1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(C) 2021 Marvell.
5 #ifndef __ROC_IE_ON_H__
6 #define __ROC_IE_ON_H__
10 /* CN9K IPsec LA opcodes */
11 #define ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_OUTBOUND 0x20
12 #define ROC_IE_ON_MAJOR_OP_WRITE_IPSEC_INBOUND 0x21
13 #define ROC_IE_ON_MAJOR_OP_PROCESS_OUTBOUND_IPSEC 0x23
14 #define ROC_IE_ON_MAJOR_OP_PROCESS_INBOUND_IPSEC 0x24
16 /* Ucode completion codes */
17 enum roc_ie_on_ucc_ipsec {
18 ROC_IE_ON_UCC_SUCCESS = 0,
19 ROC_IE_ON_AUTH_UNSUPPORTED = 0xB0,
20 ROC_IE_ON_ENCRYPT_UNSUPPORTED = 0xB1,
24 #define ROC_IE_ON_INB_RPTR_HDR 0x8
25 #define ROC_IE_ON_MAX_IV_LEN 16
26 #define ROC_IE_ON_PER_PKT_IV BIT(43)
29 ROC_IE_ON_SA_ENC_NULL = 0,
30 ROC_IE_ON_SA_ENC_DES_CBC = 1,
31 ROC_IE_ON_SA_ENC_3DES_CBC = 2,
32 ROC_IE_ON_SA_ENC_AES_CBC = 3,
33 ROC_IE_ON_SA_ENC_AES_CTR = 4,
34 ROC_IE_ON_SA_ENC_AES_GCM = 5,
35 ROC_IE_ON_SA_ENC_AES_CCM = 6,
39 ROC_IE_ON_SA_AUTH_NULL = 0,
40 ROC_IE_ON_SA_AUTH_MD5 = 1,
41 ROC_IE_ON_SA_AUTH_SHA1 = 2,
42 ROC_IE_ON_SA_AUTH_SHA2_224 = 3,
43 ROC_IE_ON_SA_AUTH_SHA2_256 = 4,
44 ROC_IE_ON_SA_AUTH_SHA2_384 = 5,
45 ROC_IE_ON_SA_AUTH_SHA2_512 = 6,
46 ROC_IE_ON_SA_AUTH_AES_GMAC = 7,
47 ROC_IE_ON_SA_AUTH_AES_XCBC_128 = 8,
51 ROC_IE_ON_SA_FRAG_POST = 0,
52 ROC_IE_ON_SA_FRAG_PRE = 1,
56 ROC_IE_ON_SA_ENCAP_NONE = 0,
57 ROC_IE_ON_SA_ENCAP_UDP = 1,
61 ROC_IE_ON_IV_SRC_HW_GEN_DEFAULT = 0,
62 ROC_IE_ON_IV_SRC_FROM_DPTR = 1,
65 struct roc_ie_on_outb_hdr {
71 union roc_ie_on_bit_perfect_iv {
81 struct roc_ie_on_traffic_selector {
96 struct roc_ie_on_ip_template {
104 uint8_t ipv6_hdr[40];
111 union roc_on_ipsec_outb_param1 {
114 uint16_t frag_num : 4;
115 uint16_t rsvd_4_6 : 3;
116 uint16_t gre_select : 1;
119 uint16_t min_frag_size : 1;
120 uint16_t per_pkt_iv : 1;
121 uint16_t tfc_pad_enable : 1;
122 uint16_t tfc_dummy_pkt : 1;
123 uint16_t rfc_or_override_mode : 1;
124 uint16_t custom_hdr_or_p99 : 1;
128 union roc_on_ipsec_inb_param2 {
131 uint16_t rsvd_0_10 : 11;
132 uint16_t gre_select : 1;
134 uint16_t udp_cksum : 1;
135 uint16_t ctx_addr_sel : 1;
136 uint16_t custom_hdr_or_p99 : 1;
140 struct roc_ie_on_sa_ctl {
142 uint64_t exp_proto_inter_frag : 8;
143 uint64_t copy_df : 1;
144 uint64_t frag_type : 1;
145 uint64_t explicit_iv_en : 1;
147 uint64_t rsvd_45_44 : 2;
148 uint64_t encap_type : 2;
149 uint64_t enc_type : 3;
150 uint64_t rsvd_48 : 1;
151 uint64_t auth_type : 4;
153 uint64_t direction : 1;
154 uint64_t outer_ip_ver : 1;
155 uint64_t inner_ip_ver : 1;
156 uint64_t ipsec_mode : 1;
157 uint64_t ipsec_proto : 1;
158 uint64_t aes_key_len : 2;
161 struct roc_ie_on_common_sa {
163 struct roc_ie_on_sa_ctl ctl;
