From patchwork Tue Jan 2 04:54:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anoob Joseph X-Patchwork-Id: 135660 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3746E437F8; Tue, 2 Jan 2024 05:56:12 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 25B59402F1; Tue, 2 Jan 2024 05:56:12 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 1B257402E6 for ; Tue, 2 Jan 2024 05:56:11 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 401Nx5Ap022063 for ; Mon, 1 Jan 2024 20:56:10 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s= pfpt0220; bh=UKXKPDO+soD3v87UrKQCMng1X1fCg9UxOv0GO+tJkLs=; b=Wsd J2vfdl36kHx2uHFLTBlRKDKkwp4yExKHRwAkxvwqaXsZ9UOZGRAySPTObuuCjClH 2BQlkDaOVql7iv8FoCcyJvGW1JBRI3xlqg8bhiJItEeMiFhkWOy3Q0frSWJ1xYNO WxNDzAjWwXgLdwbm0bZ/YvSrCiLBJKLIUOAG2DAd5mbjxQrTRb/gwaRfhYxwIgkg wfvzaiONGaJYgw8DdwFyDAL7FWebS+6DJE/EmnMGSjn+7+3yDpF4BBUqgrIA9Smq 2Eb0VzTc4tac6g3YsOg3GWBC/Kr97u3puOB8WGzL9Wdpi0BYge3syhsBh/PJRVrh lEsoptixq02eeGsazqQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3vakkkwvtq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Mon, 01 Jan 2024 20:56:09 -0800 (PST) Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 1 Jan 2024 20:56:07 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 1 Jan 2024 20:56:07 -0800 Received: from BG-LT92004.corp.innovium.com (unknown [10.28.163.189]) by maili.marvell.com (Postfix) with ESMTP id C227E3F7081; Mon, 1 Jan 2024 20:55:57 -0800 (PST) From: Anoob Joseph To: Akhil Goyal CC: Jerin Jacob , Vidya Sagar Velumuri , Tejasree Kondoj , Subject: [PATCH v2 13/24] common/cnxk: add TLS record contexts Date: Tue, 2 Jan 2024 10:24:06 +0530 Message-ID: <20240102045417.115-14-anoobj@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240102045417.115-1-anoobj@marvell.com> References: <20231221123545.510-1-anoobj@marvell.com> <20240102045417.115-1-anoobj@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: 5UdNjNZNDFtPj2-hZxXnGiI_U-4Ox8FB X-Proofpoint-GUID: 5UdNjNZNDFtPj2-hZxXnGiI_U-4Ox8FB X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-09_02,2023-12-07_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add TLS record read and write contexts. Signed-off-by: Anoob Joseph Signed-off-by: Vidya Sagar Velumuri --- drivers/common/cnxk/roc_cpt.h | 4 +- drivers/common/cnxk/roc_ie_ot_tls.h | 199 ++++++++++++++++++++++++++++ drivers/common/cnxk/roc_se.h | 11 ++ 3 files changed, 211 insertions(+), 3 deletions(-) create mode 100644 drivers/common/cnxk/roc_ie_ot_tls.h diff --git a/drivers/common/cnxk/roc_cpt.h b/drivers/common/cnxk/roc_cpt.h index 001e71c55e..5a2b5caeb0 100644 --- a/drivers/common/cnxk/roc_cpt.h +++ b/drivers/common/cnxk/roc_cpt.h @@ -55,6 +55,7 @@ #define ROC_CPT_AES_CBC_IV_LEN 16 #define ROC_CPT_SHA1_HMAC_LEN 12 #define ROC_CPT_SHA2_HMAC_LEN 16 +#define ROC_CPT_DES_IV_LEN 8 #define ROC_CPT_DES3_KEY_LEN 24 #define ROC_CPT_AES128_KEY_LEN 16 @@ -71,9 +72,6 @@ #define ROC_CPT_DES_BLOCK_LENGTH 8 #define ROC_CPT_AES_BLOCK_LENGTH 16 -#define ROC_CPT_AES_GCM_ROUNDUP_BYTE_LEN 4 -#define ROC_CPT_AES_CBC_ROUNDUP_BYTE_LEN 16 - /* Salt length for AES-CTR/GCM/CCM and AES-GMAC */ #define ROC_CPT_SALT_LEN 4 diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h new file mode 100644 index 0000000000..61955ef4d1 --- /dev/null +++ b/drivers/common/cnxk/roc_ie_ot_tls.h @@ -0,0 +1,199 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2023 Marvell. + */ + +#ifndef __ROC_IE_OT_TLS_H__ +#define __ROC_IE_OT_TLS_H__ + +#include "roc_platform.h" + +#define ROC_IE_OT_TLS_CTX_ILEN 1 +#define ROC_IE_OT_TLS_CTX_HDR_SIZE 1 +#define ROC_IE_OT_TLS_AR_WIN_SIZE_MAX 4096 +#define ROC_IE_OT_TLS_LOG_MIN_AR_WIN_SIZE_M1 5 + +/* u64 array size to fit anti replay window bits */ +#define ROC_IE_OT_TLS_AR_WINBITS_SZ \ + (PLT_ALIGN_CEIL(ROC_IE_OT_TLS_AR_WIN_SIZE_MAX, BITS_PER_LONG_LONG) / BITS_PER_LONG_LONG) + +/* CN10K TLS opcodes */ +#define ROC_IE_OT_TLS_MAJOR_OP_RECORD_ENC 0x16UL +#define ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC 0x17UL + +#define ROC_IE_OT_TLS_CTX_MAX_OPAD_IPAD_LEN 128 +#define ROC_IE_OT_TLS_CTX_MAX_KEY_IV_LEN 48 +#define ROC_IE_OT_TLS_CTX_MAX_IV_LEN 16 + +enum roc_ie_ot_tls_mac_type { + ROC_IE_OT_TLS_MAC_MD5 = 1, + ROC_IE_OT_TLS_MAC_SHA1 = 2, + ROC_IE_OT_TLS_MAC_SHA2_256 = 4, + ROC_IE_OT_TLS_MAC_SHA2_384 = 5, + ROC_IE_OT_TLS_MAC_SHA2_512 = 6, +}; + +enum roc_ie_ot_tls_cipher_type { + ROC_IE_OT_TLS_CIPHER_3DES = 1, + ROC_IE_OT_TLS_CIPHER_AES_CBC = 3, + ROC_IE_OT_TLS_CIPHER_AES_GCM = 7, + ROC_IE_OT_TLS_CIPHER_AES_CCM = 10, +}; + +enum roc_ie_ot_tls_ver { + ROC_IE_OT_TLS_VERSION_TLS_12 = 1, + ROC_IE_OT_TLS_VERSION_DTLS_12 = 2, +}; + +enum roc_ie_ot_tls_aes_key_len { + ROC_IE_OT_TLS_AES_KEY_LEN_128 = 1, + ROC_IE_OT_TLS_AES_KEY_LEN_256 = 3, +}; + +enum { + ROC_IE_OT_TLS_IV_SRC_DEFAULT = 0, + ROC_IE_OT_TLS_IV_SRC_FROM_SA = 1, +}; + +struct roc_ie_ot_tls_read_ctx_update_reg { + uint64_t ar_base; + uint64_t ar_valid_mask; + uint64_t hard_life; + uint64_t soft_life; + uint64_t mib_octs; + uint64_t mib_pkts; + uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ]; +}; + +union roc_ie_ot_tls_param2 { + uint16_t u16; + struct { + uint8_t msg_type; + uint8_t rsvd; + } s; +}; + +struct roc_ie_ot_tls_read_sa { + /* Word0 */ + union { + struct { + uint64_t ar_win : 3; + uint64_t hard_life_dec : 1; + uint64_t soft_life_dec : 1; + uint64_t count_glb_octets : 1; + uint64_t count_glb_pkts : 1; + uint64_t count_mib_bytes : 1; + + uint64_t count_mib_pkts : 1; + uint64_t hw_ctx_off : 7; + + uint64_t ctx_id : 16; + + uint64_t orig_pkt_fabs : 1; + uint64_t orig_pkt_free : 1; + uint64_t pkind : 6; + + uint64_t rsvd0 : 1; + uint64_t et_ovrwr : 