// SPDX-License-Identifier: GPL-2.0 /* Copyright(c) 2018 Oracle and/or its affiliates. All rights reserved. */ #include "ixgbevf.h" #include <net/xfrm.h> #include <crypto/aead.h> #define IXGBE_IPSEC_KEY_BITS … static const char aes_gcm_name[] = …; /** * ixgbevf_ipsec_set_pf_sa - ask the PF to set up an SA * @adapter: board private structure * @xs: xfrm info to be sent to the PF * * Returns: positive offload handle from the PF, or negative error code **/ static int ixgbevf_ipsec_set_pf_sa(struct ixgbevf_adapter *adapter, struct xfrm_state *xs) { … } /** * ixgbevf_ipsec_del_pf_sa - ask the PF to delete an SA * @adapter: board private structure * @pfsa: sa index returned from PF when created, -1 for all * * Returns: 0 on success, or negative error code **/ static int ixgbevf_ipsec_del_pf_sa(struct ixgbevf_adapter *adapter, int pfsa) { … } /** * ixgbevf_ipsec_restore - restore the IPsec HW settings after a reset * @adapter: board private structure * * Reload the HW tables from the SW tables after they've been bashed * by a chip reset. While we're here, make sure any stale VF data is * removed, since we go through reset when num_vfs changes. **/ void ixgbevf_ipsec_restore(struct ixgbevf_adapter *adapter) { … } /** * ixgbevf_ipsec_find_empty_idx - find the first unused security parameter index * @ipsec: pointer to IPsec struct * @rxtable: true if we need to look in the Rx table * * Returns the first unused index in either the Rx or Tx SA table **/ static int ixgbevf_ipsec_find_empty_idx(struct ixgbevf_ipsec *ipsec, bool rxtable) { … } /** * ixgbevf_ipsec_find_rx_state - find the state that matches * @ipsec: pointer to IPsec struct * @daddr: inbound address to match * @proto: protocol to match * @spi: SPI to match * @ip4: true if using an IPv4 address * * Returns a pointer to the matching SA state information **/ static struct xfrm_state *ixgbevf_ipsec_find_rx_state(struct ixgbevf_ipsec *ipsec, __be32 *daddr, u8 proto, __be32 spi, bool ip4) { … } /** * ixgbevf_ipsec_parse_proto_keys - find the key and salt based on the protocol * @xs: pointer to xfrm_state struct * @mykey: pointer to key array to populate * @mysalt: pointer to salt value to populate * * This copies the protocol keys and salt to our own data tables. The * 82599 family only supports the one algorithm. **/ static int ixgbevf_ipsec_parse_proto_keys(struct xfrm_state *xs, u32 *mykey, u32 *mysalt) { … } /** * ixgbevf_ipsec_add_sa - program device with a security association * @xs: pointer to transformer state struct * @extack: extack point to fill failure reason **/ static int ixgbevf_ipsec_add_sa(struct xfrm_state *xs, struct netlink_ext_ack *extack) { … } /** * ixgbevf_ipsec_del_sa - clear out this specific SA * @xs: pointer to transformer state struct **/ static void ixgbevf_ipsec_del_sa(struct xfrm_state *xs) { … } /** * ixgbevf_ipsec_offload_ok - can this packet use the xfrm hw offload * @skb: current data packet * @xs: pointer to transformer state struct **/ static bool ixgbevf_ipsec_offload_ok(struct sk_buff *skb, struct xfrm_state *xs) { … } static const struct xfrmdev_ops ixgbevf_xfrmdev_ops = …; /** * ixgbevf_ipsec_tx - setup Tx flags for IPsec offload * @tx_ring: outgoing context * @first: current data packet * @itd: ipsec Tx data for later use in building context descriptor **/ int ixgbevf_ipsec_tx(struct ixgbevf_ring *tx_ring, struct ixgbevf_tx_buffer *first, struct ixgbevf_ipsec_tx_data *itd) { … } /** * ixgbevf_ipsec_rx - decode IPsec bits from Rx descriptor * @rx_ring: receiving ring * @rx_desc: receive data descriptor * @skb: current data packet * * Determine if there was an IPsec encapsulation noticed, and if so set up * the resulting status for later in the receive stack. **/ void ixgbevf_ipsec_rx(struct ixgbevf_ring *rx_ring, union ixgbe_adv_rx_desc *rx_desc, struct sk_buff *skb) { … } /** * ixgbevf_init_ipsec_offload - initialize registers for IPsec operation * @adapter: board private structure **/ void ixgbevf_init_ipsec_offload(struct ixgbevf_adapter *adapter) { … } /** * ixgbevf_stop_ipsec_offload - tear down the IPsec offload * @adapter: board private structure **/ void ixgbevf_stop_ipsec_offload(struct ixgbevf_adapter *adapter) { … }
Codebase Browser
linux