1 /* SPDX-License-Identifier: BSD-3-Clause
2 *
3 * Copyright 2016-2020 NXP
4 *
5 */
6
7 #ifndef _DPAA_SEC_H_
8 #define _DPAA_SEC_H_
9
10 #define CRYPTODEV_NAME_DPAA_SEC_PMD crypto_dpaa_sec
11 /**< NXP DPAA - SEC PMD device name */
12
13 #define MAX_DPAA_CORES 4
14 #define NUM_POOL_CHANNELS 4
15 #define DPAA_SEC_BURST 7
16 #define DPAA_SEC_ALG_UNSUPPORT (-1)
17 #define TDES_CBC_IV_LEN 8
18 #define AES_CBC_IV_LEN 16
19 #define AES_CTR_IV_LEN 16
20 #define AES_GCM_IV_LEN 12
21
22 #define DPAA_IPv6_DEFAULT_VTC_FLOW 0x60000000
23
24 /* Minimum job descriptor consists of a oneword job descriptor HEADER and
25 * a pointer to the shared descriptor.
26 */
27 #define MIN_JOB_DESC_SIZE (CAAM_CMD_SZ + CAAM_PTR_SZ)
28 /* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
29 #define CTX_POOL_NUM_BUFS 32000
30 #define CTX_POOL_BUF_SIZE sizeof(struct dpaa_sec_op_ctx)
31 #define CTX_POOL_CACHE_SIZE 512
32 #define RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS 1024
33
34 #define DIR_ENC 1
35 #define DIR_DEC 0
36
37 enum dpaa_sec_op_type {
38 DPAA_SEC_NONE, /*!< No Cipher operations*/
39 DPAA_SEC_CIPHER,/*!< CIPHER operations */
40 DPAA_SEC_AUTH, /*!< Authentication Operations */
41 DPAA_SEC_AEAD, /*!< AEAD (AES-GCM/CCM) type operations */
42 DPAA_SEC_CIPHER_HASH, /*!< Authenticated Encryption with
43 * associated data
44 */
45 DPAA_SEC_HASH_CIPHER, /*!< Encryption with Authenticated
46 * associated data
47 */
48 DPAA_SEC_IPSEC, /*!< IPSEC protocol operations*/
49 DPAA_SEC_PDCP, /*!< PDCP protocol operations*/
50 DPAA_SEC_PKC, /*!< Public Key Cryptographic Operations */
51 DPAA_SEC_MAX
52 };
53
54 #define DPAA_SEC_MAX_DESC_SIZE 64
55 /* code or cmd block to caam */
56 struct sec_cdb {
57 struct {
58 union {
59 uint32_t word;
60 struct {
61 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
62 uint16_t rsvd63_48;
63 unsigned int rsvd47_39:9;
64 unsigned int idlen:7;
65 #else
66 unsigned int idlen:7;
67 unsigned int rsvd47_39:9;
68 uint16_t rsvd63_48;
69 #endif
70 } field;
71 } __packed hi;
72
73 union {
74 uint32_t word;
75 struct {
76 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
77 unsigned int rsvd31_30:2;
78 unsigned int fsgt:1;
79 unsigned int lng:1;
80 unsigned int offset:2;
81 unsigned int abs:1;
82 unsigned int add_buf:1;
83 uint8_t pool_id;
84 uint16_t pool_buffer_size;
85 #else
86 uint16_t pool_buffer_size;
87 uint8_t pool_id;
88 unsigned int add_buf:1;
89 unsigned int abs:1;
90 unsigned int offset:2;
91 unsigned int lng:1;
92 unsigned int fsgt:1;
93 unsigned int rsvd31_30:2;
94 #endif
95 } field;
96 } __packed lo;
97 } __packed sh_hdr;
98
99 uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE];
100 };
101 #ifdef RTE_LIB_SECURITY
102 /*!
103 * The structure is to be filled by user as a part of
104 * dpaa_sec_proto_ctxt for PDCP Protocol
105 */
106 struct sec_pdcp_ctxt {
107 enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/
108 int8_t bearer; /*!< PDCP bearer ID */
109 int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/
110 int8_t hfn_ovd;/*!< Overwrite HFN per packet*/
111 uint8_t sn_size; /*!< Sequence number size, 5/7/12/15/18 */
112 uint8_t sdap_enabled; /*!< SDAP header is enabled */
113 uint16_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which
114 * per packet hfn is stored
115 */
116 uint32_t hfn; /*!< Hyper Frame Number */
117 uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */
118 };
119 #endif
120 typedef struct dpaa_sec_session_entry {
121 struct sec_cdb cdb; /**< cmd block associated with qp */
122 struct dpaa_sec_qp *qp[MAX_DPAA_CORES];
123 struct qman_fq *inq[MAX_DPAA_CORES];
124 uint8_t dir; /*!< Operation Direction */
125 uint8_t ctxt; /*!< Session Context Type */
126 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
127 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
128 enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
129 #ifdef RTE_LIB_SECURITY
130 enum rte_security_session_protocol proto_alg; /*!< Security Algorithm*/
131 #endif
132 union {
133 struct {
134 uint8_t *data; /**< pointer to key data */
135 size_t length; /**< key length in bytes */
136 uint32_t alg;
137 uint32_t algmode;
138 } aead_key;
139 struct {
140 struct {
141 uint8_t *data; /**< pointer to key data */
142 size_t length; /**< key length in bytes */
143 uint32_t alg;
144 uint32_t algmode;
145 } cipher_key;
146 struct {
147 uint8_t *data; /**< pointer to key data */
148 size_t length; /**< key length in bytes */
149 uint32_t alg;
150 uint32_t algmode;
151 } auth_key;
152 };
153 };
154 union {
155 struct {
156 struct {
157 uint16_t length;
158 uint16_t offset;
159 } iv; /**< Initialisation vector parameters */
160 uint16_t auth_only_len;
161 /*!< Length of data for Auth only */
162 uint32_t digest_length;
163 struct ipsec_decap_pdb decap_pdb;
164 struct ipsec_encap_pdb encap_pdb;
165 union {
166 struct ip ip4_hdr;
167 struct rte_ipv6_hdr ip6_hdr;
168 };
169 uint8_t auth_cipher_text;
170 /**< Authenticate/cipher ordering */
171 };
172 #ifdef RTE_LIB_SECURITY
173 struct sec_pdcp_ctxt pdcp;
174 #endif
175 };
176 } dpaa_sec_session;
177
178 struct dpaa_sec_qp {
179 struct dpaa_sec_dev_private *internals;
180 struct rte_mempool *ctx_pool; /* mempool for dpaa_sec_op_ctx */
181 struct qman_fq outq;
182 int rx_pkts;
183 int rx_errs;
184 int tx_pkts;
185 int tx_errs;
186 };
187
188 #define RTE_DPAA_MAX_NB_SEC_QPS 2
189 #define RTE_DPAA_MAX_RX_QUEUE (MAX_DPAA_CORES * RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS)
190 #define DPAA_MAX_DEQUEUE_NUM_FRAMES 63
191
192 /* internal sec queue interface */
193 struct dpaa_sec_dev_private {
194 void *sec_hw;
195 struct dpaa_sec_qp qps[RTE_DPAA_MAX_NB_SEC_QPS]; /* i/o queue for sec */
196 struct qman_fq inq[RTE_DPAA_MAX_RX_QUEUE];
197 unsigned char inq_attach[RTE_DPAA_MAX_RX_QUEUE];
198 unsigned int max_nb_queue_pairs;
199 unsigned int max_nb_sessions;
200 rte_spinlock_t lock;
201 };
202
203 #define MAX_SG_ENTRIES 16
204 #define MAX_JOB_SG_ENTRIES 36
205
206 struct dpaa_sec_job {
207 /* sg[0] output, sg[1] input, others are possible sub frames */
208 struct qm_sg_entry sg[MAX_JOB_SG_ENTRIES];
209 };
210
211 #define DPAA_MAX_NB_MAX_DIGEST 32
212 struct dpaa_sec_op_ctx {
213 struct dpaa_sec_job job;
214 struct rte_crypto_op *op;
215 struct rte_mempool *ctx_pool; /* mempool pointer for dpaa_sec_op_ctx */
216 uint32_t fd_status;
217 int64_t vtop_offset;
218 uint8_t digest[DPAA_MAX_NB_MAX_DIGEST];
219 };
220
221 static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
222 { /* NULL (AUTH) */
223 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
224 {.sym = {
225 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
226 {.auth = {
227 .algo = RTE_CRYPTO_AUTH_NULL,
228 .block_size = 1,
229 .key_size = {
230 .min = 0,
231 .max = 0,
232 .increment = 0
233 },
234 .digest_size = {
235 .min = 0,
236 .max = 0,
237 .increment = 0
238 },
239 .iv_size = { 0 }
240 }, },
241 }, },
242 },
243 { /* MD5 HMAC */
244 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
245 {.sym = {
246 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
247 {.auth = {
248 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
249 .block_size = 64,
250 .key_size = {
251 .min = 1,
252 .max = 64,
253 .increment = 1
254 },
255 .digest_size = {
256 .min = 1,
257 .max = 16,
258 .increment = 1
259 },
260 .iv_size = { 0 }
261 }, }
262 }, }
263 },
264 { /* SHA1 HMAC */
265 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
266 {.sym = {
267 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
268 {.auth = {
269 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
270 .block_size = 64,
271 .key_size = {
272 .min = 1,
273 .max = 64,
274 .increment = 1
275 },
276 .digest_size = {
277 .min = 1,
278 .max = 20,
279 .increment = 1
280 },
281 .iv_size = { 0 }
282 }, }
283 }, }
284 },
285 { /* SHA224 HMAC */
286 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
287 {.sym = {
288 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
289 {.auth = {
290 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
291 .block_size = 64,
292 .key_size = {
293 .min = 1,
294 .max = 64,
295 .increment = 1
296 },
297 .digest_size = {
298 .min = 1,
299 .max = 28,
300 .increment = 1
301 },
302 .iv_size = { 0 }
303 }, }
304 }, }
305 },
306 { /* SHA256 HMAC */
307 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
308 {.sym = {
309 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
310 {.auth = {
311 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
312 .block_size = 64,
313 .key_size = {
314 .min = 1,
315 .max = 64,
316 .increment = 1
317 },
318 .digest_size = {
319 .min = 1,
320 .max = 32,
321 .increment = 1
322 },
323 .iv_size = { 0 }
324 }, }
325 }, }
326 },
327 { /* SHA384 HMAC */
328 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
329 {.sym = {
330 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
331 {.auth = {
332 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
333 .block_size = 128,
334 .key_size = {
335 .min = 1,
336 .max = 128,
337 .increment = 1
338 },
339 .digest_size = {
340 .min = 1,
341 .max = 48,
342 .increment = 1
343 },
344 .iv_size = { 0 }
345 }, }
346 }, }
347 },
348 { /* SHA512 HMAC */
349 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
350 {.sym = {
351 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
352 {.auth = {
353 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
354 .block_size = 128,
355 .key_size = {
356 .min = 1,
357 .max = 128,
358 .increment = 1
359 },
360 .digest_size = {
361 .min = 1,
362 .max = 64,
363 .increment = 1
364 },
365 .iv_size = { 0 }
366 }, }
367 }, }
368 },
369 { /* AES GCM */
370 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
371 {.sym = {
372 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
373 {.aead = {
374 .algo = RTE_CRYPTO_AEAD_AES_GCM,
375 .block_size = 16,
376 .key_size = {
377 .min = 16,
378 .max = 32,
379 .increment = 8
380 },
381 .digest_size = {
382 .min = 8,
383 .max = 16,
384 .increment = 4
385 },
386 .aad_size = {
387 .min = 0,
388 .max = 240,
389 .increment = 1
390 },
391 .iv_size = {
392 .min = 12,
393 .max = 12,
394 .increment = 0
395 },
396 }, }
397 }, }
398 },
399 { /* NULL (CIPHER) */
400 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
401 {.sym = {
402 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
403 {.cipher = {
404 .algo = RTE_CRYPTO_CIPHER_NULL,
405 .block_size = 1,
406 .key_size = {
407 .min = 0,
408 .max = 0,
409 .increment = 0
410 },
411 .iv_size = {
412 .min = 0,
413 .max = 0,
414 .increment = 0
415 }
416 }, },
417 }, }
418 },
419 { /* AES CBC */
420 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
421 {.sym = {
422 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
423 {.cipher = {
424 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
425 .block_size = 16,
426 .key_size = {
427 .min = 16,
428 .max = 32,
429 .increment = 8
430 },
431 .iv_size = {
432 .min = 16,
433 .max = 16,
434 .increment = 0
435 }
436 }, }
437 }, }
438 },
439 { /* AES CTR */
440 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
441 {.sym = {
442 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
443 {.cipher = {
444 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
445 .block_size = 16,
446 .key_size = {
447 .min = 16,
448 .max = 32,
449 .increment = 8
450 },
451 .iv_size = {
452 .min = 16,
453 .max = 16,
454 .increment = 0
455 },
456 }, }
457 }, }
458 },
459 { /* 3DES CBC */
460 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
461 {.sym = {
462 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
463 {.cipher = {
464 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
465 .block_size = 8,
466 .key_size = {
467 .min = 16,
468 .max = 24,
469 .increment = 8
470 },
471 .iv_size = {
472 .min = 8,
473 .max = 8,
474 .increment = 0
475 }
476 }, }
477 }, }
478 },
479 { /* SNOW 3G (UIA2) */
480 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
481 {.sym = {
482 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
483 {.auth = {
484 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
485 .block_size = 16,
486 .key_size = {
487 .min = 16,
488 .max = 16,
489 .increment = 0
490 },
491 .digest_size = {
492 .min = 4,
493 .max = 4,
494 .increment = 0
495 },
496 .iv_size = {
497 .min = 16,
498 .max = 16,
499 .increment = 0
500 }
501 }, }
502 }, }
503 },
504 { /* SNOW 3G (UEA2) */
505 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
506 {.sym = {
507 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
508 {.cipher = {
509 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
510 .block_size = 16,
511 .key_size = {
512 .min = 16,
513 .max = 16,
514 .increment = 0
515 },
516 .iv_size = {
517 .min = 16,
518 .max = 16,
519 .increment = 0
520 }
521 }, }
522 }, }
523 },
524 { /* ZUC (EEA3) */
525 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
526 {.sym = {
527 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
528 {.cipher = {
529 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
530 .block_size = 16,
531 .key_size = {
532 .min = 16,
533 .max = 16,
534 .increment = 0
535 },
536 .iv_size = {
537 .min = 16,
538 .max = 16,
539 .increment = 0
540 }
541 }, }
542 }, }
543 },
544 { /* ZUC (EIA3) */
545 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
546 {.sym = {
547 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
548 {.auth = {
549 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
550 .block_size = 16,
551 .key_size = {
552 .min = 16,
553 .max = 16,
554 .increment = 0
555 },
556 .digest_size = {
557 .min = 4,
558 .max = 4,
559 .increment = 0
560 },
561 .iv_size = {
562 .min = 16,
563 .max = 16,
564 .increment = 0
565 }
566 }, }
567 }, }
568 },
569 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
570 };
571
572 #ifdef RTE_LIB_SECURITY
573 static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = {
574 { /* SNOW 3G (UIA2) */
575 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
576 {.sym = {
577 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
578 {.auth = {
579 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
580 .block_size = 16,
581 .key_size = {
582 .min = 16,
583 .max = 16,
584 .increment = 0
585 },
586 .digest_size = {
587 .min = 4,
588 .max = 4,
589 .increment = 0
590 },
591 .iv_size = {
592 .min = 16,
593 .max = 16,
594 .increment = 0
595 }
596 }, }
597 }, }
598 },
599 { /* SNOW 3G (UEA2) */
600 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
601 {.sym = {
602 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
603 {.cipher = {
604 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
605 .block_size = 16,
606 .key_size = {
607 .min = 16,
608 .max = 16,
609 .increment = 0
610 },
611 .iv_size = {
612 .min = 16,
613 .max = 16,
614 .increment = 0
615 }
616 }, }
617 }, }
618 },
619 { /* AES CTR */
620 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
621 {.sym = {
622 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
623 {.cipher = {
624 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
625 .block_size = 16,
626 .key_size = {
627 .min = 16,
628 .max = 32,
629 .increment = 8
630 },
631 .iv_size = {
632 .min = 16,
633 .max = 16,
634 .increment = 0
635 }
636 }, }
637 }, }
638 },
639 { /* NULL (AUTH) */
