projects / linux-2.6-block.git / blame
| Commit | Line | Data |
|---|---|---|
| 547eede0 IT |
1 | /* |
| 2 | * Copyright (c) 2017 Mellanox Technologies. All rights reserved. | |
| 3 | * | |
| 4 | * This software is available to you under a choice of one of two | |
| 5 | * licenses. You may choose to be licensed under the terms of the GNU | |
| 6 | * General Public License (GPL) Version 2, available from the file | |
| 7 | * COPYING in the main directory of this source tree, or the | |
| 8 | * OpenIB.org BSD license below: | |
| 9 | * | |
| 10 | * Redistribution and use in source and binary forms, with or | |
| 11 | * without modification, are permitted provided that the following | |
| 12 | * conditions are met: | |
| 13 | * | |
| 14 | * - Redistributions of source code must retain the above | |
| 15 | * copyright notice, this list of conditions and the following | |
| 16 | * disclaimer. | |
| 17 | * | |
| 18 | * - Redistributions in binary form must reproduce the above | |
| 19 | * copyright notice, this list of conditions and the following | |
| 20 | * disclaimer in the documentation and/or other materials | |
| 21 | * provided with the distribution. | |
| 22 | * | |
| 23 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | |
| 24 | * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | |
| 25 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND | |
| 26 | * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS | |
| 27 | * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN | |
| 28 | * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN | |
| 29 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
| 30 | * SOFTWARE. | |
| 31 | * | |
| 32 | */ | |
| 33 | ||
| 34 | #ifndef __MLX5E_IPSEC_H__ | |
| 35 | #define __MLX5E_IPSEC_H__ | |
| 36 | ||
| 37 | #ifdef CONFIG_MLX5_EN_IPSEC | |
| 38 | ||
| 39 | #include <linux/mlx5/device.h> | |
| 40 | #include <net/xfrm.h> | |
| 41 | #include <linux/idr.h> | |
| 42 | ||
| cb010083 AY |
43 | #include "accel/ipsec.h" |
| 44 | ||
| 547eede0 | 45 | #define MLX5E_IPSEC_SADB_RX_BITS 10 |
| cb010083 AY |
46 | #define MLX5E_IPSEC_ESN_SCOPE_MID 0x80000000L |
| 47 | ||
| 547eede0 IT |
48 | struct mlx5e_priv; |
| 49 | ||
| 899a59d3 IT |
50 | struct mlx5e_ipsec_sw_stats { |
| 51 | atomic64_t ipsec_rx_drop_sp_alloc; | |
| 52 | atomic64_t ipsec_rx_drop_sadb_miss; | |
| 53 | atomic64_t ipsec_rx_drop_syndrome; | |
| 2ac9cfe7 IT |
54 | atomic64_t ipsec_tx_drop_bundle; |
| 55 | atomic64_t ipsec_tx_drop_no_state; | |
| 56 | atomic64_t ipsec_tx_drop_not_ip; | |
| 57 | atomic64_t ipsec_tx_drop_trailer; | |
| 58 | atomic64_t ipsec_tx_drop_metadata; | |
| 899a59d3 IT |
59 | }; |
| 60 | ||
| 164f16f7 IT |
61 | struct mlx5e_ipsec_stats { |
| 62 | u64 ipsec_dec_in_packets; | |
| 63 | u64 ipsec_dec_out_packets; | |
| 64 | u64 ipsec_dec_bypass_packets; | |
| 65 | u64 ipsec_enc_in_packets; | |
| 66 | u64 ipsec_enc_out_packets; | |
