From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20060.outbound.protection.outlook.com [40.107.2.60]) by dpdk.org (Postfix) with ESMTP id 034921B48C for ; Wed, 9 Jan 2019 16:13:20 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pBAMArT5Av9oBFnokpPTeP6jL3k9pEJUTlD6/ubsw3c=; b=V+Lxi4hHgAv8l6mIO6K0VNJNXOt7CCD0/3MItiT+GxTB0eNnH11VGa55bsY7nPkyQmVbHG6ET2+0O6uVdQt2dsO04ieWSQLwIAXWIsPOV/HGPHG0iSKr/tlR/WL2IWyOzkpDOVdxSSgSnh8EgkpAO0xEHOp4vsnWYJhCWSpZVQI= Received: from VI1PR04MB4893.eurprd04.prod.outlook.com (20.177.49.154) by VI1PR04MB5056.eurprd04.prod.outlook.com (20.177.50.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1495.6; Wed, 9 Jan 2019 15:13:16 +0000 Received: from VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::1c70:8924:814d:d1a]) by VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::1c70:8924:814d:d1a%3]) with mapi id 15.20.1516.010; Wed, 9 Jan 2019 15:13:16 +0000 From: Akhil Goyal To: "dev@dpdk.org" CC: Hemant Agrawal , "pablo.de.lara.guarch@intel.com" Thread-Topic: [PATCH] crypto/dpaa_sec: support PDCP offload Thread-Index: AQHUqC3YQ+ptc2y9h0+Fi3+AEN+TBQ== Date: Wed, 9 Jan 2019 15:13:16 +0000 Message-ID: <20190109150612.20803-1-akhil.goyal@nxp.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BM1PR01CA0126.INDPRD01.PROD.OUTLOOK.COM (2603:1096:b00:40::20) To VI1PR04MB4893.eurprd04.prod.outlook.com (2603:10a6:803:56::26) authentication-results: spf=none (sender IP is ) smtp.mailfrom=akhil.goyal@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [14.143.30.134] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; VI1PR04MB5056; 6:qty6G35XWZqe5fwtvrckXrxOy4HUJIcqslGaTCOODD6BPllK/zD8hhMFp+uLfwDVw7pqXZsEAiq6jCeS59/+9iW58d71T0/QrJC6VhoPwGcoWEagX5ubhg7vE3bO5uPIeUJIp1s0SpYOS3Mqih1Hd+h24voj8AfoJuTmdIxKtYdRbO+fwNXgY51fMZwDCgDWhnDjHR6q8eoeviLuEZMBQzDABglvyo52bqkKzsRxHBZPwlW7fvXLaafXanvuw/mX2tlB89N0ONSikBkB7H7kBIE/euD+nEYDhHW1CrprRonuR6i9ZcgT5/rlM+172lVu8tkxoeTfhTL8TzEr7ceISj59YiQp+L5wg7BHvADC0FUyIDUGEaRoprAaHIZ4gqde8xbXMOFKbLDFd/jCiEC8Tvu+c5BbL51P5U1Zmy4r6rIU4ALvg/+lIbJUNoyKJuzohnpID/qKPjHj48coV6El9Q==; 5:TCqtOlPyO4o3KDSld7T3g92C4ifisychXE4MpSgghS8q1UDjioorNIvx67MYj4O7lj+uyPGMiGZg6TeatElru6n9FH9XqmC98igu7ihWStz0Lm/w68HQlAaOTWX6UVwt7BUUG4e01p3G0cqp/5RlqHgU9aTx+zSykpGCJ36BJVZINLHzoHFNyU5Quki6C5zSJBaVWi/ToEuC8XvdGoL8ag==; 7:qqzRJ9cwplajmCt1CUciBlVi5dHMnVswBaZi/VGgbwkjIFYuTdlm/aVGCmo5uJ16fcNJwsRu9WDv8RdHAUiJobmOCvmiirsHfNwwIy9ykqxYg0qRfPRpjkvHGBf4ioWC/bSugHCKvHBIu9ksdh9FTg== x-ms-office365-filtering-correlation-id: 43ff8245-3bb2-46d1-987e-08d67644fb15 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR04MB5056; x-ms-traffictypediagnostic: VI1PR04MB5056: x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(908002)(999002)(5005026)(6040522)(8220060)(2401047)(8121501046)(93006095)(93001095)(3231475)(944501520)(52105112)(3002001)(10201501046)(6055026)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(20161123562045)(20161123564045)(201708071742011)(7699051)(76991095); SRVR:VI1PR04MB5056; BCL:0; PCL:0; RULEID:; SRVR:VI1PR04MB5056; x-forefront-prvs: 0912297777 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(346002)(366004)(376002)(136003)(396003)(189003)(199004)(1730700003)(25786009)(6506007)(81156014)(8936002)(102836004)(386003)(14444005)(55236004)(5024004)(8676002)(81166006)(26005)(2351001)(14454004)(50226002)(186003)(105586002)(3846002)(6116002)(7736002)(305945005)(71190400001)(106356001)(256004)(97736004)(71200400001)(1076003)(6512007)(486006)(2501003)(44832011)(66066001)(53946003)(4326008)(99286004)(52116002)(78486014)(476003)(4744004)(2616005)(6916009)(2906002)(68736007)(316002)(54906003)(53936002)(5660300001)(6486002)(5640700003)(6436002)(86362001)(478600001)(36756003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR04MB5056; H:VI1PR04MB4893.