net/mlx5: Prepare for fast crypto key update if hardware supports it

Add CAP for crypto offload, do the simple initialization if hardware
supports it. Currently set log_dek_obj_range to 12, so 4k DEKs will be
created in one bulk allocation.

Signed-off-by: Jianbo Liu <jianbol@nvidia.com>
Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_common.c b/drivers/net/ethernet/mellanox/mlx5/core/en_common.c
index 68f1932..4c9a321 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_common.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_common.c
@@ -31,6 +31,7 @@
  */
 
 #include "en.h"
+#include "lib/crypto.h"
 
 /* mlx5e global resources should be placed in this file.
  * Global resources are common to all the netdevices created on the same nic.
@@ -104,6 +105,13 @@ int mlx5e_create_mdev_resources(struct mlx5_core_dev *mdev)
        INIT_LIST_HEAD(&res->td.tirs_list);
        mutex_init(&res->td.list_lock);
 
+       mdev->mlx5e_res.dek_priv = mlx5_crypto_dek_init(mdev);
+       if (IS_ERR(mdev->mlx5e_res.dek_priv)) {
+               mlx5_core_err(mdev, "crypto dek init failed, %ld\n",
+                             PTR_ERR(mdev->mlx5e_res.dek_priv));
+               mdev->mlx5e_res.dek_priv = NULL;
+       }
+
        return 0;
 
 err_destroy_mkey:
@@ -119,6 +127,8 @@ void mlx5e_destroy_mdev_resources(struct mlx5_core_dev *mdev)
 {
        struct mlx5e_hw_objs *res = &mdev->mlx5e_res.hw_objs;
 
+       mlx5_crypto_dek_cleanup(mdev->mlx5e_res.dek_priv);
+       mdev->mlx5e_res.dek_priv = NULL;
        mlx5_free_bfreg(mdev, &res->bfreg);
        mlx5_core_destroy_mkey(mdev, res->mkey);
        mlx5_core_dealloc_transport_domain(mdev, res->td.tdn);

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fw.c b/drivers/net/ethernet/mellanox/mlx5/core/fw.c
index f34e758..7bb7be0 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/fw.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fw.c
@@ -267,6 +267,12 @@ int mlx5_query_hca_caps(struct mlx5_core_dev *dev)
                        return err;
        }
 
+       if (MLX5_CAP_GEN(dev, crypto)) {
+               err = mlx5_core_get_caps(dev, MLX5_CAP_CRYPTO);
+               if (err)
+                       return err;
+       }
+
        if (MLX5_CAP_GEN(dev, shampo)) {
                err = mlx5_core_get_caps(dev, MLX5_CAP_DEV_SHAMPO);
                if (err)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.c b/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.c
index 7614595..02bc365 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.c
@@ -4,6 +4,11 @@
 #include "mlx5_core.h"
 #include "lib/crypto.h"
 
+struct mlx5_crypto_dek_priv {
+       struct mlx5_core_dev *mdev;
+       int log_dek_obj_range;
+};
+
 int mlx5_create_encryption_key(struct mlx5_core_dev *mdev,
                               void *key, u32 sz_bytes,
                               u32 key_type, u32 *p_key_id)
@@ -71,3 +76,34 @@ void mlx5_destroy_encryption_key(struct mlx5_core_dev *mdev, u32 key_id)
 
        mlx5_cmd_exec(mdev, in, sizeof(in), out, sizeof(out));
 }
+
+void mlx5_crypto_dek_cleanup(struct mlx5_crypto_dek_priv *dek_priv)
+{
+       if (!dek_priv)
+               return;
+
+       kfree(dek_priv);
+}
+
+struct mlx5_crypto_dek_priv *mlx5_crypto_dek_init(struct mlx5_core_dev *mdev)
+{
+       struct mlx5_crypto_dek_priv *dek_priv;
+
+       if (!MLX5_CAP_CRYPTO(mdev, log_dek_max_alloc))
+               return NULL;
+
+       dek_priv = kzalloc(sizeof(*dek_priv), GFP_KERNEL);
+       if (!dek_priv)
+               return ERR_PTR(-ENOMEM);
+
+       dek_priv->mdev = mdev;
+       dek_priv->log_dek_obj_range = min_t(int, 12,
+                                           MLX5_CAP_CRYPTO(mdev, log_dek_max_alloc));
+
+       mlx5_core_dbg(mdev, "Crypto DEK enabled, %d deks per alloc (max %d), total %d\n",
+                     1 << dek_priv->log_dek_obj_range,
+                     1 << MLX5_CAP_CRYPTO(mdev, log_dek_max_alloc),
+                     1 << MLX5_CAP_CRYPTO(mdev, log_max_num_deks));
+
+       return dek_priv;
+}

