1 /* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */
2 /* Copyright (c) 2019 Mellanox Technologies. */
4 #ifndef __MLX5E_KTLS_H__
5 #define __MLX5E_KTLS_H__
7 #include <linux/debugfs.h>
12 #ifdef CONFIG_MLX5_EN_TLS
13 #include "lib/crypto.h"
16 struct mlx5_crypto_dek *mlx5_ktls_create_key(struct mlx5_crypto_dek_pool *dek_pool,
17 struct tls_crypto_info *crypto_info);
18 void mlx5_ktls_destroy_key(struct mlx5_crypto_dek_pool *dek_pool,
19 struct mlx5_crypto_dek *dek);
21 static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev)
23 if (is_kdump_kernel())
26 if (!MLX5_CAP_GEN(mdev, tls_tx) && !MLX5_CAP_GEN(mdev, tls_rx))
29 if (!MLX5_CAP_GEN(mdev, log_max_dek))
32 return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) ||
33 MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256));
36 static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
37 struct tls_crypto_info *crypto_info)
39 switch (crypto_info->cipher_type) {
40 case TLS_CIPHER_AES_GCM_128:
41 if (crypto_info->version == TLS_1_2_VERSION)
42 return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128);
44 case TLS_CIPHER_AES_GCM_256:
45 if (crypto_info->version == TLS_1_2_VERSION)
46 return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256);
53 void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv);
54 int mlx5e_ktls_init_tx(struct mlx5e_priv *priv);
55 void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv);
56 int mlx5e_ktls_init_rx(struct mlx5e_priv *priv);
57 void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv);
58 int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable);
59 struct mlx5e_ktls_resync_resp *
60 mlx5e_ktls_rx_resync_create_resp_list(void);
61 void mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list);
63 static inline bool mlx5e_is_ktls_tx(struct mlx5_core_dev *mdev)
65 return !is_kdump_kernel() && MLX5_CAP_GEN(mdev, tls_tx) &&
69 bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev);
71 struct mlx5e_tls_sw_stats {
72 atomic64_t tx_tls_ctx;
73 atomic64_t tx_tls_del;
74 atomic64_t tx_tls_pool_alloc;
75 atomic64_t tx_tls_pool_free;
76 atomic64_t rx_tls_ctx;
77 atomic64_t rx_tls_del;
80 struct mlx5e_tls_debugfs {
82 struct dentry *dfs_tx;
86 struct mlx5_core_dev *mdev;
87 struct mlx5e_tls_sw_stats sw_stats;
88 struct workqueue_struct *rx_wq;
89 struct mlx5e_tls_tx_pool *tx_pool;
90 struct mlx5_crypto_dek_pool *dek_pool;
91 struct mlx5e_tls_debugfs debugfs;
94 int mlx5e_ktls_init(struct mlx5e_priv *priv);
95 void mlx5e_ktls_cleanup(struct mlx5e_priv *priv);
97 int mlx5e_ktls_get_count(struct mlx5e_priv *priv);
98 int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data);
99 int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data);
102 static inline void mlx5e_ktls_build_netdev(struct mlx5e_priv *priv)
106 static inline int mlx5e_ktls_init_tx(struct mlx5e_priv *priv)
111 static inline void mlx5e_ktls_cleanup_tx(struct mlx5e_priv *priv)
115 static inline int mlx5e_ktls_init_rx(struct mlx5e_priv *priv)
120 static inline void mlx5e_ktls_cleanup_rx(struct mlx5e_priv *priv)
124 static inline int mlx5e_ktls_set_feature_rx(struct net_device *netdev, bool enable)
126 netdev_warn(netdev, "kTLS is not supported\n");
130 static inline struct mlx5e_ktls_resync_resp *
131 mlx5e_ktls_rx_resync_create_resp_list(void)
133 return ERR_PTR(-EOPNOTSUPP);
137 mlx5e_ktls_rx_resync_destroy_resp_list(struct mlx5e_ktls_resync_resp *resp_list) {}
139 static inline bool mlx5e_is_ktls_rx(struct mlx5_core_dev *mdev)
144 static inline int mlx5e_ktls_init(struct mlx5e_priv *priv) { return 0; }
145 static inline void mlx5e_ktls_cleanup(struct mlx5e_priv *priv) { }
146 static inline int mlx5e_ktls_get_count(struct mlx5e_priv *priv) { return 0; }
147 static inline int mlx5e_ktls_get_strings(struct mlx5e_priv *priv, uint8_t *data)
152 static inline int mlx5e_ktls_get_stats(struct mlx5e_priv *priv, u64 *data)
158 #endif /* __MLX5E_TLS_H__ */