1 /* SPDX-License-Identifier: BSD-3-Clause
3 * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
8 #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
9 #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
11 #define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec
12 /**< NXP DPAA2 - SEC PMD device name */
15 #define MAX_DESC_SIZE 64
16 /** private data structure for each DPAA2_SEC device */
17 struct dpaa2_sec_dev_private {
18 void *mc_portal; /**< MC Portal for configuring this device */
19 void *hw; /**< Hardware handle for this device.Used by NADK framework */
20 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
21 int32_t hw_id; /**< An unique ID of this device instance */
22 int32_t vfio_fd; /**< File descriptor received via VFIO */
23 uint16_t token; /**< Token required by DPxxx objects */
24 unsigned int max_nb_queue_pairs;
25 /**< Max number of queue pairs supported by device */
29 struct dpaa2_queue rx_vq;
30 struct dpaa2_queue tx_vq;
42 #define DPAA2_SET_FLC_EWS(flc) (flc->word1_bits23_16 |= 0x1)
43 #define DPAA2_SET_FLC_RSC(flc) (flc->word1_bits31_24 |= 0x1)
44 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
45 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
47 /* SEC Flow Context Descriptor */
48 struct sec_flow_context {
50 uint16_t word0_sdid; /* 11-0 SDID */
51 uint16_t word0_res; /* 31-12 reserved */
54 uint8_t word1_sdl; /* 5-0 SDL */
57 uint8_t word1_bits_15_8; /* 11-8 CRID */
61 uint8_t word1_bits23_16; /* 16 EWS */
66 uint8_t word1_bits31_24; /* 24 RSC */
70 /* word 2 RFLC[31-0] */
71 uint32_t word2_rflc_31_0;
73 /* word 3 RFLC[63-32] */
74 uint32_t word3_rflc_63_32;
77 uint16_t word4_iicid; /* 15-0 IICID */
78 uint16_t word4_oicid; /* 31-16 OICID */
81 uint32_t word5_ofqid:24; /* 23-0 OFQID */
82 uint32_t word5_31_24:8;
89 uint32_t word6_oflc_31_0;
92 uint32_t word7_oflc_63_32;
94 /* Word 8-15 storage profiles */
95 uint16_t dl; /**< DataLength(correction) */
96 uint16_t reserved; /**< reserved */
97 uint16_t dhr; /**< DataHeadRoom(correction) */
98 uint16_t mode_bits; /**< mode bits */
99 uint16_t bpv0; /**< buffer pool0 valid */
100 uint16_t bpid0; /**< Bypass Memory Translation */
101 uint16_t bpv1; /**< buffer pool1 valid */
102 uint16_t bpid1; /**< Bypass Memory Translation */
103 uint64_t word_12_15[2]; /**< word 12-15 are reserved */
106 struct sec_flc_desc {
107 struct sec_flow_context flc;
108 uint32_t desc[MAX_DESC_SIZE];
112 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
113 struct sec_flc_desc flc_desc[0];
116 enum dpaa2_sec_op_type {
117 DPAA2_SEC_NONE, /*!< No Cipher operations*/
118 DPAA2_SEC_CIPHER,/*!< CIPHER operations */
119 DPAA2_SEC_AUTH, /*!< Authentication Operations */
120 DPAA2_SEC_AEAD, /*!< AEAD (AES-GCM/CCM) type operations */
121 DPAA2_SEC_CIPHER_HASH, /*!< Authenticated Encryption with
124 DPAA2_SEC_HASH_CIPHER, /*!< Encryption with Authenticated
127 DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
128 DPAA2_SEC_PDCP, /*!< PDCP protocol operations*/
129 DPAA2_SEC_PKC, /*!< Public Key Cryptographic Operations */
133 struct dpaa2_sec_aead_ctxt {
134 uint16_t auth_only_len; /*!< Length of data for Auth only */
135 uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */
138 typedef struct dpaa2_sec_session_entry {
141 uint8_t dir; /*!< Operation Direction */
142 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
143 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
144 enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
147 uint8_t *data; /**< pointer to key data */
148 size_t length; /**< key length in bytes */
152 uint8_t *data; /**< pointer to key data */
153 size_t length; /**< key length in bytes */
156 uint8_t *data; /**< pointer to key data */
157 size_t length; /**< key length in bytes */
162 uint16_t length; /**< IV length in bytes */
163 uint16_t offset; /**< IV offset in bytes */
165 uint16_t digest_length;
168 struct dpaa2_sec_aead_ctxt aead_ctxt;
172 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
174 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
176 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
178 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
195 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
197 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
199 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
216 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
218 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
220 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
237 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
239 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
241 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
258 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
260 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
262 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
279 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
281 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
283 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
300 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
302 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
304 .algo = RTE_CRYPTO_AEAD_AES_GCM,
330 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
332 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
334 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
350 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
352 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
354 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
370 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
372 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
374 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
390 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
393 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
394 { /* IPsec Lookaside Protocol offload ESP Transport Egress */
395 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
396 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
398 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
399 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
400 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
403 .crypto_capabilities = dpaa2_sec_capabilities
405 { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
406 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
407 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
409 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
410 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
411 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
414 .crypto_capabilities = dpaa2_sec_capabilities
417 .action = RTE_SECURITY_ACTION_TYPE_NONE
424 * @param buffer calculate chksum for buffer
425 * @param len buffer length
427 * @return checksum value in host cpu order
429 static inline uint16_t
430 calc_chksum(void *buffer, int len)
432 uint16_t *buf = (uint16_t *)buffer;
436 for (sum = 0; len > 1; len -= 2)
440 sum += *(unsigned char *)buf;
442 sum = (sum >> 16) + (sum & 0xFFFF);
449 #endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */