1c75542aeSFan Zhang /* SPDX-License-Identifier: BSD-3-Clause 2c75542aeSFan Zhang * Copyright(c) 2021 Intel Corporation 3c75542aeSFan Zhang */ 4c75542aeSFan Zhang 5c75542aeSFan Zhang #ifndef _IPSEC_MB_PRIVATE_H_ 6c75542aeSFan Zhang #define _IPSEC_MB_PRIVATE_H_ 7c75542aeSFan Zhang 80899a87cSRuifeng Wang #if defined(RTE_ARCH_ARM) 90899a87cSRuifeng Wang #include <ipsec-mb.h> 100899a87cSRuifeng Wang #else 11c75542aeSFan Zhang #include <intel-ipsec-mb.h> 120899a87cSRuifeng Wang #endif 13c75542aeSFan Zhang #include <cryptodev_pmd.h> 144851ef2bSDavid Marchand #include <bus_vdev_driver.h> 15c75542aeSFan Zhang 16c75542aeSFan Zhang #include <rte_security.h> 17c75542aeSFan Zhang #include <rte_security_driver.h> 18c75542aeSFan Zhang 19c75542aeSFan Zhang /* Maximum length for digest */ 20c75542aeSFan Zhang #define DIGEST_LENGTH_MAX 64 21c75542aeSFan Zhang 2272a16927SCiara Power /* Maximum length for memzone name */ 2372a16927SCiara Power #define IPSEC_MB_MAX_MZ_NAME 32 2472a16927SCiara Power 25b35848bcSKai Ji /* ipsec mb multi-process queue pair config */ 26b35848bcSKai Ji #define IPSEC_MB_MP_MSG "ipsec_mb_mp_msg" 27b35848bcSKai Ji 28c75542aeSFan Zhang enum ipsec_mb_vector_mode { 29c75542aeSFan Zhang IPSEC_MB_NOT_SUPPORTED = 0, 30c75542aeSFan Zhang IPSEC_MB_SSE, 31c75542aeSFan Zhang IPSEC_MB_AVX, 32c75542aeSFan Zhang IPSEC_MB_AVX2, 337ecd6385SAshwin Sekhar T K IPSEC_MB_AVX512, 347ecd6385SAshwin Sekhar T K IPSEC_MB_ARM64, 35c75542aeSFan Zhang }; 36c75542aeSFan Zhang 37c75542aeSFan Zhang extern enum ipsec_mb_vector_mode vector_mode; 38c75542aeSFan Zhang 39c75542aeSFan Zhang /** IMB_MGR instances, one per thread */ 40c75542aeSFan Zhang extern RTE_DEFINE_PER_LCORE(IMB_MGR *, mb_mgr); 41c75542aeSFan Zhang 42918fd2f1SPiotr Bronowski #define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb 43918fd2f1SPiotr Bronowski /**< IPSEC Multi buffer aesni_mb PMD device name */ 44918fd2f1SPiotr Bronowski 45746825e5SPiotr Bronowski #define CRYPTODEV_NAME_AESNI_GCM_PMD crypto_aesni_gcm 46746825e5SPiotr Bronowski /**< IPSEC Multi buffer PMD aesni_gcm device name */ 47746825e5SPiotr Bronowski 48bc9ef81cSPiotr Bronowski #define CRYPTODEV_NAME_KASUMI_PMD crypto_kasumi 49bc9ef81cSPiotr Bronowski /**< IPSEC Multi buffer PMD kasumi device name */ 50bc9ef81cSPiotr Bronowski 514f1cfda5SPiotr Bronowski #define CRYPTODEV_NAME_SNOW3G_PMD crypto_snow3g 524f1cfda5SPiotr Bronowski /**< IPSEC Multi buffer PMD snow3g device name */ 534f1cfda5SPiotr Bronowski 54cde8df1bSPiotr Bronowski #define CRYPTODEV_NAME_ZUC_PMD crypto_zuc 55cde8df1bSPiotr Bronowski /**< IPSEC Multi buffer PMD zuc device name */ 56cde8df1bSPiotr Bronowski 57f1666288SKai Ji #define CRYPTODEV_NAME_CHACHA20_POLY1305_PMD crypto_chacha20_poly1305 58f1666288SKai Ji /**< IPSEC Multi buffer PMD chacha20_poly1305 device name */ 59f1666288SKai Ji 60c75542aeSFan Zhang /** PMD LOGTYPE DRIVER, common to all PMDs */ 61c75542aeSFan Zhang extern int ipsec_mb_logtype_driver; 62*2b843cacSDavid Marchand #define RTE_LOGTYPE_IPSEC_MB ipsec_mb_logtype_driver 63*2b843cacSDavid Marchand #define