+/* cfa_bds_read_cmd_data_msg (size:128b/16B) */
+struct cfa_bds_read_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /*
+ * This is read command. From 32 to 128B can be read from a table
+ * using this command.
+ */
+ #define CFA_BDS_READ_CMD_DATA_MSG_OPCODE_READ UINT32_C(0x0)
+ #define CFA_BDS_READ_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_READ_CMD_DATA_MSG_OPCODE_READ
+ /* This value selects the table type to be acted upon. */
+ uint8_t table_type;
+ /* This value selects the table type to be acted upon. */
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_TYPE_MASK UINT32_C(0xf)
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_TYPE_SFT 0
+ /* This command acts on the action table of the specified scope. */
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_TYPE_ACTION UINT32_C(0x0)
+ /* This command acts on the exact match table of the specified scope. */
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_TYPE_EM UINT32_C(0x1)
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_TYPE_LAST \
+ CFA_BDS_READ_CMD_DATA_MSG_TABLE_TYPE_EM
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_SCOPE_MASK UINT32_C(0x1f)
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ /*
+ * This value identifies the number of 32B units will be accessed. A
+ * value of zero is invalid. Maximum value is 4.
+ */
+ uint8_t data_size;
+ #define CFA_BDS_READ_CMD_DATA_MSG_DATA_SIZE_MASK UINT32_C(0x7)
+ #define CFA_BDS_READ_CMD_DATA_MSG_DATA_SIZE_SFT 0
+ /* This is the 32B index into the selected table to access. */
+ uint32_t table_index;
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_INDEX_MASK UINT32_C(0x3ffffff)
+ #define CFA_BDS_READ_CMD_DATA_MSG_TABLE_INDEX_SFT 0
+ /*
+ * This is the 64b host address where you want the data returned to. The
+ * data will be written to the same function as the one that owns the SQ
+ * this command is read from. The bottom two bits of this value must be
+ * zero. The size of the write is controlled by the data_size field.
+ */
+ uint64_t host_address;
+} __rte_packed;
+
+/* cfa_bds_write_cmd_data_msg (size:1152b/144B) */
+struct cfa_bds_write_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /*
+ * This is write command. From 32 to 128B can be written to a table
+ * using this command.
+ */
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_OPCODE_WRITE UINT32_C(0x1)
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_WRITE_CMD_DATA_MSG_OPCODE_WRITE
+ /* This value selects the table type to be acted upon. */
+ uint8_t write_thru_table_type;
+ /* This value selects the table type to be acted upon. */
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_TYPE_MASK UINT32_C(0xf)
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_TYPE_SFT 0
+ /* This command acts on the action table of the specified scope. */
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_TYPE_ACTION UINT32_C(0x0)
+ /* This command acts on the exact match table of the specified scope. */
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_TYPE_EM UINT32_C(0x1)
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_TYPE_LAST \
+ CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_TYPE_EM
+ /*
+ * Indicates write-through control. Indicates write-through when set,
+ * or write back when cleared.
+ */
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_WRITE_THRU UINT32_C(0x10)
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_SCOPE_MASK UINT32_C(0x1f)
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ /*
+ * This value identifies the number of 32B units will be accessed. A
+ * value of zero is invalid. Maximum value is 4.
+ */
+ uint8_t data_size;
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_DATA_SIZE_MASK UINT32_C(0x7)
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_DATA_SIZE_SFT 0
+ /* This is the 32B index into the selected table to access. */
+ uint32_t table_index;
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_INDEX_MASK UINT32_C(0x3ffffff)
+ #define CFA_BDS_WRITE_CMD_DATA_MSG_TABLE_INDEX_SFT 0
+ uint32_t unused0;
+ uint32_t unused1;
+ /*
+ * This is the data to be written. Data length is determined by the
+ * data_size field. The bd_cnt in the encapsulating BD must also be set
+ * correctly to ensure that the BD is processed correctly and the full
+ * WRITE_CMD message is extracted from the BD.
