[dpdk-dev] [PATCH 05/24] common/mlx5: support general object DEK create op

Thu, 08 Apr 2021 13:49:48 -0700 

From: Dekel Peled <dek...@nvidia.com>

Data Encryption Keys (DEKs) are the keys used for data
encryption/decryption operations.

Add reading of DEK support capability.
Add function to create general object type DEK, using DevX API.

Signed-off-by: Dekel Peled <dek...@nvidia.com>
Acked-by: Matan Azrad <ma...@nvidia.com>
---
 drivers/common/mlx5/mlx5_devx_cmds.c | 53 ++++++++++++++++++++++++++++
 drivers/common/mlx5/mlx5_devx_cmds.h | 17 +++++++++
 drivers/common/mlx5/mlx5_prm.h       | 39 ++++++++++++++++++++
 drivers/common/mlx5/version.map      |  1 +
 4 files changed, 110 insertions(+)

diff --git a/drivers/common/mlx5/mlx5_devx_cmds.c 
b/drivers/common/mlx5/mlx5_devx_cmds.c
index f96f706ccd..bad474aeae 100644
--- a/drivers/common/mlx5/mlx5_devx_cmds.c
+++ b/drivers/common/mlx5/mlx5_devx_cmds.c
@@ -728,6 +728,8 @@ mlx5_devx_cmd_query_hca_attr(void *ctx,
                                MLX5_GENERAL_OBJ_TYPES_CAP_FLOW_HIT_ASO);
        attr->geneve_tlv_opt = !!(general_obj_types_supported &
                                  MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT);
+       attr->dek = !!(general_obj_types_supported &
+                      MLX5_GENERAL_OBJ_TYPES_CAP_DEK);
        /* Add reading of other GENERAL_OBJ_TYPES_CAP bits above this line. */
        attr->log_max_cq = MLX5_GET(cmd_hca_cap, hcattr, log_max_cq);
        attr->log_max_qp = MLX5_GET(cmd_hca_cap, hcattr, log_max_qp);
@@ -2299,3 +2301,54 @@ mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj 
*dcs, int clear,
        *out_of_buffers = MLX5_GET(query_q_counter_out, out, out_of_buffer);
        return 0;
 }
+
+/**
+ * Create general object of type DEK using DevX API.
+ *
+ * @param[in] ctx
+ *   Context returned from mlx5 open_device() glue function.
+ * @param [in] attr
+ *   Pointer to DEK attributes structure.
+ *
+ * @return
+ *   The DevX object created, NULL otherwise and rte_errno is set.
+ */
+struct mlx5_devx_obj *
+mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr)
+{
+       uint32_t in[MLX5_ST_SZ_DW(create_dek_in)] = {0};
+       uint32_t out[MLX5_ST_SZ_DW(general_obj_out_cmd_hdr)] = {0};
+       struct mlx5_devx_obj *dek_obj = NULL;
+       void *ptr = NULL, *key_addr = NULL;
+
+       dek_obj = mlx5_malloc(MLX5_MEM_ZERO, sizeof(*dek_obj),
+                             0, SOCKET_ID_ANY);
+       if (dek_obj == NULL) {
+               DRV_LOG(ERR, "Failed to allocate DEK object data");
+               rte_errno = ENOMEM;
+               return NULL;
+       }
+       ptr = MLX5_ADDR_OF(create_dek_in, in, hdr);
+       MLX5_SET(general_obj_in_cmd_hdr, ptr, opcode,
+                MLX5_CMD_OP_CREATE_GENERAL_OBJECT);
+       MLX5_SET(general_obj_in_cmd_hdr, ptr, obj_type,
+                MLX5_GENERAL_OBJ_TYPE_DEK);
+       ptr = MLX5_ADDR_OF(create_dek_in, in, dek);
+       MLX5_SET(dek, ptr, key_size, attr->key_size);
+       MLX5_SET(dek, ptr, has_keytag, attr->has_keytag);
+       MLX5_SET(dek, ptr, key_purpose, attr->key_purpose);
+       MLX5_SET(dek, ptr, pd, attr->pd);
+       MLX5_SET64(dek, ptr, opaque, attr->opaque);
+       key_addr = MLX5_ADDR_OF(dek, ptr, key);
+       memcpy(key_addr, (void *)(attr->key), MLX5_CRYPTO_KEY_MAX_SIZE);
+       dek_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in),
+                                                 out, sizeof(out));
+       if (dek_obj->obj == NULL) {
+               rte_errno = errno;
+               DRV_LOG(ERR, "Failed to create DEK obj using DevX.");
+               mlx5_free(dek_obj);
+               return NULL;
+       }
+       dek_obj->id = MLX5_GET(general_obj_out_cmd_hdr, out, obj_id);
+       return dek_obj;
+}
diff --git a/drivers/common/mlx5/mlx5_devx_cmds.h 
b/drivers/common/mlx5/mlx5_devx_cmds.h
index 0c7a9ed76e..e17bad6bce 100644
--- a/drivers/common/mlx5/mlx5_devx_cmds.h
+++ b/drivers/common/mlx5/mlx5_devx_cmds.h
@@ -129,6 +129,7 @@ struct mlx5_hca_attr {
        uint32_t reg_c_preserve:1;
        uint32_t crypto:1; /* Crypto engine is supported. */
        uint32_t aes_xts:1; /* AES-XTS crypto is supported. */
+       uint32_t dek:1; /* General obj type DEK is supported. */
        uint32_t regexp_num_of_engines;
        uint32_t log_max_ft_sampler_num:8;
        uint32_t geneve_tlv_opt;
@@ -423,6 +424,18 @@ struct mlx5_devx_graph_node_attr {
        struct mlx5_devx_graph_arc_attr out[MLX5_GRAPH_NODE_ARC_NUM];
 };
 
