xref: /freebsd/sys/dev/cxgbe/tom/t4_tls.h (revision a134ebd6e63f658f2d3d04ac0c60d23bcaa86dd7)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2017-2018 Chelsio Communications, Inc.
5  * All rights reserved.
6  * Written by: John Baldwin <jhb@FreeBSD.org>, Atul Gupta
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $FreeBSD$
30  *
31  */
32 
33 #ifndef __T4_TLS_H__
34 #define __T4_TLS_H__
35 
36 #define TLS1_VERSION                    0x0301
37 #define TLS1_1_VERSION                  0x0302
38 #define TLS1_2_VERSION                  0x0303
39 #define TLS_MAX_VERSION                 TLS1_2_VERSION
40 
41 #define DTLS1_VERSION                   0xFEFF
42 #define DTLS1_2_VERSION                 0xFEFD
43 #define DTLS_MAX_VERSION                DTLS1_2_VERSION
44 #define DTLS1_VERSION_MAJOR             0xFE
45 
46 /* Custom socket options for TLS+TOE. */
47 
48 #define MAX_MAC_KSZ		64	/*512 bits */
49 #define MAX_CIPHER_KSZ		32	/* 256 bits */
50 #define CIPHER_BLOCK_SZ		16
51 #define SALT_SIZE		4
52 
53 /* Can accomodate 16, 11-15 are reserved */
54 enum {
55     CHSSL_SHA_NOP,
56     CHSSL_SHA1,
57     CHSSL_SHA224,
58     CHSSL_SHA256,
59     CHSSL_GHASH,
60     CHSSL_SHA512_224,
61     CHSSL_SHA512_256,
62     CHSSL_SHA512_384,
63     CHSSL_SHA512_512,
64     CHSSL_CBCMAC,
65     CHSSL_CMAC,
66 };
67 
68 /* Can accomodate 16, 8-15 are reserved */
69 enum {
70     CHSSL_CIPH_NOP,
71     CHSSL_AES_CBC,
72     CHSSL_AES_GCM,
73     CHSSL_AES_CTR,
74     CHSSL_AES_GEN,
75     CHSSL_IPSEC_ESP,
76     CHSSL_AES_XTS,
77     CHSSL_AES_CCM,
78 };
79 
80 /* Key Context Programming Operation type */
81 #define KEY_WRITE_RX			0x1
82 #define KEY_WRITE_TX			0x2
83 #define KEY_DELETE_RX			0x4
84 #define KEY_DELETE_TX			0x8
85 
86 #define S_KEY_CLR_LOC		4
87 #define M_KEY_CLR_LOC		0xf
88 #define V_KEY_CLR_LOC(x)	((x) << S_KEY_CLR_LOC)
89 #define G_KEY_CLR_LOC(x)	(((x) >> S_KEY_CLR_LOC) & M_KEY_CLR_LOC)
90 #define F_KEY_CLR_LOC		V_KEY_CLR_LOC(1U)
91 
92 #define S_KEY_GET_LOC           0
93 #define M_KEY_GET_LOC           0xf
94 #define V_KEY_GET_LOC(x)        ((x) << S_KEY_GET_LOC)
95 #define G_KEY_GET_LOC(x)        (((x) >> S_KEY_GET_LOC) & M_KEY_GET_LOC)
96 
97 struct tls_ofld_state {
98     unsigned char enc_mode;
99     unsigned char mac_mode;
100     unsigned char key_loc;
101     unsigned char ofld_mode;
102     unsigned char auth_mode;
103     unsigned char resv[3];
104 };
105 
106 struct tls_tx_ctxt {
107     unsigned char   salt[SALT_SIZE];
108     unsigned char key[MAX_CIPHER_KSZ];
109     unsigned char ipad[MAX_MAC_KSZ];
110     unsigned char opad[MAX_MAC_KSZ];
111 };
112 
113 struct tls_rx_ctxt {
114     unsigned char   salt[SALT_SIZE];
115     unsigned char key[MAX_CIPHER_KSZ];
116     unsigned char ipad[MAX_MAC_KSZ];
117     unsigned char opad[MAX_MAC_KSZ];
118 };
119 
120 struct tls_key_context {
121     struct tls_tx_ctxt tx;
122     struct tls_rx_ctxt rx;
123 
124     unsigned char l_p_key;
125     unsigned char hmac_ctrl;
126     unsigned char mac_first;
127     unsigned char iv_size;