+ */
+ uint32_t dta[32];
+} __rte_packed;
+
+/* cfa_bds_read_clr_cmd_data_msg (size:192b/24B) */
+struct cfa_bds_read_clr_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /*
+ * This is read-clear command. 32B can be read from a table and
+ * a 16b mask can be used to clear specific 16b units after the
+ * read as an atomic operation.
+ */
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_OPCODE_READ_CLR UINT32_C(0x2)
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_READ_CLR_CMD_DATA_MSG_OPCODE_READ_CLR
+ /* This value selects the table type to be acted upon. */
+ uint8_t table_type;
+ /* This value selects the table type to be acted upon. */
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_TYPE_MASK UINT32_C(0xf)
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_TYPE_SFT 0
+ /* This command acts on the action table of the specified scope. */
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_TYPE_ACTION UINT32_C(0x0)
+ /* This command acts on the exact match table of the specified scope. */
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_TYPE_EM UINT32_C(0x1)
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_TYPE_LAST \
+ CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_TYPE_EM
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_SCOPE_MASK UINT32_C(0x1f)
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ uint8_t unused0;
+ /* This is the 32B index into the selected table to access. */
+ uint32_t table_index;
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_INDEX_MASK \
+ UINT32_C(0x3ffffff)
+ #define CFA_BDS_READ_CLR_CMD_DATA_MSG_TABLE_INDEX_SFT 0
+ /*
+ * This is the 64b host address where you want the data returned to. The
+ * data will be written to the same function as the one that owns the SQ
+ * this command is read from. The bottom two bits of this value must be
+ * zero. The size of the write is controlled by the data_size field.
+ */
+ uint64_t host_address;
+ /*
+ * This is active high clear mask for the 32B of data that this command
+ * can read. Bit 0 of the field will clear bits 15:0 of the first word
+ * of data read when set to '1'.
+ */
+ uint16_t clear_mask;
+ uint16_t unused1[3];
+} __rte_packed;
+
+/* cfa_bds_em_insert_cmd_data_msg (size:1152b/144B) */
+struct cfa_bds_em_insert_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /*
+ * An exact match table insert will be attempted into the table.
+ * If there is a free location in the bucket, the payload will
+ * be written to the bucket.
+ */
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_OPCODE_EM_INSERT UINT32_C(0x3)
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_EM_INSERT_CMD_DATA_MSG_OPCODE_EM_INSERT
+ /*
+ * Indicates write-through control. Indicates write-through when set,
+ * or write back when cleared.
+ */
+ uint8_t write_thru;
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_UNUSED_MASK UINT32_C(0xf)
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_UNUSED_SFT 0
+ /*
+ * Indicates write-through control. Indicates write-through when set,
+ * or write back when cleared.
+ */
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_WRITE_THRU UINT32_C(0x10)
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_TABLE_SCOPE_MASK UINT32_C(0x1f)
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ /*
+ * This value identifies the number of 32B units will be accessed. A
+ * value of zero is invalid. Maximum value is 4.
+ */
+ uint8_t data_size;
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_DATA_SIZE_MASK UINT32_C(0x7)
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_DATA_SIZE_SFT 0
+ /* This is the 32B index into the selected table to access. */
+ uint32_t table_index;
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_TABLE_INDEX_MASK \
+ UINT32_C(0x3ffffff)
+ #define CFA_BDS_EM_INSERT_CMD_DATA_MSG_TABLE_INDEX_SFT 0
+ /*
+ * This is the 64b host address where you want the data returned to. The
+ * data will be written to the same function as the one that owns the SQ
+ */
+ uint64_t host_address;
+ /*
+ * This is the Exact Match Lookup Record. Data length is determined by
+ * the data_size field. The bd_cnt in the encapsulating BD must also be
+ */
+ uint32_t dta[32];
+} __rte_packed;
+
+/* cfa_bds_em_delete_cmd_data_msg (size:192b/24B) */
+struct cfa_bds_em_delete_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /* An exact match table delete will be attempted. */
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_OPCODE_EM_DELETE UINT32_C(0x4)
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_EM_DELETE_CMD_DATA_MSG_OPCODE_EM_DELETE
+ /*
+ * Indicates write-through control. Indicates write-through when set,
+ * or write back when cleared.