+/* Encryption key size is up to 1024 bit, 128 bytes. */
+#define MLX5_CRYPTO_KEY_MAX_SIZE       128
+
+struct mlx5_devx_dek_attr {
+       uint32_t key_size:4;
+       uint32_t has_keytag:1;
+       uint32_t key_purpose:4;
+       uint32_t pd:24;
+       uint64_t opaque;
+       uint8_t key[MLX5_CRYPTO_KEY_MAX_SIZE];
+};
+
 /* mlx5_devx_cmds.c */
 
 __rte_internal
@@ -557,4 +570,8 @@ struct mlx5_devx_obj 
*mlx5_devx_cmd_queue_counter_alloc(void *ctx);
 __rte_internal
 int mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear,
                                      uint32_t *out_of_buffers);
+__rte_internal
+struct mlx5_devx_obj *
+mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr);
+
 #endif /* RTE_PMD_MLX5_DEVX_CMDS_H_ */
diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h
index c7f973953e..fbe191cc94 100644
--- a/drivers/common/mlx5/mlx5_prm.h
+++ b/drivers/common/mlx5/mlx5_prm.h
@@ -1107,6 +1107,8 @@ enum {
                        (1ULL << MLX5_GENERAL_OBJ_TYPE_FLOW_HIT_ASO)
 #define MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT \
                        (1ULL << MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT)
+#define MLX5_GENERAL_OBJ_TYPES_CAP_DEK \
+                       (1ULL << MLX5_GENERAL_OBJ_TYPE_DEK)
 
 enum {
        MLX5_HCA_CAP_OPMOD_GET_MAX   = 0,
@@ -2387,6 +2389,7 @@ struct mlx5_ifc_create_cq_in_bits {
 
 enum {
        MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT = 0x000b,
+       MLX5_GENERAL_OBJ_TYPE_DEK = 0x000c,
        MLX5_GENERAL_OBJ_TYPE_VIRTQ = 0x000d,
        MLX5_GENERAL_OBJ_TYPE_VIRTIO_Q_COUNTERS = 0x001c,
        MLX5_GENERAL_OBJ_TYPE_FLEX_PARSE_GRAPH = 0x0022,
@@ -2447,6 +2450,42 @@ struct mlx5_ifc_create_geneve_tlv_option_in_bits {
        struct mlx5_ifc_geneve_tlv_option_bits geneve_tlv_opt;
 };
 
+enum {
+       MLX5_CRYPTO_KEY_SIZE_128b = 0x0,
+       MLX5_CRYPTO_KEY_SIZE_256b = 0x1,
+};
+
+enum {
+       MLX5_CRYPTO_KEY_PURPOSE_TLS     = 0x1,
+       MLX5_CRYPTO_KEY_PURPOSE_IPSEC   = 0x2,
+       MLX5_CRYPTO_KEY_PURPOSE_AES_XTS = 0x3,
+       MLX5_CRYPTO_KEY_PURPOSE_MACSEC  = 0x4,
+       MLX5_CRYPTO_KEY_PURPOSE_GCM     = 0x5,
+       MLX5_CRYPTO_KEY_PURPOSE_PSP     = 0x6,
+};
+
+struct mlx5_ifc_dek_bits {
+       u8 modify_field_select[0x40];
+       u8 state[0x8];
+       u8 reserved_at_48[0xc];
+       u8 key_size[0x4];
+       u8 has_keytag[0x1];
+       u8 reserved_at_59[0x3];
+       u8 key_purpose[0x4];
+       u8 reserved_at_60[0x8];
+       u8 pd[0x18];
+       u8 reserved_at_80[0x100];
+       u8 opaque[0x40];
+       u8 reserved_at_1c0[0x40];
+       u8 key[0x400];
+       u8 reserved_at_600[0x200];
+};
+
+struct mlx5_ifc_create_dek_in_bits {
+       struct mlx5_ifc_general_obj_in_cmd_hdr_bits hdr;
+       struct mlx5_ifc_dek_bits dek;
+};
+
 enum {
        MLX5_VIRTQ_STATE_INIT = 0,
        MLX5_VIRTQ_STATE_RDY = 1,
diff --git a/drivers/common/mlx5/version.map b/drivers/common/mlx5/version.map
index 91f3fa5779..50017f9005 100644
--- a/drivers/common/mlx5/version.map
+++ b/drivers/common/mlx5/version.map
@@ -24,6 +24,7 @@ INTERNAL {
        mlx5_devx_cmd_create_virtq;
        mlx5_devx_cmd_create_flow_hit_aso_obj;
        mlx5_devx_cmd_create_geneve_tlv_option;
+        mlx5_devx_cmd_create_dek_obj;
        mlx5_devx_cmd_destroy;
        mlx5_devx_cmd_flow_counter_alloc;
        mlx5_devx_cmd_flow_counter_query;
-- 
2.21.0

Reply via email to