X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;ds=sidebyside;f=drivers%2Fcrypto%2Fdpaa_sec%2Fdpaa_sec.h;h=78906878285d479457dad56fd8ad295e351bf148;hb=bc99971d1021ecc85280b9b98e84c9b5f4ba008e;hp=a661d5a561a2be68fd03b4aa0514964bcba24c40;hpb=8524b44ebcf7b4045628fa2416d50eaa7a695f6f;p=dpdk.git diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h index a661d5a561..7890687828 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.h +++ b/drivers/crypto/dpaa_sec/dpaa_sec.h @@ -1,6 +1,6 @@ /* SPDX-License-Identifier: BSD-3-Clause * - * Copyright 2016 NXP + * Copyright 2016-2021 NXP * */ @@ -19,6 +19,8 @@ #define AES_CTR_IV_LEN 16 #define AES_GCM_IV_LEN 12 +extern uint8_t dpaa_cryptodev_driver_id; + #define DPAA_IPv6_DEFAULT_VTC_FLOW 0x60000000 /* Minimum job descriptor consists of a oneword job descriptor HEADER and @@ -98,7 +100,7 @@ struct sec_cdb { uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE]; }; - +#ifdef RTE_LIB_SECURITY /*! * The structure is to be filled by user as a part of * dpaa_sec_proto_ctxt for PDCP Protocol @@ -109,20 +111,47 @@ struct sec_pdcp_ctxt { int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ uint8_t sn_size; /*!< Sequence number size, 5/7/12/15/18 */ - uint32_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which + uint8_t sdap_enabled; /*!< SDAP header is enabled */ + uint16_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which * per packet hfn is stored */ uint32_t hfn; /*!< Hyper Frame Number */ uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ }; +#endif + +typedef int (*dpaa_sec_build_fd_t)( + void *qp, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec, + uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs, + struct rte_crypto_va_iova_ptr *iv, + struct rte_crypto_va_iova_ptr *digest, + struct rte_crypto_va_iova_ptr *aad_or_auth_iv, + void *user_data); + +typedef struct dpaa_sec_job* (*dpaa_sec_build_raw_dp_fd_t)(uint8_t *drv_ctx, + struct rte_crypto_sgl *sgl, + struct rte_crypto_sgl *dest_sgl, + struct rte_crypto_va_iova_ptr *iv, + struct rte_crypto_va_iova_ptr *digest, + struct rte_crypto_va_iova_ptr *auth_iv, + union rte_crypto_sym_ofs ofs, + void *userdata, + struct qm_fd *fd); typedef struct dpaa_sec_session_entry { + struct sec_cdb cdb; /**< cmd block associated with qp */ + struct dpaa_sec_qp *qp[MAX_DPAA_CORES]; + struct qman_fq *inq[MAX_DPAA_CORES]; uint8_t dir; /*!< Operation Direction */ uint8_t ctxt; /*!< Session Context Type */ enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/ enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/ enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/ +#ifdef RTE_LIB_SECURITY enum rte_security_session_protocol proto_alg; /*!< Security Algorithm*/ +#endif + dpaa_sec_build_fd_t build_fd; + dpaa_sec_build_raw_dp_fd_t build_raw_dp_fd; union { struct { uint8_t *data; /**< pointer to key data */ @@ -163,11 +192,10 @@ typedef struct dpaa_sec_session_entry { uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */ }; +#ifdef RTE_LIB_SECURITY struct sec_pdcp_ctxt pdcp; +#endif }; - struct dpaa_sec_qp *qp[MAX_DPAA_CORES]; - struct qman_fq *inq[MAX_DPAA_CORES]; - struct sec_cdb cdb; /**< cmd block associated with qp */ } dpaa_sec_session; struct dpaa_sec_qp { @@ -206,7 +234,10 @@ struct dpaa_sec_job { #define DPAA_MAX_NB_MAX_DIGEST 32 struct dpaa_sec_op_ctx { struct dpaa_sec_job job; - struct rte_crypto_op *op; + union { + struct rte_crypto_op *op; + void *userdata; + }; struct rte_mempool *ctx_pool; /* mempool pointer for dpaa_sec_op_ctx */ uint32_t fd_status; int64_t vtop_offset; @@ -214,6 +245,48 @@ struct dpaa_sec_op_ctx { }; static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { + { /* NULL (AUTH) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_NULL, + .block_size = 1, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .iv_size = { 0 } + }, }, + }, }, + }, + { /* MD5 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_MD5, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, { /* MD5 HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -235,6 +308,27 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, { /* SHA1 HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -256,6 +350,27 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, { /* SHA224 HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -277,6 +392,27 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, { /* SHA256 HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -298,6 +434,27 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, { /* SHA384 HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -319,6 +476,27 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, { /* SHA512 HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -370,6 +548,26 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* NULL (CIPHER) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_NULL, + .block_size = 1, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .iv_size = { + .min = 0, + .max = 0, + .increment = 0 + } + }, }, + }, } + }, { /* AES CBC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -410,6 +608,26 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* DES CBC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_DES_CBC, + .block_size = 8, + .key_size = { + .min = 8, + .max = 8, + .increment = 0 + }, + .iv_size = { + .min = 8, + .max = 8, + .increment = 0 + } + }, } + }, } + }, { /* 3DES CBC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -520,9 +738,53 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { }, } }, } }, + { /* AES CMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_CMAC, + .block_size = 16, + .key_size = { + .min = 1, + .max = 16, + .increment = 1 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* AES XCBC HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC, + .block_size = 16, + .key_size = { + .min = 1, + .max = 16, + .increment = 1 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + .aad_size = { 0 }, + .iv_size = { 0 } + }, } + }, } + }, RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; +#ifdef RTE_LIB_SECURITY static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = { { /* SNOW 3G (UIA2) */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, @@ -687,7 +949,8 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = { .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, - .options = { 0 } + .options = { 0 }, + .replay_win_sz_max = 128 }, .crypto_capabilities = dpaa_sec_capabilities }, @@ -698,7 +961,8 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = { .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, - .options = { 0 } + .options = { 0 }, + .replay_win_sz_max = 128 }, .crypto_capabilities = dpaa_sec_capabilities }, @@ -707,6 +971,7 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = { .protocol = RTE_SECURITY_PROTOCOL_PDCP, .pdcp = { .domain = RTE_SECURITY_PDCP_MODE_DATA, + .capa_flags = 0 }, .crypto_capabilities = dpaa_pdcp_capabilities }, @@ -715,6 +980,16 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = { .protocol = RTE_SECURITY_PROTOCOL_PDCP, .pdcp = { .domain = RTE_SECURITY_PDCP_MODE_CONTROL, + .capa_flags = 0 + }, + .crypto_capabilities = dpaa_pdcp_capabilities + }, + { /* PDCP Lookaside Protocol offload Short MAC */ + .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_PDCP, + .pdcp = { + .domain = RTE_SECURITY_PDCP_MODE_SHORT_MAC, + .capa_flags = 0 }, .crypto_capabilities = dpaa_pdcp_capabilities }, @@ -722,6 +997,7 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = { .action = RTE_SECURITY_ACTION_TYPE_NONE } }; +#endif /** * Checksum @@ -751,4 +1027,16 @@ calc_chksum(void *buffer, int len) return result; } +int +dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id, + struct rte_crypto_raw_dp_ctx *raw_dp_ctx, + enum rte_crypto_op_sess_type sess_type, + union rte_cryptodev_session_ctx session_ctx, uint8_t is_update); + +int +dpaa_sec_get_dp_ctx_size(struct rte_cryptodev *dev); + +int +dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess); + #endif /* _DPAA_SEC_H_ */