1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */ 2*4882a593Smuzhiyun /* Copyright(c) 2017 Oracle and/or its affiliates. All rights reserved. */ 3*4882a593Smuzhiyun 4*4882a593Smuzhiyun #ifndef _IXGBE_IPSEC_H_ 5*4882a593Smuzhiyun #define _IXGBE_IPSEC_H_ 6*4882a593Smuzhiyun 7*4882a593Smuzhiyun #define IXGBE_IPSEC_MAX_SA_COUNT 1024 8*4882a593Smuzhiyun #define IXGBE_IPSEC_MAX_RX_IP_COUNT 128 9*4882a593Smuzhiyun #define IXGBE_IPSEC_BASE_RX_INDEX 0 10*4882a593Smuzhiyun #define IXGBE_IPSEC_BASE_TX_INDEX IXGBE_IPSEC_MAX_SA_COUNT 11*4882a593Smuzhiyun #define IXGBE_IPSEC_AUTH_BITS 128 12*4882a593Smuzhiyun 13*4882a593Smuzhiyun #define IXGBE_RXTXIDX_IPS_EN 0x00000001 14*4882a593Smuzhiyun #define IXGBE_RXIDX_TBL_SHIFT 1 15*4882a593Smuzhiyun enum ixgbe_ipsec_tbl_sel { 16*4882a593Smuzhiyun ips_rx_ip_tbl = 0x01, 17*4882a593Smuzhiyun ips_rx_spi_tbl = 0x02, 18*4882a593Smuzhiyun ips_rx_key_tbl = 0x03, 19*4882a593Smuzhiyun }; 20*4882a593Smuzhiyun 21*4882a593Smuzhiyun #define IXGBE_RXTXIDX_IDX_SHIFT 3 22*4882a593Smuzhiyun #define IXGBE_RXTXIDX_READ 0x40000000 23*4882a593Smuzhiyun #define IXGBE_RXTXIDX_WRITE 0x80000000 24*4882a593Smuzhiyun 25*4882a593Smuzhiyun #define IXGBE_RXMOD_VALID 0x00000001 26*4882a593Smuzhiyun #define IXGBE_RXMOD_PROTO_ESP 0x00000004 27*4882a593Smuzhiyun #define IXGBE_RXMOD_DECRYPT 0x00000008 28*4882a593Smuzhiyun #define IXGBE_RXMOD_IPV6 0x00000010 29*4882a593Smuzhiyun #define IXGBE_RXTXMOD_VF 0x00000020 30*4882a593Smuzhiyun 31*4882a593Smuzhiyun struct rx_sa { 32*4882a593Smuzhiyun struct hlist_node hlist; 33*4882a593Smuzhiyun struct xfrm_state *xs; 34*4882a593Smuzhiyun __be32 ipaddr[4]; 35*4882a593Smuzhiyun u32 key[4]; 36*4882a593Smuzhiyun u32 salt; 37*4882a593Smuzhiyun u32 mode; 38*4882a593Smuzhiyun u8 iptbl_ind; 39*4882a593Smuzhiyun bool used; 40*4882a593Smuzhiyun bool decrypt; 41*4882a593Smuzhiyun u32 vf; 42*4882a593Smuzhiyun }; 43*4882a593Smuzhiyun 44*4882a593Smuzhiyun struct rx_ip_sa { 45*4882a593Smuzhiyun __be32 ipaddr[4]; 46*4882a593Smuzhiyun u32 ref_cnt; 47*4882a593Smuzhiyun bool used; 48*4882a593Smuzhiyun }; 49*4882a593Smuzhiyun 50*4882a593Smuzhiyun struct tx_sa { 51*4882a593Smuzhiyun struct xfrm_state *xs; 52*4882a593Smuzhiyun u32 key[4]; 53*4882a593Smuzhiyun u32 salt; 54*4882a593Smuzhiyun u32 mode; 55*4882a593Smuzhiyun bool encrypt; 56*4882a593Smuzhiyun bool used; 57*4882a593Smuzhiyun u32 vf; 58*4882a593Smuzhiyun }; 59*4882a593Smuzhiyun 60*4882a593Smuzhiyun struct ixgbe_ipsec_tx_data { 61*4882a593Smuzhiyun u32 flags; 62*4882a593Smuzhiyun u16 trailer_len; 63*4882a593Smuzhiyun u16 sa_idx; 64*4882a593Smuzhiyun }; 65*4882a593Smuzhiyun 66*4882a593Smuzhiyun struct ixgbe_ipsec { 67*4882a593Smuzhiyun u16 num_rx_sa; 68*4882a593Smuzhiyun u16 num_tx_sa; 69*4882a593Smuzhiyun struct rx_ip_sa *ip_tbl; 70*4882a593Smuzhiyun struct rx_sa *rx_tbl; 71*4882a593Smuzhiyun struct tx_sa *tx_tbl; 72*4882a593Smuzhiyun DECLARE_HASHTABLE(rx_sa_list, 10); 73*4882a593Smuzhiyun }; 74*4882a593Smuzhiyun 75*4882a593Smuzhiyun struct sa_mbx_msg { 76*4882a593Smuzhiyun __be32 spi; 77*4882a593Smuzhiyun u8 flags; 78*4882a593Smuzhiyun u8 proto; 79*4882a593Smuzhiyun u16 family; 80*4882a593Smuzhiyun __be32 addr[4]; 81*4882a593Smuzhiyun u32 key[5]; 82*4882a593Smuzhiyun }; 83*4882a593Smuzhiyun #endif /* _IXGBE_IPSEC_H_ */ 84