crypto/dpaa_sec: support null cipher and null auth

[dpdk.git] / drivers / crypto / dpaa_sec / dpaa_sec.c
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c

index 7c37136..2e18cce 100644 (file)
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -15,7 +15,9 @@
  #include <rte_cryptodev_pmd.h>
  #include <rte_crypto.h>
  #include <rte_cryptodev.h>
+#ifdef RTE_LIBRTE_SECURITY
  #include <rte_security_driver.h>
+#endif
  #include <rte_cycles.h>
  #include <rte_dev.h>
  #include <rte_kvargs.h>
@@ -27,7 +29,7 @@
  
  #include <fsl_usd.h>
  #include <fsl_qman.h>
-#include <of.h>
+#include <dpaa_of.h>
  
  /* RTA header files */
  #include <desc/common.h>
@@ -252,6 +254,7 @@ static inline int is_decode(dpaa_sec_session *ses)
         return ses->dir == DIR_DEC;
  }
  
+#ifdef RTE_LIBRTE_SECURITY
  static int
  dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
  {
@@ -355,7 +358,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
                                         ses->pdcp.hfn_threshold,
                                         &cipherdata, p_authdata, 0);
         }
-
         return shared_desc_len;
  }
  
@@ -432,7 +434,7 @@ dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses)
         }
         return shared_desc_len;
  }
-
+#endif
  /* prepare command block of the session */
  static int
  dpaa_sec_prep_cdb(dpaa_sec_session *ses)
@@ -450,12 +452,14 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
         memset(cdb, 0, sizeof(struct sec_cdb));
  
         switch (ses->ctxt) {
+#ifdef RTE_LIBRTE_SECURITY
         case DPAA_SEC_IPSEC:
                 shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses);
                 break;
         case DPAA_SEC_PDCP:
                 shared_desc_len = dpaa_sec_prep_pdcp_cdb(ses);
                 break;
+#endif
         case DPAA_SEC_CIPHER:
                 alginfo_c.key = (size_t)ses->cipher_key.data;
                 alginfo_c.keylen = ses->cipher_key.length;
@@ -1580,6 +1584,7 @@ build_cipher_auth(struct rte_crypto_op *op, dpaa_sec_session *ses)
         return cf;
  }
  
+#ifdef RTE_LIBRTE_SECURITY
  static inline struct dpaa_sec_job *
  build_proto(struct rte_crypto_op *op, dpaa_sec_session *ses)
  {
@@ -1711,6 +1716,7 @@ build_proto_sg(struct rte_crypto_op *op, dpaa_sec_session *ses)
  
         return cf;
  }
+#endif
  
  static uint16_t
  dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
@@ -1753,11 +1759,13 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                                         op->sym->session,
                                                         cryptodev_driver_id);
                                 break;
+#ifdef RTE_LIBRTE_SECURITY
                         case RTE_CRYPTO_OP_SECURITY_SESSION:
                                 ses = (dpaa_sec_session *)
                                         get_sec_session_private_data(
                                                         op->sym->sec_session);
                                 break;
+#endif
                         default:
                                 DPAA_SEC_DP_ERR(
                                         "sessionless crypto op not supported");
@@ -1765,6 +1773,14 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                 nb_ops = loop;
                                 goto send_pkts;
                         }
+
+                       if (!ses) {
+                               DPAA_SEC_DP_ERR("session not available");
+                               frames_to_send = loop;
+                               nb_ops = loop;
+                               goto send_pkts;
+                       }
+
                         if (unlikely(!ses->qp[rte_lcore_id() % MAX_DPAA_CORES])) {
                                 if (dpaa_sec_attach_sess_q(qp, ses)) {
                                         frames_to_send = loop;
@@ -1790,10 +1806,12 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                   ((op->sym->m_dst == NULL) ||
                                    rte_pktmbuf_is_contiguous(op->sym->m_dst))) {
                                 switch (ses->ctxt) {
+#ifdef RTE_LIBRTE_SECURITY
                                 case DPAA_SEC_PDCP:
                                 case DPAA_SEC_IPSEC:
                                         cf = build_proto(op, ses);
                                         break;
+#endif
                                 case DPAA_SEC_AUTH:
                                         cf = build_auth_only(op, ses);
                                         break;
@@ -1822,10 +1840,12 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                 }
                         } else {
                                 switch (ses->ctxt) {
+#ifdef RTE_LIBRTE_SECURITY
                                 case DPAA_SEC_PDCP:
                                 case DPAA_SEC_IPSEC:
                                         cf = build_proto_sg(op, ses);
                                         break;
+#endif
                                 case DPAA_SEC_AUTH:
                                         cf = build_auth_only_sg(op, ses);
                                         break;
@@ -1877,6 +1897,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                         ((auth_tail_len << 16) | auth_hdr_len);
                         }
  
