From patchwork Thu Aug 30 05:51:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hemant Agrawal X-Patchwork-Id: 43993 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 30A815A6A; Thu, 30 Aug 2018 07:53:32 +0200 (CEST) Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10055.outbound.protection.outlook.com [40.107.1.55]) by dpdk.org (Postfix) with ESMTP id ACD3C4CB1 for ; Thu, 30 Aug 2018 07:53:19 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TpOZ9UbMJs6NyMNMLJM7GMckJwUniFFueJzPI/qaFN0=; b=UF+KsWv3CfgfYJBBFB63QSFBv1D5YKQCa6gen+i/92C6xDHBkl7Jy7X22mdk7ITLTbXozUds+tKyrUTBwpzgwo+l7y+txNsV8iNKqj1iVJZmEwQaU1Q6cGR11m4unbUmWodWICh19nH68SoBJLHF69/mCNtsfQp4Pm7NzqZrSHc= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=hemant.agrawal@nxp.com; Received: from bf-netperf1.ap.freescale.net (14.143.30.134) by VI1PR0401MB2541.eurprd04.prod.outlook.com (2603:10a6:800:56::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1080.17; Thu, 30 Aug 2018 05:53:17 +0000 From: Hemant Agrawal To: dev@dpdk.org Cc: akhil.goyal@nxp.com Date: Thu, 30 Aug 2018 11:21:04 +0530 Message-Id: <1535608265-13323-10-git-send-email-hemant.agrawal@nxp.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1535608265-13323-1-git-send-email-hemant.agrawal@nxp.com> References: <1535608265-13323-1-git-send-email-hemant.agrawal@nxp.com> MIME-Version: 1.0 X-Originating-IP: [14.143.30.134] X-ClientProxiedBy: PN1PR0101CA0049.INDPRD01.PROD.OUTLOOK.COM (2603:1096:c00:d::11) To VI1PR0401MB2541.eurprd04.prod.outlook.com (2603:10a6:800:56::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7a6bd7d8-9a50-4419-5cac-08d60e3ce2bc X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR0401MB2541; X-Microsoft-Exchange-Diagnostics: 1; VI1PR0401MB2541; 3:wGNhVwrCNnRD6TTCxFQyMBwuwooQHNApm13mqmKn3Q5oxZGTAAqPNt8Y0ChwfoJf9LLQnVSNd2M37Z3AuYcvNVMoicWVtCfO8o3p+wyFAipaAlyOb4swSIxVggq8yIM8e5+KrcZiY70e5HYwGaiJM+OwAx4yfZ6549TBnMkiCdcunN2oqga9SHX0slS9V0q78d6ZCNAoGdVv0N552ctk9aAjOkxXt7I+t/dUhFfImzxmtz9TdUo+Gw+xofNRNMAX; 25:6onNbZJ6PIThD3It9TeFZdrii2yN977dA262o0EPgy4cL6tt/RFFMxot0ltTQGzVbsF5C9Z3OoUrbAYGT5O4L0djU4gNS9ldP2NxnJdNTPychudTCIQMJS2y/4qNfw5YmdtD1ngr24RSgE3NSb/DfqHdg3Y/7uibZiTpswTRsHFu/jVpW10/r53bAiMoiZXFLchx+4mt6RYvLCasOcIBuruHSsTeTXKaeksiFsmvXqE5GPdSs6kyg9MGjn61u5FCzSnb3fpU59V/m/XNrom9Pqa/J3YeXdUDhhzW9vtRL9ANN+tcQZ4Z4ta6mSu9jvlPS2jKA7bXauYzXlyqBybNoA==; 31:jPd3D3VMnTBds4wCVPlf1BdUAIOWN4ZWjN7GSZx3yLQ1W5M0aHNlcOgnG8xGxroIRuXCMrnh3S7zHDGv7FfKlmj+5zY1zMkOroHtwmI0DSKyqe17zxCZSRf2MRqFOSC8xV9AQDh7sWISXPOGyVE2v6aeb+eFh/bGFvckDJaNkClbYX7IFmqkttb7dEUNxWKu9E8ga86zhY9xr2Bovr5sByGPcel0z3u5jKQgryfHFAw= X-MS-TrafficTypeDiagnostic: VI1PR0401MB2541: X-Microsoft-Exchange-Diagnostics: 1; VI1PR0401MB2541; 