diff mbox series

[v3,19/24] crypto/dpaa2_sec/hw: support ZUCE and ZUCA

Message ID	20190930144104.12742-20-akhil.goyal@nxp.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Akhil Goyal <akhil.goyal@nxp.com> To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg <vakul.garg@nxp.com>, Hemant Agrawal <hemant.agrawal@nxp.com> Date: Mon, 30 Sep 2019 20:10:59 +0530 Message-Id: <20190930144104.12742-20-akhil.goyal@nxp.com> In-Reply-To: <20190930144104.12742-1-akhil.goyal@nxp.com> References: <20190930115237.5073-1-akhil.goyal@nxp.com> <20190930144104.12742-1-akhil.goyal@nxp.com> Subject: [dpdk-dev] [PATCH v3 19/24] crypto/dpaa2_sec/hw: support ZUCE and ZUCA Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	crypto/dpaaX_sec: Support Wireless algos \| [v3,00/24] crypto/dpaaX_sec: Support Wireless algos [v3,01/24] drivers/crypto: support PDCP 12-bit c-plane processing [v3,02/24] drivers/crypto: support PDCP u-plane with integrity [v3,03/24] security: add hfn override option in PDCP [v3,04/24] drivers/crypto: support hfn override for NXP PMDs [v3,05/24] crypto/dpaa2_sec: update desc for pdcp 18bit enc-auth [v3,06/24] crypto/dpaa2_sec: support CAAM HW era 10 [v3,07/24] crypto/dpaa2_sec/hw: update 12bit SN desc for NULL auth [v3,08/24] crypto/dpaa_sec: support scatter gather for PDCP [v3,09/24] crypto/dpaa2_sec: support scatter gather for proto offloads [v3,10/24] crypto/dpaa2_sec: disable 'write-safe' for PDCP [v3,11/24] crypto/dpaa2_sec/hw: support 18-bit PDCP enc-auth cases [v3,12/24] crypto/dpaa2_sec/hw: support aes-aes 18-bit PDCP [v3,13/24] crypto/dpaa2_sec/hw: support zuc-zuc 18-bit PDCP [v3,14/24] crypto/dpaa2_sec/hw: support snow-snow 18-bit PDCP [v3,15/24] crypto/dpaa2_sec/hw: support snow-f8 [v3,16/24] crypto/dpaa2_sec/hw: support snow-f9 [v3,17/24] crypto/dpaa2_sec: support snow3g cipher/integrity [v3,18/24] crypto/dpaa2_sec/hw: support kasumi [v3,19/24] crypto/dpaa2_sec/hw: support ZUCE and ZUCA [v3,20/24] crypto/dpaa2_sec: support zuc ciphering/integrity [v3,21/24] crypto/dpaa2_sec: allocate context as per num segs [v3,22/24] crypto/dpaa_sec: dynamic contxt buffer for SG cases [v3,23/24] crypto/dpaa_sec: change per cryptodev pool to per qp [v3,24/24] crypto/dpaa2_sec: improve debug logging

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK

Commit Message

Akhil Goyal Sept. 30, 2019, 2:40 p.m. UTC

  From: Vakul Garg <vakul.garg@nxp.com>

This patch add support for ZUC Encryption and ZUC Authentication.
Before passing to CAAM, the 16-byte ZUCA IV is converted to 8-byte
format which consists of 38-bits of count||bearer|direction.

Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/dpaa2_sec/hw/desc/algo.h | 136 +++++++++++++++++++++++-
 1 file changed, 132 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h
index 4316ca15e..32ce787fa 100644
--- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h
+++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h
@@ -17,6 +17,103 @@ 
  * Shared descriptors for algorithms (i.e. not for protocols).
  */
 
