DPDK patches and discussions
 help / color / mirror / Atom feed
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>
Cc: Tejasree Kondoj <ktejasree@marvell.com>,
	Jerin Jacob <jerinj@marvell.com>,
	 Vidya Sagar Velumuri <vvelumuri@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 19/24] crypto/cnxk: replace PDCP with PDCP chain opcode
Date: Thu, 21 Dec 2023 18:05:40 +0530	[thread overview]
Message-ID: <20231221123545.510-20-anoobj@marvell.com> (raw)
In-Reply-To: <20231221123545.510-1-anoobj@marvell.com>

From: Tejasree Kondoj <ktejasree@marvell.com>

Replacing PDCP opcode with PDCP chain opcode.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/common/cnxk/roc_se.c  | 331 +++++++++-------------------------
 drivers/common/cnxk/roc_se.h  |  18 +-
 drivers/crypto/cnxk/cnxk_se.h |  96 +++++-----
 3 files changed, 135 insertions(+), 310 deletions(-)

diff --git a/drivers/common/cnxk/roc_se.c b/drivers/common/cnxk/roc_se.c
index 6ced4ef789..4e00268149 100644
--- a/drivers/common/cnxk/roc_se.c
+++ b/drivers/common/cnxk/roc_se.c
@@ -88,13 +88,20 @@ cpt_ciph_type_set(roc_se_cipher_type type, struct roc_se_ctx *ctx, uint16_t key_
 		fc_type = ROC_SE_FC_GEN;
 		break;
 	case ROC_SE_ZUC_EEA3:
-		if (chained_op) {
-			if (unlikely(key_len != 16))
+		if (unlikely(key_len != 16)) {
+			/*
+			 * ZUC 256 is not supported with older microcode
+			 * where pdcp_iv_offset is 16
+			 */
+			if (chained_op || (ctx->pdcp_iv_offset == 16)) {
+				plt_err("ZUC 256 is not supported with chained operations");
 				return -1;
+			}
+		}
+		if (chained_op)
 			fc_type = ROC_SE_PDCP_CHAIN;
-		} else {
+		else
 			fc_type = ROC_SE_PDCP;
-		}
 		break;
 	case ROC_SE_SNOW3G_UEA2:
 		if (unlikely(key_len != 16))
@@ -197,33 +204,6 @@ cpt_hmac_opad_ipad_gen(roc_se_auth_type auth_type, const uint8_t *key, uint16_t
 	}
 }
 
-static int
-cpt_pdcp_key_type_set(struct roc_se_zuc_snow3g_ctx *zs_ctx, uint16_t key_len)
-{
-	roc_se_aes_type key_type = 0;
-
-	if (roc_model_is_cn9k()) {
-		if (key_len != 16) {
-			plt_err("Only key len 16 is supported on cn9k");
-			return -ENOTSUP;
-		}
-	}
-
-	switch (key_len) {
-	case 16:
-		key_type = ROC_SE_AES_128_BIT;
-		break;
-	case 32:
-		key_type = ROC_SE_AES_256_BIT;
-		break;
-	default:
-		plt_err("Invalid AES key len");
-		return -ENOTSUP;
-	}
-	zs_ctx->zuc.otk_ctx.w0.s.key_len = key_type;
-	return 0;
-}
-
 static int
 cpt_pdcp_chain_key_type_get(uint16_t key_len)
 {
@@ -247,36 +227,6 @@ cpt_pdcp_chain_key_type_get(uint16_t key_len)
 	return key_type;
 }
 
-static int
-cpt_pdcp_mac_len_set(struct roc_se_zuc_snow3g_ctx *zs_ctx, uint16_t mac_len)
-{
-	roc_se_pdcp_mac_len_type mac_type = 0;
-
-	if (roc_model_is_cn9k()) {
-		if (mac_len != 4) {
-			plt_err("Only mac len 4 is supported on cn9k");
-			return -ENOTSUP;
-		}
-	}
-
-	switch (mac_len) {
-	case 4:
-		mac_type = ROC_SE_PDCP_MAC_LEN_32_BIT;
-		break;
-	case 8:
-		mac_type = ROC_SE_PDCP_MAC_LEN_64_BIT;
-		break;
-	case 16:
-		mac_type = ROC_SE_PDCP_MAC_LEN_128_BIT;
-		break;
-	default:
-		plt_err("Invalid ZUC MAC len");
-		return -ENOTSUP;
-	}
-	zs_ctx->zuc.otk_ctx.w0.s.mac_len = mac_type;
-	return 0;
-}
-
 static void
 cpt_zuc_const_update(uint8_t *zuc_const, int key_len, int mac_len)
 {
@@ -300,32 +250,27 @@ cpt_zuc_const_update(uint8_t *zuc_const, int key_len, int mac_len)
 }
 
 int
-roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
-		    const uint8_t *key, uint16_t key_len, uint16_t mac_len)
+roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type, const uint8_t *key,
+		    uint16_t key_len, uint16_t mac_len)
 {
-	struct roc_se_zuc_snow3g_chain_ctx *zs_ch_ctx;
-	struct roc_se_zuc_snow3g_ctx *zs_ctx;
 	struct roc_se_kasumi_ctx *k_ctx;
+	struct roc_se_pdcp_ctx *pctx;
 	struct roc_se_context *fctx;
 	uint8_t opcode_minor;
-	uint8_t pdcp_alg;
 	bool chained_op;
-	int ret;
 
 	if (se_ctx == NULL)
 		return -1;
 
