From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id D12A942CFF;
	Tue, 20 Jun 2023 03:24:33 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A52F042D2C;
	Tue, 20 Jun 2023 03:24:28 +0200 (CEST)
Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (mail-bn7nam10on2089.outbound.protection.outlook.com [40.107.92.89])
 by mails.dpdk.org (Postfix) with ESMTP id BD2BB4113F
 for <dev@dpdk.org>; Tue, 20 Jun 2023 03:24:24 +0200 (CEST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=mXqXJTSO9Zd2SRBV9eUcjrkkyLt+DjW80l9NbHgUGPXvwdCYYWNyZ3ZAe7Cc5x5w71J2Ye43VNI/9CbUxsHiUlJFA0HN72D1RSzvaqdJ9h6LMKz3kbPg4kpMwa281iSXTVFJpkNKNXsAh5Rru+ErLgVmjN68Uwr6EabVB7rct848/MkpnMjseqOKHPIbzJyOhwqGgIod0VY1MGaVvS6+JW9uJaywRsczk+YDBB/FCakDsbsLIMZ8D3/neaDjZwlthvdqik5oMkWCx2NwcZsZxIp6tMYJPj4t9/Vn7nlfhHfLlDW0Mqi6slAEM7RWVvfW5sSYdvm7LEjJ/BzQlbct1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=c9e+KxpKaiq2dU3Kd2dU/hHkaRzWpdmadclSbTRrFlI=;
 b=J5PgaGkTzz0FLme2EYuxuxdkVdJZvuvD1K1hadzaLgHUU2jWkehoKMJA1aaDB7p0Y8DbxPY98JUvBbEO7VTFSE+iWFy5z1E5rjdBdL4EQSC0rYMVWtinBEZbYel0roNSctUI7F12K3CwYw62Lx2ofZdE4VXXXOJ027YvIZk1Ec3xjX2TRxBXDueYPDUSM5YHE/T/cMudTBQTIolDTxfoaPc5uSN+EUWxBj/+fbfG7/A9PX7+4iz8iXLwbUyL5KtRkBZKgzHAOZl2lOYHS69eN6so3dFvkHNipBkhk9L8UoDmQnu151EK98afmA12jYCUvvjEIcS3rSdMUM45GPOBrw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 216.228.117.161) smtp.rcpttodomain=dpdk.org smtp.mailfrom=nvidia.com;
 dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com;
 dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com;
 s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=c9e+KxpKaiq2dU3Kd2dU/hHkaRzWpdmadclSbTRrFlI=;
 b=M1Q2v8nSY2pWaOz8hNtz+MNSIRBeT6PFClANnzmnyHs420Lz2eIeG55GxmCVtE9zmd4pLfKrQN8OBvdQL3LArQ7iwCqUDtNvrwBKRNH5mqJTbM2JNZ0g3rGa+7h9Xk9g0gVNpOpE55RHY/4Z53C4uwmSL/sHwsDjFzy3yJJsTkRTaWahRPkvuQYyGpGeMH7hbfx/fH4FiuufPUA+MFVe09UMdXMBqACuFqk5DDuA1U2q20j6wWW4iv9/FyZFo+Jjs9RJsmkUwZ9rzyis7L+LJwRf9d13GG77+BJQOAYDWMQygew34tWn4xamRlc7sUPq4srwjZskfuHf/Gdl070gwQ==
Received: from CYXPR02CA0027.namprd02.prod.outlook.com (2603:10b6:930:cc::17)
 by LV2PR12MB5751.namprd12.prod.outlook.com (2603:10b6:408:17d::11)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.37; Tue, 20 Jun
 2023 01:24:22 +0000
Received: from CY4PEPF0000E9CF.namprd03.prod.outlook.com
 (2603:10b6:930:cc:cafe::b1) by CYXPR02CA0027.outlook.office365.com
 (2603:10b6:930:cc::17) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.37 via Frontend
 Transport; Tue, 20 Jun 2023 01:24:20 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161)
 smtp.mailfrom=nvidia.com;
 dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=nvidia.com;
Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates
 216.228.117.161 as permitted sender) receiver=protection.outlook.com;
 client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C
Received: from mail.nvidia.com (216.228.117.161) by
 CY4PEPF0000E9CF.mail.protection.outlook.com (10.167.241.142) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.6521.21 via Frontend Transport; Tue, 20 Jun 2023 01:24:21 +0000
Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com
