1 /* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */ 2 /* Copyright (c) 2019 Mellanox Technologies. */ 3 4 #ifndef __MLX5E_KTLS_H__ 5 #define __MLX5E_KTLS_H__ 6 7 #include <linux/debugfs.h> 8 #include <linux/tls.h> 9 #include <net/tls.h> 10 #include "en.h" 11 12 #ifdef CONFIG_MLX5_EN_TLS 13 #include "lib/crypto.h" 14 15 struct mlx5_crypto_dek *mlx5_ktls_create_key(struct mlx5_crypto_dek_pool *dek_pool, 16 struct tls_crypto_info *crypto_info); 17 void mlx5_ktls_destroy_key(struct mlx5_crypto_dek_pool *dek_pool, 18 struct mlx5_crypto_dek *dek); 19 20 static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev) 21 { 22 if (is_kdump_kernel()) 23 return false; 24 25 if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx)) 26 return false; 27 28 if (!MLX5_CAP_GEN(mdev, log_max_dek)) 29 return false; 30 31 return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) || 32 MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256)); 33 } 34 35 static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev, 36 struct tls_crypto_info *crypto_info) 37 { 38 switch (crypto_info->cipher_type) { 39 case TLS_CIPHER_AES_GCM_128: 40 if (crypto_info->version == TLS_1_2_VERSION) 41 return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128); 42 break; 43 case TLS_CIPHER_AES_GCM_256: 44 if (crypto_info->version == TLS_1_2_VERSION) 45 return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256); 46 break; 47 } 48 49 return false; 50 } 51 52 void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv); 53 int mlx5e_ktls_init_tx(struct mlx5e_priv *priv); 54 void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv); 55 int mlx5e_ktls_init_rx(struct mlx5e_priv *priv); 56 void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv); 57 int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable); 58 struct mlx5e_ktls_resync_resp * 59 mlx5e_ktls_rx_resync_create_resp_list(void); 60 void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list); 61 62 static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev) 63 { 64 return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx); 65 } 66 67 bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev); 68 69 struct mlx5e_tls_sw_stats { 70 atomic64_t tx_tls_ctx; 71 atomic64_t tx_tls_del; 72 atomic64_t tx_tls_pool_alloc; 73 atomic64_t tx_tls_pool_free; 74 atomic64_t rx_tls_ctx; 75 atomic64_t rx_tls_del; 76 }; 77 78 struct mlx5e_tls_debugfs { 79 struct dentry *dfs; 80 struct dentry *dfs_tx; 81 }; 82 83 struct mlx5e_tls { 84 struct mlx5_core_dev *mdev; 85 struct mlx5e_tls_sw_stats sw_stats; 86 struct workqueue_struct *rx_wq; 87 struct mlx5e_tls_tx_pool *tx_pool; 88 struct mlx5_crypto_dek_pool *dek_pool; 89 struct mlx5e_tls_debugfs debugfs; 90 }; 91 92 int mlx5e_ktls_init(struct mlx5e_priv *priv); 93 void mlx5e_ktls_cleanup(struct mlx5e_priv *priv); 94 95 int mlx5e_ktls_get_count(struct mlx5e_priv *priv); 96 int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data); 97 int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data); 98 99 #else 100 static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv) 101 { 102 } 103 104 static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv) 105 { 106 return 0; 107 } 108 109 static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv) 110 { 111 } 112 113 static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv) 114 { 115 return 0; 116 } 117 118 static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv) 119 { 120 } 121 122 static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable) 123 { 124 netdev_warn(netdev, "kTLS is not supported\n"); 125 return -EOPNOTSUPP; 126 } 127 128 static inline struct mlx5e_ktls_resync_resp * 129 mlx5e_ktls_rx_resync_create_resp_list(void) 130 { 131 return ERR_PTR(-EOPNOTSUPP); 132 } 133 134 static inline void 135 mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {} 136 137 static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev) 138 { 139 return false; 140 } 141 142 static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; } 143 static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { } 144 static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; } 145 static inline int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data) 146 { 147 return 0; 148 } 149 150 static inline int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data) 151 { 152 return 0; 153 } 154 #endif 155 156 #endif /* __MLX5E_TLS_H__ */ 157