xref: /spdk/include/spdk_internal/mlx5.h (revision b6875e1ce57743f3b1416016b9c624d79a862af9) 
1 /*   SPDX-License-Identifier: BSD-3-Clause
2  *   Copyright (c) 2022-2024, NVIDIA CORPORATION & AFFILIATES.
3  *   All rights reserved.
4  */
5 
6 #ifndef SPDK_MLX5_H
7 #define SPDK_MLX5_H
8 
9 #include <infiniband/mlx5dv.h>
10 
11 #define SPDK_MLX5_DEV_MAX_NAME_LEN 64
12 
13 struct spdk_mlx5_crypto_dek;
14 struct spdk_mlx5_crypto_keytag;
15 
16 struct spdk_mlx5_crypto_dek_create_attr {
17 	/* Data Encryption Key in binary form */
18 	char *dek;
19 	/* Length of the dek */
20 	size_t dek_len;
21 };
22 
23 /**
24  * Return a NULL terminated array of devices which support crypto operation on Nvidia NICs
25  *
26  * \param dev_num The size of the array or 0
27  * \return Array of contexts. This array must be released with \b spdk_mlx5_crypto_devs_release
28  */
29 struct ibv_context **spdk_mlx5_crypto_devs_get(int *dev_num);
30 
31 /**
32  * Releases array of devices allocated by \b spdk_mlx5_crypto_devs_get
33  *
34  * \param rdma_devs Array of device to be released
35  */
36 void spdk_mlx5_crypto_devs_release(struct ibv_context **rdma_devs);
37 
38 /**
39  * Create a keytag which contains DEKs per each crypto device in the system
40  *
41  * \param attr Crypto attributes
42  * \param out Keytag
43  * \return 0 on success, negated errno of failure
44  */
45 int spdk_mlx5_crypto_keytag_create(struct spdk_mlx5_crypto_dek_create_attr *attr,
46 				   struct spdk_mlx5_crypto_keytag **out);
47 
48 /**
49  * Destroy a keytag created using \b spdk_mlx5_crypto_keytag_create
50  *
51  * \param keytag Keytag pointer
52  */
53 void spdk_mlx5_crypto_keytag_destroy(struct spdk_mlx5_crypto_keytag *keytag);
54 
55 /**
56  * Fills attributes used to register UMR with crypto operation
57  *
58  * \param attr_out Configured UMR attributes
59  * \param keytag Keytag with DEKs
60  * \param pd Protection Domain which is going to be used to register UMR. This function will find a DEK in \b keytag with the same PD
61  * \param block_size Logical block size
62  * \param iv Initialization vector or tweak. Usually that is logical block address
63  * \param encrypt_on_tx If set, memory data will be encrypted during TX and wire data will be decrypted during RX. If not set, memory data will be decrypted during TX and wire data will be encrypted during RX.
64  * \return 0 on success, negated errno on failure
65  */
66 int spdk_mlx5_crypto_set_attr(struct mlx5dv_crypto_attr *attr_out,
67 			      struct spdk_mlx5_crypto_keytag *keytag, struct ibv_pd *pd,
68 			      uint32_t block_size, uint64_t iv, bool encrypt_on_tx);
69 
70 /**
71  * Specify which devices are allowed to be used for crypto operation.
72  *
73  * If the user doesn't call this function then all devices which support crypto will be used.
74  * This function copies devices names. In order to free allocated memory, the user must call
75  * this function with either NULL \b dev_names or with \b devs_count equal 0. This way can also
76  * be used to allow all devices.
77  *
78  * Subsequent calls with non-NULL \b dev_names and non-zero \b devs_count current copied dev_names array.
79  *
80  * This function is not thread safe.
81  *
82  * \param dev_names Array of devices names which are allowed to be used for crypto operations
83  * \param devs_count Size of \b devs_count array
84  * \return 0 on success, negated errno on failure
85  */
86 int spdk_mlx5_crypto_devs_allow(const char *const dev_names[], size_t devs_count);
87 
88 #endif /* SPDK_MLX5_H */
89