drivers/crypto: return error for not supported SA lifetime

[dpdk.git] / drivers / crypto / dpaa_sec / dpaa_sec.c

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index d6c1013..a552e64 100644 (file)
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2017-2019 NXP
+ *   Copyright 2017-2021 NXP
  *
  */
 
@@ -45,10 +45,7 @@
 #include <dpaa_sec_log.h>
 #include <dpaax_iova_table.h>
 
-static uint8_t cryptodev_driver_id;
-
-static int
-dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess);
+uint8_t dpaa_cryptodev_driver_id;
 
 static inline void
 dpaa_sec_op_ending(struct dpaa_sec_op_ctx *ctx)
@@ -263,14 +260,31 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
                p_authdata = &authdata;
        }
 
-       if (rta_inline_pdcp_query(authdata.algtype,
-                               cipherdata.algtype,
-                               ses->pdcp.sn_size,
-                               ses->pdcp.hfn_ovd)) {
-               cipherdata.key =
-                       (size_t)rte_dpaa_mem_vtop((void *)
-                                       (size_t)cipherdata.key);
-               cipherdata.key_type = RTA_DATA_PTR;
+       if (ses->pdcp.sdap_enabled) {
+               int nb_keys_to_inline =
+                               rta_inline_pdcp_sdap_query(authdata.algtype,
+                                       cipherdata.algtype,
+                                       ses->pdcp.sn_size,
+                                       ses->pdcp.hfn_ovd);
+               if (nb_keys_to_inline >= 1) {
+                       cipherdata.key = (size_t)rte_dpaa_mem_vtop((void *)
+                                               (size_t)cipherdata.key);
+                       cipherdata.key_type = RTA_DATA_PTR;
+               }
+               if (nb_keys_to_inline >= 2) {
+                       authdata.key = (size_t)rte_dpaa_mem_vtop((void *)
+                                               (size_t)authdata.key);
+                       authdata.key_type = RTA_DATA_PTR;
+               }
+       } else {
+               if (rta_inline_pdcp_query(authdata.algtype,
+                                       cipherdata.algtype,
+                                       ses->pdcp.sn_size,
+                                       ses->pdcp.hfn_ovd)) {
+                       cipherdata.key = (size_t)rte_dpaa_mem_vtop((void *)
+                                               (size_t)cipherdata.key);
+                       cipherdata.key_type = RTA_DATA_PTR;
+               }
        }
 
        if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) {
@@ -294,6 +308,9 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
                                        ses->pdcp.hfn_threshold,
                                        &cipherdata, &authdata,
                                        0);
+       } else if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_SHORT_MAC) {
+               shared_desc_len = cnstr_shdsc_pdcp_short_mac(cdb->sh_desc,
+                                                    1, swap, &authdata);
        } else {
                if (ses->dir == DIR_ENC) {
                        if (ses->pdcp.sdap_enabled)
@@ -1767,8 +1784,8 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                        case RTE_CRYPTO_OP_WITH_SESSION:
                                ses = (dpaa_sec_session *)
                                        get_sym_session_private_data(
-                                                       op->sym->session,
-                                                       cryptodev_driver_id);
+                                               op->sym->session,
+                                               dpaa_cryptodev_driver_id);
                                break;
 #ifdef RTE_LIB_SECURITY
                        case RTE_CRYPTO_OP_SECURITY_SESSION:
@@ -2380,7 +2397,7 @@ dpaa_sec_detach_rxq(struct dpaa_sec_dev_private *qi, struct qman_fq *fq)
        return -1;
 }
 
-static int
+int
 dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess)
 {
        int ret;
@@ -2803,6 +2820,12 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
        session->proto_alg = conf->protocol;
        session->ctxt = DPAA_SEC_IPSEC;
 
