From patchwork Tue Dec  7 06:50:34 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104959
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9636FA034F;
	Tue,  7 Dec 2021 07:51:16 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 2EFAC40140;
	Tue,  7 Dec 2021 07:51:16 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 0C4DA40040
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:13 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a07E014960
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:13 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=6FZxWCUzgMmhUJb8YOGRH/TkH+Q1tuMI1WmoB3lB3pw=;
 b=hNnqZPGqkjxUzh6Uo0A1p/OFfMYVz5osSRLHB/3WyiNLeLUm6KnnOliHl4r5BasLfx8Y
 paEtGe+20TSvF4yaB8XnuU67uIZFahQO27Nv7YP+Xw1u3258IMJvp1y71+zgli6BbrRs
 c4DVjrhXbU5XrcyynJb13wXfpf2lhRqdGxPgtPJ4+9+lQAIXwbccZGMWEHUhWOuLeoDl
 gRqBs26Yv74i5aDKGsG2xnIpx8tt2Xj2uXZ3Rf3JCk+kQAaejY2sCsy6n0oUQnb3JNp5
 twd/u9gFbstYBdHXnXXlDB6kngo+mRC2aLGlboNhOwJBejzyt1Pm3+3fP5l9XcCrvfAH CA==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7c7-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:13 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:10 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:10 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 299FE3F7071;
 Mon,  6 Dec 2021 22:51:06 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>,
 Aakash Sasidharan <asasidharan@marvell.com>
Subject: [PATCH 01/25] common/cnxk: define minor opcodes for MISC opcode
Date: Tue, 7 Dec 2021 12:20:34 +0530
Message-ID: <1638859858-734-2-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: qM517bsjkO2j38w_8AXWQbqH5ukxU71a
X-Proofpoint-GUID: qM517bsjkO2j38w_8AXWQbqH5ukxU71a
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

MISC CPT instruction behaves differently based on minor opcode.
Define the missing minor opcodes for MISC major opcode.

Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/cnxk/roc_se.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index 5be832f..253575a 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -15,7 +15,11 @@
 #define ROC_SE_MAJOR_OP_HMAC	   0x35
 #define ROC_SE_MAJOR_OP_ZUC_SNOW3G 0x37
 #define ROC_SE_MAJOR_OP_KASUMI	   0x38
-#define ROC_SE_MAJOR_OP_MISC	   0x01
+
+#define ROC_SE_MAJOR_OP_MISC		 0x01
+#define ROC_SE_MISC_MINOR_OP_PASSTHROUGH 0x03
+#define ROC_SE_MISC_MINOR_OP_DUMMY	 0x04
+#define ROC_SE_MISC_MINOR_OP_HW_SUPPORT	 0x08
 
 #define ROC_SE_MAX_AAD_SIZE 64
 #define ROC_SE_MAX_MAC_LEN  64

From patchwork Tue Dec  7 06:50:35 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104960
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 52094A034F;
	Tue,  7 Dec 2021 07:51:22 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 3490041152;
	Tue,  7 Dec 2021 07:51:18 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 8B03D410E5
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:16 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75aClc015652
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:15 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=ox8dSeIO5arGW9xcfHjDzAkvBhYSSUNcvEC6Hf3Ka34=;
 b=it9lC37a4+kP9BW3iZBuFswSR4oHStrmhy8IioP4fFhDMv05PsgKSrXV5tS8prqc8Ooi
 RR5Vrw0vombmDn5FsDGhafbBix0KgtSUNDQ48JwzX2cxz1z1GsUrfolhA4mWTN5kYipz
 Su01QkZtPFk4XMHgd6lgBTuy7EdVuApcVtsJhr34823db6VnJKr1QhHMobRonVH8Xomr
 gCWpqNMBczFgwpZgvEFlbV4Gn+21zUqoDtOStvHm3QIdonqpNOU1RtEIvyuPkND4wjlZ
 UR6z1ME+xD7EWgEt80wLJd/6ZP/0xQgNWcbQON4R6REW6AioGW1rUm9X6NSmp65D4NFX lA==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7ca-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:15 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:13 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:13 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 661B03F7071;
 Mon,  6 Dec 2021 22:51:11 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 02/25] common/cnxk: add aes-xcbc key derive
Date: Tue, 7 Dec 2021 12:20:35 +0530
Message-ID: <1638859858-734-3-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: -LacihMkMhnvIfGvYTGX_uybd7KGE_k_
X-Proofpoint-GUID: -LacihMkMhnvIfGvYTGX_uybd7KGE_k_
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add support for AES-XCBC key derivation.


Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/cnxk/meson.build |   1 +
 drivers/common/cnxk/roc_aes.c   | 208 ++++++++++++++++++++++++++++++++++++++++
 drivers/common/cnxk/roc_aes.h   |  14 +++
 drivers/common/cnxk/roc_api.h   |   3 +
 drivers/common/cnxk/roc_cpt.h   |  24 ++---
 drivers/common/cnxk/version.map |   1 +
 6 files changed, 239 insertions(+), 12 deletions(-)
 create mode 100644 drivers/common/cnxk/roc_aes.c
 create mode 100644 drivers/common/cnxk/roc_aes.h

diff --git a/drivers/common/cnxk/meson.build b/drivers/common/cnxk/meson.build
index 4928f7e..4995cfd 100644
--- a/drivers/common/cnxk/meson.build
+++ b/drivers/common/cnxk/meson.build
@@ -12,6 +12,7 @@ config_flag_fmt = 'RTE_LIBRTE_@0@_COMMON'
 deps = ['eal', 'pci', 'bus_pci', 'mbuf', 'security']
 sources = files(
         'roc_ae.c',
+        'roc_aes.c',
         'roc_ae_fpm_tables.c',
         'roc_bphy.c',
         'roc_bphy_cgx.c',
diff --git a/drivers/common/cnxk/roc_aes.c b/drivers/common/cnxk/roc_aes.c
new file mode 100644
index 0000000..f821c8b
--- /dev/null
+++ b/drivers/common/cnxk/roc_aes.c
@@ -0,0 +1,208 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (c) 2021 Marvell.
+ */
+
+#include "roc_api.h"
+
+#define KEY_WORD_LEN	 (ROC_CPT_AES_XCBC_KEY_LENGTH / sizeof(uint32_t))
+#define KEY_ROUNDS	 10			/* (Nr+1)*Nb */
+#define KEY_SCHEDULE_LEN ((KEY_ROUNDS + 1) * 4) /* (Nr+1)*Nb words */
+
+/*
+ * AES 128 implementation based on NIST FIPS 197 suitable for LittleEndian
+ * https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
+ */
+
+/* Sbox from NIST FIPS 197 */
+static uint8_t Sbox[] = {
+	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b,
+	0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
+	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, 0xfd, 0x93, 0x26,
+	0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
+	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2,
+	0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
+	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed,
+	0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
+	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f,
+	0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
+	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec,
+	0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
+	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14,
+	0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
+	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d,
+	0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
+	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f,
+	0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
+	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11,
+	0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
+	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f,
+	0xb0, 0x54, 0xbb, 0x16,
+};
+
+/* Substitute a byte with Sbox[byte]. Do it for a word for 4 bytes */
+static uint32_t
+sub_word(uint32_t word)
+{
+	word = (Sbox[(word >> 24) & 0xFF] << 24) |
+	       (Sbox[(word >> 16) & 0xFF] << 16) |
+	       (Sbox[(word >> 8) & 0xFF] << 8) | Sbox[word & 0xFF];
+	return word;
+}
+
+/* Rotate a word by one byte */
+static uint32_t
+rot_word(uint32_t word)
+{
+	return ((word >> 8) & 0xFFFFFF) | (word << 24);
+}
+
+/*
+ * Multiply with power of 2 and polynomial reduce the result using AES
+ * polynomial
+ */
+static uint8_t
+Xtime(uint8_t byte, uint8_t pow)
+{
+	uint32_t w = byte;
+
+	while (pow) {
+		w = w << 1;
+		if (w >> 8)
+			w ^= 0x11b;
+		pow--;
+	}
+
+	return (uint8_t)w;
+}
+
+/*
+ * Multiply a byte with another number such that the result is polynomial
+ * reduced in the GF8 space
+ */
+static uint8_t
+GF8mul(uint8_t byte, uint32_t mp)
+{
+	uint8_t pow, mul = 0;
+
+	while (mp) {
+		pow = ffs(mp) - 1;
+		mul ^= Xtime(byte, pow);
+		mp ^= (1 << pow);
+	}
+	return mul;
+}
+
+static void
+aes_key_expand(const uint8_t *key, uint32_t *ks)
+{
+	unsigned int i = 4;
+	uint32_t temp;
+
+	/* Skip key in ks */
+	memcpy(ks, key, KEY_WORD_LEN * sizeof(uint32_t));
+
+	while (i < KEY_SCHEDULE_LEN) {
+		temp = ks[i - 1];
+		if ((i & 0x3) == 0) {
+			temp = rot_word(temp);
+			temp = sub_word(temp);
+			temp ^= (uint32_t)GF8mul(1, 1 << ((i >> 2) - 1));
+		}
+		ks[i] = ks[i - 4] ^ temp;
+		i++;
+	}
+}
+
+/* Shift Rows(columns in state in this implementation) */
+static void
+shift_word(uint8_t *sRc, uint8_t c, int count)
+{
+	/* rotate across non-consecutive locations */
+	while (count) {
+		uint8_t t = sRc[c];
+
+		sRc[c] = sRc[0x4 + c];
+		sRc[0x4 + c] = sRc[0x8 + c];
+		sRc[0x8 + c] = sRc[0xc + c];
+		sRc[0xc + c] = t;
+		count--;
+	}
+}
+
+/* Mix Columns(rows in state in this implementation) */
+static void
+mix_columns(uint8_t *sRc)
+{
+	uint8_t new_st[4];
+	int i;
+
+	for (i = 0; i < 4; i++)
+		new_st[i] = GF8mul(sRc[i], 0x2) ^
+			    GF8mul(sRc[(i + 1) & 0x3], 0x3) ^
+			    sRc[(i + 2) & 0x3] ^ sRc[(i + 3) & 0x3];
+	for (i = 0; i < 4; i++)
+		sRc[i] = new_st[i];
+}
+
+static void
+cipher(uint8_t *in, uint8_t *out, uint32_t *ks)
+{
+	uint32_t state[KEY_WORD_LEN];
+	unsigned int i, round;
+
+	memcpy(state, in, sizeof(state));
+
+	/* AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4 */
+	for (i = 0; i < KEY_WORD_LEN; i++)
+		state[i] ^= ks[i];
+
+	for (round = 1; round < KEY_ROUNDS; round++) {
+		/* SubBytes(state) // See Sec. 5.1.1 */
+		for (i = 0; i < KEY_WORD_LEN; i++)
+			state[i] = sub_word(state[i]);
+
+		/* ShiftRows(state) // See Sec. 5.1.2 */
+		for (i = 0; i < KEY_WORD_LEN; i++)
+			shift_word((uint8_t *)state, i, i);
+
+		/* MixColumns(state) // See Sec. 5.1.3 */
+		for (i = 0; i < KEY_WORD_LEN; i++)
+			mix_columns((uint8_t *)&state[i]);
+
+		/* AddRoundKey(state, w[round*Nb, (round+1)*Nb-1]) */
+		for (i = 0; i < KEY_WORD_LEN; i++)
+			state[i] ^= ks[round * 4 + i];
+	}
+
+	/* SubBytes(state) */
+	for (i = 0; i < KEY_WORD_LEN; i++)
+		state[i] = sub_word(state[i]);
+
+	/* ShiftRows(state) */
+	for (i = 0; i < KEY_WORD_LEN; i++)
+		shift_word((uint8_t *)state, i, i);
+
+	/* AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) */
+	for (i = 0; i < KEY_WORD_LEN; i++)
+		state[i] ^= ks[KEY_ROUNDS * 4 + i];
+	memcpy(out, state, KEY_WORD_LEN * sizeof(uint32_t));
+}
+
+void
+roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key)
+{
+	uint32_t aes_ks[KEY_SCHEDULE_LEN] = {0};
+	uint8_t k1[16] = {[0 ... 15] = 0x01};
+	uint8_t k2[16] = {[0 ... 15] = 0x02};
+	uint8_t k3[16] = {[0 ... 15] = 0x03};
+
+	aes_key_expand(auth_key, aes_ks);
+
+	cipher(k1, derived_key, aes_ks);
+	derived_key += sizeof(k1);
+
+	cipher(k2, derived_key, aes_ks);
+	derived_key += sizeof(k2);
+
+	cipher(k3, derived_key, aes_ks);
+}
diff --git a/drivers/common/cnxk/roc_aes.h b/drivers/common/cnxk/roc_aes.h
new file mode 100644
index 0000000..9540391
--- /dev/null
+++ b/drivers/common/cnxk/roc_aes.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (c) 2021 Marvell.
+ */
+
+#ifndef _ROC_AES_H_
+#define _ROC_AES_H_
+
+/*
+ * Derive k1, k2, k3 from 128 bit AES key
+ */
+void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key,
+				       uint8_t *derived_key);
+
+#endif /* _ROC_AES_H_ */
diff --git a/drivers/common/cnxk/roc_api.h b/drivers/common/cnxk/roc_api.h
index e7aaa07..cf4d487 100644
--- a/drivers/common/cnxk/roc_api.h
+++ b/drivers/common/cnxk/roc_api.h
@@ -90,6 +90,9 @@
 /* DPI */
 #include "roc_dpi.h"
 
+/* AES */
+#include "roc_aes.h"
+
 /* HASH computation */
 #include "roc_hash.h"
 
diff --git a/drivers/common/cnxk/roc_cpt.h b/drivers/common/cnxk/roc_cpt.h
index 12e6b81..99cb8b2 100644
--- a/drivers/common/cnxk/roc_cpt.h
+++ b/drivers/common/cnxk/roc_cpt.h
@@ -49,18 +49,18 @@
 #define ROC_CPT_AES_CBC_IV_LEN	 16
 #define ROC_CPT_SHA1_HMAC_LEN	 12
 #define ROC_CPT_SHA2_HMAC_LEN	 16
-#define ROC_CPT_AUTH_KEY_LEN_MAX 64
-
-#define ROC_CPT_DES3_KEY_LEN	  24
-#define ROC_CPT_AES128_KEY_LEN	  16
-#define ROC_CPT_AES192_KEY_LEN	  24
-#define ROC_CPT_AES256_KEY_LEN	  32
-#define ROC_CPT_MD5_KEY_LENGTH	  16
-#define ROC_CPT_SHA1_KEY_LENGTH	  20
-#define ROC_CPT_SHA256_KEY_LENGTH 32
-#define ROC_CPT_SHA384_KEY_LENGTH 48
-#define ROC_CPT_SHA512_KEY_LENGTH 64
-#define ROC_CPT_AUTH_KEY_LEN_MAX  64
+
+#define ROC_CPT_DES3_KEY_LEN	    24
+#define ROC_CPT_AES128_KEY_LEN	    16
+#define ROC_CPT_AES192_KEY_LEN	    24
+#define ROC_CPT_AES256_KEY_LEN	    32
+#define ROC_CPT_MD5_KEY_LENGTH	    16
+#define ROC_CPT_SHA1_KEY_LENGTH	    20
+#define ROC_CPT_SHA256_KEY_LENGTH   32
+#define ROC_CPT_SHA384_KEY_LENGTH   48
+#define ROC_CPT_SHA512_KEY_LENGTH   64
+#define ROC_CPT_AES_XCBC_KEY_LENGTH 16
+#define ROC_CPT_AUTH_KEY_LEN_MAX    64
 
 #define ROC_CPT_DES_BLOCK_LENGTH 8
 #define ROC_CPT_AES_BLOCK_LENGTH 16
diff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map
index 07c6720..b31e8eb 100644
--- a/drivers/common/cnxk/version.map
+++ b/drivers/common/cnxk/version.map
@@ -26,6 +26,7 @@ INTERNAL {
 	roc_ae_ec_grp_put;
 	roc_ae_fpm_get;
 	roc_ae_fpm_put;
+	roc_aes_xcbc_key_derive;
 	roc_bphy_cgx_dev_fini;
 	roc_bphy_cgx_dev_init;
 	roc_bphy_cgx_fec_set;

From patchwork Tue Dec  7 06:50:36 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104971
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id D0ACDA034F;
	Tue,  7 Dec 2021 07:52:35 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 3C2F94274B;
	Tue,  7 Dec 2021 07:52:09 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 0097542746
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:06 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJvp018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=5GwSRc8BoA26PYkHnz4TPvh9+T48FBa6dOhOzSMvqPU=;
 b=h3Ghz+ut86TsxwjAjKtlxIDy0+9EJKW/O+EEz6Xj5zOPCOJXPGPHgQi07C4uz4Pr2bh3
 CB/DOJwyqDjljTk1vZv/+jdTrOFYq2Zq7sTkegLXHV1PpAFLCm47phlmRLF+N4uXto21
 4wnefjEJdmZlldr9SB9g40Hp7vcOR7P4HVa9utdjPr5Eo6Y/w8U0IIjMaEIevQMPpsUV
 XJ/GlGSp12Gv1KBCTm6et7ql0ndU6u7F4bCgGlJociiRneTCrrarKLoPPhXsi6y9UahE
 gr9rHZmbX3/w5M/oQPOwR8WO520VTHWUVMr4xMLZ5TZ1iVGp+/JhuIeErAZKzU1zyFFA fw==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9004x-4
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:06 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:51:17 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:17 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 0B4E93F7092;
 Mon,  6 Dec 2021 22:51:14 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Archana Muniganti <marchana@marvell.com>, Tejasree Kondoj
 <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 03/25] common/cnxk: add bit fields for params
Date: Tue, 7 Dec 2021 12:20:36 +0530
Message-ID: <1638859858-734-4-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: 7EosAr02vMxB05q1-PyBP4jXLRD8Zs5D
X-Proofpoint-ORIG-GUID: 7EosAr02vMxB05q1-PyBP4jXLRD8Zs5D
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Archana Muniganti <marchana@marvell.com>

Added new structure with bit fields for params.


Signed-off-by: Archana Muniganti <marchana@marvell.com>
---
 drivers/common/cnxk/roc_ie_on.h  | 30 +++++++++++++++++++++++++++++-
 drivers/crypto/cnxk/cn9k_ipsec.c | 16 +++++++++++++---
 2 files changed, 42 insertions(+), 4 deletions(-)

diff --git a/drivers/common/cnxk/roc_ie_on.h b/drivers/common/cnxk/roc_ie_on.h
index 53591c6..817ef33 100644
--- a/drivers/common/cnxk/roc_ie_on.h
+++ b/drivers/common/cnxk/roc_ie_on.h
@@ -21,7 +21,6 @@ enum roc_ie_on_ucc_ipsec {
 };
 
 /* Helper macros */
-#define ROC_IE_ON_PER_PKT_IV   BIT(11)
 #define ROC_IE_ON_INB_RPTR_HDR 0x8
 
 enum {
@@ -102,6 +101,35 @@ struct roc_ie_on_ip_template {
 	};
 };
 
+union roc_on_ipsec_outb_param1 {
+	uint16_t u16;
+	struct {
+		uint16_t frag_num : 4;
+		uint16_t rsvd_4_6 : 3;
+		uint16_t gre_select : 1;
+		uint16_t dsiv : 1;
+		uint16_t ikev2 : 1;
+		uint16_t min_frag_size : 1;
+		uint16_t per_pkt_iv : 1;
+		uint16_t tfc_pad_enable : 1;
+		uint16_t tfc_dummy_pkt : 1;
+		uint16_t rfc_or_override_mode : 1;
+		uint16_t custom_hdr_or_p99 : 1;
+	} s;
+};
+
+union roc_on_ipsec_inb_param2 {
+	uint16_t u16;
+	struct {
+		uint16_t rsvd_0_10 : 11;
+		uint16_t gre_select : 1;
+		uint16_t ikev2 : 1;
+		uint16_t udp_cksum : 1;
+		uint16_t ctx_addr_sel : 1;
+		uint16_t custom_hdr_or_p99 : 1;
+	} s;
+};
+
 struct roc_ie_on_sa_ctl {
 	uint64_t spi : 32;
 	uint64_t exp_proto_inter_frag : 8;
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index a81130b..6455ef9 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -280,6 +280,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform->next;
 	struct roc_ie_on_ip_template *template = NULL;
 	struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
+	union roc_on_ipsec_outb_param1 param1;
 	struct cnxk_cpt_inst_tmpl *inst_tmpl;
 	struct roc_ie_on_outb_sa *out_sa;
 	struct cn9k_sec_session *sess;
@@ -407,8 +408,12 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 	w4.u64 = 0;
 	w4.s.opcode_major = ROC_IE_ON_MAJOR_OP_PROCESS_OUTBOUND_IPSEC;
 	w4.s.opcode_minor = ctx_len >> 3;
-	w4.s.param1 = BIT(9);
-	w4.s.param1 |= ROC_IE_ON_PER_PKT_IV;
+
+	param1.u16 = 0;
+	param1.s.ikev2 = 1;
+	param1.s.per_pkt_iv = 1;
+	w4.s.param1 = param1.u16;
+
 	inst_tmpl->w4 = w4.u64;
 
 	w7.u64 = 0;
@@ -428,6 +433,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 {
 	struct rte_crypto_sym_xform *auth_xform = crypto_xform;
 	struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
+	union roc_on_ipsec_inb_param2 param2;
 	struct cnxk_cpt_inst_tmpl *inst_tmpl;
 	struct roc_ie_on_inb_sa *in_sa;
 	struct cn9k_sec_session *sess;
@@ -478,7 +484,11 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 	w4.u64 = 0;
 	w4.s.opcode_major = ROC_IE_ON_MAJOR_OP_PROCESS_INBOUND_IPSEC;
 	w4.s.opcode_minor = ctx_len >> 3;
-	w4.s.param2 = BIT(12);
+
+	param2.u16 = 0;
+	param2.s.ikev2 = 1;
+	w4.s.param2 = param2.u16;
+
 	inst_tmpl->w4 = w4.u64;
 
 	w7.u64 = 0;

From patchwork Tue Dec  7 06:50:37 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104972
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 15D23A034F;
	Tue,  7 Dec 2021 07:52:41 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 5ADE24274F;
	Tue,  7 Dec 2021 07:52:10 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 652A042728
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:07 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJvq018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=Xg6y2RnlA+I7ckyw1RCNiT0f+D3WNipaAS1iqiRWRhs=;
 b=F4yfVZgaM8w3uGSMOgZInaHaTw2B1ynr0cTeNr2ge3xuh9cZhH3L0479AH5rgxuBga6a
 lS+wlKtBsG9sFn/TDcssIaAYfNKDoJfs6wYtdBDUi9cP6hEHBmeF36ndst0lYlgNjdfn
 RkKryDNc/Jpn0NinkdQkoEiaLER+LPMZyc+Y6inhroyPKrKxXkBXZBJFFpfB+B/jCEW4
 yUJQ5XXzHDd1vU8FREobfAOXfw7QljuKX6y1AmlbE6NczH9rPP+iroFwMOfcWxvXaUxy
 Q2Jc7H4QnJvZpUSR03WZDUVFMwx+FZ7BDGZhAoyYtxALu+h9TIh51dZMJW0Rr3JNcsKZ Vw==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9004x-6
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:06 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:51:21 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:21 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id CCB293F7071;
 Mon,  6 Dec 2021 22:51:18 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>,
 <schalla@marvell.com>
Subject: [PATCH 04/25] common/cnxk: fix reset of fields
Date: Tue, 7 Dec 2021 12:20:37 +0530
Message-ID: <1638859858-734-5-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: gTo7nwiTNpHy-_siv1Wi0l_YcD4wiGaC
X-Proofpoint-ORIG-GUID: gTo7nwiTNpHy-_siv1Wi0l_YcD4wiGaC
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Copy DF/DSCP fields would get set based on ipsec_xform in the code
preceding this. Setting it again would cause the options to be reset.

