crypto/octeontx2: support ChaCha20-Poly1305

Add ChaCha20-Poly1305 AEAD algorithm support in crypto_octeontx2 PMD

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>

diff --git a/doc/guides/cryptodevs/features/octeontx2.ini b/doc/guides/cryptodevs/features/octeontx2.ini
index e9ce26c..e865466 100644 (file)
--- a/doc/guides/cryptodevs/features/octeontx2.ini
+++ b/doc/guides/cryptodevs/features/octeontx2.ini
@@ -60,9 +60,10 @@ ZUC EIA3     = Y
 ; Supported AEAD algorithms of 'octeontx2' crypto driver.
 ;
 [AEAD]
-AES GCM (128) = Y
-AES GCM (192) = Y
-AES GCM (256) = Y
+AES GCM (128)     = Y
+AES GCM (192)     = Y
+AES GCM (256)     = Y
+CHACHA20-POLY1305 = Y
 
 ;
 ; Supported Asymmetric algorithms of the 'octeontx2' crypto driver.

diff --git a/doc/guides/cryptodevs/octeontx2.rst b/doc/guides/cryptodevs/octeontx2.rst
index 8bdb83f..085d669 100644 (file)
--- a/doc/guides/cryptodevs/octeontx2.rst
+++ b/doc/guides/cryptodevs/octeontx2.rst
@@ -55,6 +55,7 @@ Hash algorithms:
 AEAD algorithms:
 
 * ``RTE_CRYPTO_AEAD_AES_GCM``
+* ``RTE_CRYPTO_AEAD_CHACHA20_POLY1305``
 
 Asymmetric Crypto Algorithms
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

diff --git a/doc/guides/rel_notes/release_20_08.rst b/doc/guides/rel_notes/release_20_08.rst
index ea87fe0..d03d45b 100644 (file)
--- a/doc/guides/rel_notes/release_20_08.rst
+++ b/doc/guides/rel_notes/release_20_08.rst
@@ -131,6 +131,10 @@ New Features
   * Added support for lookaside protocol offload for DOCSIS through the
     ``rte_security`` API.
 
+* **Updated the OCTEON TX2 crypto PMD.**
+
+  Added Chacha20-Poly1305 AEAD algorithm support in OCTEON TX2 crypto PMD.
+
 * **Added support for BPF_ABS/BPF_IND load instructions.**
 
   Added support for two BPF non-generic instructions:

diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index 69d831b..fd306ab 100644 (file)
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -106,7 +106,7 @@ typedef enum {
        SHA2_SHA384     = 5,
        SHA2_SHA512     = 6,
        GMAC_TYPE       = 7,
-       XCBC_TYPE       = 8,
+       POLY1305        = 8,
        SHA3_SHA224     = 10,
        SHA3_SHA256     = 11,
        SHA3_SHA384     = 12,
@@ -136,6 +136,7 @@ typedef enum {
        AES_CTR     = 0x6,
        AES_GCM     = 0x7,
        AES_XTS     = 0x8,
+       CHACHA20    = 0x9,
 
        /* These are only for software use */
        ZUC_EEA3        = 0x90,
@@ -241,6 +242,8 @@ struct cpt_sess_misc {
        uint16_t aes_gcm:1;
        /** Flag for AES CTR */
        uint16_t aes_ctr:1;
+       /** Flag for CHACHA POLY */
+       uint16_t chacha_poly:1;
        /** Flag for NULL cipher/auth */
        uint16_t is_null:1;
        /** Flag for GMAC */

diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index ab595eb..44067cf 100644 (file)
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -77,6 +77,9 @@ cpt_fc_ciph_set_type(cipher_type_t type, struct cpt_ctx *ctx, uint16_t key_len)
                        return -1;
                fc_type = FC_GEN;
                break;
+       case CHACHA20:
+               fc_type = FC_GEN;
+               break;
        case AES_XTS:
                key_len = key_len / 2;
                if (unlikely(key_len == CPT_BYTE_24)) {
@@ -229,6 +232,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key,
        case AES_ECB:
        case AES_CFB:
        case AES_CTR:
+       case CHACHA20:
                cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len);
                break;
        case AES_GCM:
@@ -2539,16 +2543,14 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
        aead_form = &xform->aead;
        void *ctx = SESS_PRIV(sess);
 
