X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcrypto%2Fcaam_jr%2Fcaam_jr.c;h=77fa6ff2d3a8d28d75f4d5f76a64d2905095da05;hb=43e73483a4b80f7a7673ab6656c2159ed768ca07;hp=9652342a64313570241428392f7eb7abb3ee426e;hpb=6ef6beca884493eee227082bd8006d9c7bbfa655;p=dpdk.git diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c index 9652342a64..77fa6ff2d3 100644 --- a/drivers/crypto/caam_jr/caam_jr.c +++ b/drivers/crypto/caam_jr/caam_jr.c @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright 2017-2018 NXP + * Copyright 2017-2019 NXP */ #include @@ -25,18 +25,18 @@ #include /* RTA header files */ -#include -#include -#include -#include - +#include +#include +#include +#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG +#define CAAM_JR_DBG 1 +#else #define CAAM_JR_DBG 0 +#endif #define CRYPTODEV_NAME_CAAM_JR_PMD crypto_caam_jr static uint8_t cryptodev_driver_id; int caam_jr_logtype; -enum rta_sec_era rta_sec_era; - /* Lists the states possible for the SEC user space driver. */ enum sec_driver_state_e { SEC_DRIVER_STATE_IDLE, /* Driver not initialized */ @@ -63,15 +63,13 @@ struct sec_outring_entry { static inline phys_addr_t caam_jr_vtop_ctx(struct caam_jr_op_ctx *ctx, void *vaddr) { - PMD_INIT_FUNC_TRACE(); return (size_t)vaddr - ctx->vtop_offset; } static inline void caam_jr_op_ending(struct caam_jr_op_ctx *ctx) { - PMD_INIT_FUNC_TRACE(); - /* report op status to sym->op and then free the ctx memeory */ + /* report op status to sym->op and then free the ctx memory */ rte_mempool_put(ctx->ctx_pool, (void *)ctx); } @@ -81,7 +79,6 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses) struct caam_jr_op_ctx *ctx; int ret; - PMD_INIT_FUNC_TRACE(); ret = rte_mempool_get(ses->ctx_pool, (void **)(&ctx)); if (!ctx || ret) { CAAM_JR_DP_WARN("Alloc sec descriptor failed!"); @@ -104,10 +101,61 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses) return ctx; } +static +void caam_jr_stats_get(struct rte_cryptodev *dev, + struct rte_cryptodev_stats *stats) +{ + struct caam_jr_qp **qp = (struct caam_jr_qp **) + dev->data->queue_pairs; + int i; + + PMD_INIT_FUNC_TRACE(); + if (stats == NULL) { + CAAM_JR_ERR("Invalid stats ptr NULL"); + return; + } + for (i = 0; i < dev->data->nb_queue_pairs; i++) { + if (qp[i] == NULL) { + CAAM_JR_WARN("Uninitialised queue pair"); + continue; + } + + stats->enqueued_count += qp[i]->tx_pkts; + stats->dequeued_count += qp[i]->rx_pkts; + stats->enqueue_err_count += qp[i]->tx_errs; + stats->dequeue_err_count += qp[i]->rx_errs; + CAAM_JR_INFO("extra stats:\n\tRX Poll ERR = %" PRIu64 + "\n\tTX Ring Full = %" PRIu64, + qp[i]->rx_poll_err, + qp[i]->tx_ring_full); + } +} + +static +void caam_jr_stats_reset(struct rte_cryptodev *dev) +{ + int i; + struct caam_jr_qp **qp = (struct caam_jr_qp **) + (dev->data->queue_pairs); + + PMD_INIT_FUNC_TRACE(); + for (i = 0; i < dev->data->nb_queue_pairs; i++) { + if (qp[i] == NULL) { + CAAM_JR_WARN("Uninitialised queue pair"); + continue; + } + qp[i]->rx_pkts = 0; + qp[i]->rx_errs = 0; + qp[i]->rx_poll_err = 0; + qp[i]->tx_pkts = 0; + qp[i]->tx_errs = 0; + qp[i]->tx_ring_full = 0; + } +} + static inline int is_cipher_only(struct caam_jr_session *ses) { - PMD_INIT_FUNC_TRACE(); return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) && (ses->auth_alg == RTE_CRYPTO_AUTH_NULL)); } @@ -115,7 +163,6 @@ is_cipher_only(struct caam_jr_session *ses) static inline int is_auth_only(struct caam_jr_session *ses) { - PMD_INIT_FUNC_TRACE(); return ((ses->cipher_alg == RTE_CRYPTO_CIPHER_NULL) && (ses->auth_alg != RTE_CRYPTO_AUTH_NULL)); } @@ -123,7 +170,6 @@ is_auth_only(struct caam_jr_session *ses) static inline int is_aead(struct caam_jr_session *ses) { - PMD_INIT_FUNC_TRACE(); return ((ses->cipher_alg == 0) && (ses->auth_alg == 0) && (ses->aead_alg != 0)); @@ -132,55 +178,70 @@ is_aead(struct caam_jr_session *ses) static inline int is_auth_cipher(struct caam_jr_session *ses) { - PMD_INIT_FUNC_TRACE(); return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) && - (ses->auth_alg != RTE_CRYPTO_AUTH_NULL)); + (ses->auth_alg != RTE_CRYPTO_AUTH_NULL) && + (ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC)); +} + +static inline int +is_proto_ipsec(struct caam_jr_session *ses) +{ + return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC); } static inline int is_encode(struct caam_jr_session *ses) { - PMD_INIT_FUNC_TRACE(); return ses->dir == DIR_ENC; } static inline int is_decode(struct caam_jr_session *ses) { - PMD_INIT_FUNC_TRACE(); return ses->dir == DIR_DEC; } static inline void caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a) { - PMD_INIT_FUNC_TRACE(); switch (ses->auth_alg) { case RTE_CRYPTO_AUTH_NULL: ses->digest_length = 0; break; case RTE_CRYPTO_AUTH_MD5_HMAC: - alginfo_a->algtype = OP_ALG_ALGSEL_MD5; + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_MD5_96 : OP_ALG_ALGSEL_MD5; alginfo_a->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA1_HMAC: - alginfo_a->algtype = OP_ALG_ALGSEL_SHA1; + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_SHA1_96 : OP_ALG_ALGSEL_SHA1; alginfo_a->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA224_HMAC: - alginfo_a->algtype = OP_ALG_ALGSEL_SHA224; + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_SHA1_160 : OP_ALG_ALGSEL_SHA224; alginfo_a->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA256_HMAC: - alginfo_a->algtype = OP_ALG_ALGSEL_SHA256; + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_SHA2_256_128 : OP_ALG_ALGSEL_SHA256; alginfo_a->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA384_HMAC: - alginfo_a->algtype = OP_ALG_ALGSEL_SHA384; + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_SHA2_384_192 : OP_ALG_ALGSEL_SHA384; alginfo_a->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA512_HMAC: - alginfo_a->algtype = OP_ALG_ALGSEL_SHA512; + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_SHA2_512_256 : OP_ALG_ALGSEL_SHA512; alginfo_a->algmode = OP_ALG_AAI_HMAC; break; default: @@ -191,20 +252,25 @@ caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a) static inline void caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c) { - PMD_INIT_FUNC_TRACE(); switch (ses->cipher_alg) { case RTE_CRYPTO_CIPHER_NULL: break; case RTE_CRYPTO_CIPHER_AES_CBC: - alginfo_c->algtype = OP_ALG_ALGSEL_AES; + alginfo_c->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_AES_CBC : OP_ALG_ALGSEL_AES; alginfo_c->algmode = OP_ALG_AAI_CBC; break; case RTE_CRYPTO_CIPHER_3DES_CBC: - alginfo_c->algtype = OP_ALG_ALGSEL_3DES; + alginfo_c->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_3DES : OP_ALG_ALGSEL_3DES; alginfo_c->algmode = OP_ALG_AAI_CBC; break; case RTE_CRYPTO_CIPHER_AES_CTR: - alginfo_c->algtype = OP_ALG_ALGSEL_AES; + alginfo_c->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_AES_CTR : OP_ALG_ALGSEL_AES; alginfo_c->algmode = OP_ALG_AAI_CTR; break; default: @@ -215,7 +281,6 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c) static inline void caam_aead_alg(struct caam_jr_session *ses, struct alginfo *alginfo) { - PMD_INIT_FUNC_TRACE(); switch (ses->aead_alg) { case RTE_CRYPTO_AEAD_AES_GCM: alginfo->algtype = OP_ALG_ALGSEL_AES; @@ -234,13 +299,12 @@ caam_jr_prep_cdb(struct caam_jr_session *ses) int32_t shared_desc_len = 0; struct sec_cdb *cdb; int err; -#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN +#if CAAM_BYTE_ORDER == CORE_BYTE_ORDER int swap = false; #else int swap = true; #endif - PMD_INIT_FUNC_TRACE(); if (ses->cdb) caam_jr_dma_free(ses->cdb); @@ -269,8 +333,7 @@ caam_jr_prep_cdb(struct caam_jr_session *ses) shared_desc_len = cnstr_shdsc_blkcipher( cdb->sh_desc, true, - swap, &alginfo_c, - NULL, + swap, SHR_NEVER, &alginfo_c, ses->iv.length, ses->dir); } else if (is_auth_only(ses)) { @@ -287,7 +350,7 @@ caam_jr_prep_cdb(struct caam_jr_session *ses) alginfo_a.key_type = RTA_DATA_IMM; shared_desc_len = cnstr_shdsc_hmac(cdb->sh_desc, true, - swap, &alginfo_a, + swap, SHR_NEVER, &alginfo_a, !ses->dir, ses->digest_length); } else if (is_aead(ses)) { @@ -305,13 +368,13 @@ caam_jr_prep_cdb(struct caam_jr_session *ses) if (ses->dir == DIR_ENC) shared_desc_len = cnstr_shdsc_gcm_encap( cdb->sh_desc, true, swap, - &alginfo, + SHR_NEVER, &alginfo, ses->iv.length, ses->digest_length); else shared_desc_len = cnstr_shdsc_gcm_decap( cdb->sh_desc, true, swap, - &alginfo, + SHR_NEVER, &alginfo, ses->iv.length, ses->digest_length); } else { @@ -368,13 +431,29 @@ caam_jr_prep_cdb(struct caam_jr_session *ses) cdb->sh_desc[0] = 0; cdb->sh_desc[1] = 0; cdb->sh_desc[2] = 0; - /* Auth_only_len is set as 0 here and it will be - * overwritten in fd for each packet. - */ + if (is_proto_ipsec(ses)) { + if (ses->dir == DIR_ENC) { + shared_desc_len = cnstr_shdsc_ipsec_new_encap( + cdb->sh_desc, + true, swap, SHR_SERIAL, + &ses->encap_pdb, + (uint8_t *)&ses->ip4_hdr, + &alginfo_c, &alginfo_a); + } else if (ses->dir == DIR_DEC) { + shared_desc_len = cnstr_shdsc_ipsec_new_decap( + cdb->sh_desc, + true, swap, SHR_SERIAL, + &ses->decap_pdb, + &alginfo_c, &alginfo_a); + } + } else { + /* Auth_only_len is overwritten in fd for each job */ shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc, - true, swap, &alginfo_c, &alginfo_a, - ses->iv.length, 