cmhi
/
f-stack
mirror of https://github.com/F-Stack/f-stack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
f-stack/dpdk/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h

960 lines
28 KiB
C
Raw Blame History

/* SPDX-License-Identifier: BSD-3-Clause
* Copyright(c) 2017-2022 Intel Corporation
*/
#ifndef _QAT_CRYPTO_PMD_GENS_H_
#define _QAT_CRYPTO_PMD_GENS_H_
#include <rte_cryptodev.h>
#include "qat_crypto.h"
#include "qat_sym_session.h"
#include "qat_sym.h"
#define QAT_SYM_DP_GET_MAX_ENQ(q, c, n) \
RTE_MIN((q->max_inflights - q->enqueued + q->dequeued - c), n)
#define QAT_SYM_DP_IS_RESP_SUCCESS(resp) \
(ICP_QAT_FW_COMN_STATUS_FLAG_OK == \
ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(resp->comn_hdr.comn_status))
static __rte_always_inline int
op_bpi_cipher_decrypt(uint8_t *src, uint8_t *dst,
uint8_t *iv, int ivlen, int srclen,
void *bpi_ctx)
{
EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)bpi_ctx;
int encrypted_ivlen;
uint8_t encrypted_iv[BPI_MAX_ENCR_IV_LEN];
uint8_t *encr = encrypted_iv;
/* ECB method: encrypt (not decrypt!) the IV, then XOR with plaintext */
if (EVP_EncryptUpdate(ctx, encrypted_iv, &encrypted_ivlen, iv, ivlen)
<= 0)
goto cipher_decrypt_err;
for (; srclen != 0; --srclen, ++dst, ++src, ++encr)
*dst = *src ^ *encr;
return 0;
cipher_decrypt_err:
QAT_DP_LOG(ERR, "libcrypto ECB cipher decrypt for BPI IV failed");
return -EINVAL;
}
static __rte_always_inline uint32_t
qat_bpicipher_preprocess(struct qat_sym_session *ctx,
struct rte_crypto_op *op)
{
int block_len = qat_cipher_get_block_size(ctx->qat_cipher_alg);
struct rte_crypto_sym_op *sym_op = op->sym;
uint8_t last_block_len = block_len > 0 ?
sym_op->cipher.data.length % block_len : 0;
if (last_block_len && ctx->qat_dir == ICP_QAT_HW_CIPHER_DECRYPT) {
/* Decrypt last block */
uint8_t *last_block, *dst, *iv;
uint32_t last_block_offset = sym_op->cipher.data.offset +
sym_op->cipher.data.length - last_block_len;
last_block = (uint8_t *) rte_pktmbuf_mtod_offset(sym_op->m_src,
uint8_t *, last_block_offset);
if (unlikely((sym_op->m_dst != NULL)
&& (sym_op->m_dst != sym_op->m_src)))
/* out-of-place operation (OOP) */
dst = (uint8_t *) rte_pktmbuf_mtod_offset(sym_op->m_dst,
uint8_t *, last_block_offset);
else
dst = last_block;
if (last_block_len < sym_op->cipher.data.length)
/* use previous block ciphertext as IV */
iv = last_block - block_len;
else
/* runt block, i.e. less than one full block */
iv = rte_crypto_op_ctod_offset(op, uint8_t *,
ctx->cipher_iv.offset);
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: src before pre-process:",
last_block, last_block_len);
if (sym_op->m_dst != NULL)
QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: dst before pre-process:",
dst, last_block_len);
#endif
op_bpi_cipher_decrypt(last_block, dst, iv, block_len,
last_block_len, ctx->bpi_ctx);
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: src after pre-process:",
last_block, last_block_len);
if (sym_op->m_dst != NULL)
QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: dst after pre-process:",
dst, last_block_len);
#endif
}
return sym_op->cipher.data.length - last_block_len;
}
static __rte_always_inline int
qat_auth_is_len_in_bits(struct qat_sym_session *ctx,
struct rte_crypto_op *op)
{
if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 ||
ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_KASUMI_F9 ||
ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3) {
