1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright (C) 2019 Marvell International Ltd.
5 #include <rte_cryptodev.h>
6 #include <rte_security.h>
8 #include "otx2_cryptodev.h"
9 #include "otx2_cryptodev_capabilities.h"
10 #include "otx2_mbox.h"
12 #define CPT_EGRP_GET(hw_caps, name, egrp) do { \
13 if ((hw_caps[CPT_ENG_TYPE_SE].name) && \
14 (hw_caps[CPT_ENG_TYPE_IE].name)) \
15 *egrp = OTX2_CPT_EGRP_SE_IE; \
16 else if (hw_caps[CPT_ENG_TYPE_SE].name) \
17 *egrp = OTX2_CPT_EGRP_SE; \
18 else if (hw_caps[CPT_ENG_TYPE_AE].name) \
19 *egrp = OTX2_CPT_EGRP_AE; \
21 *egrp = OTX2_CPT_EGRP_MAX; \
24 #define CPT_CAPS_ADD(hw_caps, name) do { \
25 enum otx2_cpt_egrp egrp; \
26 CPT_EGRP_GET(hw_caps, name, &egrp); \
27 if (egrp < OTX2_CPT_EGRP_MAX) \
28 cpt_caps_add(caps_##name, RTE_DIM(caps_##name)); \
31 #define SEC_CAPS_ADD(hw_caps, name) do { \
32 enum otx2_cpt_egrp egrp; \
33 CPT_EGRP_GET(hw_caps, name, &egrp); \
34 if (egrp < OTX2_CPT_EGRP_MAX) \
35 sec_caps_add(sec_caps_##name, RTE_DIM(sec_caps_##name));\
38 #define OTX2_CPT_MAX_CAPS 34
39 #define OTX2_SEC_MAX_CAPS 4
41 static struct rte_cryptodev_capabilities otx2_cpt_caps[OTX2_CPT_MAX_CAPS];
42 static struct rte_cryptodev_capabilities otx2_cpt_sec_caps[OTX2_SEC_MAX_CAPS];
44 static const struct rte_cryptodev_capabilities caps_mul[] = {
46 .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
49 .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
50 .op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) |
51 (1 << RTE_CRYPTO_ASYM_OP_VERIFY) |
52 (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) |
53 (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)),
63 .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
66 .xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX,
77 .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
80 .xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA,
81 .op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) |
82 (1 << RTE_CRYPTO_ASYM_OP_VERIFY)),
88 .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
91 .xform_type = RTE_CRYPTO_ASYM_XFORM_ECPM,
99 static const struct rte_cryptodev_capabilities caps_sha1_sha2[] = {
101 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
103 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
105 .algo = RTE_CRYPTO_AUTH_SHA1,
121 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
123 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
125 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
141 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
143 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
145 .algo = RTE_CRYPTO_AUTH_SHA224,
161 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
163 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
165 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
181 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
183 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
185 .algo = RTE_CRYPTO_AUTH_SHA256,
201 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
203 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
205 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
221 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
223 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
225 .algo = RTE_CRYPTO_AUTH_SHA384,
241 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
243 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
245 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
261 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
263 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
265 .algo = RTE_CRYPTO_AUTH_SHA512,
281 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
283 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
285 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
301 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
303 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
305 .algo = RTE_CRYPTO_AUTH_MD5,
321 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
323 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
325 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
342 static const struct rte_cryptodev_capabilities caps_chacha20[] = {
343 { /* Chacha20-Poly1305 */
344 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
346 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
348 .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
375 static const struct rte_cryptodev_capabilities caps_zuc_snow3g[] = {
376 { /* SNOW 3G (UEA2) */
377 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
379 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
381 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
397 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
399 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
401 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
416 { /* SNOW 3G (UIA2) */
417 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
419 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
421 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
442 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
444 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
446 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
468 static const struct rte_cryptodev_capabilities caps_aes[] = {
469 { /* AES GMAC (AUTH) */
470 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
472 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
474 .algo = RTE_CRYPTO_AUTH_AES_GMAC,
495 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
497 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
499 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
515 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
517 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
519 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
535 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
537 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
539 .algo = RTE_CRYPTO_CIPHER_AES_XTS,
555 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
557 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
559 .algo = RTE_CRYPTO_AEAD_AES_GCM,
586 static const struct rte_cryptodev_capabilities caps_kasumi[] = {
588 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
590 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
592 .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
608 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
610 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
612 .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
629 static const struct rte_cryptodev_capabilities caps_des[] = {
631 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
633 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
635 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
651 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
653 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
655 .algo = RTE_CRYPTO_CIPHER_3DES_ECB,
671 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
673 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
675 .algo = RTE_CRYPTO_CIPHER_DES_CBC,
692 static const struct rte_cryptodev_capabilities caps_null[] = {
694 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
696 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
698 .algo = RTE_CRYPTO_AUTH_NULL,
713 { /* NULL (CIPHER) */
714 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
716 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
718 .algo = RTE_CRYPTO_CIPHER_NULL,
735 static const struct rte_cryptodev_capabilities caps_end[] = {
736 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
739 static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
741 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
743 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
745 .algo = RTE_CRYPTO_AEAD_AES_GCM,
772 static const struct rte_security_capability
773 otx2_crypto_sec_capabilities[] = {
774 { /* IPsec Lookaside Protocol ESP Tunnel Ingress */
775 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
776 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
778 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
779 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
780 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
783 .crypto_capabilities = otx2_cpt_sec_caps,
784 .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA
786 { /* IPsec Lookaside Protocol ESP Tunnel Egress */
787 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
788 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
790 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
791 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
792 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
795 .crypto_capabilities = otx2_cpt_sec_caps,
796 .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA
799 .action = RTE_SECURITY_ACTION_TYPE_NONE
804 cpt_caps_add(const struct rte_cryptodev_capabilities *caps, int nb_caps)
808 if (cur_pos + nb_caps > OTX2_CPT_MAX_CAPS)
811 memcpy(&otx2_cpt_caps[cur_pos], caps, nb_caps * sizeof(caps[0]));
816 otx2_crypto_capabilities_init(union cpt_eng_caps *hw_caps)
818 CPT_CAPS_ADD(hw_caps, mul);
819 CPT_CAPS_ADD(hw_caps, sha1_sha2);
820 CPT_CAPS_ADD(hw_caps, chacha20);
821 CPT_CAPS_ADD(hw_caps, zuc_snow3g);
822 CPT_CAPS_ADD(hw_caps, aes);
823 CPT_CAPS_ADD(hw_caps, kasumi);
824 CPT_CAPS_ADD(hw_caps, des);
826 cpt_caps_add(caps_null, RTE_DIM(caps_null));
827 cpt_caps_add(caps_end, RTE_DIM(caps_end));
830 const struct rte_cryptodev_capabilities *
831 otx2_cpt_capabilities_get(void)
833 return otx2_cpt_caps;
837 sec_caps_add(const struct rte_cryptodev_capabilities *caps, int nb_caps)
841 if (cur_pos + nb_caps > OTX2_SEC_MAX_CAPS)
844 memcpy(&otx2_cpt_sec_caps[cur_pos], caps, nb_caps * sizeof(caps[0]));
849 otx2_crypto_sec_capabilities_init(union cpt_eng_caps *hw_caps)
851 SEC_CAPS_ADD(hw_caps, aes);
853 sec_caps_add(caps_end, RTE_DIM(caps_end));
856 const struct rte_security_capability *
857 otx2_crypto_sec_capabilities_get(void *device __rte_unused)
859 return otx2_crypto_sec_capabilities;