xref: /freebsd/sys/dev/cxgbe/tom/t4_tls.h (revision 6683132d54bd6d589889e43dabdc53d35e38a028)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2017-2018 Chelsio Communications, Inc.
5  * All rights reserved.
6  * Written by: John Baldwin <jhb@FreeBSD.org>, Atul Gupta
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $FreeBSD$
30  *
31  */
32 
33 #ifndef __T4_TLS_H__
34 #define __T4_TLS_H__
35 
36 #define TLS1_VERSION                    0x0301
37 #define TLS1_1_VERSION                  0x0302
38 #define TLS1_2_VERSION                  0x0303
39 #define TLS_MAX_VERSION                 TLS1_2_VERSION
40 
41 #define DTLS1_VERSION                   0xFEFF
42 #define DTLS1_2_VERSION                 0xFEFD
43 #define DTLS_MAX_VERSION                DTLS1_2_VERSION
44 #define DTLS1_VERSION_MAJOR             0xFE
45 
46 /* Custom socket options for TLS+TOE. */
47 
48 #define MAX_MAC_KSZ		64	/*512 bits */
49 #define MAX_CIPHER_KSZ		32	/* 256 bits */
50 #define CIPHER_BLOCK_SZ		16
51 #define SALT_SIZE		4
52 
53 /* Can accomodate 16, 11-15 are reserved */
54 enum {
55     CHSSL_SHA_NOP,
56     CHSSL_SHA1,
57     CHSSL_SHA224,
58     CHSSL_SHA256,
59     CHSSL_GHASH,
60     CHSSL_SHA512_224,
61     CHSSL_SHA512_256,
62     CHSSL_SHA512_384,
63     CHSSL_SHA512_512,
64     CHSSL_CBCMAC,
65     CHSSL_CMAC,
66 };
67 
68 /* Can accomodate 16, 8-15 are reserved */
69 enum {
70     CHSSL_CIPH_NOP,
71     CHSSL_AES_CBC,
72     CHSSL_AES_GCM,
73     CHSSL_AES_CTR,
74     CHSSL_AES_GEN,
75     CHSSL_IPSEC_ESP,
76     CHSSL_AES_XTS,
77     CHSSL_AES_CCM,
78 };
79 
80 /* Key Context Programming Operation type */
81 #define KEY_WRITE_RX			0x1
82 #define KEY_WRITE_TX			0x2
83 #define KEY_DELETE_RX			0x4
84 #define KEY_DELETE_TX			0x8
85 
86 #define S_KEY_CLR_LOC		4
87 #define M_KEY_CLR_LOC		0xf
88 #define V_KEY_CLR_LOC(x)	((x) << S_KEY_CLR_LOC)
89 #define G_KEY_CLR_LOC(x)	(((x) >> S_KEY_CLR_LOC) & M_KEY_CLR_LOC)
90 #define F_KEY_CLR_LOC		V_KEY_CLR_LOC(1U)
91 
92 #define S_KEY_GET_LOC           0
93 #define M_KEY_GET_LOC           0xf
94 #define V_KEY_GET_LOC(x)        ((x) << S_KEY_GET_LOC)
95 #define G_KEY_GET_LOC(x)        (((x) >> S_KEY_GET_LOC) & M_KEY_GET_LOC)
96 
97 struct tls_ofld_state {
98     unsigned char enc_mode;
99     unsigned char mac_mode;
100     unsigned char key_loc;
101     unsigned char ofld_mode;
102     unsigned char auth_mode;
103     unsigned char resv[3];
104 };
105 
106 struct tls_tx_ctxt {
107     unsigned char   salt[SALT_SIZE];
108     unsigned char key[MAX_CIPHER_KSZ];
109     unsigned char ipad[MAX_MAC_KSZ];
110     unsigned char opad[MAX_MAC_KSZ];
111 };
112 
113 struct tls_rx_ctxt {
114     unsigned char   salt[SALT_SIZE];
115     unsigned char key[MAX_CIPHER_KSZ];
116     unsigned char ipad[MAX_MAC_KSZ];
117     unsigned char opad[MAX_MAC_KSZ];
118 };
119 
120 struct tls_key_context {
121     struct tls_tx_ctxt tx;
122     struct tls_rx_ctxt rx;
123 
124     unsigned char l_p_key;
125     unsigned char hmac_ctrl;
126     unsigned char mac_first;
