1 /* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */
2 /* Copyright (c) 2019 Mellanox Technologies. */
3 
4 #ifndef __MLX5E_KTLS_H__
5 #define __MLX5E_KTLS_H__
6 
7 #include <linux/debugfs.h>
8 #include <linux/tls.h>
9 #include <net/tls.h>
10 #include "en.h"
11 
12 #ifdef CONFIG_MLX5_EN_TLS
13 #include "lib/crypto.h"
14 #include "lib/mlx5.h"
15 
16 struct mlx5_crypto_dek *mlx5_ktls_create_key(struct mlx5_crypto_dek_pool *dek_pool,
17 					     struct tls_crypto_info *crypto_info);
18 void mlx5_ktls_destroy_key(struct mlx5_crypto_dek_pool *dek_pool,
19 			   struct mlx5_crypto_dek *dek);
20 
mlx5e_is_ktls_device(struct mlx5_core_dev * mdev)21 static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev)
22 {
23 	if (is_kdump_kernel())
24 		return false;
25 
26 	if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx))
27 		return false;
28 
29 	if (!MLX5_CAP_GEN(mdev, log_max_dek))
30 		return false;
31 
32 	return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) ||
33 		MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256));
34 }
35 
mlx5e_ktls_type_check(struct mlx5_core_dev * mdev,struct tls_crypto_info * crypto_info)36 static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
37 					 struct tls_crypto_info *crypto_info)
38 {
39 	switch (crypto_info->cipher_type) {
40 	case TLS_CIPHER_AES_GCM_128:
41 		if (crypto_info->version == TLS_1_2_VERSION)
42 			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_128);
43 		break;
44 	case TLS_CIPHER_AES_GCM_256:
45 		if (crypto_info->version == TLS_1_2_VERSION)
46 			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_256);
47 		break;
48 	}
49 
50 	return false;
51 }
52 
53 void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv);
54 int mlx5e_ktls_init_tx(struct mlx5e_priv *priv);
55 void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv);
56 int mlx5e_ktls_init_rx(struct mlx5e_priv *priv);
57 void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv);
58 int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable);
59 struct mlx5e_ktls_resync_resp *
60 mlx5e_ktls_rx_resync_create_resp_list(void);
61 void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list);
62 
mlx5e_is_ktls_tx(struct mlx5_core_dev * mdev)63 static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev)
64 {
65 	return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx) &&
66 		!mlx5_get_sd(mdev);
67 }
68 
69 bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev);
70 
71 struct mlx5e_tls_sw_stats {
72 	atomic64_t tx_tls_ctx;
73 	atomic64_t tx_tls_del;
74 	atomic64_t tx_tls_pool_alloc;
75 	atomic64_t tx_tls_pool_free;
76 	atomic64_t rx_tls_ctx;
77 	atomic64_t rx_tls_del;
78 };
79 
80 struct mlx5e_tls_debugfs {
81 	struct dentry *dfs;
82 	struct dentry *dfs_tx;
83 };
84 
85 struct mlx5e_tls {
86 	struct mlx5_core_dev *mdev;
87 	struct mlx5e_tls_sw_stats sw_stats;
88 	struct workqueue_struct *rx_wq;
89 	struct mlx5e_tls_tx_pool *tx_pool;
90 	struct mlx5_crypto_dek_pool *dek_pool;
91 	struct mlx5e_tls_debugfs debugfs;
92 };
93 
94 int mlx5e_ktls_init(struct mlx5e_priv *priv);
95 void mlx5e_ktls_cleanup(struct mlx5e_priv *priv);
96 
97 int mlx5e_ktls_get_count(struct mlx5e_priv *priv);
98 void mlx5e_ktls_get_strings(struct mlx5e_priv *priv, u8 **data);
99 void mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 **data);
100 
101 #else
mlx5e_ktls_build_netdev(struct mlx5e_priv * priv)102 static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv)
103 {
104 }
105 
mlx5e_ktls_init_tx(struct mlx5e_priv * priv)106 static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv)
107 {
108 	return 0;
109 }
110 
mlx5e_ktls_cleanup_tx(struct mlx5e_priv * priv)111 static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv)
112 {
113 }
114 
mlx5e_ktls_init_rx(struct mlx5e_priv * priv)115 static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv)
116 {
117 	return 0;
118 }
119 
mlx5e_ktls_cleanup_rx(struct mlx5e_priv * priv)120 static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv)
121 {
122 }
123 
mlx5e_ktls_set_feature_rx(struct net_device * netdev,bool enable)124 static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable)
125 {
126 	netdev_warn(netdev, "kTLS is not supported\n");
127 	return -EOPNOTSUPP;
128 }
129 
130 static inline struct mlx5e_ktls_resync_resp *
mlx5e_ktls_rx_resync_create_resp_list(void)131 mlx5e_ktls_rx_resync_create_resp_list(void)
132 {
133 	return ERR_PTR(-EOPNOTSUPP);
134 }
135 
136 static inline void
mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp * resp_list)137 mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {}
138 
mlx5e_is_ktls_rx(struct mlx5_core_dev * mdev)139 static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev)
140 {
141 	return false;
142 }
143 
mlx5e_ktls_init(struct mlx5e_priv * priv)144 static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; }
mlx5e_ktls_cleanup(struct mlx5e_priv * priv)145 static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { }
mlx5e_ktls_get_count(struct mlx5e_priv * priv)146 static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; }
mlx5e_ktls_get_strings(struct mlx5e_priv * priv,u8 ** data)147 static inline void mlx5e_ktls_get_strings(struct mlx5e_priv *priv, u8 **data) { }
148 
mlx5e_ktls_get_stats(struct mlx5e_priv * priv,u64 ** data)149 static inline void mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 **data) { }
150 #endif
151 
152 #endif /* __MLX5E_TLS_H__ */
153