1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2021 Intel Corporation
5 #include "pmd_chacha_poly_priv.h"
7 /** Parse crypto xform chain and set private session parameters. */
9 chacha20_poly1305_session_configure(IMB_MGR * mb_mgr __rte_unused,
10 void *priv_sess, const struct rte_crypto_sym_xform *xform)
12 struct chacha20_poly1305_session *sess = priv_sess;
13 const struct rte_crypto_sym_xform *auth_xform;
14 const struct rte_crypto_sym_xform *cipher_xform;
15 const struct rte_crypto_sym_xform *aead_xform;
19 enum ipsec_mb_operation mode;
22 ret = ipsec_mb_parse_xform(xform, &mode, &auth_xform,
23 &cipher_xform, &aead_xform);
30 case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
31 case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
32 if (aead_xform->aead.algo !=
33 RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
35 "The only combined operation supported is CHACHA20 POLY1305");
39 /* Set IV parameters */
40 sess->iv.offset = aead_xform->aead.iv.offset;
41 sess->iv.length = aead_xform->aead.iv.length;
42 key_length = aead_xform->aead.key.length;
43 key = aead_xform->aead.key.data;
44 sess->aad_length = aead_xform->aead.aad_length;
45 sess->req_digest_length = aead_xform->aead.digest_length;
49 ERR, "Wrong xform type, has to be AEAD or authentication");
55 if (sess->iv.length != CHACHA20_POLY1305_IV_LENGTH &&
56 sess->iv.length != 0) {
57 IPSEC_MB_LOG(ERR, "Wrong IV length");
62 /* Check key length */
63 if (key_length != CHACHA20_POLY1305_KEY_SIZE) {
64 IPSEC_MB_LOG(ERR, "Invalid key length");
68 memcpy(sess->key, key, CHACHA20_POLY1305_KEY_SIZE);
72 if (sess->req_digest_length != CHACHA20_POLY1305_DIGEST_LENGTH) {
73 IPSEC_MB_LOG(ERR, "Invalid digest length");
77 sess->gen_digest_length = CHACHA20_POLY1305_DIGEST_LENGTH;
85 * Process a crypto operation, calling
86 * the direct chacha poly API from the multi buffer library.
88 * @param qp queue pair
89 * @param op symmetric crypto operation
90 * @param session chacha poly session
93 * - Return 0 if success
96 chacha20_poly1305_crypto_op(struct ipsec_mb_qp *qp, struct rte_crypto_op *op,
97 struct chacha20_poly1305_session *session)
99 struct chacha20_poly1305_qp_data *qp_data =
100 ipsec_mb_get_qp_private_data(qp);
103 struct rte_crypto_sym_op *sym_op = op->sym;
104 struct rte_mbuf *m_src = sym_op->m_src;
105 uint32_t offset, data_offset, data_length;
106 uint32_t part_len, data_len;
109 unsigned int oop = 0;
111 offset = sym_op->aead.data.offset;
112 data_offset = offset;
113 data_length = sym_op->aead.data.length;
114 RTE_ASSERT(m_src != NULL);
116 while (offset >= m_src->data_len && data_length != 0) {
117 offset -= m_src->data_len;
120 RTE_ASSERT(m_src != NULL);
123 src = rte_pktmbuf_mtod_offset(m_src, uint8_t *, offset);
125 data_len = m_src->data_len - offset;
126 part_len = (data_len < data_length) ? data_len :
130 if (sym_op->m_dst == NULL || (sym_op->m_dst == sym_op->m_src))
135 /* Segmented destination buffer is not supported
136 * if operation is Out-of-place
138 RTE_ASSERT(rte_pktmbuf_is_contiguous(sym_op->m_dst));
139 dst = rte_pktmbuf_mtod_offset(sym_op->m_dst, uint8_t *,
143 iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
146 IMB_CHACHA20_POLY1305_INIT(qp->mb_mgr, session->key,
147 &qp_data->chacha20_poly1305_ctx_data,
148 iv_ptr, sym_op->aead.aad.data,
149 (uint64_t)session->aad_length);
151 if (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT) {
152 IMB_CHACHA20_POLY1305_ENC_UPDATE(qp->mb_mgr,
154 &qp_data->chacha20_poly1305_ctx_data,
155 dst, src, (uint64_t)part_len);
156 total_len = data_length - part_len;
160 RTE_ASSERT(m_src != NULL);
162 src = rte_pktmbuf_mtod(m_src, uint8_t *);
167 part_len = (m_src->data_len < total_len) ?
168 m_src->data_len : total_len;
170 if (dst == NULL || src == NULL) {
171 IPSEC_MB_LOG(ERR, "Invalid src or dst input");
174 IMB_CHACHA20_POLY1305_ENC_UPDATE(qp->mb_mgr,
176 &qp_data->chacha20_poly1305_ctx_data,
177 dst, src, (uint64_t)part_len);
178 total_len -= part_len;
180 IPSEC_MB_LOG(ERR, "Invalid part len");
185 tag = sym_op->aead.digest.data;
186 IMB_CHACHA20_POLY1305_ENC_FINALIZE(qp->mb_mgr,
187 &qp_data->chacha20_poly1305_ctx_data,
188 tag, session->gen_digest_length);
191 IMB_CHACHA20_POLY1305_DEC_UPDATE(qp->mb_mgr,
193 &qp_data->chacha20_poly1305_ctx_data,
194 dst, src, (uint64_t)part_len);
196 total_len = data_length - part_len;
201 RTE_ASSERT(m_src != NULL);
203 src = rte_pktmbuf_mtod(m_src, uint8_t *);
208 part_len = (m_src->data_len < total_len) ?
209 m_src->data_len : total_len;
211 if (dst == NULL || src == NULL) {
212 IPSEC_MB_LOG(ERR, "Invalid src or dst input");
215 IMB_CHACHA20_POLY1305_DEC_UPDATE(qp->mb_mgr,
217 &qp_data->chacha20_poly1305_ctx_data,
218 dst, src, (uint64_t)part_len);
219 total_len -= part_len;
221 IPSEC_MB_LOG(ERR, "Invalid part len");
226 tag = qp_data->temp_digest;
227 IMB_CHACHA20_POLY1305_DEC_FINALIZE(qp->mb_mgr,
228 &qp_data->chacha20_poly1305_ctx_data,
229 tag, session->gen_digest_length);
236 * Process a completed chacha poly op
238 * @param qp Queue Pair to process
239 * @param op Crypto operation
240 * @param sess Crypto session
246 post_process_chacha20_poly1305_crypto_op(struct ipsec_mb_qp *qp,
247 struct rte_crypto_op *op,
248 struct chacha20_poly1305_session *session)
250 struct chacha20_poly1305_qp_data *qp_data =
251 ipsec_mb_get_qp_private_data(qp);
253 op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
254 /* Verify digest if required */
255 if (session->op == IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT ||
256 session->op == IPSEC_MB_OP_HASH_VERIFY_ONLY) {
257 uint8_t *digest = op->sym->aead.digest.data;
258 uint8_t *tag = qp_data->temp_digest;
260 #ifdef RTE_LIBRTE_PMD_CHACHA20_POLY1305_DEBUG
261 rte_hexdump(stdout, "auth tag (orig):",
262 digest, session->req_digest_length);
263 rte_hexdump(stdout, "auth tag (calc):",
264 tag, session->req_digest_length);
266 if (memcmp(tag, digest, session->req_digest_length) != 0)
267 op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
274 * Process a completed Chacha20_poly1305 request
276 * @param qp Queue Pair to process
277 * @param op Crypto operation
278 * @param sess Crypto session
284 handle_completed_chacha20_poly1305_crypto_op(struct ipsec_mb_qp *qp,
285 struct rte_crypto_op *op,
286 struct chacha20_poly1305_session *sess)
288 post_process_chacha20_poly1305_crypto_op(qp, op, sess);
290 /* Free session if a session-less crypto op */
291 if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
292 memset(sess, 0, sizeof(struct chacha20_poly1305_session));
293 memset(op->sym->session, 0,
294 rte_cryptodev_sym_get_existing_header_session_size(
296 rte_mempool_put(qp->sess_mp_priv, sess);
297 rte_mempool_put(qp->sess_mp, op->sym->session);
298 op->sym->session = NULL;
303 chacha20_poly1305_pmd_dequeue_burst(void *queue_pair,
304 struct rte_crypto_op **ops, uint16_t nb_ops)
306 struct chacha20_poly1305_session *sess;
307 struct ipsec_mb_qp *qp = queue_pair;
