From patchwork Thu Sep 26 12:36:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nagadheeraj Rottela X-Patchwork-Id: 59877 Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 7C61C1BE8E; Thu, 26 Sep 2019 14:37:06 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by dpdk.org (Postfix) with ESMTP id C27671B99D for ; Thu, 26 Sep 2019 14:36:59 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x8QCVH8l012885; Thu, 26 Sep 2019 05:36:59 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pfpt0818; bh=7Z06uDC/KNCN3sKaIrL4hsaU18FLOe9Ucr5FJ9dC4QE=; b=PP30YhBhSrgHDbltq0idqSdhRkyKrr+ojNo1ZSDJI5WBxZsrgKtJIIKieAUERIPJpu1U l/VRHC10nUBE6ZoRoB87MydZxeXHo1Go6RcNfMkvUNj8EeVz5PDoy3pSWmeaqgPZm1+B +U5wbC8OwEQlx2h841DUJPcS4X5sFrPzloys4IgdcdxGXCJsRk3sFD7eOrdU1oC9OwFo rt5Hz0idVCQ9+Oyz0d6vJlxi29tMYZO1eTA2Uwr7UGqCM14IAaKiTrEH3U/GOb3MZ+KX aX3w9ZUXwlt7+MXOz+56z8zhhTjxzaDkWJfEDOoYCpQvodzIZZEJemrWg6osiu9Q3DPv wQ== Received: from sc-exch04.marvell.com ([199.233.58.184]) by mx0a-0016f401.pphosted.com with ESMTP id 2v8vdwg7xm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 26 Sep 2019 05:36:58 -0700 Received: from SC-EXCH04.marvell.com (10.93.176.84) by SC-EXCH04.marvell.com (10.93.176.84) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 26 Sep 2019 05:36:57 -0700 Received: from NAM04-CO1-obe.outbound.protection.outlook.com (104.47.45.52) by SC-EXCH04.marvell.com (10.93.176.84) with Microsoft SMTP Server (TLS) id 15.0.1367.3 via Frontend Transport; Thu, 26 Sep 2019 05:36:57 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LIASD/gG2LBnpYtZOSH0Lo4/HIogbb9znhLLEVVeFxzuzvyDmYylWxCnfKSbXLdkJ0o2qGzugDQ1FTtvvMdTX7xgleNoXtRAQTGUL7K2k2rIBU9GtC7eSxxQpvJnOC5Tfw02OQ8gcE7F0ijLFD+zbz6apUFXuZgloCwthnP66O5J1AYpCM6fonbj9rDDk8MY/+HpbcqFHlQF3Bdx1/pF1qCDxNuFzkHZcE+i0MpjjTRFrSC/z2aQ6qCA786zCk5+BdlP0fK4okPGQC792FrleN3BLYOTDva1NcA5lJQjXcx3PYx6s0k6n5ItjLCuhnobSmfHeFyWbvXWsKVDgA4zJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7Z06uDC/KNCN3sKaIrL4hsaU18FLOe9Ucr5FJ9dC4QE=; b=hntVW1CFUXHQfIlEKXVL1DnocBn9DvQ2FRIpSF3OsUCytB4bLxdlghvMT1Wxei7szru3ZMFRFym/VMOXooBfFUhU6S/EFfcLIrbenbmWwDfosv8kFqg2MhiTEtN9olVjSy1G8SkTPjjiFZ/FVmCFbcXo+NOat6sPIDJx2DEi3jS1YTiAkbLPWuGYRGT4l7yn5zv5T3+OGv/kVrD/9LUeCnr2IJS2pJuUw3aZyZ6zypPEoA7LmHDGR8wRrgJHbswWez8vSjwpwe4wBkxeHHYrXsWAWcvCtB8iecMLUzenq2A3ONdo+dX8NadP/Rw+A+9WPnQP2+CKPNFBb5vcDLow+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector2-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7Z06uDC/KNCN3sKaIrL4hsaU18FLOe9Ucr5FJ9dC4QE=; b=rikjp/I5k0RGxJxPsUK3nz8XOpjbMwzwwdXRhpx3p6nwogIfgo+nSk8AdlQ39wjjg30EvKS5NOyLE/URYEWdrZOXON/3aIqFoKo8OoAhi0p81nAVIwUVxMcUO4/l/GhV5VCvORpkRLqJrYmrmeryLWSjEruZH3f0k1nN3wOzqCs= Received: from MN2PR18MB2797.namprd18.prod.outlook.com (20.179.22.16) by MN2PR18MB2766.namprd18.prod.outlook.com (20.178.255.