X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcrypto%2Fdpaa2_sec%2Fdpaa2_sec_priv.h;h=05bd7c0736c110224f3a67daef4728219318b45a;hb=90a2ec4ae81f2ef52f7c14bfc9307e75a4127fa4;hp=310ef6a5b83a0259c58ab765956519b7a1344223;hpb=a054c627a1584200d400784b1f5bc36780fa58fe;p=dpdk.git diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h index 310ef6a5b8..05bd7c0736 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h @@ -1,20 +1,30 @@ /* SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved. - * Copyright 2016,2020 NXP + * Copyright 2016,2020-2021 NXP * */ #ifndef _DPAA2_SEC_PMD_PRIVATE_H_ #define _DPAA2_SEC_PMD_PRIVATE_H_ -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY #include #endif #define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec /**< NXP DPAA2 - SEC PMD device name */ +extern uint8_t cryptodev_driver_id; + +/* FLE_POOL_NUM_BUFS is set as per the ipsec-secgw application */ +#define FLE_POOL_NUM_BUFS 32000 +#define FLE_POOL_BUF_SIZE 256 +#define FLE_POOL_CACHE_SIZE 512 +#define FLE_SG_MEM_SIZE(num) (FLE_POOL_BUF_SIZE + ((num) * 32)) +#define SEC_FLC_DHR_OUTBOUND -114 +#define SEC_FLC_DHR_INBOUND 0 + #define MAX_QUEUES 64 #define MAX_DESC_SIZE 64 /** private data structure for each DPAA2_SEC device */ @@ -141,7 +151,7 @@ struct dpaa2_sec_aead_ctxt { uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */ }; -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY /* * The structure is to be filled by user for PDCP Protocol */ @@ -158,6 +168,25 @@ struct dpaa2_pdcp_ctxt { uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ }; #endif + +typedef int (*dpaa2_sec_build_fd_t)( + void *qp, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec, + uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs, + struct rte_crypto_va_iova_ptr *iv, + struct rte_crypto_va_iova_ptr *digest, + struct rte_crypto_va_iova_ptr *aad_or_auth_iv, + void *user_data); + +typedef int (*dpaa2_sec_build_raw_dp_fd_t)(uint8_t *drv_ctx, + struct rte_crypto_sgl *sgl, + struct rte_crypto_sgl *dest_sgl, + struct rte_crypto_va_iova_ptr *iv, + struct rte_crypto_va_iova_ptr *digest, + struct rte_crypto_va_iova_ptr *auth_iv, + union rte_crypto_sym_ofs ofs, + void *userdata, + struct qbman_fd *fd); + typedef struct dpaa2_sec_session_entry { void *ctxt; uint8_t ctxt_type; @@ -165,6 +194,8 @@ typedef struct dpaa2_sec_session_entry { enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/ enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/ enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/ + dpaa2_sec_build_fd_t build_fd; + dpaa2_sec_build_raw_dp_fd_t build_raw_dp_fd; union { struct { uint8_t *data; /**< pointer to key data */ @@ -193,7 +224,7 @@ typedef struct dpaa2_sec_session_entry { struct dpaa2_sec_aead_ctxt aead_ctxt; } ext_params; }; -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY struct dpaa2_pdcp_ctxt pdcp; #endif }; @@ -201,27 +232,6 @@ typedef struct dpaa2_sec_session_entry { static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = { /* Symmetric capabilities */ - { /* NULL (AUTH) */ - .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, - {.sym = { - .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, - {.auth = { - .algo = RTE_CRYPTO_AUTH_NULL, - .block_size = 1, - .key_size = { - .min = 0, - .max = 0, - .increment = 0 - }, - .digest_size = { - .min = 0, - .max = 0, - .increment = 0 - }, - .iv_size = { 0 } - }, }, - }, }, - }, { /* MD5 */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -504,24 +514,47 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = { }, } }, } }, - { /* NULL (CIPHER) */ + { /* AES XCBC HMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { - .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, - {.cipher = { - .algo = RTE_CRYPTO_CIPHER_NULL, - .block_size = 1, + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC, + .block_size = 16, .key_size = { - .min = 0, - .max = 0, - .increment = 0 + .min = 1, + .max = 16, + .increment = 1 }, - .iv_size = { - .min = 0, - .max = 0, - .increment = 0 - } - }, }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + .aad_size = { 0 }, + .iv_size = { 0 } + }, } + }, } + }, + { /* AES CMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_CMAC, + .block_size = 16, + .key_size = { + .min = 1, + .max = 16, + .increment = 1 + }, + .digest_size = { + .min = 4, + .max = 16, + .increment = 4 + }, + .aad_size = { 0 } + }, } }, } }, { /* AES CBC */ @@ -697,7 +730,7 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = { { /* SNOW 3G (UIA2) */ @@ -898,6 +931,15 @@ static const struct rte_security_capability dpaa2_sec_security_cap[] = { }, .crypto_capabilities = dpaa2_pdcp_capabilities }, + { /* PDCP Lookaside Protocol offload Short MAC */ + .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_PDCP, + .pdcp = { + .domain = RTE_SECURITY_PDCP_MODE_SHORT_MAC, + .capa_flags = 0 + }, + .crypto_capabilities = dpaa2_pdcp_capabilities + }, { .action = RTE_SECURITY_ACTION_TYPE_NONE } @@ -931,4 +973,14 @@ calc_chksum(void *buffer, int len) return result; } +int +dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id, + struct rte_crypto_raw_dp_ctx *raw_dp_ctx, + enum rte_crypto_op_sess_type sess_type, + union rte_cryptodev_session_ctx session_ctx, uint8_t is_update); + +int +dpaa2_sec_get_dp_ctx_size(struct rte_cryptodev *dev); + + #endif /* _DPAA2_SEC_PMD_PRIVATE_H_ */