Fixes: 78d03027f2cc ("common/cnxk: add IPsec common code")
Cc: schalla@marvell.com

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/cnxk/cnxk_security.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/drivers/common/cnxk/cnxk_security.c b/drivers/common/cnxk/cnxk_security.c
index 30562b4..787138b 100644
--- a/drivers/common/cnxk/cnxk_security.c
+++ b/drivers/common/cnxk/cnxk_security.c
@@ -444,10 +444,6 @@ cnxk_ot_ipsec_outb_sa_fill(struct roc_ot_ipsec_outb_sa *sa,
 		return -EINVAL;
 	}
 
-	/* Default options of DSCP and Flow label/DF */
-	sa->w2.s.dscp_src = ROC_IE_OT_SA_COPY_FROM_SA;
-	sa->w2.s.ipv4_df_src_or_ipv6_flw_lbl_src = ROC_IE_OT_SA_COPY_FROM_SA;
-
 skip_tunnel_info:
 	/* ESN */
 	sa->w0.s.esn_en = !!ipsec_xfrm->options.esn;

From patchwork Tue Dec  7 06:50:38 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104973
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 65CC2A034F;
	Tue,  7 Dec 2021 07:52:46 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 9F6C142753;
	Tue,  7 Dec 2021 07:52:11 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id A1A7F4273D
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:07 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJvr018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=xhMN7Za1c8ktz7fyd/2M21kOZOZxJUkClZv6jWdMVsc=;
 b=YrIbcaX3THmWNAsfS787dOzKJ3lFAhVlA3XoXmIYGm0qGGzLQ6SM5ENEAnEWvx03jrv0
 +qqbZO+v9v/7564P2EiZzrKum15h+A06eSdMLzxKG+ACho34la9GUnG3jJHiNBlWV812
 Kf0fyhu+XInDAfSByDK2CjFpWu7qMj+eibUNM9Q6G5VpUsbXoNBcTtz4K6goYvYttAGe
 ICAfNTsalNxrG+V2ACrTu6sFTsGGPPIme4Sb7AVAOVjQehCmKVTIkYfiNqbLZCzGqEYs
 LUmdN115swrZUthhWX7xyHyaMbCtHweU9Y+Yb9ub6yk2jkDtkJGWn4nQ3ofpXg3WurB8 nA==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9004x-7
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:06 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:51:25 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:25 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id CD83A3F7071;
 Mon,  6 Dec 2021 22:51:22 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 05/25] common/cnxk: verify input args
Date: Tue, 7 Dec 2021 12:20:38 +0530
Message-ID: <1638859858-734-6-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: gB3ZSEdxxsDrINepnWMYCtK4yavG60TD
X-Proofpoint-ORIG-GUID: gB3ZSEdxxsDrINepnWMYCtK4yavG60TD
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add input arg verification.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/cnxk/hw/cpt.h  | 2 ++
 drivers/common/cnxk/roc_cpt.c | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h
index 919f842..ccc7af4 100644
--- a/drivers/common/cnxk/hw/cpt.h
+++ b/drivers/common/cnxk/hw/cpt.h
@@ -64,6 +64,7 @@ union cpt_lf_ctx_flush {
 	struct {
 		uint64_t cptr : 46;
 		uint64_t inval : 1;
+		uint64_t reserved_47_63 : 17;
 	} s;
 };
 
@@ -71,6 +72,7 @@ union cpt_lf_ctx_reload {
 	uint64_t u;
 	struct {
 		uint64_t cptr : 46;
+		uint64_t reserved_46_63 : 18;
 	} s;
 };
 
diff --git a/drivers/common/cnxk/roc_cpt.c b/drivers/common/cnxk/roc_cpt.c
index 8f8e6d3..1bc7a29 100644
--- a/drivers/common/cnxk/roc_cpt.c
+++ b/drivers/common/cnxk/roc_cpt.c
@@ -681,8 +681,10 @@ roc_cpt_lf_ctx_flush(struct roc_cpt_lf *lf, void *cptr, bool inval)
 {
 	union cpt_lf_ctx_flush reg;
 
-	if (lf == NULL)
+	if (lf == NULL) {
+		plt_err("Could not trigger CTX flush");
 		return -ENOTSUP;
+	}
 
 	reg.u = 0;
 	reg.s.inval = inval;

From patchwork Tue Dec  7 06:50:39 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104974
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id CC107A034F;
	Tue,  7 Dec 2021 07:52:51 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A12EE4275C;
	Tue,  7 Dec 2021 07:52:12 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 00CFE42748
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:08 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJvt018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:08 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=82vfpzglZCyiv3FHCDO8TCYIavngPcI7B+XzQQ3JqaI=;
 b=i5Y1nELPgaiHf6eLybB1LZAttVig1PA49pjtTDu0wAxJ6fdlEhOYjCUgIMQWH3Tg/Qd0
 soXixnvOxjXtJNp0LlyoOuF8W9m0+9hY9SJ9l9gJAlDRLFvaaJi2jvIlcyNg0mJxNz0f
 PWzxpMZjcSx6eA13WJVDwRC/vfuzI2QUeQAL/7M3rpQ1lemf7RCKWEE4VWGeSa9g3xtZ
 +teq8DVsF1581FciDJBx6TTc2p2lGANUwPeH8tYqNNvxfkK7dh+Wuadero66ayYE+Czv
 kggmNgbZpHvNR4zA9D37LIulW2obH6H9qwcTnuOTLalXW8jm/2x1mpey+8Jxzg33LN68 /Q==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9004x-10
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:08 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:51:28 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:28 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 548A83F7071;
 Mon,  6 Dec 2021 22:51:26 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Shijith Thotton <sthotton@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 06/25] crypto/cnxk: only enable queues that are allocated
Date: Tue, 7 Dec 2021 12:20:39 +0530
Message-ID: <1638859858-734-7-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: YrjTQIjAe1PXty3N-ABrkSCFiDh0CWaT
X-Proofpoint-ORIG-GUID: YrjTQIjAe1PXty3N-ABrkSCFiDh0CWaT
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Shijith Thotton <sthotton@marvell.com>

Only enable/disable queue pairs that are allocated during cryptodev
start/stop.

Fixes: 6a95dbc1a291 ("crypto/cnxk: add dev start and dev stop")

Signed-off-by: Shijith Thotton <sthotton@marvell.com>
---
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index a2281fb..21ee09f 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -100,8 +100,13 @@ cnxk_cpt_dev_start(struct rte_cryptodev *dev)
 	uint16_t nb_lf = roc_cpt->nb_lf;
 	uint16_t qp_id;
 
-	for (qp_id = 0; qp_id < nb_lf; qp_id++)
+	for (qp_id = 0; qp_id < nb_lf; qp_id++) {
+		/* Application may not setup all queue pair */
+		if (roc_cpt->lf[qp_id] == NULL)
+			continue;
+
 		roc_cpt_iq_enable(roc_cpt->lf[qp_id]);
+	}
 
 	return 0;
 }
@@ -114,8 +119,12 @@ cnxk_cpt_dev_stop(struct rte_cryptodev *dev)
 	uint16_t nb_lf = roc_cpt->nb_lf;
 	uint16_t qp_id;
 
-	for (qp_id = 0; qp_id < nb_lf; qp_id++)
+	for (qp_id = 0; qp_id < nb_lf; qp_id++) {
+		if (roc_cpt->lf[qp_id] == NULL)
+			continue;
+
 		roc_cpt_iq_disable(roc_cpt->lf[qp_id]);
+	}
 }
 
 int

From patchwork Tue Dec  7 06:50:40 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104961
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id BCE5BA034F;
	Tue,  7 Dec 2021 07:51:35 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A1228411DB;
	Tue,  7 Dec 2021 07:51:35 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id A5BCF411CB
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:34 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a07F014960
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:34 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=hFRU9uGReaCSleoUtV9VgPXn7pJOUCpkGQy9cqO/XyM=;
 b=RkGZYHARA5pMUP7McdWZ9xQPEUpdj1ormJaIxZlyr8pD9Vl6JzWjBL/Yx7m8wBUfvpO5
 pinkiLw8EW6vbKRuNzDVMOo6vHlTv+86466u6rsMs6WR9RRhesA0s+S7jD6sQKZcZoqv
 Ieg3oCAiMtgiixrw7H3+zV3mJzNdBzO2mdGL2dasIFhcqbazY1qpR7dc2VhExKIgmCYU
 QUlvpbtNQExOq9S/12rjeyUKOjr9v3OAqgosidDvSe6v7rYiF8ecl25xouGaWy5YHTze
 yNYa/01vsQQr0/GRlFWXScEsJeGEBX5HCDXDX3pOtdwIQ/T8qyfD7oEcPY/AoWDPljeY hA==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7dc-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:33 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:31 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:31 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id A95F03F7071;
 Mon,  6 Dec 2021 22:51:29 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Tejasree Kondoj <ktejasree@marvell.com>, Archana Muniganti
 <marchana@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 07/25] crypto/cnxk: add lookaside IPsec AES-CBC-HMAC-SHA256
 support
Date: Tue, 7 Dec 2021 12:20:40 +0530
Message-ID: <1638859858-734-8-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: oIAsjtxvoiFoxG71ajgjOD5jVATR473C
X-Proofpoint-GUID: oIAsjtxvoiFoxG71ajgjOD5jVATR473C
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Tejasree Kondoj <ktejasree@marvell.com>

Adding AES-CBC-HMAC-SHA256 support to lookaside IPsec PMD.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 doc/guides/cryptodevs/cnxk.rst                    | 39 +++++++++++++++++++----
 doc/guides/rel_notes/release_22_03.rst            |  4 +++
 drivers/common/cnxk/cnxk_security.c               | 14 ++++++++
 drivers/crypto/cnxk/cn10k_ipsec.c                 |  3 ++
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 20 ++++++++++++
 drivers/crypto/cnxk/cnxk_ipsec.h                  |  3 +-
 6 files changed, 75 insertions(+), 8 deletions(-)

diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index 23cc823..8c4c4ea 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -246,14 +246,27 @@ CN9XX Features supported
 * IPv4
 * IPv6
 * ESP
+* ESN
+* Anti-replay
 * Tunnel mode
 * Transport mode(IPv4)
 * UDP Encapsulation
+
+AEAD algorithms
++++++++++++++++
+
 * AES-128/192/256-GCM
-* AES-128/192/256-CBC-SHA1-HMAC
-* AES-128/192/256-CBC-SHA256-128-HMAC
-* ESN
-* Anti-replay
+
+Cipher algorithms
++++++++++++++++++
+
+* AES-128/192/256-CBC
+
+Auth algorithms
++++++++++++++++
+
+* SHA1-HMAC
+* SHA256-128-HMAC
 
 CN10XX Features supported
 ~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -263,6 +276,20 @@ CN10XX Features supported
 * Tunnel mode
 * Transport mode
 * UDP Encapsulation
+
+AEAD algorithms
++++++++++++++++
+
 * AES-128/192/256-GCM
-* AES-128/192/256-CBC-NULL
-* AES-128/192/256-CBC-SHA1-HMAC
+
+Cipher algorithms
++++++++++++++++++
+
+* AES-128/192/256-CBC
+
+Auth algorithms
++++++++++++++++
+
+* NULL
+* SHA1-HMAC
+* SHA256-128-HMAC
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 6d99d1e..1639b0e 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -55,6 +55,10 @@ New Features
      Also, make sure to start the actual text at the margin.
      =======================================================
 
+* **Updated Marvell cnxk crypto PMD.**
+
+  * Added SHA256-HMAC support in lookaside protocol (IPsec) for CN10K.
+
 
 Removed Items
 -------------
diff --git a/drivers/common/cnxk/cnxk_security.c b/drivers/common/cnxk/cnxk_security.c
index 787138b..f39bc1e 100644
--- a/drivers/common/cnxk/cnxk_security.c
+++ b/drivers/common/cnxk/cnxk_security.c
@@ -32,6 +32,10 @@ ipsec_hmac_opad_ipad_gen(struct rte_crypto_sym_xform *auth_xform,
 		roc_hash_sha1_gen(opad, (uint32_t *)&hmac_opad_ipad[0]);
 		roc_hash_sha1_gen(ipad, (uint32_t *)&hmac_opad_ipad[24]);
 		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		roc_hash_sha256_gen(opad, (uint32_t *)&hmac_opad_ipad[0]);
+		roc_hash_sha256_gen(ipad, (uint32_t *)&hmac_opad_ipad[64]);
+		break;
 	default:
 		break;
 	}
@@ -129,6 +133,16 @@ ot_ipsec_sa_common_param_fill(union roc_ot_ipsec_sa_word2 *w2,
 			     i++)
 				tmp_key[i] = rte_be_to_cpu_64(tmp_key[i]);
 			break;
+		case RTE_CRYPTO_AUTH_SHA256_HMAC:
+			w2->s.auth_type = ROC_IE_OT_SA_AUTH_SHA2_256;
+			ipsec_hmac_opad_ipad_gen(auth_xfrm, hmac_opad_ipad);
+
+			tmp_key = (uint64_t *)hmac_opad_ipad;
+			for (i = 0; i < (int)(ROC_CTX_MAX_OPAD_IPAD_LEN /
+					      sizeof(uint64_t));
+			     i++)
+				tmp_key[i] = rte_be_to_cpu_64(tmp_key[i]);
+			break;
 		default:
 			return -ENOTSUP;
 		}
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 27df1dc..93eab1b 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -65,6 +65,9 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
 		if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 			sa->iv_offset = crypto_xfrm->aead.iv.offset;
 			sa->iv_length = crypto_xfrm->aead.iv.length;
+		} else {
+			sa->iv_offset = crypto_xfrm->cipher.iv.offset;
+			sa->iv_length = crypto_xfrm->cipher.iv.length;
 		}
 	}
 #else
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 59b63ed..7d22626 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -797,6 +797,26 @@ static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA256 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 1,
+					.max = 1024,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
 };
 
 static const struct rte_security_capability sec_caps_templ[] = {
diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h
index dddb414..f4a1012 100644
--- a/drivers/crypto/cnxk/cnxk_ipsec.h
+++ b/drivers/crypto/cnxk/cnxk_ipsec.h
@@ -46,8 +46,7 @@ ipsec_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 	if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
 		if (keylen >= 20 && keylen <= 64)
 			return 0;
-	} else if (roc_model_is_cn9k() &&
-		   (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)) {
+	} else if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC) {
 		if (keylen >= 32 && keylen <= 64)
 			return 0;
 	}

From patchwork Tue Dec  7 06:50:41 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104962
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 533C0A034F;
	Tue,  7 Dec 2021 07:51:40 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id AA65341229;
	Tue,  7 Dec 2021 07:51:38 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id E8683411CB
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:37 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a0sQ014932
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:37 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=hikU5Ho50WaSqCM54c9s4PiZGdN6cJaBqRkawAjevkw=;
 b=hRSO6lqp3a6r+QW+FeNqln4RNjpHFG4dJ1a6XsxT23y8qs048AmkOYKKztkP8rdlfxKQ
 U0CAnjo6w6JnpkEwGx/rYaHQg/ifWk+LD581/lzNwT8iiAaYsSOCMq36eC1xUvlmlGC/
 0RSQ6NNg8sR3dFaB54fi5z2OnQK7JgyB2DZic/WM+76wxki/q4atIaBmEyxqZcTUuGCX
 WUVEGCJZE3pQNvbQBNo47UvBZQH80shkCiP5ul7K4ghg/fRRmnF4GwcoUTsMN7gDjJ0d
 T9BqhTOw/Q9kXZkOtNSy0hTKhJcJDdxefWiJPz3E7Hpo9Aur0k9QGjL2C4WKK3GdLuxo dA==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7dj-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:37 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:35 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:35 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 085EF3F7071;
 Mon,  6 Dec 2021 22:51:32 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 08/25] crypto/cnxk: clear session data before populating
Date: Tue, 7 Dec 2021 12:20:41 +0530
Message-ID: <1638859858-734-9-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: fzEljZOWjUWQ4qBvLnaD5PgeGXc0i5aQ
X-Proofpoint-GUID: fzEljZOWjUWQ4qBvLnaD5PgeGXc0i5aQ
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Clear session data before populating fields to not have garbage data.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 93eab1b..1bd127e 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -130,6 +130,8 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
 	sa = &sess->sa;
 	in_sa = &sa->in_sa;
 
+	memset(in_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
+
 	/* Translate security parameters to SA */
 	ret = cnxk_ot_ipsec_inb_sa_fill(in_sa, ipsec_xfrm, crypto_xfrm);
 	if (ret)

From patchwork Tue Dec  7 06:50:42 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104963
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id BD2DEA034F;
	Tue,  7 Dec 2021 07:51:45 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id AA70241C3C;
	Tue,  7 Dec 2021 07:51:42 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 5E0A64117E
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:41 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a0Wn014931
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:40 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=dRn/4fiKIeyv9ah0JXggiHLuCzNhzQka9xT5SoomMKA=;
 b=Z07r4grElMD+xICwBg2nTcrIuEYHuwmY5xiHsDoM+/b/IXhdV1dkhUrNjc3W71yDuqxt
 waW6KoaYBjwlazixJrNj+jyKFHEJI4sm36I2YZkB+QGWM7d+rdN3efkcJ2WFy9poQV/d
 WvdbHQm4lgLBTuyb/mORzSQHC8ZYI6EFEAte5e4idDQP8tURG5MnOKFYVeXtLXSYiwc+
 3pYjPiolJEJz9Aj5eA0W622qlqMTnxHYFnFtKok9uHbzqEFzTPPAdXSuK58V9dJFoXhg
 4oZ4MTWM57YE5iaH7k2bbsqhVwVo8Bz5VHU+sGd6zzL5hkblSnB2RNdck6J4O/pDuQOh pg==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7dq-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:40 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:38 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:38 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 701293F70A1;
 Mon,  6 Dec 2021 22:51:36 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 09/25] crypto/cnxk: update max sec crypto caps
Date: Tue, 7 Dec 2021 12:20:42 +0530
Message-ID: <1638859858-734-10-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: JM8gSKLr6V9KNIMzCPRlJQ841u1_mPBb
X-Proofpoint-GUID: JM8gSKLr6V9KNIMzCPRlJQ841u1_mPBb
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Update the macro to include newly added ciphers. Updated the functions
populating caps to throw error when max is exceeded.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cnxk_cryptodev.h              | 2 +-
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index cfb9d29..2e0f467 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -11,7 +11,7 @@
 #include "roc_cpt.h"
 
