From patchwork Mon Sep 30 11:52:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60158 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 1F4D937AF; Mon, 30 Sep 2019 14:08:04 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 5DE25324D for ; Mon, 30 Sep 2019 14:07:52 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 1E6711A082E; Mon, 30 Sep 2019 14:07:52 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id B77981A0095; Mon, 30 Sep 2019 14:07:49 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 2167A40296; Mon, 30 Sep 2019 20:07:45 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:18 +0530 Message-Id: <20190930115237.5073-2-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 01/20] drivers/crypto: support PDCP 12-bit c-plane processing X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg Added support for 12-bit c-plane. We implement it using 'u-plane for RN' protocol descriptors. This is because 'c-plane' protocol descriptors assume 5-bit sequence numbers. Since the crypto processing remains same irrespective of c-plane or u-plane, we choose 'u-plane for RN' protocol descriptors to implement 12-bit c-plane. 'U-plane for RN' protocol descriptors support both confidentiality and integrity (required for c-plane) for 7/12/15 bit sequence numbers. For little endian platforms, incorrect IV is generated if MOVE command is used in pdcp non-proto descriptors. This is because MOVE command treats data as word. We changed MOVE to MOVEB since we require data to be treated as byte array. The change works on both ls1046, ls2088. Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/Makefile | 1 + drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 7 +- drivers/crypto/dpaa2_sec/hw/desc.h | 3 +- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 176 ++++++++++++++---- .../crypto/dpaa2_sec/hw/rta/protocol_cmd.h | 6 +- drivers/crypto/dpaa_sec/dpaa_sec.c | 7 +- 6 files changed, 159 insertions(+), 41 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/Makefile b/drivers/crypto/dpaa2_sec/Makefile index 9c6657e52..6c882571d 100644 --- a/drivers/crypto/dpaa2_sec/Makefile +++ b/drivers/crypto/dpaa2_sec/Makefile @@ -13,6 +13,7 @@ LIB = librte_pmd_dpaa2_sec.a CFLAGS += -DALLOW_EXPERIMENTAL_API CFLAGS += -O3 CFLAGS += $(WERROR_FLAGS) +CFLAGS += -Wno-enum-conversion ifeq ($(CONFIG_RTE_TOOLCHAIN_GCC),y) ifeq ($(shell test $(GCC_VERSION) -gt 70 && echo 1), 1) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index f162eeed2..75cd2c0b5 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2695,9 +2695,10 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, /* Auth is only applicable for control mode operation. */ if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { - if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5) { + if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5 && + pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_12) { DPAA2_SEC_ERR( - "PDCP Seq Num size should be 5 bits for cmode"); + "PDCP Seq Num size should be 5/12 bits for cmode"); goto out; } if (auth_xform) { @@ -2748,6 +2749,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, bufsize = cnstr_shdsc_pdcp_c_plane_encap( priv->flc_desc[0].desc, 1, swap, pdcp_xform->hfn, + pdcp_xform->sn_size, pdcp_xform->bearer, pdcp_xform->pkt_dir, pdcp_xform->hfn_threshold, @@ -2757,6 +2759,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, bufsize = cnstr_shdsc_pdcp_c_plane_decap( priv->flc_desc[0].desc, 1, swap, pdcp_xform->hfn, + pdcp_xform->sn_size, pdcp_xform->bearer, pdcp_xform->pkt_dir, pdcp_xform->hfn_threshold, diff --git a/drivers/crypto/dpaa2_sec/hw/desc.h b/drivers/crypto/dpaa2_sec/hw/desc.h index 5d99dd8af..e12c3db2f 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc.h +++ b/drivers/crypto/dpaa2_sec/hw/desc.h @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP + * Copyright 2016, 2019 NXP * */ @@ -621,6 +621,7 @@ #define OP_PCLID_LTE_PDCP_USER (0x42 << OP_PCLID_SHIFT) #define OP_PCLID_LTE_PDCP_CTRL (0x43 << OP_PCLID_SHIFT) #define OP_PCLID_LTE_PDCP_CTRL_MIXED (0x44 << OP_PCLID_SHIFT) +#define OP_PCLID_LTE_PDCP_USER_RN (0x45 << OP_PCLID_SHIFT) /* * ProtocolInfo selectors diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index fee844100..607c587e2 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -253,6 +253,7 @@ pdcp_insert_cplane_null_op(struct program *p, struct alginfo *cipherdata __maybe_unused, struct alginfo *authdata __maybe_unused, unsigned int dir, + enum pdcp_sn_size sn_size __maybe_unused, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { LABEL(local_offset); @@ -413,8 +414,18 @@ pdcp_insert_cplane_int_only_op(struct program *p, bool swap __maybe_unused, struct alginfo *cipherdata __maybe_unused, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size == PDCP_SN_SIZE_12) { + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_USER_RN, + (uint16_t)authdata->algtype); + return 0; + } + LABEL(local_offset); REFERENCE(move_cmd_read_descbuf); REFERENCE(move_cmd_write_descbuf); @@ -720,6 +731,7 @@ pdcp_insert_cplane_enc_only_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata __maybe_unused, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { /* Insert Cipher Key */ @@ -727,8 +739,12 @@ pdcp_insert_cplane_enc_only_op(struct program *p, cipherdata->keylen, INLINE_KEY(cipherdata)); if (rta_sec_era >= RTA_SEC_ERA_8) { - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, - (uint16_t)cipherdata->algtype << 8); + if (sn_size == PDCP_SN_SIZE_5) + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + (uint16_t)cipherdata->algtype << 8); + else + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_USER_RN, + (uint16_t)cipherdata->algtype << 8); return 0; } @@ -742,12 +758,12 @@ pdcp_insert_cplane_enc_only_op(struct program *p, IFB | IMMED2); SEQSTORE(p, MATH0, 7, 1, 0); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); switch (cipherdata->algtype) { case PDCP_CIPHER_TYPE_SNOW: - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, WAITCOMP | IMMED); if (rta_sec_era > RTA_SEC_ERA_2) { MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); @@ -771,7 +787,7 @@ pdcp_insert_cplane_enc_only_op(struct program *p, break; case PDCP_CIPHER_TYPE_AES: - MOVE(p, MATH2, 0, CONTEXT1, 0x10, 0x10, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0x10, 0x10, WAITCOMP | IMMED); if (rta_sec_era > RTA_SEC_ERA_2) { MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); @@ -802,8 +818,8 @@ pdcp_insert_cplane_enc_only_op(struct program *p, return -ENOTSUP; } - MOVE(p, MATH2, 0, CONTEXT1, 0, 0x08, IMMED); - MOVE(p, MATH2, 0, CONTEXT1, 0x08, 0x08, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 0x08, IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0x08, 0x08, WAITCOMP | IMMED); MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) MATHB(p, SEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, @@ -848,6 +864,7 @@ pdcp_insert_cplane_acc_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_hfn_ovrd __maybe_unused) { /* Insert Auth Key */ @@ -857,7 +874,14 @@ pdcp_insert_cplane_acc_op(struct program *p, /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL, (uint16_t)cipherdata->algtype); + + if (sn_size == PDCP_SN_SIZE_5) + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL, + (uint16_t)cipherdata->algtype); + else + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_USER_RN, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); return 0; } @@ -868,6 +892,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd) { LABEL(back_to_sd_offset); @@ -887,9 +912,14 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, - ((uint16_t)cipherdata->algtype << 8) | - (uint16_t)authdata->algtype); + if (sn_size == PDCP_SN_SIZE_5) + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); + else + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_USER_RN, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); return 0; } @@ -1174,6 +1204,7 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, @@ -1182,7 +1213,14 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, INLINE_KEY(authdata)); if (rta_sec_era >= RTA_SEC_ERA_8) { - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + int pclid; + + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, ((uint16_t)cipherdata->algtype << 8) | (uint16_t)authdata->algtype); @@ -1281,6 +1319,7 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { LABEL(keyjump); @@ -1300,7 +1339,14 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, SET_LABEL(p, keyjump); if (rta_sec_era >= RTA_SEC_ERA_8) { - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + int pclid; + + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, ((uint16_t)cipherdata->algtype << 8) | (uint16_t)authdata->algtype); return 0; @@ -1376,6 +1422,7 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { LABEL(keyjump); @@ -1393,7 +1440,14 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, INLINE_KEY(authdata)); if (rta_sec_era >= RTA_SEC_ERA_8) { - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + int pclid; + + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, ((uint16_t)cipherdata->algtype << 8) | (uint16_t)authdata->algtype); @@ -1474,6 +1528,7 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { LABEL(keyjump); @@ -1491,7 +1546,14 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, INLINE_KEY(authdata)); if (rta_sec_era >= RTA_SEC_ERA_8) { - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + int pclid; + + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, ((uint16_t)cipherdata->algtype << 8) | (uint16_t)authdata->algtype); @@ -1594,6 +1656,7 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, struct alginfo *cipherdata, struct alginfo *authdata, unsigned int dir, + enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { if (rta_sec_era < RTA_SEC_ERA_5) { @@ -1602,12 +1665,19 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, } if (rta_sec_era >= RTA_SEC_ERA_8) { + int pclid; + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, ((uint16_t)cipherdata->algtype << 8) | (uint16_t)authdata->algtype); return 0; @@ -1754,7 +1824,7 @@ pdcp_insert_uplane_15bit_op(struct program *p, IFB | IMMED2); SEQSTORE(p, MATH0, 6, 2, 0); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); MATHB(p, SEQINSZ, SUB, MATH3, VSEQINSZ, 4, 0); @@ -1765,7 +1835,7 @@ pdcp_insert_uplane_15bit_op(struct program *p, op = dir == OP_TYPE_ENCAP_PROTOCOL ? DIR_ENC : DIR_DEC; switch (cipherdata->algtype) { case PDCP_CIPHER_TYPE_SNOW: - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, WAITCOMP | IMMED); ALG_OPERATION(p, OP_ALG_ALGSEL_SNOW_F8, OP_ALG_AAI_F8, OP_ALG_AS_INITFINAL, @@ -1774,7 +1844,7 @@ pdcp_insert_uplane_15bit_op(struct program *p, break; case PDCP_CIPHER_TYPE_AES: - MOVE(p, MATH2, 0, CONTEXT1, 0x10, 0x10, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0x10, 0x10, WAITCOMP | IMMED); ALG_OPERATION(p, OP_ALG_ALGSEL_AES, OP_ALG_AAI_CTR, OP_ALG_AS_INITFINAL, @@ -1787,8 +1857,8 @@ pdcp_insert_uplane_15bit_op(struct program *p, pr_err("Invalid era for selected algorithm\n"); return -ENOTSUP; } - MOVE(p, MATH2, 0, CONTEXT1, 0, 0x08, IMMED); - MOVE(p, MATH2, 0, CONTEXT1, 0x08, 0x08, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 0x08, IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0x08, 0x08, WAITCOMP | IMMED); ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCE, OP_ALG_AAI_F8, @@ -1885,6 +1955,7 @@ insert_hfn_ov_op(struct program *p, static inline enum pdb_type_e cnstr_pdcp_c_plane_pdb(struct program *p, uint32_t hfn, + enum pdcp_sn_size sn_size, unsigned char bearer, unsigned char direction, uint32_t hfn_threshold, @@ -1923,18 +1994,36 @@ cnstr_pdcp_c_plane_pdb(struct program *p, if (rta_sec_era >= RTA_SEC_ERA_8) { memset(&pdb, 0x00, sizeof(struct pdcp_pdb)); - /* This is a HW issue. Bit 2 should be set to zero, - * but it does not work this way. Override here. + /* To support 12-bit seq numbers, we use u-plane opt in pdb. + * SEC supports 5-bit only with c-plane opt in pdb. */ - pdb.opt_res.rsvd = 0x00000002; + if (sn_size == PDCP_SN_SIZE_12) { + pdb.hfn_res = hfn << PDCP_U_PLANE_PDB_LONG_SN_HFN_SHIFT; + pdb.bearer_dir_res = (uint32_t) + ((bearer << PDCP_U_PLANE_PDB_BEARER_SHIFT) | + (direction << PDCP_U_PLANE_PDB_DIR_SHIFT)); - /* Copy relevant information from user to PDB */ - pdb.hfn_res = hfn << PDCP_C_PLANE_PDB_HFN_SHIFT; - pdb.bearer_dir_res = (uint32_t) + pdb.hfn_thr_res = + hfn_threshold << PDCP_U_PLANE_PDB_LONG_SN_HFN_THR_SHIFT; + + } else { + /* This means 5-bit c-plane. + * Here we use c-plane opt in pdb + */ + + /* This is a HW issue. Bit 2 should be set to zero, + * but it does not work this way. Override here. + */ + pdb.opt_res.rsvd = 0x00000002; + + /* Copy relevant information from user to PDB */ + pdb.hfn_res = hfn << PDCP_C_PLANE_PDB_HFN_SHIFT; + pdb.bearer_dir_res = (uint32_t) ((bearer << PDCP_C_PLANE_PDB_BEARER_SHIFT) | - (direction << PDCP_C_PLANE_PDB_DIR_SHIFT)); - pdb.hfn_thr_res = - hfn_threshold << PDCP_C_PLANE_PDB_HFN_THR_SHIFT; + (direction << PDCP_C_PLANE_PDB_DIR_SHIFT)); + pdb.hfn_thr_res = + hfn_threshold << PDCP_C_PLANE_PDB_HFN_THR_SHIFT; + } /* copy PDB in descriptor*/ __rta_out32(p, pdb.opt_res.opt); @@ -2053,6 +2142,7 @@ cnstr_pdcp_u_plane_pdb(struct program *p, * @swap: must be true when core endianness doesn't match SEC endianness * @hfn: starting Hyper Frame Number to be used together with the SN from the * PDCP frames. + * @sn_size: size of sequence numbers, only 5/12 bit sequence numbers are valid * @bearer: radio bearer ID * @direction: the direction of the PDCP frame (UL/DL) * @hfn_threshold: HFN value that once reached triggers a warning from SEC that @@ -2077,6 +2167,7 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, bool ps, bool swap, uint32_t hfn, + enum pdcp_sn_size sn_size, unsigned char bearer, unsigned char direction, uint32_t hfn_threshold, @@ -2087,7 +2178,7 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, static int (*pdcp_cp_fp[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID]) (struct program*, bool swap, struct alginfo *, - struct alginfo *, unsigned int, + struct alginfo *, unsigned int, enum pdcp_sn_size, unsigned char __maybe_unused) = { { /* NULL */ pdcp_insert_cplane_null_op, /* NULL */ @@ -2152,6 +2243,11 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, return -EINVAL; } + if (sn_size != PDCP_SN_SIZE_12 && sn_size != PDCP_SN_SIZE_5) { + pr_err("C-plane supports only 5-bit and 12-bit sequence numbers\n"); + return -EINVAL; + } + PROGRAM_CNTXT_INIT(p, descbuf, 0); if (swap) PROGRAM_SET_BSWAP(p); @@ -2162,6 +2258,7 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, pdb_type = cnstr_pdcp_c_plane_pdb(p, hfn, + sn_size, bearer, direction, hfn_threshold, @@ -2170,7 +2267,7 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, SET_LABEL(p, pdb_end); - err = insert_hfn_ov_op(p, PDCP_SN_SIZE_5, pdb_type, + err = insert_hfn_ov_op(p, sn_size, pdb_type, era_2_sw_hfn_ovrd); if (err) return err; @@ -2180,6 +2277,7 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, cipherdata, authdata, OP_TYPE_ENCAP_PROTOCOL, + sn_size, era_2_sw_hfn_ovrd); if (err) return err; @@ -2197,6 +2295,7 @@ cnstr_shdsc_pdcp_c_plane_encap(uint32_t *descbuf, * @swap: must be true when core endianness doesn't match SEC endianness * @hfn: starting Hyper Frame Number to be used together with the SN from the * PDCP frames. + * @sn_size: size of sequence numbers, only 5/12 bit sequence numbers are valid * @bearer: radio bearer ID * @direction: the direction of the PDCP frame (UL/DL) * @hfn_threshold: HFN value that once reached triggers a warning from SEC that @@ -2222,6 +2321,7 @@ cnstr_shdsc_pdcp_c_plane_decap(uint32_t *descbuf, bool ps, bool swap, uint32_t hfn, + enum pdcp_sn_size sn_size, unsigned char bearer, unsigned char direction, uint32_t hfn_threshold, @@ -2232,7 +2332,8 @@ cnstr_shdsc_pdcp_c_plane_decap(uint32_t *descbuf, static int (*pdcp_cp_fp[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID]) (struct program*, bool swap, struct alginfo *, - struct alginfo *, unsigned int, unsigned char) = { + struct alginfo *, unsigned int, enum pdcp_sn_size, + unsigned char) = { { /* NULL */ pdcp_insert_cplane_null_op, /* NULL */ pdcp_insert_cplane_int_only_op, /* SNOW f9 */ @@ -2296,6 +2397,11 @@ cnstr_shdsc_pdcp_c_plane_decap(uint32_t *descbuf, return -EINVAL; } + if (sn_size != PDCP_SN_SIZE_12 && sn_size != PDCP_SN_SIZE_5) { + pr_err("C-plane supports only 5-bit and 12-bit sequence numbers\n"); + return -EINVAL; + } + PROGRAM_CNTXT_INIT(p, descbuf, 0); if (swap) PROGRAM_SET_BSWAP(p); @@ -2306,6 +2412,7 @@ cnstr_shdsc_pdcp_c_plane_decap(uint32_t *descbuf, pdb_type = cnstr_pdcp_c_plane_pdb(p, hfn, + sn_size, bearer, direction, hfn_threshold, @@ -2314,7 +2421,7 @@ cnstr_shdsc_pdcp_c_plane_decap(uint32_t *descbuf, SET_LABEL(p, pdb_end); - err = insert_hfn_ov_op(p, PDCP_SN_SIZE_5, pdb_type, + err = insert_hfn_ov_op(p, sn_size, pdb_type, era_2_sw_hfn_ovrd); if (err) return err; @@ -2324,6 +2431,7 @@ cnstr_shdsc_pdcp_c_plane_decap(uint32_t *descbuf, cipherdata, authdata, OP_TYPE_DECAP_PROTOCOL, + sn_size, era_2_sw_hfn_ovrd); if (err) return err; diff --git a/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h index cf8dfb910..82581edf5 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP + * Copyright 2016, 2019 NXP * */ @@ -596,13 +596,15 @@ static const struct proto_map proto_table[] = { /*38*/ {OP_TYPE_DECAP_PROTOCOL, OP_PCLID_LTE_PDCP_CTRL_MIXED, __rta_lte_pdcp_mixed_proto}, {OP_TYPE_DECAP_PROTOCOL, OP_PCLID_IPSEC_NEW, __rta_ipsec_proto}, +/*40*/ {OP_TYPE_DECAP_PROTOCOL, OP_PCLID_LTE_PDCP_USER_RN, + __rta_lte_pdcp_mixed_proto}, }; /* * Allowed OPERATION protocols for each SEC Era. * Values represent the number of entries from proto_table[] that are supported. */ -static const unsigned int proto_table_sz[] = {21, 29, 29, 29, 29, 35, 37, 39}; +static const unsigned int proto_table_sz[] = {21, 29, 29, 29, 29, 35, 37, 40}; static inline int rta_proto_operation(struct program *program, uint32_t optype, diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index b3ac70633..1532eebc5 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -471,6 +471,7 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) shared_desc_len = cnstr_shdsc_pdcp_c_plane_encap( cdb->sh_desc, 1, swap, ses->pdcp.hfn, + ses->pdcp.sn_size, ses->pdcp.bearer, ses->pdcp.pkt_dir, ses->pdcp.hfn_threshold, @@ -480,6 +481,7 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) shared_desc_len = cnstr_shdsc_pdcp_c_plane_decap( cdb->sh_desc, 1, swap, ses->pdcp.hfn, + ses->pdcp.sn_size, ses->pdcp.bearer, ses->pdcp.pkt_dir, ses->pdcp.hfn_threshold, @@ -2399,9 +2401,10 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev, /* Auth is only applicable for control mode operation. */ if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { - if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5) { + if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5 && + pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_12) { DPAA_SEC_ERR( - "PDCP Seq Num size should be 5 bits for cmode"); + "PDCP Seq Num size should be 5/12 bits for cmode"); goto out; } if (auth_xform) { From patchwork Mon Sep 30 11:52:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60159 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 1D7A54C77; Mon, 30 Sep 2019 14:08:06 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id E703A34F3 for ; Mon, 30 Sep 2019 14:07:53 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 4375F2009A3; Mon, 30 Sep 2019 14:07:53 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id DD376200025; Mon, 30 Sep 2019 14:07:50 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 6C4E7402C1; Mon, 30 Sep 2019 20:07:47 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:19 +0530 Message-Id: <20190930115237.5073-3-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 02/20] drivers/crypto: support PDCP u-plane with integrity X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg PDCP u-plane may optionally support integrity as well. This patch add support for supporting integrity along with confidentiality. Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 67 +++++------ drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 75 ++++++++++--- drivers/crypto/dpaa_sec/dpaa_sec.c | 116 +++++++++----------- 3 files changed, 144 insertions(+), 114 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 75cd2c0b5..d1fbd7a78 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2591,6 +2591,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, struct ctxt_priv *priv; struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private; struct alginfo authdata, cipherdata; + struct alginfo *p_authdata = NULL; int bufsize = -1; struct sec_flow_context *flc; #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN @@ -2693,39 +2694,32 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, goto out; } - /* Auth is only applicable for control mode operation. */ - if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { - if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5 && - pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_12) { - DPAA2_SEC_ERR( - "PDCP Seq Num size should be 5/12 bits for cmode"); - goto out; - } - if (auth_xform) { - session->auth_key.data = rte_zmalloc(NULL, - auth_xform->key.length, - RTE_CACHE_LINE_SIZE); - if (session->auth_key.data == NULL && - auth_xform->key.length > 0) { - DPAA2_SEC_ERR("No Memory for auth key"); - rte_free(session->cipher_key.data); - rte_free(priv); - return -ENOMEM; - } - session->auth_key.length = auth_xform->key.length; - memcpy(session->auth_key.data, auth_xform->key.data, - auth_xform->key.length); - session->auth_alg = auth_xform->algo; - } else { - session->auth_key.data = NULL; - session->auth_key.length = 0; - session->auth_alg = RTE_CRYPTO_AUTH_NULL; + if (auth_xform) { + session->auth_key.data = rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (!session->auth_key.data && + auth_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + rte_free(priv); + return -ENOMEM; } - authdata.key = (size_t)session->auth_key.data; - authdata.keylen = session->auth_key.length; - authdata.key_enc_flags = 0; - authdata.key_type = RTA_DATA_IMM; + session->auth_key.length = auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg = auth_xform->algo; + } else { + session->auth_key.data = NULL; + session->auth_key.length = 0; + session->auth_alg = 0; + } + authdata.key = (size_t)session->auth_key.data; + authdata.keylen = session->auth_key.length; + authdata.key_enc_flags = 0; + authdata.key_type = RTA_DATA_IMM; + if (session->auth_alg) { switch (session->auth_alg) { case RTE_CRYPTO_AUTH_SNOW3G_UIA2: authdata.algtype = PDCP_AUTH_TYPE_SNOW; @@ -2745,6 +2739,13 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, goto out; } + p_authdata = &authdata; + } else if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { + DPAA2_SEC_ERR("Crypto: Integrity must for c-plane"); + goto out; + } + + if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (session->dir == DIR_ENC) bufsize = cnstr_shdsc_pdcp_c_plane_encap( priv->flc_desc[0].desc, 1, swap, @@ -2774,7 +2775,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, pdcp_xform->bearer, pdcp_xform->pkt_dir, pdcp_xform->hfn_threshold, - &cipherdata, 0); + &cipherdata, p_authdata, 0); else if (session->dir == DIR_DEC) bufsize = cnstr_shdsc_pdcp_u_plane_decap( priv->flc_desc[0].desc, 1, swap, @@ -2783,7 +2784,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, pdcp_xform->bearer, pdcp_xform->pkt_dir, pdcp_xform->hfn_threshold, - &cipherdata, 0); + &cipherdata, p_authdata, 0); } if (bufsize < 0) { diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index 607c587e2..a636640c4 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -1801,9 +1801,16 @@ static inline int pdcp_insert_uplane_15bit_op(struct program *p, bool swap __maybe_unused, struct alginfo *cipherdata, + struct alginfo *authdata, unsigned int dir) { int op; + + /* Insert auth key if requested */ + if (authdata && authdata->algtype) + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); @@ -2478,6 +2485,7 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, unsigned short direction, uint32_t hfn_threshold, struct alginfo *cipherdata, + struct alginfo *authdata, unsigned char era_2_sw_hfn_ovrd) { struct program prg; @@ -2490,6 +2498,11 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, return -EINVAL; } + if (authdata && !authdata->algtype && rta_sec_era < RTA_SEC_ERA_8) { + pr_err("Cannot use u-plane auth with era < 8"); + return -EINVAL; + } + PROGRAM_CNTXT_INIT(p, descbuf, 0); if (swap) PROGRAM_SET_BSWAP(p); @@ -2509,6 +2522,13 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, if (err) return err; + /* Insert auth key if requested */ + if (authdata && authdata->algtype) { + KEY(p, KEY2, authdata->key_enc_flags, + (uint64_t)authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + } + switch (sn_size) { case PDCP_SN_SIZE_7: case PDCP_SN_SIZE_12: @@ -2518,20 +2538,24 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, pr_err("Invalid era for selected algorithm\n"); return -ENOTSUP; } + /* fallthrough */ case PDCP_CIPHER_TYPE_AES: case PDCP_CIPHER_TYPE_SNOW: + case PDCP_CIPHER_TYPE_NULL: /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, (uint64_t)cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - PROTOCOL(p, OP_TYPE_ENCAP_PROTOCOL, - OP_PCLID_LTE_PDCP_USER, - (uint16_t)cipherdata->algtype); - break; - case PDCP_CIPHER_TYPE_NULL: - insert_copy_frame_op(p, - cipherdata, - OP_TYPE_ENCAP_PROTOCOL); + + if (authdata) + PROTOCOL(p, OP_TYPE_ENCAP_PROTOCOL, + OP_PCLID_LTE_PDCP_USER_RN, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); + else + PROTOCOL(p, OP_TYPE_ENCAP_PROTOCOL, + OP_PCLID_LTE_PDCP_USER, + (uint16_t)cipherdata->algtype); break; default: pr_err("%s: Invalid encrypt algorithm selected: %d\n", @@ -2551,7 +2575,7 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, default: err = pdcp_insert_uplane_15bit_op(p, swap, cipherdata, - OP_TYPE_ENCAP_PROTOCOL); + authdata, OP_TYPE_ENCAP_PROTOCOL); if (err) return err; break; @@ -2605,6 +2629,7 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, unsigned short direction, uint32_t hfn_threshold, struct alginfo *cipherdata, + struct alginfo *authdata, unsigned char era_2_sw_hfn_ovrd) { struct program prg; @@ -2617,6 +2642,11 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, return -EINVAL; } + if (authdata && !authdata->algtype && rta_sec_era < RTA_SEC_ERA_8) { + pr_err("Cannot use u-plane auth with era < 8"); + return -EINVAL; + } + PROGRAM_CNTXT_INIT(p, descbuf, 0); if (swap) PROGRAM_SET_BSWAP(p); @@ -2636,6 +2666,12 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, if (err) return err; + /* Insert auth key if requested */ + if (authdata && authdata->algtype) + KEY(p, KEY2, authdata->key_enc_flags, + (uint64_t)authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + switch (sn_size) { case PDCP_SN_SIZE_7: case PDCP_SN_SIZE_12: @@ -2645,20 +2681,23 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, pr_err("Invalid era for selected algorithm\n"); return -ENOTSUP; } + /* fallthrough */ case PDCP_CIPHER_TYPE_AES: case PDCP_CIPHER_TYPE_SNOW: + case PDCP_CIPHER_TYPE_NULL: /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - PROTOCOL(p, OP_TYPE_DECAP_PROTOCOL, - OP_PCLID_LTE_PDCP_USER, - (uint16_t)cipherdata->algtype); - break; - case PDCP_CIPHER_TYPE_NULL: - insert_copy_frame_op(p, - cipherdata, - OP_TYPE_DECAP_PROTOCOL); + if (authdata) + PROTOCOL(p, OP_TYPE_DECAP_PROTOCOL, + OP_PCLID_LTE_PDCP_USER_RN, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); + else + PROTOCOL(p, OP_TYPE_DECAP_PROTOCOL, + OP_PCLID_LTE_PDCP_USER, + (uint16_t)cipherdata->algtype); break; default: pr_err("%s: Invalid encrypt algorithm selected: %d\n", @@ -2678,7 +2717,7 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, default: err = pdcp_insert_uplane_15bit_op(p, swap, cipherdata, - OP_TYPE_DECAP_PROTOCOL); + authdata, OP_TYPE_DECAP_PROTOCOL); if (err) return err; break; diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index 1532eebc5..c3fbcc11d 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -384,6 +384,7 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) { struct alginfo authdata = {0}, cipherdata = {0}; struct sec_cdb *cdb = &ses->cdb; + struct alginfo *p_authdata = NULL; int32_t shared_desc_len = 0; int err; #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN @@ -416,7 +417,11 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) cipherdata.key_enc_flags = 0; cipherdata.key_type = RTA_DATA_IMM; - if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) { + cdb->sh_desc[0] = cipherdata.keylen; + cdb->sh_desc[1] = 0; + cdb->sh_desc[2] = 0; + + if (ses->auth_alg) { switch (ses->auth_alg) { case RTE_CRYPTO_AUTH_SNOW3G_UIA2: authdata.algtype = PDCP_AUTH_TYPE_SNOW; @@ -441,32 +446,36 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) authdata.key_enc_flags = 0; authdata.key_type = RTA_DATA_IMM; - cdb->sh_desc[0] = cipherdata.keylen; + p_authdata = &authdata; + cdb->sh_desc[1] = authdata.keylen; - err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, - (unsigned int *)cdb->sh_desc, - &cdb->sh_desc[2], 2); + } - if (err < 0) { - DPAA_SEC_ERR("Crypto: Incorrect key lengths"); - return err; - } - if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { - cipherdata.key = (size_t)dpaa_mem_vtop( - (void *)(size_t)cipherdata.key); - cipherdata.key_type = RTA_DATA_PTR; - } - if (!(cdb->sh_desc[2] & (1<<1)) && authdata.keylen) { - authdata.key = (size_t)dpaa_mem_vtop( - (void *)(size_t)authdata.key); - authdata.key_type = RTA_DATA_PTR; - } + err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, + MIN_JOB_DESC_SIZE, + (unsigned int *)cdb->sh_desc, + &cdb->sh_desc[2], 2); + if (err < 0) { + DPAA_SEC_ERR("Crypto: Incorrect key lengths"); + return err; + } - cdb->sh_desc[0] = 0; - cdb->sh_desc[1] = 0; - cdb->sh_desc[2] = 0; + if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + cipherdata.key = + (size_t)dpaa_mem_vtop((void *)(size_t)cipherdata.key); + cipherdata.key_type = RTA_DATA_PTR; + } + if (!(cdb->sh_desc[2] & (1 << 1)) && authdata.keylen) { + authdata.key = + (size_t)dpaa_mem_vtop((void *)(size_t)authdata.key); + authdata.key_type = RTA_DATA_PTR; + } + cdb->sh_desc[0] = 0; + cdb->sh_desc[1] = 0; + cdb->sh_desc[2] = 0; + + if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (ses->dir == DIR_ENC) shared_desc_len = cnstr_shdsc_pdcp_c_plane_encap( cdb->sh_desc, 1, swap, @@ -488,25 +497,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) &cipherdata, &authdata, 0); } else { - cdb->sh_desc[0] = cipherdata.keylen; - err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, - (unsigned int *)cdb->sh_desc, - &cdb->sh_desc[2], 1); - - if (err < 0) { - DPAA_SEC_ERR("Crypto: Incorrect key lengths"); - return err; - } - if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { - cipherdata.key = (size_t)dpaa_mem_vtop( - (void *)(size_t)cipherdata.key); - cipherdata.key_type = RTA_DATA_PTR; - } - cdb->sh_desc[0] = 0; - cdb->sh_desc[1] = 0; - cdb->sh_desc[2] = 0; - if (ses->dir == DIR_ENC) shared_desc_len = cnstr_shdsc_pdcp_u_plane_encap( cdb->sh_desc, 1, swap, @@ -515,7 +505,7 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) ses->pdcp.bearer, ses->pdcp.pkt_dir, ses->pdcp.hfn_threshold, - &cipherdata, 0); + &cipherdata, p_authdata, 0); else if (ses->dir == DIR_DEC) shared_desc_len = cnstr_shdsc_pdcp_u_plane_decap( cdb->sh_desc, 1, swap, @@ -524,7 +514,7 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) ses->pdcp.bearer, ses->pdcp.pkt_dir, ses->pdcp.hfn_threshold, - &cipherdata, 0); + &cipherdata, p_authdata, 0); } return shared_desc_len; @@ -2399,7 +2389,6 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev, session->dir = DIR_ENC; } - /* Auth is only applicable for control mode operation. */ if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_5 && pdcp_xform->sn_size != RTE_SECURITY_PDCP_SN_SIZE_12) { @@ -2407,25 +2396,26 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev, "PDCP Seq Num size should be 5/12 bits for cmode"); goto out; } - if (auth_xform) { - session->auth_key.data = rte_zmalloc(NULL, - auth_xform->key.length, - RTE_CACHE_LINE_SIZE); - if (session->auth_key.data == NULL && - auth_xform->key.length > 0) { - DPAA_SEC_ERR("No Memory for auth key"); - rte_free(session->cipher_key.data); - return -ENOMEM; - } - session->auth_key.length = auth_xform->key.length; - memcpy(session->auth_key.data, auth_xform->key.data, - auth_xform->key.length); - session->auth_alg = auth_xform->algo; - } else { - session->auth_key.data = NULL; - session->auth_key.length = 0; - session->auth_alg = RTE_CRYPTO_AUTH_NULL; + } + + if (auth_xform) { + session->auth_key.data = rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (!session->auth_key.data && + auth_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + return -ENOMEM; } + session->auth_key.length = auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg = auth_xform->algo; + } else { + session->auth_key.data = NULL; + session->auth_key.length = 0; + session->auth_alg = 0; } session->pdcp.domain = pdcp_xform->domain; session->pdcp.bearer = pdcp_xform->bearer; From patchwork Mon Sep 30 11:52:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60160 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9BC3E4C9D; Mon, 30 Sep 2019 14:08:07 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 5F3DE378E for ; Mon, 30 Sep 2019 14:07:54 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 3912E1A0095; Mon, 30 Sep 2019 14:07:54 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 100F01A0288; Mon, 30 Sep 2019 14:07:52 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 91AC5402C7; Mon, 30 Sep 2019 20:07:48 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Akhil Goyal Date: Mon, 30 Sep 2019 17:22:20 +0530 Message-Id: <20190930115237.5073-4-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 03/20] security: add hfn override option in PDCP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" HFN can be given as a per packet value also. As we do not have IV in case of PDCP, and HFN is used to generate IV. IV field can be used to get the per packet HFN while enq/deq If hfn_ovrd field in pdcp_xform is set, application is expected to set the per packet HFN in place of IV. Driver will extract the HFN and perform operations accordingly. Signed-off-by: Akhil Goyal Acked-by: Konstantin Ananyev --- lib/librte_security/rte_security.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h index 2d064f4d0..aaafdfcd7 100644 --- a/lib/librte_security/rte_security.h +++ b/lib/librte_security/rte_security.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright 2017 NXP. + * Copyright 2017,2019 NXP * Copyright(c) 2017 Intel Corporation. */ @@ -278,6 +278,15 @@ struct rte_security_pdcp_xform { uint32_t hfn; /** HFN Threshold for key renegotiation */ uint32_t hfn_threshold; + /** HFN can be given as a per packet value also. + * As we do not have IV in case of PDCP, and HFN is + * used to generate IV. IV field can be used to get the + * per packet HFN while enq/deq. + * If hfn_ovrd field is set, user is expected to set the + * per packet HFN in place of IV. PMDs will extract the HFN + * and perform operations accordingly. + */ + uint32_t hfn_ovrd; }; /** From patchwork Mon Sep 30 11:52:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60161 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 344D258C4; Mon, 30 Sep 2019 14:08:09 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id D6E3A34F3 for ; Mon, 30 Sep 2019 14:07:55 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 8EE16200794; Mon, 30 Sep 2019 14:07:55 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 3578C20049F; Mon, 30 Sep 2019 14:07:53 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id B809540313; Mon, 30 Sep 2019 20:07:49 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Akhil Goyal Date: Mon, 30 Sep 2019 17:22:21 +0530 Message-Id: <20190930115237.5073-5-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 04/20] drivers/crypto: support hfn override for NXP PMDs X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Per packet HFN override is supported in NXP PMDs (dpaa2_sec and dpaa_sec). DPOVRD register can be updated with the per packet value if it is enabled in session configuration. The value is read from the IV offset. Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 18 ++++++++++-------- drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 4 +++- drivers/crypto/dpaa_sec/dpaa_sec.c | 19 ++++++++++++++++--- drivers/crypto/dpaa_sec/dpaa_sec.h | 4 +++- 4 files changed, 32 insertions(+), 13 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index d1fbd7a78..d080235f5 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -125,14 +125,16 @@ build_proto_compound_fd(dpaa2_sec_session *sess, DPAA2_SET_FD_LEN(fd, ip_fle->length); DPAA2_SET_FLE_FIN(ip_fle); -#ifdef ENABLE_HFN_OVERRIDE + /* In case of PDCP, per packet HFN is stored in + * mbuf priv after sym_op. + */ if (sess->ctxt_type == DPAA2_SEC_PDCP && sess->pdcp.hfn_ovd) { + uint32_t hfn_ovd = *((uint8_t *)op + sess->pdcp.hfn_ovd_offset); /*enable HFN override override */ - DPAA2_SET_FLE_INTERNAL_JD(ip_fle, sess->pdcp.hfn_ovd); - DPAA2_SET_FLE_INTERNAL_JD(op_fle, sess->pdcp.hfn_ovd); - DPAA2_SET_FD_INTERNAL_JD(fd, sess->pdcp.hfn_ovd); + DPAA2_SET_FLE_INTERNAL_JD(ip_fle, hfn_ovd); + DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd); + DPAA2_SET_FD_INTERNAL_JD(fd, hfn_ovd); } -#endif return 0; @@ -2664,11 +2666,11 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, session->pdcp.bearer = pdcp_xform->bearer; session->pdcp.pkt_dir = pdcp_xform->pkt_dir; session->pdcp.sn_size = pdcp_xform->sn_size; -#ifdef ENABLE_HFN_OVERRIDE - session->pdcp.hfn_ovd = pdcp_xform->hfn_ovd; -#endif session->pdcp.hfn = pdcp_xform->hfn; session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold; + session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd; + /* hfv ovd offset location is stored in iv.offset value*/ + session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset; cipherdata.key = (size_t)session->cipher_key.data; cipherdata.keylen = session->cipher_key.length; diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h index a05deaebd..679fd006b 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h @@ -147,9 +147,11 @@ struct dpaa2_pdcp_ctxt { int8_t bearer; /*!< PDCP bearer ID */ int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ + uint8_t sn_size; /*!< Sequence number size, 5/7/12/15/18 */ + uint32_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which + per packet hfn is stored */ uint32_t hfn; /*!< Hyper Frame Number */ uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ - uint8_t sn_size; /*!< Sequence number size, 7/12/15 */ }; typedef struct dpaa2_sec_session_entry { diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index c3fbcc11d..3fc4a606f 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -1764,6 +1764,20 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, if (auth_only_len) fd->cmd = 0x80000000 | auth_only_len; + /* In case of PDCP, per packet HFN is stored in + * mbuf priv after sym_op. + */ + if (is_proto_pdcp(ses) && ses->pdcp.hfn_ovd) { + fd->cmd = 0x80000000 | + *((uint32_t *)((uint8_t *)op + + ses->pdcp.hfn_ovd_offset)); + DPAA_SEC_DP_DEBUG("Per packet HFN: %x, ovd:%u,%u\n", + *((uint32_t *)((uint8_t *)op + + ses->pdcp.hfn_ovd_offset)), + ses->pdcp.hfn_ovd, + is_proto_pdcp(ses)); + } + } send_pkts: loop = 0; @@ -2421,11 +2435,10 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev, session->pdcp.bearer = pdcp_xform->bearer; session->pdcp.pkt_dir = pdcp_xform->pkt_dir; session->pdcp.sn_size = pdcp_xform->sn_size; -#ifdef ENABLE_HFN_OVERRIDE - session->pdcp.hfn_ovd = pdcp_xform->hfn_ovd; -#endif session->pdcp.hfn = pdcp_xform->hfn; session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold; + session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd; + session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset; session->ctx_pool = dev_priv->ctx_pool; rte_spinlock_lock(&dev_priv->lock); diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h index 08e7d66e5..e148a04df 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.h +++ b/drivers/crypto/dpaa_sec/dpaa_sec.h @@ -103,9 +103,11 @@ struct sec_pdcp_ctxt { int8_t bearer; /*!< PDCP bearer ID */ int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ + uint8_t sn_size; /*!< Sequence number size, 5/7/12/15/18 */ + uint32_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which + per packet hfn is stored */ uint32_t hfn; /*!< Hyper Frame Number */ uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ - uint8_t sn_size; /*!