From patchwork Fri Nov  1 17:51:34 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 178324
Delivered-To: patch@linaro.org
Received: by 2002:a92:409a:0:0:0:0:0 with SMTP id d26csp823725ill;
 Fri, 1 Nov 2019 10:55:25 -0700 (PDT)
X-Google-Smtp-Source: APXvYqx3r7oxzpiMKokhjVAhajsYx4EQe5BE6FDPGjSPNIPCMN1YIPn68PKkpN9QhqG4z0d/ych5
X-Received: by 2002:a05:6402:4c5:: with SMTP id
 n5mr10689508edw.157.1572630925088; 
 Fri, 01 Nov 2019 10:55:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1572630925; cv=none;
 d=google.com; s=arc-20160816;
 b=zqQ4VZLnkIcgamh6878mnvkUtFjI/HdnmyMohfhosYDHUE/9fLozhAw2rpJxM6lxIZ
 noxsw4vXIj0ZEJm4+pBEdDKb4HRSU7LQy+v17iBpm214Jx714RmkplZEeblViHf5GZDQ
 73K72ENLycSc5mM4SjWfN1dTYPO0hAvWce65++HVJtF4D2ZaEQNtesYqB3WBeNofA4hN
 NRlf/vFhjEqRXwOwnb77ua4HRQ2Qy2C83vVFfiOMWAOWEKGawrXCmvXFpqQfB88cR/z5
 BbH3tvQzC2tkvVPniGTD/hyNYigTOx1+MHY5eu6UW/xwRFnyR23A5DzTnXz+tIz8YEQy
 vx2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:subject:references:in-reply-to
 :message-id:date:to:from;
 bh=WrXNzST/sKouzdVzftzbkRHTqVxEycd/9mn1RT/UygQ=;
 b=hJsazrbHoJzhrmps/hELWRnOtS63lDVlUYWfcn44WBQGOwrrZthh9UnIKC5ZLafNPo
 GAFCcUq0kOMAnOIqw481Gj9Feej74xml1mfo3u0R8hl2yXcCgqDfSSVrQj6zPhVCIJhm
 aK7DCkEpUgEdygtixG+oNMpxhd5Gbi5T87onIyo3HggMNjdYTJ/Dnx4YPmV/VsYfptIR
 DApfsKfcaGoaq7zeVEOwdvE0H8kqdvqc6S9iQh2ijl7D9X3P0JY0E32v6QvdRiL4BIr6
 bcBFkT40Kje1Ww8mDOzSgyzQJwV9/jnrQQomSzUcH6MDmwyYmP3MhqNgOsN3TfFbgGZx
 XsVw==
ARC-Authentication-Results: i=1; mx.google.com;
 spf=pass (google.com: domain of dev-bounces@dpdk.org designates
 92.243.14.124 as permitted sender)
 smtp.mailfrom=dev-bounces@dpdk.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org. [92.243.14.124])
 by mx.google.com with ESMTP id
 d15si6490666ejw.269.2019.11.01.10.55.24; 
 Fri, 01 Nov 2019 10:55:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of dev-bounces@dpdk.org designates
 92.243.14.124 as permitted sender) client-ip=92.243.14.124; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of dev-bounces@dpdk.org designates
 92.243.14.124 as permitted sender)
 smtp.mailfrom=dev-bounces@dpdk.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nxp.com
Received: from [92.243.14.124] (localhost [127.0.0.1])
 by dpdk.org (Postfix) with ESMTP id 61E5A1E88F;
 Fri,  1 Nov 2019 18:54:56 +0100 (CET)
Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21])
 by dpdk.org (Postfix) with ESMTP id 6C87A1E868
 for <dev@dpdk.org>; Fri,  1 Nov 2019 18:54:49 +0100 (CET)
Received: from inva021.nxp.com (localhost [127.0.0.1])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 117A92002FF;
 Fri,  1 Nov 2019 18:54:49 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 7221B200133;
 Fri,  1 Nov 2019 18:54:47 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 4309A4031F;
 Sat,  2 Nov 2019 01:54:45 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org,
	akhil.goyal@nxp.com
Date: Fri,  1 Nov 2019 23:21:34 +0530
Message-Id: <20191101175141.4663-6-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191101175141.4663-1-hemant.agrawal@nxp.com>
References: <20191025083336.24212-1-hemant.agrawal@nxp.com>
 <20191101175141.4663-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v2 06/13] crypto/dpaa2_sec: add AES-GCM support
 for lookaside case
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 96 ++++++++++++++++++++-
 1 file changed, 92 insertions(+), 4 deletions(-)

