[ceph.git] / ceph / src / seastar / dpdk / drivers / crypto / aesni_mb / rte_aesni_mb_pmd_private.h

/* SPDX-License-Identifier: BSD-3-Clause
 * Copyright(c) 2015-2016 Intel Corporation
 */

#ifndef _RTE_AESNI_MB_PMD_PRIVATE_H_
#define _RTE_AESNI_MB_PMD_PRIVATE_H_

#include <intel-ipsec-mb.h>

enum aesni_mb_vector_mode {
	RTE_AESNI_MB_NOT_SUPPORTED = 0,
	RTE_AESNI_MB_SSE,
	RTE_AESNI_MB_AVX,
	RTE_AESNI_MB_AVX2,
	RTE_AESNI_MB_AVX512
};

#define CRYPTODEV_NAME_AESNI_MB_PMD	crypto_aesni_mb
/**< AES-NI Multi buffer PMD device name */

/** AESNI_MB PMD LOGTYPE DRIVER */
int aesni_mb_logtype_driver;

#define AESNI_MB_LOG(level, fmt, ...)  \
	rte_log(RTE_LOG_ ## level, aesni_mb_logtype_driver,  \
			"%s() line %u: " fmt "\n", __func__, __LINE__,  \
					## __VA_ARGS__)


#define HMAC_IPAD_VALUE			(0x36)
#define HMAC_OPAD_VALUE			(0x5C)

/* Maximum length for digest */
#define DIGEST_LENGTH_MAX 64
static const unsigned auth_blocksize[] = {
		[MD5]		= 64,
		[SHA1]		= 64,
		[SHA_224]	= 64,
		[SHA_256]	= 64,
		[SHA_384]	= 128,
		[SHA_512]	= 128,
		[AES_XCBC]	= 16,
		[AES_CCM]	= 16,
};

/**
 * Get the blocksize in bytes for a specified authentication algorithm
 *
 * @Note: this function will not return a valid value for a non-valid
 * authentication algorithm
 */
static inline unsigned
get_auth_algo_blocksize(JOB_HASH_ALG algo)
{
	return auth_blocksize[algo];
}

static const unsigned auth_truncated_digest_byte_lengths[] = {
		[MD5]		= 12,
		[SHA1]		= 12,
		[SHA_224]	= 14,
		[SHA_256]	= 16,
		[SHA_384]	= 24,
		[SHA_512]	= 32,
		[AES_XCBC]	= 12,
		[AES_CMAC]	= 12,
		[AES_CCM]	= 8,
		[NULL_HASH]	= 0
};

/**
 * Get the IPsec specified truncated length in bytes of the HMAC digest for a
 * specified authentication algorithm
 *
 * @Note: this function will not return a valid value for a non-valid
 * authentication algorithm
 */
static inline unsigned
get_truncated_digest_byte_length(JOB_HASH_ALG algo)
{
	return auth_truncated_digest_byte_lengths[algo];
}

static const unsigned auth_digest_byte_lengths[] = {
		[MD5]		= 16,
		[SHA1]		= 20,
		[SHA_224]	= 28,
		[SHA_256]	= 32,
		[SHA_384]	= 48,
		[SHA_512]	= 64,
		[AES_XCBC]	= 16,
		[AES_CMAC]	= 16,
		[AES_GMAC]	= 12,
		[NULL_HASH]	= 0,
		[PLAIN_SHA1]	= 20,
		[PLAIN_SHA_224]	= 28,
		[PLAIN_SHA_256]	= 32,
		[PLAIN_SHA_384]	= 48,
		[PLAIN_SHA_512]	= 64
	/**< Vector mode dependent pointer table of the multi-buffer APIs */

};

