git.droids-corp.org / dpdk.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
crypto/cnxk: add per packet IV in lookaside IPsec debug
[dpdk.git] / drivers / crypto / cnxk / cnxk_cryptodev_capabilities.c
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 7dbea0b..f79e4d7 100644 (file)
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -568,6 +568,26 @@ static const struct rte_cryptodev_capabilities caps_aes[] = {
                        }, }
                }, }
        },
+       {       /* AES CMAC */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+                       {.auth = {
+                               .algo = RTE_CRYPTO_AUTH_AES_CMAC,
+                               .block_size = 16,
+                               .key_size = {
+                                       .min = 16,
+                                       .max = 32,
+                                       .increment = 8
+                               },
+                               .digest_size = {
+                                       .min = 4,
+                                       .max = 4,
+                                       .increment = 0
+                               },
+                       }, }
+               }, }
+       },
 };
 
 static const struct rte_cryptodev_capabilities caps_kasumi[] = {
@@ -754,6 +774,26 @@ static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
                        }, }
                }, }
        },
+       {       /* AES CTR */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+                       {.cipher = {
+                               .algo = RTE_CRYPTO_CIPHER_AES_CTR,
+                               .block_size = 16,
+                               .key_size = {
+                                       .min = 16,
+                                       .max = 32,
+                                       .increment = 8
+                               },
+                               .iv_size = {
+                                       .min = 12,
+                                       .max = 16,
+                                       .increment = 4
+                               }
+                       }, }
+               }, }
+       },
        {       /* AES CBC */
                .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
                {.sym = {
@@ -774,6 +814,26 @@ static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
                        }, }
                }, }
        },
+       {       /* AES-XCBC */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               { .sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+                       {.auth = {
+                               .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+                               .block_size = 16,
+                               .key_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               },
+                               .digest_size = {
+                                       .min = 12,
+                                       .max = 12,
+                                       .increment = 0,
+                               },
+                       }, }
+               }, }
+       },
 };
 
 static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
@@ -797,6 +857,89 @@ static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
                        }, }
                }, }
        },
+       {       /* SHA256 HMAC */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+                       {.auth = {
+                               .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+                               .block_size = 64,
+                               .key_size = {
+                                       .min = 1,
+                                       .max = 1024,
+                                       .increment = 1
+                               },
+                               .digest_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               },
+                       }, }
+               }, }
+       },
+       {       /* SHA384 HMAC */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+                       {.auth = {
+                               .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+                               .block_size = 64,
+                               .key_size = {
+                                       .min = 48,
+                                       .max = 48,
+                                       .increment = 0
+                               },
+                               .digest_size = {
+                                       .min = 24,
+                                       .max = 24,
+                                       .increment = 0
+                                       },
+                       }, }
+               }, }
+       },
+       {       /* SHA512 HMAC */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+                       {.auth = {
+                               .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+                               .block_size = 128,
+                               .key_size = {
+                                       .min = 64,
+                                       .max = 64,
+                                       .increment = 0
+                               },
+                               .digest_size = {
+                                       .min = 32,
+                                       .max = 32,
+                                       .increment = 0
+                               },
+                       }, }
+               }, }
+       },
+};
+
+static const struct rte_cryptodev_capabilities sec_caps_null[] = {
+       {       /* NULL (CIPHER) */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+                       {.cipher = {
+                               .algo = RTE_CRYPTO_CIPHER_NULL,
+                               .block_size = 1,
+                               .key_size = {
+                                       .min = 0,
+                                       .max = 0,
+                                       .increment = 0
+                               },
+                               .iv_size = {
+                                       .min = 0,
+                                       .max = 0,
+                                       .increment = 0
+                               }
+                       }, },
+               }, }
+       },
 };
 
 static const struct rte_security_capability sec_caps_templ[] = {
@@ -874,8 +1017,8 @@ cn10k_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[])
 
                        caps->sym.cipher.key_size.max = 32;
                        caps->sym.cipher.key_size.increment = 16;
-                       caps->sym.cipher.iv_size.max = 24;
-                       caps->sym.cipher.iv_size.increment = 8;
+                       caps->sym.cipher.iv_size.max = 25;
+                       caps->sym.cipher.iv_size.increment = 1;
                }
 
                if ((caps->op == RTE_CRYPTO_OP_TYPE_SYMMETRIC) &&
@@ -886,8 +1029,8 @@ cn10k_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[])
                        caps->sym.auth.key_size.increment = 16;
                        caps->sym.auth.digest_size.max = 16;
                        caps->sym.auth.digest_size.increment = 4;
-                       caps->sym.auth.iv_size.max = 24;
-                       caps->sym.auth.iv_size.increment = 8;
+                       caps->sym.auth.iv_size.max = 25;
+                       caps->sym.auth.iv_size.increment = 1;
                }
        }
 }
@@ -923,8 +1066,10 @@ static void
 sec_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], int *cur_pos,
             const struct rte_cryptodev_capabilities *caps, int nb_caps)
 {
-       if (*cur_pos + nb_caps > CNXK_SEC_CRYPTO_MAX_CAPS)
+       if (*cur_pos + nb_caps > CNXK_SEC_CRYPTO_MAX_CAPS) {
+               rte_panic("Could not add sec crypto caps");
                return;
+       }
 
        memcpy(&cnxk_caps[*cur_pos], caps, nb_caps * sizeof(caps[0]));
        *cur_pos += nb_caps;
@@ -937,8 +1082,10 @@ cn10k_sec_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[],
        const struct rte_cryptodev_capabilities *cap;
        unsigned int i;
 
-       if ((CNXK_CPT_MAX_CAPS - *cur_pos) < 1)
+       if ((CNXK_SEC_CRYPTO_MAX_CAPS - *cur_pos) < 1) {
+               rte_panic("Could not add sec crypto caps");
                return;
+       }
 
        /* NULL auth */
        for (i = 0; i < RTE_DIM(caps_null); i++) {
@@ -985,6 +1132,8 @@ sec_crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[],
        else
                cn9k_sec_crypto_caps_update(cnxk_caps);
 
+       sec_caps_add(cnxk_caps, &cur_pos, sec_caps_null,
+                    RTE_DIM(sec_caps_null));
        sec_caps_add(cnxk_caps, &cur_pos, caps_end, RTE_DIM(caps_end));
 }
 
@@ -992,6 +1141,7 @@ static void
 cnxk_sec_caps_update(struct rte_security_capability *sec_cap)
 {
        sec_cap->ipsec.options.udp_encap = 1;
+       sec_cap->ipsec.options.copy_df = 1;
 }
 
 static void
@@ -1009,13 +1159,16 @@ cn10k_sec_caps_update(struct rte_security_capability *sec_cap)
        }
        sec_cap->ipsec.options.ip_csum_enable = 1;
        sec_cap->ipsec.options.l4_csum_enable = 1;
+       sec_cap->ipsec.options.stats = 1;
 }
 
 static void
 cn9k_sec_caps_update(struct rte_security_capability *sec_cap)
 {
        if (sec_cap->ipsec.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+#ifdef LA_IPSEC_DEBUG
                sec_cap->ipsec.options.iv_gen_disable = 1;
+#endif
        }
 }
 
DPDK repo used for reviews