1*9d1c1574SAnoob Joseph.. SPDX-License-Identifier: BSD-3-Clause 2*9d1c1574SAnoob Joseph Copyright(C) 2023 Marvell. 3*9d1c1574SAnoob Joseph 4*9d1c1574SAnoob JosephPDCP Protocol Processing Library 5*9d1c1574SAnoob Joseph================================ 6*9d1c1574SAnoob Joseph 7*9d1c1574SAnoob JosephDPDK provides a library for PDCP protocol processing. 8*9d1c1574SAnoob JosephThe library utilizes other DPDK libraries such as cryptodev, reorder, etc., 9*9d1c1574SAnoob Josephto provide the application with a transparent and 10*9d1c1574SAnoob Josephhigh performant PDCP protocol processing library. 11*9d1c1574SAnoob Joseph 12*9d1c1574SAnoob JosephThe library abstracts complete PDCP protocol processing conforming to 13*9d1c1574SAnoob Joseph`ETSI TS 138 323 V17.1.0 (2022-08) 14*9d1c1574SAnoob Joseph<https://www.etsi.org/deliver/etsi_ts/138300_138399/138323/17.01.00_60/ts_138323v170100p.pdf>`_ 15*9d1c1574SAnoob Joseph 16*9d1c1574SAnoob JosephPDCP would involve the following operations: 17*9d1c1574SAnoob Joseph 18*9d1c1574SAnoob Joseph#. Transfer of user plane data 19*9d1c1574SAnoob Joseph#. Transfer of control plane data 20*9d1c1574SAnoob Joseph#. Header compression 21*9d1c1574SAnoob Joseph#. Uplink data compression 22*9d1c1574SAnoob Joseph#. Ciphering and integrity protection 23*9d1c1574SAnoob Joseph 24*9d1c1574SAnoob Joseph.. _figure_pdcp_functional_overview: 25*9d1c1574SAnoob Joseph 26*9d1c1574SAnoob Joseph.. figure:: img/pdcp_functional_overview.* 27*9d1c1574SAnoob Joseph 28*9d1c1574SAnoob Joseph PDCP functional overview 29*9d1c1574SAnoob Joseph 30*9d1c1574SAnoob JosephPDCP library would abstract the protocol offload features of the cryptodev and 31*9d1c1574SAnoob Josephwould provide a uniform interface and consistent API usage 32*9d1c1574SAnoob Josephto work with cryptodev irrespective of the protocol offload features supported. 33*9d1c1574SAnoob Joseph 34*9d1c1574SAnoob JosephPDCP entity API 35*9d1c1574SAnoob Joseph--------------- 36*9d1c1574SAnoob Joseph 37*9d1c1574SAnoob JosephPDCP library provides following control path API that is used to 38*9d1c1574SAnoob Josephconfigure various PDCP entities: 39*9d1c1574SAnoob Joseph 40*9d1c1574SAnoob Joseph- ``rte_pdcp_entity_establish()`` 41*9d1c1574SAnoob Joseph- ``rte_pdcp_entity_suspend()`` 42*9d1c1574SAnoob Joseph- ``rte_pdcp_entity_release()`` 43*9d1c1574SAnoob Joseph 44*9d1c1574SAnoob JosephA PDCP entity would translate to one ``rte_cryptodev_sym_session`` or 45*9d1c1574SAnoob Joseph``rte_security_session`` based on the config. 46*9d1c1574SAnoob JosephThe sessions would be created/destroyed 47*9d1c1574SAnoob Josephwhile corresponding PDCP entity operations are performed. 48*9d1c1574SAnoob Joseph 49*9d1c1574SAnoob JosephWhen upper layers request a PDCP entity suspend (``rte_pdcp_entity_suspend()``), 50*9d1c1574SAnoob Josephit would result in flushing out of all cached packets and 51*9d1c1574SAnoob Josephinternal state variables are updated as described in 5.1.4. 52*9d1c1574SAnoob Joseph 53*9d1c1574SAnoob JosephWhen upper layers request a PDCP entity release (``rte_pdcp_entity_release()``), 54*9d1c1574SAnoob Josephit would result in flushing out of all cached packets 55*9d1c1574SAnoob Josephand releasing of all memory associated with the entity. 56*9d1c1574SAnoob JosephIt would internally free any crypto/security sessions created. 57*9d1c1574SAnoob JosephAll procedures mentioned in 5.1.3 would be performed. 