xref: /freebsd/sys/dev/cxgbe/tom/t4_tls.c (revision 6cf748ad948897de636c972debf5733624f6fc20)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2017-2018 Chelsio Communications, Inc.
5  * All rights reserved.
6  * Written by: John Baldwin <jhb@FreeBSD.org>
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #include "opt_inet.h"
31 #include "opt_kern_tls.h"
32 
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
35 
36 #ifdef KERN_TLS
37 #include <sys/param.h>
38 #include <sys/ktr.h>
39 #include <sys/ktls.h>
40 #include <sys/sglist.h>
41 #include <sys/socket.h>
42 #include <sys/socketvar.h>
43 #include <sys/systm.h>
44 #include <netinet/in.h>
45 #include <netinet/in_pcb.h>
46 #include <netinet/tcp_var.h>
47 #include <netinet/toecore.h>
48 #include <opencrypto/cryptodev.h>
49 #include <opencrypto/xform.h>
50 
51 #ifdef TCP_OFFLOAD
52 #include "common/common.h"
53 #include "common/t4_tcb.h"
54 #include "crypto/t4_crypto.h"
55 #include "tom/t4_tom_l2t.h"
56 #include "tom/t4_tom.h"
57 
58 /*
59  * The TCP sequence number of a CPL_TLS_DATA mbuf is saved here while
60  * the mbuf is in the ulp_pdu_reclaimq.
61  */
62 #define	tls_tcp_seq	PH_loc.thirtytwo[0]
63 
64 static void
65 t4_set_tls_tcb_field(struct toepcb *toep, uint16_t word, uint64_t mask,
66     uint64_t val)
67 {
68 	struct adapter *sc = td_adapter(toep->td);
69 
70 	t4_set_tcb_field(sc, &toep->ofld_txq->wrq, toep, word, mask, val, 0, 0);
71 }
72 
73 /* TLS and DTLS common routines */
74 bool
75 can_tls_offload(struct adapter *sc)
76 {
77 
78 	return (sc->tt.tls && sc->cryptocaps & FW_CAPS_CONFIG_TLSKEYS);
79 }
80 
81 int
82 tls_tx_key(struct toepcb *toep)
83 {
84 	struct tls_ofld_info *tls_ofld = &toep->tls;
85 
86 	return (tls_ofld->tx_key_addr >= 0);
87 }
88 
89 /* Set TLS Key-Id in TCB */
90 static void
91 t4_set_tls_keyid(struct toepcb *toep, unsigned int key_id)
92 {
93 
94 	t4_set_tls_tcb_field(toep, W_TCB_RX_TLS_KEY_TAG,
95 			 V_TCB_RX_TLS_KEY_TAG(M_TCB_RX_TLS_BUF_TAG),
96 			 V_TCB_RX_TLS_KEY_TAG(key_id));
97 }
98 
99 /* Clear TF_RX_QUIESCE to re-enable receive. */
100 static void
101 t4_clear_rx_quiesce(struct toepcb *toep)
102 {
103 
104 	t4_set_tls_tcb_field(toep, W_TCB_T_FLAGS, V_TF_RX_QUIESCE(1), 0);
105 }
106 
107 static void
108 tls_clr_ofld_mode(struct toepcb *toep)
109 {
110 
111 	tls_stop_handshake_timer(toep);
112 
113 	KASSERT(toep->tls.rx_key_addr == -1,
114 	    ("%s: tid %d has RX key", __func__, toep->tid));
115 
116 	/* Switch to plain TOE mode. */
117 	t4_set_tls_tcb_field(toep, W_TCB_ULP_RAW,
118 	    V_TCB_ULP_RAW(V_TF_TLS_ENABLE(1)),
119 	    V_TCB_ULP_RAW(V_TF_TLS_ENABLE(0)));
120 	t4_set_tls_tcb_field(toep, W_TCB_ULP_TYPE,
121 	    V_TCB_ULP_TYPE(M_TCB_ULP_TYPE), V_TCB_ULP_TYPE(ULP_MODE_NONE));
122 	t4_clear_rx_quiesce(toep);
123 
124 	toep->flags &= ~(TPF_FORCE_CREDITS | TPF_TLS_ESTABLISHED);
125 	toep->params.ulp_mode = ULP_MODE_NONE;
126 }
127 
128 /* TLS/DTLS content type  for CPL SFO */
129 static inline unsigned char
130 tls_content_type(unsigned char content_type)
131 {
132 	/*
133 	 * XXX: Shouldn't this map CONTENT_TYPE_APP_DATA to DATA and
134 	 * default to "CUSTOM" for all other types including
135 	 * heartbeat?
136 	 */
137 	switch (content_type) {
138 	case CONTENT_TYPE_CCS:
139 		return CPL_TX_TLS_SFO_TYPE_CCS;
140 	case CONTENT_TYPE_ALERT:
141 		return CPL_TX_TLS_SFO_TYPE_ALERT;
142 	case CONTENT_TYPE_HANDSHAKE:
143 		return CPL_TX_TLS_SFO_TYPE_HANDSHAKE;
144 	case CONTENT_TYPE_HEARTBEAT:
145 		return CPL_TX_TLS_SFO_TYPE_HEARTBEAT;
146 	}
147 	return CPL_TX_TLS_SFO_TYPE_DATA;
148 }
149 
150 /* TLS Key memory management */
151 static void
152 clear_tls_keyid(struct toepcb *toep)
153 {
154 	struct tls_ofld_info *tls_ofld = &toep->tls;
155 	struct adapter *sc = td_adapter(toep->td);
156 
157 	if (tls_ofld->rx_key_addr >= 0) {
158 		t4_free_tls_keyid(sc, tls_ofld->rx_key_addr);
159 		tls_ofld->rx_key_addr = -1;
160 	}
161 	if (tls_ofld->tx_key_addr >= 0) {
162 		t4_free_tls_keyid(sc, tls_ofld->tx_key_addr);
163 		tls_ofld->tx_key_addr = -1;
164 	}
165 }
166 
167 static int
168 get_tp_plen_max(struct ktls_session *tls)
169 {
170 	int plen = ((min(3*4096, TP_TX_PG_SZ))/1448) * 1448;
171 
172 	return (tls->params.max_frame_len <= 8192 ? plen : FC_TP_PLEN_MAX);
173 }
174 
175 /* Send request to get the key-id */
176 static int
177 tls_program_key_id(struct toepcb *toep, struct ktls_session *tls,
178     int direction)
179 {
180 	struct tls_ofld_info *tls_ofld = &toep->tls;
181 	struct adapter *sc = td_adapter(toep->td);
182 	struct ofld_tx_sdesc *txsd;
183 	int keyid;
184 	struct wrqe *wr;
185 	struct tls_key_req *kwr;
186 	struct tls_keyctx *kctx;
187 
188 #ifdef INVARIANTS
189 	int kwrlen, kctxlen, len;
190 
191 	kwrlen = sizeof(*kwr);
192 	kctxlen = roundup2(sizeof(*kctx), 32);
193 	len = roundup2(kwrlen + kctxlen, 16);
194 	MPASS(TLS_KEY_WR_SZ == len);
195 #endif
196 	if (toep->txsd_avail == 0)
197 		return (EAGAIN);
198 
199 	if ((keyid = t4_alloc_tls_keyid(sc)) < 0) {
200 		return (ENOSPC);
201 	}
202 
203 	wr = alloc_wrqe(TLS_KEY_WR_SZ, &toep->ofld_txq->wrq);
204 	if (wr == NULL) {
205 		t4_free_tls_keyid(sc, keyid);
206 		return (ENOMEM);
207 	}
208 	kwr = wrtod(wr);
209 	memset(kwr, 0, TLS_KEY_WR_SZ);
210 
211 	t4_write_tlskey_wr(tls, direction, toep->tid, F_FW_WR_COMPL, keyid,
212 	    kwr);
213 	kctx = (struct tls_keyctx *)(kwr + 1);
214 	if (direction == KTLS_TX)
215 		tls_ofld->tx_key_addr = keyid;
216 	else
217 		tls_ofld->rx_key_addr = keyid;
218 	t4_tls_key_ctx(tls, direction, kctx);
219 
220 	txsd = &toep->txsd[toep->txsd_pidx];
221 	txsd->tx_credits = DIV_ROUND_UP(TLS_KEY_WR_SZ, 16);
222 	txsd->plen = 0;
223 	toep->tx_credits -= txsd->tx_credits;
224 	if (__predict_false(++toep->txsd_pidx == toep->txsd_total))
225 		toep->txsd_pidx = 0;
226 	toep->txsd_avail--;
227 
228 	t4_wrq_tx(sc, wr);
229 
230 	return (0);
231 }
232 
233 /*
234  * In some cases a client connection can hang without sending the
235  * ServerHelloDone message from the NIC to the host.  Send a dummy
236  * RX_DATA_ACK with RX_MODULATE to unstick the connection.
