drivers/crypto/aesni_mb/aesni_mb_pmd_private.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright(c) 2015-2016 Intel Corporation
   3  */
   4
   5 #ifndef _AESNI_MB_PMD_PRIVATE_H_
   6 #define _AESNI_MB_PMD_PRIVATE_H_
   7
   8 #include <intel-ipsec-mb.h>
   9
  10 enum aesni_mb_vector_mode {
  11         RTE_AESNI_MB_NOT_SUPPORTED = 0,
  12         RTE_AESNI_MB_SSE,
  13         RTE_AESNI_MB_AVX,
  14         RTE_AESNI_MB_AVX2,
  15         RTE_AESNI_MB_AVX512
  16 };
  17
  18 #define CRYPTODEV_NAME_AESNI_MB_PMD     crypto_aesni_mb
  19 /**< AES-NI Multi buffer PMD device name */
  20
  21 /** AESNI_MB PMD LOGTYPE DRIVER */
  22 extern int aesni_mb_logtype_driver;
  23
  24 #define AESNI_MB_LOG(level, fmt, ...)  \
  25         rte_log(RTE_LOG_ ## level, aesni_mb_logtype_driver,  \
  26                         "%s() line %u: " fmt "\n", __func__, __LINE__,  \
  27                                         ## __VA_ARGS__)
  28
  29
  30 #define HMAC_IPAD_VALUE                 (0x36)
  31 #define HMAC_OPAD_VALUE                 (0x5C)
  32
  33 /* Maximum length for digest */
  34 #define DIGEST_LENGTH_MAX 64
  35 static const unsigned auth_blocksize[] = {
  36                 [NULL_HASH]     = 0,
  37                 [MD5]           = 64,
  38                 [SHA1]          = 64,
  39                 [SHA_224]       = 64,
  40                 [SHA_256]       = 64,
  41                 [SHA_384]       = 128,
  42                 [SHA_512]       = 128,
  43                 [AES_XCBC]      = 16,
  44                 [AES_CCM]       = 16,
  45                 [AES_CMAC]      = 16,
  46                 [AES_GMAC]      = 16,
  47                 [PLAIN_SHA1]    = 64,
  48                 [PLAIN_SHA_224] = 64,
  49                 [PLAIN_SHA_256] = 64,
  50                 [PLAIN_SHA_384] = 128,
  51                 [PLAIN_SHA_512] = 128
  52 };
  53
  54 /**
  55  * Get the blocksize in bytes for a specified authentication algorithm
  56  *
  57  * @Note: this function will not return a valid value for a non-valid
  58  * authentication algorithm
  59  */
  60 static inline unsigned
  61 get_auth_algo_blocksize(JOB_HASH_ALG algo)
  62 {
  63         return auth_blocksize[algo];
  64 }
  65
  66 static const unsigned auth_truncated_digest_byte_lengths[] = {
  67                 [MD5]           = 12,
  68                 [SHA1]          = 12,
  69                 [SHA_224]       = 14,
  70                 [SHA_256]       = 16,
  71                 [SHA_384]       = 24,
  72                 [SHA_512]       = 32,
  73                 [AES_XCBC]      = 12,
  74                 [AES_CMAC]      = 12,
  75                 [AES_CCM]       = 8,
  76                 [NULL_HASH]     = 0,
  77                 [AES_GMAC]      = 16,
  78                 [PLAIN_SHA1]    = 20,
  79                 [PLAIN_SHA_224] = 28,
  80                 [PLAIN_SHA_256] = 32,
  81                 [PLAIN_SHA_384] = 48,
  82                 [PLAIN_SHA_512] = 64
  83 };
  84
  85 /**
  86  * Get the IPsec specified truncated length in bytes of the HMAC digest for a
  87  * specified authentication algorithm
  88  *
  89  * @Note: this function will not return a valid value for a non-valid
  90  * authentication algorithm
  91  */
  92 static inline unsigned
  93 get_truncated_digest_byte_length(JOB_HASH_ALG algo)
  94 {
  95         return auth_truncated_digest_byte_lengths[algo];
  96 }
  97
  98 static const unsigned auth_digest_byte_lengths[] = {
  99                 [MD5]           = 16,
 100                 [SHA1]          = 20,
 101                 [SHA_224]       = 28,
 102                 [SHA_256]       = 32,
 103                 [SHA_384]       = 48,
 104                 [SHA_512]       = 64,
 105                 [AES_XCBC]      = 16,
 106                 [AES_CMAC]      = 16,
 107                 [AES_CCM]       = 16,
 108                 [AES_GMAC]      = 12,
 109                 [NULL_HASH]     = 0,
 110                 [PLAIN_SHA1]    = 20,
 111                 [PLAIN_SHA_224] = 28,
 112                 [PLAIN_SHA_256] = 32,
 113                 [PLAIN_SHA_384] = 48,
 114                 [PLAIN_SHA_512] = 64
 115         /**< Vector mode dependent pointer table of the multi-buffer APIs */
 116
 117 };
 118
 119 /**
 120  * Get the full digest size in bytes for a specified authentication algorithm
 121  * (if available in the Multi-buffer library)
 122  *
 123  * @Note: this function will not return a valid value for a non-valid
 124  * authentication algorithm
 125  */
 126 static inline unsigned
 127 get_digest_byte_length(JOB_HASH_ALG algo)
 128 {
 129         return auth_digest_byte_lengths[algo];
 130 }
 131
 132 enum aesni_mb_operation {
 133         AESNI_MB_OP_HASH_CIPHER,
 134         AESNI_MB_OP_CIPHER_HASH,
 135         AESNI_MB_OP_HASH_ONLY,
 136         AESNI_MB_OP_CIPHER_ONLY,
 137         AESNI_MB_OP_AEAD_HASH_CIPHER,
 138         AESNI_MB_OP_AEAD_CIPHER_HASH,
 139         AESNI_MB_OP_NOT_SUPPORTED
 140 };
 141
 142 /** private data structure for each virtual AESNI device */
 143 struct aesni_mb_private {
 144         enum aesni_mb_vector_mode vector_mode;
 145         /**< CPU vector instruction set mode */
 146         unsigned max_nb_queue_pairs;
 147         /**< Max number of queue pairs supported by device */
 148         MB_MGR *mb_mgr;
 149         /**< Multi-buffer instance */
 150 };
 151
 152 /** AESNI Multi buffer queue pair */
 153 struct aesni_mb_qp {
 154         uint16_t id;
 155         /**< Queue Pair Identifier */
 156         char name[RTE_CRYPTODEV_NAME_MAX_LEN];
 157         /**< Unique Queue Pair Name */
