Add TLS record read and write contexts.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
drivers/common/cnxk/roc_cpt.h | 4 +-
drivers/common/cnxk/roc_ie_ot_tls.h | 199 ++++++++++++++++++++++++++++
drivers/common/cnxk/roc_se.h | 11 ++
3 files changed, 211 insertions(+), 3 deletions(-)
create mode 100644 drivers/common/cnxk/roc_ie_ot_tls.h
@@ -55,6 +55,7 @@
#define ROC_CPT_AES_CBC_IV_LEN 16
#define ROC_CPT_SHA1_HMAC_LEN 12
#define ROC_CPT_SHA2_HMAC_LEN 16
+#define ROC_CPT_DES_IV_LEN 8
#define ROC_CPT_DES3_KEY_LEN 24
#define ROC_CPT_AES128_KEY_LEN 16
@@ -71,9 +72,6 @@
#define ROC_CPT_DES_BLOCK_LENGTH 8
#define ROC_CPT_AES_BLOCK_LENGTH 16
-#define ROC_CPT_AES_GCM_ROUNDUP_BYTE_LEN 4
-#define ROC_CPT_AES_CBC_ROUNDUP_BYTE_LEN 16
-
/* Salt length for AES-CTR/GCM/CCM and AES-GMAC */
#define ROC_CPT_SALT_LEN 4
new file mode 100644
@@ -0,0 +1,199 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2024 Marvell.
+ */
+
+#ifndef __ROC_IE_OT_TLS_H__
+#define __ROC_IE_OT_TLS_H__
+
+#include "roc_platform.h"
+
+#define ROC_IE_OT_TLS_CTX_ILEN 1
+#define ROC_IE_OT_TLS_CTX_HDR_SIZE 1
+#define ROC_IE_OT_TLS_AR_WIN_SIZE_MAX 4096
+#define ROC_IE_OT_TLS_LOG_MIN_AR_WIN_SIZE_M1 5
+
+/* u64 array size to fit anti replay window bits */
+#define ROC_IE_OT_TLS_AR_WINBITS_SZ \
+ (PLT_ALIGN_CEIL(ROC_IE_OT_TLS_AR_WIN_SIZE_MAX, BITS_PER_LONG_LONG) / BITS_PER_LONG_LONG)
+
+/* CN10K TLS opcodes */
+#define ROC_IE_OT_TLS_MAJOR_OP_RECORD_ENC 0x16UL
+#define ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC 0x17UL
+
+#define ROC_IE_OT_TLS_CTX_MAX_OPAD_IPAD_LEN 128
+#define ROC_IE_OT_TLS_CTX_MAX_KEY_IV_LEN 48
+#define ROC_IE_OT_TLS_CTX_MAX_IV_LEN 16
+
+enum roc_ie_ot_tls_mac_type {
+ ROC_IE_OT_TLS_MAC_MD5 = 1,
+ ROC_IE_OT_TLS_MAC_SHA1 = 2,
+ ROC_IE_OT_TLS_MAC_SHA2_256 = 4,
+ ROC_IE_OT_TLS_MAC_SHA2_384 = 5,
+ ROC_IE_OT_TLS_MAC_SHA2_512 = 6,
+};
+
+enum roc_ie_ot_tls_cipher_type {
+ ROC_IE_OT_TLS_CIPHER_3DES = 1,
+ ROC_IE_OT_TLS_CIPHER_AES_CBC = 3,
+ ROC_IE_OT_TLS_CIPHER_AES_GCM = 7,
+ ROC_IE_OT_TLS_CIPHER_AES_CCM = 10,
+};
+
+enum roc_ie_ot_tls_ver {
+ ROC_IE_OT_TLS_VERSION_TLS_12 = 1,
+ ROC_IE_OT_TLS_VERSION_DTLS_12 = 2,
+};
+
+enum roc_ie_ot_tls_aes_key_len {
+ ROC_IE_OT_TLS_AES_KEY_LEN_128 = 1,
+ ROC_IE_OT_TLS_AES_KEY_LEN_256 = 3,
+};
+
+enum {
+ ROC_IE_OT_TLS_IV_SRC_DEFAULT = 0,
+ ROC_IE_OT_TLS_IV_SRC_FROM_SA = 1,
+};
+
+struct roc_ie_ot_tls_read_ctx_update_reg {
+ uint64_t ar_base;
+ uint64_t ar_valid_mask;
+ uint64_t hard_life;
+ uint64_t soft_life;
+ uint64_t mib_octs;
+ uint64_t mib_pkts;
+ uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ];
+};
+
+union roc_ie_ot_tls_param2 {
+ uint16_t u16;
+ struct {
+ uint8_t msg_type;
+ uint8_t rsvd;
+ } s;
+};
+
+struct roc_ie_ot_tls_read_sa {
+ /* Word0 */
+ union {
+ struct {
+ uint64_t ar_win : 3;
+ uint64_t hard_life_dec : 1;
+ uint64_t soft_life_dec : 1;
+ uint64_t count_glb_octets : 1;
+ uint64_t count_glb_pkts : 1;