if (unlikely((op->sym->auth.data.offset % BYTE_LENGTH != 0) ||
(op->sym->auth.data.length % BYTE_LENGTH != 0)))
return -EINVAL;
return 1;
}
return 0;
}
static __rte_always_inline int
qat_cipher_is_len_in_bits(struct qat_sym_session *ctx,
struct rte_crypto_op *op)
{
if (ctx->qat_cipher_alg == ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 ||
ctx->qat_cipher_alg == ICP_QAT_HW_CIPHER_ALGO_KASUMI ||
ctx->qat_cipher_alg == ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3) {
if (unlikely((op->sym->cipher.data.length % BYTE_LENGTH != 0) ||
((op->sym->cipher.data.offset %
BYTE_LENGTH) != 0)))
return -EINVAL;
return 1;
}
return 0;
}
static __rte_always_inline int32_t
qat_sym_build_req_set_data(struct icp_qat_fw_la_bulk_req *req,
void *opaque, struct qat_sym_op_cookie *cookie,
struct rte_crypto_vec *src_vec, uint16_t n_src,
struct rte_crypto_vec *dst_vec, uint16_t n_dst)
{
struct qat_sgl *list;
uint32_t i;
uint32_t tl_src = 0, total_len_src, total_len_dst;
uint64_t src_data_start = 0, dst_data_start = 0;
int is_sgl = n_src > 1 || n_dst > 1;
if (unlikely(n_src < 1 || n_src > QAT_SYM_SGL_MAX_NUMBER ||
n_dst > QAT_SYM_SGL_MAX_NUMBER))
return -1;
if (likely(!is_sgl)) {
src_data_start = src_vec[0].iova;
tl_src = total_len_src =
src_vec[0].len;
if (unlikely(n_dst)) { /* oop */
total_len_dst = dst_vec[0].len;
dst_data_start = dst_vec[0].iova;
if (unlikely(total_len_src != total_len_dst))
return -EINVAL;
} else {
dst_data_start = src_data_start;
total_len_dst = tl_src;
}
} else { /* sgl */
total_len_dst = total_len_src = 0;
ICP_QAT_FW_COMN_PTR_TYPE_SET(req->comn_hdr.comn_req_flags,
QAT_COMN_PTR_TYPE_SGL);
list = (struct qat_sgl *)&cookie->qat_sgl_src;
for (i = 0; i < n_src; i++) {
list->buffers[i].len = src_vec[i].len;
list->buffers[i].resrvd = 0;
list->buffers[i].addr = src_vec[i].iova;
if (tl_src + src_vec[i].len > UINT32_MAX) {
QAT_DP_LOG(ERR, "Message too long");
return -1;
}
tl_src += src_vec[i].len;
}
list->num_bufs = i;
src_data_start = cookie->qat_sgl_src_phys_addr;
if (unlikely(n_dst > 0)) { /* oop sgl */
uint32_t tl_dst = 0;
list = (struct qat_sgl *)&cookie->qat_sgl_dst;
for (i = 0; i < n_dst; i++) {
list->buffers[i].len = dst_vec[i].len;
list->buffers[i].resrvd = 0;
list->buffers[i].addr = dst_vec[i].iova;
if (tl_dst + dst_vec[i].len > UINT32_MAX) {
QAT_DP_LOG(ERR, "Message too long");
return -ENOTSUP;
}
tl_dst += dst_vec[i].len;
}
if (tl_src != tl_dst)
return -EINVAL;
list->num_bufs = i;
dst_data_start = cookie->qat_sgl_dst_phys_addr;
} else
dst_data_start = src_data_start;
}
req->comn_mid.src_data_addr = src_data_start;
req->comn_mid.dest_data_addr = dst_data_start;
req->comn_mid.src_length = total_len_src;
req->comn_mid.dst_length = total_len_dst;
req->comn_mid.opaque_data = (uintptr_t)opaque;
return tl_src;
}
static __rte_always_inline uint64_t
qat_sym_convert_op_to_vec_cipher(struct rte_crypto_op *op,
struct qat_sym_session *ctx,
struct rte_crypto_sgl *in_sgl, struct rte_crypto_sgl *out_sgl,
struct rte_crypto_va_iova_ptr *cipher_iv,
struct rte_crypto_va_iova_ptr *auth_iv_or_aad __rte_unused,
struct rte_crypto_va_iova_ptr *digest __rte_unused)
{
uint32_t cipher_len = 0, cipher_ofs = 0;
int n_src = 0;
int ret;
ret = qat_cipher_is_len_in_bits(ctx, op);
switch (ret) {
case 1:
cipher_len = op->sym->cipher.data.length >> 3;
cipher_ofs = op->sym->cipher.data.offset >> 3;
break;
case 0:
if (ctx->bpi_ctx) {
/* DOCSIS - only send complete blocks to device.
* Process any partial block using CFB mode.
