net/cxgbe: support updating RSS hash configuration and key
[dpdk.git] / drivers / crypto / zuc / rte_zuc_pmd.c
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(c) 2016-2017 Intel Corporation
3  */
4
5 #include <rte_common.h>
6 #include <rte_hexdump.h>
7 #include <rte_cryptodev.h>
8 #include <rte_cryptodev_pmd.h>
9 #include <rte_bus_vdev.h>
10 #include <rte_malloc.h>
11 #include <rte_cpuflags.h>
12
13 #include "rte_zuc_pmd_private.h"
14
15 #define ZUC_MAX_BURST 8
16 #define BYTE_LEN 8
17
18 static uint8_t cryptodev_driver_id;
19
20 /** Get xform chain order. */
21 static enum zuc_operation
22 zuc_get_mode(const struct rte_crypto_sym_xform *xform)
23 {
24         if (xform == NULL)
25                 return ZUC_OP_NOT_SUPPORTED;
26
27         if (xform->next)
28                 if (xform->next->next != NULL)
29                         return ZUC_OP_NOT_SUPPORTED;
30
31         if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
32                 if (xform->next == NULL)
33                         return ZUC_OP_ONLY_AUTH;
34                 else if (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
35                         return ZUC_OP_AUTH_CIPHER;
36                 else
37                         return ZUC_OP_NOT_SUPPORTED;
38         }
39
40         if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
41                 if (xform->next == NULL)
42                         return ZUC_OP_ONLY_CIPHER;
43                 else if (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
44                         return ZUC_OP_CIPHER_AUTH;
45                 else
46                         return ZUC_OP_NOT_SUPPORTED;
47         }
48
49         return ZUC_OP_NOT_SUPPORTED;
50 }
51
52
53 /** Parse crypto xform chain and set private session parameters. */
54 int
55 zuc_set_session_parameters(struct zuc_session *sess,
56                 const struct rte_crypto_sym_xform *xform)
57 {
58         const struct rte_crypto_sym_xform *auth_xform = NULL;
59         const struct rte_crypto_sym_xform *cipher_xform = NULL;
60         enum zuc_operation mode;
61
62         /* Select Crypto operation - hash then cipher / cipher then hash */
63         mode = zuc_get_mode(xform);
64
65         switch (mode) {
66         case ZUC_OP_CIPHER_AUTH:
67                 auth_xform = xform->next;
68
69                 /* Fall-through */
70         case ZUC_OP_ONLY_CIPHER:
71                 cipher_xform = xform;
72                 break;
73         case ZUC_OP_AUTH_CIPHER:
74                 cipher_xform = xform->next;
75                 /* Fall-through */
76         case ZUC_OP_ONLY_AUTH:
77                 auth_xform = xform;
78                 break;
79         case ZUC_OP_NOT_SUPPORTED:
80         default:
81                 ZUC_LOG_ERR("Unsupported operation chain order parameter");
82                 return -ENOTSUP;
83         }
84
85         if (cipher_xform) {
86                 /* Only ZUC EEA3 supported */
87                 if (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_ZUC_EEA3)
88                         return -ENOTSUP;
89
90                 if (cipher_xform->cipher.iv.length != ZUC_IV_KEY_LENGTH) {
91                         ZUC_LOG_ERR("Wrong IV length");
92                         return -EINVAL;
93                 }
94                 sess->cipher_iv_offset = cipher_xform->cipher.iv.offset;
95
96                 /* Copy the key */
97                 memcpy(sess->pKey_cipher, cipher_xform->cipher.key.data,
98                                 ZUC_IV_KEY_LENGTH);
99         }
100
101         if (auth_xform) {
102                 /* Only ZUC EIA3 supported */
103                 if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_ZUC_EIA3)
104                         return -ENOTSUP;
105
106                 if (auth_xform->auth.digest_length != ZUC_DIGEST_LENGTH) {
107                         ZUC_LOG_ERR("Wrong digest length");
108                         return -EINVAL;
109                 }
110
111                 sess->auth_op = auth_xform->auth.op;
112
113                 if (auth_xform->auth.iv.length != ZUC_IV_KEY_LENGTH) {
114                         ZUC_LOG_ERR("Wrong IV length");
115                         return -EINVAL;
116                 }
117                 sess->auth_iv_offset = auth_xform->auth.iv.offset;
118
119                 /* Copy the key */
120                 memcpy(sess->pKey_hash, auth_xform->auth.key.data,
121                                 ZUC_IV_KEY_LENGTH);
122         }
123
124
125         sess->op = mode;
126
127         return 0;
128 }
129
130 /** Get ZUC session. */
131 static struct zuc_session *
132 zuc_get_session(struct zuc_qp *qp, struct rte_crypto_op *op)
133 {
134         struct zuc_session *sess = NULL;
135
136         if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
137                 if (likely(op->sym->session != NULL))
138                         sess = (struct zuc_session *)get_session_private_data(
139                                         op->sym->session,
140                                         cryptodev_driver_id);
141         } else {
142                 void *_sess = NULL;
143                 void *_sess_private_data = NULL;
144
145                 if (rte_mempool_get(qp->sess_mp, (void **)&_sess))
146                         return NULL;
147
148                 if (rte_mempool_get(qp->sess_mp, (void **)&_sess_private_data))