-	zs_ctx = &se_ctx->se_ctx.zs_ctx;
-	zs_ch_ctx = &se_ctx->se_ctx.zs_ch_ctx;
+	pctx = &se_ctx->se_ctx.pctx;
 	k_ctx = &se_ctx->se_ctx.k_ctx;
 	fctx = &se_ctx->se_ctx.fctx;
 
 	chained_op = se_ctx->ciph_then_auth || se_ctx->auth_then_ciph;
 
 	if ((type >= ROC_SE_ZUC_EIA3) && (type <= ROC_SE_KASUMI_F9_ECB)) {
-		uint8_t *zuc_const;
 		uint32_t keyx[4];
-		uint8_t *ci_key;
+		int key_type;
 
 		if (!key_len)
 			return -1;
@@ -335,98 +280,64 @@ roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
 			return -1;
 		}
 
-		if (roc_model_is_cn9k()) {
-			ci_key = zs_ctx->zuc.onk_ctx.ci_key;
-			zuc_const = zs_ctx->zuc.onk_ctx.zuc_const;
-		} else {
-			ci_key = zs_ctx->zuc.otk_ctx.ci_key;
-			zuc_const = zs_ctx->zuc.otk_ctx.zuc_const;
-		}
-
 		/* For ZUC/SNOW3G/Kasumi */
 		switch (type) {
 		case ROC_SE_SNOW3G_UIA2:
-			if (chained_op) {
-				struct roc_se_onk_zuc_chain_ctx *ctx =
-					&zs_ch_ctx->zuc.onk_ctx;
-				zs_ch_ctx->zuc.onk_ctx.w0.s.state_conf =
-					ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
-				ctx->w0.s.auth_type =
-					ROC_SE_PDCP_CHAIN_ALG_TYPE_SNOW3G;
-				ctx->w0.s.mac_len = mac_len;
-				ctx->w0.s.auth_key_len = key_len;
-				se_ctx->fc_type = ROC_SE_PDCP_CHAIN;
-				cpt_snow3g_key_gen(key, keyx);
-				memcpy(ctx->st.auth_key, keyx, key_len);
-			} else {
-				zs_ctx->zuc.otk_ctx.w0.s.alg_type =
-					ROC_SE_PDCP_ALG_TYPE_SNOW3G;
-				zs_ctx->zuc.otk_ctx.w0.s.mac_len =
-					ROC_SE_PDCP_MAC_LEN_32_BIT;
-				cpt_snow3g_key_gen(key, keyx);
-				memcpy(ci_key, keyx, key_len);
+			pctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
+			pctx->w0.s.auth_type = ROC_SE_PDCP_CHAIN_ALG_TYPE_SNOW3G;
+			pctx->w0.s.mac_len = mac_len;
+			pctx->w0.s.auth_key_len = key_len;
+			se_ctx->fc_type = ROC_SE_PDCP_CHAIN;
+			cpt_snow3g_key_gen(key, keyx);
+			memcpy(pctx->st.auth_key, keyx, key_len);
+
+			if (!chained_op)
 				se_ctx->fc_type = ROC_SE_PDCP;
-			}
 			se_ctx->pdcp_auth_alg = ROC_SE_PDCP_ALG_TYPE_SNOW3G;
 			se_ctx->zsk_flags = 0x1;
 			break;
 		case ROC_SE_ZUC_EIA3:
-			if (chained_op) {
-				struct roc_se_onk_zuc_chain_ctx *ctx =
-					&zs_ch_ctx->zuc.onk_ctx;
-				ctx->w0.s.state_conf =
-					ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
-				ctx->w0.s.auth_type =
-					ROC_SE_PDCP_CHAIN_ALG_TYPE_ZUC;
-				ctx->w0.s.mac_len = mac_len;
-				ctx->w0.s.auth_key_len = key_len;
-				memcpy(ctx->st.auth_key, key, key_len);
-				cpt_zuc_const_update(ctx->st.auth_zuc_const,
-						     key_len, mac_len);
-				se_ctx->fc_type = ROC_SE_PDCP_CHAIN;
-			} else {
-				zs_ctx->zuc.otk_ctx.w0.s.alg_type =
-					ROC_SE_PDCP_ALG_TYPE_ZUC;
-				ret = cpt_pdcp_key_type_set(zs_ctx, key_len);
-				if (ret)
-					return ret;
-				ret = cpt_pdcp_mac_len_set(zs_ctx, mac_len);
-				if (ret)
-					return ret;
-				memcpy(ci_key, key, key_len);
-				if (key_len == 32)
-					roc_se_zuc_bytes_swap(ci_key, key_len);
-				cpt_zuc_const_update(zuc_const, key_len,
-						     mac_len);
-				se_ctx->fc_type = ROC_SE_PDCP;
+			if (unlikely(key_len != 16)) {
+				/*
+				 * ZUC 256 is not supported with older microcode
+				 * where pdcp_iv_offset is 16
+				 */
+				if (chained_op || (se_ctx->pdcp_iv_offset == 16)) {
+					plt_err("ZUC 256 is not supported with chained operations");
+					return -1;
+				}
 			}
+			key_type = cpt_pdcp_chain_key_type_get(key_len);
+			if (key_type < 0)
+				return key_type;
+			pctx->w0.s.auth_key_len = key_type;
+			pctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
+			pctx->w0.s.auth_type = ROC_SE_PDCP_CHAIN_ALG_TYPE_ZUC;
+			pctx->w0.s.mac_len = mac_len;
+			memcpy(pctx->st.auth_key, key, key_len);
+			if (key_len == 32)
+				roc_se_zuc_bytes_swap(pctx->st.auth_key, key_len);
+			cpt_zuc_const_update(pctx->st.auth_zuc_const, key_len, mac_len);
+			se_ctx->fc_type = ROC_SE_PDCP_CHAIN;
+
+			if (!chained_op)
+				se_ctx->fc_type = ROC_SE_PDCP;
 			se_ctx->pdcp_auth_alg = ROC_SE_PDCP_ALG_TYPE_ZUC;
 			se_ctx->zsk_flags = 0x1;
 			break;
 		case ROC_SE_AES_CMAC_EIA2:
-			if (chained_op) {
-				struct roc_se_onk_zuc_chain_ctx *ctx =
-					&zs_ch_ctx->zuc.onk_ctx;
-				int key_type;
-				key_type = cpt_pdcp_chain_key_type_get(key_len);
-				if (key_type < 0)
-					return key_type;
-				ctx->w0.s.auth_key_len = key_type;
-				ctx->w0.s.state_conf =
-					ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
-				ctx->w0.s.auth_type =
-					ROC_SE_PDCP_ALG_TYPE_AES_CTR;
-				ctx->w0.s.mac_len = mac_len;
-				memcpy(ctx->st.auth_key, key, key_len);
-				se_ctx->fc_type = ROC_SE_PDCP_CHAIN;
-			} else {
-				zs_ctx->zuc.otk_ctx.w0.s.alg_type =
-					ROC_SE_PDCP_ALG_TYPE_AES_CTR;
-				zs_ctx->zuc.otk_ctx.w0.s.mac_len =
-					ROC_SE_PDCP_MAC_LEN_32_BIT;
-				memcpy(ci_key, key, key_len);
+			key_type = cpt_pdcp_chain_key_type_get(key_len);
+			if (key_type < 0)
+				return key_type;
+			pctx->w0.s.auth_key_len = key_type;
+			pctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
+			pctx->w0.s.auth_type = ROC_SE_PDCP_ALG_TYPE_AES_CTR;
+			pctx->w0.s.mac_len = mac_len;
+			memcpy(pctx->st.auth_key, key, key_len);
+			se_ctx->fc_type = ROC_SE_PDCP_CHAIN;
+
+			if (!chained_op)
 				se_ctx->fc_type = ROC_SE_PDCP;
-			}
 			se_ctx->pdcp_auth_alg = ROC_SE_PDCP_ALG_TYPE_AES_CMAC;
 			se_ctx->eia2 = 1;
 			se_ctx->zsk_flags = 0x1;
@@ -454,11 +365,8 @@ roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
 
