1 /*- 2 * Copyright (c) 2019-2021, Mellanox Technologies, Ltd. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 */ 25 26 #include "opt_rss.h" 27 #include "opt_ratelimit.h" 28 29 #include <linux/kernel.h> 30 #include <linux/module.h> 31 #include <dev/mlx5/driver.h> 32 #include <dev/mlx5/tls.h> 33 #include <dev/mlx5/mlx5_core/mlx5_core.h> 34 #include <dev/mlx5/mlx5_core/transobj.h> 35 36 int mlx5_encryption_key_create(struct mlx5_core_dev *mdev, u32 pdn, 37 const void *p_key, u32 key_len, u32 *p_obj_id) 38 { 39 u32 in[MLX5_ST_SZ_DW(create_encryption_key_in)] = {}; 40 u32 out[MLX5_ST_SZ_DW(create_encryption_key_out)] = {}; 41 u64 general_obj_types; 42 int err; 43 44 general_obj_types = MLX5_CAP_GEN_64(mdev, general_obj_types); 45 if (!(general_obj_types & MLX5_HCA_CAP_GENERAL_OBJ_TYPES_ENCRYPTION_KEY)) 46 return -EINVAL; 47 48 switch (key_len) { 49 case 128 / 8: 50 memcpy(MLX5_ADDR_OF(create_encryption_key_in, in, 51 encryption_key_object.key[4]), p_key, 128 / 8); 52 MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn); 53 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size, 54 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_128); 55 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type, 56 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK); 57 break; 58 case 256 / 8: 59 memcpy(MLX5_ADDR_OF(create_encryption_key_in, in, 60 encryption_key_object.key[0]), p_key, 256 / 8); 61 MLX5_SET(create_encryption_key_in, in, encryption_key_object.pd, pdn); 62 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_size, 63 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_256); 64 MLX5_SET(create_encryption_key_in, in, encryption_key_object.key_type, 65 MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK); 66 break; 67 default: 68 return -EINVAL; 69 } 70 71 MLX5_SET(create_encryption_key_in, in, opcode, MLX5_CMD_OP_CREATE_GENERAL_OBJ); 72 MLX5_SET(create_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY); 73 74 err = mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out)); 75 if (err == 0) 76 *p_obj_id = MLX5_GET(create_encryption_key_out, out, obj_id); 77 78 /* avoid leaking key on the stack */ 79 memset(in, 0, sizeof(in)); 80 81 return err; 82 } 83 84 int mlx5_encryption_key_destroy(struct mlx5_core_dev *mdev, u32 oid) 85 { 86 u32 in[MLX5_ST_SZ_DW(destroy_encryption_key_in)] = {}; 87 u32 out[MLX5_ST_SZ_DW(destroy_encryption_key_out)] = {}; 88 89 MLX5_SET(destroy_encryption_key_in, in, opcode, MLX5_CMD_OP_DESTROY_GENERAL_OBJ); 90 MLX5_SET(destroy_encryption_key_in, in, obj_type, MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY); 91 MLX5_SET(destroy_encryption_key_in, in, obj_id, oid); 92 93 return mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out)); 94 } 95 96 int mlx5_tls_open_tis(struct mlx5_core_dev *mdev, int tc, int tdn, int pdn, u32 *p_tisn) 97 { 98 u32 in[MLX5_ST_SZ_DW(create_tis_in)] = {}; 99 void *tisc = MLX5_ADDR_OF(create_tis_in, in, ctx); 100 int err; 101 102 MLX5_SET(tisc, tisc, prio, tc); 103 MLX5_SET(tisc, tisc, transport_domain, tdn); 104 MLX5_SET(tisc, tisc, tls_en, 1); 105 MLX5_SET(tisc, tisc, pd, pdn); 106 107 err = mlx5_core_create_tis(mdev, in, sizeof(in), p_tisn); 108 if (err) 109 return (err); 110 else if (*p_tisn == 0) 111 return (-EINVAL); 112 else 113 return (0); /* success */ 114 } 115 116 void mlx5_tls_close_tis(struct mlx5_core_dev *mdev, u32 tisn) 117 { 118 119 mlx5_core_destroy_tis(mdev, tisn, 0); 120 } 121 122 int mlx5_tls_open_tir(struct mlx5_core_dev *mdev, int tdn, int rqtn, u32 *p_tirn) 123 { 124 u32 in[MLX5_ST_SZ_DW(create_tir_in)] = {}; 125 void *tirc = MLX5_ADDR_OF(create_tir_in, in, tir_context); 126 int err; 127 128 MLX5_SET(tirc, tirc, transport_domain, tdn); 129 MLX5_SET(tirc, tirc, disp_type, MLX5_TIRC_DISP_TYPE_INDIRECT); 130 MLX5_SET(tirc, tirc, rx_hash_fn, MLX5_TIRC_RX_HASH_FN_HASH_INVERTED_XOR8); 131 MLX5_SET(tirc, tirc, indirect_table, rqtn); 132 MLX5_SET(tirc, tirc, tls_en, 1); 133 MLX5_SET(tirc, tirc, self_lb_en, 134 MLX5_TIRC_SELF_LB_EN_ENABLE_UNICAST | 135 MLX5_TIRC_SELF_LB_EN_ENABLE_MULTICAST); 136 137 err = mlx5_core_create_tir(mdev, in, sizeof(in), p_tirn); 138 if (err) 139 return (err); 140 else if (*p_tirn == 0) 141 return (-EINVAL); 142 else 143 return (0); /* success */ 144 } 145 146 void mlx5_tls_close_tir(struct mlx5_core_dev *mdev, u32 tirn) 147 { 148 mlx5_core_destroy_tir(mdev, tirn, 0); 149 } 150