1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2018 Cavium, Inc 3 */ 4 5 #include <rte_alarm.h> 6 #include <rte_bus_pci.h> 7 #include <rte_cryptodev.h> 8 #include <rte_cryptodev_pmd.h> 9 #include <rte_errno.h> 10 #include <rte_malloc.h> 11 #include <rte_mempool.h> 12 13 #include "otx_cryptodev.h" 14 #include "otx_cryptodev_capabilities.h" 15 #include "otx_cryptodev_hw_access.h" 16 #include "otx_cryptodev_mbox.h" 17 #include "otx_cryptodev_ops.h" 18 19 #include "cpt_pmd_logs.h" 20 #include "cpt_pmd_ops_helper.h" 21 #include "cpt_ucode.h" 22 #include "cpt_ucode_asym.h" 23 24 static uint64_t otx_fpm_iova[CPT_EC_ID_PMAX]; 25 26 /* Forward declarations */ 27 28 static int 29 otx_cpt_que_pair_release(struct rte_cryptodev *dev, uint16_t que_pair_id); 30 31 /* Alarm routines */ 32 33 static void 34 otx_cpt_alarm_cb(void *arg) 35 { 36 struct cpt_vf *cptvf = arg; 37 otx_cpt_poll_misc(cptvf); 38 rte_eal_alarm_set(CPT_INTR_POLL_INTERVAL_MS * 1000, 39 otx_cpt_alarm_cb, cptvf); 40 } 41 42 static int 43 otx_cpt_periodic_alarm_start(void *arg) 44 { 45 return rte_eal_alarm_set(CPT_INTR_POLL_INTERVAL_MS * 1000, 46 otx_cpt_alarm_cb, arg); 47 } 48 49 static int 50 otx_cpt_periodic_alarm_stop(void *arg) 51 { 52 return rte_eal_alarm_cancel(otx_cpt_alarm_cb, arg); 53 } 54 55 /* PMD ops */ 56 57 static int 58 otx_cpt_dev_config(struct rte_cryptodev *dev, 59 struct rte_cryptodev_config *config __rte_unused) 60 { 61 int ret = 0; 62 63 CPT_PMD_INIT_FUNC_TRACE(); 64 65 if (dev->feature_flags & RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO) 66 /* Initialize shared FPM table */ 67 ret = cpt_fpm_init(otx_fpm_iova); 68 69 return ret; 70 } 71 72 static int 73 otx_cpt_dev_start(struct rte_cryptodev *c_dev) 74 { 75 void *cptvf = c_dev->data->dev_private; 76 77 CPT_PMD_INIT_FUNC_TRACE(); 78 79 return otx_cpt_start_device(cptvf); 80 } 81 82 static void 83 otx_cpt_dev_stop(struct rte_cryptodev *c_dev) 84 { 85 void *cptvf = c_dev->data->dev_private; 86 87 CPT_PMD_INIT_FUNC_TRACE(); 88 89 if (c_dev->feature_flags & RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO) 90 cpt_fpm_clear(); 91 92 otx_cpt_stop_device(cptvf); 93 } 94 95 static int 96 otx_cpt_dev_close(struct rte_cryptodev *c_dev) 97 { 98 void *cptvf = c_dev->data->dev_private; 99 int i, ret; 100 101 CPT_PMD_INIT_FUNC_TRACE(); 102 103 for (i = 0; i < c_dev->data->nb_queue_pairs; i++) { 104 ret = otx_cpt_que_pair_release(c_dev, i); 105 if (ret) 106 return ret; 107 } 108 109 otx_cpt_periodic_alarm_stop(cptvf); 110 otx_cpt_deinit_device(cptvf); 111 112 return 0; 113 } 114 115 static void 116 otx_cpt_dev_info_get(struct rte_cryptodev *dev, struct rte_cryptodev_info *info) 117 { 118 CPT_PMD_INIT_FUNC_TRACE(); 119 if (info != NULL) { 120 info->max_nb_queue_pairs = CPT_NUM_QS_PER_VF; 121 info->feature_flags = dev->feature_flags; 122 info->capabilities = otx_get_capabilities(info->feature_flags); 123 info->sym.max_nb_sessions = 0; 124 info->driver_id = otx_cryptodev_driver_id; 125 info->min_mbuf_headroom_req = OTX_CPT_MIN_HEADROOM_REQ; 126 info->min_mbuf_tailroom_req = OTX_CPT_MIN_TAILROOM_REQ; 127 } 128 } 129 130 static int 131 otx_cpt_que_pair_setup(struct rte_cryptodev *dev, 132 uint16_t que_pair_id, 133 const struct rte_cryptodev_qp_conf *qp_conf, 134 int socket_id __rte_unused) 135 { 136 struct cpt_instance *instance = NULL; 137 struct rte_pci_device *pci_dev; 138 int ret = -1; 139 140 CPT_PMD_INIT_FUNC_TRACE(); 141 142 if (dev->data->queue_pairs[que_pair_id] != NULL) { 143 ret = otx_cpt_que_pair_release(dev, que_pair_id); 144 if (ret) 145 return ret; 146 } 147 148 if (qp_conf->nb_descriptors > DEFAULT_CMD_QLEN) { 149 CPT_LOG_INFO("Number of descriptors too big %d, using default " 150 "queue length of %d", qp_conf->nb_descriptors, 151 DEFAULT_CMD_QLEN); 152 } 153 154 pci_dev = RTE_DEV_TO_PCI(dev->device); 155 156 if (pci_dev->mem_resource[0].addr == NULL) { 157 CPT_LOG_ERR("PCI mem address null"); 158 return -EIO; 159 } 160 161 ret = otx_cpt_get_resource(dev, 0, &instance, que_pair_id); 162 if (ret != 0 || instance == NULL) { 163 CPT_LOG_ERR("Error getting instance handle from device %s : " 164 "ret = %d", dev->data->name, ret); 165 return ret; 166 } 167 168 instance->queue_id = que_pair_id; 169 instance->sess_mp = qp_conf->mp_session; 170 instance->sess_mp_priv = qp_conf->mp_session_private; 171 dev->data->queue_pairs[que_pair_id] = instance; 172 173 return 0; 174 } 175 176 static int 177 otx_cpt_que_pair_release(struct rte_cryptodev *dev, uint16_t que_pair_id) 178 { 179 struct cpt_instance *instance = dev->data->queue_pairs[que_pair_id]; 180 int ret; 181 182 CPT_PMD_INIT_FUNC_TRACE(); 183 184 ret = otx_cpt_put_resource(instance); 185 if (ret != 0) { 186 CPT_LOG_ERR("Error putting instance handle of device %s : " 187 "ret = %d", dev->data->name, ret); 188 return ret; 189 } 190 191 dev->data->queue_pairs[que_pair_id] = NULL; 192 193 return 0; 194 } 195 196 static unsigned int 197 otx_cpt_get_session_size(struct rte_cryptodev *dev __rte_unused) 198 { 199 return cpt_get_session_size(); 200 } 201 202 static int 203 sym_xform_verify(struct rte_crypto_sym_xform *xform) 204 { 205 if (xform->next) { 206 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && 207 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER && 208 xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT && 209 (xform->auth.algo != RTE_CRYPTO_AUTH_SHA1_HMAC || 210 xform->next->cipher.algo != RTE_CRYPTO_CIPHER_AES_CBC)) 211 return -ENOTSUP; 212 213 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && 214 xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT && 215 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH && 216 (xform->cipher.algo != RTE_CRYPTO_CIPHER_AES_CBC || 217 xform->next->auth.algo != RTE_CRYPTO_AUTH_SHA1_HMAC)) 218 return -ENOTSUP; 219 220 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && 221 xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC && 222 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH && 223 xform->next->auth.algo == RTE_CRYPTO_AUTH_SHA1) 224 return -ENOTSUP; 225 226 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && 227 xform->auth.algo == RTE_CRYPTO_AUTH_SHA1 && 228 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER && 229 xform->next->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC) 230 return -ENOTSUP; 231 232 } else { 233 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && 234 xform->auth.algo == RTE_CRYPTO_AUTH_NULL && 235 xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY) 236 return -ENOTSUP; 237 } 238 return 0; 239 } 240 241 static int 242 sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform, 243 struct rte_cryptodev_sym_session *sess, 244 struct rte_mempool *pool) 245 { 246 struct rte_crypto_sym_xform *temp_xform = xform; 247 struct cpt_sess_misc *misc; 248 vq_cmd_word3_t vq_cmd_w3; 249 void *priv; 250 int ret; 251 252 ret = sym_xform_verify(xform); 253 if (unlikely(ret)) 254 return ret; 255 256 if (unlikely(rte_mempool_get(pool, &priv))) { 257 CPT_LOG_ERR("Could not allocate session private data"); 258 return -ENOMEM; 259 } 260 261 memset(priv, 0, sizeof(struct cpt_sess_misc) + 262 offsetof(struct cpt_ctx, mc_ctx)); 263 264 misc = priv; 265 266 for ( ; xform != NULL; xform = xform->next) { 267 switch (xform->type) { 268 case RTE_CRYPTO_SYM_XFORM_AEAD: 269 ret = fill_sess_aead(xform, misc); 