| 67 | u64 ipsec_enc_bypass_packets; | |
| 68 | u64 ipsec_dec_drop_packets; | |
| 69 | u64 ipsec_dec_auth_fail_packets; | |
| 70 | u64 ipsec_enc_drop_packets; | |
| 71 | u64 ipsec_add_sa_success; | |
| 72 | u64 ipsec_add_sa_fail; | |
| 73 | u64 ipsec_del_sa_success; | |
| 74 | u64 ipsec_del_sa_fail; | |
| 75 | u64 ipsec_cmd_drop; | |
| 76 | }; | |
| 77 | ||
| 5e466345 HN |
78 | struct mlx5e_accel_fs_esp; |
| 79 | ||
| 547eede0 IT |
80 | struct mlx5e_ipsec { |
| 81 | struct mlx5e_priv *en_priv; | |
| 82 | DECLARE_HASHTABLE(sadb_rx, MLX5E_IPSEC_SADB_RX_BITS); | |
| 788a8210 | 83 | bool no_trailer; |
| 547eede0 IT |
84 | spinlock_t sadb_rx_lock; /* Protects sadb_rx and halloc */ |
| 85 | struct ida halloc; | |
| 899a59d3 | 86 | struct mlx5e_ipsec_sw_stats sw_stats; |
| 164f16f7 | 87 | struct mlx5e_ipsec_stats stats; |
| cb010083 | 88 | struct workqueue_struct *wq; |
| 5e466345 | 89 | struct mlx5e_accel_fs_esp *rx_fs; |
| cb010083 AY |
90 | }; |
| 91 | ||
| 92 | struct mlx5e_ipsec_esn_state { | |
| 93 | u32 esn; | |
| 94 | u8 trigger: 1; | |
| 95 | u8 overlap: 1; | |
| 96 | }; | |
| 97 | ||
| 5e466345 HN |
98 | struct mlx5e_ipsec_rule { |
| 99 | struct mlx5_flow_handle *rule; | |
| 100 | struct mlx5_modify_hdr *set_modify_hdr; | |
| 101 | }; | |
| 102 | ||
| cb010083 AY |
103 | struct mlx5e_ipsec_sa_entry { |
| 104 | struct hlist_node hlist; /* Item in SADB_RX hashtable */ | |
| 105 | struct mlx5e_ipsec_esn_state esn_state; | |
| 106 | unsigned int handle; /* Handle in SADB_RX */ | |
| 107 | struct xfrm_state *x; | |
| 108 | struct mlx5e_ipsec *ipsec; | |
| 109 | struct mlx5_accel_esp_xfrm *xfrm; | |
| 110 | void *hw_context; | |
| 111 | void (*set_iv_op)(struct sk_buff *skb, struct xfrm_state *x, | |
| 112 | struct xfrm_offload *xo); | |
| 5e466345 HN |
113 | u32 ipsec_obj_id; |
| 114 | struct mlx5e_ipsec_rule ipsec_rule; | |
| 547eede0 IT |
115 | }; |
| 116 | ||
| 2ac9cfe7 | 117 | void mlx5e_ipsec_build_inverse_table(void); |
| 547eede0 IT |
118 | int mlx5e_ipsec_init(struct mlx5e_priv *priv); |
| 119 | void mlx5e_ipsec_cleanup(struct mlx5e_priv *priv); | |
| 120 | void mlx5e_ipsec_build_netdev(struct mlx5e_priv *priv); | |
| 121 | ||
| 122 | struct xfrm_state *mlx5e_ipsec_sadb_rx_lookup(struct mlx5e_ipsec *dev, | |
| 123 | unsigned int handle); | |
| 124 | ||
| 125 | #else | |
| 126 | ||
| 2ac9cfe7 IT |
127 | static inline void mlx5e_ipsec_build_inverse_table(void) |
| 128 | { | |
| 129 | } | |
| 130 | ||
| 547eede0 IT |
131 | static inline int mlx5e_ipsec_init(struct mlx5e_priv *priv) |
| 132 | { | |
| 133 | return 0; | |
| 134 | } | |
| 135 | ||
| 136 | static inline void mlx5e_ipsec_cleanup(struct mlx5e_priv *priv) | |
| 137 | { | |
| 138 | } | |
| 139 | ||
| 140 | static inline void mlx5e_ipsec_build_netdev(struct mlx5e_priv *priv) | |
| 141 | { | |
| 142 | } | |
| 143 | ||
| 144 | #endif | |
| 145 | ||
| 146 | #endif /* __MLX5E_IPSEC_H__ */ |