git.droids-corp.org
/
dpdk.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
event/octeontx2: fix crypto adapter queue pair operations
[dpdk.git]
/
drivers
/
crypto
/
octeontx2
/
otx2_ipsec_po.h
diff --git
a/drivers/crypto/octeontx2/otx2_ipsec_po.h
b/drivers/crypto/octeontx2/otx2_ipsec_po.h
index
6d25e29
..
b3e7456
100644
(file)
--- a/
drivers/crypto/octeontx2/otx2_ipsec_po.h
+++ b/
drivers/crypto/octeontx2/otx2_ipsec_po.h
@@
-10,10
+10,6
@@
#include <rte_security.h>
#define OTX2_IPSEC_PO_AES_GCM_INB_CTX_LEN 0x09
#include <rte_security.h>
#define OTX2_IPSEC_PO_AES_GCM_INB_CTX_LEN 0x09
-#define OTX2_IPSEC_PO_AES_GCM_OUTB_CTX_LEN 0x28
-
-#define OTX2_IPSEC_PO_MAX_INB_CTX_LEN 0x22
-#define OTX2_IPSEC_PO_MAX_OUTB_CTX_LEN 0x38
#define OTX2_IPSEC_PO_PER_PKT_IV BIT(11)
#define OTX2_IPSEC_PO_PER_PKT_IV BIT(11)
@@
-24,6
+20,12
@@
#define OTX2_IPSEC_PO_INB_RPTR_HDR 0x8
#define OTX2_IPSEC_PO_INB_RPTR_HDR 0x8
+enum otx2_ipsec_po_mode_type {
+ OTX2_IPSEC_PO_TRANSPORT = 1,
+ OTX2_IPSEC_PO_TUNNEL_IPV4,
+ OTX2_IPSEC_PO_TUNNEL_IPV6,
+};
+
enum otx2_ipsec_po_comp_e {
OTX2_IPSEC_PO_CC_SUCCESS = 0x00,
OTX2_IPSEC_PO_CC_AUTH_UNSUPPORTED = 0xB0,
enum otx2_ipsec_po_comp_e {
OTX2_IPSEC_PO_CC_SUCCESS = 0x00,
OTX2_IPSEC_PO_CC_AUTH_UNSUPPORTED = 0xB0,
@@
-156,11
+158,18
@@
struct otx2_ipsec_po_in_sa {
/* w8 */
uint8_t udp_encap[8];
/* w8 */
uint8_t udp_encap[8];
- /* w9-w23 */
- struct {
- uint8_t hmac_key[48];
- struct otx2_ipsec_po_traffic_selector selector;
- } aes_gcm;
+ /* w9-w33 */
+ union {
+ struct {
+ uint8_t hmac_key[48];
+ struct otx2_ipsec_po_traffic_selector selector;
+ } aes_gcm;
+ struct {
+ uint8_t hmac_key[64];
+ uint8_t hmac_iv[64];
+ struct otx2_ipsec_po_traffic_selector selector;
+ } sha2;
+ };
union {
struct otx2_ipsec_replay *replay;
uint64_t replay64;
union {
struct otx2_ipsec_replay *replay;
uint64_t replay64;
@@
-171,9
+180,16
@@
struct otx2_ipsec_po_in_sa {
struct otx2_ipsec_po_ip_template {
RTE_STD_C11
union {
struct otx2_ipsec_po_ip_template {
RTE_STD_C11
union {
- uint8_t raw[252];
- struct rte_ipv4_hdr ipv4_hdr;
- struct rte_ipv6_hdr ipv6_hdr;
+ struct {
+ struct rte_ipv4_hdr ipv4_hdr;
+ uint16_t udp_src;
+ uint16_t udp_dst;
+ } ip4;
+ struct {
+ struct rte_ipv6_hdr ipv6_hdr;
+ uint16_t udp_src;
+ uint16_t udp_dst;
+ } ip6;
};
};
};
};
@@
-191,10
+207,22
@@
struct otx2_ipsec_po_out_sa {
uint32_t esn_hi;
uint32_t esn_low;
uint32_t esn_hi;
uint32_t esn_low;
- /* w8-w39 */
- struct otx2_ipsec_po_ip_template template;
- uint16_t udp_src;
- uint16_t udp_dst;
+ /* w8-w55 */
+ union {
+ struct {
+ struct otx2_ipsec_po_ip_template template;
+ } aes_gcm;
+ struct {
+ uint8_t hmac_key[24];
+ uint8_t unused[24];
+ struct otx2_ipsec_po_ip_template template;
+ } sha1;
+ struct {
+ uint8_t hmac_key[64];
+ uint8_t hmac_iv[64];
+ struct otx2_ipsec_po_ip_template template;
+ } sha2;
+ };
};
static inline int
};
static inline int
@@
-223,6
+251,9
@@
ipsec_po_xform_auth_verify(struct rte_crypto_sym_xform *xform)
if (xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
if (keylen >= 20 && keylen <= 64)
return 0;
if (xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
if (keylen >= 20 && keylen <= 64)
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC) {
+ if (keylen >= 32 && keylen <= 64)
+ return 0;
}
return -ENOTSUP;
}
return -ENOTSUP;
@@
-348,8
+379,8
@@
ipsec_po_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
return -ENOTSUP;
}
} else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {
return -ENOTSUP;
}
} else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {
- ctl->enc_type = OTX2_IPSEC_PO_SA_ENC_AES_C
CM
;
- aes_key_len = xform->cipher.key.length;
+ ctl->enc_type = OTX2_IPSEC_PO_SA_ENC_AES_C
BC
;
+ aes_key_len =
cipher_
xform->cipher.key.length;
} else {
return -ENOTSUP;
}
} else {
return -ENOTSUP;
}