+ uint64_t count_mib_bytes : 1;
+
+ uint64_t count_mib_pkts : 1;
+ uint64_t hw_ctx_off : 7;
+
+ uint64_t ctx_id : 16;
+
+ uint64_t orig_pkt_fabs : 1;
+ uint64_t orig_pkt_free : 1;
+ uint64_t pkind : 6;
+
+ uint64_t rsvd0 : 1;
+ uint64_t et_ovrwr : 1;
+ uint64_t pkt_output : 2;
+ uint64_t pkt_format : 1;
+ uint64_t defrag_opt : 2;
+ uint64_t x2p_dst : 1;
+
+ uint64_t ctx_push_size : 7;
+ uint64_t rsvd1 : 1;
+
+ uint64_t ctx_hdr_size : 2;
+ uint64_t aop_valid : 1;
+ uint64_t rsvd2 : 1;
+ uint64_t ctx_size : 4;
+ } s;
+ uint64_t u64;
+ } w0;
+
+ /* Word1 */
+ uint64_t w1_rsvd3;
+
+ /* Word2 */
+ union {
+ struct {
+ uint64_t version_select : 4;
+ uint64_t aes_key_len : 2;
+ uint64_t cipher_select : 4;
+ uint64_t mac_select : 4;
+ uint64_t rsvd4 : 50;
+ } s;
+ uint64_t u64;
+ } w2;
+
+ /* Word3 */
+ uint64_t w3_rsvd5;
+
+ /* Word4 - Word9 */
+ uint8_t cipher_key[ROC_IE_OT_TLS_CTX_MAX_KEY_IV_LEN];
+
+ /* Word10 - Word25 */
+ uint8_t opad_ipad[ROC_IE_OT_TLS_CTX_MAX_OPAD_IPAD_LEN];
+
+ /* Word26 - Word32 */
+ struct roc_ie_ot_tls_read_ctx_update_reg ctx;
+};
+
+struct roc_ie_ot_tls_write_sa {
+ /* Word0 */
+ union {
+ struct {
+ uint64_t rsvd0 : 3;
+ uint64_t hard_life_dec : 1;
+ uint64_t soft_life_dec : 1;
+ uint64_t count_glb_octets : 1;
+ uint64_t count_glb_pkts : 1;
+ uint64_t count_mib_bytes : 1;
+
+ uint64_t count_mib_pkts : 1;
+ uint64_t hw_ctx_off : 7;
+
+ uint64_t rsvd1 : 32;
+
+ uint64_t ctx_push_size : 7;
+ uint64_t rsvd2 : 1;
+
+ uint64_t ctx_hdr_size : 2;
+ uint64_t aop_valid : 1;
+ uint64_t rsvd3 : 1;
+ uint64_t ctx_size : 4;
+ } s;
+ uint64_t u64;
+ } w0;
+
+ /* Word1 */
+ uint64_t w1_rsvd4;
+
+ /* Word2 */
+ union {
+ struct {
+ uint64_t version_select : 4;
+ uint64_t aes_key_len : 2;
+ uint64_t cipher_select : 4;
+ uint64_t mac_select : 4;
+ uint64_t iv_at_cptr : 1;
+ uint64_t rsvd5 : 49;
+ } s;
+ uint64_t u64;
+ } w2;
+
+ /* Word3 */
+ uint64_t w3_rsvd6;
+
+ /* Word4 - Word9 */
+ uint8_t cipher_key[ROC_IE_OT_TLS_CTX_MAX_KEY_IV_LEN];
+
+ /* Word10 - Word25 */
+ uint8_t opad_ipad[ROC_IE_OT_TLS_CTX_MAX_OPAD_IPAD_LEN];
+
+ /* Word26 */
+ uint64_t w26_rsvd7;
+
+ /* Word27 */
+ uint64_t seq_num;
+};
+#endif /* __ROC_IE_OT_TLS_H__ */
@@ -5,6 +5,8 @@
#ifndef __ROC_SE_H__
#define __ROC_SE_H__
+#include "roc_constants.h"
+
/* SE opcodes */
#define ROC_SE_MAJOR_OP_FC 0x33
#define ROC_SE_FC_MINOR_OP_ENCRYPT 0x0
@@ -162,6 +164,15 @@ typedef enum {
ROC_SE_ERR_GC_ICV_MISCOMPARE = 0x4c,
ROC_SE_ERR_GC_DATA_UNALIGNED = 0x4d,
+ ROC_SE_ERR_SSL_RECORD_LEN_INVALID = 0x82,
+ ROC_SE_ERR_SSL_CTX_LEN_INVALID = 0x83,
+ ROC_SE_ERR_SSL_CIPHER_UNSUPPORTED = 0x84,
+ ROC_SE_ERR_SSL_MAC_UNSUPPORTED = 0x85,
+ ROC_SE_ERR_SSL_VERSION_UNSUPPORTED = 0x86,
+ ROC_SE_ERR_SSL_MAC_MISMATCH = 0x89,
+ ROC_SE_ERR_SSL_PKT_REPLAY_SEQ_OUT_OF_WINDOW = 0xC1,
+ ROC_SE_ERR_SSL_PKT_REPLAY_SEQ = 0xC9,
+
/* API Layer */
ROC_SE_ERR_REQ_PENDING = 0xfe,
ROC_SE_ERR_REQ_TIMEOUT = 0xff,