< Sequence number size, 7/12/15 */ }; typedef struct dpaa_sec_session_entry { From patchwork Mon Sep 30 11:52:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60162 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D35317CBC; Mon, 30 Sep 2019 14:08:10 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 37B2B34F3 for ; Mon, 30 Sep 2019 14:07:57 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 163352007B8; Mon, 30 Sep 2019 14:07:57 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 7E1972001E7; Mon, 30 Sep 2019 14:07:54 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id DBEF7402B7; Mon, 30 Sep 2019 20:07:50 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Akhil Goyal Date: Mon, 30 Sep 2019 17:22:22 +0530 Message-Id: <20190930115237.5073-6-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 05/20] crypto/dpaa2_sec: update desc for pdcp 18bit enc-auth X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Support following cases int-only (NULL-NULL, NULL-SNOW, NULL-AES, NULL-ZUC) enc-only (SNOW-NULL, AES-NULL, ZUC-NULL) Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 532 +++++++++++++++++++----- 1 file changed, 420 insertions(+), 112 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index a636640c4..9a73105ac 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -1,5 +1,6 @@ /* SPDX-License-Identifier: BSD-3-Clause or GPL-2.0+ * Copyright 2008-2013 Freescale Semiconductor, Inc. + * Copyright 2019 NXP */ #ifndef __DESC_PDCP_H__ @@ -52,6 +53,14 @@ #define PDCP_U_PLANE_15BIT_SN_MASK 0xFF7F0000 #define PDCP_U_PLANE_15BIT_SN_MASK_BE 0x00007FFF +/** + * PDCP_U_PLANE_18BIT_SN_MASK - This mask is used in the PDCP descriptors for + * extracting the sequence number (SN) from the + * PDCP User Plane header. + */ +#define PDCP_U_PLANE_18BIT_SN_MASK 0xFFFF0300 +#define PDCP_U_PLANE_18BIT_SN_MASK_BE 0x0003FFFF + /** * PDCP_BEARER_MASK - This mask is used masking out the bearer for PDCP * processing with SNOW f9 in LTE. @@ -192,7 +201,8 @@ enum pdcp_sn_size { PDCP_SN_SIZE_5 = 5, PDCP_SN_SIZE_7 = 7, PDCP_SN_SIZE_12 = 12, - PDCP_SN_SIZE_15 = 15 + PDCP_SN_SIZE_15 = 15, + PDCP_SN_SIZE_18 = 18 }; /* @@ -205,14 +215,17 @@ enum pdcp_sn_size { #define PDCP_U_PLANE_PDB_OPT_SHORT_SN 0x2 #define PDCP_U_PLANE_PDB_OPT_15B_SN 0x4 +#define PDCP_U_PLANE_PDB_OPT_18B_SN 0x6 #define PDCP_U_PLANE_PDB_SHORT_SN_HFN_SHIFT 7 #define PDCP_U_PLANE_PDB_LONG_SN_HFN_SHIFT 12 #define PDCP_U_PLANE_PDB_15BIT_SN_HFN_SHIFT 15 +#define PDCP_U_PLANE_PDB_18BIT_SN_HFN_SHIFT 18 #define PDCP_U_PLANE_PDB_BEARER_SHIFT 27 #define PDCP_U_PLANE_PDB_DIR_SHIFT 26 #define PDCP_U_PLANE_PDB_SHORT_SN_HFN_THR_SHIFT 7 #define PDCP_U_PLANE_PDB_LONG_SN_HFN_THR_SHIFT 12 #define PDCP_U_PLANE_PDB_15BIT_SN_HFN_THR_SHIFT 15 +#define PDCP_U_PLANE_PDB_18BIT_SN_HFN_THR_SHIFT 18 struct pdcp_pdb { union { @@ -417,6 +430,9 @@ pdcp_insert_cplane_int_only_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd) { + uint32_t offset = 0, length = 0, sn_mask = 0; + + /* 12 bit SN is only supported for protocol offload case */ if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size == PDCP_SN_SIZE_12) { KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); @@ -426,6 +442,27 @@ pdcp_insert_cplane_int_only_op(struct program *p, return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + + } LABEL(local_offset); REFERENCE(move_cmd_read_descbuf); REFERENCE(move_cmd_write_descbuf); @@ -435,20 +472,20 @@ pdcp_insert_cplane_int_only_op(struct program *p, /* Insert Auth Key */ KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); if (rta_sec_era > RTA_SEC_ERA_2 || (rta_sec_era == RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd == 0)) { - SEQINPTR(p, 0, 1, RTO); + SEQINPTR(p, 0, length, RTO); } else { SEQINPTR(p, 0, 5, RTO); SEQFIFOLOAD(p, SKIP, 4, 0); } if (swap == false) { - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); @@ -461,7 +498,7 @@ pdcp_insert_cplane_int_only_op(struct program *p, MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); MOVEB(p, MATH2, 0, CONTEXT2, 0, 0x0C, WAITCOMP | IMMED); } else { - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK_BE, MATH1, 8, + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); @@ -553,19 +590,19 @@ pdcp_insert_cplane_int_only_op(struct program *p, /* Insert Auth Key */ KEY(p, KEY1, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); if (rta_sec_era > RTA_SEC_ERA_2 || (rta_sec_era == RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd == 0)) { - SEQINPTR(p, 0, 1, RTO); + SEQINPTR(p, 0, length, RTO); } else { SEQINPTR(p, 0, 5, RTO); SEQFIFOLOAD(p, SKIP, 4, 0); } if (swap == false) { - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); @@ -573,7 +610,7 @@ pdcp_insert_cplane_int_only_op(struct program *p, MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); MOVEB(p, MATH2, 0, IFIFOAB1, 0, 8, IMMED); } else { - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK_BE, MATH1, 8, + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); @@ -665,11 +702,11 @@ pdcp_insert_cplane_int_only_op(struct program *p, /* Insert Auth Key */ KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - SEQINPTR(p, 0, 1, RTO); + SEQINPTR(p, 0, length, RTO); if (swap == false) { - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); @@ -678,7 +715,7 @@ pdcp_insert_cplane_int_only_op(struct program *p, MOVEB(p, MATH2, 0, CONTEXT2, 0, 8, IMMED); } else { - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK_BE, MATH1, 8, + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); @@ -734,11 +771,12 @@ pdcp_insert_cplane_enc_only_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { + uint32_t offset = 0, length = 0, sn_mask = 0; /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { if (sn_size == PDCP_SN_SIZE_5) PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, (uint16_t)cipherdata->algtype << 8); @@ -747,16 +785,32 @@ pdcp_insert_cplane_enc_only_op(struct program *p, (uint16_t)cipherdata->algtype << 8); return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; - SEQLOAD(p, MATH0, 7, 1, 0); + } + + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK_BE, MATH1, 8, - IFB | IMMED2); - SEQSTORE(p, MATH0, 7, 1, 0); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); + SEQSTORE(p, MATH0, offset, length, 0); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVEB(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); @@ -895,6 +949,8 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd) { + uint32_t offset = 0, length = 0, sn_mask = 0; + LABEL(back_to_sd_offset); LABEL(end_desc); LABEL(local_offset); @@ -906,7 +962,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, REFERENCE(jump_back_to_sd_cmd); REFERENCE(move_mac_i_to_desc_buf); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); KEY(p, KEY2, authdata->key_enc_flags, authdata->key, @@ -923,19 +979,35 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + + } - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK_BE, MATH1, 8, - IFB | IMMED2); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVE(p, DESCBUF, 4, MATH2, 0, 0x08, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); - SEQSTORE(p, MATH0, 7, 1, 0); + SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { if (rta_sec_era > RTA_SEC_ERA_2 || (rta_sec_era == RTA_SEC_ERA_2 && @@ -1207,12 +1279,14 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { + uint32_t offset = 0, length = 0, sn_mask = 0; + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1226,21 +1300,37 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + + } if (dir == OP_TYPE_ENCAP_PROTOCOL) MATHB(p, SEQINSZ, SUB, ONE, VSEQINSZ, 4, 0); - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK_BE, MATH1, 8, - IFB | IMMED2); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); - SEQSTORE(p, MATH0, 7, 1, 0); + SEQSTORE(p, MATH0, offset, length, 0); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH1, 8, 0); @@ -1322,6 +1412,8 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { + uint32_t offset = 0, length = 0, sn_mask = 0; + LABEL(keyjump); REFERENCE(pkeyjump); @@ -1338,7 +1430,7 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, SET_LABEL(p, keyjump); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1351,16 +1443,32 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, (uint16_t)authdata->algtype); return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + + } - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); @@ -1374,7 +1482,7 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, MATHB(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); - SEQSTORE(p, MATH0, 7, 1, 0); + SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { SEQFIFOSTORE(p, MSG, 0, 0, VLF); @@ -1425,6 +1533,7 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { + uint32_t offset = 0, length = 0, sn_mask = 0; LABEL(keyjump); REFERENCE(pkeyjump); @@ -1439,7 +1548,7 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1453,17 +1562,33 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + + } SET_LABEL(p, keyjump); - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); @@ -1477,7 +1602,7 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, MATHB(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); - SEQSTORE(p, MATH0, 7, 1, 0); + SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { SEQFIFOSTORE(p, MSG, 0, 0, VLF); @@ -1531,6 +1656,7 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { + uint32_t offset = 0, length = 0, sn_mask = 0; LABEL(keyjump); REFERENCE(pkeyjump); @@ -1545,7 +1671,7 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1559,17 +1685,32 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + } SET_LABEL(p, keyjump); - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); @@ -1599,7 +1740,7 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, MATHB(p, VSEQOUTSZ, SUB, ZERO, VSEQINSZ, 4, 0); } - SEQSTORE(p, MATH0, 7, 1, 0); + SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { SEQFIFOSTORE(p, MSG, 0, 0, VLF); @@ -1659,12 +1800,13 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, enum pdcp_sn_size sn_size, unsigned char era_2_sw_hfn_ovrd __maybe_unused) { + uint32_t offset = 0, length = 0, sn_mask = 0; if (rta_sec_era < RTA_SEC_ERA_5) { pr_err("Invalid era for selected algorithm\n"); return -ENOTSUP; } - if (rta_sec_era >= RTA_SEC_ERA_8) { + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { int pclid; KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, @@ -1682,20 +1824,35 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, (uint16_t)authdata->algtype); return 0; } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + } - SEQLOAD(p, MATH0, 7, 1, 0); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_C_PLANE_SN_MASK, MATH1, 8, - IFB | IMMED2); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVE(p, DESCBUF, 4, MATH2, 0, 0x08, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); - SEQSTORE(p, MATH0, 7, 1, 0); + SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { KEY(p, KEY1, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); @@ -1798,38 +1955,43 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, } static inline int -pdcp_insert_uplane_15bit_op(struct program *p, +pdcp_insert_uplane_no_int_op(struct program *p, bool swap __maybe_unused, struct alginfo *cipherdata, - struct alginfo *authdata, - unsigned int dir) + unsigned int dir, + enum pdcp_sn_size sn_size) { int op; - - /* Insert auth key if requested */ - if (authdata && authdata->algtype) - KEY(p, KEY2, authdata->key_enc_flags, authdata->key, - authdata->keylen, INLINE_KEY(authdata)); + uint32_t sn_mask; /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - if (rta_sec_era >= RTA_SEC_ERA_8) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size == PDCP_SN_SIZE_15) || + (rta_sec_era >= RTA_SEC_ERA_10)) { PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_USER, (uint16_t)cipherdata->algtype); return 0; } - SEQLOAD(p, MATH0, 6, 2, 0); + if (sn_size == PDCP_SN_SIZE_15) { + SEQLOAD(p, MATH0, 6, 2, 0); + sn_mask = (swap == false) ? PDCP_U_PLANE_15BIT_SN_MASK : + PDCP_U_PLANE_15BIT_SN_MASK_BE; + } else { /* SN Size == PDCP_SN_SIZE_18 */ + SEQLOAD(p, MATH0, 5, 3, 0); + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + } JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - if (swap == false) - MATHB(p, MATH0, AND, PDCP_U_PLANE_15BIT_SN_MASK, MATH1, 8, - IFB | IMMED2); - else - MATHB(p, MATH0, AND, PDCP_U_PLANE_15BIT_SN_MASK_BE, MATH1, 8, - IFB | IMMED2); - SEQSTORE(p, MATH0, 6, 2, 0); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); + + if (sn_size == PDCP_SN_SIZE_15) + SEQSTORE(p, MATH0, 6, 2, 0); + else /* SN Size == PDCP_SN_SIZE_18 */ + SEQSTORE(p, MATH0, 5, 3, 0); + MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); MOVEB(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); @@ -2124,6 +2286,13 @@ cnstr_pdcp_u_plane_pdb(struct program *p, hfn_threshold<algtype][authdata->algtype](p, + swap, + cipherdata, + authdata, + dir, + sn_size, + era_2_sw_hfn_ovrd); + if (err) + return err; + + return 0; +} + + /** * cnstr_shdsc_pdcp_u_plane_encap - Function for creating a PDCP User Plane * encapsulation descriptor. @@ -2491,6 +2715,33 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, struct program prg; struct program *p = &prg; int err; + static enum rta_share_type + desc_share[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID] = { + { /* NULL */ + SHR_WAIT, /* NULL */ + SHR_ALWAYS, /* SNOW f9 */ + SHR_ALWAYS, /* AES CMAC */ + SHR_ALWAYS /* ZUC-I */ + }, + { /* SNOW f8 */ + SHR_ALWAYS, /* NULL */ + SHR_ALWAYS, /* SNOW f9 */ + SHR_WAIT, /* AES CMAC */ + SHR_WAIT /* ZUC-I */ + }, + { /* AES CTR */ + SHR_ALWAYS, /* NULL */ + SHR_ALWAYS, /* SNOW f9 */ + SHR_ALWAYS, /* AES CMAC */ + SHR_WAIT /* ZUC-I */ + }, + { /* ZUC-E */ + SHR_ALWAYS, /* NULL */ + SHR_WAIT, /* SNOW f9 */ + SHR_WAIT, /* AES CMAC */ + SHR_ALWAYS /* ZUC-I */ + }, + }; LABEL(pdb_end); if (rta_sec_era != RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd) { @@ -2509,7 +2760,10 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, if (ps) PROGRAM_SET_36BIT_ADDR(p); - SHR_HDR(p, SHR_ALWAYS, 0, 0); + if (authdata) + SHR_HDR(p, desc_share[cipherdata->algtype][authdata->algtype], 0, 0); + else + SHR_HDR(p, SHR_ALWAYS, 0, 0); if (cnstr_pdcp_u_plane_pdb(p, sn_size, hfn, bearer, direction, hfn_threshold)) { pr_err("Error creating PDCP UPlane PDB\n"); @@ -2522,13 +2776,6 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, if (err) return err; - /* Insert auth key if requested */ - if (authdata && authdata->algtype) { - KEY(p, KEY2, authdata->key_enc_flags, - (uint64_t)authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - } - switch (sn_size) { case PDCP_SN_SIZE_7: case PDCP_SN_SIZE_12: @@ -2542,6 +2789,12 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, case PDCP_CIPHER_TYPE_AES: case PDCP_CIPHER_TYPE_SNOW: case PDCP_CIPHER_TYPE_NULL: + /* Insert auth key if requested */ + if (authdata && authdata->algtype) { + KEY(p, KEY2, authdata->key_enc_flags, + (uint64_t)authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + } /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, (uint64_t)cipherdata->key, cipherdata->keylen, @@ -2566,6 +2819,18 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, break; case PDCP_SN_SIZE_15: + case PDCP_SN_SIZE_18: + if (authdata) { + err = pdcp_insert_uplane_with_int_op(p, swap, + cipherdata, authdata, + sn_size, era_2_sw_hfn_ovrd, + OP_TYPE_ENCAP_PROTOCOL); + if (err) + return err; + + break; + } + switch (cipherdata->algtype) { case PDCP_CIPHER_TYPE_NULL: insert_copy_frame_op(p, @@ -2574,8 +2839,8 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, break; default: - err = pdcp_insert_uplane_15bit_op(p, swap, cipherdata, - authdata, OP_TYPE_ENCAP_PROTOCOL); + err = pdcp_insert_uplane_no_int_op(p, swap, cipherdata, + OP_TYPE_ENCAP_PROTOCOL, sn_size); if (err) return err; break; @@ -2635,6 +2900,34 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, struct program prg; struct program *p = &prg; int err; + static enum rta_share_type + desc_share[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID] = { + { /* NULL */ + SHR_WAIT, /* NULL */ + SHR_ALWAYS, /* SNOW f9 */ + SHR_ALWAYS, /* AES CMAC */ + SHR_ALWAYS /* ZUC-I */ + }, + { /* SNOW f8 */ + SHR_ALWAYS, /* NULL */ + SHR_ALWAYS, /* SNOW f9 */ + SHR_WAIT, /* AES CMAC */ + SHR_WAIT /* ZUC-I */ + }, + { /* AES CTR */ + SHR_ALWAYS, /* NULL */ + SHR_ALWAYS, /* SNOW f9 */ + SHR_ALWAYS, /* AES CMAC */ + SHR_WAIT /* ZUC-I */ + }, + { /* ZUC-E */ + SHR_ALWAYS, /* NULL */ + SHR_WAIT, /* SNOW f9 */ + SHR_WAIT, /* AES CMAC */ + SHR_ALWAYS /* ZUC-I */ + }, + }; + LABEL(pdb_end); if (rta_sec_era != RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd) { @@ -2652,8 +2945,11 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, PROGRAM_SET_BSWAP(p); if (ps) PROGRAM_SET_36BIT_ADDR(p); + if (authdata) + SHR_HDR(p, desc_share[cipherdata->algtype][authdata->algtype], 0, 0); + else + SHR_HDR(p, SHR_ALWAYS, 0, 0); - SHR_HDR(p, SHR_ALWAYS, 0, 0); if (cnstr_pdcp_u_plane_pdb(p, sn_size, hfn, bearer, direction, hfn_threshold)) { pr_err("Error creating PDCP UPlane PDB\n"); @@ -2666,12 +2962,6 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, if (err) return err; - /* Insert auth key if requested */ - if (authdata && authdata->algtype) - KEY(p, KEY2, authdata->key_enc_flags, - (uint64_t)authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - switch (sn_size) { case PDCP_SN_SIZE_7: case PDCP_SN_SIZE_12: @@ -2685,6 +2975,12 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, case PDCP_CIPHER_TYPE_AES: case PDCP_CIPHER_TYPE_SNOW: case PDCP_CIPHER_TYPE_NULL: + /* Insert auth key if requested */ + if (authdata && authdata->algtype) + KEY(p, KEY2, authdata->key_enc_flags, + (uint64_t)authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, @@ -2708,6 +3004,18 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, break; case PDCP_SN_SIZE_15: + case PDCP_SN_SIZE_18: + if (authdata) { + err = pdcp_insert_uplane_with_int_op(p, swap, + cipherdata, authdata, + sn_size, era_2_sw_hfn_ovrd, + OP_TYPE_DECAP_PROTOCOL); + if (err) + return err; + + break; + } + switch (cipherdata->algtype) { case PDCP_CIPHER_TYPE_NULL: insert_copy_frame_op(p, @@ -2716,8 +3024,8 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, break; default: - err = pdcp_insert_uplane_15bit_op(p, swap, cipherdata, - authdata, OP_TYPE_DECAP_PROTOCOL); + err = pdcp_insert_uplane_no_int_op(p, swap, cipherdata, + OP_TYPE_DECAP_PROTOCOL, sn_size); if (err) return err; break; From patchwork Mon Sep 30 11:52:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60163 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id C8F9C1B203; Mon, 30 Sep 2019 14:08:12 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id AD6F937AF for ; Mon, 30 Sep 2019 14:07:58 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 899A01A0095; Mon, 30 Sep 2019 14:07:58 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id F3A1A1A048C; Mon, 30 Sep 2019 14:07:55 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 83B1940296; Mon, 30 Sep 2019 20:07:52 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Hemant Agrawal Date: Mon, 30 Sep 2019 17:22:23 +0530 Message-Id: <20190930115237.5073-7-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 06/20] crypto/dpaa2_sec: support CAAM HW era 10 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Hemant Agrawal Adding minimal support for CAAM HW era 10 (used in LX2) Primary changes are: 1. increased shard desc length form 6 bit to 7 bits 2. support for several PDCP operations as PROTOCOL offload. Signed-off-by: Hemant Agrawal Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 5 ++++ drivers/crypto/dpaa2_sec/hw/desc.h | 5 ++++ drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 21 ++++++++++----- .../dpaa2_sec/hw/rta/fifo_load_store_cmd.h | 9 ++++--- drivers/crypto/dpaa2_sec/hw/rta/header_cmd.h | 21 ++++++++++++--- drivers/crypto/dpaa2_sec/hw/rta/jump_cmd.h | 3 +-- drivers/crypto/dpaa2_sec/hw/rta/key_cmd.h | 5 ++-- drivers/crypto/dpaa2_sec/hw/rta/load_cmd.h | 10 ++++--- drivers/crypto/dpaa2_sec/hw/rta/math_cmd.h | 12 +++++---- drivers/crypto/dpaa2_sec/hw/rta/move_cmd.h | 8 +++--- drivers/crypto/dpaa2_sec/hw/rta/nfifo_cmd.h | 10 +++---- .../crypto/dpaa2_sec/hw/rta/operation_cmd.h | 6 ++--- .../crypto/dpaa2_sec/hw/rta/protocol_cmd.h | 9 +++++-- .../dpaa2_sec/hw/rta/sec_run_time_asm.h | 27 +++++++++++++------ .../dpaa2_sec/hw/rta/seq_in_out_ptr_cmd.h | 7 +++-- drivers/crypto/dpaa2_sec/hw/rta/store_cmd.h | 6 ++--- 16 files changed, 110 insertions(+), 54 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index d080235f5..fb0314adb 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -3450,6 +3450,11 @@ cryptodev_dpaa2_sec_probe(struct rte_dpaa2_driver *dpaa2_drv __rte_unused, /* init user callbacks */ TAILQ_INIT(&(cryptodev->link_intr_cbs)); + if (dpaa2_svr_family == SVR_LX2160A) + rta_set_sec_era(RTA_SEC_ERA_10); + + DPAA2_SEC_INFO("2-SEC ERA is %d", rta_get_sec_era()); + /* Invoke PMD device initialization function */ retval = dpaa2_sec_dev_init(cryptodev); if (retval == 0) diff --git a/drivers/crypto/dpaa2_sec/hw/desc.h b/drivers/crypto/dpaa2_sec/hw/desc.h index e12c3db2f..667da971b 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc.h +++ b/drivers/crypto/dpaa2_sec/hw/desc.h @@ -18,6 +18,8 @@ #include "hw/compat.h" #endif +extern enum rta_sec_era rta_sec_era; + /* Max size of any SEC descriptor in 32-bit words, inclusive of header */ #define MAX_CAAM_DESCSIZE 64 @@ -113,9 +115,12 @@ /* Start Index or SharedDesc Length */ #define HDR_START_IDX_SHIFT 16 #define HDR_START_IDX_MASK (0x3f << HDR_START_IDX_SHIFT) +#define HDR_START_IDX_MASK_ERA10 (0x7f << HDR_START_IDX_SHIFT) /* If shared descriptor header, 6-bit length */ #define HDR_DESCLEN_SHR_MASK 0x3f +/* If shared descriptor header, 7-bit length era10 onwards*/ +#define HDR_DESCLEN_SHR_MASK_ERA10 0x7f /* If non-shared header, 7-bit length */ #define HDR_DESCLEN_MASK 0x7f diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index 9a73105ac..4bf1d69f9 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -776,7 +776,8 @@ pdcp_insert_cplane_enc_only_op(struct program *p, KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { if (sn_size == PDCP_SN_SIZE_5) PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, (uint16_t)cipherdata->algtype << 8); @@ -962,7 +963,8 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, REFERENCE(jump_back_to_sd_cmd); REFERENCE(move_mac_i_to_desc_buf); - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); KEY(p, KEY2, authdata->key_enc_flags, authdata->key, @@ -1286,7 +1288,8 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1430,7 +1433,8 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, SET_LABEL(p, keyjump); - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1548,7 +1552,8 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1671,7 +1676,8 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; if (sn_size == PDCP_SN_SIZE_5) @@ -1806,7 +1812,8 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, return -ENOTSUP; } - if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || + (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/fifo_load_store_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/fifo_load_store_cmd.h index 8c807aaa2..287e09cd7 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/fifo_load_store_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/fifo_load_store_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_FIFO_LOAD_STORE_CMD_H__ @@ -42,7 +41,8 @@ static const uint32_t fifo_load_table[][2] = { * supported. */ static const unsigned int fifo_load_table_sz[] = {22, 22, 23, 23, - 23, 23, 23, 23}; + 23, 23, 23, 23, + 23, 23}; static inline int rta_fifo_load(struct program *program, uint32_t src, @@ -201,7 +201,8 @@ static const uint32_t fifo_store_table[][2] = { * supported. */ static const unsigned int fifo_store_table_sz[] = {21, 21, 21, 21, - 22, 22, 22, 23}; + 22, 22, 22, 23, + 23, 23}; static inline int rta_fifo_store(struct program *program, uint32_t src, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/header_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/header_cmd.h index 0c7ea9387..45aefa04c 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/header_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/header_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_HEADER_CMD_H__ @@ -19,6 +18,8 @@ static const uint32_t job_header_flags[] = { DNR | TD | MTD | SHR | REO | RSMS | EXT, DNR | TD | MTD | SHR | REO | RSMS | EXT, DNR | TD | MTD | SHR | REO | RSMS | EXT, + DNR | TD | MTD | SHR | REO | EXT, + DNR | TD | MTD | SHR | REO | EXT, DNR | TD | MTD | SHR | REO | EXT }; @@ -31,6 +32,8 @@ static const uint32_t shr_header_flags[] = { DNR | SC | PD | CIF | RIF, DNR | SC | PD | CIF | RIF, DNR | SC | PD | CIF | RIF, + DNR | SC | PD | CIF | RIF, + DNR | SC | PD | CIF | RIF, DNR | SC | PD | CIF | RIF }; @@ -72,7 +75,12 @@ rta_shr_header(struct program *program, } opcode |= HDR_ONE; - opcode |= (start_idx << HDR_START_IDX_SHIFT) & HDR_START_IDX_MASK; + if (rta_sec_era >= RTA_SEC_ERA_10) + opcode |= (start_idx << HDR_START_IDX_SHIFT) & + HDR_START_IDX_MASK_ERA10; + else + opcode |= (start_idx << HDR_START_IDX_SHIFT) & + HDR_START_IDX_MASK; if (flags & DNR) opcode |= HDR_DNR; @@ -160,7 +168,12 @@ rta_job_header(struct program *program, } opcode |= HDR_ONE; - opcode |= ((start_idx << HDR_START_IDX_SHIFT) & HDR_START_IDX_MASK); + if (rta_sec_era >= RTA_SEC_ERA_10) + opcode |= (start_idx << HDR_START_IDX_SHIFT) & + HDR_START_IDX_MASK_ERA10; + else + opcode |= (start_idx << HDR_START_IDX_SHIFT) & + HDR_START_IDX_MASK; if (flags & EXT) { opcode |= HDR_EXT; diff --git a/drivers/crypto/dpaa2_sec/hw/rta/jump_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/jump_cmd.h index 546d22e98..18f781e37 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/jump_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/jump_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_JUMP_CMD_H__ diff --git a/drivers/crypto/dpaa2_sec/hw/rta/key_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/key_cmd.h index 1ec21234a..ec3fbcaf6 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/key_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/key_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_KEY_CMD_H__ @@ -19,6 +18,8 @@ static const uint32_t key_enc_flags[] = { ENC | NWB | EKT | TK, ENC | NWB | EKT | TK, ENC | NWB | EKT | TK | PTS, + ENC | NWB | EKT | TK | PTS, + ENC | NWB | EKT | TK | PTS, ENC | NWB | EKT | TK | PTS }; diff --git a/drivers/crypto/dpaa2_sec/hw/rta/load_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/load_cmd.h index f3b0dcfcb..38e253c22 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/load_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/load_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_LOAD_CMD_H__ @@ -19,6 +18,8 @@ static const uint32_t load_len_mask_allowed[] = { 0x000000fe, 0x000000fe, 0x000000fe, + 0x000000fe, + 0x000000fe, 0x000000fe }; @@ -30,6 +31,8 @@ static const uint32_t load_off_mask_allowed[] = { 0x000000ff, 0x000000ff, 0x000000ff, + 0x000000ff, + 0x000000ff, 0x000000ff }; @@ -137,7 +140,8 @@ static const struct load_map load_dst[] = { * Allowed LOAD destinations for each SEC Era. * Values represent the number of entries from load_dst[] that are supported. */ -static const unsigned int load_dst_sz[] = { 31, 34, 34, 40, 40, 40, 40, 40 }; +static const unsigned int load_dst_sz[] = { 31, 34, 34, 40, 40, + 40, 40, 40, 40, 40}; static inline int load_check_len_offset(int pos, uint32_t length, uint32_t offset) diff --git a/drivers/crypto/dpaa2_sec/hw/rta/math_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/math_cmd.h index 5b28cbabb..cca70f7e0 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/math_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/math_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_MATH_CMD_H__ @@ -29,7 +28,8 @@ static const uint32_t math_op1[][2] = { * Allowed MATH op1 sources for each SEC Era. * Values represent the number of entries from math_op1[] that are supported. */ -static const unsigned int math_op1_sz[] = {10, 10, 12, 12, 12, 12, 12, 12}; +static const unsigned int math_op1_sz[] = {10, 10, 12, 12, 12, 12, + 12, 12, 12, 12}; static const uint32_t math_op2[][2] = { /*1*/ { MATH0, MATH_SRC1_REG0 }, @@ -51,7 +51,8 @@ static const uint32_t math_op2[][2] = { * Allowed MATH op2 sources for each SEC Era. * Values represent the number of entries from math_op2[] that are supported. */ -static const unsigned int math_op2_sz[] = {8, 9, 13, 13, 13, 13, 13, 13}; +static const unsigned int math_op2_sz[] = {8, 9, 13, 13, 13, 13, 13, 13, + 13, 13}; static const uint32_t math_result[][2] = { /*1*/ { MATH0, MATH_DEST_REG0 }, @@ -71,7 +72,8 @@ static const uint32_t math_result[][2] = { * Values represent the number of entries from math_result[] that are * supported. */ -static const unsigned int math_result_sz[] = {9, 9, 10, 10, 10, 10, 10, 10}; +static const unsigned int math_result_sz[] = {9, 9, 10, 10, 10, 10, 10, 10, + 10, 10}; static inline int rta_math(struct program *program, uint64_t operand1, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/move_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/move_cmd.h index a7ff7c675..d2151c6dd 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/move_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/move_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_MOVE_CMD_H__ @@ -47,7 +46,8 @@ static const uint32_t move_src_table[][2] = { * Values represent the number of entries from move_src_table[] that are * supported. */ -static const unsigned int move_src_table_sz[] = {9, 11, 14, 14, 14, 14, 14, 14}; +static const unsigned int move_src_table_sz[] = {9, 11, 14, 14, 14, 14, 14, 14, + 14, 14}; static const uint32_t move_dst_table[][2] = { /*1*/ { CONTEXT1, MOVE_DEST_CLASS1CTX }, @@ -72,7 +72,7 @@ static const uint32_t move_dst_table[][2] = { * supported. */ static const -unsigned int move_dst_table_sz[] = {13, 14, 14, 15, 15, 15, 15, 15}; +unsigned int move_dst_table_sz[] = {13, 14, 14, 15, 15, 15, 15, 15, 15, 15}; static inline int set_move_offset(struct program *program __maybe_unused, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/nfifo_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/nfifo_cmd.h index 94f775e2e..85092d961 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/nfifo_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/nfifo_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_NFIFO_CMD_H__ @@ -24,7 +23,7 @@ static const uint32_t nfifo_src[][2] = { * Allowed NFIFO LOAD sources for each SEC Era. * Values represent the number of entries from nfifo_src[] that are supported. */ -static const unsigned int nfifo_src_sz[] = {4, 5, 5, 5, 5, 5, 5, 7}; +static const unsigned int nfifo_src_sz[] = {4, 5, 5, 5, 5, 5, 5, 7, 7, 7}; static const uint32_t nfifo_data[][2] = { { MSG, NFIFOENTRY_DTYPE_MSG }, @@ -77,7 +76,8 @@ static const uint32_t nfifo_flags[][2] = { * Allowed NFIFO LOAD flags for each SEC Era. * Values represent the number of entries from nfifo_flags[] that are supported. */ -static const unsigned int nfifo_flags_sz[] = {12, 14, 14, 14, 14, 14, 14, 14}; +static const unsigned int nfifo_flags_sz[] = {12, 14, 14, 14, 14, 14, + 14, 14, 14, 14}; static const uint32_t nfifo_pad_flags[][2] = { { BM, NFIFOENTRY_BM }, @@ -90,7 +90,7 @@ static const uint32_t nfifo_pad_flags[][2] = { * Values represent the number of entries from nfifo_pad_flags[] that are * supported. */ -static const unsigned int nfifo_pad_flags_sz[] = {2, 2, 2, 2, 3, 3, 3, 3}; +static const unsigned int nfifo_pad_flags_sz[] = {2, 2, 2, 2, 3, 3, 3, 3, 3, 3}; static inline int rta_nfifo_load(struct program *program, uint32_t src, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/operation_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/operation_cmd.h index b85760e5b..9a1788c0f 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/operation_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/operation_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_OPERATION_CMD_H__ @@ -229,7 +228,8 @@ static const struct alg_aai_map alg_table[] = { * Allowed OPERATION algorithms for each SEC Era. * Values represent the number of entries from alg_table[] that are supported. */ -static const unsigned int alg_table_sz[] = {14, 15, 15, 15, 17, 17, 11, 17}; +static const unsigned int alg_table_sz[] = {14, 15, 15, 15, 17, 17, + 11, 17, 17, 17}; static inline int rta_operation(struct program *program, uint32_t cipher_algo, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h index 82581edf5..e9f20703f 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/protocol_cmd.h @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016, 2019 NXP + * Copyright 2016,2019 NXP * */ @@ -326,6 +326,10 @@ static const uint32_t proto_blob_flags[] = { OP_PCL_BLOB_EKT | OP_PCL_BLOB_REG_MASK | OP_PCL_BLOB_SEC_MEM, OP_PCL_BLOB_FORMAT_MASK | OP_PCL_BLOB_BLACK | OP_PCL_BLOB_TKEK | OP_PCL_BLOB_EKT | OP_PCL_BLOB_REG_MASK | OP_PCL_BLOB_SEC_MEM, + OP_PCL_BLOB_FORMAT_MASK | OP_PCL_BLOB_BLACK | OP_PCL_BLOB_TKEK | + OP_PCL_BLOB_EKT | OP_PCL_BLOB_REG_MASK | OP_PCL_BLOB_SEC_MEM, + OP_PCL_BLOB_FORMAT_MASK | OP_PCL_BLOB_BLACK | OP_PCL_BLOB_TKEK | + OP_PCL_BLOB_EKT | OP_PCL_BLOB_REG_MASK | OP_PCL_BLOB_SEC_MEM, OP_PCL_BLOB_FORMAT_MASK | OP_PCL_BLOB_BLACK | OP_PCL_BLOB_TKEK | OP_PCL_BLOB_EKT | OP_PCL_BLOB_REG_MASK | OP_PCL_BLOB_SEC_MEM }; @@ -604,7 +608,8 @@ static const struct proto_map proto_table[] = { * Allowed OPERATION protocols for each SEC Era. * Values represent the number of entries from proto_table[] that are supported. */ -static const unsigned int proto_table_sz[] = {21, 29, 29, 29, 29, 35, 37, 40}; +static const unsigned int proto_table_sz[] = {21, 29, 29, 29, 29, 35, 37, + 40, 40, 40}; static inline int rta_proto_operation(struct program *program, uint32_t optype, diff --git a/drivers/crypto/dpaa2_sec/hw/rta/sec_run_time_asm.h b/drivers/crypto/dpaa2_sec/hw/rta/sec_run_time_asm.h index 5357187f8..d8cdebd20 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/sec_run_time_asm.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/sec_run_time_asm.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_SEC_RUN_TIME_ASM_H__ @@ -36,7 +35,9 @@ enum rta_sec_era { RTA_SEC_ERA_6, RTA_SEC_ERA_7, RTA_SEC_ERA_8, - MAX_SEC_ERA = RTA_SEC_ERA_8 + RTA_SEC_ERA_9, + RTA_SEC_ERA_10, + MAX_SEC_ERA = RTA_SEC_ERA_10 }; /** @@ -605,10 +606,14 @@ __rta_inline_data(struct program *program, uint64_t data, static inline unsigned int rta_desc_len(uint32_t *buffer) { - if ((*buffer & CMD_MASK) == CMD_DESC_HDR) + if ((*buffer & CMD_MASK) == CMD_DESC_HDR) { return *buffer & HDR_DESCLEN_MASK; - else - return *buffer & HDR_DESCLEN_SHR_MASK; + } else { + if (rta_sec_era >= RTA_SEC_ERA_10) + return *buffer & HDR_DESCLEN_SHR_MASK_ERA10; + else + return *buffer & HDR_DESCLEN_SHR_MASK; + } } static inline unsigned int @@ -701,9 +706,15 @@ rta_patch_header(struct program *program, int line, unsigned int new_ref) return -EINVAL; opcode = bswap ? swab32(program->buffer[line]) : program->buffer[line]; + if (rta_sec_era >= RTA_SEC_ERA_10) { + opcode &= (uint32_t)~HDR_START_IDX_MASK_ERA10; + opcode |= (new_ref << HDR_START_IDX_SHIFT) & + HDR_START_IDX_MASK_ERA10; + } else { + opcode &= (uint32_t)~HDR_START_IDX_MASK; + opcode |= (new_ref << HDR_START_IDX_SHIFT) & HDR_START_IDX_MASK; + } - opcode &= (uint32_t)~HDR_START_IDX_MASK; - opcode |= (new_ref << HDR_START_IDX_SHIFT) & HDR_START_IDX_MASK; program->buffer[line] = bswap ? swab32(opcode) : opcode; return 0; diff --git a/drivers/crypto/dpaa2_sec/hw/rta/seq_in_out_ptr_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/seq_in_out_ptr_cmd.h index ceb6a8719..5e6af0c83 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/seq_in_out_ptr_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/seq_in_out_ptr_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_SEQ_IN_OUT_PTR_CMD_H__ @@ -19,6 +18,8 @@ static const uint32_t seq_in_ptr_flags[] = { RBS | INL | SGF | PRE | EXT | RTO | RJD | SOP, RBS | INL | SGF | PRE | EXT | RTO | RJD | SOP, RBS | INL | SGF | PRE | EXT | RTO | RJD | SOP, + RBS | INL | SGF | PRE | EXT | RTO | RJD | SOP, + RBS | INL | SGF | PRE | EXT | RTO | RJD | SOP, RBS | INL | SGF | PRE | EXT | RTO | RJD | SOP }; @@ -31,6 +32,8 @@ static const uint32_t seq_out_ptr_flags[] = { SGF | PRE | EXT | RTO | RST | EWS, SGF | PRE | EXT | RTO | RST | EWS, SGF | PRE | EXT | RTO | RST | EWS, + SGF | PRE | EXT | RTO | RST | EWS, + SGF | PRE | EXT | RTO | RST | EWS, SGF | PRE | EXT | RTO | RST | EWS }; diff --git a/drivers/crypto/dpaa2_sec/hw/rta/store_cmd.h b/drivers/crypto/dpaa2_sec/hw/rta/store_cmd.h index 8b58e544d..5de47d053 100644 --- a/drivers/crypto/dpaa2_sec/hw/rta/store_cmd.h +++ b/drivers/crypto/dpaa2_sec/hw/rta/store_cmd.h @@ -1,8 +1,7 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) * * Copyright 2008-2016 Freescale Semiconductor Inc. - * Copyright 2016 NXP - * + * Copyright 2016,2019 NXP */ #ifndef __RTA_STORE_CMD_H__ @@ -56,7 +55,8 @@ static const uint32_t store_src_table[][2] = { * supported. */ static const unsigned int store_src_table_sz[] = {29, 31, 33, 33, - 33, 33, 35, 35}; + 33, 33, 35, 35, + 35, 35}; static inline int rta_store(struct program *program, uint64_t src, From patchwork Mon Sep 30 11:52:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60164 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 6E6C31B952; Mon, 30 Sep 2019 14:08:14 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 59073378E for ; Mon, 30 Sep 2019 14:08:00 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 385F61A082E; Mon, 30 Sep 2019 14:08:00 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id A4ED71A0834; Mon, 30 Sep 2019 14:07:57 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id A8DB1402C1; Mon, 30 Sep 2019 20:07:53 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Akhil Goyal , Vakul Garg Date: Mon, 30 Sep 2019 17:22:24 +0530 Message-Id: <20190930115237.5073-8-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 07/20] crypto/dpaa2_sec/hw: update 12bit SN desc for NULL auth X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" For sec era 8, NULL auth using protocol command does not add 4 bytes of null MAC-I and treat NULL integrity as no integrity which is not correct. Hence converting this particular case of null integrity on 12b SN on SEC ERA 8 from protocol offload to non-protocol offload case. Signed-off-by: Akhil Goyal Signed-off-by: Vakul Garg --- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 32 +++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index 4bf1d69f9..0b074ec80 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -43,6 +43,14 @@ #define PDCP_C_PLANE_SN_MASK 0x1F000000 #define PDCP_C_PLANE_SN_MASK_BE 0x0000001F +/** + * PDCP_12BIT_SN_MASK - This mask is used in the PDCP descriptors for + * extracting the sequence number (SN) from the + * PDCP User Plane header. + */ +#define PDCP_12BIT_SN_MASK 0xFF0F0000 +#define PDCP_12BIT_SN_MASK_BE 0x00000FFF + /** * PDCP_U_PLANE_15BIT_SN_MASK - This mask is used in the PDCP descriptors for * extracting the sequence number (SN) from the @@ -776,8 +784,10 @@ pdcp_insert_cplane_enc_only_op(struct program *p, KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || - (rta_sec_era == RTA_SEC_ERA_10)) { + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18 && + !(rta_sec_era == RTA_SEC_ERA_8 && + authdata->algtype == 0)) + || (rta_sec_era == RTA_SEC_ERA_10)) { if (sn_size == PDCP_SN_SIZE_5) PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_CTRL_MIXED, (uint16_t)cipherdata->algtype << 8); @@ -800,12 +810,16 @@ pdcp_insert_cplane_enc_only_op(struct program *p, sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : PDCP_U_PLANE_18BIT_SN_MASK_BE; break; - case PDCP_SN_SIZE_7: case PDCP_SN_SIZE_12: + offset = 6; + length = 2; + sn_mask = (swap == false) ? PDCP_12BIT_SN_MASK : + PDCP_12BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: case PDCP_SN_SIZE_15: pr_err("Invalid sn_size for %s\n", __func__); return -ENOTSUP; - } SEQLOAD(p, MATH0, offset, length, 0); @@ -2796,6 +2810,16 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, case PDCP_CIPHER_TYPE_AES: case PDCP_CIPHER_TYPE_SNOW: case PDCP_CIPHER_TYPE_NULL: + if (rta_sec_era == RTA_SEC_ERA_8 && + authdata && authdata->algtype == 0){ + err = pdcp_insert_uplane_with_int_op(p, swap, + cipherdata, authdata, + sn_size, era_2_sw_hfn_ovrd, + OP_TYPE_ENCAP_PROTOCOL); + if (err) + return err; + break; + } /* Insert auth key if requested */ if (authdata && authdata->algtype) { KEY(p, KEY2, authdata->key_enc_flags, From patchwork Mon Sep 30 11:52:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60165 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 859251BDFD; Mon, 30 Sep 2019 14:08:16 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id E307A378E for ; Mon, 30 Sep 2019 14:08:00 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id C44CD2009A5; Mon, 30 Sep 2019 14:08:00 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 6A58F20008B; Mon, 30 Sep 2019 14:07:58 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id EE9A1402C7; Mon, 30 Sep 2019 20:07:54 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Akhil Goyal Date: Mon, 30 Sep 2019 17:22:25 +0530 Message-Id: <20190930115237.5073-9-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 08/20] crypto/dpaa_sec: support scatter gather for PDCP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch add support for chained input or output mbufs for PDCP operations. Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa_sec/dpaa_sec.c | 122 +++++++++++++++++++++++++++-- 1 file changed, 116 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index 3fc4a606f..b5bb87aa6 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -189,12 +189,18 @@ dqrr_out_fq_cb_rx(struct qman_portal *qm __always_unused, if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) { struct qm_sg_entry *sg_out; uint32_t len; + struct rte_mbuf *mbuf = (ctx->op->sym->m_dst == NULL) ? + ctx->op->sym->m_src : ctx->op->sym->m_dst; sg_out = &job->sg[0]; hw_sg_to_cpu(sg_out); len = sg_out->length; - ctx->op->sym->m_src->pkt_len = len; - ctx->op->sym->m_src->data_len = len; + mbuf->pkt_len = len; + while (mbuf->next != NULL) { + len -= mbuf->data_len; + mbuf = mbuf->next; + } + mbuf->data_len = len; } dpaa_sec_ops[dpaa_sec_op_nb++] = ctx->op; dpaa_sec_op_ending(ctx); @@ -260,6 +266,7 @@ static inline int is_auth_cipher(dpaa_sec_session *ses) { return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) && (ses->auth_alg != RTE_CRYPTO_AUTH_NULL) && + (ses->proto_alg != RTE_SECURITY_PROTOCOL_PDCP) && (ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC)); } @@ -802,12 +809,18 @@ dpaa_sec_deq(struct dpaa_sec_qp *qp, struct rte_crypto_op **ops, int nb_ops) if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) { struct qm_sg_entry *sg_out; uint32_t len; + struct rte_mbuf *mbuf = (op->sym->m_dst == NULL) ? + op->sym->m_src : op->sym->m_dst; sg_out = &job->sg[0]; hw_sg_to_cpu(sg_out); len = sg_out->length; - op->sym->m_src->pkt_len = len; - op->sym->m_src->data_len = len; + mbuf->pkt_len = len; + while (mbuf->next != NULL) { + len -= mbuf->data_len; + mbuf = mbuf->next; + } + mbuf->data_len = len; } if (!ctx->fd_status) { op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; @@ -1636,6 +1649,99 @@ build_proto(struct rte_crypto_op *op, dpaa_sec_session *ses) return cf; } +static inline struct dpaa_sec_job * +build_proto_sg(struct rte_crypto_op *op, dpaa_sec_session *ses) +{ + struct rte_crypto_sym_op *sym = op->sym; + struct dpaa_sec_job *cf; + struct dpaa_sec_op_ctx *ctx; + struct qm_sg_entry *sg, *out_sg, *in_sg; + struct rte_mbuf *mbuf; + uint8_t req_segs; + uint32_t in_len = 0, out_len = 0; + + if (sym->m_dst) { + mbuf = sym->m_dst; + } else { + mbuf = sym->m_src; + } + req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2; + if (req_segs > MAX_SG_ENTRIES) { + DPAA_SEC_DP_ERR("Proto: Max sec segs supported is %d", + MAX_SG_ENTRIES); + return NULL; + } + + ctx = dpaa_sec_alloc_ctx(ses); + if (!ctx) + return NULL; + cf = &ctx->job; + ctx->op = op; + /* output */ + out_sg = &cf->sg[0]; + out_sg->extension = 1; + qm_sg_entry_set64(out_sg, dpaa_mem_vtop(&cf->sg[2])); + + /* 1st seg */ + sg = &cf->sg[2]; + qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf)); + sg->offset = 0; + + /* Successive segs */ + while (mbuf->next) { + sg->length = mbuf->data_len; + out_len += sg->length; + mbuf = mbuf->next; + cpu_to_hw_sg(sg); + sg++; + qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf)); + sg->offset = 0; + } + sg->length = mbuf->buf_len - mbuf->data_off; + out_len += sg->length; + sg->final = 1; + cpu_to_hw_sg(sg); + + out_sg->length = out_len; + cpu_to_hw_sg(out_sg); + + /* input */ + mbuf = sym->m_src; + in_sg = &cf->sg[1]; + in_sg->extension = 1; + in_sg->final = 1; + in_len = mbuf->data_len; + + sg++; + qm_sg_entry_set64(in_sg, dpaa_mem_vtop(sg)); + + /* 1st seg */ + qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf)); + sg->length = mbuf->data_len; + sg->offset = 0; + + /* Successive segs */ + mbuf = mbuf->next; + while (mbuf) { + cpu_to_hw_sg(sg); + sg++; + qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf)); + sg->length = mbuf->data_len; + sg->offset = 0; + in_len += sg->length; + mbuf = mbuf->next; + } + sg->final = 1; + cpu_to_hw_sg(sg); + + in_sg->length = in_len; + cpu_to_hw_sg(in_sg); + + sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK; + + return cf; +} + static uint16_t dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, uint16_t nb_ops) @@ -1707,7 +1813,9 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, auth_only_len = op->sym->auth.data.length - op->sym->cipher.data.length; - if (rte_pktmbuf_is_contiguous(op->sym->m_src)) { + if (rte_pktmbuf_is_contiguous(op->sym->m_src) && + ((op->sym->m_dst == NULL) || + rte_pktmbuf_is_contiguous(op->sym->m_dst))) { if (is_proto_ipsec(ses)) { cf = build_proto(op, ses); } else if (is_proto_pdcp(ses)) { @@ -1728,7 +1836,9 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, goto send_pkts; } } else { - if (is_auth_only(ses)) { + if (is_proto_pdcp(ses) || is_proto_ipsec(ses)) { + cf = build_proto_sg(op, ses); + } else if (is_auth_only(ses)) { cf = build_auth_only_sg(op, ses); } else if (is_cipher_only(ses)) { cf = build_cipher_only_sg(op, ses); From patchwork Mon Sep 30 11:52:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60167 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 1FCC81BE89; Mon, 30 Sep 2019 14:08:21 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id E7B8937AF for ; Mon, 30 Sep 2019 14:08:02 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id CA03E1A084B; Mon, 30 Sep 2019 14:08:02 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 132731A0288; Mon, 30 Sep 2019 14:08:00 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 1E5774030D; Mon, 30 Sep 2019 20:07:55 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Hemant Agrawal , Akhil Goyal Date: Mon, 30 Sep 2019 17:22:26 +0530 Message-Id: <20190930115237.5073-10-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 09/20] crypto/dpaa2_sec: support scatter gather for proto offloads X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Hemant Agrawal This patch add support for chained input or output mbufs for PDCP and ipsec protocol offload cases. Signed-off-by: Hemant Agrawal Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 134 +++++++++++++++++++- drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h | 4 +- 2 files changed, 133 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index fb0314adb..36ae78a03 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -65,6 +65,121 @@ static uint8_t cryptodev_driver_id; int dpaa2_logtype_sec; +static inline int +build_proto_compound_sg_fd(dpaa2_sec_session *sess, + struct rte_crypto_op *op, + struct qbman_fd *fd, uint16_t bpid) +{ + struct rte_crypto_sym_op *sym_op = op->sym; + struct ctxt_priv *priv = sess->ctxt; + struct qbman_fle *fle, *sge, *ip_fle, *op_fle; + struct sec_flow_context *flc; + struct rte_mbuf *mbuf; + uint32_t in_len = 0, out_len = 0; + + if (sym_op->m_dst) + mbuf = sym_op->m_dst; + else + mbuf = sym_op->m_src; + + /* first FLE entry used to store mbuf and session ctxt */ + fle = (struct qbman_fle *)rte_malloc(NULL, FLE_SG_MEM_SIZE, + RTE_CACHE_LINE_SIZE); + if (unlikely(!fle)) { + DPAA2_SEC_DP_ERR("Proto:SG: Memory alloc failed for SGE"); + return -1; + } + memset(fle, 0, FLE_SG_MEM_SIZE); + DPAA2_SET_FLE_ADDR(fle, (size_t)op); + DPAA2_FLE_SAVE_CTXT(fle, (ptrdiff_t)priv); + + /* Save the shared descriptor */ + flc = &priv->flc_desc[0].flc; + + op_fle = fle + 1; + ip_fle = fle + 2; + sge = fle + 3; + + if (likely(bpid < MAX_BPID)) { + DPAA2_SET_FD_BPID(fd, bpid); + DPAA2_SET_FLE_BPID(op_fle, bpid); + DPAA2_SET_FLE_BPID(ip_fle, bpid); + } else { + DPAA2_SET_FD_IVP(fd); + DPAA2_SET_FLE_IVP(op_fle); + DPAA2_SET_FLE_IVP(ip_fle); + } + + /* Configure FD as a FRAME LIST */ + DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(op_fle)); + DPAA2_SET_FD_COMPOUND_FMT(fd); + DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc)); + + /* Configure Output FLE with Scatter/Gather Entry */ + DPAA2_SET_FLE_SG_EXT(op_fle); + DPAA2_SET_FLE_ADDR(op_fle, DPAA2_VADDR_TO_IOVA(sge)); + + /* Configure Output SGE for Encap/Decap */ + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); + DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off); + /* o/p segs */ + while (mbuf->next) { + sge->length = mbuf->data_len; + out_len += sge->length; + sge++; + mbuf = mbuf->next; + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); + DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off); + } + /* using buf_len for last buf - so that extra data can be added */ + sge->length = mbuf->buf_len - mbuf->data_off; + out_len += sge->length; + + DPAA2_SET_FLE_FIN(sge); + op_fle->length = out_len; + + sge++; + mbuf = sym_op->m_src; + + /* Configure Input FLE with Scatter/Gather Entry */ + DPAA2_SET_FLE_ADDR(ip_fle, DPAA2_VADDR_TO_IOVA(sge)); + DPAA2_SET_FLE_SG_EXT(ip_fle); + DPAA2_SET_FLE_FIN(ip_fle); + + /* Configure input SGE for Encap/Decap */ + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); + DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off); + sge->length = mbuf->data_len; + in_len += sge->length; + + mbuf = mbuf->next; + /* i/p segs */ + while (mbuf) { + sge++; + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); + DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off); + sge->length = mbuf->data_len; + in_len += sge->length; + mbuf = mbuf->next; + } + ip_fle->length = in_len; + DPAA2_SET_FLE_FIN(sge); + + /* In case of PDCP, per packet HFN is stored in + * mbuf priv after sym_op. + */ + if (sess->ctxt_type == DPAA2_SEC_PDCP && sess->pdcp.hfn_ovd) { + uint32_t hfn_ovd = *((uint8_t *)op + sess->pdcp.hfn_ovd_offset); + /*enable HFN override override */ + DPAA2_SET_FLE_INTERNAL_JD(ip_fle, hfn_ovd); + DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd); + DPAA2_SET_FD_INTERNAL_JD(fd, hfn_ovd); + } + DPAA2_SET_FD_LEN(fd, ip_fle->length); + + return 0; +} + static inline int build_proto_compound_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, @@ -87,7 +202,7 @@ build_proto_compound_fd(dpaa2_sec_session *sess, /* we are using the first FLE entry to store Mbuf */ retval = rte_mempool_get(priv->fle_pool, (void **)(&fle)); if (retval) { - DPAA2_SEC_ERR("Memory alloc failed"); + DPAA2_SEC_DP_ERR("Memory alloc failed"); return -1; } memset(fle, 0, FLE_POOL_BUF_SIZE); @@ -1170,8 +1285,10 @@ build_sec_fd(struct rte_crypto_op *op, else return -1; - /* Segmented buffer */ - if (unlikely(!rte_pktmbuf_is_contiguous(op->sym->m_src))) { + /* Any of the buffer is segmented*/ + if (!rte_pktmbuf_is_contiguous(op->sym->m_src) || + ((op->sym->m_dst != NULL) && + !rte_pktmbuf_is_contiguous(op->sym->m_dst))) { switch (sess->ctxt_type) { case DPAA2_SEC_CIPHER: ret = build_cipher_sg_fd(sess, op, fd, bpid); @@ -1185,6 +1302,10 @@ build_sec_fd(struct rte_crypto_op *op, case DPAA2_SEC_CIPHER_HASH: ret = build_authenc_sg_fd(sess, op, fd, bpid); break; + case DPAA2_SEC_IPSEC: + case DPAA2_SEC_PDCP: + ret = build_proto_compound_sg_fd(sess, op, fd, bpid); + break; case DPAA2_SEC_HASH_CIPHER: default: DPAA2_SEC_ERR("error: Unsupported session"); @@ -1372,9 +1493,14 @@ sec_fd_to_mbuf(const struct qbman_fd *fd) if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) { dpaa2_sec_session *sess = (dpaa2_sec_session *) get_sec_session_private_data(op->sym->sec_session); - if (sess->ctxt_type == DPAA2_SEC_IPSEC) { + if (sess->ctxt_type == DPAA2_SEC_IPSEC || + sess->ctxt_type == DPAA2_SEC_PDCP) { uint16_t len = DPAA2_GET_FD_LEN(fd); dst->pkt_len = len; + while (dst->next != NULL) { + len -= dst->data_len; + dst = dst->next; + } dst->data_len = len; } } diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h index 8a9904426..c2e11f951 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_logs.h @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved. - * Copyright 2016 NXP + * Copyright 2016,2019 NXP * */ @@ -37,6 +37,8 @@ extern int dpaa2_logtype_sec; DPAA2_SEC_DP_LOG(INFO, fmt, ## args) #define DPAA2_SEC_DP_WARN(fmt, args...) \ DPAA2_SEC_DP_LOG(WARNING, fmt, ## args) +#define DPAA2_SEC_DP_ERR(fmt, args...) \ + DPAA2_SEC_DP_LOG(ERR, fmt, ## args) #endif /* _DPAA2_SEC_LOGS_H_ */ From patchwork Mon Sep 30 11:52:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60166 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 12CF11BE81; Mon, 30 Sep 2019 14:08:19 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id B49CA378E for ; Mon, 30 Sep 2019 14:08:02 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 943DD200025; Mon, 30 Sep 2019 14:08:02 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 6AFD8200999; Mon, 30 Sep 2019 14:08:00 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 5CCB9402B7; Mon, 30 Sep 2019 20:07:57 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:27 +0530 Message-Id: <20190930115237.5073-11-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 10/20] crypto/dpaa2_sec: disable 'write-safe' for PDCP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg PDCP descriptors in some cases internally use commands which overwrite memory with extra '0s' if write-safe is kept enabled. This breaks correct functional behavior of PDCP apis and they in many cases give incorrect crypto output. There we disable 'write-safe' bit in FLC for PDCP cases. If there is a performance drop, then write-safe would be enabled selectively through a separate patch. Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 36ae78a03..d53720ae3 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2931,8 +2931,12 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, flc->word1_sdl = (uint8_t)bufsize; - /* Set EWS bit i.e. enable write-safe */ - DPAA2_SET_FLC_EWS(flc); + /* TODO - check the perf impact or + * align as per descriptor type + * Set EWS bit i.e. enable write-safe + * DPAA2_SET_FLC_EWS(flc); + */ + /* Set BS = 1 i.e reuse input buffers as output buffers */ DPAA2_SET_FLC_REUSE_BS(flc); /* Set FF = 10; reuse input buffers if they provide sufficient space */ From patchwork Mon Sep 30 11:52:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60168 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 092F11BE9D; Mon, 30 Sep 2019 14:08:24 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 8E25249DF for ; Mon, 30 Sep 2019 14:08:05 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 2D1001A0824; Mon, 30 Sep 2019 14:08:05 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 6872D1A048C; Mon, 30 Sep 2019 14:08:02 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 7B04740313; Mon, 30 Sep 2019 20:07:58 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg , Akhil Goyal Date: Mon, 30 Sep 2019 17:22:28 +0530 Message-Id: <20190930115237.5073-12-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 11/20] crypto/dpaa2_sec/hw: support 18-bit PDCP enc-auth cases X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch support following algo combinations(ENC-AUTH). - AES-SNOW - SNOW-AES - AES-ZUC - ZUC-AES - SNOW-ZUC - ZUC-SNOW Signed-off-by: Vakul Garg Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 211 ++++++++++++++++-------- 1 file changed, 140 insertions(+), 71 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index 0b074ec80..764daf21c 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -1021,21 +1021,21 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 4, MATH2, 0, 0x08, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 4, MATH2, 0, 0x08, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { if (rta_sec_era > RTA_SEC_ERA_2 || (rta_sec_era == RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd == 0)) { - SEQINPTR(p, 0, 1, RTO); + SEQINPTR(p, 0, length, RTO); } else { SEQINPTR(p, 0, 5, RTO); SEQFIFOLOAD(p, SKIP, 4, 0); } KEY(p, KEY1, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - MOVE(p, MATH2, 0, IFIFOAB1, 0, 0x08, IMMED); + MOVEB(p, MATH2, 0, IFIFOAB1, 0, 0x08, IMMED); if (rta_sec_era > RTA_SEC_ERA_2) { MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); @@ -1088,7 +1088,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, ICV_CHECK_DISABLE, DIR_DEC); SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1 | FLUSH1); - MOVE(p, CONTEXT1, 0, MATH3, 0, 4, WAITCOMP | IMMED); + MOVEB(p, CONTEXT1, 0, MATH3, 0, 4, WAITCOMP | IMMED); if (rta_sec_era <= RTA_SEC_ERA_3) LOAD(p, CLRW_CLR_C1KEY | CLRW_CLR_C1CTX | @@ -1111,7 +1111,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); SET_LABEL(p, local_offset); - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); SEQINPTR(p, 0, 0, RTO); if (rta_sec_era == RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd) { @@ -1119,7 +1119,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, MATHB(p, SEQINSZ, ADD, ONE, SEQINSZ, 4, 0); } - MATHB(p, SEQINSZ, SUB, ONE, VSEQINSZ, 4, 0); + MATHB(p, SEQINSZ, SUB, length, VSEQINSZ, 4, IMMED2); ALG_OPERATION(p, OP_ALG_ALGSEL_SNOW_F8, OP_ALG_AAI_F8, OP_ALG_AS_INITFINAL, @@ -1130,14 +1130,14 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, if (rta_sec_era > RTA_SEC_ERA_2 || (rta_sec_era == RTA_SEC_ERA_2 && era_2_sw_hfn_ovrd == 0)) - SEQFIFOLOAD(p, SKIP, 1, 0); + SEQFIFOLOAD(p, SKIP, length, 0); SEQFIFOLOAD(p, MSG1, 0, VLF); - MOVE(p, MATH3, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); + MOVEB(p, MATH3, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); PATCH_MOVE(p, seqin_ptr_read, local_offset); PATCH_MOVE(p, seqin_ptr_write, local_offset); } else { - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); if (rta_sec_era >= RTA_SEC_ERA_5) MOVE(p, CONTEXT1, 0, CONTEXT2, 0, 8, IMMED); @@ -1147,7 +1147,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, else MATHB(p, SEQINSZ, SUB, MATH3, VSEQINSZ, 4, 0); - MATHB(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + MATHI(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); /* * TODO: To be changed when proper support is added in RTA (can't load a * command that is also written by RTA (or patch it for that matter). @@ -1237,7 +1237,7 @@ pdcp_insert_cplane_snow_aes_op(struct program *p, DIR_DEC); /* Read the # of bytes written in the output buffer + 1 (HDR) */ - MATHB(p, VSEQOUTSZ, ADD, ONE, VSEQINSZ, 4, 0); + MATHI(p, VSEQOUTSZ, ADD, length, VSEQINSZ, 4, IMMED2); if (rta_sec_era <= RTA_SEC_ERA_3) MOVE(p, MATH3, 0, IFIFOAB1, 0, 8, IMMED); @@ -1340,24 +1340,24 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, } if (dir == OP_TYPE_ENCAP_PROTOCOL) - MATHB(p, SEQINSZ, SUB, ONE, VSEQINSZ, 4, 0); + MATHB(p, SEQINSZ, SUB, length, VSEQINSZ, 4, IMMED2); SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); + MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); SEQSTORE(p, MATH0, offset, length, 0); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH1, 8, 0); - MOVE(p, MATH1, 0, CONTEXT1, 16, 8, IMMED); - MOVE(p, MATH1, 0, CONTEXT2, 0, 4, IMMED); + MOVEB(p, MATH1, 0, CONTEXT1, 16, 8, IMMED); + MOVEB(p, MATH1, 0, CONTEXT2, 0, 4, IMMED); if (swap == false) { - MATHB(p, MATH1, AND, lower_32_bits(PDCP_BEARER_MASK), MATH2, 4, - IMMED2); - MATHB(p, MATH1, AND, upper_32_bits(PDCP_DIR_MASK), MATH3, 4, - IMMED2); + MATHB(p, MATH1, AND, upper_32_bits(PDCP_BEARER_MASK), MATH2, 4, + IMMED2); + MATHB(p, MATH1, AND, lower_32_bits(PDCP_DIR_MASK), MATH3, 4, + IMMED2); } else { MATHB(p, MATH1, AND, lower_32_bits(PDCP_BEARER_MASK_BE), MATH2, 4, IMMED2); @@ -1365,7 +1365,7 @@ pdcp_insert_cplane_aes_snow_op(struct program *p, 4, IMMED2); } MATHB(p, MATH3, SHLD, MATH3, MATH3, 8, 0); - MOVE(p, MATH2, 4, OFIFO, 0, 12, IMMED); + MOVEB(p, MATH2, 4, OFIFO, 0, 12, IMMED); MOVE(p, OFIFO, 0, CONTEXT2, 4, 12, IMMED); if (dir == OP_TYPE_ENCAP_PROTOCOL) { MATHB(p, SEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); @@ -1485,14 +1485,14 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); + MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); - MOVE(p, MATH2, 0, CONTEXT2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT2, 0, 8, WAITCOMP | IMMED); if (dir == OP_TYPE_ENCAP_PROTOCOL) MATHB(p, SEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); @@ -1606,14 +1606,14 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, SET_LABEL(p, keyjump); SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); + MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); - MOVE(p, MATH2, 0, CONTEXT1, 16, 8, IMMED); - MOVE(p, MATH2, 0, CONTEXT2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 16, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT2, 0, 8, WAITCOMP | IMMED); if (dir == OP_TYPE_ENCAP_PROTOCOL) MATHB(p, SEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); @@ -1729,19 +1729,19 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, SET_LABEL(p, keyjump); SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); - MOVE(p, MATH0, 7, IFIFOAB2, 0, 1, IMMED); + MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 4, MATH2, 0, 8, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH1, 8, 0); - MOVE(p, MATH1, 0, CONTEXT1, 0, 8, IMMED); - MOVE(p, MATH1, 0, CONTEXT2, 0, 4, IMMED); + MOVEB(p, MATH1, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH1, 0, CONTEXT2, 0, 4, IMMED); if (swap == false) { - MATHB(p, MATH1, AND, lower_32_bits(PDCP_BEARER_MASK), MATH2, - 4, IMMED2); - MATHB(p, MATH1, AND, upper_32_bits(PDCP_DIR_MASK), MATH3, - 4, IMMED2); + MATHB(p, MATH1, AND, upper_32_bits(PDCP_BEARER_MASK), MATH2, + 4, IMMED2); + MATHB(p, MATH1, AND, lower_32_bits(PDCP_DIR_MASK), MATH3, + 4, IMMED2); } else { MATHB(p, MATH1, AND, lower_32_bits(PDCP_BEARER_MASK_BE), MATH2, 4, IMMED2); @@ -1749,7 +1749,7 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, 4, IMMED2); } MATHB(p, MATH3, SHLD, MATH3, MATH3, 8, 0); - MOVE(p, MATH2, 4, OFIFO, 0, 12, IMMED); + MOVEB(p, MATH2, 4, OFIFO, 0, 12, IMMED); MOVE(p, OFIFO, 0, CONTEXT2, 4, 12, IMMED); if (dir == OP_TYPE_ENCAP_PROTOCOL) { @@ -1798,13 +1798,13 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, LOAD(p, 0, DCTRL, 0, LDLEN_RST_CHA_OFIFO_PTR, IMMED); /* Put ICV to M0 before sending it to C2 for comparison. */ - MOVE(p, OFIFO, 0, MATH0, 0, 4, WAITCOMP | IMMED); + MOVEB(p, OFIFO, 0, MATH0, 0, 4, WAITCOMP | IMMED); LOAD(p, NFIFOENTRY_STYPE_ALTSOURCE | NFIFOENTRY_DEST_CLASS2 | NFIFOENTRY_DTYPE_ICV | NFIFOENTRY_LC2 | 4, NFIFO_SZL, 0, 4, IMMED); - MOVE(p, MATH0, 0, ALTSOURCE, 0, 4, IMMED); + MOVEB(p, MATH0, 0, ALTSOURCE, 0, 4, IMMED); } PATCH_JUMP(p, pkeyjump, keyjump); @@ -1871,14 +1871,14 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); - MOVE(p, DESCBUF, 4, MATH2, 0, 0x08, WAITCOMP | IMMED); + MOVEB(p, DESCBUF, 4, MATH2, 0, 0x08, WAITCOMP | IMMED); MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); SEQSTORE(p, MATH0, offset, length, 0); if (dir == OP_TYPE_ENCAP_PROTOCOL) { KEY(p, KEY1, authdata->key_enc_flags, authdata->key, authdata->keylen, INLINE_KEY(authdata)); - MOVE(p, MATH2, 0, IFIFOAB1, 0, 0x08, IMMED); - MOVE(p, MATH0, 7, IFIFOAB1, 0, 1, IMMED); + MOVEB(p, MATH2, 0, IFIFOAB1, 0, 0x08, IMMED); + MOVEB(p, MATH0, offset, IFIFOAB1, 0, length, IMMED); MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); MATHB(p, VSEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); @@ -1889,7 +1889,7 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, ICV_CHECK_DISABLE, DIR_DEC); SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1 | FLUSH1); - MOVE(p, CONTEXT1, 0, MATH3, 0, 4, WAITCOMP | IMMED); + MOVEB(p, CONTEXT1, 0, MATH3, 0, 4, WAITCOMP | IMMED); LOAD(p, CLRW_RESET_CLS1_CHA | CLRW_CLR_C1KEY | CLRW_CLR_C1CTX | @@ -1901,7 +1901,7 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); SEQINPTR(p, 0, PDCP_NULL_MAX_FRAME_LEN, RTO); ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCE, @@ -1911,12 +1911,12 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, DIR_ENC); SEQFIFOSTORE(p, MSG, 