1 /*- 2 * Copyright (c) 2021-2022 NVIDIA corporation & affiliates. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 */ 25 26 #ifndef _MLX5_TLS_RX_H_ 27 #define _MLX5_TLS_RX_H_ 28 29 #include <linux/completion.h> 30 31 #define MLX5E_TLS_RX_PROGRESS_BUFFER_SIZE 128 32 33 #define MLX5E_TLS_RX_RESYNC_MAX 32 /* units */ 34 #define MLX5E_TLS_RX_NUM_MAX (1U << 11) /* packets */ 35 36 #define MLX5E_TLS_RX_TAG_LOCK(tag) mtx_lock(&(tag)->mtx) 37 #define MLX5E_TLS_RX_TAG_UNLOCK(tag) mtx_unlock(&(tag)->mtx) 38 39 #define MLX5E_TLS_RX_STAT_INC(tag, field, num) \ 40 counter_u64_add((tag)->tls_rx->stats.field, num) 41 42 #if ((MLX5E_TLS_RX_RESYNC_MAX * MLX5E_TLS_RX_NUM_MAX) << 14) > (1U << 30) 43 #error "Please lower the limits of the TLS record length database." 44 #endif 45 46 enum { 47 MLX5E_TLS_RX_PROGRESS_PARAMS_AUTH_STATE_NO_OFFLOAD = 0, 48 MLX5E_TLS_RX_PROGRESS_PARAMS_AUTH_STATE_OFFLOAD = 1, 49 MLX5E_TLS_RX_PROGRESS_PARAMS_AUTH_STATE_AUTHENTICATION = 2, 50 }; 51 52 enum { 53 MLX5E_TLS_RX_PROGRESS_PARAMS_RECORD_TRACKER_STATE_START = 0, 54 MLX5E_TLS_RX_PROGRESS_PARAMS_RECORD_TRACKER_STATE_TRACKING = 1, 55 MLX5E_TLS_RX_PROGRESS_PARAMS_RECORD_TRACKER_STATE_SEARCHING = 2, 56 }; 57 58 struct mlx5e_tls_rx; 59 struct mlx5e_tls_rx_tag { 60 struct m_snd_tag tag; 61 uint32_t tirn; /* HW TIR context number */ 62 uint32_t dek_index; /* HW TLS context number */ 63 struct mlx5e_tls_rx *tls_rx; /* parent pointer */ 64 struct mlx5_flow_handle *flow_rule; 65 struct mtx mtx; 66 struct completion progress_complete; 67 uint32_t state; /* see MLX5E_TLS_RX_ST_XXX */ 68 #define MLX5E_TLS_RX_ST_INIT 0 69 #define MLX5E_TLS_RX_ST_SETUP 1 70 #define MLX5E_TLS_RX_ST_READY 2 71 #define MLX5E_TLS_RX_ST_RELEASE 3 72 #define MLX5E_TLS_RX_ST_FREED 4 73 74 /* 75 * The following fields are used to store the TCP starting 76 * point of TLS records in the past. When TLS records of same 77 * length are back to back the tcp_resync_num[] is incremented 78 * instead of creating new entries. This way up to 79 * "MLX5E_TLS_RX_RESYNC_MAX" * "MLX5E_TLS_RX_NUM_MAX" * 16 80 * KBytes, around 1GByte worth of TCP data, may be remembered 81 * in the good case. The amount of history should not exceed 82 * 2GBytes of TCP data, because then the TCP sequence numbers 83 * may wrap around. 84 * 85 * This information is used to tell if a given TCP sequence 86 * number is a valid TLS record or not. 87 */ 88 uint64_t rcd_resync_start; /* starting TLS record number */ 89 uint32_t tcp_resync_start; /* starting TCP sequence number */ 90 uint32_t tcp_resync_next; /* next expected TCP sequence number */ 91 uint32_t tcp_resync_len[MLX5E_TLS_RX_RESYNC_MAX]; 92 uint32_t tcp_resync_num[MLX5E_TLS_RX_RESYNC_MAX]; 93 uint16_t tcp_resync_pc; /* producer counter for arrays above */ 94 uint16_t tcp_resync_cc; /* consumer counter for arrays above */ 95 96 struct work_struct work; 97 98 uint32_t flowid; 99 uint32_t flowtype; 100 uint32_t dek_index_ok:1; 101 uint32_t tcp_resync_active:1; 102 uint32_t tcp_resync_pending:1; 103 104 /* parameters needed */ 105 uint8_t crypto_params[128] __aligned(4); 106 uint8_t rx_progress[MLX5E_TLS_RX_PROGRESS_BUFFER_SIZE * 2]; 107 } __aligned(MLX5E_CACHELINE_SIZE); 108 109 static inline void * 110 mlx5e_tls_rx_get_progress_buffer(struct mlx5e_tls_rx_tag *ptag) 111 { 112 /* return properly aligned RX buffer */ 113 return (ptag->rx_progress + 114 ((-(uintptr_t)ptag->rx_progress) & 115 (MLX5E_TLS_RX_PROGRESS_BUFFER_SIZE - 1))); 116 } 117 118 #define MLX5E_TLS_RX_STATS(m) \ 119 m(+1, u64, rx_resync_ok, "rx_resync_ok", "Successful resync requests")\ 120 m(+1, u64, rx_resync_err, "rx_resync_err", "Failed resync requests")\ 121 m(+1, u64, rx_error, "rx_error", "Other errors") 122 123 #define MLX5E_TLS_RX_STATS_NUM (0 MLX5E_TLS_RX_STATS(MLX5E_STATS_COUNT)) 124 125 struct mlx5e_tls_rx_stats { 126 struct sysctl_ctx_list ctx; 127 counter_u64_t arg[0]; 128 MLX5E_TLS_RX_STATS(MLX5E_STATS_COUNTER) 129 }; 130 131 struct mlx5e_tls_rx { 132 struct sysctl_ctx_list ctx; 133 struct mlx5e_tls_rx_stats stats; 134 struct workqueue_struct *wq; 135 uma_zone_t zone; 136 uint32_t max_resources; /* max number of resources */ 137 volatile uint32_t num_resources; /* current number of resources */ 138 int init; /* set when ready */ 139 char zname[32]; 140 }; 141 142 int mlx5e_tls_rx_init(struct mlx5e_priv *); 143 void mlx5e_tls_rx_cleanup(struct mlx5e_priv *); 144 145 if_snd_tag_alloc_t mlx5e_tls_rx_snd_tag_alloc; 146 147 #endif /* _MLX5_TLS_RX_H_ */ 148