+       if (ipsec_xform->life.bytes_hard_limit != 0 ||
+           ipsec_xform->life.bytes_soft_limit != 0 ||
+           ipsec_xform->life.packets_hard_limit != 0 ||
+           ipsec_xform->life.packets_soft_limit != 0)
+               return -ENOTSUP;
+
        if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
                session->dir = DIR_ENC;
        else
@@ -2881,12 +2904,14 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
                        session->encap_pdb.ip_hdr_len =
                                                sizeof(struct rte_ipv6_hdr);
                }
+
                session->encap_pdb.options =
                        (IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
                        PDBOPTS_ESP_OIHI_PDB_INL |
                        PDBOPTS_ESP_IVSRC |
-                       PDBHMO_ESP_ENCAP_DTTL |
                        PDBHMO_ESP_SNR;
+               if (ipsec_xform->options.dec_ttl)
+                       session->encap_pdb.options |= PDBHMO_ESP_ENCAP_DTTL;
                if (ipsec_xform->options.esn)
                        session->encap_pdb.options |= PDBOPTS_ESP_ESN;
                session->encap_pdb.spi = ipsec_xform->spi;
@@ -3196,7 +3221,7 @@ dpaa_sec_dev_infos_get(struct rte_cryptodev *dev,
                info->feature_flags = dev->feature_flags;
                info->capabilities = dpaa_sec_capabilities;
                info->sym.max_nb_sessions = internals->max_nb_sessions;
-               info->driver_id = cryptodev_driver_id;
+               info->driver_id = dpaa_cryptodev_driver_id;
        }
 }
 
@@ -3392,7 +3417,10 @@ static struct rte_cryptodev_ops crypto_ops = {
        .queue_pair_release   = dpaa_sec_queue_pair_release,
        .sym_session_get_size     = dpaa_sec_sym_session_get_size,
        .sym_session_configure    = dpaa_sec_sym_session_configure,
-       .sym_session_clear        = dpaa_sec_sym_session_clear
+       .sym_session_clear        = dpaa_sec_sym_session_clear,
+       /* Raw data-path API related operations */
+       .sym_get_raw_dp_ctx_size = dpaa_sec_get_dp_ctx_size,
+       .sym_configure_raw_dp_ctx = dpaa_sec_configure_raw_dp_ctx,
 };
 
 #ifdef RTE_LIB_SECURITY
@@ -3443,7 +3471,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 
        PMD_INIT_FUNC_TRACE();
 
-       cryptodev->driver_id = cryptodev_driver_id;
+       cryptodev->driver_id = dpaa_cryptodev_driver_id;
        cryptodev->dev_ops = &crypto_ops;
 
        cryptodev->enqueue_burst = dpaa_sec_enqueue_burst;
@@ -3452,6 +3480,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
                        RTE_CRYPTODEV_FF_HW_ACCELERATED |
                        RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
                        RTE_CRYPTODEV_FF_SECURITY |
+                       RTE_CRYPTODEV_FF_SYM_RAW_DP |
                        RTE_CRYPTODEV_FF_IN_PLACE_SGL |
                        RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
                        RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
@@ -3573,8 +3602,10 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
        /* Invoke PMD device initialization function */
        retval = dpaa_sec_dev_init(cryptodev);
-       if (retval == 0)
+       if (retval == 0) {
+               rte_cryptodev_pmd_probing_finish(cryptodev);
                return 0;
+       }
 
        retval = -ENXIO;
 out:
@@ -3617,5 +3648,5 @@ static struct cryptodev_driver dpaa_sec_crypto_drv;
 
 RTE_PMD_REGISTER_DPAA(CRYPTODEV_NAME_DPAA_SEC_PMD, rte_dpaa_sec_driver);
 RTE_PMD_REGISTER_CRYPTO_DRIVER(dpaa_sec_crypto_drv, rte_dpaa_sec_driver.driver,
-               cryptodev_driver_id);
+               dpaa_cryptodev_driver_id);
 RTE_LOG_REGISTER(dpaa_logtype_sec, pmd.crypto.dpaa, NOTICE);