Lines Matching +full:flow +full:- +full:control

1 // SPDX-License-Identifier: (GPL-2.0 OR MIT)
3 * Driver for Microsemi VSC85xx PHYs - MACsec support
11 #include <dt-bindings/net/mscc-phy-vsc8531.h>
37 /* non-MACsec access */ in vsc8584_macsec_phy_read()
321 struct vsc8531_private *priv = phydev->priv; in __vsc8584_macsec_init()
358 proc_bank = (priv->addr < 2) ? PROC_0 : PROC_2; in __vsc8584_macsec_init()
371 struct macsec_flow *flow) in vsc8584_macsec_flow() argument
373 struct vsc8531_private *priv = phydev->priv; in vsc8584_macsec_flow()
374 enum macsec_bank bank = flow->bank; in vsc8584_macsec_flow()
375 u32 val, match = 0, mask = 0, action = 0, idx = flow->index; in vsc8584_macsec_flow()
377 if (flow->match.tagged) in vsc8584_macsec_flow()
379 if (flow->match.untagged) in vsc8584_macsec_flow()
382 if (bank == MACSEC_INGR && flow->assoc_num >= 0) { in vsc8584_macsec_flow()
383 match |= MSCC_MS_SAM_MISC_MATCH_AN(flow->assoc_num); in vsc8584_macsec_flow()
387 if (bank == MACSEC_INGR && flow->match.sci && flow->rx_sa->sc->sci) { in vsc8584_macsec_flow()
388 u64 sci = (__force u64)flow->rx_sa->sc->sci; in vsc8584_macsec_flow()
400 if (flow->match.etype) { in vsc8584_macsec_flow()
404 MSCC_MS_SAM_MAC_SA_MATCH_HI_ETYPE((__force u32)htons(flow->etype))); in vsc8584_macsec_flow()
407 match |= MSCC_MS_SAM_MISC_MATCH_PRIORITY(flow->priority); in vsc8584_macsec_flow()
413 if (flow->action.drop) in vsc8584_macsec_flow()
415 else if (flow->action.bypass || flow->port == MSCC_MS_PORT_UNCONTROLLED) in vsc8584_macsec_flow()
423 MSCC_MS_SAM_FLOW_CTRL_DEST_PORT(flow->port); in vsc8584_macsec_flow()
429 if (priv->secy->replay_protect) in vsc8584_macsec_flow()
431 if (priv->secy->validate_frames == MACSEC_VALIDATE_STRICT) in vsc8584_macsec_flow()
433 else if (priv->secy->validate_frames == MACSEC_VALIDATE_CHECK) in vsc8584_macsec_flow()
436 if (priv->secy->protect_frames) in vsc8584_macsec_flow()
438 if (priv->secy->tx_sc.encrypt) in vsc8584_macsec_flow()
440 if (priv->secy->tx_sc.send_sci) in vsc8584_macsec_flow()
451 struct vsc8531_private *priv = ctx->phydev->priv; in vsc8584_macsec_find_flow()
454 list_for_each_entry_safe(pos, tmp, &priv->macsec_flows, list) in vsc8584_macsec_find_flow()
455 if (pos->assoc_num == ctx->sa.assoc_num && pos->bank == bank) in vsc8584_macsec_find_flow()
458 return ERR_PTR(-ENOENT); in vsc8584_macsec_find_flow()
462 struct macsec_flow *flow) in vsc8584_macsec_flow_enable() argument
464 enum macsec_bank bank = flow->bank; in vsc8584_macsec_flow_enable()
465 u32 val, idx = flow->index; in vsc8584_macsec_flow_enable()
467 if ((flow->bank == MACSEC_INGR && flow->rx_sa && !flow->rx_sa->active) || in vsc8584_macsec_flow_enable()
468 (flow->bank == MACSEC_EGR && flow->tx_sa && !flow->tx_sa->active)) in vsc8584_macsec_flow_enable()
474 /* Set in-use */ in vsc8584_macsec_flow_enable()
481 struct macsec_flow *flow) in vsc8584_macsec_flow_disable() argument
483 enum macsec_bank bank = flow->bank; in vsc8584_macsec_flow_disable()
484 u32 val, idx = flow->index; in vsc8584_macsec_flow_disable()
489 /* Clear in-use */ in vsc8584_macsec_flow_disable()
495 static u32 vsc8584_macsec_flow_context_id(struct macsec_flow *flow) in vsc8584_macsec_flow_context_id() argument
497 if (flow->bank == MACSEC_INGR) in vsc8584_macsec_flow_context_id()