270 break; 271 case RTE_CRYPTO_SYM_XFORM_CIPHER: 272 ret = fill_sess_cipher(xform, misc); 273 break; 274 case RTE_CRYPTO_SYM_XFORM_AUTH: 275 if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) 276 ret = fill_sess_gmac(xform, misc); 277 else 278 ret = fill_sess_auth(xform, misc); 279 break; 280 default: 281 ret = -1; 282 } 283 284 if (ret) 285 goto priv_put; 286 } 287 288 if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) && 289 cpt_mac_len_verify(&temp_xform->auth)) { 290 CPT_LOG_ERR("MAC length is not supported"); 291 ret = -ENOTSUP; 292 goto priv_put; 293 } 294 295 set_sym_session_private_data(sess, driver_id, priv); 296 297 misc->ctx_dma_addr = rte_mempool_virt2iova(misc) + 298 sizeof(struct cpt_sess_misc); 299 300 vq_cmd_w3.u64 = 0; 301 vq_cmd_w3.s.grp = 0; 302 vq_cmd_w3.s.cptr = misc->ctx_dma_addr + offsetof(struct cpt_ctx, 303 mc_ctx); 304 305 misc->cpt_inst_w7 = vq_cmd_w3.u64; 306 307 return 0; 308 309 priv_put: 310 if (priv) 311 rte_mempool_put(pool, priv); 312 return -ENOTSUP; 313 } 314 315 static void 316 sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess) 317 { 318 void *priv = get_sym_session_private_data(sess, driver_id); 319 struct rte_mempool *pool; 320 321 if (priv == NULL) 322 return; 323 324 memset(priv, 0, cpt_get_session_size()); 325 326 pool = rte_mempool_from_obj(priv); 327 328 set_sym_session_private_data(sess, driver_id, NULL); 329 330 rte_mempool_put(pool, priv); 331 } 332 333 static int 334 otx_cpt_session_cfg(struct rte_cryptodev *dev, 335 struct rte_crypto_sym_xform *xform, 336 struct rte_cryptodev_sym_session *sess, 337 struct rte_mempool *pool) 338 { 339 CPT_PMD_INIT_FUNC_TRACE(); 340 341 return sym_session_configure(dev->driver_id, xform, sess, pool); 342 } 343 344 345 static void 346 otx_cpt_session_clear(struct rte_cryptodev *dev, 347 struct rte_cryptodev_sym_session *sess) 348 { 349 CPT_PMD_INIT_FUNC_TRACE(); 350 351 return sym_session_clear(dev->driver_id, sess); 352 } 353 354 static unsigned int 355 otx_cpt_asym_session_size_get(struct rte_cryptodev *dev __rte_unused) 356 { 357 return sizeof(struct cpt_asym_sess_misc); 358 } 359 360 static int 361 otx_cpt_asym_session_cfg(struct rte_cryptodev *dev, 362 struct rte_crypto_asym_xform *xform __rte_unused, 363 struct rte_cryptodev_asym_session *sess, 364 struct rte_mempool *pool) 365 { 366 struct cpt_asym_sess_misc *priv; 367 int ret; 368 369 CPT_PMD_INIT_FUNC_TRACE(); 370 371 if (rte_mempool_get(pool, (void **)&priv)) { 372 CPT_LOG_ERR("Could not allocate session private data"); 373 return -ENOMEM; 374 } 375 376 memset(priv, 0, sizeof(struct cpt_asym_sess_misc)); 377 378 ret = cpt_fill_asym_session_parameters(priv, xform); 379 if (ret) { 380 CPT_LOG_ERR("Could not configure session parameters"); 381 382 /* Return session to mempool */ 383 rte_mempool_put(pool, priv); 384 return ret; 385 } 386 387 priv->cpt_inst_w7 = 0; 388 389 set_asym_session_private_data(sess, dev->driver_id, priv); 390 return 0; 391 } 392 393 static void 394 otx_cpt_asym_session_clear(struct rte_cryptodev *dev, 395 struct rte_cryptodev_asym_session *sess) 396 { 397 struct cpt_asym_sess_misc *priv; 398 struct rte_mempool *sess_mp; 399 400 CPT_PMD_INIT_FUNC_TRACE(); 401 402 priv = get_asym_session_private_data(sess, dev->driver_id); 403 404 if (priv == NULL) 405 return; 406 407 /* Free resources allocated during session configure */ 408 cpt_free_asym_session_parameters(priv); 409 memset(priv, 0, otx_cpt_asym_session_size_get(dev)); 410 sess_mp = rte_mempool_from_obj(priv); 411 set_asym_session_private_data(sess, dev->driver_id, NULL); 412 rte_mempool_put(sess_mp, priv); 413 } 414 415 static __rte_always_inline int32_t __rte_hot 