127     unsigned char iv_size;
128     unsigned char iv_ctrl;
129     unsigned char iv_algo;
130     unsigned char tx_seq_no;
131     unsigned char rx_seq_no;
132 
133     struct tls_ofld_state state;
134 
135     unsigned int tx_key_info_size;
136     unsigned int rx_key_info_size;
137     unsigned int frag_size;
138     unsigned int mac_secret_size;
139     unsigned int cipher_secret_size;
140     int proto_ver;
141     unsigned int sock_fd;
142     unsigned short dtls_epoch;
143     unsigned short rsv;
144 };
145 
146 /* Set with 'struct tls_key_context'. */
147 #define	TCP_TLSOM_SET_TLS_CONTEXT	(TCP_VENDOR)
148 
149 /* Get returns int of enabled (1) / disabled (0). */
150 #define	TCP_TLSOM_GET_TLS_TOM		(TCP_VENDOR + 1)
151 
152 enum {
153 	TLS_TOM_NONE = 0,
154 	TLS_TOM_TXONLY,
155 	TLS_TOM_BOTH
156 };
157 
158 /* Set with no value. */
159 #define	TCP_TLSOM_CLR_TLS_TOM		(TCP_VENDOR + 2)
160 
161 /* Set with no value. */
162 #define	TCP_TLSOM_CLR_QUIES		(TCP_VENDOR + 3)
163 
164 #ifdef _KERNEL
165 /* Timeouts for handshake timer in seconds. */
166 #define TLS_SRV_HELLO_DONE		9
167 #define TLS_SRV_HELLO_RD_TM		5
168 #define TLS_SRV_HELLO_BKOFF_TM		15
169 
170 #define CONTENT_TYPE_CCS		20
171 #define CONTENT_TYPE_ALERT		21
172 #define CONTENT_TYPE_HANDSHAKE		22
173 #define CONTENT_TYPE_APP_DATA		23
174 #define CONTENT_TYPE_HEARTBEAT		24
175 #define CONTENT_TYPE_KEY_CONTEXT	32
176 #define CONTENT_TYPE_ERROR		127
177 
178 #define GCM_TAG_SIZE			16
179 #define AEAD_EXPLICIT_DATA_SIZE		8
180 #define TLS_HEADER_LENGTH		5
181 #define TP_TX_PG_SZ			65536
182 #define FC_TP_PLEN_MAX			17408
183 
184 #define IPAD_SIZE			64
185 #define OPAD_SIZE			64
186 #define KEY_SIZE			32
187 #define CIPHER_BLOCK_SIZE		16
188 #define HDR_KCTX_SIZE   (IPAD_SIZE + OPAD_SIZE + KEY_SIZE)
189 
190 #define KEY_IN_DDR_SIZE			16
191 #define	TLS_KEY_CONTEXT_SZ	roundup2(sizeof(struct tls_tx_ctxt), 32)
192 
193 /* MAC KEY SIZE */
194 #define SHA_NOP				0
195 #define SHA_GHASH			16
196 #define SHA_224				28
197 #define SHA_256				32
198 #define SHA_384				48
199 #define SHA_512				64
200 #define SHA1				20
201 
202 /* CIPHER KEY SIZE */
203 #define AES_NOP				0
204 #define AES_128				16
205 #define AES_192				24
206 #define AES_256				32
207 
208 enum {
209 	TLS_1_2_VERSION,
210 	TLS_1_1_VERSION,
211 	DTLS_1_2_VERSION,
212 	TLS_VERSION_MAX,
213 };
214 
215 enum {
216 	CH_EVP_CIPH_STREAM_CIPHER,
217 	CH_EVP_CIPH_CBC_MODE,
218 	CH_EVP_CIPH_GCM_MODE,
219 	CH_EVP_CIPH_CTR_MODE,
220 };
221 
222 enum {
223 	TLS_SFO_WR_CONTEXTLOC_DSGL,
224 	TLS_SFO_WR_CONTEXTLOC_IMMEDIATE,
225 	TLS_SFO_WR_CONTEXTLOC_DDR,
226 };
227 
228 enum {
229 	CPL_TX_TLS_SFO_TYPE_CCS,
230 	CPL_TX_TLS_SFO_TYPE_ALERT,
231 	CPL_TX_TLS_SFO_TYPE_HANDSHAKE,
232 	CPL_TX_TLS_SFO_TYPE_DATA,
233 	CPL_TX_TLS_SFO_TYPE_HEARTBEAT,	/* XXX: Shouldn't this be "CUSTOM"? */
234 };
235 
236 enum {
237 	CH_CK_SIZE_128,
238 	CH_CK_SIZE_192,
239 	CH_CK_SIZE_256,
240 	CH_CK_SIZE_NOP,
241 };
242 
243 enum {
244 	CH_MK_SIZE_128,
245 	CH_MK_SIZE_160,
246 	CH_MK_SIZE_192,
247 	CH_MK_SIZE_256,
