { |
154 | return 0; |
155 | } |
156 | #endif |
157 | |
158 | #endif /* __MLX5E_TLS_H__ */ |
159 | |