-       if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT &&
-          aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) {
+       if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
                sess->cpt_op |= CPT_OP_CIPHER_ENCRYPT;
                sess->cpt_op |= CPT_OP_AUTH_GENERATE;
-       } else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT &&
-               aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) {
+       } else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT) {
                sess->cpt_op |= CPT_OP_CIPHER_DECRYPT;
                sess->cpt_op |= CPT_OP_AUTH_VERIFY;
        } else {
-               CPT_LOG_DP_ERR("Unknown cipher operation\n");
+               CPT_LOG_DP_ERR("Unknown aead operation\n");
                return -1;
        }
        switch (aead_form->algo) {
@@ -2561,6 +2563,12 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
                CPT_LOG_DP_ERR("Crypto: Unsupported cipher algo %u",
                               aead_form->algo);
                return -1;
+       case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+               enc_type = CHACHA20;
+               auth_type = POLY1305;
+               cipher_key_len = 32;
+               sess->chacha_poly = 1;
+               break;
        default:
                CPT_LOG_DP_ERR("Crypto: Undefined cipher algo %u specified",
                               aead_form->algo);
@@ -3063,7 +3071,7 @@ fill_fc_params(struct rte_crypto_op *cop,
        m_src = sym_op->m_src;
        m_dst = sym_op->m_dst;
 
-       if (sess_misc->aes_gcm) {
+       if (sess_misc->aes_gcm || sess_misc->chacha_poly) {
                uint8_t *salt;
                uint8_t *aad_data;
                uint16_t aad_len;

diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
index 9e18c4e..f6f4dee 100644 (file)
--- a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
@@ -328,6 +328,39 @@ static const struct rte_cryptodev_capabilities caps_sha1_sha2[] = {
        },
 };
 
+static const struct rte_cryptodev_capabilities caps_chacha20[] = {
+       {       /* Chacha20-Poly1305 */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+                       {.aead = {
+                               .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+                               .block_size = 64,
+                               .key_size = {
+                                       .min = 32,
+                                       .max = 32,
+                                       .increment = 0
+                               },
+                               .digest_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               },
+                               .aad_size = {
+                                       .min = 0,
+                                       .max = 1024,
+                                       .increment = 1
+                               },
+                               .iv_size = {
+                                       .min = 12,
+                                       .max = 12,
+                                       .increment = 0
+                               },
+                       }, }
+               }, }
+       }
+};
+
 static const struct rte_cryptodev_capabilities caps_zuc_snow3g[] = {
        {       /* SNOW 3G (UEA2) */
                .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -710,6 +743,7 @@ otx2_cpt_capabilities_get(union cpt_eng_caps *hw_caps)
 
        CPT_CAPS_ADD(hw_caps, mul);
        CPT_CAPS_ADD(hw_caps, sha1_sha2);
+       CPT_CAPS_ADD(hw_caps, chacha20);
        CPT_CAPS_ADD(hw_caps, zuc_snow3g);
        CPT_CAPS_ADD(hw_caps, aes);
        CPT_CAPS_ADD(hw_caps, kasumi);

diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 62a3e7c..a370368 100644 (file)
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -398,9 +398,10 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 
        /*
         * IE engines support IPsec operations
-        * SE engines support IPsec operations and Air-Crypto operations
+        * SE engines support IPsec operations, Chacha-Poly and
+        * Air-Crypto operations
         */
-       if (misc->zsk_flag)
+       if (misc->zsk_flag || misc->chacha_poly)
                misc->egrp = OTX2_CPT_EGRP_SE;
        else
                misc->egrp = OTX2_CPT_EGRP_SE_IE;