From: Adam Dybkowski <adamx.dybkowski@intel.com>
To: dev@dpdk.org, fiona.trahe@intel.com, akhil.goyal@nxp.com,
arkadiuszx.kusztal@intel.com
Cc: Adam Dybkowski <adamx.dybkowski@intel.com>
Subject: [dpdk-dev] [PATCH 1/2] crypto/qat: handle mixed hash-cipher requests on GEN3 QAT
Date: Tue, 10 Dec 2019 17:24:26 +0100 [thread overview]
Message-ID: <20191210162427.3418-1-adamx.dybkowski@intel.com> (raw)
This patch implements handling mixed encrypted digest hash-cipher
requests (e.g. SNOW3G + ZUC or ZUC + AES CTR) possible when running
on GEN3 QAT. Such algorithm combinations are not supported on
GEN1/GEN2 hardware.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
---
doc/guides/cryptodevs/qat.rst | 24 ++++++++
drivers/common/qat/qat_adf/icp_qat_fw.h | 3 +
drivers/common/qat/qat_adf/icp_qat_fw_la.h | 2 +
drivers/crypto/qat/qat_sym_session.c | 72 ++++++++++++++++++++++
4 files changed, 101 insertions(+)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 6197875fe..9053ae9c0 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -72,6 +72,30 @@ Supported AEAD algorithms:
* ``RTE_CRYPTO_AEAD_AES_CCM``
+Supported Chains
+~~~~~~~~~~~~~~~~
+
+All the usual chains are supported and also some mixed chains:
+
+.. table:: Supported hash-cipher chains for wireless digest-encrypted cases
+
+ +------------------+-----------+-------------+----------+----------+
+ | Cipher algorithm | NULL AUTH | SNOW3G UIA2 | ZUC EIA3 | AES CMAC |
+ +==================+===========+=============+==========+==========+
+ | NULL CIPHER | Y | 3 | 3 | Y |
+ +------------------+-----------+-------------+----------+----------+
+ | SNOW3G UEA2 | 3 | Y | 3 | 3 |
+ +------------------+-----------+-------------+----------+----------+
+ | ZUC EEA3 | 3 | 3 | 2&3 | 3 |
+ +------------------+-----------+-------------+----------+----------+
+ | AES CTR | Y | 3 | 3 | Y |
+ +------------------+-----------+-------------+----------+----------+
+
+* The combinations marked as "Y" are supported on all QAT hardware versions.
+* The combinations marked as "2&3" are supported on GEN2/GEN3 QAT hardware only.
+* The combinations marked as "3" are supported on GEN3 QAT hardware only.
+
+
Limitations
~~~~~~~~~~~
diff --git a/drivers/common/qat/qat_adf/icp_qat_fw.h b/drivers/common/qat/qat_adf/icp_qat_fw.h
index 8f7cb37b4..1265c2a13 100644
--- a/drivers/common/qat/qat_adf/icp_qat_fw.h
+++ b/drivers/common/qat/qat_adf/icp_qat_fw.h
@@ -175,6 +175,9 @@ struct icp_qat_fw_comn_resp {
#define QAT_COMN_PTR_TYPE_SGL 0x1
#define QAT_COMN_CD_FLD_TYPE_64BIT_ADR 0x0
#define QAT_COMN_CD_FLD_TYPE_16BYTE_DATA 0x1
+#define QAT_COMN_EXT_FLAGS_BITPOS 8
+#define QAT_COMN_EXT_FLAGS_MASK 0x1
+#define QAT_COMN_EXT_FLAGS_USED 0x1
#define ICP_QAT_FW_COMN_FLAGS_BUILD(cdt, ptr) \
((((cdt) & QAT_COMN_CD_FLD_TYPE_MASK) << QAT_COMN_CD_FLD_TYPE_BITPOS) \
diff --git a/drivers/common/qat/qat_adf/icp_qat_fw_la.h b/drivers/common/qat/qat_adf/icp_qat_fw_la.h
index 38891eb1f..20eb145de 100644
--- a/drivers/common/qat/qat_adf/icp_qat_fw_la.h
+++ b/drivers/common/qat/qat_adf/icp_qat_fw_la.h
@@ -273,6 +273,8 @@ struct icp_qat_fw_cipher_auth_cd_ctrl_hdr {
#define ICP_QAT_FW_AUTH_HDR_FLAG_DO_NESTED 1
#define ICP_QAT_FW_AUTH_HDR_FLAG_NO_NESTED 0
+#define ICP_QAT_FW_AUTH_HDR_FLAG_SNOW3G_UIA2_BITPOS 3
+#define ICP_QAT_FW_AUTH_HDR_FLAG_ZUC_EIA3_BITPOS 4
#define ICP_QAT_FW_CCM_GCM_AAD_SZ_MAX 240
#define ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET 24
#define ICP_QAT_FW_CIPHER_REQUEST_PARAMETERS_OFFSET (0)
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 72290ba48..4359f2f0b 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -416,6 +416,74 @@ qat_sym_session_configure(struct rte_cryptodev *dev,
return 0;
}
+static void
+qat_sym_session_set_ext_hash_flags(struct qat_sym_session *session,
+ uint8_t hash_flag)
+{
+ struct icp_qat_fw_comn_req_hdr *header = &session->fw_req.comn_hdr;
+ struct icp_qat_fw_cipher_auth_cd_ctrl_hdr *cd_ctrl =
+ (struct icp_qat_fw_cipher_auth_cd_ctrl_hdr *)
+ session->fw_req.cd_ctrl.content_desc_ctrl_lw;
+
+ /* Set the Use Extended Protocol Flags bit in LW 1 */
+ QAT_FIELD_SET(header->comn_req_flags,
+ QAT_COMN_EXT_FLAGS_USED,
+ QAT_COMN_EXT_FLAGS_BITPOS,
+ QAT_COMN_EXT_FLAGS_MASK);
+
+ /* Set Hash Flags in LW 28 */
+ cd_ctrl->hash_flags |= hash_flag;
+
+ /* Set proto flags in LW 1 */
+ switch (session->qat_cipher_alg) {
+ case ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2:
+ ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags,
+ ICP_QAT_FW_LA_SNOW_3G_PROTO);
+ ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(
+ header->serv_specif_flags, 0);
+ break;
+ case ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3:
+ ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags,
+ ICP_QAT_FW_LA_NO_PROTO);
+ ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(
+ header->serv_specif_flags,
+ ICP_QAT_FW_LA_ZUC_3G_PROTO);
+ break;
+ default:
+ ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags,
+ ICP_QAT_FW_LA_NO_PROTO);
+ ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(
+ header->serv_specif_flags, 0);
+ break;
+ }
+}
+
+static void
+qat_sym_session_handle_mixed(struct qat_sym_session *session)
+{
+ if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3 &&
+ session->qat_cipher_alg !=
+ ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3) {
+ session->min_qat_dev_gen = QAT_GEN3;
+ qat_sym_session_set_ext_hash_flags(session,
+ 1 << ICP_QAT_FW_AUTH_HDR_FLAG_ZUC_EIA3_BITPOS);
+ } else if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 &&
+ session->qat_cipher_alg !=
+ ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2) {
+ session->min_qat_dev_gen = QAT_GEN3;
+ qat_sym_session_set_ext_hash_flags(session,
+ 1 << ICP_QAT_FW_AUTH_HDR_FLAG_SNOW3G_UIA2_BITPOS);
+ } else if ((session->aes_cmac ||
+ session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_NULL) &&
+ (session->qat_cipher_alg ==
+ ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 ||
+ session->qat_cipher_alg ==
+ ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3)) {
+ session->min_qat_dev_gen = QAT_GEN3;
+ qat_sym_session_set_ext_hash_flags(session, 0);
+ }
+}
+
int
qat_sym_session_set_parameters(struct rte_cryptodev *dev,
struct rte_crypto_sym_xform *xform, void *session_private)
@@ -463,6 +531,8 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev,
xform, session);
if (ret < 0)
return ret;
+ /* Special handling of mixed hash+cipher algorithms */
+ qat_sym_session_handle_mixed(session);
}
break;
case ICP_QAT_FW_LA_CMD_HASH_CIPHER:
@@ -480,6 +550,8 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev,
xform, session);
if (ret < 0)
return ret;
+ /* Special handling of mixed hash+cipher algorithms */
+ qat_sym_session_handle_mixed(session);
}
break;
case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM:
--
2.17.1
next reply other threads:[~2019-12-10 16:24 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-10 16:24 Adam Dybkowski [this message]
2019-12-10 16:24 ` [dpdk-dev] [PATCH 2/2] test/crypto: add more tests for mixed encypted-digest Adam Dybkowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191210162427.3418-1-adamx.dybkowski@intel.com \
--to=adamx.dybkowski@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).