drivers/crypto/dpaa_sec/dpaa_sec.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  *
   3  *   Copyright 2016-2021 NXP
   4  *
   5  */
   6
   7 #ifndef _DPAA_SEC_H_
   8 #define _DPAA_SEC_H_
   9
  10 #define CRYPTODEV_NAME_DPAA_SEC_PMD     crypto_dpaa_sec
  11 /**< NXP DPAA - SEC PMD device name */
  12
  13 #define MAX_DPAA_CORES          4
  14 #define NUM_POOL_CHANNELS       4
  15 #define DPAA_SEC_BURST          7
  16 #define DPAA_SEC_ALG_UNSUPPORT  (-1)
  17 #define TDES_CBC_IV_LEN         8
  18 #define AES_CBC_IV_LEN          16
  19 #define AES_CTR_IV_LEN          16
  20 #define AES_GCM_IV_LEN          12
  21
  22 extern uint8_t dpaa_cryptodev_driver_id;
  23
  24 #define DPAA_IPv6_DEFAULT_VTC_FLOW      0x60000000
  25
  26 /* Minimum job descriptor consists of a oneword job descriptor HEADER and
  27  * a pointer to the shared descriptor.
  28  */
  29 #define MIN_JOB_DESC_SIZE       (CAAM_CMD_SZ + CAAM_PTR_SZ)
  30 /* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
  31 #define CTX_POOL_NUM_BUFS       32000
  32 #define CTX_POOL_BUF_SIZE       sizeof(struct dpaa_sec_op_ctx)
  33 #define CTX_POOL_CACHE_SIZE     512
  34 #define RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS 1024
  35
  36 #define DIR_ENC                 1
  37 #define DIR_DEC                 0
  38
  39 enum dpaa_sec_op_type {
  40         DPAA_SEC_NONE,  /*!< No Cipher operations*/
  41         DPAA_SEC_CIPHER,/*!< CIPHER operations */
  42         DPAA_SEC_AUTH,  /*!< Authentication Operations */
  43         DPAA_SEC_AEAD,  /*!< AEAD (AES-GCM/CCM) type operations */
  44         DPAA_SEC_CIPHER_HASH,  /*!< Authenticated Encryption with
  45                                 * associated data
  46                                 */
  47         DPAA_SEC_HASH_CIPHER,  /*!< Encryption with Authenticated
  48                                 * associated data
  49                                 */
  50         DPAA_SEC_IPSEC, /*!< IPSEC protocol operations*/
  51         DPAA_SEC_PDCP,  /*!< PDCP protocol operations*/
  52         DPAA_SEC_PKC,   /*!< Public Key Cryptographic Operations */
  53         DPAA_SEC_MAX
  54 };
  55
  56 #define DPAA_SEC_MAX_DESC_SIZE  64
  57 /* code or cmd block to caam */
  58 struct sec_cdb {
  59         struct {
  60                 union {
  61                         uint32_t word;
  62                         struct {
  63 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
  64                                 uint16_t rsvd63_48;
  65                                 unsigned int rsvd47_39:9;
  66                                 unsigned int idlen:7;
  67 #else
  68                                 unsigned int idlen:7;
  69                                 unsigned int rsvd47_39:9;
  70                                 uint16_t rsvd63_48;
  71 #endif
  72                         } field;
  73                 } __packed hi;
  74
  75                 union {
  76                         uint32_t word;
  77                         struct {
  78 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
  79                                 unsigned int rsvd31_30:2;
  80                                 unsigned int fsgt:1;
  81                                 unsigned int lng:1;
  82                                 unsigned int offset:2;
  83                                 unsigned int abs:1;
  84                                 unsigned int add_buf:1;
  85                                 uint8_t pool_id;
  86                                 uint16_t pool_buffer_size;
  87 #else
  88                                 uint16_t pool_buffer_size;
  89                                 uint8_t pool_id;
  90                                 unsigned int add_buf:1;
  91                                 unsigned int abs:1;
  92                                 unsigned int offset:2;
  93                                 unsigned int lng:1;
  94                                 unsigned int fsgt:1;
  95                                 unsigned int rsvd31_30:2;
  96 #endif
  97                         } field;
  98                 } __packed lo;
  99         } __packed sh_hdr;
 100
 101         uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE];
 102 };
 103 #ifdef RTE_LIB_SECURITY
 104 /*!
