xref: /dpdk/drivers/crypto/dpaa_sec/dpaa_sec.h (revision d81734caccade4dc17d24d2ffd8b71244d35a69f) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  *
3  *   Copyright 2016 NXP
4  *
5  */
6 
7 #ifndef _DPAA_SEC_H_
8 #define _DPAA_SEC_H_
9 
10 #define NUM_POOL_CHANNELS	4
11 #define DPAA_SEC_BURST		32
12 #define DPAA_SEC_ALG_UNSUPPORT	(-1)
13 #define TDES_CBC_IV_LEN		8
14 #define AES_CBC_IV_LEN		16
15 #define AES_CTR_IV_LEN		16
16 #define AES_GCM_IV_LEN		12
17 
18 /* Minimum job descriptor consists of a oneword job descriptor HEADER and
19  * a pointer to the shared descriptor.
20  */
21 #define MIN_JOB_DESC_SIZE	(CAAM_CMD_SZ + CAAM_PTR_SZ)
22 /* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
23 #define CTX_POOL_NUM_BUFS	32000
24 #define CTX_POOL_BUF_SIZE	sizeof(struct dpaa_sec_op_ctx)
25 #define CTX_POOL_CACHE_SIZE	512
26 
27 #define DIR_ENC                 1
28 #define DIR_DEC                 0
29 
30 enum dpaa_sec_op_type {
31 	DPAA_SEC_NONE,  /*!< No Cipher operations*/
32 	DPAA_SEC_CIPHER,/*!< CIPHER operations */
33 	DPAA_SEC_AUTH,  /*!< Authentication Operations */
34 	DPAA_SEC_AEAD,  /*!< Authenticated Encryption with associated data */
35 	DPAA_SEC_IPSEC, /*!< IPSEC protocol operations*/
36 	DPAA_SEC_PDCP,  /*!< PDCP protocol operations*/
37 	DPAA_SEC_PKC,   /*!< Public Key Cryptographic Operations */
38 	DPAA_SEC_MAX
39 };
40 
41 typedef struct dpaa_sec_session_entry {
42 	uint8_t dir;         /*!< Operation Direction */
43 	enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
44 	enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
45 	enum rte_crypto_aead_algorithm aead_alg; /*!< Authentication Algorithm*/
46 	union {
47 		struct {
48 			uint8_t *data;	/**< pointer to key data */
49 			size_t length;	/**< key length in bytes */
50 		} aead_key;
51 		struct {
52 			struct {
53 				uint8_t *data;	/**< pointer to key data */
54 				size_t length;	/**< key length in bytes */
55 			} cipher_key;
56 			struct {
57 				uint8_t *data;	/**< pointer to key data */
58 				size_t length;	/**< key length in bytes */
59 			} auth_key;
60 		};
61 	};
62 	struct {
63 		uint16_t length;
64 		uint16_t offset;
65 	} iv;	/**< Initialisation vector parameters */
66 	uint16_t auth_only_len; /*!< Length of data for Auth only */
67 	uint32_t digest_length;
68 	struct dpaa_sec_qp *qp;
69 	struct rte_mempool *ctx_pool; /* session mempool for dpaa_sec_op_ctx */
70 } dpaa_sec_session;
71 
72 #define DPAA_SEC_MAX_DESC_SIZE  64
73 /* code or cmd block to caam */
74 struct sec_cdb {
75 	struct {
76 		union {
77 			uint32_t word;
78 			struct {
79 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
80 				uint16_t rsvd63_48;
81 				unsigned int rsvd47_39:9;
82 				unsigned int idlen:7;
83 #else
84 				unsigned int idlen:7;
85 				unsigned int rsvd47_39:9;
86 				uint16_t rsvd63_48;
87 #endif
88 			} field;
89 		} __packed hi;
90 
91 		union {
92 			uint32_t word;
93 			struct {
94 #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
95 				unsigned int rsvd31_30:2;
96 				unsigned int fsgt:1;
97 				unsigned int lng:1;
98 				unsigned int offset:2;
99 				unsigned int abs:1;
100 				unsigned int add_buf:1;
101 				uint8_t pool_id;
102 				uint16_t pool_buffer_size;
103 #else
104 				uint16_t pool_buffer_size;
105 				uint8_t pool_id;
106 				unsigned int add_buf:1;
107 				unsigned int abs:1;
108 				unsigned int offset:2;
109 				unsigned int lng:1;
110 				unsigned int fsgt:1;
111 				unsigned int rsvd31_30:2;
112 #endif
113 			} field;
114 		} __packed lo;
115 	} __packed sh_hdr;
116 
117 	uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE];
118 };
119 
120 struct dpaa_sec_qp {
121 	struct dpaa_sec_dev_private *internals;
122 	struct sec_cdb cdb;		/* cmd block associated with qp */
123 	dpaa_sec_session *ses;		/* session associated with qp */
124 	struct qman_fq inq;
125 	struct qman_fq outq;
126 	int rx_pkts;
127 	int rx_errs;
128 	int tx_pkts;
129 	int tx_errs;
130 };
131 
132 #define RTE_MAX_NB_SEC_QPS RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS
133 /* internal sec queue interface */
134 struct dpaa_sec_dev_private {
135 	void *sec_hw;
136 	struct rte_mempool *ctx_pool; /* per dev mempool for dpaa_sec_op_ctx */
137 	struct dpaa_sec_qp qps[RTE_MAX_NB_SEC_QPS]; /* i/o queue for sec */
138 	unsigned int max_nb_queue_pairs;
139 	unsigned int max_nb_sessions;
140 };
141 
142 #define MAX_SG_ENTRIES		16
143 #define SG_CACHELINE_0		0
144 #define SG_CACHELINE_1		4
145 #define SG_CACHELINE_2		8
146 #define SG_CACHELINE_3		12
147 struct dpaa_sec_job {
148 	/* sg[0] output, sg[1] input, others are possible sub frames */
149 	struct qm_sg_entry sg[MAX_SG_ENTRIES];
150 };
151 
152 #define DPAA_MAX_NB_MAX_DIGEST	32
153 struct dpaa_sec_op_ctx {
154 	struct dpaa_sec_job job;
155 	struct rte_crypto_op *op;
156 	struct rte_mempool *ctx_pool; /* mempool pointer for dpaa_sec_op_ctx */
157 	uint32_t fd_status;
158 	uint8_t digest[DPAA_MAX_NB_MAX_DIGEST];
159 };
160 
161 static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
162 	{	/* MD5 HMAC */
163 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