416 otx_cpt_request_enqueue(struct cpt_instance *instance, 417 struct pending_queue *pqueue, 418 void *req, uint64_t cpt_inst_w7) 419 { 420 struct cpt_request_info *user_req = (struct cpt_request_info *)req; 421 422 if (unlikely(pqueue->pending_count >= DEFAULT_CMD_QLEN)) 423 return -EAGAIN; 424 425 fill_cpt_inst(instance, req, cpt_inst_w7); 426 427 CPT_LOG_DP_DEBUG("req: %p op: %p ", req, user_req->op); 428 429 /* Fill time_out cycles */ 430 user_req->time_out = rte_get_timer_cycles() + 431 DEFAULT_COMMAND_TIMEOUT * rte_get_timer_hz(); 432 user_req->extra_time = 0; 433 434 /* Default mode of software queue */ 435 mark_cpt_inst(instance); 436 437 pqueue->req_queue[pqueue->enq_tail] = (uintptr_t)user_req; 438 439 /* We will use soft queue length here to limit requests */ 440 MOD_INC(pqueue->enq_tail, DEFAULT_CMD_QLEN); 441 pqueue->pending_count += 1; 442 443 CPT_LOG_DP_DEBUG("Submitted NB cmd with request: %p " 444 "op: %p", user_req, user_req->op); 445 return 0; 446 } 447 448 static __rte_always_inline int __rte_hot 449 otx_cpt_enq_single_asym(struct cpt_instance *instance, 450 struct rte_crypto_op *op, 451 struct pending_queue *pqueue) 452 { 453 struct cpt_qp_meta_info *minfo = &instance->meta_info; 454 struct rte_crypto_asym_op *asym_op = op->asym; 455 struct asym_op_params params = {0}; 456 struct cpt_asym_sess_misc *sess; 457 uintptr_t *cop; 458 void *mdata; 459 int ret; 460 461 if (unlikely(rte_mempool_get(minfo->pool, &mdata) < 0)) { 462 CPT_LOG_DP_ERR("Could not allocate meta buffer for request"); 463 return -ENOMEM; 464 } 465 466 sess = get_asym_session_private_data(asym_op->session, 467 otx_cryptodev_driver_id); 468 469 /* Store phys_addr of the mdata to meta_buf */ 470 params.meta_buf = rte_mempool_virt2iova(mdata); 471 472 cop = mdata; 473 cop[0] = (uintptr_t)mdata; 474 cop[1] = (uintptr_t)op; 475 cop[2] = cop[3] = 0ULL; 476 477 params.req = RTE_PTR_ADD(cop, 4 * sizeof(uintptr_t)); 478 params.req->op = cop; 479 480 /* Adjust meta_buf by crypto_op data and request_info struct */ 481 params.meta_buf += (4 * sizeof(uintptr_t)) + 482 sizeof(struct cpt_request_info); 483 484 switch (sess->xfrm_type) { 485 case RTE_CRYPTO_ASYM_XFORM_MODEX: 486 ret = cpt_modex_prep(¶ms, &sess->mod_ctx); 487 if (unlikely(ret)) 488 goto req_fail; 489 break; 490 case RTE_CRYPTO_ASYM_XFORM_RSA: 491 ret = cpt_enqueue_rsa_op(op, ¶ms, sess); 492 if (unlikely(ret)) 493 goto req_fail; 494 break; 495 case RTE_CRYPTO_ASYM_XFORM_ECDSA: 496 ret = cpt_enqueue_ecdsa_op(op, ¶ms, sess, otx_fpm_iova); 497 if (unlikely(ret)) 498 goto req_fail; 499 break; 500 case RTE_CRYPTO_ASYM_XFORM_ECPM: 501 ret = cpt_ecpm_prep(&asym_op->ecpm, ¶ms, 502 sess->ec_ctx.curveid); 503 if (unlikely(ret)) 504 goto req_fail; 505 break; 506 507 default: 508 op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; 509 ret = -EINVAL; 510 goto req_fail; 511 } 512 513 ret = otx_cpt_request_enqueue(instance, pqueue, params.req, 514 sess->cpt_inst_w7); 515 516 if (unlikely(ret)) { 517 CPT_LOG_DP_ERR("Could not enqueue crypto req"); 518 goto req_fail; 519 } 520 521 return 0; 522 523 req_fail: 524 free_op_meta(mdata, minfo->pool); 525 526 return ret; 527 } 528 529 static __rte_always_inline int __rte_hot 530 otx_cpt_enq_single_sym(struct cpt_instance *instance, 531 struct rte_crypto_op *op, 532 struct pending_queue *pqueue) 533 { 534 struct cpt_sess_misc *sess; 535 struct rte_crypto_sym_op *sym_op = op->sym; 536 struct cpt_request_info *prep_req; 537 void *mdata = NULL; 538 int ret = 0; 539 uint64_t cpt_op; 540 541 sess = (struct cpt_sess_misc *) 542 get_sym_session_private_data(sym_op->session, 543 otx_cryptodev_driver_id); 544 545 cpt_op = sess->cpt_op; 546 547 