aboutsummaryrefslogtreecommitdiffstats
path: root/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-12-20-crypto-ccp-support-aes-cmac-auth-algo.patch
diff options
context:
space:
mode:
Diffstat (limited to 'common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-12-20-crypto-ccp-support-aes-cmac-auth-algo.patch')
-rw-r--r--common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-12-20-crypto-ccp-support-aes-cmac-auth-algo.patch388
1 files changed, 0 insertions, 388 deletions
diff --git a/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-12-20-crypto-ccp-support-aes-cmac-auth-algo.patch b/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-12-20-crypto-ccp-support-aes-cmac-auth-algo.patch
deleted file mode 100644
index b598e30e..00000000
--- a/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-12-20-crypto-ccp-support-aes-cmac-auth-algo.patch
+++ /dev/null
@@ -1,388 +0,0 @@
-From patchwork Fri Mar 9 08:35:12 2018
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-Subject: [dpdk-dev,v4,12/20] crypto/ccp: support aes-cmac auth algo
-From: Ravi Kumar <ravi1.kumar@amd.com>
-X-Patchwork-Id: 35811
-X-Patchwork-Delegate: pablo.de.lara.guarch@intel.com
-Message-Id: <1520584520-130522-12-git-send-email-Ravi1.kumar@amd.com>
-List-Id: dev.dpdk.org
-To: dev@dpdk.org
-Cc: pablo.de.lara.guarch@intel.com
-Date: Fri, 9 Mar 2018 03:35:12 -0500
-
-Signed-off-by: Ravi Kumar <Ravi1.kumar@amd.com>
----
- drivers/crypto/ccp/ccp_crypto.c | 277 ++++++++++++++++++++++++++++++++++++++-
- drivers/crypto/ccp/ccp_pmd_ops.c | 20 +++
- 2 files changed, 295 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c
-index 0660761..6e593d8 100644
---- a/drivers/crypto/ccp/ccp_crypto.c
-+++ b/drivers/crypto/ccp/ccp_crypto.c
-@@ -36,6 +36,8 @@
- #include <sys/queue.h>
- #include <sys/types.h>
- #include <unistd.h>
-+#include <openssl/cmac.h> /*sub key apis*/
-+#include <openssl/evp.h> /*sub key apis*/
-
- #include <rte_hexdump.h>
- #include <rte_memzone.h>
-@@ -74,6 +76,84 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform)
- return res;
- }
-
-+/* prepare temporary keys K1 and K2 */
-+static void prepare_key(unsigned char *k, unsigned char *l, int bl)
-+{
-+ int i;
-+ /* Shift block to left, including carry */
-+ for (i = 0; i < bl; i++) {
-+ k[i] = l[i] << 1;
-+ if (i < bl - 1 && l[i + 1] & 0x80)
-+ k[i] |= 1;
-+ }
-+ /* If MSB set fixup with R */
-+ if (l[0] & 0x80)
-+ k[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
-+}
-+
-+/* subkeys K1 and K2 generation for CMAC */
-+static int
-+generate_cmac_subkeys(struct ccp_session *sess)
-+{
-+ const EVP_CIPHER *algo;
-+ EVP_CIPHER_CTX *ctx;
-+ unsigned char *ccp_ctx;
-+ size_t i;
-+ int dstlen, totlen;
-+ unsigned char zero_iv[AES_BLOCK_SIZE] = {0};
-+ unsigned char dst[2 * AES_BLOCK_SIZE] = {0};
-+ unsigned char k1[AES_BLOCK_SIZE] = {0};
-+ unsigned char k2[AES_BLOCK_SIZE] = {0};
-+
-+ if (sess->auth.ut.aes_type == CCP_AES_TYPE_128)
-+ algo = EVP_aes_128_cbc();
-+ else if (sess->auth.ut.aes_type == CCP_AES_TYPE_192)
-+ algo = EVP_aes_192_cbc();
-+ else if (sess->auth.ut.aes_type == CCP_AES_TYPE_256)
-+ algo = EVP_aes_256_cbc();
-+ else {
-+ CCP_LOG_ERR("Invalid CMAC type length");
-+ return -1;
-+ }
-+
-+ ctx = EVP_CIPHER_CTX_new();
-+ if (!ctx) {
-+ CCP_LOG_ERR("ctx creation failed");
-+ return -1;
-+ }
-+ if (EVP_EncryptInit(ctx, algo, (unsigned char *)sess->auth.key,
-+ (unsigned char *)zero_iv) <= 0)
-+ goto key_generate_err;
-+ if (EVP_CIPHER_CTX_set_padding(ctx, 0) <= 0)
-+ goto key_generate_err;
-+ if (EVP_EncryptUpdate(ctx, dst, &dstlen, zero_iv,
-+ AES_BLOCK_SIZE) <= 0)
-+ goto key_generate_err;
-+ if (EVP_EncryptFinal_ex(ctx, dst + dstlen, &totlen) <= 0)
-+ goto key_generate_err;
-+
-+ memset(sess->auth.pre_compute, 0, CCP_SB_BYTES * 2);
-+
-+ ccp_ctx = (unsigned char *)(sess->auth.pre_compute + CCP_SB_BYTES - 1);
-+ prepare_key(k1, dst, AES_BLOCK_SIZE);
-+ for (i = 0; i < AES_BLOCK_SIZE; i++, ccp_ctx--)
-+ *ccp_ctx = k1[i];
-+
-+ ccp_ctx = (unsigned char *)(sess->auth.pre_compute +
-+ (2 * CCP_SB_BYTES) - 1);
-+ prepare_key(k2, k1, AES_BLOCK_SIZE);
-+ for (i = 0; i < AES_BLOCK_SIZE; i++, ccp_ctx--)
-+ *ccp_ctx = k2[i];
-+
-+ EVP_CIPHER_CTX_free(ctx);
-+
-+ return 0;
-+
-+key_generate_err:
-+ CCP_LOG_ERR("CMAC Init failed");
-+ return -1;
-+}
-+
- /* configure session */
- static int
- ccp_configure_session_cipher(struct ccp_session *sess,
-@@ -170,6 +250,7 @@ ccp_configure_session_auth(struct ccp_session *sess,
- const struct rte_crypto_sym_xform *xform)
- {
- const struct rte_crypto_auth_xform *auth_xform = NULL;
-+ size_t i;
-
- auth_xform = &xform->auth;
-
-@@ -179,6 +260,33 @@ ccp_configure_session_auth(struct ccp_session *sess,
- else
- sess->auth.op = CCP_AUTH_OP_VERIFY;
- switch (auth_xform->algo) {
-+ case RTE_CRYPTO_AUTH_AES_CMAC:
-+ sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC;
-+ sess->auth.engine = CCP_ENGINE_AES;
-+ sess->auth.um.aes_mode = CCP_AES_MODE_CMAC;
-+ sess->auth.key_length = auth_xform->key.length;
-+ /**<padding and hash result*/
-+ sess->auth.ctx_len = CCP_SB_BYTES << 1;
-+ sess->auth.offset = AES_BLOCK_SIZE;
-+ sess->auth.block_size = AES_BLOCK_SIZE;
-+ if (sess->auth.key_length == 16)
-+ sess->auth.ut.aes_type = CCP_AES_TYPE_128;
-+ else if (sess->auth.key_length == 24)
-+ sess->auth.ut.aes_type = CCP_AES_TYPE_192;
-+ else if (sess->auth.key_length == 32)
-+ sess->auth.ut.aes_type = CCP_AES_TYPE_256;
-+ else {
-+ CCP_LOG_ERR("Invalid CMAC key length");
-+ return -1;
-+ }
-+ rte_memcpy(sess->auth.key, auth_xform->key.data,
-+ sess->auth.key_length);
-+ for (i = 0; i < sess->auth.key_length; i++)
-+ sess->auth.key_ccp[sess->auth.key_length - i - 1] =
-+ sess->auth.key[i];
-+ if (generate_cmac_subkeys(sess))
-+ return -1;
-+ break;
- default:
- CCP_LOG_ERR("Unsupported hash algo");
- return -ENOTSUP;
-@@ -316,6 +424,15 @@ ccp_auth_slot(struct ccp_session *session)
- int count = 0;
-
- switch (session->auth.algo) {
-+ case CCP_AUTH_ALGO_AES_CMAC:
-+ count = 4;
-+ /**
-+ * op
-+ * extra descriptor in padding case
-+ * (k1/k2(255:128) with iv(127:0))
-+ * Retrieve result
-+ */
-+ break;
- default:
- CCP_LOG_ERR("Unsupported auth algo %d",
- session->auth.algo);
-@@ -415,6 +532,158 @@ ccp_perform_passthru(struct ccp_passthru *pst,
- }
-
- static int
-+ccp_perform_aes_cmac(struct rte_crypto_op *op,
-+ struct ccp_queue *cmd_q)
-+{
-+ struct ccp_session *session;
-+ union ccp_function function;
-+ struct ccp_passthru pst;
-+ struct ccp_desc *desc;
-+ uint32_t tail;
-+ uint8_t *src_tb, *append_ptr, *ctx_addr;
-+ phys_addr_t src_addr, dest_addr, key_addr;
-+ int length, non_align_len;
-+
-+ session = (struct ccp_session *)get_session_private_data(
-+ op->sym->session,
-+ ccp_cryptodev_driver_id);
-+ key_addr = rte_mem_virt2phy(session->auth.key_ccp);
-+
-+ src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src,
-+ op->sym->auth.data.offset);
-+ append_ptr = (uint8_t *)rte_pktmbuf_append(op->sym->m_src,
-+ session->auth.ctx_len);
-+ dest_addr = (phys_addr_t)rte_mem_virt2phy((void *)append_ptr);
-+
-+ function.raw = 0;
-+ CCP_AES_ENCRYPT(&function) = CCP_CIPHER_DIR_ENCRYPT;
-+ CCP_AES_MODE(&function) = session->auth.um.aes_mode;
-+ CCP_AES_TYPE(&function) = session->auth.ut.aes_type;
-+
-+ if (op->sym->auth.data.length % session->auth.block_size == 0) {
-+
-+ ctx_addr = session->auth.pre_compute;
-+ memset(ctx_addr, 0, AES_BLOCK_SIZE);
-+ pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr);
-+ pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES);
-+ pst.len = CCP_SB_BYTES;
-+ pst.dir = 1;
-+ pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
-+ pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
-+ ccp_perform_passthru(&pst, cmd_q);
-+
-+ desc = &cmd_q->qbase_desc[cmd_q->qidx];
-+ memset(desc, 0, Q_DESC_SIZE);
-+
-+ /* prepare desc for aes-cmac command */
-+ CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES;
-+ CCP_CMD_EOM(desc) = 1;
-+ CCP_CMD_FUNCTION(desc) = function.raw;
-+
-+ CCP_CMD_LEN(desc) = op->sym->auth.data.length;
-+ CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr);
-+ CCP_CMD_SRC_HI(desc) = high32_value(src_addr);
-+ CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM;
-+
-+ CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr);
-+ CCP_CMD_KEY_HI(desc) = high32_value(key_addr);
-+ CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM;
-+ CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv;
-+
-+ cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE;
-+
-+ rte_wmb();
-+
-+ tail =
-+ (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE);
-+ CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail);
-+ CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE,
-+ cmd_q->qcontrol | CMD_Q_RUN);
-+ } else {
-+ ctx_addr = session->auth.pre_compute + CCP_SB_BYTES;
-+ memset(ctx_addr, 0, AES_BLOCK_SIZE);
-+ pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr);
-+ pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES);
-+ pst.len = CCP_SB_BYTES;
-+ pst.dir = 1;
-+ pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
-+ pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
-+ ccp_perform_passthru(&pst, cmd_q);
-+
-+ length = (op->sym->auth.data.length / AES_BLOCK_SIZE);
-+ length *= AES_BLOCK_SIZE;
-+ non_align_len = op->sym->auth.data.length - length;
-+ /* prepare desc for aes-cmac command */
-+ /*Command 1*/
-+ desc = &cmd_q->qbase_desc[cmd_q->qidx];
-+ memset(desc, 0, Q_DESC_SIZE);
-+
-+ CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES;
-+ CCP_CMD_INIT(desc) = 1;
-+ CCP_CMD_FUNCTION(desc) = function.raw;
-+
-+ CCP_CMD_LEN(desc) = length;
-+ CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr);
-+ CCP_CMD_SRC_HI(desc) = high32_value(src_addr);
-+ CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM;
-+
-+ CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr);
-+ CCP_CMD_KEY_HI(desc) = high32_value(key_addr);
-+ CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM;
-+ CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv;
-+
-+ cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE;
-+
-+ /*Command 2*/
-+ append_ptr = append_ptr + CCP_SB_BYTES;
-+ memset(append_ptr, 0, AES_BLOCK_SIZE);
-+ src_tb = rte_pktmbuf_mtod_offset(op->sym->m_src,
-+ uint8_t *,
-+ op->sym->auth.data.offset +
-+ length);
-+ rte_memcpy(append_ptr, src_tb, non_align_len);
-+ append_ptr[non_align_len] = CMAC_PAD_VALUE;
-+
-+ desc = &cmd_q->qbase_desc[cmd_q->qidx];
-+ memset(desc, 0, Q_DESC_SIZE);
-+
-+ CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES;
-+ CCP_CMD_EOM(desc) = 1;
-+ CCP_CMD_FUNCTION(desc) = function.raw;
-+ CCP_CMD_LEN(desc) = AES_BLOCK_SIZE;
-+
-+ CCP_CMD_SRC_LO(desc) = ((uint32_t)(dest_addr + CCP_SB_BYTES));
-+ CCP_CMD_SRC_HI(desc) = high32_value(dest_addr + CCP_SB_BYTES);
-+ CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM;
-+
-+ CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr);
-+ CCP_CMD_KEY_HI(desc) = high32_value(key_addr);
-+ CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM;
-+ CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv;
-+
-+ cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE;
-+
-+ rte_wmb();
-+ tail =
-+ (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE);
-+ CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail);
-+ CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE,
-+ cmd_q->qcontrol | CMD_Q_RUN);
-+ }
-+ /* Retrieve result */
-+ pst.dest_addr = dest_addr;
-+ pst.src_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES);
-+ pst.len = CCP_SB_BYTES;
-+ pst.dir = 0;
-+ pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
-+ pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT;
-+ ccp_perform_passthru(&pst, cmd_q);
-+
-+ op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
-+ return 0;
-+}
-+
-+static int
- ccp_perform_aes(struct rte_crypto_op *op,
- struct ccp_queue *cmd_q,
- struct ccp_batch_info *b_info)
-@@ -643,8 +912,8 @@ ccp_crypto_cipher(struct rte_crypto_op *op,
-
- static inline int
- ccp_crypto_auth(struct rte_crypto_op *op,
-- struct ccp_queue *cmd_q __rte_unused,
-- struct ccp_batch_info *b_info __rte_unused)
-+ struct ccp_queue *cmd_q,
-+ struct ccp_batch_info *b_info)
- {
-
- int result = 0;
-@@ -655,6 +924,10 @@ ccp_crypto_auth(struct rte_crypto_op *op,
- ccp_cryptodev_driver_id);
-
- switch (session->auth.algo) {
-+ case CCP_AUTH_ALGO_AES_CMAC:
-+ result = ccp_perform_aes_cmac(op, cmd_q);
-+ b_info->desccnt += 4;
-+ break;
- default:
- CCP_LOG_ERR("Unsupported auth algo %d",
- session->auth.algo);
-diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c
-index 3a16be8..1fb6a6d 100644
---- a/drivers/crypto/ccp/ccp_pmd_ops.c
-+++ b/drivers/crypto/ccp/ccp_pmd_ops.c
-@@ -39,6 +39,26 @@
- #include "ccp_crypto.h"
-
- static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = {
-+ { /*AES-CMAC */
-+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
-+ {.sym = {
-+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
-+ {.auth = {
-+ .algo = RTE_CRYPTO_AUTH_AES_CMAC,
-+ .block_size = 16,
-+ .key_size = {
-+ .min = 16,
-+ .max = 32,
-+ .increment = 8
-+ },
-+ .digest_size = {
-+ .min = 16,
-+ .max = 16,
-+ .increment = 0
-+ },
-+ }, }
-+ }, }
-+ },
- { /* AES ECB */
- .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
- {.sym = {
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-19 19:25:16 +0000