drivers/crypto/mvsam/rte_mrvl_pmd.c

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright(c) 2017 Marvell International Ltd.
   3  * Copyright(c) 2017 Semihalf.
   4  * All rights reserved.
   5  */
   6
   7 #include <rte_common.h>
   8 #include <rte_hexdump.h>
   9 #include <rte_cryptodev.h>
  10 #include <rte_cryptodev_pmd.h>
  11 #include <rte_bus_vdev.h>
  12 #include <rte_malloc.h>
  13 #include <rte_cpuflags.h>
  14
  15 #include "rte_mrvl_pmd_private.h"
  16
  17 #define MRVL_MUSDK_DMA_MEMSIZE 41943040
  18
  19 static uint8_t cryptodev_driver_id;
  20
  21 /**
  22  * Flag if particular crypto algorithm is supported by PMD/MUSDK.
  23  *
  24  * The idea is to have Not Supported value as default (0).
  25  * This way we need only to define proper map sizes,
  26  * non-initialized entries will be by default not supported.
  27  */
  28 enum algo_supported {
  29         ALGO_NOT_SUPPORTED = 0,
  30         ALGO_SUPPORTED = 1,
  31 };
  32
  33 /** Map elements for cipher mapping.*/
  34 struct cipher_params_mapping {
  35         enum algo_supported  supported;   /**< On/Off switch */
  36         enum sam_cipher_alg  cipher_alg;  /**< Cipher algorithm */
  37         enum sam_cipher_mode cipher_mode; /**< Cipher mode */
  38         unsigned int max_key_len;         /**< Maximum key length (in bytes)*/
  39 }
  40 /* We want to squeeze in multiple maps into the cache line. */
  41 __rte_aligned(32);
  42
  43 /** Map elements for auth mapping.*/
  44 struct auth_params_mapping {
  45         enum algo_supported supported;  /**< On/off switch */
  46         enum sam_auth_alg   auth_alg;   /**< Auth algorithm */
  47 }
  48 /* We want to squeeze in multiple maps into the cache line. */
  49 __rte_aligned(32);
  50
  51 /**
  52  * Map of supported cipher algorithms.
  53  */
  54 static const
  55 struct cipher_params_mapping cipher_map[RTE_CRYPTO_CIPHER_LIST_END] = {
  56         [RTE_CRYPTO_CIPHER_3DES_CBC] = {
  57                 .supported = ALGO_SUPPORTED,
  58                 .cipher_alg = SAM_CIPHER_3DES,
  59                 .cipher_mode = SAM_CIPHER_CBC,
  60                 .max_key_len = BITS2BYTES(192) },
  61         [RTE_CRYPTO_CIPHER_3DES_CTR] = {
  62                 .supported = ALGO_SUPPORTED,
  63                 .cipher_alg = SAM_CIPHER_3DES,
  64                 .cipher_mode = SAM_CIPHER_CTR,
  65                 .max_key_len = BITS2BYTES(192) },
  66         [RTE_CRYPTO_CIPHER_3DES_ECB] = {
  67                 .supported = ALGO_SUPPORTED,
  68                 .cipher_alg = SAM_CIPHER_3DES,
  69                 .cipher_mode = SAM_CIPHER_ECB,
  70                 .max_key_len = BITS2BYTES(192) },
  71         [RTE_CRYPTO_CIPHER_AES_CBC] = {
  72                 .supported = ALGO_SUPPORTED,
  73                 .cipher_alg = SAM_CIPHER_AES,
  74                 .cipher_mode = SAM_CIPHER_CBC,
  75                 .max_key_len = BITS2BYTES(256) },
  76         [RTE_CRYPTO_CIPHER_AES_CTR] = {
  77                 .supported = ALGO_SUPPORTED,
  78                 .cipher_alg = SAM_CIPHER_AES,
  79                 .cipher_mode = SAM_CIPHER_CTR,
  80                 .max_key_len = BITS2BYTES(256) },
  81 };
  82
  83 /**
  84  * Map of supported auth algorithms.
