DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver
@ 2018-09-13  6:08 Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details Gagandeep Singh
                   ` (11 more replies)
  0 siblings, 12 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh

The caam_jr PMD provides poll mode crypto driver
support for NXP SEC 4.x+ (CAAM) hardware accelerator.

This patch has dependancy on below patches:
http://patchwork.dpdk.org/patch/43986/
http://patchwork.dpdk.org/patch/43964/

Hemant Agrawal (10):
  doc: add caam jr cryptodev details
  crypto/caam_jr: introduce basic driver
  crypto/caam_jr: add HW config for job rings
  crypto/caam_jr: add device configuration routines
  crypto/caam_jr: add queue config functions
  crypto/caam_jr: add basic session config routines
  crypto/caam_jr: add enqueue and dequeue routines
  crypto/caam_jr: add auth cipher and aead session support
  crypto/caam_jr: add stats support
  crypto/caam_jr: add security offload support

 config/common_base                            |    8 +
 config/common_linuxapp                        |    1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |    4 +
 doc/guides/cryptodevs/caam_jr.rst             |  159 ++
 doc/guides/cryptodevs/index.rst               |    1 +
 drivers/crypto/Makefile                       |    1 +
 drivers/crypto/caam_jr/Makefile               |   46 +
 drivers/crypto/caam_jr/caam_jr.c              | 2485 +++++++++++++++++
 drivers/crypto/caam_jr/caam_jr.h              |  257 ++
 drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
 drivers/crypto/caam_jr/caam_jr_desc.h         |  289 ++
 drivers/crypto/caam_jr/caam_jr_hw.c           |  365 +++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
 drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  288 ++
 drivers/crypto/caam_jr/caam_jr_uio.c          |  491 ++++
 drivers/crypto/caam_jr/meson.build            |   14 +
 .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
 drivers/crypto/meson.build                    |    2 +-
 19 files changed, 5166 insertions(+), 1 deletion(-)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-18 12:27   ` Akhil Goyal
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver Gagandeep Singh
                   ` (10 subsequent siblings)
  11 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 doc/guides/cryptodevs/caam_jr.rst | 159 ++++++++++++++++++++++++++++++
 doc/guides/cryptodevs/index.rst   |   1 +
 2 files changed, 160 insertions(+)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst

diff --git a/doc/guides/cryptodevs/caam_jr.rst b/doc/guides/cryptodevs/caam_jr.rst
new file mode 100644
index 000000000..0ee501506
--- /dev/null
+++ b/doc/guides/cryptodevs/caam_jr.rst
@@ -0,0 +1,159 @@
+..  SPDX-License-Identifier: BSD-3-Clause
+    Copyright 2017 NXP
+
+
+NXP CAAM JOB RING (caam_jr)
+===========================
+
+The caam_jr PMD provides poll mode crypto driver support for NXP SEC 4.x+ (CAAM)
+hardware accelerator. More information is available at:
+
+`NXP Cryptographic Acceleration Technology  <https://www.nxp.com/applications/solutions/internet-of-things/secure-things/network-security-technology/cryptographic-acceleration-technology:NETWORK_SECURITY_CRYPTOG>`_.
+
+Architecture
+------------
+
+SEC is the SOC's security engine, which serves as NXP's latest cryptographic
+acceleration and offloading hardware. It combines functions previously
+implemented in separate modules to create a modular and scalable acceleration
+and assurance engine. It also implements block encryption algorithms, stream
+cipher algorithms, hashing algorithms, public key algorithms, run-time
+integrity checking, and a hardware random number generator. SEC performs
+higher-level cryptographic operations than previous NXP cryptographic
+accelerators. This provides significant improvement to system level performance.
+
+SEC HW accelerator above 4.x+ version are also known as CAAM.
+
+caam_jr PMD is one of DPAA drivers which uses uio interface to interact with
+Linux kernel for configure and destroy the device instance (ring).
+
+
+Implementation
+--------------
+
+SEC provides platform assurance by working with SecMon, which is a companion
+logic block that tracks the security state of the SOC. SEC is programmed by
+means of descriptors (not to be confused with frame descriptors (FDs)) that
+indicate the operations to be performed and link to the message and
+associated data. SEC incorporates two DMA engines to fetch the descriptors,
+read the message data, and write the results of the operations. The DMA
+engine provides a scatter/gather capability so that SEC can read and write
+data scattered in memory. SEC may be configured by means of software for
+dynamic changes in byte ordering. The default configuration for this version
+of SEC is little-endian mode.
+
+Note that one physical Job Ring represent one caam_jr device.
+
+Features
+--------
+
+The CAAM_JR PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_3DES_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CBC``
+* ``RTE_CRYPTO_CIPHER_AES192_CBC``
+* ``RTE_CRYPTO_CIPHER_AES256_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CTR``
+* ``RTE_CRYPTO_CIPHER_AES192_CTR``
+* ``RTE_CRYPTO_CIPHER_AES256_CTR``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_MD5_HMAC``
+
+AEAD algorithms:
+
+* ``RTE_CRYPTO_AEAD_AES_GCM``
+
+Supported DPAA SoCs
+--------------------
+
+* LS1046A/LS1026A
+* LS1043A/LS1023A
+* LS1028A
+* LS1012A
+
+Limitations
+-----------
+
+* Hash followed by Cipher mode is not supported
+* Only supports the session-oriented API implementation (session-less APIs are not supported).
+
+Prerequisites
+-------------
+
+caam_jr driver has following dependencies are not part of DPDK and must be installed separately:
+
+* **NXP Linux SDK**
+
+  NXP Linux software development kit (SDK) includes support for the family
+  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
+  and corresponding boards.
+
+  It includes the Linux board support packages (BSPs) for NXP SoCs,
+  a fully operational tool chain, kernel and board specific modules.
+
+  SDK and related information can be obtained from:  `NXP QorIQ SDK  <http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
+
+Currently supported by DPDK:
+
+* NXP SDK **18.09+**.
+* Supported architectures:  **arm64 LE**.
+
+* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup the basic DPDK environment.
+
+Pre-Installation Configuration
+------------------------------
+
+Config File Options
+~~~~~~~~~~~~~~~~~~~
+
+The following options can be modified in the ``config`` file
+to enable caam_jr PMD.
+
+Please note that enabling debugging options may affect system performance.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
+  By default it is only enabled in common_armv8a_linuxapp config.
+  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
+  By default it is disabled.
+  It can be used when the underlying hardware supports the CAAM in BE mode.
+  e.g. LS1043A, LS1046A supports CAAM in BE mode.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_DEBUG`` (default ``n``)
+  By default it is disabled.
+  It can be used enabled debug mode.
+
+* ``CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS``
+  By default it is set as 2048 in common_base config.
+  It indicates Number of sessions to create in the session memory pool
+  on a single caam_jr device.
+
+
+Installations
+-------------
+To compile the caam_jr PMD for Linux arm64 gcc target, run the
+following ``make`` command:
+
+.. code-block:: console
+
+   cd <DPDK-source-directory>
+   make config T=arm64-armv8a-linuxapp-gcc install
+
+Enabling logs
+-------------
+
+For enabling logs, use the following EAL parameter:
+
+.. code-block:: console
+
+   ./your_crypto_application <EAL args> --log-level=pmd.crypto.caam,<level>
diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
index e9928a4e2..7dddeec8a 100644
--- a/doc/guides/cryptodevs/index.rst
+++ b/doc/guides/cryptodevs/index.rst
@@ -13,6 +13,7 @@ Crypto Device Drivers
     aesni_mb
     aesni_gcm
     armv8
+    caam_jr
     ccp
     dpaa2_sec
     dpaa_sec
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-18 12:13   ` Akhil Goyal
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings Gagandeep Singh
                   ` (9 subsequent siblings)
  11 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch introduces basic support for caam_jr crypto driver.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 config/common_base                            |   8 +
 config/common_linuxapp                        |   1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |   4 +
 drivers/crypto/Makefile                       |   1 +
 drivers/crypto/caam_jr/Makefile               |  40 +++++
 drivers/crypto/caam_jr/caam_jr.c              | 157 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
 drivers/crypto/caam_jr/meson.build            |  11 ++
 .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
 drivers/crypto/meson.build                    |   2 +-
 10 files changed, 269 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

diff --git a/config/common_base b/config/common_base
index 4bcbaf923..a73f063d1 100644
--- a/config/common_base
+++ b/config/common_base
@@ -479,6 +479,14 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
 
+#
+# Compile NXP CAAM JR crypto Driver
+#
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_DEBUG=n
+CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS=2048
+
 #
 # Compile NXP DPAA2 crypto sec driver for CAAM HW
 #
diff --git a/config/common_linuxapp b/config/common_linuxapp
index 9c5ea9d89..c1c7c4287 100644
--- a/config/common_linuxapp
+++ b/config/common_linuxapp
@@ -35,6 +35,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
 CONFIG_RTE_LIBRTE_DPAA_PMD=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
 
 # NXP FSLMC BUS and DPAA2 drivers
 CONFIG_RTE_LIBRTE_FSLMC_BUS=y
diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc b/config/defconfig_arm64-dpaa-linuxapp-gcc
index c47aec0a6..e5343f7a9 100644
--- a/config/defconfig_arm64-dpaa-linuxapp-gcc
+++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
@@ -21,3 +21,7 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
 # NXP DPAA Bus
 CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
 CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
+
+# NXP CAAM_JR driver
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index c480cbd37..e3711d703 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_CRYPTO_SCHEDULER) += scheduler
diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
new file mode 100644
index 000000000..46d752af7
--- /dev/null
+++ b/drivers/crypto/caam_jr/Makefile
@@ -0,0 +1,40 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2017 NXP
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+#
+# library name
+#
+LIB = librte_pmd_caam_jr.a
+
+# build flags
+CFLAGS += -DALLOW_EXPERIMENTAL_API
+CFLAGS += -D _GNU_SOURCE
+ifeq ($(CONFIG_RTE_LIBRTE_CAAM_JR_DEBUG),y)
+CFLAGS += -O0 -g
+CFLAGS += "-Wno-error"
+else
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+endif
+
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
+
+# versioning export map
+EXPORT_MAP := rte_pmd_caam_jr_version.map
+
+# library version
+LIBABIVER := 1
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+# library dependencies
+
+LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
+LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_vdev
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
new file mode 100644
index 000000000..68779cba5
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -0,0 +1,157 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <sched.h>
+#include <net/if.h>
+
+#include <rte_byteorder.h>
+#include <rte_common.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_crypto.h>
+#include <rte_cryptodev.h>
+#include <rte_bus_vdev.h>
+#include <rte_malloc.h>
+#include <rte_security_driver.h>
+#include <rte_hexdump.h>
+
+#include <caam_jr_log.h>
+
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
+static uint8_t cryptodev_driver_id;
+int caam_jr_logtype;
+
+
+/*
+ * @brief Release the resources used by the SEC user space driver.
+ *
+ * Reset and release SEC's job rings indicated by the User Application at
+ * init_job_ring() and free any memory allocated internally.
+ * Call once during application tear down.
+ *
+ * @note In case there are any descriptors in-flight (descriptors received by
+ * SEC driver for processing and for which no response was yet provided to UA),
+ * the descriptors are discarded without any notifications to User Application.
+ *
+ * @retval ::0			is returned for a successful execution
+ * @retval ::-1		is returned if SEC driver release is in progress
+ */
+
+static int
+caam_jr_dev_uninit(struct rte_cryptodev *dev)
+{
+
+	if (dev == NULL)
+		return -ENODEV;
+
+
+	CAAM_JR_INFO("Closing DPAA_SEC device %s", dev->data->name);
+
+
+	return 0;
+}
+
+static int
+caam_jr_dev_init(const char *name,
+			 struct rte_vdev_device *vdev,
+			 struct rte_cryptodev_pmd_init_params *init_params)
+{
+	struct rte_cryptodev *dev;
+
+	PMD_INIT_FUNC_TRACE();
+
+	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
+	if (dev == NULL) {
+		CAAM_JR_ERR("failed to create cryptodev vdev");
+		goto cleanup;
+	}
+
+	dev->driver_id = cryptodev_driver_id;
+	dev->dev_ops = NULL;
+
+	/* For secondary processes, we don't initialise any further as primary
+	 * has already done this work. Only check we don't need a different
+	 * RX function
+	 */
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		CAAM_JR_WARN("Device already init by primary process");
+		return 0;
+	}
+
+	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
+
+	return 0;
+
+cleanup:
+	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
+			init_params->name);
+
+	return -ENXIO;
+}
+
+/** Initialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev_pmd_init_params init_params = {
+		"",
+		128,
+		rte_socket_id(),
+		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
+	};
+	const char *name;
+	const char *input_args;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	input_args = rte_vdev_device_args(vdev);
+	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
+
+	return caam_jr_dev_init(name, vdev, &init_params);
+}
+
+/** Uninitialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_remove(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev *cryptodev;
+	const char *name;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
+	if (cryptodev == NULL)
+		return -ENODEV;
+
+	caam_jr_dev_uninit(cryptodev);
+
+	return rte_cryptodev_pmd_destroy(cryptodev);
+}
+
+static struct rte_vdev_driver cryptodev_caam_jr_drv = {
+	.probe = cryptodev_caam_jr_probe,
+	.remove = cryptodev_caam_jr_remove
+};
+
+static struct cryptodev_driver caam_jr_crypto_drv;
+
+RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD, cryptodev_caam_jr_drv);
+RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
+	"max_nb_queue_pairs=<int>"
+	"max_nb_sessions=<int>"
+	"socket_id=<int>");
+RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver,
+		cryptodev_driver_id);
+
+RTE_INIT(caam_jr_init_log)
+{
+	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
+	if (caam_jr_logtype >= 0)
+		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE);
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_log.h b/drivers/crypto/caam_jr/caam_jr_log.h
new file mode 100644
index 000000000..106ff07a7
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_log.h
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef _CAAM_JR_LOG_H_
+#define _CAAM_JR_LOG_H_
+
+#include <rte_log.h>
+
+extern int caam_jr_logtype;
+
+#define CAAM_JR_LOG(level, fmt, args...) \
+	rte_log(RTE_LOG_ ## level, caam_jr_logtype, "caam_jr: " \
+		fmt "\n", ##args)
+
+#define CAAM_JR_DEBUG(fmt, args...) \
+	rte_log(RTE_LOG_DEBUG, caam_jr_logtype, "caam_jr: %s(): " \
+		fmt "\n", __func__, ##args)
+
+#define PMD_INIT_FUNC_TRACE() CAAM_JR_DEBUG(" >>")
+
+#define CAAM_JR_INFO(fmt, args...) \
+	CAAM_JR_LOG(INFO, fmt, ## args)
+#define CAAM_JR_ERR(fmt, args...) \
+	CAAM_JR_LOG(ERR, fmt, ## args)
+#define CAAM_JR_WARN(fmt, args...) \
+	CAAM_JR_LOG(WARNING, fmt, ## args)
+
+/* DP Logs, toggled out at compile time if level lower than current level */
+#define CAAM_JR_DP_LOG(level, fmt, args...) \
+	RTE_LOG_DP(level, PMD, fmt "\n", ## args)
+
+#define CAAM_JR_DP_DEBUG(fmt, args...) \
+	CAAM_JR_DP_LOG(DEBUG, fmt, ## args)
+#define CAAM_JR_DP_INFO(fmt, args...) \
+	CAAM_JR_DP_LOG(INFO, fmt, ## args)
+#define CAAM_JR_DP_WARN(fmt, args...) \
+	CAAM_JR_DP_LOG(WARNING, fmt, ## args)
+#define CAAM_JR_DP_ERR(fmt, args...) \
+	CAAM_JR_DP_LOG(ERR, fmt, ## args)
+
+#endif /* _CAAM_JR_LOG_H_ */
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
new file mode 100644
index 000000000..3edd0a212
--- /dev/null
+++ b/drivers/crypto/caam_jr/meson.build
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2018 NXP
+
+if host_machine.system() != 'linux'
+        build = false
+endif
+
+deps += ['bus_vdev', 'bus_dpaa', 'security']
+sources = files('caam_jr.c')
+
+allow_experimental_apis = true
diff --git a/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
new file mode 100644
index 000000000..521e51f41
--- /dev/null
+++ b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
@@ -0,0 +1,4 @@
+DPDK_18.11 {
+
+	local: *;
+};
diff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build
index d64ca418b..f4390581c 100644
--- a/drivers/crypto/meson.build
+++ b/drivers/crypto/meson.build
@@ -1,7 +1,7 @@
 # SPDX-License-Identifier: BSD-3-Clause
 # Copyright(c) 2017 Intel Corporation
 
-drivers = ['ccp', 'dpaa_sec', 'dpaa2_sec', 'mvsam',
+drivers = ['caam_jr', 'ccp', 'dpaa_sec', 'dpaa2_sec', 'mvsam',
 	'null', 'openssl', 'qat', 'virtio']
 
 std_deps = ['cryptodev'] # cryptodev pulls in all other needed deps
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-18 13:37   ` Akhil Goyal
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines Gagandeep Singh
                   ` (8 subsequent siblings)
  11 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile              |   6 +
 drivers/crypto/caam_jr/caam_jr.c             | 329 +++++++++++-
 drivers/crypto/caam_jr/caam_jr_config.h      | 207 ++++++++
 drivers/crypto/caam_jr/caam_jr_hw.c          | 365 ++++++++++++++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_pvt.h         | 285 +++++++++++
 drivers/crypto/caam_jr/caam_jr_uio.c         | 491 ++++++++++++++++++
 drivers/crypto/caam_jr/meson.build           |   5 +-
 8 files changed, 2188 insertions(+), 3 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index 46d752af7..8b863b4af 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -19,7 +19,10 @@ CFLAGS += -O3
 CFLAGS += $(WERROR_FLAGS)
 endif
 
+CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
 CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+#sharing the hw flib headers from dpaa2_sec pmd
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
 
@@ -30,11 +33,14 @@ EXPORT_MAP := rte_pmd_caam_jr_version.map
 LIBABIVER := 1
 
 # library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
 LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_dpaa
 LDLIBS += -lrte_bus_vdev
 
 include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 68779cba5..9d5f5b79b 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -16,13 +16,146 @@
 #include <rte_malloc.h>
 #include <rte_security_driver.h>
 #include <rte_hexdump.h>
+#include <caam_jr_config.h>
 
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <of.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
 #include <caam_jr_log.h>
 
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
 
+enum rta_sec_era rta_sec_era;
+
+/* Lists the states possible for the SEC user space driver. */
+enum sec_driver_state_e {
+	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
+	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
+	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
+};
+
+/* Job rings used for communication with SEC HW */
+static struct sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
+
+/* The current state of SEC user space driver */
+static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+/* The number of job rings used by SEC user space driver */
+static int g_job_rings_no;
+static int g_job_rings_max;
+
+/* @brief Poll the HW for already processed jobs in the JR
+ * and silently discard the available jobs or notify them to UA
+ * with indicated error code.
+ *
+ * @param [in,out]  job_ring        The job ring to poll.
+ * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
+ *				    descriptors are to be discarded
+ *                                  or notified to UA with given error_code.
+ * @param [out] notified_descs    Number of notified descriptors. Can be NULL
+ *					if do_notify is #FALSE
+ */
+static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
+			      uint32_t do_notify,
+			      uint32_t *notified_descs)
+{
+	int32_t jobs_no_to_discard = 0;
+	int32_t discarded_descs_no = 0;
+
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
+		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
+
+	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
+
+	/* Discard all jobs */
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
+		  job_ring, job_ring->pidx, job_ring->cidx,
+		  jobs_no_to_discard);
+
+	while (jobs_no_to_discard > discarded_descs_no) {
+		/* Get completed descriptor */
+#if 0
+		/*TODO if we want to do something with desc*/
+		/* Since the memory is contigous, then P2V translation is a
+		 * mere addition to the base descriptor physical address
+		 */
+		current_desc = job_ring->output_ring[job_ring->cidx].desc;
+#endif
+
+		discarded_descs_no++;
+		/* Now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 * Increment the consumer index for the current job ring
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+					 SEC_JOB_RING_SIZE);
+
+		hw_remove_entries(job_ring, 1);
+	}
+
+	if (do_notify == true) {
+		ASSERT(notified_descs != NULL);
+		*notified_descs = discarded_descs_no;
+	}
+}
+
+
+/* @brief Flush job rings of any processed descs.
+ * The processed descs are silently dropped,
+ * WITHOUT being notified to UA.
+ */
+static void close_job_ring(struct sec_job_ring_t *job_ring)
+{
+	if (job_ring->irq_fd) {
+		/* Producer index is frozen. If consumer index is not equal
+		 * with producer index, then we have descs to flush.
+		 */
+		while (job_ring->pidx != job_ring->cidx)
+			hw_flush_job_ring(job_ring, false, NULL);
+
+		/* free the uio job ring */
+		free_job_ring(job_ring->irq_fd);
+		job_ring->irq_fd = 0;
+		caam_jr_dma_free(job_ring->input_ring);
+		caam_jr_dma_free(job_ring->output_ring);
+
+		g_job_rings_no--;
+
+	}
+}
+
+/** @brief Release the software and hardware resources tied to a job ring.
+ * @param [in] job_ring The job ring
+ *
+ * @retval  0 for success
+ * @retval  -1 for error
+ */
+static int shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	ASSERT(job_ring != NULL);
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret,
+		"Failed to shutdown hardware job ring %p",
+		job_ring);
+
+	if (job_ring->coalescing_en)
+		hw_job_ring_disable_coalescing(job_ring);
+
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
+		ret = caam_jr_disable_irqs(job_ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+		"Failed to disable irqs for job ring %p",
+		job_ring);
+	}
+
+	return ret;
+}
 
 /*
  * @brief Release the resources used by the SEC user space driver.
@@ -42,31 +175,195 @@ int caam_jr_logtype;
 static int
 caam_jr_dev_uninit(struct rte_cryptodev *dev)
 {
+	struct sec_job_ring_t *internals;
 
 	if (dev == NULL)
 		return -ENODEV;
 
+	internals = dev->data->dev_private;
+	rte_free(dev->security_ctx);
+
+
+	/* If any descriptors in flight , poll and wait
+	 * until all descriptors are received and silently discarded.
+	 */
+	if (internals) {
+		shutdown_job_ring(internals);
+		close_job_ring(internals);
+		rte_mempool_free(internals->ctx_pool);
+	}
 
 	CAAM_JR_INFO("Closing DPAA_SEC device %s", dev->data->name);
 
+	/* last caam jr instance) */
+	if (g_job_rings_no == 0)
+		g_driver_state = SEC_DRIVER_STATE_IDLE;
 
-	return 0;
+	return SEC_SUCCESS;
 }
 
+/* @brief Initialize the software and hardware resources tied to a job ring.
+ * @param [in] jr_mode;		Model to be used by SEC Driver to receive
+ *				notifications from SEC.  Can be either
+ *				of the three: #SEC_NOTIFICATION_TYPE_NAPI
+ *				#SEC_NOTIFICATION_TYPE_IRQ or
+ *				#SEC_NOTIFICATION_TYPE_POLL
+ * @param [in] NAPI_mode	The NAPI work mode to configure a job ring at
+ *				startup. Used only when #SEC_NOTIFICATION_TYPE
+ *				is set to #SEC_NOTIFICATION_TYPE_NAPI.
+ * @param [in] irq_coalescing_timer This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in] irq_coalescing_count This value determines how many
+ *					descriptors are completed before
+ *					raising an interrupt.
+ * @param [in] reg_base_addr,	The job ring base address register
+ * @param [in] irq_id		The job ring interrupt identification number.
+ * @retval  job_ring_handle for successful job ring configuration
+ * @retval  NULL on error
+ *
+ */
+static void *
+init_job_ring(void *reg_base_addr, uint32_t irq_id)
+{
+	struct sec_job_ring_t *job_ring = NULL;
+	int i, ret = 0;
+	int jr_mode = SEC_NOTIFICATION_TYPE_POLL;
+	int napi_mode = 0;
+	int irq_coalescing_timer = 0;
+	int irq_coalescing_count = 0;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_job_rings[i].irq_fd == 0) {
+			job_ring = &g_job_rings[i];
+			g_job_rings_no++;
+			break;
+		}
+	}
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	job_ring->register_base_addr = reg_base_addr;
+	job_ring->jr_mode = jr_mode;
+	job_ring->napi_mode = 0;
+	job_ring->irq_fd = irq_id;
+
+	/* Allocate mem for input and output ring */
+
+	/* Allocate memory for input ring */
+	job_ring->input_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_INPUT_RING_SIZE);
+	memset(job_ring->input_ring, 0, SEC_DMA_MEM_INPUT_RING_SIZE);
+
+	/* Allocate memory for output ring */
+	job_ring->output_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_OUTPUT_RING_SIZE);
+	memset(job_ring->output_ring, 0, SEC_DMA_MEM_OUTPUT_RING_SIZE);
+
+	/* Reset job ring in SEC hw and configure job ring registers */
+	ret = hw_reset_job_ring(job_ring);
+	if (ret != 0) {
+		CAAM_JR_ERR("Failed to reset hardware job ring");
+		goto cleanup;
+	}
+
+	if (jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+	/* When SEC US driver works in NAPI mode, the UA can select
+	 * if the driver starts with IRQs on or off.
+	 */
+		if (napi_mode == SEC_STARTUP_INTERRUPT_MODE) {
+			CAAM_JR_INFO("Enabling DONE IRQ generationon job ring - %p",
+				job_ring);
+			ret = caam_jr_enable_irqs(job_ring->irq_fd);
+			if (ret != 0) {
+				CAAM_JR_ERR("Failed to enable irqs for job ring");
+				goto cleanup;
+			}
+		}
+	} else if (jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+	/* When SEC US driver works in pure interrupt mode,
+	 * IRQ's are always enabled.
+	 */
+		CAAM_JR_INFO("Enabling DONE IRQ generation on job ring - %p",
+			 job_ring);
+		ret = caam_jr_enable_irqs(job_ring->irq_fd);
+		if (ret != 0) {
+			CAAM_JR_ERR("Failed to enable irqs for job ring");
+			goto cleanup;
+		}
+	}
+	if (irq_coalescing_timer || irq_coalescing_count) {
+		hw_job_ring_set_coalescing_param(job_ring,
+			 irq_coalescing_timer,
+			 irq_coalescing_count);
+
+		hw_job_ring_enable_coalescing(job_ring);
+		job_ring->coalescing_en = 1;
+	}
+
+	job_ring->jr_state = SEC_JOB_RING_STATE_STARTED;
+	job_ring->max_nb_queue_pairs = RTE_CAAM_MAX_NB_SEC_QPS;
+	job_ring->max_nb_sessions = RTE_CAAM_JR_PMD_MAX_NB_SESSIONS;
+
+	return job_ring;
+cleanup:
+	caam_jr_dma_free(job_ring->output_ring);
+	caam_jr_dma_free(job_ring->input_ring);
+	return NULL;
+}
+
+
 static int
 caam_jr_dev_init(const char *name,
 			 struct rte_vdev_device *vdev,
 			 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct uio_job_ring *job_ring;
+	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
 	PMD_INIT_FUNC_TRACE();
 
+	/* Validate driver state */
+	if (g_driver_state == SEC_DRIVER_STATE_IDLE) {
+		g_job_rings_max = sec_configure();
+		if (!g_job_rings_max) {
+			CAAM_JR_ERR("No job ring detected on UIO !!!!");
+			return -1;
+		}
+		/* Update driver state */
+		g_driver_state = SEC_DRIVER_STATE_STARTED;
+	}
+
+	if (g_job_rings_no >= g_job_rings_max) {
+		CAAM_JR_ERR("No more job rings available max=%d!!!!",
+				g_job_rings_max);
+		return -1;
+	}
+
+	job_ring = config_job_ring();
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("failed to create job ring");
+		goto init_error;
+	}
+
+	snprintf(str, sizeof(str), "caam_jr%d", job_ring->jr_id);
+
 	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 	if (dev == NULL) {
 		CAAM_JR_ERR("failed to create cryptodev vdev");
 		goto cleanup;
 	}
+	/*TODO free it during teardown*/
+	dev->data->dev_private = init_job_ring(job_ring->register_base_addr,
+						job_ring->uio_fd);
+
+	if (!dev->data->dev_private) {
+		CAAM_JR_ERR("Ring memory allocation failed\n");
+		goto cleanup2;
+	}
 
 	dev->driver_id = cryptodev_driver_id;
 	dev->dev_ops = NULL;
@@ -84,7 +381,12 @@ caam_jr_dev_init(const char *name,
 
 	return 0;
 
+cleanup2:
+	caam_jr_dev_uninit(dev);
+	rte_cryptodev_pmd_release_device(dev);
 cleanup:
+	free_job_ring(job_ring->uio_fd);
+init_error:
 	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
 			init_params->name);
 
@@ -97,7 +399,7 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 {
 	struct rte_cryptodev_pmd_init_params init_params = {
 		"",
-		128,
+		sizeof(struct sec_job_ring_t),
 		rte_socket_id(),
 		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
 	};
@@ -111,6 +413,29 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 	input_args = rte_vdev_device_args(vdev);
 	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
 
+	/* if sec device version is not configured */
+	if (!rta_get_sec_era()) {
+		const struct device_node *caam_node;
+
+		for_each_compatible_node(caam_node, NULL, "fsl,sec-v4.0") {
+			const uint32_t *prop = of_get_property(caam_node,
+					"fsl,sec-era",
+					NULL);
+			if (prop) {
+				rta_set_sec_era(
+					INTL_SEC_ERA(cpu_to_caam32(*prop)));
+				break;
+			}
+		}
+	}
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+	if (rta_get_sec_era() > RTA_SEC_ERA_8) {
+		RTE_LOG(ERR, PMD,
+		"CAAM is compiled in BE mode for device with sec era > 8???\n");
+		return -EINVAL;
+	}
+#endif
+
 	return caam_jr_dev_init(name, vdev, &init_params);
 }
 
diff --git a/drivers/crypto/caam_jr/caam_jr_config.h b/drivers/crypto/caam_jr/caam_jr_config.h
new file mode 100644
index 000000000..e7855cee6
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_config.h
@@ -0,0 +1,207 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CONFIG_H
+#define CAAM_JR_CONFIG_H
+
+#include <rte_byteorder.h>
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+#define CAAM_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CAAM_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+#define CORE_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CORE_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+typedef uint64_t	dma_addr_t;
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+
+#define cpu_to_caam64 rte_cpu_to_be_64
+#define cpu_to_caam32 rte_cpu_to_be_32
+#else
+#define cpu_to_caam64
+#define cpu_to_caam32
+
+#endif
+
+/*
+ * SEC is configured to start work in polling mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_POLLING_MODE     0
+/*
+ * SEC is configured to start work in interrupt mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_INTERRUPT_MODE   1
+
+/*
+ * SEC driver will use NAPI model to receive notifications
+ * for processed packets from SEC engine hardware:
+ * - IRQ for low traffic
+ * - polling for high traffic.
+ */
+#define SEC_NOTIFICATION_TYPE_NAPI  0
+/*
+ * SEC driver will use ONLY interrupts to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_IRQ   1
+/*
+ * SEC driver will use ONLY polling to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_POLL  2
+
+/*
+ * SEC USER SPACE DRIVER related configuration.
+ */
+
+/*
+ * Determines how SEC user space driver will receive notifications
+ * for processed packets from SEC engine.
+ * Valid values are: #SEC_NOTIFICATION_TYPE_POLL, #SEC_NOTIFICATION_TYPE_IRQ
+ * and #SEC_NOTIFICATION_TYPE_NAPI.
+ */
+#define SEC_NOTIFICATION_TYPE   SEC_NOTIFICATION_TYPE_POLL
+
+/* Maximum number of job rings supported by SEC hardware */
+#define MAX_SEC_JOB_RINGS         4
+
+/* Maximum number of QP per job ring */
+#define RTE_CAAM_MAX_NB_SEC_QPS    1
+
+/*
+ * Size of cryptographic context that is used directly in communicating
+ * with SEC device. SEC device works only with physical addresses. This
+ * is the maximum size for a SEC descriptor ( = 64 words).
+ */
+#define SEC_CRYPTO_DESCRIPTOR_SIZE  256
+
+/*
+ * Size of job descriptor submitted to SEC device for each packet to
+ * be processed.
+ * Job descriptor contains 3 DMA address pointers:
+ *	- to shared descriptor, to input buffer and to output buffer.
+ * The job descriptor contains other SEC specific commands as well:
+ *	- HEADER command, SEQ IN PTR command SEQ OUT PTR command and opaque data
+ *      each measuring 4 bytes.
+ * Job descriptor size, depending on physical address representation:
+ *	- 32 bit - size is 28 bytes - cacheline-aligned size is 64 bytes
+ *	- 36 bit - size is 40 bytes - cacheline-aligned size is 64 bytes
+ * @note: Job descriptor must be cacheline-aligned to ensure efficient
+ *	memory access.
+ * @note: If other format is used for job descriptor, then the size must be
+ *	revised.
+ */
+#define SEC_JOB_DESCRIPTOR_SIZE     64
+
+/*
+ * Size of one entry in the input ring of a job ring.
+ * Input ring contains pointers to job descriptors.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ */
+#define SEC_JOB_INPUT_RING_ENTRY_SIZE  sizeof(dma_addr_t)
+
+/*
+ * Size of one entry in the output ring of a job ring.
+ * Output ring entry is a pointer to a job descriptor followed by a 4 byte
+ * status word.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ * @note If desired to use also the optional SEQ OUT indication in output ring
+ * entries,
+ * then 4 more bytes must be added to the size.
+ */
+#define SEC_JOB_OUTPUT_RING_ENTRY_SIZE  (SEC_JOB_INPUT_RING_ENTRY_SIZE + 4)
+
+/*
+ * DMA memory required for an input ring of a job ring.
+ */
+#define SEC_DMA_MEM_INPUT_RING_SIZE     ((SEC_JOB_INPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/*
+ * DMA memory required for an output ring of a job ring.
+ *  Required extra 4 byte for status word per each entry.
+ */
+#define SEC_DMA_MEM_OUTPUT_RING_SIZE    ((SEC_JOB_OUTPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/* DMA memory required for a job ring, including both input and output rings. */
+#define SEC_DMA_MEM_JOB_RING_SIZE       ((SEC_DMA_MEM_INPUT_RING_SIZE) + \
+					(SEC_DMA_MEM_OUTPUT_RING_SIZE))
+
+/*
+ * When calling sec_init() UA will provide an area of virtual memory
+ *  of size #SEC_DMA_MEMORY_SIZE to be  used internally by the driver
+ *  to allocate data (like SEC descriptors) that needs to be passed to
+ *  SEC device in physical addressing and later on retrieved from SEC device.
+ *  At initialization the UA provides specialized ptov/vtop functions/macros to
+ *  translate addresses allocated from this memory area.
+ */
+#define SEC_DMA_MEMORY_SIZE          ((SEC_DMA_MEM_JOB_RING_SIZE) * \
+					(MAX_SEC_JOB_RINGS))
+
+#define L1_CACHE_BYTES 64
+
+/* SEC JOB RING related configuration. */
+
+/*
+ * Configure the size of the JOB RING.
+ * The maximum size of the ring in hardware limited to 1024.
+ * However the number of packets in flight in a time interval of 1ms can
+ * be calculated from the traffic rate (Mbps) and packet size.
+ * Here it was considered a packet size of 64 bytes.
+ *
+ * @note Round up to nearest power of 2 for optimized update
+ * of producer/consumer indexes of each job ring
+ */
+#define SEC_JOB_RING_SIZE     512
+
+/*
+ * Interrupt coalescing related configuration.
+ * NOTE: SEC hardware enabled interrupt
+ * coalescing is not supported on SEC version 3.1!
+ * SEC version 4.4 has support for interrupt
+ * coalescing.
+ */
+
+#if SEC_NOTIFICATION_TYPE != SEC_NOTIFICATION_TYPE_POLL
+
+#define SEC_INT_COALESCING_ENABLE   1
+/*
+ * Interrupt Coalescing Descriptor Count Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines
+ * how many Descriptors are completed before raising an interrupt.
+ *
+ * Valid values for this field are from 0 to 255.
+ * Note that a value of 1 functionally defeats the advantages of interrupt
+ * coalescing since the threshold value is reached each time that a
+ * Job Descriptor is completed. A value of 0 is treated in the same
+ * manner as a value of 1.
+ */
+#define SEC_INTERRUPT_COALESCING_DESCRIPTOR_COUNT_THRESH  10
+
+/*
+ * Interrupt Coalescing Timer Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines the
+ * maximum amount of time after processing a Descriptor before raising an
+ * interrupt.
+ * The threshold value is represented in units equal to 64 CAAM interface
+ * clocks. Valid values for this field are from 1 to 65535.
+ * A value of 0 results in behavior identical to that when interrupt
+ * coalescing is disabled.
+ */
+#define SEC_INTERRUPT_COALESCING_TIMER_THRESH  100
+#endif /* SEC_NOTIFICATION_TYPE_POLL */
+
+#endif /* CAAM_JR_CONFIG_H */
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
new file mode 100644
index 000000000..5baac95f8
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -0,0 +1,365 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <inttypes.h>
+#include <rte_common.h>
+#include <rte_memory.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+#include <caam_jr_config.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* Used to retry resetting a job ring in SEC hardware. */
+#define SEC_TIMEOUT 100000
+
+/* @brief Process Jump Halt Condition related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void hw_handle_jmp_halt_cond_err(union hw_error_code
+						error_code) {
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x, Condition: 0x%x",
+			error_code.error_desc.jmp_halt_cond_src.jmp,
+			error_code.error_desc.jmp_halt_cond_src.desc_idx,
+			error_code.error_desc.jmp_halt_cond_src.cond);
+	(void)error_code;
+}
+
+/* @brief Process DECO related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void hw_handle_deco_err(union hw_error_code
+				error_code) {
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x",
+			error_code.error_desc.deco_src.jmp,
+			error_code.error_desc.deco_src.desc_idx);
+
+	switch (error_code.error_desc.deco_src.desc_err) {
+	case SEC_HW_ERR_DECO_HFN_THRESHOLD:
+		CAAM_JR_DEBUG(" Warning: Descriptor completed normally,"
+			"but 3GPP HFN matches or exceeds the Threshold ");
+		break;
+	default:
+		CAAM_JR_DEBUG("Error 0x%04x not implemented",
+				error_code.error_desc.deco_src.desc_err);
+		break;
+	}
+}
+
+/* @brief Process  Jump Halt User Status related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void hw_handle_jmp_halt_user_err(union hw_error_code
+						error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process CCB related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_ccb_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process Job Ring related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline
+void hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+int hw_reset_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	ASSERT(job_ring->register_base_addr != NULL);
+
+	/* First reset the job ring in hw */
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret, "Failed resetting job ring in hardware");
+
+	/* In order to have the HW JR in a workable state
+	 * after a reset, I need to re-write the input
+	 * queue size, input start address, output queue
+	 * size and output start address
+	 */
+	/* Write the JR input queue size to the HW register */
+	hw_set_input_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR output queue size to the HW register */
+	hw_set_output_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR input queue start address */
+	hw_set_input_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->input_ring));
+	CAAM_JR_DEBUG(" Set input ring base address to : Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->input_ring,
+		      caam_jr_dma_vtop(job_ring->input_ring),
+		      hw_get_inp_queue_base(job_ring));
+
+	/* Write the JR output queue start address */
+	hw_set_output_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->output_ring));
+	CAAM_JR_DEBUG(" Set output ring base address to: Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->output_ring,
+		      caam_jr_dma_vtop(job_ring->output_ring),
+		      hw_get_out_queue_base(job_ring));
+	return ret;
+}
+
+int hw_shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	unsigned int timeout = SEC_TIMEOUT;
+	uint32_t tmp = 0;
+	int usleep_interval = 10;
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return 0;
+	}
+
+	CAAM_JR_INFO("Resetting Job ring %p", job_ring);
+
+	/*
+	 * Mask interrupts since we are going to poll
+	 * for reset completion status
+	 * Also, at POR, interrupts are ENABLED on a JR, thus
+	 * this is the point where I can disable them without
+	 * changing the code logic too much
+	 */
+	caam_jr_disable_irqs(job_ring->irq_fd);
+
+	/* initiate flush (required prior to reset) */
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	/* dummy read */
+	tmp = GET_JR_REG(JRCR, job_ring);
+
+	do {
+		tmp = GET_JR_REG(JRINT, job_ring);
+		usleep(usleep_interval);
+	} while (((tmp & JRINT_ERR_HALT_MASK) ==
+			JRINT_ERR_HALT_INPROGRESS) && --timeout);
+
+	CAAM_JR_INFO("JRINT is %x", tmp);
+
+	if ((tmp & JRINT_ERR_HALT_MASK) != JRINT_ERR_HALT_COMPLETE ||
+		timeout == 0) {
+		CAAM_JR_ERR("0x%x, %d", tmp, timeout);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+
+	/* Initiate reset */
+	timeout = SEC_TIMEOUT;
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	do {
+		tmp = GET_JR_REG(JRCR, job_ring);
+		usleep(usleep_interval);
+	} while ((tmp & JR_REG_JRCR_VAL_RESET) && --timeout);
+
+	CAAM_JR_DEBUG("JRCR is %x", tmp);
+
+	if (timeout == 0) {
+		CAAM_JR_ERR("Failed to reset hw job ring %p", job_ring);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+	/* unmask interrupts */
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+		caam_jr_enable_irqs(job_ring->irq_fd);
+	return 0;
+
+}
+
+void hw_handle_job_ring_error(struct sec_job_ring_t *job_ring __rte_unused,
+			uint32_t error_code)
+{
+	union hw_error_code hw_err_code;
+
+	hw_err_code.error = error_code;
+
+	switch (hw_err_code.error_desc.value.ssrc) {
+	case SEC_HW_ERR_SSRC_NO_SRC:
+		ASSERT(hw_err_code.error_desc.no_status_src.res == 0);
+		CAAM_JR_ERR("No Status Source ");
+		break;
+	case SEC_HW_ERR_SSRC_CCB_ERR:
+		CAAM_JR_ERR("CCB Status Source");
+		hw_handle_ccb_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_U:
+		CAAM_JR_ERR("Jump Halt User Status Source");
+		hw_handle_jmp_halt_user_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_DECO:
+		CAAM_JR_ERR("DECO Status Source");
+		hw_handle_deco_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JR:
+		CAAM_JR_ERR("Job Ring Status Source");
+		hw_handle_jr_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_COND:
+		CAAM_JR_ERR("Jump Halt Condition Codes");
+		hw_handle_jmp_halt_cond_err(hw_err_code);
+		break;
+	default:
+		ASSERT(0);
+		CAAM_JR_ERR("Unknown SSRC");
+		break;
+	}
+}
+
+void hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code)
+{
+	switch (code) {
+	case JRINT_ERR_WRITE_STATUS:
+		CAAM_JR_ERR("Error writing status to Output Ring ");
+		break;
+	case JRINT_ERR_BAD_INPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Input Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_BAD_OUTPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Output Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_WRITE_2_IRBA:
+		CAAM_JR_ERR(
+		"Invalid write to Input Ring Base Address Register ");
+		break;
+	case JRINT_ERR_WRITE_2_ORBA:
+		CAAM_JR_ERR(
+		"Invalid write to Output Ring Base Address Register ");
+		break;
+	case JRINT_ERR_RES_B4_HALT:
+		CAAM_JR_ERR(
+		"Job Ring [%p] released before Job Ring is halted",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_REM_TOO_MANY:
+		CAAM_JR_ERR("Removed too many jobs from job ring [%p]",
+			(void *)job_ring);
+		break;
+	case JRINT_ERR_ADD_TOO_MANY:
+		CAAM_JR_ERR("Added too many jobs on job ring [%p]", job_ring);
+		break;
+	default:
+		CAAM_JR_ERR(" Unknown SEC JR Error :%d",
+				code);
+		break;
+	}
+}
+
+int hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				uint16_t irq_coalescing_timer,
+				uint8_t irq_coalescing_count)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+	/* Set descriptor count coalescing */
+	reg_val |= (irq_coalescing_count << JR_REG_JRCFG_LO_ICDCT_SHIFT);
+
+	/* Set coalescing timer value */
+	reg_val |= (irq_coalescing_timer << JR_REG_JRCFG_LO_ICTT_SHIFT);
+
+	/* Update parameters in HW */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Set coalescing params on jr %p timer:%d, desc count: %d",
+			job_ring, irq_coalescing_timer, irq_coalescing_timer);
+
+	return 0;
+}
+
+int hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Enable coalescing */
+	reg_val |= JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Enabled coalescing on jr %p ",
+			job_ring);
+
+	return 0;
+}
+
+int hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Disable coalescing */
+	reg_val &= ~JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Disabled coalescing on jr %p ", job_ring);
+
+	return 0;
+
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
new file mode 100644
index 000000000..7c8909d2b
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
@@ -0,0 +1,503 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017 NXP
+ */
+
+#ifndef CAAM_JR_HW_SPECIFIC_H
+#define CAAM_JR_HW_SPECIFIC_H
+
+#include <caam_jr_config.h>
+
+/*
+ * Offset to the registers of a job ring.
+ * Is different for each job ring.
+ */
+#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
+
+#ifndef unlikely
+#define unlikely(x)     __builtin_expect(!!(x), 0)
+#endif
+
+#define SEC_JOB_RING_IS_FULL(pi, ci, ring_max_size, ring_threshold) \
+		((((pi) + 1 + ((ring_max_size) - (ring_threshold))) & \
+		  (ring_max_size - 1))  == ((ci)))
+
+#define SEC_CIRCULAR_COUNTER(x, max)   (((x) + 1) & (max - 1))
+
+/*
+ * Assert that cond is true. If !cond is true, display str and the vararg list
+ * in a printf-like syntax. also, if !cond is true, return altRet.
+ *
+ * \param cond          A boolean expression to be asserted true
+ * \param altRet        The value to be returned if cond doesn't hold true
+ * \param str           A quoted char string
+ *
+ * E.g.:
+ *      SEC_ASSERT(ret > 0, 0, "ERROR initializing app: code = %d\n", ret);
+ */
+#define SEC_ASSERT(cond, altRet, ...) {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_ERR(__VA_ARGS__); \
+			return altRet; \
+	} \
+}
+
+#define SEC_DP_ASSERT(cond, altRet, ...) {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_DP_ERR(__VA_ARGS__); \
+			return altRet; \
+	} \
+}
+
+#define ASSERT(x)
+
+/*
+ * Constants representing various job ring registers
+ */
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_IRBA_OFFSET		0x0000
+#define JR_REG_IRBA_OFFSET_LO		0x0004
+#else
+#define JR_REG_IRBA_OFFSET		0x0004
+#define JR_REG_IRBA_OFFSET_LO		0x0000
+#endif
+
+#define JR_REG_IRSR_OFFSET		0x000C
+#define JR_REG_IRSA_OFFSET		0x0014
+#define JR_REG_IRJA_OFFSET		0x001C
+
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_ORBA_OFFSET		0x0020
+#define JR_REG_ORBA_OFFSET_LO		0x0024
+#else
+#define JR_REG_ORBA_OFFSET		0x0024
+#define JR_REG_ORBA_OFFSET_LO		0x0020
+#endif
+
+#define JR_REG_ORSR_OFFSET		0x002C
+#define JR_REG_ORJR_OFFSET		0x0034
+#define JR_REG_ORSFR_OFFSET		0x003C
+#define JR_REG_JROSR_OFFSET		0x0044
+#define JR_REG_JRINT_OFFSET		0x004C
+
+#define JR_REG_JRCFG_OFFSET		0x0050
+#define JR_REG_JRCFG_OFFSET_LO		0x0054
+
+#define JR_REG_IRRI_OFFSET		0x005C
+#define JR_REG_ORWI_OFFSET		0x0064
+#define JR_REG_JRCR_OFFSET		0x006C
+
+/*
+ * Constants for error handling on job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_SHIFT	8
+#define JR_REG_JRINT_ERR_ORWI_SHIFT	16
+#define JR_REG_JRINIT_JRE_SHIFT		1
+
+#define JRINT_JRE			(1 << JR_REG_JRINIT_JRE_SHIFT)
+#define JRINT_ERR_WRITE_STATUS		(1 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_INPUT_BASE	(3 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_OUTPUT_BASE	(4 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_IRBA		(5 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_ORBA		(6 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_RES_B4_HALT		(7 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_REM_TOO_MANY		(8 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_ADD_TOO_MANY		(9 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_HALT_MASK		0x0C
+#define JRINT_ERR_HALT_INPROGRESS	0x04
+#define JRINT_ERR_HALT_COMPLETE		0x08
+
+#define JR_REG_JRCR_VAL_RESET		0x00000001
+
+#define JR_REG_JRCFG_LO_ICTT_SHIFT	0x10
+#define JR_REG_JRCFG_LO_ICDCT_SHIFT	0x08
+#define JR_REG_JRCFG_LO_ICEN_EN		0x02
+
+/*
+ * Constants for Descriptor Processing errors
+ */
+#define SEC_HW_ERR_SSRC_NO_SRC		0x00
+#define SEC_HW_ERR_SSRC_CCB_ERR		0x02
+#define SEC_HW_ERR_SSRC_JMP_HALT_U	0x03
+#define SEC_HW_ERR_SSRC_DECO		0x04
+#define SEC_HW_ERR_SSRC_JR		0x06
+#define SEC_HW_ERR_SSRC_JMP_HALT_COND   0x07
+
+#define SEC_HW_ERR_DECO_HFN_THRESHOLD   0xF1
+#define SEC_HW_ERR_CCB_ICV_CHECK_FAIL   0x0A
+
+/*
+ * Constants for descriptors
+ */
+/* Return higher 32 bits of physical address */
+#define PHYS_ADDR_HI(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) >> 32)
+
+/* Return lower 32 bits of physical address */
+#define PHYS_ADDR_LO(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) & 0xFFFFFFFF)
+
+/*
+ * Macros for extracting error codes for the job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_EXTRACT(value)      ((value) & 0x00000F00)
+#define JR_REG_JRINT_ERR_ORWI_EXTRACT(value)     \
+	(((value) & 0x3FFF0000) >> JR_REG_JRINT_ERR_ORWI_SHIFT)
+#define JR_REG_JRINT_JRE_EXTRACT(value)	   ((value) & JRINT_JRE)
+
+/*
+ * Macros for managing the job ring
+ */
+/* Read pointer to job ring input ring start address */
+#if defined(RTE_ARCH_ARM64)
+#define hw_get_inp_queue_base(jr) ((((dma_addr_t)GET_JR_REG(IRBA, (jr))) << 32) | \
+					(GET_JR_REG_LO(IRBA, (jr))))
+
+/* Read pointer to job ring output ring start address */
+#define hw_get_out_queue_base(jr)   (((dma_addr_t)(GET_JR_REG(ORBA, (jr))) << 32) | \
+					(GET_JR_REG_LO(ORBA, (jr))))
+#else
+#define hw_get_inp_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(IRBA, (jr))))
+
+#define hw_get_out_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(ORBA, (jr))))
+#endif
+
+/*
+ * IRJA - Input Ring Jobs Added Register shows
+ * how many new jobs were added to the Input Ring.
+ */
+#define hw_enqueue_desc_on_job_ring(job_ring) SET_JR_REG(IRJA, (job_ring), 1)
+
+#define hw_set_input_ring_size(job_ring, size) SET_JR_REG(IRSR, job_ring, (size))
+
+#define hw_set_output_ring_size(job_ring, size) SET_JR_REG(ORSR, job_ring, (size))
+
+#if defined(RTE_ARCH_ARM64)
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#else
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, 0);	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, 0);	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+#endif
+
+/* ORJR - Output Ring Jobs Removed Register shows how many jobs were
+ * removed from the Output Ring for processing by software. This is done after
+ * the software has processed the entries.
+ */
+#define hw_remove_entries(jr, no_entries) SET_JR_REG(ORJR, (jr), (no_entries))
+
+/* IRSA - Input Ring Slots Available register holds the number of entries in
+ * the Job Ring's input ring. Once a job is enqueued, the value returned is
+ * decremented by the hardware by the number of jobs enqueued.
+ */
+#define hw_get_available_slots(jr)		GET_JR_REG(IRSA, jr)
+
+/* ORSFR - Output Ring Slots Full register holds the number of jobs which were
+ * processed by the SEC and can be retrieved by the software. Once a job has
+ * been processed by software, the user will call hw_remove_one_entry in order
+ * to notify the SEC that the entry was processed.
+ */
+#define hw_get_no_finished_jobs(jr)		GET_JR_REG(ORSFR, jr)
+
+/*
+ * Macros for manipulating JR registers
+ */
+#if CORE_BYTE_ORDER == CAAM_BYTE_ORDER
+#define sec_read_32(addr)	(*(volatile unsigned int *)(addr))
+#define sec_write_32(addr, val)	(*(volatile unsigned int *)(addr) = (val))
+
+#else
+#define sec_read_32(addr)	rte_bswap32((*(volatile unsigned int *)(addr)))
+#define sec_write_32(addr, val) \
+			(*(volatile unsigned int *)(addr) = rte_bswap32(val))
+#endif
+
+#if CAAM_BYTE_ORDER == __LITTLE_ENDIAN
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr) + 1) << 32) | \
+				(sec_read_32((u32 *)(addr))))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr) + 1, (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr), (u32)(val));		\
+}
+#else /* CAAM_BYTE_ORDER == __BIG_ENDIAN */
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr)) << 32) | \
+				(sec_read_32((u32 *)(addr) + 1)))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr), (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr) + 1, (u32)(val));		\
+}
+#endif
+
+#if defined(RTE_ARCH_ARM64)
+#define sec_read_addr(a)	sec_read_64((a))
+#define sec_write_addr(a, v)	sec_write_64((a), (v))
+#else
+#define sec_read_addr(a)	sec_read_32((a))
+#define sec_write_addr(a, v)	sec_write_32((a), (v))
+#endif
+
+#define JR_REG(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET)
+#define JR_REG_LO(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET_LO)
+
+#define GET_JR_REG(name, jr)	(sec_read_32(JR_REG(name, (jr))))
+#define GET_JR_REG_LO(name, jr)	(sec_read_32(JR_REG_LO(name, (jr))))
+
+#define SET_JR_REG(name, jr, value) \
+				(sec_write_32(JR_REG(name, (jr)), value))
+#define SET_JR_REG_LO(name, jr, value) \
+				(sec_write_32(JR_REG_LO(name, (jr)), value))
+
+/* Lists the possible states for a job ring. */
+typedef enum sec_job_ring_state_e {
+	SEC_JOB_RING_STATE_STARTED,	/* Job ring is initialized */
+	SEC_JOB_RING_STATE_RESET,	/* Job ring reset is in progress */
+} sec_job_ring_state_t;
+
+/* code or cmd block to caam */
+struct sec_cdb {
+	struct {
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				uint16_t rsvd63_48;
+				unsigned int rsvd47_39:9;
+				unsigned int idlen:7;
+#else
+				unsigned int idlen:7;
+				unsigned int rsvd47_39:9;
+				uint16_t rsvd63_48;
+#endif
+			} field;
+		} __rte_packed hi;
+
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				unsigned int rsvd31_30:2;
+				unsigned int fsgt:1;
+				unsigned int lng:1;
+				unsigned int offset:2;
+				unsigned int abs:1;
+				unsigned int add_buf:1;
+				uint8_t pool_id;
+				uint16_t pool_buffer_size;
+#else
+				uint16_t pool_buffer_size;
+				uint8_t pool_id;
+				unsigned int add_buf:1;
+				unsigned int abs:1;
+				unsigned int offset:2;
+				unsigned int lng:1;
+				unsigned int fsgt:1;
+				unsigned int rsvd31_30:2;
+#endif
+			} field;
+		} __rte_packed lo;
+	} __rte_packed sh_hdr;
+
+	uint32_t sh_desc[SEC_JOB_DESCRIPTOR_SIZE];
+};
+
+struct caam_jr_qp {
+	struct sec_job_ring_t *ring;
+	uint64_t rx_pkts;
+	uint64_t rx_errs;
+	uint64_t rx_poll_err;
+	uint64_t tx_pkts;
+	uint64_t tx_errs;
+	uint64_t tx_ring_full;
+};
+
+struct sec_job_ring_t {
+	/* TODO: Add wrapper macro to make it obvious this is the consumer index
+	 * on the output ring
+	 */
+	uint32_t cidx;		/* Consumer index for job ring (jobs array).
+				 * @note: cidx and pidx are accessed from
+				 * different threads. Place the cidx and pidx
+				 * inside the structure so that they lay on
+				 * different cachelines, to avoid false sharing
+				 * between threads when the threads run on
+				 * different cores!
+				 */
+	/* TODO: Add wrapper macro to make it obvious this is the producer index
+	 * on the input ring
+	 */
+	uint32_t pidx;		/* Producer index for job ring (jobs array) */
+
+	phys_addr_t *input_ring;/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	struct sec_outring_entry *output_ring;
+				/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	uint32_t irq_fd;	/* The file descriptor used for polling from
+				 * user space for interrupts notifications
+				 */
+	uint32_t jr_mode;	/* Model used by SEC Driver to receive
+				 * notifications from SEC.  Can be either
+				 * of the three: #SEC_NOTIFICATION_TYPE_NAPI
+				 * #SEC_NOTIFICATION_TYPE_IRQ or
+				 * #SEC_NOTIFICATION_TYPE_POLL
+				 */
+	uint32_t napi_mode;	/* Job ring mode if NAPI mode is chosen
+				 * Used only when jr_mode is set to
+				 * #SEC_NOTIFICATION_TYPE_NAPI
+				 */
+	void *register_base_addr;	/* Base address for SEC's
+					 * register memory for this job ring.
+					 */
+	uint8_t coalescing_en;		/* notifies if coelescing is
+					 * enabled for the job ring
+					 */
+	sec_job_ring_state_t jr_state;	/* The state of this job ring */
+
+	struct rte_mempool *ctx_pool;   /* per dev mempool for caam_jr_op_ctx */
+	unsigned int max_nb_queue_pairs;
+	unsigned int max_nb_sessions;
+	struct caam_jr_qp qps[RTE_CAAM_MAX_NB_SEC_QPS]; /* i/o queue for sec */
+};
+
+/* Union describing the possible error codes that
+ * can be set in the descriptor status word
+ */
+union hw_error_code {
+	uint32_t error;
+	union {
+		struct {
+			uint32_t ssrc:4;
+			uint32_t ssed_val:28;
+		} __rte_packed value;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:28;
+		} __rte_packed no_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cha_id:4;
+			uint32_t err_id:4;
+		} __rte_packed ccb_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t offset:8;
+		} __rte_packed jmp_halt_user_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t desc_err:8;
+		} __rte_packed deco_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:17;
+			uint32_t naddr:3;
+			uint32_t desc_err:8;
+		} __rte_packed jr_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cond:8;
+		} __rte_packed jmp_halt_cond_src;
+	} __rte_packed error_desc;
+} __rte_packed;
+
+/* @brief Initialize a job ring/channel in SEC device.
+ * Write configuration register/s to properly initialize a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval other for error
+ */
+int hw_reset_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Reset a job ring/channel in SEC device.
+ * Write configuration register/s to reset a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval -1 in case job ring reset failed
+ */
+int hw_shutdown_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Handle a job ring/channel error in SEC device.
+ * Identify the error type and clear error bits if required.
+ *
+ * @param [in]  job_ring	The job ring
+ * @param [in]  sec_error_code  The job ring's error code
+ */
+void hw_handle_job_ring_error(struct sec_job_ring_t *job_ring,
+				uint32_t sec_error_code);
+
+/* @brief Handle a job ring error in the device.
+ * Identify the error type and printout a explanatory
+ * messages.
+ *
+ * @param [in]  job_ring	The job ring
+ *
+ */
+void hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code);
+
+/* @brief Set interrupt coalescing parameters on the Job Ring.
+ * @param [in]  job_ring		The job ring
+ * @param [in]  irq_coalesing_timer     Interrupt coalescing timer threshold.
+ *					This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in]  irq_coalescing_count    Interrupt coalescing descriptor count
+ *					threshold.
+ */
+int hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				uint16_t irq_coalescing_timer,
+				uint8_t irq_coalescing_count);
+
+/* @brief Enable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring);
+
+/* @brief Disable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring);
+
+#endif /* CAAM_JR_HW_SPECIFIC_H */
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
new file mode 100644
index 000000000..cc0aa65f1
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_PVT_H
+#define CAAM_JR_PVT_H
+
+/* NXP CAAM JR PMD device name */
+
+#define CAAM_JR_ALG_UNSUPPORT	(-1)
+
+/* Minimum job descriptor consists of a oneword job descriptor HEADER and
+ * a pointer to the shared descriptor.
+ */
+#define MIN_JOB_DESC_SIZE	(CAAM_CMD_SZ + CAAM_PTR_SZ)
+#define CAAM_JOB_DESC_SIZE	13
+
+/* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
+#define CTX_POOL_NUM_BUFS	32000
+#define CTX_POOL_CACHE_SIZE	512
+
+#define DIR_ENC                 1
+#define DIR_DEC                 0
+
+#define JR_MAX_NB_MAX_DIGEST	32
+
+#define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
+
+
+/* Return codes for SEC user space driver APIs */
+enum sec_return_code_e {
+	SEC_SUCCESS = 0,	       /* Operation executed successfully.*/
+	SEC_INVALID_INPUT_PARAM,       /* API received an invalid input
+					* parameter
+					*/
+	SEC_OUT_OF_MEMORY,	       /* Memory allocation failed. */
+	SEC_DESCRIPTOR_IN_FLIGHT,      /* API function indicates there are
+					* descriptors in flight
+					* for SEC to process.
+					*/
+	SEC_LAST_DESCRIPTOR_IN_FLIGHT, /* API function indicates there is one
+					* last descriptor in flight
+					* for SEC to process that.
+					*/
+	SEC_PROCESSING_ERROR,	       /* Indicates a SEC processing error
+					* occurred on a Job Ring which requires
+					* a SEC user space driver shutdown. Can
+					* be returned from sec_poll_job_ring().
+					* Then the only other API that can be
+					* called after this error is
+					* sec_release().
+					*/
+	SEC_DESC_PROCESSING_ERROR,     /* Indicates a SEC descriptor processing
+					* error occurred on a Job Ring. Can be
+					* returned from sec_poll_job_ring().
+					* The driver was able to reset job ring
+					* and job ring can be used like in a
+					* normal case.
+					*/
+	SEC_JR_IS_FULL,			/* Job Ring is full. There is no more
+					 * room in the JR for new descriptors.
+					 * This can happen if the descriptor RX
+					 * rate is higher than SEC's capacity.
+					 */
+	SEC_DRIVER_RELEASE_IN_PROGRESS, /* SEC driver shutdown is in progress,
+					 * descriptors processing or polling is
+					 * allowed.
+					 */
+	SEC_DRIVER_ALREADY_INITIALIZED, /* SEC driver is already initialized.*/
+	SEC_DRIVER_NOT_INITIALIZED,	/* SEC driver is NOT initialized. */
+	SEC_JOB_RING_RESET_IN_PROGRESS, /* Job ring is resetting due to a
+					 * per-descriptor SEC processing error
+					 * ::SEC_desc_PROCESSING_ERROR. Reset is
+					 * finished when sec_poll_job_ring()
+					 * return. Then the job ring can be used
+					 * again.
+					 */
+	SEC_RESET_ENGINE_FAILED,	/* Resetting of SEC Engine by SEC Kernel
+					 * Driver Failed
+					 */
+	SEC_ENABLE_IRQS_FAILED,		/* Enabling of IRQs in SEC Kernel Driver
+					 * Failed
+					 */
+	SEC_DISABLE_IRQS_FAILED,	/* Disabling of IRQs in SEC Kernel
+					 * Driver Failed
+					 */
+	/* END OF VALID VALUES */
+
+	SEC_RETURN_CODE_MAX_VALUE,	/* Invalid value for return code. It is
+					 * used to mark the end of the return
+					 * code values. @note ALL new return
+					 * code values MUST be added before
+					 * ::SEC_RETURN_CODE_MAX_VALUE!
+					 */
+};
+
+enum caam_jr_op_type {
+	CAAM_JR_NONE,  /* No Cipher operations*/
+	CAAM_JR_CIPHER,/* CIPHER operations */
+	CAAM_JR_AUTH,  /* Authentication Operations */
+	CAAM_JR_AEAD,  /* Authenticated Encryption with associated data */
+	CAAM_JR_IPSEC, /* IPSEC protocol operations*/
+	CAAM_JR_PDCP,  /* PDCP protocol operations*/
+	CAAM_JR_PKC,   /* Public Key Cryptographic Operations */
+	CAAM_JR_MAX
+};
+
+struct caam_jr_session {
+	uint8_t dir;         /* Operation Direction */
+	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
+	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
+	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	union {
+		struct {
+			uint8_t *data;	/* pointer to key data */
+			size_t length;	/* key length in bytes */
+		} aead_key;
+		struct {
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} cipher_key;
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} auth_key;
+		};
+	};
+	struct {
+		uint16_t length;
+		uint16_t offset;
+	} iv;	/* Initialisation vector parameters */
+	uint16_t auth_only_len; /* Length of data for Auth only */
+	uint32_t digest_length;
+	struct ip ip4_hdr;
+	struct caam_jr_qp *qp;
+	struct sec_cdb *cdb;	/* cmd block associated with qp */
+	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
+};
+
+/*
+ * 16-byte hardware scatter/gather table
+ */
+
+#define SEC4_SG_LEN_EXT		0x80000000	/* Entry points to table */
+#define SEC4_SG_LEN_FIN		0x40000000	/* Last ent in table */
+#define SEC4_SG_BPID_MASK	0x000000ff
+#define SEC4_SG_BPID_SHIFT	16
+#define SEC4_SG_LEN_MASK	0x3fffffff	/* Excludes EXT and FINAL */
+#define SEC4_SG_OFFSET_MASK	0x00001fff
+
+struct sec4_sg_entry {
+	uint64_t ptr;
+	uint32_t len;
+	uint32_t bpid_offset;
+};
+
+#define MAX_SG_ENTRIES		16
+#define SG_CACHELINE_0		0
+#define SG_CACHELINE_1		4
+#define SG_CACHELINE_2		8
+#define SG_CACHELINE_3		12
+
+/* Structure encompassing a job descriptor which is to be processed
+ * by SEC. User should also initialise this structure with the callback
+ * function pointer which will be called by driver after recieving proccessed
+ * descriptor from SEC. User data is also passed in this data structure which
+ * will be sent as an argument to the user callback function.
+ */
+struct job_descriptor {
+	uint32_t desc[CAAM_JOB_DESC_SIZE];
+};
+
+struct caam_jr_op_ctx {
+	struct job_descriptor jobdes;
+	/* sg[0] output, sg[1] input, others are possible sub frames */
+	struct sec4_sg_entry sg[MAX_SG_ENTRIES];
+	struct rte_crypto_op *op;
+	struct rte_mempool *ctx_pool; /* mempool pointer for caam_jr_op_ctx */
+	int64_t vtop_offset;
+	uint8_t digest[JR_MAX_NB_MAX_DIGEST];
+};
+
+/**
+ * Checksum
+ *
+ * @param buffer calculate chksum for buffer
+ * @param len    buffer length
+ *
+ * @return checksum value in host cpu order
+ */
+static inline uint16_t
+calc_chksum(void *buffer, int len)
+{
+	uint16_t *buf = (uint16_t *)buffer;
+	uint32_t sum = 0;
+	uint16_t result;
+
+	for (sum = 0; len > 1; len -= 2)
+		sum += *buf++;
+
+	if (len == 1)
+		sum += *(unsigned char *)buf;
+
+	sum = (sum >> 16) + (sum & 0xFFFF);
+	sum += (sum >> 16);
+	result = ~sum;
+
+	return  result;
+}
+struct uio_job_ring {
+	uint32_t jr_id;
+	uint32_t uio_fd;
+	void *register_base_addr;
+	int map_size;
+	int uio_minor_number;
+};
+
+int sec_cleanup(void);
+int sec_configure(void);
+struct uio_job_ring *config_job_ring(void);
+void free_job_ring(uint32_t uio_fd);
+
+/* For Dma memory allocation of specified length and alignment */
+static inline void *caam_jr_dma_mem_alloc(size_t align, size_t len)
+{
+	return rte_malloc("mem_alloc", len, align);
+}
+
+/* For freeing dma memory */
+static inline void caam_jr_dma_free(void *ptr)
+{
+	rte_free(ptr);
+}
+
+static inline rte_iova_t
+caam_jr_mem_vtop(void *vaddr)
+{
+	const struct rte_memseg *ms;
+
+	ms = rte_mem_virt2memseg(vaddr, NULL);
+	if (ms)
+		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
+	return (size_t)NULL;
+}
+
+static inline void *
+caam_jr_dma_ptov(rte_iova_t paddr)
+{
+	return rte_mem_iova2virt(paddr);
+}
+
+/* Virtual to physical address conversion */
+static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
+{
+	//return rte_malloc_virt2iova(ptr);
+	return caam_jr_mem_vtop(ptr);
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t caam_jr_enable_irqs(uint32_t uio_fd);
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t caam_jr_disable_irqs(uint32_t uio_fd);
+
+#endif
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
new file mode 100644
index 000000000..bc9ace07e
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -0,0 +1,491 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <dirent.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <rte_common.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+#include <caam_jr_config.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* Prefix path to sysfs directory where UIO device attributes are exported.
+ * Path for UIO device X is /sys/class/uio/uioX
+ */
+#define SEC_UIO_DEVICE_SYS_ATTR_PATH    "/sys/class/uio"
+
+/* Subfolder in sysfs where mapping attributes are exported
+ * for each UIO device. Path for mapping Y for device X is:
+ *      /sys/class/uio/uioX/maps/mapY
+ */
+#define SEC_UIO_DEVICE_SYS_MAP_ATTR     "maps/map"
+
+/* Name of UIO device file prefix. Each UIO device will have a device file
+ * /dev/uioX, where X is the minor device number.
+ */
+#define SEC_UIO_DEVICE_FILE_NAME    "/dev/uio"
+
+/*
+ * Name of UIO device. Each user space SEC job ring will have a corresponding
+ * UIO device with the name sec-channelX, where X is the job ring id.
+ * Maximum length is #SEC_UIO_MAX_DEVICE_NAME_LENGTH.
+ *
+ * @note  Must be kept in synch with SEC kernel driver
+ * define #SEC_UIO_DEVICE_NAME !
+ */
+#define SEC_UIO_DEVICE_NAME     "fsl-jr"
+
+/* Maximum length for the name of an UIO device file.
+ * Device file name format is: /dev/uioX.
+ */
+#define SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH 30
+
+/* Maximum length for the name of an attribute file for an UIO device.
+ * Attribute files are exported in sysfs and have the name formatted as:
+ *      /sys/class/uio/uioX/<attribute_file_name>
+ */
+#define SEC_UIO_MAX_ATTR_FILE_NAME  100
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to disable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_DISABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_DISABLE_IRQ_CMD     0
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to enable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_ENABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_ENABLE_IRQ_CMD      1
+
+/** Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to do a SEC engine reset.
+ *  @note   Need to be kept in synch with #SEC_UIO_RESET_SEC_ENGINE_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_RESET_SEC_ENGINE_CMD    3
+
+/* The id for the mapping used to export SEC's registers to
+ * user space through UIO devices.
+ */
+#define SEC_UIO_MAP_ID              0
+
+static struct uio_job_ring g_uio_job_ring[MAX_SEC_JOB_RINGS];
+static int g_uio_jr_num;
+
+/** @brief Checks if a file name contains a certain substring.
+ * If so, it extracts the number following the substring.
+ * This function assumes a filename format of: [text][number].
+ * @param [in]  filename    File name
+ * @param [in]  match       String to match in file name
+ * @param [out] number      The number extracted from filename
+ *
+ * @retval true if file name matches the criteria
+ * @retval false if file name does not match the criteria
+ */
+static bool
+file_name_match_extract(const char filename[], const char match[], int *number)
+{
+	char *substr = NULL;
+
+	substr = strstr(filename, match);
+	if (substr == NULL)
+		return false;
+
+	/* substring <match> was found in <filename>
+	 * read number following <match> substring in <filename>
+	 */
+	sscanf(filename + strlen(match), "%d", number);
+	return true;
+}
+
+/** @brief Reads first line from a file.
+ * Composes file name as: root/subdir/filename
+ *
+ * @param [in]  root     Root path
+ * @param [in]  subdir   Subdirectory name
+ * @param [in]  filename File name
+ * @param [out] line     The first line read from file.
+ *
+ * @retval 0 for succes
+ * @retval other value for error
+ */
+static int
+file_read_first_line(const char root[], const char subdir[],
+		    const char filename[], char *line)
+{
+	char absolute_file_name[SEC_UIO_MAX_ATTR_FILE_NAME];
+	int fd = 0, ret = 0;
+
+	/*compose the file name: root/subdir/filename */
+	memset(absolute_file_name, 0, sizeof(absolute_file_name));
+	snprintf(absolute_file_name, SEC_UIO_MAX_ATTR_FILE_NAME,
+		 "%s/%s/%s", root, subdir, filename);
+
+	fd = open(absolute_file_name, O_RDONLY);
+	SEC_ASSERT(fd > 0, fd, "Error opening file %s",
+			absolute_file_name);
+
+	/* read UIO device name from first line in file */
+	ret = read(fd, line, SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH);
+	close(fd);
+
+	/* NULL-ify string */
+	line[SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH - 1] = '\0';
+
+	if (ret <= 0) {
+		CAAM_JR_ERR("Error reading from file %s", absolute_file_name);
+		return ret;
+	}
+
+	return 0;
+}
+
+/** @brief Uses UIO control to send commands to SEC kernel driver.
+ * The mechanism is to write a command word into the file descriptor
+ * that the user-space driver obtained for each user-space SEC job ring.
+ * Both user-space driver and kernel driver must have the same understanding
+ * about the command codes.
+ *
+ * @param [in]  UIO FD		    The UIO file descriptor
+ * @param [in]  uio_command         Command word
+ *
+ * @retval Result of write operation on the job ring's UIO file descriptor.
+ *         Should be sizeof(int) for success operations.
+ *         Other values can be returned and used, if desired to add special
+ *         meaning to return values, but this has to be programmed in SEC
+ *         kernel driver as well. No special return values are used.
+ */
+static int sec_uio_send_command(uint32_t uio_fd, int32_t uio_command)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver execute the desired command.
+	 */
+	ret = write(uio_fd, &uio_command, sizeof(int));
+	return ret;
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t caam_jr_enable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver enable DONE and Error IRQs for this job ring,
+	 * at Controller level.
+	 */
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_ENABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to enable job done and "
+		"error IRQs through UIO control. UIO FD %d. Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Enabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t caam_jr_disable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver disable IRQs for this job ring,
+	 * at Controller level.
+	 */
+
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_DISABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to disable job done and "
+		"IRQs through UIO control. UIO_FD %d Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Disabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+/** @brief Maps register range assigned for a job ring.
+ *
+ * @param [in] uio_device_fd    UIO device file descriptor
+ * @param [in] uio_device_id    UIO device id
+ * @param [in] uio_map_id       UIO allows maximum 5 different mapping for
+				each device. Maps start with id 0.
+ * @param [out] map_size        Map size.
+ * @retval  NULL if failed to map registers
+ * @retval  Virtual address for mapped register address range
+ */
+static void *
+uio_map_registers(int uio_device_fd, int uio_device_id,
+		int uio_map_id, int *map_size)
+{
+	void *mapped_address = NULL;
+	unsigned int uio_map_size = 0;
+	char uio_sys_root[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_sys_map_subdir[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_map_size_str[32];
+	int ret = 0;
+
+	/* compose the file name: root/subdir/filename */
+	memset(uio_sys_root, 0, sizeof(uio_sys_root));
+	memset(uio_sys_map_subdir, 0, sizeof(uio_sys_map_subdir));
+	memset(uio_map_size_str, 0, sizeof(uio_map_size_str));
+
+	/* Compose string: /sys/class/uio/uioX */
+	sprintf(uio_sys_root, "%s/%s%d", SEC_UIO_DEVICE_SYS_ATTR_PATH,
+		"uio", uio_device_id);
+	/* Compose string: maps/mapY */
+	sprintf(uio_sys_map_subdir, "%s%d", SEC_UIO_DEVICE_SYS_MAP_ATTR,
+		uio_map_id);
+
+	/* Read first (and only) line from file
+	 * /sys/class/uio/uioX/maps/mapY/size
+	 */
+	ret = file_read_first_line(uio_sys_root, uio_sys_map_subdir,
+				 "size", uio_map_size_str);
+	SEC_ASSERT(ret == 0, NULL, "file_read_first_line() failed");
+
+	/* Read mapping size, expressed in hexa(base 16) */
+	uio_map_size = strtol(uio_map_size_str, NULL, 16);
+
+	/* Map the region in user space */
+	mapped_address = mmap(0, /*dynamically choose virtual address */
+		uio_map_size, PROT_READ | PROT_WRITE,
+		MAP_SHARED, uio_device_fd, 0);
+	/* offset = 0 because UIO device has only one mapping
+	 * for the entire SEC register memory
+	 */
+	if (mapped_address == MAP_FAILED) {
+		CAAM_JR_ERR(
+			"Failed to map registers! errno = %d job ring fd  = %d,"
+			"uio device id = %d, uio map id = %d", errno,
+			uio_device_fd, uio_device_id, uio_map_id);
+		return NULL;
+	}
+
+	/*
+	 * Save the map size to use it later on for munmap-ing.
+	 */
+	*map_size = uio_map_size;
+
+	CAAM_JR_INFO("UIO dev[%d] mapped region [id =%d] size 0x%x at %p",
+		uio_device_id, uio_map_id, uio_map_size, mapped_address);
+
+	return mapped_address;
+}
+
+void free_job_ring(uint32_t uio_fd)
+{
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	if (!job_ring->uio_fd)
+		return;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == uio_fd) {
+			job_ring = &g_uio_job_ring[i];
+			break;
+		}
+	}
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("JR not available for fd = %x\n", uio_fd);
+		return;
+	}
+
+	/* Open device file */
+	CAAM_JR_INFO("Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+	close(job_ring->uio_fd);
+	g_uio_jr_num--;
+	job_ring->uio_fd = 0;
+
+	if (job_ring->register_base_addr == NULL)
+		return;
+
+	/* Unmap the PCI memory resource of device */
+	if (munmap(job_ring->register_base_addr, job_ring->map_size)) {
+		CAAM_JR_INFO("cannot munmap(%p, 0x%lx): %s",
+			job_ring->register_base_addr,
+			(unsigned long)job_ring->map_size, strerror(errno));
+	} else
+		CAAM_JR_DEBUG("  JR UIO memory unmapped at %p",
+				job_ring->register_base_addr);
+	job_ring->register_base_addr = NULL;
+}
+
+struct uio_job_ring *config_job_ring(void)
+{
+	char uio_device_file_name[32];
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == 0) {
+			job_ring = &g_uio_job_ring[i];
+			g_uio_jr_num++;
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	/* Find UIO device created by SEC kernel driver for this job ring. */
+	memset(uio_device_file_name, 0, sizeof(uio_device_file_name));
+
+	sprintf(uio_device_file_name, "%s%d", SEC_UIO_DEVICE_FILE_NAME,
+		job_ring->uio_minor_number);
+
+	/* Open device file */
+	job_ring->uio_fd = open(uio_device_file_name, O_RDWR);
+	SEC_ASSERT(job_ring->uio_fd > 0, NULL,
+		"Failed to open UIO device file for job ring %d",
+		job_ring->jr_id);
+
+	CAAM_JR_INFO("Open device(%s) file for job ring=%d , uio_fd = %d",
+		uio_device_file_name, job_ring->jr_id, job_ring->uio_fd);
+
+	ASSERT(job_ring->register_base_addr == NULL);
+	job_ring->register_base_addr = uio_map_registers(
+			job_ring->uio_fd, job_ring->uio_minor_number,
+			SEC_UIO_MAP_ID, &job_ring->map_size);
+
+	SEC_ASSERT(job_ring->register_base_addr != NULL, NULL,
+		"Failed to map SEC registers");
+	return job_ring;
+}
+
+int sec_configure(void)
+{
+	char uio_name[32];
+	int config_jr_no = 0, jr_id = -1;
+	int uio_minor_number = -1;
+	int ret;
+	DIR *d = NULL;
+	struct dirent *dir;
+
+	d = opendir(SEC_UIO_DEVICE_SYS_ATTR_PATH);
+	if (d == NULL) {
+		printf("\nError opening directory '%s': %s\n",
+			SEC_UIO_DEVICE_SYS_ATTR_PATH, strerror(errno));
+		return -1;
+	}
+
+	/* Iterate through all subdirs */
+	while ((dir = readdir(d)) != NULL) {
+		if (!strncmp(dir->d_name, ".", 1) ||
+				!strncmp(dir->d_name, "..", 2))
+			continue;
+
+		if (file_name_match_extract
+			(dir->d_name, "uio", &uio_minor_number)) {
+		/*
+		 * Open file uioX/name and read first line which contains
+		 * the name for the device. Based on the name check if this
+		 * UIO device is UIO device for job ring with id jr_id.
+		 */
+			memset(uio_name, 0, sizeof(uio_name));
+			ret = file_read_first_line(SEC_UIO_DEVICE_SYS_ATTR_PATH,
+					dir->d_name, "name", uio_name);
+			CAAM_JR_INFO("sec device uio name: %s", uio_name);
+			SEC_ASSERT(ret == 0, -1, "file_read_first_line failed");
+
+			if (file_name_match_extract(uio_name,
+						SEC_UIO_DEVICE_NAME,
+						&jr_id)) {
+				g_uio_job_ring[config_jr_no].jr_id = jr_id;
+				g_uio_job_ring[config_jr_no].uio_minor_number =
+							uio_minor_number;
+				CAAM_JR_INFO("Detected logical JRID:%d", jr_id);
+				config_jr_no++;
+
+				/* todo  find the actual ring id
+				 * OF_FULLNAME=/soc/crypto@1700000/jr@20000
+				 */
+			}
+		}
+	}
+	closedir(d);
+
+	if (config_jr_no == 0) {
+		CAAM_JR_ERR("! No SEC Job Rings assigned for userspace usage!");
+		return 0;
+	}
+	CAAM_JR_INFO("Total JR detected =%d", config_jr_no);
+	return config_jr_no;
+}
+
+int sec_cleanup(void)
+{
+	int i;
+	struct uio_job_ring *job_ring;
+
+	for (i = 0; i < g_uio_jr_num; i++) {
+		job_ring = &g_uio_job_ring[i];
+		/* munmap SEC's register memory */
+		if (job_ring->register_base_addr) {
+			munmap(job_ring->register_base_addr,
+				job_ring->map_size);
+			job_ring->register_base_addr = NULL;
+		}
+		/* I need to close the fd after shutdown UIO commands need to be
+		 * sent using the fd
+		 */
+		if (job_ring->uio_fd != 0) {
+			CAAM_JR_INFO(
+			"Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+			close(job_ring->uio_fd);
+		}
+	}
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 3edd0a212..7b024e886 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,6 +6,9 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
 
 allow_experimental_apis = true
+
+includes += include_directories('../dpaa2_sec/')
+includes += include_directories('../../bus/dpaa/include/')
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (2 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-18 13:59   ` Akhil Goyal
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions Gagandeep Singh
                   ` (7 subsequent siblings)
  11 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 100 +++++++++++-
 drivers/crypto/caam_jr/caam_jr.h | 257 +++++++++++++++++++++++++++++++
 2 files changed, 356 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr.h

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 9d5f5b79b..43fe5233b 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -22,6 +22,7 @@
 #include <hw/desc/common.h>
 #include <of.h>
 #include <caam_jr_hw_specific.h>
+#include <caam_jr.h>
 #include <caam_jr_pvt.h>
 #include <caam_jr_log.h>
 
@@ -104,6 +105,90 @@ static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 }
 
 
+static int
+caam_jr_dev_configure(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_config *config __rte_unused)
+{
+	char str[20];
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	internals = dev->data->dev_private;
+	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	if (!internals->ctx_pool) {
+		internals->ctx_pool = rte_mempool_create((const char *)str,
+						CTX_POOL_NUM_BUFS,
+						sizeof(struct caam_jr_op_ctx),
+						CTX_POOL_CACHE_SIZE, 0,
+						NULL, NULL, NULL, NULL,
+						SOCKET_ID_ANY, 0);
+		if (!internals->ctx_pool) {
+			CAAM_JR_ERR("%s create failed\n", str);
+			return -ENOMEM;
+		}
+	} else
+		CAAM_JR_INFO("mempool already created for dev_id : %d",
+				dev->data->dev_id);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+	return 0;
+}
+
+static void
+caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+}
+
+static int
+caam_jr_dev_close(struct rte_cryptodev *dev)
+{
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (dev == NULL)
+		return -ENOMEM;
+
+	internals = dev->data->dev_private;
+	rte_mempool_free(internals->ctx_pool);
+	internals->ctx_pool = NULL;
+
+	return 0;
+}
+
+static void
+caam_jr_dev_infos_get(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_info *info)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+
+	PMD_INIT_FUNC_TRACE();
+	if (info != NULL) {
+		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
+		info->feature_flags = dev->feature_flags;
+		info->capabilities = caam_jr_capabilities;
+		info->sym.max_nb_sessions = internals->max_nb_sessions;
+		info->driver_id = cryptodev_driver_id;
+	}
+}
+
+static struct rte_cryptodev_ops caam_jr_ops = {
+	.dev_configure	      = caam_jr_dev_configure,
+	.dev_start	      = caam_jr_dev_start,
+	.dev_stop	      = caam_jr_dev_stop,
+	.dev_close	      = caam_jr_dev_close,
+	.dev_infos_get        = caam_jr_dev_infos_get,
+};
+
+
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
  * WITHOUT being notified to UA.
@@ -366,7 +451,20 @@ caam_jr_dev_init(const char *name,
 	}
 
 	dev->driver_id = cryptodev_driver_id;
-	dev->dev_ops = NULL;
+	dev->dev_ops = &caam_jr_ops;
+
+	/* register rx/tx burst functions for data path */
+	dev->dequeue_burst = NULL;
+	dev->enqueue_burst = NULL;
+	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
+			RTE_CRYPTODEV_FF_SECURITY |
+			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
 	/* For secondary processes, we don't initialise any further as primary
 	 * has already done this work. Only check we don't need a different
diff --git a/drivers/crypto/caam_jr/caam_jr.h b/drivers/crypto/caam_jr/caam_jr.h
new file mode 100644
index 000000000..d7c36ca9d
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.h
@@ -0,0 +1,257 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_H
+#define CAAM_JR_H
+
+static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
+	{	/* MD5 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 20,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA224 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 28,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 32,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 48,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* AES GCM */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_AES_GCM,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 8,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = {
+					.min = 0,
+					.max = 240,
+					.increment = 1
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+	{	/* AES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* 3DES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
+				.block_size = 8,
+				.key_size = {
+					.min = 16,
+					.max = 24,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 8,
+					.max = 8,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
+	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
+static const struct rte_security_capability caam_jr_security_cap[] = {
+	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{
+		.action = RTE_SECURITY_ACTION_TYPE_NONE
+	}
+};
+
+#endif
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (3 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-18 14:04   ` Akhil Goyal
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 06/10] crypto/caam_jr: add basic session config routines Gagandeep Singh
                   ` (6 subsequent siblings)
  11 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 64 ++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 43fe5233b..f05e966b0 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -104,6 +104,67 @@ static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* Release queue pair */
+static int
+caam_jr_queue_pair_release(struct rte_cryptodev *dev,
+			    uint16_t qp_id)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+
+	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = NULL;
+	dev->data->queue_pairs[qp_id] = NULL;
+
+	return 0;
+}
+
+/* Setup a queue pair */
+static int
+caam_jr_queue_pair_setup(
+		struct rte_cryptodev *dev, uint16_t qp_id,
+		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		__rte_unused int socket_id,
+		__rte_unused struct rte_mempool *session_pool)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id, qp_conf);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = internals;
+	dev->data->queue_pairs[qp_id] = qp;
+
+	return 0;
+}
+
+/* Return the number of allocated queue pairs */
+static uint32_t
+caam_jr_queue_pair_count(struct rte_cryptodev *dev)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return dev->data->nb_queue_pairs;
+}
 
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
@@ -186,6 +247,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.queue_pair_setup     = caam_jr_queue_pair_setup,
+	.queue_pair_release   = caam_jr_queue_pair_release,
+	.queue_pair_count     = caam_jr_queue_pair_count,
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 06/10] crypto/caam_jr: add basic session config routines
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (4 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 07/10] crypto/caam_jr: add enqueue and dequeue routines Gagandeep Singh
                   ` (5 subsequent siblings)
  11 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

The current support is limited to crypto only.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 124 +++++++++++++++++++++++++++++++
 1 file changed, 124 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index f05e966b0..a0eee3b85 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -20,6 +20,7 @@
 
 /* RTA header files */
 #include <hw/desc/common.h>
+#include <hw/desc/algo.h>
 #include <of.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr.h>
@@ -166,6 +167,126 @@ caam_jr_queue_pair_count(struct rte_cryptodev *dev)
 	return dev->data->nb_queue_pairs;
 }
 
+/* Returns the size of the aesni gcm session structure */
+static unsigned int
+caam_jr_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return sizeof(struct caam_jr_session);
+}
+
+static int
+caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused,
+		     struct rte_crypto_sym_xform *xform,
+		     struct caam_jr_session *session)
+{
+	session->cipher_alg = xform->cipher.algo;
+	session->iv.length = xform->cipher.iv.length;
+	session->iv.offset = xform->cipher.iv.offset;
+	session->cipher_key.data = rte_zmalloc(NULL, xform->cipher.key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL && xform->cipher.key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+	session->cipher_key.length = xform->cipher.key.length;
+
+	memcpy(session->cipher_key.data, xform->cipher.key.data,
+	       xform->cipher.key.length);
+	session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+
+static int
+caam_jr_set_session_parameters(struct rte_cryptodev *dev,
+			    struct rte_crypto_sym_xform *xform, void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct caam_jr_session *session = sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (unlikely(sess == NULL)) {
+		CAAM_JR_ERR("invalid session struct");
+		return -EINVAL;
+	}
+
+	/* Default IV length = 0 */
+	session->iv.length = 0;
+
+	/* Cipher Only */
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		caam_jr_cipher_init(dev, xform, session);
+
+	} else {
+		CAAM_JR_ERR("Invalid crypto type");
+		return -EINVAL;
+	}
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+}
+
+static int
+caam_jr_sym_session_configure(struct rte_cryptodev *dev,
+		struct rte_crypto_sym_xform *xform,
+		struct rte_cryptodev_sym_session *sess,
+		struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
+
+	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
+
+
+	return 0;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static void
+caam_jr_sym_session_clear(struct rte_cryptodev *dev,
+		struct rte_cryptodev_sym_session *sess)
+{
+	uint8_t index = dev->driver_id;
+	void *sess_priv = get_sym_session_private_data(sess, index);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(s, 0, sizeof(struct caam_jr_session));
+		set_sym_session_private_data(sess, index, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+}
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -250,6 +371,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
+	.sym_session_get_size = caam_jr_sym_session_get_size,
+	.sym_session_configure = caam_jr_sym_session_configure,
+	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 07/10] crypto/caam_jr: add enqueue and dequeue routines
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (5 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 06/10] crypto/caam_jr: add basic session config routines Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 08/10] crypto/caam_jr: add auth cipher and aead session support Gagandeep Singh
                   ` (4 subsequent siblings)
  11 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c      | 621 +++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_desc.h | 289 ++++++++++++
 2 files changed, 908 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index a0eee3b85..6d30c4f4d 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -25,6 +25,7 @@
 #include <caam_jr_hw_specific.h>
 #include <caam_jr.h>
 #include <caam_jr_pvt.h>
+#include <caam_jr_desc.h>
 #include <caam_jr_log.h>
 
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
@@ -50,6 +51,142 @@ static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
 static int g_job_rings_no;
 static int g_job_rings_max;
 
+struct sec_outring_entry {
+	phys_addr_t desc;	/* Pointer to completed descriptor */
+	uint32_t status;	/* Status for completed descriptor */
+} __rte_packed;
+
+/* virtual address conversin when mempool support is available for ctx */
+static inline phys_addr_t
+caam_jr_vtop_ctx(struct caam_jr_op_ctx *ctx, void *vaddr)
+{
+	return (size_t)vaddr - ctx->vtop_offset;
+}
+
+static inline void
+caam_jr_op_ending(struct caam_jr_op_ctx *ctx)
+{
+	/* report op status to sym->op and then free the ctx memeory  */
+	rte_mempool_put(ctx->ctx_pool, (void *)ctx);
+}
+
+static inline struct caam_jr_op_ctx *
+caam_jr_alloc_ctx(struct caam_jr_session *ses)
+{
+	struct caam_jr_op_ctx *ctx;
+	int ret;
+
+	ret = rte_mempool_get(ses->ctx_pool, (void **)(&ctx));
+	if (!ctx || ret) {
+		CAAM_JR_DP_WARN("Alloc sec descriptor failed!");
+		return NULL;
+	}
+	/*
+	 * Clear SG memory. There are 16 SG entries of 16 Bytes each.
+	 * one call to dcbz_64() clear 64 bytes, hence calling it 4 times
+	 * to clear all the SG entries. caam_jr_alloc_ctx() is called for
+	 * each packet, memset is costlier than dcbz_64().
+	 */
+	dcbz_64(&ctx->sg[SG_CACHELINE_0]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_1]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_2]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_3]);
+
+	ctx->ctx_pool = ses->ctx_pool;
+	ctx->vtop_offset = (size_t) ctx - rte_mempool_virt2iova(ctx);
+
+	return ctx;
+}
+static inline int is_cipher_only(struct caam_jr_session *ses)
+{
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg == RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline void
+caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
+{
+	switch (ses->cipher_alg) {
+	case RTE_CRYPTO_CIPHER_NULL:
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CTR;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported cipher alg %d", ses->cipher_alg);
+	}
+}
+
+/* prepare command block of the session */
+static int
+caam_jr_prep_cdb(struct caam_jr_session *ses)
+{
+	struct alginfo alginfo_c = {0};
+	int32_t shared_desc_len = 0;
+	struct sec_cdb *cdb;
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+	int swap = false;
+#else
+	int swap = true;
+#endif
+
+	if (ses->cdb)
+		caam_jr_dma_free(ses->cdb);
+
+	cdb = caam_jr_dma_mem_alloc(L1_CACHE_BYTES, sizeof(struct sec_cdb));
+	if (!cdb) {
+		CAAM_JR_ERR("failed to allocate memory for cdb\n");
+		return -1;
+	}
+
+	ses->cdb = cdb;
+
+	memset(cdb, 0, sizeof(struct sec_cdb));
+
+	if (is_cipher_only(ses)) {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_blkcipher(
+						cdb->sh_desc, true,
+						swap, &alginfo_c,
+						NULL,
+						ses->iv.length,
+						ses->dir);
+	}
+
+	if (shared_desc_len < 0) {
+		CAAM_JR_ERR("error in preparing command block");
+		return shared_desc_len;
+	}
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+	SEC_DUMP_DESC(cdb->sh_desc);
+#endif
+
+	cdb->sh_hdr.hi.field.idlen = shared_desc_len;
+
+	return 0;
+}
+
 /* @brief Poll the HW for already processed jobs in the JR
  * and silently discard the available jobs or notify them to UA
  * with indicated error code.
@@ -105,6 +242,486 @@ static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* @brief Poll the HW for already processed jobs in the JR
+ * and notify the available jobs to UA.
+ *
+ * @param [in]  job_ring	The job ring to poll.
+ * @param [in]  limit           The maximum number of jobs to notify.
+ *                              If set to negative value, all available jobs are
+ *				notified.
+ *
+ * @retval >=0 for No of jobs notified to UA.
+ * @retval -1 for error
+ */
+static int
+hw_poll_job_ring(struct sec_job_ring_t *job_ring,
+		 struct rte_crypto_op **ops, int32_t limit,
+		 struct caam_jr_qp *jr_qp)
+{
+	int32_t jobs_no_to_notify = 0; /* the number of done jobs to notify*/
+	int32_t number_of_jobs_available = 0;
+	int32_t notified_descs_no = 0;
+	uint32_t sec_error_code = 0;
+	struct job_descriptor *current_desc;
+	phys_addr_t current_desc_addr;
+	phys_addr_t *temp_addr;
+	struct caam_jr_op_ctx *ctx;
+
+	/* TODO check for ops have memory*/
+	/* check here if any JR error that cannot be written
+	 * in the output status word has occurred
+	 */
+	if (JR_REG_JRINT_JRE_EXTRACT(GET_JR_REG(JRINT, job_ring))) {
+		CAAM_JR_INFO("err received");
+		sec_error_code = JR_REG_JRINT_ERR_TYPE_EXTRACT(
+					GET_JR_REG(JRINT, job_ring));
+		if (unlikely(sec_error_code)) {
+			hw_job_ring_error_print(job_ring, sec_error_code);
+			return -1;
+		}
+	}
+	/* compute the number of jobs available in the job ring based on the
+	 * producer and consumer index values.
+	 */
+	number_of_jobs_available = hw_get_no_finished_jobs(job_ring);
+	/* Compute the number of notifications that need to be raised to UA
+	 * If limit > total number of done jobs -> notify all done jobs
+	 * If limit = 0 -> error
+	 * If limit < total number of done jobs -> notify a number
+	 * of done jobs equal with limit
+	 */
+	jobs_no_to_notify = (limit > number_of_jobs_available) ?
+				number_of_jobs_available : limit;
+	CAAM_JR_DP_DEBUG(
+		"Jr[%p] pi[%d] ci[%d].limit =%d Available=%d.Jobs to notify=%d",
+		job_ring, job_ring->pidx, job_ring->cidx,
+		limit, number_of_jobs_available, jobs_no_to_notify);
+
+	rte_smp_rmb();
+
+	while (jobs_no_to_notify > notified_descs_no) {
+		static uint64_t false_alarm;
+		static uint64_t real_poll;
+
+		/* Get job status here */
+		sec_error_code = job_ring->output_ring[job_ring->cidx].status;
+		/* Get completed descriptor */
+		temp_addr = &(job_ring->output_ring[job_ring->cidx].desc);
+		current_desc_addr = (phys_addr_t)sec_read_addr(temp_addr);
+
+		real_poll++;
+		/* todo check if it is false alarm no desc present */
+		if (!current_desc_addr) {
+			false_alarm++;
+			printf("false alarm %" PRIu64 "real %" PRIu64
+				" sec_err =0x%x cidx Index =0%d\n",
+				false_alarm, real_poll,
+				sec_error_code, job_ring->cidx);
+			rte_panic("CAAM JR descriptor NULL");
+			return notified_descs_no;
+		}
+		current_desc = (struct job_descriptor *)
+				caam_jr_dma_ptov(current_desc_addr);
+		/* now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+				 SEC_JOB_RING_SIZE);
+		/* Signal that the job has been processed and the slot is free*/
+		hw_remove_entries(job_ring, 1);
+		/*TODO for multiple ops, packets*/
+		ctx = container_of(current_desc, struct caam_jr_op_ctx, jobdes);
+		if (unlikely(sec_error_code)) {
+			CAAM_JR_ERR("desc at cidx %d generated error 0x%x\n",
+				job_ring->cidx, sec_error_code);
+			hw_handle_job_ring_error(job_ring, sec_error_code);
+			//todo improve with exact errors
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			jr_qp->rx_errs++;
+		} else {
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+			if (ctx->op->sym->m_dst) {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_dst));
+			} else {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_src));
+			}
+#endif
+		}
+		if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
+			struct ip *ip4_hdr;
+
+			if (ctx->op->sym->m_dst) {
+				/*TODO check for ip header or other*/
+				ip4_hdr = (struct ip *)rte_pktmbuf_mtod(ctx->op->sym->m_dst, char*);
+				ctx->op->sym->m_dst->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_dst->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			} else {
+				ip4_hdr = (struct ip *)rte_pktmbuf_mtod(ctx->op->sym->m_src, char*);
+				ctx->op->sym->m_src->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_src->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			}
+		}
+		*ops = ctx->op;
+		caam_jr_op_ending(ctx);
+		ops++;
+		notified_descs_no++;
+	}
+	return notified_descs_no;
+}
+
+static uint16_t
+caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	struct sec_job_ring_t *ring = jr_qp->ring;
+	int num_rx;
+	int ret;
+
+	CAAM_JR_DP_DEBUG("Jr[%p]Polling. limit[%d]", ring, nb_ops);
+
+	/* Poll job ring
+	 * If nb_ops < 0 -> poll JR until no more notifications are available.
+	 * If nb_ops > 0 -> poll JR until limit is reached.
+	 */
+
+	/* Run hw poll job ring */
+	num_rx = hw_poll_job_ring(ring, ops, nb_ops, jr_qp);
+	if (num_rx < 0) {
+		CAAM_JR_ERR("Error polling SEC engine (%d)", num_rx);
+		return 0;
+	}
+
+	CAAM_JR_DP_DEBUG("Jr[%p].Jobs notified[%d]. ", ring, num_rx);
+
+	if (ring->jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+		if (num_rx < nb_ops) {
+			ret = caam_jr_enable_irqs(ring->irq_fd);
+			SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+		}
+	} else if (ring->jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+
+		/* Always enable IRQ generation when in pure IRQ mode */
+		ret = caam_jr_enable_irqs(ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+	}
+
+	jr_qp->rx_pkts += num_rx;
+
+	return num_rx;
+}
+
+
+static inline struct caam_jr_op_ctx *
+build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *in_sg;
+	int length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t reg_segs;
+
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		reg_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2;
+	} else {
+		mbuf = sym->m_src;
+		reg_segs = mbuf->nb_segs * 2 + 2;
+	}
+
+	if (reg_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	sg = &ctx->sg[0];
+	length = sym->cipher.data.length;
+
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0,
+			length);
+	/*enabling sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/*input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+
+	length = sym->cipher.data.length + ses->iv.length;
+
+	/* IV */
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	/* 1st seg */
+	sg++;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+				+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, in_sg), 0,
+				length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr,
+			sym->cipher.data.offset,
+			sym->cipher.data.length + ses->iv.length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+				sym->cipher.data.length + ses->iv.length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg = &ctx->sg[1];
+	sg->ptr = cpu_to_caam64(src_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	return ctx;
+}
+
+static int
+caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
+{
+	struct sec_job_ring_t *ring = qp->ring;
+	struct caam_jr_session *ses;
+	struct caam_jr_op_ctx *ctx = NULL;
+	struct sec_job_descriptor_t *jobdescr __rte_unused;
+
+	switch (op->sess_type) {
+	case RTE_CRYPTO_OP_WITH_SESSION:
+		ses = (struct caam_jr_session *)
+		get_sym_session_private_data(op->sym->session,
+					cryptodev_driver_id);
+		break;
+	default:
+		CAAM_JR_DP_ERR("sessionless crypto op not supported");
+		qp->tx_errs++;
+		return -1;
+	}
+
+	if (unlikely(!ses->qp || ses->qp != qp)) {
+		CAAM_JR_DP_DEBUG("Old:sess->qp=%p New qp = %p\n", ses->qp, qp);
+		ses->qp = qp;
+		caam_jr_prep_cdb(ses);
+	}
+
+	if (rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		if (is_cipher_only(ses))
+			ctx = build_cipher_only(op, ses);
+	} else {
+		if (is_cipher_only(ses))
+			ctx = build_cipher_only_sg(op, ses);
+	}
+	if (unlikely(!ctx)) {
+		qp->tx_errs++;
+		CAAM_JR_ERR("not supported sec op");
+		return -1;
+	}
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+	if (is_decode(ses))
+		rte_hexdump(stdout, "DECODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+	else
+		rte_hexdump(stdout, "ENCODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+
+	printf("\n JD before conversion\n");
+	for (int i = 0; i < 12; i++)
+		printf("\n 0x%08x", ctx->jobdes.desc[i]);
+#endif
+
+	CAAM_JR_DP_DEBUG("Jr[%p] pi[%d] ci[%d].Before sending desc",
+		      ring, ring->pidx, ring->cidx);
+
+	/* todo - do we want to retry */
+	if (SEC_JOB_RING_IS_FULL(ring->pidx, ring->cidx,
+			 SEC_JOB_RING_SIZE, SEC_JOB_RING_SIZE)) {
+		CAAM_JR_DP_DEBUG("Ring FULL Jr[%p] pi[%d] ci[%d].Size = %d",
+			      ring, ring->pidx, ring->cidx, SEC_JOB_RING_SIZE);
+		caam_jr_op_ending(ctx);
+		qp->tx_ring_full++;
+		return -EBUSY;
+	}
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	jobdescr->deschdr.command.word =
+		cpu_to_caam32(jobdescr->deschdr.command.word);
+	jobdescr->sd_ptr = cpu_to_caam64(jobdescr->sd_ptr);
+	jobdescr->seq_out.command.word =
+		cpu_to_caam32(jobdescr->seq_out.command.word);
+	jobdescr->seq_out_ptr = cpu_to_caam64(jobdescr->seq_out_ptr);
+	jobdescr->out_ext_length = cpu_to_caam32(jobdescr->out_ext_length);
+	jobdescr->seq_in.command.word =
+		cpu_to_caam32(jobdescr->seq_in.command.word);
+	jobdescr->seq_in_ptr = cpu_to_caam64(jobdescr->seq_in_ptr);
+	jobdescr->in_ext_length = cpu_to_caam32(jobdescr->in_ext_length);
+	jobdescr->load_dpovrd.command.word =
+		cpu_to_caam32(jobdescr->load_dpovrd.command.word);
+	jobdescr->dpovrd = cpu_to_caam32(jobdescr->dpovrd);
+#endif
+
+	/* Set ptr in input ring to current descriptor	*/
+	sec_write_addr(&ring->input_ring[ring->pidx],
+			(phys_addr_t)caam_jr_vtop_ctx(ctx, ctx->jobdes.desc));
+	rte_smp_wmb();
+
+	/* Notify HW that a new job is enqueued */
+	hw_enqueue_desc_on_job_ring(ring);
+
+	/* increment the producer index for the current job ring */
+	ring->pidx = SEC_CIRCULAR_COUNTER(ring->pidx, SEC_JOB_RING_SIZE);
+
+	return 0;
+}
+
+static uint16_t
+caam_jr_enqueue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	/* Function to transmit the frames to given device and queuepair */
+	uint32_t loop;
+	int32_t ret;
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	uint16_t num_tx = 0;
+	/*Prepare each packet which is to be sent*/
+	for (loop = 0; loop < nb_ops; loop++) {
+		ret = caam_jr_enqueue_op(ops[loop], jr_qp);
+		if (!ret)
+			num_tx++;
+	}
+
+	jr_qp->tx_pkts += num_tx;
+
+	return num_tx;
+}
+
 /* Release queue pair */
 static int
 caam_jr_queue_pair_release(struct rte_cryptodev *dev,
@@ -642,8 +1259,8 @@ caam_jr_dev_init(const char *name,
 	dev->dev_ops = &caam_jr_ops;
 