 105  * The structure is to be filled by user as a part of
 106  * dpaa_sec_proto_ctxt for PDCP Protocol
 107  */
 108 struct sec_pdcp_ctxt {
 109         enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/
 110         int8_t bearer;  /*!< PDCP bearer ID */
 111         int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/
 112         int8_t hfn_ovd;/*!< Overwrite HFN per packet*/
 113         uint8_t sn_size;        /*!< Sequence number size, 5/7/12/15/18 */
 114         uint8_t sdap_enabled;   /*!< SDAP header is enabled */
 115         uint16_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which
 116                                  * per packet hfn is stored
 117                                  */
 118         uint32_t hfn;   /*!< Hyper Frame Number */
 119         uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */
 120 };
 121 #endif
 122
 123 typedef int (*dpaa_sec_build_fd_t)(
 124         void *qp, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec,
 125         uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs,
 126         struct rte_crypto_va_iova_ptr *iv,
 127         struct rte_crypto_va_iova_ptr *digest,
 128         struct rte_crypto_va_iova_ptr *aad_or_auth_iv,
 129         void *user_data);
 130
 131 typedef struct dpaa_sec_job* (*dpaa_sec_build_raw_dp_fd_t)(uint8_t *drv_ctx,
 132                         struct rte_crypto_sgl *sgl,
 133                         struct rte_crypto_sgl *dest_sgl,
 134                         struct rte_crypto_va_iova_ptr *iv,
 135                         struct rte_crypto_va_iova_ptr *digest,
 136                         struct rte_crypto_va_iova_ptr *auth_iv,
 137                         union rte_crypto_sym_ofs ofs,
 138                         void *userdata);
 139
 140 typedef struct dpaa_sec_session_entry {
 141         struct sec_cdb cdb;     /**< cmd block associated with qp */
 142         struct dpaa_sec_qp *qp[MAX_DPAA_CORES];
 143         struct qman_fq *inq[MAX_DPAA_CORES];
 144         uint8_t dir;         /*!< Operation Direction */
 145         uint8_t ctxt;   /*!< Session Context Type */
 146         enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
 147         enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
 148         enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
 149 #ifdef RTE_LIB_SECURITY
 150         enum rte_security_session_protocol proto_alg; /*!< Security Algorithm*/
 151 #endif
 152         dpaa_sec_build_fd_t build_fd;
 153         dpaa_sec_build_raw_dp_fd_t build_raw_dp_fd;
 154         union {
 155                 struct {
 156                         uint8_t *data;  /**< pointer to key data */
 157                         size_t length;  /**< key length in bytes */
 158                         uint32_t alg;
 159                         uint32_t algmode;
 160                 } aead_key;
 161                 struct {
 162                         struct {
 163                                 uint8_t *data;  /**< pointer to key data */
 164                                 size_t length;  /**< key length in bytes */
 165                                 uint32_t alg;
 166                                 uint32_t algmode;
 167                         } cipher_key;
 168                         struct {
 169                                 uint8_t *data;  /**< pointer to key data */
 170                                 size_t length;  /**< key length in bytes */
 171                                 uint32_t alg;
 172                                 uint32_t algmode;
 173                         } auth_key;
 174                 };
 175         };
 176         union {
 177                 struct {
 178                         struct {
 179                                 uint16_t length;
 180                                 uint16_t offset;
 181                         } iv;   /**< Initialisation vector parameters */
 182                         uint16_t auth_only_len;
 183                                         /*!< Length of data for Auth only */
 184                         uint32_t digest_length;
 185                         struct ipsec_decap_pdb decap_pdb;
 186                         struct ipsec_encap_pdb encap_pdb;
 187                         union {
 188                                 struct ip ip4_hdr;
 189                                 struct rte_ipv6_hdr ip6_hdr;
 190                         };
 191                         uint8_t auth_cipher_text;
 192                                 /**< Authenticate/cipher ordering */
 193                 };
 194 #ifdef RTE_LIB_SECURITY
 195                 struct sec_pdcp_ctxt pdcp;
 196 #endif
 197         };
 198 } dpaa_sec_session;
 199
 200 struct dpaa_sec_qp {
 201         struct dpaa_sec_dev_private *internals;
 202         struct rte_mempool *ctx_pool; /* mempool for dpaa_sec_op_ctx */
 203         struct qman_fq outq;
 204         int rx_pkts;
 205         int rx_errs;
 206         int tx_pkts;
 207         int tx_errs;
 208 };
 209
 210 #define RTE_DPAA_MAX_NB_SEC_QPS 2
 211 #define RTE_DPAA_MAX_RX_QUEUE (MAX_DPAA_CORES * RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS)
 212 #define DPAA_MAX_DEQUEUE_NUM_FRAMES 63
 213
 214 /* internal sec queue interface */
 215 struct dpaa_sec_dev_private {
 216         void *sec_hw;
 217         struct dpaa_sec_qp qps[RTE_DPAA_MAX_NB_SEC_QPS]; /* i/o queue for sec */
 218         struct qman_fq inq[RTE_DPAA_MAX_RX_QUEUE];
 219         unsigned char inq_attach[RTE_DPAA_MAX_RX_QUEUE];
 220         unsigned int max_nb_queue_pairs;
 221         unsigned int max_nb_sessions;
 222         rte_spinlock_t lock;
 223 };
 224
 225 #define MAX_SG_ENTRIES          16
 226 #define MAX_JOB_SG_ENTRIES      36
 227
 228 struct dpaa_sec_job {
 229         /* sg[0] output, sg[1] input, others are possible sub frames */
 230         struct qm_sg_entry sg[MAX_JOB_SG_ENTRIES];
 231 };
 232
 233 #define DPAA_MAX_NB_MAX_DIGEST  32
 234 struct dpaa_sec_op_ctx {
 235         struct dpaa_sec_job job;
 236         union {
 237                 struct rte_crypto_op *op;
 238                 void *userdata;
 239         };
 240         struct rte_mempool *ctx_pool; /* mempool pointer for dpaa_sec_op_ctx */
 241         uint32_t fd_status;
 242         int64_t vtop_offset;
 243         uint8_t digest[DPAA_MAX_NB_MAX_DIGEST];
 244 };
 245
 246 static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
 247         {       /* NULL (AUTH) */
