[PATCH 00/12] Add TLS features

[PATCH 00/12] Add TLS features

[Vidya Sagar Velumuri]

Add the following features
1. Multi segmented packet for TLS
2. Padding verification for TLS
3. SHA384 & ChaChaPoly for TLS

Aakash Sasidharan (1):
  crypto/cnxk: add support for oop processing in TLS

Anoob Joseph (1):
  crypto/cnxk: avoid branches in datapath

Vidya Sagar Velumuri (10):
  crypto/cnxk: multi seg support block ciphers in tls
  crypto/cnxk: enable sha384 capability for tls
  crypto/cnxk: add support for session update for TLS
  crypto/cnxk: move metadata to second cacheline
  crypto/cnxk: handle the extra len reported by microcode
  crypto/cnxk: add support for padding verification in TLS
  crypto/cnxk: update the context structure of tls
  crypto/cnxk: use proper offset for context calculation
  crypto/cnxk: enable chachapoly capability for tls
  crypto/cnxk: remove the response len handling for tls

 drivers/common/cnxk/roc_ie_ot_tls.h           |  18 ++-
 drivers/common/cnxk/roc_se.h                  |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     | 151 +++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c     |   3 +
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h     |  22 ++-
 drivers/crypto/cnxk/cn10k_ipsec.c             |   4 +-
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h      |   8 +-
 drivers/crypto/cnxk/cn10k_tls.c               | 137 ++++++++++++----
 drivers/crypto/cnxk/cn10k_tls.h               |   4 +
 drivers/crypto/cnxk/cn10k_tls_ops.h           |  73 +++++++--
 drivers/crypto/cnxk/cnxk_cryptodev.h          |   6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c |  52 ++++++
 12 files changed, 401 insertions(+), 78 deletions(-)

-- 
2.25.1

[PATCH 01/12] crypto/cnxk: multi seg support block ciphers in tls

[Vidya Sagar Velumuri]

Add support for Scatter-Gather mode for block ciphers in TLS-1.2

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  3 +-
 drivers/crypto/cnxk/cn10k_tls.c           |  5 +++
 drivers/crypto/cnxk/cn10k_tls_ops.h       | 48 ++++++++++++++++++-----
 3 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 1efed3c4cf..881a0276cc 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -33,7 +33,8 @@ struct cn10k_sec_session {
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
-			uint8_t rvsd : 7;
+			uint8_t tail_fetch_len : 2;
+			uint8_t rvsd : 5;
 			bool is_write;
 		} tls;
 	};
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 879e0ea978..b46904d3f8 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -639,6 +639,11 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
 	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
+		sec_sess->tls.tail_fetch_len = 0;
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls.tail_fetch_len = 1;
+		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
+			sec_sess->tls.tail_fetch_len = 2;
 	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 7c8ac14ab2..6fd74927ee 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -234,7 +234,10 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
+		uint16_t *sg_hdr;
 		uint32_t dlen;
 		int i;
 
@@ -244,16 +247,25 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 			return -ENOMEM;
 		}
 
-		in_buffer = (uint8_t *)m_data;
-		((uint16_t *)in_buffer)[0] = 0;
-		((uint16_t *)in_buffer)[1] = 0;
-
 		/* Input Gather List */
+		in_buffer = (uint8_t *)m_data;
+		sg_hdr = (uint16_t *)(in_buffer + 32);
+		gather_comp = (struct roc_sglist_comp *)((uint8_t *)sg_hdr + 8);
 		i = 0;
-		gather_comp = (struct roc_sglist_comp *)((uint8_t *)in_buffer + 8);
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
 
+		sg_hdr[0] = 0;
+		sg_hdr[1] = 0;
 		i = fill_sg_comp_from_pkt(gather_comp, i, m_src);
-		((uint16_t *)in_buffer)[2] = rte_cpu_to_be_16(i);
+		sg_hdr[2] = rte_cpu_to_be_16(i);
 
 		g_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -261,7 +273,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		scatter_comp = (struct roc_sglist_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
 		i = fill_sg_comp_from_pkt(scatter_comp, i, m_src);
-		((uint16_t *)in_buffer)[3] = rte_cpu_to_be_16(i);
+		sg_hdr[3] = rte_cpu_to_be_16(i);
 
 		s_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -273,10 +285,12 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = dlen;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
+		w4.s.param1 = pkt_len;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
 		uint32_t g_size_bytes;
@@ -292,7 +306,21 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		/* Input Gather List */
 		i = 0;
 
-		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)in_buffer);
+		/* First 32 bytes in m_data are rsvd for tail fetch.
+		 * SG list start from 32 byte onwards.
+		 */
+		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)(in_buffer + 32));
+
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg2_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
+
 		i = fill_sg2_comp_from_pkt(gather_comp, i, m_src);
 
 		cpt_inst_w5.s.gather_sz = ((i + 2) / 3);
@@ -311,7 +339,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w5.u64 = cpt_inst_w5.u64;
 		inst->w6.u64 = cpt_inst_w6.u64;
 		w4.u64 = sess->inst.w4;
-		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
+		w4.s.dlen = pkt_len + tail_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
 		inst->w4.u64 = w4.u64;
-- 
2.25.1

[PATCH 02/12] crypto/cnxk: enable sha384 capability for tls

[Vidya Sagar Velumuri]

Enable SHA384-HMAC support for TLS & DTLS 1.2.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_tls.c               | 16 +++++++++++---
 drivers/crypto/cnxk/cnxk_cryptodev.h          |  4 ++--
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 21 +++++++++++++++++++
 3 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index b46904d3f8..3e306c248b 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -28,7 +28,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 	switch (c_algo) {
 	case RTE_CRYPTO_CIPHER_NULL:
 		if ((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) || (a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
@@ -37,7 +38,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
 		if ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	default:
@@ -69,7 +71,8 @@ tls_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 
 	if (((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) && (keylen == 16)) ||
 	    ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) && (keylen == 20)) ||
-	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)))
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)) ||
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC) && (keylen == 48)))
 		return 0;
 
 	return -EINVAL;
@@ -251,6 +254,9 @@ tls_write_rlens_get(struct rte_security_tls_record_xform *tls_xfrm,
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		mac_len = 32;
 		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		mac_len = 32;
+		break;
 	default:
 		mac_len = 0;
 		break;
@@ -397,6 +403,8 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 	else
 		return -EINVAL;
 
@@ -538,6 +546,8 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 		else
 			return -EINVAL;
 
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 45d01b94b3..dccd563872 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -14,8 +14,8 @@
 #define CNXK_CPT_MAX_CAPS		 55
 #define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS	 16
 #define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 2
-#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 6
-#define CNXK_SEC_MAX_CAPS		 17
+#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 7
+#define CNXK_SEC_MAX_CAPS		 18
 
 /**
  * Device private data
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index db50de5d58..5bafa226e0 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1639,6 +1639,27 @@ static const struct rte_cryptodev_capabilities sec_tls12_caps_sha1_sha2[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+
 };
 
 static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
-- 
2.25.1

[PATCH 03/12] crypto/cnxk: add support for session update for TLS

[Vidya Sagar Velumuri]

Add session update support for TLS

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c |  3 +++
 drivers/crypto/cnxk/cn10k_tls.c           | 17 +++++++++++++++++
 drivers/crypto/cnxk/cn10k_tls.h           |  4 ++++
 3 files changed, 24 insertions(+)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
index cb013986c4..775104b765 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
@@ -116,6 +116,9 @@ cn10k_sec_session_update(void *dev, struct rte_security_session *sec_sess,
 	if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		return cn10k_ipsec_session_update(vf, qp, cn10k_sec_sess, conf);
 
+	if (conf->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD)
+		return cn10k_tls_record_session_update(vf, qp, cn10k_sec_sess, conf);
+
 	return -ENOTSUP;
 }
 
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 3e306c248b..a15c95f74c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -769,6 +769,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	return ret;
 }
 
+int
+cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				struct cn10k_sec_session *sess,
+				struct rte_security_session_conf *conf)
+{
+	struct roc_cpt *roc_cpt;
+	int ret;
+
+	if (conf->tls_record.type == RTE_SECURITY_TLS_SESS_TYPE_READ)
+		return -ENOTSUP;
+
+	roc_cpt = &vf->cpt;
+	ret = cn10k_tls_write_sa_create(roc_cpt, &qp->lf, &conf->tls_record, conf->crypto_xform,
+					(struct cn10k_sec_session *)sess);
+	return ret;
+}
+
 int
 cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				struct rte_security_tls_record_xform *tls_xfrm,
diff --git a/drivers/crypto/cnxk/cn10k_tls.h b/drivers/crypto/cnxk/cn10k_tls.h
index 19772655da..9635bdd4c9 100644
--- a/drivers/crypto/cnxk/cn10k_tls.h
+++ b/drivers/crypto/cnxk/cn10k_tls.h
@@ -25,6 +25,10 @@ struct cn10k_tls_record {
 	};
 } __rte_aligned(ROC_ALIGN);
 
+int cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				    struct cn10k_sec_session *sess,
+				    struct rte_security_session_conf *conf);
+
 int cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				    struct rte_security_tls_record_xform *tls_xfrm,
 				    struct rte_crypto_sym_xform *crypto_xfrm,
-- 
2.25.1

[PATCH 04/12] crypto/cnxk: avoid branches in datapath

[Vidya Sagar Velumuri]

From: Anoob Joseph <anoobj@marvell.com>

Avoid branches in datapath.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
index a30b8e413d..4e95fbb6eb 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
@@ -73,12 +73,10 @@ process_outb_sa(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k_s
 	roc_cpt_lf_ctx_reload(lf, &sess->sa.out_sa);
 	rte_delay_ms(1);
 #endif
+	const uint64_t ol_flags = m_src->ol_flags;
 
-	if (m_src->ol_flags & RTE_MBUF_F_TX_IP_CKSUM)
-		inst_w4_u64 &= ~BIT_ULL(33);
-
-	if (m_src->ol_flags & RTE_MBUF_F_TX_L4_MASK)
-		inst_w4_u64 &= ~BIT_ULL(32);
+	inst_w4_u64 &= ~(((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_IP_CKSUM)) << 33) |
+			 ((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_L4_MASK)) << 32));
 
 	if (likely(m_src->next == NULL)) {
 		if (unlikely(rte_pktmbuf_tailroom(m_src) < sess->max_extended_len)) {
-- 
2.25.1

[PATCH 05/12] crypto/cnxk: move metadata to second cacheline

[Vidya Sagar Velumuri]

In security session, move PMD metadata to second cacheline. Also
optimize the fields to minimize the memory usage.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h | 10 ++++++----
 drivers/crypto/cnxk/cn10k_ipsec.c         |  4 ++--
 drivers/crypto/cnxk/cn10k_tls.c           |  2 +-
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 881a0276cc..ec216b1187 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -5,6 +5,7 @@
 #ifndef __CN10K_CRYPTODEV_SEC_H__
 #define __CN10K_CRYPTODEV_SEC_H__
 
+#include <rte_common.h>
 #include <rte_security.h>
 
 #include "roc_constants.h"
@@ -19,23 +20,24 @@ struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
 	/** PMD private space */
+	RTE_MARKER cacheline1 __rte_cache_min_aligned;
 
-	enum rte_security_session_protocol proto;
 	/** Pre-populated CPT inst words */
 	struct cnxk_cpt_inst_tmpl inst;
 	uint16_t max_extended_len;
 	uint16_t iv_offset;
+	uint8_t proto;
 	uint8_t iv_length;
 	union {
 		struct {
 			uint8_t ip_csum;
-			bool is_outbound;
+			uint8_t is_outbound : 1;
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
 			uint8_t tail_fetch_len : 2;
-			uint8_t rvsd : 5;
-			bool is_write;
+			uint8_t is_write : 1;
+			uint8_t rvsd : 4;
 		} tls;
 	};
 	/** Queue pair */
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 74d6cd70d1..ef5f0ff4aa 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -76,7 +76,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 #endif
 
-	sec_sess->ipsec.is_outbound = true;
+	sec_sess->ipsec.is_outbound = 1;
 
 	/* Get Rlen calculation data */
 	ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
@@ -177,7 +177,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	sec_sess->ipsec.is_outbound = false;
+	sec_sess->ipsec.is_outbound = 0;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, in_sa);
 
 	/* Save index/SPI in cookie, specific required for Rx Inject */
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index a15c95f74c..f501fe67ac 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -727,7 +727,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = true;
+	sec_sess->tls.is_write = 1;
 	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
-- 
2.25.1

[PATCH 06/12] crypto/cnxk: handle the extra len reported by microcode

[Vidya Sagar Velumuri]

Microcode reports one extra byte in response len specifically for
AES-GCM in TLS-1.3. Handle the extra byte in PMD by decreasing
the length by 1 byte.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 9 ++++++---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h | 3 ++-
 drivers/crypto/cnxk/cn10k_tls.c           | 4 ++++
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 8991150c05..f385550f68 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -989,12 +989,15 @@ cn10k_cpt_ipsec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *
 }
 
 static inline void
-cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res,
+			   struct cn10k_sec_session *sess)
 {
 	struct rte_mbuf *mbuf = cop->sym->m_src;
-	const uint16_t m_len = res->rlen;
+	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
+		if ((sess->tls.tls_ver == RTE_SECURITY_VERSION_TLS_1_3) && (!sess->tls.is_write))
+			m_len -= 1;
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
@@ -1015,7 +1018,7 @@ cn10k_cpt_sec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *re
 	if (sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		cn10k_cpt_ipsec_post_process(cop, res);
 	else if (sess->proto == RTE_SECURITY_PROTOCOL_TLS_RECORD)
-		cn10k_cpt_tls_post_process(cop, res);
+		cn10k_cpt_tls_post_process(cop, res, sess);
 }
 
 static inline void
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index ec216b1187..7e175119c3 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -37,7 +37,8 @@ struct cn10k_sec_session {
 			uint8_t enable_padding : 1;
 			uint8_t tail_fetch_len : 2;
 			uint8_t is_write : 1;
-			uint8_t rvsd : 4;
+			uint8_t tls_ver : 2;
+			uint8_t rvsd : 2;
 		} tls;
 	};
 	/** Queue pair */
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index f501fe67ac..fe4da8d2a0 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -610,6 +610,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			 struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_read_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *read_sa;
@@ -659,6 +660,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
 	}
 
+	sec_sess->tls.tls_ver = tls_ver;
 	sec_sess->inst.w4 = inst_w4.u64;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, read_sa);
 
@@ -694,6 +696,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			  struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_write_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *write_sa;
@@ -727,6 +730,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
+	sec_sess->tls.tls_ver = tls_ver;
 	sec_sess->tls.is_write = 1;
 	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
-- 
2.25.1

[PATCH 07/12] crypto/cnxk: add support for padding verification in TLS

[Vidya Sagar Velumuri]

For TLS-1.2:
- Verify that the padding bytes are having pad len as the
  value.
- Report error in case of discrepancies.
- Trim the padding and MAC from the tls-1.2 records

For TLS-1.3:
- Find the content type as the last non-zero byte in the record.
- Return the content type as the inner content type.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_se.h              |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 146 +++++++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  18 +--
 drivers/crypto/cnxk/cn10k_tls.c           |  65 ++++++----
 drivers/crypto/cnxk/cn10k_tls_ops.h       |  19 +--
 5 files changed, 210 insertions(+), 39 deletions(-)

diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index ddcf6bdb44..50741a0b81 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -169,6 +169,7 @@ typedef enum {
 	ROC_SE_ERR_SSL_CIPHER_UNSUPPORTED = 0x84,
 	ROC_SE_ERR_SSL_MAC_UNSUPPORTED = 0x85,
 	ROC_SE_ERR_SSL_VERSION_UNSUPPORTED = 0x86,
+	ROC_SE_ERR_SSL_POST_PROCESS = 0x88,
 	ROC_SE_ERR_SSL_MAC_MISMATCH = 0x89,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ_OUT_OF_WINDOW = 0xC1,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ = 0xC9,
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index f385550f68..5f0cf1b1f8 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -207,7 +207,7 @@ cpt_sec_tls_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 		      struct cn10k_sec_session *sess, struct cpt_inst_s *inst,
 		      struct cpt_inflight_req *infl_req, const bool is_sg_ver2)
 {
-	if (sess->tls.is_write)
+	if (sess->tls_opt.is_write)
 		return process_tls_write(&qp->lf, op, sess, &qp->meta_info, infl_req, inst,
 					 is_sg_ver2);
 	else
@@ -988,24 +988,164 @@ cn10k_cpt_ipsec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *
 	mbuf->pkt_len = m_len;
 }
 