248 	CH_MK_SIZE_512,
249 	CH_MK_SIZE_NOP,
250 };
251 
252 struct tls_scmd {
253 	__be32 seqno_numivs;
254 	__be32 ivgen_hdrlen;
255 };
256 
257 struct tls_ofld_info {
258 	struct tls_key_context k_ctx;
259 	int key_location;
260 	int mac_length;
261 	int rx_key_addr;
262 	int tx_key_addr;
263 	uint64_t tx_seq_no;
264 	unsigned short fcplenmax;
265 	unsigned short adjusted_plen;
266 	unsigned short expn_per_ulp;
267 	unsigned short pdus_per_ulp;
268 	struct tls_scmd scmd0;
269 	u_int sb_off;
270 	struct callout handshake_timer;
271 	u_int rcv_over;
272 };
273 
274 struct tls_key_req {
275 	__be32 wr_hi;
276 	__be32 wr_mid;
277         __be32 ftid;
278         __u8   reneg_to_write_rx;
279         __u8   protocol;
280         __be16 mfs;
281 	/* master command */
282 	__be32 cmd;
283 	__be32 len16;             /* command length */
284 	__be32 dlen;              /* data length in 32-byte units */
285 	__be32 kaddr;
286 	/* sub-command */
287 	__be32 sc_more;
288 	__be32 sc_len;
289 }__packed;
290 
291 struct tls_keyctx {
292         union key_ctx {
293                 struct tx_keyctx_hdr {
294                         __u8   ctxlen;
295                         __u8   r2;
296                         __be16 dualck_to_txvalid;
297                         __u8   txsalt[4];
298                         __be64 r5;
299                 } txhdr;
300                 struct rx_keyctx_hdr {
301                         __u8   flitcnt_hmacctrl;
302                         __u8   protover_ciphmode;
303                         __u8   authmode_to_rxvalid;
304                         __u8   ivpresent_to_rxmk_size;
305                         __u8   rxsalt[4];
306                         __be64 ivinsert_to_authinsrt;
307                 } rxhdr;
308         } u;
309         struct keys {
310                 __u8   edkey[32];
311                 __u8   ipad[64];
312                 __u8   opad[64];
313         } keys;
314 };
315 
316 #define S_TLS_KEYCTX_TX_WR_DUALCK    12
317 #define M_TLS_KEYCTX_TX_WR_DUALCK    0x1
318 #define V_TLS_KEYCTX_TX_WR_DUALCK(x) ((x) << S_TLS_KEYCTX_TX_WR_DUALCK)
319 #define G_TLS_KEYCTX_TX_WR_DUALCK(x) \
320     (((x) >> S_TLS_KEYCTX_TX_WR_DUALCK) & M_TLS_KEYCTX_TX_WR_DUALCK)
321 #define F_TLS_KEYCTX_TX_WR_DUALCK    V_TLS_KEYCTX_TX_WR_DUALCK(1U)
322 
323 #define S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 11
324 #define M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 0x1
325 #define V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
326     ((x) << S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
327 #define G_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
328     (((x) >> S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT) & \
329      M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
330 #define F_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT \
331     V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(1U)
332 
333 #define S_TLS_KEYCTX_TX_WR_SALT_PRESENT 10
334 #define M_TLS_KEYCTX_TX_WR_SALT_PRESENT 0x1
