drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  *
   3  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
   4  *   Copyright 2016 NXP
   5  *
   6  */
   7
   8 #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
   9 #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
  10
  11 #define CRYPTODEV_NAME_DPAA2_SEC_PMD    crypto_dpaa2_sec
  12 /**< NXP DPAA2 - SEC PMD device name */
  13
  14 #define MAX_QUEUES              64
  15 #define MAX_DESC_SIZE           64
  16 /** private data structure for each DPAA2_SEC device */
  17 struct dpaa2_sec_dev_private {
  18         void *mc_portal; /**< MC Portal for configuring this device */
  19         void *hw; /**< Hardware handle for this device.Used by NADK framework */
  20         struct rte_mempool *fle_pool; /* per device memory pool for FLE */
  21         int32_t hw_id; /**< An unique ID of this device instance */
  22         int32_t vfio_fd; /**< File descriptor received via VFIO */
  23         uint16_t token; /**< Token required by DPxxx objects */
  24         unsigned int max_nb_queue_pairs;
  25         /**< Max number of queue pairs supported by device */
  26 };
  27
  28 struct dpaa2_sec_qp {
  29         struct dpaa2_queue rx_vq;
  30         struct dpaa2_queue tx_vq;
  31 };
  32
  33 enum shr_desc_type {
  34         DESC_UPDATE,
  35         DESC_FINAL,
  36         DESC_INITFINAL,
  37 };
  38
  39 #define DIR_ENC                 1
  40 #define DIR_DEC                 0
  41
  42 #define DPAA2_SET_FLC_EWS(flc)  (flc->word1_bits23_16 |= 0x1)
  43 #define DPAA2_SET_FLC_RSC(flc)  (flc->word1_bits31_24 |= 0x1)
  44 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
  45 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
  46
  47 /* SEC Flow Context Descriptor */
  48 struct sec_flow_context {
  49         /* word 0 */
  50         uint16_t word0_sdid;            /* 11-0  SDID */
  51         uint16_t word0_res;             /* 31-12 reserved */
  52
  53         /* word 1 */
  54         uint8_t word1_sdl;              /* 5-0 SDL */
  55                                         /* 7-6 reserved */
  56
  57         uint8_t word1_bits_15_8;        /* 11-8 CRID */
  58                                         /* 14-12 reserved */
  59                                         /* 15 CRJD */
  60
  61         uint8_t word1_bits23_16;        /* 16  EWS */
  62                                         /* 17 DAC */
  63                                         /* 18,19,20 ? */
  64                                         /* 23-21 reserved */
  65
  66         uint8_t word1_bits31_24;        /* 24 RSC */
  67                                         /* 25 RBMT */
  68                                         /* 31-26 reserved */
  69
  70         /* word 2  RFLC[31-0] */
  71         uint32_t word2_rflc_31_0;
  72
  73         /* word 3  RFLC[63-32] */
  74         uint32_t word3_rflc_63_32;
  75
  76         /* word 4 */
  77         uint16_t word4_iicid;           /* 15-0  IICID */
  78         uint16_t word4_oicid;           /* 31-16 OICID */
  79
  80         /* word 5 */
  81         uint32_t word5_ofqid:24;                /* 23-0 OFQID */
  82         uint32_t word5_31_24:8;
  83                                         /* 24 OSC */
  84                                         /* 25 OBMT */
  85                                         /* 29-26 reserved */
  86                                         /* 31-30 ICR */
  87
  88         /* word 6 */
  89         uint32_t word6_oflc_31_0;
  90
  91         /* word 7 */
  92         uint32_t word7_oflc_63_32;
  93
  94         /* Word 8-15 storage profiles */
  95         uint16_t dl;                    /**<  DataLength(correction) */
  96         uint16_t reserved;              /**< reserved */
  97         uint16_t dhr;                   /**< DataHeadRoom(correction) */
  98         uint16_t mode_bits;             /**< mode bits */
  99         uint16_t bpv0;                  /**< buffer pool0 valid */
 100         uint16_t bpid0;                 /**< Bypass Memory Translation */
 101         uint16_t bpv1;                  /**< buffer pool1 valid */
 102         uint16_t bpid1;                 /**< Bypass Memory Translation */
 103         uint64_t word_12_15[2];         /**< word 12-15 are reserved */
 104 };
 105
 106 struct sec_flc_desc {
 107         struct sec_flow_context flc;
 108         uint32_t desc[MAX_DESC_SIZE];
 109 };
 110
 111 struct ctxt_priv {
 112         struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 113         struct sec_flc_desc flc_desc[0];
 114 };
 115
 116 enum dpaa2_sec_op_type {
 117         DPAA2_SEC_NONE,  /*!< No Cipher operations*/
 118         DPAA2_SEC_CIPHER,/*!< CIPHER operations */
 119         DPAA2_SEC_AUTH,  /*!< Authentication Operations */
 120         DPAA2_SEC_AEAD,  /*!< AEAD (AES-GCM/CCM) type operations */
 121         DPAA2_SEC_CIPHER_HASH,  /*!< Authenticated Encryption with
 122                                  * associated data
 123                                  */
 124         DPAA2_SEC_HASH_CIPHER,  /*!< Encryption with Authenticated
 125                                  * associated data
 126                                  */
 127         DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
 128         DPAA2_SEC_PDCP,  /*!< PDCP protocol operations*/
 129         DPAA2_SEC_PKC,   /*!< Public Key Cryptographic Operations */
 130         DPAA2_SEC_MAX
 131 };
 132
 133 struct dpaa2_sec_aead_ctxt {
 134         uint16_t auth_only_len; /*!< Length of data for Auth only */
 135         uint8_t auth_cipher_text;       /**< Authenticate/cipher ordering */
 136 };
 137
 138 typedef struct dpaa2_sec_session_entry {
 139         void *ctxt;
 140         uint8_t ctxt_type;
 141         uint8_t dir;         /*!< Operation Direction */
 142         enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
 143         enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
 144         enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
 145         union {
 146                 struct {
 147                         uint8_t *data;  /**< pointer to key data */
 148                         size_t length;  /**< key length in bytes */
 149                 } aead_key;
 150                 struct {
 151                         struct {
 152                                 uint8_t *data;  /**< pointer to key data */
 153                                 size_t length;  /**< key length in bytes */
 154                         } cipher_key;
 155                         struct {
 156                                 uint8_t *data;  /**< pointer to key data */
 157                                 size_t length;  /**< key length in bytes */
 158                         } auth_key;
 159                 };
 160         };
 161         struct {
 162                 uint16_t length; /**< IV length in bytes */
 163                 uint16_t offset; /**< IV offset in bytes */
 164         } iv;
 165         uint16_t digest_length;
 166         uint8_t status;
 167         union {
 168                 struct dpaa2_sec_aead_ctxt aead_ctxt;
 169         } ext_params;
 170 } dpaa2_sec_session;
 171
 172 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
 173         {       /* MD5 HMAC */
 174                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 175                 {.sym = {
 176                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 177                         {.auth = {
 178                                 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
 179                                 .block_size = 64,
 180                                 .key_size = {
 181                                         .min = 1,
 182                                         .max = 64,
 183                                         .increment = 1
 184                                 },
 185                                 .digest_size = {
 186                                         .min = 1,
 187                                         .max = 16,
 188                                         .increment = 1
 189                                 },
 190                                 .iv_size = { 0 }
 191                         }, }
 192                 }, }
 193         },
 194         {       /* SHA1 HMAC */
 195                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 196                 {.sym = {
 197                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 198                         {.auth = {
 199                                 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
 200                                 .block_size = 64,
 201                                 .key_size = {
 202                                         .min = 1,
 203                                         .max = 64,
 204                                         .increment = 1
 205                                 },
 206                                 .digest_size = {
 207                                         .min = 1,
 208                                         .max = 20,
 209                                         .increment = 1
 210                                 },
 211                                 .iv_size = { 0 }
 212                         }, }
 213                 }, }
 214         },
 215         {       /* SHA224 HMAC */
 216                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 217                 {.sym = {
 218                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 219                         {.auth = {
 220                                 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
 221                                 .block_size = 64,
 222                                 .key_size = {
 223                                         .min = 1,
 224                                         .max = 64,
 225                                         .increment = 1
 226                                 },
 227                                 .digest_size = {
 228                                         .min = 1,
 229                                         .max = 28,
 230                                         .increment = 1
 231                                 },
 232                                 .iv_size = { 0 }
 233                         }, }
 234                 }, }
 235         },
 236         {       /* SHA256 HMAC */
 237                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 238                 {.sym = {
 239                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 240                         {.auth = {
 241                                 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
 242                                 .block_size = 64,
 243                                 .key_size = {
 244                                         .min = 1,
 245                                         .max = 64,
 246                                         .increment = 1
 247                                 },
 248                                 .digest_size = {
 249                                         .min = 1,
 250                                         .max = 32,
 251                                         .increment = 1
 252                                 },
 253                                 .iv_size = { 0 }
 254                                 }, }
 255                         }, }
 256                 },
 257         {       /* SHA384 HMAC */
 258                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 259                 {.sym = {
 260                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 261                         {.auth = {
 262                                 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
 263                                 .block_size = 128,
 264                                 .key_size = {
 265                                         .min = 1,
 266                                         .max = 128,
 267                                         .increment = 1
 268                                 },
 269                                 .digest_size = {
 270                                         .min = 1,
 271                                         .max = 48,
 272                                         .increment = 1
 273                                 },
 274                                 .iv_size = { 0 }
 275                         }, }
 276                 }, }
 277         },
 278         {       /* SHA512 HMAC */
 279                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 280                 {.sym = {
 281                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 282                         {.auth = {
 283                                 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
 284                                 .block_size = 128,
 285                                 .key_size = {
 286                                         .min = 1,
 287                                         .max = 128,
 288                                         .increment = 1
 289                                 },
 290                                 .digest_size = {
 291                                         .min = 1,
 292                                         .max = 64,
 293                                         .increment = 1
 294                                 },
 295                                 .iv_size = { 0 }
 296                         }, }
 297                 }, }
 298         },
 299         {       /* AES GCM */
 300                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 301                 {.sym = {
 302                         .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
 303                         {.aead = {
 304                                 .algo = RTE_CRYPTO_AEAD_AES_GCM,
 305                                 .block_size = 16,
 306                                 .key_size = {
 307                                         .min = 16,
 308                                         .max = 32,
 309                                         .increment = 8
 310                                 },
 311                                 .digest_size = {
 312                                         .min = 8,
 313                                         .max = 16,
 314                                         .increment = 4
 315                                 },
 316                                 .aad_size = {
 317                                         .min = 0,
 318                                         .max = 240,
 319                                         .increment = 1
 320                                 },
 321                                 .iv_size = {
 322                                         .min = 12,
 323                                         .max = 12,
 324                                         .increment = 0
 325                                 },
 326                         }, }
 327                 }, }
 328         },
 329         {       /* AES CBC */
 330                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 331                 {.sym = {
 332                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 333                         {.cipher = {
 334                                 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
 335                                 .block_size = 16,
 336                                 .key_size = {
 337                                         .min = 16,
 338                                         .max = 32,
 339                                         .increment = 8
 340                                 },
 341                                 .iv_size = {
 342                                         .min = 16,
 343                                         .max = 16,
 344                                         .increment = 0
 345                                 }
 346                         }, }
 347                 }, }
 348         },
 349         {       /* AES CTR */
 350                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 351                 {.sym = {
 352                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 353                         {.cipher = {
 354                                 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
 355                                 .block_size = 16,
 356                                 .key_size = {
 357                                         .min = 16,
 358                                         .max = 32,
 359                                         .increment = 8
 360                                 },
 361                                 .iv_size = {
 362                                         .min = 16,
 363                                         .max = 16,
 364                                         .increment = 0
 365                                 },
 366                         }, }
 367                 }, }
 368         },
 369         {       /* 3DES CBC */
 370                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 371                 {.sym = {
 372                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 373                         {.cipher = {
 374                                 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
 375                                 .block_size = 8,
 376                                 .key_size = {
 377                                         .min = 16,
 378                                         .max = 24,
 379                                         .increment = 8
 380                                 },
 381                                 .iv_size = {
 382                                         .min = 8,
 383                                         .max = 8,
 384                                         .increment = 0
 385                                 }
 386                         }, }
 387                 }, }
 388         },
 389
 390         RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 391 };
 392
 393 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
 394         { /* IPsec Lookaside Protocol offload ESP Transport Egress */
 395                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 396                 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
 397                 .ipsec = {
 398                         .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 399                         .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 400                         .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
 401                         .options = { 0 }
 402                 },
 403                 .crypto_capabilities = dpaa2_sec_capabilities
 404         },
 405         { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
 406                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 407                 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
 408                 .ipsec = {
 409                         .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 410                         .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 411                         .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
 412                         .options = { 0 }
 413                 },
 414                 .crypto_capabilities = dpaa2_sec_capabilities
 415         },
 416         {
 417                 .action = RTE_SECURITY_ACTION_TYPE_NONE
 418         }
 419 };
 420
 421 /**
 422  * Checksum
 423  *
 424  * @param buffer calculate chksum for buffer
 425  * @param len    buffer length
 426  *
 427  * @return checksum value in host cpu order
 428  */
 429 static inline uint16_t
 430 calc_chksum(void *buffer, int len)
 431 {
 432         uint16_t *buf = (uint16_t *)buffer;
 433         uint32_t sum = 0;
 434         uint16_t result;
 435
 436         for (sum = 0; len > 1; len -= 2)
 437                 sum += *buf++;
 438
 439         if (len == 1)
 440                 sum += *(unsigned char *)buf;
 441
 442         sum = (sum >> 16) + (sum & 0xFFFF);
 443         sum += (sum >> 16);
 444         result = ~sum;
 445
 446         return  result;
 447 }
 448
 449 #endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */