From 178d8c506ec36b045ce802dda97ee7683e5a0c3d Mon Sep 17 00:00:00 2001 From: Dekel Peled Date: Tue, 4 May 2021 20:54:50 +0300 Subject: [PATCH] common/mlx5: support general object DEK Data Encryption Keys (DEKs) are the keys used for data encryption/decryption operations. Add reading of DEK support capability. Add function to create general object type DEK, using DevX API. Arrange common version.map file in alphabetical order. Signed-off-by: Dekel Peled Acked-by: Matan Azrad --- drivers/common/mlx5/mlx5_devx_cmds.c | 53 +++++++++++++++++++++++++++ drivers/common/mlx5/mlx5_devx_cmds.h | 17 +++++++++ drivers/common/mlx5/mlx5_prm.h | 39 ++++++++++++++++++++ drivers/common/mlx5/version.map | 55 ++++++++++++++++------------ 4 files changed, 140 insertions(+), 24 deletions(-) diff --git a/drivers/common/mlx5/mlx5_devx_cmds.c b/drivers/common/mlx5/mlx5_devx_cmds.c index 68bb6f9a22..b70e2f35b9 100644 --- a/drivers/common/mlx5/mlx5_devx_cmds.c +++ b/drivers/common/mlx5/mlx5_devx_cmds.c @@ -741,6 +741,8 @@ mlx5_devx_cmd_query_hca_attr(void *ctx, MLX5_GENERAL_OBJ_TYPES_CAP_FLOW_HIT_ASO); attr->geneve_tlv_opt = !!(general_obj_types_supported & MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT); + attr->dek = !!(general_obj_types_supported & + MLX5_GENERAL_OBJ_TYPES_CAP_DEK); /* Add reading of other GENERAL_OBJ_TYPES_CAP bits above this line. */ attr->log_max_cq = MLX5_GET(cmd_hca_cap, hcattr, log_max_cq); attr->log_max_qp = MLX5_GET(cmd_hca_cap, hcattr, log_max_qp); @@ -2395,3 +2397,54 @@ mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear, *out_of_buffers = MLX5_GET(query_q_counter_out, out, out_of_buffer); return 0; } + +/** + * Create general object of type DEK using DevX API. + * + * @param[in] ctx + * Context returned from mlx5 open_device() glue function. + * @param [in] attr + * Pointer to DEK attributes structure. + * + * @return + * The DevX object created, NULL otherwise and rte_errno is set. + */ +struct mlx5_devx_obj * +mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr) +{ + uint32_t in[MLX5_ST_SZ_DW(create_dek_in)] = {0}; + uint32_t out[MLX5_ST_SZ_DW(general_obj_out_cmd_hdr)] = {0}; + struct mlx5_devx_obj *dek_obj = NULL; + void *ptr = NULL, *key_addr = NULL; + + dek_obj = mlx5_malloc(MLX5_MEM_ZERO, sizeof(*dek_obj), + 0, SOCKET_ID_ANY); + if (dek_obj == NULL) { + DRV_LOG(ERR, "Failed to allocate DEK object data"); + rte_errno = ENOMEM; + return NULL; + } + ptr = MLX5_ADDR_OF(create_dek_in, in, hdr); + MLX5_SET(general_obj_in_cmd_hdr, ptr, opcode, + MLX5_CMD_OP_CREATE_GENERAL_OBJECT); + MLX5_SET(general_obj_in_cmd_hdr, ptr, obj_type, + MLX5_GENERAL_OBJ_TYPE_DEK); + ptr = MLX5_ADDR_OF(create_dek_in, in, dek); + MLX5_SET(dek, ptr, key_size, attr->key_size); + MLX5_SET(dek, ptr, has_keytag, attr->has_keytag); + MLX5_SET(dek, ptr, key_purpose, attr->key_purpose); + MLX5_SET(dek, ptr, pd, attr->pd); + MLX5_SET64(dek, ptr, opaque, attr->opaque); + key_addr = MLX5_ADDR_OF(dek, ptr, key); + memcpy(key_addr, (void *)(attr->key), MLX5_CRYPTO_KEY_MAX_SIZE); + dek_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in), + out, sizeof(out)); + if (dek_obj->obj == NULL) { + rte_errno = errno; + DRV_LOG(ERR, "Failed to create DEK obj using