128     unsigned char iv_ctrl;
129     unsigned char iv_algo;
130     unsigned char tx_seq_no;
131     unsigned char rx_seq_no;
132 
133     struct tls_ofld_state state;
134 
135     unsigned int tx_key_info_size;
136     unsigned int rx_key_info_size;
137     unsigned int frag_size;
138     unsigned int mac_secret_size;
139     unsigned int cipher_secret_size;
140     int proto_ver;
141     unsigned int sock_fd;
142     unsigned short dtls_epoch;
143     unsigned short rsv;
144 };
145 
146 /* Set with 'struct tls_key_context'. */
147 #define	TCP_TLSOM_SET_TLS_CONTEXT	(TCP_VENDOR)
148 
149 /* Get returns int of enabled (1) / disabled (0). */
150 #define	TCP_TLSOM_GET_TLS_TOM		(TCP_VENDOR + 1)
151 
152 enum {
153 	TLS_TOM_NONE = 0,
154 	TLS_TOM_TXONLY,
155 	TLS_TOM_BOTH
156 };
157 
158 /* Set with no value. */
159 #define	TCP_TLSOM_CLR_TLS_TOM		(TCP_VENDOR + 2)
160 
161 /* Set with no value. */
162 #define	TCP_TLSOM_CLR_QUIES		(TCP_VENDOR + 3)
163 
164 #ifdef _KERNEL
165 /* Timeouts for handshake timer in seconds. */
166 #define TLS_SRV_HELLO_DONE		9
167 #define TLS_SRV_HELLO_RD_TM		5
168 #define TLS_SRV_HELLO_BKOFF_TM		15
169 
170 #define CONTENT_TYPE_CCS		20
171 #define CONTENT_TYPE_ALERT		21
172 #define CONTENT_TYPE_HANDSHAKE		22
173 #define CONTENT_TYPE_APP_DATA		23
174 #define CONTENT_TYPE_HEARTBEAT		24
175 #define CONTENT_TYPE_KEY_CONTEXT	32
176 #define CONTENT_TYPE_ERROR		127
177 
178 #define GCM_TAG_SIZE			16
179 #define AEAD_EXPLICIT_DATA_SIZE		8
180 #define TLS_HEADER_LENGTH		5
181 #define TP_TX_PG_SZ			65536
182 #define FC_TP_PLEN_MAX			17408
183 
184 #define IPAD_SIZE			64
185 #define OPAD_SIZE			64
186 #define KEY_SIZE			32
187 #define CIPHER_BLOCK_SIZE		16
188 #define HDR_KCTX_SIZE   (IPAD_SIZE + OPAD_SIZE + KEY_SIZE)
189 
190 #define KEY_IN_DDR_SIZE			16
191 #define	TLS_KEY_CONTEXT_SZ	roundup2(sizeof(struct tls_tx_ctxt), 32)
192 
193 /* MAC KEY SIZE */
194 #define SHA_NOP				0
195 #define SHA_GHASH			16
196 #define SHA_224				28
197 #define SHA_256				32
198 #define SHA_384				48
199 #define SHA_512				64
200 #define SHA1				20
201 
202 /* CIPHER KEY SIZE */
203 #define AES_NOP				0
204 #define AES_128				16
205 #define AES_192				24
206 #define AES_256				32
207 
208 enum {
209 	TLS_1_2_VERSION,
210 	TLS_1_1_VERSION,
211 	DTLS_1_2_VERSION,
212 	TLS_VERSION_MAX,
213 };
214 
215 enum {
216 	CH_EVP_CIPH_STREAM_CIPHER,
217 	CH_EVP_CIPH_CBC_MODE,
218 	CH_EVP_CIPH_GCM_MODE,
219 	CH_EVP_CIPH_CTR_MODE,
220 };
221 
222 enum {
223 	TLS_SFO_WR_CONTEXTLOC_DSGL,
224 	TLS_SFO_WR_CONTEXTLOC_IMMEDIATE,
225 	TLS_SFO_WR_CONTEXTLOC_DDR,
226 };
227 
228 enum {
229 	CPL_TX_TLS_SFO_TYPE_CCS,
230 	CPL_TX_TLS_SFO_TYPE_ALERT,
231 	CPL_TX_TLS_SFO_TYPE_HANDSHAKE,
232 	CPL_TX_TLS_SFO_TYPE_DATA,
233 	CPL_TX_TLS_SFO_TYPE_HEARTBEAT,	/* XXX: Shouldn't this be "CUSTOM"? */
234 };
235 
236 enum {
237 	CH_CK_SIZE_128,
238 	CH_CK_SIZE_192,
239 	CH_CK_SIZE_256,
240 	CH_CK_SIZE_NOP,
241 };
242 
243 enum {
244 	CH_MK_SIZE_128,
245 	CH_MK_SIZE_160,
246 	CH_MK_SIZE_192,
247 	CH_MK_SIZE_256,
248 	CH_MK_SIZE_512,