+ */
+ uint8_t write_thru;
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_UNUSED_MASK UINT32_C(0xf)
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_UNUSED_SFT 0
+ /*
+ * Indicates write-through control. Indicates write-through when set,
+ * or write back when cleared.
+ */
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_WRITE_THRU UINT32_C(0x10)
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_TABLE_SCOPE_MASK UINT32_C(0x1f)
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ /*
+ * This value identifies the number of 32B units will be accessed. A
+ * value of zero is invalid. Maximum value is 4.
+ */
+ uint8_t data_size;
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_DATA_SIZE_MASK UINT32_C(0x7)
+ #define CFA_BDS_EM_DELETE_CMD_DATA_MSG_DATA_SIZE_SFT 0
+ uint32_t unused0;
+ /*
+ * This is the 64b host address where you want the data returned to. The
+ * data will be written to the same function as the one that owns the SQ
+ */
+ uint64_t host_address;
+ /*
+ * This is the Exact Match Lookup Record. Data length is determined by
+ * the data_size field. The bd_cnt in the encapsulating BD must also be
+ */
+ uint64_t dta;
+} __rte_packed;
+
+/* cfa_bds_invalidate_cmd_data_msg (size:64b/8B) */
+struct cfa_bds_invalidate_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /*
+ * The specified table area will be invalidated. If it is needed.
+ * again, it will be read from the backing store.
+ */
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_OPCODE_INVALIDATE UINT32_C(0x5)
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_INVALIDATE_CMD_DATA_MSG_OPCODE_INVALIDATE
+ /* This value selects the table type to be acted upon. */
+ uint8_t table_type;
+ /* This value selects the table type to be acted upon. */
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_TYPE_MASK UINT32_C(0xf)
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_TYPE_SFT 0
+ /* This command acts on the action table of the specified scope. */
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_TYPE_ACTION \
+ UINT32_C(0x0)
+ /* This command acts on the exact match table of the specified scope. */
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_TYPE_EM \
+ UINT32_C(0x1)
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_TYPE_LAST \
+ CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_TYPE_EM
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_SCOPE_MASK UINT32_C(0x1f)
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ uint8_t unused0;
+ /* This is the 32B index into the selected table to access. */
+ uint32_t table_index;
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_INDEX_MASK \
+ UINT32_C(0x3ffffff)
+ #define CFA_BDS_INVALIDATE_CMD_DATA_MSG_TABLE_INDEX_SFT 0
+} __rte_packed;
+
+/* cfa_bds_event_collect_cmd_data_msg (size:128b/16B) */
+struct cfa_bds_event_collect_cmd_data_msg {
+ /* This value selects the format for the mid-path command for the CFA. */
+ uint8_t opcode;
+ /* Reads notification messages from the Host Notification Queue. */
+ #define CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_OPCODE_EVENT_COLLECT \
+ UINT32_C(0x6)
+ #define CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_OPCODE_LAST \
+ CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_OPCODE_EVENT_COLLECT
+ uint8_t unused0;
+ /* This value selects which table scope will be accessed. */
+ uint8_t table_scope;
+ #define CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_TABLE_SCOPE_MASK \
+ UINT32_C(0x1f)
+ #define CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_TABLE_SCOPE_SFT 0
+ /*
+ * This value identifies the number of 32B units will be accessed. A
+ * value of zero is invalid. Maximum value is 4.
