From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30047.outbound.protection.outlook.com [40.107.3.47]) by dpdk.org (Postfix) with ESMTP id 86B274CC7 for ; Mon, 15 Oct 2018 14:53:51 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XONOKgx2DqsFAH5qH9dJ0bVE7MzKNTWDnSyOGQ8hgEI=; b=Y8qpaXRgLNNe1ydNShTazCakD2Q/8H7mRc02cvaPU9rcHncIp2iOscshspJPXWEts9+oShNi6YfGxV+6Lu506h7d4f5/VkDOI4g/DDHZA1KkJjUEskLwJGOJ1k/5ZTGOd590AjGHGPTQh9Uj1hwskgnSHWUm79e5Z2+2BFfFpVA= Received: from VI1PR04MB4893.eurprd04.prod.outlook.com (20.177.49.154) by VI1PR04MB1629.eurprd04.prod.outlook.com (10.164.84.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1228.23; Mon, 15 Oct 2018 12:53:49 +0000 Received: from VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::cc19:b6c6:27db:3fec]) by VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::cc19:b6c6:27db:3fec%3]) with mapi id 15.20.1228.027; Mon, 15 Oct 2018 12:53:49 +0000 From: Akhil Goyal To: "dev@dpdk.org" CC: "pablo.de.lara.guarch@intel.com" , "radu.nicolau@intel.com" , "jerin.jacob@caviumnetworks.com" , "narayanaprasad.athreya@caviumnetworks.com" , "Shally.Verma@caviumnetworks.com" , "Anoob.Joseph@caviumnetworks.com" , "Vidya.Velumuri@caviumnetworks.com" , Hemant Agrawal , Akhil Goyal Thread-Topic: [PATCH v4 3/3] crypto/dpaa2_sec: support pdcp offload Thread-Index: AQHUZIYe2GKoh8onEU2mBlShi+6fFA== Date: Mon, 15 Oct 2018 12:53:49 +0000 Message-ID: <20181015124858.5562-4-akhil.goyal@nxp.com> References: <20181005135318.6350-1-akhil.goyal@nxp.com> <20181015124858.5562-1-akhil.goyal@nxp.com> In-Reply-To: <20181015124858.5562-1-akhil.goyal@nxp.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: SG2PR06CA0220.apcprd06.prod.outlook.com (2603:1096:4:68::28) To VI1PR04MB4893.eurprd04.prod.outlook.com (2603:10a6:803:56::26) authentication-results: spf=none (sender IP is ) smtp.mailfrom=akhil.goyal@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [14.143.30.134] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; VI1PR04MB1629; 6:XtxQyo6GremfTI8Jba2cmFk0INFOw12tgjF3j4XJ917G/P+WIms6bO2daUBtXDXK+0qBcXYWCSUzM10EtYCKNqkm+eoD92Xy6cTdX3Z8iHISWWxIeVxC5jn+feFHa5w9IpxfnrKhePMu4NGgs6H+VPYKIXS7fRNRlH61klCMunp+/clNah6YSBaR0xd3+Qdg80Lod6Z6mMoVSsrTI+d73oXGiCd52Rk1G/K3LJP0LJSrUAZiR3pWi5dD2Y52oUbtrHneCZFBHiKxXcwYTWupSq7UviMo3Bj+tP+gcHXhXDxryVMQJc0OqXOSQd8krSwVwBauiW9waMAxl0+UZeGl31OAb8p+DZzPRtdKj6KHzsDuRJ+4W0Y84Ncdfhxhax6Tk9ZOIJYYytBPBPMI6+RWy5WTwPOinGhmi3GF/ge+8kiRHED6HABHFZEQApE4AURFnKWrRGTnUi6LkWBEYw6qEA==; 5:cHUgrJJ/9Y82hymT+j5Od/VVBiyJAxvP+/vqIx5GUC4V8JUcV+09s80IcKTt6tPgU2PMyOfjOT87634g0iSZy+uEwjzD38aMAZgWw2HCC3cGClwdMjBs8jh4H77jURRTyNfrFL4Cuygi0V2JBwQH35uWlhYmV6ScX2m+QfnadSc=; 7:iPxZzOeLT30xGDA1f6MXdi//clxTUEU7K3l3rijfxYdZAytnDWIq7QaM+CKLeZ8kGn1FPt/Y79wXhROTBtV7lFX2RtGstuVx8Qn2dBXOG0XEMD6T0qxpIxYucqB7lB31bJ3kFC711KwF5kFU6Pg167YOHu2riVasT7rSbW7tQdRgTym2Y2+h6J3hmoRC/shj9UwkBs8u/5TDmryZPRzCKJY7EnUJ0Aknlg8v7BzkxjK8oZkA5r6Yi4QJjkYDkMgj x-ms-office365-filtering-correlation-id: a8e489cc-4469-4e8a-3e0b-08d6329d4086 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR04MB1629; x-ms-traffictypediagnostic: VI1PR04MB1629: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(269456686620040)(163750095850)(185117386973197); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231355)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(149066)(150057)(6041310)(20161123560045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123562045)(201708071742011)(7699051); SRVR:VI1PR04MB1629; BCL:0; PCL:0; RULEID:; SRVR:VI1PR04MB1629; x-forefront-prvs: 0826B2F01B