e9dcd83155
Submitted by: kib@ Approved by: hselasky (mentor) MFC after: 1 week Sponsored by: Mellanox Technologies
140 lines
3.9 KiB
C
140 lines
3.9 KiB
C
/*-
|
|
* Copyright (c) 2017 Mellanox Technologies. All rights reserved.
|
|
*
|
|
* This software is available to you under a choice of one of two
|
|
* licenses. You may choose to be licensed under the terms of the GNU
|
|
* General Public License (GPL) Version 2, available from the file
|
|
* COPYING in the main directory of this source tree, or the
|
|
* OpenIB.org BSD license below:
|
|
*
|
|
* Redistribution and use in source and binary forms, with or
|
|
* without modification, are permitted provided that the following
|
|
* conditions are met:
|
|
*
|
|
* - Redistributions of source code must retain the above
|
|
* copyright notice, this list of conditions and the following
|
|
* disclaimer.
|
|
*
|
|
* - Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the following
|
|
* disclaimer in the documentation and/or other materials
|
|
* provided with the distribution.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
|
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
|
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
* SOFTWARE.
|
|
*
|
|
* $FreeBSD$
|
|
*/
|
|
|
|
#ifndef __MLX5_ACCEL_IPSEC_H__
|
|
#define __MLX5_ACCEL_IPSEC_H__
|
|
|
|
#ifdef CONFIG_MLX5_ACCEL
|
|
|
|
#include <dev/mlx5/driver.h>
|
|
|
|
enum {
|
|
MLX5_ACCEL_IPSEC_DEVICE = BIT(1),
|
|
MLX5_ACCEL_IPSEC_IPV6 = BIT(2),
|
|
MLX5_ACCEL_IPSEC_ESP = BIT(3),
|
|
MLX5_ACCEL_IPSEC_LSO = BIT(4),
|
|
};
|
|
|
|
#define MLX5_IPSEC_SADB_IP_AH BIT(7)
|
|
#define MLX5_IPSEC_SADB_IP_ESP BIT(6)
|
|
#define MLX5_IPSEC_SADB_SA_VALID BIT(5)
|
|
#define MLX5_IPSEC_SADB_SPI_EN BIT(4)
|
|
#define MLX5_IPSEC_SADB_DIR_SX BIT(3)
|
|
#define MLX5_IPSEC_SADB_IPV6 BIT(2)
|
|
|
|
enum {
|
|
MLX5_IPSEC_CMD_ADD_SA = 0,
|
|
MLX5_IPSEC_CMD_DEL_SA = 1,
|
|
};
|
|
|
|
enum mlx5_accel_ipsec_enc_mode {
|
|
MLX5_IPSEC_SADB_MODE_NONE = 0,
|
|
MLX5_IPSEC_SADB_MODE_AES_GCM_128_AUTH_128 = 1,
|
|
MLX5_IPSEC_SADB_MODE_AES_GCM_256_AUTH_128 = 3,
|
|
};
|
|
|
|
#define MLX5_IPSEC_DEV(mdev) (mlx5_accel_ipsec_device_caps(mdev) & \
|
|
MLX5_ACCEL_IPSEC_DEVICE)
|
|
|
|
struct mlx5_accel_ipsec_sa {
|
|
__be32 cmd;
|
|
u8 key_enc[32];
|
|
u8 key_auth[32];
|
|
__be32 sip[4];
|
|
__be32 dip[4];
|
|
union {
|
|
struct {
|
|
__be32 reserved;
|
|
u8 salt_iv[8];
|
|
__be32 salt;
|
|
} __packed gcm;
|
|
struct {
|
|
u8 salt[16];
|
|
} __packed cbc;
|
|
};
|
|
__be32 spi;
|
|
__be32 sw_sa_handle;
|
|
__be16 tfclen;
|
|
u8 enc_mode;
|
|
u8 sip_masklen;
|
|
u8 dip_masklen;
|
|
u8 flags;
|
|
u8 reserved[2];
|
|
} __packed;
|
|
|
|
/**
|
|
* mlx5_accel_ipsec_sa_cmd_exec - Execute an IPSec SADB command
|
|
* @mdev: mlx5 device
|
|
* @cmd: command to execute
|
|
* May be called from atomic context. Returns context pointer, or error
|
|
* Caller must eventually call mlx5_accel_ipsec_sa_cmd_wait from non-atomic
|
|
* context, to cleanup the context pointer
|
|
*/
|
|
void *mlx5_accel_ipsec_sa_cmd_exec(struct mlx5_core_dev *mdev,
|
|
struct mlx5_accel_ipsec_sa *cmd);
|
|
|
|
/**
|
|
* mlx5_accel_ipsec_sa_cmd_wait - Wait for command execution completion
|
|
* @context: Context pointer returned from call to mlx5_accel_ipsec_sa_cmd_exec
|
|
* Sleeps (killable) until command execution is complete.
|
|
* Returns the command result, or -EINTR if killed
|
|
*/
|
|
int mlx5_accel_ipsec_sa_cmd_wait(void *context);
|
|
|
|
u32 mlx5_accel_ipsec_device_caps(struct mlx5_core_dev *mdev);
|
|
|
|
unsigned int mlx5_accel_ipsec_counters_count(struct mlx5_core_dev *mdev);
|
|
int mlx5_accel_ipsec_counters_read(struct mlx5_core_dev *mdev, u64 *counters,
|
|
unsigned int count);
|
|
|
|
int mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev);
|
|
void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev);
|
|
|
|
#else
|
|
|
|
#define MLX5_IPSEC_DEV(mdev) false
|
|
|
|
static inline int mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev)
|
|
{
|
|
}
|
|
|
|
#endif
|
|
|
|
#endif /* __MLX5_ACCEL_IPSEC_H__ */
|