+ */
+ uint8_t data_size;
+ #define CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_DATA_SIZE_MASK UINT32_C(0x7)
+ #define CFA_BDS_EVENT_COLLECT_CMD_DATA_MSG_DATA_SIZE_SFT 0
+ uint32_t unused1;
+ /*
+ * This is the 64b host address where you want the data returned to. The
+ * data will be written to the same function as the one that owns the SQ
+ */
+ uint64_t host_address;
+} __rte_packed;
+
+/* ce_bds_add_data_msg (size:512b/64B) */
+struct ce_bds_add_data_msg {
+ uint32_t version_algorithm_kid_opcode;
+ /*
+ * This value selects the operation for the mid-path command for the
+ * crypto blocks.
+ */
+ #define CE_BDS_ADD_DATA_MSG_OPCODE_MASK UINT32_C(0xf)
+ #define CE_BDS_ADD_DATA_MSG_OPCODE_SFT 0
+ /*
+ * This is the add command. Using this opcode, Host Driver can add
+ * information required for kTLS processing. The information is
+ * updated in the CFCK context.
+ */
+ #define CE_BDS_ADD_DATA_MSG_OPCODE_ADD UINT32_C(0x1)
+ #define CE_BDS_ADD_DATA_MSG_OPCODE_LAST \
+ CE_BDS_ADD_DATA_MSG_OPCODE_ADD
+ /*
+ * This field is the Crypto Context ID. The KID is used to store
+ * information used by the associated kTLS offloaded connection.
+ */
+ #define CE_BDS_ADD_DATA_MSG_KID_MASK \
+ UINT32_C(0xfffff0)
+ #define CE_BDS_ADD_DATA_MSG_KID_SFT 4
+ /*
+ * Currently only two algorithms are supported, AES_GCM_128 and
+ * AES_GCM_256. Additional bits for future growth.
+ */
+ #define CE_BDS_ADD_DATA_MSG_ALGORITHM_MASK \
+ UINT32_C(0xf000000)
+ #define CE_BDS_ADD_DATA_MSG_ALGORITHM_SFT 24
+ /* AES_GCM_128 Algorithm */
+ #define CE_BDS_ADD_DATA_MSG_ALGORITHM_AES_GCM_128 \
+ UINT32_C(0x1000000)
+ /* AES_GCM_256 Algorithm */
+ #define CE_BDS_ADD_DATA_MSG_ALGORITHM_AES_GCM_256 \
+ UINT32_C(0x2000000)
+ /*
+ * Version number of TLS connection. HW will provide registers that
+ * converts the 4b encoded version number to 16b of actual version
+ * number in the TLS Header. * Initialized --> By mid-path command *
+ * Updated --> Never though another mid-path command will result in an
+ * update.
+ */
+ #define CE_BDS_ADD_DATA_MSG_VERSION_MASK \
+ UINT32_C(0xf0000000)
+ #define CE_BDS_ADD_DATA_MSG_VERSION_SFT 28
+ /* TLS1.2 Version */
+ #define CE_BDS_ADD_DATA_MSG__TLS1_2 \
+ (UINT32_C(0x0) << 28)
+ /* TLS1.3 Version */
+ #define CE_BDS_ADD_DATA_MSG__TLS1_3 \
+ (UINT32_C(0x1) << 28)
+ #define CE_BDS_ADD_DATA_MSG__LAST \
+ CE_BDS_ADD_DATA_MSG__TLS1_3
+ /*
+ * Command Type in the TLS header. HW will provide registers that
+ * converts the 3b encoded command type to 8b of actual command type in
+ * the TLS Header. * Initialized --> By mid-path command * Updated -->
+ * Never though another mid-path command will result in an update
+ */
+ uint8_t cmd_type;
+ #define CE_BDS_ADD_DATA_MSG_CMD_TYPE_MASK UINT32_C(0x7)
+ #define CE_BDS_ADD_DATA_MSG_CMD_TYPE_SFT 0
+ /* Application */
+ #define CE_BDS_ADD_DATA_MSG_CMD_TYPE_APP UINT32_C(0x0)
+ #define CE_BDS_ADD_DATA_MSG_CMD_TYPE_LAST \
+ CE_BDS_ADD_DATA_MSG_CMD_TYPE_APP
+ uint8_t unused0[3];
+ /*
+ * Salt is part of the nonce that is used as the Initial Vector (IV) in
+ * AES-GCM cipher suites. These are exchanged as part of the handshake
+ * process and is either the client_write_iv (when the client is
+ * sending) or server_write_iv (when the server is sending). In
+ * TLS1.2, 4B of Salt is concatenated with 8B of explicit_nonce to
+ * generate the 12B of IV. In TLS1.3, 8B of TLS record sequence number
+ * is zero padded to 12B and then xor'ed with the 4B of salt to generate
+ * the 12B of IV. This value is initialized by this mid-path command.