 #define CNXK_CPT_MAX_CAPS	 34
-#define CNXK_SEC_CRYPTO_MAX_CAPS 4
+#define CNXK_SEC_CRYPTO_MAX_CAPS 6
 #define CNXK_SEC_MAX_CAPS	 5
 #define CNXK_AE_EC_ID_MAX	 8
 /**
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 7d22626..8305341 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -943,8 +943,10 @@ static void
 sec_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], int *cur_pos,
 	     const struct rte_cryptodev_capabilities *caps, int nb_caps)
 {
-	if (*cur_pos + nb_caps > CNXK_SEC_CRYPTO_MAX_CAPS)
+	if (*cur_pos + nb_caps > CNXK_SEC_CRYPTO_MAX_CAPS) {
+		rte_panic("Could not add sec crypto caps");
 		return;
+	}
 
 	memcpy(&cnxk_caps[*cur_pos], caps, nb_caps * sizeof(caps[0]));
 	*cur_pos += nb_caps;
@@ -957,8 +959,10 @@ cn10k_sec_crypto_caps_update(struct rte_cryptodev_capabilities cnxk_caps[],
 	const struct rte_cryptodev_capabilities *cap;
 	unsigned int i;
 
-	if ((CNXK_CPT_MAX_CAPS - *cur_pos) < 1)
+	if ((CNXK_SEC_CRYPTO_MAX_CAPS - *cur_pos) < 1) {
+		rte_panic("Could not add sec crypto caps");
 		return;
+	}
 
 	/* NULL auth */
 	for (i = 0; i < RTE_DIM(caps_null); i++) {

From patchwork Tue Dec  7 06:50:43 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104964
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id F1682A034F;
	Tue,  7 Dec 2021 07:51:51 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id B947341238;
	Tue,  7 Dec 2021 07:51:46 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 2EC974117E
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:45 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a1Bh014965
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:44 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=kKaB6OMKvg9cFqmC9F5DoBHQdf2n+P3uJafzh2364Xc=;
 b=K3z8nWJE511SXhcgdW801mnKX+97gpxYcF102mIKEpuh0xxJxVmsDq/8LhCZmXJvgQhM
 dAQxp/uvx9kGMLCsxPDL8ZOAtoouAp+j32cL+ENIsq2fF54qKffrbnZ6wQ6eqMgfoYtQ
 hM7lTossk771WdQBj4kfCKZEnoNdFF1Bsqt9xglrIdeQmvq9x+09XBw5FoH/PzQZNPC5
 1iurzl9kE2LmUyqlxbcmzf5/IFDTup44TKfGkA5Kn/1h47+JIWdFtTcTw+uAAV+fG2oJ
 IZlDsYKL6OB+j5CojZldBXdpQiHkmt6vY02bHv/I+9hxW9FqgV9V3ufOjo78/IIeF4Hz qw==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7dx-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:44 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:41 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:41 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id EDDC13F7071;
 Mon,  6 Dec 2021 22:51:39 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Tejasree Kondoj <ktejasree@marvell.com>, Archana Muniganti
 <marchana@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 10/25] crypto/cnxk: write CPT CTX through microcode op
Date: Tue, 7 Dec 2021 12:20:43 +0530
Message-ID: <1638859858-734-11-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: 2ppToZh3LP0cxY6NUncuphJ8qBui7tpa
X-Proofpoint-GUID: 2ppToZh3LP0cxY6NUncuphJ8qBui7tpa
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Tejasree Kondoj <ktejasree@marvell.com>

Adding support to write CPT CTX through microcode op(SET_CTX) for
cn10k lookaside PMD.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec.c | 121 ++++++++++++++++++++++++++++----------
 1 file changed, 89 insertions(+), 32 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 1bd127e..a11a6b7 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -2,18 +2,19 @@
  * Copyright(C) 2021 Marvell.
  */
 
-#include <rte_malloc.h>
 #include <cryptodev_pmd.h>
 #include <rte_esp.h>
 #include <rte_ip.h>
+#include <rte_malloc.h>
 #include <rte_security.h>
 #include <rte_security_driver.h>
 #include <rte_udp.h>
 
+#include "cn10k_ipsec.h"
 #include "cnxk_cryptodev.h"
+#include "cnxk_cryptodev_ops.h"
 #include "cnxk_ipsec.h"
 #include "cnxk_security.h"
-#include "cn10k_ipsec.h"
 
 #include "roc_api.h"
 
@@ -32,36 +33,46 @@ ipsec_cpt_inst_w7_get(struct roc_cpt *roc_cpt, void *sa)
 }
 
 static int
-cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
+cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			   struct rte_security_ipsec_xform *ipsec_xfrm,
 			   struct rte_crypto_sym_xform *crypto_xfrm,
 			   struct rte_security_session *sec_sess)
 {
 	union roc_ot_ipsec_outb_param1 param1;
-	struct roc_ot_ipsec_outb_sa *out_sa;
+	struct roc_ot_ipsec_outb_sa *sa_dptr;
 	struct cnxk_ipsec_outb_rlens rlens;
 	struct cn10k_sec_session *sess;
 	struct cn10k_ipsec_sa *sa;
 	union cpt_inst_w4 inst_w4;
-	int ret;
+	void *out_sa;
+	int ret = 0;
 
 	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	out_sa = &sa->out_sa;
 
-	memset(out_sa, 0, sizeof(struct roc_ot_ipsec_outb_sa));
+	/* Allocate memory to be used as dptr for CPT ucode WRITE_SA op */
+	sa_dptr = plt_zmalloc(ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ, 0);
+	if (sa_dptr == NULL) {
+		plt_err("Couldn't allocate memory for SA dptr");
+		return -ENOMEM;
+	}
+
+	memset(sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa));
 
 	/* Translate security parameters to SA */
-	ret = cnxk_ot_ipsec_outb_sa_fill(out_sa, ipsec_xfrm, crypto_xfrm);
-	if (ret)
-		return ret;
+	ret = cnxk_ot_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+	if (ret) {
+		plt_err("Could not fill outbound session parameters");
+		goto sa_dptr_free;
+	}
 
 	sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);
 
 #ifdef LA_IPSEC_DEBUG
 	/* Use IV from application in debug mode */
 	if (ipsec_xfrm->options.iv_gen_disable == 1) {
-		out_sa->w2.s.iv_src = ROC_IE_OT_SA_IV_SRC_FROM_SA;
+		sa_dptr->w2.s.iv_src = ROC_IE_OT_SA_IV_SRC_FROM_SA;
 		if (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 			sa->iv_offset = crypto_xfrm->aead.iv.offset;
 			sa->iv_length = crypto_xfrm->aead.iv.length;
@@ -73,14 +84,15 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
 #else
 	if (ipsec_xfrm->options.iv_gen_disable != 0) {
 		plt_err("Application provided IV not supported");
-		return -ENOTSUP;
+		ret = -ENOTSUP;
+		goto sa_dptr_free;
 	}
 #endif
 
 	/* Get Rlen calculation data */
 	ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
 	if (ret)
-		return ret;
+		goto sa_dptr_free;
 
 	sa->max_extended_len = rlens.max_extended_len;
 
@@ -110,37 +122,61 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
 
 	sa->inst.w4 = inst_w4.u64;
 
-	return 0;
+	memset(out_sa, 0, sizeof(struct roc_ot_ipsec_outb_sa));
+
+	/* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
+	memcpy(out_sa, sa_dptr, 8);
+
+	/* Write session using microcode opcode */
+	ret = roc_cpt_ctx_write(lf, sa_dptr, out_sa,
+				ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ);
+	if (ret) {
+		plt_err("Could not write outbound session to hardware");
+		goto sa_dptr_free;
+	}
+
+	/* Trigger CTX flush to write dirty data back to DRAM */
+	roc_cpt_lf_ctx_flush(lf, out_sa, false);
+
+sa_dptr_free:
+	plt_free(sa_dptr);
+
+	return ret;
 }
 
 static int
-cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
+cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			  struct rte_security_ipsec_xform *ipsec_xfrm,
 			  struct rte_crypto_sym_xform *crypto_xfrm,
 			  struct rte_security_session *sec_sess)
 {
 	union roc_ot_ipsec_inb_param1 param1;
-	struct roc_ot_ipsec_inb_sa *in_sa;
+	struct roc_ot_ipsec_inb_sa *sa_dptr;
 	struct cn10k_sec_session *sess;
 	struct cn10k_ipsec_sa *sa;
 	union cpt_inst_w4 inst_w4;
-	int ret;
+	void *in_sa;
+	int ret = 0;
 
 	sess = get_sec_session_private_data(sec_sess);
 	sa = &sess->sa;
 	in_sa = &sa->in_sa;
 
-	memset(in_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
-
-	/* Translate security parameters to SA */
-	ret = cnxk_ot_ipsec_inb_sa_fill(in_sa, ipsec_xfrm, crypto_xfrm);
-	if (ret)
-		return ret;
+	/* Allocate memory to be used as dptr for CPT ucode WRITE_SA op */
+	sa_dptr = plt_zmalloc(ROC_NIX_INL_OT_IPSEC_INB_HW_SZ, 0);
+	if (sa_dptr == NULL) {
+		plt_err("Couldn't allocate memory for SA dptr");
+		return -ENOMEM;
+	}
 
-	/* TODO add support for antireplay */
-	sa->in_sa.w0.s.ar_win = 0;
+	memset(sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa));
 
-	/* TODO add support for udp encap */
+	/* Translate security parameters to SA */
+	ret = cnxk_ot_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+	if (ret) {
+		plt_err("Could not fill inbound session parameters");
+		goto sa_dptr_free;
+	}
 
 	sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);
 
@@ -173,7 +209,26 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
 
 	sa->inst.w4 = inst_w4.u64;
 
-	return 0;
+	memset(in_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
+
+	/* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
+	memcpy(in_sa, sa_dptr, 8);
+
+	/* Write session using microcode opcode */
+	ret = roc_cpt_ctx_write(lf, sa_dptr, in_sa,
+				ROC_NIX_INL_OT_IPSEC_INB_HW_SZ);
+	if (ret) {
+		plt_err("Could not write inbound session to hardware");
+		goto sa_dptr_free;
+	}
+
+	/* Trigger CTX flush to write dirty data back to DRAM */
+	roc_cpt_lf_ctx_flush(lf, in_sa, false);
+
+sa_dptr_free:
+	plt_free(sa_dptr);
+
+	return ret;
 }
 
 static int
@@ -185,12 +240,11 @@ cn10k_ipsec_session_create(void *dev,
 	struct rte_cryptodev *crypto_dev = dev;
 	struct roc_cpt *roc_cpt;
 	struct cnxk_cpt_vf *vf;
+	struct cnxk_cpt_qp *qp;
 	int ret;
 
-	vf = crypto_dev->data->dev_private;
-	roc_cpt = &vf->cpt;
-
-	if (crypto_dev->data->queue_pairs[0] == NULL) {
+	qp = crypto_dev->data->queue_pairs[0];
+	if (qp == NULL) {
 		plt_err("Setup cpt queue pair before creating security session");
 		return -EPERM;
 	}
@@ -199,11 +253,14 @@ cn10k_ipsec_session_create(void *dev,
 	if (ret)
 		return ret;
 
+	vf = crypto_dev->data->dev_private;
+	roc_cpt = &vf->cpt;
+
 	if (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
-		return cn10k_ipsec_inb_sa_create(roc_cpt, ipsec_xfrm,
+		return cn10k_ipsec_inb_sa_create(roc_cpt, &qp->lf, ipsec_xfrm,
 						 crypto_xfrm, sess);
 	else
-		return cn10k_ipsec_outb_sa_create(roc_cpt, ipsec_xfrm,
+		return cn10k_ipsec_outb_sa_create(roc_cpt, &qp->lf, ipsec_xfrm,
 						  crypto_xfrm, sess);
 }
 

From patchwork Tue Dec  7 06:50:44 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104965
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id D9490A034F;
	Tue,  7 Dec 2021 07:51:57 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id B0EF2426F4;
	Tue,  7 Dec 2021 07:51:48 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id EDEB7426EC
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:47 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a1Bi014965
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:47 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=oURsMuTZXnMhFr8x5wZZb3J0dUQs0JhOmPp80qfRL2k=;
 b=HDU9p9lkoKGrjJ6imsJHM/ATfOsFq6tjzpmg+e0MkIK68U/1T5Z9RYwFKi6mhpHTwMAk
 fA3FnG71qQOoee+tmLUCZMnPQAew4OIrl7i17BcW/Cu84FNsUr2U6cD6MBX2k2+yjeSr
 hFgNIkjJna3OoDy0N3x/yaTD8/hq7MXW/4XdJ34z7My+oyvmbYQFZ007KjrjxOffZO5i
 E4eW2inVw4h+kvIu2tN5dLTYlXrx7L0yo7MCooNprePtWd11zpMyacL6C6pdLPn+esxt
 Beni8zp2xkaLCjxyn+l2bGtUf8DHzLZYZBjOLSgXwZsZzsltciyGwVkeU3s6oklTqDkv TQ==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7e1-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:47 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:45 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:45 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 5B0873F709C;
 Mon,  6 Dec 2021 22:51:43 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Tejasree Kondoj <ktejasree@marvell.com>, Archana Muniganti
 <marchana@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 11/25] crypto/cnxk: support cnxk lookaside IPsec
 HMAC-SHA384/512
Date: Tue, 7 Dec 2021 12:20:44 +0530
Message-ID: <1638859858-734-12-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: CKsgHUWx0CkakpLIpeXVjD9LfZTXOtoq
X-Proofpoint-GUID: CKsgHUWx0CkakpLIpeXVjD9LfZTXOtoq
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Tejasree Kondoj <ktejasree@marvell.com>

Adding HMAC-SHA384/512 support to cnxk lookaside IPsec.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 doc/guides/cryptodevs/cnxk.rst                    |  4 ++
 doc/guides/rel_notes/release_22_03.rst            |  2 +
 drivers/common/cnxk/cnxk_security.c               | 36 +++++++++------
 drivers/crypto/cnxk/cn9k_ipsec.c                  | 55 ++++++++++++++++++-----
 drivers/crypto/cnxk/cnxk_cryptodev.h              |  2 +-
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 40 +++++++++++++++++
 drivers/crypto/cnxk/cnxk_ipsec.h                  |  6 +++
 7 files changed, 118 insertions(+), 27 deletions(-)

diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index 8c4c4ea..c49a779 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -267,6 +267,8 @@ Auth algorithms
 
 * SHA1-HMAC
 * SHA256-128-HMAC
+* SHA384-192-HMAC
+* SHA512-256-HMAC
 
 CN10XX Features supported
 ~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -293,3 +295,5 @@ Auth algorithms
 * NULL
 * SHA1-HMAC
 * SHA256-128-HMAC
+* SHA384-192-HMAC
+* SHA512-256-HMAC
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 1639b0e..8df9092 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -58,6 +58,8 @@ New Features
 * **Updated Marvell cnxk crypto PMD.**
 
   * Added SHA256-HMAC support in lookaside protocol (IPsec) for CN10K.
+  * Added SHA384-HMAC support in lookaside protocol (IPsec) for CN9K & CN10K.
+  * Added SHA512-HMAC support in lookaside protocol (IPsec) for CN9K & CN10K.
 
 
 Removed Items
diff --git a/drivers/common/cnxk/cnxk_security.c b/drivers/common/cnxk/cnxk_security.c
index f39bc1e..1c86f82 100644
--- a/drivers/common/cnxk/cnxk_security.c
+++ b/drivers/common/cnxk/cnxk_security.c
@@ -36,6 +36,14 @@ ipsec_hmac_opad_ipad_gen(struct rte_crypto_sym_xform *auth_xform,
 		roc_hash_sha256_gen(opad, (uint32_t *)&hmac_opad_ipad[0]);
 		roc_hash_sha256_gen(ipad, (uint32_t *)&hmac_opad_ipad[64]);
 		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		roc_hash_sha512_gen(opad, (uint64_t *)&hmac_opad_ipad[0], 384);
+		roc_hash_sha512_gen(ipad, (uint64_t *)&hmac_opad_ipad[64], 384);
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		roc_hash_sha512_gen(opad, (uint64_t *)&hmac_opad_ipad[0], 512);
+		roc_hash_sha512_gen(ipad, (uint64_t *)&hmac_opad_ipad[64], 512);
+		break;
 	default:
 		break;
 	}
@@ -125,28 +133,28 @@ ot_ipsec_sa_common_param_fill(union roc_ot_ipsec_sa_word2 *w2,
 			break;
 		case RTE_CRYPTO_AUTH_SHA1_HMAC:
 			w2->s.auth_type = ROC_IE_OT_SA_AUTH_SHA1;
-			ipsec_hmac_opad_ipad_gen(auth_xfrm, hmac_opad_ipad);
-
-			tmp_key = (uint64_t *)hmac_opad_ipad;
-			for (i = 0; i < (int)(ROC_CTX_MAX_OPAD_IPAD_LEN /
-					      sizeof(uint64_t));
-			     i++)
-				tmp_key[i] = rte_be_to_cpu_64(tmp_key[i]);
 			break;
 		case RTE_CRYPTO_AUTH_SHA256_HMAC:
 			w2->s.auth_type = ROC_IE_OT_SA_AUTH_SHA2_256;
-			ipsec_hmac_opad_ipad_gen(auth_xfrm, hmac_opad_ipad);
-
-			tmp_key = (uint64_t *)hmac_opad_ipad;
-			for (i = 0; i < (int)(ROC_CTX_MAX_OPAD_IPAD_LEN /
-					      sizeof(uint64_t));
-			     i++)
-				tmp_key[i] = rte_be_to_cpu_64(tmp_key[i]);
+			break;
+		case RTE_CRYPTO_AUTH_SHA384_HMAC:
+			w2->s.auth_type = ROC_IE_OT_SA_AUTH_SHA2_384;
+			break;
+		case RTE_CRYPTO_AUTH_SHA512_HMAC:
+			w2->s.auth_type = ROC_IE_OT_SA_AUTH_SHA2_512;
 			break;
 		default:
 			return -ENOTSUP;
 		}
 
+		ipsec_hmac_opad_ipad_gen(auth_xfrm, hmac_opad_ipad);
+
+		tmp_key = (uint64_t *)hmac_opad_ipad;
+		for (i = 0;
+		     i < (int)(ROC_CTX_MAX_OPAD_IPAD_LEN / sizeof(uint64_t));
+		     i++)
+			tmp_key[i] = rte_be_to_cpu_64(tmp_key[i]);
+
 		key = cipher_xfrm->cipher.key.data;
 		length = cipher_xfrm->cipher.key.length;
 	}
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 6455ef9..395b0d5 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -321,14 +321,23 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 	    ctl->auth_type == ROC_IE_ON_SA_AUTH_NULL) {
 		template = &out_sa->aes_gcm.template;
 		ctx_len = offsetof(struct roc_ie_on_outb_sa, aes_gcm.template);
-	} else if (ctl->auth_type == ROC_IE_ON_SA_AUTH_SHA1) {
-		template = &out_sa->sha1.template;
-		ctx_len = offsetof(struct roc_ie_on_outb_sa, sha1.template);
-	} else if (ctl->auth_type == ROC_IE_ON_SA_AUTH_SHA2_256) {
-		template = &out_sa->sha2.template;
-		ctx_len = offsetof(struct roc_ie_on_outb_sa, sha2.template);
 	} else {
-		return -EINVAL;
+		switch (ctl->auth_type) {
+		case ROC_IE_ON_SA_AUTH_SHA1:
+			template = &out_sa->sha1.template;
+			ctx_len = offsetof(struct roc_ie_on_outb_sa,
+					   sha1.template);
+			break;
+		case ROC_IE_ON_SA_AUTH_SHA2_256:
+		case ROC_IE_ON_SA_AUTH_SHA2_384:
+		case ROC_IE_ON_SA_AUTH_SHA2_512:
+			template = &out_sa->sha2.template;
+			ctx_len = offsetof(struct roc_ie_on_outb_sa,
+					   sha2.template);
+			break;
+		default:
+			return -EINVAL;
+		}
 	}
 
 	ip4 = (struct rte_ipv4_hdr *)&template->ip4.ipv4_hdr;
@@ -397,10 +406,22 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 		auth_key = auth_xform->auth.key.data;
 		auth_key_len = auth_xform->auth.key.length;
 
-		if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC)
+		switch (auth_xform->auth.algo) {
+		case RTE_CRYPTO_AUTH_NULL:
+			break;
+		case RTE_CRYPTO_AUTH_SHA1_HMAC:
 			memcpy(out_sa->sha1.hmac_key, auth_key, auth_key_len);
-		else if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
+			break;
+		case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		case RTE_CRYPTO_AUTH_SHA512_HMAC:
 			memcpy(out_sa->sha2.hmac_key, auth_key, auth_key_len);
+			break;
+		default:
+			plt_err("Unsupported auth algorithm %u",
+				auth_xform->auth.algo);
+			return -ENOTSUP;
+		}
 	}
 
 	inst_tmpl = &sa->inst;
@@ -466,16 +487,26 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 		auth_key = auth_xform->auth.key.data;
 		auth_key_len = auth_xform->auth.key.length;
 
-		if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
+		switch (auth_xform->auth.algo) {
+		case RTE_CRYPTO_AUTH_NULL:
+			break;
+		case RTE_CRYPTO_AUTH_SHA1_HMAC:
 			memcpy(in_sa->sha1_or_gcm.hmac_key, auth_key,
 			       auth_key_len);
 			ctx_len = offsetof(struct roc_ie_on_inb_sa,
 					   sha1_or_gcm.selector);
-		} else if (auth_xform->auth.algo ==
-			   RTE_CRYPTO_AUTH_SHA256_HMAC) {
+			break;
+		case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		case RTE_CRYPTO_AUTH_SHA512_HMAC:
 			memcpy(in_sa->sha2.hmac_key, auth_key, auth_key_len);
 			ctx_len = offsetof(struct roc_ie_on_inb_sa,
 					   sha2.selector);
+			break;
+		default:
+			plt_err("Unsupported auth algorithm %u",
+				auth_xform->auth.algo);
+			return -ENOTSUP;
 		}
 	}
 