IPSEC_MB_LOG(level, ...) \ 64*2b843cacSDavid Marchand RTE_LOG_LINE_PREFIX(level, IPSEC_MB, "%s() line %u: ", \ 65*2b843cacSDavid Marchand __func__ RTE_LOG_COMMA __LINE__, __VA_ARGS__) 66c75542aeSFan Zhang 67c75542aeSFan Zhang /** All supported device types */ 68c75542aeSFan Zhang enum ipsec_mb_pmd_types { 69918fd2f1SPiotr Bronowski IPSEC_MB_PMD_TYPE_AESNI_MB = 0, 70746825e5SPiotr Bronowski IPSEC_MB_PMD_TYPE_AESNI_GCM, 71bc9ef81cSPiotr Bronowski IPSEC_MB_PMD_TYPE_KASUMI, 724f1cfda5SPiotr Bronowski IPSEC_MB_PMD_TYPE_SNOW3G, 73cde8df1bSPiotr Bronowski IPSEC_MB_PMD_TYPE_ZUC, 74f1666288SKai Ji IPSEC_MB_PMD_TYPE_CHACHA20_POLY1305, 75c75542aeSFan Zhang IPSEC_MB_N_PMD_TYPES 76c75542aeSFan Zhang }; 77c75542aeSFan Zhang 78c75542aeSFan Zhang /** Crypto operations */ 79c75542aeSFan Zhang enum ipsec_mb_operation { 80c75542aeSFan Zhang IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN = 0, 81c75542aeSFan Zhang IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT, 82c75542aeSFan Zhang IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT, 83c75542aeSFan Zhang IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY, 84c75542aeSFan Zhang IPSEC_MB_OP_ENCRYPT_ONLY, 85c75542aeSFan Zhang IPSEC_MB_OP_DECRYPT_ONLY, 86c75542aeSFan Zhang IPSEC_MB_OP_HASH_GEN_ONLY, 87c75542aeSFan Zhang IPSEC_MB_OP_HASH_VERIFY_ONLY, 88c75542aeSFan Zhang IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT, 89c75542aeSFan Zhang IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT, 90c75542aeSFan Zhang IPSEC_MB_OP_NOT_SUPPORTED 91c75542aeSFan Zhang }; 92c75542aeSFan Zhang 93918fd2f1SPiotr Bronowski extern uint8_t pmd_driver_id_aesni_mb; 94746825e5SPiotr Bronowski extern uint8_t pmd_driver_id_aesni_gcm; 95bc9ef81cSPiotr Bronowski extern uint8_t pmd_driver_id_kasumi; 964f1cfda5SPiotr Bronowski extern uint8_t pmd_driver_id_snow3g; 97cde8df1bSPiotr Bronowski extern uint8_t pmd_driver_id_zuc; 98f1666288SKai Ji extern uint8_t pmd_driver_id_chacha20_poly1305; 99918fd2f1SPiotr Bronowski 100c75542aeSFan Zhang /** Helper function. Gets driver ID based on PMD type */ 101c75542aeSFan Zhang static __rte_always_inline uint8_t 102918fd2f1SPiotr Bronowski ipsec_mb_get_driver_id(enum ipsec_mb_pmd_types pmd_type) 103c75542aeSFan Zhang { 104918fd2f1SPiotr Bronowski switch (pmd_type) { 105918fd2f1SPiotr Bronowski case IPSEC_MB_PMD_TYPE_AESNI_MB: 106918fd2f1SPiotr Bronowski return pmd_driver_id_aesni_mb; 107746825e5SPiotr Bronowski case IPSEC_MB_PMD_TYPE_AESNI_GCM: 108746825e5SPiotr Bronowski return pmd_driver_id_aesni_gcm; 109bc9ef81cSPiotr Bronowski case IPSEC_MB_PMD_TYPE_KASUMI: 110bc9ef81cSPiotr Bronowski return pmd_driver_id_kasumi; 1114f1cfda5SPiotr Bronowski case IPSEC_MB_PMD_TYPE_SNOW3G: 1124f1cfda5SPiotr Bronowski return pmd_driver_id_snow3g; 113cde8df1bSPiotr Bronowski case IPSEC_MB_PMD_TYPE_ZUC: 114cde8df1bSPiotr Bronowski return pmd_driver_id_zuc; 115f1666288SKai Ji case IPSEC_MB_PMD_TYPE_CHACHA20_POLY1305: 116f1666288SKai Ji return pmd_driver_id_chacha20_poly1305; 117918fd2f1SPiotr Bronowski default: 118918fd2f1SPiotr Bronowski break; 