From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
Cc: Tejasree Kondoj <ktejasree@marvell.com>,
Archana Muniganti <marchana@marvell.com>, <dev@dpdk.org>
Subject: [PATCH v3 11/29] crypto/cnxk: write CPT CTX through microcode op
Date: Fri, 17 Dec 2021 14:49:53 +0530 [thread overview]
Message-ID: <1639732811-1440-12-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1639732811-1440-1-git-send-email-anoobj@marvell.com>
From: Tejasree Kondoj <ktejasree@marvell.com>
Adding support to write CPT CTX through microcode op(SET_CTX) for
cn10k lookaside PMD.
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/crypto/cnxk/cn10k_ipsec.c | 121 ++++++++++++++++++++++++++++----------
1 file changed, 89 insertions(+), 32 deletions(-)
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 1bd127e..a11a6b7 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -2,18 +2,19 @@
* Copyright(C) 2021 Marvell.
*/
-#include <rte_malloc.h>
#include <cryptodev_pmd.h>
#include <rte_esp.h>
#include <rte_ip.h>
+#include <rte_malloc.h>
#include <rte_security.h>
#include <rte_security_driver.h>
#include <rte_udp.h>
+#include "cn10k_ipsec.h"
#include "cnxk_cryptodev.h"
+#include "cnxk_cryptodev_ops.h"
#include "cnxk_ipsec.h"
#include "cnxk_security.h"
-#include "cn10k_ipsec.h"
#include "roc_api.h"
@@ -32,36 +33,46 @@ ipsec_cpt_inst_w7_get(struct roc_cpt *roc_cpt, void *sa)
}
static int
-cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
+cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
struct rte_security_ipsec_xform *ipsec_xfrm,
struct rte_crypto_sym_xform *crypto_xfrm,
struct rte_security_session *sec_sess)
{
union roc_ot_ipsec_outb_param1 param1;
- struct roc_ot_ipsec_outb_sa *out_sa;
+ struct roc_ot_ipsec_outb_sa *sa_dptr;
struct cnxk_ipsec_outb_rlens rlens;
struct cn10k_sec_session *sess;
struct cn10k_ipsec_sa *sa;
union cpt_inst_w4 inst_w4;
- int ret;
+ void *out_sa;
+ int ret = 0;
sess = get_sec_session_private_data(sec_sess);
sa = &sess->sa;
out_sa = &sa->out_sa;
- memset(out_sa, 0, sizeof(struct roc_ot_ipsec_outb_sa));
+ /* Allocate memory to be used as dptr for CPT ucode WRITE_SA op */
+ sa_dptr = plt_zmalloc(ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ, 0);
+ if (sa_dptr == NULL) {
+ plt_err("Couldn't allocate memory for SA dptr");
+ return -ENOMEM;
+ }
+
+ memset(sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa));
/* Translate security parameters to SA */
- ret = cnxk_ot_ipsec_outb_sa_fill(out_sa, ipsec_xfrm, crypto_xfrm);
- if (ret)
- return ret;
+ ret = cnxk_ot_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+ if (ret) {
+ plt_err("Could not fill outbound session parameters");
+ goto sa_dptr_free;
+ }
sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);
#ifdef LA_IPSEC_DEBUG
/* Use IV from application in debug mode */
if (ipsec_xfrm->options.iv_gen_disable == 1) {
- out_sa->w2.s.iv_src = ROC_IE_OT_SA_IV_SRC_FROM_SA;
+ sa_dptr->w2.s.iv_src = ROC_IE_OT_SA_IV_SRC_FROM_SA;
if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
sa->iv_offset = crypto_xfrm->aead.iv.offset;
sa->iv_length = crypto_xfrm->aead.iv.length;
@@ -73,14 +84,15 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
#else
if (ipsec_xfrm->options.iv_gen_disable != 0) {
plt_err("Application provided IV not supported");
- return -ENOTSUP;
+ ret = -ENOTSUP;
+ goto sa_dptr_free;
}
#endif
/* Get Rlen calculation data */
ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
if (ret)
- return ret;
+ goto sa_dptr_free;
sa->max_extended_len = rlens.max_extended_len;
@@ -110,37 +122,61 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
sa->inst.w4 = inst_w4.u64;
- return 0;
+ memset(out_sa, 0, sizeof(struct roc_ot_ipsec_outb_sa));
+
+ /* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
+ memcpy(out_sa, sa_dptr, 8);
+
+ /* Write session using microcode opcode */
+ ret = roc_cpt_ctx_write(lf, sa_dptr, out_sa,
+ ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ);
+ if (ret) {
+ plt_err("Could not write outbound session to hardware");
+ goto sa_dptr_free;
+ }
+
+ /* Trigger CTX flush to write dirty data back to DRAM */
