From patchwork Thu Apr 29 15:43:24 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matan Azrad X-Patchwork-Id: 92421 X-Patchwork-Delegate: thomas@monjalon.net Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C66D0A0547; Thu, 29 Apr 2021 17:45:00 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id F04B841335; Thu, 29 Apr 2021 17:44:43 +0200 (CEST) Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2050.outbound.protection.outlook.com [40.107.236.50]) by mails.dpdk.org (Postfix) with ESMTP id DFCF241331 for ; Thu, 29 Apr 2021 17:44:34 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TwPO4mwHTvBmAyOzNIPJkTpPexvb/0cSxgjS8oq8H3cQ48QVdi5ziBbds0Q0wEnpo9Zyr0mdqTZgNcHg3VvNKd7kEuJA6lgs7QWyz3WWjCKE+F1iHIiZv7oxKmESyAIy/FhOV+7PaX9dvetrSFFxd2lIJaAnyZyYXl6b0fuEkzqeuwBLdYsOo1ameYyi5agvZhqvV0T4hD3WFp5wSt40+r+mi4RQ8ws41PQx4odhwVpt9gOAyi+cvzV66QYJ+2EbbeYXd5aSjDs1Jgc+4r/QJsnypW0WIBsYiFaXY/4uXL+x9aU04j0w6jWXtVV7nIloxisCoUQtNm2ALfYoUSA9nw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lx5C9B9WP1ZbuLVKbqrjeRg+DRiCYpRltx/qbs8FSq4=; b=acToIu4FNmpqM+kTlczBpShHSH5J2MB4R10z4JaIQvxYrvj8vhggW+NaQIlLVdHcjNmPUOzwzQ7tPSwCl/qmujFaUPky3BwKXT/hJ+hZdq2GqB9tRTgH5A096xeoAEi9RoVTRJ5WCcg+6jzV4rv1nAUKrCR0wfKDFMmurugK2XljP4EHWnSTdErpY+87FsDTHDA9LJ8j94tYxuAdBGXYt7ZY6TmgV9eePEPu2qW8RhgJ9j4XM8w6ui2ZRHbKsNQr/Fh5FKrxWBGBhsH3ZCQ4gGeCLDvW6a2ItLicgV8hmXMG4xvXMgA60TnIfN4E+QZjVAjoHoV0628pOA2/m8fSgw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.112.34) smtp.rcpttodomain=marvell.com smtp.mailfrom=nvidia.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lx5C9B9WP1ZbuLVKbqrjeRg+DRiCYpRltx/qbs8FSq4=; b=I4nRnieRYtnkycvGLYfXx4INyimGI/+svsbDlvSP0ft4XB1CjV81pCEbuS3ZR9CzrzCPf7ORQGJhdEB3FNhyCNWqmh5VjxQz43OFwcm0dwW6GSmw1DO5y1fGJbcAdBLQ7/fuL1ddQrn9diHb6sj1Npy6/wBSjcaJoeb2avmxz4qCWlop/tYUc1rD6OGjWdwYlRFzJ64j2phvaWC4hHZLJVveNPAXZiFyw220KlJTpdrYeJEtAzO/ZvaJB8dEQz+Sg9xoKp1xviLLfNOfcgMI5T6bw5zoy/dyG4HVEjDfyax/JG/uOknjTtPK8zWAMTaUg9K+5Fm5Viq/edwFwaCpPw== Received: from CO2PR04CA0097.namprd04.prod.outlook.com (2603:10b6:104:6::23) by MWHPR12MB1214.namprd12.prod.outlook.com (2603:10b6:300:e::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.24; Thu, 29 Apr 2021 15:44:31 +0000 Received: from CO1NAM11FT006.eop-nam11.prod.protection.outlook.com (2603:10b6:104:6:cafe::c7) by CO2PR04CA0097.outlook.office365.com (2603:10b6:104:6::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.27 via Frontend Transport; Thu, 29 Apr 2021 15:44:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.112.34) smtp.mailfrom=nvidia.com; marvell.com; dkim=none (message not signed) header.d=none;marvell.com; dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.112.34 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.112.34; helo=mail.nvidia.com; Received: from mail.nvidia.com (216.228.112.34) by CO1NAM11FT006.mail.protection.outlook.com (10.13.174.246) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.4087.27 via Frontend Transport; Thu, 29 Apr 2021 15:44:30 +0000 Received: from nvidia.com (172.20.145.6) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 