  85  */
  86 static const
  87 struct auth_params_mapping auth_map[RTE_CRYPTO_AUTH_LIST_END] = {
  88         [RTE_CRYPTO_AUTH_MD5_HMAC] = {
  89                 .supported = ALGO_SUPPORTED,
  90                 .auth_alg = SAM_AUTH_HMAC_MD5 },
  91         [RTE_CRYPTO_AUTH_MD5] = {
  92                 .supported = ALGO_SUPPORTED,
  93                 .auth_alg = SAM_AUTH_HASH_MD5 },
  94         [RTE_CRYPTO_AUTH_SHA1_HMAC] = {
  95                 .supported = ALGO_SUPPORTED,
  96                 .auth_alg = SAM_AUTH_HMAC_SHA1 },
  97         [RTE_CRYPTO_AUTH_SHA1] = {
  98                 .supported = ALGO_SUPPORTED,
  99                 .auth_alg = SAM_AUTH_HASH_SHA1 },
 100         [RTE_CRYPTO_AUTH_SHA224] = {
 101                 .supported = ALGO_SUPPORTED,
 102                 .auth_alg = SAM_AUTH_HASH_SHA2_224 },
 103         [RTE_CRYPTO_AUTH_SHA256_HMAC] = {
 104                 .supported = ALGO_SUPPORTED,
 105                 .auth_alg = SAM_AUTH_HMAC_SHA2_256 },
 106         [RTE_CRYPTO_AUTH_SHA256] = {
 107                 .supported = ALGO_SUPPORTED,
 108                 .auth_alg = SAM_AUTH_HASH_SHA2_256 },
 109         [RTE_CRYPTO_AUTH_SHA384_HMAC] = {
 110                 .supported = ALGO_SUPPORTED,
 111                 .auth_alg = SAM_AUTH_HMAC_SHA2_384 },
 112         [RTE_CRYPTO_AUTH_SHA384] = {
 113                 .supported = ALGO_SUPPORTED,
 114                 .auth_alg = SAM_AUTH_HASH_SHA2_384 },
 115         [RTE_CRYPTO_AUTH_SHA512_HMAC] = {
 116                 .supported = ALGO_SUPPORTED,
 117                 .auth_alg = SAM_AUTH_HMAC_SHA2_512 },
 118         [RTE_CRYPTO_AUTH_SHA512] = {
 119                 .supported = ALGO_SUPPORTED,
 120                 .auth_alg = SAM_AUTH_HASH_SHA2_512 },
 121         [RTE_CRYPTO_AUTH_AES_GMAC] = {
 122                 .supported = ALGO_SUPPORTED,
 123                 .auth_alg = SAM_AUTH_AES_GMAC },
 124 };
 125
 126 /**
 127  * Map of supported aead algorithms.
 128  */
 129 static const
 130 struct cipher_params_mapping aead_map[RTE_CRYPTO_AEAD_LIST_END] = {
 131         [RTE_CRYPTO_AEAD_AES_GCM] = {
 132                 .supported = ALGO_SUPPORTED,
 133                 .cipher_alg = SAM_CIPHER_AES,
 134                 .cipher_mode = SAM_CIPHER_GCM,
 135                 .max_key_len = BITS2BYTES(256) },
 136 };
 137
 138 /*
 139  *-----------------------------------------------------------------------------
 140  * Forward declarations.
 141  *-----------------------------------------------------------------------------
 142  */
 143 static int cryptodev_mrvl_crypto_uninit(struct rte_vdev_device *vdev);
 144
 145 /*
 146  *-----------------------------------------------------------------------------
 147  * Session Preparation.
 148  *-----------------------------------------------------------------------------
 149  */
 150
 151 /**
 152  * Get xform chain order.
 153  *
 154  * @param xform Pointer to configuration structure chain for crypto operations.
 155  * @returns Order of crypto operations.
 156  */
 157 static enum mrvl_crypto_chain_order
 158 mrvl_crypto_get_chain_order(const struct rte_crypto_sym_xform *xform)
 159 {
 160         /* Currently, Marvell supports max 2 operations in chain */
 161         if (xform->next != NULL && xform->next->next != NULL)
 162                 return MRVL_CRYPTO_CHAIN_NOT_SUPPORTED;
 163
 164         if (xform->next != NULL) {
 165                 if ((xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
 166                         (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER))
 167                         return MRVL_CRYPTO_CHAIN_AUTH_CIPHER;
 168
 169                 if ((xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
 170                         (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH))
 171                         return MRVL_CRYPTO_CHAIN_CIPHER_AUTH;
 172         } else {
 173                 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH)
 174                         return MRVL_CRYPTO_CHAIN_AUTH_ONLY;
 175
 176                 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
 177                         return MRVL_CRYPTO_CHAIN_CIPHER_ONLY;
 178
 179                 if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)
 180                         return MRVL_CRYPTO_CHAIN_COMBINED;
 181         }
 182         return MRVL_CRYPTO_CHAIN_NOT_SUPPORTED;
 183 }
 184
 185 /**
 186  * Set session parameters for cipher part.
 187  *
 188  * @param sess Crypto session pointer.
 189  * @param cipher_xform Pointer to configuration structure for cipher operations.
 190  * @returns 0 in case of success, negative value otherwise.
 191  */
 192 static int
 193 mrvl_crypto_set_cipher_session_parameters(struct mrvl_crypto_session *sess,
 194                 const struct rte_crypto_sym_xform *cipher_xform)
 195 {
 196         /* Make sure we've got proper struct */
 197         if (cipher_xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER) {
 198                 MRVL_CRYPTO_LOG_ERR("Wrong xform struct provided!");
 199                 return -EINVAL;
 200         }
 201
 202         /* See if map data is present and valid */
 203         if ((cipher_xform->cipher.algo > RTE_DIM(cipher_map)) ||
 204                 (cipher_map[cipher_xform->cipher.algo].supported
 205                         != ALGO_SUPPORTED)) {
 206                 MRVL_CRYPTO_LOG_ERR("Cipher algorithm not supported!");
 207                 return -EINVAL;
 208         }
 209
 210         sess->cipher_iv_offset = cipher_xform->cipher.iv.offset;
 211
 212         sess->sam_sess_params.dir =
 213                 (cipher_xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ?
 214                 SAM_DIR_ENCRYPT : SAM_DIR_DECRYPT;
 215         sess->sam_sess_params.cipher_alg =
 216                 cipher_map[cipher_xform->cipher.algo].cipher_alg;
 217         sess->sam_sess_params.cipher_mode =
 218                 cipher_map[cipher_xform->cipher.algo].cipher_mode;
 219
 220         /* Assume IV will be passed together with data. */
 221         sess->sam_sess_params.cipher_iv = NULL;
 222
 223         /* Get max key length. */
 224         if (cipher_xform->cipher.key.length >
 225                 cipher_map[cipher_xform->cipher.algo].max_key_len) {
 226                 MRVL_CRYPTO_LOG_ERR("Wrong key length!");
 227                 return -EINVAL;
 228         }
 229
 230         sess->sam_sess_params.cipher_key_len = cipher_xform->cipher.key.length;
 231         sess->sam_sess_params.cipher_key = cipher_xform->cipher.key.data;
 232
 233         return 0;
 234 }
 235
 236 /**
 237  * Set session parameters for authentication part.
 238  *
 239  * @param sess Crypto session pointer.
 240  * @param auth_xform Pointer to configuration structure for auth operations.
 241  * @returns 0 in case of success, negative value otherwise.
 242  */
 243 static int
 244 mrvl_crypto_set_auth_session_parameters(struct mrvl_crypto_session *sess,
 245                 const struct rte_crypto_sym_xform *auth_xform)
 246 {
 247         /* Make sure we've got proper struct */
 248         if (auth_xform->type != RTE_CRYPTO_SYM_XFORM_AUTH) {
 249                 MRVL_CRYPTO_LOG_ERR("Wrong xform struct provided!");
 250                 return -EINVAL;
 251         }
 252
 253         /* See if map data is present and valid */
 254         if ((auth_xform->auth.algo > RTE_DIM(auth_map)) ||
 255                 (auth_map[auth_xform->auth.algo].supported != ALGO_SUPPORTED)) {
 256                 MRVL_CRYPTO_LOG_ERR("Auth algorithm not supported!");
 257                 return -EINVAL;
 258         }
 259
 260         sess->sam_sess_params.dir =
 261                 (auth_xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ?
 262                 SAM_DIR_ENCRYPT : SAM_DIR_DECRYPT;
 263         sess->sam_sess_params.auth_alg =
 264                 auth_map[auth_xform->auth.algo].auth_alg;
 265         sess->sam_sess_params.u.basic.auth_icv_len =
 266                 auth_xform->auth.digest_length;
 267         /* auth_key must be NULL if auth algorithm does not use HMAC */
 268         sess->sam_sess_params.auth_key = auth_xform->auth.key.length ?
 269                                          auth_xform->auth.key.data : NULL;
 270         sess->sam_sess_params.auth_key_len = auth_xform->auth.key.length;
 271
 272         return 0;
 273 }
 274
 275 /**
 276  * Set session parameters for aead part.
 277  *
 278  * @param sess Crypto session pointer.
 279  * @param aead_xform Pointer to configuration structure for aead operations.
