1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34#ifndef __MLX5_ACCEL_IPSEC_H__
35#define __MLX5_ACCEL_IPSEC_H__
36
37#ifdef CONFIG_MLX5_ACCEL
38
39#include <linux/mlx5/driver.h>
40
41enum {
42 MLX5_ACCEL_IPSEC_DEVICE = BIT(1),
43 MLX5_ACCEL_IPSEC_IPV6 = BIT(2),
44 MLX5_ACCEL_IPSEC_ESP = BIT(3),
45 MLX5_ACCEL_IPSEC_LSO = BIT(4),
46};
47
48#define MLX5_IPSEC_SADB_IP_AH BIT(7)
49#define MLX5_IPSEC_SADB_IP_ESP BIT(6)
50#define MLX5_IPSEC_SADB_SA_VALID BIT(5)
51#define MLX5_IPSEC_SADB_SPI_EN BIT(4)
52#define MLX5_IPSEC_SADB_DIR_SX BIT(3)
53#define MLX5_IPSEC_SADB_IPV6 BIT(2)
54
55enum {
56 MLX5_IPSEC_CMD_ADD_SA = 0,
57 MLX5_IPSEC_CMD_DEL_SA = 1,
58};
59
60enum mlx5_accel_ipsec_enc_mode {
61 MLX5_IPSEC_SADB_MODE_NONE = 0,
62 MLX5_IPSEC_SADB_MODE_AES_GCM_128_AUTH_128 = 1,
63 MLX5_IPSEC_SADB_MODE_AES_GCM_256_AUTH_128 = 3,
64};
65
66#define MLX5_IPSEC_DEV(mdev) (mlx5_accel_ipsec_device_caps(mdev) & \
67 MLX5_ACCEL_IPSEC_DEVICE)
68
69struct mlx5_accel_ipsec_sa {
70 __be32 cmd;
71 u8 key_enc[32];
72 u8 key_auth[32];
73 __be32 sip[4];
74 __be32 dip[4];
75 union {
76 struct {
77 __be32 reserved;
78 u8 salt_iv[8];
79 __be32 salt;
80 } __packed gcm;
81 struct {
82 u8 salt[16];
83 } __packed cbc;
84 };
85 __be32 spi;
86 __be32 sw_sa_handle;
87 __be16 tfclen;
88 u8 enc_mode;
89 u8 sip_masklen;
90 u8 dip_masklen;
91 u8 flags;
92 u8 reserved[2];
93} __packed;
94
95
96
97
98
99
100
101
102
103void *mlx5_accel_ipsec_sa_cmd_exec(struct mlx5_core_dev *mdev,
104 struct mlx5_accel_ipsec_sa *cmd);
105
106
107
108
109
110
111
112int mlx5_accel_ipsec_sa_cmd_wait(void *context);
113
114u32 mlx5_accel_ipsec_device_caps(struct mlx5_core_dev *mdev);
115
116unsigned int mlx5_accel_ipsec_counters_count(struct mlx5_core_dev *mdev);
117int mlx5_accel_ipsec_counters_read(struct mlx5_core_dev *mdev, u64 *counters,
118 unsigned int count);
119
120int mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev);
121void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev);
122
123#else
124
125#define MLX5_IPSEC_DEV(mdev) false
126
127static inline int mlx5_accel_ipsec_init(struct mlx5_core_dev *mdev)
128{
129 return 0;
130}
131
132static inline void mlx5_accel_ipsec_cleanup(struct mlx5_core_dev *mdev)
133{
134}
135
136#endif
137
138#endif
139