+ */
+ uint32_t salt;
+ uint32_t unused1;
+ /*
+ * This field keeps track of the TCP sequence number that is expected as
+ * the first byte in the next TCP packet. This field is calculated by HW
+ * using the output of the parser. The field is initialized as part of
+ * the Mid-path BD download/update of a kTLS connection. For every TCP
+ * packet processed, TCE HW will update the value to Current packet TCP
+ * sequence number + Current packet TCP Payload Length.
+ */
+ uint32_t pkt_tcp_seq_num;
+ /*
+ * This field maintains the TCP sequence number of the first byte in the
+ * header of the active TLS record. This field is initialized as part of
+ * the Mid-path BD download/update of a kTLS connection. For every
+ * record that is processed, TCE HW copies the value from the
+ * next_tls_header_tcp_seq_num field.
+ */
+ uint32_t tls_header_tcp_seq_num;
+ /*
+ * This is sequence number for the TLS record in a particular session.
+ * In TLS1.2, record sequence number is part of the Associated Data (AD)
+ * in the AEAD algorithm. In TLS1.3, record sequence number is part of
+ * the Initial Vector (IV). The field is initialized as part of the
+ * mid-path BD download/update of a kTLS connection. TCE HW increments
+ * the field after that for every record processed as it parses the TCP
+ * packet.
+ */
+ uint32_t record_seq_num[2];
+ /*
+ * Key used for encrypting or decrypting TLS records. The Key is
+ * exchanged during the hand-shake protocol by the client-server and
+ * provided to HW through this mid-path BD.
+ */
+ uint32_t session_key[8];
+} __rte_packed;
+
+/* ce_bds_delete_data_msg (size:64b/8B) */
+struct ce_bds_delete_data_msg {
+ uint32_t kid_opcode;
+ /*
+ * This value selects the operation for the mid-path command for the
+ * crypto blocks.
+ */
+ #define CE_BDS_DELETE_DATA_MSG_OPCODE_MASK UINT32_C(0xf)
+ #define CE_BDS_DELETE_DATA_MSG_OPCODE_SFT 0
+ /*
+ * This is the delete command. Using this opcode, the host Driver
+ * can remove a key context from the CFCK. If context is deleted
+ * and packets with the same KID come through the pipeline, the
+ * following actions are taken. For transmit packets, no crypto
+ * operation will be performed, payload will be zero'ed out. For
+ * receive packets, no crypto operation will be performed,
+ * payload will be unmodified.
+ */
+ #define CE_BDS_DELETE_DATA_MSG_OPCODE_DELETE UINT32_C(0x2)
+ #define CE_BDS_DELETE_DATA_MSG_OPCODE_LAST \
+ CE_BDS_DELETE_DATA_MSG_OPCODE_DELETE
+ /*
+ * This field is the Crypto Context ID. The KID is used to store
+ * information used by the associated kTLS offloaded connection.
+ */
+ #define CE_BDS_DELETE_DATA_MSG_KID_MASK UINT32_C(0xfffff0)
+ #define CE_BDS_DELETE_DATA_MSG_KID_SFT 4
+ uint32_t unused0;
+} __rte_packed;
+
+/* ce_bds_resync_resp_ack_msg (size:128b/16B) */
+struct ce_bds_resync_resp_ack_msg {
+ uint32_t resync_status_kid_opcode;
+ /*
+ * This value selects the operation for the mid-path command for the
+ * crypto blocks.