+/**
+ * cnstr_shdsc_zuce - ZUC Enc (EEA2) as a shared descriptor
+ * @descbuf: pointer to descriptor-under-construction buffer
+ * @ps: if 36/40bit addressing is desired, this parameter must be true
+ * @swap: must be true when core endianness doesn't match SEC endianness
+ * @cipherdata: pointer to block cipher transform definitions
+ * @dir: Cipher direction (DIR_ENC/DIR_DEC)
+ *
+ * Return: size of descriptor written in words or negative number on error
+ */
+static inline int
+cnstr_shdsc_zuce(uint32_t *descbuf, bool ps, bool swap,
+		    struct alginfo *cipherdata, uint8_t dir)
+{
+	struct program prg;
+	struct program *p = &prg;
+
+	PROGRAM_CNTXT_INIT(p, descbuf, 0);
+	if (swap)
+		PROGRAM_SET_BSWAP(p);
+
+	if (ps)
+		PROGRAM_SET_36BIT_ADDR(p);
+	SHR_HDR(p, SHR_ALWAYS, 1, 0);
+
+	KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key,
+	    cipherdata->keylen, INLINE_KEY(cipherdata));
+
+	SEQLOAD(p, CONTEXT1, 0, 16, 0);
+
+	MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0);
+	MATHB(p, SEQINSZ, SUB, MATH2, VSEQOUTSZ, 4, 0);
+	ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCE, OP_ALG_AAI_F8,
+		      OP_ALG_AS_INITFINAL, 0, dir);
+	SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1);
+	SEQFIFOSTORE(p, MSG, 0, 0, VLF);
+
+	return PROGRAM_FINALIZE(p);
+}
+
+/**
+ * cnstr_shdsc_zuca - ZUC Auth (EIA2) as a shared descriptor
+ * @descbuf: pointer to descriptor-under-construction buffer
+ * @ps: if 36/40bit addressing is desired, this parameter must be true
+ * @swap: must be true when core endianness doesn't match SEC endianness
+ * @authdata: pointer to authentication transform definitions
+ * @chk_icv: Whether to compare and verify ICV (true/false)
+ * @authlen: size of digest
+ *
+ * The IV prepended before hmac payload must be 8 bytes consisting
+ * of COUNT||BEAERER||DIR. The COUNT is of 32-bits, bearer is of 5 bits and
+ * direction is of 1 bit - totalling to 38 bits.
+ *
+ * Return: size of descriptor written in words or negative number on error
+ */
+static inline int
+cnstr_shdsc_zuca(uint32_t *descbuf, bool ps, bool swap,
+		 struct alginfo *authdata, uint8_t chk_icv,
+		 uint32_t authlen)
+{
+	struct program prg;
+	struct program *p = &prg;
+	int dir = chk_icv ? DIR_DEC : DIR_ENC;
+
+	PROGRAM_CNTXT_INIT(p, descbuf, 0);
+	if (swap)
+		PROGRAM_SET_BSWAP(p);
+
+	if (ps)
+		PROGRAM_SET_36BIT_ADDR(p);
+	SHR_HDR(p, SHR_ALWAYS, 1, 0);
+
+	KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
+	    authdata->keylen, INLINE_KEY(authdata));
+
+	SEQLOAD(p, CONTEXT2, 0, 8, 0);
+
+	if (chk_icv == ICV_CHECK_ENABLE)
+		MATHB(p, SEQINSZ, SUB, authlen, VSEQINSZ, 4, IMMED2);
+	else
+		MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0);
+
+	ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCA, OP_ALG_AAI_F9,
+		      OP_ALG_AS_INITFINAL, chk_icv, dir);
+
+	SEQFIFOLOAD(p, MSG2, 0, VLF | CLASS2 | LAST2);
+
+	if (chk_icv == ICV_CHECK_ENABLE)
+		SEQFIFOLOAD(p, ICV2, authlen, LAST2);
+	else
+		/* Save lower half of MAC out into a 32-bit sequence */
+		SEQSTORE(p, CONTEXT2, 0, authlen, 0);
+
+	return PROGRAM_FINALIZE(p);
+}
+
+
 /**
  * cnstr_shdsc_snow_f8 - SNOW/f8 (UEA2) as a shared descriptor
  * @descbuf: pointer to descriptor-under-construction buffer
@@ -58,11 +155,43 @@  cnstr_shdsc_snow_f8(uint32_t *descbuf, bool ps, bool swap,
 }
 
 /**
- * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16bit to 12 bit convert
+ * conv_to_zuc_eia_iv - ZUCA IV 16-byte to 8-byte convert
+ * function for 3G.
+ * @iv: 16 bytes of original IV data.
+ *
+ * From the original IV, we extract 32-bits of COUNT,
+ * 5-bits of bearer and 1-bit of direction.
+ * Refer to CAAM refman for ZUCA IV format. Then these values are
+ * appended as COUNT||BEARER||DIR continuously to make a 38-bit block.
+ * This 38-bit block is copied left justified into 8-byte array used as
+ * converted IV.
+ *
+ * Return: 8-bytes of IV data as understood by SEC HW
+ */
+
+static inline uint8_t *conv_to_zuc_eia_iv(uint8_t *iv)
+{
+	uint8_t dir = (iv[14] & 0x80) ? 4 : 0;
+
+	iv[12] = iv[4] | dir;
+	iv[13] = 0;
+	iv[14] = 0;
+	iv[15] = 0;
+
+	iv[8] = iv[0];
+	iv[9] = iv[1];
+	iv[10] = iv[2];
+	iv[11] = iv[3];
+
+	return (iv + 8);
+}
+
+/**
+ * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16 byte to 12 byte convert
  * function for 3G.
- * @iv: 16 bit original IV data
+ * @iv: 16 byte original IV data
  *
- * Return: 12 bit IV data as understood by SEC HW
+ * Return: 12 byte IV data as understood by SEC HW
  */
 
 static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv)
@@ -93,7 +222,6 @@  static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv)
  * @ps: if 36/40bit addressing is desired, this parameter must be true
  * @swap: must be true when core endianness doesn't match SEC endianness
  * @authdata: pointer to authentication transform definitions
- * @dir: cipher direction (DIR_ENC/DIR_DEC)
  * @chk_icv: check or generate ICV value
  * @authlen: size of digest
  *