119918fd2f1SPiotr Bronowski } 120c75542aeSFan Zhang return UINT8_MAX; 121c75542aeSFan Zhang } 122c75542aeSFan Zhang 123c75542aeSFan Zhang /** Common private data structure for each PMD */ 124c75542aeSFan Zhang struct ipsec_mb_dev_private { 125c75542aeSFan Zhang enum ipsec_mb_pmd_types pmd_type; 126c75542aeSFan Zhang /**< PMD type */ 127c75542aeSFan Zhang uint32_t max_nb_queue_pairs; 128c75542aeSFan Zhang /**< Max number of queue pairs supported by device */ 1293401a4afSDavid Marchand uint8_t priv[]; 130c75542aeSFan Zhang }; 131c75542aeSFan Zhang 132c75542aeSFan Zhang /** IPSEC Multi buffer queue pair common queue pair data for all PMDs */ 133c75542aeSFan Zhang struct ipsec_mb_qp { 134c75542aeSFan Zhang uint16_t id; 135c75542aeSFan Zhang /**< Queue Pair Identifier */ 136c75542aeSFan Zhang char name[RTE_CRYPTODEV_NAME_MAX_LEN]; 137c75542aeSFan Zhang struct rte_ring *ingress_queue; 138c75542aeSFan Zhang /**< Ring for placing operations ready for processing */ 139c75542aeSFan Zhang struct rte_mempool *sess_mp; 140c75542aeSFan Zhang /**< Session Private Data Mempool */ 141c75542aeSFan Zhang struct rte_cryptodev_stats stats; 142c75542aeSFan Zhang /**< Queue pair statistics */ 143c75542aeSFan Zhang enum ipsec_mb_pmd_types pmd_type; 144c75542aeSFan Zhang /**< pmd type */ 145c75542aeSFan Zhang uint8_t digest_idx; 146c75542aeSFan Zhang /**< Index of the next 147c75542aeSFan Zhang * slot to be used in temp_digests, 148c75542aeSFan Zhang * to store the digest for a given operation 149c75542aeSFan Zhang */ 150b35848bcSKai Ji uint16_t qp_used_by_pid; 151b35848bcSKai Ji /**< The process id used for queue pairs **/ 152c75542aeSFan Zhang IMB_MGR *mb_mgr; 153b35848bcSKai Ji /**< Multi buffer manager */ 15472a16927SCiara Power const struct rte_memzone *mb_mgr_mz; 155b35848bcSKai Ji /**< Shared memzone for storing mb_mgr */ 156013b4c52SBruce Richardson __extension__ uint8_t additional_data[]; 157c75542aeSFan Zhang /**< Storing PMD specific additional data */ 158c75542aeSFan Zhang }; 159c75542aeSFan Zhang 160b35848bcSKai Ji /** Request types for IPC. */ 161b35848bcSKai Ji enum ipsec_mb_mp_req_type { 162b35848bcSKai Ji RTE_IPSEC_MB_MP_REQ_NONE, /**< unknown event type */ 163b35848bcSKai Ji RTE_IPSEC_MB_MP_REQ_QP_SET, /**< Queue pair setup request */ 164b35848bcSKai Ji RTE_IPSEC_MB_MP_REQ_QP_FREE /**< Queue pair free request */ 165b35848bcSKai Ji }; 166b35848bcSKai Ji 167b35848bcSKai Ji /** Parameters for IPC. */ 168b35848bcSKai Ji struct ipsec_mb_mp_param { 169b35848bcSKai Ji enum ipsec_mb_mp_req_type type; /**< IPC request type */ 170b35848bcSKai Ji int dev_id; 171b35848bcSKai Ji /**< The identifier of the device */ 172b35848bcSKai Ji int qp_id; 173b35848bcSKai Ji /**< The index of the queue pair to be configured */ 174b35848bcSKai Ji int socket_id; 175b35848bcSKai Ji /**< Socket to allocate resources on */ 176b35848bcSKai Ji uint16_t process_id; 177b35848bcSKai Ji /**< The pid who send out the requested */ 178b35848bcSKai Ji uint32_t nb_descriptors; 179b35848bcSKai Ji /**< Number of descriptors per queue pair */ 180b35848bcSKai