20:61jQKoC++jgahdL3999xiM2LbacGAFmFoveQGsiy9FnXaYtZUUXjTEAKlTn6lGclDlSo36khCTDJemi5ZcskhbHzLrscY+P/SfbjwFYGTrWGsUtqXg+lnlaoW8vfK3ihrYm7Eoim6tY90Dck9oCfQF4LxER2CuqF05ZH6ke1UbKF2VShDgUc390F4xjKAO6Z/NZbN0urXnc1CIJHPU3xRfe+5iNBXydN7hpgOFpFca0rILoabe6hqGh/TuNtrWzHUF+02dcS9qT1W8ZI5tM8h3ESWguqMd3dWn7JvI6ZNOrv7DA5Sv9RUd8x3S3VdIs47wS1RkImS5kvrVSOImHFq6rIm9l7jYXEsMfuWch5Ki/oLOusVvVYyb0/f+HatbMJAiXIPBlG9lg1BvNZGwBa65NQGFjDXDac4Rd/sdn2qGqiAaxHc3YyaWt4Wx+/Ii6M0w8Z70U2v51kW+vMYZ/ACCq9EEJaGPwg8y0YhdUJQxHevJ4StT3o2NGNLzxB9y/P; 4:LePlQZItxiSpYapE8sd2oU3Z139AdSBE5Ar1udcVRW2uAlq8+SktkIRSMdk6TbJlMJvKLwjLNp3J1ZrVy9pRhGEbQG3H++Ilo1AStwh6CwG6M3+s4BQ2xnozcWYnxguyuswCsgHc+XUnY8ZWz+QqtNJ9Cnv6sjcpOqqNciELuT7wk4L52vl8WbWLVWKFviSvp3oWSFSaBMdtFaYNQ1FAN0UY+8Ga+M+FOFKw/vdkXIMcgqFTVOR8hA91nevM6//1oyVw1JX1+0J8941rTAOA2d9LSp5JGo758x3ifbDw1T/6YIBNm9tnIm9wOhbikXdY X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(185117386973197); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(823301075)(3231311)(944501410)(52105095)(10201501046)(3002001)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(20161123560045)(20161123558120)(20161123564045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699016); SRVR:VI1PR0401MB2541; BCL:0; PCL:0; RULEID:; SRVR:VI1PR0401MB2541; X-Forefront-PRVS: 07807C55DC X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(376002)(396003)(346002)(39860400002)(136003)(366004)(189003)(199004)(316002)(486006)(106356001)(47776003)(16526019)(53936002)(6916009)(6666003)(186003)(26005)(386003)(5009440100003)(6506007)(52116002)(2351001)(956004)(76176011)(66066001)(446003)(51416003)(6512007)(11346002)(6486002)(16586007)(97736004)(86362001)(575784001)(4326008)(44832011)(25786009)(68736007)(105586002)(2616005)(305945005)(2906002)(14444005)(3846002)(6116002)(5660300001)(476003)(81166006)(478600001)(48376002)(8936002)(81156014)(7736002)(8676002)(50466002)(50226002)(2361001)(36756003)(110426005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0401MB2541; H:bf-netperf1.ap.freescale.net; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; VI1PR0401MB2541; 23:YTxCfD5oQRmftOFUMrA1eOO5NMJAFqZu5iCdR8I?= 2HzSOWA9ukKGj1s5vmTDQ+bjjsWIN2iQyU8oUkeHVqFhlEY9ay9UgFM0QX09pagGcNnbI2I7gN4jEWDo+rb080AyiZ2reHmjJDzj5LwZLZrX723rrFQIE6PBDvmjRJO0aktb5iRC4cAxkO6PYJEyxYrhH+VrPKt7EAmjLAn7RBZvfk49k3pQW8LcSKAlT8bLRv+cIf8Dgl+zSr83UBEFMvYxodCJP5KzJTNdAmBd9Mqv9HS0WDFiUdFSPM4Wrd9tudt2IZ7IN0kaR/0e47CBiAYZCPbcFwxoDwjB6GTzdStq8zDzNRbtPvucDicmspg6fv2sXDLm7GyBZcQqimsBlMJNMyMSzT7PMr28ksediVc4rT/SNAo1LMblPTzMPXESaS/UoWmpiZzKj9jGswgPXWIMUCrZVmFmyO5QGkaDaa2b0IFy/dXkVxZVUadjpNXmsPmzrV6KQ8DMB/9zq3aZ4pWoNKpF/EtQMAxr4K5ERjuYuZFtPRNQImvy9+ktsnsEBFi8ykvOOOsbpCPnCo5OUIaBuWggp3Kx6xl7xKh8xQIQSSaiXpaXj5DC9UsRUGuhCfvJ1B3dL0vu65TpHYSPx3uo+W2FE54HFrSLtQ5Yp9qDnTWa/R4PPPK5r7uzRThz4xRMo84VEVrtT7jlC0BumT4PLETotkGk0QROooGJshnnLeE8Z7OvUpd11hk2Dec6yjN+SH80BiN4xVrZlBfb3r42i3LdMjdo3N/YiUoguuGhg8eUaUruK+T8WAxe0DKXvUMfTBCCUsSFxEM/hOTE1MfN0GjT8gHht1cEgAXyV+bW8Ro3h+5+kyzUMnFPjS8xRlppn1DfJ9N4h+RKaEjHcr5bIaHTwAbMlNEYnQEe