237  */
238 static void
239 tls_send_handshake_ack(void *arg)
240 {
241 	struct toepcb *toep = arg;
242 	struct tls_ofld_info *tls_ofld = &toep->tls;
243 	struct adapter *sc = td_adapter(toep->td);
244 
245 	/* Bail without rescheduling if the connection has closed. */
246 	if ((toep->flags & (TPF_FIN_SENT | TPF_ABORT_SHUTDOWN)) != 0)
247 		return;
248 
249 	/*
250 	 * If this connection has timed out without receiving more
251 	 * data, downgrade to plain TOE mode and don't re-arm the
252 	 * timer.
253 	 */
254 	if (sc->tt.tls_rx_timeout != 0) {
255 		struct inpcb *inp;
256 		struct tcpcb *tp;
257 
258 		inp = toep->inp;
259 		tp = intotcpcb(inp);
260 		if ((ticks - tp->t_rcvtime) >= sc->tt.tls_rx_timeout) {
261 			CTR2(KTR_CXGBE, "%s: tid %d clr_ofld_mode", __func__,
262 			    toep->tid);
263 			tls_clr_ofld_mode(toep);
264 			return;
265 		}
266 	}
267 
268 	/*
269 	 * XXX: Does not have the t4_get_tcb() checks to refine the
270 	 * workaround.
271 	 */
272 	callout_schedule(&tls_ofld->handshake_timer, TLS_SRV_HELLO_RD_TM * hz);
273 
274 	CTR2(KTR_CXGBE, "%s: tid %d sending RX_DATA_ACK", __func__, toep->tid);
275 	send_rx_modulate(sc, toep);
276 }
277 
278 static void
279 tls_start_handshake_timer(struct toepcb *toep)
280 {
281 	struct tls_ofld_info *tls_ofld = &toep->tls;
282 
283 	INP_WLOCK_ASSERT(toep->inp);
284 	callout_reset(&tls_ofld->handshake_timer, TLS_SRV_HELLO_BKOFF_TM * hz,
285 	    tls_send_handshake_ack, toep);
286 }
287 
288 void
289 tls_stop_handshake_timer(struct toepcb *toep)
290 {
291 	struct tls_ofld_info *tls_ofld = &toep->tls;
292 
293 	INP_WLOCK_ASSERT(toep->inp);
294 	callout_stop(&tls_ofld->handshake_timer);
295 }
296 
297 int
298 tls_alloc_ktls(struct toepcb *toep, struct ktls_session *tls, int direction)
299 {
300 	struct adapter *sc = td_adapter(toep->td);
301 	int error, explicit_iv_size, key_offset, mac_first;
302 
303 	if (!can_tls_offload(td_adapter(toep->td)))
304 		return (EINVAL);
305 	switch (ulp_mode(toep)) {
306 	case ULP_MODE_TLS:
307 		break;
308 	case ULP_MODE_NONE:
309 	case ULP_MODE_TCPDDP:
310 		if (direction != KTLS_TX)
311 			return (EINVAL);
312 		break;
313 	default:
314 		return (EINVAL);
315 	}
316 
317 	switch (tls->params.cipher_algorithm) {
318 	case CRYPTO_AES_CBC:
319 		/* XXX: Explicitly ignore any provided IV. */
320 		switch (tls->params.cipher_key_len) {
321 		case 128 / 8:
322 		case 192 / 8:
323 		case 256 / 8:
324 			break;
325 		default:
326 			error = EINVAL;
327 			goto clr_ofld;
328 		}
329 		switch (tls->params.auth_algorithm) {
330 		case CRYPTO_SHA1_HMAC:
331 		case CRYPTO_SHA2_256_HMAC:
332 		case CRYPTO_SHA2_384_HMAC:
333 			break;
334 		default:
335 			error = EPROTONOSUPPORT;
336 			goto clr_ofld;
337 		}
338 		explicit_iv_size = AES_BLOCK_LEN;
339 		mac_first = 1;
340 		break;
341 	case CRYPTO_AES_NIST_GCM_16:
342 		if (tls->params.iv_len != SALT_SIZE) {
343 			error = EINVAL;
344 			goto clr_ofld;
345 		}
346 		switch (tls->params.cipher_key_len) {
347 		case 128 / 8:
348 		case 192 / 8:
349 		case 256 / 8:
350 			break;
351 		default:
352 			error = EINVAL;
353 			goto clr_ofld;
354 		}
355 		explicit_iv_size = 8;
356 		mac_first = 0;
357 		break;
358 	default:
359 		error = EPROTONOSUPPORT;
360 		goto clr_ofld;
361 	}
362 
363 	/* Only TLS 1.1 and TLS 1.2 are currently supported. */
364 	if (tls->params.tls_vmajor != TLS_MAJOR_VER_ONE ||