 	/* register rx/tx burst functions for data path */
-	dev->dequeue_burst = NULL;
-	dev->enqueue_burst = NULL;
+	dev->dequeue_burst = caam_jr_dequeue_burst;
+	dev->enqueue_burst = caam_jr_enqueue_burst;
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
diff --git a/drivers/crypto/caam_jr/caam_jr_desc.h b/drivers/crypto/caam_jr/caam_jr_desc.h
new file mode 100644
index 000000000..47c3adf72
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_desc.h
@@ -0,0 +1,289 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_DESC_H
+#define CAAM_JR_DESC_H
+
+#define CMD_HDR_CTYPE_SD		0x16
+#define CMD_HDR_CTYPE_JD		0x17
+
+/* The maximum size of a SEC descriptor, in WORDs (32 bits). */
+#define MAX_DESC_SIZE_WORDS                     64
+
+/*
+ * Macros manipulating descriptors
+ */
+/* Macro for setting the SD pointer in a JD. Common for all protocols
+ * supported by the SEC driver.
+ */
+#define SEC_JD_SET_SD(descriptor, ptr, len)	   {	  \
+	(descriptor)->sd_ptr = (ptr);			       \
+	(descriptor)->deschdr.command.jd.shr_desc_len = (len);      \
+}
+
+/* Macro for setting a pointer to the job which this descriptor processes.
+ * It eases the lookup procedure for identifying the descriptor that has
+ * completed.
+ */
+#define SEC_JD_SET_JOB_PTR(descriptor, ptr) \
+	((descriptor)->job_ptr = (ptr))
+
+/* Macro for setting up a JD. The structure of the JD is common across all
+ * supported protocols, thus its structure is identical.
+ */
+#define SEC_JD_INIT(descriptor)	      ({ \
+	/* CTYPE = job descriptor			       \
+	 * RSMS, DNR = 0
+	 * ONE = 1
+	 * Start Index = 0
+	 * ZRO,TD, MTD = 0
+	 * SHR = 1 (there's a shared descriptor referenced
+	 *	  by this job descriptor,pointer in next word)
+	 * REO = 1 (execute job descr. first, shared descriptor
+	 *	  after)
+	 * SHARE = DEFER
+	 * Descriptor Length = 0 ( to be completed @ runtime )
+	 */						     \
+	(descriptor)->deschdr.command.word = 0xB0801C0D;	\
+	/*
+	 * CTYPE = SEQ OUT command * Scater Gather Flag = 0
+	 * (can be updated @ runtime) PRE = 0 * EXT = 1
+	 * (data length is in next word, following the * command)
+	 * RTO = 0
+	 */							\
+	(descriptor)->seq_out.command.word = 0xF8400000; /**/ \
+	/*
+	 * CTYPE = SEQ IN command
+	 * Scater Gather Flag = 0 (can be updated @ runtime)
+	 * PRE = 0
+	 * EXT = 1 ( data length is in next word, following the
+	 *	   command)
+	 * RTO = 0
+	 */							\
+	(descriptor)->seq_in.command.word  = 0xF0400000; /**/	\
+	/*
+	 * In order to be compatible with QI scenarios, the DPOVRD value
+	 * loaded must be formated like this:
+	 * DPOVRD_EN (1b) | Res| DPOVRD Value (right aligned).
+	 */							\
+	(descriptor)->load_dpovrd.command.word = 0x16870004;	\
+	/* By default, DPOVRD mechanism is disabled, thus the value to be
+	 * LOAD-ed through the above descriptor command will be 0x0000_0000.
+	 */							\
+	(descriptor)->dpovrd = 0x00000000;		      \
+})
+
+/* Macro for setting the pointer to the input buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_IN_PTR(descriptor, phys_addr, offset, length) {     \
+	(descriptor)->seq_in_ptr = (phys_addr) + (offset);	      \
+	(descriptor)->in_ext_length = (length);			 \
+}
+
+/* Macro for setting the pointer to the output buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_OUT_PTR(descriptor, phys_addr, offset, length) {    \
+	(descriptor)->seq_out_ptr = (phys_addr) + (offset);	     \
+	(descriptor)->out_ext_length = (length);			\
+}
+
+/* Macro for setting the Scatter-Gather flag in the SEQ IN command. Used in
+ * case the input buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_IN(descriptor) \
+	((descriptor)->seq_in.command.field.sgf =  1)
+
+/* Macro for setting the Scatter-Gather flag in the SEQ OUT command. Used in
+ * case the output buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_OUT(descriptor) \
+	((descriptor)->seq_out.command.field.sgf = 1)
+
+#define SEC_JD_SET_DPOVRD(descriptor) \
+
+/* Macro for retrieving a descriptor's length. Works for both SD and JD. */
+#define SEC_GET_DESC_LEN(descriptor)					\
+	(((struct descriptor_header_s *)(descriptor))->command.sd.ctype == \
+	CMD_HDR_CTYPE_SD ? ((struct descriptor_header_s *) \
+	(descriptor))->command.sd.desclen :	\
+	((struct descriptor_header_s *)(descriptor))->command.jd.desclen)
+
+/* Helper macro for dumping the hex representation of a descriptor */
+#define SEC_DUMP_DESC(descriptor) {					\
+	int __i;							\
+	CAAM_JR_INFO("Des@ 0x%08x\n", (uint32_t)((uint32_t *)(descriptor)));\
+	for (__i = 0;						\
+		__i < SEC_GET_DESC_LEN(descriptor);			\
+		__i++) {						\
+		printf("0x%08x: 0x%08x\n",			\
+			(uint32_t)(((uint32_t *)(descriptor)) + __i),	\
+			*(((uint32_t *)(descriptor)) + __i));		\
+	}								\
+}
+/* Union describing a descriptor header.
+ */
+struct descriptor_header_s {
+	union {
+		uint32_t word;
+		struct {
+			/* 4  */ unsigned int ctype:5;
+			/* 5  */ unsigned int res1:2;
+			/* 7  */ unsigned int dnr:1;
+			/* 8  */ unsigned int one:1;
+			/* 9  */ unsigned int res2:1;
+			/* 10 */ unsigned int start_idx:6;
+			/* 16 */ unsigned int res3:2;
+			/* 18 */ unsigned int cif:1;
+			/* 19 */ unsigned int sc:1;
+			/* 20 */ unsigned int pd:1;
+			/* 21 */ unsigned int res4:1;
+			/* 22 */ unsigned int share:2;
+			/* 24 */ unsigned int res5:2;
+			/* 26 */ unsigned int desclen:6;
+		} sd;
+		struct {
+			/* TODO only below struct members are corrected,
+			 * all others also need to be reversed please verify it
+			 */
+			/* 0 */ unsigned int desclen:7;
+			/* 7 */ unsigned int res4:1;
+			/* 8 */ unsigned int share:3;
+			/* 11 */ unsigned int reo:1;
+			/* 12 */ unsigned int shr:1;
+			/* 13 */ unsigned int mtd:1;
+			/* 14 */ unsigned int td:1;
+			/* 15 */ unsigned int zero:1;
+			/* 16 */ unsigned int shr_desc_len:6;
+			/* 22  */ unsigned int res2:1;
+			/* 23  */ unsigned int one:1;
+			/* 24  */ unsigned int dnr:1;
+			/* 25  */ unsigned int rsms:1;
+			/* 26  */ unsigned int res1:1;
+			/* 27  */ unsigned int ctype:5;
+		} jd;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a KEY command in a descriptor.
+ */
+struct key_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int cls:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int enc:1;
+			unsigned int nwb:1;
+			unsigned int ekt:1;
+			unsigned int kdest:4;
+			unsigned int tk:1;
+			unsigned int rsvd1:5;
+			unsigned int length:10;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a PROTOCOL command
+ * in a descriptor.
+ */
+struct protocol_operation_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int optype:3;
+			unsigned char protid;
+			unsigned short protinfo;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQIN command in a
+ * descriptor.
+ */
+struct seq_in_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:1;
+			unsigned int inl:1;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int rjd:1;
+			unsigned int res2:4;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQOUT command in a
+ * descriptor.
+ */
+struct seq_out_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:2;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int res2:5;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+struct load_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int class:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int dst:7;
+			unsigned char offset;
+			unsigned char length;
+		} fields;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Structure encompassing a general shared descriptor of maximum
+ * size (64 WORDs). Usually, other specific shared descriptor structures
+ * will be type-casted to this one
+ * this one.
+ */
+struct sec_sd_t {
+	uint32_t rsvd[MAX_DESC_SIZE_WORDS];
+} __attribute__((packed, aligned(64)));
+
+/* Structure encompassing a job descriptor which processes
+ * a single packet from a context. The job descriptor references
+ * a shared descriptor from a SEC context.
+ */
+struct sec_job_descriptor_t {
+	struct descriptor_header_s deschdr;
+	dma_addr_t sd_ptr;
+	struct seq_out_command_s seq_out;
+	dma_addr_t seq_out_ptr;
+	uint32_t out_ext_length;
+	struct seq_in_command_s seq_in;
+	dma_addr_t seq_in_ptr;
+	uint32_t in_ext_length;
+	struct load_command_s load_dpovrd;
+	uint32_t dpovrd;
+} __attribute__((packed, aligned(64)));
+
+#endif
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 08/10] crypto/caam_jr: add auth cipher and aead session support
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (6 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 07/10] crypto/caam_jr: add enqueue and dequeue routines Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 09/10] crypto/caam_jr: add stats support Gagandeep Singh
                   ` (3 subsequent siblings)
  11 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 710 ++++++++++++++++++++++++++++++-
 1 file changed, 707 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 6d30c4f4d..d582b2fcb 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -21,7 +21,9 @@
 /* RTA header files */
 #include <hw/desc/common.h>
 #include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
 #include <of.h>
+
 #include <caam_jr_hw_specific.h>
 #include <caam_jr.h>
 #include <caam_jr_pvt.h>
@@ -103,6 +105,71 @@ static inline int is_cipher_only(struct caam_jr_session *ses)
 		(ses->auth_alg == RTE_CRYPTO_AUTH_NULL));
 }
 
+static inline int is_auth_only(struct caam_jr_session *ses)
+{
+	return ((ses->cipher_alg == RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int is_aead(struct caam_jr_session *ses)
+{
+	return ((ses->cipher_alg == 0) &&
+		(ses->auth_alg == 0) &&
+		(ses->aead_alg != 0));
+}
+
+static inline int is_auth_cipher(struct caam_jr_session *ses)
+{
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int is_encode(struct caam_jr_session *ses)
+{
+	return ses->dir == DIR_ENC;
+}
+
+static inline int is_decode(struct caam_jr_session *ses)
+{
+	return ses->dir == DIR_DEC;
+}
+
+static inline void
+caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
+{
+	switch (ses->auth_alg) {
+	case RTE_CRYPTO_AUTH_NULL:
+		ses->digest_length = 0;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported auth alg %u", ses->auth_alg);
+	}
+}
+
 static inline void
 caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 {
@@ -126,13 +193,27 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 	}
 }
 
+static inline void
+caam_aead_alg(struct caam_jr_session *ses, struct alginfo *alginfo)
+{
+	switch (ses->aead_alg) {
+	case RTE_CRYPTO_AEAD_AES_GCM:
+		alginfo->algtype = OP_ALG_ALGSEL_AES;
+		alginfo->algmode = OP_ALG_AAI_GCM;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported AEAD alg %d", ses->aead_alg);
+	}
+}
+
 /* prepare command block of the session */
 static int
 caam_jr_prep_cdb(struct caam_jr_session *ses)
 {
-	struct alginfo alginfo_c = {0};
+	struct alginfo alginfo_c = {0}, alginfo_a = {0}, alginfo = {0};
 	int32_t shared_desc_len = 0;
 	struct sec_cdb *cdb;
+	int err;
 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
 	int swap = false;
 #else
@@ -171,6 +252,108 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 						NULL,
 						ses->iv.length,
 						ses->dir);
+	} else if (is_auth_only(ses)) {
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_hmac(cdb->sh_desc, true,
+						   swap, &alginfo_a,
+						   !ses->dir,
+						   ses->digest_length);
+	} else if (is_aead(ses)) {
+		caam_aead_alg(ses, &alginfo);
+		if (alginfo.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported aead alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+		alginfo.key = (size_t)ses->aead_key.data;
+		alginfo.keylen = ses->aead_key.length;
+		alginfo.key_enc_flags = 0;
+		alginfo.key_type = RTA_DATA_IMM;
+
+		if (ses->dir == DIR_ENC)
+			shared_desc_len = cnstr_shdsc_gcm_encap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+		else
+			shared_desc_len = cnstr_shdsc_gcm_decap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+	} else {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		cdb->sh_desc[0] = alginfo_c.keylen;
+		cdb->sh_desc[1] = alginfo_a.keylen;
+		err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
+				       MIN_JOB_DESC_SIZE,
+				       (unsigned int *)cdb->sh_desc,
+				       &cdb->sh_desc[2], 2);
+
+		if (err < 0) {
+			CAAM_JR_ERR("Crypto: Incorrect key lengths");
+			rte_free(cdb);
+			return err;
+		}
+		if (cdb->sh_desc[2] & 1)
+			alginfo_c.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_c.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_c.key);
+			alginfo_c.key_type = RTA_DATA_PTR;
+		}
+		if (cdb->sh_desc[2] & (1<<1))
+			alginfo_a.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_a.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_a.key);
+			alginfo_a.key_type = RTA_DATA_PTR;
+		}
+		cdb->sh_desc[0] = 0;
+		cdb->sh_desc[1] = 0;
+		cdb->sh_desc[2] = 0;
+			/* Auth_only_len is set as 0 here and it will be
+			 * overwritten in fd for each packet.
+			 */
+			shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc,
+					true, swap, &alginfo_c, &alginfo_a,
+					ses->iv.length, 0,
+					ses->digest_length, ses->dir);
 	}
 
 	if (shared_desc_len < 0) {
@@ -422,6 +605,163 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 	return num_rx;
 }
 
+/**
+ * packet looks like:
+ *		|<----data_len------->|
+ *    |ip_header|ah_header|icv|payload|
+ *              ^
+ *		|
+ *	   mbuf->pkt.data
+ */
+static inline struct caam_jr_op_ctx *
+build_auth_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	int	length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t extra_segs;
+
+	if (is_decode(ses))
+		extra_segs = 2;
+	else
+		extra_segs = 1;
+
+	if ((mbuf->nb_segs + extra_segs) > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	length = sym->auth.data.length;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		/* digest verification case */
+		sg++;
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	} else {
+		length -= ses->digest_length;
+	}
+
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr,
+		(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, length);
+	/* enabling sg list */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	start_addr = rte_pktmbuf_iova(sym->m_src);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	if (is_decode(ses)) {
+		sg = &ctx->sg[0];
+		SEC_JD_SET_IN_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+			(sym->auth.data.length + ses->digest_length));
+		/* enabling sg list */
+		(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+		sg->ptr = cpu_to_caam64(start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_DEBUG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		/* let's check digest by hw */
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)start_addr,
+			sym->auth.data.offset, sym->auth.data.length);
+	}
+	return ctx;
+}
 
 static inline struct caam_jr_op_ctx *
 build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
@@ -602,6 +942,269 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+/* For decapsulation:
+ *     Input:
+ * +----+----------------+--------------------------------+-----+
+ * | IV | Auth-only data | Authenticated & Encrypted data | ICV |
+ * +----+----------------+--------------------------------+-----+
+ *     Output:
+ * +----+--------------------------+
+ * | Decrypted & authenticated data |
+ * +----+--------------------------+
+ */
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *out_sg, *in_sg;
+	struct rte_mbuf *mbuf;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t req_segs;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 3;
+	} else {
+		mbuf = sym->m_src;
+		req_segs = mbuf->nb_segs * 2 + 3;
+	}
+
+	if (req_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	out_sg = &ctx->sg[0];
+	if (is_encode(ses))
+		length = sym->auth.data.length + ses->digest_length;
+	else
+		length = sym->auth.data.length;
+
+	sg = &ctx->sg[0];
+
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(out_sg), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+	if (is_encode(ses))
+		length = ses->iv.length + sym->auth.data.length;
+	else
+		length = ses->iv.length + sym->auth.data.length
+						+ ses->digest_length;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg++;
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		sg++;
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(in_sg), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* input */
+	sg = &ctx->sg[0];
+	if (is_encode(ses)) {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	}
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(&ctx->sg[0]), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	/* output */
+	sg = &ctx->sg[6];
+
+	sg->ptr = cpu_to_caam64(dst_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	length = sym->cipher.data.length;
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(&ctx->sg[6]), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
 static int
 caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 {
@@ -629,12 +1232,25 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 	}
 
 	if (rte_pktmbuf_is_contiguous(op->sym->m_src)) {
-		if (is_cipher_only(ses))
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth(op, ses);
+		else if (is_aead(ses))
+			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only(op, ses);
+		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
 	} else {
-		if (is_cipher_only(ses))
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth_sg(op, ses);
+		else if (is_aead(ses))
+			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only_sg(op, ses);
+		else if (is_cipher_only(ses))
 			ctx = build_cipher_only_sg(op, ses);
 	}
+err1:
 	if (unlikely(!ctx)) {
 		qp->tx_errs++;
 		CAAM_JR_ERR("not supported sec op");
@@ -817,6 +1433,54 @@ caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused,
 	return 0;
 }
 
+static int
+caam_jr_auth_init(struct rte_cryptodev *dev __rte_unused,
+		   struct rte_crypto_sym_xform *xform,
+		   struct caam_jr_session *session)
+{
+	session->auth_alg = xform->auth.algo;
+	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL && xform->auth.key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		return -ENOMEM;
+	}
+	session->auth_key.length = xform->auth.key.length;
+	session->digest_length = xform->auth.digest_length;
+
+	memcpy(session->auth_key.data, xform->auth.key.data,
+	       xform->auth.key.length);
+	session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_aead_init(struct rte_cryptodev *dev __rte_unused,
+		   struct rte_crypto_sym_xform *xform,
+		   struct caam_jr_session *session)
+{
+	session->aead_alg = xform->aead.algo;
+	session->iv.length = xform->aead.iv.length;
+	session->iv.offset = xform->aead.iv.offset;
+	session->auth_only_len = xform->aead.aad_length;
+	session->aead_key.data = rte_zmalloc(NULL, xform->aead.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->aead_key.data == NULL && xform->aead.key.length > 0) {
+		CAAM_JR_ERR("No Memory for aead key\n");
+		return -ENOMEM;
+	}
+	session->aead_key.length = xform->aead.key.length;
+	session->digest_length = xform->aead.digest_length;
+
+	memcpy(session->aead_key.data, xform->aead.key.data,
+	       xform->aead.key.length);
+	session->dir = (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
 
 static int
 caam_jr_set_session_parameters(struct rte_cryptodev *dev,
@@ -840,6 +1504,39 @@ caam_jr_set_session_parameters(struct rte_cryptodev *dev,
 		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
 		caam_jr_cipher_init(dev, xform, session);
 
+	/* Authentication Only */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next == NULL) {
+		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
+		caam_jr_auth_init(dev, xform, session);
+
+	/* Cipher then Authenticate */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+			caam_jr_cipher_init(dev, xform, session);
+			caam_jr_auth_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* Authenticate then Cipher */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+			caam_jr_auth_init(dev, xform, session);
+			caam_jr_cipher_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* AEAD operation for AES-GCM kind of Algorithms */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
+		   xform->next == NULL) {
+		caam_jr_aead_init(dev, xform, session);
+
 	} else {
 		CAAM_JR_ERR("Invalid crypto type");
 		return -EINVAL;
@@ -847,6 +1544,13 @@ caam_jr_set_session_parameters(struct rte_cryptodev *dev,
 	session->ctx_pool = internals->ctx_pool;
 
 	return 0;
+
+err1:
+	rte_free(session->cipher_key.data);
+	rte_free(session->auth_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+
+	return -EINVAL;
 }
 
 static int
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 09/10] crypto/caam_jr: add stats support
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (7 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 08/10] crypto/caam_jr: add auth cipher and aead session support Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 10/10] crypto/caam_jr: add security offload support Gagandeep Singh
                   ` (2 subsequent siblings)
  11 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 55 ++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index d582b2fcb..f51ff1093 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -99,6 +99,59 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses)
 
 	return ctx;
 }
+
+static
+void caam_jr_stats_get(struct rte_cryptodev *dev,
+			struct rte_cryptodev_stats *stats)
+{
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+					dev->data->queue_pairs;
+	int i;
+
+	PMD_INIT_FUNC_TRACE();
+	if (stats == NULL) {
+		CAAM_JR_ERR("Invalid stats ptr NULL");
+		return;
+	}
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+
+		stats->enqueued_count += qp[i]->tx_pkts;
+		stats->dequeued_count += qp[i]->rx_pkts;
+		stats->enqueue_err_count += qp[i]->tx_errs;
+		stats->dequeue_err_count += qp[i]->rx_errs;
+		CAAM_JR_INFO("extra stats:\n\tRX Poll ERR = %" PRIu64
+			     "\n\tTX Ring Full = %" PRIu64,
+			     qp[i]->rx_poll_err,
+			     qp[i]->tx_ring_full);
+	}
+}
+
+static
+void caam_jr_stats_reset(struct rte_cryptodev *dev)
+{
+	int i;
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+				   (dev->data->queue_pairs);
+
+	PMD_INIT_FUNC_TRACE();
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+		qp[i]->rx_pkts = 0;
+		qp[i]->rx_errs = 0;
+		qp[i]->rx_poll_err = 0;
+		qp[i]->tx_pkts = 0;
+		qp[i]->tx_errs = 0;
+		qp[i]->tx_ring_full = 0;
+	}
+}
+
 static inline int is_cipher_only(struct caam_jr_session *ses)
 {
 	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
@@ -1689,6 +1742,8 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.stats_get	      = caam_jr_stats_get,
+	.stats_reset	      = caam_jr_stats_reset,
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH 10/10] crypto/caam_jr: add security offload support
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (8 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 09/10] crypto/caam_jr: add stats support Gagandeep Singh
@ 2018-09-13  6:08 ` Gagandeep Singh
  2018-09-18 14:21 ` [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Akhil Goyal
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
  11 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-09-13  6:08 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c     | 361 ++++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_pvt.h |   3 +
 2 files changed, 354 insertions(+), 10 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index f51ff1093..c4689078a 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -174,7 +174,13 @@ static inline int is_aead(struct caam_jr_session *ses)
 static inline int is_auth_cipher(struct caam_jr_session *ses)
 {
 	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
-		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL) &&
+		(ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC));
+}
+
+static inline int is_proto_ipsec(struct caam_jr_session *ses)
+{
+	return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC);
 }
 
 static inline int is_encode(struct caam_jr_session *ses)
@@ -195,27 +201,39 @@ caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
 		ses->digest_length = 0;
 		break;
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_MD5_96 : OP_ALG_ALGSEL_MD5;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_96 : OP_ALG_ALGSEL_SHA1;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_160 : OP_ALG_ALGSEL_SHA224;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_256_128 : OP_ALG_ALGSEL_SHA256;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_384_192 : OP_ALG_ALGSEL_SHA384;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_512_256 : OP_ALG_ALGSEL_SHA512;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	default:
@@ -230,15 +248,21 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 	case RTE_CRYPTO_CIPHER_NULL:
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
-		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CBC : OP_ALG_ALGSEL_AES;
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
-		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_3DES : OP_ALG_ALGSEL_3DES;
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CTR:
-		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CTR : OP_ALG_ALGSEL_AES;
 		alginfo_c->algmode = OP_ALG_AAI_CTR;
 		break;
 	default:
@@ -400,6 +424,22 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 		cdb->sh_desc[0] = 0;
 		cdb->sh_desc[1] = 0;
 		cdb->sh_desc[2] = 0;
+		if (is_proto_ipsec(ses)) {
+			if (ses->dir == DIR_ENC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_encap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->encap_pdb,
+						(uint8_t *)&ses->ip4_hdr,
+						&alginfo_c, &alginfo_a);
+			} else if (ses->dir == DIR_DEC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_decap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->decap_pdb,
+						&alginfo_c, &alginfo_a);
+			}
+		} else {
 			/* Auth_only_len is set as 0 here and it will be
 			 * overwritten in fd for each packet.
 			 */
@@ -407,6 +447,7 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 					true, swap, &alginfo_c, &alginfo_a,
 					ses->iv.length, 0,
 					ses->digest_length, ses->dir);
+		}
 	}
 
 	if (shared_desc_len < 0) {
@@ -1258,6 +1299,49 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 
 	return ctx;
 }
+
+static inline struct caam_jr_op_ctx *
+build_proto(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx = NULL;
+	phys_addr_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+	ctx->op = op;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+			cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr, 0,
+			sym->m_src->buf_len - sym->m_src->data_off);
+	/* input */
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)src_start_addr, 0,
+			sym->m_src->pkt_len);
+	sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK;
+
+	return ctx;
+}
+
 static int
 caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 {
@@ -1272,6 +1356,11 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		get_sym_session_private_data(op->sym->session,
 					cryptodev_driver_id);
 		break;
+	case RTE_CRYPTO_OP_SECURITY_SESSION:
+		ses = (struct caam_jr_session *)
+			get_sec_session_private_data(
+					op->sym->sec_session);
+		break;
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
 		qp->tx_errs++;
@@ -1293,6 +1382,8 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 			ctx = build_auth_only(op, ses);
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
+		else if (is_proto_ipsec(ses))
+			ctx = build_proto(op, ses);
 	} else {
 		if (is_auth_cipher(ses))
 			ctx = build_cipher_auth_sg(op, ses);
@@ -1661,6 +1752,227 @@ caam_jr_sym_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+static int
+caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
+			   struct rte_security_session_conf *conf,
+			   void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
+	struct rte_crypto_auth_xform *auth_xform;
+	struct rte_crypto_cipher_xform *cipher_xform;
+	struct caam_jr_session *session = (struct caam_jr_session *)sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		cipher_xform = &conf->crypto_xform->cipher;
+		auth_xform = &conf->crypto_xform->next->auth;
+	} else {
+		auth_xform = &conf->crypto_xform->auth;
+		cipher_xform = &conf->crypto_xform->next->cipher;
+	}
+	session->proto_alg = conf->protocol;
+	session->cipher_key.data = rte_zmalloc(NULL,
+					       cipher_xform->key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL &&
+			cipher_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+
+	session->cipher_key.length = cipher_xform->key.length;
+	session->auth_key.data = rte_zmalloc(NULL,
+					auth_xform->key.length,
+					RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL &&
+			auth_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		rte_free(session->cipher_key.data);
+		return -ENOMEM;
+	}
+	session->auth_key.length = auth_xform->key.length;
+	memcpy(session->cipher_key.data, cipher_xform->key.data,
+			cipher_xform->key.length);
+	memcpy(session->auth_key.data, auth_xform->key.data,
+			auth_xform->key.length);
+
+	switch (auth_xform->algo) {
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+	case RTE_CRYPTO_AUTH_KASUMI_F9:
+	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
+	case RTE_CRYPTO_AUTH_ZUC_EIA3:
+		CAAM_JR_ERR("Crypto: Unsupported auth alg %u\n",
+			auth_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Auth specified %u\n",
+			auth_xform->algo);
+		goto out;
+	}
+
+	switch (cipher_xform->algo) {
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR;
+		break;
+	case RTE_CRYPTO_CIPHER_NULL:
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+	case RTE_CRYPTO_CIPHER_3DES_ECB:
+	case RTE_CRYPTO_CIPHER_AES_ECB:
+	case RTE_CRYPTO_CIPHER_KASUMI_F8:
+		CAAM_JR_ERR("Crypto: Unsupported Cipher alg %u\n",
+			cipher_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Cipher specified %u\n",
+			cipher_xform->algo);
+		goto out;
+	}
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		memset(&session->encap_pdb, 0, sizeof(struct ipsec_encap_pdb) +
+				sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_v = IPVERSION;
+		session->ip4_hdr.ip_hl = 5;
+		session->ip4_hdr.ip_len = rte_cpu_to_be_16(
+						sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_tos = ipsec_xform->tunnel.ipv4.dscp;
+		session->ip4_hdr.ip_id = 0;
+		session->ip4_hdr.ip_off = 0;
+		session->ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl;
+		session->ip4_hdr.ip_p = (ipsec_xform->proto ==
+				RTE_SECURITY_IPSEC_SA_PROTO_ESP) ? IPPROTO_ESP
+				: IPPROTO_AH;
+		session->ip4_hdr.ip_sum = 0;
+		session->ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip;
+		session->ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip;
+		session->ip4_hdr.ip_sum = calc_chksum((uint16_t *)
+						(void *)&session->ip4_hdr,
+						sizeof(struct ip));
+
+		session->encap_pdb.options =
+			(IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
+			PDBOPTS_ESP_OIHI_PDB_INL |
+			PDBOPTS_ESP_IVSRC |
+			PDBHMO_ESP_ENCAP_DTTL;
+		session->encap_pdb.spi = ipsec_xform->spi;
+		session->encap_pdb.ip_hdr_len = sizeof(struct ip);
+
+		session->dir = DIR_ENC;
+	} else if (ipsec_xform->direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		session->decap_pdb.options = sizeof(struct ip) << 16;
+		session->dir = DIR_DEC;
+	} else
+		goto out;
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+out:
+	rte_free(session->auth_key.data);
+	rte_free(session->cipher_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+	return -1;
+}
+
+static int
+caam_jr_security_session_create(void *dev,
+				 struct rte_security_session_conf *conf,
+				 struct rte_security_session *sess,
+				 struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
+	int ret;
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	switch (conf->protocol) {
+	case RTE_SECURITY_PROTOCOL_IPSEC:
+		ret = caam_jr_set_ipsec_session(cdev, conf,
+				sess_private_data);
+		break;
+	case RTE_SECURITY_PROTOCOL_MACSEC:
+		return -ENOTSUP;
+	default:
+		return -EINVAL;
+	}
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sec_session_private_data(sess, sess_private_data);
+
+	return ret;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static int
+caam_jr_security_session_destroy(void *dev __rte_unused,
+		struct rte_security_session *sess)
+{
+	PMD_INIT_FUNC_TRACE();
+	void *sess_priv = get_sec_session_private_data(sess);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(sess, 0, sizeof(struct caam_jr_session));
+		set_sec_session_private_data(sess, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+	return 0;
+}
+
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -1752,6 +2064,20 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
+static const struct rte_security_capability *
+caam_jr_capabilities_get(void *device __rte_unused)
+{
+	return caam_jr_security_cap;
+}
+
+static struct rte_security_ops caam_jr_security_ops = {
+	.session_create = caam_jr_security_session_create,
+	.session_update = NULL,
+	.session_stats_get = NULL,
+	.session_destroy = caam_jr_security_session_destroy,
+	.set_pkt_metadata = NULL,
+	.capabilities_get = caam_jr_capabilities_get
+};
 
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
@@ -1970,6 +2296,7 @@ caam_jr_dev_init(const char *name,
 			 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct rte_security_ctx *security_instance;
 	struct uio_job_ring *job_ring;
 	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
@@ -2039,6 +2366,20 @@ caam_jr_dev_init(const char *name,
 		return 0;
 	}
 
+	/*TODO free it during teardown*/
+	security_instance = rte_malloc("caam_jr",
+				sizeof(struct rte_security_ctx), 0);
+	if (security_instance == NULL) {
+		CAAM_JR_ERR("memory allocation failed\n");
+		//todo error handling.
+		goto cleanup2;
+	}
+
+	security_instance->device = (void *)dev;
+	security_instance->ops = &caam_jr_security_ops;
+	security_instance->sess_cnt = 0;
+	dev->security_ctx = security_instance;
+
 	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
 
 	return 0;
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
index cc0aa65f1..cfa2f78ae 100644
--- a/drivers/crypto/caam_jr/caam_jr_pvt.h
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -110,6 +110,7 @@ struct caam_jr_session {
 	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
 	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
 	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	enum rte_security_session_protocol proto_alg; /* Security Algorithm*/
 	union {
 		struct {
 			uint8_t *data;	/* pointer to key data */
@@ -132,7 +133,9 @@ struct caam_jr_session {
 	} iv;	/* Initialisation vector parameters */
 	uint16_t auth_only_len; /* Length of data for Auth only */
 	uint32_t digest_length;
+	struct ipsec_encap_pdb encap_pdb;
 	struct ip ip4_hdr;
+	struct ipsec_decap_pdb decap_pdb;
 	struct caam_jr_qp *qp;
 	struct sec_cdb *cdb;	/* cmd block associated with qp */
 	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver Gagandeep Singh
@ 2018-09-18 12:13   ` Akhil Goyal
  2018-10-12 13:15     ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Akhil Goyal @ 2018-09-18 12:13 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: Hemant Agrawal

Hi Gagan,

On 9/13/2018 11:38 AM, Gagandeep Singh wrote:

> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>
> This patch introduces basic support for caam_jr crypto driver.
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   config/common_base                            |   8 +
>   config/common_linuxapp                        |   1 +
>   config/defconfig_arm64-dpaa-linuxapp-gcc      |   4 +
>   drivers/crypto/Makefile                       |   1 +
>   drivers/crypto/caam_jr/Makefile               |  40 +++++
>   drivers/crypto/caam_jr/caam_jr.c              | 157 ++++++++++++++++++
>   drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
>   drivers/crypto/caam_jr/meson.build            |  11 ++
>   .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
>   drivers/crypto/meson.build                    |   2 +-
>   10 files changed, 269 insertions(+), 1 deletion(-)
>   create mode 100644 drivers/crypto/caam_jr/Makefile
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
>   create mode 100644 drivers/crypto/caam_jr/meson.build
>   create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
>
> diff --git a/config/common_base b/config/common_base
> index 4bcbaf923..a73f063d1 100644
> --- a/config/common_base
> +++ b/config/common_base
> @@ -479,6 +479,14 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
>   CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
>   CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
>   
> +#
> +# Compile NXP CAAM JR crypto Driver
> +#
> +CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
> +CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
> +CONFIG_RTE_LIBRTE_PMD_CAAM_JR_DEBUG=n

Do you really need DEBUG?

> +CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS=2048

MAX_NB_SESSIONS is no more used in any of the drivers.

Do you have a limitation in your hardware?

> +
>   #
>   # Compile NXP DPAA2 crypto sec driver for CAAM HW
>   #
> diff --git a/config/common_linuxapp b/config/common_linuxapp
> index 9c5ea9d89..c1c7c4287 100644
> --- a/config/common_linuxapp
> +++ b/config/common_linuxapp
> @@ -35,6 +35,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
>   CONFIG_RTE_LIBRTE_DPAA_PMD=y
>   CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
>   CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
> +CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
>   
>   # NXP FSLMC BUS and DPAA2 drivers
>   CONFIG_RTE_LIBRTE_FSLMC_BUS=y
> diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc b/config/defconfig_arm64-dpaa-linuxapp-gcc
> index c47aec0a6..e5343f7a9 100644
> --- a/config/defconfig_arm64-dpaa-linuxapp-gcc
> +++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
> @@ -21,3 +21,7 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
>   # NXP DPAA Bus
>   CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
>   CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
> +
> +# NXP CAAM_JR driver
> +CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
> +CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
> diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
> index c480cbd37..e3711d703 100644
> --- a/drivers/crypto/Makefile
> +++ b/drivers/crypto/Makefile
> @@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
> +DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_CRYPTO_SCHEDULER) += scheduler
> diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
> new file mode 100644
> index 000000000..46d752af7
> --- /dev/null
> +++ b/drivers/crypto/caam_jr/Makefile
> @@ -0,0 +1,40 @@
> +# SPDX-License-Identifier: BSD-3-Clause
> +# Copyright 2017 NXP
> +
> +include $(RTE_SDK)/mk/rte.vars.mk
> +
> +#
> +# library name
> +#
> +LIB = librte_pmd_caam_jr.a
> +
> +# build flags
> +CFLAGS += -DALLOW_EXPERIMENTAL_API
> +CFLAGS += -D _GNU_SOURCE
> +ifeq ($(CONFIG_RTE_LIBRTE_CAAM_JR_DEBUG),y)
> +CFLAGS += -O0 -g
> +CFLAGS += "-Wno-error"
> +else
> +CFLAGS += -O3
> +CFLAGS += $(WERROR_FLAGS)
> +endif
> +
> +CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
> +CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
> +CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
> +
> +# versioning export map
> +EXPORT_MAP := rte_pmd_caam_jr_version.map
> +
> +# library version
> +LIBABIVER := 1
> +
> +# library source files
> +SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
> +# library dependencies
> +
> +LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
> +LDLIBS += -lrte_cryptodev
> +LDLIBS += -lrte_bus_vdev
> +
> +include $(RTE_SDK)/mk/rte.lib.mk
> diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
> new file mode 100644
> index 000000000..68779cba5
> --- /dev/null
> +++ b/drivers/crypto/caam_jr/caam_jr.c
> @@ -0,0 +1,157 @@
> +/* SPDX-License-Identifier: BSD-3-Clause
> + * Copyright 2017-2018 NXP
> + */
> +
> +#include <fcntl.h>
> +#include <unistd.h>
> +#include <sched.h>
> +#include <net/if.h>
> +
> +#include <rte_byteorder.h>
> +#include <rte_common.h>
> +#include <rte_cryptodev_pmd.h>
> +#include <rte_crypto.h>
> +#include <rte_cryptodev.h>
> +#include <rte_bus_vdev.h>
> +#include <rte_malloc.h>
> +#include <rte_security_driver.h>
> +#include <rte_hexdump.h>
> +
> +#include <caam_jr_log.h>
> +
> +#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
> +static uint8_t cryptodev_driver_id;
> +int caam_jr_logtype;
> +
> +
> +/*
> + * @brief Release the resources used by the SEC user space driver.
> + *
> + * Reset and release SEC's job rings indicated by the User Application at
> + * init_job_ring() and free any memory allocated internally.
> + * Call once during application tear down.
> + *
> + * @note In case there are any descriptors in-flight (descriptors received by
> + * SEC driver for processing and for which no response was yet provided to UA),
> + * the descriptors are discarded without any notifications to User Application.
> + *
> + * @retval ::0			is returned for a successful execution
> + * @retval ::-1		is returned if SEC driver release is in progress
> + */
> +
> +static int
> +caam_jr_dev_uninit(struct rte_cryptodev *dev)
> +{
> +
> +	if (dev == NULL)
> +		return -ENODEV;
> +
> +
> +	CAAM_JR_INFO("Closing DPAA_SEC device %s", dev->data->name);
> +
> +
> +	return 0;
> +}

remove extra spacing.

> +
> +static int
> +caam_jr_dev_init(const char *name,
> +			 struct rte_vdev_device *vdev,
> +			 struct rte_cryptodev_pmd_init_params *init_params)
> +{
> +	struct rte_cryptodev *dev;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
> +	if (dev == NULL) {
> +		CAAM_JR_ERR("failed to create cryptodev vdev");
> +		goto cleanup;
> +	}
> +
> +	dev->driver_id = cryptodev_driver_id;
> +	dev->dev_ops = NULL;
> +
> +	/* For secondary processes, we don't initialise any further as primary
> +	 * has already done this work. Only check we don't need a different
> +	 * RX function
> +	 */
> +	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
> +		CAAM_JR_WARN("Device already init by primary process");
> +		return 0;
> +	}
> +
> +	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
> +
> +	return 0;
> +
> +cleanup:
> +	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
> +			init_params->name);
> +
> +	return -ENXIO;
> +}
> +
> +/** Initialise CAAM JR crypto device */
> +static int
> +cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
> +{
> +	struct rte_cryptodev_pmd_init_params init_params = {
> +		"",
> +		128,
> +		rte_socket_id(),
> +		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
> +	};
> +	const char *name;
> +	const char *input_args;
> +
> +	name = rte_vdev_device_name(vdev);
> +	if (name == NULL)
> +		return -EINVAL;
> +
> +	input_args = rte_vdev_device_args(vdev);
> +	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
> +
> +	return caam_jr_dev_init(name, vdev, &init_params);
> +}
> +
> +/** Uninitialise CAAM JR crypto device */
> +static int
> +cryptodev_caam_jr_remove(struct rte_vdev_device *vdev)
> +{
> +	struct rte_cryptodev *cryptodev;
> +	const char *name;
> +
> +	name = rte_vdev_device_name(vdev);
> +	if (name == NULL)
> +		return -EINVAL;
> +
> +	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
> +	if (cryptodev == NULL)
> +		return -ENODEV;
> +
> +	caam_jr_dev_uninit(cryptodev);
> +
> +	return rte_cryptodev_pmd_destroy(cryptodev);
> +}
> +
> +static struct rte_vdev_driver cryptodev_caam_jr_drv = {
> +	.probe = cryptodev_caam_jr_probe,
> +	.remove = cryptodev_caam_jr_remove
> +};
> +
> +static struct cryptodev_driver caam_jr_crypto_drv;
> +
> +RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD, cryptodev_caam_jr_drv);
> +RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
> +	"max_nb_queue_pairs=<int>"
> +	"max_nb_sessions=<int>"

max_nb_sessions may not be needed

> +	"socket_id=<int>");
> +RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver,
> +		cryptodev_driver_id);
> +
> +RTE_INIT(caam_jr_init_log)
> +{
> +	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
> +	if (caam_jr_logtype >= 0)
> +		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE);
> +}

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details Gagandeep Singh
@ 2018-09-18 12:27   ` Akhil Goyal
  2018-10-12 13:29     ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Akhil Goyal @ 2018-09-18 12:27 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: Hemant Agrawal, john.mcnamara

++John

Hi Gagan,

Please make this patch as last patch in your patchset for v2.

On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   doc/guides/cryptodevs/caam_jr.rst | 159 ++++++++++++++++++++++++++++++
>   doc/guides/cryptodevs/index.rst   |   1 +
>   2 files changed, 160 insertions(+)
>   create mode 100644 doc/guides/cryptodevs/caam_jr.rst
>
> diff --git a/doc/guides/cryptodevs/caam_jr.rst b/doc/guides/cryptodevs/caam_jr.rst
> new file mode 100644
> index 000000000..0ee501506
> --- /dev/null
> +++ b/doc/guides/cryptodevs/caam_jr.rst
> @@ -0,0 +1,159 @@
> +..  SPDX-License-Identifier: BSD-3-Clause
> +    Copyright 2017 NXP
> +
> +
> +NXP CAAM JOB RING (caam_jr)
> +===========================
> +
> +The caam_jr PMD provides poll mode crypto driver support for NXP SEC 4.x+ (CAAM)
> +hardware accelerator. More information is available at:
> +
> +`NXP Cryptographic Acceleration Technology  <https://www.nxp.com/applications/solutions/internet-of-things/secure-things/network-security-technology/cryptographic-acceleration-technology:NETWORK_SECURITY_CRYPTOG>`_.
> +
> +Architecture
> +------------
> +
> +SEC is the SOC's security engine, which serves as NXP's latest cryptographic
> +acceleration and offloading hardware. It combines functions previously
> +implemented in separate modules to create a modular and scalable acceleration
> +and assurance engine. It also implements block encryption algorithms, stream
> +cipher algorithms, hashing algorithms, public key algorithms, run-time
> +integrity checking, and a hardware random number generator. SEC performs
> +higher-level cryptographic operations than previous NXP cryptographic
> +accelerators. This provides significant improvement to system level performance.
> +
> +SEC HW accelerator above 4.x+ version are also known as CAAM.
> +
> +caam_jr PMD is one of DPAA drivers which uses uio interface to interact with
> +Linux kernel for configure and destroy the device instance (ring).
> +
> +
> +Implementation
> +--------------
> +
> +SEC provides platform assurance by working with SecMon, which is a companion
> +logic block that tracks the security state of the SOC. SEC is programmed by
> +means of descriptors (not to be confused with frame descriptors (FDs)) that
> +indicate the operations to be performed and link to the message and
> +associated data. SEC incorporates two DMA engines to fetch the descriptors,
> +read the message data, and write the results of the operations. The DMA
> +engine provides a scatter/gather capability so that SEC can read and write
> +data scattered in memory. SEC may be configured by means of software for
> +dynamic changes in byte ordering. The default configuration for this version
> +of SEC is little-endian mode.
> +
> +Note that one physical Job Ring represent one caam_jr device.
> +
> +Features
> +--------
> +
> +The CAAM_JR PMD has support for:
> +
> +Cipher algorithms:
> +
> +* ``RTE_CRYPTO_CIPHER_3DES_CBC``
> +* ``RTE_CRYPTO_CIPHER_AES128_CBC``
> +* ``RTE_CRYPTO_CIPHER_AES192_CBC``
> +* ``RTE_CRYPTO_CIPHER_AES256_CBC``
> +* ``RTE_CRYPTO_CIPHER_AES128_CTR``
> +* ``RTE_CRYPTO_CIPHER_AES192_CTR``
> +* ``RTE_CRYPTO_CIPHER_AES256_CTR``
> +
> +Hash algorithms:
> +
> +* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
> +* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
> +* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
> +* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
> +* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
> +* ``RTE_CRYPTO_AUTH_MD5_HMAC``
> +
> +AEAD algorithms:
> +
> +* ``RTE_CRYPTO_AEAD_AES_GCM``
> +
I do not see the features/caam_jr.ini file in the patch set. Please add 
the supported features in that file as well.
> +Supported DPAA SoCs
> +--------------------
> +
> +* LS1046A/LS1026A
> +* LS1043A/LS1023A
> +* LS1028A
> +* LS1012A
> +
> +Limitations
> +-----------
> +
> +* Hash followed by Cipher mode is not supported
> +* Only supports the session-oriented API implementation (session-less APIs are not supported).
> +
> +Prerequisites
> +-------------
> +
> +caam_jr driver has following dependencies are not part of DPDK and must be installed separately:
> +
> +* **NXP Linux SDK**
> +
> +  NXP Linux software development kit (SDK) includes support for the family
> +  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
> +  and corresponding boards.
> +
> +  It includes the Linux board support packages (BSPs) for NXP SoCs,
> +  a fully operational tool chain, kernel and board specific modules.
> +
> +  SDK and related information can be obtained from:  `NXP QorIQ SDK  <http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
> +
> +Currently supported by DPDK:
> +
> +* NXP SDK **18.09+**.
> +* Supported architectures:  **arm64 LE**.
> +
> +* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup the basic DPDK environment.
> +
> +Pre-Installation Configuration
> +------------------------------
> +
> +Config File Options
> +~~~~~~~~~~~~~~~~~~~
> +
> +The following options can be modified in the ``config`` file
> +to enable caam_jr PMD.
> +
> +Please note that enabling debugging options may affect system performance.
> +
> +* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
> +  By default it is only enabled in common_armv8a_linuxapp config.
> +  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
> +
> +* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
> +  By default it is disabled.
> +  It can be used when the underlying hardware supports the CAAM in BE mode.
> +  e.g. LS1043A, LS1046A supports CAAM in BE mode.
> +
> +* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_DEBUG`` (default ``n``)
> +  By default it is disabled.
> +  It can be used enabled debug mode.
> +
> +* ``CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS``
> +  By default it is set as 2048 in common_base config.
> +  It indicates Number of sessions to create in the session memory pool
> +  on a single caam_jr device.
This is not needed now.
> +
> +
> +Installations
> +-------------
> +To compile the caam_jr PMD for Linux arm64 gcc target, run the
> +following ``make`` command:
> +
> +.. code-block:: console
> +
> +   cd <DPDK-source-directory>
> +   make config T=arm64-armv8a-linuxapp-gcc install
I see that you have added caam_jr in defconfig_arm64-dpaa-linuxapp-gcc 
as well.
> +
> +Enabling logs
> +-------------
> +
> +For enabling logs, use the following EAL parameter:
> +
> +.. code-block:: console
> +
> +   ./your_crypto_application <EAL args> --log-level=pmd.crypto.caam,<level>
> diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
> index e9928a4e2..7dddeec8a 100644
> --- a/doc/guides/cryptodevs/index.rst
> +++ b/doc/guides/cryptodevs/index.rst
> @@ -13,6 +13,7 @@ Crypto Device Drivers
>       aesni_mb
>       aesni_gcm
>       armv8
> +    caam_jr
>       ccp
>       dpaa2_sec
>       dpaa_sec

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings Gagandeep Singh
@ 2018-09-18 13:37   ` Akhil Goyal
  2018-10-12 13:32     ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Akhil Goyal @ 2018-09-18 13:37 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: Hemant Agrawal

Hi Gagan,

On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   drivers/crypto/caam_jr/Makefile              |   6 +
>   drivers/crypto/caam_jr/caam_jr.c             | 329 +++++++++++-
>   drivers/crypto/caam_jr/caam_jr_config.h      | 207 ++++++++
>   drivers/crypto/caam_jr/caam_jr_hw.c          | 365 ++++++++++++++
>   drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
>   drivers/crypto/caam_jr/caam_jr_pvt.h         | 285 +++++++++++
>   drivers/crypto/caam_jr/caam_jr_uio.c         | 491 ++++++++++++++++++
>   drivers/crypto/caam_jr/meson.build           |   5 +-
>   8 files changed, 2188 insertions(+), 3 deletions(-)
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
>
> diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
> index 46d752af7..8b863b4af 100644
> --- a/drivers/crypto/caam_jr/Makefile
> +++ b/drivers/crypto/caam_jr/Makefile
> @@ -19,7 +19,10 @@ CFLAGS += -O3
>   CFLAGS += $(WERROR_FLAGS)
>   endif
>   
> +CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
>   CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
> +#sharing the hw flib headers from dpaa2_sec pmd
> +CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
>   CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
>   CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
>   
> @@ -30,11 +33,14 @@ EXPORT_MAP := rte_pmd_caam_jr_version.map
>   LIBABIVER := 1
>   
>   # library source files
> +SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
> +SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
>   SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
>   # library dependencies
>   
>   LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
>   LDLIBS += -lrte_cryptodev
> +LDLIBS += -lrte_bus_dpaa
>   LDLIBS += -lrte_bus_vdev
>   
>   include $(RTE_SDK)/mk/rte.lib.mk
> diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
> index 68779cba5..9d5f5b79b 100644
> --- a/drivers/crypto/caam_jr/caam_jr.c
> +++ b/drivers/crypto/caam_jr/caam_jr.c
> @@ -16,13 +16,146 @@
>   #include <rte_malloc.h>
>   #include <rte_security_driver.h>
>   #include <rte_hexdump.h>
> +#include <caam_jr_config.h>
Please give one line break between the rte_ includes and driver specific 
includes
>   
> +/* RTA header files */
> +#include <hw/desc/common.h>
> +#include <of.h>
> +#include <caam_jr_hw_specific.h>
> +#include <caam_jr_pvt.h>
>   #include <caam_jr_log.h>
>   
>   #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
>   static uint8_t cryptodev_driver_id;
>   int caam_jr_logtype;
>   
> +enum rta_sec_era rta_sec_era;
> +
> +/* Lists the states possible for the SEC user space driver. */
> +enum sec_driver_state_e {
> +	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
> +	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
> +	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
> +};
> +
> +/* Job rings used for communication with SEC HW */
> +static struct sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
> +
> +/* The current state of SEC user space driver */
> +static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
> +
> +/* The number of job rings used by SEC user space driver */
> +static int g_job_rings_no;
> +static int g_job_rings_max;
> +
> +/* @brief Poll the HW for already processed jobs in the JR
> + * and silently discard the available jobs or notify them to UA
> + * with indicated error code.
> + *
> + * @param [in,out]  job_ring        The job ring to poll.
> + * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
> + *				    descriptors are to be discarded
> + *                                  or notified to UA with given error_code.
> + * @param [out] notified_descs    Number of notified descriptors. Can be NULL
> + *					if do_notify is #FALSE
> + */
> +static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
> +			      uint32_t do_notify,
> +			      uint32_t *notified_descs)
static void should be in a separate line.. Please check in rest of the 
code as well.
> +{
> +	int32_t jobs_no_to_discard = 0;
> +	int32_t discarded_descs_no = 0;
> +
> +	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
> +		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
> +
> +	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
> +
> +	/* Discard all jobs */
> +	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
> +		  job_ring, job_ring->pidx, job_ring->cidx,
> +		  jobs_no_to_discard);
> +
> +	while (jobs_no_to_discard > discarded_descs_no) {
> +		/* Get completed descriptor */
> +#if 0
> +		/*TODO if we want to do something with desc*/
> +		/* Since the memory is contigous, then P2V translation is a
> +		 * mere addition to the base descriptor physical address
> +		 */
> +		current_desc = job_ring->output_ring[job_ring->cidx].desc;
> +#endif
Please remove dead code.
> +
> +		discarded_descs_no++;
> +		/* Now increment the consumer index for the current job ring,
> +		 * AFTER saving job in temporary location!
> +		 * Increment the consumer index for the current job ring
> +		 */
> +		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
> +					 SEC_JOB_RING_SIZE);
> +
> +		hw_remove_entries(job_ring, 1);
> +	}
> +
> +	if (do_notify == true) {
> +		ASSERT(notified_descs != NULL);
> +		*notified_descs = discarded_descs_no;
> +	}
> +}
> +
> +
> +/* @brief Flush job rings of any processed descs.
> + * The processed descs are silently dropped,
> + * WITHOUT being notified to UA.
> + */
> +static void close_job_ring(struct sec_job_ring_t *job_ring)
> +{
> +	if (job_ring->irq_fd) {
> +		/* Producer index is frozen. If consumer index is not equal
> +		 * with producer index, then we have descs to flush.
> +		 */
> +		while (job_ring->pidx != job_ring->cidx)
> +			hw_flush_job_ring(job_ring, false, NULL);
> +
> +		/* free the uio job ring */
> +		free_job_ring(job_ring->irq_fd);
> +		job_ring->irq_fd = 0;
> +		caam_jr_dma_free(job_ring->input_ring);
> +		caam_jr_dma_free(job_ring->output_ring);
> +
> +		g_job_rings_no--;
> +
> +	}
> +}
> +
> +/** @brief Release the software and hardware resources tied to a job ring.
> + * @param [in] job_ring The job ring
> + *
> + * @retval  0 for success
> + * @retval  -1 for error
> + */
> +static int shutdown_job_ring(struct sec_job_ring_t *job_ring)
> +{
> +	int ret = 0;
> +
> +	ASSERT(job_ring != NULL);
> +	ret = hw_shutdown_job_ring(job_ring);
> +	SEC_ASSERT(ret == 0, ret,
> +		"Failed to shutdown hardware job ring %p",
> +		job_ring);
> +
> +	if (job_ring->coalescing_en)
> +		hw_job_ring_disable_coalescing(job_ring);
> +
> +	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
> +		ret = caam_jr_disable_irqs(job_ring->irq_fd);
> +		SEC_ASSERT(ret == 0, ret,
> +		"Failed to disable irqs for job ring %p",
> +		job_ring);
> +	}
> +
> +	return ret;
> +}
>   
>   /*
>    * @brief Release the resources used by the SEC user space driver.
> @@ -42,31 +175,195 @@ int caam_jr_logtype;
>   static int
>   caam_jr_dev_uninit(struct rte_cryptodev *dev)
>   {
> +	struct sec_job_ring_t *internals;
>   
>   	if (dev == NULL)
>   		return -ENODEV;
>   
> +	internals = dev->data->dev_private;
> +	rte_free(dev->security_ctx);
> +
> +
> +	/* If any descriptors in flight , poll and wait
> +	 * until all descriptors are received and silently discarded.
> +	 */
> +	if (internals) {
> +		shutdown_job_ring(internals);
> +		close_job_ring(internals);
> +		rte_mempool_free(internals->ctx_pool);
> +	}
>   
>   	CAAM_JR_INFO("Closing DPAA_SEC device %s", dev->data->name);
DPAA_SEC??? check rest of the code as well
>   
> +	/* last caam jr instance) */
> +	if (g_job_rings_no == 0)
> +		g_driver_state = SEC_DRIVER_STATE_IDLE;
>   
> -	return 0;
> +	return SEC_SUCCESS;
>   }
>   
> +/* @brief Initialize the software and hardware resources tied to a job ring.
.. [snip]
> diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
> new file mode 100644
> index 000000000..7c8909d2b
> --- /dev/null
> +++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
> @@ -0,0 +1,503 @@
> +/* SPDX-License-Identifier: BSD-3-Clause
> + * Copyright 2017 NXP
> + */
> +
> +#ifndef CAAM_JR_HW_SPECIFIC_H
> +#define CAAM_JR_HW_SPECIFIC_H
> +
> +#include <caam_jr_config.h>
> +
> +/*
> + * Offset to the registers of a job ring.
> + * Is different for each job ring.
> + */
> +#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
> +
> +#ifndef unlikely
> +#define unlikely(x)     __builtin_expect(!!(x), 0)
> +#endif
likely/unlikely are already defined in DPDK
> +
.. [snip]
> +
> +static inline rte_iova_t
> +caam_jr_mem_vtop(void *vaddr)
> +{
> +	const struct rte_memseg *ms;
> +
> +	ms = rte_mem_virt2memseg(vaddr, NULL);
> +	if (ms)
> +		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
> +	return (size_t)NULL;
> +}
> +
> +static inline void *
> +caam_jr_dma_ptov(rte_iova_t paddr)
> +{
> +	return rte_mem_iova2virt(paddr);
> +}
> +
> +/* Virtual to physical address conversion */
> +static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
> +{
> +	//return rte_malloc_virt2iova(ptr);
remove this comment.
> +	return caam_jr_mem_vtop(ptr);
> +}
> +
>

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines Gagandeep Singh
@ 2018-09-18 13:59   ` Akhil Goyal
  2018-10-12 13:38     ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Akhil Goyal @ 2018-09-18 13:59 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: Hemant Agrawal

Hi Gagan,

On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   drivers/crypto/caam_jr/caam_jr.c | 100 +++++++++++-
>   drivers/crypto/caam_jr/caam_jr.h | 257 +++++++++++++++++++++++++++++++
>   2 files changed, 356 insertions(+), 1 deletion(-)
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.h
>
> diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
> index 9d5f5b79b..43fe5233b 100644
> --- a/drivers/crypto/caam_jr/caam_jr.c
> +++ b/drivers/crypto/caam_jr/caam_jr.c
> @@ -22,6 +22,7 @@
>   #include <hw/desc/common.h>
>   #include <of.h>
>   #include <caam_jr_hw_specific.h>
> +#include <caam_jr.h>
>   #include <caam_jr_pvt.h>
>   #include <caam_jr_log.h>
>   
> @@ -104,6 +105,90 @@ static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
>   }
>   
>   
> +static int
> +caam_jr_dev_configure(struct rte_cryptodev *dev,
> +		       struct rte_cryptodev_config *config __rte_unused)
> +{
> +	char str[20];
> +	struct sec_job_ring_t *internals;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	internals = dev->data->dev_private;
> +	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
> +	if (!internals->ctx_pool) {
> +		internals->ctx_pool = rte_mempool_create((const char *)str,
> +						CTX_POOL_NUM_BUFS,
> +						sizeof(struct caam_jr_op_ctx),
> +						CTX_POOL_CACHE_SIZE, 0,
> +						NULL, NULL, NULL, NULL,
> +						SOCKET_ID_ANY, 0);
> +		if (!internals->ctx_pool) {
> +			CAAM_JR_ERR("%s create failed\n", str);
> +			return -ENOMEM;
> +		}
> +	} else
> +		CAAM_JR_INFO("mempool already created for dev_id : %d",
> +				dev->data->dev_id);
> +
> +	return 0;
> +}
> +
> +static int
> +caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused)
> +{
> +	PMD_INIT_FUNC_TRACE();
> +	return 0;
> +}
> +
> +static void
> +caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused)
> +{
> +	PMD_INIT_FUNC_TRACE();
> +}
> +
> +static int
> +caam_jr_dev_close(struct rte_cryptodev *dev)
> +{
> +	struct sec_job_ring_t *internals;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	if (dev == NULL)
> +		return -ENOMEM;
> +
> +	internals = dev->data->dev_private;
> +	rte_mempool_free(internals->ctx_pool);
> +	internals->ctx_pool = NULL;
> +
> +	return 0;
> +}
> +
> +static void
> +caam_jr_dev_infos_get(struct rte_cryptodev *dev,
> +		       struct rte_cryptodev_info *info)
> +{
> +	struct sec_job_ring_t *internals = dev->data->dev_private;
> +
> +	PMD_INIT_FUNC_TRACE();
> +	if (info != NULL) {
> +		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
> +		info->feature_flags = dev->feature_flags;
> +		info->capabilities = caam_jr_capabilities;
> +		info->sym.max_nb_sessions = internals->max_nb_sessions;
> +		info->driver_id = cryptodev_driver_id;
> +	}
> +}
> +
> +static struct rte_cryptodev_ops caam_jr_ops = {
> +	.dev_configure	      = caam_jr_dev_configure,
> +	.dev_start	      = caam_jr_dev_start,
> +	.dev_stop	      = caam_jr_dev_stop,
> +	.dev_close	      = caam_jr_dev_close,
> +	.dev_infos_get        = caam_jr_dev_infos_get,
> +};
> +
> +
>   /* @brief Flush job rings of any processed descs.
>    * The processed descs are silently dropped,
>    * WITHOUT being notified to UA.
> @@ -366,7 +451,20 @@ caam_jr_dev_init(const char *name,
>   	}
>   
>   	dev->driver_id = cryptodev_driver_id;
> -	dev->dev_ops = NULL;
> +	dev->dev_ops = &caam_jr_ops;
> +
> +	/* register rx/tx burst functions for data path */
> +	dev->dequeue_burst = NULL;
> +	dev->enqueue_burst = NULL;
> +	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
> +			RTE_CRYPTODEV_FF_HW_ACCELERATED |
> +			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
> +			RTE_CRYPTODEV_FF_SECURITY |
> +			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
> +			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
> +			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
> +			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
> +			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
>   
>   	/* For secondary processes, we don't initialise any further as primary
>   	 * has already done this work. Only check we don't need a different
> diff --git a/drivers/crypto/caam_jr/caam_jr.h b/drivers/crypto/caam_jr/caam_jr.h
> new file mode 100644
> index 000000000..d7c36ca9d
> --- /dev/null
> +++ b/drivers/crypto/caam_jr/caam_jr.h
> @@ -0,0 +1,257 @@
> +/* SPDX-License-Identifier: BSD-3-Clause
> + * Copyright 2017-2018 NXP
> + */
> +
> +#ifndef CAAM_JR_H
> +#define CAAM_JR_H
> +
> +static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
> +	{	/* MD5 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 1,
> +					.max = 64,
> +					.increment = 1
> +				},
> +				.digest_size = {
> +					.min = 1,
> +					.max = 16,
> +					.increment = 1
> +				},
> +				.iv_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA1 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 1,
> +					.max = 64,
> +					.increment = 1
> +				},
> +				.digest_size = {
> +					.min = 1,
> +					.max = 20,
> +					.increment = 1
> +				},
> +				.iv_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA224 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 1,
> +					.max = 64,
> +					.increment = 1
> +				},
> +				.digest_size = {
> +					.min = 1,
> +					.max = 28,
> +					.increment = 1
> +				},
> +				.iv_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA256 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
> +				.block_size = 64,
> +				.key_size = {
> +					.min = 1,
> +					.max = 64,
> +					.increment = 1
> +				},
> +				.digest_size = {
> +					.min = 1,
> +					.max = 32,
> +					.increment = 1
> +				},
> +				.iv_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA384 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
> +				.block_size = 128,
> +				.key_size = {
> +					.min = 1,
> +					.max = 128,
> +					.increment = 1
> +				},
> +				.digest_size = {
> +					.min = 1,
> +					.max = 48,
> +					.increment = 1
> +				},
> +				.iv_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* SHA512 HMAC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> +			{.auth = {
> +				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
> +				.block_size = 128,
> +				.key_size = {
> +					.min = 1,
> +					.max = 128,
> +					.increment = 1
> +				},
> +				.digest_size = {
> +					.min = 1,
> +					.max = 64,
> +					.increment = 1
> +				},
> +				.iv_size = { 0 }
> +			}, }
> +		}, }
> +	},
> +	{	/* AES GCM */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
> +			{.aead = {
> +				.algo = RTE_CRYPTO_AEAD_AES_GCM,
> +				.block_size = 16,
> +				.key_size = {
> +					.min = 16,
> +					.max = 32,
> +					.increment = 8
> +				},
> +				.digest_size = {
> +					.min = 8,
> +					.max = 16,
> +					.increment = 4
> +				},
> +				.aad_size = {
> +					.min = 0,
> +					.max = 240,
> +					.increment = 1
> +				},
> +				.iv_size = {
> +					.min = 12,
> +					.max = 12,
> +					.increment = 0
> +				},
> +			}, }
> +		}, }
> +	},
> +	{	/* AES CBC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +				.block_size = 16,
> +				.key_size = {
> +					.min = 16,
> +					.max = 32,
> +					.increment = 8
> +				},
> +				.iv_size = {
> +					.min = 16,
> +					.max = 16,
> +					.increment = 0
> +				}
> +			}, }
> +		}, }
> +	},
> +	{	/* AES CTR */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
> +				.block_size = 16,
> +				.key_size = {
> +					.min = 16,
> +					.max = 32,
> +					.increment = 8
> +				},
> +				.iv_size = {
> +					.min = 16,
> +					.max = 16,
> +					.increment = 0
> +				}
> +			}, }
> +		}, }
> +	},
> +	{	/* 3DES CBC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> +				.block_size = 8,
> +				.key_size = {
> +					.min = 16,
> +					.max = 24,
> +					.increment = 8
> +				},
> +				.iv_size = {
> +					.min = 8,
> +					.max = 8,
> +					.increment = 0
> +				}
> +			}, }
> +		}, }
> +	},
> +
> +	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
> +};
capabilities shall be added in your 08/10.
> +
> +static const struct rte_security_capability caam_jr_security_cap[] = {
> +	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
> +		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> +		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
> +		.ipsec = {
> +			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
> +			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
> +			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
> +			.options = { 0 }
> +		},
> +		.crypto_capabilities = caam_jr_capabilities
> +	},
> +	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
> +		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> +		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
> +		.ipsec = {
> +			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
> +			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
> +			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
> +			.options = { 0 }
> +		},
> +		.crypto_capabilities = caam_jr_capabilities
> +	},
> +	{
> +		.action = RTE_SECURITY_ACTION_TYPE_NONE
> +	}
> +};
> +
security capabilities shall be added in your 10/10 patch.

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions Gagandeep Singh
@ 2018-09-18 14:04   ` Akhil Goyal
  2018-10-12 13:39     ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Akhil Goyal @ 2018-09-18 14:04 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: Hemant Agrawal

Hi Gagan,

On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   drivers/crypto/caam_jr/caam_jr.c | 64 ++++++++++++++++++++++++++++++++
>   1 file changed, 64 insertions(+)
>
> diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
> index 43fe5233b..f05e966b0 100644
> --- a/drivers/crypto/caam_jr/caam_jr.c
> +++ b/drivers/crypto/caam_jr/caam_jr.c
> @@ -104,6 +104,67 @@ static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
>   	}
>   }
>   
> +/* Release queue pair */
> +static int
> +caam_jr_queue_pair_release(struct rte_cryptodev *dev,
> +			    uint16_t qp_id)
> +{
> +	struct sec_job_ring_t *internals;
> +	struct caam_jr_qp *qp = NULL;
> +
> +	PMD_INIT_FUNC_TRACE();
> +
> +	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
> +
> +	internals = dev->data->dev_private;
> +	if (qp_id >= internals->max_nb_queue_pairs) {
> +		CAAM_JR_ERR("Max supported qpid %d",
> +			     internals->max_nb_queue_pairs);
> +		return -EINVAL;
> +	}
> +
> +	qp = &internals->qps[qp_id];
> +	qp->ring = NULL;
> +	dev->data->queue_pairs[qp_id] = NULL;
> +
> +	return 0;
> +}
> +
> +/* Setup a queue pair */
> +static int
> +caam_jr_queue_pair_setup(
> +		struct rte_cryptodev *dev, uint16_t qp_id,
> +		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
> +		__rte_unused int socket_id,
> +		__rte_unused struct rte_mempool *session_pool)
> +{
> +	struct sec_job_ring_t *internals;
> +	struct caam_jr_qp *qp = NULL;
> +

PMD_INIT_FUNC_TRACE(); missing here and please check other ops as well

> +	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id, qp_conf);
> +
> +	internals = dev->data->dev_private;
> +	if (qp_id >= internals->max_nb_queue_pairs) {
> +		CAAM_JR_ERR("Max supported qpid %d",
> +			     internals->max_nb_queue_pairs);
> +		return -EINVAL;
> +	}
> +
> +	qp = &internals->qps[qp_id];
> +	qp->ring = internals;
> +	dev->data->queue_pairs[qp_id] = qp;
> +
> +	return 0;
> +}
> +
> +/* Return the number of allocated queue pairs */
> +static uint32_t
> +caam_jr_queue_pair_count(struct rte_cryptodev *dev)
> +{
> +	PMD_INIT_FUNC_TRACE();
> +
> +	return dev->data->nb_queue_pairs;
> +}
>   
>   static int
>   caam_jr_dev_configure(struct rte_cryptodev *dev,
> @@ -186,6 +247,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
>   	.dev_stop	      = caam_jr_dev_stop,
>   	.dev_close	      = caam_jr_dev_close,
>   	.dev_infos_get        = caam_jr_dev_infos_get,
> +	.queue_pair_setup     = caam_jr_queue_pair_setup,
> +	.queue_pair_release   = caam_jr_queue_pair_release,
> +	.queue_pair_count     = caam_jr_queue_pair_count,
>   };
>   
>   

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (9 preceding siblings ...)
  2018-09-13  6:08 ` [dpdk-dev] [PATCH 10/10] crypto/caam_jr: add security offload support Gagandeep Singh
@ 2018-09-18 14:21 ` Akhil Goyal
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
  11 siblings, 0 replies; 97+ messages in thread
From: Akhil Goyal @ 2018-09-18 14:21 UTC (permalink / raw)
  To: Gagandeep Singh, dev, Hemant Agrawal

Hi Gagan,

On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> The caam_jr PMD provides poll mode crypto driver
> support for NXP SEC 4.x+ (CAAM) hardware accelerator.
>
> This patch has dependancy on below patches:
> http://patchwork.dpdk.org/patch/43986/
> http://patchwork.dpdk.org/patch/43964/
>
> Hemant Agrawal (10):
>    doc: add caam jr cryptodev details
>    crypto/caam_jr: introduce basic driver
>    crypto/caam_jr: add HW config for job rings
>    crypto/caam_jr: add device configuration routines
>    crypto/caam_jr: add queue config functions
>    crypto/caam_jr: add basic session config routines
>    crypto/caam_jr: add enqueue and dequeue routines
>    crypto/caam_jr: add auth cipher and aead session support
>    crypto/caam_jr: add stats support
>    crypto/caam_jr: add security offload support
>
>   config/common_base                            |    8 +
>   config/common_linuxapp                        |    1 +
>   config/defconfig_arm64-dpaa-linuxapp-gcc      |    4 +
>   doc/guides/cryptodevs/caam_jr.rst             |  159 ++
>   doc/guides/cryptodevs/index.rst               |    1 +
>   drivers/crypto/Makefile                       |    1 +
>   drivers/crypto/caam_jr/Makefile               |   46 +
>   drivers/crypto/caam_jr/caam_jr.c              | 2485 +++++++++++++++++
>   drivers/crypto/caam_jr/caam_jr.h              |  257 ++
>   drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
>   drivers/crypto/caam_jr/caam_jr_desc.h         |  289 ++
>   drivers/crypto/caam_jr/caam_jr_hw.c           |  365 +++
>   drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
>   drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
>   drivers/crypto/caam_jr/caam_jr_pvt.h          |  288 ++
>   drivers/crypto/caam_jr/caam_jr_uio.c          |  491 ++++
>   drivers/crypto/caam_jr/meson.build            |   14 +
>   .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
>   drivers/crypto/meson.build                    |    2 +-
>   19 files changed, 5166 insertions(+), 1 deletion(-)
>   create mode 100644 doc/guides/cryptodevs/caam_jr.rst
>   create mode 100644 drivers/crypto/caam_jr/Makefile
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
>   create mode 100644 drivers/crypto/caam_jr/meson.build
>   create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
>

I have some generic comments on your patchset:
1. Please add description to the patches. None of them have it.
2. Split of the patches could be better. You can have Hardware specific 
code in one patch and then you can use that in the next patch.
3. SG related stuff can be a separate patch.
4. there are checkpatch issues which can be resolved.
5. I could see extra spaces at many places. Please check.
6. Function definitions are not as per DPDK coding style.

Thanks,
Akhil

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver
  2018-09-18 12:13   ` Akhil Goyal
@ 2018-10-12 13:15     ` Gagandeep Singh
  0 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 13:15 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: Hemant Agrawal

Hi

> -----Original Message-----
> From: Akhil Goyal
> Sent: Tuesday, September 18, 2018 5:44 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: Hemant Agrawal <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver
> 
> Hi Gagan,
> 
> On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> 
> > From: Hemant Agrawal <hemant.agrawal@nxp.com>
> >
> > This patch introduces basic support for caam_jr crypto driver.
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> >   config/common_base                            |   8 +
> >   config/common_linuxapp                        |   1 +
> >   config/defconfig_arm64-dpaa-linuxapp-gcc      |   4 +
> >   drivers/crypto/Makefile                       |   1 +
> >   drivers/crypto/caam_jr/Makefile               |  40 +++++
> >   drivers/crypto/caam_jr/caam_jr.c              | 157 ++++++++++++++++++
> >   drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
> >   drivers/crypto/caam_jr/meson.build            |  11 ++
> >   .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
> >   drivers/crypto/meson.build                    |   2 +-
> >   10 files changed, 269 insertions(+), 1 deletion(-)
> >   create mode 100644 drivers/crypto/caam_jr/Makefile
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr.c
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
> >   create mode 100644 drivers/crypto/caam_jr/meson.build
> >   create mode 100644
> > drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
> >
> > diff --git a/config/common_base b/config/common_base index
> > 4bcbaf923..a73f063d1 100644
> > --- a/config/common_base
> > +++ b/config/common_base
> > @@ -479,6 +479,14 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
> >   CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
> >   CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
> >
> > +#
> > +# Compile NXP CAAM JR crypto Driver
> > +#
> > +CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
> > +CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
> > +CONFIG_RTE_LIBRTE_PMD_CAAM_JR_DEBUG=n
> 
> Do you really need DEBUG?
We are using DEBUG for additional development debugging like descriptor dump, packets dump. But yes this DEBUG can be removed from here and can be used as local flag. In next version, I will remove this config flag from here. 
> 
> > +CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS=2048
> 
> MAX_NB_SESSIONS is no more used in any of the drivers.
> 
> Do you have a limitation in your hardware?
No need of this, will be removed in next set.
> 
> > +
> >   #
> >   # Compile NXP DPAA2 crypto sec driver for CAAM HW
> >   #
> > diff --git a/config/common_linuxapp b/config/common_linuxapp index
> > 9c5ea9d89..c1c7c4287 100644
> > --- a/config/common_linuxapp
> > +++ b/config/common_linuxapp
> > @@ -35,6 +35,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
> >   CONFIG_RTE_LIBRTE_DPAA_PMD=y
> >   CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
> >   CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
> > +CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
> >
> >   # NXP FSLMC BUS and DPAA2 drivers
> >   CONFIG_RTE_LIBRTE_FSLMC_BUS=y
> > diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc
> > b/config/defconfig_arm64-dpaa-linuxapp-gcc
> > index c47aec0a6..e5343f7a9 100644
> > --- a/config/defconfig_arm64-dpaa-linuxapp-gcc
> > +++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
> > @@ -21,3 +21,7 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
> >   # NXP DPAA Bus
> >   CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
> >   CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
> > +
> > +# NXP CAAM_JR driver
> > +CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
> > +CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
> > diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile index
> > c480cbd37..e3711d703 100644
> > --- a/drivers/crypto/Makefile
> > +++ b/drivers/crypto/Makefile
> > @@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
> >   DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
> >   DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
> >   DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
> > +DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
> >   DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
> >   DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
> >   DIRS-$(CONFIG_RTE_LIBRTE_PMD_CRYPTO_SCHEDULER) += scheduler diff
> > --git a/drivers/crypto/caam_jr/Makefile
> > b/drivers/crypto/caam_jr/Makefile new file mode 100644 index
> > 000000000..46d752af7
> > --- /dev/null
> > +++ b/drivers/crypto/caam_jr/Makefile
> > @@ -0,0 +1,40 @@
> > +# SPDX-License-Identifier: BSD-3-Clause # Copyright 2017 NXP
> > +
> > +include $(RTE_SDK)/mk/rte.vars.mk
> > +
> > +#
> > +# library name
> > +#
> > +LIB = librte_pmd_caam_jr.a
> > +
> > +# build flags
> > +CFLAGS += -DALLOW_EXPERIMENTAL_API
> > +CFLAGS += -D _GNU_SOURCE
> > +ifeq ($(CONFIG_RTE_LIBRTE_CAAM_JR_DEBUG),y)
> > +CFLAGS += -O0 -g
> > +CFLAGS += "-Wno-error"
> > +else
> > +CFLAGS += -O3
> > +CFLAGS += $(WERROR_FLAGS)
> > +endif
> > +
> > +CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
> > +CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
> > +CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
> > +
> > +# versioning export map
> > +EXPORT_MAP := rte_pmd_caam_jr_version.map
> > +
> > +# library version
> > +LIBABIVER := 1
> > +
> > +# library source files
> > +SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c # library
> > +dependencies
> > +
> > +LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring LDLIBS +=
> > +-lrte_cryptodev LDLIBS += -lrte_bus_vdev
> > +
> > +include $(RTE_SDK)/mk/rte.lib.mk
> > diff --git a/drivers/crypto/caam_jr/caam_jr.c
> > b/drivers/crypto/caam_jr/caam_jr.c
> > new file mode 100644
> > index 000000000..68779cba5
> > --- /dev/null
> > +++ b/drivers/crypto/caam_jr/caam_jr.c
> > @@ -0,0 +1,157 @@
> > +/* SPDX-License-Identifier: BSD-3-Clause
> > + * Copyright 2017-2018 NXP
> > + */
> > +
> > +#include <fcntl.h>
> > +#include <unistd.h>
> > +#include <sched.h>
> > +#include <net/if.h>
> > +
> > +#include <rte_byteorder.h>
> > +#include <rte_common.h>
> > +#include <rte_cryptodev_pmd.h>
> > +#include <rte_crypto.h>
> > +#include <rte_cryptodev.h>
> > +#include <rte_bus_vdev.h>
> > +#include <rte_malloc.h>
> > +#include <rte_security_driver.h>
> > +#include <rte_hexdump.h>
> > +
> > +#include <caam_jr_log.h>
> > +
> > +#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
> > +static uint8_t cryptodev_driver_id;
> > +int caam_jr_logtype;
> > +
> > +
> > +/*
> > + * @brief Release the resources used by the SEC user space driver.
> > + *
> > + * Reset and release SEC's job rings indicated by the User
> > +Application at
> > + * init_job_ring() and free any memory allocated internally.
> > + * Call once during application tear down.
> > + *
> > + * @note In case there are any descriptors in-flight (descriptors
> > +received by
> > + * SEC driver for processing and for which no response was yet
> > +provided to UA),
> > + * the descriptors are discarded without any notifications to User Application.
> > + *
> > + * @retval ::0			is returned for a successful execution
> > + * @retval ::-1		is returned if SEC driver release is in progress
> > + */
> > +
> > +static int
> > +caam_jr_dev_uninit(struct rte_cryptodev *dev) {
> > +
> > +	if (dev == NULL)
> > +		return -ENODEV;
> > +
> > +
> > +	CAAM_JR_INFO("Closing DPAA_SEC device %s", dev->data->name);
> > +
> > +
> > +	return 0;
> > +}
> 
> remove extra spacing.
ok
>
> > +
> > +static int
> > +caam_jr_dev_init(const char *name,
> > +			 struct rte_vdev_device *vdev,
> > +			 struct rte_cryptodev_pmd_init_params *init_params) {
> > +	struct rte_cryptodev *dev;
> > +
> > +	PMD_INIT_FUNC_TRACE();
> > +
> > +	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
> > +	if (dev == NULL) {
> > +		CAAM_JR_ERR("failed to create cryptodev vdev");
> > +		goto cleanup;
> > +	}
> > +
> > +	dev->driver_id = cryptodev_driver_id;
> > +	dev->dev_ops = NULL;
> > +
> > +	/* For secondary processes, we don't initialise any further as primary
> > +	 * has already done this work. Only check we don't need a different
> > +	 * RX function
> > +	 */
> > +	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
> > +		CAAM_JR_WARN("Device already init by primary process");
> > +		return 0;
> > +	}
> > +
> > +	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
> > +
> > +	return 0;
> > +
> > +cleanup:
> > +	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
> > +			init_params->name);
> > +
> > +	return -ENXIO;
> > +}
> > +
> > +/** Initialise CAAM JR crypto device */ static int
> > +cryptodev_caam_jr_probe(struct rte_vdev_device *vdev) {
> > +	struct rte_cryptodev_pmd_init_params init_params = {
> > +		"",
> > +		128,
> > +		rte_socket_id(),
> > +		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
> > +	};
> > +	const char *name;
> > +	const char *input_args;
> > +
> > +	name = rte_vdev_device_name(vdev);
> > +	if (name == NULL)
> > +		return -EINVAL;
> > +
> > +	input_args = rte_vdev_device_args(vdev);
> > +	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
> > +
> > +	return caam_jr_dev_init(name, vdev, &init_params); }
> > +
> > +/** Uninitialise CAAM JR crypto device */ static int
> > +cryptodev_caam_jr_remove(struct rte_vdev_device *vdev) {
> > +	struct rte_cryptodev *cryptodev;
> > +	const char *name;
> > +
> > +	name = rte_vdev_device_name(vdev);
> > +	if (name == NULL)
> > +		return -EINVAL;
> > +
> > +	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
> > +	if (cryptodev == NULL)
> > +		return -ENODEV;
> > +
> > +	caam_jr_dev_uninit(cryptodev);
> > +
> > +	return rte_cryptodev_pmd_destroy(cryptodev);
> > +}
> > +
> > +static struct rte_vdev_driver cryptodev_caam_jr_drv = {
> > +	.probe = cryptodev_caam_jr_probe,
> > +	.remove = cryptodev_caam_jr_remove
> > +};
> > +
> > +static struct cryptodev_driver caam_jr_crypto_drv;
> > +
> > +RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD,
> > +cryptodev_caam_jr_drv);
> RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
> > +	"max_nb_queue_pairs=<int>"
> > +	"max_nb_sessions=<int>"
> 
> max_nb_sessions may not be needed
ok
> 
> > +	"socket_id=<int>");
> > +RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv,
> cryptodev_caam_jr_drv.driver,
> > +		cryptodev_driver_id);
> > +
> > +RTE_INIT(caam_jr_init_log)
> > +{
> > +	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
> > +	if (caam_jr_logtype >= 0)
> > +		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE); }


^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details
  2018-09-18 12:27   ` Akhil Goyal
@ 2018-10-12 13:29     ` Gagandeep Singh
  0 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 13:29 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: Hemant Agrawal, john.mcnamara

Hi,

> -----Original Message-----
> From: Akhil Goyal
> Sent: Tuesday, September 18, 2018 5:57 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: Hemant Agrawal <hemant.agrawal@nxp.com>; john.mcnamara@intel.com
> Subject: Re: [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details
> 
> ++John
> 
> Hi Gagan,
> 
> Please make this patch as last patch in your patchset for v2.
ok
> 
> On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> > From: Hemant Agrawal <hemant.agrawal@nxp.com>
> >
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> >   doc/guides/cryptodevs/caam_jr.rst | 159
> ++++++++++++++++++++++++++++++
> >   doc/guides/cryptodevs/index.rst   |   1 +
> >   2 files changed, 160 insertions(+)
> >   create mode 100644 doc/guides/cryptodevs/caam_jr.rst
> >
> > diff --git a/doc/guides/cryptodevs/caam_jr.rst
> > b/doc/guides/cryptodevs/caam_jr.rst
> > new file mode 100644
> > index 000000000..0ee501506
> > --- /dev/null
> > +++ b/doc/guides/cryptodevs/caam_jr.rst
> > @@ -0,0 +1,159 @@
> > +..  SPDX-License-Identifier: BSD-3-Clause
> > +    Copyright 2017 NXP
> > +
> > +
> > +NXP CAAM JOB RING (caam_jr)
> > +===========================
> > +
> > +The caam_jr PMD provides poll mode crypto driver support for NXP SEC
> > +4.x+ (CAAM) hardware accelerator. More information is available at:
> > +
> > +`NXP Cryptographic Acceleration Technology
> <https://www.nxp.com/applications/solutions/internet-of-things/secure-
> things/network-security-technology/cryptographic-acceleration-
> technology:NETWORK_SECURITY_CRYPTOG>`_.
> > +
> > +Architecture
> > +------------
> > +
> > +SEC is the SOC's security engine, which serves as NXP's latest
> > +cryptographic acceleration and offloading hardware. It combines
> > +functions previously implemented in separate modules to create a
> > +modular and scalable acceleration and assurance engine. It also
> > +implements block encryption algorithms, stream cipher algorithms,
> > +hashing algorithms, public key algorithms, run-time integrity
> > +checking, and a hardware random number generator. SEC performs
> > +higher-level cryptographic operations than previous NXP cryptographic
> accelerators. This provides significant improvement to system level
> performance.
> > +
> > +SEC HW accelerator above 4.x+ version are also known as CAAM.
> > +
> > +caam_jr PMD is one of DPAA drivers which uses uio interface to
> > +interact with Linux kernel for configure and destroy the device instance (ring).
> > +
> > +
> > +Implementation
> > +--------------
> > +
> > +SEC provides platform assurance by working with SecMon, which is a
> > +companion logic block that tracks the security state of the SOC. SEC
> > +is programmed by means of descriptors (not to be confused with frame
> > +descriptors (FDs)) that indicate the operations to be performed and
> > +link to the message and associated data. SEC incorporates two DMA
> > +engines to fetch the descriptors, read the message data, and write
> > +the results of the operations. The DMA engine provides a
> > +scatter/gather capability so that SEC can read and write data
> > +scattered in memory. SEC may be configured by means of software for
> > +dynamic changes in byte ordering. The default configuration for this version
> of SEC is little-endian mode.
> > +
> > +Note that one physical Job Ring represent one caam_jr device.
> > +
> > +Features
> > +--------
> > +
> > +The CAAM_JR PMD has support for:
> > +
> > +Cipher algorithms:
> > +
> > +* ``RTE_CRYPTO_CIPHER_3DES_CBC``
> > +* ``RTE_CRYPTO_CIPHER_AES128_CBC``
> > +* ``RTE_CRYPTO_CIPHER_AES192_CBC``
> > +* ``RTE_CRYPTO_CIPHER_AES256_CBC``
> > +* ``RTE_CRYPTO_CIPHER_AES128_CTR``
> > +* ``RTE_CRYPTO_CIPHER_AES192_CTR``
> > +* ``RTE_CRYPTO_CIPHER_AES256_CTR``
> > +
> > +Hash algorithms:
> > +
> > +* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
> > +* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
> > +* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
> > +* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
> > +* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
> > +* ``RTE_CRYPTO_AUTH_MD5_HMAC``
> > +
> > +AEAD algorithms:
> > +
> > +* ``RTE_CRYPTO_AEAD_AES_GCM``
> > +
> I do not see the features/caam_jr.ini file in the patch set. Please add the
> supported features in that file as well.
Will be added in next version
> > +Supported DPAA SoCs
> > +--------------------
> > +
> > +* LS1046A/LS1026A
> > +* LS1043A/LS1023A
> > +* LS1028A
> > +* LS1012A
> > +
> > +Limitations
> > +-----------
> > +
> > +* Hash followed by Cipher mode is not supported
> > +* Only supports the session-oriented API implementation (session-less APIs
> are not supported).
> > +
> > +Prerequisites
> > +-------------
> > +
> > +caam_jr driver has following dependencies are not part of DPDK and must be
> installed separately:
> > +
> > +* **NXP Linux SDK**
> > +
> > +  NXP Linux software development kit (SDK) includes support for the
> > + family  of QorIQ® ARM-Architecture-based system on chip (SoC)
> > + processors  and corresponding boards.
> > +
> > +  It includes the Linux board support packages (BSPs) for NXP SoCs,
> > + a fully operational tool chain, kernel and board specific modules.
> > +
> > +  SDK and related information can be obtained from:  `NXP QorIQ SDK
> <http://www.nxp.com/products/software-and-tools/run-time-software/linux-
> sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
> > +
> > +Currently supported by DPDK:
> > +
> > +* NXP SDK **18.09+**.
> > +* Supported architectures:  **arm64 LE**.
> > +
> > +* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup
> the basic DPDK environment.
> > +
> > +Pre-Installation Configuration
> > +------------------------------
> > +
> > +Config File Options
> > +~~~~~~~~~~~~~~~~~~~
> > +
> > +The following options can be modified in the ``config`` file to
> > +enable caam_jr PMD.
> > +
> > +Please note that enabling debugging options may affect system performance.
> > +
> > +* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
> > +  By default it is only enabled in common_armv8a_linuxapp config.
> > +  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
> > +
> > +* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
> > +  By default it is disabled.
> > +  It can be used when the underlying hardware supports the CAAM in BE
> mode.
> > +  e.g. LS1043A, LS1046A supports CAAM in BE mode.
> > +
> > +* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_DEBUG`` (default ``n``)
> > +  By default it is disabled.
> > +  It can be used enabled debug mode.
> > +
> > +* ``CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS``
> > +  By default it is set as 2048 in common_base config.
> > +  It indicates Number of sessions to create in the session memory
> > +pool
> > +  on a single caam_jr device.
> This is not needed now.
Will be removed
> > +
> > +
> > +Installations
> > +-------------
> > +To compile the caam_jr PMD for Linux arm64 gcc target, run the
> > +following ``make`` command:
> > +
> > +.. code-block:: console
> > +
> > +   cd <DPDK-source-directory>
> > +   make config T=arm64-armv8a-linuxapp-gcc install
> I see that you have added caam_jr in defconfig_arm64-dpaa-linuxapp-gcc as
> well.
Yes this driver will also support the DPAA platforms in BE mode. I think the description is missing, I will update it also.
> > +
> > +Enabling logs
> > +-------------
> > +
> > +For enabling logs, use the following EAL parameter:
> > +
> > +.. code-block:: console
> > +
> > +   ./your_crypto_application <EAL args>
> > + --log-level=pmd.crypto.caam,<level>
> > diff --git a/doc/guides/cryptodevs/index.rst
> > b/doc/guides/cryptodevs/index.rst index e9928a4e2..7dddeec8a 100644
> > --- a/doc/guides/cryptodevs/index.rst
> > +++ b/doc/guides/cryptodevs/index.rst
> > @@ -13,6 +13,7 @@ Crypto Device Drivers
> >       aesni_mb
> >       aesni_gcm
> >       armv8
> > +    caam_jr
> >       ccp
> >       dpaa2_sec
> >       dpaa_sec


^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings
  2018-09-18 13:37   ` Akhil Goyal
@ 2018-10-12 13:32     ` Gagandeep Singh
  0 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 13:32 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: Hemant Agrawal

Hi Akhil,

> -----Original Message-----
> From: Akhil Goyal
> Sent: Tuesday, September 18, 2018 7:07 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: Hemant Agrawal <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job
> rings
> 
> Hi Gagan,
> 
> On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> > From: Hemant Agrawal <hemant.agrawal@nxp.com>
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> >   drivers/crypto/caam_jr/Makefile              |   6 +
> >   drivers/crypto/caam_jr/caam_jr.c             | 329 +++++++++++-
> >   drivers/crypto/caam_jr/caam_jr_config.h      | 207 ++++++++
> >   drivers/crypto/caam_jr/caam_jr_hw.c          | 365 ++++++++++++++
> >   drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
> >   drivers/crypto/caam_jr/caam_jr_pvt.h         | 285 +++++++++++
> >   drivers/crypto/caam_jr/caam_jr_uio.c         | 491 ++++++++++++++++++
> >   drivers/crypto/caam_jr/meson.build           |   5 +-
> >   8 files changed, 2188 insertions(+), 3 deletions(-)
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
> >
> > diff --git a/drivers/crypto/caam_jr/Makefile
> > b/drivers/crypto/caam_jr/Makefile index 46d752af7..8b863b4af 100644
> > --- a/drivers/crypto/caam_jr/Makefile
> > +++ b/drivers/crypto/caam_jr/Makefile
> > @@ -19,7 +19,10 @@ CFLAGS += -O3
> >   CFLAGS += $(WERROR_FLAGS)
> >   endif
> >
> > +CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
> >   CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
> > +#sharing the hw flib headers from dpaa2_sec pmd CFLAGS +=
> > +-I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
> >   CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
> >   CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
> >
> > @@ -30,11 +33,14 @@ EXPORT_MAP := rte_pmd_caam_jr_version.map
> >   LIBABIVER := 1
> >
> >   # library source files
> > +SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
> > +SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
> >   SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
> >   # library dependencies
> >
> >   LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
> >   LDLIBS += -lrte_cryptodev
> > +LDLIBS += -lrte_bus_dpaa
> >   LDLIBS += -lrte_bus_vdev
> >
> >   include $(RTE_SDK)/mk/rte.lib.mk
> > diff --git a/drivers/crypto/caam_jr/caam_jr.c
> > b/drivers/crypto/caam_jr/caam_jr.c
> > index 68779cba5..9d5f5b79b 100644
> > --- a/drivers/crypto/caam_jr/caam_jr.c
> > +++ b/drivers/crypto/caam_jr/caam_jr.c
> > @@ -16,13 +16,146 @@
> >   #include <rte_malloc.h>
> >   #include <rte_security_driver.h>
> >   #include <rte_hexdump.h>
> > +#include <caam_jr_config.h>
> Please give one line break between the rte_ includes and driver specific includes
ok
> >
> > +/* RTA header files */
> > +#include <hw/desc/common.h>
> > +#include <of.h>
> > +#include <caam_jr_hw_specific.h>
> > +#include <caam_jr_pvt.h>
> >   #include <caam_jr_log.h>
> >
> >   #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
> >   static uint8_t cryptodev_driver_id;
> >   int caam_jr_logtype;
> >
> > +enum rta_sec_era rta_sec_era;
> > +
> > +/* Lists the states possible for the SEC user space driver. */ enum
> > +sec_driver_state_e {
> > +	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
> > +	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
> > +	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
> > +};
> > +
> > +/* Job rings used for communication with SEC HW */ static struct
> > +sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
> > +
> > +/* The current state of SEC user space driver */ static enum
> > +sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
> > +
> > +/* The number of job rings used by SEC user space driver */ static
> > +int g_job_rings_no; static int g_job_rings_max;
> > +
> > +/* @brief Poll the HW for already processed jobs in the JR
> > + * and silently discard the available jobs or notify them to UA
> > + * with indicated error code.
> > + *
> > + * @param [in,out]  job_ring        The job ring to poll.
> > + * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
> > + *				    descriptors are to be discarded
> > + *                                  or notified to UA with given error_code.
> > + * @param [out] notified_descs    Number of notified descriptors. Can be
> NULL
> > + *					if do_notify is #FALSE
> > + */
> > +static void hw_flush_job_ring(struct sec_job_ring_t *job_ring,
> > +			      uint32_t do_notify,
> > +			      uint32_t *notified_descs)
> static void should be in a separate line.. Please check in rest of the code as well.
I will handled all of them in next version.
> > +{
> > +	int32_t jobs_no_to_discard = 0;
> > +	int32_t discarded_descs_no = 0;
> > +
> > +	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
> > +		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
> > +
> > +	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
> > +
> > +	/* Discard all jobs */
> > +	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
> > +		  job_ring, job_ring->pidx, job_ring->cidx,
> > +		  jobs_no_to_discard);
> > +
> > +	while (jobs_no_to_discard > discarded_descs_no) {
> > +		/* Get completed descriptor */
> > +#if 0
> > +		/*TODO if we want to do something with desc*/
> > +		/* Since the memory is contigous, then P2V translation is a
> > +		 * mere addition to the base descriptor physical address
> > +		 */
> > +		current_desc = job_ring->output_ring[job_ring->cidx].desc;
> > +#endif
> Please remove dead code.
ok
> > +
> > +		discarded_descs_no++;
> > +		/* Now increment the consumer index for the current job ring,
> > +		 * AFTER saving job in temporary location!
> > +		 * Increment the consumer index for the current job ring
> > +		 */
> > +		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
> > +					 SEC_JOB_RING_SIZE);
> > +
> > +		hw_remove_entries(job_ring, 1);
> > +	}
> > +
> > +	if (do_notify == true) {
> > +		ASSERT(notified_descs != NULL);
> > +		*notified_descs = discarded_descs_no;
> > +	}
> > +}
> > +
> > +
> > +/* @brief Flush job rings of any processed descs.
> > + * The processed descs are silently dropped,
> > + * WITHOUT being notified to UA.
> > + */
> > +static void close_job_ring(struct sec_job_ring_t *job_ring) {
> > +	if (job_ring->irq_fd) {
> > +		/* Producer index is frozen. If consumer index is not equal
> > +		 * with producer index, then we have descs to flush.
> > +		 */
> > +		while (job_ring->pidx != job_ring->cidx)
> > +			hw_flush_job_ring(job_ring, false, NULL);
> > +
> > +		/* free the uio job ring */
> > +		free_job_ring(job_ring->irq_fd);
> > +		job_ring->irq_fd = 0;
> > +		caam_jr_dma_free(job_ring->input_ring);
> > +		caam_jr_dma_free(job_ring->output_ring);
> > +
> > +		g_job_rings_no--;
> > +
> > +	}
> > +}
> > +
> > +/** @brief Release the software and hardware resources tied to a job ring.
> > + * @param [in] job_ring The job ring
> > + *
> > + * @retval  0 for success
> > + * @retval  -1 for error
> > + */
> > +static int shutdown_job_ring(struct sec_job_ring_t *job_ring) {
> > +	int ret = 0;
> > +
> > +	ASSERT(job_ring != NULL);
> > +	ret = hw_shutdown_job_ring(job_ring);
> > +	SEC_ASSERT(ret == 0, ret,
> > +		"Failed to shutdown hardware job ring %p",
> > +		job_ring);
> > +
> > +	if (job_ring->coalescing_en)
> > +		hw_job_ring_disable_coalescing(job_ring);
> > +
> > +	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
> > +		ret = caam_jr_disable_irqs(job_ring->irq_fd);
> > +		SEC_ASSERT(ret == 0, ret,
> > +		"Failed to disable irqs for job ring %p",
> > +		job_ring);
> > +	}
> > +
> > +	return ret;
> > +}
> >
> >   /*
> >    * @brief Release the resources used by the SEC user space driver.
> > @@ -42,31 +175,195 @@ int caam_jr_logtype;
> >   static int
> >   caam_jr_dev_uninit(struct rte_cryptodev *dev)
> >   {
> > +	struct sec_job_ring_t *internals;
> >
> >   	if (dev == NULL)
> >   		return -ENODEV;
> >
> > +	internals = dev->data->dev_private;
> > +	rte_free(dev->security_ctx);
> > +
> > +
> > +	/* If any descriptors in flight , poll and wait
> > +	 * until all descriptors are received and silently discarded.
> > +	 */
> > +	if (internals) {
> > +		shutdown_job_ring(internals);
> > +		close_job_ring(internals);
> > +		rte_mempool_free(internals->ctx_pool);
> > +	}
> >
> >   	CAAM_JR_INFO("Closing DPAA_SEC device %s", dev->data->name);
> DPAA_SEC??? check rest of the code as well
Message will be updated in next version.
> >
> > +	/* last caam jr instance) */
> > +	if (g_job_rings_no == 0)
> > +		g_driver_state = SEC_DRIVER_STATE_IDLE;
> >
> > -	return 0;
> > +	return SEC_SUCCESS;
> >   }
> >
> > +/* @brief Initialize the software and hardware resources tied to a job ring.
> .. [snip]
> > diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h
> > b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
> > new file mode 100644
> > index 000000000..7c8909d2b
> > --- /dev/null
> > +++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
> > @@ -0,0 +1,503 @@
> > +/* SPDX-License-Identifier: BSD-3-Clause
> > + * Copyright 2017 NXP
> > + */
> > +
> > +#ifndef CAAM_JR_HW_SPECIFIC_H
> > +#define CAAM_JR_HW_SPECIFIC_H
> > +
> > +#include <caam_jr_config.h>
> > +
> > +/*
> > + * Offset to the registers of a job ring.
> > + * Is different for each job ring.
> > + */
> > +#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
> > +
> > +#ifndef unlikely
> > +#define unlikely(x)     __builtin_expect(!!(x), 0)
> > +#endif
> likely/unlikely are already defined in DPDK
Ok, will be removed.
> > +
> .. [snip]
> > +
> > +static inline rte_iova_t
> > +caam_jr_mem_vtop(void *vaddr)
> > +{
> > +	const struct rte_memseg *ms;
> > +
> > +	ms = rte_mem_virt2memseg(vaddr, NULL);
> > +	if (ms)
> > +		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
> > +	return (size_t)NULL;
> > +}
> > +
> > +static inline void *
> > +caam_jr_dma_ptov(rte_iova_t paddr)
> > +{
> > +	return rte_mem_iova2virt(paddr);
> > +}
> > +
> > +/* Virtual to physical address conversion */ static inline rte_iova_t
> > +caam_jr_dma_vtop(void *ptr) {
> > +	//return rte_malloc_virt2iova(ptr);
> remove this comment.
ok
> > +	return caam_jr_mem_vtop(ptr);
> > +}
> > +
> >


^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines
  2018-09-18 13:59   ` Akhil Goyal
@ 2018-10-12 13:38     ` Gagandeep Singh
  0 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 13:38 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: Hemant Agrawal



> -----Original Message-----
> From: Akhil Goyal
> Sent: Tuesday, September 18, 2018 7:30 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: Hemant Agrawal <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration
> routines
> 
> Hi Gagan,
> 
> On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> > From: Hemant Agrawal <hemant.agrawal@nxp.com>
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> >   drivers/crypto/caam_jr/caam_jr.c | 100 +++++++++++-
> >   drivers/crypto/caam_jr/caam_jr.h | 257
> +++++++++++++++++++++++++++++++
> >   2 files changed, 356 insertions(+), 1 deletion(-)
> >   create mode 100644 drivers/crypto/caam_jr/caam_jr.h
> >
> > diff --git a/drivers/crypto/caam_jr/caam_jr.c
> > b/drivers/crypto/caam_jr/caam_jr.c
> > index 9d5f5b79b..43fe5233b 100644
> > --- a/drivers/crypto/caam_jr/caam_jr.c
> > +++ b/drivers/crypto/caam_jr/caam_jr.c
> > @@ -22,6 +22,7 @@
> >   #include <hw/desc/common.h>
> >   #include <of.h>
> >   #include <caam_jr_hw_specific.h>
> > +#include <caam_jr.h>
> >   #include <caam_jr_pvt.h>
> >   #include <caam_jr_log.h>
> >
> > @@ -104,6 +105,90 @@ static void hw_flush_job_ring(struct sec_job_ring_t
> *job_ring,
> >   }
> >
> >
> > +static int
> > +caam_jr_dev_configure(struct rte_cryptodev *dev,
> > +		       struct rte_cryptodev_config *config __rte_unused) {
> > +	char str[20];
> > +	struct sec_job_ring_t *internals;
> > +
> > +	PMD_INIT_FUNC_TRACE();
> > +
> > +	internals = dev->data->dev_private;
> > +	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
> > +	if (!internals->ctx_pool) {
> > +		internals->ctx_pool = rte_mempool_create((const char *)str,
> > +						CTX_POOL_NUM_BUFS,
> > +						sizeof(struct caam_jr_op_ctx),
> > +						CTX_POOL_CACHE_SIZE, 0,
> > +						NULL, NULL, NULL, NULL,
> > +						SOCKET_ID_ANY, 0);
> > +		if (!internals->ctx_pool) {
> > +			CAAM_JR_ERR("%s create failed\n", str);
> > +			return -ENOMEM;
> > +		}
> > +	} else
> > +		CAAM_JR_INFO("mempool already created for dev_id : %d",
> > +				dev->data->dev_id);
> > +
> > +	return 0;
> > +}
> > +
> > +static int
> > +caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused) {
> > +	PMD_INIT_FUNC_TRACE();
> > +	return 0;
> > +}
> > +
> > +static void
> > +caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused) {
> > +	PMD_INIT_FUNC_TRACE();
> > +}
> > +
> > +static int
> > +caam_jr_dev_close(struct rte_cryptodev *dev) {
> > +	struct sec_job_ring_t *internals;
> > +
> > +	PMD_INIT_FUNC_TRACE();
> > +
> > +	if (dev == NULL)
> > +		return -ENOMEM;
> > +
> > +	internals = dev->data->dev_private;
> > +	rte_mempool_free(internals->ctx_pool);
> > +	internals->ctx_pool = NULL;
> > +
> > +	return 0;
> > +}
> > +
> > +static void
> > +caam_jr_dev_infos_get(struct rte_cryptodev *dev,
> > +		       struct rte_cryptodev_info *info) {
> > +	struct sec_job_ring_t *internals = dev->data->dev_private;
> > +
> > +	PMD_INIT_FUNC_TRACE();
> > +	if (info != NULL) {
> > +		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
> > +		info->feature_flags = dev->feature_flags;
> > +		info->capabilities = caam_jr_capabilities;
> > +		info->sym.max_nb_sessions = internals->max_nb_sessions;
> > +		info->driver_id = cryptodev_driver_id;
> > +	}
> > +}
> > +
> > +static struct rte_cryptodev_ops caam_jr_ops = {
> > +	.dev_configure	      = caam_jr_dev_configure,
> > +	.dev_start	      = caam_jr_dev_start,
> > +	.dev_stop	      = caam_jr_dev_stop,
> > +	.dev_close	      = caam_jr_dev_close,
> > +	.dev_infos_get        = caam_jr_dev_infos_get,
> > +};
> > +
> > +
> >   /* @brief Flush job rings of any processed descs.
> >    * The processed descs are silently dropped,
> >    * WITHOUT being notified to UA.
> > @@ -366,7 +451,20 @@ caam_jr_dev_init(const char *name,
> >   	}
> >
> >   	dev->driver_id = cryptodev_driver_id;
> > -	dev->dev_ops = NULL;
> > +	dev->dev_ops = &caam_jr_ops;
> > +
> > +	/* register rx/tx burst functions for data path */
> > +	dev->dequeue_burst = NULL;
> > +	dev->enqueue_burst = NULL;
> > +	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
> > +			RTE_CRYPTODEV_FF_HW_ACCELERATED |
> > +			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
> > +			RTE_CRYPTODEV_FF_SECURITY |
> > +			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
> > +			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
> > +			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
> > +			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
> > +			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
> >
> >   	/* For secondary processes, we don't initialise any further as primary
> >   	 * has already done this work. Only check we don't need a different
> > diff --git a/drivers/crypto/caam_jr/caam_jr.h
> > b/drivers/crypto/caam_jr/caam_jr.h
> > new file mode 100644
> > index 000000000..d7c36ca9d
> > --- /dev/null
> > +++ b/drivers/crypto/caam_jr/caam_jr.h
> > @@ -0,0 +1,257 @@
> > +/* SPDX-License-Identifier: BSD-3-Clause
> > + * Copyright 2017-2018 NXP
> > + */
> > +
> > +#ifndef CAAM_JR_H
> > +#define CAAM_JR_H
> > +
> > +static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
> > +	{	/* MD5 HMAC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> > +			{.auth = {
> > +				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
> > +				.block_size = 64,
> > +				.key_size = {
> > +					.min = 1,
> > +					.max = 64,
> > +					.increment = 1
> > +				},
> > +				.digest_size = {
> > +					.min = 1,
> > +					.max = 16,
> > +					.increment = 1
> > +				},
> > +				.iv_size = { 0 }
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* SHA1 HMAC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> > +			{.auth = {
> > +				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
> > +				.block_size = 64,
> > +				.key_size = {
> > +					.min = 1,
> > +					.max = 64,
> > +					.increment = 1
> > +				},
> > +				.digest_size = {
> > +					.min = 1,
> > +					.max = 20,
> > +					.increment = 1
> > +				},
> > +				.iv_size = { 0 }
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* SHA224 HMAC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> > +			{.auth = {
> > +				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
> > +				.block_size = 64,
> > +				.key_size = {
> > +					.min = 1,
> > +					.max = 64,
> > +					.increment = 1
> > +				},
> > +				.digest_size = {
> > +					.min = 1,
> > +					.max = 28,
> > +					.increment = 1
> > +				},
> > +				.iv_size = { 0 }
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* SHA256 HMAC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> > +			{.auth = {
> > +				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
> > +				.block_size = 64,
> > +				.key_size = {
> > +					.min = 1,
> > +					.max = 64,
> > +					.increment = 1
> > +				},
> > +				.digest_size = {
> > +					.min = 1,
> > +					.max = 32,
> > +					.increment = 1
> > +				},
> > +				.iv_size = { 0 }
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* SHA384 HMAC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> > +			{.auth = {
> > +				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
> > +				.block_size = 128,
> > +				.key_size = {
> > +					.min = 1,
> > +					.max = 128,
> > +					.increment = 1
> > +				},
> > +				.digest_size = {
> > +					.min = 1,
> > +					.max = 48,
> > +					.increment = 1
> > +				},
> > +				.iv_size = { 0 }
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* SHA512 HMAC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
> > +			{.auth = {
> > +				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
> > +				.block_size = 128,
> > +				.key_size = {
> > +					.min = 1,
> > +					.max = 128,
> > +					.increment = 1
> > +				},
> > +				.digest_size = {
> > +					.min = 1,
> > +					.max = 64,
> > +					.increment = 1
> > +				},
> > +				.iv_size = { 0 }
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* AES GCM */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
> > +			{.aead = {
> > +				.algo = RTE_CRYPTO_AEAD_AES_GCM,
> > +				.block_size = 16,
> > +				.key_size = {
> > +					.min = 16,
> > +					.max = 32,
> > +					.increment = 8
> > +				},
> > +				.digest_size = {
> > +					.min = 8,
> > +					.max = 16,
> > +					.increment = 4
> > +				},
> > +				.aad_size = {
> > +					.min = 0,
> > +					.max = 240,
> > +					.increment = 1
> > +				},
> > +				.iv_size = {
> > +					.min = 12,
> > +					.max = 12,
> > +					.increment = 0
> > +				},
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* AES CBC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> > +			{.cipher = {
> > +				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
> > +				.block_size = 16,
> > +				.key_size = {
> > +					.min = 16,
> > +					.max = 32,
> > +					.increment = 8
> > +				},
> > +				.iv_size = {
> > +					.min = 16,
> > +					.max = 16,
> > +					.increment = 0
> > +				}
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* AES CTR */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> > +			{.cipher = {
> > +				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
> > +				.block_size = 16,
> > +				.key_size = {
> > +					.min = 16,
> > +					.max = 32,
> > +					.increment = 8
> > +				},
> > +				.iv_size = {
> > +					.min = 16,
> > +					.max = 16,
> > +					.increment = 0
> > +				}
> > +			}, }
> > +		}, }
> > +	},
> > +	{	/* 3DES CBC */
> > +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > +		{.sym = {
> > +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> > +			{.cipher = {
> > +				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> > +				.block_size = 8,
> > +				.key_size = {
> > +					.min = 16,
> > +					.max = 24,
> > +					.increment = 8
> > +				},
> > +				.iv_size = {
> > +					.min = 8,
> > +					.max = 8,
> > +					.increment = 0
> > +				}
> > +			}, }
> > +		}, }
> > +	},
> > +
> > +	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
> > +};
> capabilities shall be added in your 08/10.
> > +
> > +static const struct rte_security_capability caam_jr_security_cap[] = {
> > +	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
> > +		.action =
> RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> > +		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
> > +		.ipsec = {
> > +			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
> > +			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
> > +			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
> > +			.options = { 0 }
> > +		},
> > +		.crypto_capabilities = caam_jr_capabilities
> > +	},
> > +	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
> > +		.action =
> RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> > +		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
> > +		.ipsec = {
> > +			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
> > +			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
> > +			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
> > +			.options = { 0 }
> > +		},
> > +		.crypto_capabilities = caam_jr_capabilities
> > +	},
> > +	{
> > +		.action = RTE_SECURITY_ACTION_TYPE_NONE
> > +	}
> > +};
> > +
> security capabilities shall be added in your 10/10 patch.
Ok, I shall add all the capabilities in a separate .c file and separate functions will be created to return these capabilities. And in this .h file only prototypes of functions will remain that can be used to return the device info details.


^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions
  2018-09-18 14:04   ` Akhil Goyal
@ 2018-10-12 13:39     ` Gagandeep Singh
  0 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 13:39 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: Hemant Agrawal

Hi,

> -----Original Message-----
> From: Akhil Goyal
> Sent: Tuesday, September 18, 2018 7:35 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: Hemant Agrawal <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config
> functions
> 
> Hi Gagan,
> 
> On 9/13/2018 11:38 AM, Gagandeep Singh wrote:
> > From: Hemant Agrawal <hemant.agrawal@nxp.com>
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> >   drivers/crypto/caam_jr/caam_jr.c | 64
> ++++++++++++++++++++++++++++++++
> >   1 file changed, 64 insertions(+)
> >
> > diff --git a/drivers/crypto/caam_jr/caam_jr.c
> > b/drivers/crypto/caam_jr/caam_jr.c
> > index 43fe5233b..f05e966b0 100644
> > --- a/drivers/crypto/caam_jr/caam_jr.c
> > +++ b/drivers/crypto/caam_jr/caam_jr.c
> > @@ -104,6 +104,67 @@ static void hw_flush_job_ring(struct sec_job_ring_t
> *job_ring,
> >   	}
> >   }
> >
> > +/* Release queue pair */
> > +static int
> > +caam_jr_queue_pair_release(struct rte_cryptodev *dev,
> > +			    uint16_t qp_id)
> > +{
> > +	struct sec_job_ring_t *internals;
> > +	struct caam_jr_qp *qp = NULL;
> > +
> > +	PMD_INIT_FUNC_TRACE();
> > +
> > +	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
> > +
> > +	internals = dev->data->dev_private;
> > +	if (qp_id >= internals->max_nb_queue_pairs) {
> > +		CAAM_JR_ERR("Max supported qpid %d",
> > +			     internals->max_nb_queue_pairs);
> > +		return -EINVAL;
> > +	}
> > +
> > +	qp = &internals->qps[qp_id];
> > +	qp->ring = NULL;
> > +	dev->data->queue_pairs[qp_id] = NULL;
> > +
> > +	return 0;
> > +}
> > +
> > +/* Setup a queue pair */
> > +static int
> > +caam_jr_queue_pair_setup(
> > +		struct rte_cryptodev *dev, uint16_t qp_id,
> > +		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
> > +		__rte_unused int socket_id,
> > +		__rte_unused struct rte_mempool *session_pool) {
> > +	struct sec_job_ring_t *internals;
> > +	struct caam_jr_qp *qp = NULL;
> > +
> 
> PMD_INIT_FUNC_TRACE(); missing here and please check other ops as well
ok
> 
> > +	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id,
> qp_conf);
> > +
> > +	internals = dev->data->dev_private;
> > +	if (qp_id >= internals->max_nb_queue_pairs) {
> > +		CAAM_JR_ERR("Max supported qpid %d",
> > +			     internals->max_nb_queue_pairs);
> > +		return -EINVAL;
> > +	}
> > +
> > +	qp = &internals->qps[qp_id];
> > +	qp->ring = internals;
> > +	dev->data->queue_pairs[qp_id] = qp;
> > +
> > +	return 0;
> > +}
> > +
> > +/* Return the number of allocated queue pairs */ static uint32_t
> > +caam_jr_queue_pair_count(struct rte_cryptodev *dev) {
> > +	PMD_INIT_FUNC_TRACE();
> > +
> > +	return dev->data->nb_queue_pairs;
> > +}
> >
> >   static int
> >   caam_jr_dev_configure(struct rte_cryptodev *dev, @@ -186,6 +247,9 @@
> > static struct rte_cryptodev_ops caam_jr_ops = {
> >   	.dev_stop	      = caam_jr_dev_stop,
> >   	.dev_close	      = caam_jr_dev_close,
> >   	.dev_infos_get        = caam_jr_dev_infos_get,
> > +	.queue_pair_setup     = caam_jr_queue_pair_setup,
> > +	.queue_pair_release   = caam_jr_queue_pair_release,
> > +	.queue_pair_count     = caam_jr_queue_pair_count,
> >   };
> >
> >


^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 00/14] Introducing the NXP CAAM job ring driver
  2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
                   ` (10 preceding siblings ...)
  2018-09-18 14:21 ` [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Akhil Goyal
@ 2018-10-12 14:40 ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 01/14] crypto/caam_jr: introduce basic driver Gagandeep Singh
                     ` (16 more replies)
  11 siblings, 17 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh

v1->v2 change-log:
* Most of the checkpatch warnings and erros are removed
* CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS and
  CONFIG_RTE_PMD_CAAM_JR_DEBUG flags removed
* local unlikely macro removed
* extra spaces removed and functions format fixed
* indentation fixed
* documentation is updated
* dead code removed
* device capabilities added in separate file and 
  functions added to access them.
* missing PMD_INIT_FUNC_TRACE() added to the respective
  functions
* description added to the all patches
* some patches splited (sg support, uio, capabilities, hw)

v1:
The caam_jr PMD provides poll mode crypto driver
support for NXP SEC 4.x+ (CAAM) hardware accelerator.

Gagandeep Singh (10):
  crypto/caam_jr: introduce basic driver
  crypto/caam_jr: add HW tuning options
  crypto/caam_jr: add routines to configure HW
  crypto/caam_jr: add UIO specific operations
  crypto/caam_jr: add basic job ring routines
  crypto/caam_jr: add device basic ops
  crypto/caam_jr: add device cababilities
  crypto/caam_jr: add session configuration methods
  crypto/caam_jr: add enqueue dequeue operations
  crypto/caam_jr: add scatter gather

Hemant Agrawal (4):
  crypto/caam_jr: add queue pair config ops
  crypto/caam_jr: add statistics ops
  crypto/caam_jr: add security offload
  doc: add caam jr cryptodev details

 MAINTAINERS                                   |    7 +
 config/common_base                            |    6 +
 config/common_linuxapp                        |    1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |    3 +
 doc/guides/cryptodevs/caam_jr.rst             |  150 +
 doc/guides/cryptodevs/features/caam_jr.ini    |   46 +
 doc/guides/cryptodevs/index.rst               |    1 +
 doc/guides/rel_notes/release_18_11.rst        |    5 +
 drivers/crypto/Makefile                       |    1 +
 drivers/crypto/caam_jr/Makefile               |   44 +
 drivers/crypto/caam_jr/caam_jr.c              | 2508 +++++++++++++++++
 drivers/crypto/caam_jr/caam_jr.h              |   18 +
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  266 ++
 drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
 drivers/crypto/caam_jr/caam_jr_desc.h         |  285 ++
 drivers/crypto/caam_jr/caam_jr_hw.c           |  367 +++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
 drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  291 ++
 drivers/crypto/caam_jr/caam_jr_uio.c          |  501 ++++
 drivers/crypto/caam_jr/meson.build            |   17 +
 .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
 drivers/crypto/meson.build                    |    5 +-
 23 files changed, 5276 insertions(+), 2 deletions(-)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 01/14] crypto/caam_jr: introduce basic driver
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options Gagandeep Singh
                     ` (15 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

The caam_jr poll mode crypto driver is supported for
NXP SEC 4.x+ (CAAM) hardware accelerator.
This driver is by default supported on LE platforms,
if it is used on BE platforms like LS104X,
config option CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE can be
enabled.

This patch add skeleton for caam jobring driver
with probe and uintialisation functions

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 config/common_base                            |   6 +
 config/common_linuxapp                        |   1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |   3 +
 drivers/crypto/Makefile                       |   1 +
 drivers/crypto/caam_jr/Makefile               |  37 +++++
 drivers/crypto/caam_jr/caam_jr.c              | 151 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
 drivers/crypto/caam_jr/meson.build            |  11 ++
 .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
 drivers/crypto/meson.build                    |   5 +-
 10 files changed, 259 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

diff --git a/config/common_base b/config/common_base
index 5519d71e9..9dac7e06c 100644
--- a/config/common_base
+++ b/config/common_base
@@ -490,6 +490,12 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
 
+#
+# Compile NXP CAAM JR crypto Driver
+#
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
+
 #
 # Compile NXP DPAA2 crypto sec driver for CAAM HW
 #
diff --git a/config/common_linuxapp b/config/common_linuxapp
index 485e1467d..d76b7963e 100644
--- a/config/common_linuxapp
+++ b/config/common_linuxapp
@@ -35,6 +35,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
 CONFIG_RTE_LIBRTE_DPAA_PMD=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
 
 # NXP FSLMC BUS and DPAA2 drivers
 CONFIG_RTE_LIBRTE_FSLMC_BUS=y
diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc b/config/defconfig_arm64-dpaa-linuxapp-gcc
index c47aec0a6..544b6770d 100644
--- a/config/defconfig_arm64-dpaa-linuxapp-gcc
+++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
@@ -21,3 +21,6 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
 # NXP DPAA Bus
 CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
 CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
+
+# NXP CAAM_JR driver
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index c083e64ff..c25a19fb0 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO) += octeontx
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
new file mode 100644
index 000000000..b1f3ecee7
--- /dev/null
+++ b/drivers/crypto/caam_jr/Makefile
@@ -0,0 +1,37 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2017 NXP
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+#
+# library name
+#
+LIB = librte_pmd_caam_jr.a
+
+# build flags
+CFLAGS += -DALLOW_EXPERIMENTAL_API
+
+CFLAGS += -D _GNU_SOURCE
+
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
+
+# versioning export map
+EXPORT_MAP := rte_pmd_caam_jr_version.map
+
+# library version
+LIBABIVER := 1
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+# library dependencies
+
+LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
+LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_vdev
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
new file mode 100644
index 000000000..27331194a
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -0,0 +1,151 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <sched.h>
+#include <net/if.h>
+
+#include <rte_byteorder.h>
+#include <rte_common.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_crypto.h>
+#include <rte_cryptodev.h>
+#include <rte_bus_vdev.h>
+#include <rte_malloc.h>
+#include <rte_security_driver.h>
+#include <rte_hexdump.h>
+
+#include <caam_jr_log.h>
+
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
+static uint8_t cryptodev_driver_id;
+int caam_jr_logtype;
+
+/*
+ * @brief Release the resources used by the SEC user space driver.
+ *
+ * Reset and release SEC's job rings indicated by the User Application at
+ * init_job_ring() and free any memory allocated internally.
+ * Call once during application tear down.
+ *
+ * @note In case there are any descriptors in-flight (descriptors received by
+ * SEC driver for processing and for which no response was yet provided to UA),
+ * the descriptors are discarded without any notifications to User Application.
+ *
+ * @retval ::0			is returned for a successful execution
+ * @retval ::-1		is returned if SEC driver release is in progress
+ */
+static int
+caam_jr_dev_uninit(struct rte_cryptodev *dev)
+{
+	if (dev == NULL)
+		return -ENODEV;
+
+	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_init(const char *name,
+		 struct rte_vdev_device *vdev,
+		 struct rte_cryptodev_pmd_init_params *init_params)
+{
+	struct rte_cryptodev *dev;
+
+	PMD_INIT_FUNC_TRACE();
+
+	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
+	if (dev == NULL) {
+		CAAM_JR_ERR("failed to create cryptodev vdev");
+		goto cleanup;
+	}
+
+	dev->driver_id = cryptodev_driver_id;
+	dev->dev_ops = NULL;
+
+	/* For secondary processes, we don't initialise any further as primary
+	 * has already done this work. Only check we don't need a different
+	 * RX function
+	 */
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		CAAM_JR_WARN("Device already init by primary process");
+		return 0;
+	}
+
+	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
+
+	return 0;
+
+cleanup:
+	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
+			init_params->name);
+
+	return -ENXIO;
+}
+
+/** Initialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev_pmd_init_params init_params = {
+		"",
+		128,
+		rte_socket_id(),
+		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
+	};
+	const char *name;
+	const char *input_args;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	input_args = rte_vdev_device_args(vdev);
+	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
+
+	return caam_jr_dev_init(name, vdev, &init_params);
+}
+
+/** Uninitialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_remove(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev *cryptodev;
+	const char *name;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
+	if (cryptodev == NULL)
+		return -ENODEV;
+
+	caam_jr_dev_uninit(cryptodev);
+
+	return rte_cryptodev_pmd_destroy(cryptodev);
+}
+
+static struct rte_vdev_driver cryptodev_caam_jr_drv = {
+	.probe = cryptodev_caam_jr_probe,
+	.remove = cryptodev_caam_jr_remove
+};
+
+static struct cryptodev_driver caam_jr_crypto_drv;
+
+RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD, cryptodev_caam_jr_drv);
+RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
+	"max_nb_queue_pairs=<int>"
+	"socket_id=<int>");
+RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver,
+		cryptodev_driver_id);
+
+RTE_INIT(caam_jr_init_log)
+{
+	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
+	if (caam_jr_logtype >= 0)
+		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE);
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_log.h b/drivers/crypto/caam_jr/caam_jr_log.h
new file mode 100644
index 000000000..106ff07a7
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_log.h
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef _CAAM_JR_LOG_H_
+#define _CAAM_JR_LOG_H_
+
+#include <rte_log.h>
+
+extern int caam_jr_logtype;
+
+#define CAAM_JR_LOG(level, fmt, args...) \
+	rte_log(RTE_LOG_ ## level, caam_jr_logtype, "caam_jr: " \
+		fmt "\n", ##args)
+
+#define CAAM_JR_DEBUG(fmt, args...) \
+	rte_log(RTE_LOG_DEBUG, caam_jr_logtype, "caam_jr: %s(): " \
+		fmt "\n", __func__, ##args)
+
+#define PMD_INIT_FUNC_TRACE() CAAM_JR_DEBUG(" >>")
+
+#define CAAM_JR_INFO(fmt, args...) \
+	CAAM_JR_LOG(INFO, fmt, ## args)
+#define CAAM_JR_ERR(fmt, args...) \
+	CAAM_JR_LOG(ERR, fmt, ## args)
+#define CAAM_JR_WARN(fmt, args...) \
+	CAAM_JR_LOG(WARNING, fmt, ## args)
+
+/* DP Logs, toggled out at compile time if level lower than current level */
+#define CAAM_JR_DP_LOG(level, fmt, args...) \
+	RTE_LOG_DP(level, PMD, fmt "\n", ## args)
+
+#define CAAM_JR_DP_DEBUG(fmt, args...) \
+	CAAM_JR_DP_LOG(DEBUG, fmt, ## args)
+#define CAAM_JR_DP_INFO(fmt, args...) \
+	CAAM_JR_DP_LOG(INFO, fmt, ## args)
+#define CAAM_JR_DP_WARN(fmt, args...) \
+	CAAM_JR_DP_LOG(WARNING, fmt, ## args)
+#define CAAM_JR_DP_ERR(fmt, args...) \
+	CAAM_JR_DP_LOG(ERR, fmt, ## args)
+
+#endif /* _CAAM_JR_LOG_H_ */
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
new file mode 100644
index 000000000..3edd0a212
--- /dev/null
+++ b/drivers/crypto/caam_jr/meson.build
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2018 NXP
+
+if host_machine.system() != 'linux'
+        build = false
+endif
+
+deps += ['bus_vdev', 'bus_dpaa', 'security']
+sources = files('caam_jr.c')
+
+allow_experimental_apis = true
diff --git a/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
new file mode 100644
index 000000000..521e51f41
--- /dev/null
+++ b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
@@ -0,0 +1,4 @@
+DPDK_18.11 {
+
+	local: *;
+};
diff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build
index e9c491af6..bf1bd9286 100644
--- a/drivers/crypto/meson.build
+++ b/drivers/crypto/meson.build
@@ -1,8 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause
 # Copyright(c) 2017 Intel Corporation
 
-drivers = ['aesni_gcm', 'aesni_mb', 'ccp', 'dpaa_sec', 'dpaa2_sec', 'kasumi', 'mvsam',
-	'null', 'octeontx', 'openssl', 'qat', 'scheduler', 'virtio', 'zuc']
+drivers = ['aesni_gcm', 'aesni_mb', 'caam_jr', 'ccp', 'dpaa_sec', 'dpaa2_sec',
+	'kasumi', 'mvsam', 'null', 'octeontx', 'openssl', 'qat', 'scheduler',
+	'virtio', 'zuc']
 
 std_deps = ['cryptodev'] # cryptodev pulls in all other needed deps
 config_flag_fmt = 'RTE_LIBRTE_@0@_PMD'
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 01/14] crypto/caam_jr: introduce basic driver Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-19  9:11     ` Thomas Monjalon
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 03/14] crypto/caam_jr: add routines to configure HW Gagandeep Singh
                     ` (14 subsequent siblings)
  16 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr hardware can be tuned for multiple settings
like ring depth, coalescing, notification types, cache
size etc.

These parameter can be used for performance tuning
for various platforms.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr_config.h | 207 ++++++++++++++++++++++++
 1 file changed, 207 insertions(+)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h

diff --git a/drivers/crypto/caam_jr/caam_jr_config.h b/drivers/crypto/caam_jr/caam_jr_config.h
new file mode 100644
index 000000000..e7855cee6
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_config.h
@@ -0,0 +1,207 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CONFIG_H
+#define CAAM_JR_CONFIG_H
+
+#include <rte_byteorder.h>
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+#define CAAM_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CAAM_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+#define CORE_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CORE_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+typedef uint64_t	dma_addr_t;
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+
+#define cpu_to_caam64 rte_cpu_to_be_64
+#define cpu_to_caam32 rte_cpu_to_be_32
+#else
+#define cpu_to_caam64
+#define cpu_to_caam32
+
+#endif
+
+/*
+ * SEC is configured to start work in polling mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_POLLING_MODE     0
+/*
+ * SEC is configured to start work in interrupt mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_INTERRUPT_MODE   1
+
+/*
+ * SEC driver will use NAPI model to receive notifications
+ * for processed packets from SEC engine hardware:
+ * - IRQ for low traffic
+ * - polling for high traffic.
+ */
+#define SEC_NOTIFICATION_TYPE_NAPI  0
+/*
+ * SEC driver will use ONLY interrupts to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_IRQ   1
+/*
+ * SEC driver will use ONLY polling to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_POLL  2
+
+/*
+ * SEC USER SPACE DRIVER related configuration.
+ */
+
+/*
+ * Determines how SEC user space driver will receive notifications
+ * for processed packets from SEC engine.
+ * Valid values are: #SEC_NOTIFICATION_TYPE_POLL, #SEC_NOTIFICATION_TYPE_IRQ
+ * and #SEC_NOTIFICATION_TYPE_NAPI.
+ */
+#define SEC_NOTIFICATION_TYPE   SEC_NOTIFICATION_TYPE_POLL
+
+/* Maximum number of job rings supported by SEC hardware */
+#define MAX_SEC_JOB_RINGS         4
+
+/* Maximum number of QP per job ring */
+#define RTE_CAAM_MAX_NB_SEC_QPS    1
+
+/*
+ * Size of cryptographic context that is used directly in communicating
+ * with SEC device. SEC device works only with physical addresses. This
+ * is the maximum size for a SEC descriptor ( = 64 words).
+ */
+#define SEC_CRYPTO_DESCRIPTOR_SIZE  256
+
+/*
+ * Size of job descriptor submitted to SEC device for each packet to
+ * be processed.
+ * Job descriptor contains 3 DMA address pointers:
+ *	- to shared descriptor, to input buffer and to output buffer.
+ * The job descriptor contains other SEC specific commands as well:
+ *	- HEADER command, SEQ IN PTR command SEQ OUT PTR command and opaque data
+ *      each measuring 4 bytes.
+ * Job descriptor size, depending on physical address representation:
+ *	- 32 bit - size is 28 bytes - cacheline-aligned size is 64 bytes
+ *	- 36 bit - size is 40 bytes - cacheline-aligned size is 64 bytes
+ * @note: Job descriptor must be cacheline-aligned to ensure efficient
+ *	memory access.
+ * @note: If other format is used for job descriptor, then the size must be
+ *	revised.
+ */
+#define SEC_JOB_DESCRIPTOR_SIZE     64
+
+/*
+ * Size of one entry in the input ring of a job ring.
+ * Input ring contains pointers to job descriptors.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ */
+#define SEC_JOB_INPUT_RING_ENTRY_SIZE  sizeof(dma_addr_t)
+
+/*
+ * Size of one entry in the output ring of a job ring.
+ * Output ring entry is a pointer to a job descriptor followed by a 4 byte
+ * status word.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ * @note If desired to use also the optional SEQ OUT indication in output ring
+ * entries,
+ * then 4 more bytes must be added to the size.
+ */
+#define SEC_JOB_OUTPUT_RING_ENTRY_SIZE  (SEC_JOB_INPUT_RING_ENTRY_SIZE + 4)
+
+/*
+ * DMA memory required for an input ring of a job ring.
+ */
+#define SEC_DMA_MEM_INPUT_RING_SIZE     ((SEC_JOB_INPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/*
+ * DMA memory required for an output ring of a job ring.
+ *  Required extra 4 byte for status word per each entry.
+ */
+#define SEC_DMA_MEM_OUTPUT_RING_SIZE    ((SEC_JOB_OUTPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/* DMA memory required for a job ring, including both input and output rings. */
+#define SEC_DMA_MEM_JOB_RING_SIZE       ((SEC_DMA_MEM_INPUT_RING_SIZE) + \
+					(SEC_DMA_MEM_OUTPUT_RING_SIZE))
+
+/*
+ * When calling sec_init() UA will provide an area of virtual memory
+ *  of size #SEC_DMA_MEMORY_SIZE to be  used internally by the driver
+ *  to allocate data (like SEC descriptors) that needs to be passed to
+ *  SEC device in physical addressing and later on retrieved from SEC device.
+ *  At initialization the UA provides specialized ptov/vtop functions/macros to
+ *  translate addresses allocated from this memory area.
+ */
+#define SEC_DMA_MEMORY_SIZE          ((SEC_DMA_MEM_JOB_RING_SIZE) * \
+					(MAX_SEC_JOB_RINGS))
+
+#define L1_CACHE_BYTES 64
+
+/* SEC JOB RING related configuration. */
+
+/*
+ * Configure the size of the JOB RING.
+ * The maximum size of the ring in hardware limited to 1024.
+ * However the number of packets in flight in a time interval of 1ms can
+ * be calculated from the traffic rate (Mbps) and packet size.
+ * Here it was considered a packet size of 64 bytes.
+ *
+ * @note Round up to nearest power of 2 for optimized update
+ * of producer/consumer indexes of each job ring
+ */
+#define SEC_JOB_RING_SIZE     512
+
+/*
+ * Interrupt coalescing related configuration.
+ * NOTE: SEC hardware enabled interrupt
+ * coalescing is not supported on SEC version 3.1!
+ * SEC version 4.4 has support for interrupt
+ * coalescing.
+ */
+
+#if SEC_NOTIFICATION_TYPE != SEC_NOTIFICATION_TYPE_POLL
+
+#define SEC_INT_COALESCING_ENABLE   1
+/*
+ * Interrupt Coalescing Descriptor Count Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines
+ * how many Descriptors are completed before raising an interrupt.
+ *
+ * Valid values for this field are from 0 to 255.
+ * Note that a value of 1 functionally defeats the advantages of interrupt
+ * coalescing since the threshold value is reached each time that a
+ * Job Descriptor is completed. A value of 0 is treated in the same
+ * manner as a value of 1.
+ */
+#define SEC_INTERRUPT_COALESCING_DESCRIPTOR_COUNT_THRESH  10
+
+/*
+ * Interrupt Coalescing Timer Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines the
+ * maximum amount of time after processing a Descriptor before raising an
+ * interrupt.
+ * The threshold value is represented in units equal to 64 CAAM interface
+ * clocks. Valid values for this field are from 1 to 65535.
+ * A value of 0 results in behavior identical to that when interrupt
+ * coalescing is disabled.
+ */
+#define SEC_INTERRUPT_COALESCING_TIMER_THRESH  100
+#endif /* SEC_NOTIFICATION_TYPE_POLL */
+
+#endif /* CAAM_JR_CONFIG_H */
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 03/14] crypto/caam_jr: add routines to configure HW
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 01/14] crypto/caam_jr: introduce basic driver Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 04/14] crypto/caam_jr: add UIO specific operations Gagandeep Singh
                     ` (13 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add routines for configuring the hw
to support various features.
These routines will be used by the PMD ops.
The patch also defines structure and macros used
to access hw capabilities.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile              |   5 +
 drivers/crypto/caam_jr/caam_jr_hw.c          | 379 ++++++++++++++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_pvt.h         | 286 +++++++++++
 drivers/crypto/caam_jr/meson.build           |   5 +-
 5 files changed, 1177 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index b1f3ecee7..e22943749 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -16,7 +16,10 @@ CFLAGS += -D _GNU_SOURCE
 CFLAGS += -O3
 CFLAGS += $(WERROR_FLAGS)
 
+CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
 CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+#sharing the hw flib headers from dpaa2_sec pmd
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
 
@@ -28,10 +31,12 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
 LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_dpaa
 LDLIBS += -lrte_bus_vdev
 
 include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
new file mode 100644
index 000000000..73cc61a27
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -0,0 +1,379 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <inttypes.h>
+#include <rte_common.h>
+#include <rte_memory.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Used to retry resetting a job ring in SEC hardware. */
+#define SEC_TIMEOUT 100000
+
+/* @brief Process Jump Halt Condition related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_cond_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x, Condition: 0x%x",
+			error_code.error_desc.jmp_halt_cond_src.jmp,
+			error_code.error_desc.jmp_halt_cond_src.desc_idx,
+			error_code.error_desc.jmp_halt_cond_src.cond);
+	(void)error_code;
+}
+
+/* @brief Process DECO related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_deco_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x",
+			error_code.error_desc.deco_src.jmp,
+			error_code.error_desc.deco_src.desc_idx);
+
+	switch (error_code.error_desc.deco_src.desc_err) {
+	case SEC_HW_ERR_DECO_HFN_THRESHOLD:
+		CAAM_JR_DEBUG(" Warning: Descriptor completed normally,"
+			"but 3GPP HFN matches or exceeds the Threshold ");
+		break;
+	default:
+		CAAM_JR_DEBUG("Error 0x%04x not implemented",
+				error_code.error_desc.deco_src.desc_err);
+		break;
+	}
+}
+
+/* @brief Process  Jump Halt User Status related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_user_err(union hw_error_code error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process CCB related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_ccb_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process Job Ring related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+int
+hw_reset_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	ASSERT(job_ring->register_base_addr != NULL);
+
+	/* First reset the job ring in hw */
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret, "Failed resetting job ring in hardware");
+
+	/* In order to have the HW JR in a workable state
+	 * after a reset, I need to re-write the input
+	 * queue size, input start address, output queue
+	 * size and output start address
+	 */
+	/* Write the JR input queue size to the HW register */
+	hw_set_input_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR output queue size to the HW register */
+	hw_set_output_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR input queue start address */
+	hw_set_input_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->input_ring));
+	CAAM_JR_DEBUG(" Set input ring base address to : Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->input_ring,
+		      caam_jr_dma_vtop(job_ring->input_ring),
+		      hw_get_inp_queue_base(job_ring));
+
+	/* Write the JR output queue start address */
+	hw_set_output_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->output_ring));
+	CAAM_JR_DEBUG(" Set output ring base address to: Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->output_ring,
+		      caam_jr_dma_vtop(job_ring->output_ring),
+		      hw_get_out_queue_base(job_ring));
+	return ret;
+}
+
+int
+hw_shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	unsigned int timeout = SEC_TIMEOUT;
+	uint32_t tmp = 0;
+	int usleep_interval = 10;
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return 0;
+	}
+
+	CAAM_JR_INFO("Resetting Job ring %p", job_ring);
+
+	/*
+	 * Mask interrupts since we are going to poll
+	 * for reset completion status
+	 * Also, at POR, interrupts are ENABLED on a JR, thus
+	 * this is the point where I can disable them without
+	 * changing the code logic too much
+	 */
+	caam_jr_disable_irqs(job_ring->irq_fd);
+
+	/* initiate flush (required prior to reset) */
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	/* dummy read */
+	tmp = GET_JR_REG(JRCR, job_ring);
+
+	do {
+		tmp = GET_JR_REG(JRINT, job_ring);
+		usleep(usleep_interval);
+	} while (((tmp & JRINT_ERR_HALT_MASK) ==
+			JRINT_ERR_HALT_INPROGRESS) && --timeout);
+
+	CAAM_JR_INFO("JRINT is %x", tmp);
+	if ((tmp & JRINT_ERR_HALT_MASK) != JRINT_ERR_HALT_COMPLETE ||
+		timeout == 0) {
+		CAAM_JR_ERR("0x%x, %d", tmp, timeout);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+
+	/* Initiate reset */
+	timeout = SEC_TIMEOUT;
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	do {
+		tmp = GET_JR_REG(JRCR, job_ring);
+		usleep(usleep_interval);
+	} while ((tmp & JR_REG_JRCR_VAL_RESET) && --timeout);
+
+	CAAM_JR_DEBUG("JRCR is %x", tmp);
+	if (timeout == 0) {
+		CAAM_JR_ERR("Failed to reset hw job ring %p", job_ring);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+	/* unmask interrupts */
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+		caam_jr_enable_irqs(job_ring->irq_fd);
+	return 0;
+
+}
+
+void
+hw_handle_job_ring_error(struct sec_job_ring_t *job_ring __rte_unused,
+			 uint32_t error_code)
+{
+	union hw_error_code hw_err_code;
+
+	hw_err_code.error = error_code;
+	switch (hw_err_code.error_desc.value.ssrc) {
+	case SEC_HW_ERR_SSRC_NO_SRC:
+		ASSERT(hw_err_code.error_desc.no_status_src.res == 0);
+		CAAM_JR_ERR("No Status Source ");
+		break;
+	case SEC_HW_ERR_SSRC_CCB_ERR:
+		CAAM_JR_ERR("CCB Status Source");
+		hw_handle_ccb_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_U:
+		CAAM_JR_ERR("Jump Halt User Status Source");
+		hw_handle_jmp_halt_user_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_DECO:
+		CAAM_JR_ERR("DECO Status Source");
+		hw_handle_deco_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JR:
+		CAAM_JR_ERR("Job Ring Status Source");
+		hw_handle_jr_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_COND:
+		CAAM_JR_ERR("Jump Halt Condition Codes");
+		hw_handle_jmp_halt_cond_err(hw_err_code);
+		break;
+	default:
+		ASSERT(0);
+		CAAM_JR_ERR("Unknown SSRC");
+		break;
+	}
+}
+
+void
+hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code)
+{
+	switch (code) {
+	case JRINT_ERR_WRITE_STATUS:
+		CAAM_JR_ERR("Error writing status to Output Ring ");
+		break;
+	case JRINT_ERR_BAD_INPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Input Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_BAD_OUTPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Output Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_WRITE_2_IRBA:
+		CAAM_JR_ERR(
+		"Invalid write to Input Ring Base Address Register ");
+		break;
+	case JRINT_ERR_WRITE_2_ORBA:
+		CAAM_JR_ERR(
+		"Invalid write to Output Ring Base Address Register ");
+		break;
+	case JRINT_ERR_RES_B4_HALT:
+		CAAM_JR_ERR(
+		"Job Ring [%p] released before Job Ring is halted",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_REM_TOO_MANY:
+		CAAM_JR_ERR("Removed too many jobs from job ring [%p]",
+			(void *)job_ring);
+		break;
+	case JRINT_ERR_ADD_TOO_MANY:
+		CAAM_JR_ERR("Added too many jobs on job ring [%p]", job_ring);
+		break;
+	default:
+		CAAM_JR_ERR(" Unknown SEC JR Error :%d",
+				code);
+		break;
+	}
+}
+
+int
+hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				 uint16_t irq_coalescing_timer,
+				 uint8_t irq_coalescing_count)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+	/* Set descriptor count coalescing */
+	reg_val |= (irq_coalescing_count << JR_REG_JRCFG_LO_ICDCT_SHIFT);
+
+	/* Set coalescing timer value */
+	reg_val |= (irq_coalescing_timer << JR_REG_JRCFG_LO_ICTT_SHIFT);
+
+	/* Update parameters in HW */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Set coalescing params on jr %p timer:%d, desc count: %d",
+			job_ring, irq_coalescing_timer, irq_coalescing_timer);
+
+	return 0;
+}
+
+int
+hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Enable coalescing */
+	reg_val |= JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Enabled coalescing on jr %p ",
+			job_ring);
+
+	return 0;
+}
+
+int
+hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Disable coalescing */
+	reg_val &= ~JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Disabled coalescing on jr %p ", job_ring);
+
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
new file mode 100644
index 000000000..5f58a585d
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
@@ -0,0 +1,503 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017 NXP
+ */
+
+#ifndef CAAM_JR_HW_SPECIFIC_H
+#define CAAM_JR_HW_SPECIFIC_H
+
+#include <caam_jr_config.h>
+
+/*
+ * Offset to the registers of a job ring.
+ * Is different for each job ring.
+ */
+#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
+
+#define SEC_JOB_RING_IS_FULL(pi, ci, ring_max_size, ring_threshold) \
+		((((pi) + 1 + ((ring_max_size) - (ring_threshold))) & \
+		  (ring_max_size - 1))  == ((ci)))
+
+#define SEC_CIRCULAR_COUNTER(x, max)   (((x) + 1) & (max - 1))
+
+/*
+ * Assert that cond is true. If !cond is true, display str and the vararg list
+ * in a printf-like syntax. also, if !cond is true, return altRet.
+ *
+ * \param cond          A boolean expression to be asserted true
+ * \param altRet        The value to be returned if cond doesn't hold true
+ * \param str           A quoted char string
+ *
+ * E.g.:
+ *      SEC_ASSERT(ret > 0, 0, "ERROR initializing app: code = %d\n", ret);
+ */
+#define SEC_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define SEC_DP_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_DP_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define ASSERT(x)
+
+/*
+ * Constants representing various job ring registers
+ */
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_IRBA_OFFSET		0x0000
+#define JR_REG_IRBA_OFFSET_LO		0x0004
+#else
+#define JR_REG_IRBA_OFFSET		0x0004
+#define JR_REG_IRBA_OFFSET_LO		0x0000
+#endif
+
+#define JR_REG_IRSR_OFFSET		0x000C
+#define JR_REG_IRSA_OFFSET		0x0014
+#define JR_REG_IRJA_OFFSET		0x001C
+
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_ORBA_OFFSET		0x0020
+#define JR_REG_ORBA_OFFSET_LO		0x0024
+#else
+#define JR_REG_ORBA_OFFSET		0x0024
+#define JR_REG_ORBA_OFFSET_LO		0x0020
+#endif
+
+#define JR_REG_ORSR_OFFSET		0x002C
+#define JR_REG_ORJR_OFFSET		0x0034
+#define JR_REG_ORSFR_OFFSET		0x003C
+#define JR_REG_JROSR_OFFSET		0x0044
+#define JR_REG_JRINT_OFFSET		0x004C
+
+#define JR_REG_JRCFG_OFFSET		0x0050
+#define JR_REG_JRCFG_OFFSET_LO		0x0054
+
+#define JR_REG_IRRI_OFFSET		0x005C
+#define JR_REG_ORWI_OFFSET		0x0064
+#define JR_REG_JRCR_OFFSET		0x006C
+
+/*
+ * Constants for error handling on job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_SHIFT	8
+#define JR_REG_JRINT_ERR_ORWI_SHIFT	16
+#define JR_REG_JRINIT_JRE_SHIFT		1
+
+#define JRINT_JRE			(1 << JR_REG_JRINIT_JRE_SHIFT)
+#define JRINT_ERR_WRITE_STATUS		(1 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_INPUT_BASE	(3 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_OUTPUT_BASE	(4 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_IRBA		(5 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_ORBA		(6 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_RES_B4_HALT		(7 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_REM_TOO_MANY		(8 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_ADD_TOO_MANY		(9 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_HALT_MASK		0x0C
+#define JRINT_ERR_HALT_INPROGRESS	0x04
+#define JRINT_ERR_HALT_COMPLETE		0x08
+
+#define JR_REG_JRCR_VAL_RESET		0x00000001
+
+#define JR_REG_JRCFG_LO_ICTT_SHIFT	0x10
+#define JR_REG_JRCFG_LO_ICDCT_SHIFT	0x08
+#define JR_REG_JRCFG_LO_ICEN_EN		0x02
+
+/*
+ * Constants for Descriptor Processing errors
+ */
+#define SEC_HW_ERR_SSRC_NO_SRC		0x00
+#define SEC_HW_ERR_SSRC_CCB_ERR		0x02
+#define SEC_HW_ERR_SSRC_JMP_HALT_U	0x03
+#define SEC_HW_ERR_SSRC_DECO		0x04
+#define SEC_HW_ERR_SSRC_JR		0x06
+#define SEC_HW_ERR_SSRC_JMP_HALT_COND   0x07
+
+#define SEC_HW_ERR_DECO_HFN_THRESHOLD   0xF1
+#define SEC_HW_ERR_CCB_ICV_CHECK_FAIL   0x0A
+
+/*
+ * Constants for descriptors
+ */
+/* Return higher 32 bits of physical address */
+#define PHYS_ADDR_HI(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) >> 32)
+
+/* Return lower 32 bits of physical address */
+#define PHYS_ADDR_LO(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) & 0xFFFFFFFF)
+
+/*
+ * Macros for extracting error codes for the job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_EXTRACT(value)      ((value) & 0x00000F00)
+#define JR_REG_JRINT_ERR_ORWI_EXTRACT(value)     \
+	(((value) & 0x3FFF0000) >> JR_REG_JRINT_ERR_ORWI_SHIFT)
+#define JR_REG_JRINT_JRE_EXTRACT(value)	   ((value) & JRINT_JRE)
+
+/*
+ * Macros for managing the job ring
+ */
+/* Read pointer to job ring input ring start address */
+#if defined(RTE_ARCH_ARM64)
+#define hw_get_inp_queue_base(jr) ((((dma_addr_t)GET_JR_REG(IRBA, \
+				      (jr))) << 32) | \
+				      (GET_JR_REG_LO(IRBA, (jr))))
+
+/* Read pointer to job ring output ring start address */
+#define hw_get_out_queue_base(jr) (((dma_addr_t)(GET_JR_REG(ORBA, \
+				     (jr))) << 32) | \
+				     (GET_JR_REG_LO(ORBA, (jr))))
+#else
+#define hw_get_inp_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(IRBA, (jr))))
+
+#define hw_get_out_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(ORBA, (jr))))
+#endif
+
+/*
+ * IRJA - Input Ring Jobs Added Register shows
+ * how many new jobs were added to the Input Ring.
+ */
+#define hw_enqueue_desc_on_job_ring(job_ring) SET_JR_REG(IRJA, (job_ring), 1)
+
+#define hw_set_input_ring_size(job_ring, size) SET_JR_REG(IRSR, job_ring, \
+							 (size))
+
+#define hw_set_output_ring_size(job_ring, size) SET_JR_REG(ORSR, job_ring, \
+							  (size))
+
+#if defined(RTE_ARCH_ARM64)
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#else
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, 0);	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, 0);	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+#endif
+
+/* ORJR - Output Ring Jobs Removed Register shows how many jobs were
+ * removed from the Output Ring for processing by software. This is done after
+ * the software has processed the entries.
+ */
+#define hw_remove_entries(jr, no_entries) SET_JR_REG(ORJR, (jr), (no_entries))
+
+/* IRSA - Input Ring Slots Available register holds the number of entries in
+ * the Job Ring's input ring. Once a job is enqueued, the value returned is
+ * decremented by the hardware by the number of jobs enqueued.
+ */
+#define hw_get_available_slots(jr)		GET_JR_REG(IRSA, jr)
+
+/* ORSFR - Output Ring Slots Full register holds the number of jobs which were
+ * processed by the SEC and can be retrieved by the software. Once a job has
+ * been processed by software, the user will call hw_remove_one_entry in order
+ * to notify the SEC that the entry was processed.
+ */
+#define hw_get_no_finished_jobs(jr)		GET_JR_REG(ORSFR, jr)
+
+/*
+ * Macros for manipulating JR registers
+ */
+#if CORE_BYTE_ORDER == CAAM_BYTE_ORDER
+#define sec_read_32(addr)	(*(volatile unsigned int *)(addr))
+#define sec_write_32(addr, val)	(*(volatile unsigned int *)(addr) = (val))
+
+#else
+#define sec_read_32(addr)	rte_bswap32((*(volatile unsigned int *)(addr)))
+#define sec_write_32(addr, val) \
+			(*(volatile unsigned int *)(addr) = rte_bswap32(val))
+#endif
+
+#if CAAM_BYTE_ORDER == __LITTLE_ENDIAN
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr) + 1) << 32) | \
+				(sec_read_32((u32 *)(addr))))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr) + 1, (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr), (u32)(val));		\
+}
+#else /* CAAM_BYTE_ORDER == __BIG_ENDIAN */
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr)) << 32) | \
+				(sec_read_32((u32 *)(addr) + 1)))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr), (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr) + 1, (u32)(val));		\
+}
+#endif
+
+#if defined(RTE_ARCH_ARM64)
+#define sec_read_addr(a)	sec_read_64((a))
+#define sec_write_addr(a, v)	sec_write_64((a), (v))
+#else
+#define sec_read_addr(a)	sec_read_32((a))
+#define sec_write_addr(a, v)	sec_write_32((a), (v))
+#endif
+
+#define JR_REG(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET)
+#define JR_REG_LO(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET_LO)
+
+#define GET_JR_REG(name, jr)	(sec_read_32(JR_REG(name, (jr))))
+#define GET_JR_REG_LO(name, jr)	(sec_read_32(JR_REG_LO(name, (jr))))
+
+#define SET_JR_REG(name, jr, value) \
+				(sec_write_32(JR_REG(name, (jr)), value))
+#define SET_JR_REG_LO(name, jr, value) \
+				(sec_write_32(JR_REG_LO(name, (jr)), value))
+
+/* Lists the possible states for a job ring. */
+typedef enum sec_job_ring_state_e {
+	SEC_JOB_RING_STATE_STARTED,	/* Job ring is initialized */
+	SEC_JOB_RING_STATE_RESET,	/* Job ring reset is in progress */
+} sec_job_ring_state_t;
+
+/* code or cmd block to caam */
+struct sec_cdb {
+	struct {
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				uint16_t rsvd63_48;
+				unsigned int rsvd47_39:9;
+				unsigned int idlen:7;
+#else
+				unsigned int idlen:7;
+				unsigned int rsvd47_39:9;
+				uint16_t rsvd63_48;
+#endif
+			} field;
+		} __rte_packed hi;
+
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				unsigned int rsvd31_30:2;
+				unsigned int fsgt:1;
+				unsigned int lng:1;
+				unsigned int offset:2;
+				unsigned int abs:1;
+				unsigned int add_buf:1;
+				uint8_t pool_id;
+				uint16_t pool_buffer_size;
+#else
+				uint16_t pool_buffer_size;
+				uint8_t pool_id;
+				unsigned int add_buf:1;
+				unsigned int abs:1;
+				unsigned int offset:2;
+				unsigned int lng:1;
+				unsigned int fsgt:1;
+				unsigned int rsvd31_30:2;
+#endif
+			} field;
+		} __rte_packed lo;
+	} __rte_packed sh_hdr;
+
+	uint32_t sh_desc[SEC_JOB_DESCRIPTOR_SIZE];
+};
+
+struct caam_jr_qp {
+	struct sec_job_ring_t *ring;
+	uint64_t rx_pkts;
+	uint64_t rx_errs;
+	uint64_t rx_poll_err;
+	uint64_t tx_pkts;
+	uint64_t tx_errs;
+	uint64_t tx_ring_full;
+};
+
+struct sec_job_ring_t {
+	/* TODO: Add wrapper macro to make it obvious this is the consumer index
+	 * on the output ring
+	 */
+	uint32_t cidx;		/* Consumer index for job ring (jobs array).
+				 * @note: cidx and pidx are accessed from
+				 * different threads. Place the cidx and pidx
+				 * inside the structure so that they lay on
+				 * different cachelines, to avoid false sharing
+				 * between threads when the threads run on
+				 * different cores!
+				 */
+	/* TODO: Add wrapper macro to make it obvious this is the producer index
+	 * on the input ring
+	 */
+	uint32_t pidx;		/* Producer index for job ring (jobs array) */
+
+	phys_addr_t *input_ring;/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	struct sec_outring_entry *output_ring;
+				/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	uint32_t irq_fd;	/* The file descriptor used for polling from
+				 * user space for interrupts notifications
+				 */
+	uint32_t jr_mode;	/* Model used by SEC Driver to receive
+				 * notifications from SEC.  Can be either
+				 * of the three: #SEC_NOTIFICATION_TYPE_NAPI
+				 * #SEC_NOTIFICATION_TYPE_IRQ or
+				 * #SEC_NOTIFICATION_TYPE_POLL
+				 */
+	uint32_t napi_mode;	/* Job ring mode if NAPI mode is chosen
+				 * Used only when jr_mode is set to
+				 * #SEC_NOTIFICATION_TYPE_NAPI
+				 */
+	void *register_base_addr;	/* Base address for SEC's
+					 * register memory for this job ring.
+					 */
+	uint8_t coalescing_en;		/* notifies if coelescing is
+					 * enabled for the job ring
+					 */
+	sec_job_ring_state_t jr_state;	/* The state of this job ring */
+
+	struct rte_mempool *ctx_pool;   /* per dev mempool for caam_jr_op_ctx */
+	unsigned int max_nb_queue_pairs;
+	unsigned int max_nb_sessions;
+	struct caam_jr_qp qps[RTE_CAAM_MAX_NB_SEC_QPS]; /* i/o queue for sec */
+};
+
+/* Union describing the possible error codes that
+ * can be set in the descriptor status word
+ */
+union hw_error_code {
+	uint32_t error;
+	union {
+		struct {
+			uint32_t ssrc:4;
+			uint32_t ssed_val:28;
+		} __rte_packed value;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:28;
+		} __rte_packed no_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cha_id:4;
+			uint32_t err_id:4;
+		} __rte_packed ccb_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t offset:8;
+		} __rte_packed jmp_halt_user_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t desc_err:8;
+		} __rte_packed deco_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:17;
+			uint32_t naddr:3;
+			uint32_t desc_err:8;
+		} __rte_packed jr_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cond:8;
+		} __rte_packed jmp_halt_cond_src;
+	} __rte_packed error_desc;
+} __rte_packed;
+
+/* @brief Initialize a job ring/channel in SEC device.
+ * Write configuration register/s to properly initialize a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval other for error
+ */
+int hw_reset_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Reset a job ring/channel in SEC device.
+ * Write configuration register/s to reset a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval -1 in case job ring reset failed
+ */
+int hw_shutdown_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Handle a job ring/channel error in SEC device.
+ * Identify the error type and clear error bits if required.
+ *
+ * @param [in]  job_ring	The job ring
+ * @param [in]  sec_error_code  The job ring's error code
+ */
+void hw_handle_job_ring_error(struct sec_job_ring_t *job_ring,
+			      uint32_t sec_error_code);
+
+/* @brief Handle a job ring error in the device.
+ * Identify the error type and printout a explanatory
+ * messages.
+ *
+ * @param [in]  job_ring	The job ring
+ *
+ */
+void hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code);
+
+/* @brief Set interrupt coalescing parameters on the Job Ring.
+ * @param [in]  job_ring		The job ring
+ * @param [in]  irq_coalesing_timer     Interrupt coalescing timer threshold.
+ *					This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in]  irq_coalescing_count    Interrupt coalescing descriptor count
+ *					threshold.
+ */
+int hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				     uint16_t irq_coalescing_timer,
+				     uint8_t irq_coalescing_count);
+
+/* @brief Enable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring);
+
+/* @brief Disable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring);
+
+#endif /* CAAM_JR_HW_SPECIFIC_H */
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
new file mode 100644
index 000000000..58fd257fc
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -0,0 +1,286 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_PVT_H
+#define CAAM_JR_PVT_H
+
+/* NXP CAAM JR PMD device name */
+
+#define CAAM_JR_ALG_UNSUPPORT	(-1)
+
+/* Minimum job descriptor consists of a oneword job descriptor HEADER and
+ * a pointer to the shared descriptor.
+ */
+#define MIN_JOB_DESC_SIZE	(CAAM_CMD_SZ + CAAM_PTR_SZ)
+#define CAAM_JOB_DESC_SIZE	13
+
+/* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
+#define CTX_POOL_NUM_BUFS	32000
+#define CTX_POOL_CACHE_SIZE	512
+
+#define DIR_ENC                 1
+#define DIR_DEC                 0
+
+#define JR_MAX_NB_MAX_DIGEST	32
+
+#define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
+
+
+/* Return codes for SEC user space driver APIs */
+enum sec_return_code_e {
+	SEC_SUCCESS = 0,	       /* Operation executed successfully.*/
+	SEC_INVALID_INPUT_PARAM,       /* API received an invalid input
+					* parameter
+					*/
+	SEC_OUT_OF_MEMORY,	       /* Memory allocation failed. */
+	SEC_DESCRIPTOR_IN_FLIGHT,      /* API function indicates there are
+					* descriptors in flight
+					* for SEC to process.
+					*/
+	SEC_LAST_DESCRIPTOR_IN_FLIGHT, /* API function indicates there is one
+					* last descriptor in flight
+					* for SEC to process that.
+					*/
+	SEC_PROCESSING_ERROR,	       /* Indicates a SEC processing error
+					* occurred on a Job Ring which requires
+					* a SEC user space driver shutdown. Can
+					* be returned from sec_poll_job_ring().
+					* Then the only other API that can be
+					* called after this error is
+					* sec_release().
+					*/
+	SEC_DESC_PROCESSING_ERROR,     /* Indicates a SEC descriptor processing
+					* error occurred on a Job Ring. Can be
+					* returned from sec_poll_job_ring().
+					* The driver was able to reset job ring
+					* and job ring can be used like in a
+					* normal case.
+					*/
+	SEC_JR_IS_FULL,			/* Job Ring is full. There is no more
+					 * room in the JR for new descriptors.
+					 * This can happen if the descriptor RX
+					 * rate is higher than SEC's capacity.
+					 */
+	SEC_DRIVER_RELEASE_IN_PROGRESS, /* SEC driver shutdown is in progress,
+					 * descriptors processing or polling is
+					 * allowed.
+					 */
+	SEC_DRIVER_ALREADY_INITIALIZED, /* SEC driver is already initialized.*/
+	SEC_DRIVER_NOT_INITIALIZED,	/* SEC driver is NOT initialized. */
+	SEC_JOB_RING_RESET_IN_PROGRESS, /* Job ring is resetting due to a
+					 * per-descriptor SEC processing error
+					 * ::SEC_desc_PROCESSING_ERROR. Reset is
+					 * finished when sec_poll_job_ring()
+					 * return. Then the job ring can be used
+					 * again.
+					 */
+	SEC_RESET_ENGINE_FAILED,	/* Resetting of SEC Engine by SEC Kernel
+					 * Driver Failed
+					 */
+	SEC_ENABLE_IRQS_FAILED,		/* Enabling of IRQs in SEC Kernel Driver
+					 * Failed
+					 */
+	SEC_DISABLE_IRQS_FAILED,	/* Disabling of IRQs in SEC Kernel
+					 * Driver Failed
+					 */
+	/* END OF VALID VALUES */
+
+	SEC_RETURN_CODE_MAX_VALUE,	/* Invalid value for return code. It is
+					 * used to mark the end of the return
+					 * code values. @note ALL new return
+					 * code values MUST be added before
+					 * ::SEC_RETURN_CODE_MAX_VALUE!
+					 */
+};
+
+enum caam_jr_op_type {
+	CAAM_JR_NONE,  /* No Cipher operations*/
+	CAAM_JR_CIPHER,/* CIPHER operations */
+	CAAM_JR_AUTH,  /* Authentication Operations */
+	CAAM_JR_AEAD,  /* Authenticated Encryption with associated data */
+	CAAM_JR_IPSEC, /* IPSEC protocol operations*/
+	CAAM_JR_PDCP,  /* PDCP protocol operations*/
+	CAAM_JR_PKC,   /* Public Key Cryptographic Operations */
+	CAAM_JR_MAX
+};
+
+struct caam_jr_session {
+	uint8_t dir;         /* Operation Direction */
+	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
+	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
+	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	union {
+		struct {
+			uint8_t *data;	/* pointer to key data */
+			size_t length;	/* key length in bytes */
+		} aead_key;
+		struct {
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} cipher_key;
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} auth_key;
+		};
+	};
+	struct {
+		uint16_t length;
+		uint16_t offset;
+	} iv;	/* Initialisation vector parameters */
+	uint16_t auth_only_len; /* Length of data for Auth only */
+	uint32_t digest_length;
+	struct ip ip4_hdr;
+	struct caam_jr_qp *qp;
+	struct sec_cdb *cdb;	/* cmd block associated with qp */
+	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
+};
+
+/*
+ * 16-byte hardware scatter/gather table
+ */
+
+#define SEC4_SG_LEN_EXT		0x80000000	/* Entry points to table */
+#define SEC4_SG_LEN_FIN		0x40000000	/* Last ent in table */
+#define SEC4_SG_BPID_MASK	0x000000ff
+#define SEC4_SG_BPID_SHIFT	16
+#define SEC4_SG_LEN_MASK	0x3fffffff	/* Excludes EXT and FINAL */
+#define SEC4_SG_OFFSET_MASK	0x00001fff
+
+struct sec4_sg_entry {
+	uint64_t ptr;
+	uint32_t len;
+	uint32_t bpid_offset;
+};
+
+#define MAX_SG_ENTRIES		16
+#define SG_CACHELINE_0		0
+#define SG_CACHELINE_1		4
+#define SG_CACHELINE_2		8
+#define SG_CACHELINE_3		12
+
+/* Structure encompassing a job descriptor which is to be processed
+ * by SEC. User should also initialise this structure with the callback
+ * function pointer which will be called by driver after recieving proccessed
+ * descriptor from SEC. User data is also passed in this data structure which
+ * will be sent as an argument to the user callback function.
+ */
+struct job_descriptor {
+	uint32_t desc[CAAM_JOB_DESC_SIZE];
+};
+
+struct caam_jr_op_ctx {
+	struct job_descriptor jobdes;
+	/* sg[0] output, sg[1] input, others are possible sub frames */
+	struct sec4_sg_entry sg[MAX_SG_ENTRIES];
+	struct rte_crypto_op *op;
+	struct rte_mempool *ctx_pool; /* mempool pointer for caam_jr_op_ctx */
+	int64_t vtop_offset;
+	uint8_t digest[JR_MAX_NB_MAX_DIGEST];
+};
+
+/**
+ * Checksum
+ *
+ * @param buffer calculate chksum for buffer
+ * @param len    buffer length
+ *
+ * @return checksum value in host cpu order
+ */
+static inline uint16_t
+calc_chksum(void *buffer, int len)
+{
+	uint16_t *buf = (uint16_t *)buffer;
+	uint32_t sum = 0;
+	uint16_t result;
+
+	for (sum = 0; len > 1; len -= 2)
+		sum += *buf++;
+
+	if (len == 1)
+		sum += *(unsigned char *)buf;
+
+	sum = (sum >> 16) + (sum & 0xFFFF);
+	sum += (sum >> 16);
+	result = ~sum;
+
+	return  result;
+}
+struct uio_job_ring {
+	uint32_t jr_id;
+	uint32_t uio_fd;
+	void *register_base_addr;
+	int map_size;
+	int uio_minor_number;
+};
+
+int sec_cleanup(void);
+int sec_configure(void);
+struct uio_job_ring *config_job_ring(void);
+void free_job_ring(uint32_t uio_fd);
+
+/* For Dma memory allocation of specified length and alignment */
+static inline void *
+caam_jr_dma_mem_alloc(size_t align, size_t len)
+{
+	return rte_malloc("mem_alloc", len, align);
+}
+
+/* For freeing dma memory */
+static inline void
+caam_jr_dma_free(void *ptr)
+{
+	rte_free(ptr);
+}
+
+static inline rte_iova_t
+caam_jr_mem_vtop(void *vaddr)
+{
+	const struct rte_memseg *ms;
+
+	ms = rte_mem_virt2memseg(vaddr, NULL);
+	if (ms)
+		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
+	return (size_t)NULL;
+}
+
+static inline void *
+caam_jr_dma_ptov(rte_iova_t paddr)
+{
+	return rte_mem_iova2virt(paddr);
+}
+
+/* Virtual to physical address conversion */
+static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
+{
+	return caam_jr_mem_vtop(ptr);
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t caam_jr_enable_irqs(uint32_t uio_fd);
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t caam_jr_disable_irqs(uint32_t uio_fd);
+
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 3edd0a212..c282eb4dc 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,6 +6,9 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr.c')
 
 allow_experimental_apis = true
+
+includes += include_directories('../dpaa2_sec/')
+includes += include_directories('../../bus/dpaa/include/')
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 04/14] crypto/caam_jr: add UIO specific operations
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (2 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 03/14] crypto/caam_jr: add routines to configure HW Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 05/14] crypto/caam_jr: add basic job ring routines Gagandeep Singh
                     ` (12 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr need support from kernel caam driver for
job ring initialisation. So to access register space
for job ring and allow re configure and map to userspace
UIO interface is used. This also allows to handle the
caam interrupts from the user space.

This patch adds UIO specific operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile      |   1 +
 drivers/crypto/caam_jr/caam_jr_hw.c  |  12 -
 drivers/crypto/caam_jr/caam_jr_uio.c | 501 +++++++++++++++++++++++++++
 drivers/crypto/caam_jr/meson.build   |   2 +-
 4 files changed, 503 insertions(+), 13 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index e22943749..cfd093a5f 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -32,6 +32,7 @@ LIBABIVER := 1
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index 73cc61a27..4a2b08995 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -91,18 +91,6 @@ hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
 	CAAM_JR_DEBUG(" Not implemented");
 }
 
-uint32_t
-caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
-uint32_t
-caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
 int
 hw_reset_job_ring(struct sec_job_ring_t *job_ring)
 {
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
new file mode 100644
index 000000000..c07d9db01
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -0,0 +1,501 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <dirent.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <fcntl.h>
+
+#include <rte_common.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Prefix path to sysfs directory where UIO device attributes are exported.
+ * Path for UIO device X is /sys/class/uio/uioX
+ */
+#define SEC_UIO_DEVICE_SYS_ATTR_PATH    "/sys/class/uio"
+
+/* Subfolder in sysfs where mapping attributes are exported
+ * for each UIO device. Path for mapping Y for device X is:
+ *      /sys/class/uio/uioX/maps/mapY
+ */
+#define SEC_UIO_DEVICE_SYS_MAP_ATTR     "maps/map"
+
+/* Name of UIO device file prefix. Each UIO device will have a device file
+ * /dev/uioX, where X is the minor device number.
+ */
+#define SEC_UIO_DEVICE_FILE_NAME    "/dev/uio"
+
+/*
+ * Name of UIO device. Each user space SEC job ring will have a corresponding
+ * UIO device with the name sec-channelX, where X is the job ring id.
+ * Maximum length is #SEC_UIO_MAX_DEVICE_NAME_LENGTH.
+ *
+ * @note  Must be kept in synch with SEC kernel driver
+ * define #SEC_UIO_DEVICE_NAME !
+ */
+#define SEC_UIO_DEVICE_NAME     "fsl-jr"
+
+/* Maximum length for the name of an UIO device file.
+ * Device file name format is: /dev/uioX.
+ */
+#define SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH 30
+
+/* Maximum length for the name of an attribute file for an UIO device.
+ * Attribute files are exported in sysfs and have the name formatted as:
+ *      /sys/class/uio/uioX/<attribute_file_name>
+ */
+#define SEC_UIO_MAX_ATTR_FILE_NAME  100
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to disable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_DISABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_DISABLE_IRQ_CMD     0
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to enable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_ENABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_ENABLE_IRQ_CMD      1
+
+/** Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to do a SEC engine reset.
+ *  @note   Need to be kept in synch with #SEC_UIO_RESET_SEC_ENGINE_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_RESET_SEC_ENGINE_CMD    3
+
+/* The id for the mapping used to export SEC's registers to
+ * user space through UIO devices.
+ */
+#define SEC_UIO_MAP_ID              0
+
+static struct uio_job_ring g_uio_job_ring[MAX_SEC_JOB_RINGS];
+static int g_uio_jr_num;
+
+/** @brief Checks if a file name contains a certain substring.
+ * If so, it extracts the number following the substring.
+ * This function assumes a filename format of: [text][number].
+ * @param [in]  filename    File name
+ * @param [in]  match       String to match in file name
+ * @param [out] number      The number extracted from filename
+ *
+ * @retval true if file name matches the criteria
+ * @retval false if file name does not match the criteria
+ */
+static bool
+file_name_match_extract(const char filename[], const char match[], int *number)
+{
+	char *substr = NULL;
+
+	substr = strstr(filename, match);
+	if (substr == NULL)
+		return false;
+
+	/* substring <match> was found in <filename>
+	 * read number following <match> substring in <filename>
+	 */
+	if (sscanf(filename + strlen(match), "%d", number) <= 0)
+		return false;
+
+	return true;
+}
+
+/** @brief Reads first line from a file.
+ * Composes file name as: root/subdir/filename
+ *
+ * @param [in]  root     Root path
+ * @param [in]  subdir   Subdirectory name
+ * @param [in]  filename File name
+ * @param [out] line     The first line read from file.
+ *
+ * @retval 0 for succes
+ * @retval other value for error
+ */
+static int
+file_read_first_line(const char root[], const char subdir[],
+		     const char filename[], char *line)
+{
+	char absolute_file_name[SEC_UIO_MAX_ATTR_FILE_NAME];
+	int fd = 0, ret = 0;
+
+	/*compose the file name: root/subdir/filename */
+	memset(absolute_file_name, 0, sizeof(absolute_file_name));
+	snprintf(absolute_file_name, SEC_UIO_MAX_ATTR_FILE_NAME,
+		 "%s/%s/%s", root, subdir, filename);
+
+	fd = open(absolute_file_name, O_RDONLY);
+	SEC_ASSERT(fd > 0, fd, "Error opening file %s",
+			absolute_file_name);
+
+	/* read UIO device name from first line in file */
+	ret = read(fd, line, SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH);
+	close(fd);
+
+	/* NULL-ify string */
+	line[SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH - 1] = '\0';
+
+	if (ret <= 0) {
+		CAAM_JR_ERR("Error reading from file %s", absolute_file_name);
+		return ret;
+	}
+
+	return 0;
+}
+
+/** @brief Uses UIO control to send commands to SEC kernel driver.
+ * The mechanism is to write a command word into the file descriptor
+ * that the user-space driver obtained for each user-space SEC job ring.
+ * Both user-space driver and kernel driver must have the same understanding
+ * about the command codes.
+ *
+ * @param [in]  UIO FD		    The UIO file descriptor
+ * @param [in]  uio_command         Command word
+ *
+ * @retval Result of write operation on the job ring's UIO file descriptor.
+ *         Should be sizeof(int) for success operations.
+ *         Other values can be returned and used, if desired to add special
+ *         meaning to return values, but this has to be programmed in SEC
+ *         kernel driver as well. No special return values are used.
+ */
+static int
+sec_uio_send_command(uint32_t uio_fd, int32_t uio_command)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver execute the desired command.
+	 */
+	ret = write(uio_fd, &uio_command, sizeof(int));
+	return ret;
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver enable DONE and Error IRQs for this job ring,
+	 * at Controller level.
+	 */
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_ENABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to enable job done and "
+		"error IRQs through UIO control. UIO FD %d. Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Enabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver disable IRQs for this job ring,
+	 * at Controller level.
+	 */
+
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_DISABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to disable job done and "
+		"IRQs through UIO control. UIO_FD %d Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Disabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+/** @brief Maps register range assigned for a job ring.
+ *
+ * @param [in] uio_device_fd    UIO device file descriptor
+ * @param [in] uio_device_id    UIO device id
+ * @param [in] uio_map_id       UIO allows maximum 5 different mapping for
+				each device. Maps start with id 0.
+ * @param [out] map_size        Map size.
+ * @retval  NULL if failed to map registers
+ * @retval  Virtual address for mapped register address range
+ */
+static void *
+uio_map_registers(int uio_device_fd, int uio_device_id,
+		  int uio_map_id, int *map_size)
+{
+	void *mapped_address = NULL;
+	unsigned int uio_map_size = 0;
+	char uio_sys_root[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_sys_map_subdir[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_map_size_str[32];
+	int ret = 0;
+
+	/* compose the file name: root/subdir/filename */
+	memset(uio_sys_root, 0, sizeof(uio_sys_root));
+	memset(uio_sys_map_subdir, 0, sizeof(uio_sys_map_subdir));
+	memset(uio_map_size_str, 0, sizeof(uio_map_size_str));
+
+	/* Compose string: /sys/class/uio/uioX */
+	sprintf(uio_sys_root, "%s/%s%d", SEC_UIO_DEVICE_SYS_ATTR_PATH,
+		"uio", uio_device_id);
+	/* Compose string: maps/mapY */
+	sprintf(uio_sys_map_subdir, "%s%d", SEC_UIO_DEVICE_SYS_MAP_ATTR,
+		uio_map_id);
+
+	/* Read first (and only) line from file
+	 * /sys/class/uio/uioX/maps/mapY/size
+	 */
+	ret = file_read_first_line(uio_sys_root, uio_sys_map_subdir,
+				 "size", uio_map_size_str);
+	SEC_ASSERT(ret == 0, NULL, "file_read_first_line() failed");
+
+	/* Read mapping size, expressed in hexa(base 16) */
+	uio_map_size = strtol(uio_map_size_str, NULL, 16);
+
+	/* Map the region in user space */
+	mapped_address = mmap(0, /*dynamically choose virtual address */
+		uio_map_size, PROT_READ | PROT_WRITE,
+		MAP_SHARED, uio_device_fd, 0);
+	/* offset = 0 because UIO device has only one mapping
+	 * for the entire SEC register memory
+	 */
+	if (mapped_address == MAP_FAILED) {
+		CAAM_JR_ERR(
+			"Failed to map registers! errno = %d job ring fd  = %d,"
+			"uio device id = %d, uio map id = %d", errno,
+			uio_device_fd, uio_device_id, uio_map_id);
+		return NULL;
+	}
+
+	/*
+	 * Save the map size to use it later on for munmap-ing.
+	 */
+	*map_size = uio_map_size;
+
+	CAAM_JR_INFO("UIO dev[%d] mapped region [id =%d] size 0x%x at %p",
+		uio_device_id, uio_map_id, uio_map_size, mapped_address);
+
+	return mapped_address;
+}
+
+void
+free_job_ring(uint32_t uio_fd)
+{
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	if (!job_ring->uio_fd)
+		return;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == uio_fd) {
+			job_ring = &g_uio_job_ring[i];
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("JR not available for fd = %x\n", uio_fd);
+		return;
+	}
+
+	/* Open device file */
+	CAAM_JR_INFO("Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+	close(job_ring->uio_fd);
+	g_uio_jr_num--;
+	job_ring->uio_fd = 0;
+	if (job_ring->register_base_addr == NULL)
+		return;
+
+	/* Unmap the PCI memory resource of device */
+	if (munmap(job_ring->register_base_addr, job_ring->map_size)) {
+		CAAM_JR_INFO("cannot munmap(%p, 0x%lx): %s",
+			job_ring->register_base_addr,
+			(unsigned long)job_ring->map_size, strerror(errno));
+	} else
+		CAAM_JR_DEBUG("  JR UIO memory unmapped at %p",
+				job_ring->register_base_addr);
+	job_ring->register_base_addr = NULL;
+}
+
+struct
+uio_job_ring *config_job_ring(void)
+{
+	char uio_device_file_name[32];
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == 0) {
+			job_ring = &g_uio_job_ring[i];
+			g_uio_jr_num++;
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	/* Find UIO device created by SEC kernel driver for this job ring. */
+	memset(uio_device_file_name, 0, sizeof(uio_device_file_name));
+
+	sprintf(uio_device_file_name, "%s%d", SEC_UIO_DEVICE_FILE_NAME,
+		job_ring->uio_minor_number);
+
+	/* Open device file */
+	job_ring->uio_fd = open(uio_device_file_name, O_RDWR);
+	SEC_ASSERT(job_ring->uio_fd > 0, NULL,
+		"Failed to open UIO device file for job ring %d",
+		job_ring->jr_id);
+
+	CAAM_JR_INFO("Open device(%s) file for job ring=%d , uio_fd = %d",
+		uio_device_file_name, job_ring->jr_id, job_ring->uio_fd);
+
+	ASSERT(job_ring->register_base_addr == NULL);
+	job_ring->register_base_addr = uio_map_registers(
+			job_ring->uio_fd, job_ring->uio_minor_number,
+			SEC_UIO_MAP_ID, &job_ring->map_size);
+
+	SEC_ASSERT(job_ring->register_base_addr != NULL, NULL,
+		"Failed to map SEC registers");
+	return job_ring;
+}
+
+int
+sec_configure(void)
+{
+	char uio_name[32];
+	int config_jr_no = 0, jr_id = -1;
+	int uio_minor_number = -1;
+	int ret;
+	DIR *d = NULL;
+	struct dirent *dir;
+
+	d = opendir(SEC_UIO_DEVICE_SYS_ATTR_PATH);
+	if (d == NULL) {
+		printf("\nError opening directory '%s': %s\n",
+			SEC_UIO_DEVICE_SYS_ATTR_PATH, strerror(errno));
+		return -1;
+	}
+
+	/* Iterate through all subdirs */
+	while ((dir = readdir(d)) != NULL) {
+		if (!strncmp(dir->d_name, ".", 1) ||
+				!strncmp(dir->d_name, "..", 2))
+			continue;
+
+		if (file_name_match_extract
+			(dir->d_name, "uio", &uio_minor_number)) {
+		/*
+		 * Open file uioX/name and read first line which contains
+		 * the name for the device. Based on the name check if this
+		 * UIO device is UIO device for job ring with id jr_id.
+		 */
+			memset(uio_name, 0, sizeof(uio_name));
+			ret = file_read_first_line(SEC_UIO_DEVICE_SYS_ATTR_PATH,
+					dir->d_name, "name", uio_name);
+			CAAM_JR_INFO("sec device uio name: %s", uio_name);
+			SEC_ASSERT(ret == 0, -1, "file_read_first_line failed");
+
+			if (file_name_match_extract(uio_name,
+						SEC_UIO_DEVICE_NAME,
+						&jr_id)) {
+				g_uio_job_ring[config_jr_no].jr_id = jr_id;
+				g_uio_job_ring[config_jr_no].uio_minor_number =
+							uio_minor_number;
+				CAAM_JR_INFO("Detected logical JRID:%d", jr_id);
+				config_jr_no++;
+
+				/* todo  find the actual ring id
+				 * OF_FULLNAME=/soc/crypto@1700000/jr@20000
+				 */
+			}
+		}
+	}
+	closedir(d);
+
+	if (config_jr_no == 0) {
+		CAAM_JR_ERR("! No SEC Job Rings assigned for userspace usage!");
+		return 0;
+	}
+	CAAM_JR_INFO("Total JR detected =%d", config_jr_no);
+	return config_jr_no;
+}
+
+int
+sec_cleanup(void)
+{
+	int i;
+	struct uio_job_ring *job_ring;
+
+	for (i = 0; i < g_uio_jr_num; i++) {
+		job_ring = &g_uio_job_ring[i];
+		/* munmap SEC's register memory */
+		if (job_ring->register_base_addr) {
+			munmap(job_ring->register_base_addr,
+				job_ring->map_size);
+			job_ring->register_base_addr = NULL;
+		}
+		/* I need to close the fd after shutdown UIO commands need to be
+		 * sent using the fd
+		 */
+		if (job_ring->uio_fd != 0) {
+			CAAM_JR_INFO(
+			"Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+			close(job_ring->uio_fd);
+		}
+	}
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index c282eb4dc..7b024e886 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,7 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 05/14] crypto/caam_jr: add basic job ring routines
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (3 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 04/14] crypto/caam_jr: add UIO specific operations Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 06/14] crypto/caam_jr: add device basic ops Gagandeep Singh
                     ` (11 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following job ring routines
 - init_job_ring (configure hw/sw resources)
 - shutdown_job_ring (releases hw/sw resources)
 - close_job_ring (flush job ring)

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 329 ++++++++++++++++++++++++++++++-
 1 file changed, 327 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 27331194a..cb024a979 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -17,12 +17,142 @@
 #include <rte_security_driver.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
 #include <caam_jr_log.h>
 
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <of.h>
+
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
 
+enum rta_sec_era rta_sec_era;
+
+/* Lists the states possible for the SEC user space driver. */
+enum sec_driver_state_e {
+	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
+	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
+	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
+};
+
+/* Job rings used for communication with SEC HW */
+static struct sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
+
+/* The current state of SEC user space driver */
+static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+/* The number of job rings used by SEC user space driver */
+static int g_job_rings_no;
+static int g_job_rings_max;
+
+/* @brief Poll the HW for already processed jobs in the JR
+ * and silently discard the available jobs or notify them to UA
+ * with indicated error code.
+ *
+ * @param [in,out]  job_ring        The job ring to poll.
+ * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
+ *				    descriptors are to be discarded
+ *                                  or notified to UA with given error_code.
+ * @param [out] notified_descs    Number of notified descriptors. Can be NULL
+ *					if do_notify is #FALSE
+ */
+static void
+hw_flush_job_ring(struct sec_job_ring_t *job_ring,
+		  uint32_t do_notify,
+		  uint32_t *notified_descs)
+{
+	int32_t jobs_no_to_discard = 0;
+	int32_t discarded_descs_no = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
+		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
+
+	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
+
+	/* Discard all jobs */
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
+		  job_ring, job_ring->pidx, job_ring->cidx,
+		  jobs_no_to_discard);
+
+	while (jobs_no_to_discard > discarded_descs_no) {
+		discarded_descs_no++;
+		/* Now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 * Increment the consumer index for the current job ring
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+					 SEC_JOB_RING_SIZE);
+
+		hw_remove_entries(job_ring, 1);
+	}
+
+	if (do_notify == true) {
+		ASSERT(notified_descs != NULL);
+		*notified_descs = discarded_descs_no;
+	}
+}
+
+
+/* @brief Flush job rings of any processed descs.
+ * The processed descs are silently dropped,
+ * WITHOUT being notified to UA.
+ */
+static void
+close_job_ring(struct sec_job_ring_t *job_ring)
+{
+	PMD_INIT_FUNC_TRACE();
+	if (job_ring->irq_fd) {
+		/* Producer index is frozen. If consumer index is not equal
+		 * with producer index, then we have descs to flush.
+		 */
+		while (job_ring->pidx != job_ring->cidx)
+			hw_flush_job_ring(job_ring, false, NULL);
+
+		/* free the uio job ring */
+		free_job_ring(job_ring->irq_fd);
+		job_ring->irq_fd = 0;
+		caam_jr_dma_free(job_ring->input_ring);
+		caam_jr_dma_free(job_ring->output_ring);
+		g_job_rings_no--;
+	}
+}
+
+/** @brief Release the software and hardware resources tied to a job ring.
+ * @param [in] job_ring The job ring
+ *
+ * @retval  0 for success
+ * @retval  -1 for error
+ */
+static int
+shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	ASSERT(job_ring != NULL);
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret,
+		"Failed to shutdown hardware job ring %p",
+		job_ring);
+
+	if (job_ring->coalescing_en)
+		hw_job_ring_disable_coalescing(job_ring);
+
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
+		ret = caam_jr_disable_irqs(job_ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+		"Failed to disable irqs for job ring %p",
+		job_ring);
+	}
+
+	return ret;
+}
+
 /*
  * @brief Release the resources used by the SEC user space driver.
  *
@@ -40,28 +170,195 @@ int caam_jr_logtype;
 static int
 caam_jr_dev_uninit(struct rte_cryptodev *dev)
 {
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
 	if (dev == NULL)
 		return -ENODEV;
 
+	internals = dev->data->dev_private;
+	rte_free(dev->security_ctx);
+
+	/* If any descriptors in flight , poll and wait
+	 * until all descriptors are received and silently discarded.
+	 */
+	if (internals) {
+		shutdown_job_ring(internals);
+		close_job_ring(internals);
+		rte_mempool_free(internals->ctx_pool);
+	}
+
 	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
 
-	return 0;
+	/* last caam jr instance) */
+	if (g_job_rings_no == 0)
+		g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+	return SEC_SUCCESS;
+}
+
+/* @brief Initialize the software and hardware resources tied to a job ring.
+ * @param [in] jr_mode;		Model to be used by SEC Driver to receive
+ *				notifications from SEC.  Can be either
+ *				of the three: #SEC_NOTIFICATION_TYPE_NAPI
+ *				#SEC_NOTIFICATION_TYPE_IRQ or
+ *				#SEC_NOTIFICATION_TYPE_POLL
+ * @param [in] NAPI_mode	The NAPI work mode to configure a job ring at
+ *				startup. Used only when #SEC_NOTIFICATION_TYPE
+ *				is set to #SEC_NOTIFICATION_TYPE_NAPI.
+ * @param [in] irq_coalescing_timer This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in] irq_coalescing_count This value determines how many
+ *					descriptors are completed before
+ *					raising an interrupt.
+ * @param [in] reg_base_addr,	The job ring base address register
+ * @param [in] irq_id		The job ring interrupt identification number.
+ * @retval  job_ring_handle for successful job ring configuration
+ * @retval  NULL on error
+ *
+ */
+static void *
+init_job_ring(void *reg_base_addr, uint32_t irq_id)
+{
+	struct sec_job_ring_t *job_ring = NULL;
+	int i, ret = 0;
+	int jr_mode = SEC_NOTIFICATION_TYPE_POLL;
+	int napi_mode = 0;
+	int irq_coalescing_timer = 0;
+	int irq_coalescing_count = 0;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_job_rings[i].irq_fd == 0) {
+			job_ring = &g_job_rings[i];
+			g_job_rings_no++;
+			break;
+		}
+	}
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	job_ring->register_base_addr = reg_base_addr;
+	job_ring->jr_mode = jr_mode;
+	job_ring->napi_mode = 0;
+	job_ring->irq_fd = irq_id;
+
+	/* Allocate mem for input and output ring */
+
+	/* Allocate memory for input ring */
+	job_ring->input_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_INPUT_RING_SIZE);
+	memset(job_ring->input_ring, 0, SEC_DMA_MEM_INPUT_RING_SIZE);
+
+	/* Allocate memory for output ring */
+	job_ring->output_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_OUTPUT_RING_SIZE);
+	memset(job_ring->output_ring, 0, SEC_DMA_MEM_OUTPUT_RING_SIZE);
+
+	/* Reset job ring in SEC hw and configure job ring registers */
+	ret = hw_reset_job_ring(job_ring);
+	if (ret != 0) {
+		CAAM_JR_ERR("Failed to reset hardware job ring");
+		goto cleanup;
+	}
+
+	if (jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+	/* When SEC US driver works in NAPI mode, the UA can select
+	 * if the driver starts with IRQs on or off.
+	 */
+		if (napi_mode == SEC_STARTUP_INTERRUPT_MODE) {
+			CAAM_JR_INFO("Enabling DONE IRQ generationon job ring - %p",
+				job_ring);
+			ret = caam_jr_enable_irqs(job_ring->irq_fd);
+			if (ret != 0) {
+				CAAM_JR_ERR("Failed to enable irqs for job ring");
+				goto cleanup;
+			}
+		}
+	} else if (jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+	/* When SEC US driver works in pure interrupt mode,
+	 * IRQ's are always enabled.
+	 */
+		CAAM_JR_INFO("Enabling DONE IRQ generation on job ring - %p",
+			 job_ring);
+		ret = caam_jr_enable_irqs(job_ring->irq_fd);
+		if (ret != 0) {
+			CAAM_JR_ERR("Failed to enable irqs for job ring");
+			goto cleanup;
+		}
+	}
+	if (irq_coalescing_timer || irq_coalescing_count) {
+		hw_job_ring_set_coalescing_param(job_ring,
+			 irq_coalescing_timer,
+			 irq_coalescing_count);
+
+		hw_job_ring_enable_coalescing(job_ring);
+		job_ring->coalescing_en = 1;
+	}
+
+	job_ring->jr_state = SEC_JOB_RING_STATE_STARTED;
+	job_ring->max_nb_queue_pairs = RTE_CAAM_MAX_NB_SEC_QPS;
+	job_ring->max_nb_sessions = RTE_CAAM_JR_PMD_MAX_NB_SESSIONS;
+
+	return job_ring;
+cleanup:
+	caam_jr_dma_free(job_ring->output_ring);
+	caam_jr_dma_free(job_ring->input_ring);
+	return NULL;
 }
 
+
 static int
 caam_jr_dev_init(const char *name,
 		 struct rte_vdev_device *vdev,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct uio_job_ring *job_ring;
+	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
 	PMD_INIT_FUNC_TRACE();
 
+	/* Validate driver state */
+	if (g_driver_state == SEC_DRIVER_STATE_IDLE) {
+		g_job_rings_max = sec_configure();
+		if (!g_job_rings_max) {
+			CAAM_JR_ERR("No job ring detected on UIO !!!!");
+			return -1;
+		}
+		/* Update driver state */
+		g_driver_state = SEC_DRIVER_STATE_STARTED;
+	}
+
+	if (g_job_rings_no >= g_job_rings_max) {
+		CAAM_JR_ERR("No more job rings available max=%d!!!!",
+				g_job_rings_max);
+		return -1;
+	}
+
+	job_ring = config_job_ring();
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("failed to create job ring");
+		goto init_error;
+	}
+
+	snprintf(str, sizeof(str), "caam_jr%d", job_ring->jr_id);
+
 	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 	if (dev == NULL) {
 		CAAM_JR_ERR("failed to create cryptodev vdev");
 		goto cleanup;
 	}
+	/*TODO free it during teardown*/
+	dev->data->dev_private = init_job_ring(job_ring->register_base_addr,
+						job_ring->uio_fd);
+
+	if (!dev->data->dev_private) {
+		CAAM_JR_ERR("Ring memory allocation failed\n");
+		goto cleanup2;
+	}
 
 	dev->driver_id = cryptodev_driver_id;
 	dev->dev_ops = NULL;
@@ -79,7 +376,12 @@ caam_jr_dev_init(const char *name,
 
 	return 0;
 
+cleanup2:
+	caam_jr_dev_uninit(dev);
+	rte_cryptodev_pmd_release_device(dev);
 cleanup:
+	free_job_ring(job_ring->uio_fd);
+init_error:
 	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
 			init_params->name);
 
@@ -92,7 +394,7 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 {
 	struct rte_cryptodev_pmd_init_params init_params = {
 		"",
-		128,
+		sizeof(struct sec_job_ring_t),
 		rte_socket_id(),
 		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
 	};
@@ -106,6 +408,29 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 	input_args = rte_vdev_device_args(vdev);
 	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
 
+	/* if sec device version is not configured */
+	if (!rta_get_sec_era()) {
+		const struct device_node *caam_node;
+
+		for_each_compatible_node(caam_node, NULL, "fsl,sec-v4.0") {
+			const uint32_t *prop = of_get_property(caam_node,
+					"fsl,sec-era",
+					NULL);
+			if (prop) {
+				rta_set_sec_era(
+					INTL_SEC_ERA(cpu_to_caam32(*prop)));
+				break;
+			}
+		}
+	}
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+	if (rta_get_sec_era() > RTA_SEC_ERA_8) {
+		RTE_LOG(ERR, PMD,
+		"CAAM is compiled in BE mode for device with sec era > 8???\n");
+		return -EINVAL;
+	}
+#endif
+
 	return caam_jr_dev_init(name, vdev, &init_params);
 }
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 06/14] crypto/caam_jr: add device basic ops
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (4 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 05/14] crypto/caam_jr: add basic job ring routines Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 07/14] crypto/caam_jr: add queue pair config ops Gagandeep Singh
                     ` (10 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following device operations
 - dev_configure
 - dev_start
 - dev_stop
 - dev_close
 - dev_infos_get

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 98 +++++++++++++++++++++++++++++++-
 1 file changed, 97 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index cb024a979..cdae2a4fc 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -98,6 +98,89 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 }
 
 
+static int
+caam_jr_dev_configure(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_config *config __rte_unused)
+{
+	char str[20];
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	internals = dev->data->dev_private;
+	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	if (!internals->ctx_pool) {
+		internals->ctx_pool = rte_mempool_create((const char *)str,
+						CTX_POOL_NUM_BUFS,
+						sizeof(struct caam_jr_op_ctx),
+						CTX_POOL_CACHE_SIZE, 0,
+						NULL, NULL, NULL, NULL,
+						SOCKET_ID_ANY, 0);
+		if (!internals->ctx_pool) {
+			CAAM_JR_ERR("%s create failed\n", str);
+			return -ENOMEM;
+		}
+	} else
+		CAAM_JR_INFO("mempool already created for dev_id : %d",
+				dev->data->dev_id);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+	return 0;
+}
+
+static void
+caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+}
+
+static int
+caam_jr_dev_close(struct rte_cryptodev *dev)
+{
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (dev == NULL)
+		return -ENOMEM;
+
+	internals = dev->data->dev_private;
+	rte_mempool_free(internals->ctx_pool);
+	internals->ctx_pool = NULL;
+
+	return 0;
+}
+
+static void
+caam_jr_dev_infos_get(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_info *info)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+
+	PMD_INIT_FUNC_TRACE();
+	if (info != NULL) {
+		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
+		info->feature_flags = dev->feature_flags;
+		info->sym.max_nb_sessions = internals->max_nb_sessions;
+		info->driver_id = cryptodev_driver_id;
+	}
+}
+
+static struct rte_cryptodev_ops caam_jr_ops = {
+	.dev_configure	      = caam_jr_dev_configure,
+	.dev_start	      = caam_jr_dev_start,
+	.dev_stop	      = caam_jr_dev_stop,
+	.dev_close	      = caam_jr_dev_close,
+	.dev_infos_get        = caam_jr_dev_infos_get,
+};
+
+
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
  * WITHOUT being notified to UA.
@@ -361,7 +444,20 @@ caam_jr_dev_init(const char *name,
 	}
 
 	dev->driver_id = cryptodev_driver_id;
-	dev->dev_ops = NULL;
+	dev->dev_ops = &caam_jr_ops;
+
+	/* register rx/tx burst functions for data path */
+	dev->dequeue_burst = NULL;
+	dev->enqueue_burst = NULL;
+	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
+			RTE_CRYPTODEV_FF_SECURITY |
+			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
 	/* For secondary processes, we don't initialise any further as primary
 	 * has already done this work. Only check we don't need a different
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 07/14] crypto/caam_jr: add queue pair config ops
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (5 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 06/14] crypto/caam_jr: add device basic ops Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 08/14] crypto/caam_jr: add device cababilities Gagandeep Singh
                     ` (9 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add following ops for configuring queues
 - queue_pair_setup
 - queue_pair_release
 - queue_pair_count

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 64 ++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index cdae2a4fc..78bc75f69 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -97,6 +97,67 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* Release queue pair */
+static int
+caam_jr_queue_pair_release(struct rte_cryptodev *dev,
+			   uint16_t qp_id)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = NULL;
+	dev->data->queue_pairs[qp_id] = NULL;
+
+	return 0;
+}
+
+/* Setup a queue pair */
+static int
+caam_jr_queue_pair_setup(
+		struct rte_cryptodev *dev, uint16_t qp_id,
+		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		__rte_unused int socket_id,
+		__rte_unused struct rte_mempool *session_pool)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id, qp_conf);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = internals;
+	dev->data->queue_pairs[qp_id] = qp;
+
+	return 0;
+}
+
+/* Return the number of allocated queue pairs */
+static uint32_t
+caam_jr_queue_pair_count(struct rte_cryptodev *dev)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return dev->data->nb_queue_pairs;
+}
 
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
@@ -178,6 +239,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.queue_pair_setup     = caam_jr_queue_pair_setup,
+	.queue_pair_release   = caam_jr_queue_pair_release,
+	.queue_pair_count     = caam_jr_queue_pair_count,
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 08/14] crypto/caam_jr: add device cababilities
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (6 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 07/14] crypto/caam_jr: add queue pair config ops Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 09/14] crypto/caam_jr: add session configuration methods Gagandeep Singh
                     ` (8 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

add device capabilities for supported algorithms,
key length etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile               |   1 +
 drivers/crypto/caam_jr/caam_jr.h              |  18 ++
 drivers/crypto/caam_jr/caam_jr_capabilities.c | 266 ++++++++++++++++++
 drivers/crypto/caam_jr/meson.build            |   5 +-
 4 files changed, 289 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index cfd093a5f..88cdf7410 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -31,6 +31,7 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_capabilities.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
diff --git a/drivers/crypto/caam_jr/caam_jr.h b/drivers/crypto/caam_jr/caam_jr.h
new file mode 100644
index 000000000..ef0900641
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_H
+#define CAAM_JR_H
+
+#include <rte_cryptodev.h>
+#include <rte_security.h>
+
+/* Get cryptodev capabilities */
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void);
+/* Get security capabilities */
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device);
+
+#endif
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
new file mode 100644
index 000000000..88c9b33c6
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -0,0 +1,266 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <caam_jr.h>
+
+static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
+	{	/* MD5 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 20,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA224 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 28,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 32,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 48,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* AES GCM */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_AES_GCM,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 8,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = {
+					.min = 0,
+					.max = 240,
+					.increment = 1
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+	{	/* AES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* 3DES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
+				.block_size = 8,
+				.key_size = {
+					.min = 16,
+					.max = 24,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 8,
+					.max = 8,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
+	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
+static const struct rte_security_capability caam_jr_security_cap[] = {
+	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{
+		.action = RTE_SECURITY_ACTION_TYPE_NONE
+	}
+};
+
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void)
+{
+	return caam_jr_capabilities;
+}
+
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device __rte_unused)
+{
+	return caam_jr_security_cap;
+}
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 7b024e886..99b71aef1 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,10 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
+sources = files('caam_jr_capabilities.c',
+		'caam_jr_hw.c',
+		'caam_jr_uio.c',
+		'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 09/14] crypto/caam_jr: add session configuration methods
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (7 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 08/14] crypto/caam_jr: add device cababilities Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 10/14] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
                     ` (7 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support to create session configuration
of various types i.e. cipher, auth and aead etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 215 +++++++++++++++++++++++++++++++
 1 file changed, 215 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 78bc75f69..f6c2565cf 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -24,8 +24,11 @@
 
 /* RTA header files */
 #include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
 #include <of.h>
 
+#define CAAM_JR_DBG	0
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
@@ -159,6 +162,214 @@ caam_jr_queue_pair_count(struct rte_cryptodev *dev)
 	return dev->data->nb_queue_pairs;
 }
 
+/* Returns the size of the aesni gcm session structure */
+static unsigned int
+caam_jr_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return sizeof(struct caam_jr_session);
+}
+
+static int
+caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused,
+		    struct rte_crypto_sym_xform *xform,
+		    struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->cipher_alg = xform->cipher.algo;
+	session->iv.length = xform->cipher.iv.length;
+	session->iv.offset = xform->cipher.iv.offset;
+	session->cipher_key.data = rte_zmalloc(NULL, xform->cipher.key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL && xform->cipher.key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+	session->cipher_key.length = xform->cipher.key.length;
+
+	memcpy(session->cipher_key.data, xform->cipher.key.data,
+	       xform->cipher.key.length);
+	session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_auth_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->auth_alg = xform->auth.algo;
+	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL && xform->auth.key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		return -ENOMEM;
+	}
+	session->auth_key.length = xform->auth.key.length;
+	session->digest_length = xform->auth.digest_length;
+
+	memcpy(session->auth_key.data, xform->auth.key.data,
+	       xform->auth.key.length);
+	session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_aead_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->aead_alg = xform->aead.algo;
+	session->iv.length = xform->aead.iv.length;
+	session->iv.offset = xform->aead.iv.offset;
+	session->auth_only_len = xform->aead.aad_length;
+	session->aead_key.data = rte_zmalloc(NULL, xform->aead.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->aead_key.data == NULL && xform->aead.key.length > 0) {
+		CAAM_JR_ERR("No Memory for aead key\n");
+		return -ENOMEM;
+	}
+	session->aead_key.length = xform->aead.key.length;
+	session->digest_length = xform->aead.digest_length;
+
+	memcpy(session->aead_key.data, xform->aead.key.data,
+	       xform->aead.key.length);
+	session->dir = (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_set_session_parameters(struct rte_cryptodev *dev,
+			       struct rte_crypto_sym_xform *xform, void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct caam_jr_session *session = sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (unlikely(sess == NULL)) {
+		CAAM_JR_ERR("invalid session struct");
+		return -EINVAL;
+	}
+
+	/* Default IV length = 0 */
+	session->iv.length = 0;
+
+	/* Cipher Only */
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		caam_jr_cipher_init(dev, xform, session);
+
+	/* Authentication Only */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next == NULL) {
+		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
+		caam_jr_auth_init(dev, xform, session);
+
+	/* Cipher then Authenticate */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+			caam_jr_cipher_init(dev, xform, session);
+			caam_jr_auth_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* Authenticate then Cipher */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+			caam_jr_auth_init(dev, xform, session);
+			caam_jr_cipher_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* AEAD operation for AES-GCM kind of Algorithms */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
+		   xform->next == NULL) {
+		caam_jr_aead_init(dev, xform, session);
+
+	} else {
+		CAAM_JR_ERR("Invalid crypto type");
+		return -EINVAL;
+	}
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+
+err1:
+	rte_free(session->cipher_key.data);
+	rte_free(session->auth_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+
+	return -EINVAL;
+}
+
+static int
+caam_jr_sym_session_configure(struct rte_cryptodev *dev,
+			      struct rte_crypto_sym_xform *xform,
+			      struct rte_cryptodev_sym_session *sess,
+			      struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
+	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
+
+	return 0;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static void
+caam_jr_sym_session_clear(struct rte_cryptodev *dev,
+		struct rte_cryptodev_sym_session *sess)
+{
+	uint8_t index = dev->driver_id;
+	void *sess_priv = get_sym_session_private_data(sess, index);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(s, 0, sizeof(struct caam_jr_session));
+		set_sym_session_private_data(sess, index, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+}
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -228,6 +439,7 @@ caam_jr_dev_infos_get(struct rte_cryptodev *dev,
 	if (info != NULL) {
 		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
 		info->feature_flags = dev->feature_flags;
+		info->capabilities = caam_jr_get_cryptodev_capabilities();
 		info->sym.max_nb_sessions = internals->max_nb_sessions;
 		info->driver_id = cryptodev_driver_id;
 	}
@@ -242,6 +454,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
+	.sym_session_get_size = caam_jr_sym_session_get_size,
+	.sym_session_configure = caam_jr_sym_session_configure,
+	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 10/14] crypto/caam_jr: add enqueue dequeue operations
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (8 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 09/14] crypto/caam_jr: add session configuration methods Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 11/14] crypto/caam_jr: add scatter gather Gagandeep Singh
                     ` (6 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support for :
1. creating run time sec hw decriptors for a given request.
2. enqueue operation to the caam jr ring
3. dequeue operation from the caam jr ring in poll mode
4. creating a crypto protocol descriptor for session - first time.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c      | 896 +++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_desc.h | 285 ++++++++
 2 files changed, 1179 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index f6c2565cf..c0933a750 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -19,7 +19,9 @@
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
+#include <caam_jr.h>
 #include <caam_jr_pvt.h>
+#include <caam_jr_desc.h>
 #include <caam_jr_log.h>
 
 /* RTA header files */
@@ -52,6 +54,343 @@ static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
 static int g_job_rings_no;
 static int g_job_rings_max;
 
+struct sec_outring_entry {
+	phys_addr_t desc;	/* Pointer to completed descriptor */
+	uint32_t status;	/* Status for completed descriptor */
+} __rte_packed;
+
+/* virtual address conversin when mempool support is available for ctx */
+static inline phys_addr_t
+caam_jr_vtop_ctx(struct caam_jr_op_ctx *ctx, void *vaddr)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (size_t)vaddr - ctx->vtop_offset;
+}
+
+static inline void
+caam_jr_op_ending(struct caam_jr_op_ctx *ctx)
+{
+	PMD_INIT_FUNC_TRACE();
+	/* report op status to sym->op and then free the ctx memeory  */
+	rte_mempool_put(ctx->ctx_pool, (void *)ctx);
+}
+
+static inline struct caam_jr_op_ctx *
+caam_jr_alloc_ctx(struct caam_jr_session *ses)
+{
+	struct caam_jr_op_ctx *ctx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	ret = rte_mempool_get(ses->ctx_pool, (void **)(&ctx));
+	if (!ctx || ret) {
+		CAAM_JR_DP_WARN("Alloc sec descriptor failed!");
+		return NULL;
+	}
+	/*
+	 * Clear SG memory. There are 16 SG entries of 16 Bytes each.
+	 * one call to dcbz_64() clear 64 bytes, hence calling it 4 times
+	 * to clear all the SG entries. caam_jr_alloc_ctx() is called for
+	 * each packet, memset is costlier than dcbz_64().
+	 */
+	dcbz_64(&ctx->sg[SG_CACHELINE_0]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_1]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_2]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_3]);
+
+	ctx->ctx_pool = ses->ctx_pool;
+	ctx->vtop_offset = (size_t) ctx - rte_mempool_virt2iova(ctx);
+
+	return ctx;
+}
+
+static inline int
+is_cipher_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg == RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_auth_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_aead(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == 0) &&
+		(ses->auth_alg == 0) &&
+		(ses->aead_alg != 0));
+}
+
+static inline int
+is_auth_cipher(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_encode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_ENC;
+}
+
+static inline int
+is_decode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_DEC;
+}
+
+static inline void
+caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->auth_alg) {
+	case RTE_CRYPTO_AUTH_NULL:
+		ses->digest_length = 0;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported auth alg %u", ses->auth_alg);
+	}
+}
+
+static inline void
+caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->cipher_alg) {
+	case RTE_CRYPTO_CIPHER_NULL:
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CTR;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported cipher alg %d", ses->cipher_alg);
+	}
+}
+
+static inline void
+caam_aead_alg(struct caam_jr_session *ses, struct alginfo *alginfo)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->aead_alg) {
+	case RTE_CRYPTO_AEAD_AES_GCM:
+		alginfo->algtype = OP_ALG_ALGSEL_AES;
+		alginfo->algmode = OP_ALG_AAI_GCM;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported AEAD alg %d", ses->aead_alg);
+	}
+}
+
+/* prepare command block of the session */
+static int
+caam_jr_prep_cdb(struct caam_jr_session *ses)
+{
+	struct alginfo alginfo_c = {0}, alginfo_a = {0}, alginfo = {0};
+	int32_t shared_desc_len = 0;
+	struct sec_cdb *cdb;
+	int err;
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+	int swap = false;
+#else
+	int swap = true;
+#endif
+
+	PMD_INIT_FUNC_TRACE();
+	if (ses->cdb)
+		caam_jr_dma_free(ses->cdb);
+
+	cdb = caam_jr_dma_mem_alloc(L1_CACHE_BYTES, sizeof(struct sec_cdb));
+	if (!cdb) {
+		CAAM_JR_ERR("failed to allocate memory for cdb\n");
+		return -1;
+	}
+
+	ses->cdb = cdb;
+
+	memset(cdb, 0, sizeof(struct sec_cdb));
+
+	if (is_cipher_only(ses)) {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_blkcipher(
+						cdb->sh_desc, true,
+						swap, &alginfo_c,
+						NULL,
+						ses->iv.length,
+						ses->dir);
+	} else if (is_auth_only(ses)) {
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_hmac(cdb->sh_desc, true,
+						   swap, &alginfo_a,
+						   !ses->dir,
+						   ses->digest_length);
+	} else if (is_aead(ses)) {
+		caam_aead_alg(ses, &alginfo);
+		if (alginfo.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported aead alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+		alginfo.key = (size_t)ses->aead_key.data;
+		alginfo.keylen = ses->aead_key.length;
+		alginfo.key_enc_flags = 0;
+		alginfo.key_type = RTA_DATA_IMM;
+
+		if (ses->dir == DIR_ENC)
+			shared_desc_len = cnstr_shdsc_gcm_encap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+		else
+			shared_desc_len = cnstr_shdsc_gcm_decap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+	} else {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		cdb->sh_desc[0] = alginfo_c.keylen;
+		cdb->sh_desc[1] = alginfo_a.keylen;
+		err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
+				       MIN_JOB_DESC_SIZE,
+				       (unsigned int *)cdb->sh_desc,
+				       &cdb->sh_desc[2], 2);
+
+		if (err < 0) {
+			CAAM_JR_ERR("Crypto: Incorrect key lengths");
+			rte_free(cdb);
+			return err;
+		}
+		if (cdb->sh_desc[2] & 1)
+			alginfo_c.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_c.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_c.key);
+			alginfo_c.key_type = RTA_DATA_PTR;
+		}
+		if (cdb->sh_desc[2] & (1<<1))
+			alginfo_a.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_a.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_a.key);
+			alginfo_a.key_type = RTA_DATA_PTR;
+		}
+		cdb->sh_desc[0] = 0;
+		cdb->sh_desc[1] = 0;
+		cdb->sh_desc[2] = 0;
+			/* Auth_only_len is set as 0 here and it will be
+			 * overwritten in fd for each packet.
+			 */
+			shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc,
+					true, swap, &alginfo_c, &alginfo_a,
+					ses->iv.length, 0,
+					ses->digest_length, ses->dir);
+	}
+
+	if (shared_desc_len < 0) {
+		CAAM_JR_ERR("error in preparing command block");
+		return shared_desc_len;
+	}
+
+#if CAAM_JR_DBG
+	SEC_DUMP_DESC(cdb->sh_desc);
+#endif
+
+	cdb->sh_hdr.hi.field.idlen = shared_desc_len;
+
+	return 0;
+}
+
 /* @brief Poll the HW for already processed jobs in the JR
  * and silently discard the available jobs or notify them to UA
  * with indicated error code.
@@ -100,6 +439,559 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* @brief Poll the HW for already processed jobs in the JR
+ * and notify the available jobs to UA.
+ *
+ * @param [in]  job_ring	The job ring to poll.
+ * @param [in]  limit           The maximum number of jobs to notify.
+ *                              If set to negative value, all available jobs are
+ *				notified.
+ *
+ * @retval >=0 for No of jobs notified to UA.
+ * @retval -1 for error
+ */
+static int
+hw_poll_job_ring(struct sec_job_ring_t *job_ring,
+		 struct rte_crypto_op **ops, int32_t limit,
+		 struct caam_jr_qp *jr_qp)
+{
+	int32_t jobs_no_to_notify = 0; /* the number of done jobs to notify*/
+	int32_t number_of_jobs_available = 0;
+	int32_t notified_descs_no = 0;
+	uint32_t sec_error_code = 0;
+	struct job_descriptor *current_desc;
+	phys_addr_t current_desc_addr;
+	phys_addr_t *temp_addr;
+	struct caam_jr_op_ctx *ctx;
+
+	PMD_INIT_FUNC_TRACE();
+	/* TODO check for ops have memory*/
+	/* check here if any JR error that cannot be written
+	 * in the output status word has occurred
+	 */
+	if (JR_REG_JRINT_JRE_EXTRACT(GET_JR_REG(JRINT, job_ring))) {
+		CAAM_JR_INFO("err received");
+		sec_error_code = JR_REG_JRINT_ERR_TYPE_EXTRACT(
+					GET_JR_REG(JRINT, job_ring));
+		if (unlikely(sec_error_code)) {
+			hw_job_ring_error_print(job_ring, sec_error_code);
+			return -1;
+		}
+	}
+	/* compute the number of jobs available in the job ring based on the
+	 * producer and consumer index values.
+	 */
+	number_of_jobs_available = hw_get_no_finished_jobs(job_ring);
+	/* Compute the number of notifications that need to be raised to UA
+	 * If limit > total number of done jobs -> notify all done jobs
+	 * If limit = 0 -> error
+	 * If limit < total number of done jobs -> notify a number
+	 * of done jobs equal with limit
+	 */
+	jobs_no_to_notify = (limit > number_of_jobs_available) ?
+				number_of_jobs_available : limit;
+	CAAM_JR_DP_DEBUG(
+		"Jr[%p] pi[%d] ci[%d].limit =%d Available=%d.Jobs to notify=%d",
+		job_ring, job_ring->pidx, job_ring->cidx,
+		limit, number_of_jobs_available, jobs_no_to_notify);
+
+	rte_smp_rmb();
+
+	while (jobs_no_to_notify > notified_descs_no) {
+		static uint64_t false_alarm;
+		static uint64_t real_poll;
+
+		/* Get job status here */
+		sec_error_code = job_ring->output_ring[job_ring->cidx].status;
+		/* Get completed descriptor */
+		temp_addr = &(job_ring->output_ring[job_ring->cidx].desc);
+		current_desc_addr = (phys_addr_t)sec_read_addr(temp_addr);
+
+		real_poll++;
+		/* todo check if it is false alarm no desc present */
+		if (!current_desc_addr) {
+			false_alarm++;
+			printf("false alarm %" PRIu64 "real %" PRIu64
+				" sec_err =0x%x cidx Index =0%d\n",
+				false_alarm, real_poll,
+				sec_error_code, job_ring->cidx);
+			rte_panic("CAAM JR descriptor NULL");
+			return notified_descs_no;
+		}
+		current_desc = (struct job_descriptor *)
+				caam_jr_dma_ptov(current_desc_addr);
+		/* now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+				 SEC_JOB_RING_SIZE);
+		/* Signal that the job has been processed and the slot is free*/
+		hw_remove_entries(job_ring, 1);
+		/*TODO for multiple ops, packets*/
+		ctx = container_of(current_desc, struct caam_jr_op_ctx, jobdes);
+		if (unlikely(sec_error_code)) {
+			CAAM_JR_ERR("desc at cidx %d generated error 0x%x\n",
+				job_ring->cidx, sec_error_code);
+			hw_handle_job_ring_error(job_ring, sec_error_code);
+			//todo improve with exact errors
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			jr_qp->rx_errs++;
+		} else {
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if CAAM_JR_DBG
+			if (ctx->op->sym->m_dst) {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_dst));
+			} else {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_src));
+			}
+#endif
+		}
+		if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
+			struct ip *ip4_hdr;
+
+			if (ctx->op->sym->m_dst) {
+				/*TODO check for ip header or other*/
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, char*);
+				ctx->op->sym->m_dst->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_dst->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			} else {
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, char*);
+				ctx->op->sym->m_src->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_src->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			}
+		}
+		*ops = ctx->op;
+		caam_jr_op_ending(ctx);
+		ops++;
+		notified_descs_no++;
+	}
+	return notified_descs_no;
+}
+
+static uint16_t
+caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	struct sec_job_ring_t *ring = jr_qp->ring;
+	int num_rx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DP_DEBUG("Jr[%p]Polling. limit[%d]", ring, nb_ops);
+
+	/* Poll job ring
+	 * If nb_ops < 0 -> poll JR until no more notifications are available.
+	 * If nb_ops > 0 -> poll JR until limit is reached.
+	 */
+
+	/* Run hw poll job ring */
+	num_rx = hw_poll_job_ring(ring, ops, nb_ops, jr_qp);
+	if (num_rx < 0) {
+		CAAM_JR_ERR("Error polling SEC engine (%d)", num_rx);
+		return 0;
+	}
+
+	CAAM_JR_DP_DEBUG("Jr[%p].Jobs notified[%d]. ", ring, num_rx);
+
+	if (ring->jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+		if (num_rx < nb_ops) {
+			ret = caam_jr_enable_irqs(ring->irq_fd);
+			SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+		}
+	} else if (ring->jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+
+		/* Always enable IRQ generation when in pure IRQ mode */
+		ret = caam_jr_enable_irqs(ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+	}
+
+	jr_qp->rx_pkts += num_rx;
+
+	return num_rx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	start_addr = rte_pktmbuf_iova(sym->m_src);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	if (is_decode(ses)) {
+		sg = &ctx->sg[0];
+		SEC_JD_SET_IN_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+			(sym->auth.data.length + ses->digest_length));
+		/* enabling sg list */
+		(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+		sg->ptr = cpu_to_caam64(start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		/* let's check digest by hw */
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)start_addr,
+			sym->auth.data.offset, sym->auth.data.length);
+	}
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr,
+			sym->cipher.data.offset,
+			sym->cipher.data.length + ses->iv.length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+				sym->cipher.data.length + ses->iv.length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg = &ctx->sg[1];
+	sg->ptr = cpu_to_caam64(src_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* input */
+	sg = &ctx->sg[0];
+	if (is_encode(ses)) {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	}
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(&ctx->sg[0]), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	/* output */
+	sg = &ctx->sg[6];
+
+	sg->ptr = cpu_to_caam64(dst_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	length = sym->cipher.data.length;
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(&ctx->sg[6]), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+static int
+caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
+{
+	struct sec_job_ring_t *ring = qp->ring;
+	struct caam_jr_session *ses;
+	struct caam_jr_op_ctx *ctx = NULL;
+	struct sec_job_descriptor_t *jobdescr __rte_unused;
+
+	PMD_INIT_FUNC_TRACE();
+	switch (op->sess_type) {
+	case RTE_CRYPTO_OP_WITH_SESSION:
+		ses = (struct caam_jr_session *)
+		get_sym_session_private_data(op->sym->session,
+					cryptodev_driver_id);
+		break;
+	default:
+		CAAM_JR_DP_ERR("sessionless crypto op not supported");
+		qp->tx_errs++;
+		return -1;
+	}
+
+	if (unlikely(!ses->qp || ses->qp != qp)) {
+		CAAM_JR_DP_DEBUG("Old:sess->qp=%p New qp = %p\n", ses->qp, qp);
+		ses->qp = qp;
+		caam_jr_prep_cdb(ses);
+	}
+
+	if (rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth(op, ses);
+		else if (is_aead(ses))
+			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only(op, ses);
+	} else {
+		if (is_aead(ses))
+			goto err1;
+	}
+err1:
+	if (unlikely(!ctx)) {
+		qp->tx_errs++;
+		CAAM_JR_ERR("not supported sec op");
+		return -1;
+	}
+#if CAAM_JR_DBG
+	if (is_decode(ses))
+		rte_hexdump(stdout, "DECODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+	else
+		rte_hexdump(stdout, "ENCODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+
+	printf("\n JD before conversion\n");
+	for (int i = 0; i < 12; i++)
+		printf("\n 0x%08x", ctx->jobdes.desc[i]);
+#endif
+
+	CAAM_JR_DP_DEBUG("Jr[%p] pi[%d] ci[%d].Before sending desc",
+		      ring, ring->pidx, ring->cidx);
+
+	/* todo - do we want to retry */
+	if (SEC_JOB_RING_IS_FULL(ring->pidx, ring->cidx,
+			 SEC_JOB_RING_SIZE, SEC_JOB_RING_SIZE)) {
+		CAAM_JR_DP_DEBUG("Ring FULL Jr[%p] pi[%d] ci[%d].Size = %d",
+			      ring, ring->pidx, ring->cidx, SEC_JOB_RING_SIZE);
+		caam_jr_op_ending(ctx);
+		qp->tx_ring_full++;
+		return -EBUSY;
+	}
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	jobdescr->deschdr.command.word =
+		cpu_to_caam32(jobdescr->deschdr.command.word);
+	jobdescr->sd_ptr = cpu_to_caam64(jobdescr->sd_ptr);
+	jobdescr->seq_out.command.word =
+		cpu_to_caam32(jobdescr->seq_out.command.word);
+	jobdescr->seq_out_ptr = cpu_to_caam64(jobdescr->seq_out_ptr);
+	jobdescr->out_ext_length = cpu_to_caam32(jobdescr->out_ext_length);
+	jobdescr->seq_in.command.word =
+		cpu_to_caam32(jobdescr->seq_in.command.word);
+	jobdescr->seq_in_ptr = cpu_to_caam64(jobdescr->seq_in_ptr);
+	jobdescr->in_ext_length = cpu_to_caam32(jobdescr->in_ext_length);
+	jobdescr->load_dpovrd.command.word =
+		cpu_to_caam32(jobdescr->load_dpovrd.command.word);
+	jobdescr->dpovrd = cpu_to_caam32(jobdescr->dpovrd);
+#endif
+
+	/* Set ptr in input ring to current descriptor	*/
+	sec_write_addr(&ring->input_ring[ring->pidx],
+			(phys_addr_t)caam_jr_vtop_ctx(ctx, ctx->jobdes.desc));
+	rte_smp_wmb();
+
+	/* Notify HW that a new job is enqueued */
+	hw_enqueue_desc_on_job_ring(ring);
+
+	/* increment the producer index for the current job ring */
+	ring->pidx = SEC_CIRCULAR_COUNTER(ring->pidx, SEC_JOB_RING_SIZE);
+
+	return 0;
+}
+
+static uint16_t
+caam_jr_enqueue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	/* Function to transmit the frames to given device and queuepair */
+	uint32_t loop;
+	int32_t ret;
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	uint16_t num_tx = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	/*Prepare each packet which is to be sent*/
+	for (loop = 0; loop < nb_ops; loop++) {
+		ret = caam_jr_enqueue_op(ops[loop], jr_qp);
+		if (!ret)
+			num_tx++;
+	}
+
+	jr_qp->tx_pkts += num_tx;
+
+	return num_tx;
+}
+
 /* Release queue pair */
 static int
 caam_jr_queue_pair_release(struct rte_cryptodev *dev,
@@ -726,8 +1618,8 @@ caam_jr_dev_init(const char *name,
 	dev->dev_ops = &caam_jr_ops;
 