 		se_ctx->mac_len = mac_len;
 		se_ctx->hash_type = type;
-		pdcp_alg = zs_ctx->zuc.otk_ctx.w0.s.alg_type;
 		if (chained_op)
 			opcode_minor = se_ctx->ciph_then_auth ? 2 : 3;
-		else if (roc_model_is_cn9k())
-			opcode_minor = ((1 << 7) | (pdcp_alg << 5) | 1);
 		else
 			opcode_minor = ((1 << 4) | 1);
 
@@ -513,29 +421,18 @@ int
 roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type, const uint8_t *key,
 		    uint16_t key_len)
 {
-	bool chained_op = se_ctx->ciph_then_auth || se_ctx->auth_then_ciph;
-	struct roc_se_zuc_snow3g_ctx *zs_ctx = &se_ctx->se_ctx.zs_ctx;
 	struct roc_se_context *fctx = &se_ctx->se_ctx.fctx;
-	struct roc_se_zuc_snow3g_chain_ctx *zs_ch_ctx;
+	struct roc_se_pdcp_ctx *pctx;
 	uint8_t opcode_minor = 0;
-	uint8_t *zuc_const;
 	uint32_t keyx[4];
-	uint8_t *ci_key;
+	int key_type;
 	int i, ret;
 
 	/* For NULL cipher, no processing required. */
 	if (type == ROC_SE_PASSTHROUGH)
 		return 0;
 
