* [PATCH v2 01/15] crypto/cnxk: clear rptr and dptr fields
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 02/15] common/cnxk: update SE context fields to match ucode spec Tejasree Kondoj
` (15 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
From: Anoob Joseph <anoobj@marvell.com>
With SG version 2, hw requires valid rptr & dptr values.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 2 ++
drivers/crypto/cnxk/cnxk_se.h | 1 +
2 files changed, 3 insertions(+)
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index e405a2ad9f..75ad3b99f5 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -414,6 +414,8 @@ cn10k_cpt_vec_inst_fill(struct vec_request *vec_req, struct cpt_inst_s *inst,
inst->w2.u64 = vec_req->w2;
inst->w3.u64 = CNXK_CPT_INST_W3(1, infl_req);
inst->w4.u64 = w4.u64;
+ inst->w5.u64 = 0;
+ inst->w6.u64 = 0;
inst->w7.u64 = w7.u64;
}
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 75c1dce231..edd929d330 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -2877,6 +2877,7 @@ fill_passthrough_params(struct rte_crypto_op *cop, struct cpt_inst_s *inst)
inst->w0.u64 = 0;
inst->w5.u64 = 0;
+ inst->w6.u64 = 0;
inst->w4.u64 = w4.u64;
return 0;
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 02/15] common/cnxk: update SE context fields to match ucode spec
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 01/15] crypto/cnxk: clear rptr and dptr fields Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 03/15] common/cnxk: set cipher key only for non-null cipher Tejasree Kondoj
` (14 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Vidya Sagar Velumuri, Anoob Joseph, Aakash Sasidharan,
Gowrishankar Muthukrishnan, dev
From: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Update the fields in SE context and rename to keep it in sync with
microcode spec.
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
drivers/common/cnxk/roc_se.h | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index 008ab31912..d540d70616 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -183,13 +183,15 @@ typedef enum {
struct roc_se_enc_context {
uint64_t iv_source : 1;
uint64_t aes_key : 2;
- uint64_t rsvd_60 : 1;
+ uint64_t rsvd_59 : 1;
uint64_t enc_cipher : 4;
uint64_t auth_input_type : 1;
- uint64_t rsvd_52_54 : 3;
+ uint64_t auth_key_src : 1;
+ uint64_t rsvd_50_51 : 2;
uint64_t hash_type : 4;
uint64_t mac_len : 8;
- uint64_t rsvd_39_0 : 40;
+ uint64_t rsvd_16_39 : 24;
+ uint64_t hmac_key_sz : 16;
uint8_t encr_key[32];
uint8_t encr_iv[16];
};
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 03/15] common/cnxk: set cipher key only for non-null cipher
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 01/15] crypto/cnxk: clear rptr and dptr fields Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 02/15] common/cnxk: update SE context fields to match ucode spec Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 04/15] crypto/cnxk: update private key length in ECDSA param Tejasree Kondoj
` (13 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
From: Anoob Joseph <anoobj@marvell.com>
Set cipher key only for non-NULL cipher algorithms only.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
drivers/common/cnxk/roc_se.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/drivers/common/cnxk/roc_se.c b/drivers/common/cnxk/roc_se.c
index 2662297315..6ced4ef789 100644
--- a/drivers/common/cnxk/roc_se.c
+++ b/drivers/common/cnxk/roc_se.c
@@ -58,9 +58,6 @@ cpt_ciph_type_set(roc_se_cipher_type type, struct roc_se_ctx *ctx, uint16_t key_
int fc_type = 0;
switch (type) {
- case ROC_SE_PASSTHROUGH:
- fc_type = ROC_SE_FC_GEN;
- break;
case ROC_SE_DES3_CBC:
case ROC_SE_DES3_ECB:
case ROC_SE_DES_DOCSISBPI:
@@ -526,6 +523,10 @@ roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type, const ui
uint8_t *ci_key;
int i, ret;
+ /* For NULL cipher, no processing required. */
+ if (type == ROC_SE_PASSTHROUGH)
+ return 0;
+
zs_ch_ctx = &se_ctx->se_ctx.zs_ch_ctx;
if (roc_model_is_cn9k()) {
@@ -555,10 +556,6 @@ roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type, const ui
}
switch (type) {
- case ROC_SE_PASSTHROUGH:
- se_ctx->enc_cipher = 0;
- fctx->enc.enc_cipher = 0;
- goto success;
case ROC_SE_DES3_CBC:
/* CPT performs DES using 3DES with the 8B DES-key
* replicated 2 more times to match the 24B 3DES-key.
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 04/15] crypto/cnxk: update private key length in ECDSA param
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (2 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 03/15] common/cnxk: set cipher key only for non-null cipher Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 05/15] crypto/cnxk: fix IPsec CCM and GCM capabilities Tejasree Kondoj
` (12 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Gowrishankar Muthukrishnan, Anoob Joseph, Aakash Sasidharan,
Vidya Sagar Velumuri, dev
From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Updating private key length in ECDSA op param to include alignment,
for new microcode.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
drivers/crypto/cnxk/cnxk_ae.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index 7ad259b7f4..209bcd0b43 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -527,7 +527,7 @@ cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
/* Set write offset for order and private key */
o_offset = prime_len - order_len;
- pk_offset = prime_len - pkey_len;
+ pk_offset = p_align - pkey_len;
/* Input buffer */
dptr = meta_buf->vaddr;
@@ -572,7 +572,7 @@ cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
w4.s.opcode_minor = ROC_AE_MINOR_OP_ECDSA_SIGN;
w4.s.param1 = curveid | (message_len << 8);
- w4.s.param2 = (pkey_len << 8) | k_len;
+ w4.s.param2 = (p_align << 8) | k_len;
w4.s.dlen = dlen;
inst->w4.u64 = w4.u64;
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 05/15] crypto/cnxk: fix IPsec CCM and GCM capabilities
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (3 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 04/15] crypto/cnxk: update private key length in ECDSA param Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 06/15] crypto/cnxk: remove pdcp chain bit from capabilities Tejasree Kondoj
` (11 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
Fix lookaside IPsec AES-CCM and AES-GCM capabilities. The patch to
fix AES-CCM capabilities was applied incorrectly which resulted in
wrong AES-GCM capabilities. Fix the same and update AES-CCM to correct
values.
Fixes: eb581897e580 ("crypto/cnxk: fix IPsec CCM capabilities")
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 4c6357353e..ac4a8c1572 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1180,8 +1180,8 @@ static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
.increment = 4
},
.iv_size = {
- .min = 11,
- .max = 11,
+ .min = 12,
+ .max = 12,
.increment = 0
}
}, }
@@ -1210,8 +1210,8 @@ static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
.increment = 4
},
.iv_size = {
- .min = 12,
- .max = 12,
+ .min = 11,
+ .max = 11,
.increment = 0
}
}, }
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 06/15] crypto/cnxk: remove pdcp chain bit from capabilities
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (4 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 05/15] crypto/cnxk: fix IPsec CCM and GCM capabilities Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 07/15] crypto/cnxk: check for sg version in SE engine capabilities Tejasree Kondoj
` (10 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
Removing pdcp_chain bit from capabilities as it is
supported on all platforms.
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/common/cnxk/hw/cpt.h | 3 +--
drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 15 ++++-----------
2 files changed, 5 insertions(+), 13 deletions(-)
diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h
index 5e1519e202..96a863322a 100644
--- a/drivers/common/cnxk/hw/cpt.h
+++ b/drivers/common/cnxk/hw/cpt.h
@@ -76,8 +76,7 @@ union cpt_eng_caps {
uint64_t __io reserved_15_20 : 6;
uint64_t __io sm3 : 1;
uint64_t __io sm4 : 1;
- uint64_t __io reserved_23_33 : 11;
- uint64_t __io pdcp_chain : 1;
+ uint64_t __io reserved_23_34 : 12;
uint64_t __io sg_ver2 : 1;
uint64_t __io reserved_36_63 : 28;
};
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 50150d3f06..99bf853234 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -484,18 +484,13 @@ is_valid_pdcp_cipher_alg(struct rte_crypto_sym_xform *c_xfrm,
}
static int
-cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform,
- struct cnxk_se_sess *sess)
+cnxk_sess_fill(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
{
struct rte_crypto_sym_xform *aead_xfrm = NULL;
struct rte_crypto_sym_xform *c_xfrm = NULL;
struct rte_crypto_sym_xform *a_xfrm = NULL;
- bool pdcp_chain_supported = false;
bool ciph_then_auth = false;
- if (roc_cpt->hw_caps[CPT_ENG_TYPE_SE].pdcp_chain)
- pdcp_chain_supported = true;
-
if (xform == NULL)
return -EINVAL;
@@ -591,8 +586,7 @@ cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform,
case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
case RTE_CRYPTO_AUTH_ZUC_EIA3:
case RTE_CRYPTO_AUTH_AES_CMAC:
- if (!pdcp_chain_supported ||
- !is_valid_pdcp_cipher_alg(c_xfrm, sess))
+ if (!is_valid_pdcp_cipher_alg(c_xfrm, sess))
return -ENOTSUP;
break;
default:
@@ -627,8 +621,7 @@ cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform,
case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
case RTE_CRYPTO_AUTH_ZUC_EIA3:
case RTE_CRYPTO_AUTH_AES_CMAC:
- if (!pdcp_chain_supported ||
- !is_valid_pdcp_cipher_alg(c_xfrm, sess))
+ if (!is_valid_pdcp_cipher_alg(c_xfrm, sess))
return -ENOTSUP;
break;
default:
@@ -679,7 +672,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xfor
if (is_session_less)
memset(sess_priv, 0, sizeof(struct cnxk_se_sess));
- ret = cnxk_sess_fill(roc_cpt, xform, sess_priv);
+ ret = cnxk_sess_fill(xform, sess_priv);
if (ret)
goto priv_put;
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 07/15] crypto/cnxk: check for sg version in SE engine capabilities
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (5 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 06/15] crypto/cnxk: remove pdcp chain bit from capabilities Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 08/15] crypto/cnxk: fix control flow issues Tejasree Kondoj
` (9 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Vidya Sagar Velumuri, Anoob Joseph, Aakash Sasidharan,
Gowrishankar Muthukrishnan, dev
From: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Check for supported SG version in SE engine capabilities.
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index ac4a8c1572..fd91dec08f 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1619,7 +1619,7 @@ static void
cn10k_crypto_caps_add(struct rte_cryptodev_capabilities cnxk_caps[],
union cpt_eng_caps *hw_caps, int *cur_pos)
{
- if (hw_caps->sg_ver2) {
+ if (hw_caps[CPT_ENG_TYPE_SE].sg_ver2) {
CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm3);
CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm4);
}
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 08/15] crypto/cnxk: fix control flow issues
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (6 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 07/15] crypto/cnxk: check for sg version in SE engine capabilities Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 09/15] crypto/cnxk: make IV pointers as constant Tejasree Kondoj
` (8 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Vidya Sagar Velumuri, Anoob Joseph, Aakash Sasidharan,
Gowrishankar Muthukrishnan, dev
From: Vidya Sagar Velumuri <vvelumuri@marvell.com>
This patch fixes below coverity issues.