166 uint8_t cipher_key[32];
169 union roc_ie_on_bit_perfect_iv iv;
176 struct roc_ie_on_outb_sa {
178 struct roc_ie_on_common_sa common_sa;
183 struct roc_ie_on_ip_template template;
186 uint8_t hmac_key[24];
188 struct roc_ie_on_ip_template template;
193 struct roc_ie_on_ip_template template;
196 uint8_t hmac_key[64];
198 struct roc_ie_on_ip_template template;
203 struct roc_ie_on_inb_sa {
205 struct roc_ie_on_common_sa common_sa;
208 uint8_t udp_encap[8];
213 uint8_t hmac_key[48];
214 struct roc_ie_on_traffic_selector selector;
219 struct roc_ie_on_traffic_selector selector;
222 uint8_t hmac_key[64];
224 struct roc_ie_on_traffic_selector selector;
231 /* CN9K IPsec FP opcodes */
232 #define ROC_IE_ONF_MAJOR_OP_PROCESS_OUTBOUND_IPSEC 0x25UL
233 #define ROC_IE_ONF_MAJOR_OP_PROCESS_INBOUND_IPSEC 0x26UL
235 /* Ucode completion codes */
236 #define ROC_IE_ON_UCC_SUCCESS 0
237 #define ROC_IE_ON_UCC_ENC_TYPE_ERR 0xB1
238 #define ROC_IE_ON_UCC_IP_VER_ERR 0xB2
239 #define ROC_IE_ON_UCC_PROTO_ERR 0xB3
240 #define ROC_IE_ON_UCC_CTX_INVALID 0xB4
241 #define ROC_IE_ON_UCC_CTX_DIR_MISMATCH 0xB5
242 #define ROC_IE_ON_UCC_IP_PAYLOAD_TYPE_ERR 0xB6
243 #define ROC_IE_ON_UCC_CTX_FLAG_MISMATCH 0xB7
244 #define ROC_IE_ON_UCC_SPI_MISMATCH 0xBE
245 #define ROC_IE_ON_UCC_IP_CHKSUM_ERR 0xBF
246 #define ROC_IE_ON_UCC_AUTH_ERR 0xC3
247 #define ROC_IE_ON_UCC_PADDING_INVALID 0xC4
248 #define ROC_IE_ON_UCC_SA_MISMATCH 0xCC
249 #define ROC_IE_ON_UCC_L2_HDR_INFO_ERR 0xCF
250 #define ROC_IE_ON_UCC_L2_HDR_LEN_ERR 0xE0
252 struct roc_ie_onf_sa_ctl {
254 uint64_t exp_proto_inter_frag : 8;
255 uint64_t rsvd_41_40 : 2;
256 /* Disable SPI, SEQ data in RPTR for Inbound inline */
257 uint64_t spi_seq_dis : 1;
259 uint64_t rsvd_44_45 : 2;
260 uint64_t encap_type : 2;
261 uint64_t enc_type : 3;
262 uint64_t rsvd_48 : 1;
263 uint64_t auth_type : 4;
265 uint64_t direction : 1;
266 uint64_t outer_ip_ver : 1;
267 uint64_t inner_ip_ver : 1;
268 uint64_t ipsec_mode : 1;
269 uint64_t ipsec_proto : 1;
270 uint64_t aes_key_len : 2;
273 struct roc_onf_ipsec_outb_sa {
275 struct roc_ie_onf_sa_ctl ctl;
287 uint8_t cipher_key[32];
290 uint8_t hmac_key[48];
293 struct roc_onf_ipsec_inb_sa {
295 struct roc_ie_onf_sa_ctl ctl;
298 uint8_t nonce[4]; /* Only for AES-GCM */
306 uint8_t cipher_key[32];
309 uint8_t hmac_key[48];
312 #define ROC_ONF_IPSEC_INB_MAX_L2_SZ 32UL
313 #define ROC_ONF_IPSEC_OUTB_MAX_L2_SZ 30UL
314 #define ROC_ONF_IPSEC_OUTB_MAX_L2_INFO_SZ (ROC_ONF_IPSEC_OUTB_MAX_L2_SZ + 2)
316 #define ROC_ONF_IPSEC_INB_RES_OFF 80
317 #define ROC_ONF_IPSEC_INB_SPI_SEQ_SZ 16
319 struct roc_onf_ipsec_outb_hdr {
325 #endif /* __ROC_IE_ON_H__ */