xref: /freebsd/sys/dev/cxgbe/tom/t4_tls.h (revision 31d62a73c2e6ac0ff413a7a17700ffc7dce254ef)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2017-2018 Chelsio Communications, Inc.
5  * All rights reserved.
6  * Written by: John Baldwin <jhb@FreeBSD.org>, Atul Gupta
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $FreeBSD$
30  *
31  */
32 
33 #ifndef __T4_TLS_H__
34 #define __T4_TLS_H__
35 
36 #define TLS1_VERSION                    0x0301
37 #define TLS1_1_VERSION                  0x0302
38 #define TLS1_2_VERSION                  0x0303
39 #define TLS_MAX_VERSION                 TLS1_2_VERSION
40 
41 #define DTLS1_VERSION                   0xFEFF
42 #define DTLS1_2_VERSION                 0xFEFD
43 #define DTLS_MAX_VERSION                DTLS1_2_VERSION
44 #define DTLS1_VERSION_MAJOR             0xFE
45 
46 /* Custom socket options for TLS+TOE. */
47 
48 #define MAX_MAC_KSZ		64	/*512 bits */
49 #define MAX_CIPHER_KSZ		32	/* 256 bits */
50 #define CIPHER_BLOCK_SZ		16
51 #define SALT_SIZE		4
52 
53 /* Can accomodate 16, 11-15 are reserved */
54 enum {
55     CHSSL_SHA_NOP,
56     CHSSL_SHA1,
57     CHSSL_SHA224,
58     CHSSL_SHA256,
59     CHSSL_GHASH,
60     CHSSL_SHA512_224,
61     CHSSL_SHA512_256,
62     CHSSL_SHA512_384,
63     CHSSL_SHA512_512,
64     CHSSL_CBCMAC,
65     CHSSL_CMAC,
66 };
67 
68 /* Can accomodate 16, 8-15 are reserved */
69 enum {
70     CHSSL_CIPH_NOP,
71     CHSSL_AES_CBC,
72     CHSSL_AES_GCM,
73     CHSSL_AES_CTR,
74     CHSSL_AES_GEN,
75     CHSSL_IPSEC_ESP,
76     CHSSL_AES_XTS,
77     CHSSL_AES_CCM,
78 };
79 
80 /* Key Context Programming Operation type */
81 #define KEY_WRITE_RX			0x1
82 #define KEY_WRITE_TX			0x2
83 #define KEY_DELETE_RX			0x4
84 #define KEY_DELETE_TX			0x8
85 
86 #define S_KEY_CLR_LOC		4
87 #define M_KEY_CLR_LOC		0xf
88 #define V_KEY_CLR_LOC(x)	((x) << S_KEY_CLR_LOC)
89 #define G_KEY_CLR_LOC(x)	(((x) >> S_KEY_CLR_LOC) & M_KEY_CLR_LOC)
90 #define F_KEY_CLR_LOC		V_KEY_CLR_LOC(1U)
91 
92 #define S_KEY_GET_LOC           0
93 #define M_KEY_GET_LOC           0xf
94 #define V_KEY_GET_LOC(x)        ((x) << S_KEY_GET_LOC)
95 #define G_KEY_GET_LOC(x)        (((x) >> S_KEY_GET_LOC) & M_KEY_GET_LOC)
96 
97 struct tls_ofld_state {
98     unsigned char enc_mode;
99     unsigned char mac_mode;
100     unsigned char key_loc;
101     unsigned char ofld_mode;
102     unsigned char auth_mode;
103     unsigned char resv[3];
104 };
105 
106 struct tls_tx_ctxt {
107     unsigned char   salt[SALT_SIZE];
108     unsigned char key[MAX_CIPHER_KSZ];
109     unsigned char ipad[MAX_MAC_KSZ];
110     unsigned char opad[MAX_MAC_KSZ];
111 };
112 
113 struct tls_rx_ctxt {
114     unsigned char   salt[SALT_SIZE];
115     unsigned char key[MAX_CIPHER_KSZ];
116     unsigned char ipad[MAX_MAC_KSZ];
117     unsigned char opad[MAX_MAC_KSZ];
118 };
119 
120 struct tls_key_context {
121     struct tls_tx_ctxt tx;
122     struct tls_rx_ctxt rx;
123 
124     unsigned char l_p_key;
125     unsigned char hmac_ctrl;
126     unsigned char mac_first;
127     unsigned char iv_size;
128     unsigned char iv_ctrl;
129     unsigned char iv_algo;
130     unsigned char tx_seq_no;
131     unsigned char rx_seq_no;
132 
133     struct tls_ofld_state state;
134 
135     unsigned int tx_key_info_size;
136     unsigned int rx_key_info_size;
137     unsigned int frag_size;
138     unsigned int mac_secret_size;
139     unsigned int cipher_secret_size;
140     int proto_ver;
141     unsigned int sock_fd;
142     unsigned short dtls_epoch;
143     unsigned short rsv;
144 };
145 
146 /* Set with 'struct tls_key_context'. */
147 #define	TCP_TLSOM_SET_TLS_CONTEXT	(TCP_VENDOR)
148 
149 /* Get returns int of enabled (1) / disabled (0). */
150 #define	TCP_TLSOM_GET_TLS_TOM		(TCP_VENDOR + 1)
151 
152 enum {
153 	TLS_TOM_NONE = 0,
154 	TLS_TOM_TXONLY,
155 	TLS_TOM_BOTH
156 };
157 
158 /* Set with no value. */
159 #define	TCP_TLSOM_CLR_TLS_TOM		(TCP_VENDOR + 2)
160 
161 /* Set with no value. */
162 #define	TCP_TLSOM_CLR_QUIES		(TCP_VENDOR + 3)
163 
164 #ifdef _KERNEL
165 /* Timeouts for handshake timer in seconds. */
166 #define TLS_SRV_HELLO_DONE		9
167 #define TLS_SRV_HELLO_RD_TM		5
168 #define TLS_SRV_HELLO_BKOFF_TM		15
169 
170 #define CONTENT_TYPE_CCS		20
171 #define CONTENT_TYPE_ALERT		21
172 #define CONTENT_TYPE_HANDSHAKE		22
173 #define CONTENT_TYPE_APP_DATA		23
174 #define CONTENT_TYPE_HEARTBEAT		24
175 #define CONTENT_TYPE_KEY_CONTEXT	32
176 #define CONTENT_TYPE_ERROR		127
177 
178 #define GCM_TAG_SIZE			16
179 #define AEAD_EXPLICIT_DATA_SIZE		8
180 #define TLS_HEADER_LENGTH		5
181 #define TP_TX_PG_SZ			65536
182 #define FC_TP_PLEN_MAX			17408
183 
184 #define IPAD_SIZE			64
185 #define OPAD_SIZE			64
186 #define KEY_SIZE			32
187 #define CIPHER_BLOCK_SIZE		16
188 #define HDR_KCTX_SIZE   (IPAD_SIZE + OPAD_SIZE + KEY_SIZE)
189 
190 #define KEY_IN_DDR_SIZE			16
191 #define	TLS_KEY_CONTEXT_SZ	roundup2(sizeof(struct tls_tx_ctxt), 32)
192 
193 /* MAC KEY SIZE */
194 #define SHA_NOP				0
195 #define SHA_GHASH			16
196 #define SHA_224				28
197 #define SHA_256				32
198 #define SHA_384				48
199 #define SHA_512				64
200 #define SHA1				20
201 
202 /* CIPHER KEY SIZE */
203 #define AES_NOP				0
204 #define AES_128				16
205 #define AES_192				24
206 #define AES_256				32
207 
208 enum {
209 	TLS_1_2_VERSION,
210 	TLS_1_1_VERSION,
211 	DTLS_1_2_VERSION,
212 	TLS_VERSION_MAX,
213 };
214 
215 enum {
216 	CH_EVP_CIPH_STREAM_CIPHER,
217 	CH_EVP_CIPH_CBC_MODE,
218 	CH_EVP_CIPH_GCM_MODE,
219 	CH_EVP_CIPH_CTR_MODE,
220 };
221 
222 enum {
223 	TLS_SFO_WR_CONTEXTLOC_DSGL,
224 	TLS_SFO_WR_CONTEXTLOC_IMMEDIATE,
225 	TLS_SFO_WR_CONTEXTLOC_DDR,
226 };
227 
228 enum {
229 	CPL_TX_TLS_SFO_TYPE_CCS,
230 	CPL_TX_TLS_SFO_TYPE_ALERT,
231 	CPL_TX_TLS_SFO_TYPE_HANDSHAKE,
232 	CPL_TX_TLS_SFO_TYPE_DATA,
233 	CPL_TX_TLS_SFO_TYPE_HEARTBEAT,	/* XXX: Shouldn't this be "CUSTOM"? */
234 };
235 
236 enum {
237 	CH_CK_SIZE_128,
238 	CH_CK_SIZE_192,
239 	CH_CK_SIZE_256,
240 	CH_CK_SIZE_NOP,
241 };
242 
243 enum {
244 	CH_MK_SIZE_128,
245 	CH_MK_SIZE_160,
246 	CH_MK_SIZE_192,
247 	CH_MK_SIZE_256,
248 	CH_MK_SIZE_512,
249 	CH_MK_SIZE_NOP,
250 };
251 
252 #define SCMD_ENCDECCTRL_ENCRYPT 0
253 #define SCMD_ENCDECCTRL_DECRYPT 1
254 
255 #define SCMD_CIPH_MODE_NOP			0
256 #define SCMD_CIPH_MODE_AES_CBC			1
257 #define SCMD_CIPH_MODE_AES_GCM			2
258 #define SCMD_CIPH_MODE_AES_CTR			3
259 #define SCMD_CIPH_MODE_AES_GEN			4
260 #define SCMD_CIPH_MODE_AES_CCM			7
261 
262 struct tls_scmd {
263 	__be32 seqno_numivs;
264 	__be32 ivgen_hdrlen;
265 };
266 
267 struct tls_ofld_info {
268 	struct tls_key_context k_ctx;
269 	int key_location;
270 	int mac_length;
271 	int rx_key_addr;
272 	int tx_key_addr;
273 	uint64_t tx_seq_no;
274 	unsigned short fcplenmax;
275 	unsigned short adjusted_plen;
276 	unsigned short expn_per_ulp;
277 	unsigned short pdus_per_ulp;
278 	struct tls_scmd scmd0;
279 	u_int sb_off;
280 	struct callout handshake_timer;
281 	u_int rcv_over;
282 };
283 
284 struct tls_key_req {
285 	__be32 wr_hi;
286 	__be32 wr_mid;
287         __be32 ftid;
288         __u8   reneg_to_write_rx;
289         __u8   protocol;
290         __be16 mfs;
291 	/* master command */
292 	__be32 cmd;
293 	__be32 len16;             /* command length */
294 	__be32 dlen;              /* data length in 32-byte units */
295 	__be32 kaddr;
296 	/* sub-command */
297 	__be32 sc_more;
298 	__be32 sc_len;
299 }__packed;
300 
301 struct tls_keyctx {
302         union key_ctx {
303                 struct tx_keyctx_hdr {
304                         __u8   ctxlen;
305                         __u8   r2;
306                         __be16 dualck_to_txvalid;
307                         __u8   txsalt[4];
308                         __be64 r5;
309                 } txhdr;
310                 struct rx_keyctx_hdr {
311                         __u8   flitcnt_hmacctrl;
312                         __u8   protover_ciphmode;
313                         __u8   authmode_to_rxvalid;
314                         __u8   ivpresent_to_rxmk_size;
315                         __u8   rxsalt[4];
316                         __be64 ivinsert_to_authinsrt;
317                 } rxhdr;
318         } u;
319         struct keys {
320                 __u8   edkey[32];
321                 __u8   ipad[64];
322                 __u8   opad[64];
323         } keys;
324 };
325 
326 #define S_TLS_KEYCTX_TX_WR_DUALCK    12
327 #define M_TLS_KEYCTX_TX_WR_DUALCK    0x1
328 #define V_TLS_KEYCTX_TX_WR_DUALCK(x) ((x) << S_TLS_KEYCTX_TX_WR_DUALCK)
329 #define G_TLS_KEYCTX_TX_WR_DUALCK(x) \
330     (((x) >> S_TLS_KEYCTX_TX_WR_DUALCK) & M_TLS_KEYCTX_TX_WR_DUALCK)
331 #define F_TLS_KEYCTX_TX_WR_DUALCK    V_TLS_KEYCTX_TX_WR_DUALCK(1U)
332 
333 #define S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 11
334 #define M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 0x1
335 #define V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
336     ((x) << S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
337 #define G_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
338     (((x) >> S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT) & \
339      M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
340 #define F_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT \
341     V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(1U)
342 
343 #define S_TLS_KEYCTX_TX_WR_SALT_PRESENT 10
344 #define M_TLS_KEYCTX_TX_WR_SALT_PRESENT 0x1
345 #define V_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
346     ((x) << S_TLS_KEYCTX_TX_WR_SALT_PRESENT)
347 #define G_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
348     (((x) >> S_TLS_KEYCTX_TX_WR_SALT_PRESENT) & \
349      M_TLS_KEYCTX_TX_WR_SALT_PRESENT)
350 #define F_TLS_KEYCTX_TX_WR_SALT_PRESENT \
351     V_TLS_KEYCTX_TX_WR_SALT_PRESENT(1U)
352 
353 #define S_TLS_KEYCTX_TX_WR_TXCK_SIZE 6
354 #define M_TLS_KEYCTX_TX_WR_TXCK_SIZE 0xf
355 #define V_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
356     ((x) << S_TLS_KEYCTX_TX_WR_TXCK_SIZE)
357 #define G_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
358     (((x) >> S_TLS_KEYCTX_TX_WR_TXCK_SIZE) & \
359      M_TLS_KEYCTX_TX_WR_TXCK_SIZE)
360 
361 #define S_TLS_KEYCTX_TX_WR_TXMK_SIZE 2
362 #define M_TLS_KEYCTX_TX_WR_TXMK_SIZE 0xf
363 #define V_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
364     ((x) << S_TLS_KEYCTX_TX_WR_TXMK_SIZE)
365 #define G_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
366     (((x) >> S_TLS_KEYCTX_TX_WR_TXMK_SIZE) & \
367      M_TLS_KEYCTX_TX_WR_TXMK_SIZE)
368 
369 #define S_TLS_KEYCTX_TX_WR_TXVALID   0
370 #define M_TLS_KEYCTX_TX_WR_TXVALID   0x1
371 #define V_TLS_KEYCTX_TX_WR_TXVALID(x) \
372     ((x) << S_TLS_KEYCTX_TX_WR_TXVALID)
373 #define G_TLS_KEYCTX_TX_WR_TXVALID(x) \
374     (((x) >> S_TLS_KEYCTX_TX_WR_TXVALID) & M_TLS_KEYCTX_TX_WR_TXVALID)
375 #define F_TLS_KEYCTX_TX_WR_TXVALID   V_TLS_KEYCTX_TX_WR_TXVALID(1U)
376 
377 #define S_TLS_KEYCTX_TX_WR_FLITCNT   3
378 #define M_TLS_KEYCTX_TX_WR_FLITCNT   0x1f
379 #define V_TLS_KEYCTX_TX_WR_FLITCNT(x) \
380     ((x) << S_TLS_KEYCTX_TX_WR_FLITCNT)
381 #define G_TLS_KEYCTX_TX_WR_FLITCNT(x) \
382     (((x) >> S_TLS_KEYCTX_TX_WR_FLITCNT) & M_TLS_KEYCTX_TX_WR_FLITCNT)
383 
384 #define S_TLS_KEYCTX_TX_WR_HMACCTRL  0
385 #define M_TLS_KEYCTX_TX_WR_HMACCTRL  0x7
386 #define V_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
387     ((x) << S_TLS_KEYCTX_TX_WR_HMACCTRL)
388 #define G_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
389     (((x) >> S_TLS_KEYCTX_TX_WR_HMACCTRL) & M_TLS_KEYCTX_TX_WR_HMACCTRL)
390 
391 #define S_TLS_KEYCTX_TX_WR_PROTOVER  4
392 #define M_TLS_KEYCTX_TX_WR_PROTOVER  0xf
393 #define V_TLS_KEYCTX_TX_WR_PROTOVER(x) \
394     ((x) << S_TLS_KEYCTX_TX_WR_PROTOVER)
395 #define G_TLS_KEYCTX_TX_WR_PROTOVER(x) \
396     (((x) >> S_TLS_KEYCTX_TX_WR_PROTOVER) & M_TLS_KEYCTX_TX_WR_PROTOVER)
397 
398 #define S_TLS_KEYCTX_TX_WR_CIPHMODE  0
399 #define M_TLS_KEYCTX_TX_WR_CIPHMODE  0xf
400 #define V_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
401     ((x) << S_TLS_KEYCTX_TX_WR_CIPHMODE)
402 #define G_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
403     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHMODE) & M_TLS_KEYCTX_TX_WR_CIPHMODE)
404 
405 #define S_TLS_KEYCTX_TX_WR_AUTHMODE  4
406 #define M_TLS_KEYCTX_TX_WR_AUTHMODE  0xf
407 #define V_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
408     ((x) << S_TLS_KEYCTX_TX_WR_AUTHMODE)
409 #define G_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
410     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHMODE) & M_TLS_KEYCTX_TX_WR_AUTHMODE)
411 
412 #define S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 3
413 #define M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 0x1
414 #define V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
415     ((x) << S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
416 #define G_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
417     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL) & \
418      M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
419 #define F_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL \
420     V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(1U)
421 
422 #define S_TLS_KEYCTX_TX_WR_SEQNUMCTRL 1
423 #define M_TLS_KEYCTX_TX_WR_SEQNUMCTRL 0x3
424 #define V_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
425     ((x) << S_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
426 #define G_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
427     (((x) >> S_TLS_KEYCTX_TX_WR_SEQNUMCTRL) & \
428      M_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
429 
430 #define S_TLS_KEYCTX_TX_WR_RXVALID   0
431 #define M_TLS_KEYCTX_TX_WR_RXVALID   0x1
432 #define V_TLS_KEYCTX_TX_WR_RXVALID(x) \
433     ((x) << S_TLS_KEYCTX_TX_WR_RXVALID)
434 #define G_TLS_KEYCTX_TX_WR_RXVALID(x) \
435     (((x) >> S_TLS_KEYCTX_TX_WR_RXVALID) & M_TLS_KEYCTX_TX_WR_RXVALID)
436 #define F_TLS_KEYCTX_TX_WR_RXVALID   V_TLS_KEYCTX_TX_WR_RXVALID(1U)
437 
438 #define S_TLS_KEYCTX_TX_WR_IVPRESENT 7
439 #define M_TLS_KEYCTX_TX_WR_IVPRESENT 0x1
440 #define V_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
441     ((x) << S_TLS_KEYCTX_TX_WR_IVPRESENT)
442 #define G_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
443     (((x) >> S_TLS_KEYCTX_TX_WR_IVPRESENT) & \
444      M_TLS_KEYCTX_TX_WR_IVPRESENT)
445 #define F_TLS_KEYCTX_TX_WR_IVPRESENT V_TLS_KEYCTX_TX_WR_IVPRESENT(1U)
446 
447 #define S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 6
448 #define M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 0x1
449 #define V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
450     ((x) << S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
451 #define G_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
452     (((x) >> S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT) & \
453      M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
454 #define F_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT \
455     V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(1U)
456 
457 #define S_TLS_KEYCTX_TX_WR_RXCK_SIZE 3
458 #define M_TLS_KEYCTX_TX_WR_RXCK_SIZE 0x7
459 #define V_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
460     ((x) << S_TLS_KEYCTX_TX_WR_RXCK_SIZE)
461 #define G_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
462     (((x) >> S_TLS_KEYCTX_TX_WR_RXCK_SIZE) & \
