1 // SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB 2 // Copyright (c) 2019 Mellanox Technologies. 3 4 #include "en.h" 5 #include "en_accel/ktls.h" 6 7 static int mlx5e_ktls_create_tis(struct mlx5_core_dev *mdev, u32 *tisn) 8 { 9 u32 in[MLX5_ST_SZ_DW(create_tis_in)] = {}; 10 void *tisc; 11 12 tisc = MLX5_ADDR_OF(create_tis_in, in, ctx); 13 14 MLX5_SET(tisc, tisc, tls_en, 1); 15 16 return mlx5e_create_tis(mdev, in, tisn); 17 } 18 19 static int mlx5e_ktls_add(struct net_device *netdev, struct sock *sk, 20 enum tls_offload_ctx_dir direction, 21 struct tls_crypto_info *crypto_info, 22 u32 start_offload_tcp_sn) 23 { 24 struct mlx5e_priv *priv = netdev_priv(netdev); 25 struct mlx5e_ktls_offload_context_tx *tx_priv; 26 struct tls_context *tls_ctx = tls_get_ctx(sk); 27 struct mlx5_core_dev *mdev = priv->mdev; 28 int err; 29 30 if (WARN_ON(direction != TLS_OFFLOAD_CTX_DIR_TX)) 31 return -EINVAL; 32 33 if (WARN_ON(!mlx5e_ktls_type_check(mdev, crypto_info))) 34 return -EOPNOTSUPP; 35 36 tx_priv = kvzalloc(sizeof(*tx_priv), GFP_KERNEL); 37 if (!tx_priv) 38 return -ENOMEM; 39 40 tx_priv->expected_seq = start_offload_tcp_sn; 41 tx_priv->crypto_info = *(struct tls12_crypto_info_aes_gcm_128 *)crypto_info; 42 mlx5e_set_ktls_tx_priv_ctx(tls_ctx, tx_priv); 43 44 /* tc and underlay_qpn values are not in use for tls tis */ 45 err = mlx5e_ktls_create_tis(mdev, &tx_priv->tisn); 46 if (err) 47 goto create_tis_fail; 48 49 err = mlx5_ktls_create_key(mdev, crypto_info, &tx_priv->key_id); 50 if (err) 51 goto encryption_key_create_fail; 52 53 mlx5e_ktls_tx_offload_set_pending(tx_priv); 54 55 return 0; 56 57 encryption_key_create_fail: 58 mlx5e_destroy_tis(priv->mdev, tx_priv->tisn); 59 create_tis_fail: 60 kvfree(tx_priv); 61 return err; 62 } 63 64 static void mlx5e_ktls_del(struct net_device *netdev, 65 struct tls_context *tls_ctx, 66 enum tls_offload_ctx_dir direction) 67 { 68 struct mlx5e_priv *priv = netdev_priv(netdev); 69 struct mlx5e_ktls_offload_context_tx *tx_priv = 70 mlx5e_get_ktls_tx_priv_ctx(tls_ctx); 71 72 mlx5_ktls_destroy_key(priv->mdev, tx_priv->key_id); 73 mlx5e_destroy_tis(priv->mdev, tx_priv->tisn); 74 kvfree(tx_priv); 75 } 76 77 static const struct tlsdev_ops mlx5e_ktls_ops = { 78 .tls_dev_add = mlx5e_ktls_add, 79 .tls_dev_del = mlx5e_ktls_del, 80 }; 81 82 void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv) 83 { 84 struct net_device *netdev = priv->netdev; 85 86 if (!mlx5_accel_is_ktls_device(priv->mdev)) 87 return; 88 89 netdev->hw_features |= NETIF_F_HW_TLS_TX; 90 netdev->features |= NETIF_F_HW_TLS_TX; 91 92 netdev->tlsdev_ops = &mlx5e_ktls_ops; 93 } 94