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: +vF0GiYQeZElIsTDTVTiZeiAfClRV5lS7rlsuG2BG8s7ruQxhFuiY7xvbFdruNNqgEm3iK33RHT6k179v5eyHSmDsbL48gd6ASGqcCsraCiSOC4+3wXTpGX1eaX+rzKKAh5x0hjw4k57E/hYycTVNjftwwXRd8TM/SlhYF+tIvH7eEUNvjXjKKojXzS7ts9d89ARIFF/Mxk4l3w76top0b+H6wGpLuUCH//xzyzcAzrgOCQkKZs38LHCMNl1KcFGBqG4QSgsNwn3nTs2Z4AVxB8U8fcu7rBWnMQYIkmc3+OJLG938I9PJsCUjN1cK80O spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 43ff8245-3bb2-46d1-987e-08d67644fb15 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jan 2019 15:13:15.4458 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB5056 Subject: [dpdk-dev] [PATCH] crypto/dpaa_sec: support PDCP offload X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jan 2019 15:13:20 -0000 From: Hemant Agrawal PDCP session configuration for lookaside protocol offload and data path is added. Signed-off-by: Hemant Agrawal Acked-by: Akhil Goyal --- drivers/crypto/dpaa_sec/dpaa_sec.c | 268 +++++++++++++++++++++++++++++ drivers/crypto/dpaa_sec/dpaa_sec.h | 212 +++++++++++++++++++++-- 2 files changed, 470 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/d= paa_sec.c index d83e74541..b5896c4f7 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -33,6 +33,7 @@ #include #include #include +#include =20 #include #include @@ -266,6 +267,11 @@ static inline int is_proto_ipsec(dpaa_sec_session *ses= ) return (ses->proto_alg =3D=3D RTE_SECURITY_PROTOCOL_IPSEC); } =20 +static inline int is_proto_pdcp(dpaa_sec_session *ses) +{ + return (ses->proto_alg =3D=3D RTE_SECURITY_PROTOCOL_PDCP); +} + static inline int is_encode(dpaa_sec_session *ses) { return ses->dir =3D=3D DIR_ENC; @@ -372,6 +378,155 @@ caam_aead_alg(dpaa_sec_session *ses, struct alginfo *= alginfo) } } =20 +static int +dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) +{ + struct alginfo authdata =3D {0}, cipherdata =3D {0}; + struct sec_cdb *cdb =3D &ses->cdb; + int32_t shared_desc_len =3D 0; + int err; +#if RTE_BYTE_ORDER =3D=3D RTE_BIG_ENDIAN + int swap =3D false; +#else + int swap =3D true; +#endif + + switch (ses->cipher_alg) { + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_SNOW; + break; + case RTE_CRYPTO_CIPHER_ZUC_EEA3: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_ZUC; + break; + case RTE_CRYPTO_CIPHER_AES_CTR: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_AES; + break; + case RTE_CRYPTO_CIPHER_NULL: + cipherdata.algtype =3D PDCP_CIPHER_TYPE_NULL; + break; + default: + DPAA_SEC_ERR("Crypto: Undefined Cipher specified %u", + ses->cipher_alg); + return -1; + } + + cipherdata.key =3D (size_t)ses->cipher_key.data; + cipherdata.keylen =3D ses->cipher_key.length; + cipherdata.key_enc_flags =3D 0; + cipherdata.key_type =3D RTA_DATA_IMM; + + if (ses->pdcp.domain =3D=3D RTE_SECURITY_PDCP_MODE_CONTROL) { + switch (ses->auth_alg) { + case RTE_CRYPTO_AUTH_SNOW3G_UIA2: + authdata.algtype =3D PDCP_AUTH_TYPE_SNOW; + break; + case RTE_CRYPTO_AUTH_ZUC_EIA3: + authdata.algtype =3D PDCP_AUTH_TYPE_ZUC; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: + authdata.algtype =3D PDCP_AUTH_TYPE_AES; + break; + case RTE_CRYPTO_AUTH_NULL: + authdata.algtype =3D PDCP_AUTH_TYPE_NULL; + break; + default: + DPAA_SEC_ERR("Crypto: Unsupported auth alg %u", + ses->auth_alg); + return -1; + } + + authdata.key =3D (size_t)ses->auth_key.data; + authdata.keylen =3D ses->auth_key.length; + authdata.key_enc_flags =3D 0; + authdata.key_type =3D RTA_DATA_IMM; + + cdb->sh_desc[0] =3D cipherdata.keylen; + cdb->sh_desc[1] =3D authdata.keylen; + err =3D rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, + MIN_JOB_DESC_SIZE, + (unsigned int *)cdb->sh_desc, + &cdb->sh_desc[2], 2); + + if (err < 0) { + DPAA_SEC_ERR("Crypto: Incorrect key lengths"); + return err; + } + if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + cipherdata.key =3D (size_t)dpaa_mem_vtop( + (void *)(size_t)cipherdata.key); + cipherdata.key_type =3D RTA_DATA_PTR; + } + if (!