1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(C) 2021 Marvell.
5 #ifndef __ROC_IE_ON_H__
6 #define __ROC_IE_ON_H__
10 /* CN9K IPsec LA opcodes */
11 #define ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_OUTBOUND 0x20
12 #define ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_INBOUND 0x21
13 #define ROC_IE_ON_MAJOR_OP_PROCESS_OUTBOUND_IPSEC 0x23
14 #define ROC_IE_ON_MAJOR_OP_PROCESS_INBOUND_IPSEC 0x24
16 /* Ucode completion codes */
17 enum roc_ie_on_ucc_ipsec {
18 ROC_IE_ON_UCC_SUCCESS = 0,
19 ROC_IE_ON_AUTH_UNSUPPORTED = 0xB0,
20 ROC_IE_ON_ENCRYPT_UNSUPPORTED = 0xB1,
21 /* Software defined completion code for anti-replay failed packets */
22 ROC_IE_ON_SWCC_ANTI_REPLAY = 0xE7,
26 #define ROC_IE_ON_INB_RPTR_HDR 16
27 #define ROC_IE_ON_MAX_IV_LEN 16
28 #define ROC_IE_ON_PER_PKT_IV BIT(43)
31 ROC_IE_ON_SA_ENC_NULL = 0,
32 ROC_IE_ON_SA_ENC_DES_CBC = 1,
33 ROC_IE_ON_SA_ENC_3DES_CBC = 2,
34 ROC_IE_ON_SA_ENC_AES_CBC = 3,
35 ROC_IE_ON_SA_ENC_AES_CTR = 4,
36 ROC_IE_ON_SA_ENC_AES_GCM = 5,
37 ROC_IE_ON_SA_ENC_AES_CCM = 6,
41 ROC_IE_ON_SA_AUTH_NULL = 0,
42 ROC_IE_ON_SA_AUTH_MD5 = 1,
43 ROC_IE_ON_SA_AUTH_SHA1 = 2,
44 ROC_IE_ON_SA_AUTH_SHA2_224 = 3,
45 ROC_IE_ON_SA_AUTH_SHA2_256 = 4,
46 ROC_IE_ON_SA_AUTH_SHA2_384 = 5,
47 ROC_IE_ON_SA_AUTH_SHA2_512 = 6,
48 ROC_IE_ON_SA_AUTH_AES_GMAC = 7,
49 ROC_IE_ON_SA_AUTH_AES_XCBC_128 = 8,
53 ROC_IE_ON_SA_FRAG_POST = 0,
54 ROC_IE_ON_SA_FRAG_PRE = 1,
58 ROC_IE_ON_SA_ENCAP_NONE = 0,
59 ROC_IE_ON_SA_ENCAP_UDP = 1,
63 ROC_IE_ON_IV_SRC_HW_GEN_DEFAULT = 0,
64 ROC_IE_ON_IV_SRC_FROM_DPTR = 1,
67 struct roc_ie_on_outb_hdr {
75 struct roc_ie_on_inb_hdr {
81 union roc_ie_on_bit_perfect_iv {
91 struct roc_ie_on_traffic_selector {
100 uint8_t src_addr[32];
101 uint8_t dst_addr[32];
106 struct roc_ie_on_ip_template {
109 uint8_t ipv4_hdr[20];
114 uint8_t ipv6_hdr[40];
121 union roc_on_ipsec_outb_param1 {
124 uint16_t l2hdr_len : 4;
125 uint16_t rsvd_4_6 : 3;
126 uint16_t gre_select : 1;
129 uint16_t min_frag_size : 1;
130 uint16_t per_pkt_iv : 1;
131 uint16_t tfc_pad_enable : 1;
132 uint16_t tfc_dummy_pkt : 1;
133 uint16_t rfc_or_override_mode : 1;
134 uint16_t custom_hdr_or_p99 : 1;
138 union roc_on_ipsec_inb_param2 {
141 uint16_t rsvd_0_10 : 11;
142 uint16_t gre_select : 1;
144 uint16_t udp_cksum : 1;
145 uint16_t ctx_addr_sel : 1;
146 uint16_t custom_hdr_or_p99 : 1;
150 struct roc_ie_on_sa_ctl {
152 uint64_t exp_proto_inter_frag : 8;
153 uint64_t copy_df : 1;
154 uint64_t frag_type : 1;
155 uint64_t explicit_iv_en : 1;
157 uint64_t rsvd_45_44 : 2;
158 uint64_t encap_type : 2;
159 uint64_t enc_type : 3;
160 uint64_t rsvd_48 : 1;
161 uint64_t auth_type : 4;
163 uint64_t direction : 1;
164 uint64_t outer_ip_ver : 1;
165 uint64_t inner_ip_ver : 1;
166 uint64_t ipsec_mode : 1;
