From patchwork Wed Jan 9 15:13:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 155070 Delivered-To: patch@linaro.org Received: by 2002:a02:48:0:0:0:0:0 with SMTP id 69csp818189jaa; Wed, 9 Jan 2019 07:13:21 -0800 (PST) X-Google-Smtp-Source: ALg8bN5hEHd710Zb85WtGEiT6jjQ1fA/1KxysSL+xGTbGdvcwJXWQIB+VaOFTCtiJZu8G5XanmW2 X-Received: by 2002:adf:9123:: with SMTP id j32mr5792456wrj.122.1547046801757; Wed, 09 Jan 2019 07:13:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547046801; cv=none; d=google.com; s=arc-20160816; b=se++3i6qvGapNdGGewnWawroF52gxAqWznEQTmcq9tf2RT4ceodQF+UPODH7zhAlHQ kp1xj+i2+lNzojALnWh1FS4jY+tthziEzBwHk4JcL7RQ7hASg6VK0ldqVvmTU/ySnbqJ OoKOBlrSC/9scseoFuqCNuerbGi/fLULzidWCVbJnto88srC76nRzzpswh+VAvDGfDTo OcL/KtLtvH41IeUhm5munwsRmUKKlfjZ8JOqOK/S7WUo0fjzL3NPe1Ebrf8KcP0PsN5Y xJy5KXqIxHTN38tvZ6yWc2lrVkXcuzJ+7pvlK0a+clpXWfkbSW+LEPqEJixV1duC/E0l 6FHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:mime-version :content-transfer-encoding:spamdiagnosticmetadata :spamdiagnosticoutput:content-language:accept-language:message-id :date:thread-index:thread-topic:cc:to:from:dkim-signature; bh=pBAMArT5Av9oBFnokpPTeP6jL3k9pEJUTlD6/ubsw3c=; b=UBWs/bfXR4/qj4gBFcRp1eFY5E9cNcAQt8/V8IcneQfeejG5rb3Wo8X59nsmjGbATx HqHGX+VANfM24g8HlTUAAmtt3BbYn8e5fV6iPtB6BFuIhTDr80aa8+tzIOFs9koUTSbK kT4I1vt2mM1KDXIQB3aZdcZj1IvhMTibPFnqm+wPtptG8GIfWL1n7DMIZ4dt4VP1YQs9 fIbBytgEOTVQj5/5EngqwD8i3R6p5Sz7s5xpSuyj7+6w4ZnyS6NwaY3I2Rt9KOrO1NCH N2d1FtXzdaYWn0IfLoVt/9OQ+AQw8zOiuMas36D3TXU7Hi5GN+vwVH1+/A7GVMurjmzH aUsQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@nxp.com header.s=selector1 header.b=V+Lxi4hH; spf=pass (google.com: domain of dev-bounces@dpdk.org designates 92.243.14.124 as permitted sender) smtp.mailfrom=dev-bounces@dpdk.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com Return-Path: Received: from dpdk.org (dpdk.org. [92.243.14.124]) by mx.google.com with ESMTP id q17si39451295wrs.3.2019.01.09.07.13.21; Wed, 09 Jan 2019 07:13:21 -0800 (PST) Received-SPF: pass (google.com: domain of dev-bounces@dpdk.org designates 92.243.14.124 as permitted sender) client-ip=92.243.14.124; Authentication-Results: mx.google.com; dkim=fail header.i=@nxp.com header.s=selector1 header.b=V+Lxi4hH; spf=pass (google.com: domain of dev-bounces@dpdk.org designates 92.243.14.124 as permitted sender) smtp.mailfrom=dev-bounces@dpdk.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E5D6E1B4BE; Wed, 9 Jan 2019 16:13:20 +0100 (CET) Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20060.outbound.protection.outlook.com [40.107.2.60]) by dpdk.org (Postfix) with ESMTP id 034921B48C for ; Wed, 9 Jan 2019 16:13:20 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pBAMArT5Av9oBFnokpPTeP6jL3k9pEJUTlD6/ubsw3c=; b=V+Lxi4hHgAv8l6mIO6K0VNJNXOt7CCD0/3MItiT+GxTB0eNnH11VGa55bsY7nPkyQmVbHG6ET2+0O6uVdQt2dsO04ieWSQLwIAXWIsPOV/HGPHG0iSKr/tlR/WL2IWyOzkpDOVdxSSgSnh8EgkpAO0xEHOp4vsnWYJhCWSpZVQI= Received: from VI1PR04MB4893.eurprd04.prod.outlook.com (20.177.49.154) by VI1PR04MB5056.eurprd04.prod.outlook.com (20.177.50.