249 	CH_MK_SIZE_NOP,
250 };
251 
252 struct tls_scmd {
253 	__be32 seqno_numivs;
254 	__be32 ivgen_hdrlen;
255 };
256 
257 enum tls_mode {
258 	TLS_MODE_OFF,
259 	TLS_MODE_TLSOM,
260 	TLS_MODE_KTLS,
261 };
262 
263 struct tls_ofld_info {
264 	struct tls_key_context k_ctx;
265 	int key_location;
266 	int mac_length;
267 	int rx_key_addr;
268 	int tx_key_addr;
269 	uint64_t tx_seq_no;
270 	unsigned short fcplenmax;
271 	unsigned short adjusted_plen;
272 	unsigned short expn_per_ulp;
273 	unsigned short pdus_per_ulp;
274 	struct tls_scmd scmd0;
275 	u_int iv_len;
276 	enum tls_mode mode;
277 	struct callout handshake_timer;
278 	u_int sb_off;
279 	u_int rcv_over;
280 };
281 
282 struct tls_key_req {
283 	__be32 wr_hi;
284 	__be32 wr_mid;
285         __be32 ftid;
286         __u8   reneg_to_write_rx;
287         __u8   protocol;
288         __be16 mfs;
289 	/* master command */
290 	__be32 cmd;
291 	__be32 len16;             /* command length */
292 	__be32 dlen;              /* data length in 32-byte units */
293 	__be32 kaddr;
294 	/* sub-command */
295 	__be32 sc_more;
296 	__be32 sc_len;
297 }__packed;
298 
299 struct tls_keyctx {
300         union key_ctx {
301                 struct tx_keyctx_hdr {
302                         __u8   ctxlen;
303                         __u8   r2;
304                         __be16 dualck_to_txvalid;
305                         __u8   txsalt[4];
306                         __be64 r5;
307                 } txhdr;
308                 struct rx_keyctx_hdr {
309                         __u8   flitcnt_hmacctrl;
310                         __u8   protover_ciphmode;
311                         __u8   authmode_to_rxvalid;
312                         __u8   ivpresent_to_rxmk_size;
313                         __u8   rxsalt[4];
314                         __be64 ivinsert_to_authinsrt;
315                 } rxhdr;
316         } u;
317         struct keys {
318                 __u8   edkey[32];
319                 __u8   ipad[64];
320                 __u8   opad[64];
321         } keys;
322 };
323 
324 #define S_TLS_KEYCTX_TX_WR_DUALCK    12
325 #define M_TLS_KEYCTX_TX_WR_DUALCK    0x1
326 #define V_TLS_KEYCTX_TX_WR_DUALCK(x) ((x) << S_TLS_KEYCTX_TX_WR_DUALCK)
327 #define G_TLS_KEYCTX_TX_WR_DUALCK(x) \
328     (((x) >> S_TLS_KEYCTX_TX_WR_DUALCK) & M_TLS_KEYCTX_TX_WR_DUALCK)
329 #define F_TLS_KEYCTX_TX_WR_DUALCK    V_TLS_KEYCTX_TX_WR_DUALCK(1U)
330 
331 #define S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 11
332 #define M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 0x1
333 #define V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
334     ((x) << S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
335 #define G_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
336     (((x) >> S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT) & \
337      M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
338 #define F_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT \
339     V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(1U)
340 
341 #define S_TLS_KEYCTX_TX_WR_SALT_PRESENT 10
342 #define M_TLS_KEYCTX_TX_WR_SALT_PRESENT 0x1
343 #define V_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
344     ((x) << S_TLS_KEYCTX_TX_WR_SALT_PRESENT)
345 #define G_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
346     (((x) >> S_TLS_KEYCTX_TX_WR_SALT_PRESENT) & \
347      M_TLS_KEYCTX_TX_WR_SALT_PRESENT)
348 #define F_TLS_KEYCTX_TX_WR_SALT_PRESENT \
349     V_TLS_KEYCTX_TX_WR_SALT_PRESENT(1U)
350 
351 #define S_TLS_KEYCTX_TX_WR_TXCK_SIZE 6
352 #define M_TLS_KEYCTX_TX_WR_TXCK_SIZE 0xf
353 #define V_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
354     ((x) << S_TLS_KEYCTX_TX_WR_TXCK_SIZE)
355 #define G_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
356     (((x) >> S_TLS_KEYCTX_TX_WR_TXCK_SIZE) & \
357      M_TLS_KEYCTX_TX_WR_TXCK_SIZE)
358 
359 #define S_TLS_KEYCTX_TX_WR_TXMK_SIZE 2
360 #define M_TLS_KEYCTX_TX_WR_TXMK_SIZE 0xf
361 #define V_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
362     ((x) << S_TLS_KEYCTX_TX_WR_TXMK_SIZE)
363 #define G_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
364     (((x) >> S_TLS_KEYCTX_TX_WR_TXMK_SIZE) & \
365      M_TLS_KEYCTX_TX_WR_TXMK_SIZE)
366 
367 #define S_TLS_KEYCTX_TX_WR_TXVALID   0
368 #define M_TLS_KEYCTX_TX_WR_TXVALID   0x1
369 #define V_TLS_KEYCTX_TX_WR_TXVALID(x) \
370     ((x) << S_TLS_KEYCTX_TX_WR_TXVALID)
371 #define G_TLS_KEYCTX_TX_WR_TXVALID(x) \
372     (((x) >> S_TLS_KEYCTX_TX_WR_TXVALID) & M_TLS_KEYCTX_TX_WR_TXVALID)
373 #define F_TLS_KEYCTX_TX_WR_TXVALID   V_TLS_KEYCTX_TX_WR_TXVALID(1U)
374 
375 #define S_TLS_KEYCTX_TX_WR_FLITCNT   3
376 #define M_TLS_KEYCTX_TX_WR_FLITCNT   0x1f
377 #define V_TLS_KEYCTX_TX_WR_FLITCNT(x) \
378     ((x) << S_TLS_KEYCTX_TX_WR_FLITCNT)
379 #define G_TLS_KEYCTX_TX_WR_FLITCNT(x) \
380     (((x) >> S_TLS_KEYCTX_TX_WR_FLITCNT) & M_TLS_KEYCTX_TX_WR_FLITCNT)
381 
382 #define S_TLS_KEYCTX_TX_WR_HMACCTRL  0
383 #define M_TLS_KEYCTX_TX_WR_HMACCTRL  0x7
384 #define V_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
385     ((x) << S_TLS_KEYCTX_TX_WR_HMACCTRL)
386 #define G_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
387     (((x) >> S_TLS_KEYCTX_TX_WR_HMACCTRL) & M_TLS_KEYCTX_TX_WR_HMACCTRL)
388 
389 #define S_TLS_KEYCTX_TX_WR_PROTOVER  4
390 #define M_TLS_KEYCTX_TX_WR_PROTOVER  0xf
391 #define V_TLS_KEYCTX_TX_WR_PROTOVER(x) \
392     ((x) << S_TLS_KEYCTX_TX_WR_PROTOVER)
393 #define G_TLS_KEYCTX_TX_WR_PROTOVER(x) \
394     (((x) >> S_TLS_KEYCTX_TX_WR_PROTOVER) & M_TLS_KEYCTX_TX_WR_PROTOVER)
395 
396 #define S_TLS_KEYCTX_TX_WR_CIPHMODE  0
397 #define M_TLS_KEYCTX_TX_WR_CIPHMODE  0xf
398 #define V_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
399     ((x) << S_TLS_KEYCTX_TX_WR_CIPHMODE)
400 #define G_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
401     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHMODE) & M_TLS_KEYCTX_TX_WR_CIPHMODE)
402 
403 #define S_TLS_KEYCTX_TX_WR_AUTHMODE  4
404 #define M_TLS_KEYCTX_TX_WR_AUTHMODE  0xf
405 #define V_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
406     ((x) << S_TLS_KEYCTX_TX_WR_AUTHMODE)
407 #define G_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
408     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHMODE) & M_TLS_KEYCTX_TX_WR_AUTHMODE)
409 
410 #define S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 3
411 #define M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 0x1
412 #define V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
413     ((x) << S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
414 #define G_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
415     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL) & \
416      M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
417 #define F_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL \
418     V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(1U)
419 
420 #define S_TLS_KEYCTX_TX_WR_SEQNUMCTRL 1
421 #define M_TLS_KEYCTX_TX_WR_SEQNUMCTRL 0x3
422 #define V_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
423     ((x) << S_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
424 #define G_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
425     (((x) >> S_TLS_KEYCTX_TX_WR_SEQNUMCTRL) & \
426      M_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
427 
428 #define S_TLS_KEYCTX_TX_WR_RXVALID   0
429 #define M_TLS_KEYCTX_TX_WR_RXVALID   0x1
430 #define V_TLS_KEYCTX_TX_WR_RXVALID(x) \
431     ((x) << S_TLS_KEYCTX_TX_WR_RXVALID)
432 #define G_TLS_KEYCTX_TX_WR_RXVALID(x) \
433     (((x) >> S_TLS_KEYCTX_TX_WR_RXVALID) & M_TLS_KEYCTX_TX_WR_RXVALID)
434 #define F_TLS_KEYCTX_TX_WR_RXVALID   V_TLS_KEYCTX_TX_WR_RXVALID(1U)
435 
436 #define S_TLS_KEYCTX_TX_WR_IVPRESENT 7
437 #define M_TLS_KEYCTX_TX_WR_IVPRESENT 0x1
438 #define V_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
439     ((x) << S_TLS_KEYCTX_TX_WR_IVPRESENT)
440 #define G_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
441     (((x) >> S_TLS_KEYCTX_TX_WR_IVPRESENT) & \
442      M_TLS_KEYCTX_TX_WR_IVPRESENT)
443 #define F_TLS_KEYCTX_TX_WR_IVPRESENT V_TLS_KEYCTX_TX_WR_IVPRESENT(1U)
444 
445 #define S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 6
446 #define M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 0x1
447 #define V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
448     ((x) << S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
449 #define G_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
450     (((x) >> S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT) & \
451      M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
452 #define F_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT \
453     V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(1U)
454 
455 #define S_TLS_KEYCTX_TX_WR_RXCK_SIZE 3
456 #define M_TLS_KEYCTX_TX_WR_RXCK_SIZE 0x7
457 #define V_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
458     ((x) << S_TLS_KEYCTX_TX_WR_RXCK_SIZE)
459 #define G_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
460     (((x) >> S_TLS_KEYCTX_TX_WR_RXCK_SIZE) & \