 248                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 249                 {.sym = {
 250                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 251                         {.auth = {
 252                                 .algo = RTE_CRYPTO_AUTH_NULL,
 253                                 .block_size = 1,
 254                                 .key_size = {
 255                                         .min = 0,
 256                                         .max = 0,
 257                                         .increment = 0
 258                                 },
 259                                 .digest_size = {
 260                                         .min = 0,
 261                                         .max = 0,
 262                                         .increment = 0
 263                                 },
 264                                 .iv_size = { 0 }
 265                         }, },
 266                 }, },
 267         },
 268         {       /* MD5 */
 269                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 270                 {.sym = {
 271                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 272                         {.auth = {
 273                                 .algo = RTE_CRYPTO_AUTH_MD5,
 274                                 .block_size = 64,
 275                                 .key_size = {
 276                                         .min = 0,
 277                                         .max = 0,
 278                                         .increment = 0
 279                                 },
 280                                 .digest_size = {
 281                                         .min = 16,
 282                                         .max = 16,
 283                                         .increment = 0
 284                                 },
 285                                 .iv_size = { 0 }
 286                         }, }
 287                 }, }
 288         },
 289         {       /* MD5 HMAC */
 290                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 291                 {.sym = {
 292                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 293                         {.auth = {
 294                                 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
 295                                 .block_size = 64,
 296                                 .key_size = {
 297                                         .min = 1,
 298                                         .max = 64,
 299                                         .increment = 1
 300                                 },
 301                                 .digest_size = {
 302                                         .min = 1,
 303                                         .max = 16,
 304                                         .increment = 1
 305                                 },
 306                                 .iv_size = { 0 }
 307                         }, }
 308                 }, }
 309         },
 310         {       /* SHA1 */
 311                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 312                 {.sym = {
 313                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 314                         {.auth = {
 315                                 .algo = RTE_CRYPTO_AUTH_SHA1,
 316                                 .block_size = 64,
 317                                 .key_size = {
 318                                         .min = 0,
 319                                         .max = 0,
 320                                         .increment = 0
 321                                 },
 322                                 .digest_size = {
 323                                         .min = 20,
 324                                         .max = 20,
 325                                         .increment = 0
 326                                 },
 327                                 .iv_size = { 0 }
 328                         }, }
 329                 }, }
 330         },
 331         {       /* SHA1 HMAC */
 332                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 333                 {.sym = {
 334                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 335                         {.auth = {
 336                                 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
 337                                 .block_size = 64,
 338                                 .key_size = {
 339                                         .min = 1,
 340                                         .max = 64,
 341                                         .increment = 1
 342                                 },
 343                                 .digest_size = {
 344                                         .min = 1,
 345                                         .max = 20,
 346                                         .increment = 1
 347                                 },
 348                                 .iv_size = { 0 }
 349                         }, }
 350                 }, }
 351         },
 352         {       /* SHA224 */
 353                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 354                 {.sym = {
 355                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 356                         {.auth = {
 357                                 .algo = RTE_CRYPTO_AUTH_SHA224,
 358                                 .block_size = 64,
 359                                         .key_size = {
 360                                         .min = 0,
 361                                         .max = 0,
 362                                         .increment = 0
 363                                 },
 364                                 .digest_size = {
 365                                         .min = 28,
 366                                         .max = 28,
 367                                         .increment = 0
 368                                 },
 369                                 .iv_size = { 0 }
 370                         }, }
 371                 }, }
 372         },
 373         {       /* SHA224 HMAC */
 374                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 375                 {.sym = {
 376                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 377                         {.auth = {
