crypto/qat: handle mixed hash-cipher requests on GEN3
authorAdam Dybkowski <adamx.dybkowski@intel.com>
Wed, 15 Jan 2020 14:59:22 +0000 (15:59 +0100)
committerAkhil Goyal <akhil.goyal@nxp.com>
Wed, 15 Jan 2020 15:45:04 +0000 (16:45 +0100)
This patch implements handling mixed encrypted digest hash-cipher
requests (e.g. SNOW3G + ZUC or ZUC + AES CTR) possible when running
on GEN3 QAT. Such algorithm combinations are not supported on
GEN1/GEN2 hardware.

Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
doc/guides/cryptodevs/qat.rst
doc/guides/rel_notes/release_20_02.rst
drivers/common/qat/qat_adf/icp_qat_fw.h
drivers/common/qat/qat_adf/icp_qat_fw_la.h
drivers/crypto/qat/qat_sym_session.c

index 12b8e79..06985e3 100644 (file)
@@ -72,6 +72,30 @@ Supported AEAD algorithms:
 * ``RTE_CRYPTO_AEAD_AES_CCM``
 
 
+Supported Chains
+~~~~~~~~~~~~~~~~
+
+All the usual chains are supported and also some mixed chains:
+
+.. table:: Supported hash-cipher chains for wireless digest-encrypted cases
+
+   +------------------+-----------+-------------+----------+----------+
+   | Cipher algorithm | NULL AUTH | SNOW3G UIA2 | ZUC EIA3 | AES CMAC |
+   +==================+===========+=============+==========+==========+
+   | NULL CIPHER      | Y         | 3           | 3        | Y        |
+   +------------------+-----------+-------------+----------+----------+
+   | SNOW3G UEA2      | 3         | Y           | 3        | 3        |
+   +------------------+-----------+-------------+----------+----------+
+   | ZUC EEA3         | 3         | 3           | 2&3      | 3        |
+   +------------------+-----------+-------------+----------+----------+
+   | AES CTR          | Y         | 3           | 3        | Y        |
+   +------------------+-----------+-------------+----------+----------+
+
+* The combinations marked as "Y" are supported on all QAT hardware versions.
+* The combinations marked as "2&3" are supported on GEN2/GEN3 QAT hardware only.
+* The combinations marked as "3" are supported on GEN3 QAT hardware only.
+
+
 Limitations
 ~~~~~~~~~~~
 
index 01bde80..ec516da 100644 (file)
@@ -69,6 +69,14 @@ New Features
   * ECPM (Elliptic Curve Point Multiplication) is added to
     asymmetric crypto library specifications.
 
+* **Added handling of mixed algorithms in encrypted digest requests in QAT PMD.**
+
+  Added handling of mixed algorithms in encrypted digest hash-cipher
+  (generation) and cipher-hash (verification) requests (e.g. SNOW3G + ZUC or
+  ZUC + AES CTR) in QAT PMD possible when running on GEN3 QAT hardware.
+  Such algorithm combinations are not supported on GEN1/GEN2 hardware
+  and executing the request returns RTE_CRYPTO_OP_STATUS_INVALID_SESSION.
+
 
 Removed Items
 -------------
index 8f7cb37..1265c2a 100644 (file)
@@ -175,6 +175,9 @@ struct icp_qat_fw_comn_resp {
 #define QAT_COMN_PTR_TYPE_SGL 0x1
 #define QAT_COMN_CD_FLD_TYPE_64BIT_ADR 0x0
 #define QAT_COMN_CD_FLD_TYPE_16BYTE_DATA 0x1
+#define QAT_COMN_EXT_FLAGS_BITPOS 8
+#define QAT_COMN_EXT_FLAGS_MASK 0x1
+#define QAT_COMN_EXT_FLAGS_USED 0x1
 
 #define ICP_QAT_FW_COMN_FLAGS_BUILD(cdt, ptr) \
        ((((cdt) & QAT_COMN_CD_FLD_TYPE_MASK) << QAT_COMN_CD_FLD_TYPE_BITPOS) \
index 38891eb..20eb145 100644 (file)
@@ -273,6 +273,8 @@ struct icp_qat_fw_cipher_auth_cd_ctrl_hdr {
 
 #define ICP_QAT_FW_AUTH_HDR_FLAG_DO_NESTED 1
 #define ICP_QAT_FW_AUTH_HDR_FLAG_NO_NESTED 0
+#define ICP_QAT_FW_AUTH_HDR_FLAG_SNOW3G_UIA2_BITPOS 3
+#define ICP_QAT_FW_AUTH_HDR_FLAG_ZUC_EIA3_BITPOS 4
 #define ICP_QAT_FW_CCM_GCM_AAD_SZ_MAX  240
 #define ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET 24
 #define ICP_QAT_FW_CIPHER_REQUEST_PARAMETERS_OFFSET (0)
index 72290ba..4359f2f 100644 (file)
@@ -416,6 +416,74 @@ qat_sym_session_configure(struct rte_cryptodev *dev,
        return 0;
 }
 
+static void
+qat_sym_session_set_ext_hash_flags(struct qat_sym_session *session,
+               uint8_t hash_flag)
+{
+       struct icp_qat_fw_comn_req_hdr *header = &session->fw_req.comn_hdr;
+       struct icp_qat_fw_cipher_auth_cd_ctrl_hdr *cd_ctrl =