Ji void *mp_session; 181b35848bcSKai Ji /**< The mempool for creating session in sessionless mode */ 182b35848bcSKai Ji int result; 183b35848bcSKai Ji /**< The request result for response message */ 184b35848bcSKai Ji }; 185b35848bcSKai Ji 186b35848bcSKai Ji int 187b35848bcSKai Ji ipsec_mb_ipc_request(const struct rte_mp_msg *mp_msg, const void *peer); 188b35848bcSKai Ji 189c75542aeSFan Zhang static __rte_always_inline void * 190c75542aeSFan Zhang ipsec_mb_get_qp_private_data(struct ipsec_mb_qp *qp) 191c75542aeSFan Zhang { 192c75542aeSFan Zhang return (void *)qp->additional_data; 193c75542aeSFan Zhang } 194c75542aeSFan Zhang 195c75542aeSFan Zhang /** Helper function. Allocates job manager */ 196c75542aeSFan Zhang static __rte_always_inline IMB_MGR * 197c75542aeSFan Zhang alloc_init_mb_mgr(void) 198c75542aeSFan Zhang { 199c75542aeSFan Zhang IMB_MGR *mb_mgr = alloc_mb_mgr(0); 200c75542aeSFan Zhang 201c75542aeSFan Zhang if (unlikely(mb_mgr == NULL)) { 202f665790aSDavid Marchand IPSEC_MB_LOG(ERR, "Failed to allocate IMB_MGR data"); 203c75542aeSFan Zhang return NULL; 204c75542aeSFan Zhang } 205c75542aeSFan Zhang 206c75542aeSFan Zhang init_mb_mgr_auto(mb_mgr, NULL); 207c75542aeSFan Zhang 208c75542aeSFan Zhang return mb_mgr; 209c75542aeSFan Zhang } 210c75542aeSFan Zhang 211c75542aeSFan Zhang /** Helper function. Gets per thread job manager */ 212c75542aeSFan Zhang static __rte_always_inline IMB_MGR * 213c75542aeSFan Zhang get_per_thread_mb_mgr(void) 214c75542aeSFan Zhang { 215c75542aeSFan Zhang if (unlikely(RTE_PER_LCORE(mb_mgr) == NULL)) 216c75542aeSFan Zhang RTE_PER_LCORE(mb_mgr) = alloc_init_mb_mgr(); 217c75542aeSFan Zhang 218c75542aeSFan Zhang return RTE_PER_LCORE(mb_mgr); 219c75542aeSFan Zhang } 220c75542aeSFan Zhang 221918fd2f1SPiotr Bronowski /** Helper function. Gets mode and chained xforms from the xform */ 222918fd2f1SPiotr Bronowski static __rte_always_inline int 223918fd2f1SPiotr Bronowski ipsec_mb_parse_xform(const struct rte_crypto_sym_xform *xform, 224918fd2f1SPiotr Bronowski enum ipsec_mb_operation *mode, 225918fd2f1SPiotr Bronowski const struct rte_crypto_sym_xform **auth_xform, 226918fd2f1SPiotr Bronowski const struct rte_crypto_sym_xform **cipher_xform, 227918fd2f1SPiotr Bronowski const struct rte_crypto_sym_xform **aead_xform) 228918fd2f1SPiotr Bronowski { 229918fd2f1SPiotr Bronowski if (xform == NULL) { 230918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 231918fd2f1SPiotr Bronowski return -ENOTSUP; 232918fd2f1SPiotr Bronowski } 233918fd2f1SPiotr Bronowski 2348c60a049SPiotr Bronowski const struct rte_crypto_sym_xform *next = xform->next; 2358c60a049SPiotr Bronowski 236918fd2f1SPiotr Bronowski if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { 237918fd2f1SPiotr Bronowski if (next == NULL) { 238918fd2f1SPiotr Bronowski if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) { 239918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_ENCRYPT_ONLY; 240918fd2f1SPiotr Bronowski *cipher_xform = xform; 241918fd2f1SPiotr Bronowski *auth_xform = NULL; 242918fd2f1SPiotr Bronowski