-	zs_ch_ctx = &se_ctx->se_ctx.zs_ch_ctx;
-
-	if (roc_model_is_cn9k()) {
-		ci_key = zs_ctx->zuc.onk_ctx.ci_key;
-		zuc_const = zs_ctx->zuc.onk_ctx.zuc_const;
-	} else {
-		ci_key = zs_ctx->zuc.otk_ctx.ci_key;
-		zuc_const = zs_ctx->zuc.otk_ctx.zuc_const;
-	}
+	pctx = &se_ctx->se_ctx.pctx;
 
 	if ((type == ROC_SE_AES_GCM) || (type == ROC_SE_AES_CCM))
 		se_ctx->template_w4.s.opcode_minor = BIT(5);
@@ -615,72 +512,38 @@ roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type, const ui
 		fctx->enc.enc_cipher = ROC_SE_DES3_CBC;
 		goto success;
 	case ROC_SE_SNOW3G_UEA2:
-		if (chained_op == true) {
-			struct roc_se_onk_zuc_chain_ctx *ctx =
-				&zs_ch_ctx->zuc.onk_ctx;
-			zs_ch_ctx->zuc.onk_ctx.w0.s.state_conf =
-				ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
-			zs_ch_ctx->zuc.onk_ctx.w0.s.cipher_type =
-				ROC_SE_PDCP_CHAIN_ALG_TYPE_SNOW3G;
-			zs_ch_ctx->zuc.onk_ctx.w0.s.ci_key_len = key_len;
-			cpt_snow3g_key_gen(key, keyx);
-			memcpy(ctx->st.ci_key, keyx, key_len);
-		} else {
-			zs_ctx->zuc.otk_ctx.w0.s.key_len = ROC_SE_AES_128_BIT;
-			zs_ctx->zuc.otk_ctx.w0.s.alg_type =
-				ROC_SE_PDCP_ALG_TYPE_SNOW3G;
-			cpt_snow3g_key_gen(key, keyx);
-			memcpy(ci_key, keyx, key_len);
-		}
+		pctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
+		pctx->w0.s.cipher_type = ROC_SE_PDCP_CHAIN_ALG_TYPE_SNOW3G;
+		pctx->w0.s.ci_key_len = key_len;
+		cpt_snow3g_key_gen(key, keyx);
+		memcpy(pctx->st.ci_key, keyx, key_len);
 		se_ctx->pdcp_ci_alg = ROC_SE_PDCP_ALG_TYPE_SNOW3G;
 		se_ctx->zsk_flags = 0;
 		goto success;
 	case ROC_SE_ZUC_EEA3:
-		if (chained_op == true) {
-			struct roc_se_onk_zuc_chain_ctx *ctx =
-				&zs_ch_ctx->zuc.onk_ctx;
-			zs_ch_ctx->zuc.onk_ctx.w0.s.state_conf =
-				ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
-			zs_ch_ctx->zuc.onk_ctx.w0.s.cipher_type =
-				ROC_SE_PDCP_CHAIN_ALG_TYPE_ZUC;
-			memcpy(ctx->st.ci_key, key, key_len);
-			memcpy(ctx->st.ci_zuc_const, zuc_key128, 32);
-			zs_ch_ctx->zuc.onk_ctx.w0.s.ci_key_len = key_len;
-		} else {
-			ret = cpt_pdcp_key_type_set(zs_ctx, key_len);
-			if (ret)
-				return ret;
-			zs_ctx->zuc.otk_ctx.w0.s.alg_type =
-				ROC_SE_PDCP_ALG_TYPE_ZUC;
-			memcpy(ci_key, key, key_len);
-			if (key_len == 32) {
-				roc_se_zuc_bytes_swap(ci_key, key_len);
-				memcpy(zuc_const, zuc_key256, 16);
-			} else
-				memcpy(zuc_const, zuc_key128, 32);
-		}
-
+		key_type = cpt_pdcp_chain_key_type_get(key_len);
+		if (key_type < 0)
+			return key_type;
+		pctx->w0.s.ci_key_len = key_type;
+		pctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
+		pctx->w0.s.cipher_type = ROC_SE_PDCP_CHAIN_ALG_TYPE_ZUC;
+		memcpy(pctx->st.ci_key, key, key_len);
+		if (key_len == 32) {
+			roc_se_zuc_bytes_swap(pctx->st.ci_key, key_len);
+			memcpy(pctx->st.ci_zuc_const, zuc_key256, 16);
+		} else
+			memcpy(pctx->st.ci_zuc_const, zuc_key128, 32);
 		se_ctx->pdcp_ci_alg = ROC_SE_PDCP_ALG_TYPE_ZUC;
 		se_ctx->zsk_flags = 0;
 		goto success;
 	case ROC_SE_AES_CTR_EEA2:
-		if (chained_op == true) {
-			struct roc_se_onk_zuc_chain_ctx *ctx =
-				&zs_ch_ctx->zuc.onk_ctx;
-			int key_type;
-			key_type = cpt_pdcp_chain_key_type_get(key_len);
-			if (key_type < 0)
-				return key_type;
-			ctx->w0.s.ci_key_len = key_type;
-			ctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
-			ctx->w0.s.cipher_type = ROC_SE_PDCP_ALG_TYPE_AES_CTR;
-			memcpy(ctx->st.ci_key, key, key_len);
-		} else {
-			zs_ctx->zuc.otk_ctx.w0.s.key_len = ROC_SE_AES_128_BIT;
-			zs_ctx->zuc.otk_ctx.w0.s.alg_type =
-				ROC_SE_PDCP_ALG_TYPE_AES_CTR;
-			memcpy(ci_key, key, key_len);
-		}
+		key_type = cpt_pdcp_chain_key_type_get(key_len);
+		if (key_type < 0)
+			return key_type;
+		pctx->w0.s.ci_key_len = key_type;
+		pctx->w0.s.state_conf = ROC_SE_PDCP_CHAIN_CTX_KEY_IV;
+		pctx->w0.s.cipher_type = ROC_SE_PDCP_ALG_TYPE_AES_CTR;
+		memcpy(pctx->st.ci_key, key, key_len);
 		se_ctx->pdcp_ci_alg = ROC_SE_PDCP_ALG_TYPE_AES_CTR;
 		se_ctx->zsk_flags = 0;
 		goto success;
@@ -720,20 +583,6 @@ roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type, const ui
 	return 0;
 }
 