498 return flow->index + MSCC_MS_MAX_FLOWS; in vsc8584_macsec_flow_context_id()
500 return flow->index; in vsc8584_macsec_flow_context_id()
521 struct macsec_flow *flow) in vsc8584_macsec_transformation() argument
523 struct vsc8531_private *priv = phydev->priv; in vsc8584_macsec_transformation()
524 enum macsec_bank bank = flow->bank; in vsc8584_macsec_transformation()
525 int i, ret, index = flow->index; in vsc8584_macsec_transformation()
526 u32 rec = 0, control = 0; in vsc8584_macsec_transformation() local
530 ret = vsc8584_macsec_derive_key(flow->key, priv->secy->key_len, hkey); in vsc8584_macsec_transformation()
534 switch (priv->secy->key_len) { in vsc8584_macsec_transformation()
536 control |= CONTROL_CRYPTO_ALG(CTRYPTO_ALG_AES_CTR_128); in vsc8584_macsec_transformation()
539 control |= CONTROL_CRYPTO_ALG(CTRYPTO_ALG_AES_CTR_256); in vsc8584_macsec_transformation()
542 return -EINVAL; in vsc8584_macsec_transformation()
545 control |= (bank == MACSEC_EGR) ? in vsc8584_macsec_transformation()
546 (CONTROL_TYPE_EGRESS | CONTROL_AN(priv->secy->tx_sc.encoding_sa)) : in vsc8584_macsec_transformation()
549 control |= CONTROL_UPDATE_SEQ | CONTROL_ENCRYPT_AUTH | CONTROL_KEY_IN_CTX | in vsc8584_macsec_transformation()
554 /* Set the control word */ in vsc8584_macsec_transformation()
556 control); in vsc8584_macsec_transformation()
560 vsc8584_macsec_flow_context_id(flow)); in vsc8584_macsec_transformation()
563 for (i = 0; i < priv->secy->key_len / sizeof(u32); i++) in vsc8584_macsec_transformation()
566 ((u32 *)flow->key)[i]); in vsc8584_macsec_transformation()
577 flow->rx_sa->next_pn : flow->tx_sa->next_pn); in vsc8584_macsec_transformation()
583 priv->secy->replay_window); in vsc8584_macsec_transformation()
586 sci = (__force u64)(bank == MACSEC_INGR ? flow->rx_sa->sc->sci : priv->secy->sci); in vsc8584_macsec_transformation()
596 flow->has_transformation = true; in vsc8584_macsec_transformation()
604 &priv->ingr_flows : &priv->egr_flows; in vsc8584_macsec_alloc_flow()
605 struct macsec_flow *flow; in vsc8584_macsec_alloc_flow() local
611 return ERR_PTR(-ENOMEM); in vsc8584_macsec_alloc_flow()
613 flow = kzalloc(sizeof(*flow), GFP_KERNEL); in vsc8584_macsec_alloc_flow()
614 if (!flow) in vsc8584_macsec_alloc_flow()
615 return ERR_PTR(-ENOMEM); in vsc8584_macsec_alloc_flow()
618 flow->index = index; in vsc8584_macsec_alloc_flow()
619 flow->bank = bank; in vsc8584_macsec_alloc_flow()
620 flow->priority = 8; in vsc8584_macsec_alloc_flow()
621 flow->assoc_num = -1; in vsc8584_macsec_alloc_flow()
623 list_add_tail(&flow->list, &priv->macsec_flows); in vsc8584_macsec_alloc_flow()
624 return flow; in vsc8584_macsec_alloc_flow()
628 struct macsec_flow *flow) in vsc8584_macsec_free_flow() argument
630 unsigned long *bitmap = flow->bank == MACSEC_INGR ? in vsc8584_macsec_free_flow()
631 &priv->ingr_flows : &priv->egr_flows; in vsc8584_macsec_free_flow()
633 list_del(&flow->list); in vsc8584_macsec_free_flow()
634 clear_bit(flow->index, bitmap); in vsc8584_macsec_free_flow()
635 memzero_explicit(flow->key, sizeof(flow->key)); in vsc8584_macsec_free_flow()
636 kfree(flow); in vsc8584_macsec_free_flow()
640 struct macsec_flow *flow, bool update) in vsc8584_macsec_add_flow() argument
644 flow->port = MSCC_MS_PORT_CONTROLLED; in vsc8584_macsec_add_flow()
