19d1c1574SAnoob Joseph.. SPDX-License-Identifier: BSD-3-Clause 29d1c1574SAnoob Joseph Copyright(C) 2023 Marvell. 39d1c1574SAnoob Joseph 49d1c1574SAnoob JosephPDCP Protocol Processing Library 59d1c1574SAnoob Joseph================================ 69d1c1574SAnoob Joseph 79d1c1574SAnoob JosephDPDK provides a library for PDCP protocol processing. 89d1c1574SAnoob JosephThe library utilizes other DPDK libraries such as cryptodev, reorder, etc., 99d1c1574SAnoob Josephto provide the application with a transparent and 109d1c1574SAnoob Josephhigh performant PDCP protocol processing library. 119d1c1574SAnoob Joseph 129d1c1574SAnoob JosephThe library abstracts complete PDCP protocol processing conforming to 139d1c1574SAnoob Joseph`ETSI TS 138 323 V17.1.0 (2022-08) 149d1c1574SAnoob Joseph<https://www.etsi.org/deliver/etsi_ts/138300_138399/138323/17.01.00_60/ts_138323v170100p.pdf>`_ 159d1c1574SAnoob Joseph 169d1c1574SAnoob JosephPDCP would involve the following operations: 179d1c1574SAnoob Joseph 189d1c1574SAnoob Joseph#. Transfer of user plane data 199d1c1574SAnoob Joseph#. Transfer of control plane data 209d1c1574SAnoob Joseph#. Header compression 219d1c1574SAnoob Joseph#. Uplink data compression 229d1c1574SAnoob Joseph#. Ciphering and integrity protection 239d1c1574SAnoob Joseph 249d1c1574SAnoob Joseph.. _figure_pdcp_functional_overview: 259d1c1574SAnoob Joseph 269d1c1574SAnoob Joseph.. figure:: img/pdcp_functional_overview.* 279d1c1574SAnoob Joseph 289d1c1574SAnoob Joseph PDCP functional overview 299d1c1574SAnoob Joseph 309d1c1574SAnoob JosephPDCP library would abstract the protocol offload features of the cryptodev and 319d1c1574SAnoob Josephwould provide a uniform interface and consistent API usage 329d1c1574SAnoob Josephto work with cryptodev irrespective of the protocol offload features supported. 339d1c1574SAnoob Joseph 349d1c1574SAnoob JosephPDCP entity API 359d1c1574SAnoob Joseph--------------- 369d1c1574SAnoob Joseph 379d1c1574SAnoob JosephPDCP library provides following control path API that is used to 389d1c1574SAnoob Josephconfigure various PDCP entities: 399d1c1574SAnoob Joseph 409d1c1574SAnoob Joseph- ``rte_pdcp_entity_establish()`` 419d1c1574SAnoob Joseph- ``rte_pdcp_entity_suspend()`` 429d1c1574SAnoob Joseph- ``rte_pdcp_entity_release()`` 439d1c1574SAnoob Joseph 449d1c1574SAnoob JosephA PDCP entity would translate to one ``rte_cryptodev_sym_session`` or 459d1c1574SAnoob Joseph``rte_security_session`` based on the config. 469d1c1574SAnoob JosephThe sessions would be created/destroyed 479d1c1574SAnoob Josephwhile corresponding PDCP entity operations are performed. 489d1c1574SAnoob Joseph 499d1c1574SAnoob JosephWhen upper layers request a PDCP entity suspend (``rte_pdcp_entity_suspend()``), 509d1c1574SAnoob Josephit would result in flushing out of all cached packets and 519d1c1574SAnoob Josephinternal state variables are updated as described in 5.1.4. 529d1c1574SAnoob Joseph 539d1c1574SAnoob JosephWhen upper layers request a PDCP entity release (``rte_pdcp_entity_release()``), 549d1c1574SAnoob Josephit would result in flushing out of all cached packets 559d1c1574SAnoob Josephand releasing of all memory associated with the entity. 569d1c1574SAnoob JosephIt would internally free any crypto/security sessions created. 579d1c1574SAnoob JosephAll procedures mentioned in 5.1.3 would be performed. 589d1c1574SAnoob Joseph 599d1c1574SAnoob JosephPDCP PDU (Protocol Data Unit) API 609d1c1574SAnoob Joseph--------------------------------- 619d1c1574SAnoob Joseph 629d1c1574SAnoob JosephPDCP PDUs can be categorized as: 639d1c1574SAnoob Joseph 649d1c1574SAnoob Joseph- Control PDU 659d1c1574SAnoob Joseph- Data PDU 669d1c1574SAnoob Joseph 679d1c1574SAnoob JosephControl PDUs are used for signalling between entities on either end 689d1c1574SAnoob Josephand can be one of the following: 699d1c1574SAnoob Joseph 709d1c1574SAnoob Joseph- PDCP status report 719d1c1574SAnoob Joseph- ROHC feedback 729d1c1574SAnoob Joseph- EHC feedback 739d1c1574SAnoob Joseph 749d1c1574SAnoob JosephControl PDUs are not ciphered or authenticated, 759d1c1574SAnoob Josephand so such packets are not submitted to cryptodev for processing. 769d1c1574SAnoob Joseph 779d1c1574SAnoob JosephData PDUs are regular packets submitted by upper layers 789d1c1574SAnoob Josephfor transmission to other end. 799d1c1574SAnoob JosephSuch packets would need to be ciphered and authenticated 809d1c1574SAnoob Josephbased on the entity configuration. 819d1c1574SAnoob Joseph 82*3a3e8931SAnoob JosephPDCP packet processing API for control PDU 83*3a3e8931SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 84*3a3e8931SAnoob Joseph 85*3a3e8931SAnoob JosephControl PDUs are used in PDCP as a communication channel 86*3a3e8931SAnoob Josephbetween transmitting and receiving entities. 87*3a3e8931SAnoob JosephWhen upper layer request for operations such as re-establishment, 88*3a3e8931SAnoob Josephreceiving PDCP entity need to prepare a status report 89*3a3e8931SAnoob Josephand send it to the other end. 90*3a3e8931SAnoob JosephThe API ``rte_pdcp_control_pdu_create()`` allows application to request the same. 91*3a3e8931SAnoob Joseph 929d1c1574SAnoob JosephPDCP packet processing API for data PDU 939d1c1574SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 949d1c1574SAnoob Joseph 959d1c1574SAnoob JosephPDCP processing is split into 2 parts. 969d1c1574SAnoob JosephOne before cryptodev processing (``rte_pdcp_pkt_pre_process()``) 979d1c1574SAnoob Josephand one after cryptodev processing (``rte_pdcp_pkt_post_process()``). 989d1c1574SAnoob JosephSince cryptodev dequeue can return crypto operations 999d1c1574SAnoob Josephbelonging to multiple entities, ``rte_pdcp_pkt_crypto_group()`` 1009d1c1574SAnoob Josephis added to help grouping crypto operations belonging to same PDCP entity. 1019d1c1574SAnoob Joseph 1029d1c1574SAnoob JosephLib PDCP would allow application to use same API sequence 1039d1c1574SAnoob Josephwhile leveraging protocol offload features enabled by ``rte_security`` library. 1049d1c1574SAnoob Joseph 1059d1c1574SAnoob JosephLib PDCP would internally change the handles registered 1069d1c1574SAnoob Josephfor ``pre_process`` and ``post_process`` based on features enabled in the entity. 1079d1c1574SAnoob Joseph 1089d1c1574SAnoob JosephLib PDCP would create the required sessions on the device 1099d1c1574SAnoob Josephprovided in entity to minimize the application requirements. 1109d1c1574SAnoob JosephAlso, the ``rte_crypto_op`` allocation and free would also be done internally 1119d1c1574SAnoob Josephby lib PDCP to allow the library to create crypto ops as required for the input packets. 1129d1c1574SAnoob JosephFor example, when control PDUs are received, no cryptodev enqueue-dequeue is expected 1139d1c1574SAnoob Josephfor the same and lib PDCP is expected to handle it differently. 1149d1c1574SAnoob Joseph 1159d1c1574SAnoob JosephSupported features 1169d1c1574SAnoob Joseph------------------ 1179d1c1574SAnoob Joseph 1189d1c1574SAnoob Joseph- 12-bit & 18-bit sequence numbers 1199d1c1574SAnoob Joseph- Uplink & downlink traffic 1209d1c1574SAnoob Joseph- HFN increment 1219d1c1574SAnoob Joseph- IV generation as required per algorithm 1229d1c1574SAnoob Joseph 1239d1c1574SAnoob JosephSupported ciphering algorithms 1249d1c1574SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1259d1c1574SAnoob Joseph 1269d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_NULL`` 1279d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_AES_CTR`` 1289d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2`` 1299d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_ZUC_EEA3`` 1309d1c1574SAnoob Joseph 1319d1c1574SAnoob JosephSupported integrity protection algorithms 1329d1c1574SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1339d1c1574SAnoob Joseph 1349d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_NULL`` 1359d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_AES_CMAC`` 1369d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_SNOW3G_UIA2`` 1379d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_ZUC_EIA3`` 1389d1c1574SAnoob Joseph 1399d1c1574SAnoob JosephSample API usage 1409d1c1574SAnoob Joseph---------------- 1419d1c1574SAnoob Joseph 1429d1c1574SAnoob JosephThe ``rte_pdcp_entity_conf`` structure is used to pass 1439d1c1574SAnoob Josephthe configuration parameters for entity creation. 1449d1c1574SAnoob Joseph 1459d1c1574SAnoob Joseph.. literalinclude:: ../../../lib/pdcp/rte_pdcp.h 1469d1c1574SAnoob Joseph :language: c 1479d1c1574SAnoob Joseph :start-after: Structure rte_pdcp_entity_conf 8< 1489d1c1574SAnoob Joseph :end-before: >8 End of structure rte_pdcp_entity_conf. 1499d1c1574SAnoob Joseph 1509d1c1574SAnoob Joseph.. code-block:: c 1519d1c1574SAnoob Joseph 1529d1c1574SAnoob Joseph struct rte_mbuf **out_mb, *pkts[MAX_BURST_SIZE]; 1539d1c1574SAnoob Joseph struct rte_crypto_op *cop[MAX_BURST_SIZE]; 1549d1c1574SAnoob Joseph struct rte_pdcp_group grp[MAX_BURST_SIZE]; 1559d1c1574SAnoob Joseph struct rte_pdcp_entity *pdcp_entity; 1569d1c1574SAnoob Joseph int nb_max_out_mb, ret, nb_grp; 1579d1c1574SAnoob Joseph uint16_t nb_ops; 1589d1c1574SAnoob Joseph 1599d1c1574SAnoob Joseph /* Create PDCP entity */ 1609d1c1574SAnoob Joseph pdcp_entity = rte_pdcp_entity_establish(&conf); 1619d1c1574SAnoob Joseph 1629d1c1574SAnoob Joseph /** 1639d1c1574SAnoob Joseph * Allocate buffer for holding mbufs returned during PDCP suspend, 1649d1c1574SAnoob Joseph * release & post-process APIs. 1659d1c1574SAnoob Joseph */ 1669d1c1574SAnoob Joseph 1679d1c1574SAnoob Joseph /* Max packets that can be cached in entity + burst size */ 1689d1c1574SAnoob Joseph nb_max_out_mb = pdcp_entity->max_pkt_cache + MAX_BURST_SIZE; 1699d1c1574SAnoob Joseph out_mb = rte_malloc(NULL, nb_max_out_mb * sizeof(uintptr_t), 0); 1709d1c1574SAnoob Joseph if (out_mb == NULL) { 1719d1c1574SAnoob Joseph /* Handle error */ 1729d1c1574SAnoob Joseph } 1739d1c1574SAnoob Joseph 1749d1c1574SAnoob Joseph while (1) { 1759d1c1574SAnoob Joseph /* Receive packet and form mbuf */ 1769d1c1574SAnoob Joseph 1779d1c1574SAnoob Joseph /** 1789d1c1574SAnoob Joseph * Prepare packets for crypto operation. 1799d1c1574SAnoob Joseph * Following operations would be done, 1809d1c1574SAnoob Joseph * 1819d1c1574SAnoob Joseph * Transmitting entity/UL (only data PDUs): 1829d1c1574SAnoob Joseph * - Perform compression 1839d1c1574SAnoob Joseph * - Assign sequence number 1849d1c1574SAnoob Joseph * - Add PDCP header 1859d1c1574SAnoob Joseph * - Create & prepare crypto_op 1869d1c1574SAnoob Joseph * - Prepare IV for crypto operation (auth_gen, encrypt) 1879d1c1574SAnoob Joseph * - Save original PDCP SDU (during PDCP re-establishment, 1889d1c1574SAnoob Joseph * unconfirmed PDCP SDUs need to be crypto processed again and 1899d1c1574SAnoob Joseph * transmitted/re-transmitted) 1909d1c1574SAnoob Joseph * 1919d1c1574SAnoob Joseph * Receiving entity/DL: 1929d1c1574SAnoob Joseph * - Any control PDUs received would be processed and 1939d1c1574SAnoob Joseph * appropriate actions taken. If data PDU, continue. 