drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  *
   3  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
   4  *   Copyright 2016 NXP
   5  *
   6  */
   7
   8 #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
   9 #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
  10
  11 #define CRYPTODEV_NAME_DPAA2_SEC_PMD    crypto_dpaa2_sec
  12 /**< NXP DPAA2 - SEC PMD device name */
  13
  14 #define MAX_QUEUES              64
  15 #define MAX_DESC_SIZE           64
  16 /** private data structure for each DPAA2_SEC device */
  17 struct dpaa2_sec_dev_private {
  18         void *mc_portal; /**< MC Portal for configuring this device */
  19         void *hw; /**< Hardware handle for this device.Used by NADK framework */
  20         struct rte_mempool *fle_pool; /* per device memory pool for FLE */
  21         int32_t hw_id; /**< An unique ID of this device instance */
  22         int32_t vfio_fd; /**< File descriptor received via VFIO */
  23         uint16_t token; /**< Token required by DPxxx objects */
  24         unsigned int max_nb_queue_pairs;
  25         /**< Max number of queue pairs supported by device */
  26         unsigned int max_nb_sessions;
  27         /**< Max number of sessions supported by device */
  28 };
  29
  30 struct dpaa2_sec_qp {
  31         struct dpaa2_queue rx_vq;
  32         struct dpaa2_queue tx_vq;
  33 };
  34
  35 enum shr_desc_type {
  36         DESC_UPDATE,
  37         DESC_FINAL,
  38         DESC_INITFINAL,
  39 };
  40
  41 #define DIR_ENC                 1
  42 #define DIR_DEC                 0
  43
  44 #define DPAA2_SET_FLC_EWS(flc)  (flc->word1_bits23_16 |= 0x1)
  45 #define DPAA2_SET_FLC_RSC(flc)  (flc->word1_bits31_24 |= 0x1)
  46 #define DPAA2_SET_FLC_REUSE_BS(flc) (flc->mode_bits |= 0x8000)
  47 #define DPAA2_SET_FLC_REUSE_FF(flc) (flc->mode_bits |= 0x2000)
  48
  49 /* SEC Flow Context Descriptor */
  50 struct sec_flow_context {
  51         /* word 0 */
  52         uint16_t word0_sdid;            /* 11-0  SDID */
  53         uint16_t word0_res;             /* 31-12 reserved */
  54
  55         /* word 1 */
  56         uint8_t word1_sdl;              /* 5-0 SDL */
  57                                         /* 7-6 reserved */
  58
  59         uint8_t word1_bits_15_8;        /* 11-8 CRID */
  60                                         /* 14-12 reserved */
  61                                         /* 15 CRJD */
  62
  63         uint8_t word1_bits23_16;        /* 16  EWS */
  64                                         /* 17 DAC */
  65                                         /* 18,19,20 ? */
  66                                         /* 23-21 reserved */
  67
  68         uint8_t word1_bits31_24;        /* 24 RSC */
  69                                         /* 25 RBMT */
  70                                         /* 31-26 reserved */
  71
  72         /* word 2  RFLC[31-0] */
  73         uint32_t word2_rflc_31_0;
  74
  75         /* word 3  RFLC[63-32] */
  76         uint32_t word3_rflc_63_32;
  77
  78         /* word 4 */
  79         uint16_t word4_iicid;           /* 15-0  IICID */
  80         uint16_t word4_oicid;           /* 31-16 OICID */
  81
  82         /* word 5 */
  83         uint32_t word5_ofqid:24;                /* 23-0 OFQID */
  84         uint32_t word5_31_24:8;
  85                                         /* 24 OSC */
  86                                         /* 25 OBMT */
  87                                         /* 29-26 reserved */
  88                                         /* 31-30 ICR */
  89
  90         /* word 6 */
  91         uint32_t word6_oflc_31_0;
  92
  93         /* word 7 */
  94         uint32_t word7_oflc_63_32;
  95
  96         /* Word 8-15 storage profiles */
  97         uint16_t dl;                    /**<  DataLength(correction) */
  98         uint16_t reserved;              /**< reserved */
  99         uint16_t dhr;                   /**< DataHeadRoom(correction) */
 100         uint16_t mode_bits;             /**< mode bits */
 101         uint16_t bpv0;                  /**< buffer pool0 valid */
 102         uint16_t bpid0;                 /**< Bypass Memory Translation */
 103         uint16_t bpv1;                  /**< buffer pool1 valid */
 104         uint16_t bpid1;                 /**< Bypass Memory Translation */
 105         uint64_t word_12_15[2];         /**< word 12-15 are reserved */
 106 };
 107
 108 struct sec_flc_desc {
 109         struct sec_flow_context flc;
 110         uint32_t desc[MAX_DESC_SIZE];
 111 };
 112
 113 struct ctxt_priv {
 114         struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 115         struct sec_flc_desc flc_desc[0];
 116 };
 117
 118 enum dpaa2_sec_op_type {
 119         DPAA2_SEC_NONE,  /*!< No Cipher operations*/
 120         DPAA2_SEC_CIPHER,/*!< CIPHER operations */
 121         DPAA2_SEC_AUTH,  /*!< Authentication Operations */
 122         DPAA2_SEC_AEAD,  /*!< AEAD (AES-GCM/CCM) type operations */
 123         DPAA2_SEC_CIPHER_HASH,  /*!< Authenticated Encryption with
 124                                  * associated data
 125                                  */
 126         DPAA2_SEC_HASH_CIPHER,  /*!< Encryption with Authenticated
 127                                  * associated data
 128                                  */
 129         DPAA2_SEC_IPSEC, /*!< IPSEC protocol operations*/
 130         DPAA2_SEC_PDCP,  /*!< PDCP protocol operations*/
 131         DPAA2_SEC_PKC,   /*!< Public Key Cryptographic Operations */
 132         DPAA2_SEC_MAX
 133 };
 134
 135 struct dpaa2_sec_aead_ctxt {
 136         uint16_t auth_only_len; /*!< Length of data for Auth only */
 137         uint8_t auth_cipher_text;       /**< Authenticate/cipher ordering */
 138 };
 139
 140 typedef struct dpaa2_sec_session_entry {
 141         void *ctxt;
 142         uint8_t ctxt_type;
 143         uint8_t dir;         /*!< Operation Direction */
 144         enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
 145         enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
 146         enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
 147         union {
 148                 struct {
 149                         uint8_t *data;  /**< pointer to key data */
 150                         size_t length;  /**< key length in bytes */
 151                 } aead_key;
 152                 struct {
 153                         struct {
 154                                 uint8_t *data;  /**< pointer to key data */
 155                                 size_t length;  /**< key length in bytes */
 156                         } cipher_key;
 157                         struct {
 158                                 uint8_t *data;  /**< pointer to key data */
 159                                 size_t length;  /**< key length in bytes */
 160                         } auth_key;
 161                 };
 162         };
 163         struct {
 164                 uint16_t length; /**< IV length in bytes */
 165                 uint16_t offset; /**< IV offset in bytes */
 166         } iv;
 167         uint16_t digest_length;
 168         uint8_t status;
 169         union {
 170                 struct dpaa2_sec_aead_ctxt aead_ctxt;
 171         } ext_params;
 172 } dpaa2_sec_session;
 173
 174 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
 175         {       /* MD5 HMAC */
 176                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 177                 {.sym = {
 178                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 179                         {.auth = {
 180                                 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
 181                                 .block_size = 64,
 182                                 .key_size = {
 183                                         .min = 1,
 184                                         .max = 64,
 185                                         .increment = 1
 186                                 },
 187                                 .digest_size = {
 188                                         .min = 16,
 189                                         .max = 16,
 190                                         .increment = 0
 191                                 },
 192                                 .iv_size = { 0 }
 193                         }, }
 194                 }, }
 195         },
 196         {       /* SHA1 HMAC */
 197                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 198                 {.sym = {
 199                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 200                         {.auth = {
 201                                 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
 202                                 .block_size = 64,
 203                                 .key_size = {
 204                                         .min = 1,
 205                                         .max = 64,
 206                                         .increment = 1
 207                                 },
 208                                 .digest_size = {
 209                                         .min = 20,
 210                                         .max = 20,
 211                                         .increment = 0
 212                                 },
 213                                 .iv_size = { 0 }
 214                         }, }
 215                 }, }
 216         },
 217         {       /* SHA224 HMAC */
 218                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 219                 {.sym = {
 220                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 221                         {.auth = {
 222                                 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
 223                                 .block_size = 64,
 224                                 .key_size = {
 225                                         .min = 1,
 226                                         .max = 64,
 227                                         .increment = 1
 228                                 },
 229                                 .digest_size = {
 230                                         .min = 28,
 231                                         .max = 28,
 232                                         .increment = 0
 233                                 },
 234                                 .iv_size = { 0 }
 235                         }, }
 236                 }, }
 237         },
 238         {       /* SHA256 HMAC */
 239                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 240                 {.sym = {
 241                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 242                         {.auth = {
 243                                 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
 244                                 .block_size = 64,
 245                                 .key_size = {
 246                                         .min = 1,
 247                                         .max = 64,
 248                                         .increment = 1
 249                                 },
 250                                 .digest_size = {
 251                                                 .min = 32,
 252                                                 .max = 32,
 253                                                 .increment = 0
 254                                 },
 255                                 .iv_size = { 0 }
 256                                 }, }
 257                         }, }
 258                 },
 259         {       /* SHA384 HMAC */
 260                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 261                 {.sym = {
 262                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 263                         {.auth = {
 264                                 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
 265                                 .block_size = 128,
 266                                 .key_size = {
 267                                         .min = 1,
 268                                         .max = 128,
 269                                         .increment = 1
 270                                 },
 271                                 .digest_size = {
 272                                         .min = 48,
 273                                         .max = 48,
 274                                         .increment = 0
 275                                 },
 276                                 .iv_size = { 0 }
 277                         }, }
 278                 }, }
 279         },
 280         {       /* SHA512 HMAC */
 281                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 282                 {.sym = {
 283                         .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
 284                         {.auth = {
 285                                 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
 286                                 .block_size = 128,
 287                                 .key_size = {
 288                                         .min = 1,
 289                                         .max = 128,
 290                                         .increment = 1
 291                                 },
 292                                 .digest_size = {
 293                                         .min = 64,
 294                                         .max = 64,
 295                                         .increment = 0
 296                                 },
 297                                 .iv_size = { 0 }
 298                         }, }
 299                 }, }