 (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 19 Jun 2023
 18:24:13 -0700
Received: from nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com
 (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 19 Jun
 2023 18:24:09 -0700
From: Suanming Mou <suanmingm@nvidia.com>
To: Matan Azrad <matan@nvidia.com>, Viacheslav Ovsiienko
 <viacheslavo@nvidia.com>, Ori Kam <orika@nvidia.com>
CC: <rasland@nvidia.com>, <dev@dpdk.org>, <gakhil@marvell.com>
Subject: [PATCH v3 3/9] crypto/mlx5: add AES-GCM query and initialization
Date: Tue, 20 Jun 2023 04:23:16 +0300
Message-ID: <20230620012322.788099-4-suanmingm@nvidia.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20230620012322.788099-1-suanmingm@nvidia.com>
References: <20230418092325.2578712-1-suanmingm@nvidia.com>
 <20230620012322.788099-1-suanmingm@nvidia.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Originating-IP: [10.126.231.35]
X-ClientProxiedBy: rnnvmail201.nvidia.com (10.129.68.8) To
 rnnvmail201.nvidia.com (10.129.68.8)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9CF:EE_|LV2PR12MB5751:EE_
X-MS-Office365-Filtering-Correlation-Id: dfa6fccf-f513-4c2c-23f4-08db712d13af
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ix6f0Q3K1Q/UpthmRCJtHAEo87DhjhfRrRlL/YaT8/YDNLL4nRqbLJwSKOgdlgP3pVNOhoa8k6DSb8ZemXHokqq5v++M27YZ361zLr8Fs6AUEvPGFPz0C5cv+Nx+E+liiewcSjvl7iN6JDM2Vyu78JE59l1sY3VL6xfXL3FsjpG35r/fuqfsKom/VyrA0Czo4J/UpJa7uhnNB92r9k2QwP+zZFcS6imOExcbwMxpcdBFpk9PoHl0wud2Sdouznu/HENPUhhPp2xbSo+xTLxxQl/kkVjxv+bocyOsvTgj7YjzgxLNPvxYEyoO0ITpnz1eEVQSL4Bvxix9TeDSQ/0oPX13PHWy1Msaj+Bg80RwaoOVYm6sWqhGeWJAXcn4jtaDRgc3L26A/33tKFx8LDShUS1YXGoL9P/5WeUsHYu1Wg+5qR126cAFC8p3duTXNvIwujlKZvfnE+u/ydoAgn6f3mWkMXYd8fRPvGQH6B5mLiJ1w9ikBCVbConoTs9fAwYkfvbVAj/jLa33HxrY7F2qiweQ+wY3Hn8ICSC+ZTU3neuzqDI8FPvlmKSAMMJ+H+myS+OQ20BYsT0FwtRqaEB3qTAb+LbPAw2ilaV7QmRtHtZNzlkUS9dOOkhY4LJZzcAMMIqTE2qWX3SAnNmVqsiHhZVUTP2SjIW0TpmUm2RnXpVyCvtw06jx4+LtmIqpvWhGsu8ZrHP1QEqRYyZCPQS3m3ejGBuNlir6K6Xst7X11VY9uyHSKLFc+u2SEqR108ch
X-Forefront-Antispam-Report: CIP:216.228.117.161; CTRY:US; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge2.nvidia.com; CAT:NONE;
 SFS:(13230028)(4636009)(136003)(346002)(39860400002)(396003)(376002)(451199021)(40470700004)(36840700001)(46966006)(8936002)(6286002)(186003)(16526019)(70206006)(8676002)(4326008)(82740400003)(5660300002)(110136005)(54906003)(70586007)(40460700003)(6666004)(7696005)(82310400005)(316002)(478600001)(41300700001)(36756003)(26005)(6636002)(1076003)(40480700001)(55016003)(2906002)(47076005)(426003)(336012)(83380400001)(2616005)(86362001)(356005)(7636003)(36860700001);
 DIR:OUT; SFP:1101; 
X-OriginatorOrg: Nvidia.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2023 01:24:21.9831 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: dfa6fccf-f513-4c2c-23f4-08db712d13af
X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.161];
 Helo=[mail.nvidia.com]
X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9CF.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB5751
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