-void
-roc_se_ctx_swap(struct roc_se_ctx *se_ctx)
-{
-	struct roc_se_zuc_snow3g_ctx *zs_ctx = &se_ctx->se_ctx.zs_ctx;
-
-	if (roc_model_is_cn9k())
-		return;
-
-	if (se_ctx->fc_type == ROC_SE_PDCP_CHAIN)
-		return;
-
-	zs_ctx->zuc.otk_ctx.w0.u64 = htobe64(zs_ctx->zuc.otk_ctx.w0.u64);
-}
-
 void
 roc_se_ctx_init(struct roc_se_ctx *roc_se_ctx)
 {
@@ -745,15 +594,13 @@ roc_se_ctx_init(struct roc_se_ctx *roc_se_ctx)
 	case ROC_SE_FC_GEN:
 		ctx_len = sizeof(struct roc_se_context);
 		break;
+	case ROC_SE_PDCP_CHAIN:
 	case ROC_SE_PDCP:
-		ctx_len = sizeof(struct roc_se_zuc_snow3g_ctx);
+		ctx_len = sizeof(struct roc_se_pdcp_ctx);
 		break;
 	case ROC_SE_KASUMI:
 		ctx_len = sizeof(struct roc_se_kasumi_ctx);
 		break;
-	case ROC_SE_PDCP_CHAIN:
-		ctx_len = sizeof(struct roc_se_zuc_snow3g_chain_ctx);
-		break;
 	case ROC_SE_SM:
 		ctx_len = sizeof(struct roc_se_sm_context);
 		break;
diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index abb8c6a149..d62c40b310 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -246,7 +246,7 @@ struct roc_se_onk_zuc_ctx {
 	uint8_t zuc_const[32];
 };
 
-struct roc_se_onk_zuc_chain_ctx {
+struct roc_se_pdcp_ctx {
 	union {
 		uint64_t u64;
 		struct {
@@ -278,19 +278,6 @@ struct roc_se_onk_zuc_chain_ctx {
 	} st;
 };
 
-struct roc_se_zuc_snow3g_chain_ctx {
-	union {
-		struct roc_se_onk_zuc_chain_ctx onk_ctx;
-	} zuc;
-};
-
-struct roc_se_zuc_snow3g_ctx {
-	union {
-		struct roc_se_onk_zuc_ctx onk_ctx;
-		struct roc_se_otk_zuc_ctx otk_ctx;
-	} zuc;
-};
-
 struct roc_se_kasumi_ctx {
 	uint8_t reg_A[8];
 	uint8_t ci_key[16];
@@ -356,8 +343,7 @@ struct roc_se_ctx {
 		} w0;
 		union {
 			struct roc_se_context fctx;
-			struct roc_se_zuc_snow3g_ctx zs_ctx;
-			struct roc_se_zuc_snow3g_chain_ctx zs_ch_ctx;
+			struct roc_se_pdcp_ctx pctx;
 			struct roc_se_kasumi_ctx k_ctx;
 			struct roc_se_sm_context sm_ctx;
 		};
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 1aec7dea9f..8193e96a92 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -298,8 +298,13 @@ sg_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t
 	iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN);
 
 	if (pdcp_flag) {
-		if (likely(iv_len))
-			pdcp_iv_copy(iv_d, iv_s, pdcp_alg_type, pack_iv);
+		if (likely(iv_len)) {
+			if (zsk_flags == 0x1)
+				pdcp_iv_copy(iv_d + params->pdcp_iv_offset, iv_s, pdcp_alg_type,
+					     pack_iv);
+			else
+				pdcp_iv_copy(iv_d, iv_s, pdcp_alg_type, pack_iv);
+		}
 	} else {
 		if (likely(iv_len))
 			memcpy(iv_d, iv_s, iv_len);
@@ -375,7 +380,7 @@ sg_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t
 	i = 0;
 	scatter_comp = (struct roc_sglist_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-	if (zsk_flags == 0x1) {
+	if ((zsk_flags == 0x1) && (se_ctx->fc_type == ROC_SE_KASUMI)) {
 		/* IV in SLIST only for EEA3 & UEA2 or for F8 */
 		iv_len = 0;
 	}
@@ -492,8 +497,13 @@ sg2_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t
 
