1 /* SPDX-License-Identifier: BSD-3-Clause
2 *
3 * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
4 * Copyright 2016,2020 NXP
5 *
6 */
7
8 #ifndef _DPAA2_SEC_PMD_PRIVATE_H_
9 #define _DPAA2_SEC_PMD_PRIVATE_H_
10
11 #ifdef RTE_LIB_SECURITY
12 #include <rte_security_driver.h>
13 #endif
14
15 #define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec
16 /**< NXP DPAA2 - SEC PMD device name */
17
18 #define MAX_QUEUES 64
19 #define MAX_DESC_SIZE 64
20 /** private data structure for each DPAA2_SEC device */
21 struct dpaa2_sec_dev_private {
22 void *mc_portal; /**< MC Portal for configuring this device */
23 void *hw; /**< Hardware handle for this device.Used by NADK framework */
24 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
25 int32_t hw_id; /**< An unique ID of this device instance */
26 int32_t vfio_fd; /**< File descriptor received via VFIO */
27 uint16_t token; /**< Token required by DPxxx objects */
28 unsigned int max_nb_queue_pairs;
29 /**< Max number of queue pairs supported by device */
30 };
31
32 struct dpaa2_sec_qp {
33 struct dpaa2_queue rx_vq;
34 struct dpaa2_queue tx_vq;
35 };
36
37 enum shr_desc_type {
38 DESC_UPDATE,
39 DESC_FINAL,
40 DESC_INITFINAL,
41 };
42
43 #define DIR_ENC 1
44 #define DIR_DEC 0
45
46 #define DPAA2_IPv6_DEFAULT_VTC_FLOW 0x60000000
47
48 #define DPAA2_SET_FLC_EWS(flc) (flc->word1_bits23_16 |= 0x1)
49 #define DPAA2_SET_FLC_RSC(flc) (flc->word1_bits31_24 |= 0x1)
50 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
51 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
52
53 /* SEC Flow Context Descriptor */
54 struct sec_flow_context {
55 /* word 0 */
56 uint16_t word0_sdid; /* 11-0 SDID */
57 uint16_t word0_res; /* 31-12 reserved */
58
59 /* word 1 */
60 uint8_t word1_sdl; /* 5-0 SDL */
61 /* 7-6 reserved */
62
63 uint8_t word1_bits_15_8; /* 11-8 CRID */
64 /* 14-12 reserved */
65 /* 15 CRJD */
66
67 uint8_t word1_bits23_16; /* 16 EWS */
68 /* 17 DAC */
69 /* 18,19,20 ? */
70 /* 23-21 reserved */
71
72 uint8_t word1_bits31_24; /* 24 RSC */
73 /* 25 RBMT */
74 /* 31-26 reserved */
75
76 /* word 2 RFLC[31-0] */
77 uint32_t word2_rflc_31_0;
78
79 /* word 3 RFLC[63-32] */
80 uint32_t word3_rflc_63_32;
81
82 /* word 4 */
83 uint16_t word4_iicid; /* 15-0 IICID */
84 uint16_t word4_oicid; /* 31-16 OICID */
85
86 /* word 5 */
87 uint32_t word5_ofqid:24; /* 23-0 OFQID */
88 uint32_t word5_31_24:8;
89 /* 24 OSC */
90 /* 25 OBMT */
91 /* 29-26 reserved */
92 /* 31-30 ICR */
93
94 /* word 6 */
95 uint32_t word6_oflc_31_0;
96
97 /* word 7 */
98 uint32_t word7_oflc_63_32;
99
100 /* Word 8-15 storage profiles */
101 uint16_t dl; /**< DataLength(correction) */
102 uint16_t reserved; /**< reserved */
103 uint16_t dhr; /**< DataHeadRoom(correction) */
104 uint16_t mode_bits; /**< mode bits */
105 uint16_t bpv0; /**< buffer pool0 valid */
106 uint16_t bpid0; /**< Bypass Memory Translation */
107 uint16_t bpv1; /**< buffer pool1 valid */
108 uint16_t bpid1; /**< Bypass Memory Translation */
109 uint64_t word_12_15[2]; /**< word 12-15 are reserved */
110 };
111
112 struct sec_flc_desc {
113 struct sec_flow_context flc;
114 uint32_t desc[MAX_DESC_SIZE];
115 };
116
117 struct ctxt_priv {
118 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
119 struct sec_flc_desc flc_desc[0];
120 };
121
122 enum dpaa2_sec_op_type {
123 DPAA2_SEC_NONE, /*!< No Cipher operations*/
124 DPAA2_SEC_CIPHER,/*!< CIPHER operations */
125 DPAA2_SEC_AUTH, /*!< Authentication Operations */
126 DPAA2_SEC_AEAD, /*!< AEAD (AES-GCM/CCM) type operations */
127 DPAA2_SEC_CIPHER_HASH, /*!< Authenticated Encryption with
128 * associated data
129 */
130 DPAA2_SEC_HASH_CIPHER, /*!< Encryption with Authenticated
131 * associated data
132 */
133 DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
134 DPAA2_SEC_PDCP, /*!< PDCP protocol operations*/
135 DPAA2_SEC_PKC, /*!< Public Key Cryptographic Operations */
136 DPAA2_SEC_MAX
137 };
138
139 struct dpaa2_sec_aead_ctxt {
140 uint16_t auth_only_len; /*!< Length of data for Auth only */
141 uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */
142 };
143
144 #ifdef RTE_LIB_SECURITY
145 /*
146 * The structure is to be filled by user for PDCP Protocol
147 */
148 struct dpaa2_pdcp_ctxt {
149 enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/
150 int8_t bearer; /*!< PDCP bearer ID */
151 int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/
152 int8_t hfn_ovd;/*!< Overwrite HFN per packet*/
153 uint8_t sn_size; /*!< Sequence number size, 5/7/12/15/18 */
154 uint32_t hfn_ovd_offset;/*!< offset from rte_crypto_op at which
155 * per packet hfn is stored
156 */
157 uint32_t hfn; /*!< Hyper Frame Number */
158 uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */
159 };
160 #endif
161 typedef struct dpaa2_sec_session_entry {
162 void *ctxt;
163 uint8_t ctxt_type;
164 uint8_t dir; /*!< Operation Direction */
165 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
166 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
167 enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
168 union {
169 struct {
170 uint8_t *data; /**< pointer to key data */
171 size_t length; /**< key length in bytes */
172 } aead_key;
173 struct {
174 struct {
175 uint8_t *data; /**< pointer to key data */
176 size_t length; /**< key length in bytes */
177 } cipher_key;
178 struct {
179 uint8_t *data; /**< pointer to key data */
180 size_t length; /**< key length in bytes */
181 } auth_key;
182 };
183 };
184 union {
185 struct {
186 struct {
187 uint16_t length; /**< IV length in bytes */
188 uint16_t offset; /**< IV offset in bytes */
189 } iv;
190 uint16_t digest_length;
191 uint8_t status;
192 union {
193 struct dpaa2_sec_aead_ctxt aead_ctxt;
194 } ext_params;
195 };
196 #ifdef RTE_LIB_SECURITY
197 struct dpaa2_pdcp_ctxt pdcp;
198 #endif
199 };
200 } dpaa2_sec_session;
201
202 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
203 /* Symmetric capabilities */
204 { /* NULL (AUTH) */
205 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
206 {.sym = {
207 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
208 {.auth = {
209 .algo = RTE_CRYPTO_AUTH_NULL,
210 .block_size = 1,
211 .key_size = {
212 .min = 0,
213 .max = 0,
214 .increment = 0
215 },
216 .digest_size = {
217 .min = 0,
218 .max = 0,
219 .increment = 0
220 },
221 .iv_size = { 0 }
222 }, },
223 }, },
224 },
225 { /* MD5 */
226 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
227 {.sym = {
228 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
229 {.auth = {
230 .algo = RTE_CRYPTO_AUTH_MD5,
231 .block_size = 64,
232 .key_size = {
233 .min = 0,
234 .max = 0,
235 .increment = 0
236 },
237 .digest_size = {
238 .min = 16,
239 .max = 16,
240 .increment = 0
241 },
242 .iv_size = { 0 }
243 }, }
244 }, }
245 },
246 { /* MD5 HMAC */
247 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
248 {.sym = {
249 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
250 {.auth = {
251 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
252 .block_size = 64,
253 .key_size = {
254 .min = 1,
255 .max = 64,
256 .increment = 1
257 },
258 .digest_size = {
259 .min = 1,
260 .max = 16,
261 .increment = 1
262 },
263 .iv_size = { 0 }
264 }, }
265 }, }
266 },
267 { /* SHA1 */
268 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
269 {.sym = {
270 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
271 {.auth = {
272 .algo = RTE_CRYPTO_AUTH_SHA1,
273 .block_size = 64,
274 .key_size = {
275 .min = 0,
276 .max = 0,
277 .increment = 0
278 },
279 .digest_size = {
280 .min = 20,
281 .max = 20,
282 .increment = 0
283 },
284 .iv_size = { 0 }
285 }, }
286 }, }
287 },
288 { /* SHA1 HMAC */
289 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
290 {.sym = {
291 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
292 {.auth = {
293 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
294 .block_size = 64,
295 .key_size = {
296 .min = 1,
297 .max = 64,
298 .increment = 1
299 },
300 .digest_size = {
301 .min = 1,
302 .max = 20,
303 .increment = 1
304 },
305 .iv_size = { 0 }
306 }, }
307 }, }
308 },
309 { /* SHA224 */
310 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
311 {.sym = {
312 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
313 {.auth = {
314 .algo = RTE_CRYPTO_AUTH_SHA224,
315 .block_size = 64,
316 .key_size = {
317 .min = 0,
318 .max = 0,
319 .increment = 0
320 },
321 .digest_size = {
322 .min = 28,
323 .max = 28,
324 .increment = 0
325 },
326 .iv_size = { 0 }
327 }, }
328 }, }
329 },
330 { /* SHA224 HMAC */
331 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
332 {.sym = {
333 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
334 {.auth = {