149                         return NULL;
150
151                 sess = (struct zuc_session *)_sess_private_data;
152
153                 if (unlikely(zuc_set_session_parameters(sess,
154                                 op->sym->xform) != 0)) {
155                         rte_mempool_put(qp->sess_mp, _sess);
156                         rte_mempool_put(qp->sess_mp, _sess_private_data);
157                         sess = NULL;
158                 }
159                 op->sym->session = (struct rte_cryptodev_sym_session *)_sess;
160                 set_session_private_data(op->sym->session, cryptodev_driver_id,
161                         _sess_private_data);
162         }
163
164         if (unlikely(sess == NULL))
165                 op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
166
167
168         return sess;
169 }
170
171 /** Encrypt/decrypt mbufs with same cipher key. */
172 static uint8_t
173 process_zuc_cipher_op(struct rte_crypto_op **ops,
174                 struct zuc_session *session,
175                 uint8_t num_ops)
176 {
177         unsigned i;
178         uint8_t processed_ops = 0;
179         uint8_t *src[ZUC_MAX_BURST], *dst[ZUC_MAX_BURST];
180         uint8_t *iv[ZUC_MAX_BURST];
181         uint32_t num_bytes[ZUC_MAX_BURST];
182         uint8_t *cipher_keys[ZUC_MAX_BURST];
183
184         for (i = 0; i < num_ops; i++) {
185                 if (((ops[i]->sym->cipher.data.length % BYTE_LEN) != 0)
186                                 || ((ops[i]->sym->cipher.data.offset
187                                         % BYTE_LEN) != 0)) {
188                         ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
189                         ZUC_LOG_ERR("Data Length or offset");
190                         break;
191                 }
192
193 #ifdef RTE_LIBRTE_PMD_ZUC_DEBUG
194                 if (!rte_pktmbuf_is_contiguous(ops[i]->sym->m_src) ||
195                                 (ops[i]->sym->m_dst != NULL &&
196                                 !rte_pktmbuf_is_contiguous(
197                                                 ops[i]->sym->m_dst))) {
198                         ZUC_LOG_ERR("PMD supports only contiguous mbufs, "
199                                 "op (%p) provides noncontiguous mbuf as "
200                                 "source/destination buffer.\n", ops[i]);
201                         ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
202                         break;
203                 }
204 #endif
205
206                 src[i] = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +
207                                 (ops[i]->sym->cipher.data.offset >> 3);
208                 dst[i] = ops[i]->sym->m_dst ?
209                         rte_pktmbuf_mtod(ops[i]->sym->m_dst, uint8_t *) +
210                                 (ops[i]->sym->cipher.data.offset >> 3) :
211                         rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +
212                                 (ops[i]->sym->cipher.data.offset >> 3);
213                 iv[i] = rte_crypto_op_ctod_offset(ops[i], uint8_t *,
214                                 session->cipher_iv_offset);
215                 num_bytes[i] = ops[i]->sym->cipher.data.length >> 3;
216
217                 cipher_keys[i] = session->pKey_cipher;
218
219                 processed_ops++;
220         }
221
222         sso_zuc_eea3_n_buffer(cipher_keys, iv, src, dst,
223                         num_bytes, processed_ops);
224
225         return processed_ops;
226 }
227
228 /** Generate/verify hash from mbufs with same hash key. */
229 static int
230 process_zuc_hash_op(struct zuc_qp *qp, struct rte_crypto_op **ops,
231                 struct zuc_session *session,
232                 uint8_t num_ops)
233 {
234         unsigned i;
235         uint8_t processed_ops = 0;
236         uint8_t *src;
237         uint32_t *dst;
238         uint32_t length_in_bits;
239         uint8_t *iv;
240
241         for (i = 0; i < num_ops; i++) {
242                 /* Data must be byte aligned */
243                 if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
244                         ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
245                         ZUC_LOG_ERR("Offset");
246                         break;
247                 }
248
249                 length_in_bits = ops[i]->sym->auth.data.length;
250
251                 src = rte_pktmbuf_mtod(ops[i]->sym->m_src, uint8_t *) +
252                                 (ops[i]->sym->auth.data.offset >> 3);
253                 iv = rte_crypto_op_ctod_offset(ops[i], uint8_t *,
254                                 session->auth_iv_offset);
255
256                 if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
257                         dst = (uint32_t *)qp->temp_digest;
258
259                         sso_zuc_eia3_1_buffer(session->pKey_hash,
260                                         iv, src,
261                                         length_in_bits, dst);
262                         /* Verify digest. */
263                         if (memcmp(dst, ops[i]->sym->auth.digest.data,
264                                         ZUC_DIGEST_LENGTH) != 0)
265                                 ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
266                 } else  {
267                         dst = (uint32_t *)ops[i]->sym->auth.digest.data;
268
269                         sso_zuc_eia3_1_buffer(session->pKey_hash,
270                                         iv, src,
271                                         length_in_bits, dst);
272                 }
273                 processed_ops++;
274         }
275
276         return processed_ops;
277 }
278
279 /** Process a batch of crypto ops which shares the same session. */
280 static int
281 process_ops(struct rte_crypto_op **ops, struct zuc_session *session,
282                 struct zuc_qp *qp, uint8_t num_ops,
283                 uint16_t *accumulated_enqueued_ops)
284 {
285         unsigned i;
286         unsigned enqueued_ops, processed_ops;
287
288         switch (session->op) {
289         case ZUC_OP_ONLY_CIPHER:
290                 processed_ops = process_zuc_cipher_op(ops,
291                                 session, num_ops);
292                 break;
293         case ZUC_OP_ONLY_AUTH:
294                 processed_ops = process_zuc_hash_op(qp, ops, session,
295                                 num_ops);
296                 break;
297         case ZUC_OP_CIPHER_AUTH:
298                 processed_ops = process_zuc_cipher_op(ops, session,
299                                 num_ops);
300                 process_zuc_hash_op(qp, ops, session, processed_ops);
301                 break;
302         case ZUC_OP_AUTH_CIPHER:
303                 processed_ops = process_zuc_hash_op(qp, ops, session,
304                                 num_ops);
305                 process_zuc_cipher_op(ops, session, processed_ops);
306                 break;
307         default:
308                 /* Operation not supported. */
309                 processed_ops = 0;
310         }
311
312         for (i = 0; i < num_ops; i++) {
313                 /*
314                  * If there was no error/authentication failure,
315                  * change status to successful.
316                  */
317                 if (ops[i]->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
318                         ops[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
319                 /* Free session if a session-less crypto op. */
320                 if (ops[i]->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
321                         memset(session, 0, sizeof(struct zuc_session));
322                         memset(ops[i]->sym->session, 0,
323                                         rte_cryptodev_get_header_session_size());
324                         rte_mempool_put(qp->sess_mp, session);
325                         rte_mempool_put(qp->sess_mp, ops[i]->sym->session);
326                         ops[i]->sym->session = NULL;
327                 }
328         }
329
330         enqueued_ops = rte_ring_enqueue_burst(qp->processed_ops,
331                         (void **)ops, processed_ops, NULL);
332         qp->qp_stats.enqueued_count += enqueued_ops;
333         *accumulated_enqueued_ops += enqueued_ops;
334
335         return enqueued_ops;
336 }
337
338 static uint16_t
339 zuc_pmd_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops,
340                 uint16_t nb_ops)
341 {
342         struct rte_crypto_op *c_ops[ZUC_MAX_BURST];
343         struct rte_crypto_op *curr_c_op;
344
345         struct zuc_session *prev_sess = NULL, *curr_sess = NULL;
346         struct zuc_qp *qp = queue_pair;
347         unsigned i;
348         uint8_t burst_size = 0;
349         uint16_t enqueued_ops = 0;
350         uint8_t processed_ops;
351
352         for (i = 0; i < nb_ops; i++) {
353                 curr_c_op = ops[i];
354
355                 /* Set status as enqueued (not processed yet) by default. */
356                 curr_c_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
357
358                 curr_sess = zuc_get_session(qp, curr_c_op);
359                 if (unlikely(curr_sess == NULL ||
360                                 curr_sess->op == ZUC_OP_NOT_SUPPORTED)) {
361                         curr_c_op->status =
362                                         RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
363                         break;
364                 }
365
366                 /* Batch ops that share the same session. */
367                 if (prev_sess == NULL) {
368                         prev_sess = curr_sess;
369                         c_ops[burst_size++] = curr_c_op;
370                 } else if (curr_sess == prev_sess) {
371                         c_ops[burst_size++] = curr_c_op;
372                         /*
373                          * When there are enough ops to process in a batch,
374                          * process them, and start a new batch.
375                          */
376                         if (burst_size == ZUC_MAX_BURST) {
377                                 processed_ops = process_ops(c_ops, prev_sess,
378                                                 qp, burst_size, &enqueued_ops);
379                                 if (processed_ops < burst_size) {
380                                         burst_size = 0;
381                                         break;
382                                 }
383
384                                 burst_size = 0;
385                                 prev_sess = NULL;
386                         }
387                 } else {
388                         /*
389                          * Different session, process the ops
390                          * of the previous session.
391                          */
392                         processed_ops = process_ops(c_ops, prev_sess,
393                                         qp, burst_size, &enqueued_ops);
394                         if (processed_ops < burst_size) {
395                                 burst_size = 0;
396                                 break;
397                         }
398
399                         burst_size = 0;
400                         prev_sess = curr_sess;
401
402                         c_ops[burst_size++] = curr_c_op;
403                 }
404         }
405
406         if (burst_size != 0) {
407                 /* Process the crypto ops of the last session. */
408                 processed_ops = process_ops(c_ops, prev_sess,
409                                 qp, burst_size, &enqueued_ops);
410         }
411
412         qp->qp_stats.enqueue_err_count += nb_ops - enqueued_ops;
413         return enqueued_ops;
414 }
415
416 static uint16_t
417 zuc_pmd_dequeue_burst(void *queue_pair,
418                 struct rte_crypto_op **c_ops, uint16_t nb_ops)
419 {
420         struct zuc_qp *qp = queue_pair;
421
422         unsigned nb_dequeued;
423
424         nb_dequeued = rte_ring_dequeue_burst(qp->processed_ops,
425                         (void **)c_ops, nb_ops, NULL);
426         qp->qp_stats.dequeued_count += nb_dequeued;
427
428         return nb_dequeued;
429 }
430
431 static int cryptodev_zuc_remove(struct rte_vdev_device *vdev);
432
433 static int
434 cryptodev_zuc_create(const char *name,
435                 struct rte_vdev_device *vdev,
436                 struct rte_cryptodev_pmd_init_params *init_params)
437 {
438         struct rte_cryptodev *dev;
439         struct zuc_private *internals;
440         uint64_t cpu_flags = RTE_CRYPTODEV_FF_CPU_SSE;
441
442
443         dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
444         if (dev == NULL) {
445                 ZUC_LOG_ERR("failed to create cryptodev vdev");
446                 goto init_error;
447         }
448
449         dev->driver_id = cryptodev_driver_id;
450         dev->dev_ops = rte_zuc_pmd_ops;
451
452         /* Register RX/TX burst functions for data path. */
453         dev->dequeue_burst = zuc_pmd_dequeue_burst;
454         dev->enqueue_burst = zuc_pmd_enqueue_burst;
455
456         dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
457                         RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
458                         cpu_flags;
459
460         internals = dev->data->dev_private;
461
462         internals->max_nb_queue_pairs = init_params->max_nb_queue_pairs;
463         internals->max_nb_sessions = init_params->max_nb_sessions;
464
465         return 0;
466 init_error:
467         ZUC_LOG_ERR("driver %s: cryptodev_zuc_create failed",
468                         init_params->name);
469
470         cryptodev_zuc_remove(vdev);
471         return -EFAULT;
472 }
473
474 static int
475 cryptodev_zuc_probe(struct rte_vdev_device *vdev)
476 {
477         struct rte_cryptodev_pmd_init_params init_params = {
478                 "",
479                 sizeof(struct zuc_private),
480                 rte_socket_id(),
481                 RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS,
482                 RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_SESSIONS
483         };
484         const char *name;
485         const char *input_args;
486
487         name = rte_vdev_device_name(vdev);
488         if (name == NULL)
489                 return -EINVAL;
490         input_args = rte_vdev_device_args(vdev);
491
492         rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
493
494         return cryptodev_zuc_create(name, vdev, &init_params);
495 }
496
497 static int
498 cryptodev_zuc_remove(struct rte_vdev_device *vdev)
499 {
500
501         struct rte_cryptodev *cryptodev;
502         const char *name;
503
504         name = rte_vdev_device_name(vdev);
505         if (name == NULL)
506                 return -EINVAL;
507
508         cryptodev = rte_cryptodev_pmd_get_named_dev(name);
509         if (cryptodev == NULL)
510                 return -ENODEV;
511
512         return rte_cryptodev_pmd_destroy(cryptodev);
513 }
514
515 static struct rte_vdev_driver cryptodev_zuc_pmd_drv = {
516         .probe = cryptodev_zuc_probe,
517         .remove = cryptodev_zuc_remove
518 };
519
520 static struct cryptodev_driver zuc_crypto_drv;
521
522 RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_ZUC_PMD, cryptodev_zuc_pmd_drv);
523 RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_ZUC_PMD,
524         "max_nb_queue_pairs=<int> "
525         "max_nb_sessions=<int> "
526         "socket_id=<int>");
527 RTE_PMD_REGISTER_CRYPTO_DRIVER(zuc_crypto_drv, cryptodev_zuc_pmd_drv,
528                 cryptodev_driver_id);