 378                                 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
 379                                 .block_size = 64,
 380                                 .key_size = {
 381                                         .min = 1,
 382                                         .max = 64,
 383                                         .increment = 1
 384                                 },
 385                                 .digest_size = {
 386                                         .min = 1,
 387                                         .max = 28,
 388                                         .increment = 1
 389                                 },
 390                                 .iv_size = { 0 }
 391                         }, }
 392                 }, }
 393         },
 394         {       /* SHA256 */
 395                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 396                 {.sym = {
 397                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 398                         {.auth = {
 399                                 .algo = RTE_CRYPTO_AUTH_SHA256,
 400                                 .block_size = 64,
 401                                 .key_size = {
 402                                         .min = 0,
 403                                         .max = 0,
 404                                         .increment = 0
 405                                 },
 406                                 .digest_size = {
 407                                         .min = 32,
 408                                         .max = 32,
 409                                         .increment = 0
 410                                 },
 411                                 .iv_size = { 0 }
 412                         }, }
 413                 }, }
 414         },
 415         {       /* SHA256 HMAC */
 416                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 417                 {.sym = {
 418                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 419                         {.auth = {
 420                                 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
 421                                 .block_size = 64,
 422                                 .key_size = {
 423                                         .min = 1,
 424                                         .max = 64,
 425                                         .increment = 1
 426                                 },
 427                                 .digest_size = {
 428                                         .min = 1,
 429                                         .max = 32,
 430                                         .increment = 1
 431                                 },
 432                                 .iv_size = { 0 }
 433                         }, }
 434                 }, }
 435         },
 436         {       /* SHA384 */
 437                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 438                 {.sym = {
 439                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 440                         {.auth = {
 441                                 .algo = RTE_CRYPTO_AUTH_SHA384,
 442                                 .block_size = 64,
 443                                 .key_size = {
 444                                         .min = 0,
 445                                         .max = 0,
 446                                         .increment = 0
 447                                 },
 448                                 .digest_size = {
 449                                         .min = 48,
 450                                         .max = 48,
 451                                         .increment = 0
 452                                         },
 453                                 .iv_size = { 0 }
 454                         }, }
 455                 }, }
 456         },
 457         {       /* SHA384 HMAC */
 458                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 459                 {.sym = {
 460                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 461                         {.auth = {
 462                                 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
 463                                 .block_size = 128,
 464                                 .key_size = {
 465                                         .min = 1,
 466                                         .max = 128,
 467                                         .increment = 1
 468                                 },
 469                                 .digest_size = {
 470                                         .min = 1,
 471                                         .max = 48,
 472                                         .increment = 1
 473                                 },
 474                                 .iv_size = { 0 }
 475                         }, }
 476                 }, }
 477         },
 478         {       /* SHA512 */
 479                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 480                 {.sym = {
 481                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 482                         {.auth = {
 483                                 .algo = RTE_CRYPTO_AUTH_SHA512,
 484                                 .block_size = 128,
 485                                 .key_size = {
 486                                         .min = 0,
 487                                         .max = 0,
 488                                         .increment = 0
 489                                 },
 490                                 .digest_size = {
 491                                         .min = 64,
 492                                         .max = 64,
 493                                         .increment = 0
 494                                 },
 495                                 .iv_size = { 0 }
 496                         }, }
 497                 }, }
 498         },
 499         {       /* SHA512 HMAC */
 500                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 501                 {.sym = {
 502                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 503                         {.auth = {
 504                                 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
 505                                 .block_size = 128,
