From patchwork Tue Dec 20 14:32:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tejasree Kondoj <ktejasree@marvell.com>
X-Patchwork-Id: 121089
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id EFBBFA0545;
	Tue, 20 Dec 2022 15:34:26 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id B61CB42D54;
	Tue, 20 Dec 2022 15:33:23 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 2A17142D22
 for <dev@dpdk.org>; Tue, 20 Dec 2022 15:33:22 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 2BKEJKMX010037 for <dev@dpdk.org>; Tue, 20 Dec 2022 06:33:21 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=vkID/JDKKwAv1W8a8jA7fnVPN0UVCgQ6hByeROoLmKs=;
 b=XbFL6TasWco87spS3axydpgTcydQgt4kKu1HxnjgGjQMLps1haqQ0GUXbbKRLubMy6hT
 9Chcp2d+wH4NxMTmEYNbUsGj5Jat0T5c60P9JPlvjrvJLT5d7Ul9v2x4ILPjb1cLXIf5
 xob3lE8JOyosWW6tdbA1cUc4/FiCvSzblDtZ9NzYiFxeS53oCIk6SWmdxHtnyDsQ1sRM
 VL/gKdbW6f1HBNyuipdc7AiyCLhKJgxNpV0zQ1j+xaBH4v6Q67ic6mUZDkSzEIUm38C8
 Fr1pSG/b2oE94jdp6hRwnoaR5GNUFbJLzX+u6ayfB2FveY0LxiWh+xoE9rtkiuyHZA+O ow==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3mhe5rnb5v-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Tue, 20 Dec 2022 06:33:21 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.42;
 Tue, 20 Dec 2022 06:33:19 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.42 via Frontend
 Transport; Tue, 20 Dec 2022 06:33:19 -0800
Received: from hyd1554.marvell.com (unknown [10.29.57.11])
 by maili.marvell.com (Postfix) with ESMTP id 2D1743F709D;
 Tue, 20 Dec 2022 06:33:14 -0800 (PST)
From: Tejasree Kondoj <ktejasree@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Vidya Sagar Velumuri
 <vvelumuri@marvell.com>, Gowrishankar Muthukrishnan
 <gmuthukrishn@marvell.com>, Volodymyr Fialko <vfialko@marvell.com>, "Aakash
 Sasidharan" <asasidharan@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 15/17] crypto/cnxk: set salt in dptr as part of IV
Date: Tue, 20 Dec 2022 20:02:30 +0530
Message-ID: <20221220143232.2519650-16-ktejasree@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20221220143232.2519650-1-ktejasree@marvell.com>
References: <20221220143232.2519650-1-ktejasree@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: Un-tI7xt3lL0kuDPqARrQJgpNgk0ymGS
X-Proofpoint-ORIG-GUID: Un-tI7xt3lL0kuDPqARrQJgpNgk0ymGS
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1
 definitions=2022-12-20_05,2022-12-20_01,2022-06-22_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Set salt as part of 16B IV in dptr to avoid race
condition.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/common/cnxk/roc_se.c  |  7 +++-
 drivers/crypto/cnxk/cnxk_se.h | 76 +++++++++++++++++++----------------
 2 files changed, 47 insertions(+), 36 deletions(-)

diff --git a/drivers/common/cnxk/roc_se.c b/drivers/common/cnxk/roc_se.c
index 8c19c5fccc..f335c2367f 100644
--- a/drivers/common/cnxk/roc_se.c
+++ b/drivers/common/cnxk/roc_se.c
@@ -462,8 +462,10 @@ roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
 		return -1;
 
 	/* For GMAC auth, cipher must be NULL */
-	if (type == ROC_SE_GMAC_TYPE)
+	if (type == ROC_SE_GMAC_TYPE) {
 		fctx->enc.enc_cipher = 0;
+		se_ctx->template_w4.s.opcode_minor = BIT(5);
+	}
 
 	fctx->enc.hash_type = type;
 	se_ctx->hash_type = type;
@@ -530,6 +532,9 @@ roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type,
 			return 0;
 	}
 
+	if (type == ROC_SE_AES_GCM)
+		se_ctx->template_w4.s.opcode_minor = BIT(5);
+
 	ret = cpt_ciph_type_set(type, se_ctx, key_len);
 	if (unlikely(ret))
 		return -1;
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 774efd5879..1827b0d7b3 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -43,7 +43,8 @@ struct cnxk_se_sess {
 	uint16_t dp_thr_type : 8;
 	uint16_t aad_length;
 	uint8_t is_sha3 : 1;
-	uint8_t rsvd : 7;
+	uint8_t short_iv : 1;
+	uint8_t rsvd : 6;
 	uint8_t mac_len;
 	uint8_t iv_length;
 	uint8_t auth_iv_length;
@@ -201,13 +202,6 @@ cpt_mac_len_verify(struct rte_crypto_auth_xform *auth)
 	return ret;
 }
 
-static __rte_always_inline void
-cpt_fc_salt_update(struct roc_se_ctx *se_ctx, uint8_t *salt)
-{
-	struct roc_se_context *fctx = &se_ctx->se_ctx.fctx;
-	memcpy(fctx->enc.encr_iv, salt, 4);
-}
-
 static __rte_always_inline int
 sg_inst_prep(struct roc_se_fc_params *params, struct cpt_inst_s *inst, uint64_t offset_ctrl,
 	     uint8_t *iv_s, int iv_len, uint8_t pack_iv, uint8_t pdcp_alg_type, int32_t inputlen,
@@ -1703,8 +1697,17 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 	sess->iv_length = aead_form->iv.length;
 	sess->aad_length = aead_form->aad_length;
 
-	if (unlikely(roc_se_ciph_key_set(&sess->roc_se_ctx, enc_type,
-					 aead_form->key.data,
+	switch (sess->iv_length) {
+	case 12:
+		sess->short_iv = 1;
+	case 16:
+		break;
+	default:
+		plt_dp_err("Crypto: Unsupported IV length %u", sess->iv_length);
+		return -1;
+	}
+
+	if (unlikely(roc_se_ciph_key_set(&sess->roc_se_ctx, enc_type, aead_form->key.data,
 					 aead_form->key.length, NULL)))
 		return -1;
 
@@ -1712,6 +1715,8 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 					 aead_form->digest_length)))
 		return -1;
 
+	if (enc_type == ROC_SE_CHACHA20)
+		sess->roc_se_ctx.template_w4.s.opcode_minor |= BIT(5);
 	return 0;
 }
 
@@ -1849,9 +1854,19 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 	sess->iv_length = c_form->iv.length;
 	sess->is_null = is_null;
 
-	if (unlikely(roc_se_ciph_key_set(&sess->roc_se_ctx, enc_type,
-					 c_form->key.data, c_form->key.length,
-					 NULL)))
+	if (aes_ctr)
+		switch (sess->iv_length) {
+		case 12:
+			sess->short_iv = 1;
+		case 16:
+			break;
+		default:
+			plt_dp_err("Crypto: Unsupported IV length %u", sess->iv_length);
+			return -1;
+		}
+
+	if (unlikely(roc_se_ciph_key_set(&sess->roc_se_ctx, enc_type, c_form->key.data,
+					 c_form->key.length, NULL)))
 		return -1;
 
 	if ((enc_type >= ROC_SE_ZUC_EEA3) && (enc_type <= ROC_SE_AES_CTR_EEA2))
@@ -2046,9 +2061,18 @@ fill_sess_gmac(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 	sess->iv_length = a_form->iv.length;
 	sess->mac_len = a_form->digest_length;
 
-	if (unlikely(roc_se_ciph_key_set(&sess->roc_se_ctx, enc_type,
-					 a_form->key.data, a_form->key.length,
-					 NULL)))
+	switch (sess->iv_length) {
+	case 12:
+		sess->short_iv = 1;
+	case 16:
+		break;
+	default:
+		plt_dp_err("Crypto: Unsupported IV length %u", sess->iv_length);
+		return -1;
+	}
+
+	if (unlikely(roc_se_ciph_key_set(&sess->roc_se_ctx, enc_type, a_form->key.data,
+					 a_form->key.length, NULL)))
 		return -1;
 
 	if (unlikely(roc_se_auth_key_set(&sess->roc_se_ctx, auth_type, NULL, 0,
@@ -2192,7 +2216,7 @@ fill_fc_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 	if (likely(is_kasumi || sess->iv_length)) {
 		flags |= ROC_SE_VALID_IV_BUF;
 		fc_params.iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess->iv_offset);
-		if (!is_aead && sess->aes_ctr && unlikely(sess->iv_length != 16)) {
+		if (sess->short_iv) {
 			memcpy((uint8_t *)iv_buf,
 			       rte_crypto_op_ctod_offset(cop, uint8_t *, sess->iv_offset), 12);
 			iv_buf[3] = rte_cpu_to_be_32(0x1);
@@ -2209,7 +2233,6 @@ fill_fc_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 
 	if (is_aead) {
 		struct rte_mbuf *m;
-		uint8_t *salt;
 		uint8_t *aad_data;
 		uint16_t aad_len;
 
@@ -2234,13 +2257,6 @@ fill_fc_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 			d_lens = d_lens << 32;
 		}
 
-		salt = fc_params.iv_buf;
-		if (unlikely(*(uint32_t *)salt != sess->salt)) {
-			cpt_fc_salt_update(&sess->roc_se_ctx, salt);
-			sess->salt = *(uint32_t *)salt;
-		}
-
-		fc_params.iv_buf = PLT_PTR_ADD(salt, 4);
 		m = cpt_m_dst_get(cpt_op, m_src, m_dst);
 
 		/* Digest immediately following data is best case */
@@ -2266,16 +2282,6 @@ fill_fc_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 		d_lens = ci_data_length;
 		d_lens = (d_lens << 32) | a_data_length;
 
-		/* for gmac, salt should be updated like in gcm */
-		if (unlikely(sess->is_gmac)) {
-			uint8_t *salt;
-			salt = fc_params.iv_buf;
-			if (unlikely(*(uint32_t *)salt != sess->salt)) {
-				cpt_fc_salt_update(&sess->roc_se_ctx, salt);
-				sess->salt = *(uint32_t *)salt;
-			}
-			fc_params.iv_buf = salt + 4;
-		}
 		if (likely(sess->mac_len)) {
 			struct rte_mbuf *m = cpt_m_dst_get(cpt_op, m_src, m_dst);