xref: /freebsd/sys/dev/mlx5/mlx5_en/en_hw_tls_rx.h (revision e1c4c8dd8d2d10b6104f06856a77bd5b4813a801)
1 /*-
2  * Copyright (c) 2021-2022 NVIDIA corporation & affiliates.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS `AS IS' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23  * SUCH DAMAGE.
24  */
25 
26 #ifndef _MLX5_TLS_RX_H_
27 #define	_MLX5_TLS_RX_H_
28 
29 #include <linux/completion.h>
30 
31 #define	MLX5E_TLS_RX_PROGRESS_BUFFER_SIZE 128
32 
33 #define	MLX5E_TLS_RX_RESYNC_MAX 32	/* units */
34 #define	MLX5E_TLS_RX_NUM_MAX (1U << 11)	/* packets */
35 
36 #define	MLX5E_TLS_RX_TAG_LOCK(tag)	mtx_lock(&(tag)->mtx)
37 #define	MLX5E_TLS_RX_TAG_UNLOCK(tag)	mtx_unlock(&(tag)->mtx)
38 
39 #define	MLX5E_TLS_RX_STAT_INC(tag, field, num) \
40 	counter_u64_add((tag)->tls_rx->stats.field, num)
41 
42 #if ((MLX5E_TLS_RX_RESYNC_MAX * MLX5E_TLS_RX_NUM_MAX) << 14) > (1U << 30)
43 #error "Please lower the limits of the TLS record length database."
44 #endif
45 
46 enum {
47 	MLX5E_TLS_RX_PROGRESS_PARAMS_AUTH_STATE_NO_OFFLOAD = 0,
48 	MLX5E_TLS_RX_PROGRESS_PARAMS_AUTH_STATE_OFFLOAD = 1,
49 	MLX5E_TLS_RX_PROGRESS_PARAMS_AUTH_STATE_AUTHENTICATION = 2,
50 };
51 
52 enum {
53 	MLX5E_TLS_RX_PROGRESS_PARAMS_RECORD_TRACKER_STATE_START = 0,
54 	MLX5E_TLS_RX_PROGRESS_PARAMS_RECORD_TRACKER_STATE_TRACKING = 1,
55 	MLX5E_TLS_RX_PROGRESS_PARAMS_RECORD_TRACKER_STATE_SEARCHING = 2,
56 };
57 
58 struct mlx5e_tls_rx;
59 struct mlx5e_tls_rx_tag {
60 	struct m_snd_tag tag;
61 	uint32_t tirn;		/* HW TIR context number */
62 	uint32_t dek_index;	/* HW TLS context number */
63 	struct mlx5e_tls_rx *tls_rx; /* parent pointer */
64 	struct mlx5_flow_rule *flow_rule;
65 	struct mtx mtx;
66 	struct completion progress_complete;
67 	uint32_t state;	/* see MLX5E_TLS_RX_ST_XXX */
68 #define	MLX5E_TLS_RX_ST_INIT 0
69 #define	MLX5E_TLS_RX_ST_SETUP 1
70 #define	MLX5E_TLS_RX_ST_READY 2
71 #define	MLX5E_TLS_RX_ST_RELEASE 3
72 #define	MLX5E_TLS_RX_ST_FREED 4
73 
74 	/*
75 	 * The following fields are used to store the TCP starting
76 	 * point of TLS records in the past. When TLS records of same
77 	 * length are back to back the tcp_resync_num[] is incremented
78 	 * instead of creating new entries. This way up to
79 	 * "MLX5E_TLS_RX_RESYNC_MAX" * "MLX5E_TLS_RX_NUM_MAX" * 16
80 	 * KBytes, around 1GByte worth of TCP data, may be remembered
81 	 * in the good case. The amount of history should not exceed
82 	 * 2GBytes of TCP data, because then the TCP sequence numbers
83 	 * may wrap around.
84 	 *
85 	 * This information is used to tell if a given TCP sequence
86 	 * number is a valid TLS record or not.
87 	 */
88 	uint64_t rcd_resync_start;	/* starting TLS record number */
89 	uint32_t tcp_resync_start;	/* starting TCP sequence number */
90 	uint32_t tcp_resync_next;	/* next expected TCP sequence number */
91 	uint32_t tcp_resync_len[MLX5E_TLS_RX_RESYNC_MAX];
92 	uint32_t tcp_resync_num[MLX5E_TLS_RX_RESYNC_MAX];
93 	uint16_t tcp_resync_pc;		/* producer counter for arrays above */
94 	uint16_t tcp_resync_cc;		/* consumer counter for arrays above */
95 
96 	struct work_struct work;
97 
98 	uint32_t flowid;
99 	uint32_t flowtype;
100 	uint32_t dek_index_ok:1;
101 	uint32_t tcp_resync_active:1;
102 	uint32_t tcp_resync_pending:1;
103 
104 	/* parameters needed */
105 	uint8_t crypto_params[128] __aligned(4);
106 	uint8_t rx_progress[MLX5E_TLS_RX_PROGRESS_BUFFER_SIZE * 2];
107 } __aligned(MLX5E_CACHELINE_SIZE);
108 
109 static inline void *
110 mlx5e_tls_rx_get_progress_buffer(struct mlx5e_tls_rx_tag *ptag)
111 {
112 	/* return properly aligned RX buffer */
113 	return (ptag->rx_progress +
114 	    ((-(uintptr_t)ptag->rx_progress) &
115 	    (MLX5E_TLS_RX_PROGRESS_BUFFER_SIZE - 1)));
116 }
117 
118 #define	MLX5E_TLS_RX_STATS(m) \
119   m(+1, u64, rx_resync_ok, "rx_resync_ok", "Successful resync requests")\
120   m(+1, u64, rx_resync_err, "rx_resync_err", "Failed resync requests")\
121   m(+1, u64, rx_error, "rx_error", "Other errors")
122 
123 #define	MLX5E_TLS_RX_STATS_NUM (0 MLX5E_TLS_RX_STATS(MLX5E_STATS_COUNT))
124 
125 struct mlx5e_tls_rx_stats {
126 	struct	sysctl_ctx_list ctx;
127 	counter_u64_t	arg[0];
128 	MLX5E_TLS_RX_STATS(MLX5E_STATS_COUNTER)
129 };
130 
131 struct mlx5e_tls_rx {
132 	struct sysctl_ctx_list ctx;
133 	struct mlx5e_tls_rx_stats stats;
134 	struct workqueue_struct *wq;
135 	uma_zone_t zone;
136 	uint32_t max_resources;		/* max number of resources */
137 	volatile uint32_t num_resources;	/* current number of resources */
138 	int init;			/* set when ready */
139 	char zname[32];
140 };
141 
142 int mlx5e_tls_rx_init(struct mlx5e_priv *);
143 void mlx5e_tls_rx_cleanup(struct mlx5e_priv *);
144 
145 if_snd_tag_alloc_t mlx5e_tls_rx_snd_tag_alloc;
146 
147 #endif		/* _MLX5_TLS_RX_H_ */
148