@@ -754,6 +754,8 @@ mlx5_devx_cmd_query_hca_attr(void *ctx,
MLX5_GENERAL_OBJ_TYPES_CAP_DEK);
attr->import_kek = !!(general_obj_types_supported &
MLX5_GENERAL_OBJ_TYPES_CAP_IMPORT_KEK);
+ attr->credential = !!(general_obj_types_supported &
+ MLX5_GENERAL_OBJ_TYPES_CAP_CREDENTIAL);
attr->crypto_login = !!(general_obj_types_supported &
MLX5_GENERAL_OBJ_TYPES_CAP_CRYPTO_LOGIN);
/* Add reading of other GENERAL_OBJ_TYPES_CAP bits above this line. */
@@ -2512,6 +2514,55 @@ mlx5_devx_cmd_create_import_kek_obj(void *ctx,
return import_kek_obj;
}
+/**
+ * Create general object of type CREDENTIAL using DevX API.
+ *
+ * @param[in] ctx
+ * Context returned from mlx5 open_device() glue function.
+ * @param [in] attr
+ * Pointer to CREDENTIAL attributes structure.
+ *
+ * @return
+ * The DevX object created, NULL otherwise and rte_errno is set.
+ */
+struct mlx5_devx_obj *
+mlx5_devx_cmd_create_credential_obj(void *ctx,
+ struct mlx5_devx_credential_attr *attr)
+{
+ uint32_t in[MLX5_ST_SZ_DW(create_credential_in)] = {0};
+ uint32_t out[MLX5_ST_SZ_DW(general_obj_out_cmd_hdr)] = {0};
+ struct mlx5_devx_obj *credential_obj = NULL;
+ void *ptr = NULL, *credential_addr = NULL;
+
+ credential_obj = mlx5_malloc(MLX5_MEM_ZERO, sizeof(*credential_obj),
+ 0, SOCKET_ID_ANY);
+ if (credential_obj == NULL) {
+ DRV_LOG(ERR, "Failed to allocate CREDENTIAL object data");
+ rte_errno = ENOMEM;
+ return NULL;
+ }
+ ptr = MLX5_ADDR_OF(create_credential_in, in, hdr);
+ MLX5_SET(general_obj_in_cmd_hdr, ptr, opcode,
+ MLX5_CMD_OP_CREATE_GENERAL_OBJECT);
+ MLX5_SET(general_obj_in_cmd_hdr, ptr, obj_type,
+ MLX5_GENERAL_OBJ_TYPE_CREDENTIAL);
+ ptr = MLX5_ADDR_OF(create_credential_in, in, credential);
+ MLX5_SET(credential, ptr, credential_role, attr->credential_role);
+ credential_addr = MLX5_ADDR_OF(credential, ptr, credential);
+ memcpy(credential_addr, (void *)(attr->credential),
+ MLX5_CRYPTO_CREDENTIAL_SIZE);
+ credential_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in),
+ out, sizeof(out));
+ if (credential_obj->obj == NULL) {
+ rte_errno = errno;
+ DRV_LOG(ERR, "Failed to create CREDENTIAL object using DevX.");
+ mlx5_free(credential_obj);
+ return NULL;
+ }
+ credential_obj->id = MLX5_GET(general_obj_out_cmd_hdr, out, obj_id);
+ return credential_obj;
+}
+
/**
* Create general object of type CRYPTO_LOGIN using DevX API.