+static inline void
+cn10k_cpt_tls12_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res, uint8_t mac_len)
+{
+	struct rte_mbuf *mac_prev_seg = NULL, *mac_seg = NULL, *seg;
+	uint32_t pad_len, trim_len, mac_offset, pad_offset;
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	uint16_t m_len = res->rlen;
+	uint32_t i, nb_segs = 1;
+	uint8_t pad_res = 0;
+	uint8_t pad_val;
+
+	pad_val = ((res->spi >> 16) & 0xff);
+	pad_len = pad_val + 1;
+	trim_len = pad_len + mac_len;
+	mac_offset = m_len - trim_len;
+	pad_offset = mac_offset + mac_len;
+
+	/* Handle Direct Mode */
+	if (mbuf->next == NULL) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(mbuf, uint8_t *, pad_offset);
+
+		for (i = 0; i < pad_len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		if (pad_res) {
+			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			cop->aux_flags = res->uc_compcode;
+		}
+		mbuf->pkt_len = m_len - trim_len;
+		mbuf->data_len = m_len - trim_len;
+
+		return;
+	}
+
+	/* Handle SG mode */
+	seg = mbuf;
+	while (mac_offset >= seg->data_len) {
+		mac_offset -= seg->data_len;
+		mac_prev_seg = seg;
+		seg = seg->next;
+		nb_segs++;
+	}
+	mac_seg = seg;
+
+	pad_offset = mac_offset + mac_len;
+	while (pad_offset >= seg->data_len) {
+		pad_offset -= seg->data_len;
+		seg = seg->next;
+	}
+
+	while (pad_len != 0) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(seg, uint8_t *, pad_offset);
+		uint8_t len = RTE_MIN(seg->data_len - pad_offset, pad_len);
+
+		for (i = 0; i < len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		pad_offset = 0;
+		pad_len -= len;
+		seg = seg->next;
+	}
+
+	if (pad_res) {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		cop->aux_flags = res->uc_compcode;
+	}
+
+	mbuf->pkt_len = m_len - trim_len;
+	if (mac_offset) {
+		rte_pktmbuf_free(mac_seg->next);
+		mac_seg->next = NULL;
+		mac_seg->data_len = mac_offset;
+		mbuf->nb_segs = nb_segs;
+	} else {
+		rte_pktmbuf_free(mac_seg);
+		mac_prev_seg->next = NULL;
+		mbuf->nb_segs = nb_segs - 1;
+	}
+}
+
+/* TLS-1.3:
+ * Read from last until a non-zero value is encountered.
+ * Return the non zero value as the content type.
+ * Remove the MAC and content type and padding bytes.
+ */
+static inline void
+cn10k_cpt_tls13_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+{
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	struct rte_mbuf *seg = mbuf;
+	uint16_t m_len = res->rlen;
+	uint8_t *ptr, type = 0x0;
+	int len, i, nb_segs = 1;
+
+	while (m_len && !type) {
+		len = m_len;
+		seg = mbuf;
+
+		/* get the last seg */
+		while (len > seg->data_len) {
+			len -= seg->data_len;
+			seg = seg->next;
+			nb_segs++;
+		}
+
+		/* walkthrough from last until a non zero value is found */
+		ptr = rte_pktmbuf_mtod(seg, uint8_t *);
+		i = len;
+		while (i && (ptr[--i] == 0))
+			;
+
+		type = ptr[i];
+		m_len -= len;
+	}
+
+	if (type) {
+		cop->param1.tls_record.content_type = type;
+		mbuf->pkt_len = m_len + i;
+		mbuf->nb_segs = nb_segs;
+		seg->data_len = i;
+		rte_pktmbuf_free(seg->next);
+		seg->next = NULL;
+	} else {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	}
+}
+
 static inline void
 cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res,
 			   struct cn10k_sec_session *sess)
 {
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
 	struct rte_mbuf *mbuf = cop->sym->m_src;
 	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
-		if ((sess->tls.tls_ver == RTE_SECURITY_VERSION_TLS_1_3) && (!sess->tls.is_write))
+		if ((tls_opt.tls_ver == RTE_SECURITY_VERSION_TLS_1_3) && (!tls_opt.is_write))
 			m_len -= 1;
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
-	} else {
+		cop->param1.tls_record.content_type = (res->spi >> 24) & 0xff;
+		return;
+	}
+
+	/* Any error other than post process */
+	if (res->uc_compcode != ROC_SE_ERR_SSL_POST_PROCESS) {
 		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
 		cop->aux_flags = res->uc_compcode;
 		plt_err("crypto op failed with UC compcode: 0x%x", res->uc_compcode);
+		return;
 	}
+
+	/* Extra padding scenario: Verify padding. Remove padding and MAC */
+	if (tls_opt.tls_ver != RTE_SECURITY_VERSION_TLS_1_3)
+		cn10k_cpt_tls12_trim_mac(cop, res, (uint8_t)tls_opt.mac_len);
+	else
+		cn10k_cpt_tls13_trim_mac(cop, res);
 }
 
 static inline void
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 7e175119c3..4daf32cc78 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -16,6 +16,15 @@
 
 #define SEC_SESS_SIZE sizeof(struct rte_security_session)
 
+struct cn10k_tls_opt {
+	uint16_t pad_shift : 3;
+	uint16_t enable_padding : 1;
+	uint16_t tail_fetch_len : 2;
+	uint16_t tls_ver : 2;
+	uint16_t is_write : 1;
+	uint16_t mac_len : 7;
+};
+
 struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
@@ -29,17 +38,12 @@ struct cn10k_sec_session {
 	uint8_t proto;
 	uint8_t iv_length;
 	union {
+		uint16_t u16;
+		struct cn10k_tls_opt tls_opt;
 		struct {
 			uint8_t ip_csum;
 			uint8_t is_outbound : 1;
 		} ipsec;
-		struct {
-			uint8_t enable_padding : 1;
-			uint8_t tail_fetch_len : 2;
-			uint8_t is_write : 1;
-			uint8_t tls_ver : 2;
-			uint8_t rvsd : 2;
-		} tls;
 	};
 	/** Queue pair */
 	struct cnxk_cpt_qp *qp;
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index fe4da8d2a0..dea4e501f3 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -116,8 +116,14 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 	    (tls_xform->type != RTE_SECURITY_TLS_SESS_TYPE_WRITE))
 		return -EINVAL;
 
-	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)
+	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		/* optional padding is not allowed in TLS-1.2 for AEAD */
+		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
+		    (tls_xform->options.extra_padding_enable == 1))
+			return -EINVAL;
+
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
+	}
 
 	/* TLS-1.3 only support AEAD.
 	 * Control should not reach here for TLS-1.3
@@ -318,7 +324,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 static int
 tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		 struct rte_security_tls_record_xform *tls_xfrm,
-		 struct rte_crypto_sym_xform *crypto_xfrm)
+		 struct rte_crypto_sym_xform *crypto_xfrm, struct cn10k_tls_opt *tls_opt)
 {
 	enum rte_security_tls_version tls_ver = tls_xfrm->ver;
 	struct rte_crypto_sym_xform *auth_xfrm, *cipher_xfrm;
@@ -397,16 +403,26 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		memcpy(cipher_key, key, length);
 	}
 
-	if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_MD5_HMAC)
+	switch (auth_xfrm->auth.algo) {
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_MD5;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC)
+		tls_opt->mac_len = 0;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
+		tls_opt->mac_len = 20;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		tls_opt->mac_len = 32;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
-	else
+		tls_opt->mac_len = 48;
+		break;
+	default:
 		return -EINVAL;
+	}
 
 	roc_se_hmac_opad_ipad_gen(read_sa->w2.s.mac_select, auth_xfrm->auth.key.data,
 				  auth_xfrm->auth.key.length, read_sa->tls_12.opad_ipad,
@@ -627,7 +643,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 
 	/* Translate security parameters to SA */
-	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm);
+	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm, &sec_sess->tls_opt);
 	if (ret) {
 		plt_err("Could not fill read session parameters");
 		goto sa_dptr_free;
@@ -647,20 +663,20 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
-		sec_sess->tls.tail_fetch_len = 0;
+		sec_sess->tls_opt.tail_fetch_len = 0;
 		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
-			sec_sess->tls.tail_fetch_len = 1;
+			sec_sess->tls_opt.tail_fetch_len = 1;
 		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
-			sec_sess->tls.tail_fetch_len = 2;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+			sec_sess->tls_opt.tail_fetch_len = 2;
+	} else if (tls_xfrm->ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
 	}
 
-	sec_sess->tls.tls_ver = tls_ver;
+	sec_sess->tls_opt.tls_ver = tls_ver;
 	sec_sess->inst.w4 = inst_w4.u64;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, read_sa);
 
@@ -730,18 +746,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.tls_ver = tls_ver;
-	sec_sess->tls.is_write = 1;
-	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
+	sec_sess->tls_opt.is_write = 1;
+	sec_sess->tls_opt.pad_shift = 0;
+	sec_sess->tls_opt.tls_ver = tls_ver;
+	sec_sess->tls_opt.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls_opt.pad_shift = 3;
+		else
+			sec_sess->tls_opt.pad_shift = 4;
+	} else if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
 	}
@@ -830,7 +851,7 @@ cn10k_sec_tls_session_destroy(struct cnxk_cpt_qp *qp, struct cn10k_sec_session *
 
 	ret = -1;
 
-	if (sess->tls.is_write) {
+	if (sess->tls_opt.is_write) {
 		sa_dptr = plt_zmalloc(sizeof(struct roc_ie_ot_tls_write_sa), 8);
 		if (sa_dptr != NULL) {
 			tls_write_sa_init(sa_dptr);
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 6fd74927ee..64f94a4e8b 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -21,16 +21,21 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		  struct cpt_qp_meta_info *m_info, struct cpt_inflight_req *infl_req,
 		  struct cpt_inst_s *inst, const bool is_sg_ver2)
 {
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 #ifdef LA_IPSEC_DEBUG
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
 	void *m_data = NULL;
 	uint8_t *in_buffer;
 
+	pad_bytes = (cop->aux_flags * 8) > 0xff ? 0xff : (cop->aux_flags * 8);
+	pad_len = (pad_bytes >> tls_opt.pad_shift) * tls_opt.enable_padding;
+
 #ifdef LA_IPSEC_DEBUG
 	write_sa = &sess->tls_rec.write_sa;
 	if (write_sa->w2.s.iv_at_cptr == ROC_IE_OT_TLS_IV_SRC_FROM_SA) {
@@ -94,7 +99,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.dlen = m_src->data_len;
 
 		w4.s.param2 = cop->param1.tls_record.content_type;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
@@ -148,10 +153,10 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
@@ -198,11 +203,11 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	}
 
@@ -234,7 +239,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
 		uint16_t *sg_hdr;
@@ -289,7 +294,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
-- 
2.25.1

[PATCH 08/12] crypto/cnxk: add support for oop processing in TLS

[Vidya Sagar Velumuri]

From: Aakash Sasidharan <asasidharan@marvell.com>

Add support for out-of-place processing in TLS.

Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
---
 drivers/crypto/cnxk/cn10k_tls_ops.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 64f94a4e8b..e8e2547f68 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -27,6 +27,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
@@ -191,7 +192,9 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
@@ -221,6 +224,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 {
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	union cpt_inst_w4 w4;
 	uint8_t *in_buffer;
 	void *m_data;
@@ -334,7 +338,9 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
-- 
2.25.1

[PATCH 09/12] crypto/cnxk: update the context structure of tls

[Vidya Sagar Velumuri]

Keep the record context for TLS-1.3 in sync with microcode
structure.

Report error if optional padding is enabled for AEAD
case in both TLS-1.2 and DTLS-1.2.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h | 17 ++++++++++++-----
 drivers/crypto/cnxk/cn10k_tls.c     |  4 ++--
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index b85d075e86..44850f7060 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -67,6 +67,16 @@ struct roc_ie_ot_tls_read_ctx_update_reg {
 	uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ];
 };
 
+struct roc_ie_ot_tls_1_3_read_ctx_update_reg {
+	uint64_t rsvd0;
+	uint64_t ar_valid_mask;
+	uint64_t hard_life;
+	uint64_t soft_life;
+	uint64_t mib_octs;
+	uint64_t mib_pkts;
+	uint64_t rsvd1;
+};
+
 union roc_ie_ot_tls_param2 {
 	uint16_t u16;
 	struct {
@@ -136,11 +146,8 @@ struct roc_ie_ot_tls_read_sa {
 
 	union {
 		struct {
-			/* Word10 */
-			uint64_t w10_rsvd6;
-
-			/* Word11 - Word25 */
-			struct roc_ie_ot_tls_read_ctx_update_reg ctx;
+			/* Word10 - Word16 */
+			struct roc_ie_ot_tls_1_3_read_ctx_update_reg ctx;
 		} tls_13;
 
 		struct {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index dea4e501f3..fbf45c464a 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -118,8 +118,8 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 
 	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		/* optional padding is not allowed in TLS-1.2 for AEAD */
-		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
-		    (tls_xform->options.extra_padding_enable == 1))
+		if ((tls_xform->options.extra_padding_enable == 1) &&
+		    (tls_xform->ver != RTE_SECURITY_VERSION_TLS_1_3))
 			return -EINVAL;
 
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
-- 
2.25.1

[PATCH 10/12] crypto/cnxk: use proper offset for context calculation

[Vidya Sagar Velumuri]

Use the proper offset for calculating the context size in case of TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index fbf45c464a..4b558ef365 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -309,7 +309,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 	/* Variable based on Anti-replay Window */
 	if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_13.ctx) +
-		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
+		       sizeof(struct roc_ie_ot_tls_1_3_read_ctx_update_reg);
 	} else {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_12.ctx) +
 		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
-- 
2.25.1

[PATCH 11/12] crypto/cnxk: enable chachapoly capability for tls

[Vidya Sagar Velumuri]

Enable CHACHA20-POLY1305 support for TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h           |  1 +
 drivers/crypto/cnxk/cn10k_tls.c               | 40 ++++++++++++-------
 drivers/crypto/cnxk/cnxk_cryptodev.h          |  4 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 31 ++++++++++++++
 4 files changed, 60 insertions(+), 16 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index 44850f7060..2d6a290d9b 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -39,6 +39,7 @@ enum roc_ie_ot_tls_cipher_type {
 	ROC_IE_OT_TLS_CIPHER_AES_CBC = 3,
 	ROC_IE_OT_TLS_CIPHER_AES_GCM = 7,
 	ROC_IE_OT_TLS_CIPHER_AES_CCM = 10,
+	ROC_IE_OT_TLS_CIPHER_CHACHA_POLY = 9,
 };
 
 enum roc_ie_ot_tls_ver {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 4b558ef365..7b73a58d2a 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -97,6 +97,9 @@ tls_xform_aead_verify(struct rte_security_tls_record_xform *tls_xform,
 			return 0;
 	}
 
+	if ((crypto_xform->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) && (keylen == 32))
+		return 0;
+
 	return -EINVAL;
 }
 
@@ -351,15 +354,20 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 	cipher_key = read_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -500,15 +508,19 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 	cipher_key = write_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index dccd563872..fffc4a47b4 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -13,9 +13,9 @@
 
 #define CNXK_CPT_MAX_CAPS		 55
 #define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS	 16
-#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 2
+#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 3
 #define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 7
-#define CNXK_SEC_MAX_CAPS		 18
+#define CNXK_SEC_MAX_CAPS		 19
 
 /**
  * Device private data
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 5bafa226e0..0d5d64b6e7 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1693,6 +1693,37 @@ static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* CHACHA POLY */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+				.block_size = 64,
+				.key_size = {
+					.min = 32,
+					.max = 32,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.aad_size = {
+					.min = 5,
+					.max = 5,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
 };
 
 
-- 
2.25.1

[PATCH 12/12] crypto/cnxk: remove the response len handling for tls

[Vidya Sagar Velumuri]

Microcode is updating the rlen properly for TLS-1.3
Remove the rlen handling for the same in PMD.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 5f0cf1b1f8..720b756001 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -1124,8 +1124,6 @@ cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *re
 	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
-		if ((tls_opt.tls_ver == RTE_SECURITY_VERSION_TLS_1_3) && (!tls_opt.is_write))
-			m_len -= 1;
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
-- 
2.25.1

RE: [PATCH 00/12] Add TLS features

[Anoob Joseph]