29 Apr 2021 15:44:22 +0000 From: Matan Azrad To: CC: , , , "Dekel Peled" Date: Thu, 29 Apr 2021 18:43:24 +0300 Message-ID: <20210429154335.2820028-6-matan@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210429154335.2820028-1-matan@nvidia.com> References: <20210408204849.9543-1-shirik@nvidia.com> <20210429154335.2820028-1-matan@nvidia.com> MIME-Version: 1.0 X-Originating-IP: [172.20.145.6] X-ClientProxiedBy: HQMAIL107.nvidia.com (172.20.187.13) To HQMAIL107.nvidia.com (172.20.187.13) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3a6122a1-9493-436b-cf35-08d90b25adfe X-MS-TrafficTypeDiagnostic: MWHPR12MB1214: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3383; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: afpZ7VB1O9mT9WWjdEPL+r4TOCuEG6ogPGPZkNh0uBWAVfafW2GrdPAgMcA33zg+slWM7Ax+D7w1mHpHvBeCzewUMzeXq065iCEQXhFkbz/wGpSo07iSes8nxsP9dIf1M/q0qTBq8q7Q9ac/szP9GM8qaAKixgscsmh6Q/2BTNeo3MAMJWAobse4DeLpUBqLy8DpFoR8KpQ1QHEvIX7vsm89vgdTkUX5h2Zoyd9CzhVlS+9OoFuuVn482K71fxoNJMEwUT2a7FRzXk+TDVyLhXzV5cw9jzkvCUPQPKPFRdya3fwltEFLSMK5XRA9ANFRg78uNLZqx96xVKyZG1jsA910jtocSoVsI6PWoR8JaaflGhQHCPz4TQUAlzZo8rC8NqSgKQsH/vHrkUYzXyiag6aRdshVXtO+fZ2WObYMibz3Q7tnhXU2o0yNXnKfF6f6pBjOMku/jSaAlJs5HpG+QlRlCmChEcA+g4bz7GSkEh/q2B7eTZx2eU7iiboYMvCLJrQ86YJaJgBafsRxJ4WudWxRFwIfSL0Cv/otExhTtOi16h0A/dDrp5pNRd+DRiBp8XGIaoOhQWX8K47GycYRBYqN34kb73YbDtGK0HItw1j+ud7uSKOn6xJligbB/Npa18bCiIhC60aCRxjqNIhwQg== X-Forefront-Antispam-Report: CIP:216.228.112.34; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:schybrid03.nvidia.com; CAT:NONE; SFS:(4636009)(396003)(346002)(39860400002)(136003)(376002)(36840700001)(46966006)(6916009)(82740400003)(86362001)(8676002)(36860700001)(8936002)(54906003)(316002)(70586007)(5660300002)(2906002)(107886003)(70206006)(4326008)(426003)(336012)(1076003)(356005)(6286002)(36906005)(2616005)(186003)(16526019)(47076005)(82310400003)(478600001)(36756003)(55016002)(26005)(7636003)(7696005); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2021 15:44:30.9379 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3a6122a1-9493-436b-cf35-08d90b25adfe X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.112.34]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT006.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1214 Subject: [dpdk-dev] [PATCH v2 05/16] common/mlx5: support general object DEK create op X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Dekel Peled Data Encryption Keys (DEKs) are the keys used for data encryption/decryption operations. Add reading of DEK support capability. Add function to create general object type DEK, using DevX API. Signed-off-by: Dekel Peled Acked-by: Matan Azrad --- drivers/common/mlx5/mlx5_devx_cmds.c | 53 ++++++++++++++++++++++++++++ drivers/common/mlx5/mlx5_devx_cmds.h | 17 +++++++++ drivers/common/mlx5/mlx5_prm.h | 39 ++++++++++++++++++++ drivers/common/mlx5/version.map | 1 + 4 files changed, 110 insertions(+) diff --git a/drivers/common/mlx5/mlx5_devx_cmds.c b/drivers/common/mlx5/mlx5_devx_cmds.c index 7ca767944e..742c82cca4 100644 --- a/drivers/common/mlx5/mlx5_devx_cmds.c +++ b/drivers/common/mlx5/mlx5_devx_cmds.c @@ -741,6 +741,8 @@ mlx5_devx_cmd_query_hca_attr(void *ctx, MLX5_GENERAL_OBJ_TYPES_CAP_FLOW_HIT_ASO); attr->geneve_tlv_opt = !!(general_obj_types_supported & MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT); + attr->dek = !!(general_obj_types_supported & + MLX5_GENERAL_OBJ_TYPES_CAP_DEK); /* Add reading of other GENERAL_OBJ_TYPES_CAP bits above this line. */ attr->log_max_cq = MLX5_GET(cmd_hca_cap, hcattr, log_max_cq); attr->log_max_qp = MLX5_GET(cmd_hca_cap, hcattr, log_max_qp); @@ -2397,3 +2399,54 @@ mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear, *out_of_buffers = MLX5_GET(query_q_counter_out, out, out_of_buffer); return 0; } + +/** + * Create general object of type DEK using DevX API. + * + * @param[in] ctx + * Context returned from mlx5 open_device() glue function. + * @param [in] attr + * Pointer to DEK attributes structure. + * + * @return + * The DevX object created, NULL otherwise and rte_errno is set. + */ +struct mlx5_devx_obj * +mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr) +{ + uint32_t in[MLX5_ST_SZ_DW(create_dek_in)] = {0}; + uint32_t out[MLX5_ST_SZ_DW(general_obj_out_cmd_hdr)] = {0}; + struct mlx5_devx_obj *dek_obj = NULL; + void *ptr = NULL, *key_addr = NULL; + + dek_obj = mlx5_malloc(MLX5_MEM_ZERO, sizeof(*dek_obj), + 0, SOCKET_ID_ANY); + if (dek_obj == NULL) { + DRV_LOG(ERR, "Failed to allocate DEK object data"); + rte_errno = ENOMEM; + return NULL; + } + ptr = MLX5_ADDR_OF(create_dek_in, in, hdr); + MLX5_SET(general_obj_in_cmd_hdr, ptr, opcode, + MLX5_CMD_OP_CREATE_GENERAL_OBJECT); + MLX5_SET(general_obj_in_cmd_hdr, ptr, obj_type, + MLX5_GENERAL_OBJ_TYPE_DEK); + ptr = MLX5_ADDR_OF(create_dek_in, in, dek); + MLX5_SET(dek, ptr, key_size, attr->key_size); + MLX5_SET(dek, ptr, has_keytag, attr->has_keytag); + MLX5_SET(dek, ptr, key_purpose, attr->key_purpose); + MLX5_SET(dek, ptr, pd, attr->pd); + MLX5_SET64(dek, ptr, opaque, attr->opaque); + key_addr = MLX5_ADDR_OF(dek, ptr, key); + memcpy(key_addr, (void *)(attr->key), MLX5_CRYPTO_KEY_MAX_SIZE); + dek_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in), + out, sizeof(out)); + if (dek_obj->obj == NULL) { + rte_errno = errno; + DRV_LOG(ERR, "Failed to create DEK obj using DevX."); + mlx5_free(dek_obj); + return NULL; + } + dek_obj->id = MLX5_GET(general_obj_out_cmd_hdr, out, obj_id); + return dek_obj; +} diff --git a/drivers/common/mlx5/mlx5_devx_cmds.h b/drivers/common/mlx5/mlx5_devx_cmds.h index 28ade5bbc4..b9ff7ab87d 100644 --- a/drivers/common/mlx5/mlx5_devx_cmds.h +++ b/drivers/common/mlx5/mlx5_devx_cmds.h @@ -139,6 +139,7 @@ struct mlx5_hca_attr { uint32_t reg_c_preserve:1; uint32_t crypto:1; /* Crypto engine is supported. */ uint32_t aes_xts:1; /* AES-XTS crypto is supported. */ + uint32_t dek:1; /* General obj type DEK is supported. */ uint32_t regexp_num_of_engines; uint32_t log_max_ft_sampler_num:8; uint32_t geneve_tlv_opt; @@ -435,6 +436,18 @@ struct