310 unsigned int i = 0, nb_dequeued;
312 nb_dequeued = rte_ring_dequeue_burst(qp->ingress_queue,
313 (void **)ops, nb_ops, NULL);
315 for (i = 0; i < nb_dequeued; i++) {
317 sess = ipsec_mb_get_session_private(qp, ops[i]);
318 if (unlikely(sess == NULL)) {
319 ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
320 qp->stats.dequeue_err_count++;
324 retval = chacha20_poly1305_crypto_op(qp, ops[i], sess);
326 ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
327 qp->stats.dequeue_err_count++;
331 handle_completed_chacha20_poly1305_crypto_op(qp, ops[i], sess);
334 qp->stats.dequeued_count += i;
339 struct rte_cryptodev_ops chacha20_poly1305_pmd_ops = {
340 .dev_configure = ipsec_mb_config,
341 .dev_start = ipsec_mb_start,
342 .dev_stop = ipsec_mb_stop,
343 .dev_close = ipsec_mb_close,
345 .stats_get = ipsec_mb_stats_get,
346 .stats_reset = ipsec_mb_stats_reset,
348 .dev_infos_get = ipsec_mb_info_get,
350 .queue_pair_setup = ipsec_mb_qp_setup,
351 .queue_pair_release = ipsec_mb_qp_release,
353 .sym_session_get_size = ipsec_mb_sym_session_get_size,
354 .sym_session_configure = ipsec_mb_sym_session_configure,
355 .sym_session_clear = ipsec_mb_sym_session_clear
358 struct rte_cryptodev_ops *rte_chacha20_poly1305_pmd_ops =
359 &chacha20_poly1305_pmd_ops;
362 chacha20_poly1305_probe(struct rte_vdev_device *vdev)
364 return ipsec_mb_create(vdev, IPSEC_MB_PMD_TYPE_CHACHA20_POLY1305);
367 static struct rte_vdev_driver cryptodev_chacha20_poly1305_pmd_drv = {
368 .probe = chacha20_poly1305_probe,
369 .remove = ipsec_mb_remove
372 static struct cryptodev_driver chacha20_poly1305_crypto_drv;
374 RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CHACHA20_POLY1305_PMD,
375 cryptodev_chacha20_poly1305_pmd_drv);
376 RTE_PMD_REGISTER_ALIAS(CRYPTODEV_NAME_CHACHA20_POLY1305_PMD,
377 cryptodev_chacha20_poly1305_pmd);
378 RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CHACHA20_POLY1305_PMD,
379 "max_nb_queue_pairs=<int> socket_id=<int>");
380 RTE_PMD_REGISTER_CRYPTO_DRIVER(chacha20_poly1305_crypto_drv,
381 cryptodev_chacha20_poly1305_pmd_drv.driver,
382 pmd_driver_id_chacha20_poly1305);
384 /* Constructor function to register chacha20_poly1305 PMD */
385 RTE_INIT(ipsec_mb_register_chacha20_poly1305)
387 struct ipsec_mb_internals *chacha_poly_data
388 = &ipsec_mb_pmds[IPSEC_MB_PMD_TYPE_CHACHA20_POLY1305];
390 chacha_poly_data->caps = chacha20_poly1305_capabilities;
391 chacha_poly_data->dequeue_burst = chacha20_poly1305_pmd_dequeue_burst;
392 chacha_poly_data->feature_flags =
393 RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
394 RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
395 RTE_CRYPTODEV_FF_IN_PLACE_SGL |
396 RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
397 RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
398 RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |
399 RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
400 chacha_poly_data->internals_priv_size = 0;
401 chacha_poly_data->ops = &chacha20_poly1305_pmd_ops;
402 chacha_poly_data->qp_priv_size =
403 sizeof(struct chacha20_poly1305_qp_data);
404 chacha_poly_data->session_configure =
405 chacha20_poly1305_session_configure;
406 chacha_poly_data->session_priv_size =
407 sizeof(struct chacha20_poly1305_session);