> Subject: [PATCH 00/12] Add TLS features
> 
> Add the following features
> 1. Multi segmented packet for TLS
> 2. Padding verification for TLS
> 3. SHA384 & ChaChaPoly for TLS
> 
> Aakash Sasidharan (1):
>   crypto/cnxk: add support for oop processing in TLS
> 
> Anoob Joseph (1):
>   crypto/cnxk: avoid branches in datapath
> 
> Vidya Sagar Velumuri (10):
>   crypto/cnxk: multi seg support block ciphers in tls
>   crypto/cnxk: enable sha384 capability for tls
>   crypto/cnxk: add support for session update for TLS
>   crypto/cnxk: move metadata to second cacheline
>   crypto/cnxk: handle the extra len reported by microcode
>   crypto/cnxk: add support for padding verification in TLS
>   crypto/cnxk: update the context structure of tls
>   crypto/cnxk: use proper offset for context calculation
>   crypto/cnxk: enable chachapoly capability for tls
>   crypto/cnxk: remove the response len handling for tls
> 
>  drivers/common/cnxk/roc_ie_ot_tls.h           |  18 ++-
>  drivers/common/cnxk/roc_se.h                  |   1 +
>  drivers/crypto/cnxk/cn10k_cryptodev_ops.c     | 151 +++++++++++++++++-
>  drivers/crypto/cnxk/cn10k_cryptodev_sec.c     |   3 +
>  drivers/crypto/cnxk/cn10k_cryptodev_sec.h     |  22 ++-
>  drivers/crypto/cnxk/cn10k_ipsec.c             |   4 +-
>  drivers/crypto/cnxk/cn10k_ipsec_la_ops.h      |   8 +-
>  drivers/crypto/cnxk/cn10k_tls.c               | 137 ++++++++++++----
>  drivers/crypto/cnxk/cn10k_tls.h               |   4 +
>  drivers/crypto/cnxk/cn10k_tls_ops.h           |  73 +++++++--
>  drivers/crypto/cnxk/cnxk_cryptodev.h          |   6 +-
>  .../crypto/cnxk/cnxk_cryptodev_capabilities.c |  52 ++++++
>  12 files changed, 401 insertions(+), 78 deletions(-)
> 
> --
> 2.25.1

Series Acked-by: Anoob Joseph <anoobj@marvell.com>

[PATCH v2 0/8] crypto/cnxk: fixes and minor updates for TLS

[Vidya Sagar Velumuri]

v2:
* squashed the related patches

Aakash Sasidharan (1):
  crypto/cnxk: add support for oop processing in TLS

Anoob Joseph (1):
  crypto/cnxk: avoid branches in datapath

Vidya Sagar Velumuri (6):
  crypto/cnxk: multi seg support block ciphers in tls
  crypto/cnxk: enable sha384 and chachapoly for tls
  crypto/cnxk: add support for session update for TLS
  crypto/cnxk: move metadata to second cacheline
  crypto/cnxk: add support for padding verification in TLS
  crypto/cnxk: update the context structure of tls

 drivers/common/cnxk/roc_ie_ot_tls.h           |  18 ++-
 drivers/common/cnxk/roc_se.h                  |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     | 151 +++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c     |   3 +
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h     |  22 ++-
 drivers/crypto/cnxk/cn10k_ipsec.c             |   4 +-
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h      |   8 +-
 drivers/crypto/cnxk/cn10k_tls.c               | 137 ++++++++++++----
 drivers/crypto/cnxk/cn10k_tls.h               |   4 +
 drivers/crypto/cnxk/cn10k_tls_ops.h           |  73 +++++++--
 drivers/crypto/cnxk/cnxk_cryptodev.h          |   6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c |  52 ++++++
 12 files changed, 401 insertions(+), 78 deletions(-)

-- 
2.25.1

[PATCH v2 1/8] crypto/cnxk: multi seg support block ciphers in tls

[Vidya Sagar Velumuri]

Add support for Scatter-Gather mode for block ciphers in TLS-1.2

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  3 +-
 drivers/crypto/cnxk/cn10k_tls.c           |  5 +++
 drivers/crypto/cnxk/cn10k_tls_ops.h       | 48 ++++++++++++++++++-----
 3 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 1efed3c4cf..881a0276cc 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -33,7 +33,8 @@ struct cn10k_sec_session {
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
-			uint8_t rvsd : 7;
+			uint8_t tail_fetch_len : 2;
+			uint8_t rvsd : 5;
 			bool is_write;
 		} tls;
 	};
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 879e0ea978..b46904d3f8 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -639,6 +639,11 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
 	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
+		sec_sess->tls.tail_fetch_len = 0;
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls.tail_fetch_len = 1;
+		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
+			sec_sess->tls.tail_fetch_len = 2;
 	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 7c8ac14ab2..6fd74927ee 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -234,7 +234,10 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
+		uint16_t *sg_hdr;
 		uint32_t dlen;
 		int i;
 
@@ -244,16 +247,25 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 			return -ENOMEM;
 		}
 
-		in_buffer = (uint8_t *)m_data;
-		((uint16_t *)in_buffer)[0] = 0;
-		((uint16_t *)in_buffer)[1] = 0;
-
 		/* Input Gather List */
+		in_buffer = (uint8_t *)m_data;
+		sg_hdr = (uint16_t *)(in_buffer + 32);
+		gather_comp = (struct roc_sglist_comp *)((uint8_t *)sg_hdr + 8);
 		i = 0;
-		gather_comp = (struct roc_sglist_comp *)((uint8_t *)in_buffer + 8);
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
 
+		sg_hdr[0] = 0;
+		sg_hdr[1] = 0;
 		i = fill_sg_comp_from_pkt(gather_comp, i, m_src);
-		((uint16_t *)in_buffer)[2] = rte_cpu_to_be_16(i);
+		sg_hdr[2] = rte_cpu_to_be_16(i);
 
 		g_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -261,7 +273,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		scatter_comp = (struct roc_sglist_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
 		i = fill_sg_comp_from_pkt(scatter_comp, i, m_src);
-		((uint16_t *)in_buffer)[3] = rte_cpu_to_be_16(i);
+		sg_hdr[3] = rte_cpu_to_be_16(i);
 
 		s_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -273,10 +285,12 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = dlen;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
+		w4.s.param1 = pkt_len;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
 		uint32_t g_size_bytes;
@@ -292,7 +306,21 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		/* Input Gather List */
 		i = 0;
 
-		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)in_buffer);
+		/* First 32 bytes in m_data are rsvd for tail fetch.
+		 * SG list start from 32 byte onwards.
+		 */
+		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)(in_buffer + 32));
+
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg2_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
+
 		i = fill_sg2_comp_from_pkt(gather_comp, i, m_src);
 
 		cpt_inst_w5.s.gather_sz = ((i + 2) / 3);
@@ -311,7 +339,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w5.u64 = cpt_inst_w5.u64;
 		inst->w6.u64 = cpt_inst_w6.u64;
 		w4.u64 = sess->inst.w4;
-		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
+		w4.s.dlen = pkt_len + tail_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
 		inst->w4.u64 = w4.u64;
-- 
2.25.1

[PATCH v2 2/8] crypto/cnxk: enable sha384 and chachapoly for tls

[Vidya Sagar Velumuri]

Enable SHA384-HMAC support for TLS & DTLS 1.2.
Enable CHACHA20-POLY1305 support for TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h           |  1 +
 drivers/crypto/cnxk/cn10k_tls.c               | 56 +++++++++++++------
 drivers/crypto/cnxk/cnxk_cryptodev.h          |  6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 52 +++++++++++++++++
 4 files changed, 95 insertions(+), 20 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index b85d075e86..39c42775f4 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -39,6 +39,7 @@ enum roc_ie_ot_tls_cipher_type {
 	ROC_IE_OT_TLS_CIPHER_AES_CBC = 3,
 	ROC_IE_OT_TLS_CIPHER_AES_GCM = 7,
 	ROC_IE_OT_TLS_CIPHER_AES_CCM = 10,
+	ROC_IE_OT_TLS_CIPHER_CHACHA_POLY = 9,
 };
 
 enum roc_ie_ot_tls_ver {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index b46904d3f8..c95fcfdfa7 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -28,7 +28,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 	switch (c_algo) {
 	case RTE_CRYPTO_CIPHER_NULL:
 		if ((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) || (a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
@@ -37,7 +38,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
 		if ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	default:
@@ -69,7 +71,8 @@ tls_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 
 	if (((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) && (keylen == 16)) ||
 	    ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) && (keylen == 20)) ||
-	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)))
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)) ||
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC) && (keylen == 48)))
 		return 0;
 
 	return -EINVAL;
@@ -94,6 +97,9 @@ tls_xform_aead_verify(struct rte_security_tls_record_xform *tls_xform,
 			return 0;
 	}
 
+	if ((crypto_xform->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) && (keylen == 32))
+		return 0;
+
 	return -EINVAL;
 }
 
@@ -251,6 +257,9 @@ tls_write_rlens_get(struct rte_security_tls_record_xform *tls_xfrm,
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		mac_len = 32;
 		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		mac_len = 32;
+		break;
 	default:
 		mac_len = 0;
 		break;
@@ -339,15 +348,20 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 	cipher_key = read_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -397,6 +411,8 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 	else
 		return -EINVAL;
 
@@ -476,15 +492,19 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 	cipher_key = write_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -538,6 +558,8 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 		else
 			return -EINVAL;
 
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 45d01b94b3..fffc4a47b4 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -13,9 +13,9 @@
 
 #define CNXK_CPT_MAX_CAPS		 55
 #define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS	 16
-#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 2
-#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 6
-#define CNXK_SEC_MAX_CAPS		 17
+#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 3
+#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 7
+#define CNXK_SEC_MAX_CAPS		 19
 
 /**
  * Device private data
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index db50de5d58..0d5d64b6e7 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1639,6 +1639,27 @@ static const struct rte_cryptodev_capabilities sec_tls12_caps_sha1_sha2[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+
 };
 
 static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
@@ -1672,6 +1693,37 @@ static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* CHACHA POLY */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+				.block_size = 64,
+				.key_size = {
+					.min = 32,
+					.max = 32,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.aad_size = {
+					.min = 5,
+					.max = 5,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
 };
 
 
-- 
2.25.1

[PATCH v2 3/8] crypto/cnxk: add support for session update for TLS

[Vidya Sagar Velumuri]

Add session update support for TLS

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c |  3 +++
 drivers/crypto/cnxk/cn10k_tls.c           | 17 +++++++++++++++++
 drivers/crypto/cnxk/cn10k_tls.h           |  4 ++++
 3 files changed, 24 insertions(+)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
index cb013986c4..775104b765 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
@@ -116,6 +116,9 @@ cn10k_sec_session_update(void *dev, struct rte_security_session *sec_sess,
 	if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		return cn10k_ipsec_session_update(vf, qp, cn10k_sec_sess, conf);
 
+	if (conf->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD)
+		return cn10k_tls_record_session_update(vf, qp, cn10k_sec_sess, conf);
+
 	return -ENOTSUP;
 }
 
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index c95fcfdfa7..11279dac46 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -781,6 +781,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	return ret;
 }
 
+int
+cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				struct cn10k_sec_session *sess,
+				struct rte_security_session_conf *conf)
+{
+	struct roc_cpt *roc_cpt;
+	int ret;
+
+	if (conf->tls_record.type == RTE_SECURITY_TLS_SESS_TYPE_READ)
+		return -ENOTSUP;
+
+	roc_cpt = &vf->cpt;
+	ret = cn10k_tls_write_sa_create(roc_cpt, &qp->lf, &conf->tls_record, conf->crypto_xform,
+					(struct cn10k_sec_session *)sess);
+	return ret;
+}
+
 int
 cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				struct rte_security_tls_record_xform *tls_xfrm,
diff --git a/drivers/crypto/cnxk/cn10k_tls.h b/drivers/crypto/cnxk/cn10k_tls.h
index 19772655da..9635bdd4c9 100644
--- a/drivers/crypto/cnxk/cn10k_tls.h
+++ b/drivers/crypto/cnxk/cn10k_tls.h
@@ -25,6 +25,10 @@ struct cn10k_tls_record {
 	};
 } __rte_aligned(ROC_ALIGN);
 
+int cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				    struct cn10k_sec_session *sess,
+				    struct rte_security_session_conf *conf);
+
 int cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				    struct rte_security_tls_record_xform *tls_xfrm,
 				    struct rte_crypto_sym_xform *crypto_xfrm,
-- 
2.25.1

[PATCH v2 4/8] crypto/cnxk: avoid branches in datapath

[Vidya Sagar Velumuri]

From: Anoob Joseph <anoobj@marvell.com>

Avoid branches in datapath.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
index a30b8e413d..4e95fbb6eb 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
@@ -73,12 +73,10 @@ process_outb_sa(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k_s
 	roc_cpt_lf_ctx_reload(lf, &sess->sa.out_sa);
 	rte_delay_ms(1);
 #endif
+	const uint64_t ol_flags = m_src->ol_flags;
 
-	if (m_src->ol_flags & RTE_MBUF_F_TX_IP_CKSUM)
-		inst_w4_u64 &= ~BIT_ULL(33);
-
-	if (m_src->ol_flags & RTE_MBUF_F_TX_L4_MASK)
-		inst_w4_u64 &= ~BIT_ULL(32);
+	inst_w4_u64 &= ~(((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_IP_CKSUM)) << 33) |
+			 ((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_L4_MASK)) << 32));
 
 	if (likely(m_src->next == NULL)) {
 		if (unlikely(rte_pktmbuf_tailroom(m_src) < sess->max_extended_len)) {
-- 
2.25.1

[PATCH v2 5/8] crypto/cnxk: move metadata to second cacheline

[Vidya Sagar Velumuri]

In security session, move PMD metadata to second cacheline. Also
optimize the fields to minimize the memory usage.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h | 10 ++++++----
 drivers/crypto/cnxk/cn10k_ipsec.c         |  4 ++--
 drivers/crypto/cnxk/cn10k_tls.c           |  2 +-
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 881a0276cc..230c0f7c1c 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -5,6 +5,7 @@
 #ifndef __CN10K_CRYPTODEV_SEC_H__
 #define __CN10K_CRYPTODEV_SEC_H__
 
+#include <rte_common.h>
 #include <rte_security.h>
 
 #include "roc_constants.h"
@@ -19,23 +20,24 @@ struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
 	/** PMD private space */
+	RTE_MARKER cacheline1 __rte_cache_aligned;
 
-	enum rte_security_session_protocol proto;
 	/** Pre-populated CPT inst words */
 	struct cnxk_cpt_inst_tmpl inst;
 	uint16_t max_extended_len;
 	uint16_t iv_offset;
+	uint8_t proto;
 	uint8_t iv_length;
 	union {
 		struct {
 			uint8_t ip_csum;
-			bool is_outbound;
+			uint8_t is_outbound : 1;
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
 			uint8_t tail_fetch_len : 2;
-			uint8_t rvsd : 5;
-			bool is_write;
+			uint8_t is_write : 1;
+			uint8_t rvsd : 4;
 		} tls;
 	};
 	/** Queue pair */
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 74d6cd70d1..ef5f0ff4aa 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -76,7 +76,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 #endif
 
-	sec_sess->ipsec.is_outbound = true;
+	sec_sess->ipsec.is_outbound = 1;
 
 	/* Get Rlen calculation data */
 	ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
@@ -177,7 +177,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	sec_sess->ipsec.is_outbound = false;
+	sec_sess->ipsec.is_outbound = 0;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, in_sa);
 
 	/* Save index/SPI in cookie, specific required for Rx Inject */
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 11279dac46..ae3ed3176c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -739,7 +739,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = true;
+	sec_sess->tls.is_write = 1;
 	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
-- 
2.25.1

[PATCH v2 6/8] crypto/cnxk: add support for padding verification in TLS

[Vidya Sagar Velumuri]

For TLS-1.2:
- Verify that the padding bytes are having pad len as the
  value.
- Report error in case of discrepancies.
- Trim the padding and MAC from the tls-1.2 records