645 vsc8584_macsec_flow(phydev, flow); in vsc8584_macsec_add_flow()
650 ret = vsc8584_macsec_transformation(phydev, flow); in vsc8584_macsec_add_flow()
652 vsc8584_macsec_free_flow(phydev->priv, flow); in vsc8584_macsec_add_flow()
661 struct macsec_flow *flow; in vsc8584_macsec_default_flows() local
664 flow = vsc8584_macsec_alloc_flow(phydev->priv, MACSEC_INGR); in vsc8584_macsec_default_flows()
665 if (IS_ERR(flow)) in vsc8584_macsec_default_flows()
666 return PTR_ERR(flow); in vsc8584_macsec_default_flows()
668 flow->priority = 15; in vsc8584_macsec_default_flows()
669 flow->port = MSCC_MS_PORT_UNCONTROLLED; in vsc8584_macsec_default_flows()
670 flow->match.tagged = 1; in vsc8584_macsec_default_flows()
671 flow->match.untagged = 1; in vsc8584_macsec_default_flows()
672 flow->match.etype = 1; in vsc8584_macsec_default_flows()
673 flow->etype = ETH_P_PAE; in vsc8584_macsec_default_flows()
674 flow->action.bypass = 1; in vsc8584_macsec_default_flows()
676 vsc8584_macsec_flow(phydev, flow); in vsc8584_macsec_default_flows()
677 vsc8584_macsec_flow_enable(phydev, flow); in vsc8584_macsec_default_flows()
680 flow = vsc8584_macsec_alloc_flow(phydev->priv, MACSEC_EGR); in vsc8584_macsec_default_flows()
681 if (IS_ERR(flow)) in vsc8584_macsec_default_flows()
682 return PTR_ERR(flow); in vsc8584_macsec_default_flows()
684 flow->priority = 15; in vsc8584_macsec_default_flows()
685 flow->port = MSCC_MS_PORT_COMMON; in vsc8584_macsec_default_flows()
686 flow->match.untagged = 1; in vsc8584_macsec_default_flows()
687 flow->match.etype = 1; in vsc8584_macsec_default_flows()
688 flow->etype = ETH_P_PAE; in vsc8584_macsec_default_flows()
689 flow->action.bypass = 1; in vsc8584_macsec_default_flows()
691 vsc8584_macsec_flow(phydev, flow); in vsc8584_macsec_default_flows()
692 vsc8584_macsec_flow_enable(phydev, flow); in vsc8584_macsec_default_flows()
698 struct macsec_flow *flow) in vsc8584_macsec_del_flow() argument
700 vsc8584_macsec_flow_disable(phydev, flow); in vsc8584_macsec_del_flow()
701 vsc8584_macsec_free_flow(phydev->priv, flow); in vsc8584_macsec_del_flow()
705 struct macsec_flow *flow, bool update) in __vsc8584_macsec_add_rxsa() argument
707 struct phy_device *phydev = ctx->phydev; in __vsc8584_macsec_add_rxsa()
708 struct vsc8531_private *priv = phydev->priv; in __vsc8584_macsec_add_rxsa()
710 flow->assoc_num = ctx->sa.assoc_num; in __vsc8584_macsec_add_rxsa()
711 flow->rx_sa = ctx->sa.rx_sa; in __vsc8584_macsec_add_rxsa()
714 flow->match.tagged = 1; in __vsc8584_macsec_add_rxsa()
715 flow->match.sci = 1; in __vsc8584_macsec_add_rxsa()
717 if (priv->secy->validate_frames != MACSEC_VALIDATE_DISABLED) in __vsc8584_macsec_add_rxsa()
718 flow->match.untagged = 1; in __vsc8584_macsec_add_rxsa()
720 return vsc8584_macsec_add_flow(phydev, flow, update); in __vsc8584_macsec_add_rxsa()
724 struct macsec_flow *flow, bool update) in __vsc8584_macsec_add_txsa() argument
726 flow->assoc_num = ctx->sa.assoc_num; in __vsc8584_macsec_add_txsa()
727 flow->tx_sa = ctx->sa.tx_sa; in __vsc8584_macsec_add_txsa()
730 flow->match.untagged = 1; in __vsc8584_macsec_add_txsa()
732 return vsc8584_macsec_add_flow(ctx->phydev, flow, update); in __vsc8584_macsec_add_txsa()
737 struct vsc8531_private *priv = ctx->phydev->priv; in vsc8584_macsec_dev_open()
738 struct macsec_flow *flow, *tmp; in vsc8584_macsec_dev_open() local
740 list_for_each_entry_safe(flow, tmp, &priv->macsec_flows, list) in vsc8584_macsec_dev_open()
741 vsc8584_macsec_flow_enable(ctx->phydev, flow); in vsc8584_macsec_dev_open()
748 struct vsc8531_private *priv = ctx->phydev->priv; in vsc8584_macsec_dev_stop()
749 struct macsec_flow *flow, *tmp; in vsc8584_macsec_dev_stop() local
751 list_for_each_entry_safe(flow, tmp, &priv->macsec_flows, list) in vsc8584_macsec_dev_stop()
752 vsc8584_macsec_flow_disable(ctx->phydev, flow); in vsc8584_macsec_dev_stop()
759 struct vsc8531_private *priv = ctx->phydev->priv; in vsc8584_macsec_add_secy()
760 struct macsec_secy *secy = ctx->secy; in vsc8584_macsec_add_secy()
762 if (priv->secy) in vsc8584_macsec_add_secy()
763 return -EEXIST; in vsc8584_macsec_add_secy()
765 priv->secy = secy; in vsc8584_macsec_add_secy()
767 vsc8584_macsec_flow_default_action(ctx->phydev, MACSEC_EGR, in vsc8584_macsec_add_secy()
768 secy->validate_frames != MACSEC_VALIDATE_DISABLED); in vsc8584_macsec_add_secy()
769 vsc8584_macsec_flow_default_action(ctx->phydev, MACSEC_INGR, in vsc8584_macsec_add_secy()
770 secy->validate_frames != MACSEC_VALIDATE_DISABLED); in vsc8584_macsec_add_secy()
772 return vsc8584_macsec_default_flows(ctx->phydev); in vsc8584_macsec_add_secy()
777 struct vsc8531_private *priv = ctx->phydev->priv; in vsc8584_macsec_del_secy()
778 struct macsec_flow *flow, *tmp; in vsc8584_macsec_del_secy() local
780 list_for_each_entry_safe(flow, tmp, &priv->macsec_flows, list) in vsc8584_macsec_del_secy()
781 vsc8584_macsec_del_flow(ctx->phydev, flow); in vsc8584_macsec_del_secy()
783 vsc8584_macsec_flow_default_action(ctx->phydev, MACSEC_EGR, false); in vsc8584_macsec_del_secy()
784 vsc8584_macsec_flow_default_action(ctx->phydev, MACSEC_INGR, false); in vsc8584_macsec_del_secy()
786 priv->secy = NULL; in vsc8584_macsec_del_secy()
804 return -EOPNOTSUPP; in vsc8584_macsec_upd_rxsc()
809 struct vsc8531_private *priv = ctx->phydev->priv; in vsc8584_macsec_del_rxsc()
810 struct macsec_flow *flow, *tmp; in vsc8584_macsec_del_rxsc() local
812 list_for_each_entry_safe(flow, tmp, &priv->macsec_flows, list) { in vsc8584_macsec_del_rxsc()
813 if (flow->bank == MACSEC_INGR && flow->rx_sa && in vsc8584_macsec_del_rxsc()
814 flow->rx_sa->sc->sci == ctx->rx_sc->sci) in vsc8584_macsec_del_rxsc()
815 vsc8584_macsec_del_flow(ctx->phydev, flow); in vsc8584_macsec_del_rxsc()
823 struct phy_device *phydev = ctx->phydev; in vsc8584_macsec_add_rxsa()
824 struct vsc8531_private *priv = phydev->priv; in vsc8584_macsec_add_rxsa()
825 struct macsec_flow *flow; in vsc8584_macsec_add_rxsa() local
828 flow = vsc8584_macsec_alloc_flow(priv, MACSEC_INGR); in vsc8584_macsec_add_rxsa()
829 if (IS_ERR(flow)) in vsc8584_macsec_add_rxsa()
830 return PTR_ERR(flow); in vsc8584_macsec_add_rxsa()
832 memcpy(flow->key, ctx->sa.key, priv->secy->key_len); in vsc8584_macsec_add_rxsa()
834 ret = __vsc8584_macsec_add_rxsa(ctx, flow, false); in vsc8584_macsec_add_rxsa()
838 vsc8584_macsec_flow_enable(phydev, flow); in vsc8584_macsec_add_rxsa()
844 struct macsec_flow *flow; in vsc8584_macsec_upd_rxsa() local
847 flow = vsc8584_macsec_find_flow(ctx, MACSEC_INGR); in vsc8584_macsec_upd_rxsa()
848 if (IS_ERR(flow)) in vsc8584_macsec_upd_rxsa()
849 return PTR_ERR(flow); in vsc8584_macsec_upd_rxsa()