(cdb->sh_desc[2] & (1<<1)) && authdata.keylen) { + authdata.key =3D (size_t)dpaa_mem_vtop( + (void *)(size_t)authdata.key); + authdata.key_type =3D RTA_DATA_PTR; + } + + cdb->sh_desc[0] =3D 0; + cdb->sh_desc[1] =3D 0; + cdb->sh_desc[2] =3D 0; + + if (ses->dir =3D=3D DIR_ENC) + shared_desc_len =3D cnstr_shdsc_pdcp_c_plane_encap( + cdb->sh_desc, 1, swap, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, &authdata, + 0); + else if (ses->dir =3D=3D DIR_DEC) + shared_desc_len =3D cnstr_shdsc_pdcp_c_plane_decap( + cdb->sh_desc, 1, swap, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, &authdata, + 0); + } else { + cdb->sh_desc[0] =3D cipherdata.keylen; + err =3D rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, + MIN_JOB_DESC_SIZE, + (unsigned int *)cdb->sh_desc, + &cdb->sh_desc[2], 1); + + if (err < 0) { + DPAA_SEC_ERR("Crypto: Incorrect key lengths"); + return err; + } + if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + cipherdata.key =3D (size_t)dpaa_mem_vtop( + (void *)(size_t)cipherdata.key); + cipherdata.key_type =3D RTA_DATA_PTR; + } + cdb->sh_desc[0] =3D 0; + cdb->sh_desc[1] =3D 0; + cdb->sh_desc[2] =3D 0; + + if (ses->dir =3D=3D DIR_ENC) + shared_desc_len =3D cnstr_shdsc_pdcp_u_plane_encap( + cdb->sh_desc, 1, swap, + ses->pdcp.sn_size, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, 0); + else if (ses->dir =3D=3D DIR_DEC) + shared_desc_len =3D cnstr_shdsc_pdcp_u_plane_decap( + cdb->sh_desc, 1, swap, + ses->pdcp.sn_size, + ses->pdcp.hfn, + ses->pdcp.bearer, + ses->pdcp.pkt_dir, + ses->pdcp.hfn_threshold, + &cipherdata, 0); + } + + return shared_desc_len; +} + /* prepare ipsec proto command block of the session */ static int dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses) @@ -472,6 +627,8 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) =20 if (is_proto_ipsec(ses)) { shared_desc_len =3D dpaa_sec_prep_ipsec_cdb(ses); + } else if (is_proto_pdcp(ses)) { + shared_desc_len =3D dpaa_sec_prep_pdcp_cdb(ses); } else if (is_cipher_only(ses)) { caam_cipher_alg(ses, &alginfo_c); if (alginfo_c.algtype =3D=3D (unsigned int)DPAA_SEC_ALG_UNSUPPORT) { @@ -1545,6 +1702,8 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op= **ops, if (rte_pktmbuf_is_contiguous(op->sym->m_src)) { if (is_proto_ipsec(ses)) { cf =3D build_proto(op, ses); + } else if (is_proto_pdcp(ses)) { + cf =3D build_proto(op, ses); } else if (is_auth_only(ses)) { cf =3D build_auth_only(op, ses); } else if (is_cipher_only(ses)) { @@ -2105,7 +2264,112 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_= cryptodev *dev, goto out; } =20 + return 0; +out: + rte_free(session->auth_key.data); + rte_free(session->cipher_key.data); + memset(session, 0, sizeof(dpaa_sec_session)); + return -1; +} + +static int +dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev, + struct rte_security_session_conf *conf, + void *sess) +{ + struct rte_security_pdcp_xform *pdcp_xform =3D &conf->pdcp; + struct rte_crypto_sym_xform *xform =3D conf->crypto_xform; + struct rte_crypto_auth_xform *auth_xform =3D NULL; + struct rte_crypto_cipher_xform *cipher_xform =3D NULL; + dpaa_sec_session *session =3D (dpaa_sec_session *)sess; + struct dpaa_sec_dev_private *dev_priv =3D dev->data->dev_private; + + PMD_INIT_FUNC_TRACE(); + + memset(session, 0, sizeof(dpaa_sec_session)); + + /* find xfrm types */ + if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_CIPHER) { + cipher_xform =3D &xform->cipher; + if (xform->next !=3D NULL) + auth_xform =3D &xform->next->auth; + } else if (xform->type =3D=3D RTE_CRYPTO_SYM_XFORM_AUTH) { + auth_xform =3D &xform->auth; + if (xform->next !=3D NULL) + cipher_xform =3D &xform->next->cipher; + } else { + DPAA_SEC_ERR("Invalid crypto type"); + return -EINVAL; + } + + session->proto_alg =3D conf->protocol; + if (cipher_xform) { + session->cipher_key.data =3D rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data =3D=3D NULL && + cipher_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for cipher key"); + return -ENOMEM; + } + session->cipher_key.length =3D cipher_xform->key.length; + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + session->dir =3D (cipher_xform->op =3D=3D RTE_CRYPTO_CIPHER_OP_ENCRYPT) = ? + DIR_ENC : DIR_DEC; + session->cipher_alg =3D cipher_xform->algo; + } else { + session->cipher_key.data =3D NULL; + session->cipher_key.length =3D 0; + session->cipher_alg =3D RTE_CRYPTO_CIPHER_NULL; + session->dir =3D DIR_ENC; + } + + /* Auth is only applicable for control mode operation. */ + if (pdcp_xform->domain =3D=3D RTE_SECURITY_PDCP_MODE_CONTROL) { + if (pdcp_xform->sn_size !=3D RTE_SECURITY_PDCP_SN_SIZE_5) { + DPAA_SEC_ERR( + "PDCP Seq Num size should be 5 bits for cmode"); + goto out; + } + if (auth_xform) { + session->auth_key.data =3D rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data =3D=3D NULL && + auth_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + return -ENOMEM; + } + session->auth_key.length =3D auth_xform->key.length; + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_alg =3D auth_xform->algo; + } else { + session->auth_key.data =3D NULL; + session->auth_key.length =3D 0; + session->auth_alg =3D RTE_CRYPTO_AUTH_NULL; + } + } + session->pdcp.domain =3D pdcp_xform->domain; + session->pdcp.bearer =3D pdcp_xform->bearer; + session->pdcp.pkt_dir =3D pdcp_xform->pkt_dir; + session->pdcp.sn_size =3D pdcp_xform->sn_size; +#ifdef ENABLE_HFN_OVERRIDE + session->pdcp.hfn_ovd =3D pdcp_xform->hfn_ovd; +#endif + session->pdcp.hfn =3D pdcp_xform->hfn; + session->pdcp.hfn_threshold =3D pdcp_xform->hfn_threshold; =20 + session->ctx_pool =3D dev_priv->ctx_pool; + rte_spinlock_lock(&dev_priv->lock); + session->inq =3D dpaa_sec_attach_rxq(dev_priv); + rte_spinlock_unlock(&dev_priv->lock); + if (session->inq =3D=3D NULL) { + DPAA_SEC_ERR("unable to attach sec queue"); + goto out; + } return 0; out: rte_free(session->auth_key.data); @@ -2134,6 +2398,10 @@ dpaa_sec_security_session_create(void *dev, ret =3D dpaa_sec_set_ipsec_session(cdev, conf, sess_private_data); break; + case RTE_SECURITY_PROTOCOL_PDCP: + ret =3D dpaa_sec_set_pdcp_session(cdev, conf, + sess_private_data); + break; case RTE_SECURITY_PROTOCOL_MACSEC: return -ENOTSUP; default: diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/d= paa_sec.h index f4b87844c..6049c1d52 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.h +++ b/drivers/crypto/dpaa_sec/dpaa_sec.h @@ -91,6 +91,20 @@ struct sec_cdb { uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE]; }; =20 +/*! + * The structure is to be filled by user as a part of + * dpaa_sec_proto_ctxt for PDCP Protocol + */ +struct sec_pdcp_ctxt { + enum rte_security_pdcp_domain domain; /*!< Data/Control mode*/ + int8_t bearer; /*!< PDCP bearer ID */ + int8_t pkt_dir;/*!< PDCP Frame Direction 0:UL 1:DL*/ + int8_t hfn_ovd;/*!< Overwrite HFN per packet*/ + uint32_t hfn; /*!< Hyper Frame Number */ + uint32_t hfn_threshold; /*!< HFN Threashold for key renegotiation */ + uint8_t sn_size; /*!< Sequence number size, 7/12/15 */ +}; + typedef struct dpaa_sec_session_entry { uint8_t dir; /*!