365 	    tls->params.tls_vminor < TLS_MINOR_VER_ONE ||
366 	    tls->params.tls_vminor > TLS_MINOR_VER_TWO) {
367 		error = EPROTONOSUPPORT;
368 		goto clr_ofld;
369 	}
370 
371 	/* Bail if we already have a key. */
372 	if (direction == KTLS_TX) {
373 		if (toep->tls.tx_key_addr != -1)
374 			return (EOPNOTSUPP);
375 	} else {
376 		if (toep->tls.rx_key_addr != -1)
377 			return (EOPNOTSUPP);
378 	}
379 
380 	error = tls_program_key_id(toep, tls, direction);
381 	if (error) {
382 		if (direction == KTLS_RX)
383 			goto clr_ofld;
384 		return (error);
385 	}
386 
387 	if (direction == KTLS_TX) {
388 		toep->tls.scmd0.seqno_numivs =
389 			(V_SCMD_SEQ_NO_CTRL(3) |
390 			 V_SCMD_PROTO_VERSION(t4_tls_proto_ver(tls)) |
391 			 V_SCMD_ENC_DEC_CTRL(SCMD_ENCDECCTRL_ENCRYPT) |
392 			 V_SCMD_CIPH_AUTH_SEQ_CTRL((mac_first == 0)) |
393 			 V_SCMD_CIPH_MODE(t4_tls_cipher_mode(tls)) |
394 			 V_SCMD_AUTH_MODE(t4_tls_auth_mode(tls)) |
395 			 V_SCMD_HMAC_CTRL(t4_tls_hmac_ctrl(tls)) |
396 			 V_SCMD_IV_SIZE(explicit_iv_size / 2));
397 
398 		toep->tls.scmd0.ivgen_hdrlen =
399 			(V_SCMD_IV_GEN_CTRL(1) |
400 			 V_SCMD_KEY_CTX_INLINE(0) |
401 			 V_SCMD_TLS_FRAG_ENABLE(1));
402 
403 		if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
404 			toep->tls.iv_len = 8;
405 		else
406 			toep->tls.iv_len = AES_BLOCK_LEN;
407 
408 		toep->tls.frag_size = tls->params.max_frame_len;
409 		toep->tls.fcplenmax = get_tp_plen_max(tls);
410 		toep->tls.expn_per_ulp = tls->params.tls_hlen +
411 		    tls->params.tls_tlen;
412 		toep->tls.pdus_per_ulp = 1;
413 		toep->tls.adjusted_plen = toep->tls.expn_per_ulp +
414 		    tls->params.max_frame_len;
415 		toep->tls.tx_key_info_size = t4_tls_key_info_size(tls);
416 	} else {
417 		/* Stop timer on handshake completion */
418 		tls_stop_handshake_timer(toep);
419 
420 		toep->flags &= ~TPF_FORCE_CREDITS;
421 		toep->flags |= TPF_TLS_RECEIVE;
422 		toep->tls.rx_version = tls->params.tls_vmajor << 8 |
423 		    tls->params.tls_vminor;
424 
425 		/*
426 		 * RX key tags are an index into the key portion of MA
427 		 * memory stored as an offset from the base address in
428 		 * units of 64 bytes.
429 		 */
430 		key_offset = toep->tls.rx_key_addr - sc->vres.key.start;
431 		t4_set_tls_keyid(toep, key_offset / 64);
432 		t4_set_tls_tcb_field(toep, W_TCB_ULP_RAW,
433 				 V_TCB_ULP_RAW(M_TCB_ULP_RAW),
434 				 V_TCB_ULP_RAW((V_TF_TLS_KEY_SIZE(3) |
435 						V_TF_TLS_CONTROL(1) |
436 						V_TF_TLS_ACTIVE(1) |
437 						V_TF_TLS_ENABLE(1))));
438 		t4_set_tls_tcb_field(toep, W_TCB_TLS_SEQ,
439 				 V_TCB_TLS_SEQ(M_TCB_TLS_SEQ),
440 				 V_TCB_TLS_SEQ(0));
441 		t4_clear_rx_quiesce(toep);
442 	}
443 
444 	return (0);
445 
446 clr_ofld:
447 	if (ulp_mode(toep) == ULP_MODE_TLS) {
448 		CTR2(KTR_CXGBE, "%s: tid %d clr_ofld_mode", __func__,
449 		    toep->tid);
450 		tls_clr_ofld_mode(toep);
451 	}
452 	return (error);
453 }
454 
455 void
456 tls_init_toep(struct toepcb *toep)
457 {
458 	struct tls_ofld_info *tls_ofld = &toep->tls;
459 
460 	tls_ofld->rx_key_addr = -1;
461 	tls_ofld->tx_key_addr = -1;
462 }
463 
464 void
465 tls_establish(struct toepcb *toep)
466 {
467 
468 	/*
469 	 * Enable PDU extraction.
470 	 *
471 	 * XXX: Supposedly this should be done by the firmware when
472 	 * the ULP_MODE FLOWC parameter is set in send_flowc_wr(), but
473 	 * in practice this seems to be required.