For TLS-1.3:
- Find the content type as the last non-zero byte in the record.
- Return the content type as the inner content type.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_se.h              |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 151 +++++++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  17 ++-
 drivers/crypto/cnxk/cn10k_tls.c           |  65 +++++++---
 drivers/crypto/cnxk/cn10k_tls_ops.h       |  19 ++-
 5 files changed, 215 insertions(+), 38 deletions(-)

diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index ddcf6bdb44..50741a0b81 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -169,6 +169,7 @@ typedef enum {
 	ROC_SE_ERR_SSL_CIPHER_UNSUPPORTED = 0x84,
 	ROC_SE_ERR_SSL_MAC_UNSUPPORTED = 0x85,
 	ROC_SE_ERR_SSL_VERSION_UNSUPPORTED = 0x86,
+	ROC_SE_ERR_SSL_POST_PROCESS = 0x88,
 	ROC_SE_ERR_SSL_MAC_MISMATCH = 0x89,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ_OUT_OF_WINDOW = 0xC1,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ = 0xC9,
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 8991150c05..720b756001 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -207,7 +207,7 @@ cpt_sec_tls_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 		      struct cn10k_sec_session *sess, struct cpt_inst_s *inst,
 		      struct cpt_inflight_req *infl_req, const bool is_sg_ver2)
 {
-	if (sess->tls.is_write)
+	if (sess->tls_opt.is_write)
 		return process_tls_write(&qp->lf, op, sess, &qp->meta_info, infl_req, inst,
 					 is_sg_ver2);
 	else
@@ -989,20 +989,161 @@ cn10k_cpt_ipsec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *
 }
 
 static inline void
-cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+cn10k_cpt_tls12_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res, uint8_t mac_len)
 {
+	struct rte_mbuf *mac_prev_seg = NULL, *mac_seg = NULL, *seg;
+	uint32_t pad_len, trim_len, mac_offset, pad_offset;
 	struct rte_mbuf *mbuf = cop->sym->m_src;
-	const uint16_t m_len = res->rlen;
+	uint16_t m_len = res->rlen;
+	uint32_t i, nb_segs = 1;
+	uint8_t pad_res = 0;
+	uint8_t pad_val;
+
+	pad_val = ((res->spi >> 16) & 0xff);
+	pad_len = pad_val + 1;
+	trim_len = pad_len + mac_len;
+	mac_offset = m_len - trim_len;
+	pad_offset = mac_offset + mac_len;
+
+	/* Handle Direct Mode */
+	if (mbuf->next == NULL) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(mbuf, uint8_t *, pad_offset);
+
+		for (i = 0; i < pad_len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		if (pad_res) {
+			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			cop->aux_flags = res->uc_compcode;
+		}
+		mbuf->pkt_len = m_len - trim_len;
+		mbuf->data_len = m_len - trim_len;
+
+		return;
+	}
+
+	/* Handle SG mode */
+	seg = mbuf;
+	while (mac_offset >= seg->data_len) {
+		mac_offset -= seg->data_len;
+		mac_prev_seg = seg;
+		seg = seg->next;
+		nb_segs++;
+	}
+	mac_seg = seg;
+
+	pad_offset = mac_offset + mac_len;
+	while (pad_offset >= seg->data_len) {
+		pad_offset -= seg->data_len;
+		seg = seg->next;
+	}
+
+	while (pad_len != 0) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(seg, uint8_t *, pad_offset);
+		uint8_t len = RTE_MIN(seg->data_len - pad_offset, pad_len);
+
+		for (i = 0; i < len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		pad_offset = 0;
+		pad_len -= len;
+		seg = seg->next;
+	}
+
+	if (pad_res) {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		cop->aux_flags = res->uc_compcode;
+	}
+
+	mbuf->pkt_len = m_len - trim_len;
+	if (mac_offset) {
+		rte_pktmbuf_free(mac_seg->next);
+		mac_seg->next = NULL;
+		mac_seg->data_len = mac_offset;
+		mbuf->nb_segs = nb_segs;
+	} else {
+		rte_pktmbuf_free(mac_seg);
+		mac_prev_seg->next = NULL;
+		mbuf->nb_segs = nb_segs - 1;
+	}
+}
+
+/* TLS-1.3:
+ * Read from last until a non-zero value is encountered.
+ * Return the non zero value as the content type.
+ * Remove the MAC and content type and padding bytes.
+ */
+static inline void
+cn10k_cpt_tls13_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+{
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	struct rte_mbuf *seg = mbuf;
+	uint16_t m_len = res->rlen;
+	uint8_t *ptr, type = 0x0;
+	int len, i, nb_segs = 1;
+
+	while (m_len && !type) {
+		len = m_len;
+		seg = mbuf;
+
+		/* get the last seg */
+		while (len > seg->data_len) {
+			len -= seg->data_len;
+			seg = seg->next;
+			nb_segs++;
+		}
+
+		/* walkthrough from last until a non zero value is found */
+		ptr = rte_pktmbuf_mtod(seg, uint8_t *);
+		i = len;
+		while (i && (ptr[--i] == 0))
+			;
+
+		type = ptr[i];
+		m_len -= len;
+	}
+
+	if (type) {
+		cop->param1.tls_record.content_type = type;
+		mbuf->pkt_len = m_len + i;
+		mbuf->nb_segs = nb_segs;
+		seg->data_len = i;
+		rte_pktmbuf_free(seg->next);
+		seg->next = NULL;
+	} else {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	}
+}
+
+static inline void
+cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res,
+			   struct cn10k_sec_session *sess)
+{
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
-	} else {
+		cop->param1.tls_record.content_type = (res->spi >> 24) & 0xff;
+		return;
+	}
+
+	/* Any error other than post process */
+	if (res->uc_compcode != ROC_SE_ERR_SSL_POST_PROCESS) {
 		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
 		cop->aux_flags = res->uc_compcode;
 		plt_err("crypto op failed with UC compcode: 0x%x", res->uc_compcode);
+		return;
 	}
+
+	/* Extra padding scenario: Verify padding. Remove padding and MAC */
+	if (tls_opt.tls_ver != RTE_SECURITY_VERSION_TLS_1_3)
+		cn10k_cpt_tls12_trim_mac(cop, res, (uint8_t)tls_opt.mac_len);
+	else
+		cn10k_cpt_tls13_trim_mac(cop, res);
 }
 
 static inline void
@@ -1015,7 +1156,7 @@ cn10k_cpt_sec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *re
 	if (sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		cn10k_cpt_ipsec_post_process(cop, res);
 	else if (sess->proto == RTE_SECURITY_PROTOCOL_TLS_RECORD)
-		cn10k_cpt_tls_post_process(cop, res);
+		cn10k_cpt_tls_post_process(cop, res, sess);
 }
 
 static inline void
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 230c0f7c1c..1637a9a25c 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -16,6 +16,15 @@
 
 #define SEC_SESS_SIZE sizeof(struct rte_security_session)
 
+struct cn10k_tls_opt {
+	uint16_t pad_shift : 3;
+	uint16_t enable_padding : 1;
+	uint16_t tail_fetch_len : 2;
+	uint16_t tls_ver : 2;
+	uint16_t is_write : 1;
+	uint16_t mac_len : 7;
+};
+
 struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
@@ -29,16 +38,12 @@ struct cn10k_sec_session {
 	uint8_t proto;
 	uint8_t iv_length;
 	union {
+		uint16_t u16;
+		struct cn10k_tls_opt tls_opt;
 		struct {
 			uint8_t ip_csum;
 			uint8_t is_outbound : 1;
 		} ipsec;
-		struct {
-			uint8_t enable_padding : 1;
-			uint8_t tail_fetch_len : 2;
-			uint8_t is_write : 1;
-			uint8_t rvsd : 4;
-		} tls;
 	};
 	/** Queue pair */
 	struct cnxk_cpt_qp *qp;
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index ae3ed3176c..3505a71a6c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -119,8 +119,14 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 	    (tls_xform->type != RTE_SECURITY_TLS_SESS_TYPE_WRITE))
 		return -EINVAL;
 
-	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)
+	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		/* optional padding is not allowed in TLS-1.2 for AEAD */
+		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
+		    (tls_xform->options.extra_padding_enable == 1))
+			return -EINVAL;
+
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
+	}
 
 	/* TLS-1.3 only support AEAD.
 	 * Control should not reach here for TLS-1.3
@@ -321,7 +327,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 static int
 tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		 struct rte_security_tls_record_xform *tls_xfrm,
-		 struct rte_crypto_sym_xform *crypto_xfrm)
+		 struct rte_crypto_sym_xform *crypto_xfrm, struct cn10k_tls_opt *tls_opt)
 {
 	enum rte_security_tls_version tls_ver = tls_xfrm->ver;
 	struct rte_crypto_sym_xform *auth_xfrm, *cipher_xfrm;
@@ -405,16 +411,26 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		memcpy(cipher_key, key, length);
 	}
 
-	if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_MD5_HMAC)
+	switch (auth_xfrm->auth.algo) {
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_MD5;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC)
+		tls_opt->mac_len = 0;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
+		tls_opt->mac_len = 20;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		tls_opt->mac_len = 32;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
-	else
+		tls_opt->mac_len = 48;
+		break;
+	default:
 		return -EINVAL;
+	}
 
 	roc_se_hmac_opad_ipad_gen(read_sa->w2.s.mac_select, auth_xfrm->auth.key.data,
 				  auth_xfrm->auth.key.length, read_sa->tls_12.opad_ipad,
@@ -622,6 +638,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			 struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_read_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *read_sa;
@@ -638,7 +655,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 
 	/* Translate security parameters to SA */
-	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm);
+	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm, &sec_sess->tls_opt);
 	if (ret) {
 		plt_err("Could not fill read session parameters");
 		goto sa_dptr_free;
@@ -658,19 +675,20 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
-		sec_sess->tls.tail_fetch_len = 0;
+		sec_sess->tls_opt.tail_fetch_len = 0;
 		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
-			sec_sess->tls.tail_fetch_len = 1;
+			sec_sess->tls_opt.tail_fetch_len = 1;
 		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
-			sec_sess->tls.tail_fetch_len = 2;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+			sec_sess->tls_opt.tail_fetch_len = 2;
+	} else if (tls_xfrm->ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
 	}
 
+	sec_sess->tls_opt.tls_ver = tls_ver;
 	sec_sess->inst.w4 = inst_w4.u64;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, read_sa);
 
@@ -706,6 +724,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			  struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_write_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *write_sa;
@@ -739,17 +758,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = 1;
-	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
+	sec_sess->tls_opt.is_write = 1;
+	sec_sess->tls_opt.pad_shift = 0;
+	sec_sess->tls_opt.tls_ver = tls_ver;
+	sec_sess->tls_opt.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls_opt.pad_shift = 3;
+		else
+			sec_sess->tls_opt.pad_shift = 4;
+	} else if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
 	}
@@ -838,7 +863,7 @@ cn10k_sec_tls_session_destroy(struct cnxk_cpt_qp *qp, struct cn10k_sec_session *
 
 	ret = -1;
 
-	if (sess->tls.is_write) {
+	if (sess->tls_opt.is_write) {
 		sa_dptr = plt_zmalloc(sizeof(struct roc_ie_ot_tls_write_sa), 8);
 		if (sa_dptr != NULL) {
 			tls_write_sa_init(sa_dptr);
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 6fd74927ee..64f94a4e8b 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -21,16 +21,21 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		  struct cpt_qp_meta_info *m_info, struct cpt_inflight_req *infl_req,
 		  struct cpt_inst_s *inst, const bool is_sg_ver2)
 {
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 #ifdef LA_IPSEC_DEBUG
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
 	void *m_data = NULL;
 	uint8_t *in_buffer;
 
+	pad_bytes = (cop->aux_flags * 8) > 0xff ? 0xff : (cop->aux_flags * 8);
+	pad_len = (pad_bytes >> tls_opt.pad_shift) * tls_opt.enable_padding;
+
 #ifdef LA_IPSEC_DEBUG
 	write_sa = &sess->tls_rec.write_sa;
 	if (write_sa->w2.s.iv_at_cptr == ROC_IE_OT_TLS_IV_SRC_FROM_SA) {
@@ -94,7 +99,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.dlen = m_src->data_len;
 
 		w4.s.param2 = cop->param1.tls_record.content_type;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
@@ -148,10 +153,10 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
@@ -198,11 +203,11 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	}
 
@@ -234,7 +239,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
 		uint16_t *sg_hdr;
@@ -289,7 +294,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
-- 
2.25.1

[PATCH v2 7/8] crypto/cnxk: add support for oop processing in TLS

[Vidya Sagar Velumuri]

From: Aakash Sasidharan <asasidharan@marvell.com>

Add support for out-of-place processing in TLS.

Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
---
 drivers/crypto/cnxk/cn10k_tls_ops.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 64f94a4e8b..e8e2547f68 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -27,6 +27,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
@@ -191,7 +192,9 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
@@ -221,6 +224,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 {
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	union cpt_inst_w4 w4;
 	uint8_t *in_buffer;
 	void *m_data;
@@ -334,7 +338,9 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
-- 
2.25.1

[PATCH v2 8/8] crypto/cnxk: update the context structure of tls

[Vidya Sagar Velumuri]

Keep the record context for TLS-1.3 in sync with microcode
structure.

Report error if optional padding is enabled for AEAD
case in both TLS-1.2 and DTLS-1.2.

Use the proper offset for calculating the context size in case of TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h | 17 ++++++++++++-----
 drivers/crypto/cnxk/cn10k_tls.c     |  6 +++---
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index 39c42775f4..2d6a290d9b 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -68,6 +68,16 @@ struct roc_ie_ot_tls_read_ctx_update_reg {
 	uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ];
 };
 
+struct roc_ie_ot_tls_1_3_read_ctx_update_reg {
+	uint64_t rsvd0;
+	uint64_t ar_valid_mask;
+	uint64_t hard_life;
+	uint64_t soft_life;
+	uint64_t mib_octs;
+	uint64_t mib_pkts;
+	uint64_t rsvd1;
+};
+
 union roc_ie_ot_tls_param2 {
 	uint16_t u16;
 	struct {
@@ -137,11 +147,8 @@ struct roc_ie_ot_tls_read_sa {
 
 	union {
 		struct {
-			/* Word10 */
-			uint64_t w10_rsvd6;
-
-			/* Word11 - Word25 */
-			struct roc_ie_ot_tls_read_ctx_update_reg ctx;
+			/* Word10 - Word16 */
+			struct roc_ie_ot_tls_1_3_read_ctx_update_reg ctx;
 		} tls_13;
 
 		struct {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 3505a71a6c..7b73a58d2a 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -121,8 +121,8 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 
 	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		/* optional padding is not allowed in TLS-1.2 for AEAD */
-		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
-		    (tls_xform->options.extra_padding_enable == 1))
+		if ((tls_xform->options.extra_padding_enable == 1) &&
+		    (tls_xform->ver != RTE_SECURITY_VERSION_TLS_1_3))
 			return -EINVAL;
 
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
@@ -312,7 +312,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 	/* Variable based on Anti-replay Window */
 	if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_13.ctx) +
-		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
+		       sizeof(struct roc_ie_ot_tls_1_3_read_ctx_update_reg);
 	} else {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_12.ctx) +
 		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
-- 
2.25.1

Re: [PATCH 00/12] Add TLS features

[Patrick Robb]

Recheck-request: iol-broadcom-Performance

Sorry, you had a false failure in CI, so triggering a retest to
correct that. We need to tune this system to reduce performance
variance - I am asking Broadcom if we can make the fail threshold less
sensitive in the interim.