335 #define V_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
336     ((x) << S_TLS_KEYCTX_TX_WR_SALT_PRESENT)
337 #define G_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
338     (((x) >> S_TLS_KEYCTX_TX_WR_SALT_PRESENT) & \
339      M_TLS_KEYCTX_TX_WR_SALT_PRESENT)
340 #define F_TLS_KEYCTX_TX_WR_SALT_PRESENT \
341     V_TLS_KEYCTX_TX_WR_SALT_PRESENT(1U)
342 
343 #define S_TLS_KEYCTX_TX_WR_TXCK_SIZE 6
344 #define M_TLS_KEYCTX_TX_WR_TXCK_SIZE 0xf
345 #define V_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
346     ((x) << S_TLS_KEYCTX_TX_WR_TXCK_SIZE)
347 #define G_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
348     (((x) >> S_TLS_KEYCTX_TX_WR_TXCK_SIZE) & \
349      M_TLS_KEYCTX_TX_WR_TXCK_SIZE)
350 
351 #define S_TLS_KEYCTX_TX_WR_TXMK_SIZE 2
352 #define M_TLS_KEYCTX_TX_WR_TXMK_SIZE 0xf
353 #define V_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
354     ((x) << S_TLS_KEYCTX_TX_WR_TXMK_SIZE)
355 #define G_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
356     (((x) >> S_TLS_KEYCTX_TX_WR_TXMK_SIZE) & \
357      M_TLS_KEYCTX_TX_WR_TXMK_SIZE)
358 
359 #define S_TLS_KEYCTX_TX_WR_TXVALID   0
360 #define M_TLS_KEYCTX_TX_WR_TXVALID   0x1
361 #define V_TLS_KEYCTX_TX_WR_TXVALID(x) \
362     ((x) << S_TLS_KEYCTX_TX_WR_TXVALID)
363 #define G_TLS_KEYCTX_TX_WR_TXVALID(x) \
364     (((x) >> S_TLS_KEYCTX_TX_WR_TXVALID) & M_TLS_KEYCTX_TX_WR_TXVALID)
365 #define F_TLS_KEYCTX_TX_WR_TXVALID   V_TLS_KEYCTX_TX_WR_TXVALID(1U)
366 
367 #define S_TLS_KEYCTX_TX_WR_FLITCNT   3
368 #define M_TLS_KEYCTX_TX_WR_FLITCNT   0x1f
369 #define V_TLS_KEYCTX_TX_WR_FLITCNT(x) \
370     ((x) << S_TLS_KEYCTX_TX_WR_FLITCNT)
371 #define G_TLS_KEYCTX_TX_WR_FLITCNT(x) \
372     (((x) >> S_TLS_KEYCTX_TX_WR_FLITCNT) & M_TLS_KEYCTX_TX_WR_FLITCNT)
373 
374 #define S_TLS_KEYCTX_TX_WR_HMACCTRL  0
375 #define M_TLS_KEYCTX_TX_WR_HMACCTRL  0x7
376 #define V_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
377     ((x) << S_TLS_KEYCTX_TX_WR_HMACCTRL)
378 #define G_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
379     (((x) >> S_TLS_KEYCTX_TX_WR_HMACCTRL) & M_TLS_KEYCTX_TX_WR_HMACCTRL)
380 
381 #define S_TLS_KEYCTX_TX_WR_PROTOVER  4
382 #define M_TLS_KEYCTX_TX_WR_PROTOVER  0xf
383 #define V_TLS_KEYCTX_TX_WR_PROTOVER(x) \
384     ((x) << S_TLS_KEYCTX_TX_WR_PROTOVER)
385 #define G_TLS_KEYCTX_TX_WR_PROTOVER(x) \
386     (((x) >> S_TLS_KEYCTX_TX_WR_PROTOVER) & M_TLS_KEYCTX_TX_WR_PROTOVER)
387 
388 #define S_TLS_KEYCTX_TX_WR_CIPHMODE  0
389 #define M_TLS_KEYCTX_TX_WR_CIPHMODE  0xf
390 #define V_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
391     ((x) << S_TLS_KEYCTX_TX_WR_CIPHMODE)
392 #define G_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
393     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHMODE) & M_TLS_KEYCTX_TX_WR_CIPHMODE)
394 
395 #define S_TLS_KEYCTX_TX_WR_AUTHMODE  4
396 #define M_TLS_KEYCTX_TX_WR_AUTHMODE  0xf
397 #define V_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
398     ((x) << S_TLS_KEYCTX_TX_WR_AUTHMODE)
