1 /*- 2 * Copyright (c) 2019-2021, Mellanox Technologies, Ltd. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 * 25 * $FreeBSD$ 26 */ 27 28 #include "opt_rss.h" 29 #include "opt_ratelimit.h" 30 31 #include <linux/kernel.h> 32 #include <linux/module.h> 33 #include <dev/mlx5/driver.h> 34 #include <dev/mlx5/tls.h> 35 #include <dev/mlx5/mlx5_core/mlx5_core.h> 36 #include <dev/mlx5/mlx5_core/transobj.h> 37 38 int mlx5_encryption_key_create(struct mlx5_core_dev *mdev, u32 pdn, 39 const void *p_key, u32 key_len, u32 *p_obj_id) 40 { 41 u32 in[MLX5_ST_SZ_DW(create_encryption_key_in)] = {}; 42 u32 out[MLX5_ST_SZ_DW(create_encryption_key_out)] = {}; 43 u64 general_obj_types; 44 int err; 45 46 general_obj_types = MLX5_CAP_GEN_64(mdev, general_obj_types); 47 if (!(general_obj_types & MLX5_HCA_CAP_GENERAL_OBJ_TYPES_ENCRYPTION_KEY)) 48 return -EINVAL; 49 50 switch (key_len) { 51 case 128 / 8: 52 memcpy(MLX5_ADDR_OF(create_encryption_key_in, in, 53 encryption_key_object.key[4]), p_key, 128 / 8); 54 MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn); 55 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size, 56 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_128); 57 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type, 58 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK); 59 break; 60 case 256 / 8: 61 memcpy(MLX5_ADDR_OF(create_encryption_key_in, in, 62 encryption_key_object.key[0]), p_key, 256 / 8); 63 MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn); 64 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size, 65 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_256); 66 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type, 67 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK); 68 break; 69 default: 70 return -EINVAL; 71 } 72 73 MLX5_SET(create_encryption_key_in, in, opcode, MLX5_CMD_OP_CREATE_GENERAL_OBJ); 74 MLX5_SET(create_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY); 75 76 err = mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out)); 77 if (err == 0) 78 *p_obj_id = MLX5_GET(create_encryption_key_out, out, obj_id); 79 80 /* avoid leaking key on the stack */ 81 memset(in, 0, sizeof(in)); 82 83 return err; 84 } 85 86 int mlx5_encryption_key_destroy(struct mlx5_core_dev *mdev, u32 oid) 87 { 88 u32 in[MLX5_ST_SZ_DW(destroy_encryption_key_in)] = {}; 89 u32 out[MLX5_ST_SZ_DW(destroy_encryption_key_out)] = {}; 90 91 MLX5_SET(destroy_encryption_key_in, in, opcode, MLX5_CMD_OP_DESTROY_GENERAL_OBJ); 92 MLX5_SET(destroy_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY); 93 MLX5_SET(destroy_encryption_key_in, in, obj_id, oid); 94 95 return mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out)); 96 } 97 98 int mlx5_tls_open_tis(struct mlx5_core_dev *mdev, int tc, int tdn, int pdn, u32 *p_tisn) 99 { 100 u32 in[MLX5_ST_SZ_DW(create_tis_in)] = {}; 101 void *tisc = MLX5_ADDR_OF(create_tis_in, in, ctx); 102 int err; 103 104 MLX5_SET(tisc, tisc, prio, tc); 105 MLX5_SET(tisc, tisc, transport_domain, tdn); 106 MLX5_SET(tisc, tisc, tls_en, 1); 107 MLX5_SET(tisc, tisc, pd, pdn); 108 109 err = mlx5_core_create_tis(mdev, in, sizeof(in), p_tisn); 110 if (err) 111 return (err); 112 else if (*p_tisn == 0) 113 return (-EINVAL); 114 else 115 return (0); /* success */ 116 } 117 118 void mlx5_tls_close_tis(struct mlx5_core_dev *mdev, u32 tisn) 119 { 120 121 mlx5_core_destroy_tis(mdev, tisn, 0); 122 } 123 124 int mlx5_tls_open_tir(struct mlx5_core_dev *mdev, int tdn, int rqtn, u32 *p_tirn) 125 { 126 u32 in[MLX5_ST_SZ_DW(create_tir_in)] = {}; 127 void *tirc = MLX5_ADDR_OF(create_tir_in, in, tir_context); 128 int err; 129 130 MLX5_SET(tirc, tirc, transport_domain, tdn); 131 MLX5_SET(tirc, tirc, disp_type, MLX5_TIRC_DISP_TYPE_INDIRECT); 132 MLX5_SET(tirc, tirc, rx_hash_fn, MLX5_TIRC_RX_HASH_FN_HASH_INVERTED_XOR8); 133 MLX5_SET(tirc, tirc, indirect_table, rqtn); 134 MLX5_SET(tirc, tirc, tls_en, 1); 135 MLX5_SET(tirc, tirc, self_lb_en, 136 MLX5_TIRC_SELF_LB_EN_ENABLE_UNICAST | 137 MLX5_TIRC_SELF_LB_EN_ENABLE_MULTICAST); 138 139 err = mlx5_core_create_tir(mdev, in, sizeof(in), p_tirn); 140 if (err) 141 return (err); 142 else if (*p_tirn == 0) 143 return (-EINVAL); 144 else 145 return (0); /* success */ 146 } 147 148 void mlx5_tls_close_tir(struct mlx5_core_dev *mdev, u32 tirn) 149 { 150 mlx5_core_destroy_tir(mdev, tirn, 0); 151 } 152