DPDK patches and discussions
 help / color / mirror / Atom feed
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Thomas Monjalon <thomas@monjalon.net>
Cc: Archana Muniganti <marchana@marvell.com>,
	Jerin Jacob <jerinj@marvell.com>,
	Ankur Dwivedi <adwivedi@marvell.com>,
	Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>,
	Anoob Joseph <anoobj@marvell.com>
Subject: [dpdk-dev] [PATCH 14/20] crypto/cnxk: add flexi crypto cipher decrypt
Date: Wed, 2 Jun 2021 22:13:35 +0530	[thread overview]
Message-ID: <1622652221-22732-15-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1622652221-22732-1-git-send-email-anoobj@marvell.com>

From: Archana Muniganti <marchana@marvell.com>

Add flexi crypto cipher decrypt support in enqueue API. Flexi crypto
opcode covers a broad set of ciphers including variants of AES.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/crypto/cnxk/cnxk_se.h | 328 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 327 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 34ed75a..6b2e82d 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -789,6 +789,331 @@ cpt_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 }
 
 static __rte_always_inline int
+cpt_dec_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
+		  struct roc_se_fc_params *fc_params, struct cpt_inst_s *inst)
+{
+	uint32_t iv_offset = 0, size;
+	int32_t inputlen, outputlen, enc_dlen, auth_dlen;
+	struct roc_se_ctx *se_ctx;
+	int32_t hash_type, mac_len;
+	uint8_t iv_len = 16;
+	struct roc_se_buf_ptr *aad_buf = NULL;
+	uint32_t encr_offset, auth_offset;
+	uint32_t encr_data_len, auth_data_len, aad_len = 0;
+	uint32_t passthrough_len = 0;
+	union cpt_inst_w4 cpt_inst_w4;
+	void *offset_vaddr;
+	uint8_t op_minor;
+
+	encr_offset = ROC_SE_ENCR_OFFSET(d_offs);
+	auth_offset = ROC_SE_AUTH_OFFSET(d_offs);
+	encr_data_len = ROC_SE_ENCR_DLEN(d_lens);
+	auth_data_len = ROC_SE_AUTH_DLEN(d_lens);
+
+	if (unlikely(flags & ROC_SE_VALID_AAD_BUF)) {
+		/*
+		 * We dont support both aad
+		 * and auth data separately
+		 */
+		auth_data_len = 0;
+		auth_offset = 0;
+		aad_len = fc_params->aad_buf.size;
+		aad_buf = &fc_params->aad_buf;
+	}
+
+	se_ctx = fc_params->ctx_buf.vaddr;
+	hash_type = se_ctx->hash_type;
+	mac_len = se_ctx->mac_len;
+	op_minor = se_ctx->template_w4.s.opcode_minor;
+
+	if (unlikely(!(flags & ROC_SE_VALID_IV_BUF))) {
+		iv_len = 0;
+		iv_offset = ROC_SE_ENCR_IV_OFFSET(d_offs);
+	}
+
+	if (unlikely(flags & ROC_SE_VALID_AAD_BUF)) {
+		/*
+		 * When AAD is given, data above encr_offset is pass through
+		 * Since AAD is given as separate pointer and not as offset,
+		 * this is a special case as we need to fragment input data
+		 * into passthrough + encr_data and then insert AAD in between.
+		 */
+		if (hash_type != ROC_SE_GMAC_TYPE) {
+			passthrough_len = encr_offset;
+			auth_offset = passthrough_len + iv_len;
+			encr_offset = passthrough_len + aad_len + iv_len;
+			auth_data_len = aad_len + encr_data_len;
+		} else {
+			passthrough_len = 16 + aad_len;
+			auth_offset = passthrough_len + iv_len;
+			auth_data_len = aad_len;
+		}
+	} else {
+		encr_offset += iv_len;
+		auth_offset += iv_len;
+	}
+
+	/* Decryption */
+	cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_FC;
+	cpt_inst_w4.s.opcode_minor = ROC_SE_FC_MINOR_OP_DECRYPT;
+	cpt_inst_w4.s.opcode_minor |= (uint64_t)op_minor;
+
+	if (hash_type == ROC_SE_GMAC_TYPE) {
+		encr_offset = 0;
+		encr_data_len = 0;
+	}
+
+	enc_dlen = encr_offset + encr_data_len;
+	auth_dlen = auth_offset + auth_data_len;
+
+	if (auth_dlen > enc_dlen) {
+		inputlen = auth_dlen + mac_len;
+		outputlen = auth_dlen;
+	} else {
+		inputlen = enc_dlen + mac_len;
+		outputlen = enc_dlen;
+	}
+
+	if (op_minor & ROC_SE_FC_MINOR_OP_HMAC_FIRST)
+		outputlen = inputlen = enc_dlen;
+
+	cpt_inst_w4.s.param1 = encr_data_len;
+	cpt_inst_w4.s.param2 = auth_data_len;
+
+	/*
+	 * In cn9k, cn10k since we have a limitation of
+	 * IV & Offset control word not part of instruction
+	 * and need to be part of Data Buffer, we check if
+	 * head room is there and then only do the Direct mode processing
+	 */
+	if (likely((flags & ROC_SE_SINGLE_BUF_INPLACE) &&
+		   (flags & ROC_SE_SINGLE_BUF_HEADROOM))) {
+		void *dm_vaddr = fc_params->bufs[0].vaddr;
+
+		/* Use Direct mode */
+
+		offset_vaddr =
+			(uint8_t *)dm_vaddr - ROC_SE_OFF_CTRL_LEN - iv_len;
+		inst->dptr = (uint64_t)offset_vaddr;
+
+		/* RPTR should just exclude offset control word */
+		inst->rptr = (uint64_t)dm_vaddr - iv_len;
+
+		cpt_inst_w4.s.dlen = inputlen + ROC_SE_OFF_CTRL_LEN;
+
+		if (likely(iv_len)) {
+			uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr +
+						      ROC_SE_OFF_CTRL_LEN);
+			uint64_t *src = fc_params->iv_buf;
+			dest[0] = src[0];
+			dest[1] = src[1];
+		}
+
+	} else {
+		void *m_vaddr = fc_params->meta_buf.vaddr;
+		uint32_t g_size_bytes, s_size_bytes;
+		struct roc_se_sglist_comp *gather_comp;
+		struct roc_se_sglist_comp *scatter_comp;
+		uint8_t *in_buffer;
+		uint8_t i = 0;
+
+		/* This falls under strict SG mode */
+		offset_vaddr = m_vaddr;
+		size = ROC_SE_OFF_CTRL_LEN + iv_len;
+
+		m_vaddr = (uint8_t *)m_vaddr + size;
+
+		cpt_inst_w4.s.opcode_major |= (uint64_t)ROC_SE_DMA_MODE;
+
+		if (likely(iv_len)) {
+			uint64_t *dest = (uint64_t *)((uint8_t *)offset_vaddr +
+						      ROC_SE_OFF_CTRL_LEN);
+			uint64_t *src = fc_params->iv_buf;
+			dest[0] = src[0];
+			dest[1] = src[1];
+		}
+
+		/* DPTR has SG list */
+		in_buffer = m_vaddr;
+
+		((uint16_t *)in_buffer)[0] = 0;
+		((uint16_t *)in_buffer)[1] = 0;
+
+		/* TODO Add error check if space will be sufficient */
+		gather_comp =
+			(struct roc_se_sglist_comp *)((uint8_t *)m_vaddr + 8);
+
+		/*
+		 * Input Gather List
+		 */
+		i = 0;
+
+		/* Offset control word that includes iv */
+		i = fill_sg_comp(gather_comp, i, (uint64_t)offset_vaddr,
+				 ROC_SE_OFF_CTRL_LEN + iv_len);
+
+		/* Add input data */
+		if (flags & ROC_SE_VALID_MAC_BUF) {
+			size = inputlen - iv_len - mac_len;
+			if (size) {
+				/* input data only */
+				if (unlikely(flags &
+					     ROC_SE_SINGLE_BUF_INPLACE)) {
+					i = fill_sg_comp_from_buf_min(
+						gather_comp, i, fc_params->bufs,
+						&size);
+				} else {
+					uint32_t aad_offset =
+						aad_len ? passthrough_len : 0;
+
+					i = fill_sg_comp_from_iov(
+						gather_comp, i,
+						fc_params->src_iov, 0, &size,
+						aad_buf, aad_offset);
+				}
+				if (unlikely(size)) {
+					CPT_LOG_DP_ERR("Insufficient buffer"
+						       " space, size %d needed",
+						       size);
+					return -1;
+				}
+			}
+
+			/* mac data */
+			if (mac_len) {
+				i = fill_sg_comp_from_buf(gather_comp, i,
+							  &fc_params->mac_buf);
+			}
+		} else {
+			/* input data + mac */
+			size = inputlen - iv_len;
+			if (size) {
+				if (unlikely(flags &
+					     ROC_SE_SINGLE_BUF_INPLACE)) {
+					i = fill_sg_comp_from_buf_min(
+						gather_comp, i, fc_params->bufs,
+						&size);
+				} else {
+					uint32_t aad_offset =
+						aad_len ? passthrough_len : 0;
+
+					if (unlikely(!fc_params->src_iov)) {
+						CPT_LOG_DP_ERR(
+							"Bad input args");
+						return -1;
+					}
+
+					i = fill_sg_comp_from_iov(
+						gather_comp, i,
+						fc_params->src_iov, 0, &size,
+						aad_buf, aad_offset);
+				}
+
+				if (unlikely(size)) {
+					CPT_LOG_DP_ERR("Insufficient buffer"
+						       " space, size %d needed",
+						       size);
+					return -1;
+				}
+			}
+		}
+		((uint16_t *)in_buffer)[2] = rte_cpu_to_be_16(i);
+		g_size_bytes =
+			((i + 3) / 4) * sizeof(struct roc_se_sglist_comp);
+
+		/*
+		 * Output Scatter List
+		 */
+
+		i = 0;
+		scatter_comp =
+			(struct roc_se_sglist_comp *)((uint8_t *)gather_comp +
+						      g_size_bytes);
+
+		/* Add iv */
+		if (iv_len) {
+			i = fill_sg_comp(scatter_comp, i,
+					 (uint64_t)offset_vaddr +
+						 ROC_SE_OFF_CTRL_LEN,
+					 iv_len);
+		}
+
+		/* Add output data */
+		size = outputlen - iv_len;
+		if (size) {
+			if (unlikely(flags & ROC_SE_SINGLE_BUF_INPLACE)) {
+				/* handle single buffer here */
+				i = fill_sg_comp_from_buf_min(scatter_comp, i,
+							      fc_params->bufs,
+							      &size);
+			} else {
+				uint32_t aad_offset =
+					aad_len ? passthrough_len : 0;
+
+				if (unlikely(!fc_params->dst_iov)) {
+					CPT_LOG_DP_ERR("Bad input args");
+					return -1;
+				}
+
+				i = fill_sg_comp_from_iov(
+					scatter_comp, i, fc_params->dst_iov, 0,
+					&size, aad_buf, aad_offset);
+			}
+
+			if (unlikely(size)) {
+				CPT_LOG_DP_ERR("Insufficient buffer space,"
+					       " size %d needed",
+					       size);
+				return -1;
+			}
+		}
+
+		((uint16_t *)in_buffer)[3] = rte_cpu_to_be_16(i);
+		s_size_bytes =
+			((i + 3) / 4) * sizeof(struct roc_se_sglist_comp);
+
+		size = g_size_bytes + s_size_bytes + ROC_SE_SG_LIST_HDR_SIZE;
+
+		/* This is DPTR len in case of SG mode */
+		cpt_inst_w4.s.dlen = size;
+
+		inst->dptr = (uint64_t)in_buffer;
+	}
+
+	if (unlikely((encr_offset >> 16) || (iv_offset >> 8) ||
+		     (auth_offset >> 8))) {
+		CPT_LOG_DP_ERR("Offset not supported");
+		CPT_LOG_DP_ERR("enc_offset: %d", encr_offset);
+		CPT_LOG_DP_ERR("iv_offset : %d", iv_offset);
+		CPT_LOG_DP_ERR("auth_offset: %d", auth_offset);
+		return -1;
+	}
+
+	*(uint64_t *)offset_vaddr = rte_cpu_to_be_64(
+		((uint64_t)encr_offset << 16) | ((uint64_t)iv_offset << 8) |
+		((uint64_t)auth_offset));
+
+	inst->w4.u64 = cpt_inst_w4.u64;
+	return 0;
+}
+
+static __rte_always_inline int
+cpt_fc_dec_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
+		     struct roc_se_fc_params *fc_params,
+		     struct cpt_inst_s *inst)
+{
+	struct roc_se_ctx *ctx = fc_params->ctx_buf.vaddr;
+	uint8_t fc_type;
+	int ret = -1;
+
+	fc_type = ctx->fc_type;
+
+	if (likely(fc_type == ROC_SE_FC_GEN))
+		ret = cpt_dec_hmac_prep(flags, d_offs, d_lens, fc_params, inst);
+	return ret;
+}
+
+static __rte_always_inline int
 cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 		     struct roc_se_fc_params *fc_params,
 		     struct cpt_inst_s *inst)
@@ -1561,7 +1886,8 @@ fill_fc_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 		ret = cpt_fc_enc_hmac_prep(flags, d_offs, d_lens, &fc_params,
 					   inst);
 	else
-		ret = ENOTSUP;
+		ret = cpt_fc_dec_hmac_prep(flags, d_offs, d_lens, &fc_params,
+					   inst);
 
 	if (unlikely(ret)) {
 		CPT_LOG_DP_ERR("Preparing request failed due to bad input arg");
-- 
2.7.4


  parent reply	other threads:[~2021-06-02 16:46 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-02 16:43 [dpdk-dev] [PATCH 00/20] Add Marvell CNXK crypto PMDs Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 01/20] crypto/cnxk: add driver skeleton Anoob Joseph
2021-06-16  7:28   ` Akhil Goyal
2021-06-16  7:37     ` Anoob Joseph
2021-06-16  7:47       ` Akhil Goyal
2021-06-16 19:58   ` Akhil Goyal
2021-06-02 16:43 ` [dpdk-dev] [PATCH 02/20] crypto/cnxk: add probe and remove Anoob Joseph
2021-06-16 10:51   ` Akhil Goyal
2021-06-02 16:43 ` [dpdk-dev] [PATCH 03/20] crypto/cnxk: add device control ops Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 04/20] crypto/cnxk: add symmetric crypto capabilities Anoob Joseph
2021-06-16  9:47   ` Akhil Goyal
2021-06-02 16:43 ` [dpdk-dev] [PATCH 05/20] crypto/cnxk: add queue pair ops Anoob Joseph
2021-06-16 11:05   ` Akhil Goyal
2021-06-17  7:13     ` Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 06/20] crypto/cnxk: add session ops framework Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 07/20] crypto/cnxk: add enqueue burst op Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 08/20] crypto/cnxk: add dequeue " Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 09/20] crypto/cnxk: add cipher operation in session Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 10/20] crypto/cnxk: add auth " Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 11/20] crypto/cnxk: add aead " Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 12/20] crypto/cnxk: add chained " Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 13/20] crypto/cnxk: add flexi crypto cipher encrypt Anoob Joseph
2021-06-16 19:45   ` Akhil Goyal
2021-06-02 16:43 ` Anoob Joseph [this message]
2021-06-02 16:43 ` [dpdk-dev] [PATCH 15/20] crypto/cnxk: add ZUC and SNOW3G encrypt Anoob Joseph
2021-06-16 19:51   ` Akhil Goyal
2021-06-02 16:43 ` [dpdk-dev] [PATCH 16/20] crypto/cnxk: add ZUC and SNOW3G decrypt Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 17/20] crypto/cnxk: add KASUMI encrypt Anoob Joseph
2021-06-16 19:51   ` Akhil Goyal
2021-06-02 16:43 ` [dpdk-dev] [PATCH 18/20] crypto/cnxk: add KASUMI decrypt Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 19/20] crypto/cnxk: add digest support Anoob Joseph
2021-06-02 16:43 ` [dpdk-dev] [PATCH 20/20] test/crypto: enable cnxk crypto PMDs Anoob Joseph
2021-06-16  7:23 ` [dpdk-dev] [PATCH 00/20] Add Marvell CNXK " Akhil Goyal
2021-06-16 19:56 ` Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1622652221-22732-15-git-send-email-anoobj@marvell.com \
    --to=anoobj@marvell.com \
    --cc=adwivedi@marvell.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    --cc=jerinj@marvell.com \
    --cc=ktejasree@marvell.com \
    --cc=marchana@marvell.com \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).