Changeset View
Changeset View
Standalone View
Standalone View
head/sys/dev/cxgbe/tom/t4_tls.c
Show First 20 Lines • Show All 584 Lines • ▼ Show 20 Lines | program_key_context(struct tcpcb *tp, struct toepcb *toep, | ||||
toep->flags &= ~TPF_FORCE_CREDITS; | toep->flags &= ~TPF_FORCE_CREDITS; | ||||
CTR4(KTR_CXGBE, "%s: tid %d %s proto_ver %#x", __func__, toep->tid, | CTR4(KTR_CXGBE, "%s: tid %d %s proto_ver %#x", __func__, toep->tid, | ||||
G_KEY_GET_LOC(uk_ctx->l_p_key) == KEY_WRITE_RX ? "KEY_WRITE_RX" : | G_KEY_GET_LOC(uk_ctx->l_p_key) == KEY_WRITE_RX ? "KEY_WRITE_RX" : | ||||
"KEY_WRITE_TX", uk_ctx->proto_ver); | "KEY_WRITE_TX", uk_ctx->proto_ver); | ||||
if (G_KEY_GET_LOC(uk_ctx->l_p_key) == KEY_WRITE_RX && | if (G_KEY_GET_LOC(uk_ctx->l_p_key) == KEY_WRITE_RX && | ||||
toep->ulp_mode != ULP_MODE_TLS) | ulp_mode(toep) != ULP_MODE_TLS) | ||||
return (EOPNOTSUPP); | return (EOPNOTSUPP); | ||||
/* Don't copy the 'tx' and 'rx' fields. */ | /* Don't copy the 'tx' and 'rx' fields. */ | ||||
k_ctx = &tls_ofld->k_ctx; | k_ctx = &tls_ofld->k_ctx; | ||||
memcpy(&k_ctx->l_p_key, &uk_ctx->l_p_key, | memcpy(&k_ctx->l_p_key, &uk_ctx->l_p_key, | ||||
sizeof(*k_ctx) - offsetof(struct tls_key_context, l_p_key)); | sizeof(*k_ctx) - offsetof(struct tls_key_context, l_p_key)); | ||||
/* TLS version != 1.1 and !1.2 OR DTLS != 1.2 */ | /* TLS version != 1.1 and !1.2 OR DTLS != 1.2 */ | ||||
▲ Show 20 Lines • Show All 181 Lines • ▼ Show 20 Lines | t4_ctloutput_tls(struct socket *so, struct sockopt *sopt) | ||||
switch (sopt->sopt_dir) { | switch (sopt->sopt_dir) { | ||||
case SOPT_SET: | case SOPT_SET: | ||||
switch (sopt->sopt_name) { | switch (sopt->sopt_name) { | ||||
case TCP_TLSOM_SET_TLS_CONTEXT: | case TCP_TLSOM_SET_TLS_CONTEXT: | ||||
error = program_key_context(tp, toep, &uk_ctx); | error = program_key_context(tp, toep, &uk_ctx); | ||||
INP_WUNLOCK(inp); | INP_WUNLOCK(inp); | ||||
break; | break; | ||||
case TCP_TLSOM_CLR_TLS_TOM: | case TCP_TLSOM_CLR_TLS_TOM: | ||||
if (toep->ulp_mode == ULP_MODE_TLS) { | if (ulp_mode(toep) == ULP_MODE_TLS) { | ||||
CTR2(KTR_CXGBE, "%s: tid %d CLR_TLS_TOM", | CTR2(KTR_CXGBE, "%s: tid %d CLR_TLS_TOM", | ||||
__func__, toep->tid); | __func__, toep->tid); | ||||
tls_clr_ofld_mode(toep); | tls_clr_ofld_mode(toep); | ||||
} else | } else | ||||
error = EOPNOTSUPP; | error = EOPNOTSUPP; | ||||
INP_WUNLOCK(inp); | INP_WUNLOCK(inp); | ||||
break; | break; | ||||
case TCP_TLSOM_CLR_QUIES: | case TCP_TLSOM_CLR_QUIES: | ||||
if (toep->ulp_mode == ULP_MODE_TLS) { | if (ulp_mode(toep) == ULP_MODE_TLS) { | ||||
CTR2(KTR_CXGBE, "%s: tid %d CLR_QUIES", | CTR2(KTR_CXGBE, "%s: tid %d CLR_QUIES", | ||||
__func__, toep->tid); | __func__, toep->tid); | ||||
tls_clr_quiesce(toep); | tls_clr_quiesce(toep); | ||||
} else | } else | ||||
error = EOPNOTSUPP; | error = EOPNOTSUPP; | ||||
INP_WUNLOCK(inp); | INP_WUNLOCK(inp); | ||||
break; | break; | ||||
default: | default: | ||||
INP_WUNLOCK(inp); | INP_WUNLOCK(inp); | ||||
error = EOPNOTSUPP; | error = EOPNOTSUPP; | ||||
break; | break; | ||||
} | } | ||||
break; | break; | ||||
case SOPT_GET: | case SOPT_GET: | ||||
switch (sopt->sopt_name) { | switch (sopt->sopt_name) { | ||||
case TCP_TLSOM_GET_TLS_TOM: | case TCP_TLSOM_GET_TLS_TOM: | ||||
/* | /* | ||||
* TLS TX is permitted on any TOE socket, but | * TLS TX is permitted on any TOE socket, but | ||||
* TLS RX requires a TLS ULP mode. | * TLS RX requires a TLS ULP mode. | ||||
*/ | */ | ||||
optval = TLS_TOM_NONE; | optval = TLS_TOM_NONE; | ||||
if (can_tls_offload(td_adapter(toep->td))) { | if (can_tls_offload(td_adapter(toep->td))) { | ||||
switch (toep->ulp_mode) { | switch (ulp_mode(toep)) { | ||||
case ULP_MODE_NONE: | case ULP_MODE_NONE: | ||||