0, + true, swap, SHR_SERIAL, + &alginfo_c, &alginfo_a, + ses->iv.length, ses->digest_length, ses->dir); + } } if (shared_desc_len < 0) { @@ -410,7 +489,6 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring, int32_t jobs_no_to_discard = 0; int32_t discarded_descs_no = 0; - PMD_INIT_FUNC_TRACE(); CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]", job_ring, job_ring->pidx, job_ring->cidx, do_notify); @@ -464,7 +542,6 @@ hw_poll_job_ring(struct sec_job_ring_t *job_ring, phys_addr_t *temp_addr; struct caam_jr_op_ctx *ctx; - PMD_INIT_FUNC_TRACE(); /* TODO check for ops have memory*/ /* check here if any JR error that cannot be written * in the output status word has occurred @@ -587,7 +664,6 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops, int num_rx; int ret; - PMD_INIT_FUNC_TRACE(); CAAM_JR_DP_DEBUG("Jr[%p]Polling. limit[%d]", ring, nb_ops); /* Poll job ring @@ -623,6 +699,100 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops, return num_rx; } +/** + * packet looks like: + * |<----data_len------->| + * |ip_header|ah_header|icv|payload| + * ^ + * | + * mbuf->pkt.data + */ +static inline struct caam_jr_op_ctx * +build_auth_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses) +{ + struct rte_crypto_sym_op *sym = op->sym; + struct rte_mbuf *mbuf = sym->m_src; + struct caam_jr_op_ctx *ctx; + struct sec4_sg_entry *sg; + int length; + struct sec_cdb *cdb; + uint64_t sdesc_offset; + struct sec_job_descriptor_t *jobdescr; + uint8_t extra_segs; + + if (is_decode(ses)) + extra_segs = 2; + else + extra_segs = 1; + + if ((mbuf->nb_segs + extra_segs) > MAX_SG_ENTRIES) { + CAAM_JR_DP_ERR("Auth: Max sec segs supported is %d", + MAX_SG_ENTRIES); + return NULL; + } + + ctx = caam_jr_alloc_ctx(ses); + if (!ctx) + return NULL; + + ctx->op = op; + + cdb = ses->cdb; + sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb); + + jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc; + + SEC_JD_INIT(jobdescr); + SEC_JD_SET_SD(jobdescr, + (phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset, + cdb->sh_hdr.hi.field.idlen); + + /* output */ + SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr, + 0, ses->digest_length); + + /*input */ + sg = &ctx->sg[0]; + length = sym->auth.data.length; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + sym->auth.data.offset); + sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset); + + /* Successive segs */ + mbuf = mbuf->next; + while (mbuf) { + sg++; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)); + sg->len = cpu_to_caam32(mbuf->data_len); + mbuf = mbuf->next; + } + + if (is_decode(ses)) { + /* digest verification case */ + sg++; + /* hash result or digest, save digest first */ + rte_memcpy(ctx->digest, sym->auth.digest.data, + ses->digest_length); +#if CAAM_JR_DBG + rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length); +#endif + sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest)); + sg->len = cpu_to_caam32(ses->digest_length); + length += ses->digest_length; + } else { + sg->len -= ses->digest_length; + } + + /* last element*/ + sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN); + + SEC_JD_SET_IN_PTR(jobdescr, + (uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, length); + /* enabling sg list */ + (jobdescr)->seq_in.command.word |= 0x01000000; + + return ctx; +} + static inline struct caam_jr_op_ctx * build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses) { @@ -634,7 +804,6 @@ build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses) uint64_t sdesc_offset; struct sec_job_descriptor_t *jobdescr; - PMD_INIT_FUNC_TRACE(); ctx = caam_jr_alloc_ctx(ses); if (!ctx) return NULL; @@ -688,6 +857,122 @@ build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses) return ctx; } +static inline struct caam_jr_op_ctx * +build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses) +{ + struct rte_crypto_sym_op *sym = op->sym; + struct rte_mbuf *mbuf = sym->m_src; + struct caam_jr_op_ctx *ctx; + struct sec4_sg_entry *sg, *in_sg; + int length; + struct sec_cdb *cdb; + uint64_t sdesc_offset; + uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, + ses->iv.offset); + struct sec_job_descriptor_t *jobdescr; + uint8_t reg_segs; + + if (sym->m_dst) { + mbuf = sym->m_dst; + reg_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2; + } else { + mbuf = sym->m_src; + reg_segs = mbuf->nb_segs * 2 + 2; + } + + if (reg_segs > MAX_SG_ENTRIES) { + CAAM_JR_DP_ERR("Cipher: Max sec segs supported is %d", + MAX_SG_ENTRIES); + return NULL; + } + + ctx = caam_jr_alloc_ctx(ses); + if (!ctx) + return