/*
 * Copyright (c) 2018 Mellanox Technologies. All rights reserved.
 *
 * This software is available to you under a choice of one of two
 * licenses.  You may choose to be licensed under the terms of the GNU
 * General Public License (GPL) Version 2, available from the file
 * COPYING in the main directory of this source tree, or the
 * OpenIB.org BSD license below:
 *
 *     Redistribution and use in source and binary forms, with or
 *     without modification, are permitted provided that the following
 *     conditions are met:
 *
 *      - Redistributions of source code must retain the above
 *        copyright notice, this list of conditions and the following
 *        disclaimer.
 *
 *      - Redistributions in binary form must reproduce the above
 *        copyright notice, this list of conditions and the following
 *        disclaimer in the documentation and/or other materials
 *        provided with the distribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 *
 */

#ifndef __MLX5_ACCEL_TLS_H__
#define __MLX5_ACCEL_TLS_H__

#include <linux/mlx5/driver.h>
#include <linux/tls.h>

#ifdef CONFIG_MLX5_TLS
int mlx5_ktls_create_key(struct mlx5_core_dev *mdev,
                         struct tls_crypto_info *crypto_info,
                         u32 *p_key_id);
void mlx5_ktls_destroy_key(struct mlx5_core_dev *mdev, u32 key_id);

static inline bool mlx5_accel_is_ktls_tx(struct mlx5_core_dev *mdev)
{
        return MLX5_CAP_GEN(mdev, tls_tx);
}

static inline bool mlx5_accel_is_ktls_rx(struct mlx5_core_dev *mdev)
{
        return MLX5_CAP_GEN(mdev, tls_rx);
}

static inline bool mlx5_accel_is_ktls_device(struct mlx5_core_dev *mdev)
{
        if (!mlx5_accel_is_ktls_tx(mdev) &&
            !mlx5_accel_is_ktls_rx(mdev))
                return false;

        if (!MLX5_CAP_GEN(mdev, log_max_dek))
                return false;

        return MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128);
}

static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
                                         struct tls_crypto_info *crypto_info)
{
        switch (crypto_info->cipher_type) {
        case TLS_CIPHER_AES_GCM_128:
                if (crypto_info->version == TLS_1_2_VERSION)
                        return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_128);
                break;
        }

        return false;
}
#else
static inline bool mlx5_accel_is_ktls_tx(struct mlx5_core_dev *mdev)
{ return false; }

static inline bool mlx5_accel_is_ktls_rx(struct mlx5_core_dev *mdev)
{ return false; }

static inline int
mlx5_ktls_create_key(struct mlx5_core_dev *mdev,
                     struct tls_crypto_info *crypto_info,
                     u32 *p_key_id) { return -ENOTSUPP; }
static inline void
mlx5_ktls_destroy_key(struct mlx5_core_dev *mdev, u32 key_id) {}

static inline bool
mlx5_accel_is_ktls_device(struct mlx5_core_dev *mdev) { return false; }
static inline bool
mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
                      struct tls_crypto_info *crypto_info) { return false; }
#endif

enum {
        MLX5_ACCEL_TLS_TX = BIT(0),
        MLX5_ACCEL_TLS_RX = BIT(1),
        MLX5_ACCEL_TLS_V12 = BIT(2),
        MLX5_ACCEL_TLS_V13 = BIT(3),
        MLX5_ACCEL_TLS_LRO = BIT(4),
        MLX5_ACCEL_TLS_IPV6 = BIT(5),
        MLX5_ACCEL_TLS_AES_GCM128 = BIT(30),
        MLX5_ACCEL_TLS_AES_GCM256 = BIT(31),
};

struct mlx5_ifc_tls_flow_bits {
        u8         src_port[0x10];
        u8         dst_port[0x10];
        union mlx5_ifc_ipv6_layout_ipv4_layout_auto_bits src_ipv4_src_ipv6;
        union mlx5_ifc_ipv6_layout_ipv4_layout_auto_bits dst_ipv4_dst_ipv6;
        u8         ipv6[0x1];
        u8         direction_sx[0x1];
        u8         reserved_at_2[0x1e];
};

#ifdef CONFIG_MLX5_FPGA_TLS
int mlx5_accel_tls_add_flow(struct mlx5_core_dev *mdev, void *flow,
                            struct tls_crypto_info *crypto_info,
                            u32 start_offload_tcp_sn, u32 *p_swid,
                            bool direction_sx);
void mlx5_accel_tls_del_flow(struct mlx5_core_dev *mdev, u32 swid,
                             bool direction_sx);
int mlx5_accel_tls_resync_rx(struct mlx5_core_dev *mdev, __be32 handle,
                             u32 seq, __be64 rcd_sn);
bool mlx5_accel_is_tls_device(struct mlx5_core_dev *mdev);
u32 mlx5_accel_tls_device_caps(struct mlx5_core_dev *mdev);
int mlx5_accel_tls_init(struct mlx5_core_dev *mdev);
void mlx5_accel_tls_cleanup(struct mlx5_core_dev *mdev);

#else

static inline int
mlx5_accel_tls_add_flow(struct mlx5_core_dev *mdev, void *flow,
                        struct tls_crypto_info *crypto_info,
                        u32 start_offload_tcp_sn, u32 *p_swid,
                        bool direction_sx) { return -ENOTSUPP; }
static inline void mlx5_accel_tls_del_flow(struct mlx5_core_dev *mdev, u32 swid,
                                           bool direction_sx) { }
static inline int mlx5_accel_tls_resync_rx(struct mlx5_core_dev *mdev, __be32 handle,
                                           u32 seq, __be64 rcd_sn) { return 0; }
static inline bool mlx5_accel_is_tls_device(struct mlx5_core_dev *mdev)
{
        return mlx5_accel_is_ktls_device(mdev);
}
static inline u32 mlx5_accel_tls_device_caps(struct mlx5_core_dev *mdev) { return 0; }
static inline int mlx5_accel_tls_init(struct mlx5_core_dev *mdev) { return 0; }
static inline void mlx5_accel_tls_cleanup(struct mlx5_core_dev *mdev) { }
#endif

#endif  /* __MLX5_ACCEL_TLS_H__ */