58*9d1c1574SAnoob Joseph 59*9d1c1574SAnoob JosephPDCP PDU (Protocol Data Unit) API 60*9d1c1574SAnoob Joseph--------------------------------- 61*9d1c1574SAnoob Joseph 62*9d1c1574SAnoob JosephPDCP PDUs can be categorized as: 63*9d1c1574SAnoob Joseph 64*9d1c1574SAnoob Joseph- Control PDU 65*9d1c1574SAnoob Joseph- Data PDU 66*9d1c1574SAnoob Joseph 67*9d1c1574SAnoob JosephControl PDUs are used for signalling between entities on either end 68*9d1c1574SAnoob Josephand can be one of the following: 69*9d1c1574SAnoob Joseph 70*9d1c1574SAnoob Joseph- PDCP status report 71*9d1c1574SAnoob Joseph- ROHC feedback 72*9d1c1574SAnoob Joseph- EHC feedback 73*9d1c1574SAnoob Joseph 74*9d1c1574SAnoob JosephControl PDUs are not ciphered or authenticated, 75*9d1c1574SAnoob Josephand so such packets are not submitted to cryptodev for processing. 76*9d1c1574SAnoob Joseph 77*9d1c1574SAnoob JosephData PDUs are regular packets submitted by upper layers 78*9d1c1574SAnoob Josephfor transmission to other end. 79*9d1c1574SAnoob JosephSuch packets would need to be ciphered and authenticated 80*9d1c1574SAnoob Josephbased on the entity configuration. 81*9d1c1574SAnoob Joseph 82*9d1c1574SAnoob JosephPDCP packet processing API for data PDU 83*9d1c1574SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 84*9d1c1574SAnoob Joseph 85*9d1c1574SAnoob JosephPDCP processing is split into 2 parts. 86*9d1c1574SAnoob JosephOne before cryptodev processing (``rte_pdcp_pkt_pre_process()``) 87*9d1c1574SAnoob Josephand one after cryptodev processing (``rte_pdcp_pkt_post_process()``). 88*9d1c1574SAnoob JosephSince cryptodev dequeue can return crypto operations 89*9d1c1574SAnoob Josephbelonging to multiple entities, ``rte_pdcp_pkt_crypto_group()`` 90*9d1c1574SAnoob Josephis added to help grouping crypto operations belonging to same PDCP entity. 91*9d1c1574SAnoob Joseph 92*9d1c1574SAnoob JosephLib PDCP would allow application to use same API sequence 93*9d1c1574SAnoob Josephwhile leveraging protocol offload features enabled by ``rte_security`` library. 94*9d1c1574SAnoob Joseph 95*9d1c1574SAnoob JosephLib PDCP would internally change the handles registered 96*9d1c1574SAnoob Josephfor ``pre_process`` and ``post_process`` based on features enabled in the entity. 97*9d1c1574SAnoob Joseph 98*9d1c1574SAnoob JosephLib PDCP would create the required sessions on the device 99*9d1c1574SAnoob Josephprovided in entity to minimize the application requirements. 100*9d1c1574SAnoob JosephAlso, the ``rte_crypto_op`` allocation and free would also be done internally 101*9d1c1574SAnoob Josephby lib PDCP to allow the library to create crypto ops as required for the input packets. 102*9d1c1574SAnoob JosephFor example, when control PDUs are received, no cryptodev enqueue-dequeue is expected 103*9d1c1574SAnoob Josephfor the same and lib PDCP is expected to handle it differently. 104*9d1c1574SAnoob Joseph 105*9d1c1574SAnoob JosephSupported features 106*9d1c1574SAnoob Joseph------------------ 107*9d1c1574SAnoob Joseph 108*9d1c1574SAnoob Joseph- 12-bit & 18-bit sequence numbers 109*9d1c1574SAnoob Joseph- Uplink & downlink traffic 110*9d1c1574SAnoob Joseph- HFN increment 111*9d1c1574SAnoob Joseph- IV generation as required per algorithm 112*9d1c1574SAnoob Joseph 113*9d1c1574SAnoob JosephSupported ciphering algorithms 114*9d1c1574SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 115*9d1c1574SAnoob Joseph 116*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_NULL`` 117*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_AES_CTR`` 118*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2`` 119*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_CIPHER_ZUC_EEA3`` 120*9d1c1574SAnoob Joseph 121*9d1c1574SAnoob JosephSupported integrity protection algorithms 122*9d1c1574SAnoob Joseph~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 123*9d1c1574SAnoob Joseph 124*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_NULL`` 125*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_AES_CMAC`` 126*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_SNOW3G_UIA2`` 127*9d1c1574SAnoob Joseph- ``RTE_CRYPTO_AUTH_ZUC_EIA3`` 128*9d1c1574SAnoob Joseph 129*9d1c1574SAnoob JosephSample API usage 130*9d1c1574SAnoob Joseph---------------- 131*9d1c1574SAnoob Joseph 132*9d1c1574SAnoob JosephThe ``rte_pdcp_entity_conf`` structure is used to pass 133*9d1c1574SAnoob Josephthe configuration parameters for entity creation. 134*9d1c1574SAnoob Joseph 135*9d1c1574SAnoob Joseph.. literalinclude:: ../../../lib/pdcp/rte_pdcp.h 136*9d1c1574SAnoob Joseph :language: c 137*9d1c1574SAnoob Joseph :start-after: Structure rte_pdcp_entity_conf 8< 138*9d1c1574SAnoob Joseph :end-before: >8 End of structure rte_pdcp_entity_conf. 139*9d1c1574SAnoob Joseph 140*9d1c1574SAnoob Joseph.. code-block:: c 141*9d1c1574SAnoob Joseph 142*9d1c1574SAnoob Joseph struct rte_mbuf **out_mb, *pkts[MAX_BURST_SIZE]; 143*9d1c1574SAnoob Joseph struct rte_crypto_op *cop[MAX_BURST_SIZE]; 144*9d1c1574SAnoob Joseph struct rte_pdcp_group grp[MAX_BURST_SIZE]; 145*9d1c1574SAnoob Joseph struct rte_pdcp_entity *pdcp_entity; 146*9d1c1574SAnoob Joseph int nb_max_out_mb, ret, nb_grp; 147*9d1c1574SAnoob Joseph uint16_t nb_ops; 148*9d1c1574SAnoob Joseph 149*9d1c1574SAnoob Joseph /* Create PDCP entity */ 150*9d1c1574SAnoob Joseph pdcp_entity = rte_pdcp_entity_establish(&conf); 151*9d1c1574SAnoob Joseph 152*9d1c1574SAnoob Joseph /** 153*9d1c1574SAnoob Joseph * Allocate buffer for holding mbufs returned during PDCP suspend, 154*9d1c1574SAnoob Joseph * release & post-process APIs. 155*9d1c1574SAnoob Joseph */ 156*9d1c1574SAnoob Joseph 157*9d1c1574SAnoob Joseph /* Max packets that can be cached in entity + burst size */ 158*9d1c1574SAnoob Joseph nb_max_out_mb = pdcp_entity->max_pkt_cache + MAX_BURST_SIZE; 159*9d1c1574SAnoob Joseph out_mb = rte_malloc(NULL, nb_max_out_mb * sizeof(uintptr_t), 0); 160*9d1c1574SAnoob Joseph if (out_mb == NULL) { 161*9d1c1574SAnoob Joseph /* Handle error */ 162*9d1c1574SAnoob Joseph } 163*9d1c1574SAnoob Joseph 164*9d1c1574SAnoob Joseph while (1) { 165*9d1c1574SAnoob Joseph /* Receive packet and form mbuf */ 166*9d1c1574SAnoob Joseph 167*9d1c1574SAnoob Joseph /** 168*9d1c1574SAnoob Joseph * Prepare packets for crypto operation. 169*9d1c1574SAnoob Joseph * Following operations would be done, 170*9d1c1574SAnoob Joseph * 171*9d1c1574SAnoob Joseph * Transmitting entity/UL (only data PDUs): 172*9d1c1574SAnoob Joseph * - Perform compression 173*9d1c1574SAnoob Joseph * - Assign sequence number 174*9d1c1574SAnoob Joseph * - Add PDCP header 175*9d1c1574SAnoob Joseph * - Create & prepare crypto_op 176*9d1c1574SAnoob Joseph * - Prepare IV for crypto operation (auth_gen, encrypt) 177*9d1c1574SAnoob Joseph * - Save original PDCP SDU (during PDCP re-establishment, 178*9d1c1574SAnoob Joseph * unconfirmed PDCP SDUs need to be crypto processed again and 179*9d1c1574SAnoob Joseph * transmitted/re-transmitted) 180*9d1c1574SAnoob Joseph * 181*9d1c1574SAnoob Joseph * Receiving entity/DL: 182*9d1c1574SAnoob Joseph * - Any control PDUs received would be processed and 183*9d1c1574SAnoob Joseph * appropriate actions taken. If data PDU, continue. 