DevX."); + mlx5_free(dek_obj); + return NULL; + } + dek_obj->id = MLX5_GET(general_obj_out_cmd_hdr, out, obj_id); + return dek_obj; +} diff --git a/drivers/common/mlx5/mlx5_devx_cmds.h b/drivers/common/mlx5/mlx5_devx_cmds.h index c0e6fab1d7..3f7e1601eb 100644 --- a/drivers/common/mlx5/mlx5_devx_cmds.h +++ b/drivers/common/mlx5/mlx5_devx_cmds.h @@ -138,6 +138,7 @@ struct mlx5_hca_attr { uint32_t reg_c_preserve:1; uint32_t crypto:1; /* Crypto engine is supported. */ uint32_t aes_xts:1; /* AES-XTS crypto is supported. */ + uint32_t dek:1; /* General obj type DEK is supported. */ uint32_t regexp_num_of_engines; uint32_t log_max_ft_sampler_num:8; uint32_t geneve_tlv_opt; @@ -434,6 +435,18 @@ struct mlx5_devx_graph_node_attr { struct mlx5_devx_graph_arc_attr out[MLX5_GRAPH_NODE_ARC_NUM]; }; +/* Encryption key size is up to 1024 bit, 128 bytes. */ +#define MLX5_CRYPTO_KEY_MAX_SIZE 128 + +struct mlx5_devx_dek_attr { + uint32_t key_size:4; + uint32_t has_keytag:1; + uint32_t key_purpose:4; + uint32_t pd:24; + uint64_t opaque; + uint8_t key[MLX5_CRYPTO_KEY_MAX_SIZE]; +}; + /* mlx5_devx_cmds.c */ __rte_internal @@ -586,4 +599,8 @@ int mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear, __rte_internal struct mlx5_devx_obj *mlx5_devx_cmd_create_flow_meter_aso_obj(void *ctx, uint32_t pd, uint32_t log_obj_size); +__rte_internal +struct mlx5_devx_obj * +mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr); + #endif /* RTE_PMD_MLX5_DEVX_CMDS_H_ */ diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h index 158d486316..b250599dc4 100644 --- a/drivers/common/mlx5/mlx5_prm.h +++ b/drivers/common/mlx5/mlx5_prm.h @@ -1109,6 +1109,8 @@ enum { (1ULL << MLX5_GENERAL_OBJ_TYPE_FLOW_METER_ASO) #define MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT \ (1ULL << MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT) +#define MLX5_GENERAL_OBJ_TYPES_CAP_DEK \ + (1ULL << MLX5_GENERAL_OBJ_TYPE_DEK) enum { MLX5_HCA_CAP_OPMOD_GET_MAX = 0, @@ -2399,6 +2401,7 @@ struct mlx5_ifc_create_cq_in_bits { enum { MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT = 0x000b, + MLX5_GENERAL_OBJ_TYPE_DEK = 0x000c, MLX5_GENERAL_OBJ_TYPE_VIRTQ = 0x000d, MLX5_GENERAL_OBJ_TYPE_VIRTIO_Q_COUNTERS = 0x001c, MLX5_GENERAL_OBJ_TYPE_FLEX_PARSE_GRAPH = 0x0022, @@ -2462,6 +2465,42 @@ struct mlx5_ifc_create_geneve_tlv_option_in_bits { struct mlx5_ifc_geneve_tlv_option_bits geneve_tlv_opt; }; +enum { + MLX5_CRYPTO_KEY_SIZE_128b = 0x0, + MLX5_CRYPTO_KEY_SIZE_256b = 0x1, +}; + +enum { + MLX5_CRYPTO_KEY_PURPOSE_TLS = 0x1, + MLX5_CRYPTO_KEY_PURPOSE_IPSEC = 0x2, + MLX5_CRYPTO_KEY_PURPOSE_AES_XTS = 0x3, + MLX5_CRYPTO_KEY_PURPOSE_MACSEC = 0x4, + MLX5_CRYPTO_KEY_PURPOSE_GCM = 0x5, + MLX5_CRYPTO_KEY_PURPOSE_PSP = 0x6, +}; + +struct mlx5_ifc_dek_bits { + u8 modify_field_select[0x40]; + u8 state[0x8]; + u8 reserved_at_48[0xc]; + u8 key_size[0x4]; + u8 has_keytag[0x1]; + u8 reserved_at_59[0x3]; + u8 key_purpose[0x4]; + u8 reserved_at_60[0x8]; + u8 pd[0x18]; + u8 reserved_at_80[0x100]; + u8 opaque[0x40]; + u8 reserved_at_1c0[0x40]; + u8 key[0x400]; + u8 reserved_at_600[0x200]; +}; + +struct mlx5_ifc_create_dek_in_bits { + struct mlx5_ifc_general_obj_in_cmd_hdr_bits hdr; + struct mlx5_ifc_dek_bits