return 0; 243918fd2f1SPiotr Bronowski } 244918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_DECRYPT_ONLY; 245918fd2f1SPiotr Bronowski *cipher_xform = xform; 246918fd2f1SPiotr Bronowski *auth_xform = NULL; 247918fd2f1SPiotr Bronowski return 0; 248918fd2f1SPiotr Bronowski } 249918fd2f1SPiotr Bronowski 250918fd2f1SPiotr Bronowski if (next->type != RTE_CRYPTO_SYM_XFORM_AUTH) { 251918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 252918fd2f1SPiotr Bronowski return -ENOTSUP; 253918fd2f1SPiotr Bronowski } 254918fd2f1SPiotr Bronowski 255918fd2f1SPiotr Bronowski if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) { 256918fd2f1SPiotr Bronowski if (next->auth.op != RTE_CRYPTO_AUTH_OP_GENERATE) { 257918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 258918fd2f1SPiotr Bronowski return -ENOTSUP; 259918fd2f1SPiotr Bronowski } 260918fd2f1SPiotr Bronowski 261918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_ENCRYPT_THEN_HASH_GEN; 262918fd2f1SPiotr Bronowski *cipher_xform = xform; 263918fd2f1SPiotr Bronowski *auth_xform = xform->next; 264918fd2f1SPiotr Bronowski return 0; 265918fd2f1SPiotr Bronowski } 266918fd2f1SPiotr Bronowski if (next->auth.op != RTE_CRYPTO_AUTH_OP_VERIFY) { 267918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 268918fd2f1SPiotr Bronowski return -ENOTSUP; 269918fd2f1SPiotr Bronowski } 270918fd2f1SPiotr Bronowski 271918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_DECRYPT_THEN_HASH_VERIFY; 272918fd2f1SPiotr Bronowski *cipher_xform = xform; 273918fd2f1SPiotr Bronowski *auth_xform = xform->next; 274918fd2f1SPiotr Bronowski return 0; 275918fd2f1SPiotr Bronowski } 276918fd2f1SPiotr Bronowski 277918fd2f1SPiotr Bronowski if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) { 278918fd2f1SPiotr Bronowski if (next == NULL) { 279918fd2f1SPiotr Bronowski if (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) { 280918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_HASH_GEN_ONLY; 281918fd2f1SPiotr Bronowski *auth_xform = xform; 282918fd2f1SPiotr Bronowski *cipher_xform = NULL; 283918fd2f1SPiotr Bronowski return 0; 284918fd2f1SPiotr Bronowski } 285918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_HASH_VERIFY_ONLY; 286918fd2f1SPiotr Bronowski *auth_xform = xform; 287918fd2f1SPiotr Bronowski *cipher_xform = NULL; 288918fd2f1SPiotr Bronowski return 0; 289918fd2f1SPiotr Bronowski } 290918fd2f1SPiotr Bronowski 291918fd2f1SPiotr Bronowski if (next->type != RTE_CRYPTO_SYM_XFORM_CIPHER) { 292918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 293918fd2f1SPiotr Bronowski return -ENOTSUP; 294918fd2f1SPiotr Bronowski } 295918fd2f1SPiotr Bronowski 296918fd2f1SPiotr Bronowski if (xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE) { 297918fd2f1SPiotr Bronowski if (next->cipher.op != RTE_CRYPTO_CIPHER_OP_ENCRYPT) { 298918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 299918fd2f1SPiotr Bronowski return -ENOTSUP; 300918fd2f1SPiotr Bronowski } 301918fd2f1SPiotr Bronowski 302918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_HASH_GEN_THEN_ENCRYPT; 