X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcommon%2Fcpt%2Fcpt_ucode.h;h=34ccd08a40a802296245ae68407d0b89f73bb8e6;hb=4211cc0e922616f9d017504b0db6d3f91b111bcd;hp=09925766397774b442268b6402479a88d07c06c9;hpb=8de5ede7b61d9b1af40485755cfcd2d525a6c816;p=dpdk.git diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h index 0992576639..34ccd08a40 100644 --- a/drivers/common/cpt/cpt_ucode.h +++ b/drivers/common/cpt/cpt_ucode.h @@ -22,40 +22,8 @@ static uint8_t zuc_d[32] = { 0x5E, 0x26, 0x3C, 0x4D, 0x78, 0x9A, 0x47, 0xAC }; -static __rte_always_inline int -cpt_is_algo_supported(struct rte_crypto_sym_xform *xform) -{ - /* - * Microcode only supports the following combination. - * Encryption followed by authentication - * Authentication followed by decryption - */ - if (xform->next) { - if ((xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) && - (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) && - (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)) { - /* Unsupported as of now by microcode */ - CPT_LOG_DP_ERR("Unsupported combination"); - return -1; - } - if ((xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) && - (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) && - (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)) { - /* For GMAC auth there is no cipher operation */ - if (xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM || - xform->next->auth.algo != - RTE_CRYPTO_AUTH_AES_GMAC) { - /* Unsupported as of now by microcode */ - CPT_LOG_DP_ERR("Unsupported combination"); - return -1; - } - } - } - return 0; -} - static __rte_always_inline void -gen_key_snow3g(uint8_t *ck, uint32_t *keyx) +gen_key_snow3g(const uint8_t *ck, uint32_t *keyx) { int i, base; @@ -149,7 +117,7 @@ static __rte_always_inline void cpt_fc_ciph_set_key_passthrough(struct cpt_ctx *cpt_ctx, mc_fc_context_t *fctx) { cpt_ctx->enc_cipher = 0; - CPT_P_ENC_CTRL(fctx).enc_cipher = 0; + fctx->enc.enc_cipher = 0; } static __rte_always_inline void @@ -171,11 +139,11 @@ cpt_fc_ciph_set_key_set_aes_key_type(mc_fc_context_t *fctx, uint16_t key_len) CPT_LOG_DP_ERR("Invalid AES key len"); return; } - CPT_P_ENC_CTRL(fctx).aes_key = aes_key_type; + fctx->enc.aes_key = aes_key_type; } static __rte_always_inline void -cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { uint32_t keyx[4]; @@ -186,7 +154,7 @@ cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, uint8_t *key, } static __rte_always_inline void -cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { cpt_ctx->snow3g = 0; @@ -196,7 +164,7 @@ cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, uint8_t *key, } static __rte_always_inline void -cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { cpt_ctx->k_ecb = 1; @@ -205,7 +173,7 @@ cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, uint8_t *key, } static __rte_always_inline void -cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); @@ -213,12 +181,11 @@ cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, uint8_t *key, } static __rte_always_inline int -cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, +cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key, uint16_t key_len, uint8_t *salt) { struct cpt_ctx *cpt_ctx = ctx; mc_fc_context_t *fctx = &cpt_ctx->fctx; - uint64_t *ctrl_flags = NULL; int ret; ret = cpt_fc_ciph_set_type(type, cpt_ctx, key_len); @@ -226,19 +193,20 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, return -1; if (cpt_ctx->fc_type == FC_GEN) { - ctrl_flags = (uint64_t *)&(fctx->enc.enc_ctrl.flags); - *ctrl_flags = rte_be_to_cpu_64(*ctrl_flags); /* * We need to always say IV is from DPTR as user can * sometimes iverride IV per operation. */ - CPT_P_ENC_CTRL(fctx).iv_source = CPT_FROM_DPTR; + fctx->enc.iv_source = CPT_FROM_DPTR; + + if (cpt_ctx->auth_key_len > 64) + return -1; } switch (type) { case PASSTHROUGH: cpt_fc_ciph_set_key_passthrough(cpt_ctx, fctx); - goto