AES-GCM provides both authenticated encryption and the ability to check
the integrity and authentication of additional authenticated data (AAD)
that is sent in the clear.

This commit adds the AES-GCM attributes query and initialization function.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
---
 drivers/common/mlx5/mlx5_devx_cmds.c  | 15 +++++++++++
 drivers/common/mlx5/mlx5_devx_cmds.h  | 13 ++++++++++
 drivers/common/mlx5/mlx5_prm.h        | 19 +++++++++++---
 drivers/crypto/mlx5/meson.build       |  1 +
 drivers/crypto/mlx5/mlx5_crypto.c     |  4 ++-
 drivers/crypto/mlx5/mlx5_crypto.h     |  3 +++
 drivers/crypto/mlx5/mlx5_crypto_gcm.c | 36 +++++++++++++++++++++++++++
 7 files changed, 87 insertions(+), 4 deletions(-)
 create mode 100644 drivers/crypto/mlx5/mlx5_crypto_gcm.c

diff --git a/drivers/common/mlx5/mlx5_devx_cmds.c b/drivers/common/mlx5/mlx5_devx_cmds.c
index 1e418a0353..4332081165 100644
--- a/drivers/common/mlx5/mlx5_devx_cmds.c
+++ b/drivers/common/mlx5/mlx5_devx_cmds.c
@@ -1117,6 +1117,21 @@ mlx5_devx_cmd_query_hca_attr(void *ctx,
 		attr->crypto_wrapped_import_method = !!(MLX5_GET(crypto_caps,
 						hcattr, wrapped_import_method)
 						& 1 << 2);
+		attr->crypto_mmo.crypto_mmo_qp = MLX5_GET(crypto_caps, hcattr, crypto_mmo_qp);
+		attr->crypto_mmo.gcm_256_encrypt =
+			MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_256_encrypt);
+		attr->crypto_mmo.gcm_128_encrypt =
+			MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_128_encrypt);
+		attr->crypto_mmo.gcm_256_decrypt =
+			MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_256_decrypt);
+		attr->crypto_mmo.gcm_128_decrypt =
+			MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_128_decrypt);
+		attr->crypto_mmo.gcm_auth_tag_128 =
+			MLX5_GET(crypto_caps, hcattr, gcm_auth_tag_128);
+		attr->crypto_mmo.gcm_auth_tag_96 =
+			MLX5_GET(crypto_caps, hcattr, gcm_auth_tag_96);
+		attr->crypto_mmo.log_crypto_mmo_max_size =
+			MLX5_GET(crypto_caps, hcattr, log_crypto_mmo_max_size);
 	}
 	if (hca_cap_2_sup) {
 		hcattr = mlx5_devx_get_hca_cap(ctx, in, out, &rc,
diff --git a/drivers/common/mlx5/mlx5_devx_cmds.h b/drivers/common/mlx5/mlx5_devx_cmds.h
index dc3359268d..cb3f3a211b 100644
--- a/drivers/common/mlx5/mlx5_devx_cmds.h
+++ b/drivers/common/mlx5/mlx5_devx_cmds.h
@@ -125,6 +125,18 @@ struct mlx5_hca_flex_attr {
 	uint8_t  header_length_mask_width;
 };
 
+__extension__
+struct mlx5_hca_crypto_mmo_attr {
+	uint32_t crypto_mmo_qp:1;
+	uint32_t gcm_256_encrypt:1;
+	uint32_t gcm_128_encrypt:1;
+	uint32_t gcm_256_decrypt:1;
+	uint32_t gcm_128_decrypt:1;
+	uint32_t gcm_auth_tag_128:1;
+	uint32_t gcm_auth_tag_96:1;
+	uint32_t log_crypto_mmo_max_size:6;
+};
+
 /* ISO C restricts enumerator values to range of 'int' */
 __extension__
 enum {
@@ -250,6 +262,7 @@ struct mlx5_hca_attr {
 	struct mlx5_hca_vdpa_attr vdpa;
 	struct mlx5_hca_flow_attr flow;
 	struct mlx5_hca_flex_attr flex;
+	struct mlx5_hca_crypto_mmo_attr crypto_mmo;
 	int log_max_qp_sz;
 	int log_max_cq_sz;
 	int log_max_qp;
diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h
index d67c4336e6..755bd73275 100644
--- a/drivers/common/mlx5/mlx5_prm.h
+++ b/drivers/common/mlx5/mlx5_prm.h
@@ -4581,7 +4581,9 @@ struct mlx5_ifc_crypto_caps_bits {
 	u8 synchronize_dek[0x1];
 	u8 int_kek_manual[0x1];
 	u8 int_kek_auto[0x1];
-	u8 reserved_at_6[0x12];
+	u8 reserved_at_6[0xd];
+	u8 sw_wrapped_dek_key_purpose[0x1];
+	u8 reserved_at_14[0x4];
 	u8 wrapped_import_method[0x8];
 	u8 reserved_at_20[0x3];
 	u8 log_dek_max_alloc[0x5];
@@ -4598,8 +4600,19 @@ struct mlx5_ifc_crypto_caps_bits {
 	u8 log_dek_granularity[0x5];
 	u8 reserved_at_68[0x3];
 	u8 log_max_num_int_kek[0x5];
-	u8 reserved_at_70[0x10];
-	u8 reserved_at_80[0x780];
+	u8 sw_wrapped_dek_new[0x10];
+	u8 reserved_at_80[0x80];
+	u8 crypto_mmo_qp[0x1];
+	u8 crypto_aes_gcm_256_encrypt[0x1];
+	u8 crypto_aes_gcm_128_encrypt[0x1];
+	u8 crypto_aes_gcm_256_decrypt[0x1];
+	u8 crypto_aes_gcm_128_decrypt[0x1];
+	u8 gcm_auth_tag_128[0x1];
+	u8 gcm_auth_tag_96[0x1];
+	u8 reserved_at_107[0x3];
+	u8 log_crypto_mmo_max_size[0x6];
+	u8 reserved_at_110[0x10];
+	u8 reserved_at_120[0x6e0];
 };
 