dek; +}; + enum { MLX5_VIRTQ_STATE_INIT = 0, MLX5_VIRTQ_STATE_RDY = 1, diff --git a/drivers/common/mlx5/version.map b/drivers/common/mlx5/version.map index 18dc96276d..42bb985fb1 100644 --- a/drivers/common/mlx5/version.map +++ b/drivers/common/mlx5/version.map @@ -12,21 +12,24 @@ INTERNAL { mlx5_dev_to_pci_addr; # WINDOWS_NO_EXPORT + mlx5_devx_alloc_uar; # WINDOWS_NO_EXPORT + mlx5_devx_cmd_alloc_pd; mlx5_devx_cmd_create_cq; + mlx5_devx_cmd_create_dek_obj; mlx5_devx_cmd_create_flex_parser; + mlx5_devx_cmd_create_flow_hit_aso_obj; + mlx5_devx_cmd_create_flow_meter_aso_obj; + mlx5_devx_cmd_create_geneve_tlv_option; mlx5_devx_cmd_create_qp; mlx5_devx_cmd_create_rq; mlx5_devx_cmd_create_rqt; mlx5_devx_cmd_create_sq; - mlx5_devx_cmd_create_tir; mlx5_devx_cmd_create_td; + mlx5_devx_cmd_create_tir; mlx5_devx_cmd_create_tis; mlx5_devx_cmd_create_virtio_q_counters; # WINDOWS_NO_EXPORT mlx5_devx_cmd_create_virtq; - mlx5_devx_cmd_create_flow_hit_aso_obj; - mlx5_devx_cmd_create_flow_meter_aso_obj; - mlx5_devx_cmd_create_geneve_tlv_option; mlx5_devx_cmd_destroy; mlx5_devx_cmd_flow_counter_alloc; mlx5_devx_cmd_flow_counter_query; @@ -48,41 +51,49 @@ INTERNAL { mlx5_devx_cmd_queue_counter_query; # WINDOWS_NO_EXPORT mlx5_devx_cmd_register_read; mlx5_devx_cmd_wq_query; # WINDOWS_NO_EXPORT - mlx5_devx_get_out_command_status; - mlx5_devx_alloc_uar; # WINDOWS_NO_EXPORT mlx5_devx_cq_create; mlx5_devx_cq_destroy; + + mlx5_devx_get_out_command_status; + mlx5_devx_rq_create; mlx5_devx_rq_destroy; mlx5_devx_sq_create; mlx5_devx_sq_destroy; + mlx5_free; + mlx5_get_ifname_sysfs; # WINDOWS_NO_EXPORT mlx5_glue; + mlx5_malloc; + mlx5_malloc_mem_select; + + mlx5_memory_stat_dump; # WINDOWS_NO_EXPORT + mlx5_mp_init_primary; # WINDOWS_NO_EXPORT - mlx5_mp_uninit_primary; # WINDOWS_NO_EXPORT mlx5_mp_init_secondary; # WINDOWS_NO_EXPORT - mlx5_mp_uninit_secondary; # WINDOWS_NO_EXPORT mlx5_mp_req_mr_create; # WINDOWS_NO_EXPORT mlx5_mp_req_queue_state_modify; mlx5_mp_req_verbs_cmd_fd; # WINDOWS_NO_EXPORT + mlx5_mp_uninit_primary; # WINDOWS_NO_EXPORT + mlx5_mp_uninit_secondary; # WINDOWS_NO_EXPORT - mlx5_mr_btree_init; - mlx5_mr_btree_free; - mlx5_mr_btree_dump; mlx5_mr_addr2mr_bh; - mlx5_mr_release_cache; + mlx5_mr_btree_dump; + mlx5_mr_btree_free; + mlx5_mr_btree_init; + mlx5_mr_create_primary; mlx5_mr_dump_cache; - mlx5_mr_rebuild_cache; + mlx5_mr_flush_local_cache; + mlx5_mr_free; mlx5_mr_insert_cache; mlx5_mr_lookup_cache; mlx5_mr_lookup_list; - mlx5_mr_create_primary; - mlx5_mr_flush_local_cache; - mlx5_mr_free; + mlx5_mr_rebuild_cache; + mlx5_mr_release_cache; mlx5_nl_allmulti; # WINDOWS_NO_EXPORT mlx5_nl_devlink_family_id_get; # WINDOWS_NO_EXPORT @@ -102,20 +113,16 @@ INTERNAL { mlx5_nl_vlan_vmwa_create; # WINDOWS_NO_EXPORT mlx5_nl_vlan_vmwa_delete; # WINDOWS_NO_EXPORT + mlx5_pci_driver_register; + mlx5_os_alloc_pd; mlx5_os_dealloc_pd; mlx5_os_dereg_mr; mlx5_os_reg_mr; - mlx5_os_umem_reg; mlx5_os_umem_dereg; + mlx5_os_umem_reg; - mlx5_translate_port_name; # WINDOWS_NO_EXPORT - - mlx5_malloc_mem_select; - mlx5_memory_stat_dump; # WINDOWS_NO_EXPORT - mlx5_malloc; mlx5_realloc; - mlx5_free; - mlx5_pci_driver_register; + mlx5_translate_port_name; # WINDOWS_NO_EXPORT }; -- 2.20.1