if (likely(cpt_op & CPT_OP_CIPHER_MASK)) 548 ret = fill_fc_params(op, sess, &instance->meta_info, &mdata, 549 (void **)&prep_req); 550 else 551 ret = fill_digest_params(op, sess, &instance->meta_info, 552 &mdata, (void **)&prep_req); 553 554 if (unlikely(ret)) { 555 CPT_LOG_DP_ERR("prep cryto req : op %p, cpt_op 0x%x " 556 "ret 0x%x", op, (unsigned int)cpt_op, ret); 557 return ret; 558 } 559 560 /* Enqueue prepared instruction to h/w */ 561 ret = otx_cpt_request_enqueue(instance, pqueue, prep_req, 562 sess->cpt_inst_w7); 563 564 if (unlikely(ret)) { 565 /* Buffer allocated for request preparation need to be freed */ 566 free_op_meta(mdata, instance->meta_info.pool); 567 return ret; 568 } 569 570 return 0; 571 } 572 573 static __rte_always_inline int __rte_hot 574 otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance, 575 struct rte_crypto_op *op, 576 struct pending_queue *pend_q) 577 { 578 const int driver_id = otx_cryptodev_driver_id; 579 struct rte_crypto_sym_op *sym_op = op->sym; 580 struct rte_cryptodev_sym_session *sess; 581 int ret; 582 583 /* Create temporary session */ 584 sess = rte_cryptodev_sym_session_create(instance->sess_mp); 585 if (sess == NULL) 586 return -ENOMEM; 587 588 ret = sym_session_configure(driver_id, sym_op->xform, sess, 589 instance->sess_mp_priv); 590 if (ret) 591 goto sess_put; 592 593 sym_op->session = sess; 594 595 ret = otx_cpt_enq_single_sym(instance, op, pend_q); 596 597 if (unlikely(ret)) 598 goto priv_put; 599 600 return 0; 601 602 priv_put: 603 sym_session_clear(driver_id, sess); 604 sess_put: 605 rte_mempool_put(instance->sess_mp, sess); 606 return ret; 607 } 608 609 #define OP_TYPE_SYM 0 610 #define OP_TYPE_ASYM 1 611 612 static __rte_always_inline int __rte_hot 613 otx_cpt_enq_single(struct cpt_instance *inst, 614 struct rte_crypto_op *op, 615 struct pending_queue *pqueue, 616 const uint8_t op_type) 617 { 618 /* Check for the type */ 619 620 if (op_type == OP_TYPE_SYM) { 621 if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) 622 return otx_cpt_enq_single_sym(inst, op, pqueue); 623 else 624 return otx_cpt_enq_single_sym_sessless(inst, op, 625 pqueue); 626 } 627 628 if (op_type == OP_TYPE_ASYM) { 629 if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) 630 return otx_cpt_enq_single_asym(inst, op, pqueue); 631 } 632 633 /* Should not reach here */ 634 return -ENOTSUP; 635 } 636 637 static __rte_always_inline uint16_t __rte_hot 638 otx_cpt_pkt_enqueue(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops, 639 const uint8_t op_type) 640 { 641 struct cpt_instance *instance = (struct cpt_instance *)qptr; 642 uint16_t count; 643 int ret; 644 struct cpt_vf *cptvf = (struct cpt_vf *)instance; 645 struct pending_queue *pqueue = &cptvf->pqueue; 646 647 count = DEFAULT_CMD_QLEN - pqueue->pending_count; 648 if (nb_ops > count) 649 nb_ops = count; 650 651 count = 0; 652 while (likely(count < nb_ops)) { 653 654 /* Enqueue single op */ 655 ret = otx_cpt_enq_single(instance, ops[count], pqueue, op_type); 656 657 if (unlikely(ret)) 658 break; 659 count++; 660 } 661 otx_cpt_ring_dbell(instance, count); 662 return count; 663 } 664 665 static uint16_t 666 otx_cpt_enqueue_asym(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops) 667 { 668 return otx_cpt_pkt_enqueue(qptr, ops, nb_ops, OP_TYPE_ASYM); 669 } 670 671 static uint16_t 672 otx_cpt_enqueue_sym(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops) 673 { 674 return otx_cpt_pkt_enqueue(qptr, ops, nb_ops, OP_TYPE_SYM); 675 } 676 677 static inline void 678 otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req, 679 struct rte_crypto_rsa_xform *rsa_ctx) 680 681 { 682 struct rte_crypto_rsa_op_param *rsa = &cop->asym->rsa; 683 684 switch (rsa->op_type) { 685 case RTE_CRYPTO_ASYM_OP_ENCRYPT: 686 rsa->cipher.length = rsa_ctx->n.length; 687 memcpy(rsa->cipher.data, req->rptr, rsa->cipher.length); 688 break; 689 case RTE_CRYPTO_ASYM_OP_DECRYPT: 690 if (rsa->pad == RTE_CRYPTO_RSA_PADDING_NONE) 691 rsa->message.length = rsa_ctx->n.length; 692 else { 693 /* Get length of decrypted output */ 694 rsa->message.length = rte_cpu_to_be_16 695 (*((uint16_t *)req->rptr)); 696 697 /* Offset data pointer by length fields */ 698 req->rptr += 2; 699 } 700 memcpy(rsa->message.data, req->rptr, rsa->message.length); 701 break; 702 case RTE_CRYPTO_ASYM_OP_SIGN: 703 rsa->sign.length = rsa_ctx->n.length; 704 memcpy(rsa->sign.data, req->rptr, rsa->sign.length); 705 break; 706 case RTE_CRYPTO_ASYM_OP_VERIFY: 707 if (rsa->pad == RTE_CRYPTO_RSA_PADDING_NONE) 708 rsa->sign.length = rsa_ctx->n.length; 709 else { 710 /* Get length of decrypted output */ 711 rsa->sign.length = rte_cpu_to_be_16 712 (*((uint16_t *)req->rptr)); 713 714 /* Offset data pointer by length fields */ 715 req->rptr += 2; 716 } 717 memcpy(rsa->sign.data, req->rptr, rsa->sign.length); 718 719 if (memcmp(rsa->sign.data, rsa->message.data, 720 rsa->message.length)) { 721 CPT_LOG_DP_ERR("RSA verification failed"); 722 cop->status = RTE_CRYPTO_OP_STATUS_ERROR; 723 } 724 break; 725 default: 726 CPT_LOG_DP_DEBUG("Invalid RSA operation type"); 727 cop->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; 728 break; 729 } 730 } 731 732 static __rte_always_inline void 733 otx_cpt_asym_dequeue_ecdsa_op(struct rte_crypto_ecdsa_op_param *ecdsa, 734 struct cpt_request_info *req, 735 struct cpt_asym_ec_ctx *ec) 736 737 { 738 int prime_len = ec_grp[ec->curveid].prime.length; 739 740 if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) 741 return; 742 743 /* Separate out sign r and s components */ 744 memcpy(ecdsa->r.data, req->rptr, prime_len); 745 memcpy(ecdsa->s.data, req->rptr + RTE_ALIGN_CEIL(prime_len, 8), 746 prime_len); 747 ecdsa->r.length = prime_len; 748 ecdsa->s.length = prime_len; 749 } 750 751 static __rte_always_inline void 752 otx_cpt_asym_dequeue_ecpm_op(struct rte_crypto_ecpm_op_param *ecpm, 753 struct cpt_request_info *req, 754 struct cpt_asym_ec_ctx *ec) 755 { 756 int prime_len = ec_grp[ec->curveid].prime.length; 757 758 memcpy(ecpm->r.x.data, req->rptr, prime_len); 759 memcpy(ecpm->r.y.data, req->rptr + RTE_ALIGN_CEIL(prime_len, 8), 760 prime_len); 761 ecpm->r.x.length = prime_len; 762 ecpm->r.y.length = prime_len; 763 } 764 765 static __rte_always_inline void __rte_hot 766 otx_cpt_asym_post_process(struct rte_crypto_op *cop, 767 struct cpt_request_info *req) 768 { 769 struct rte_crypto_asym_op *op = cop->asym; 770 struct cpt_asym_sess_misc *sess; 771 772 sess = get_asym_session_private_data(op->session, 773 otx_cryptodev_driver_id); 774 775 switch (sess->xfrm_type) { 776 case RTE_CRYPTO_ASYM_XFORM_RSA: 777 otx_cpt_asym_rsa_op(cop, req, &sess->rsa_ctx); 778 break; 779 case RTE_CRYPTO_ASYM_XFORM_MODEX: 780 op->modex.result.length = sess->mod_ctx.modulus.length; 781 memcpy(op->modex.result.data, req->rptr, 782 op->modex.result.length); 783 break; 784 case RTE_CRYPTO_ASYM_XFORM_ECDSA: 785 otx_cpt_asym_dequeue_ecdsa_op(&op->ecdsa, req, &sess->ec_ctx); 786 break; 787 case RTE_CRYPTO_ASYM_XFORM_ECPM: 788 otx_cpt_asym_dequeue_ecpm_op(&op->ecpm, req, &sess->ec_ctx); 789 break; 790 default: 791 CPT_LOG_DP_DEBUG("Invalid crypto xform type"); 792 cop->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; 793 break; 794 } 795 } 796 797 static __rte_always_inline void __rte_hot 798 otx_cpt_dequeue_post_process(struct rte_crypto_op *cop, uintptr_t *rsp, 