 280  * @returns 0 in case of success, negative value otherwise.
 281  */
 282 static int
 283 mrvl_crypto_set_aead_session_parameters(struct mrvl_crypto_session *sess,
 284                 const struct rte_crypto_sym_xform *aead_xform)
 285 {
 286         /* Make sure we've got proper struct */
 287         if (aead_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD) {
 288                 MRVL_CRYPTO_LOG_ERR("Wrong xform struct provided!");
 289                 return -EINVAL;
 290         }
 291
 292         /* See if map data is present and valid */
 293         if ((aead_xform->aead.algo > RTE_DIM(aead_map)) ||
 294                 (aead_map[aead_xform->aead.algo].supported
 295                         != ALGO_SUPPORTED)) {
 296                 MRVL_CRYPTO_LOG_ERR("AEAD algorithm not supported!");
 297                 return -EINVAL;
 298         }
 299
 300         sess->sam_sess_params.dir =
 301                 (aead_xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
 302                 SAM_DIR_ENCRYPT : SAM_DIR_DECRYPT;
 303         sess->sam_sess_params.cipher_alg =
 304                 aead_map[aead_xform->aead.algo].cipher_alg;
 305         sess->sam_sess_params.cipher_mode =
 306                 aead_map[aead_xform->aead.algo].cipher_mode;
 307
 308         /* Assume IV will be passed together with data. */
 309         sess->sam_sess_params.cipher_iv = NULL;
 310
 311         /* Get max key length. */
 312         if (aead_xform->aead.key.length >
 313                 aead_map[aead_xform->aead.algo].max_key_len) {
 314                 MRVL_CRYPTO_LOG_ERR("Wrong key length!");
 315                 return -EINVAL;
 316         }
 317
 318         sess->sam_sess_params.cipher_key = aead_xform->aead.key.data;
 319         sess->sam_sess_params.cipher_key_len = aead_xform->aead.key.length;
 320
 321         if (sess->sam_sess_params.cipher_mode == SAM_CIPHER_GCM)
 322                 sess->sam_sess_params.auth_alg = SAM_AUTH_AES_GCM;
 323
 324         sess->sam_sess_params.u.basic.auth_icv_len =
 325                 aead_xform->aead.digest_length;
 326
 327         sess->sam_sess_params.u.basic.auth_aad_len =
 328                 aead_xform->aead.aad_length;
 329
 330         return 0;
 331 }
 332
 333 /**
 334  * Parse crypto transform chain and setup session parameters.
 335  *
 336  * @param dev Pointer to crypto device
 337  * @param sess Poiner to crypto session
 338  * @param xform Pointer to configuration structure chain for crypto operations.
 339  * @returns 0 in case of success, negative value otherwise.
 340  */
 341 int
 342 mrvl_crypto_set_session_parameters(struct mrvl_crypto_session *sess,
 343                 const struct rte_crypto_sym_xform *xform)
 344 {
 345         const struct rte_crypto_sym_xform *cipher_xform = NULL;
 346         const struct rte_crypto_sym_xform *auth_xform = NULL;
 347         const struct rte_crypto_sym_xform *aead_xform = NULL;
 348
 349         /* Filter out spurious/broken requests */
 350         if (xform == NULL)
 351                 return -EINVAL;
 352
 353         sess->chain_order = mrvl_crypto_get_chain_order(xform);
 354         switch (sess->chain_order) {
 355         case MRVL_CRYPTO_CHAIN_CIPHER_AUTH:
 356                 cipher_xform = xform;
 357                 auth_xform = xform->next;
 358                 break;
 359         case MRVL_CRYPTO_CHAIN_AUTH_CIPHER:
 360                 auth_xform = xform;
 361                 cipher_xform = xform->next;
 362                 break;
 363         case MRVL_CRYPTO_CHAIN_CIPHER_ONLY:
 364                 cipher_xform = xform;
 365                 break;
 366         case MRVL_CRYPTO_CHAIN_AUTH_ONLY:
 367                 auth_xform = xform;
 368                 break;
 369         case MRVL_CRYPTO_CHAIN_COMBINED:
 370                 aead_xform = xform;
 371                 break;
 372         default:
 373                 return -EINVAL;
 374         }
 375
 376         if ((cipher_xform != NULL) &&
 377                 (mrvl_crypto_set_cipher_session_parameters(
 378                         sess, cipher_xform) < 0)) {
 379                 MRVL_CRYPTO_LOG_ERR("Invalid/unsupported cipher parameters");
 380                 return -EINVAL;
 381         }
 382
 383         if ((auth_xform != NULL) &&
 384                 (mrvl_crypto_set_auth_session_parameters(
 385                         sess, auth_xform) < 0)) {
 386                 MRVL_CRYPTO_LOG_ERR("Invalid/unsupported auth parameters");
 387                 return -EINVAL;
 388         }
 389
 390         if ((aead_xform != NULL) &&
 391                 (mrvl_crypto_set_aead_session_parameters(
 392                         sess, aead_xform) < 0)) {
 393                 MRVL_CRYPTO_LOG_ERR("Invalid/unsupported aead parameters");
 394                 return -EINVAL;
 395         }
 396
 397         return 0;
 398 }
 399
 400 /*
 401  *-----------------------------------------------------------------------------
 402  * Process Operations
 403  *-----------------------------------------------------------------------------
 404  */
 405
 406 /**
 407  * Prepare a single request.
 408  *
 409  * This function basically translates DPDK crypto request into one
 410  * understandable by MUDSK's SAM. If this is a first request in a session,
 411  * it starts the session.
 412  *
 413  * @param request Pointer to pre-allocated && reset request buffer [Out].
 414  * @param src_bd Pointer to pre-allocated source descriptor [Out].
 415  * @param dst_bd Pointer to pre-allocated destination descriptor [Out].
 416  * @param op Pointer to DPDK crypto operation struct [In].
 417  */
 418 static inline int
 419 mrvl_request_prepare(struct sam_cio_op_params *request,
 420                 struct sam_buf_info *src_bd,
 421                 struct sam_buf_info *dst_bd,
 422                 struct rte_crypto_op *op)
 423 {
 424         struct mrvl_crypto_session *sess;
 425         struct rte_mbuf *dst_mbuf;
 426         uint8_t *digest;
 427
 428         if (unlikely(op->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) {
 429                 MRVL_CRYPTO_LOG_ERR("MRVL CRYPTO PMD only supports session "
 430                                 "oriented requests, op (%p) is sessionless.",
 431                                 op);
 432                 return -EINVAL;
 433         }
 434
 435         sess = (struct mrvl_crypto_session *)get_session_private_data(
 436                         op->sym->session, cryptodev_driver_id);
 437         if (unlikely(sess == NULL)) {
 438                 MRVL_CRYPTO_LOG_ERR("Session was not created for this device");
 439                 return -EINVAL;
 440         }
 441
 442         /*
 443          * If application delivered us null dst buffer, it means it expects
 444          * us to deliver the result in src buffer.
 445          */
 446         dst_mbuf = op->sym->m_dst ? op->sym->m_dst : op->sym->m_src;
 447
 448         request->sa = sess->sam_sess;
 449         request->cookie = op;
 450
 451         /* Single buffers only, sorry. */
 452         request->num_bufs = 1;
 453         request->src = src_bd;
 454         src_bd->vaddr = rte_pktmbuf_mtod(op->sym->m_src, void *);
 455         src_bd->paddr = rte_pktmbuf_iova(op->sym->m_src);
 456         src_bd->len = rte_pktmbuf_data_len(op->sym->m_src);
 457
 458         /* Empty source. */
 459         if (rte_pktmbuf_data_len(op->sym->m_src) == 0) {
 460                 /* EIP does not support 0 length buffers. */
 461                 MRVL_CRYPTO_LOG_ERR("Buffer length == 0 not supported!");
 462                 return -1;
 463         }
 464
 465         /* Empty destination. */
 466         if (rte_pktmbuf_data_len(dst_mbuf) == 0) {
 467                 /* Make dst buffer fit at least source data. */
 468                 if (rte_pktmbuf_append(dst_mbuf,
 469                         rte_pktmbuf_data_len(op->sym->m_src)) == NULL) {
 470                         MRVL_CRYPTO_LOG_ERR("Unable to set big enough dst buffer!");
 471                         return -1;
 472                 }
 473         }
 474
 475         request->dst = dst_bd;
 476         dst_bd->vaddr = rte_pktmbuf_mtod(dst_mbuf, void *);
 477         dst_bd->paddr = rte_pktmbuf_iova(dst_mbuf);
 478
 479         /*
 480          * We can use all available space in dst_mbuf,
 481          * not only what's used currently.
 482          */
 483         dst_bd->len = dst_mbuf->buf_len - rte_pktmbuf_headroom(dst_mbuf);
 484
 485         if (sess->chain_order == MRVL_CRYPTO_CHAIN_COMBINED) {
 486                 request->cipher_len = op->sym->aead.data.length;
 487                 request->cipher_offset = op->sym->aead.data.offset;
 488                 request->cipher_iv = rte_crypto_op_ctod_offset(op, uint8_t *,
 489                         sess->cipher_iv_offset);
 490
 491                 request->auth_aad = op->sym->aead.aad.data;
 492                 request->auth_offset = request->cipher_offset;
 493                 request->auth_len = request->cipher_len;
 494         } else {
 495                 request->cipher_len = op->sym->cipher.data.length;
 496                 request->cipher_offset = op->sym->cipher.data.offset;
 497                 request->cipher_iv = rte_crypto_op_ctod_offset(op, uint8_t *,
 498                                 sess->cipher_iv_offset);
 499
 500                 request->auth_offset = op->sym->auth.data.offset;
 501                 request->auth_len = op->sym->auth.data.length;
 502         }
 503
 504         digest = sess->chain_order == MRVL_CRYPTO_CHAIN_COMBINED ?
 505                 op->sym->aead.digest.data : op->sym->auth.digest.data;
 506         if (digest == NULL) {
 507                 /* No auth - no worry. */
 508                 return 0;
 509         }
 510
 511         request->auth_icv_offset = request->auth_offset + request->auth_len;
 512
 513         /*
 514          * EIP supports only scenarios where ICV(digest buffer) is placed at
 515          * auth_icv_offset. Any other placement means risking errors.
 516          */
 517         if (sess->sam_sess_params.dir == SAM_DIR_ENCRYPT) {
 518                 /*
 519                  * This should be the most common case anyway,
 520                  * EIP will overwrite DST buffer at auth_icv_offset.
 521                  */
 522                 if (rte_pktmbuf_mtod_offset(
 523                                 dst_mbuf, uint8_t *,
 524                                 request->auth_icv_offset) == digest) {
 525                         return 0;
 526                 }
 527         } else {/* sess->sam_sess_params.dir == SAM_DIR_DECRYPT */
 528                 /*
 529                  * EIP will look for digest at auth_icv_offset
 530                  * offset in SRC buffer.
 531                  */
 532                 if (rte_pktmbuf_mtod_offset(
 533                                 op->sym->m_src, uint8_t *,
 534                                 request->auth_icv_offset) == digest) {
 535                         return 0;
 536                 }
 537         }
 538
 539         /*
 540          * If we landed here it means that digest pointer is
 541          * at different than expected place.
 542          */
 543         return -1;
 544 }
 545
 546 /*
 547  *-----------------------------------------------------------------------------
 548  * PMD Framework handlers
 549  *-----------------------------------------------------------------------------
 550  */
 551
 552 /**
 553  * Enqueue burst.
 554  *
 555  * @param queue_pair Pointer to queue pair.
 556  * @param ops Pointer to ops requests array.
 557  * @param nb_ops Number of elements in ops requests array.
 558  * @returns Number of elements consumed from ops.
 559  */
 560 static uint16_t
 561 mrvl_crypto_pmd_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops,
 562                 uint16_t nb_ops)
 563 {
 564         uint16_t iter_ops = 0;
 565         uint16_t to_enq = 0;
 566         uint16_t consumed = 0;
 567         int ret;
 568         struct sam_cio_op_params requests[nb_ops];
 569         /*
 570          * DPDK uses single fragment buffers, so we can KISS descriptors.
 571          * SAM does not store bd pointers, so on-stack scope will be enough.
 572          */
 573         struct sam_buf_info src_bd[nb_ops];
 574         struct sam_buf_info dst_bd[nb_ops];
 575         struct mrvl_crypto_qp *qp = (struct mrvl_crypto_qp *)queue_pair;
 576
 577         if (nb_ops == 0)
 578                 return 0;
 579
 580         /* Prepare the burst. */
 581         memset(&requests, 0, sizeof(requests));
 582
 583         /* Iterate through */
 584         for (; iter_ops < nb_ops; ++iter_ops) {
 585                 if (mrvl_request_prepare(&requests[iter_ops],
 586                                         &src_bd[iter_ops],
 587                                         &dst_bd[iter_ops],
 588                                         ops[iter_ops]) < 0) {
 589                         MRVL_CRYPTO_LOG_ERR(
 590                                 "Error while parameters preparation!");
 591                         qp->stats.enqueue_err_count++;
 592                         ops[iter_ops]->status = RTE_CRYPTO_OP_STATUS_ERROR;
 593
 594                         /*
 595                          * Number of handled ops is increased
 596                          * (even if the result of handling is error).