+4oflMvBE56qVaxcueOdx2FeCDrGwomvp/e+Z2h/ZIGciOT7/HIwRiqkuKb6OSLJryr3mtdP2WV8sOJ4Z5aM2Mk1BFZ/2eEijyaDNZ075ZHNgjwmKZ/U1ubBHVse+9UMmfVx9qYWoqN5Fl6UWg7NQpisqpcA5wF04oG9KVuxbPPsdSWx6VYOtSk2Ly2a+UedJ9TTtV2ZhbH8ZMnufIkiLBCd04a1A2GxOs0A5r2sF9qNIY3yMwL/ukZr4uFosS9hNNxldYC8C6WRQHZQdkqtmBrawf5bgCb51Q4f2GBuuWkGeZHOHV4dHY7ue6wMkPyL/Wz1y1zzJizxvw4rwAqFn86VUTZlvkwMjaV3kv1cXwdO2y8SjfuVzOF3MWzmddsMc3e7h9zqgJYYB4EmcYdPZo5jFGWfu9bjBlD7Bm9ElFmWq/dds X-Microsoft-Antispam-Message-Info: HzkN6skgpMkdTgd7CU2Mc2oBCPC1VrsiEXdE1yQfmiRYCf8rivU2DFyBJWPk88mVFvkIaCYSSENddc+Mn0v2FBjutwZzDWsXPbWmCQmDolC+u5JP0Mw3DtgNAZ80N4dCNJkBAJ5P03i3WnAKtKOqRgUQgzD4xaRxsc5AfKpz5RwM0Caq/4n/AjMmGbLRVH6oFIs39lIxp60y3TXgGpYeAiYuJt8yc4yVrS3KpJGsCfZKjiEDwyKaMR7V0fPd7AOt4/07oSKhmkc78gBRd5e0MuFqKokbfZqE0DU54fn0e4uC855+BO89apjkhIWgvwcc7Y6kSKaAPRxJpXrj9iu3gz6X+47nMUyUOa0R5h0RPlw= X-Microsoft-Exchange-Diagnostics: 1; VI1PR0401MB2541; 6:2jTfR+ybLVmLHdiLcdj7cmupCduPFaEm9/iWvy+yp/Q4BB8Ol9CpVy9D/w36qz/bA9kW6+uwku2wasALOkTGBgZR5pEvloNms4z/zfBGlu2sp8DSX2Hf2S0BvfFMLKH8ZeRrFD9M6GOXX8YTr39BBe1NzkXwX3QzhsUclG0WDw2GvxAhjlHZrC239pcqDP7+coiX9ZgTtDs80RJ3OmYfHvHYQNpG3tE2ct2uw6PW21TFP0Go3JEdIPS1dVGYaXbONgcY7XOXGV30OuuowUa8+x7rH/NJTfqnTmtVyIe2qdtgtTjB0ETGWHmTR071bDmy3I9r4p/TfY1E9o2JtyDCw3VkBbWwhufW5AJQFM6ruBHr700dGqD8ETN0lRJBouqEvcjZsxZMxYLFrGdkLT3uFju6H60JkQUYgPXrm1hHRYfOZYeb4F0jgtQ5PqN1OaMQscfXH1szrxHXCZ8s6A5Uyg==; 5:vh/DikE0wRXDCUmhTrKQ3tz4x8xhv/SctJM088WrW4EDzN09cAn32s0AXf4AHCltJ2nMfax+R3xaWf3QmYf3G729DaIjCzKRDh3q2XxBP4MgtOjKCN5EJh3pR8gEnkNRoOULzQpyGmwSm4Hy4/ZkDDWDrb3KA6ZAp/9/z5PCSRM=; 7:1mL8btEkwKpOeVJFiPPodjKNSLmbx3FlKohGWtZiwmBKd2aTgzrdhtv/RwLPYHhnXy9MxQV1YWiWYzGPZeEplPl2YLKStjkXo8l0ntmEmSbeRiCRLPwJL66OosfXM10+KOhYhE37bI/T/HdFiN+mKAnVOuD4RcyvZpE4WrT6EPnU/Tj+5OHnNGDcXXxbPc9iDnR6+3DOIqUXjFMyjCNBUI/9FCT/h0LJpgxdr10H981KvE6E1Dn1lb5lWxl6Hp2U SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Aug 2018 05:53:17.8060 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7a6bd7d8-9a50-4419-5cac-08d60e3ce2bc X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0401MB2541 Subject: [dpdk-dev] [PATCH 09/10] crypto/dpaa2_sec: multi algo support for ipsec session X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Signed-off-by: Hemant Agrawal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 294 ++++++++++++++++++---------- 1 file changed, 190 insertions(+), 104 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index ca6ddad..e3dafeb 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2214,110 +2214,127 @@ dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev, } static int -dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev, - struct rte_security_session_conf *conf, - void *sess) +dpaa2_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform, + dpaa2_sec_session *session, + struct alginfo *aeaddata) { - struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec; - struct rte_crypto_auth_xform *auth_xform; - struct rte_crypto_cipher_xform *cipher_xform; - dpaa2_sec_session *session = (dpaa2_sec_session *)sess; - struct ctxt_priv *priv; - struct ipsec_encap_pdb encap_pdb; - struct ipsec_decap_pdb decap_pdb; - struct alginfo authdata, cipherdata; - int bufsize; - struct sec_flow_context *flc; - struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private; - PMD_INIT_FUNC_TRACE(); - memset(session, 0, sizeof(dpaa2_sec_session)); - if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) { - cipher_xform = &conf->crypto_xform->cipher; - auth_xform = &conf->crypto_xform->next->auth; - } else { - auth_xform = &conf->crypto_xform->auth; - cipher_xform = &conf->crypto_xform->next->cipher; + session->aead_key.data = rte_zmalloc(NULL, aead_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->aead_key.data == NULL && aead_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for aead key"); + return -1; } - priv = (struct ctxt_priv *)rte_zmalloc(NULL, - sizeof(struct ctxt_priv) + - sizeof(struct sec_flc_desc), - RTE_CACHE_LINE_SIZE); + memcpy(session->aead_key.data, aead_xform->key.data, + aead_xform->key.length); - if (priv == NULL) { - DPAA2_SEC_ERR("No memory for priv CTXT"); - return -ENOMEM; - } + session->digest_length = aead_xform->digest_length; + session->aead_key.length = aead_xform->key.length; - priv->fle_pool = dev_priv->fle_pool; - flc = &priv->flc_desc[0].flc; + aeaddata->key = (size_t)session->aead_key.data; + aeaddata->keylen = session->aead_key.length; + aeaddata->key_enc_flags = 0; + aeaddata->key_type = RTA_DATA_IMM; - session->ctxt_type = DPAA2_SEC_IPSEC; - session->cipher_key.data = rte_zmalloc(NULL, - cipher_xform->key.length, - RTE_CACHE_LINE_SIZE); - if (session->cipher_key.data == NULL && - cipher_xform->key.length > 0) { - DPAA2_SEC_ERR("No Memory for cipher key"); - rte_free(priv); - return -ENOMEM; + switch (aead_xform->algo) { + case RTE_CRYPTO_AEAD_AES_GCM: + aeaddata->algtype = OP_ALG_ALGSEL_AES; + aeaddata->algmode = OP_ALG_AAI_GCM; + session->aead_alg = RTE_CRYPTO_AEAD_AES_GCM; + break; + case RTE_CRYPTO_AEAD_AES_CCM: + aeaddata->algtype = OP_ALG_ALGSEL_AES; + aeaddata->algmode = OP_ALG_AAI_CCM; + session->aead_alg = RTE_CRYPTO_AEAD_AES_CCM; + break; + default: + DPAA2_SEC_ERR("Crypto: Undefined AEAD specified %u", + aead_xform->algo); + return -1; } + session->dir = (aead_xform->op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ? + DIR_ENC : DIR_DEC; - session->cipher_key.length = cipher_xform->key.length; - session->auth_key.data = rte_zmalloc(NULL, - auth_xform->key.length, - RTE_CACHE_LINE_SIZE); - if (session->auth_key.data == NULL && - auth_xform->key.length > 0) { - DPAA2_SEC_ERR("No Memory for auth key"); - rte_free(session->cipher_key.data); - rte_free(priv); - return -ENOMEM; + return 