 	iv_d = ((uint8_t *)offset_vaddr + ROC_SE_OFF_CTRL_LEN);
 	if (pdcp_flag) {
-		if (likely(iv_len))
-			pdcp_iv_copy(iv_d, iv_s, pdcp_alg_type, pack_iv);
+		if (likely(iv_len)) {
+			if (zsk_flags == 0x1)
+				pdcp_iv_copy(iv_d + params->pdcp_iv_offset, iv_s, pdcp_alg_type,
+					     pack_iv);
+			else
+				pdcp_iv_copy(iv_d, iv_s, pdcp_alg_type, pack_iv);
+		}
 	} else {
 		if (likely(iv_len))
 			memcpy(iv_d, iv_s, iv_len);
@@ -567,7 +577,7 @@ sg2_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t
 	i = 0;
 	scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-	if (zsk_flags == 0x1) {
+	if ((zsk_flags == 0x1) && (se_ctx->fc_type == ROC_SE_KASUMI)) {
 		/* IV in SLIST only for EEA3 & UEA2 or for F8 */
 		iv_len = 0;
 	}
@@ -1617,28 +1627,34 @@ static __rte_always_inline int
 cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 		  struct roc_se_fc_params *params, struct cpt_inst_s *inst, const bool is_sg_ver2)
 {
+	/*
+	 * pdcp_iv_offset is auth_iv_offset wrt cipher_iv_offset which is
+	 * 16 with old microcode without ZUC 256 support
+	 * whereas it is 24 with new microcode which has ZUC 256.
+	 * So iv_len reserved is 32B for cipher and auth IVs with old microcode
+	 * and 48B with new microcode.
+	 */
+	const int iv_len = params->pdcp_iv_offset * 2;
+	struct roc_se_ctx *se_ctx = params->ctx;
 	uint32_t encr_data_len, auth_data_len;
+	const int flags = se_ctx->zsk_flags;
 	uint32_t encr_offset, auth_offset;
 	union cpt_inst_w4 cpt_inst_w4;
 	int32_t inputlen, outputlen;
-	struct roc_se_ctx *se_ctx;
 	uint64_t *offset_vaddr;
 	uint8_t pdcp_alg_type;
 	uint32_t mac_len = 0;
 	const uint8_t *iv_s;
 	uint8_t pack_iv = 0;
 	uint64_t offset_ctrl;
-	int flags, iv_len;
 	int ret;
 
-	se_ctx = params->ctx;
-	flags = se_ctx->zsk_flags;
 	mac_len = se_ctx->mac_len;
 
 	cpt_inst_w4.u64 = se_ctx->template_w4.u64;
-	cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_PDCP;
 
 	if (flags == 0x1) {
+		cpt_inst_w4.s.opcode_minor = 1;
 		iv_s = params->auth_iv_buf;
 
 		/*
@@ -1650,47 +1666,32 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 		pdcp_alg_type = se_ctx->pdcp_auth_alg;
 
 		if (pdcp_alg_type != ROC_SE_PDCP_ALG_TYPE_AES_CMAC) {
-			iv_len = params->auth_iv_len;
 
-			if (iv_len == 25) {
-				iv_len -= 2;
+			if (params->auth_iv_len == 25)
 				pack_iv = 1;
-			}
 
 			auth_offset = auth_offset / 8;
-
-			/* consider iv len */
-			auth_offset += iv_len;
-
-			inputlen =
-				auth_offset + (RTE_ALIGN(auth_data_len, 8) / 8);
-		} else {
-			iv_len = 16;
-
-			/* consider iv len */
-			auth_offset += iv_len;
-
-			inputlen = auth_offset + auth_data_len;
-
-			/* length should be in bits */
-			auth_data_len *= 8;
+			auth_data_len = RTE_ALIGN(auth_data_len, 8) / 8;
 		}
 
-		outputlen = mac_len;
+		/* consider iv len */
+		auth_offset += iv_len;
+
+		inputlen = auth_offset + auth_data_len;
+		outputlen = iv_len + mac_len;
 
 		offset_ctrl = rte_cpu_to_be_64((uint64_t)auth_offset);
+		cpt_inst_w4.s.param1 = auth_data_len;
 
 		encr_data_len = 0;
 		encr_offset = 0;
 	} else {
+		cpt_inst_w4.s.opcode_minor = 0;
 		iv_s = params->iv_buf;
-		iv_len = params->cipher_iv_len;
 		pdcp_alg_type = se_ctx->pdcp_ci_alg;
 
-		if (iv_len == 25) {
-			iv_len -= 2;
+		if (params->cipher_iv_len == 25)
 			pack_iv = 1;
-		}
 
 		/*
 		 * Microcode expects offsets in bytes
@@ -1700,6 +1701,7 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 
 		encr_offset = ROC_SE_ENCR_OFFSET(d_offs);
 		encr_offset = encr_offset / 8;
+
 		/* consider iv len */
 		encr_offset += iv_len;
 
@@ -1707,10 +1709,11 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 		outputlen = inputlen;
 
 		/* iv offset is 0 */
-		offset_ctrl = rte_cpu_to_be_64((uint64_t)encr_offset << 16);
+		offset_ctrl = rte_cpu_to_be_64((uint64_t)encr_offset);
 
 		auth_data_len = 0;
 		auth_offset = 0;
+		cpt_inst_w4.s.param1 = (RTE_ALIGN(encr_data_len, 8) / 8);
 	}
 
 	if (unlikely((encr_offset >> 16) || (auth_offset >> 8))) {
@@ -1720,12 +1723,6 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 		return -1;
 	}
 
-	/*
-	 * Lengths are expected in bits.
-	 */
-	cpt_inst_w4.s.param1 = encr_data_len;
-	cpt_inst_w4.s.param2 = auth_data_len;
-
 	/*
 	 * In cn9k, cn10k since we have a limitation of
 	 * IV & Offset control word not part of instruction
@@ -1738,6 +1735,7 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 
 		/* Use Direct mode */
 
+		cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_PDCP_CHAIN;
 		offset_vaddr = (uint64_t *)((uint8_t *)dm_vaddr - ROC_SE_OFF_CTRL_LEN - iv_len);
 
 		/* DPTR */
@@ -1753,6 +1751,7 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 		*offset_vaddr = offset_ctrl;
 		inst->w4.u64 = cpt_inst_w4.u64;
 	} else {
+		cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_PDCP_CHAIN | ROC_DMA_MODE_SG;
 		inst->w4.u64 = cpt_inst_w4.u64;
 		if (is_sg_ver2)
 			ret = sg2_inst_prep(params, inst, offset_ctrl, iv_s, iv_len, pack_iv,
@@ -2243,8 +2242,6 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 					 c_form->key.length)))
 		return -1;
 
-	if ((enc_type >= ROC_SE_ZUC_EEA3) && (enc_type <= ROC_SE_AES_CTR_EEA2))
-		roc_se_ctx_swap(&sess->roc_se_ctx);
 	return 0;
 }
 
@@ -2403,15 +2400,10 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 		sess->auth_iv_offset = a_form->iv.offset;
 		sess->auth_iv_length = a_form->iv.length;
 	}
-	if (unlikely(roc_se_auth_key_set(&sess->roc_se_ctx, auth_type,
-					 a_form->key.data, a_form->key.length,
-					 a_form->digest_length)))
+	if (unlikely(roc_se_auth_key_set(&sess->roc_se_ctx, auth_type, a_form->key.data,
+					 a_form->key.length, a_form->digest_length)))
 		return -1;
 
-	if ((auth_type >= ROC_SE_ZUC_EIA3) &&
-	    (auth_type <= ROC_SE_AES_CMAC_EIA2))
-		roc_se_ctx_swap(&sess->roc_se_ctx);
-
 	return 0;
 }
 
-- 
2.25.1


  parent reply	other threads:[~2023-12-21 12:38 UTC|newest]

