4 * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Freescale Semiconductor, Inc nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
35 #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
37 #define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec
38 /**< NXP DPAA2 - SEC PMD device name */
41 #define MAX_DESC_SIZE 64
42 /** private data structure for each DPAA2_SEC device */
43 struct dpaa2_sec_dev_private {
44 void *mc_portal; /**< MC Portal for configuring this device */
45 void *hw; /**< Hardware handle for this device.Used by NADK framework */
46 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
47 int32_t hw_id; /**< An unique ID of this device instance */
48 int32_t vfio_fd; /**< File descriptor received via VFIO */
49 uint16_t token; /**< Token required by DPxxx objects */
50 unsigned int max_nb_queue_pairs;
51 /**< Max number of queue pairs supported by device */
52 unsigned int max_nb_sessions;
53 /**< Max number of sessions supported by device */
57 struct dpaa2_queue rx_vq;
58 struct dpaa2_queue tx_vq;
70 #define DPAA2_SET_FLC_EWS(flc) (flc->word1_bits23_16 |= 0x1)
71 #define DPAA2_SET_FLC_RSC(flc) (flc->word1_bits31_24 |= 0x1)
72 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
73 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
75 /* SEC Flow Context Descriptor */
76 struct sec_flow_context {
78 uint16_t word0_sdid; /* 11-0 SDID */
79 uint16_t word0_res; /* 31-12 reserved */
82 uint8_t word1_sdl; /* 5-0 SDL */
85 uint8_t word1_bits_15_8; /* 11-8 CRID */
89 uint8_t word1_bits23_16; /* 16 EWS */
94 uint8_t word1_bits31_24; /* 24 RSC */
98 /* word 2 RFLC[31-0] */
99 uint32_t word2_rflc_31_0;
101 /* word 3 RFLC[63-32] */
102 uint32_t word3_rflc_63_32;
105 uint16_t word4_iicid; /* 15-0 IICID */
106 uint16_t word4_oicid; /* 31-16 OICID */
109 uint32_t word5_ofqid:24; /* 23-0 OFQID */
110 uint32_t word5_31_24:8;
117 uint32_t word6_oflc_31_0;
120 uint32_t word7_oflc_63_32;
122 /* Word 8-15 storage profiles */
123 uint16_t dl; /**< DataLength(correction) */
124 uint16_t reserved; /**< reserved */
125 uint16_t dhr; /**< DataHeadRoom(correction) */
126 uint16_t mode_bits; /**< mode bits */
127 uint16_t bpv0; /**< buffer pool0 valid */
128 uint16_t bpid0; /**< Bypass Memory Translation */
129 uint16_t bpv1; /**< buffer pool1 valid */
130 uint16_t bpid1; /**< Bypass Memory Translation */
131 uint64_t word_12_15[2]; /**< word 12-15 are reserved */
134 struct sec_flc_desc {
135 struct sec_flow_context flc;
136 uint32_t desc[MAX_DESC_SIZE];
140 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
141 struct sec_flc_desc flc_desc[0];
144 enum dpaa2_sec_op_type {
145 DPAA2_SEC_NONE, /*!< No Cipher operations*/
146 DPAA2_SEC_CIPHER,/*!< CIPHER operations */
147 DPAA2_SEC_AUTH, /*!< Authentication Operations */
148 DPAA2_SEC_AEAD, /*!< AEAD (AES-GCM/CCM) type operations */
149 DPAA2_SEC_CIPHER_HASH, /*!< Authenticated Encryption with
152 DPAA2_SEC_HASH_CIPHER, /*!< Encryption with Authenticated
155 DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
156 DPAA2_SEC_PDCP, /*!< PDCP protocol operations*/
157 DPAA2_SEC_PKC, /*!< Public Key Cryptographic Operations */
161 struct dpaa2_sec_aead_ctxt {
162 uint16_t auth_only_len; /*!< Length of data for Auth only */
163 uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */
166 typedef struct dpaa2_sec_session_entry {
169 uint8_t dir; /*!< Operation Direction */
170 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
171 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
174 uint8_t *data; /**< pointer to key data */
175 size_t length; /**< key length in bytes */
179 uint8_t *data; /**< pointer to key data */
180 size_t length; /**< key length in bytes */
183 uint8_t *data; /**< pointer to key data */
184 size_t length; /**< key length in bytes */
189 uint16_t length; /**< IV length in bytes */
190 uint16_t offset; /**< IV offset in bytes */
192 uint16_t digest_length;
195 struct dpaa2_sec_aead_ctxt aead_ctxt;
199 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
201 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
203 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
205 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
222 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
224 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
226 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
243 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
245 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
247 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
264 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
266 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
268 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
285 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
287 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
289 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
306 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
308 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
310 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
327 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
329 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
331 .algo = RTE_CRYPTO_AEAD_AES_GCM,
357 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
359 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
361 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
377 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
379 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
381 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
397 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
399 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
401 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
417 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
420 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
421 { /* IPsec Lookaside Protocol offload ESP Transport Egress */
422 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
423 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
425 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
426 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
427 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
430 .crypto_capabilities = dpaa2_sec_capabilities
432 { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
433 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
434 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
436 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
437 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
438 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
441 .crypto_capabilities = dpaa2_sec_capabilities
444 .action = RTE_SECURITY_ACTION_TYPE_NONE
451 * @param buffer calculate chksum for buffer
452 * @param len buffer length
454 * @return checksum value in host cpu order
456 static inline uint16_t
457 calc_chksum(void *buffer, int len)
459 uint16_t *buf = (uint16_t *)buffer;
463 for (sum = 0; len > 1; len -= 2)
467 sum += *(unsigned char *)buf;
469 sum = (sum >> 16) + (sum & 0xFFFF);
476 #endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */