4 * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Freescale Semiconductor, Inc nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
35 #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
37 #define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec
38 /**< NXP DPAA2 - SEC PMD device name */
41 #define MAX_DESC_SIZE 64
42 /** private data structure for each DPAA2_SEC device */
43 struct dpaa2_sec_dev_private {
44 void *mc_portal; /**< MC Portal for configuring this device */
45 void *hw; /**< Hardware handle for this device.Used by NADK framework */
46 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
47 int32_t hw_id; /**< An unique ID of this device instance */
48 int32_t vfio_fd; /**< File descriptor received via VFIO */
49 uint16_t token; /**< Token required by DPxxx objects */
50 unsigned int max_nb_queue_pairs;
51 /**< Max number of queue pairs supported by device */
52 unsigned int max_nb_sessions;
53 /**< Max number of sessions supported by device */
57 struct dpaa2_queue rx_vq;
58 struct dpaa2_queue tx_vq;
70 #define DPAA2_SET_FLC_EWS(flc) (flc->word1_bits23_16 |= 0x1)
71 #define DPAA2_SET_FLC_RSC(flc) (flc->word1_bits31_24 |= 0x1)
72 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
73 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
75 /* SEC Flow Context Descriptor */
76 struct sec_flow_context {
78 uint16_t word0_sdid; /* 11-0 SDID */
79 uint16_t word0_res; /* 31-12 reserved */
82 uint8_t word1_sdl; /* 5-0 SDL */
85 uint8_t word1_bits_15_8; /* 11-8 CRID */
89 uint8_t word1_bits23_16; /* 16 EWS */
94 uint8_t word1_bits31_24; /* 24 RSC */
98 /* word 2 RFLC[31-0] */
99 uint32_t word2_rflc_31_0;
101 /* word 3 RFLC[63-32] */
102 uint32_t word3_rflc_63_32;
105 uint16_t word4_iicid; /* 15-0 IICID */
106 uint16_t word4_oicid; /* 31-16 OICID */
109 uint32_t word5_ofqid:24; /* 23-0 OFQID */
110 uint32_t word5_31_24:8;
117 uint32_t word6_oflc_31_0;
120 uint32_t word7_oflc_63_32;
122 /* Word 8-15 storage profiles */
123 uint16_t dl; /**< DataLength(correction) */
124 uint16_t reserved; /**< reserved */
125 uint16_t dhr; /**< DataHeadRoom(correction) */
126 uint16_t mode_bits; /**< mode bits */
127 uint16_t bpv0; /**< buffer pool0 valid */
128 uint16_t bpid0; /**< Bypass Memory Translation */
129 uint16_t bpv1; /**< buffer pool1 valid */
130 uint16_t bpid1; /**< Bypass Memory Translation */
131 uint64_t word_12_15[2]; /**< word 12-15 are reserved */
134 struct sec_flc_desc {
135 struct sec_flow_context flc;
136 uint32_t desc[MAX_DESC_SIZE];
140 struct rte_mempool *fle_pool; /* per device memory pool for FLE */
141 struct sec_flc_desc flc_desc[0];
144 enum dpaa2_sec_op_type {
145 DPAA2_SEC_NONE, /*!< No Cipher operations*/
146 DPAA2_SEC_CIPHER,/*!< CIPHER operations */
147 DPAA2_SEC_AUTH, /*!< Authentication Operations */
148 DPAA2_SEC_AEAD, /*!< AEAD (AES-GCM/CCM) type operations */
149 DPAA2_SEC_CIPHER_HASH, /*!< Authenticated Encryption with
152 DPAA2_SEC_HASH_CIPHER, /*!< Encryption with Authenticated
155 DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
156 DPAA2_SEC_PDCP, /*!< PDCP protocol operations*/
157 DPAA2_SEC_PKC, /*!< Public Key Cryptographic Operations */
161 struct dpaa2_sec_aead_ctxt {
162 uint16_t auth_only_len; /*!< Length of data for Auth only */
163 uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */
166 typedef struct dpaa2_sec_session_entry {
169 uint8_t dir; /*!< Operation Direction */
170 enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
171 enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
172 enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
175 uint8_t *data; /**< pointer to key data */
176 size_t length; /**< key length in bytes */
180 uint8_t *data; /**< pointer to key data */
181 size_t length; /**< key length in bytes */
184 uint8_t *data; /**< pointer to key data */
185 size_t length; /**< key length in bytes */
190 uint16_t length; /**< IV length in bytes */
191 uint16_t offset; /**< IV offset in bytes */
193 uint16_t digest_length;
196 struct dpaa2_sec_aead_ctxt aead_ctxt;
200 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
202 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
204 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
206 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
223 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
225 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
227 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
244 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
246 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
248 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
265 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
267 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
269 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
286 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
288 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
290 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
307 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
309 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
311 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
328 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
330 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
332 .algo = RTE_CRYPTO_AEAD_AES_GCM,
358 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
360 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
362 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
378 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
380 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
382 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
398 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
400 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
402 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
418 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
421 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
422 { /* IPsec Lookaside Protocol offload ESP Transport Egress */
423 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
424 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
426 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
427 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
428 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
431 .crypto_capabilities = dpaa2_sec_capabilities
433 { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
434 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
435 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
437 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
438 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
439 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
442 .crypto_capabilities = dpaa2_sec_capabilities
445 .action = RTE_SECURITY_ACTION_TYPE_NONE
452 * @param buffer calculate chksum for buffer
453 * @param len buffer length
455 * @return checksum value in host cpu order
457 static inline uint16_t
458 calc_chksum(void *buffer, int len)
460 uint16_t *buf = (uint16_t *)buffer;
464 for (sum = 0; len > 1; len -= 2)
468 sum += *(unsigned char *)buf;
470 sum = (sum >> 16) + (sum & 0xFFFF);
477 #endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */