diff mbox series

[09/12] crypto/cnxk: update the context structure of tls

Message ID	20240314083844.3319506-10-vvelumuri@marvell.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Vidya Sagar Velumuri <vvelumuri@marvell.com> To: Nithin Dabilpuram <ndabilpuram@marvell.com>, Kiran Kumar K <kirankumark@marvell.com>, Sunil Kumar Kori <skori@marvell.com>, Satha Rao <skoteshwar@marvell.com>, Harman Kalra <hkalra@marvell.com>, Ankur Dwivedi <adwivedi@marvell.com>, Anoob Joseph <anoobj@marvell.com>, Tejasree Kondoj <ktejasree@marvell.com> CC: <gakhil@marvell.com>, <jerinj@marvell.com>, <vvelumuri@marvell.com>, <asasidharan@marvell.com>, <dev@dpdk.org> Subject: [PATCH 09/12] crypto/cnxk: update the context structure of tls Date: Thu, 14 Mar 2024 01:38:41 -0700 Message-ID: <20240314083844.3319506-10-vvelumuri@marvell.com> In-Reply-To: <20240314083844.3319506-1-vvelumuri@marvell.com> References: <20240314083844.3319506-1-vvelumuri@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	Add TLS features \| [00/12] Add TLS features [01/12] crypto/cnxk: multi seg support block ciphers in tls [02/12] crypto/cnxk: enable sha384 capability for tls [03/12] crypto/cnxk: add support for session update for TLS [04/12] crypto/cnxk: avoid branches in datapath [05/12] crypto/cnxk: move metadata to second cacheline [06/12] crypto/cnxk: handle the extra len reported by microcode [07/12] crypto/cnxk: add support for padding verification in TLS [08/12] crypto/cnxk: add support for oop processing in TLS [09/12] crypto/cnxk: update the context structure of tls [10/12] crypto/cnxk: use proper offset for context calculation [11/12] crypto/cnxk: enable chachapoly capability for tls [12/12] crypto/cnxk: remove the response len handling for tls

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Vidya Sagar Velumuri March 14, 2024, 8:38 a.m. UTC

  Keep the record context for TLS-1.3 in sync with microcode
structure.

Report error if optional padding is enabled for AEAD
case in both TLS-1.2 and DTLS-1.2.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h | 17 ++++++++++++-----
 drivers/crypto/cnxk/cn10k_tls.c     |  4 ++--
 2 files changed, 14 insertions(+), 7 deletions(-)

diff mbox series

Patch

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index b85d075e86..44850f7060 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -67,6 +67,16 @@  struct roc_ie_ot_tls_read_ctx_update_reg {
 	uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ];
 };
 
+struct roc_ie_ot_tls_1_3_read_ctx_update_reg {
+	uint64_t rsvd0;
+	uint64_t ar_valid_mask;
+	uint64_t hard_life;
+	uint64_t soft_life;
+	uint64_t mib_octs;
+	uint64_t mib_pkts;
+	uint64_t rsvd1;
+};
+
 union roc_ie_ot_tls_param2 {
 	uint16_t u16;
 	struct {
@@ -136,11 +146,8 @@  struct roc_ie_ot_tls_read_sa {
 
 	union {
 		struct {
-			/* Word10 */
-			uint64_t w10_rsvd6;
-
-			/* Word11 - Word25 */
-			struct roc_ie_ot_tls_read_ctx_update_reg ctx;
+			/* Word10 - Word16 */
+			struct roc_ie_ot_tls_1_3_read_ctx_update_reg ctx;
 		} tls_13;
 
 		struct {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index dea4e501f3..fbf45c464a 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -118,8 +118,8 @@  cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 
 	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		/* optional padding is not allowed in TLS-1.2 for AEAD */
-		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
-		    (tls_xform->options.extra_padding_enable == 1))
+		if ((tls_xform->options.extra_padding_enable == 1) &&
+		    (tls_xform->ver != RTE_SECURITY_VERSION_TLS_1_3))
 			return -EINVAL;
 
 		return tls_xform_aead_verify(tls_xform, crypto_xform);