Thread overview: 78+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-21 12:35 [PATCH 00/24] Fixes and improvements in crypto cnxk Anoob Joseph
2023-12-21 12:35 ` [PATCH 01/24] common/cnxk: fix memory leak Anoob Joseph
2023-12-21 12:35 ` [PATCH 02/24] crypto/cnxk: use common macro Anoob Joseph
2023-12-21 12:35 ` [PATCH 03/24] crypto/cnxk: fallback to SG if headroom is not available Anoob Joseph
2023-12-21 12:35 ` [PATCH 04/24] crypto/cnxk: return microcode completion code Anoob Joseph
2023-12-21 12:35 ` [PATCH 05/24] crypto/cnxk: fix ECDH pubkey verify in cn9k Anoob Joseph
2023-12-21 12:35 ` [PATCH 06/24] crypto/cnxk: enable digest gen for zero len input Anoob Joseph
2023-12-21 12:35 ` [PATCH 07/24] crypto/cnxk: enable Rx inject in security lookaside Anoob Joseph
2023-12-21 12:35 ` [PATCH 08/24] common/cnxk: add Rx inject configs Anoob Joseph
2023-12-21 12:35 ` [PATCH 09/24] crypto/cnxk: Rx inject config update Anoob Joseph
2023-12-21 12:35 ` [PATCH 10/24] crypto/cnxk: enable Rx inject for 103 Anoob Joseph
2023-12-21 12:35 ` [PATCH 11/24] crypto/cnxk: rename security caps as IPsec security caps Anoob Joseph
2023-12-21 12:35 ` [PATCH 12/24] common/cnxk: update opad-ipad gen to handle TLS Anoob Joseph
2023-12-21 12:35 ` [PATCH 13/24] common/cnxk: add TLS record contexts Anoob Joseph
2023-12-21 12:35 ` [PATCH 14/24] crypto/cnxk: separate IPsec from security common code Anoob Joseph
2023-12-21 12:35 ` [PATCH 15/24] crypto/cnxk: add TLS record session ops Anoob Joseph
2023-12-21 12:35 ` [PATCH 16/24] crypto/cnxk: add TLS record datapath handling Anoob Joseph
2023-12-21 12:35 ` [PATCH 17/24] crypto/cnxk: add TLS capability Anoob Joseph
2023-12-21 12:35 ` [PATCH 18/24] crypto/cnxk: add PMD APIs for raw submission to CPT Anoob Joseph
2023-12-21 12:35 ` Anoob Joseph [this message]
2023-12-21 12:35 ` [PATCH 20/24] crypto/cnxk: validate the combinations supported in TLS Anoob Joseph
2023-12-21 12:35 ` [PATCH 21/24] crypto/cnxk: use a single function for opad ipad Anoob Joseph
2023-12-21 12:35 ` [PATCH 22/24] crypto/cnxk: add support for TLS 1.3 Anoob Joseph
2023-12-21 12:35 ` [PATCH 23/24] crypto/cnxk: add TLS 1.3 capability Anoob Joseph
2023-12-21 12:35 ` [PATCH 24/24] crypto/cnxk: add CPT SG mode debug Anoob Joseph
2024-01-02  4:53 ` [PATCH v2 00/24] Fixes and improvements in crypto cnxk Anoob Joseph
2024-01-02  4:53   ` [PATCH v2 01/24] common/cnxk: fix memory leak Anoob Joseph
2024-01-02  4:53   ` [PATCH v2 02/24] crypto/cnxk: use common macro Anoob Joseph
2024-01-02  4:53   ` [PATCH v2 03/24] crypto/cnxk: fallback to SG if headroom is not available Anoob Joseph
2024-01-02  4:53   ` [PATCH v2 04/24] crypto/cnxk: return microcode completion code Anoob Joseph
2024-01-02  4:53   ` [PATCH v2 05/24] crypto/cnxk: fix ECDH pubkey verify in cn9k Anoob Joseph
2024-01-02  4:53   ` [PATCH v2 06/24] crypto/cnxk: enable digest gen for zero len input Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 07/24] crypto/cnxk: enable Rx inject in security lookaside Anoob Joseph
2024-01-16  8:07     ` Akhil Goyal
2024-01-02  4:54   ` [PATCH v2 08/24] common/cnxk: add Rx inject configs Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 09/24] crypto/cnxk: Rx inject config update Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 10/24] crypto/cnxk: enable Rx inject for 103 Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 11/24] crypto/cnxk: rename security caps as IPsec security caps Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 12/24] common/cnxk: update opad-ipad gen to handle TLS Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 13/24] common/cnxk: add TLS record contexts Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 14/24] crypto/cnxk: separate IPsec from security common code Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 15/24] crypto/cnxk: add TLS record session ops Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 16/24] crypto/cnxk: add TLS record datapath handling Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 17/24] crypto/cnxk: add TLS capability Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 18/24] crypto/cnxk: add PMD APIs for raw submission to CPT Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 19/24] crypto/cnxk: replace PDCP with PDCP chain opcode Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 20/24] crypto/cnxk: validate the combinations supported in TLS Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 21/24] crypto/cnxk: use a single function for opad ipad Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 22/24] crypto/cnxk: add support for TLS 1.3 Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 23/24] crypto/cnxk: add TLS 1.3 capability Anoob Joseph
2024-01-02  4:54   ` [PATCH v2 24/24] crypto/cnxk: add CPT SG mode debug Anoob Joseph
2024-01-16  8:43   ` [PATCH v2 00/24] Fixes and improvements in crypto cnxk Akhil Goyal
2024-01-17 10:30   ` [PATCH v3 " Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 01/24] common/cnxk: fix memory leak Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 02/24] crypto/cnxk: use common macro Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 03/24] crypto/cnxk: fallback to SG if headroom is not available Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 04/24] crypto/cnxk: return microcode completion code Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 05/24] crypto/cnxk: fix ECDH pubkey verify in cn9k Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 06/24] crypto/cnxk: enable digest gen for zero len input Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 07/24] crypto/cnxk: enable Rx inject in security lookaside Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 08/24] common/cnxk: add Rx inject configs Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 09/24] crypto/cnxk: Rx inject config update Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 10/24] crypto/cnxk: enable Rx inject for 103 Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 11/24] crypto/cnxk: rename security caps as IPsec security caps Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 12/24] common/cnxk: update opad-ipad gen to handle TLS Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 13/24] common/cnxk: add TLS record contexts Anoob Joseph
2024-01-17 10:30     ` [PATCH v3 14/24] crypto/cnxk: separate IPsec from security common code Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 15/24] crypto/cnxk: add TLS record session ops Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 16/24] crypto/cnxk: add TLS record datapath handling Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 17/24] crypto/cnxk: add TLS capability Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 18/24] crypto/cnxk: add PMD APIs for raw submission to CPT Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 19/24] crypto/cnxk: replace PDCP with PDCP chain opcode Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 20/24] crypto/cnxk: validate the combinations supported in TLS Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 21/24] crypto/cnxk: use a single function for opad ipad Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 22/24] crypto/cnxk: add support for TLS 1.3 Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 23/24] crypto/cnxk: add TLS 1.3 capability Anoob Joseph
2024-01-17 10:31     ` [PATCH v3 24/24] crypto/cnxk: add CPT SG mode debug Anoob Joseph
2024-01-18 17:06     ` [PATCH v3 00/24] Fixes and improvements in crypto cnxk Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231221123545.510-20-anoobj@marvell.com \
    --to=anoobj@marvell.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    --cc=jerinj@marvell.com \
    --cc=ktejasree@marvell.com \
    --cc=vvelumuri@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).