@@ -741,6 +741,8 @@ mlx5_devx_cmd_query_hca_attr(void *ctx,
MLX5_GENERAL_OBJ_TYPES_CAP_FLOW_HIT_ASO);
attr->geneve_tlv_opt = !!(general_obj_types_supported &
MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT);
+ attr->dek = !!(general_obj_types_supported &
+ MLX5_GENERAL_OBJ_TYPES_CAP_DEK);
/* Add reading of other GENERAL_OBJ_TYPES_CAP bits above this line. */
attr->log_max_cq = MLX5_GET(cmd_hca_cap, hcattr, log_max_cq);
attr->log_max_qp = MLX5_GET(cmd_hca_cap, hcattr, log_max_qp);
@@ -2397,3 +2399,54 @@ mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear,
*out_of_buffers = MLX5_GET(query_q_counter_out, out, out_of_buffer);
return 0;
}
+
+/**
+ * Create general object of type DEK using DevX API.
+ *
+ * @param[in] ctx
+ * Context returned from mlx5 open_device() glue function.
+ * @param [in] attr
+ * Pointer to DEK attributes structure.
+ *
+ * @return
+ * The DevX object created, NULL otherwise and rte_errno is set.
+ */
+struct mlx5_devx_obj *
+mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr)
+{
+ uint32_t in[MLX5_ST_SZ_DW(create_dek_in)] = {0};
+ uint32_t out[MLX5_ST_SZ_DW(general_obj_out_cmd_hdr)] = {0};
+ struct mlx5_devx_obj *dek_obj = NULL;
+ void *ptr = NULL, *key_addr = NULL;
+
+ dek_obj = mlx5_malloc(MLX5_MEM_ZERO, sizeof(*dek_obj),
+ 0, SOCKET_ID_ANY);
+ if (dek_obj == NULL) {
+ DRV_LOG(ERR, "Failed to allocate DEK object data");
+ rte_errno = ENOMEM;
+ return NULL;
+ }
+ ptr = MLX5_ADDR_OF(create_dek_in, in, hdr);
+ MLX5_SET(general_obj_in_cmd_hdr, ptr, opcode,
+ MLX5_CMD_OP_CREATE_GENERAL_OBJECT);
+ MLX5_SET(general_obj_in_cmd_hdr, ptr, obj_type,
+ MLX5_GENERAL_OBJ_TYPE_DEK);
+ ptr = MLX5_ADDR_OF(create_dek_in, in, dek);
+ MLX5_SET(dek, ptr, key_size, attr->key_size);
+ MLX5_SET(dek, ptr, has_keytag, attr->has_keytag);
+ MLX5_SET(dek, ptr, key_purpose, attr->key_purpose);
+ MLX5_SET(dek, ptr, pd, attr->pd);
+ MLX5_SET64(dek, ptr, opaque, attr->opaque);
+ key_addr = MLX5_ADDR_OF(dek, ptr, key);
+ memcpy(key_addr, (void *)(attr->key), MLX5_CRYPTO_KEY_MAX_SIZE);
+ dek_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in),
+ out, sizeof(out));
+ if (dek_obj->obj == NULL) {
+ rte_errno = errno;
+ DRV_LOG(ERR, "Failed to create DEK obj using DevX.");
+ mlx5_free(dek_obj);
+ return NULL;
+ }
+ dek_obj->id = MLX5_GET(general_obj_out_cmd_hdr, out, obj_id);
+ return dek_obj;
+}
@@ -139,6 +139,7 @@ struct mlx5_hca_attr {
uint32_t reg_c_preserve:1;
uint32_t crypto:1; /* Crypto engine is supported. */
uint32_t aes_xts:1; /* AES-XTS crypto is supported. */
+ uint32_t dek:1; /* General obj type DEK is supported. */
uint32_t regexp_num_of_engines;
uint32_t log_max_ft_sampler_num:8;
uint32_t geneve_tlv_opt;