184*9d1c1574SAnoob Joseph * - Determine sequence number (based on HFN & per packet SN) 185*9d1c1574SAnoob Joseph * - Prepare crypto_op 186*9d1c1574SAnoob Joseph * - Prepare IV for crypto operation (decrypt, auth_verify) 187*9d1c1574SAnoob Joseph */ 188*9d1c1574SAnoob Joseph nb_success = rte_pdcp_pkt_pre_process(pdcp_entity, pkts, cop, 189*9d1c1574SAnoob Joseph nb_rx, &nb_err); 190*9d1c1574SAnoob Joseph if (nb_err != 0) { 191*9d1c1574SAnoob Joseph /* Handle error packets */ 192*9d1c1574SAnoob Joseph } 193*9d1c1574SAnoob Joseph 194*9d1c1574SAnoob Joseph if ((rte_cryptodev_enqueue_burst(dev_id, qp_id, cop, nb_success) 195*9d1c1574SAnoob Joseph != nb_success) { 196*9d1c1574SAnoob Joseph /* Retry for enqueue failure packets */ 197*9d1c1574SAnoob Joseph } 198*9d1c1574SAnoob Joseph 199*9d1c1574SAnoob Joseph ... 200*9d1c1574SAnoob Joseph 201*9d1c1574SAnoob Joseph nb_ops = rte_cryptodev_dequeue_burst(dev_id, qp_id, cop, 202*9d1c1574SAnoob Joseph MAX_BURST_SIZE); 203*9d1c1574SAnoob Joseph if (nb_ops == 0) 204*9d1c1574SAnoob Joseph continue; 205*9d1c1574SAnoob Joseph 206*9d1c1574SAnoob Joseph /** 207*9d1c1574SAnoob Joseph * Received a burst of completed crypto ops from cryptodev. It 208*9d1c1574SAnoob Joseph * may belong to various entities. Group similar ones together 209*9d1c1574SAnoob Joseph * for entity specific post-processing. 210*9d1c1574SAnoob Joseph */ 211*9d1c1574SAnoob Joseph 212*9d1c1574SAnoob Joseph /** 213*9d1c1574SAnoob Joseph * Groups similar entities together. Frees crypto op and based 214*9d1c1574SAnoob Joseph * on crypto_op status, set mbuf->ol_flags which would be 215*9d1c1574SAnoob Joseph * checked in rte_pdcp_pkt_post_process(). 216*9d1c1574SAnoob Joseph */ 217*9d1c1574SAnoob Joseph nb_grp = rte_pdcp_pkt_crypto_group(cop, pkts, grp, ret); 218*9d1c1574SAnoob Joseph 219*9d1c1574SAnoob Joseph for (i = 0; i != nb_grp; i++) { 220*9d1c1574SAnoob Joseph 221*9d1c1574SAnoob Joseph /** 222*9d1c1574SAnoob Joseph * Post process packets after crypto completion. 223*9d1c1574SAnoob Joseph * Following operations would be done, 224*9d1c1574SAnoob Joseph * 225*9d1c1574SAnoob Joseph * Transmitting entity/UL: 226*9d1c1574SAnoob Joseph * - Check crypto result 227*9d1c1574SAnoob Joseph * 228*9d1c1574SAnoob Joseph * Receiving entity/DL: 229*9d1c1574SAnoob Joseph * - Check crypto operation status 230*9d1c1574SAnoob Joseph * - Check for duplication (if yes, drop duplicate) 231*9d1c1574SAnoob Joseph * - Perform decompression 232*9d1c1574SAnoob Joseph * - Trim PDCP header 233*9d1c1574SAnoob Joseph * - Hold packet (SDU) for in-order delivery (return 234*9d1c1574SAnoob Joseph * completed packets as and when sequence is 235*9d1c1574SAnoob Joseph * completed) 236*9d1c1574SAnoob Joseph * - If not in sequence, cache the packet and start 237*9d1c1574SAnoob Joseph * t-Reordering timer. When timer expires, the 238*9d1c1574SAnoob Joseph * packets need to delivered to upper layers (not 239*9d1c1574SAnoob Joseph * treated as error packets). 240*9d1c1574SAnoob Joseph */ 241*9d1c1574SAnoob Joseph nb_success = rte_pdcp_pkt_post_process(grp[i].id.ptr, 242*9d1c1574SAnoob Joseph grp[i].m, out_mb, 243*9d1c1574SAnoob Joseph grp[i].cnt, 244*9d1c1574SAnoob Joseph &nb_err); 245*9d1c1574SAnoob Joseph if (nb_err != 0) { 246*9d1c1574SAnoob Joseph /* Handle error packets */ 247*9d1c1574SAnoob Joseph } 248*9d1c1574SAnoob Joseph 249*9d1c1574SAnoob Joseph /* Perform additional operations */ 250*9d1c1574SAnoob Joseph 251*9d1c1574SAnoob Joseph /** 252*9d1c1574SAnoob Joseph * Transmitting entity/UL 253*9d1c1574SAnoob Joseph * - If duplication is enabled, duplicate PDCP PDUs 254*9d1c1574SAnoob Joseph * - When lower layers confirm reception of a PDCP PDU, 255*9d1c1574SAnoob Joseph * it should be communicated to PDCP layer so that 256*9d1c1574SAnoob Joseph * PDCP can drop the corresponding SDU 257*9d1c1574SAnoob Joseph */ 258*9d1c1574SAnoob Joseph } 259*9d1c1574SAnoob Joseph } 260