#include <rte_cryptodev_pmd.h>
#include <rte_crypto.h>
#include <rte_cryptodev.h>
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
#include <rte_security_driver.h>
#endif
#include <rte_cycles.h>
#include <desc/algo.h>
#include <desc/ipsec.h>
#include <desc/pdcp.h>
+#include <desc/sdap.h>
#include <rte_dpaa_bus.h>
#include <dpaa_sec.h>
#include <dpaa_sec_log.h>
#include <dpaax_iova_table.h>
-enum rta_sec_era rta_sec_era;
-
-int dpaa_logtype_sec;
-
static uint8_t cryptodev_driver_id;
-static __thread struct rte_crypto_op **dpaa_sec_ops;
-static __thread int dpaa_sec_op_nb;
-
static int
dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess);
qm_fqd_context_a_set64(&fq_opts.fqd, hwdesc);
fq_opts.fqd.context_b = fqid_out;
- fq_opts.fqd.dest.channel = qm_channel_caam;
+ fq_opts.fqd.dest.channel = dpaa_get_qm_channel_caam();
fq_opts.fqd.dest.wq = 0;
fq_in->cb.ern = ern_sec_fq_handler;
struct dpaa_sec_job *job;
struct dpaa_sec_op_ctx *ctx;
- if (dpaa_sec_op_nb >= DPAA_SEC_BURST)
+ if (DPAA_PER_LCORE_DPAA_SEC_OP_NB >= DPAA_SEC_BURST)
return qman_cb_dqrr_defer;
if (!(dqrr->stat & QM_DQRR_STAT_FD_VALID))
}
mbuf->data_len = len;
}
- dpaa_sec_ops[dpaa_sec_op_nb++] = ctx->op;
+ DPAA_PER_LCORE_RTE_CRYPTO_OP[DPAA_PER_LCORE_DPAA_SEC_OP_NB++] = ctx->op;
dpaa_sec_op_ending(ctx);
return qman_cb_dqrr_consume;
return ses->dir == DIR_DEC;
}
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
static int
dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
{
struct sec_cdb *cdb = &ses->cdb;
struct alginfo *p_authdata = NULL;
int32_t shared_desc_len = 0;
- int err;
#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
int swap = false;
#else
cipherdata.algtype = ses->cipher_key.alg;
cipherdata.algmode = ses->cipher_key.algmode;
- cdb->sh_desc[0] = cipherdata.keylen;
- cdb->sh_desc[1] = 0;
- cdb->sh_desc[2] = 0;
-
if (ses->auth_alg) {
authdata.key = (size_t)ses->auth_key.data;
authdata.keylen = ses->auth_key.length;
authdata.algmode = ses->auth_key.algmode;
p_authdata = &authdata;
-
- cdb->sh_desc[1] = authdata.keylen;
}
- err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
- MIN_JOB_DESC_SIZE,
- (unsigned int *)cdb->sh_desc,
- &cdb->sh_desc[2], 2);
- if (err < 0) {
- DPAA_SEC_ERR("Crypto: Incorrect key lengths");
- return err;
- }
-
- if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) {
+ if (rta_inline_pdcp_query(authdata.algtype,
+ cipherdata.algtype,
+ ses->pdcp.sn_size,
+ ses->pdcp.hfn_ovd)) {
cipherdata.key =
- (size_t)rte_dpaa_mem_vtop((void *)(size_t)cipherdata.key);
+ (size_t)rte_dpaa_mem_vtop((void *)
+ (size_t)cipherdata.key);
cipherdata.key_type = RTA_DATA_PTR;
}
- if (!(cdb->sh_desc[2] & (1 << 1)) && authdata.keylen) {
- authdata.key =
- (size_t)rte_dpaa_mem_vtop((void *)(size_t)authdata.key);
- authdata.key_type = RTA_DATA_PTR;
- }
-
- cdb->sh_desc[0] = 0;
- cdb->sh_desc[1] = 0;
- cdb->sh_desc[2] = 0;
if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) {
if (ses->dir == DIR_ENC)
&cipherdata, &authdata,
0);
} else {
- if (ses->dir == DIR_ENC)
- shared_desc_len = cnstr_shdsc_pdcp_u_plane_encap(
- cdb->sh_desc, 1, swap,
- ses->pdcp.sn_size,
- ses->pdcp.hfn,
- ses->pdcp.bearer,
- ses->pdcp.pkt_dir,
- ses->pdcp.hfn_threshold,
- &cipherdata, p_authdata, 0);
- else if (ses->dir == DIR_DEC)
- shared_desc_len = cnstr_shdsc_pdcp_u_plane_decap(
- cdb->sh_desc, 1, swap,
- ses->pdcp.sn_size,
- ses->pdcp.hfn,
- ses->pdcp.bearer,
- ses->pdcp.pkt_dir,
- ses->pdcp.hfn_threshold,
- &cipherdata, p_authdata, 0);
+ if (ses->dir == DIR_ENC) {
+ if (ses->pdcp.sdap_enabled)
+ shared_desc_len =
+ cnstr_shdsc_pdcp_sdap_u_plane_encap(
+ cdb->sh_desc, 1, swap,
+ ses->pdcp.sn_size,
+ ses->pdcp.hfn,
+ ses->pdcp.bearer,
+ ses->pdcp.pkt_dir,
+ ses->pdcp.hfn_threshold,
+ &cipherdata, p_authdata, 0);
+ else
+ shared_desc_len =
+ cnstr_shdsc_pdcp_u_plane_encap(
+ cdb->sh_desc, 1, swap,
+ ses->pdcp.sn_size,
+ ses->pdcp.hfn,
+ ses->pdcp.bearer,
+ ses->pdcp.pkt_dir,
+ ses->pdcp.hfn_threshold,
+ &cipherdata, p_authdata, 0);
+ } else if (ses->dir == DIR_DEC) {
+ if (ses->pdcp.sdap_enabled)
+ shared_desc_len =
+ cnstr_shdsc_pdcp_sdap_u_plane_decap(
+ cdb->sh_desc, 1, swap,
+ ses->pdcp.sn_size,
+ ses->pdcp.hfn,
+ ses->pdcp.bearer,
+ ses->pdcp.pkt_dir,
+ ses->pdcp.hfn_threshold,
+ &cipherdata, p_authdata, 0);
+ else
+ shared_desc_len =
+ cnstr_shdsc_pdcp_u_plane_decap(
+ cdb->sh_desc, 1, swap,
+ ses->pdcp.sn_size,
+ ses->pdcp.hfn,
+ ses->pdcp.bearer,
+ ses->pdcp.pkt_dir,
+ ses->pdcp.hfn_threshold,
+ &cipherdata, p_authdata, 0);
+ }
}
return shared_desc_len;
}
cdb->sh_desc[0] = cipherdata.keylen;
cdb->sh_desc[1] = authdata.keylen;
err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
- MIN_JOB_DESC_SIZE,
+ DESC_JOB_IO_LEN,
(unsigned int *)cdb->sh_desc,
&cdb->sh_desc[2], 2);
memset(cdb, 0, sizeof(struct sec_cdb));
switch (ses->ctxt) {
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
case DPAA_SEC_IPSEC:
shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses);
break;
cdb->sh_desc[0] = alginfo_c.keylen;
cdb->sh_desc[1] = alginfo_a.keylen;
err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
- MIN_JOB_DESC_SIZE,
+ DESC_JOB_IO_LEN,
(unsigned int *)cdb->sh_desc,
&cdb->sh_desc[2], 2);
sg++;
}
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->offset = data_offset;
if (data_len <= (mbuf->data_len - data_offset)) {
(mbuf = mbuf->next)) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
if (data_len > mbuf->data_len)
sg->length = mbuf->data_len;
else
sg++;
}
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->offset = data_offset;
sg->length = data_len;
/* 1st seg */
sg = &cf->sg[2];
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len - data_offset;
sg->offset = data_offset;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
mbuf = mbuf->next;
}
/* 1st seg */
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len - data_offset;
sg->offset = data_offset;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
mbuf = mbuf->next;
}
cpu_to_hw_sg(out_sg);
/* 1st seg */
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len - sym->aead.data.offset;
sg->offset = sym->aead.data.offset;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
mbuf = mbuf->next;
}
/* 3rd seg */
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len - sym->aead.data.offset;
sg->offset = sym->aead.data.offset;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
mbuf = mbuf->next;
}
cpu_to_hw_sg(out_sg);
/* 1st seg */
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len - sym->auth.data.offset;
sg->offset = sym->auth.data.offset;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
mbuf = mbuf->next;
}
/* 2nd seg */
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len - sym->auth.data.offset;
sg->offset = sym->auth.data.offset;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
mbuf = mbuf->next;
}
return cf;
}
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
static inline struct dpaa_sec_job *
build_proto(struct rte_crypto_op *op, dpaa_sec_session *ses)
{
cf = &ctx->job;
ctx->op = op;
- src_start_addr = rte_pktmbuf_mtophys(sym->m_src);
+ src_start_addr = rte_pktmbuf_iova(sym->m_src);
if (sym->m_dst)
- dst_start_addr = rte_pktmbuf_mtophys(sym->m_dst);
+ dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
else
dst_start_addr = src_start_addr;
/* 1st seg */
sg = &cf->sg[2];
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->offset = 0;
/* Successive segs */
mbuf = mbuf->next;
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->offset = 0;
}
sg->length = mbuf->buf_len - mbuf->data_off;
qm_sg_entry_set64(in_sg, rte_dpaa_mem_vtop(sg));
/* 1st seg */
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
sg->offset = 0;
while (mbuf) {
cpu_to_hw_sg(sg);
sg++;
- qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
+ qm_sg_entry_set64(sg, rte_pktmbuf_iova(mbuf));
sg->length = mbuf->data_len;
sg->offset = 0;
in_len += sg->length;
DPAA_SEC_BURST : nb_ops;
for (loop = 0; loop < frames_to_send; loop++) {
op = *(ops++);
- if (op->sym->m_src->seqn != 0) {
- index = op->sym->m_src->seqn - 1;
+ if (*dpaa_seqn(op->sym->m_src) != 0) {
+ index = *dpaa_seqn(op->sym->m_src) - 1;
if (DPAA_PER_LCORE_DQRR_HELD & (1 << index)) {
/* QM_EQCR_DCA_IDXMASK = 0x0f */
flags[loop] = ((index & 0x0f) << 8);
op->sym->session,
cryptodev_driver_id);
break;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
case RTE_CRYPTO_OP_SECURITY_SESSION:
ses = (dpaa_sec_session *)
get_sec_session_private_data(
((op->sym->m_dst == NULL) ||
rte_pktmbuf_is_contiguous(op->sym->m_dst))) {
switch (ses->ctxt) {
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
case DPAA_SEC_PDCP:
case DPAA_SEC_IPSEC:
cf = build_proto(op, ses);
}
} else {
switch (ses->ctxt) {
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
case DPAA_SEC_PDCP:
case DPAA_SEC_IPSEC:
cf = build_proto_sg(op, ses);
((auth_tail_len << 16) | auth_hdr_len);
}
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
/* In case of PDCP, per packet HFN is stored in
* mbuf priv after sym_op.
*/
DPAA_SEC_ERR("Unable to prepare sec cdb");
return ret;
}
- if (unlikely(!RTE_PER_LCORE(dpaa_io))) {
+ if (unlikely(!DPAA_PER_LCORE_PORTAL)) {
ret = rte_dpaa_portal_init((void *)0);
if (ret) {
DPAA_SEC_ERR("Failure in affining portal");
}
}
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
static int
dpaa_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
struct rte_security_ipsec_xform *ipsec_xform,
session->pdcp.hfn = pdcp_xform->hfn;
session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
- session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
+ session->pdcp.sdap_enabled = pdcp_xform->sdap_enabled;
+ if (cipher_xform)
+ session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
rte_spinlock_lock(&dev_priv->lock);
for (i = 0; i < MAX_DPAA_CORES; i++) {
DPAA_PER_LCORE_DQRR_HELD |= 1 << index;
DPAA_PER_LCORE_DQRR_MBUF(index) = ctx->op->sym->m_src;
ev->impl_opaque = index + 1;
- ctx->op->sym->m_src->seqn = (uint32_t)index + 1;
+ *dpaa_seqn(ctx->op->sym->m_src) = (uint32_t)index + 1;
*bufs = (void *)ctx->op;
rte_mempool_put(ctx->ctx_pool, (void *)ctx);
.sym_session_clear = dpaa_sec_sym_session_clear
};
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
static const struct rte_security_capability *
dpaa_sec_capabilities_get(void *device __rte_unused)
{
dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
{
struct dpaa_sec_dev_private *internals;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
struct rte_security_ctx *security_instance;
#endif
struct dpaa_sec_qp *qp;
DPAA_SEC_WARN("Device already init by primary process");
return 0;
}
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
/* Initialize security_ctx only for primary process*/
security_instance = rte_malloc("rte_security_instances_ops",
sizeof(struct rte_security_ctx), 0);
}
}
- if (unlikely(!RTE_PER_LCORE(dpaa_io))) {
+ if (unlikely(!DPAA_PER_LCORE_PORTAL)) {
retval = rte_dpaa_portal_init((void *)1);
if (retval) {
DPAA_SEC_ERR("Unable to initialize portal");
RTE_PMD_REGISTER_DPAA(CRYPTODEV_NAME_DPAA_SEC_PMD, rte_dpaa_sec_driver);
RTE_PMD_REGISTER_CRYPTO_DRIVER(dpaa_sec_crypto_drv, rte_dpaa_sec_driver.driver,
cryptodev_driver_id);
-
-RTE_INIT(dpaa_sec_init_log)
-{
- dpaa_logtype_sec = rte_log_register("pmd.crypto.dpaa");
- if (dpaa_logtype_sec >= 0)
- rte_log_set_level(dpaa_logtype_sec, RTE_LOG_NOTICE);
-}
+RTE_LOG_REGISTER(dpaa_logtype_sec, pmd.crypto.dpaa, NOTICE);