1/* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */ 2/* Copyright (c) 2019 Mellanox Technologies. */ 3 4#ifndef __MLX5E_KTLS_H__ 5#define __MLX5E_KTLS_H__ 6 7#include <linux/debugfs.h> 8#include <linux/tls.h> 9#include <net/tls.h> 10#include "en.h" 11 12#ifdef CONFIG_MLX5_EN_TLS 13#include "lib/crypto.h" 14#include "lib/mlx5.h" 15 16struct mlx5_crypto_dek *mlx5_ktls_create_key(struct mlx5_crypto_dek_pool *dek_pool, 17 struct tls_crypto_info *crypto_info); 18void mlx5_ktls_destroy_key(struct mlx5_crypto_dek_pool *dek_pool, 19 struct mlx5_crypto_dek *dek); 20 21static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev) 22{ 23 if (is_kdump_kernel()) 24 return false; 25 26 if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx)) 27 return false; 28 29 if (!MLX5_CAP_GEN(mdev, log_max_dek)) 30 return false; 31 32 return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) || 33 MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256)); 34} 35 36static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev, 37 struct tls_crypto_info *crypto_info) 38{ 39 switch (crypto_info->cipher_type) { 40 case TLS_CIPHER_AES_GCM_128: 41 if (crypto_info->version == TLS_1_2_VERSION) 42 return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128); 43 break; 44 case TLS_CIPHER_AES_GCM_256: 45 if (crypto_info->version == TLS_1_2_VERSION) 46 return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256); 47 break; 48 } 49 50 return false; 51} 52 53void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv); 54int mlx5e_ktls_init_tx(struct mlx5e_priv *priv); 55void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv); 56int mlx5e_ktls_init_rx(struct mlx5e_priv *priv); 57void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv); 58int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable); 59struct mlx5e_ktls_resync_resp * 60mlx5e_ktls_rx_resync_create_resp_list(void); 61void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list); 62 63static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev) 64{ 65 return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx) && 66 !mlx5_get_sd(mdev); 67} 68 69bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev); 70 71struct mlx5e_tls_sw_stats { 72 atomic64_t tx_tls_ctx; 73 atomic64_t tx_tls_del; 74 atomic64_t tx_tls_pool_alloc; 75 atomic64_t tx_tls_pool_free; 76 atomic64_t rx_tls_ctx; 77 atomic64_t rx_tls_del; 78}; 79 80struct mlx5e_tls_debugfs { 81 struct dentry *dfs; 82 struct dentry *dfs_tx; 83}; 84 85struct mlx5e_tls { 86 struct mlx5_core_dev *mdev; 87 struct mlx5e_tls_sw_stats sw_stats; 88 struct workqueue_struct *rx_wq; 89 struct mlx5e_tls_tx_pool *tx_pool; 90 struct mlx5_crypto_dek_pool *dek_pool; 91 struct mlx5e_tls_debugfs debugfs; 92}; 93 94int mlx5e_ktls_init(struct mlx5e_priv *priv); 95void mlx5e_ktls_cleanup(struct mlx5e_priv *priv); 96 97int mlx5e_ktls_get_count(struct mlx5e_priv *priv); 98int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data); 99int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data); 100 101#else 102static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv) 103{ 104} 105 106static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv) 107{ 108 return 0; 109} 110 111static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv) 112{ 113} 114 115static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv) 116{ 117 return 0; 118} 119 120static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv) 121{ 122} 123 124static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable) 125{ 126 netdev_warn(netdev, "kTLS is not supported\n"); 127 return -EOPNOTSUPP; 128} 129 130static inline struct mlx5e_ktls_resync_resp * 131mlx5e_ktls_rx_resync_create_resp_list(void) 132{ 133 return ERR_PTR(-EOPNOTSUPP); 134} 135 136static inline void 137mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {} 138 139static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev) 140{ 141 return false; 142} 143 144static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; } 145static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { } 146static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; } 147static inline int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data) 148{ 149 return 0; 150} 151 152static inline int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data) 153{ 154 return 0; 155} 156#endif 157 158#endif /* __MLX5E_TLS_H__ */ 159