461      M_TLS_KEYCTX_TX_WR_RXCK_SIZE)
462 
463 #define S_TLS_KEYCTX_TX_WR_RXMK_SIZE 0
464 #define M_TLS_KEYCTX_TX_WR_RXMK_SIZE 0x7
465 #define V_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
466     ((x) << S_TLS_KEYCTX_TX_WR_RXMK_SIZE)
467 #define G_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
468     (((x) >> S_TLS_KEYCTX_TX_WR_RXMK_SIZE) & \
469      M_TLS_KEYCTX_TX_WR_RXMK_SIZE)
470 
471 #define S_TLS_KEYCTX_TX_WR_IVINSERT  55
472 #define M_TLS_KEYCTX_TX_WR_IVINSERT  0x1ffULL
473 #define V_TLS_KEYCTX_TX_WR_IVINSERT(x) \
474     ((x) << S_TLS_KEYCTX_TX_WR_IVINSERT)
475 #define G_TLS_KEYCTX_TX_WR_IVINSERT(x) \
476     (((x) >> S_TLS_KEYCTX_TX_WR_IVINSERT) & M_TLS_KEYCTX_TX_WR_IVINSERT)
477 
478 #define S_TLS_KEYCTX_TX_WR_AADSTRTOFST 47
479 #define M_TLS_KEYCTX_TX_WR_AADSTRTOFST 0xffULL
480 #define V_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
481     ((x) << S_TLS_KEYCTX_TX_WR_AADSTRTOFST)
482 #define G_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
483     (((x) >> S_TLS_KEYCTX_TX_WR_AADSTRTOFST) & \
484      M_TLS_KEYCTX_TX_WR_AADSTRTOFST)
485 
486 #define S_TLS_KEYCTX_TX_WR_AADSTOPOFST 39
487 #define M_TLS_KEYCTX_TX_WR_AADSTOPOFST 0xffULL
488 #define V_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
489     ((x) << S_TLS_KEYCTX_TX_WR_AADSTOPOFST)
490 #define G_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
491     (((x) >> S_TLS_KEYCTX_TX_WR_AADSTOPOFST) & \
492      M_TLS_KEYCTX_TX_WR_AADSTOPOFST)
493 
494 #define S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 30
495 #define M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 0x1ffULL
496 #define V_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
497     ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
498 #define G_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
499     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST) & \
500      M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
501 
502 #define S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 23
503 #define M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 0x7f
504 #define V_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
505     ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
506 #define G_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
507     (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST) & \
508      M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
509 
510 #define S_TLS_KEYCTX_TX_WR_AUTHSRTOFST 14
511 #define M_TLS_KEYCTX_TX_WR_AUTHSRTOFST 0x1ff
512 #define V_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
513     ((x) << S_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
514 #define G_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
515     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSRTOFST) & \
516      M_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
517 
518 #define S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 7
519 #define M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 0x7f