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 2e0f467..f701c26 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -11,7 +11,7 @@
 #include "roc_cpt.h"
 
 #define CNXK_CPT_MAX_CAPS	 34
-#define CNXK_SEC_CRYPTO_MAX_CAPS 6
+#define CNXK_SEC_CRYPTO_MAX_CAPS 8
 #define CNXK_SEC_MAX_CAPS	 5
 #define CNXK_AE_EC_ID_MAX	 8
 /**
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 8305341..9a55474 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -817,6 +817,46 @@ static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA384 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
+				.block_size = 64,
+				.key_size = {
+					.min = 48,
+					.max = 48,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 24,
+					.max = 24,
+					.increment = 0
+					},
+			}, }
+		}, }
+	},
+	{	/* SHA512 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
+				.block_size = 128,
+				.key_size = {
+					.min = 64,
+					.max = 64,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 32,
+					.max = 32,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
 };
 
 static const struct rte_security_capability sec_caps_templ[] = {
diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h
index f4a1012..426eaa8 100644
--- a/drivers/crypto/cnxk/cnxk_ipsec.h
+++ b/drivers/crypto/cnxk/cnxk_ipsec.h
@@ -49,6 +49,12 @@ ipsec_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 	} else if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC) {
 		if (keylen >= 32 && keylen <= 64)
 			return 0;
+	} else if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA384_HMAC) {
+		if (keylen == 48)
+			return 0;
+	} else if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA512_HMAC) {
+		if (keylen == 64)
+			return 0;
 	}
 
 	return -ENOTSUP;

From patchwork Tue Dec  7 06:50:45 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104966
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 32776A034F;
	Tue,  7 Dec 2021 07:52:06 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 2172342712;
	Tue,  7 Dec 2021 07:51:53 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 56115411CB
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:51 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a0oN014933
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:50 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=lUupCfPhoh7ZLpolk4eOqSXxgsd7E/63pLqp6YctdJc=;
 b=Z/zoCbu1EAeH+SsJIvDLL+TaFsxZl2yxgBj/Ez4Ys92h4xVzvT8cFI1PtsD9JAo4DrAj
 2CffUBZ5gi7tT755KVLCS2Yy0PF55HW5KnibvnAQ0EwtqJh9723a67E0jik0IqNe9O6V
 Q0CW4BzuibsvJImb06KAUDUJWxq1f8paq2Sqgx7GkVjJKxxwP2ol6UkZvpz7MSB+RpwI
 09zgAPbmx9HewiLLMn0ECMp48YYS/PLzvosHnem5yADfJKqQ5KwqQQmtdtIgUyYmw0+p
 TtdNYrvf+Y83rLP7ug0Lc1OHdRSqkJef9AH1zMTLRJbWt+wwJRgJ1UXpzQK4DHnAGwGa KQ==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7eb-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:50 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:48 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:48 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 7C52F3F7071;
 Mon,  6 Dec 2021 22:51:46 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 12/25] crypto/cnxk: account for CPT CTX updates and flush
 delays
Date: Tue, 7 Dec 2021 12:20:45 +0530
Message-ID: <1638859858-734-13-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: LXxq_SU2-zd8uMtCwcf-DEfJvnuA1Uvn
X-Proofpoint-GUID: LXxq_SU2-zd8uMtCwcf-DEfJvnuA1Uvn
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

CPT CTX write with microcode would require CPT flush to complete to have
DRAM updated with the SA. Since datapath requires SA direction field,
introduce a new flag for the same.

Session destroy path is also updated to clear sa.valid bit using CTX
reload operation.

Session is updated with marker to differentiate s/w immutable and s/w
mutable portions.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c |  4 +--
 drivers/crypto/cnxk/cn10k_ipsec.c         | 60 ++++++++++++++++++++++++-------
 drivers/crypto/cnxk/cn10k_ipsec.h         | 25 ++++++++-----
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h  | 18 +++++-----
 4 files changed, 76 insertions(+), 31 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index d25a17c..7617bdc 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -53,7 +53,6 @@ cpt_sec_inst_fill(struct rte_crypto_op *op, struct cn10k_sec_session *sess,
 		  struct cpt_inflight_req *infl_req, struct cpt_inst_s *inst)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
-	union roc_ot_ipsec_sa_word2 *w2;
 	struct cn10k_ipsec_sa *sa;
 	int ret;
 
@@ -68,9 +67,8 @@ cpt_sec_inst_fill(struct rte_crypto_op *op, struct cn10k_sec_session *sess,
 	}
 
 	sa = &sess->sa;
-	w2 = (union roc_ot_ipsec_sa_word2 *)&sa->in_sa.w2;
 
-	if (w2->s.dir == ROC_IE_SA_DIR_OUTBOUND)
+	if (sa->is_outbound)
 		ret = process_outb_sa(op, sa, inst);
 	else {
 		infl_req->op_flags |= CPT_OP_FLAGS_IPSEC_DIR_INBOUND;
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index a11a6b7..b4acbac 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -67,7 +67,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);
+	sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, out_sa);
 
 #ifdef LA_IPSEC_DEBUG
 	/* Use IV from application in debug mode */
@@ -89,6 +89,8 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	}
 #endif
 
+	sa->is_outbound = true;
+
 	/* Get Rlen calculation data */
 	ret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);
 	if (ret)
@@ -127,6 +129,8 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	/* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
 	memcpy(out_sa, sa_dptr, 8);
 
+	plt_atomic_thread_fence(__ATOMIC_SEQ_CST);
+
 	/* Write session using microcode opcode */
 	ret = roc_cpt_ctx_write(lf, sa_dptr, out_sa,
 				ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ);
@@ -135,9 +139,11 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	/* Trigger CTX flush to write dirty data back to DRAM */
+	/* Trigger CTX flush so that data is written back to DRAM */
 	roc_cpt_lf_ctx_flush(lf, out_sa, false);
 
+	plt_atomic_thread_fence(__ATOMIC_SEQ_CST);
+
 sa_dptr_free:
 	plt_free(sa_dptr);
 
@@ -178,7 +184,8 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);
+	sa->is_outbound = false;
+	sa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, in_sa);
 
 	/* pre-populate CPT INST word 4 */
 	inst_w4.u64 = 0;
@@ -214,6 +221,8 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	/* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
 	memcpy(in_sa, sa_dptr, 8);
 
+	plt_atomic_thread_fence(__ATOMIC_SEQ_CST);
+
 	/* Write session using microcode opcode */
 	ret = roc_cpt_ctx_write(lf, sa_dptr, in_sa,
 				ROC_NIX_INL_OT_IPSEC_INB_HW_SZ);
@@ -222,9 +231,11 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		goto sa_dptr_free;
 	}
 
-	/* Trigger CTX flush to write dirty data back to DRAM */
+	/* Trigger CTX flush so that data is written back to DRAM */
 	roc_cpt_lf_ctx_flush(lf, in_sa, false);
 
+	plt_atomic_thread_fence(__ATOMIC_SEQ_CST);
+
 sa_dptr_free:
 	plt_free(sa_dptr);
 
@@ -300,21 +311,46 @@ cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,
 }
 
 static int
-cn10k_sec_session_destroy(void *device __rte_unused,
-			  struct rte_security_session *sess)
+cn10k_sec_session_destroy(void *dev, struct rte_security_session *sec_sess)
 {
-	struct cn10k_sec_session *priv;
+	struct rte_cryptodev *crypto_dev = dev;
+	union roc_ot_ipsec_sa_word2 *w2;
+	struct cn10k_sec_session *sess;
 	struct rte_mempool *sess_mp;
+	struct cn10k_ipsec_sa *sa;
+	struct cnxk_cpt_qp *qp;
+	struct roc_cpt_lf *lf;
 
-	priv = get_sec_session_private_data(sess);
+	sess = get_sec_session_private_data(sec_sess);
+	if (sess == NULL)
+		return 0;
 
-	if (priv == NULL)
+	qp = crypto_dev->data->queue_pairs[0];
+	if (qp == NULL)
 		return 0;
 
-	sess_mp = rte_mempool_from_obj(priv);
+	lf = &qp->lf;
 
-	set_sec_session_private_data(sess, NULL);
-	rte_mempool_put(sess_mp, priv);
+	sa = &sess->sa;
+
+	/* Trigger CTX flush to write dirty data back to DRAM */
+	roc_cpt_lf_ctx_flush(lf, &sa->in_sa, false);
+
+	/* Wait for 1 ms so that flush is complete */
+	rte_delay_ms(1);
+
+	w2 = (union roc_ot_ipsec_sa_word2 *)&sa->in_sa.w2;
+	w2->s.valid = 0;
+
+	plt_atomic_thread_fence(__ATOMIC_SEQ_CST);
+
+	/* Trigger CTX reload to fetch new data from DRAM */
+	roc_cpt_lf_ctx_reload(lf, &sa->in_sa);
+
+	sess_mp = rte_mempool_from_obj(sess);
+
+	set_sec_session_private_data(sec_sess, NULL);
+	rte_mempool_put(sess_mp, sess);
 
 	return 0;
 }
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.h b/drivers/crypto/cnxk/cn10k_ipsec.h
index 86cd248..8be1fee 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec.h
@@ -7,24 +7,33 @@
 
 #include <rte_security.h>
 
+#include "roc_api.h"
+
 #include "cnxk_ipsec.h"
 
-#define CN10K_IPSEC_SA_CTX_HDR_SIZE 1
+typedef void *CN10K_SA_CONTEXT_MARKER[0];
 
 struct cn10k_ipsec_sa {
-	union {
-		/** Inbound SA */
-		struct roc_ot_ipsec_inb_sa in_sa;
-		/** Outbound SA */
-		struct roc_ot_ipsec_outb_sa out_sa;
-	};
 	/** Pre-populated CPT inst words */
 	struct cnxk_cpt_inst_tmpl inst;
 	uint16_t max_extended_len;
 	uint16_t iv_offset;
 	uint8_t iv_length;
 	bool ip_csum_enable;
-};
+	bool is_outbound;
+
+	/**
+	 * End of SW mutable area
+	 */
+	CN10K_SA_CONTEXT_MARKER sw_area_end __rte_aligned(ROC_ALIGN);
+
+	union {
+		/** Inbound SA */
+		struct roc_ot_ipsec_inb_sa in_sa;
+		/** Outbound SA */
+		struct roc_ot_ipsec_outb_sa out_sa;
+	};
+} __rte_aligned(ROC_ALIGN);
 
 struct cn10k_sec_session {
 	struct cn10k_ipsec_sa sa;
diff --git a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
index 881fbd1..cab6a50 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
@@ -54,6 +54,7 @@ process_outb_sa(struct rte_crypto_op *cop, struct cn10k_ipsec_sa *sess,
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
 	uint64_t inst_w4_u64 = sess->inst.w4;
+	uint64_t dptr;
 
 	if (unlikely(rte_pktmbuf_tailroom(m_src) < sess->max_extended_len)) {
 		plt_dp_err("Not enough tail room");
@@ -76,10 +77,10 @@ process_outb_sa(struct rte_crypto_op *cop, struct cn10k_ipsec_sa *sess,
 		inst_w4_u64 &= ~BIT_ULL(32);
 
 	/* Prepare CPT instruction */
-	inst->w4.u64 = inst_w4_u64;
-	inst->w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
-	inst->dptr = rte_pktmbuf_iova(m_src);
-	inst->rptr = inst->dptr;
+	inst->w4.u64 = inst_w4_u64 | rte_pktmbuf_pkt_len(m_src);
+	dptr = rte_pktmbuf_iova(m_src);
+	inst->dptr = dptr;
+	inst->rptr = dptr;
 
 	return 0;
 }
@@ -90,12 +91,13 @@ process_inb_sa(struct rte_crypto_op *cop, struct cn10k_ipsec_sa *sa,
 {
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
+	uint64_t dptr;
 
 	/* Prepare CPT instruction */
-	inst->w4.u64 = sa->inst.w4;
-	inst->w4.s.dlen = rte_pktmbuf_pkt_len(m_src);
-	inst->dptr = rte_pktmbuf_iova(m_src);
-	inst->rptr = inst->dptr;
+	inst->w4.u64 = sa->inst.w4 | rte_pktmbuf_pkt_len(m_src);
+	dptr = rte_pktmbuf_iova(m_src);
+	inst->dptr = dptr;
+	inst->rptr = dptr;
 
 	return 0;
 }

From patchwork Tue Dec  7 06:50:46 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104967
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 47DBAA034F;
	Tue,  7 Dec 2021 07:52:12 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 2D5C342730;
	Tue,  7 Dec 2021 07:51:56 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id A186E426DC
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:54 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a0L1014936
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:54 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=6jNBhTKdZpCiYpzmg4yTdYvM00tL5KoiGtP83OoJWec=;
 b=CPzuxb7jAY8V18AlRXl6g24VMhdyGmcT1H7KKsxcKJ0562SFDStmGwF/CpKD0R2c0iBx
 INKuj9WtAKaI9YaSKClYHcVfqkBwWhlFDhbnNZZi7TFGq28eXr7kLu4vg99x0aAutj2o
 lYxLT6ZY/u77gyqw0SyKvaIbshxXVFjxQXl1OSzbSPREsnN2MApMjFvUZlf78kNq2wUy
 Yb+rlQMExg0mwE0gO1nrJuxDZbwAPLLBldeoiATpeL7ZhY0qLsnZVjM4kbEeOFRuM+cQ
 ixdDa5OJeZFoC4Z/uHZM+s47MKI+Elvm/7SnqUMZpycHamRwXIgtnZjTUwAxbO/jj4h7 iQ==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7eh-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:54 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:52 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:52 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id E6CFD3F7071;
 Mon,  6 Dec 2021 22:51:49 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 13/25] crypto/cnxk: use struct sizes for ctx writes
Date: Tue, 7 Dec 2021 12:20:46 +0530
Message-ID: <1638859858-734-14-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: XePx76IJZkFseq5TofYzoy0KCNfa_RWS
X-Proofpoint-GUID: XePx76IJZkFseq5TofYzoy0KCNfa_RWS
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

CTX writes only require the lengths are 8B aligned. Use the struct size
directly.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index b4acbac..0832b53 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -52,14 +52,12 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	out_sa = &sa->out_sa;
 
 	/* Allocate memory to be used as dptr for CPT ucode WRITE_SA op */
-	sa_dptr = plt_zmalloc(ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ, 0);
+	sa_dptr = plt_zmalloc(sizeof(struct roc_ot_ipsec_outb_sa), 8);
 	if (sa_dptr == NULL) {
 		plt_err("Couldn't allocate memory for SA dptr");
 		return -ENOMEM;
 	}
 
-	memset(sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa));
-
 	/* Translate security parameters to SA */
 	ret = cnxk_ot_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
 	if (ret) {
@@ -133,7 +131,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	/* Write session using microcode opcode */
 	ret = roc_cpt_ctx_write(lf, sa_dptr, out_sa,
-				ROC_NIX_INL_OT_IPSEC_OUTB_HW_SZ);
+				sizeof(struct roc_ot_ipsec_outb_sa));
 	if (ret) {
 		plt_err("Could not write outbound session to hardware");
 		goto sa_dptr_free;
@@ -169,14 +167,12 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 	in_sa = &sa->in_sa;
 
 	/* Allocate memory to be used as dptr for CPT ucode WRITE_SA op */
-	sa_dptr = plt_zmalloc(ROC_NIX_INL_OT_IPSEC_INB_HW_SZ, 0);
+	sa_dptr = plt_zmalloc(sizeof(struct roc_ot_ipsec_inb_sa), 8);
 	if (sa_dptr == NULL) {
 		plt_err("Couldn't allocate memory for SA dptr");
 		return -ENOMEM;
 	}
 
-	memset(sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa));
-
 	/* Translate security parameters to SA */
 	ret = cnxk_ot_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
 	if (ret) {
@@ -225,7 +221,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	/* Write session using microcode opcode */
 	ret = roc_cpt_ctx_write(lf, sa_dptr, in_sa,
-				ROC_NIX_INL_OT_IPSEC_INB_HW_SZ);
+				sizeof(struct roc_ot_ipsec_inb_sa));
 	if (ret) {
 		plt_err("Could not write inbound session to hardware");
 		goto sa_dptr_free;

From patchwork Tue Dec  7 06:50:47 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104968
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id BC463A034F;
	Tue,  7 Dec 2021 07:52:17 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 994D6426FC;
	Tue,  7 Dec 2021 07:52:00 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id E2B1041C28
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:51:58 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a0L2014936
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:51:57 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=s/MGdQ4GwDx4IAf4eeJOvGoNkxjGjsLNmK9Fb0c7eGg=;
 b=CgdlQejb3tkwRPKBJHJaOYWPV4pmAC6JGOxtIeVF/mjcaAN5fdgml28yoHjU3G16It14
 302Wn2cgfmnuCC1Oo9eVJ8tb/OHgrNQveIQOBuC8aYRO6SQI6w8MwuAgkCJLo6KV8Cxg
 M+bMuULQqjNhkxXCLlXE9KwmMipDa+pQpCitc5fr8YmwNDrhFMV7PnGFuiFO1la7AGzx
 y3bLIrbmc/nViWm4jFR2L0W+R8t1P3ZUao3zeQeM61xZoJZkre9IqHR7HDEAFiS1jac5
 xQ8yykpxrjTcJjHwGFa93Jwko6VbaLWiQAK/MDSPXVjges3uuLnnSOMhX6BDP3rgWqZP 3g==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7f0-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:51:57 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:55 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:55 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 4B9033F7071;
 Mon,  6 Dec 2021 22:51:53 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Ankur Dwivedi <adwivedi@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 14/25] crypto/cnxk: add security session stats get
Date: Tue, 7 Dec 2021 12:20:47 +0530
Message-ID: <1638859858-734-15-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: 3YTQgKOEZD0SZxRrngiO2vAZyvCGCdDW
X-Proofpoint-GUID: 3YTQgKOEZD0SZxRrngiO2vAZyvCGCdDW
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Ankur Dwivedi <adwivedi@marvell.com>

Adds the security session stats get op for cn10k.


Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
---
 drivers/crypto/cnxk/cn10k_ipsec.c                 | 55 +++++++++++++++++++++++
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c |  1 +
 drivers/crypto/cnxk/cnxk_cryptodev_sec.c          |  1 +
 3 files changed, 57 insertions(+)

diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c
index 0832b53..a93c211 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -122,6 +122,12 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	sa->inst.w4 = inst_w4.u64;
 
+	if (ipsec_xfrm->options.stats == 1) {
+		/* Enable mib counters */
+		sa_dptr->w0.s.count_mib_bytes = 1;
+		sa_dptr->w0.s.count_mib_pkts = 1;
+	}
+
 	memset(out_sa, 0, sizeof(struct roc_ot_ipsec_outb_sa));
 
 	/* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
@@ -212,6 +218,12 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 
 	sa->inst.w4 = inst_w4.u64;
 
+	if (ipsec_xfrm->options.stats == 1) {
+		/* Enable mib counters */
+		sa_dptr->w0.s.count_mib_bytes = 1;
+		sa_dptr->w0.s.count_mib_pkts = 1;
+	}
+
 	memset(in_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
 
 	/* Copy word0 from sa_dptr to populate ctx_push_sz ctx_size fields */
@@ -357,6 +369,48 @@ cn10k_sec_session_get_size(void *device __rte_unused)
 	return sizeof(struct cn10k_sec_session);
 }
 
+static int
+cn10k_sec_session_stats_get(void *device, struct rte_security_session *sess,
+			    struct rte_security_stats *stats)
+{
+	struct rte_cryptodev *crypto_dev = device;
+	struct roc_ot_ipsec_outb_sa *out_sa;
+	struct roc_ot_ipsec_inb_sa *in_sa;
+	union roc_ot_ipsec_sa_word2 *w2;
+	struct cn10k_sec_session *priv;
+	struct cn10k_ipsec_sa *sa;
+	struct cnxk_cpt_qp *qp;
+
+	priv = get_sec_session_private_data(sess);
+	if (priv == NULL)
+		return -EINVAL;
+
+	qp = crypto_dev->data->queue_pairs[0];
+	if (qp == NULL)
+		return -EINVAL;
+
+	sa = &priv->sa;
+	w2 = (union roc_ot_ipsec_sa_word2 *)&sa->in_sa.w2;
+
+	stats->protocol = RTE_SECURITY_PROTOCOL_IPSEC;
+
+	if (w2->s.dir == ROC_IE_SA_DIR_OUTBOUND) {
+		out_sa = &sa->out_sa;
+		roc_cpt_lf_ctx_flush(&qp->lf, out_sa, false);
+		rte_delay_ms(1);
+		stats->ipsec.opackets = out_sa->ctx.mib_pkts;
+		stats->ipsec.obytes = out_sa->ctx.mib_octs;
+	} else {
+		in_sa = &sa->in_sa;
+		roc_cpt_lf_ctx_flush(&qp->lf, in_sa, false);
+		rte_delay_ms(1);
+		stats->ipsec.ipackets = in_sa->ctx.mib_pkts;
+		stats->ipsec.ibytes = in_sa->ctx.mib_octs;
+	}
+
+	return 0;
+}
+
 /* Update platform specific security ops */
 void
 cn10k_sec_ops_override(void)
@@ -365,4 +419,5 @@ cn10k_sec_ops_override(void)
 	cnxk_sec_ops.session_create = cn10k_sec_session_create;
 	cnxk_sec_ops.session_destroy = cn10k_sec_session_destroy;
 	cnxk_sec_ops.session_get_size = cn10k_sec_session_get_size;
+	cnxk_sec_ops.session_stats_get = cn10k_sec_session_stats_get;
 }
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 9a55474..0fdd91a 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1073,6 +1073,7 @@ cn10k_sec_caps_update(struct rte_security_capability *sec_cap)
 	}
 	sec_cap->ipsec.options.ip_csum_enable = 1;
 	sec_cap->ipsec.options.l4_csum_enable = 1;
+	sec_cap->ipsec.options.stats = 1;
 }
 
 static void
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_sec.c b/drivers/crypto/cnxk/cnxk_cryptodev_sec.c
index 2021d5c..e5a5d2d 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_sec.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_sec.c
@@ -15,6 +15,7 @@ struct rte_security_ops cnxk_sec_ops = {
 	.session_create = NULL,
 	.session_destroy = NULL,
 	.session_get_size = NULL,
+	.session_stats_get = NULL,
 	.set_pkt_metadata = NULL,
 	.get_userdata = NULL,
 	.capabilities_get = cnxk_crypto_sec_capabilities_get