fc_success; + goto success; case DES3_CBC: /* CPT performs DES using 3DES with the 8B DES-key * replicated 2 more times to match the 24B 3DES-key. @@ -255,7 +223,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, break; case DES3_ECB: /* For DES3_ECB IV need to be from CTX. */ - CPT_P_ENC_CTRL(fctx).iv_source = CPT_FROM_CTX; + fctx->enc.iv_source = CPT_FROM_CTX; break; case AES_CBC: case AES_ECB: @@ -273,7 +241,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, * and nothing else */ if (!key) - goto fc_success; + goto success; } cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len); break; @@ -298,20 +266,17 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, cpt_fc_ciph_set_key_kasumi_f8_cbc(cpt_ctx, key, key_len); goto success; default: - break; + return -1; } /* Only for FC_GEN case */ /* For GMAC auth, cipher must be NULL */ if (cpt_ctx->hash_type != GMAC_TYPE) - CPT_P_ENC_CTRL(fctx).enc_cipher = type; + fctx->enc.enc_cipher = type; memcpy(fctx->enc.encr_key, key, key_len); -fc_success: - *ctrl_flags = rte_cpu_to_be_64(*ctrl_flags); - success: cpt_ctx->enc_cipher = type; @@ -376,7 +341,7 @@ fill_sg_comp_from_iov(sg_comp_t *list, { int32_t j; uint32_t extra_len = extra_buf ? extra_buf->size : 0; - uint32_t size = *psize - extra_len; + uint32_t size = *psize; buf_ptr_t *bufs; bufs = from->bufs; @@ -385,9 +350,6 @@ fill_sg_comp_from_iov(sg_comp_t *list, uint32_t e_len; sg_comp_t *to = &list[i >> 2]; - if (!bufs[j].size) - continue; - if (unlikely(from_offset)) { if (from_offset >= bufs[j].size) { from_offset -= bufs[j].size; @@ -419,18 +381,19 @@ fill_sg_comp_from_iov(sg_comp_t *list, to->u.s.len[i % 4] = rte_cpu_to_be_16(e_len); } + extra_len = RTE_MIN(extra_len, size); /* Insert extra data ptr */ if (extra_len) { i++; to = &list[i >> 2]; to->u.s.len[i % 4] = - rte_cpu_to_be_16(extra_buf->size); + rte_cpu_to_be_16(extra_len); to->ptr[i % 4] = rte_cpu_to_be_64(extra_buf->dma_addr); - - /* size already decremented by extra len */ + size -= extra_len; } + next_len = RTE_MIN(next_len, size); /* insert the rest of the data */ if (next_len) { i++; @@ -1467,7 +1430,8 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G; /* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */ - opcode.s.minor = ((1 << 6) | (snow3g << 5) | (0 << 4) | + + opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | (0 << 3) | (flags & 0x7)); if (flags == 0x1) { @@ -1791,7 +1755,8 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G; /* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */ - opcode.s.minor = ((1 << 6) | (snow3g << 5) | (0 << 4) | + + opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | (0 << 3) | (flags & 0x7)); /* consider iv len */ @@ -2458,7 +2423,7 @@ cpt_fc_dec_hmac_prep(uint32_t flags, return prep_req; } -static __rte_always_inline void *__hot +static __rte_always_inline void *__rte_hot cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, fc_params_t *fc_params, void *op) { @@ -2486,12 +2451,11 @@ cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, } static __rte_always_inline int -cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key, +cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key, uint16_t key_len, uint16_t mac_len) { struct cpt_ctx *cpt_ctx = ctx; mc_fc_context_t *fctx = &cpt_ctx->fctx; - uint64_t *ctrl_flags = NULL; if ((type >= ZUC_EIA3) && (type <= KASUMI_F9_ECB)) { uint32_t keyx[4]; @@ -2542,15 +2506,15 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key, cpt_ctx->fc_type = HASH_HMAC; } - ctrl_flags = (uint64_t *)&fctx->enc.enc_ctrl.flags; - *ctrl_flags = rte_be_to_cpu_64(*ctrl_flags); + if (cpt_ctx->fc_type == FC_GEN && key_len > 64) + return -1; /* For GMAC auth, cipher must be NULL */ if (type == GMAC_TYPE) - CPT_P_ENC_CTRL(fctx).enc_cipher = 0; + fctx->enc.enc_cipher = 0; - CPT_P_ENC_CTRL(fctx).hash_type = cpt_ctx->hash_type = type; - CPT_P_ENC_CTRL(fctx).mac_len = cpt_ctx->mac_len = mac_len; + fctx->enc.hash_type = cpt_ctx->hash_type = type; + fctx->enc.mac_len = cpt_ctx->mac_len = mac_len; if (key_len) { cpt_ctx->hmac = 1; @@ -2559,10 +2523,11 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key, cpt_ctx->auth_key_len = key_len; memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad)); memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad)); - memcpy(fctx->hmac.opad, key, key_len); - CPT_P_ENC_CTRL(fctx).auth_input_type = 1; + + if (key_len <= 64) + memcpy(fctx->hmac.opad, key, key_len); + fctx->enc.auth_input_type = 1; } - *ctrl_flags = rte_cpu_to_be_64(*ctrl_flags); return 0; } @@ -2617,10 +2582,13 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, sess->iv_length = aead_form->iv.length; sess->aad_length = aead_form->aad_length; - cpt_fc_ciph_set_key(ctx, enc_type, aead_form->key.data, - aead_form->key.length, NULL); + if (unlikely(cpt_fc_ciph_set_key(ctx, enc_type, aead_form->key.data, + aead_form->key.length, NULL))) + return -1; - cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, aead_form->digest_length); + if (unlikely(cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, + aead_form->digest_length))) + return -1; return 0; } @@ -2720,8 +2688,9 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, sess->iv_length = c_form->iv.length; sess->is_null = is_null; - cpt_fc_ciph_set_key(SESS_PRIV(sess), enc_type, c_form->key.data, - c_form->key.length, NULL); + if (unlikely(cpt_fc_ciph_set_key(SESS_PRIV(sess), enc_type, + c_form->key.data, c_form->key.length, NULL))) + return -1; return 0; } @@ -2745,11 +2714,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, return -1; } - if (a_form->key.length > 64) { - CPT_LOG_DP_ERR("Auth key length is big"); - return -1; - } - switch (a_form->algo) { case RTE_CRYPTO_AUTH_SHA1_HMAC: /* Fall through */ @@ -2820,8 +2784,10 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, sess->auth_iv_offset = a_form->iv.offset; sess->auth_iv_length = a_form->iv.length; } - cpt_fc_auth_set_key(SESS_PRIV(sess), auth_type, a_form->key.data, - a_form->key.length, a_form->digest_length); + if (unlikely(cpt_fc_auth_set_key(SESS_PRIV(sess), auth_type, + a_form->key.data, a_form->key.length, + a_form->digest_length))) + return -1; return 0; } @@ -2864,9 +2830,13 @@ fill_sess_gmac(struct rte_crypto_sym_xform *xform, sess->iv_length = a_form->iv.length; sess->mac_len = a_form->digest_length; - cpt_fc_ciph_set_key(ctx, enc_type, a_form->key.data, - a_form->key.length, NULL); - cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, a_form->digest_length); + if (unlikely(cpt_fc_ciph_set_key(ctx, enc_type, a_form->key.data, + a_form->key.length, NULL))) + return -1; + + if (unlikely(cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, + a_form->digest_length))) + return -1; return 0; } @@ -3331,49 +3301,6 @@ compl_auth_verify(struct rte_crypto_op *op, op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; } -static __rte_always_inline int -instance_session_cfg(struct rte_crypto_sym_xform *xform, void *sess) -{ - struct rte_crypto_sym_xform *chain; - - CPT_PMD_INIT_FUNC_TRACE(); - - if (cpt_is_algo_supported(xform)) - goto err; - - chain = xform; - while (chain) { - switch (chain->type) { - case RTE_CRYPTO_SYM_XFORM_AEAD: - if (fill_sess_aead(chain, sess)) - goto err; - break; - case RTE_CRYPTO_SYM_XFORM_CIPHER: - if (fill_sess_cipher(chain, sess)) - goto err; - break; - case RTE_CRYPTO_SYM_XFORM_AUTH: - if (chain->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) { - if (fill_sess_gmac(chain, sess)) - goto err; - } else { - if (fill_sess_auth(chain, sess)) - goto err; - } - break; - default: - CPT_LOG_DP_ERR("Invalid crypto xform type"); - break; - } - chain = chain->next; - } - - return 0; - -err: - return -1; -} - static __rte_always_inline void find_kasumif9_direction_and_length(uint8_t *src, uint32_t counter_num_bytes,