 506                                 .key_size = {
 507                                         .min = 1,
 508                                         .max = 128,
 509                                         .increment = 1
 510                                 },
 511                                 .digest_size = {
 512                                         .min = 1,
 513                                         .max = 64,
 514                                         .increment = 1
 515                                 },
 516                                 .iv_size = { 0 }
 517                         }, }
 518                 }, }
 519         },
 520         {       /* AES GCM */
 521                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 522                 {.sym = {
 523                         .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
 524                         {.aead = {
 525                                 .algo = RTE_CRYPTO_AEAD_AES_GCM,
 526                                 .block_size = 16,
 527                                 .key_size = {
 528                                         .min = 16,
 529                                         .max = 32,
 530                                         .increment = 8
 531                                 },
 532                                 .digest_size = {
 533                                         .min = 8,
 534                                         .max = 16,
 535                                         .increment = 4
 536                                 },
 537                                 .aad_size = {
 538                                         .min = 0,
 539                                         .max = 240,
 540                                         .increment = 1
 541                                 },
 542                                 .iv_size = {
 543                                         .min = 12,
 544                                         .max = 12,
 545                                         .increment = 0
 546                                 },
 547                         }, }
 548                 }, }
 549         },
 550         {       /* NULL (CIPHER) */
 551                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 552                 {.sym = {
 553                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 554                         {.cipher = {
 555                                 .algo = RTE_CRYPTO_CIPHER_NULL,
 556                                 .block_size = 1,
 557                                 .key_size = {
 558                                         .min = 0,
 559                                         .max = 0,
 560                                         .increment = 0
 561                                 },
 562                                 .iv_size = {
 563                                         .min = 0,
 564                                         .max = 0,
 565                                         .increment = 0
 566                                 }
 567                         }, },
 568                 }, }
 569         },
 570         {       /* AES CBC */
 571                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 572                 {.sym = {
 573                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 574                         {.cipher = {
 575                                 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
 576                                 .block_size = 16,
 577                                 .key_size = {
 578                                         .min = 16,
 579                                         .max = 32,
 580                                         .increment = 8
 581                                 },
 582                                 .iv_size = {
 583                                         .min = 16,
 584                                         .max = 16,
 585                                         .increment = 0
 586                                 }
 587                         }, }
 588                 }, }
 589         },
 590         {       /* AES CTR */
 591                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 592                 {.sym = {
 593                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 594                         {.cipher = {
 595                                 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
 596                                 .block_size = 16,
 597                                 .key_size = {
 598                                         .min = 16,
 599                                         .max = 32,
 600                                         .increment = 8
 601                                 },
 602                                 .iv_size = {
 603                                         .min = 16,
 604                                         .max = 16,
 605                                         .increment = 0
 606                                 },
 607                         }, }
 608                 }, }
 609         },
 610         {       /* DES CBC */
 611                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 612                 {.sym = {
 613                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 614                         {.cipher = {
 615                                 .algo = RTE_CRYPTO_CIPHER_DES_CBC,
 616                                 .block_size = 8,
 617                                 .key_size = {
 618                                         .min = 8,
 619                                         .max = 8,
 620                                         .increment = 0
 621                                 },
 622                                 .iv_size = {
 623                                         .min = 8,
 624                                         .max = 8,
 625                                         .increment = 0
 626                                 }
 627                         }, }
 628                 }, }
 629         },
 630         {       /* 3DES CBC */
 631                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 632                 {.sym = {
 633                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 634                         {.cipher = {
 635                                 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