From patchwork Tue Dec  7 06:50:48 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104969
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 66CA3A034F;
	Tue,  7 Dec 2021 07:52:23 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id BF30441152;
	Tue,  7 Dec 2021 07:52:02 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id AD94D42738
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:00 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75aClh015652
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:00 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=DejYeIoUnIlPzloXx0hgfCsGoLdyL3dnFZG6LgV0zEo=;
 b=A9Q4iGxKtqcA7otg3gJcWc7oS82k5JKqzB7z+Dng9+BP9Cy6VHpSICJwh/vE/9ZOIrkp
 Ll8qfKNwJrpJKdtfwRfPBqKhhN//Kz4ZSdOjgAo5c74sKpwoQE1R3z1MNMp1ed/Sew/R
 3NOn7jUwhbkJA6W5IyQOyWvgVJ92Vmhozh1YsPqmLun2+5dtEmtMWncM7QccH0RoBiBh
 43OmN8ddWqAhXODKAtc0DUR/xlxFDST6isTgaqW7nDZwFK5Q44yVvpBNghwds4nfwoG5
 qZKjj17UFQQsyzLl4Qz2WO4DvGByMPr2njaMFINKNg9hXUFTpJ42fcP1Yor5/R5MOyIQ gw==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7f4-2
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:00 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:51:58 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:51:58 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id AF1BB3F7071;
 Mon,  6 Dec 2021 22:51:56 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 15/25] crypto/cnxk: add skip for unsupported cases
Date: Tue, 7 Dec 2021 12:20:48 +0530
Message-ID: <1638859858-734-16-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: rS1nDaM09XXksEsP8oLtrWLDtB-NoPJ-
X-Proofpoint-GUID: rS1nDaM09XXksEsP8oLtrWLDtB-NoPJ-
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add skip for transport mode tests that are not supported. Also, updated the
transport mode path to configure IP version as v4.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn9k_ipsec.c | 53 +++++++++++++++++++++++++++++++++++-----
 1 file changed, 47 insertions(+), 6 deletions(-)

diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 395b0d5..3c6c8e9 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -141,11 +141,10 @@ ipsec_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
 			return -EINVAL;
 	}
 
-	ctl->inner_ip_ver = ctl->outer_ip_ver;
-
-	if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT)
+	if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) {
 		ctl->ipsec_mode = ROC_IE_SA_MODE_TRANSPORT;
-	else if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL)
+		ctl->outer_ip_ver = ROC_IE_SA_IP_VERSION_4;
+	} else if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL)
 		ctl->ipsec_mode = ROC_IE_SA_MODE_TUNNEL;
 	else
 		return -EINVAL;
@@ -548,7 +547,8 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 }
 
 static inline int
-cn9k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec)
+cn9k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec,
+			struct rte_crypto_sym_xform *crypto)
 {
 	if (ipsec->life.bytes_hard_limit != 0 ||
 	    ipsec->life.bytes_soft_limit != 0 ||
@@ -556,6 +556,47 @@ cn9k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec)
 	    ipsec->life.packets_soft_limit != 0)
 		return -ENOTSUP;
 
+	if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) {
+		enum rte_crypto_sym_xform_type type = crypto->type;
+
+		if (type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+			if ((crypto->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) &&
+			    (crypto->aead.key.length == 32)) {
+				plt_err("Transport mode AES-256-GCM is not supported");
+				return -ENOTSUP;
+			}
+		} else {
+			struct rte_crypto_cipher_xform *cipher;
+			struct rte_crypto_auth_xform *auth;
+
+			if (crypto->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+				cipher = &crypto->cipher;
+				auth = &crypto->next->auth;
+			} else {
+				cipher = &crypto->next->cipher;
+				auth = &crypto->auth;
+			}
+
+			if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+			    (auth->algo == RTE_CRYPTO_AUTH_SHA256_HMAC)) {
+				plt_err("Transport mode AES-CBC SHA1 HMAC 256 is not supported");
+				return -ENOTSUP;
+			}
+
+			if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+			    (auth->algo == RTE_CRYPTO_AUTH_SHA384_HMAC)) {
+				plt_err("Transport mode AES-CBC SHA2 HMAC 384 is not supported");
+				return -ENOTSUP;
+			}
+
+			if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+			    (auth->algo == RTE_CRYPTO_AUTH_SHA512_HMAC)) {
+				plt_err("Transport mode AES-CBC SHA2 HMAC 512 is not supported");
+				return -ENOTSUP;
+			}
+		}
+	}
+
 	return 0;
 }
 
@@ -580,7 +621,7 @@ cn9k_ipsec_session_create(void *dev,
 	if (ret)
 		return ret;
 
-	ret = cn9k_ipsec_xform_verify(ipsec_xform);
+	ret = cn9k_ipsec_xform_verify(ipsec_xform, crypto_xform);
 	if (ret)
 		return ret;
 

From patchwork Tue Dec  7 06:50:49 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104975
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 2851CA034F;
	Tue,  7 Dec 2021 07:52:56 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A445242762;
	Tue,  7 Dec 2021 07:52:13 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 513CB4274E
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:09 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJvu018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:08 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=OwAl1IyJ9/3Uo9BFVRXvppn3kiUfiXOXbbZMbE3eOLI=;
 b=kLZH4RHPr8YcS25F2IDfpcEDXkrsrAvcDgu0HsY5q0yc/4EyC2higf8Jq+ZmlDkPM6pd
 YnnwpmA1d03/vZGTcRPN16Jjc8/EHKjTBTfnMVothsEcDUsHL+RhLnQLrGH2rokz5zVF
 GPfn08XQoXm49MSEKi3ByABZYBg/D6jDUAK+lcrdSRvbt/3gBRp3Qknw4tYzSKA0+QLY
 djOCQ6M9TAkukcEH/DVZL/AtwydalIyDbsatnlzPvfOlt0O1fw4wKuIqfZ4NLyiUw54Y
 gLazn31DvoJZmAo5Hte2AxHLdAkqZZQ58qzXLh1UBMXWJzoaxaAjnXBnYmzasmTS8rb1 Bg==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9004x-11
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:08 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:52:02 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:52:02 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 592DA3F709C;
 Mon,  6 Dec 2021 22:52:00 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Tejasree Kondoj <ktejasree@marvell.com>, Archana Muniganti
 <marchana@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 16/25] crypto/cnxk: add context reload for IV
Date: Tue, 7 Dec 2021 12:20:49 +0530
Message-ID: <1638859858-734-17-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: v6w4Jp9uEUGzBxouKOsqmvyswGHq66Xg
X-Proofpoint-ORIG-GUID: v6w4Jp9uEUGzBxouKOsqmvyswGHq66Xg
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Tejasree Kondoj <ktejasree@marvell.com>

Adding context reload in datapath for IV in debug mode.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c |  7 ++++---
 drivers/crypto/cnxk/cn10k_ipsec_la_ops.h  | 10 ++++++++--
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 7617bdc..638268e 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -49,7 +49,8 @@ cn10k_cpt_sym_temp_sess_create(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op)
 }
 
 static __rte_always_inline int __rte_hot
-cpt_sec_inst_fill(struct rte_crypto_op *op, struct cn10k_sec_session *sess,
+cpt_sec_inst_fill(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op,
+		  struct cn10k_sec_session *sess,
 		  struct cpt_inflight_req *infl_req, struct cpt_inst_s *inst)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
@@ -69,7 +70,7 @@ cpt_sec_inst_fill(struct rte_crypto_op *op, struct cn10k_sec_session *sess,
 	sa = &sess->sa;
 
 	if (sa->is_outbound)
-		ret = process_outb_sa(op, sa, inst);
+		ret = process_outb_sa(&qp->lf, op, sa, inst);
 	else {
 		infl_req->op_flags |= CPT_OP_FLAGS_IPSEC_DIR_INBOUND;
 		ret = process_inb_sa(op, sa, inst);
@@ -122,7 +123,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 		if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 			sec_sess = get_sec_session_private_data(
 				sym_op->sec_session);
-			ret = cpt_sec_inst_fill(op, sec_sess, infl_req,
+			ret = cpt_sec_inst_fill(qp, op, sec_sess, infl_req,
 						&inst[0]);
 			if (unlikely(ret))
 				return 0;
diff --git a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
index cab6a50..f2d8122 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn10k_ipsec_la_ops.h
@@ -48,8 +48,8 @@ ipsec_po_sa_aes_gcm_iv_set(struct cn10k_ipsec_sa *sess,
 }
 
 static __rte_always_inline int
-process_outb_sa(struct rte_crypto_op *cop, struct cn10k_ipsec_sa *sess,
-		struct cpt_inst_s *inst)
+process_outb_sa(struct roc_cpt_lf *lf, struct rte_crypto_op *cop,
+		struct cn10k_ipsec_sa *sess, struct cpt_inst_s *inst)
 {
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
@@ -61,6 +61,8 @@ process_outb_sa(struct rte_crypto_op *cop, struct cn10k_ipsec_sa *sess,
 		return -ENOMEM;
 	}
 
+	RTE_SET_USED(lf);
+
 #ifdef LA_IPSEC_DEBUG
 	if (sess->out_sa.w2.s.iv_src == ROC_IE_OT_SA_IV_SRC_FROM_SA) {
 		if (sess->out_sa.w2.s.enc_type == ROC_IE_OT_SA_ENC_AES_GCM)
@@ -68,6 +70,10 @@ process_outb_sa(struct rte_crypto_op *cop, struct cn10k_ipsec_sa *sess,
 		else
 			ipsec_po_sa_iv_set(sess, cop);
 	}
+
+	/* Trigger CTX reload to fetch new data from DRAM */
+	roc_cpt_lf_ctx_reload(lf, &sess->out_sa);
+	rte_delay_ms(1);
 #endif
 
 	if (m_src->ol_flags & RTE_MBUF_F_TX_IP_CKSUM)

From patchwork Tue Dec  7 06:50:50 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104976
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id DC111A034F;
	Tue,  7 Dec 2021 07:53:00 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id AB58442769;
	Tue,  7 Dec 2021 07:52:14 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 9BB2D4273E
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:09 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJvv018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:08 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=wvdVVHsr62Wa5gyqgACrgIkCdHROpLTKwN7GZXuD860=;
 b=eZzCucb/bhp9T7hwLe2bM8Zg2vywc6ZJqEO58aLB5ffDqMDfKSq8e0lHqwni0rc4BH6L
 cYAnNf64h4MLb4zt9nGNNI6VH1TBZMvGd375T784Hcik7YBwcNGTJqNbUN+EPe2kXmHt
 Ts1M1NET4Ro/ruwCByt9TsYaIvGwyupeiirCDf80SiSrSbspeSBJKl16uqfKJQEcqaRU
 gLFl0dK9YtqsTYiYIi/W05X+vMvEeg2ubDYL8ME4ZDhleWB3aD4qmEEggjPGVJN3DiYK
 BS6JzR62TQ+ymg+B6j0m9UYkwjWvGR6owFOxuRBrZT50U73SK2OB4ATtzGbS17Wu5U3v Fg==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9004x-12
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:08 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:52:06 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:52:05 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 9A8F33F7092;
 Mon,  6 Dec 2021 22:52:03 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 17/25] crypto/cnxk: handle null chained ops
Date: Tue, 7 Dec 2021 12:20:50 +0530
Message-ID: <1638859858-734-18-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: 4ol8RefPrB2SQ8kJjXsKIQFOiY457rJc
X-Proofpoint-ORIG-GUID: 4ol8RefPrB2SQ8kJjXsKIQFOiY457rJc
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Verification doesn't cover cases when NULL auth/cipher is provided as a
chain. Removed the separate function for verification and added a
replacement function which calls the appropriate downstream functions.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 189 ++++++++++++++++---------------
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h |  10 --
 drivers/crypto/cnxk/cnxk_se.h            |   6 +
 3 files changed, 102 insertions(+), 103 deletions(-)

diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 21ee09f..b02f070 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -418,84 +418,121 @@ cnxk_cpt_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 }
 
 static int
-sym_xform_verify(struct rte_crypto_sym_xform *xform)
+cnxk_sess_fill(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 {
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->auth.algo == RTE_CRYPTO_AUTH_NULL &&
-	    xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
-		return -ENOTSUP;
+	struct rte_crypto_sym_xform *aead_xfrm = NULL;
+	struct rte_crypto_sym_xform *c_xfrm = NULL;
+	struct rte_crypto_sym_xform *a_xfrm = NULL;
+	bool ciph_then_auth;
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL)
-		return CNXK_CPT_CIPHER;
+	if (xform == NULL)
+		return -EINVAL;
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && xform->next == NULL)
-		return CNXK_CPT_AUTH;
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		c_xfrm = xform;
+		a_xfrm = xform->next;
+		ciph_then_auth = true;
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		c_xfrm = xform->next;
+		a_xfrm = xform;
+		ciph_then_auth = false;
+	} else {
+		aead_xfrm = xform;
+	}
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD && xform->next == NULL)
-		return CNXK_CPT_AEAD;
+	if (c_xfrm != NULL && c_xfrm->type != RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		plt_dp_err("Invalid type in cipher xform");
+		return -EINVAL;
+	}
 
-	if (xform->next == NULL)
-		return -EIO;
+	if (a_xfrm != NULL && a_xfrm->type != RTE_CRYPTO_SYM_XFORM_AUTH) {
+		plt_dp_err("Invalid type in auth xform");
+		return -EINVAL;
+	}
+
+	if (aead_xfrm != NULL && aead_xfrm->type != RTE_CRYPTO_SYM_XFORM_AEAD) {
+		plt_dp_err("Invalid type in AEAD xform");
+		return -EINVAL;
+	}
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-	    xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
-	    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->next->auth.algo == RTE_CRYPTO_AUTH_SHA1)
+	if ((c_xfrm == NULL || c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_NULL) &&
+	    a_xfrm != NULL && a_xfrm->auth.algo == RTE_CRYPTO_AUTH_NULL &&
+	    a_xfrm->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY) {
+		plt_dp_err("Null cipher + null auth verify is not supported");
 		return -ENOTSUP;
+	}
+
+	/* Cipher only */
+	if (c_xfrm != NULL &&
+	    (a_xfrm == NULL || a_xfrm->auth.algo == RTE_CRYPTO_AUTH_NULL)) {
+		if (fill_sess_cipher(c_xfrm, sess))
+			return -ENOTSUP;
+		else
+			return 0;
+	}
+
+	/* Auth only */
+	if (a_xfrm != NULL &&
+	    (c_xfrm == NULL || c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_NULL)) {
+		if (fill_sess_auth(a_xfrm, sess))
+			return -ENOTSUP;
+		else
+			return 0;
+	}
+
+	/* AEAD */
+	if (aead_xfrm != NULL) {
+		if (fill_sess_aead(aead_xfrm, sess))
+			return -ENOTSUP;
+		else
+			return 0;
+	}
+
+	/* Chained ops */
+	if (c_xfrm == NULL || a_xfrm == NULL) {
+		plt_dp_err("Invalid xforms");
+		return -EINVAL;
+	}
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->auth.algo == RTE_CRYPTO_AUTH_SHA1 &&
-	    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-	    xform->next->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC)
+	if (c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
+	    a_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1) {
+		plt_dp_err("3DES-CBC + SHA1 is not supported");
 		return -ENOTSUP;
+	}
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-	    xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT &&
-	    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->next->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE)
-		return CNXK_CPT_CIPHER_ENC_AUTH_GEN;
-
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY &&
-	    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-	    xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)
-		return CNXK_CPT_AUTH_VRFY_CIPHER_DEC;
-
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->auth.op == RTE_CRYPTO_AUTH_OP_GENERATE &&
-	    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-	    xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
-		switch (xform->auth.algo) {
-		case RTE_CRYPTO_AUTH_SHA1_HMAC:
-			switch (xform->next->cipher.algo) {
-			case RTE_CRYPTO_CIPHER_AES_CBC:
-				return CNXK_CPT_AUTH_GEN_CIPHER_ENC;
-			default:
-				return -ENOTSUP;
-			}
-		default:
+	/* Cipher then auth */
+	if (ciph_then_auth) {
+		if (fill_sess_cipher(c_xfrm, sess))
 			return -ENOTSUP;
-		}
+		if (fill_sess_auth(a_xfrm, sess))
+			return -ENOTSUP;
+		else
+			return 0;
 	}
 
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-	    xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&
-	    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-	    xform->next->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY) {
-		switch (xform->cipher.algo) {
-		case RTE_CRYPTO_CIPHER_AES_CBC:
-			switch (xform->next->auth.algo) {
-			case RTE_CRYPTO_AUTH_SHA1_HMAC:
-				return CNXK_CPT_CIPHER_DEC_AUTH_VRFY;
+	/* else */
+
+	if (c_xfrm->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+		switch (a_xfrm->auth.algo) {
+		case RTE_CRYPTO_AUTH_SHA1_HMAC:
+			switch (c_xfrm->cipher.algo) {
+			case RTE_CRYPTO_CIPHER_AES_CBC:
+				break;
 			default:
 				return -ENOTSUP;
 			}
+			break;
 		default:
 			return -ENOTSUP;
 		}
 	}
 
-	return -ENOTSUP;
+	if (fill_sess_auth(a_xfrm, sess))
+		return -ENOTSUP;
+	if (fill_sess_cipher(c_xfrm, sess))
+		return -ENOTSUP;
+	else
+		return 0;
 }
 
 static uint64_t
@@ -524,10 +561,6 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 	void *priv;
 	int ret;
 
-	ret = sym_xform_verify(xform);
-	if (unlikely(ret < 0))
-		return ret;
-
 	if (unlikely(rte_mempool_get(pool, &priv))) {
 		plt_dp_err("Could not allocate session private data");
 		return -ENOMEM;
@@ -537,37 +570,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 
 	sess_priv = priv;
 
-	switch (ret) {
-	case CNXK_CPT_CIPHER:
-		ret = fill_sess_cipher(xform, sess_priv);
-		break;
-	case CNXK_CPT_AUTH:
-		if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC)
-			ret = fill_sess_gmac(xform, sess_priv);
-		else
-			ret = fill_sess_auth(xform, sess_priv);
-		break;
-	case CNXK_CPT_AEAD:
-		ret = fill_sess_aead(xform, sess_priv);
-		break;
-	case CNXK_CPT_CIPHER_ENC_AUTH_GEN:
-	case CNXK_CPT_CIPHER_DEC_AUTH_VRFY:
-		ret = fill_sess_cipher(xform, sess_priv);
-		if (ret < 0)
-			break;
-		ret = fill_sess_auth(xform->next, sess_priv);
-		break;
-	case CNXK_CPT_AUTH_VRFY_CIPHER_DEC:
-	case CNXK_CPT_AUTH_GEN_CIPHER_ENC:
-		ret = fill_sess_auth(xform, sess_priv);
-		if (ret < 0)
-			break;
-		ret = fill_sess_cipher(xform->next, sess_priv);
-		break;
-	default:
-		ret = -1;
-	}
-
+	ret = cnxk_sess_fill(xform, sess_priv);
 	if (ret)
 		goto priv_put;
 
@@ -592,7 +595,7 @@ sym_session_configure(struct roc_cpt *roc_cpt, int driver_id,
 priv_put:
 	rte_mempool_put(pool, priv);
 
-	return -ENOTSUP;
+	return ret;
 }
 
 int
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index 0d36365..ca363bb 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -30,16 +30,6 @@ struct cpt_qp_meta_info {
 	int mlen;
 };
 
-enum sym_xform_type {
-	CNXK_CPT_CIPHER = 1,
-	CNXK_CPT_AUTH,
-	CNXK_CPT_AEAD,
-	CNXK_CPT_CIPHER_ENC_AUTH_GEN,
-	CNXK_CPT_AUTH_VRFY_CIPHER_DEC,
-	CNXK_CPT_AUTH_GEN_CIPHER_ENC,
-	CNXK_CPT_CIPHER_DEC_AUTH_VRFY
-};
-
 #define CPT_OP_FLAGS_METABUF	       (1 << 1)
 #define CPT_OP_FLAGS_AUTH_VERIFY       (1 << 0)
 #define CPT_OP_FLAGS_IPSEC_DIR_INBOUND (1 << 2)
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 37237de..a8cd2c5 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -36,6 +36,9 @@ struct cnxk_se_sess {
 	struct roc_se_ctx roc_se_ctx;
 } __rte_cache_aligned;
 
+static __rte_always_inline int
+fill_sess_gmac(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess);
+
 static inline void
 cpt_pack_iv(uint8_t *iv_src, uint8_t *iv_dst)
 {
@@ -1808,6 +1811,9 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 	roc_se_auth_type auth_type = 0; /* NULL Auth type */
 	uint8_t zsk_flag = 0, aes_gcm = 0, is_null = 0;
 
+	if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC)
+		return fill_sess_gmac(xform, sess);
+
 	if (xform->next != NULL &&
 	    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
 	    xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {

From patchwork Tue Dec  7 06:50:51 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104977
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 93EBBA034F;
	Tue,  7 Dec 2021 07:53:07 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 13BDC42776;
	Tue,  7 Dec 2021 07:52:16 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id EC46742758
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:11 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pMGB018337
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:11 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=Goj5xAoeseeAM9xu2jYxBMSoxAfGgekZIQ9y6kmtU7A=;
 b=YIJBKk6AFjKHYDHEq2fclKkSqIShCEM4gLh4ZiitNcDD4kM+wVGDXalGP394fB1guldX
 vP3O96TPrvQGnXG9hPUM6TGfU6+vLG1/2YNOZVr36hi5BDnKPSJiPZED9PLKCHiUmcS8
 gBkq1g7j+EVMndzOevJ6lTLY4F1BEPulN+XzRkaU3lrCw34HAzXiBJL+3AXs/p+/rNR1
 UadqeqspEz/4rFLPNhmdBSjLQ46yYaPHc4v99EMBtpcMBJa9ydya430gW1Tfh7Bqm69c
 XG4XaJf6Co+FnifhVTNrD24w+De6bJgu7LfIleguRlWxjAlOO476lafraGXNLLIDCb+a xA==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q90057-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:11 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:52:09 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:52:09 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 372993F7071;
 Mon,  6 Dec 2021 22:52:06 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 18/25] crypto/cnxk: fix inflight cnt calculation
Date: Tue, 7 Dec 2021 12:20:51 +0530
Message-ID: <1638859858-734-19-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: 0yiMPxNwigSUdLpJgGvmfhLacdp7zmcI
X-Proofpoint-ORIG-GUID: 0yiMPxNwigSUdLpJgGvmfhLacdp7zmcI
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Inflight count calculation is updated to cover wrap around cases where
head can become smaller than tail.