[PATCH v3 0/8] Fixes and minor improvements for Crypto cnxk

[Vidya Sagar Velumuri]

Fixes and minor improvements for Crypto cnxk PMD.

v3:
Resend

v2:
* Squashed related patches

Aakash Sasidharan (1):
  crypto/cnxk: add support for oop processing in TLS

Anoob Joseph (2):
  crypto/cnxk: avoid branches in datapath
  crypto/cnxk: move metadata to second cacheline

Vidya Sagar Velumuri (5):
  crypto/cnxk: multi seg support block ciphers in tls
  crypto/cnxk: enable sha384 and chachapoly for tls
  crypto/cnxk: add support for session update for TLS
  crypto/cnxk: add support for padding verification in TLS
  crypto/cnxk: update the context structure of tls

 drivers/common/cnxk/roc_ie_ot_tls.h           |  18 ++-
 drivers/common/cnxk/roc_se.h                  |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     | 151 +++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c     |   3 +
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h     |  22 ++-
 drivers/crypto/cnxk/cn10k_ipsec.c             |   4 +-
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h      |   8 +-
 drivers/crypto/cnxk/cn10k_tls.c               | 137 ++++++++++++----
 drivers/crypto/cnxk/cn10k_tls.h               |   4 +
 drivers/crypto/cnxk/cn10k_tls_ops.h           |  73 +++++++--
 drivers/crypto/cnxk/cnxk_cryptodev.h          |   6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c |  52 ++++++
 12 files changed, 401 insertions(+), 78 deletions(-)

-- 
2.25.1

[PATCH v3 1/8] crypto/cnxk: multi seg support block ciphers in tls

[Vidya Sagar Velumuri]

Add support for Scatter-Gather mode for block ciphers in TLS-1.2

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  3 +-
 drivers/crypto/cnxk/cn10k_tls.c           |  5 +++
 drivers/crypto/cnxk/cn10k_tls_ops.h       | 48 ++++++++++++++++++-----
 3 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 1efed3c4cf..881a0276cc 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -33,7 +33,8 @@ struct cn10k_sec_session {
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
-			uint8_t rvsd : 7;
+			uint8_t tail_fetch_len : 2;
+			uint8_t rvsd : 5;
 			bool is_write;
 		} tls;
 	};
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 879e0ea978..b46904d3f8 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -639,6 +639,11 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
 	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
+		sec_sess->tls.tail_fetch_len = 0;
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls.tail_fetch_len = 1;
+		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
+			sec_sess->tls.tail_fetch_len = 2;
 	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 7c8ac14ab2..6fd74927ee 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -234,7 +234,10 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
+		uint16_t *sg_hdr;
 		uint32_t dlen;
 		int i;
 
@@ -244,16 +247,25 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 			return -ENOMEM;
 		}
 
-		in_buffer = (uint8_t *)m_data;
-		((uint16_t *)in_buffer)[0] = 0;
-		((uint16_t *)in_buffer)[1] = 0;
-
 		/* Input Gather List */
+		in_buffer = (uint8_t *)m_data;
+		sg_hdr = (uint16_t *)(in_buffer + 32);
+		gather_comp = (struct roc_sglist_comp *)((uint8_t *)sg_hdr + 8);
 		i = 0;
-		gather_comp = (struct roc_sglist_comp *)((uint8_t *)in_buffer + 8);
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
 
+		sg_hdr[0] = 0;
+		sg_hdr[1] = 0;
 		i = fill_sg_comp_from_pkt(gather_comp, i, m_src);
-		((uint16_t *)in_buffer)[2] = rte_cpu_to_be_16(i);
+		sg_hdr[2] = rte_cpu_to_be_16(i);
 
 		g_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -261,7 +273,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		scatter_comp = (struct roc_sglist_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
 		i = fill_sg_comp_from_pkt(scatter_comp, i, m_src);
-		((uint16_t *)in_buffer)[3] = rte_cpu_to_be_16(i);
+		sg_hdr[3] = rte_cpu_to_be_16(i);
 
 		s_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -273,10 +285,12 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = dlen;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
+		w4.s.param1 = pkt_len;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
 		uint32_t g_size_bytes;
@@ -292,7 +306,21 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		/* Input Gather List */
 		i = 0;
 
-		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)in_buffer);
+		/* First 32 bytes in m_data are rsvd for tail fetch.
+		 * SG list start from 32 byte onwards.
+		 */
+		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)(in_buffer + 32));
+
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg2_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
+
 		i = fill_sg2_comp_from_pkt(gather_comp, i, m_src);
 
 		cpt_inst_w5.s.gather_sz = ((i + 2) / 3);
@@ -311,7 +339,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w5.u64 = cpt_inst_w5.u64;
 		inst->w6.u64 = cpt_inst_w6.u64;
 		w4.u64 = sess->inst.w4;
-		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
+		w4.s.dlen = pkt_len + tail_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
 		inst->w4.u64 = w4.u64;
-- 
2.25.1

[PATCH v3 2/8] crypto/cnxk: enable sha384 and chachapoly for tls

[Vidya Sagar Velumuri]

Enable SHA384-HMAC support for TLS & DTLS 1.2.
Enable CHACHA20-POLY1305 support for TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h           |  1 +
 drivers/crypto/cnxk/cn10k_tls.c               | 56 +++++++++++++------
 drivers/crypto/cnxk/cnxk_cryptodev.h          |  6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 52 +++++++++++++++++
 4 files changed, 95 insertions(+), 20 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index b85d075e86..39c42775f4 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -39,6 +39,7 @@ enum roc_ie_ot_tls_cipher_type {
 	ROC_IE_OT_TLS_CIPHER_AES_CBC = 3,
 	ROC_IE_OT_TLS_CIPHER_AES_GCM = 7,
 	ROC_IE_OT_TLS_CIPHER_AES_CCM = 10,
+	ROC_IE_OT_TLS_CIPHER_CHACHA_POLY = 9,
 };
 
 enum roc_ie_ot_tls_ver {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index b46904d3f8..c95fcfdfa7 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -28,7 +28,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 	switch (c_algo) {
 	case RTE_CRYPTO_CIPHER_NULL:
 		if ((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) || (a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
@@ -37,7 +38,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
 		if ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	default:
@@ -69,7 +71,8 @@ tls_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 
 	if (((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) && (keylen == 16)) ||
 	    ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) && (keylen == 20)) ||
-	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)))
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)) ||
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC) && (keylen == 48)))
 		return 0;
 
 	return -EINVAL;
@@ -94,6 +97,9 @@ tls_xform_aead_verify(struct rte_security_tls_record_xform *tls_xform,
 			return 0;
 	}
 
+	if ((crypto_xform->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) && (keylen == 32))
+		return 0;
+
 	return -EINVAL;
 }
 
@@ -251,6 +257,9 @@ tls_write_rlens_get(struct rte_security_tls_record_xform *tls_xfrm,
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		mac_len = 32;
 		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		mac_len = 32;
+		break;
 	default:
 		mac_len = 0;
 		break;
@@ -339,15 +348,20 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 	cipher_key = read_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -397,6 +411,8 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 	else
 		return -EINVAL;
 
@@ -476,15 +492,19 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 	cipher_key = write_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -538,6 +558,8 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 		else
 			return -EINVAL;
 
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 45d01b94b3..fffc4a47b4 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -13,9 +13,9 @@
 
 #define CNXK_CPT_MAX_CAPS		 55
 #define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS	 16
-#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 2
-#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 6
-#define CNXK_SEC_MAX_CAPS		 17
+#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 3
+#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 7
+#define CNXK_SEC_MAX_CAPS		 19
 
 /**
  * Device private data
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index db50de5d58..0d5d64b6e7 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1639,6 +1639,27 @@ static const struct rte_cryptodev_capabilities sec_tls12_caps_sha1_sha2[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+
 };
 
 static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
@@ -1672,6 +1693,37 @@ static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* CHACHA POLY */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+				.block_size = 64,
+				.key_size = {
+					.min = 32,
+					.max = 32,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.aad_size = {
+					.min = 5,
+					.max = 5,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
 };
 
 
-- 
2.25.1

[PATCH v3 3/8] crypto/cnxk: add support for session update for TLS

[Vidya Sagar Velumuri]

Add session update support for TLS

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c |  3 +++
 drivers/crypto/cnxk/cn10k_tls.c           | 17 +++++++++++++++++
 drivers/crypto/cnxk/cn10k_tls.h           |  4 ++++
 3 files changed, 24 insertions(+)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
index cb013986c4..775104b765 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
@@ -116,6 +116,9 @@ cn10k_sec_session_update(void *dev, struct rte_security_session *sec_sess,
 	if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		return cn10k_ipsec_session_update(vf, qp, cn10k_sec_sess, conf);
 
+	if (conf->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD)
+		return cn10k_tls_record_session_update(vf, qp, cn10k_sec_sess, conf);
+
 	return -ENOTSUP;
 }
 
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index c95fcfdfa7..11279dac46 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -781,6 +781,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	return ret;
 }
 
+int
+cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				struct cn10k_sec_session *sess,
+				struct rte_security_session_conf *conf)
+{
+	struct roc_cpt *roc_cpt;
+	int ret;
+
+	if (conf->tls_record.type == RTE_SECURITY_TLS_SESS_TYPE_READ)
+		return -ENOTSUP;
+
+	roc_cpt = &vf->cpt;
+	ret = cn10k_tls_write_sa_create(roc_cpt, &qp->lf, &conf->tls_record, conf->crypto_xform,
+					(struct cn10k_sec_session *)sess);
+	return ret;
+}
+
 int
 cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				struct rte_security_tls_record_xform *tls_xfrm,
diff --git a/drivers/crypto/cnxk/cn10k_tls.h b/drivers/crypto/cnxk/cn10k_tls.h
index 19772655da..9635bdd4c9 100644
--- a/drivers/crypto/cnxk/cn10k_tls.h
+++ b/drivers/crypto/cnxk/cn10k_tls.h
@@ -25,6 +25,10 @@ struct cn10k_tls_record {
 	};
 } __rte_aligned(ROC_ALIGN);
 
+int cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				    struct cn10k_sec_session *sess,
+				    struct rte_security_session_conf *conf);
+
 int cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				    struct rte_security_tls_record_xform *tls_xfrm,
 				    struct rte_crypto_sym_xform *crypto_xfrm,
-- 
2.25.1

[PATCH v3 4/8] crypto/cnxk: avoid branches in datapath

[Vidya Sagar Velumuri]

From: Anoob Joseph <anoobj@marvell.com>

Avoid branches in datapath.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
index a30b8e413d..4e95fbb6eb 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
@@ -73,12 +73,10 @@ process_outb_sa(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k_s
 	roc_cpt_lf_ctx_reload(lf, &sess->sa.out_sa);
 	rte_delay_ms(1);
 #endif
+	const uint64_t ol_flags = m_src->ol_flags;
 
-	if (m_src->ol_flags & RTE_MBUF_F_TX_IP_CKSUM)
-		inst_w4_u64 &= ~BIT_ULL(33);
-
-	if (m_src->ol_flags & RTE_MBUF_F_TX_L4_MASK)
-		inst_w4_u64 &= ~BIT_ULL(32);
+	inst_w4_u64 &= ~(((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_IP_CKSUM)) << 33) |
+			 ((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_L4_MASK)) << 32));
 
 	if (likely(m_src->next == NULL)) {
 		if (unlikely(rte_pktmbuf_tailroom(m_src) < sess->max_extended_len)) {
-- 
2.25.1

[PATCH v3 5/8] crypto/cnxk: move metadata to second cacheline

[Vidya Sagar Velumuri]

From: Anoob Joseph <anoobj@marvell.com>

In security session, move PMD metadata to second cacheline. Also
optimize the fields to minimize the memory usage.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h | 10 ++++++----
 drivers/crypto/cnxk/cn10k_ipsec.c         |  4 ++--
 drivers/crypto/cnxk/cn10k_tls.c           |  2 +-
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 881a0276cc..230c0f7c1c 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -5,6 +5,7 @@
 #ifndef __CN10K_CRYPTODEV_SEC_H__
 #define __CN10K_CRYPTODEV_SEC_H__
 
+#include <rte_common.h>
 #include <rte_security.h>
 
 #include "roc_constants.h"
@@ -19,23 +20,24 @@ struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
 	/** PMD private space */
+	RTE_MARKER cacheline1 __rte_cache_aligned;
 
-	enum rte_security_session_protocol proto;
 	/** Pre-populated CPT inst words */
 	struct cnxk_cpt_inst_tmpl inst;
 	uint16_t max_extended_len;
 	uint16_t iv_offset;
+	uint8_t proto;
 	uint8_t iv_length;
 	union {
 		struct {
 			uint8_t ip_csum;
-			bool is_outbound;
+			uint8_t is_outbound : 1;
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
 			uint8_t tail_fetch_len : 2;
-			uint8_t rvsd : 5;
-			bool is_write;
+			uint8_t is_write : 1;
+			uint8_t rvsd : 4;
 		} tls;
 	};
 	/** Queue pair */
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 74d6cd70d1..ef5f0ff4aa 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -76,7 +76,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 #endif
 
-	sec_sess->ipsec.is_outbound = true;
+	sec_sess->ipsec.is_outbound = 1;
 
 	/* Get Rlen calculation data */
 	ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
@@ -177,7 +177,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	sec_sess->ipsec.is_outbound = false;
+	sec_sess->ipsec.is_outbound = 0;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, in_sa);
 
 	/* Save index/SPI in cookie, specific required for Rx Inject */
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 11279dac46..ae3ed3176c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -739,7 +739,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = true;
+	sec_sess->tls.is_write = 1;
 	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
-- 
2.25.1

[PATCH v3 6/8] crypto/cnxk: add support for padding verification in TLS

[Vidya Sagar Velumuri]

For TLS-1.2:
- Verify that the padding bytes are having pad len as the
  value.
- Report error in case of discrepancies.
- Trim the padding and MAC from the tls-1.2 records

For TLS-1.3:
- Find the content type as the last non-zero byte in the record.
- Return the content type as the inner content type.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_se.h              |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 151 +++++++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  17 ++-
 drivers/crypto/cnxk/cn10k_tls.c           |  65 +++++++---
 drivers/crypto/cnxk/cn10k_tls_ops.h       |  19 ++-
 5 files changed, 215 insertions(+), 38 deletions(-)

diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index ddcf6bdb44..50741a0b81 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -169,6 +169,7 @@ typedef enum {
 	ROC_SE_ERR_SSL_CIPHER_UNSUPPORTED = 0x84,
 	ROC_SE_ERR_SSL_MAC_UNSUPPORTED = 0x85,
 	ROC_SE_ERR_SSL_VERSION_UNSUPPORTED = 0x86,
+	ROC_SE_ERR_SSL_POST_PROCESS = 0x88,
 	ROC_SE_ERR_SSL_MAC_MISMATCH = 0x89,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ_OUT_OF_WINDOW = 0xC1,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ = 0xC9,
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 8991150c05..720b756001 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -207,7 +207,7 @@ cpt_sec_tls_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 		      struct cn10k_sec_session *sess, struct cpt_inst_s *inst,
 		      struct cpt_inflight_req *infl_req, const bool is_sg_ver2)
 {
-	if (sess->tls.is_write)
+	if (sess->tls_opt.is_write)
 		return process_tls_write(&qp->lf, op, sess, &qp->meta_info, infl_req, inst,
 					 is_sg_ver2);
 	else
@@ -989,20 +989,161 @@ cn10k_cpt_ipsec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *
 }
 
 static inline void
-cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+cn10k_cpt_tls12_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res, uint8_t mac_len)
 {
+	struct rte_mbuf *mac_prev_seg = NULL, *mac_seg = NULL, *seg;
+	uint32_t pad_len, trim_len, mac_offset, pad_offset;
 	struct rte_mbuf *mbuf = cop->sym->m_src;
-	const uint16_t m_len = res->rlen;
+	uint16_t m_len = res->rlen;
+	uint32_t i, nb_segs = 1;
+	uint8_t pad_res = 0;
+	uint8_t pad_val;
+
+	pad_val = ((res->spi >> 16) & 0xff);
+	pad_len = pad_val + 1;
+	trim_len = pad_len + mac_len;
+	mac_offset = m_len - trim_len;
+	pad_offset = mac_offset + mac_len;
+
+	/* Handle Direct Mode */
+	if (mbuf->next == NULL) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(mbuf, uint8_t *, pad_offset);
+
+		for (i = 0; i < pad_len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		if (pad_res) {
+			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			cop->aux_flags = res->uc_compcode;
+		}
+		mbuf->pkt_len = m_len - trim_len;
+		mbuf->data_len = m_len - trim_len;
+
+		return;
+	}
+
+	/* Handle SG mode */
+	seg = mbuf;
+	while (mac_offset >= seg->data_len) {
+		mac_offset -= seg->data_len;
+		mac_prev_seg = seg;
+		seg = seg->next;
+		nb_segs++;
+	}
+	mac_seg = seg;
+
+	pad_offset = mac_offset + mac_len;
+	while (pad_offset >= seg->data_len) {
+		pad_offset -= seg->data_len;
+		seg = seg->next;
+	}
+
+	while (pad_len != 0) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(seg, uint8_t *, pad_offset);
+		uint8_t len = RTE_MIN(seg->data_len - pad_offset, pad_len);
+
+		for (i = 0; i < len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		pad_offset = 0;
+		pad_len -= len;
+		seg = seg->next;
+	}
+
+	if (pad_res) {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		cop->aux_flags = res->uc_compcode;
+	}
+
+	mbuf->pkt_len = m_len - trim_len;
+	if (mac_offset) {
+		rte_pktmbuf_free(mac_seg->next);
+		mac_seg->next = NULL;
+		mac_seg->data_len = mac_offset;
+		mbuf->nb_segs = nb_segs;
+	} else {
+		rte_pktmbuf_free(mac_seg);
+		mac_prev_seg->next = NULL;
+		mbuf->nb_segs = nb_segs - 1;
+	}
+}
+
+/* TLS-1.3:
+ * Read from last until a non-zero value is encountered.
+ * Return the non zero value as the content type.
+ * Remove the MAC and content type and padding bytes.
+ */
+static inline void
+cn10k_cpt_tls13_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+{
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	struct rte_mbuf *seg = mbuf;
+	uint16_t m_len = res->rlen;
+	uint8_t *ptr, type = 0x0;
+	int len, i, nb_segs = 1;
+
+	while (m_len && !type) {
+		len = m_len;
+		seg = mbuf;
+
+		/* get the last seg */
+		while (len > seg->data_len) {
+			len -= seg->data_len;
+			seg = seg->next;
+			nb_segs++;
+		}
+
+		/* walkthrough from last until a non zero value is found */
+		ptr = rte_pktmbuf_mtod(seg, uint8_t *);
+		i = len;
+		while (i && (ptr[--i] == 0))
+			;
+
+		type = ptr[i];
+		m_len -= len;
+	}
+
+	if (type) {
+		cop->param1.tls_record.content_type = type;
+		mbuf->pkt_len = m_len + i;
+		mbuf->nb_segs = nb_segs;
+		seg->data_len = i;
+		rte_pktmbuf_free(seg->next);
+		seg->next = NULL;
+	} else {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	}
+}
+
+static inline void
+cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res,
+			   struct cn10k_sec_session *sess)
+{
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
-	} else {
+		cop->param1.tls_record.content_type = (res->spi >> 24) & 0xff;
+		return;
+	}
+
+	/* Any error other than post process */
+	if (res->uc_compcode != ROC_SE_ERR_SSL_POST_PROCESS) {
 		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
 		cop->aux_flags = res->uc_compcode;
 		plt_err("crypto op failed with UC compcode: 0x%x", res->uc_compcode);
+		return;
 	}
+
+	/* Extra padding scenario: Verify padding. Remove padding and MAC */
+	if (tls_opt.tls_ver != RTE_SECURITY_VERSION_TLS_1_3)
+		cn10k_cpt_tls12_trim_mac(cop, res, (uint8_t)tls_opt.mac_len);
+	else
+		cn10k_cpt_tls13_trim_mac(cop, res);
 }
 
 static inline void
@@ -1015,7 +1156,7 @@ cn10k_cpt_sec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *re
 	if (sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		cn10k_cpt_ipsec_post_process(cop, res);
 	else if (sess->proto == RTE_SECURITY_PROTOCOL_TLS_RECORD)
-		cn10k_cpt_tls_post_process(cop, res);
+		cn10k_cpt_tls_post_process(cop, res, sess);
 }
 
 static inline void
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 230c0f7c1c..1637a9a25c 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -16,6 +16,15 @@
 