463      M_TLS_KEYCTX_TX_WR_RXCK_SIZE)
464 
465 #define S_TLS_KEYCTX_TX_WR_RXMK_SIZE 0
466 #define M_TLS_KEYCTX_TX_WR_RXMK_SIZE 0x7
467 #define V_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
468     ((x) << S_TLS_KEYCTX_TX_WR_RXMK_SIZE)
469 #define G_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
470     (((x) >> S_TLS_KEYCTX_TX_WR_RXMK_SIZE) & \
471      M_TLS_KEYCTX_TX_WR_RXMK_SIZE)
472 
473 #define S_TLS_KEYCTX_TX_WR_IVINSERT  55
474 #define M_TLS_KEYCTX_TX_WR_IVINSERT  0x1ffULL
475 #define V_TLS_KEYCTX_TX_WR_IVINSERT(x) \
476     ((x) << S_TLS_KEYCTX_TX_WR_IVINSERT)
477 #define G_TLS_KEYCTX_TX_WR_IVINSERT(x) \
478     (((x) >> S_TLS_KEYCTX_TX_WR_IVINSERT) & M_TLS_KEYCTX_TX_WR_IVINSERT)
479 
480 #define S_TLS_KEYCTX_TX_WR_AADSTRTOFST 47
481 #define M_TLS_KEYCTX_TX_WR_AADSTRTOFST 0xffULL
482 #define V_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
483     ((x) << S_TLS_KEYCTX_TX_WR_AADSTRTOFST)
484 #define G_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
485     (((x) >> S_TLS_KEYCTX_TX_WR_AADSTRTOFST) & \
486      M_TLS_KEYCTX_TX_WR_AADSTRTOFST)
487 
488 #define S_TLS_KEYCTX_TX_WR_AADSTOPOFST 39
489 #define M_TLS_KEYCTX_TX_WR_AADSTOPOFST 0xffULL
490 #define V_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
491     ((x) << S_TLS_KEYCTX_TX_WR_AADSTOPOFST)
492 #define G_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
493     (((x) >> S_TLS_KEYCTX_TX_WR_AADSTOPOFST) & \
494      M_TLS_KEYCTX_TX_WR_AADSTOPOFST)
495 
496 #define S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 30
497 #define M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 0x1ffULL
498 #define V_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
499     ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
500 #define G_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
501     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST) & \
502      M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
503 
504 #define S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 23
505 #define M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 0x7f
506 #define V_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
507     ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
508 #define G_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
509     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST) & \
510      M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
511 
512 #define S_TLS_KEYCTX_TX_WR_AUTHSRTOFST 14
513 #define M_TLS_KEYCTX_TX_WR_AUTHSRTOFST 0x1ff
514 #define V_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
515     ((x) << S_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
516 #define G_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
517     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSRTOFST) & \
518      M_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
519 
520 #define S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 7
521 #define M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 0x7f
522 #define V_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
523     ((x) << S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
524 #define G_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
525     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST) & \
526      M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
527 
528 #define S_TLS_KEYCTX_TX_WR_AUTHINSRT 0
529 #define M_TLS_KEYCTX_TX_WR_AUTHINSRT 0x7f
530 #define V_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
531     ((x) << S_TLS_KEYCTX_TX_WR_AUTHINSRT)
532 #define G_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
533     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHINSRT) & \
534      M_TLS_KEYCTX_TX_WR_AUTHINSRT)
535 
536 struct tls_hdr {
537 	__u8   type;
538 	__be16 version;
539 	__be16 length;
540 } __packed;
541 
542 struct tlsrx_hdr_pkt {
543 	__u8   type;
544 	__be16 version;
545 	__be16 length;
546 
547 	__be64 tls_seq;
548 	__be16 reserved1;
549 	__u8   res_to_mac_error;
550 } __packed;
551 
552 /* res_to_mac_error fields */
553 #define S_TLSRX_HDR_PKT_INTERNAL_ERROR   4
554 #define M_TLSRX_HDR_PKT_INTERNAL_ERROR   0x1
555 #define V_TLSRX_HDR_PKT_INTERNAL_ERROR(x) \
556 	((x) << S_TLSRX_HDR_PKT_INTERNAL_ERROR)
557 #define G_TLSRX_HDR_PKT_INTERNAL_ERROR(x) \
558 (((x) >> S_TLSRX_HDR_PKT_INTERNAL_ERROR) & M_TLSRX_HDR_PKT_INTERNAL_ERROR)
559 #define F_TLSRX_HDR_PKT_INTERNAL_ERROR   V_TLSRX_HDR_PKT_INTERNAL_ERROR(1U)
560 
561 #define S_TLSRX_HDR_PKT_SPP_ERROR        3
562 #define M_TLSRX_HDR_PKT_SPP_ERROR        0x1
563 #define V_TLSRX_HDR_PKT_SPP_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_SPP_ERROR)
564 #define G_TLSRX_HDR_PKT_SPP_ERROR(x)     \
565 (((x) >> S_TLSRX_HDR_PKT_SPP_ERROR) & M_TLSRX_HDR_PKT_SPP_ERROR)
566 #define F_TLSRX_HDR_PKT_SPP_ERROR        V_TLSRX_HDR_PKT_SPP_ERROR(1U)
567 
568 #define S_TLSRX_HDR_PKT_CCDX_ERROR       2
569 #define M_TLSRX_HDR_PKT_CCDX_ERROR       0x1
570 #define V_TLSRX_HDR_PKT_CCDX_ERROR(x)    ((x) << S_TLSRX_HDR_PKT_CCDX_ERROR)
571 #define G_TLSRX_HDR_PKT_CCDX_ERROR(x)    \
572 (((x) >> S_TLSRX_HDR_PKT_CCDX_ERROR) & M_TLSRX_HDR_PKT_CCDX_ERROR)
573 #define F_TLSRX_HDR_PKT_CCDX_ERROR       V_TLSRX_HDR_PKT_CCDX_ERROR(1U)
574 
575 #define S_TLSRX_HDR_PKT_PAD_ERROR        1
576 #define M_TLSRX_HDR_PKT_PAD_ERROR        0x1
577 #define V_TLSRX_HDR_PKT_PAD_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_PAD_ERROR)
578 #define G_TLSRX_HDR_PKT_PAD_ERROR(x)     \
579 (((x) >> S_TLSRX_HDR_PKT_PAD_ERROR) & M_TLSRX_HDR_PKT_PAD_ERROR)
580 #define F_TLSRX_HDR_PKT_PAD_ERROR        V_TLSRX_HDR_PKT_PAD_ERROR(1U)
581 
582 #define S_TLSRX_HDR_PKT_MAC_ERROR        0
583 #define M_TLSRX_HDR_PKT_MAC_ERROR        0x1
584 #define V_TLSRX_HDR_PKT_MAC_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_MAC_ERROR)
585 #define G_TLSRX_HDR_PKT_MAC_ERROR(x)     \
586 (((x) >> S_TLSRX_HDR_PKT_MAC_ERROR) & M_TLSRX_HDR_PKT_MAC_ERROR)
587 #define F_TLSRX_HDR_PKT_MAC_ERROR        V_TLSRX_HDR_PKT_MAC_ERROR(1U)
588 
589 #define M_TLSRX_HDR_PKT_ERROR		0x1F
590 
591 #endif /* _KERNEL */
592 
593 #endif /* !__T4_TLS_H__ */
594