1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright 2017-2018 NXP
8 #include <desc/ipsec.h>
9 #include <dpaax_iova_table.h>
11 /* NXP CAAM JR PMD device name */
13 #define CAAM_JR_ALG_UNSUPPORT (-1)
15 /* Minimum job descriptor consists of a oneword job descriptor HEADER and
16 * a pointer to the shared descriptor.
18 #define MIN_JOB_DESC_SIZE (CAAM_CMD_SZ + CAAM_PTR_SZ)
19 #define CAAM_JOB_DESC_SIZE 13
21 /* CTX_POOL_NUM_BUFS is set as per the ipsec-secgw application */
22 #define CTX_POOL_NUM_BUFS 32000
23 #define CTX_POOL_CACHE_SIZE 512
28 #define JR_MAX_NB_MAX_DIGEST 32
30 #define RTE_CAAM_JR_PMD_MAX_NB_SESSIONS 2048
33 /* Return codes for SEC user space driver APIs */
34 enum sec_return_code_e
{
35 SEC_SUCCESS
= 0, /* Operation executed successfully.*/
36 SEC_INVALID_INPUT_PARAM
, /* API received an invalid input
39 SEC_OUT_OF_MEMORY
, /* Memory allocation failed. */
40 SEC_DESCRIPTOR_IN_FLIGHT
, /* API function indicates there are
41 * descriptors in flight
44 SEC_LAST_DESCRIPTOR_IN_FLIGHT
, /* API function indicates there is one
45 * last descriptor in flight
46 * for SEC to process that.
48 SEC_PROCESSING_ERROR
, /* Indicates a SEC processing error
49 * occurred on a Job Ring which requires
50 * a SEC user space driver shutdown. Can
51 * be returned from sec_poll_job_ring().
52 * Then the only other API that can be
53 * called after this error is
56 SEC_DESC_PROCESSING_ERROR
, /* Indicates a SEC descriptor processing
57 * error occurred on a Job Ring. Can be
58 * returned from sec_poll_job_ring().
59 * The driver was able to reset job ring
60 * and job ring can be used like in a
63 SEC_JR_IS_FULL
, /* Job Ring is full. There is no more
64 * room in the JR for new descriptors.
65 * This can happen if the descriptor RX
66 * rate is higher than SEC's capacity.
68 SEC_DRIVER_RELEASE_IN_PROGRESS
, /* SEC driver shutdown is in progress,
69 * descriptors processing or polling is
72 SEC_DRIVER_ALREADY_INITIALIZED
, /* SEC driver is already initialized.*/
73 SEC_DRIVER_NOT_INITIALIZED
, /* SEC driver is NOT initialized. */
74 SEC_JOB_RING_RESET_IN_PROGRESS
, /* Job ring is resetting due to a
75 * per-descriptor SEC processing error
76 * ::SEC_desc_PROCESSING_ERROR. Reset is
77 * finished when sec_poll_job_ring()
78 * return. Then the job ring can be used
81 SEC_RESET_ENGINE_FAILED
, /* Resetting of SEC Engine by SEC Kernel
84 SEC_ENABLE_IRQS_FAILED
, /* Enabling of IRQs in SEC Kernel Driver
87 SEC_DISABLE_IRQS_FAILED
, /* Disabling of IRQs in SEC Kernel
90 /* END OF VALID VALUES */
92 SEC_RETURN_CODE_MAX_VALUE
, /* Invalid value for return code. It is
93 * used to mark the end of the return
94 * code values. @note ALL new return
95 * code values MUST be added before
96 * ::SEC_RETURN_CODE_MAX_VALUE!
100 enum caam_jr_op_type
{
101 CAAM_JR_NONE
, /* No Cipher operations*/
102 CAAM_JR_CIPHER
,/* CIPHER operations */
103 CAAM_JR_AUTH
, /* Authentication Operations */
104 CAAM_JR_AEAD
, /* Authenticated Encryption with associated data */
105 CAAM_JR_IPSEC
, /* IPSEC protocol operations*/
106 CAAM_JR_PDCP
, /* PDCP protocol operations*/
107 CAAM_JR_PKC
, /* Public Key Cryptographic Operations */
111 struct caam_jr_session
{
112 uint8_t dir
; /* Operation Direction */
113 enum rte_crypto_cipher_algorithm cipher_alg
; /* Cipher Algorithm*/
114 enum rte_crypto_auth_algorithm auth_alg
; /* Authentication Algorithm*/
115 enum rte_crypto_aead_algorithm aead_alg
; /* AEAD Algorithm*/
116 enum rte_security_session_protocol proto_alg
; /* Security Algorithm*/
119 uint8_t *data
; /* pointer to key data */
120 size_t length
; /* key length in bytes */
124 uint8_t *data
; /* pointer to key data */
125 size_t length
; /* key length in bytes */
128 uint8_t *data
; /* pointer to key data */
129 size_t length
; /* key length in bytes */
136 } iv
; /* Initialisation vector parameters */
137 uint16_t auth_only_len
; /* Length of data for Auth only */
138 uint32_t digest_length
;
139 struct ipsec_encap_pdb encap_pdb
;
141 struct ipsec_decap_pdb decap_pdb
;
142 struct caam_jr_qp
*qp
;
143 struct sec_cdb
*cdb
; /* cmd block associated with qp */
144 struct rte_mempool
*ctx_pool
; /* session mempool for caam_jr_op_ctx */
148 * 16-byte hardware scatter/gather table
151 #define SEC4_SG_LEN_EXT 0x80000000 /* Entry points to table */
152 #define SEC4_SG_LEN_FIN 0x40000000 /* Last ent in table */
153 #define SEC4_SG_BPID_MASK 0x000000ff
154 #define SEC4_SG_BPID_SHIFT 16
155 #define SEC4_SG_LEN_MASK 0x3fffffff /* Excludes EXT and FINAL */
156 #define SEC4_SG_OFFSET_MASK 0x00001fff
158 struct sec4_sg_entry
{
161 uint32_t bpid_offset
;
164 #define MAX_SG_ENTRIES 16
165 #define SG_CACHELINE_0 0
166 #define SG_CACHELINE_1 4
167 #define SG_CACHELINE_2 8
168 #define SG_CACHELINE_3 12
170 /* Structure encompassing a job descriptor which is to be processed
171 * by SEC. User should also initialise this structure with the callback
172 * function pointer which will be called by driver after recieving proccessed
173 * descriptor from SEC. User data is also passed in this data structure which
174 * will be sent as an argument to the user callback function.
176 struct job_descriptor
{
177 uint32_t desc
[CAAM_JOB_DESC_SIZE
];
180 struct caam_jr_op_ctx
{
181 struct job_descriptor jobdes
;
182 /* sg[0] output, sg[1] input, others are possible sub frames */
183 struct sec4_sg_entry sg
[MAX_SG_ENTRIES
];
184 struct rte_crypto_op
*op
;
185 struct rte_mempool
*ctx_pool
; /* mempool pointer for caam_jr_op_ctx */
187 uint8_t digest
[JR_MAX_NB_MAX_DIGEST
];
193 * @param buffer calculate chksum for buffer
194 * @param len buffer length
196 * @return checksum value in host cpu order
198 static inline uint16_t
199 calc_chksum(void *buffer
, int len
)
201 uint16_t *buf
= (uint16_t *)buffer
;
205 for (sum
= 0; len
> 1; len
-= 2)
209 sum
+= *(unsigned char *)buf
;
211 sum
= (sum
>> 16) + (sum
& 0xFFFF);
217 struct uio_job_ring
{
220 void *register_base_addr
;
222 int uio_minor_number
;
225 int sec_cleanup(void);
226 int sec_configure(void);
227 void sec_uio_job_rings_init(void);
228 struct uio_job_ring
*config_job_ring(void);
229 void free_job_ring(int uio_fd
);
231 /* For Dma memory allocation of specified length and alignment */
233 caam_jr_dma_mem_alloc(size_t align
, size_t len
)
235 return rte_malloc("mem_alloc", len
, align
);
238 /* For freeing dma memory */
240 caam_jr_dma_free(void *ptr
)
245 static inline rte_iova_t
246 caam_jr_mem_vtop(void *vaddr
)
248 const struct rte_memseg
*ms
;
250 ms
= rte_mem_virt2memseg(vaddr
, NULL
);
252 return ms
->iova
+ RTE_PTR_DIFF(vaddr
, ms
->addr
);
257 caam_jr_dma_ptov(rte_iova_t paddr
)
260 va
= dpaax_iova_table_get_va(paddr
);
261 if (likely(va
!= NULL
))
264 return rte_mem_iova2virt(paddr
);
267 /* Virtual to physical address conversion */
268 static inline rte_iova_t
caam_jr_dma_vtop(void *ptr
)
270 return caam_jr_mem_vtop(ptr
);
273 /** @brief Request to SEC kernel driver to enable interrupts for
274 * descriptor finished processing
275 * Use UIO to communicate with SEC kernel driver: write command
276 * value that indicates an IRQ enable action into UIO file descriptor
279 * @param [in] uio_fd Job Ring UIO File descriptor
280 * @retval 0 for success
281 * @retval -1 value for error
283 int caam_jr_enable_irqs(int uio_fd
);
285 /** @brief Request to SEC kernel driver to disable interrupts for descriptor
286 * finished processing
287 * Use UIO to communicate with SEC kernel driver: write command
288 * value that indicates an IRQ disable action into UIO file descriptor
291 * @param [in] uio_fd UIO File descripto
292 * @retval 0 for success
293 * @retval -1 value for error
296 int caam_jr_disable_irqs(int uio_fd
);