case ULP_MODE_TCPDDP: | case ULP_MODE_TCPDDP: | ||||
optval = TLS_TOM_TXONLY; | optval = TLS_TOM_TXONLY; | ||||
break; | break; | ||||
case ULP_MODE_TLS: | case ULP_MODE_TLS: | ||||
optval = TLS_TOM_BOTH; | optval = TLS_TOM_BOTH; | ||||
break; | break; | ||||
} | } | ||||
Show All 16 Lines | |||||
void | void | ||||
tls_init_toep(struct toepcb *toep) | tls_init_toep(struct toepcb *toep) | ||||
{ | { | ||||
struct tls_ofld_info *tls_ofld = &toep->tls; | struct tls_ofld_info *tls_ofld = &toep->tls; | ||||
tls_ofld->key_location = TLS_SFO_WR_CONTEXTLOC_DDR; | tls_ofld->key_location = TLS_SFO_WR_CONTEXTLOC_DDR; | ||||
tls_ofld->rx_key_addr = -1; | tls_ofld->rx_key_addr = -1; | ||||
tls_ofld->tx_key_addr = -1; | tls_ofld->tx_key_addr = -1; | ||||
if (toep->ulp_mode == ULP_MODE_TLS) | if (ulp_mode(toep) == ULP_MODE_TLS) | ||||
callout_init_mtx(&tls_ofld->handshake_timer, | callout_init_mtx(&tls_ofld->handshake_timer, | ||||
&tls_handshake_lock, 0); | &tls_handshake_lock, 0); | ||||
} | } | ||||
void | void | ||||
tls_establish(struct toepcb *toep) | tls_establish(struct toepcb *toep) | ||||
{ | { | ||||
Show All 12 Lines | tls_establish(struct toepcb *toep) | ||||
tls_start_handshake_timer(toep); | tls_start_handshake_timer(toep); | ||||
} | } | ||||
void | void | ||||
tls_uninit_toep(struct toepcb *toep) | tls_uninit_toep(struct toepcb *toep) | ||||
{ | { | ||||
if (toep->ulp_mode == ULP_MODE_TLS) | if (ulp_mode(toep) == ULP_MODE_TLS) | ||||
tls_stop_handshake_timer(toep); | tls_stop_handshake_timer(toep); | ||||
clear_tls_keyid(toep); | clear_tls_keyid(toep); | ||||
} | } | ||||
#define MAX_OFLD_TX_CREDITS (SGE_MAX_WR_LEN / 16) | #define MAX_OFLD_TX_CREDITS (SGE_MAX_WR_LEN / 16) | ||||
#define MIN_OFLD_TLSTX_CREDITS(toep) \ | #define MIN_OFLD_TLSTX_CREDITS(toep) \ | ||||
(howmany(sizeof(struct fw_tlstx_data_wr) + \ | (howmany(sizeof(struct fw_tlstx_data_wr) + \ | ||||
sizeof(struct cpl_tx_tls_sfo) + key_size((toep)) + \ | sizeof(struct cpl_tx_tls_sfo) + key_size((toep)) + \ | ||||
▲ Show 20 Lines • Show All 198 Lines • ▼ Show 20 Lines | t4_push_tls_records(struct adapter *sc, struct toepcb *toep, int drop) | ||||
struct ofld_tx_sdesc *txsd; | struct ofld_tx_sdesc *txsd; | ||||
bool imm_ivs, imm_payload; | bool imm_ivs, imm_payload; | ||||
void *iv_buffer, *iv_dst, *buf; | void *iv_buffer, *iv_dst, *buf; | ||||
INP_WLOCK_ASSERT(inp); | INP_WLOCK_ASSERT(inp); | ||||
KASSERT(toep->flags & TPF_FLOWC_WR_SENT, | KASSERT(toep->flags & TPF_FLOWC_WR_SENT, | ||||
("%s: flowc_wr not sent for tid %u.", __func__, toep->tid)); | ("%s: flowc_wr not sent for tid %u.", __func__, toep->tid)); | ||||
KASSERT(toep->ulp_mode == ULP_MODE_NONE || | KASSERT(ulp_mode(toep) == ULP_MODE_NONE || | ||||
toep->ulp_mode == ULP_MODE_TCPDDP || toep->ulp_mode == ULP_MODE_TLS, | ulp_mode(toep) == ULP_MODE_TCPDDP || ulp_mode(toep) == ULP_MODE_TLS, | ||||
("%s: ulp_mode %u for toep %p", __func__, toep->ulp_mode, toep)); | ("%s: ulp_mode %u for toep %p", __func__, ulp_mode(toep), toep)); | ||||
KASSERT(tls_tx_key(toep), | KASSERT(tls_tx_key(toep), | ||||
("%s: TX key not set for toep %p", __func__, toep)); | ("%s: TX key not set for toep %p", __func__, toep)); | ||||
#ifdef VERBOSE_TRACES | #ifdef VERBOSE_TRACES | ||||
CTR4(KTR_CXGBE, "%s: tid %d toep flags %#x tp flags %#x drop %d", | CTR4(KTR_CXGBE, "%s: tid %d toep flags %#x tp flags %#x drop %d", | ||||
__func__, toep->tid, toep->flags, tp->t_flags); | __func__, toep->tid, toep->flags, tp->t_flags); | ||||
#endif | #endif | ||||
if (__predict_false(toep->flags & TPF_ABORT_SHUTDOWN)) | if (__predict_false(toep->flags & TPF_ABORT_SHUTDOWN)) | ||||
▲ Show 20 Lines • Show All 511 Lines • Show Last 20 Lines |