1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(C) 2021 Marvell. 3 */ 4 5 #ifndef __ROC_IE_ON_H__ 6 #define __ROC_IE_ON_H__ 7 8 /* CN9K IPsec LA */ 9 10 /* CN9K IPsec LA opcodes */ 11 #define ROC_IE_ON_MAJOR_OP_PROCESS_OUTBOUND_IPSEC 0x23 12 #define ROC_IE_ON_MAJOR_OP_PROCESS_INBOUND_IPSEC 0x24 13 14 #define ROC_IE_ON_INB_MAX_CTX_LEN 34UL 15 #define ROC_IE_ON_INB_IKEV2_SINGLE_SA_SUPPORT (1 << 12) 16 #define ROC_IE_ON_OUTB_MAX_CTX_LEN 31UL 17 #define ROC_IE_ON_OUTB_IKEV2_SINGLE_SA_SUPPORT (1 << 9) 18 #define ROC_IE_ON_OUTB_PER_PKT_IV (1 << 11) 19 20 /* Ucode completion codes */ 21 enum roc_ie_on_ucc_ipsec { 22 ROC_IE_ON_UCC_SUCCESS = 0, 23 ROC_IE_ON_AUTH_UNSUPPORTED = 0xB0, 24 ROC_IE_ON_ENCRYPT_UNSUPPORTED = 0xB1, 25 }; 26 27 /* Helper macros */ 28 #define ROC_IE_ON_OUTB_DPTR_HDR 16 29 #define ROC_IE_ON_INB_RPTR_HDR 16 30 #define ROC_IE_ON_MAX_IV_LEN 16 31 #define ROC_IE_ON_PER_PKT_IV BIT(43) 32 #define ROC_IE_ON_INPLACE_BIT BIT(6) 33 34 enum { 35 ROC_IE_ON_SA_FRAG_POST = 0, 36 ROC_IE_ON_SA_FRAG_PRE = 1, 37 }; 38 39 enum { 40 ROC_IE_ON_SA_ENCAP_NONE = 0, 41 ROC_IE_ON_SA_ENCAP_UDP = 1, 42 }; 43 44 enum { 45 ROC_IE_ON_IV_SRC_HW_GEN_DEFAULT = 0, 46 ROC_IE_ON_IV_SRC_FROM_DPTR = 1, 47 }; 48 49 struct roc_ie_on_outb_hdr { 50 uint32_t ip_id; 51 uint32_t seq; 52 uint32_t esn; 53 uint32_t df_tos; 54 uint8_t iv[16]; 55 }; 56 57 struct roc_ie_on_inb_hdr { 58 uint32_t sa_index; 59 uint32_t seql; 60 uint32_t seqh; 61 uint32_t pad; 62 }; 63 64 union roc_ie_on_bit_perfect_iv { 65 uint8_t aes_iv[16]; 66 uint8_t des_iv[8]; 67 struct { 68 uint8_t nonce[4]; 69 uint8_t iv[8]; 70 uint8_t counter[4]; 71 } gcm; 72 }; 73 74 struct roc_ie_on_traffic_selector { 75 uint16_t src_port[2]; 76 uint16_t dst_port[2]; 77 union { 78 struct { 79 uint32_t src_addr[2]; 80 uint32_t dst_addr[2]; 81 } ipv4; 82 struct { 83 uint8_t src_addr[32]; 84 uint8_t dst_addr[32]; 85 } ipv6; 86 }; 87 }; 88 89 struct roc_ie_on_ip_template { 90 union { 91 struct { 92 uint8_t ipv4_hdr[20]; 93 uint16_t udp_src; 94 uint16_t udp_dst; 95 } ip4; 96 struct { 97 uint8_t ipv6_hdr[40]; 98 uint16_t udp_src; 99 uint16_t udp_dst; 100 } ip6; 101 }; 102 }; 103 104 union roc_on_ipsec_outb_param1 { 105 uint16_t u16; 106 struct { 107 uint16_t l2hdr_len : 4; 108 uint16_t rsvd_4_6 : 3; 109 uint16_t gre_select : 1; 110 uint16_t dsiv : 1; 111 uint16_t ikev2 : 1; 112 uint16_t min_frag_size : 1; 113 uint16_t per_pkt_iv : 1; 114 uint16_t tfc_pad_enable : 1; 115 uint16_t tfc_dummy_pkt : 1; 116 uint16_t rfc_or_override_mode : 1; 117 uint16_t custom_hdr_or_p99 : 1; 118 } s; 119 }; 120 121 union roc_on_ipsec_inb_param2 { 122 uint16_t u16; 123 struct { 124 uint16_t rsvd_0_10 : 11; 125 uint16_t gre_select : 1; 126 uint16_t ikev2 : 1; 127 uint16_t udp_cksum : 1; 128 uint16_t ctx_addr_sel : 1; 129 uint16_t custom_hdr_or_p99 : 1; 130 } s; 131 }; 132 133 struct roc_ie_on_sa_ctl { 134 uint64_t spi : 32; 135 uint64_t exp_proto_inter_frag : 8; 136 uint64_t copy_df : 1; 137 uint64_t frag_type : 1; 138 uint64_t explicit_iv_en : 1; 139 uint64_t esn_en : 1; 140 uint64_t rsvd_45_44 : 2; 141 uint64_t encap_type : 2; 142 uint64_t enc_type : 3; 143 uint64_t rsvd_48 : 1; 144 uint64_t auth_type : 4; 145 uint64_t valid : 1; 146 uint64_t direction : 1; 147 uint64_t outer_ip_ver : 1; 148 uint64_t inner_ip_ver : 1; 149 uint64_t ipsec_mode : 1; 150 uint64_t ipsec_proto : 1; 151 uint64_t aes_key_len : 2; 152 }; 153 154 struct roc_ie_on_common_sa { 155 /* w0 */ 156 struct roc_ie_on_sa_ctl ctl; 157 158 /* w1-w4 */ 159 uint8_t cipher_key[32]; 160 161 /* w5-w6 */ 162 union roc_ie_on_bit_perfect_iv iv; 163 164 /* w7 */ 165 union { 166 uint64_t u64; 167 struct { 168 uint32_t th; 169 uint32_t tl; 170 }; 171 } seq_t; 172 }; 173 174 struct roc_ie_on_outb_sa { 175 /* w0 - w7 */ 176 struct roc_ie_on_common_sa common_sa; 177 178 /* w8-w55 */ 179 union { 180 struct { 181 struct roc_ie_on_ip_template template; 182 } aes_gcm; 183 struct { 184 uint8_t hmac_key[24]; 185 uint8_t unused[24]; 186 struct roc_ie_on_ip_template template; 187 } sha1; 188 struct { 189 uint8_t key[16]; 190 uint8_t unused[32]; 191 struct roc_ie_on_ip_template template; 192 } aes_xcbc; 193 struct { 194 uint8_t hmac_key[64]; 195 uint8_t hmac_iv[64]; 196 struct roc_ie_on_ip_template template; 197 } sha2; 198 }; 199 }; 200 201 struct roc_ie_on_inb_sa { 202 /* w0 - w7 */ 203 struct roc_ie_on_common_sa common_sa; 204 205 /* w8 */ 206 uint8_t udp_encap[8]; 207 208 /* w9-w33 */ 209 union { 210 struct { 211 uint8_t hmac_key[48]; 212 struct roc_ie_on_traffic_selector selector; 213 } sha1_or_gcm; 214 struct { 215 uint8_t key[16]; 216 uint8_t unused[32]; 217 struct roc_ie_on_traffic_selector selector; 218 } aes_xcbc; 219 struct { 220 uint8_t hmac_key[64]; 221 uint8_t hmac_iv[64]; 222 struct roc_ie_on_traffic_selector selector; 223 } sha2; 224 }; 225 }; 226 227 /* CN9K IPsec FP */ 228 229 /* CN9K IPsec FP opcodes */ 230 #define ROC_IE_ONF_MAJOR_OP_PROCESS_OUTBOUND_IPSEC 0x25UL 231 #define ROC_IE_ONF_MAJOR_OP_PROCESS_INBOUND_IPSEC 0x26UL 232 233 /* Ucode completion codes */ 234 #define ROC_IE_ON_UCC_SUCCESS 0 235 #define ROC_IE_ON_UCC_ENC_TYPE_ERR 0xB1 236 #define ROC_IE_ON_UCC_IP_VER_ERR 0xB2 237 #define ROC_IE_ON_UCC_PROTO_ERR 0xB3 238 #define ROC_IE_ON_UCC_CTX_INVALID 0xB4 239 #define ROC_IE_ON_UCC_CTX_DIR_MISMATCH 0xB5 240 #define ROC_IE_ON_UCC_IP_PAYLOAD_TYPE_ERR 0xB6 241 #define ROC_IE_ON_UCC_CTX_FLAG_MISMATCH 0xB7 242 #define ROC_IE_ON_UCC_SPI_MISMATCH 0xBE 243 #define ROC_IE_ON_UCC_IP_CHKSUM_ERR 0xBF 244 #define ROC_IE_ON_UCC_AUTH_ERR 0xC3 245 #define ROC_IE_ON_UCC_PADDING_INVALID 0xC4 246 #define ROC_IE_ON_UCC_SA_MISMATCH 0xCC 247 #define ROC_IE_ON_UCC_L2_HDR_INFO_ERR 0xCF 248 #define ROC_IE_ON_UCC_L2_HDR_LEN_ERR 0xE0 249 250 #define ROC_ONF_IPSEC_INB_MAX_L2_SZ 32UL 251 #define ROC_ONF_IPSEC_OUTB_MAX_L2_SZ 30UL 252 #define ROC_ONF_IPSEC_OUTB_MAX_L2_INFO_SZ (ROC_ONF_IPSEC_OUTB_MAX_L2_SZ + 2) 253 254 #define ROC_ONF_IPSEC_INB_RES_OFF 80 255 #define ROC_ONF_IPSEC_INB_SPI_SEQ_SZ 16 256 257 struct roc_onf_ipsec_outb_hdr { 258 uint32_t ip_id; 259 uint32_t seq; 260 uint8_t iv[16]; 261 }; 262 263 #endif /* __ROC_IE_ON_H__ */ 264