 636                                 .block_size = 8,
 637                                 .key_size = {
 638                                         .min = 16,
 639                                         .max = 24,
 640                                         .increment = 8
 641                                 },
 642                                 .iv_size = {
 643                                         .min = 8,
 644                                         .max = 8,
 645                                         .increment = 0
 646                                 }
 647                         }, }
 648                 }, }
 649         },
 650         {       /* SNOW 3G (UIA2) */
 651                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 652                 {.sym = {
 653                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 654                         {.auth = {
 655                                 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
 656                                 .block_size = 16,
 657                                 .key_size = {
 658                                         .min = 16,
 659                                         .max = 16,
 660                                         .increment = 0
 661                                 },
 662                                 .digest_size = {
 663                                         .min = 4,
 664                                         .max = 4,
 665                                         .increment = 0
 666                                 },
 667                                 .iv_size = {
 668                                         .min = 16,
 669                                         .max = 16,
 670                                         .increment = 0
 671                                 }
 672                         }, }
 673                 }, }
 674         },
 675         {       /* SNOW 3G (UEA2) */
 676                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 677                 {.sym = {
 678                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 679                         {.cipher = {
 680                                 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
 681                                 .block_size = 16,
 682                                 .key_size = {
 683                                         .min = 16,
 684                                         .max = 16,
 685                                         .increment = 0
 686                                 },
 687                                 .iv_size = {
 688                                         .min = 16,
 689                                         .max = 16,
 690                                         .increment = 0
 691                                 }
 692                         }, }
 693                 }, }
 694         },
 695         {       /* ZUC (EEA3) */
 696                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 697                 {.sym = {
 698                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 699                         {.cipher = {
 700                                 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
 701                                 .block_size = 16,
 702                                 .key_size = {
 703                                         .min = 16,
 704                                         .max = 16,
 705                                         .increment = 0
 706                                 },
 707                                 .iv_size = {
 708                                         .min = 16,
 709                                         .max = 16,
 710                                         .increment = 0
 711                                 }
 712                         }, }
 713                 }, }
 714         },
 715         {       /* ZUC (EIA3) */
 716                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 717                 {.sym = {
 718                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 719                         {.auth = {
 720                                 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
 721                                 .block_size = 16,
 722                                 .key_size = {
 723                                         .min = 16,
 724                                         .max = 16,
 725                                         .increment = 0
 726                                 },
 727                                 .digest_size = {
 728                                         .min = 4,
 729                                         .max = 4,
 730                                         .increment = 0
 731                                 },
 732                                 .iv_size = {
 733                                         .min = 16,
 734                                         .max = 16,
 735                                         .increment = 0
 736                                 }
 737                         }, }
 738                 }, }
 739         },
 740         {       /* AES CMAC */
 741                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 742                 {.sym = {
 743                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 744                         {.auth = {
 745                                 .algo = RTE_CRYPTO_AUTH_AES_CMAC,
 746                                 .block_size = 16,
 747                                 .key_size = {
 748                                         .min = 1,
 749                                         .max = 16,
 750                                         .increment = 1
 751                                 },
 752                                 .digest_size = {
 753                                         .min = 12,
 754                                         .max = 16,
 755                                         .increment = 4
 756                                 },
 757                                 .iv_size = { 0 }
 758                         }, }
 759                 }, }
 760         },
 761         {       /* AES XCBC HMAC */
 762                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 763                 {.sym = {
 764                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 765                         {.auth = {
 766                                 .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
 767                                 .block_size = 16,
 768                                 .key_size = {
 769                                         .min = 1,
 770                                         .max = 16,
 771                                         .increment = 1
 772                                 },
 773                                 .digest_size = {
 774                                         .min = 12,
 775                                         .max = 16,
 776                                         .increment = 4
 777                                 },
 778                                 .aad_size = { 0 },
 779                                 .iv_size = { 0 }
 780                         }, }
 781                 }, }
 782         },
 783         RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 784 };
 785
 786 #ifdef RTE_LIB_SECURITY
 787 static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = {
 788         {       /* SNOW 3G (UIA2) */
 789                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 790                 {.sym = {
 791                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 792                         {.auth = {
 793                                 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
 794                                 .block_size = 16,
 795                                 .key_size = {
 796                                         .min = 16,
 797                                         .max = 16,
 798                                         .increment = 0
 799                                 },
 800                                 .digest_size = {
 801                                         .min = 4,
 802                                         .max = 4,
 803                                         .increment = 0
 804                                 },
 805                                 .iv_size = {
 806                                         .min = 16,
 807                                         .max = 16,
 808                                         .increment = 0
 809                                 }
 810                         }, }
 811                 }, }
 812         },
 813         {       /* SNOW 3G (UEA2) */
 814                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 815                 {.sym = {
 816                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 817                         {.cipher = {
 818                                 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
 819                                 .block_size = 16,
 820                                 .key_size = {
 821                                         .min = 16,
 822                                         .max = 16,
 823                                         .increment = 0
 824                                 },
 825                                 .iv_size = {
 826                                         .min = 16,
 827                                         .max = 16,
 828                                         .increment = 0
 829                                 }
 830                         }, }
 831                 }, }
 832         },
 833         {       /* AES CTR */
 834                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 835                 {.sym = {
 836                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 837                         {.cipher = {
 838                                 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
 839                                 .block_size = 16,
 840                                 .key_size = {
 841                                         .min = 16,
 842                                         .max = 32,
 843                                         .increment = 8
 844                                 },
 845                                 .iv_size = {
 846                                         .min = 16,
 847                                         .max = 16,
 848                                         .increment = 0
 849                                 }
 850                         }, }
 851                 }, }
 852         },
 853         {       /* NULL (AUTH) */
 854                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 855                 {.sym = {
 856                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 857                         {.auth = {
 858                                 .algo = RTE_CRYPTO_AUTH_NULL,
 859                                 .block_size = 1,
 860                                 .key_size = {
 861                                         .min = 0,
 862                                         .max = 0,
 863                                         .increment = 0
 864                                 },
 865                                 .digest_size = {
 866                                         .min = 0,
 867                                         .max = 0,
 868                                         .increment = 0
 869                                 },
 870                                 .iv_size = { 0 }
 871                         }, },
 872                 }, },
 873         },
 874         {       /* NULL (CIPHER) */
 875                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 876                 {.sym = {
 877                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 878                         {.cipher = {
 879                                 .algo = RTE_CRYPTO_CIPHER_NULL,
 880                                 .block_size = 1,
 881                                 .key_size = {
 882                                         .min = 0,
 883                                         .max = 0,
 884                                         .increment = 0
 885                                 },
 886                                 .iv_size = {
 887                                         .min = 0,
 888                                         .max = 0,
 889                                         .increment = 0
 890                                 }
 891                         }, },
 892                 }, }
 893         },
 894         {       /* ZUC (EEA3) */