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1495.6; Wed, 9 Jan 2019 15:13:16 +0000 Received: from VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::1c70:8924:814d:d1a]) by VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::1c70:8924:814d:d1a%3]) with mapi id 15.20.1516.010; Wed, 9 Jan 2019 15:13:16 +0000 From: Akhil Goyal To: "dev@dpdk.org" CC: Hemant Agrawal , "pablo.de.lara.guarch@intel.com" Thread-Topic: [PATCH] crypto/dpaa_sec: support PDCP offload Thread-Index: AQHUqC3YQ+ptc2y9h0+Fi3+AEN+TBQ== Date: Wed, 9 Jan 2019 15:13:16 +0000 Message-ID: <20190109150612.20803-1-akhil.goyal@nxp.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BM1PR01CA0126.INDPRD01.PROD.OUTLOOK.COM (2603:1096:b00:40::20) To VI1PR04MB4893.eurprd04.prod.outlook.com (2603:10a6:803:56::26) authentication-results: spf=none (sender IP is ) smtp.mailfrom=akhil.goyal@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [14.143.30.134] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; VI1PR04MB5056; 6:qty6G35XWZqe5fwtvrckXrxOy4HUJIcqslGaTCOODD6BPllK/zD8hhMFp+uLfwDVw7pqXZsEAiq6jCeS59/+9iW58d71T0/QrJC6VhoPwGcoWEagX5ubhg7vE3bO5uPIeUJIp1s0SpYOS3Mqih1Hd+h24voj8AfoJuTmdIxKtYdRbO+fwNXgY51fMZwDCgDWhnDjHR6q8eoeviLuEZMBQzDABglvyo52bqkKzsRxHBZPwlW7fvXLaafXanvuw/mX2tlB89N0ONSikBkB7H7kBIE/euD+nEYDhHW1CrprRonuR6i9ZcgT5/rlM+172lVu8tkxoeTfhTL8TzEr7ceISj59YiQp+L5wg7BHvADC0FUyIDUGEaRoprAaHIZ4gqde8xbXMOFKbLDFd/jCiEC8Tvu+c5BbL51P5U1Zmy4r6rIU4ALvg/+lIbJUNoyKJuzohnpID/qKPjHj48coV6El9Q==; 5:TCqtOlPyO4o3KDSld7T3g92C4ifisychXE4MpSgghS8q1UDjioorNIvx67MYj4O7lj+uyPGMiGZg6TeatElru6n9FH9XqmC98igu7ihWStz0Lm/w68HQlAaOTWX6UVwt7BUUG4e01p3G0cqp/5RlqHgU9aTx+zSykpGCJ36BJVZINLHzoHFNyU5Quki6C5zSJBaVWi/ToEuC8XvdGoL8ag==; 7:qqzRJ9cwplajmCt1CUciBlVi5dHMnVswBaZi/VGgbwkjIFYuTdlm/aVGCmo5uJ16fcNJwsRu9WDv8RdHAUiJobmOCvmiirsHfNwwIy9ykqxYg0qRfPRpjkvHGBf4ioWC/bSugHCKvHBIu9ksdh9FTg== x-ms-office365-filtering-correlation-id: 43ff8245-3bb2-46d1-987e-08d67644fb15 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR04MB5056; x-ms-traffictypediagnostic: VI1PR04MB5056: x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(908002)(999002)(5005026)(6040522)(8220060)(2401047)(8121501046)(93006095)(93001095)(3231475)(944501520)(52105112)(3002001)(10201501046)(6055026)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(20161123562045)(20161123564045)(201708071742011)(7699051)(76991095); SRVR:VI1PR04MB5056; BCL:0; PCL:0; RULEID:; SRVR:VI1PR04MB5056; x-forefront-prvs: 0912297777 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(346002)(366004)(376002)(136003)(396003)(189003)(199004)(1730700003)(25786009)(6506007)(81156014)(8936002)(102836004)(386003)(14444005)(55236004)(5024004)(8676002)(81166006)(26005)(2351001)(14454004)(50226002)(186003)(105586002)(3846002)(6116002)(7736002)(305945005)(71190400001)(106356001)(256004)(97736004)(71200400001)(1076003)(6512007)(486006)(2501003)(44832011)(66066001)(53946003)(4326008)(99286004)(52116002)(78486014)(476003)(4744004)(2616005)(6916009)(2906002)(68736007)(316002)(54906003)(53936002)(5660300001)(6486002)(5640700003)(6436002)(86362001)(478600001)(36756003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR04MB5056; H:VI1PR04MB4893.