/**
 * Get the full digest size in bytes for a specified authentication algorithm
 * (if available in the Multi-buffer library)
 *
 * @Note: this function will not return a valid value for a non-valid
 * authentication algorithm
 */
static inline unsigned
get_digest_byte_length(JOB_HASH_ALG algo)
{
	return auth_digest_byte_lengths[algo];
}

enum aesni_mb_operation {
	AESNI_MB_OP_HASH_CIPHER,
	AESNI_MB_OP_CIPHER_HASH,
	AESNI_MB_OP_HASH_ONLY,
	AESNI_MB_OP_CIPHER_ONLY,
	AESNI_MB_OP_AEAD_HASH_CIPHER,
	AESNI_MB_OP_AEAD_CIPHER_HASH,
	AESNI_MB_OP_NOT_SUPPORTED
};

/** private data structure for each virtual AESNI device */
struct aesni_mb_private {
	enum aesni_mb_vector_mode vector_mode;
	/**< CPU vector instruction set mode */
	unsigned max_nb_queue_pairs;
	/**< Max number of queue pairs supported by device */
	MB_MGR *mb_mgr;
	/**< Multi-buffer instance */
};

/** AESNI Multi buffer queue pair */
struct aesni_mb_qp {
	uint16_t id;
	/**< Queue Pair Identifier */
	char name[RTE_CRYPTODEV_NAME_MAX_LEN];
	/**< Unique Queue Pair Name */
	MB_MGR *mb_mgr;
	/**< Multi-buffer instance */
	struct rte_ring *ingress_queue;
	/**< Ring for placing operations ready for processing */
	struct rte_mempool *sess_mp;
	/**< Session Mempool */
	struct rte_mempool *sess_mp_priv;
	/**< Session Private Data Mempool */
	struct rte_cryptodev_stats stats;
	/**< Queue pair statistics */
	uint8_t digest_idx;
	/**< Index of the next slot to be used in temp_digests,
	 * to store the digest for a given operation
	 */
	uint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];
	/**< Buffers used to store the digest generated
	 * by the driver when verifying a digest provided
	 * by the user (using authentication verify operation)
	 */
} __rte_cache_aligned;

/** AES-NI multi-buffer private session structure */
struct aesni_mb_session {
	JOB_CHAIN_ORDER chain_order;
	struct {
		uint16_t length;
		uint16_t offset;
	} iv;
	/**< IV parameters */

	/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
	/**< Vector mode dependent pointer table of the multi-buffer APIs */

	struct {
		/** Cipher direction - encrypt / decrypt */
		JOB_CIPHER_DIRECTION direction;
		/** Cipher mode - CBC / Counter */
		JOB_CIPHER_MODE mode;

		uint64_t key_length_in_bytes;

		union {
			struct {
				uint32_t encode[60] __rte_aligned(16);
				/**< encode key */
				uint32_t decode[60] __rte_aligned(16);
				/**< decode key */
			} expanded_aes_keys;
			struct {
				const void *ks_ptr[3];
				uint64_t key[3][16];
			} exp_3des_keys;

			struct gcm_key_data gcm_key;
		};
		/**< Expanded AES keys - Allocating space to
		 * contain the maximum expanded key size which
		 * is 240 bytes for 256 bit AES, calculate by:
		 * ((key size (bytes)) *
		 * ((number of rounds) + 1))
		 */
	} cipher;

	/** Authentication Parameters */
	struct {
		JOB_HASH_ALG algo; /**< Authentication Algorithm */
		enum rte_crypto_auth_operation operation;
		/**< auth operation generate or verify */
		union {
			struct {
				uint8_t inner[128] __rte_aligned(16);
				/**< inner pad */
				uint8_t outer[128] __rte_aligned(16);
				/**< outer pad */
			} pads;
			/**< HMAC Authentication pads -
			 * allocating space for the maximum pad
			 * size supported which is 128 bytes for
			 * SHA512
			 */

			struct {
			    uint32_t k1_expanded[44] __rte_aligned(16);
			    /**< k1 (expanded key). */
			    uint8_t k2[16] __rte_aligned(16);
			    /**< k2. */
			    uint8_t k3[16] __rte_aligned(16);
			    /**< k3. */
			} xcbc;

			struct {
				uint32_t expkey[60] __rte_aligned(16);
						    /**< k1 (expanded key). */
				uint32_t skey1[4] __rte_aligned(16);
						    /**< k2. */
				uint32_t skey2[4] __rte_aligned(16);
						    /**< k3. */
			} cmac;
			/**< Expanded XCBC authentication keys */
		};
	/** Generated digest size by the Multi-buffer library */
	uint16_t gen_digest_len;
	/** Requested digest size from Cryptodev */
	uint16_t req_digest_len;

	} auth;
	struct {
		/** AAD data length */
		uint16_t aad_len;
	} aead;
} __rte_cache_aligned;

extern int
aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
		struct aesni_mb_session *sess,
		const struct rte_crypto_sym_xform *xform);

/** device specific operations function pointer structure */
extern struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops;


#endif /* _RTE_AESNI_MB_PMD_PRIVATE_H_ */
Commit	Line	Data
9f95a23c TL	1	/* SPDX-License-Identifier: BSD-3-Clause
9f95a23c TL	2	* Copyright(c) 2015-2016 Intel Corporation
7c673cae FG	3	*/
	4
	5	#ifndef _RTE_AESNI_MB_PMD_PRIVATE_H_
	6	#define _RTE_AESNI_MB_PMD_PRIVATE_H_
	7
9f95a23c	8	#include <intel-ipsec-mb.h>
7c673cae	9
9f95a23c TL	10	enum aesni_mb_vector_mode {
	11	RTE_AESNI_MB_NOT_SUPPORTED = 0,
	12	RTE_AESNI_MB_SSE,
	13	RTE_AESNI_MB_AVX,
	14	RTE_AESNI_MB_AVX2,
	15	RTE_AESNI_MB_AVX512
	16	};
	17
	18	#define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb
	19	/*< AES-NI Multi buffer PMD device name /
7c673cae	20
9f95a23c TL	21	/** AESNI_MB PMD LOGTYPE DRIVER */
	22	int aesni_mb_logtype_driver;
	23
	24	#define AESNI_MB_LOG(level, fmt, ...) \
	25	rte_log(RTE_LOG_ ## level, aesni_mb_logtype_driver, \
	26	"%s() line %u: " fmt "\n", __func__, __LINE__, \
	27	## __VA_ARGS__)
7c673cae	28
7c673cae FG	29
	30	#define HMAC_IPAD_VALUE (0x36)
	31	#define HMAC_OPAD_VALUE (0x5C)
	32
9f95a23c TL	33	/* Maximum length for digest */
9f95a23c TL	34	#define DIGEST_LENGTH_MAX 64
7c673cae FG	35	static const unsigned auth_blocksize[] = {
	36	[MD5] = 64,
	37	[SHA1] = 64,
	38	[SHA_224] = 64,
	39	[SHA_256] = 64,
	40	[SHA_384] = 128,
	41	[SHA_512] = 128,
	42	[AES_XCBC] = 16,
9f95a23c	43	[AES_CCM] = 16,
7c673cae FG	44	};
	45
	46	/**
	47	* Get the blocksize in bytes for a specified authentication algorithm
	48	*
	49	* @Note: this function will not return a valid value for a non-valid
	50	* authentication algorithm
	51	*/
	52	static inline unsigned
	53	get_auth_algo_blocksize(JOB_HASH_ALG algo)
	54	{
	55	return auth_blocksize[algo];
	56	}
	57
	58	static const unsigned auth_truncated_digest_byte_lengths[] = {
	59	[MD5] = 12,
	60	[SHA1] = 12,
	61	[SHA_224] = 14,
	62	[SHA_256] = 16,
	63	[SHA_384] = 24,
	64	[SHA_512] = 32,
	65	[AES_XCBC] = 12,
9f95a23c TL	66	[AES_CMAC] = 12,
	67	[AES_CCM] = 8,
	68	[NULL_HASH] = 0
7c673cae FG	69	};
	70
	71	/**
	72	* Get the IPsec specified truncated length in bytes of the HMAC digest for a
	73	* specified authentication algorithm
	74	*
	75	* @Note: this function will not return a valid value for a non-valid
	76	* authentication algorithm
	77	*/
	78	static inline unsigned
	79	get_truncated_digest_byte_length(JOB_HASH_ALG algo)
	80	{
	81	return auth_truncated_digest_byte_lengths[algo];
	82	}
	83
	84	static const unsigned auth_digest_byte_lengths[] = {
	85	[MD5] = 16,
	86	[SHA1] = 20,
	87	[SHA_224] = 28,
	88	[SHA_256] = 32,
	89	[SHA_384] = 48,
	90	[SHA_512] = 64,
	91	[AES_XCBC] = 16,
9f95a23c TL	92	[AES_CMAC] = 16,
	93	[AES_GMAC] = 12,
	94	[NULL_HASH] = 0,
	95	[PLAIN_SHA1] = 20,
	96	[PLAIN_SHA_224] = 28,
	97	[PLAIN_SHA_256] = 32,
	98	[PLAIN_SHA_384] = 48,
	99	[PLAIN_SHA_512] = 64
	100	/*< Vector mode dependent pointer table of the multi-buffer APIs /
	101
7c673cae FG	102	};
	103
	104	/**
9f95a23c TL	105	* Get the full digest size in bytes for a specified authentication algorithm
9f95a23c TL	106	* (if available in the Multi-buffer library)
7c673cae FG	107	*
	108	* @Note: this function will not return a valid value for a non-valid
	109	* authentication algorithm
	110	*/
	111	static inline unsigned
	112	get_digest_byte_length(JOB_HASH_ALG algo)
	113	{
	114	return auth_digest_byte_lengths[algo];
	115	}
	116
11fdf7f2 TL	117	enum aesni_mb_operation {
	118	AESNI_MB_OP_HASH_CIPHER,
	119	AESNI_MB_OP_CIPHER_HASH,
	120	AESNI_MB_OP_HASH_ONLY,
	121	AESNI_MB_OP_CIPHER_ONLY,
9f95a23c TL	122	AESNI_MB_OP_AEAD_HASH_CIPHER,
9f95a23c TL	123	AESNI_MB_OP_AEAD_CIPHER_HASH,
11fdf7f2 TL	124	AESNI_MB_OP_NOT_SUPPORTED
11fdf7f2 TL	125	};
7c673cae FG	126
	127	/** private data structure for each virtual AESNI device */
	128	struct aesni_mb_private {
	129	enum aesni_mb_vector_mode vector_mode;
	130	/*< CPU vector instruction set mode /
	131	unsigned max_nb_queue_pairs;
	132	/*< Max number of queue pairs supported by device /
9f95a23c TL	133	MB_MGR *mb_mgr;
9f95a23c TL	134	/*< Multi-buffer instance /
7c673cae FG	135	};
	136
	137	/** AESNI Multi buffer queue pair */
	138	struct aesni_mb_qp {
	139	uint16_t id;
	140	/*< Queue Pair Identifier /
9f95a23c	141	char name[RTE_CRYPTODEV_NAME_MAX_LEN];
7c673cae	142	/*< Unique Queue Pair Name /
9f95a23c	143	MB_MGR *mb_mgr;
7c673cae	144	/*< Multi-buffer instance /
11fdf7f2	145	struct rte_ring *ingress_queue;
9f95a23c	146	/*< Ring for placing operations ready for processing /
7c673cae FG	147	struct rte_mempool *sess_mp;
7c673cae FG	148	/*< Session Mempool /
9f95a23c TL	149	struct rte_mempool *sess_mp_priv;
9f95a23c TL	150	/*< Session Private Data Mempool /
7c673cae FG	151	struct rte_cryptodev_stats stats;
7c673cae FG	152	/*< Queue pair statistics /
9f95a23c TL	153	uint8_t digest_idx;
	154	/**< Index of the next slot to be used in temp_digests,
	155	* to store the digest for a given operation
	156	*/
	157	uint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];
	158	/**< Buffers used to store the digest generated
	159	* by the driver when verifying a digest provided
	160	* by the user (using authentication verify operation)
	161	*/
7c673cae FG	162	} __rte_cache_aligned;
7c673cae FG	163
7c673cae FG	164	/** AES-NI multi-buffer private session structure */
	165	struct aesni_mb_session {
	166	JOB_CHAIN_ORDER chain_order;
9f95a23c TL	167	struct {
	168	uint16_t length;
	169	uint16_t offset;
