From: Tejasree Kondoj <[email protected]> Adding ZUC256 v2 cipher only support in CN20K PMD.
Signed-off-by: Tejasree Kondoj <[email protected]> --- drivers/common/cnxk/roc_se.c | 14 +++++++++++--- drivers/common/cnxk/roc_se.h | 2 ++ drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 15 +++++++++------ drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 10 ++++++++-- drivers/crypto/cnxk/cnxk_se.h | 7 +++++-- 5 files changed, 35 insertions(+), 13 deletions(-) diff --git a/drivers/common/cnxk/roc_se.c b/drivers/common/cnxk/roc_se.c index f71832ff3a..bdb42567c7 100644 --- a/drivers/common/cnxk/roc_se.c +++ b/drivers/common/cnxk/roc_se.c @@ -25,6 +25,9 @@ static uint8_t zuc_key256_mac16[16] = {0x23, 0x2f, 0x25, 0x2a, 0x6d, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x52, 0x10, 0x30}; +static uint8_t zuc_key256_v2[16] = {0x64, 0x43, 0x7b, 0x2a, 0x11, 0x05, 0x51, 0x42, + 0x1a, 0x31, 0x18, 0x66, 0x14, 0x2e, 0x01, 0x5c}; + static inline void cpt_snow3g_key_gen(const uint8_t *ck, uint32_t *keyx) { @@ -93,7 +96,8 @@ cpt_ciph_type_set(roc_se_cipher_type type, struct roc_se_ctx *ctx, uint16_t key_ * ZUC 256 is not supported with older microcode * where pdcp_iv_offset is 16 */ - if (chained_op || (ctx->pdcp_iv_offset == 16)) { + if ((chained_op || + (!roc_model_is_cn20k() && (ctx->pdcp_iv_offset == 16)))) { plt_err("ZUC 256 is not supported with chained operations"); return -1; } @@ -318,7 +322,8 @@ roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type, const uint * ZUC 256 is not supported with older microcode * where pdcp_iv_offset is 16 */ - if (chained_op || (se_ctx->pdcp_iv_offset == 16)) { + if ((chained_op || + (!roc_model_is_cn20k() && (se_ctx->pdcp_iv_offset == 16)))) { plt_err("ZUC 256 is not supported with chained operations"); return -1; } @@ -552,7 +557,10 @@ roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type, const ui memcpy(pctx->st.ci_key, key, key_len); if (key_len == 32) { roc_se_zuc_bytes_swap(pctx->st.ci_key, key_len); - memcpy(pctx->st.ci_zuc_const, zuc_key256, 16); + if (roc_model_is_cn20k()) + memcpy(pctx->st.ci_zuc_const, zuc_key256_v2, 16); + else + memcpy(pctx->st.ci_zuc_const, zuc_key256, 16); } else memcpy(pctx->st.ci_zuc_const, zuc_key128, 32); se_ctx->pdcp_ci_alg = ROC_SE_PDCP_ALG_TYPE_ZUC; diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h index 9afcda8ba4..03a6eabfd3 100644 --- a/drivers/common/cnxk/roc_se.h +++ b/drivers/common/cnxk/roc_se.h @@ -355,6 +355,7 @@ struct roc_se_ctx { uint64_t eia2 : 1; /* auth_iv_offset passed to PDCP_CHAIN opcode based on FVC bit */ uint8_t pdcp_iv_offset; + uint8_t pdcp_iv_len; union cpt_inst_w4 template_w4; uint8_t *auth_key; } __plt_aligned(ROC_ALIGN); @@ -374,6 +375,7 @@ struct roc_se_fc_params { uint8_t cipher_iv_len; uint8_t auth_iv_len; uint8_t pdcp_iv_offset; + uint8_t pdcp_iv_len; struct roc_se_buf_ptr aad_buf; struct roc_se_buf_ptr mac_buf; diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c index d2747878d3..5c1542909e 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c @@ -1908,7 +1908,7 @@ cpt_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], int *cur_pos, } static void -cn10k_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[]) +cn10k_20k_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[]) { struct rte_cryptodev_capabilities *caps; @@ -1921,7 +1921,10 @@ cn10k_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[]) caps->sym.cipher.key_size.max = 32; caps->sym.cipher.key_size.increment = 16; - caps->sym.cipher.iv_size.max = 25; + if (roc_model_is_cn20k()) + caps->sym.cipher.iv_size.max = 16; + else + caps->sym.cipher.iv_size.max = 25; caps->sym.cipher.iv_size.increment = 1; } @@ -1946,8 +1949,8 @@ cn9k_crypto_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], int *cur_pos } static void -cn10k_crypto_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], - union cpt_eng_caps *hw_caps, int *cur_pos) +cn10k_20k_crypto_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], + union cpt_eng_caps *hw_caps, int *cur_pos) { if (hw_caps[CPT_ENG_TYPE_SE].sg_ver2) { CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm3); @@ -1980,13 +1983,13 @@ crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[], cn9k_crypto_caps_add(cnxk_caps, &cur_pos); if (roc_model_is_cn10k() || roc_model_is_cn20k()) - cn10k_crypto_caps_add(cnxk_caps, hw_caps, &cur_pos); + cn10k_20k_crypto_caps_add(cnxk_caps, hw_caps, &cur_pos); cpt_caps_add(cnxk_caps, &cur_pos, caps_null, RTE_DIM(caps_null)); cpt_caps_add(cnxk_caps, &cur_pos, caps_end, RTE_DIM(caps_end)); if (roc_model_is_cn10k() || roc_model_is_cn20k()) - cn10k_crypto_caps_update(cnxk_caps); + cn10k_20k_crypto_caps_update(cnxk_caps); } const struct rte_cryptodev_capabilities * diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c index 370f311dd3..b431b78005 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c @@ -632,10 +632,16 @@ cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform, struct rte_crypto_sym_xform *a_xfrm = NULL; bool ciph_then_auth = false; - if (roc_cpt->hw_caps[CPT_ENG_TYPE_SE].pdcp_chain_zuc256) + if (roc_model_is_cn20k()) { + sess->roc_se_ctx->pdcp_iv_len = 40; + sess->roc_se_ctx->pdcp_iv_offset = 16; + } else if (roc_cpt->hw_caps[CPT_ENG_TYPE_SE].pdcp_chain_zuc256) { sess->roc_se_ctx->pdcp_iv_offset = 24; - else + sess->roc_se_ctx->pdcp_iv_len = 48; + } else { sess->roc_se_ctx->pdcp_iv_offset = 16; + sess->roc_se_ctx->pdcp_iv_len = 32; + } if (xform == NULL) return -EINVAL; diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h index 7a0624ca28..db25fd90d8 100644 --- a/drivers/crypto/cnxk/cnxk_se.h +++ b/drivers/crypto/cnxk/cnxk_se.h @@ -1537,7 +1537,7 @@ cpt_pdcp_chain_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens, const uint8_t *auth_iv = NULL, *cipher_iv = NULL; uint8_t pdcp_iv_off = params->pdcp_iv_offset; uint32_t off_ctrl_len = ROC_SE_OFF_CTRL_LEN; - const int iv_len = pdcp_iv_off * 2; + const int iv_len = params->pdcp_iv_len; uint8_t pdcp_ci_alg, pdcp_auth_alg; union cpt_inst_w4 cpt_inst_w4; struct roc_se_ctx *se_ctx; @@ -1667,9 +1667,9 @@ cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens, * So iv_len reserved is 32B for cipher and auth IVs with old microcode * and 48B with new microcode. */ - const int iv_len = params->pdcp_iv_offset * 2; uint32_t off_ctrl_len = ROC_SE_OFF_CTRL_LEN; struct roc_se_ctx *se_ctx = params->ctx; + const int iv_len = params->pdcp_iv_len; uint32_t encr_data_len, auth_data_len; const int flags = se_ctx->zsk_flags; uint32_t encr_offset, auth_offset; @@ -3039,6 +3039,7 @@ fill_pdcp_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess, fc_params.iv_buf = NULL; fc_params.auth_iv_buf = NULL; fc_params.pdcp_iv_offset = sess->roc_se_ctx->pdcp_iv_offset; + fc_params.pdcp_iv_len = sess->roc_se_ctx->pdcp_iv_len; if (likely(sess->iv_length)) fc_params.iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess->iv_offset); @@ -3134,6 +3135,7 @@ fill_pdcp_chain_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess, fc_params.iv_buf = NULL; fc_params.auth_iv_buf = NULL; fc_params.pdcp_iv_offset = sess->roc_se_ctx->pdcp_iv_offset; + fc_params.pdcp_iv_len = sess->roc_se_ctx->pdcp_iv_len; m_src = sym_op->m_src; m_dst = sym_op->m_dst; @@ -3347,6 +3349,7 @@ fill_digest_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess, params.auth_iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess->auth_iv_offset); params.pdcp_iv_offset = sess->roc_se_ctx->pdcp_iv_offset; + params.pdcp_iv_len = sess->roc_se_ctx->pdcp_iv_len; if (sess->zsk_flag == ROC_SE_K_F9) { uint32_t length_in_bits, num_bytes; uint8_t *src, direction = 0; -- 2.34.1
