From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C7651A0032; Mon, 12 Sep 2022 15:16:43 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 784D242B71; Mon, 12 Sep 2022 15:16:24 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id A9D844021D for ; Mon, 12 Sep 2022 15:16:22 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28BMw3Eg017006 for ; Mon, 12 Sep 2022 06:16:21 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=r3STrNEzNi4cbZq4puLqlCLMTf88BDf+rdj53NWPgKc=; b=hWF1yGIHTv9MJt2BWXPo+eaYHnxfrEgDBE8VSYdYk+N65C3j1XX2ZBQm2XFGV8nPTEX5 8ALQ741dANHWCTu+q2fiDPxjoNl6M2kEp8W5p7q6enatmgul6zAl5TDiM/ilyHiB4Vuk L3BYga9CyzFMQESvkPRBYxh6Jah2EnvHDXE6X9aXUVzwThPAS7JlQbhDBQBtGBgvGvFO 8+ugNlE1BclwcIsu3EGHdfegl9170ARv14h1lHtXIdATshh9uqqXB3hXsi0jlYDFOwoI vA0e59ImX2IBSIvw5dNyfS97BsLKI2SsKA23vQR7jOQTcn/4AalWR5uzvzrFYqnRIQTY fQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3jgt3mxt50-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Mon, 12 Sep 2022 06:16:21 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 12 Sep 2022 06:16:20 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Mon, 12 Sep 2022 06:16:20 -0700 Received: from localhost.localdomain (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 0771C3F709A; Mon, 12 Sep 2022 06:16:17 -0700 (PDT) From: Nithin Dabilpuram To: Nithin Dabilpuram , Kiran Kumar K , Sunil Kumar Kori , Satha Rao CC: , , Vidya Sagar Velumuri Subject: [PATCH v3 16/32] net/cnxk: add crypto capabilities for HMAC-SHA2 Date: Mon, 12 Sep 2022 18:44:09 +0530 Message-ID: <20220912131425.1973415-16-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220912131425.1973415-1-ndabilpuram@marvell.com> References: <20220809184908.24030-1-ndabilpuram@marvell.com> <20220912131425.1973415-1-ndabilpuram@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: fmrPoCR2uPtUXL5-d_h50mM5xwHBq1FL X-Proofpoint-GUID: fmrPoCR2uPtUXL5-d_h50mM5xwHBq1FL X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-12_08,2022-09-12_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri Add capabilities for HMAC_SHA2 and udp encap for 9k security offload in inline mode. Set explicit IV mode in IPsec context when IV is provided by the application Signed-off-by: Vidya Sagar Velumuri --- drivers/net/cnxk/cn9k_ethdev_sec.c | 79 +++++++++++++++++++++++++++--- 1 file changed, 71 insertions(+), 8 deletions(-) diff --git a/drivers/net/cnxk/cn9k_ethdev_sec.c b/drivers/net/cnxk/cn9k_ethdev_sec.c index 2b2dca8b51..8c6e1c1765 100644 --- a/drivers/net/cnxk/cn9k_ethdev_sec.c +++ b/drivers/net/cnxk/cn9k_ethdev_sec.c @@ -80,6 +80,66 @@ static struct rte_cryptodev_capabilities cn9k_eth_sec_crypto_caps[] = { }, } }, } }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 1024, + .increment = 1 + }, + .digest_size = { + .min = 16, + .max = 32, + .increment = 16 + }, + }, } + }, } + }, + { /* SHA384 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 1024, + .increment = 1 + }, + .digest_size = { + .min = 24, + .max = 48, + .increment = 24 + }, + }, } + }, } + }, + { /* SHA512 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 1024, + .increment = 1 + }, + .digest_size = { + .min = 32, + .max = 64, + .increment = 32 + }, + }, } + }, } + }, RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; @@ -91,7 +151,9 @@ static const struct rte_security_capability cn9k_eth_sec_capabilities[] = { .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, - .options = { 0 } + .options = { + .udp_encap = 1 + } }, .crypto_capabilities = cn9k_eth_sec_crypto_caps, .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA @@ -103,7 +165,10 @@ static const struct rte_security_capability cn9k_eth_sec_capabilities[] = { .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, - .options = { 0 } + .options = { + .udp_encap = 1, + .iv_gen_disable = 1 + } }, .crypto_capabilities = cn9k_eth_sec_crypto_caps, .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA @@ -337,13 +402,11 @@ cn9k_eth_sec_session_create(void *device, goto mempool_put; } - /* Always enable explicit IV. - * Copy the IV from application only when iv_gen_disable flag is - * set + /* When IV is provided by the application, + * copy the IV to context and enable explicit IV flag in context. */ - outb_sa->common_sa.ctl.explicit_iv_en = 1; - - if (conf->ipsec.options.iv_gen_disable == 1) { + if (ipsec->options.iv_gen_disable == 1) { + outb_sa->common_sa.ctl.explicit_iv_en = 1; iv_str = getenv("ETH_SEC_IV_OVR"); if (iv_str) outb_dbg_iv_update(&outb_sa->common_sa, iv_str); -- 2.25.1