640 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
641 {.sym = {
642 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
643 {.auth = {
644 .algo = RTE_CRYPTO_AUTH_NULL,
645 .block_size = 1,
646 .key_size = {
647 .min = 0,
648 .max = 0,
649 .increment = 0
650 },
651 .digest_size = {
652 .min = 0,
653 .max = 0,
654 .increment = 0
655 },
656 .iv_size = { 0 }
657 }, },
658 }, },
659 },
660 { /* NULL (CIPHER) */
661 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
662 {.sym = {
663 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
664 {.cipher = {
665 .algo = RTE_CRYPTO_CIPHER_NULL,
666 .block_size = 1,
667 .key_size = {
668 .min = 0,
669 .max = 0,
670 .increment = 0
671 },
672 .iv_size = {
673 .min = 0,
674 .max = 0,
675 .increment = 0
676 }
677 }, },
678 }, }
679 },
680 { /* ZUC (EEA3) */
681 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
682 {.sym = {
683 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
684 {.cipher = {
685 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
686 .block_size = 16,
687 .key_size = {
688 .min = 16,
689 .max = 16,
690 .increment = 0
691 },
692 .iv_size = {
693 .min = 16,
694 .max = 16,
695 .increment = 0
696 }
697 }, }
698 }, }
699 },
700 { /* ZUC (EIA3) */
701 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
702 {.sym = {
703 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
704 {.auth = {
705 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
706 .block_size = 16,
707 .key_size = {
708 .min = 16,
709 .max = 16,
710 .increment = 0
711 },
712 .digest_size = {
713 .min = 4,
714 .max = 4,
715 .increment = 0
716 },
717 .iv_size = {
718 .min = 16,
719 .max = 16,
720 .increment = 0
721 }
722 }, }
723 }, }
724 },
725
726 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
727 };
728
729 static const struct rte_security_capability dpaa_sec_security_cap[] = {
730 { /* IPsec Lookaside Protocol offload ESP Transport Egress */
731 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
732 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
733 .ipsec = {
734 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
735 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
736 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
737 .options = { 0 },
738 .replay_win_sz_max = 128
739 },
740 .crypto_capabilities = dpaa_sec_capabilities
741 },
742 { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
743 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
744 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
745 .ipsec = {
746 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
747 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
748 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
749 .options = { 0 },
750 .replay_win_sz_max = 128
751 },
752 .crypto_capabilities = dpaa_sec_capabilities
753 },
754 { /* PDCP Lookaside Protocol offload Data */
755 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
756 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
757 .pdcp = {
758 .domain = RTE_SECURITY_PDCP_MODE_DATA,
759 .capa_flags = 0
760 },
761 .crypto_capabilities = dpaa_pdcp_capabilities
762 },
763 { /* PDCP Lookaside Protocol offload Control */
764 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
765 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
766 .pdcp = {
767 .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
768 .capa_flags = 0
769 },
770 .crypto_capabilities = dpaa_pdcp_capabilities
771 },
772 {
773 .action = RTE_SECURITY_ACTION_TYPE_NONE
774 }
775 };
776 #endif
777
778 /**
779 * Checksum
780 *
781 * @param buffer calculate chksum for buffer
782 * @param len buffer length
783 *
784 * @return checksum value in host cpu order
785 */
786 static inline uint16_t
calc_chksum(void * buffer,int len)787 calc_chksum(void *buffer, int len)
788 {
789 uint16_t *buf = (uint16_t *)buffer;
790 uint32_t sum = 0;
791 uint16_t result;
792
793 for (sum = 0; len > 1; len -= 2)
794 sum += *buf++;
795
796 if (len == 1)
797 sum += *(unsigned char *)buf;
798
799 sum = (sum >> 16) + (sum & 0xFFFF);
800 sum += (sum >> 16);
801 result = ~sum;
802
803 return result;
804 }
805
806 #endif /* _DPAA_SEC_H_ */
807