 597                          */
 598                         ++consumed;
 599                         break;
 600                 }
 601
 602                 ops[iter_ops]->status =
 603                         RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
 604
 605                 /* Increase the number of ops to enqueue. */
 606                 ++to_enq;
 607         } /* for (; iter_ops < nb_ops;... */
 608
 609         if (to_enq > 0) {
 610                 /* Send the burst */
 611                 ret = sam_cio_enq(qp->cio, requests, &to_enq);
 612                 consumed += to_enq;
 613                 if (ret < 0) {
 614                         /*
 615                          * Trust SAM that in this case returned value will be at
 616                          * some point correct (now it is returned unmodified).
 617                          */
 618                         qp->stats.enqueue_err_count += to_enq;
 619                         for (iter_ops = 0; iter_ops < to_enq; ++iter_ops)
 620                                 ops[iter_ops]->status =
 621                                         RTE_CRYPTO_OP_STATUS_ERROR;
 622                 }
 623         }
 624
 625         qp->stats.enqueued_count += to_enq;
 626         return consumed;
 627 }
 628
 629 /**
 630  * Dequeue burst.
 631  *
 632  * @param queue_pair Pointer to queue pair.
 633  * @param ops Pointer to ops requests array.
 634  * @param nb_ops Number of elements in ops requests array.
 635  * @returns Number of elements dequeued.
 636  */
 637 static uint16_t
 638 mrvl_crypto_pmd_dequeue_burst(void *queue_pair,
 639                 struct rte_crypto_op **ops,
 640                 uint16_t nb_ops)
 641 {
 642         int ret;
 643         struct mrvl_crypto_qp *qp = queue_pair;
 644         struct sam_cio *cio = qp->cio;
 645         struct sam_cio_op_result results[nb_ops];
 646         uint16_t i;
 647
 648         ret = sam_cio_deq(cio, results, &nb_ops);
 649         if (ret < 0) {
 650                 /* Count all dequeued as error. */
 651                 qp->stats.dequeue_err_count += nb_ops;
 652
 653                 /* But act as they were dequeued anyway*/
 654                 qp->stats.dequeued_count += nb_ops;
 655
 656                 return 0;
 657         }
 658
 659         /* Unpack and check results. */
 660         for (i = 0; i < nb_ops; ++i) {
 661                 ops[i] = results[i].cookie;
 662
 663                 switch (results[i].status) {
 664                 case SAM_CIO_OK:
 665                         ops[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 666                         break;
 667                 case SAM_CIO_ERR_ICV:
 668                         MRVL_CRYPTO_LOG_DBG("CIO returned SAM_CIO_ERR_ICV.");
 669                         ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 670                         break;
 671                 default:
 672                         MRVL_CRYPTO_LOG_DBG(
 673                                 "CIO returned Error: %d", results[i].status);
 674                         ops[i]->status = RTE_CRYPTO_OP_STATUS_ERROR;
 675                         break;
 676                 }
 677         }
 678
 679         qp->stats.dequeued_count += nb_ops;
 680         return nb_ops;
 681 }
 682
 683 /**
 684  * Create a new crypto device.
 685  *
 686  * @param name Driver name.
 687  * @param vdev Pointer to device structure.
 688  * @param init_params Pointer to initialization parameters.
 689  * @returns 0 in case of success, negative value otherwise.
 690  */
 691 static int
 692 cryptodev_mrvl_crypto_create(const char *name,
 693                 struct rte_vdev_device *vdev,
 694                 struct rte_cryptodev_pmd_init_params *init_params)
 695 {
 696         struct rte_cryptodev *dev;
 697         struct mrvl_crypto_private *internals;
 698         struct sam_init_params  sam_params;
 699         int ret;
 700
 701         dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 702         if (dev == NULL) {
 703                 MRVL_CRYPTO_LOG_ERR("failed to create cryptodev vdev");
 704                 goto init_error;
 705         }
 706
 707         dev->driver_id = cryptodev_driver_id;
 708         dev->dev_ops = rte_mrvl_crypto_pmd_ops;
 709
 710         /* Register rx/tx burst functions for data path. */
 711         dev->enqueue_burst = mrvl_crypto_pmd_enqueue_burst;
 712         dev->dequeue_burst = mrvl_crypto_pmd_dequeue_burst;
 713
 714         dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 715                         RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
 716                         RTE_CRYPTODEV_FF_HW_ACCELERATED;
 717
 718         /* Set vector instructions mode supported */
 719         internals = dev->data->dev_private;
 720
 721         internals->max_nb_qpairs = init_params->max_nb_queue_pairs;
 722         internals->max_nb_sessions = init_params->max_nb_sessions;
 723
 724         /*
 725          * ret == -EEXIST is correct, it means DMA
 726          * has been already initialized.