474 	 */
475 	CTR2(KTR_CXGBE, "%s: tid %d setting TLS_ENABLE", __func__, toep->tid);
476 	t4_set_tls_tcb_field(toep, W_TCB_ULP_RAW, V_TCB_ULP_RAW(M_TCB_ULP_RAW),
477 	    V_TCB_ULP_RAW(V_TF_TLS_ENABLE(1)));
478 
479 	toep->flags |= TPF_FORCE_CREDITS | TPF_TLS_ESTABLISHED;
480 
481 	callout_init_rw(&toep->tls.handshake_timer, &toep->inp->inp_lock, 0);
482 	tls_start_handshake_timer(toep);
483 }
484 
485 void
486 tls_detach(struct toepcb *toep)
487 {
488 
489 	if (toep->flags & TPF_TLS_ESTABLISHED) {
490 		tls_stop_handshake_timer(toep);
491 		toep->flags &= ~TPF_TLS_ESTABLISHED;
492 	}
493 }
494 
495 void
496 tls_uninit_toep(struct toepcb *toep)
497 {
498 
499 	MPASS((toep->flags & TPF_TLS_ESTABLISHED) == 0);
500 	clear_tls_keyid(toep);
501 }
502 
503 #define MAX_OFLD_TX_CREDITS (SGE_MAX_WR_LEN / 16)
504 #define	MIN_OFLD_TLSTX_CREDITS(toep)					\
505 	(howmany(sizeof(struct fw_tlstx_data_wr) + 			\
506 	    sizeof(struct cpl_tx_tls_sfo) + sizeof(struct ulptx_idata) + \
507 	    sizeof(struct ulptx_sc_memrd) +				\
508 	    AES_BLOCK_LEN + 1, 16))
509 
510 static void
511 write_tlstx_wr(struct fw_tlstx_data_wr *txwr, struct toepcb *toep,
512     unsigned int immdlen, unsigned int plen, unsigned int expn,
513     unsigned int pdus, uint8_t credits, int shove, int imm_ivs)
514 {
515 	struct tls_ofld_info *tls_ofld = &toep->tls;
516 	unsigned int len = plen + expn;
517 
518 	txwr->op_to_immdlen = htobe32(V_WR_OP(FW_TLSTX_DATA_WR) |
519 	    V_FW_TLSTX_DATA_WR_COMPL(1) |
520 	    V_FW_TLSTX_DATA_WR_IMMDLEN(immdlen));
521 	txwr->flowid_len16 = htobe32(V_FW_TLSTX_DATA_WR_FLOWID(toep->tid) |
522 	    V_FW_TLSTX_DATA_WR_LEN16(credits));
523 	txwr->plen = htobe32(len);
524 	txwr->lsodisable_to_flags = htobe32(V_TX_ULP_MODE(ULP_MODE_TLS) |
525 	    V_TX_URG(0) | /* F_T6_TX_FORCE | */ V_TX_SHOVE(shove));
526 	txwr->ctxloc_to_exp = htobe32(V_FW_TLSTX_DATA_WR_NUMIVS(pdus) |
527 	    V_FW_TLSTX_DATA_WR_EXP(expn) |
528 	    V_FW_TLSTX_DATA_WR_CTXLOC(TLS_SFO_WR_CONTEXTLOC_DDR) |
529 	    V_FW_TLSTX_DATA_WR_IVDSGL(!imm_ivs) |
530 	    V_FW_TLSTX_DATA_WR_KEYSIZE(tls_ofld->tx_key_info_size >> 4));
531 	txwr->mfs = htobe16(tls_ofld->frag_size);
532 	txwr->adjustedplen_pkd = htobe16(
533 	    V_FW_TLSTX_DATA_WR_ADJUSTEDPLEN(tls_ofld->adjusted_plen));
534 	txwr->expinplenmax_pkd = htobe16(
535 	    V_FW_TLSTX_DATA_WR_EXPINPLENMAX(tls_ofld->expn_per_ulp));
536 	txwr->pdusinplenmax_pkd =
537 	    V_FW_TLSTX_DATA_WR_PDUSINPLENMAX(tls_ofld->pdus_per_ulp);
538 }
539 
540 static void
541 write_tlstx_cpl(struct cpl_tx_tls_sfo *cpl, struct toepcb *toep,
542     struct tls_hdr *tls_hdr, unsigned int plen, unsigned int pdus)
543 {
544 	struct tls_ofld_info *tls_ofld = &toep->tls;
545 	int data_type, seglen;
546 
547 	if (plen < tls_ofld->frag_size)
548 		seglen = plen;
549 	else
550 		seglen = tls_ofld->frag_size;
551 	data_type = tls_content_type(tls_hdr->type);
552 	cpl->op_to_seg_len = htobe32(V_CPL_TX_TLS_SFO_OPCODE(CPL_TX_TLS_SFO) |
553 	    V_CPL_TX_TLS_SFO_DATA_TYPE(data_type) |
554 	    V_CPL_TX_TLS_SFO_CPL_LEN(2) | V_CPL_TX_TLS_SFO_SEG_LEN(seglen));
555 	cpl->pld_len = htobe32(plen);
556 	if (data_type == CPL_TX_TLS_SFO_TYPE_HEARTBEAT)
557 		cpl->type_protover = htobe32(
558 		    V_CPL_TX_TLS_SFO_TYPE(tls_hdr->type));
559 	cpl->seqno_numivs = htobe32(tls_ofld->scmd0.seqno_numivs |
560 	    V_SCMD_NUM_IVS(pdus));
561 	cpl->ivgen_hdrlen = htobe32(tls_ofld->scmd0.ivgen_hdrlen);
562 	cpl->scmd1 = htobe64(tls_ofld->tx_seq_no);
563 	tls_ofld->tx_seq_no += pdus;
564 }
565 
566 static int
567 count_ext_pgs_segs(struct mbuf *m)
568 {
569 	vm_paddr_t nextpa;
570 	u_int i, nsegs;
571 
572 	MPASS(m->m_epg_npgs > 0);
573 	nsegs = 1;
574 	nextpa = m->m_epg_pa[0] + PAGE_SIZE;
575 	for (i = 1; i < m->m_epg_npgs; i++) {
576 		if (nextpa != m->m_epg_pa[i])
577 			nsegs++;
578 		nextpa = m->m_epg_pa[i] + PAGE_SIZE;
579 	}
580 	return (nsegs);
581 }
582 
583 static void
584 write_ktlstx_sgl(void *dst, struct mbuf *m, int nsegs)
585 {
586 	struct ulptx_sgl *usgl = dst;
587 	vm_paddr_t pa;
588 	uint32_t len;
589 	int i, j;
590 
591 	KASSERT(nsegs > 0, ("%s: nsegs 0", __func__));
592 
593 	usgl->cmd_nsge = htobe32(V_ULPTX_CMD(ULP_TX_SC_DSGL) |
594 	    V_ULPTX_NSGE(nsegs));
595 
596 	/* Figure out the first S/G length. */
597 	pa = m->m_epg_pa[0] + m->m_epg_1st_off;
598 	usgl->addr0 = htobe64(pa);
599 	len = m_epg_pagelen(m, 0, m->m_epg_1st_off);
600 	pa += len;
601 	for (i = 1; i < m->m_epg_npgs; i++) {
602 		if (m->m_epg_pa[i] != pa)
603 			break;
604 		len += m_epg_pagelen(m, i, 0);
605 		pa += m_epg_pagelen(m, i, 0);
606 	}
607 	usgl->len0 = htobe32(len);
608 #ifdef INVARIANTS
609 	nsegs--;
610 #endif
611 
612 	j = -1;
613 	for (; i < m->m_epg_npgs; i++) {
614 		if (j == -1 || m->m_epg_pa[i] != pa) {
615 			if (j >= 0)
616 				usgl->sge[j / 2].len[j & 1] = htobe32(len);
617 			j++;
618 #ifdef INVARIANTS
619 			nsegs--;
620 #endif
621 			pa = m->m_epg_pa[i];
622 			usgl->sge[j / 2].addr[j & 1] = htobe64(pa);
623 			len = m_epg_pagelen(m, i, 0);
624 			pa += len;
625 		} else {
626 			len += m_epg_pagelen(m, i, 0);
627 			pa += m_epg_pagelen(m, i, 0);
628 		}
629 	}
630 	if (j >= 0) {
631 		usgl->sge[j / 2].len[j & 1] = htobe32(len);
632 
633 		if ((j & 1) == 0)
634 			usgl->sge[j / 2].len[1] = htobe32(0);
635 	}
636 	KASSERT(nsegs == 0, ("%s: nsegs %d, m %p", __func__, nsegs, m));
637 }
638 
639 /*
640  * Similar to t4_push_frames() but handles sockets that contain TLS
641  * record mbufs.