Coverity issue: 393678
Fixes: 21c1c303148b ("crypto/cnxk: support SM4")
Coverity issue: 393679
Fixes: 21c1c303148b ("crypto/cnxk: support SM4")
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
drivers/crypto/cnxk/cnxk_se.h | 22 +++++-----------------
1 file changed, 5 insertions(+), 17 deletions(-)
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index edd929d330..bf70b0a57c 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -1070,7 +1070,6 @@ cpt_sm_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, struct roc_se_fc_p
iv_len = 0;
encr_offset += iv_len;
- enc_dlen = encr_data_len + encr_offset;
enc_dlen = RTE_ALIGN_CEIL(encr_data_len, 8) + encr_offset;
inputlen = enc_dlen;
@@ -2543,11 +2542,6 @@ fill_sm_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
char src[SRC_IOV_SIZE];
char dst[SRC_IOV_SIZE];
void *mdata = NULL;
-#ifdef CPT_ALWAYS_USE_SG_MODE
- uint8_t inplace = 0;
-#else
- uint8_t inplace = 1;
-#endif
uint32_t flags = 0;
int ret;
@@ -2577,11 +2571,9 @@ fill_sm_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
fc_params.ctx = &sess->roc_se_ctx;
- if (likely(!m_dst && inplace)) {
+ if (m_dst == NULL) {
fc_params.dst_iov = fc_params.src_iov = (void *)src;
-
prepare_iov_from_pkt_inplace(m_src, &fc_params, &flags);
-
} else {
/* Out of place processing */
fc_params.src_iov = (void *)src;
@@ -2594,14 +2586,10 @@ fill_sm_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
goto err_exit;
}
- if (unlikely(m_dst != NULL)) {
- if (prepare_iov_from_pkt(m_dst, fc_params.dst_iov, 0)) {
- plt_dp_err("Prepare dst iov failed for m_dst %p", m_dst);
- ret = -EINVAL;
- goto err_exit;
- }
- } else {
- fc_params.dst_iov = (void *)src;
+ if (prepare_iov_from_pkt(m_dst, fc_params.dst_iov, 0)) {
+ plt_dp_err("Prepare dst iov failed for m_dst %p", m_dst);
+ ret = -EINVAL;
+ goto err_exit;
}
}
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 09/15] crypto/cnxk: make IV pointers as constant
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (7 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 08/15] crypto/cnxk: fix control flow issues Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 10/15] crypto/cnxk: set PDCP chain IV offset based on FVC Tejasree Kondoj
` (7 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
Make IV pointers as constant.
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/common/cnxk/roc_se.h | 4 +-
drivers/crypto/cnxk/cnxk_se.h | 140 +++++++++++++++++++---------------
2 files changed, 80 insertions(+), 64 deletions(-)
diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index d540d70616..2a5abd71cf 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -360,8 +360,8 @@ struct roc_se_fc_params {
struct roc_se_iov_ptr *dst_iov;
};
};
- void *iv_buf;
- void *auth_iv_buf;
+ const void *iv_buf;
+ const void *auth_iv_buf;
struct roc_se_ctx *ctx;
struct roc_se_buf_ptr meta_buf;
uint8_t cipher_iv_len;
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index bf70b0a57c..b8998d401b 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -84,10 +84,10 @@ cpt_pack_iv(uint8_t *iv_src, uint8_t *iv_dst)
}
static inline void
-pdcp_iv_copy(uint8_t *iv_d, uint8_t *iv_s, const uint8_t pdcp_alg_type,
- uint8_t pack_iv)
+pdcp_iv_copy(uint8_t *iv_d, const uint8_t *iv_s, const uint8_t pdcp_alg_type, uint8_t pack_iv)
{
- uint32_t *iv_s_temp, iv_temp[4];
+ const uint32_t *iv_s_temp;
+ uint32_t iv_temp[4];
int j;
if (unlikely(iv_s == NULL)) {
@@ -101,18 +101,37 @@ pdcp_iv_copy(uint8_t *iv_d, uint8_t *iv_s, const uint8_t pdcp_alg_type,
* and BigEndian, MC needs it as IV0 IV1 IV2 IV3
*/
- iv_s_temp = (uint32_t *)iv_s;
+ iv_s_temp = (const uint32_t *)iv_s;
for (j = 0; j < 4; j++)
iv_temp[j] = iv_s_temp[3 - j];
memcpy(iv_d, iv_temp, 16);
} else if ((pdcp_alg_type == ROC_SE_PDCP_ALG_TYPE_ZUC) ||
pdcp_alg_type == ROC_SE_PDCP_ALG_TYPE_AES_CTR) {
+ memcpy(iv_d, iv_s, 16);
if (pack_iv) {
- cpt_pack_iv(iv_s, iv_d);
- memcpy(iv_d + 6, iv_s + 8, 17);
- } else
- memcpy(iv_d, iv_s, 16);
+ uint8_t iv_d23, iv_d24;
+
+ /* Save last two bytes as only 23B IV space is available */
+ iv_d23 = iv_d[23];
+ iv_d24 = iv_d[24];
+
+ /* Copy remaining part of IV */
+ memcpy(iv_d + 16, iv_s + 16, 25 - 16);
+
+ /* Swap IV */
+ roc_se_zuc_bytes_swap(iv_d, 25);
+
+ /* Pack IV */
+ cpt_pack_iv(iv_d, iv_d);
+
+ /* Move IV */
+ for (j = 6; j < 23; j++)
+ iv_d[j] = iv_d[j + 2];
+
+ iv_d[23] = iv_d23;
+ iv_d[24] = iv_d24;
+ }
}
}
@@ -221,9 +240,9 @@ cpt_mac_len_verify(struct rte_crypto_auth_xform *auth)
static __rte_always_inline int
sg_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t offset_ctrl,
- uint8_t *iv_s, int iv_len, uint8_t pack_iv, uint8_t pdcp_alg_type, int32_t inputlen,
- int32_t outputlen, uint32_t passthrough_len, uint32_t req_flags, int pdcp_flag,
- int decrypt)
+ const uint8_t *iv_s, int iv_len, uint8_t pack_iv, uint8_t pdcp_alg_type,
+ int32_t inputlen, int32_t outputlen, uint32_t passthrough_len, uint32_t req_flags,
+ int pdcp_flag, int decrypt)
{
struct roc_sglist_comp *gather_comp, *scatter_comp;
void *m_vaddr = params->meta_buf.vaddr;
@@ -412,9 +431,9 @@ sg_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t
static __rte_always_inline int
sg2_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t offset_ctrl,
- uint8_t *iv_s, int iv_len, uint8_t pack_iv, uint8_t pdcp_alg_type, int32_t inputlen,
- int32_t outputlen, uint32_t passthrough_len, uint32_t req_flags, int pdcp_flag,
- int decrypt)
+ const uint8_t *iv_s, int iv_len, uint8_t pack_iv, uint8_t pdcp_alg_type,
+ int32_t inputlen, int32_t outputlen, uint32_t passthrough_len, uint32_t req_flags,
+ int pdcp_flag, int decrypt)
{
struct roc_sg2list_comp *gather_comp, *scatter_comp;
void *m_vaddr = params->meta_buf.vaddr;
@@ -831,9 +850,9 @@ cpt_digest_gen_sg_ver2_prep(uint32_t flags, uint64_t d_lens, struct roc_se_fc_pa
static inline int
pdcp_chain_sg1_prep(struct roc_se_fc_params *params, struct roc_se_ctx *cpt_ctx,
struct cpt_inst_s *inst, union cpt_inst_w4 w4, int32_t inputlen,
- uint8_t hdr_len, uint64_t offset_ctrl, uint32_t req_flags, uint8_t *cipher_iv,
- uint8_t *auth_iv, const int pack_iv, const uint8_t pdcp_ci_alg,
- const uint8_t pdcp_auth_alg)
+ uint8_t hdr_len, uint64_t offset_ctrl, uint32_t req_flags,
+ const uint8_t *cipher_iv, const uint8_t *auth_iv, const int pack_iv,
+ const uint8_t pdcp_ci_alg, const uint8_t pdcp_auth_alg)
{
struct roc_sglist_comp *scatter_comp, *gather_comp;
void *m_vaddr = params->meta_buf.vaddr;
@@ -940,9 +959,9 @@ pdcp_chain_sg1_prep(struct roc_se_fc_params *params, struct roc_se_ctx *cpt_ctx,
static inline int
pdcp_chain_sg2_prep(struct roc_se_fc_params *params, struct roc_se_ctx *cpt_ctx,
struct cpt_inst_s *inst, union cpt_inst_w4 w4, int32_t inputlen,
- uint8_t hdr_len, uint64_t offset_ctrl, uint32_t req_flags, uint8_t *cipher_iv,
- uint8_t *auth_iv, const int pack_iv, const uint8_t pdcp_ci_alg,
- const uint8_t pdcp_auth_alg)
+ uint8_t hdr_len, uint64_t offset_ctrl, uint32_t req_flags,
+ const uint8_t *cipher_iv, const uint8_t *auth_iv, const int pack_iv,
+ const uint8_t pdcp_ci_alg, const uint8_t pdcp_auth_alg)
{
struct roc_sg2list_comp *gather_comp, *scatter_comp;
void *m_vaddr = params->meta_buf.vaddr;
@@ -1051,12 +1070,12 @@ cpt_sm_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, struct roc_se_fc_p
int32_t inputlen, outputlen, enc_dlen;
union cpt_inst_w4 cpt_inst_w4;
uint32_t passthrough_len = 0;
+ const uint8_t *src = NULL;
struct roc_se_ctx *se_ctx;
uint32_t encr_data_len;
uint32_t encr_offset;
uint64_t offset_ctrl;
uint8_t iv_len = 16;
- uint8_t *src = NULL;
void *offset_vaddr;
int ret;
@@ -1109,7 +1128,7 @@ cpt_sm_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens, struct roc_se_fc_p
if (likely(iv_len)) {
void *dst = PLT_PTR_ADD(offset_vaddr, ROC_SE_OFF_CTRL_LEN);
- uint64_t *src = fc_params->iv_buf;
+ const uint64_t *src = fc_params->iv_buf;
rte_memcpy(dst, src, 16);
}
@@ -1142,20 +1161,19 @@ cpt_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
struct roc_se_fc_params *fc_params, struct cpt_inst_s *inst,
const bool is_sg_ver2)
{
- uint32_t iv_offset = 0;
+ uint32_t encr_data_len, auth_data_len, aad_len = 0;
+ uint32_t encr_offset, auth_offset, iv_offset = 0;
int32_t inputlen, outputlen, enc_dlen, auth_dlen;
- struct roc_se_ctx *se_ctx;
uint32_t cipher_type, hash_type;
- uint32_t mac_len;
- uint8_t iv_len = 16;
- uint32_t encr_offset, auth_offset;
- uint64_t offset_ctrl;
- uint32_t encr_data_len, auth_data_len, aad_len = 0;
- uint32_t passthrough_len = 0;
union cpt_inst_w4 cpt_inst_w4;
+ uint32_t passthrough_len = 0;
+ const uint8_t *src = NULL;
+ struct roc_se_ctx *se_ctx;
+ uint64_t offset_ctrl;
+ uint8_t iv_len = 16;
void *offset_vaddr;
uint8_t op_minor;
- uint8_t *src = NULL;
+ uint32_t mac_len;
int ret;
encr_offset = ROC_SE_ENCR_OFFSET(d_offs);
@@ -1279,7 +1297,7 @@ cpt_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
if (likely(iv_len)) {
uint64_t *dest =
(uint64_t *)((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN);
- uint64_t *src = fc_params->iv_buf;
+ const uint64_t *src = fc_params->iv_buf;
dest[0] = src[0];
dest[1] = src[1];
}
@@ -1312,19 +1330,18 @@ cpt_dec_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
struct roc_se_fc_params *fc_params, struct cpt_inst_s *inst,
const bool is_sg_ver2)
{
- uint32_t iv_offset = 0;
+ uint32_t encr_data_len, auth_data_len, aad_len = 0;
+ uint32_t encr_offset, auth_offset, iv_offset = 0;
int32_t inputlen, outputlen, enc_dlen, auth_dlen;
- struct roc_se_ctx *se_ctx;
+ union cpt_inst_w4 cpt_inst_w4;
+ uint32_t passthrough_len = 0;
int32_t hash_type, mac_len;
+ const uint8_t *src = NULL;
+ struct roc_se_ctx *se_ctx;
+ uint64_t offset_ctrl;
uint8_t iv_len = 16;
- uint32_t encr_offset, auth_offset;
- uint32_t encr_data_len, auth_data_len, aad_len = 0;
- uint32_t passthrough_len = 0;
- union cpt_inst_w4 cpt_inst_w4;
void *offset_vaddr;
uint8_t op_minor;
- uint64_t offset_ctrl;
- uint8_t *src = NULL;
int ret;
encr_offset = ROC_SE_ENCR_OFFSET(d_offs);
@@ -1437,7 +1454,7 @@ cpt_dec_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
if (likely(iv_len)) {
uint64_t *dest =
(uint64_t *)((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN);
- uint64_t *src = fc_params->iv_buf;
+ const uint64_t *src = fc_params->iv_buf;
dest[0] = src[0];
dest[1] = src[1];
}
@@ -1472,7 +1489,7 @@ cpt_pdcp_chain_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
{
uint32_t encr_data_len, auth_data_len, aad_len, passthr_len, pad_len, hdr_len;
uint32_t encr_offset, auth_offset, iv_offset = 0;
- uint8_t *auth_iv = NULL, *cipher_iv = NULL;
+ const uint8_t *auth_iv = NULL, *cipher_iv = NULL;
uint8_t pdcp_ci_alg, pdcp_auth_alg;
union cpt_inst_w4 cpt_inst_w4;
struct roc_se_ctx *se_ctx;
@@ -1581,18 +1598,18 @@ static __rte_always_inline int
cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
struct roc_se_fc_params *params, struct cpt_inst_s *inst, const bool is_sg_ver2)
{
+ uint32_t encr_data_len, auth_data_len;
+ uint32_t encr_offset, auth_offset;
+ union cpt_inst_w4 cpt_inst_w4;
int32_t inputlen, outputlen;
struct roc_se_ctx *se_ctx;
- uint32_t mac_len = 0;
- uint8_t pdcp_alg_type;
- uint32_t encr_offset, auth_offset;
- uint32_t encr_data_len, auth_data_len;
- int flags, iv_len;
- uint64_t offset_ctrl;
uint64_t *offset_vaddr;
- uint8_t *iv_s;
+ uint8_t pdcp_alg_type;
+ uint32_t mac_len = 0;
+ const uint8_t *iv_s;
uint8_t pack_iv = 0;
- union cpt_inst_w4 cpt_inst_w4;
+ uint64_t offset_ctrl;
+ int flags, iv_len;
int ret;
se_ctx = params->ctx;
@@ -1617,7 +1634,6 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
iv_len = params->auth_iv_len;
if (iv_len == 25) {
- roc_se_zuc_bytes_swap(iv_s, iv_len);
iv_len -= 2;
pack_iv = 1;
}
@@ -1653,7 +1669,6 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
pdcp_alg_type = se_ctx->pdcp_ci_alg;
if (iv_len == 25) {
- roc_se_zuc_bytes_swap(iv_s, iv_len);
iv_len -= 2;
pack_iv = 1;
}
@@ -1739,16 +1754,16 @@ static __rte_always_inline int
cpt_kasumi_enc_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
struct roc_se_fc_params *params, struct cpt_inst_s *inst, const bool is_sg_ver2)
{
+ uint32_t encr_data_len, auth_data_len;
int32_t inputlen = 0, outputlen = 0;
+ uint32_t encr_offset, auth_offset;
+ const uint8_t *iv_s, iv_len = 8;
+ union cpt_inst_w4 cpt_inst_w4;
struct roc_se_ctx *se_ctx;
+ uint64_t offset_ctrl;
uint32_t mac_len = 0;
- uint32_t encr_offset, auth_offset;
- uint32_t encr_data_len, auth_data_len;
- int flags;
- uint8_t *iv_s, iv_len = 8;
uint8_t dir = 0;
- uint64_t offset_ctrl;
- union cpt_inst_w4 cpt_inst_w4;
+ int flags;
encr_offset = ROC_SE_ENCR_OFFSET(d_offs) / 8;
auth_offset = ROC_SE_AUTH_OFFSET(d_offs) / 8;
@@ -1756,17 +1771,15 @@ cpt_kasumi_enc_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
auth_data_len = ROC_SE_AUTH_DLEN(d_lens);
se_ctx = params->ctx;
- iv_s = params->iv_buf;
flags = se_ctx->zsk_flags;
mac_len = se_ctx->mac_len;
- dir = iv_s[8] & 0x1;
cpt_inst_w4.u64 = se_ctx->template_w4.u64;
if (flags == 0x0) {
+ iv_s = params->iv_buf;
/* Consider IV len */
encr_offset += iv_len;
- auth_offset += iv_len;
inputlen = encr_offset + (RTE_ALIGN(encr_data_len, 8) / 8);
outputlen = inputlen;
@@ -1778,6 +1791,9 @@ cpt_kasumi_enc_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
return -1;
}
} else {
+ iv_s = params->auth_iv_buf;
+ dir = iv_s[8] & 0x1;
+
inputlen = auth_offset + (RTE_ALIGN(auth_data_len, 8) / 8);
outputlen = mac_len;
/* iv offset is 0 */
@@ -3206,7 +3222,7 @@ fill_digest_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
/* Store it at end of auth iv */
iv_buf[8] = direction;
- params.iv_buf = iv_buf;
+ params.auth_iv_buf = iv_buf;
}
}
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 10/15] crypto/cnxk: set PDCP chain IV offset based on FVC
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (8 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 09/15] crypto/cnxk: make IV pointers as constant Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 11/15] crypto/cnxk: minor shuffling in the sess structure Tejasree Kondoj
` (6 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
Set PDCP chain IV offset based on zuc 256 firmware
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/common/cnxk/hw/cpt.h | 4 +++-
drivers/common/cnxk/roc_se.h | 3 +++
drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 10 ++++++++--
drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 5 +++--
drivers/crypto/cnxk/cnxk_se.h | 16 ++++++++++------
5 files changed, 27 insertions(+), 11 deletions(-)
diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h
index 96a863322a..cad4ed7e79 100644
--- a/drivers/common/cnxk/hw/cpt.h
+++ b/drivers/common/cnxk/hw/cpt.h
@@ -78,7 +78,9 @@ union cpt_eng_caps {
uint64_t __io sm4 : 1;
uint64_t __io reserved_23_34 : 12;
uint64_t __io sg_ver2 : 1;
- uint64_t __io reserved_36_63 : 28;
+ uint64_t __io reserved36 : 1;
+ uint64_t __io pdcp_chain_zuc256 : 1;
+ uint64_t __io reserved_38_63 : 26;
};
};
diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index 2a5abd71cf..d8cbd58c9a 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -323,6 +323,8 @@ struct roc_se_ctx {
uint64_t ciph_then_auth : 1;
uint64_t auth_then_ciph : 1;
uint64_t eia2 : 1;
+ /* auth_iv_offset passed to PDCP_CHAIN opcode based on FVC bit */
+ uint8_t pdcp_iv_offset;
union cpt_inst_w4 template_w4;
/* Below fields are accessed by hardware */
struct se_ctx_s {
@@ -366,6 +368,7 @@ struct roc_se_fc_params {
struct roc_se_buf_ptr meta_buf;
uint8_t cipher_iv_len;
uint8_t auth_iv_len;
+ uint8_t pdcp_iv_offset;
struct roc_se_buf_ptr aad_buf;
struct roc_se_buf_ptr mac_buf;
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 99bf853234..82938c77c8 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -484,13 +484,19 @@ is_valid_pdcp_cipher_alg(struct rte_crypto_sym_xform *c_xfrm,
}
static int
-cnxk_sess_fill(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
+cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform,
+ struct cnxk_se_sess *sess)
{
struct rte_crypto_sym_xform *aead_xfrm = NULL;
struct rte_crypto_sym_xform *c_xfrm = NULL;
struct rte_crypto_sym_xform *a_xfrm = NULL;
bool ciph_then_auth = false;
+ if (roc_cpt->hw_caps[CPT_ENG_TYPE_SE].pdcp_chain_zuc256)
+ sess->roc_se_ctx.pdcp_iv_offset = 24;
+ else
+ sess->roc_se_ctx.pdcp_iv_offset = 16;
+
if (xform == NULL)
return -EINVAL;
@@ -672,7 +678,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xfor
if (is_session_less)
memset(sess_priv, 0, sizeof(struct cnxk_se_sess));
- ret = cnxk_sess_fill(xform, sess_priv);
+ ret = cnxk_sess_fill(roc_cpt, xform, sess_priv);
if (ret)
goto priv_put;
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index 6ee4cbda70..3d1f9b8a48 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -16,8 +16,9 @@
#include "roc_errata.h"
#include "roc_se.h"
-#define CNXK_CPT_MIN_HEADROOM_REQ 32
-#define CNXK_CPT_MIN_TAILROOM_REQ 102
+/* Space for ctrl_word(8B), IV(48B), passthrough alignment(8B) */
+#define CNXK_CPT_MIN_HEADROOM_REQ 64
+#define CNXK_CPT_MIN_TAILROOM_REQ 102
/* Default command timeout in seconds */
#define DEFAULT_COMMAND_TIMEOUT 4
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index b8998d401b..fdc1f3651c 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -892,7 +892,7 @@ pdcp_chain_sg1_prep(struct roc_se_fc_params *params, struct roc_se_ctx *cpt_ctx,
pdcp_iv_copy(iv_d, cipher_iv, pdcp_ci_alg, pack_iv);
/* Auth IV */
- iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN + 16);
+ iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN + params->pdcp_iv_offset);
pdcp_iv_copy(iv_d, auth_iv, pdcp_auth_alg, pack_iv);
/* input data */
@@ -998,7 +998,7 @@ pdcp_chain_sg2_prep(struct roc_se_fc_params *params, struct roc_se_ctx *cpt_ctx,
pdcp_iv_copy(iv_d, cipher_iv, pdcp_ci_alg, pack_iv);
/* Auth IV */
- iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN + 16);
+ iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN + params->pdcp_iv_offset);
pdcp_iv_copy(iv_d, auth_iv, pdcp_auth_alg, pack_iv);
/* input data */
@@ -1490,11 +1490,12 @@ cpt_pdcp_chain_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
uint32_t encr_data_len, auth_data_len, aad_len, passthr_len, pad_len, hdr_len;
uint32_t encr_offset, auth_offset, iv_offset = 0;
const uint8_t *auth_iv = NULL, *cipher_iv = NULL;
+ uint8_t pdcp_iv_off = params->pdcp_iv_offset;
+ const int iv_len = pdcp_iv_off * 2;
uint8_t pdcp_ci_alg, pdcp_auth_alg;
union cpt_inst_w4 cpt_inst_w4;
struct roc_se_ctx *se_ctx;
uint64_t *offset_vaddr;
- const int iv_len = 32;
uint64_t offset_ctrl;
uint8_t pack_iv = 0;
int32_t inputlen;
@@ -1576,7 +1577,7 @@ cpt_pdcp_chain_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN);
pdcp_iv_copy(iv_d, cipher_iv, pdcp_ci_alg, pack_iv);
- iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN + 16);
+ iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN + pdcp_iv_off);
pdcp_iv_copy(iv_d, auth_iv, pdcp_auth_alg, pack_iv);
inst->w4.u64 = cpt_inst_w4.u64;
@@ -2909,6 +2910,7 @@ fill_pdcp_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
fc_params.auth_iv_len = 0;
fc_params.iv_buf = NULL;
fc_params.auth_iv_buf = NULL;
+ fc_params.pdcp_iv_offset = sess->roc_se_ctx.pdcp_iv_offset;
if (likely(sess->iv_length))
fc_params.iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess->iv_offset);
@@ -2995,6 +2997,7 @@ fill_pdcp_chain_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
fc_params.auth_iv_len = sess->auth_iv_length;
fc_params.iv_buf = NULL;
fc_params.auth_iv_buf = NULL;
+ fc_params.pdcp_iv_offset = sess->roc_se_ctx.pdcp_iv_offset;
m_src = sym_op->m_src;
m_dst = sym_op->m_dst;
@@ -3197,8 +3200,9 @@ fill_digest_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
d_offs = auth_range_off;
auth_range_off = 0;
params.auth_iv_len = sess->auth_iv_length;
- params.auth_iv_buf = rte_crypto_op_ctod_offset(
- cop, uint8_t *, sess->auth_iv_offset);
+ params.auth_iv_buf =
+ rte_crypto_op_ctod_offset(cop, uint8_t *, sess->auth_iv_offset);
+ params.pdcp_iv_offset = sess->roc_se_ctx.pdcp_iv_offset;
if (sess->zsk_flag == ROC_SE_K_F9) {
uint32_t length_in_bits, num_bytes;
uint8_t *src, direction = 0;
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 11/15] crypto/cnxk: minor shuffling in the sess structure
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (9 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 10/15] crypto/cnxk: set PDCP chain IV offset based on FVC Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 12/15] crypto/cnxk: add support for packets with cipher len zero Tejasree Kondoj
` (5 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Vidya Sagar Velumuri, Anoob Joseph, Aakash Sasidharan,
Gowrishankar Muthukrishnan, dev
From: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Shuffle the fields in the session structure to make the fields byte
aligned
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
drivers/crypto/cnxk/cnxk_se.h | 32 ++++++++++++++++----------------
1 file changed, 16 insertions(+), 16 deletions(-)
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index fdc1f3651c..1fbae54c76 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -31,30 +31,30 @@ enum cpt_dp_thread_type {
struct cnxk_se_sess {
struct rte_cryptodev_sym_session rte_sess;
- uint16_t cpt_op : 4;
- uint16_t zsk_flag : 4;
- uint16_t aes_gcm : 1;
- uint16_t aes_ccm : 1;
- uint16_t aes_ctr : 1;
- uint16_t chacha_poly : 1;
- uint16_t is_null : 1;
- uint16_t is_gmac : 1;
- uint16_t chained_op : 1;
- uint16_t auth_first : 1;
- uint16_t aes_ctr_eea2 : 1;
- uint16_t zs_cipher : 4;
- uint16_t zs_auth : 4;
- uint16_t dp_thr_type : 8;
- uint16_t aad_length;
+ uint8_t aes_gcm : 1;
+ uint8_t aes_ccm : 1;
+ uint8_t aes_ctr : 1;
+ uint8_t chacha_poly : 1;
+ uint8_t is_null : 1;
+ uint8_t is_gmac : 1;
+ uint8_t chained_op : 1;
+ uint8_t auth_first : 1;
+ uint8_t aes_ctr_eea2 : 1;
uint8_t is_sha3 : 1;
uint8_t short_iv : 1;
uint8_t is_sm3 : 1;
uint8_t passthrough : 1;
uint8_t is_sm4 : 1;
- uint8_t rsvd : 3;
+ uint8_t rsvd : 2;
+ uint8_t cpt_op : 4;
+ uint8_t zsk_flag : 4;
+ uint8_t zs_cipher : 4;
+ uint8_t zs_auth : 4;
+ uint8_t dp_thr_type;
uint8_t mac_len;
uint8_t iv_length;
uint8_t auth_iv_length;
+ uint16_t aad_length;
uint16_t iv_offset;
uint16_t auth_iv_offset;
uint32_t salt;
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 12/15] crypto/cnxk: add support for packets with cipher len zero
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (10 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 11/15] crypto/cnxk: minor shuffling in the sess structure Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 13/15] crypto/cnxk: add support for raw APIs Tejasree Kondoj
` (4 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Aakash Sasidharan, Anoob Joseph, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
From: Aakash Sasidharan <asasidharan@marvell.com>
For cipher only zero length packets, submit it to CPT with
passthrough opcode.
Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
---
drivers/crypto/cnxk/cnxk_se.h | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 1fbae54c76..f6884be5ad 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -45,7 +45,8 @@ struct cnxk_se_sess {
uint8_t is_sm3 : 1;
uint8_t passthrough : 1;
uint8_t is_sm4 : 1;
- uint8_t rsvd : 2;
+ uint8_t cipher_only : 1;
+ uint8_t rsvd : 1;
uint8_t cpt_op : 4;
uint8_t zsk_flag : 4;
uint8_t zs_cipher : 4;
@@ -2192,6 +2193,7 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
}
}
+ sess->cipher_only = 1;
sess->zsk_flag = zsk_flag;
sess->zs_cipher = zs_cipher;
sess->aes_gcm = 0;
@@ -3308,9 +3310,19 @@ static __rte_always_inline int __rte_hot
cpt_sym_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op, struct cnxk_se_sess *sess,
struct cpt_inflight_req *infl_req, struct cpt_inst_s *inst, const bool is_sg_ver2)
{
+ enum cpt_dp_thread_type dp_thr_type;
int ret;
- switch (sess->dp_thr_type) {
+ dp_thr_type = sess->dp_thr_type;
+
+ /*
+ * With cipher only, microcode expects that cipher length is non-zero. To accept such
+ * instructions, send to CPT as passthrough.
+ */
+ if (unlikely(sess->cipher_only && op->sym->cipher.data.length == 0))
+ dp_thr_type = CPT_DP_THREAD_TYPE_PT;
+
+ switch (dp_thr_type) {
case CPT_DP_THREAD_TYPE_PT:
ret = fill_passthrough_params(op, inst);
break;
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 13/15] crypto/cnxk: add support for raw APIs
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (11 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 12/15] crypto/cnxk: add support for packets with cipher len zero Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-10-10 19:36 ` Thomas Monjalon
2023-09-26 5:58 ` [PATCH v2 14/15] crypto/cnxk: update the iv from proper param for gmac Tejasree Kondoj
` (3 subsequent siblings)
16 siblings, 1 reply; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
From: Anoob Joseph <anoobj@marvell.com>
Add crypto RAW API support in cnxk PMD
Enable the flag to allow execution of raw test suite.
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
doc/guides/cryptodevs/features/cn10k.ini | 1 +
drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 459 ++++++++++++++++++++++
drivers/crypto/cnxk/cnxk_cryptodev.c | 20 +-
drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 1 +
drivers/crypto/cnxk/cnxk_se.h | 293 ++++++++++++++
5 files changed, 761 insertions(+), 13 deletions(-)
diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini
index 55a1226965..53ee2a720e 100644
--- a/doc/guides/cryptodevs/features/cn10k.ini
+++ b/doc/guides/cryptodevs/features/cn10k.ini
@@ -17,6 +17,7 @@ Symmetric sessionless = Y
RSA PRIV OP KEY EXP = Y
RSA PRIV OP KEY QT = Y
Digest encrypted = Y
+Sym raw data path API = Y
Inner checksum = Y
;
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 75ad3b99f5..4b0becce0e 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -1066,6 +1066,461 @@ cn10k_cpt_dev_info_get(struct rte_cryptodev *dev,
}
}
+static inline int
+cn10k_cpt_raw_fill_inst(struct cnxk_iov *iov, struct cnxk_cpt_qp *qp,
+ struct cnxk_sym_dp_ctx *dp_ctx, struct cpt_inst_s inst[],
+ struct cpt_inflight_req *infl_req, void *opaque, const bool is_sg_ver2)
+{
+ struct cnxk_se_sess *sess;
+ int ret;
+
+ const union cpt_res_s res = {
+ .cn10k.compcode = CPT_COMP_NOT_DONE,
+ };
+
+ inst[0].w0.u64 = 0;
+ inst[0].w2.u64 = 0;
+ inst[0].w3.u64 = 0;
+
+ sess = dp_ctx->sess;
+
+ switch (sess->dp_thr_type) {
+ case CPT_DP_THREAD_TYPE_PT:
+ ret = fill_raw_passthrough_params(iov, inst);
+ break;
+ case CPT_DP_THREAD_TYPE_FC_CHAIN:
+ ret = fill_raw_fc_params(iov, sess, &qp->meta_info, infl_req, &inst[0], false,
+ false, is_sg_ver2);
+ break;
+ case CPT_DP_THREAD_TYPE_FC_AEAD:
+ ret = fill_raw_fc_params(iov, sess, &qp->meta_info, infl_req, &inst[0], false, true,
+ is_sg_ver2);
+ break;
+ case CPT_DP_THREAD_AUTH_ONLY:
+ ret = fill_raw_digest_params(iov, sess, &qp->meta_info, infl_req, &inst[0],
+ is_sg_ver2);
+ break;
+ default:
+ ret = -EINVAL;
+ }
+
+ if (unlikely(ret))
+ return 0;
+
+ inst[0].res_addr = (uint64_t)&infl_req->res;
+ __atomic_store_n(&infl_req->res.u64[0], res.u64[0], __ATOMIC_RELAXED);
+ infl_req->opaque = opaque;
+
+ inst[0].w7.u64 = sess->cpt_inst_w7;
+
+ return 1;
+}
+
+static uint32_t
+cn10k_cpt_raw_enqueue_burst(void *qpair, uint8_t *drv_ctx, struct rte_crypto_sym_vec *vec,
+ union rte_crypto_sym_ofs ofs, void *user_data[], int *enqueue_status,
+ const bool is_sgv2)
+{
+ uint16_t lmt_id, nb_allowed, nb_ops = vec->num;
+ uint64_t lmt_base, lmt_arg, io_addr, head;
+ struct cpt_inflight_req *infl_req;
+ struct cnxk_cpt_qp *qp = qpair;
+ struct cnxk_sym_dp_ctx *dp_ctx;
+ struct pending_queue *pend_q;
+ uint32_t count = 0, index;
+ union cpt_fc_write_s fc;
+ struct cpt_inst_s *inst;
+ uint64_t *fc_addr;
+ int ret, i;
+
+ pend_q = &qp->pend_q;
+ const uint64_t pq_mask = pend_q->pq_mask;
+
+ head = pend_q->head;
+ nb_allowed = pending_queue_free_cnt(head, pend_q->tail, pq_mask);
+ nb_ops = RTE_MIN(nb_ops, nb_allowed);
+
+ if (unlikely(nb_ops == 0))
+ return 0;
+
+ lmt_base = qp->lmtline.lmt_base;
+ io_addr = qp->lmtline.io_addr;
+ fc_addr = qp->lmtline.fc_addr;
+
+ const uint32_t fc_thresh = qp->lmtline.fc_thresh;
+
+ ROC_LMT_BASE_ID_GET(lmt_base, lmt_id);
+ inst = (struct cpt_inst_s *)lmt_base;
+
+ dp_ctx = (struct cnxk_sym_dp_ctx *)drv_ctx;
+again:
+ fc.u64[0] = __atomic_load_n(fc_addr, __ATOMIC_RELAXED);
+ if (unlikely(fc.s.qsize > fc_thresh)) {
+ i = 0;
+ goto pend_q_commit;
+ }
+
+ for (i = 0; i < RTE_MIN(PKTS_PER_LOOP, nb_ops); i++) {
+ struct cnxk_iov iov;
+
+ index = count + i;
+ infl_req = &pend_q->req_queue[head];
+ infl_req->op_flags = 0;
+
+ cnxk_raw_burst_to_iov(vec, &ofs, index, &iov);
+ ret = cn10k_cpt_raw_fill_inst(&iov, qp, dp_ctx, &inst[2 * i], infl_req,
+ user_data[index], is_sgv2);
+ if (unlikely(ret != 1)) {
+ plt_dp_err("Could not process vec: %d", index);
+ if (i == 0 && count == 0)
+ return -1;
+ else if (i == 0)
+ goto pend_q_commit;
+ else
+ break;
+ }
+ pending_queue_advance(&head, pq_mask);
+ }
+
+ if (i > PKTS_PER_STEORL) {
+ lmt_arg = ROC_CN10K_CPT_LMT_ARG | (PKTS_PER_STEORL - 1) << 12 | (uint64_t)lmt_id;
+ roc_lmt_submit_steorl(lmt_arg, io_addr);
+ lmt_arg = ROC_CN10K_CPT_LMT_ARG | (i - PKTS_PER_STEORL - 1) << 12 |
+ (uint64_t)(lmt_id + PKTS_PER_STEORL);
+ roc_lmt_submit_steorl(lmt_arg, io_addr);
+ } else {
+ lmt_arg = ROC_CN10K_CPT_LMT_ARG | (i - 1) << 12 | (uint64_t)lmt_id;
+ roc_lmt_submit_steorl(lmt_arg, io_addr);
+ }
+
+ rte_io_wmb();
+
+ if (nb_ops - i > 0 && i == PKTS_PER_LOOP) {
+ nb_ops -= i;
+ count += i;
+ goto again;
+ }
+
+pend_q_commit:
+ rte_atomic_thread_fence(__ATOMIC_RELEASE);
+
+ pend_q->head = head;
+ pend_q->time_out = rte_get_timer_cycles() + DEFAULT_COMMAND_TIMEOUT * rte_get_timer_hz();
+
+ *enqueue_status = 1;
+ return count + i;
+}
+
+static uint32_t
+cn10k_cpt_raw_enqueue_burst_sgv2(void *qpair, uint8_t *drv_ctx, struct rte_crypto_sym_vec *vec,
+ union rte_crypto_sym_ofs ofs, void *user_data[],
+ int *enqueue_status)
+{
+ return cn10k_cpt_raw_enqueue_burst(qpair, drv_ctx, vec, ofs, user_data, enqueue_status,
+ true);
+}
+
+static uint32_t
+cn10k_cpt_raw_enqueue_burst_sgv1(void *qpair, uint8_t *drv_ctx, struct rte_crypto_sym_vec *vec,
+ union rte_crypto_sym_ofs ofs, void *user_data[],
+ int *enqueue_status)
+{
+ return cn10k_cpt_raw_enqueue_burst(qpair, drv_ctx, vec, ofs, user_data, enqueue_status,
+ false);
+}
+
+static int
+cn10k_cpt_raw_enqueue(void *qpair, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec,
+ uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_va_iova_ptr *iv, struct rte_crypto_va_iova_ptr *digest,
+ struct rte_crypto_va_iova_ptr *aad_or_auth_iv, void *user_data,
+ const bool is_sgv2)
+{
+ uint64_t lmt_base, lmt_arg, io_addr, head;
+ struct cpt_inflight_req *infl_req;
+ struct cnxk_cpt_qp *qp = qpair;
+ struct cnxk_sym_dp_ctx *dp_ctx;
+ uint16_t lmt_id, nb_allowed;
+ struct cpt_inst_s *inst;
+ union cpt_fc_write_s fc;
+ struct cnxk_iov iov;
+ uint64_t *fc_addr;
+ int ret;
+
+ struct pending_queue *pend_q = &qp->pend_q;
+ const uint64_t pq_mask = pend_q->pq_mask;
+ const uint32_t fc_thresh = qp->lmtline.fc_thresh;
+
+ head = pend_q->head;
+ nb_allowed = pending_queue_free_cnt(head, pend_q->tail, pq_mask);
+
+ if (unlikely(nb_allowed == 0))
+ return -1;
+
+ cnxk_raw_to_iov(data_vec, n_data_vecs, &ofs, iv, digest, aad_or_auth_iv, &iov);
+
+ lmt_base = qp->lmtline.lmt_base;
+ io_addr = qp->lmtline.io_addr;
+ fc_addr = qp->lmtline.fc_addr;
+
+ ROC_LMT_BASE_ID_GET(lmt_base, lmt_id);
+ inst = (struct cpt_inst_s *)lmt_base;
+
+ fc.u64[0] = __atomic_load_n(fc_addr, __ATOMIC_RELAXED);
+ if (unlikely(fc.s.qsize > fc_thresh))
+ return -1;
+
+ dp_ctx = (struct cnxk_sym_dp_ctx *)drv_ctx;
+ infl_req = &pend_q->req_queue[head];
+ infl_req->op_flags = 0;
+
+ ret = cn10k_cpt_raw_fill_inst(&iov, qp, dp_ctx, &inst[0], infl_req, user_data, is_sgv2);
+ if (unlikely(ret != 1)) {
+ plt_dp_err("Could not process vec");
+ return -1;
+ }
+
+ pending_queue_advance(&head, pq_mask);
+
+ lmt_arg = ROC_CN10K_CPT_LMT_ARG | (uint64_t)lmt_id;
+ roc_lmt_submit_steorl(lmt_arg, io_addr);
+
+ rte_io_wmb();
+
+ pend_q->head = head;
+ pend_q->time_out = rte_get_timer_cycles() + DEFAULT_COMMAND_TIMEOUT * rte_get_timer_hz();
+
+ return 1;
+}
+
+static int
+cn10k_cpt_raw_enqueue_sgv2(void *qpair, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec,
+ uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_va_iova_ptr *iv, struct rte_crypto_va_iova_ptr *digest,
+ struct rte_crypto_va_iova_ptr *aad_or_auth_iv, void *user_data)
+{
+ return cn10k_cpt_raw_enqueue(qpair, drv_ctx, data_vec, n_data_vecs, ofs, iv, digest,
+ aad_or_auth_iv, user_data, true);
+}
+
+static int
+cn10k_cpt_raw_enqueue_sgv1(void *qpair, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec,
+ uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_va_iova_ptr *iv, struct rte_crypto_va_iova_ptr *digest,
+ struct rte_crypto_va_iova_ptr *aad_or_auth_iv, void *user_data)
+{
+ return cn10k_cpt_raw_enqueue(qpair, drv_ctx, data_vec, n_data_vecs, ofs, iv, digest,
+ aad_or_auth_iv, user_data, false);
+}
+
+static inline int
+cn10k_cpt_raw_dequeue_post_process(struct cpt_cn10k_res_s *res)
+{
+ const uint8_t uc_compcode = res->uc_compcode;
+ const uint8_t compcode = res->compcode;
+ int ret = 1;
+
+ if (likely(compcode == CPT_COMP_GOOD)) {
+ if (unlikely(uc_compcode))
+ plt_dp_info("Request failed with microcode error: 0x%x", res->uc_compcode);
+ else
+ ret = 0;
+ }
+
+ return ret;
+}
+
+static uint32_t
+cn10k_cpt_sym_raw_dequeue_burst(void *qptr, uint8_t *drv_ctx,
+ rte_cryptodev_raw_get_dequeue_count_t get_dequeue_count,
+ uint32_t max_nb_to_dequeue,
+ rte_cryptodev_raw_post_dequeue_t post_dequeue, void **out_user_data,
+ uint8_t is_user_data_array, uint32_t *n_success,
+ int *dequeue_status)
+{
+ struct cpt_inflight_req *infl_req;
+ struct cnxk_cpt_qp *qp = qptr;
+ struct pending_queue *pend_q;
+ uint64_t infl_cnt, pq_tail;
+ union cpt_res_s res;
+ int is_op_success;
+ uint16_t nb_ops;
+ void *opaque;
+ int i = 0;
+
+ pend_q = &qp->pend_q;
+
+ const uint64_t pq_mask = pend_q->pq_mask;
+
+ RTE_SET_USED(drv_ctx);
+ pq_tail = pend_q->tail;
+ infl_cnt = pending_queue_infl_cnt(pend_q->head, pq_tail, pq_mask);
+
+ /* Ensure infl_cnt isn't read before data lands */
+ rte_atomic_thread_fence(__ATOMIC_ACQUIRE);
+
+ infl_req = &pend_q->req_queue[pq_tail];
+
+ opaque = infl_req->opaque;
+ if (get_dequeue_count)
+ nb_ops = get_dequeue_count(opaque);
+ else
+ nb_ops = max_nb_to_dequeue;
+ nb_ops = RTE_MIN(nb_ops, infl_cnt);
+
+ for (i = 0; i < nb_ops; i++) {
+ is_op_success = 0;
+ infl_req = &pend_q->req_queue[pq_tail];
+
+ res.u64[0] = __atomic_load_n(&infl_req->res.u64[0], __ATOMIC_RELAXED);
+
+ if (unlikely(res.cn10k.compcode == CPT_COMP_NOT_DONE)) {