+#ifdef RTE_LIBRTE_SECURITY
                         /* In case of PDCP, per packet HFN is stored in
                          * mbuf priv after sym_op.
                          */
@@ -1889,7 +1910,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
                                         ses->pdcp.hfn_ovd_offset)),
                                         ses->pdcp.hfn_ovd);
                         }
-
+#endif
                 }
  send_pkts:
                 loop = 0;
@@ -2016,6 +2037,7 @@ dpaa_sec_cipher_init(struct rte_cryptodev *dev __rte_unused,
                      struct rte_crypto_sym_xform *xform,
                      dpaa_sec_session *session)
  {
+       session->ctxt = DPAA_SEC_CIPHER;
         session->cipher_alg = xform->cipher.algo;
         session->iv.length = xform->cipher.iv.length;
         session->iv.offset = xform->cipher.iv.offset;
@@ -2065,6 +2087,7 @@ dpaa_sec_auth_init(struct rte_cryptodev *dev __rte_unused,
                    struct rte_crypto_sym_xform *xform,
                    dpaa_sec_session *session)
  {
+       session->ctxt = DPAA_SEC_AUTH;
         session->auth_alg = xform->auth.algo;
         session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
                                              RTE_CACHE_LINE_SIZE);
@@ -2137,6 +2160,7 @@ dpaa_sec_chain_init(struct rte_cryptodev *dev __rte_unused,
         struct rte_crypto_cipher_xform *cipher_xform;
         struct rte_crypto_auth_xform *auth_xform;
  
+       session->ctxt = DPAA_SEC_CIPHER_HASH;
         if (session->auth_cipher_text) {
                 cipher_xform = &xform->cipher;
                 auth_xform = &xform->next->auth;
@@ -2338,6 +2362,7 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
         struct dpaa_sec_dev_private *internals = dev->data->dev_private;
         dpaa_sec_session *session = sess;
         uint32_t i;
+       int ret;
  
         PMD_INIT_FUNC_TRACE();
  
@@ -2353,23 +2378,26 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
         /* Cipher Only */
         if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
                 session->auth_alg = RTE_CRYPTO_AUTH_NULL;
-               session->ctxt = DPAA_SEC_CIPHER;
-               dpaa_sec_cipher_init(dev, xform, session);
+               ret = dpaa_sec_cipher_init(dev, xform, session);
  
         /* Authentication Only */
         } else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
                    xform->next == NULL) {
                 session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
                 session->ctxt = DPAA_SEC_AUTH;
-               dpaa_sec_auth_init(dev, xform, session);
+               ret = dpaa_sec_auth_init(dev, xform, session);
  