 struct mlx5_ifc_crypto_commissioning_register_bits {
diff --git a/drivers/crypto/mlx5/meson.build b/drivers/crypto/mlx5/meson.build
index 045e8ce81d..17ffce89f0 100644
--- a/drivers/crypto/mlx5/meson.build
+++ b/drivers/crypto/mlx5/meson.build
@@ -16,6 +16,7 @@ endif
 sources = files(
         'mlx5_crypto.c',
 	'mlx5_crypto_xts.c',
+	'mlx5_crypto_gcm.c',
         'mlx5_crypto_dek.c',
 )
 
diff --git a/drivers/crypto/mlx5/mlx5_crypto.c b/drivers/crypto/mlx5/mlx5_crypto.c
index 2e6bcc6ddc..ff632cd69a 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.c
+++ b/drivers/crypto/mlx5/mlx5_crypto.c
@@ -335,7 +335,9 @@ mlx5_crypto_dev_probe(struct mlx5_common_device *cdev,
 		rte_errno = ENOTSUP;
 		return -rte_errno;
 	}
-	if (!cdev->config.hca_attr.crypto || !cdev->config.hca_attr.aes_xts) {
+	if (!cdev->config.hca_attr.crypto ||
+	   (!cdev->config.hca_attr.aes_xts &&
+	    !cdev->config.hca_attr.crypto_mmo.crypto_mmo_qp)) {
 		DRV_LOG(ERR, "Not enough capabilities to support crypto "
 			"operations, maybe old FW/OFED version?");
 		rte_errno = ENOTSUP;
diff --git a/drivers/crypto/mlx5/mlx5_crypto.h b/drivers/crypto/mlx5/mlx5_crypto.h
index 05d8fe97fe..76f368ee91 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.h
+++ b/drivers/crypto/mlx5/mlx5_crypto.h
@@ -117,4 +117,7 @@ mlx5_crypto_dek_unset(struct mlx5_crypto_priv *priv);
 int
 mlx5_crypto_xts_init(struct mlx5_crypto_priv *priv);
 
+int
+mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv);
+
 #endif /* MLX5_CRYPTO_H_ */
diff --git a/drivers/crypto/mlx5/mlx5_crypto_gcm.c b/drivers/crypto/mlx5/mlx5_crypto_gcm.c
new file mode 100644
index 0000000000..bd78c6d66b
--- /dev/null
+++ b/drivers/crypto/mlx5/mlx5_crypto_gcm.c
@@ -0,0 +1,36 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (c) 2023 NVIDIA Corporation & Affiliates
+ */
+
+#include <rte_malloc.h>
+#include <rte_mempool.h>
+#include <rte_eal_paging.h>
+#include <rte_errno.h>
+#include <rte_log.h>
+#include <bus_pci_driver.h>
+#include <rte_memory.h>
+
+#include <mlx5_glue.h>
+#include <mlx5_common.h>
+#include <mlx5_devx_cmds.h>
+#include <mlx5_common_os.h>
+
+#include "mlx5_crypto_utils.h"
+#include "mlx5_crypto.h"
+
+static struct rte_cryptodev_capabilities mlx5_crypto_gcm_caps[] = {
+	{
+		.op = RTE_CRYPTO_OP_TYPE_UNDEFINED,
+	},
+	{
+		.op = RTE_CRYPTO_OP_TYPE_UNDEFINED,
+	}
+};
+
+int
+mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv)
+{
+	priv->caps = mlx5_crypto_gcm_caps;
+	return 0;
+}
+
-- 
2.25.1