*
@@ -2551,7 +2602,7 @@ mlx5_devx_cmd_create_crypto_login_obj(void *ctx,
attr->session_import_kek_ptr);
credential_addr = MLX5_ADDR_OF(crypto_login, ptr, credential);
memcpy(credential_addr, (void *)(attr->credential),
- MLX5_CRYPTO_LOGIN_CREDENTIAL_SIZE);
+ MLX5_CRYPTO_CREDENTIAL_SIZE);
crypto_login_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in),
out, sizeof(out));
if (crypto_login_obj->obj == NULL) {
@@ -143,6 +143,7 @@ struct mlx5_hca_attr {
uint32_t aes_xts:1; /* AES-XTS crypto is supported. */
uint32_t dek:1; /* General obj type DEK is supported. */
uint32_t import_kek:1; /* General obj type IMPORT_KEK supported. */
+ uint32_t credential:1; /* General obj type CREDENTIAL supported. */
uint32_t crypto_login:1; /* General obj type CRYPTO_LOGIN supported. */
uint32_t regexp_num_of_engines;
uint32_t log_max_ft_sampler_num:8;
@@ -459,13 +460,20 @@ struct mlx5_devx_import_kek_attr {
uint8_t key[MLX5_CRYPTO_KEY_MAX_SIZE];
};
-#define MLX5_CRYPTO_LOGIN_CREDENTIAL_SIZE 48
+#define MLX5_CRYPTO_CREDENTIAL_SIZE 48
+
+struct mlx5_devx_credential_attr {
+ uint64_t modify_field_select;
+ uint32_t state:8;
+ uint32_t credential_role:8;
+ uint8_t credential[MLX5_CRYPTO_CREDENTIAL_SIZE];
+};
struct mlx5_devx_crypto_login_attr {
uint64_t modify_field_select;
uint32_t credential_pointer:24;
uint32_t session_import_kek_ptr:24;
- uint8_t credential[MLX5_CRYPTO_LOGIN_CREDENTIAL_SIZE];
+ uint8_t credential[MLX5_CRYPTO_CREDENTIAL_SIZE];
};
/* mlx5_devx_cmds.c */
@@ -629,6 +637,11 @@ struct mlx5_devx_obj *
mlx5_devx_cmd_create_import_kek_obj(void *ctx,
struct mlx5_devx_import_kek_attr *attr);
+__rte_internal
+struct mlx5_devx_obj *
+mlx5_devx_cmd_create_credential_obj(void *ctx,
+ struct mlx5_devx_credential_attr *attr);
+
__rte_internal
struct mlx5_devx_obj *
mlx5_devx_cmd_create_crypto_login_obj(void *ctx,
@@ -1187,6 +1187,8 @@ enum {
(1ULL << MLX5_GENERAL_OBJ_TYPE_DEK)
#define MLX5_GENERAL_OBJ_TYPES_CAP_IMPORT_KEK \
(1ULL << MLX5_GENERAL_OBJ_TYPE_IMPORT_KEK)
+#define MLX5_GENERAL_OBJ_TYPES_CAP_CREDENTIAL \
+ (1ULL << MLX5_GENERAL_OBJ_TYPE_CREDENTIAL)
#define MLX5_GENERAL_OBJ_TYPES_CAP_CRYPTO_LOGIN \
(1ULL << MLX5_GENERAL_OBJ_TYPE_CRYPTO_LOGIN)
@@ -2490,6 +2492,7 @@ enum {
MLX5_GENERAL_OBJ_TYPE_VIRTQ = 0x000d,
MLX5_GENERAL_OBJ_TYPE_VIRTIO_Q_COUNTERS = 0x001c,
MLX5_GENERAL_OBJ_TYPE_IMPORT_KEK = 0x001d,
+ MLX5_GENERAL_OBJ_TYPE_CREDENTIAL = 0x001e,
MLX5_GENERAL_OBJ_TYPE_CRYPTO_LOGIN = 0x001f,
MLX5_GENERAL_OBJ_TYPE_FLEX_PARSE_GRAPH = 0x0022,
MLX5_GENERAL_OBJ_TYPE_FLOW_METER_ASO = 0x0024,
@@ -2603,6 +2606,26 @@ struct mlx5_ifc_create_import_kek_in_bits {
struct mlx5_ifc_import_kek_bits import_kek;
};
+enum {
+ MLX5_CREDENTIAL_ROLE_OFFICER = 0x0,
+ MLX5_CREDENTIAL_ROLE_USER = 0x1,
+};
+
+struct mlx5_ifc_credential_bits {
+ u8 modify_field_select[0x40];
+ u8 state[0x8];
+ u8 reserved_at_48[0x10];
+ u8 credential_role[0x8];
+ u8 reserved_at_60[0x1a0];
+ u8 credential[0x180];
+ u8 reserved_at_380[0x480];
+};
+
+struct mlx5_ifc_create_credential_in_bits {
+ struct mlx5_ifc_general_obj_in_cmd_hdr_bits hdr;
+ struct mlx5_ifc_credential_bits credential;
+};
+
struct mlx5_ifc_crypto_login_bits {
u8 modify_field_select[0x40];
u8 reserved_at_40[0x48];
@@ -29,6 +29,7 @@ INTERNAL {
mlx5_devx_cmd_create_geneve_tlv_option;
mlx5_devx_cmd_create_dek_obj;
mlx5_devx_cmd_create_import_kek_obj;
+ mlx5_devx_cmd_create_credential_obj;
mlx5_devx_cmd_create_crypto_login_obj;
mlx5_devx_cmd_destroy;
mlx5_devx_cmd_flow_counter_alloc;