	170	} iv;
	171	/*< IV parameters /
	172
	173	/** Cipher Parameters /const struct aesni_mb_op_fns op_fns;
	174	/*< Vector mode dependent pointer table of the multi-buffer APIs /
7c673cae	175
7c673cae FG	176	struct {
	177	/** Cipher direction - encrypt / decrypt */
	178	JOB_CIPHER_DIRECTION direction;
	179	/** Cipher mode - CBC / Counter */
	180	JOB_CIPHER_MODE mode;
	181
	182	uint64_t key_length_in_bytes;
	183
9f95a23c TL	184	union {
	185	struct {
	186	uint32_t encode[60] __rte_aligned(16);
	187	/*< encode key /
	188	uint32_t decode[60] __rte_aligned(16);
	189	/*< decode key /
	190	} expanded_aes_keys;
	191	struct {
	192	const void *ks_ptr[3];
	193	uint64_t key[3][16];
	194	} exp_3des_keys;
	195
	196	struct gcm_key_data gcm_key;
	197	};
7c673cae FG	198	/**< Expanded AES keys - Allocating space to
	199	* contain the maximum expanded key size which
	200	* is 240 bytes for 256 bit AES, calculate by:
	201	* ((key size (bytes)) *
	202	* ((number of rounds) + 1))
	203	*/
	204	} cipher;
	205
	206	/** Authentication Parameters */
	207	struct {
	208	JOB_HASH_ALG algo; /*< Authentication Algorithm /
11fdf7f2 TL	209	enum rte_crypto_auth_operation operation;
11fdf7f2 TL	210	/*< auth operation generate or verify /
7c673cae FG	211	union {
	212	struct {
	213	uint8_t inner[128] __rte_aligned(16);
	214	/*< inner pad /
	215	uint8_t outer[128] __rte_aligned(16);
	216	/*< outer pad /
	217	} pads;
	218	/**< HMAC Authentication pads -
	219	* allocating space for the maximum pad
	220	* size supported which is 128 bytes for
	221	* SHA512
	222	*/
	223
	224	struct {
	225	uint32_t k1_expanded[44] __rte_aligned(16);
	226	/*< k1 (expanded key). /
	227	uint8_t k2[16] __rte_aligned(16);
	228	/*< k2. /
	229	uint8_t k3[16] __rte_aligned(16);
	230	/*< k3. /
	231	} xcbc;
9f95a23c TL	232
	233	struct {
	234	uint32_t expkey[60] __rte_aligned(16);
	235	/*< k1 (expanded key). /
	236	uint32_t skey1[4] __rte_aligned(16);
	237	/*< k2. /
	238	uint32_t skey2[4] __rte_aligned(16);
	239	/*< k3. /
	240	} cmac;
7c673cae FG	241	/*< Expanded XCBC authentication keys /
7c673cae FG	242	};
9f95a23c TL	243	/** Generated digest size by the Multi-buffer library */
	244	uint16_t gen_digest_len;
	245	/** Requested digest size from Cryptodev */
	246	uint16_t req_digest_len;
	247
7c673cae	248	} auth;
9f95a23c TL	249	struct {
	250	/** AAD data length */
	251	uint16_t aad_len;
	252	} aead;
7c673cae FG	253	} __rte_cache_aligned;
7c673cae FG	254
7c673cae	255	extern int
9f95a23c	256	aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
7c673cae FG	257	struct aesni_mb_session *sess,
	258	const struct rte_crypto_sym_xform *xform);
	259
7c673cae FG	260	/** device specific operations function pointer structure */
	261	extern struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops;
	262
	263
	264
	265	#endif /* _RTE_AESNI_MB_PMD_PRIVATE_H_ */