0; +} + +static int +dpaa2_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform, + struct rte_crypto_auth_xform *auth_xform, + dpaa2_sec_session *session, + struct alginfo *cipherdata, + struct alginfo *authdata) +{ + if (cipher_xform) { + session->cipher_key.data = rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data == NULL && + cipher_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for cipher key"); + return -ENOMEM; + } + + session->cipher_key.length = cipher_xform->key.length; + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + session->cipher_alg = cipher_xform->algo; + } else { + session->cipher_key.data = NULL; + session->cipher_key.length = 0; + session->cipher_alg = RTE_CRYPTO_CIPHER_NULL; + } + + if (auth_xform) { + session->auth_key.data = rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data == NULL && + auth_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for auth key"); + return -ENOMEM; + } + session->auth_key.length = auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg = auth_xform->algo; + } else { + session->auth_key.data = NULL; + session->auth_key.length = 0; + session->auth_alg = RTE_CRYPTO_AUTH_NULL; } - session->auth_key.length = auth_xform->key.length; - memcpy(session->cipher_key.data, cipher_xform->key.data, - cipher_xform->key.length); - memcpy(session->auth_key.data, auth_xform->key.data, - auth_xform->key.length); - authdata.key = (size_t)session->auth_key.data; - authdata.keylen = session->auth_key.length; - authdata.key_enc_flags = 0; - authdata.key_type = RTA_DATA_IMM; - switch (auth_xform->algo) { + authdata->key = (size_t)session->auth_key.data; + authdata->keylen = session->auth_key.length; + authdata->key_enc_flags = 0; + authdata->key_type = RTA_DATA_IMM; + switch (session->auth_alg) { case RTE_CRYPTO_AUTH_SHA1_HMAC: - authdata.algtype = OP_PCL_IPSEC_HMAC_SHA1_96; - authdata.algmode = OP_ALG_AAI_HMAC; - session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC; + authdata->algtype = OP_PCL_IPSEC_HMAC_SHA1_96; + authdata->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_MD5_HMAC: - authdata.algtype = OP_PCL_IPSEC_HMAC_MD5_96; - authdata.algmode = OP_ALG_AAI_HMAC; - session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC; + authdata->algtype = OP_PCL_IPSEC_HMAC_MD5_96; + authdata->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA256_HMAC: - authdata.algtype = OP_PCL_IPSEC_HMAC_SHA2_256_128; - authdata.algmode = OP_ALG_AAI_HMAC; - session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC; + authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_256_128; + authdata->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA384_HMAC: - authdata.algtype = OP_PCL_IPSEC_HMAC_SHA2_384_192; - authdata.algmode = OP_ALG_AAI_HMAC; - session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC; + authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_384_192; + authdata->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_SHA512_HMAC: - authdata.algtype = OP_PCL_IPSEC_HMAC_SHA2_512_256; - authdata.algmode = OP_ALG_AAI_HMAC; - session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC; + authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_512_256; + authdata->algmode = OP_ALG_AAI_HMAC; break; case RTE_CRYPTO_AUTH_AES_CMAC: - authdata.algtype = OP_PCL_IPSEC_AES_CMAC_96; - session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC; + authdata->algtype = OP_PCL_IPSEC_AES_CMAC_96; break; case RTE_CRYPTO_AUTH_NULL: - authdata.algtype = OP_PCL_IPSEC_HMAC_NULL; - session->auth_alg = RTE_CRYPTO_AUTH_NULL; + authdata->algtype = OP_PCL_IPSEC_HMAC_NULL; break; case RTE_CRYPTO_AUTH_SHA224_HMAC: case RTE_CRYPTO_AUTH_AES_XCBC_MAC: @@ -2333,50 +2350,119 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev, case RTE_CRYPTO_AUTH_AES_CBC_MAC: case RTE_CRYPTO_AUTH_ZUC_EIA3: DPAA2_SEC_ERR("Crypto: Unsupported auth alg %u", - auth_xform->algo); - goto out; + session->auth_alg); + return -1; default: DPAA2_SEC_ERR("Crypto: Undefined Auth specified %u", - auth_xform->algo); - goto out; + session->auth_alg); + return -1; } - cipherdata.key = (size_t)session->cipher_key.data; - cipherdata.keylen = session->cipher_key.length; - cipherdata.key_enc_flags = 0; - cipherdata.key_type = RTA_DATA_IMM; + cipherdata->key = (size_t)session->cipher_key.data; + cipherdata->keylen = session->cipher_key.length; + cipherdata->key_enc_flags = 0; + cipherdata->key_type = RTA_DATA_IMM; - switch (cipher_xform->algo) { + switch (session->cipher_alg) { case RTE_CRYPTO_CIPHER_AES_CBC: - cipherdata.algtype = OP_PCL_IPSEC_AES_CBC; - cipherdata.algmode = OP_ALG_AAI_CBC; - session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC; + cipherdata->algtype = OP_PCL_IPSEC_AES_CBC; + cipherdata->algmode = OP_ALG_AAI_CBC; break; case RTE_CRYPTO_CIPHER_3DES_CBC: - cipherdata.algtype = OP_PCL_IPSEC_3DES; - cipherdata.algmode = OP_ALG_AAI_CBC; - session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC; + cipherdata->algtype = OP_PCL_IPSEC_3DES; + cipherdata->algmode = OP_ALG_AAI_CBC; break; case RTE_CRYPTO_CIPHER_AES_CTR: - cipherdata.algtype = OP_PCL_IPSEC_AES_CTR; - cipherdata.algmode = OP_ALG_AAI_CTR; - session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR; + cipherdata->algtype = OP_PCL_IPSEC_AES_CTR; + cipherdata->algmode = OP_ALG_AAI_CTR; break; case RTE_CRYPTO_CIPHER_NULL: - cipherdata.algtype = OP_PCL_IPSEC_NULL; + cipherdata->algtype = OP_PCL_IPSEC_NULL; break; case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_KASUMI_F8: DPAA2_SEC_ERR("Crypto: Unsupported Cipher alg %u", - cipher_xform->algo); - goto out; + session->cipher_alg); + return -1; default: DPAA2_SEC_ERR("Crypto: Undefined Cipher specified %u", - cipher_xform->algo); + session->cipher_alg); + return -1; + } + + return 0; +} + +#ifdef RTE_LIBRTE_SECURITY_TEST +static uint8_t aes_cbc_iv[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; +#endif + +static int +dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev, + struct rte_security_session_conf *conf, + void *sess) +{ + struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec; + struct rte_crypto_cipher_xform *cipher_xform = NULL; + struct rte_crypto_auth_xform *auth_xform = NULL; + struct rte_crypto_aead_xform *aead_xform = NULL; + dpaa2_sec_session *session = (dpaa2_sec_session *)sess; + struct ctxt_priv *priv; + struct ipsec_encap_pdb encap_pdb; + struct ipsec_decap_pdb decap_pdb; + struct alginfo authdata, cipherdata; + int bufsize; + struct sec_flow_context *flc; + struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private; + int ret = -1; + + PMD_INIT_FUNC_TRACE(); + + priv = (struct ctxt_priv *)rte_zmalloc(NULL, + sizeof(struct ctxt_priv) + + sizeof(struct sec_flc_desc), + RTE_CACHE_LINE_SIZE); + + if (priv == NULL) { + DPAA2_SEC_ERR("No memory for priv CTXT"); + return -ENOMEM; + } + + priv->fle_pool = dev_priv->fle_pool; + flc = &priv->flc_desc[0].flc; + + memset(session, 0, sizeof(dpaa2_sec_session)); + + if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { + cipher_xform = &conf->crypto_xform->cipher; + if (conf->crypto_xform->next) + auth_xform = &conf->crypto_xform->next->auth; + ret = dpaa2_sec_ipsec_proto_init(cipher_xform, auth_xform, + session, &cipherdata, &authdata); + } else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) { + auth_xform = &conf->crypto_xform->auth; + if (conf->crypto_xform->next) + cipher_xform = &conf->crypto_xform->next->cipher; + ret = dpaa2_sec_ipsec_proto_init(cipher_xform, auth_xform, + session, &cipherdata, &authdata); + } else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) { + aead_xform = &conf->crypto_xform->aead; + ret = dpaa2_sec_ipsec_aead_init(aead_xform, + session, &cipherdata); + } else { + DPAA2_SEC_ERR("XFORM not specified"); + ret = -EINVAL; + goto out; + } + if (ret) { + DPAA2_SEC_ERR("Failed to process xform"); goto out; } + session->ctxt_type = DPAA2_SEC_IPSEC; if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) { struct ip ip4_hdr; @@ -2388,7 +2474,7 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev, ip4_hdr.ip_id = 0; ip4_hdr.ip_off = 0; ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl; - ip4_hdr.ip_p = 0x32; + ip4_hdr.ip_p = IPPROTO_ESP; ip4_hdr.ip_sum = 0; ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip; ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip; @@ -2452,7 +2538,7 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev, rte_free(session->auth_key.data); rte_free(session->cipher_key.data); rte_free(priv); - return -1; + return ret; } static int