X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcrypto%2Fdpaa_sec%2Fdpaa_sec.c;h=e0b307cecd2cd4cbf98f6e7d4dbc05c280d2c162;hb=39b88344e36426bea97cb131fb8ff5b4348e4676;hp=5bbeaf971bd6a803bf755702f38556f0a4c402b2;hpb=247b69083e1f531ffb7f22dbbbc9c4febbbbc8e7;p=dpdk.git diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index 5bbeaf971b..e0b307cecd 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -478,7 +478,6 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) shared_desc_len = cnstr_shdsc_blkcipher( cdb->sh_desc, true, swap, SHR_NEVER, &alginfo_c, - NULL, ses->iv.length, ses->dir); break; @@ -2303,7 +2302,7 @@ dpaa_sec_attach_rxq(struct dpaa_sec_dev_private *qi) { unsigned int i; - for (i = 0; i < qi->max_nb_sessions * MAX_DPAA_CORES; i++) { + for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) { if (qi->inq_attach[i] == 0) { qi->inq_attach[i] = 1; return &qi->inq[i]; @@ -2319,9 +2318,10 @@ dpaa_sec_detach_rxq(struct dpaa_sec_dev_private *qi, struct qman_fq *fq) { unsigned int i; - for (i = 0; i < qi->max_nb_sessions; i++) { + for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) { if (&qi->inq[i] == fq) { - qman_retire_fq(fq, NULL); + if (qman_retire_fq(fq, NULL) != 0) + DPAA_SEC_WARN("Queue is not retired\n"); qman_oos_fq(fq); qi->inq_attach[i] = 0; return 0; @@ -2581,6 +2581,7 @@ dpaa_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform, static int dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform, struct rte_crypto_auth_xform *auth_xform, + struct rte_security_ipsec_xform *ipsec_xform, dpaa_sec_session *session) { if (cipher_xform) { @@ -2688,6 +2689,13 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform, case RTE_CRYPTO_CIPHER_AES_CTR: session->cipher_key.alg = OP_PCL_IPSEC_AES_CTR; session->cipher_key.algmode = OP_ALG_AAI_CTR; + if (session->dir == DIR_ENC) { + session->encap_pdb.ctr.ctr_initial = 0x00000001; + session->encap_pdb.ctr.ctr_nonce = ipsec_xform->salt; + } else { + session->decap_pdb.ctr.ctr_initial = 0x00000001; + session->decap_pdb.ctr.ctr_nonce = ipsec_xform->salt; + } break; case RTE_CRYPTO_CIPHER_NULL: session->cipher_key.alg = OP_PCL_IPSEC_NULL; @@ -2739,13 +2747,13 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev, if (conf->crypto_xform->next) auth_xform = &conf->crypto_xform->next->auth; ret = dpaa_sec_ipsec_proto_init(cipher_xform, auth_xform, - session); + ipsec_xform, session); } else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) { auth_xform = &conf->crypto_xform->auth; if (conf->crypto_xform->next) cipher_xform = &conf->crypto_xform->next->cipher; ret = dpaa_sec_ipsec_proto_init(cipher_xform, auth_xform, - session); + ipsec_xform, session); } else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) { aead_xform = &conf->crypto_xform->aead; ret = dpaa_sec_ipsec_aead_init(aead_xform, @@ -2826,6 +2834,27 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev, sizeof(struct rte_ipv6_hdr) << 16; if (ipsec_xform->options.esn) session->decap_pdb.options |= PDBOPTS_ESP_ESN; + if (ipsec_xform->replay_win_sz) { + uint32_t win_sz; + win_sz = rte_align32pow2(ipsec_xform->replay_win_sz); + + switch (win_sz) { + case 1: + case 2: + case 4: + case 8: + case 16: + case 32: + session->decap_pdb.options |= PDBOPTS_ESP_ARS32; + break; + case 64: + session->decap_pdb.options |= PDBOPTS_ESP_ARS64; + break; + default: + session->decap_pdb.options |= + PDBOPTS_ESP_ARS128; + } + } } else goto out; rte_spinlock_lock(&internals->lock); @@ -3398,7 +3427,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev) flags = QMAN_FQ_FLAG_LOCKED | QMAN_FQ_FLAG_DYNAMIC_FQID | QMAN_FQ_FLAG_TO_DCPORTAL; - for (i = 0; i < MAX_DPAA_CORES * internals->max_nb_sessions; i++) { + for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) { /* create rx qman fq for sessions*/ ret = qman_create_fq(0, flags, &internals->inq[i]); if (unlikely(ret != 0)) {