167 uint64_t ipsec_proto : 1;
168 uint64_t aes_key_len : 2;
171 struct roc_ie_on_common_sa {
173 struct roc_ie_on_sa_ctl ctl;
176 uint8_t cipher_key[32];
179 union roc_ie_on_bit_perfect_iv iv;
191 struct roc_ie_on_outb_sa {
193 struct roc_ie_on_common_sa common_sa;
198 struct roc_ie_on_ip_template template;
201 uint8_t hmac_key[24];
203 struct roc_ie_on_ip_template template;
208 struct roc_ie_on_ip_template template;
211 uint8_t hmac_key[64];
213 struct roc_ie_on_ip_template template;
218 struct roc_ie_on_inb_sa {
220 struct roc_ie_on_common_sa common_sa;
223 uint8_t udp_encap[8];
228 uint8_t hmac_key[48];
229 struct roc_ie_on_traffic_selector selector;
234 struct roc_ie_on_traffic_selector selector;
237 uint8_t hmac_key[64];
239 struct roc_ie_on_traffic_selector selector;
246 /* CN9K IPsec FP opcodes */
247 #define ROC_IE_ONF_MAJOR_OP_PROCESS_OUTBOUND_IPSEC 0x25UL
248 #define ROC_IE_ONF_MAJOR_OP_PROCESS_INBOUND_IPSEC 0x26UL
250 /* Ucode completion codes */
251 #define ROC_IE_ON_UCC_SUCCESS 0
252 #define ROC_IE_ON_UCC_ENC_TYPE_ERR 0xB1
253 #define ROC_IE_ON_UCC_IP_VER_ERR 0xB2
254 #define ROC_IE_ON_UCC_PROTO_ERR 0xB3
255 #define ROC_IE_ON_UCC_CTX_INVALID 0xB4
256 #define ROC_IE_ON_UCC_CTX_DIR_MISMATCH 0xB5
257 #define ROC_IE_ON_UCC_IP_PAYLOAD_TYPE_ERR 0xB6
258 #define ROC_IE_ON_UCC_CTX_FLAG_MISMATCH 0xB7
259 #define ROC_IE_ON_UCC_SPI_MISMATCH 0xBE
260 #define ROC_IE_ON_UCC_IP_CHKSUM_ERR 0xBF
261 #define ROC_IE_ON_UCC_AUTH_ERR 0xC3
262 #define ROC_IE_ON_UCC_PADDING_INVALID 0xC4
263 #define ROC_IE_ON_UCC_SA_MISMATCH 0xCC
264 #define ROC_IE_ON_UCC_L2_HDR_INFO_ERR 0xCF
265 #define ROC_IE_ON_UCC_L2_HDR_LEN_ERR 0xE0
267 struct roc_ie_onf_sa_ctl {
269 uint64_t exp_proto_inter_frag : 8;
270 uint64_t rsvd_41_40 : 2;
271 /* Disable SPI, SEQ data in RPTR for Inbound inline */
272 uint64_t spi_seq_dis : 1;
274 uint64_t rsvd_44_45 : 2;
275 uint64_t encap_type : 2;
276 uint64_t enc_type : 3;
277 uint64_t rsvd_48 : 1;
278 uint64_t auth_type : 4;
280 uint64_t direction : 1;
281 uint64_t outer_ip_ver : 1;
282 uint64_t inner_ip_ver : 1;
283 uint64_t ipsec_mode : 1;
284 uint64_t ipsec_proto : 1;
285 uint64_t aes_key_len : 2;
288 struct roc_onf_ipsec_outb_sa {
290 struct roc_ie_onf_sa_ctl ctl;
302 uint8_t cipher_key[32];
305 uint8_t hmac_key[48];
308 struct roc_onf_ipsec_inb_sa {
310 struct roc_ie_onf_sa_ctl ctl;
313 uint8_t nonce[4]; /* Only for AES-GCM */
321 uint8_t cipher_key[32];
324 uint8_t hmac_key[48];
327 #define ROC_ONF_IPSEC_INB_MAX_L2_SZ 32UL
328 #define ROC_ONF_IPSEC_OUTB_MAX_L2_SZ 30UL
329 #define ROC_ONF_IPSEC_OUTB_MAX_L2_INFO_SZ (ROC_ONF_IPSEC_OUTB_MAX_L2_SZ + 2)
331 #define ROC_ONF_IPSEC_INB_RES_OFF 80
332 #define ROC_ONF_IPSEC_INB_SPI_SEQ_SZ 16
334 struct roc_onf_ipsec_outb_hdr {
340 #endif /* __ROC_IE_ON_H__ */