399 #define G_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
400     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHMODE) & M_TLS_KEYCTX_TX_WR_AUTHMODE)
401 
402 #define S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 3
403 #define M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 0x1
404 #define V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
405     ((x) << S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
406 #define G_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
407     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL) & \
408      M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
409 #define F_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL \
410     V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(1U)
411 
412 #define S_TLS_KEYCTX_TX_WR_SEQNUMCTRL 1
413 #define M_TLS_KEYCTX_TX_WR_SEQNUMCTRL 0x3
414 #define V_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
415     ((x) << S_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
416 #define G_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
417     (((x) >> S_TLS_KEYCTX_TX_WR_SEQNUMCTRL) & \
418      M_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
419 
420 #define S_TLS_KEYCTX_TX_WR_RXVALID   0
421 #define M_TLS_KEYCTX_TX_WR_RXVALID   0x1
422 #define V_TLS_KEYCTX_TX_WR_RXVALID(x) \
423     ((x) << S_TLS_KEYCTX_TX_WR_RXVALID)
424 #define G_TLS_KEYCTX_TX_WR_RXVALID(x) \
425     (((x) >> S_TLS_KEYCTX_TX_WR_RXVALID) & M_TLS_KEYCTX_TX_WR_RXVALID)
426 #define F_TLS_KEYCTX_TX_WR_RXVALID   V_TLS_KEYCTX_TX_WR_RXVALID(1U)
427 
428 #define S_TLS_KEYCTX_TX_WR_IVPRESENT 7
429 #define M_TLS_KEYCTX_TX_WR_IVPRESENT 0x1
430 #define V_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
431     ((x) << S_TLS_KEYCTX_TX_WR_IVPRESENT)
432 #define G_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
433     (((x) >> S_TLS_KEYCTX_TX_WR_IVPRESENT) & \
434      M_TLS_KEYCTX_TX_WR_IVPRESENT)
435 #define F_TLS_KEYCTX_TX_WR_IVPRESENT V_TLS_KEYCTX_TX_WR_IVPRESENT(1U)
436 
437 #define S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 6
438 #define M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 0x1
439 #define V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
440     ((x) << S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
441 #define G_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
442     (((x) >> S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT) & \
443      M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
444 #define F_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT \
445     V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(1U)
446 
447 #define S_TLS_KEYCTX_TX_WR_RXCK_SIZE 3
448 #define M_TLS_KEYCTX_TX_WR_RXCK_SIZE 0x7
449 #define V_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
450     ((x) << S_TLS_KEYCTX_TX_WR_RXCK_SIZE)
451 #define G_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
452     (((x) >> S_TLS_KEYCTX_TX_WR_RXCK_SIZE) & \
453      M_TLS_KEYCTX_TX_WR_RXCK_SIZE)
454 
455 #define S_TLS_KEYCTX_TX_WR_RXMK_SIZE 0
456 #define M_TLS_KEYCTX_TX_WR_RXMK_SIZE 0x7
457 #define V_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
458     ((x) << S_TLS_KEYCTX_TX_WR_RXMK_SIZE)
459 #define G_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
460     (((x) >> S_TLS_KEYCTX_TX_WR_RXMK_SIZE) & \
461      M_TLS_KEYCTX_TX_WR_RXMK_SIZE)
462 
463 #define S_TLS_KEYCTX_TX_WR_IVINSERT  55
464 #define M_TLS_KEYCTX_TX_WR_IVINSERT  0x1ffULL
465 #define V_TLS_KEYCTX_TX_WR_IVINSERT(x) \
466     ((x) << S_TLS_KEYCTX_TX_WR_IVINSERT)
467 #define G_TLS_KEYCTX_TX_WR_IVINSERT(x) \
468     (((x) >> S_TLS_KEYCTX_TX_WR_IVINSERT) & M_TLS_KEYCTX_TX_WR_IVINSERT)
469 
470 #define S_TLS_KEYCTX_TX_WR_AADSTRTOFST 47
471 #define M_TLS_KEYCTX_TX_WR_AADSTRTOFST 0xffULL
472 #define V_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
473     ((x) << S_TLS_KEYCTX_TX_WR_AADSTRTOFST)
474 #define G_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
475     (((x) >> S_TLS_KEYCTX_TX_WR_AADSTRTOFST) & \
476      M_TLS_KEYCTX_TX_WR_AADSTRTOFST)
477 
478 #define S_TLS_KEYCTX_TX_WR_AADSTOPOFST 39
479 #define M_TLS_KEYCTX_TX_WR_AADSTOPOFST 0xffULL
480 #define V_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
481     ((x) << S_TLS_KEYCTX_TX_WR_AADSTOPOFST)
482 #define G_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
483     (((x) >> S_TLS_KEYCTX_TX_WR_AADSTOPOFST) & \
484      M_TLS_KEYCTX_TX_WR_AADSTOPOFST)
485 
486 #define S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 30
487 #define M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 0x1ffULL
488 #define V_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
489     ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
490 #define G_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
491     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST) & \
492      M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
493 
494 #define S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 23
495 #define M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 0x7f
496 #define V_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
497     ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
498 #define G_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
499     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST) & \
500      M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
501 
502 #define S_TLS_KEYCTX_TX_WR_AUTHSRTOFST 14
503 #define M_TLS_KEYCTX_TX_WR_AUTHSRTOFST 0x1ff
504 #define V_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
505     ((x) << S_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
506 #define G_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
507     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSRTOFST) & \
508      M_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
509 
510 #define S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 7
511 #define M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 0x7f
512 #define V_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
