From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 94495A0547; Thu, 29 Apr 2021 17:45:53 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id AF40941356; Thu, 29 Apr 2021 17:45:11 +0200 (CEST) Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2086.outbound.protection.outlook.com [40.107.220.86]) by mails.dpdk.org (Postfix) with ESMTP id 69710410DD for ; Thu, 29 Apr 2021 17:45:07 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vj/lCpLfUc7jwlX+bJoLeB7KRxVsV6Wjp5HKKEFxTCkEOJ4OfJoYIBBMcuHCJfBJW5RnSiu5eRuiNYByjrlpH6BY5ZzOgPJBZ1Aak7y7t0DHSDVPhDzudqUFrnArDU35RGcwyHQWVxh2AdTLJlpXvSmDiLhN/2rznRDgu5Sn6F0ud7J8Tc453qkQYKb5kQat6NJvjb0ytP0GouT90XzoVstxY7MDh7OqaUCp2uEmzrfR+3Dlb+m+Xg6oZqFy6Drhc8qnEomeGemmolvdXNBUEU0EipvhUT5CyjUXGCN/hhIETOcvqwn+LLxGzNhsw+BLHgEBAkW5UZjziqh/41F2zQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=L4ICjyqqElhg+hDZxTfZVzb9jwX9YbcAkGHSBx2i6EY=; b=PMCE7MS66pbcL7PcLQc77FluK8KRI1g540IjIG9WS2tUlhfz9MgKhkwmAUKZ06JuKLdXhY5YxT43vfbuOZaYUSDk/JJv73tjG76+j9jqyOHUBCp8IzCIUZm23Gq42I3AH7N4Kc0ZezK6BTDlDEdiGXLRLgzUQAhuQJk8HczFw+qjmHoQXvHWWAf2e/tsfqjaA+UX2Y7Dy9V+SGlT5aRssU6d4exmtldebGGTcdf5Nb6wjQP9c+ljRi7cjxLx0WgGCj9rcdrEAvFkl9nzmV7dz1iz6EzY6Lbelv26UiNAJpjBrmoLRsSUaw4YD5yeOecm06q84zgnJaXbKQKroalmAQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.112.34) smtp.rcpttodomain=marvell.com smtp.mailfrom=nvidia.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=L4ICjyqqElhg+hDZxTfZVzb9jwX9YbcAkGHSBx2i6EY=; b=rrs2/XgK0i1Yz/UBXqC6X9CsjxL/FzIj6Vzcv7Oa2DzcodfIS02gf18WiosR5H8EbpVxJKw1OFixApYP6kpoyR+WF2NsK+6+wtQCP02UxybNf5gnl/5/Pd2xlZJsIIwMujnPue6l24Da2BFXB8T8TmRfMCvexRfli8Y+bQZcXumf2O0SKKpD/IVZ3dvGpdZu3SMEgPjAAWHaFUv3ZYKnNM4/NiEZkB/itBmkjrJlKtKcCbo8D7+GMk3u4fXnrQjDR9KQhZAUPIBhc0RVRxc65FX94E0Tq2VVJYwcUVOi9EwzuG5xdYniDj62GylcaVmNqfuySkidbq2NYEIvGQCjYQ== Received: from DM3PR14CA0137.namprd14.prod.outlook.com (2603:10b6:0:53::21) by SJ0PR12MB5424.namprd12.prod.outlook.com (2603:10b6:a03:300::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.21; Thu, 29 Apr 2021 15:45:05 +0000 Received: from DM6NAM11FT041.eop-nam11.prod.protection.outlook.com (2603:10b6:0:53:cafe::29) by DM3PR14CA0137.outlook.office365.com (2603:10b6:0:53::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.27 via Frontend Transport; Thu, 29 Apr 2021 15:45:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.112.34) smtp.mailfrom=nvidia.com; marvell.com; dkim=none (message not signed) header.d=none;marvell.com; dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.112.34 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.112.34; helo=mail.nvidia.com; Received: from mail.nvidia.com (216.228.112.34) by DM6NAM11FT041.mail.protection.outlook.com (10.13.172.98) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.4087.27 via Frontend Transport; Thu, 29 Apr 2021 15:45:05 +0000 Received: from nvidia.com (172.20.145.6) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 29 Apr 2021 15:45:03 +0000 From: Matan Azrad To: CC: , , , "Dekel Peled" Date: Thu, 29 Apr 2021 18:43:32 +0300 Message-ID: <20210429154335.2820028-14-matan@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210429154335.2820028-1-matan@nvidia.com> References: <20210408204849.9543-1-shirik@nvidia.com> <20210429154335.2820028-1-matan@nvidia.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [172.20.145.6] X-ClientProxiedBy: HQMAIL107.nvidia.com (172.20.187.13) To HQMAIL107.nvidia.com (172.20.187.13) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: dd09b9f3-ea13-4078-8677-08d90b25c291 X-MS-TrafficTypeDiagnostic: SJ0PR12MB5424: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2887; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1bYd476fD7p82ZuhUJf3vOlU/MvT+gyfjSfwex6nirzsvdSxJGmcQr1ySIyVmXPwBrBn9d09w3tc3jaqSk4bh4sNL1BsJq5PJ7VrUwqd0Lb8/HGcym3d/OB4aDqbLDSJg4OR3QqbxlSd+77TvP4e0GX183ixAQEzVJUgFsAejoG4YO0lRjdIY4E7h7lY1hJOuv8NiL2RNQZcB0AWMn5ritWJ0kTSKFa4U5gDDibfGxoeZl7DXFeptXKFyjUUAgzrbZpJBqZoDpgadxJrG9RNWlOb8/Aep+ja+IR7rnAvhL3oPXIJ+ctqmosZkQTIOkbziM29O1ODELRfYTrjGB+OMfoGhDlb2FevYc7UgnYGeEGxCWDkWuYdrx7mWL6L/uLBWaXKVfbx9UC6vz/LV+Qbds9T1RoCHat8EYbbKIPWEfz68cfZLYbnQFgpjLxdhr2iWYd0URG9SNsIHSy7cwVUEm8xjjZDdR8QZIoH5h+aFZb+L4zQlAjbju7BdArTOXOaBuaRGT+CRY7azjrgrNxtJux/9e4soNsI7hGATFxtwcUI7qh659NZ5ynVfg+6/wczawR5nxTGl591AGMSrLaLMDUw9eflygf4+FtfLzCPEjUnrM4sAqmx7LA32Yw2IXaj2C2SspeqpEqq50zeFgbe/aSep/97+LNOxzMPASmxyZs= X-Forefront-Antispam-Report: CIP:216.228.112.34; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:schybrid03.nvidia.com; CAT:NONE; SFS:(4636009)(346002)(376002)(396003)(39860400002)(136003)(46966006)(36840700001)(55016002)(16526019)(82310400003)(1076003)(36906005)(7636003)(478600001)(356005)(70206006)(8676002)(70586007)(82740400003)(8936002)(26005)(336012)(426003)(5660300002)(36756003)(83380400001)(2906002)(86362001)(2616005)(7696005)(4326008)(54906003)(6286002)(47076005)(186003)(316002)(36860700001)(107886003)(6666004)(6916009); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2021 15:45:05.3939 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: dd09b9f3-ea13-4078-8677-08d90b25c291 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.112.34]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT041.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB5424 Subject: [dpdk-dev] [PATCH v2 13/16] common/mlx5: support general obj CREDENTIAL create X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Dekel Peled CREDENTIAL object is used for any crypto operation in wrapped mode. This patch add support of CREDENTIAL object create operation. Add reading of CREDENTIAL support capability. Add function to create general object type CREDENTIAL, using DevX API. Signed-off-by: Dekel Peled Acked-by: Matan Azrad --- drivers/common/mlx5/mlx5_devx_cmds.c | 53 +++++++++++++++++++++++++++- drivers/common/mlx5/mlx5_devx_cmds.h | 17 +++++++-- drivers/common/mlx5/mlx5_prm.h | 23 ++++++++++++ drivers/common/mlx5/version.map | 1 + 4 files changed, 91 insertions(+), 3 deletions(-) diff --git a/drivers/common/mlx5/mlx5_devx_cmds.c b/drivers/common/mlx5/mlx5_devx_cmds.c index c0061741e8..c0a0853c3a 100644 --- a/drivers/common/mlx5/mlx5_devx_cmds.c +++ b/drivers/common/mlx5/mlx5_devx_cmds.c @@ -754,6 +754,8 @@ mlx5_devx_cmd_query_hca_attr(void *ctx, MLX5_GENERAL_OBJ_TYPES_CAP_DEK); attr->import_kek = !!(general_obj_types_supported & MLX5_GENERAL_OBJ_TYPES_CAP_IMPORT_KEK); + attr->credential = !!(general_obj_types_supported & + MLX5_GENERAL_OBJ_TYPES_CAP_CREDENTIAL); attr->crypto_login = !!(general_obj_types_supported & MLX5_GENERAL_OBJ_TYPES_CAP_CRYPTO_LOGIN); /* Add reading of other GENERAL_OBJ_TYPES_CAP bits above this line. */ @@ -2512,6 +2514,55 @@ mlx5_devx_cmd_create_import_kek_obj(void *ctx, return import_kek_obj; } +/** + * Create general object of type CREDENTIAL using DevX API. + * + * @param[in] ctx + * Context returned from mlx5 open_device() glue function. + * @param [in] attr + * Pointer to CREDENTIAL attributes structure. + * + * @return + * The DevX object created, NULL otherwise and rte_errno is set. + */ +struct mlx5_devx_obj * +mlx5_devx_cmd_create_credential_obj(void *ctx, + struct mlx5_devx_credential_attr *attr) +{ + uint32_t in[MLX5_ST_SZ_DW(create_credential_in)] = {0}; + uint32_t out[MLX5_ST_SZ_DW(general_obj_out_cmd_hdr)] = {0}; + struct mlx5_devx_obj *credential_obj = NULL; + void *ptr = NULL, *credential_addr = NULL; + + credential_obj = mlx5_malloc(MLX5_MEM_ZERO, sizeof(*credential_obj), + 0, SOCKET_ID_ANY); + if (credential_obj == NULL) { + DRV_LOG(ERR, "Failed to allocate CREDENTIAL object data"); + rte_errno = ENOMEM; + return NULL; + } + ptr = MLX5_ADDR_OF(create_credential_in, in, hdr); + MLX5_SET(general_obj_in_cmd_hdr, ptr, opcode, + MLX5_CMD_OP_CREATE_GENERAL_OBJECT); + MLX5_SET(general_obj_in_cmd_hdr, ptr, obj_type, + MLX5_GENERAL_OBJ_TYPE_CREDENTIAL); + ptr = MLX5_ADDR_OF(create_credential_in, in, credential); + MLX5_SET(credential, ptr, credential_role, attr->credential_role); + credential_addr = MLX5_ADDR_OF(credential, ptr, credential); + memcpy(credential_addr, (void *)(attr->credential), + MLX5_CRYPTO_CREDENTIAL_SIZE); + credential_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in), + out, sizeof(out)); + if (credential_obj->obj == NULL) { + rte_errno = errno; + DRV_LOG(ERR, "Failed to create CREDENTIAL object using DevX."); + mlx5_free(credential_obj); + return NULL; + } + credential_obj->id = MLX5_GET(general_obj_out_cmd_hdr, out, obj_id); + return credential_obj; +} + /** * Create general object of type CRYPTO_LOGIN using DevX API. * @@ -2551,7 +2602,7 @@ mlx5_devx_cmd_create_crypto_login_obj(void *ctx, attr->session_import_kek_ptr); credential_addr = MLX5_ADDR_OF(crypto_login, ptr, credential); memcpy(credential_addr, (void *)(attr->credential), - MLX5_CRYPTO_LOGIN_CREDENTIAL_SIZE); + MLX5_CRYPTO_CREDENTIAL_SIZE); crypto_login_obj->obj = mlx5_glue->devx_obj_create(ctx, in, sizeof(in), out, sizeof(out)); if (crypto_login_obj->obj == NULL) { diff --git a/drivers/common/mlx5/mlx5_devx_cmds.h b/drivers/common/mlx5/mlx5_devx_cmds.h index 709e28bfba..811e7a1462 100644 --- a/drivers/common/mlx5/mlx5_devx_cmds.h +++ b/drivers/common/mlx5/mlx5_devx_cmds.h @@ -143,6 +143,7 @@ struct mlx5_hca_attr { uint32_t aes_xts:1; /* AES-XTS crypto is supported. */ uint32_t dek:1; /* General obj type DEK is supported. */ uint32_t import_kek:1; /* General obj type IMPORT_KEK supported. */ + uint32_t credential:1; /* General obj type CREDENTIAL