+ */
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_OPCODE_MASK UINT32_C(0xf)
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_OPCODE_SFT 0
+ /*
+ * This command is used by the driver as a response to the resync
+ * request sent by the crypto engine.
+ */
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_OPCODE_RESYNC UINT32_C(0x3)
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_OPCODE_LAST \
+ CE_BDS_RESYNC_RESP_ACK_MSG_OPCODE_RESYNC
+ /*
+ * This field is the Crypto Context ID. The KID is used to store
+ * information used by the associated kTLS offloaded connection.
+ */
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_KID_MASK UINT32_C(0xfffff0)
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_KID_SFT 4
+ /*
+ * This field indicates if the resync request resulted in a success or
+ * a failure.
+ */
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_RESYNC_STATUS \
+ UINT32_C(0x1000000)
+ /*
+ * An ACK indicates that the driver was able to find the TLS record
+ * associated with TCP sequence number provided by the HW
+ */
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_RESYNC_STATUS_ACK \
+ (UINT32_C(0x0) << 24)
+ #define CE_BDS_RESYNC_RESP_ACK_MSG_RESYNC_STATUS_LAST \
+ CE_BDS_RESYNC_RESP_ACK_MSG_RESYNC_STATUS_ACK
+ /*
+ * This field is the echo of the TCP sequence number provided in the
+ * resync request by the HW. If HW sent multiple resync requests, it
+ * only tracks the latest TCP sequence number. When the response from
+ * the Driver doesn't match the latest request, HW will drop the resync
+ * response.
+ */
+ uint32_t resync_record_tcp_seq_num;
+ /*
+ * This field indicates the TLS record sequence number associated with
+ * the resync request. HW will take this number and add the delta records
+ * it has found since sending the resync request, update the context and
+ * resume decrypting records.
+ */
+ uint32_t resync_record_seq_num[2];
+} __rte_packed;
+
+/* ce_bds_resync_resp_nack_msg (size:64b/8B) */
+struct ce_bds_resync_resp_nack_msg {
+ uint32_t resync_status_kid_opcode;
+ /*
+ * This value selects the operation for the mid-path command for the
+ * crypto blocks.
+ */
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_OPCODE_MASK UINT32_C(0xf)
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_OPCODE_SFT 0
+ /*
+ * This command is used by the driver as a response to the resync
+ * request sent by the crypto engine.
+ */
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_OPCODE_RESYNC UINT32_C(0x3)
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_OPCODE_LAST \
+ CE_BDS_RESYNC_RESP_NACK_MSG_OPCODE_RESYNC
+ /*
+ * This field is the Crypto Context ID. The KID is used to store
+ * information used by the associated kTLS offloaded connection.
+ */
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_KID_MASK \
+ UINT32_C(0xfffff0)
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_KID_SFT 4
+ /*
+ * This field indicates if the resync request resulted in a success or
+ * a failure.
+ */
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_RESYNC_STATUS \
+ UINT32_C(0x1000000)
+ /*
+ * An NAK indicates that the driver wasn't able to find the TLS
+ * record associated with TCP sequence number provided by the HW
+ */
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_RESYNC_STATUS_NACK \
+ (UINT32_C(0x1) << 24)
+ #define CE_BDS_RESYNC_RESP_NACK_MSG_RESYNC_STATUS_LAST \
+ CE_BDS_RESYNC_RESP_NACK_MSG_RESYNC_STATUS_NACK
+ /*
+ * This field is the echo of the TCP sequence number provided in the
+ * resync request by the HW. If HW sent multiple resync requests, it
+ * only tracks the latest TCP sequence number. When the response from
+ * the Driver doesn't match the latest request, HW will drop the resync
+ * response.
