1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright 2017-2018 NXP
8 #include <desc/ipsec.h>
9 #include <dpaax_iova_table.h>
11 /* NXP CAAM JR PMD device name */
13 #define CAAM_JR_ALG_UNSUPPORT (-1)
15 /* Minimum job descriptor consists of a oneword job descriptor HEADER and
16 * a pointer to the shared descriptor.
18 #define MIN_JOB_DESC_SIZE (CAAM_CMD_SZ + CAAM_PTR_SZ)
19 #define CAAM_JOB_DESC_SIZE 13
21 /* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
22 #define CTX_POOL_NUM_BUFS 32000
23 #define CTX_POOL_CACHE_SIZE 512
28 #define JR_MAX_NB_MAX_DIGEST 32
30 #define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
33 /* Return codes for SEC user space driver APIs */
34 enum sec_return_code_e {
35 SEC_SUCCESS = 0, /* Operation executed successfully.*/
36 SEC_INVALID_INPUT_PARAM, /* API received an invalid input
39 SEC_OUT_OF_MEMORY, /* Memory allocation failed. */
40 SEC_DESCRIPTOR_IN_FLIGHT, /* API function indicates there are
41 * descriptors in flight
44 SEC_LAST_DESCRIPTOR_IN_FLIGHT, /* API function indicates there is one
45 * last descriptor in flight
46 * for SEC to process that.
48 SEC_PROCESSING_ERROR, /* Indicates a SEC processing error
49 * occurred on a Job Ring which requires
50 * a SEC user space driver shutdown. Can
51 * be returned from sec_poll_job_ring().
52 * Then the only other API that can be
53 * called after this error is
56 SEC_DESC_PROCESSING_ERROR, /* Indicates a SEC descriptor processing
57 * error occurred on a Job Ring. Can be
58 * returned from sec_poll_job_ring().
59 * The driver was able to reset job ring
60 * and job ring can be used like in a
63 SEC_JR_IS_FULL, /* Job Ring is full. There is no more
64 * room in the JR for new descriptors.
65 * This can happen if the descriptor RX
66 * rate is higher than SEC's capacity.
68 SEC_DRIVER_RELEASE_IN_PROGRESS, /* SEC driver shutdown is in progress,
69 * descriptors processing or polling is
72 SEC_DRIVER_ALREADY_INITIALIZED, /* SEC driver is already initialized.*/
73 SEC_DRIVER_NOT_INITIALIZED, /* SEC driver is NOT initialized. */
74 SEC_JOB_RING_RESET_IN_PROGRESS, /* Job ring is resetting due to a
75 * per-descriptor SEC processing error
76 * ::SEC_desc_PROCESSING_ERROR. Reset is
77 * finished when sec_poll_job_ring()
78 * return. Then the job ring can be used
81 SEC_RESET_ENGINE_FAILED, /* Resetting of SEC Engine by SEC Kernel
84 SEC_ENABLE_IRQS_FAILED, /* Enabling of IRQs in SEC Kernel Driver
87 SEC_DISABLE_IRQS_FAILED, /* Disabling of IRQs in SEC Kernel
90 /* END OF VALID VALUES */
92 SEC_RETURN_CODE_MAX_VALUE, /* Invalid value for return code. It is
93 * used to mark the end of the return
94 * code values. @note ALL new return
95 * code values MUST be added before
96 * ::SEC_RETURN_CODE_MAX_VALUE!
100 enum caam_jr_op_type {
101 CAAM_JR_NONE, /* No Cipher operations*/
102 CAAM_JR_CIPHER,/* CIPHER operations */
103 CAAM_JR_AUTH, /* Authentication Operations */
104 CAAM_JR_AEAD, /* Authenticated Encryption with associated data */
105 CAAM_JR_IPSEC, /* IPSEC protocol operations*/
106 CAAM_JR_PDCP, /* PDCP protocol operations*/
107 CAAM_JR_PKC, /* Public Key Cryptographic Operations */
111 struct caam_jr_session {
112 uint8_t dir; /* Operation Direction */
113 enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
114 enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
115 enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
116 enum rte_security_session_protocol proto_alg; /* Security Algorithm*/
119 uint8_t *data; /* pointer to key data */
120 size_t length; /* key length in bytes */
124 uint8_t *data; /* pointer to key data */
125 size_t length; /* key length in bytes */
128 uint8_t *data; /* pointer to key data */
129 size_t length; /* key length in bytes */
136 } iv; /* Initialisation vector parameters */
137 uint16_t auth_only_len; /* Length of data for Auth only */
138 uint32_t digest_length;
139 struct ipsec_encap_pdb encap_pdb;
141 struct ipsec_decap_pdb decap_pdb;
142 struct caam_jr_qp *qp;
143 struct sec_cdb *cdb; /* cmd block associated with qp */
144 struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
148 * 16-byte hardware scatter/gather table
151 #define SEC4_SG_LEN_EXT 0x80000000 /* Entry points to table */
152 #define SEC4_SG_LEN_FIN 0x40000000 /* Last ent in table */
153 #define SEC4_SG_BPID_MASK 0x000000ff
154 #define SEC4_SG_BPID_SHIFT 16
155 #define SEC4_SG_LEN_MASK 0x3fffffff /* Excludes EXT and FINAL */
156 #define SEC4_SG_OFFSET_MASK 0x00001fff
158 struct sec4_sg_entry {
161 uint32_t bpid_offset;
164 #define MAX_SG_ENTRIES 16
165 #define SG_CACHELINE_0 0
166 #define SG_CACHELINE_1 4
167 #define SG_CACHELINE_2 8
168 #define SG_CACHELINE_3 12
170 /* Structure encompassing a job descriptor which is to be processed
171 * by SEC. User should also initialise this structure with the callback
172 * function pointer which will be called by driver after receiving processed
173 * descriptor from SEC. User data is also passed in this data structure which
174 * will be sent as an argument to the user callback function.
176 struct job_descriptor {
177 uint32_t desc[CAAM_JOB_DESC_SIZE];
180 struct caam_jr_op_ctx {
181 struct job_descriptor jobdes;
182 /* sg[0] output, sg[1] input, others are possible sub frames */
183 struct sec4_sg_entry sg[MAX_SG_ENTRIES];
184 struct rte_crypto_op *op;
185 struct rte_mempool *ctx_pool; /* mempool pointer for caam_jr_op_ctx */
187 uint8_t digest[JR_MAX_NB_MAX_DIGEST];
193 * @param buffer calculate chksum for buffer
194 * @param len buffer length
196 * @return checksum value in host cpu order
198 static inline uint16_t
199 calc_chksum(void *buffer, int len)
201 uint16_t *buf = (uint16_t *)buffer;
205 for (sum = 0; len > 1; len -= 2)
209 sum += *(unsigned char *)buf;
211 sum = (sum >> 16) + (sum & 0xFFFF);
217 struct uio_job_ring {
220 void *register_base_addr;
222 int uio_minor_number;
225 int sec_cleanup(void);
226 int sec_configure(void);
227 void sec_uio_job_rings_init(void);
228 struct uio_job_ring *config_job_ring(void);
229 void free_job_ring(int uio_fd);
231 /* For Dma memory allocation of specified length and alignment */
233 caam_jr_dma_mem_alloc(size_t align, size_t len)
235 return rte_malloc("mem_alloc", len, align);
238 /* For freeing dma memory */
240 caam_jr_dma_free(void *ptr)
245 static inline rte_iova_t
246 caam_jr_mem_vtop(void *vaddr)
248 const struct rte_memseg *ms;
250 ms = rte_mem_virt2memseg(vaddr, NULL);
252 return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
257 caam_jr_dma_ptov(rte_iova_t paddr)
260 va = dpaax_iova_table_get_va(paddr);
261 if (likely(va != NULL))
264 return rte_mem_iova2virt(paddr);
267 /* Virtual to physical address conversion */
268 static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
270 return caam_jr_mem_vtop(ptr);
273 /** @brief Request to SEC kernel driver to enable interrupts for
274 * descriptor finished processing
275 * Use UIO to communicate with SEC kernel driver: write command
276 * value that indicates an IRQ enable action into UIO file descriptor
279 * @param [in] uio_fd Job Ring UIO File descriptor
280 * @retval 0 for success
281 * @retval -1 value for error
283 int caam_jr_enable_irqs(int uio_fd);
285 /** @brief Request to SEC kernel driver to disable interrupts for descriptor
286 * finished processing
287 * Use UIO to communicate with SEC kernel driver: write command
288 * value that indicates an IRQ disable action into UIO file descriptor
291 * @param [in] uio_fd UIO File descriptor
292 * @retval 0 for success
293 * @retval -1 value for error
296 int caam_jr_disable_irqs(int uio_fd);