x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(136003)(346002)(39860400002)(396003)(376002)(199004)(189003)(99286004)(26005)(25786009)(68736007)(55236004)(8936002)(53936002)(102836004)(4744004)(386003)(6506007)(66066001)(76176011)(478600001)(52116002)(14454004)(106356001)(2351001)(316002)(105586002)(2900100001)(5640700003)(6512007)(81156014)(8676002)(1730700003)(81166006)(71200400001)(71190400001)(305945005)(7736002)(6486002)(54906003)(6436002)(5660300001)(2616005)(2501003)(6916009)(476003)(486006)(97736004)(11346002)(446003)(6116002)(2906002)(14444005)(1076002)(256004)(4326008)(5250100002)(36756003)(44832011)(86362001)(3846002)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR04MB1629; H:VI1PR04MB4893.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: iUnfR2idACMSyxly6iX53Tafmw9h7lk+UqXR7fitsuFOZqznWmzceov02LXjSqMxwNWgfyslkKlbJhGhZx+G5HhBHTptFfKBysHQtKQIfKUxeRfP4lFDyBzoDiuA9WwbY1zPfOyir9Vx9IKi0bjKRp2AHGdfP2C/gtJ4OoJXwabMxmqefQtomIUYYl68DfvSWlLfdyP+S4FNd+SRFG/euT/OLGynL1/gzcpA5Ysu8t70JAlyTJ42usWrVzHuHf0JSE+bfRpdjtCFa7nCs0O06LowhsVCjlTWIxk91Uw7GkOp1BjFO/d/lML/nfNzd3d/vXU8q+mbI/o08mmQCoHEOYsaRAIFIgCN2dWi5hH2qVE= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: a8e489cc-4469-4e8a-3e0b-08d6329d4086 X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Oct 2018 12:53:49.7110 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB1629 Subject: [dpdk-dev] [PATCH v4 3/3] crypto/dpaa2_sec: support pdcp offload X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Oct 2018 12:53:52 -0000 From: Akhil Goyal PDCP session configuration for lookaside protocol offload and data path is added. Signed-off-by: Hemant Agrawal Signed-off-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 257 ++++++++++++++++++++ drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 208 +++++++++++++++- 2 files changed, 457 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/d= paa2_sec/dpaa2_sec_dpseci.c index 0336d5f4b..fe769a932 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -35,6 +35,7 @@ typedef uint64_t dma_addr_t; =20 /* RTA header files */ #include +#include #include =20 /* Minimum job descriptor consists of a oneword job descriptor HEADER and @@ -74,6 +75,9 @@ build_proto_compound_fd(dpaa2_sec_session *sess, struct rte_mbuf *dst_mbuf =3D sym_op->m_dst; int retval; =20 + if (!dst_mbuf) + dst_mbuf =3D src_mbuf; + /* Save the shared descriptor */ flc =3D &priv->flc_desc[0].flc; =20 @@ -118,6 +122,15 @@ build_proto_compound_fd(dpaa2_sec_session *sess, DPAA2_SET_FD_LEN(fd, ip_fle->length); DPAA2_SET_FLE_FIN(ip_fle); =20 +#ifdef ENABLE_HFN_OVERRIDE + if (sess->ctxt_type =3D=3D DPAA2_SEC_PDCP && sess->pdcp.hfn_ovd) { + /*enable HFN override override */ + DPAA2_SET_FLE_INTERNAL_JD(ip_fle, sess->pdcp.hfn_ovd); + DPAA2_SET_FLE_INTERNAL_JD(op_fle, sess->pdcp.hfn_ovd); + DPAA2_SET_FD_INTERNAL_JD(fd, sess->pdcp.hfn_ovd); + } +#endif + return 0; =20 } @@ -1188,6 +1201,9 @@ build_sec_fd(struct rte_crypto_op *op, case DPAA2_SEC_IPSEC: ret =3D build_proto_fd(sess, op, fd, bpid); break; + case DPAA2_SEC_PDCP: + ret =3D build_proto_compound_fd(sess, op, fd, bpid); + break; case DPAA2_SEC_HASH_CIPHER: default: DPAA2_SEC_ERR("error: Unsupported session"); @@ -2551,6 +2567,243 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *d= ev, return ret; } =20 +static int +dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, + struct rte_security_session_conf *conf, + void *sess) +{ + struct rte_security_pdcp_xform *pdcp_xform =3D &conf->pdcp; + struct rte_crypto_sym_xform *xform =3D conf->crypto_xform; + struct rte_crypto_auth_xform *auth_xform =3D NULL; + struct rte_crypto_cipher_xform *cipher_xform; + dpaa2_sec_session *session =3D (dpaa2_sec_session *)sess; + struct ctxt_priv *priv; + struct dpaa2_sec_dev_private *dev_priv =3D dev->data->dev_private; + struct alginfo authdata, cipherdata; + int bufsize =3D -1; + struct sec_flow_context *flc; +#if RTE_BYTE_ORDER =3D=3D RTE_BIG_ENDIAN + int swap =3D true; +#else + int swap =3D false; +#endif + + PMD_INIT_FUNC_TRACE(); + + memset(session, 0, sizeof(dpaa2_sec_session)); + + priv =3D (struct ctxt_priv *)rte_zmalloc(NULL, + sizeof(struct ctxt_priv) + + sizeof(struct sec_flc_desc), + RTE_CACHE_LINE_SIZE); + + if (priv =3D=3D NULL) { + DPAA2_SEC_ERR("No memory for priv CTXT"); + return -ENOMEM; + } + + priv->fle_pool =3D dev_priv->fle_pool; + flc =3D &priv->flc_desc[0].flc; + + /* find xfrm types */ + if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next =3D=3D = NULL) { + cipher_xform =3D &xform->cipher; + } else if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER && + xform->next->type =3D=3D RTE_CRYPTO_SYM_XFORM_AUTH) { + session->ext_params.aead_ctxt.auth_cipher_text =3D true; + cipher_xform =3D &xform->cipher; + auth_xform =3D &xform->next->auth; + } else if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_AUTH && + xform->next->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER) { + session->ext_params.aead_ctxt.auth_cipher_text =3D false; + cipher_xform =3D &xform->next->cipher; + auth_xform =3D &xform->auth; + } else { + DPAA2_SEC_ERR("Invalid crypto type"); + return -EINVAL; + } + + session->ctxt_type =3D DPAA2_SEC_PDCP; + if (cipher_xform) { + session->cipher_key.data =3D rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data =3D=3D NULL && + cipher_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for cipher key"); + rte_free(priv); + return -ENOMEM; + } + session->cipher_key.length =3D cipher_xform->key.length; + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + session->dir =3D (cipher_xform->op =3D=3D RTE_CRYPTO_CIPHER_OP_ENCRYPT) = ? + DIR_ENC : DIR_DEC; + session->cipher_alg =3D cipher_xform->algo; + } else { + session->cipher_key.data =3D NULL; + session->cipher_key.length =3D 0; + session->cipher_alg =3D RTE_CRYPTO_CIPHER_NULL; + session->dir =3D DIR_ENC; + } + + session->pdcp.domain =3D pdcp_xform->domain; + session->pdcp.bearer =3D pdcp_xform->bearer; + session->pdcp.pkt_dir =3D pdcp_xform->pkt_dir; + session->pdcp.sn_size =3D pdcp_xform->sn_size; +#ifdef ENABLE_HFN_OVERRIDE + session->pdcp.hfn_ovd =3D pdcp_xform->hfn_ovd; +#endif + session->pdcp.hfn =3D pdcp_xform->hfn; + session->pdcp.hfn_threshold =3D pdcp_xform->hfn_threshold; + + cipherdata.key =3D (size_t)session->cipher_key.data; + cipherdata.keylen =3D session->cipher_key.length; + cipherdata.key_enc_flags =3D 0; + cipherdata.key_type =3D RTA_DATA_IMM; + + switch (session->cipher_alg) { + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_SNOW; + break; + case RTE_CRYPTO_CIPHER_ZUC_EEA3: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_ZUC; + break; + case RTE_CRYPTO_CIPHER_AES_CTR: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_AES; + break; + case RTE_CRYPTO_CIPHER_NULL: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_NULL; + break; + default: + DPAA2_SEC_ERR("Crypto: Undefined Cipher specified %u", + session->cipher_alg); + goto out; + } + + /* Auth is only applicable for control mode operation. */ + if (pdcp_xform->domain =3D=3D RTE_SECURITY_PDCP_MODE_CONTROL) { + if (pdcp_xform->sn_size !