+ roc_cpt_lf_ctx_flush(lf, out_sa, false);
+
+sa_dptr_free:
+ plt_free(sa_dptr);
+
+ return ret;
}
static int
-cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
+cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
struct rte_security_ipsec_xform *ipsec_xfrm,
struct rte_crypto_sym_xform *crypto_xfrm,
struct rte_security_session *sec_sess)
{
union roc_ot_ipsec_inb_param1 param1;
- struct roc_ot_ipsec_inb_sa *in_sa;
+ struct roc_ot_ipsec_inb_sa *sa_dptr;
struct cn10k_sec_session *sess;
struct cn10k_ipsec_sa *sa;
union cpt_inst_w4 inst_w4;
- int ret;
+ void *in_sa;
+ int ret = 0;
sess = get_sec_session_private_data(sec_sess);
sa = &sess->sa;
in_sa = &sa->in_sa;
- memset(in_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
-
- /* Translate security parameters to SA */
- ret = cnxk_ot_ipsec_inb_sa_fill(in_sa, ipsec_xfrm, crypto_xfrm);
- if (ret)
- return ret;
+ /* Allocate memory to be used as dptr for CPT ucode WRITE_SA op */
+ sa_dptr = plt_zmalloc(ROC_NIX_INL_OT_IPSEC_INB_HW_SZ, 0);
+ if (sa_dptr == NULL) {
+ plt_err("Couldn't allocate memory for SA dptr");
+ return -ENOMEM;
+ }
- /* TODO add support for antireplay */
- sa->in_sa.w0.s.ar_win = 0;
+ memset(sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa));
- /* TODO add support for udp encap */
+ /* Translate security parameters to SA */
+ ret = cnxk_ot_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+ if (ret) {
+ plt_err("Could not fill inbound session parameters");
+ goto sa_dptr_free;
+ }
sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);
@@ -173,7 +209,26 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
sa->inst.w4 = inst_w4.u64;
- return 0;
+ memset(in_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
+
+ /* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
+ memcpy(in_sa, sa_dptr, 8);
+
+ /* Write session using microcode opcode */
+ ret = roc_cpt_ctx_write(lf, sa_dptr, in_sa,
+ ROC_NIX_INL_OT_IPSEC_INB_HW_SZ);
+ if (ret) {
+ plt_err("Could not write inbound session to hardware");
+ goto sa_dptr_free;
+ }
+
+ /* Trigger CTX flush to write dirty data back to DRAM */
+ roc_cpt_lf_ctx_flush(lf, in_sa, false);
+
+sa_dptr_free:
+ plt_free(sa_dptr);
+
+ return ret;
}
static int
@@ -185,12 +240,11 @@ cn10k_ipsec_session_create(void *dev,
struct rte_cryptodev *crypto_dev = dev;
struct roc_cpt *roc_cpt;
struct cnxk_cpt_vf *vf;
+ struct cnxk_cpt_qp *qp;
int ret;
- vf = crypto_dev->data->dev_private;
- roc_cpt = &vf->cpt;
-
- if (crypto_dev->data->queue_pairs[0] == NULL) {
+ qp = crypto_dev->data->queue_pairs[0];
+ if (qp == NULL) {
plt_err("Setup cpt queue pair before creating security session");
return -EPERM;
}
@@ -199,11 +253,14 @@ cn10k_ipsec_session_create(void *dev,
if (ret)
return ret;
+ vf = crypto_dev->data->dev_private;
+ roc_cpt = &vf->cpt;
+
if (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
- return cn10k_ipsec_inb_sa_create(roc_cpt, ipsec_xfrm,
+ return cn10k_ipsec_inb_sa_create(roc_cpt, &qp->lf, ipsec_xfrm,
crypto_xfrm, sess);
else
- return cn10k_ipsec_outb_sa_create(roc_cpt, ipsec_xfrm,
+ return cn10k_ipsec_outb_sa_create(roc_cpt, &qp->lf, ipsec_xfrm,
crypto_xfrm, sess);
}
--
2.7.4
next prev parent reply other threads:[~2021-12-17 9:21 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-07 6:50 [PATCH 00/25] New features and improvements in cnxk crypto PMD Anoob Joseph
2021-12-07 6:50 ` [PATCH 01/25] common/cnxk: define minor opcodes for MISC opcode Anoob Joseph
2021-12-07 6:50 ` [PATCH 02/25] common/cnxk: add aes-xcbc key derive Anoob Joseph
2021-12-07 6:50 ` [PATCH 03/25] common/cnxk: add bit fields for params Anoob Joseph
2021-12-07 6:50 ` [PATCH 04/25] common/cnxk: fix reset of fields Anoob Joseph
2021-12-07 6:50 ` [PATCH 05/25] common/cnxk: verify input args Anoob Joseph
2021-12-07 6:50 ` [PATCH 06/25] crypto/cnxk: only enable queues that are allocated Anoob Joseph
2021-12-07 6:50 ` [PATCH 07/25] crypto/cnxk: add lookaside IPsec AES-CBC-HMAC-SHA256 support Anoob Joseph
2021-12-07 6:50 ` [PATCH 08/25] crypto/cnxk: clear session data before populating Anoob Joseph
2021-12-07 6:50 ` [PATCH 09/25] crypto/cnxk: update max sec crypto caps Anoob Joseph
2021-12-07 6:50 ` [PATCH 10/25] crypto/cnxk: write CPT CTX through microcode op Anoob Joseph
2021-12-07 6:50 ` [PATCH 11/25] crypto/cnxk: support cnxk lookaside IPsec HMAC-SHA384/512 Anoob Joseph
2021-12-07 6:50 ` [PATCH 12/25] crypto/cnxk: account for CPT CTX updates and flush delays Anoob Joseph
2021-12-07 6:50 ` [PATCH 13/25] crypto/cnxk: use struct sizes for ctx writes Anoob Joseph
2021-12-07 6:50 ` [PATCH 14/25] crypto/cnxk: add security session stats get Anoob Joseph
2021-12-07 6:50 ` [PATCH 15/25] crypto/cnxk: add skip for unsupported cases Anoob Joseph
2021-12-07 6:50 ` [PATCH 16/25] crypto/cnxk: add context reload for IV Anoob Joseph
2021-12-07 6:50 ` [PATCH 17/25] crypto/cnxk: handle null chained ops Anoob Joseph
2021-12-07 6:50 ` [PATCH 18/25] crypto/cnxk: fix inflight cnt calculation Anoob Joseph
2021-12-07 6:50 ` [PATCH 19/25] crypto/cnxk: use atomics to access cpt res Anoob Joseph
2021-12-07 6:50 ` [PATCH 20/25] crypto/cnxk: add more info on command timeout Anoob Joseph
2021-12-07 6:50 ` [PATCH 21/25] crypto/cnxk: support lookaside IPsec AES-CTR Anoob Joseph
2021-12-07 6:50 ` [PATCH 22/25] crypto/cnxk: fix extend tail calculation Anoob Joseph
2021-12-07 6:50 ` [PATCH 23/25] crypto/cnxk: add aes xcbc and null cipher Anoob Joseph
2021-12-07 6:50 ` [PATCH 24/25] crypto/cnxk: add copy and set DF Anoob Joseph
2021-12-07 6:50 ` [PATCH 25/25] crypto/cnxk: add aes cmac Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 00/29] New features and improvements in cnxk crypto PMD Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 01/29] common/cnxk: define minor opcodes for MISC opcode Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 02/29] common/cnxk: add aes-xcbc key derive Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 03/29] common/cnxk: add bit fields for params Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 04/29] common/cnxk: fix reset of fields Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 05/29] common/cnxk: verify input args Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 06/29] common/cnxk: update completion code Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 07/29] crypto/cnxk: only enable queues that are allocated Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 08/29] crypto/cnxk: add lookaside IPsec AES-CBC-HMAC-SHA256 support Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 09/29] crypto/cnxk: clear session data before populating Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 10/29] crypto/cnxk: update max sec crypto caps Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 11/29] crypto/cnxk: write CPT CTX through microcode op Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 12/29] crypto/cnxk: support cnxk lookaside IPsec HMAC-SHA384/512 Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 13/29] crypto/cnxk: account for CPT CTX updates and flush delays Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 14/29] crypto/cnxk: use struct sizes for ctx writes Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 15/29] crypto/cnxk: add security session stats get Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 16/29] crypto/cnxk: add skip for unsupported cases Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 17/29] crypto/cnxk: add context reload for IV Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 18/29] crypto/cnxk: handle null chained ops Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 19/29] crypto/cnxk: fix inflight cnt calculation Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 20/29] crypto/cnxk: use atomics to access CPT res Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 21/29] crypto/cnxk: add more info on command timeout Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 22/29] crypto/cnxk: support lookaside IPsec AES-CTR Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 23/29] crypto/cnxk: fix extend tail calculation Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 24/29] crypto/cnxk: add aes xcbc and null cipher Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 25/29] crypto/cnxk: add copy and set DF Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 26/29] crypto/cnxk: add aes cmac Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 27/29] crypto/cnxk: add per pkt IV in lookaside IPsec debug mode Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 28/29] crypto/cnxk: enable copy dscp Anoob Joseph
2021-12-16 17:49 ` [PATCH v2 29/29] crypto/cnxk: update microcode completion handling Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 00/29] New features and improvements in cnxk crypto PMD Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 01/29] common/cnxk: define minor opcodes for MISC opcode Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 02/29] common/cnxk: add aes-xcbc key derive Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 03/29] common/cnxk: add bit fields for params Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 04/29] common/cnxk: fix reset of fields Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 05/29] common/cnxk: verify input args Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 06/29] common/cnxk: update completion code Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 07/29] crypto/cnxk: only enable queues that are allocated Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 08/29] crypto/cnxk: add lookaside IPsec AES-CBC-HMAC-SHA256 support Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 09/29] crypto/cnxk: clear session data before populating Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 10/29] crypto/cnxk: update max sec crypto caps Anoob Joseph
2021-12-17 9:19 ` Anoob Joseph [this message]
2021-12-17 9:19 ` [PATCH v3 12/29] crypto/cnxk: support cnxk lookaside IPsec HMAC-SHA384/512 Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 13/29] crypto/cnxk: account for CPT CTX updates and flush delays Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 14/29] crypto/cnxk: use struct sizes for ctx writes Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 15/29] crypto/cnxk: add security session stats get Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 16/29] crypto/cnxk: add skip for unsupported cases Anoob Joseph
2021-12-17 9:19 ` [PATCH v3 17/29] crypto/cnxk: add context reload for IV Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 18/29] crypto/cnxk: handle null chained ops Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 19/29] crypto/cnxk: fix inflight cnt calculation Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 20/29] crypto/cnxk: use atomics to access CPT res Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 21/29] crypto/cnxk: add more info on command timeout Anoob Joseph
2022-01-11 15:23 ` Thomas Monjalon
2022-01-21 9:16 ` [EXT] " Akhil Goyal
2022-01-21 10:41 ` Thomas Monjalon
2021-12-17 9:20 ` [PATCH v3 22/29] crypto/cnxk: support lookaside IPsec AES-CTR Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 23/29] crypto/cnxk: fix extend tail calculation Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 24/29] crypto/cnxk: add aes xcbc and null cipher Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 25/29] crypto/cnxk: add copy and set DF Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 26/29] crypto/cnxk: add aes cmac Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 27/29] crypto/cnxk: add per pkt IV in lookaside IPsec debug mode Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 28/29] crypto/cnxk: enable copy dscp Anoob Joseph
2021-12-17 9:20 ` [PATCH v3 29/29] crypto/cnxk: update microcode completion handling Anoob Joseph
2021-12-24 12:43 ` [PATCH v3 00/29] New features and improvements in cnxk crypto PMD Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1639732811-1440-12-git-send-email-anoobj@marvell.com \
--to=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=jerinj@marvell.com \
--cc=ktejasree@marvell.com \
--cc=marchana@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).