 727          */
 728         ret = mv_sys_dma_mem_init(MRVL_MUSDK_DMA_MEMSIZE);
 729         if (ret < 0) {
 730                 if (ret != -EEXIST)
 731                         return ret;
 732
 733                 MRVL_CRYPTO_LOG_INFO(
 734                         "DMA memory has been already initialized by a different driver.");
 735         }
 736
 737         sam_params.max_num_sessions = internals->max_nb_sessions;
 738
 739         return sam_init(&sam_params);
 740
 741 init_error:
 742         MRVL_CRYPTO_LOG_ERR(
 743                 "driver %s: %s failed", init_params->name, __func__);
 744
 745         cryptodev_mrvl_crypto_uninit(vdev);
 746         return -EFAULT;
 747 }
 748
 749 /**
 750  * Initialize the crypto device.
 751  *
 752  * @param vdev Pointer to device structure.
 753  * @returns 0 in case of success, negative value otherwise.
 754  */
 755 static int
 756 cryptodev_mrvl_crypto_init(struct rte_vdev_device *vdev)
 757 {
 758         struct rte_cryptodev_pmd_init_params init_params = { };
 759         const char *name, *args;
 760         int ret;
 761
 762         name = rte_vdev_device_name(vdev);
 763         if (name == NULL)
 764                 return -EINVAL;
 765         args = rte_vdev_device_args(vdev);
 766
 767         init_params.private_data_size = sizeof(struct mrvl_crypto_private);
 768         init_params.max_nb_queue_pairs = sam_get_num_inst() * SAM_HW_RING_NUM;
 769         init_params.max_nb_sessions =
 770                 RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_SESSIONS;
 771         init_params.socket_id = rte_socket_id();
 772
 773         ret = rte_cryptodev_pmd_parse_input_args(&init_params, args);
 774         if (ret) {
 775                 RTE_LOG(ERR, PMD,
 776                         "Failed to parse initialisation arguments[%s]\n",
 777                         args);
 778                 return -EINVAL;
 779         }
 780
 781         return cryptodev_mrvl_crypto_create(name, vdev, &init_params);
 782 }
 783
 784 /**
 785  * Uninitialize the crypto device
 786  *
 787  * @param vdev Pointer to device structure.
 788  * @returns 0 in case of success, negative value otherwise.
 789  */
 790 static int
 791 cryptodev_mrvl_crypto_uninit(struct rte_vdev_device *vdev)
 792 {
 793         struct rte_cryptodev *cryptodev;
 794         const char *name = rte_vdev_device_name(vdev);
 795
 796         if (name == NULL)
 797                 return -EINVAL;
 798
 799         RTE_LOG(INFO, PMD,
 800                 "Closing Marvell crypto device %s on numa socket %u\n",
 801                 name, rte_socket_id());
 802
 803         sam_deinit();
 804
 805         cryptodev = rte_cryptodev_pmd_get_named_dev(name);
 806         if (cryptodev == NULL)
 807                 return -ENODEV;
 808
 809         return rte_cryptodev_pmd_destroy(cryptodev);
 810 }
 811
 812 /**
 813  * Basic driver handlers for use in the constructor.
 814  */
 815 static struct rte_vdev_driver cryptodev_mrvl_pmd_drv = {
 816         .probe = cryptodev_mrvl_crypto_init,
 817         .remove = cryptodev_mrvl_crypto_uninit
 818 };
 819
 820 static struct cryptodev_driver mrvl_crypto_drv;
 821
 822 /* Register the driver in constructor. */
 823 RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_MRVL_PMD, cryptodev_mrvl_pmd_drv);
 824 RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_MRVL_PMD,
 825         "max_nb_queue_pairs=<int> "
 826         "max_nb_sessions=<int> "
 827         "socket_id=<int>");
 828 RTE_PMD_REGISTER_CRYPTO_DRIVER(mrvl_crypto_drv, cryptodev_mrvl_pmd_drv.driver,
 829                 cryptodev_driver_id);