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.17; Thu, 26 Sep 2019 12:36:55 +0000 Received: from MN2PR18MB2797.namprd18.prod.outlook.com ([fe80::2010:7134:bdcf:8ad9]) by MN2PR18MB2797.namprd18.prod.outlook.com ([fe80::2010:7134:bdcf:8ad9%7]) with mapi id 15.20.2284.028; Thu, 26 Sep 2019 12:36:55 +0000 From: Nagadheeraj Rottela To: "akhil.goyal@nxp.com" , "pablo.de.lara.guarch@intel.com" CC: Srikanth Jampala , "dev@dpdk.org" , Nagadheeraj Rottela Thread-Topic: [PATCH v5 5/8] crypto/nitrox: add session management operations Thread-Index: AQHVdGcUG0xDCqof20KYpFkGEqvOng== Date: Thu, 26 Sep 2019 12:36:55 +0000 Message-ID: <20190926123609.28417-6-rnagadheeraj@marvell.com> References: <20190716091016.4788-1-rnagadheeraj@marvell.com> <20190926123609.28417-1-rnagadheeraj@marvell.com> In-Reply-To: <20190926123609.28417-1-rnagadheeraj@marvell.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BM1PR01CA0127.INDPRD01.PROD.OUTLOOK.COM (2603:1096:b00:40::21) To MN2PR18MB2797.namprd18.prod.outlook.com (2603:10b6:208:a0::16) x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.13.6 x-originating-ip: [115.113.156.2] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f7faed84-1dbb-4e65-446d-08d7427e3722 x-ms-traffictypediagnostic: MN2PR18MB2766: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:372; x-forefront-prvs: 0172F0EF77 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(39860400002)(136003)(396003)(366004)(199004)(189003)(4326008)(66946007)(2501003)(66476007)(64756008)(66556008)(14444005)(256004)(3846002)(6116002)(66446008)(81156014)(8936002)(81166006)(8676002)(66066001)(7736002)(50226002)(305945005)(386003)(102836004)(52116002)(6506007)(55236004)(76176011)(26005)(11346002)(446003)(99286004)(186003)(14454004)(1076003)(478600001)(30864003)(36756003)(86362001)(54906003)(110136005)(2906002)(71200400001)(71190400001)(316002)(6486002)(5660300002)(476003)(6512007)(6436002)(486006)(107886003)(2616005)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR18MB2766; H:MN2PR18MB2797.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: marvell.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: wm9vXp17Fus6xdGoF1rkRhVbsIj2gRbR99Rrg/apaoi9KuWz5+T23f24xrphpRdL8c8v7RFZTRhFIg3y9f7U7K9+xDPeXbBXcreGRUxkPh00epj9s1sjl+cOGHJPZ1/Ng7qo6k/iUsdiYpUWZhc12sqNkOqiHhYSAp/q4yML97iQ8sNL0Jw4C0S9hpC5MSbaFGmgOD40l6I7dXr27kWH8nwq5sfT5LiwRLezT/krCLE9fihkpA92iX8lPbFZtUCVgjHGZoS9m0ZDhBSQsg//Xy5Z+0XaaDjSMpIQVfEsteNRjNeH+NwQ7r/y8t2pF2A4z9d8eLg3jCBssOvSuL0FIbEUNgoPPuNyenPhPyo5jf5EA7qkD4YyLU+lLgU7ashTWEOf6KAF1/upk4LGXTse7JtnWzHjwxG0XtWX3Kt9Yb8= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: f7faed84-1dbb-4e65-446d-08d7427e3722 X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Sep 2019 12:36:55.6458 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: xodJ563JwMZdzUVdsbfsjkz+mKU/t7TDcaI6ZNbtRj3W+rIOIR/7BW7YMVavpF+8D80dPDpp/Ymk9YSwdwymS4qoK1Vo7DYjcVg7BQR/i1o= X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR18MB2766 X-OriginatorOrg: marvell.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-09-26_06:2019-09-25,2019-09-26 signatures=0 Subject: [dpdk-dev] [PATCH v5 5/8] crypto/nitrox: add session management operations X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add all the session management operations. Signed-off-by: Nagadheeraj Rottela --- drivers/crypto/nitrox/Makefile | 1 + drivers/crypto/nitrox/meson.build | 1 + drivers/crypto/nitrox/nitrox_sym.c | 334 +++++++++++++++++++++++- drivers/crypto/nitrox/nitrox_sym_capabilities.c | 99 +++++++ drivers/crypto/nitrox/nitrox_sym_capabilities.h | 12 + drivers/crypto/nitrox/nitrox_sym_ctx.h | 84 ++++++ 6 files changed, 527 insertions(+), 4 deletions(-) create mode 100644 drivers/crypto/nitrox/nitrox_sym_capabilities.c create mode 100644 drivers/crypto/nitrox/nitrox_sym_capabilities.h create mode 100644 drivers/crypto/nitrox/nitrox_sym_ctx.h diff --git a/drivers/crypto/nitrox/Makefile b/drivers/crypto/nitrox/Makefile index 72530ee1d..f56992770 100644 --- a/drivers/crypto/nitrox/Makefile +++ b/drivers/crypto/nitrox/Makefile @@ -27,6 +27,7 @@ SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_device.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_hal.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_logs.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_sym.c +SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_sym_capabilities.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_sym_reqmgr.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox_qp.c diff --git a/drivers/crypto/nitrox/meson.build b/drivers/crypto/nitrox/meson.build index 06e006e24..03788366b 100644 --- a/drivers/crypto/nitrox/meson.build +++ b/drivers/crypto/nitrox/meson.build @@ -13,6 +13,7 @@ sources = files( 'nitrox_hal.c', 'nitrox_logs.c', 'nitrox_sym.c', + 'nitrox_sym_capabilities.c', 'nitrox_sym_reqmgr.c', 'nitrox_qp.c' ) diff --git a/drivers/crypto/nitrox/nitrox_sym.c b/drivers/crypto/nitrox/nitrox_sym.c index 0ac490829..c7d3b8d49 100644 --- a/drivers/crypto/nitrox/nitrox_sym.c +++ b/drivers/crypto/nitrox/nitrox_sym.c @@ -9,18 +9,57 @@ #include "nitrox_sym.h" #include "nitrox_device.h" +#include "nitrox_sym_capabilities.h" #include "nitrox_qp.h" #include "nitrox_sym_reqmgr.h" +#include "nitrox_sym_ctx.h" #include "nitrox_logs.h" #define CRYPTODEV_NAME_NITROX_PMD crypto_nitrox_sym +#define MC_MAC_MISMATCH_ERR_CODE 0x4c #define NPS_PKT_IN_INSTR_SIZE 64 +#define IV_FROM_DPTR 1 +#define FLEXI_CRYPTO_ENCRYPT_HMAC 0x33 +#define AES_KEYSIZE_128 16 +#define AES_KEYSIZE_192 24 +#define AES_KEYSIZE_256 32 +#define MAX_IV_LEN 16 struct nitrox_sym_device { struct rte_cryptodev *cdev; struct nitrox_device *ndev; }; +/* Cipher opcodes */ +enum flexi_cipher { + CIPHER_NULL = 0, + CIPHER_3DES_CBC, + CIPHER_3DES_ECB, + CIPHER_AES_CBC, + CIPHER_AES_ECB, + CIPHER_AES_CFB, + CIPHER_AES_CTR, + CIPHER_AES_GCM, + CIPHER_AES_XTS, + CIPHER_AES_CCM, + CIPHER_AES_CBC_CTS, + CIPHER_AES_ECB_CTS, + CIPHER_INVALID +}; + +/* Auth opcodes */ +enum flexi_auth { + AUTH_NULL = 0, + AUTH_MD5, + AUTH_SHA1, + AUTH_SHA2_SHA224, + AUTH_SHA2_SHA256, + AUTH_SHA2_SHA384, + AUTH_SHA2_SHA512, + AUTH_GMAC, + AUTH_INVALID +}; + uint8_t nitrox_sym_drv_id; static const char