From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70082.outbound.protection.outlook.com [40.107.7.82]) by dpdk.org (Postfix) with ESMTP id D9A7A548B for ; Tue, 16 Oct 2018 12:39:13 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XONOKgx2DqsFAH5qH9dJ0bVE7MzKNTWDnSyOGQ8hgEI=; b=E3XzhzMte/XCrp3FillIcsBvgpmJ/J0zwPTWzPKtcrbj6mF3GBzzPRpjAuYCeY/wdjReWUUkd8l2AyH38NfzNefbDDD6rcL0AkLQf8cxB792jrjUCKqKUNoGLgGxc4YrbJCl0WYmL7sXXUQL3F2ZnnIaWpb0+UyT9Pk9LyYzuJM= Received: from VI1PR04MB4893.eurprd04.prod.outlook.com (20.177.49.154) by VI1PR04MB3231.eurprd04.prod.outlook.com (10.170.227.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1228.31; Tue, 16 Oct 2018 10:39:12 +0000 Received: from VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::cc19:b6c6:27db:3fec]) by VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::cc19:b6c6:27db:3fec%3]) with mapi id 15.20.1228.027; Tue, 16 Oct 2018 10:39:12 +0000 From: Akhil Goyal To: "dev@dpdk.org" CC: "pablo.de.lara.guarch@intel.com" , "radu.nicolau@intel.com" , "jerin.jacob@caviumnetworks.com" , "narayanaprasad.athreya@caviumnetworks.com" , "Shally.Verma@caviumnetworks.com" , "Anoob.Joseph@caviumnetworks.com" , "Vidya.Velumuri@caviumnetworks.com" , Hemant Agrawal , Akhil Goyal Thread-Topic: [PATCH v5 3/3] crypto/dpaa2_sec: support pdcp offload Thread-Index: AQHUZTx6lO7HDUOT0kqLcL70gdxmOw== Date: Tue, 16 Oct 2018 10:39:12 +0000 Message-ID: <20181016103352.2678-4-akhil.goyal@nxp.com> References: <20181015124858.5562-1-akhil.goyal@nxp.com> <20181016103352.2678-1-akhil.goyal@nxp.com> In-Reply-To: <20181016103352.2678-1-akhil.goyal@nxp.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: TYAPR01CA0026.jpnprd01.prod.outlook.com (2603:1096:404:28::14) To VI1PR04MB4893.eurprd04.prod.outlook.com (2603:10a6:803:56::26) authentication-results: spf=none (sender IP is ) smtp.mailfrom=akhil.goyal@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [14.143.30.134] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; VI1PR04MB3231; 6:549yu5BfDK8KcVKuwOCnegdZIDbcvUrxHlnfr2aF3h4o+CpdnuZhHOf/aNii8DA8yq8KQWnXXtqXJ0ZUOOUTNn69aHGw22AqpCPlpBq+nc8VRigpWVX0/P8iENV/5Z33mSYI9fH83poNXzz1p9eslEzZk+K9lRNv/hAZOjhqqynRz3oRfLLh9XZ42B7sOg10/LN9C1+cI/n98/L28arLHARX+EWOaKyxZ8sWYIN0K6eml5Pp0ezUJac8w8KB4hARPFQgI2h4hML+6qwoaQ7UmC6CFqO3BoWUhP7h1SVaRbbGM8B1VronV+ZTsoTl7Zi3XNVlOcQS3HhWLJjxnKe7owhaAfyHY/OBgrBpc2R+MfTpnwwMzm0s9SR79X88CbZLiQc5+9E/GDLGTxWCgjN8ik0ZaHmP49ZGiuEx2Uv0lsdJ5Uep/4IplAvrchEvRzuQaPMon4Dg2bNAHRyMI1FC0w==; 5:ycmt9+NWD4zn9W7Ha0YPqzJpiY3r32YkyaBLNdhKgxjZy37AND/se5y0LSQA3sm0pNYYXCBZL7/ij58ChQmqsG3/e9gQldHw2ckap3dvPvsO220HZ46vixtISdBHoPWCG7N9EAWoiQYYaMicHVc86zKEtdHzUZJ5tyUc2+gqHvE=; 7:R2QuwP9mNXFxgj8VGUcCxA1EQYd+NnpFEDgRP1zBQPhIMu6b9uia0ldjNejcs7AJcU2bNPvs5oOztPiaqC5oS8N1hG5bDg6Z06ry/brWXXWobJ3VO50I+acj0djyGJ3MEMZlBOaaYOA2ghAuV9UPjIM6GtcGFzdF99cdIpLTpKnPnX6U1s5Wi9EIFU7UcVYPYT0vA/vkx5Hfx4wRnSetui99UDXJpdrlIz86o3FXr2U39IgZCMKcPFxo9MP5jgte x-ms-office365-filtering-correlation-id: cf55e0bb-eb2a-476f-ce7d-08d633539c51 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:VI1PR04MB3231; x-ms-traffictypediagnostic: VI1PR04MB3231: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(269456686620040)(163750095850)(185117386973197); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231355)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(149066)(150057)(6041310)(20161123560045)(20161123558120)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051); SRVR:VI1PR04MB3231; BCL:0; PCL:0; RULEID:; SRVR:VI1PR04MB3231; x-forefront-prvs: 0827D7ACB9 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39860400002)(396003)(346002)(366004)(376002)(189003)(199004)(1076002)(53936002)(6512007)(14444005)(256004)(6916009)(3846002)(86362001)(44832011)(97736004)(5640700003)(476003)(68736007)(6436002)(4744004)(55236004)(66066001)(6116002)(76176011)(2900100001)(36756003)(6506007)(6486002)(386003)(71200400001)(71190400001)(105586002)(2351001)(5250100002)(106356001)(99286004)(102836004)(8936002)(1730700003)(8676002)(2906002)(305945005)(478600001)(25786009)(81166006)(446003)(4326008)(81156014)(7736002)(316002)(54906003)(14454004)(2501003)(2616005)(486006)(186003)(11346002)(52116002)(26005)(5660300001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR04MB3231; H:VI1PR04MB4893.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: I7da8VP9z5aIh5koVKminZCUBEIDh0zZTq8fcJEQvFo4zEX2u8IAStlAgP9538XJBu+zL3P6e+xXtJmeJCBXd/zja4vuZVLTwxbA8z75FF/YkuFwrLGXbeMUxANAbdUM2Xq8YGM7EjJeChENPakr3rP3fMCizWENRVf9tvZk69SdLTQ1TzW8Ta45lVJqdOYUd5DwQrpbzkPeP+F/ha9DythFBuxIYuhsIc/dRz9p4RSPI6gTpHbKk40Pfta7cjYp5e0cWvuzAyoW4vgYOaqLSCjbvVwyQ3a8oT5IvwO+7gQnlmHLWoKZOP2Dv86ZU5v9QJBq13hHF5sigsokGcWBPXKW5eAk2NZZmFT04SLa8hc= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: cf55e0bb-eb2a-476f-ce7d-08d633539c51 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Oct 2018 10:39:12.1786 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB3231 Subject: [dpdk-dev] [PATCH v5 3/3] crypto/dpaa2_sec: support pdcp offload X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Oct 2018 10:39:14 -0000 From: Akhil Goyal PDCP session configuration for lookaside protocol offload and data path is added. Signed-off-by: Hemant Agrawal Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 257 ++++++++++++++++++++ drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 208 +++++++++++++++- 2 files changed, 457 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/d= paa2_sec/dpaa2_sec_dpseci.c index 0336d5f4b..fe769a932 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -35,6 +35,7 @@ typedef uint64_t dma_addr_t; =20 /* RTA header files */ #include +#include #include =20 /* Minimum job descriptor consists of a oneword job descriptor HEADER and @@ -74,6 +75,9 @@ build_proto_compound_fd(dpaa2_sec_session *sess, struct rte_mbuf *dst_mbuf =3D sym_op->m_dst; int retval; =20 + if (!dst_mbuf) + dst_mbuf =3D src_mbuf; + /* Save the shared descriptor */ flc =3D &priv->flc_desc[0].flc; =20 @@ -118,6 +122,15 @@ build_proto_compound_fd(dpaa2_sec_session *sess, DPAA2_SET_FD_LEN(fd, ip_fle->length); DPAA2_SET_FLE_FIN(ip_fle); =20 +#ifdef ENABLE_HFN_OVERRIDE + if (sess->ctxt_type =3D=3D DPAA2_SEC_PDCP && sess->pdcp.hfn_ovd) { + /*enable HFN override override */ + DPAA2_SET_FLE_INTERNAL_JD(ip_fle, sess->pdcp.hfn_ovd); + DPAA2_SET_FLE_INTERNAL_JD(op_fle, sess->pdcp.hfn_ovd); + DPAA2_SET_FD_INTERNAL_JD(fd, sess->pdcp.hfn_ovd); + } +#endif + return 0; =20 } @@ -1188,6 +1201,9 @@ build_sec_fd(struct rte_crypto_op *op, case DPAA2_SEC_IPSEC: ret =3D build_proto_fd(sess, op, fd, bpid); break; + case DPAA2_SEC_PDCP: + ret =3D build_proto_compound_fd(sess, op, fd, bpid); + break; case DPAA2_SEC_HASH_CIPHER: default: DPAA2_SEC_ERR("error: Unsupported session"); @@ -2551,6 +2567,243 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *d= ev, return ret; } =20 +static int +dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, + struct rte_security_session_conf *conf, + void *sess) +{ + struct rte_security_pdcp_xform *pdcp_xform =3D &conf->pdcp; + struct rte_crypto_sym_xform *xform =3D conf->crypto_xform; + struct