* Even if 0 complete blocks, still send this to device
* to get into rx queue for post-process and dequeuing
*/
cipher_len = qat_bpicipher_preprocess(ctx, op);
cipher_ofs = op->sym->cipher.data.offset;
} else {
cipher_len = op->sym->cipher.data.length;
cipher_ofs = op->sym->cipher.data.offset;
}
break;
default:
QAT_DP_LOG(ERR,
"SNOW3G/KASUMI/ZUC in QAT PMD only supports byte aligned values");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
return UINT64_MAX;
}
cipher_iv->va = rte_crypto_op_ctod_offset(op, void *,
ctx->cipher_iv.offset);
cipher_iv->iova = rte_crypto_op_ctophys_offset(op,
ctx->cipher_iv.offset);
n_src = rte_crypto_mbuf_to_vec(op->sym->m_src, cipher_ofs,
cipher_len, in_sgl->vec, QAT_SYM_SGL_MAX_NUMBER);
if (n_src < 0 || n_src > op->sym->m_src->nb_segs) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return UINT64_MAX;
}
in_sgl->num = n_src;
/* Out-Of-Place operation */
if (unlikely((op->sym->m_dst != NULL) &&
(op->sym->m_dst != op->sym->m_src))) {
int n_dst = rte_crypto_mbuf_to_vec(op->sym->m_dst, cipher_ofs,
cipher_len, out_sgl->vec,
QAT_SYM_SGL_MAX_NUMBER);
if ((n_dst < 0) || (n_dst > op->sym->m_dst->nb_segs)) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return UINT64_MAX;
}
out_sgl->num = n_dst;
} else
out_sgl->num = 0;
return 0;
}
static __rte_always_inline uint64_t
qat_sym_convert_op_to_vec_auth(struct rte_crypto_op *op,
struct qat_sym_session *ctx,
struct rte_crypto_sgl *in_sgl, struct rte_crypto_sgl *out_sgl,
struct rte_crypto_va_iova_ptr *cipher_iv __rte_unused,
struct rte_crypto_va_iova_ptr *auth_iv,
struct rte_crypto_va_iova_ptr *digest,
struct qat_sym_op_cookie *cookie)
{
uint32_t auth_ofs = 0, auth_len = 0;
int n_src, ret;
ret = qat_auth_is_len_in_bits(ctx, op);
switch (ret) {
case 1:
auth_ofs = op->sym->auth.data.offset >> 3;
auth_len = op->sym->auth.data.length >> 3;
auth_iv->va = rte_crypto_op_ctod_offset(op, void *,
ctx->auth_iv.offset);
auth_iv->iova = rte_crypto_op_ctophys_offset(op,
ctx->auth_iv.offset);
break;
case 0:
if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128 ||
ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64) {
/* AES-GMAC */
auth_ofs = op->sym->auth.data.offset;
auth_len = op->sym->auth.data.length;
auth_iv->va = rte_crypto_op_ctod_offset(op, void *,
ctx->auth_iv.offset);
auth_iv->iova = rte_crypto_op_ctophys_offset(op,
ctx->auth_iv.offset);
} else {
auth_ofs = op->sym->auth.data.offset;
auth_len = op->sym->auth.data.length;
auth_iv->va = NULL;
auth_iv->iova = 0;
}
break;
default:
QAT_DP_LOG(ERR,
"For SNOW3G/KASUMI/ZUC, QAT PMD only supports byte aligned values");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
return UINT64_MAX;
}
n_src = rte_crypto_mbuf_to_vec(op->sym->m_src, auth_ofs,
auth_len, in_sgl->vec,
QAT_SYM_SGL_MAX_NUMBER);
if (n_src < 0 || n_src > op->sym->m_src->nb_segs) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return UINT64_MAX;
}
in_sgl->num = n_src;
/* Out-Of-Place operation */
if (unlikely((op->sym->m_dst != NULL) &&
(op->sym->m_dst != op->sym->m_src))) {
int n_dst = rte_crypto_mbuf_to_vec(op->sym->m_dst, auth_ofs,
auth_len, out_sgl->vec,
QAT_SYM_SGL_MAX_NUMBER);
if ((n_dst < 0) || (n_dst > op->sym->m_dst->nb_segs)) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return UINT64_MAX;
}
out_sgl->num = n_dst;
} else
out_sgl->num = 0;
digest->va = (void *)op->sym->auth.digest.data;
if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_NULL)
digest->iova = cookie->digest_null_phys_addr;
else
digest->iova = op->sym->auth.digest.phys_addr;
return 0;
}
static __rte_always_inline uint64_t
qat_sym_convert_op_to_vec_chain(struct rte_crypto_op *op,
struct qat_sym_session *ctx,
struct rte_crypto_sgl *in_sgl, struct rte_crypto_sgl *out_sgl,
struct rte_crypto_va_iova_ptr *cipher_iv,
struct rte_crypto_va_iova_ptr *auth_iv_or_aad,
struct rte_crypto_va_iova_ptr *digest,
struct qat_sym_op_cookie *cookie)
{
union rte_crypto_sym_ofs ofs;
uint32_t max_len = 0;
uint32_t cipher_len = 0, cipher_ofs = 0;