NULL; + + ctx->op = op; + cdb = ses->cdb; + sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb); + + jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc; + + SEC_JD_INIT(jobdescr); + SEC_JD_SET_SD(jobdescr, + (phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset, + cdb->sh_hdr.hi.field.idlen); + +#if CAAM_JR_DBG + CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d", + sym->m_src->data_off, sym->cipher.data.offset, + sym->cipher.data.length, ses->iv.length); +#endif + /* output */ + if (sym->m_dst) + mbuf = sym->m_dst; + else + mbuf = sym->m_src; + + sg = &ctx->sg[0]; + length = sym->cipher.data.length; + + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + + sym->cipher.data.offset); + sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset); + + /* Successive segs */ + mbuf = mbuf->next; + while (mbuf) { + sg++; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)); + sg->len = cpu_to_caam32(mbuf->data_len); + mbuf = mbuf->next; + } + /* last element*/ + sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN); + + SEC_JD_SET_OUT_PTR(jobdescr, + (uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, + length); + /*enabling sg bit */ + (jobdescr)->seq_out.command.word |= 0x01000000; + + /*input */ + sg++; + mbuf = sym->m_src; + in_sg = sg; + + length = sym->cipher.data.length + ses->iv.length; + + /* IV */ + sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr)); + sg->len = cpu_to_caam32(ses->iv.length); + + /* 1st seg */ + sg++; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + + sym->cipher.data.offset); + sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset); + + /* Successive segs */ + mbuf = mbuf->next; + while (mbuf) { + sg++; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)); + sg->len = cpu_to_caam32(mbuf->data_len); + mbuf = mbuf->next; + } + /* last element*/ + sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN); + + + SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, in_sg), 0, + length); + /*enabling sg bit */ + (jobdescr)->seq_in.command.word |= 0x01000000; + + return ctx; +} + static inline struct caam_jr_op_ctx * build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses) { @@ -701,7 +986,6 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses) ses->iv.offset); struct sec_job_descriptor_t *jobdescr; - PMD_INIT_FUNC_TRACE(); ctx = caam_jr_alloc_ctx(ses); if (!ctx) return NULL; @@ -752,6 +1036,161 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses) return ctx; } +/* For decapsulation: + * Input: + * +----+----------------+--------------------------------+-----+ + * | IV | Auth-only data | Authenticated & Encrypted data | ICV | + * +----+----------------+--------------------------------+-----+ + * Output: + * +----+--------------------------+ + * | Decrypted & authenticated data | + * +----+--------------------------+ + */ + +static inline struct caam_jr_op_ctx * +build_cipher_auth_sg(struct rte_crypto_op *op, struct caam_jr_session *ses) +{ + struct rte_crypto_sym_op *sym = op->sym; + struct caam_jr_op_ctx *ctx; + struct sec4_sg_entry *sg, *out_sg, *in_sg; + struct rte_mbuf *mbuf; + uint32_t length = 0; + struct sec_cdb *cdb; + uint64_t sdesc_offset; + uint8_t req_segs; + uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, + ses->iv.offset); + struct sec_job_descriptor_t *jobdescr; + uint16_t auth_hdr_len = sym->cipher.data.offset - + sym->auth.data.offset; + uint16_t auth_tail_len = sym->auth.data.length - + sym->cipher.data.length - auth_hdr_len; + uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len; + + if (sym->m_dst) { + mbuf = sym->m_dst; + req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 3; + } else { + mbuf = sym->m_src; + req_segs = mbuf->nb_segs * 2 + 3; + } + + if (req_segs > MAX_SG_ENTRIES) { + CAAM_JR_DP_ERR("Cipher-Auth: Max sec segs supported is %d", + MAX_SG_ENTRIES); + return NULL; + } + + ctx = caam_jr_alloc_ctx(ses); + if (!ctx) + return NULL; + + ctx->op = op; + cdb = ses->cdb; + sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb); + + jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc; + + SEC_JD_INIT(jobdescr); + SEC_JD_SET_SD(jobdescr, + (phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset, + cdb->sh_hdr.hi.field.idlen); + + /* output */ + if (sym->m_dst) + mbuf = sym->m_dst; + else + mbuf = sym->m_src; + + out_sg = &ctx->sg[0]; + if (is_encode(ses)) + length = sym->auth.data.length + ses->digest_length; + else + length = sym->auth.data.length; + + sg = &ctx->sg[0]; + + /* 1st seg */ + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + + sym->auth.data.offset); + sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset); + + /* Successive segs */ + mbuf = mbuf->next; + while (mbuf) { + sg++; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)); + sg->len = cpu_to_caam32(mbuf->data_len); + mbuf = mbuf->next; + } + + if (is_encode(ses)) { + /* set auth output */ + sg++; + sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr); + sg->len = cpu_to_caam32(ses->digest_length); + } + /* last element*/ + sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN); + + SEC_JD_SET_OUT_PTR(jobdescr, + (uint64_t)caam_jr_dma_vtop(out_sg), 0, length); + /* set sg bit */ + (jobdescr)->seq_out.command.word |= 0x01000000; + + /* input */ + sg++; + mbuf = sym->m_src; + in_sg = sg; + if (is_encode(ses)) + length = ses->iv.length + sym->auth.data.length; + else + length = ses->iv.length + sym->auth.data.length + + ses->digest_length; + + sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr)); + sg->len = cpu_to_caam32(ses->iv.length); + + sg++; + /* 1st seg */ + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + + sym->auth.data.offset); + sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset); + + /* Successive segs */ + mbuf = mbuf->next; + while (mbuf) { + sg++; + sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)); + sg->len = cpu_to_caam32(mbuf->data_len); + mbuf = mbuf->next; + } + + if (is_decode(ses)) { + sg++; + rte_memcpy(ctx->digest, sym->auth.digest.data, + ses->digest_length); + sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest)); + sg->len = cpu_to_caam32(ses->digest_length); + } + /* last element*/ + sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN); + + SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(in_sg), 0, + length); + /* set sg bit */ + (jobdescr)->seq_in.command.word |= 0x01000000; + /* Auth_only_len is set as 0 in descriptor and it is + * overwritten here in the jd which will update + * the DPOVRD reg. + */ + if (auth_only_len) + /* set sg bit */ + (jobdescr)->dpovrd = 0x80000000 | auth_only_len; + + return ctx; +} + static inline struct caam_jr_op_ctx * build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses) { @@ -765,11 +1204,11 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses) uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, ses->iv.offset); struct sec_job_descriptor_t *jobdescr; - uint32_t auth_only_len; - - PMD_INIT_FUNC_TRACE(); - auth_only_len = op->sym->auth.data.length - - op->sym->cipher.data.length; + uint16_t auth_hdr_len = sym->cipher.data.offset - + sym->auth.data.offset; + uint16_t auth_tail_len = sym->auth.data.length - + sym->cipher.data.length - auth_hdr_len; + uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len; src_start_addr = rte_pktmbuf_iova(sym->m_src); if (sym->m_dst) @@ -862,6 +1301,49 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses) return ctx; } + +static inline struct caam_jr_op_ctx * +build_proto(struct rte_crypto_op *op, struct caam_jr_session *ses) +{ + struct rte_crypto_sym_op *sym = op->sym; + struct caam_jr_op_ctx *ctx = NULL; + phys_addr_t src_start_addr, dst_start_addr; + struct sec_cdb *cdb; + uint64_t sdesc_offset; + struct sec_job_descriptor_t *jobdescr; + + ctx = caam_jr_alloc_ctx(ses); + if (!ctx) + return NULL; + ctx->op = op; + + src_start_addr = rte_pktmbuf_iova(sym->m_src); + if (sym->m_dst) + dst_start_addr = rte_pktmbuf_iova(sym->m_dst); + else + dst_start_addr = src_start_addr; + + cdb = ses->cdb; + sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb); + + jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc; + + SEC_JD_INIT(jobdescr); + SEC_JD_SET_SD(jobdescr, + (phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset, + cdb->sh_hdr.hi.field.idlen); + + /* output */ + SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr, 0, + sym->m_src->buf_len - sym->m_src->data_off); + /* input */ + SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)src_start_addr, 0, + sym->m_src->pkt_len); + sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK; + + return ctx; +} + static int caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp) { @@ -869,14 +1351,21 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp) struct caam_jr_session *ses; struct caam_jr_op_ctx *ctx = NULL; struct sec_job_descriptor_t *jobdescr __rte_unused; +#if CAAM_JR_DBG + int i; +#endif - PMD_INIT_FUNC_TRACE(); switch (op->sess_type) { case RTE_CRYPTO_OP_WITH_SESSION: ses = (struct caam_jr_session *) get_sym_session_private_data(op->sym->session, cryptodev_driver_id); break; + case RTE_CRYPTO_OP_SECURITY_SESSION: + ses = (struct caam_jr_session *) + get_sec_session_private_data( + op->sym->sec_session); + break; default: CAAM_JR_DP_ERR("sessionless crypto op not supported"); qp->tx_errs++; @@ -898,9 +1387,17 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp) ctx = build_auth_only(op, ses); else if (is_cipher_only(ses)) ctx = build_cipher_only(op, ses); + else if (is_proto_ipsec(ses)) + ctx = build_proto(op, ses); } else { - if (is_aead(ses)) + if (is_auth_cipher(ses)) + ctx = build_cipher_auth_sg(op, ses); + else if (is_aead(ses)) goto err1; + else if (is_auth_only(ses)) + ctx = build_auth_only_sg(op, ses); + else if (is_cipher_only(ses)) + ctx = build_cipher_only_sg(op, ses); } err1: if (unlikely(!ctx)) { @@ -919,7 +1416,7 @@ err1: rte_pktmbuf_data_len(op->sym->m_src)); printf("\n JD before conversion\n"); - for (int i = 0; i < 12; i++) + for (i = 0; i < 12; i++) printf("\n 0x%08x", ctx->jobdes.desc[i]); #endif @@ -978,8 +1475,6 @@ caam_jr_enqueue_burst(void *qp, struct rte_crypto_op **ops, int32_t ret; struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp; uint16_t num_tx = 0; - - PMD_INIT_FUNC_TRACE(); /*Prepare each packet which is to be sent*/ for (loop = 0; loop < nb_ops; loop++) { ret = caam_jr_enqueue_op(ops[loop], jr_qp); @@ -1022,8 +1517,7 @@ static int caam_jr_queue_pair_setup( struct rte_cryptodev *dev, uint16_t qp_id, __rte_unused const struct rte_cryptodev_qp_conf *qp_conf, - __rte_unused int socket_id, - __rte_unused struct rte_mempool *session_pool) + __rte_unused int socket_id) { struct sec_job_ring_t *internals; struct caam_jr_qp *qp = NULL; @@ -1045,15 +1539,6 @@ caam_jr_queue_pair_setup( return 0; } -/* Return the number of allocated queue pairs */ -static uint32_t -caam_jr_queue_pair_count(struct rte_cryptodev *dev) -{ - PMD_INIT_FUNC_TRACE(); - - return dev->data->nb_queue_pairs; -} - /* Returns the size of the aesni gcm session structure */ static unsigned int caam_jr_sym_session_get_size(struct rte_cryptodev *dev __rte_unused) @@ -1068,7 +1553,6 @@ caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused, struct rte_crypto_sym_xform *xform, struct caam_jr_session *session) { - PMD_INIT_FUNC_TRACE(); session->cipher_alg = xform->cipher.algo; session->iv.length = xform->cipher.iv.length; session->iv.offset = xform->cipher.iv.offset; @@ -1093,7 +1577,6 @@ caam_jr_auth_init(struct rte_cryptodev *dev __rte_unused, struct rte_crypto_sym_xform *xform, struct caam_jr_session *session) { - PMD_INIT_FUNC_TRACE(); session->auth_alg = xform->auth.algo; session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length, RTE_CACHE_LINE_SIZE); @@ -1117,7 +1600,6 @@ caam_jr_aead_init(struct rte_cryptodev *dev __rte_unused, struct rte_crypto_sym_xform *xform, struct caam_jr_session *session) { - PMD_INIT_FUNC_TRACE(); session->aead_alg = xform->aead.algo; session->iv.length = xform->aead.iv.length; session->iv.offset = xform->aead.iv.offset; @@ -1262,6 +1744,231 @@ caam_jr_sym_session_clear(struct rte_cryptodev *dev, } } +static int +caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev, + struct rte_security_session_conf *conf, + void *sess) +{ + struct sec_job_ring_t *internals = dev->data->dev_private; + struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec; + struct rte_crypto_auth_xform *auth_xform; + struct rte_crypto_cipher_xform *cipher_xform; + struct caam_jr_session *session = (struct caam_jr_session *)sess; + + PMD_INIT_FUNC_TRACE(); + + if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) { + cipher_xform = &conf->crypto_xform->cipher; + auth_xform = &conf->crypto_xform->next->auth; + } else { + auth_xform = &conf->crypto_xform->auth; + cipher_xform = &conf->crypto_xform->next->cipher; + } + session->proto_alg = conf->protocol; + session->cipher_key.data = rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data == NULL && + cipher_xform->key.length > 0) { + CAAM_JR_ERR("No Memory for cipher key\n"); + return -ENOMEM; + } + + session->cipher_key.length = cipher_xform->key.length; + session->auth_key.data = rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data == NULL && + auth_xform->key.length > 0) { + CAAM_JR_ERR("No Memory for auth key\n"); + rte_free(session->cipher_key.data); + return -ENOMEM; + } + session->auth_key.length = auth_xform->key.length; + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + + switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1_HMAC: + session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC; + break; + case RTE_CRYPTO_AUTH_MD5_HMAC: + session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC; + break; + case RTE_CRYPTO_AUTH_SHA256_HMAC: + session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC; + break; + case RTE_CRYPTO_AUTH_SHA384_HMAC: + session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC; + break; + case RTE_CRYPTO_AUTH_SHA512_HMAC: + session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: + session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC; + break; + case RTE_CRYPTO_AUTH_NULL: + session->auth_alg = RTE_CRYPTO_AUTH_NULL; + break; + case RTE_CRYPTO_AUTH_SHA224_HMAC: + case RTE_CRYPTO_AUTH_AES_XCBC_MAC: + case RTE_CRYPTO_AUTH_SNOW3G_UIA2: + case RTE_CRYPTO_AUTH_SHA1: + case RTE_CRYPTO_AUTH_SHA256: + case RTE_CRYPTO_AUTH_SHA512: + case RTE_CRYPTO_AUTH_SHA224: + case RTE_CRYPTO_AUTH_SHA384: + case RTE_CRYPTO_AUTH_MD5: + case RTE_CRYPTO_AUTH_AES_GMAC: + case RTE_CRYPTO_AUTH_KASUMI_F9: + case RTE_CRYPTO_AUTH_AES_CBC_MAC: + case RTE_CRYPTO_AUTH_ZUC_EIA3: + CAAM_JR_ERR("Crypto: Unsupported auth alg %u\n", + auth_xform->algo); + goto out; + default: + CAAM_JR_ERR("Crypto: Undefined Auth specified %u\n", + auth_xform->algo); + goto out; + } + + switch (cipher_xform->algo) { + case RTE_CRYPTO_CIPHER_AES_CBC: + session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC; + break; + case RTE_CRYPTO_CIPHER_3DES_CBC: + session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC; + break; + case RTE_CRYPTO_CIPHER_AES_CTR: + session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR; + break; + case RTE_CRYPTO_CIPHER_NULL: + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + case RTE_CRYPTO_CIPHER_3DES_ECB: + case RTE_CRYPTO_CIPHER_AES_ECB: + case RTE_CRYPTO_CIPHER_KASUMI_F8: + CAAM_JR_ERR("Crypto: Unsupported Cipher alg %u\n", + cipher_xform->algo); + goto out; + default: + CAAM_JR_ERR("Crypto: Undefined Cipher specified %u\n", + cipher_xform->algo); + goto out; + } + + if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) { + memset(&session->encap_pdb, 0, sizeof(struct ipsec_encap_pdb) + + sizeof(session->ip4_hdr)); + session->ip4_hdr.ip_v = IPVERSION; + session->ip4_hdr.ip_hl = 5; + session->ip4_hdr.ip_len = rte_cpu_to_be_16( + sizeof(session->ip4_hdr)); + session->ip4_hdr.ip_tos = ipsec_xform->tunnel.ipv4.dscp; + session->ip4_hdr.ip_id = 0; + session->ip4_hdr.ip_off = 0; + session->ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl; + session->ip4_hdr.ip_p = (ipsec_xform->proto == + RTE_SECURITY_IPSEC_SA_PROTO_ESP) ? IPPROTO_ESP + : IPPROTO_AH; + session->ip4_hdr.ip_sum = 0; + session->ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip; + session->ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip; + session->ip4_hdr.ip_sum = calc_chksum((uint16_t *) + (void *)&session->ip4_hdr, + sizeof(struct ip)); + + session->encap_pdb.options = + (IPVERSION << PDBNH_ESP_ENCAP_SHIFT) | + PDBOPTS_ESP_OIHI_PDB_INL | + PDBOPTS_ESP_IVSRC | + PDBHMO_ESP_ENCAP_DTTL; + if (ipsec_xform->options.esn) + session->encap_pdb.options |= PDBOPTS_ESP_ESN; + session->encap_pdb.spi = ipsec_xform->spi; + session->encap_pdb.ip_hdr_len = sizeof(struct ip); + + session->dir = DIR_ENC; + } else if (ipsec_xform->direction == + RTE_SECURITY_IPSEC_SA_DIR_INGRESS) { + memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb)); + session->decap_pdb.options = sizeof(struct ip) << 16; + if (ipsec_xform->options.esn) + session->decap_pdb.options |= PDBOPTS_ESP_ESN; + session->dir = DIR_DEC; + } else + goto out; + session->ctx_pool = internals->ctx_pool; + + return 0; +out: + rte_free(session->auth_key.data); + rte_free(session->cipher_key.data); + memset(session, 0, sizeof(struct caam_jr_session)); + return -1; +} + +static int +caam_jr_security_session_create(void *dev, + struct rte_security_session_conf *conf, + struct rte_security_session *sess, + struct rte_mempool *mempool) +{ + void *sess_private_data; + struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev; + int ret; + + if (rte_mempool_get(mempool, &sess_private_data)) { + CAAM_JR_ERR("Couldn't get object from session mempool"); + return -ENOMEM; + } + + switch (conf->protocol) { + case RTE_SECURITY_PROTOCOL_IPSEC: + ret = caam_jr_set_ipsec_session(cdev, conf, + sess_private_data); + break; + case RTE_SECURITY_PROTOCOL_MACSEC: + return -ENOTSUP; + default: + return -EINVAL; + } + if (ret != 0) { + CAAM_JR_ERR("failed to configure session parameters"); + /* Return session to mempool */ + rte_mempool_put(mempool, sess_private_data); + return ret; + } + + set_sec_session_private_data(sess, sess_private_data); + + return ret; +} + +/* Clear the memory of session so it doesn't leave key material behind */ +static int +caam_jr_security_session_destroy(void *dev __rte_unused, + struct rte_security_session *sess) +{ + PMD_INIT_FUNC_TRACE(); + void *sess_priv = get_sec_session_private_data(sess); + + struct caam_jr_session *s = (struct caam_jr_session *)sess_priv; + + if (sess_priv) { + struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv); + + rte_free(s->cipher_key.data); + rte_free(s->auth_key.data); + memset(sess, 0, sizeof(struct caam_jr_session)); + set_sec_session_private_data(sess, NULL); + rte_mempool_put(sess_mp, sess_priv); + } + return 0; +} + + static int caam_jr_dev_configure(struct rte_cryptodev *dev, struct rte_cryptodev_config *config __rte_unused) @@ -1272,7 +1979,7 @@ caam_jr_dev_configure(struct rte_cryptodev *dev, PMD_INIT_FUNC_TRACE(); internals = dev->data->dev_private; - sprintf(str, "ctx_pool_%d", dev->data->dev_id); + snprintf(str, sizeof(str), "ctx_pool_%d", dev->data->dev_id); if (!internals->ctx_pool) { internals->ctx_pool = rte_mempool_create((const char *)str, CTX_POOL_NUM_BUFS, @@ -1343,14 +2050,23 @@ static struct rte_cryptodev_ops caam_jr_ops = { .dev_stop = caam_jr_dev_stop, .dev_close = caam_jr_dev_close, .dev_infos_get = caam_jr_dev_infos_get, + .stats_get = caam_jr_stats_get, + .stats_reset = caam_jr_stats_reset, .queue_pair_setup = caam_jr_queue_pair_setup, .queue_pair_release = caam_jr_queue_pair_release, - .queue_pair_count = caam_jr_queue_pair_count, .sym_session_get_size = caam_jr_sym_session_get_size, .sym_session_configure = caam_jr_sym_session_configure, .sym_session_clear = caam_jr_sym_session_clear }; +static struct rte_security_ops caam_jr_security_ops = { + .session_create = caam_jr_security_session_create, + .session_update = NULL, + .session_stats_get = NULL, + .session_destroy = caam_jr_security_session_destroy, + .set_pkt_metadata = NULL, + .capabilities_get = caam_jr_get_security_capabilities +}; /* @brief Flush job rings of any processed descs. * The processed descs are silently dropped, @@ -1359,8 +2075,7 @@ static struct rte_cryptodev_ops caam_jr_ops = { static void close_job_ring(struct sec_job_ring_t *job_ring) { - PMD_INIT_FUNC_TRACE(); - if (job_ring->irq_fd) { + if (job_ring->irq_fd != -1) { /* Producer index is frozen. If consumer index is not equal * with producer index, then we have descs to flush. */ @@ -1369,7 +2084,7 @@ close_job_ring(struct sec_job_ring_t *job_ring) /* free the uio job ring */ free_job_ring(job_ring->irq_fd); - job_ring->irq_fd = 0; + job_ring->irq_fd = -1; caam_jr_dma_free(job_ring->input_ring); caam_jr_dma_free(job_ring->output_ring); g_job_rings_no--; @@ -1473,7 +2188,7 @@ caam_jr_dev_uninit(struct rte_cryptodev *dev) * */ static void * -init_job_ring(void *reg_base_addr, uint32_t irq_id) +init_job_ring(void *reg_base_addr, int irq_id) { struct sec_job_ring_t *job_ring = NULL; int i, ret = 0; @@ -1483,7 +2198,7 @@ init_job_ring(void *reg_base_addr, uint32_t irq_id) int irq_coalescing_count = 0; for (i = 0; i < MAX_SEC_JOB_RINGS; i++) { - if (g_job_rings[i].irq_fd == 0) { + if (g_job_rings[i].irq_fd == -1) { job_ring = &g_job_rings[i]; g_job_rings_no++; break; @@ -1570,6 +2285,7 @@ caam_jr_dev_init(const char *name, struct rte_cryptodev_pmd_init_params *init_params) { struct rte_cryptodev *dev; + struct rte_security_ctx *security_instance; struct uio_job_ring *job_ring; char str[RTE_CRYPTODEV_NAME_MAX_LEN]; @@ -1639,6 +2355,20 @@ caam_jr_dev_init(const char *name, return 0; } + /*TODO free it during teardown*/ + security_instance = rte_malloc("caam_jr", + sizeof(struct rte_security_ctx), 0); + if (security_instance == NULL) { + CAAM_JR_ERR("memory allocation failed\n"); + //todo error handling. + goto cleanup2; + } + + security_instance->device = (void *)dev; + security_instance->ops = &caam_jr_security_ops; + security_instance->sess_cnt = 0; + dev->security_ctx = security_instance; + RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name); return 0; @@ -1721,6 +2451,15 @@ cryptodev_caam_jr_remove(struct rte_vdev_device *vdev) return rte_cryptodev_pmd_destroy(cryptodev); } +static void +sec_job_rings_init(void) +{ + int i; + + for (i = 0; i < MAX_SEC_JOB_RINGS; i++) + g_job_rings[i].irq_fd = -1; +} + static struct rte_vdev_driver cryptodev_caam_jr_drv = { .probe = cryptodev_caam_jr_probe, .remove = cryptodev_caam_jr_remove @@ -1735,6 +2474,12 @@ RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD, RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver, cryptodev_driver_id); +RTE_INIT(caam_jr_init) +{ + sec_uio_job_rings_init(); + sec_job_rings_init(); +} + RTE_INIT(caam_jr_init_log) { caam_jr_logtype = rte_log_register("pmd.crypto.caam");