 158         MB_MGR *mb_mgr;
 159         /**< Multi-buffer instance */
 160         struct rte_ring *ingress_queue;
 161         /**< Ring for placing operations ready for processing */
 162         struct rte_mempool *sess_mp;
 163         /**< Session Mempool */
 164         struct rte_mempool *sess_mp_priv;
 165         /**< Session Private Data Mempool */
 166         struct rte_cryptodev_stats stats;
 167         /**< Queue pair statistics */
 168         uint8_t digest_idx;
 169         /**< Index of the next slot to be used in temp_digests,
 170          * to store the digest for a given operation
 171          */
 172         uint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];
 173         /**< Buffers used to store the digest generated
 174          * by the driver when verifying a digest provided
 175          * by the user (using authentication verify operation)
 176          */
 177 } __rte_cache_aligned;
 178
 179 /** AES-NI multi-buffer private session structure */
 180 struct aesni_mb_session {
 181         JOB_CHAIN_ORDER chain_order;
 182         struct {
 183                 uint16_t length;
 184                 uint16_t offset;
 185         } iv;
 186         /**< IV parameters */
 187
 188         /** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
 189         /**< Vector mode dependent pointer table of the multi-buffer APIs */
 190
 191         struct {
 192                 /** Cipher direction - encrypt / decrypt */
 193                 JOB_CIPHER_DIRECTION direction;
 194                 /** Cipher mode - CBC / Counter */
 195                 JOB_CIPHER_MODE mode;
 196
 197                 uint64_t key_length_in_bytes;
 198
 199                 union {
 200                         struct {
 201                                 uint32_t encode[60] __rte_aligned(16);
 202                                 /**< encode key */
 203                                 uint32_t decode[60] __rte_aligned(16);
 204                                 /**< decode key */
 205                         } expanded_aes_keys;
 206                         struct {
 207                                 const void *ks_ptr[3];
 208                                 uint64_t key[3][16];
 209                         } exp_3des_keys;
 210
 211                         struct gcm_key_data gcm_key;
 212                 };
 213                 /**< Expanded AES keys - Allocating space to
 214                  * contain the maximum expanded key size which
 215                  * is 240 bytes for 256 bit AES, calculate by:
 216                  * ((key size (bytes)) *
 217                  * ((number of rounds) + 1))
 218                  */
 219         } cipher;
 220
 221         /** Authentication Parameters */
 222         struct {
 223                 JOB_HASH_ALG algo; /**< Authentication Algorithm */
 224                 enum rte_crypto_auth_operation operation;
 225                 /**< auth operation generate or verify */
 226                 union {
 227                         struct {
 228                                 uint8_t inner[128] __rte_aligned(16);
 229                                 /**< inner pad */
 230                                 uint8_t outer[128] __rte_aligned(16);
 231                                 /**< outer pad */
 232                         } pads;
 233                         /**< HMAC Authentication pads -
 234                          * allocating space for the maximum pad
 235                          * size supported which is 128 bytes for
 236                          * SHA512
 237                          */
 238
 239                         struct {
 240                             uint32_t k1_expanded[44] __rte_aligned(16);
 241                             /**< k1 (expanded key). */
 242                             uint8_t k2[16] __rte_aligned(16);
 243                             /**< k2. */
 244                             uint8_t k3[16] __rte_aligned(16);
 245                             /**< k3. */
 246                         } xcbc;
 247
 248                         struct {
 249                                 uint32_t expkey[60] __rte_aligned(16);
 250                                                     /**< k1 (expanded key). */
 251                                 uint32_t skey1[4] __rte_aligned(16);
 252                                                     /**< k2. */
 253                                 uint32_t skey2[4] __rte_aligned(16);
 254                                                     /**< k3. */
 255                         } cmac;
 256                         /**< Expanded XCBC authentication keys */
 257                 };
 258         /** Generated digest size by the Multi-buffer library */
 259         uint16_t gen_digest_len;
 260         /** Requested digest size from Cryptodev */
 261         uint16_t req_digest_len;
 262
 263         } auth;
 264         struct {
 265                 /** AAD data length */
 266                 uint16_t aad_len;
 267         } aead;
 268 } __rte_cache_aligned;
 269
 270 extern int
 271 aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
 272                 struct aesni_mb_session *sess,
 273                 const struct rte_crypto_sym_xform *xform);
 274
 275 /** device specific operations function pointer structure */
 276 extern struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops;
 277
 278 extern uint32_t
 279 aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,
 280         struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,
 281         struct rte_crypto_sym_vec *vec);
 282
 283 #endif /* _AESNI_MB_PMD_PRIVATE_H_ */