uint32_t auth_len = 0, auth_ofs = 0;
int is_oop = (op->sym->m_dst != NULL) &&
(op->sym->m_dst != op->sym->m_src);
int is_sgl = op->sym->m_src->nb_segs > 1;
int n_src;
int ret;
if (unlikely(is_oop))
is_sgl |= op->sym->m_dst->nb_segs > 1;
cipher_iv->va = rte_crypto_op_ctod_offset(op, void *,
ctx->cipher_iv.offset);
cipher_iv->iova = rte_crypto_op_ctophys_offset(op,
ctx->cipher_iv.offset);
auth_iv_or_aad->va = rte_crypto_op_ctod_offset(op, void *,
ctx->auth_iv.offset);
auth_iv_or_aad->iova = rte_crypto_op_ctophys_offset(op,
ctx->auth_iv.offset);
digest->va = (void *)op->sym->auth.digest.data;
if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_NULL)
digest->iova = cookie->digest_null_phys_addr;
else
digest->iova = op->sym->auth.digest.phys_addr;
ret = qat_cipher_is_len_in_bits(ctx, op);
switch (ret) {
case 1:
cipher_len = op->sym->cipher.data.length >> 3;
cipher_ofs = op->sym->cipher.data.offset >> 3;
break;
case 0:
cipher_len = op->sym->cipher.data.length;
cipher_ofs = op->sym->cipher.data.offset;
break;
default:
QAT_DP_LOG(ERR,
"For SNOW3G/KASUMI/ZUC, QAT PMD only supports byte aligned values");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
return -EINVAL;
}
ret = qat_auth_is_len_in_bits(ctx, op);
switch (ret) {
case 1:
auth_len = op->sym->auth.data.length >> 3;
auth_ofs = op->sym->auth.data.offset >> 3;
break;
case 0:
auth_len = op->sym->auth.data.length;
auth_ofs = op->sym->auth.data.offset;
break;
default:
QAT_DP_LOG(ERR,
"For SNOW3G/KASUMI/ZUC, QAT PMD only supports byte aligned values");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
return -EINVAL;
}
max_len = RTE_MAX(cipher_ofs + cipher_len, auth_ofs + auth_len);
/* digest in buffer check. Needed only for wireless algos */
if (ret == 1) {
/* Handle digest-encrypted cases, i.e.
* auth-gen-then-cipher-encrypt and
* cipher-decrypt-then-auth-verify
*/
uint64_t auth_end_iova;
if (unlikely(is_sgl)) {
uint32_t remaining_off = auth_ofs + auth_len;
struct rte_mbuf *sgl_buf = (is_oop ? op->sym->m_dst :
op->sym->m_src);
while (remaining_off >= rte_pktmbuf_data_len(sgl_buf)
&& sgl_buf->next != NULL) {
remaining_off -= rte_pktmbuf_data_len(sgl_buf);
sgl_buf = sgl_buf->next;
}
auth_end_iova = (uint64_t)rte_pktmbuf_iova_offset(
sgl_buf, remaining_off);
} else
auth_end_iova = (is_oop ?
rte_pktmbuf_iova(op->sym->m_dst) :
rte_pktmbuf_iova(op->sym->m_src)) + auth_ofs +
auth_len;
/* Then check if digest-encrypted conditions are met */
if ((auth_ofs + auth_len < cipher_ofs + cipher_len) &&
(digest->iova == auth_end_iova))
max_len = RTE_MAX(max_len, auth_ofs + auth_len +
ctx->digest_length);
}
/* Passing 0 as cipher & auth offsets are assigned into ofs later */
n_src = rte_crypto_mbuf_to_vec(op->sym->m_src, 0, max_len,
in_sgl->vec, QAT_SYM_SGL_MAX_NUMBER);
if (unlikely(n_src < 0 || n_src > op->sym->m_src->nb_segs)) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return -1;
}
in_sgl->num = n_src;
if (unlikely((op->sym->m_dst != NULL) &&
(op->sym->m_dst != op->sym->m_src))) {
int n_dst = rte_crypto_mbuf_to_vec(op->sym->m_dst, 0,
max_len, out_sgl->vec, QAT_SYM_SGL_MAX_NUMBER);
if (n_dst < 0 || n_dst > op->sym->m_dst->nb_segs) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return -1;
}
out_sgl->num = n_dst;
} else
out_sgl->num = 0;
ofs.ofs.cipher.head = cipher_ofs;
ofs.ofs.cipher.tail = max_len - cipher_ofs - cipher_len;
ofs.ofs.auth.head = auth_ofs;
ofs.ofs.auth.tail = max_len - auth_ofs - auth_len;
return ofs.raw;
}
static __rte_always_inline uint64_t
qat_sym_convert_op_to_vec_aead(struct rte_crypto_op *op,
struct qat_sym_session *ctx,
struct rte_crypto_sgl *in_sgl, struct rte_crypto_sgl *out_sgl,
struct rte_crypto_va_iova_ptr *cipher_iv,
struct rte_crypto_va_iova_ptr *auth_iv_or_aad,
struct rte_crypto_va_iova_ptr *digest)
{
uint32_t cipher_len = 0, cipher_ofs = 0;
int32_t n_src = 0;
cipher_iv->va = rte_crypto_op_ctod_offset(op, void *,
ctx->cipher_iv.offset);
cipher_iv->iova = rte_crypto_op_ctophys_offset(op,
