xref: /freebsd/sys/dev/mlx5/mlx5_core/mlx5_tls.c (revision 2f513db7) 
1 /*-
2  * Copyright (c) 2019, Mellanox Technologies, Ltd.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23  * SUCH DAMAGE.
24  *
25  * $FreeBSD$
26  */
27 
28 #include <linux/kernel.h>
29 #include <linux/module.h>
30 #include <dev/mlx5/driver.h>
31 #include <dev/mlx5/tls.h>
32 
33 #include "mlx5_core.h"
34 #include "transobj.h"
35 
36 int mlx5_encryption_key_create(struct mlx5_core_dev *mdev, u32 pdn,
37     const void *p_key, u32 key_len, u32 *p_obj_id)
38 {
39 	u32 in[MLX5_ST_SZ_DW(create_encryption_key_in)] = {};
40 	u32 out[MLX5_ST_SZ_DW(create_encryption_key_out)] = {};
41 	u64 general_obj_types;
42 	int err;
43 
44 	general_obj_types = MLX5_CAP_GEN_64(mdev, general_obj_types);
45 	if (!(general_obj_types & MLX5_HCA_CAP_GENERAL_OBJ_TYPES_ENCRYPTION_KEY))
46 		return -EINVAL;
47 
48 	switch (key_len) {
49 	case 128 / 8:
50 		memcpy(MLX5_ADDR_OF(create_encryption_key_in, in,
51 		    encryption_key_object.key[4]), p_key, 128 / 8);
52 		MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn);
53 		MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size,
54 			 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_128);
55 		MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type,
56 			 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK);
57 		break;
58 	case 256 / 8:
59 		memcpy(MLX5_ADDR_OF(create_encryption_key_in, in,
60 		    encryption_key_object.key[0]), p_key, 256 / 8);
61 		MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn);
62 		MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size,
63 			 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_256);
64 		MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type,
65 			 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK);
66 		break;
67 	default:
68 		return -EINVAL;
69 	}
70 
71 	MLX5_SET(create_encryption_key_in, in, opcode, MLX5_CMD_OP_CREATE_GENERAL_OBJ);
72 	MLX5_SET(create_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY);
73 
74 	err = mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out));
75 	if (err == 0)
76 		*p_obj_id = MLX5_GET(create_encryption_key_out, out, obj_id);
77 
78 	/* avoid leaking key on the stack */
79 	memset(in, 0, sizeof(in));
80 
81 	return err;
82 }
83 
84 int mlx5_encryption_key_destroy(struct mlx5_core_dev *mdev, u32 oid)
85 {
86 	u32 in[MLX5_ST_SZ_DW(destroy_encryption_key_in)] = {};
87 	u32 out[MLX5_ST_SZ_DW(destroy_encryption_key_out)] = {};
88 
89 	MLX5_SET(destroy_encryption_key_in, in, opcode, MLX5_CMD_OP_DESTROY_GENERAL_OBJ);
90 	MLX5_SET(destroy_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY);
91 	MLX5_SET(destroy_encryption_key_in, in, obj_id, oid);
92 
93 	return mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out));
94 }
95 
96 int mlx5_tls_open_tis(struct mlx5_core_dev *mdev, int tc, int tdn, int pdn, u32 *p_tisn)
97 {
98 	u32 in[MLX5_ST_SZ_DW(create_tis_in)] = {};
99 	void *tisc = MLX5_ADDR_OF(create_tis_in, in, ctx);
100 	int err;
101 
102 	MLX5_SET(tisc, tisc, prio, tc);
103 	MLX5_SET(tisc, tisc, transport_domain, tdn);
104 	MLX5_SET(tisc, tisc, tls_en, 1);
105 	MLX5_SET(tisc, tisc, pd, pdn);
106 
107 	err = mlx5_core_create_tis(mdev, in, sizeof(in), p_tisn);
108 	if (err)
109 		return (err);
110 	else if (*p_tisn == 0)
111 		return (-EINVAL);
112 	else
113 		return (0);	/* success */
114 }
115 
116 void mlx5_tls_close_tis(struct mlx5_core_dev *mdev, u32 tisn)
117 {
118 
119 	mlx5_core_destroy_tis(mdev, tisn);
120 }
121