X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcommon%2Fcpt%2Fcpt_ucode.h;h=c310ea7cb455f59afbd74d1c00ec267ed8b4e322;hb=29391fce85133ded6595a635e8b811df23e8c511;hp=30610d5f9a4e642311c6349395011d9867f6a9fa;hpb=426af86bb1e83eebaedb9e5b52ec5fac0eba8f86;p=dpdk.git diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h index 30610d5f9a..c310ea7cb4 100644 --- a/drivers/common/cpt/cpt_ucode.h +++ b/drivers/common/cpt/cpt_ucode.h @@ -55,7 +55,7 @@ cpt_is_algo_supported(struct rte_crypto_sym_xform *xform) } static __rte_always_inline void -gen_key_snow3g(uint8_t *ck, uint32_t *keyx) +gen_key_snow3g(const uint8_t *ck, uint32_t *keyx) { int i, base; @@ -89,8 +89,7 @@ cpt_fc_ciph_validate_key_aes(uint16_t key_len) } static __rte_always_inline int -cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx, - uint16_t key_len) +cpt_fc_ciph_set_type(cipher_type_t type, struct cpt_ctx *ctx, uint16_t key_len) { int fc_type = 0; switch (type) { @@ -125,7 +124,7 @@ cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx, if (unlikely(key_len != 16)) return -1; /* No support for AEAD yet */ - if (unlikely(cpt_ctx->hash_type)) + if (unlikely(ctx->hash_type)) return -1; fc_type = ZUC_SNOW3G; break; @@ -134,21 +133,23 @@ cpt_fc_ciph_validate_key(cipher_type_t type, struct cpt_ctx *cpt_ctx, if (unlikely(key_len != 16)) return -1; /* No support for AEAD yet */ - if (unlikely(cpt_ctx->hash_type)) + if (unlikely(ctx->hash_type)) return -1; fc_type = KASUMI; break; default: return -1; } - return fc_type; + + ctx->fc_type = fc_type; + return 0; } static __rte_always_inline void cpt_fc_ciph_set_key_passthrough(struct cpt_ctx *cpt_ctx, mc_fc_context_t *fctx) { cpt_ctx->enc_cipher = 0; - CPT_P_ENC_CTRL(fctx).enc_cipher = 0; + fctx->enc.enc_cipher = 0; } static __rte_always_inline void @@ -170,80 +171,74 @@ cpt_fc_ciph_set_key_set_aes_key_type(mc_fc_context_t *fctx, uint16_t key_len) CPT_LOG_DP_ERR("Invalid AES key len"); return; } - CPT_P_ENC_CTRL(fctx).aes_key = aes_key_type; + fctx->enc.aes_key = aes_key_type; } static __rte_always_inline void -cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { uint32_t keyx[4]; cpt_ctx->snow3g = 1; gen_key_snow3g(key, keyx); memcpy(cpt_ctx->zs_ctx.ci_key, keyx, key_len); - cpt_ctx->fc_type = ZUC_SNOW3G; cpt_ctx->zsk_flags = 0; } static __rte_always_inline void -cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { cpt_ctx->snow3g = 0; memcpy(cpt_ctx->zs_ctx.ci_key, key, key_len); memcpy(cpt_ctx->zs_ctx.zuc_const, zuc_d, 32); - cpt_ctx->fc_type = ZUC_SNOW3G; cpt_ctx->zsk_flags = 0; } static __rte_always_inline void -cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { cpt_ctx->k_ecb = 1; memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); cpt_ctx->zsk_flags = 0; - cpt_ctx->fc_type = KASUMI; } static __rte_always_inline void -cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, uint8_t *key, +cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); cpt_ctx->zsk_flags = 0; - cpt_ctx->fc_type = KASUMI; } static __rte_always_inline int -cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, +cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key, uint16_t key_len, uint8_t *salt) { struct cpt_ctx *cpt_ctx = ctx; mc_fc_context_t *fctx = &cpt_ctx->fctx; - uint64_t *ctrl_flags = NULL; - int