[dpdk-dev] [PATCH v4 10/23] crypto/octeontx: add session management ops

Anoob Joseph anoob.joseph at caviumnetworks.com
Tue Oct 9 11:07:43 CEST 2018


From: Nithin Dabilpuram <nithin.dabilpuram at caviumnetworks.com>

Adding routines for session configure, session clear and get session
size ops.

Signed-off-by: Ankur Dwivedi <ankur.dwivedi at caviumnetworks.com>
Signed-off-by: Anoob Joseph <anoob.joseph at caviumnetworks.com>
Signed-off-by: Murthy NSSR <nidadavolu.murthy at caviumnetworks.com>
Signed-off-by: Nithin Dabilpuram <nithin.dabilpuram at caviumnetworks.com>
Signed-off-by: Ragothaman Jayaraman <rjayaraman at caviumnetworks.com>
Signed-off-by: Srisivasubramanian S <ssrinivasan at caviumnetworks.com>
Signed-off-by: Tejasree Kondoj <kondoj.tejasree at caviumnetworks.com>
---
 drivers/common/cpt/cpt_mcode_defines.h      | 119 ++++++++++++++++++++++++++++
 drivers/common/cpt/cpt_request_mgr.h        |  32 ++++++++
 drivers/common/cpt/cpt_ucode.h              |  47 +++++++++++
 drivers/crypto/octeontx/otx_cryptodev_ops.c |  84 +++++++++++++++++++-
 4 files changed, 279 insertions(+), 3 deletions(-)
 create mode 100644 drivers/common/cpt/cpt_request_mgr.h
 create mode 100644 drivers/common/cpt/cpt_ucode.h

diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index 83a8a42..235320c 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -5,6 +5,9 @@
 #ifndef _CPT_MCODE_DEFINES_H_
 #define _CPT_MCODE_DEFINES_H_
 
+#include <rte_byteorder.h>
+#include <rte_memory.h>
+
 /*
  * This file defines macros and structures according to microcode spec
  *
@@ -35,4 +38,120 @@ typedef struct sglist_comp {
 	uint64_t ptr[4];
 } sg_comp_t;
 