 #define SEC_SESS_SIZE sizeof(struct rte_security_session)
 
+struct cn10k_tls_opt {
+	uint16_t pad_shift : 3;
+	uint16_t enable_padding : 1;
+	uint16_t tail_fetch_len : 2;
+	uint16_t tls_ver : 2;
+	uint16_t is_write : 1;
+	uint16_t mac_len : 7;
+};
+
 struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
@@ -29,16 +38,12 @@ struct cn10k_sec_session {
 	uint8_t proto;
 	uint8_t iv_length;
 	union {
+		uint16_t u16;
+		struct cn10k_tls_opt tls_opt;
 		struct {
 			uint8_t ip_csum;
 			uint8_t is_outbound : 1;
 		} ipsec;
-		struct {
-			uint8_t enable_padding : 1;
-			uint8_t tail_fetch_len : 2;
-			uint8_t is_write : 1;
-			uint8_t rvsd : 4;
-		} tls;
 	};
 	/** Queue pair */
 	struct cnxk_cpt_qp *qp;
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index ae3ed3176c..3505a71a6c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -119,8 +119,14 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 	    (tls_xform->type != RTE_SECURITY_TLS_SESS_TYPE_WRITE))
 		return -EINVAL;
 
-	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)
+	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		/* optional padding is not allowed in TLS-1.2 for AEAD */
+		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
+		    (tls_xform->options.extra_padding_enable == 1))
+			return -EINVAL;
+
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
+	}
 
 	/* TLS-1.3 only support AEAD.
 	 * Control should not reach here for TLS-1.3
@@ -321,7 +327,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 static int
 tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		 struct rte_security_tls_record_xform *tls_xfrm,
-		 struct rte_crypto_sym_xform *crypto_xfrm)
+		 struct rte_crypto_sym_xform *crypto_xfrm, struct cn10k_tls_opt *tls_opt)
 {
 	enum rte_security_tls_version tls_ver = tls_xfrm->ver;
 	struct rte_crypto_sym_xform *auth_xfrm, *cipher_xfrm;
@@ -405,16 +411,26 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		memcpy(cipher_key, key, length);
 	}
 
-	if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_MD5_HMAC)
+	switch (auth_xfrm->auth.algo) {
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_MD5;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC)
+		tls_opt->mac_len = 0;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
+		tls_opt->mac_len = 20;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		tls_opt->mac_len = 32;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
-	else
+		tls_opt->mac_len = 48;
+		break;
+	default:
 		return -EINVAL;
+	}
 
 	roc_se_hmac_opad_ipad_gen(read_sa->w2.s.mac_select, auth_xfrm->auth.key.data,
 				  auth_xfrm->auth.key.length, read_sa->tls_12.opad_ipad,
@@ -622,6 +638,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			 struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_read_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *read_sa;
@@ -638,7 +655,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 
 	/* Translate security parameters to SA */
-	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm);
+	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm, &sec_sess->tls_opt);
 	if (ret) {
 		plt_err("Could not fill read session parameters");
 		goto sa_dptr_free;
@@ -658,19 +675,20 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
-		sec_sess->tls.tail_fetch_len = 0;
+		sec_sess->tls_opt.tail_fetch_len = 0;
 		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
-			sec_sess->tls.tail_fetch_len = 1;
+			sec_sess->tls_opt.tail_fetch_len = 1;
 		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
-			sec_sess->tls.tail_fetch_len = 2;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+			sec_sess->tls_opt.tail_fetch_len = 2;
+	} else if (tls_xfrm->ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
 	}
 
+	sec_sess->tls_opt.tls_ver = tls_ver;
 	sec_sess->inst.w4 = inst_w4.u64;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, read_sa);
 
@@ -706,6 +724,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			  struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_write_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *write_sa;
@@ -739,17 +758,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = 1;
-	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
+	sec_sess->tls_opt.is_write = 1;
+	sec_sess->tls_opt.pad_shift = 0;
+	sec_sess->tls_opt.tls_ver = tls_ver;
+	sec_sess->tls_opt.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls_opt.pad_shift = 3;
+		else
+			sec_sess->tls_opt.pad_shift = 4;
+	} else if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
 	}
@@ -838,7 +863,7 @@ cn10k_sec_tls_session_destroy(struct cnxk_cpt_qp *qp, struct cn10k_sec_session *
 
 	ret = -1;
 
-	if (sess->tls.is_write) {
+	if (sess->tls_opt.is_write) {
 		sa_dptr = plt_zmalloc(sizeof(struct roc_ie_ot_tls_write_sa), 8);
 		if (sa_dptr != NULL) {
 			tls_write_sa_init(sa_dptr);
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 6fd74927ee..64f94a4e8b 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -21,16 +21,21 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		  struct cpt_qp_meta_info *m_info, struct cpt_inflight_req *infl_req,
 		  struct cpt_inst_s *inst, const bool is_sg_ver2)
 {
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 #ifdef LA_IPSEC_DEBUG
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
 	void *m_data = NULL;
 	uint8_t *in_buffer;
 
+	pad_bytes = (cop->aux_flags * 8) > 0xff ? 0xff : (cop->aux_flags * 8);
+	pad_len = (pad_bytes >> tls_opt.pad_shift) * tls_opt.enable_padding;
+
 #ifdef LA_IPSEC_DEBUG
 	write_sa = &sess->tls_rec.write_sa;
 	if (write_sa->w2.s.iv_at_cptr == ROC_IE_OT_TLS_IV_SRC_FROM_SA) {
@@ -94,7 +99,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.dlen = m_src->data_len;
 
 		w4.s.param2 = cop->param1.tls_record.content_type;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
@@ -148,10 +153,10 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
@@ -198,11 +203,11 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	}
 
@@ -234,7 +239,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
 		uint16_t *sg_hdr;
@@ -289,7 +294,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
-- 
2.25.1

[PATCH v3 7/8] crypto/cnxk: add support for oop processing in TLS

[Vidya Sagar Velumuri]

From: Aakash Sasidharan <asasidharan@marvell.com>

Add support for out-of-place processing in TLS.

Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
---
 drivers/crypto/cnxk/cn10k_tls_ops.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 64f94a4e8b..e8e2547f68 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -27,6 +27,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
@@ -191,7 +192,9 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
@@ -221,6 +224,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 {
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	union cpt_inst_w4 w4;
 	uint8_t *in_buffer;
 	void *m_data;
@@ -334,7 +338,9 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
-- 
2.25.1

[PATCH v3 8/8] crypto/cnxk: update the context structure of tls

[Vidya Sagar Velumuri]

Keep the record context for TLS-1.3 in sync with microcode
structure.

Report error if optional padding is enabled for AEAD
case in both TLS-1.2 and DTLS-1.2.

Use the proper offset for calculating the context size in case of TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h | 17 ++++++++++++-----
 drivers/crypto/cnxk/cn10k_tls.c     |  6 +++---
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index 39c42775f4..2d6a290d9b 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -68,6 +68,16 @@ struct roc_ie_ot_tls_read_ctx_update_reg {
 	uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ];
 };
 
+struct roc_ie_ot_tls_1_3_read_ctx_update_reg {
+	uint64_t rsvd0;
+	uint64_t ar_valid_mask;
+	uint64_t hard_life;
+	uint64_t soft_life;
+	uint64_t mib_octs;
+	uint64_t mib_pkts;
+	uint64_t rsvd1;
+};
+
 union roc_ie_ot_tls_param2 {
 	uint16_t u16;
 	struct {
@@ -137,11 +147,8 @@ struct roc_ie_ot_tls_read_sa {
 
 	union {
 		struct {
-			/* Word10 */
-			uint64_t w10_rsvd6;
-
-			/* Word11 - Word25 */
-			struct roc_ie_ot_tls_read_ctx_update_reg ctx;
+			/* Word10 - Word16 */
+			struct roc_ie_ot_tls_1_3_read_ctx_update_reg ctx;
 		} tls_13;
 
 		struct {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 3505a71a6c..7b73a58d2a 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -121,8 +121,8 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 
 	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		/* optional padding is not allowed in TLS-1.2 for AEAD */
-		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
-		    (tls_xform->options.extra_padding_enable == 1))
+		if ((tls_xform->options.extra_padding_enable == 1) &&
+		    (tls_xform->ver != RTE_SECURITY_VERSION_TLS_1_3))
 			return -EINVAL;
 
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
@@ -312,7 +312,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 	/* Variable based on Anti-replay Window */
 	if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_13.ctx) +
-		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
+		       sizeof(struct roc_ie_ot_tls_1_3_read_ctx_update_reg);
 	} else {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_12.ctx) +
 		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
-- 
2.25.1

[PATCH v4 0/8] Fixes and minor improvements for Crypto cnxk

[Vidya Sagar Velumuri]

Fixes and minor improvements for Crypto cnxk PMD.

v4:
* Addressed checkpatch issue

v3:
* Resend

v2:
* Squashed related patches

Aakash Sasidharan (1):
  crypto/cnxk: add support for oop processing in TLS

Anoob Joseph (2):
  crypto/cnxk: avoid branches in datapath
  crypto/cnxk: move metadata to second cacheline

Vidya Sagar Velumuri (5):
  crypto/cnxk: multi seg support block ciphers in tls
  crypto/cnxk: enable sha384 and chachapoly for tls
  crypto/cnxk: add support for session update for TLS
  crypto/cnxk: add support for padding verification in TLS
  crypto/cnxk: update the context structure of tls

 drivers/common/cnxk/roc_ie_ot_tls.h           |  18 ++-
 drivers/common/cnxk/roc_se.h                  |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     | 151 +++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c     |   3 +
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h     |  22 ++-
 drivers/crypto/cnxk/cn10k_ipsec.c             |   4 +-
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h      |   8 +-
 drivers/crypto/cnxk/cn10k_tls.c               | 137 ++++++++++++----
 drivers/crypto/cnxk/cn10k_tls.h               |   4 +
 drivers/crypto/cnxk/cn10k_tls_ops.h           |  73 +++++++--
 drivers/crypto/cnxk/cnxk_cryptodev.h          |   6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c |  52 ++++++
 12 files changed, 401 insertions(+), 78 deletions(-)

-- 
2.25.1

[PATCH v4 1/8] crypto/cnxk: multi seg support block ciphers in tls

[Vidya Sagar Velumuri]

Add support for Scatter-Gather mode for block ciphers in TLS-1.2

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  3 +-
 drivers/crypto/cnxk/cn10k_tls.c           |  5 +++
 drivers/crypto/cnxk/cn10k_tls_ops.h       | 48 ++++++++++++++++++-----
 3 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 1efed3c4cf..881a0276cc 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -33,7 +33,8 @@ struct cn10k_sec_session {
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
-			uint8_t rvsd : 7;
+			uint8_t tail_fetch_len : 2;
+			uint8_t rvsd : 5;
 			bool is_write;
 		} tls;
 	};
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 879e0ea978..b46904d3f8 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -639,6 +639,11 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
 	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
+		sec_sess->tls.tail_fetch_len = 0;
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls.tail_fetch_len = 1;
+		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
+			sec_sess->tls.tail_fetch_len = 2;
 	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 7c8ac14ab2..6fd74927ee 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -234,7 +234,10 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
+		uint16_t *sg_hdr;
 		uint32_t dlen;
 		int i;
 
@@ -244,16 +247,25 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 			return -ENOMEM;
 		}
 
-		in_buffer = (uint8_t *)m_data;
-		((uint16_t *)in_buffer)[0] = 0;
-		((uint16_t *)in_buffer)[1] = 0;
-
 		/* Input Gather List */
+		in_buffer = (uint8_t *)m_data;
+		sg_hdr = (uint16_t *)(in_buffer + 32);
+		gather_comp = (struct roc_sglist_comp *)((uint8_t *)sg_hdr + 8);
 		i = 0;
-		gather_comp = (struct roc_sglist_comp *)((uint8_t *)in_buffer + 8);
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
 
+		sg_hdr[0] = 0;
+		sg_hdr[1] = 0;
 		i = fill_sg_comp_from_pkt(gather_comp, i, m_src);
-		((uint16_t *)in_buffer)[2] = rte_cpu_to_be_16(i);
+		sg_hdr[2] = rte_cpu_to_be_16(i);
 
 		g_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -261,7 +273,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		scatter_comp = (struct roc_sglist_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
 		i = fill_sg_comp_from_pkt(scatter_comp, i, m_src);
-		((uint16_t *)in_buffer)[3] = rte_cpu_to_be_16(i);
+		sg_hdr[3] = rte_cpu_to_be_16(i);
 
 		s_size_bytes = ((i + 3) / 4) * sizeof(struct roc_sglist_comp);
 
@@ -273,10 +285,12 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = dlen;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
+		w4.s.param1 = pkt_len;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
+		int tail_len = sess->tls.tail_fetch_len * 16;
+		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
 		uint32_t g_size_bytes;
@@ -292,7 +306,21 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		/* Input Gather List */
 		i = 0;
 
-		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)in_buffer);
+		/* First 32 bytes in m_data are rsvd for tail fetch.
+		 * SG list start from 32 byte onwards.
+		 */
+		gather_comp = (struct roc_sg2list_comp *)((uint8_t *)(in_buffer + 32));
+
+		/* Add the last blocks as first gather component for tail fetch. */
+		if (tail_len) {
+			const uint8_t *output;
+
+			output = rte_pktmbuf_read(m_src, pkt_len - tail_len, tail_len, in_buffer);
+			if (output != in_buffer)
+				rte_memcpy(in_buffer, output, tail_len);
+			i = fill_sg2_comp(gather_comp, i, (uint64_t)in_buffer, tail_len);
+		}
+
 		i = fill_sg2_comp_from_pkt(gather_comp, i, m_src);
 
 		cpt_inst_w5.s.gather_sz = ((i + 2) / 3);
@@ -311,7 +339,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w5.u64 = cpt_inst_w5.u64;
 		inst->w6.u64 = cpt_inst_w6.u64;
 		w4.u64 = sess->inst.w4;
-		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
+		w4.s.dlen = pkt_len + tail_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
 		inst->w4.u64 = w4.u64;
-- 
2.25.1

[PATCH v4 2/8] crypto/cnxk: enable sha384 and chachapoly for tls

[Vidya Sagar Velumuri]