 300         },
 301         {       /* AES GCM */
 302                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 303                 {.sym = {
 304                         .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
 305                         {.aead = {
 306                                 .algo = RTE_CRYPTO_AEAD_AES_GCM,
 307                                 .block_size = 16,
 308                                 .key_size = {
 309                                         .min = 16,
 310                                         .max = 32,
 311                                         .increment = 8
 312                                 },
 313                                 .digest_size = {
 314                                         .min = 8,
 315                                         .max = 16,
 316                                         .increment = 4
 317                                 },
 318                                 .aad_size = {
 319                                         .min = 0,
 320                                         .max = 240,
 321                                         .increment = 1
 322                                 },
 323                                 .iv_size = {
 324                                         .min = 12,
 325                                         .max = 12,
 326                                         .increment = 0
 327                                 },
 328                         }, }
 329                 }, }
 330         },
 331         {       /* AES CBC */
 332                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 333                 {.sym = {
 334                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 335                         {.cipher = {
 336                                 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
 337                                 .block_size = 16,
 338                                 .key_size = {
 339                                         .min = 16,
 340                                         .max = 32,
 341                                         .increment = 8
 342                                 },
 343                                 .iv_size = {
 344                                         .min = 16,
 345                                         .max = 16,
 346                                         .increment = 0
 347                                 }
 348                         }, }
 349                 }, }
 350         },
 351         {       /* AES CTR */
 352                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 353                 {.sym = {
 354                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 355                         {.cipher = {
 356                                 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
 357                                 .block_size = 16,
 358                                 .key_size = {
 359                                         .min = 16,
 360                                         .max = 32,
 361                                         .increment = 8
 362                                 },
 363                                 .iv_size = {
 364                                         .min = 16,
 365                                         .max = 16,
 366                                         .increment = 0
 367                                 },
 368                         }, }
 369                 }, }
 370         },
 371         {       /* 3DES CBC */
 372                 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 373                 {.sym = {
 374                         .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 375                         {.cipher = {
 376                                 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
 377                                 .block_size = 8,
 378                                 .key_size = {
 379                                         .min = 16,
 380                                         .max = 24,
 381                                         .increment = 8
 382                                 },
 383                                 .iv_size = {
 384                                         .min = 8,
 385                                         .max = 8,
 386                                         .increment = 0
 387                                 }
 388                         }, }
 389                 }, }
 390         },
 391
 392         RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 393 };
 394
 395 static const struct rte_security_capability dpaa2_sec_security_cap[] = {
 396         { /* IPsec Lookaside Protocol offload ESP Transport Egress */
 397                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 398                 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
 399                 .ipsec = {
 400                         .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 401                         .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 402                         .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
 403                         .options = { 0 }
 404                 },
 405                 .crypto_capabilities = dpaa2_sec_capabilities
 406         },
 407         { /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
 408                 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 409                 .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
 410                 .ipsec = {
 411                         .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 412                         .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 413                         .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
 414                         .options = { 0 }
 415                 },
 416                 .crypto_capabilities = dpaa2_sec_capabilities
 417         },
 418         {
 419                 .action = RTE_SECURITY_ACTION_TYPE_NONE
 420         }
 421 };
 422
 423 /**
 424  * Checksum
 425  *
 426  * @param buffer calculate chksum for buffer
 427  * @param len    buffer length
 428  *
 429  * @return checksum value in host cpu order
 430  */
 431 static inline uint16_t
 432 calc_chksum(void *buffer, int len)
 433 {
 434         uint16_t *buf = (uint16_t *)buffer;
 435         uint32_t sum = 0;
 436         uint16_t result;
 437
 438         for (sum = 0; len > 1; len -= 2)
 439                 sum += *buf++;
 440
 441         if (len == 1)
 442                 sum += *(unsigned char *)buf;
 443
 444         sum = (sum >> 16) + (sum & 0xFFFF);
 445         sum += (sum >> 16);
 446         result = ~sum;
 447
 448         return  result;
 449 }
 450
 451 #endif /* _RTE_DPAA2_SEC_PMD_PRIVATE_H_ */