1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(C) 2021 Marvell.
5 #include <rte_cryptodev.h>
6 #include <cryptodev_pmd.h>
12 #include "cnxk_cryptodev.h"
13 #include "cnxk_cryptodev_ops.h"
14 #include "cnxk_cryptodev_capabilities.h"
17 #define CNXK_CPT_MAX_ASYM_OP_NUM_PARAMS 5
18 #define CNXK_CPT_MAX_ASYM_OP_MOD_LEN 1024
21 cnxk_cpt_get_mlen(void)
26 len = 2 * sizeof(uint64_t);
27 len += ROC_SE_MAX_MAC_LEN * sizeof(uint8_t);
29 len += ROC_SE_OFF_CTRL_LEN + ROC_CPT_AES_CBC_IV_LEN;
30 len += RTE_ALIGN_CEIL((ROC_SE_SG_LIST_HDR_SIZE +
31 (RTE_ALIGN_CEIL(ROC_SE_MAX_SG_IN_OUT_CNT, 4) >>
32 2) * ROC_SE_SG_ENTRY_SIZE),
39 cnxk_cpt_asym_get_mlen(void)
44 len = sizeof(uint64_t);
46 /* Get meta len for asymmetric operations */
47 len += CNXK_CPT_MAX_ASYM_OP_NUM_PARAMS * CNXK_CPT_MAX_ASYM_OP_MOD_LEN;
53 cnxk_cpt_dev_config(struct rte_cryptodev *dev,
54 struct rte_cryptodev_config *conf)
56 struct cnxk_cpt_vf *vf = dev->data->dev_private;
57 struct roc_cpt *roc_cpt = &vf->cpt;
58 uint16_t nb_lf_avail, nb_lf;
61 dev->feature_flags = cnxk_cpt_default_ff_get() & ~conf->ff_disable;
63 nb_lf_avail = roc_cpt->nb_lf_avail;
64 nb_lf = conf->nb_queue_pairs;
66 if (nb_lf > nb_lf_avail)
69 ret = roc_cpt_dev_configure(roc_cpt, nb_lf);
71 plt_err("Could not configure device");
75 if (dev->feature_flags & RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO) {
76 /* Initialize shared FPM table */
77 ret = roc_ae_fpm_get(vf->cnxk_fpm_iova);
79 plt_err("Could not get FPM table");
83 /* Init EC grp table */
84 ret = roc_ae_ec_grp_get(vf->ec_grp);
86 plt_err("Could not get EC grp table");
96 cnxk_cpt_dev_start(struct rte_cryptodev *dev)
98 struct cnxk_cpt_vf *vf = dev->data->dev_private;
99 struct roc_cpt *roc_cpt = &vf->cpt;
100 uint16_t nb_lf = roc_cpt->nb_lf;
103 for (qp_id = 0; qp_id < nb_lf; qp_id++) {
104 /* Application may not setup all queue pair */
105 if (roc_cpt->lf[qp_id] == NULL)
108 roc_cpt_iq_enable(roc_cpt->lf[qp_id]);
115 cnxk_cpt_dev_stop(struct rte_cryptodev *dev)
117 struct cnxk_cpt_vf *vf = dev->data->dev_private;
118 struct roc_cpt *roc_cpt = &vf->cpt;
119 uint16_t nb_lf = roc_cpt->nb_lf;
122 for (qp_id = 0; qp_id < nb_lf; qp_id++) {
123 if (roc_cpt->lf[qp_id] == NULL)
126 roc_cpt_iq_disable(roc_cpt->lf[qp_id]);
131 cnxk_cpt_dev_close(struct rte_cryptodev *dev)
133 struct cnxk_cpt_vf *vf = dev->data->dev_private;
137 for (i = 0; i < dev->data->nb_queue_pairs; i++) {
138 ret = cnxk_cpt_queue_pair_release(dev, i);
140 plt_err("Could not release queue pair %u", i);
145 if (dev->feature_flags & RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO) {
150 roc_cpt_dev_clear(&vf->cpt);
156 cnxk_cpt_dev_info_get(struct rte_cryptodev *dev,
157 struct rte_cryptodev_info *info)
159 struct cnxk_cpt_vf *vf = dev->data->dev_private;
160 struct roc_cpt *roc_cpt = &vf->cpt;
162 info->max_nb_queue_pairs =
163 RTE_MIN(roc_cpt->nb_lf_avail, vf->max_qps_limit);
164 plt_cpt_dbg("max_nb_queue_pairs %u", info->max_nb_queue_pairs);
166 info->feature_flags = cnxk_cpt_default_ff_get();
167 info->capabilities = cnxk_crypto_capabilities_get(vf);
168 info->sym.max_nb_sessions = 0;
169 info->min_mbuf_headroom_req = CNXK_CPT_MIN_HEADROOM_REQ;
170 info->min_mbuf_tailroom_req = CNXK_CPT_MIN_TAILROOM_REQ;
174 qp_memzone_name_get(char *name, int size, int dev_id, int qp_id)
176 snprintf(name, size, "cnxk_cpt_pq_mem_%u:%u", dev_id, qp_id);
180 cnxk_cpt_metabuf_mempool_create(const struct rte_cryptodev *dev,
181 struct cnxk_cpt_qp *qp, uint8_t qp_id,
182 uint32_t nb_elements)
184 char mempool_name[RTE_MEMPOOL_NAMESIZE];
185 struct cpt_qp_meta_info *meta_info;
186 int lcore_cnt = rte_lcore_count();
187 struct rte_mempool *pool;
188 int mb_pool_sz, mlen = 8;
191 if (dev->feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) {
193 mlen = cnxk_cpt_get_mlen();
196 if (dev->feature_flags & RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO) {
198 /* Get meta len required for asymmetric operations */
199 mlen = RTE_MAX(mlen, cnxk_cpt_asym_get_mlen());
202 mb_pool_sz = nb_elements;
203 cache_sz = RTE_MIN(RTE_MEMPOOL_CACHE_MAX_SIZE, nb_elements / 1.5);
205 /* For poll mode, core that enqueues and core that dequeues can be
206 * different. For event mode, all cores are allowed to use same crypto
210 mb_pool_sz += (RTE_MAX(2, lcore_cnt) * cache_sz);
212 /* Allocate mempool */
214 snprintf(mempool_name, RTE_MEMPOOL_NAMESIZE, "cnxk_cpt_mb_%u:%u",
215 dev->data->dev_id, qp_id);
217 pool = rte_mempool_create(mempool_name, mb_pool_sz, mlen, cache_sz, 0,
218 NULL, NULL, NULL, NULL, rte_socket_id(), 0);
221 plt_err("Could not create mempool for metabuf");
225 meta_info = &qp->meta_info;
227 meta_info->pool = pool;
228 meta_info->mlen = mlen;
234 cnxk_cpt_metabuf_mempool_destroy(struct cnxk_cpt_qp *qp)
236 struct cpt_qp_meta_info *meta_info = &qp->meta_info;
238 rte_mempool_free(meta_info->pool);
240 meta_info->pool = NULL;
244 static struct cnxk_cpt_qp *
245 cnxk_cpt_qp_create(const struct rte_cryptodev *dev, uint16_t qp_id,
248 const struct rte_memzone *pq_mem;
249 char name[RTE_MEMZONE_NAMESIZE];
250 struct cnxk_cpt_qp *qp;
255 /* Allocate queue pair */
256 qp = rte_zmalloc_socket("CNXK Crypto PMD Queue Pair", sizeof(*qp),
259 plt_err("Could not allocate queue pair");
263 /* For pending queue */
264 len = iq_len * sizeof(struct cpt_inflight_req);
266 qp_memzone_name_get(name, RTE_MEMZONE_NAMESIZE, dev->data->dev_id,
269 pq_mem = rte_memzone_reserve_aligned(name, len, rte_socket_id(),
270 RTE_MEMZONE_SIZE_HINT_ONLY |
272 RTE_CACHE_LINE_SIZE);
273 if (pq_mem == NULL) {
274 plt_err("Could not allocate reserved memzone");
282 ret = cnxk_cpt_metabuf_mempool_create(dev, qp, qp_id, iq_len);
284 plt_err("Could not create mempool for metabuf");
288 /* Initialize pending queue */
289 qp->pend_q.req_queue = pq_mem->addr;
296 rte_memzone_free(pq_mem);
303 cnxk_cpt_qp_destroy(const struct rte_cryptodev *dev, struct cnxk_cpt_qp *qp)
305 const struct rte_memzone *pq_mem;
306 char name[RTE_MEMZONE_NAMESIZE];
309 cnxk_cpt_metabuf_mempool_destroy(qp);
311 qp_memzone_name_get(name, RTE_MEMZONE_NAMESIZE, dev->data->dev_id,
314 pq_mem = rte_memzone_lookup(name);
316 ret = rte_memzone_free(pq_mem);
326 cnxk_cpt_queue_pair_release(struct rte_cryptodev *dev, uint16_t qp_id)
328 struct cnxk_cpt_qp *qp = dev->data->queue_pairs[qp_id];
329 struct cnxk_cpt_vf *vf = dev->data->dev_private;
330 struct roc_cpt *roc_cpt = &vf->cpt;
331 struct roc_cpt_lf *lf;
337 lf = roc_cpt->lf[qp_id];
343 ret = cnxk_cpt_qp_destroy(dev, qp);
345 plt_err("Could not destroy queue pair %d", qp_id);
349 roc_cpt->lf[qp_id] = NULL;
350 dev->data->queue_pairs[qp_id] = NULL;
356 cnxk_cpt_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
357 const struct rte_cryptodev_qp_conf *conf,
358 int socket_id __rte_unused)
360 struct cnxk_cpt_vf *vf = dev->data->dev_private;
361 struct roc_cpt *roc_cpt = &vf->cpt;
362 struct rte_pci_device *pci_dev;
363 struct cnxk_cpt_qp *qp;
366 if (dev->data->queue_pairs[qp_id] != NULL)
367 cnxk_cpt_queue_pair_release(dev, qp_id);
369 pci_dev = RTE_DEV_TO_PCI(dev->device);
371 if (pci_dev->mem_resource[2].addr == NULL) {
372 plt_err("Invalid PCI mem address");
376 qp = cnxk_cpt_qp_create(dev, qp_id, conf->nb_descriptors);
378 plt_err("Could not create queue pair %d", qp_id);
382 qp->lf.lf_id = qp_id;
383 qp->lf.nb_desc = conf->nb_descriptors;
385 ret = roc_cpt_lf_init(roc_cpt, &qp->lf);
387 plt_err("Could not initialize queue pair %d", qp_id);
392 qp->pend_q.pq_mask = qp->lf.nb_desc - 1;
394 roc_cpt->lf[qp_id] = &qp->lf;
396 ret = roc_cpt_lmtline_init(roc_cpt, &qp->lmtline, qp_id);
398 roc_cpt->lf[qp_id] = NULL;
399 plt_err("Could not init lmtline for queue pair %d", qp_id);
403 qp->sess_mp = conf->mp_session;
404 qp->sess_mp_priv = conf->mp_session_private;
405 dev->data->queue_pairs[qp_id] = qp;
410 cnxk_cpt_qp_destroy(dev, qp);
415 cnxk_cpt_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
417 return sizeof(struct cnxk_se_sess);
421 sym_xform_verify(struct rte_crypto_sym_xform *xform)
423 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
424 xform->auth.algo == RTE_CRYPTO_AUTH_NULL &&
425 xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
428 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL)
429 return CNXK_CPT_CIPHER;
431 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && xform->next == NULL)
432 return CNXK_CPT_AUTH;
434 if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD && xform->next == NULL)
435 return CNXK_CPT_AEAD;
437 if (xform->next == NULL)
440 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
441 xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
442 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
443 xform->next->auth.algo == RTE_CRYPTO_AUTH_SHA1)
446 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
447 xform->auth.algo == RTE_CRYPTO_AUTH_SHA1 &&
448 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
449 xform->next->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC)
452 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
453 xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT &&
454 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
455 xform->next->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE)
456 return CNXK_CPT_CIPHER_ENC_AUTH_GEN;
458 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
459 xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY &&
460 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
461 xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)
462 return CNXK_CPT_AUTH_VRFY_CIPHER_DEC;
464 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
465 xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE &&
466 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
467 xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
468 switch (xform->auth.algo) {
469 case RTE_CRYPTO_AUTH_SHA1_HMAC:
470 switch (xform->next->cipher.algo) {
471 case RTE_CRYPTO_CIPHER_AES_CBC:
472 return CNXK_CPT_AUTH_GEN_CIPHER_ENC;
481 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
482 xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&
483 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
484 xform->next->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY) {
485 switch (xform->cipher.algo) {
486 case RTE_CRYPTO_CIPHER_AES_CBC:
487 switch (xform->next->auth.algo) {
488 case RTE_CRYPTO_AUTH_SHA1_HMAC:
489 return CNXK_CPT_CIPHER_DEC_AUTH_VRFY;
502 cnxk_cpt_inst_w7_get(struct cnxk_se_sess *sess, struct roc_cpt *roc_cpt)
504 union cpt_inst_w7 inst_w7;
506 inst_w7.s.cptr = (uint64_t)&sess->roc_se_ctx.se_ctx;
508 /* Set the engine group */
509 if (sess->zsk_flag || sess->chacha_poly)
510 inst_w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_SE];
512 inst_w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
518 sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
519 struct rte_crypto_sym_xform *xform,
520 struct rte_cryptodev_sym_session *sess,
521 struct rte_mempool *pool)
523 struct cnxk_se_sess *sess_priv;
527 ret = sym_xform_verify(xform);
