From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 2199BA0547;
	Thu, 28 Oct 2021 18:52:54 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id BFEC54111E;
	Thu, 28 Oct 2021 18:52:46 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 03E91410F7
 for <dev@dpdk.org>; Thu, 28 Oct 2021 18:52:44 +0200 (CEST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 19SA5XK2022095
 for <dev@dpdk.org>; Thu, 28 Oct 2021 09:52:44 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=wimWGlY6plyEp6MjA95wzVfW4xI0xJ6ka4rWlFIMUjo=;
 b=PKMokSy0qnGxX5ruNOqA/g4cuCGMnDPzL8YKshMWE6CvxPoAlANINo7LSsWUFB1mz8rz
 IkSDRQYy5SY2YgLCyfjsWSEoXTJcyk1pmZYQxl+ZVQwg+kmKjtseFHmY1mAeSA2iI7CC
 0FrJLFIvpX/koyC+kmE5bESHX//oES4bODJV25pkI0kEvKSWp9TB30PUuBhduizxr1+4
 IIiO353CfPH3RCbw6mU84xF0VOAxa2YUpD5rhgZw+3zBBDQ9sGhCLKKOWP92goP/Ucls
 S9ulI3sMDx0E9P5zOK7GQoFaX+5Zsfgt8Av15fy9Emy+AYVBQPIJ0+U53IrpNZFlCKOm 9g== 
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0b-0016f401.pphosted.com with ESMTP id 3byd2fcpx2-2
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Thu, 28 Oct 2021 09:52:44 -0700
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Thu, 28 Oct 2021 09:52:42 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Thu, 28 Oct 2021 09:52:42 -0700
Received: from hyd1409.caveonetworks.com.com (unknown [10.29.45.15])
 by maili.marvell.com (Postfix) with ESMTP id DDB903F705F;
 Thu, 28 Oct 2021 09:52:40 -0700 (PDT)
From: Archana Muniganti <marchana@marvell.com>
To: <gakhil@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, <ktejasree@marvell.com>,
 <adwivedi@marvell.com>, <dev@dpdk.org>
Date: Thu, 28 Oct 2021 22:22:24 +0530
Message-ID: <20211028165228.14603-3-marchana@marvell.com>
X-Mailer: git-send-email 2.22.0
In-Reply-To: <20211028165228.14603-1-marchana@marvell.com>
References: <20211028165228.14603-1-marchana@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: Keg8Ou6YmiU2dgaJqFCgrl76FLwI8GZE
X-Proofpoint-GUID: Keg8Ou6YmiU2dgaJqFCgrl76FLwI8GZE
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475
 definitions=2021-10-28_04,2021-10-26_01,2020-04-07_01
Subject: [dpdk-dev] [PATCH 2/6] crypto/cnxk: add null auth
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Anoob Joseph <anoobj@marvell.com>

Add null auth support with lookaside IPsec on cn10k crypto PMDs.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 doc/guides/cryptodevs/cnxk.rst                |  1 +
 doc/guides/rel_notes/release_21_11.rst        |  1 +
 drivers/crypto/cnxk/cn9k_ipsec.c              |  6 +++--
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 24 +++++++++++++++++++
 drivers/crypto/cnxk/cnxk_ipsec.h              |  3 +++
 5 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index b5b6645008..709da56ca8 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -258,4 +258,5 @@ CN10XX Features supported
 * Transport mode
 * UDP Encapsulation
 * AES-128/192/256-GCM
+* AES-128/192/256-CBC-NULL
 * AES-128/192/256-CBC-SHA1-HMAC
diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 2df443e39f..6cc7b2579e 100644
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -212,6 +212,7 @@ New Features
   * Added support for ZUC algorithm with 256-bit key length for CN10K.
   * Added support for CN98xx dual block.
   * Added inner checksum support in lookaside protocol (IPsec) for CN10K.
+  * Added AES-CBC NULL auth support in lookaside protocol (IPsec) for CN10K.
 
 * **Added support for event crypto adapter on Marvell CN10K and CN9K.**
 
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 53fb793654..a43864df0d 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -316,7 +316,8 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 	if (ret)
 		return ret;
 
-	if (ctl->enc_type == ROC_IE_ON_SA_ENC_AES_GCM) {
+	if (ctl->enc_type == ROC_IE_ON_SA_ENC_AES_GCM ||
+	    ctl->auth_type == ROC_IE_ON_SA_AUTH_NULL) {
 		template = &out_sa->aes_gcm.template;
 		ctx_len = offsetof(struct roc_ie_on_outb_sa, aes_gcm.template);
 	} else if (ctl->auth_type == ROC_IE_ON_SA_AUTH_SHA1) {
@@ -449,7 +450,8 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 	if (ret)
 		return ret;
 
-	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD ||
+	    auth_xform->auth.algo == RTE_CRYPTO_AUTH_NULL) {
 		ctx_len = offsetof(struct roc_ie_on_inb_sa,
 				   sha1_or_gcm.hmac_key[0]);
 	} else {
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index a53b489a04..19d75a63c6 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -930,6 +930,27 @@ sec_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], int *cur_pos,
 	*cur_pos += nb_caps;
 }
 
+static void
+cn10k_sec_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[],
+			     int *cur_pos)
+{
+	const struct rte_cryptodev_capabilities *cap;
+	unsigned int i;
+
+	if ((CNXK_CPT_MAX_CAPS - *cur_pos) < 1)
+		return;
+
+	/* NULL auth */
+	for (i = 0; i < RTE_DIM(caps_null); i++) {
+		cap = &caps_null[i];
+		if (cap->sym.xform_type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    cap->sym.auth.algo == RTE_CRYPTO_AUTH_NULL) {
+			cnxk_caps[*cur_pos] = caps_null[i];
+			*cur_pos += 1;
+		}
+	}
+}
+
 static void
 sec_crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[],
 			 union cpt_eng_caps *hw_caps)
@@ -939,6 +960,9 @@ sec_crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[],
 	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);
 	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);
 
+	if (roc_model_is_cn10k())
+		cn10k_sec_crypto_caps_update(cnxk_caps, &cur_pos);
+
 	sec_caps_add(cnxk_caps, &cur_pos, caps_end, RTE_DIM(caps_end));
 }
 
diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h
index ff396179ca..dddb414793 100644
--- a/drivers/crypto/cnxk/cnxk_ipsec.h
+++ b/drivers/crypto/cnxk/cnxk_ipsec.h
@@ -40,6 +40,9 @@ ipsec_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 {
 	uint16_t keylen = crypto_xform->auth.key.length;
 
+	if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
+		return 0;
+
 	if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
 		if (keylen >= 20 && keylen <= 64)
 			return 0;
-- 
2.22.0