 895                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 896                 {.sym = {
 897                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 898                         {.cipher = {
 899                                 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
 900                                 .block_size = 16,
 901                                 .key_size = {
 902                                         .min = 16,
 903                                         .max = 16,
 904                                         .increment = 0
 905                                 },
 906                                 .iv_size = {
 907                                         .min = 16,
 908                                         .max = 16,
 909                                         .increment = 0
 910                                 }
 911                         }, }
 912                 }, }
 913         },
 914         {       /* ZUC (EIA3) */
 915                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 916                 {.sym = {
 917                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 918                         {.auth = {
 919                                 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
 920                                 .block_size = 16,
 921                                 .key_size = {
 922                                         .min = 16,
 923                                         .max = 16,
 924                                         .increment = 0
 925                                 },
 926                                 .digest_size = {
 927                                         .min = 4,
 928                                         .max = 4,
 929                                         .increment = 0
 930                                 },
 931                                 .iv_size = {
 932                                         .min = 16,
 933                                         .max = 16,
 934                                         .increment = 0
 935                                 }
 936                         }, }
 937                 }, }
 938         },
 939
 940         RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 941 };
 942
 943 static const struct rte_security_capability dpaa_sec_security_cap[] = {
 944         { /* IPsec Lookaside Protocol offload ESP Transport Egress */
 945                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 946                 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
 947                 .ipsec = {
 948                         .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 949                         .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 950                         .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
 951                         .options = { 0 },
 952                         .replay_win_sz_max = 128
 953                 },
 954                 .crypto_capabilities = dpaa_sec_capabilities
 955         },
 956         { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
 957                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 958                 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
 959                 .ipsec = {
 960                         .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 961                         .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 962                         .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
 963                         .options = { 0 },
 964                         .replay_win_sz_max = 128
 965                 },
 966                 .crypto_capabilities = dpaa_sec_capabilities
 967         },
 968         { /* PDCP Lookaside Protocol offload Data */
 969                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 970                 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
 971                 .pdcp = {
 972                         .domain = RTE_SECURITY_PDCP_MODE_DATA,
 973                         .capa_flags = 0
 974                 },
 975                 .crypto_capabilities = dpaa_pdcp_capabilities
 976         },
 977         { /* PDCP Lookaside Protocol offload Control */
 978                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 979                 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
 980                 .pdcp = {
 981                         .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
 982                         .capa_flags = 0
 983                 },
 984                 .crypto_capabilities = dpaa_pdcp_capabilities
 985         },
 986         { /* PDCP Lookaside Protocol offload Short MAC */
 987                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 988                 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
 989                 .pdcp = {
 990                         .domain = RTE_SECURITY_PDCP_MODE_SHORT_MAC,
 991                         .capa_flags = 0
 992                 },
 993                 .crypto_capabilities = dpaa_pdcp_capabilities
 994         },
 995         {
 996                 .action = RTE_SECURITY_ACTION_TYPE_NONE
 997         }
 998 };
 999 #endif
1000
1001 /**
1002  * Checksum
1003  *
1004  * @param buffer calculate chksum for buffer
1005  * @param len    buffer length
1006  *
1007  * @return checksum value in host cpu order
1008  */
1009 static inline uint16_t
1010 calc_chksum(void *buffer, int len)
1011 {
1012         uint16_t *buf = (uint16_t *)buffer;
1013         uint32_t sum = 0;
1014         uint16_t result;
1015
1016         for (sum = 0; len > 1; len -= 2)
1017                 sum += *buf++;
1018
1019         if (len == 1)
1020                 sum += *(unsigned char *)buf;
1021
1022         sum = (sum >> 16) + (sum & 0xFFFF);
1023         sum += (sum >> 16);
1024         result = ~sum;
1025
1026         return  result;
1027 }
1028
1029 int
1030 dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
1031         struct rte_crypto_raw_dp_ctx *raw_dp_ctx,
1032         enum rte_crypto_op_sess_type sess_type,
1033         union rte_cryptodev_session_ctx session_ctx, uint8_t is_update);
1034
1035 int
1036 dpaa_sec_get_dp_ctx_size(struct rte_cryptodev *dev);
1037
1038 int
1039 dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess);
1040
1041 #endif /* _DPAA_SEC_H_ */