-- 
2.17.1

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 6c2faa69a..c6b6444aa 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -2550,12 +2550,40 @@ dpaa2_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
 
 	switch (aead_xform->algo) {
 	case RTE_CRYPTO_AEAD_AES_GCM:
-		aeaddata->algtype = OP_ALG_ALGSEL_AES;
+		switch (session->digest_length) {
+		case 8:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_GCM8;
+			break;
+		case 12:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_GCM12;
+			break;
+		case 16:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_GCM16;
+			break;
+		default:
+			DPAA2_SEC_ERR("Crypto: Undefined GCM digest %d",
+				      session->digest_length);
+			return -1;
+		}
 		aeaddata->algmode = OP_ALG_AAI_GCM;
 		session->aead_alg = RTE_CRYPTO_AEAD_AES_GCM;
 		break;
 	case RTE_CRYPTO_AEAD_AES_CCM:
-		aeaddata->algtype = OP_ALG_ALGSEL_AES;
+		switch (session->digest_length) {
+		case 8:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_CCM8;
+			break;
+		case 12:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_CCM12;
+			break;
+		case 16:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_CCM16;
+			break;
+		default:
+			DPAA2_SEC_ERR("Crypto: Undefined CCM digest %d",
+				      session->digest_length);
+			return -1;
+		}
 		aeaddata->algmode = OP_ALG_AAI_CCM;
 		session->aead_alg = RTE_CRYPTO_AEAD_AES_CCM;
 		break;
@@ -2723,8 +2751,6 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 	struct rte_crypto_aead_xform *aead_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
-	struct ipsec_encap_pdb encap_pdb;
-	struct ipsec_decap_pdb decap_pdb;
 	struct alginfo authdata, cipherdata;
 	int bufsize;
 	struct sec_flow_context *flc;
@@ -2764,6 +2790,8 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		aead_xform = &conf->crypto_xform->aead;
 		ret = dpaa2_sec_ipsec_aead_init(aead_xform,
 					session, &cipherdata);
+		authdata.keylen = 0;
+		authdata.algtype = 0;
 	} else {
 		DPAA2_SEC_ERR("XFORM not specified");
 		ret = -EINVAL;
@@ -2779,10 +2807,37 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		uint8_t *hdr = NULL;
 		struct ip ip4_hdr;
 		struct rte_ipv6_hdr ip6_hdr;
+		struct ipsec_encap_pdb encap_pdb;
 
 		flc->dhr = SEC_FLC_DHR_OUTBOUND;
 		/* For Sec Proto only one descriptor is required. */
 		memset(&encap_pdb, 0, sizeof(struct ipsec_encap_pdb));
+
+		/* copy algo specific data to PDB */
+		switch (cipherdata.algtype) {
+		case OP_PCL_IPSEC_AES_GCM8:
+		case OP_PCL_IPSEC_AES_GCM12:
+		case OP_PCL_IPSEC_AES_GCM16:
+			memcpy(encap_pdb.gcm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		case OP_PCL_IPSEC_AES_CCM8:
+			encap_pdb.ccm.ccm_opt = 0x5B;
+			memcpy(encap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		case OP_PCL_IPSEC_AES_CCM12:
+			encap_pdb.ccm.ccm_opt = 0x6B;
+			memcpy(encap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		case OP_PCL_IPSEC_AES_CCM16:
+			encap_pdb.ccm.ccm_opt = 0x7B;
+			memcpy(encap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		}
+
 		encap_pdb.options = (IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
 			PDBOPTS_ESP_OIHI_PDB_INL |
 			PDBOPTS_ESP_IVSRC |
@@ -2839,8 +2894,41 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 				hdr, &cipherdata, &authdata);
 	} else if (ipsec_xform->direction ==
 			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		struct ipsec_decap_pdb decap_pdb;
+
 		flc->dhr = SEC_FLC_DHR_INBOUND;
 		memset(&decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		/* copy algo specific data to PDB */
+		switch (cipherdata.algtype) {
+		case OP_PCL_IPSEC_AES_GCM8:
+		case OP_PCL_IPSEC_AES_GCM12:
+		case OP_PCL_IPSEC_AES_GCM16:
+			memcpy(decap_pdb.gcm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		case OP_PCL_IPSEC_AES_CCM8:
+			decap_pdb.ccm.ccm_opt = 0x5B;
+			/* CCM salt length is 3 bytes, left shift 8 bits */
+			ipsec_xform->salt >>= 8;
+			memcpy(decap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		case OP_PCL_IPSEC_AES_CCM12:
+			decap_pdb.ccm.ccm_opt = 0x6B;
+			/* CCM salt length is 3 bytes, left shift 8 bits */
+			ipsec_xform->salt >>= 8;
+			memcpy(decap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		case OP_PCL_IPSEC_AES_CCM16:
+			decap_pdb.ccm.ccm_opt = 0x7B;
+			/* CCM salt length is 3 bytes, left shift 8 bits */
+			ipsec_xform->salt >>= 8;
+			memcpy(decap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		}
+
 		decap_pdb.options = (ipsec_xform->tunnel.type ==
 				RTE_SECURITY_IPSEC_TUNNEL_IPV4) ?
 				sizeof(struct ip) << 16 :