ctx->cipher_iv.offset);
auth_iv_or_aad->va = (void *)op->sym->aead.aad.data;
auth_iv_or_aad->iova = op->sym->aead.aad.phys_addr;
digest->va = (void *)op->sym->aead.digest.data;
digest->iova = op->sym->aead.digest.phys_addr;
cipher_len = op->sym->aead.data.length;
cipher_ofs = op->sym->aead.data.offset;
n_src = rte_crypto_mbuf_to_vec(op->sym->m_src, cipher_ofs, cipher_len,
in_sgl->vec, QAT_SYM_SGL_MAX_NUMBER);
if (n_src < 0 || n_src > op->sym->m_src->nb_segs) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return UINT64_MAX;
}
in_sgl->num = n_src;
/* Out-Of-Place operation */
if (unlikely((op->sym->m_dst != NULL) &&
(op->sym->m_dst != op->sym->m_src))) {
int n_dst = rte_crypto_mbuf_to_vec(op->sym->m_dst, cipher_ofs,
cipher_len, out_sgl->vec,
QAT_SYM_SGL_MAX_NUMBER);
if (n_dst < 0 || n_dst > op->sym->m_dst->nb_segs) {
op->status = RTE_CRYPTO_OP_STATUS_ERROR;
return UINT64_MAX;
}
out_sgl->num = n_dst;
} else
out_sgl->num = 0;
return 0;
}
static __rte_always_inline void
qat_set_cipher_iv(struct icp_qat_fw_la_cipher_req_params *cipher_param,
struct rte_crypto_va_iova_ptr *iv_ptr, uint32_t iv_len,
struct icp_qat_fw_la_bulk_req *qat_req)
{
/* copy IV into request if it fits */
if (iv_len <= sizeof(cipher_param->u.cipher_IV_array))
rte_memcpy(cipher_param->u.cipher_IV_array, iv_ptr->va,
iv_len);
else {
ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_SET(
qat_req->comn_hdr.serv_specif_flags,
ICP_QAT_FW_CIPH_IV_64BIT_PTR);
cipher_param->u.s.cipher_IV_ptr = iv_ptr->iova;
}
}
static __rte_always_inline void
qat_sym_dp_fill_vec_status(int32_t *sta, int status, uint32_t n)
{
uint32_t i;
for (i = 0; i < n; i++)
sta[i] = status;
}
static __rte_always_inline void
enqueue_one_cipher_job_gen1(struct qat_sym_session *ctx,
struct icp_qat_fw_la_bulk_req *req,
struct rte_crypto_va_iova_ptr *iv,
union rte_crypto_sym_ofs ofs, uint32_t data_len)
{
struct icp_qat_fw_la_cipher_req_params *cipher_param;
cipher_param = (void *)&req->serv_specif_rqpars;
/* cipher IV */
qat_set_cipher_iv(cipher_param, iv, ctx->cipher_iv.length, req);
cipher_param->cipher_offset = ofs.ofs.cipher.head;
cipher_param->cipher_length = data_len - ofs.ofs.cipher.head -
ofs.ofs.cipher.tail;
}
static __rte_always_inline void
enqueue_one_auth_job_gen1(struct qat_sym_session *ctx,
struct icp_qat_fw_la_bulk_req *req,
struct rte_crypto_va_iova_ptr *digest,
struct rte_crypto_va_iova_ptr *auth_iv,
union rte_crypto_sym_ofs ofs, uint32_t data_len)
{
struct icp_qat_fw_la_cipher_req_params *cipher_param;
struct icp_qat_fw_la_auth_req_params *auth_param;
cipher_param = (void *)&req->serv_specif_rqpars;
auth_param = (void *)((uint8_t *)cipher_param +
ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET);
auth_param->auth_off = ofs.ofs.auth.head;
auth_param->auth_len = data_len - ofs.ofs.auth.head -
ofs.ofs.auth.tail;
auth_param->auth_res_addr = digest->iova;
switch (ctx->qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2:
case ICP_QAT_HW_AUTH_ALGO_KASUMI_F9:
case ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3:
auth_param->u1.aad_adr = auth_iv->iova;
break;
case ICP_QAT_HW_AUTH_ALGO_GALOIS_128:
case ICP_QAT_HW_AUTH_ALGO_GALOIS_64:
ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_SET(
req->comn_hdr.serv_specif_flags,
ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS);
rte_memcpy(cipher_param->u.cipher_IV_array, auth_iv->va,
ctx->auth_iv.length);
break;
default:
break;
}
}
static __rte_always_inline int
enqueue_one_chain_job_gen1(struct qat_sym_session *ctx,
struct icp_qat_fw_la_bulk_req *req,
struct rte_crypto_vec *src_vec,
uint16_t n_src_vecs,
struct rte_crypto_vec *dst_vec,
uint16_t n_dst_vecs,
struct rte_crypto_va_iova_ptr *cipher_iv,
struct rte_crypto_va_iova_ptr *digest,
struct rte_crypto_va_iova_ptr *auth_iv,
union rte_crypto_sym_ofs ofs, uint32_t data_len)
{
struct icp_qat_fw_la_cipher_req_params *cipher_param;
struct icp_qat_fw_la_auth_req_params *auth_param;
struct rte_crypto_vec *cvec = n_dst_vecs > 0 ?
dst_vec : src_vec;
rte_iova_t auth_iova_end;
int cipher_len, auth_len;
int is_sgl = n_src_vecs > 1 || n_dst_vecs > 1;
cipher_param = (void *)&req->serv_specif_rqpars;
auth_param = (void *)((uint8_t *)cipher_param +
ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET);
cipher_len = data_len - ofs.ofs.cipher.head -
ofs.ofs.cipher.tail;
auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
if (unlikely(cipher_len < 0 || auth_len < 0))
return -1;
cipher_param->cipher_offset = ofs.ofs.cipher.head;
cipher_param->cipher_length = cipher_len;
qat_set_cipher_iv(cipher_param, cipher_iv, ctx->cipher_iv.length, req);
auth_param->auth_off = ofs.ofs.auth.head;
auth_param->auth_len = auth_len;
auth_param->auth_res_addr = digest->iova;
switch (ctx->qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2:
case ICP_QAT_HW_AUTH_ALGO_KASUMI_F9:
case ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3:
auth_param->u1.aad_adr = auth_iv->iova;
break;
case ICP_QAT_HW_AUTH_ALGO_GALOIS_128:
case ICP_QAT_HW_AUTH_ALGO_GALOIS_64:
break;
default:
break;
}
if (unlikely(is_sgl)) {
/* sgl */
int i = n_dst_vecs ? n_dst_vecs : n_src_vecs;
uint32_t remaining_off = data_len - ofs.ofs.auth.tail;
while (remaining_off >= cvec->len && i >= 1) {
i--;
remaining_off -= cvec->len;
if (i)
cvec++;
}
auth_iova_end = cvec->iova + remaining_off;
} else
auth_iova_end = cvec[0].iova + auth_param->auth_off +
auth_param->auth_len;
/* Then check if digest-encrypted conditions are met */
if ((auth_param->auth_off + auth_param->auth_len <
cipher_param->cipher_offset + cipher_param->cipher_length) &&
(digest->iova == auth_iova_end)) {
/* Handle partial digest encryption */
if (cipher_param->cipher_offset + cipher_param->cipher_length <
auth_param->auth_off + auth_param->auth_len +
ctx->digest_length && !is_sgl)
req->comn_mid.dst_length = req->comn_mid.src_length =
auth_param->auth_off + auth_param->auth_len +
ctx->digest_length;
struct icp_qat_fw_comn_req_hdr *header = &req->comn_hdr;
ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(header->serv_specif_flags,
ICP_QAT_FW_LA_DIGEST_IN_BUFFER);
}
return 0;
}
static __rte_always_inline void
enqueue_one_aead_job_gen1(struct qat_sym_session *ctx,
struct icp_qat_fw_la_bulk_req *req,
struct rte_crypto_va_iova_ptr *iv,
struct rte_crypto_va_iova_ptr *digest,
struct rte_crypto_va_iova_ptr *aad,
union rte_crypto_sym_ofs ofs, uint32_t data_len)
{
struct icp_qat_fw_la_cipher_req_params *cipher_param =
(void *)&req->serv_specif_rqpars;
struct icp_qat_fw_la_auth_req_params *auth_param =
(void *)((uint8_t *)&req->serv_specif_rqpars +
ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET);
uint8_t *aad_data;
uint8_t aad_ccm_real_len;
uint8_t aad_len_field_sz;
uint32_t msg_len_be;
rte_iova_t aad_iova = 0;
uint8_t q;
switch (ctx->qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_GALOIS_128:
case ICP_QAT_HW_AUTH_ALGO_GALOIS_64:
ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_SET(
req->comn_hdr.serv_specif_flags,
ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS);
rte_memcpy(cipher_param->u.cipher_IV_array, iv->va,
ctx->cipher_iv.length);
aad_iova = aad->iova;
break;
case ICP_QAT_HW_AUTH_ALGO_AES_CBC_MAC:
aad_data = aad->va;
aad_iova = aad->iova;
aad_ccm_real_len = 0;
aad_len_field_sz = 0;
msg_len_be = rte_bswap32((uint32_t)data_len -
ofs.ofs.cipher.head);
if (ctx->aad_len > ICP_QAT_HW_CCM_AAD_DATA_OFFSET) {
aad_len_field_sz = ICP_QAT_HW_CCM_AAD_LEN_INFO;
aad_ccm_real_len = ctx->aad_len -
ICP_QAT_HW_CCM_AAD_B0_LEN -
ICP_QAT_HW_CCM_AAD_LEN_INFO;
} else {
aad_data = iv->va;
aad_iova = iv->iova;
}
q = ICP_QAT_HW_CCM_NQ_CONST - ctx->cipher_iv.length;
aad_data[0] = ICP_QAT_HW_CCM_BUILD_B0_FLAGS(
aad_len_field_sz, ctx->digest_length, q);
if (q > ICP_QAT_HW_CCM_MSG_LEN_MAX_FIELD_SIZE) {
memcpy(aad_data + ctx->cipher_iv.length +
ICP_QAT_HW_CCM_NONCE_OFFSET + (q -
ICP_QAT_HW_CCM_MSG_LEN_MAX_FIELD_SIZE),
(uint8_t *)&msg_len_be,
ICP_QAT_HW_CCM_MSG_LEN_MAX_FIELD_SIZE);
} else {
memcpy(aad_data + ctx->cipher_iv.length +
ICP_QAT_HW_CCM_NONCE_OFFSET,
(uint8_t *)&msg_len_be +
(ICP_QAT_HW_CCM_MSG_LEN_MAX_FIELD_SIZE
- q), q);
}
if (aad_len_field_sz > 0) {
*(uint16_t *)&aad_data[ICP_QAT_HW_CCM_AAD_B0_LEN] =
rte_bswap16(aad_ccm_real_len);
if ((aad_ccm_real_len + aad_len_field_sz)
% ICP_QAT_HW_CCM_AAD_B0_LEN) {
uint8_t pad_len = 0;
uint8_t pad_idx = 0;
pad_len = ICP_QAT_HW_CCM_AAD_B0_LEN -
((aad_ccm_real_len +
aad_len_field_sz) %
ICP_QAT_HW_CCM_AAD_B0_LEN);
pad_idx = ICP_QAT_HW_CCM_AAD_B0_LEN +
aad_ccm_real_len +
aad_len_field_sz;
memset(&aad_data[pad_idx], 0, pad_len);
}
}
rte_memcpy(((uint8_t *)cipher_param->u.cipher_IV_array)
+ ICP_QAT_HW_CCM_NONCE_OFFSET,
(uint8_t *)iv->va +
ICP_QAT_HW_CCM_NONCE_OFFSET, ctx->cipher_iv.length);
*(uint8_t *)&cipher_param->u.cipher_IV_array[0] =
q - ICP_QAT_HW_CCM_NONCE_OFFSET;
rte_memcpy((uint8_t *)aad->va +
ICP_QAT_HW_CCM_NONCE_OFFSET,
(uint8_t *)iv->va + ICP_QAT_HW_CCM_NONCE_OFFSET,
ctx->cipher_iv.length);
break;
default:
break;
}
cipher_param->cipher_offset = ofs.ofs.cipher.head;
cipher_param->cipher_length = data_len - ofs.ofs.cipher.head -
ofs.ofs.cipher.tail;
auth_param->auth_off = ofs.ofs.cipher.head;
auth_param->auth_len = cipher_param->cipher_length;
auth_param->auth_res_addr = digest->iova;
auth_param->u1.aad_adr = aad_iova;
}
extern struct rte_cryptodev_ops qat_sym_crypto_ops_gen1;
extern struct rte_cryptodev_ops qat_asym_crypto_ops_gen1;
/* -----------------GEN 1 sym crypto op data path APIs ---------------- */
int
qat_sym_build_op_cipher_gen1(void *in_op, struct qat_sym_session *ctx,
uint8_t *out_msg, void *op_cookie);
int
qat_sym_build_op_auth_gen1(void *in_op, struct qat_sym_session *ctx,
uint8_t *out_msg, void *op_cookie);
int
qat_sym_build_op_aead_gen1(void *in_op, struct qat_sym_session *ctx,
uint8_t *out_msg, void *op_cookie);
int
qat_sym_build_op_chain_gen1(void *in_op, struct qat_sym_session *ctx,
uint8_t *out_msg, void *op_cookie);
/* -----------------GEN 1 sym crypto raw data path APIs ---------------- */
int
qat_sym_dp_enqueue_single_cipher_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_vec *data, uint16_t n_data_vecs,
union rte_crypto_sym_ofs ofs,
struct rte_crypto_va_iova_ptr *iv,
struct rte_crypto_va_iova_ptr *digest __rte_unused,