< Operation Direction */ enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/ @@ -113,15 +127,21 @@ typedef struct dpaa_sec_session_entry { } auth_key; }; }; - struct { - uint16_t length; - uint16_t offset; - } iv; /**< Initialisation vector parameters */ - uint16_t auth_only_len; /*!< Length of data for Auth only */ - uint32_t digest_length; - struct ipsec_encap_pdb encap_pdb; - struct ip ip4_hdr; - struct ipsec_decap_pdb decap_pdb; + union { + struct { + struct { + uint16_t length; + uint16_t offset; + } iv; /**< Initialisation vector parameters */ + uint16_t auth_only_len; + /*!< Length of data for Auth only */ + uint32_t digest_length; + struct ipsec_decap_pdb decap_pdb; + struct ipsec_encap_pdb encap_pdb; + struct ip ip4_hdr; + }; + struct sec_pdcp_ctxt pdcp; + }; struct dpaa_sec_qp *qp; struct qman_fq *inq; struct sec_cdb cdb; /**< cmd block associated with qp */ @@ -366,7 +386,7 @@ static const struct rte_cryptodev_capabilities dpaa_sec= _capabilities[] =3D { .min =3D 16, .max =3D 16, .increment =3D 0 - } + }, }, } }, } }, @@ -394,6 +414,162 @@ static const struct rte_cryptodev_capabilities dpaa_s= ec_capabilities[] =3D { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; =20 +static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = =3D { + { /* SNOW 3G (UIA2) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_SNOW3G_UIA2, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 4, + .max =3D 4, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* SNOW 3G (UEA2) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* AES CTR */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_AES_CTR, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 32, + .increment =3D 8 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* NULL (AUTH) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_NULL, + .block_size =3D 1, + .key_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .iv_size =3D { 0 } + }, }, + }, }, + }, + { /* NULL (CIPHER) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_NULL, + .block_size =3D 1, + .key_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 0, + .max =3D 0, + .increment =3D 0 + } + }, }, + }, } + }, + { /* ZUC (EEA3) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher =3D { + .algo =3D RTE_CRYPTO_CIPHER_ZUC_EEA3, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + { /* ZUC (EIA3) */ + .op =3D RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym =3D { + .xform_type =3D RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth =3D { + .algo =3D RTE_CRYPTO_AUTH_ZUC_EIA3, + .block_size =3D 16, + .key_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + }, + .digest_size =3D { + .min =3D 4, + .max =3D 4, + .increment =3D 0 + }, + .iv_size =3D { + .min =3D 16, + .max =3D 16, + .increment =3D 0 + } + }, } + }, } + }, + + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + static const struct rte_security_capability dpaa_sec_security_cap[] =3D { { /* IPsec Lookaside Protocol offload ESP Transport Egress */ .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, @@ -417,6 +593,22 @@ static const struct rte_security_capability dpaa_sec_s= ecurity_cap[] =3D { }, .crypto_capabilities =3D dpaa_sec_capabilities }, + { /* PDCP Lookaside Protocol offload Data */ + .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol =3D RTE_SECURITY_PROTOCOL_PDCP, + .pdcp =3D { + .domain =3D RTE_SECURITY_PDCP_MODE_DATA, + }, + .crypto_capabilities =3D dpaa_pdcp_capabilities + }, + { /* PDCP Lookaside Protocol offload Control */ + .action =3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol =3D RTE_SECURITY_PROTOCOL_PDCP, + .pdcp =3D { + .domain =3D RTE_SECURITY_PDCP_MODE_CONTROL, + }, + .crypto_capabilities =3D dpaa_pdcp_capabilities + }, { .action =3D RTE_SECURITY_ACTION_TYPE_NONE } --=20 2.17.1