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.h b/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.h
index 0a5a7dc..5968536 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/lib/crypto.h
@@ -16,4 +16,6 @@ int mlx5_create_encryption_key(struct mlx5_core_dev *mdev,
 
 void mlx5_destroy_encryption_key(struct mlx5_core_dev *mdev, u32 key_id);
 
+struct mlx5_crypto_dek_priv *mlx5_crypto_dek_init(struct mlx5_core_dev *mdev);
+void mlx5_crypto_dek_cleanup(struct mlx5_crypto_dek_priv *dek_priv);
 #endif /* __MLX5_LIB_CRYPTO_H__ */

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/main.c b/drivers/net/ethernet/mellanox/mlx5/core/main.c
index 8823f20..9441588 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/main.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/main.c
@@ -1555,6 +1555,7 @@ static const int types[] = {
        MLX5_CAP_DEV_SHAMPO,
        MLX5_CAP_MACSEC,
        MLX5_CAP_ADV_VIRTUALIZATION,
+       MLX5_CAP_CRYPTO,
 };
 
 static void mlx5_hca_caps_free(struct mlx5_core_dev *dev)

diff --git a/include/linux/mlx5/device.h b/include/linux/mlx5/device.h
index 29d4b20..bc531bd 100644 (file)
--- a/include/linux/mlx5/device.h
+++ b/include/linux/mlx5/device.h
@@ -1204,6 +1204,7 @@ enum mlx5_cap_type {
        MLX5_CAP_VDPA_EMULATION = 0x13,
        MLX5_CAP_DEV_EVENT = 0x14,
        MLX5_CAP_IPSEC,
+       MLX5_CAP_CRYPTO = 0x1a,
        MLX5_CAP_DEV_SHAMPO = 0x1d,
        MLX5_CAP_MACSEC = 0x1f,
        MLX5_CAP_GENERAL_2 = 0x20,
@@ -1460,6 +1461,9 @@ enum mlx5_qcam_feature_groups {
 #define MLX5_CAP_IPSEC(mdev, cap)\
        MLX5_GET(ipsec_cap, (mdev)->caps.hca[MLX5_CAP_IPSEC]->cur, cap)
 
+#define MLX5_CAP_CRYPTO(mdev, cap)\
+       MLX5_GET(crypto_cap, (mdev)->caps.hca[MLX5_CAP_CRYPTO]->cur, cap)
+
 #define MLX5_CAP_DEV_SHAMPO(mdev, cap)\
        MLX5_GET(shampo_cap, mdev->caps.hca_cur[MLX5_CAP_DEV_SHAMPO], cap)
 

diff --git a/include/linux/mlx5/driver.h b/include/linux/mlx5/driver.h
index 4416776..cd529e0 100644 (file)
--- a/include/linux/mlx5/driver.h
+++ b/include/linux/mlx5/driver.h
@@ -516,6 +516,7 @@ struct mlx5_vhca_state_notifier;
 struct mlx5_sf_dev_table;
 struct mlx5_sf_hw_table;
 struct mlx5_sf_table;
+struct mlx5_crypto_dek_priv;
 
 struct mlx5_rate_limit {
        u32                     rate;
@@ -673,6 +674,7 @@ struct mlx5e_resources {
        } hw_objs;
        struct devlink_port dl_port;
        struct net_device *uplink_netdev;
+       struct mlx5_crypto_dek_priv *dek_priv;
 };
 
 enum mlx5_sw_icm_type {