Reported-by: Kiran Kumar K <kirankumark@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index ca363bb..0336ae1 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -156,7 +156,11 @@ pending_queue_retreat(uint64_t *index, const uint64_t mask, uint64_t nb_entry)
 static __rte_always_inline uint64_t
 pending_queue_infl_cnt(uint64_t head, uint64_t tail, const uint64_t mask)
 {
-	return (head - tail) & mask;
+	/*
+	 * Mask is nb_desc - 1. Add nb_desc to head and mask to account for
+	 * cases when tail > head, which happens during wrap around.
+	 */
+	return ((head + mask + 1) - tail) & mask;
 }
 
 static __rte_always_inline uint64_t

From patchwork Tue Dec  7 06:50:52 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104978
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 336F0A034F;
	Tue,  7 Dec 2021 07:53:13 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 2388242774;
	Tue,  7 Dec 2021 07:52:17 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id B34E542770
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:15 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pKVP018326
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:14 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=d0VlxIHBaYcHKS/EfCJfVxVb4S1+3DmaYoZdLC2ZuPA=;
 b=MHcQSFqwjUGJDrbCKc8yzG0mNm5UksvvD7K+KkfmpdUueKtmY3CigmuWo4l/QHgUfvOe
 EM2lUKAkhgENUnSszz0AhuXc5/B323WpJ0oyppeeRM4JQ+eV+3nuaCGPIgpU8bhYIb8s
 /RtKrsHRgjpfJKkW9mrSbYwDa0Ccv2n/MFugrnhq92nGj0U3BktTeKEj1wHyG82KeaLn
 ySdMF3tv/PCs+cXKji0XlPABKpj4JUyLi7geC8z2iNft0P65JFo0iTj5yW3tQ8EAgAxE
 3YnV9N2yUx3Ak8DLfNwb0KWPJGX1qF30iskIThB789MRQkf4AtLscfh8DAi40nFAj/rR zQ==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9005f-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:14 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:52:13 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:52:13 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id CF9BE3F7071;
 Mon,  6 Dec 2021 22:52:10 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 19/25] crypto/cnxk: use atomics to access cpt res
Date: Tue, 7 Dec 2021 12:20:52 +0530
Message-ID: <1638859858-734-20-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: 1LPUDoFJQfdFzPgHHF7xLt0M6BvJ3ZHi
X-Proofpoint-ORIG-GUID: 1LPUDoFJQfdFzPgHHF7xLt0M6BvJ3ZHi
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

The memory would be updated by hardware. Use atomics to read the same..

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/cnxk/hw/cpt.h              |  2 ++
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 24 ++++++++++++++++--------
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c  | 28 +++++++++++++++++++---------
 3 files changed, 37 insertions(+), 17 deletions(-)

diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h
index ccc7af4..412dd76 100644
--- a/drivers/common/cnxk/hw/cpt.h
+++ b/drivers/common/cnxk/hw/cpt.h
@@ -215,6 +215,8 @@ union cpt_res_s {
 
 		uint64_t reserved_64_127;
 	} cn9k;
+
+	uint64_t u64[2];
 };
 
 /* [CN10K, .) */
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 638268e..f8240e1 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -111,6 +111,10 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 	uint64_t w7;
 	int ret;
 
+	const union cpt_res_s res = {
+		.cn10k.compcode = CPT_COMP_NOT_DONE,
+	};
+
 	op = ops[0];
 
 	inst[0].w0.u64 = 0;
@@ -174,7 +178,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
 	}
 
 	inst[0].res_addr = (uint64_t)&infl_req->res;
-	infl_req->res.cn10k.compcode = CPT_COMP_NOT_DONE;
+	__atomic_store_n(&infl_req->res.u64[0], res.u64[0], __ATOMIC_RELAXED);
 	infl_req->cop = op;
 
 	inst[0].w7.u64 = w7;
@@ -395,9 +399,9 @@ cn10k_cpt_sec_ucc_process(struct rte_crypto_op *cop,
 static inline void
 cn10k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp,
 			       struct rte_crypto_op *cop,
-			       struct cpt_inflight_req *infl_req)
+			       struct cpt_inflight_req *infl_req,
+			       struct cpt_cn10k_res_s *res)
 {
-	struct cpt_cn10k_res_s *res = (struct cpt_cn10k_res_s *)&infl_req->res;
 	const uint8_t uc_compcode = res->uc_compcode;
 	const uint8_t compcode = res->compcode;
 	unsigned int sz;
@@ -495,12 +499,15 @@ cn10k_cpt_crypto_adapter_dequeue(uintptr_t get_work1)
 	struct cpt_inflight_req *infl_req;
 	struct rte_crypto_op *cop;
 	struct cnxk_cpt_qp *qp;
+	union cpt_res_s res;
 
 	infl_req = (struct cpt_inflight_req *)(get_work1);
 	cop = infl_req->cop;
 	qp = infl_req->qp;
 
-	cn10k_cpt_dequeue_post_process(qp, infl_req->cop, infl_req);
+	res.u64[0] = __atomic_load_n(&infl_req->res.u64[0], __ATOMIC_RELAXED);
+
+	cn10k_cpt_dequeue_post_process(qp, infl_req->cop, infl_req, &res.cn10k);
 
 	if (unlikely(infl_req->op_flags & CPT_OP_FLAGS_METABUF))
 		rte_mempool_put(qp->meta_info.pool, infl_req->mdata);
@@ -515,9 +522,9 @@ cn10k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 	struct cpt_inflight_req *infl_req;
 	struct cnxk_cpt_qp *qp = qptr;
 	struct pending_queue *pend_q;
-	struct cpt_cn10k_res_s *res;
 	uint64_t infl_cnt, pq_tail;
 	struct rte_crypto_op *cop;
+	union cpt_res_s res;
 	int i;
 
 	pend_q = &qp->pend_q;
@@ -534,9 +541,10 @@ cn10k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 	for (i = 0; i < nb_ops; i++) {
 		infl_req = &pend_q->req_queue[pq_tail];
 
-		res = (struct cpt_cn10k_res_s *)&infl_req->res;
+		res.u64[0] = __atomic_load_n(&infl_req->res.u64[0],
+					     __ATOMIC_RELAXED);
 
-		if (unlikely(res->compcode == CPT_COMP_NOT_DONE)) {
+		if (unlikely(res.cn10k.compcode == CPT_COMP_NOT_DONE)) {
 			if (unlikely(rte_get_timer_cycles() >
 				     pend_q->time_out)) {
 				plt_err("Request timed out");
@@ -553,7 +561,7 @@ cn10k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 
 		ops[i] = cop;
 
-		cn10k_cpt_dequeue_post_process(qp, cop, infl_req);
+		cn10k_cpt_dequeue_post_process(qp, cop, infl_req, &res.cn10k);
 
 		if (unlikely(infl_req->op_flags & CPT_OP_FLAGS_METABUF))
 			rte_mempool_put(qp->meta_info.pool, infl_req->mdata);
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index 449208d..cf80d47 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -221,6 +221,10 @@ cn9k_cpt_enqueue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 	uint64_t head;
 	int ret;
 
+	const union cpt_res_s res = {
+		.cn10k.compcode = CPT_COMP_NOT_DONE,
+	};
+
 	pend_q = &qp->pend_q;
 
 	const uint64_t lmt_base = qp->lf.lmt_base;
@@ -274,10 +278,12 @@ cn9k_cpt_enqueue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 		infl_req_1->op_flags = 0;
 		infl_req_2->op_flags = 0;
 
-		infl_req_1->res.cn9k.compcode = CPT_COMP_NOT_DONE;
+		__atomic_store_n(&infl_req_1->res.u64[0], res.u64[0],
+				 __ATOMIC_RELAXED);
 		inst[0].res_addr = (uint64_t)&infl_req_1->res;
 
-		infl_req_2->res.cn9k.compcode = CPT_COMP_NOT_DONE;
+		__atomic_store_n(&infl_req_2->res.u64[0], res.u64[0],
+				 __ATOMIC_RELAXED);
 		inst[1].res_addr = (uint64_t)&infl_req_2->res;
 
 		ret = cn9k_cpt_inst_prep(qp, op_1, infl_req_1, &inst[0]);
@@ -410,9 +416,9 @@ cn9k_cpt_sec_post_process(struct rte_crypto_op *cop,
 
 static inline void
 cn9k_cpt_dequeue_post_process(struct cnxk_cpt_qp *qp, struct rte_crypto_op *cop,
-			      struct cpt_inflight_req *infl_req)
+			      struct cpt_inflight_req *infl_req,
+			      struct cpt_cn9k_res_s *res)
 {
-	struct cpt_cn9k_res_s *res = (struct cpt_cn9k_res_s *)&infl_req->res;
 	unsigned int sz;
 
 	if (likely(res->compcode == CPT_COMP_GOOD)) {
@@ -492,12 +498,15 @@ cn9k_cpt_crypto_adapter_dequeue(uintptr_t get_work1)
 	struct cpt_inflight_req *infl_req;
 	struct rte_crypto_op *cop;
 	struct cnxk_cpt_qp *qp;
+	union cpt_res_s res;
 
 	infl_req = (struct cpt_inflight_req *)(get_work1);
 	cop = infl_req->cop;
 	qp = infl_req->qp;
 
-	cn9k_cpt_dequeue_post_process(qp, infl_req->cop, infl_req);
+	res.u64[0] = __atomic_load_n(&infl_req->res.u64[0], __ATOMIC_RELAXED);
+
+	cn9k_cpt_dequeue_post_process(qp, infl_req->cop, infl_req, &res.cn9k);
 
 	if (unlikely(infl_req->op_flags & CPT_OP_FLAGS_METABUF))
 		rte_mempool_put(qp->meta_info.pool, infl_req->mdata);
@@ -512,9 +521,9 @@ cn9k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 	struct cpt_inflight_req *infl_req;
 	struct cnxk_cpt_qp *qp = qptr;
 	struct pending_queue *pend_q;
-	struct cpt_cn9k_res_s *res;
 	uint64_t infl_cnt, pq_tail;
 	struct rte_crypto_op *cop;
+	union cpt_res_s res;
 	int i;
 
 	pend_q = &qp->pend_q;
@@ -531,9 +540,10 @@ cn9k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 	for (i = 0; i < nb_ops; i++) {
 		infl_req = &pend_q->req_queue[pq_tail];
 
-		res = (struct cpt_cn9k_res_s *)&infl_req->res;
+		res.u64[0] = __atomic_load_n(&infl_req->res.u64[0],
+					     __ATOMIC_RELAXED);
 
-		if (unlikely(res->compcode == CPT_COMP_NOT_DONE)) {
+		if (unlikely(res.cn9k.compcode == CPT_COMP_NOT_DONE)) {
 			if (unlikely(rte_get_timer_cycles() >
 				     pend_q->time_out)) {
 				plt_err("Request timed out");
@@ -550,7 +560,7 @@ cn9k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 
 		ops[i] = cop;
 
-		cn9k_cpt_dequeue_post_process(qp, cop, infl_req);
+		cn9k_cpt_dequeue_post_process(qp, cop, infl_req, &res.cn9k);
 
 		if (unlikely(infl_req->op_flags & CPT_OP_FLAGS_METABUF))
 			rte_mempool_put(qp->meta_info.pool, infl_req->mdata);

From patchwork Tue Dec  7 06:50:53 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104980
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 236C0A034F;
	Tue,  7 Dec 2021 07:53:26 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A44344277A;
	Tue,  7 Dec 2021 07:52:30 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 202C141229
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:27 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJw0018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:27 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=5mXBGpM/SqSaS0OV2vDZCGoqWddxjFjKKQpPwY6KPks=;
 b=BGXkigjdqm7euzW4zhtq/eHUMF98Twc9jkEgq+tv8qdTxrO04QZ461ewiVG+vB5BCdUN
 jmQiPn1fK0Lz6xFBblN5V4OLeTVkdzjQT6eScLcSBLpqvGzWHzI0HEN6hq+XYXKnQn8s
 oRUPaw79KY02afLW5TwM71V/hSzdFVcsvZTlUdTJpTqizUSLyaZh5NFx2cTdSfOkjxra
 r61w+lqxM5bRhheOVOhk1kEtIBoAxVfCBDI5Yh+JfqVmV+5PLfH/qLXI2TLUIu/xWzm1
 HW6ycHfPD5OpLKV4F0XZDnHvUAes6Lmke8jZWioy/98x9LR2V5vDhKBMizEaWRvVt9hi ow==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q90060-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:22 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:52:20 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:52:20 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id BC6A93F709C;
 Mon,  6 Dec 2021 22:52:14 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 20/25] crypto/cnxk: add more info on command timeout
Date: Tue, 7 Dec 2021 12:20:53 +0530
Message-ID: <1638859858-734-21-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: vfFQ5hB33rVBbTh7WynH9kPoEu_UN1IV
X-Proofpoint-ORIG-GUID: vfFQ5hB33rVBbTh7WynH9kPoEu_UN1IV
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Print more info when command timeout happens. Print software and
hardware queue information.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/common/cnxk/hw/cpt.h              | 11 ++++++++
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c |  1 +
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c  |  1 +
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c  | 43 +++++++++++++++++++++++++++++++
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h  |  1 +
 5 files changed, 57 insertions(+)

diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h
index 412dd76..4d9c896 100644
--- a/drivers/common/cnxk/hw/cpt.h
+++ b/drivers/common/cnxk/hw/cpt.h
@@ -91,6 +91,17 @@ union cpt_lf_inprog {
 	} s;
 };
 
+union cpt_lf_q_inst_ptr {
+	uint64_t u;
+	struct cpt_lf_q_inst_ptr_s {
+		uint64_t dq_ptr : 20;
+		uint64_t reserved_20_31 : 12;
+		uint64_t nq_ptr : 20;
+		uint64_t reserved_52_62 : 11;
+		uint64_t xq_xor : 1;
+	} s;
+};
+
 union cpt_lf_q_base {
 	uint64_t u;
 	struct cpt_lf_q_base_s {
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index f8240e1..1905ea3 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -548,6 +548,7 @@ cn10k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 			if (unlikely(rte_get_timer_cycles() >
 				     pend_q->time_out)) {
 				plt_err("Request timed out");
+				cnxk_cpt_dump_on_err(qp);
 				pend_q->time_out = rte_get_timer_cycles() +
 						   DEFAULT_COMMAND_TIMEOUT *
 							   rte_get_timer_hz();
diff --git a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
index cf80d47..ac1953b 100644
--- a/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn9k_cryptodev_ops.c
@@ -547,6 +547,7 @@ cn9k_cpt_dequeue_burst(void *qptr, struct rte_crypto_op **ops, uint16_t nb_ops)
 			if (unlikely(rte_get_timer_cycles() >
 				     pend_q->time_out)) {
 				plt_err("Request timed out");
+				cnxk_cpt_dump_on_err(qp);
 				pend_q->time_out = rte_get_timer_cycles() +
 						   DEFAULT_COMMAND_TIMEOUT *
 							   rte_get_timer_hz();
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index b02f070..f63dcdd 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -703,3 +703,46 @@ cnxk_ae_session_cfg(struct rte_cryptodev *dev,
 
 	return 0;
 }
+
+void
+cnxk_cpt_dump_on_err(struct cnxk_cpt_qp *qp)
+{
+	struct pending_queue *pend_q = &qp->pend_q;
+	uint64_t inflight, enq_ptr, deq_ptr, insts;
+	union cpt_lf_q_inst_ptr inst_ptr;
+	union cpt_lf_inprog lf_inprog;
+
+	plt_print("Lcore ID: %d, LF/QP ID: %d", rte_lcore_id(), qp->lf.lf_id);
+	plt_print("");
+	plt_print("S/w pending queue:");
+	plt_print("\tHead: %ld", pend_q->head);
+	plt_print("\tTail: %ld", pend_q->tail);
+	plt_print("\tMask: 0x%lx", pend_q->pq_mask);
+	plt_print("\tInflight count: %ld",
+		  pending_queue_infl_cnt(pend_q->head, pend_q->tail,
+					 pend_q->pq_mask));
+
+	plt_print("");
+	plt_print("H/w pending queue:");
+
+	lf_inprog.u = plt_read64(qp->lf.rbase + CPT_LF_INPROG);
+	inflight = lf_inprog.s.inflight;
+	plt_print("\tInflight in engines: %ld", inflight);
+
+	inst_ptr.u = plt_read64(qp->lf.rbase + CPT_LF_Q_INST_PTR);
+
+	enq_ptr = inst_ptr.s.nq_ptr;
+	deq_ptr = inst_ptr.s.dq_ptr;
+
+	if (enq_ptr >= deq_ptr)
+		insts = enq_ptr - deq_ptr;
+	else
+		insts = (enq_ptr + pend_q->pq_mask + 1 + 320 + 40) - deq_ptr;
+
+	plt_print("\tNQ ptr: 0x%lx", enq_ptr);
+	plt_print("\tDQ ptr: 0x%lx", deq_ptr);
+	plt_print("Insts waiting in CPT: %ld", insts);
+
+	plt_print("");
+	roc_cpt_afs_print(qp->lf.roc_cpt);
+}
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
index 0336ae1..e521f07 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.h
@@ -122,6 +122,7 @@ int cnxk_ae_session_cfg(struct rte_cryptodev *dev,
 			struct rte_crypto_asym_xform *xform,
 			struct rte_cryptodev_asym_session *sess,
 			struct rte_mempool *pool);
+void cnxk_cpt_dump_on_err(struct cnxk_cpt_qp *qp);
 
 static inline union rte_event_crypto_metadata *
 cnxk_event_crypto_mdata_get(struct rte_crypto_op *op)

From patchwork Tue Dec  7 06:50:54 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104979
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id B360FA034F;
	Tue,  7 Dec 2021 07:53:18 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 3709741C3C;
	Tue,  7 Dec 2021 07:52:29 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 6C2AB41229
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:52:27 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a07M014960
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:52:26 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=YIJ5cjUyJPS1+C+0y/Fh2NPIGnZQs4gR6WhHFEpuidE=;
 b=J8AyaKTQcr6apo59LWOcSlw5I/DeprBF+eC8hzbBwCG+lECO2P72qgHW+FiJqsQAGnKb
 0VuxNaMXO0+t6jJJzLv9twJvBITsHv7RdrewCtXkVtoOSAd44QVZOCDRGOkkg1zttIiU
 d2SVrUP8xCU35IJykG1uNbjnW+WBxXd1o2+vIKXgoYwwgT0ADGMTAi6xIlaUcADO3AZT
 KzXRWPtumNpOqL8Ozt1NHo7GvIYFGvNDBC2jd5wbPiHF9ljPvuKej+cXlLrYdSMu398F
 rgZsp2xBkRrT0ly6jSvRdpV/+z5CNm8aR6VtxnhhCMPWQGllbo56e7dhz0P9r1L2ixYg KQ==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7h1-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:52:26 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:52:24 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:52:24 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 75DB43F7071;
 Mon,  6 Dec 2021 22:52:21 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Tejasree Kondoj <ktejasree@marvell.com>, Archana Muniganti
 <marchana@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 21/25] crypto/cnxk: support lookaside IPsec AES-CTR
Date: Tue, 7 Dec 2021 12:20:54 +0530
Message-ID: <1638859858-734-22-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: mUrkNLWPNxf77es1GXCmMNaEGDX8zPYM
X-Proofpoint-GUID: mUrkNLWPNxf77es1GXCmMNaEGDX8zPYM
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Tejasree Kondoj <ktejasree@marvell.com>

Adding AES-CTR support to cnxk CPT in
lookaside IPsec mode.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 doc/guides/cryptodevs/cnxk.rst                    |  2 ++
 doc/guides/rel_notes/release_22_03.rst            |  1 +
 drivers/common/cnxk/cnxk_security.c               |  6 ++++++
 drivers/crypto/cnxk/cn9k_ipsec.c                  |  3 +++
 drivers/crypto/cnxk/cnxk_cryptodev.h              |  2 +-
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 20 ++++++++++++++++++++
 drivers/crypto/cnxk/cnxk_ipsec.h                  |  3 ++-
 7 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index c49a779..1239155 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -261,6 +261,7 @@ Cipher algorithms
 +++++++++++++++++
 
 * AES-128/192/256-CBC
+* AES-128/192/256-CTR
 
 Auth algorithms
 +++++++++++++++
@@ -288,6 +289,7 @@ Cipher algorithms
 +++++++++++++++++
 
 * AES-128/192/256-CBC
+* AES-128/192/256-CTR
 
 Auth algorithms
 +++++++++++++++
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 8df9092..4b272e4 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -60,6 +60,7 @@ New Features
   * Added SHA256-HMAC support in lookaside protocol (IPsec) for CN10K.
   * Added SHA384-HMAC support in lookaside protocol (IPsec) for CN9K & CN10K.
   * Added SHA512-HMAC support in lookaside protocol (IPsec) for CN9K & CN10K.
+  * Added AES-CTR support in lookaside protocol (IPsec) for CN9K & CN10K.
 