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: +vF0GiYQeZElIsTDTVTiZeiAfClRV5lS7rlsuG2BG8s7ruQxhFuiY7xvbFdruNNqgEm3iK33RHT6k179v5eyHSmDsbL48gd6ASGqcCsraCiSOC4+3wXTpGX1eaX+rzKKAh5x0hjw4k57E/hYycTVNjftwwXRd8TM/SlhYF+tIvH7eEUNvjXjKKojXzS7ts9d89ARIFF/Mxk4l3w76top0b+H6wGpLuUCH//xzyzcAzrgOCQkKZs38LHCMNl1KcFGBqG4QSgsNwn3nTs2Z4AVxB8U8fcu7rBWnMQYIkmc3+OJLG938I9PJsCUjN1cK80O spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 43ff8245-3bb2-46d1-987e-08d67644fb15 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jan 2019 15:13:15.4458 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB5056 Subject: [dpdk-dev] [PATCH] crypto/dpaa_sec: support PDCP offload X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Hemant Agrawal PDCP session configuration for lookaside protocol offload and data path is added. Signed-off-by: Hemant Agrawal Acked-by: Akhil Goyal --- drivers/crypto/dpaa_sec/dpaa_sec.c | 268 +++++++++++++++++++++++++++++ drivers/crypto/dpaa_sec/dpaa_sec.h | 212 +++++++++++++++++++++-- 2 files changed, 470 insertions(+), 10 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index d83e74541..b5896c4f7 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include @@ -266,6 +267,11 @@ static inline int is_proto_ipsec(dpaa_sec_session *ses) return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC); } +static inline int is_proto_pdcp(dpaa_sec_session *ses) +{ + return (ses->proto_alg == RTE_SECURITY_PROTOCOL_PDCP); +} + static inline int is_encode(dpaa_sec_session *ses) { return ses->dir == DIR_ENC; @@ -372,6 +378,155 @@ caam_aead_alg(dpaa_sec_session *ses, struct alginfo *alginfo) } } +static int +dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) +{ + struct alginfo authdata = {0}, cipherdata = {0}; + struct sec_cdb *cdb = &ses->cdb; + int32_t shared_desc_len = 0; + int err; +#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN + int swap = false; +#else + int swap = true; +#endif + + switch (ses->cipher_alg) { + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + cipherdata.algtype = PDCP_CIPHER_TYPE_SNOW; + break; + case RTE_CRYPTO_CIPHER_ZUC_EEA3: + cipherdata.algtype = PDCP_CIPHER_TYPE_ZUC; + break; + case RTE_CRYPTO_CIPHER_AES_CTR: + cipherdata.algtype = PDCP_CIPHER_TYPE_AES; + break; + case RTE_CRYPTO_CIPHER_NULL: + cipherdata.algtype = PDCP_CIPHER_TYPE_NULL; + break; + default: + DPAA_SEC_ERR("Crypto: Undefined Cipher specified %u", + ses->cipher_alg); + return -1; + } + + cipherdata.key = (size_t)ses->cipher_key.data; + cipherdata.keylen = ses->cipher_key.length; + cipherdata.key_enc_flags = 0; + cipherdata.key_type = RTA_DATA_IMM; + + if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) { + switch (ses->auth_alg) { + case RTE_CRYPTO_AUTH_SNOW3G_UIA2: + authdata.algtype = PDCP_AUTH_TYPE_SNOW; + break; + case RTE_CRYPTO_AUTH_ZUC_EIA3: + authdata.algtype = PDCP_AUTH_TYPE_ZUC; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: + authdata.algtype = PDCP_AUTH_TYPE_AES; + break; + case RTE_CRYPTO_AUTH_NULL: + authdata.algtype = PDCP_AUTH_TYPE_NULL; + break; + default: + DPAA_SEC_ERR("Crypto: Unsupported auth alg %u", + ses->auth_alg); + return -1; + } + + authdata.key = (size_t)ses->auth_key.data; + authdata.keylen = ses->auth_key.length; + authdata.key_enc_flags = 0; + authdata.key_type = RTA_DATA_IMM; + + cdb->sh_desc[0] = cipherdata.keylen; + cdb->sh_desc[1] = authdata.keylen; + err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, + MIN_JOB_DESC_SIZE, + (unsigned int *)cdb->sh_desc, + &cdb->sh_desc[2], 2); + + if (err < 0) { + DPAA_SEC_ERR("Crypto: Incorrect key lengths"); + return err; + } + if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + cipherdata.key = (size_t)dpaa_mem_vtop( + (void *)(size_t)cipherdata.key); + cipherdata.key_type = RTA_DATA_PTR; + } + if (!(cdb->sh_desc[2] & (1<<1)) && authdata.keylen) { + authdata.key = (size_t)dpaa_mem_vtop( + (void *)(size_t)authdata.key); + authdata.key_type = RTA_DATA_PTR; + } + + cdb->sh_desc[0] = 0; + cdb->sh_desc[1] = 0; + cdb->sh_desc[2] = 0; + + if (ses->dir == DIR_ENC) + shared_desc_len = cnstr_shdsc_pdcp_c_plane_encap( + cdb->sh_desc, 1, swap, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, &authdata, + 0); + else if (ses->dir == DIR_DEC) + shared_desc_len = cnstr_shdsc_pdcp_c_plane_decap( + cdb->sh_desc, 1, swap, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, &authdata, + 0); + } else { + cdb->sh_desc[0] = cipherdata.keylen; + err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, + MIN_JOB_DESC_SIZE, + (unsigned int *)cdb->sh_desc, + &cdb->sh_desc[2], 1); + + if (err < 0) { + DPAA_SEC_ERR("Crypto: Incorrect key lengths"); + return err; + } + if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + cipherdata.key = (size_t)dpaa_mem_vtop( + (void *)(size_t)cipherdata.key); + cipherdata.key_type = RTA_DATA_PTR; + } + cdb->sh_desc[0] = 0; + cdb->sh_desc[1] = 0; + cdb->sh_desc[2] = 0; + + if (ses->dir == DIR_ENC) + shared_desc_len = cnstr_shdsc_pdcp_u_plane_encap( + cdb->sh_desc, 1, swap, + ses->pdcp.sn_size, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, 0); + else if (ses->dir == DIR_DEC) + shared_desc_len = cnstr_shdsc_pdcp_u_plane_decap( + cdb->sh_desc, 1, swap, + ses->pdcp.sn_size, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, 0); + } + + return shared_desc_len; +} + /* prepare ipsec proto command block of the session */ static int dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses) @@ -472,6 +627,8 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) if (is_proto_ipsec(ses)) { shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses); + } else if (is_proto_pdcp(ses)) { + shared_desc_len = dpaa_sec_prep_pdcp_cdb(ses); } else if (is_cipher_only(ses)) { caam_cipher_alg(ses, &alginfo_c); if (alginfo_c.algtype == (unsigned int)DPAA_SEC_ALG_UNSUPPORT) { @@ -1545,6 +1702,8 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, if (rte_pktmbuf_is_contiguous(op->sym->m_src)) { if (is_proto_ipsec(ses)) { cf = build_proto(op, ses); + } else if (is_proto_pdcp(ses)) { + cf = build_proto(op, ses); } else if (is_auth_only(ses)) { cf = build_auth_only(op, ses); } else if (is_cipher_only(ses)) { @@ -2105,7 +2264,112 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev, goto out; } + return 0; +out: + rte_free(session->auth_key.data); + rte_free(session->cipher_key.data); + memset(session, 0, sizeof(dpaa_sec_session)); + return -1; +} + +static int +dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev, + struct rte_security_session_conf *conf, + void *sess) +{ + struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp; + struct rte_crypto_sym_xform *xform = conf->crypto_xform; + struct rte_crypto_auth_xform *auth_xform = NULL; + struct rte_crypto_cipher_xform *cipher_xform = NULL; + dpaa_sec_session *session = (dpaa_sec_session *)sess; + struct dpaa_sec_dev_private *dev_priv = dev->data->dev_private; + + PMD_INIT_FUNC_TRACE(); + + memset(session, 0, sizeof(dpaa_sec_session)); + + /* find xfrm types */ + if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { + cipher_xform = &xform->cipher; + if (xform->next != NULL) + auth_xform = &xform->next->auth; + } else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) { + auth_xform = &xform->auth; + if (xform->next != NULL) + cipher_xform = &xform->next->cipher; + } else { + DPAA_SEC_ERR("Invalid crypto type"); + return -EINVAL; + } + + session->proto_alg = conf->protocol; + if (cipher_xform) { + session->cipher_key.data = rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data == NULL && + cipher_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for cipher key"); + return -ENOMEM; + } + session->cipher_key.length = cipher_xform->key.length; + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + session->dir = (cipher_xform->op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ? + DIR_ENC : DIR_DEC; + session->cipher_alg = cipher_xform->algo; + } else { + session->cipher_key.data = NULL; + session->cipher_key.length = 0; + session->cipher_alg = RTE_CRYPTO_CIPHER_NULL; + session->dir = DIR_ENC; + } + + /* Auth is only applicable for control mode operation. */ + if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { + if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5) { + DPAA_SEC_ERR( + "PDCP Seq Num size should be 5 bits for cmode"); + goto out; + } + if (auth_xform) { + session->auth_key.data = rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data == NULL && + auth_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + return -ENOMEM; + } + session->auth_key.length = auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg = auth_xform->algo; + } else { + session->auth_key.data = NULL; + session->auth_key.length = 0; + session->auth_alg = RTE_CRYPTO_AUTH_NULL; + } + } + session->pdcp.domain = pdcp_xform->domain; + session->pdcp.bearer = pdcp_xform->bearer; + session->pdcp.pkt_dir = pdcp_xform->pkt_dir; + session->pdcp.sn_size = pdcp_xform->sn_size; +#ifdef ENABLE_HFN_OVERRIDE + session->pdcp.hfn_ovd = pdcp_xform->hfn_ovd; +#endif + session->pdcp.hfn = pdcp_xform->hfn; + session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold; + session->ctx_pool = dev_priv->ctx_pool; + rte_spinlock_lock(&dev_priv->lock); + session->inq = dpaa_sec_attach_rxq(dev_priv); + rte_spinlock_unlock(&dev_priv->lock); + if (session->inq == NULL) { + DPAA_SEC_ERR("unable to attach sec queue"); + goto out; + } return 0; out: rte_free(session->auth_key.data); @@ -2134,6 +2398,10 @@ dpaa_sec_security_session_create(void *dev, ret = dpaa_sec_set_ipsec_session(cdev, conf, sess_private_data); break; + case RTE_SECURITY_PROTOCOL_PDCP: + ret = dpaa_sec_set_pdcp_session(cdev, conf, + sess_private_data); + break; case RTE_SECURITY_PROTOCOL_MACSEC: return -ENOTSUP; default: diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h index f4b87844c..6049c1d52 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.h +++ b/drivers/crypto/dpaa_sec/dpaa_sec.h @@ -91,6 +91,20 @@ struct sec_cdb { uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE]; }; +/*! + * The structure is to be filled by user as a part of + * dpaa_sec_proto_ctxt for PDCP Protocol + */ +struct sec_pdcp_ctxt { + enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/ + int8_t bearer; /*!< PDCP bearer ID */ + int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ + int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ + uint32_t hfn; /*!< Hyper Frame Number */ + uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ + uint8_t sn_size; /*!< Sequence number size, 7/12/15 */ +}; + typedef struct dpaa_sec_session_entry { uint8_t dir; /*!< Operation Direction */ enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/ @@ -113,15 +127,21 @@ typedef struct dpaa_sec_session_entry { } auth_key; }; }; - struct { - uint16_t length; - uint16_t offset; - } iv; /**< Initialisation vector parameters */ - uint16_t auth_only_len; /*!< Length of data for Auth only */ - uint32_t digest_length; - struct ipsec_encap_pdb encap_pdb; - struct ip ip4_hdr; - struct ipsec_decap_pdb decap_pdb; + union { + struct { + struct { + uint16_t length; + uint16_t offset; + } iv; /**< Initialisation vector parameters */ + uint16_t auth_only_len; + /*!< Length of data for Auth only */ + uint32_t digest_length; + struct ipsec_decap_pdb decap_pdb; + struct ipsec_encap_pdb encap_pdb; + struct ip ip4_hdr; + }; + struct sec_pdcp_ctxt pdcp; + }; struct dpaa_sec_qp *qp; struct qman_fq *inq; struct sec_cdb cdb; /**< cmd block associated with qp */ @@ -366,7 +386,7 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { .min = 16, .max = 16, .increment = 0 - } + }, }, } }, } }, @@ -394,6 +414,162 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; +static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = { + { /* SNOW 3G (UIA2) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 4, + .max = 4, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* SNOW 3G (UEA2) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* AES CTR */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_CTR, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* NULL (AUTH) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_NULL, + .block_size = 1, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .iv_size = { 0 } + }, }, + }, }, + }, + { /* NULL (CIPHER) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_NULL, + .block_size = 1, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .iv_size = { + .min = 0, + .max = 0, + .increment = 0 + } + }, }, + }, } + }, + { /* ZUC (EEA3) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* ZUC (EIA3) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_ZUC_EIA3, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 4, + .max = 4, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + static const struct rte_security_capability dpaa_sec_security_cap[] = { { /* IPsec Lookaside Protocol offload ESP Transport Egress */ .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, @@ -417,6 +593,22 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = { }, .crypto_capabilities = dpaa_sec_capabilities }, + { /* PDCP Lookaside Protocol offload Data */ + .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_PDCP, + .pdcp = { + .domain = RTE_SECURITY_PDCP_MODE_DATA, + }, + .crypto_capabilities = dpaa_pdcp_capabilities + }, + { /* PDCP Lookaside Protocol offload Control */ + .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_PDCP, + .pdcp = { + .domain = RTE_SECURITY_PDCP_MODE_CONTROL, + }, + .crypto_capabilities = dpaa_pdcp_capabilities + }, { .action = RTE_SECURITY_ACTION_TYPE_NONE }