799 const uint8_t op_type) 800 { 801 /* H/w has returned success */ 802 cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; 803 804 /* Perform further post processing */ 805 806 if ((op_type == OP_TYPE_SYM) && 807 (cop->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC)) { 808 /* Check if auth verify need to be completed */ 809 if (unlikely(rsp[2])) 810 compl_auth_verify(cop, (uint8_t *)rsp[2], rsp[3]); 811 return; 812 } 813 814 if ((op_type == OP_TYPE_ASYM) && 815 (cop->type == RTE_CRYPTO_OP_TYPE_ASYMMETRIC)) { 816 rsp = RTE_PTR_ADD(rsp, 4 * sizeof(uintptr_t)); 817 otx_cpt_asym_post_process(cop, (struct cpt_request_info *)rsp); 818 } 819 820 return; 821 } 822 823 static __rte_always_inline uint16_t __rte_hot 824 otx_cpt_pkt_dequeue(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops, 825 const uint8_t op_type) 826 { 827 struct cpt_instance *instance = (struct cpt_instance *)qptr; 828 struct cpt_request_info *user_req; 829 struct cpt_vf *cptvf = (struct cpt_vf *)instance; 830 uint8_t cc[nb_ops]; 831 int i, count, pcount; 832 uint8_t ret; 833 int nb_completed; 834 struct pending_queue *pqueue = &cptvf->pqueue; 835 struct rte_crypto_op *cop; 836 void *metabuf; 837 uintptr_t *rsp; 838 839 pcount = pqueue->pending_count; 840 count = (nb_ops > pcount) ? pcount : nb_ops; 841 842 for (i = 0; i < count; i++) { 843 user_req = (struct cpt_request_info *) 844 pqueue->req_queue[pqueue->deq_head]; 845 846 if (likely((i+1) < count)) { 847 rte_prefetch_non_temporal( 848 (void *)pqueue->req_queue[i+1]); 849 } 850 851 ret = check_nb_command_id(user_req, instance); 852 853 if (unlikely(ret == ERR_REQ_PENDING)) { 854 /* Stop checking for completions */ 855 break; 856 } 857 858 /* Return completion code and op handle */ 859 cc[i] = ret; 860 ops[i] = user_req->op; 861 862 CPT_LOG_DP_DEBUG("Request %p Op %p completed with code %d", 863 user_req, user_req->op, ret); 864 865 MOD_INC(pqueue->deq_head, DEFAULT_CMD_QLEN); 866 pqueue->pending_count -= 1; 867 } 868 869 nb_completed = i; 870 871 for (i = 0; i < nb_completed; i++) { 872 873 rsp = (void *)ops[i]; 874 875 if (likely((i + 1) < nb_completed)) 876 rte_prefetch0(ops[i+1]); 877 878 metabuf = (void *)rsp[0]; 879 cop = (void *)rsp[1]; 880 881 ops[i] = cop; 882 883 /* Check completion code */ 884 885 if (likely(cc[i] == 0)) { 886 /* H/w success pkt. Post process */ 887 otx_cpt_dequeue_post_process(cop, rsp, op_type); 888 } else if (cc[i] == ERR_GC_ICV_MISCOMPARE) { 889 /* auth data mismatch */ 890 cop->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; 891 } else { 892 /* Error */ 893 cop->status = RTE_CRYPTO_OP_STATUS_ERROR; 894 } 895 896 if (unlikely(cop->sess_type == RTE_CRYPTO_OP_SESSIONLESS)) { 897 void *sess_private_data_t = 898 get_sym_session_private_data(cop->sym->session, 899 otx_cryptodev_driver_id); 900 memset(sess_private_data_t, 0, 901 cpt_get_session_size()); 902 memset(cop->sym->session, 0, 903 rte_cryptodev_sym_get_existing_header_session_size( 904 cop->sym->session)); 905 rte_mempool_put(instance->sess_mp_priv, 906 sess_private_data_t); 907 rte_mempool_put(instance->sess_mp, cop->sym->session); 908 cop->sym->session = NULL; 909 } 910 free_op_meta(metabuf, instance->meta_info.pool); 911 } 912 913 return nb_completed; 914 } 915 916 static uint16_t 917 otx_cpt_dequeue_asym(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops) 918 { 919 return otx_cpt_pkt_dequeue(qptr, ops, nb_ops, OP_TYPE_ASYM); 920 } 921 922 static uint16_t 923 otx_cpt_dequeue_sym(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops) 924 { 925 return otx_cpt_pkt_dequeue(qptr, ops, nb_ops, OP_TYPE_SYM); 926 } 927 928 static struct rte_cryptodev_ops cptvf_ops = { 929 /* Device related operations */ 930 .dev_configure = otx_cpt_dev_config, 931 .dev_start = otx_cpt_dev_start, 932 .dev_stop = otx_cpt_dev_stop, 933 .dev_close = otx_cpt_dev_close, 934 .dev_infos_get = otx_cpt_dev_info_get, 935 936 .stats_get = NULL, 937 .stats_reset = NULL, 938 .queue_pair_setup = otx_cpt_que_pair_setup, 939 .queue_pair_release = otx_cpt_que_pair_release, 940 941 /* Crypto related operations */ 942 .sym_session_get_size = otx_cpt_get_session_size, 943 .sym_session_configure = otx_cpt_session_cfg, 944 .sym_session_clear = otx_cpt_session_clear, 945 946 .asym_session_get_size = otx_cpt_asym_session_size_get, 947 .asym_session_configure = otx_cpt_asym_session_cfg, 948 .asym_session_clear = otx_cpt_asym_session_clear, 949 }; 950 951 int 952 otx_cpt_dev_create(struct rte_cryptodev *c_dev) 953 { 954 struct rte_pci_device *pdev = RTE_DEV_TO_PCI(c_dev->device); 955 struct cpt_vf *cptvf = NULL; 956 void *reg_base; 957 char dev_name[32]; 958 int ret; 959 960 if (pdev->mem_resource[0].phys_addr == 0ULL) 961 return -EIO; 962 963 /* for secondary processes, we don't initialise any further as primary 964 * has already done this work. 965 */ 966 if (rte_eal_process_type() != RTE_PROC_PRIMARY) 967 return 0; 968 969 cptvf = rte_zmalloc_socket("otx_cryptodev_private_mem", 970 sizeof(struct cpt_vf), RTE_CACHE_LINE_SIZE, 971 rte_socket_id()); 972 973 if (cptvf == NULL) { 974 CPT_LOG_ERR("Cannot allocate memory for device private data"); 975 return -ENOMEM; 976 } 977 978 snprintf(dev_name, 32, "%02x:%02x.%x", 979 pdev->addr.bus, pdev->addr.devid, pdev->addr.function); 980 981 reg_base = pdev->mem_resource[0].addr; 982 if (!reg_base) { 983 CPT_LOG_ERR("Failed to map BAR0 of %s", dev_name); 984 ret = -ENODEV; 985 goto fail; 986 } 987 988 ret = otx_cpt_hw_init(cptvf, pdev, reg_base, dev_name); 989 if (ret) { 990 CPT_LOG_ERR("Failed to init cptvf %s", dev_name); 991 ret = -EIO; 992 goto fail; 993 } 994 995 switch (cptvf->vftype) { 996 case OTX_CPT_VF_TYPE_AE: 997 /* Set asymmetric cpt feature flags */ 998 c_dev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | 999 RTE_CRYPTODEV_FF_HW_ACCELERATED | 1000 RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT; 1001 break; 1002 case OTX_CPT_VF_TYPE_SE: 1003 /* Set symmetric cpt feature flags */ 1004 c_dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO | 1005 RTE_CRYPTODEV_FF_HW_ACCELERATED | 1006 RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | 1007 RTE_CRYPTODEV_FF_IN_PLACE_SGL | 1008 RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | 1009 RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT | 1010 RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT | 1011 RTE_CRYPTODEV_FF_SYM_SESSIONLESS | 1012 RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED; 1013 break; 1014 default: 1015 /* Feature not supported. Abort */ 1016 CPT_LOG_ERR("VF type not supported by %s", dev_name); 1017 ret = -EIO; 1018 goto deinit_dev; 1019 } 1020 1021 /* Start off timer for mailbox interrupts */ 1022 otx_cpt_periodic_alarm_start(cptvf); 1023 1024 c_dev->dev_ops = &cptvf_ops; 1025 1026 if (c_dev->feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) { 1027 c_dev->enqueue_burst = otx_cpt_enqueue_sym; 1028 c_dev->dequeue_burst = otx_cpt_dequeue_sym; 1029 } else { 1030 c_dev->enqueue_burst = otx_cpt_enqueue_asym; 1031 c_dev->dequeue_burst = otx_cpt_dequeue_asym; 1032 } 1033 1034 /* Save dev private data */ 1035 c_dev->data->dev_private = cptvf; 1036 1037 return 0; 1038 1039 deinit_dev: 1040 otx_cpt_deinit_device(cptvf); 1041 1042 fail: 1043 if (cptvf) { 1044 /* Free private data allocated */ 1045 rte_free(cptvf); 1046 } 1047 1048 return ret; 1049 } 1050