fc_type; + int ret; - /* Validate key before proceeding */ - fc_type = cpt_fc_ciph_validate_key(type, cpt_ctx, key_len); - if (unlikely(fc_type == -1)) + ret = cpt_fc_ciph_set_type(type, cpt_ctx, key_len); + if (unlikely(ret)) return -1; - if (fc_type == FC_GEN) { - cpt_ctx->fc_type = FC_GEN; - ctrl_flags = (uint64_t *)&(fctx->enc.enc_ctrl.flags); - *ctrl_flags = rte_be_to_cpu_64(*ctrl_flags); + if (cpt_ctx->fc_type == FC_GEN) { /* * We need to always say IV is from DPTR as user can * sometimes iverride IV per operation. */ - CPT_P_ENC_CTRL(fctx).iv_source = CPT_FROM_DPTR; + fctx->enc.iv_source = CPT_FROM_DPTR; + + if (cpt_ctx->auth_key_len > 64) + return -1; } switch (type) { case PASSTHROUGH: cpt_fc_ciph_set_key_passthrough(cpt_ctx, fctx); - goto fc_success; + goto success; case DES3_CBC: /* CPT performs DES using 3DES with the 8B DES-key * replicated 2 more times to match the 24B 3DES-key. @@ -260,7 +255,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, break; case DES3_ECB: /* For DES3_ECB IV need to be from CTX. */ - CPT_P_ENC_CTRL(fctx).iv_source = CPT_FROM_CTX; + fctx->enc.iv_source = CPT_FROM_CTX; break; case AES_CBC: case AES_ECB: @@ -278,7 +273,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, * and nothing else */ if (!key) - goto fc_success; + goto success; } cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len); break; @@ -303,20 +298,17 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, uint8_t *key, cpt_fc_ciph_set_key_kasumi_f8_cbc(cpt_ctx, key, key_len); goto success; default: - break; + return -1; } /* Only for FC_GEN case */ /* For GMAC auth, cipher must be NULL */ if (cpt_ctx->hash_type != GMAC_TYPE) - CPT_P_ENC_CTRL(fctx).enc_cipher = type; + fctx->enc.enc_cipher = type; memcpy(fctx->enc.encr_key, key, key_len); -fc_success: - *ctrl_flags = rte_cpu_to_be_64(*ctrl_flags); - success: cpt_ctx->enc_cipher = type; @@ -381,7 +373,7 @@ fill_sg_comp_from_iov(sg_comp_t *list, { int32_t j; uint32_t extra_len = extra_buf ? extra_buf->size : 0; - uint32_t size = *psize - extra_len; + uint32_t size = *psize; buf_ptr_t *bufs; bufs = from->bufs; @@ -390,9 +382,6 @@ fill_sg_comp_from_iov(sg_comp_t *list, uint32_t e_len; sg_comp_t *to = &list[i >> 2]; - if (!bufs[j].size) - continue; - if (unlikely(from_offset)) { if (from_offset >= bufs[j].size) { from_offset -= bufs[j].size; @@ -424,18 +413,19 @@ fill_sg_comp_from_iov(sg_comp_t *list, to->u.s.len[i % 4] = rte_cpu_to_be_16(e_len); } + extra_len = RTE_MIN(extra_len, size); /* Insert extra data ptr */ if (extra_len) { i++; to = &list[i >> 2]; to->u.s.len[i % 4] = - rte_cpu_to_be_16(extra_buf->size); + rte_cpu_to_be_16(extra_len); to->ptr[i % 4] = rte_cpu_to_be_64(extra_buf->dma_addr); - - /* size already decremented by extra len */ + size -= extra_len; } + next_len = RTE_MIN(next_len, size); /* insert the rest of the data */ if (next_len) { i++; @@ -467,7 +457,6 @@ cpt_digest_gen_prep(uint32_t flags, { struct cpt_request_info *req; uint32_t size, i; - int32_t m_size; uint16_t data_len, mac_len, key_len; auth_type_t hash_type; buf_ptr_t *meta_p; @@ -488,7 +477,6 @@ cpt_digest_gen_prep(uint32_t flags, m_vaddr = meta_p->vaddr; m_dma = meta_p->dma_addr; - m_size = meta_p->size; /* * Save initial space that followed app data for completion code & @@ -504,14 +492,12 @@ cpt_digest_gen_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; req = m_vaddr; size = sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; hash_type = ctx->hash_type; mac_len = ctx->mac_len; @@ -625,7 +611,6 @@ cpt_digest_gen_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -678,13 +663,11 @@ cpt_enc_hmac_prep(uint32_t flags, vq_cmd_word3_t vq_cmd_w3; void *c_vaddr; uint64_t c_dma; - int32_t m_size; opcode_info_t opcode; meta_p = &fc_params->meta_buf; m_vaddr = meta_p->vaddr; m_dma = meta_p->dma_addr; - m_size = meta_p->size; encr_offset = ENCR_OFFSET(d_offs); auth_offset = AUTH_OFFSET(d_offs); @@ -720,7 +703,6 @@ cpt_enc_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* start cpt request info struct at 8 byte boundary */ size = (uint8_t *)RTE_PTR_ALIGN(m_vaddr, 8) - @@ -731,7 +713,6 @@ cpt_enc_hmac_prep(uint32_t flags, size += sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; if (hash_type == GMAC_TYPE) encr_data_len = 0; @@ -851,7 +832,6 @@ cpt_enc_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; opcode.s.major |= CPT_DMA_MODE; @@ -1003,7 +983,6 @@ cpt_enc_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -1047,7 +1026,7 @@ cpt_dec_hmac_prep(uint32_t flags, uint32_t iv_offset = 0, size; int32_t inputlen, outputlen, enc_dlen, auth_dlen; struct cpt_ctx *cpt_ctx; - int32_t hash_type, mac_len, m_size; + int32_t hash_type, mac_len; uint8_t iv_len = 16; struct cpt_request_info *req; buf_ptr_t *meta_p, *aad_buf = NULL; @@ -1065,7 +1044,6 @@ cpt_dec_hmac_prep(uint32_t flags, meta_p = &fc_params->meta_buf; m_vaddr = meta_p->vaddr; m_dma = meta_p->dma_addr; - m_size = meta_p->size; encr_offset = ENCR_OFFSET(d_offs); auth_offset = AUTH_OFFSET(d_offs); @@ -1131,7 +1109,6 @@ cpt_dec_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* start cpt request info structure at 8 byte alignment */ size = (uint8_t *)RTE_PTR_ALIGN(m_vaddr, 8) - @@ -1142,7 +1119,6 @@ cpt_dec_hmac_prep(uint32_t flags, size += sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* Decryption */ opcode.s.major = CPT_MAJOR_OP_FC; @@ -1229,7 +1205,6 @@ cpt_dec_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; opcode.s.major |= CPT_DMA_MODE; @@ -1393,7 +1368,6 @@ cpt_dec_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -1444,7 +1418,7 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, buf_ptr_t *buf_p; uint32_t encr_offset = 0, auth_offset = 0; uint32_t encr_data_len = 0, auth_data_len = 0; - int flags, iv_len = 16, m_size; + int flags, iv_len = 16; void *m_vaddr, *c_vaddr; uint64_t m_dma, c_dma, offset_ctrl; uint64_t *offset_vaddr, offset_dma; @@ -1456,7 +1430,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, buf_p = ¶ms->meta_buf; m_vaddr = buf_p->vaddr; m_dma = buf_p->dma_addr; - m_size = buf_p->size; cpt_ctx = params->ctx_buf.vaddr; flags = cpt_ctx->zsk_flags; @@ -1478,7 +1451,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* Reserve memory for cpt request info */ req = m_vaddr; @@ -1486,12 +1458,12 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, size = sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G; /* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */ - opcode.s.minor = ((1 << 6) | (snow3g << 5) | (0 << 4) | + + opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | (0 << 3) | (flags & 0x7)); if (flags == 0x1) { @@ -1610,7 +1582,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len; m_dma += OFF_CTRL_LEN + iv_len; - m_size -= OFF_CTRL_LEN + iv_len; opcode.s.major |= CPT_DMA_MODE; @@ -1720,7 +1691,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -1768,7 +1738,7 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, buf_ptr_t *buf_p; uint32_t encr_offset; uint32_t encr_data_len; - int flags, m_size; + int flags; void *m_vaddr, *c_vaddr; uint64_t m_dma, c_dma; uint64_t *offset_vaddr, offset_dma; @@ -1780,7 +1750,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, buf_p = ¶ms->meta_buf; m_vaddr = buf_p->vaddr; m_dma = buf_p->dma_addr; - m_size = buf_p->size; /* * Microcode expects offsets in bytes @@ -1807,7 +1776,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* Reserve memory for cpt request info */ req = m_vaddr; @@ -1815,12 +1783,12 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, size = sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G; /* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */ - opcode.s.minor = ((1 << 6) | (snow3g << 5) | (0 << 4) | + + opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | (0 << 3) | (flags & 0x7)); /* consider iv len */ @@ -1905,7 +1873,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len; m_dma += OFF_CTRL_LEN + iv_len; - m_size -= OFF_CTRL_LEN + iv_len; opcode.s.major |= CPT_DMA_MODE; @@ -1988,7 +1955,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -2037,7 +2003,7 @@ cpt_kasumi_enc_prep(uint32_t req_flags, buf_ptr_t *buf_p; uint32_t encr_offset, auth_offset; uint32_t encr_data_len, auth_data_len; - int flags, m_size; + int flags; uint8_t *iv_s, *iv_d, iv_len = 8; uint8_t dir = 0; void *m_vaddr, *c_vaddr; @@ -2055,7 +2021,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, buf_p = ¶ms->meta_buf; m_vaddr = buf_p->vaddr; m_dma = buf_p->dma_addr; - m_size = buf_p->size; encr_offset = ENCR_OFFSET(d_offs) / 8; auth_offset = AUTH_OFFSET(d_offs) / 8; @@ -2088,7 +2053,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* Reserve memory for cpt request info */ req = m_vaddr; @@ -2096,7 +2060,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, size = sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; opcode.s.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE; @@ -2124,7 +2087,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len; m_dma += OFF_CTRL_LEN + iv_len; - m_size -= OFF_CTRL_LEN + iv_len; /* DPTR has SG list */ in_buffer = m_vaddr; @@ -2241,7 +2203,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -2287,7 +2248,7 @@ cpt_kasumi_dec_prep(uint64_t d_offs, buf_ptr_t *buf_p; uint32_t encr_offset; uint32_t encr_data_len; - int flags, m_size; + int flags; uint8_t dir = 0; void *m_vaddr, *c_vaddr; uint64_t m_dma, c_dma; @@ -2304,7 +2265,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, buf_p = ¶ms->meta_buf; m_vaddr = buf_p->vaddr; m_dma = buf_p->dma_addr; - m_size = buf_p->size; encr_offset = ENCR_OFFSET(d_offs) / 8; encr_data_len = ENCR_DLEN(d_lens); @@ -2326,7 +2286,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* Reserve memory for cpt request info */ req = m_vaddr; @@ -2334,7 +2293,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, size = sizeof(struct cpt_request_info); m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; opcode.s.