@@ -435,6 +436,18 @@ struct mlx5_devx_graph_node_attr {
struct mlx5_devx_graph_arc_attr out[MLX5_GRAPH_NODE_ARC_NUM];
};
+/* Encryption key size is up to 1024 bit, 128 bytes. */
+#define MLX5_CRYPTO_KEY_MAX_SIZE 128
+
+struct mlx5_devx_dek_attr {
+ uint32_t key_size:4;
+ uint32_t has_keytag:1;
+ uint32_t key_purpose:4;
+ uint32_t pd:24;
+ uint64_t opaque;
+ uint8_t key[MLX5_CRYPTO_KEY_MAX_SIZE];
+};
+
/* mlx5_devx_cmds.c */
__rte_internal
@@ -587,4 +600,8 @@ int mlx5_devx_cmd_queue_counter_query(struct mlx5_devx_obj *dcs, int clear,
__rte_internal
struct mlx5_devx_obj *mlx5_devx_cmd_create_flow_meter_aso_obj(void *ctx,
uint32_t pd, uint32_t log_obj_size);
+__rte_internal
+struct mlx5_devx_obj *
+mlx5_devx_cmd_create_dek_obj(void *ctx, struct mlx5_devx_dek_attr *attr);
+
#endif /* RTE_PMD_MLX5_DEVX_CMDS_H_ */
@@ -1109,6 +1109,8 @@ enum {
(1ULL << MLX5_GENERAL_OBJ_TYPE_FLOW_METER_ASO)
#define MLX5_GENERAL_OBJ_TYPES_CAP_GENEVE_TLV_OPT \
(1ULL << MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT)
+#define MLX5_GENERAL_OBJ_TYPES_CAP_DEK \
+ (1ULL << MLX5_GENERAL_OBJ_TYPE_DEK)
enum {
MLX5_HCA_CAP_OPMOD_GET_MAX = 0,
@@ -2406,6 +2408,7 @@ struct mlx5_ifc_create_cq_in_bits {
enum {
MLX5_GENERAL_OBJ_TYPE_GENEVE_TLV_OPT = 0x000b,
+ MLX5_GENERAL_OBJ_TYPE_DEK = 0x000c,
MLX5_GENERAL_OBJ_TYPE_VIRTQ = 0x000d,
MLX5_GENERAL_OBJ_TYPE_VIRTIO_Q_COUNTERS = 0x001c,
MLX5_GENERAL_OBJ_TYPE_FLEX_PARSE_GRAPH = 0x0022,
@@ -2469,6 +2472,42 @@ struct mlx5_ifc_create_geneve_tlv_option_in_bits {
struct mlx5_ifc_geneve_tlv_option_bits geneve_tlv_opt;
};
+enum {
+ MLX5_CRYPTO_KEY_SIZE_128b = 0x0,
+ MLX5_CRYPTO_KEY_SIZE_256b = 0x1,
+};
+
+enum {
+ MLX5_CRYPTO_KEY_PURPOSE_TLS = 0x1,
+ MLX5_CRYPTO_KEY_PURPOSE_IPSEC = 0x2,
+ MLX5_CRYPTO_KEY_PURPOSE_AES_XTS = 0x3,
+ MLX5_CRYPTO_KEY_PURPOSE_MACSEC = 0x4,
+ MLX5_CRYPTO_KEY_PURPOSE_GCM = 0x5,
+ MLX5_CRYPTO_KEY_PURPOSE_PSP = 0x6,
+};
+
+struct mlx5_ifc_dek_bits {
+ u8 modify_field_select[0x40];
+ u8 state[0x8];
+ u8 reserved_at_48[0xc];
+ u8 key_size[0x4];
+ u8 has_keytag[0x1];
+ u8 reserved_at_59[0x3];
+ u8 key_purpose[0x4];
+ u8 reserved_at_60[0x8];
+ u8 pd[0x18];
+ u8 reserved_at_80[0x100];
+ u8 opaque[0x40];
+ u8 reserved_at_1c0[0x40];
+ u8 key[0x400];
+ u8 reserved_at_600[0x200];
+};
+
+struct mlx5_ifc_create_dek_in_bits {
+ struct mlx5_ifc_general_obj_in_cmd_hdr_bits hdr;
+ struct mlx5_ifc_dek_bits dek;
+};
+
enum {
MLX5_VIRTQ_STATE_INIT = 0,
MLX5_VIRTQ_STATE_RDY = 1,
@@ -27,6 +27,7 @@ INTERNAL {
mlx5_devx_cmd_create_flow_hit_aso_obj;
mlx5_devx_cmd_create_flow_meter_aso_obj;
mlx5_devx_cmd_create_geneve_tlv_option;
+ mlx5_devx_cmd_create_dek_obj;
mlx5_devx_cmd_destroy;
mlx5_devx_cmd_flow_counter_alloc;
mlx5_devx_cmd_flow_counter_query;