nitrox_sym_drv_name[] = RTE_STR(CRYPTODEV_NAME_NITROX_PMD); static const struct rte_driver nitrox_rte_sym_drv = { @@ -88,6 +127,7 @@ nitrox_sym_dev_info_get(struct rte_cryptodev *cdev, info->max_nb_queue_pairs = ndev->nr_queues; info->feature_flags = cdev->feature_flags; + info->capabilities = nitrox_get_sym_capabilities(); info->driver_id = nitrox_sym_drv_id; info->sym.max_nb_sessions = 0; } @@ -214,6 +254,291 @@ nitrox_sym_dev_qp_release(struct rte_cryptodev *cdev, uint16_t qp_id) return err; } +static unsigned int +nitrox_sym_dev_sess_get_size(__rte_unused struct rte_cryptodev *cdev) +{ + return sizeof(struct nitrox_crypto_ctx); +} + +static enum nitrox_chain +get_crypto_chain_order(const struct rte_crypto_sym_xform *xform) +{ + enum nitrox_chain res = NITROX_CHAIN_NOT_SUPPORTED; + + if (unlikely(xform == NULL)) + return res; + + switch (xform->type) { + case RTE_CRYPTO_SYM_XFORM_AUTH: + if (xform->next == NULL) { + res = NITROX_CHAIN_NOT_SUPPORTED; + } else if (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { + if (xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY && + xform->next->cipher.op == + RTE_CRYPTO_CIPHER_OP_DECRYPT) { + res = NITROX_CHAIN_AUTH_CIPHER; + } else { + NITROX_LOG(ERR, "auth op %d, cipher op %d\n", + xform->auth.op, xform->next->cipher.op); + } + } + break; + case RTE_CRYPTO_SYM_XFORM_CIPHER: + if (xform->next == NULL) { + res = NITROX_CHAIN_CIPHER_ONLY; + } else if (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) { + if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT && + xform->next->auth.op == + RTE_CRYPTO_AUTH_OP_GENERATE) { + res = NITROX_CHAIN_CIPHER_AUTH; + } else { + NITROX_LOG(ERR, "cipher op %d, auth op %d\n", + xform->cipher.op, xform->next->auth.op); + } + } + break; + default: + break; + } + + return res; +} + +static enum flexi_cipher +get_flexi_cipher_type(enum rte_crypto_cipher_algorithm algo, bool *is_aes) +{ + enum flexi_cipher type; + + switch (algo) { + case RTE_CRYPTO_CIPHER_AES_CBC: + type = CIPHER_AES_CBC; + *is_aes = true; + break; + default: + type = CIPHER_INVALID; + NITROX_LOG(ERR, "Algorithm not supported %d\n", algo); + break; + } + + return type; +} + +static int +flexi_aes_keylen(size_t keylen, bool is_aes) +{ + int aes_keylen; + + if (!is_aes) + return 0; + + switch (keylen) { + case AES_KEYSIZE_128: + aes_keylen = 1; + break; + case AES_KEYSIZE_192: + aes_keylen = 2; + break; + case AES_KEYSIZE_256: + aes_keylen = 3; + break; + default: + NITROX_LOG(ERR, "Invalid keylen %zu\n", keylen); + aes_keylen = -EINVAL; + break; + } + + return aes_keylen; +} + +static bool +crypto_key_is_valid(struct rte_crypto_cipher_xform *xform, + struct flexi_crypto_context *fctx) +{ + if (unlikely(xform->key.length > sizeof(fctx->crypto.key))) { + NITROX_LOG(ERR, "Invalid crypto key length %d\n", + xform->key.length); + return false; + } + + return true; +} + +static int +configure_cipher_ctx(struct rte_crypto_cipher_xform *xform, + struct nitrox_crypto_ctx *ctx) +{ + enum flexi_cipher type; + bool cipher_is_aes = false; + int aes_keylen; + struct flexi_crypto_context *fctx = &ctx->fctx; + + type = get_flexi_cipher_type(xform->algo, &cipher_is_aes); + if (unlikely(type == CIPHER_INVALID)) + return -ENOTSUP; + + aes_keylen = flexi_aes_keylen(xform->key.length, cipher_is_aes); + if (unlikely(aes_keylen < 0)) + return -EINVAL; + + if (unlikely(!cipher_is_aes && !crypto_key_is_valid(xform, fctx))) + return -EINVAL; + + if (unlikely(xform->iv.length > MAX_IV_LEN)) + return -EINVAL; + + fctx->flags = rte_be_to_cpu_64(fctx->flags); + fctx->w0.cipher_type = type; + fctx->w0.aes_keylen = aes_keylen; + fctx->w0.iv_source = IV_FROM_DPTR; + fctx->flags = rte_cpu_to_be_64(fctx->flags); + memset(fctx->crypto.key, 0, sizeof(fctx->crypto.key)); + memcpy(fctx->crypto.key, xform->key.data, xform->key.length); + + ctx->opcode = FLEXI_CRYPTO_ENCRYPT_HMAC; + ctx->req_op = (xform->op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ? + NITROX_OP_ENCRYPT : NITROX_OP_DECRYPT; + ctx->iv.offset = xform->iv.offset; + ctx->iv.length = xform->iv.length; + return 0; +} + +static enum flexi_auth +get_flexi_auth_type(enum rte_crypto_auth_algorithm algo) +{ + enum flexi_auth type; + + switch (algo) { + case RTE_CRYPTO_AUTH_SHA1_HMAC: + type = AUTH_SHA1; + break; + case RTE_CRYPTO_AUTH_SHA224_HMAC: + type = AUTH_SHA2_SHA224; + break; + case RTE_CRYPTO_AUTH_SHA256_HMAC: + type = AUTH_SHA2_SHA256; + break; + default: + NITROX_LOG(ERR, "Algorithm not supported %d\n", algo); + type = AUTH_INVALID; + break; + } + + return type; +} + +static bool +auth_key_digest_is_valid(struct rte_crypto_auth_xform *xform, + struct flexi_crypto_context *fctx) +{ + if (unlikely(!xform->key.data && xform->key.length)) { + NITROX_LOG(ERR, "Invalid auth key\n"); + return false; + } + + if (unlikely(xform->key.length > sizeof(fctx->auth.opad))) { + NITROX_LOG(ERR, "Invalid auth key length %d\n", + xform->key.length); + return false; + } + + return true; +} + +static int +configure_auth_ctx(struct rte_crypto_auth_xform *xform, + struct nitrox_crypto_ctx *ctx) +{ + enum flexi_auth type; + struct flexi_crypto_context *fctx = &ctx->fctx; + + type = get_flexi_auth_type(xform->algo); + if (unlikely(type == AUTH_INVALID)) + return -ENOTSUP; + + if (unlikely(!auth_key_digest_is_valid(xform, fctx))) + return -EINVAL; + + ctx->auth_op = xform->op; + ctx->auth_algo = xform->algo; + ctx->digest_length = xform->digest_length; + + fctx->flags = rte_be_to_cpu_64(fctx->flags); + fctx->w0.hash_type = type; + fctx->w0.auth_input_type = 1; + fctx->w0.mac_len = xform->digest_length; + fctx->flags = rte_cpu_to_be_64(fctx->flags); + memset(&fctx->auth, 0, sizeof(fctx->auth)); + memcpy(fctx->auth.opad, xform->key.data, xform->key.length); + return 0; +} + +static int +nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev, + struct rte_crypto_sym_xform *xform, + struct rte_cryptodev_sym_session *sess, + struct rte_mempool *mempool) +{ + void *mp_obj; + struct nitrox_crypto_ctx *ctx; + struct rte_crypto_cipher_xform *cipher_xform = NULL; + struct rte_crypto_auth_xform *auth_xform = NULL; + + if (rte_mempool_get(mempool, &mp_obj)) { + NITROX_LOG(ERR, "Couldn't allocate context\n"); + return -ENOMEM; + } + + ctx = mp_obj; + ctx->nitrox_chain = get_crypto_chain_order(xform); + switch (ctx->nitrox_chain) { + case NITROX_CHAIN_CIPHER_AUTH: + cipher_xform = &xform->cipher; + auth_xform = &xform->next->auth; + break; + case NITROX_CHAIN_AUTH_CIPHER: + auth_xform = &xform->auth; + cipher_xform = &xform->next->cipher; + break; + default: + NITROX_LOG(ERR, "Crypto chain not supported\n"); + goto err; + } + + if (cipher_xform && unlikely(configure_cipher_ctx(cipher_xform, ctx))) { + NITROX_LOG(ERR, "Failed to configure cipher ctx\n"); + goto err; + } + + if (auth_xform && unlikely(configure_auth_ctx(auth_xform, ctx))) { + NITROX_LOG(ERR, "Failed to configure auth ctx\n"); + goto err; + } + + ctx->iova = rte_mempool_virt2iova(ctx); + set_sym_session_private_data(sess, cdev->driver_id, ctx); + return 0; +err: + rte_mempool_put(mempool, mp_obj); + return -EINVAL; +} + +static void +nitrox_sym_dev_sess_clear(struct rte_cryptodev *cdev, + struct rte_cryptodev_sym_session *sess) +{ + struct nitrox_crypto_ctx *ctx = get_sym_session_private_data(sess, + cdev->driver_id); + struct rte_mempool *sess_mp; + + if (!ctx) + return; + + memset(ctx, 0, sizeof(*ctx)); + sess_mp = rte_mempool_from_obj(ctx); + set_sym_session_private_data(sess, cdev->driver_id, NULL); + rte_mempool_put(sess_mp, ctx); +} + static struct rte_cryptodev_ops nitrox_cryptodev_ops = { .dev_configure = nitrox_sym_dev_config, .dev_start = nitrox_sym_dev_start, @@ -224,9 +549,9 @@ static struct rte_cryptodev_ops nitrox_cryptodev_ops = { .stats_reset = nitrox_sym_dev_stats_reset, .queue_pair_setup = nitrox_sym_dev_qp_setup, .queue_pair_release = nitrox_sym_dev_qp_release, - .sym_session_get_size = NULL, - .sym_session_configure = NULL, - .sym_session_clear = NULL + .sym_session_get_size = nitrox_sym_dev_sess_get_size, + .sym_session_configure = nitrox_sym_dev_sess_configure, + .sym_session_clear = nitrox_sym_dev_sess_clear }; int @@ -258,7 +583,8 @@ nitrox_sym_pmd_create(struct nitrox_device *ndev) cdev->enqueue_burst = NULL; cdev->dequeue_burst = NULL; cdev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO | - RTE_CRYPTODEV_FF_HW_ACCELERATED; + RTE_CRYPTODEV_FF_HW_ACCELERATED | + RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING; ndev->sym_dev = cdev->data->dev_private; ndev->sym_dev->cdev = cdev; diff --git a/drivers/crypto/nitrox/nitrox_sym_capabilities.c b/drivers/crypto/nitrox/nitrox_sym_capabilities.c new file mode 100644 index 000000000..47ceead73 --- /dev/null +++ b/drivers/crypto/nitrox/nitrox_sym_capabilities.c @@ -0,0 +1,99 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2019 Marvell International Ltd. + */ + +#include "nitrox_sym_capabilities.h" + +static const struct rte_cryptodev_capabilities nitrox_capabilities[] = { + { /* SHA1 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 1, + .max = 20, + .increment = 1 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA224 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 1, + .max = 28, + .increment = 1 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 1, + .max = 32, + .increment = 1 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* AES CBC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_CBC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + +const struct rte_cryptodev_capabilities * +nitrox_get_sym_capabilities(void) +{ + return nitrox_capabilities; +} diff --git a/drivers/crypto/nitrox/nitrox_sym_capabilities.h b/drivers/crypto/nitrox/nitrox_sym_capabilities.h new file mode 100644 index 000000000..cb2d97572 --- /dev/null +++ b/drivers/crypto/nitrox/nitrox_sym_capabilities.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2019 Marvell International Ltd. + */ + +#ifndef _NITROX_SYM_CAPABILITIES_H_ +#define _NITROX_SYM_CAPABILITIES_H_ + +#include + +const struct rte_cryptodev_capabilities *nitrox_get_sym_capabilities(void); + +#endif /* _NITROX_SYM_CAPABILITIES_H_ */ diff --git a/drivers/crypto/nitrox/nitrox_sym_ctx.h b/drivers/crypto/nitrox/nitrox_sym_ctx.h new file mode 100644 index 000000000..2985e519f --- /dev/null +++ b/drivers/crypto/nitrox/nitrox_sym_ctx.h @@ -0,0 +1,84 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2019 Marvell International Ltd. + */ + +#ifndef _NITROX_SYM_CTX_H_ +#define _NITROX_SYM_CTX_H_ + +#include + +#include + +#define AES_MAX_KEY_SIZE 32 +#define AES_BLOCK_SIZE 16 + +enum nitrox_chain { + NITROX_CHAIN_CIPHER_ONLY, + NITROX_CHAIN_CIPHER_AUTH, + NITROX_CHAIN_AUTH_CIPHER, + NITROX_CHAIN_COMBINED, + NITROX_CHAIN_NOT_SUPPORTED +}; + +enum nitrox_op { + NITROX_OP_ENCRYPT, + NITROX_OP_DECRYPT, +}; + +struct crypto_keys { + uint8_t key[AES_MAX_KEY_SIZE]; + uint8_t iv[AES_BLOCK_SIZE]; +}; + +struct auth_keys { + uint8_t ipad[64]; + uint8_t opad[64]; +}; + +struct flexi_crypto_context { + union { + uint64_t flags; + struct { +#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN + uint64_t cipher_type : 4; + uint64_t reserved_59 : 1; + uint64_t aes_keylen : 2; + uint64_t iv_source : 1; + uint64_t hash_type : 4; + uint64_t reserved_49_51 : 3; + uint64_t auth_input_type : 1; + uint64_t mac_len : 8; + uint64_t reserved_0_39 : 40; +#else + uint64_t reserved_0_39 : 40; + uint64_t mac_len : 8; + uint64_t auth_input_type : 1; + uint64_t reserved_49_51 : 3; + uint64_t hash_type : 4; + uint64_t iv_source : 1; + uint64_t aes_keylen : 2; + uint64_t reserved_59 : 1; + uint64_t cipher_type : 4; +#endif + } w0; + }; + struct crypto_keys crypto; + struct auth_keys auth; +}; + +struct nitrox_crypto_ctx { + struct flexi_crypto_context fctx; + enum nitrox_chain nitrox_chain; + enum rte_crypto_auth_operation auth_op; + enum rte_crypto_auth_algorithm auth_algo; + struct { + uint16_t offset; + uint16_t length; + } iv; + rte_iova_t iova; + uint16_t digest_length; + uint8_t opcode; + uint8_t req_op; +}; + +#endif /* _NITROX_SYM_CTX_H_ */