rte_crypto_auth_xform *auth_xform =3D NULL; + struct rte_crypto_cipher_xform *cipher_xform; + dpaa2_sec_session *session =3D (dpaa2_sec_session *)sess; + struct ctxt_priv *priv; + struct dpaa2_sec_dev_private *dev_priv =3D dev->data->dev_private; + struct alginfo authdata, cipherdata; + int bufsize =3D -1; + struct sec_flow_context *flc; +#if RTE_BYTE_ORDER =3D=3D RTE_BIG_ENDIAN + int swap =3D true; +#else + int swap =3D false; +#endif + + PMD_INIT_FUNC_TRACE(); + + memset(session, 0, sizeof(dpaa2_sec_session)); + + priv =3D (struct ctxt_priv *)rte_zmalloc(NULL, + sizeof(struct ctxt_priv) + + sizeof(struct sec_flc_desc), + RTE_CACHE_LINE_SIZE); + + if (priv =3D=3D NULL) { + DPAA2_SEC_ERR("No memory for priv CTXT"); + return -ENOMEM; + } + + priv->fle_pool =3D dev_priv->fle_pool; + flc =3D &priv->flc_desc[0].flc; + + /* find xfrm types */ + if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next =3D=3D = NULL) { + cipher_xform =3D &xform->cipher; + } else if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER && + xform->next->type =3D=3D RTE_CRYPTO_SYM_XFORM_AUTH) { + session->ext_params.aead_ctxt.auth_cipher_text =3D true; + cipher_xform =3D &xform->cipher; + auth_xform =3D &xform->next->auth; + } else if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_AUTH && + xform->next->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER) { + session->ext_params.aead_ctxt.auth_cipher_text =3D false; + cipher_xform =3D &xform->next->cipher; + auth_xform =3D &xform->auth; + } else { + DPAA2_SEC_ERR("Invalid crypto type"); + return -EINVAL; + } + + session->ctxt_type =3D DPAA2_SEC_PDCP; + if (cipher_xform) { + session->cipher_key.data =3D rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data =3D=3D NULL && + cipher_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for cipher key"); + rte_free(priv); + return -ENOMEM; + } + session->cipher_key.length =3D cipher_xform->key.length; + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + session->dir =3D (cipher_xform->op =3D=3D RTE_CRYPTO_CIPHER_OP_ENCRYPT) = ? + DIR_ENC : DIR_DEC; + session->cipher_alg =3D cipher_xform->algo; + } else { + session->cipher_key.data =3D NULL; + session->cipher_key.length =3D 0; + session->cipher_alg =3D RTE_CRYPTO_CIPHER_NULL; + session->dir =3D DIR_ENC; + } + + session->pdcp.domain =3D pdcp_xform->domain; + session->pdcp.bearer =3D pdcp_xform->bearer; + session->pdcp.pkt_dir =3D pdcp_xform->pkt_dir; + session->pdcp.sn_size =3D pdcp_xform->sn_size; +#ifdef ENABLE_HFN_OVERRIDE + session->pdcp.hfn_ovd =3D pdcp_xform->hfn_ovd; +#endif + session->pdcp.hfn =3D pdcp_xform->hfn; + session->pdcp.hfn_threshold =3D pdcp_xform->hfn_threshold; + + cipherdata.key =3D (size_t)session->cipher_key.data; + cipherdata.keylen =3D session->cipher_key.length; + cipherdata.key_enc_flags =3D 0; + cipherdata.key_type =3D RTA_DATA_IMM; + + switch (session->cipher_alg) { + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_SNOW; + break; + case RTE_CRYPTO_CIPHER_ZUC_EEA3: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_ZUC; + break; + case RTE_CRYPTO_CIPHER_AES_CTR: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_AES; + break; + case RTE_CRYPTO_CIPHER_NULL: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_NULL; + break; + default: + DPAA2_SEC_ERR("Crypto: Undefined Cipher specified %u", + session->cipher_alg); + goto out; + } + + /* Auth is only applicable for control mode operation. */ + if (pdcp_xform->domain =3D=3D RTE_SECURITY_PDCP_MODE_CONTROL) { + if (pdcp_xform->sn_size !=3D RTE_SECURITY_PDCP_SN_SIZE_5) { + DPAA2_SEC_ERR( + "PDCP Seq Num size should be 5 bits for cmode"); + goto out; + } + if (auth_xform) { + session->auth_key.data =3D rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data =3D=3D NULL && + auth_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + rte_free(priv); + return -ENOMEM; + } + session->auth_key.length =3D auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg =3D auth_xform->algo; + } else { + session->auth_key.data =3D NULL; + session->auth_key.length =3D 0; + session->auth_alg =3D RTE_CRYPTO_AUTH_NULL; + } + authdata.key =3D (size_t)session->auth_key.data; + authdata.keylen =3D session->auth_key.length; + authdata.key_enc_flags =3D 0; + authdata.key_type =3D RTA_DATA_IMM; + + switch (session->auth_alg) { + case RTE_CRYPTO_AUTH_SNOW3G_UIA2: + authdata.algtype =3D PDCP_AUTH_TYPE_SNOW; + break; + case RTE_CRYPTO_AUTH_ZUC_EIA3: + authdata.algtype =3D PDCP_AUTH_TYPE_ZUC; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: + authdata.algtype =3D PDCP_AUTH_TYPE_AES; + break; + case RTE_CRYPTO_AUTH_NULL: + authdata.algtype =3D PDCP_AUTH_TYPE_NULL; + break; + default: + DPAA2_SEC_ERR("Crypto: Unsupported auth alg %u", + session->auth_alg); + goto out; + } + + if (session->dir =3D=3D DIR_ENC) + bufsize =3D cnstr_shdsc_pdcp_c_plane_encap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, &authdata, + 0); + else if (session->dir =3D=3D DIR_DEC) + bufsize =3D cnstr_shdsc_pdcp_c_plane_decap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, &authdata, + 0); + } else { + if (session->dir =3D=3D DIR_ENC) + bufsize =3D cnstr_shdsc_pdcp_u_plane_encap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->sn_size, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, 0); + else if (session->dir =3D=3D DIR_DEC) + bufsize =3D cnstr_shdsc_pdcp_u_plane_decap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->sn_size, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, 0); + } + + if (bufsize < 0) { + DPAA2_SEC_ERR("Crypto: Invalid buffer length"); + goto out; + } + + /* Enable the stashing control bit */ + DPAA2_SET_FLC_RSC(flc); + flc->word2_rflc_31_0 =3D lower_32_bits( + (size_t)&(((struct dpaa2_sec_qp *) + dev->data->queue_pairs[0])->rx_vq) | 0x14); + flc->word3_rflc_63_32 =3D upper_32_bits( + (size_t)&(((struct dpaa2_sec_qp *) + dev->data->queue_pairs[0])->rx_vq)); + + flc->word1_sdl =3D (uint8_t)bufsize; + + /* Set EWS bit i.e. enable write-safe */ + DPAA2_SET_FLC_EWS(flc); + /* Set BS =3D 1 i.e reuse input buffers as output buffers */ + DPAA2_SET_FLC_REUSE_BS(flc); + /* Set FF =3D 10; reuse input buffers if they provide sufficient space */ + DPAA2_SET_FLC_REUSE_FF(flc); + + session->ctxt =3D priv; + + return 0; +out: + rte_free(session->auth_key.data); + rte_free(session->cipher_key.data); + rte_free(priv); + return -1; +} + static int dpaa2_sec_security_session_create(void *dev, struct rte_security_session_conf *conf, @@ -2573,6 +2826,10 @@ dpaa2_sec_security_session_create(void *dev, break; case RTE_SECURITY_PROTOCOL_MACSEC: return -ENOTSUP; + case RTE_SECURITY_PROTOCOL_PDCP: + ret =3D dpaa2_sec_set_pdcp_session(cdev, conf, + sess_private_data); + break; default: return -EINVAL; } diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpa= a2_sec/dpaa2_sec_priv.h index bce9633c0..51751103d 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h @@ -137,6 +137,19 @@ struct dpaa2_sec_aead_ctxt { uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */ }; =20 +/* + * The structure is to be filled by user for PDCP Protocol + */ +struct dpaa2_pdcp_ctxt { + enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/ + int8_t bearer; /*!< PDCP bearer ID */ + int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ + int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ + uint32_t hfn; /*!< Hyper Frame Number */ + uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ + uint8_t sn_size; /*!< Sequence number size, 7/12/15 */ +}; + typedef struct dpaa2_sec_session_entry { void *ctxt; uint8_t ctxt_type; @@ -160,15 +173,20 @@ typedef struct dpaa2_sec_session_entry { } auth_key; }; }; - struct { - uint16_t length; /**< IV length in bytes */ - uint16_t offset; /**< IV offset in bytes */ - } iv; - uint16_t digest_length; - uint8_t status; union { - struct dpaa2_sec_aead_ctxt aead_ctxt; - } ext_params; + struct { + struct { + uint16_t length; /**< IV length in bytes */ + uint16_t offset; /**< IV offset in bytes */ + } iv; + uint16_t digest_length; + uint8_t status; + union { + struct dpaa2_sec_aead_ctxt aead_ctxt; + } ext_params; + }; + struct dpaa2_pdcp_ctxt pdcp; + }; } dpaa2_sec_session; =20 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = =3D { @@ -392,6 +410,162 @@ static const struct rte_cryptodev_capabilities dpaa2_= sec_capabilities[] =3D { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; =20 +static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = =3D { + { /* SNOW 3G (UIA2) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_SNOW3G_UIA2, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 4, + .max =3D 4, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* SNOW 3G (UEA2) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* AES CTR */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_AES_CTR, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 32, + .increment =3D 8 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* NULL (AUTH) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_NULL, + .block_size =3D 1, + .key_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .iv_size =3D { 0 } + }, }, + }, }, + }, + { /* NULL (CIPHER) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_NULL, + .block_size =3D 1, + .key_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + } + }, }, + }, } + }, + { /* ZUC (EEA3) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_ZUC_EEA3, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* ZUC (EIA3) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_ZUC_EIA3, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 4, + .max =3D 4, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + static const struct rte_security_capability dpaa2_sec_security_cap[] =3D { { /* IPsec Lookaside Protocol offload ESP Transport Egress */ .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, @@ -415,6 +589,24 @@ static const struct rte_security_capability dpaa2_sec_= security_cap[] =3D { }, .crypto_capabilities =3D dpaa2_sec_capabilities }, + { /* PDCP Lookaside Protocol offload Data */ + .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol =3D RTE_SECURITY_PROTOCOL_PDCP, + .pdcp =3D { + .domain =3D RTE_SECURITY_PDCP_MODE_DATA, + .capa_flags =3D 0 + }, + .crypto_capabilities =3D dpaa2_pdcp_capabilities + }, + { /* PDCP Lookaside Protocol offload Control */ + .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol =3D RTE_SECURITY_PROTOCOL_PDCP, + .pdcp =3D { + .domain =3D RTE_SECURITY_PDCP_MODE_CONTROL, + .capa_flags =3D 0 + }, + .crypto_capabilities =3D dpaa2_pdcp_capabilities + }, { .action =3D RTE_SECURITY_ACTION_TYPE_NONE } --=20 2.17.1