1 /*
2 * Copyright (c) 2017 Mellanox Technologies. All rights reserved.
3 *
4 * This software is available to you under a choice of one of two
5 * licenses. You may choose to be licensed under the terms of the GNU
6 * General Public License (GPL) Version 2, available from the file
7 * COPYING in the main directory of this source tree, or the
8 * OpenIB.org BSD license below:
9 *
10 * Redistribution and use in source and binary forms, with or
11 * without modification, are permitted provided that the following
12 * conditions are met:
13 *
14 * - Redistributions of source code must retain the above
15 * copyright notice, this list of conditions and the following
16 * disclaimer.
17 *
18 * - Redistributions in binary form must reproduce the above
19 * copyright notice, this list of conditions and the following
20 * disclaimer in the documentation and/or other materials
21 * provided with the distribution.
22 *
23 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
27 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
29 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
30 * SOFTWARE.
31 *
32 */
33
34 #include <linux/mlx5/device.h>
35
36 #include "accel/ipsec.h"
37 #include "mlx5_core.h"
38 #include "fpga/ipsec.h"
39 #include "accel/ipsec_offload.h"
40
mlx5_accel_ipsec_init(struct mlx5_core_dev * mdev)41 void mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev)
42 {
43 const struct mlx5_accel_ipsec_ops *ipsec_ops;
44 int err = 0;
45
46 ipsec_ops = (mlx5_ipsec_offload_ops(mdev)) ?
47 mlx5_ipsec_offload_ops(mdev) :
48 mlx5_fpga_ipsec_ops(mdev);
49
50 if (!ipsec_ops || !ipsec_ops->init) {
51 mlx5_core_dbg(mdev, "IPsec ops is not supported\n");
52 return;
53 }
54
55 err = ipsec_ops->init(mdev);
56 if (err) {
57 mlx5_core_warn_once(mdev, "Failed to start IPsec device, err = %d\n", err);
58 return;
59 }
60
61 mdev->ipsec_ops = ipsec_ops;
62 }
63
mlx5_accel_ipsec_cleanup(struct mlx5_core_dev * mdev)64 void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev)
65 {
66 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
67
68 if (!ipsec_ops || !ipsec_ops->cleanup)
69 return;
70
71 ipsec_ops->cleanup(mdev);
72 }
73
mlx5_accel_ipsec_device_caps(struct mlx5_core_dev * mdev)74 u32 mlx5_accel_ipsec_device_caps(struct mlx5_core_dev *mdev)
75 {
76 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
77
78 if (!ipsec_ops || !ipsec_ops->device_caps)
79 return 0;
80
81 return ipsec_ops->device_caps(mdev);
82 }
83 EXPORT_SYMBOL_GPL(mlx5_accel_ipsec_device_caps);
84
mlx5_accel_ipsec_counters_count(struct mlx5_core_dev * mdev)85 unsigned int mlx5_accel_ipsec_counters_count(struct mlx5_core_dev *mdev)
86 {
87 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
88
89 if (!ipsec_ops || !ipsec_ops->counters_count)
90 return -EOPNOTSUPP;
91
92 return ipsec_ops->counters_count(mdev);
93 }
94
mlx5_accel_ipsec_counters_read(struct mlx5_core_dev * mdev,u64 * counters,unsigned int count)95 int mlx5_accel_ipsec_counters_read(struct mlx5_core_dev *mdev, u64 *counters,
