diff options
| author | Hans Petter Selasky <hselasky@FreeBSD.org> | 2019-12-05 15:16:19 +0000 |
|---|---|---|
| committer | Hans Petter Selasky <hselasky@FreeBSD.org> | 2019-12-05 15:16:19 +0000 |
| commit | 04f1690bf0f7cf363abdf4257a64f23eb4b26f7d (patch) | |
| tree | c0a04890a491f877bfa1fabde99b4620d420d4a8 /sys/dev/mlx5/mlx5_ifc.h | |
| parent | c4c88d4718ff26fda74343e189c0b9ab0b3c9133 (diff) | |
Add basic support for TCP/IP based hardware TLS offload to mlx5core.
The hardware offload is primarily targeted for TLS v1.2 and v1.3,
using AES 128/256 bit pre-shared keys. This patch adds all the needed
hardware structures, capabilites and firmware commands.
Sponsored by: Mellanox Technologies
Notes
Notes:
svn path=/head/; revision=355421
Diffstat (limited to 'sys/dev/mlx5/mlx5_ifc.h')
| -rw-r--r-- | sys/dev/mlx5/mlx5_ifc.h | 167 |
1 files changed, 161 insertions, 6 deletions
diff --git a/sys/dev/mlx5/mlx5_ifc.h b/sys/dev/mlx5/mlx5_ifc.h index 971e0a0733ac..9000cf6e0ee3 100644 --- a/sys/dev/mlx5/mlx5_ifc.h +++ b/sys/dev/mlx5/mlx5_ifc.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2013-2017, Mellanox Technologies, Ltd. All rights reserved. + * Copyright (c) 2013-2019, Mellanox Technologies, Ltd. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,6 +63,7 @@ enum { MLX5_EVENT_TYPE_NIC_VPORT_CHANGE = 0xd, MLX5_EVENT_TYPE_FPGA_ERROR = 0x20, MLX5_EVENT_TYPE_FPGA_QP_ERROR = 0x21, + MLX5_EVENT_TYPE_CODING_GENERAL_OBJ_EVENT = 0x27, }; enum { @@ -252,6 +253,11 @@ enum { MLX5_CMD_OP_FPGA_QUERY_QP = 0x962, MLX5_CMD_OP_FPGA_DESTROY_QP = 0x963, MLX5_CMD_OP_FPGA_QUERY_QP_COUNTERS = 0x964, + MLX5_CMD_OP_CREATE_GENERAL_OBJ = 0xa00, + MLX5_CMD_OP_MODIFY_GENERAL_OBJ = 0xa01, + MLX5_CMD_OP_QUERY_GENERAL_OBJ = 0xa02, + MLX5_CMD_OP_DESTROY_GENERAL_OBJ = 0xa03, + }; enum { @@ -269,6 +275,23 @@ enum { MLX5_ICMD_CMDS_OPCODE_ICMD_OPCODE_INIT_OCSD = 0xf004 }; +enum { + MLX5_GENERAL_OBJECT_TYPES_ENCRYPTION_KEY = 0xc, +}; + +enum { + MLX5_HCA_CAP_GENERAL_OBJ_TYPES_ENCRYPTION_KEY = 1 << 0xc, +}; + +enum { + MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_128 = 0x0, + MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_KEY_SIZE_256 = 0x1, +}; + +enum { + MLX5_GENERAL_OBJECT_TYPE_ENCRYPTION_KEY_TYPE_DEK = 0x1, +}; + struct mlx5_ifc_flow_table_fields_supported_bits { u8 outer_dmac[0x1]; u8 outer_smac[0x1]; @@ -1268,7 +1291,17 @@ struct mlx5_ifc_cmd_hca_cap_bits { u8 reserved_61[0x3]; u8 log_max_current_uc_list[0x5]; - u8 reserved_62[0x80]; + u8 general_obj_types[0x40]; + + u8 reserved_at_440[0x8]; + u8 create_qp_start_hint[0x18]; + + u8 tls[0x1]; + u8 reserved_at_461[0x2]; + u8 log_max_uctx[0x5]; + u8 reserved_at_468[0x3]; + u8 log_max_umem[0x5]; + u8 max_num_eqs[0x10]; u8 reserved_63[0x3]; u8 log_max_l2_table[0x5]; @@ -1287,7 +1320,13 @@ struct mlx5_ifc_cmd_hca_cap_bits { u8 reserved_67[0x10]; u8 log_max_atomic_size_dc[0x8]; - u8 reserved_68[0x1f]; + u8 reserved_at_5a0[0x13]; + u8 log_max_dek[0x5]; + u8 reserved_at_5b8[0x4]; + u8 mini_cqe_resp_stride_index[0x1]; + u8 cqe_128_always[0x1]; + u8 cqe_compression_128b[0x1]; + u8 cqe_compression[0x1]; u8 cqe_compression_timeout[0x10]; @@ -1332,6 +1371,16 @@ struct mlx5_ifc_rx_hash_field_select_bits { u8 selected_fields[0x1e]; }; +struct mlx5_ifc_tls_capabilities_bits { + u8 tls_1_2_aes_gcm_128[0x1]; + u8 tls_1_3_aes_gcm_128[0x1]; + u8 tls_1_2_aes_gcm_256[0x1]; + u8 tls_1_3_aes_gcm_256[0x1]; + u8 