Enable SHA384-HMAC support for TLS & DTLS 1.2.
Enable CHACHA20-POLY1305 support for TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h           |  1 +
 drivers/crypto/cnxk/cn10k_tls.c               | 56 +++++++++++++------
 drivers/crypto/cnxk/cnxk_cryptodev.h          |  6 +-
 .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 52 +++++++++++++++++
 4 files changed, 95 insertions(+), 20 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index b85d075e86..39c42775f4 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -39,6 +39,7 @@ enum roc_ie_ot_tls_cipher_type {
 	ROC_IE_OT_TLS_CIPHER_AES_CBC = 3,
 	ROC_IE_OT_TLS_CIPHER_AES_GCM = 7,
 	ROC_IE_OT_TLS_CIPHER_AES_CCM = 10,
+	ROC_IE_OT_TLS_CIPHER_CHACHA_POLY = 9,
 };
 
 enum roc_ie_ot_tls_ver {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index b46904d3f8..c95fcfdfa7 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -28,7 +28,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 	switch (c_algo) {
 	case RTE_CRYPTO_CIPHER_NULL:
 		if ((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) || (a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
@@ -37,7 +38,8 @@ tls_xform_cipher_auth_verify(struct rte_crypto_sym_xform *cipher_xform,
 		break;
 	case RTE_CRYPTO_CIPHER_AES_CBC:
 		if ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) ||
-		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC))
+		    (a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) ||
+		    (a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC))
 			ret = 0;
 		break;
 	default:
@@ -69,7 +71,8 @@ tls_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 
 	if (((a_algo == RTE_CRYPTO_AUTH_MD5_HMAC) && (keylen == 16)) ||
 	    ((a_algo == RTE_CRYPTO_AUTH_SHA1_HMAC) && (keylen == 20)) ||
-	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)))
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA256_HMAC) && (keylen == 32)) ||
+	    ((a_algo == RTE_CRYPTO_AUTH_SHA384_HMAC) && (keylen == 48)))
 		return 0;
 
 	return -EINVAL;
@@ -94,6 +97,9 @@ tls_xform_aead_verify(struct rte_security_tls_record_xform *tls_xform,
 			return 0;
 	}
 
+	if ((crypto_xform->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) && (keylen == 32))
+		return 0;
+
 	return -EINVAL;
 }
 
@@ -251,6 +257,9 @@ tls_write_rlens_get(struct rte_security_tls_record_xform *tls_xfrm,
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		mac_len = 32;
 		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		mac_len = 32;
+		break;
 	default:
 		mac_len = 0;
 		break;
@@ -339,15 +348,20 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 	cipher_key = read_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			read_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			read_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -397,6 +411,8 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 	else
 		return -EINVAL;
 
@@ -476,15 +492,19 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 	cipher_key = write_sa->cipher_key;
 
 	/* Set encryption algorithm */
-	if ((crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) &&
-	    (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)) {
-		write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
-
+	if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		length = crypto_xfrm->aead.key.length;
-		if (length == 16)
-			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
-		else
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_AES_GCM;
+			if (length == 16)
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_128;
+			else
+				write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
+		if (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+			write_sa->w2.s.cipher_select = ROC_IE_OT_TLS_CIPHER_CHACHA_POLY;
 			write_sa->w2.s.aes_key_len = ROC_IE_OT_TLS_AES_KEY_LEN_256;
+		}
 
 		key = crypto_xfrm->aead.key.data;
 		memcpy(cipher_key, key, length);
@@ -538,6 +558,8 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
 		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
 			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
+		else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+			write_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
 		else
 			return -EINVAL;
 
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 45d01b94b3..fffc4a47b4 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -13,9 +13,9 @@
 
 #define CNXK_CPT_MAX_CAPS		 55
 #define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS	 16
-#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 2
-#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 6
-#define CNXK_SEC_MAX_CAPS		 17
+#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 3
+#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 7
+#define CNXK_SEC_MAX_CAPS		 19
 
 /**
  * Device private data
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index db50de5d58..0d5d64b6e7 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1639,6 +1639,27 @@ static const struct rte_cryptodev_capabilities sec_tls12_caps_sha1_sha2[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
+
 };
 
 static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
@@ -1672,6 +1693,37 @@ static const struct rte_cryptodev_capabilities sec_tls13_caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* CHACHA POLY */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+				.block_size = 64,
+				.key_size = {
+					.min = 32,
+					.max = 32,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.aad_size = {
+					.min = 5,
+					.max = 5,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+
 };
 
 
-- 
2.25.1

[PATCH v4 3/8] crypto/cnxk: add support for session update for TLS

[Vidya Sagar Velumuri]

Add session update support for TLS

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.c |  3 +++
 drivers/crypto/cnxk/cn10k_tls.c           | 17 +++++++++++++++++
 drivers/crypto/cnxk/cn10k_tls.h           |  4 ++++
 3 files changed, 24 insertions(+)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
index cb013986c4..775104b765 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.c
@@ -116,6 +116,9 @@ cn10k_sec_session_update(void *dev, struct rte_security_session *sec_sess,
 	if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		return cn10k_ipsec_session_update(vf, qp, cn10k_sec_sess, conf);
 
+	if (conf->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD)
+		return cn10k_tls_record_session_update(vf, qp, cn10k_sec_sess, conf);
+
 	return -ENOTSUP;
 }
 
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index c95fcfdfa7..11279dac46 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -781,6 +781,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	return ret;
 }
 
+int
+cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				struct cn10k_sec_session *sess,
+				struct rte_security_session_conf *conf)
+{
+	struct roc_cpt *roc_cpt;
+	int ret;
+
+	if (conf->tls_record.type == RTE_SECURITY_TLS_SESS_TYPE_READ)
+		return -ENOTSUP;
+
+	roc_cpt = &vf->cpt;
+	ret = cn10k_tls_write_sa_create(roc_cpt, &qp->lf, &conf->tls_record, conf->crypto_xform,
+					(struct cn10k_sec_session *)sess);
+	return ret;
+}
+
 int
 cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				struct rte_security_tls_record_xform *tls_xfrm,
diff --git a/drivers/crypto/cnxk/cn10k_tls.h b/drivers/crypto/cnxk/cn10k_tls.h
index 19772655da..9635bdd4c9 100644
--- a/drivers/crypto/cnxk/cn10k_tls.h
+++ b/drivers/crypto/cnxk/cn10k_tls.h
@@ -25,6 +25,10 @@ struct cn10k_tls_record {
 	};
 } __rte_aligned(ROC_ALIGN);
 
+int cn10k_tls_record_session_update(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
+				    struct cn10k_sec_session *sess,
+				    struct rte_security_session_conf *conf);
+
 int cn10k_tls_record_session_create(struct cnxk_cpt_vf *vf, struct cnxk_cpt_qp *qp,
 				    struct rte_security_tls_record_xform *tls_xfrm,
 				    struct rte_crypto_sym_xform *crypto_xfrm,
-- 
2.25.1

[PATCH v4 4/8] crypto/cnxk: avoid branches in datapath

[Vidya Sagar Velumuri]

From: Anoob Joseph <anoobj@marvell.com>

Avoid branches in datapath.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
index a30b8e413d..4e95fbb6eb 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
@@ -73,12 +73,10 @@ process_outb_sa(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k_s
 	roc_cpt_lf_ctx_reload(lf, &sess->sa.out_sa);
 	rte_delay_ms(1);
 #endif
+	const uint64_t ol_flags = m_src->ol_flags;
 
-	if (m_src->ol_flags & RTE_MBUF_F_TX_IP_CKSUM)
-		inst_w4_u64 &= ~BIT_ULL(33);
-
-	if (m_src->ol_flags & RTE_MBUF_F_TX_L4_MASK)
-		inst_w4_u64 &= ~BIT_ULL(32);
+	inst_w4_u64 &= ~(((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_IP_CKSUM)) << 33) |
+			 ((uint64_t)(!!(ol_flags & RTE_MBUF_F_TX_L4_MASK)) << 32));
 
 	if (likely(m_src->next == NULL)) {
 		if (unlikely(rte_pktmbuf_tailroom(m_src) < sess->max_extended_len)) {
-- 
2.25.1

[PATCH v4 5/8] crypto/cnxk: move metadata to second cacheline

[Vidya Sagar Velumuri]

From: Anoob Joseph <anoobj@marvell.com>

In security session, move PMD metadata to second cacheline. Also
optimize the fields to minimize the memory usage.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h | 10 ++++++----
 drivers/crypto/cnxk/cn10k_ipsec.c         |  4 ++--
 drivers/crypto/cnxk/cn10k_tls.c           |  2 +-
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 881a0276cc..5f6f5a83b6 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -5,6 +5,7 @@
 #ifndef __CN10K_CRYPTODEV_SEC_H__
 #define __CN10K_CRYPTODEV_SEC_H__
 
+#include <rte_common.h>
 #include <rte_security.h>
 
 #include "roc_constants.h"
@@ -19,23 +20,24 @@ struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
 	/** PMD private space */
+	alignas(RTE_CACHE_LINE_MIN_SIZE) RTE_MARKER cacheline1;
 
-	enum rte_security_session_protocol proto;
 	/** Pre-populated CPT inst words */
 	struct cnxk_cpt_inst_tmpl inst;
 	uint16_t max_extended_len;
 	uint16_t iv_offset;
+	uint8_t proto;
 	uint8_t iv_length;
 	union {
 		struct {
 			uint8_t ip_csum;
-			bool is_outbound;
+			uint8_t is_outbound : 1;
 		} ipsec;
 		struct {
 			uint8_t enable_padding : 1;
 			uint8_t tail_fetch_len : 2;
-			uint8_t rvsd : 5;
-			bool is_write;
+			uint8_t is_write : 1;
+			uint8_t rvsd : 4;
 		} tls;
 	};
 	/** Queue pair */
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 74d6cd70d1..ef5f0ff4aa 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -76,7 +76,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 #endif
 
-	sec_sess->ipsec.is_outbound = true;
+	sec_sess->ipsec.is_outbound = 1;
 
 	/* Get Rlen calculation data */
 	ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
@@ -177,7 +177,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	sec_sess->ipsec.is_outbound = false;
+	sec_sess->ipsec.is_outbound = 0;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, in_sa);
 
 	/* Save index/SPI in cookie, specific required for Rx Inject */
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 11279dac46..ae3ed3176c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -739,7 +739,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = true;
+	sec_sess->tls.is_write = 1;
 	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
-- 
2.25.1

[PATCH v4 6/8] crypto/cnxk: add support for padding verification in TLS

[Vidya Sagar Velumuri]

For TLS-1.2:
- Verify that the padding bytes are having pad len as the
  value.
- Report error in case of discrepancies.
- Trim the padding and MAC from the tls-1.2 records

For TLS-1.3:
- Find the content type as the last non-zero byte in the record.
- Return the content type as the inner content type.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_se.h              |   1 +
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 151 +++++++++++++++++++++-
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h |  17 ++-
 drivers/crypto/cnxk/cn10k_tls.c           |  65 +++++++---
 drivers/crypto/cnxk/cn10k_tls_ops.h       |  19 ++-
 5 files changed, 215 insertions(+), 38 deletions(-)

diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index ddcf6bdb44..50741a0b81 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -169,6 +169,7 @@ typedef enum {
 	ROC_SE_ERR_SSL_CIPHER_UNSUPPORTED = 0x84,
 	ROC_SE_ERR_SSL_MAC_UNSUPPORTED = 0x85,
 	ROC_SE_ERR_SSL_VERSION_UNSUPPORTED = 0x86,
+	ROC_SE_ERR_SSL_POST_PROCESS = 0x88,
 	ROC_SE_ERR_SSL_MAC_MISMATCH = 0x89,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ_OUT_OF_WINDOW = 0xC1,
 	ROC_SE_ERR_SSL_PKT_REPLAY_SEQ = 0xC9,
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 8991150c05..720b756001 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -207,7 +207,7 @@ cpt_sec_tls_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
 		      struct cn10k_sec_session *sess, struct cpt_inst_s *inst,
 		      struct cpt_inflight_req *infl_req, const bool is_sg_ver2)
 {
-	if (sess->tls.is_write)
+	if (sess->tls_opt.is_write)
 		return process_tls_write(&qp->lf, op, sess, &qp->meta_info, infl_req, inst,
 					 is_sg_ver2);
 	else
@@ -989,20 +989,161 @@ cn10k_cpt_ipsec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *
 }
 
 static inline void
-cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+cn10k_cpt_tls12_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res, uint8_t mac_len)
 {
+	struct rte_mbuf *mac_prev_seg = NULL, *mac_seg = NULL, *seg;
+	uint32_t pad_len, trim_len, mac_offset, pad_offset;
 	struct rte_mbuf *mbuf = cop->sym->m_src;
-	const uint16_t m_len = res->rlen;
+	uint16_t m_len = res->rlen;
+	uint32_t i, nb_segs = 1;
+	uint8_t pad_res = 0;
+	uint8_t pad_val;
+
+	pad_val = ((res->spi >> 16) & 0xff);
+	pad_len = pad_val + 1;
+	trim_len = pad_len + mac_len;
+	mac_offset = m_len - trim_len;
+	pad_offset = mac_offset + mac_len;
+
+	/* Handle Direct Mode */
+	if (mbuf->next == NULL) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(mbuf, uint8_t *, pad_offset);
+
+		for (i = 0; i < pad_len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		if (pad_res) {
+			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			cop->aux_flags = res->uc_compcode;
+		}
+		mbuf->pkt_len = m_len - trim_len;
+		mbuf->data_len = m_len - trim_len;
+
+		return;
+	}
+
+	/* Handle SG mode */
+	seg = mbuf;
+	while (mac_offset >= seg->data_len) {
+		mac_offset -= seg->data_len;
+		mac_prev_seg = seg;
+		seg = seg->next;
+		nb_segs++;
+	}
+	mac_seg = seg;
+
+	pad_offset = mac_offset + mac_len;
+	while (pad_offset >= seg->data_len) {
+		pad_offset -= seg->data_len;
+		seg = seg->next;
+	}
+
+	while (pad_len != 0) {
+		uint8_t *ptr = rte_pktmbuf_mtod_offset(seg, uint8_t *, pad_offset);
+		uint8_t len = RTE_MIN(seg->data_len - pad_offset, pad_len);
+
+		for (i = 0; i < len; i++)
+			pad_res |= ptr[i] ^ pad_val;
+
+		pad_offset = 0;
+		pad_len -= len;
+		seg = seg->next;
+	}
+
+	if (pad_res) {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		cop->aux_flags = res->uc_compcode;
+	}
+
+	mbuf->pkt_len = m_len - trim_len;
+	if (mac_offset) {
+		rte_pktmbuf_free(mac_seg->next);
+		mac_seg->next = NULL;
+		mac_seg->data_len = mac_offset;
+		mbuf->nb_segs = nb_segs;
+	} else {
+		rte_pktmbuf_free(mac_seg);
+		mac_prev_seg->next = NULL;
+		mbuf->nb_segs = nb_segs - 1;
+	}
+}
+
+/* TLS-1.3:
+ * Read from last until a non-zero value is encountered.
+ * Return the non zero value as the content type.
+ * Remove the MAC and content type and padding bytes.
+ */
+static inline void
+cn10k_cpt_tls13_trim_mac(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+{
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	struct rte_mbuf *seg = mbuf;
+	uint16_t m_len = res->rlen;
+	uint8_t *ptr, type = 0x0;
+	int len, i, nb_segs = 1;
+
+	while (m_len && !type) {
+		len = m_len;
+		seg = mbuf;
+
+		/* get the last seg */
+		while (len > seg->data_len) {
+			len -= seg->data_len;
+			seg = seg->next;
+			nb_segs++;
+		}
+
+		/* walkthrough from last until a non zero value is found */
+		ptr = rte_pktmbuf_mtod(seg, uint8_t *);
+		i = len;
+		while (i && (ptr[--i] == 0))
+			;
+
+		type = ptr[i];
+		m_len -= len;
+	}
+
+	if (type) {
+		cop->param1.tls_record.content_type = type;
+		mbuf->pkt_len = m_len + i;
+		mbuf->nb_segs = nb_segs;
+		seg->data_len = i;
+		rte_pktmbuf_free(seg->next);
+		seg->next = NULL;
+	} else {
+		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	}
+}
+
+static inline void
+cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res,
+			   struct cn10k_sec_session *sess)
+{
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
+	struct rte_mbuf *mbuf = cop->sym->m_src;
+	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
-	} else {
+		cop->param1.tls_record.content_type = (res->spi >> 24) & 0xff;
+		return;
+	}
+
+	/* Any error other than post process */
+	if (res->uc_compcode != ROC_SE_ERR_SSL_POST_PROCESS) {
 		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
 		cop->aux_flags = res->uc_compcode;
 		plt_err("crypto op failed with UC compcode: 0x%x", res->uc_compcode);
+		return;
 	}
+
+	/* Extra padding scenario: Verify padding. Remove padding and MAC */
+	if (tls_opt.tls_ver != RTE_SECURITY_VERSION_TLS_1_3)
+		cn10k_cpt_tls12_trim_mac(cop, res, (uint8_t)tls_opt.mac_len);
+	else
+		cn10k_cpt_tls13_trim_mac(cop, res);
 }
 
 static inline void
@@ -1015,7 +1156,7 @@ cn10k_cpt_sec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *re
 	if (sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		cn10k_cpt_ipsec_post_process(cop, res);
 	else if (sess->proto == RTE_SECURITY_PROTOCOL_TLS_RECORD)
-		cn10k_cpt_tls_post_process(cop, res);
+		cn10k_cpt_tls_post_process(cop, res, sess);
 }
 
 static inline void
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index 5f6f5a83b6..878cf78b82 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -16,6 +16,15 @@
 