96 unsigned int count)
97 {
98 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
99
100 if (!ipsec_ops || !ipsec_ops->counters_read)
101 return -EOPNOTSUPP;
102
103 return ipsec_ops->counters_read(mdev, counters, count);
104 }
105
mlx5_accel_esp_create_hw_context(struct mlx5_core_dev * mdev,struct mlx5_accel_esp_xfrm * xfrm,u32 * sa_handle)106 void *mlx5_accel_esp_create_hw_context(struct mlx5_core_dev *mdev,
107 struct mlx5_accel_esp_xfrm *xfrm,
108 u32 *sa_handle)
109 {
110 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
111 __be32 saddr[4] = {}, daddr[4] = {};
112
113 if (!ipsec_ops || !ipsec_ops->create_hw_context)
114 return ERR_PTR(-EOPNOTSUPP);
115
116 if (!xfrm->attrs.is_ipv6) {
117 saddr[3] = xfrm->attrs.saddr.a4;
118 daddr[3] = xfrm->attrs.daddr.a4;
119 } else {
120 memcpy(saddr, xfrm->attrs.saddr.a6, sizeof(saddr));
121 memcpy(daddr, xfrm->attrs.daddr.a6, sizeof(daddr));
122 }
123
124 return ipsec_ops->create_hw_context(mdev, xfrm, saddr, daddr, xfrm->attrs.spi,
125 xfrm->attrs.is_ipv6, sa_handle);
126 }
127
mlx5_accel_esp_free_hw_context(struct mlx5_core_dev * mdev,void * context)128 void mlx5_accel_esp_free_hw_context(struct mlx5_core_dev *mdev, void *context)
129 {
130 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
131
132 if (!ipsec_ops || !ipsec_ops->free_hw_context)
133 return;
134
135 ipsec_ops->free_hw_context(context);
136 }
137
138 struct mlx5_accel_esp_xfrm *
mlx5_accel_esp_create_xfrm(struct mlx5_core_dev * mdev,const struct mlx5_accel_esp_xfrm_attrs * attrs,u32 flags)139 mlx5_accel_esp_create_xfrm(struct mlx5_core_dev *mdev,
140 const struct mlx5_accel_esp_xfrm_attrs *attrs,
141 u32 flags)
142 {
143 const struct mlx5_accel_ipsec_ops *ipsec_ops = mdev->ipsec_ops;
144 struct mlx5_accel_esp_xfrm *xfrm;
145
146 if (!ipsec_ops || !ipsec_ops->esp_create_xfrm)
147 return ERR_PTR(-EOPNOTSUPP);
148
149 xfrm = ipsec_ops->esp_create_xfrm(mdev, attrs, flags);
150 if (IS_ERR(xfrm))
151 return xfrm;
152
153 xfrm->mdev = mdev;
154 return xfrm;
155 }
156 EXPORT_SYMBOL_GPL(mlx5_accel_esp_create_xfrm);
157
mlx5_accel_esp_destroy_xfrm(struct mlx5_accel_esp_xfrm * xfrm)158 void mlx5_accel_esp_destroy_xfrm(struct mlx5_accel_esp_xfrm *xfrm)
159 {
160 const struct mlx5_accel_ipsec_ops *ipsec_ops = xfrm->mdev->ipsec_ops;
161
162 if (!ipsec_ops || !ipsec_ops->esp_destroy_xfrm)
163 return;
164
165 ipsec_ops->esp_destroy_xfrm(xfrm);
166 }
167 EXPORT_SYMBOL_GPL(mlx5_accel_esp_destroy_xfrm);
168
mlx5_accel_esp_modify_xfrm(struct mlx5_accel_esp_xfrm * xfrm,const struct mlx5_accel_esp_xfrm_attrs * attrs)169 int mlx5_accel_esp_modify_xfrm(struct mlx5_accel_esp_xfrm *xfrm,
170 const struct mlx5_accel_esp_xfrm_attrs *attrs)
171 {
172 const struct mlx5_accel_ipsec_ops *ipsec_ops = xfrm->mdev->ipsec_ops;
173
174 if (!ipsec_ops || !ipsec_ops->esp_modify_xfrm)
175 return -EOPNOTSUPP;
176
177 return ipsec_ops->esp_modify_xfrm(xfrm, attrs);
178 }
179 EXPORT_SYMBOL_GPL(mlx5_accel_esp_modify_xfrm);
180