0, 0, VLF); - SEQFIFOLOAD(p, SKIP, 1, 0); + SEQFIFOLOAD(p, SKIP, length, 0); SEQFIFOLOAD(p, MSG1, 0, VLF); - MOVE(p, MATH3, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); + MOVEB(p, MATH3, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); } else { - MOVE(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); MOVE(p, CONTEXT1, 0, CONTEXT2, 0, 8, IMMED); @@ -1937,7 +1937,7 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, SEQFIFOSTORE(p, MSG, 0, 0, VLF | CONT); SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1 | FLUSH1); - MOVE(p, OFIFO, 0, MATH3, 0, 4, IMMED); + MOVEB(p, OFIFO, 0, MATH3, 0, 4, IMMED); LOAD(p, CLRW_RESET_CLS1_CHA | CLRW_CLR_C1KEY | @@ -1969,7 +1969,7 @@ pdcp_insert_cplane_zuc_aes_op(struct program *p, NFIFOENTRY_DTYPE_ICV | NFIFOENTRY_LC1 | NFIFOENTRY_FC1 | 4, NFIFO_SZL, 0, 4, IMMED); - MOVE(p, MATH3, 0, ALTSOURCE, 0, 4, IMMED); + MOVEB(p, MATH3, 0, ALTSOURCE, 0, 4, IMMED); } return 0; @@ -2080,6 +2080,8 @@ insert_hfn_ov_op(struct program *p, { uint32_t imm = PDCP_DPOVRD_HFN_OV_EN; uint16_t hfn_pdb_offset; + LABEL(keyjump); + REFERENCE(pkeyjump); if (rta_sec_era == RTA_SEC_ERA_2 && !era_2_sw_hfn_ovrd) return 0; @@ -2115,13 +2117,10 @@ insert_hfn_ov_op(struct program *p, SEQSTORE(p, MATH0, 4, 4, 0); } - if (rta_sec_era >= RTA_SEC_ERA_8) - JUMP(p, 6, LOCAL_JUMP, ALL_TRUE, MATH_Z); - else - JUMP(p, 5, LOCAL_JUMP, ALL_TRUE, MATH_Z); + pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, MATH_Z); if (rta_sec_era > RTA_SEC_ERA_2) - MATHB(p, DPOVRD, LSHIFT, shift, MATH0, 4, IMMED2); + MATHI(p, DPOVRD, LSHIFT, shift, MATH0, 4, IMMED2); else MATHB(p, MATH0, LSHIFT, shift, MATH0, 4, IMMED2); @@ -2136,6 +2135,8 @@ insert_hfn_ov_op(struct program *p, */ MATHB(p, DPOVRD, AND, ZERO, DPOVRD, 4, STL); + SET_LABEL(p, keyjump); + PATCH_JUMP(p, pkeyjump, keyjump); return 0; } @@ -2271,14 +2272,45 @@ cnstr_pdcp_c_plane_pdb(struct program *p, /* * PDCP UPlane PDB creation function */ -static inline int +static inline enum pdb_type_e cnstr_pdcp_u_plane_pdb(struct program *p, enum pdcp_sn_size sn_size, uint32_t hfn, unsigned short bearer, unsigned short direction, - uint32_t hfn_threshold) + uint32_t hfn_threshold, + struct alginfo *cipherdata, + struct alginfo *authdata) { struct pdcp_pdb pdb; + enum pdb_type_e pdb_type = PDCP_PDB_TYPE_FULL_PDB; + enum pdb_type_e + pdb_mask[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID] = { + { /* NULL */ + PDCP_PDB_TYPE_NO_PDB, /* NULL */ + PDCP_PDB_TYPE_FULL_PDB, /* SNOW f9 */ + PDCP_PDB_TYPE_FULL_PDB, /* AES CMAC */ + PDCP_PDB_TYPE_FULL_PDB /* ZUC-I */ + }, + { /* SNOW f8 */ + PDCP_PDB_TYPE_FULL_PDB, /* NULL */ + PDCP_PDB_TYPE_FULL_PDB, /* SNOW f9 */ + PDCP_PDB_TYPE_REDUCED_PDB, /* AES CMAC */ + PDCP_PDB_TYPE_REDUCED_PDB /* ZUC-I */ + }, + { /* AES CTR */ + PDCP_PDB_TYPE_FULL_PDB, /* NULL */ + PDCP_PDB_TYPE_REDUCED_PDB, /* SNOW f9 */ + PDCP_PDB_TYPE_FULL_PDB, /* AES CMAC */ + PDCP_PDB_TYPE_REDUCED_PDB /* ZUC-I */ + }, + { /* ZUC-E */ + PDCP_PDB_TYPE_FULL_PDB, /* NULL */ + PDCP_PDB_TYPE_REDUCED_PDB, /* SNOW f9 */ + PDCP_PDB_TYPE_REDUCED_PDB, /* AES CMAC */ + PDCP_PDB_TYPE_FULL_PDB /* ZUC-I */ + }, + }; + /* Read options from user */ /* Depending on sequence number length, the HFN and HFN threshold * have different lengths. @@ -2312,6 +2344,12 @@ cnstr_pdcp_u_plane_pdb(struct program *p, pdb.hfn_res = hfn << PDCP_U_PLANE_PDB_18BIT_SN_HFN_SHIFT; pdb.hfn_thr_res = hfn_threshold<algtype] + [authdata->algtype]; + } break; default: @@ -2323,13 +2361,29 @@ cnstr_pdcp_u_plane_pdb(struct program *p, ((bearer << PDCP_U_PLANE_PDB_BEARER_SHIFT) | (direction << PDCP_U_PLANE_PDB_DIR_SHIFT)); - /* copy PDB in descriptor*/ - __rta_out32(p, pdb.opt_res.opt); - __rta_out32(p, pdb.hfn_res); - __rta_out32(p, pdb.bearer_dir_res); - __rta_out32(p, pdb.hfn_thr_res); + switch (pdb_type) { + case PDCP_PDB_TYPE_NO_PDB: + break; + + case PDCP_PDB_TYPE_REDUCED_PDB: + __rta_out32(p, pdb.hfn_res); + __rta_out32(p, pdb.bearer_dir_res); + break; - return 0; + case PDCP_PDB_TYPE_FULL_PDB: + /* copy PDB in descriptor*/ + __rta_out32(p, pdb.opt_res.opt); + __rta_out32(p, pdb.hfn_res); + __rta_out32(p, pdb.bearer_dir_res); + __rta_out32(p, pdb.hfn_thr_res); + + break; + + default: + return PDCP_PDB_TYPE_INVALID; + } + + return pdb_type; } /** * cnstr_shdsc_pdcp_c_plane_encap - Function for creating a PDCP Control Plane @@ -2736,6 +2790,7 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, struct program prg; struct program *p = &prg; int err; + enum pdb_type_e pdb_type; static enum rta_share_type desc_share[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID] = { { /* NULL */ @@ -2785,15 +2840,16 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, SHR_HDR(p, desc_share[cipherdata->algtype][authdata->algtype], 0, 0); else SHR_HDR(p, SHR_ALWAYS, 0, 0); - if (cnstr_pdcp_u_plane_pdb(p, sn_size, hfn, bearer, direction, - hfn_threshold)) { + pdb_type = cnstr_pdcp_u_plane_pdb(p, sn_size, hfn, + bearer, direction, hfn_threshold, + cipherdata, authdata); + if (pdb_type == PDCP_PDB_TYPE_INVALID) { pr_err("Error creating PDCP UPlane PDB\n"); return -EINVAL; } SET_LABEL(p, pdb_end); - err = insert_hfn_ov_op(p, sn_size, PDCP_PDB_TYPE_FULL_PDB, - era_2_sw_hfn_ovrd); + err = insert_hfn_ov_op(p, sn_size, pdb_type, era_2_sw_hfn_ovrd); if (err) return err; @@ -2820,6 +2876,12 @@ cnstr_shdsc_pdcp_u_plane_encap(uint32_t *descbuf, return err; break; } + + if (pdb_type != PDCP_PDB_TYPE_FULL_PDB) { + pr_err("PDB type must be FULL for PROTO desc\n"); + return -EINVAL; + } + /* Insert auth key if requested */ if (authdata && authdata->algtype) { KEY(p, KEY2, authdata->key_enc_flags, @@ -2931,6 +2993,7 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, struct program prg; struct program *p = &prg; int err; + enum pdb_type_e pdb_type; static enum rta_share_type desc_share[PDCP_CIPHER_TYPE_INVALID][PDCP_AUTH_TYPE_INVALID] = { { /* NULL */ @@ -2981,15 +3044,16 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, else SHR_HDR(p, SHR_ALWAYS, 0, 0); - if (cnstr_pdcp_u_plane_pdb(p, sn_size, hfn, bearer, direction, - hfn_threshold)) { + pdb_type = cnstr_pdcp_u_plane_pdb(p, sn_size, hfn, bearer, + direction, hfn_threshold, + cipherdata, authdata); + if (pdb_type == PDCP_PDB_TYPE_INVALID) { pr_err("Error creating PDCP UPlane PDB\n"); return -EINVAL; } SET_LABEL(p, pdb_end); - err = insert_hfn_ov_op(p, sn_size, PDCP_PDB_TYPE_FULL_PDB, - era_2_sw_hfn_ovrd); + err = insert_hfn_ov_op(p, sn_size, pdb_type, era_2_sw_hfn_ovrd); if (err) return err; @@ -3006,6 +3070,11 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, case PDCP_CIPHER_TYPE_AES: case PDCP_CIPHER_TYPE_SNOW: case PDCP_CIPHER_TYPE_NULL: + if (pdb_type != PDCP_PDB_TYPE_FULL_PDB) { + pr_err("PDB type must be FULL for PROTO desc\n"); + return -EINVAL; + } + /* Insert auth key if requested */ if (authdata && authdata->algtype) KEY(p, KEY2, authdata->key_enc_flags, From patchwork Mon Sep 30 11:52:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60169 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 38F051BEA6; Mon, 30 Sep 2019 14:08:26 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 2E50A397D for ; Mon, 30 Sep 2019 14:08:06 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id D6785200025; Mon, 30 Sep 2019 14:08:05 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 7E740200470; Mon, 30 Sep 2019 14:08:03 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 6E576402C1; Mon, 30 Sep 2019 20:07:59 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:29 +0530 Message-Id: <20190930115237.5073-13-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 12/20] crypto/dpaa2_sec/hw: support aes-aes 18-bit PDCP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch support AES-AES PDCP enc-auth case for devices which do not support PROTOCOL command for 18bit Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 151 +++++++++++++++++++++++- 1 file changed, 150 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index 764daf21c..a476b8bde 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -927,6 +927,155 @@ pdcp_insert_cplane_enc_only_op(struct program *p, return 0; } +static inline int +pdcp_insert_uplane_aes_aes_op(struct program *p, + bool swap __maybe_unused, + struct alginfo *cipherdata, + struct alginfo *authdata, + unsigned int dir, + enum pdcp_sn_size sn_size, + unsigned char era_2_sw_hfn_ovrd __maybe_unused) +{ + uint32_t offset = 0, length = 0, sn_mask = 0; + + if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18)) { + /* Insert Auth Key */ + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + /* Insert Cipher Key */ + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + + PROTOCOL(p, dir, OP_PCLID_LTE_PDCP_USER_RN, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); + return 0; + } + + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + + default: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + } + + SEQLOAD(p, MATH0, offset, length, 0); + JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); + + MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); + MOVEB(p, DESCBUF, 8, MATH2, 0, 0x08, WAITCOMP | IMMED); + MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); + SEQSTORE(p, MATH0, offset, length, 0); + + if (dir == OP_TYPE_ENCAP_PROTOCOL) { + KEY(p, KEY1, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + MOVEB(p, MATH2, 0, IFIFOAB1, 0, 0x08, IMMED); + MOVEB(p, MATH0, offset, IFIFOAB1, 0, length, IMMED); + + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + MATHB(p, VSEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + + ALG_OPERATION(p, OP_ALG_ALGSEL_AES, + OP_ALG_AAI_CMAC, + OP_ALG_AS_INITFINAL, + ICV_CHECK_DISABLE, + DIR_DEC); + SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1 | FLUSH1); + MOVEB(p, CONTEXT1, 0, MATH3, 0, 4, WAITCOMP | IMMED); + + LOAD(p, CLRW_RESET_CLS1_CHA | + CLRW_CLR_C1KEY | + CLRW_CLR_C1CTX | + CLRW_CLR_C1ICV | + CLRW_CLR_C1DATAS | + CLRW_CLR_C1MODE, + CLRW, 0, 4, IMMED); + + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + + MOVEB(p, MATH2, 0, CONTEXT1, 16, 8, IMMED); + SEQINPTR(p, 0, PDCP_NULL_MAX_FRAME_LEN, RTO); + + ALG_OPERATION(p, OP_ALG_ALGSEL_AES, + OP_ALG_AAI_CTR, + OP_ALG_AS_INITFINAL, + ICV_CHECK_DISABLE, + DIR_ENC); + + SEQFIFOSTORE(p, MSG, 0, 0, VLF); + + SEQFIFOLOAD(p, SKIP, length, 0); + + SEQFIFOLOAD(p, MSG1, 0, VLF); + MOVEB(p, MATH3, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); + } else { + MOVEB(p, MATH2, 0, CONTEXT1, 16, 8, IMMED); + MOVEB(p, MATH2, 0, CONTEXT2, 0, 8, IMMED); + + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + MATHB(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + + ALG_OPERATION(p, OP_ALG_ALGSEL_AES, + OP_ALG_AAI_CTR, + OP_ALG_AS_INITFINAL, + ICV_CHECK_DISABLE, + DIR_DEC); + + SEQFIFOSTORE(p, MSG, 0, 0, VLF | CONT); + SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1 | FLUSH1); + + MOVEB(p, OFIFO, 0, MATH3, 0, 4, IMMED); + + LOAD(p, CLRW_RESET_CLS1_CHA | + CLRW_CLR_C1KEY | + CLRW_CLR_C1CTX | + CLRW_CLR_C1ICV | + CLRW_CLR_C1DATAS | + CLRW_CLR_C1MODE, + CLRW, 0, 4, IMMED); + + KEY(p, KEY1, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + SEQINPTR(p, 0, 0, SOP); + + ALG_OPERATION(p, OP_ALG_ALGSEL_AES, + OP_ALG_AAI_CMAC, + OP_ALG_AS_INITFINAL, + ICV_CHECK_ENABLE, + DIR_DEC); + + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + + MOVE(p, CONTEXT2, 0, IFIFOAB1, 0, 8, IMMED); + + SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1 | FLUSH1); + + LOAD(p, NFIFOENTRY_STYPE_ALTSOURCE | + NFIFOENTRY_DEST_CLASS1 | + NFIFOENTRY_DTYPE_ICV | + NFIFOENTRY_LC1 | + NFIFOENTRY_FC1 | 4, NFIFO_SZL, 0, 4, IMMED); + MOVEB(p, MATH3, 0, ALTSOURCE, 0, 4, IMMED); + } + + return 0; +} + static inline int pdcp_insert_cplane_acc_op(struct program *p, bool swap __maybe_unused, @@ -2721,7 +2870,7 @@ pdcp_insert_uplane_with_int_op(struct program *p, { /* AES CTR */ pdcp_insert_cplane_enc_only_op, /* NULL */ pdcp_insert_cplane_aes_snow_op, /* SNOW f9 */ - pdcp_insert_cplane_acc_op, /* AES CMAC */ + pdcp_insert_uplane_aes_aes_op, /* AES CMAC */ pdcp_insert_cplane_aes_zuc_op /* ZUC-I */ }, { /* ZUC-E */ From patchwork Mon Sep 30 11:52:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60170 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9E79D1BEAD; Mon, 30 Sep 2019 14:08:28 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 8FF614C93 for ; Mon, 30 Sep 2019 14:08:07 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 7258E1A0834; Mon, 30 Sep 2019 14:08:07 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 176B81A0095; Mon, 30 Sep 2019 14:08:05 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 8E2E2402C7; Mon, 30 Sep 2019 20:08:01 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:30 +0530 Message-Id: <20190930115237.5073-14-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 13/20] crypto/dpaa2_sec/hw: support zuc-zuc 18-bit PDCP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch support ZUC-ZUC PDCP enc-auth case for devices which do not support PROTOCOL command for 18bit. Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 126 +++++++++++++++++++++++- 1 file changed, 125 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index a476b8bde..9fb3d4993 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -927,6 +927,130 @@ pdcp_insert_cplane_enc_only_op(struct program *p, return 0; } +static inline int +pdcp_insert_uplane_zuc_zuc_op(struct program *p, + bool swap __maybe_unused, + struct alginfo *cipherdata, + struct alginfo *authdata, + unsigned int dir, + enum pdcp_sn_size sn_size, + unsigned char era_2_sw_hfn_ovrd __maybe_unused) +{ + uint32_t offset = 0, length = 0, sn_mask = 0; + + LABEL(keyjump); + REFERENCE(pkeyjump); + + if (rta_sec_era < RTA_SEC_ERA_5) { + pr_err("Invalid era for selected algorithm\n"); + return -ENOTSUP; + } + + pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + + SET_LABEL(p, keyjump); + PATCH_JUMP(p, pkeyjump, keyjump); + + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + int pclid; + + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); + + return 0; + } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + } + + SEQLOAD(p, MATH0, offset, length, 0); + JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); + MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); + MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); + + MOVEB(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); + MATHB(p, MATH1, OR, MATH2, MATH2, 8, 0); + MOVEB(p, MATH2, 0, CONTEXT1, 0, 8, IMMED); + + MOVEB(p, MATH2, 0, CONTEXT2, 0, 8, WAITCOMP | IMMED); + + if (dir == OP_TYPE_ENCAP_PROTOCOL) + MATHB(p, SEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + else + MATHB(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + SEQSTORE(p, MATH0, offset, length, 0); + + if (dir == OP_TYPE_ENCAP_PROTOCOL) { + SEQFIFOSTORE(p, MSG, 0, 0, VLF); + SEQFIFOLOAD(p, MSGINSNOOP, 0, VLF | LAST2); + } else { + SEQFIFOSTORE(p, MSG, 0, 0, VLF | CONT); + SEQFIFOLOAD(p, MSGOUTSNOOP, 0, VLF | LAST1 | FLUSH1); + } + + ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCA, + OP_ALG_AAI_F9, + OP_ALG_AS_INITFINAL, + dir == OP_TYPE_ENCAP_PROTOCOL ? + ICV_CHECK_DISABLE : ICV_CHECK_ENABLE, + DIR_ENC); + + ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCE, + OP_ALG_AAI_F8, + OP_ALG_AS_INITFINAL, + ICV_CHECK_DISABLE, + dir == OP_TYPE_ENCAP_PROTOCOL ? DIR_ENC : DIR_DEC); + + if (dir == OP_TYPE_ENCAP_PROTOCOL) { + MOVE(p, CONTEXT2, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); + } else { + /* Save ICV */ + MOVEB(p, OFIFO, 0, MATH0, 0, 4, IMMED); + + LOAD(p, NFIFOENTRY_STYPE_ALTSOURCE | + NFIFOENTRY_DEST_CLASS2 | + NFIFOENTRY_DTYPE_ICV | + NFIFOENTRY_LC2 | 4, NFIFO_SZL, 0, 4, IMMED); + MOVEB(p, MATH0, 0, ALTSOURCE, 0, 4, WAITCOMP | IMMED); + } + + /* Reset ZUCA mode and done interrupt */ + LOAD(p, CLRW_CLR_C2MODE, CLRW, 0, 4, IMMED); + LOAD(p, CIRQ_ZADI, ICTRL, 0, 4, IMMED); + + return 0; +} + static inline int pdcp_insert_uplane_aes_aes_op(struct program *p, bool swap __maybe_unused, @@ -2877,7 +3001,7 @@ pdcp_insert_uplane_with_int_op(struct program *p, pdcp_insert_cplane_enc_only_op, /* NULL */ pdcp_insert_cplane_zuc_snow_op, /* SNOW f9 */ pdcp_insert_cplane_zuc_aes_op, /* AES CMAC */ - pdcp_insert_cplane_acc_op /* ZUC-I */ + pdcp_insert_uplane_zuc_zuc_op /* ZUC-I */ }, }; int err; From patchwork Mon Sep 30 11:52:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60172 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9FB851BEA3; Mon, 30 Sep 2019 14:08:32 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 8B8B95B3A for ; Mon, 30 Sep 2019 14:08:09 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 6AE3B2007A9; Mon, 30 Sep 2019 14:08:09 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 1185220049F; Mon, 30 Sep 2019 14:08:07 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id AB962402B7; Mon, 30 Sep 2019 20:08:02 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:31 +0530 Message-Id: <20190930115237.5073-15-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 14/20] crypto/dpaa2_sec/hw: support snow-snow 18-bit PDCP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch support SNOW-SNOW (enc-auth) 18bit PDCP case for devices which do not support PROTOCOL command Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/pdcp.h | 133 +++++++++++++++++++++++- 1 file changed, 132 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h index 9fb3d4993..b514914ec 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/pdcp.h @@ -927,6 +927,137 @@ pdcp_insert_cplane_enc_only_op(struct program *p, return 0; } +static inline int +pdcp_insert_uplane_snow_snow_op(struct program *p, + bool swap __maybe_unused, + struct alginfo *cipherdata, + struct alginfo *authdata, + unsigned int dir, + enum pdcp_sn_size sn_size, + unsigned char era_2_sw_hfn_ovrd __maybe_unused) +{ + uint32_t offset = 0, length = 0, sn_mask = 0; + + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + + if (rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) { + int pclid; + + if (sn_size == PDCP_SN_SIZE_5) + pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; + else + pclid = OP_PCLID_LTE_PDCP_USER_RN; + + PROTOCOL(p, dir, pclid, + ((uint16_t)cipherdata->algtype << 8) | + (uint16_t)authdata->algtype); + + return 0; + } + /* Non-proto is supported only for 5bit cplane and 18bit uplane */ + switch (sn_size) { + case PDCP_SN_SIZE_5: + offset = 7; + length = 1; + sn_mask = (swap == false) ? PDCP_C_PLANE_SN_MASK : + PDCP_C_PLANE_SN_MASK_BE; + break; + case PDCP_SN_SIZE_18: + offset = 5; + length = 3; + sn_mask = (swap == false) ? PDCP_U_PLANE_18BIT_SN_MASK : + PDCP_U_PLANE_18BIT_SN_MASK_BE; + break; + case PDCP_SN_SIZE_7: + case PDCP_SN_SIZE_12: + case PDCP_SN_SIZE_15: + pr_err("Invalid sn_size for %s\n", __func__); + return -ENOTSUP; + } + + if (dir == OP_TYPE_ENCAP_PROTOCOL) + MATHB(p, SEQINSZ, SUB, length, VSEQINSZ, 4, IMMED2); + + SEQLOAD(p, MATH0, offset, length, 0); + JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); + MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); + MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2); + + SEQSTORE(p, MATH0, offset, length, 0); + MATHB(p, MATH1, SHLD, MATH1, MATH1, 8, 0); + MOVEB(p, DESCBUF, 8, MATH2, 0, 8, WAITCOMP | IMMED); + MATHB(p, MATH1, OR, MATH2, MATH1, 8, 0); + MOVEB(p, MATH1, 0, CONTEXT1, 0, 8, IMMED); + MOVEB(p, MATH1, 0, CONTEXT2, 0, 4, WAITCOMP | IMMED); + if (swap == false) { + MATHB(p, MATH1, AND, upper_32_bits(PDCP_BEARER_MASK), + MATH2, 4, IMMED2); + MATHB(p, MATH1, AND, lower_32_bits(PDCP_DIR_MASK), + MATH3, 4, IMMED2); + } else { + MATHB(p, MATH1, AND, lower_32_bits(PDCP_BEARER_MASK_BE), + MATH2, 4, IMMED2); + MATHB(p, MATH1, AND, upper_32_bits(PDCP_DIR_MASK_BE), + MATH3, 4, IMMED2); + } + MATHB(p, MATH3, SHLD, MATH3, MATH3, 8, 0); + + MOVEB(p, MATH2, 4, OFIFO, 0, 12, IMMED); + MOVE(p, OFIFO, 0, CONTEXT2, 4, 12, IMMED); + if (dir == OP_TYPE_ENCAP_PROTOCOL) { + MATHB(p, SEQINSZ, ADD, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + } else { + MATHI(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQOUTSZ, 4, IMMED2); + MATHI(p, SEQINSZ, SUB, PDCP_MAC_I_LEN, VSEQINSZ, 4, IMMED2); + } + + if (dir == OP_TYPE_ENCAP_PROTOCOL) + SEQFIFOSTORE(p, MSG, 0, 0, VLF); + else + SEQFIFOSTORE(p, MSG, 0, 0, VLF | CONT); + + ALG_OPERATION(p, OP_ALG_ALGSEL_SNOW_F9, + OP_ALG_AAI_F9, + OP_ALG_AS_INITFINAL, + dir == OP_TYPE_ENCAP_PROTOCOL ? + ICV_CHECK_DISABLE : ICV_CHECK_ENABLE, + DIR_DEC); + ALG_OPERATION(p, OP_ALG_ALGSEL_SNOW_F8, + OP_ALG_AAI_F8, + OP_ALG_AS_INITFINAL, + ICV_CHECK_DISABLE, + dir == OP_TYPE_ENCAP_PROTOCOL ? DIR_ENC : DIR_DEC); + + if (dir == OP_TYPE_ENCAP_PROTOCOL) { + SEQFIFOLOAD(p, MSGINSNOOP, 0, VLF | LAST2); + MOVE(p, CONTEXT2, 0, IFIFOAB1, 0, 4, LAST1 | FLUSH1 | IMMED); + } else { + SEQFIFOLOAD(p, MSGOUTSNOOP, 0, VLF | LAST2); + SEQFIFOLOAD(p, MSG1, 4, LAST1 | FLUSH1); + JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CLASS1 | NOP | NIFP); + + if (rta_sec_era >= RTA_SEC_ERA_6) + LOAD(p, 0, DCTRL, 0, LDLEN_RST_CHA_OFIFO_PTR, IMMED); + + MOVE(p, OFIFO, 0, MATH0, 0, 4, WAITCOMP | IMMED); + + NFIFOADD(p, IFIFO, ICV2, 4, LAST2); + + if (rta_sec_era <= RTA_SEC_ERA_2) { + /* Shut off automatic Info FIFO entries */ + LOAD(p, 0, DCTRL, LDOFF_DISABLE_AUTO_NFIFO, 0, IMMED); + MOVE(p, MATH0, 0, IFIFOAB2, 0, 4, WAITCOMP | IMMED); + } else { + MOVE(p, MATH0, 0, IFIFO, 0, 4, WAITCOMP | IMMED); + } + } + + return 0; +} + static inline int pdcp_insert_uplane_zuc_zuc_op(struct program *p, bool swap __maybe_unused, @@ -2987,7 +3118,7 @@ pdcp_insert_uplane_with_int_op(struct program *p, }, { /* SNOW f8 */ pdcp_insert_cplane_enc_only_op, /* NULL */ - pdcp_insert_cplane_acc_op, /* SNOW f9 */ + pdcp_insert_uplane_snow_snow_op, /* SNOW f9 */ pdcp_insert_cplane_snow_aes_op, /* AES CMAC */ pdcp_insert_cplane_snow_zuc_op /* ZUC-I */ }, From patchwork Mon Sep 30 11:52:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60171 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9900D1BEB2; Mon, 30 Sep 2019 14:08:30 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 3022B5681 for ; Mon, 30 Sep 2019 14:08:09 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 0E9112001E7; Mon, 30 Sep 2019 14:08:09 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id D98D620008B; Mon, 30 Sep 2019 14:08:06 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id CB6374030D; Mon, 30 Sep 2019 20:08:03 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:32 +0530 Message-Id: <20190930115237.5073-16-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 15/20] crypto/dpaa2_sec/hw: support snow-f8 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch add support for non-protocol offload mode of snow-f8 algo Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/algo.h | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h index b6cfa8704..2a307a3e1 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h @@ -24,43 +24,33 @@ * @swap: must be true when core endianness doesn't match SEC endianness * @cipherdata: pointer to block cipher transform definitions * @dir: Cipher direction (DIR_ENC/DIR_DEC) - * @count: UEA2 count value (32 bits) - * @bearer: UEA2 bearer ID (5 bits) - * @direction: UEA2 direction (1 bit) * * Return: size of descriptor written in words or negative number on error */ static inline int cnstr_shdsc_snow_f8(uint32_t *descbuf, bool ps, bool swap, - struct alginfo *cipherdata, uint8_t dir, - uint32_t count, uint8_t bearer, uint8_t direction) + struct alginfo *cipherdata, uint8_t dir) { struct program prg; struct program *p = &prg; - uint32_t ct = count; - uint8_t br = bearer; - uint8_t dr = direction; - uint32_t context[2] = {ct, (br << 27) | (dr << 26)}; PROGRAM_CNTXT_INIT(p, descbuf, 0); - if (swap) { + if (swap) PROGRAM_SET_BSWAP(p); - context[0] = swab32(context[0]); - context[1] = swab32(context[1]); - } - if (ps) PROGRAM_SET_36BIT_ADDR(p); SHR_HDR(p, SHR_ALWAYS, 1, 0); KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); + + SEQLOAD(p, CONTEXT1, 0, 16, 0); + MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0); MATHB(p, SEQINSZ, SUB, MATH2, VSEQOUTSZ, 4, 0); ALG_OPERATION(p, OP_ALG_ALGSEL_SNOW_F8, OP_ALG_AAI_F8, OP_ALG_AS_INITFINAL, 0, dir); - LOAD(p, (uintptr_t)context, CONTEXT1, 0, 8, IMMED | COPY); SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1); SEQFIFOSTORE(p, MSG, 0, 0, VLF); From patchwork Mon Sep 30 11:52:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60173 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id A37801BEBB; Mon, 30 Sep 2019 14:08:34 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 4ACA05B3A for ; Mon, 30 Sep 2019 14:08:10 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 2C51A1A0288; Mon, 30 Sep 2019 14:08:10 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 036201A0095; Mon, 30 Sep 2019 14:08:08 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id E9CC440318; Mon, 30 Sep 2019 20:08:04 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg Date: Mon, 30 Sep 2019 17:22:33 +0530 Message-Id: <20190930115237.5073-17-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 16/20] crypto/dpaa2_sec/hw: support snow-f9 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg Add support for snow-f9 in non pdcp protocol offload mode. This essentially add support to pass pre-computed IV to SEC. Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/algo.h | 51 +++++++++++++------------ 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h index 2a307a3e1..5e8e5e79c 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h @@ -64,48 +64,49 @@ cnstr_shdsc_snow_f8(uint32_t *descbuf, bool ps, bool swap, * @swap: must be true when core endianness doesn't match SEC endianness * @authdata: pointer to authentication transform definitions * @dir: cipher direction (DIR_ENC/DIR_DEC) - * @count: UEA2 count value (32 bits) - * @fresh: UEA2 fresh value ID (32 bits) - * @direction: UEA2 direction (1 bit) - * @datalen: size of data + * @chk_icv: check or generate ICV value + * @authlen: size of digest * * Return: size of descriptor written in words or negative number on error */ static inline int cnstr_shdsc_snow_f9(uint32_t *descbuf, bool ps, bool swap, - struct alginfo *authdata, uint8_t dir, uint32_t count, - uint32_t fresh, uint8_t direction, uint32_t datalen) + struct alginfo *authdata, uint8_t chk_icv, + uint32_t authlen) { struct program prg; struct program *p = &prg; - uint64_t ct = count; - uint64_t fr = fresh; - uint64_t dr = direction; - uint64_t context[2]; - - context[0] = (ct << 32) | (dr << 26); - context[1] = fr << 32; + int dir = chk_icv ? DIR_DEC : DIR_ENC; PROGRAM_CNTXT_INIT(p, descbuf, 0); - if (swap) { + if (swap) PROGRAM_SET_BSWAP(p); - context[0] = swab64(context[0]); - context[1] = swab64(context[1]); - } if (ps) PROGRAM_SET_36BIT_ADDR(p); + SHR_HDR(p, SHR_ALWAYS, 1, 0); - KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + SEQLOAD(p, CONTEXT2, 0, 12, 0); + + if (chk_icv == ICV_CHECK_ENABLE) + MATHB(p, SEQINSZ, SUB, authlen, VSEQINSZ, 4, IMMED2); + else + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + ALG_OPERATION(p, OP_ALG_ALGSEL_SNOW_F9, OP_ALG_AAI_F9, - OP_ALG_AS_INITFINAL, 0, dir); - LOAD(p, (uintptr_t)context, CONTEXT2, 0, 16, IMMED | COPY); - SEQFIFOLOAD(p, BIT_DATA, datalen, CLASS2 | LAST2); - /* Save lower half of MAC out into a 32-bit sequence */ - SEQSTORE(p, CONTEXT2, 0, 4, 0); + OP_ALG_AS_INITFINAL, chk_icv, dir); + + SEQFIFOLOAD(p, MSG2, 0, VLF | CLASS2 | LAST2); + + if (chk_icv == ICV_CHECK_ENABLE) + SEQFIFOLOAD(p, ICV2, authlen, LAST2); + else + /* Save lower half of MAC out into a 32-bit sequence */ + SEQSTORE(p, CONTEXT2, 0, authlen, 0); return PROGRAM_FINALIZE(p); } From patchwork Mon Sep 30 11:52:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60174 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E6E9B1BEC1; Mon, 30 Sep 2019 14:08:36 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id B44B91B079 for ; Mon, 30 Sep 2019 14:08:12 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 939451A048C; Mon, 30 Sep 2019 14:08:12 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id A04021A082E; Mon, 30 Sep 2019 14:08:09 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 1482D402C1; Mon, 30 Sep 2019 20:08:05 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Hemant Agrawal , Vakul Garg Date: Mon, 30 Sep 2019 17:22:34 +0530 Message-Id: <20190930115237.5073-18-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 17/20] crypto/dpaa2_sec: support snow3g cipher/integrity X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Hemant Agrawal Adding basic framework to use snow3g f8 and f9 based ciphering or integrity with direct crypto apis. This patch does not support any combo usages yet. Signed-off-by: Hemant Agrawal Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 310 ++++++++++++++------ drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 46 ++- drivers/crypto/dpaa2_sec/hw/desc/algo.h | 30 ++ 3 files changed, 301 insertions(+), 85 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index d53720ae3..637362e30 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -880,11 +880,26 @@ static inline int build_auth_sg_fd( struct qbman_fle *fle, *sge, *ip_fle, *op_fle; struct sec_flow_context *flc; struct ctxt_priv *priv = sess->ctxt; + int data_len, data_offset; uint8_t *old_digest; struct rte_mbuf *mbuf; PMD_INIT_FUNC_TRACE(); + data_len = sym_op->auth.data.length; + data_offset = sym_op->auth.data.offset; + + if (sess->auth_alg == RTE_CRYPTO_AUTH_SNOW3G_UIA2 || + sess->auth_alg == RTE_CRYPTO_AUTH_ZUC_EIA3) { + if ((data_len & 7) || (data_offset & 7)) { + DPAA2_SEC_ERR("AUTH: len/offset must be full bytes"); + return -1; + } + + data_len = data_len >> 3; + data_offset = data_offset >> 3; + } + mbuf = sym_op->m_src; fle = (struct qbman_fle *)rte_malloc(NULL, FLE_SG_MEM_SIZE, RTE_CACHE_LINE_SIZE); @@ -914,25 +929,51 @@ static inline int build_auth_sg_fd( /* i/p fle */ DPAA2_SET_FLE_SG_EXT(ip_fle); DPAA2_SET_FLE_ADDR(ip_fle, DPAA2_VADDR_TO_IOVA(sge)); - /* i/p 1st seg */ - DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); - DPAA2_SET_FLE_OFFSET(sge, sym_op->auth.data.offset + mbuf->data_off); - sge->length = mbuf->data_len - sym_op->auth.data.offset; + ip_fle->length = data_len; - /* i/p segs */ - mbuf = mbuf->next; - while (mbuf) { + if (sess->iv.length) { + uint8_t *iv_ptr; + + iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, + sess->iv.offset); + + if (sess->auth_alg == RTE_CRYPTO_AUTH_SNOW3G_UIA2) { + iv_ptr = conv_to_snow_f9_iv(iv_ptr); + sge->length = 12; + } else if (sess->auth_alg == RTE_CRYPTO_AUTH_ZUC_EIA3) { + iv_ptr = conv_to_zuc_eia_iv(iv_ptr); + sge->length = 8; + } else { + sge->length = sess->iv.length; + } + DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(iv_ptr)); + ip_fle->length += sge->length; sge++; - DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); - DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off); - sge->length = mbuf->data_len; - mbuf = mbuf->next; } - if (sess->dir == DIR_ENC) { - /* Digest calculation case */ - sge->length -= sess->digest_length; - ip_fle->length = sym_op->auth.data.length; + /* i/p 1st seg */ + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); + DPAA2_SET_FLE_OFFSET(sge, data_offset + mbuf->data_off); + + if (data_len <= (mbuf->data_len - data_offset)) { + sge->length = data_len; + data_len = 0; } else { + sge->length = mbuf->data_len - data_offset; + + /* remaining i/p segs */ + while ((data_len = data_len - sge->length) && + (mbuf = mbuf->next)) { + sge++; + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); + DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off); + if (data_len > mbuf->data_len) + sge->length = mbuf->data_len; + else + sge->length = data_len; + } + } + + if (sess->dir == DIR_DEC) { /* Digest verification case */ sge++; old_digest = (uint8_t *)(sge + 1); @@ -940,8 +981,7 @@ static inline int build_auth_sg_fd( sess->digest_length); DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_digest)); sge->length = sess->digest_length; - ip_fle->length = sym_op->auth.data.length + - sess->digest_length; + ip_fle->length += sess->digest_length; } DPAA2_SET_FLE_FIN(sge); DPAA2_SET_FLE_FIN(ip_fle); @@ -958,11 +998,26 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, struct qbman_fle *fle, *sge; struct sec_flow_context *flc; struct ctxt_priv *priv = sess->ctxt; + int data_len, data_offset; uint8_t *old_digest; int retval; PMD_INIT_FUNC_TRACE(); + data_len = sym_op->auth.data.length; + data_offset = sym_op->auth.data.offset; + + if (sess->auth_alg == RTE_CRYPTO_AUTH_SNOW3G_UIA2 || + sess->auth_alg == RTE_CRYPTO_AUTH_ZUC_EIA3) { + if ((data_len & 7) || (data_offset & 7)) { + DPAA2_SEC_ERR("AUTH: len/offset must be full bytes"); + return -1; + } + + data_len = data_len >> 3; + data_offset = data_offset >> 3; + } + retval = rte_mempool_get(priv->fle_pool, (void **)(&fle)); if (retval) { DPAA2_SEC_ERR("AUTH Memory alloc failed for SGE"); @@ -978,64 +1033,72 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, DPAA2_SET_FLE_ADDR(fle, (size_t)op); DPAA2_FLE_SAVE_CTXT(fle, (ptrdiff_t)priv); fle = fle + 1; + sge = fle + 2; if (likely(bpid < MAX_BPID)) { DPAA2_SET_FD_BPID(fd, bpid); DPAA2_SET_FLE_BPID(fle, bpid); DPAA2_SET_FLE_BPID(fle + 1, bpid); + DPAA2_SET_FLE_BPID(sge, bpid); + DPAA2_SET_FLE_BPID(sge + 1, bpid); } else { DPAA2_SET_FD_IVP(fd); DPAA2_SET_FLE_IVP(fle); DPAA2_SET_FLE_IVP((fle + 1)); + DPAA2_SET_FLE_IVP(sge); + DPAA2_SET_FLE_IVP((sge + 1)); } + flc = &priv->flc_desc[DESC_INITFINAL].flc; DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc)); + DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(fle)); + DPAA2_SET_FD_COMPOUND_FMT(fd); DPAA2_SET_FLE_ADDR(fle, DPAA2_VADDR_TO_IOVA(sym_op->auth.digest.data)); fle->length = sess->digest_length; - - DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(fle)); - DPAA2_SET_FD_COMPOUND_FMT(fd); fle++; - if (sess->dir == DIR_ENC) { - DPAA2_SET_FLE_ADDR(fle, - DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src)); - DPAA2_SET_FLE_OFFSET(fle, sym_op->auth.data.offset + - sym_op->m_src->data_off); - DPAA2_SET_FD_LEN(fd, sym_op->auth.data.length); - fle->length = sym_op->auth.data.length; - } else { - sge = fle + 2; - DPAA2_SET_FLE_SG_EXT(fle); - DPAA2_SET_FLE_ADDR(fle, DPAA2_VADDR_TO_IOVA(sge)); + /* Setting input FLE */ + DPAA2_SET_FLE_ADDR(fle, DPAA2_VADDR_TO_IOVA(sge)); + DPAA2_SET_FLE_SG_EXT(fle); + fle->length = data_len; + + if (sess->iv.length) { + uint8_t *iv_ptr; + + iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, + sess->iv.offset); - if (likely(bpid < MAX_BPID)) { - DPAA2_SET_FLE_BPID(sge, bpid); - DPAA2_SET_FLE_BPID(sge + 1, bpid); + if (sess->auth_alg == RTE_CRYPTO_AUTH_SNOW3G_UIA2) { + iv_ptr = conv_to_snow_f9_iv(iv_ptr); + sge->length = 12; } else { - DPAA2_SET_FLE_IVP(sge); - DPAA2_SET_FLE_IVP((sge + 1)); + sge->length = sess->iv.length; } - DPAA2_SET_FLE_ADDR(sge, - DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src)); - DPAA2_SET_FLE_OFFSET(sge, sym_op->auth.data.offset + - sym_op->m_src->data_off); - DPAA2_SET_FD_LEN(fd, sym_op->auth.data.length + - sess->digest_length); - sge->length = sym_op->auth.data.length; + DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(iv_ptr)); + fle->length = fle->length + sge->length; + sge++; + } + + /* Setting data to authenticate */ + DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src)); + DPAA2_SET_FLE_OFFSET(sge, data_offset + sym_op->m_src->data_off); + sge->length = data_len; + + if (sess->dir == DIR_DEC) { sge++; old_digest = (uint8_t *)(sge + 1); rte_memcpy(old_digest, sym_op->auth.digest.data, sess->digest_length); DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_digest)); sge->length = sess->digest_length; - fle->length = sym_op->auth.data.length + - sess->digest_length; - DPAA2_SET_FLE_FIN(sge); + fle->length = fle->length + sess->digest_length; } + + DPAA2_SET_FLE_FIN(sge); DPAA2_SET_FLE_FIN(fle); + DPAA2_SET_FD_LEN(fd, fle->length); return 0; } @@ -1046,6 +1109,7 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, { struct rte_crypto_sym_op *sym_op = op->sym; struct qbman_fle *ip_fle, *op_fle, *sge, *fle; + int data_len, data_offset; struct sec_flow_context *flc; struct ctxt_priv *priv = sess->ctxt; struct rte_mbuf *mbuf; @@ -1054,6 +1118,20 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, PMD_INIT_FUNC_TRACE(); + data_len = sym_op->cipher.data.length; + data_offset = sym_op->cipher.data.offset; + + if (sess->cipher_alg == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 || + sess->cipher_alg == RTE_CRYPTO_CIPHER_ZUC_EEA3) { + if ((data_len & 7) || (data_offset & 7)) { + DPAA2_SEC_ERR("CIPHER: len/offset must be full bytes"); + return -1; + } + + data_len = data_len >> 3; + data_offset = data_offset >> 3; + } + if (sym_op->m_dst) mbuf = sym_op->m_dst; else @@ -1079,20 +1157,20 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, DPAA2_SEC_DP_DEBUG( "CIPHER SG: cipher_off: 0x%x/length %d, ivlen=%d" " data_off: 0x%x\n", - sym_op->cipher.data.offset, - sym_op->cipher.data.length, + data_offset, + data_len, sess->iv.length, sym_op->m_src->data_off); /* o/p fle */ DPAA2_SET_FLE_ADDR(op_fle, DPAA2_VADDR_TO_IOVA(sge)); - op_fle->length = sym_op->cipher.data.length; + op_fle->length = data_len; DPAA2_SET_FLE_SG_EXT(op_fle); /* o/p 1st seg */ DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); - DPAA2_SET_FLE_OFFSET(sge, sym_op->cipher.data.offset + mbuf->data_off); - sge->length = mbuf->data_len - sym_op->cipher.data.offset; + DPAA2_SET_FLE_OFFSET(sge, data_offset + mbuf->data_off); + sge->length = mbuf->data_len - data_offset; mbuf = mbuf->next; /* o/p segs */ @@ -1114,7 +1192,7 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, mbuf = sym_op->m_src; sge++; DPAA2_SET_FLE_ADDR(ip_fle, DPAA2_VADDR_TO_IOVA(sge)); - ip_fle->length = sess->iv.length + sym_op->cipher.data.length; + ip_fle->length = sess->iv.length + data_len; DPAA2_SET_FLE_SG_EXT(ip_fle); /* i/p IV */ @@ -1126,9 +1204,8 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, /* i/p 1st seg */ DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf)); - DPAA2_SET_FLE_OFFSET(sge, sym_op->cipher.data.offset + - mbuf->data_off); - sge->length = mbuf->data_len - sym_op->cipher.data.offset; + DPAA2_SET_FLE_OFFSET(sge, data_offset + mbuf->data_off); + sge->length = mbuf->data_len - data_offset; mbuf = mbuf->next; /* i/p segs */ @@ -1165,7 +1242,7 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, { struct rte_crypto_sym_op *sym_op = op->sym; struct qbman_fle *fle, *sge; - int retval; + int retval, data_len, data_offset; struct sec_flow_context *flc; struct ctxt_priv *priv = sess->ctxt; uint8_t *iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, @@ -1174,6 +1251,20 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, PMD_INIT_FUNC_TRACE(); + data_len = sym_op->cipher.data.length; + data_offset = sym_op->cipher.data.offset; + + if (sess->cipher_alg == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 || + sess->cipher_alg == RTE_CRYPTO_CIPHER_ZUC_EEA3) { + if ((data_len & 7) || (data_offset & 7)) { + DPAA2_SEC_ERR("CIPHER: len/offset must be full bytes"); + return -1; + } + + data_len = data_len >> 3; + data_offset = data_offset >> 3; + } + if (sym_op->m_dst) dst = sym_op->m_dst; else @@ -1212,24 +1303,22 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, flc = &priv->flc_desc[0].flc; DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(fle)); - DPAA2_SET_FD_LEN(fd, sym_op->cipher.data.length + - sess->iv.length); + DPAA2_SET_FD_LEN(fd, data_len + sess->iv.length); DPAA2_SET_FD_COMPOUND_FMT(fd); DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc)); DPAA2_SEC_DP_DEBUG( "CIPHER: cipher_off: 0x%x/length %d, ivlen=%d," " data_off: 0x%x\n", - sym_op->cipher.data.offset, - sym_op->cipher.data.length, + data_offset, + data_len, sess->iv.length, sym_op->m_src->data_off); DPAA2_SET_FLE_ADDR(fle, DPAA2_MBUF_VADDR_TO_IOVA(dst)); - DPAA2_SET_FLE_OFFSET(fle, sym_op->cipher.data.offset + - dst->data_off); + DPAA2_SET_FLE_OFFSET(fle, data_offset + dst->data_off); - fle->length = sym_op->cipher.data.length + sess->iv.length; + fle->length = data_len + sess->iv.length; DPAA2_SEC_DP_DEBUG( "CIPHER: 1 - flc = %p, fle = %p FLEaddr = %x-%x, length %d\n", @@ -1239,7 +1328,7 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, fle++; DPAA2_SET_FLE_ADDR(fle, DPAA2_VADDR_TO_IOVA(sge)); - fle->length = sym_op->cipher.data.length + sess->iv.length; + fle->length = data_len + sess->iv.length; DPAA2_SET_FLE_SG_EXT(fle); @@ -1248,10 +1337,9 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, sge++; DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(sym_op->m_src)); - DPAA2_SET_FLE_OFFSET(sge, sym_op->cipher.data.offset + - sym_op->m_src->data_off); + DPAA2_SET_FLE_OFFSET(sge, data_offset + sym_op->m_src->data_off); - sge->length = sym_op->cipher.data.length; + sge->length = data_len; DPAA2_SET_FLE_FIN(sge); DPAA2_SET_FLE_FIN(fle); @@ -1762,32 +1850,60 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev, /* Set IV parameters */ session->iv.offset = xform->cipher.iv.offset; session->iv.length = xform->cipher.iv.length; + session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ? + DIR_ENC : DIR_DEC; switch (xform->cipher.algo) { case RTE_CRYPTO_CIPHER_AES_CBC: cipherdata.algtype = OP_ALG_ALGSEL_AES; cipherdata.algmode = OP_ALG_AAI_CBC; session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC; + bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0, + SHR_NEVER, &cipherdata, NULL, + session->iv.length, + session->dir); break; case RTE_CRYPTO_CIPHER_3DES_CBC: cipherdata.algtype = OP_ALG_ALGSEL_3DES; cipherdata.algmode = OP_ALG_AAI_CBC; session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC; + bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0, + SHR_NEVER, &cipherdata, NULL, + session->iv.length, + session->dir); break; case RTE_CRYPTO_CIPHER_AES_CTR: cipherdata.algtype = OP_ALG_ALGSEL_AES; cipherdata.algmode = OP_ALG_AAI_CTR; session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR; + bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0, + SHR_NEVER, &cipherdata, NULL, + session->iv.length, + session->dir); break; case RTE_CRYPTO_CIPHER_3DES_CTR: + cipherdata.algtype = OP_ALG_ALGSEL_3DES; + cipherdata.algmode = OP_ALG_AAI_CTR; + session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CTR; + bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0, + SHR_NEVER, &cipherdata, NULL, + session->iv.length, + session->dir); + break; + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + cipherdata.algtype = OP_ALG_ALGSEL_SNOW_F8; + session->cipher_alg = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; + bufsize = cnstr_shdsc_snow_f8(priv->flc_desc[0].desc, 1, 0, + &cipherdata, + session->dir); + break; + case RTE_CRYPTO_CIPHER_KASUMI_F8: + case RTE_CRYPTO_CIPHER_ZUC_EEA3: + case RTE_CRYPTO_CIPHER_AES_F8: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_XTS: - case RTE_CRYPTO_CIPHER_AES_F8: case RTE_CRYPTO_CIPHER_ARC4: - case RTE_CRYPTO_CIPHER_KASUMI_F8: - case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: - case RTE_CRYPTO_CIPHER_ZUC_EEA3: case RTE_CRYPTO_CIPHER_NULL: DPAA2_SEC_ERR("Crypto: Unsupported Cipher alg %u", xform->cipher.algo); @@ -1797,12 +1913,7 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev, xform->cipher.algo); goto error_out; } - session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ? - DIR_ENC : DIR_DEC; - bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0, SHR_NEVER, - &cipherdata, NULL, session->iv.length, - session->dir); if (bufsize < 0) { DPAA2_SEC_ERR("Crypto: Descriptor build failed"); goto error_out; @@ -1865,40 +1976,77 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev, authdata.key_type = RTA_DATA_IMM; session->digest_length = xform->auth.digest_length; + session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ? + DIR_ENC : DIR_DEC; switch (xform->auth.algo) { case RTE_CRYPTO_AUTH_SHA1_HMAC: authdata.algtype = OP_ALG_ALGSEL_SHA1; authdata.algmode = OP_ALG_AAI_HMAC; session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC; + bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, SHR_NEVER, &authdata, + !session->dir, + session->digest_length); break; case RTE_CRYPTO_AUTH_MD5_HMAC: authdata.algtype = OP_ALG_ALGSEL_MD5; authdata.algmode = OP_ALG_AAI_HMAC; session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC; + bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, SHR_NEVER, &authdata, + !session->dir, + session->digest_length); break; case RTE_CRYPTO_AUTH_SHA256_HMAC: authdata.algtype = OP_ALG_ALGSEL_SHA256; authdata.algmode = OP_ALG_AAI_HMAC; session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC; + bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, SHR_NEVER, &authdata, + !session->dir, + session->digest_length); break; case RTE_CRYPTO_AUTH_SHA384_HMAC: authdata.algtype = OP_ALG_ALGSEL_SHA384; authdata.algmode = OP_ALG_AAI_HMAC; session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC; + bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, SHR_NEVER, &authdata, + !session->dir, + session->digest_length); break; case RTE_CRYPTO_AUTH_SHA512_HMAC: authdata.algtype = OP_ALG_ALGSEL_SHA512; authdata.algmode = OP_ALG_AAI_HMAC; session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC; + bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, SHR_NEVER, &authdata, + !session->dir, + session->digest_length); break; case RTE_CRYPTO_AUTH_SHA224_HMAC: authdata.algtype = OP_ALG_ALGSEL_SHA224; authdata.algmode = OP_ALG_AAI_HMAC; session->auth_alg = RTE_CRYPTO_AUTH_SHA224_HMAC; + bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, SHR_NEVER, &authdata, + !session->dir, + session->digest_length); break; - case RTE_CRYPTO_AUTH_AES_XCBC_MAC: case RTE_CRYPTO_AUTH_SNOW3G_UIA2: + authdata.algtype = OP_ALG_ALGSEL_SNOW_F9; + authdata.algmode = OP_ALG_AAI_F9; + session->auth_alg = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + session->iv.offset = xform->auth.iv.offset; + session->iv.length = xform->auth.iv.length; + bufsize = cnstr_shdsc_snow_f9(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, &authdata, + !session->dir, + session->digest_length); + break; + case RTE_CRYPTO_AUTH_KASUMI_F9: + case RTE_CRYPTO_AUTH_ZUC_EIA3: case RTE_CRYPTO_AUTH_NULL: case RTE_CRYPTO_AUTH_SHA1: case RTE_CRYPTO_AUTH_SHA256: @@ -1907,10 +2055,9 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev, case RTE_CRYPTO_AUTH_SHA384: case RTE_CRYPTO_AUTH_MD5: case RTE_CRYPTO_AUTH_AES_GMAC: - case RTE_CRYPTO_AUTH_KASUMI_F9: + case RTE_CRYPTO_AUTH_AES_XCBC_MAC: case RTE_CRYPTO_AUTH_AES_CMAC: case RTE_CRYPTO_AUTH_AES_CBC_MAC: - case RTE_CRYPTO_AUTH_ZUC_EIA3: DPAA2_SEC_ERR("Crypto: Unsupported auth alg %un", xform->auth.algo); goto error_out; @@ -1919,12 +2066,7 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev, xform->auth.algo); goto error_out; } - session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ? - DIR_ENC : DIR_DEC; - bufsize = cnstr_shdsc_hmac(priv->flc_desc[DESC_INITFINAL].desc, - 1, 0, SHR_NEVER, &authdata, !session->dir, - session->digest_length); if (bufsize < 0) { DPAA2_SEC_ERR("Crypto: Invalid buffer length"); goto error_out; diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h index 679fd006b..0a81ae52d 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h @@ -410,7 +410,51 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = { }, } }, } }, - + { /* SNOW 3G (UIA2) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 4, + .max = 4, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* SNOW 3G (UEA2) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h index 5e8e5e79c..e01b9b4c9 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h @@ -57,6 +57,36 @@ cnstr_shdsc_snow_f8(uint32_t *descbuf, bool ps, bool swap, return PROGRAM_FINALIZE(p); } +/** + * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16bit to 12 bit convert + * funtion for 3G. + * @iv: 16 bit original IV data + * + * Return: 12 bit IV data as understood by SEC HW + */ + +static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv) +{ + uint8_t temp = (iv[8] == iv[0]) ? 0 : 4; + + iv[12] = iv[4]; + iv[13] = iv[5]; + iv[14] = iv[6]; + iv[15] = iv[7]; + + iv[8] = temp; + iv[9] = 0x00; + iv[10] = 0x00; + iv[11] = 0x00; + + iv[4] = iv[0]; + iv[5] = iv[1]; + iv[6] = iv[2]; + iv[7] = iv[3]; + + return (iv + 4); +} + /** * cnstr_shdsc_snow_f9 - SNOW/f9 (UIA2) as a shared descriptor * @descbuf: pointer to descriptor-under-construction buffer From patchwork Mon Sep 30 11:52:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60175 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 202FA1BECA; Mon, 30 Sep 2019 14:08:39 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id CF2091B94A for ; Mon, 30 Sep 2019 14:08:13 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id AF9C81A0824; Mon, 30 Sep 2019 14:08:13 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id E0F961A0095; Mon, 30 Sep 2019 14:08:10 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 5356040296; Mon, 30 Sep 2019 20:08:07 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg , Hemant Agrawal Date: Mon, 30 Sep 2019 17:22:35 +0530 Message-Id: <20190930115237.5073-19-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 18/20] crypto/dpaa2_sec/hw: support kasumi X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg Add Kasumi processing for non PDCP proto offload cases. Also add support for pre-computed IV in Kasumi-f9 Signed-off-by: Vakul Garg Signed-off-by: Hemant Agrawal Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/algo.h | 64 +++++++++++-------------- 1 file changed, 29 insertions(+), 35 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h index e01b9b4c9..88ab40da5 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h @@ -349,34 +349,25 @@ cnstr_shdsc_hmac(uint32_t *descbuf, bool ps, bool swap, */ static inline int cnstr_shdsc_kasumi_f8(uint32_t *descbuf, bool ps, bool swap, - struct alginfo *cipherdata, uint8_t dir, - uint32_t count, uint8_t bearer, uint8_t direction) + struct alginfo *cipherdata, uint8_t dir) { struct program prg; struct program *p = &prg; - uint64_t ct = count; - uint64_t br = bearer; - uint64_t dr = direction; - uint32_t context[2] = { ct, (br << 27) | (dr << 26) }; PROGRAM_CNTXT_INIT(p, descbuf, 0); - if (swap) { + if (swap) PROGRAM_SET_BSWAP(p); - - context[0] = swab32(context[0]); - context[1] = swab32(context[1]); - } if (ps) PROGRAM_SET_36BIT_ADDR(p); SHR_HDR(p, SHR_ALWAYS, 1, 0); KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, cipherdata->keylen, INLINE_KEY(cipherdata)); + SEQLOAD(p, CONTEXT1, 0, 8, 0); MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0); MATHB(p, SEQINSZ, SUB, MATH2, VSEQOUTSZ, 4, 0); ALG_OPERATION(p, OP_ALG_ALGSEL_KASUMI, OP_ALG_AAI_F8, OP_ALG_AS_INITFINAL, 0, dir); - LOAD(p, (uintptr_t)context, CONTEXT1, 0, 8, IMMED | COPY); SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1); SEQFIFOSTORE(p, MSG, 0, 0, VLF); @@ -390,46 +381,49 @@ cnstr_shdsc_kasumi_f8(uint32_t *descbuf, bool ps, bool swap, * @ps: if 36/40bit addressing is desired, this parameter must be true * @swap: must be true when core endianness doesn't match SEC endianness * @authdata: pointer to authentication transform definitions - * @dir: cipher direction (DIR_ENC/DIR_DEC) - * @count: count value (32 bits) - * @fresh: fresh value ID (32 bits) - * @direction: direction (1 bit) - * @datalen: size of data + * @chk_icv: check or generate ICV value + * @authlen: size of digest * * Return: size of descriptor written in words or negative number on error */ static inline int cnstr_shdsc_kasumi_f9(uint32_t *descbuf, bool ps, bool swap, - struct alginfo *authdata, uint8_t dir, - uint32_t count, uint32_t fresh, uint8_t direction, - uint32_t datalen) + struct alginfo *authdata, uint8_t chk_icv, + uint32_t authlen) { struct program prg; struct program *p = &prg; - uint16_t ctx_offset = 16; - uint32_t context[6] = {count, direction << 26, fresh, 0, 0, 0}; + int dir = chk_icv ? DIR_DEC : DIR_ENC; PROGRAM_CNTXT_INIT(p, descbuf, 0); - if (swap) { + if (swap) PROGRAM_SET_BSWAP(p); - context[0] = swab32(context[0]); - context[1] = swab32(context[1]); - context[2] = swab32(context[2]); - } if (ps) PROGRAM_SET_36BIT_ADDR(p); + SHR_HDR(p, SHR_ALWAYS, 1, 0); - KEY(p, KEY1, authdata->key_enc_flags, authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + SEQLOAD(p, CONTEXT2, 0, 12, 0); + + if (chk_icv == ICV_CHECK_ENABLE) + MATHB(p, SEQINSZ, SUB, authlen, VSEQINSZ, 4, IMMED2); + else + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + ALG_OPERATION(p, OP_ALG_ALGSEL_KASUMI, OP_ALG_AAI_F9, - OP_ALG_AS_INITFINAL, 0, dir); - LOAD(p, (uintptr_t)context, CONTEXT1, 0, 24, IMMED | COPY); - SEQFIFOLOAD(p, BIT_DATA, datalen, CLASS1 | LAST1); - /* Save output MAC of DWORD 2 into a 32-bit sequence */ - SEQSTORE(p, CONTEXT1, ctx_offset, 4, 0); + OP_ALG_AS_INITFINAL, chk_icv, dir); + + SEQFIFOLOAD(p, MSG2, 0, VLF | CLASS2 | LAST2); + + if (chk_icv == ICV_CHECK_ENABLE) + SEQFIFOLOAD(p, ICV2, authlen, LAST2); + else + /* Save lower half of MAC out into a 32-bit sequence */ + SEQSTORE(p, CONTEXT2, 0, authlen, 0); return PROGRAM_FINALIZE(p); } From patchwork Mon Sep 30 11:52:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60176 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 2A4221BEC9; Mon, 30 Sep 2019 14:09:52 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 63244CFA6 for ; Mon, 30 Sep 2019 14:08:15 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 4539C200470; Mon, 30 Sep 2019 14:08:15 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 8220A200025; Mon, 30 Sep 2019 14:08:12 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 92C3C40319; Mon, 30 Sep 2019 20:08:08 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg , Hemant Agrawal Date: Mon, 30 Sep 2019 17:22:36 +0530 Message-Id: <20190930115237.5073-20-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 19/20] crypto/dpaa2_sec/hw: support ZUCE and ZUCA X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch add support for ZUC Encryption and ZUC Authentication. Before passing to CAAM, the 16-byte ZUCA IV is converted to 8-byte format which consists of 38-bits of count||bearer|direction. Signed-off-by: Vakul Garg Signed-off-by: Hemant Agrawal Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/algo.h | 136 +++++++++++++++++++++++- 1 file changed, 132 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h index 88ab40da5..c76842732 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h @@ -17,6 +17,103 @@ * Shared descriptors for algorithms (i.e. not for protocols). */ +/** + * cnstr_shdsc_zuce - ZUC Enc (EEA2) as a shared descriptor + * @descbuf: pointer to descriptor-under-construction buffer + * @ps: if 36/40bit addressing is desired, this parameter must be true + * @swap: must be true when core endianness doesn't match SEC endianness + * @cipherdata: pointer to block cipher transform definitions + * @dir: Cipher direction (DIR_ENC/DIR_DEC) + * + * Return: size of descriptor written in words or negative number on error + */ +static inline int +cnstr_shdsc_zuce(uint32_t *descbuf, bool ps, bool swap, + struct alginfo *cipherdata, uint8_t dir) +{ + struct program prg; + struct program *p = &prg; + + PROGRAM_CNTXT_INIT(p, descbuf, 0); + if (swap) + PROGRAM_SET_BSWAP(p); + + if (ps) + PROGRAM_SET_36BIT_ADDR(p); + SHR_HDR(p, SHR_ALWAYS, 1, 0); + + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + + SEQLOAD(p, CONTEXT1, 0, 16, 0); + + MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0); + MATHB(p, SEQINSZ, SUB, MATH2, VSEQOUTSZ, 4, 0); + ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCE, OP_ALG_AAI_F8, + OP_ALG_AS_INITFINAL, 0, dir); + SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1); + SEQFIFOSTORE(p, MSG, 0, 0, VLF); + + return PROGRAM_FINALIZE(p); +} + +/** + * cnstr_shdsc_zuca - ZUC Auth (EIA2) as a shared descriptor + * @descbuf: pointer to descriptor-under-construction buffer + * @ps: if 36/40bit addressing is desired, this parameter must be true + * @swap: must be true when core endianness doesn't match SEC endianness + * @authdata: pointer to authentication transform definitions + * @chk_icv: Whether to compare and verify ICV (true/false) + * @authlen: size of digest + * + * The IV prepended before hmac payload must be 8 bytes consisting + * of COUNT||BEAERER||DIR. The COUNT is of 32-bits, bearer is of 5 bits and + * direction is of 1 bit - totalling to 38 bits. + * + * Return: size of descriptor written in words or negative number on error + */ +static inline int +cnstr_shdsc_zuca(uint32_t *descbuf, bool ps, bool swap, + struct alginfo *authdata, uint8_t chk_icv, + uint32_t authlen) +{ + struct program prg; + struct program *p = &prg; + int dir = chk_icv ? DIR_DEC : DIR_ENC; + + PROGRAM_CNTXT_INIT(p, descbuf, 0); + if (swap) + PROGRAM_SET_BSWAP(p); + + if (ps) + PROGRAM_SET_36BIT_ADDR(p); + SHR_HDR(p, SHR_ALWAYS, 1, 0); + + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + SEQLOAD(p, CONTEXT2, 0, 8, 0); + + if (chk_icv == ICV_CHECK_ENABLE) + MATHB(p, SEQINSZ, SUB, authlen, VSEQINSZ, 4, IMMED2); + else + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + + ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCA, OP_ALG_AAI_F9, + OP_ALG_AS_INITFINAL, chk_icv, dir); + + SEQFIFOLOAD(p, MSG2, 0, VLF | CLASS2 | LAST2); + + if (chk_icv == ICV_CHECK_ENABLE) + SEQFIFOLOAD(p, ICV2, authlen, LAST2); + else + /* Save lower half of MAC out into a 32-bit sequence */ + SEQSTORE(p, CONTEXT2, 0, authlen, 0); + + return PROGRAM_FINALIZE(p); +} + + /** * cnstr_shdsc_snow_f8 - SNOW/f8 (UEA2) as a shared descriptor * @descbuf: pointer to descriptor-under-construction buffer @@ -58,11 +155,43 @@ cnstr_shdsc_snow_f8(uint32_t *descbuf, bool ps, bool swap, } /** - * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16bit to 12 bit convert + * conv_to_zuc_eia_iv - ZUCA IV 16-byte to 8-byte convert + * function for 3G. + * @iv: 16 bytes of original IV data. + * + * From the original IV, we extract 32-bits of COUNT, + * 5-bits of bearer and 1-bit of direction. + * Refer to CAAM refman for ZUCA IV format. Then these values are + * appended as COUNT||BEARER||DIR continuously to make a 38-bit block. + * This 38-bit block is copied left justified into 8-byte array used as + * converted IV. + * + * Return: 8-bytes of IV data as understood by SEC HW + */ + +static inline uint8_t *conv_to_zuc_eia_iv(uint8_t *iv) +{ + uint8_t dir = (iv[14] & 0x80) ? 4 : 0; + + iv[12] = iv[4] | dir; + iv[13] = 0; + iv[14] = 0; + iv[15] = 0; + + iv[8] = iv[0]; + iv[9] = iv[1]; + iv[10] = iv[2]; + iv[11] = iv[3]; + + return (iv + 8); +} + +/** + * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16 byte to 12 byte convert * funtion for 3G. - * @iv: 16 bit original IV data + * @iv: 16 byte original IV data * - * Return: 12 bit IV data as understood by SEC HW + * Return: 12 byte IV data as understood by SEC HW */ static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv) @@ -93,7 +222,6 @@ static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv) * @ps: if 36/40bit addressing is desired, this parameter must be true * @swap: must be true when core endianness doesn't match SEC endianness * @authdata: pointer to authentication transform definitions - * @dir: cipher direction (DIR_ENC/DIR_DEC) * @chk_icv: check or generate ICV value * @authlen: size of digest * From patchwork Mon Sep 30 11:52:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 60177 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id B3C871BED1; Mon, 30 Sep 2019 14:09:54 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 31C3B1BE80 for ; Mon, 30 Sep 2019 14:08:17 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id E07D01A048C; Mon, 30 Sep 2019 14:08:16 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 2140D1A0095; Mon, 30 Sep 2019 14:08:14 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 87269402C7; Mon, 30 Sep 2019 20:08:10 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Hemant Agrawal , Vakul Garg Date: Mon, 30 Sep 2019 17:22:37 +0530 Message-Id: <20190930115237.5073-21-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930115237.5073-1-akhil.goyal@nxp.com> References: <20190902121734.926-1-akhil.goyal@nxp.com> <20190930115237.5073-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v2 20/20] crypto/dpaa2_sec: support zuc ciphering/integrity X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Hemant Agrawal Signed-off-by: Hemant Agrawal Signed-off-by: Vakul Garg Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++- drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 45 +++++++++++++++++++++ 2 files changed, 68 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 637362e30..d985e630a 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -1072,6 +1072,9 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op, if (sess->auth_alg == RTE_CRYPTO_AUTH_SNOW3G_UIA2) { iv_ptr = conv_to_snow_f9_iv(iv_ptr); sge->length = 12; + } else if (sess->auth_alg == RTE_CRYPTO_AUTH_ZUC_EIA3) { + iv_ptr = conv_to_zuc_eia_iv(iv_ptr); + sge->length = 8; } else { sge->length = sess->iv.length; } @@ -1897,8 +1900,14 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev, &cipherdata, session->dir); break; - case RTE_CRYPTO_CIPHER_KASUMI_F8: case RTE_CRYPTO_CIPHER_ZUC_EEA3: + cipherdata.algtype = OP_ALG_ALGSEL_ZUCE; + session->cipher_alg = RTE_CRYPTO_CIPHER_ZUC_EEA3; + bufsize = cnstr_shdsc_zuce(priv->flc_desc[0].desc, 1, 0, + &cipherdata, + session->dir); + break; + case RTE_CRYPTO_CIPHER_KASUMI_F8: case RTE_CRYPTO_CIPHER_AES_F8: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_3DES_ECB: @@ -2045,8 +2054,18 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev, !session->dir, session->digest_length); break; - case RTE_CRYPTO_AUTH_KASUMI_F9: case RTE_CRYPTO_AUTH_ZUC_EIA3: + authdata.algtype = OP_ALG_ALGSEL_ZUCA; + authdata.algmode = OP_ALG_AAI_F9; + session->auth_alg = RTE_CRYPTO_AUTH_ZUC_EIA3; + session->iv.offset = xform->auth.iv.offset; + session->iv.length = xform->auth.iv.length; + bufsize = cnstr_shdsc_zuca(priv->flc_desc[DESC_INITFINAL].desc, + 1, 0, &authdata, + !session->dir, + session->digest_length); + break; + case RTE_CRYPTO_AUTH_KASUMI_F9: case RTE_CRYPTO_AUTH_NULL: case RTE_CRYPTO_AUTH_SHA1: case RTE_CRYPTO_AUTH_SHA256: @@ -2357,6 +2376,7 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev, session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR; break; case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + case RTE_CRYPTO_CIPHER_ZUC_EEA3: case RTE_CRYPTO_CIPHER_NULL: case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_ECB: @@ -2651,6 +2671,7 @@ dpaa2_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform, cipherdata->algtype = OP_PCL_IPSEC_NULL; break; case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + case RTE_CRYPTO_CIPHER_ZUC_EEA3: case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_KASUMI_F8: diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h index 0a81ae52d..4d682c5d8 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h @@ -455,6 +455,51 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = { }, } }, } }, + { /* ZUC (EEA3) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* ZUC (EIA3) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_ZUC_EIA3, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 4, + .max = 4, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() };