642  */
643 void
644 t4_push_ktls(struct adapter *sc, struct toepcb *toep, int drop)
645 {
646 	struct tls_hdr *thdr;
647 	struct fw_tlstx_data_wr *txwr;
648 	struct cpl_tx_tls_sfo *cpl;
649 	struct ulptx_idata *idata;
650 	struct ulptx_sc_memrd *memrd;
651 	struct wrqe *wr;
652 	struct mbuf *m;
653 	u_int nsegs, credits, wr_len;
654 	u_int expn_size;
655 	struct inpcb *inp = toep->inp;
656 	struct tcpcb *tp = intotcpcb(inp);
657 	struct socket *so = inp->inp_socket;
658 	struct sockbuf *sb = &so->so_snd;
659 	int tls_size, tx_credits, shove, sowwakeup;
660 	struct ofld_tx_sdesc *txsd;
661 	char *buf;
662 
663 	INP_WLOCK_ASSERT(inp);
664 	KASSERT(toep->flags & TPF_FLOWC_WR_SENT,
665 	    ("%s: flowc_wr not sent for tid %u.", __func__, toep->tid));
666 
667 	KASSERT(ulp_mode(toep) == ULP_MODE_NONE ||
668 	    ulp_mode(toep) == ULP_MODE_TCPDDP || ulp_mode(toep) == ULP_MODE_TLS,
669 	    ("%s: ulp_mode %u for toep %p", __func__, ulp_mode(toep), toep));
670 	KASSERT(tls_tx_key(toep),
671 	    ("%s: TX key not set for toep %p", __func__, toep));
672 
673 #ifdef VERBOSE_TRACES
674 	CTR4(KTR_CXGBE, "%s: tid %d toep flags %#x tp flags %#x drop %d",
675 	    __func__, toep->tid, toep->flags, tp->t_flags);
676 #endif
677 	if (__predict_false(toep->flags & TPF_ABORT_SHUTDOWN))
678 		return;
679 
680 #ifdef RATELIMIT
681 	if (__predict_false(inp->inp_flags2 & INP_RATE_LIMIT_CHANGED) &&
682 	    (update_tx_rate_limit(sc, toep, so->so_max_pacing_rate) == 0)) {
683 		inp->inp_flags2 &= ~INP_RATE_LIMIT_CHANGED;
684 	}
685 #endif
686 
687 	/*
688 	 * This function doesn't resume by itself.  Someone else must clear the
689 	 * flag and call this function.
690 	 */
691 	if (__predict_false(toep->flags & TPF_TX_SUSPENDED)) {
692 		KASSERT(drop == 0,
693 		    ("%s: drop (%d) != 0 but tx is suspended", __func__, drop));
694 		return;
695 	}
696 
697 	txsd = &toep->txsd[toep->txsd_pidx];
698 	for (;;) {
699 		tx_credits = min(toep->tx_credits, MAX_OFLD_TX_CREDITS);
700 
701 		SOCKBUF_LOCK(sb);
702 		sowwakeup = drop;
703 		if (drop) {
704 			sbdrop_locked(sb, drop);
705 			drop = 0;
706 		}
707 
708 		m = sb->sb_sndptr != NULL ? sb->sb_sndptr->m_next : sb->sb_mb;
709 
710 		/*
711 		 * Send a FIN if requested, but only if there's no
712 		 * more data to send.
713 		 */
714 		if (m == NULL && toep->flags & TPF_SEND_FIN) {
715 			if (sowwakeup)
716 				sowwakeup_locked(so);
717 			else
718 				SOCKBUF_UNLOCK(sb);
719 			SOCKBUF_UNLOCK_ASSERT(sb);
720 			t4_close_conn(sc, toep);
721 			return;
722 		}
723 
724 		/*
725 		 * If there is no ready data to send, wait until more
726 		 * data arrives.
727 		 */
728 		if (m == NULL || (m->m_flags & M_NOTAVAIL) != 0) {
729 			if (sowwakeup)
730 				sowwakeup_locked(so);
731 			else
732 				SOCKBUF_UNLOCK(sb);
733 			SOCKBUF_UNLOCK_ASSERT(sb);
734 #ifdef VERBOSE_TRACES
735 			CTR2(KTR_CXGBE, "%s: tid %d no ready data to send",
736 			    __func__, toep->tid);
737 #endif
738 			return;
739 		}
740 
741 		KASSERT(m->m_flags & M_EXTPG, ("%s: mbuf %p is not NOMAP",
742 		    __func__, m));
743 		KASSERT(m->m_epg_tls != NULL,
744 		    ("%s: mbuf %p doesn't have TLS session", __func__, m));
745 
746 		/* Calculate WR length. */
747 		wr_len = sizeof(struct fw_tlstx_data_wr) +
748 		    sizeof(struct cpl_tx_tls_sfo) +
749 		    sizeof(struct ulptx_idata) + sizeof(struct ulptx_sc_memrd);
750 
751 		/* Explicit IVs for AES-CBC and AES-GCM are <= 16. */
752 		MPASS(toep->tls.iv_len <= AES_BLOCK_LEN);
753 		wr_len += AES_BLOCK_LEN;
754 
755 		/* Account for SGL in work request length. */
756 		nsegs = count_ext_pgs_segs(m);
757 		wr_len += sizeof(struct ulptx_sgl) +
758 		    ((3 * (nsegs - 1)) / 2 + ((nsegs - 1) & 1)) * 8;
759 
760 		/* Not enough credits for this work request. */
761 		if (howmany(wr_len, 16) > tx_credits) {
762 			if (sowwakeup)
763 				sowwakeup_locked(so);
764 			else
765 				SOCKBUF_UNLOCK(sb);
766 			SOCKBUF_UNLOCK_ASSERT(sb);
767 #ifdef VERBOSE_TRACES
768 			CTR5(KTR_CXGBE,
769 	    "%s: tid %d mbuf %p requires %d credits, but only %d available",
770 			    __func__, toep->tid, m, howmany(wr_len, 16),
771 			    tx_credits);
772 #endif
773 			toep->flags |= TPF_TX_SUSPENDED;
774 			return;
775 		}
776 
777 		/* Shove if there is no additional data pending. */
778 		shove = ((m->m_next == NULL ||
779 		    (m->m_next->m_flags & M_NOTAVAIL) != 0)) &&
780 		    (tp->t_flags & TF_MORETOCOME) == 0;
781 
782 		if (sb->sb_flags & SB_AUTOSIZE &&
783 		    V_tcp_do_autosndbuf &&
784 		    sb->sb_hiwat < V_tcp_autosndbuf_max &&
785 		    sbused(sb) >= sb->sb_hiwat * 7 / 8) {
786 			int newsize = min(sb->sb_hiwat + V_tcp_autosndbuf_inc,
787 			    V_tcp_autosndbuf_max);
788 
789 			if (!sbreserve_locked(so, SO_SND, newsize, NULL))
790 				sb->sb_flags &= ~SB_AUTOSIZE;
791 			else
792 				sowwakeup = 1;	/* room available */
793 		}
794 		if (sowwakeup)
795 			sowwakeup_locked(so);
796 		else
797 			SOCKBUF_UNLOCK(sb);
798 		SOCKBUF_UNLOCK_ASSERT(sb);
799 
800 		if (__predict_false(toep->flags & TPF_FIN_SENT))
801 			panic("%s: excess tx.", __func__);
802 
803 		wr = alloc_wrqe(roundup2(wr_len, 16), &toep->ofld_txq->wrq);
804 		if (wr == NULL) {
805 			/* XXX: how will we recover from this? */
806 			toep->flags |= TPF_TX_SUSPENDED;
807 			return;
808 		}
809 
810 		thdr = (struct tls_hdr *)&m->m_epg_hdr;
811 #ifdef VERBOSE_TRACES
812 		CTR5(KTR_CXGBE, "%s: tid %d TLS record %ju type %d len %#x",
813 		    __func__, toep->tid, m->m_epg_seqno, thdr->type,
814 		    m->m_len);
815 #endif
816 		txwr = wrtod(wr);
817 		cpl = (struct cpl_tx_tls_sfo *)(txwr + 1);
818 		memset(txwr, 0, roundup2(wr_len, 16));
819 		credits = howmany(wr_len, 16);
820 		expn_size = m->m_epg_hdrlen +
821 		    m->m_epg_trllen;
822 		tls_size = m->m_len - expn_size;
823 		write_tlstx_wr(txwr, toep, 0,
824 		    tls_size, expn_size, 1, credits, shove, 1);
825 		toep->tls.tx_seq_no = m->m_epg_seqno;
826 		write_tlstx_cpl(cpl, toep, thdr, tls_size, 1);
827 
828 		idata = (struct ulptx_idata *)(cpl + 1);
829 		idata->cmd_more = htobe32(V_ULPTX_CMD(ULP_TX_SC_NOOP));
830 		idata->len = htobe32(0);
831 		memrd = (struct ulptx_sc_memrd *)(idata + 1);
832 		memrd->cmd_to_len = htobe32(V_ULPTX_CMD(ULP_TX_SC_MEMRD) |
833 		    V_ULP_TX_SC_MORE(1) |
834 		    V_ULPTX_LEN16(toep->tls.tx_key_info_size >> 4));
835 		memrd->addr = htobe32(toep->tls.tx_key_addr >> 5);
836 
837 		/* Copy IV. */
838 		buf = (char *)(memrd + 1);
839 		memcpy(buf, thdr + 1, toep->tls.iv_len);
840 		buf += AES_BLOCK_LEN;
841 
842 		write_ktlstx_sgl(buf, m, nsegs);
843 
844 		KASSERT(toep->tx_credits >= credits,
845 			("%s: not enough credits", __func__));
846 
847 		toep->tx_credits -= credits;
848 
849 		tp->snd_nxt += m->m_len;
850 		tp->snd_max += m->m_len;
851 
852 		SOCKBUF_LOCK(sb);
853 		sb->sb_sndptr = m;
854 		SOCKBUF_UNLOCK(sb);
855 
856 		toep->flags |= TPF_TX_DATA_SENT;
857 		if (toep->tx_credits < MIN_OFLD_TLSTX_CREDITS(toep))
858 			toep->flags |= TPF_TX_SUSPENDED;
859 
860 		KASSERT(toep->txsd_avail > 0, ("%s: no txsd", __func__));
861 		txsd->plen = m->m_len;
862 		txsd->tx_credits = credits;
863 		txsd++;
864 		if (__predict_false(++toep->txsd_pidx == toep->txsd_total)) {
865 			toep->txsd_pidx = 0;
866 			txsd = &toep->txsd[0];
867 		}
868 		toep->txsd_avail--;
869 
870 		counter_u64_add(toep->ofld_txq->tx_toe_tls_records, 1);
871 		counter_u64_add(toep->ofld_txq->tx_toe_tls_octets, m->m_len);
872 
873 		t4_l2t_send(sc, wr, toep->l2te);
874 	}
875 }
876 
877 /*
878  * For TLS data we place received mbufs received via CPL_TLS_DATA into
879  * an mbufq in the TLS offload state.  When CPL_RX_TLS_CMP is
880  * received, the completed PDUs are placed into the socket receive
881  * buffer.
882  *
883  * The TLS code reuses the ulp_pdu_reclaimq to hold the pending mbufs.
884  */
885 static int
886 do_tls_data(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m)
887 {
888 	struct adapter *sc = iq->adapter;
889 	const struct cpl_tls_data *cpl = mtod(m, const void *);
890 	unsigned int tid = GET_TID(cpl);
891 	struct toepcb *toep = lookup_tid(sc, tid);
892 	struct inpcb *inp = toep->inp;
893 	struct tcpcb *tp;
894 	int len;
895 
896 	/* XXX: Should this match do_rx_data instead? */
897 	KASSERT(!(toep->flags & TPF_SYNQE),
898 	    ("%s: toep %p claims to be a synq entry", __func__, toep));
899 
900 	KASSERT(toep->tid == tid, ("%s: toep tid/atid mismatch", __func__));
901 
902 	/* strip off CPL header */
903 	m_adj(m, sizeof(*cpl));
904 	len = m->m_pkthdr.len;
905 
906 	toep->ofld_rxq->rx_toe_tls_octets += len;
907 
908 	KASSERT(len == G_CPL_TLS_DATA_LENGTH(be32toh(cpl->length_pkd)),
909 	    ("%s: payload length mismatch", __func__));
910 
911 	INP_WLOCK(inp);
912 	if (inp->inp_flags & (INP_DROPPED | INP_TIMEWAIT)) {
913 		CTR4(KTR_CXGBE, "%s: tid %u, rx (%d bytes), inp_flags 0x%x",
914 		    __func__, tid, len, inp->inp_flags);
915 		INP_WUNLOCK(inp);
916 		m_freem(m);
917 		return (0);
918 	}
919 
920 	/* Save TCP sequence number. */
921 	m->m_pkthdr.tls_tcp_seq = be32toh(cpl->seq);
922 
923 	if (mbufq_enqueue(&toep->ulp_pdu_reclaimq, m)) {
924 #ifdef INVARIANTS
925 		panic("Failed to queue TLS data packet");
926 #else
927 		printf("%s: Failed to queue TLS data packet\n", __func__);
928 		INP_WUNLOCK(inp);
929 		m_freem(m);
930 		return (0);
931 #endif
932 	}
933 
934 	tp = intotcpcb(inp);
935 	tp->t_rcvtime = ticks;
936 
937 #ifdef VERBOSE_TRACES
938 	CTR4(KTR_CXGBE, "%s: tid %u len %d seq %u", __func__, tid, len,
939 	    be32toh(cpl->seq));
940 #endif
941 
942 	INP_WUNLOCK(inp);
943 	return (0);
944 }
945 
946 static int
947 do_rx_tls_cmp(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m)
948 {
949 	struct adapter *sc = iq->adapter;
950 	const struct cpl_rx_tls_cmp *cpl = mtod(m, const void *);
951 	struct tlsrx_hdr_pkt *tls_hdr_pkt;
952 	unsigned int tid = GET_TID(cpl);
953 	struct toepcb *toep = lookup_tid(sc, tid);
954 	struct inpcb *inp = toep->inp;
955 	struct tcpcb *tp;
956 	struct socket *so;
957 	struct sockbuf *sb;
958 	struct mbuf *tls_data;
959 	struct tls_get_record *tgr;
960 	struct mbuf *control;
961 	int pdu_length, rx_credits;
962 #if defined(KTR) || defined(INVARIANTS)
963 	int len;
964 #endif
965 
966 	KASSERT(toep->tid == tid, ("%s: toep tid/atid mismatch", __func__));
967 	KASSERT(!(toep->flags & TPF_SYNQE),
968 	    ("%s: toep %p claims to be a synq entry", __func__, toep));
969 
970 	/* strip off CPL header */
971 	m_adj(m, sizeof(*cpl));
972 #if defined(KTR) || defined(INVARIANTS)
973 	len = m->m_pkthdr.len;
974 #endif
975 
976 	toep->ofld_rxq->rx_toe_tls_records++;
977 
978 	KASSERT(len == G_CPL_RX_TLS_CMP_LENGTH(be32toh(cpl->pdulength_length)),
979 	    ("%s: payload length mismatch", __func__));
980 
981 	INP_WLOCK(inp);
982 	if (inp->inp_flags & (INP_DROPPED | INP_TIMEWAIT)) {
983 		CTR4(KTR_CXGBE, "%s: tid %u, rx (%d bytes), inp_flags 0x%x",
984 		    __func__, tid, len, inp->inp_flags);
985 		INP_WUNLOCK(inp);
986 		m_freem(m);
987 		return (0);
988 	}
989 
990 	pdu_length = G_CPL_RX_TLS_CMP_PDULENGTH(be32toh(cpl->pdulength_length));
991 
992 	so = inp_inpcbtosocket(inp);
993 	tp = intotcpcb(inp);
994 
995 #ifdef VERBOSE_TRACES
996 	CTR6(KTR_CXGBE, "%s: tid %u PDU len %d len %d seq %u, rcv_nxt %u",
997 	    __func__, tid, pdu_length, len, be32toh(cpl->seq), tp->rcv_nxt);
998 #endif
999 
1000 	tp->rcv_nxt += pdu_length;
1001 	KASSERT(tp->rcv_wnd >= pdu_length,
1002 	    ("%s: negative window size", __func__));
1003 	tp->rcv_wnd -= pdu_length;
1004 
1005 	/* XXX: Not sure what to do about urgent data. */
1006 
1007 	/*
1008 	 * The payload of this CPL is the TLS header followed by
1009 	 * additional fields.
1010 	 */
1011 	KASSERT(m->m_len >= sizeof(*tls_hdr_pkt),
1012 	    ("%s: payload too small", __func__));
1013 	tls_hdr_pkt = mtod(m, void *);
1014 
1015 	tls_data = mbufq_dequeue(&toep->ulp_pdu_reclaimq);
1016 	if (tls_data != NULL) {
1017 		KASSERT(be32toh(cpl->seq) == tls_data->m_pkthdr.tls_tcp_seq,
1018 		    ("%s: sequence mismatch", __func__));
1019 	}
1020 
1021 	/* Report decryption errors as EBADMSG. */
1022 	if ((tls_hdr_pkt->res_to_mac_error & M_TLSRX_HDR_PKT_ERROR) != 0) {
1023 		m_freem(m);
1024 		m_freem(tls_data);
1025 
1026 		CURVNET_SET(toep->vnet);
1027 		so->so_error = EBADMSG;
1028 		sorwakeup(so);
1029 
1030 		INP_WUNLOCK(inp);
1031 		CURVNET_RESTORE();
1032 
1033 		return (0);
1034 	}
1035 
1036 	/* Allocate the control message mbuf. */
1037 	control = sbcreatecontrol(NULL, sizeof(*tgr), TLS_GET_RECORD,
1038 	    IPPROTO_TCP, M_NOWAIT);
1039 	if (control == NULL) {
1040 		m_freem(m);
1041 		m_freem(tls_data);
1042 
1043 		CURVNET_SET(toep->vnet);
1044 		so->so_error = ENOBUFS;
1045 		sorwakeup(so);
1046 
1047 		INP_WUNLOCK(inp);
1048 		CURVNET_RESTORE();
1049 
1050 		return (0);
1051 	}
1052 
1053 	tgr = (struct tls_get_record *)
1054 	    CMSG_DATA(mtod(control, struct cmsghdr *));
1055 	memset(tgr, 0, sizeof(*tgr));
1056 	tgr->tls_type = tls_hdr_pkt->type;
1057 	tgr->tls_vmajor = be16toh(tls_hdr_pkt->version) >> 8;
1058 	tgr->tls_vminor = be16toh(tls_hdr_pkt->version) & 0xff;
1059 
1060 	m_freem(m);
1061 
1062 	if (tls_data != NULL) {
1063 		m_last(tls_data)->m_flags |= M_EOR;
1064 		tgr->tls_length = htobe16(tls_data->m_pkthdr.len);
1065 	} else
1066 		tgr->tls_length = 0;
1067 	m = tls_data;
1068 
1069 	sb = &so->so_rcv;
1070 	SOCKBUF_LOCK(sb);
1071 
1072 	if (__predict_false(sb->sb_state & SBS_CANTRCVMORE)) {
1073 		struct epoch_tracker et;
1074 
1075 		CTR3(KTR_CXGBE, "%s: tid %u, excess rx (%d bytes)",
1076 		    __func__, tid, pdu_length);
1077 		m_freem(m);
1078 		m_freem(control);
1079 		SOCKBUF_UNLOCK(sb);
1080 		INP_WUNLOCK(inp);
1081 
1082 		CURVNET_SET(toep->vnet);
1083 		NET_EPOCH_ENTER(et);
1084 		INP_WLOCK(inp);
1085 		tp = tcp_drop(tp, ECONNRESET);
1086 		if (tp)
1087 			INP_WUNLOCK(inp);
1088 		NET_EPOCH_EXIT(et);
1089 		CURVNET_RESTORE();
1090 
1091 		return (0);
1092 	}
1093 
1094 	/*
1095 	 * Not all of the bytes on the wire are included in the socket buffer
1096 	 * (e.g. the MAC of the TLS record).  However, those bytes are included
1097 	 * in the TCP sequence space.
1098 	 */
1099 
1100 	/* receive buffer autosize */
1101 	MPASS(toep->vnet == so->so_vnet);
1102 	CURVNET_SET(toep->vnet);
1103 	if (sb->sb_flags & SB_AUTOSIZE &&
1104 	    V_tcp_do_autorcvbuf &&
1105 	    sb->sb_hiwat < V_tcp_autorcvbuf_max &&
1106 	    m->m_pkthdr.len > (sbspace(sb) / 8 * 7)) {
1107 		unsigned int hiwat = sb->sb_hiwat;
1108 		unsigned int newsize = min(hiwat + sc->tt.autorcvbuf_inc,
1109 		    V_tcp_autorcvbuf_max);
1110 
1111 		if (!sbreserve_locked(so, SO_RCV, newsize, NULL))
1112 			sb->sb_flags &= ~SB_AUTOSIZE;
1113 	}
1114 
1115 	sbappendcontrol_locked(sb, m, control, 0);
1116 	rx_credits = sbspace(sb) > tp->rcv_wnd ? sbspace(sb) - tp->rcv_wnd : 0;
1117 #ifdef VERBOSE_TRACES
1118 	CTR4(KTR_CXGBE, "%s: tid %u rx_credits %u rcv_wnd %u",
1119 	    __func__, tid, rx_credits, tp->rcv_wnd);
1120 #endif
1121 	if (rx_credits > 0 && sbused(sb) + tp->rcv_wnd < sb->sb_lowat) {
1122 		rx_credits = send_rx_credits(sc, toep, rx_credits);
1123 		tp->rcv_wnd += rx_credits;
1124 		tp->rcv_adv += rx_credits;
1125 	}
1126 
1127 	sorwakeup_locked(so);
1128 	SOCKBUF_UNLOCK_ASSERT(sb);
1129 
1130 	INP_WUNLOCK(inp);
1131 	CURVNET_RESTORE();
1132 	return (0);
1133 }
1134 
1135 void
1136 do_rx_data_tls(const struct cpl_rx_data *cpl, struct toepcb *toep,
1137     struct mbuf *m)
1138 {
1139 	struct inpcb *inp = toep->inp;
1140 	struct tls_ofld_info *tls_ofld = &toep->tls;
1141 	struct tls_hdr *hdr;
1142 	struct tcpcb *tp;
1143 	struct socket *so;
1144 	struct sockbuf *sb;
1145 	int len, rx_credits;
1146 
1147 	len = m->m_pkthdr.len;
1148 
1149 	INP_WLOCK_ASSERT(inp);
1150 
1151 	so = inp_inpcbtosocket(inp);
1152 	tp = intotcpcb(inp);
1153 	sb = &so->so_rcv;
1154 	SOCKBUF_LOCK(sb);
1155 	CURVNET_SET(toep->vnet);
1156 
1157 	tp->rcv_nxt += len;
1158 	KASSERT(tp->rcv_wnd >= len, ("%s: negative window size", __func__));
1159 	tp->rcv_wnd -= len;
1160 
1161 	/* Do we have a full TLS header? */
1162 	if (len < sizeof(*hdr)) {
1163 		CTR3(KTR_CXGBE, "%s: tid %u len %d: too short for a TLS header",
1164 		    __func__, toep->tid, len);
1165 		so->so_error = EMSGSIZE;
1166 		goto out;
1167 	}
1168 	hdr = mtod(m, struct tls_hdr *);
1169 
1170 	/* Is the header valid? */
1171 	if (be16toh(hdr->version) != tls_ofld->rx_version) {
1172 		CTR3(KTR_CXGBE, "%s: tid %u invalid version %04x",
1173 		    __func__, toep->tid, be16toh(hdr->version));
1174 		so->so_error = EINVAL;
1175 		goto out;
1176 	}
1177 	if (be16toh(hdr->length) < sizeof(*hdr)) {
1178 		CTR3(KTR_CXGBE, "%s: tid %u invalid length %u",
1179 		    __func__, toep->tid, be16toh(hdr->length));
1180 		so->so_error = EBADMSG;
1181 		goto out;
1182 	}
1183 
1184 	/* Did we get a truncated record? */
1185 	if (len < be16toh(hdr->length)) {
1186 		CTR4(KTR_CXGBE, "%s: tid %u truncated TLS record (%d vs %u)",
1187 		    __func__, toep->tid, len, be16toh(hdr->length));
1188 
1189 		so->so_error = EMSGSIZE;
1190 		goto out;
1191 	}
1192 
1193 	/* Is the header type unknown? */
1194 	switch (hdr->type) {
1195 	case CONTENT_TYPE_CCS:
1196 	case CONTENT_TYPE_ALERT:
1197 	case CONTENT_TYPE_APP_DATA:
1198 	case CONTENT_TYPE_HANDSHAKE:
1199 		break;
1200 	default:
1201 		CTR3(KTR_CXGBE, "%s: tid %u invalid TLS record type %u",
1202 		    __func__, toep->tid, hdr->type);
1203 		so->so_error = EBADMSG;
1204 		goto out;
1205 	}
1206 
1207 	/*
1208 	 * Just punt.  Although this could fall back to software
1209 	 * decryption, this case should never really happen.
1210 	 */
1211 	CTR4(KTR_CXGBE, "%s: tid %u dropping TLS record type %u, length %u",
1212 	    __func__, toep->tid, hdr->type, be16toh(hdr->length));
1213 	so->so_error = EBADMSG;
1214 
1215 out:
1216 	/*
1217 	 * This connection is going to die anyway, so probably don't
1218 	 * need to bother with returning credits.
1219 	 */
1220 	rx_credits = sbspace(sb) > tp->rcv_wnd ? sbspace(sb) - tp->rcv_wnd : 0;
1221 #ifdef VERBOSE_TRACES
1222 	CTR4(KTR_CXGBE, "%s: tid %u rx_credits %u rcv_wnd %u",
1223 	    __func__, toep->tid, rx_credits, tp->rcv_wnd);
1224 #endif
1225 	if (rx_credits > 0 && sbused(sb) + tp->rcv_wnd < sb->sb_lowat) {
1226 		rx_credits = send_rx_credits(toep->vi->adapter, toep,
1227 		    rx_credits);
1228 		tp->rcv_wnd += rx_credits;
1229 		tp->rcv_adv += rx_credits;
1230 	}
1231 
1232 	sorwakeup_locked(so);
1233 	SOCKBUF_UNLOCK_ASSERT(sb);
1234 
1235 	INP_WUNLOCK(inp);
1236 	CURVNET_RESTORE();
1237 
1238 	m_freem(m);
1239 }
1240 
1241 void
1242 t4_tls_mod_load(void)
1243 {
1244 
1245 	t4_register_cpl_handler(CPL_TLS_DATA, do_tls_data);
1246 	t4_register_cpl_handler(CPL_RX_TLS_CMP, do_rx_tls_cmp);
1247 }
1248 
1249 void
1250 t4_tls_mod_unload(void)
1251 {
1252 
1253 	t4_register_cpl_handler(CPL_TLS_DATA, NULL);
1254 	t4_register_cpl_handler(CPL_RX_TLS_CMP, NULL);
1255 }
1256 #endif	/* TCP_OFFLOAD */
1257 #endif	/* KERN_TLS */
1258