+ if (unlikely(rte_get_timer_cycles() > pend_q->time_out)) {
+ plt_err("Request timed out");
+ cnxk_cpt_dump_on_err(qp);
+ pend_q->time_out = rte_get_timer_cycles() +
+ DEFAULT_COMMAND_TIMEOUT * rte_get_timer_hz();
+ }
+ break;
+ }
+
+ pending_queue_advance(&pq_tail, pq_mask);
+
+ if (!cn10k_cpt_raw_dequeue_post_process(&res.cn10k)) {
+ is_op_success = 1;
+ *n_success += 1;
+ }
+
+ if (is_user_data_array) {
+ out_user_data[i] = infl_req->opaque;
+ post_dequeue(out_user_data[i], i, is_op_success);
+ } else {
+ if (i == 0)
+ out_user_data[0] = opaque;
+ post_dequeue(out_user_data[0], i, is_op_success);
+ }
+
+ if (unlikely(infl_req->op_flags & CPT_OP_FLAGS_METABUF))
+ rte_mempool_put(qp->meta_info.pool, infl_req->mdata);
+ }
+
+ pend_q->tail = pq_tail;
+ *dequeue_status = 1;
+
+ return i;
+}
+
+static void *
+cn10k_cpt_sym_raw_dequeue(void *qptr, uint8_t *drv_ctx, int *dequeue_status,
+ enum rte_crypto_op_status *op_status)
+{
+ struct cpt_inflight_req *infl_req;
+ struct cnxk_cpt_qp *qp = qptr;
+ struct pending_queue *pend_q;
+ uint64_t pq_tail;
+ union cpt_res_s res;
+ void *opaque = NULL;
+
+ pend_q = &qp->pend_q;
+
+ const uint64_t pq_mask = pend_q->pq_mask;
+
+ RTE_SET_USED(drv_ctx);
+
+ pq_tail = pend_q->tail;
+
+ rte_atomic_thread_fence(__ATOMIC_ACQUIRE);
+
+ infl_req = &pend_q->req_queue[pq_tail];
+
+ res.u64[0] = __atomic_load_n(&infl_req->res.u64[0], __ATOMIC_RELAXED);
+
+ if (unlikely(res.cn10k.compcode == CPT_COMP_NOT_DONE)) {
+ if (unlikely(rte_get_timer_cycles() > pend_q->time_out)) {
+ plt_err("Request timed out");
+ cnxk_cpt_dump_on_err(qp);
+ pend_q->time_out = rte_get_timer_cycles() +
+ DEFAULT_COMMAND_TIMEOUT * rte_get_timer_hz();
+ }
+ goto exit;
+ }
+
+ pending_queue_advance(&pq_tail, pq_mask);
+
+ opaque = infl_req->opaque;
+
+ if (!cn10k_cpt_raw_dequeue_post_process(&res.cn10k))
+ *op_status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+ else
+ *op_status = RTE_CRYPTO_OP_STATUS_ERROR;
+
+ if (unlikely(infl_req->op_flags & CPT_OP_FLAGS_METABUF))
+ rte_mempool_put(qp->meta_info.pool, infl_req->mdata);
+
+ *dequeue_status = 1;
+exit:
+ return opaque;
+}
+
+static int
+cn10k_sym_get_raw_dp_ctx_size(struct rte_cryptodev *dev __rte_unused)
+{
+ return sizeof(struct cnxk_sym_dp_ctx);
+}
+
+static int
+cn10k_sym_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
+ struct rte_crypto_raw_dp_ctx *raw_dp_ctx,
+ enum rte_crypto_op_sess_type sess_type,
+ union rte_cryptodev_session_ctx session_ctx, uint8_t is_update)
+{
+ struct cnxk_se_sess *sess = (struct cnxk_se_sess *)session_ctx.crypto_sess;
+ struct cnxk_sym_dp_ctx *dp_ctx;
+
+ if (sess_type != RTE_CRYPTO_OP_WITH_SESSION)
+ return -ENOTSUP;
+
+ if (sess == NULL)
+ return -EINVAL;
+
+ if ((sess->dp_thr_type == CPT_DP_THREAD_TYPE_PDCP) ||
+ (sess->dp_thr_type == CPT_DP_THREAD_TYPE_PDCP_CHAIN) ||
+ (sess->dp_thr_type == CPT_DP_THREAD_TYPE_KASUMI))
+ return -ENOTSUP;
+
+ if ((sess->dp_thr_type == CPT_DP_THREAD_AUTH_ONLY) &&
+ ((sess->roc_se_ctx.fc_type == ROC_SE_KASUMI) ||
+ (sess->roc_se_ctx.fc_type == ROC_SE_PDCP)))
+ return -ENOTSUP;
+
+ if ((sess->roc_se_ctx.hash_type == ROC_SE_GMAC_TYPE) ||
+ (sess->roc_se_ctx.hash_type == ROC_SE_SHA1_TYPE))
+ return -ENOTSUP;
+
+ dp_ctx = (struct cnxk_sym_dp_ctx *)raw_dp_ctx->drv_ctx_data;
+ dp_ctx->sess = sess;
+
+ if (!is_update) {
+ struct cnxk_cpt_vf *vf;
+
+ raw_dp_ctx->qp_data = (struct cnxk_cpt_qp *)dev->data->queue_pairs[qp_id];
+ raw_dp_ctx->dequeue = cn10k_cpt_sym_raw_dequeue;
+ raw_dp_ctx->dequeue_burst = cn10k_cpt_sym_raw_dequeue_burst;
+
+ vf = dev->data->dev_private;
+ if (vf->cpt.hw_caps[CPT_ENG_TYPE_SE].sg_ver2 &&
+ vf->cpt.hw_caps[CPT_ENG_TYPE_IE].sg_ver2) {
+ raw_dp_ctx->enqueue = cn10k_cpt_raw_enqueue_sgv2;
+ raw_dp_ctx->enqueue_burst = cn10k_cpt_raw_enqueue_burst_sgv2;
+ } else {
+ raw_dp_ctx->enqueue = cn10k_cpt_raw_enqueue_sgv1;
+ raw_dp_ctx->enqueue_burst = cn10k_cpt_raw_enqueue_burst_sgv1;
+ }
+ }
+
+ return 0;
+}
+
struct rte_cryptodev_ops cn10k_cpt_ops = {
/* Device control ops */
.dev_configure = cnxk_cpt_dev_config,
@@ -1092,4 +1547,8 @@ struct rte_cryptodev_ops cn10k_cpt_ops = {
/* Event crypto ops */
.session_ev_mdata_set = cn10k_cpt_crypto_adapter_ev_mdata_set,
.queue_pair_event_error_query = cnxk_cpt_queue_pair_event_error_query,
+
+ /* Raw data-path API related operations */
+ .sym_get_raw_dp_ctx_size = cn10k_sym_get_raw_dp_ctx_size,
+ .sym_configure_raw_dp_ctx = cn10k_sym_configure_raw_dp_ctx,
};
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.c b/drivers/crypto/cnxk/cnxk_cryptodev.c
index 4fa1907cea..4819a14184 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.c
@@ -13,22 +13,16 @@
uint64_t
cnxk_cpt_default_ff_get(void)
{
- uint64_t ff = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
- RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |
- RTE_CRYPTODEV_FF_HW_ACCELERATED |
- RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT |
+ uint64_t ff = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |
+ RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT |
RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP |
- RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
- RTE_CRYPTODEV_FF_IN_PLACE_SGL |
- RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
- RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
- RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
- RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
- RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED |
- RTE_CRYPTODEV_FF_SECURITY;
+ RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | RTE_CRYPTODEV_FF_IN_PLACE_SGL |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT | RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
+ RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED | RTE_CRYPTODEV_FF_SECURITY;
if (roc_model_is_cn10k())
- ff |= RTE_CRYPTODEV_FF_SECURITY_INNER_CSUM;
+ ff |= RTE_CRYPTODEV_FF_SECURITY_INNER_CSUM | RTE_CRYPTODEV_FF_SYM_RAW_DP;
return ff;
}
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index 3d1f9b8a48..c6bb8023ea 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -45,6 +45,7 @@ struct cpt_qp_meta_info {
struct cpt_inflight_req {
union cpt_res_s res;
union {
+ void *opaque;
struct rte_crypto_op *cop;
struct rte_event_vector *vec;
};
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index f6884be5ad..f05c5078d6 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -66,6 +66,23 @@ struct cnxk_se_sess {
struct roc_cpt_lf *lf;
} __rte_aligned(ROC_ALIGN);
+struct cnxk_sym_dp_ctx {
+ struct cnxk_se_sess *sess;
+};
+
+struct cnxk_iov {
+ char src[SRC_IOV_SIZE];
+ char dst[SRC_IOV_SIZE];
+ void *iv_buf;
+ void *aad_buf;
+ void *mac_buf;
+ uint16_t c_head;
+ uint16_t c_tail;
+ uint16_t a_head;
+ uint16_t a_tail;
+ int data_len;
+};
+
static __rte_always_inline int fill_sess_gmac(struct rte_crypto_sym_xform *xform,
struct cnxk_se_sess *sess);
@@ -3358,4 +3375,280 @@ cpt_sym_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op, struct cnxk_
return ret;
}
+static __rte_always_inline uint32_t
+prepare_iov_from_raw_vec(struct rte_crypto_vec *vec, struct roc_se_iov_ptr *iovec, uint32_t num)
+{
+ uint32_t i, total_len = 0;
+
+ for (i = 0; i < num; i++) {
+ iovec->bufs[i].vaddr = vec[i].base;
+ iovec->bufs[i].size = vec[i].len;
+
+ total_len += vec[i].len;
+ }
+
+ iovec->buf_cnt = i;
+ return total_len;
+}
+
+static __rte_always_inline void
+cnxk_raw_burst_to_iov(struct rte_crypto_sym_vec *vec, union rte_crypto_sym_ofs *ofs, int index,
+ struct cnxk_iov *iov)
+{
+ iov->iv_buf = vec->iv[index].va;
+ iov->aad_buf = vec->aad[index].va;
+ iov->mac_buf = vec->digest[index].va;
+
+ iov->data_len =
+ prepare_iov_from_raw_vec(vec->src_sgl[index].vec, (struct roc_se_iov_ptr *)iov->src,
+ vec->src_sgl[index].num);
+
+ if (vec->dest_sgl == NULL)
+ prepare_iov_from_raw_vec(vec->src_sgl[index].vec, (struct roc_se_iov_ptr *)iov->dst,
+ vec->src_sgl[index].num);
+ else
+ prepare_iov_from_raw_vec(vec->dest_sgl[index].vec,
+ (struct roc_se_iov_ptr *)iov->dst,
+ vec->dest_sgl[index].num);
+
+ iov->c_head = ofs->ofs.cipher.head;
+ iov->c_tail = ofs->ofs.cipher.tail;
+
+ iov->a_head = ofs->ofs.auth.head;
+ iov->a_tail = ofs->ofs.auth.tail;
+}
+
+static __rte_always_inline void
+cnxk_raw_to_iov(struct rte_crypto_vec *data_vec, uint16_t n_vecs, union rte_crypto_sym_ofs *ofs,
+ struct rte_crypto_va_iova_ptr *iv, struct rte_crypto_va_iova_ptr *digest,
+ struct rte_crypto_va_iova_ptr *aad, struct cnxk_iov *iov)
+{
+ iov->iv_buf = iv->va;
+ iov->aad_buf = aad->va;
+ iov->mac_buf = digest->va;
+
+ iov->data_len =
+ prepare_iov_from_raw_vec(data_vec, (struct roc_se_iov_ptr *)iov->src, n_vecs);
+ prepare_iov_from_raw_vec(data_vec, (struct roc_se_iov_ptr *)iov->dst, n_vecs);
+
+ iov->c_head = ofs->ofs.cipher.head;
+ iov->c_tail = ofs->ofs.cipher.tail;
+
+ iov->a_head = ofs->ofs.auth.head;
+ iov->a_tail = ofs->ofs.auth.tail;
+}
+
+static inline void
+raw_memcpy(struct cnxk_iov *iov)
+{
+ struct roc_se_iov_ptr *src = (struct roc_se_iov_ptr *)iov->src;
+ struct roc_se_iov_ptr *dst = (struct roc_se_iov_ptr *)iov->dst;
+ int num = src->buf_cnt;
+ int i;
+
+ /* skip copy in case of inplace */
+ if (dst->bufs[0].vaddr == src->bufs[0].vaddr)
+ return;
+
+ for (i = 0; i < num; i++) {
+ rte_memcpy(dst->bufs[i].vaddr, src->bufs[i].vaddr, src->bufs[i].size);
+ dst->bufs[i].size = src->bufs[i].size;
+ }
+}
+
+static inline int
+fill_raw_passthrough_params(struct cnxk_iov *iov, struct cpt_inst_s *inst)
+{
+ const union cpt_inst_w4 w4 = {
+ .s.opcode_major = ROC_SE_MAJOR_OP_MISC,
+ .s.opcode_minor = ROC_SE_MISC_MINOR_OP_PASSTHROUGH,
+ .s.param1 = 1,
+ .s.param2 = 1,
+ .s.dlen = 0,
+ };
+
+ inst->w0.u64 = 0;
+ inst->w5.u64 = 0;
+ inst->w4.u64 = w4.u64;
+
+ raw_memcpy(iov);
+
+ return 0;
+}
+
+static __rte_always_inline int
+fill_raw_fc_params(struct cnxk_iov *iov, struct cnxk_se_sess *sess, struct cpt_qp_meta_info *m_info,
+ struct cpt_inflight_req *infl_req, struct cpt_inst_s *inst, const bool is_kasumi,
+ const bool is_aead, const bool is_sg_ver2)
+{
+ uint32_t cipher_len, auth_len = 0;
+ struct roc_se_fc_params fc_params;
+ uint8_t cpt_op = sess->cpt_op;
+ uint64_t d_offs, d_lens;
+ uint8_t ccm_iv_buf[16];
+ uint32_t flags = 0;
+ void *mdata = NULL;
+ uint32_t iv_buf[4];
+ int ret;
+
+ fc_params.cipher_iv_len = sess->iv_length;
+ fc_params.ctx = &sess->roc_se_ctx;
+ fc_params.auth_iv_buf = NULL;
+ fc_params.auth_iv_len = 0;
+ fc_params.mac_buf.size = 0;
+ fc_params.mac_buf.vaddr = 0;
+ fc_params.iv_buf = NULL;
+
+ if (likely(is_kasumi || sess->iv_length)) {
+ flags |= ROC_SE_VALID_IV_BUF;
+ fc_params.iv_buf = iov->iv_buf;
+
+ if (sess->short_iv) {
+ memcpy((uint8_t *)iv_buf, iov->iv_buf, 12);
+ iv_buf[3] = rte_cpu_to_be_32(0x1);
+ fc_params.iv_buf = iv_buf;
+ }
+
+ if (sess->aes_ccm) {
+ memcpy((uint8_t *)ccm_iv_buf, iov->iv_buf, sess->iv_length + 1);
+ ccm_iv_buf[0] = 14 - sess->iv_length;
+ fc_params.iv_buf = ccm_iv_buf;
+ }
+ }
+
+ fc_params.src_iov = (void *)iov->src;
+ fc_params.dst_iov = (void *)iov->dst;
+
+ cipher_len = iov->data_len - iov->c_head - iov->c_tail;
+ auth_len = iov->data_len - iov->a_head - iov->a_tail;
+
+ d_offs = (iov->c_head << 16) | iov->a_head;
+ d_lens = ((uint64_t)cipher_len << 32) | auth_len;
+
+ if (is_aead) {
+ uint16_t aad_len = sess->aad_length;
+
+ if (likely(aad_len == 0)) {
+ d_offs = (iov->c_head << 16) | iov->c_head;
+ d_lens = ((uint64_t)cipher_len << 32) | cipher_len;
+ } else {
+ flags |= ROC_SE_VALID_AAD_BUF;
+ fc_params.aad_buf.size = sess->aad_length;
+ /* For AES CCM, AAD is written 18B after aad.data as per API */
+ if (sess->aes_ccm)
+ fc_params.aad_buf.vaddr = PLT_PTR_ADD((uint8_t *)iov->aad_buf, 18);
+ else
+ fc_params.aad_buf.vaddr = iov->aad_buf;
+
+ d_offs = (iov->c_head << 16);
+ d_lens = ((uint64_t)cipher_len << 32);
+ }
+ }
+
+ if (likely(sess->mac_len)) {
+ flags |= ROC_SE_VALID_MAC_BUF;
+ fc_params.mac_buf.size = sess->mac_len;
+ fc_params.mac_buf.vaddr = iov->mac_buf;
+ }
+
+ fc_params.meta_buf.vaddr = NULL;
+ mdata = alloc_op_meta(&fc_params.meta_buf, m_info->mlen, m_info->pool, infl_req);
+ if (mdata == NULL) {
+ plt_dp_err("Error allocating meta buffer for request");
+ return -ENOMEM;
+ }
+
+ if (is_kasumi) {
+ if (cpt_op & ROC_SE_OP_ENCODE)
+ ret = cpt_enc_hmac_prep(flags, d_offs, d_lens, &fc_params, inst,
+ is_sg_ver2);
+ else
+ ret = cpt_dec_hmac_prep(flags, d_offs, d_lens, &fc_params, inst,
+ is_sg_ver2);
+ } else {
+ if (cpt_op & ROC_SE_OP_ENCODE)
+ ret = cpt_enc_hmac_prep(flags, d_offs, d_lens, &fc_params, inst,
+ is_sg_ver2);
+ else
+ ret = cpt_dec_hmac_prep(flags, d_offs, d_lens, &fc_params, inst,
+ is_sg_ver2);
+ }
+
+ if (unlikely(ret)) {
+ plt_dp_err("Preparing request failed due to bad input arg");
+ goto free_mdata_and_exit;
+ }
+
+ return 0;
+
+free_mdata_and_exit:
+ rte_mempool_put(m_info->pool, infl_req->mdata);
+ return ret;
+}
+
+static __rte_always_inline int
+fill_raw_digest_params(struct cnxk_iov *iov, struct cnxk_se_sess *sess,
+ struct cpt_qp_meta_info *m_info, struct cpt_inflight_req *infl_req,
+ struct cpt_inst_s *inst, const bool is_sg_ver2)
+{
+ uint16_t auth_op = sess->cpt_op & ROC_SE_OP_AUTH_MASK;
+ struct roc_se_fc_params fc_params;
+ uint16_t mac_len = sess->mac_len;
+ uint64_t d_offs, d_lens;
+ uint32_t auth_len = 0;
+ uint32_t flags = 0;
+ void *mdata = NULL;
+ uint32_t space = 0;
+ int ret;
+
+ memset(&fc_params, 0, sizeof(struct roc_se_fc_params));
+ fc_params.cipher_iv_len = sess->iv_length;
+ fc_params.ctx = &sess->roc_se_ctx;
+
+ mdata = alloc_op_meta(&fc_params.meta_buf, m_info->mlen, m_info->pool, infl_req);
+ if (mdata == NULL) {
+ plt_dp_err("Error allocating meta buffer for request");
+ ret = -ENOMEM;
+ goto err_exit;
+ }
+
+ flags |= ROC_SE_VALID_MAC_BUF;
+ fc_params.src_iov = (void *)iov->src;
+ auth_len = iov->data_len - iov->a_head - iov->a_tail;
+ d_lens = auth_len;
+ d_offs = iov->a_head;
+
+ if (auth_op == ROC_SE_OP_AUTH_GENERATE) {
+ fc_params.mac_buf.size = sess->mac_len;
+ fc_params.mac_buf.vaddr = iov->mac_buf;
+ } else {
+ uint64_t *op = mdata;
+
+ /* Need space for storing generated mac */
+ space += 2 * sizeof(uint64_t);
+
+ fc_params.mac_buf.vaddr = (uint8_t *)mdata + space;
+ fc_params.mac_buf.size = mac_len;
+ space += RTE_ALIGN_CEIL(mac_len, 8);
+ op[0] = (uintptr_t)iov->mac_buf;
+ op[1] = mac_len;
+ infl_req->op_flags |= CPT_OP_FLAGS_AUTH_VERIFY;
+ }
+
+ fc_params.meta_buf.vaddr = (uint8_t *)mdata + space;
+ fc_params.meta_buf.size -= space;
+
+ ret = cpt_fc_enc_hmac_prep(flags, d_offs, d_lens, &fc_params, inst, is_sg_ver2);
+ if (ret)
+ goto free_mdata_and_exit;
+
+ return 0;
+
+free_mdata_and_exit:
+ if (infl_req->op_flags & CPT_OP_FLAGS_METABUF)
+ rte_mempool_put(m_info->pool, infl_req->mdata);
+err_exit:
+ return ret;
+}
+
#endif /*_CNXK_SE_H_ */
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH v2 13/15] crypto/cnxk: add support for raw APIs
2023-09-26 5:58 ` [PATCH v2 13/15] crypto/cnxk: add support for raw APIs Tejasree Kondoj
@ 2023-10-10 19:36 ` Thomas Monjalon
2023-10-11 7:23 ` [EXT] " Tejasree Kondoj
0 siblings, 1 reply; 20+ messages in thread
From: Thomas Monjalon @ 2023-10-10 19:36 UTC (permalink / raw)
To: Akhil Goyal, Anoob Joseph, Vidya Sagar Velumuri, Tejasree Kondoj
Cc: dev, Aakash Sasidharan, Gowrishankar Muthukrishnan, dev
26/09/2023 07:58, Tejasree Kondoj:
> From: Anoob Joseph <anoobj@marvell.com>
>
> Add crypto RAW API support in cnxk PMD
> Enable the flag to allow execution of raw test suite.
>
> Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> ---
> doc/guides/cryptodevs/features/cn10k.ini | 1 +
> drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 459 ++++++++++++++++++++++
> drivers/crypto/cnxk/cnxk_cryptodev.c | 20 +-
> drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 1 +
> drivers/crypto/cnxk/cnxk_se.h | 293 ++++++++++++++
> 5 files changed, 761 insertions(+), 13 deletions(-)
This patch does not compile on RISC-V:
drivers/crypto/cnxk/cnxk_se.h:499:25: error: argument 2 null where non-null expected
^ permalink raw reply [flat|nested] 20+ messages in thread
* RE: [EXT] Re: [PATCH v2 13/15] crypto/cnxk: add support for raw APIs
2023-10-10 19:36 ` Thomas Monjalon
@ 2023-10-11 7:23 ` Tejasree Kondoj
0 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-10-11 7:23 UTC (permalink / raw)
To: Thomas Monjalon, Akhil Goyal, Anoob Joseph, Vidya Sagar Velumuri
Cc: dev, Aakash Sasidharan, Gowrishankar Muthukrishnan, dev
Hi Thomas,
Please find the fix at https://patchwork.dpdk.org/project/dpdk/patch/20231011071825.3416866-1-ktejasree@marvell.com/
Thanks
Tejasree
> -----Original Message-----
> From: Thomas Monjalon <thomas@monjalon.net>
> Sent: Wednesday, October 11, 2023 1:07 AM
> To: Akhil Goyal <gakhil@marvell.com>; Anoob Joseph
> <anoobj@marvell.com>; Vidya Sagar Velumuri <vvelumuri@marvell.com>;
> Tejasree Kondoj <ktejasree@marvell.com>
> Cc: dev@dpdk.org; Aakash Sasidharan <asasidharan@marvell.com>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>;
> dev@dpdk.org
> Subject: [EXT] Re: [PATCH v2 13/15] crypto/cnxk: add support for raw APIs
>
> External Email
>
> ----------------------------------------------------------------------
> 26/09/2023 07:58, Tejasree Kondoj:
> > From: Anoob Joseph <anoobj@marvell.com>
> >
> > Add crypto RAW API support in cnxk PMD Enable the flag to allow
> > execution of raw test suite.
