1 /* SPDX-License-Identifier: BSD-3-Clause
2 *
3 * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
4 * Copyright 2016,2020-2022 NXP
5 *
6 */
7
8 #ifndef _DPAA2_SEC_PMD_PRIVATE_H_
9 #define _DPAA2_SEC_PMD_PRIVATE_H_
10
11 #ifdef RTE_LIB_SECURITY
12 #include <rte_security_driver.h>
13 #endif
14
15 #define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec
16 /**< NXP DPAA2 - SEC PMD device name */
17
18 extern uint8_t cryptodev_driver_id;
19
20 /* FLE_POOL_NUM_BUFS is set as per the ipsec-secgw application */
21 #define FLE_POOL_NUM_BUFS 32000
22 #define FLE_POOL_BUF_SIZE 256
23 #define FLE_POOL_CACHE_SIZE 512
24 #define FLE_SG_MEM_SIZE(num) (FLE_POOL_BUF_SIZE + ((num) * 32))
25 #define SEC_FLC_DHR_OUTBOUND -114
26 #define SEC_FLC_DHR_INBOUND 0
27
28 #define MAX_QUEUES 64
29 #define MAX_DESC_SIZE 64
30 /** private data structure for each DPAA2_SEC device */
31 struct dpaa2_sec_dev_private {
32 void *mc_portal; /**< MC Portal for configuring this device */
33 void *hw; /**< Hardware handle for this device.Used by NADK framework */
34 int32_t hw_id; /**< An unique ID of this device instance */
35 int32_t vfio_fd; /**< File descriptor received via VFIO */
36 uint16_t token; /**< Token required by DPxxx objects */
37 unsigned int max_nb_queue_pairs;
38 /**< Max number of queue pairs supported by device */
39 uint8_t en_ordered;
40 uint8_t en_loose_ordered;
41 };
42
43 struct dpaa2_sec_qp {
44 struct dpaa2_queue rx_vq;
45 struct dpaa2_queue tx_vq;
46 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
47 };
48
49 enum shr_desc_type {
50 DESC_UPDATE,
51 DESC_FINAL,
52 DESC_INITFINAL,
53 };
54
55 #define DIR_ENC 1
56 #define DIR_DEC 0
57
58 #define DPAA2_IPv6_DEFAULT_VTC_FLOW 0x60000000
59
60 #define DPAA2_SET_FLC_EWS(flc) (flc->word1_bits23_16 |= 0x1)
61 #define DPAA2_SET_FLC_RSC(flc) (flc->word1_bits31_24 |= 0x1)
62 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
63 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
64
65 /* SEC Flow Context Descriptor */
66 struct sec_flow_context {
67 /* word 0 */
68 uint16_t word0_sdid; /* 11-0 SDID */
69 uint16_t word0_res; /* 31-12 reserved */
70
71 /* word 1 */
72 uint8_t word1_sdl; /* 5-0 SDL */
73 /* 7-6 reserved */
74
75 uint8_t word1_bits_15_8; /* 11-8 CRID */
76 /* 14-12 reserved */
77 /* 15 CRJD */
78
79 uint8_t word1_bits23_16; /* 16 EWS */
80 /* 17 DAC */
81 /* 18,19,20 ? */
82 /* 23-21 reserved */
83
84 uint8_t word1_bits31_24; /* 24 RSC */
85 /* 25 RBMT */
86 /* 31-26 reserved */
87
88 /* word 2 RFLC[31-0] */
89 uint32_t word2_rflc_31_0;
90
91 /* word 3 RFLC[63-32] */
92 uint32_t word3_rflc_63_32;
93
94 /* word 4 */
95 uint16_t word4_iicid; /* 15-0 IICID */
96 uint16_t word4_oicid; /* 31-16 OICID */
97
98 /* word 5 */
99 uint32_t word5_ofqid:24; /* 23-0 OFQID */
100 uint32_t word5_31_24:8;
101 /* 24 OSC */
102 /* 25 OBMT */
103 /* 29-26 reserved */
104 /* 31-30 ICR */
105
106 /* word 6 */
107 uint32_t word6_oflc_31_0;
108
109 /* word 7 */
110 uint32_t word7_oflc_63_32;
111
112 /* Word 8-15 storage profiles */
113 uint16_t dl; /**< DataLength(correction) */
114 uint16_t reserved; /**< reserved */
115 uint16_t dhr; /**< DataHeadRoom(correction) */
116 uint16_t mode_bits; /**< mode bits */
117 uint16_t bpv0; /**< buffer pool0 valid */
118 uint16_t bpid0; /**< Bypass Memory Translation */
119 uint16_t bpv1; /**< buffer pool1 valid */
120 uint16_t bpid1; /**< Bypass Memory Translation */
121 uint64_t word_12_15[2]; /**< word 12-15 are reserved */
122 };
123
124 struct sec_flc_desc {
125 struct sec_flow_context flc;
126 uint32_t desc[MAX_DESC_SIZE];
127 };
128
129 struct ctxt_priv {
130 struct sec_flc_desc flc_desc[0];
131 };
132
133 enum dpaa2_sec_op_type {
134 DPAA2_SEC_NONE, /*!< No Cipher operations*/
135 DPAA2_SEC_CIPHER,/*!< CIPHER operations */
136 DPAA2_SEC_AUTH, /*!< Authentication Operations */
137 DPAA2_SEC_AEAD, /*!< AEAD (AES-GCM/CCM) type operations */
138 DPAA2_SEC_CIPHER_HASH, /*!< Authenticated Encryption with
139 * associated data
140 */
141 DPAA2_SEC_HASH_CIPHER, /*!< Encryption with Authenticated
142 * associated data
143 */
144 DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
145 DPAA2_SEC_PDCP, /*!< PDCP protocol operations*/
146 DPAA2_SEC_PKC, /*!< Public Key Cryptographic Operations */
147 DPAA2_SEC_MAX
148 };
149
150 struct dpaa2_sec_aead_ctxt {
151 uint16_t auth_only_len; /*!< Length of data for Auth only */
152 uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */
153 };
154
155 #ifdef RTE_LIB_SECURITY
156 /*
157 * The structure is to be filled by user for PDCP Protocol
158 */
159 struct dpaa2_pdcp_ctxt {
160 enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/
161 int8_t bearer; /*!< PDCP bearer ID */
162 int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/
163 int8_t hfn_ovd;/*!< Overwrite HFN per packet*/
164 uint8_t sn_size; /*!< Sequence number size, 5/7/12/15/18 */
165 uint32_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which
166 * per packet hfn is stored
167 */
168 uint32_t hfn; /*!< Hyper Frame Number */
169 uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */
170 };
171 #endif
172
173 typedef int (*dpaa2_sec_build_fd_t)(
174 void *qp, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec,
175 uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs,
176 struct rte_crypto_va_iova_ptr *iv,
177 struct rte_crypto_va_iova_ptr *digest,
178 struct rte_crypto_va_iova_ptr *aad_or_auth_iv,
179 void *user_data);
180
181 typedef int (*dpaa2_sec_build_raw_dp_fd_t)(uint8_t *drv_ctx,
182 struct rte_crypto_sgl *sgl,
183 struct rte_crypto_sgl *dest_sgl,
184 struct rte_crypto_va_iova_ptr *iv,
185 struct rte_crypto_va_iova_ptr *digest,
186 struct rte_crypto_va_iova_ptr *auth_iv,
187 union rte_crypto_sym_ofs ofs,
188 void *userdata,
189 struct qbman_fd *fd);
190
191 typedef struct dpaa2_sec_session_entry {
192 void *ctxt;
193 uint8_t ctxt_type;
194 uint8_t dir; /*!< Operation Direction */
195 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
196 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
197 enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
198 dpaa2_sec_build_fd_t build_fd;
199 dpaa2_sec_build_raw_dp_fd_t build_raw_dp_fd;
200 union {
201 struct {
202 uint8_t *data; /**< pointer to key data */
203 size_t length; /**< key length in bytes */
204 } aead_key;
205 struct {
206 struct {
207 uint8_t *data; /**< pointer to key data */
208 size_t length; /**< key length in bytes */
209 } cipher_key;
210 struct {
211 uint8_t *data; /**< pointer to key data */
212 size_t length; /**< key length in bytes */
213 } auth_key;
214 };
215 };
216 union {
217 struct {
218 struct {
219 uint16_t length; /**< IV length in bytes */
220 uint16_t offset; /**< IV offset in bytes */
221 } iv;
222 uint16_t digest_length;
223 uint8_t status;
224 union {
225 struct dpaa2_sec_aead_ctxt aead_ctxt;
226 } ext_params;
227 };
228 #ifdef RTE_LIB_SECURITY
229 struct dpaa2_pdcp_ctxt pdcp;
230 #endif
231 };
232 } dpaa2_sec_session;
233
234 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
235 /* Symmetric capabilities */
236 { /* MD5 */
237 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
238 {.sym = {
239 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
240 {.auth = {
241 .algo = RTE_CRYPTO_AUTH_MD5,
242 .block_size = 64,
243 .key_size = {
244 .min = 0,
245 .max = 0,
246 .increment = 0
247 },
248 .digest_size = {
249 .min = 16,
250 .max = 16,
251 .increment = 0
252 },
253 .iv_size = { 0 }
254 }, }
255 }, }
256 },
257 { /* MD5 HMAC */
258 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
259 {.sym = {
260 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
261 {.auth = {
262 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
263 .block_size = 64,
264 .key_size = {
265 .min = 1,
266 .max = 64,
267 .increment = 1
268 },
269 .digest_size = {
270 .min = 1,
271 .max = 16,
272 .increment = 1
273 },
274 .iv_size = { 0 }
275 }, }
276 }, }
277 },
278 { /* SHA1 */
279 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
280 {.sym = {
281 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
282 {.auth = {
283 .algo = RTE_CRYPTO_AUTH_SHA1,
284 .block_size = 64,
285 .key_size = {
286 .min = 0,
287 .max = 0,
288 .increment = 0
289 },
290 .digest_size = {
291 .min = 20,
292 .max = 20,
293 .increment = 0
294 },
295 .iv_size = { 0 }
296 }, }
297 }, }
298 },
299 { /* SHA1 HMAC */
300 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
301 {.sym = {
302 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
303 {.auth = {
304 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
305 .block_size = 64,
306 .key_size = {
307 .min = 1,
308 .max = 64,
309 .increment = 1
310 },
311 .digest_size = {
312 .min = 1,
313 .max = 20,
314 .increment = 1
315 },
316 .iv_size = { 0 }
317 }, }
318 }, }
319 },
320 { /* SHA224 */
321 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
322 {.sym = {
323 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
324 {.auth = {
325 .algo = RTE_CRYPTO_AUTH_SHA224,
326 .block_size = 64,
327 .key_size = {
328 .min = 0,
329 .max = 0,
330 .increment = 0
331 },
332 .digest_size = {
333 .min = 28,
334 .max = 28,
335 .increment = 0
336 },
337 .iv_size = { 0 }
338 }, }
339 }, }
340 },
341 { /* SHA224 HMAC */
342 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
343 {.sym = {
344 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
345 {.auth = {
346 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
347 .block_size = 64,
348 .key_size = {
349 .min = 1,
350 .max = 64,
351 .increment = 1
352 },
353 .digest_size = {
354 .min = 1,
355 .max = 28,
356 .increment = 1
357 },
358 .iv_size = { 0 }
359 }, }
360 }, }
361 },
362 { /* SHA256 */
363 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
364 {.sym = {
365 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
366 {.auth = {
367 .algo = RTE_CRYPTO_AUTH_SHA256,
368 .block_size = 64,
369 .key_size = {
370 .min = 0,
371 .max = 0,
372 .increment = 0
373 },
374 .digest_size = {
375 .min = 32,
376 .max = 32,
377 .increment = 0
378 },
379 .iv_size = { 0 }
380 }, }
381 }, }
382 },
383 { /* SHA256 HMAC */
384 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
385 {.sym = {
386 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
387 {.auth = {
388 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
389 .block_size = 64,
390 .key_size = {
391 .min = 1,
392 .max = 64,
393 .increment = 1
394 },
395 .digest_size = {
396 .min = 1,
397 .max = 32,
398 .increment = 1
399 },
400 .iv_size = { 0 }
401 }, }
402 }, }
403 },
404 { /* SHA384 */
405 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
406 {.sym = {
407 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
408 {.auth = {
409 .algo = RTE_CRYPTO_AUTH_SHA384,
410 .block_size = 64,
411 .key_size = {
412 .min = 0,
413 .max = 0,
414 .increment = 0
415 },
416 .digest_size = {
417 .min = 48,
418 .max = 48,
419 .increment = 0
420 },
421 .iv_size = { 0 }
422 }, }
423 }, }
424 },
425 { /* SHA384 HMAC */
426 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
427 {.sym = {
428 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
429 {.auth = {
430 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
431 .block_size = 128,
432 .key_size = {
433 .min = 1,
434 .max = 128,
435 .increment = 1
436 },
437 .digest_size = {
438 .min = 1,
439 .max = 48,
440 .increment = 1
441 },
442 .iv_size = { 0 }
443 }, }
444 }, }
445 },
446 { /* SHA512 */
447 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
448 {.sym = {
449 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
450 {.auth = {
451 .algo = RTE_CRYPTO_AUTH_SHA512,
452 .block_size = 128,
453 .key_size = {
454 .min = 0,
455 .max = 0,
456 .increment = 0
457 },
458 .digest_size = {
459 .min = 64,
460 .max = 64,
461 .increment = 0
462 },
463 .iv_size = { 0 }
464 }, }
465 }, }
466 },
467 { /* SHA512 HMAC */
468 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
469 {.sym = {
470 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
471 {.auth = {
472 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
473 .block_size = 128,
474 .key_size = {
475 .min = 1,
476 .max = 128,
477 .increment = 1
478 },
479 .digest_size = {
480 .min = 1,
481 .max = 64,
482 .increment = 1
483 },
484 .iv_size = { 0 }
485 }, }
486 }, }
487 },
488 { /* AES GCM */
489 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
490 {.sym = {
491 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
492 {.aead = {
493 .algo = RTE_CRYPTO_AEAD_AES_GCM,
494 .block_size = 16,
495 .key_size = {
496 .min = 16,
497 .max = 32,
498 .increment = 8
499 },
500 .digest_size = {
501 .min = 8,
502 .max = 16,
503 .increment = 4
504 },
505 .aad_size = {
506 .min = 0,
507 .max = 240,
508 .increment = 1
509 },
510 .iv_size = {
511 .min = 12,
512 .max = 12,
513 .increment = 0
514 },
515 }, }
516 }, }
517 },
518 { /* AES XCBC HMAC */
519 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
520 {.sym = {
521 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
522 {.auth = {
523 .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
524 .block_size = 16,
525 .key_size = {
526 .min = 1,
527 .max = 16,
528 .increment = 1
529 },
530 .digest_size = {
531 .min = 12,
532 .max = 16,
533 .increment = 4
534 },
535 .aad_size = { 0 },
536 .iv_size = { 0 }
537 }, }
538 }, }
539 },
540 { /* AES CMAC */
541 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
542 {.sym = {
543 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
544 {.auth = {
545 .algo = RTE_CRYPTO_AUTH_AES_CMAC,
546 .block_size = 16,
547 .key_size = {
548 .min = 1,
549 .max = 16,
550 .increment = 1
551 },
552 .digest_size = {
553 .min = 12,
554 .max = 16,
555 .increment = 4
556 },
557 .aad_size = { 0 },
558 .iv_size = { 0 }
559 }, }
560 }, }
561 },
562 { /* AES CBC */
563 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
564 {.sym = {
565 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
566 {.cipher = {
567 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
568 .block_size = 16,
569 .key_size = {
570 .min = 16,
571 .max = 32,
572 .increment = 8
573 },
574 .iv_size = {
575 .min = 16,
576 .max = 16,
577 .increment = 0
578 }
579 }, }
580 }, }
581 },
582 { /* AES CTR */
583 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
584 {.sym = {
585 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
586 {.cipher = {
587 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
588 .block_size = 16,
589 .key_size = {
590 .min = 16,
591 .max = 32,
592 .increment = 8
593 },
594 .iv_size = {
595 .min = 16,
596 .max = 16,
597 .increment = 0
598 },
599 }, }
600 }, }
601 },
602 { /* DES CBC */
603 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
604 {.sym = {
605 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
606 {.cipher = {
607 .algo = RTE_CRYPTO_CIPHER_DES_CBC,
608 .block_size = 8,
609 .key_size = {
610 .min = 8,
611 .max = 8,
612 .increment = 0
613 },
614 .iv_size = {
615 .min = 8,
616 .max = 8,
617 .increment = 0
618 }
619 }, }
620 }, }
621 },
622 { /* 3DES CBC */
623 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
624 {.sym = {
625 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
626 {.cipher = {
627 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
628 .block_size = 8,
629 .key_size = {
630 .min = 16,
631 .max = 24,
632 .increment = 8
633 },
634 .iv_size = {
635 .min = 8,
636 .max = 8,
637 .increment = 0
638 }
639 }, }
640 }, }
641 },
642 { /* SNOW 3G (UIA2) */
643 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
644 {.sym = {
645 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
646 {.auth = {
647 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
648 .block_size = 16,
649 .key_size = {
650 .min = 16,
651 .max = 16,
652 .increment = 0
653 },
