1 /* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */
2 /* Copyright (c) 2019 Mellanox Technologies. */
3 
4 #ifndef __MLX5E_KTLS_H__
5 #define __MLX5E_KTLS_H__
6 
7 #include <linux/debugfs.h>
8 #include <linux/tls.h>
9 #include <net/tls.h>
10 #include "en.h"
11 
12 #ifdef CONFIG_MLX5_EN_TLS
13 #include "lib/crypto.h"
14 
15 struct mlx5_crypto_dek *mlx5_ktls_create_key(struct mlx5_crypto_dek_pool *dek_pool,
16 					     struct tls_crypto_info *crypto_info);
17 void mlx5_ktls_destroy_key(struct mlx5_crypto_dek_pool *dek_pool,
18 			   struct mlx5_crypto_dek *dek);
19 
mlx5e_is_ktls_device(struct mlx5_core_dev * mdev)20 static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev)
21 {
22 	if (is_kdump_kernel())
23 		return false;
24 
25 	if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx))
26 		return false;
27 
28 	if (!MLX5_CAP_GEN(mdev, log_max_dek))
29 		return false;
30 
31 	return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) ||
32 		MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256));
33 }
34 
mlx5e_ktls_type_check(struct mlx5_core_dev * mdev,struct tls_crypto_info * crypto_info)35 static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
36 					 struct tls_crypto_info *crypto_info)
37 {
38 	switch (crypto_info->cipher_type) {
39 	case TLS_CIPHER_AES_GCM_128:
40 		if (crypto_info->version == TLS_1_2_VERSION)
41 			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_128);
42 		break;
43 	case TLS_CIPHER_AES_GCM_256:
44 		if (crypto_info->version == TLS_1_2_VERSION)
45 			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_256);
46 		break;
47 	}
48 
49 	return false;
50 }
51 
52 void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv);
53 int mlx5e_ktls_init_tx(struct mlx5e_priv *priv);
54 void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv);
55 int mlx5e_ktls_init_rx(struct mlx5e_priv *priv);
56 void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv);
57 int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable);
58 struct mlx5e_ktls_resync_resp *
59 mlx5e_ktls_rx_resync_create_resp_list(void);
60 void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list);
61 
mlx5e_is_ktls_tx(struct mlx5_core_dev * mdev)62 static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev)
63 {
64 	return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx);
65 }
66 
67 bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev);
68 
69 struct mlx5e_tls_sw_stats {
70 	atomic64_t tx_tls_ctx;
71 	atomic64_t tx_tls_del;
72 	atomic64_t tx_tls_pool_alloc;
73 	atomic64_t tx_tls_pool_free;
74 	atomic64_t rx_tls_ctx;
75 	atomic64_t rx_tls_del;
76 };
77 
78 struct mlx5e_tls_debugfs {
79 	struct dentry *dfs;
80 	struct dentry *dfs_tx;
81 };
82 
83 struct mlx5e_tls {
84 	struct mlx5_core_dev *mdev;
85 	struct mlx5e_tls_sw_stats sw_stats;
86 	struct workqueue_struct *rx_wq;
87 	struct mlx5e_tls_tx_pool *tx_pool;
88 	struct mlx5_crypto_dek_pool *dek_pool;
89 	struct mlx5e_tls_debugfs debugfs;
90 };
91 
92 int mlx5e_ktls_init(struct mlx5e_priv *priv);
93 void mlx5e_ktls_cleanup(struct mlx5e_priv *priv);
94 
95 int mlx5e_ktls_get_count(struct mlx5e_priv *priv);
96 int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data);
97 int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data);
98 
99 #else
mlx5e_ktls_build_netdev(struct mlx5e_priv * priv)100 static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv)
101 {
102 }
103 
mlx5e_ktls_init_tx(struct mlx5e_priv * priv)104 static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv)
105 {
106 	return 0;
107 }
108 
mlx5e_ktls_cleanup_tx(struct mlx5e_priv * priv)109 static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv)
110 {
111 }
112 
mlx5e_ktls_init_rx(struct mlx5e_priv * priv)113 static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv)
114 {
115 	return 0;
116 }
117 
mlx5e_ktls_cleanup_rx(struct mlx5e_priv * priv)118 static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv)
119 {
120 }
121 
mlx5e_ktls_set_feature_rx(struct net_device * netdev,bool enable)122 static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable)
123 {
124 	netdev_warn(netdev, "kTLS is not supported\n");
125 	return -EOPNOTSUPP;
126 }
127 
128 static inline struct mlx5e_ktls_resync_resp *
mlx5e_ktls_rx_resync_create_resp_list(void)129 mlx5e_ktls_rx_resync_create_resp_list(void)
130 {
131 	return ERR_PTR(-EOPNOTSUPP);
132 }
133 
134 static inline void
mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp * resp_list)135 mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {}
136 
mlx5e_is_ktls_rx(struct mlx5_core_dev * mdev)137 static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev)
138 {
139 	return false;
140 }
141 
mlx5e_ktls_init(struct mlx5e_priv * priv)142 static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; }
mlx5e_ktls_cleanup(struct mlx5e_priv * priv)143 static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { }
mlx5e_ktls_get_count(struct mlx5e_priv * priv)144 static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; }
mlx5e_ktls_get_strings(struct mlx5e_priv * priv,uint8_t * data)145 static inline int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data)
146 {
147 	return 0;
148 }
149 
mlx5e_ktls_get_stats(struct mlx5e_priv * priv,u64 * data)150 static inline int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data)
151 {
152 	return 0;
153 }
154 #endif
155 
156 #endif /* __MLX5E_TLS_H__ */
157