> >
> > Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
> > Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> > ---
> > doc/guides/cryptodevs/features/cn10k.ini | 1 +
> > drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 459
> ++++++++++++++++++++++
> > drivers/crypto/cnxk/cnxk_cryptodev.c | 20 +-
> > drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 1 +
> > drivers/crypto/cnxk/cnxk_se.h | 293 ++++++++++++++
> > 5 files changed, 761 insertions(+), 13 deletions(-)
>
> This patch does not compile on RISC-V:
> drivers/crypto/cnxk/cnxk_se.h:499:25: error: argument 2 null where non-null
> expected
>
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 14/15] crypto/cnxk: update the iv from proper param for gmac
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (12 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 13/15] crypto/cnxk: add support for raw APIs Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 5:58 ` [PATCH v2 15/15] test/crypto: enable raw crypto tests for crypto_cn10k Tejasree Kondoj
` (2 subsequent siblings)
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal
Cc: Vidya Sagar Velumuri, Anoob Joseph, Aakash Sasidharan,
Gowrishankar Muthukrishnan, dev
From: Vidya Sagar Velumuri <vvelumuri@marvell.com>
In raw crypto, aad and auth iv are provided in same param.
Update the auth_iv from proper param in case of GMAC.
Skip the raw for SM ciphers and auths
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 6 +++---
drivers/crypto/cnxk/cnxk_se.h | 21 +++++++++++++++------
2 files changed, 18 insertions(+), 9 deletions(-)
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 4b0becce0e..5f181e8839 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -1485,7 +1485,8 @@ cn10k_sym_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
if ((sess->dp_thr_type == CPT_DP_THREAD_TYPE_PDCP) ||
(sess->dp_thr_type == CPT_DP_THREAD_TYPE_PDCP_CHAIN) ||
- (sess->dp_thr_type == CPT_DP_THREAD_TYPE_KASUMI))
+ (sess->dp_thr_type == CPT_DP_THREAD_TYPE_KASUMI) ||
+ (sess->dp_thr_type == CPT_DP_THREAD_TYPE_SM))
return -ENOTSUP;
if ((sess->dp_thr_type == CPT_DP_THREAD_AUTH_ONLY) &&
@@ -1493,8 +1494,7 @@ cn10k_sym_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
(sess->roc_se_ctx.fc_type == ROC_SE_PDCP)))
return -ENOTSUP;
- if ((sess->roc_se_ctx.hash_type == ROC_SE_GMAC_TYPE) ||
- (sess->roc_se_ctx.hash_type == ROC_SE_SHA1_TYPE))
+ if (sess->roc_se_ctx.hash_type == ROC_SE_SHA1_TYPE)
return -ENOTSUP;
dp_ctx = (struct cnxk_sym_dp_ctx *)raw_dp_ctx->drv_ctx_data;
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index f05c5078d6..5d138163f0 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -3499,14 +3499,23 @@ fill_raw_fc_params(struct cnxk_iov *iov, struct cnxk_se_sess *sess, struct cpt_q
fc_params.mac_buf.vaddr = 0;
fc_params.iv_buf = NULL;
- if (likely(is_kasumi || sess->iv_length)) {
+ if (likely(sess->iv_length)) {
flags |= ROC_SE_VALID_IV_BUF;
- fc_params.iv_buf = iov->iv_buf;
- if (sess->short_iv) {
- memcpy((uint8_t *)iv_buf, iov->iv_buf, 12);
- iv_buf[3] = rte_cpu_to_be_32(0x1);
- fc_params.iv_buf = iv_buf;
+ if (sess->is_gmac) {
+ fc_params.iv_buf = iov->aad_buf;
+ if (sess->short_iv) {
+ memcpy((void *)iv_buf, iov->aad_buf, 12);
+ iv_buf[3] = rte_cpu_to_be_32(0x1);
+ fc_params.iv_buf = iv_buf;
+ }
+ } else {
+ fc_params.iv_buf = iov->iv_buf;
+ if (sess->short_iv) {
+ memcpy((void *)iv_buf, iov->iv_buf, 12);
+ iv_buf[3] = rte_cpu_to_be_32(0x1);
+ fc_params.iv_buf = iv_buf;
+ }
}
if (sess->aes_ccm) {
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH v2 15/15] test/crypto: enable raw crypto tests for crypto_cn10k
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (13 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 14/15] crypto/cnxk: update the iv from proper param for gmac Tejasree Kondoj
@ 2023-09-26 5:58 ` Tejasree Kondoj
2023-09-26 8:55 ` [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Anoob Joseph
2023-09-26 14:28 ` Akhil Goyal
16 siblings, 0 replies; 20+ messages in thread
From: Tejasree Kondoj @ 2023-09-26 5:58 UTC (permalink / raw)
To: Akhil Goyal, Fan Zhang, Ciara Power
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
From: Anoob Joseph <anoobj@marvell.com>
Enable raw crypto tests with crypto_cn10k.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
app/test/test_cryptodev.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 3a51a5d00f..3f1172e191 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -17721,6 +17721,12 @@ test_cryptodev_cn10k(void)
return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_CN10K_PMD));
}
+static int
+test_cryptodev_cn10k_raw_api(void)
+{
+ return run_cryptodev_raw_testsuite(RTE_STR(CRYPTODEV_NAME_CN10K_PMD));
+}
+
static int
test_cryptodev_dpaa2_sec_raw_api(void)
{
@@ -17733,6 +17739,8 @@ test_cryptodev_dpaa_sec_raw_api(void)
return run_cryptodev_raw_testsuite(RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
}
+REGISTER_TEST_COMMAND(cryptodev_cn10k_raw_api_autotest,
+ test_cryptodev_cn10k_raw_api);
REGISTER_TEST_COMMAND(cryptodev_dpaa2_sec_raw_api_autotest,
test_cryptodev_dpaa2_sec_raw_api);
REGISTER_TEST_COMMAND(cryptodev_dpaa_sec_raw_api_autotest,
--
2.25.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* RE: [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (14 preceding siblings ...)
2023-09-26 5:58 ` [PATCH v2 15/15] test/crypto: enable raw crypto tests for crypto_cn10k Tejasree Kondoj
@ 2023-09-26 8:55 ` Anoob Joseph
2023-09-26 14:28 ` Akhil Goyal
16 siblings, 0 replies; 20+ messages in thread
From: Anoob Joseph @ 2023-09-26 8:55 UTC (permalink / raw)
To: Tejasree Kondoj, Akhil Goyal
Cc: Aakash Sasidharan, Gowrishankar Muthukrishnan, Vidya Sagar Velumuri, dev
>
> This series adds improvements and support for raw cryptodev API in cnxk
> crypto PMD.
>
> v2:
> * Updated feature file for cn10k
> * Updated commit message
>
> Aakash Sasidharan (1):
> crypto/cnxk: add support for packets with cipher len zero
>
> Anoob Joseph (4):
> crypto/cnxk: clear rptr and dptr fields
> common/cnxk: set cipher key only for non-null cipher
> crypto/cnxk: add support for raw APIs
> test/crypto: enable raw crypto tests for crypto_cn10k
>
> Gowrishankar Muthukrishnan (1):
> crypto/cnxk: update private key length in ECDSA param
>
> Tejasree Kondoj (4):
> crypto/cnxk: fix IPsec CCM and GCM capabilities
> crypto/cnxk: remove pdcp chain bit from capabilities
> crypto/cnxk: make IV pointers as constant
> crypto/cnxk: set PDCP chain IV offset based on FVC
>
> Vidya Sagar Velumuri (5):
> common/cnxk: update SE context fields to match ucode spec
> crypto/cnxk: check for sg version in SE engine capabilities
> crypto/cnxk: fix control flow issues
> crypto/cnxk: minor shuffling in the sess structure
> crypto/cnxk: update the iv from proper param for gmac
>
> app/test/test_cryptodev.c | 8 +
> doc/guides/cryptodevs/features/cn10k.ini | 1 +
> drivers/common/cnxk/hw/cpt.h | 7 +-
> drivers/common/cnxk/roc_se.c | 11 +-
> drivers/common/cnxk/roc_se.h | 15 +-
> drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 461 +++++++++++++++
> drivers/crypto/cnxk/cnxk_ae.h | 4 +-
> drivers/crypto/cnxk/cnxk_cryptodev.c | 20 +-
> .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 10 +-
> drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 13 +-
> drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 6 +-
> drivers/crypto/cnxk/cnxk_se.h | 527 ++++++++++++++----
> 12 files changed, 937 insertions(+), 146 deletions(-)
>
> --
> 2.25.1
Series Acked-by: Anoob Joseph <anoobj@marvell.com>
^ permalink raw reply [flat|nested] 20+ messages in thread
* RE: [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD
2023-09-26 5:58 [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Tejasree Kondoj
` (15 preceding siblings ...)
2023-09-26 8:55 ` [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD Anoob Joseph
@ 2023-09-26 14:28 ` Akhil Goyal
16 siblings, 0 replies; 20+ messages in thread
From: Akhil Goyal @ 2023-09-26 14:28 UTC (permalink / raw)
To: Tejasree Kondoj
Cc: Anoob Joseph, Aakash Sasidharan, Gowrishankar Muthukrishnan,
Vidya Sagar Velumuri, dev
> Subject: [PATCH v2 00/15] fixes and improvements to cnxk crypto PMD
>
> This series adds improvements and support for raw
> cryptodev API in cnxk crypto PMD.
>
> v2:
> * Updated feature file for cn10k
> * Updated commit message
>
> Aakash Sasidharan (1):
> crypto/cnxk: add support for packets with cipher len zero
>
> Anoob Joseph (4):
> crypto/cnxk: clear rptr and dptr fields
> common/cnxk: set cipher key only for non-null cipher
> crypto/cnxk: add support for raw APIs
> test/crypto: enable raw crypto tests for crypto_cn10k
>
> Gowrishankar Muthukrishnan (1):
> crypto/cnxk: update private key length in ECDSA param
>
> Tejasree Kondoj (4):
> crypto/cnxk: fix IPsec CCM and GCM capabilities
> crypto/cnxk: remove pdcp chain bit from capabilities
> crypto/cnxk: make IV pointers as constant
> crypto/cnxk: set PDCP chain IV offset based on FVC
>
> Vidya Sagar Velumuri (5):
> common/cnxk: update SE context fields to match ucode spec
> crypto/cnxk: check for sg version in SE engine capabilities
> crypto/cnxk: fix control flow issues
> crypto/cnxk: minor shuffling in the sess structure
> crypto/cnxk: update the iv from proper param for gmac
>
> app/test/test_cryptodev.c | 8 +
> doc/guides/cryptodevs/features/cn10k.ini | 1 +
> drivers/common/cnxk/hw/cpt.h | 7 +-
> drivers/common/cnxk/roc_se.c | 11 +-
> drivers/common/cnxk/roc_se.h | 15 +-
> drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 461 +++++++++++++++
> drivers/crypto/cnxk/cnxk_ae.h | 4 +-
> drivers/crypto/cnxk/cnxk_cryptodev.c | 20 +-
> .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 10 +-
> drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 13 +-
> drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 6 +-
> drivers/crypto/cnxk/cnxk_se.h | 527 ++++++++++++++----
> 12 files changed, 937 insertions(+), 146 deletions(-)
>
Series applied to dpdk-next-crypto
Updated title and description of some of the patches. Please review.
Thanks.
^ permalink raw reply [flat|nested] 20+ messages in thread