303918fd2f1SPiotr Bronowski *auth_xform = xform; 304918fd2f1SPiotr Bronowski *cipher_xform = xform->next; 305918fd2f1SPiotr Bronowski return 0; 306918fd2f1SPiotr Bronowski } 307918fd2f1SPiotr Bronowski if (next->cipher.op != RTE_CRYPTO_CIPHER_OP_DECRYPT) { 308918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 309918fd2f1SPiotr Bronowski return -ENOTSUP; 310918fd2f1SPiotr Bronowski } 311918fd2f1SPiotr Bronowski 312918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_HASH_VERIFY_THEN_DECRYPT; 313918fd2f1SPiotr Bronowski *auth_xform = xform; 314918fd2f1SPiotr Bronowski *cipher_xform = xform->next; 315918fd2f1SPiotr Bronowski return 0; 316918fd2f1SPiotr Bronowski } 317918fd2f1SPiotr Bronowski 318918fd2f1SPiotr Bronowski if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) { 319918fd2f1SPiotr Bronowski if (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) { 320918fd2f1SPiotr Bronowski /* 321918fd2f1SPiotr Bronowski * CCM requires to hash first and cipher later 322918fd2f1SPiotr Bronowski * when encrypting 323918fd2f1SPiotr Bronowski */ 324918fd2f1SPiotr Bronowski if (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM) { 325918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT; 326918fd2f1SPiotr Bronowski *aead_xform = xform; 327918fd2f1SPiotr Bronowski return 0; 328918fd2f1SPiotr Bronowski } else { 329918fd2f1SPiotr Bronowski *mode = 330918fd2f1SPiotr Bronowski IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT; 331918fd2f1SPiotr Bronowski *aead_xform = xform; 332918fd2f1SPiotr Bronowski return 0; 333918fd2f1SPiotr Bronowski } 334918fd2f1SPiotr Bronowski } else { 335918fd2f1SPiotr Bronowski if (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM) { 336918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT; 337918fd2f1SPiotr Bronowski *aead_xform = xform; 338918fd2f1SPiotr Bronowski return 0; 339918fd2f1SPiotr Bronowski } 340918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT; 341918fd2f1SPiotr Bronowski *aead_xform = xform; 342918fd2f1SPiotr Bronowski return 0; 343918fd2f1SPiotr Bronowski } 344918fd2f1SPiotr Bronowski } 345918fd2f1SPiotr Bronowski 346918fd2f1SPiotr Bronowski *mode = IPSEC_MB_OP_NOT_SUPPORTED; 347918fd2f1SPiotr Bronowski return -ENOTSUP; 348918fd2f1SPiotr Bronowski } 349918fd2f1SPiotr Bronowski 350c75542aeSFan Zhang /** Device creation function */ 351c75542aeSFan Zhang int 352c75542aeSFan Zhang ipsec_mb_create(struct rte_vdev_device *vdev, 353c75542aeSFan Zhang enum ipsec_mb_pmd_types pmd_type); 354c75542aeSFan Zhang 355c75542aeSFan Zhang /** Device remove function */ 356c75542aeSFan Zhang int 357c75542aeSFan Zhang ipsec_mb_remove(struct rte_vdev_device *vdev); 358c75542aeSFan Zhang 359c75542aeSFan Zhang /** Configure queue pair PMD type specific data */ 360c75542aeSFan Zhang typedef int (*ipsec_mb_queue_pair_configure_t)(struct ipsec_mb_qp *qp); 361c75542aeSFan Zhang 362c75542aeSFan Zhang /** Configure session PMD type specific data */ 363c75542aeSFan Zhang typedef int (*ipsec_mb_session_configure_t)(IMB_MGR *mbr_mgr, 364c75542aeSFan Zhang