1e23731dbSKonstantin Belousov /*-
2e23731dbSKonstantin Belousov * Copyright (c) 2023 NVIDIA corporation & affiliates.
3e23731dbSKonstantin Belousov *
4e23731dbSKonstantin Belousov * Redistribution and use in source and binary forms, with or without
5e23731dbSKonstantin Belousov * modification, are permitted provided that the following conditions
6e23731dbSKonstantin Belousov * are met:
7e23731dbSKonstantin Belousov * 1. Redistributions of source code must retain the above copyright
8e23731dbSKonstantin Belousov * notice, this list of conditions and the following disclaimer.
9e23731dbSKonstantin Belousov * 2. Redistributions in binary form must reproduce the above copyright
10e23731dbSKonstantin Belousov * notice, this list of conditions and the following disclaimer in the
11e23731dbSKonstantin Belousov * documentation and/or other materials provided with the distribution.
12e23731dbSKonstantin Belousov *
13e23731dbSKonstantin Belousov * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND
14e23731dbSKonstantin Belousov * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15e23731dbSKonstantin Belousov * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16e23731dbSKonstantin Belousov * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
17e23731dbSKonstantin Belousov * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18e23731dbSKonstantin Belousov * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19e23731dbSKonstantin Belousov * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20e23731dbSKonstantin Belousov * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21e23731dbSKonstantin Belousov * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22e23731dbSKonstantin Belousov * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23e23731dbSKonstantin Belousov * SUCH DAMAGE.
24e23731dbSKonstantin Belousov *
25e23731dbSKonstantin Belousov */
26e23731dbSKonstantin Belousov
27e23731dbSKonstantin Belousov #include <sys/mbuf.h>
28e23731dbSKonstantin Belousov #include <sys/socket.h>
29e23731dbSKonstantin Belousov #include <netinet/in.h>
30e23731dbSKonstantin Belousov #include <netipsec/keydb.h>
31e23731dbSKonstantin Belousov #include <netipsec/ipsec_offload.h>
32e23731dbSKonstantin Belousov #include <dev/mlx5/qp.h>
33e23731dbSKonstantin Belousov #include <dev/mlx5/mlx5_en/en.h>
34e23731dbSKonstantin Belousov #include <dev/mlx5/mlx5_accel/ipsec.h>
35e23731dbSKonstantin Belousov
36e23731dbSKonstantin Belousov #define MLX5_IPSEC_METADATA_HANDLE(ipsec_metadata) (ipsec_metadata & 0xFFFFFF)
37e23731dbSKonstantin Belousov
38*d00f3505SKonstantin Belousov int
mlx5_accel_ipsec_rx_tag_add(if_t ifp,struct mlx5e_rq_mbuf * mr)39*d00f3505SKonstantin Belousov mlx5_accel_ipsec_rx_tag_add(if_t ifp, struct mlx5e_rq_mbuf *mr)
40e23731dbSKonstantin Belousov {
41e23731dbSKonstantin Belousov struct mlx5e_priv *priv;
42*d00f3505SKonstantin Belousov struct ipsec_accel_in_tag *mtag;
43e23731dbSKonstantin Belousov
44e23731dbSKonstantin Belousov priv = if_getsoftc(ifp);
45e23731dbSKonstantin Belousov if (priv->ipsec == NULL)
46e23731dbSKonstantin Belousov return (0);
47*d00f3505SKonstantin Belousov if (mr->ipsec_mtag != NULL)
48*d00f3505SKonstantin Belousov return (0);
49e23731dbSKonstantin Belousov
50*d00f3505SKonstantin Belousov mtag = (struct ipsec_accel_in_tag *)m_tag_get(
51*d00f3505SKonstantin Belousov PACKET_TAG_IPSEC_ACCEL_IN, sizeof(*mtag), M_NOWAIT);
52e23731dbSKonstantin Belousov if (mtag == NULL)
53*d00f3505SKonstantin Belousov return (-ENOMEM);
54*d00f3505SKonstantin Belousov mr->ipsec_mtag = mtag;
55*d00f3505SKonstantin Belousov return (0);
56e23731dbSKonstantin Belousov }
57e23731dbSKonstantin Belousov
58*d00f3505SKonstantin Belousov void
mlx5e_accel_ipsec_handle_rx_cqe(struct mbuf * mb,struct mlx5_cqe64 * cqe,struct mlx5e_rq_mbuf * mr)59*d00f3505SKonstantin Belousov mlx5e_accel_ipsec_handle_rx_cqe(struct mbuf *mb, struct mlx5_cqe64 *cqe,
60*d00f3505SKonstantin Belousov struct mlx5e_rq_mbuf *mr)
61e23731dbSKonstantin Belousov {
62*d00f3505SKonstantin Belousov struct ipsec_accel_in_tag *mtag;
63e23731dbSKonstantin Belousov u32 drv_spi;
64e23731dbSKonstantin Belousov
65e23731dbSKonstantin Belousov drv_spi = MLX5_IPSEC_METADATA_HANDLE(be32_to_cpu(cqe->ft_metadata));
66*d00f3505SKonstantin Belousov mtag = mr->ipsec_mtag;
67*d00f3505SKonstantin Belousov WARN_ON(mtag == NULL);
68*d00f3505SKonstantin Belousov mr->ipsec_mtag = NULL;
69*d00f3505SKonstantin Belousov if (mtag != NULL) {
70*d00f3505SKonstantin Belousov mtag->drv_spi = drv_spi;
71*d00f3505SKonstantin Belousov m_tag_prepend(mb, &mtag->tag);
72*d00f3505SKonstantin Belousov }
73e23731dbSKonstantin Belousov }
74e23731dbSKonstantin Belousov
75e23731dbSKonstantin Belousov void
mlx5e_accel_ipsec_handle_tx_wqe(struct mbuf * mb,struct mlx5e_tx_wqe * wqe,struct ipsec_accel_out_tag * tag)76e23731dbSKonstantin Belousov mlx5e_accel_ipsec_handle_tx_wqe(struct mbuf *mb, struct mlx5e_tx_wqe *wqe,
77e23731dbSKonstantin Belousov struct ipsec_accel_out_tag *tag)
78e23731dbSKonstantin Belousov {
79e23731dbSKonstantin Belousov wqe->eth.flow_table_metadata = cpu_to_be32(
80e23731dbSKonstantin Belousov mlx5e_accel_ipsec_get_metadata(tag->drv_spi));
81e23731dbSKonstantin Belousov }
82