         /* Cipher then Authenticate */
         } else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
                    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
                 if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
-                       session->ctxt = DPAA_SEC_CIPHER_HASH;
                         session->auth_cipher_text = 1;
-                       dpaa_sec_chain_init(dev, xform, session);
+                       if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+                               ret = dpaa_sec_auth_init(dev, xform, session);
+                       else if (xform->next->auth.algo == RTE_CRYPTO_AUTH_NULL)
+                               ret = dpaa_sec_cipher_init(dev, xform, session);
+                       else
+                               ret = dpaa_sec_chain_init(dev, xform, session);
                 } else {
                         DPAA_SEC_ERR("Not supported: Auth then Cipher");
                         return -EINVAL;
@@ -2378,9 +2406,14 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
         } else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
                    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
                 if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
-                       session->ctxt = DPAA_SEC_CIPHER_HASH;
                         session->auth_cipher_text = 0;
-                       dpaa_sec_chain_init(dev, xform, session);
+                       if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
+                               ret = dpaa_sec_cipher_init(dev, xform, session);
+                       else if (xform->next->cipher.algo
+                                       == RTE_CRYPTO_CIPHER_NULL)
+                               ret = dpaa_sec_auth_init(dev, xform, session);
+                       else
+                               ret = dpaa_sec_chain_init(dev, xform, session);
                 } else {
                         DPAA_SEC_ERR("Not supported: Auth then Cipher");
                         return -EINVAL;
@@ -2389,12 +2422,17 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
         /* AEAD operation for AES-GCM kind of Algorithms */
         } else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
                    xform->next == NULL) {
-               dpaa_sec_aead_init(dev, xform, session);
+               ret = dpaa_sec_aead_init(dev, xform, session);
  
         } else {
                 DPAA_SEC_ERR("Invalid crypto type");
                 return -EINVAL;
         }
+       if (ret) {
+               DPAA_SEC_ERR("unable to init session");
+               goto err1;
+       }
+
         rte_spinlock_lock(&internals->lock);
         for (i = 0; i < MAX_DPAA_CORES; i++) {
                 session->inq[i] = dpaa_sec_attach_rxq(internals);
@@ -2483,6 +2521,7 @@ dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
         }
  }
  
+#ifdef RTE_LIBRTE_SECURITY
  static int
  dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
                            struct rte_security_session_conf *conf,
@@ -2906,7 +2945,7 @@ dpaa_sec_security_session_destroy(void *dev __rte_unused,
         }
         return 0;
  }
-
+#endif
  static int
  dpaa_sec_dev_configure(struct rte_cryptodev *dev __rte_unused,
                        struct rte_cryptodev_config *config __rte_unused)
@@ -3152,6 +3191,7 @@ static struct rte_cryptodev_ops crypto_ops = {
         .sym_session_clear        = dpaa_sec_sym_session_clear
  };
  
+#ifdef RTE_LIBRTE_SECURITY
  static const struct rte_security_capability *
  dpaa_sec_capabilities_get(void *device __rte_unused)
  {
@@ -3166,7 +3206,7 @@ static const struct rte_security_ops dpaa_sec_security_ops = {
         .set_pkt_metadata = NULL,
         .capabilities_get = dpaa_sec_capabilities_get
  };
-
+#endif
  static int
  dpaa_sec_uninit(struct rte_cryptodev *dev)
  {
@@ -3190,7 +3230,9 @@ static int
  dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
  {
         struct dpaa_sec_dev_private *internals;
+#ifdef RTE_LIBRTE_SECURITY
         struct rte_security_ctx *security_instance;
+#endif
         struct dpaa_sec_qp *qp;
         uint32_t i, flags;
         int ret;
@@ -3225,7 +3267,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
                 DPAA_SEC_WARN("Device already init by primary process");
                 return 0;
         }
-
+#ifdef RTE_LIBRTE_SECURITY
         /* Initialize security_ctx only for primary process*/
         security_instance = rte_malloc("rte_security_instances_ops",
                                 sizeof(struct rte_security_ctx), 0);
@@ -3235,7 +3277,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
         security_instance->ops = &dpaa_sec_security_ops;
         security_instance->sess_cnt = 0;
         cryptodev->security_ctx = security_instance;
-
+#endif
         rte_spinlock_init(&internals->lock);
         for (i = 0; i < internals->max_nb_queue_pairs; i++) {
                 /* init qman fq for queue pair */
@@ -3317,6 +3359,14 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
                 }
         }
  
+       if (unlikely(!RTE_PER_LCORE(dpaa_io))) {
+               retval = rte_dpaa_portal_init((void *)1);
+               if (retval) {
+                       DPAA_SEC_ERR("Unable to initialize portal");
+                       return retval;
+               }
+       }
+
         /* Invoke PMD device initialization function */
         retval = dpaa_sec_dev_init(cryptodev);
         if (retval == 0)