supported. */ uint32_t crypto_login:1; /* General obj type CRYPTO_LOGIN supported. */ uint32_t regexp_num_of_engines; uint32_t log_max_ft_sampler_num:8; @@ -459,13 +460,20 @@ struct mlx5_devx_import_kek_attr { uint8_t key[MLX5_CRYPTO_KEY_MAX_SIZE]; }; -#define MLX5_CRYPTO_LOGIN_CREDENTIAL_SIZE 48 +#define MLX5_CRYPTO_CREDENTIAL_SIZE 48 + +struct mlx5_devx_credential_attr { + uint64_t modify_field_select; + uint32_t state:8; + uint32_t credential_role:8; + uint8_t credential[MLX5_CRYPTO_CREDENTIAL_SIZE]; +}; struct mlx5_devx_crypto_login_attr { uint64_t modify_field_select; uint32_t credential_pointer:24; uint32_t session_import_kek_ptr:24; - uint8_t credential[MLX5_CRYPTO_LOGIN_CREDENTIAL_SIZE]; + uint8_t credential[MLX5_CRYPTO_CREDENTIAL_SIZE]; }; /* mlx5_devx_cmds.c */ @@ -629,6 +637,11 @@ struct mlx5_devx_obj * mlx5_devx_cmd_create_import_kek_obj(void *ctx, struct mlx5_devx_import_kek_attr *attr); +__rte_internal +struct mlx5_devx_obj * +mlx5_devx_cmd_create_credential_obj(void *ctx, + struct mlx5_devx_credential_attr *attr); + __rte_internal struct mlx5_devx_obj * mlx5_devx_cmd_create_crypto_login_obj(void *ctx, diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h index a9dcbfa63c..432c8fdb63 100644 --- a/drivers/common/mlx5/mlx5_prm.h +++ b/drivers/common/mlx5/mlx5_prm.h @@ -1187,6 +1187,8 @@ enum { (1ULL << MLX5_GENERAL_OBJ_TYPE_DEK) #define MLX5_GENERAL_OBJ_TYPES_CAP_IMPORT_KEK \ (1ULL << MLX5_GENERAL_OBJ_TYPE_IMPORT_KEK) +#define MLX5_GENERAL_OBJ_TYPES_CAP_CREDENTIAL \ + (1ULL << MLX5_GENERAL_OBJ_TYPE_CREDENTIAL) #define MLX5_GENERAL_OBJ_TYPES_CAP_CRYPTO_LOGIN \ (1ULL << MLX5_GENERAL_OBJ_TYPE_CRYPTO_LOGIN) @@ -2490,6 +2492,7 @@ enum { MLX5_GENERAL_OBJ_TYPE_VIRTQ = 0x000d, MLX5_GENERAL_OBJ_TYPE_VIRTIO_Q_COUNTERS = 0x001c, MLX5_GENERAL_OBJ_TYPE_IMPORT_KEK = 0x001d, + MLX5_GENERAL_OBJ_TYPE_CREDENTIAL = 0x001e, MLX5_GENERAL_OBJ_TYPE_CRYPTO_LOGIN = 0x001f, MLX5_GENERAL_OBJ_TYPE_FLEX_PARSE_GRAPH = 0x0022, MLX5_GENERAL_OBJ_TYPE_FLOW_METER_ASO = 0x0024, @@ -2603,6 +2606,26 @@ struct mlx5_ifc_create_import_kek_in_bits { struct mlx5_ifc_import_kek_bits import_kek; }; +enum { + MLX5_CREDENTIAL_ROLE_OFFICER = 0x0, + MLX5_CREDENTIAL_ROLE_USER = 0x1, +}; + +struct mlx5_ifc_credential_bits { + u8 modify_field_select[0x40]; + u8 state[0x8]; + u8 reserved_at_48[0x10]; + u8 credential_role[0x8]; + u8 reserved_at_60[0x1a0]; + u8 credential[0x180]; + u8 reserved_at_380[0x480]; +}; + +struct mlx5_ifc_create_credential_in_bits { + struct mlx5_ifc_general_obj_in_cmd_hdr_bits hdr; + struct mlx5_ifc_credential_bits credential; +}; + struct mlx5_ifc_crypto_login_bits { u8 modify_field_select[0x40]; u8 reserved_at_40[0x48]; diff --git a/drivers/common/mlx5/version.map b/drivers/common/mlx5/version.map index 00df37e81a..1885cb8f6a 100644 --- a/drivers/common/mlx5/version.map +++ b/drivers/common/mlx5/version.map @@ -29,6 +29,7 @@ INTERNAL { mlx5_devx_cmd_create_geneve_tlv_option; mlx5_devx_cmd_create_dek_obj; mlx5_devx_cmd_create_import_kek_obj; + mlx5_devx_cmd_create_credential_obj; mlx5_devx_cmd_create_crypto_login_obj; mlx5_devx_cmd_destroy; mlx5_devx_cmd_flow_counter_alloc; -- 2.25.1