 #define SEC_SESS_SIZE sizeof(struct rte_security_session)
 
+struct cn10k_tls_opt {
+	uint16_t pad_shift : 3;
+	uint16_t enable_padding : 1;
+	uint16_t tail_fetch_len : 2;
+	uint16_t tls_ver : 2;
+	uint16_t is_write : 1;
+	uint16_t mac_len : 7;
+};
+
 struct cn10k_sec_session {
 	uint8_t rte_sess[SEC_SESS_SIZE];
 
@@ -29,16 +38,12 @@ struct cn10k_sec_session {
 	uint8_t proto;
 	uint8_t iv_length;
 	union {
+		uint16_t u16;
+		struct cn10k_tls_opt tls_opt;
 		struct {
 			uint8_t ip_csum;
 			uint8_t is_outbound : 1;
 		} ipsec;
-		struct {
-			uint8_t enable_padding : 1;
-			uint8_t tail_fetch_len : 2;
-			uint8_t is_write : 1;
-			uint8_t rvsd : 4;
-		} tls;
 	};
 	/** Queue pair */
 	struct cnxk_cpt_qp *qp;
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index ae3ed3176c..3505a71a6c 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -119,8 +119,14 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 	    (tls_xform->type != RTE_SECURITY_TLS_SESS_TYPE_WRITE))
 		return -EINVAL;
 
-	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)
+	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		/* optional padding is not allowed in TLS-1.2 for AEAD */
+		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
+		    (tls_xform->options.extra_padding_enable == 1))
+			return -EINVAL;
+
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
+	}
 
 	/* TLS-1.3 only support AEAD.
 	 * Control should not reach here for TLS-1.3
@@ -321,7 +327,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 static int
 tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		 struct rte_security_tls_record_xform *tls_xfrm,
-		 struct rte_crypto_sym_xform *crypto_xfrm)
+		 struct rte_crypto_sym_xform *crypto_xfrm, struct cn10k_tls_opt *tls_opt)
 {
 	enum rte_security_tls_version tls_ver = tls_xfrm->ver;
 	struct rte_crypto_sym_xform *auth_xfrm, *cipher_xfrm;
@@ -405,16 +411,26 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
 		memcpy(cipher_key, key, length);
 	}
 
-	if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_MD5_HMAC)
+	switch (auth_xfrm->auth.algo) {
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_MD5;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC)
+		tls_opt->mac_len = 0;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA1;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
+		tls_opt->mac_len = 20;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_256;
-	else if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC)
+		tls_opt->mac_len = 32;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		read_sa->w2.s.mac_select = ROC_IE_OT_TLS_MAC_SHA2_384;
-	else
+		tls_opt->mac_len = 48;
+		break;
+	default:
 		return -EINVAL;
+	}
 
 	roc_se_hmac_opad_ipad_gen(read_sa->w2.s.mac_select, auth_xfrm->auth.key.data,
 				  auth_xfrm->auth.key.length, read_sa->tls_12.opad_ipad,
@@ -622,6 +638,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			 struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_read_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *read_sa;
@@ -638,7 +655,7 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 
 	/* Translate security parameters to SA */
-	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm);
+	ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm, &sec_sess->tls_opt);
 	if (ret) {
 		plt_err("Could not fill read session parameters");
 		goto sa_dptr_free;
@@ -658,19 +675,20 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
-		sec_sess->tls.tail_fetch_len = 0;
+		sec_sess->tls_opt.tail_fetch_len = 0;
 		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
-			sec_sess->tls.tail_fetch_len = 1;
+			sec_sess->tls_opt.tail_fetch_len = 1;
 		else if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_AES_CBC)
-			sec_sess->tls.tail_fetch_len = 2;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+			sec_sess->tls_opt.tail_fetch_len = 2;
+	} else if (tls_xfrm->ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
 	}
 
+	sec_sess->tls_opt.tls_ver = tls_ver;
 	sec_sess->inst.w4 = inst_w4.u64;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, read_sa);
 
@@ -706,6 +724,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			  struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_write_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *write_sa;
@@ -739,17 +758,23 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
-	sec_sess->tls.is_write = 1;
-	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
+	sec_sess->tls_opt.is_write = 1;
+	sec_sess->tls_opt.pad_shift = 0;
+	sec_sess->tls_opt.tls_ver = tls_ver;
+	sec_sess->tls_opt.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);
 	sec_sess->proto = RTE_SECURITY_PROTOCOL_TLS_RECORD;
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
-	if ((sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_12) ||
-	    (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_DTLS_12)) {
+	if ((tls_ver == RTE_SECURITY_VERSION_TLS_1_2) ||
+	    (tls_ver == RTE_SECURITY_VERSION_DTLS_1_2)) {
 		inst_w4.s.opcode_major = ROC_IE_OT_TLS_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
-	} else if (sa_dptr->w2.s.version_select == ROC_IE_OT_TLS_VERSION_TLS_13) {
+		if (sa_dptr->w2.s.cipher_select == ROC_IE_OT_TLS_CIPHER_3DES)
+			sec_sess->tls_opt.pad_shift = 3;
+		else
+			sec_sess->tls_opt.pad_shift = 4;
+	} else if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		inst_w4.s.opcode_major =
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_ENC | ROC_IE_OT_INPLACE_BIT;
 	}
@@ -838,7 +863,7 @@ cn10k_sec_tls_session_destroy(struct cnxk_cpt_qp *qp, struct cn10k_sec_session *
 
 	ret = -1;
 
-	if (sess->tls.is_write) {
+	if (sess->tls_opt.is_write) {
 		sa_dptr = plt_zmalloc(sizeof(struct roc_ie_ot_tls_write_sa), 8);
 		if (sa_dptr != NULL) {
 			tls_write_sa_init(sa_dptr);
diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 6fd74927ee..64f94a4e8b 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -21,16 +21,21 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		  struct cpt_qp_meta_info *m_info, struct cpt_inflight_req *infl_req,
 		  struct cpt_inst_s *inst, const bool is_sg_ver2)
 {
+	struct cn10k_tls_opt tls_opt = sess->tls_opt;
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 #ifdef LA_IPSEC_DEBUG
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
 	void *m_data = NULL;
 	uint8_t *in_buffer;
 
+	pad_bytes = (cop->aux_flags * 8) > 0xff ? 0xff : (cop->aux_flags * 8);
+	pad_len = (pad_bytes >> tls_opt.pad_shift) * tls_opt.enable_padding;
+
 #ifdef LA_IPSEC_DEBUG
 	write_sa = &sess->tls_rec.write_sa;
 	if (write_sa->w2.s.iv_at_cptr == ROC_IE_OT_TLS_IV_SRC_FROM_SA) {
@@ -94,7 +99,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.dlen = m_src->data_len;
 
 		w4.s.param2 = cop->param1.tls_record.content_type;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
@@ -148,10 +153,10 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.s.param1 = rte_pktmbuf_pkt_len(m_src);
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		w4.s.opcode_major |= (uint64_t)ROC_DMA_MODE_SG;
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
@@ -198,11 +203,11 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		w4.u64 = sess->inst.w4;
 		w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
 		w4.s.opcode_major &= (~(ROC_IE_OT_INPLACE_BIT));
-		w4.s.opcode_minor = sess->tls.enable_padding * cop->aux_flags * 8;
+		w4.s.opcode_minor = pad_len;
 		w4.s.param1 = w4.s.dlen;
 		w4.s.param2 = cop->param1.tls_record.content_type;
 		/* Output Scatter List */
-		last_seg->data_len += sess->max_extended_len;
+		last_seg->data_len += sess->max_extended_len + pad_bytes;
 		inst->w4.u64 = w4.u64;
 	}
 
@@ -234,7 +239,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else if (is_sg_ver2 == false) {
 		struct roc_sglist_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		uint32_t g_size_bytes, s_size_bytes;
 		uint16_t *sg_hdr;
@@ -289,7 +294,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		inst->w4.u64 = w4.u64;
 	} else {
 		struct roc_sg2list_comp *scatter_comp, *gather_comp;
-		int tail_len = sess->tls.tail_fetch_len * 16;
+		int tail_len = sess->tls_opt.tail_fetch_len * 16;
 		int pkt_len = rte_pktmbuf_pkt_len(m_src);
 		union cpt_inst_w5 cpt_inst_w5;
 		union cpt_inst_w6 cpt_inst_w6;
-- 
2.25.1

[PATCH v4 7/8] crypto/cnxk: add support for oop processing in TLS

[Vidya Sagar Velumuri]

From: Aakash Sasidharan <asasidharan@marvell.com>

Add support for out-of-place processing in TLS.

Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
---
 drivers/crypto/cnxk/cn10k_tls_ops.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_tls_ops.h b/drivers/crypto/cnxk/cn10k_tls_ops.h
index 64f94a4e8b..e8e2547f68 100644
--- a/drivers/crypto/cnxk/cn10k_tls_ops.h
+++ b/drivers/crypto/cnxk/cn10k_tls_ops.h
@@ -27,6 +27,7 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 	struct roc_ie_ot_tls_write_sa *write_sa;
 #endif
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	uint32_t pad_len, pad_bytes;
 	struct rte_mbuf *last_seg;
 	union cpt_inst_w4 w4;
@@ -191,7 +192,9 @@ process_tls_write(struct roc_cpt_lf *lf, struct rte_crypto_op *cop, struct cn10k
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
@@ -221,6 +224,7 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 {
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
+	struct rte_mbuf *m_dst = sym_op->m_dst;
 	union cpt_inst_w4 w4;
 	uint8_t *in_buffer;
 	void *m_data;
@@ -334,7 +338,9 @@ process_tls_read(struct rte_crypto_op *cop, struct cn10k_sec_session *sess,
 		i = 0;
 		scatter_comp = (struct roc_sg2list_comp *)((uint8_t *)gather_comp + g_size_bytes);
 
-		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_src);
+		if (m_dst == NULL)
+			m_dst = m_src;
+		i = fill_sg2_comp_from_pkt(scatter_comp, i, m_dst);
 
 		cpt_inst_w6.s.scatter_sz = ((i + 2) / 3);
 
-- 
2.25.1

[PATCH v4 8/8] crypto/cnxk: update the context structure of tls

[Vidya Sagar Velumuri]

Keep the record context for TLS-1.3 in sync with microcode
structure.

Report error if optional padding is enabled for AEAD
case in both TLS-1.2 and DTLS-1.2.

Use the proper offset for calculating the context size in case of TLS-1.3.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/common/cnxk/roc_ie_ot_tls.h | 17 ++++++++++++-----
 drivers/crypto/cnxk/cn10k_tls.c     |  6 +++---
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_ot_tls.h b/drivers/common/cnxk/roc_ie_ot_tls.h
index 39c42775f4..2d6a290d9b 100644
--- a/drivers/common/cnxk/roc_ie_ot_tls.h
+++ b/drivers/common/cnxk/roc_ie_ot_tls.h
@@ -68,6 +68,16 @@ struct roc_ie_ot_tls_read_ctx_update_reg {
 	uint64_t ar_winbits[ROC_IE_OT_TLS_AR_WINBITS_SZ];
 };
 
+struct roc_ie_ot_tls_1_3_read_ctx_update_reg {
+	uint64_t rsvd0;
+	uint64_t ar_valid_mask;
+	uint64_t hard_life;
+	uint64_t soft_life;
+	uint64_t mib_octs;
+	uint64_t mib_pkts;
+	uint64_t rsvd1;
+};
+
 union roc_ie_ot_tls_param2 {
 	uint16_t u16;
 	struct {
@@ -137,11 +147,8 @@ struct roc_ie_ot_tls_read_sa {
 
 	union {
 		struct {
-			/* Word10 */
-			uint64_t w10_rsvd6;
-
-			/* Word11 - Word25 */
-			struct roc_ie_ot_tls_read_ctx_update_reg ctx;
+			/* Word10 - Word16 */
+			struct roc_ie_ot_tls_1_3_read_ctx_update_reg ctx;
 		} tls_13;
 
 		struct {
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 3505a71a6c..7b73a58d2a 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -121,8 +121,8 @@ cnxk_tls_xform_verify(struct rte_security_tls_record_xform *tls_xform,
 
 	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		/* optional padding is not allowed in TLS-1.2 for AEAD */
-		if ((tls_xform->ver == RTE_SECURITY_VERSION_TLS_1_2) &&
-		    (tls_xform->options.extra_padding_enable == 1))
+		if ((tls_xform->options.extra_padding_enable == 1) &&
+		    (tls_xform->ver != RTE_SECURITY_VERSION_TLS_1_3))
 			return -EINVAL;
 
 		return tls_xform_aead_verify(tls_xform, crypto_xform);
@@ -312,7 +312,7 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum rte_security_tls_versio
 	/* Variable based on Anti-replay Window */
 	if (tls_ver == RTE_SECURITY_VERSION_TLS_1_3) {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_13.ctx) +
-		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
+		       sizeof(struct roc_ie_ot_tls_1_3_read_ctx_update_reg);
 	} else {
 		size = offsetof(struct roc_ie_ot_tls_read_sa, tls_12.ctx) +
 		       offsetof(struct roc_ie_ot_tls_read_ctx_update_reg, ar_winbits);
-- 
2.25.1

RE: [PATCH v4 0/8] Fixes and minor improvements for Crypto cnxk

[Akhil Goyal]

> Subject: [PATCH v4 0/8] Fixes and minor improvements for Crypto cnxk
> 
> Fixes and minor improvements for Crypto cnxk PMD.
> 
> v4:
> * Addressed checkpatch issue
> 
> v3:
> * Resend
> 
> v2:
> * Squashed related patches
> 
> Aakash Sasidharan (1):
>   crypto/cnxk: add support for oop processing in TLS
> 
> Anoob Joseph (2):
>   crypto/cnxk: avoid branches in datapath
>   crypto/cnxk: move metadata to second cacheline
> 
> Vidya Sagar Velumuri (5):
>   crypto/cnxk: multi seg support block ciphers in tls
>   crypto/cnxk: enable sha384 and chachapoly for tls
>   crypto/cnxk: add support for session update for TLS
>   crypto/cnxk: add support for padding verification in TLS
>   crypto/cnxk: update the context structure of tls
> 
>  drivers/common/cnxk/roc_ie_ot_tls.h           |  18 ++-
>  drivers/common/cnxk/roc_se.h                  |   1 +
>  drivers/crypto/cnxk/cn10k_cryptodev_ops.c     | 151 +++++++++++++++++-
>  drivers/crypto/cnxk/cn10k_cryptodev_sec.c     |   3 +
>  drivers/crypto/cnxk/cn10k_cryptodev_sec.h     |  22 ++-
>  drivers/crypto/cnxk/cn10k_ipsec.c             |   4 +-
>  drivers/crypto/cnxk/cn10k_ipsec_la_ops.h      |   8 +-
>  drivers/crypto/cnxk/cn10k_tls.c               | 137 ++++++++++++----
>  drivers/crypto/cnxk/cn10k_tls.h               |   4 +
>  drivers/crypto/cnxk/cn10k_tls_ops.h           |  73 +++++++--
>  drivers/crypto/cnxk/cnxk_cryptodev.h          |   6 +-
>  .../crypto/cnxk/cnxk_cryptodev_capabilities.c |  52 ++++++
>  12 files changed, 401 insertions(+), 78 deletions(-)
> 
Applied to dpdk-next-crypto
Thanks.