520 #define V_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
521     ((x) << S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
522 #define G_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
523     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST) & \
524      M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
525 
526 #define S_TLS_KEYCTX_TX_WR_AUTHINSRT 0
527 #define M_TLS_KEYCTX_TX_WR_AUTHINSRT 0x7f
528 #define V_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
529     ((x) << S_TLS_KEYCTX_TX_WR_AUTHINSRT)
530 #define G_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
531     (((x) >> S_TLS_KEYCTX_TX_WR_AUTHINSRT) & \
532      M_TLS_KEYCTX_TX_WR_AUTHINSRT)
533 
534 struct tls_hdr {
535 	__u8   type;
536 	__be16 version;
537 	__be16 length;
538 } __packed;
539 
540 struct tlsrx_hdr_pkt {
541 	__u8   type;
542 	__be16 version;
543 	__be16 length;
544 
545 	__be64 tls_seq;
546 	__be16 reserved1;
547 	__u8   res_to_mac_error;
548 } __packed;
549 
550 /* res_to_mac_error fields */
551 #define S_TLSRX_HDR_PKT_INTERNAL_ERROR   4
552 #define M_TLSRX_HDR_PKT_INTERNAL_ERROR   0x1
553 #define V_TLSRX_HDR_PKT_INTERNAL_ERROR(x) \
554 	((x) << S_TLSRX_HDR_PKT_INTERNAL_ERROR)
555 #define G_TLSRX_HDR_PKT_INTERNAL_ERROR(x) \
556 (((x) >> S_TLSRX_HDR_PKT_INTERNAL_ERROR) & M_TLSRX_HDR_PKT_INTERNAL_ERROR)
557 #define F_TLSRX_HDR_PKT_INTERNAL_ERROR   V_TLSRX_HDR_PKT_INTERNAL_ERROR(1U)
558 
559 #define S_TLSRX_HDR_PKT_SPP_ERROR        3
560 #define M_TLSRX_HDR_PKT_SPP_ERROR        0x1
561 #define V_TLSRX_HDR_PKT_SPP_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_SPP_ERROR)
562 #define G_TLSRX_HDR_PKT_SPP_ERROR(x)     \
563 (((x) >> S_TLSRX_HDR_PKT_SPP_ERROR) & M_TLSRX_HDR_PKT_SPP_ERROR)
564 #define F_TLSRX_HDR_PKT_SPP_ERROR        V_TLSRX_HDR_PKT_SPP_ERROR(1U)
565 
566 #define S_TLSRX_HDR_PKT_CCDX_ERROR       2
567 #define M_TLSRX_HDR_PKT_CCDX_ERROR       0x1
568 #define V_TLSRX_HDR_PKT_CCDX_ERROR(x)    ((x) << S_TLSRX_HDR_PKT_CCDX_ERROR)
569 #define G_TLSRX_HDR_PKT_CCDX_ERROR(x)    \
570 (((x) >> S_TLSRX_HDR_PKT_CCDX_ERROR) & M_TLSRX_HDR_PKT_CCDX_ERROR)
571 #define F_TLSRX_HDR_PKT_CCDX_ERROR       V_TLSRX_HDR_PKT_CCDX_ERROR(1U)
572 
573 #define S_TLSRX_HDR_PKT_PAD_ERROR        1
574 #define M_TLSRX_HDR_PKT_PAD_ERROR        0x1
575 #define V_TLSRX_HDR_PKT_PAD_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_PAD_ERROR)
576 #define G_TLSRX_HDR_PKT_PAD_ERROR(x)     \
577 (((x) >> S_TLSRX_HDR_PKT_PAD_ERROR) & M_TLSRX_HDR_PKT_PAD_ERROR)
578 #define F_TLSRX_HDR_PKT_PAD_ERROR        V_TLSRX_HDR_PKT_PAD_ERROR(1U)
579 
580 #define S_TLSRX_HDR_PKT_MAC_ERROR        0
581 #define M_TLSRX_HDR_PKT_MAC_ERROR        0x1
582 #define V_TLSRX_HDR_PKT_MAC_ERROR(x)     ((x) << S_TLSRX_HDR_PKT_MAC_ERROR)
583 #define G_TLSRX_HDR_PKT_MAC_ERROR(x)     \
584 (((x) >> S_TLSRX_HDR_PKT_MAC_ERROR) & M_TLSRX_HDR_PKT_MAC_ERROR)
585 #define F_TLSRX_HDR_PKT_MAC_ERROR        V_TLSRX_HDR_PKT_MAC_ERROR(1U)
586 
587 #define M_TLSRX_HDR_PKT_ERROR		0x1F
588 
589 #endif /* _KERNEL */
590 
591 #endif /* !__T4_TLS_H__ */
592