 
 Removed Items
diff --git a/drivers/common/cnxk/cnxk_security.c b/drivers/common/cnxk/cnxk_security.c
index 1c86f82..0d4baa9 100644
--- a/drivers/common/cnxk/cnxk_security.c
+++ b/drivers/common/cnxk/cnxk_security.c
@@ -123,6 +123,9 @@ ot_ipsec_sa_common_param_fill(union roc_ot_ipsec_sa_word2 *w2,
 		case RTE_CRYPTO_CIPHER_AES_CBC:
 			w2->s.enc_type = ROC_IE_OT_SA_ENC_AES_CBC;
 			break;
+		case RTE_CRYPTO_CIPHER_AES_CTR:
+			w2->s.enc_type = ROC_IE_OT_SA_ENC_AES_CTR;
+			break;
 		default:
 			return -ENOTSUP;
 		}
@@ -630,6 +633,9 @@ onf_ipsec_sa_common_param_fill(struct roc_ie_onf_sa_ctl *ctl, uint8_t *salt,
 		case RTE_CRYPTO_CIPHER_AES_CBC:
 			ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CBC;
 			break;
+		case RTE_CRYPTO_CIPHER_AES_CTR:
+			ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CTR;
+			break;
 		default:
 			return -ENOTSUP;
 		}
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 3c6c8e9..65f46b2 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -166,6 +166,9 @@ ipsec_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
 	} else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {
 		ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CBC;
 		aes_key_len = cipher_xform->cipher.key.length;
+	} else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
+		ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CTR;
+		aes_key_len = cipher_xform->cipher.key.length;
 	} else {
 		return -ENOTSUP;
 	}
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index f701c26..4a1e377 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -11,7 +11,7 @@
 #include "roc_cpt.h"
 
 #define CNXK_CPT_MAX_CAPS	 34
-#define CNXK_SEC_CRYPTO_MAX_CAPS 8
+#define CNXK_SEC_CRYPTO_MAX_CAPS 9
 #define CNXK_SEC_MAX_CAPS	 5
 #define CNXK_AE_EC_ID_MAX	 8
 /**
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 0fdd91a..fae433e 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -754,6 +754,26 @@ static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 16,
+					.increment = 4
+				}
+			}, }
+		}, }
+	},
 	{	/* AES CBC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h
index 426eaa8..f5a51b5 100644
--- a/drivers/crypto/cnxk/cnxk_ipsec.h
+++ b/drivers/crypto/cnxk/cnxk_ipsec.h
@@ -20,7 +20,8 @@ struct cnxk_cpt_inst_tmpl {
 static inline int
 ipsec_xform_cipher_verify(struct rte_crypto_sym_xform *crypto_xform)
 {
-	if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {
+	if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC ||
+	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
 		switch (crypto_xform->cipher.key.length) {
 		case 16:
 		case 24:

From patchwork Tue Dec  7 06:50:55 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104981
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 4BCEFA034F;
	Tue,  7 Dec 2021 07:53:33 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 49F4542730;
	Tue,  7 Dec 2021 07:53:19 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 057D341229
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:53:17 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pHwB018294
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:53:17 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=oe+x65+jl4vOwe3bUqBzWf0ywUUg+u0T/4TIyoi0vBM=;
 b=RrgpGL8On9sE6PTSFhubUycoXP+kd1vFyV7uEB93vn3ajYWg31z/GflMqXyBwsZhY8y2
 yxP9MRLDNyILXbE0VjImnYo5NZLvOh/639akGm6rRbrxAQEc7IWHT6bU4KjqhID4ZWf2
 PV59zpfbugOXwkGqss5oMcVdoWFktcZ4n8GJJ6XO9IvZVUU651JoNyFpCgTBVGGLtsj5
 z+aHrkza8d9oQ4DMnHSQwQghtApCyDSTfnwvkMj8qmjeLcWOSC/JrUChq7gTN34/i4vx
 g4e7MFXeKBy9dr2YpKzDdRISrPOJ0PirLNvo9ATg5Tpf+Hu7m2AT9BeKY+O+/iaFB2Vr vg==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q9009n-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:53:17 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:53:15 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
 Transport; Mon, 6 Dec 2021 22:53:15 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 8784A3F7071;
 Mon,  6 Dec 2021 22:52:26 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 22/25] crypto/cnxk: fix extend tail calculation
Date: Tue, 7 Dec 2021 12:20:55 +0530
Message-ID: <1638859858-734-23-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: i3sRLmRL28F7R9OBeaOB_DV7pgb7Q0YV
X-Proofpoint-ORIG-GUID: i3sRLmRL28F7R9OBeaOB_DV7pgb7Q0YV
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

If the packet size to be incremented after IPsec processing is less
than size of hdr (size incremented before submitting), then extend_tail
can become negative. Allow negative values for the variable.

Fixes: 2474f57fc45c ("crypto/cnxk: add cn9k lookaside IPsec datapath")
Cc: marchana@marvell.com

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn9k_ipsec_la_ops.h | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/cnxk/cn9k_ipsec_la_ops.h b/drivers/crypto/cnxk/cn9k_ipsec_la_ops.h
index 2dc8913..2b0261e 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec_la_ops.h
+++ b/drivers/crypto/cnxk/cn9k_ipsec_la_ops.h
@@ -77,9 +77,10 @@ process_outb_sa(struct rte_crypto_op *cop, struct cn9k_ipsec_sa *sa,
 	const unsigned int hdr_len = sizeof(struct roc_ie_on_outb_hdr);
 	struct rte_crypto_sym_op *sym_op = cop->sym;
 	struct rte_mbuf *m_src = sym_op->m_src;
-	uint32_t dlen, rlen, extend_tail;
 	struct roc_ie_on_outb_sa *out_sa;
 	struct roc_ie_on_outb_hdr *hdr;
+	uint32_t dlen, rlen;
+	int32_t extend_tail;
 
 	out_sa = &sa->out_sa;
 
@@ -88,7 +89,8 @@ process_outb_sa(struct rte_crypto_op *cop, struct cn9k_ipsec_sa *sa,
 
 	extend_tail = rlen - dlen;
 	if (unlikely(extend_tail > rte_pktmbuf_tailroom(m_src))) {
-		plt_dp_err("Not enough tail room");
+		plt_dp_err("Not enough tail room (required: %d, available: %d",
+			   extend_tail, rte_pktmbuf_tailroom(m_src));
 		return -ENOMEM;
 	}
 

From patchwork Tue Dec  7 06:50:56 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104982
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id B9135A034F;
	Tue,  7 Dec 2021 07:53:39 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 7A00242747;
	Tue,  7 Dec 2021 07:53:26 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id D8E1542746
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:53:24 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJeL018310
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:53:24 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=1RF00qLhQ1PdMVFlbf9VDArdSuKyrWxvkMZPufPIvT4=;
 b=UdLb3pRY+YzopOo5D8jiUImSayZGlhzVrEtQA33Nj/ocEI/3qENk+eM8w/4bf43RgUBy
 //G6uqFzDOcRYW+jWQt9LahxNNgWWwJibEC6QGRZd/1Hbh6xdmtyT6STWFq8O2+DJe1/
 PO0xWmwMyU8H3mS7P8/vaXSS/GREcBqk8584i9GHV9aU1YJ/6Yi1QcHy7DZPxK1kFIbB
 t0ZiiQBAQ2Y0CgH8yPMubloA9kSZQgozQsZUYrXo9Yqxw64RrVhwmeYFMnkeewP8huj2
 15wFwcvWfj9kajWWJFSAPvVHsahQh8Vvxaecbi+2o+T0gN2vE9HDbXkZuZPEDqGZDTof KQ==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q900a0-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:53:23 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:53:22 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:53:22 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 243493F7071;
 Mon,  6 Dec 2021 22:53:19 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 23/25] crypto/cnxk: add aes xcbc and null cipher
Date: Tue, 7 Dec 2021 12:20:56 +0530
Message-ID: <1638859858-734-24-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: oH5Z-jQXufuQRBCPxnpK3IbXn4ZJwmWX
X-Proofpoint-ORIG-GUID: oH5Z-jQXufuQRBCPxnpK3IbXn4ZJwmWX
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add support for AES XCBC and NULL cipher.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 doc/guides/cryptodevs/cnxk.rst                    |  4 +
 doc/guides/rel_notes/release_22_03.rst            |  2 +
 drivers/common/cnxk/cnxk_security.c               | 48 ++++++++----
 drivers/common/cnxk/roc_ie_on.h                   | 10 +++
 drivers/crypto/cnxk/cn9k_ipsec.c                  | 93 ++++++++++++++++-------
 drivers/crypto/cnxk/cnxk_cryptodev.h              |  2 +-
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 45 +++++++++++
 drivers/crypto/cnxk/cnxk_ipsec.h                  |  7 ++
 8 files changed, 169 insertions(+), 42 deletions(-)

diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index 1239155..6e844f5 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -260,6 +260,7 @@ AEAD algorithms
 Cipher algorithms
 +++++++++++++++++
 
+* NULL
 * AES-128/192/256-CBC
 * AES-128/192/256-CTR
 
@@ -270,6 +271,7 @@ Auth algorithms
 * SHA256-128-HMAC
 * SHA384-192-HMAC
 * SHA512-256-HMAC
+* AES-XCBC-96
 
 CN10XX Features supported
 ~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -288,6 +290,7 @@ AEAD algorithms
 Cipher algorithms
 +++++++++++++++++
 
+* NULL
 * AES-128/192/256-CBC
 * AES-128/192/256-CTR
 
@@ -299,3 +302,4 @@ Auth algorithms
 * SHA256-128-HMAC
 * SHA384-192-HMAC
 * SHA512-256-HMAC
+* AES-XCBC-96
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 4b272e4..e8fec00 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -61,6 +61,8 @@ New Features
   * Added SHA384-HMAC support in lookaside protocol (IPsec) for CN9K & CN10K.
   * Added SHA512-HMAC support in lookaside protocol (IPsec) for CN9K & CN10K.
   * Added AES-CTR support in lookaside protocol (IPsec) for CN9K & CN10K.
+  * Added NULL cipher support in lookaside protocol (IPsec) for CN9K & CN10K.
+  * Added AES-XCBC support in lookaside protocol (IPsec) for CN9K & CN10K.
 
 
 Removed Items
diff --git a/drivers/common/cnxk/cnxk_security.c b/drivers/common/cnxk/cnxk_security.c
index 0d4baa9..6ebf084 100644
--- a/drivers/common/cnxk/cnxk_security.c
+++ b/drivers/common/cnxk/cnxk_security.c
@@ -120,6 +120,9 @@ ot_ipsec_sa_common_param_fill(union roc_ot_ipsec_sa_word2 *w2,
 		}
 	} else {
 		switch (cipher_xfrm->cipher.algo) {
+		case RTE_CRYPTO_CIPHER_NULL:
+			w2->s.enc_type = ROC_IE_OT_SA_ENC_NULL;
+			break;
 		case RTE_CRYPTO_CIPHER_AES_CBC:
 			w2->s.enc_type = ROC_IE_OT_SA_ENC_AES_CBC;
 			break;
@@ -146,11 +149,19 @@ ot_ipsec_sa_common_param_fill(union roc_ot_ipsec_sa_word2 *w2,
 		case RTE_CRYPTO_AUTH_SHA512_HMAC:
 			w2->s.auth_type = ROC_IE_OT_SA_AUTH_SHA2_512;
 			break;
+		case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+			w2->s.auth_type = ROC_IE_OT_SA_AUTH_AES_XCBC_128;
+			break;
 		default:
 			return -ENOTSUP;
 		}
 
-		ipsec_hmac_opad_ipad_gen(auth_xfrm, hmac_opad_ipad);
+		if (auth_xfrm->auth.algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC) {
+			const uint8_t *auth_key = auth_xfrm->auth.key.data;
+			roc_aes_xcbc_key_derive(auth_key, hmac_opad_ipad);
+		} else {
+			ipsec_hmac_opad_ipad_gen(auth_xfrm, hmac_opad_ipad);
+		}
 
 		tmp_key = (uint64_t *)hmac_opad_ipad;
 		for (i = 0;
@@ -174,18 +185,26 @@ ot_ipsec_sa_common_param_fill(union roc_ot_ipsec_sa_word2 *w2,
 	for (i = 0; i < (int)(ROC_CTX_MAX_CKEY_LEN / sizeof(uint64_t)); i++)
 		tmp_key[i] = rte_be_to_cpu_64(tmp_key[i]);
 
-	switch (length) {
-	case ROC_CPT_AES128_KEY_LEN:
-		w2->s.aes_key_len = ROC_IE_SA_AES_KEY_LEN_128;
-		break;
-	case ROC_CPT_AES192_KEY_LEN:
-		w2->s.aes_key_len = ROC_IE_SA_AES_KEY_LEN_192;
-		break;
-	case ROC_CPT_AES256_KEY_LEN:
-		w2->s.aes_key_len = ROC_IE_SA_AES_KEY_LEN_256;
-		break;
-	default:
-		return -EINVAL;
+	/* Set AES key length */
+	if (w2->s.enc_type == ROC_IE_OT_SA_ENC_AES_CBC ||
+	    w2->s.enc_type == ROC_IE_OT_SA_ENC_AES_CCM ||
+	    w2->s.enc_type == ROC_IE_OT_SA_ENC_AES_CTR ||
+	    w2->s.enc_type == ROC_IE_OT_SA_ENC_AES_GCM ||
+	    w2->s.auth_type == ROC_IE_OT_SA_AUTH_AES_GMAC) {
+		switch (length) {
+		case ROC_CPT_AES128_KEY_LEN:
+			w2->s.aes_key_len = ROC_IE_SA_AES_KEY_LEN_128;
+			break;
+		case ROC_CPT_AES192_KEY_LEN:
+			w2->s.aes_key_len = ROC_IE_SA_AES_KEY_LEN_192;
+			break;
+		case ROC_CPT_AES256_KEY_LEN:
+			w2->s.aes_key_len = ROC_IE_SA_AES_KEY_LEN_256;
+			break;
+		default:
+			plt_err("Invalid AES key length");
+			return -EINVAL;
+		}
 	}
 
 	if (ipsec_xfrm->life.packets_soft_limit != 0 ||
@@ -815,6 +834,9 @@ cnxk_ipsec_icvlen_get(enum rte_crypto_cipher_algorithm c_algo,
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
 		icv = 32;
 		break;
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+		icv = 12;
+		break;
 	default:
 		break;
 	}
diff --git a/drivers/common/cnxk/roc_ie_on.h b/drivers/common/cnxk/roc_ie_on.h
index 817ef33..cb56a70 100644
--- a/drivers/common/cnxk/roc_ie_on.h
+++ b/drivers/common/cnxk/roc_ie_on.h
@@ -181,6 +181,11 @@ struct roc_ie_on_outb_sa {
 			struct roc_ie_on_ip_template template;
 		} sha1;
 		struct {
+			uint8_t key[16];
+			uint8_t unused[32];
+			struct roc_ie_on_ip_template template;
+		} aes_xcbc;
+		struct {
 			uint8_t hmac_key[64];
 			uint8_t hmac_iv[64];
 			struct roc_ie_on_ip_template template;
@@ -202,6 +207,11 @@ struct roc_ie_on_inb_sa {
 			struct roc_ie_on_traffic_selector selector;
 		} sha1_or_gcm;
 		struct {
+			uint8_t key[16];
+			uint8_t unused[32];
+			struct roc_ie_on_traffic_selector selector;
+		} aes_xcbc;
+		struct {
 			uint8_t hmac_key[64];
 			uint8_t hmac_iv[64];
 			struct roc_ie_on_traffic_selector selector;
diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 65f46b2..06f6c20 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -118,7 +118,7 @@ ipsec_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
 		 struct roc_ie_on_sa_ctl *ctl)
 {
 	struct rte_crypto_sym_xform *cipher_xform, *auth_xform;
-	int aes_key_len;
+	int aes_key_len = 0;
 
 	if (ipsec->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
 		ctl->direction = ROC_IE_SA_DIR_OUTBOUND;
@@ -157,37 +157,33 @@ ipsec_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
 		return -EINVAL;
 
 	if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
-		if (crypto_xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+		switch (crypto_xform->aead.algo) {
+		case RTE_CRYPTO_AEAD_AES_GCM:
 			ctl->enc_type = ROC_IE_ON_SA_ENC_AES_GCM;
 			aes_key_len = crypto_xform->aead.key.length;
-		} else {
+			break;
+		default:
+			plt_err("Unsupported AEAD algorithm");
 			return -ENOTSUP;
 		}
-	} else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {
-		ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CBC;
-		aes_key_len = cipher_xform->cipher.key.length;
-	} else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
-		ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CTR;
-		aes_key_len = cipher_xform->cipher.key.length;
 	} else {
-		return -ENOTSUP;
-	}
-
-	switch (aes_key_len) {
-	case 16:
-		ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_128;
-		break;
-	case 24:
-		ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_192;
-		break;
-	case 32:
-		ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_256;
-		break;
-	default:
-		return -EINVAL;
-	}
+		switch (cipher_xform->cipher.algo) {
+		case RTE_CRYPTO_CIPHER_NULL:
+			ctl->enc_type = ROC_IE_ON_SA_ENC_NULL;
+			break;
+		case RTE_CRYPTO_CIPHER_AES_CBC:
+			ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CBC;
+			aes_key_len = cipher_xform->cipher.key.length;
+			break;
+		case RTE_CRYPTO_CIPHER_AES_CTR:
+			ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CTR;
+			aes_key_len = cipher_xform->cipher.key.length;
+			break;
+		default:
+			plt_err("Unsupported cipher algorithm");
+			return -ENOTSUP;
+		}
 
-	if (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD) {
 		switch (auth_xform->auth.algo) {
 		case RTE_CRYPTO_AUTH_NULL:
 			ctl->auth_type = ROC_IE_ON_SA_AUTH_NULL;
@@ -217,10 +213,33 @@ ipsec_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
 			ctl->auth_type = ROC_IE_ON_SA_AUTH_AES_XCBC_128;
 			break;
 		default:
+			plt_err("Unsupported auth algorithm");
 			return -ENOTSUP;
 		}
 	}
 
+	/* Set AES key length */
+	if (ctl->enc_type == ROC_IE_ON_SA_ENC_AES_CBC ||
+	    ctl->enc_type == ROC_IE_ON_SA_ENC_AES_CCM ||
+	    ctl->enc_type == ROC_IE_ON_SA_ENC_AES_CTR ||
+	    ctl->enc_type == ROC_IE_ON_SA_ENC_AES_GCM ||
+	    ctl->auth_type == ROC_IE_ON_SA_AUTH_AES_GMAC) {
+		switch (aes_key_len) {
+		case 16:
+			ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_128;
+			break;
+		case 24:
+			ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_192;
+			break;
+		case 32:
+			ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_256;
+			break;
+		default:
+			plt_err("Invalid AES key length");
+			return -EINVAL;
+		}
+	}
+
 	if (ipsec->options.esn)
 		ctl->esn_en = 1;
 
@@ -267,8 +286,6 @@ fill_ipsec_common_sa(struct rte_security_ipsec_xform *ipsec,
 
 	if (cipher_key_len != 0)
 		memcpy(common_sa->cipher_key, cipher_key, cipher_key_len);
-	else
-		return -EINVAL;
 
 	return 0;
 }
@@ -337,7 +354,13 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 			ctx_len = offsetof(struct roc_ie_on_outb_sa,
 					   sha2.template);
 			break;
+		case ROC_IE_ON_SA_AUTH_AES_XCBC_128:
+			template = &out_sa->aes_xcbc.template;
+			ctx_len = offsetof(struct roc_ie_on_outb_sa,
+					   aes_xcbc.template);
+			break;
 		default:
+			plt_err("Unsupported auth algorithm");
 			return -EINVAL;
 		}
 	}
@@ -419,6 +442,9 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 		case RTE_CRYPTO_AUTH_SHA512_HMAC:
 			memcpy(out_sa->sha2.hmac_key, auth_key, auth_key_len);
 			break;
+		case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+			memcpy(out_sa->aes_xcbc.key, auth_key, auth_key_len);
+			break;
 		default:
 			plt_err("Unsupported auth algorithm %u",
 				auth_xform->auth.algo);
@@ -505,6 +531,11 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
 			ctx_len = offsetof(struct roc_ie_on_inb_sa,
 					   sha2.selector);
 			break;
+		case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+			memcpy(in_sa->aes_xcbc.key, auth_key, auth_key_len);
+			ctx_len = offsetof(struct roc_ie_on_inb_sa,
+					   aes_xcbc.selector);
+			break;
 		default:
 			plt_err("Unsupported auth algorithm %u",
 				auth_xform->auth.algo);
@@ -597,6 +628,12 @@ cn9k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec,
 				plt_err("Transport mode AES-CBC SHA2 HMAC 512 is not supported");
 				return -ENOTSUP;
 			}
+
+			if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+			    (auth->algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC)) {
+				plt_err("Transport mode AES-CBC AES-XCBC is not supported");
+				return -ENOTSUP;
+			}
 		}
 	}
 
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 4a1e377..16e7572 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -11,7 +11,7 @@
 #include "roc_cpt.h"
 
 #define CNXK_CPT_MAX_CAPS	 34
-#define CNXK_SEC_CRYPTO_MAX_CAPS 9
+#define CNXK_SEC_CRYPTO_MAX_CAPS 11
 #define CNXK_SEC_MAX_CAPS	 5
 #define CNXK_AE_EC_ID_MAX	 8
 /**
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index fae433e..a0b2a1f 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -794,6 +794,26 @@ static const struct rte_cryptodev_capabilities sec_caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* AES-XCBC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{ .sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0,
+				},
+			}, }
+		}, }
+	},
 };
 
 static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
@@ -879,6 +899,29 @@ static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
 	},
 };
 
+static const struct rte_cryptodev_capabilities sec_caps_null[] = {
+	{	/* NULL (CIPHER) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_NULL,
+				.block_size = 1,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, },
+		}, }
+	},
+};
+
 static const struct rte_security_capability sec_caps_templ[] = {
 	{	/* IPsec Lookaside Protocol ESP Tunnel Ingress */
 		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
@@ -1069,6 +1112,8 @@ sec_crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[],
 	else
 		cn9k_sec_crypto_caps_update(cnxk_caps);
 
+	sec_caps_add(cnxk_caps, &cur_pos, sec_caps_null,
+		     RTE_DIM(sec_caps_null));
 	sec_caps_add(cnxk_caps, &cur_pos, caps_end, RTE_DIM(caps_end));
 }
 
diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h
index f5a51b5..f50d9fa 100644
--- a/drivers/crypto/cnxk/cnxk_ipsec.h
+++ b/drivers/crypto/cnxk/cnxk_ipsec.h
@@ -20,6 +20,9 @@ struct cnxk_cpt_inst_tmpl {
 static inline int
 ipsec_xform_cipher_verify(struct rte_crypto_sym_xform *crypto_xform)
 {
+	if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+		return 0;
+
 	if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC ||
 	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
 		switch (crypto_xform->cipher.key.length) {
@@ -58,6 +61,10 @@ ipsec_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)
 			return 0;
 	}
 
+	if (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC &&
+	    keylen == ROC_CPT_AES_XCBC_KEY_LENGTH)
+		return 0;
+
 	return -ENOTSUP;
 }
 

From patchwork Tue Dec  7 06:50:57 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104983
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id ED321A034F;
	Tue,  7 Dec 2021 07:53:45 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 7F4FF42755;
	Tue,  7 Dec 2021 07:53:29 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 6CE1041203
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:53:28 +0100 (CET)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B75a0XA014931
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:53:27 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=8j0jgu80QAaaVrSLam6iZs/VmWFPKXKhtzt+gwyFf7g=;
 b=E8+e1GgMaMUULz7B6E+I35d3+Vnt8OsiYvHSz6ZAwHJFYRLTWrIWP9ji9bLLioOvRH9e
 uGiqSLwNv4oWwZB789Lc5n97xSnJwtGI9+qAs+x2ASTglgG6axxD8ee6SpCQsLsVzIk5
 dFxd09+AExxHfwISsf97a1LEcOG8Cwg30CHsGMWKdvOQNOKBfeEGxruAEX0kDUHJhioU
 gJQt256bqKUV7wbib2ebWL5xX9Oy+B0Wa+imeP2tUov5uRkWUMOq8l7gWpKCQUyKd9Ve
 ADXGpxMuJG2j0tiWdvp8J+MLKaNlfbfFgzms2jY4CUofmi7/27aI4RIwOu2lTHvEDjHe gw==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3ct1hyg7p3-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:53:27 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Mon, 6 Dec 2021 22:53:25 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:53:25 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id B29293F7071;
 Mon,  6 Dec 2021 22:53:23 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 24/25] crypto/cnxk: add copy and set DF
Date: Tue, 7 Dec 2021 12:20:57 +0530
Message-ID: <1638859858-734-25-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: Ph7hF7FLv5uyY8QOjh7wmadRNyvzsKx5
X-Proofpoint-GUID: Ph7hF7FLv5uyY8QOjh7wmadRNyvzsKx5
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add support for copy and set DF bit.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cn9k_ipsec.c                  | 7 ++++++-
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/cnxk/cn9k_ipsec.c b/drivers/crypto/cnxk/cn9k_ipsec.c
index 06f6c20..5bc0a50 100644
--- a/drivers/crypto/cnxk/cn9k_ipsec.c
+++ b/drivers/crypto/cnxk/cn9k_ipsec.c
@@ -246,6 +246,8 @@ ipsec_sa_ctl_set(struct rte_security_ipsec_xform *ipsec,
 	if (ipsec->options.udp_encap == 1)
 		ctl->encap_type = ROC_IE_ON_SA_ENCAP_UDP;
 
+	ctl->copy_df = ipsec->options.copy_df;
+
 	ctl->spi = rte_cpu_to_be_32(ipsec->spi);
 
 	rte_io_wmb();
@@ -376,13 +378,16 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
 
 	if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) {
 		if (ipsec->tunnel.type == RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+			uint16_t frag_off = 0;
 			ctx_len += sizeof(template->ip4);
 
 			ip4->version_ihl = RTE_IPV4_VHL_DEF;
 			ip4->time_to_live = ipsec->tunnel.ipv4.ttl;
 			ip4->type_of_service |= (ipsec->tunnel.ipv4.dscp << 2);
 			if (ipsec->tunnel.ipv4.df)
-				ip4->fragment_offset = BIT(14);
+				frag_off |= RTE_IPV4_HDR_DF_FLAG;
+			ip4->fragment_offset = rte_cpu_to_be_16(frag_off);
+
 			memcpy(&ip4->src_addr, &ipsec->tunnel.ipv4.src_ip,
 			       sizeof(struct in_addr));
 			memcpy(&ip4->dst_addr, &ipsec->tunnel.ipv4.dst_ip,
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index a0b2a1f..69ee0d9 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -1121,6 +1121,7 @@ static void
 cnxk_sec_caps_update(struct rte_security_capability *sec_cap)
 {
 	sec_cap->ipsec.options.udp_encap = 1;
+	sec_cap->ipsec.options.copy_df = 1;
 }
 
 static void

From patchwork Tue Dec  7 06:50:58 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 104984
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 24255A034F;
	Tue,  7 Dec 2021 07:53:54 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 2068F41238;
	Tue,  7 Dec 2021 07:53:33 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id C924B411E6
 for <dev@dpdk.org>; Tue,  7 Dec 2021 07:53:31 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id
 1B76pJwA018306
 for <dev@dpdk.org>; Mon, 6 Dec 2021 22:53:31 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=BzIvzfKNZsJHkujVIrPwKrUh46z+w5r25RHzSyzdUao=;
 b=GMeTDDH1I2mvy6i491phSa4T5MFUNWvPqpVOlz3S11+B3Xhej+6NN+6W8Y2mzy6BSm02
 LEmISmkqMVKNUFNvVmayqSdYZQfRdV6jROA7lzf9YsvHyIipZ5sxJV/SgjEYisRSgPE8
 XDN33E5ZH8EMZL/SrkM6ET1+GQJNUsu3mPHf8iZPZEdDhpZkq3mh6+gmRNQU0VeYlaWC
 wnfZawvOY2BqFsdeszhoNK1G/B0bqQkzpxAdizRolWKPkMAyPsFtA2ix6rS64sN1dWnX
 7i6/n04/11q/hR0g2ao/MnVYF50UXK3HSz9xYdJv9YaeJK+OrZq1IaXOT97INpdybIFJ Eg==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ct2q900aq-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Mon, 06 Dec 2021 22:53:30 -0800
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Mon, 6 Dec 2021 22:53:29 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Mon, 6 Dec 2021 22:53:29 -0800
Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])
 by maili.marvell.com (Postfix) with ESMTP id 3A9623F7071;
 Mon,  6 Dec 2021 22:53:26 -0800 (PST)
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Archana Muniganti
 <marchana@marvell.com>,
 Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 25/25] crypto/cnxk: add aes cmac
Date: Tue, 7 Dec 2021 12:20:58 +0530
Message-ID: <1638859858-734-26-git-send-email-anoobj@marvell.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1638859858-734-1-git-send-email-anoobj@marvell.com>
References: <1638859858-734-1-git-send-email-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: 4-64aMrVdT3j3mZxzBeSGxeraHL9807u
X-Proofpoint-ORIG-GUID: 4-64aMrVdT3j3mZxzBeSGxeraHL9807u
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2021-12-07_02,2021-12-06_02,2021-12-02_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add support for AES CMAC auth algorithm.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 doc/guides/cryptodevs/cnxk.rst                    |  1 +
 doc/guides/cryptodevs/features/cn10k.ini          | 37 +++++++-------
 doc/guides/cryptodevs/features/cn9k.ini           | 37 +++++++-------
 doc/guides/rel_notes/release_22_03.rst            |  1 +
 drivers/common/cnxk/roc_se.h                      |  8 +--
 drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c | 20 ++++++++
 drivers/crypto/cnxk/cnxk_se.h                     | 60 ++++++++++++++---------
 7 files changed, 103 insertions(+), 61 deletions(-)

diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index 6e844f5..3c58517 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -61,6 +61,7 @@ Hash algorithms:
 * ``RTE_CRYPTO_AUTH_SHA512_HMAC``
 * ``RTE_CRYPTO_AUTH_SNOW3G_UIA2``
 * ``RTE_CRYPTO_AUTH_ZUC_EIA3``
+* ``RTE_CRYPTO_AUTH_AES_CMAC``
 
 AEAD algorithms:
 
diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini
index ab21d9d..c8193c2 100644
--- a/doc/guides/cryptodevs/features/cn10k.ini
+++ b/doc/guides/cryptodevs/features/cn10k.ini
@@ -41,23 +41,26 @@ ZUC EEA3       = Y
 ; Supported authentication algorithms of 'cn10k' crypto driver.
 ;
 [Auth]
-NULL         = Y
-AES GMAC     = Y
-KASUMI F9    = Y
-MD5          = Y
-MD5 HMAC     = Y
-SHA1         = Y
-SHA1 HMAC    = Y
-SHA224       = Y
-SHA224 HMAC  = Y
-SHA256       = Y
-SHA256 HMAC  = Y
-SHA384       = Y
-SHA384 HMAC  = Y
-SHA512       = Y
-SHA512 HMAC  = Y
-SNOW3G UIA2  = Y
-ZUC EIA3     = Y
+NULL            = Y
+AES GMAC        = Y
+KASUMI F9       = Y
+MD5             = Y
+MD5 HMAC        = Y
+SHA1            = Y
+SHA1 HMAC       = Y
+SHA224          = Y
+SHA224 HMAC     = Y
+SHA256          = Y
+SHA256 HMAC     = Y
+SHA384          = Y
+SHA384 HMAC     = Y
+SHA512          = Y
+SHA512 HMAC     = Y
+SNOW3G UIA2     = Y
+ZUC EIA3        = Y
+AES CMAC (128)  = Y
+AES CMAC (192)  = Y
+AES CMAC (256)  = Y
 
 ;
 ; Supported AEAD algorithms of 'cn10k' crypto driver.
diff --git a/doc/guides/cryptodevs/features/cn9k.ini b/doc/guides/cryptodevs/features/cn9k.ini
index d834659..f215ee0 100644
--- a/doc/guides/cryptodevs/features/cn9k.ini
+++ b/doc/guides/cryptodevs/features/cn9k.ini
@@ -40,23 +40,26 @@ ZUC EEA3       = Y
 ; Supported authentication algorithms of 'cn9k' crypto driver.
 ;
 [Auth]
-NULL         = Y
-AES GMAC     = Y
-KASUMI F9    = Y
-MD5          = Y
-MD5 HMAC     = Y
-SHA1         = Y
-SHA1 HMAC    = Y
-SHA224       = Y
-SHA224 HMAC  = Y
-SHA256       = Y
-SHA256 HMAC  = Y
-SHA384       = Y
-SHA384 HMAC  = Y
-SHA512       = Y
-SHA512 HMAC  = Y
-SNOW3G UIA2  = Y
-ZUC EIA3     = Y
+NULL            = Y
+AES GMAC        = Y
+KASUMI F9       = Y
+MD5             = Y
+MD5 HMAC        = Y
+SHA1            = Y
+SHA1 HMAC       = Y
+SHA224          = Y
+SHA224 HMAC     = Y
+SHA256          = Y
+SHA256 HMAC     = Y
+SHA384          = Y
+SHA384 HMAC     = Y
+SHA512          = Y
+SHA512 HMAC     = Y
+SNOW3G UIA2     = Y
+ZUC EIA3        = Y
+AES CMAC (128)  = Y
+AES CMAC (192)  = Y
+AES CMAC (256)  = Y
 
 ;
 ; Supported AEAD algorithms of 'cn9k' crypto driver.
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index e8fec00..72e758e 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -63,6 +63,7 @@ New Features
   * Added AES-CTR support in lookaside protocol (IPsec) for CN9K & CN10K.
   * Added NULL cipher support in lookaside protocol (IPsec) for CN9K & CN10K.
   * Added AES-XCBC support in lookaside protocol (IPsec) for CN9K & CN10K.
+  * Added AES-CMAC support in CN9K & CN10K.
 
 
 Removed Items
diff --git a/drivers/common/cnxk/roc_se.h b/drivers/common/cnxk/roc_se.h
index 253575a..145a182 100644
--- a/drivers/common/cnxk/roc_se.h
+++ b/drivers/common/cnxk/roc_se.h
@@ -11,10 +11,10 @@
 #define ROC_SE_FC_MINOR_OP_DECRYPT    0x1
 #define ROC_SE_FC_MINOR_OP_HMAC_FIRST 0x10
 
-#define ROC_SE_MAJOR_OP_HASH	   0x34
-#define ROC_SE_MAJOR_OP_HMAC	   0x35
-#define ROC_SE_MAJOR_OP_ZUC_SNOW3G 0x37
-#define ROC_SE_MAJOR_OP_KASUMI	   0x38
+#define ROC_SE_MAJOR_OP_HASH   0x34
+#define ROC_SE_MAJOR_OP_HMAC   0x35
+#define ROC_SE_MAJOR_OP_PDCP   0x37
+#define ROC_SE_MAJOR_OP_KASUMI 0x38
 
 #define ROC_SE_MAJOR_OP_MISC		 0x01
 #define ROC_SE_MISC_MINOR_OP_PASSTHROUGH 0x03
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 69ee0d9..457e166 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -568,6 +568,26 @@ static const struct rte_cryptodev_capabilities caps_aes[] = {
 			}, }
 		}, }
 	},
+	{	/* AES CMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_AES_CMAC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 4,
+					.max = 4,
+					.increment = 0
+				},
+			}, }
+		}, }
+	},
 };
 
 static const struct rte_cryptodev_capabilities caps_kasumi[] = {
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index a8cd2c5..e988d57 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -73,11 +73,15 @@ pdcp_iv_copy(uint8_t *iv_d, uint8_t *iv_s, const uint8_t pdcp_alg_type,
 		for (j = 0; j < 4; j++)
 			iv_temp[j] = iv_s_temp[3 - j];
 		memcpy(iv_d, iv_temp, 16);
-	} else {
+	} else if (pdcp_alg_type == ROC_SE_PDCP_ALG_TYPE_ZUC) {
 		/* ZUC doesn't need a swap */
 		memcpy(iv_d, iv_s, 16);
 		if (pack_iv)
 			cpt_pack_iv(iv_s, iv_d);
+	} else {
+		/* AES-CMAC EIA2, microcode expects 16B zeroized IV */
+		for (j = 0; j < 4; j++)
+			iv_d[j] = 0;
 	}
 }
 
@@ -992,8 +996,8 @@ cpt_dec_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 }
 
 static __rte_always_inline int
-cpt_zuc_snow3g_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
-		    struct roc_se_fc_params *params, struct cpt_inst_s *inst)
+cpt_pdcp_alg_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
+		  struct roc_se_fc_params *params, struct cpt_inst_s *inst)
 {
 	uint32_t size;
 	int32_t inputlen, outputlen;
@@ -1014,33 +1018,43 @@ cpt_zuc_snow3g_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 	mac_len = se_ctx->mac_len;
 	pdcp_alg_type = se_ctx->pdcp_alg_type;
 
-	cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_ZUC_SNOW3G;
-
+	cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_PDCP;
 	cpt_inst_w4.s.opcode_minor = se_ctx->template_w4.s.opcode_minor;
 
 	if (flags == 0x1) {
 		iv_s = params->auth_iv_buf;
-		iv_len = params->auth_iv_len;
-
-		if (iv_len == 25) {
-			iv_len -= 2;
-			pack_iv = 1;
-		}
 
 		/*
 		 * Microcode expects offsets in bytes
 		 * TODO: Rounding off
 		 */
 		auth_data_len = ROC_SE_AUTH_DLEN(d_lens);
-
-		/* EIA3 or UIA2 */
 		auth_offset = ROC_SE_AUTH_OFFSET(d_offs);
-		auth_offset = auth_offset / 8;
 
-		/* consider iv len */
-		auth_offset += iv_len;
+		if (se_ctx->pdcp_alg_type != ROC_SE_PDCP_ALG_TYPE_AES_CTR) {
+			iv_len = params->auth_iv_len;
+
+			if (iv_len == 25) {
+				iv_len -= 2;
+				pack_iv = 1;
+			}
+
+			auth_offset = auth_offset / 8;
+
+			/* consider iv len */
+			auth_offset += iv_len;
+
+			inputlen =
+				auth_offset + (RTE_ALIGN(auth_data_len, 8) / 8);
+		} else {
+			iv_len = 16;
+
+			/* consider iv len */
+			auth_offset += iv_len;
+
+			inputlen = auth_offset + auth_data_len;
+		}
 
-		inputlen = auth_offset + (RTE_ALIGN(auth_data_len, 8) / 8);
 		outputlen = mac_len;
 
 		offset_ctrl = rte_cpu_to_be_64((uint64_t)auth_offset);
@@ -1056,7 +1070,6 @@ cpt_zuc_snow3g_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 			pack_iv = 1;
 		}
 
-		/* EEA3 or UEA2 */
 		/*
 		 * Microcode expects offsets in bytes
 		 * TODO: Rounding off
@@ -1589,8 +1602,7 @@ cpt_fc_dec_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 	if (likely(fc_type == ROC_SE_FC_GEN)) {
 		ret = cpt_dec_hmac_prep(flags, d_offs, d_lens, fc_params, inst);
 	} else if (fc_type == ROC_SE_PDCP) {
-		ret = cpt_zuc_snow3g_prep(flags, d_offs, d_lens, fc_params,
-					  inst);
+		ret = cpt_pdcp_alg_prep(flags, d_offs, d_lens, fc_params, inst);
 	} else if (fc_type == ROC_SE_KASUMI) {
 		ret = cpt_kasumi_dec_prep(d_offs, d_lens, fc_params, inst);
 	}
@@ -1618,8 +1630,7 @@ cpt_fc_enc_hmac_prep(uint32_t flags, uint64_t d_offs, uint64_t d_lens,
 	if (likely(fc_type == ROC_SE_FC_GEN)) {
 		ret = cpt_enc_hmac_prep(flags, d_offs, d_lens, fc_params, inst);
 	} else if (fc_type == ROC_SE_PDCP) {
-		ret = cpt_zuc_snow3g_prep(flags, d_offs, d_lens, fc_params,
-					  inst);
+		ret = cpt_pdcp_alg_prep(flags, d_offs, d_lens, fc_params, inst);
 	} else if (fc_type == ROC_SE_KASUMI) {
 		ret = cpt_kasumi_enc_prep(flags, d_offs, d_lens, fc_params,
 					  inst);
@@ -1883,8 +1894,11 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 		auth_type = 0;
 		is_null = 1;
 		break;
-	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
 	case RTE_CRYPTO_AUTH_AES_CMAC:
+		auth_type = ROC_SE_AES_CMAC_EIA2;
+		zsk_flag = ROC_SE_ZS_IA;
+		break;
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
 	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
 		plt_dp_err("Crypto: Unsupported hash algo %u", a_form->algo);
 		return -1;