X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcommon%2Fcpt%2Fcpt_ucode.h;h=ee6d49aae77beac3c911e63746b2487240da2922;hb=753a7c08e2d4dbc4dc6709d48f30db9e691c3bc4;hp=081249cd7bba9836f47c3ae64ba13aafc5fe5df8;hpb=e40175c5c56a6a355e022aec106400d25b4f294d;p=dpdk.git diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h index 081249cd7b..ee6d49aae7 100644 --- a/drivers/common/cpt/cpt_ucode.h +++ b/drivers/common/cpt/cpt_ucode.h @@ -22,38 +22,6 @@ static uint8_t zuc_d[32] = { 0x5E, 0x26, 0x3C, 0x4D, 0x78, 0x9A, 0x47, 0xAC }; -static __rte_always_inline int -cpt_is_algo_supported(struct rte_crypto_sym_xform *xform) -{ - /* - * Microcode only supports the following combination. - * Encryption followed by authentication - * Authentication followed by decryption - */ - if (xform->next) { - if ((xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) && - (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) && - (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)) { - /* Unsupported as of now by microcode */ - CPT_LOG_DP_ERR("Unsupported combination"); - return -1; - } - if ((xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) && - (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) && - (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)) { - /* For GMAC auth there is no cipher operation */ - if (xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM || - xform->next->auth.algo != - RTE_CRYPTO_AUTH_AES_GMAC) { - /* Unsupported as of now by microcode */ - CPT_LOG_DP_ERR("Unsupported combination"); - return -1; - } - } - } - return 0; -} - static __rte_always_inline void gen_key_snow3g(const uint8_t *ck, uint32_t *keyx) { @@ -67,21 +35,62 @@ gen_key_snow3g(const uint8_t *ck, uint32_t *keyx) } } +static __rte_always_inline int +cpt_mac_len_verify(struct rte_crypto_auth_xform *auth) +{ + uint16_t mac_len = auth->digest_length; + int ret; + + switch (auth->algo) { + case RTE_CRYPTO_AUTH_MD5: + case RTE_CRYPTO_AUTH_MD5_HMAC: + ret = (mac_len == 16) ? 0 : -1; + break; + case RTE_CRYPTO_AUTH_SHA1: + case RTE_CRYPTO_AUTH_SHA1_HMAC: + ret = (mac_len == 20) ? 0 : -1; + break; + case RTE_CRYPTO_AUTH_SHA224: + case RTE_CRYPTO_AUTH_SHA224_HMAC: + ret = (mac_len == 28) ? 0 : -1; + break; + case RTE_CRYPTO_AUTH_SHA256: + case RTE_CRYPTO_AUTH_SHA256_HMAC: + ret = (mac_len == 32) ? 0 : -1; + break; + case RTE_CRYPTO_AUTH_SHA384: + case RTE_CRYPTO_AUTH_SHA384_HMAC: + ret = (mac_len == 48) ? 0 : -1; + break; + case RTE_CRYPTO_AUTH_SHA512: + case RTE_CRYPTO_AUTH_SHA512_HMAC: + ret = (mac_len == 64) ? 0 : -1; + break; + case RTE_CRYPTO_AUTH_NULL: + ret = 0; + break; + default: + ret = -1; + } + + return ret; +} + static __rte_always_inline void -cpt_fc_salt_update(void *ctx, +cpt_fc_salt_update(struct cpt_ctx *cpt_ctx, uint8_t *salt) { - struct cpt_ctx *cpt_ctx = ctx; - memcpy(&cpt_ctx->fctx.enc.encr_iv, salt, 4); + mc_fc_context_t *fctx = &cpt_ctx->mc_ctx.fctx; + memcpy(fctx->enc.encr_iv, salt, 4); } static __rte_always_inline int cpt_fc_ciph_validate_key_aes(uint16_t key_len) { switch (key_len) { - case CPT_BYTE_16: - case CPT_BYTE_24: - case CPT_BYTE_32: + case 16: + case 24: + case 32: return 0; default: return -1; @@ -109,9 +118,12 @@ cpt_fc_ciph_set_type(cipher_type_t type, struct cpt_ctx *ctx, uint16_t key_len) return -1; fc_type = FC_GEN; break; + case CHACHA20: + fc_type = FC_GEN; + break; case AES_XTS: key_len = key_len / 2; - if (unlikely(key_len == CPT_BYTE_24)) { + if (unlikely(key_len == 24)) { CPT_LOG_DP_ERR("Invalid AES key len for XTS"); return -1; } @@ -157,13 +169,13 @@ cpt_fc_ciph_set_key_set_aes_key_type(mc_fc_context_t *fctx, uint16_t key_len) { mc_aes_type_t aes_key_type = 0; switch (key_len) { - case CPT_BYTE_16: + case 16: aes_key_type = AES_128_BIT; break; - case CPT_BYTE_24: + case 24: aes_key_type = AES_192_BIT; break; - case CPT_BYTE_32: + case 32: aes_key_type = AES_256_BIT; break; default: @@ -178,10 +190,12 @@ static __rte_always_inline void cpt_fc_ciph_set_key_snow3g_uea2(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { + mc_zuc_snow3g_ctx_t *zs_ctx = &cpt_ctx->mc_ctx.zs_ctx; uint32_t keyx[4]; + cpt_ctx->snow3g = 1; gen_key_snow3g(key, keyx); - memcpy(cpt_ctx->zs_ctx.ci_key, keyx, key_len); + memcpy(zs_ctx->ci_key, keyx, key_len); cpt_ctx->zsk_flags = 0; } @@ -189,9 +203,11 @@ static __rte_always_inline void cpt_fc_ciph_set_key_zuc_eea3(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { + mc_zuc_snow3g_ctx_t *zs_ctx = &cpt_ctx->mc_ctx.zs_ctx; + cpt_ctx->snow3g = 0; - memcpy(cpt_ctx->zs_ctx.ci_key, key, key_len); - memcpy(cpt_ctx->zs_ctx.zuc_const, zuc_d, 32); + memcpy(zs_ctx->ci_key, key, key_len); + memcpy(zs_ctx->zuc_const, zuc_d, 32); cpt_ctx->zsk_flags = 0; } @@ -199,8 +215,10 @@ static __rte_always_inline void cpt_fc_ciph_set_key_kasumi_f8_ecb(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { + mc_kasumi_ctx_t *k_ctx = &cpt_ctx->mc_ctx.k_ctx; + cpt_ctx->k_ecb = 1; - memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); + memcpy(k_ctx->ci_key, key, key_len); cpt_ctx->zsk_flags = 0; } @@ -208,16 +226,17 @@ static __rte_always_inline void cpt_fc_ciph_set_key_kasumi_f8_cbc(struct cpt_ctx *cpt_ctx, const uint8_t *key, uint16_t key_len) { - memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); + mc_kasumi_ctx_t *k_ctx = &cpt_ctx->mc_ctx.k_ctx; + + memcpy(k_ctx->ci_key, key, key_len); cpt_ctx->zsk_flags = 0; } static __rte_always_inline int -cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key, - uint16_t key_len, uint8_t *salt) +cpt_fc_ciph_set_key(struct cpt_ctx *cpt_ctx, cipher_type_t type, + const uint8_t *key, uint16_t key_len, uint8_t *salt) { - struct cpt_ctx *cpt_ctx = ctx; - mc_fc_context_t *fctx = &cpt_ctx->fctx; + mc_fc_context_t *fctx = &cpt_ctx->mc_ctx.fctx; int ret; ret = cpt_fc_ciph_set_type(type, cpt_ctx, key_len); @@ -261,6 +280,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key, case AES_ECB: case AES_CFB: case AES_CTR: + case CHACHA20: cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len); break; case AES_GCM: @@ -373,7 +393,7 @@ fill_sg_comp_from_iov(sg_comp_t *list, { int32_t j; uint32_t extra_len = extra_buf ? extra_buf->size : 0; - uint32_t size = *psize - extra_len; + uint32_t size = *psize; buf_ptr_t *bufs; bufs = from->bufs; @@ -382,9 +402,6 @@ fill_sg_comp_from_iov(sg_comp_t *list, uint32_t e_len; sg_comp_t *to = &list[i >> 2]; - if (!bufs[j].size) - continue; - if (unlikely(from_offset)) { if (from_offset >= bufs[j].size) { from_offset -= bufs[j].size; @@ -416,18 +433,19 @@ fill_sg_comp_from_iov(sg_comp_t *list, to->u.s.len[i % 4] = rte_cpu_to_be_16(e_len); } + extra_len = RTE_MIN(extra_len, size); /* Insert extra data ptr */ if (extra_len) { i++; to = &list[i >> 2]; to->u.s.len[i % 4] = - rte_cpu_to_be_16(extra_buf->size); + rte_cpu_to_be_16(extra_len); to->ptr[i % 4] = rte_cpu_to_be_64(extra_buf->dma_addr); - - /* size already decremented by extra len */ + size -= extra_len; } + next_len = RTE_MIN(next_len, size); /* insert the rest of the data */ if (next_len) { i++; @@ -469,10 +487,8 @@ cpt_digest_gen_prep(uint32_t flags, uint32_t g_size_bytes, s_size_bytes; uint64_t dptr_dma, rptr_dma; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; void *c_vaddr, *m_vaddr; uint64_t c_dma, m_dma; - opcode_info_t opcode; ctx = params->ctx_buf.vaddr; meta_p = ¶ms->meta_buf; @@ -507,31 +523,27 @@ cpt_digest_gen_prep(uint32_t flags, data_len = AUTH_DLEN(d_lens); /*GP op header */ - vq_cmd_w0.u64 = 0; + vq_cmd_w0.s.opcode.minor = 0; vq_cmd_w0.s.param2 = ((uint16_t)hash_type << 8); if (ctx->hmac) { - opcode.s.major = CPT_MAJOR_OP_HMAC | CPT_DMA_MODE; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_HMAC | CPT_DMA_MODE; vq_cmd_w0.s.param1 = key_len; - vq_cmd_w0.s.dlen = data_len + ROUNDUP8(key_len); + vq_cmd_w0.s.dlen = data_len + RTE_ALIGN_CEIL(key_len, 8); } else { - opcode.s.major = CPT_MAJOR_OP_HASH | CPT_DMA_MODE; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_HASH | CPT_DMA_MODE; vq_cmd_w0.s.param1 = 0; vq_cmd_w0.s.dlen = data_len; } - opcode.s.minor = 0; - /* Null auth only case enters the if */ if (unlikely(!hash_type && !ctx->enc_cipher)) { - opcode.s.major = CPT_MAJOR_OP_MISC; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_MISC; /* Minor op is passthrough */ - opcode.s.minor = 0x03; + vq_cmd_w0.s.opcode.minor = 0x03; /* Send out completion code only */ vq_cmd_w0.s.param2 = 0x1; } - vq_cmd_w0.s.opcode = opcode.flags; - /* DPTR has SG list */ in_buffer = m_vaddr; dptr_dma = m_dma; @@ -552,7 +564,8 @@ cpt_digest_gen_prep(uint32_t flags, uint64_t k_dma = params->ctx_buf.dma_addr + offsetof(struct cpt_ctx, auth_key); /* Key */ - i = fill_sg_comp(gather_comp, i, k_dma, ROUNDUP8(key_len)); + i = fill_sg_comp(gather_comp, i, k_dma, + RTE_ALIGN_CEIL(key_len, 8)); } /* input data */ @@ -622,9 +635,6 @@ cpt_digest_gen_prep(uint32_t flags, req->ist.ei1 = dptr_dma; req->ist.ei2 = rptr_dma; - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -632,7 +642,6 @@ cpt_digest_gen_prep(uint32_t flags, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -660,12 +669,10 @@ cpt_enc_hmac_prep(uint32_t flags, uint32_t encr_data_len, auth_data_len, aad_len = 0; uint32_t passthrough_len = 0; void *m_vaddr, *offset_vaddr; - uint64_t m_dma, offset_dma, ctx_dma; + uint64_t m_dma, offset_dma; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; void *c_vaddr; uint64_t c_dma; - opcode_info_t opcode; meta_p = &fc_params->meta_buf; m_vaddr = meta_p->vaddr; @@ -716,9 +723,6 @@ cpt_enc_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - if (hash_type == GMAC_TYPE) - encr_data_len = 0; - if (unlikely(!(flags & VALID_IV_BUF))) { iv_len = 0; iv_offset = ENCR_IV_OFFSET(d_offs); @@ -747,22 +751,26 @@ cpt_enc_hmac_prep(uint32_t flags, } /* Encryption */ - opcode.s.major = CPT_MAJOR_OP_FC; - opcode.s.minor = 0; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_FC; + vq_cmd_w0.s.opcode.minor = CPT_FC_MINOR_OP_ENCRYPT; + vq_cmd_w0.s.opcode.minor |= (cpt_ctx->auth_enc << + CPT_HMAC_FIRST_BIT_POS); + + if (hash_type == GMAC_TYPE) { + encr_offset = 0; + encr_data_len = 0; + } auth_dlen = auth_offset + auth_data_len; enc_dlen = encr_data_len + encr_offset; if (unlikely(encr_data_len & 0xf)) { if ((cipher_type == DES3_CBC) || (cipher_type == DES3_ECB)) - enc_dlen = ROUNDUP8(encr_data_len) + encr_offset; + enc_dlen = RTE_ALIGN_CEIL(encr_data_len, 8) + + encr_offset; else if (likely((cipher_type == AES_CBC) || (cipher_type == AES_ECB))) - enc_dlen = ROUNDUP16(encr_data_len) + encr_offset; - } - - if (unlikely(hash_type == GMAC_TYPE)) { - encr_offset = auth_dlen; - enc_dlen = 0; + enc_dlen = RTE_ALIGN_CEIL(encr_data_len, 8) + + encr_offset; } if (unlikely(auth_dlen > enc_dlen)) { @@ -773,8 +781,10 @@ cpt_enc_hmac_prep(uint32_t flags, outputlen = enc_dlen + mac_len; } + if (cpt_ctx->auth_enc != 0) + outputlen = enc_dlen; + /* GP op header */ - vq_cmd_w0.u64 = 0; vq_cmd_w0.s.param1 = encr_data_len; vq_cmd_w0.s.param2 = auth_data_len; /* @@ -805,8 +815,6 @@ cpt_enc_hmac_prep(uint32_t flags, vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN; - vq_cmd_w0.s.opcode = opcode.flags; - if (likely(iv_len)) { uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr + OFF_CTRL_LEN); @@ -835,9 +843,7 @@ cpt_enc_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - opcode.s.major |= CPT_DMA_MODE; - - vq_cmd_w0.s.opcode = opcode.flags; + vq_cmd_w0.s.opcode.major |= CPT_DMA_MODE; if (likely(iv_len)) { uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr @@ -995,13 +1001,6 @@ cpt_enc_hmac_prep(uint32_t flags, req->ist.ei2 = rptr_dma; } - ctx_dma = fc_params->ctx_buf.dma_addr + - offsetof(struct cpt_ctx, fctx); - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - vq_cmd_w3.s.grp = 0; - vq_cmd_w3.s.cptr = ctx_dma; - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -1009,7 +1008,6 @@ cpt_enc_hmac_prep(uint32_t flags, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -1036,10 +1034,8 @@ cpt_dec_hmac_prep(uint32_t flags, uint32_t encr_data_len, auth_data_len, aad_len = 0; uint32_t passthrough_len = 0; void *m_vaddr, *offset_vaddr; - uint64_t m_dma, offset_dma, ctx_dma; - opcode_info_t opcode; + uint64_t m_dma, offset_dma; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; void *c_vaddr; uint64_t c_dma; @@ -1067,9 +1063,6 @@ cpt_dec_hmac_prep(uint32_t flags, hash_type = cpt_ctx->hash_type; mac_len = cpt_ctx->mac_len; - if (hash_type == GMAC_TYPE) - encr_data_len = 0; - if (unlikely(!(flags & VALID_IV_BUF))) { iv_len = 0; iv_offset = ENCR_IV_OFFSET(d_offs); @@ -1123,8 +1116,15 @@ cpt_dec_hmac_prep(uint32_t flags, m_dma += size; /* Decryption */ - opcode.s.major = CPT_MAJOR_OP_FC; - opcode.s.minor = 1; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_FC; + vq_cmd_w0.s.opcode.minor = CPT_FC_MINOR_OP_DECRYPT; + vq_cmd_w0.s.opcode.minor |= (cpt_ctx->dec_auth << + CPT_HMAC_FIRST_BIT_POS); + + if (hash_type == GMAC_TYPE) { + encr_offset = 0; + encr_data_len = 0; + } enc_dlen = encr_offset + encr_data_len; auth_dlen = auth_offset + auth_data_len; @@ -1137,10 +1137,9 @@ cpt_dec_hmac_prep(uint32_t flags, outputlen = enc_dlen; } - if (hash_type == GMAC_TYPE) - encr_offset = inputlen; + if (cpt_ctx->dec_auth != 0) + outputlen = inputlen = enc_dlen; - vq_cmd_w0.u64 = 0; vq_cmd_w0.s.param1 = encr_data_len; vq_cmd_w0.s.param2 = auth_data_len; @@ -1177,8 +1176,6 @@ cpt_dec_hmac_prep(uint32_t flags, vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN; - vq_cmd_w0.s.opcode = opcode.flags; - if (likely(iv_len)) { uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr + OFF_CTRL_LEN); @@ -1208,9 +1205,7 @@ cpt_dec_hmac_prep(uint32_t flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - opcode.s.major |= CPT_DMA_MODE; - - vq_cmd_w0.s.opcode = opcode.flags; + vq_cmd_w0.s.opcode.major |= CPT_DMA_MODE; if (likely(iv_len)) { uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr + @@ -1381,13 +1376,6 @@ cpt_dec_hmac_prep(uint32_t flags, req->ist.ei2 = rptr_dma; } - ctx_dma = fc_params->ctx_buf.dma_addr + - offsetof(struct cpt_ctx, fctx); - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - vq_cmd_w3.s.grp = 0; - vq_cmd_w3.s.cptr = ctx_dma; - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -1395,7 +1383,6 @@ cpt_dec_hmac_prep(uint32_t flags, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -1426,8 +1413,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, uint64_t *offset_vaddr, offset_dma; uint32_t *iv_s, iv[4]; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; - opcode_info_t opcode; buf_p = ¶ms->meta_buf; m_vaddr = buf_p->vaddr; @@ -1461,11 +1446,11 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_ZUC_SNOW3G; /* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */ - opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | + vq_cmd_w0.s.opcode.