164 		{.sym = {
165 			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
166 			{.auth = {
167 				.algo = RTE_CRYPTO_AUTH_MD5_HMAC,
168 				.block_size = 64,
169 				.key_size = {
170 					.min = 1,
171 					.max = 64,
172 					.increment = 1
173 				},
174 				.digest_size = {
175 					.min = 16,
176 					.max = 16,
177 					.increment = 0
178 				},
179 			}, }
180 		}, }
181 	},
182 	{	/* SHA1 HMAC */
183 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
184 		{.sym = {
185 			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
186 			{.auth = {
187 				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
188 				.block_size = 64,
189 				.key_size = {
190 					.min = 1,
191 					.max = 64,
192 					.increment = 1
193 				},
194 				.digest_size = {
195 					.min = 20,
196 					.max = 20,
197 					.increment = 0
198 				},
199 			}, }
200 		}, }
201 	},
202 	{	/* SHA224 HMAC */
203 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
204 		{.sym = {
205 			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
206 			{.auth = {
207 				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
208 				.block_size = 64,
209 				.key_size = {
210 					.min = 1,
211 					.max = 64,
212 					.increment = 1
213 				},
214 				.digest_size = {
215 					.min = 28,
216 					.max = 28,
217 					.increment = 0
218 				},
219 			}, }
220 		}, }
221 	},
222 	{	/* SHA256 HMAC */
223 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
224 		{.sym = {
225 			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
226 			{.auth = {
227 				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
228 				.block_size = 64,
229 				.key_size = {
230 					.min = 1,
231 					.max = 64,
232 					.increment = 1
233 				},
234 				.digest_size = {
235 					.min = 32,
236 					.max = 32,
237 					.increment = 0
238 				},
239 			}, }
240 		}, }
241 	},
242 	{	/* SHA384 HMAC */
243 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
244 		{.sym = {
245 			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
246 			{.auth = {
247 				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
248 				.block_size = 128,
249 				.key_size = {
250 					.min = 1,
251 					.max = 128,
252 					.increment = 1
253 				},
254 				.digest_size = {
255 					.min = 48,
256 					.max = 48,
257 					.increment = 0
258 				},
259 			}, }
260 		}, }
261 	},
262 	{	/* SHA512 HMAC */
263 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
264 		{.sym = {
265 			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
266 			{.auth = {
267 				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
268 				.block_size = 128,
269 				.key_size = {
270 					.min = 1,
271 					.max = 128,
272 					.increment = 1
273 				},
274 				.digest_size = {
275 					.min = 64,
276 					.max = 64,
277 					.increment = 0
278 				},
279 			}, }
280 		}, }
281 	},
282 	{	/* AES GCM */
283 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
284 		{.sym = {
285 			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
286 			{.auth = {
287 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
288 				.block_size = 16,
289 				.key_size = {
290 					.min = 16,
291 					.max = 32,
292 					.increment = 8
293 				},
294 				.digest_size = {
295 					.min = 8,
296 					.max = 16,
297 					.increment = 4
298 				},
299 				.aad_size = {
300 					.min = 0,
301 					.max = 240,
302 					.increment = 1
303 				},
304 				.iv_size = {
305 					.min = 12,
306 					.max = 12,
307 					.increment = 0
308 				},
309 			}, }
310 		}, }
311 	},
312 	{	/* AES CBC */
313 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
314 		{.sym = {
315 			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
316 			{.cipher = {
317 				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
318 				.block_size = 16,
319 				.key_size = {
320 					.min = 16,
321 					.max = 32,
322 					.increment = 8
323 				},
324 				.iv_size = {
325 					.min = 16,
326 					.max = 16,
327 					.increment = 0
328 				}
329 			}, }
330 		}, }
331 	},
332 	{	/* AES CTR */
333 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
334 		{.sym = {
335 			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
336 			{.cipher = {
337 				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
338 				.block_size = 16,
339 				.key_size = {
340 					.min = 16,
341 					.max = 32,
342 					.increment = 8
343 				},
344 				.iv_size = {
345 					.min = 16,
346 					.max = 16,
347 					.increment = 0
348 				}
349 			}, }
350 		}, }
351 	},
352 	{	/* 3DES CBC */
353 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
354 		{.sym = {
355 			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
356 			{.cipher = {
357 				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
358 				.block_size = 8,
359 				.key_size = {
360 					.min = 16,
361 					.max = 24,
362 					.increment = 8
363 				},
364 				.iv_size = {
365 					.min = 8,
366 					.max = 8,
367 					.increment = 0
368 				}
369 			}, }
370 		}, }
371 	},
372 
373 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
374 };
375 
376 #endif /* _DPAA_SEC_H_ */
377