 	/* register rx/tx burst functions for data path */
-	dev->dequeue_burst = NULL;
-	dev->enqueue_burst = NULL;
+	dev->dequeue_burst = caam_jr_dequeue_burst;
+	dev->enqueue_burst = caam_jr_enqueue_burst;
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
diff --git a/drivers/crypto/caam_jr/caam_jr_desc.h b/drivers/crypto/caam_jr/caam_jr_desc.h
new file mode 100644
index 000000000..6683ea835
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_desc.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_DESC_H
+#define CAAM_JR_DESC_H
+
+#define CMD_HDR_CTYPE_SD		0x16
+#define CMD_HDR_CTYPE_JD		0x17
+
+/* The maximum size of a SEC descriptor, in WORDs (32 bits). */
+#define MAX_DESC_SIZE_WORDS                     64
+
+/*
+ * Macros manipulating descriptors
+ */
+/* Macro for setting the SD pointer in a JD. Common for all protocols
+ * supported by the SEC driver.
+ */
+#define SEC_JD_SET_SD(descriptor, ptr, len)	   {	  \
+	(descriptor)->sd_ptr = (ptr);			       \
+	(descriptor)->deschdr.command.jd.shr_desc_len = (len);      \
+}
+
+/* Macro for setting a pointer to the job which this descriptor processes.
+ * It eases the lookup procedure for identifying the descriptor that has
+ * completed.
+ */
+#define SEC_JD_SET_JOB_PTR(descriptor, ptr) \
+	((descriptor)->job_ptr = (ptr))
+
+/* Macro for setting up a JD. The structure of the JD is common across all
+ * supported protocols, thus its structure is identical.
+ */
+#define SEC_JD_INIT(descriptor)	      ({ \
+	/* CTYPE = job descriptor			       \
+	 * RSMS, DNR = 0
+	 * ONE = 1
+	 * Start Index = 0
+	 * ZRO,TD, MTD = 0
+	 * SHR = 1 (there's a shared descriptor referenced
+	 *	  by this job descriptor,pointer in next word)
+	 * REO = 1 (execute job descr. first, shared descriptor
+	 *	  after)
+	 * SHARE = DEFER
+	 * Descriptor Length = 0 ( to be completed @ runtime ) */ \
+	(descriptor)->deschdr.command.word = 0xB0801C0D;	\
+	/*
+	 * CTYPE = SEQ OUT command * Scater Gather Flag = 0
+	 * (can be updated @ runtime) PRE = 0 * EXT = 1
+	 * (data length is in next word, following the * command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_out.command.word = 0xF8400000; /**/	\
+	/*
+	 * CTYPE = SEQ IN command
+	 * Scater Gather Flag = 0 (can be updated @ runtime)
+	 * PRE = 0
+	 * EXT = 1 ( data length is in next word, following the
+	 *	   command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_in.command.word  = 0xF0400000; /**/	\
+	/*
+	 * In order to be compatible with QI scenarios, the DPOVRD value
+	 * loaded must be formated like this:
+	 * DPOVRD_EN (1b) | Res| DPOVRD Value (right aligned). */ \
+	(descriptor)->load_dpovrd.command.word = 0x16870004;	\
+	/* By default, DPOVRD mechanism is disabled, thus the value to be
+	 * LOAD-ed through the above descriptor command will be
+	 * 0x0000_0000. */					\
+	(descriptor)->dpovrd = 0x00000000;			\
+})
+
+/* Macro for setting the pointer to the input buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_IN_PTR(descriptor, phys_addr, offset, length) {     \
+	(descriptor)->seq_in_ptr = (phys_addr) + (offset);	      \
+	(descriptor)->in_ext_length = (length);			 \
+}
+
+/* Macro for setting the pointer to the output buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_OUT_PTR(descriptor, phys_addr, offset, length) {    \
+	(descriptor)->seq_out_ptr = (phys_addr) + (offset);	     \
+	(descriptor)->out_ext_length = (length);			\
+}
+
+/* Macro for setting the Scatter-Gather flag in the SEQ IN command. Used in
+ * case the input buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_IN(descriptor) \
+	((descriptor)->seq_in.command.field.sgf =  1)
+
+/* Macro for setting the Scatter-Gather flag in the SEQ OUT command. Used in
+ * case the output buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_OUT(descriptor) \
+	((descriptor)->seq_out.command.field.sgf = 1)
+
+#define SEC_JD_SET_DPOVRD(descriptor) \
+
+/* Macro for retrieving a descriptor's length. Works for both SD and JD. */
+#define SEC_GET_DESC_LEN(descriptor)					\
+	(((struct descriptor_header_s *)(descriptor))->command.sd.ctype == \
+	CMD_HDR_CTYPE_SD ? ((struct descriptor_header_s *) \
+	(descriptor))->command.sd.desclen :	\
+	((struct descriptor_header_s *)(descriptor))->command.jd.desclen)
+
+/* Helper macro for dumping the hex representation of a descriptor */
+#define SEC_DUMP_DESC(descriptor) {					\
+	int __i;							\
+	CAAM_JR_INFO("Des@ 0x%08x\n", (uint32_t)((uint32_t *)(descriptor)));\
+	for (__i = 0;						\
+		__i < SEC_GET_DESC_LEN(descriptor);			\
+		__i++) {						\
+		printf("0x%08x: 0x%08x\n",			\
+			(uint32_t)(((uint32_t *)(descriptor)) + __i),	\
+			*(((uint32_t *)(descriptor)) + __i));		\
+	}								\
+}
+/* Union describing a descriptor header.
+ */
+struct descriptor_header_s {
+	union {
+		uint32_t word;
+		struct {
+			/* 4  */ unsigned int ctype:5;
+			/* 5  */ unsigned int res1:2;
+			/* 7  */ unsigned int dnr:1;
+			/* 8  */ unsigned int one:1;
+			/* 9  */ unsigned int res2:1;
+			/* 10 */ unsigned int start_idx:6;
+			/* 16 */ unsigned int res3:2;
+			/* 18 */ unsigned int cif:1;
+			/* 19 */ unsigned int sc:1;
+			/* 20 */ unsigned int pd:1;
+			/* 21 */ unsigned int res4:1;
+			/* 22 */ unsigned int share:2;
+			/* 24 */ unsigned int res5:2;
+			/* 26 */ unsigned int desclen:6;
+		} sd;
+		struct {
+			/* TODO only below struct members are corrected,
+			 * all others also need to be reversed please verify it
+			 */
+			/* 0 */ unsigned int desclen:7;
+			/* 7 */ unsigned int res4:1;
+			/* 8 */ unsigned int share:3;
+			/* 11 */ unsigned int reo:1;
+			/* 12 */ unsigned int shr:1;
+			/* 13 */ unsigned int mtd:1;
+			/* 14 */ unsigned int td:1;
+			/* 15 */ unsigned int zero:1;
+			/* 16 */ unsigned int shr_desc_len:6;
+			/* 22  */ unsigned int res2:1;
+			/* 23  */ unsigned int one:1;
+			/* 24  */ unsigned int dnr:1;
+			/* 25  */ unsigned int rsms:1;
+			/* 26  */ unsigned int res1:1;
+			/* 27  */ unsigned int ctype:5;
+		} jd;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a KEY command in a descriptor.
+ */
+struct key_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int cls:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int enc:1;
+			unsigned int nwb:1;
+			unsigned int ekt:1;
+			unsigned int kdest:4;
+			unsigned int tk:1;
+			unsigned int rsvd1:5;
+			unsigned int length:10;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a PROTOCOL command
+ * in a descriptor.
+ */
+struct protocol_operation_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int optype:3;
+			unsigned char protid;
+			unsigned short protinfo;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQIN command in a
+ * descriptor.
+ */
+struct seq_in_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:1;
+			unsigned int inl:1;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int rjd:1;
+			unsigned int res2:4;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQOUT command in a
+ * descriptor.
+ */
+struct seq_out_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:2;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int res2:5;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+struct load_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int class:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int dst:7;
+			unsigned char offset;
+			unsigned char length;
+		} fields;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Structure encompassing a general shared descriptor of maximum
+ * size (64 WORDs). Usually, other specific shared descriptor structures
+ * will be type-casted to this one
+ * this one.
+ */
+struct sec_sd_t {
+	uint32_t rsvd[MAX_DESC_SIZE_WORDS];
+} __attribute__((packed, aligned(64)));
+
+/* Structure encompassing a job descriptor which processes
+ * a single packet from a context. The job descriptor references
+ * a shared descriptor from a SEC context.
+ */
+struct sec_job_descriptor_t {
+	struct descriptor_header_s deschdr;
+	dma_addr_t sd_ptr;
+	struct seq_out_command_s seq_out;
+	dma_addr_t seq_out_ptr;
+	uint32_t out_ext_length;
+	struct seq_in_command_s seq_in;
+	dma_addr_t seq_in_ptr;
+	uint32_t in_ext_length;
+	struct load_command_s load_dpovrd;
+	uint32_t dpovrd;
+} __attribute__((packed, aligned(64)));
+
+#endif
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 11/14] crypto/caam_jr: add scatter gather
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (9 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 10/14] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 12/14] crypto/caam_jr: add statistics ops Gagandeep Singh
                     ` (5 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add the scatter gather feature
for auth-only, cipher-only and cipher-auth
operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 375 ++++++++++++++++++++++++++++++-
 1 file changed, 374 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index c0933a750..a4118cd11 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -623,6 +623,101 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 	return num_rx;
 }
 
+/**
+ * packet looks like:
+ *		|<----data_len------->|
+ *    |ip_header|ah_header|icv|payload|
+ *              ^
+ *		|
+ *	   mbuf->pkt.data
+ */
+static inline struct caam_jr_op_ctx *
+build_auth_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	int	length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t extra_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (is_decode(ses))
+		extra_segs = 2;
+	else
+		extra_segs = 1;
+
+	if ((mbuf->nb_segs + extra_segs) > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	length = sym->auth.data.length;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		/* digest verification case */
+		sg++;
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	} else {
+		length -= ses->digest_length;
+	}
+
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr,
+		(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, length);
+	/* enabling sg list */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -688,6 +783,123 @@ build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+static inline struct caam_jr_op_ctx *
+build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *in_sg;
+	int length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t reg_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		reg_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2;
+	} else {
+		mbuf = sym->m_src;
+		reg_segs = mbuf->nb_segs * 2 + 2;
+	}
+
+	if (reg_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	sg = &ctx->sg[0];
+	length = sym->cipher.data.length;
+
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0,
+			length);
+	/*enabling sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/*input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+
+	length = sym->cipher.data.length + ses->iv.length;
+
+	/* IV */
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	/* 1st seg */
+	sg++;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+				+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, in_sg), 0,
+				length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -752,6 +964,161 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+/* For decapsulation:
+ *     Input:
+ * +----+----------------+--------------------------------+-----+
+ * | IV | Auth-only data | Authenticated & Encrypted data | ICV |
+ * +----+----------------+--------------------------------+-----+
+ *     Output:
+ * +----+--------------------------+
+ * | Decrypted & authenticated data |
+ * +----+--------------------------+
+ */
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *out_sg, *in_sg;
+	struct rte_mbuf *mbuf;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t req_segs;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 3;
+	} else {
+		mbuf = sym->m_src;
+		req_segs = mbuf->nb_segs * 2 + 3;
+	}
+
+	if (req_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	out_sg = &ctx->sg[0];
+	if (is_encode(ses))
+		length = sym->auth.data.length + ses->digest_length;
+	else
+		length = sym->auth.data.length;
+
+	sg = &ctx->sg[0];
+
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(out_sg), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+	if (is_encode(ses))
+		length = ses->iv.length + sym->auth.data.length;
+	else
+		length = ses->iv.length + sym->auth.data.length
+						+ ses->digest_length;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg++;
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		sg++;
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(in_sg), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -899,8 +1266,14 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
 	} else {
-		if (is_aead(ses))
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth_sg(op, ses);
+		else if (is_aead(ses))
 			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only_sg(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only_sg(op, ses);
 	}
 err1:
 	if (unlikely(!ctx)) {
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 12/14] crypto/caam_jr: add statistics ops
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (10 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 11/14] crypto/caam_jr: add scatter gather Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload Gagandeep Singh
                     ` (4 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the following statistics operations:
 - stats_get
 - stats_reset

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 54 ++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index a4118cd11..beb54d5da 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -104,6 +104,58 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses)
 	return ctx;
 }
 
+static
+void caam_jr_stats_get(struct rte_cryptodev *dev,
+			struct rte_cryptodev_stats *stats)
+{
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+					dev->data->queue_pairs;
+	int i;
+
+	PMD_INIT_FUNC_TRACE();
+	if (stats == NULL) {
+		CAAM_JR_ERR("Invalid stats ptr NULL");
+		return;
+	}
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+
+		stats->enqueued_count += qp[i]->tx_pkts;
+		stats->dequeued_count += qp[i]->rx_pkts;
+		stats->enqueue_err_count += qp[i]->tx_errs;
+		stats->dequeue_err_count += qp[i]->rx_errs;
+		CAAM_JR_INFO("extra stats:\n\tRX Poll ERR = %" PRIu64
+			     "\n\tTX Ring Full = %" PRIu64,
+			     qp[i]->rx_poll_err,
+			     qp[i]->tx_ring_full);
+	}
+}
+
+static
+void caam_jr_stats_reset(struct rte_cryptodev *dev)
+{
+	int i;
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+				   (dev->data->queue_pairs);
+
+	PMD_INIT_FUNC_TRACE();
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+		qp[i]->rx_pkts = 0;
+		qp[i]->rx_errs = 0;
+		qp[i]->rx_poll_err = 0;
+		qp[i]->tx_pkts = 0;
+		qp[i]->tx_errs = 0;
+		qp[i]->tx_ring_full = 0;
+	}
+}
+
 static inline int
 is_cipher_only(struct caam_jr_session *ses)
 {
@@ -1716,6 +1768,8 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.stats_get	      = caam_jr_stats_get,
+	.stats_reset	      = caam_jr_stats_reset,
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (11 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 12/14] crypto/caam_jr: add statistics ops Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-19  2:17     ` Thomas Monjalon
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 14/14] doc: add caam jr cryptodev details Gagandeep Singh
                     ` (3 subsequent siblings)
  16 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch provides the support for protocol offload
to the hardware. following security operations are
added:
 - session_create
 - session_destroy
 - capabilities_get

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c     | 360 ++++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_pvt.h |   5 +
 2 files changed, 354 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index beb54d5da..e3002d6fb 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -27,7 +27,6 @@
 /* RTA header files */
 #include <hw/desc/common.h>
 #include <hw/desc/algo.h>
-#include <hw/desc/ipsec.h>
 #include <of.h>
 
 #define CAAM_JR_DBG	0
@@ -186,7 +185,15 @@ is_auth_cipher(struct caam_jr_session *ses)
 {
 	PMD_INIT_FUNC_TRACE();
 	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
-		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL) &&
+		(ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC));
+}
+
+static inline int
+is_proto_ipsec(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC);
 }
 
 static inline int
@@ -212,27 +219,39 @@ caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
 		ses->digest_length = 0;
 		break;
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_MD5_96 : OP_ALG_ALGSEL_MD5;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_96 : OP_ALG_ALGSEL_SHA1;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_160 : OP_ALG_ALGSEL_SHA224;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_256_128 : OP_ALG_ALGSEL_SHA256;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_384_192 : OP_ALG_ALGSEL_SHA384;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
-		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_512_256 : OP_ALG_ALGSEL_SHA512;
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	default:
@@ -248,15 +267,21 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 	case RTE_CRYPTO_CIPHER_NULL:
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
-		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CBC : OP_ALG_ALGSEL_AES;
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
-		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_3DES : OP_ALG_ALGSEL_3DES;
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CTR:
-		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CTR : OP_ALG_ALGSEL_AES;
 		alginfo_c->algmode = OP_ALG_AAI_CTR;
 		break;
 	default:
@@ -420,6 +445,22 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 		cdb->sh_desc[0] = 0;
 		cdb->sh_desc[1] = 0;
 		cdb->sh_desc[2] = 0;
+		if (is_proto_ipsec(ses)) {
+			if (ses->dir == DIR_ENC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_encap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->encap_pdb,
+						(uint8_t *)&ses->ip4_hdr,
+						&alginfo_c, &alginfo_a);
+			} else if (ses->dir == DIR_DEC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_decap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->decap_pdb,
+						&alginfo_c, &alginfo_a);
+			}
+		} else {
 			/* Auth_only_len is set as 0 here and it will be
 			 * overwritten in fd for each packet.
 			 */
@@ -427,6 +468,7 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 					true, swap, &alginfo_c, &alginfo_a,
 					ses->iv.length, 0,
 					ses->digest_length, ses->dir);
+		}
 	}
 
 	if (shared_desc_len < 0) {
@@ -1281,6 +1323,50 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 
 	return ctx;
 }
+
+static inline struct caam_jr_op_ctx *
+build_proto(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx = NULL;
+	phys_addr_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+	ctx->op = op;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+			cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr, 0,
+			sym->m_src->buf_len - sym->m_src->data_off);
+	/* input */
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)src_start_addr, 0,
+			sym->m_src->pkt_len);
+	sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK;
+
+	return ctx;
+}
+
 static int
 caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 {
@@ -1296,6 +1382,11 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		get_sym_session_private_data(op->sym->session,
 					cryptodev_driver_id);
 		break;
+	case RTE_CRYPTO_OP_SECURITY_SESSION:
+		ses = (struct caam_jr_session *)
+			get_sec_session_private_data(
+					op->sym->sec_session);
+		break;
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
 		qp->tx_errs++;
@@ -1317,6 +1408,8 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 			ctx = build_auth_only(op, ses);
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
+		else if (is_proto_ipsec(ses))
+			ctx = build_proto(op, ses);
 	} else {
 		if (is_auth_cipher(ses))
 			ctx = build_cipher_auth_sg(op, ses);
@@ -1687,6 +1780,228 @@ caam_jr_sym_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+static int
+caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
+			  struct rte_security_session_conf *conf,
+			  void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
+	struct rte_crypto_auth_xform *auth_xform;
+	struct rte_crypto_cipher_xform *cipher_xform;
+	struct caam_jr_session *session = (struct caam_jr_session *)sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		cipher_xform = &conf->crypto_xform->cipher;
+		auth_xform = &conf->crypto_xform->next->auth;
+	} else {
+		auth_xform = &conf->crypto_xform->auth;
+		cipher_xform = &conf->crypto_xform->next->cipher;
+	}
+	session->proto_alg = conf->protocol;
+	session->cipher_key.data = rte_zmalloc(NULL,
+					       cipher_xform->key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL &&
+			cipher_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+
+	session->cipher_key.length = cipher_xform->key.length;
+	session->auth_key.data = rte_zmalloc(NULL,
+					auth_xform->key.length,
+					RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL &&
+			auth_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		rte_free(session->cipher_key.data);
+		return -ENOMEM;
+	}
+	session->auth_key.length = auth_xform->key.length;
+	memcpy(session->cipher_key.data, cipher_xform->key.data,
+			cipher_xform->key.length);
+	memcpy(session->auth_key.data, auth_xform->key.data,
+			auth_xform->key.length);
+
+	switch (auth_xform->algo) {
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+	case RTE_CRYPTO_AUTH_KASUMI_F9:
+	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
+	case RTE_CRYPTO_AUTH_ZUC_EIA3:
+		CAAM_JR_ERR("Crypto: Unsupported auth alg %u\n",
+			auth_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Auth specified %u\n",
+			auth_xform->algo);
+		goto out;
+	}
+
+	switch (cipher_xform->algo) {
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR;
+		break;
+	case RTE_CRYPTO_CIPHER_NULL:
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+	case RTE_CRYPTO_CIPHER_3DES_ECB:
+	case RTE_CRYPTO_CIPHER_AES_ECB:
+	case RTE_CRYPTO_CIPHER_KASUMI_F8:
+		CAAM_JR_ERR("Crypto: Unsupported Cipher alg %u\n",
+			cipher_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Cipher specified %u\n",
+			cipher_xform->algo);
+		goto out;
+	}
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		memset(&session->encap_pdb, 0, sizeof(struct ipsec_encap_pdb) +
+				sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_v = IPVERSION;
+		session->ip4_hdr.ip_hl = 5;
+		session->ip4_hdr.ip_len = rte_cpu_to_be_16(
+						sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_tos = ipsec_xform->tunnel.ipv4.dscp;
+		session->ip4_hdr.ip_id = 0;
+		session->ip4_hdr.ip_off = 0;
+		session->ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl;
+		session->ip4_hdr.ip_p = (ipsec_xform->proto ==
+				RTE_SECURITY_IPSEC_SA_PROTO_ESP) ? IPPROTO_ESP
+				: IPPROTO_AH;
+		session->ip4_hdr.ip_sum = 0;
+		session->ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip;
+		session->ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip;
+		session->ip4_hdr.ip_sum = calc_chksum((uint16_t *)
+						(void *)&session->ip4_hdr,
+						sizeof(struct ip));
+
+		session->encap_pdb.options =
+			(IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
+			PDBOPTS_ESP_OIHI_PDB_INL |
+			PDBOPTS_ESP_IVSRC |
+			PDBHMO_ESP_ENCAP_DTTL;
+		session->encap_pdb.spi = ipsec_xform->spi;
+		session->encap_pdb.ip_hdr_len = sizeof(struct ip);
+
+		session->dir = DIR_ENC;
+	} else if (ipsec_xform->direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		session->decap_pdb.options = sizeof(struct ip) << 16;
+		session->dir = DIR_DEC;
+	} else
+		goto out;
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+out:
+	rte_free(session->auth_key.data);
+	rte_free(session->cipher_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+	return -1;
+}
+
+static int
+caam_jr_security_session_create(void *dev,
+				struct rte_security_session_conf *conf,
+				struct rte_security_session *sess,
+				struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	switch (conf->protocol) {
+	case RTE_SECURITY_PROTOCOL_IPSEC:
+		ret = caam_jr_set_ipsec_session(cdev, conf,
+				sess_private_data);
+		break;
+	case RTE_SECURITY_PROTOCOL_MACSEC:
+		return -ENOTSUP;
+	default:
+		return -EINVAL;
+	}
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sec_session_private_data(sess, sess_private_data);
+
+	return ret;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static int
+caam_jr_security_session_destroy(void *dev __rte_unused,
+				 struct rte_security_session *sess)
+{
+	PMD_INIT_FUNC_TRACE();
+	void *sess_priv = get_sec_session_private_data(sess);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(sess, 0, sizeof(struct caam_jr_session));
+		set_sec_session_private_data(sess, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+	return 0;
+}
+
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -1778,6 +2093,14 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
+static struct rte_security_ops caam_jr_security_ops = {
+	.session_create = caam_jr_security_session_create,
+	.session_update = NULL,
+	.session_stats_get = NULL,
+	.session_destroy = caam_jr_security_session_destroy,
+	.set_pkt_metadata = NULL,
+	.capabilities_get = caam_jr_get_security_capabilities
+};
 
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
@@ -1997,6 +2320,7 @@ caam_jr_dev_init(const char *name,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct rte_security_ctx *security_instance;
 	struct uio_job_ring *job_ring;
 	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
@@ -2066,6 +2390,20 @@ caam_jr_dev_init(const char *name,
 		return 0;
 	}
 
+	/*TODO free it during teardown*/
+	security_instance = rte_malloc("caam_jr",
+				sizeof(struct rte_security_ctx), 0);
+	if (security_instance == NULL) {
+		CAAM_JR_ERR("memory allocation failed\n");
+		//todo error handling.
+		goto cleanup2;
+	}
+
+	security_instance->device = (void *)dev;
+	security_instance->ops = &caam_jr_security_ops;
+	security_instance->sess_cnt = 0;
+	dev->security_ctx = security_instance;
+
 	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
 
 	return 0;
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
index 58fd257fc..9f1adabc7 100644
--- a/drivers/crypto/caam_jr/caam_jr_pvt.h
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -5,6 +5,8 @@
 #ifndef CAAM_JR_PVT_H
 #define CAAM_JR_PVT_H
 
+#include <hw/desc/ipsec.h>
+
 /* NXP CAAM JR PMD device name */
 
 #define CAAM_JR_ALG_UNSUPPORT	(-1)
@@ -110,6 +112,7 @@ struct caam_jr_session {
 	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
 	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
 	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	enum rte_security_session_protocol proto_alg; /* Security Algorithm*/
 	union {
 		struct {
 			uint8_t *data;	/* pointer to key data */
@@ -132,7 +135,9 @@ struct caam_jr_session {
 	} iv;	/* Initialisation vector parameters */
 	uint16_t auth_only_len; /* Length of data for Auth only */
 	uint32_t digest_length;
+	struct ipsec_encap_pdb encap_pdb;
 	struct ip ip4_hdr;
+	struct ipsec_decap_pdb decap_pdb;
 	struct caam_jr_qp *qp;
 	struct sec_cdb *cdb;	/* cmd block associated with qp */
 	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v2 14/14] doc: add caam jr cryptodev details
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (12 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload Gagandeep Singh
@ 2018-10-12 14:40   ` Gagandeep Singh
  2018-10-16 12:58   ` [dpdk-dev] [PATCH v2 00/14] Introducing the NXP CAAM job ring driver Akhil Goyal
                     ` (2 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-12 14:40 UTC (permalink / raw)
  To: dev, akhil.goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add caam jr driver details, supported features and algorithms
in the document.

release note and MAINTAINERS are also updated.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 MAINTAINERS                                |   7 +
 doc/guides/cryptodevs/caam_jr.rst          | 150 +++++++++++++++++++++
 doc/guides/cryptodevs/features/caam_jr.ini |  46 +++++++
 doc/guides/cryptodevs/index.rst            |   1 +
 doc/guides/rel_notes/release_18_11.rst     |   5 +
 5 files changed, 209 insertions(+)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini

diff --git a/MAINTAINERS b/MAINTAINERS
index b5294cbea..f50c6cae0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -850,6 +850,13 @@ F: drivers/crypto/null/
 F: doc/guides/cryptodevs/null.rst
 F: doc/guides/cryptodevs/features/null.ini
 
+NXP CAAM JR
+M: Gagandeep Singh <g.singh@nxp.com>
+M: Hemant Agrawal <hemant.agrawal@nxp.com>
+F: drivers/crypto/caam_jr/
+F: doc/guides/cryptodevs/caam_jr.rst
+F: doc/guides/cryptodevs/features/caam_jr.ini
+
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
diff --git a/doc/guides/cryptodevs/caam_jr.rst b/doc/guides/cryptodevs/caam_jr.rst
new file mode 100644
index 000000000..e87ff0915
--- /dev/null
+++ b/doc/guides/cryptodevs/caam_jr.rst
@@ -0,0 +1,150 @@
+..  SPDX-License-Identifier: BSD-3-Clause
+    Copyright 2018 NXP
+
+
+NXP CAAM JOB RING (caam_jr)
+===========================
+
+The caam_jr PMD provides poll mode crypto driver support for NXP SEC 4.x+ (CAAM)
+hardware accelerator. More information is available at:
+
+`NXP Cryptographic Acceleration Technology  <https://www.nxp.com/applications/solutions/internet-of-things/secure-things/network-security-technology/cryptographic-acceleration-technology:NETWORK_SECURITY_CRYPTOG>`_.
+
+Architecture
+------------
+
+SEC is the SOC's security engine, which serves as NXP's latest cryptographic
+acceleration and offloading hardware. It combines functions previously
+implemented in separate modules to create a modular and scalable acceleration
+and assurance engine. It also implements block encryption algorithms, stream
+cipher algorithms, hashing algorithms, public key algorithms, run-time
+integrity checking, and a hardware random number generator. SEC performs
+higher-level cryptographic operations than previous NXP cryptographic
+accelerators. This provides significant improvement to system level performance.
+
+SEC HW accelerator above 4.x+ version are also known as CAAM.
+
+caam_jr PMD is one of DPAA drivers which uses uio interface to interact with
+Linux kernel for configure and destroy the device instance (ring).
+
+
+Implementation
+--------------
+
+SEC provides platform assurance by working with SecMon, which is a companion
+logic block that tracks the security state of the SOC. SEC is programmed by
+means of descriptors (not to be confused with frame descriptors (FDs)) that
+indicate the operations to be performed and link to the message and
+associated data. SEC incorporates two DMA engines to fetch the descriptors,
+read the message data, and write the results of the operations. The DMA
+engine provides a scatter/gather capability so that SEC can read and write
+data scattered in memory. SEC may be configured by means of software for
+dynamic changes in byte ordering. The default configuration for this version
+of SEC is little-endian mode.
+
+Note that one physical Job Ring represent one caam_jr device.
+
+Features
+--------
+
+The CAAM_JR PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_3DES_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CBC``
+* ``RTE_CRYPTO_CIPHER_AES192_CBC``
+* ``RTE_CRYPTO_CIPHER_AES256_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CTR``
+* ``RTE_CRYPTO_CIPHER_AES192_CTR``
+* ``RTE_CRYPTO_CIPHER_AES256_CTR``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_MD5_HMAC``
+
+AEAD algorithms:
+
+* ``RTE_CRYPTO_AEAD_AES_GCM``
+
+Supported DPAA SoCs
+--------------------
+
+* LS1046A/LS1026A
+* LS1043A/LS1023A
+* LS1028A
+* LS1012A
+
+Limitations
+-----------
+
+* Hash followed by Cipher mode is not supported
+* Only supports the session-oriented API implementation (session-less APIs are not supported).
+
+Prerequisites
+-------------
+
+caam_jr driver has following dependencies are not part of DPDK and must be installed separately:
+
+* **NXP Linux SDK**
+
+  NXP Linux software development kit (SDK) includes support for the family
+  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
+  and corresponding boards.
+
+  It includes the Linux board support packages (BSPs) for NXP SoCs,
+  a fully operational tool chain, kernel and board specific modules.
+
+  SDK and related information can be obtained from:  `NXP QorIQ SDK  <http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
+
+Currently supported by DPDK:
+
+* NXP SDK **18.09+**.
+* Supported architectures:  **arm64 LE**.
+
+* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup the basic DPDK environment.
+
+Pre-Installation Configuration
+------------------------------
+
+Config File Options
+~~~~~~~~~~~~~~~~~~~
+
+The following options can be modified in the ``config`` file
+to enable caam_jr PMD.
+
+Please note that enabling debugging options may affect system performance.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
+  By default it is only enabled in common_linuxapp config.
+  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
+  By default it is disabled.
+  It can be used when the underlying hardware supports the CAAM in BE mode.
+  e.g. LS1043A, LS1046A supports CAAM in BE mode.
+  BE mode is enabled by default in defconfig-arm64-dpaa-linuxapp-gcc.
+
+Installations
+-------------
+To compile the caam_jr PMD for Linux arm64 gcc target, run the
+following ``make`` command:
+
+.. code-block:: console
+
+   cd <DPDK-source-directory>
+   make config T=arm64-armv8a-linuxapp-gcc install
+
+Enabling logs
+-------------
+
+For enabling logs, use the following EAL parameter:
+
+.. code-block:: console
+
+   ./your_crypto_application <EAL args> --log-level=pmd.crypto.caam,<level>
diff --git a/doc/guides/cryptodevs/features/caam_jr.ini b/doc/guides/cryptodevs/features/caam_jr.ini
new file mode 100644
index 000000000..68f8d8195
--- /dev/null
+++ b/doc/guides/cryptodevs/features/caam_jr.ini
@@ -0,0 +1,46 @@
+;
+; Supported features of the 'caam_jr' crypto driver.
+;
+; Refer to default.ini for the full list of available PMD features.
+;
+[Features]
+Symmetric crypto       = Y
+Sym operation chaining = Y
+HW Accelerated         = Y
+Protocol offload       = Y
+In Place SGL           = Y
+OOP SGL In SGL Out     = Y
+OOP SGL In LB  Out     = Y
+OOP LB  In SGL Out     = Y
+OOP LB  In LB  Out     = Y
+
+;
+; Supported crypto algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Cipher]
+AES CBC (128) = Y
+AES CBC (192) = Y
+AES CBC (256) = Y
+AES CTR (128) = Y
+AES CTR (192) = Y
+AES CTR (256) = Y
+3DES CBC      = Y
+
+;
+; Supported authentication algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Auth]
+MD5 HMAC     = Y
+SHA1 HMAC    = Y
+SHA224 HMAC  = Y
+SHA256 HMAC  = Y
+SHA384 HMAC  = Y
+SHA512 HMAC  = Y
+
+;
+; Supported AEAD algorithms of the 'dpaa2_sec' crypto driver.
+;
+[AEAD]
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
index bd1588537..83610e64f 100644
--- a/doc/guides/cryptodevs/index.rst
+++ b/doc/guides/cryptodevs/index.rst
@@ -13,6 +13,7 @@ Crypto Device Drivers
     aesni_mb
     aesni_gcm
     armv8
+    caam_jr
     ccp
     dpaa2_sec
     dpaa_sec
diff --git a/doc/guides/rel_notes/release_18_11.rst b/doc/guides/rel_notes/release_18_11.rst
index 56bc435ed..fba349a48 100644
--- a/doc/guides/rel_notes/release_18_11.rst
+++ b/doc/guides/rel_notes/release_18_11.rst
@@ -174,6 +174,11 @@ New Features
   The AESNI MB PMD has been updated with additional support for AES-GCM
   algorithm support.
 
+* **Added NXP CAAM JR PMD.**
+
+  Added the new caam job ring driver for NXP platforms. See the
+  "NXP CAAM JOB RING (caam_jr)" document for more details on this new driver.
+
 API Changes
 -----------
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 00/14] Introducing the NXP CAAM job ring driver
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (13 preceding siblings ...)
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 14/14] doc: add caam jr cryptodev details Gagandeep Singh
@ 2018-10-16 12:58   ` Akhil Goyal
  2018-10-16 14:34   ` Akhil Goyal
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
  16 siblings, 0 replies; 97+ messages in thread
From: Akhil Goyal @ 2018-10-16 12:58 UTC (permalink / raw)
  To: Gagandeep Singh, dev



On 10/12/2018 8:10 PM, Gagandeep Singh wrote:
> v1->v2 change-log:
> * Most of the checkpatch warnings and erros are removed
> * CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS and
>    CONFIG_RTE_PMD_CAAM_JR_DEBUG flags removed
> * local unlikely macro removed
> * extra spaces removed and functions format fixed
> * indentation fixed
> * documentation is updated
> * dead code removed
> * device capabilities added in separate file and
>    functions added to access them.
> * missing PMD_INIT_FUNC_TRACE() added to the respective
>    functions
> * description added to the all patches
> * some patches splited (sg support, uio, capabilities, hw)
>
> v1:
> The caam_jr PMD provides poll mode crypto driver
> support for NXP SEC 4.x+ (CAAM) hardware accelerator.
>
> Gagandeep Singh (10):
>    crypto/caam_jr: introduce basic driver
>    crypto/caam_jr: add HW tuning options
>    crypto/caam_jr: add routines to configure HW
>    crypto/caam_jr: add UIO specific operations
>    crypto/caam_jr: add basic job ring routines
>    crypto/caam_jr: add device basic ops
>    crypto/caam_jr: add device cababilities
>    crypto/caam_jr: add session configuration methods
>    crypto/caam_jr: add enqueue dequeue operations
>    crypto/caam_jr: add scatter gather
>
> Hemant Agrawal (4):
>    crypto/caam_jr: add queue pair config ops
>    crypto/caam_jr: add statistics ops
>    crypto/caam_jr: add security offload
>    doc: add caam jr cryptodev details
>
>   MAINTAINERS                                   |    7 +
>   config/common_base                            |    6 +
>   config/common_linuxapp                        |    1 +
>   config/defconfig_arm64-dpaa-linuxapp-gcc      |    3 +
>   doc/guides/cryptodevs/caam_jr.rst             |  150 +
>   doc/guides/cryptodevs/features/caam_jr.ini    |   46 +
>   doc/guides/cryptodevs/index.rst               |    1 +
>   doc/guides/rel_notes/release_18_11.rst        |    5 +
>   drivers/crypto/Makefile                       |    1 +
>   drivers/crypto/caam_jr/Makefile               |   44 +
>   drivers/crypto/caam_jr/caam_jr.c              | 2508 +++++++++++++++++
>   drivers/crypto/caam_jr/caam_jr.h              |   18 +
>   drivers/crypto/caam_jr/caam_jr_capabilities.c |  266 ++
>   drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
>   drivers/crypto/caam_jr/caam_jr_desc.h         |  285 ++
>   drivers/crypto/caam_jr/caam_jr_hw.c           |  367 +++
>   drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
>   drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
>   drivers/crypto/caam_jr/caam_jr_pvt.h          |  291 ++
>   drivers/crypto/caam_jr/caam_jr_uio.c          |  501 ++++
>   drivers/crypto/caam_jr/meson.build            |   17 +
>   .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
>   drivers/crypto/meson.build                    |    5 +-
>   23 files changed, 5276 insertions(+), 2 deletions(-)
>   create mode 100644 doc/guides/cryptodevs/caam_jr.rst
>   create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini
>   create mode 100644 drivers/crypto/caam_jr/Makefile
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
>   create mode 100644 drivers/crypto/caam_jr/meson.build
>   create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
>
Series Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 00/14] Introducing the NXP CAAM job ring driver
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (14 preceding siblings ...)
  2018-10-16 12:58   ` [dpdk-dev] [PATCH v2 00/14] Introducing the NXP CAAM job ring driver Akhil Goyal
@ 2018-10-16 14:34   ` Akhil Goyal
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
  16 siblings, 0 replies; 97+ messages in thread
From: Akhil Goyal @ 2018-10-16 14:34 UTC (permalink / raw)
  To: Gagandeep Singh, dev



On 10/12/2018 8:10 PM, Gagandeep Singh wrote:
> v1->v2 change-log:
> * Most of the checkpatch warnings and erros are removed
> * CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS and
>    CONFIG_RTE_PMD_CAAM_JR_DEBUG flags removed
> * local unlikely macro removed
> * extra spaces removed and functions format fixed
> * indentation fixed
> * documentation is updated
> * dead code removed
> * device capabilities added in separate file and
>    functions added to access them.
> * missing PMD_INIT_FUNC_TRACE() added to the respective
>    functions
> * description added to the all patches
> * some patches splited (sg support, uio, capabilities, hw)
>
> v1:
> The caam_jr PMD provides poll mode crypto driver
> support for NXP SEC 4.x+ (CAAM) hardware accelerator.
>
> Gagandeep Singh (10):
>    crypto/caam_jr: introduce basic driver
>    crypto/caam_jr: add HW tuning options
>    crypto/caam_jr: add routines to configure HW
>    crypto/caam_jr: add UIO specific operations
>    crypto/caam_jr: add basic job ring routines
>    crypto/caam_jr: add device basic ops
>    crypto/caam_jr: add device cababilities
>    crypto/caam_jr: add session configuration methods
>    crypto/caam_jr: add enqueue dequeue operations
>    crypto/caam_jr: add scatter gather
>
> Hemant Agrawal (4):
>    crypto/caam_jr: add queue pair config ops
>    crypto/caam_jr: add statistics ops
>    crypto/caam_jr: add security offload
>    doc: add caam jr cryptodev details
>
>   MAINTAINERS                                   |    7 +
>   config/common_base                            |    6 +
>   config/common_linuxapp                        |    1 +
>   config/defconfig_arm64-dpaa-linuxapp-gcc      |    3 +
>   doc/guides/cryptodevs/caam_jr.rst             |  150 +
>   doc/guides/cryptodevs/features/caam_jr.ini    |   46 +
>   doc/guides/cryptodevs/index.rst               |    1 +
>   doc/guides/rel_notes/release_18_11.rst        |    5 +
>   drivers/crypto/Makefile                       |    1 +
>   drivers/crypto/caam_jr/Makefile               |   44 +
>   drivers/crypto/caam_jr/caam_jr.c              | 2508 +++++++++++++++++
>   drivers/crypto/caam_jr/caam_jr.h              |   18 +
>   drivers/crypto/caam_jr/caam_jr_capabilities.c |  266 ++
>   drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
>   drivers/crypto/caam_jr/caam_jr_desc.h         |  285 ++
>   drivers/crypto/caam_jr/caam_jr_hw.c           |  367 +++
>   drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
>   drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
>   drivers/crypto/caam_jr/caam_jr_pvt.h          |  291 ++
>   drivers/crypto/caam_jr/caam_jr_uio.c          |  501 ++++
>   drivers/crypto/caam_jr/meson.build            |   17 +
>   .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
>   drivers/crypto/meson.build                    |    5 +-
>   23 files changed, 5276 insertions(+), 2 deletions(-)
>   create mode 100644 doc/guides/cryptodevs/caam_jr.rst
>   create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini
>   create mode 100644 drivers/crypto/caam_jr/Makefile
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
>   create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
>   create mode 100644 drivers/crypto/caam_jr/meson.build
>   create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
>
Patches applied to dpdk-next-crypto

caam_jr.h is renamed to caam_jr_capabilities.h
and MAINTAINERS update is added to 1/14 also.


^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload Gagandeep Singh
@ 2018-10-19  2:17     ` Thomas Monjalon
  2018-10-22  9:26       ` Thomas Monjalon
  0 siblings, 1 reply; 97+ messages in thread
From: Thomas Monjalon @ 2018-10-19  2:17 UTC (permalink / raw)
  To: Hemant Agrawal; +Cc: dev, Gagandeep Singh, akhil.goyal

12/10/2018 16:40, Gagandeep Singh:
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
> 
> This patch provides the support for protocol offload
> to the hardware. following security operations are
> added:
>  - session_create
>  - session_destroy
>  - capabilities_get
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

I think you need to disable this feature if rte_security is disabled.
Please test compilation with CONFIG_RTE_LIBRTE_SECURITY=n.

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options
  2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options Gagandeep Singh
@ 2018-10-19  9:11     ` Thomas Monjalon
  2018-10-22 12:31       ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Thomas Monjalon @ 2018-10-19  9:11 UTC (permalink / raw)
  To: Gagandeep Singh; +Cc: dev, akhil.goyal, Hemant Agrawal

12/10/2018 16:40, Gagandeep Singh:
> --- /dev/null
> +++ b/drivers/crypto/caam_jr/caam_jr_config.h
> +typedef uint64_t	dma_addr_t;

In some environments, there is a redefinition error because of
drivers/bus/dpaa/include/compat.h

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload
  2018-10-19  2:17     ` Thomas Monjalon
@ 2018-10-22  9:26       ` Thomas Monjalon
  2018-10-22 10:31         ` Hemant Agrawal
  0 siblings, 1 reply; 97+ messages in thread
From: Thomas Monjalon @ 2018-10-22  9:26 UTC (permalink / raw)
  To: Hemant Agrawal, Gagandeep Singh, akhil.goyal; +Cc: dev, shreyansh.jain

19/10/2018 04:17, Thomas Monjalon:
> 12/10/2018 16:40, Gagandeep Singh:
> > From: Hemant Agrawal <hemant.agrawal@nxp.com>
> > 
> > This patch provides the support for protocol offload
> > to the hardware. following security operations are
> > added:
> >  - session_create
> >  - session_destroy
> >  - capabilities_get
> > 
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> 
> I think you need to disable this feature if rte_security is disabled.
> Please test compilation with CONFIG_RTE_LIBRTE_SECURITY=n.

Someone to fix it please?

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload
  2018-10-22  9:26       ` Thomas Monjalon
@ 2018-10-22 10:31         ` Hemant Agrawal
  0 siblings, 0 replies; 97+ messages in thread
From: Hemant Agrawal @ 2018-10-22 10:31 UTC (permalink / raw)
  To: Thomas Monjalon, Gagandeep Singh, Akhil Goyal; +Cc: dev, Shreyansh Jain

Gagan is working on it.

On 10/22/2018 2:56 PM, Thomas Monjalon wrote:
> 19/10/2018 04:17, Thomas Monjalon:
>> 12/10/2018 16:40, Gagandeep Singh:
>>> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>>>
>>> This patch provides the support for protocol offload
>>> to the hardware. following security operations are
>>> added:
>>>   - session_create
>>>   - session_destroy
>>>   - capabilities_get
>>>
>>> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
>> I think you need to disable this feature if rte_security is disabled.
>> Please test compilation with CONFIG_RTE_LIBRTE_SECURITY=n.
> Someone to fix it please?
>
>


^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options
  2018-10-19  9:11     ` Thomas Monjalon
@ 2018-10-22 12:31       ` Gagandeep Singh
  2018-10-22 13:32         ` Ali Alnubani
  0 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 12:31 UTC (permalink / raw)
  To: Thomas Monjalon; +Cc: dev, Akhil Goyal, Hemant Agrawal

Hi

> -----Original Message-----
> From: Thomas Monjalon <thomas@monjalon.net>
> Sent: Friday, October 19, 2018 2:42 PM
> To: Gagandeep Singh <G.Singh@nxp.com>
> Cc: dev@dpdk.org; Akhil Goyal <akhil.goyal@nxp.com>; Hemant Agrawal
> <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning
> options
> 
> 12/10/2018 16:40, Gagandeep Singh:
> > --- /dev/null
> > +++ b/drivers/crypto/caam_jr/caam_jr_config.h
> > +typedef uint64_t	dma_addr_t;
> 
> In some environments, there is a redefinition error because of
> drivers/bus/dpaa/include/compat.h
> 
I am unable to reproduce the issue on my setup. Can you please point me the exact environment on which you are getting this issue?

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 00/15] Introducing the NXP CAAM job ring driver
  2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
                     ` (15 preceding siblings ...)
  2018-10-16 14:34   ` Akhil Goyal
@ 2018-10-22 13:31   ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
                       ` (15 more replies)
  16 siblings, 16 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh

v2->v3 change-log:
* fix CONFIG_RTE_LIBRTE_SECURITY=n compilation.

v1->v2 change-log:
* Most of the checkpatch warnings and erros are removed
* CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS and
  CONFIG_RTE_PMD_CAAM_JR_DEBUG flags removed
* local unlikely macro removed
* extra spaces removed and functions format fixed
* indentation fixed
* documentation is updated
* dead code removed
* device capabilities added in separate file and 
  functions added to access them.
* missing PMD_INIT_FUNC_TRACE() added to the respective
  functions
* description added to the all patches
* some patches splited (sg support, uio, capabilities, hw)

v1:
The caam_jr PMD provides poll mode crypto driver
support for NXP SEC 4.x+ (CAAM) hardware accelerator.

Gagandeep Singh (10):
  crypto/caam_jr: introduce basic driver
  crypto/caam_jr: add HW tuning options
  crypto/caam_jr: add routines to configure HW
  crypto/caam_jr: add UIO specific operations
  crypto/caam_jr: add basic job ring routines
  crypto/caam_jr: add device basic ops
  crypto/caam_jr: add session configuration methods
  crypto/caam_jr: add device cababilities
  crypto/caam_jr: add enqueue dequeue operations
  crypto/caam_jr: add scatter gather

Hemant Agrawal (5):
  crypto/caam_jr: add queue pair config ops
  crypto/caam_jr: add statistics ops
  crypto/caam_jr: add security offload
  doc: add caam jr cryptodev details
  test/crypto: add CAAM JR driver validation test cases

 MAINTAINERS                                   |    7 +
 config/common_base                            |    6 +
 config/common_linuxapp                        |    1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |    3 +
 doc/guides/cryptodevs/caam_jr.rst             |  150 +
 doc/guides/cryptodevs/features/caam_jr.ini    |   46 +
 doc/guides/cryptodevs/index.rst               |    1 +
 doc/guides/rel_notes/release_18_11.rst        |    5 +
 drivers/crypto/Makefile                       |    1 +
 drivers/crypto/caam_jr/Makefile               |   44 +
 drivers/crypto/caam_jr/caam_jr.c              | 2568 +++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  268 ++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |   21 +
 drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
 drivers/crypto/caam_jr/caam_jr_desc.h         |  285 ++
 drivers/crypto/caam_jr/caam_jr_hw.c           |  369 +++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
 drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  295 ++
 drivers/crypto/caam_jr/caam_jr_uio.c          |  503 ++++
 drivers/crypto/caam_jr/meson.build            |   17 +
 .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
 drivers/crypto/meson.build                    |    5 +-
 test/test/test_cryptodev.c                    |  138 +
 test/test/test_cryptodev.h                    |    1 +
 test/test/test_cryptodev_aes_test_vectors.h   |   33 +
 test/test/test_cryptodev_blockcipher.c        |    7 +
 test/test/test_cryptodev_blockcipher.h        |    1 +
 test/test/test_cryptodev_des_test_vectors.h   |   14 +-
 test/test/test_cryptodev_hash_test_vectors.h  |   14 +
 30 files changed, 5555 insertions(+), 4 deletions(-)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 01/15] crypto/caam_jr: introduce basic driver
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
                       ` (14 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

The caam_jr poll mode crypto driver is supported for
NXP SEC 4.x+ (CAAM) hardware accelerator.
This driver is by default supported on LE platforms,
if it is used on BE platforms like LS104X,
config option CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE can be
enabled.

This patch add skeleton for caam jobring driver
with probe and uintialisation functions

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 MAINTAINERS                                   |   5 +
 config/common_base                            |   6 +
 config/common_linuxapp                        |   1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |   3 +
 drivers/crypto/Makefile                       |   1 +
 drivers/crypto/caam_jr/Makefile               |  37 +++++
 drivers/crypto/caam_jr/caam_jr.c              | 151 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
 drivers/crypto/caam_jr/meson.build            |  11 ++
 .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
 drivers/crypto/meson.build                    |   5 +-
 11 files changed, 264 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

diff --git a/MAINTAINERS b/MAINTAINERS
index 450749ab2..9de01189a 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -851,6 +851,11 @@ F: drivers/crypto/null/
 F: doc/guides/cryptodevs/null.rst
 F: doc/guides/cryptodevs/features/null.ini
 
+NXP CAAM JR
+M: Gagandeep Singh <g.singh@nxp.com>
+M: Hemant Agrawal <hemant.agrawal@nxp.com>
+F: drivers/crypto/caam_jr/
+
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
diff --git a/config/common_base b/config/common_base
index 302f74a2e..9f45d9eaf 100644
--- a/config/common_base
+++ b/config/common_base
@@ -495,6 +495,12 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
 
+#
+# Compile NXP CAAM JR crypto Driver
+#
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
+
 #
 # Compile NXP DPAA2 crypto sec driver for CAAM HW
 #
diff --git a/config/common_linuxapp b/config/common_linuxapp
index 76b884c48..3565ec8c1 100644
--- a/config/common_linuxapp
+++ b/config/common_linuxapp
@@ -40,6 +40,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
 CONFIG_RTE_LIBRTE_DPAA_PMD=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
 
 # NXP FSLMC BUS and DPAA2 drivers
 CONFIG_RTE_LIBRTE_FSLMC_BUS=y
diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc b/config/defconfig_arm64-dpaa-linuxapp-gcc
index c47aec0a6..544b6770d 100644
--- a/config/defconfig_arm64-dpaa-linuxapp-gcc
+++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
@@ -21,3 +21,6 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
 # NXP DPAA Bus
 CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
 CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
+
+# NXP CAAM_JR driver
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index c083e64ff..c25a19fb0 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO) += octeontx
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
new file mode 100644
index 000000000..b1f3ecee7
--- /dev/null
+++ b/drivers/crypto/caam_jr/Makefile
@@ -0,0 +1,37 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2017 NXP
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+#
+# library name
+#
+LIB = librte_pmd_caam_jr.a
+
+# build flags
+CFLAGS += -DALLOW_EXPERIMENTAL_API
+
+CFLAGS += -D _GNU_SOURCE
+
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
+
+# versioning export map
+EXPORT_MAP := rte_pmd_caam_jr_version.map
+
+# library version
+LIBABIVER := 1
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+# library dependencies
+
+LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
+LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_vdev
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
new file mode 100644
index 000000000..27331194a
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -0,0 +1,151 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <sched.h>
+#include <net/if.h>
+
+#include <rte_byteorder.h>
+#include <rte_common.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_crypto.h>
+#include <rte_cryptodev.h>
+#include <rte_bus_vdev.h>
+#include <rte_malloc.h>
+#include <rte_security_driver.h>
+#include <rte_hexdump.h>
+
+#include <caam_jr_log.h>
+
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
+static uint8_t cryptodev_driver_id;
+int caam_jr_logtype;
+
+/*
+ * @brief Release the resources used by the SEC user space driver.
+ *
+ * Reset and release SEC's job rings indicated by the User Application at
+ * init_job_ring() and free any memory allocated internally.
+ * Call once during application tear down.
+ *
+ * @note In case there are any descriptors in-flight (descriptors received by
+ * SEC driver for processing and for which no response was yet provided to UA),
+ * the descriptors are discarded without any notifications to User Application.
+ *
+ * @retval ::0			is returned for a successful execution
+ * @retval ::-1		is returned if SEC driver release is in progress
+ */
+static int
+caam_jr_dev_uninit(struct rte_cryptodev *dev)
+{
+	if (dev == NULL)
+		return -ENODEV;
+
+	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_init(const char *name,
+		 struct rte_vdev_device *vdev,
+		 struct rte_cryptodev_pmd_init_params *init_params)
+{
+	struct rte_cryptodev *dev;
+
+	PMD_INIT_FUNC_TRACE();
+
+	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
+	if (dev == NULL) {
+		CAAM_JR_ERR("failed to create cryptodev vdev");
+		goto cleanup;
+	}
+
+	dev->driver_id = cryptodev_driver_id;
+	dev->dev_ops = NULL;
+
+	/* For secondary processes, we don't initialise any further as primary
+	 * has already done this work. Only check we don't need a different
+	 * RX function
+	 */
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		CAAM_JR_WARN("Device already init by primary process");
+		return 0;
+	}
+
+	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
+
+	return 0;
+
+cleanup:
+	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
+			init_params->name);
+
+	return -ENXIO;
+}
+
+/** Initialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev_pmd_init_params init_params = {
+		"",
+		128,
+		rte_socket_id(),
+		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
+	};
+	const char *name;
+	const char *input_args;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	input_args = rte_vdev_device_args(vdev);
+	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
+
+	return caam_jr_dev_init(name, vdev, &init_params);
+}
+
+/** Uninitialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_remove(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev *cryptodev;
+	const char *name;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
+	if (cryptodev == NULL)
+		return -ENODEV;
+
+	caam_jr_dev_uninit(cryptodev);
+
+	return rte_cryptodev_pmd_destroy(cryptodev);
+}
+
+static struct rte_vdev_driver cryptodev_caam_jr_drv = {
+	.probe = cryptodev_caam_jr_probe,
+	.remove = cryptodev_caam_jr_remove
+};
+
+static struct cryptodev_driver caam_jr_crypto_drv;
+
+RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD, cryptodev_caam_jr_drv);
+RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
+	"max_nb_queue_pairs=<int>"
+	"socket_id=<int>");
+RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver,
+		cryptodev_driver_id);
+
+RTE_INIT(caam_jr_init_log)
+{
+	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
+	if (caam_jr_logtype >= 0)
+		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE);
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_log.h b/drivers/crypto/caam_jr/caam_jr_log.h
new file mode 100644
index 000000000..106ff07a7
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_log.h
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef _CAAM_JR_LOG_H_
+#define _CAAM_JR_LOG_H_
+
+#include <rte_log.h>
+
+extern int caam_jr_logtype;
+
+#define CAAM_JR_LOG(level, fmt, args...) \
+	rte_log(RTE_LOG_ ## level, caam_jr_logtype, "caam_jr: " \
+		fmt "\n", ##args)
+
+#define CAAM_JR_DEBUG(fmt, args...) \
+	rte_log(RTE_LOG_DEBUG, caam_jr_logtype, "caam_jr: %s(): " \
+		fmt "\n", __func__, ##args)
+
+#define PMD_INIT_FUNC_TRACE() CAAM_JR_DEBUG(" >>")
+
+#define CAAM_JR_INFO(fmt, args...) \
+	CAAM_JR_LOG(INFO, fmt, ## args)
+#define CAAM_JR_ERR(fmt, args...) \
+	CAAM_JR_LOG(ERR, fmt, ## args)
+#define CAAM_JR_WARN(fmt, args...) \
+	CAAM_JR_LOG(WARNING, fmt, ## args)
+
+/* DP Logs, toggled out at compile time if level lower than current level */
+#define CAAM_JR_DP_LOG(level, fmt, args...) \
+	RTE_LOG_DP(level, PMD, fmt "\n", ## args)
+
+#define CAAM_JR_DP_DEBUG(fmt, args...) \
+	CAAM_JR_DP_LOG(DEBUG, fmt, ## args)
+#define CAAM_JR_DP_INFO(fmt, args...) \
+	CAAM_JR_DP_LOG(INFO, fmt, ## args)
+#define CAAM_JR_DP_WARN(fmt, args...) \
+	CAAM_JR_DP_LOG(WARNING, fmt, ## args)
+#define CAAM_JR_DP_ERR(fmt, args...) \
+	CAAM_JR_DP_LOG(ERR, fmt, ## args)
+
+#endif /* _CAAM_JR_LOG_H_ */
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
new file mode 100644
index 000000000..3edd0a212
--- /dev/null
+++ b/drivers/crypto/caam_jr/meson.build
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2018 NXP
+
+if host_machine.system() != 'linux'
+        build = false
+endif
+
+deps += ['bus_vdev', 'bus_dpaa', 'security']
+sources = files('caam_jr.c')
+
+allow_experimental_apis = true
diff --git a/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
new file mode 100644
index 000000000..521e51f41
--- /dev/null
+++ b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
@@ -0,0 +1,4 @@
+DPDK_18.11 {
+
+	local: *;
+};
diff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build
index e9c491af6..bf1bd9286 100644
--- a/drivers/crypto/meson.build
+++ b/drivers/crypto/meson.build
@@ -1,8 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause
 # Copyright(c) 2017 Intel Corporation
 
-drivers = ['aesni_gcm', 'aesni_mb', 'ccp', 'dpaa_sec', 'dpaa2_sec', 'kasumi', 'mvsam',
-	'null', 'octeontx', 'openssl', 'qat', 'scheduler', 'virtio', 'zuc']
+drivers = ['aesni_gcm', 'aesni_mb', 'caam_jr', 'ccp', 'dpaa_sec', 'dpaa2_sec',
+	'kasumi', 'mvsam', 'null', 'octeontx', 'openssl', 'qat', 'scheduler',
+	'virtio', 'zuc']
 
 std_deps = ['cryptodev'] # cryptodev pulls in all other needed deps
 config_flag_fmt = 'RTE_LIBRTE_@0@_PMD'
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 02/15] crypto/caam_jr: add HW tuning options
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
                       ` (13 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr hardware can be tuned for multiple settings
like ring depth, coalescing, notification types, cache
size etc.

These parameter can be used for performance tuning
for various platforms.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr_config.h | 207 ++++++++++++++++++++++++
 1 file changed, 207 insertions(+)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h

diff --git a/drivers/crypto/caam_jr/caam_jr_config.h b/drivers/crypto/caam_jr/caam_jr_config.h
new file mode 100644
index 000000000..e7855cee6
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_config.h
@@ -0,0 +1,207 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CONFIG_H
+#define CAAM_JR_CONFIG_H
+
+#include <rte_byteorder.h>
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+#define CAAM_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CAAM_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+#define CORE_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CORE_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+typedef uint64_t	dma_addr_t;
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+
+#define cpu_to_caam64 rte_cpu_to_be_64
+#define cpu_to_caam32 rte_cpu_to_be_32
+#else
+#define cpu_to_caam64
+#define cpu_to_caam32
+
+#endif
+
+/*
+ * SEC is configured to start work in polling mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_POLLING_MODE     0
+/*
+ * SEC is configured to start work in interrupt mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_INTERRUPT_MODE   1
+
+/*
+ * SEC driver will use NAPI model to receive notifications
+ * for processed packets from SEC engine hardware:
+ * - IRQ for low traffic
+ * - polling for high traffic.
+ */
+#define SEC_NOTIFICATION_TYPE_NAPI  0
+/*
+ * SEC driver will use ONLY interrupts to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_IRQ   1
+/*
+ * SEC driver will use ONLY polling to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_POLL  2
+
+/*
+ * SEC USER SPACE DRIVER related configuration.
+ */
+
+/*
+ * Determines how SEC user space driver will receive notifications
+ * for processed packets from SEC engine.
+ * Valid values are: #SEC_NOTIFICATION_TYPE_POLL, #SEC_NOTIFICATION_TYPE_IRQ
+ * and #SEC_NOTIFICATION_TYPE_NAPI.
+ */
+#define SEC_NOTIFICATION_TYPE   SEC_NOTIFICATION_TYPE_POLL
+
+/* Maximum number of job rings supported by SEC hardware */
+#define MAX_SEC_JOB_RINGS         4
+
+/* Maximum number of QP per job ring */
+#define RTE_CAAM_MAX_NB_SEC_QPS    1
+
+/*
+ * Size of cryptographic context that is used directly in communicating
+ * with SEC device. SEC device works only with physical addresses. This
+ * is the maximum size for a SEC descriptor ( = 64 words).
+ */
+#define SEC_CRYPTO_DESCRIPTOR_SIZE  256
+
+/*
+ * Size of job descriptor submitted to SEC device for each packet to
+ * be processed.
+ * Job descriptor contains 3 DMA address pointers:
+ *	- to shared descriptor, to input buffer and to output buffer.
+ * The job descriptor contains other SEC specific commands as well:
+ *	- HEADER command, SEQ IN PTR command SEQ OUT PTR command and opaque data
+ *      each measuring 4 bytes.
+ * Job descriptor size, depending on physical address representation:
+ *	- 32 bit - size is 28 bytes - cacheline-aligned size is 64 bytes
+ *	- 36 bit - size is 40 bytes - cacheline-aligned size is 64 bytes
+ * @note: Job descriptor must be cacheline-aligned to ensure efficient
+ *	memory access.
+ * @note: If other format is used for job descriptor, then the size must be
+ *	revised.
+ */
+#define SEC_JOB_DESCRIPTOR_SIZE     64
+
+/*
+ * Size of one entry in the input ring of a job ring.
+ * Input ring contains pointers to job descriptors.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ */
+#define SEC_JOB_INPUT_RING_ENTRY_SIZE  sizeof(dma_addr_t)
+
+/*
+ * Size of one entry in the output ring of a job ring.
+ * Output ring entry is a pointer to a job descriptor followed by a 4 byte
+ * status word.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ * @note If desired to use also the optional SEQ OUT indication in output ring
+ * entries,
+ * then 4 more bytes must be added to the size.
+ */
+#define SEC_JOB_OUTPUT_RING_ENTRY_SIZE  (SEC_JOB_INPUT_RING_ENTRY_SIZE + 4)
+
+/*
+ * DMA memory required for an input ring of a job ring.
+ */
+#define SEC_DMA_MEM_INPUT_RING_SIZE     ((SEC_JOB_INPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/*
+ * DMA memory required for an output ring of a job ring.
+ *  Required extra 4 byte for status word per each entry.
+ */
+#define SEC_DMA_MEM_OUTPUT_RING_SIZE    ((SEC_JOB_OUTPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/* DMA memory required for a job ring, including both input and output rings. */
+#define SEC_DMA_MEM_JOB_RING_SIZE       ((SEC_DMA_MEM_INPUT_RING_SIZE) + \
+					(SEC_DMA_MEM_OUTPUT_RING_SIZE))
+
+/*
+ * When calling sec_init() UA will provide an area of virtual memory
+ *  of size #SEC_DMA_MEMORY_SIZE to be  used internally by the driver
+ *  to allocate data (like SEC descriptors) that needs to be passed to
+ *  SEC device in physical addressing and later on retrieved from SEC device.
+ *  At initialization the UA provides specialized ptov/vtop functions/macros to
+ *  translate addresses allocated from this memory area.
+ */
+#define SEC_DMA_MEMORY_SIZE          ((SEC_DMA_MEM_JOB_RING_SIZE) * \
+					(MAX_SEC_JOB_RINGS))
+
+#define L1_CACHE_BYTES 64
+
+/* SEC JOB RING related configuration. */
+
+/*
+ * Configure the size of the JOB RING.
+ * The maximum size of the ring in hardware limited to 1024.
+ * However the number of packets in flight in a time interval of 1ms can
+ * be calculated from the traffic rate (Mbps) and packet size.
+ * Here it was considered a packet size of 64 bytes.
+ *
+ * @note Round up to nearest power of 2 for optimized update
+ * of producer/consumer indexes of each job ring
+ */
+#define SEC_JOB_RING_SIZE     512
+
+/*
+ * Interrupt coalescing related configuration.
+ * NOTE: SEC hardware enabled interrupt
+ * coalescing is not supported on SEC version 3.1!
+ * SEC version 4.4 has support for interrupt
+ * coalescing.
+ */
+
+#if SEC_NOTIFICATION_TYPE != SEC_NOTIFICATION_TYPE_POLL
+
+#define SEC_INT_COALESCING_ENABLE   1
+/*
+ * Interrupt Coalescing Descriptor Count Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines
+ * how many Descriptors are completed before raising an interrupt.
+ *
+ * Valid values for this field are from 0 to 255.
+ * Note that a value of 1 functionally defeats the advantages of interrupt
+ * coalescing since the threshold value is reached each time that a
+ * Job Descriptor is completed. A value of 0 is treated in the same
+ * manner as a value of 1.
+ */
+#define SEC_INTERRUPT_COALESCING_DESCRIPTOR_COUNT_THRESH  10
+
+/*
+ * Interrupt Coalescing Timer Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines the
+ * maximum amount of time after processing a Descriptor before raising an
+ * interrupt.
+ * The threshold value is represented in units equal to 64 CAAM interface
+ * clocks. Valid values for this field are from 1 to 65535.
+ * A value of 0 results in behavior identical to that when interrupt
+ * coalescing is disabled.
+ */
+#define SEC_INTERRUPT_COALESCING_TIMER_THRESH  100
+#endif /* SEC_NOTIFICATION_TYPE_POLL */
+
+#endif /* CAAM_JR_CONFIG_H */
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 03/15] crypto/caam_jr: add routines to configure HW
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
                       ` (12 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add routines for configuring the hw
to support various features.
These routines will be used by the PMD ops.
The patch also defines structure and macros used
to access hw capabilities.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile              |   5 +
 drivers/crypto/caam_jr/caam_jr_hw.c          | 379 ++++++++++++++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_pvt.h         | 286 +++++++++++
 drivers/crypto/caam_jr/meson.build           |   5 +-
 5 files changed, 1177 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index b1f3ecee7..e22943749 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -16,7 +16,10 @@ CFLAGS += -D _GNU_SOURCE
 CFLAGS += -O3
 CFLAGS += $(WERROR_FLAGS)
 
+CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
 CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+#sharing the hw flib headers from dpaa2_sec pmd
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
 
@@ -28,10 +31,12 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
 LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_dpaa
 LDLIBS += -lrte_bus_vdev
 
 include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
new file mode 100644
index 000000000..73cc61a27
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -0,0 +1,379 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <inttypes.h>
+#include <rte_common.h>
+#include <rte_memory.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Used to retry resetting a job ring in SEC hardware. */
+#define SEC_TIMEOUT 100000
+
+/* @brief Process Jump Halt Condition related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_cond_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x, Condition: 0x%x",
+			error_code.error_desc.jmp_halt_cond_src.jmp,
+			error_code.error_desc.jmp_halt_cond_src.desc_idx,
+			error_code.error_desc.jmp_halt_cond_src.cond);
+	(void)error_code;
+}
+
+/* @brief Process DECO related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_deco_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x",
+			error_code.error_desc.deco_src.jmp,
+			error_code.error_desc.deco_src.desc_idx);
+
+	switch (error_code.error_desc.deco_src.desc_err) {
+	case SEC_HW_ERR_DECO_HFN_THRESHOLD:
+		CAAM_JR_DEBUG(" Warning: Descriptor completed normally,"
+			"but 3GPP HFN matches or exceeds the Threshold ");
+		break;
+	default:
+		CAAM_JR_DEBUG("Error 0x%04x not implemented",
+				error_code.error_desc.deco_src.desc_err);
+		break;
+	}
+}
+
+/* @brief Process  Jump Halt User Status related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_user_err(union hw_error_code error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process CCB related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_ccb_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process Job Ring related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+int
+hw_reset_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	ASSERT(job_ring->register_base_addr != NULL);
+
+	/* First reset the job ring in hw */
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret, "Failed resetting job ring in hardware");
+
+	/* In order to have the HW JR in a workable state
+	 * after a reset, I need to re-write the input
+	 * queue size, input start address, output queue
+	 * size and output start address
+	 */
+	/* Write the JR input queue size to the HW register */
+	hw_set_input_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR output queue size to the HW register */
+	hw_set_output_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR input queue start address */
+	hw_set_input_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->input_ring));
+	CAAM_JR_DEBUG(" Set input ring base address to : Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->input_ring,
+		      caam_jr_dma_vtop(job_ring->input_ring),
+		      hw_get_inp_queue_base(job_ring));
+
+	/* Write the JR output queue start address */
+	hw_set_output_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->output_ring));
+	CAAM_JR_DEBUG(" Set output ring base address to: Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->output_ring,
+		      caam_jr_dma_vtop(job_ring->output_ring),
+		      hw_get_out_queue_base(job_ring));
+	return ret;
+}
+
+int
+hw_shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	unsigned int timeout = SEC_TIMEOUT;
+	uint32_t tmp = 0;
+	int usleep_interval = 10;
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return 0;
+	}
+
+	CAAM_JR_INFO("Resetting Job ring %p", job_ring);
+
+	/*
+	 * Mask interrupts since we are going to poll
+	 * for reset completion status
+	 * Also, at POR, interrupts are ENABLED on a JR, thus
+	 * this is the point where I can disable them without
+	 * changing the code logic too much
+	 */
+	caam_jr_disable_irqs(job_ring->irq_fd);
+
+	/* initiate flush (required prior to reset) */
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	/* dummy read */
+	tmp = GET_JR_REG(JRCR, job_ring);
+
+	do {
+		tmp = GET_JR_REG(JRINT, job_ring);
+		usleep(usleep_interval);
+	} while (((tmp & JRINT_ERR_HALT_MASK) ==
+			JRINT_ERR_HALT_INPROGRESS) && --timeout);
+
+	CAAM_JR_INFO("JRINT is %x", tmp);
+	if ((tmp & JRINT_ERR_HALT_MASK) != JRINT_ERR_HALT_COMPLETE ||
+		timeout == 0) {
+		CAAM_JR_ERR("0x%x, %d", tmp, timeout);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+
+	/* Initiate reset */
+	timeout = SEC_TIMEOUT;
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	do {
+		tmp = GET_JR_REG(JRCR, job_ring);
+		usleep(usleep_interval);
+	} while ((tmp & JR_REG_JRCR_VAL_RESET) && --timeout);
+
+	CAAM_JR_DEBUG("JRCR is %x", tmp);
+	if (timeout == 0) {
+		CAAM_JR_ERR("Failed to reset hw job ring %p", job_ring);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+	/* unmask interrupts */
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+		caam_jr_enable_irqs(job_ring->irq_fd);
+	return 0;
+
+}
+
+void
+hw_handle_job_ring_error(struct sec_job_ring_t *job_ring __rte_unused,
+			 uint32_t error_code)
+{
+	union hw_error_code hw_err_code;
+
+	hw_err_code.error = error_code;
+	switch (hw_err_code.error_desc.value.ssrc) {
+	case SEC_HW_ERR_SSRC_NO_SRC:
+		ASSERT(hw_err_code.error_desc.no_status_src.res == 0);
+		CAAM_JR_ERR("No Status Source ");
+		break;
+	case SEC_HW_ERR_SSRC_CCB_ERR:
+		CAAM_JR_ERR("CCB Status Source");
+		hw_handle_ccb_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_U:
+		CAAM_JR_ERR("Jump Halt User Status Source");
+		hw_handle_jmp_halt_user_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_DECO:
+		CAAM_JR_ERR("DECO Status Source");
+		hw_handle_deco_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JR:
+		CAAM_JR_ERR("Job Ring Status Source");
+		hw_handle_jr_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_COND:
+		CAAM_JR_ERR("Jump Halt Condition Codes");
+		hw_handle_jmp_halt_cond_err(hw_err_code);
+		break;
+	default:
+		ASSERT(0);
+		CAAM_JR_ERR("Unknown SSRC");
+		break;
+	}
+}
+
+void
+hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code)
+{
+	switch (code) {
+	case JRINT_ERR_WRITE_STATUS:
+		CAAM_JR_ERR("Error writing status to Output Ring ");
+		break;
+	case JRINT_ERR_BAD_INPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Input Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_BAD_OUTPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Output Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_WRITE_2_IRBA:
+		CAAM_JR_ERR(
+		"Invalid write to Input Ring Base Address Register ");
+		break;
+	case JRINT_ERR_WRITE_2_ORBA:
+		CAAM_JR_ERR(
+		"Invalid write to Output Ring Base Address Register ");
+		break;
+	case JRINT_ERR_RES_B4_HALT:
+		CAAM_JR_ERR(
+		"Job Ring [%p] released before Job Ring is halted",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_REM_TOO_MANY:
+		CAAM_JR_ERR("Removed too many jobs from job ring [%p]",
+			(void *)job_ring);
+		break;
+	case JRINT_ERR_ADD_TOO_MANY:
+		CAAM_JR_ERR("Added too many jobs on job ring [%p]", job_ring);
+		break;
+	default:
+		CAAM_JR_ERR(" Unknown SEC JR Error :%d",
+				code);
+		break;
+	}
+}
+
+int
+hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				 uint16_t irq_coalescing_timer,
+				 uint8_t irq_coalescing_count)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+	/* Set descriptor count coalescing */
+	reg_val |= (irq_coalescing_count << JR_REG_JRCFG_LO_ICDCT_SHIFT);
+
+	/* Set coalescing timer value */
+	reg_val |= (irq_coalescing_timer << JR_REG_JRCFG_LO_ICTT_SHIFT);
+
+	/* Update parameters in HW */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Set coalescing params on jr %p timer:%d, desc count: %d",
+			job_ring, irq_coalescing_timer, irq_coalescing_timer);
+
+	return 0;
+}
+
+int
+hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Enable coalescing */
+	reg_val |= JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Enabled coalescing on jr %p ",
+			job_ring);
+
+	return 0;
+}
+
+int
+hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Disable coalescing */
+	reg_val &= ~JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Disabled coalescing on jr %p ", job_ring);
+
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
new file mode 100644
index 000000000..5f58a585d
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
@@ -0,0 +1,503 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017 NXP
+ */
+
+#ifndef CAAM_JR_HW_SPECIFIC_H
+#define CAAM_JR_HW_SPECIFIC_H
+
+#include <caam_jr_config.h>
+
+/*
+ * Offset to the registers of a job ring.
+ * Is different for each job ring.
+ */
+#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
+
+#define SEC_JOB_RING_IS_FULL(pi, ci, ring_max_size, ring_threshold) \
+		((((pi) + 1 + ((ring_max_size) - (ring_threshold))) & \
+		  (ring_max_size - 1))  == ((ci)))
+
+#define SEC_CIRCULAR_COUNTER(x, max)   (((x) + 1) & (max - 1))
+
+/*
+ * Assert that cond is true. If !cond is true, display str and the vararg list
+ * in a printf-like syntax. also, if !cond is true, return altRet.
+ *
+ * \param cond          A boolean expression to be asserted true
+ * \param altRet        The value to be returned if cond doesn't hold true
+ * \param str           A quoted char string
+ *
+ * E.g.:
+ *      SEC_ASSERT(ret > 0, 0, "ERROR initializing app: code = %d\n", ret);
+ */
+#define SEC_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define SEC_DP_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_DP_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define ASSERT(x)
+
+/*
+ * Constants representing various job ring registers
+ */
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_IRBA_OFFSET		0x0000
+#define JR_REG_IRBA_OFFSET_LO		0x0004
+#else
+#define JR_REG_IRBA_OFFSET		0x0004
+#define JR_REG_IRBA_OFFSET_LO		0x0000
+#endif
+
+#define JR_REG_IRSR_OFFSET		0x000C
+#define JR_REG_IRSA_OFFSET		0x0014
+#define JR_REG_IRJA_OFFSET		0x001C
+
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_ORBA_OFFSET		0x0020
+#define JR_REG_ORBA_OFFSET_LO		0x0024
+#else
+#define JR_REG_ORBA_OFFSET		0x0024
+#define JR_REG_ORBA_OFFSET_LO		0x0020
+#endif
+
+#define JR_REG_ORSR_OFFSET		0x002C
+#define JR_REG_ORJR_OFFSET		0x0034
+#define JR_REG_ORSFR_OFFSET		0x003C
+#define JR_REG_JROSR_OFFSET		0x0044
+#define JR_REG_JRINT_OFFSET		0x004C
+
+#define JR_REG_JRCFG_OFFSET		0x0050
+#define JR_REG_JRCFG_OFFSET_LO		0x0054
+
+#define JR_REG_IRRI_OFFSET		0x005C
+#define JR_REG_ORWI_OFFSET		0x0064
+#define JR_REG_JRCR_OFFSET		0x006C
+
+/*
+ * Constants for error handling on job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_SHIFT	8
+#define JR_REG_JRINT_ERR_ORWI_SHIFT	16
+#define JR_REG_JRINIT_JRE_SHIFT		1
+
+#define JRINT_JRE			(1 << JR_REG_JRINIT_JRE_SHIFT)
+#define JRINT_ERR_WRITE_STATUS		(1 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_INPUT_BASE	(3 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_OUTPUT_BASE	(4 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_IRBA		(5 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_ORBA		(6 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_RES_B4_HALT		(7 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_REM_TOO_MANY		(8 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_ADD_TOO_MANY		(9 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_HALT_MASK		0x0C
+#define JRINT_ERR_HALT_INPROGRESS	0x04
+#define JRINT_ERR_HALT_COMPLETE		0x08
+
+#define JR_REG_JRCR_VAL_RESET		0x00000001
+
+#define JR_REG_JRCFG_LO_ICTT_SHIFT	0x10
+#define JR_REG_JRCFG_LO_ICDCT_SHIFT	0x08
+#define JR_REG_JRCFG_LO_ICEN_EN		0x02
+
+/*
+ * Constants for Descriptor Processing errors
+ */
+#define SEC_HW_ERR_SSRC_NO_SRC		0x00
+#define SEC_HW_ERR_SSRC_CCB_ERR		0x02
+#define SEC_HW_ERR_SSRC_JMP_HALT_U	0x03
+#define SEC_HW_ERR_SSRC_DECO		0x04
+#define SEC_HW_ERR_SSRC_JR		0x06
+#define SEC_HW_ERR_SSRC_JMP_HALT_COND   0x07
+
+#define SEC_HW_ERR_DECO_HFN_THRESHOLD   0xF1
+#define SEC_HW_ERR_CCB_ICV_CHECK_FAIL   0x0A
+
+/*
+ * Constants for descriptors
+ */
+/* Return higher 32 bits of physical address */
+#define PHYS_ADDR_HI(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) >> 32)
+
+/* Return lower 32 bits of physical address */
+#define PHYS_ADDR_LO(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) & 0xFFFFFFFF)
+
+/*
+ * Macros for extracting error codes for the job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_EXTRACT(value)      ((value) & 0x00000F00)
+#define JR_REG_JRINT_ERR_ORWI_EXTRACT(value)     \
+	(((value) & 0x3FFF0000) >> JR_REG_JRINT_ERR_ORWI_SHIFT)
+#define JR_REG_JRINT_JRE_EXTRACT(value)	   ((value) & JRINT_JRE)
+
+/*
+ * Macros for managing the job ring
+ */
+/* Read pointer to job ring input ring start address */
+#if defined(RTE_ARCH_ARM64)
+#define hw_get_inp_queue_base(jr) ((((dma_addr_t)GET_JR_REG(IRBA, \
+				      (jr))) << 32) | \
+				      (GET_JR_REG_LO(IRBA, (jr))))
+
+/* Read pointer to job ring output ring start address */
+#define hw_get_out_queue_base(jr) (((dma_addr_t)(GET_JR_REG(ORBA, \
+				     (jr))) << 32) | \
+				     (GET_JR_REG_LO(ORBA, (jr))))
+#else
+#define hw_get_inp_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(IRBA, (jr))))
+
+#define hw_get_out_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(ORBA, (jr))))
+#endif
+
+/*
+ * IRJA - Input Ring Jobs Added Register shows
+ * how many new jobs were added to the Input Ring.
+ */
+#define hw_enqueue_desc_on_job_ring(job_ring) SET_JR_REG(IRJA, (job_ring), 1)
+
+#define hw_set_input_ring_size(job_ring, size) SET_JR_REG(IRSR, job_ring, \
+							 (size))
+
+#define hw_set_output_ring_size(job_ring, size) SET_JR_REG(ORSR, job_ring, \
+							  (size))
+
+#if defined(RTE_ARCH_ARM64)
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#else
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, 0);	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, 0);	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+#endif
+
+/* ORJR - Output Ring Jobs Removed Register shows how many jobs were
+ * removed from the Output Ring for processing by software. This is done after
+ * the software has processed the entries.
+ */
+#define hw_remove_entries(jr, no_entries) SET_JR_REG(ORJR, (jr), (no_entries))
+
+/* IRSA - Input Ring Slots Available register holds the number of entries in
+ * the Job Ring's input ring. Once a job is enqueued, the value returned is
+ * decremented by the hardware by the number of jobs enqueued.
+ */
+#define hw_get_available_slots(jr)		GET_JR_REG(IRSA, jr)
+
+/* ORSFR - Output Ring Slots Full register holds the number of jobs which were
+ * processed by the SEC and can be retrieved by the software. Once a job has
+ * been processed by software, the user will call hw_remove_one_entry in order
+ * to notify the SEC that the entry was processed.
+ */
+#define hw_get_no_finished_jobs(jr)		GET_JR_REG(ORSFR, jr)
+
+/*
+ * Macros for manipulating JR registers
+ */
+#if CORE_BYTE_ORDER == CAAM_BYTE_ORDER
+#define sec_read_32(addr)	(*(volatile unsigned int *)(addr))
+#define sec_write_32(addr, val)	(*(volatile unsigned int *)(addr) = (val))
+
+#else
+#define sec_read_32(addr)	rte_bswap32((*(volatile unsigned int *)(addr)))
+#define sec_write_32(addr, val) \
+			(*(volatile unsigned int *)(addr) = rte_bswap32(val))
+#endif
+
+#if CAAM_BYTE_ORDER == __LITTLE_ENDIAN
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr) + 1) << 32) | \
+				(sec_read_32((u32 *)(addr))))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr) + 1, (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr), (u32)(val));		\
+}
+#else /* CAAM_BYTE_ORDER == __BIG_ENDIAN */
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr)) << 32) | \
+				(sec_read_32((u32 *)(addr) + 1)))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr), (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr) + 1, (u32)(val));		\
+}
+#endif
+
+#if defined(RTE_ARCH_ARM64)
+#define sec_read_addr(a)	sec_read_64((a))
+#define sec_write_addr(a, v)	sec_write_64((a), (v))
+#else
+#define sec_read_addr(a)	sec_read_32((a))
+#define sec_write_addr(a, v)	sec_write_32((a), (v))
+#endif
+
+#define JR_REG(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET)
+#define JR_REG_LO(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET_LO)
+
+#define GET_JR_REG(name, jr)	(sec_read_32(JR_REG(name, (jr))))
+#define GET_JR_REG_LO(name, jr)	(sec_read_32(JR_REG_LO(name, (jr))))
+
+#define SET_JR_REG(name, jr, value) \
+				(sec_write_32(JR_REG(name, (jr)), value))
+#define SET_JR_REG_LO(name, jr, value) \
+				(sec_write_32(JR_REG_LO(name, (jr)), value))
+
+/* Lists the possible states for a job ring. */
+typedef enum sec_job_ring_state_e {
+	SEC_JOB_RING_STATE_STARTED,	/* Job ring is initialized */
+	SEC_JOB_RING_STATE_RESET,	/* Job ring reset is in progress */
+} sec_job_ring_state_t;
+
+/* code or cmd block to caam */
+struct sec_cdb {
+	struct {
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				uint16_t rsvd63_48;
+				unsigned int rsvd47_39:9;
+				unsigned int idlen:7;
+#else
+				unsigned int idlen:7;
+				unsigned int rsvd47_39:9;
+				uint16_t rsvd63_48;
+#endif
+			} field;
+		} __rte_packed hi;
+
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				unsigned int rsvd31_30:2;
+				unsigned int fsgt:1;
+				unsigned int lng:1;
+				unsigned int offset:2;
+				unsigned int abs:1;
+				unsigned int add_buf:1;
+				uint8_t pool_id;
+				uint16_t pool_buffer_size;
+#else
+				uint16_t pool_buffer_size;
+				uint8_t pool_id;
+				unsigned int add_buf:1;
+				unsigned int abs:1;
+				unsigned int offset:2;
+				unsigned int lng:1;
+				unsigned int fsgt:1;
+				unsigned int rsvd31_30:2;
+#endif
+			} field;
+		} __rte_packed lo;
+	} __rte_packed sh_hdr;
+
+	uint32_t sh_desc[SEC_JOB_DESCRIPTOR_SIZE];
+};
+
+struct caam_jr_qp {
+	struct sec_job_ring_t *ring;
+	uint64_t rx_pkts;
+	uint64_t rx_errs;
+	uint64_t rx_poll_err;
+	uint64_t tx_pkts;
+	uint64_t tx_errs;
+	uint64_t tx_ring_full;
+};
+
+struct sec_job_ring_t {
+	/* TODO: Add wrapper macro to make it obvious this is the consumer index
+	 * on the output ring
+	 */
+	uint32_t cidx;		/* Consumer index for job ring (jobs array).
+				 * @note: cidx and pidx are accessed from
+				 * different threads. Place the cidx and pidx
+				 * inside the structure so that they lay on
+				 * different cachelines, to avoid false sharing
+				 * between threads when the threads run on
+				 * different cores!
+				 */
+	/* TODO: Add wrapper macro to make it obvious this is the producer index
+	 * on the input ring
+	 */
+	uint32_t pidx;		/* Producer index for job ring (jobs array) */
+
+	phys_addr_t *input_ring;/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	struct sec_outring_entry *output_ring;
+				/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	uint32_t irq_fd;	/* The file descriptor used for polling from
+				 * user space for interrupts notifications
+				 */
+	uint32_t jr_mode;	/* Model used by SEC Driver to receive
+				 * notifications from SEC.  Can be either
+				 * of the three: #SEC_NOTIFICATION_TYPE_NAPI
+				 * #SEC_NOTIFICATION_TYPE_IRQ or
+				 * #SEC_NOTIFICATION_TYPE_POLL
+				 */
+	uint32_t napi_mode;	/* Job ring mode if NAPI mode is chosen
+				 * Used only when jr_mode is set to
+				 * #SEC_NOTIFICATION_TYPE_NAPI
+				 */
+	void *register_base_addr;	/* Base address for SEC's
+					 * register memory for this job ring.
+					 */
+	uint8_t coalescing_en;		/* notifies if coelescing is
+					 * enabled for the job ring
+					 */
+	sec_job_ring_state_t jr_state;	/* The state of this job ring */
+
+	struct rte_mempool *ctx_pool;   /* per dev mempool for caam_jr_op_ctx */
+	unsigned int max_nb_queue_pairs;
+	unsigned int max_nb_sessions;
+	struct caam_jr_qp qps[RTE_CAAM_MAX_NB_SEC_QPS]; /* i/o queue for sec */
+};
+
+/* Union describing the possible error codes that
+ * can be set in the descriptor status word
+ */
+union hw_error_code {
+	uint32_t error;
+	union {
+		struct {
+			uint32_t ssrc:4;
+			uint32_t ssed_val:28;
+		} __rte_packed value;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:28;
+		} __rte_packed no_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cha_id:4;
+			uint32_t err_id:4;
+		} __rte_packed ccb_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t offset:8;
+		} __rte_packed jmp_halt_user_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t desc_err:8;
+		} __rte_packed deco_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:17;
+			uint32_t naddr:3;
+			uint32_t desc_err:8;
+		} __rte_packed jr_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cond:8;
+		} __rte_packed jmp_halt_cond_src;
+	} __rte_packed error_desc;
+} __rte_packed;
+
+/* @brief Initialize a job ring/channel in SEC device.
+ * Write configuration register/s to properly initialize a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval other for error
+ */
+int hw_reset_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Reset a job ring/channel in SEC device.
+ * Write configuration register/s to reset a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval -1 in case job ring reset failed
+ */
+int hw_shutdown_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Handle a job ring/channel error in SEC device.
+ * Identify the error type and clear error bits if required.
+ *
+ * @param [in]  job_ring	The job ring
+ * @param [in]  sec_error_code  The job ring's error code
+ */
+void hw_handle_job_ring_error(struct sec_job_ring_t *job_ring,
+			      uint32_t sec_error_code);
+
+/* @brief Handle a job ring error in the device.
+ * Identify the error type and printout a explanatory
+ * messages.
+ *
+ * @param [in]  job_ring	The job ring
+ *
+ */
+void hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code);
+
+/* @brief Set interrupt coalescing parameters on the Job Ring.
+ * @param [in]  job_ring		The job ring
+ * @param [in]  irq_coalesing_timer     Interrupt coalescing timer threshold.
+ *					This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in]  irq_coalescing_count    Interrupt coalescing descriptor count
+ *					threshold.
+ */
+int hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				     uint16_t irq_coalescing_timer,
+				     uint8_t irq_coalescing_count);
+
+/* @brief Enable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring);
+
+/* @brief Disable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring);
+
+#endif /* CAAM_JR_HW_SPECIFIC_H */
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
new file mode 100644
index 000000000..58fd257fc
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -0,0 +1,286 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_PVT_H
+#define CAAM_JR_PVT_H
+
+/* NXP CAAM JR PMD device name */
+
+#define CAAM_JR_ALG_UNSUPPORT	(-1)
+
+/* Minimum job descriptor consists of a oneword job descriptor HEADER and
+ * a pointer to the shared descriptor.
+ */
+#define MIN_JOB_DESC_SIZE	(CAAM_CMD_SZ + CAAM_PTR_SZ)
+#define CAAM_JOB_DESC_SIZE	13
+
+/* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
+#define CTX_POOL_NUM_BUFS	32000
+#define CTX_POOL_CACHE_SIZE	512
+
+#define DIR_ENC                 1
+#define DIR_DEC                 0
+
+#define JR_MAX_NB_MAX_DIGEST	32
+
+#define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
+
+
+/* Return codes for SEC user space driver APIs */
+enum sec_return_code_e {
+	SEC_SUCCESS = 0,	       /* Operation executed successfully.*/
+	SEC_INVALID_INPUT_PARAM,       /* API received an invalid input
+					* parameter
+					*/
+	SEC_OUT_OF_MEMORY,	       /* Memory allocation failed. */
+	SEC_DESCRIPTOR_IN_FLIGHT,      /* API function indicates there are
+					* descriptors in flight
+					* for SEC to process.
+					*/
+	SEC_LAST_DESCRIPTOR_IN_FLIGHT, /* API function indicates there is one
+					* last descriptor in flight
+					* for SEC to process that.
+					*/
+	SEC_PROCESSING_ERROR,	       /* Indicates a SEC processing error
+					* occurred on a Job Ring which requires
+					* a SEC user space driver shutdown. Can
+					* be returned from sec_poll_job_ring().
+					* Then the only other API that can be
+					* called after this error is
+					* sec_release().
+					*/
+	SEC_DESC_PROCESSING_ERROR,     /* Indicates a SEC descriptor processing
+					* error occurred on a Job Ring. Can be
+					* returned from sec_poll_job_ring().
+					* The driver was able to reset job ring
+					* and job ring can be used like in a
+					* normal case.
+					*/
+	SEC_JR_IS_FULL,			/* Job Ring is full. There is no more
+					 * room in the JR for new descriptors.
+					 * This can happen if the descriptor RX
+					 * rate is higher than SEC's capacity.
+					 */
+	SEC_DRIVER_RELEASE_IN_PROGRESS, /* SEC driver shutdown is in progress,
+					 * descriptors processing or polling is
+					 * allowed.
+					 */
+	SEC_DRIVER_ALREADY_INITIALIZED, /* SEC driver is already initialized.*/
+	SEC_DRIVER_NOT_INITIALIZED,	/* SEC driver is NOT initialized. */
+	SEC_JOB_RING_RESET_IN_PROGRESS, /* Job ring is resetting due to a
+					 * per-descriptor SEC processing error
+					 * ::SEC_desc_PROCESSING_ERROR. Reset is
+					 * finished when sec_poll_job_ring()
+					 * return. Then the job ring can be used
+					 * again.
+					 */
+	SEC_RESET_ENGINE_FAILED,	/* Resetting of SEC Engine by SEC Kernel
+					 * Driver Failed
+					 */
+	SEC_ENABLE_IRQS_FAILED,		/* Enabling of IRQs in SEC Kernel Driver
+					 * Failed
+					 */
+	SEC_DISABLE_IRQS_FAILED,	/* Disabling of IRQs in SEC Kernel
+					 * Driver Failed
+					 */
+	/* END OF VALID VALUES */
+
+	SEC_RETURN_CODE_MAX_VALUE,	/* Invalid value for return code. It is
+					 * used to mark the end of the return
+					 * code values. @note ALL new return
+					 * code values MUST be added before
+					 * ::SEC_RETURN_CODE_MAX_VALUE!
+					 */
+};
+
+enum caam_jr_op_type {
+	CAAM_JR_NONE,  /* No Cipher operations*/
+	CAAM_JR_CIPHER,/* CIPHER operations */
+	CAAM_JR_AUTH,  /* Authentication Operations */
+	CAAM_JR_AEAD,  /* Authenticated Encryption with associated data */
+	CAAM_JR_IPSEC, /* IPSEC protocol operations*/
+	CAAM_JR_PDCP,  /* PDCP protocol operations*/
+	CAAM_JR_PKC,   /* Public Key Cryptographic Operations */
+	CAAM_JR_MAX
+};
+
+struct caam_jr_session {
+	uint8_t dir;         /* Operation Direction */
+	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
+	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
+	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	union {
+		struct {
+			uint8_t *data;	/* pointer to key data */
+			size_t length;	/* key length in bytes */
+		} aead_key;
+		struct {
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} cipher_key;
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} auth_key;
+		};
+	};
+	struct {
+		uint16_t length;
+		uint16_t offset;
+	} iv;	/* Initialisation vector parameters */
+	uint16_t auth_only_len; /* Length of data for Auth only */
+	uint32_t digest_length;
+	struct ip ip4_hdr;
+	struct caam_jr_qp *qp;
+	struct sec_cdb *cdb;	/* cmd block associated with qp */
+	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
+};
+
+/*
+ * 16-byte hardware scatter/gather table
+ */
+
+#define SEC4_SG_LEN_EXT		0x80000000	/* Entry points to table */
+#define SEC4_SG_LEN_FIN		0x40000000	/* Last ent in table */
+#define SEC4_SG_BPID_MASK	0x000000ff
+#define SEC4_SG_BPID_SHIFT	16
+#define SEC4_SG_LEN_MASK	0x3fffffff	/* Excludes EXT and FINAL */
+#define SEC4_SG_OFFSET_MASK	0x00001fff
+
+struct sec4_sg_entry {
+	uint64_t ptr;
+	uint32_t len;
+	uint32_t bpid_offset;
+};
+
+#define MAX_SG_ENTRIES		16
+#define SG_CACHELINE_0		0
+#define SG_CACHELINE_1		4
+#define SG_CACHELINE_2		8
+#define SG_CACHELINE_3		12
+
+/* Structure encompassing a job descriptor which is to be processed
+ * by SEC. User should also initialise this structure with the callback
+ * function pointer which will be called by driver after recieving proccessed
+ * descriptor from SEC. User data is also passed in this data structure which
+ * will be sent as an argument to the user callback function.
+ */
+struct job_descriptor {
+	uint32_t desc[CAAM_JOB_DESC_SIZE];
+};
+
+struct caam_jr_op_ctx {
+	struct job_descriptor jobdes;
+	/* sg[0] output, sg[1] input, others are possible sub frames */
+	struct sec4_sg_entry sg[MAX_SG_ENTRIES];
+	struct rte_crypto_op *op;
+	struct rte_mempool *ctx_pool; /* mempool pointer for caam_jr_op_ctx */
+	int64_t vtop_offset;
+	uint8_t digest[JR_MAX_NB_MAX_DIGEST];
+};
+
+/**
+ * Checksum
+ *
+ * @param buffer calculate chksum for buffer
+ * @param len    buffer length
+ *
+ * @return checksum value in host cpu order
+ */
+static inline uint16_t
+calc_chksum(void *buffer, int len)
+{
+	uint16_t *buf = (uint16_t *)buffer;
+	uint32_t sum = 0;
+	uint16_t result;
+
+	for (sum = 0; len > 1; len -= 2)
+		sum += *buf++;
+
+	if (len == 1)
+		sum += *(unsigned char *)buf;
+
+	sum = (sum >> 16) + (sum & 0xFFFF);
+	sum += (sum >> 16);
+	result = ~sum;
+
+	return  result;
+}
+struct uio_job_ring {
+	uint32_t jr_id;
+	uint32_t uio_fd;
+	void *register_base_addr;
+	int map_size;
+	int uio_minor_number;
+};
+
+int sec_cleanup(void);
+int sec_configure(void);
+struct uio_job_ring *config_job_ring(void);
+void free_job_ring(uint32_t uio_fd);
+
+/* For Dma memory allocation of specified length and alignment */
+static inline void *
+caam_jr_dma_mem_alloc(size_t align, size_t len)
+{
+	return rte_malloc("mem_alloc", len, align);
+}
+
+/* For freeing dma memory */
+static inline void
+caam_jr_dma_free(void *ptr)
+{
+	rte_free(ptr);
+}
+
+static inline rte_iova_t
+caam_jr_mem_vtop(void *vaddr)
+{
+	const struct rte_memseg *ms;
+
+	ms = rte_mem_virt2memseg(vaddr, NULL);
+	if (ms)
+		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
+	return (size_t)NULL;
+}
+
+static inline void *
+caam_jr_dma_ptov(rte_iova_t paddr)
+{
+	return rte_mem_iova2virt(paddr);
+}
+
+/* Virtual to physical address conversion */
+static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
+{
+	return caam_jr_mem_vtop(ptr);
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t caam_jr_enable_irqs(uint32_t uio_fd);
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t caam_jr_disable_irqs(uint32_t uio_fd);
+
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 3edd0a212..c282eb4dc 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,6 +6,9 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr.c')
 
 allow_experimental_apis = true
+
+includes += include_directories('../dpaa2_sec/')
+includes += include_directories('../../bus/dpaa/include/')
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 04/15] crypto/caam_jr: add UIO specific operations
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (2 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
                       ` (11 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr need support from kernel caam driver for
job ring initialisation. So to access register space
for job ring and allow re configure and map to userspace
UIO interface is used. This also allows to handle the
caam interrupts from the user space.

This patch adds UIO specific operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile      |   1 +
 drivers/crypto/caam_jr/caam_jr_hw.c  |  12 -
 drivers/crypto/caam_jr/caam_jr_uio.c | 501 +++++++++++++++++++++++++++
 drivers/crypto/caam_jr/meson.build   |   2 +-
 4 files changed, 503 insertions(+), 13 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index e22943749..cfd093a5f 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -32,6 +32,7 @@ LIBABIVER := 1
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index 73cc61a27..4a2b08995 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -91,18 +91,6 @@ hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
 	CAAM_JR_DEBUG(" Not implemented");
 }
 
-uint32_t
-caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
-uint32_t
-caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
 int
 hw_reset_job_ring(struct sec_job_ring_t *job_ring)
 {
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
new file mode 100644
index 000000000..c07d9db01
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -0,0 +1,501 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <dirent.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <fcntl.h>
+
+#include <rte_common.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Prefix path to sysfs directory where UIO device attributes are exported.
+ * Path for UIO device X is /sys/class/uio/uioX
+ */
+#define SEC_UIO_DEVICE_SYS_ATTR_PATH    "/sys/class/uio"
+
+/* Subfolder in sysfs where mapping attributes are exported
+ * for each UIO device. Path for mapping Y for device X is:
+ *      /sys/class/uio/uioX/maps/mapY
+ */
+#define SEC_UIO_DEVICE_SYS_MAP_ATTR     "maps/map"
+
+/* Name of UIO device file prefix. Each UIO device will have a device file
+ * /dev/uioX, where X is the minor device number.
+ */
+#define SEC_UIO_DEVICE_FILE_NAME    "/dev/uio"
+
+/*
+ * Name of UIO device. Each user space SEC job ring will have a corresponding
+ * UIO device with the name sec-channelX, where X is the job ring id.
+ * Maximum length is #SEC_UIO_MAX_DEVICE_NAME_LENGTH.
+ *
+ * @note  Must be kept in synch with SEC kernel driver
+ * define #SEC_UIO_DEVICE_NAME !
+ */
+#define SEC_UIO_DEVICE_NAME     "fsl-jr"
+
+/* Maximum length for the name of an UIO device file.
+ * Device file name format is: /dev/uioX.
+ */
+#define SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH 30
+
+/* Maximum length for the name of an attribute file for an UIO device.
+ * Attribute files are exported in sysfs and have the name formatted as:
+ *      /sys/class/uio/uioX/<attribute_file_name>
+ */
+#define SEC_UIO_MAX_ATTR_FILE_NAME  100
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to disable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_DISABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_DISABLE_IRQ_CMD     0
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to enable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_ENABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_ENABLE_IRQ_CMD      1
+
+/** Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to do a SEC engine reset.
+ *  @note   Need to be kept in synch with #SEC_UIO_RESET_SEC_ENGINE_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_RESET_SEC_ENGINE_CMD    3
+
+/* The id for the mapping used to export SEC's registers to
+ * user space through UIO devices.
+ */
+#define SEC_UIO_MAP_ID              0
+
+static struct uio_job_ring g_uio_job_ring[MAX_SEC_JOB_RINGS];
+static int g_uio_jr_num;
+
+/** @brief Checks if a file name contains a certain substring.
+ * If so, it extracts the number following the substring.
+ * This function assumes a filename format of: [text][number].
+ * @param [in]  filename    File name
+ * @param [in]  match       String to match in file name
+ * @param [out] number      The number extracted from filename
+ *
+ * @retval true if file name matches the criteria
+ * @retval false if file name does not match the criteria
+ */
+static bool
+file_name_match_extract(const char filename[], const char match[], int *number)
+{
+	char *substr = NULL;
+
+	substr = strstr(filename, match);
+	if (substr == NULL)
+		return false;
+
+	/* substring <match> was found in <filename>
+	 * read number following <match> substring in <filename>
+	 */
+	if (sscanf(filename + strlen(match), "%d", number) <= 0)
+		return false;
+
+	return true;
+}
+
+/** @brief Reads first line from a file.
+ * Composes file name as: root/subdir/filename
+ *
+ * @param [in]  root     Root path
+ * @param [in]  subdir   Subdirectory name
+ * @param [in]  filename File name
+ * @param [out] line     The first line read from file.
+ *
+ * @retval 0 for succes
+ * @retval other value for error
+ */
+static int
+file_read_first_line(const char root[], const char subdir[],
+		     const char filename[], char *line)
+{
+	char absolute_file_name[SEC_UIO_MAX_ATTR_FILE_NAME];
+	int fd = 0, ret = 0;
+
+	/*compose the file name: root/subdir/filename */
+	memset(absolute_file_name, 0, sizeof(absolute_file_name));
+	snprintf(absolute_file_name, SEC_UIO_MAX_ATTR_FILE_NAME,
+		 "%s/%s/%s", root, subdir, filename);
+
+	fd = open(absolute_file_name, O_RDONLY);
+	SEC_ASSERT(fd > 0, fd, "Error opening file %s",
+			absolute_file_name);
+
+	/* read UIO device name from first line in file */
+	ret = read(fd, line, SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH);
+	close(fd);
+
+	/* NULL-ify string */
+	line[SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH - 1] = '\0';
+
+	if (ret <= 0) {
+		CAAM_JR_ERR("Error reading from file %s", absolute_file_name);
+		return ret;
+	}
+
+	return 0;
+}
+
+/** @brief Uses UIO control to send commands to SEC kernel driver.
+ * The mechanism is to write a command word into the file descriptor
+ * that the user-space driver obtained for each user-space SEC job ring.
+ * Both user-space driver and kernel driver must have the same understanding
+ * about the command codes.
+ *
+ * @param [in]  UIO FD		    The UIO file descriptor
+ * @param [in]  uio_command         Command word
+ *
+ * @retval Result of write operation on the job ring's UIO file descriptor.
+ *         Should be sizeof(int) for success operations.
+ *         Other values can be returned and used, if desired to add special
+ *         meaning to return values, but this has to be programmed in SEC
+ *         kernel driver as well. No special return values are used.
+ */
+static int
+sec_uio_send_command(uint32_t uio_fd, int32_t uio_command)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver execute the desired command.
+	 */
+	ret = write(uio_fd, &uio_command, sizeof(int));
+	return ret;
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver enable DONE and Error IRQs for this job ring,
+	 * at Controller level.
+	 */
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_ENABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to enable job done and "
+		"error IRQs through UIO control. UIO FD %d. Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Enabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver disable IRQs for this job ring,
+	 * at Controller level.
+	 */
+
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_DISABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to disable job done and "
+		"IRQs through UIO control. UIO_FD %d Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Disabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+/** @brief Maps register range assigned for a job ring.
+ *
+ * @param [in] uio_device_fd    UIO device file descriptor
+ * @param [in] uio_device_id    UIO device id
+ * @param [in] uio_map_id       UIO allows maximum 5 different mapping for
+				each device. Maps start with id 0.
+ * @param [out] map_size        Map size.
+ * @retval  NULL if failed to map registers
+ * @retval  Virtual address for mapped register address range
+ */
+static void *
+uio_map_registers(int uio_device_fd, int uio_device_id,
+		  int uio_map_id, int *map_size)
+{
+	void *mapped_address = NULL;
+	unsigned int uio_map_size = 0;
+	char uio_sys_root[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_sys_map_subdir[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_map_size_str[32];
+	int ret = 0;
+
+	/* compose the file name: root/subdir/filename */
+	memset(uio_sys_root, 0, sizeof(uio_sys_root));
+	memset(uio_sys_map_subdir, 0, sizeof(uio_sys_map_subdir));
+	memset(uio_map_size_str, 0, sizeof(uio_map_size_str));
+
+	/* Compose string: /sys/class/uio/uioX */
+	sprintf(uio_sys_root, "%s/%s%d", SEC_UIO_DEVICE_SYS_ATTR_PATH,
+		"uio", uio_device_id);
+	/* Compose string: maps/mapY */
+	sprintf(uio_sys_map_subdir, "%s%d", SEC_UIO_DEVICE_SYS_MAP_ATTR,
+		uio_map_id);
+
+	/* Read first (and only) line from file
+	 * /sys/class/uio/uioX/maps/mapY/size
+	 */
+	ret = file_read_first_line(uio_sys_root, uio_sys_map_subdir,
+				 "size", uio_map_size_str);
+	SEC_ASSERT(ret == 0, NULL, "file_read_first_line() failed");
+
+	/* Read mapping size, expressed in hexa(base 16) */
+	uio_map_size = strtol(uio_map_size_str, NULL, 16);
+
+	/* Map the region in user space */
+	mapped_address = mmap(0, /*dynamically choose virtual address */
+		uio_map_size, PROT_READ | PROT_WRITE,
+		MAP_SHARED, uio_device_fd, 0);
+	/* offset = 0 because UIO device has only one mapping
+	 * for the entire SEC register memory
+	 */
+	if (mapped_address == MAP_FAILED) {
+		CAAM_JR_ERR(
+			"Failed to map registers! errno = %d job ring fd  = %d,"
+			"uio device id = %d, uio map id = %d", errno,
+			uio_device_fd, uio_device_id, uio_map_id);
+		return NULL;
+	}
+
+	/*
+	 * Save the map size to use it later on for munmap-ing.
+	 */
+	*map_size = uio_map_size;
+
+	CAAM_JR_INFO("UIO dev[%d] mapped region [id =%d] size 0x%x at %p",
+		uio_device_id, uio_map_id, uio_map_size, mapped_address);
+
+	return mapped_address;
+}
+
+void
+free_job_ring(uint32_t uio_fd)
+{
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	if (!job_ring->uio_fd)
+		return;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == uio_fd) {
+			job_ring = &g_uio_job_ring[i];
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("JR not available for fd = %x\n", uio_fd);
+		return;
+	}
+
+	/* Open device file */
+	CAAM_JR_INFO("Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+	close(job_ring->uio_fd);
+	g_uio_jr_num--;
+	job_ring->uio_fd = 0;
+	if (job_ring->register_base_addr == NULL)
+		return;
+
+	/* Unmap the PCI memory resource of device */
+	if (munmap(job_ring->register_base_addr, job_ring->map_size)) {
+		CAAM_JR_INFO("cannot munmap(%p, 0x%lx): %s",
+			job_ring->register_base_addr,
+			(unsigned long)job_ring->map_size, strerror(errno));
+	} else
+		CAAM_JR_DEBUG("  JR UIO memory unmapped at %p",
+				job_ring->register_base_addr);
+	job_ring->register_base_addr = NULL;
+}
+
+struct
+uio_job_ring *config_job_ring(void)
+{
+	char uio_device_file_name[32];
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == 0) {
+			job_ring = &g_uio_job_ring[i];
+			g_uio_jr_num++;
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	/* Find UIO device created by SEC kernel driver for this job ring. */
+	memset(uio_device_file_name, 0, sizeof(uio_device_file_name));
+
+	sprintf(uio_device_file_name, "%s%d", SEC_UIO_DEVICE_FILE_NAME,
+		job_ring->uio_minor_number);
+
+	/* Open device file */
+	job_ring->uio_fd = open(uio_device_file_name, O_RDWR);
+	SEC_ASSERT(job_ring->uio_fd > 0, NULL,
+		"Failed to open UIO device file for job ring %d",
+		job_ring->jr_id);
+
+	CAAM_JR_INFO("Open device(%s) file for job ring=%d , uio_fd = %d",
+		uio_device_file_name, job_ring->jr_id, job_ring->uio_fd);
+
+	ASSERT(job_ring->register_base_addr == NULL);
+	job_ring->register_base_addr = uio_map_registers(
+			job_ring->uio_fd, job_ring->uio_minor_number,
+			SEC_UIO_MAP_ID, &job_ring->map_size);
+
+	SEC_ASSERT(job_ring->register_base_addr != NULL, NULL,
+		"Failed to map SEC registers");
+	return job_ring;
+}
+
+int
+sec_configure(void)
+{
+	char uio_name[32];
+	int config_jr_no = 0, jr_id = -1;
+	int uio_minor_number = -1;
+	int ret;
+	DIR *d = NULL;
+	struct dirent *dir;
+
+	d = opendir(SEC_UIO_DEVICE_SYS_ATTR_PATH);
+	if (d == NULL) {
+		printf("\nError opening directory '%s': %s\n",
+			SEC_UIO_DEVICE_SYS_ATTR_PATH, strerror(errno));
+		return -1;
+	}
+
+	/* Iterate through all subdirs */
+	while ((dir = readdir(d)) != NULL) {
+		if (!strncmp(dir->d_name, ".", 1) ||
+				!strncmp(dir->d_name, "..", 2))
+			continue;
+
+		if (file_name_match_extract
+			(dir->d_name, "uio", &uio_minor_number)) {
+		/*
+		 * Open file uioX/name and read first line which contains
+		 * the name for the device. Based on the name check if this
+		 * UIO device is UIO device for job ring with id jr_id.
+		 */
+			memset(uio_name, 0, sizeof(uio_name));
+			ret = file_read_first_line(SEC_UIO_DEVICE_SYS_ATTR_PATH,
+					dir->d_name, "name", uio_name);
+			CAAM_JR_INFO("sec device uio name: %s", uio_name);
+			SEC_ASSERT(ret == 0, -1, "file_read_first_line failed");
+
+			if (file_name_match_extract(uio_name,
+						SEC_UIO_DEVICE_NAME,
+						&jr_id)) {
+				g_uio_job_ring[config_jr_no].jr_id = jr_id;
+				g_uio_job_ring[config_jr_no].uio_minor_number =
+							uio_minor_number;
+				CAAM_JR_INFO("Detected logical JRID:%d", jr_id);
+				config_jr_no++;
+
+				/* todo  find the actual ring id
+				 * OF_FULLNAME=/soc/crypto@1700000/jr@20000
+				 */
+			}
+		}
+	}
+	closedir(d);
+
+	if (config_jr_no == 0) {
+		CAAM_JR_ERR("! No SEC Job Rings assigned for userspace usage!");
+		return 0;
+	}
+	CAAM_JR_INFO("Total JR detected =%d", config_jr_no);
+	return config_jr_no;
+}
+
+int
+sec_cleanup(void)
+{
+	int i;
+	struct uio_job_ring *job_ring;
+
+	for (i = 0; i < g_uio_jr_num; i++) {
+		job_ring = &g_uio_job_ring[i];
+		/* munmap SEC's register memory */
+		if (job_ring->register_base_addr) {
+			munmap(job_ring->register_base_addr,
+				job_ring->map_size);
+			job_ring->register_base_addr = NULL;
+		}
+		/* I need to close the fd after shutdown UIO commands need to be
+		 * sent using the fd
+		 */
+		if (job_ring->uio_fd != 0) {
+			CAAM_JR_INFO(
+			"Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+			close(job_ring->uio_fd);
+		}
+	}
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index c282eb4dc..7b024e886 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,7 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 05/15] crypto/caam_jr: add basic job ring routines
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (3 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
                       ` (10 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following job ring routines
 - init_job_ring (configure hw/sw resources)
 - shutdown_job_ring (releases hw/sw resources)
 - close_job_ring (flush job ring)

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 329 ++++++++++++++++++++++++++++++-
 1 file changed, 327 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 27331194a..cb024a979 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -17,12 +17,142 @@
 #include <rte_security_driver.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
 #include <caam_jr_log.h>
 
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <of.h>
+
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
 
+enum rta_sec_era rta_sec_era;
+
+/* Lists the states possible for the SEC user space driver. */
+enum sec_driver_state_e {
+	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
+	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
+	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
+};
+
+/* Job rings used for communication with SEC HW */
+static struct sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
+
+/* The current state of SEC user space driver */
+static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+/* The number of job rings used by SEC user space driver */
+static int g_job_rings_no;
+static int g_job_rings_max;
+
+/* @brief Poll the HW for already processed jobs in the JR
+ * and silently discard the available jobs or notify them to UA
+ * with indicated error code.
+ *
+ * @param [in,out]  job_ring        The job ring to poll.
+ * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
+ *				    descriptors are to be discarded
+ *                                  or notified to UA with given error_code.
+ * @param [out] notified_descs    Number of notified descriptors. Can be NULL
+ *					if do_notify is #FALSE
+ */
+static void
+hw_flush_job_ring(struct sec_job_ring_t *job_ring,
+		  uint32_t do_notify,
+		  uint32_t *notified_descs)
+{
+	int32_t jobs_no_to_discard = 0;
+	int32_t discarded_descs_no = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
+		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
+
+	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
+
+	/* Discard all jobs */
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
+		  job_ring, job_ring->pidx, job_ring->cidx,
+		  jobs_no_to_discard);
+
+	while (jobs_no_to_discard > discarded_descs_no) {
+		discarded_descs_no++;
+		/* Now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 * Increment the consumer index for the current job ring
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+					 SEC_JOB_RING_SIZE);
+
+		hw_remove_entries(job_ring, 1);
+	}
+
+	if (do_notify == true) {
+		ASSERT(notified_descs != NULL);
+		*notified_descs = discarded_descs_no;
+	}
+}
+
+
+/* @brief Flush job rings of any processed descs.
+ * The processed descs are silently dropped,
+ * WITHOUT being notified to UA.
+ */
+static void
+close_job_ring(struct sec_job_ring_t *job_ring)
+{
+	PMD_INIT_FUNC_TRACE();
+	if (job_ring->irq_fd) {
+		/* Producer index is frozen. If consumer index is not equal
+		 * with producer index, then we have descs to flush.
+		 */
+		while (job_ring->pidx != job_ring->cidx)
+			hw_flush_job_ring(job_ring, false, NULL);
+
+		/* free the uio job ring */
+		free_job_ring(job_ring->irq_fd);
+		job_ring->irq_fd = 0;
+		caam_jr_dma_free(job_ring->input_ring);
+		caam_jr_dma_free(job_ring->output_ring);
+		g_job_rings_no--;
+	}
+}
+
+/** @brief Release the software and hardware resources tied to a job ring.
+ * @param [in] job_ring The job ring
+ *
+ * @retval  0 for success
+ * @retval  -1 for error
+ */
+static int
+shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	ASSERT(job_ring != NULL);
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret,
+		"Failed to shutdown hardware job ring %p",
+		job_ring);
+
+	if (job_ring->coalescing_en)
+		hw_job_ring_disable_coalescing(job_ring);
+
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
+		ret = caam_jr_disable_irqs(job_ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+		"Failed to disable irqs for job ring %p",
+		job_ring);
+	}
+
+	return ret;
+}
+
 /*
  * @brief Release the resources used by the SEC user space driver.
  *
@@ -40,28 +170,195 @@ int caam_jr_logtype;
 static int
 caam_jr_dev_uninit(struct rte_cryptodev *dev)
 {
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
 	if (dev == NULL)
 		return -ENODEV;
 
+	internals = dev->data->dev_private;
+	rte_free(dev->security_ctx);
+
+	/* If any descriptors in flight , poll and wait
+	 * until all descriptors are received and silently discarded.
+	 */
+	if (internals) {
+		shutdown_job_ring(internals);
+		close_job_ring(internals);
+		rte_mempool_free(internals->ctx_pool);
+	}
+
 	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
 
-	return 0;
+	/* last caam jr instance) */
+	if (g_job_rings_no == 0)
+		g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+	return SEC_SUCCESS;
+}
+
+/* @brief Initialize the software and hardware resources tied to a job ring.
+ * @param [in] jr_mode;		Model to be used by SEC Driver to receive
+ *				notifications from SEC.  Can be either
+ *				of the three: #SEC_NOTIFICATION_TYPE_NAPI
+ *				#SEC_NOTIFICATION_TYPE_IRQ or
+ *				#SEC_NOTIFICATION_TYPE_POLL
+ * @param [in] NAPI_mode	The NAPI work mode to configure a job ring at
+ *				startup. Used only when #SEC_NOTIFICATION_TYPE
+ *				is set to #SEC_NOTIFICATION_TYPE_NAPI.
+ * @param [in] irq_coalescing_timer This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in] irq_coalescing_count This value determines how many
+ *					descriptors are completed before
+ *					raising an interrupt.
+ * @param [in] reg_base_addr,	The job ring base address register
+ * @param [in] irq_id		The job ring interrupt identification number.
+ * @retval  job_ring_handle for successful job ring configuration
+ * @retval  NULL on error
+ *
+ */
+static void *
+init_job_ring(void *reg_base_addr, uint32_t irq_id)
+{
+	struct sec_job_ring_t *job_ring = NULL;
+	int i, ret = 0;
+	int jr_mode = SEC_NOTIFICATION_TYPE_POLL;
+	int napi_mode = 0;
+	int irq_coalescing_timer = 0;
+	int irq_coalescing_count = 0;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_job_rings[i].irq_fd == 0) {
+			job_ring = &g_job_rings[i];
+			g_job_rings_no++;
+			break;
+		}
+	}
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	job_ring->register_base_addr = reg_base_addr;
+	job_ring->jr_mode = jr_mode;
+	job_ring->napi_mode = 0;
+	job_ring->irq_fd = irq_id;
+
+	/* Allocate mem for input and output ring */
+
+	/* Allocate memory for input ring */
+	job_ring->input_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_INPUT_RING_SIZE);
+	memset(job_ring->input_ring, 0, SEC_DMA_MEM_INPUT_RING_SIZE);
+
+	/* Allocate memory for output ring */
+	job_ring->output_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_OUTPUT_RING_SIZE);
+	memset(job_ring->output_ring, 0, SEC_DMA_MEM_OUTPUT_RING_SIZE);
+
+	/* Reset job ring in SEC hw and configure job ring registers */
+	ret = hw_reset_job_ring(job_ring);
+	if (ret != 0) {
+		CAAM_JR_ERR("Failed to reset hardware job ring");
+		goto cleanup;
+	}
+
+	if (jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+	/* When SEC US driver works in NAPI mode, the UA can select
+	 * if the driver starts with IRQs on or off.
+	 */
+		if (napi_mode == SEC_STARTUP_INTERRUPT_MODE) {
+			CAAM_JR_INFO("Enabling DONE IRQ generationon job ring - %p",
+				job_ring);
+			ret = caam_jr_enable_irqs(job_ring->irq_fd);
+			if (ret != 0) {
+				CAAM_JR_ERR("Failed to enable irqs for job ring");
+				goto cleanup;
+			}
+		}
+	} else if (jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+	/* When SEC US driver works in pure interrupt mode,
+	 * IRQ's are always enabled.
+	 */
+		CAAM_JR_INFO("Enabling DONE IRQ generation on job ring - %p",
+			 job_ring);
+		ret = caam_jr_enable_irqs(job_ring->irq_fd);
+		if (ret != 0) {
+			CAAM_JR_ERR("Failed to enable irqs for job ring");
+			goto cleanup;
+		}
+	}
+	if (irq_coalescing_timer || irq_coalescing_count) {
+		hw_job_ring_set_coalescing_param(job_ring,
+			 irq_coalescing_timer,
+			 irq_coalescing_count);
+
+		hw_job_ring_enable_coalescing(job_ring);
+		job_ring->coalescing_en = 1;
+	}
+
+	job_ring->jr_state = SEC_JOB_RING_STATE_STARTED;
+	job_ring->max_nb_queue_pairs = RTE_CAAM_MAX_NB_SEC_QPS;
+	job_ring->max_nb_sessions = RTE_CAAM_JR_PMD_MAX_NB_SESSIONS;
+
+	return job_ring;
+cleanup:
+	caam_jr_dma_free(job_ring->output_ring);
+	caam_jr_dma_free(job_ring->input_ring);
+	return NULL;
 }
 
+
 static int
 caam_jr_dev_init(const char *name,
 		 struct rte_vdev_device *vdev,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct uio_job_ring *job_ring;
+	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
 	PMD_INIT_FUNC_TRACE();
 
+	/* Validate driver state */
+	if (g_driver_state == SEC_DRIVER_STATE_IDLE) {
+		g_job_rings_max = sec_configure();
+		if (!g_job_rings_max) {
+			CAAM_JR_ERR("No job ring detected on UIO !!!!");
+			return -1;
+		}
+		/* Update driver state */
+		g_driver_state = SEC_DRIVER_STATE_STARTED;
+	}
+
+	if (g_job_rings_no >= g_job_rings_max) {
+		CAAM_JR_ERR("No more job rings available max=%d!!!!",
+				g_job_rings_max);
+		return -1;
+	}
+
+	job_ring = config_job_ring();
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("failed to create job ring");
+		goto init_error;
+	}
+
+	snprintf(str, sizeof(str), "caam_jr%d", job_ring->jr_id);
+
 	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 	if (dev == NULL) {
 		CAAM_JR_ERR("failed to create cryptodev vdev");
 		goto cleanup;
 	}
+	/*TODO free it during teardown*/
+	dev->data->dev_private = init_job_ring(job_ring->register_base_addr,
+						job_ring->uio_fd);
+
+	if (!dev->data->dev_private) {
+		CAAM_JR_ERR("Ring memory allocation failed\n");
+		goto cleanup2;
+	}
 
 	dev->driver_id = cryptodev_driver_id;
 	dev->dev_ops = NULL;
@@ -79,7 +376,12 @@ caam_jr_dev_init(const char *name,
 
 	return 0;
 
+cleanup2:
+	caam_jr_dev_uninit(dev);
+	rte_cryptodev_pmd_release_device(dev);
 cleanup:
+	free_job_ring(job_ring->uio_fd);
+init_error:
 	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
 			init_params->name);
 
@@ -92,7 +394,7 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 {
 	struct rte_cryptodev_pmd_init_params init_params = {
 		"",
-		128,
+		sizeof(struct sec_job_ring_t),
 		rte_socket_id(),
 		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
 	};
@@ -106,6 +408,29 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 	input_args = rte_vdev_device_args(vdev);
 	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
 
+	/* if sec device version is not configured */
+	if (!rta_get_sec_era()) {
+		const struct device_node *caam_node;
+
+		for_each_compatible_node(caam_node, NULL, "fsl,sec-v4.0") {
+			const uint32_t *prop = of_get_property(caam_node,
+					"fsl,sec-era",
+					NULL);
+			if (prop) {
+				rta_set_sec_era(
+					INTL_SEC_ERA(cpu_to_caam32(*prop)));
+				break;
+			}
+		}
+	}
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+	if (rta_get_sec_era() > RTA_SEC_ERA_8) {
+		RTE_LOG(ERR, PMD,
+		"CAAM is compiled in BE mode for device with sec era > 8???\n");
+		return -EINVAL;
+	}
+#endif
+
 	return caam_jr_dev_init(name, vdev, &init_params);
 }
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 06/15] crypto/caam_jr: add device basic ops
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (4 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
                       ` (9 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following device operations
 - dev_configure
 - dev_start
 - dev_stop
 - dev_close
 - dev_infos_get

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 98 +++++++++++++++++++++++++++++++-
 1 file changed, 97 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index cb024a979..cdae2a4fc 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -98,6 +98,89 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 }
 
 
+static int
+caam_jr_dev_configure(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_config *config __rte_unused)
+{
+	char str[20];
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	internals = dev->data->dev_private;
+	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	if (!internals->ctx_pool) {
+		internals->ctx_pool = rte_mempool_create((const char *)str,
+						CTX_POOL_NUM_BUFS,
+						sizeof(struct caam_jr_op_ctx),
+						CTX_POOL_CACHE_SIZE, 0,
+						NULL, NULL, NULL, NULL,
+						SOCKET_ID_ANY, 0);
+		if (!internals->ctx_pool) {
+			CAAM_JR_ERR("%s create failed\n", str);
+			return -ENOMEM;
+		}
+	} else
+		CAAM_JR_INFO("mempool already created for dev_id : %d",
+				dev->data->dev_id);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+	return 0;
+}
+
+static void
+caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+}
+
+static int
+caam_jr_dev_close(struct rte_cryptodev *dev)
+{
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (dev == NULL)
+		return -ENOMEM;
+
+	internals = dev->data->dev_private;
+	rte_mempool_free(internals->ctx_pool);
+	internals->ctx_pool = NULL;
+
+	return 0;
+}
+
+static void
+caam_jr_dev_infos_get(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_info *info)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+
+	PMD_INIT_FUNC_TRACE();
+	if (info != NULL) {
+		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
+		info->feature_flags = dev->feature_flags;
+		info->sym.max_nb_sessions = internals->max_nb_sessions;
+		info->driver_id = cryptodev_driver_id;
+	}
+}
+
+static struct rte_cryptodev_ops caam_jr_ops = {
+	.dev_configure	      = caam_jr_dev_configure,
+	.dev_start	      = caam_jr_dev_start,
+	.dev_stop	      = caam_jr_dev_stop,
+	.dev_close	      = caam_jr_dev_close,
+	.dev_infos_get        = caam_jr_dev_infos_get,
+};
+
+
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
  * WITHOUT being notified to UA.
@@ -361,7 +444,20 @@ caam_jr_dev_init(const char *name,
 	}
 
 	dev->driver_id = cryptodev_driver_id;
-	dev->dev_ops = NULL;
+	dev->dev_ops = &caam_jr_ops;
+
+	/* register rx/tx burst functions for data path */
+	dev->dequeue_burst = NULL;
+	dev->enqueue_burst = NULL;
+	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
+			RTE_CRYPTODEV_FF_SECURITY |
+			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
 	/* For secondary processes, we don't initialise any further as primary
 	 * has already done this work. Only check we don't need a different
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 07/15] crypto/caam_jr: add queue pair config ops
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (5 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
                       ` (8 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add following ops for configuring queues
 - queue_pair_setup
 - queue_pair_release
 - queue_pair_count

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 64 ++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index cdae2a4fc..78bc75f69 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -97,6 +97,67 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* Release queue pair */
+static int
+caam_jr_queue_pair_release(struct rte_cryptodev *dev,
+			   uint16_t qp_id)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = NULL;
+	dev->data->queue_pairs[qp_id] = NULL;
+
+	return 0;
+}
+
+/* Setup a queue pair */
+static int
+caam_jr_queue_pair_setup(
+		struct rte_cryptodev *dev, uint16_t qp_id,
+		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		__rte_unused int socket_id,
+		__rte_unused struct rte_mempool *session_pool)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id, qp_conf);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = internals;
+	dev->data->queue_pairs[qp_id] = qp;
+
+	return 0;
+}
+
+/* Return the number of allocated queue pairs */
+static uint32_t
+caam_jr_queue_pair_count(struct rte_cryptodev *dev)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return dev->data->nb_queue_pairs;
+}
 
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
@@ -178,6 +239,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.queue_pair_setup     = caam_jr_queue_pair_setup,
+	.queue_pair_release   = caam_jr_queue_pair_release,
+	.queue_pair_count     = caam_jr_queue_pair_count,
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 08/15] crypto/caam_jr: add session configuration methods
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (6 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
                       ` (7 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support to create session configuration
of various types i.e. cipher, auth and aead etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 214 +++++++++++++++++++++++++++++++
 1 file changed, 214 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 78bc75f69..eedbeb731 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -24,8 +24,11 @@
 
 /* RTA header files */
 #include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
 #include <of.h>
 
+#define CAAM_JR_DBG	0
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
@@ -159,6 +162,214 @@ caam_jr_queue_pair_count(struct rte_cryptodev *dev)
 	return dev->data->nb_queue_pairs;
 }
 
+/* Returns the size of the aesni gcm session structure */
+static unsigned int
+caam_jr_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return sizeof(struct caam_jr_session);
+}
+
+static int
+caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused,
+		    struct rte_crypto_sym_xform *xform,
+		    struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->cipher_alg = xform->cipher.algo;
+	session->iv.length = xform->cipher.iv.length;
+	session->iv.offset = xform->cipher.iv.offset;
+	session->cipher_key.data = rte_zmalloc(NULL, xform->cipher.key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL && xform->cipher.key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+	session->cipher_key.length = xform->cipher.key.length;
+
+	memcpy(session->cipher_key.data, xform->cipher.key.data,
+	       xform->cipher.key.length);
+	session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_auth_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->auth_alg = xform->auth.algo;
+	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL && xform->auth.key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		return -ENOMEM;
+	}
+	session->auth_key.length = xform->auth.key.length;
+	session->digest_length = xform->auth.digest_length;
+
+	memcpy(session->auth_key.data, xform->auth.key.data,
+	       xform->auth.key.length);
+	session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_aead_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->aead_alg = xform->aead.algo;
+	session->iv.length = xform->aead.iv.length;
+	session->iv.offset = xform->aead.iv.offset;
+	session->auth_only_len = xform->aead.aad_length;
+	session->aead_key.data = rte_zmalloc(NULL, xform->aead.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->aead_key.data == NULL && xform->aead.key.length > 0) {
+		CAAM_JR_ERR("No Memory for aead key\n");
+		return -ENOMEM;
+	}
+	session->aead_key.length = xform->aead.key.length;
+	session->digest_length = xform->aead.digest_length;
+
+	memcpy(session->aead_key.data, xform->aead.key.data,
+	       xform->aead.key.length);
+	session->dir = (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_set_session_parameters(struct rte_cryptodev *dev,
+			       struct rte_crypto_sym_xform *xform, void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct caam_jr_session *session = sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (unlikely(sess == NULL)) {
+		CAAM_JR_ERR("invalid session struct");
+		return -EINVAL;
+	}
+
+	/* Default IV length = 0 */
+	session->iv.length = 0;
+
+	/* Cipher Only */
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		caam_jr_cipher_init(dev, xform, session);
+
+	/* Authentication Only */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next == NULL) {
+		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
+		caam_jr_auth_init(dev, xform, session);
+
+	/* Cipher then Authenticate */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+			caam_jr_cipher_init(dev, xform, session);
+			caam_jr_auth_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* Authenticate then Cipher */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+			caam_jr_auth_init(dev, xform, session);
+			caam_jr_cipher_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* AEAD operation for AES-GCM kind of Algorithms */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
+		   xform->next == NULL) {
+		caam_jr_aead_init(dev, xform, session);
+
+	} else {
+		CAAM_JR_ERR("Invalid crypto type");
+		return -EINVAL;
+	}
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+
+err1:
+	rte_free(session->cipher_key.data);
+	rte_free(session->auth_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+
+	return -EINVAL;
+}
+
+static int
+caam_jr_sym_session_configure(struct rte_cryptodev *dev,
+			      struct rte_crypto_sym_xform *xform,
+			      struct rte_cryptodev_sym_session *sess,
+			      struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
+	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
+
+	return 0;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static void
+caam_jr_sym_session_clear(struct rte_cryptodev *dev,
+		struct rte_cryptodev_sym_session *sess)
+{
+	uint8_t index = dev->driver_id;
+	void *sess_priv = get_sym_session_private_data(sess, index);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(s, 0, sizeof(struct caam_jr_session));
+		set_sym_session_private_data(sess, index, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+}
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -242,6 +453,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
+	.sym_session_get_size = caam_jr_sym_session_get_size,
+	.sym_session_configure = caam_jr_sym_session_configure,
+	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 09/15] crypto/caam_jr: add device cababilities
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (7 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
                       ` (6 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

add device capabilities for supported algorithms,
key length etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile               |   1 +
 drivers/crypto/caam_jr/caam_jr.c              |   2 +
 drivers/crypto/caam_jr/caam_jr_capabilities.c | 266 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |  18 ++
 drivers/crypto/caam_jr/meson.build            |   5 +-
 5 files changed, 291 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index cfd093a5f..88cdf7410 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -31,6 +31,7 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_capabilities.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index eedbeb731..311da1686 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -17,6 +17,7 @@
 #include <rte_security_driver.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_capabilities.h>
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr_pvt.h>
@@ -439,6 +440,7 @@ caam_jr_dev_infos_get(struct rte_cryptodev *dev,
 	if (info != NULL) {
 		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
 		info->feature_flags = dev->feature_flags;
+		info->capabilities = caam_jr_get_cryptodev_capabilities();
 		info->sym.max_nb_sessions = internals->max_nb_sessions;
 		info->driver_id = cryptodev_driver_id;
 	}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
new file mode 100644
index 000000000..c51593c4b
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -0,0 +1,266 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <caam_jr_capabilities.h>
+
+static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
+	{	/* MD5 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 20,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA224 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 28,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 32,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 48,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* AES GCM */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_AES_GCM,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 8,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = {
+					.min = 0,
+					.max = 240,
+					.increment = 1
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+	{	/* AES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* 3DES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
+				.block_size = 8,
+				.key_size = {
+					.min = 16,
+					.max = 24,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 8,
+					.max = 8,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
+	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
+static const struct rte_security_capability caam_jr_security_cap[] = {
+	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{
+		.action = RTE_SECURITY_ACTION_TYPE_NONE
+	}
+};
+
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void)
+{
+	return caam_jr_capabilities;
+}
+
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device __rte_unused)
+{
+	return caam_jr_security_cap;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.h b/drivers/crypto/caam_jr/caam_jr_capabilities.h
new file mode 100644
index 000000000..c1e3f305a
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CAPABILITIES_H
+#define CAAM_JR_CAPABILITIES_H
+
+#include <rte_cryptodev.h>
+#include <rte_security.h>
+
+/* Get cryptodev capabilities */
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void);
+/* Get security capabilities */
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device);
+
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 7b024e886..99b71aef1 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,10 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
+sources = files('caam_jr_capabilities.c',
+		'caam_jr_hw.c',
+		'caam_jr_uio.c',
+		'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 10/15] crypto/caam_jr: add enqueue dequeue operations
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (8 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
                       ` (5 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support for :
1. creating run time sec hw decriptors for a given request.
2. enqueue operation to the caam jr ring
3. dequeue operation from the caam jr ring in poll mode
4. creating a crypto protocol descriptor for session - first time.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c      | 895 +++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_desc.h | 285 ++++++++
 2 files changed, 1178 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 311da1686..9652342a6 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -21,6 +21,7 @@
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr_pvt.h>
+#include <caam_jr_desc.h>
 #include <caam_jr_log.h>
 
 /* RTA header files */
@@ -53,6 +54,343 @@ static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
 static int g_job_rings_no;
 static int g_job_rings_max;
 
+struct sec_outring_entry {
+	phys_addr_t desc;	/* Pointer to completed descriptor */
+	uint32_t status;	/* Status for completed descriptor */
+} __rte_packed;
+
+/* virtual address conversin when mempool support is available for ctx */
+static inline phys_addr_t
+caam_jr_vtop_ctx(struct caam_jr_op_ctx *ctx, void *vaddr)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (size_t)vaddr - ctx->vtop_offset;
+}
+
+static inline void
+caam_jr_op_ending(struct caam_jr_op_ctx *ctx)
+{
+	PMD_INIT_FUNC_TRACE();
+	/* report op status to sym->op and then free the ctx memeory  */
+	rte_mempool_put(ctx->ctx_pool, (void *)ctx);
+}
+
+static inline struct caam_jr_op_ctx *
+caam_jr_alloc_ctx(struct caam_jr_session *ses)
+{
+	struct caam_jr_op_ctx *ctx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	ret = rte_mempool_get(ses->ctx_pool, (void **)(&ctx));
+	if (!ctx || ret) {
+		CAAM_JR_DP_WARN("Alloc sec descriptor failed!");
+		return NULL;
+	}
+	/*
+	 * Clear SG memory. There are 16 SG entries of 16 Bytes each.
+	 * one call to dcbz_64() clear 64 bytes, hence calling it 4 times
+	 * to clear all the SG entries. caam_jr_alloc_ctx() is called for
+	 * each packet, memset is costlier than dcbz_64().
+	 */
+	dcbz_64(&ctx->sg[SG_CACHELINE_0]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_1]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_2]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_3]);
+
+	ctx->ctx_pool = ses->ctx_pool;
+	ctx->vtop_offset = (size_t) ctx - rte_mempool_virt2iova(ctx);
+
+	return ctx;
+}
+
+static inline int
+is_cipher_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg == RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_auth_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_aead(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == 0) &&
+		(ses->auth_alg == 0) &&
+		(ses->aead_alg != 0));
+}
+
+static inline int
+is_auth_cipher(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_encode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_ENC;
+}
+
+static inline int
+is_decode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_DEC;
+}
+
+static inline void
+caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->auth_alg) {
+	case RTE_CRYPTO_AUTH_NULL:
+		ses->digest_length = 0;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported auth alg %u", ses->auth_alg);
+	}
+}
+
+static inline void
+caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->cipher_alg) {
+	case RTE_CRYPTO_CIPHER_NULL:
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CTR;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported cipher alg %d", ses->cipher_alg);
+	}
+}
+
+static inline void
+caam_aead_alg(struct caam_jr_session *ses, struct alginfo *alginfo)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->aead_alg) {
+	case RTE_CRYPTO_AEAD_AES_GCM:
+		alginfo->algtype = OP_ALG_ALGSEL_AES;
+		alginfo->algmode = OP_ALG_AAI_GCM;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported AEAD alg %d", ses->aead_alg);
+	}
+}
+
+/* prepare command block of the session */
+static int
+caam_jr_prep_cdb(struct caam_jr_session *ses)
+{
+	struct alginfo alginfo_c = {0}, alginfo_a = {0}, alginfo = {0};
+	int32_t shared_desc_len = 0;
+	struct sec_cdb *cdb;
+	int err;
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+	int swap = false;
+#else
+	int swap = true;
+#endif
+
+	PMD_INIT_FUNC_TRACE();
+	if (ses->cdb)
+		caam_jr_dma_free(ses->cdb);
+
+	cdb = caam_jr_dma_mem_alloc(L1_CACHE_BYTES, sizeof(struct sec_cdb));
+	if (!cdb) {
+		CAAM_JR_ERR("failed to allocate memory for cdb\n");
+		return -1;
+	}
+
+	ses->cdb = cdb;
+
+	memset(cdb, 0, sizeof(struct sec_cdb));
+
+	if (is_cipher_only(ses)) {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_blkcipher(
+						cdb->sh_desc, true,
+						swap, &alginfo_c,
+						NULL,
+						ses->iv.length,
+						ses->dir);
+	} else if (is_auth_only(ses)) {
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_hmac(cdb->sh_desc, true,
+						   swap, &alginfo_a,
+						   !ses->dir,
+						   ses->digest_length);
+	} else if (is_aead(ses)) {
+		caam_aead_alg(ses, &alginfo);
+		if (alginfo.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported aead alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+		alginfo.key = (size_t)ses->aead_key.data;
+		alginfo.keylen = ses->aead_key.length;
+		alginfo.key_enc_flags = 0;
+		alginfo.key_type = RTA_DATA_IMM;
+
+		if (ses->dir == DIR_ENC)
+			shared_desc_len = cnstr_shdsc_gcm_encap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+		else
+			shared_desc_len = cnstr_shdsc_gcm_decap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+	} else {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		cdb->sh_desc[0] = alginfo_c.keylen;
+		cdb->sh_desc[1] = alginfo_a.keylen;
+		err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
+				       MIN_JOB_DESC_SIZE,
+				       (unsigned int *)cdb->sh_desc,
+				       &cdb->sh_desc[2], 2);
+
+		if (err < 0) {
+			CAAM_JR_ERR("Crypto: Incorrect key lengths");
+			rte_free(cdb);
+			return err;
+		}
+		if (cdb->sh_desc[2] & 1)
+			alginfo_c.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_c.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_c.key);
+			alginfo_c.key_type = RTA_DATA_PTR;
+		}
+		if (cdb->sh_desc[2] & (1<<1))
+			alginfo_a.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_a.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_a.key);
+			alginfo_a.key_type = RTA_DATA_PTR;
+		}
+		cdb->sh_desc[0] = 0;
+		cdb->sh_desc[1] = 0;
+		cdb->sh_desc[2] = 0;
+			/* Auth_only_len is set as 0 here and it will be
+			 * overwritten in fd for each packet.
+			 */
+			shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc,
+					true, swap, &alginfo_c, &alginfo_a,
+					ses->iv.length, 0,
+					ses->digest_length, ses->dir);
+	}
+
+	if (shared_desc_len < 0) {
+		CAAM_JR_ERR("error in preparing command block");
+		return shared_desc_len;
+	}
+
+#if CAAM_JR_DBG
+	SEC_DUMP_DESC(cdb->sh_desc);
+#endif
+
+	cdb->sh_hdr.hi.field.idlen = shared_desc_len;
+
+	return 0;
+}
+
 /* @brief Poll the HW for already processed jobs in the JR
  * and silently discard the available jobs or notify them to UA
  * with indicated error code.
@@ -101,6 +439,559 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* @brief Poll the HW for already processed jobs in the JR
+ * and notify the available jobs to UA.
+ *
+ * @param [in]  job_ring	The job ring to poll.
+ * @param [in]  limit           The maximum number of jobs to notify.
+ *                              If set to negative value, all available jobs are
+ *				notified.
+ *
+ * @retval >=0 for No of jobs notified to UA.
+ * @retval -1 for error
+ */
+static int
+hw_poll_job_ring(struct sec_job_ring_t *job_ring,
+		 struct rte_crypto_op **ops, int32_t limit,
+		 struct caam_jr_qp *jr_qp)
+{
+	int32_t jobs_no_to_notify = 0; /* the number of done jobs to notify*/
+	int32_t number_of_jobs_available = 0;
+	int32_t notified_descs_no = 0;
+	uint32_t sec_error_code = 0;
+	struct job_descriptor *current_desc;
+	phys_addr_t current_desc_addr;
+	phys_addr_t *temp_addr;
+	struct caam_jr_op_ctx *ctx;
+
+	PMD_INIT_FUNC_TRACE();
+	/* TODO check for ops have memory*/
+	/* check here if any JR error that cannot be written
+	 * in the output status word has occurred
+	 */
+	if (JR_REG_JRINT_JRE_EXTRACT(GET_JR_REG(JRINT, job_ring))) {
+		CAAM_JR_INFO("err received");
+		sec_error_code = JR_REG_JRINT_ERR_TYPE_EXTRACT(
+					GET_JR_REG(JRINT, job_ring));
+		if (unlikely(sec_error_code)) {
+			hw_job_ring_error_print(job_ring, sec_error_code);
+			return -1;
+		}
+	}
+	/* compute the number of jobs available in the job ring based on the
+	 * producer and consumer index values.
+	 */
+	number_of_jobs_available = hw_get_no_finished_jobs(job_ring);
+	/* Compute the number of notifications that need to be raised to UA
+	 * If limit > total number of done jobs -> notify all done jobs
+	 * If limit = 0 -> error
+	 * If limit < total number of done jobs -> notify a number
+	 * of done jobs equal with limit
+	 */
+	jobs_no_to_notify = (limit > number_of_jobs_available) ?
+				number_of_jobs_available : limit;
+	CAAM_JR_DP_DEBUG(
+		"Jr[%p] pi[%d] ci[%d].limit =%d Available=%d.Jobs to notify=%d",
+		job_ring, job_ring->pidx, job_ring->cidx,
+		limit, number_of_jobs_available, jobs_no_to_notify);
+
+	rte_smp_rmb();
+
+	while (jobs_no_to_notify > notified_descs_no) {
+		static uint64_t false_alarm;
+		static uint64_t real_poll;
+
+		/* Get job status here */
+		sec_error_code = job_ring->output_ring[job_ring->cidx].status;
+		/* Get completed descriptor */
+		temp_addr = &(job_ring->output_ring[job_ring->cidx].desc);
+		current_desc_addr = (phys_addr_t)sec_read_addr(temp_addr);
+
+		real_poll++;
+		/* todo check if it is false alarm no desc present */
+		if (!current_desc_addr) {
+			false_alarm++;
+			printf("false alarm %" PRIu64 "real %" PRIu64
+				" sec_err =0x%x cidx Index =0%d\n",
+				false_alarm, real_poll,
+				sec_error_code, job_ring->cidx);
+			rte_panic("CAAM JR descriptor NULL");
+			return notified_descs_no;
+		}
+		current_desc = (struct job_descriptor *)
+				caam_jr_dma_ptov(current_desc_addr);
+		/* now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+				 SEC_JOB_RING_SIZE);
+		/* Signal that the job has been processed and the slot is free*/
+		hw_remove_entries(job_ring, 1);
+		/*TODO for multiple ops, packets*/
+		ctx = container_of(current_desc, struct caam_jr_op_ctx, jobdes);
+		if (unlikely(sec_error_code)) {
+			CAAM_JR_ERR("desc at cidx %d generated error 0x%x\n",
+				job_ring->cidx, sec_error_code);
+			hw_handle_job_ring_error(job_ring, sec_error_code);
+			//todo improve with exact errors
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			jr_qp->rx_errs++;
+		} else {
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if CAAM_JR_DBG
+			if (ctx->op->sym->m_dst) {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_dst));
+			} else {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_src));
+			}
+#endif
+		}
+		if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
+			struct ip *ip4_hdr;
+
+			if (ctx->op->sym->m_dst) {
+				/*TODO check for ip header or other*/
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, char*);
+				ctx->op->sym->m_dst->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_dst->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			} else {
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, char*);
+				ctx->op->sym->m_src->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_src->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			}
+		}
+		*ops = ctx->op;
+		caam_jr_op_ending(ctx);
+		ops++;
+		notified_descs_no++;
+	}
+	return notified_descs_no;
+}
+
+static uint16_t
+caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	struct sec_job_ring_t *ring = jr_qp->ring;
+	int num_rx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DP_DEBUG("Jr[%p]Polling. limit[%d]", ring, nb_ops);
+
+	/* Poll job ring
+	 * If nb_ops < 0 -> poll JR until no more notifications are available.
+	 * If nb_ops > 0 -> poll JR until limit is reached.
+	 */
+
+	/* Run hw poll job ring */
+	num_rx = hw_poll_job_ring(ring, ops, nb_ops, jr_qp);
+	if (num_rx < 0) {
+		CAAM_JR_ERR("Error polling SEC engine (%d)", num_rx);
+		return 0;
+	}
+
+	CAAM_JR_DP_DEBUG("Jr[%p].Jobs notified[%d]. ", ring, num_rx);
+
+	if (ring->jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+		if (num_rx < nb_ops) {
+			ret = caam_jr_enable_irqs(ring->irq_fd);
+			SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+		}
+	} else if (ring->jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+
+		/* Always enable IRQ generation when in pure IRQ mode */
+		ret = caam_jr_enable_irqs(ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+	}
+
+	jr_qp->rx_pkts += num_rx;
+
+	return num_rx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	start_addr = rte_pktmbuf_iova(sym->m_src);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	if (is_decode(ses)) {
+		sg = &ctx->sg[0];
+		SEC_JD_SET_IN_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+			(sym->auth.data.length + ses->digest_length));
+		/* enabling sg list */
+		(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+		sg->ptr = cpu_to_caam64(start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		/* let's check digest by hw */
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)start_addr,
+			sym->auth.data.offset, sym->auth.data.length);
+	}
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr,
+			sym->cipher.data.offset,
+			sym->cipher.data.length + ses->iv.length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+				sym->cipher.data.length + ses->iv.length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg = &ctx->sg[1];
+	sg->ptr = cpu_to_caam64(src_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* input */
+	sg = &ctx->sg[0];
+	if (is_encode(ses)) {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	}
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(&ctx->sg[0]), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	/* output */
+	sg = &ctx->sg[6];
+
+	sg->ptr = cpu_to_caam64(dst_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	length = sym->cipher.data.length;
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(&ctx->sg[6]), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+static int
+caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
+{
+	struct sec_job_ring_t *ring = qp->ring;
+	struct caam_jr_session *ses;
+	struct caam_jr_op_ctx *ctx = NULL;
+	struct sec_job_descriptor_t *jobdescr __rte_unused;
+
+	PMD_INIT_FUNC_TRACE();
+	switch (op->sess_type) {
+	case RTE_CRYPTO_OP_WITH_SESSION:
+		ses = (struct caam_jr_session *)
+		get_sym_session_private_data(op->sym->session,
+					cryptodev_driver_id);
+		break;
+	default:
+		CAAM_JR_DP_ERR("sessionless crypto op not supported");
+		qp->tx_errs++;
+		return -1;
+	}
+
+	if (unlikely(!ses->qp || ses->qp != qp)) {
+		CAAM_JR_DP_DEBUG("Old:sess->qp=%p New qp = %p\n", ses->qp, qp);
+		ses->qp = qp;
+		caam_jr_prep_cdb(ses);
+	}
+
+	if (rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth(op, ses);
+		else if (is_aead(ses))
+			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only(op, ses);
+	} else {
+		if (is_aead(ses))
+			goto err1;
+	}
+err1:
+	if (unlikely(!ctx)) {
+		qp->tx_errs++;
+		CAAM_JR_ERR("not supported sec op");
+		return -1;
+	}
+#if CAAM_JR_DBG
+	if (is_decode(ses))
+		rte_hexdump(stdout, "DECODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+	else
+		rte_hexdump(stdout, "ENCODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+
+	printf("\n JD before conversion\n");
+	for (int i = 0; i < 12; i++)
+		printf("\n 0x%08x", ctx->jobdes.desc[i]);
+#endif
+
+	CAAM_JR_DP_DEBUG("Jr[%p] pi[%d] ci[%d].Before sending desc",
+		      ring, ring->pidx, ring->cidx);
+
+	/* todo - do we want to retry */
+	if (SEC_JOB_RING_IS_FULL(ring->pidx, ring->cidx,
+			 SEC_JOB_RING_SIZE, SEC_JOB_RING_SIZE)) {
+		CAAM_JR_DP_DEBUG("Ring FULL Jr[%p] pi[%d] ci[%d].Size = %d",
+			      ring, ring->pidx, ring->cidx, SEC_JOB_RING_SIZE);
+		caam_jr_op_ending(ctx);
+		qp->tx_ring_full++;
+		return -EBUSY;
+	}
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	jobdescr->deschdr.command.word =
+		cpu_to_caam32(jobdescr->deschdr.command.word);
+	jobdescr->sd_ptr = cpu_to_caam64(jobdescr->sd_ptr);
+	jobdescr->seq_out.command.word =
+		cpu_to_caam32(jobdescr->seq_out.command.word);
+	jobdescr->seq_out_ptr = cpu_to_caam64(jobdescr->seq_out_ptr);
+	jobdescr->out_ext_length = cpu_to_caam32(jobdescr->out_ext_length);
+	jobdescr->seq_in.command.word =
+		cpu_to_caam32(jobdescr->seq_in.command.word);
+	jobdescr->seq_in_ptr = cpu_to_caam64(jobdescr->seq_in_ptr);
+	jobdescr->in_ext_length = cpu_to_caam32(jobdescr->in_ext_length);
+	jobdescr->load_dpovrd.command.word =
+		cpu_to_caam32(jobdescr->load_dpovrd.command.word);
+	jobdescr->dpovrd = cpu_to_caam32(jobdescr->dpovrd);
+#endif
+
+	/* Set ptr in input ring to current descriptor	*/
+	sec_write_addr(&ring->input_ring[ring->pidx],
+			(phys_addr_t)caam_jr_vtop_ctx(ctx, ctx->jobdes.desc));
+	rte_smp_wmb();
+
+	/* Notify HW that a new job is enqueued */
+	hw_enqueue_desc_on_job_ring(ring);
+
+	/* increment the producer index for the current job ring */
+	ring->pidx = SEC_CIRCULAR_COUNTER(ring->pidx, SEC_JOB_RING_SIZE);
+
+	return 0;
+}
+
+static uint16_t
+caam_jr_enqueue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	/* Function to transmit the frames to given device and queuepair */
+	uint32_t loop;
+	int32_t ret;
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	uint16_t num_tx = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	/*Prepare each packet which is to be sent*/
+	for (loop = 0; loop < nb_ops; loop++) {
+		ret = caam_jr_enqueue_op(ops[loop], jr_qp);
+		if (!ret)
+			num_tx++;
+	}
+
+	jr_qp->tx_pkts += num_tx;
+
+	return num_tx;
+}
+
 /* Release queue pair */
 static int
 caam_jr_queue_pair_release(struct rte_cryptodev *dev,
@@ -727,8 +1618,8 @@ caam_jr_dev_init(const char *name,
 	dev->dev_ops = &caam_jr_ops;
 
 	/* register rx/tx burst functions for data path */
-	dev->dequeue_burst = NULL;
-	dev->enqueue_burst = NULL;
+	dev->dequeue_burst = caam_jr_dequeue_burst;
+	dev->enqueue_burst = caam_jr_enqueue_burst;
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
diff --git a/drivers/crypto/caam_jr/caam_jr_desc.h b/drivers/crypto/caam_jr/caam_jr_desc.h
new file mode 100644
index 000000000..6683ea835
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_desc.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_DESC_H
+#define CAAM_JR_DESC_H
+
+#define CMD_HDR_CTYPE_SD		0x16
+#define CMD_HDR_CTYPE_JD		0x17
+
+/* The maximum size of a SEC descriptor, in WORDs (32 bits). */
+#define MAX_DESC_SIZE_WORDS                     64
+
+/*
+ * Macros manipulating descriptors
+ */
+/* Macro for setting the SD pointer in a JD. Common for all protocols
+ * supported by the SEC driver.
+ */
+#define SEC_JD_SET_SD(descriptor, ptr, len)	   {	  \
+	(descriptor)->sd_ptr = (ptr);			       \
+	(descriptor)->deschdr.command.jd.shr_desc_len = (len);      \
+}
+
+/* Macro for setting a pointer to the job which this descriptor processes.
+ * It eases the lookup procedure for identifying the descriptor that has
+ * completed.
+ */
+#define SEC_JD_SET_JOB_PTR(descriptor, ptr) \
+	((descriptor)->job_ptr = (ptr))
+
+/* Macro for setting up a JD. The structure of the JD is common across all
+ * supported protocols, thus its structure is identical.
+ */
+#define SEC_JD_INIT(descriptor)	      ({ \
+	/* CTYPE = job descriptor			       \
+	 * RSMS, DNR = 0
+	 * ONE = 1
+	 * Start Index = 0
+	 * ZRO,TD, MTD = 0
+	 * SHR = 1 (there's a shared descriptor referenced
+	 *	  by this job descriptor,pointer in next word)
+	 * REO = 1 (execute job descr. first, shared descriptor
+	 *	  after)
+	 * SHARE = DEFER
+	 * Descriptor Length = 0 ( to be completed @ runtime ) */ \
+	(descriptor)->deschdr.command.word = 0xB0801C0D;	\
+	/*
+	 * CTYPE = SEQ OUT command * Scater Gather Flag = 0
+	 * (can be updated @ runtime) PRE = 0 * EXT = 1
+	 * (data length is in next word, following the * command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_out.command.word = 0xF8400000; /**/	\
+	/*
+	 * CTYPE = SEQ IN command
+	 * Scater Gather Flag = 0 (can be updated @ runtime)
+	 * PRE = 0
+	 * EXT = 1 ( data length is in next word, following the
+	 *	   command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_in.command.word  = 0xF0400000; /**/	\
+	/*
+	 * In order to be compatible with QI scenarios, the DPOVRD value
+	 * loaded must be formated like this:
+	 * DPOVRD_EN (1b) | Res| DPOVRD Value (right aligned). */ \
+	(descriptor)->load_dpovrd.command.word = 0x16870004;	\
+	/* By default, DPOVRD mechanism is disabled, thus the value to be
+	 * LOAD-ed through the above descriptor command will be
+	 * 0x0000_0000. */					\
+	(descriptor)->dpovrd = 0x00000000;			\
+})
+
+/* Macro for setting the pointer to the input buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_IN_PTR(descriptor, phys_addr, offset, length) {     \
+	(descriptor)->seq_in_ptr = (phys_addr) + (offset);	      \
+	(descriptor)->in_ext_length = (length);			 \
+}
+
+/* Macro for setting the pointer to the output buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_OUT_PTR(descriptor, phys_addr, offset, length) {    \
+	(descriptor)->seq_out_ptr = (phys_addr) + (offset);	     \
+	(descriptor)->out_ext_length = (length);			\
+}
+
+/* Macro for setting the Scatter-Gather flag in the SEQ IN command. Used in
+ * case the input buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_IN(descriptor) \
+	((descriptor)->seq_in.command.field.sgf =  1)
+
+/* Macro for setting the Scatter-Gather flag in the SEQ OUT command. Used in
+ * case the output buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_OUT(descriptor) \
+	((descriptor)->seq_out.command.field.sgf = 1)
+
+#define SEC_JD_SET_DPOVRD(descriptor) \
+
+/* Macro for retrieving a descriptor's length. Works for both SD and JD. */
+#define SEC_GET_DESC_LEN(descriptor)					\
+	(((struct descriptor_header_s *)(descriptor))->command.sd.ctype == \
+	CMD_HDR_CTYPE_SD ? ((struct descriptor_header_s *) \
+	(descriptor))->command.sd.desclen :	\
+	((struct descriptor_header_s *)(descriptor))->command.jd.desclen)
+
+/* Helper macro for dumping the hex representation of a descriptor */
+#define SEC_DUMP_DESC(descriptor) {					\
+	int __i;							\
+	CAAM_JR_INFO("Des@ 0x%08x\n", (uint32_t)((uint32_t *)(descriptor)));\
+	for (__i = 0;						\
+		__i < SEC_GET_DESC_LEN(descriptor);			\
+		__i++) {						\
+		printf("0x%08x: 0x%08x\n",			\
+			(uint32_t)(((uint32_t *)(descriptor)) + __i),	\
+			*(((uint32_t *)(descriptor)) + __i));		\
+	}								\
+}
+/* Union describing a descriptor header.
+ */
+struct descriptor_header_s {
+	union {
+		uint32_t word;
+		struct {
+			/* 4  */ unsigned int ctype:5;
+			/* 5  */ unsigned int res1:2;
+			/* 7  */ unsigned int dnr:1;
+			/* 8  */ unsigned int one:1;
+			/* 9  */ unsigned int res2:1;
+			/* 10 */ unsigned int start_idx:6;
+			/* 16 */ unsigned int res3:2;
+			/* 18 */ unsigned int cif:1;
+			/* 19 */ unsigned int sc:1;
+			/* 20 */ unsigned int pd:1;
+			/* 21 */ unsigned int res4:1;
+			/* 22 */ unsigned int share:2;
+			/* 24 */ unsigned int res5:2;
+			/* 26 */ unsigned int desclen:6;
+		} sd;
+		struct {
+			/* TODO only below struct members are corrected,
+			 * all others also need to be reversed please verify it
+			 */
+			/* 0 */ unsigned int desclen:7;
+			/* 7 */ unsigned int res4:1;
+			/* 8 */ unsigned int share:3;
+			/* 11 */ unsigned int reo:1;
+			/* 12 */ unsigned int shr:1;
+			/* 13 */ unsigned int mtd:1;
+			/* 14 */ unsigned int td:1;
+			/* 15 */ unsigned int zero:1;
+			/* 16 */ unsigned int shr_desc_len:6;
+			/* 22  */ unsigned int res2:1;
+			/* 23  */ unsigned int one:1;
+			/* 24  */ unsigned int dnr:1;
+			/* 25  */ unsigned int rsms:1;
+			/* 26  */ unsigned int res1:1;
+			/* 27  */ unsigned int ctype:5;
+		} jd;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a KEY command in a descriptor.
+ */
+struct key_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int cls:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int enc:1;
+			unsigned int nwb:1;
+			unsigned int ekt:1;
+			unsigned int kdest:4;
+			unsigned int tk:1;
+			unsigned int rsvd1:5;
+			unsigned int length:10;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a PROTOCOL command
+ * in a descriptor.
+ */
+struct protocol_operation_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int optype:3;
+			unsigned char protid;
+			unsigned short protinfo;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQIN command in a
+ * descriptor.
+ */
+struct seq_in_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:1;
+			unsigned int inl:1;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int rjd:1;
+			unsigned int res2:4;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQOUT command in a
+ * descriptor.
+ */
+struct seq_out_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:2;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int res2:5;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+struct load_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int class:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int dst:7;
+			unsigned char offset;
+			unsigned char length;
+		} fields;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Structure encompassing a general shared descriptor of maximum
+ * size (64 WORDs). Usually, other specific shared descriptor structures
+ * will be type-casted to this one
+ * this one.
+ */
+struct sec_sd_t {
+	uint32_t rsvd[MAX_DESC_SIZE_WORDS];
+} __attribute__((packed, aligned(64)));
+
+/* Structure encompassing a job descriptor which processes
+ * a single packet from a context. The job descriptor references
+ * a shared descriptor from a SEC context.
+ */
+struct sec_job_descriptor_t {
+	struct descriptor_header_s deschdr;
+	dma_addr_t sd_ptr;
+	struct seq_out_command_s seq_out;
+	dma_addr_t seq_out_ptr;
+	uint32_t out_ext_length;
+	struct seq_in_command_s seq_in;
+	dma_addr_t seq_in_ptr;
+	uint32_t in_ext_length;
+	struct load_command_s load_dpovrd;
+	uint32_t dpovrd;
+} __attribute__((packed, aligned(64)));
+
+#endif
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 11/15] crypto/caam_jr: add scatter gather
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (9 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
                       ` (4 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add the scatter gather feature
for auth-only, cipher-only and cipher-auth
operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 375 ++++++++++++++++++++++++++++++-
 1 file changed, 374 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 9652342a6..e62ce6186 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -623,6 +623,101 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 	return num_rx;
 }
 
+/**
+ * packet looks like:
+ *		|<----data_len------->|
+ *    |ip_header|ah_header|icv|payload|
+ *              ^
+ *		|
+ *	   mbuf->pkt.data
+ */
+static inline struct caam_jr_op_ctx *
+build_auth_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	int	length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t extra_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (is_decode(ses))
+		extra_segs = 2;
+	else
+		extra_segs = 1;
+
+	if ((mbuf->nb_segs + extra_segs) > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	length = sym->auth.data.length;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		/* digest verification case */
+		sg++;
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	} else {
+		length -= ses->digest_length;
+	}
+
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr,
+		(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, length);
+	/* enabling sg list */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -688,6 +783,123 @@ build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+static inline struct caam_jr_op_ctx *
+build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *in_sg;
+	int length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t reg_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		reg_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2;
+	} else {
+		mbuf = sym->m_src;
+		reg_segs = mbuf->nb_segs * 2 + 2;
+	}
+
+	if (reg_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	sg = &ctx->sg[0];
+	length = sym->cipher.data.length;
+
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0,
+			length);
+	/*enabling sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/*input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+
+	length = sym->cipher.data.length + ses->iv.length;
+
+	/* IV */
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	/* 1st seg */
+	sg++;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+				+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, in_sg), 0,
+				length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -752,6 +964,161 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+/* For decapsulation:
+ *     Input:
+ * +----+----------------+--------------------------------+-----+
+ * | IV | Auth-only data | Authenticated & Encrypted data | ICV |
+ * +----+----------------+--------------------------------+-----+
+ *     Output:
+ * +----+--------------------------+
+ * | Decrypted & authenticated data |
+ * +----+--------------------------+
+ */
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *out_sg, *in_sg;
+	struct rte_mbuf *mbuf;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t req_segs;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 3;
+	} else {
+		mbuf = sym->m_src;
+		req_segs = mbuf->nb_segs * 2 + 3;
+	}
+
+	if (req_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	out_sg = &ctx->sg[0];
+	if (is_encode(ses))
+		length = sym->auth.data.length + ses->digest_length;
+	else
+		length = sym->auth.data.length;
+
+	sg = &ctx->sg[0];
+
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(out_sg), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+	if (is_encode(ses))
+		length = ses->iv.length + sym->auth.data.length;
+	else
+		length = ses->iv.length + sym->auth.data.length
+						+ ses->digest_length;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg++;
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		sg++;
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(in_sg), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -899,8 +1266,14 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
 	} else {
-		if (is_aead(ses))
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth_sg(op, ses);
+		else if (is_aead(ses))
 			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only_sg(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only_sg(op, ses);
 	}
 err1:
 	if (unlikely(!ctx)) {
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 12/15] crypto/caam_jr: add statistics ops
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (10 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 13/15] crypto/caam_jr: add security offload Gagandeep Singh
                       ` (3 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the following statistics operations:
 - stats_get
 - stats_reset

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 54 ++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index e62ce6186..e12c8715c 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -104,6 +104,58 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses)
 	return ctx;
 }
 
+static
+void caam_jr_stats_get(struct rte_cryptodev *dev,
+			struct rte_cryptodev_stats *stats)
+{
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+					dev->data->queue_pairs;
+	int i;
+
+	PMD_INIT_FUNC_TRACE();
+	if (stats == NULL) {
+		CAAM_JR_ERR("Invalid stats ptr NULL");
+		return;
+	}
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+
+		stats->enqueued_count += qp[i]->tx_pkts;
+		stats->dequeued_count += qp[i]->rx_pkts;
+		stats->enqueue_err_count += qp[i]->tx_errs;
+		stats->dequeue_err_count += qp[i]->rx_errs;
+		CAAM_JR_INFO("extra stats:\n\tRX Poll ERR = %" PRIu64
+			     "\n\tTX Ring Full = %" PRIu64,
+			     qp[i]->rx_poll_err,
+			     qp[i]->tx_ring_full);
+	}
+}
+
+static
+void caam_jr_stats_reset(struct rte_cryptodev *dev)
+{
+	int i;
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+				   (dev->data->queue_pairs);
+
+	PMD_INIT_FUNC_TRACE();
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+		qp[i]->rx_pkts = 0;
+		qp[i]->rx_errs = 0;
+		qp[i]->rx_poll_err = 0;
+		qp[i]->tx_pkts = 0;
+		qp[i]->tx_errs = 0;
+		qp[i]->tx_ring_full = 0;
+	}
+}
+
 static inline int
 is_cipher_only(struct caam_jr_session *ses)
 {
@@ -1716,6 +1768,8 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.stats_get	      = caam_jr_stats_get,
+	.stats_reset	      = caam_jr_stats_reset,
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 13/15] crypto/caam_jr: add security offload
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (11 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 14/15] doc: add caam jr cryptodev details Gagandeep Singh
                       ` (2 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch provides the support for protocol offload
to the hardware. following security operations are
added:
 - session_create
 - session_destroy
 - capabilities_get

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c              | 402 +++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  14 +-
 drivers/crypto/caam_jr/caam_jr_capabilities.h |   5 +-
 drivers/crypto/caam_jr/caam_jr_hw.c           |   2 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |   9 +
 drivers/crypto/caam_jr/caam_jr_uio.c          |   2 +
 6 files changed, 425 insertions(+), 9 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index e12c8715c..ef5fcb4cb 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -14,7 +14,9 @@
 #include <rte_cryptodev.h>
 #include <rte_bus_vdev.h>
 #include <rte_malloc.h>
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security_driver.h>
+#endif
 #include <rte_hexdump.h>
 
 #include <caam_jr_capabilities.h>
@@ -27,7 +29,6 @@
 /* RTA header files */
 #include <hw/desc/common.h>
 #include <hw/desc/algo.h>
-#include <hw/desc/ipsec.h>
 #include <of.h>
 
 #define CAAM_JR_DBG	0
@@ -186,8 +187,21 @@ is_auth_cipher(struct caam_jr_session *ses)
 {
 	PMD_INIT_FUNC_TRACE();
 	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
-		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL)
+#ifdef RTE_LIBRTE_SECURITY
+		&& (ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC)
+#endif
+		);
+}
+
+#ifdef RTE_LIBRTE_SECURITY
+static inline int
+is_proto_ipsec(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC);
 }
+#endif
 
 static inline int
 is_encode(struct caam_jr_session *ses)
@@ -212,27 +226,63 @@ caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
 		ses->digest_length = 0;
 		break;
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_MD5_96 : OP_ALG_ALGSEL_MD5;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_96 : OP_ALG_ALGSEL_SHA1;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_160 : OP_ALG_ALGSEL_SHA224;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_256_128 : OP_ALG_ALGSEL_SHA256;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_384_192 : OP_ALG_ALGSEL_SHA384;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_512_256 : OP_ALG_ALGSEL_SHA512;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	default:
@@ -248,15 +298,33 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 	case RTE_CRYPTO_CIPHER_NULL:
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CBC : OP_ALG_ALGSEL_AES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_3DES : OP_ALG_ALGSEL_3DES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CTR:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CTR : OP_ALG_ALGSEL_AES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CTR;
 		break;
 	default:
@@ -420,6 +488,24 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 		cdb->sh_desc[0] = 0;
 		cdb->sh_desc[1] = 0;
 		cdb->sh_desc[2] = 0;
+#ifdef RTE_LIBRTE_SECURITY
+		if (is_proto_ipsec(ses)) {
+			if (ses->dir == DIR_ENC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_encap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->encap_pdb,
+						(uint8_t *)&ses->ip4_hdr,
+						&alginfo_c, &alginfo_a);
+			} else if (ses->dir == DIR_DEC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_decap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->decap_pdb,
+						&alginfo_c, &alginfo_a);
+			}
+		} else {
+#endif
 			/* Auth_only_len is set as 0 here and it will be
 			 * overwritten in fd for each packet.
 			 */
@@ -427,6 +513,9 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 					true, swap, &alginfo_c, &alginfo_a,
 					ses->iv.length, 0,
 					ses->digest_length, ses->dir);
+#ifdef RTE_LIBRTE_SECURITY
+		}
+#endif
 	}
 
 	if (shared_desc_len < 0) {
@@ -602,6 +691,7 @@ hw_poll_job_ring(struct sec_job_ring_t *job_ring,
 			}
 #endif
 		}
+#ifdef RTE_LIBRTE_SECURITY
 		if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 			struct ip *ip4_hdr;
 
@@ -622,6 +712,7 @@ hw_poll_job_ring(struct sec_job_ring_t *job_ring,
 					rte_be_to_cpu_16(ip4_hdr->ip_len);
 			}
 		}
+#endif
 		*ops = ctx->op;
 		caam_jr_op_ending(ctx);
 		ops++;
@@ -1281,6 +1372,50 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 
 	return ctx;
 }
+
+static inline struct caam_jr_op_ctx *
+build_proto(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx = NULL;
+	phys_addr_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+	ctx->op = op;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+			cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr, 0,
+			sym->m_src->buf_len - sym->m_src->data_off);
+	/* input */
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)src_start_addr, 0,
+			sym->m_src->pkt_len);
+	sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK;
+
+	return ctx;
+}
+
 static int
 caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 {
@@ -1296,6 +1431,13 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		get_sym_session_private_data(op->sym->session,
 					cryptodev_driver_id);
 		break;
+#ifdef RTE_LIBRTE_SECURITY
+	case RTE_CRYPTO_OP_SECURITY_SESSION:
+		ses = (struct caam_jr_session *)
+			get_sec_session_private_data(
+					op->sym->sec_session);
+		break;
+#endif
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
 		qp->tx_errs++;
@@ -1317,6 +1459,10 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 			ctx = build_auth_only(op, ses);
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
+#ifdef RTE_LIBRTE_SECURITY
+		else if (is_proto_ipsec(ses))
+			ctx = build_proto(op, ses);
+#endif
 	} else {
 		if (is_auth_cipher(ses))
 			ctx = build_cipher_auth_sg(op, ses);
@@ -1687,6 +1833,229 @@ caam_jr_sym_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+#ifdef RTE_LIBRTE_SECURITY
+static int
+caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
+			  struct rte_security_session_conf *conf,
+			  void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
+	struct rte_crypto_auth_xform *auth_xform;
+	struct rte_crypto_cipher_xform *cipher_xform;
+	struct caam_jr_session *session = (struct caam_jr_session *)sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		cipher_xform = &conf->crypto_xform->cipher;
+		auth_xform = &conf->crypto_xform->next->auth;
+	} else {
+		auth_xform = &conf->crypto_xform->auth;
+		cipher_xform = &conf->crypto_xform->next->cipher;
+	}
+	session->proto_alg = conf->protocol;
+	session->cipher_key.data = rte_zmalloc(NULL,
+					       cipher_xform->key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL &&
+			cipher_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+
+	session->cipher_key.length = cipher_xform->key.length;
+	session->auth_key.data = rte_zmalloc(NULL,
+					auth_xform->key.length,
+					RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL &&
+			auth_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		rte_free(session->cipher_key.data);
+		return -ENOMEM;
+	}
+	session->auth_key.length = auth_xform->key.length;
+	memcpy(session->cipher_key.data, cipher_xform->key.data,
+			cipher_xform->key.length);
+	memcpy(session->auth_key.data, auth_xform->key.data,
+			auth_xform->key.length);
+
+	switch (auth_xform->algo) {
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+	case RTE_CRYPTO_AUTH_KASUMI_F9:
+	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
+	case RTE_CRYPTO_AUTH_ZUC_EIA3:
+		CAAM_JR_ERR("Crypto: Unsupported auth alg %u\n",
+			auth_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Auth specified %u\n",
+			auth_xform->algo);
+		goto out;
+	}
+
+	switch (cipher_xform->algo) {
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR;
+		break;
+	case RTE_CRYPTO_CIPHER_NULL:
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+	case RTE_CRYPTO_CIPHER_3DES_ECB:
+	case RTE_CRYPTO_CIPHER_AES_ECB:
+	case RTE_CRYPTO_CIPHER_KASUMI_F8:
+		CAAM_JR_ERR("Crypto: Unsupported Cipher alg %u\n",
+			cipher_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Cipher specified %u\n",
+			cipher_xform->algo);
+		goto out;
+	}
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		memset(&session->encap_pdb, 0, sizeof(struct ipsec_encap_pdb) +
+				sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_v = IPVERSION;
+		session->ip4_hdr.ip_hl = 5;
+		session->ip4_hdr.ip_len = rte_cpu_to_be_16(
+						sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_tos = ipsec_xform->tunnel.ipv4.dscp;
+		session->ip4_hdr.ip_id = 0;
+		session->ip4_hdr.ip_off = 0;
+		session->ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl;
+		session->ip4_hdr.ip_p = (ipsec_xform->proto ==
+				RTE_SECURITY_IPSEC_SA_PROTO_ESP) ? IPPROTO_ESP
+				: IPPROTO_AH;
+		session->ip4_hdr.ip_sum = 0;
+		session->ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip;
+		session->ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip;
+		session->ip4_hdr.ip_sum = calc_chksum((uint16_t *)
+						(void *)&session->ip4_hdr,
+						sizeof(struct ip));
+
+		session->encap_pdb.options =
+			(IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
+			PDBOPTS_ESP_OIHI_PDB_INL |
+			PDBOPTS_ESP_IVSRC |
+			PDBHMO_ESP_ENCAP_DTTL;
+		session->encap_pdb.spi = ipsec_xform->spi;
+		session->encap_pdb.ip_hdr_len = sizeof(struct ip);
+
+		session->dir = DIR_ENC;
+	} else if (ipsec_xform->direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		session->decap_pdb.options = sizeof(struct ip) << 16;
+		session->dir = DIR_DEC;
+	} else
+		goto out;
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+out:
+	rte_free(session->auth_key.data);
+	rte_free(session->cipher_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+	return -1;
+}
+
+static int
+caam_jr_security_session_create(void *dev,
+				struct rte_security_session_conf *conf,
+				struct rte_security_session *sess,
+				struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	switch (conf->protocol) {
+	case RTE_SECURITY_PROTOCOL_IPSEC:
+		ret = caam_jr_set_ipsec_session(cdev, conf,
+				sess_private_data);
+		break;
+	case RTE_SECURITY_PROTOCOL_MACSEC:
+		return -ENOTSUP;
+	default:
+		return -EINVAL;
+	}
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sec_session_private_data(sess, sess_private_data);
+
+	return ret;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static int
+caam_jr_security_session_destroy(void *dev __rte_unused,
+				 struct rte_security_session *sess)
+{
+	PMD_INIT_FUNC_TRACE();
+	void *sess_priv = get_sec_session_private_data(sess);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(sess, 0, sizeof(struct caam_jr_session));
+		set_sec_session_private_data(sess, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+	return 0;
+}
+#endif
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -1778,6 +2147,16 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
+#ifdef RTE_LIBRTE_SECURITY
+static struct rte_security_ops caam_jr_security_ops = {
+	.session_create = caam_jr_security_session_create,
+	.session_update = NULL,
+	.session_stats_get = NULL,
+	.session_destroy = caam_jr_security_session_destroy,
+	.set_pkt_metadata = NULL,
+	.capabilities_get = caam_jr_get_security_capabilities
+};
+#endif
 
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
@@ -1997,6 +2376,9 @@ caam_jr_dev_init(const char *name,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+#ifdef RTE_LIBRTE_SECURITY
+	struct rte_security_ctx *security_instance;
+#endif
 	struct uio_job_ring *job_ring;
 	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
@@ -2066,6 +2448,22 @@ caam_jr_dev_init(const char *name,
 		return 0;
 	}
 
+#ifdef RTE_LIBRTE_SECURITY
+	/*TODO free it during teardown*/
+	security_instance = rte_malloc("caam_jr",
+				sizeof(struct rte_security_ctx), 0);
+	if (security_instance == NULL) {
+		CAAM_JR_ERR("memory allocation failed\n");
+		//todo error handling.
+		goto cleanup2;
+	}
+
+	security_instance->device = (void *)dev;
+	security_instance->ops = &caam_jr_security_ops;
+	security_instance->sess_cnt = 0;
+	dev->security_ctx = security_instance;
+#endif
+
 	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
 
 	return 0;
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
index c51593c4b..eacea7db3 100644
--- a/drivers/crypto/caam_jr/caam_jr_capabilities.c
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -225,6 +225,7 @@ static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
+#ifdef RTE_LIBRTE_SECURITY
 static const struct rte_security_capability caam_jr_security_cap[] = {
 	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
 		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
@@ -253,14 +254,15 @@ static const struct rte_security_capability caam_jr_security_cap[] = {
 	}
 };
 
-const struct rte_cryptodev_capabilities *
-caam_jr_get_cryptodev_capabilities(void)
-{
-	return caam_jr_capabilities;
-}
-
 const struct rte_security_capability *
 caam_jr_get_security_capabilities(void *device __rte_unused)
 {
 	return caam_jr_security_cap;
 }
+#endif
+
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void)
+{
+	return caam_jr_capabilities;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.h b/drivers/crypto/caam_jr/caam_jr_capabilities.h
index c1e3f305a..d3169b7e9 100644
--- a/drivers/crypto/caam_jr/caam_jr_capabilities.h
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.h
@@ -6,13 +6,16 @@
 #define CAAM_JR_CAPABILITIES_H
 
 #include <rte_cryptodev.h>
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security.h>
+#endif
 
 /* Get cryptodev capabilities */
 const struct rte_cryptodev_capabilities *
 caam_jr_get_cryptodev_capabilities(void);
+#ifdef RTE_LIBRTE_SECURITY
 /* Get security capabilities */
 const struct rte_security_capability *
 caam_jr_get_security_capabilities(void *device);
-
+#endif
 #endif
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index 4a2b08995..c6833185b 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -9,7 +9,9 @@
 #include <rte_memory.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security.h>
+#endif
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
index 58fd257fc..f6200ac8a 100644
--- a/drivers/crypto/caam_jr/caam_jr_pvt.h
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -5,6 +5,8 @@
 #ifndef CAAM_JR_PVT_H
 #define CAAM_JR_PVT_H
 
+#include <hw/desc/ipsec.h>
+
 /* NXP CAAM JR PMD device name */
 
 #define CAAM_JR_ALG_UNSUPPORT	(-1)
@@ -110,6 +112,9 @@ struct caam_jr_session {
 	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
 	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
 	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+#ifdef RTE_LIBRTE_SECURITY
+	enum rte_security_session_protocol proto_alg; /* Security Algorithm*/
+#endif
 	union {
 		struct {
 			uint8_t *data;	/* pointer to key data */
@@ -132,7 +137,11 @@ struct caam_jr_session {
 	} iv;	/* Initialisation vector parameters */
 	uint16_t auth_only_len; /* Length of data for Auth only */
 	uint32_t digest_length;
+	struct ipsec_encap_pdb encap_pdb;
+#ifdef RTE_LIBRTE_SECURITY
 	struct ip ip4_hdr;
+#endif
+	struct ipsec_decap_pdb decap_pdb;
 	struct caam_jr_qp *qp;
 	struct sec_cdb *cdb;	/* cmd block associated with qp */
 	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
index c07d9db01..58d86f961 100644
--- a/drivers/crypto/caam_jr/caam_jr_uio.c
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -16,7 +16,9 @@
 #include <rte_common.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security.h>
+#endif
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 14/15] doc: add caam jr cryptodev details
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (12 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 13/15] crypto/caam_jr: add security offload Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add caam jr driver details, supported features and algorithms
in the document.

release note and MAINTAINERS are also updated.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 MAINTAINERS                                |   2 +
 doc/guides/cryptodevs/caam_jr.rst          | 150 +++++++++++++++++++++
 doc/guides/cryptodevs/features/caam_jr.ini |  46 +++++++
 doc/guides/cryptodevs/index.rst            |   1 +
 doc/guides/rel_notes/release_18_11.rst     |   5 +
 5 files changed, 204 insertions(+)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini

diff --git a/MAINTAINERS b/MAINTAINERS
index 9de01189a..3079c187e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -855,6 +855,8 @@ NXP CAAM JR
 M: Gagandeep Singh <g.singh@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
 F: drivers/crypto/caam_jr/
+F: doc/guides/cryptodevs/caam_jr.rst
+F: doc/guides/cryptodevs/features/caam_jr.ini
 
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
diff --git a/doc/guides/cryptodevs/caam_jr.rst b/doc/guides/cryptodevs/caam_jr.rst
new file mode 100644
index 000000000..e87ff0915
--- /dev/null
+++ b/doc/guides/cryptodevs/caam_jr.rst
@@ -0,0 +1,150 @@
+..  SPDX-License-Identifier: BSD-3-Clause
+    Copyright 2018 NXP
+
+
+NXP CAAM JOB RING (caam_jr)
+===========================
+
+The caam_jr PMD provides poll mode crypto driver support for NXP SEC 4.x+ (CAAM)
+hardware accelerator. More information is available at:
+
+`NXP Cryptographic Acceleration Technology  <https://www.nxp.com/applications/solutions/internet-of-things/secure-things/network-security-technology/cryptographic-acceleration-technology:NETWORK_SECURITY_CRYPTOG>`_.
+
+Architecture
+------------
+
+SEC is the SOC's security engine, which serves as NXP's latest cryptographic
+acceleration and offloading hardware. It combines functions previously
+implemented in separate modules to create a modular and scalable acceleration
+and assurance engine. It also implements block encryption algorithms, stream
+cipher algorithms, hashing algorithms, public key algorithms, run-time
+integrity checking, and a hardware random number generator. SEC performs
+higher-level cryptographic operations than previous NXP cryptographic
+accelerators. This provides significant improvement to system level performance.
+
+SEC HW accelerator above 4.x+ version are also known as CAAM.
+
+caam_jr PMD is one of DPAA drivers which uses uio interface to interact with
+Linux kernel for configure and destroy the device instance (ring).
+
+
+Implementation
+--------------
+
+SEC provides platform assurance by working with SecMon, which is a companion
+logic block that tracks the security state of the SOC. SEC is programmed by
+means of descriptors (not to be confused with frame descriptors (FDs)) that
+indicate the operations to be performed and link to the message and
+associated data. SEC incorporates two DMA engines to fetch the descriptors,
+read the message data, and write the results of the operations. The DMA
+engine provides a scatter/gather capability so that SEC can read and write
+data scattered in memory. SEC may be configured by means of software for
+dynamic changes in byte ordering. The default configuration for this version
+of SEC is little-endian mode.
+
+Note that one physical Job Ring represent one caam_jr device.
+
+Features
+--------
+
+The CAAM_JR PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_3DES_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CBC``
+* ``RTE_CRYPTO_CIPHER_AES192_CBC``
+* ``RTE_CRYPTO_CIPHER_AES256_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CTR``
+* ``RTE_CRYPTO_CIPHER_AES192_CTR``
+* ``RTE_CRYPTO_CIPHER_AES256_CTR``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_MD5_HMAC``
+
+AEAD algorithms:
+
+* ``RTE_CRYPTO_AEAD_AES_GCM``
+
+Supported DPAA SoCs
+--------------------
+
+* LS1046A/LS1026A
+* LS1043A/LS1023A
+* LS1028A
+* LS1012A
+
+Limitations
+-----------
+
+* Hash followed by Cipher mode is not supported
+* Only supports the session-oriented API implementation (session-less APIs are not supported).
+
+Prerequisites
+-------------
+
+caam_jr driver has following dependencies are not part of DPDK and must be installed separately:
+
+* **NXP Linux SDK**
+
+  NXP Linux software development kit (SDK) includes support for the family
+  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
+  and corresponding boards.
+
+  It includes the Linux board support packages (BSPs) for NXP SoCs,
+  a fully operational tool chain, kernel and board specific modules.
+
+  SDK and related information can be obtained from:  `NXP QorIQ SDK  <http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
+
+Currently supported by DPDK:
+
+* NXP SDK **18.09+**.
+* Supported architectures:  **arm64 LE**.
+
+* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup the basic DPDK environment.
+
+Pre-Installation Configuration
+------------------------------
+
+Config File Options
+~~~~~~~~~~~~~~~~~~~
+
+The following options can be modified in the ``config`` file
+to enable caam_jr PMD.
+
+Please note that enabling debugging options may affect system performance.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
+  By default it is only enabled in common_linuxapp config.
+  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
+  By default it is disabled.
+  It can be used when the underlying hardware supports the CAAM in BE mode.
+  e.g. LS1043A, LS1046A supports CAAM in BE mode.
+  BE mode is enabled by default in defconfig-arm64-dpaa-linuxapp-gcc.
+
+Installations
+-------------
+To compile the caam_jr PMD for Linux arm64 gcc target, run the
+following ``make`` command:
+
+.. code-block:: console
+
+   cd <DPDK-source-directory>
+   make config T=arm64-armv8a-linuxapp-gcc install
+
+Enabling logs
+-------------
+
+For enabling logs, use the following EAL parameter:
+
+.. code-block:: console
+
+   ./your_crypto_application <EAL args> --log-level=pmd.crypto.caam,<level>
diff --git a/doc/guides/cryptodevs/features/caam_jr.ini b/doc/guides/cryptodevs/features/caam_jr.ini
new file mode 100644
index 000000000..68f8d8195
--- /dev/null
+++ b/doc/guides/cryptodevs/features/caam_jr.ini
@@ -0,0 +1,46 @@
+;
+; Supported features of the 'caam_jr' crypto driver.
+;
+; Refer to default.ini for the full list of available PMD features.
+;
+[Features]
+Symmetric crypto       = Y
+Sym operation chaining = Y
+HW Accelerated         = Y
+Protocol offload       = Y
+In Place SGL           = Y
+OOP SGL In SGL Out     = Y
+OOP SGL In LB  Out     = Y
+OOP LB  In SGL Out     = Y
+OOP LB  In LB  Out     = Y
+
+;
+; Supported crypto algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Cipher]
+AES CBC (128) = Y
+AES CBC (192) = Y
+AES CBC (256) = Y
+AES CTR (128) = Y
+AES CTR (192) = Y
+AES CTR (256) = Y
+3DES CBC      = Y
+
+;
+; Supported authentication algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Auth]
+MD5 HMAC     = Y
+SHA1 HMAC    = Y
+SHA224 HMAC  = Y
+SHA256 HMAC  = Y
+SHA384 HMAC  = Y
+SHA512 HMAC  = Y
+
+;
+; Supported AEAD algorithms of the 'dpaa2_sec' crypto driver.
+;
+[AEAD]
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
index bd1588537..83610e64f 100644
--- a/doc/guides/cryptodevs/index.rst
+++ b/doc/guides/cryptodevs/index.rst
@@ -13,6 +13,7 @@ Crypto Device Drivers
     aesni_mb
     aesni_gcm
     armv8
+    caam_jr
     ccp
     dpaa2_sec
     dpaa_sec
diff --git a/doc/guides/rel_notes/release_18_11.rst b/doc/guides/rel_notes/release_18_11.rst
index a0dd1bed9..af9a6f89f 100644
--- a/doc/guides/rel_notes/release_18_11.rst
+++ b/doc/guides/rel_notes/release_18_11.rst
@@ -186,6 +186,11 @@ New Features
   The AESNI MB PMD has been updated with additional support for AES-GCM
   algorithm support.
 
+* **Added NXP CAAM JR PMD.**
+
+  Added the new caam job ring driver for NXP platforms. See the
+  "NXP CAAM JOB RING (caam_jr)" document for more details on this new driver.
+
 API Changes
 -----------
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v3 15/15] test/crypto: add CAAM JR driver validation test cases
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (13 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 14/15] doc: add caam jr cryptodev details Gagandeep Singh
@ 2018-10-22 13:31     ` Gagandeep Singh
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 13:31 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the validation test cases for
CAAM JR driver

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 test/test/test_cryptodev.c                   | 138 +++++++++++++++++++
 test/test/test_cryptodev.h                   |   1 +
 test/test/test_cryptodev_aes_test_vectors.h  |  33 +++++
 test/test/test_cryptodev_blockcipher.c       |   7 +
 test/test/test_cryptodev_blockcipher.h       |   1 +
 test/test/test_cryptodev_des_test_vectors.h  |  14 +-
 test/test/test_cryptodev_hash_test_vectors.h |  14 ++
 7 files changed, 206 insertions(+), 2 deletions(-)

diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index 32600dea2..84065eb49 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -1876,6 +1876,64 @@ test_AES_cipheronly_virtio_all(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_AES_chain_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AES_CHAIN_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_cipheronly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AES_CIPHERONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_authonly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AUTHONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+
 static int
 test_AES_chain_dpaa_sec_all(void)
 {
@@ -5148,6 +5206,44 @@ test_DES_docsis_mb_all(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_3DES_chain_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_3DES_CHAIN_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_3DES_cipheronly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_3DES_CIPHERONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
 static int
 test_3DES_chain_dpaa_sec_all(void)
 {
@@ -9808,6 +9904,31 @@ static struct unit_test_suite cryptodev_sw_zuc_testsuite  = {
 	}
 };
 
+static struct unit_test_suite cryptodev_caam_jr_testsuite  = {
+	.suite_name = "Crypto CAAM JR Unit Test Suite",
+	.setup = testsuite_setup,
+	.teardown = testsuite_teardown,
+	.unit_test_cases = {
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_device_configure_invalid_dev_id),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_multi_session),
+
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_AES_chain_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_3DES_chain_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_AES_cipheronly_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_3DES_cipheronly_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_authonly_caam_jr_all),
+
+		TEST_CASES_END() /**< NULL terminate unit test array */
+	}
+};
+
 static struct unit_test_suite cryptodev_dpaa_sec_testsuite  = {
 	.suite_name = "Crypto DPAA_SEC Unit Test Suite",
 	.setup = testsuite_setup,
@@ -10634,6 +10755,22 @@ test_cryptodev_octeontx(void)
 	return unit_test_suite_runner(&cryptodev_octeontx_testsuite);
 }
 
+static int
+test_cryptodev_caam_jr(void /*argv __rte_unused, int argc __rte_unused*/)
+{
+	gbl_driver_id =	rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
+
+	if (gbl_driver_id == -1) {
+		RTE_LOG(ERR, USER1, "CAAM_JR PMD must be loaded. Check if "
+				"CONFIG_RTE_LIBRTE_PMD_CAAM_JR is enabled "
+				"in config file to run this testsuite.\n");
+		return TEST_FAILED;
+	}
+
+	return unit_test_suite_runner(&cryptodev_caam_jr_testsuite);
+}
+
 REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat);
 REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest, test_cryptodev_aesni_mb);
 REGISTER_TEST_COMMAND(cryptodev_openssl_autotest, test_cryptodev_openssl);
@@ -10649,3 +10786,4 @@ REGISTER_TEST_COMMAND(cryptodev_dpaa_sec_autotest, test_cryptodev_dpaa_sec);
 REGISTER_TEST_COMMAND(cryptodev_ccp_autotest, test_cryptodev_ccp);
 REGISTER_TEST_COMMAND(cryptodev_virtio_autotest, test_cryptodev_virtio);
 REGISTER_TEST_COMMAND(cryptodev_octeontx_autotest, test_cryptodev_octeontx);
+REGISTER_TEST_COMMAND(cryptodev_caam_jr_autotest, test_cryptodev_caam_jr);
diff --git a/test/test/test_cryptodev.h b/test/test/test_cryptodev.h
index f2d41aedd..a73a49e72 100644
--- a/test/test/test_cryptodev.h
+++ b/test/test/test_cryptodev.h
@@ -65,6 +65,7 @@
 #define CRYPTODEV_NAME_CCP_PMD		crypto_ccp
 #define CRYPTODEV_NAME_VIRTIO_PMD	crypto_virtio
 #define CRYPTODEV_NAME_OCTEONTX_SYM_PMD	crypto_octeontx
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 
 /**
  * Write (spread) data from buffer to mbuf data
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 5db46f4c5..fff28bc9b 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1171,6 +1171,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1185,6 +1186,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1225,6 +1227,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1239,6 +1242,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1253,6 +1257,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1279,6 +1284,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1293,6 +1299,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1305,6 +1312,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1327,6 +1335,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1375,6 +1384,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1413,6 +1423,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1459,6 +1470,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1472,6 +1484,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1484,6 +1497,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1498,6 +1512,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1511,6 +1526,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1525,6 +1541,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1564,6 +1581,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1579,6 +1597,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1594,6 +1613,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1607,6 +1627,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1619,6 +1640,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1630,6 +1652,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1642,6 +1665,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1657,6 +1681,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1671,6 +1696,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
@@ -1683,6 +1709,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
@@ -1696,6 +1723,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1710,6 +1738,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1724,6 +1753,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1737,6 +1767,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1750,6 +1781,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1764,6 +1796,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
diff --git a/test/test/test_cryptodev_blockcipher.c b/test/test/test_cryptodev_blockcipher.c
index 6df132126..1c3f29f6b 100644
--- a/test/test/test_cryptodev_blockcipher.c
+++ b/test/test/test_cryptodev_blockcipher.c
@@ -68,6 +68,8 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 			RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
 	int dpaa_sec_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
+	int caam_jr_pmd = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
 	int mrvl_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_MVSAM_PMD));
 	int virtio_pmd = rte_cryptodev_driver_id_get(
@@ -111,6 +113,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 
 	if (driver_id == dpaa2_sec_pmd ||
 			driver_id == dpaa_sec_pmd ||
+			driver_id == caam_jr_pmd ||
 			driver_id == qat_pmd ||
 			driver_id == openssl_pmd ||
 			driver_id == armv8_pmd ||
@@ -631,6 +634,8 @@ test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
 			RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
 	int dpaa_sec_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
+	int caam_jr_pmd = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
 	int scheduler_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD));
 	int armv8_pmd = rte_cryptodev_driver_id_get(
@@ -707,6 +712,8 @@ test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_CCP;
 	else if (driver_id == dpaa_sec_pmd)
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC;
+	else if (driver_id == caam_jr_pmd)
+		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR;
 	else if (driver_id == mrvl_pmd)
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MVSAM;
 	else if (driver_id == virtio_pmd)
diff --git a/test/test/test_cryptodev_blockcipher.h b/test/test/test_cryptodev_blockcipher.h
index 57e678fc1..f8bd85838 100644
--- a/test/test/test_cryptodev_blockcipher.h
+++ b/test/test/test_cryptodev_blockcipher.h
@@ -30,6 +30,7 @@
 #define BLOCKCIPHER_TEST_TARGET_PMD_CCP		0x0040 /* CCP flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO	0x0200 /* VIRTIO flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX	0x0100 /* OCTEON TX flag */
+#define BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR	0x0400 /* CAAM_JR flag */
 
 #define BLOCKCIPHER_TEST_OP_CIPHER	(BLOCKCIPHER_TEST_OP_ENCRYPT | \
 					BLOCKCIPHER_TEST_OP_DECRYPT)
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0789881da..f1b8cbd45 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1069,6 +1069,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
 	{
@@ -1079,6 +1080,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
 	{
@@ -1103,6 +1105,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1115,6 +1118,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1195,7 +1199,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1206,7 +1211,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
@@ -1254,6 +1260,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
@@ -1265,6 +1272,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
@@ -1276,6 +1284,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB |
@@ -1289,6 +1298,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB |
diff --git a/test/test/test_cryptodev_hash_test_vectors.h b/test/test/test_cryptodev_hash_test_vectors.h
index af1e29e68..a02dfb3c3 100644
--- a/test/test/test_cryptodev_hash_test_vectors.h
+++ b/test/test/test_cryptodev_hash_test_vectors.h
@@ -393,6 +393,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -406,6 +407,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -437,6 +439,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -449,6 +452,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -460,6 +464,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -472,6 +477,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -501,6 +507,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -514,6 +521,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -545,6 +553,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -559,6 +568,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -591,6 +601,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -605,6 +616,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -637,6 +649,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -651,6 +664,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options
  2018-10-22 12:31       ` Gagandeep Singh
@ 2018-10-22 13:32         ` Ali Alnubani
  0 siblings, 0 replies; 97+ messages in thread
From: Ali Alnubani @ 2018-10-22 13:32 UTC (permalink / raw)
  To: Gagandeep Singh, Thomas Monjalon; +Cc: dev, Akhil Goyal, Hemant Agrawal

Hi Gagandeep,

I was able to reproduce with:
./devtools/test-build.sh x86_64-native-linuxapp-clang+MLX4_PMD+MLX5_PMD~KMOD~SOFTNIC~UIO

Environment info:

OS: RHEL7.4 (with kernel 4.19.0-rc7-mlnx) and RHEL7.5 (with kernel 3.10.0-862.el7.x86_64)
Clang: 
	clang version 3.4.2 (tags/RELEASE_34/dot2-final)
	Target: x86_64-redhat-linux-gnu
	Thread model: posix



> -----Original Message-----
> From: dev <dev-bounces@dpdk.org> On Behalf Of Gagandeep Singh
> Sent: Monday, October 22, 2018 3:31 PM
> To: Thomas Monjalon <thomas@monjalon.net>
> Cc: dev@dpdk.org; Akhil Goyal <akhil.goyal@nxp.com>; Hemant Agrawal
> <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning
> options
> 
> Hi
> 
> > -----Original Message-----
> > From: Thomas Monjalon <thomas@monjalon.net>
> > Sent: Friday, October 19, 2018 2:42 PM
> > To: Gagandeep Singh <G.Singh@nxp.com>
> > Cc: dev@dpdk.org; Akhil Goyal <akhil.goyal@nxp.com>; Hemant Agrawal
> > <hemant.agrawal@nxp.com>
> > Subject: Re: [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning
> > options
> >
> > 12/10/2018 16:40, Gagandeep Singh:
> > > --- /dev/null
> > > +++ b/drivers/crypto/caam_jr/caam_jr_config.h
> > > +typedef uint64_t	dma_addr_t;
> >
> > In some environments, there is a redefinition error because of
> > drivers/bus/dpaa/include/compat.h
> >
> I am unable to reproduce the issue on my setup. Can you please point me
> the exact environment on which you are getting this issue?

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver
  2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
                       ` (14 preceding siblings ...)
  2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
@ 2018-10-22 14:17     ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
                         ` (16 more replies)
  15 siblings, 17 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh

v3->v4 change-log:
* local dma_addr_t definition removed

v2->v3 change-log:
* fix CONFIG_RTE_LIBRTE_SECURITY=n compilation.

v1->v2 change-log:
* Most of the checkpatch warnings and erros are removed
* CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS and
  CONFIG_RTE_PMD_CAAM_JR_DEBUG flags removed
* local unlikely macro removed
* extra spaces removed and functions format fixed
* indentation fixed
* documentation is updated
* dead code removed
* device capabilities added in separate file and 
  functions added to access them.
* missing PMD_INIT_FUNC_TRACE() added to the respective
  functions
* description added to the all patches
* some patches splited (sg support, uio, capabilities, hw)

v1:
The caam_jr PMD provides poll mode crypto driver
support for NXP SEC 4.x+ (CAAM) hardware accelerator

Gagandeep Singh (10):
  crypto/caam_jr: introduce basic driver
  crypto/caam_jr: add HW tuning options
  crypto/caam_jr: add routines to configure HW
  crypto/caam_jr: add UIO specific operations
  crypto/caam_jr: add basic job ring routines
  crypto/caam_jr: add device basic ops
  crypto/caam_jr: add session configuration methods
  crypto/caam_jr: add device cababilities
  crypto/caam_jr: add enqueue dequeue operations
  crypto/caam_jr: add scatter gather

Hemant Agrawal (5):
  crypto/caam_jr: add queue pair config ops
  crypto/caam_jr: add statistics ops
  crypto/caam_jr: add security offload
  doc: add caam jr cryptodev details
  test/crypto: add CAAM JR driver validation test cases

 MAINTAINERS                                   |    7 +
 config/common_base                            |    6 +
 config/common_linuxapp                        |    1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |    3 +
 doc/guides/cryptodevs/caam_jr.rst             |  150 +
 doc/guides/cryptodevs/features/caam_jr.ini    |   46 +
 doc/guides/cryptodevs/index.rst               |    1 +
 doc/guides/rel_notes/release_18_11.rst        |    5 +
 drivers/crypto/Makefile                       |    1 +
 drivers/crypto/caam_jr/Makefile               |   44 +
 drivers/crypto/caam_jr/caam_jr.c              | 2570 +++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  268 ++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |   21 +
 drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
 drivers/crypto/caam_jr/caam_jr_desc.h         |  285 ++
 drivers/crypto/caam_jr/caam_jr_hw.c           |  369 +++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
 drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  295 ++
 drivers/crypto/caam_jr/caam_jr_uio.c          |  503 ++++
 drivers/crypto/caam_jr/meson.build            |   17 +
 .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
 drivers/crypto/meson.build                    |    5 +-
 test/test/test_cryptodev.c                    |  138 +
 test/test/test_cryptodev.h                    |    1 +
 test/test/test_cryptodev_aes_test_vectors.h   |   33 +
 test/test/test_cryptodev_blockcipher.c        |    7 +
 test/test/test_cryptodev_blockcipher.h        |    1 +
 test/test/test_cryptodev_des_test_vectors.h   |   14 +-
 test/test/test_cryptodev_hash_test_vectors.h  |   14 +
 30 files changed, 5557 insertions(+), 4 deletions(-)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 01/15] crypto/caam_jr: introduce basic driver
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
                         ` (15 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

The caam_jr poll mode crypto driver is supported for
NXP SEC 4.x+ (CAAM) hardware accelerator.
This driver is by default supported on LE platforms,
if it is used on BE platforms like LS104X,
config option CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE can be
enabled.

This patch add skeleton for caam jobring driver
with probe and uintialisation functions

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 MAINTAINERS                                   |   5 +
 config/common_base                            |   6 +
 config/common_linuxapp                        |   1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |   3 +
 drivers/crypto/Makefile                       |   1 +
 drivers/crypto/caam_jr/Makefile               |  37 +++++
 drivers/crypto/caam_jr/caam_jr.c              | 150 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
 drivers/crypto/caam_jr/meson.build            |  11 ++
 .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
 drivers/crypto/meson.build                    |   5 +-
 11 files changed, 263 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

diff --git a/MAINTAINERS b/MAINTAINERS
index 450749ab2..9de01189a 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -851,6 +851,11 @@ F: drivers/crypto/null/
 F: doc/guides/cryptodevs/null.rst
 F: doc/guides/cryptodevs/features/null.ini
 
+NXP CAAM JR
+M: Gagandeep Singh <g.singh@nxp.com>
+M: Hemant Agrawal <hemant.agrawal@nxp.com>
+F: drivers/crypto/caam_jr/
+
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
diff --git a/config/common_base b/config/common_base
index 302f74a2e..9f45d9eaf 100644
--- a/config/common_base
+++ b/config/common_base
@@ -495,6 +495,12 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
 
+#
+# Compile NXP CAAM JR crypto Driver
+#
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
+
 #
 # Compile NXP DPAA2 crypto sec driver for CAAM HW
 #
diff --git a/config/common_linuxapp b/config/common_linuxapp
index 76b884c48..3565ec8c1 100644
--- a/config/common_linuxapp
+++ b/config/common_linuxapp
@@ -40,6 +40,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
 CONFIG_RTE_LIBRTE_DPAA_PMD=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
 
 # NXP FSLMC BUS and DPAA2 drivers
 CONFIG_RTE_LIBRTE_FSLMC_BUS=y
diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc b/config/defconfig_arm64-dpaa-linuxapp-gcc
index c47aec0a6..544b6770d 100644
--- a/config/defconfig_arm64-dpaa-linuxapp-gcc
+++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
@@ -21,3 +21,6 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
 # NXP DPAA Bus
 CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
 CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
+
+# NXP CAAM_JR driver
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index c083e64ff..c25a19fb0 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO) += octeontx
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
new file mode 100644
index 000000000..b1f3ecee7
--- /dev/null
+++ b/drivers/crypto/caam_jr/Makefile
@@ -0,0 +1,37 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2017 NXP
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+#
+# library name
+#
+LIB = librte_pmd_caam_jr.a
+
+# build flags
+CFLAGS += -DALLOW_EXPERIMENTAL_API
+
+CFLAGS += -D _GNU_SOURCE
+
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
+
+# versioning export map
+EXPORT_MAP := rte_pmd_caam_jr_version.map
+
+# library version
+LIBABIVER := 1
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+# library dependencies
+
+LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
+LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_vdev
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
new file mode 100644
index 000000000..6d25967a1
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -0,0 +1,150 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <sched.h>
+#include <net/if.h>
+
+#include <rte_byteorder.h>
+#include <rte_common.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_crypto.h>
+#include <rte_cryptodev.h>
+#include <rte_bus_vdev.h>
+#include <rte_malloc.h>
+#include <rte_hexdump.h>
+
+#include <caam_jr_log.h>
+
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
+static uint8_t cryptodev_driver_id;
+int caam_jr_logtype;
+
+/*
+ * @brief Release the resources used by the SEC user space driver.
+ *
+ * Reset and release SEC's job rings indicated by the User Application at
+ * init_job_ring() and free any memory allocated internally.
+ * Call once during application tear down.
+ *
+ * @note In case there are any descriptors in-flight (descriptors received by
+ * SEC driver for processing and for which no response was yet provided to UA),
+ * the descriptors are discarded without any notifications to User Application.
+ *
+ * @retval ::0			is returned for a successful execution
+ * @retval ::-1		is returned if SEC driver release is in progress
+ */
+static int
+caam_jr_dev_uninit(struct rte_cryptodev *dev)
+{
+	if (dev == NULL)
+		return -ENODEV;
+
+	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_init(const char *name,
+		 struct rte_vdev_device *vdev,
+		 struct rte_cryptodev_pmd_init_params *init_params)
+{
+	struct rte_cryptodev *dev;
+
+	PMD_INIT_FUNC_TRACE();
+
+	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
+	if (dev == NULL) {
+		CAAM_JR_ERR("failed to create cryptodev vdev");
+		goto cleanup;
+	}
+
+	dev->driver_id = cryptodev_driver_id;
+	dev->dev_ops = NULL;
+
+	/* For secondary processes, we don't initialise any further as primary
+	 * has already done this work. Only check we don't need a different
+	 * RX function
+	 */
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		CAAM_JR_WARN("Device already init by primary process");
+		return 0;
+	}
+
+	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
+
+	return 0;
+
+cleanup:
+	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
+			init_params->name);
+
+	return -ENXIO;
+}
+
+/** Initialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev_pmd_init_params init_params = {
+		"",
+		128,
+		rte_socket_id(),
+		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
+	};
+	const char *name;
+	const char *input_args;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	input_args = rte_vdev_device_args(vdev);
+	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
+
+	return caam_jr_dev_init(name, vdev, &init_params);
+}
+
+/** Uninitialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_remove(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev *cryptodev;
+	const char *name;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
+	if (cryptodev == NULL)
+		return -ENODEV;
+
+	caam_jr_dev_uninit(cryptodev);
+
+	return rte_cryptodev_pmd_destroy(cryptodev);
+}
+
+static struct rte_vdev_driver cryptodev_caam_jr_drv = {
+	.probe = cryptodev_caam_jr_probe,
+	.remove = cryptodev_caam_jr_remove
+};
+
+static struct cryptodev_driver caam_jr_crypto_drv;
+
+RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD, cryptodev_caam_jr_drv);
+RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
+	"max_nb_queue_pairs=<int>"
+	"socket_id=<int>");
+RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver,
+		cryptodev_driver_id);
+
+RTE_INIT(caam_jr_init_log)
+{
+	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
+	if (caam_jr_logtype >= 0)
+		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE);
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_log.h b/drivers/crypto/caam_jr/caam_jr_log.h
new file mode 100644
index 000000000..106ff07a7
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_log.h
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef _CAAM_JR_LOG_H_
+#define _CAAM_JR_LOG_H_
+
+#include <rte_log.h>
+
+extern int caam_jr_logtype;
+
+#define CAAM_JR_LOG(level, fmt, args...) \
+	rte_log(RTE_LOG_ ## level, caam_jr_logtype, "caam_jr: " \
+		fmt "\n", ##args)
+
+#define CAAM_JR_DEBUG(fmt, args...) \
+	rte_log(RTE_LOG_DEBUG, caam_jr_logtype, "caam_jr: %s(): " \
+		fmt "\n", __func__, ##args)
+
+#define PMD_INIT_FUNC_TRACE() CAAM_JR_DEBUG(" >>")
+
+#define CAAM_JR_INFO(fmt, args...) \
+	CAAM_JR_LOG(INFO, fmt, ## args)
+#define CAAM_JR_ERR(fmt, args...) \
+	CAAM_JR_LOG(ERR, fmt, ## args)
+#define CAAM_JR_WARN(fmt, args...) \
+	CAAM_JR_LOG(WARNING, fmt, ## args)
+
+/* DP Logs, toggled out at compile time if level lower than current level */
+#define CAAM_JR_DP_LOG(level, fmt, args...) \
+	RTE_LOG_DP(level, PMD, fmt "\n", ## args)
+
+#define CAAM_JR_DP_DEBUG(fmt, args...) \
+	CAAM_JR_DP_LOG(DEBUG, fmt, ## args)
+#define CAAM_JR_DP_INFO(fmt, args...) \
+	CAAM_JR_DP_LOG(INFO, fmt, ## args)
+#define CAAM_JR_DP_WARN(fmt, args...) \
+	CAAM_JR_DP_LOG(WARNING, fmt, ## args)
+#define CAAM_JR_DP_ERR(fmt, args...) \
+	CAAM_JR_DP_LOG(ERR, fmt, ## args)
+
+#endif /* _CAAM_JR_LOG_H_ */
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
new file mode 100644
index 000000000..3edd0a212
--- /dev/null
+++ b/drivers/crypto/caam_jr/meson.build
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2018 NXP
+
+if host_machine.system() != 'linux'
+        build = false
+endif
+
+deps += ['bus_vdev', 'bus_dpaa', 'security']
+sources = files('caam_jr.c')
+
+allow_experimental_apis = true
diff --git a/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
new file mode 100644
index 000000000..521e51f41
--- /dev/null
+++ b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
@@ -0,0 +1,4 @@
+DPDK_18.11 {
+
+	local: *;
+};
diff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build
index e9c491af6..bf1bd9286 100644
--- a/drivers/crypto/meson.build
+++ b/drivers/crypto/meson.build
@@ -1,8 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause
 # Copyright(c) 2017 Intel Corporation
 
-drivers = ['aesni_gcm', 'aesni_mb', 'ccp', 'dpaa_sec', 'dpaa2_sec', 'kasumi', 'mvsam',
-	'null', 'octeontx', 'openssl', 'qat', 'scheduler', 'virtio', 'zuc']
+drivers = ['aesni_gcm', 'aesni_mb', 'caam_jr', 'ccp', 'dpaa_sec', 'dpaa2_sec',
+	'kasumi', 'mvsam', 'null', 'octeontx', 'openssl', 'qat', 'scheduler',
+	'virtio', 'zuc']
 
 std_deps = ['cryptodev'] # cryptodev pulls in all other needed deps
 config_flag_fmt = 'RTE_LIBRTE_@0@_PMD'
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 02/15] crypto/caam_jr: add HW tuning options
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
                         ` (14 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr hardware can be tuned for multiple settings
like ring depth, coalescing, notification types, cache
size etc.

These parameter can be used for performance tuning
for various platforms.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr_config.h | 207 ++++++++++++++++++++++++
 1 file changed, 207 insertions(+)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h

diff --git a/drivers/crypto/caam_jr/caam_jr_config.h b/drivers/crypto/caam_jr/caam_jr_config.h
new file mode 100644
index 000000000..041187a84
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_config.h
@@ -0,0 +1,207 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CONFIG_H
+#define CAAM_JR_CONFIG_H
+
+#include <rte_byteorder.h>
+
+#include <compat.h>
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+#define CAAM_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CAAM_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+#define CORE_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CORE_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+
+#define cpu_to_caam64 rte_cpu_to_be_64
+#define cpu_to_caam32 rte_cpu_to_be_32
+#else
+#define cpu_to_caam64
+#define cpu_to_caam32
+
+#endif
+
+/*
+ * SEC is configured to start work in polling mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_POLLING_MODE     0
+/*
+ * SEC is configured to start work in interrupt mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_INTERRUPT_MODE   1
+
+/*
+ * SEC driver will use NAPI model to receive notifications
+ * for processed packets from SEC engine hardware:
+ * - IRQ for low traffic
+ * - polling for high traffic.
+ */
+#define SEC_NOTIFICATION_TYPE_NAPI  0
+/*
+ * SEC driver will use ONLY interrupts to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_IRQ   1
+/*
+ * SEC driver will use ONLY polling to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_POLL  2
+
+/*
+ * SEC USER SPACE DRIVER related configuration.
+ */
+
+/*
+ * Determines how SEC user space driver will receive notifications
+ * for processed packets from SEC engine.
+ * Valid values are: #SEC_NOTIFICATION_TYPE_POLL, #SEC_NOTIFICATION_TYPE_IRQ
+ * and #SEC_NOTIFICATION_TYPE_NAPI.
+ */
+#define SEC_NOTIFICATION_TYPE   SEC_NOTIFICATION_TYPE_POLL
+
+/* Maximum number of job rings supported by SEC hardware */
+#define MAX_SEC_JOB_RINGS         4
+
+/* Maximum number of QP per job ring */
+#define RTE_CAAM_MAX_NB_SEC_QPS    1
+
+/*
+ * Size of cryptographic context that is used directly in communicating
+ * with SEC device. SEC device works only with physical addresses. This
+ * is the maximum size for a SEC descriptor ( = 64 words).
+ */
+#define SEC_CRYPTO_DESCRIPTOR_SIZE  256
+
+/*
+ * Size of job descriptor submitted to SEC device for each packet to
+ * be processed.
+ * Job descriptor contains 3 DMA address pointers:
+ *	- to shared descriptor, to input buffer and to output buffer.
+ * The job descriptor contains other SEC specific commands as well:
+ *	- HEADER command, SEQ IN PTR command SEQ OUT PTR command and opaque data
+ *      each measuring 4 bytes.
+ * Job descriptor size, depending on physical address representation:
+ *	- 32 bit - size is 28 bytes - cacheline-aligned size is 64 bytes
+ *	- 36 bit - size is 40 bytes - cacheline-aligned size is 64 bytes
+ * @note: Job descriptor must be cacheline-aligned to ensure efficient
+ *	memory access.
+ * @note: If other format is used for job descriptor, then the size must be
+ *	revised.
+ */
+#define SEC_JOB_DESCRIPTOR_SIZE     64
+
+/*
+ * Size of one entry in the input ring of a job ring.
+ * Input ring contains pointers to job descriptors.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ */
+#define SEC_JOB_INPUT_RING_ENTRY_SIZE  sizeof(dma_addr_t)
+
+/*
+ * Size of one entry in the output ring of a job ring.
+ * Output ring entry is a pointer to a job descriptor followed by a 4 byte
+ * status word.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ * @note If desired to use also the optional SEQ OUT indication in output ring
+ * entries,
+ * then 4 more bytes must be added to the size.
+ */
+#define SEC_JOB_OUTPUT_RING_ENTRY_SIZE  (SEC_JOB_INPUT_RING_ENTRY_SIZE + 4)
+
+/*
+ * DMA memory required for an input ring of a job ring.
+ */
+#define SEC_DMA_MEM_INPUT_RING_SIZE     ((SEC_JOB_INPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/*
+ * DMA memory required for an output ring of a job ring.
+ *  Required extra 4 byte for status word per each entry.
+ */
+#define SEC_DMA_MEM_OUTPUT_RING_SIZE    ((SEC_JOB_OUTPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/* DMA memory required for a job ring, including both input and output rings. */
+#define SEC_DMA_MEM_JOB_RING_SIZE       ((SEC_DMA_MEM_INPUT_RING_SIZE) + \
+					(SEC_DMA_MEM_OUTPUT_RING_SIZE))
+
+/*
+ * When calling sec_init() UA will provide an area of virtual memory
+ *  of size #SEC_DMA_MEMORY_SIZE to be  used internally by the driver
+ *  to allocate data (like SEC descriptors) that needs to be passed to
+ *  SEC device in physical addressing and later on retrieved from SEC device.
+ *  At initialization the UA provides specialized ptov/vtop functions/macros to
+ *  translate addresses allocated from this memory area.
+ */
+#define SEC_DMA_MEMORY_SIZE          ((SEC_DMA_MEM_JOB_RING_SIZE) * \
+					(MAX_SEC_JOB_RINGS))
+
+#define L1_CACHE_BYTES 64
+
+/* SEC JOB RING related configuration. */
+
+/*
+ * Configure the size of the JOB RING.
+ * The maximum size of the ring in hardware limited to 1024.
+ * However the number of packets in flight in a time interval of 1ms can
+ * be calculated from the traffic rate (Mbps) and packet size.
+ * Here it was considered a packet size of 64 bytes.
+ *
+ * @note Round up to nearest power of 2 for optimized update
+ * of producer/consumer indexes of each job ring
+ */
+#define SEC_JOB_RING_SIZE     512
+
+/*
+ * Interrupt coalescing related configuration.
+ * NOTE: SEC hardware enabled interrupt
+ * coalescing is not supported on SEC version 3.1!
+ * SEC version 4.4 has support for interrupt
+ * coalescing.
+ */
+
+#if SEC_NOTIFICATION_TYPE != SEC_NOTIFICATION_TYPE_POLL
+
+#define SEC_INT_COALESCING_ENABLE   1
+/*
+ * Interrupt Coalescing Descriptor Count Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines
+ * how many Descriptors are completed before raising an interrupt.
+ *
+ * Valid values for this field are from 0 to 255.
+ * Note that a value of 1 functionally defeats the advantages of interrupt
+ * coalescing since the threshold value is reached each time that a
+ * Job Descriptor is completed. A value of 0 is treated in the same
+ * manner as a value of 1.
+ */
+#define SEC_INTERRUPT_COALESCING_DESCRIPTOR_COUNT_THRESH  10
+
+/*
+ * Interrupt Coalescing Timer Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines the
+ * maximum amount of time after processing a Descriptor before raising an
+ * interrupt.
+ * The threshold value is represented in units equal to 64 CAAM interface
+ * clocks. Valid values for this field are from 1 to 65535.
+ * A value of 0 results in behavior identical to that when interrupt
+ * coalescing is disabled.
+ */
+#define SEC_INTERRUPT_COALESCING_TIMER_THRESH  100
+#endif /* SEC_NOTIFICATION_TYPE_POLL */
+
+#endif /* CAAM_JR_CONFIG_H */
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 03/15] crypto/caam_jr: add routines to configure HW
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
                         ` (13 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add routines for configuring the hw
to support various features.
These routines will be used by the PMD ops.
The patch also defines structure and macros used
to access hw capabilities.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile              |   5 +
 drivers/crypto/caam_jr/caam_jr_hw.c          | 379 ++++++++++++++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_pvt.h         | 286 +++++++++++
 drivers/crypto/caam_jr/meson.build           |   5 +-
 5 files changed, 1177 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index b1f3ecee7..e22943749 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -16,7 +16,10 @@ CFLAGS += -D _GNU_SOURCE
 CFLAGS += -O3
 CFLAGS += $(WERROR_FLAGS)
 
+CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
 CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+#sharing the hw flib headers from dpaa2_sec pmd
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
 
@@ -28,10 +31,12 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
 LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_dpaa
 LDLIBS += -lrte_bus_vdev
 
 include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
new file mode 100644
index 000000000..73cc61a27
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -0,0 +1,379 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <inttypes.h>
+#include <rte_common.h>
+#include <rte_memory.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+#include <rte_security.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Used to retry resetting a job ring in SEC hardware. */
+#define SEC_TIMEOUT 100000
+
+/* @brief Process Jump Halt Condition related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_cond_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x, Condition: 0x%x",
+			error_code.error_desc.jmp_halt_cond_src.jmp,
+			error_code.error_desc.jmp_halt_cond_src.desc_idx,
+			error_code.error_desc.jmp_halt_cond_src.cond);
+	(void)error_code;
+}
+
+/* @brief Process DECO related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_deco_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x",
+			error_code.error_desc.deco_src.jmp,
+			error_code.error_desc.deco_src.desc_idx);
+
+	switch (error_code.error_desc.deco_src.desc_err) {
+	case SEC_HW_ERR_DECO_HFN_THRESHOLD:
+		CAAM_JR_DEBUG(" Warning: Descriptor completed normally,"
+			"but 3GPP HFN matches or exceeds the Threshold ");
+		break;
+	default:
+		CAAM_JR_DEBUG("Error 0x%04x not implemented",
+				error_code.error_desc.deco_src.desc_err);
+		break;
+	}
+}
+
+/* @brief Process  Jump Halt User Status related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_user_err(union hw_error_code error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process CCB related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_ccb_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process Job Ring related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+int
+hw_reset_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	ASSERT(job_ring->register_base_addr != NULL);
+
+	/* First reset the job ring in hw */
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret, "Failed resetting job ring in hardware");
+
+	/* In order to have the HW JR in a workable state
+	 * after a reset, I need to re-write the input
+	 * queue size, input start address, output queue
+	 * size and output start address
+	 */
+	/* Write the JR input queue size to the HW register */
+	hw_set_input_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR output queue size to the HW register */
+	hw_set_output_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR input queue start address */
+	hw_set_input_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->input_ring));
+	CAAM_JR_DEBUG(" Set input ring base address to : Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->input_ring,
+		      caam_jr_dma_vtop(job_ring->input_ring),
+		      hw_get_inp_queue_base(job_ring));
+
+	/* Write the JR output queue start address */
+	hw_set_output_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->output_ring));
+	CAAM_JR_DEBUG(" Set output ring base address to: Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->output_ring,
+		      caam_jr_dma_vtop(job_ring->output_ring),
+		      hw_get_out_queue_base(job_ring));
+	return ret;
+}
+
+int
+hw_shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	unsigned int timeout = SEC_TIMEOUT;
+	uint32_t tmp = 0;
+	int usleep_interval = 10;
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return 0;
+	}
+
+	CAAM_JR_INFO("Resetting Job ring %p", job_ring);
+
+	/*
+	 * Mask interrupts since we are going to poll
+	 * for reset completion status
+	 * Also, at POR, interrupts are ENABLED on a JR, thus
+	 * this is the point where I can disable them without
+	 * changing the code logic too much
+	 */
+	caam_jr_disable_irqs(job_ring->irq_fd);
+
+	/* initiate flush (required prior to reset) */
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	/* dummy read */
+	tmp = GET_JR_REG(JRCR, job_ring);
+
+	do {
+		tmp = GET_JR_REG(JRINT, job_ring);
+		usleep(usleep_interval);
+	} while (((tmp & JRINT_ERR_HALT_MASK) ==
+			JRINT_ERR_HALT_INPROGRESS) && --timeout);
+
+	CAAM_JR_INFO("JRINT is %x", tmp);
+	if ((tmp & JRINT_ERR_HALT_MASK) != JRINT_ERR_HALT_COMPLETE ||
+		timeout == 0) {
+		CAAM_JR_ERR("0x%x, %d", tmp, timeout);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+
+	/* Initiate reset */
+	timeout = SEC_TIMEOUT;
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	do {
+		tmp = GET_JR_REG(JRCR, job_ring);
+		usleep(usleep_interval);
+	} while ((tmp & JR_REG_JRCR_VAL_RESET) && --timeout);
+
+	CAAM_JR_DEBUG("JRCR is %x", tmp);
+	if (timeout == 0) {
+		CAAM_JR_ERR("Failed to reset hw job ring %p", job_ring);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+	/* unmask interrupts */
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+		caam_jr_enable_irqs(job_ring->irq_fd);
+	return 0;
+
+}
+
+void
+hw_handle_job_ring_error(struct sec_job_ring_t *job_ring __rte_unused,
+			 uint32_t error_code)
+{
+	union hw_error_code hw_err_code;
+
+	hw_err_code.error = error_code;
+	switch (hw_err_code.error_desc.value.ssrc) {
+	case SEC_HW_ERR_SSRC_NO_SRC:
+		ASSERT(hw_err_code.error_desc.no_status_src.res == 0);
+		CAAM_JR_ERR("No Status Source ");
+		break;
+	case SEC_HW_ERR_SSRC_CCB_ERR:
+		CAAM_JR_ERR("CCB Status Source");
+		hw_handle_ccb_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_U:
+		CAAM_JR_ERR("Jump Halt User Status Source");
+		hw_handle_jmp_halt_user_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_DECO:
+		CAAM_JR_ERR("DECO Status Source");
+		hw_handle_deco_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JR:
+		CAAM_JR_ERR("Job Ring Status Source");
+		hw_handle_jr_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_COND:
+		CAAM_JR_ERR("Jump Halt Condition Codes");
+		hw_handle_jmp_halt_cond_err(hw_err_code);
+		break;
+	default:
+		ASSERT(0);
+		CAAM_JR_ERR("Unknown SSRC");
+		break;
+	}
+}
+
+void
+hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code)
+{
+	switch (code) {
+	case JRINT_ERR_WRITE_STATUS:
+		CAAM_JR_ERR("Error writing status to Output Ring ");
+		break;
+	case JRINT_ERR_BAD_INPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Input Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_BAD_OUTPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Output Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_WRITE_2_IRBA:
+		CAAM_JR_ERR(
+		"Invalid write to Input Ring Base Address Register ");
+		break;
+	case JRINT_ERR_WRITE_2_ORBA:
+		CAAM_JR_ERR(
+		"Invalid write to Output Ring Base Address Register ");
+		break;
+	case JRINT_ERR_RES_B4_HALT:
+		CAAM_JR_ERR(
+		"Job Ring [%p] released before Job Ring is halted",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_REM_TOO_MANY:
+		CAAM_JR_ERR("Removed too many jobs from job ring [%p]",
+			(void *)job_ring);
+		break;
+	case JRINT_ERR_ADD_TOO_MANY:
+		CAAM_JR_ERR("Added too many jobs on job ring [%p]", job_ring);
+		break;
+	default:
+		CAAM_JR_ERR(" Unknown SEC JR Error :%d",
+				code);
+		break;
+	}
+}
+
+int
+hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				 uint16_t irq_coalescing_timer,
+				 uint8_t irq_coalescing_count)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+	/* Set descriptor count coalescing */
+	reg_val |= (irq_coalescing_count << JR_REG_JRCFG_LO_ICDCT_SHIFT);
+
+	/* Set coalescing timer value */
+	reg_val |= (irq_coalescing_timer << JR_REG_JRCFG_LO_ICTT_SHIFT);
+
+	/* Update parameters in HW */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Set coalescing params on jr %p timer:%d, desc count: %d",
+			job_ring, irq_coalescing_timer, irq_coalescing_timer);
+
+	return 0;
+}
+
+int
+hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Enable coalescing */
+	reg_val |= JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Enabled coalescing on jr %p ",
+			job_ring);
+
+	return 0;
+}
+
+int
+hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Disable coalescing */
+	reg_val &= ~JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Disabled coalescing on jr %p ", job_ring);
+
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
new file mode 100644
index 000000000..5f58a585d
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
@@ -0,0 +1,503 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017 NXP
+ */
+
+#ifndef CAAM_JR_HW_SPECIFIC_H
+#define CAAM_JR_HW_SPECIFIC_H
+
+#include <caam_jr_config.h>
+
+/*
+ * Offset to the registers of a job ring.
+ * Is different for each job ring.
+ */
+#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
+
+#define SEC_JOB_RING_IS_FULL(pi, ci, ring_max_size, ring_threshold) \
+		((((pi) + 1 + ((ring_max_size) - (ring_threshold))) & \
+		  (ring_max_size - 1))  == ((ci)))
+
+#define SEC_CIRCULAR_COUNTER(x, max)   (((x) + 1) & (max - 1))
+
+/*
+ * Assert that cond is true. If !cond is true, display str and the vararg list
+ * in a printf-like syntax. also, if !cond is true, return altRet.
+ *
+ * \param cond          A boolean expression to be asserted true
+ * \param altRet        The value to be returned if cond doesn't hold true
+ * \param str           A quoted char string
+ *
+ * E.g.:
+ *      SEC_ASSERT(ret > 0, 0, "ERROR initializing app: code = %d\n", ret);
+ */
+#define SEC_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define SEC_DP_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_DP_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define ASSERT(x)
+
+/*
+ * Constants representing various job ring registers
+ */
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_IRBA_OFFSET		0x0000
+#define JR_REG_IRBA_OFFSET_LO		0x0004
+#else
+#define JR_REG_IRBA_OFFSET		0x0004
+#define JR_REG_IRBA_OFFSET_LO		0x0000
+#endif
+
+#define JR_REG_IRSR_OFFSET		0x000C
+#define JR_REG_IRSA_OFFSET		0x0014
+#define JR_REG_IRJA_OFFSET		0x001C
+
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_ORBA_OFFSET		0x0020
+#define JR_REG_ORBA_OFFSET_LO		0x0024
+#else
+#define JR_REG_ORBA_OFFSET		0x0024
+#define JR_REG_ORBA_OFFSET_LO		0x0020
+#endif
+
+#define JR_REG_ORSR_OFFSET		0x002C
+#define JR_REG_ORJR_OFFSET		0x0034
+#define JR_REG_ORSFR_OFFSET		0x003C
+#define JR_REG_JROSR_OFFSET		0x0044
+#define JR_REG_JRINT_OFFSET		0x004C
+
+#define JR_REG_JRCFG_OFFSET		0x0050
+#define JR_REG_JRCFG_OFFSET_LO		0x0054
+
+#define JR_REG_IRRI_OFFSET		0x005C
+#define JR_REG_ORWI_OFFSET		0x0064
+#define JR_REG_JRCR_OFFSET		0x006C
+
+/*
+ * Constants for error handling on job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_SHIFT	8
+#define JR_REG_JRINT_ERR_ORWI_SHIFT	16
+#define JR_REG_JRINIT_JRE_SHIFT		1
+
+#define JRINT_JRE			(1 << JR_REG_JRINIT_JRE_SHIFT)
+#define JRINT_ERR_WRITE_STATUS		(1 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_INPUT_BASE	(3 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_OUTPUT_BASE	(4 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_IRBA		(5 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_ORBA		(6 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_RES_B4_HALT		(7 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_REM_TOO_MANY		(8 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_ADD_TOO_MANY		(9 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_HALT_MASK		0x0C
+#define JRINT_ERR_HALT_INPROGRESS	0x04
+#define JRINT_ERR_HALT_COMPLETE		0x08
+
+#define JR_REG_JRCR_VAL_RESET		0x00000001
+
+#define JR_REG_JRCFG_LO_ICTT_SHIFT	0x10
+#define JR_REG_JRCFG_LO_ICDCT_SHIFT	0x08
+#define JR_REG_JRCFG_LO_ICEN_EN		0x02
+
+/*
+ * Constants for Descriptor Processing errors
+ */
+#define SEC_HW_ERR_SSRC_NO_SRC		0x00
+#define SEC_HW_ERR_SSRC_CCB_ERR		0x02
+#define SEC_HW_ERR_SSRC_JMP_HALT_U	0x03
+#define SEC_HW_ERR_SSRC_DECO		0x04
+#define SEC_HW_ERR_SSRC_JR		0x06
+#define SEC_HW_ERR_SSRC_JMP_HALT_COND   0x07
+
+#define SEC_HW_ERR_DECO_HFN_THRESHOLD   0xF1
+#define SEC_HW_ERR_CCB_ICV_CHECK_FAIL   0x0A
+
+/*
+ * Constants for descriptors
+ */
+/* Return higher 32 bits of physical address */
+#define PHYS_ADDR_HI(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) >> 32)
+
+/* Return lower 32 bits of physical address */
+#define PHYS_ADDR_LO(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) & 0xFFFFFFFF)
+
+/*
+ * Macros for extracting error codes for the job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_EXTRACT(value)      ((value) & 0x00000F00)
+#define JR_REG_JRINT_ERR_ORWI_EXTRACT(value)     \
+	(((value) & 0x3FFF0000) >> JR_REG_JRINT_ERR_ORWI_SHIFT)
+#define JR_REG_JRINT_JRE_EXTRACT(value)	   ((value) & JRINT_JRE)
+
+/*
+ * Macros for managing the job ring
+ */
+/* Read pointer to job ring input ring start address */
+#if defined(RTE_ARCH_ARM64)
+#define hw_get_inp_queue_base(jr) ((((dma_addr_t)GET_JR_REG(IRBA, \
+				      (jr))) << 32) | \
+				      (GET_JR_REG_LO(IRBA, (jr))))
+
+/* Read pointer to job ring output ring start address */
+#define hw_get_out_queue_base(jr) (((dma_addr_t)(GET_JR_REG(ORBA, \
+				     (jr))) << 32) | \
+				     (GET_JR_REG_LO(ORBA, (jr))))
+#else
+#define hw_get_inp_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(IRBA, (jr))))
+
+#define hw_get_out_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(ORBA, (jr))))
+#endif
+
+/*
+ * IRJA - Input Ring Jobs Added Register shows
+ * how many new jobs were added to the Input Ring.
+ */
+#define hw_enqueue_desc_on_job_ring(job_ring) SET_JR_REG(IRJA, (job_ring), 1)
+
+#define hw_set_input_ring_size(job_ring, size) SET_JR_REG(IRSR, job_ring, \
+							 (size))
+
+#define hw_set_output_ring_size(job_ring, size) SET_JR_REG(ORSR, job_ring, \
+							  (size))
+
+#if defined(RTE_ARCH_ARM64)
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#else
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, 0);	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, 0);	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+#endif
+
+/* ORJR - Output Ring Jobs Removed Register shows how many jobs were
+ * removed from the Output Ring for processing by software. This is done after
+ * the software has processed the entries.
+ */
+#define hw_remove_entries(jr, no_entries) SET_JR_REG(ORJR, (jr), (no_entries))
+
+/* IRSA - Input Ring Slots Available register holds the number of entries in
+ * the Job Ring's input ring. Once a job is enqueued, the value returned is
+ * decremented by the hardware by the number of jobs enqueued.
+ */
+#define hw_get_available_slots(jr)		GET_JR_REG(IRSA, jr)
+
+/* ORSFR - Output Ring Slots Full register holds the number of jobs which were
+ * processed by the SEC and can be retrieved by the software. Once a job has
+ * been processed by software, the user will call hw_remove_one_entry in order
+ * to notify the SEC that the entry was processed.
+ */
+#define hw_get_no_finished_jobs(jr)		GET_JR_REG(ORSFR, jr)
+
+/*
+ * Macros for manipulating JR registers
+ */
+#if CORE_BYTE_ORDER == CAAM_BYTE_ORDER
+#define sec_read_32(addr)	(*(volatile unsigned int *)(addr))
+#define sec_write_32(addr, val)	(*(volatile unsigned int *)(addr) = (val))
+
+#else
+#define sec_read_32(addr)	rte_bswap32((*(volatile unsigned int *)(addr)))
+#define sec_write_32(addr, val) \
+			(*(volatile unsigned int *)(addr) = rte_bswap32(val))
+#endif
+
+#if CAAM_BYTE_ORDER == __LITTLE_ENDIAN
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr) + 1) << 32) | \
+				(sec_read_32((u32 *)(addr))))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr) + 1, (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr), (u32)(val));		\
+}
+#else /* CAAM_BYTE_ORDER == __BIG_ENDIAN */
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr)) << 32) | \
+				(sec_read_32((u32 *)(addr) + 1)))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr), (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr) + 1, (u32)(val));		\
+}
+#endif
+
+#if defined(RTE_ARCH_ARM64)
+#define sec_read_addr(a)	sec_read_64((a))
+#define sec_write_addr(a, v)	sec_write_64((a), (v))
+#else
+#define sec_read_addr(a)	sec_read_32((a))
+#define sec_write_addr(a, v)	sec_write_32((a), (v))
+#endif
+
+#define JR_REG(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET)
+#define JR_REG_LO(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET_LO)
+
+#define GET_JR_REG(name, jr)	(sec_read_32(JR_REG(name, (jr))))
+#define GET_JR_REG_LO(name, jr)	(sec_read_32(JR_REG_LO(name, (jr))))
+
+#define SET_JR_REG(name, jr, value) \
+				(sec_write_32(JR_REG(name, (jr)), value))
+#define SET_JR_REG_LO(name, jr, value) \
+				(sec_write_32(JR_REG_LO(name, (jr)), value))
+
+/* Lists the possible states for a job ring. */
+typedef enum sec_job_ring_state_e {
+	SEC_JOB_RING_STATE_STARTED,	/* Job ring is initialized */
+	SEC_JOB_RING_STATE_RESET,	/* Job ring reset is in progress */
+} sec_job_ring_state_t;
+
+/* code or cmd block to caam */
+struct sec_cdb {
+	struct {
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				uint16_t rsvd63_48;
+				unsigned int rsvd47_39:9;
+				unsigned int idlen:7;
+#else
+				unsigned int idlen:7;
+				unsigned int rsvd47_39:9;
+				uint16_t rsvd63_48;
+#endif
+			} field;
+		} __rte_packed hi;
+
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				unsigned int rsvd31_30:2;
+				unsigned int fsgt:1;
+				unsigned int lng:1;
+				unsigned int offset:2;
+				unsigned int abs:1;
+				unsigned int add_buf:1;
+				uint8_t pool_id;
+				uint16_t pool_buffer_size;
+#else
+				uint16_t pool_buffer_size;
+				uint8_t pool_id;
+				unsigned int add_buf:1;
+				unsigned int abs:1;
+				unsigned int offset:2;
+				unsigned int lng:1;
+				unsigned int fsgt:1;
+				unsigned int rsvd31_30:2;
+#endif
+			} field;
+		} __rte_packed lo;
+	} __rte_packed sh_hdr;
+
+	uint32_t sh_desc[SEC_JOB_DESCRIPTOR_SIZE];
+};
+
+struct caam_jr_qp {
+	struct sec_job_ring_t *ring;
+	uint64_t rx_pkts;
+	uint64_t rx_errs;
+	uint64_t rx_poll_err;
+	uint64_t tx_pkts;
+	uint64_t tx_errs;
+	uint64_t tx_ring_full;
+};
+
+struct sec_job_ring_t {
+	/* TODO: Add wrapper macro to make it obvious this is the consumer index
+	 * on the output ring
+	 */
+	uint32_t cidx;		/* Consumer index for job ring (jobs array).
+				 * @note: cidx and pidx are accessed from
+				 * different threads. Place the cidx and pidx
+				 * inside the structure so that they lay on
+				 * different cachelines, to avoid false sharing
+				 * between threads when the threads run on
+				 * different cores!
+				 */
+	/* TODO: Add wrapper macro to make it obvious this is the producer index
+	 * on the input ring
+	 */
+	uint32_t pidx;		/* Producer index for job ring (jobs array) */
+
+	phys_addr_t *input_ring;/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	struct sec_outring_entry *output_ring;
+				/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	uint32_t irq_fd;	/* The file descriptor used for polling from
+				 * user space for interrupts notifications
+				 */
+	uint32_t jr_mode;	/* Model used by SEC Driver to receive
+				 * notifications from SEC.  Can be either
+				 * of the three: #SEC_NOTIFICATION_TYPE_NAPI
+				 * #SEC_NOTIFICATION_TYPE_IRQ or
+				 * #SEC_NOTIFICATION_TYPE_POLL
+				 */
+	uint32_t napi_mode;	/* Job ring mode if NAPI mode is chosen
+				 * Used only when jr_mode is set to
+				 * #SEC_NOTIFICATION_TYPE_NAPI
+				 */
+	void *register_base_addr;	/* Base address for SEC's
+					 * register memory for this job ring.
+					 */
+	uint8_t coalescing_en;		/* notifies if coelescing is
+					 * enabled for the job ring
+					 */
+	sec_job_ring_state_t jr_state;	/* The state of this job ring */
+
+	struct rte_mempool *ctx_pool;   /* per dev mempool for caam_jr_op_ctx */
+	unsigned int max_nb_queue_pairs;
+	unsigned int max_nb_sessions;
+	struct caam_jr_qp qps[RTE_CAAM_MAX_NB_SEC_QPS]; /* i/o queue for sec */
+};
+
+/* Union describing the possible error codes that
+ * can be set in the descriptor status word
+ */
+union hw_error_code {
+	uint32_t error;
+	union {
+		struct {
+			uint32_t ssrc:4;
+			uint32_t ssed_val:28;
+		} __rte_packed value;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:28;
+		} __rte_packed no_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cha_id:4;
+			uint32_t err_id:4;
+		} __rte_packed ccb_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t offset:8;
+		} __rte_packed jmp_halt_user_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t desc_err:8;
+		} __rte_packed deco_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:17;
+			uint32_t naddr:3;
+			uint32_t desc_err:8;
+		} __rte_packed jr_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cond:8;
+		} __rte_packed jmp_halt_cond_src;
+	} __rte_packed error_desc;
+} __rte_packed;
+
+/* @brief Initialize a job ring/channel in SEC device.
+ * Write configuration register/s to properly initialize a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval other for error
+ */
+int hw_reset_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Reset a job ring/channel in SEC device.
+ * Write configuration register/s to reset a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval -1 in case job ring reset failed
+ */
+int hw_shutdown_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Handle a job ring/channel error in SEC device.
+ * Identify the error type and clear error bits if required.
+ *
+ * @param [in]  job_ring	The job ring
+ * @param [in]  sec_error_code  The job ring's error code
+ */
+void hw_handle_job_ring_error(struct sec_job_ring_t *job_ring,
+			      uint32_t sec_error_code);
+
+/* @brief Handle a job ring error in the device.
+ * Identify the error type and printout a explanatory
+ * messages.
+ *
+ * @param [in]  job_ring	The job ring
+ *
+ */
+void hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code);
+
+/* @brief Set interrupt coalescing parameters on the Job Ring.
+ * @param [in]  job_ring		The job ring
+ * @param [in]  irq_coalesing_timer     Interrupt coalescing timer threshold.
+ *					This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in]  irq_coalescing_count    Interrupt coalescing descriptor count
+ *					threshold.
+ */
+int hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				     uint16_t irq_coalescing_timer,
+				     uint8_t irq_coalescing_count);
+
+/* @brief Enable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring);
+
+/* @brief Disable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring);
+
+#endif /* CAAM_JR_HW_SPECIFIC_H */
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
new file mode 100644
index 000000000..58fd257fc
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -0,0 +1,286 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_PVT_H
+#define CAAM_JR_PVT_H
+
+/* NXP CAAM JR PMD device name */
+
+#define CAAM_JR_ALG_UNSUPPORT	(-1)
+
+/* Minimum job descriptor consists of a oneword job descriptor HEADER and
+ * a pointer to the shared descriptor.
+ */
+#define MIN_JOB_DESC_SIZE	(CAAM_CMD_SZ + CAAM_PTR_SZ)
+#define CAAM_JOB_DESC_SIZE	13
+
+/* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
+#define CTX_POOL_NUM_BUFS	32000
+#define CTX_POOL_CACHE_SIZE	512
+
+#define DIR_ENC                 1
+#define DIR_DEC                 0
+
+#define JR_MAX_NB_MAX_DIGEST	32
+
+#define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
+
+
+/* Return codes for SEC user space driver APIs */
+enum sec_return_code_e {
+	SEC_SUCCESS = 0,	       /* Operation executed successfully.*/
+	SEC_INVALID_INPUT_PARAM,       /* API received an invalid input
+					* parameter
+					*/
+	SEC_OUT_OF_MEMORY,	       /* Memory allocation failed. */
+	SEC_DESCRIPTOR_IN_FLIGHT,      /* API function indicates there are
+					* descriptors in flight
+					* for SEC to process.
+					*/
+	SEC_LAST_DESCRIPTOR_IN_FLIGHT, /* API function indicates there is one
+					* last descriptor in flight
+					* for SEC to process that.
+					*/
+	SEC_PROCESSING_ERROR,	       /* Indicates a SEC processing error
+					* occurred on a Job Ring which requires
+					* a SEC user space driver shutdown. Can
+					* be returned from sec_poll_job_ring().
+					* Then the only other API that can be
+					* called after this error is
+					* sec_release().
+					*/
+	SEC_DESC_PROCESSING_ERROR,     /* Indicates a SEC descriptor processing
+					* error occurred on a Job Ring. Can be
+					* returned from sec_poll_job_ring().
+					* The driver was able to reset job ring
+					* and job ring can be used like in a
+					* normal case.
+					*/
+	SEC_JR_IS_FULL,			/* Job Ring is full. There is no more
+					 * room in the JR for new descriptors.
+					 * This can happen if the descriptor RX
+					 * rate is higher than SEC's capacity.
+					 */
+	SEC_DRIVER_RELEASE_IN_PROGRESS, /* SEC driver shutdown is in progress,
+					 * descriptors processing or polling is
+					 * allowed.
+					 */
+	SEC_DRIVER_ALREADY_INITIALIZED, /* SEC driver is already initialized.*/
+	SEC_DRIVER_NOT_INITIALIZED,	/* SEC driver is NOT initialized. */
+	SEC_JOB_RING_RESET_IN_PROGRESS, /* Job ring is resetting due to a
+					 * per-descriptor SEC processing error
+					 * ::SEC_desc_PROCESSING_ERROR. Reset is
+					 * finished when sec_poll_job_ring()
+					 * return. Then the job ring can be used
+					 * again.
+					 */
+	SEC_RESET_ENGINE_FAILED,	/* Resetting of SEC Engine by SEC Kernel
+					 * Driver Failed
+					 */
+	SEC_ENABLE_IRQS_FAILED,		/* Enabling of IRQs in SEC Kernel Driver
+					 * Failed
+					 */
+	SEC_DISABLE_IRQS_FAILED,	/* Disabling of IRQs in SEC Kernel
+					 * Driver Failed
+					 */
+	/* END OF VALID VALUES */
+
+	SEC_RETURN_CODE_MAX_VALUE,	/* Invalid value for return code. It is
+					 * used to mark the end of the return
+					 * code values. @note ALL new return
+					 * code values MUST be added before
+					 * ::SEC_RETURN_CODE_MAX_VALUE!
+					 */
+};
+
+enum caam_jr_op_type {
+	CAAM_JR_NONE,  /* No Cipher operations*/
+	CAAM_JR_CIPHER,/* CIPHER operations */
+	CAAM_JR_AUTH,  /* Authentication Operations */
+	CAAM_JR_AEAD,  /* Authenticated Encryption with associated data */
+	CAAM_JR_IPSEC, /* IPSEC protocol operations*/
+	CAAM_JR_PDCP,  /* PDCP protocol operations*/
+	CAAM_JR_PKC,   /* Public Key Cryptographic Operations */
+	CAAM_JR_MAX
+};
+
+struct caam_jr_session {
+	uint8_t dir;         /* Operation Direction */
+	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
+	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
+	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	union {
+		struct {
+			uint8_t *data;	/* pointer to key data */
+			size_t length;	/* key length in bytes */
+		} aead_key;
+		struct {
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} cipher_key;
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} auth_key;
+		};
+	};
+	struct {
+		uint16_t length;
+		uint16_t offset;
+	} iv;	/* Initialisation vector parameters */
+	uint16_t auth_only_len; /* Length of data for Auth only */
+	uint32_t digest_length;
+	struct ip ip4_hdr;
+	struct caam_jr_qp *qp;
+	struct sec_cdb *cdb;	/* cmd block associated with qp */
+	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
+};
+
+/*
+ * 16-byte hardware scatter/gather table
+ */
+
+#define SEC4_SG_LEN_EXT		0x80000000	/* Entry points to table */
+#define SEC4_SG_LEN_FIN		0x40000000	/* Last ent in table */
+#define SEC4_SG_BPID_MASK	0x000000ff
+#define SEC4_SG_BPID_SHIFT	16
+#define SEC4_SG_LEN_MASK	0x3fffffff	/* Excludes EXT and FINAL */
+#define SEC4_SG_OFFSET_MASK	0x00001fff
+
+struct sec4_sg_entry {
+	uint64_t ptr;
+	uint32_t len;
+	uint32_t bpid_offset;
+};
+
+#define MAX_SG_ENTRIES		16
+#define SG_CACHELINE_0		0
+#define SG_CACHELINE_1		4
+#define SG_CACHELINE_2		8
+#define SG_CACHELINE_3		12
+
+/* Structure encompassing a job descriptor which is to be processed
+ * by SEC. User should also initialise this structure with the callback
+ * function pointer which will be called by driver after recieving proccessed
+ * descriptor from SEC. User data is also passed in this data structure which
+ * will be sent as an argument to the user callback function.
+ */
+struct job_descriptor {
+	uint32_t desc[CAAM_JOB_DESC_SIZE];
+};
+
+struct caam_jr_op_ctx {
+	struct job_descriptor jobdes;
+	/* sg[0] output, sg[1] input, others are possible sub frames */
+	struct sec4_sg_entry sg[MAX_SG_ENTRIES];
+	struct rte_crypto_op *op;
+	struct rte_mempool *ctx_pool; /* mempool pointer for caam_jr_op_ctx */
+	int64_t vtop_offset;
+	uint8_t digest[JR_MAX_NB_MAX_DIGEST];
+};
+
+/**
+ * Checksum
+ *
+ * @param buffer calculate chksum for buffer
+ * @param len    buffer length
+ *
+ * @return checksum value in host cpu order
+ */
+static inline uint16_t
+calc_chksum(void *buffer, int len)
+{
+	uint16_t *buf = (uint16_t *)buffer;
+	uint32_t sum = 0;
+	uint16_t result;
+
+	for (sum = 0; len > 1; len -= 2)
+		sum += *buf++;
+
+	if (len == 1)
+		sum += *(unsigned char *)buf;
+
+	sum = (sum >> 16) + (sum & 0xFFFF);
+	sum += (sum >> 16);
+	result = ~sum;
+
+	return  result;
+}
+struct uio_job_ring {
+	uint32_t jr_id;
+	uint32_t uio_fd;
+	void *register_base_addr;
+	int map_size;
+	int uio_minor_number;
+};
+
+int sec_cleanup(void);
+int sec_configure(void);
+struct uio_job_ring *config_job_ring(void);
+void free_job_ring(uint32_t uio_fd);
+
+/* For Dma memory allocation of specified length and alignment */
+static inline void *
+caam_jr_dma_mem_alloc(size_t align, size_t len)
+{
+	return rte_malloc("mem_alloc", len, align);
+}
+
+/* For freeing dma memory */
+static inline void
+caam_jr_dma_free(void *ptr)
+{
+	rte_free(ptr);
+}
+
+static inline rte_iova_t
+caam_jr_mem_vtop(void *vaddr)
+{
+	const struct rte_memseg *ms;
+
+	ms = rte_mem_virt2memseg(vaddr, NULL);
+	if (ms)
+		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
+	return (size_t)NULL;
+}
+
+static inline void *
+caam_jr_dma_ptov(rte_iova_t paddr)
+{
+	return rte_mem_iova2virt(paddr);
+}
+
+/* Virtual to physical address conversion */
+static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
+{
+	return caam_jr_mem_vtop(ptr);
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t caam_jr_enable_irqs(uint32_t uio_fd);
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t caam_jr_disable_irqs(uint32_t uio_fd);
+
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 3edd0a212..c282eb4dc 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,6 +6,9 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr.c')
 
 allow_experimental_apis = true
+
+includes += include_directories('../dpaa2_sec/')
+includes += include_directories('../../bus/dpaa/include/')
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 04/15] crypto/caam_jr: add UIO specific operations
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (2 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
                         ` (12 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr need support from kernel caam driver for
job ring initialisation. So to access register space
for job ring and allow re configure and map to userspace
UIO interface is used. This also allows to handle the
caam interrupts from the user space.

This patch adds UIO specific operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile      |   1 +
 drivers/crypto/caam_jr/caam_jr_hw.c  |  13 -
 drivers/crypto/caam_jr/caam_jr_pvt.h |   1 -
 drivers/crypto/caam_jr/caam_jr_uio.c | 500 +++++++++++++++++++++++++++
 drivers/crypto/caam_jr/meson.build   |   2 +-
 5 files changed, 502 insertions(+), 15 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index e22943749..cfd093a5f 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -32,6 +32,7 @@ LIBABIVER := 1
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index 73cc61a27..80602b702 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -9,7 +9,6 @@
 #include <rte_memory.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
-#include <rte_security.h>
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
@@ -91,18 +90,6 @@ hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
 	CAAM_JR_DEBUG(" Not implemented");
 }
 
-uint32_t
-caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
-uint32_t
-caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
 int
 hw_reset_job_ring(struct sec_job_ring_t *job_ring)
 {
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
index 58fd257fc..333a192d9 100644
--- a/drivers/crypto/caam_jr/caam_jr_pvt.h
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -132,7 +132,6 @@ struct caam_jr_session {
 	} iv;	/* Initialisation vector parameters */
 	uint16_t auth_only_len; /* Length of data for Auth only */
 	uint32_t digest_length;
-	struct ip ip4_hdr;
 	struct caam_jr_qp *qp;
 	struct sec_cdb *cdb;	/* cmd block associated with qp */
 	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
new file mode 100644
index 000000000..d6aec3e4c
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -0,0 +1,500 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <dirent.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <fcntl.h>
+
+#include <rte_common.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Prefix path to sysfs directory where UIO device attributes are exported.
+ * Path for UIO device X is /sys/class/uio/uioX
+ */
+#define SEC_UIO_DEVICE_SYS_ATTR_PATH    "/sys/class/uio"
+
+/* Subfolder in sysfs where mapping attributes are exported
+ * for each UIO device. Path for mapping Y for device X is:
+ *      /sys/class/uio/uioX/maps/mapY
+ */
+#define SEC_UIO_DEVICE_SYS_MAP_ATTR     "maps/map"
+
+/* Name of UIO device file prefix. Each UIO device will have a device file
+ * /dev/uioX, where X is the minor device number.
+ */
+#define SEC_UIO_DEVICE_FILE_NAME    "/dev/uio"
+
+/*
+ * Name of UIO device. Each user space SEC job ring will have a corresponding
+ * UIO device with the name sec-channelX, where X is the job ring id.
+ * Maximum length is #SEC_UIO_MAX_DEVICE_NAME_LENGTH.
+ *
+ * @note  Must be kept in synch with SEC kernel driver
+ * define #SEC_UIO_DEVICE_NAME !
+ */
+#define SEC_UIO_DEVICE_NAME     "fsl-jr"
+
+/* Maximum length for the name of an UIO device file.
+ * Device file name format is: /dev/uioX.
+ */
+#define SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH 30
+
+/* Maximum length for the name of an attribute file for an UIO device.
+ * Attribute files are exported in sysfs and have the name formatted as:
+ *      /sys/class/uio/uioX/<attribute_file_name>
+ */
+#define SEC_UIO_MAX_ATTR_FILE_NAME  100
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to disable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_DISABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_DISABLE_IRQ_CMD     0
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to enable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_ENABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_ENABLE_IRQ_CMD      1
+
+/** Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to do a SEC engine reset.
+ *  @note   Need to be kept in synch with #SEC_UIO_RESET_SEC_ENGINE_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_RESET_SEC_ENGINE_CMD    3
+
+/* The id for the mapping used to export SEC's registers to
+ * user space through UIO devices.
+ */
+#define SEC_UIO_MAP_ID              0
+
+static struct uio_job_ring g_uio_job_ring[MAX_SEC_JOB_RINGS];
+static int g_uio_jr_num;
+
+/** @brief Checks if a file name contains a certain substring.
+ * If so, it extracts the number following the substring.
+ * This function assumes a filename format of: [text][number].
+ * @param [in]  filename    File name
+ * @param [in]  match       String to match in file name
+ * @param [out] number      The number extracted from filename
+ *
+ * @retval true if file name matches the criteria
+ * @retval false if file name does not match the criteria
+ */
+static bool
+file_name_match_extract(const char filename[], const char match[], int *number)
+{
+	char *substr = NULL;
+
+	substr = strstr(filename, match);
+	if (substr == NULL)
+		return false;
+
+	/* substring <match> was found in <filename>
+	 * read number following <match> substring in <filename>
+	 */
+	if (sscanf(filename + strlen(match), "%d", number) <= 0)
+		return false;
+
+	return true;
+}
+
+/** @brief Reads first line from a file.
+ * Composes file name as: root/subdir/filename
+ *
+ * @param [in]  root     Root path
+ * @param [in]  subdir   Subdirectory name
+ * @param [in]  filename File name
+ * @param [out] line     The first line read from file.
+ *
+ * @retval 0 for succes
+ * @retval other value for error
+ */
+static int
+file_read_first_line(const char root[], const char subdir[],
+		     const char filename[], char *line)
+{
+	char absolute_file_name[SEC_UIO_MAX_ATTR_FILE_NAME];
+	int fd = 0, ret = 0;
+
+	/*compose the file name: root/subdir/filename */
+	memset(absolute_file_name, 0, sizeof(absolute_file_name));
+	snprintf(absolute_file_name, SEC_UIO_MAX_ATTR_FILE_NAME,
+		 "%s/%s/%s", root, subdir, filename);
+
+	fd = open(absolute_file_name, O_RDONLY);
+	SEC_ASSERT(fd > 0, fd, "Error opening file %s",
+			absolute_file_name);
+
+	/* read UIO device name from first line in file */
+	ret = read(fd, line, SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH);
+	close(fd);
+
+	/* NULL-ify string */
+	line[SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH - 1] = '\0';
+
+	if (ret <= 0) {
+		CAAM_JR_ERR("Error reading from file %s", absolute_file_name);
+		return ret;
+	}
+
+	return 0;
+}
+
+/** @brief Uses UIO control to send commands to SEC kernel driver.
+ * The mechanism is to write a command word into the file descriptor
+ * that the user-space driver obtained for each user-space SEC job ring.
+ * Both user-space driver and kernel driver must have the same understanding
+ * about the command codes.
+ *
+ * @param [in]  UIO FD		    The UIO file descriptor
+ * @param [in]  uio_command         Command word
+ *
+ * @retval Result of write operation on the job ring's UIO file descriptor.
+ *         Should be sizeof(int) for success operations.
+ *         Other values can be returned and used, if desired to add special
+ *         meaning to return values, but this has to be programmed in SEC
+ *         kernel driver as well. No special return values are used.
+ */
+static int
+sec_uio_send_command(uint32_t uio_fd, int32_t uio_command)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver execute the desired command.
+	 */
+	ret = write(uio_fd, &uio_command, sizeof(int));
+	return ret;
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver enable DONE and Error IRQs for this job ring,
+	 * at Controller level.
+	 */
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_ENABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to enable job done and "
+		"error IRQs through UIO control. UIO FD %d. Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Enabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver disable IRQs for this job ring,
+	 * at Controller level.
+	 */
+
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_DISABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to disable job done and "
+		"IRQs through UIO control. UIO_FD %d Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Disabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+/** @brief Maps register range assigned for a job ring.
+ *
+ * @param [in] uio_device_fd    UIO device file descriptor
+ * @param [in] uio_device_id    UIO device id
+ * @param [in] uio_map_id       UIO allows maximum 5 different mapping for
+				each device. Maps start with id 0.
+ * @param [out] map_size        Map size.
+ * @retval  NULL if failed to map registers
+ * @retval  Virtual address for mapped register address range
+ */
+static void *
+uio_map_registers(int uio_device_fd, int uio_device_id,
+		  int uio_map_id, int *map_size)
+{
+	void *mapped_address = NULL;
+	unsigned int uio_map_size = 0;
+	char uio_sys_root[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_sys_map_subdir[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_map_size_str[32];
+	int ret = 0;
+
+	/* compose the file name: root/subdir/filename */
+	memset(uio_sys_root, 0, sizeof(uio_sys_root));
+	memset(uio_sys_map_subdir, 0, sizeof(uio_sys_map_subdir));
+	memset(uio_map_size_str, 0, sizeof(uio_map_size_str));
+
+	/* Compose string: /sys/class/uio/uioX */
+	sprintf(uio_sys_root, "%s/%s%d", SEC_UIO_DEVICE_SYS_ATTR_PATH,
+		"uio", uio_device_id);
+	/* Compose string: maps/mapY */
+	sprintf(uio_sys_map_subdir, "%s%d", SEC_UIO_DEVICE_SYS_MAP_ATTR,
+		uio_map_id);
+
+	/* Read first (and only) line from file
+	 * /sys/class/uio/uioX/maps/mapY/size
+	 */
+	ret = file_read_first_line(uio_sys_root, uio_sys_map_subdir,
+				 "size", uio_map_size_str);
+	SEC_ASSERT(ret == 0, NULL, "file_read_first_line() failed");
+
+	/* Read mapping size, expressed in hexa(base 16) */
+	uio_map_size = strtol(uio_map_size_str, NULL, 16);
+
+	/* Map the region in user space */
+	mapped_address = mmap(0, /*dynamically choose virtual address */
+		uio_map_size, PROT_READ | PROT_WRITE,
+		MAP_SHARED, uio_device_fd, 0);
+	/* offset = 0 because UIO device has only one mapping
+	 * for the entire SEC register memory
+	 */
+	if (mapped_address == MAP_FAILED) {
+		CAAM_JR_ERR(
+			"Failed to map registers! errno = %d job ring fd  = %d,"
+			"uio device id = %d, uio map id = %d", errno,
+			uio_device_fd, uio_device_id, uio_map_id);
+		return NULL;
+	}
+
+	/*
+	 * Save the map size to use it later on for munmap-ing.
+	 */
+	*map_size = uio_map_size;
+
+	CAAM_JR_INFO("UIO dev[%d] mapped region [id =%d] size 0x%x at %p",
+		uio_device_id, uio_map_id, uio_map_size, mapped_address);
+
+	return mapped_address;
+}
+
+void
+free_job_ring(uint32_t uio_fd)
+{
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	if (!job_ring->uio_fd)
+		return;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == uio_fd) {
+			job_ring = &g_uio_job_ring[i];
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("JR not available for fd = %x\n", uio_fd);
+		return;
+	}
+
+	/* Open device file */
+	CAAM_JR_INFO("Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+	close(job_ring->uio_fd);
+	g_uio_jr_num--;
+	job_ring->uio_fd = 0;
+	if (job_ring->register_base_addr == NULL)
+		return;
+
+	/* Unmap the PCI memory resource of device */
+	if (munmap(job_ring->register_base_addr, job_ring->map_size)) {
+		CAAM_JR_INFO("cannot munmap(%p, 0x%lx): %s",
+			job_ring->register_base_addr,
+			(unsigned long)job_ring->map_size, strerror(errno));
+	} else
+		CAAM_JR_DEBUG("  JR UIO memory unmapped at %p",
+				job_ring->register_base_addr);
+	job_ring->register_base_addr = NULL;
+}
+
+struct
+uio_job_ring *config_job_ring(void)
+{
+	char uio_device_file_name[32];
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == 0) {
+			job_ring = &g_uio_job_ring[i];
+			g_uio_jr_num++;
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	/* Find UIO device created by SEC kernel driver for this job ring. */
+	memset(uio_device_file_name, 0, sizeof(uio_device_file_name));
+
+	sprintf(uio_device_file_name, "%s%d", SEC_UIO_DEVICE_FILE_NAME,
+		job_ring->uio_minor_number);
+
+	/* Open device file */
+	job_ring->uio_fd = open(uio_device_file_name, O_RDWR);
+	SEC_ASSERT(job_ring->uio_fd > 0, NULL,
+		"Failed to open UIO device file for job ring %d",
+		job_ring->jr_id);
+
+	CAAM_JR_INFO("Open device(%s) file for job ring=%d , uio_fd = %d",
+		uio_device_file_name, job_ring->jr_id, job_ring->uio_fd);
+
+	ASSERT(job_ring->register_base_addr == NULL);
+	job_ring->register_base_addr = uio_map_registers(
+			job_ring->uio_fd, job_ring->uio_minor_number,
+			SEC_UIO_MAP_ID, &job_ring->map_size);
+
+	SEC_ASSERT(job_ring->register_base_addr != NULL, NULL,
+		"Failed to map SEC registers");
+	return job_ring;
+}
+
+int
+sec_configure(void)
+{
+	char uio_name[32];
+	int config_jr_no = 0, jr_id = -1;
+	int uio_minor_number = -1;
+	int ret;
+	DIR *d = NULL;
+	struct dirent *dir;
+
+	d = opendir(SEC_UIO_DEVICE_SYS_ATTR_PATH);
+	if (d == NULL) {
+		printf("\nError opening directory '%s': %s\n",
+			SEC_UIO_DEVICE_SYS_ATTR_PATH, strerror(errno));
+		return -1;
+	}
+
+	/* Iterate through all subdirs */
+	while ((dir = readdir(d)) != NULL) {
+		if (!strncmp(dir->d_name, ".", 1) ||
+				!strncmp(dir->d_name, "..", 2))
+			continue;
+
+		if (file_name_match_extract
+			(dir->d_name, "uio", &uio_minor_number)) {
+		/*
+		 * Open file uioX/name and read first line which contains
+		 * the name for the device. Based on the name check if this
+		 * UIO device is UIO device for job ring with id jr_id.
+		 */
+			memset(uio_name, 0, sizeof(uio_name));
+			ret = file_read_first_line(SEC_UIO_DEVICE_SYS_ATTR_PATH,
+					dir->d_name, "name", uio_name);
+			CAAM_JR_INFO("sec device uio name: %s", uio_name);
+			SEC_ASSERT(ret == 0, -1, "file_read_first_line failed");
+
+			if (file_name_match_extract(uio_name,
+						SEC_UIO_DEVICE_NAME,
+						&jr_id)) {
+				g_uio_job_ring[config_jr_no].jr_id = jr_id;
+				g_uio_job_ring[config_jr_no].uio_minor_number =
+							uio_minor_number;
+				CAAM_JR_INFO("Detected logical JRID:%d", jr_id);
+				config_jr_no++;
+
+				/* todo  find the actual ring id
+				 * OF_FULLNAME=/soc/crypto@1700000/jr@20000
+				 */
+			}
+		}
+	}
+	closedir(d);
+
+	if (config_jr_no == 0) {
+		CAAM_JR_ERR("! No SEC Job Rings assigned for userspace usage!");
+		return 0;
+	}
+	CAAM_JR_INFO("Total JR detected =%d", config_jr_no);
+	return config_jr_no;
+}
+
+int
+sec_cleanup(void)
+{
+	int i;
+	struct uio_job_ring *job_ring;
+
+	for (i = 0; i < g_uio_jr_num; i++) {
+		job_ring = &g_uio_job_ring[i];
+		/* munmap SEC's register memory */
+		if (job_ring->register_base_addr) {
+			munmap(job_ring->register_base_addr,
+				job_ring->map_size);
+			job_ring->register_base_addr = NULL;
+		}
+		/* I need to close the fd after shutdown UIO commands need to be
+		 * sent using the fd
+		 */
+		if (job_ring->uio_fd != 0) {
+			CAAM_JR_INFO(
+			"Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+			close(job_ring->uio_fd);
+		}
+	}
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index c282eb4dc..7b024e886 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,7 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 05/15] crypto/caam_jr: add basic job ring routines
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (3 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
                         ` (11 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following job ring routines
 - init_job_ring (configure hw/sw resources)
 - shutdown_job_ring (releases hw/sw resources)
 - close_job_ring (flush job ring)

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 329 ++++++++++++++++++++++++++++++-
 1 file changed, 327 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 6d25967a1..1a04a3ce6 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -16,12 +16,142 @@
 #include <rte_malloc.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
 #include <caam_jr_log.h>
 
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <of.h>
+
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
 
+enum rta_sec_era rta_sec_era;
+
+/* Lists the states possible for the SEC user space driver. */
+enum sec_driver_state_e {
+	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
+	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
+	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
+};
+
+/* Job rings used for communication with SEC HW */
+static struct sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
+
+/* The current state of SEC user space driver */
+static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+/* The number of job rings used by SEC user space driver */
+static int g_job_rings_no;
+static int g_job_rings_max;
+
+/* @brief Poll the HW for already processed jobs in the JR
+ * and silently discard the available jobs or notify them to UA
+ * with indicated error code.
+ *
+ * @param [in,out]  job_ring        The job ring to poll.
+ * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
+ *				    descriptors are to be discarded
+ *                                  or notified to UA with given error_code.
+ * @param [out] notified_descs    Number of notified descriptors. Can be NULL
+ *					if do_notify is #FALSE
+ */
+static void
+hw_flush_job_ring(struct sec_job_ring_t *job_ring,
+		  uint32_t do_notify,
+		  uint32_t *notified_descs)
+{
+	int32_t jobs_no_to_discard = 0;
+	int32_t discarded_descs_no = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
+		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
+
+	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
+
+	/* Discard all jobs */
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
+		  job_ring, job_ring->pidx, job_ring->cidx,
+		  jobs_no_to_discard);
+
+	while (jobs_no_to_discard > discarded_descs_no) {
+		discarded_descs_no++;
+		/* Now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 * Increment the consumer index for the current job ring
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+					 SEC_JOB_RING_SIZE);
+
+		hw_remove_entries(job_ring, 1);
+	}
+
+	if (do_notify == true) {
+		ASSERT(notified_descs != NULL);
+		*notified_descs = discarded_descs_no;
+	}
+}
+
+
+/* @brief Flush job rings of any processed descs.
+ * The processed descs are silently dropped,
+ * WITHOUT being notified to UA.
+ */
+static void
+close_job_ring(struct sec_job_ring_t *job_ring)
+{
+	PMD_INIT_FUNC_TRACE();
+	if (job_ring->irq_fd) {
+		/* Producer index is frozen. If consumer index is not equal
+		 * with producer index, then we have descs to flush.
+		 */
+		while (job_ring->pidx != job_ring->cidx)
+			hw_flush_job_ring(job_ring, false, NULL);
+
+		/* free the uio job ring */
+		free_job_ring(job_ring->irq_fd);
+		job_ring->irq_fd = 0;
+		caam_jr_dma_free(job_ring->input_ring);
+		caam_jr_dma_free(job_ring->output_ring);
+		g_job_rings_no--;
+	}
+}
+
+/** @brief Release the software and hardware resources tied to a job ring.
+ * @param [in] job_ring The job ring
+ *
+ * @retval  0 for success
+ * @retval  -1 for error
+ */
+static int
+shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	ASSERT(job_ring != NULL);
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret,
+		"Failed to shutdown hardware job ring %p",
+		job_ring);
+
+	if (job_ring->coalescing_en)
+		hw_job_ring_disable_coalescing(job_ring);
+
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
+		ret = caam_jr_disable_irqs(job_ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+		"Failed to disable irqs for job ring %p",
+		job_ring);
+	}
+
+	return ret;
+}
+
 /*
  * @brief Release the resources used by the SEC user space driver.
  *
@@ -39,28 +169,195 @@ int caam_jr_logtype;
 static int
 caam_jr_dev_uninit(struct rte_cryptodev *dev)
 {
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
 	if (dev == NULL)
 		return -ENODEV;
 
+	internals = dev->data->dev_private;
+	rte_free(dev->security_ctx);
+
+	/* If any descriptors in flight , poll and wait
+	 * until all descriptors are received and silently discarded.
+	 */
+	if (internals) {
+		shutdown_job_ring(internals);
+		close_job_ring(internals);
+		rte_mempool_free(internals->ctx_pool);
+	}
+
 	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
 
-	return 0;
+	/* last caam jr instance) */
+	if (g_job_rings_no == 0)
+		g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+	return SEC_SUCCESS;
+}
+
+/* @brief Initialize the software and hardware resources tied to a job ring.
+ * @param [in] jr_mode;		Model to be used by SEC Driver to receive
+ *				notifications from SEC.  Can be either
+ *				of the three: #SEC_NOTIFICATION_TYPE_NAPI
+ *				#SEC_NOTIFICATION_TYPE_IRQ or
+ *				#SEC_NOTIFICATION_TYPE_POLL
+ * @param [in] NAPI_mode	The NAPI work mode to configure a job ring at
+ *				startup. Used only when #SEC_NOTIFICATION_TYPE
+ *				is set to #SEC_NOTIFICATION_TYPE_NAPI.
+ * @param [in] irq_coalescing_timer This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in] irq_coalescing_count This value determines how many
+ *					descriptors are completed before
+ *					raising an interrupt.
+ * @param [in] reg_base_addr,	The job ring base address register
+ * @param [in] irq_id		The job ring interrupt identification number.
+ * @retval  job_ring_handle for successful job ring configuration
+ * @retval  NULL on error
+ *
+ */
+static void *
+init_job_ring(void *reg_base_addr, uint32_t irq_id)
+{
+	struct sec_job_ring_t *job_ring = NULL;
+	int i, ret = 0;
+	int jr_mode = SEC_NOTIFICATION_TYPE_POLL;
+	int napi_mode = 0;
+	int irq_coalescing_timer = 0;
+	int irq_coalescing_count = 0;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_job_rings[i].irq_fd == 0) {
+			job_ring = &g_job_rings[i];
+			g_job_rings_no++;
+			break;
+		}
+	}
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	job_ring->register_base_addr = reg_base_addr;
+	job_ring->jr_mode = jr_mode;
+	job_ring->napi_mode = 0;
+	job_ring->irq_fd = irq_id;
+
+	/* Allocate mem for input and output ring */
+
+	/* Allocate memory for input ring */
+	job_ring->input_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_INPUT_RING_SIZE);
+	memset(job_ring->input_ring, 0, SEC_DMA_MEM_INPUT_RING_SIZE);
+
+	/* Allocate memory for output ring */
+	job_ring->output_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_OUTPUT_RING_SIZE);
+	memset(job_ring->output_ring, 0, SEC_DMA_MEM_OUTPUT_RING_SIZE);
+
+	/* Reset job ring in SEC hw and configure job ring registers */
+	ret = hw_reset_job_ring(job_ring);
+	if (ret != 0) {
+		CAAM_JR_ERR("Failed to reset hardware job ring");
+		goto cleanup;
+	}
+
+	if (jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+	/* When SEC US driver works in NAPI mode, the UA can select
+	 * if the driver starts with IRQs on or off.
+	 */
+		if (napi_mode == SEC_STARTUP_INTERRUPT_MODE) {
+			CAAM_JR_INFO("Enabling DONE IRQ generationon job ring - %p",
+				job_ring);
+			ret = caam_jr_enable_irqs(job_ring->irq_fd);
+			if (ret != 0) {
+				CAAM_JR_ERR("Failed to enable irqs for job ring");
+				goto cleanup;
+			}
+		}
+	} else if (jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+	/* When SEC US driver works in pure interrupt mode,
+	 * IRQ's are always enabled.
+	 */
+		CAAM_JR_INFO("Enabling DONE IRQ generation on job ring - %p",
+			 job_ring);
+		ret = caam_jr_enable_irqs(job_ring->irq_fd);
+		if (ret != 0) {
+			CAAM_JR_ERR("Failed to enable irqs for job ring");
+			goto cleanup;
+		}
+	}
+	if (irq_coalescing_timer || irq_coalescing_count) {
+		hw_job_ring_set_coalescing_param(job_ring,
+			 irq_coalescing_timer,
+			 irq_coalescing_count);
+
+		hw_job_ring_enable_coalescing(job_ring);
+		job_ring->coalescing_en = 1;
+	}
+
+	job_ring->jr_state = SEC_JOB_RING_STATE_STARTED;
+	job_ring->max_nb_queue_pairs = RTE_CAAM_MAX_NB_SEC_QPS;
+	job_ring->max_nb_sessions = RTE_CAAM_JR_PMD_MAX_NB_SESSIONS;
+
+	return job_ring;
+cleanup:
+	caam_jr_dma_free(job_ring->output_ring);
+	caam_jr_dma_free(job_ring->input_ring);
+	return NULL;
 }
 
+
 static int
 caam_jr_dev_init(const char *name,
 		 struct rte_vdev_device *vdev,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct uio_job_ring *job_ring;
+	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
 	PMD_INIT_FUNC_TRACE();
 
+	/* Validate driver state */
+	if (g_driver_state == SEC_DRIVER_STATE_IDLE) {
+		g_job_rings_max = sec_configure();
+		if (!g_job_rings_max) {
+			CAAM_JR_ERR("No job ring detected on UIO !!!!");
+			return -1;
+		}
+		/* Update driver state */
+		g_driver_state = SEC_DRIVER_STATE_STARTED;
+	}
+
+	if (g_job_rings_no >= g_job_rings_max) {
+		CAAM_JR_ERR("No more job rings available max=%d!!!!",
+				g_job_rings_max);
+		return -1;
+	}
+
+	job_ring = config_job_ring();
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("failed to create job ring");
+		goto init_error;
+	}
+
+	snprintf(str, sizeof(str), "caam_jr%d", job_ring->jr_id);
+
 	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 	if (dev == NULL) {
 		CAAM_JR_ERR("failed to create cryptodev vdev");
 		goto cleanup;
 	}
+	/*TODO free it during teardown*/
+	dev->data->dev_private = init_job_ring(job_ring->register_base_addr,
+						job_ring->uio_fd);
+
+	if (!dev->data->dev_private) {
+		CAAM_JR_ERR("Ring memory allocation failed\n");
+		goto cleanup2;
+	}
 
 	dev->driver_id = cryptodev_driver_id;
 	dev->dev_ops = NULL;
@@ -78,7 +375,12 @@ caam_jr_dev_init(const char *name,
 
 	return 0;
 
+cleanup2:
+	caam_jr_dev_uninit(dev);
+	rte_cryptodev_pmd_release_device(dev);
 cleanup:
+	free_job_ring(job_ring->uio_fd);
+init_error:
 	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
 			init_params->name);
 
@@ -91,7 +393,7 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 {
 	struct rte_cryptodev_pmd_init_params init_params = {
 		"",
-		128,
+		sizeof(struct sec_job_ring_t),
 		rte_socket_id(),
 		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
 	};
@@ -105,6 +407,29 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 	input_args = rte_vdev_device_args(vdev);
 	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
 
+	/* if sec device version is not configured */
+	if (!rta_get_sec_era()) {
+		const struct device_node *caam_node;
+
+		for_each_compatible_node(caam_node, NULL, "fsl,sec-v4.0") {
+			const uint32_t *prop = of_get_property(caam_node,
+					"fsl,sec-era",
+					NULL);
+			if (prop) {
+				rta_set_sec_era(
+					INTL_SEC_ERA(cpu_to_caam32(*prop)));
+				break;
+			}
+		}
+	}
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+	if (rta_get_sec_era() > RTA_SEC_ERA_8) {
+		RTE_LOG(ERR, PMD,
+		"CAAM is compiled in BE mode for device with sec era > 8???\n");
+		return -EINVAL;
+	}
+#endif
+
 	return caam_jr_dev_init(name, vdev, &init_params);
 }
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 06/15] crypto/caam_jr: add device basic ops
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (4 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
                         ` (10 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following device operations
 - dev_configure
 - dev_start
 - dev_stop
 - dev_close
 - dev_infos_get

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 98 +++++++++++++++++++++++++++++++-
 1 file changed, 97 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 1a04a3ce6..b03b9625b 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -97,6 +97,89 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 }
 
 
+static int
+caam_jr_dev_configure(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_config *config __rte_unused)
+{
+	char str[20];
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	internals = dev->data->dev_private;
+	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	if (!internals->ctx_pool) {
+		internals->ctx_pool = rte_mempool_create((const char *)str,
+						CTX_POOL_NUM_BUFS,
+						sizeof(struct caam_jr_op_ctx),
+						CTX_POOL_CACHE_SIZE, 0,
+						NULL, NULL, NULL, NULL,
+						SOCKET_ID_ANY, 0);
+		if (!internals->ctx_pool) {
+			CAAM_JR_ERR("%s create failed\n", str);
+			return -ENOMEM;
+		}
+	} else
+		CAAM_JR_INFO("mempool already created for dev_id : %d",
+				dev->data->dev_id);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+	return 0;
+}
+
+static void
+caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+}
+
+static int
+caam_jr_dev_close(struct rte_cryptodev *dev)
+{
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (dev == NULL)
+		return -ENOMEM;
+
+	internals = dev->data->dev_private;
+	rte_mempool_free(internals->ctx_pool);
+	internals->ctx_pool = NULL;
+
+	return 0;
+}
+
+static void
+caam_jr_dev_infos_get(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_info *info)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+
+	PMD_INIT_FUNC_TRACE();
+	if (info != NULL) {
+		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
+		info->feature_flags = dev->feature_flags;
+		info->sym.max_nb_sessions = internals->max_nb_sessions;
+		info->driver_id = cryptodev_driver_id;
+	}
+}
+
+static struct rte_cryptodev_ops caam_jr_ops = {
+	.dev_configure	      = caam_jr_dev_configure,
+	.dev_start	      = caam_jr_dev_start,
+	.dev_stop	      = caam_jr_dev_stop,
+	.dev_close	      = caam_jr_dev_close,
+	.dev_infos_get        = caam_jr_dev_infos_get,
+};
+
+
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
  * WITHOUT being notified to UA.
@@ -360,7 +443,20 @@ caam_jr_dev_init(const char *name,
 	}
 
 	dev->driver_id = cryptodev_driver_id;
-	dev->dev_ops = NULL;
+	dev->dev_ops = &caam_jr_ops;
+
+	/* register rx/tx burst functions for data path */
+	dev->dequeue_burst = NULL;
+	dev->enqueue_burst = NULL;
+	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
+			RTE_CRYPTODEV_FF_SECURITY |
+			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
 	/* For secondary processes, we don't initialise any further as primary
 	 * has already done this work. Only check we don't need a different
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 07/15] crypto/caam_jr: add queue pair config ops
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (5 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
                         ` (9 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add following ops for configuring queues
 - queue_pair_setup
 - queue_pair_release
 - queue_pair_count

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 64 ++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index b03b9625b..931070bef 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -96,6 +96,67 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* Release queue pair */
+static int
+caam_jr_queue_pair_release(struct rte_cryptodev *dev,
+			   uint16_t qp_id)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = NULL;
+	dev->data->queue_pairs[qp_id] = NULL;
+
+	return 0;
+}
+
+/* Setup a queue pair */
+static int
+caam_jr_queue_pair_setup(
+		struct rte_cryptodev *dev, uint16_t qp_id,
+		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		__rte_unused int socket_id,
+		__rte_unused struct rte_mempool *session_pool)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id, qp_conf);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = internals;
+	dev->data->queue_pairs[qp_id] = qp;
+
+	return 0;
+}
+
+/* Return the number of allocated queue pairs */
+static uint32_t
+caam_jr_queue_pair_count(struct rte_cryptodev *dev)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return dev->data->nb_queue_pairs;
+}
 
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
@@ -177,6 +238,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.queue_pair_setup     = caam_jr_queue_pair_setup,
+	.queue_pair_release   = caam_jr_queue_pair_release,
+	.queue_pair_count     = caam_jr_queue_pair_count,
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 08/15] crypto/caam_jr: add session configuration methods
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (6 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
                         ` (8 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support to create session configuration
of various types i.e. cipher, auth and aead etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 214 +++++++++++++++++++++++++++++++
 1 file changed, 214 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 931070bef..aec033649 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -23,8 +23,11 @@
 
 /* RTA header files */
 #include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
 #include <of.h>
 
+#define CAAM_JR_DBG	0
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
@@ -158,6 +161,214 @@ caam_jr_queue_pair_count(struct rte_cryptodev *dev)
 	return dev->data->nb_queue_pairs;
 }
 
+/* Returns the size of the aesni gcm session structure */
+static unsigned int
+caam_jr_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return sizeof(struct caam_jr_session);
+}
+
+static int
+caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused,
+		    struct rte_crypto_sym_xform *xform,
+		    struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->cipher_alg = xform->cipher.algo;
+	session->iv.length = xform->cipher.iv.length;
+	session->iv.offset = xform->cipher.iv.offset;
+	session->cipher_key.data = rte_zmalloc(NULL, xform->cipher.key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL && xform->cipher.key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+	session->cipher_key.length = xform->cipher.key.length;
+
+	memcpy(session->cipher_key.data, xform->cipher.key.data,
+	       xform->cipher.key.length);
+	session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_auth_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->auth_alg = xform->auth.algo;
+	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL && xform->auth.key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		return -ENOMEM;
+	}
+	session->auth_key.length = xform->auth.key.length;
+	session->digest_length = xform->auth.digest_length;
+
+	memcpy(session->auth_key.data, xform->auth.key.data,
+	       xform->auth.key.length);
+	session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_aead_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->aead_alg = xform->aead.algo;
+	session->iv.length = xform->aead.iv.length;
+	session->iv.offset = xform->aead.iv.offset;
+	session->auth_only_len = xform->aead.aad_length;
+	session->aead_key.data = rte_zmalloc(NULL, xform->aead.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->aead_key.data == NULL && xform->aead.key.length > 0) {
+		CAAM_JR_ERR("No Memory for aead key\n");
+		return -ENOMEM;
+	}
+	session->aead_key.length = xform->aead.key.length;
+	session->digest_length = xform->aead.digest_length;
+
+	memcpy(session->aead_key.data, xform->aead.key.data,
+	       xform->aead.key.length);
+	session->dir = (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_set_session_parameters(struct rte_cryptodev *dev,
+			       struct rte_crypto_sym_xform *xform, void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct caam_jr_session *session = sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (unlikely(sess == NULL)) {
+		CAAM_JR_ERR("invalid session struct");
+		return -EINVAL;
+	}
+
+	/* Default IV length = 0 */
+	session->iv.length = 0;
+
+	/* Cipher Only */
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		caam_jr_cipher_init(dev, xform, session);
+
+	/* Authentication Only */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next == NULL) {
+		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
+		caam_jr_auth_init(dev, xform, session);
+
+	/* Cipher then Authenticate */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+			caam_jr_cipher_init(dev, xform, session);
+			caam_jr_auth_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* Authenticate then Cipher */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+			caam_jr_auth_init(dev, xform, session);
+			caam_jr_cipher_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* AEAD operation for AES-GCM kind of Algorithms */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
+		   xform->next == NULL) {
+		caam_jr_aead_init(dev, xform, session);
+
+	} else {
+		CAAM_JR_ERR("Invalid crypto type");
+		return -EINVAL;
+	}
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+
+err1:
+	rte_free(session->cipher_key.data);
+	rte_free(session->auth_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+
+	return -EINVAL;
+}
+
+static int
+caam_jr_sym_session_configure(struct rte_cryptodev *dev,
+			      struct rte_crypto_sym_xform *xform,
+			      struct rte_cryptodev_sym_session *sess,
+			      struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
+	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
+
+	return 0;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static void
+caam_jr_sym_session_clear(struct rte_cryptodev *dev,
+		struct rte_cryptodev_sym_session *sess)
+{
+	uint8_t index = dev->driver_id;
+	void *sess_priv = get_sym_session_private_data(sess, index);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(s, 0, sizeof(struct caam_jr_session));
+		set_sym_session_private_data(sess, index, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+}
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -241,6 +452,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
+	.sym_session_get_size = caam_jr_sym_session_get_size,
+	.sym_session_configure = caam_jr_sym_session_configure,
+	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 09/15] crypto/caam_jr: add device cababilities
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (7 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
                         ` (7 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

add device capabilities for supported algorithms,
key length etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile               |   1 +
 drivers/crypto/caam_jr/caam_jr.c              |   2 +
 drivers/crypto/caam_jr/caam_jr_capabilities.c | 232 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |  13 +
 drivers/crypto/caam_jr/meson.build            |   5 +-
 5 files changed, 252 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index cfd093a5f..88cdf7410 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -31,6 +31,7 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_capabilities.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index aec033649..96b18be12 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -16,6 +16,7 @@
 #include <rte_malloc.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_capabilities.h>
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr_pvt.h>
@@ -438,6 +439,7 @@ caam_jr_dev_infos_get(struct rte_cryptodev *dev,
 	if (info != NULL) {
 		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
 		info->feature_flags = dev->feature_flags;
+		info->capabilities = caam_jr_get_cryptodev_capabilities();
 		info->sym.max_nb_sessions = internals->max_nb_sessions;
 		info->driver_id = cryptodev_driver_id;
 	}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
new file mode 100644
index 000000000..92aa429cc
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -0,0 +1,232 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <caam_jr_capabilities.h>
+
+static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
+	{	/* MD5 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 20,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA224 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 28,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 32,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 48,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* AES GCM */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_AES_GCM,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 8,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = {
+					.min = 0,
+					.max = 240,
+					.increment = 1
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+	{	/* AES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* 3DES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
+				.block_size = 8,
+				.key_size = {
+					.min = 16,
+					.max = 24,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 8,
+					.max = 8,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
+	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void)
+{
+	return caam_jr_capabilities;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.h b/drivers/crypto/caam_jr/caam_jr_capabilities.h
new file mode 100644
index 000000000..7a94013e5
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CAPABILITIES_H
+#define CAAM_JR_CAPABILITIES_H
+
+#include <rte_cryptodev.h>
+
+/* Get cryptodev capabilities */
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void);
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 7b024e886..99b71aef1 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,10 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
+sources = files('caam_jr_capabilities.c',
+		'caam_jr_hw.c',
+		'caam_jr_uio.c',
+		'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 10/15] crypto/caam_jr: add enqueue dequeue operations
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (8 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
                         ` (6 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support for :
1. creating run time sec hw decriptors for a given request.
2. enqueue operation to the caam jr ring
3. dequeue operation from the caam jr ring in poll mode
4. creating a crypto protocol descriptor for session - first time.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c      | 875 +++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_desc.h | 285 +++++++++
 2 files changed, 1158 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 96b18be12..594ae8ded 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -20,6 +20,7 @@
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr_pvt.h>
+#include <caam_jr_desc.h>
 #include <caam_jr_log.h>
 
 /* RTA header files */
@@ -52,6 +53,343 @@ static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
 static int g_job_rings_no;
 static int g_job_rings_max;
 
+struct sec_outring_entry {
+	phys_addr_t desc;	/* Pointer to completed descriptor */
+	uint32_t status;	/* Status for completed descriptor */
+} __rte_packed;
+
+/* virtual address conversin when mempool support is available for ctx */
+static inline phys_addr_t
+caam_jr_vtop_ctx(struct caam_jr_op_ctx *ctx, void *vaddr)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (size_t)vaddr - ctx->vtop_offset;
+}
+
+static inline void
+caam_jr_op_ending(struct caam_jr_op_ctx *ctx)
+{
+	PMD_INIT_FUNC_TRACE();
+	/* report op status to sym->op and then free the ctx memeory  */
+	rte_mempool_put(ctx->ctx_pool, (void *)ctx);
+}
+
+static inline struct caam_jr_op_ctx *
+caam_jr_alloc_ctx(struct caam_jr_session *ses)
+{
+	struct caam_jr_op_ctx *ctx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	ret = rte_mempool_get(ses->ctx_pool, (void **)(&ctx));
+	if (!ctx || ret) {
+		CAAM_JR_DP_WARN("Alloc sec descriptor failed!");
+		return NULL;
+	}
+	/*
+	 * Clear SG memory. There are 16 SG entries of 16 Bytes each.
+	 * one call to dcbz_64() clear 64 bytes, hence calling it 4 times
+	 * to clear all the SG entries. caam_jr_alloc_ctx() is called for
+	 * each packet, memset is costlier than dcbz_64().
+	 */
+	dcbz_64(&ctx->sg[SG_CACHELINE_0]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_1]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_2]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_3]);
+
+	ctx->ctx_pool = ses->ctx_pool;
+	ctx->vtop_offset = (size_t) ctx - rte_mempool_virt2iova(ctx);
+
+	return ctx;
+}
+
+static inline int
+is_cipher_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg == RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_auth_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_aead(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == 0) &&
+		(ses->auth_alg == 0) &&
+		(ses->aead_alg != 0));
+}
+
+static inline int
+is_auth_cipher(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_encode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_ENC;
+}
+
+static inline int
+is_decode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_DEC;
+}
+
+static inline void
+caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->auth_alg) {
+	case RTE_CRYPTO_AUTH_NULL:
+		ses->digest_length = 0;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported auth alg %u", ses->auth_alg);
+	}
+}
+
+static inline void
+caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->cipher_alg) {
+	case RTE_CRYPTO_CIPHER_NULL:
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CTR;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported cipher alg %d", ses->cipher_alg);
+	}
+}
+
+static inline void
+caam_aead_alg(struct caam_jr_session *ses, struct alginfo *alginfo)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->aead_alg) {
+	case RTE_CRYPTO_AEAD_AES_GCM:
+		alginfo->algtype = OP_ALG_ALGSEL_AES;
+		alginfo->algmode = OP_ALG_AAI_GCM;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported AEAD alg %d", ses->aead_alg);
+	}
+}
+
+/* prepare command block of the session */
+static int
+caam_jr_prep_cdb(struct caam_jr_session *ses)
+{
+	struct alginfo alginfo_c = {0}, alginfo_a = {0}, alginfo = {0};
+	int32_t shared_desc_len = 0;
+	struct sec_cdb *cdb;
+	int err;
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+	int swap = false;
+#else
+	int swap = true;
+#endif
+
+	PMD_INIT_FUNC_TRACE();
+	if (ses->cdb)
+		caam_jr_dma_free(ses->cdb);
+
+	cdb = caam_jr_dma_mem_alloc(L1_CACHE_BYTES, sizeof(struct sec_cdb));
+	if (!cdb) {
+		CAAM_JR_ERR("failed to allocate memory for cdb\n");
+		return -1;
+	}
+
+	ses->cdb = cdb;
+
+	memset(cdb, 0, sizeof(struct sec_cdb));
+
+	if (is_cipher_only(ses)) {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_blkcipher(
+						cdb->sh_desc, true,
+						swap, &alginfo_c,
+						NULL,
+						ses->iv.length,
+						ses->dir);
+	} else if (is_auth_only(ses)) {
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_hmac(cdb->sh_desc, true,
+						   swap, &alginfo_a,
+						   !ses->dir,
+						   ses->digest_length);
+	} else if (is_aead(ses)) {
+		caam_aead_alg(ses, &alginfo);
+		if (alginfo.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported aead alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+		alginfo.key = (size_t)ses->aead_key.data;
+		alginfo.keylen = ses->aead_key.length;
+		alginfo.key_enc_flags = 0;
+		alginfo.key_type = RTA_DATA_IMM;
+
+		if (ses->dir == DIR_ENC)
+			shared_desc_len = cnstr_shdsc_gcm_encap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+		else
+			shared_desc_len = cnstr_shdsc_gcm_decap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+	} else {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		cdb->sh_desc[0] = alginfo_c.keylen;
+		cdb->sh_desc[1] = alginfo_a.keylen;
+		err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
+				       MIN_JOB_DESC_SIZE,
+				       (unsigned int *)cdb->sh_desc,
+				       &cdb->sh_desc[2], 2);
+
+		if (err < 0) {
+			CAAM_JR_ERR("Crypto: Incorrect key lengths");
+			rte_free(cdb);
+			return err;
+		}
+		if (cdb->sh_desc[2] & 1)
+			alginfo_c.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_c.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_c.key);
+			alginfo_c.key_type = RTA_DATA_PTR;
+		}
+		if (cdb->sh_desc[2] & (1<<1))
+			alginfo_a.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_a.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_a.key);
+			alginfo_a.key_type = RTA_DATA_PTR;
+		}
+		cdb->sh_desc[0] = 0;
+		cdb->sh_desc[1] = 0;
+		cdb->sh_desc[2] = 0;
+			/* Auth_only_len is set as 0 here and it will be
+			 * overwritten in fd for each packet.
+			 */
+			shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc,
+					true, swap, &alginfo_c, &alginfo_a,
+					ses->iv.length, 0,
+					ses->digest_length, ses->dir);
+	}
+
+	if (shared_desc_len < 0) {
+		CAAM_JR_ERR("error in preparing command block");
+		return shared_desc_len;
+	}
+
+#if CAAM_JR_DBG
+	SEC_DUMP_DESC(cdb->sh_desc);
+#endif
+
+	cdb->sh_hdr.hi.field.idlen = shared_desc_len;
+
+	return 0;
+}
+
 /* @brief Poll the HW for already processed jobs in the JR
  * and silently discard the available jobs or notify them to UA
  * with indicated error code.
@@ -100,6 +438,539 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* @brief Poll the HW for already processed jobs in the JR
+ * and notify the available jobs to UA.
+ *
+ * @param [in]  job_ring	The job ring to poll.
+ * @param [in]  limit           The maximum number of jobs to notify.
+ *                              If set to negative value, all available jobs are
+ *				notified.
+ *
+ * @retval >=0 for No of jobs notified to UA.
+ * @retval -1 for error
+ */
+static int
+hw_poll_job_ring(struct sec_job_ring_t *job_ring,
+		 struct rte_crypto_op **ops, int32_t limit,
+		 struct caam_jr_qp *jr_qp)
+{
+	int32_t jobs_no_to_notify = 0; /* the number of done jobs to notify*/
+	int32_t number_of_jobs_available = 0;
+	int32_t notified_descs_no = 0;
+	uint32_t sec_error_code = 0;
+	struct job_descriptor *current_desc;
+	phys_addr_t current_desc_addr;
+	phys_addr_t *temp_addr;
+	struct caam_jr_op_ctx *ctx;
+
+	PMD_INIT_FUNC_TRACE();
+	/* TODO check for ops have memory*/
+	/* check here if any JR error that cannot be written
+	 * in the output status word has occurred
+	 */
+	if (JR_REG_JRINT_JRE_EXTRACT(GET_JR_REG(JRINT, job_ring))) {
+		CAAM_JR_INFO("err received");
+		sec_error_code = JR_REG_JRINT_ERR_TYPE_EXTRACT(
+					GET_JR_REG(JRINT, job_ring));
+		if (unlikely(sec_error_code)) {
+			hw_job_ring_error_print(job_ring, sec_error_code);
+			return -1;
+		}
+	}
+	/* compute the number of jobs available in the job ring based on the
+	 * producer and consumer index values.
+	 */
+	number_of_jobs_available = hw_get_no_finished_jobs(job_ring);
+	/* Compute the number of notifications that need to be raised to UA
+	 * If limit > total number of done jobs -> notify all done jobs
+	 * If limit = 0 -> error
+	 * If limit < total number of done jobs -> notify a number
+	 * of done jobs equal with limit
+	 */
+	jobs_no_to_notify = (limit > number_of_jobs_available) ?
+				number_of_jobs_available : limit;
+	CAAM_JR_DP_DEBUG(
+		"Jr[%p] pi[%d] ci[%d].limit =%d Available=%d.Jobs to notify=%d",
+		job_ring, job_ring->pidx, job_ring->cidx,
+		limit, number_of_jobs_available, jobs_no_to_notify);
+
+	rte_smp_rmb();
+
+	while (jobs_no_to_notify > notified_descs_no) {
+		static uint64_t false_alarm;
+		static uint64_t real_poll;
+
+		/* Get job status here */
+		sec_error_code = job_ring->output_ring[job_ring->cidx].status;
+		/* Get completed descriptor */
+		temp_addr = &(job_ring->output_ring[job_ring->cidx].desc);
+		current_desc_addr = (phys_addr_t)sec_read_addr(temp_addr);
+
+		real_poll++;
+		/* todo check if it is false alarm no desc present */
+		if (!current_desc_addr) {
+			false_alarm++;
+			printf("false alarm %" PRIu64 "real %" PRIu64
+				" sec_err =0x%x cidx Index =0%d\n",
+				false_alarm, real_poll,
+				sec_error_code, job_ring->cidx);
+			rte_panic("CAAM JR descriptor NULL");
+			return notified_descs_no;
+		}
+		current_desc = (struct job_descriptor *)
+				caam_jr_dma_ptov(current_desc_addr);
+		/* now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+				 SEC_JOB_RING_SIZE);
+		/* Signal that the job has been processed and the slot is free*/
+		hw_remove_entries(job_ring, 1);
+		/*TODO for multiple ops, packets*/
+		ctx = container_of(current_desc, struct caam_jr_op_ctx, jobdes);
+		if (unlikely(sec_error_code)) {
+			CAAM_JR_ERR("desc at cidx %d generated error 0x%x\n",
+				job_ring->cidx, sec_error_code);
+			hw_handle_job_ring_error(job_ring, sec_error_code);
+			//todo improve with exact errors
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			jr_qp->rx_errs++;
+		} else {
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if CAAM_JR_DBG
+			if (ctx->op->sym->m_dst) {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_dst));
+			} else {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_src));
+			}
+#endif
+		}
+		*ops = ctx->op;
+		caam_jr_op_ending(ctx);
+		ops++;
+		notified_descs_no++;
+	}
+	return notified_descs_no;
+}
+
+static uint16_t
+caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	struct sec_job_ring_t *ring = jr_qp->ring;
+	int num_rx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DP_DEBUG("Jr[%p]Polling. limit[%d]", ring, nb_ops);
+
+	/* Poll job ring
+	 * If nb_ops < 0 -> poll JR until no more notifications are available.
+	 * If nb_ops > 0 -> poll JR until limit is reached.
+	 */
+
+	/* Run hw poll job ring */
+	num_rx = hw_poll_job_ring(ring, ops, nb_ops, jr_qp);
+	if (num_rx < 0) {
+		CAAM_JR_ERR("Error polling SEC engine (%d)", num_rx);
+		return 0;
+	}
+
+	CAAM_JR_DP_DEBUG("Jr[%p].Jobs notified[%d]. ", ring, num_rx);
+
+	if (ring->jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+		if (num_rx < nb_ops) {
+			ret = caam_jr_enable_irqs(ring->irq_fd);
+			SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+		}
+	} else if (ring->jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+
+		/* Always enable IRQ generation when in pure IRQ mode */
+		ret = caam_jr_enable_irqs(ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+	}
+
+	jr_qp->rx_pkts += num_rx;
+
+	return num_rx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	start_addr = rte_pktmbuf_iova(sym->m_src);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	if (is_decode(ses)) {
+		sg = &ctx->sg[0];
+		SEC_JD_SET_IN_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+			(sym->auth.data.length + ses->digest_length));
+		/* enabling sg list */
+		(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+		sg->ptr = cpu_to_caam64(start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		/* let's check digest by hw */
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)start_addr,
+			sym->auth.data.offset, sym->auth.data.length);
+	}
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr,
+			sym->cipher.data.offset,
+			sym->cipher.data.length + ses->iv.length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+				sym->cipher.data.length + ses->iv.length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg = &ctx->sg[1];
+	sg->ptr = cpu_to_caam64(src_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* input */
+	sg = &ctx->sg[0];
+	if (is_encode(ses)) {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	}
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(&ctx->sg[0]), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	/* output */
+	sg = &ctx->sg[6];
+
+	sg->ptr = cpu_to_caam64(dst_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	length = sym->cipher.data.length;
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(&ctx->sg[6]), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+static int
+caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
+{
+	struct sec_job_ring_t *ring = qp->ring;
+	struct caam_jr_session *ses;
+	struct caam_jr_op_ctx *ctx = NULL;
+	struct sec_job_descriptor_t *jobdescr __rte_unused;
+
+	PMD_INIT_FUNC_TRACE();
+	switch (op->sess_type) {
+	case RTE_CRYPTO_OP_WITH_SESSION:
+		ses = (struct caam_jr_session *)
+		get_sym_session_private_data(op->sym->session,
+					cryptodev_driver_id);
+		break;
+	default:
+		CAAM_JR_DP_ERR("sessionless crypto op not supported");
+		qp->tx_errs++;
+		return -1;
+	}
+
+	if (unlikely(!ses->qp || ses->qp != qp)) {
+		CAAM_JR_DP_DEBUG("Old:sess->qp=%p New qp = %p\n", ses->qp, qp);
+		ses->qp = qp;
+		caam_jr_prep_cdb(ses);
+	}
+
+	if (rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth(op, ses);
+		else if (is_aead(ses))
+			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only(op, ses);
+	} else {
+		if (is_aead(ses))
+			goto err1;
+	}
+err1:
+	if (unlikely(!ctx)) {
+		qp->tx_errs++;
+		CAAM_JR_ERR("not supported sec op");
+		return -1;
+	}
+#if CAAM_JR_DBG
+	if (is_decode(ses))
+		rte_hexdump(stdout, "DECODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+	else
+		rte_hexdump(stdout, "ENCODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+
+	printf("\n JD before conversion\n");
+	for (int i = 0; i < 12; i++)
+		printf("\n 0x%08x", ctx->jobdes.desc[i]);
+#endif
+
+	CAAM_JR_DP_DEBUG("Jr[%p] pi[%d] ci[%d].Before sending desc",
+		      ring, ring->pidx, ring->cidx);
+
+	/* todo - do we want to retry */
+	if (SEC_JOB_RING_IS_FULL(ring->pidx, ring->cidx,
+			 SEC_JOB_RING_SIZE, SEC_JOB_RING_SIZE)) {
+		CAAM_JR_DP_DEBUG("Ring FULL Jr[%p] pi[%d] ci[%d].Size = %d",
+			      ring, ring->pidx, ring->cidx, SEC_JOB_RING_SIZE);
+		caam_jr_op_ending(ctx);
+		qp->tx_ring_full++;
+		return -EBUSY;
+	}
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	jobdescr->deschdr.command.word =
+		cpu_to_caam32(jobdescr->deschdr.command.word);
+	jobdescr->sd_ptr = cpu_to_caam64(jobdescr->sd_ptr);
+	jobdescr->seq_out.command.word =
+		cpu_to_caam32(jobdescr->seq_out.command.word);
+	jobdescr->seq_out_ptr = cpu_to_caam64(jobdescr->seq_out_ptr);
+	jobdescr->out_ext_length = cpu_to_caam32(jobdescr->out_ext_length);
+	jobdescr->seq_in.command.word =
+		cpu_to_caam32(jobdescr->seq_in.command.word);
+	jobdescr->seq_in_ptr = cpu_to_caam64(jobdescr->seq_in_ptr);
+	jobdescr->in_ext_length = cpu_to_caam32(jobdescr->in_ext_length);
+	jobdescr->load_dpovrd.command.word =
+		cpu_to_caam32(jobdescr->load_dpovrd.command.word);
+	jobdescr->dpovrd = cpu_to_caam32(jobdescr->dpovrd);
+#endif
+
+	/* Set ptr in input ring to current descriptor	*/
+	sec_write_addr(&ring->input_ring[ring->pidx],
+			(phys_addr_t)caam_jr_vtop_ctx(ctx, ctx->jobdes.desc));
+	rte_smp_wmb();
+
+	/* Notify HW that a new job is enqueued */
+	hw_enqueue_desc_on_job_ring(ring);
+
+	/* increment the producer index for the current job ring */
+	ring->pidx = SEC_CIRCULAR_COUNTER(ring->pidx, SEC_JOB_RING_SIZE);
+
+	return 0;
+}
+
+static uint16_t
+caam_jr_enqueue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	/* Function to transmit the frames to given device and queuepair */
+	uint32_t loop;
+	int32_t ret;
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	uint16_t num_tx = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	/*Prepare each packet which is to be sent*/
+	for (loop = 0; loop < nb_ops; loop++) {
+		ret = caam_jr_enqueue_op(ops[loop], jr_qp);
+		if (!ret)
+			num_tx++;
+	}
+
+	jr_qp->tx_pkts += num_tx;
+
+	return num_tx;
+}
+
 /* Release queue pair */
 static int
 caam_jr_queue_pair_release(struct rte_cryptodev *dev,
@@ -726,8 +1597,8 @@ caam_jr_dev_init(const char *name,
 	dev->dev_ops = &caam_jr_ops;
 
 	/* register rx/tx burst functions for data path */
-	dev->dequeue_burst = NULL;
-	dev->enqueue_burst = NULL;
+	dev->dequeue_burst = caam_jr_dequeue_burst;
+	dev->enqueue_burst = caam_jr_enqueue_burst;
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
diff --git a/drivers/crypto/caam_jr/caam_jr_desc.h b/drivers/crypto/caam_jr/caam_jr_desc.h
new file mode 100644
index 000000000..6683ea835
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_desc.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_DESC_H
+#define CAAM_JR_DESC_H
+
+#define CMD_HDR_CTYPE_SD		0x16
+#define CMD_HDR_CTYPE_JD		0x17
+
+/* The maximum size of a SEC descriptor, in WORDs (32 bits). */
+#define MAX_DESC_SIZE_WORDS                     64
+
+/*
+ * Macros manipulating descriptors
+ */
+/* Macro for setting the SD pointer in a JD. Common for all protocols
+ * supported by the SEC driver.
+ */
+#define SEC_JD_SET_SD(descriptor, ptr, len)	   {	  \
+	(descriptor)->sd_ptr = (ptr);			       \
+	(descriptor)->deschdr.command.jd.shr_desc_len = (len);      \
+}
+
+/* Macro for setting a pointer to the job which this descriptor processes.
+ * It eases the lookup procedure for identifying the descriptor that has
+ * completed.
+ */
+#define SEC_JD_SET_JOB_PTR(descriptor, ptr) \
+	((descriptor)->job_ptr = (ptr))
+
+/* Macro for setting up a JD. The structure of the JD is common across all
+ * supported protocols, thus its structure is identical.
+ */
+#define SEC_JD_INIT(descriptor)	      ({ \
+	/* CTYPE = job descriptor			       \
+	 * RSMS, DNR = 0
+	 * ONE = 1
+	 * Start Index = 0
+	 * ZRO,TD, MTD = 0
+	 * SHR = 1 (there's a shared descriptor referenced
+	 *	  by this job descriptor,pointer in next word)
+	 * REO = 1 (execute job descr. first, shared descriptor
+	 *	  after)
+	 * SHARE = DEFER
+	 * Descriptor Length = 0 ( to be completed @ runtime ) */ \
+	(descriptor)->deschdr.command.word = 0xB0801C0D;	\
+	/*
+	 * CTYPE = SEQ OUT command * Scater Gather Flag = 0
+	 * (can be updated @ runtime) PRE = 0 * EXT = 1
+	 * (data length is in next word, following the * command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_out.command.word = 0xF8400000; /**/	\
+	/*
+	 * CTYPE = SEQ IN command
+	 * Scater Gather Flag = 0 (can be updated @ runtime)
+	 * PRE = 0
+	 * EXT = 1 ( data length is in next word, following the
+	 *	   command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_in.command.word  = 0xF0400000; /**/	\
+	/*
+	 * In order to be compatible with QI scenarios, the DPOVRD value
+	 * loaded must be formated like this:
+	 * DPOVRD_EN (1b) | Res| DPOVRD Value (right aligned). */ \
+	(descriptor)->load_dpovrd.command.word = 0x16870004;	\
+	/* By default, DPOVRD mechanism is disabled, thus the value to be
+	 * LOAD-ed through the above descriptor command will be
+	 * 0x0000_0000. */					\
+	(descriptor)->dpovrd = 0x00000000;			\
+})
+
+/* Macro for setting the pointer to the input buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_IN_PTR(descriptor, phys_addr, offset, length) {     \
+	(descriptor)->seq_in_ptr = (phys_addr) + (offset);	      \
+	(descriptor)->in_ext_length = (length);			 \
+}
+
+/* Macro for setting the pointer to the output buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_OUT_PTR(descriptor, phys_addr, offset, length) {    \
+	(descriptor)->seq_out_ptr = (phys_addr) + (offset);	     \
+	(descriptor)->out_ext_length = (length);			\
+}
+
+/* Macro for setting the Scatter-Gather flag in the SEQ IN command. Used in
+ * case the input buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_IN(descriptor) \
+	((descriptor)->seq_in.command.field.sgf =  1)
+
+/* Macro for setting the Scatter-Gather flag in the SEQ OUT command. Used in
+ * case the output buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_OUT(descriptor) \
+	((descriptor)->seq_out.command.field.sgf = 1)
+
+#define SEC_JD_SET_DPOVRD(descriptor) \
+
+/* Macro for retrieving a descriptor's length. Works for both SD and JD. */
+#define SEC_GET_DESC_LEN(descriptor)					\
+	(((struct descriptor_header_s *)(descriptor))->command.sd.ctype == \
+	CMD_HDR_CTYPE_SD ? ((struct descriptor_header_s *) \
+	(descriptor))->command.sd.desclen :	\
+	((struct descriptor_header_s *)(descriptor))->command.jd.desclen)
+
+/* Helper macro for dumping the hex representation of a descriptor */
+#define SEC_DUMP_DESC(descriptor) {					\
+	int __i;							\
+	CAAM_JR_INFO("Des@ 0x%08x\n", (uint32_t)((uint32_t *)(descriptor)));\
+	for (__i = 0;						\
+		__i < SEC_GET_DESC_LEN(descriptor);			\
+		__i++) {						\
+		printf("0x%08x: 0x%08x\n",			\
+			(uint32_t)(((uint32_t *)(descriptor)) + __i),	\
+			*(((uint32_t *)(descriptor)) + __i));		\
+	}								\
+}
+/* Union describing a descriptor header.
+ */
+struct descriptor_header_s {
+	union {
+		uint32_t word;
+		struct {
+			/* 4  */ unsigned int ctype:5;
+			/* 5  */ unsigned int res1:2;
+			/* 7  */ unsigned int dnr:1;
+			/* 8  */ unsigned int one:1;
+			/* 9  */ unsigned int res2:1;
+			/* 10 */ unsigned int start_idx:6;
+			/* 16 */ unsigned int res3:2;
+			/* 18 */ unsigned int cif:1;
+			/* 19 */ unsigned int sc:1;
+			/* 20 */ unsigned int pd:1;
+			/* 21 */ unsigned int res4:1;
+			/* 22 */ unsigned int share:2;
+			/* 24 */ unsigned int res5:2;
+			/* 26 */ unsigned int desclen:6;
+		} sd;
+		struct {
+			/* TODO only below struct members are corrected,
+			 * all others also need to be reversed please verify it
+			 */
+			/* 0 */ unsigned int desclen:7;
+			/* 7 */ unsigned int res4:1;
+			/* 8 */ unsigned int share:3;
+			/* 11 */ unsigned int reo:1;
+			/* 12 */ unsigned int shr:1;
+			/* 13 */ unsigned int mtd:1;
+			/* 14 */ unsigned int td:1;
+			/* 15 */ unsigned int zero:1;
+			/* 16 */ unsigned int shr_desc_len:6;
+			/* 22  */ unsigned int res2:1;
+			/* 23  */ unsigned int one:1;
+			/* 24  */ unsigned int dnr:1;
+			/* 25  */ unsigned int rsms:1;
+			/* 26  */ unsigned int res1:1;
+			/* 27  */ unsigned int ctype:5;
+		} jd;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a KEY command in a descriptor.
+ */
+struct key_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int cls:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int enc:1;
+			unsigned int nwb:1;
+			unsigned int ekt:1;
+			unsigned int kdest:4;
+			unsigned int tk:1;
+			unsigned int rsvd1:5;
+			unsigned int length:10;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a PROTOCOL command
+ * in a descriptor.
+ */
+struct protocol_operation_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int optype:3;
+			unsigned char protid;
+			unsigned short protinfo;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQIN command in a
+ * descriptor.
+ */
+struct seq_in_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:1;
+			unsigned int inl:1;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int rjd:1;
+			unsigned int res2:4;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQOUT command in a
+ * descriptor.
+ */
+struct seq_out_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:2;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int res2:5;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+struct load_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int class:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int dst:7;
+			unsigned char offset;
+			unsigned char length;
+		} fields;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Structure encompassing a general shared descriptor of maximum
+ * size (64 WORDs). Usually, other specific shared descriptor structures
+ * will be type-casted to this one
+ * this one.
+ */
+struct sec_sd_t {
+	uint32_t rsvd[MAX_DESC_SIZE_WORDS];
+} __attribute__((packed, aligned(64)));
+
+/* Structure encompassing a job descriptor which processes
+ * a single packet from a context. The job descriptor references
+ * a shared descriptor from a SEC context.
+ */
+struct sec_job_descriptor_t {
+	struct descriptor_header_s deschdr;
+	dma_addr_t sd_ptr;
+	struct seq_out_command_s seq_out;
+	dma_addr_t seq_out_ptr;
+	uint32_t out_ext_length;
+	struct seq_in_command_s seq_in;
+	dma_addr_t seq_in_ptr;
+	uint32_t in_ext_length;
+	struct load_command_s load_dpovrd;
+	uint32_t dpovrd;
+} __attribute__((packed, aligned(64)));
+
+#endif
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 11/15] crypto/caam_jr: add scatter gather
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (9 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
                         ` (5 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add the scatter gather feature
for auth-only, cipher-only and cipher-auth
operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 375 ++++++++++++++++++++++++++++++-
 1 file changed, 374 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 594ae8ded..0d3a49145 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -602,6 +602,101 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 	return num_rx;
 }
 
+/**
+ * packet looks like:
+ *		|<----data_len------->|
+ *    |ip_header|ah_header|icv|payload|
+ *              ^
+ *		|
+ *	   mbuf->pkt.data
+ */
+static inline struct caam_jr_op_ctx *
+build_auth_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	int	length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t extra_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (is_decode(ses))
+		extra_segs = 2;
+	else
+		extra_segs = 1;
+
+	if ((mbuf->nb_segs + extra_segs) > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	length = sym->auth.data.length;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		/* digest verification case */
+		sg++;
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	} else {
+		length -= ses->digest_length;
+	}
+
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr,
+		(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, length);
+	/* enabling sg list */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -667,6 +762,123 @@ build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+static inline struct caam_jr_op_ctx *
+build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *in_sg;
+	int length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t reg_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		reg_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2;
+	} else {
+		mbuf = sym->m_src;
+		reg_segs = mbuf->nb_segs * 2 + 2;
+	}
+
+	if (reg_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	sg = &ctx->sg[0];
+	length = sym->cipher.data.length;
+
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0,
+			length);
+	/*enabling sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/*input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+
+	length = sym->cipher.data.length + ses->iv.length;
+
+	/* IV */
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	/* 1st seg */
+	sg++;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+				+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, in_sg), 0,
+				length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -731,6 +943,161 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+/* For decapsulation:
+ *     Input:
+ * +----+----------------+--------------------------------+-----+
+ * | IV | Auth-only data | Authenticated & Encrypted data | ICV |
+ * +----+----------------+--------------------------------+-----+
+ *     Output:
+ * +----+--------------------------+
+ * | Decrypted & authenticated data |
+ * +----+--------------------------+
+ */
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *out_sg, *in_sg;
+	struct rte_mbuf *mbuf;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t req_segs;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 3;
+	} else {
+		mbuf = sym->m_src;
+		req_segs = mbuf->nb_segs * 2 + 3;
+	}
+
+	if (req_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	out_sg = &ctx->sg[0];
+	if (is_encode(ses))
+		length = sym->auth.data.length + ses->digest_length;
+	else
+		length = sym->auth.data.length;
+
+	sg = &ctx->sg[0];
+
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(out_sg), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+	if (is_encode(ses))
+		length = ses->iv.length + sym->auth.data.length;
+	else
+		length = ses->iv.length + sym->auth.data.length
+						+ ses->digest_length;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg++;
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		sg++;
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(in_sg), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -878,8 +1245,14 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
 	} else {
-		if (is_aead(ses))
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth_sg(op, ses);
+		else if (is_aead(ses))
 			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only_sg(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only_sg(op, ses);
 	}
 err1:
 	if (unlikely(!ctx)) {
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 12/15] crypto/caam_jr: add statistics ops
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (10 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
@ 2018-10-22 14:17       ` Gagandeep Singh
  2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 13/15] crypto/caam_jr: add security offload Gagandeep Singh
                         ` (4 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:17 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the following statistics operations:
 - stats_get
 - stats_reset

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 54 ++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 0d3a49145..c89d76dab 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -103,6 +103,58 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses)
 	return ctx;
 }
 
+static
+void caam_jr_stats_get(struct rte_cryptodev *dev,
+			struct rte_cryptodev_stats *stats)
+{
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+					dev->data->queue_pairs;
+	int i;
+
+	PMD_INIT_FUNC_TRACE();
+	if (stats == NULL) {
+		CAAM_JR_ERR("Invalid stats ptr NULL");
+		return;
+	}
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+
+		stats->enqueued_count += qp[i]->tx_pkts;
+		stats->dequeued_count += qp[i]->rx_pkts;
+		stats->enqueue_err_count += qp[i]->tx_errs;
+		stats->dequeue_err_count += qp[i]->rx_errs;
+		CAAM_JR_INFO("extra stats:\n\tRX Poll ERR = %" PRIu64
+			     "\n\tTX Ring Full = %" PRIu64,
+			     qp[i]->rx_poll_err,
+			     qp[i]->tx_ring_full);
+	}
+}
+
+static
+void caam_jr_stats_reset(struct rte_cryptodev *dev)
+{
+	int i;
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+				   (dev->data->queue_pairs);
+
+	PMD_INIT_FUNC_TRACE();
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+		qp[i]->rx_pkts = 0;
+		qp[i]->rx_errs = 0;
+		qp[i]->rx_poll_err = 0;
+		qp[i]->tx_pkts = 0;
+		qp[i]->tx_errs = 0;
+		qp[i]->tx_ring_full = 0;
+	}
+}
+
 static inline int
 is_cipher_only(struct caam_jr_session *ses)
 {
@@ -1695,6 +1747,8 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.stats_get	      = caam_jr_stats_get,
+	.stats_reset	      = caam_jr_stats_reset,
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 13/15] crypto/caam_jr: add security offload
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (11 preceding siblings ...)
  2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
@ 2018-10-22 14:18       ` Gagandeep Singh
  2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 14/15] doc: add caam jr cryptodev details Gagandeep Singh
                         ` (3 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:18 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch provides the support for protocol offload
to the hardware. following security operations are
added:
 - session_create
 - session_destroy
 - capabilities_get

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c              | 425 +++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  36 ++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |   8 +
 drivers/crypto/caam_jr/caam_jr_hw.c           |   3 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  10 +
 drivers/crypto/caam_jr/caam_jr_uio.c          |   3 +
 6 files changed, 483 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index c89d76dab..1c18453e4 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -14,6 +14,9 @@
 #include <rte_cryptodev.h>
 #include <rte_bus_vdev.h>
 #include <rte_malloc.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security_driver.h>
+#endif
 #include <rte_hexdump.h>
 
 #include <caam_jr_capabilities.h>
@@ -26,7 +29,6 @@
 /* RTA header files */
 #include <hw/desc/common.h>
 #include <hw/desc/algo.h>
-#include <hw/desc/ipsec.h>
 #include <of.h>
 
 #define CAAM_JR_DBG	0
@@ -185,8 +187,21 @@ is_auth_cipher(struct caam_jr_session *ses)
 {
 	PMD_INIT_FUNC_TRACE();
 	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
-		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL)
+#ifdef RTE_LIBRTE_SECURITY
+		&& (ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC)
+#endif
+		);
+}
+
+#ifdef RTE_LIBRTE_SECURITY
+static inline int
+is_proto_ipsec(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC);
 }
+#endif
 
 static inline int
 is_encode(struct caam_jr_session *ses)
@@ -211,27 +226,63 @@ caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
 		ses->digest_length = 0;
 		break;
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_MD5_96 : OP_ALG_ALGSEL_MD5;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_96 : OP_ALG_ALGSEL_SHA1;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_160 : OP_ALG_ALGSEL_SHA224;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_256_128 : OP_ALG_ALGSEL_SHA256;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_384_192 : OP_ALG_ALGSEL_SHA384;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_512_256 : OP_ALG_ALGSEL_SHA512;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	default:
@@ -247,15 +298,33 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 	case RTE_CRYPTO_CIPHER_NULL:
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CBC : OP_ALG_ALGSEL_AES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_3DES : OP_ALG_ALGSEL_3DES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CTR:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CTR : OP_ALG_ALGSEL_AES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CTR;
 		break;
 	default:
@@ -419,6 +488,24 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 		cdb->sh_desc[0] = 0;
 		cdb->sh_desc[1] = 0;
 		cdb->sh_desc[2] = 0;
+#ifdef RTE_LIBRTE_SECURITY
+		if (is_proto_ipsec(ses)) {
+			if (ses->dir == DIR_ENC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_encap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->encap_pdb,
+						(uint8_t *)&ses->ip4_hdr,
+						&alginfo_c, &alginfo_a);
+			} else if (ses->dir == DIR_DEC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_decap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->decap_pdb,
+						&alginfo_c, &alginfo_a);
+			}
+		} else {
+#endif
 			/* Auth_only_len is set as 0 here and it will be
 			 * overwritten in fd for each packet.
 			 */
@@ -426,6 +513,9 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 					true, swap, &alginfo_c, &alginfo_a,
 					ses->iv.length, 0,
 					ses->digest_length, ses->dir);
+#ifdef RTE_LIBRTE_SECURITY
+		}
+#endif
 	}
 
 	if (shared_desc_len < 0) {
@@ -601,6 +691,28 @@ hw_poll_job_ring(struct sec_job_ring_t *job_ring,
 			}
 #endif
 		}
+#ifdef RTE_LIBRTE_SECURITY
+		if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
+			struct ip *ip4_hdr;
+
+			if (ctx->op->sym->m_dst) {
+				/*TODO check for ip header or other*/
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, char*);
+				ctx->op->sym->m_dst->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_dst->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			} else {
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, char*);
+				ctx->op->sym->m_src->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_src->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			}
+		}
+#endif
 		*ops = ctx->op;
 		caam_jr_op_ending(ctx);
 		ops++;
@@ -1260,6 +1372,52 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 
 	return ctx;
 }
+
+#ifdef RTE_LIBRTE_SECURITY
+static inline struct caam_jr_op_ctx *
+build_proto(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx = NULL;
+	phys_addr_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+	ctx->op = op;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+			cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr, 0,
+			sym->m_src->buf_len - sym->m_src->data_off);
+	/* input */
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)src_start_addr, 0,
+			sym->m_src->pkt_len);
+	sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK;
+
+	return ctx;
+}
+#endif
+
 static int
 caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 {
@@ -1275,6 +1433,13 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		get_sym_session_private_data(op->sym->session,
 					cryptodev_driver_id);
 		break;
+#ifdef RTE_LIBRTE_SECURITY
+	case RTE_CRYPTO_OP_SECURITY_SESSION:
+		ses = (struct caam_jr_session *)
+			get_sec_session_private_data(
+					op->sym->sec_session);
+		break;
+#endif
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
 		qp->tx_errs++;
@@ -1296,6 +1461,10 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 			ctx = build_auth_only(op, ses);
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
+#ifdef RTE_LIBRTE_SECURITY
+		else if (is_proto_ipsec(ses))
+			ctx = build_proto(op, ses);
+#endif
 	} else {
 		if (is_auth_cipher(ses))
 			ctx = build_cipher_auth_sg(op, ses);
@@ -1666,6 +1835,229 @@ caam_jr_sym_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+#ifdef RTE_LIBRTE_SECURITY
+static int
+caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
+			  struct rte_security_session_conf *conf,
+			  void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
+	struct rte_crypto_auth_xform *auth_xform;
+	struct rte_crypto_cipher_xform *cipher_xform;
+	struct caam_jr_session *session = (struct caam_jr_session *)sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		cipher_xform = &conf->crypto_xform->cipher;
+		auth_xform = &conf->crypto_xform->next->auth;
+	} else {
+		auth_xform = &conf->crypto_xform->auth;
+		cipher_xform = &conf->crypto_xform->next->cipher;
+	}
+	session->proto_alg = conf->protocol;
+	session->cipher_key.data = rte_zmalloc(NULL,
+					       cipher_xform->key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL &&
+			cipher_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+
+	session->cipher_key.length = cipher_xform->key.length;
+	session->auth_key.data = rte_zmalloc(NULL,
+					auth_xform->key.length,
+					RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL &&
+			auth_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		rte_free(session->cipher_key.data);
+		return -ENOMEM;
+	}
+	session->auth_key.length = auth_xform->key.length;
+	memcpy(session->cipher_key.data, cipher_xform->key.data,
+			cipher_xform->key.length);
+	memcpy(session->auth_key.data, auth_xform->key.data,
+			auth_xform->key.length);
+
+	switch (auth_xform->algo) {
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+	case RTE_CRYPTO_AUTH_KASUMI_F9:
+	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
+	case RTE_CRYPTO_AUTH_ZUC_EIA3:
+		CAAM_JR_ERR("Crypto: Unsupported auth alg %u\n",
+			auth_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Auth specified %u\n",
+			auth_xform->algo);
+		goto out;
+	}
+
+	switch (cipher_xform->algo) {
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR;
+		break;
+	case RTE_CRYPTO_CIPHER_NULL:
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+	case RTE_CRYPTO_CIPHER_3DES_ECB:
+	case RTE_CRYPTO_CIPHER_AES_ECB:
+	case RTE_CRYPTO_CIPHER_KASUMI_F8:
+		CAAM_JR_ERR("Crypto: Unsupported Cipher alg %u\n",
+			cipher_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Cipher specified %u\n",
+			cipher_xform->algo);
+		goto out;
+	}
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		memset(&session->encap_pdb, 0, sizeof(struct ipsec_encap_pdb) +
+				sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_v = IPVERSION;
+		session->ip4_hdr.ip_hl = 5;
+		session->ip4_hdr.ip_len = rte_cpu_to_be_16(
+						sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_tos = ipsec_xform->tunnel.ipv4.dscp;
+		session->ip4_hdr.ip_id = 0;
+		session->ip4_hdr.ip_off = 0;
+		session->ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl;
+		session->ip4_hdr.ip_p = (ipsec_xform->proto ==
+				RTE_SECURITY_IPSEC_SA_PROTO_ESP) ? IPPROTO_ESP
+				: IPPROTO_AH;
+		session->ip4_hdr.ip_sum = 0;
+		session->ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip;
+		session->ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip;
+		session->ip4_hdr.ip_sum = calc_chksum((uint16_t *)
+						(void *)&session->ip4_hdr,
+						sizeof(struct ip));
+
+		session->encap_pdb.options =
+			(IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
+			PDBOPTS_ESP_OIHI_PDB_INL |
+			PDBOPTS_ESP_IVSRC |
+			PDBHMO_ESP_ENCAP_DTTL;
+		session->encap_pdb.spi = ipsec_xform->spi;
+		session->encap_pdb.ip_hdr_len = sizeof(struct ip);
+
+		session->dir = DIR_ENC;
+	} else if (ipsec_xform->direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		session->decap_pdb.options = sizeof(struct ip) << 16;
+		session->dir = DIR_DEC;
+	} else
+		goto out;
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+out:
+	rte_free(session->auth_key.data);
+	rte_free(session->cipher_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+	return -1;
+}
+
+static int
+caam_jr_security_session_create(void *dev,
+				struct rte_security_session_conf *conf,
+				struct rte_security_session *sess,
+				struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	switch (conf->protocol) {
+	case RTE_SECURITY_PROTOCOL_IPSEC:
+		ret = caam_jr_set_ipsec_session(cdev, conf,
+				sess_private_data);
+		break;
+	case RTE_SECURITY_PROTOCOL_MACSEC:
+		return -ENOTSUP;
+	default:
+		return -EINVAL;
+	}
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sec_session_private_data(sess, sess_private_data);
+
+	return ret;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static int
+caam_jr_security_session_destroy(void *dev __rte_unused,
+				 struct rte_security_session *sess)
+{
+	PMD_INIT_FUNC_TRACE();
+	void *sess_priv = get_sec_session_private_data(sess);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(sess, 0, sizeof(struct caam_jr_session));
+		set_sec_session_private_data(sess, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+	return 0;
+}
+#endif
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -1757,6 +2149,16 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
+#ifdef RTE_LIBRTE_SECURITY
+static struct rte_security_ops caam_jr_security_ops = {
+	.session_create = caam_jr_security_session_create,
+	.session_update = NULL,
+	.session_stats_get = NULL,
+	.session_destroy = caam_jr_security_session_destroy,
+	.set_pkt_metadata = NULL,
+	.capabilities_get = caam_jr_get_security_capabilities
+};
+#endif
 
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
@@ -1976,6 +2378,9 @@ caam_jr_dev_init(const char *name,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+#ifdef RTE_LIBRTE_SECURITY
+	struct rte_security_ctx *security_instance;
+#endif
 	struct uio_job_ring *job_ring;
 	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
@@ -2045,6 +2450,22 @@ caam_jr_dev_init(const char *name,
 		return 0;
 	}
 
+#ifdef RTE_LIBRTE_SECURITY
+	/*TODO free it during teardown*/
+	security_instance = rte_malloc("caam_jr",
+				sizeof(struct rte_security_ctx), 0);
+	if (security_instance == NULL) {
+		CAAM_JR_ERR("memory allocation failed\n");
+		//todo error handling.
+		goto cleanup2;
+	}
+
+	security_instance->device = (void *)dev;
+	security_instance->ops = &caam_jr_security_ops;
+	security_instance->sess_cnt = 0;
+	dev->security_ctx = security_instance;
+#endif
+
 	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
 
 	return 0;
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
index 92aa429cc..eacea7db3 100644
--- a/drivers/crypto/caam_jr/caam_jr_capabilities.c
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -225,6 +225,42 @@ static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
+#ifdef RTE_LIBRTE_SECURITY
+static const struct rte_security_capability caam_jr_security_cap[] = {
+	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{
+		.action = RTE_SECURITY_ACTION_TYPE_NONE
+	}
+};
+
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device __rte_unused)
+{
+	return caam_jr_security_cap;
+}
+#endif
+
 const struct rte_cryptodev_capabilities *
 caam_jr_get_cryptodev_capabilities(void)
 {
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.h b/drivers/crypto/caam_jr/caam_jr_capabilities.h
index 7a94013e5..d3169b7e9 100644
--- a/drivers/crypto/caam_jr/caam_jr_capabilities.h
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.h
@@ -6,8 +6,16 @@
 #define CAAM_JR_CAPABILITIES_H
 
 #include <rte_cryptodev.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
 
 /* Get cryptodev capabilities */
 const struct rte_cryptodev_capabilities *
 caam_jr_get_cryptodev_capabilities(void);
+#ifdef RTE_LIBRTE_SECURITY
+/* Get security capabilities */
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device);
+#endif
 #endif
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index 80602b702..c6833185b 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -9,6 +9,9 @@
 #include <rte_memory.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
index 333a192d9..c2d35ecd2 100644
--- a/drivers/crypto/caam_jr/caam_jr_pvt.h
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -5,6 +5,8 @@
 #ifndef CAAM_JR_PVT_H
 #define CAAM_JR_PVT_H
 
+#include <hw/desc/ipsec.h>
+
 /* NXP CAAM JR PMD device name */
 
 #define CAAM_JR_ALG_UNSUPPORT	(-1)
@@ -110,6 +112,9 @@ struct caam_jr_session {
 	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
 	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
 	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+#ifdef RTE_LIBRTE_SECURITY
+	enum rte_security_session_protocol proto_alg; /* Security Algorithm*/
+#endif
 	union {
 		struct {
 			uint8_t *data;	/* pointer to key data */
@@ -132,6 +137,11 @@ struct caam_jr_session {
 	} iv;	/* Initialisation vector parameters */
 	uint16_t auth_only_len; /* Length of data for Auth only */
 	uint32_t digest_length;
+#ifdef RTE_LIBRTE_SECURITY
+	struct ipsec_encap_pdb encap_pdb;
+	struct ip ip4_hdr;
+	struct ipsec_decap_pdb decap_pdb;
+#endif
 	struct caam_jr_qp *qp;
 	struct sec_cdb *cdb;	/* cmd block associated with qp */
 	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
index d6aec3e4c..58d86f961 100644
--- a/drivers/crypto/caam_jr/caam_jr_uio.c
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -16,6 +16,9 @@
 #include <rte_common.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 14/15] doc: add caam jr cryptodev details
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (12 preceding siblings ...)
  2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 13/15] crypto/caam_jr: add security offload Gagandeep Singh
@ 2018-10-22 14:18       ` Gagandeep Singh
  2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
                         ` (2 subsequent siblings)
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:18 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add caam jr driver details, supported features and algorithms
in the document.

release note and MAINTAINERS are also updated.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 MAINTAINERS                                |   2 +
 doc/guides/cryptodevs/caam_jr.rst          | 150 +++++++++++++++++++++
 doc/guides/cryptodevs/features/caam_jr.ini |  46 +++++++
 doc/guides/cryptodevs/index.rst            |   1 +
 doc/guides/rel_notes/release_18_11.rst     |   5 +
 5 files changed, 204 insertions(+)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini

diff --git a/MAINTAINERS b/MAINTAINERS
index 9de01189a..3079c187e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -855,6 +855,8 @@ NXP CAAM JR
 M: Gagandeep Singh <g.singh@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
 F: drivers/crypto/caam_jr/
+F: doc/guides/cryptodevs/caam_jr.rst
+F: doc/guides/cryptodevs/features/caam_jr.ini
 
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
diff --git a/doc/guides/cryptodevs/caam_jr.rst b/doc/guides/cryptodevs/caam_jr.rst
new file mode 100644
index 000000000..e87ff0915
--- /dev/null
+++ b/doc/guides/cryptodevs/caam_jr.rst
@@ -0,0 +1,150 @@
+..  SPDX-License-Identifier: BSD-3-Clause
+    Copyright 2018 NXP
+
+
+NXP CAAM JOB RING (caam_jr)
+===========================
+
+The caam_jr PMD provides poll mode crypto driver support for NXP SEC 4.x+ (CAAM)
+hardware accelerator. More information is available at:
+
+`NXP Cryptographic Acceleration Technology  <https://www.nxp.com/applications/solutions/internet-of-things/secure-things/network-security-technology/cryptographic-acceleration-technology:NETWORK_SECURITY_CRYPTOG>`_.
+
+Architecture
+------------
+
+SEC is the SOC's security engine, which serves as NXP's latest cryptographic
+acceleration and offloading hardware. It combines functions previously
+implemented in separate modules to create a modular and scalable acceleration
+and assurance engine. It also implements block encryption algorithms, stream
+cipher algorithms, hashing algorithms, public key algorithms, run-time
+integrity checking, and a hardware random number generator. SEC performs
+higher-level cryptographic operations than previous NXP cryptographic
+accelerators. This provides significant improvement to system level performance.
+
+SEC HW accelerator above 4.x+ version are also known as CAAM.
+
+caam_jr PMD is one of DPAA drivers which uses uio interface to interact with
+Linux kernel for configure and destroy the device instance (ring).
+
+
+Implementation
+--------------
+
+SEC provides platform assurance by working with SecMon, which is a companion
+logic block that tracks the security state of the SOC. SEC is programmed by
+means of descriptors (not to be confused with frame descriptors (FDs)) that
+indicate the operations to be performed and link to the message and
+associated data. SEC incorporates two DMA engines to fetch the descriptors,
+read the message data, and write the results of the operations. The DMA
+engine provides a scatter/gather capability so that SEC can read and write
+data scattered in memory. SEC may be configured by means of software for
+dynamic changes in byte ordering. The default configuration for this version
+of SEC is little-endian mode.
+
+Note that one physical Job Ring represent one caam_jr device.
+
+Features
+--------
+
+The CAAM_JR PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_3DES_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CBC``
+* ``RTE_CRYPTO_CIPHER_AES192_CBC``
+* ``RTE_CRYPTO_CIPHER_AES256_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CTR``
+* ``RTE_CRYPTO_CIPHER_AES192_CTR``
+* ``RTE_CRYPTO_CIPHER_AES256_CTR``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_MD5_HMAC``
+
+AEAD algorithms:
+
+* ``RTE_CRYPTO_AEAD_AES_GCM``
+
+Supported DPAA SoCs
+--------------------
+
+* LS1046A/LS1026A
+* LS1043A/LS1023A
+* LS1028A
+* LS1012A
+
+Limitations
+-----------
+
+* Hash followed by Cipher mode is not supported
+* Only supports the session-oriented API implementation (session-less APIs are not supported).
+
+Prerequisites
+-------------
+
+caam_jr driver has following dependencies are not part of DPDK and must be installed separately:
+
+* **NXP Linux SDK**
+
+  NXP Linux software development kit (SDK) includes support for the family
+  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
+  and corresponding boards.
+
+  It includes the Linux board support packages (BSPs) for NXP SoCs,
+  a fully operational tool chain, kernel and board specific modules.
+
+  SDK and related information can be obtained from:  `NXP QorIQ SDK  <http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
+
+Currently supported by DPDK:
+
+* NXP SDK **18.09+**.
+* Supported architectures:  **arm64 LE**.
+
+* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup the basic DPDK environment.
+
+Pre-Installation Configuration
+------------------------------
+
+Config File Options
+~~~~~~~~~~~~~~~~~~~
+
+The following options can be modified in the ``config`` file
+to enable caam_jr PMD.
+
+Please note that enabling debugging options may affect system performance.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
+  By default it is only enabled in common_linuxapp config.
+  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
+  By default it is disabled.
+  It can be used when the underlying hardware supports the CAAM in BE mode.
+  e.g. LS1043A, LS1046A supports CAAM in BE mode.
+  BE mode is enabled by default in defconfig-arm64-dpaa-linuxapp-gcc.
+
+Installations
+-------------
+To compile the caam_jr PMD for Linux arm64 gcc target, run the
+following ``make`` command:
+
+.. code-block:: console
+
+   cd <DPDK-source-directory>
+   make config T=arm64-armv8a-linuxapp-gcc install
+
+Enabling logs
+-------------
+
+For enabling logs, use the following EAL parameter:
+
+.. code-block:: console
+
+   ./your_crypto_application <EAL args> --log-level=pmd.crypto.caam,<level>
diff --git a/doc/guides/cryptodevs/features/caam_jr.ini b/doc/guides/cryptodevs/features/caam_jr.ini
new file mode 100644
index 000000000..68f8d8195
--- /dev/null
+++ b/doc/guides/cryptodevs/features/caam_jr.ini
@@ -0,0 +1,46 @@
+;
+; Supported features of the 'caam_jr' crypto driver.
+;
+; Refer to default.ini for the full list of available PMD features.
+;
+[Features]
+Symmetric crypto       = Y
+Sym operation chaining = Y
+HW Accelerated         = Y
+Protocol offload       = Y
+In Place SGL           = Y
+OOP SGL In SGL Out     = Y
+OOP SGL In LB  Out     = Y
+OOP LB  In SGL Out     = Y
+OOP LB  In LB  Out     = Y
+
+;
+; Supported crypto algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Cipher]
+AES CBC (128) = Y
+AES CBC (192) = Y
+AES CBC (256) = Y
+AES CTR (128) = Y
+AES CTR (192) = Y
+AES CTR (256) = Y
+3DES CBC      = Y
+
+;
+; Supported authentication algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Auth]
+MD5 HMAC     = Y
+SHA1 HMAC    = Y
+SHA224 HMAC  = Y
+SHA256 HMAC  = Y
+SHA384 HMAC  = Y
+SHA512 HMAC  = Y
+
+;
+; Supported AEAD algorithms of the 'dpaa2_sec' crypto driver.
+;
+[AEAD]
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
index bd1588537..83610e64f 100644
--- a/doc/guides/cryptodevs/index.rst
+++ b/doc/guides/cryptodevs/index.rst
@@ -13,6 +13,7 @@ Crypto Device Drivers
     aesni_mb
     aesni_gcm
     armv8
+    caam_jr
     ccp
     dpaa2_sec
     dpaa_sec
diff --git a/doc/guides/rel_notes/release_18_11.rst b/doc/guides/rel_notes/release_18_11.rst
index a0dd1bed9..af9a6f89f 100644
--- a/doc/guides/rel_notes/release_18_11.rst
+++ b/doc/guides/rel_notes/release_18_11.rst
@@ -186,6 +186,11 @@ New Features
   The AESNI MB PMD has been updated with additional support for AES-GCM
   algorithm support.
 
+* **Added NXP CAAM JR PMD.**
+
+  Added the new caam job ring driver for NXP platforms. See the
+  "NXP CAAM JOB RING (caam_jr)" document for more details on this new driver.
+
 API Changes
 -----------
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v4 15/15] test/crypto: add CAAM JR driver validation test cases
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (13 preceding siblings ...)
  2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 14/15] doc: add caam jr cryptodev details Gagandeep Singh
@ 2018-10-22 14:18       ` Gagandeep Singh
  2018-10-22 14:48       ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:18 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the validation test cases for
CAAM JR driver

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 test/test/test_cryptodev.c                   | 138 +++++++++++++++++++
 test/test/test_cryptodev.h                   |   1 +
 test/test/test_cryptodev_aes_test_vectors.h  |  33 +++++
 test/test/test_cryptodev_blockcipher.c       |   7 +
 test/test/test_cryptodev_blockcipher.h       |   1 +
 test/test/test_cryptodev_des_test_vectors.h  |  14 +-
 test/test/test_cryptodev_hash_test_vectors.h |  14 ++
 7 files changed, 206 insertions(+), 2 deletions(-)

diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index 32600dea2..84065eb49 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -1876,6 +1876,64 @@ test_AES_cipheronly_virtio_all(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_AES_chain_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AES_CHAIN_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_cipheronly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AES_CIPHERONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_authonly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AUTHONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+
 static int
 test_AES_chain_dpaa_sec_all(void)
 {
@@ -5148,6 +5206,44 @@ test_DES_docsis_mb_all(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_3DES_chain_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_3DES_CHAIN_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_3DES_cipheronly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_3DES_CIPHERONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
 static int
 test_3DES_chain_dpaa_sec_all(void)
 {
@@ -9808,6 +9904,31 @@ static struct unit_test_suite cryptodev_sw_zuc_testsuite  = {
 	}
 };
 
+static struct unit_test_suite cryptodev_caam_jr_testsuite  = {
+	.suite_name = "Crypto CAAM JR Unit Test Suite",
+	.setup = testsuite_setup,
+	.teardown = testsuite_teardown,
+	.unit_test_cases = {
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_device_configure_invalid_dev_id),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_multi_session),
+
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_AES_chain_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_3DES_chain_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_AES_cipheronly_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_3DES_cipheronly_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_authonly_caam_jr_all),
+
+		TEST_CASES_END() /**< NULL terminate unit test array */
+	}
+};
+
 static struct unit_test_suite cryptodev_dpaa_sec_testsuite  = {
 	.suite_name = "Crypto DPAA_SEC Unit Test Suite",
 	.setup = testsuite_setup,
@@ -10634,6 +10755,22 @@ test_cryptodev_octeontx(void)
 	return unit_test_suite_runner(&cryptodev_octeontx_testsuite);
 }
 
+static int
+test_cryptodev_caam_jr(void /*argv __rte_unused, int argc __rte_unused*/)
+{
+	gbl_driver_id =	rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
+
+	if (gbl_driver_id == -1) {
+		RTE_LOG(ERR, USER1, "CAAM_JR PMD must be loaded. Check if "
+				"CONFIG_RTE_LIBRTE_PMD_CAAM_JR is enabled "
+				"in config file to run this testsuite.\n");
+		return TEST_FAILED;
+	}
+
+	return unit_test_suite_runner(&cryptodev_caam_jr_testsuite);
+}
+
 REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat);
 REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest, test_cryptodev_aesni_mb);
 REGISTER_TEST_COMMAND(cryptodev_openssl_autotest, test_cryptodev_openssl);
@@ -10649,3 +10786,4 @@ REGISTER_TEST_COMMAND(cryptodev_dpaa_sec_autotest, test_cryptodev_dpaa_sec);
 REGISTER_TEST_COMMAND(cryptodev_ccp_autotest, test_cryptodev_ccp);
 REGISTER_TEST_COMMAND(cryptodev_virtio_autotest, test_cryptodev_virtio);
 REGISTER_TEST_COMMAND(cryptodev_octeontx_autotest, test_cryptodev_octeontx);
+REGISTER_TEST_COMMAND(cryptodev_caam_jr_autotest, test_cryptodev_caam_jr);
diff --git a/test/test/test_cryptodev.h b/test/test/test_cryptodev.h
index f2d41aedd..a73a49e72 100644
--- a/test/test/test_cryptodev.h
+++ b/test/test/test_cryptodev.h
@@ -65,6 +65,7 @@
 #define CRYPTODEV_NAME_CCP_PMD		crypto_ccp
 #define CRYPTODEV_NAME_VIRTIO_PMD	crypto_virtio
 #define CRYPTODEV_NAME_OCTEONTX_SYM_PMD	crypto_octeontx
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 
 /**
  * Write (spread) data from buffer to mbuf data
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 5db46f4c5..fff28bc9b 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1171,6 +1171,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1185,6 +1186,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1225,6 +1227,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1239,6 +1242,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1253,6 +1257,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1279,6 +1284,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1293,6 +1299,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1305,6 +1312,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1327,6 +1335,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1375,6 +1384,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1413,6 +1423,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1459,6 +1470,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1472,6 +1484,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1484,6 +1497,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1498,6 +1512,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1511,6 +1526,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1525,6 +1541,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1564,6 +1581,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1579,6 +1597,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1594,6 +1613,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1607,6 +1627,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1619,6 +1640,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1630,6 +1652,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1642,6 +1665,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1657,6 +1681,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1671,6 +1696,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
@@ -1683,6 +1709,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
@@ -1696,6 +1723,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1710,6 +1738,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1724,6 +1753,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1737,6 +1767,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1750,6 +1781,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1764,6 +1796,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
diff --git a/test/test/test_cryptodev_blockcipher.c b/test/test/test_cryptodev_blockcipher.c
index 6df132126..1c3f29f6b 100644
--- a/test/test/test_cryptodev_blockcipher.c
+++ b/test/test/test_cryptodev_blockcipher.c
@@ -68,6 +68,8 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 			RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
 	int dpaa_sec_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
+	int caam_jr_pmd = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
 	int mrvl_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_MVSAM_PMD));
 	int virtio_pmd = rte_cryptodev_driver_id_get(
@@ -111,6 +113,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 
 	if (driver_id == dpaa2_sec_pmd ||
 			driver_id == dpaa_sec_pmd ||
+			driver_id == caam_jr_pmd ||
 			driver_id == qat_pmd ||
 			driver_id == openssl_pmd ||
 			driver_id == armv8_pmd ||
@@ -631,6 +634,8 @@ test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
 			RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
 	int dpaa_sec_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
+	int caam_jr_pmd = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
 	int scheduler_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD));
 	int armv8_pmd = rte_cryptodev_driver_id_get(
@@ -707,6 +712,8 @@ test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_CCP;
 	else if (driver_id == dpaa_sec_pmd)
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC;
+	else if (driver_id == caam_jr_pmd)
+		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR;
 	else if (driver_id == mrvl_pmd)
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MVSAM;
 	else if (driver_id == virtio_pmd)
diff --git a/test/test/test_cryptodev_blockcipher.h b/test/test/test_cryptodev_blockcipher.h
index 57e678fc1..f8bd85838 100644
--- a/test/test/test_cryptodev_blockcipher.h
+++ b/test/test/test_cryptodev_blockcipher.h
@@ -30,6 +30,7 @@
 #define BLOCKCIPHER_TEST_TARGET_PMD_CCP		0x0040 /* CCP flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO	0x0200 /* VIRTIO flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX	0x0100 /* OCTEON TX flag */
+#define BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR	0x0400 /* CAAM_JR flag */
 
 #define BLOCKCIPHER_TEST_OP_CIPHER	(BLOCKCIPHER_TEST_OP_ENCRYPT | \
 					BLOCKCIPHER_TEST_OP_DECRYPT)
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0789881da..f1b8cbd45 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1069,6 +1069,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
 	{
@@ -1079,6 +1080,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
 	{
@@ -1103,6 +1105,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1115,6 +1118,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1195,7 +1199,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1206,7 +1211,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
@@ -1254,6 +1260,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
@@ -1265,6 +1272,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
@@ -1276,6 +1284,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB |
@@ -1289,6 +1298,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB |
diff --git a/test/test/test_cryptodev_hash_test_vectors.h b/test/test/test_cryptodev_hash_test_vectors.h
index af1e29e68..a02dfb3c3 100644
--- a/test/test/test_cryptodev_hash_test_vectors.h
+++ b/test/test/test_cryptodev_hash_test_vectors.h
@@ -393,6 +393,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -406,6 +407,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -437,6 +439,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -449,6 +452,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -460,6 +464,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -472,6 +477,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -501,6 +507,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -514,6 +521,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -545,6 +553,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -559,6 +568,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -591,6 +601,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -605,6 +616,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -637,6 +649,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -651,6 +664,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (14 preceding siblings ...)
  2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
@ 2018-10-22 14:48       ` Gagandeep Singh
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
  16 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:48 UTC (permalink / raw)
  To: dev, Akhil Goyal



> -----Original Message-----
> From: Gagandeep Singh
> Sent: Monday, October 22, 2018 7:48 PM
> To: dev@dpdk.org; Akhil Goyal <akhil.goyal@nxp.com>
> Cc: Gagandeep Singh <G.Singh@nxp.com>
> Subject: [PATCH v4 00/15] Introducing the NXP CAAM job ring driver
> 
> v3->v4 change-log:
> * local dma_addr_t definition removed
> 

Self NACK.
There was compilation issue. I am sending v5

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 00/15] Introducing the NXP CAAM job ring driver
  2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
                         ` (15 preceding siblings ...)
  2018-10-22 14:48       ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
@ 2018-10-22 14:57       ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
                           ` (15 more replies)
  16 siblings, 16 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh

v4->v5 change-log:
* compilation issue fixed

v3->v4 change-log:
* local dma_addr_t definition removed

v2->v3 change-log:
* fix CONFIG_RTE_LIBRTE_SECURITY=n compilation.

v1->v2 change-log:
* Most of the checkpatch warnings and erros are removed
* CONFIG_RTE_CAAM_JR_PMD_MAX_NB_SESSIONS and
  CONFIG_RTE_PMD_CAAM_JR_DEBUG flags removed
* local unlikely macro removed
* extra spaces removed and functions format fixed
* indentation fixed
* documentation is updated
* dead code removed
* device capabilities added in separate file and 
  functions added to access them.
* missing PMD_INIT_FUNC_TRACE() added to the respective
  functions
* description added to the all patches
* some patches splited (sg support, uio, capabilities, hw)

v1:
The caam_jr PMD provides poll mode crypto driver
support for NXP SEC 4.x+ (CAAM) hardware accelerator

Gagandeep Singh (10):
  crypto/caam_jr: introduce basic driver
  crypto/caam_jr: add HW tuning options
  crypto/caam_jr: add routines to configure HW
  crypto/caam_jr: add UIO specific operations
  crypto/caam_jr: add basic job ring routines
  crypto/caam_jr: add device basic ops
  crypto/caam_jr: add session configuration methods
  crypto/caam_jr: add device cababilities
  crypto/caam_jr: add enqueue dequeue operations
  crypto/caam_jr: add scatter gather

Hemant Agrawal (5):
  crypto/caam_jr: add queue pair config ops
  crypto/caam_jr: add statistics ops
  crypto/caam_jr: add security offload
  doc: add caam jr cryptodev details
  test/crypto: add CAAM JR driver validation test cases

 MAINTAINERS                                   |    7 +
 config/common_base                            |    6 +
 config/common_linuxapp                        |    1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |    3 +
 doc/guides/cryptodevs/caam_jr.rst             |  150 +
 doc/guides/cryptodevs/features/caam_jr.ini    |   46 +
 doc/guides/cryptodevs/index.rst               |    1 +
 doc/guides/rel_notes/release_18_11.rst        |    5 +
 drivers/crypto/Makefile                       |    1 +
 drivers/crypto/caam_jr/Makefile               |   44 +
 drivers/crypto/caam_jr/caam_jr.c              | 2570 +++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  268 ++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |   21 +
 drivers/crypto/caam_jr/caam_jr_config.h       |  207 ++
 drivers/crypto/caam_jr/caam_jr_desc.h         |  285 ++
 drivers/crypto/caam_jr/caam_jr_hw.c           |  369 +++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h  |  503 ++++
 drivers/crypto/caam_jr/caam_jr_log.h          |   42 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  295 ++
 drivers/crypto/caam_jr/caam_jr_uio.c          |  503 ++++
 drivers/crypto/caam_jr/meson.build            |   17 +
 .../caam_jr/rte_pmd_caam_jr_version.map       |    4 +
 drivers/crypto/meson.build                    |    5 +-
 test/test/test_cryptodev.c                    |  138 +
 test/test/test_cryptodev.h                    |    1 +
 test/test/test_cryptodev_aes_test_vectors.h   |   33 +
 test/test/test_cryptodev_blockcipher.c        |    7 +
 test/test/test_cryptodev_blockcipher.h        |    1 +
 test/test/test_cryptodev_des_test_vectors.h   |   14 +-
 test/test/test_cryptodev_hash_test_vectors.h  |   14 +
 30 files changed, 5557 insertions(+), 4 deletions(-)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 01/15] crypto/caam_jr: introduce basic driver
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
                           ` (14 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

The caam_jr poll mode crypto driver is supported for
NXP SEC 4.x+ (CAAM) hardware accelerator.
This driver is by default supported on LE platforms,
if it is used on BE platforms like LS104X,
config option CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE can be
enabled.

This patch add skeleton for caam jobring driver
with probe and uintialisation functions

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 MAINTAINERS                                   |   5 +
 config/common_base                            |   6 +
 config/common_linuxapp                        |   1 +
 config/defconfig_arm64-dpaa-linuxapp-gcc      |   3 +
 drivers/crypto/Makefile                       |   1 +
 drivers/crypto/caam_jr/Makefile               |  37 +++++
 drivers/crypto/caam_jr/caam_jr.c              | 150 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_log.h          |  42 +++++
 drivers/crypto/caam_jr/meson.build            |  11 ++
 .../caam_jr/rte_pmd_caam_jr_version.map       |   4 +
 drivers/crypto/meson.build                    |   5 +-
 11 files changed, 263 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/Makefile
 create mode 100644 drivers/crypto/caam_jr/caam_jr.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_log.h
 create mode 100644 drivers/crypto/caam_jr/meson.build
 create mode 100644 drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map

diff --git a/MAINTAINERS b/MAINTAINERS
index 450749ab2..9de01189a 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -851,6 +851,11 @@ F: drivers/crypto/null/
 F: doc/guides/cryptodevs/null.rst
 F: doc/guides/cryptodevs/features/null.ini
 
+NXP CAAM JR
+M: Gagandeep Singh <g.singh@nxp.com>
+M: Hemant Agrawal <hemant.agrawal@nxp.com>
+F: drivers/crypto/caam_jr/
+
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
diff --git a/config/common_base b/config/common_base
index 302f74a2e..9f45d9eaf 100644
--- a/config/common_base
+++ b/config/common_base
@@ -495,6 +495,12 @@ CONFIG_RTE_CRYPTO_MAX_DEVS=64
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO=n
 CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO_DEBUG=n
 
+#
+# Compile NXP CAAM JR crypto Driver
+#
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=n
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=n
+
 #
 # Compile NXP DPAA2 crypto sec driver for CAAM HW
 #
diff --git a/config/common_linuxapp b/config/common_linuxapp
index 76b884c48..3565ec8c1 100644
--- a/config/common_linuxapp
+++ b/config/common_linuxapp
@@ -40,6 +40,7 @@ CONFIG_RTE_LIBRTE_DPAA_MEMPOOL=y
 CONFIG_RTE_LIBRTE_DPAA_PMD=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_EVENTDEV=y
 CONFIG_RTE_LIBRTE_PMD_DPAA_SEC=y
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR=y
 
 # NXP FSLMC BUS and DPAA2 drivers
 CONFIG_RTE_LIBRTE_FSLMC_BUS=y
diff --git a/config/defconfig_arm64-dpaa-linuxapp-gcc b/config/defconfig_arm64-dpaa-linuxapp-gcc
index c47aec0a6..544b6770d 100644
--- a/config/defconfig_arm64-dpaa-linuxapp-gcc
+++ b/config/defconfig_arm64-dpaa-linuxapp-gcc
@@ -21,3 +21,6 @@ CONFIG_RTE_PKTMBUF_HEADROOM=128
 # NXP DPAA Bus
 CONFIG_RTE_LIBRTE_DPAA_DEBUG_DRIVER=n
 CONFIG_RTE_LIBRTE_DPAA_HWDEBUG=n
+
+# NXP CAAM_JR driver
+CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE=y
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index c083e64ff..c25a19fb0 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,6 +6,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_GCM) += aesni_gcm
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_AESNI_MB) += aesni_mb
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += armv8
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_CCP) += ccp
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO) += octeontx
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_OPENSSL) += openssl
diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
new file mode 100644
index 000000000..b1f3ecee7
--- /dev/null
+++ b/drivers/crypto/caam_jr/Makefile
@@ -0,0 +1,37 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2017 NXP
+
+include $(RTE_SDK)/mk/rte.vars.mk
+
+#
+# library name
+#
+LIB = librte_pmd_caam_jr.a
+
+# build flags
+CFLAGS += -DALLOW_EXPERIMENTAL_API
+
+CFLAGS += -D _GNU_SOURCE
+
+CFLAGS += -O3
+CFLAGS += $(WERROR_FLAGS)
+
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
+CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
+
+# versioning export map
+EXPORT_MAP := rte_pmd_caam_jr_version.map
+
+# library version
+LIBABIVER := 1
+
+# library source files
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+# library dependencies
+
+LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
+LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_vdev
+
+include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
new file mode 100644
index 000000000..6d25967a1
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -0,0 +1,150 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <sched.h>
+#include <net/if.h>
+
+#include <rte_byteorder.h>
+#include <rte_common.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_crypto.h>
+#include <rte_cryptodev.h>
+#include <rte_bus_vdev.h>
+#include <rte_malloc.h>
+#include <rte_hexdump.h>
+
+#include <caam_jr_log.h>
+
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
+static uint8_t cryptodev_driver_id;
+int caam_jr_logtype;
+
+/*
+ * @brief Release the resources used by the SEC user space driver.
+ *
+ * Reset and release SEC's job rings indicated by the User Application at
+ * init_job_ring() and free any memory allocated internally.
+ * Call once during application tear down.
+ *
+ * @note In case there are any descriptors in-flight (descriptors received by
+ * SEC driver for processing and for which no response was yet provided to UA),
+ * the descriptors are discarded without any notifications to User Application.
+ *
+ * @retval ::0			is returned for a successful execution
+ * @retval ::-1		is returned if SEC driver release is in progress
+ */
+static int
+caam_jr_dev_uninit(struct rte_cryptodev *dev)
+{
+	if (dev == NULL)
+		return -ENODEV;
+
+	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_init(const char *name,
+		 struct rte_vdev_device *vdev,
+		 struct rte_cryptodev_pmd_init_params *init_params)
+{
+	struct rte_cryptodev *dev;
+
+	PMD_INIT_FUNC_TRACE();
+
+	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
+	if (dev == NULL) {
+		CAAM_JR_ERR("failed to create cryptodev vdev");
+		goto cleanup;
+	}
+
+	dev->driver_id = cryptodev_driver_id;
+	dev->dev_ops = NULL;
+
+	/* For secondary processes, we don't initialise any further as primary
+	 * has already done this work. Only check we don't need a different
+	 * RX function
+	 */
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		CAAM_JR_WARN("Device already init by primary process");
+		return 0;
+	}
+
+	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
+
+	return 0;
+
+cleanup:
+	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
+			init_params->name);
+
+	return -ENXIO;
+}
+
+/** Initialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev_pmd_init_params init_params = {
+		"",
+		128,
+		rte_socket_id(),
+		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
+	};
+	const char *name;
+	const char *input_args;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	input_args = rte_vdev_device_args(vdev);
+	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
+
+	return caam_jr_dev_init(name, vdev, &init_params);
+}
+
+/** Uninitialise CAAM JR crypto device */
+static int
+cryptodev_caam_jr_remove(struct rte_vdev_device *vdev)
+{
+	struct rte_cryptodev *cryptodev;
+	const char *name;
+
+	name = rte_vdev_device_name(vdev);
+	if (name == NULL)
+		return -EINVAL;
+
+	cryptodev = rte_cryptodev_pmd_get_named_dev(name);
+	if (cryptodev == NULL)
+		return -ENODEV;
+
+	caam_jr_dev_uninit(cryptodev);
+
+	return rte_cryptodev_pmd_destroy(cryptodev);
+}
+
+static struct rte_vdev_driver cryptodev_caam_jr_drv = {
+	.probe = cryptodev_caam_jr_probe,
+	.remove = cryptodev_caam_jr_remove
+};
+
+static struct cryptodev_driver caam_jr_crypto_drv;
+
+RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_CAAM_JR_PMD, cryptodev_caam_jr_drv);
+RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_CAAM_JR_PMD,
+	"max_nb_queue_pairs=<int>"
+	"socket_id=<int>");
+RTE_PMD_REGISTER_CRYPTO_DRIVER(caam_jr_crypto_drv, cryptodev_caam_jr_drv.driver,
+		cryptodev_driver_id);
+
+RTE_INIT(caam_jr_init_log)
+{
+	caam_jr_logtype = rte_log_register("pmd.crypto.caam");
+	if (caam_jr_logtype >= 0)
+		rte_log_set_level(caam_jr_logtype, RTE_LOG_NOTICE);
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_log.h b/drivers/crypto/caam_jr/caam_jr_log.h
new file mode 100644
index 000000000..106ff07a7
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_log.h
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef _CAAM_JR_LOG_H_
+#define _CAAM_JR_LOG_H_
+
+#include <rte_log.h>
+
+extern int caam_jr_logtype;
+
+#define CAAM_JR_LOG(level, fmt, args...) \
+	rte_log(RTE_LOG_ ## level, caam_jr_logtype, "caam_jr: " \
+		fmt "\n", ##args)
+
+#define CAAM_JR_DEBUG(fmt, args...) \
+	rte_log(RTE_LOG_DEBUG, caam_jr_logtype, "caam_jr: %s(): " \
+		fmt "\n", __func__, ##args)
+
+#define PMD_INIT_FUNC_TRACE() CAAM_JR_DEBUG(" >>")
+
+#define CAAM_JR_INFO(fmt, args...) \
+	CAAM_JR_LOG(INFO, fmt, ## args)
+#define CAAM_JR_ERR(fmt, args...) \
+	CAAM_JR_LOG(ERR, fmt, ## args)
+#define CAAM_JR_WARN(fmt, args...) \
+	CAAM_JR_LOG(WARNING, fmt, ## args)
+
+/* DP Logs, toggled out at compile time if level lower than current level */
+#define CAAM_JR_DP_LOG(level, fmt, args...) \
+	RTE_LOG_DP(level, PMD, fmt "\n", ## args)
+
+#define CAAM_JR_DP_DEBUG(fmt, args...) \
+	CAAM_JR_DP_LOG(DEBUG, fmt, ## args)
+#define CAAM_JR_DP_INFO(fmt, args...) \
+	CAAM_JR_DP_LOG(INFO, fmt, ## args)
+#define CAAM_JR_DP_WARN(fmt, args...) \
+	CAAM_JR_DP_LOG(WARNING, fmt, ## args)
+#define CAAM_JR_DP_ERR(fmt, args...) \
+	CAAM_JR_DP_LOG(ERR, fmt, ## args)
+
+#endif /* _CAAM_JR_LOG_H_ */
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
new file mode 100644
index 000000000..3edd0a212
--- /dev/null
+++ b/drivers/crypto/caam_jr/meson.build
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: BSD-3-Clause
+# Copyright 2018 NXP
+
+if host_machine.system() != 'linux'
+        build = false
+endif
+
+deps += ['bus_vdev', 'bus_dpaa', 'security']
+sources = files('caam_jr.c')
+
+allow_experimental_apis = true
diff --git a/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
new file mode 100644
index 000000000..521e51f41
--- /dev/null
+++ b/drivers/crypto/caam_jr/rte_pmd_caam_jr_version.map
@@ -0,0 +1,4 @@
+DPDK_18.11 {
+
+	local: *;
+};
diff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build
index e9c491af6..bf1bd9286 100644
--- a/drivers/crypto/meson.build
+++ b/drivers/crypto/meson.build
@@ -1,8 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause
 # Copyright(c) 2017 Intel Corporation
 
-drivers = ['aesni_gcm', 'aesni_mb', 'ccp', 'dpaa_sec', 'dpaa2_sec', 'kasumi', 'mvsam',
-	'null', 'octeontx', 'openssl', 'qat', 'scheduler', 'virtio', 'zuc']
+drivers = ['aesni_gcm', 'aesni_mb', 'caam_jr', 'ccp', 'dpaa_sec', 'dpaa2_sec',
+	'kasumi', 'mvsam', 'null', 'octeontx', 'openssl', 'qat', 'scheduler',
+	'virtio', 'zuc']
 
 std_deps = ['cryptodev'] # cryptodev pulls in all other needed deps
 config_flag_fmt = 'RTE_LIBRTE_@0@_PMD'
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 02/15] crypto/caam_jr: add HW tuning options
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
                           ` (13 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr hardware can be tuned for multiple settings
like ring depth, coalescing, notification types, cache
size etc.

These parameter can be used for performance tuning
for various platforms.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr_config.h | 207 ++++++++++++++++++++++++
 1 file changed, 207 insertions(+)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_config.h

diff --git a/drivers/crypto/caam_jr/caam_jr_config.h b/drivers/crypto/caam_jr/caam_jr_config.h
new file mode 100644
index 000000000..041187a84
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_config.h
@@ -0,0 +1,207 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CONFIG_H
+#define CAAM_JR_CONFIG_H
+
+#include <rte_byteorder.h>
+
+#include <compat.h>
+
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+#define CAAM_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CAAM_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+#define CORE_BYTE_ORDER __BIG_ENDIAN
+#else
+#define CORE_BYTE_ORDER __LITTLE_ENDIAN
+#endif
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+
+#define cpu_to_caam64 rte_cpu_to_be_64
+#define cpu_to_caam32 rte_cpu_to_be_32
+#else
+#define cpu_to_caam64
+#define cpu_to_caam32
+
+#endif
+
+/*
+ * SEC is configured to start work in polling mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_POLLING_MODE     0
+/*
+ * SEC is configured to start work in interrupt mode,
+ * when configured for NAPI notification style.
+ */
+#define SEC_STARTUP_INTERRUPT_MODE   1
+
+/*
+ * SEC driver will use NAPI model to receive notifications
+ * for processed packets from SEC engine hardware:
+ * - IRQ for low traffic
+ * - polling for high traffic.
+ */
+#define SEC_NOTIFICATION_TYPE_NAPI  0
+/*
+ * SEC driver will use ONLY interrupts to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_IRQ   1
+/*
+ * SEC driver will use ONLY polling to receive notifications
+ * for processed packets from SEC engine hardware.
+ */
+#define SEC_NOTIFICATION_TYPE_POLL  2
+
+/*
+ * SEC USER SPACE DRIVER related configuration.
+ */
+
+/*
+ * Determines how SEC user space driver will receive notifications
+ * for processed packets from SEC engine.
+ * Valid values are: #SEC_NOTIFICATION_TYPE_POLL, #SEC_NOTIFICATION_TYPE_IRQ
+ * and #SEC_NOTIFICATION_TYPE_NAPI.
+ */
+#define SEC_NOTIFICATION_TYPE   SEC_NOTIFICATION_TYPE_POLL
+
+/* Maximum number of job rings supported by SEC hardware */
+#define MAX_SEC_JOB_RINGS         4
+
+/* Maximum number of QP per job ring */
+#define RTE_CAAM_MAX_NB_SEC_QPS    1
+
+/*
+ * Size of cryptographic context that is used directly in communicating
+ * with SEC device. SEC device works only with physical addresses. This
+ * is the maximum size for a SEC descriptor ( = 64 words).
+ */
+#define SEC_CRYPTO_DESCRIPTOR_SIZE  256
+
+/*
+ * Size of job descriptor submitted to SEC device for each packet to
+ * be processed.
+ * Job descriptor contains 3 DMA address pointers:
+ *	- to shared descriptor, to input buffer and to output buffer.
+ * The job descriptor contains other SEC specific commands as well:
+ *	- HEADER command, SEQ IN PTR command SEQ OUT PTR command and opaque data
+ *      each measuring 4 bytes.
+ * Job descriptor size, depending on physical address representation:
+ *	- 32 bit - size is 28 bytes - cacheline-aligned size is 64 bytes
+ *	- 36 bit - size is 40 bytes - cacheline-aligned size is 64 bytes
+ * @note: Job descriptor must be cacheline-aligned to ensure efficient
+ *	memory access.
+ * @note: If other format is used for job descriptor, then the size must be
+ *	revised.
+ */
+#define SEC_JOB_DESCRIPTOR_SIZE     64
+
+/*
+ * Size of one entry in the input ring of a job ring.
+ * Input ring contains pointers to job descriptors.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ */
+#define SEC_JOB_INPUT_RING_ENTRY_SIZE  sizeof(dma_addr_t)
+
+/*
+ * Size of one entry in the output ring of a job ring.
+ * Output ring entry is a pointer to a job descriptor followed by a 4 byte
+ * status word.
+ * The memory used for an input ring and output ring must be physically
+ * contiguous.
+ * @note If desired to use also the optional SEQ OUT indication in output ring
+ * entries,
+ * then 4 more bytes must be added to the size.
+ */
+#define SEC_JOB_OUTPUT_RING_ENTRY_SIZE  (SEC_JOB_INPUT_RING_ENTRY_SIZE + 4)
+
+/*
+ * DMA memory required for an input ring of a job ring.
+ */
+#define SEC_DMA_MEM_INPUT_RING_SIZE     ((SEC_JOB_INPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/*
+ * DMA memory required for an output ring of a job ring.
+ *  Required extra 4 byte for status word per each entry.
+ */
+#define SEC_DMA_MEM_OUTPUT_RING_SIZE    ((SEC_JOB_OUTPUT_RING_ENTRY_SIZE) * \
+					(SEC_JOB_RING_SIZE))
+
+/* DMA memory required for a job ring, including both input and output rings. */
+#define SEC_DMA_MEM_JOB_RING_SIZE       ((SEC_DMA_MEM_INPUT_RING_SIZE) + \
+					(SEC_DMA_MEM_OUTPUT_RING_SIZE))
+
+/*
+ * When calling sec_init() UA will provide an area of virtual memory
+ *  of size #SEC_DMA_MEMORY_SIZE to be  used internally by the driver
+ *  to allocate data (like SEC descriptors) that needs to be passed to
+ *  SEC device in physical addressing and later on retrieved from SEC device.
+ *  At initialization the UA provides specialized ptov/vtop functions/macros to
+ *  translate addresses allocated from this memory area.
+ */
+#define SEC_DMA_MEMORY_SIZE          ((SEC_DMA_MEM_JOB_RING_SIZE) * \
+					(MAX_SEC_JOB_RINGS))
+
+#define L1_CACHE_BYTES 64
+
+/* SEC JOB RING related configuration. */
+
+/*
+ * Configure the size of the JOB RING.
+ * The maximum size of the ring in hardware limited to 1024.
+ * However the number of packets in flight in a time interval of 1ms can
+ * be calculated from the traffic rate (Mbps) and packet size.
+ * Here it was considered a packet size of 64 bytes.
+ *
+ * @note Round up to nearest power of 2 for optimized update
+ * of producer/consumer indexes of each job ring
+ */
+#define SEC_JOB_RING_SIZE     512
+
+/*
+ * Interrupt coalescing related configuration.
+ * NOTE: SEC hardware enabled interrupt
+ * coalescing is not supported on SEC version 3.1!
+ * SEC version 4.4 has support for interrupt
+ * coalescing.
+ */
+
+#if SEC_NOTIFICATION_TYPE != SEC_NOTIFICATION_TYPE_POLL
+
+#define SEC_INT_COALESCING_ENABLE   1
+/*
+ * Interrupt Coalescing Descriptor Count Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines
+ * how many Descriptors are completed before raising an interrupt.
+ *
+ * Valid values for this field are from 0 to 255.
+ * Note that a value of 1 functionally defeats the advantages of interrupt
+ * coalescing since the threshold value is reached each time that a
+ * Job Descriptor is completed. A value of 0 is treated in the same
+ * manner as a value of 1.
+ */
+#define SEC_INTERRUPT_COALESCING_DESCRIPTOR_COUNT_THRESH  10
+
+/*
+ * Interrupt Coalescing Timer Threshold.
+ * While interrupt coalescing is enabled (ICEN=1), this value determines the
+ * maximum amount of time after processing a Descriptor before raising an
+ * interrupt.
+ * The threshold value is represented in units equal to 64 CAAM interface
+ * clocks. Valid values for this field are from 1 to 65535.
+ * A value of 0 results in behavior identical to that when interrupt
+ * coalescing is disabled.
+ */
+#define SEC_INTERRUPT_COALESCING_TIMER_THRESH  100
+#endif /* SEC_NOTIFICATION_TYPE_POLL */
+
+#endif /* CAAM_JR_CONFIG_H */
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 03/15] crypto/caam_jr: add routines to configure HW
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
                           ` (12 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add routines for configuring the hw
to support various features.
These routines will be used by the PMD ops.
The patch also defines structure and macros used
to access hw capabilities.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile              |   5 +
 drivers/crypto/caam_jr/caam_jr_hw.c          | 378 ++++++++++++++
 drivers/crypto/caam_jr/caam_jr_hw_specific.h | 503 +++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_pvt.h         | 285 +++++++++++
 drivers/crypto/caam_jr/meson.build           |   5 +-
 5 files changed, 1175 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_hw_specific.h
 create mode 100644 drivers/crypto/caam_jr/caam_jr_pvt.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index b1f3ecee7..e22943749 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -16,7 +16,10 @@ CFLAGS += -D _GNU_SOURCE
 CFLAGS += -O3
 CFLAGS += $(WERROR_FLAGS)
 
+CFLAGS += -I$(RTE_SDK)/drivers/bus/dpaa/include
 CFLAGS += -I$(RTE_SDK)/drivers/crypto/caam_jr
+#sharing the hw flib headers from dpaa2_sec pmd
+CFLAGS += -I$(RTE_SDK)/drivers/crypto/dpaa2_sec/
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/common/include
 CFLAGS += -I$(RTE_SDK)/lib/librte_eal/linuxapp/eal
 
@@ -28,10 +31,12 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
 LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_bus_dpaa
 LDLIBS += -lrte_bus_vdev
 
 include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
new file mode 100644
index 000000000..b4d486633
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -0,0 +1,378 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <inttypes.h>
+#include <rte_common.h>
+#include <rte_memory.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Used to retry resetting a job ring in SEC hardware. */
+#define SEC_TIMEOUT 100000
+
+/* @brief Process Jump Halt Condition related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_cond_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x, Condition: 0x%x",
+			error_code.error_desc.jmp_halt_cond_src.jmp,
+			error_code.error_desc.jmp_halt_cond_src.desc_idx,
+			error_code.error_desc.jmp_halt_cond_src.cond);
+	(void)error_code;
+}
+
+/* @brief Process DECO related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_deco_err(union hw_error_code error_code)
+{
+	CAAM_JR_DEBUG("JMP: %d, Descriptor Index: 0x%x",
+			error_code.error_desc.deco_src.jmp,
+			error_code.error_desc.deco_src.desc_idx);
+
+	switch (error_code.error_desc.deco_src.desc_err) {
+	case SEC_HW_ERR_DECO_HFN_THRESHOLD:
+		CAAM_JR_DEBUG(" Warning: Descriptor completed normally,"
+			"but 3GPP HFN matches or exceeds the Threshold ");
+		break;
+	default:
+		CAAM_JR_DEBUG("Error 0x%04x not implemented",
+				error_code.error_desc.deco_src.desc_err);
+		break;
+	}
+}
+
+/* @brief Process  Jump Halt User Status related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jmp_halt_user_err(union hw_error_code error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process CCB related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_ccb_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+/* @brief Process Job Ring related errors
+ *
+ * @param [in]  error_code        The error code in the descriptor status word
+ */
+static inline void
+hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
+{
+	CAAM_JR_DEBUG(" Not implemented");
+}
+
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
+{
+	return 0;
+}
+
+int
+hw_reset_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	ASSERT(job_ring->register_base_addr != NULL);
+
+	/* First reset the job ring in hw */
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret, "Failed resetting job ring in hardware");
+
+	/* In order to have the HW JR in a workable state
+	 * after a reset, I need to re-write the input
+	 * queue size, input start address, output queue
+	 * size and output start address
+	 */
+	/* Write the JR input queue size to the HW register */
+	hw_set_input_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR output queue size to the HW register */
+	hw_set_output_ring_size(job_ring, SEC_JOB_RING_SIZE);
+
+	/* Write the JR input queue start address */
+	hw_set_input_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->input_ring));
+	CAAM_JR_DEBUG(" Set input ring base address to : Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->input_ring,
+		      caam_jr_dma_vtop(job_ring->input_ring),
+		      hw_get_inp_queue_base(job_ring));
+
+	/* Write the JR output queue start address */
+	hw_set_output_ring_start_addr(job_ring,
+			caam_jr_dma_vtop(job_ring->output_ring));
+	CAAM_JR_DEBUG(" Set output ring base address to: Virtual: 0x%" PRIx64
+		      ",Physical: 0x%" PRIx64 ", Read from HW: 0x%" PRIx64,
+		      (uint64_t)(uintptr_t)job_ring->output_ring,
+		      caam_jr_dma_vtop(job_ring->output_ring),
+		      hw_get_out_queue_base(job_ring));
+	return ret;
+}
+
+int
+hw_shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	unsigned int timeout = SEC_TIMEOUT;
+	uint32_t tmp = 0;
+	int usleep_interval = 10;
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return 0;
+	}
+
+	CAAM_JR_INFO("Resetting Job ring %p", job_ring);
+
+	/*
+	 * Mask interrupts since we are going to poll
+	 * for reset completion status
+	 * Also, at POR, interrupts are ENABLED on a JR, thus
+	 * this is the point where I can disable them without
+	 * changing the code logic too much
+	 */
+	caam_jr_disable_irqs(job_ring->irq_fd);
+
+	/* initiate flush (required prior to reset) */
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	/* dummy read */
+	tmp = GET_JR_REG(JRCR, job_ring);
+
+	do {
+		tmp = GET_JR_REG(JRINT, job_ring);
+		usleep(usleep_interval);
+	} while (((tmp & JRINT_ERR_HALT_MASK) ==
+			JRINT_ERR_HALT_INPROGRESS) && --timeout);
+
+	CAAM_JR_INFO("JRINT is %x", tmp);
+	if ((tmp & JRINT_ERR_HALT_MASK) != JRINT_ERR_HALT_COMPLETE ||
+		timeout == 0) {
+		CAAM_JR_ERR("0x%x, %d", tmp, timeout);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+
+	/* Initiate reset */
+	timeout = SEC_TIMEOUT;
+	SET_JR_REG(JRCR, job_ring, JR_REG_JRCR_VAL_RESET);
+
+	do {
+		tmp = GET_JR_REG(JRCR, job_ring);
+		usleep(usleep_interval);
+	} while ((tmp & JR_REG_JRCR_VAL_RESET) && --timeout);
+
+	CAAM_JR_DEBUG("JRCR is %x", tmp);
+	if (timeout == 0) {
+		CAAM_JR_ERR("Failed to reset hw job ring %p", job_ring);
+		/* unmask interrupts */
+		if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+			caam_jr_enable_irqs(job_ring->irq_fd);
+		return -1;
+	}
+	/* unmask interrupts */
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL)
+		caam_jr_enable_irqs(job_ring->irq_fd);
+	return 0;
+
+}
+
+void
+hw_handle_job_ring_error(struct sec_job_ring_t *job_ring __rte_unused,
+			 uint32_t error_code)
+{
+	union hw_error_code hw_err_code;
+
+	hw_err_code.error = error_code;
+	switch (hw_err_code.error_desc.value.ssrc) {
+	case SEC_HW_ERR_SSRC_NO_SRC:
+		ASSERT(hw_err_code.error_desc.no_status_src.res == 0);
+		CAAM_JR_ERR("No Status Source ");
+		break;
+	case SEC_HW_ERR_SSRC_CCB_ERR:
+		CAAM_JR_ERR("CCB Status Source");
+		hw_handle_ccb_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_U:
+		CAAM_JR_ERR("Jump Halt User Status Source");
+		hw_handle_jmp_halt_user_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_DECO:
+		CAAM_JR_ERR("DECO Status Source");
+		hw_handle_deco_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JR:
+		CAAM_JR_ERR("Job Ring Status Source");
+		hw_handle_jr_err(hw_err_code);
+		break;
+	case SEC_HW_ERR_SSRC_JMP_HALT_COND:
+		CAAM_JR_ERR("Jump Halt Condition Codes");
+		hw_handle_jmp_halt_cond_err(hw_err_code);
+		break;
+	default:
+		ASSERT(0);
+		CAAM_JR_ERR("Unknown SSRC");
+		break;
+	}
+}
+
+void
+hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code)
+{
+	switch (code) {
+	case JRINT_ERR_WRITE_STATUS:
+		CAAM_JR_ERR("Error writing status to Output Ring ");
+		break;
+	case JRINT_ERR_BAD_INPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Input Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_BAD_OUTPUT_BASE:
+		CAAM_JR_ERR(
+		"Bad Output Ring Base (%p) (not on a 4-byte boundary) ",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_WRITE_2_IRBA:
+		CAAM_JR_ERR(
+		"Invalid write to Input Ring Base Address Register ");
+		break;
+	case JRINT_ERR_WRITE_2_ORBA:
+		CAAM_JR_ERR(
+		"Invalid write to Output Ring Base Address Register ");
+		break;
+	case JRINT_ERR_RES_B4_HALT:
+		CAAM_JR_ERR(
+		"Job Ring [%p] released before Job Ring is halted",
+		(void *)job_ring);
+		break;
+	case JRINT_ERR_REM_TOO_MANY:
+		CAAM_JR_ERR("Removed too many jobs from job ring [%p]",
+			(void *)job_ring);
+		break;
+	case JRINT_ERR_ADD_TOO_MANY:
+		CAAM_JR_ERR("Added too many jobs on job ring [%p]", job_ring);
+		break;
+	default:
+		CAAM_JR_ERR(" Unknown SEC JR Error :%d",
+				code);
+		break;
+	}
+}
+
+int
+hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				 uint16_t irq_coalescing_timer,
+				 uint8_t irq_coalescing_count)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+	/* Set descriptor count coalescing */
+	reg_val |= (irq_coalescing_count << JR_REG_JRCFG_LO_ICDCT_SHIFT);
+
+	/* Set coalescing timer value */
+	reg_val |= (irq_coalescing_timer << JR_REG_JRCFG_LO_ICTT_SHIFT);
+
+	/* Update parameters in HW */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Set coalescing params on jr %p timer:%d, desc count: %d",
+			job_ring, irq_coalescing_timer, irq_coalescing_timer);
+
+	return 0;
+}
+
+int
+hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Enable coalescing */
+	reg_val |= JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+
+	CAAM_JR_DEBUG("Enabled coalescing on jr %p ",
+			job_ring);
+
+	return 0;
+}
+
+int
+hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring)
+{
+	uint32_t reg_val = 0;
+
+	ASSERT(job_ring != NULL);
+
+	if (job_ring->register_base_addr == NULL) {
+		CAAM_JR_ERR("Jr[%p] has reg base addr as NULL.driver not init",
+			job_ring);
+		return -1;
+	}
+
+	/* Get the current value of the register */
+	reg_val = GET_JR_REG_LO(JRCFG, job_ring);
+
+	/* Disable coalescing */
+	reg_val &= ~JR_REG_JRCFG_LO_ICEN_EN;
+
+	/* Write in hw */
+	SET_JR_REG_LO(JRCFG, job_ring, reg_val);
+	CAAM_JR_DEBUG("Disabled coalescing on jr %p ", job_ring);
+
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_hw_specific.h b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
new file mode 100644
index 000000000..5f58a585d
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_hw_specific.h
@@ -0,0 +1,503 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017 NXP
+ */
+
+#ifndef CAAM_JR_HW_SPECIFIC_H
+#define CAAM_JR_HW_SPECIFIC_H
+
+#include <caam_jr_config.h>
+
+/*
+ * Offset to the registers of a job ring.
+ * Is different for each job ring.
+ */
+#define CHAN_BASE(jr)   ((size_t)(jr)->register_base_addr)
+
+#define SEC_JOB_RING_IS_FULL(pi, ci, ring_max_size, ring_threshold) \
+		((((pi) + 1 + ((ring_max_size) - (ring_threshold))) & \
+		  (ring_max_size - 1))  == ((ci)))
+
+#define SEC_CIRCULAR_COUNTER(x, max)   (((x) + 1) & (max - 1))
+
+/*
+ * Assert that cond is true. If !cond is true, display str and the vararg list
+ * in a printf-like syntax. also, if !cond is true, return altRet.
+ *
+ * \param cond          A boolean expression to be asserted true
+ * \param altRet        The value to be returned if cond doesn't hold true
+ * \param str           A quoted char string
+ *
+ * E.g.:
+ *      SEC_ASSERT(ret > 0, 0, "ERROR initializing app: code = %d\n", ret);
+ */
+#define SEC_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define SEC_DP_ASSERT(cond, altRet, ...) do {\
+	if (unlikely(!(cond))) {\
+		CAAM_JR_DP_ERR(__VA_ARGS__); \
+		return altRet; \
+	} \
+} while (0)
+
+#define ASSERT(x)
+
+/*
+ * Constants representing various job ring registers
+ */
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_IRBA_OFFSET		0x0000
+#define JR_REG_IRBA_OFFSET_LO		0x0004
+#else
+#define JR_REG_IRBA_OFFSET		0x0004
+#define JR_REG_IRBA_OFFSET_LO		0x0000
+#endif
+
+#define JR_REG_IRSR_OFFSET		0x000C
+#define JR_REG_IRSA_OFFSET		0x0014
+#define JR_REG_IRJA_OFFSET		0x001C
+
+#if CAAM_BYTE_ORDER == __BIG_ENDIAN
+#define JR_REG_ORBA_OFFSET		0x0020
+#define JR_REG_ORBA_OFFSET_LO		0x0024
+#else
+#define JR_REG_ORBA_OFFSET		0x0024
+#define JR_REG_ORBA_OFFSET_LO		0x0020
+#endif
+
+#define JR_REG_ORSR_OFFSET		0x002C
+#define JR_REG_ORJR_OFFSET		0x0034
+#define JR_REG_ORSFR_OFFSET		0x003C
+#define JR_REG_JROSR_OFFSET		0x0044
+#define JR_REG_JRINT_OFFSET		0x004C
+
+#define JR_REG_JRCFG_OFFSET		0x0050
+#define JR_REG_JRCFG_OFFSET_LO		0x0054
+
+#define JR_REG_IRRI_OFFSET		0x005C
+#define JR_REG_ORWI_OFFSET		0x0064
+#define JR_REG_JRCR_OFFSET		0x006C
+
+/*
+ * Constants for error handling on job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_SHIFT	8
+#define JR_REG_JRINT_ERR_ORWI_SHIFT	16
+#define JR_REG_JRINIT_JRE_SHIFT		1
+
+#define JRINT_JRE			(1 << JR_REG_JRINIT_JRE_SHIFT)
+#define JRINT_ERR_WRITE_STATUS		(1 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_INPUT_BASE	(3 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_BAD_OUTPUT_BASE	(4 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_IRBA		(5 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_WRITE_2_ORBA		(6 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_RES_B4_HALT		(7 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_REM_TOO_MANY		(8 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_ADD_TOO_MANY		(9 << JR_REG_JRINT_ERR_TYPE_SHIFT)
+#define JRINT_ERR_HALT_MASK		0x0C
+#define JRINT_ERR_HALT_INPROGRESS	0x04
+#define JRINT_ERR_HALT_COMPLETE		0x08
+
+#define JR_REG_JRCR_VAL_RESET		0x00000001
+
+#define JR_REG_JRCFG_LO_ICTT_SHIFT	0x10
+#define JR_REG_JRCFG_LO_ICDCT_SHIFT	0x08
+#define JR_REG_JRCFG_LO_ICEN_EN		0x02
+
+/*
+ * Constants for Descriptor Processing errors
+ */
+#define SEC_HW_ERR_SSRC_NO_SRC		0x00
+#define SEC_HW_ERR_SSRC_CCB_ERR		0x02
+#define SEC_HW_ERR_SSRC_JMP_HALT_U	0x03
+#define SEC_HW_ERR_SSRC_DECO		0x04
+#define SEC_HW_ERR_SSRC_JR		0x06
+#define SEC_HW_ERR_SSRC_JMP_HALT_COND   0x07
+
+#define SEC_HW_ERR_DECO_HFN_THRESHOLD   0xF1
+#define SEC_HW_ERR_CCB_ICV_CHECK_FAIL   0x0A
+
+/*
+ * Constants for descriptors
+ */
+/* Return higher 32 bits of physical address */
+#define PHYS_ADDR_HI(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) >> 32)
+
+/* Return lower 32 bits of physical address */
+#define PHYS_ADDR_LO(phys_addr) \
+	    (uint32_t)(((uint64_t)phys_addr) & 0xFFFFFFFF)
+
+/*
+ * Macros for extracting error codes for the job ring
+ */
+#define JR_REG_JRINT_ERR_TYPE_EXTRACT(value)      ((value) & 0x00000F00)
+#define JR_REG_JRINT_ERR_ORWI_EXTRACT(value)     \
+	(((value) & 0x3FFF0000) >> JR_REG_JRINT_ERR_ORWI_SHIFT)
+#define JR_REG_JRINT_JRE_EXTRACT(value)	   ((value) & JRINT_JRE)
+
+/*
+ * Macros for managing the job ring
+ */
+/* Read pointer to job ring input ring start address */
+#if defined(RTE_ARCH_ARM64)
+#define hw_get_inp_queue_base(jr) ((((dma_addr_t)GET_JR_REG(IRBA, \
+				      (jr))) << 32) | \
+				      (GET_JR_REG_LO(IRBA, (jr))))
+
+/* Read pointer to job ring output ring start address */
+#define hw_get_out_queue_base(jr) (((dma_addr_t)(GET_JR_REG(ORBA, \
+				     (jr))) << 32) | \
+				     (GET_JR_REG_LO(ORBA, (jr))))
+#else
+#define hw_get_inp_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(IRBA, (jr))))
+
+#define hw_get_out_queue_base(jr)   ((dma_addr_t)(GET_JR_REG_LO(ORBA, (jr))))
+#endif
+
+/*
+ * IRJA - Input Ring Jobs Added Register shows
+ * how many new jobs were added to the Input Ring.
+ */
+#define hw_enqueue_desc_on_job_ring(job_ring) SET_JR_REG(IRJA, (job_ring), 1)
+
+#define hw_set_input_ring_size(job_ring, size) SET_JR_REG(IRSR, job_ring, \
+							 (size))
+
+#define hw_set_output_ring_size(job_ring, size) SET_JR_REG(ORSR, job_ring, \
+							  (size))
+
+#if defined(RTE_ARCH_ARM64)
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, PHYS_ADDR_HI(start_addr));	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#else
+#define hw_set_input_ring_start_addr(job_ring, start_addr)	\
+{								\
+	SET_JR_REG(IRBA, job_ring, 0);	\
+	SET_JR_REG_LO(IRBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+
+#define hw_set_output_ring_start_addr(job_ring, start_addr) \
+{								\
+	SET_JR_REG(ORBA, job_ring, 0);	\
+	SET_JR_REG_LO(ORBA, job_ring, PHYS_ADDR_LO(start_addr));\
+}
+#endif
+
+/* ORJR - Output Ring Jobs Removed Register shows how many jobs were
+ * removed from the Output Ring for processing by software. This is done after
+ * the software has processed the entries.
+ */
+#define hw_remove_entries(jr, no_entries) SET_JR_REG(ORJR, (jr), (no_entries))
+
+/* IRSA - Input Ring Slots Available register holds the number of entries in
+ * the Job Ring's input ring. Once a job is enqueued, the value returned is
+ * decremented by the hardware by the number of jobs enqueued.
+ */
+#define hw_get_available_slots(jr)		GET_JR_REG(IRSA, jr)
+
+/* ORSFR - Output Ring Slots Full register holds the number of jobs which were
+ * processed by the SEC and can be retrieved by the software. Once a job has
+ * been processed by software, the user will call hw_remove_one_entry in order
+ * to notify the SEC that the entry was processed.
+ */
+#define hw_get_no_finished_jobs(jr)		GET_JR_REG(ORSFR, jr)
+
+/*
+ * Macros for manipulating JR registers
+ */
+#if CORE_BYTE_ORDER == CAAM_BYTE_ORDER
+#define sec_read_32(addr)	(*(volatile unsigned int *)(addr))
+#define sec_write_32(addr, val)	(*(volatile unsigned int *)(addr) = (val))
+
+#else
+#define sec_read_32(addr)	rte_bswap32((*(volatile unsigned int *)(addr)))
+#define sec_write_32(addr, val) \
+			(*(volatile unsigned int *)(addr) = rte_bswap32(val))
+#endif
+
+#if CAAM_BYTE_ORDER == __LITTLE_ENDIAN
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr) + 1) << 32) | \
+				(sec_read_32((u32 *)(addr))))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr) + 1, (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr), (u32)(val));		\
+}
+#else /* CAAM_BYTE_ORDER == __BIG_ENDIAN */
+#define sec_read_64(addr)	(((u64)sec_read_32((u32 *)(addr)) << 32) | \
+				(sec_read_32((u32 *)(addr) + 1)))
+
+#define sec_write_64(addr, val) {				\
+	sec_write_32((u32 *)(addr), (u32)((val) >> 32));	\
+	sec_write_32((u32 *)(addr) + 1, (u32)(val));		\
+}
+#endif
+
+#if defined(RTE_ARCH_ARM64)
+#define sec_read_addr(a)	sec_read_64((a))
+#define sec_write_addr(a, v)	sec_write_64((a), (v))
+#else
+#define sec_read_addr(a)	sec_read_32((a))
+#define sec_write_addr(a, v)	sec_write_32((a), (v))
+#endif
+
+#define JR_REG(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET)
+#define JR_REG_LO(name, jr)	(CHAN_BASE(jr) + JR_REG_##name##_OFFSET_LO)
+
+#define GET_JR_REG(name, jr)	(sec_read_32(JR_REG(name, (jr))))
+#define GET_JR_REG_LO(name, jr)	(sec_read_32(JR_REG_LO(name, (jr))))
+
+#define SET_JR_REG(name, jr, value) \
+				(sec_write_32(JR_REG(name, (jr)), value))
+#define SET_JR_REG_LO(name, jr, value) \
+				(sec_write_32(JR_REG_LO(name, (jr)), value))
+
+/* Lists the possible states for a job ring. */
+typedef enum sec_job_ring_state_e {
+	SEC_JOB_RING_STATE_STARTED,	/* Job ring is initialized */
+	SEC_JOB_RING_STATE_RESET,	/* Job ring reset is in progress */
+} sec_job_ring_state_t;
+
+/* code or cmd block to caam */
+struct sec_cdb {
+	struct {
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				uint16_t rsvd63_48;
+				unsigned int rsvd47_39:9;
+				unsigned int idlen:7;
+#else
+				unsigned int idlen:7;
+				unsigned int rsvd47_39:9;
+				uint16_t rsvd63_48;
+#endif
+			} field;
+		} __rte_packed hi;
+
+		union {
+			uint32_t word;
+			struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+				unsigned int rsvd31_30:2;
+				unsigned int fsgt:1;
+				unsigned int lng:1;
+				unsigned int offset:2;
+				unsigned int abs:1;
+				unsigned int add_buf:1;
+				uint8_t pool_id;
+				uint16_t pool_buffer_size;
+#else
+				uint16_t pool_buffer_size;
+				uint8_t pool_id;
+				unsigned int add_buf:1;
+				unsigned int abs:1;
+				unsigned int offset:2;
+				unsigned int lng:1;
+				unsigned int fsgt:1;
+				unsigned int rsvd31_30:2;
+#endif
+			} field;
+		} __rte_packed lo;
+	} __rte_packed sh_hdr;
+
+	uint32_t sh_desc[SEC_JOB_DESCRIPTOR_SIZE];
+};
+
+struct caam_jr_qp {
+	struct sec_job_ring_t *ring;
+	uint64_t rx_pkts;
+	uint64_t rx_errs;
+	uint64_t rx_poll_err;
+	uint64_t tx_pkts;
+	uint64_t tx_errs;
+	uint64_t tx_ring_full;
+};
+
+struct sec_job_ring_t {
+	/* TODO: Add wrapper macro to make it obvious this is the consumer index
+	 * on the output ring
+	 */
+	uint32_t cidx;		/* Consumer index for job ring (jobs array).
+				 * @note: cidx and pidx are accessed from
+				 * different threads. Place the cidx and pidx
+				 * inside the structure so that they lay on
+				 * different cachelines, to avoid false sharing
+				 * between threads when the threads run on
+				 * different cores!
+				 */
+	/* TODO: Add wrapper macro to make it obvious this is the producer index
+	 * on the input ring
+	 */
+	uint32_t pidx;		/* Producer index for job ring (jobs array) */
+
+	phys_addr_t *input_ring;/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	struct sec_outring_entry *output_ring;
+				/* Ring of output descriptors received from SEC.
+				 * Size of array is power of 2 to allow fast
+				 * update of producer/consumer indexes with
+				 * bitwise operations.
+				 */
+
+	uint32_t irq_fd;	/* The file descriptor used for polling from
+				 * user space for interrupts notifications
+				 */
+	uint32_t jr_mode;	/* Model used by SEC Driver to receive
+				 * notifications from SEC.  Can be either
+				 * of the three: #SEC_NOTIFICATION_TYPE_NAPI
+				 * #SEC_NOTIFICATION_TYPE_IRQ or
+				 * #SEC_NOTIFICATION_TYPE_POLL
+				 */
+	uint32_t napi_mode;	/* Job ring mode if NAPI mode is chosen
+				 * Used only when jr_mode is set to
+				 * #SEC_NOTIFICATION_TYPE_NAPI
+				 */
+	void *register_base_addr;	/* Base address for SEC's
+					 * register memory for this job ring.
+					 */
+	uint8_t coalescing_en;		/* notifies if coelescing is
+					 * enabled for the job ring
+					 */
+	sec_job_ring_state_t jr_state;	/* The state of this job ring */
+
+	struct rte_mempool *ctx_pool;   /* per dev mempool for caam_jr_op_ctx */
+	unsigned int max_nb_queue_pairs;
+	unsigned int max_nb_sessions;
+	struct caam_jr_qp qps[RTE_CAAM_MAX_NB_SEC_QPS]; /* i/o queue for sec */
+};
+
+/* Union describing the possible error codes that
+ * can be set in the descriptor status word
+ */
+union hw_error_code {
+	uint32_t error;
+	union {
+		struct {
+			uint32_t ssrc:4;
+			uint32_t ssed_val:28;
+		} __rte_packed value;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:28;
+		} __rte_packed no_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cha_id:4;
+			uint32_t err_id:4;
+		} __rte_packed ccb_status_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t offset:8;
+		} __rte_packed jmp_halt_user_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t desc_err:8;
+		} __rte_packed deco_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t res:17;
+			uint32_t naddr:3;
+			uint32_t desc_err:8;
+		} __rte_packed jr_src;
+		struct {
+			uint32_t ssrc:4;
+			uint32_t jmp:1;
+			uint32_t res:11;
+			uint32_t desc_idx:8;
+			uint32_t cond:8;
+		} __rte_packed jmp_halt_cond_src;
+	} __rte_packed error_desc;
+} __rte_packed;
+
+/* @brief Initialize a job ring/channel in SEC device.
+ * Write configuration register/s to properly initialize a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval other for error
+ */
+int hw_reset_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Reset a job ring/channel in SEC device.
+ * Write configuration register/s to reset a job ring.
+ *
+ * @param [in] job_ring     The job ring
+ *
+ * @retval 0 for success
+ * @retval -1 in case job ring reset failed
+ */
+int hw_shutdown_job_ring(struct sec_job_ring_t *job_ring);
+
+/* @brief Handle a job ring/channel error in SEC device.
+ * Identify the error type and clear error bits if required.
+ *
+ * @param [in]  job_ring	The job ring
+ * @param [in]  sec_error_code  The job ring's error code
+ */
+void hw_handle_job_ring_error(struct sec_job_ring_t *job_ring,
+			      uint32_t sec_error_code);
+
+/* @brief Handle a job ring error in the device.
+ * Identify the error type and printout a explanatory
+ * messages.
+ *
+ * @param [in]  job_ring	The job ring
+ *
+ */
+void hw_job_ring_error_print(struct sec_job_ring_t *job_ring, int code);
+
+/* @brief Set interrupt coalescing parameters on the Job Ring.
+ * @param [in]  job_ring		The job ring
+ * @param [in]  irq_coalesing_timer     Interrupt coalescing timer threshold.
+ *					This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in]  irq_coalescing_count    Interrupt coalescing descriptor count
+ *					threshold.
+ */
+int hw_job_ring_set_coalescing_param(struct sec_job_ring_t *job_ring,
+				     uint16_t irq_coalescing_timer,
+				     uint8_t irq_coalescing_count);
+
+/* @brief Enable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_enable_coalescing(struct sec_job_ring_t *job_ring);
+
+/* @brief Disable interrupt coalescing on a job ring
+ * @param [in]  job_ring		The job ring
+ */
+int hw_job_ring_disable_coalescing(struct sec_job_ring_t *job_ring);
+
+#endif /* CAAM_JR_HW_SPECIFIC_H */
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
new file mode 100644
index 000000000..333a192d9
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_PVT_H
+#define CAAM_JR_PVT_H
+
+/* NXP CAAM JR PMD device name */
+
+#define CAAM_JR_ALG_UNSUPPORT	(-1)
+
+/* Minimum job descriptor consists of a oneword job descriptor HEADER and
+ * a pointer to the shared descriptor.
+ */
+#define MIN_JOB_DESC_SIZE	(CAAM_CMD_SZ + CAAM_PTR_SZ)
+#define CAAM_JOB_DESC_SIZE	13
+
+/* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
+#define CTX_POOL_NUM_BUFS	32000
+#define CTX_POOL_CACHE_SIZE	512
+
+#define DIR_ENC                 1
+#define DIR_DEC                 0
+
+#define JR_MAX_NB_MAX_DIGEST	32
+
+#define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
+
+
+/* Return codes for SEC user space driver APIs */
+enum sec_return_code_e {
+	SEC_SUCCESS = 0,	       /* Operation executed successfully.*/
+	SEC_INVALID_INPUT_PARAM,       /* API received an invalid input
+					* parameter
+					*/
+	SEC_OUT_OF_MEMORY,	       /* Memory allocation failed. */
+	SEC_DESCRIPTOR_IN_FLIGHT,      /* API function indicates there are
+					* descriptors in flight
+					* for SEC to process.
+					*/
+	SEC_LAST_DESCRIPTOR_IN_FLIGHT, /* API function indicates there is one
+					* last descriptor in flight
+					* for SEC to process that.
+					*/
+	SEC_PROCESSING_ERROR,	       /* Indicates a SEC processing error
+					* occurred on a Job Ring which requires
+					* a SEC user space driver shutdown. Can
+					* be returned from sec_poll_job_ring().
+					* Then the only other API that can be
+					* called after this error is
+					* sec_release().
+					*/
+	SEC_DESC_PROCESSING_ERROR,     /* Indicates a SEC descriptor processing
+					* error occurred on a Job Ring. Can be
+					* returned from sec_poll_job_ring().
+					* The driver was able to reset job ring
+					* and job ring can be used like in a
+					* normal case.
+					*/
+	SEC_JR_IS_FULL,			/* Job Ring is full. There is no more
+					 * room in the JR for new descriptors.
+					 * This can happen if the descriptor RX
+					 * rate is higher than SEC's capacity.
+					 */
+	SEC_DRIVER_RELEASE_IN_PROGRESS, /* SEC driver shutdown is in progress,
+					 * descriptors processing or polling is
+					 * allowed.
+					 */
+	SEC_DRIVER_ALREADY_INITIALIZED, /* SEC driver is already initialized.*/
+	SEC_DRIVER_NOT_INITIALIZED,	/* SEC driver is NOT initialized. */
+	SEC_JOB_RING_RESET_IN_PROGRESS, /* Job ring is resetting due to a
+					 * per-descriptor SEC processing error
+					 * ::SEC_desc_PROCESSING_ERROR. Reset is
+					 * finished when sec_poll_job_ring()
+					 * return. Then the job ring can be used
+					 * again.
+					 */
+	SEC_RESET_ENGINE_FAILED,	/* Resetting of SEC Engine by SEC Kernel
+					 * Driver Failed
+					 */
+	SEC_ENABLE_IRQS_FAILED,		/* Enabling of IRQs in SEC Kernel Driver
+					 * Failed
+					 */
+	SEC_DISABLE_IRQS_FAILED,	/* Disabling of IRQs in SEC Kernel
+					 * Driver Failed
+					 */
+	/* END OF VALID VALUES */
+
+	SEC_RETURN_CODE_MAX_VALUE,	/* Invalid value for return code. It is
+					 * used to mark the end of the return
+					 * code values. @note ALL new return
+					 * code values MUST be added before
+					 * ::SEC_RETURN_CODE_MAX_VALUE!
+					 */
+};
+
+enum caam_jr_op_type {
+	CAAM_JR_NONE,  /* No Cipher operations*/
+	CAAM_JR_CIPHER,/* CIPHER operations */
+	CAAM_JR_AUTH,  /* Authentication Operations */
+	CAAM_JR_AEAD,  /* Authenticated Encryption with associated data */
+	CAAM_JR_IPSEC, /* IPSEC protocol operations*/
+	CAAM_JR_PDCP,  /* PDCP protocol operations*/
+	CAAM_JR_PKC,   /* Public Key Cryptographic Operations */
+	CAAM_JR_MAX
+};
+
+struct caam_jr_session {
+	uint8_t dir;         /* Operation Direction */
+	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
+	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
+	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+	union {
+		struct {
+			uint8_t *data;	/* pointer to key data */
+			size_t length;	/* key length in bytes */
+		} aead_key;
+		struct {
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} cipher_key;
+			struct {
+				uint8_t *data;	/* pointer to key data */
+				size_t length;	/* key length in bytes */
+			} auth_key;
+		};
+	};
+	struct {
+		uint16_t length;
+		uint16_t offset;
+	} iv;	/* Initialisation vector parameters */
+	uint16_t auth_only_len; /* Length of data for Auth only */
+	uint32_t digest_length;
+	struct caam_jr_qp *qp;
+	struct sec_cdb *cdb;	/* cmd block associated with qp */
+	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
+};
+
+/*
+ * 16-byte hardware scatter/gather table
+ */
+
+#define SEC4_SG_LEN_EXT		0x80000000	/* Entry points to table */
+#define SEC4_SG_LEN_FIN		0x40000000	/* Last ent in table */
+#define SEC4_SG_BPID_MASK	0x000000ff
+#define SEC4_SG_BPID_SHIFT	16
+#define SEC4_SG_LEN_MASK	0x3fffffff	/* Excludes EXT and FINAL */
+#define SEC4_SG_OFFSET_MASK	0x00001fff
+
+struct sec4_sg_entry {
+	uint64_t ptr;
+	uint32_t len;
+	uint32_t bpid_offset;
+};
+
+#define MAX_SG_ENTRIES		16
+#define SG_CACHELINE_0		0
+#define SG_CACHELINE_1		4
+#define SG_CACHELINE_2		8
+#define SG_CACHELINE_3		12
+
+/* Structure encompassing a job descriptor which is to be processed
+ * by SEC. User should also initialise this structure with the callback
+ * function pointer which will be called by driver after recieving proccessed
+ * descriptor from SEC. User data is also passed in this data structure which
+ * will be sent as an argument to the user callback function.
+ */
+struct job_descriptor {
+	uint32_t desc[CAAM_JOB_DESC_SIZE];
+};
+
+struct caam_jr_op_ctx {
+	struct job_descriptor jobdes;
+	/* sg[0] output, sg[1] input, others are possible sub frames */
+	struct sec4_sg_entry sg[MAX_SG_ENTRIES];
+	struct rte_crypto_op *op;
+	struct rte_mempool *ctx_pool; /* mempool pointer for caam_jr_op_ctx */
+	int64_t vtop_offset;
+	uint8_t digest[JR_MAX_NB_MAX_DIGEST];
+};
+
+/**
+ * Checksum
+ *
+ * @param buffer calculate chksum for buffer
+ * @param len    buffer length
+ *
+ * @return checksum value in host cpu order
+ */
+static inline uint16_t
+calc_chksum(void *buffer, int len)
+{
+	uint16_t *buf = (uint16_t *)buffer;
+	uint32_t sum = 0;
+	uint16_t result;
+
+	for (sum = 0; len > 1; len -= 2)
+		sum += *buf++;
+
+	if (len == 1)
+		sum += *(unsigned char *)buf;
+
+	sum = (sum >> 16) + (sum & 0xFFFF);
+	sum += (sum >> 16);
+	result = ~sum;
+
+	return  result;
+}
+struct uio_job_ring {
+	uint32_t jr_id;
+	uint32_t uio_fd;
+	void *register_base_addr;
+	int map_size;
+	int uio_minor_number;
+};
+
+int sec_cleanup(void);
+int sec_configure(void);
+struct uio_job_ring *config_job_ring(void);
+void free_job_ring(uint32_t uio_fd);
+
+/* For Dma memory allocation of specified length and alignment */
+static inline void *
+caam_jr_dma_mem_alloc(size_t align, size_t len)
+{
+	return rte_malloc("mem_alloc", len, align);
+}
+
+/* For freeing dma memory */
+static inline void
+caam_jr_dma_free(void *ptr)
+{
+	rte_free(ptr);
+}
+
+static inline rte_iova_t
+caam_jr_mem_vtop(void *vaddr)
+{
+	const struct rte_memseg *ms;
+
+	ms = rte_mem_virt2memseg(vaddr, NULL);
+	if (ms)
+		return ms->iova + RTE_PTR_DIFF(vaddr, ms->addr);
+	return (size_t)NULL;
+}
+
+static inline void *
+caam_jr_dma_ptov(rte_iova_t paddr)
+{
+	return rte_mem_iova2virt(paddr);
+}
+
+/* Virtual to physical address conversion */
+static inline rte_iova_t caam_jr_dma_vtop(void *ptr)
+{
+	return caam_jr_mem_vtop(ptr);
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t caam_jr_enable_irqs(uint32_t uio_fd);
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t caam_jr_disable_irqs(uint32_t uio_fd);
+
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 3edd0a212..c282eb4dc 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,6 +6,9 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr.c')
 
 allow_experimental_apis = true
+
+includes += include_directories('../dpaa2_sec/')
+includes += include_directories('../../bus/dpaa/include/')
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (2 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-28  0:35           ` Ferruh Yigit
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
                           ` (11 subsequent siblings)
  15 siblings, 1 reply; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

caam_jr need support from kernel caam driver for
job ring initialisation. So to access register space
for job ring and allow re configure and map to userspace
UIO interface is used. This also allows to handle the
caam interrupts from the user space.

This patch adds UIO specific operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile      |   1 +
 drivers/crypto/caam_jr/caam_jr_hw.c  |  12 -
 drivers/crypto/caam_jr/caam_jr_uio.c | 500 +++++++++++++++++++++++++++
 drivers/crypto/caam_jr/meson.build   |   2 +-
 4 files changed, 502 insertions(+), 13 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_uio.c

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index e22943749..cfd093a5f 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -32,6 +32,7 @@ LIBABIVER := 1
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
 
 LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index b4d486633..80602b702 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -90,18 +90,6 @@ hw_handle_jr_err(union hw_error_code hw_error_code __rte_unused)
 	CAAM_JR_DEBUG(" Not implemented");
 }
 
-uint32_t
-caam_jr_enable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
-uint32_t
-caam_jr_disable_irqs(uint32_t uio_fd __rte_unused)
-{
-	return 0;
-}
-
 int
 hw_reset_job_ring(struct sec_job_ring_t *job_ring)
 {
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
new file mode 100644
index 000000000..d6aec3e4c
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -0,0 +1,500 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <dirent.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <fcntl.h>
+
+#include <rte_common.h>
+#include <rte_malloc.h>
+#include <rte_crypto.h>
+
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
+#include <caam_jr_log.h>
+
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
+
+/* Prefix path to sysfs directory where UIO device attributes are exported.
+ * Path for UIO device X is /sys/class/uio/uioX
+ */
+#define SEC_UIO_DEVICE_SYS_ATTR_PATH    "/sys/class/uio"
+
+/* Subfolder in sysfs where mapping attributes are exported
+ * for each UIO device. Path for mapping Y for device X is:
+ *      /sys/class/uio/uioX/maps/mapY
+ */
+#define SEC_UIO_DEVICE_SYS_MAP_ATTR     "maps/map"
+
+/* Name of UIO device file prefix. Each UIO device will have a device file
+ * /dev/uioX, where X is the minor device number.
+ */
+#define SEC_UIO_DEVICE_FILE_NAME    "/dev/uio"
+
+/*
+ * Name of UIO device. Each user space SEC job ring will have a corresponding
+ * UIO device with the name sec-channelX, where X is the job ring id.
+ * Maximum length is #SEC_UIO_MAX_DEVICE_NAME_LENGTH.
+ *
+ * @note  Must be kept in synch with SEC kernel driver
+ * define #SEC_UIO_DEVICE_NAME !
+ */
+#define SEC_UIO_DEVICE_NAME     "fsl-jr"
+
+/* Maximum length for the name of an UIO device file.
+ * Device file name format is: /dev/uioX.
+ */
+#define SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH 30
+
+/* Maximum length for the name of an attribute file for an UIO device.
+ * Attribute files are exported in sysfs and have the name formatted as:
+ *      /sys/class/uio/uioX/<attribute_file_name>
+ */
+#define SEC_UIO_MAX_ATTR_FILE_NAME  100
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to disable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_DISABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_DISABLE_IRQ_CMD     0
+
+/* Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to enable job DONE
+ *  and error IRQs on a certain job ring.
+ *  The configuration is done at SEC Controller's level.
+ *  @note   Need to be kept in synch with #SEC_UIO_ENABLE_IRQ_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_ENABLE_IRQ_CMD      1
+
+/** Command that is used by SEC user space driver and SEC kernel driver
+ *  to signal a request from the former to the later to do a SEC engine reset.
+ *  @note   Need to be kept in synch with #SEC_UIO_RESET_SEC_ENGINE_CMD from
+ *          linux/drivers/crypto/talitos.c !
+ */
+#define SEC_UIO_RESET_SEC_ENGINE_CMD    3
+
+/* The id for the mapping used to export SEC's registers to
+ * user space through UIO devices.
+ */
+#define SEC_UIO_MAP_ID              0
+
+static struct uio_job_ring g_uio_job_ring[MAX_SEC_JOB_RINGS];
+static int g_uio_jr_num;
+
+/** @brief Checks if a file name contains a certain substring.
+ * If so, it extracts the number following the substring.
+ * This function assumes a filename format of: [text][number].
+ * @param [in]  filename    File name
+ * @param [in]  match       String to match in file name
+ * @param [out] number      The number extracted from filename
+ *
+ * @retval true if file name matches the criteria
+ * @retval false if file name does not match the criteria
+ */
+static bool
+file_name_match_extract(const char filename[], const char match[], int *number)
+{
+	char *substr = NULL;
+
+	substr = strstr(filename, match);
+	if (substr == NULL)
+		return false;
+
+	/* substring <match> was found in <filename>
+	 * read number following <match> substring in <filename>
+	 */
+	if (sscanf(filename + strlen(match), "%d", number) <= 0)
+		return false;
+
+	return true;
+}
+
+/** @brief Reads first line from a file.
+ * Composes file name as: root/subdir/filename
+ *
+ * @param [in]  root     Root path
+ * @param [in]  subdir   Subdirectory name
+ * @param [in]  filename File name
+ * @param [out] line     The first line read from file.
+ *
+ * @retval 0 for succes
+ * @retval other value for error
+ */
+static int
+file_read_first_line(const char root[], const char subdir[],
+		     const char filename[], char *line)
+{
+	char absolute_file_name[SEC_UIO_MAX_ATTR_FILE_NAME];
+	int fd = 0, ret = 0;
+
+	/*compose the file name: root/subdir/filename */
+	memset(absolute_file_name, 0, sizeof(absolute_file_name));
+	snprintf(absolute_file_name, SEC_UIO_MAX_ATTR_FILE_NAME,
+		 "%s/%s/%s", root, subdir, filename);
+
+	fd = open(absolute_file_name, O_RDONLY);
+	SEC_ASSERT(fd > 0, fd, "Error opening file %s",
+			absolute_file_name);
+
+	/* read UIO device name from first line in file */
+	ret = read(fd, line, SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH);
+	close(fd);
+
+	/* NULL-ify string */
+	line[SEC_UIO_MAX_DEVICE_FILE_NAME_LENGTH - 1] = '\0';
+
+	if (ret <= 0) {
+		CAAM_JR_ERR("Error reading from file %s", absolute_file_name);
+		return ret;
+	}
+
+	return 0;
+}
+
+/** @brief Uses UIO control to send commands to SEC kernel driver.
+ * The mechanism is to write a command word into the file descriptor
+ * that the user-space driver obtained for each user-space SEC job ring.
+ * Both user-space driver and kernel driver must have the same understanding
+ * about the command codes.
+ *
+ * @param [in]  UIO FD		    The UIO file descriptor
+ * @param [in]  uio_command         Command word
+ *
+ * @retval Result of write operation on the job ring's UIO file descriptor.
+ *         Should be sizeof(int) for success operations.
+ *         Other values can be returned and used, if desired to add special
+ *         meaning to return values, but this has to be programmed in SEC
+ *         kernel driver as well. No special return values are used.
+ */
+static int
+sec_uio_send_command(uint32_t uio_fd, int32_t uio_command)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver execute the desired command.
+	 */
+	ret = write(uio_fd, &uio_command, sizeof(int));
+	return ret;
+}
+
+/** @brief Request to SEC kernel driver to enable interrupts for
+ *         descriptor finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ enable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd     Job Ring UIO File descriptor
+ * @retval 0 for success
+ * @retval -1 value for error
+ */
+uint32_t
+caam_jr_enable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver enable DONE and Error IRQs for this job ring,
+	 * at Controller level.
+	 */
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_ENABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to enable job done and "
+		"error IRQs through UIO control. UIO FD %d. Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Enabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+
+/** @brief Request to SEC kernel driver to disable interrupts for descriptor
+ *  finished processing
+ *  Use UIO to communicate with SEC kernel driver: write command
+ *  value that indicates an IRQ disable action into UIO file descriptor
+ *  of this job ring.
+ *
+ * @param [in]  uio_fd    UIO File descripto
+ * @retval 0 for success
+ * @retval -1 value for error
+ *
+ */
+uint32_t
+caam_jr_disable_irqs(uint32_t uio_fd)
+{
+	int ret;
+
+	/* Use UIO file descriptor we have for this job ring.
+	 * Writing a command code to this file descriptor will make the
+	 * SEC kernel driver disable IRQs for this job ring,
+	 * at Controller level.
+	 */
+
+	ret = sec_uio_send_command(uio_fd, SEC_UIO_DISABLE_IRQ_CMD);
+	SEC_ASSERT(ret == sizeof(int), -1,
+		"Failed to request SEC engine to disable job done and "
+		"IRQs through UIO control. UIO_FD %d Reset SEC driver!",
+		uio_fd);
+	CAAM_JR_DEBUG("Disabled IRQs on jr with uio_fd %d", uio_fd);
+	return 0;
+}
+
+/** @brief Maps register range assigned for a job ring.
+ *
+ * @param [in] uio_device_fd    UIO device file descriptor
+ * @param [in] uio_device_id    UIO device id
+ * @param [in] uio_map_id       UIO allows maximum 5 different mapping for
+				each device. Maps start with id 0.
+ * @param [out] map_size        Map size.
+ * @retval  NULL if failed to map registers
+ * @retval  Virtual address for mapped register address range
+ */
+static void *
+uio_map_registers(int uio_device_fd, int uio_device_id,
+		  int uio_map_id, int *map_size)
+{
+	void *mapped_address = NULL;
+	unsigned int uio_map_size = 0;
+	char uio_sys_root[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_sys_map_subdir[SEC_UIO_MAX_ATTR_FILE_NAME];
+	char uio_map_size_str[32];
+	int ret = 0;
+
+	/* compose the file name: root/subdir/filename */
+	memset(uio_sys_root, 0, sizeof(uio_sys_root));
+	memset(uio_sys_map_subdir, 0, sizeof(uio_sys_map_subdir));
+	memset(uio_map_size_str, 0, sizeof(uio_map_size_str));
+
+	/* Compose string: /sys/class/uio/uioX */
+	sprintf(uio_sys_root, "%s/%s%d", SEC_UIO_DEVICE_SYS_ATTR_PATH,
+		"uio", uio_device_id);
+	/* Compose string: maps/mapY */
+	sprintf(uio_sys_map_subdir, "%s%d", SEC_UIO_DEVICE_SYS_MAP_ATTR,
+		uio_map_id);
+
+	/* Read first (and only) line from file
+	 * /sys/class/uio/uioX/maps/mapY/size
+	 */
+	ret = file_read_first_line(uio_sys_root, uio_sys_map_subdir,
+				 "size", uio_map_size_str);
+	SEC_ASSERT(ret == 0, NULL, "file_read_first_line() failed");
+
+	/* Read mapping size, expressed in hexa(base 16) */
+	uio_map_size = strtol(uio_map_size_str, NULL, 16);
+
+	/* Map the region in user space */
+	mapped_address = mmap(0, /*dynamically choose virtual address */
+		uio_map_size, PROT_READ | PROT_WRITE,
+		MAP_SHARED, uio_device_fd, 0);
+	/* offset = 0 because UIO device has only one mapping
+	 * for the entire SEC register memory
+	 */
+	if (mapped_address == MAP_FAILED) {
+		CAAM_JR_ERR(
+			"Failed to map registers! errno = %d job ring fd  = %d,"
+			"uio device id = %d, uio map id = %d", errno,
+			uio_device_fd, uio_device_id, uio_map_id);
+		return NULL;
+	}
+
+	/*
+	 * Save the map size to use it later on for munmap-ing.
+	 */
+	*map_size = uio_map_size;
+
+	CAAM_JR_INFO("UIO dev[%d] mapped region [id =%d] size 0x%x at %p",
+		uio_device_id, uio_map_id, uio_map_size, mapped_address);
+
+	return mapped_address;
+}
+
+void
+free_job_ring(uint32_t uio_fd)
+{
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	if (!job_ring->uio_fd)
+		return;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == uio_fd) {
+			job_ring = &g_uio_job_ring[i];
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("JR not available for fd = %x\n", uio_fd);
+		return;
+	}
+
+	/* Open device file */
+	CAAM_JR_INFO("Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+	close(job_ring->uio_fd);
+	g_uio_jr_num--;
+	job_ring->uio_fd = 0;
+	if (job_ring->register_base_addr == NULL)
+		return;
+
+	/* Unmap the PCI memory resource of device */
+	if (munmap(job_ring->register_base_addr, job_ring->map_size)) {
+		CAAM_JR_INFO("cannot munmap(%p, 0x%lx): %s",
+			job_ring->register_base_addr,
+			(unsigned long)job_ring->map_size, strerror(errno));
+	} else
+		CAAM_JR_DEBUG("  JR UIO memory unmapped at %p",
+				job_ring->register_base_addr);
+	job_ring->register_base_addr = NULL;
+}
+
+struct
+uio_job_ring *config_job_ring(void)
+{
+	char uio_device_file_name[32];
+	struct uio_job_ring *job_ring = NULL;
+	int i;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_uio_job_ring[i].uio_fd == 0) {
+			job_ring = &g_uio_job_ring[i];
+			g_uio_jr_num++;
+			break;
+		}
+	}
+
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	/* Find UIO device created by SEC kernel driver for this job ring. */
+	memset(uio_device_file_name, 0, sizeof(uio_device_file_name));
+
+	sprintf(uio_device_file_name, "%s%d", SEC_UIO_DEVICE_FILE_NAME,
+		job_ring->uio_minor_number);
+
+	/* Open device file */
+	job_ring->uio_fd = open(uio_device_file_name, O_RDWR);
+	SEC_ASSERT(job_ring->uio_fd > 0, NULL,
+		"Failed to open UIO device file for job ring %d",
+		job_ring->jr_id);
+
+	CAAM_JR_INFO("Open device(%s) file for job ring=%d , uio_fd = %d",
+		uio_device_file_name, job_ring->jr_id, job_ring->uio_fd);
+
+	ASSERT(job_ring->register_base_addr == NULL);
+	job_ring->register_base_addr = uio_map_registers(
+			job_ring->uio_fd, job_ring->uio_minor_number,
+			SEC_UIO_MAP_ID, &job_ring->map_size);
+
+	SEC_ASSERT(job_ring->register_base_addr != NULL, NULL,
+		"Failed to map SEC registers");
+	return job_ring;
+}
+
+int
+sec_configure(void)
+{
+	char uio_name[32];
+	int config_jr_no = 0, jr_id = -1;
+	int uio_minor_number = -1;
+	int ret;
+	DIR *d = NULL;
+	struct dirent *dir;
+
+	d = opendir(SEC_UIO_DEVICE_SYS_ATTR_PATH);
+	if (d == NULL) {
+		printf("\nError opening directory '%s': %s\n",
+			SEC_UIO_DEVICE_SYS_ATTR_PATH, strerror(errno));
+		return -1;
+	}
+
+	/* Iterate through all subdirs */
+	while ((dir = readdir(d)) != NULL) {
+		if (!strncmp(dir->d_name, ".", 1) ||
+				!strncmp(dir->d_name, "..", 2))
+			continue;
+
+		if (file_name_match_extract
+			(dir->d_name, "uio", &uio_minor_number)) {
+		/*
+		 * Open file uioX/name and read first line which contains
+		 * the name for the device. Based on the name check if this
+		 * UIO device is UIO device for job ring with id jr_id.
+		 */
+			memset(uio_name, 0, sizeof(uio_name));
+			ret = file_read_first_line(SEC_UIO_DEVICE_SYS_ATTR_PATH,
+					dir->d_name, "name", uio_name);
+			CAAM_JR_INFO("sec device uio name: %s", uio_name);
+			SEC_ASSERT(ret == 0, -1, "file_read_first_line failed");
+
+			if (file_name_match_extract(uio_name,
+						SEC_UIO_DEVICE_NAME,
+						&jr_id)) {
+				g_uio_job_ring[config_jr_no].jr_id = jr_id;
+				g_uio_job_ring[config_jr_no].uio_minor_number =
+							uio_minor_number;
+				CAAM_JR_INFO("Detected logical JRID:%d", jr_id);
+				config_jr_no++;
+
+				/* todo  find the actual ring id
+				 * OF_FULLNAME=/soc/crypto@1700000/jr@20000
+				 */
+			}
+		}
+	}
+	closedir(d);
+
+	if (config_jr_no == 0) {
+		CAAM_JR_ERR("! No SEC Job Rings assigned for userspace usage!");
+		return 0;
+	}
+	CAAM_JR_INFO("Total JR detected =%d", config_jr_no);
+	return config_jr_no;
+}
+
+int
+sec_cleanup(void)
+{
+	int i;
+	struct uio_job_ring *job_ring;
+
+	for (i = 0; i < g_uio_jr_num; i++) {
+		job_ring = &g_uio_job_ring[i];
+		/* munmap SEC's register memory */
+		if (job_ring->register_base_addr) {
+			munmap(job_ring->register_base_addr,
+				job_ring->map_size);
+			job_ring->register_base_addr = NULL;
+		}
+		/* I need to close the fd after shutdown UIO commands need to be
+		 * sent using the fd
+		 */
+		if (job_ring->uio_fd != 0) {
+			CAAM_JR_INFO(
+			"Closed device file for job ring %d , fd = %d",
+			job_ring->jr_id, job_ring->uio_fd);
+			close(job_ring->uio_fd);
+		}
+	}
+	return 0;
+}
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index c282eb4dc..7b024e886 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,7 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr.c')
+sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 05/15] crypto/caam_jr: add basic job ring routines
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (3 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
                           ` (10 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following job ring routines
 - init_job_ring (configure hw/sw resources)
 - shutdown_job_ring (releases hw/sw resources)
 - close_job_ring (flush job ring)

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 329 ++++++++++++++++++++++++++++++-
 1 file changed, 327 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 6d25967a1..1a04a3ce6 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -16,12 +16,142 @@
 #include <rte_malloc.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_config.h>
+#include <caam_jr_hw_specific.h>
+#include <caam_jr_pvt.h>
 #include <caam_jr_log.h>
 
+/* RTA header files */
+#include <hw/desc/common.h>
+#include <of.h>
+
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
 
+enum rta_sec_era rta_sec_era;
+
+/* Lists the states possible for the SEC user space driver. */
+enum sec_driver_state_e {
+	SEC_DRIVER_STATE_IDLE,		/* Driver not initialized */
+	SEC_DRIVER_STATE_STARTED,	/* Driver initialized and can be used*/
+	SEC_DRIVER_STATE_RELEASE,	/* Driver release is in progress */
+};
+
+/* Job rings used for communication with SEC HW */
+static struct sec_job_ring_t g_job_rings[MAX_SEC_JOB_RINGS];
+
+/* The current state of SEC user space driver */
+static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+/* The number of job rings used by SEC user space driver */
+static int g_job_rings_no;
+static int g_job_rings_max;
+
+/* @brief Poll the HW for already processed jobs in the JR
+ * and silently discard the available jobs or notify them to UA
+ * with indicated error code.
+ *
+ * @param [in,out]  job_ring        The job ring to poll.
+ * @param [in]  do_notify           Can be #TRUE or #FALSE. Indicates if
+ *				    descriptors are to be discarded
+ *                                  or notified to UA with given error_code.
+ * @param [out] notified_descs    Number of notified descriptors. Can be NULL
+ *					if do_notify is #FALSE
+ */
+static void
+hw_flush_job_ring(struct sec_job_ring_t *job_ring,
+		  uint32_t do_notify,
+		  uint32_t *notified_descs)
+{
+	int32_t jobs_no_to_discard = 0;
+	int32_t discarded_descs_no = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Flushing jr notify desc=[%d]",
+		job_ring, job_ring->pidx, job_ring->cidx, do_notify);
+
+	jobs_no_to_discard = hw_get_no_finished_jobs(job_ring);
+
+	/* Discard all jobs */
+	CAAM_JR_DEBUG("Jr[%p] pi[%d] ci[%d].Discarding %d descs",
+		  job_ring, job_ring->pidx, job_ring->cidx,
+		  jobs_no_to_discard);
+
+	while (jobs_no_to_discard > discarded_descs_no) {
+		discarded_descs_no++;
+		/* Now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 * Increment the consumer index for the current job ring
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+					 SEC_JOB_RING_SIZE);
+
+		hw_remove_entries(job_ring, 1);
+	}
+
+	if (do_notify == true) {
+		ASSERT(notified_descs != NULL);
+		*notified_descs = discarded_descs_no;
+	}
+}
+
+
+/* @brief Flush job rings of any processed descs.
+ * The processed descs are silently dropped,
+ * WITHOUT being notified to UA.
+ */
+static void
+close_job_ring(struct sec_job_ring_t *job_ring)
+{
+	PMD_INIT_FUNC_TRACE();
+	if (job_ring->irq_fd) {
+		/* Producer index is frozen. If consumer index is not equal
+		 * with producer index, then we have descs to flush.
+		 */
+		while (job_ring->pidx != job_ring->cidx)
+			hw_flush_job_ring(job_ring, false, NULL);
+
+		/* free the uio job ring */
+		free_job_ring(job_ring->irq_fd);
+		job_ring->irq_fd = 0;
+		caam_jr_dma_free(job_ring->input_ring);
+		caam_jr_dma_free(job_ring->output_ring);
+		g_job_rings_no--;
+	}
+}
+
+/** @brief Release the software and hardware resources tied to a job ring.
+ * @param [in] job_ring The job ring
+ *
+ * @retval  0 for success
+ * @retval  -1 for error
+ */
+static int
+shutdown_job_ring(struct sec_job_ring_t *job_ring)
+{
+	int ret = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	ASSERT(job_ring != NULL);
+	ret = hw_shutdown_job_ring(job_ring);
+	SEC_ASSERT(ret == 0, ret,
+		"Failed to shutdown hardware job ring %p",
+		job_ring);
+
+	if (job_ring->coalescing_en)
+		hw_job_ring_disable_coalescing(job_ring);
+
+	if (job_ring->jr_mode != SEC_NOTIFICATION_TYPE_POLL) {
+		ret = caam_jr_disable_irqs(job_ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+		"Failed to disable irqs for job ring %p",
+		job_ring);
+	}
+
+	return ret;
+}
+
 /*
  * @brief Release the resources used by the SEC user space driver.
  *
@@ -39,28 +169,195 @@ int caam_jr_logtype;
 static int
 caam_jr_dev_uninit(struct rte_cryptodev *dev)
 {
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
 	if (dev == NULL)
 		return -ENODEV;
 
+	internals = dev->data->dev_private;
+	rte_free(dev->security_ctx);
+
+	/* If any descriptors in flight , poll and wait
+	 * until all descriptors are received and silently discarded.
+	 */
+	if (internals) {
+		shutdown_job_ring(internals);
+		close_job_ring(internals);
+		rte_mempool_free(internals->ctx_pool);
+	}
+
 	CAAM_JR_INFO("Closing crypto device %s", dev->data->name);
 
-	return 0;
+	/* last caam jr instance) */
+	if (g_job_rings_no == 0)
+		g_driver_state = SEC_DRIVER_STATE_IDLE;
+
+	return SEC_SUCCESS;
+}
+
+/* @brief Initialize the software and hardware resources tied to a job ring.
+ * @param [in] jr_mode;		Model to be used by SEC Driver to receive
+ *				notifications from SEC.  Can be either
+ *				of the three: #SEC_NOTIFICATION_TYPE_NAPI
+ *				#SEC_NOTIFICATION_TYPE_IRQ or
+ *				#SEC_NOTIFICATION_TYPE_POLL
+ * @param [in] NAPI_mode	The NAPI work mode to configure a job ring at
+ *				startup. Used only when #SEC_NOTIFICATION_TYPE
+ *				is set to #SEC_NOTIFICATION_TYPE_NAPI.
+ * @param [in] irq_coalescing_timer This value determines the maximum
+ *					amount of time after processing a
+ *					descriptor before raising an interrupt.
+ * @param [in] irq_coalescing_count This value determines how many
+ *					descriptors are completed before
+ *					raising an interrupt.
+ * @param [in] reg_base_addr,	The job ring base address register
+ * @param [in] irq_id		The job ring interrupt identification number.
+ * @retval  job_ring_handle for successful job ring configuration
+ * @retval  NULL on error
+ *
+ */
+static void *
+init_job_ring(void *reg_base_addr, uint32_t irq_id)
+{
+	struct sec_job_ring_t *job_ring = NULL;
+	int i, ret = 0;
+	int jr_mode = SEC_NOTIFICATION_TYPE_POLL;
+	int napi_mode = 0;
+	int irq_coalescing_timer = 0;
+	int irq_coalescing_count = 0;
+
+	for (i = 0; i < MAX_SEC_JOB_RINGS; i++) {
+		if (g_job_rings[i].irq_fd == 0) {
+			job_ring = &g_job_rings[i];
+			g_job_rings_no++;
+			break;
+		}
+	}
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("No free job ring\n");
+		return NULL;
+	}
+
+	job_ring->register_base_addr = reg_base_addr;
+	job_ring->jr_mode = jr_mode;
+	job_ring->napi_mode = 0;
+	job_ring->irq_fd = irq_id;
+
+	/* Allocate mem for input and output ring */
+
+	/* Allocate memory for input ring */
+	job_ring->input_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_INPUT_RING_SIZE);
+	memset(job_ring->input_ring, 0, SEC_DMA_MEM_INPUT_RING_SIZE);
+
+	/* Allocate memory for output ring */
+	job_ring->output_ring = caam_jr_dma_mem_alloc(L1_CACHE_BYTES,
+				SEC_DMA_MEM_OUTPUT_RING_SIZE);
+	memset(job_ring->output_ring, 0, SEC_DMA_MEM_OUTPUT_RING_SIZE);
+
+	/* Reset job ring in SEC hw and configure job ring registers */
+	ret = hw_reset_job_ring(job_ring);
+	if (ret != 0) {
+		CAAM_JR_ERR("Failed to reset hardware job ring");
+		goto cleanup;
+	}
+
+	if (jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+	/* When SEC US driver works in NAPI mode, the UA can select
+	 * if the driver starts with IRQs on or off.
+	 */
+		if (napi_mode == SEC_STARTUP_INTERRUPT_MODE) {
+			CAAM_JR_INFO("Enabling DONE IRQ generationon job ring - %p",
+				job_ring);
+			ret = caam_jr_enable_irqs(job_ring->irq_fd);
+			if (ret != 0) {
+				CAAM_JR_ERR("Failed to enable irqs for job ring");
+				goto cleanup;
+			}
+		}
+	} else if (jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+	/* When SEC US driver works in pure interrupt mode,
+	 * IRQ's are always enabled.
+	 */
+		CAAM_JR_INFO("Enabling DONE IRQ generation on job ring - %p",
+			 job_ring);
+		ret = caam_jr_enable_irqs(job_ring->irq_fd);
+		if (ret != 0) {
+			CAAM_JR_ERR("Failed to enable irqs for job ring");
+			goto cleanup;
+		}
+	}
+	if (irq_coalescing_timer || irq_coalescing_count) {
+		hw_job_ring_set_coalescing_param(job_ring,
+			 irq_coalescing_timer,
+			 irq_coalescing_count);
+
+		hw_job_ring_enable_coalescing(job_ring);
+		job_ring->coalescing_en = 1;
+	}
+
+	job_ring->jr_state = SEC_JOB_RING_STATE_STARTED;
+	job_ring->max_nb_queue_pairs = RTE_CAAM_MAX_NB_SEC_QPS;
+	job_ring->max_nb_sessions = RTE_CAAM_JR_PMD_MAX_NB_SESSIONS;
+
+	return job_ring;
+cleanup:
+	caam_jr_dma_free(job_ring->output_ring);
+	caam_jr_dma_free(job_ring->input_ring);
+	return NULL;
 }
 
+
 static int
 caam_jr_dev_init(const char *name,
 		 struct rte_vdev_device *vdev,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+	struct uio_job_ring *job_ring;
+	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
 	PMD_INIT_FUNC_TRACE();
 
+	/* Validate driver state */
+	if (g_driver_state == SEC_DRIVER_STATE_IDLE) {
+		g_job_rings_max = sec_configure();
+		if (!g_job_rings_max) {
+			CAAM_JR_ERR("No job ring detected on UIO !!!!");
+			return -1;
+		}
+		/* Update driver state */
+		g_driver_state = SEC_DRIVER_STATE_STARTED;
+	}
+
+	if (g_job_rings_no >= g_job_rings_max) {
+		CAAM_JR_ERR("No more job rings available max=%d!!!!",
+				g_job_rings_max);
+		return -1;
+	}
+
+	job_ring = config_job_ring();
+	if (job_ring == NULL) {
+		CAAM_JR_ERR("failed to create job ring");
+		goto init_error;
+	}
+
+	snprintf(str, sizeof(str), "caam_jr%d", job_ring->jr_id);
+
 	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 	if (dev == NULL) {
 		CAAM_JR_ERR("failed to create cryptodev vdev");
 		goto cleanup;
 	}
+	/*TODO free it during teardown*/
+	dev->data->dev_private = init_job_ring(job_ring->register_base_addr,
+						job_ring->uio_fd);
+
+	if (!dev->data->dev_private) {
+		CAAM_JR_ERR("Ring memory allocation failed\n");
+		goto cleanup2;
+	}
 
 	dev->driver_id = cryptodev_driver_id;
 	dev->dev_ops = NULL;
@@ -78,7 +375,12 @@ caam_jr_dev_init(const char *name,
 
 	return 0;
 
+cleanup2:
+	caam_jr_dev_uninit(dev);
+	rte_cryptodev_pmd_release_device(dev);
 cleanup:
+	free_job_ring(job_ring->uio_fd);
+init_error:
 	CAAM_JR_ERR("driver %s: cryptodev_caam_jr_create failed",
 			init_params->name);
 
@@ -91,7 +393,7 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 {
 	struct rte_cryptodev_pmd_init_params init_params = {
 		"",
-		128,
+		sizeof(struct sec_job_ring_t),
 		rte_socket_id(),
 		RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS
 	};
@@ -105,6 +407,29 @@ cryptodev_caam_jr_probe(struct rte_vdev_device *vdev)
 	input_args = rte_vdev_device_args(vdev);
 	rte_cryptodev_pmd_parse_input_args(&init_params, input_args);
 
+	/* if sec device version is not configured */
+	if (!rta_get_sec_era()) {
+		const struct device_node *caam_node;
+
+		for_each_compatible_node(caam_node, NULL, "fsl,sec-v4.0") {
+			const uint32_t *prop = of_get_property(caam_node,
+					"fsl,sec-era",
+					NULL);
+			if (prop) {
+				rta_set_sec_era(
+					INTL_SEC_ERA(cpu_to_caam32(*prop)));
+				break;
+			}
+		}
+	}
+#ifdef RTE_LIBRTE_PMD_CAAM_JR_BE
+	if (rta_get_sec_era() > RTA_SEC_ERA_8) {
+		RTE_LOG(ERR, PMD,
+		"CAAM is compiled in BE mode for device with sec era > 8???\n");
+		return -EINVAL;
+	}
+#endif
+
 	return caam_jr_dev_init(name, vdev, &init_params);
 }
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 06/15] crypto/caam_jr: add device basic ops
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (4 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
                           ` (9 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch adds following device operations
 - dev_configure
 - dev_start
 - dev_stop
 - dev_close
 - dev_infos_get

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 98 +++++++++++++++++++++++++++++++-
 1 file changed, 97 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 1a04a3ce6..b03b9625b 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -97,6 +97,89 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 }
 
 
+static int
+caam_jr_dev_configure(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_config *config __rte_unused)
+{
+	char str[20];
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	internals = dev->data->dev_private;
+	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	if (!internals->ctx_pool) {
+		internals->ctx_pool = rte_mempool_create((const char *)str,
+						CTX_POOL_NUM_BUFS,
+						sizeof(struct caam_jr_op_ctx),
+						CTX_POOL_CACHE_SIZE, 0,
+						NULL, NULL, NULL, NULL,
+						SOCKET_ID_ANY, 0);
+		if (!internals->ctx_pool) {
+			CAAM_JR_ERR("%s create failed\n", str);
+			return -ENOMEM;
+		}
+	} else
+		CAAM_JR_INFO("mempool already created for dev_id : %d",
+				dev->data->dev_id);
+
+	return 0;
+}
+
+static int
+caam_jr_dev_start(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+	return 0;
+}
+
+static void
+caam_jr_dev_stop(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+}
+
+static int
+caam_jr_dev_close(struct rte_cryptodev *dev)
+{
+	struct sec_job_ring_t *internals;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (dev == NULL)
+		return -ENOMEM;
+
+	internals = dev->data->dev_private;
+	rte_mempool_free(internals->ctx_pool);
+	internals->ctx_pool = NULL;
+
+	return 0;
+}
+
+static void
+caam_jr_dev_infos_get(struct rte_cryptodev *dev,
+		       struct rte_cryptodev_info *info)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+
+	PMD_INIT_FUNC_TRACE();
+	if (info != NULL) {
+		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
+		info->feature_flags = dev->feature_flags;
+		info->sym.max_nb_sessions = internals->max_nb_sessions;
+		info->driver_id = cryptodev_driver_id;
+	}
+}
+
+static struct rte_cryptodev_ops caam_jr_ops = {
+	.dev_configure	      = caam_jr_dev_configure,
+	.dev_start	      = caam_jr_dev_start,
+	.dev_stop	      = caam_jr_dev_stop,
+	.dev_close	      = caam_jr_dev_close,
+	.dev_infos_get        = caam_jr_dev_infos_get,
+};
+
+
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
  * WITHOUT being notified to UA.
@@ -360,7 +443,20 @@ caam_jr_dev_init(const char *name,
 	}
 
 	dev->driver_id = cryptodev_driver_id;
-	dev->dev_ops = NULL;
+	dev->dev_ops = &caam_jr_ops;
+
+	/* register rx/tx burst functions for data path */
+	dev->dequeue_burst = NULL;
+	dev->enqueue_burst = NULL;
+	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
+			RTE_CRYPTODEV_FF_SECURITY |
+			RTE_CRYPTODEV_FF_IN_PLACE_SGL |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
 	/* For secondary processes, we don't initialise any further as primary
 	 * has already done this work. Only check we don't need a different
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 07/15] crypto/caam_jr: add queue pair config ops
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (5 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
                           ` (8 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add following ops for configuring queues
 - queue_pair_setup
 - queue_pair_release
 - queue_pair_count

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 64 ++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index b03b9625b..931070bef 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -96,6 +96,67 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* Release queue pair */
+static int
+caam_jr_queue_pair_release(struct rte_cryptodev *dev,
+			   uint16_t qp_id)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d", dev, qp_id);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = NULL;
+	dev->data->queue_pairs[qp_id] = NULL;
+
+	return 0;
+}
+
+/* Setup a queue pair */
+static int
+caam_jr_queue_pair_setup(
+		struct rte_cryptodev *dev, uint16_t qp_id,
+		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		__rte_unused int socket_id,
+		__rte_unused struct rte_mempool *session_pool)
+{
+	struct sec_job_ring_t *internals;
+	struct caam_jr_qp *qp = NULL;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DEBUG("dev =%p, queue =%d, conf =%p", dev, qp_id, qp_conf);
+
+	internals = dev->data->dev_private;
+	if (qp_id >= internals->max_nb_queue_pairs) {
+		CAAM_JR_ERR("Max supported qpid %d",
+			     internals->max_nb_queue_pairs);
+		return -EINVAL;
+	}
+
+	qp = &internals->qps[qp_id];
+	qp->ring = internals;
+	dev->data->queue_pairs[qp_id] = qp;
+
+	return 0;
+}
+
+/* Return the number of allocated queue pairs */
+static uint32_t
+caam_jr_queue_pair_count(struct rte_cryptodev *dev)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return dev->data->nb_queue_pairs;
+}
 
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
@@ -177,6 +238,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.queue_pair_setup     = caam_jr_queue_pair_setup,
+	.queue_pair_release   = caam_jr_queue_pair_release,
+	.queue_pair_count     = caam_jr_queue_pair_count,
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 08/15] crypto/caam_jr: add session configuration methods
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (6 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
                           ` (7 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support to create session configuration
of various types i.e. cipher, auth and aead etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 214 +++++++++++++++++++++++++++++++
 1 file changed, 214 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 931070bef..aec033649 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -23,8 +23,11 @@
 
 /* RTA header files */
 #include <hw/desc/common.h>
+#include <hw/desc/algo.h>
+#include <hw/desc/ipsec.h>
 #include <of.h>
 
+#define CAAM_JR_DBG	0
 #define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 static uint8_t cryptodev_driver_id;
 int caam_jr_logtype;
@@ -158,6 +161,214 @@ caam_jr_queue_pair_count(struct rte_cryptodev *dev)
 	return dev->data->nb_queue_pairs;
 }
 
+/* Returns the size of the aesni gcm session structure */
+static unsigned int
+caam_jr_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
+{
+	PMD_INIT_FUNC_TRACE();
+
+	return sizeof(struct caam_jr_session);
+}
+
+static int
+caam_jr_cipher_init(struct rte_cryptodev *dev __rte_unused,
+		    struct rte_crypto_sym_xform *xform,
+		    struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->cipher_alg = xform->cipher.algo;
+	session->iv.length = xform->cipher.iv.length;
+	session->iv.offset = xform->cipher.iv.offset;
+	session->cipher_key.data = rte_zmalloc(NULL, xform->cipher.key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL && xform->cipher.key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+	session->cipher_key.length = xform->cipher.key.length;
+
+	memcpy(session->cipher_key.data, xform->cipher.key.data,
+	       xform->cipher.key.length);
+	session->dir = (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_auth_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->auth_alg = xform->auth.algo;
+	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL && xform->auth.key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		return -ENOMEM;
+	}
+	session->auth_key.length = xform->auth.key.length;
+	session->digest_length = xform->auth.digest_length;
+
+	memcpy(session->auth_key.data, xform->auth.key.data,
+	       xform->auth.key.length);
+	session->dir = (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_aead_init(struct rte_cryptodev *dev __rte_unused,
+		  struct rte_crypto_sym_xform *xform,
+		  struct caam_jr_session *session)
+{
+	PMD_INIT_FUNC_TRACE();
+	session->aead_alg = xform->aead.algo;
+	session->iv.length = xform->aead.iv.length;
+	session->iv.offset = xform->aead.iv.offset;
+	session->auth_only_len = xform->aead.aad_length;
+	session->aead_key.data = rte_zmalloc(NULL, xform->aead.key.length,
+					     RTE_CACHE_LINE_SIZE);
+	if (session->aead_key.data == NULL && xform->aead.key.length > 0) {
+		CAAM_JR_ERR("No Memory for aead key\n");
+		return -ENOMEM;
+	}
+	session->aead_key.length = xform->aead.key.length;
+	session->digest_length = xform->aead.digest_length;
+
+	memcpy(session->aead_key.data, xform->aead.key.data,
+	       xform->aead.key.length);
+	session->dir = (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
+			DIR_ENC : DIR_DEC;
+
+	return 0;
+}
+
+static int
+caam_jr_set_session_parameters(struct rte_cryptodev *dev,
+			       struct rte_crypto_sym_xform *xform, void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct caam_jr_session *session = sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (unlikely(sess == NULL)) {
+		CAAM_JR_ERR("invalid session struct");
+		return -EINVAL;
+	}
+
+	/* Default IV length = 0 */
+	session->iv.length = 0;
+
+	/* Cipher Only */
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		caam_jr_cipher_init(dev, xform, session);
+
+	/* Authentication Only */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next == NULL) {
+		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
+		caam_jr_auth_init(dev, xform, session);
+
+	/* Cipher then Authenticate */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+			caam_jr_cipher_init(dev, xform, session);
+			caam_jr_auth_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* Authenticate then Cipher */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+			caam_jr_auth_init(dev, xform, session);
+			caam_jr_cipher_init(dev, xform->next, session);
+		} else {
+			CAAM_JR_ERR("Not supported: Auth then Cipher");
+			goto err1;
+		}
+
+	/* AEAD operation for AES-GCM kind of Algorithms */
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
+		   xform->next == NULL) {
+		caam_jr_aead_init(dev, xform, session);
+
+	} else {
+		CAAM_JR_ERR("Invalid crypto type");
+		return -EINVAL;
+	}
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+
+err1:
+	rte_free(session->cipher_key.data);
+	rte_free(session->auth_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+
+	return -EINVAL;
+}
+
+static int
+caam_jr_sym_session_configure(struct rte_cryptodev *dev,
+			      struct rte_crypto_sym_xform *xform,
+			      struct rte_cryptodev_sym_session *sess,
+			      struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	memset(sess_private_data, 0, sizeof(struct caam_jr_session));
+	ret = caam_jr_set_session_parameters(dev, xform, sess_private_data);
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
+
+	return 0;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static void
+caam_jr_sym_session_clear(struct rte_cryptodev *dev,
+		struct rte_cryptodev_sym_session *sess)
+{
+	uint8_t index = dev->driver_id;
+	void *sess_priv = get_sym_session_private_data(sess, index);
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(s, 0, sizeof(struct caam_jr_session));
+		set_sym_session_private_data(sess, index, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+}
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -241,6 +452,9 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
+	.sym_session_get_size = caam_jr_sym_session_get_size,
+	.sym_session_configure = caam_jr_sym_session_configure,
+	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 09/15] crypto/caam_jr: add device cababilities
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (7 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
                           ` (6 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

add device capabilities for supported algorithms,
key length etc.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/Makefile               |   1 +
 drivers/crypto/caam_jr/caam_jr.c              |   2 +
 drivers/crypto/caam_jr/caam_jr_capabilities.c | 232 ++++++++++++++++++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |  13 +
 drivers/crypto/caam_jr/meson.build            |   5 +-
 5 files changed, 252 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.c
 create mode 100644 drivers/crypto/caam_jr/caam_jr_capabilities.h

diff --git a/drivers/crypto/caam_jr/Makefile b/drivers/crypto/caam_jr/Makefile
index cfd093a5f..88cdf7410 100644
--- a/drivers/crypto/caam_jr/Makefile
+++ b/drivers/crypto/caam_jr/Makefile
@@ -31,6 +31,7 @@ LIBABIVER := 1
 
 # library source files
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_capabilities.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_hw.c
 SRCS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr_uio.c
 # library dependencies
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index aec033649..96b18be12 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -16,6 +16,7 @@
 #include <rte_malloc.h>
 #include <rte_hexdump.h>
 
+#include <caam_jr_capabilities.h>
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr_pvt.h>
@@ -438,6 +439,7 @@ caam_jr_dev_infos_get(struct rte_cryptodev *dev,
 	if (info != NULL) {
 		info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
 		info->feature_flags = dev->feature_flags;
+		info->capabilities = caam_jr_get_cryptodev_capabilities();
 		info->sym.max_nb_sessions = internals->max_nb_sessions;
 		info->driver_id = cryptodev_driver_id;
 	}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
new file mode 100644
index 000000000..92aa429cc
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -0,0 +1,232 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#include <caam_jr_capabilities.h>
+
+static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
+	{	/* MD5 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 20,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA224 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 28,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 32,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 48,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 1,
+					.max = 128,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{	/* AES GCM */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_AES_GCM,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 8,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = {
+					.min = 0,
+					.max = 240,
+					.increment = 1
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+	{	/* AES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* 3DES CBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
+				.block_size = 8,
+				.key_size = {
+					.min = 16,
+					.max = 24,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 8,
+					.max = 8,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
+	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void)
+{
+	return caam_jr_capabilities;
+}
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.h b/drivers/crypto/caam_jr/caam_jr_capabilities.h
new file mode 100644
index 000000000..7a94013e5
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_CAPABILITIES_H
+#define CAAM_JR_CAPABILITIES_H
+
+#include <rte_cryptodev.h>
+
+/* Get cryptodev capabilities */
+const struct rte_cryptodev_capabilities *
+caam_jr_get_cryptodev_capabilities(void);
+#endif
diff --git a/drivers/crypto/caam_jr/meson.build b/drivers/crypto/caam_jr/meson.build
index 7b024e886..99b71aef1 100644
--- a/drivers/crypto/caam_jr/meson.build
+++ b/drivers/crypto/caam_jr/meson.build
@@ -6,7 +6,10 @@ if host_machine.system() != 'linux'
 endif
 
 deps += ['bus_vdev', 'bus_dpaa', 'security']
-sources = files('caam_jr_hw.c', 'caam_jr_uio.c', 'caam_jr.c')
+sources = files('caam_jr_capabilities.c',
+		'caam_jr_hw.c',
+		'caam_jr_uio.c',
+		'caam_jr.c')
 
 allow_experimental_apis = true
 
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 10/15] crypto/caam_jr: add enqueue dequeue operations
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (8 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
                           ` (5 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add support for :
1. creating run time sec hw decriptors for a given request.
2. enqueue operation to the caam jr ring
3. dequeue operation from the caam jr ring in poll mode
4. creating a crypto protocol descriptor for session - first time.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c      | 875 +++++++++++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_desc.h | 285 +++++++++
 2 files changed, 1158 insertions(+), 2 deletions(-)
 create mode 100644 drivers/crypto/caam_jr/caam_jr_desc.h

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 96b18be12..594ae8ded 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -20,6 +20,7 @@
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
 #include <caam_jr_pvt.h>
+#include <caam_jr_desc.h>
 #include <caam_jr_log.h>
 
 /* RTA header files */
@@ -52,6 +53,343 @@ static enum sec_driver_state_e g_driver_state = SEC_DRIVER_STATE_IDLE;
 static int g_job_rings_no;
 static int g_job_rings_max;
 
+struct sec_outring_entry {
+	phys_addr_t desc;	/* Pointer to completed descriptor */
+	uint32_t status;	/* Status for completed descriptor */
+} __rte_packed;
+
+/* virtual address conversin when mempool support is available for ctx */
+static inline phys_addr_t
+caam_jr_vtop_ctx(struct caam_jr_op_ctx *ctx, void *vaddr)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (size_t)vaddr - ctx->vtop_offset;
+}
+
+static inline void
+caam_jr_op_ending(struct caam_jr_op_ctx *ctx)
+{
+	PMD_INIT_FUNC_TRACE();
+	/* report op status to sym->op and then free the ctx memeory  */
+	rte_mempool_put(ctx->ctx_pool, (void *)ctx);
+}
+
+static inline struct caam_jr_op_ctx *
+caam_jr_alloc_ctx(struct caam_jr_session *ses)
+{
+	struct caam_jr_op_ctx *ctx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	ret = rte_mempool_get(ses->ctx_pool, (void **)(&ctx));
+	if (!ctx || ret) {
+		CAAM_JR_DP_WARN("Alloc sec descriptor failed!");
+		return NULL;
+	}
+	/*
+	 * Clear SG memory. There are 16 SG entries of 16 Bytes each.
+	 * one call to dcbz_64() clear 64 bytes, hence calling it 4 times
+	 * to clear all the SG entries. caam_jr_alloc_ctx() is called for
+	 * each packet, memset is costlier than dcbz_64().
+	 */
+	dcbz_64(&ctx->sg[SG_CACHELINE_0]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_1]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_2]);
+	dcbz_64(&ctx->sg[SG_CACHELINE_3]);
+
+	ctx->ctx_pool = ses->ctx_pool;
+	ctx->vtop_offset = (size_t) ctx - rte_mempool_virt2iova(ctx);
+
+	return ctx;
+}
+
+static inline int
+is_cipher_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg == RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_auth_only(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_aead(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg == 0) &&
+		(ses->auth_alg == 0) &&
+		(ses->aead_alg != 0));
+}
+
+static inline int
+is_auth_cipher(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+}
+
+static inline int
+is_encode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_ENC;
+}
+
+static inline int
+is_decode(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return ses->dir == DIR_DEC;
+}
+
+static inline void
+caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->auth_alg) {
+	case RTE_CRYPTO_AUTH_NULL:
+		ses->digest_length = 0;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+		alginfo_a->algmode = OP_ALG_AAI_HMAC;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported auth alg %u", ses->auth_alg);
+	}
+}
+
+static inline void
+caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->cipher_alg) {
+	case RTE_CRYPTO_CIPHER_NULL:
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+		alginfo_c->algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+		alginfo_c->algmode = OP_ALG_AAI_CTR;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported cipher alg %d", ses->cipher_alg);
+	}
+}
+
+static inline void
+caam_aead_alg(struct caam_jr_session *ses, struct alginfo *alginfo)
+{
+	PMD_INIT_FUNC_TRACE();
+	switch (ses->aead_alg) {
+	case RTE_CRYPTO_AEAD_AES_GCM:
+		alginfo->algtype = OP_ALG_ALGSEL_AES;
+		alginfo->algmode = OP_ALG_AAI_GCM;
+		break;
+	default:
+		CAAM_JR_DEBUG("unsupported AEAD alg %d", ses->aead_alg);
+	}
+}
+
+/* prepare command block of the session */
+static int
+caam_jr_prep_cdb(struct caam_jr_session *ses)
+{
+	struct alginfo alginfo_c = {0}, alginfo_a = {0}, alginfo = {0};
+	int32_t shared_desc_len = 0;
+	struct sec_cdb *cdb;
+	int err;
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+	int swap = false;
+#else
+	int swap = true;
+#endif
+
+	PMD_INIT_FUNC_TRACE();
+	if (ses->cdb)
+		caam_jr_dma_free(ses->cdb);
+
+	cdb = caam_jr_dma_mem_alloc(L1_CACHE_BYTES, sizeof(struct sec_cdb));
+	if (!cdb) {
+		CAAM_JR_ERR("failed to allocate memory for cdb\n");
+		return -1;
+	}
+
+	ses->cdb = cdb;
+
+	memset(cdb, 0, sizeof(struct sec_cdb));
+
+	if (is_cipher_only(ses)) {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_blkcipher(
+						cdb->sh_desc, true,
+						swap, &alginfo_c,
+						NULL,
+						ses->iv.length,
+						ses->dir);
+	} else if (is_auth_only(ses)) {
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		shared_desc_len = cnstr_shdsc_hmac(cdb->sh_desc, true,
+						   swap, &alginfo_a,
+						   !ses->dir,
+						   ses->digest_length);
+	} else if (is_aead(ses)) {
+		caam_aead_alg(ses, &alginfo);
+		if (alginfo.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported aead alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+		alginfo.key = (size_t)ses->aead_key.data;
+		alginfo.keylen = ses->aead_key.length;
+		alginfo.key_enc_flags = 0;
+		alginfo.key_type = RTA_DATA_IMM;
+
+		if (ses->dir == DIR_ENC)
+			shared_desc_len = cnstr_shdsc_gcm_encap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+		else
+			shared_desc_len = cnstr_shdsc_gcm_decap(
+					cdb->sh_desc, true, swap,
+					&alginfo,
+					ses->iv.length,
+					ses->digest_length);
+	} else {
+		caam_cipher_alg(ses, &alginfo_c);
+		if (alginfo_c.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported cipher alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_c.key = (size_t)ses->cipher_key.data;
+		alginfo_c.keylen = ses->cipher_key.length;
+		alginfo_c.key_enc_flags = 0;
+		alginfo_c.key_type = RTA_DATA_IMM;
+
+		caam_auth_alg(ses, &alginfo_a);
+		if (alginfo_a.algtype == (unsigned int)CAAM_JR_ALG_UNSUPPORT) {
+			CAAM_JR_ERR("not supported auth alg");
+			rte_free(cdb);
+			return -ENOTSUP;
+		}
+
+		alginfo_a.key = (size_t)ses->auth_key.data;
+		alginfo_a.keylen = ses->auth_key.length;
+		alginfo_a.key_enc_flags = 0;
+		alginfo_a.key_type = RTA_DATA_IMM;
+
+		cdb->sh_desc[0] = alginfo_c.keylen;
+		cdb->sh_desc[1] = alginfo_a.keylen;
+		err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN,
+				       MIN_JOB_DESC_SIZE,
+				       (unsigned int *)cdb->sh_desc,
+				       &cdb->sh_desc[2], 2);
+
+		if (err < 0) {
+			CAAM_JR_ERR("Crypto: Incorrect key lengths");
+			rte_free(cdb);
+			return err;
+		}
+		if (cdb->sh_desc[2] & 1)
+			alginfo_c.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_c.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_c.key);
+			alginfo_c.key_type = RTA_DATA_PTR;
+		}
+		if (cdb->sh_desc[2] & (1<<1))
+			alginfo_a.key_type = RTA_DATA_IMM;
+		else {
+			alginfo_a.key = (size_t)caam_jr_mem_vtop(
+						(void *)(size_t)alginfo_a.key);
+			alginfo_a.key_type = RTA_DATA_PTR;
+		}
+		cdb->sh_desc[0] = 0;
+		cdb->sh_desc[1] = 0;
+		cdb->sh_desc[2] = 0;
+			/* Auth_only_len is set as 0 here and it will be
+			 * overwritten in fd for each packet.
+			 */
+			shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc,
+					true, swap, &alginfo_c, &alginfo_a,
+					ses->iv.length, 0,
+					ses->digest_length, ses->dir);
+	}
+
+	if (shared_desc_len < 0) {
+		CAAM_JR_ERR("error in preparing command block");
+		return shared_desc_len;
+	}
+
+#if CAAM_JR_DBG
+	SEC_DUMP_DESC(cdb->sh_desc);
+#endif
+
+	cdb->sh_hdr.hi.field.idlen = shared_desc_len;
+
+	return 0;
+}
+
 /* @brief Poll the HW for already processed jobs in the JR
  * and silently discard the available jobs or notify them to UA
  * with indicated error code.
@@ -100,6 +438,539 @@ hw_flush_job_ring(struct sec_job_ring_t *job_ring,
 	}
 }
 
+/* @brief Poll the HW for already processed jobs in the JR
+ * and notify the available jobs to UA.
+ *
+ * @param [in]  job_ring	The job ring to poll.
+ * @param [in]  limit           The maximum number of jobs to notify.
+ *                              If set to negative value, all available jobs are
+ *				notified.
+ *
+ * @retval >=0 for No of jobs notified to UA.
+ * @retval -1 for error
+ */
+static int
+hw_poll_job_ring(struct sec_job_ring_t *job_ring,
+		 struct rte_crypto_op **ops, int32_t limit,
+		 struct caam_jr_qp *jr_qp)
+{
+	int32_t jobs_no_to_notify = 0; /* the number of done jobs to notify*/
+	int32_t number_of_jobs_available = 0;
+	int32_t notified_descs_no = 0;
+	uint32_t sec_error_code = 0;
+	struct job_descriptor *current_desc;
+	phys_addr_t current_desc_addr;
+	phys_addr_t *temp_addr;
+	struct caam_jr_op_ctx *ctx;
+
+	PMD_INIT_FUNC_TRACE();
+	/* TODO check for ops have memory*/
+	/* check here if any JR error that cannot be written
+	 * in the output status word has occurred
+	 */
+	if (JR_REG_JRINT_JRE_EXTRACT(GET_JR_REG(JRINT, job_ring))) {
+		CAAM_JR_INFO("err received");
+		sec_error_code = JR_REG_JRINT_ERR_TYPE_EXTRACT(
+					GET_JR_REG(JRINT, job_ring));
+		if (unlikely(sec_error_code)) {
+			hw_job_ring_error_print(job_ring, sec_error_code);
+			return -1;
+		}
+	}
+	/* compute the number of jobs available in the job ring based on the
+	 * producer and consumer index values.
+	 */
+	number_of_jobs_available = hw_get_no_finished_jobs(job_ring);
+	/* Compute the number of notifications that need to be raised to UA
+	 * If limit > total number of done jobs -> notify all done jobs
+	 * If limit = 0 -> error
+	 * If limit < total number of done jobs -> notify a number
+	 * of done jobs equal with limit
+	 */
+	jobs_no_to_notify = (limit > number_of_jobs_available) ?
+				number_of_jobs_available : limit;
+	CAAM_JR_DP_DEBUG(
+		"Jr[%p] pi[%d] ci[%d].limit =%d Available=%d.Jobs to notify=%d",
+		job_ring, job_ring->pidx, job_ring->cidx,
+		limit, number_of_jobs_available, jobs_no_to_notify);
+
+	rte_smp_rmb();
+
+	while (jobs_no_to_notify > notified_descs_no) {
+		static uint64_t false_alarm;
+		static uint64_t real_poll;
+
+		/* Get job status here */
+		sec_error_code = job_ring->output_ring[job_ring->cidx].status;
+		/* Get completed descriptor */
+		temp_addr = &(job_ring->output_ring[job_ring->cidx].desc);
+		current_desc_addr = (phys_addr_t)sec_read_addr(temp_addr);
+
+		real_poll++;
+		/* todo check if it is false alarm no desc present */
+		if (!current_desc_addr) {
+			false_alarm++;
+			printf("false alarm %" PRIu64 "real %" PRIu64
+				" sec_err =0x%x cidx Index =0%d\n",
+				false_alarm, real_poll,
+				sec_error_code, job_ring->cidx);
+			rte_panic("CAAM JR descriptor NULL");
+			return notified_descs_no;
+		}
+		current_desc = (struct job_descriptor *)
+				caam_jr_dma_ptov(current_desc_addr);
+		/* now increment the consumer index for the current job ring,
+		 * AFTER saving job in temporary location!
+		 */
+		job_ring->cidx = SEC_CIRCULAR_COUNTER(job_ring->cidx,
+				 SEC_JOB_RING_SIZE);
+		/* Signal that the job has been processed and the slot is free*/
+		hw_remove_entries(job_ring, 1);
+		/*TODO for multiple ops, packets*/
+		ctx = container_of(current_desc, struct caam_jr_op_ctx, jobdes);
+		if (unlikely(sec_error_code)) {
+			CAAM_JR_ERR("desc at cidx %d generated error 0x%x\n",
+				job_ring->cidx, sec_error_code);
+			hw_handle_job_ring_error(job_ring, sec_error_code);
+			//todo improve with exact errors
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			jr_qp->rx_errs++;
+		} else {
+			ctx->op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if CAAM_JR_DBG
+			if (ctx->op->sym->m_dst) {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_dst));
+			} else {
+				rte_hexdump(stdout, "PROCESSED",
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, void *),
+				rte_pktmbuf_data_len(ctx->op->sym->m_src));
+			}
+#endif
+		}
+		*ops = ctx->op;
+		caam_jr_op_ending(ctx);
+		ops++;
+		notified_descs_no++;
+	}
+	return notified_descs_no;
+}
+
+static uint16_t
+caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	struct sec_job_ring_t *ring = jr_qp->ring;
+	int num_rx;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	CAAM_JR_DP_DEBUG("Jr[%p]Polling. limit[%d]", ring, nb_ops);
+
+	/* Poll job ring
+	 * If nb_ops < 0 -> poll JR until no more notifications are available.
+	 * If nb_ops > 0 -> poll JR until limit is reached.
+	 */
+
+	/* Run hw poll job ring */
+	num_rx = hw_poll_job_ring(ring, ops, nb_ops, jr_qp);
+	if (num_rx < 0) {
+		CAAM_JR_ERR("Error polling SEC engine (%d)", num_rx);
+		return 0;
+	}
+
+	CAAM_JR_DP_DEBUG("Jr[%p].Jobs notified[%d]. ", ring, num_rx);
+
+	if (ring->jr_mode == SEC_NOTIFICATION_TYPE_NAPI) {
+		if (num_rx < nb_ops) {
+			ret = caam_jr_enable_irqs(ring->irq_fd);
+			SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+		}
+	} else if (ring->jr_mode == SEC_NOTIFICATION_TYPE_IRQ) {
+
+		/* Always enable IRQ generation when in pure IRQ mode */
+		ret = caam_jr_enable_irqs(ring->irq_fd);
+		SEC_ASSERT(ret == 0, ret,
+			"Failed to enable irqs for job ring %p", ring);
+	}
+
+	jr_qp->rx_pkts += num_rx;
+
+	return num_rx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	start_addr = rte_pktmbuf_iova(sym->m_src);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	if (is_decode(ses)) {
+		sg = &ctx->sg[0];
+		SEC_JD_SET_IN_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+			(sym->auth.data.length + ses->digest_length));
+		/* enabling sg list */
+		(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+		sg->ptr = cpu_to_caam64(start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		/* let's check digest by hw */
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)start_addr,
+			sym->auth.data.offset, sym->auth.data.length);
+	}
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr,
+			sym->cipher.data.offset,
+			sym->cipher.data.length + ses->iv.length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, sg), 0,
+				sym->cipher.data.length + ses->iv.length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg = &ctx->sg[1];
+	sg->ptr = cpu_to_caam64(src_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	return ctx;
+}
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	rte_iova_t src_start_addr, dst_start_addr;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* input */
+	sg = &ctx->sg[0];
+	if (is_encode(ses)) {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	} else {
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+		sg->len = cpu_to_caam32(ses->iv.length);
+		length += ses->iv.length;
+
+		sg++;
+		sg->ptr = cpu_to_caam64(src_start_addr + sym->auth.data.offset);
+		sg->len = cpu_to_caam32(sym->auth.data.length);
+		length += sym->auth.data.length;
+
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg++;
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+		/* last element*/
+		sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+	}
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(&ctx->sg[0]), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	/* output */
+	sg = &ctx->sg[6];
+
+	sg->ptr = cpu_to_caam64(dst_start_addr + sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(sym->cipher.data.length);
+	length = sym->cipher.data.length;
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(&ctx->sg[6]), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+static int
+caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
+{
+	struct sec_job_ring_t *ring = qp->ring;
+	struct caam_jr_session *ses;
+	struct caam_jr_op_ctx *ctx = NULL;
+	struct sec_job_descriptor_t *jobdescr __rte_unused;
+
+	PMD_INIT_FUNC_TRACE();
+	switch (op->sess_type) {
+	case RTE_CRYPTO_OP_WITH_SESSION:
+		ses = (struct caam_jr_session *)
+		get_sym_session_private_data(op->sym->session,
+					cryptodev_driver_id);
+		break;
+	default:
+		CAAM_JR_DP_ERR("sessionless crypto op not supported");
+		qp->tx_errs++;
+		return -1;
+	}
+
+	if (unlikely(!ses->qp || ses->qp != qp)) {
+		CAAM_JR_DP_DEBUG("Old:sess->qp=%p New qp = %p\n", ses->qp, qp);
+		ses->qp = qp;
+		caam_jr_prep_cdb(ses);
+	}
+
+	if (rte_pktmbuf_is_contiguous(op->sym->m_src)) {
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth(op, ses);
+		else if (is_aead(ses))
+			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only(op, ses);
+	} else {
+		if (is_aead(ses))
+			goto err1;
+	}
+err1:
+	if (unlikely(!ctx)) {
+		qp->tx_errs++;
+		CAAM_JR_ERR("not supported sec op");
+		return -1;
+	}
+#if CAAM_JR_DBG
+	if (is_decode(ses))
+		rte_hexdump(stdout, "DECODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+	else
+		rte_hexdump(stdout, "ENCODE",
+			rte_pktmbuf_mtod(op->sym->m_src, void *),
+			rte_pktmbuf_data_len(op->sym->m_src));
+
+	printf("\n JD before conversion\n");
+	for (int i = 0; i < 12; i++)
+		printf("\n 0x%08x", ctx->jobdes.desc[i]);
+#endif
+
+	CAAM_JR_DP_DEBUG("Jr[%p] pi[%d] ci[%d].Before sending desc",
+		      ring, ring->pidx, ring->cidx);
+
+	/* todo - do we want to retry */
+	if (SEC_JOB_RING_IS_FULL(ring->pidx, ring->cidx,
+			 SEC_JOB_RING_SIZE, SEC_JOB_RING_SIZE)) {
+		CAAM_JR_DP_DEBUG("Ring FULL Jr[%p] pi[%d] ci[%d].Size = %d",
+			      ring, ring->pidx, ring->cidx, SEC_JOB_RING_SIZE);
+		caam_jr_op_ending(ctx);
+		qp->tx_ring_full++;
+		return -EBUSY;
+	}
+
+#if CORE_BYTE_ORDER != CAAM_BYTE_ORDER
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	jobdescr->deschdr.command.word =
+		cpu_to_caam32(jobdescr->deschdr.command.word);
+	jobdescr->sd_ptr = cpu_to_caam64(jobdescr->sd_ptr);
+	jobdescr->seq_out.command.word =
+		cpu_to_caam32(jobdescr->seq_out.command.word);
+	jobdescr->seq_out_ptr = cpu_to_caam64(jobdescr->seq_out_ptr);
+	jobdescr->out_ext_length = cpu_to_caam32(jobdescr->out_ext_length);
+	jobdescr->seq_in.command.word =
+		cpu_to_caam32(jobdescr->seq_in.command.word);
+	jobdescr->seq_in_ptr = cpu_to_caam64(jobdescr->seq_in_ptr);
+	jobdescr->in_ext_length = cpu_to_caam32(jobdescr->in_ext_length);
+	jobdescr->load_dpovrd.command.word =
+		cpu_to_caam32(jobdescr->load_dpovrd.command.word);
+	jobdescr->dpovrd = cpu_to_caam32(jobdescr->dpovrd);
+#endif
+
+	/* Set ptr in input ring to current descriptor	*/
+	sec_write_addr(&ring->input_ring[ring->pidx],
+			(phys_addr_t)caam_jr_vtop_ctx(ctx, ctx->jobdes.desc));
+	rte_smp_wmb();
+
+	/* Notify HW that a new job is enqueued */
+	hw_enqueue_desc_on_job_ring(ring);
+
+	/* increment the producer index for the current job ring */
+	ring->pidx = SEC_CIRCULAR_COUNTER(ring->pidx, SEC_JOB_RING_SIZE);
+
+	return 0;
+}
+
+static uint16_t
+caam_jr_enqueue_burst(void *qp, struct rte_crypto_op **ops,
+		       uint16_t nb_ops)
+{
+	/* Function to transmit the frames to given device and queuepair */
+	uint32_t loop;
+	int32_t ret;
+	struct caam_jr_qp *jr_qp = (struct caam_jr_qp *)qp;
+	uint16_t num_tx = 0;
+
+	PMD_INIT_FUNC_TRACE();
+	/*Prepare each packet which is to be sent*/
+	for (loop = 0; loop < nb_ops; loop++) {
+		ret = caam_jr_enqueue_op(ops[loop], jr_qp);
+		if (!ret)
+			num_tx++;
+	}
+
+	jr_qp->tx_pkts += num_tx;
+
+	return num_tx;
+}
+
 /* Release queue pair */
 static int
 caam_jr_queue_pair_release(struct rte_cryptodev *dev,
@@ -726,8 +1597,8 @@ caam_jr_dev_init(const char *name,
 	dev->dev_ops = &caam_jr_ops;
 
 	/* register rx/tx burst functions for data path */
-	dev->dequeue_burst = NULL;
-	dev->enqueue_burst = NULL;
+	dev->dequeue_burst = caam_jr_dequeue_burst;
+	dev->enqueue_burst = caam_jr_enqueue_burst;
 	dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
diff --git a/drivers/crypto/caam_jr/caam_jr_desc.h b/drivers/crypto/caam_jr/caam_jr_desc.h
new file mode 100644
index 000000000..6683ea835
--- /dev/null
+++ b/drivers/crypto/caam_jr/caam_jr_desc.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright 2017-2018 NXP
+ */
+
+#ifndef CAAM_JR_DESC_H
+#define CAAM_JR_DESC_H
+
+#define CMD_HDR_CTYPE_SD		0x16
+#define CMD_HDR_CTYPE_JD		0x17
+
+/* The maximum size of a SEC descriptor, in WORDs (32 bits). */
+#define MAX_DESC_SIZE_WORDS                     64
+
+/*
+ * Macros manipulating descriptors
+ */
+/* Macro for setting the SD pointer in a JD. Common for all protocols
+ * supported by the SEC driver.
+ */
+#define SEC_JD_SET_SD(descriptor, ptr, len)	   {	  \
+	(descriptor)->sd_ptr = (ptr);			       \
+	(descriptor)->deschdr.command.jd.shr_desc_len = (len);      \
+}
+
+/* Macro for setting a pointer to the job which this descriptor processes.
+ * It eases the lookup procedure for identifying the descriptor that has
+ * completed.
+ */
+#define SEC_JD_SET_JOB_PTR(descriptor, ptr) \
+	((descriptor)->job_ptr = (ptr))
+
+/* Macro for setting up a JD. The structure of the JD is common across all
+ * supported protocols, thus its structure is identical.
+ */
+#define SEC_JD_INIT(descriptor)	      ({ \
+	/* CTYPE = job descriptor			       \
+	 * RSMS, DNR = 0
+	 * ONE = 1
+	 * Start Index = 0
+	 * ZRO,TD, MTD = 0
+	 * SHR = 1 (there's a shared descriptor referenced
+	 *	  by this job descriptor,pointer in next word)
+	 * REO = 1 (execute job descr. first, shared descriptor
+	 *	  after)
+	 * SHARE = DEFER
+	 * Descriptor Length = 0 ( to be completed @ runtime ) */ \
+	(descriptor)->deschdr.command.word = 0xB0801C0D;	\
+	/*
+	 * CTYPE = SEQ OUT command * Scater Gather Flag = 0
+	 * (can be updated @ runtime) PRE = 0 * EXT = 1
+	 * (data length is in next word, following the * command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_out.command.word = 0xF8400000; /**/	\
+	/*
+	 * CTYPE = SEQ IN command
+	 * Scater Gather Flag = 0 (can be updated @ runtime)
+	 * PRE = 0
+	 * EXT = 1 ( data length is in next word, following the
+	 *	   command)
+	 * RTO = 0 */						\
+	(descriptor)->seq_in.command.word  = 0xF0400000; /**/	\
+	/*
+	 * In order to be compatible with QI scenarios, the DPOVRD value
+	 * loaded must be formated like this:
+	 * DPOVRD_EN (1b) | Res| DPOVRD Value (right aligned). */ \
+	(descriptor)->load_dpovrd.command.word = 0x16870004;	\
+	/* By default, DPOVRD mechanism is disabled, thus the value to be
+	 * LOAD-ed through the above descriptor command will be
+	 * 0x0000_0000. */					\
+	(descriptor)->dpovrd = 0x00000000;			\
+})
+
+/* Macro for setting the pointer to the input buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_IN_PTR(descriptor, phys_addr, offset, length) {     \
+	(descriptor)->seq_in_ptr = (phys_addr) + (offset);	      \
+	(descriptor)->in_ext_length = (length);			 \
+}
+
+/* Macro for setting the pointer to the output buffer in the JD, according to
+ * the parameters set by the user in the ::sec_packet_t structure.
+ */
+#define SEC_JD_SET_OUT_PTR(descriptor, phys_addr, offset, length) {    \
+	(descriptor)->seq_out_ptr = (phys_addr) + (offset);	     \
+	(descriptor)->out_ext_length = (length);			\
+}
+
+/* Macro for setting the Scatter-Gather flag in the SEQ IN command. Used in
+ * case the input buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_IN(descriptor) \
+	((descriptor)->seq_in.command.field.sgf =  1)
+
+/* Macro for setting the Scatter-Gather flag in the SEQ OUT command. Used in
+ * case the output buffer is split in multiple buffers, according to the user
+ * specification.
+ */
+#define SEC_JD_SET_SG_OUT(descriptor) \
+	((descriptor)->seq_out.command.field.sgf = 1)
+
+#define SEC_JD_SET_DPOVRD(descriptor) \
+
+/* Macro for retrieving a descriptor's length. Works for both SD and JD. */
+#define SEC_GET_DESC_LEN(descriptor)					\
+	(((struct descriptor_header_s *)(descriptor))->command.sd.ctype == \
+	CMD_HDR_CTYPE_SD ? ((struct descriptor_header_s *) \
+	(descriptor))->command.sd.desclen :	\
+	((struct descriptor_header_s *)(descriptor))->command.jd.desclen)
+
+/* Helper macro for dumping the hex representation of a descriptor */
+#define SEC_DUMP_DESC(descriptor) {					\
+	int __i;							\
+	CAAM_JR_INFO("Des@ 0x%08x\n", (uint32_t)((uint32_t *)(descriptor)));\
+	for (__i = 0;						\
+		__i < SEC_GET_DESC_LEN(descriptor);			\
+		__i++) {						\
+		printf("0x%08x: 0x%08x\n",			\
+			(uint32_t)(((uint32_t *)(descriptor)) + __i),	\
+			*(((uint32_t *)(descriptor)) + __i));		\
+	}								\
+}
+/* Union describing a descriptor header.
+ */
+struct descriptor_header_s {
+	union {
+		uint32_t word;
+		struct {
+			/* 4  */ unsigned int ctype:5;
+			/* 5  */ unsigned int res1:2;
+			/* 7  */ unsigned int dnr:1;
+			/* 8  */ unsigned int one:1;
+			/* 9  */ unsigned int res2:1;
+			/* 10 */ unsigned int start_idx:6;
+			/* 16 */ unsigned int res3:2;
+			/* 18 */ unsigned int cif:1;
+			/* 19 */ unsigned int sc:1;
+			/* 20 */ unsigned int pd:1;
+			/* 21 */ unsigned int res4:1;
+			/* 22 */ unsigned int share:2;
+			/* 24 */ unsigned int res5:2;
+			/* 26 */ unsigned int desclen:6;
+		} sd;
+		struct {
+			/* TODO only below struct members are corrected,
+			 * all others also need to be reversed please verify it
+			 */
+			/* 0 */ unsigned int desclen:7;
+			/* 7 */ unsigned int res4:1;
+			/* 8 */ unsigned int share:3;
+			/* 11 */ unsigned int reo:1;
+			/* 12 */ unsigned int shr:1;
+			/* 13 */ unsigned int mtd:1;
+			/* 14 */ unsigned int td:1;
+			/* 15 */ unsigned int zero:1;
+			/* 16 */ unsigned int shr_desc_len:6;
+			/* 22  */ unsigned int res2:1;
+			/* 23  */ unsigned int one:1;
+			/* 24  */ unsigned int dnr:1;
+			/* 25  */ unsigned int rsms:1;
+			/* 26  */ unsigned int res1:1;
+			/* 27  */ unsigned int ctype:5;
+		} jd;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a KEY command in a descriptor.
+ */
+struct key_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int cls:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int enc:1;
+			unsigned int nwb:1;
+			unsigned int ekt:1;
+			unsigned int kdest:4;
+			unsigned int tk:1;
+			unsigned int rsvd1:5;
+			unsigned int length:10;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a PROTOCOL command
+ * in a descriptor.
+ */
+struct protocol_operation_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int optype:3;
+			unsigned char protid;
+			unsigned short protinfo;
+		} __rte_packed field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQIN command in a
+ * descriptor.
+ */
+struct seq_in_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:1;
+			unsigned int inl:1;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int rjd:1;
+			unsigned int res2:4;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Union describing a SEQOUT command in a
+ * descriptor.
+ */
+struct seq_out_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int res1:2;
+			unsigned int sgf:1;
+			unsigned int pre:1;
+			unsigned int ext:1;
+			unsigned int rto:1;
+			unsigned int res2:5;
+			unsigned int length:16;
+		} field;
+	} __rte_packed command;
+} __rte_packed;
+
+struct load_command_s {
+	union {
+		uint32_t word;
+		struct {
+			unsigned int ctype:5;
+			unsigned int class:2;
+			unsigned int sgf:1;
+			unsigned int imm:1;
+			unsigned int dst:7;
+			unsigned char offset;
+			unsigned char length;
+		} fields;
+	} __rte_packed command;
+} __rte_packed;
+
+/* Structure encompassing a general shared descriptor of maximum
+ * size (64 WORDs). Usually, other specific shared descriptor structures
+ * will be type-casted to this one
+ * this one.
+ */
+struct sec_sd_t {
+	uint32_t rsvd[MAX_DESC_SIZE_WORDS];
+} __attribute__((packed, aligned(64)));
+
+/* Structure encompassing a job descriptor which processes
+ * a single packet from a context. The job descriptor references
+ * a shared descriptor from a SEC context.
+ */
+struct sec_job_descriptor_t {
+	struct descriptor_header_s deschdr;
+	dma_addr_t sd_ptr;
+	struct seq_out_command_s seq_out;
+	dma_addr_t seq_out_ptr;
+	uint32_t out_ext_length;
+	struct seq_in_command_s seq_in;
+	dma_addr_t seq_in_ptr;
+	uint32_t in_ext_length;
+	struct load_command_s load_dpovrd;
+	uint32_t dpovrd;
+} __attribute__((packed, aligned(64)));
+
+#endif
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 11/15] crypto/caam_jr: add scatter gather
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (9 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
                           ` (4 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Gagandeep Singh, Hemant Agrawal

This patch add the scatter gather feature
for auth-only, cipher-only and cipher-auth
operations

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 375 ++++++++++++++++++++++++++++++-
 1 file changed, 374 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 594ae8ded..0d3a49145 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -602,6 +602,101 @@ caam_jr_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 	return num_rx;
 }
 
+/**
+ * packet looks like:
+ *		|<----data_len------->|
+ *    |ip_header|ah_header|icv|payload|
+ *              ^
+ *		|
+ *	   mbuf->pkt.data
+ */
+static inline struct caam_jr_op_ctx *
+build_auth_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg;
+	int	length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t extra_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (is_decode(ses))
+		extra_segs = 2;
+	else
+		extra_segs = 1;
+
+	if ((mbuf->nb_segs + extra_segs) > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)sym->auth.digest.phys_addr,
+			0, ses->digest_length);
+
+	/*input */
+	sg = &ctx->sg[0];
+	length = sym->auth.data.length;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf) + sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		/* digest verification case */
+		sg++;
+		/* hash result or digest, save digest first */
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+			   ses->digest_length);
+#if CAAM_JR_DBG
+		rte_hexdump(stdout, "ICV", ctx->digest, ses->digest_length);
+#endif
+		sg->ptr = cpu_to_caam64(caam_jr_vtop_ctx(ctx, ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+		length += ses->digest_length;
+	} else {
+		length -= ses->digest_length;
+	}
+
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr,
+		(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0, length);
+	/* enabling sg list */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -667,6 +762,123 @@ build_auth_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+static inline struct caam_jr_op_ctx *
+build_cipher_only_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct rte_mbuf *mbuf = sym->m_src;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *in_sg;
+	int length;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint8_t reg_segs;
+
+	PMD_INIT_FUNC_TRACE();
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		reg_segs = mbuf->nb_segs + sym->m_src->nb_segs + 2;
+	} else {
+		mbuf = sym->m_src;
+		reg_segs = mbuf->nb_segs * 2 + 2;
+	}
+
+	if (reg_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+#if CAAM_JR_DBG
+	CAAM_JR_INFO("mbuf offset =%d, cipher offset = %d, length =%d+%d",
+			sym->m_src->data_off, sym->cipher.data.offset,
+			sym->cipher.data.length, ses->iv.length);
+#endif
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	sg = &ctx->sg[0];
+	length = sym->cipher.data.length;
+
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			(uint64_t)caam_jr_vtop_ctx(ctx, &ctx->sg[0]), 0,
+			length);
+	/*enabling sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/*input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+
+	length = sym->cipher.data.length + ses->iv.length;
+
+	/* IV */
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	/* 1st seg */
+	sg++;
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+				+ sym->cipher.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->cipher.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_vtop_ctx(ctx, in_sg), 0,
+				length);
+	/*enabling sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -731,6 +943,161 @@ build_cipher_only(struct rte_crypto_op *op, struct caam_jr_session *ses)
 	return ctx;
 }
 
+/* For decapsulation:
+ *     Input:
+ * +----+----------------+--------------------------------+-----+
+ * | IV | Auth-only data | Authenticated & Encrypted data | ICV |
+ * +----+----------------+--------------------------------+-----+
+ *     Output:
+ * +----+--------------------------+
+ * | Decrypted & authenticated data |
+ * +----+--------------------------+
+ */
+
+static inline struct caam_jr_op_ctx *
+build_cipher_auth_sg(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx;
+	struct sec4_sg_entry *sg, *out_sg, *in_sg;
+	struct rte_mbuf *mbuf;
+	uint32_t length = 0;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	uint8_t req_segs;
+	uint8_t *IV_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+			ses->iv.offset);
+	struct sec_job_descriptor_t *jobdescr;
+	uint32_t auth_only_len;
+
+	PMD_INIT_FUNC_TRACE();
+	auth_only_len = op->sym->auth.data.length -
+				op->sym->cipher.data.length;
+
+	if (sym->m_dst) {
+		mbuf = sym->m_dst;
+		req_segs = mbuf->nb_segs + sym->m_src->nb_segs + 3;
+	} else {
+		mbuf = sym->m_src;
+		req_segs = mbuf->nb_segs * 2 + 3;
+	}
+
+	if (req_segs > MAX_SG_ENTRIES) {
+		CAAM_JR_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
+				MAX_SG_ENTRIES);
+		return NULL;
+	}
+
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+
+	ctx->op = op;
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+		cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	if (sym->m_dst)
+		mbuf = sym->m_dst;
+	else
+		mbuf = sym->m_src;
+
+	out_sg = &ctx->sg[0];
+	if (is_encode(ses))
+		length = sym->auth.data.length + ses->digest_length;
+	else
+		length = sym->auth.data.length;
+
+	sg = &ctx->sg[0];
+
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_encode(ses)) {
+		/* set auth output */
+		sg++;
+		sg->ptr = cpu_to_caam64(sym->auth.digest.phys_addr);
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_OUT_PTR(jobdescr,
+			   (uint64_t)caam_jr_dma_vtop(out_sg), 0, length);
+	/* set sg bit */
+	(jobdescr)->seq_out.command.word  |= 0x01000000;
+
+	/* input */
+	sg++;
+	mbuf = sym->m_src;
+	in_sg = sg;
+	if (is_encode(ses))
+		length = ses->iv.length + sym->auth.data.length;
+	else
+		length = ses->iv.length + sym->auth.data.length
+						+ ses->digest_length;
+
+	sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(IV_ptr));
+	sg->len = cpu_to_caam32(ses->iv.length);
+
+	sg++;
+	/* 1st seg */
+	sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf)
+		+ sym->auth.data.offset);
+	sg->len = cpu_to_caam32(mbuf->data_len - sym->auth.data.offset);
+
+	/* Successive segs */
+	mbuf = mbuf->next;
+	while (mbuf) {
+		sg++;
+		sg->ptr = cpu_to_caam64(rte_pktmbuf_iova(mbuf));
+		sg->len = cpu_to_caam32(mbuf->data_len);
+		mbuf = mbuf->next;
+	}
+
+	if (is_decode(ses)) {
+		sg++;
+		rte_memcpy(ctx->digest, sym->auth.digest.data,
+		       ses->digest_length);
+		sg->ptr = cpu_to_caam64(caam_jr_dma_vtop(ctx->digest));
+		sg->len = cpu_to_caam32(ses->digest_length);
+	}
+	/* last element*/
+	sg->len |= cpu_to_caam32(SEC4_SG_LEN_FIN);
+
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)caam_jr_dma_vtop(in_sg), 0,
+				length);
+	/* set sg bit */
+	(jobdescr)->seq_in.command.word  |= 0x01000000;
+	/* Auth_only_len is set as 0 in descriptor and it is
+	 * overwritten here in the jd which will update
+	 * the DPOVRD reg.
+	 */
+	if (auth_only_len)
+		/* set sg bit */
+		(jobdescr)->dpovrd = 0x80000000 | auth_only_len;
+
+	return ctx;
+}
+
 static inline struct caam_jr_op_ctx *
 build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 {
@@ -878,8 +1245,14 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
 	} else {
-		if (is_aead(ses))
+		if (is_auth_cipher(ses))
+			ctx = build_cipher_auth_sg(op, ses);
+		else if (is_aead(ses))
 			goto err1;
+		else if (is_auth_only(ses))
+			ctx = build_auth_only_sg(op, ses);
+		else if (is_cipher_only(ses))
+			ctx = build_cipher_only_sg(op, ses);
 	}
 err1:
 	if (unlikely(!ctx)) {
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 12/15] crypto/caam_jr: add statistics ops
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (10 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 13/15] crypto/caam_jr: add security offload Gagandeep Singh
                           ` (3 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the following statistics operations:
 - stats_get
 - stats_reset

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c | 54 ++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index 0d3a49145..c89d76dab 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -103,6 +103,58 @@ caam_jr_alloc_ctx(struct caam_jr_session *ses)
 	return ctx;
 }
 
+static
+void caam_jr_stats_get(struct rte_cryptodev *dev,
+			struct rte_cryptodev_stats *stats)
+{
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+					dev->data->queue_pairs;
+	int i;
+
+	PMD_INIT_FUNC_TRACE();
+	if (stats == NULL) {
+		CAAM_JR_ERR("Invalid stats ptr NULL");
+		return;
+	}
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+
+		stats->enqueued_count += qp[i]->tx_pkts;
+		stats->dequeued_count += qp[i]->rx_pkts;
+		stats->enqueue_err_count += qp[i]->tx_errs;
+		stats->dequeue_err_count += qp[i]->rx_errs;
+		CAAM_JR_INFO("extra stats:\n\tRX Poll ERR = %" PRIu64
+			     "\n\tTX Ring Full = %" PRIu64,
+			     qp[i]->rx_poll_err,
+			     qp[i]->tx_ring_full);
+	}
+}
+
+static
+void caam_jr_stats_reset(struct rte_cryptodev *dev)
+{
+	int i;
+	struct caam_jr_qp **qp = (struct caam_jr_qp **)
+				   (dev->data->queue_pairs);
+
+	PMD_INIT_FUNC_TRACE();
+	for (i = 0; i < dev->data->nb_queue_pairs; i++) {
+		if (qp[i] == NULL) {
+			CAAM_JR_WARN("Uninitialised queue pair");
+			continue;
+		}
+		qp[i]->rx_pkts = 0;
+		qp[i]->rx_errs = 0;
+		qp[i]->rx_poll_err = 0;
+		qp[i]->tx_pkts = 0;
+		qp[i]->tx_errs = 0;
+		qp[i]->tx_ring_full = 0;
+	}
+}
+
 static inline int
 is_cipher_only(struct caam_jr_session *ses)
 {
@@ -1695,6 +1747,8 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.dev_stop	      = caam_jr_dev_stop,
 	.dev_close	      = caam_jr_dev_close,
 	.dev_infos_get        = caam_jr_dev_infos_get,
+	.stats_get	      = caam_jr_stats_get,
+	.stats_reset	      = caam_jr_stats_reset,
 	.queue_pair_setup     = caam_jr_queue_pair_setup,
 	.queue_pair_release   = caam_jr_queue_pair_release,
 	.queue_pair_count     = caam_jr_queue_pair_count,
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 13/15] crypto/caam_jr: add security offload
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (11 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 14/15] doc: add caam jr cryptodev details Gagandeep Singh
                           ` (2 subsequent siblings)
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch provides the support for protocol offload
to the hardware. following security operations are
added:
 - session_create
 - session_destroy
 - capabilities_get

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/caam_jr/caam_jr.c              | 425 +++++++++++++++++-
 drivers/crypto/caam_jr/caam_jr_capabilities.c |  36 ++
 drivers/crypto/caam_jr/caam_jr_capabilities.h |   8 +
 drivers/crypto/caam_jr/caam_jr_hw.c           |   3 +
 drivers/crypto/caam_jr/caam_jr_pvt.h          |  10 +
 drivers/crypto/caam_jr/caam_jr_uio.c          |   3 +
 6 files changed, 483 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index c89d76dab..1c18453e4 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -14,6 +14,9 @@
 #include <rte_cryptodev.h>
 #include <rte_bus_vdev.h>
 #include <rte_malloc.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security_driver.h>
+#endif
 #include <rte_hexdump.h>
 
 #include <caam_jr_capabilities.h>
@@ -26,7 +29,6 @@
 /* RTA header files */
 #include <hw/desc/common.h>
 #include <hw/desc/algo.h>
-#include <hw/desc/ipsec.h>
 #include <of.h>
 
 #define CAAM_JR_DBG	0
@@ -185,8 +187,21 @@ is_auth_cipher(struct caam_jr_session *ses)
 {
 	PMD_INIT_FUNC_TRACE();
 	return ((ses->cipher_alg != RTE_CRYPTO_CIPHER_NULL) &&
-		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL));
+		(ses->auth_alg != RTE_CRYPTO_AUTH_NULL)
+#ifdef RTE_LIBRTE_SECURITY
+		&& (ses->proto_alg != RTE_SECURITY_PROTOCOL_IPSEC)
+#endif
+		);
+}
+
+#ifdef RTE_LIBRTE_SECURITY
+static inline int
+is_proto_ipsec(struct caam_jr_session *ses)
+{
+	PMD_INIT_FUNC_TRACE();
+	return (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC);
 }
+#endif
 
 static inline int
 is_encode(struct caam_jr_session *ses)
@@ -211,27 +226,63 @@ caam_auth_alg(struct caam_jr_session *ses, struct alginfo *alginfo_a)
 		ses->digest_length = 0;
 		break;
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_MD5_96 : OP_ALG_ALGSEL_MD5;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_MD5;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_96 : OP_ALG_ALGSEL_SHA1;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA1;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA1_160 : OP_ALG_ALGSEL_SHA224;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA224;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_256_128 : OP_ALG_ALGSEL_SHA256;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA256;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_384_192 : OP_ALG_ALGSEL_SHA384;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA384;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_a->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_HMAC_SHA2_512_256 : OP_ALG_ALGSEL_SHA512;
+#else
 		alginfo_a->algtype = OP_ALG_ALGSEL_SHA512;
+#endif
 		alginfo_a->algmode = OP_ALG_AAI_HMAC;
 		break;
 	default:
@@ -247,15 +298,33 @@ caam_cipher_alg(struct caam_jr_session *ses, struct alginfo *alginfo_c)
 	case RTE_CRYPTO_CIPHER_NULL:
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CBC : OP_ALG_ALGSEL_AES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_3DES : OP_ALG_ALGSEL_3DES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_3DES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CBC;
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CTR:
+#ifdef RTE_LIBRTE_SECURITY
+		alginfo_c->algtype =
+			(ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ?
+			OP_PCL_IPSEC_AES_CTR : OP_ALG_ALGSEL_AES;
+#else
 		alginfo_c->algtype = OP_ALG_ALGSEL_AES;
+#endif
 		alginfo_c->algmode = OP_ALG_AAI_CTR;
 		break;
 	default:
@@ -419,6 +488,24 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 		cdb->sh_desc[0] = 0;
 		cdb->sh_desc[1] = 0;
 		cdb->sh_desc[2] = 0;
+#ifdef RTE_LIBRTE_SECURITY
+		if (is_proto_ipsec(ses)) {
+			if (ses->dir == DIR_ENC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_encap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->encap_pdb,
+						(uint8_t *)&ses->ip4_hdr,
+						&alginfo_c, &alginfo_a);
+			} else if (ses->dir == DIR_DEC) {
+				shared_desc_len = cnstr_shdsc_ipsec_new_decap(
+						cdb->sh_desc,
+						true, swap, SHR_SERIAL,
+						&ses->decap_pdb,
+						&alginfo_c, &alginfo_a);
+			}
+		} else {
+#endif
 			/* Auth_only_len is set as 0 here and it will be
 			 * overwritten in fd for each packet.
 			 */
@@ -426,6 +513,9 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 					true, swap, &alginfo_c, &alginfo_a,
 					ses->iv.length, 0,
 					ses->digest_length, ses->dir);
+#ifdef RTE_LIBRTE_SECURITY
+		}
+#endif
 	}
 
 	if (shared_desc_len < 0) {
@@ -601,6 +691,28 @@ hw_poll_job_ring(struct sec_job_ring_t *job_ring,
 			}
 #endif
 		}
+#ifdef RTE_LIBRTE_SECURITY
+		if (ctx->op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
+			struct ip *ip4_hdr;
+
+			if (ctx->op->sym->m_dst) {
+				/*TODO check for ip header or other*/
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_dst, char*);
+				ctx->op->sym->m_dst->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_dst->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			} else {
+				ip4_hdr = (struct ip *)
+				rte_pktmbuf_mtod(ctx->op->sym->m_src, char*);
+				ctx->op->sym->m_src->pkt_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+				ctx->op->sym->m_src->data_len =
+					rte_be_to_cpu_16(ip4_hdr->ip_len);
+			}
+		}
+#endif
 		*ops = ctx->op;
 		caam_jr_op_ending(ctx);
 		ops++;
@@ -1260,6 +1372,52 @@ build_cipher_auth(struct rte_crypto_op *op, struct caam_jr_session *ses)
 
 	return ctx;
 }
+
+#ifdef RTE_LIBRTE_SECURITY
+static inline struct caam_jr_op_ctx *
+build_proto(struct rte_crypto_op *op, struct caam_jr_session *ses)
+{
+	struct rte_crypto_sym_op *sym = op->sym;
+	struct caam_jr_op_ctx *ctx = NULL;
+	phys_addr_t src_start_addr, dst_start_addr;
+	struct sec_cdb *cdb;
+	uint64_t sdesc_offset;
+	struct sec_job_descriptor_t *jobdescr;
+
+	PMD_INIT_FUNC_TRACE();
+	ctx = caam_jr_alloc_ctx(ses);
+	if (!ctx)
+		return NULL;
+	ctx->op = op;
+
+	src_start_addr = rte_pktmbuf_iova(sym->m_src);
+	if (sym->m_dst)
+		dst_start_addr = rte_pktmbuf_iova(sym->m_dst);
+	else
+		dst_start_addr = src_start_addr;
+
+	cdb = ses->cdb;
+	sdesc_offset = (size_t) ((char *)&cdb->sh_desc - (char *)cdb);
+
+	jobdescr = (struct sec_job_descriptor_t *) ctx->jobdes.desc;
+
+	SEC_JD_INIT(jobdescr);
+	SEC_JD_SET_SD(jobdescr,
+		(phys_addr_t)(caam_jr_dma_vtop(cdb)) + sdesc_offset,
+			cdb->sh_hdr.hi.field.idlen);
+
+	/* output */
+	SEC_JD_SET_OUT_PTR(jobdescr, (uint64_t)dst_start_addr, 0,
+			sym->m_src->buf_len - sym->m_src->data_off);
+	/* input */
+	SEC_JD_SET_IN_PTR(jobdescr, (uint64_t)src_start_addr, 0,
+			sym->m_src->pkt_len);
+	sym->m_src->packet_type &= ~RTE_PTYPE_L4_MASK;
+
+	return ctx;
+}
+#endif
+
 static int
 caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 {
@@ -1275,6 +1433,13 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 		get_sym_session_private_data(op->sym->session,
 					cryptodev_driver_id);
 		break;
+#ifdef RTE_LIBRTE_SECURITY
+	case RTE_CRYPTO_OP_SECURITY_SESSION:
+		ses = (struct caam_jr_session *)
+			get_sec_session_private_data(
+					op->sym->sec_session);
+		break;
+#endif
 	default:
 		CAAM_JR_DP_ERR("sessionless crypto op not supported");
 		qp->tx_errs++;
@@ -1296,6 +1461,10 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
 			ctx = build_auth_only(op, ses);
 		else if (is_cipher_only(ses))
 			ctx = build_cipher_only(op, ses);
+#ifdef RTE_LIBRTE_SECURITY
+		else if (is_proto_ipsec(ses))
+			ctx = build_proto(op, ses);
+#endif
 	} else {
 		if (is_auth_cipher(ses))
 			ctx = build_cipher_auth_sg(op, ses);
@@ -1666,6 +1835,229 @@ caam_jr_sym_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+#ifdef RTE_LIBRTE_SECURITY
+static int
+caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
+			  struct rte_security_session_conf *conf,
+			  void *sess)
+{
+	struct sec_job_ring_t *internals = dev->data->dev_private;
+	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
+	struct rte_crypto_auth_xform *auth_xform;
+	struct rte_crypto_cipher_xform *cipher_xform;
+	struct caam_jr_session *session = (struct caam_jr_session *)sess;
+
+	PMD_INIT_FUNC_TRACE();
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		cipher_xform = &conf->crypto_xform->cipher;
+		auth_xform = &conf->crypto_xform->next->auth;
+	} else {
+		auth_xform = &conf->crypto_xform->auth;
+		cipher_xform = &conf->crypto_xform->next->cipher;
+	}
+	session->proto_alg = conf->protocol;
+	session->cipher_key.data = rte_zmalloc(NULL,
+					       cipher_xform->key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->cipher_key.data == NULL &&
+			cipher_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for cipher key\n");
+		return -ENOMEM;
+	}
+
+	session->cipher_key.length = cipher_xform->key.length;
+	session->auth_key.data = rte_zmalloc(NULL,
+					auth_xform->key.length,
+					RTE_CACHE_LINE_SIZE);
+	if (session->auth_key.data == NULL &&
+			auth_xform->key.length > 0) {
+		CAAM_JR_ERR("No Memory for auth key\n");
+		rte_free(session->cipher_key.data);
+		return -ENOMEM;
+	}
+	session->auth_key.length = auth_xform->key.length;
+	memcpy(session->cipher_key.data, cipher_xform->key.data,
+			cipher_xform->key.length);
+	memcpy(session->auth_key.data, auth_xform->key.data,
+			auth_xform->key.length);
+
+	switch (auth_xform->algo) {
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+	case RTE_CRYPTO_AUTH_KASUMI_F9:
+	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
+	case RTE_CRYPTO_AUTH_ZUC_EIA3:
+		CAAM_JR_ERR("Crypto: Unsupported auth alg %u\n",
+			auth_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Auth specified %u\n",
+			auth_xform->algo);
+		goto out;
+	}
+
+	switch (cipher_xform->algo) {
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR;
+		break;
+	case RTE_CRYPTO_CIPHER_NULL:
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+	case RTE_CRYPTO_CIPHER_3DES_ECB:
+	case RTE_CRYPTO_CIPHER_AES_ECB:
+	case RTE_CRYPTO_CIPHER_KASUMI_F8:
+		CAAM_JR_ERR("Crypto: Unsupported Cipher alg %u\n",
+			cipher_xform->algo);
+		goto out;
+	default:
+		CAAM_JR_ERR("Crypto: Undefined Cipher specified %u\n",
+			cipher_xform->algo);
+		goto out;
+	}
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
+		memset(&session->encap_pdb, 0, sizeof(struct ipsec_encap_pdb) +
+				sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_v = IPVERSION;
+		session->ip4_hdr.ip_hl = 5;
+		session->ip4_hdr.ip_len = rte_cpu_to_be_16(
+						sizeof(session->ip4_hdr));
+		session->ip4_hdr.ip_tos = ipsec_xform->tunnel.ipv4.dscp;
+		session->ip4_hdr.ip_id = 0;
+		session->ip4_hdr.ip_off = 0;
+		session->ip4_hdr.ip_ttl = ipsec_xform->tunnel.ipv4.ttl;
+		session->ip4_hdr.ip_p = (ipsec_xform->proto ==
+				RTE_SECURITY_IPSEC_SA_PROTO_ESP) ? IPPROTO_ESP
+				: IPPROTO_AH;
+		session->ip4_hdr.ip_sum = 0;
+		session->ip4_hdr.ip_src = ipsec_xform->tunnel.ipv4.src_ip;
+		session->ip4_hdr.ip_dst = ipsec_xform->tunnel.ipv4.dst_ip;
+		session->ip4_hdr.ip_sum = calc_chksum((uint16_t *)
+						(void *)&session->ip4_hdr,
+						sizeof(struct ip));
+
+		session->encap_pdb.options =
+			(IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
+			PDBOPTS_ESP_OIHI_PDB_INL |
+			PDBOPTS_ESP_IVSRC |
+			PDBHMO_ESP_ENCAP_DTTL;
+		session->encap_pdb.spi = ipsec_xform->spi;
+		session->encap_pdb.ip_hdr_len = sizeof(struct ip);
+
+		session->dir = DIR_ENC;
+	} else if (ipsec_xform->direction ==
+			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		session->decap_pdb.options = sizeof(struct ip) << 16;
+		session->dir = DIR_DEC;
+	} else
+		goto out;
+	session->ctx_pool = internals->ctx_pool;
+
+	return 0;
+out:
+	rte_free(session->auth_key.data);
+	rte_free(session->cipher_key.data);
+	memset(session, 0, sizeof(struct caam_jr_session));
+	return -1;
+}
+
+static int
+caam_jr_security_session_create(void *dev,
+				struct rte_security_session_conf *conf,
+				struct rte_security_session *sess,
+				struct rte_mempool *mempool)
+{
+	void *sess_private_data;
+	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CAAM_JR_ERR("Couldn't get object from session mempool");
+		return -ENOMEM;
+	}
+
+	switch (conf->protocol) {
+	case RTE_SECURITY_PROTOCOL_IPSEC:
+		ret = caam_jr_set_ipsec_session(cdev, conf,
+				sess_private_data);
+		break;
+	case RTE_SECURITY_PROTOCOL_MACSEC:
+		return -ENOTSUP;
+	default:
+		return -EINVAL;
+	}
+	if (ret != 0) {
+		CAAM_JR_ERR("failed to configure session parameters");
+		/* Return session to mempool */
+		rte_mempool_put(mempool, sess_private_data);
+		return ret;
+	}
+
+	set_sec_session_private_data(sess, sess_private_data);
+
+	return ret;
+}
+
+/* Clear the memory of session so it doesn't leave key material behind */
+static int
+caam_jr_security_session_destroy(void *dev __rte_unused,
+				 struct rte_security_session *sess)
+{
+	PMD_INIT_FUNC_TRACE();
+	void *sess_priv = get_sec_session_private_data(sess);
+
+	struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
+
+	if (sess_priv) {
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+
+		rte_free(s->cipher_key.data);
+		rte_free(s->auth_key.data);
+		memset(sess, 0, sizeof(struct caam_jr_session));
+		set_sec_session_private_data(sess, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+	return 0;
+}
+#endif
+
 static int
 caam_jr_dev_configure(struct rte_cryptodev *dev,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -1757,6 +2149,16 @@ static struct rte_cryptodev_ops caam_jr_ops = {
 	.sym_session_clear    = caam_jr_sym_session_clear
 };
 
+#ifdef RTE_LIBRTE_SECURITY
+static struct rte_security_ops caam_jr_security_ops = {
+	.session_create = caam_jr_security_session_create,
+	.session_update = NULL,
+	.session_stats_get = NULL,
+	.session_destroy = caam_jr_security_session_destroy,
+	.set_pkt_metadata = NULL,
+	.capabilities_get = caam_jr_get_security_capabilities
+};
+#endif
 
 /* @brief Flush job rings of any processed descs.
  * The processed descs are silently dropped,
@@ -1976,6 +2378,9 @@ caam_jr_dev_init(const char *name,
 		 struct rte_cryptodev_pmd_init_params *init_params)
 {
 	struct rte_cryptodev *dev;
+#ifdef RTE_LIBRTE_SECURITY
+	struct rte_security_ctx *security_instance;
+#endif
 	struct uio_job_ring *job_ring;
 	char str[RTE_CRYPTODEV_NAME_MAX_LEN];
 
@@ -2045,6 +2450,22 @@ caam_jr_dev_init(const char *name,
 		return 0;
 	}
 
+#ifdef RTE_LIBRTE_SECURITY
+	/*TODO free it during teardown*/
+	security_instance = rte_malloc("caam_jr",
+				sizeof(struct rte_security_ctx), 0);
+	if (security_instance == NULL) {
+		CAAM_JR_ERR("memory allocation failed\n");
+		//todo error handling.
+		goto cleanup2;
+	}
+
+	security_instance->device = (void *)dev;
+	security_instance->ops = &caam_jr_security_ops;
+	security_instance->sess_cnt = 0;
+	dev->security_ctx = security_instance;
+#endif
+
 	RTE_LOG(INFO, PMD, "%s cryptodev init\n", dev->data->name);
 
 	return 0;
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.c b/drivers/crypto/caam_jr/caam_jr_capabilities.c
index 92aa429cc..eacea7db3 100644
--- a/drivers/crypto/caam_jr/caam_jr_capabilities.c
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.c
@@ -225,6 +225,42 @@ static const struct rte_cryptodev_capabilities caam_jr_capabilities[] = {
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
+#ifdef RTE_LIBRTE_SECURITY
+static const struct rte_security_capability caam_jr_security_cap[] = {
+	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{ /* IPsec Lookaside Protocol offload ESP Tunnel Ingress */
+		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+		.protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+		.ipsec = {
+			.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+			.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+			.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+			.options = { 0 }
+		},
+		.crypto_capabilities = caam_jr_capabilities
+	},
+	{
+		.action = RTE_SECURITY_ACTION_TYPE_NONE
+	}
+};
+
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device __rte_unused)
+{
+	return caam_jr_security_cap;
+}
+#endif
+
 const struct rte_cryptodev_capabilities *
 caam_jr_get_cryptodev_capabilities(void)
 {
diff --git a/drivers/crypto/caam_jr/caam_jr_capabilities.h b/drivers/crypto/caam_jr/caam_jr_capabilities.h
index 7a94013e5..d3169b7e9 100644
--- a/drivers/crypto/caam_jr/caam_jr_capabilities.h
+++ b/drivers/crypto/caam_jr/caam_jr_capabilities.h
@@ -6,8 +6,16 @@
 #define CAAM_JR_CAPABILITIES_H
 
 #include <rte_cryptodev.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
 
 /* Get cryptodev capabilities */
 const struct rte_cryptodev_capabilities *
 caam_jr_get_cryptodev_capabilities(void);
+#ifdef RTE_LIBRTE_SECURITY
+/* Get security capabilities */
+const struct rte_security_capability *
+caam_jr_get_security_capabilities(void *device);
+#endif
 #endif
diff --git a/drivers/crypto/caam_jr/caam_jr_hw.c b/drivers/crypto/caam_jr/caam_jr_hw.c
index 80602b702..c6833185b 100644
--- a/drivers/crypto/caam_jr/caam_jr_hw.c
+++ b/drivers/crypto/caam_jr/caam_jr_hw.c
@@ -9,6 +9,9 @@
 #include <rte_memory.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
diff --git a/drivers/crypto/caam_jr/caam_jr_pvt.h b/drivers/crypto/caam_jr/caam_jr_pvt.h
index 333a192d9..c2d35ecd2 100644
--- a/drivers/crypto/caam_jr/caam_jr_pvt.h
+++ b/drivers/crypto/caam_jr/caam_jr_pvt.h
@@ -5,6 +5,8 @@
 #ifndef CAAM_JR_PVT_H
 #define CAAM_JR_PVT_H
 
+#include <hw/desc/ipsec.h>
+
 /* NXP CAAM JR PMD device name */
 
 #define CAAM_JR_ALG_UNSUPPORT	(-1)
@@ -110,6 +112,9 @@ struct caam_jr_session {
 	enum rte_crypto_cipher_algorithm cipher_alg; /* Cipher Algorithm*/
 	enum rte_crypto_auth_algorithm auth_alg; /* Authentication Algorithm*/
 	enum rte_crypto_aead_algorithm aead_alg; /* AEAD Algorithm*/
+#ifdef RTE_LIBRTE_SECURITY
+	enum rte_security_session_protocol proto_alg; /* Security Algorithm*/
+#endif
 	union {
 		struct {
 			uint8_t *data;	/* pointer to key data */
@@ -132,6 +137,11 @@ struct caam_jr_session {
 	} iv;	/* Initialisation vector parameters */
 	uint16_t auth_only_len; /* Length of data for Auth only */
 	uint32_t digest_length;
+#ifdef RTE_LIBRTE_SECURITY
+	struct ipsec_encap_pdb encap_pdb;
+	struct ip ip4_hdr;
+	struct ipsec_decap_pdb decap_pdb;
+#endif
 	struct caam_jr_qp *qp;
 	struct sec_cdb *cdb;	/* cmd block associated with qp */
 	struct rte_mempool *ctx_pool; /* session mempool for caam_jr_op_ctx */
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
index d6aec3e4c..58d86f961 100644
--- a/drivers/crypto/caam_jr/caam_jr_uio.c
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -16,6 +16,9 @@
 #include <rte_common.h>
 #include <rte_malloc.h>
 #include <rte_crypto.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
 
 #include <caam_jr_config.h>
 #include <caam_jr_hw_specific.h>
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 14/15] doc: add caam jr cryptodev details
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (12 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 13/15] crypto/caam_jr: add security offload Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
  2018-10-22 20:30         ` [dpdk-dev] [PATCH v5 00/15] Introducing the NXP CAAM job ring driver Thomas Monjalon
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

add caam jr driver details, supported features and algorithms
in the document.

release note and MAINTAINERS are also updated.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 MAINTAINERS                                |   2 +
 doc/guides/cryptodevs/caam_jr.rst          | 150 +++++++++++++++++++++
 doc/guides/cryptodevs/features/caam_jr.ini |  46 +++++++
 doc/guides/cryptodevs/index.rst            |   1 +
 doc/guides/rel_notes/release_18_11.rst     |   5 +
 5 files changed, 204 insertions(+)
 create mode 100644 doc/guides/cryptodevs/caam_jr.rst
 create mode 100644 doc/guides/cryptodevs/features/caam_jr.ini

diff --git a/MAINTAINERS b/MAINTAINERS
index 9de01189a..3079c187e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -855,6 +855,8 @@ NXP CAAM JR
 M: Gagandeep Singh <g.singh@nxp.com>
 M: Hemant Agrawal <hemant.agrawal@nxp.com>
 F: drivers/crypto/caam_jr/
+F: doc/guides/cryptodevs/caam_jr.rst
+F: doc/guides/cryptodevs/features/caam_jr.ini
 
 NXP DPAA_SEC
 M: Akhil Goyal <akhil.goyal@nxp.com>
diff --git a/doc/guides/cryptodevs/caam_jr.rst b/doc/guides/cryptodevs/caam_jr.rst
new file mode 100644
index 000000000..e87ff0915
--- /dev/null
+++ b/doc/guides/cryptodevs/caam_jr.rst
@@ -0,0 +1,150 @@
+..  SPDX-License-Identifier: BSD-3-Clause
+    Copyright 2018 NXP
+
+
+NXP CAAM JOB RING (caam_jr)
+===========================
+
+The caam_jr PMD provides poll mode crypto driver support for NXP SEC 4.x+ (CAAM)
+hardware accelerator. More information is available at:
+
+`NXP Cryptographic Acceleration Technology  <https://www.nxp.com/applications/solutions/internet-of-things/secure-things/network-security-technology/cryptographic-acceleration-technology:NETWORK_SECURITY_CRYPTOG>`_.
+
+Architecture
+------------
+
+SEC is the SOC's security engine, which serves as NXP's latest cryptographic
+acceleration and offloading hardware. It combines functions previously
+implemented in separate modules to create a modular and scalable acceleration
+and assurance engine. It also implements block encryption algorithms, stream
+cipher algorithms, hashing algorithms, public key algorithms, run-time
+integrity checking, and a hardware random number generator. SEC performs
+higher-level cryptographic operations than previous NXP cryptographic
+accelerators. This provides significant improvement to system level performance.
+
+SEC HW accelerator above 4.x+ version are also known as CAAM.
+
+caam_jr PMD is one of DPAA drivers which uses uio interface to interact with
+Linux kernel for configure and destroy the device instance (ring).
+
+
+Implementation
+--------------
+
+SEC provides platform assurance by working with SecMon, which is a companion
+logic block that tracks the security state of the SOC. SEC is programmed by
+means of descriptors (not to be confused with frame descriptors (FDs)) that
+indicate the operations to be performed and link to the message and
+associated data. SEC incorporates two DMA engines to fetch the descriptors,
+read the message data, and write the results of the operations. The DMA
+engine provides a scatter/gather capability so that SEC can read and write
+data scattered in memory. SEC may be configured by means of software for
+dynamic changes in byte ordering. The default configuration for this version
+of SEC is little-endian mode.
+
+Note that one physical Job Ring represent one caam_jr device.
+
+Features
+--------
+
+The CAAM_JR PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_3DES_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CBC``
+* ``RTE_CRYPTO_CIPHER_AES192_CBC``
+* ``RTE_CRYPTO_CIPHER_AES256_CBC``
+* ``RTE_CRYPTO_CIPHER_AES128_CTR``
+* ``RTE_CRYPTO_CIPHER_AES192_CTR``
+* ``RTE_CRYPTO_CIPHER_AES256_CTR``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_MD5_HMAC``
+
+AEAD algorithms:
+
+* ``RTE_CRYPTO_AEAD_AES_GCM``
+
+Supported DPAA SoCs
+--------------------
+
+* LS1046A/LS1026A
+* LS1043A/LS1023A
+* LS1028A
+* LS1012A
+
+Limitations
+-----------
+
+* Hash followed by Cipher mode is not supported
+* Only supports the session-oriented API implementation (session-less APIs are not supported).
+
+Prerequisites
+-------------
+
+caam_jr driver has following dependencies are not part of DPDK and must be installed separately:
+
+* **NXP Linux SDK**
+
+  NXP Linux software development kit (SDK) includes support for the family
+  of QorIQ® ARM-Architecture-based system on chip (SoC) processors
+  and corresponding boards.
+
+  It includes the Linux board support packages (BSPs) for NXP SoCs,
+  a fully operational tool chain, kernel and board specific modules.
+
+  SDK and related information can be obtained from:  `NXP QorIQ SDK  <http://www.nxp.com/products/software-and-tools/run-time-software/linux-sdk/linux-sdk-for-qoriq-processors:SDKLINUX>`_.
+
+Currently supported by DPDK:
+
+* NXP SDK **18.09+**.
+* Supported architectures:  **arm64 LE**.
+
+* Follow the DPDK :ref:`Getting Started Guide for Linux <linux_gsg>` to setup the basic DPDK environment.
+
+Pre-Installation Configuration
+------------------------------
+
+Config File Options
+~~~~~~~~~~~~~~~~~~~
+
+The following options can be modified in the ``config`` file
+to enable caam_jr PMD.
+
+Please note that enabling debugging options may affect system performance.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR`` (default ``n``)
+  By default it is only enabled in common_linuxapp config.
+  Toggle compilation of the ``librte_pmd_caam_jr`` driver.
+
+* ``CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE`` (default ``n``)
+  By default it is disabled.
+  It can be used when the underlying hardware supports the CAAM in BE mode.
+  e.g. LS1043A, LS1046A supports CAAM in BE mode.
+  BE mode is enabled by default in defconfig-arm64-dpaa-linuxapp-gcc.
+
+Installations
+-------------
+To compile the caam_jr PMD for Linux arm64 gcc target, run the
+following ``make`` command:
+
+.. code-block:: console
+
+   cd <DPDK-source-directory>
+   make config T=arm64-armv8a-linuxapp-gcc install
+
+Enabling logs
+-------------
+
+For enabling logs, use the following EAL parameter:
+
+.. code-block:: console
+
+   ./your_crypto_application <EAL args> --log-level=pmd.crypto.caam,<level>
diff --git a/doc/guides/cryptodevs/features/caam_jr.ini b/doc/guides/cryptodevs/features/caam_jr.ini
new file mode 100644
index 000000000..68f8d8195
--- /dev/null
+++ b/doc/guides/cryptodevs/features/caam_jr.ini
@@ -0,0 +1,46 @@
+;
+; Supported features of the 'caam_jr' crypto driver.
+;
+; Refer to default.ini for the full list of available PMD features.
+;
+[Features]
+Symmetric crypto       = Y
+Sym operation chaining = Y
+HW Accelerated         = Y
+Protocol offload       = Y
+In Place SGL           = Y
+OOP SGL In SGL Out     = Y
+OOP SGL In LB  Out     = Y
+OOP LB  In SGL Out     = Y
+OOP LB  In LB  Out     = Y
+
+;
+; Supported crypto algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Cipher]
+AES CBC (128) = Y
+AES CBC (192) = Y
+AES CBC (256) = Y
+AES CTR (128) = Y
+AES CTR (192) = Y
+AES CTR (256) = Y
+3DES CBC      = Y
+
+;
+; Supported authentication algorithms of the 'dpaa2_sec' crypto driver.
+;
+[Auth]
+MD5 HMAC     = Y
+SHA1 HMAC    = Y
+SHA224 HMAC  = Y
+SHA256 HMAC  = Y
+SHA384 HMAC  = Y
+SHA512 HMAC  = Y
+
+;
+; Supported AEAD algorithms of the 'dpaa2_sec' crypto driver.
+;
+[AEAD]
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst
index bd1588537..83610e64f 100644
--- a/doc/guides/cryptodevs/index.rst
+++ b/doc/guides/cryptodevs/index.rst
@@ -13,6 +13,7 @@ Crypto Device Drivers
     aesni_mb
     aesni_gcm
     armv8
+    caam_jr
     ccp
     dpaa2_sec
     dpaa_sec
diff --git a/doc/guides/rel_notes/release_18_11.rst b/doc/guides/rel_notes/release_18_11.rst
index a0dd1bed9..af9a6f89f 100644
--- a/doc/guides/rel_notes/release_18_11.rst
+++ b/doc/guides/rel_notes/release_18_11.rst
@@ -186,6 +186,11 @@ New Features
   The AESNI MB PMD has been updated with additional support for AES-GCM
   algorithm support.
 
+* **Added NXP CAAM JR PMD.**
+
+  Added the new caam job ring driver for NXP platforms. See the
+  "NXP CAAM JOB RING (caam_jr)" document for more details on this new driver.
+
 API Changes
 -----------
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] 97+ messages in thread

* [dpdk-dev] [PATCH v5 15/15] test/crypto: add CAAM JR driver validation test cases
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (13 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 14/15] doc: add caam jr cryptodev details Gagandeep Singh
@ 2018-10-22 14:57         ` Gagandeep Singh
  2018-10-22 20:30         ` [dpdk-dev] [PATCH v5 00/15] Introducing the NXP CAAM job ring driver Thomas Monjalon
  15 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-22 14:57 UTC (permalink / raw)
  To: dev, Akhil Goyal; +Cc: Hemant Agrawal, Gagandeep Singh

From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch adds the validation test cases for
CAAM JR driver

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 test/test/test_cryptodev.c                   | 138 +++++++++++++++++++
 test/test/test_cryptodev.h                   |   1 +
 test/test/test_cryptodev_aes_test_vectors.h  |  33 +++++
 test/test/test_cryptodev_blockcipher.c       |   7 +
 test/test/test_cryptodev_blockcipher.h       |   1 +
 test/test/test_cryptodev_des_test_vectors.h  |  14 +-
 test/test/test_cryptodev_hash_test_vectors.h |  14 ++
 7 files changed, 206 insertions(+), 2 deletions(-)

diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index 32600dea2..84065eb49 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -1876,6 +1876,64 @@ test_AES_cipheronly_virtio_all(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_AES_chain_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AES_CHAIN_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_cipheronly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AES_CIPHERONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_authonly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_AUTHONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+
 static int
 test_AES_chain_dpaa_sec_all(void)
 {
@@ -5148,6 +5206,44 @@ test_DES_docsis_mb_all(void)
 	return TEST_SUCCESS;
 }
 
+static int
+test_3DES_chain_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_3DES_CHAIN_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_3DES_cipheronly_caam_jr_all(void)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	int status;
+
+	status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+		ts_params->op_mpool,
+		ts_params->session_mpool,
+		ts_params->valid_devs[0],
+		rte_cryptodev_driver_id_get(
+		RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)),
+		BLKCIPHER_3DES_CIPHERONLY_TYPE);
+
+	TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+	return TEST_SUCCESS;
+}
+
 static int
 test_3DES_chain_dpaa_sec_all(void)
 {
@@ -9808,6 +9904,31 @@ static struct unit_test_suite cryptodev_sw_zuc_testsuite  = {
 	}
 };
 
+static struct unit_test_suite cryptodev_caam_jr_testsuite  = {
+	.suite_name = "Crypto CAAM JR Unit Test Suite",
+	.setup = testsuite_setup,
+	.teardown = testsuite_teardown,
+	.unit_test_cases = {
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_device_configure_invalid_dev_id),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_multi_session),
+
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_AES_chain_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_3DES_chain_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_AES_cipheronly_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_3DES_cipheronly_caam_jr_all),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			     test_authonly_caam_jr_all),
+
+		TEST_CASES_END() /**< NULL terminate unit test array */
+	}
+};
+
 static struct unit_test_suite cryptodev_dpaa_sec_testsuite  = {
 	.suite_name = "Crypto DPAA_SEC Unit Test Suite",
 	.setup = testsuite_setup,
@@ -10634,6 +10755,22 @@ test_cryptodev_octeontx(void)
 	return unit_test_suite_runner(&cryptodev_octeontx_testsuite);
 }
 
+static int
+test_cryptodev_caam_jr(void /*argv __rte_unused, int argc __rte_unused*/)
+{
+	gbl_driver_id =	rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
+
+	if (gbl_driver_id == -1) {
+		RTE_LOG(ERR, USER1, "CAAM_JR PMD must be loaded. Check if "
+				"CONFIG_RTE_LIBRTE_PMD_CAAM_JR is enabled "
+				"in config file to run this testsuite.\n");
+		return TEST_FAILED;
+	}
+
+	return unit_test_suite_runner(&cryptodev_caam_jr_testsuite);
+}
+
 REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat);
 REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest, test_cryptodev_aesni_mb);
 REGISTER_TEST_COMMAND(cryptodev_openssl_autotest, test_cryptodev_openssl);
@@ -10649,3 +10786,4 @@ REGISTER_TEST_COMMAND(cryptodev_dpaa_sec_autotest, test_cryptodev_dpaa_sec);
 REGISTER_TEST_COMMAND(cryptodev_ccp_autotest, test_cryptodev_ccp);
 REGISTER_TEST_COMMAND(cryptodev_virtio_autotest, test_cryptodev_virtio);
 REGISTER_TEST_COMMAND(cryptodev_octeontx_autotest, test_cryptodev_octeontx);
+REGISTER_TEST_COMMAND(cryptodev_caam_jr_autotest, test_cryptodev_caam_jr);
diff --git a/test/test/test_cryptodev.h b/test/test/test_cryptodev.h
index f2d41aedd..a73a49e72 100644
--- a/test/test/test_cryptodev.h
+++ b/test/test/test_cryptodev.h
@@ -65,6 +65,7 @@
 #define CRYPTODEV_NAME_CCP_PMD		crypto_ccp
 #define CRYPTODEV_NAME_VIRTIO_PMD	crypto_virtio
 #define CRYPTODEV_NAME_OCTEONTX_SYM_PMD	crypto_octeontx
+#define CRYPTODEV_NAME_CAAM_JR_PMD	crypto_caam_jr
 
 /**
  * Write (spread) data from buffer to mbuf data
diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 5db46f4c5..fff28bc9b 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1171,6 +1171,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1185,6 +1186,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1225,6 +1227,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1239,6 +1242,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1253,6 +1257,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1279,6 +1284,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1293,6 +1299,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1305,6 +1312,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1327,6 +1335,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1375,6 +1384,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1413,6 +1423,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1459,6 +1470,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1472,6 +1484,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1484,6 +1497,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1498,6 +1512,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1511,6 +1526,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1525,6 +1541,7 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
@@ -1564,6 +1581,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1579,6 +1597,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1594,6 +1613,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1607,6 +1627,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1619,6 +1640,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1630,6 +1652,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -1642,6 +1665,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1657,6 +1681,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO |
@@ -1671,6 +1696,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
@@ -1683,6 +1709,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO
 	},
@@ -1696,6 +1723,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1710,6 +1738,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1724,6 +1753,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1737,6 +1767,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
@@ -1750,6 +1781,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1764,6 +1796,7 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
diff --git a/test/test/test_cryptodev_blockcipher.c b/test/test/test_cryptodev_blockcipher.c
index 6df132126..1c3f29f6b 100644
--- a/test/test/test_cryptodev_blockcipher.c
+++ b/test/test/test_cryptodev_blockcipher.c
@@ -68,6 +68,8 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 			RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
 	int dpaa_sec_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
+	int caam_jr_pmd = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
 	int mrvl_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_MVSAM_PMD));
 	int virtio_pmd = rte_cryptodev_driver_id_get(
@@ -111,6 +113,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 
 	if (driver_id == dpaa2_sec_pmd ||
 			driver_id == dpaa_sec_pmd ||
+			driver_id == caam_jr_pmd ||
 			driver_id == qat_pmd ||
 			driver_id == openssl_pmd ||
 			driver_id == armv8_pmd ||
@@ -631,6 +634,8 @@ test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
 			RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD));
 	int dpaa_sec_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD));
+	int caam_jr_pmd = rte_cryptodev_driver_id_get(
+			RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD));
 	int scheduler_pmd = rte_cryptodev_driver_id_get(
 			RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD));
 	int armv8_pmd = rte_cryptodev_driver_id_get(
@@ -707,6 +712,8 @@ test_blockcipher_all_tests(struct rte_mempool *mbuf_pool,
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_CCP;
 	else if (driver_id == dpaa_sec_pmd)
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC;
+	else if (driver_id == caam_jr_pmd)
+		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR;
 	else if (driver_id == mrvl_pmd)
 		target_pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MVSAM;
 	else if (driver_id == virtio_pmd)
diff --git a/test/test/test_cryptodev_blockcipher.h b/test/test/test_cryptodev_blockcipher.h
index 57e678fc1..f8bd85838 100644
--- a/test/test/test_cryptodev_blockcipher.h
+++ b/test/test/test_cryptodev_blockcipher.h
@@ -30,6 +30,7 @@
 #define BLOCKCIPHER_TEST_TARGET_PMD_CCP		0x0040 /* CCP flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_VIRTIO	0x0200 /* VIRTIO flag */
 #define BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX	0x0100 /* OCTEON TX flag */
+#define BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR	0x0400 /* CAAM_JR flag */
 
 #define BLOCKCIPHER_TEST_OP_CIPHER	(BLOCKCIPHER_TEST_OP_ENCRYPT | \
 					BLOCKCIPHER_TEST_OP_DECRYPT)
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0789881da..f1b8cbd45 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -1069,6 +1069,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
 	{
@@ -1079,6 +1080,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP
 	},
 	{
@@ -1103,6 +1105,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1115,6 +1118,7 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -1195,7 +1199,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Decryption Digest"
@@ -1206,7 +1211,8 @@ static const struct blockcipher_test_case triple_des_chain_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
-			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR
 	},
 	{
 		.test_descr = "3DES-128-CBC HMAC-SHA1 Encryption Digest"
@@ -1254,6 +1260,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
@@ -1265,6 +1272,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB
 	},
@@ -1276,6 +1284,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB |
@@ -1289,6 +1298,7 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MB |
diff --git a/test/test/test_cryptodev_hash_test_vectors.h b/test/test/test_cryptodev_hash_test_vectors.h
index af1e29e68..a02dfb3c3 100644
--- a/test/test/test_cryptodev_hash_test_vectors.h
+++ b/test/test/test_cryptodev_hash_test_vectors.h
@@ -393,6 +393,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -406,6 +407,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -437,6 +439,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -449,6 +452,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -460,6 +464,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -472,6 +477,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_SG,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			    BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			    BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -501,6 +507,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -514,6 +521,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
@@ -545,6 +553,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -559,6 +568,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -591,6 +601,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -605,6 +616,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -637,6 +649,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
@@ -651,6 +664,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 			BLOCKCIPHER_TEST_TARGET_PMD_SCHEDULER |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_CAAM_JR |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
-- 
2.17.1

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v5 00/15] Introducing the NXP CAAM job ring driver
  2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
                           ` (14 preceding siblings ...)
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
@ 2018-10-22 20:30         ` Thomas Monjalon
  15 siblings, 0 replies; 97+ messages in thread
From: Thomas Monjalon @ 2018-10-22 20:30 UTC (permalink / raw)
  To: Gagandeep Singh; +Cc: dev, Akhil Goyal, hemant.agrawal, shreyansh.jain

22/10/2018 16:57, Gagandeep Singh:
> v4->v5 change-log:
> * compilation issue fixed
> 
> v3->v4 change-log:
> * local dma_addr_t definition removed
> 
> v2->v3 change-log:
> * fix CONFIG_RTE_LIBRTE_SECURITY=n compilation.

Thanks for all the fixes.

The v2 of this series was applied to dpdk-next-crypto and pulled to master.
Now we need some fixes on top of v2 please.

Thanks

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations
  2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
@ 2018-10-28  0:35           ` Ferruh Yigit
  2018-10-29 12:24             ` Gagandeep Singh
  0 siblings, 1 reply; 97+ messages in thread
From: Ferruh Yigit @ 2018-10-28  0:35 UTC (permalink / raw)
  To: Gagandeep Singh, dev, Akhil Goyal; +Cc: Hemant Agrawal

On 10/22/2018 3:57 PM, Gagandeep Singh wrote:
> caam_jr need support from kernel caam driver for
> job ring initialisation. So to access register space
> for job ring and allow re configure and map to userspace
> UIO interface is used. This also allows to handle the
> caam interrupts from the user space.
> 
> This patch adds UIO specific operations
> 
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

<...>

> +void
> +free_job_ring(uint32_t uio_fd)
> +{
> +	struct uio_job_ring *job_ring = NULL;
> +	int i;
> +
> +	if (!job_ring->uio_fd)
> +		return;

It seems this function is not called. Can the intention be:

 if (!uio_fd)
	 return;

^ permalink raw reply	[flat|nested] 97+ messages in thread

* Re: [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations
  2018-10-28  0:35           ` Ferruh Yigit
@ 2018-10-29 12:24             ` Gagandeep Singh
  0 siblings, 0 replies; 97+ messages in thread
From: Gagandeep Singh @ 2018-10-29 12:24 UTC (permalink / raw)
  To: Ferruh Yigit, dev, Akhil Goyal; +Cc: Hemant Agrawal

Hi

> -----Original Message-----
> From: Ferruh Yigit <ferruh.yigit@intel.com>
> Sent: Sunday, October 28, 2018 6:05 AM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org; Akhil Goyal
> <akhil.goyal@nxp.com>
> Cc: Hemant Agrawal <hemant.agrawal@nxp.com>
> Subject: Re: [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific
> operations
> 
> On 10/22/2018 3:57 PM, Gagandeep Singh wrote:
> > caam_jr need support from kernel caam driver for job ring
> > initialisation. So to access register space for job ring and allow re
> > configure and map to userspace UIO interface is used. This also allows
> > to handle the caam interrupts from the user space.
> >
> > This patch adds UIO specific operations
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
> 
> <...>
> 
> > +void
> > +free_job_ring(uint32_t uio_fd)
> > +{
> > +	struct uio_job_ring *job_ring = NULL;
> > +	int i;
> > +
> > +	if (!job_ring->uio_fd)
> > +		return;
> 
> It seems this function is not called. Can the intention be:
> 
>  if (!uio_fd)
> 	 return;

Patch has been sent http://patchwork.dpdk.org/patch/47557/ 

^ permalink raw reply	[flat|nested] 97+ messages in thread

end of thread, other threads:[~2018-10-29 12:24 UTC | newest]

Thread overview: 97+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-13  6:08 [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 01/10] doc: add caam jr cryptodev details Gagandeep Singh
2018-09-18 12:27   ` Akhil Goyal
2018-10-12 13:29     ` Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 02/10] crypto/caam_jr: introduce basic driver Gagandeep Singh
2018-09-18 12:13   ` Akhil Goyal
2018-10-12 13:15     ` Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 03/10] crypto/caam_jr: add HW config for job rings Gagandeep Singh
2018-09-18 13:37   ` Akhil Goyal
2018-10-12 13:32     ` Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 04/10] crypto/caam_jr: add device configuration routines Gagandeep Singh
2018-09-18 13:59   ` Akhil Goyal
2018-10-12 13:38     ` Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 05/10] crypto/caam_jr: add queue config functions Gagandeep Singh
2018-09-18 14:04   ` Akhil Goyal
2018-10-12 13:39     ` Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 06/10] crypto/caam_jr: add basic session config routines Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 07/10] crypto/caam_jr: add enqueue and dequeue routines Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 08/10] crypto/caam_jr: add auth cipher and aead session support Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 09/10] crypto/caam_jr: add stats support Gagandeep Singh
2018-09-13  6:08 ` [dpdk-dev] [PATCH 10/10] crypto/caam_jr: add security offload support Gagandeep Singh
2018-09-18 14:21 ` [dpdk-dev] [PATCH 00/10] Introducing the NXP CAAM job ring driver Akhil Goyal
2018-10-12 14:40 ` [dpdk-dev] [PATCH v2 00/14] " Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 01/14] crypto/caam_jr: introduce basic driver Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 02/14] crypto/caam_jr: add HW tuning options Gagandeep Singh
2018-10-19  9:11     ` Thomas Monjalon
2018-10-22 12:31       ` Gagandeep Singh
2018-10-22 13:32         ` Ali Alnubani
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 03/14] crypto/caam_jr: add routines to configure HW Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 04/14] crypto/caam_jr: add UIO specific operations Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 05/14] crypto/caam_jr: add basic job ring routines Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 06/14] crypto/caam_jr: add device basic ops Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 07/14] crypto/caam_jr: add queue pair config ops Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 08/14] crypto/caam_jr: add device cababilities Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 09/14] crypto/caam_jr: add session configuration methods Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 10/14] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 11/14] crypto/caam_jr: add scatter gather Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 12/14] crypto/caam_jr: add statistics ops Gagandeep Singh
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 13/14] crypto/caam_jr: add security offload Gagandeep Singh
2018-10-19  2:17     ` Thomas Monjalon
2018-10-22  9:26       ` Thomas Monjalon
2018-10-22 10:31         ` Hemant Agrawal
2018-10-12 14:40   ` [dpdk-dev] [PATCH v2 14/14] doc: add caam jr cryptodev details Gagandeep Singh
2018-10-16 12:58   ` [dpdk-dev] [PATCH v2 00/14] Introducing the NXP CAAM job ring driver Akhil Goyal
2018-10-16 14:34   ` Akhil Goyal
2018-10-22 13:31   ` [dpdk-dev] [PATCH v3 00/15] " Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 13/15] crypto/caam_jr: add security offload Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 14/15] doc: add caam jr cryptodev details Gagandeep Singh
2018-10-22 13:31     ` [dpdk-dev] [PATCH v3 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
2018-10-22 14:17     ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
2018-10-22 14:17       ` [dpdk-dev] [PATCH v4 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 13/15] crypto/caam_jr: add security offload Gagandeep Singh
2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 14/15] doc: add caam jr cryptodev details Gagandeep Singh
2018-10-22 14:18       ` [dpdk-dev] [PATCH v4 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
2018-10-22 14:48       ` [dpdk-dev] [PATCH v4 00/15] Introducing the NXP CAAM job ring driver Gagandeep Singh
2018-10-22 14:57       ` [dpdk-dev] [PATCH v5 " Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 01/15] crypto/caam_jr: introduce basic driver Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 02/15] crypto/caam_jr: add HW tuning options Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 03/15] crypto/caam_jr: add routines to configure HW Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 04/15] crypto/caam_jr: add UIO specific operations Gagandeep Singh
2018-10-28  0:35           ` Ferruh Yigit
2018-10-29 12:24             ` Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 05/15] crypto/caam_jr: add basic job ring routines Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 06/15] crypto/caam_jr: add device basic ops Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 07/15] crypto/caam_jr: add queue pair config ops Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 08/15] crypto/caam_jr: add session configuration methods Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 09/15] crypto/caam_jr: add device cababilities Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 10/15] crypto/caam_jr: add enqueue dequeue operations Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 11/15] crypto/caam_jr: add scatter gather Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 12/15] crypto/caam_jr: add statistics ops Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 13/15] crypto/caam_jr: add security offload Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 14/15] doc: add caam jr cryptodev details Gagandeep Singh
2018-10-22 14:57         ` [dpdk-dev] [PATCH v5 15/15] test/crypto: add CAAM JR driver validation test cases Gagandeep Singh
2018-10-22 20:30         ` [dpdk-dev] [PATCH v5 00/15] Introducing the NXP CAAM job ring driver Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).