6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * * Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * * Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
16 * * Neither the name of NXP nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
23 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 #define NUM_POOL_CHANNELS 4
37 #define DPAA_SEC_BURST 32
38 #define DPAA_SEC_ALG_UNSUPPORT (-1)
39 #define TDES_CBC_IV_LEN 8
40 #define AES_CBC_IV_LEN 16
41 #define AES_CTR_IV_LEN 16
42 #define AES_GCM_IV_LEN 12
44 /* Minimum job descriptor consists of a oneword job descriptor HEADER and
45 * a pointer to the shared descriptor.
47 #define MIN_JOB_DESC_SIZE (CAAM_CMD_SZ + CAAM_PTR_SZ)
48 /* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
49 #define CTX_POOL_NUM_BUFS 32000
50 #define CTX_POOL_BUF_SIZE sizeof(struct dpaa_sec_op_ctx)
51 #define CTX_POOL_CACHE_SIZE 512
56 enum dpaa_sec_op_type {
57 DPAA_SEC_NONE, /*!< No Cipher operations*/
58 DPAA_SEC_CIPHER,/*!< CIPHER operations */
59 DPAA_SEC_AUTH, /*!< Authentication Operations */
60 DPAA_SEC_AEAD, /*!< Authenticated Encryption with associated data */
61 DPAA_SEC_IPSEC, /*!< IPSEC protocol operations*/
62 DPAA_SEC_PDCP, /*!< PDCP protocol operations*/
63 DPAA_SEC_PKC, /*!< Public Key Cryptographic Operations */
67 typedef struct dpaa_sec_session_entry {
68 uint8_t dir; /*!< Operation Direction */
69 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
70 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
71 enum rte_crypto_aead_algorithm aead_alg; /*!< Authentication Algorithm*/
74 uint8_t *data; /**< pointer to key data */
75 size_t length; /**< key length in bytes */
79 uint8_t *data; /**< pointer to key data */
80 size_t length; /**< key length in bytes */
83 uint8_t *data; /**< pointer to key data */
84 size_t length; /**< key length in bytes */
91 } iv; /**< Initialisation vector parameters */
92 uint16_t auth_only_len; /*!< Length of data for Auth only */
93 uint32_t digest_length;
94 struct dpaa_sec_qp *qp;
95 struct rte_mempool *ctx_pool; /* session mempool for dpaa_sec_op_ctx */
98 #define DPAA_SEC_MAX_DESC_SIZE 64
99 /* code or cmd block to caam */
105 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
107 unsigned int rsvd47_39:9;
108 unsigned int idlen:7;
110 unsigned int idlen:7;
111 unsigned int rsvd47_39:9;
120 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
121 unsigned int rsvd31_30:2;
124 unsigned int offset:2;
126 unsigned int add_buf:1;
128 uint16_t pool_buffer_size;
130 uint16_t pool_buffer_size;
132 unsigned int add_buf:1;
134 unsigned int offset:2;
137 unsigned int rsvd31_30:2;
143 uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE];
147 struct dpaa_sec_dev_private *internals;
148 struct sec_cdb cdb; /* cmd block associated with qp */
149 dpaa_sec_session *ses; /* session associated with qp */
158 #define RTE_MAX_NB_SEC_QPS RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS
159 /* internal sec queue interface */
160 struct dpaa_sec_dev_private {
162 struct rte_mempool *ctx_pool; /* per dev mempool for dpaa_sec_op_ctx */
163 struct dpaa_sec_qp qps[RTE_MAX_NB_SEC_QPS]; /* i/o queue for sec */
164 unsigned int max_nb_queue_pairs;
165 unsigned int max_nb_sessions;
168 #define MAX_SG_ENTRIES 16
169 #define SG_CACHELINE_0 0
170 #define SG_CACHELINE_1 4
171 #define SG_CACHELINE_2 8
172 #define SG_CACHELINE_3 12
173 struct dpaa_sec_job {
174 /* sg[0] output, sg[1] input, others are possible sub frames */
175 struct qm_sg_entry sg[MAX_SG_ENTRIES];
178 #define DPAA_MAX_NB_MAX_DIGEST 32
179 struct dpaa_sec_op_ctx {
180 struct dpaa_sec_job job;
181 struct rte_crypto_op *op;
182 struct rte_mempool *ctx_pool; /* mempool pointer for dpaa_sec_op_ctx */
184 uint8_t digest[DPAA_MAX_NB_MAX_DIGEST];
187 static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
189 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
191 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
193 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
209 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
211 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
213 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
229 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
231 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
233 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
249 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
251 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
253 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
269 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
271 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
273 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
289 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
291 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
293 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
309 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
311 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
313 .algo = RTE_CRYPTO_AEAD_AES_GCM,
339 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
341 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
343 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
359 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
361 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
363 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
379 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
381 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
383 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
399 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
402 #endif /* _DPAA_SEC_H_ */