+struct cpt_sess_misc {
+	/** CPT opcode */
+	uint16_t cpt_op:4;
+	/** ZUC, SNOW3G &  KASUMI flags */
+	uint16_t zsk_flag:4;
+	/** Flag for AES GCM */
+	uint16_t aes_gcm:1;
+	/** Flag for AES CTR */
+	uint16_t aes_ctr:1;
+	/** Flag for NULL cipher/auth */
+	uint16_t is_null:1;
+	/** Flag for GMAC */
+	uint16_t is_gmac:1;
+	/** AAD length */
+	uint16_t aad_length;
+	/** MAC len in bytes */
+	uint8_t mac_len;
+	/** IV length in bytes */
+	uint8_t iv_length;
+	/** Auth IV length in bytes */
+	uint8_t auth_iv_length;
+	/** Reserved field */
+	uint8_t rsvd1;
+	/** IV offset in bytes */
+	uint16_t iv_offset;
+	/** Auth IV offset in bytes */
+	uint16_t auth_iv_offset;
+	/** Salt */
+	uint32_t salt;
+	/** Context DMA address */
+	phys_addr_t ctx_dma_addr;
+};
+
+typedef union {
+	uint64_t flags;
+	struct {
+#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN
+		uint64_t enc_cipher   : 4;
+		uint64_t reserved1    : 1;
+		uint64_t aes_key      : 2;
+		uint64_t iv_source    : 1;
+		uint64_t hash_type    : 4;
+		uint64_t reserved2    : 3;
+		uint64_t auth_input_type : 1;
+		uint64_t mac_len      : 8;
+		uint64_t reserved3    : 8;
+		uint64_t encr_offset  : 16;
+		uint64_t iv_offset    : 8;
+		uint64_t auth_offset  : 8;
+#else
+		uint64_t auth_offset  : 8;
+		uint64_t iv_offset    : 8;
+		uint64_t encr_offset  : 16;
+		uint64_t reserved3    : 8;
+		uint64_t mac_len      : 8;
+		uint64_t auth_input_type : 1;
+		uint64_t reserved2    : 3;
+		uint64_t hash_type    : 4;
+		uint64_t iv_source    : 1;
+		uint64_t aes_key      : 2;
+		uint64_t reserved1    : 1;
+		uint64_t enc_cipher   : 4;
+#endif
+	} e;
+} encr_ctrl_t;
+
+typedef struct {
+	encr_ctrl_t enc_ctrl;
+	uint8_t  encr_key[32];
+	uint8_t  encr_iv[16];
+} mc_enc_context_t;
+
+typedef struct {
+	uint8_t  ipad[64];
+	uint8_t  opad[64];
+} mc_fc_hmac_context_t;
+
+typedef struct {
+	mc_enc_context_t     enc;
+	mc_fc_hmac_context_t hmac;
+} mc_fc_context_t;
+
+typedef struct {
+	uint8_t encr_auth_iv[16];
+	uint8_t ci_key[16];
+	uint8_t zuc_const[32];
+} mc_zuc_snow3g_ctx_t;
+
+typedef struct {
+	uint8_t reg_A[8];
+	uint8_t ci_key[16];
+} mc_kasumi_ctx_t;
+
+struct cpt_ctx {
+	/* Below fields are accessed by sw */
+	uint64_t enc_cipher	:8;
+	uint64_t hash_type	:8;
+	uint64_t mac_len	:8;
+	uint64_t auth_key_len	:8;
+	uint64_t fc_type	:4;
+	uint64_t hmac		:1;
+	uint64_t zsk_flags	:3;
+	uint64_t k_ecb		:1;
+	uint64_t snow3g		:1;
+	uint64_t rsvd		:22;
+	/* Below fields are accessed by hardware */
+	union {
+		mc_fc_context_t fctx;
+		mc_zuc_snow3g_ctx_t zs_ctx;
+		mc_kasumi_ctx_t k_ctx;
+	};
+	uint8_t  auth_key[64];
+};
+
+#define CPT_P_ENC_CTRL(fctx)  fctx->enc.enc_ctrl.e
+
 #endif /* _CPT_MCODE_DEFINES_H_ */
diff --git a/drivers/common/cpt/cpt_request_mgr.h b/drivers/common/cpt/cpt_request_mgr.h
new file mode 100644
index 0000000..fe184fe
--- /dev/null
+++ b/drivers/common/cpt/cpt_request_mgr.h
@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Cavium, Inc
+ */
+
+#ifndef _CPT_REQUEST_MGR_H_
+#define _CPT_REQUEST_MGR_H_
+
+#include "cpt_mcode_defines.h"
+
+/*
+ * This file defines the agreement between the common layer and the individual
+ * crypto drivers for OCTEON TX series. Datapath in otx* directory include this
+ * file and all these functions are static inlined for better performance.
+ *
+ */
+
+/*
+ * Get the session size
+ *
+ * This function is used in the data path.
+ *
+ * @return
+ *   - session size
+ */
+static __rte_always_inline unsigned int
+cpt_get_session_size(void)
+{
+	unsigned int ctx_len = sizeof(struct cpt_ctx);
+	return (sizeof(struct cpt_sess_misc) + RTE_ALIGN_CEIL(ctx_len, 8));
+}
+
+#endif /* _CPT_REQUEST_MGR_H_ */
diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
new file mode 100644
index 0000000..e4f16fe
--- /dev/null
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -0,0 +1,47 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Cavium, Inc
+ */
+
+#ifndef _CPT_UCODE_H_
+#define _CPT_UCODE_H_
+
+#include "cpt_mcode_defines.h"
+
+/*
+ * This file defines functions that are interfaces to microcode spec.
+ *
+ */
+
+static __rte_always_inline int
+cpt_is_algo_supported(struct rte_crypto_sym_xform *xform)
+{
+	/*
+	 * Microcode only supports the following combination.
+	 * Encryption followed by authentication
+	 * Authentication followed by decryption
+	 */
+	if (xform->next) {
+		if ((xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
+		    (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
+		    (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)) {
+			/* Unsupported as of now by microcode */
+			CPT_LOG_DP_ERR("Unsupported combination");
+			return -1;
+		}
+		if ((xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
+		    (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
+		    (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)) {
+			/* For GMAC auth there is no cipher operation */
+			if (xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM ||
+			    xform->next->auth.algo !=
+			    RTE_CRYPTO_AUTH_AES_GMAC) {
+				/* Unsupported as of now by microcode */
+				CPT_LOG_DP_ERR("Unsupported combination");
+				return -1;
+			}
+		}
+	}
+	return 0;
+}
+
+#endif /*_CPT_UCODE_H_ */
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index ed33334..653f372 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -10,6 +10,8 @@
 