654 .digest_size = {
655 .min = 4,
656 .max = 4,
657 .increment = 0
658 },
659 .iv_size = {
660 .min = 16,
661 .max = 16,
662 .increment = 0
663 }
664 }, }
665 }, }
666 },
667 { /* SNOW 3G (UEA2) */
668 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
669 {.sym = {
670 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
671 {.cipher = {
672 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
673 .block_size = 16,
674 .key_size = {
675 .min = 16,
676 .max = 16,
677 .increment = 0
678 },
679 .iv_size = {
680 .min = 16,
681 .max = 16,
682 .increment = 0
683 }
684 }, }
685 }, }
686 },
687 { /* ZUC (EEA3) */
688 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
689 {.sym = {
690 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
691 {.cipher = {
692 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
693 .block_size = 16,
694 .key_size = {
695 .min = 16,
696 .max = 16,
697 .increment = 0
698 },
699 .iv_size = {
700 .min = 16,
701 .max = 16,
702 .increment = 0
703 }
704 }, }
705 }, }
706 },
707 { /* ZUC (EIA3) */
708 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
709 {.sym = {
710 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
711 {.auth = {
712 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
713 .block_size = 16,
714 .key_size = {
715 .min = 16,
716 .max = 16,
717 .increment = 0
718 },
719 .digest_size = {
720 .min = 4,
721 .max = 4,
722 .increment = 0
723 },
724 .iv_size = {
725 .min = 16,
726 .max = 16,
727 .increment = 0
728 }
729 }, }
730 }, }
731 },
732 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
733 };
734
735 #ifdef RTE_LIB_SECURITY
736
737 static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = {
738 { /* SNOW 3G (UIA2) */
739 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
740 {.sym = {
741 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
742 {.auth = {
743 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
744 .block_size = 16,
745 .key_size = {
746 .min = 16,
747 .max = 16,
748 .increment = 0
749 },
750 .digest_size = {
751 .min = 4,
752 .max = 4,
753 .increment = 0
754 },
755 .iv_size = {
756 .min = 16,
757 .max = 16,
758 .increment = 0
759 }
760 }, }
761 }, }
762 },
763 { /* SNOW 3G (UEA2) */
764 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
765 {.sym = {
766 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
767 {.cipher = {
768 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
769 .block_size = 16,
770 .key_size = {
771 .min = 16,
772 .max = 16,
773 .increment = 0
774 },
775 .iv_size = {
776 .min = 16,
777 .max = 16,
778 .increment = 0
779 }
780 }, }
781 }, }
782 },
783 { /* AES CTR */
784 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
785 {.sym = {
786 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
787 {.cipher = {
788 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
789 .block_size = 16,
790 .key_size = {
791 .min = 16,
792 .max = 32,
793 .increment = 8
794 },
795 .iv_size = {
796 .min = 16,
797 .max = 16,
798 .increment = 0
799 }
800 }, }
801 }, }
802 },
803 { /* NULL (AUTH) */
804 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
805 {.sym = {
806 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
807 {.auth = {
808 .algo = RTE_CRYPTO_AUTH_NULL,
809 .block_size = 1,
810 .key_size = {
811 .min = 0,
812 .max = 0,
813 .increment = 0
814 },
815 .digest_size = {
816 .min = 0,
817 .max = 0,
818 .increment = 0
819 },
820 .iv_size = { 0 }
821 }, },
822 }, },
823 },
824 { /* NULL (CIPHER) */
825 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
826 {.sym = {
827 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
828 {.cipher = {
829 .algo = RTE_CRYPTO_CIPHER_NULL,
830 .block_size = 1,
831 .key_size = {
832 .min = 0,
833 .max = 0,
834 .increment = 0
835 },
836 .iv_size = {
837 .min = 0,
838 .max = 0,
839 .increment = 0
840 }
841 }, },
842 }, }
843 },
844 { /* ZUC (EEA3) */
845 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
846 {.sym = {
847 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
848 {.cipher = {
849 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
850 .block_size = 16,
851 .key_size = {
852 .min = 16,
853 .max = 16,
854 .increment = 0
855 },
856 .iv_size = {
857 .min = 16,
858 .max = 16,
859 .increment = 0
860 }
861 }, }
862 }, }
863 },
864 { /* ZUC (EIA3) */
865 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
866 {.sym = {
867 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
868 {.auth = {
869 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
870 .block_size = 16,
871 .key_size = {
872 .min = 16,
873 .max = 16,
874 .increment = 0
875 },
876 .digest_size = {
877 .min = 4,
878 .max = 4,
879 .increment = 0
880 },
881 .iv_size = {
882 .min = 16,
883 .max = 16,
884 .increment = 0
885 }
886 }, }
887 }, }
888 },
889
890 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
891 };
892
893 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
894 { /* IPsec Lookaside Protocol offload ESP Transport Egress */
895 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
896 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
897 .ipsec = {
898 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
899 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
900 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
901 .options = { 0 },
902 .replay_win_sz_max = 128
903 },
904 .crypto_capabilities = dpaa2_sec_capabilities
905 },
906 { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
907 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
908 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
909 .ipsec = {
910 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
911 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
912 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
913 .options = { 0 },
914 .replay_win_sz_max = 128
915 },
916 .crypto_capabilities = dpaa2_sec_capabilities
917 },
918 { /* PDCP Lookaside Protocol offload Data */
919 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
920 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
921 .pdcp = {
922 .domain = RTE_SECURITY_PDCP_MODE_DATA,
923 .capa_flags = 0
924 },
925 .crypto_capabilities = dpaa2_pdcp_capabilities
926 },
927 { /* PDCP Lookaside Protocol offload Control */
928 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
929 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
930 .pdcp = {
931 .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
932 .capa_flags = 0
933 },
934 .crypto_capabilities = dpaa2_pdcp_capabilities
935 },
936 { /* PDCP Lookaside Protocol offload Short MAC */
937 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
938 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
939 .pdcp = {
940 .domain = RTE_SECURITY_PDCP_MODE_SHORT_MAC,
941 .capa_flags = 0
942 },
943 .crypto_capabilities = dpaa2_pdcp_capabilities
944 },
945 {
946 .action = RTE_SECURITY_ACTION_TYPE_NONE
947 }
948 };
949 #endif
950 /**
951 * Checksum
952 *
953 * @param buffer calculate chksum for buffer
954 * @param len buffer length
955 *
956 * @return checksum value in host cpu order
957 */
958 static inline uint16_t
calc_chksum(void * buffer,int len)959 calc_chksum(void *buffer, int len)
960 {
961 uint16_t *buf = (uint16_t *)buffer;
962 uint32_t sum = 0;
963 uint16_t result;
964
965 for (sum = 0; len > 1; len -= 2)
966 sum += *buf++;
967
968 if (len == 1)
969 sum += *(unsigned char *)buf;
970
971 sum = (sum >> 16) + (sum & 0xFFFF);
972 sum += (sum >> 16);
973 result = ~sum;
974
975 return result;
976 }
977
978 int
979 dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
980 struct rte_crypto_raw_dp_ctx *raw_dp_ctx,
981 enum rte_crypto_op_sess_type sess_type,
982 union rte_cryptodev_session_ctx session_ctx, uint8_t is_update);
983
984 int
985 dpaa2_sec_get_dp_ctx_size(struct rte_cryptodev *dev);
986
987
988 #endif /* _DPAA2_SEC_PMD_PRIVATE_H_ */
989