void *session_private, 365c75542aeSFan Zhang const struct rte_crypto_sym_xform *xform); 366c75542aeSFan Zhang 367c75542aeSFan Zhang /** Configure internals PMD type specific data */ 368c75542aeSFan Zhang typedef int (*ipsec_mb_dev_configure_t)(struct rte_cryptodev *dev); 369c75542aeSFan Zhang 370c75542aeSFan Zhang /** Per PMD type operation and data */ 371c75542aeSFan Zhang struct ipsec_mb_internals { 372c75542aeSFan Zhang uint8_t is_configured; 373c75542aeSFan Zhang dequeue_pkt_burst_t dequeue_burst; 374c75542aeSFan Zhang ipsec_mb_dev_configure_t dev_config; 375c75542aeSFan Zhang ipsec_mb_queue_pair_configure_t queue_pair_configure; 376c75542aeSFan Zhang ipsec_mb_session_configure_t session_configure; 377c75542aeSFan Zhang const struct rte_cryptodev_capabilities *caps; 378c75542aeSFan Zhang struct rte_cryptodev_ops *ops; 379c75542aeSFan Zhang struct rte_security_ops *security_ops; 380c75542aeSFan Zhang uint64_t feature_flags; 381c75542aeSFan Zhang uint32_t session_priv_size; 382c75542aeSFan Zhang uint32_t qp_priv_size; 383c75542aeSFan Zhang uint32_t internals_priv_size; 384c75542aeSFan Zhang }; 385c75542aeSFan Zhang 386c75542aeSFan Zhang /** Global PMD type specific data */ 387c75542aeSFan Zhang extern struct ipsec_mb_internals ipsec_mb_pmds[IPSEC_MB_N_PMD_TYPES]; 388c75542aeSFan Zhang 389c75542aeSFan Zhang int 390c75542aeSFan Zhang ipsec_mb_config(struct rte_cryptodev *dev, 391c75542aeSFan Zhang struct rte_cryptodev_config *config); 392c75542aeSFan Zhang 393c75542aeSFan Zhang int 394c75542aeSFan Zhang ipsec_mb_start(struct rte_cryptodev *dev); 395c75542aeSFan Zhang 396c75542aeSFan Zhang void 397c75542aeSFan Zhang ipsec_mb_stop(struct rte_cryptodev *dev); 398c75542aeSFan Zhang 399c75542aeSFan Zhang int 400c75542aeSFan Zhang ipsec_mb_close(struct rte_cryptodev *dev); 401c75542aeSFan Zhang 402c75542aeSFan Zhang void 403c75542aeSFan Zhang ipsec_mb_stats_get(struct rte_cryptodev *dev, 404c75542aeSFan Zhang struct rte_cryptodev_stats *stats); 405c75542aeSFan Zhang 406c75542aeSFan Zhang void 407c75542aeSFan Zhang ipsec_mb_stats_reset(struct rte_cryptodev *dev); 408c75542aeSFan Zhang 409c75542aeSFan Zhang void 410c75542aeSFan Zhang ipsec_mb_info_get(struct rte_cryptodev *dev, 411c75542aeSFan Zhang struct rte_cryptodev_info *dev_info); 412c75542aeSFan Zhang 413c75542aeSFan Zhang int 414c75542aeSFan Zhang ipsec_mb_qp_release(struct rte_cryptodev *dev, uint16_t qp_id); 415c75542aeSFan Zhang 416c75542aeSFan Zhang int 417c75542aeSFan Zhang ipsec_mb_qp_set_unique_name(struct rte_cryptodev *dev, struct ipsec_mb_qp *qp); 418c75542aeSFan Zhang 419c75542aeSFan Zhang int 420c75542aeSFan Zhang ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, 421c75542aeSFan Zhang const struct rte_cryptodev_qp_conf *qp_conf, 422c75542aeSFan Zhang int socket_id); 423c75542aeSFan Zhang 424c75542aeSFan Zhang /** Returns the size of the aesni multi-buffer session structure */ 425c75542aeSFan Zhang unsigned 426c75542aeSFan Zhang ipsec_mb_sym_session_get_size(struct rte_cryptodev *dev); 427c75542aeSFan Zhang 428c75542aeSFan Zhang /** Configure an aesni multi-buffer session from a crypto xform chain */ 429c75542aeSFan Zhang int ipsec_mb_sym_session_configure( 430c75542aeSFan Zhang struct rte_cryptodev *dev, 431c75542aeSFan Zhang struct rte_crypto_sym_xform *xform, 432bdce2564SAkhil Goyal struct rte_cryptodev_sym_session *sess); 433c75542aeSFan Zhang 434c75542aeSFan Zhang /** Clear the memory of session so it does not leave key material behind */ 435c75542aeSFan Zhang void 436c75542aeSFan Zhang ipsec_mb_sym_session_clear(struct rte_cryptodev *dev, 437c75542aeSFan Zhang struct rte_cryptodev_sym_session *sess); 438c75542aeSFan Zhang 439c75542aeSFan Zhang /** Get session from op. If sessionless create a session */ 440c75542aeSFan Zhang static __rte_always_inline void * 441c75542aeSFan Zhang ipsec_mb_get_session_private(struct ipsec_mb_qp *qp, struct rte_crypto_op *op) 442c75542aeSFan Zhang { 443bdce2564SAkhil Goyal struct rte_cryptodev_sym_session *sess = NULL; 444c75542aeSFan Zhang uint32_t driver_id = ipsec_mb_get_driver_id(qp->pmd_type); 445c75542aeSFan Zhang struct rte_crypto_sym_op *sym_op = op->sym; 446c75542aeSFan Zhang uint8_t sess_type = op->sess_type; 447c75542aeSFan Zhang void *_sess; 448c75542aeSFan Zhang struct ipsec_mb_internals *pmd_data = &ipsec_mb_pmds[qp->pmd_type]; 449c75542aeSFan Zhang 450c75542aeSFan Zhang switch (sess_type) { 451c75542aeSFan Zhang case RTE_CRYPTO_OP_WITH_SESSION: 452c75542aeSFan Zhang if (likely(sym_op->session != NULL)) 453bdce2564SAkhil Goyal sess = sym_op->session; 454bdce2564SAkhil Goyal else 455bdce2564SAkhil Goyal goto error_exit; 456c75542aeSFan Zhang break; 457c75542aeSFan Zhang case RTE_CRYPTO_OP_SESSIONLESS: 458c75542aeSFan Zhang if (!qp->sess_mp || 459c75542aeSFan Zhang rte_mempool_get(qp->sess_mp, (void **)&_sess)) 460c75542aeSFan Zhang return NULL; 461c75542aeSFan Zhang 462bdce2564SAkhil Goyal sess = _sess; 463bdce2564SAkhil Goyal if (sess->sess_data_sz < pmd_data->session_priv_size) { 464c75542aeSFan Zhang rte_mempool_put(qp->sess_mp, _sess); 465bdce2564SAkhil Goyal goto error_exit; 466c75542aeSFan Zhang } 467c75542aeSFan Zhang 468bdce2564SAkhil Goyal if (unlikely(pmd_data->session_configure(qp->mb_mgr, 4692a440d6aSAkhil Goyal CRYPTODEV_GET_SYM_SESS_PRIV(sess), sym_op->xform) != 0)) { 470bdce2564SAkhil Goyal rte_mempool_put(qp->sess_mp, _sess); 471bdce2564SAkhil Goyal goto error_exit; 472bdce2564SAkhil Goyal } 473bdce2564SAkhil Goyal 474bdce2564SAkhil Goyal sess->driver_id = driver_id; 475bdce2564SAkhil Goyal sym_op->session = sess; 476bdce2564SAkhil Goyal 477c75542aeSFan Zhang break; 478c75542aeSFan Zhang default: 479c75542aeSFan Zhang IPSEC_MB_LOG(ERR, "Unrecognized session type %u", sess_type); 480c75542aeSFan Zhang } 481c75542aeSFan Zhang 4822a440d6aSAkhil Goyal return CRYPTODEV_GET_SYM_SESS_PRIV(sess); 483c75542aeSFan Zhang 484bdce2564SAkhil Goyal error_exit: 485bdce2564SAkhil Goyal op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION; 486bdce2564SAkhil Goyal return NULL; 487c75542aeSFan Zhang } 488c75542aeSFan Zhang 489c75542aeSFan Zhang #endif /* _IPSEC_MB_PRIVATE_H_ */ 490