 #include "cpt_pmd_logs.h"
 #include "cpt_pmd_ops_helper.h"
+#include "cpt_ucode.h"
+#include "cpt_request_mgr.h"
 
 #include "otx_cryptodev.h"
 #include "otx_cryptodev_capabilities.h"
@@ -246,6 +248,82 @@ otx_cpt_que_pair_release(struct rte_cryptodev *dev, uint16_t que_pair_id)
 	return 0;
 }
 
+static unsigned int
+otx_cpt_get_session_size(struct rte_cryptodev *dev __rte_unused)
+{
+	return cpt_get_session_size();
+}
+
+static void
+otx_cpt_session_init(void *sym_sess, uint8_t driver_id)
+{
+	struct rte_cryptodev_sym_session *sess = sym_sess;
+	struct cpt_sess_misc *cpt_sess =
+	 (struct cpt_sess_misc *) get_sym_session_private_data(sess, driver_id);
+
+	CPT_PMD_INIT_FUNC_TRACE();
+	cpt_sess->ctx_dma_addr = rte_mempool_virt2iova(cpt_sess) +
+			sizeof(struct cpt_sess_misc);
+}
+
+static int
+otx_cpt_session_cfg(struct rte_cryptodev *dev,
+		    struct rte_crypto_sym_xform *xform,
+		    struct rte_cryptodev_sym_session *sess,
+		    struct rte_mempool *mempool)
+{
+	struct rte_crypto_sym_xform *chain;
+	void *sess_private_data = NULL;
+
+	CPT_PMD_INIT_FUNC_TRACE();
+
+	if (cpt_is_algo_supported(xform))
+		goto err;
+
+	if (unlikely(sess == NULL)) {
+		CPT_LOG_ERR("invalid session struct");
+		return -EINVAL;
+	}
+
+	if (rte_mempool_get(mempool, &sess_private_data)) {
+		CPT_LOG_ERR("Could not allocate sess_private_data");
+		return -ENOMEM;
+	}
+
+	chain = xform;
+	while (chain) {
+		switch (chain->type) {
+		default:
+			CPT_LOG_ERR("Invalid crypto xform type");
+			break;
+		}
+		chain = chain->next;
+	}
+	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
+	otx_cpt_session_init(sess, dev->driver_id);
+	return 0;
+
+err:
+	if (sess_private_data)
+		rte_mempool_put(mempool, sess_private_data);
+	return -EPERM;
+}
+
+static void
+otx_cpt_session_clear(struct rte_cryptodev *dev,
+		  struct rte_cryptodev_sym_session *sess)
+{
+	void *sess_priv = get_sym_session_private_data(sess, dev->driver_id);
+
+	CPT_PMD_INIT_FUNC_TRACE();
+	if (sess_priv) {
+		memset(sess_priv, 0, otx_cpt_get_session_size(dev));
+		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+		set_sym_session_private_data(sess, dev->driver_id, NULL);
+		rte_mempool_put(sess_mp, sess_priv);
+	}
+}
+
 static struct rte_cryptodev_ops cptvf_ops = {
 	/* Device related operations */
 	.dev_configure = otx_cpt_dev_config,
@@ -261,9 +339,9 @@ static struct rte_cryptodev_ops cptvf_ops = {
 	.queue_pair_count = NULL,
 
 	/* Crypto related operations */
-	.sym_session_get_size = NULL,
-	.sym_session_configure = NULL,
-	.sym_session_clear = NULL
+	.sym_session_get_size = otx_cpt_get_session_size,
+	.sym_session_configure = otx_cpt_session_cfg,
+	.sym_session_clear = otx_cpt_session_clear
 };
 
 static void
-- 
2.7.4



More information about the dev mailing list