335 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
336 .block_size = 64,
337 .key_size = {
338 .min = 1,
339 .max = 64,
340 .increment = 1
341 },
342 .digest_size = {
343 .min = 1,
344 .max = 28,
345 .increment = 1
346 },
347 .iv_size = { 0 }
348 }, }
349 }, }
350 },
351 { /* SHA256 */
352 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
353 {.sym = {
354 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
355 {.auth = {
356 .algo = RTE_CRYPTO_AUTH_SHA256,
357 .block_size = 64,
358 .key_size = {
359 .min = 0,
360 .max = 0,
361 .increment = 0
362 },
363 .digest_size = {
364 .min = 32,
365 .max = 32,
366 .increment = 0
367 },
368 .iv_size = { 0 }
369 }, }
370 }, }
371 },
372 { /* SHA256 HMAC */
373 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
374 {.sym = {
375 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
376 {.auth = {
377 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
378 .block_size = 64,
379 .key_size = {
380 .min = 1,
381 .max = 64,
382 .increment = 1
383 },
384 .digest_size = {
385 .min = 1,
386 .max = 32,
387 .increment = 1
388 },
389 .iv_size = { 0 }
390 }, }
391 }, }
392 },
393 { /* SHA384 */
394 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
395 {.sym = {
396 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
397 {.auth = {
398 .algo = RTE_CRYPTO_AUTH_SHA384,
399 .block_size = 64,
400 .key_size = {
401 .min = 0,
402 .max = 0,
403 .increment = 0
404 },
405 .digest_size = {
406 .min = 48,
407 .max = 48,
408 .increment = 0
409 },
410 .iv_size = { 0 }
411 }, }
412 }, }
413 },
414 { /* SHA384 HMAC */
415 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
416 {.sym = {
417 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
418 {.auth = {
419 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
420 .block_size = 128,
421 .key_size = {
422 .min = 1,
423 .max = 128,
424 .increment = 1
425 },
426 .digest_size = {
427 .min = 1,
428 .max = 48,
429 .increment = 1
430 },
431 .iv_size = { 0 }
432 }, }
433 }, }
434 },
435 { /* SHA512 */
436 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
437 {.sym = {
438 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
439 {.auth = {
440 .algo = RTE_CRYPTO_AUTH_SHA512,
441 .block_size = 128,
442 .key_size = {
443 .min = 0,
444 .max = 0,
445 .increment = 0
446 },
447 .digest_size = {
448 .min = 64,
449 .max = 64,
450 .increment = 0
451 },
452 .iv_size = { 0 }
453 }, }
454 }, }
455 },
456 { /* SHA512 HMAC */
457 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
458 {.sym = {
459 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
460 {.auth = {
461 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
462 .block_size = 128,
463 .key_size = {
464 .min = 1,
465 .max = 128,
466 .increment = 1
467 },
468 .digest_size = {
469 .min = 1,
470 .max = 64,
471 .increment = 1
472 },
473 .iv_size = { 0 }
474 }, }
475 }, }
476 },
477 { /* AES GCM */
478 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
479 {.sym = {
480 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
481 {.aead = {
482 .algo = RTE_CRYPTO_AEAD_AES_GCM,
483 .block_size = 16,
484 .key_size = {
485 .min = 16,
486 .max = 32,
487 .increment = 8
488 },
489 .digest_size = {
490 .min = 8,
491 .max = 16,
492 .increment = 4
493 },
494 .aad_size = {
495 .min = 0,
496 .max = 240,
497 .increment = 1
498 },
499 .iv_size = {
500 .min = 12,
501 .max = 12,
502 .increment = 0
503 },
504 }, }
505 }, }
506 },
507 { /* NULL (CIPHER) */
508 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
509 {.sym = {
510 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
511 {.cipher = {
512 .algo = RTE_CRYPTO_CIPHER_NULL,
513 .block_size = 1,
514 .key_size = {
515 .min = 0,
516 .max = 0,
517 .increment = 0
518 },
519 .iv_size = {
520 .min = 0,
521 .max = 0,
522 .increment = 0
523 }
524 }, },
525 }, }
526 },
527 { /* AES CBC */
528 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
529 {.sym = {
530 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
531 {.cipher = {
532 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
533 .block_size = 16,
534 .key_size = {
535 .min = 16,
536 .max = 32,
537 .increment = 8
538 },
539 .iv_size = {
540 .min = 16,
541 .max = 16,
542 .increment = 0
543 }
544 }, }
545 }, }
546 },
547 { /* AES CTR */
548 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
549 {.sym = {
550 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
551 {.cipher = {
552 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
553 .block_size = 16,
554 .key_size = {
555 .min = 16,
556 .max = 32,
557 .increment = 8
558 },
559 .iv_size = {
560 .min = 16,
561 .max = 16,
562 .increment = 0
563 },
564 }, }
565 }, }
566 },
567 { /* DES CBC */
568 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
569 {.sym = {
570 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
571 {.cipher = {
572 .algo = RTE_CRYPTO_CIPHER_DES_CBC,
573 .block_size = 8,
574 .key_size = {
575 .min = 8,
576 .max = 8,
577 .increment = 0
578 },
579 .iv_size = {
580 .min = 8,
581 .max = 8,
582 .increment = 0
583 }
584 }, }
585 }, }
586 },
587 { /* 3DES CBC */
588 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
589 {.sym = {
590 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
591 {.cipher = {
592 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
593 .block_size = 8,
594 .key_size = {
595 .min = 16,
596 .max = 24,
597 .increment = 8
598 },
599 .iv_size = {
600 .min = 8,
601 .max = 8,
602 .increment = 0
603 }
604 }, }
605 }, }
606 },
607 { /* SNOW 3G (UIA2) */
608 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
609 {.sym = {
610 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
611 {.auth = {
612 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
613 .block_size = 16,
614 .key_size = {
615 .min = 16,
616 .max = 16,
617 .increment = 0
618 },
619 .digest_size = {
620 .min = 4,
621 .max = 4,
622 .increment = 0
623 },
624 .iv_size = {
625 .min = 16,
626 .max = 16,
627 .increment = 0
628 }
629 }, }
630 }, }
631 },
632 { /* SNOW 3G (UEA2) */
633 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
634 {.sym = {
635 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
636 {.cipher = {
637 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
638 .block_size = 16,
639 .key_size = {
640 .min = 16,
641 .max = 16,
642 .increment = 0
643 },
644 .iv_size = {
645 .min = 16,
646 .max = 16,
647 .increment = 0
648 }
649 }, }
650 }, }
651 },
652 { /* ZUC (EEA3) */
653 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
654 {.sym = {
655 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
656 {.cipher = {
657 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
658 .block_size = 16,
659 .key_size = {
660 .min = 16,
661 .max = 16,
662 .increment = 0
663 },
664 .iv_size = {
665 .min = 16,
666 .max = 16,
667 .increment = 0
668 }
669 }, }
670 }, }
671 },
672 { /* ZUC (EIA3) */
673 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
674 {.sym = {
675 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
676 {.auth = {
677 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
678 .block_size = 16,
679 .key_size = {
680 .min = 16,
681 .max = 16,
682 .increment = 0
683 },
684 .digest_size = {
685 .min = 4,
686 .max = 4,
687 .increment = 0
688 },
689 .iv_size = {
690 .min = 16,
691 .max = 16,
692 .increment = 0
693 }
694 }, }
695 }, }
696 },
697 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
698 };
699
700 #ifdef RTE_LIB_SECURITY
701
702 static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = {
703 { /* SNOW 3G (UIA2) */
704 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
705 {.sym = {
706 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
707 {.auth = {
708 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
709 .block_size = 16,
710 .key_size = {
711 .min = 16,
712 .max = 16,
713 .increment = 0
714 },
715 .digest_size = {
716 .min = 4,
717 .max = 4,
718 .increment = 0
719 },
720 .iv_size = {
721 .min = 16,
722 .max = 16,
723 .increment = 0
724 }
725 }, }
726 }, }
727 },
728 { /* SNOW 3G (UEA2) */
729 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
730 {.sym = {
731 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
732 {.cipher = {
733 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
734 .block_size = 16,
735 .key_size = {
736 .min = 16,
737 .max = 16,
738 .increment = 0
739 },
740 .iv_size = {
741 .min = 16,
742 .max = 16,
743 .increment = 0
744 }
745 }, }
746 }, }
747 },
748 { /* AES CTR */
749 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
750 {.sym = {
751 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
752 {.cipher = {
753 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
754 .block_size = 16,
755 .key_size = {
756 .min = 16,
757 .max = 32,
758 .increment = 8
759 },
760 .iv_size = {
761 .min = 16,
762 .max = 16,
763 .increment = 0
764 }
765 }, }
766 }, }
767 },
768 { /* NULL (AUTH) */
769 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
770 {.sym = {
771 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
772 {.auth = {
773 .algo = RTE_CRYPTO_AUTH_NULL,
774 .block_size = 1,
775 .key_size = {
776 .min = 0,
777 .max = 0,
778 .increment = 0
779 },
780 .digest_size = {
781 .min = 0,
782 .max = 0,
783 .increment = 0
784 },
785 .iv_size = { 0 }
786 }, },
787 }, },
788 },
789 { /* NULL (CIPHER) */
790 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
791 {.sym = {
792 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
793 {.cipher = {
794 .algo = RTE_CRYPTO_CIPHER_NULL,
795 .block_size = 1,
796 .key_size = {
797 .min = 0,
798 .max = 0,
799 .increment = 0
800 },
801 .iv_size = {
802 .min = 0,
803 .max = 0,
804 .increment = 0
805 }
806 }, },
807 }, }
808 },
809 { /* ZUC (EEA3) */
810 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
811 {.sym = {
812 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
813 {.cipher = {
814 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
815 .block_size = 16,
816 .key_size = {
817 .min = 16,
818 .max = 16,
819 .increment = 0
820 },
821 .iv_size = {
822 .min = 16,
823 .max = 16,
824 .increment = 0
825 }
826 }, }
827 }, }
828 },
829 { /* ZUC (EIA3) */
830 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
831 {.sym = {
832 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
833 {.auth = {
834 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
835 .block_size = 16,
836 .key_size = {
837 .min = 16,
838 .max = 16,
839 .increment = 0
840 },
841 .digest_size = {
842 .min = 4,
843 .max = 4,
844 .increment = 0
845 },
846 .iv_size = {
847 .min = 16,
848 .max = 16,
849 .increment = 0
850 }
851 }, }
852 }, }
853 },
854
855 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
856 };
857
858 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
859 { /* IPsec Lookaside Protocol offload ESP Transport Egress */
860 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
861 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
862 .ipsec = {
863 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
864 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
865 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
866 .options = { 0 },
867 .replay_win_sz_max = 128
868 },
869 .crypto_capabilities = dpaa2_sec_capabilities
870 },
871 { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
872 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
873 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
874 .ipsec = {
875 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
876 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
877 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
878 .options = { 0 },
879 .replay_win_sz_max = 128
880 },
881 .crypto_capabilities = dpaa2_sec_capabilities
882 },
883 { /* PDCP Lookaside Protocol offload Data */
884 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
885 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
886 .pdcp = {
887 .domain = RTE_SECURITY_PDCP_MODE_DATA,
888 .capa_flags = 0
889 },
890 .crypto_capabilities = dpaa2_pdcp_capabilities
891 },
892 { /* PDCP Lookaside Protocol offload Control */
893 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
894 .protocol = RTE_SECURITY_PROTOCOL_PDCP,
895 .pdcp = {
896 .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
897 .capa_flags = 0
898 },
899 .crypto_capabilities = dpaa2_pdcp_capabilities
900 },
901 {
902 .action = RTE_SECURITY_ACTION_TYPE_NONE
903 }
904 };
905 #endif
906 /**
907 * Checksum
908 *
909 * @param buffer calculate chksum for buffer
910 * @param len buffer length
911 *
912 * @return checksum value in host cpu order
913 */
914 static inline uint16_t
calc_chksum(void * buffer,int len)915 calc_chksum(void *buffer, int len)
916 {
917 uint16_t *buf = (uint16_t *)buffer;
918 uint32_t sum = 0;
919 uint16_t result;
920
921 for (sum = 0; len > 1; len -= 2)
922 sum += *buf++;
923
924 if (len == 1)
925 sum += *(unsigned char *)buf;
926
927 sum = (sum >> 16) + (sum & 0xFFFF);
928 sum += (sum >> 16);
929 result = ~sum;
930
931 return result;
932 }
933
934 #endif /* _DPAA2_SEC_PMD_PRIVATE_H_ */
935