mlx5_devx_graph_node_attr { struct mlx5_devx_graph_arc_attr out[MLX5_GRAPH_NODE_ARC_NUM]; }; +/* Encryption key size is up to 1024 bit, 128 bytes. */ +#define MLX5_CRYPTO_KEY_MAX_SIZE 128 + +struct mlx5_devx_dek_attr { + uint32_t key_size:4; + uint32_t has_keytag:1; + uint32_t key_purpose:4; + uint32_t pd:24; + uint64_t opaque; + uint8_t key[MLX5_CRYPTO_KEY_MAX_SIZE]; +}; + /* mlx5_devx_cmds.c */ __rte_internal @@ -587,4 +600,8 @@ int mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear, __rte_internal struct mlx5_devx_obj *mlx5_devx_cmd_create_flow_meter_aso_obj(void *ctx, uint32_t pd, uint32_t log_obj_size); +__rte_internal +struct mlx5_devx_obj * +mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr); + #endif /* RTE_PMD_MLX5_DEVX_CMDS_H_ */ diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h index a8fbfbb0f5..bc9f58ad03 100644 --- a/drivers/common/mlx5/mlx5_prm.h +++ b/drivers/common/mlx5/mlx5_prm.h @@ -1109,6 +1109,8 @@ enum { (1ULL << MLX5_GENERAL_OBJ_TYPE_FLOW_METER_ASO) #define MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT \ (1ULL << MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT) +#define MLX5_GENERAL_OBJ_TYPES_CAP_DEK \ + (1ULL << MLX5_GENERAL_OBJ_TYPE_DEK) enum { MLX5_HCA_CAP_OPMOD_GET_MAX = 0, @@ -2406,6 +2408,7 @@ struct mlx5_ifc_create_cq_in_bits { enum { MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT = 0x000b, + MLX5_GENERAL_OBJ_TYPE_DEK = 0x000c, MLX5_GENERAL_OBJ_TYPE_VIRTQ = 0x000d, MLX5_GENERAL_OBJ_TYPE_VIRTIO_Q_COUNTERS = 0x001c, MLX5_GENERAL_OBJ_TYPE_FLEX_PARSE_GRAPH = 0x0022, @@ -2469,6 +2472,42 @@ struct mlx5_ifc_create_geneve_tlv_option_in_bits { struct mlx5_ifc_geneve_tlv_option_bits geneve_tlv_opt; }; +enum { + MLX5_CRYPTO_KEY_SIZE_128b = 0x0, + MLX5_CRYPTO_KEY_SIZE_256b = 0x1, +}; + +enum { + MLX5_CRYPTO_KEY_PURPOSE_TLS = 0x1, + MLX5_CRYPTO_KEY_PURPOSE_IPSEC = 0x2, + MLX5_CRYPTO_KEY_PURPOSE_AES_XTS = 0x3, + MLX5_CRYPTO_KEY_PURPOSE_MACSEC = 0x4, + MLX5_CRYPTO_KEY_PURPOSE_GCM = 0x5, + MLX5_CRYPTO_KEY_PURPOSE_PSP = 0x6, +}; + +struct mlx5_ifc_dek_bits { + u8 modify_field_select[0x40]; + u8 state[0x8]; + u8 reserved_at_48[0xc]; + u8 key_size[0x4]; + u8 has_keytag[0x1]; + u8 reserved_at_59[0x3]; + u8 key_purpose[0x4]; + u8 reserved_at_60[0x8]; + u8 pd[0x18]; + u8 reserved_at_80[0x100]; + u8 opaque[0x40]; + u8 reserved_at_1c0[0x40]; + u8 key[0x400]; + u8 reserved_at_600[0x200]; +}; + +struct mlx5_ifc_create_dek_in_bits { + struct mlx5_ifc_general_obj_in_cmd_hdr_bits hdr; + struct mlx5_ifc_dek_bits dek; +}; + enum { MLX5_VIRTQ_STATE_INIT = 0, MLX5_VIRTQ_STATE_RDY = 1, diff --git a/drivers/common/mlx5/version.map b/drivers/common/mlx5/version.map index 18dc96276d..2976edce0b 100644 --- a/drivers/common/mlx5/version.map +++ b/drivers/common/mlx5/version.map @@ -27,6 +27,7 @@ INTERNAL { mlx5_devx_cmd_create_flow_hit_aso_obj; mlx5_devx_cmd_create_flow_meter_aso_obj; mlx5_devx_cmd_create_geneve_tlv_option; + mlx5_devx_cmd_create_dek_obj; mlx5_devx_cmd_destroy; mlx5_devx_cmd_flow_counter_alloc; mlx5_devx_cmd_flow_counter_query;