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE; @@ -2361,7 +2319,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len; m_dma += OFF_CTRL_LEN + iv_len; - m_size -= OFF_CTRL_LEN + iv_len; /* DPTR has SG list */ in_buffer = m_vaddr; @@ -2436,7 +2393,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - m_size -= size; /* cpt alternate completion address saved earlier */ req->alternate_caddr = (uint64_t *)((uint8_t *)c_vaddr - 8); @@ -2527,12 +2483,11 @@ cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, } static __rte_always_inline int -cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key, +cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key, uint16_t key_len, uint16_t mac_len) { struct cpt_ctx *cpt_ctx = ctx; mc_fc_context_t *fctx = &cpt_ctx->fctx; - uint64_t *ctrl_flags = NULL; if ((type >= ZUC_EIA3) && (type <= KASUMI_F9_ECB)) { uint32_t keyx[4]; @@ -2583,15 +2538,15 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key, cpt_ctx->fc_type = HASH_HMAC; } - ctrl_flags = (uint64_t *)&fctx->enc.enc_ctrl.flags; - *ctrl_flags = rte_be_to_cpu_64(*ctrl_flags); + if (cpt_ctx->fc_type == FC_GEN && key_len > 64) + return -1; /* For GMAC auth, cipher must be NULL */ if (type == GMAC_TYPE) - CPT_P_ENC_CTRL(fctx).enc_cipher = 0; + fctx->enc.enc_cipher = 0; - CPT_P_ENC_CTRL(fctx).hash_type = cpt_ctx->hash_type = type; - CPT_P_ENC_CTRL(fctx).mac_len = cpt_ctx->mac_len = mac_len; + fctx->enc.hash_type = cpt_ctx->hash_type = type; + fctx->enc.mac_len = cpt_ctx->mac_len = mac_len; if (key_len) { cpt_ctx->hmac = 1; @@ -2600,10 +2555,11 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, uint8_t *key, cpt_ctx->auth_key_len = key_len; memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad)); memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad)); - memcpy(fctx->hmac.opad, key, key_len); - CPT_P_ENC_CTRL(fctx).auth_input_type = 1; + + if (key_len <= 64) + memcpy(fctx->hmac.opad, key, key_len); + fctx->enc.auth_input_type = 1; } - *ctrl_flags = rte_cpu_to_be_64(*ctrl_flags); return 0; } @@ -2615,9 +2571,9 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, cipher_type_t enc_type = 0; /* NULL Cipher type */ auth_type_t auth_type = 0; /* NULL Auth type */ uint32_t cipher_key_len = 0; - uint8_t zsk_flag = 0, aes_gcm = 0; + uint8_t aes_gcm = 0; aead_form = &xform->aead; - void *ctx; + void *ctx = SESS_PRIV(sess); if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT && aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) { @@ -2651,18 +2607,20 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, (unsigned int long)aead_form->key.length); return -1; } - sess->zsk_flag = zsk_flag; + sess->zsk_flag = 0; sess->aes_gcm = aes_gcm; sess->mac_len = aead_form->digest_length; sess->iv_offset = aead_form->iv.offset; sess->iv_length = aead_form->iv.length; sess->aad_length = aead_form->aad_length; - ctx = (void *)((uint8_t *)sess + sizeof(struct cpt_sess_misc)), - cpt_fc_ciph_set_key(ctx, enc_type, aead_form->key.data, - aead_form->key.length, NULL); + if (unlikely(cpt_fc_ciph_set_key(ctx, enc_type, aead_form->key.data, + aead_form->key.length, NULL))) + return -1; - cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, aead_form->digest_length); + if (unlikely(cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, + aead_form->digest_length))) + return -1; return 0; } @@ -2674,10 +2632,7 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct rte_crypto_cipher_xform *c_form; cipher_type_t enc_type = 0; /* NULL Cipher type */ uint32_t cipher_key_len = 0; - uint8_t zsk_flag = 0, aes_gcm = 0, aes_ctr = 0, is_null = 0; - - if (xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER) - return -1; + uint8_t zsk_flag = 0, aes_ctr = 0, is_null = 0; c_form = &xform->cipher; @@ -2759,14 +2714,15 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, } sess->zsk_flag = zsk_flag; - sess->aes_gcm = aes_gcm; + sess->aes_gcm = 0; sess->aes_ctr = aes_ctr; sess->iv_offset = c_form->iv.offset; sess->iv_length = c_form->iv.length; sess->is_null = is_null; - cpt_fc_ciph_set_key(SESS_PRIV(sess), enc_type, c_form->key.data, - c_form->key.length, NULL); + if (unlikely(cpt_fc_ciph_set_key(SESS_PRIV(sess), enc_type, + c_form->key.data, c_form->key.length, NULL))) + return -1; return 0; } @@ -2779,9 +2735,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, auth_type_t auth_type = 0; /* NULL Auth type */ uint8_t zsk_flag = 0, aes_gcm = 0, is_null = 0; - if (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH) - goto error_out; - a_form = &xform->auth; if (a_form->op == RTE_CRYPTO_AUTH_OP_VERIFY) @@ -2793,11 +2746,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, return -1; } - if (a_form->key.length > 64) { - CPT_LOG_DP_ERR("Auth key length is big"); - return -1; - } - switch (a_form->algo) { case RTE_CRYPTO_AUTH_SHA1_HMAC: /* Fall through */ @@ -2853,11 +2801,11 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, case RTE_CRYPTO_AUTH_AES_CBC_MAC: CPT_LOG_DP_ERR("Crypto: Unsupported hash algo %u", a_form->algo); - goto error_out; + return -1; default: CPT_LOG_DP_ERR("Crypto: Undefined Hash algo %u specified", a_form->algo); - goto error_out; + return -1; } sess->zsk_flag = zsk_flag; @@ -2868,13 +2816,12 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, sess->auth_iv_offset = a_form->iv.offset; sess->auth_iv_length = a_form->iv.length; } - cpt_fc_auth_set_key(SESS_PRIV(sess), auth_type, a_form->key.data, - a_form->key.length, a_form->digest_length); + if (unlikely(cpt_fc_auth_set_key(SESS_PRIV(sess), auth_type, + a_form->key.data, a_form->key.length, + a_form->digest_length))) + return -1; return 0; - -error_out: - return -1; } static __rte_always_inline int @@ -2884,11 +2831,7 @@ fill_sess_gmac(struct rte_crypto_sym_xform *xform, struct rte_crypto_auth_xform *a_form; cipher_type_t enc_type = 0; /* NULL Cipher type */ auth_type_t auth_type = 0; /* NULL Auth type */ - uint8_t zsk_flag = 0, aes_gcm = 0; - void *ctx; - - if (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH) - return -1; + void *ctx = SESS_PRIV(sess); a_form = &xform->auth; @@ -2912,17 +2855,20 @@ fill_sess_gmac(struct rte_crypto_sym_xform *xform, return -1; } - sess->zsk_flag = zsk_flag; - sess->aes_gcm = aes_gcm; + sess->zsk_flag = 0; + sess->aes_gcm = 0; sess->is_gmac = 1; sess->iv_offset = a_form->iv.offset; sess->iv_length = a_form->iv.length; sess->mac_len = a_form->digest_length; - ctx = (void *)((uint8_t *)sess + sizeof(struct cpt_sess_misc)), - cpt_fc_ciph_set_key(ctx, enc_type, a_form->key.data, - a_form->key.length, NULL); - cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, a_form->digest_length); + if (unlikely(cpt_fc_ciph_set_key(ctx, enc_type, a_form->key.data, + a_form->key.length, NULL))) + return -1; + + if (unlikely(cpt_fc_auth_set_key(ctx, auth_type, NULL, 0, + a_form->digest_length))) + return -1; return 0; } @@ -3118,9 +3064,6 @@ fill_fc_params(struct rte_crypto_op *cop, uint64_t d_offs, d_lens; struct rte_mbuf *m_src, *m_dst; uint8_t cpt_op = sess_misc->cpt_op; - uint8_t zsk_flag = sess_misc->zsk_flag; - uint8_t aes_gcm = sess_misc->aes_gcm; - uint16_t mac_len = sess_misc->mac_len; #ifdef CPT_ALWAYS_USE_SG_MODE uint8_t inplace = 0; #else @@ -3146,21 +3089,17 @@ fill_fc_params(struct rte_crypto_op *cop, } } - if (zsk_flag) { + if (sess_misc->zsk_flag) { fc_params.auth_iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess_misc->auth_iv_offset); - if (zsk_flag == K_F9) { - CPT_LOG_DP_ERR("Should not reach here for " - "kasumi F9\n"); - } - if (zsk_flag != ZS_EA) + if (sess_misc->zsk_flag != ZS_EA) inplace = 0; } m_src = sym_op->m_src; m_dst = sym_op->m_dst; - if (aes_gcm) { + if (sess_misc->aes_gcm) { uint8_t *salt; uint8_t *aad_data; uint16_t aad_len; @@ -3194,7 +3133,7 @@ fill_fc_params(struct rte_crypto_op *cop, sess_misc->salt = *(uint32_t *)salt; } fc_params.iv_buf = salt + 4; - if (likely(mac_len)) { + if (likely(sess_misc->mac_len)) { struct rte_mbuf *m = (cpt_op & CPT_OP_ENCODE) ? m_dst : m_src; @@ -3237,7 +3176,7 @@ fill_fc_params(struct rte_crypto_op *cop, } fc_params.iv_buf = salt + 4; } - if (likely(mac_len)) { + if (likely(sess_misc->mac_len)) { struct rte_mbuf *m; m = (cpt_op & CPT_OP_ENCODE) ? m_dst : m_src; @@ -3296,7 +3235,6 @@ fill_fc_params(struct rte_crypto_op *cop, uint32_t pkt_len; /* Try to make room as much as src has */ - m_dst = sym_op->m_dst; pkt_len = rte_pktmbuf_pkt_len(m_dst); if (unlikely(pkt_len < rte_pktmbuf_pkt_len(m_src))) { @@ -3489,7 +3427,6 @@ fill_digest_params(struct rte_crypto_op *cop, uint64_t d_offs = 0, d_lens; struct rte_mbuf *m_src, *m_dst; uint16_t auth_op = sess->cpt_op & CPT_OP_AUTH_MASK; - uint8_t zsk_flag = sess->zsk_flag; uint16_t mac_len = sess->mac_len; fc_params_t params; char src[SRC_IOV_SIZE]; @@ -3520,7 +3457,7 @@ fill_digest_params(struct rte_crypto_op *cop, flags = VALID_MAC_BUF; params.src_iov = (void *)src; - if (unlikely(zsk_flag)) { + if (unlikely(sess->zsk_flag)) { /* * Since for Zuc, Kasumi, Snow3g offsets are in bits * we will send pass through even for auth only case, @@ -3530,10 +3467,9 @@ fill_digest_params(struct rte_crypto_op *cop, auth_range_off = 0; params.auth_iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess->auth_iv_offset); - if (zsk_flag == K_F9) { + if (sess->zsk_flag == K_F9) { uint32_t length_in_bits, num_bytes; uint8_t *src, direction = 0; - uint32_t counter_num_bytes; memcpy(iv_buf, rte_pktmbuf_mtod(cop->sym->m_src, uint8_t *), 8); @@ -3543,10 +3479,9 @@ fill_digest_params(struct rte_crypto_op *cop, */ length_in_bits = cop->sym->auth.data.length; num_bytes = (length_in_bits >> 3); - counter_num_bytes = num_bytes; src = rte_pktmbuf_mtod(cop->sym->m_src, uint8_t *); find_kasumif9_direction_and_length(src, - counter_num_bytes, + num_bytes, &length_in_bits, &direction); length_in_bits -= 64;