=3D RTE_SECURITY_PDCP_SN_SIZE_5) { + DPAA2_SEC_ERR( + "PDCP Seq Num size should be 5 bits for cmode"); + goto out; + } + if (auth_xform) { + session->auth_key.data =3D rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data =3D=3D NULL && + auth_xform->key.length > 0) { + DPAA2_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + rte_free(priv); + return -ENOMEM; + } + session->auth_key.length =3D auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg =3D auth_xform->algo; + } else { + session->auth_key.data =3D NULL; + session->auth_key.length =3D 0; + session->auth_alg =3D RTE_CRYPTO_AUTH_NULL; + } + authdata.key =3D (size_t)session->auth_key.data; + authdata.keylen =3D session->auth_key.length; + authdata.key_enc_flags =3D 0; + authdata.key_type =3D RTA_DATA_IMM; + + switch (session->auth_alg) { + case RTE_CRYPTO_AUTH_SNOW3G_UIA2: + authdata.algtype =3D PDCP_AUTH_TYPE_SNOW; + break; + case RTE_CRYPTO_AUTH_ZUC_EIA3: + authdata.algtype =3D PDCP_AUTH_TYPE_ZUC; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: + authdata.algtype =3D PDCP_AUTH_TYPE_AES; + break; + case RTE_CRYPTO_AUTH_NULL: + authdata.algtype =3D PDCP_AUTH_TYPE_NULL; + break; + default: + DPAA2_SEC_ERR("Crypto: Unsupported auth alg %u", + session->auth_alg); + goto out; + } + + if (session->dir =3D=3D DIR_ENC) + bufsize =3D cnstr_shdsc_pdcp_c_plane_encap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, &authdata, + 0); + else if (session->dir =3D=3D DIR_DEC) + bufsize =3D cnstr_shdsc_pdcp_c_plane_decap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, &authdata, + 0); + } else { + if (session->dir =3D=3D DIR_ENC) + bufsize =3D cnstr_shdsc_pdcp_u_plane_encap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->sn_size, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, 0); + else if (session->dir =3D=3D DIR_DEC) + bufsize =3D cnstr_shdsc_pdcp_u_plane_decap( + priv->flc_desc[0].desc, 1, swap, + pdcp_xform->sn_size, + pdcp_xform->hfn, + pdcp_xform->bearer, + pdcp_xform->pkt_dir, + pdcp_xform->hfn_threshold, + &cipherdata, 0); + } + + if (bufsize < 0) { + DPAA2_SEC_ERR("Crypto: Invalid buffer length"); + goto out; + } + + /* Enable the stashing control bit */ + DPAA2_SET_FLC_RSC(flc); + flc->word2_rflc_31_0 =3D lower_32_bits( + (size_t)&(((struct dpaa2_sec_qp *) + dev->data->queue_pairs[0])->rx_vq) | 0x14); + flc->word3_rflc_63_32 =3D upper_32_bits( + (size_t)&(((struct dpaa2_sec_qp *) + dev->data->queue_pairs[0])->rx_vq)); + + flc->word1_sdl =3D (uint8_t)bufsize; + + /* Set EWS bit i.e. enable write-safe */ + DPAA2_SET_FLC_EWS(flc); + /* Set BS =3D 1 i.e reuse input buffers as output buffers */ + DPAA2_SET_FLC_REUSE_BS(flc); + /* Set FF =3D 10; reuse input buffers if they provide sufficient space */ + DPAA2_SET_FLC_REUSE_FF(flc); + + session->ctxt =3D priv; + + return 0; +out: + rte_free(session->auth_key.data); + rte_free(session->cipher_key.data); + rte_free(priv); + return -1; +} + static int dpaa2_sec_security_session_create(void *dev, struct rte_security_session_conf *conf, @@ -2573,6 +2826,10 @@ dpaa2_sec_security_session_create(void *dev, break; case RTE_SECURITY_PROTOCOL_MACSEC: return -ENOTSUP; + case RTE_SECURITY_PROTOCOL_PDCP: + ret =3D dpaa2_sec_set_pdcp_session(cdev, conf, + sess_private_data); + break; default: return -EINVAL; } diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpa= a2_sec/dpaa2_sec_priv.h index bce9633c0..51751103d 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h @@ -137,6 +137,19 @@ struct dpaa2_sec_aead_ctxt { uint8_t auth_cipher_text; /**< Authenticate/cipher ordering */ }; =20 +/* + * The structure is to be filled by user for PDCP Protocol + */ +struct dpaa2_pdcp_ctxt { + enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/ + int8_t bearer; /*!< PDCP bearer ID */ + int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ + int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ + uint32_t hfn; /*!< Hyper Frame Number */ + uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ + uint8_t sn_size; /*!< Sequence number size, 7/12/15 */ +}; + typedef struct dpaa2_sec_session_entry { void *ctxt; uint8_t ctxt_type; @@ -160,15 +173,20 @@ typedef struct dpaa2_sec_session_entry { } auth_key; }; }; - struct { - uint16_t length; /**< IV length in bytes */ - uint16_t offset; /**< IV offset in bytes */ - } iv; - uint16_t digest_length; - uint8_t status; union { - struct dpaa2_sec_aead_ctxt aead_ctxt; - } ext_params; + struct { + struct { + uint16_t length; /**< IV length in bytes */ + uint16_t offset; /**< IV offset in bytes */ + } iv; + uint16_t digest_length; + uint8_t status; + union { + struct dpaa2_sec_aead_ctxt aead_ctxt; + } ext_params; + }; + struct dpaa2_pdcp_ctxt pdcp; + }; } dpaa2_sec_session; =20 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = =3D { @@ -392,6 +410,162 @@ static const struct rte_cryptodev_capabilities dpaa2_= sec_capabilities[] =3D { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; =20 +static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = =3D { + { /* SNOW 3G (UIA2) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_SNOW3G_UIA2, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 4, + .max =3D 4, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* SNOW 3G (UEA2) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* AES CTR */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_AES_CTR, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 32, + .increment =3D 8 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* NULL (AUTH) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_NULL, + .block_size =3D 1, + .key_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .iv_size =3D { 0 } + }, }, + }, }, + }, + { /* NULL (CIPHER) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_NULL, + .block_size =3D 1, + .key_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + } + }, }, + }, } + }, + { /* ZUC (EEA3) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_ZUC_EEA3, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* ZUC (EIA3) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_ZUC_EIA3, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 4, + .max =3D 4, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + static const struct rte_security_capability dpaa2_sec_security_cap[] =3D { { /* IPsec Lookaside Protocol offload ESP Transport Egress */ .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, @@ -415,6 +589,24 @@ static const struct rte_security_capability dpaa2_sec_= security_cap[] =3D { }, .crypto_capabilities =3D dpaa2_sec_capabilities }, + { /* PDCP Lookaside Protocol offload Data */ + .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol =3D RTE_SECURITY_PROTOCOL_PDCP, + .pdcp =3D { + .domain =3D RTE_SECURITY_PDCP_MODE_DATA, + .capa_flags =3D 0 + }, + .crypto_capabilities =3D dpaa2_pdcp_capabilities + }, + { /* PDCP Lookaside Protocol offload Control */ + .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol =3D RTE_SECURITY_PROTOCOL_PDCP, + .pdcp =3D { + .domain =3D RTE_SECURITY_PDCP_MODE_CONTROL, + .capa_flags =3D 0 + }, + .crypto_capabilities =3D dpaa2_pdcp_capabilities + }, { .action =3D RTE_SECURITY_ACTION_TYPE_NONE } --=20 2.17.1