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | (0 << 3) | (flags & 0x7)); if (flags == 0x1) { @@ -1528,7 +1513,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, /* * GP op header, lengths are expected in bits. */ - vq_cmd_w0.u64 = 0; vq_cmd_w0.s.param1 = encr_data_len; vq_cmd_w0.s.param2 = auth_data_len; @@ -1561,8 +1545,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN; - vq_cmd_w0.s.opcode = opcode.flags; - if (likely(iv_len)) { uint32_t *iv_d = (uint32_t *)((uint8_t *)offset_vaddr + OFF_CTRL_LEN); @@ -1585,9 +1567,7 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len; m_dma += OFF_CTRL_LEN + iv_len; - opcode.s.major |= CPT_DMA_MODE; - - vq_cmd_w0.s.opcode = opcode.flags; + vq_cmd_w0.s.opcode.major |= CPT_DMA_MODE; /* DPTR has SG list */ in_buffer = m_vaddr; @@ -1703,12 +1683,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, req->ist.ei2 = rptr_dma; } - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - vq_cmd_w3.s.grp = 0; - vq_cmd_w3.s.cptr = params->ctx_buf.dma_addr + - offsetof(struct cpt_ctx, zs_ctx); - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -1716,7 +1690,6 @@ cpt_zuc_snow3g_enc_prep(uint32_t req_flags, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -1746,8 +1719,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, uint64_t *offset_vaddr, offset_dma; uint32_t *iv_s, iv[4], j; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; - opcode_info_t opcode; buf_p = ¶ms->meta_buf; m_vaddr = buf_p->vaddr; @@ -1786,11 +1757,12 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - opcode.s.major = CPT_MAJOR_OP_ZUC_SNOW3G; + vq_cmd_w0.u64 = 0; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_ZUC_SNOW3G; /* indicates CPTR ctx, operation type, KEY & IV mode from DPTR */ - opcode.s.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | + vq_cmd_w0.s.opcode.minor = ((1 << 7) | (snow3g << 5) | (0 << 4) | (0 << 3) | (flags & 0x7)); /* consider iv len */ @@ -1819,7 +1791,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, /* * GP op header, lengths are expected in bits. */ - vq_cmd_w0.u64 = 0; vq_cmd_w0.s.param1 = encr_data_len; /* @@ -1851,8 +1822,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, vq_cmd_w0.s.dlen = inputlen + OFF_CTRL_LEN; - vq_cmd_w0.s.opcode = opcode.flags; - if (likely(iv_len)) { uint32_t *iv_d = (uint32_t *)((uint8_t *)offset_vaddr + OFF_CTRL_LEN); @@ -1876,9 +1845,7 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + OFF_CTRL_LEN + iv_len; m_dma += OFF_CTRL_LEN + iv_len; - opcode.s.major |= CPT_DMA_MODE; - - vq_cmd_w0.s.opcode = opcode.flags; + vq_cmd_w0.s.opcode.major |= CPT_DMA_MODE; /* DPTR has SG list */ in_buffer = m_vaddr; @@ -1967,12 +1934,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, req->ist.ei2 = rptr_dma; } - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - vq_cmd_w3.s.grp = 0; - vq_cmd_w3.s.cptr = params->ctx_buf.dma_addr + - offsetof(struct cpt_ctx, zs_ctx); - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -1980,7 +1941,6 @@ cpt_zuc_snow3g_dec_prep(uint32_t req_flags, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -2012,8 +1972,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, uint64_t m_dma, c_dma; uint64_t *offset_vaddr, offset_dma; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; - opcode_info_t opcode; uint8_t *in_buffer; uint32_t g_size_bytes, s_size_bytes; uint64_t dptr_dma, rptr_dma; @@ -2063,19 +2021,17 @@ cpt_kasumi_enc_prep(uint32_t req_flags, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - opcode.s.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE; /* indicates ECB/CBC, direction, ctx from cptr, iv from dptr */ - opcode.s.minor = ((1 << 6) | (cpt_ctx->k_ecb << 5) | + vq_cmd_w0.s.opcode.minor = ((1 << 6) | (cpt_ctx->k_ecb << 5) | (dir << 4) | (0 << 3) | (flags & 0x7)); /* * GP op header, lengths are expected in bits. */ - vq_cmd_w0.u64 = 0; vq_cmd_w0.s.param1 = encr_data_len; vq_cmd_w0.s.param2 = auth_data_len; - vq_cmd_w0.s.opcode = opcode.flags; /* consider iv len */ if (flags == 0x0) { @@ -2214,12 +2170,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, req->ist.ei1 = dptr_dma; req->ist.ei2 = rptr_dma; - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - vq_cmd_w3.s.grp = 0; - vq_cmd_w3.s.cptr = params->ctx_buf.dma_addr + - offsetof(struct cpt_ctx, k_ctx); - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -2227,7 +2177,6 @@ cpt_kasumi_enc_prep(uint32_t req_flags, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -2256,8 +2205,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, uint64_t m_dma, c_dma; uint64_t *offset_vaddr, offset_dma; vq_cmd_word0_t vq_cmd_w0; - vq_cmd_word3_t vq_cmd_w3; - opcode_info_t opcode; uint8_t *in_buffer; uint32_t g_size_bytes, s_size_bytes; uint64_t dptr_dma, rptr_dma; @@ -2296,18 +2243,17 @@ cpt_kasumi_dec_prep(uint64_t d_offs, m_vaddr = (uint8_t *)m_vaddr + size; m_dma += size; - opcode.s.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE; + vq_cmd_w0.u64 = 0; + vq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_KASUMI | CPT_DMA_MODE; /* indicates ECB/CBC, direction, ctx from cptr, iv from dptr */ - opcode.s.minor = ((1 << 6) | (cpt_ctx->k_ecb << 5) | + vq_cmd_w0.s.opcode.minor = ((1 << 6) | (cpt_ctx->k_ecb << 5) | (dir << 4) | (0 << 3) | (flags & 0x7)); /* * GP op header, lengths are expected in bits. */ - vq_cmd_w0.u64 = 0; vq_cmd_w0.s.param1 = encr_data_len; - vq_cmd_w0.s.opcode = opcode.flags; /* consider iv len */ encr_offset += iv_len; @@ -2404,12 +2350,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, req->ist.ei1 = dptr_dma; req->ist.ei2 = rptr_dma; - /* vq command w3 */ - vq_cmd_w3.u64 = 0; - vq_cmd_w3.s.grp = 0; - vq_cmd_w3.s.cptr = params->ctx_buf.dma_addr + - offsetof(struct cpt_ctx, k_ctx); - /* 16 byte aligned cpt res address */ req->completion_addr = (uint64_t *)((uint8_t *)c_vaddr); *req->completion_addr = COMPLETION_CODE_INIT; @@ -2417,7 +2357,6 @@ cpt_kasumi_dec_prep(uint64_t d_offs, /* Fill microcode part of instruction */ req->ist.ei0 = vq_cmd_w0.u64; - req->ist.ei3 = vq_cmd_w3.u64; req->op = op; @@ -2457,7 +2396,7 @@ cpt_fc_dec_hmac_prep(uint32_t flags, return prep_req; } -static __rte_always_inline void *__hot +static __rte_always_inline void *__rte_hot cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, fc_params_t *fc_params, void *op) { @@ -2485,11 +2424,12 @@ cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, } static __rte_always_inline int -cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key, - uint16_t key_len, uint16_t mac_len) +cpt_fc_auth_set_key(struct cpt_ctx *cpt_ctx, auth_type_t type, + const uint8_t *key, uint16_t key_len, uint16_t mac_len) { - struct cpt_ctx *cpt_ctx = ctx; - mc_fc_context_t *fctx = &cpt_ctx->fctx; + mc_fc_context_t *fctx = &cpt_ctx->mc_ctx.fctx; + mc_zuc_snow3g_ctx_t *zs_ctx = &cpt_ctx->mc_ctx.zs_ctx; + mc_kasumi_ctx_t *k_ctx = &cpt_ctx->mc_ctx.k_ctx; if ((type >= ZUC_EIA3) && (type <= KASUMI_F9_ECB)) { uint32_t keyx[4]; @@ -2504,26 +2444,26 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key, case SNOW3G_UIA2: cpt_ctx->snow3g = 1; gen_key_snow3g(key, keyx); - memcpy(cpt_ctx->zs_ctx.ci_key, keyx, key_len); + memcpy(zs_ctx->ci_key, keyx, key_len); cpt_ctx->fc_type = ZUC_SNOW3G; cpt_ctx->zsk_flags = 0x1; break; case ZUC_EIA3: cpt_ctx->snow3g = 0; - memcpy(cpt_ctx->zs_ctx.ci_key, key, key_len); - memcpy(cpt_ctx->zs_ctx.zuc_const, zuc_d, 32); + memcpy(zs_ctx->ci_key, key, key_len); + memcpy(zs_ctx->zuc_const, zuc_d, 32); cpt_ctx->fc_type = ZUC_SNOW3G; cpt_ctx->zsk_flags = 0x1; break; case KASUMI_F9_ECB: /* Kasumi ECB mode */ cpt_ctx->k_ecb = 1; - memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); + memcpy(k_ctx->ci_key, key, key_len); cpt_ctx->fc_type = KASUMI; cpt_ctx->zsk_flags = 0x1; break; case KASUMI_F9_CBC: - memcpy(cpt_ctx->k_ctx.ci_key, key, key_len); + memcpy(k_ctx->ci_key, key, key_len); cpt_ctx->fc_type = KASUMI; cpt_ctx->zsk_flags = 0x1; break; @@ -2577,16 +2517,14 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, aead_form = &xform->aead; void *ctx = SESS_PRIV(sess); - if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT && - aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) { + if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT) { sess->cpt_op |= CPT_OP_CIPHER_ENCRYPT; sess->cpt_op |= CPT_OP_AUTH_GENERATE; - } else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT && - aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) { + } else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT) { sess->cpt_op |= CPT_OP_CIPHER_DECRYPT; sess->cpt_op |= CPT_OP_AUTH_VERIFY; } else { - CPT_LOG_DP_ERR("Unknown cipher operation\n"); + CPT_LOG_DP_ERR("Unknown aead operation\n"); return -1; } switch (aead_form->algo) { @@ -2599,6 +2537,12 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, CPT_LOG_DP_ERR("Crypto: Unsupported cipher algo %u", aead_form->algo); return -1; + case RTE_CRYPTO_AEAD_CHACHA20_POLY1305: + enc_type = CHACHA20; + auth_type = POLY1305; + cipher_key_len = 32; + sess->chacha_poly = 1; + break; default: CPT_LOG_DP_ERR("Crypto: Undefined cipher algo %u specified", aead_form->algo); @@ -2632,6 +2576,7 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct cpt_sess_misc *sess) { struct rte_crypto_cipher_xform *c_form; + struct cpt_ctx *ctx = SESS_PRIV(sess); cipher_type_t enc_type = 0; /* NULL Cipher type */ uint32_t cipher_key_len = 0; uint8_t zsk_flag = 0, aes_ctr = 0, is_null = 0; @@ -2640,9 +2585,14 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, if (c_form->op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) sess->cpt_op |= CPT_OP_CIPHER_ENCRYPT; - else if (c_form->op == RTE_CRYPTO_CIPHER_OP_DECRYPT) + else if (c_form->op == RTE_CRYPTO_CIPHER_OP_DECRYPT) { sess->cpt_op |= CPT_OP_CIPHER_DECRYPT; - else { + if (xform->next != NULL && + xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) { + /* Perform decryption followed by auth verify */ + ctx->dec_auth = 1; + } + } else { CPT_LOG_DP_ERR("Unknown cipher operation\n"); return -1; } @@ -2733,10 +2683,18 @@ static __rte_always_inline int fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cpt_sess_misc *sess) { + struct cpt_ctx *ctx = SESS_PRIV(sess); struct rte_crypto_auth_xform *a_form; auth_type_t auth_type = 0; /* NULL Auth type */ uint8_t zsk_flag = 0, aes_gcm = 0, is_null = 0; + if (xform->next != NULL && + xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER && + xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) { + /* Perform auth followed by encryption */ + ctx->auth_enc = 1; + } + a_form = &xform->auth; if (a_form->op == RTE_CRYPTO_AUTH_OP_VERIFY) @@ -2892,7 +2850,7 @@ alloc_op_meta(struct rte_mbuf *m_src, tailroom = rte_pktmbuf_tailroom(m_src); if (likely(tailroom > len + 8)) { mdata = (uint8_t *)m_src->buf_addr + m_src->buf_len; - mphys = m_src->buf_physaddr + m_src->buf_len; + mphys = m_src->buf_iova + m_src->buf_len; mdata -= len; mphys -= len; buf->vaddr = mdata; @@ -2948,7 +2906,7 @@ prepare_iov_from_pkt(struct rte_mbuf *pkt, if (!start_offset) { seg_data = rte_pktmbuf_mtod(pkt, void *); - seg_phys = rte_pktmbuf_mtophys(pkt); + seg_phys = rte_pktmbuf_iova(pkt); seg_size = pkt->data_len; } else { while (start_offset >= pkt->data_len) { @@ -2957,7 +2915,7 @@ prepare_iov_from_pkt(struct rte_mbuf *pkt, } seg_data = rte_pktmbuf_mtod_offset(pkt, void *, start_offset); - seg_phys = rte_pktmbuf_mtophys_offset(pkt, start_offset); + seg_phys = rte_pktmbuf_iova_offset(pkt, start_offset); seg_size = pkt->data_len - start_offset; if (!seg_size) return 1; @@ -2972,7 +2930,7 @@ prepare_iov_from_pkt(struct rte_mbuf *pkt, while (unlikely(pkt != NULL)) { seg_data = rte_pktmbuf_mtod(pkt, void *); - seg_phys = rte_pktmbuf_mtophys(pkt); + seg_phys = rte_pktmbuf_iova(pkt); seg_size = pkt->data_len; if (!seg_size) break; @@ -3002,7 +2960,7 @@ prepare_iov_from_pkt_inplace(struct rte_mbuf *pkt, iov_ptr_t *iovec; seg_data = rte_pktmbuf_mtod(pkt, void *); - seg_phys = rte_pktmbuf_mtophys(pkt); + seg_phys = rte_pktmbuf_iova(pkt); seg_size = pkt->data_len; /* first seg */ @@ -3031,7 +2989,7 @@ prepare_iov_from_pkt_inplace(struct rte_mbuf *pkt, while (unlikely(pkt != NULL)) { seg_data = rte_pktmbuf_mtod(pkt, void *); - seg_phys = rte_pktmbuf_mtophys(pkt); + seg_phys = rte_pktmbuf_iova(pkt); seg_size = pkt->data_len; if (!seg_size) @@ -3059,6 +3017,7 @@ fill_fc_params(struct rte_crypto_op *cop, { uint32_t space = 0; struct rte_crypto_sym_op *sym_op = cop->sym; + struct cpt_ctx *ctx = SESS_PRIV(sess_misc); void *mdata = NULL; uintptr_t *op; uint32_t mc_hash_off; @@ -3101,7 +3060,7 @@ fill_fc_params(struct rte_crypto_op *cop, m_src = sym_op->m_src; m_dst = sym_op->m_dst; - if (sess_misc->aes_gcm) { + if (sess_misc->aes_gcm || sess_misc->chacha_poly) { uint8_t *salt; uint8_t *aad_data; uint16_t aad_len; @@ -3186,9 +3145,10 @@ fill_fc_params(struct rte_crypto_op *cop, m = m_src; /* hmac immediately following data is best case */ - if (unlikely(rte_pktmbuf_mtod(m, uint8_t *) + + if (!ctx->dec_auth && !ctx->auth_enc && + (unlikely(rte_pktmbuf_mtod(m, uint8_t *) + mc_hash_off != - (uint8_t *)sym_op->auth.digest.data)) { + (uint8_t *)sym_op->auth.digest.data))) { flags |= VALID_MAC_BUF; fc_params.mac_buf.size = sess_misc->mac_len; @@ -3203,7 +3163,9 @@ fill_fc_params(struct rte_crypto_op *cop, fc_params.ctx_buf.vaddr = SESS_PRIV(sess_misc); fc_params.ctx_buf.dma_addr = sess_misc->ctx_dma_addr; - if (unlikely(sess_misc->is_null || sess_misc->cpt_op == CPT_OP_DECODE)) + if (!ctx->dec_auth && + unlikely(sess_misc->is_null || + sess_misc->cpt_op == CPT_OP_DECODE)) inplace = 0; if (likely(!m_dst && inplace)) { @@ -3335,49 +3297,6 @@ compl_auth_verify(struct rte_crypto_op *op, op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; } -static __rte_always_inline int -instance_session_cfg(struct rte_crypto_sym_xform *xform, void *sess) -{ - struct rte_crypto_sym_xform *chain; - - CPT_PMD_INIT_FUNC_TRACE(); - - if (cpt_is_algo_supported(xform)) - goto err; - - chain = xform; - while (chain) { - switch (chain->type) { - case RTE_CRYPTO_SYM_XFORM_AEAD: - if (fill_sess_aead(chain, sess)) - goto err; - break; - case RTE_CRYPTO_SYM_XFORM_CIPHER: - if (fill_sess_cipher(chain, sess)) - goto err; - break; - case RTE_CRYPTO_SYM_XFORM_AUTH: - if (chain->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) { - if (fill_sess_gmac(chain, sess)) - goto err; - } else { - if (fill_sess_auth(chain, sess)) - goto err; - } - break; - default: - CPT_LOG_DP_ERR("Invalid crypto xform type"); - break; - } - chain = chain->next; - } - - return 0; - -err: - return -1; -} - static __rte_always_inline void find_kasumif9_direction_and_length(uint8_t *src, uint32_t counter_num_bytes, @@ -3536,7 +3455,7 @@ fill_digest_params(struct rte_crypto_op *cop, params.mac_buf.vaddr = rte_pktmbuf_mtod_offset(m_dst, void *, off); params.mac_buf.dma_addr = - rte_pktmbuf_mtophys_offset(m_dst, off); + rte_pktmbuf_iova_offset(m_dst, off); params.mac_buf.size = mac_len; } } else {