+                       (struct icp_qat_fw_cipher_auth_cd_ctrl_hdr *)
+                       session->fw_req.cd_ctrl.content_desc_ctrl_lw;
+
+       /* Set the Use Extended Protocol Flags bit in LW 1 */
+       QAT_FIELD_SET(header->comn_req_flags,
+                       QAT_COMN_EXT_FLAGS_USED,
+                       QAT_COMN_EXT_FLAGS_BITPOS,
+                       QAT_COMN_EXT_FLAGS_MASK);
+
+       /* Set Hash Flags in LW 28 */
+       cd_ctrl->hash_flags |= hash_flag;
+
+       /* Set proto flags in LW 1 */
+       switch (session->qat_cipher_alg) {
+       case ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2:
+               ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags,
+                               ICP_QAT_FW_LA_SNOW_3G_PROTO);
+               ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(
+                               header->serv_specif_flags, 0);
+               break;
+       case ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3:
+               ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags,
+                               ICP_QAT_FW_LA_NO_PROTO);
+               ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(
+                               header->serv_specif_flags,
+                               ICP_QAT_FW_LA_ZUC_3G_PROTO);
+               break;
+       default:
+               ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags,
+                               ICP_QAT_FW_LA_NO_PROTO);
+               ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(
+                               header->serv_specif_flags, 0);
+               break;
+       }
+}
+
+static void
+qat_sym_session_handle_mixed(struct qat_sym_session *session)
+{
+       if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3 &&
+                       session->qat_cipher_alg !=
+                       ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3) {
+               session->min_qat_dev_gen = QAT_GEN3;
+               qat_sym_session_set_ext_hash_flags(session,
+                       1 << ICP_QAT_FW_AUTH_HDR_FLAG_ZUC_EIA3_BITPOS);
+       } else if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 &&
+                       session->qat_cipher_alg !=
+                       ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2) {
+               session->min_qat_dev_gen = QAT_GEN3;
+               qat_sym_session_set_ext_hash_flags(session,
+                       1 << ICP_QAT_FW_AUTH_HDR_FLAG_SNOW3G_UIA2_BITPOS);
+       } else if ((session->aes_cmac ||
+                       session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_NULL) &&
+                       (session->qat_cipher_alg ==
+                       ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 ||
+                       session->qat_cipher_alg ==
+                       ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3)) {
+               session->min_qat_dev_gen = QAT_GEN3;
+               qat_sym_session_set_ext_hash_flags(session, 0);
+       }
+}
+
 int
 qat_sym_session_set_parameters(struct rte_cryptodev *dev,
                struct rte_crypto_sym_xform *xform, void *session_private)
@@ -463,6 +531,8 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev,
                                        xform, session);
                        if (ret < 0)
                                return ret;
+                       /* Special handling of mixed hash+cipher algorithms */
+                       qat_sym_session_handle_mixed(session);
                }
                break;
        case ICP_QAT_FW_LA_CMD_HASH_CIPHER:
@@ -480,6 +550,8 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev,
                                        xform, session);
                        if (ret < 0)
                                return ret;
+                       /* Special handling of mixed hash+cipher algorithms */
+                       qat_sym_session_handle_mixed(session);
                }
                break;
        case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM: