psp: base PSP device support

# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)

---

name: psp

doc:

  PSP Security Protocol Generic Netlink family.

definitions:

  -

    type: enum

    name: version

    entries: [hdr0-aes-gcm-128, hdr0-aes-gcm-256,

              hdr0-aes-gmac-128, hdr0-aes-gmac-256]

attribute-sets:

  -

    name: dev

    attributes:

      -

        name: id

        doc: PSP device ID.

        type: u32

        checks:

          min: 1

      -

        name: ifindex

        doc: ifindex of the main netdevice linked to the PSP device.

        type: u32

      -

        name: psp-versions-cap

        doc: Bitmask of PSP versions supported by the device.

        type: u32

        enum: version

        enum-as-flags: true

      -

        name: psp-versions-ena

        doc: Bitmask of currently enabled (accepted on Rx) PSP versions.

        type: u32

        enum: version

        enum-as-flags: true

operations:

  list:

    -

      name: dev-get

      doc: Get / dump information about PSP capable devices on the system.

      attribute-set: dev

      do:

        request:

          attributes:

            - id

        reply: &dev-all

          attributes:

            - id

            - ifindex

            - psp-versions-cap

            - psp-versions-ena

        pre: psp-device-get-locked

        post: psp-device-unlock

      dump:

        reply: *dev-all

    -

      name: dev-add-ntf

      doc: Notification about device appearing.

      notify: dev-get

      mcgrp: mgmt

    -

      name: dev-del-ntf

      doc: Notification about device disappearing.

      notify: dev-get

      mcgrp: mgmt

    -

      name: dev-set

      doc: Set the configuration of a PSP device.

      attribute-set: dev

      do:

        request:

          attributes:

            - id

            - psp-versions-ena

        reply:

          attributes: []

        pre: psp-device-get-locked

        post: psp-device-unlock

    -

      name: dev-change-ntf

      doc: Notification about device configuration being changed.

      notify: dev-get

      mcgrp: mgmt

mcast-groups:

  list:

    -

      name: mgmt

...

 *			 device struct

 *	@mpls_ptr:	mpls_dev struct pointer

 *	@mctp_ptr:	MCTP specific data

 *	@psp_dev:	PSP crypto device registered for this netdev

 *

 *	@dev_addr:	Hw address (before bcast,

 *			because most packets are unicast)

#if IS_ENABLED(CONFIG_MCTP)

	struct mctp_dev __rcu	*mctp_ptr;

#endif

#if IS_ENABLED(CONFIG_INET_PSP)

	struct psp_dev __rcu	*psp_dev;

#endif

/*

 * Cache lines mostly used on receive path (including eth_type_trans())

/* SPDX-License-Identifier: GPL-2.0-only */

#ifndef __NET_PSP_ALL_H

#define __NET_PSP_ALL_H

#include <uapi/linux/psp.h>

#include <net/psp/functions.h>

#include <net/psp/types.h>

/* Do not add any code here. Put it in the sub-headers instead. */

#endif /* __NET_PSP_ALL_H */

/* SPDX-License-Identifier: GPL-2.0-only */

#ifndef __NET_PSP_HELPERS_H

#define __NET_PSP_HELPERS_H

#include <net/psp/types.h>

/* Driver-facing API */

struct psp_dev *

psp_dev_create(struct net_device *netdev, struct psp_dev_ops *psd_ops,

	       struct psp_dev_caps *psd_caps, void *priv_ptr);

void psp_dev_unregister(struct psp_dev *psd);

#endif /* __NET_PSP_HELPERS_H */

/* SPDX-License-Identifier: GPL-2.0-only */

#ifndef __NET_PSP_H

#define __NET_PSP_H

#include <linux/mutex.h>

#include <linux/refcount.h>

struct netlink_ext_ack;

#define PSP_DEFAULT_UDP_PORT	1000

struct psphdr {

	u8	nexthdr;

	u8	hdrlen;

	u8	crypt_offset;

	u8	verfl;

	__be32	spi;

	__be64	iv;

	__be64	vc[]; /* optional */

};

#define PSP_SPI_KEY_ID		GENMASK(30, 0)

#define PSP_SPI_KEY_PHASE	BIT(31)

#define PSPHDR_CRYPT_OFFSET	GENMASK(5, 0)

#define PSPHDR_VERFL_SAMPLE	BIT(7)

#define PSPHDR_VERFL_DROP	BIT(6)

#define PSPHDR_VERFL_VERSION	GENMASK(5, 2)

#define PSPHDR_VERFL_VIRT	BIT(1)

#define PSPHDR_VERFL_ONE	BIT(0)

#define PSP_HDRLEN_NOOPT	((sizeof(struct psphdr) - 8) / 8)

/**

 * struct psp_dev_config - PSP device configuration

 * @versions: PSP versions enabled on the device

 */

struct psp_dev_config {

	u32 versions;

};

/**

 * struct psp_dev - PSP device struct

 * @main_netdev: original netdevice of this PSP device

 * @ops:	driver callbacks

 * @caps:	device capabilities

 * @drv_priv:	driver priv pointer

 * @lock:	instance lock, protects all fields

 * @refcnt:	reference count for the instance

 * @id:		instance id

 * @config:	current device configuration

 *

 * @rcu:	RCU head for freeing the structure

 */

struct psp_dev {

	struct net_device *main_netdev;

	struct psp_dev_ops *ops;

	struct psp_dev_caps *caps;

	void *drv_priv;

	struct mutex lock;

	refcount_t refcnt;

	u32 id;

	struct psp_dev_config config;

	struct rcu_head rcu;

};

/**

 * struct psp_dev_caps - PSP device capabilities

 */

struct psp_dev_caps {

	/**

	 * @versions: mask of supported PSP versions

	 * Set this field to 0 to indicate PSP is not supported at all.

	 */

	u32 versions;

};

#define PSP_MAX_KEY	32

/**

 * struct psp_dev_ops - netdev driver facing PSP callbacks

 */

struct psp_dev_ops {

	/**

	 * @set_config: set configuration of a PSP device

	 * Driver can inspect @psd->config for the previous configuration.

	 * Core will update @psd->config with @config on success.

	 */

	int (*set_config)(struct psp_dev *psd, struct psp_dev_config *conf,

			  struct netlink_ext_ack *extack);

};

#endif /* __NET_PSP_H */