513     ((x) << S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
514 #define G_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
515     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST) & \
516      M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
517 
518 #define S_TLS_KEYCTX_TX_WR_AUTHINSRT 0
519 #define M_TLS_KEYCTX_TX_WR_AUTHINSRT 0x7f
520 #define V_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
521     ((x) << S_TLS_KEYCTX_TX_WR_AUTHINSRT)
522 #define G_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
523     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHINSRT) & \
524      M_TLS_KEYCTX_TX_WR_AUTHINSRT)
525 
526 struct tls_hdr {
527 	__u8   type;
528 	__be16 version;
529 	__be16 length;
530 } __packed;
531 
532 struct tlsrx_hdr_pkt {
533 	__u8   type;
534 	__be16 version;
535 	__be16 length;
536 
537 	__be64 tls_seq;
538 	__be16 reserved1;
539 	__u8   res_to_mac_error;
540 } __packed;
541 
542 /* res_to_mac_error fields */
543 #define S_TLSRX_HDR_PKT_INTERNAL_ERROR   4
544 #define M_TLSRX_HDR_PKT_INTERNAL_ERROR   0x1
545 #define V_TLSRX_HDR_PKT_INTERNAL_ERROR(x) \
546 	((x) << S_TLSRX_HDR_PKT_INTERNAL_ERROR)
547 #define G_TLSRX_HDR_PKT_INTERNAL_ERROR(x) \
548 (((x) >> S_TLSRX_HDR_PKT_INTERNAL_ERROR) & M_TLSRX_HDR_PKT_INTERNAL_ERROR)
549 #define F_TLSRX_HDR_PKT_INTERNAL_ERROR   V_TLSRX_HDR_PKT_INTERNAL_ERROR(1U)
550 
551 #define S_TLSRX_HDR_PKT_SPP_ERROR        3
552 #define M_TLSRX_HDR_PKT_SPP_ERROR        0x1
553 #define V_TLSRX_HDR_PKT_SPP_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_SPP_ERROR)
554 #define G_TLSRX_HDR_PKT_SPP_ERROR(x)     \
555 (((x) >> S_TLSRX_HDR_PKT_SPP_ERROR) & M_TLSRX_HDR_PKT_SPP_ERROR)
556 #define F_TLSRX_HDR_PKT_SPP_ERROR        V_TLSRX_HDR_PKT_SPP_ERROR(1U)
557 
558 #define S_TLSRX_HDR_PKT_CCDX_ERROR       2
559 #define M_TLSRX_HDR_PKT_CCDX_ERROR       0x1
560 #define V_TLSRX_HDR_PKT_CCDX_ERROR(x)    ((x) << S_TLSRX_HDR_PKT_CCDX_ERROR)
561 #define G_TLSRX_HDR_PKT_CCDX_ERROR(x)    \
562 (((x) >> S_TLSRX_HDR_PKT_CCDX_ERROR) & M_TLSRX_HDR_PKT_CCDX_ERROR)
563 #define F_TLSRX_HDR_PKT_CCDX_ERROR       V_TLSRX_HDR_PKT_CCDX_ERROR(1U)
564 
565 #define S_TLSRX_HDR_PKT_PAD_ERROR        1
566 #define M_TLSRX_HDR_PKT_PAD_ERROR        0x1
567 #define V_TLSRX_HDR_PKT_PAD_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_PAD_ERROR)
568 #define G_TLSRX_HDR_PKT_PAD_ERROR(x)     \
569 (((x) >> S_TLSRX_HDR_PKT_PAD_ERROR) & M_TLSRX_HDR_PKT_PAD_ERROR)
570 #define F_TLSRX_HDR_PKT_PAD_ERROR        V_TLSRX_HDR_PKT_PAD_ERROR(1U)
571 
572 #define S_TLSRX_HDR_PKT_MAC_ERROR        0
573 #define M_TLSRX_HDR_PKT_MAC_ERROR        0x1
574 #define V_TLSRX_HDR_PKT_MAC_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_MAC_ERROR)
575 #define G_TLSRX_HDR_PKT_MAC_ERROR(x)     \
576 (((x) >> S_TLSRX_HDR_PKT_MAC_ERROR) & M_TLSRX_HDR_PKT_MAC_ERROR)
577 #define F_TLSRX_HDR_PKT_MAC_ERROR        V_TLSRX_HDR_PKT_MAC_ERROR(1U)
578 
579 #define M_TLSRX_HDR_PKT_ERROR		0x1F
580 
581 #endif /* _KERNEL */
582 
583 #endif /* !__T4_TLS_H__ */
584