struct rte_crypto_va_iova_ptr *aad __rte_unused,
void *user_data);
uint32_t
qat_sym_dp_enqueue_cipher_jobs_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_sym_vec *vec, union rte_crypto_sym_ofs ofs,
void *user_data[], int *status);
int
qat_sym_dp_enqueue_single_auth_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_vec *data, uint16_t n_data_vecs,
union rte_crypto_sym_ofs ofs,
struct rte_crypto_va_iova_ptr *iv __rte_unused,
struct rte_crypto_va_iova_ptr *digest,
struct rte_crypto_va_iova_ptr *auth_iv,
void *user_data);
uint32_t
qat_sym_dp_enqueue_auth_jobs_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_sym_vec *vec, union rte_crypto_sym_ofs ofs,
void *user_data[], int *status);
int
qat_sym_dp_enqueue_single_chain_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_vec *data, uint16_t n_data_vecs,
union rte_crypto_sym_ofs ofs,
struct rte_crypto_va_iova_ptr *cipher_iv,
struct rte_crypto_va_iova_ptr *digest,
struct rte_crypto_va_iova_ptr *auth_iv,
void *user_data);
uint32_t
qat_sym_dp_enqueue_chain_jobs_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_sym_vec *vec, union rte_crypto_sym_ofs ofs,
void *user_data[], int *status);
int
qat_sym_dp_enqueue_single_aead_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_vec *data, uint16_t n_data_vecs,
union rte_crypto_sym_ofs ofs,
struct rte_crypto_va_iova_ptr *iv,
struct rte_crypto_va_iova_ptr *digest,
struct rte_crypto_va_iova_ptr *aad,
void *user_data);
uint32_t
qat_sym_dp_enqueue_aead_jobs_gen1(void *qp_data, uint8_t *drv_ctx,
struct rte_crypto_sym_vec *vec, union rte_crypto_sym_ofs ofs,
void *user_data[], int *status);
void *
qat_sym_dp_dequeue_single_gen1(void *qp_data, uint8_t *drv_ctx,
int *dequeue_status, enum rte_crypto_op_status *op_status);
uint32_t
qat_sym_dp_dequeue_burst_gen1(void *qp_data, uint8_t *drv_ctx,
rte_cryptodev_raw_get_dequeue_count_t get_dequeue_count,
uint32_t max_nb_to_dequeue,
rte_cryptodev_raw_post_dequeue_t post_dequeue,
void **out_user_data, uint8_t is_user_data_array,
uint32_t *n_success_jobs, int *return_status);
int
qat_sym_dp_enqueue_done_gen1(void *qp_data, uint8_t *drv_ctx, uint32_t n);
int
qat_sym_dp_dequeue_done_gen1(void *qp_data, uint8_t *drv_ctx, uint32_t n);
int
qat_sym_configure_raw_dp_ctx_gen1(void *_raw_dp_ctx, void *_ctx);
/* -----------------GENx control path APIs ---------------- */
uint64_t
qat_sym_crypto_feature_flags_get_gen1(struct qat_pci_device *qat_dev);
int
qat_sym_crypto_set_session_gen1(void *cryptodev, void *session);
void
qat_sym_session_set_ext_hash_flags_gen2(struct qat_sym_session *session,
uint8_t hash_flag);
int
qat_asym_crypto_cap_get_gen1(struct qat_cryptodev_private *internals,
const char *capa_memz_name, const uint16_t slice_map);
uint64_t
qat_asym_crypto_feature_flags_get_gen1(struct qat_pci_device *qat_dev);
int
qat_asym_crypto_set_session_gen1(void *cryptodev, void *session);
#ifdef RTE_LIB_SECURITY
extern struct rte_security_ops security_qat_ops_gen1;
void *
qat_sym_create_security_gen1(void *cryptodev);
#endif
#endif
Reference in New Issue View Git Blame Copy Permalink