[RFC,3/5] crypto/mlx5: add AES-GCM session configure
Checks
Commit Message
Sessions are used in symmetric transformations in order to prepare
objects and data for packet processing stage.
The AES-GCM session includes IV, AAD, digest(tag), DEK, operation
mode information.
Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
---
drivers/common/mlx5/mlx5_prm.h | 12 +++++++
drivers/crypto/mlx5/mlx5_crypto.c | 15 ---------
drivers/crypto/mlx5/mlx5_crypto.h | 35 ++++++++++++++++++++
drivers/crypto/mlx5/mlx5_crypto_gcm.c | 46 +++++++++++++++++++++++++++
4 files changed, 93 insertions(+), 15 deletions(-)
@@ -528,11 +528,23 @@ enum {
MLX5_BLOCK_SIZE_4048B = 0x6,
};
+enum {
+ MLX5_ENCRYPTION_TYPE_AES_GCM = 0x3,
+};
+
+enum {
+ MLX5_CRYPTO_OP_TYPE_ENCRYPTION = 0x0,
+ MLX5_CRYPTO_OP_TYPE_DECRYPTION = 0x1,
+};
+
#define MLX5_BSF_SIZE_OFFSET 30
#define MLX5_BSF_P_TYPE_OFFSET 24
#define MLX5_ENCRYPTION_ORDER_OFFSET 16
#define MLX5_BLOCK_SIZE_OFFSET 24
+#define MLX5_CRYPTO_MMO_TYPE_OFFSET 24
+#define MLX5_CRYPTO_MMO_OP_OFFSET 20
+
struct mlx5_wqe_umr_bsf_seg {
/*
* bs_bpt_eo_es contains:
@@ -83,21 +83,6 @@ static const struct rte_driver mlx5_drv = {
static struct cryptodev_driver mlx5_cryptodev_driver;
-struct mlx5_crypto_session {
- uint32_t bs_bpt_eo_es;
- /**< bsf_size, bsf_p_type, encryption_order and encryption standard,
- * saved in big endian format.
- */
- uint32_t bsp_res;
- /**< crypto_block_size_pointer and reserved 24 bits saved in big
- * endian format.
- */
- uint32_t iv_offset:16;
- /**< Starting point for Initialisation Vector. */
- struct mlx5_crypto_dek *dek; /**< Pointer to dek struct. */
- uint32_t dek_id; /**< DEK ID */
-} __rte_packed;
-
static void
mlx5_crypto_dev_infos_get(struct rte_cryptodev *dev,
struct rte_cryptodev_info *dev_info)
@@ -73,6 +73,41 @@ struct mlx5_crypto_devarg_params {
uint32_t is_aes_gcm:1;
};
+struct mlx5_crypto_session {
+ union {
+ /**< AES-XTS configuration. */
+ struct {
+ uint32_t bs_bpt_eo_es;
+ /**< bsf_size, bsf_p_type, encryption_order and encryption standard,
+ * saved in big endian format.
+ */
+ uint32_t bsp_res;
+ /**< crypto_block_size_pointer and reserved 24 bits saved in big
+ * endian format.
+ */
+ };
+ /**< AES-GCM configuration. */
+ struct {
+ uint32_t mmo_ctrl;
+ /**< Crypto control fields with algo type and op type in big
+ * endian format.
+ */
+ uint16_t tag_len;
+ /**< AES-GCM crypto digest size in bytes. */
+ uint16_t aad_len;
+ /**< The length of the additional authenticated data (AAD) in bytes. */
+ uint32_t op_type;
+ /**< Operation type. */
+ };
+ };
+ uint32_t iv_offset:16;
+ /**< Starting point for Initialisation Vector. */
+ uint32_t iv_len;
+ /**< Initialisation Vector length. */
+ struct mlx5_crypto_dek *dek; /**< Pointer to dek struct. */
+ uint32_t dek_id; /**< DEK ID */
+} __rte_packed;
+
int
mlx5_crypto_dek_destroy(struct mlx5_crypto_priv *priv,
struct mlx5_crypto_dek *dek);
@@ -81,12 +81,58 @@ mlx5_crypto_generate_gcm_cap(struct mlx5_hca_crypto_mmo_attr *mmo_attr,
return 0;
}
+static int
+mlx5_crypto_sym_gcm_session_configure(struct rte_cryptodev *dev,
+ struct rte_crypto_sym_xform *xform,
+ struct rte_cryptodev_sym_session *session)
+{
+ struct mlx5_crypto_priv *priv = dev->data->dev_private;
+ struct mlx5_crypto_session *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(session);
+ struct rte_crypto_aead_xform *aead = &xform->aead;
+ uint32_t op_type;
+
+ if (unlikely(xform->next != NULL)) {
+ DRV_LOG(ERR, "Xform next is not supported.");
+ return -ENOTSUP;
+ }
+ if (aead->algo != RTE_CRYPTO_AEAD_AES_GCM) {
+ DRV_LOG(ERR, "Only AES-GCM algorithm is supported.");
+ return -ENOTSUP;
+ }
+ if (aead->op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
+ op_type = MLX5_CRYPTO_OP_TYPE_ENCRYPTION;
+ else
+ op_type = MLX5_CRYPTO_OP_TYPE_DECRYPTION;
+ sess_private_data->op_type = op_type;
+ sess_private_data->mmo_ctrl = rte_cpu_to_be_32
+ (op_type << MLX5_CRYPTO_MMO_OP_OFFSET |
+ MLX5_ENCRYPTION_TYPE_AES_GCM << MLX5_CRYPTO_MMO_TYPE_OFFSET);
+ sess_private_data->aad_len = aead->aad_length;
+ sess_private_data->tag_len = aead->digest_length;
+ sess_private_data->iv_offset = aead->iv.offset;
+ sess_private_data->iv_len = aead->iv.length;
+ sess_private_data->dek = mlx5_crypto_dek_prepare(priv, xform);
+ if (sess_private_data->dek == NULL) {
+ DRV_LOG(ERR, "Failed to prepare dek.");
+ return -ENOMEM;
+ }
+ sess_private_data->dek_id =
+ rte_cpu_to_be_32(sess_private_data->dek->obj->id &
+ 0xffffff);
+ DRV_LOG(DEBUG, "Session %p was configured.", sess_private_data);
+ return 0;
+}
+
int
mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv)
{
struct mlx5_common_device *cdev = priv->cdev;
+ struct rte_cryptodev *crypto_dev = priv->crypto_dev;
+ struct rte_cryptodev_ops *dev_ops = crypto_dev->dev_ops;
int ret;
+ /* Override AES-GCM specified ops. */
+ dev_ops->sym_session_configure = mlx5_crypto_sym_gcm_session_configure;
/* Generate GCM capability. */
ret = mlx5_crypto_generate_gcm_cap(&cdev->config.hca_attr.crypto_mmo,
mlx5_crypto_gcm_caps);