reserved_at_4[0x1c]; + + u8 reserved_at_20[0x7e0]; +}; + enum { MLX5_WQ_TYPE_LINKED_LIST = 0x0, MLX5_WQ_TYPE_CYCLIC = 0x1, @@ -2212,7 +2261,8 @@ struct mlx5_ifc_traffic_counter_bits { struct mlx5_ifc_tisc_bits { u8 strict_lag_tx_port_affinity[0x1]; - u8 reserved_at_1[0x3]; + u8 tls_en[0x1]; + u8 reserved_at_2[0x2]; u8 lag_tx_port_affinity[0x04]; u8 reserved_at_8[0x4]; @@ -2227,7 +2277,10 @@ struct mlx5_ifc_tisc_bits { u8 reserved_4[0x8]; u8 underlay_qpn[0x18]; - u8 reserved_5[0x3a0]; + u8 reserved_5[0x8]; + u8 pd[0x18]; + + u8 reserved_6[0x380]; }; enum { @@ -2255,7 +2308,8 @@ struct mlx5_ifc_tirc_bits { u8 reserved_0[0x20]; u8 disp_type[0x4]; - u8 reserved_1[0x1c]; + u8 tls_en[0x1]; + u8 reserved_at_25[0x1b]; u8 reserved_2[0x40]; @@ -2717,6 +2771,7 @@ union mlx5_ifc_hca_cap_union_bits { struct mlx5_ifc_snapshot_cap_bits snapshot_cap; struct mlx5_ifc_debug_cap_bits diagnostic_counters_cap; struct mlx5_ifc_qos_cap_bits qos_cap; + struct mlx5_ifc_tls_capabilities_bits tls_capabilities; u8 reserved_0[0x8000]; }; @@ -5956,6 +6011,24 @@ struct mlx5_ifc_get_dropped_packet_log_in_bits { u8 reserved_2[0x40]; }; +struct mlx5_ifc_encryption_key_obj_bits { + u8 modify_field_select[0x40]; + + u8 reserved_at_40[0x14]; + u8 key_size[0x4]; + u8 reserved_at_58[0x4]; + u8 key_type[0x4]; + + u8 reserved_at_60[0x8]; + u8 pd[0x18]; + + u8 reserved_at_80[0x180]; + + u8 key[8][0x20]; + + u8 reserved_at_300[0x500]; +}; + struct mlx5_ifc_gen_eqe_in_bits { u8 opcode[0x10]; u8 reserved_0[0x10]; @@ -6428,6 +6501,27 @@ struct mlx5_ifc_destroy_flow_group_in_bits { u8 reserved_6[0x120]; }; +struct mlx5_ifc_destroy_encryption_key_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 reserved_at_40[0x40]; +}; + +struct mlx5_ifc_destroy_encryption_key_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 obj_type[0x10]; + + u8 obj_id[0x20]; + + u8 reserved_at_60[0x20]; +}; + struct mlx5_ifc_destroy_eq_out_bits { u8 status[0x8]; u8 reserved_0[0x18]; @@ -7257,6 +7351,29 @@ struct mlx5_ifc_create_flow_group_in_bits { u8 reserved_10[0xe00]; }; +struct mlx5_ifc_create_encryption_key_out_bits { + u8 status[0x8]; + u8 reserved_at_8[0x18]; + + u8 syndrome[0x20]; + + u8 obj_id[0x20]; + + u8 reserved_at_60[0x20]; +}; + +struct mlx5_ifc_create_encryption_key_in_bits { + u8 opcode[0x10]; + u8 reserved_at_10[0x10]; + + u8 reserved_at_20[0x10]; + u8 obj_type[0x10]; + + u8 reserved_at_40[0x40]; + + struct mlx5_ifc_encryption_key_obj_bits encryption_key_object; +}; + struct mlx5_ifc_create_eq_out_bits { u8 status[0x8]; u8 reserved_0[0x18]; @@ -9746,6 +9863,44 @@ struct mlx5_ifc_mtt_bits { u8 rd_en[0x1]; }; +struct mlx5_ifc_tls_progress_params_bits { + u8 valid[0x1]; + u8 reserved_at_1[0x7]; + u8 pd[0x18]; + + u8 next_record_tcp_sn[0x20]; + + u8 hw_resync_tcp_sn[0x20]; + + u8 record_tracker_state[0x2]; + u8 auth_state[0x2]; + u8 reserved_at_64[0x4]; + u8 hw_offset_record_number[0x18]; +}; + +struct mlx5_ifc_tls_static_params_bits { + u8 const_2[0x2]; + u8 tls_version[0x4]; + u8 const_1[0x2]; + u8 reserved_at_8[0x14]; + u8 encryption_standard[0x4]; + + u8 reserved_at_20[0x20]; + + u8 initial_record_number[0x40]; + + u8 resync_tcp_sn[0x20]; + + u8 gcm_iv[0x20]; + + u8 implicit_iv[0x40]; + + u8 reserved_at_100[0x8]; + u8 dek_index[0x18]; + + u8 reserved_at_120[0xe0]; +}; + /* Vendor Specific Capabilities, VSC */ enum { MLX5_VSC_DOMAIN_ICMD = 0x1, |