1; + uint64_t pkt_output : 2; + uint64_t pkt_format : 1; + uint64_t defrag_opt : 2; + uint64_t x2p_dst : 1; + + uint64_t ctx_push_size : 7; + uint64_t rsvd1 : 1; + + uint64_t ctx_hdr_size : 2; + uint64_t aop_valid : 1; + uint64_t rsvd2 : 1; + uint64_t ctx_size : 4; + } s; + uint64_t u64; + } w0; + + /* Word1 */ + uint64_t w1_rsvd3; + + /* Word2 */ + union { + struct { + uint64_t version_select : 4; + uint64_t aes_key_len : 2; + uint64_t cipher_select : 4; + uint64_t mac_select : 4; + uint64_t rsvd4 : 50; + } s; + uint64_t u64; + } w2; + + /* Word3 */ + uint64_t w3_rsvd5; + + /* Word4 - Word9 */ + uint8_t cipher_key[ROC_IE_OT_TLS_CTX_MAX_KEY_IV_LEN]; + + /* Word10 - Word25 */ + uint8_t opad_ipad[ROC_IE_OT_TLS_CTX_MAX_OPAD_IPAD_LEN]; + + /* Word26 - Word32 */ + struct roc_ie_ot_tls_read_ctx_update_reg ctx; +}; + +struct roc_ie_ot_tls_write_sa { + /* Word0 */ + union { + struct { + uint64_t rsvd0 : 3; + uint64_t hard_life_dec : 1; + uint64_t soft_life_dec : 1; + uint64_t count_glb_octets : 1; + uint64_t count_glb_pkts : 1; + uint64_t count_mib_bytes : 1; + + uint64_t count_mib_pkts : 1; + uint64_t hw_ctx_off : 7; + + uint64_t rsvd1 : 32; + + uint64_t ctx_push_size : 7; + uint64_t rsvd2 : 1; + + uint64_t ctx_hdr_size : 2; + uint64_t aop_valid : 1; + uint64_t rsvd3 : 1; + uint64_t ctx_size : 4; + } s; + uint64_t u64; + } w0; + + /* Word1 */ + uint64_t w1_rsvd4; + + /* Word2 */ + union { + struct { + uint64_t version_select : 4; + uint64_t aes_key_len : 2; + uint64_t cipher_select : 4; + uint64_t mac_select : 4; + uint64_t iv_at_cptr : 1; + uint64_t rsvd5 : 49; + } s; + uint64_t u64; + } w2; + + /* Word3 */ + uint64_t w3_rsvd6; + + /* Word4 - Word9 */ + uint8_t cipher_key[ROC_IE_OT_TLS_CTX_MAX_KEY_IV_LEN]; + + /* Word10 - Word25 */ + uint8_t opad_ipad[ROC_IE_OT_TLS_CTX_MAX_OPAD_IPAD_LEN]; + + /* Word26 */ + uint64_t w26_rsvd7; + + /* Word27 */ + uint64_t seq_num; +}; +#endif /* __ROC_IE_OT_TLS_H__ */ diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h index d8cbd58c9a..abb8c6a149 100644 --- a/drivers/common/cnxk/roc_se.h +++ b/drivers/common/cnxk/roc_se.h @@ -5,6 +5,8 @@ #ifndef __ROC_SE_H__ #define __ROC_SE_H__ +#include "roc_constants.h" + /* SE opcodes */ #define ROC_SE_MAJOR_OP_FC 0x33 #define ROC_SE_FC_MINOR_OP_ENCRYPT 0x0 @@ -162,6 +164,15 @@ typedef enum { ROC_SE_ERR_GC_ICV_MISCOMPARE = 0x4c, ROC_SE_ERR_GC_DATA_UNALIGNED = 0x4d, + ROC_SE_ERR_SSL_RECORD_LEN_INVALID = 0x82, + ROC_SE_ERR_SSL_CTX_LEN_INVALID = 0x83, + ROC_SE_ERR_SSL_CIPHER_UNSUPPORTED = 0x84, + ROC_SE_ERR_SSL_MAC_UNSUPPORTED = 0x85, + ROC_SE_ERR_SSL_VERSION_UNSUPPORTED = 0x86, + ROC_SE_ERR_SSL_MAC_MISMATCH = 0x89, + ROC_SE_ERR_SSL_PKT_REPLAY_SEQ_OUT_OF_WINDOW = 0xC1, + ROC_SE_ERR_SSL_PKT_REPLAY_SEQ = 0xC9, + /* API Layer */ ROC_SE_ERR_REQ_PENDING = 0xfe, ROC_SE_ERR_REQ_TIMEOUT = 0xff,