+ */
+ uint32_t resync_record_tcp_seq_num;
+} __rte_packed;
+
+/* crypto_presync_bd_cmd (size:256b/32B) */
+struct crypto_presync_bd_cmd {
+ uint8_t flags;
+ /*
+ * Typically, presync BDs are used for packet retransmissions. Source
+ * port sends all the packets in order over the network to destination
+ * port and packets get dropped in the network. The destination port
+ * will request retranmission of dropped packets and source port driver
+ * will send presync BD to setup the transmitter appropriately. It will
+ * provide the start and end TCP sequence number of the data to be
+ * transmitted. HW keeps two sets of context variable, one for in order
+ * traffic and one for retransmission traffic. HW is designed to
+ * transmit everything posted in the presync BD and return to in order
+ * mode after that. No inorder context variables are updated in the
+ * process. There is a special case where packets can be dropped
+ * between the TCP stack and Device Driver (Berkeley Packet Filter for
+ * ex) and HW still needs to transmit rest of the traffic. In this
+ * mode, driver will send a presync BD as if it is a retransmission but
+ * at the end of the transmission, the in order variables need to be
+ * updated. This flag is used by driver to indicate that in order
+ * variables needs to be updated at the end of completing the task
+ * associated with the presync BD.
+ */
+ #define CRYPTO_PRESYNC_BD_CMD_FLAGS_UPDATE_IN_ORDER_VAR \
+ UINT32_C(0x1)
+ uint8_t unused0;
+ uint16_t unused1;
+ /*
+ * This field maintains the TCP sequence number of the first byte in the
+ * Header of the active TLS record. This field is set to 0 during
+ * mid-path BD updates, but is set to correct value when a presync BD is
+ * detected. For every record that is processed, the value from the
+ * next_tls_header_tcp_seq_num field is copied.
+ */
+ uint32_t header_tcp_seq_num;
+ /*
+ * When a retransmitted packet has a TLS authentication TAG present and
+ * the data spans multiple TCP Packets, HW is required to read the entire
+ * record to recalculate the TAG but only transmit what is required. This
+ * field is the start TCP sequence number of the packet(s) that need to
+ * be re-transmitted. This field is initialized to 0 during Mid-path BD
+ * add command and initialized to value provided by the driver when
+ * Pre-sync BD is detected. This field is never updated unless another
+ * Pre-sync BD signaling a new retransmission is scheduled.
+ */
+ uint32_t start_tcp_seq_num;
+ /*
+ * When a retransmitted packet has a TLS authentication TAG present and
+ * the data spans multiple TCP Packets, HW is required to read the
+ * entire record to recalculate the TAG but only transmit what is
+ * required. This field is the end TCP sequence number of the packet(s)
+ * that need to be re-transmitted. This field is initialized to 0 during
+ * Mid-path BD add command and initialized to value provided by the
+ * driver when Pre-sync BD is detected. This field is never updated
+ * unless another Pre-sync BD signaling a new retransmission is
+ * scheduled.
+ */
+ uint32_t end_tcp_seq_num;
+ /*
+ * For TLS1.2, an explicit nonce is used as part of the IV (concatenated
+ * with the SALT). For retans packets, this field is extracted from the
+ * TLS record, field right after the TLS Header and stored in the
+ * context. This field needs to be stored in context as TCP segmentation
+ * could have split the field into multiple TCP packets. This value is
+ * initialized to 0 when presync BD is detected by taking the value from
+ * the first TLS header. When subsequent TLS Headers are detected, the
+ * value is extracted from packet.
+ */
+ uint32_t explicit_nonce[2];
+ /*
+ * This is sequence number for the TLS record in a particular session. In
+ * TLS1.2, record sequence number is part of the Associated Data (AD) in
+ * the AEAD algorithm. In TLS1.3, record sequence number is part of the
+ * Initial Vector (IV). The field is initialized to 0 during Mid-path BD
+ * download. Is initialized to correct value when a pre-sync BD is
+ * detected. TCE HW increments the field after that for every record
+ * processed as it parses the TCP packet. Subsequent pre-sync BDs
+ * delivering more retransmission instruction will also update this
+ * field.
+ */
+ uint32_t record_seq_num[2];
+} __rte_packed;
+