851 /* Make sure the flow is disabled before updating it */ in vsc8584_macsec_upd_rxsa()
852 vsc8584_macsec_flow_disable(ctx->phydev, flow); in vsc8584_macsec_upd_rxsa()
854 ret = __vsc8584_macsec_add_rxsa(ctx, flow, true); in vsc8584_macsec_upd_rxsa()
858 vsc8584_macsec_flow_enable(ctx->phydev, flow); in vsc8584_macsec_upd_rxsa()
864 struct macsec_flow *flow; in vsc8584_macsec_del_rxsa() local
866 flow = vsc8584_macsec_find_flow(ctx, MACSEC_INGR); in vsc8584_macsec_del_rxsa()
867 if (IS_ERR(flow)) in vsc8584_macsec_del_rxsa()
868 return PTR_ERR(flow); in vsc8584_macsec_del_rxsa()
870 vsc8584_macsec_del_flow(ctx->phydev, flow); in vsc8584_macsec_del_rxsa()
876 struct phy_device *phydev = ctx->phydev; in vsc8584_macsec_add_txsa()
877 struct vsc8531_private *priv = phydev->priv; in vsc8584_macsec_add_txsa()
878 struct macsec_flow *flow; in vsc8584_macsec_add_txsa() local
881 flow = vsc8584_macsec_alloc_flow(priv, MACSEC_EGR); in vsc8584_macsec_add_txsa()
882 if (IS_ERR(flow)) in vsc8584_macsec_add_txsa()
883 return PTR_ERR(flow); in vsc8584_macsec_add_txsa()
885 memcpy(flow->key, ctx->sa.key, priv->secy->key_len); in vsc8584_macsec_add_txsa()
887 ret = __vsc8584_macsec_add_txsa(ctx, flow, false); in vsc8584_macsec_add_txsa()
891 vsc8584_macsec_flow_enable(phydev, flow); in vsc8584_macsec_add_txsa()
897 struct macsec_flow *flow; in vsc8584_macsec_upd_txsa() local
900 flow = vsc8584_macsec_find_flow(ctx, MACSEC_EGR); in vsc8584_macsec_upd_txsa()
901 if (IS_ERR(flow)) in vsc8584_macsec_upd_txsa()
902 return PTR_ERR(flow); in vsc8584_macsec_upd_txsa()
904 /* Make sure the flow is disabled before updating it */ in vsc8584_macsec_upd_txsa()
905 vsc8584_macsec_flow_disable(ctx->phydev, flow); in vsc8584_macsec_upd_txsa()
907 ret = __vsc8584_macsec_add_txsa(ctx, flow, true); in vsc8584_macsec_upd_txsa()
911 vsc8584_macsec_flow_enable(ctx->phydev, flow); in vsc8584_macsec_upd_txsa()
917 struct macsec_flow *flow; in vsc8584_macsec_del_txsa() local
919 flow = vsc8584_macsec_find_flow(ctx, MACSEC_EGR); in vsc8584_macsec_del_txsa()
920 if (IS_ERR(flow)) in vsc8584_macsec_del_txsa()
921 return PTR_ERR(flow); in vsc8584_macsec_del_txsa()
923 vsc8584_macsec_del_flow(ctx->phydev, flow); in vsc8584_macsec_del_txsa()
946 struct vsc8531_private *vsc8531 = phydev->priv; in vsc8584_macsec_init()
948 switch (phydev->phy_id & phydev->drv->phy_id_mask) { in vsc8584_macsec_init()
952 INIT_LIST_HEAD(&vsc8531->macsec_flows); in vsc8584_macsec_init()
953 vsc8531->secy = NULL; in vsc8584_macsec_init()
955 phydev->macsec_ops = &vsc8584_macsec_ops; in vsc8584_macsec_init()
965 struct vsc8531_private *priv = phydev->priv; in vsc8584_handle_macsec_interrupt()
966 struct macsec_flow *flow, *tmp; in vsc8584_handle_macsec_interrupt() local
976 rec = 6 + priv->secy->key_len / sizeof(u32); in vsc8584_handle_macsec_interrupt()
977 list_for_each_entry_safe(flow, tmp, &priv->macsec_flows, list) { in vsc8584_handle_macsec_interrupt()
980 if (flow->bank != MACSEC_EGR || !flow->has_transformation) in vsc8584_handle_macsec_interrupt()
984 MSCC_MS_XFORM_REC(flow->index, rec)); in vsc8584_handle_macsec_interrupt()
986 vsc8584_macsec_flow_disable(phydev, flow); in vsc8584_handle_macsec_interrupt()
987 macsec_pn_wrapped(priv->secy, flow->tx_sa); in vsc8584_handle_macsec_interrupt()