1949d1c1574SAnoob Joseph * - Determine sequence number (based on HFN & per packet SN) 1959d1c1574SAnoob Joseph * - Prepare crypto_op 1969d1c1574SAnoob Joseph * - Prepare IV for crypto operation (decrypt, auth_verify) 1979d1c1574SAnoob Joseph */ 1989d1c1574SAnoob Joseph nb_success = rte_pdcp_pkt_pre_process(pdcp_entity, pkts, cop, 1999d1c1574SAnoob Joseph nb_rx, &nb_err); 2009d1c1574SAnoob Joseph if (nb_err != 0) { 2019d1c1574SAnoob Joseph /* Handle error packets */ 2029d1c1574SAnoob Joseph } 2039d1c1574SAnoob Joseph 2049d1c1574SAnoob Joseph if ((rte_cryptodev_enqueue_burst(dev_id, qp_id, cop, nb_success) 2059d1c1574SAnoob Joseph != nb_success) { 2069d1c1574SAnoob Joseph /* Retry for enqueue failure packets */ 2079d1c1574SAnoob Joseph } 2089d1c1574SAnoob Joseph 2099d1c1574SAnoob Joseph ... 2109d1c1574SAnoob Joseph 2119d1c1574SAnoob Joseph nb_ops = rte_cryptodev_dequeue_burst(dev_id, qp_id, cop, 2129d1c1574SAnoob Joseph MAX_BURST_SIZE); 2139d1c1574SAnoob Joseph if (nb_ops == 0) 2149d1c1574SAnoob Joseph continue; 2159d1c1574SAnoob Joseph 2169d1c1574SAnoob Joseph /** 2179d1c1574SAnoob Joseph * Received a burst of completed crypto ops from cryptodev. It 2189d1c1574SAnoob Joseph * may belong to various entities. Group similar ones together 2199d1c1574SAnoob Joseph * for entity specific post-processing. 2209d1c1574SAnoob Joseph */ 2219d1c1574SAnoob Joseph 2229d1c1574SAnoob Joseph /** 2239d1c1574SAnoob Joseph * Groups similar entities together. Frees crypto op and based 2249d1c1574SAnoob Joseph * on crypto_op status, set mbuf->ol_flags which would be 2259d1c1574SAnoob Joseph * checked in rte_pdcp_pkt_post_process(). 2269d1c1574SAnoob Joseph */ 2279d1c1574SAnoob Joseph nb_grp = rte_pdcp_pkt_crypto_group(cop, pkts, grp, ret); 2289d1c1574SAnoob Joseph 2299d1c1574SAnoob Joseph for (i = 0; i != nb_grp; i++) { 2309d1c1574SAnoob Joseph 2319d1c1574SAnoob Joseph /** 2329d1c1574SAnoob Joseph * Post process packets after crypto completion. 2339d1c1574SAnoob Joseph * Following operations would be done, 2349d1c1574SAnoob Joseph * 2359d1c1574SAnoob Joseph * Transmitting entity/UL: 2369d1c1574SAnoob Joseph * - Check crypto result 2379d1c1574SAnoob Joseph * 2389d1c1574SAnoob Joseph * Receiving entity/DL: 2399d1c1574SAnoob Joseph * - Check crypto operation status 2409d1c1574SAnoob Joseph * - Check for duplication (if yes, drop duplicate) 2419d1c1574SAnoob Joseph * - Perform decompression 2429d1c1574SAnoob Joseph * - Trim PDCP header 2439d1c1574SAnoob Joseph * - Hold packet (SDU) for in-order delivery (return 2449d1c1574SAnoob Joseph * completed packets as and when sequence is 2459d1c1574SAnoob Joseph * completed) 2469d1c1574SAnoob Joseph * - If not in sequence, cache the packet and start 2479d1c1574SAnoob Joseph * t-Reordering timer. When timer expires, the 2489d1c1574SAnoob Joseph * packets need to delivered to upper layers (not 2499d1c1574SAnoob Joseph * treated as error packets). 2509d1c1574SAnoob Joseph */ 2519d1c1574SAnoob Joseph nb_success = rte_pdcp_pkt_post_process(grp[i].id.ptr, 2529d1c1574SAnoob Joseph grp[i].m, out_mb, 2539d1c1574SAnoob Joseph grp[i].cnt, 2549d1c1574SAnoob Joseph &nb_err); 2559d1c1574SAnoob Joseph if (nb_err != 0) { 2569d1c1574SAnoob Joseph /* Handle error packets */ 2579d1c1574SAnoob Joseph } 2589d1c1574SAnoob Joseph 2599d1c1574SAnoob Joseph /* Perform additional operations */ 2609d1c1574SAnoob Joseph 2619d1c1574SAnoob Joseph /** 2629d1c1574SAnoob Joseph * Transmitting entity/UL 2639d1c1574SAnoob Joseph * - If duplication is enabled, duplicate PDCP PDUs 2649d1c1574SAnoob Joseph * - When lower layers confirm reception of a PDCP PDU, 2659d1c1574SAnoob Joseph * it should be communicated to PDCP layer so that 2669d1c1574SAnoob Joseph * PDCP can drop the corresponding SDU 2679d1c1574SAnoob Joseph */ 2689d1c1574SAnoob Joseph } 2699d1c1574SAnoob Joseph } 270