528 if (unlikely(ret < 0))
531 if (unlikely(rte_mempool_get(pool, &priv))) {
532 plt_dp_err("Could not allocate session private data");
536 memset(priv, 0, sizeof(struct cnxk_se_sess));
541 case CNXK_CPT_CIPHER:
542 ret = fill_sess_cipher(xform, sess_priv);
545 if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC)
546 ret = fill_sess_gmac(xform, sess_priv);
548 ret = fill_sess_auth(xform, sess_priv);
551 ret = fill_sess_aead(xform, sess_priv);
553 case CNXK_CPT_CIPHER_ENC_AUTH_GEN:
554 case CNXK_CPT_CIPHER_DEC_AUTH_VRFY:
555 ret = fill_sess_cipher(xform, sess_priv);
558 ret = fill_sess_auth(xform->next, sess_priv);
560 case CNXK_CPT_AUTH_VRFY_CIPHER_DEC:
561 case CNXK_CPT_AUTH_GEN_CIPHER_ENC:
562 ret = fill_sess_auth(xform, sess_priv);
565 ret = fill_sess_cipher(xform->next, sess_priv);
574 if ((sess_priv->roc_se_ctx.fc_type == ROC_SE_HASH_HMAC) &&
575 cpt_mac_len_verify(&xform->auth)) {
576 plt_dp_err("MAC length is not supported");
577 if (sess_priv->roc_se_ctx.auth_key != NULL) {
578 plt_free(sess_priv->roc_se_ctx.auth_key);
579 sess_priv->roc_se_ctx.auth_key = NULL;
586 sess_priv->cpt_inst_w7 = cnxk_cpt_inst_w7_get(sess_priv, roc_cpt);
588 set_sym_session_private_data(sess, driver_id, sess_priv);
593 rte_mempool_put(pool, priv);
599 cnxk_cpt_sym_session_configure(struct rte_cryptodev *dev,
600 struct rte_crypto_sym_xform *xform,
601 struct rte_cryptodev_sym_session *sess,
602 struct rte_mempool *pool)
604 struct cnxk_cpt_vf *vf = dev->data->dev_private;
605 struct roc_cpt *roc_cpt = &vf->cpt;
608 driver_id = dev->driver_id;
610 return sym_session_configure(roc_cpt, driver_id, xform, sess, pool);
614 sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
616 void *priv = get_sym_session_private_data(sess, driver_id);
617 struct cnxk_se_sess *sess_priv;
618 struct rte_mempool *pool;
625 if (sess_priv->roc_se_ctx.auth_key != NULL)
626 plt_free(sess_priv->roc_se_ctx.auth_key);
628 memset(priv, 0, cnxk_cpt_sym_session_get_size(NULL));
630 pool = rte_mempool_from_obj(priv);
632 set_sym_session_private_data(sess, driver_id, NULL);
634 rte_mempool_put(pool, priv);
638 cnxk_cpt_sym_session_clear(struct rte_cryptodev *dev,
639 struct rte_cryptodev_sym_session *sess)
641 return sym_session_clear(dev->driver_id, sess);
645 cnxk_ae_session_size_get(struct rte_cryptodev *dev __rte_unused)
647 return sizeof(struct cnxk_ae_sess);
651 cnxk_ae_session_clear(struct rte_cryptodev *dev,
652 struct rte_cryptodev_asym_session *sess)
654 struct rte_mempool *sess_mp;
655 struct cnxk_ae_sess *priv;
657 priv = get_asym_session_private_data(sess, dev->driver_id);
661 /* Free resources allocated in session_cfg */
662 cnxk_ae_free_session_parameters(priv);
664 /* Reset and free object back to pool */
665 memset(priv, 0, cnxk_ae_session_size_get(dev));
666 sess_mp = rte_mempool_from_obj(priv);
667 set_asym_session_private_data(sess, dev->driver_id, NULL);
668 rte_mempool_put(sess_mp, priv);
672 cnxk_ae_session_cfg(struct rte_cryptodev *dev,
673 struct rte_crypto_asym_xform *xform,
674 struct rte_cryptodev_asym_session *sess,
675 struct rte_mempool *pool)
677 struct cnxk_cpt_vf *vf = dev->data->dev_private;
678 struct roc_cpt *roc_cpt = &vf->cpt;
679 struct cnxk_ae_sess *priv;
680 union cpt_inst_w7 w7;
683 if (rte_mempool_get(pool, (void **)&priv))
686 memset(priv, 0, sizeof(struct cnxk_ae_sess));
688 ret = cnxk_ae_fill_session_parameters(priv, xform);
690 rte_mempool_put(pool, priv);
695 w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_AE];
696 priv->cpt_inst_w7 = w7.u64;
697 priv->cnxk_fpm_iova = vf->cnxk_fpm_iova;
698 priv->ec_grp = vf->ec_grp;
699 set_asym_session_private_data(sess, dev->driver_id, priv);