1 /*- 2 * Copyright (c) 2019, Mellanox Technologies, Ltd. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 * 25 * $FreeBSD$ 26 */ 27 28 #include <linux/kernel.h> 29 #include <linux/module.h> 30 #include <dev/mlx5/driver.h> 31 #include <dev/mlx5/tls.h> 32 33 #include "mlx5_core.h" 34 #include "transobj.h" 35 36 int mlx5_encryption_key_create(struct mlx5_core_dev *mdev, u32 pdn, 37 const void *p_key, u32 key_len, u32 *p_obj_id) 38 { 39 u32 in[MLX5_ST_SZ_DW(create_encryption_key_in)] = {}; 40 u32 out[MLX5_ST_SZ_DW(create_encryption_key_out)] = {}; 41 u64 general_obj_types; 42 int err; 43 44 general_obj_types = MLX5_CAP_GEN_64(mdev, general_obj_types); 45 if (!(general_obj_types & MLX5_HCA_CAP_GENERAL_OBJ_TYPES_ENCRYPTION_KEY)) 46 return -EINVAL; 47 48 switch (key_len) { 49 case 128 / 8: 50 memcpy(MLX5_ADDR_OF(create_encryption_key_in, in, 51 encryption_key_object.key[4]), p_key, 128 / 8); 52 MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn); 53 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size, 54 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_128); 55 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type, 56 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK); 57 break; 58 case 256 / 8: 59 memcpy(MLX5_ADDR_OF(create_encryption_key_in, in, 60 encryption_key_object.key[0]), p_key, 256 / 8); 61 MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn); 62 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size, 63 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_256); 64 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type, 65 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK); 66 break; 67 default: 68 return -EINVAL; 69 } 70 71 MLX5_SET(create_encryption_key_in, in, opcode, MLX5_CMD_OP_CREATE_GENERAL_OBJ); 72 MLX5_SET(create_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY); 73 74 err = mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out)); 75 if (err == 0) 76 *p_obj_id = MLX5_GET(create_encryption_key_out, out, obj_id); 77 78 /* avoid leaking key on the stack */ 79 memset(in, 0, sizeof(in)); 80 81 return err; 82 } 83 84 int mlx5_encryption_key_destroy(struct mlx5_core_dev *mdev, u32 oid) 85 { 86 u32 in[MLX5_ST_SZ_DW(destroy_encryption_key_in)] = {}; 87 u32 out[MLX5_ST_SZ_DW(destroy_encryption_key_out)] = {}; 88 89 MLX5_SET(destroy_encryption_key_in, in, opcode, MLX5_CMD_OP_DESTROY_GENERAL_OBJ); 90 MLX5_SET(destroy_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY); 91 MLX5_SET(destroy_encryption_key_in, in, obj_id, oid); 92 93 return mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out)); 94 } 95 96 int mlx5_tls_open_tis(struct mlx5_core_dev *mdev, int tc, int tdn, int pdn, u32 *p_tisn) 97 { 98 u32 in[MLX5_ST_SZ_DW(create_tis_in)] = {}; 99 void *tisc = MLX5_ADDR_OF(create_tis_in, in, ctx); 100 int err; 101 102 MLX5_SET(tisc, tisc, prio, tc); 103 MLX5_SET(tisc, tisc, transport_domain, tdn); 104 MLX5_SET(tisc, tisc, tls_en, 1); 105 MLX5_SET(tisc, tisc, pd, pdn); 106 107 err = mlx5_core_create_tis(mdev, in, sizeof(in), p_tisn); 108 if (err) 109 return (err); 110 else if (*p_tisn == 0) 111 return (-EINVAL); 112 else 113 return (0); /* success */ 114 } 115 116 void mlx5_tls_close_tis(struct mlx5_core_dev *mdev, u32 tisn) 117 { 118 119 mlx5_core_destroy_tis(mdev, tisn); 120 } 121